This patch switches compiler-based stack initialization from 0xAA
to zero pattern, resulting in much more efficient code and saner
defaults for uninitialized local variables.
Bug: 154198143
Test: run cuttlefish and observe the following lines in dmesg:
test_stackinit: all tests passed!
test_meminit: all 130 tests passed!
Signed-off-by: Alexander Potapenko <glider@google.com>
Change-Id: I49821914df887760e90295d91fa54a2ebda8240b
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl9GHdsACgkQONu9yGCS
aT4AoA//RHH+8srJoIL7iz4HMcXbSTqom//BkZKhDLMvDoOHt7GE3t571kM4Bx99
cY+oJCxsfUgbSLGE2eBRmfr0i+kcyT/Ke1Jyp0/3+lrqZeFxhtda8z1TYz0PC0E6
V/M9OaKKpKFW2tsGxsiKsomE4wNZExhKl2yti6QWS6jl+1ngAKZEg0LLMjDDSC3G
CGtnk9yYjdExxky0XYN15B7I4RfIFLmHprT++Ctrgxq6wlrOiZyB2LqNJeZdJmsx
7tieTxC0rAsyMG5w1j6kFy5+6e+5t81B5yk5IfHNH17ZUU+L8p15fC172GEi3rwn
UOYPZxIEJs4wRImJTur3JwfQbt2ySt45GNJBTVtOt/dUvS141NgpBVTSaQ60Zv4Y
4aXi4GucVr3nApTnTfAM5nRjtnRrHPXg49qzM0CqOAzdlyuUpzpvQsyek1ml8Etl
Vdgn7iLyUbV7Cb/aVVEAwvkT+EAPdrzqSK8Q3nonl8R4pZy35CrxlPkdFPVSIKmH
KGLZP+xg3wJSHdjVuLAtMAYcREau/Yo+i3W8Pz4niU3MUnskPqdPQyp8XzY+hwfp
4OgJatcUPdB9782b242WmrVJ4b4Ts4ZOuM6hrIrSqdvOkuzQQ9vyDmfHHlEEfH4F
6tSEA96MZ1bG7uIyMwgx+11lbBC48UYhm/dKcXmyX/yV60N8oPw=
=/u20
-----END PGP SIGNATURE-----
Merge 4.19.142 into android-4.19-stable
Changes in 4.19.142
drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset()
perf probe: Fix memory leakage when the probe point is not found
khugepaged: khugepaged_test_exit() check mmget_still_valid()
khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter()
btrfs: export helpers for subvolume name/id resolution
btrfs: don't show full path of bind mounts in subvol=
btrfs: Move free_pages_out label in inline extent handling branch in compress_file_range
btrfs: inode: fix NULL pointer dereference if inode doesn't need compression
btrfs: sysfs: use NOFS for device creation
romfs: fix uninitialized memory leak in romfs_dev_read()
kernel/relay.c: fix memleak on destroy relay channel
mm: include CMA pages in lowmem_reserve at boot
mm, page_alloc: fix core hung in free_pcppages_bulk()
ext4: fix checking of directory entry validity for inline directories
jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock()
scsi: zfcp: Fix use-after-free in request timeout handlers
drm/amd/display: fix pow() crashing when given base 0
kthread: Do not preempt current task if it is going to call schedule()
spi: Prevent adding devices below an unregistering controller
scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices
scsi: target: tcmu: Fix crash in tcmu_flush_dcache_range on ARM
media: budget-core: Improve exception handling in budget_register()
rtc: goldfish: Enable interrupt in set_alarm() when necessary
media: vpss: clean up resources in init
Input: psmouse - add a newline when printing 'proto' by sysfs
m68knommu: fix overwriting of bits in ColdFire V3 cache control
svcrdma: Fix another Receive buffer leak
xfs: fix inode quota reservation checks
jffs2: fix UAF problem
ceph: fix use-after-free for fsc->mdsc
cpufreq: intel_pstate: Fix cpuinfo_max_freq when MSR_TURBO_RATIO_LIMIT is 0
scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases
virtio_ring: Avoid loop when vq is broken in virtqueue_poll
tools/testing/selftests/cgroup/cgroup_util.c: cg_read_strcmp: fix null pointer dereference
xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init
alpha: fix annotation of io{read,write}{16,32}be()
fs/signalfd.c: fix inconsistent return codes for signalfd4
ext4: fix potential negative array index in do_split()
ext4: don't allow overlapping system zones
ASoC: q6routing: add dummy register read/write function
i40e: Set RX_ONLY mode for unicast promiscuous on VLAN
i40e: Fix crash during removing i40e driver
net: fec: correct the error path for regulator disable in probe
bonding: show saner speed for broadcast mode
bonding: fix a potential double-unregister
s390/runtime_instrumentation: fix storage key handling
s390/ptrace: fix storage key handling
ASoC: msm8916-wcd-analog: fix register Interrupt offset
ASoC: intel: Fix memleak in sst_media_open
vfio/type1: Add proper error unwind for vfio_iommu_replay()
kvm: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode
kvm: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode
kconfig: qconf: do not limit the pop-up menu to the first row
kconfig: qconf: fix signal connection to invalid slots
efi: avoid error message when booting under Xen
Fix build error when CONFIG_ACPI is not set/enabled:
RDMA/bnxt_re: Do not add user qps to flushlist
afs: Fix NULL deref in afs_dynroot_depopulate()
bonding: fix active-backup failover for current ARP slave
net: ena: Prevent reset after device destruction
net: gemini: Fix missing free_netdev() in error path of gemini_ethernet_port_probe()
hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit()
net: dsa: b53: check for timeout
powerpc/pseries: Do not initiate shutdown when system is running on UPS
efi: add missed destroy_workqueue when efisubsys_init fails
epoll: Keep a reference on files added to the check list
do_epoll_ctl(): clean the failure exits up a bit
mm/hugetlb: fix calculation of adjust_range_if_pmd_sharing_possible
xen: don't reschedule in preemption off sections
clk: Evict unregistered clks from parent caches
KVM: Pass MMU notifier range flags to kvm_unmap_hva_range()
KVM: arm64: Only reschedule if MMU_NOTIFIER_RANGE_BLOCKABLE is not set
Linux 4.19.142
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ibfe4a0a4249f76ab35076f4b003e32cd6f9788a5
commit fdfe7cbd58806522e799e2a50a15aee7f2cbb7b6 upstream.
The 'flags' field of 'struct mmu_notifier_range' is used to indicate
whether invalidate_range_{start,end}() are permitted to block. In the
case of kvm_mmu_notifier_invalidate_range_start(), this field is not
forwarded on to the architecture-specific implementation of
kvm_unmap_hva_range() and therefore the backend cannot sensibly decide
whether or not to block.
Add an extra 'flags' parameter to kvm_unmap_hva_range() so that
architectures are aware as to whether or not they are permitted to block.
Cc: <stable@vger.kernel.org>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Suzuki K Poulose <suzuki.poulose@arm.com>
Cc: James Morse <james.morse@arm.com>
Signed-off-by: Will Deacon <will@kernel.org>
Message-Id: <20200811102725.7121-2-will@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
[will: Backport to 4.19; use 'blockable' instead of non-existent range flags]
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit cb957adb4ea422bd758568df5b2478ea3bb34f35 ]
See the SDM, volume 3, section 4.4.1:
If PAE paging would be in use following an execution of MOV to CR0 or
MOV to CR4 (see Section 4.1.1) and the instruction is modifying any of
CR0.CD, CR0.NW, CR0.PG, CR4.PAE, CR4.PGE, CR4.PSE, or CR4.SMEP; then
the PDPTEs are loaded from the address in CR3.
Fixes: b9baba8614 ("KVM, pkeys: expose CPUID/CR4 to guest")
Cc: Huaitong Han <huaitong.han@intel.com>
Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Reviewed-by: Oliver Upton <oupton@google.com>
Message-Id: <20200817181655.3716509-1-jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 427890aff8558eb4326e723835e0eae0e6fe3102 ]
See the SDM, volume 3, section 4.4.1:
If PAE paging would be in use following an execution of MOV to CR0 or
MOV to CR4 (see Section 4.1.1) and the instruction is modifying any of
CR0.CD, CR0.NW, CR0.PG, CR4.PAE, CR4.PGE, CR4.PSE, or CR4.SMEP; then
the PDPTEs are loaded from the address in CR3.
Fixes: 0be0226f07 ("KVM: MMU: fix SMAP virtualization")
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Peter Shier <pshier@google.com>
Reviewed-by: Oliver Upton <oupton@google.com>
Message-Id: <20200817181655.3716509-2-jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8/jnoACgkQONu9yGCS
aT54fA//azItNUOsY1HujeNfINHWCqCLV7OHpdxa9MEeixSpP/ufsGcgyZBTslNw
WOENkdUPGYxUQt9yyZjSY5CEneH6a007idCfUWIuHRZ9nxKbDZm312xDDcDkeZI7
P4TGvIdpDq7Czk2c+OCSUnmp/+fCJdPCpCYJZp0kBDVbUsKeUwpBJ42Dca8f/2iM
lWVlGR2KwMIV+NSVArpu8EUOpw7X4rPsGz72kEvVhCkcXa9GFxGbs65AVNG5NTzt
9sHBlja7PZTqt844/6UBM5EgTR43uJT5z8sSV5N5s6j2d07m/T+2f73PyKqr6+jQ
SXKpIp/J6Po7tCej5u4B9LO+ePpasuxbNAXmn1GLuiP7qzKRAriFxK2RfXXxqIuE
aP9DB6P/wbr/MszFjIFFg9nrr9G/biriRNPWtnzD2hbUk1mfM8WNCCSIt90MZh0f
CT85JiEBFlU5cZhgUJfqJcfZcckE8gbdUGOBvZ5NOq0hxqN2S6+/phespwkd4h/a
A4QyhER6eI9zT/StBoSLejs8c/lHKHjqyMARNjXLPF+bkkR90L9WDgocB1KiV0jn
YOY+j4tjXGnn/QAsuW/uhYVvzETtkQ5oSyeV5uTcgYvU3iw+QFo9H//y83yB5Q0o
pdDRNmMTtdYwrwkzt73xsjKGlVXaA8kB5kRCuBwGb5kzr0G8baE=
=Txdz
-----END PGP SIGNATURE-----
Merge 4.19.141 into android-4.19-stable
Changes in 4.19.141
smb3: warn on confusing error scenario with sec=krb5
genirq/affinity: Make affinity setting if activated opt-in
PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context()
PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken
PCI: Add device even if driver attach failed
PCI: qcom: Define some PARF params needed for ipq8064 SoC
PCI: qcom: Add support for tx term offset for rev 2.1.0
PCI: Probe bridge window attributes once at enumeration-time
btrfs: free anon block device right after subvolume deletion
btrfs: don't allocate anonymous block device for user invisible roots
btrfs: ref-verify: fix memory leak in add_block_entry
btrfs: don't traverse into the seed devices in show_devname
btrfs: open device without device_list_mutex
btrfs: fix messages after changing compression level by remount
btrfs: only search for left_info if there is no right_info in try_merge_free_space
btrfs: fix memory leaks after failure to lookup checksums during inode logging
btrfs: fix return value mixup in btrfs_get_extent
dt-bindings: iio: io-channel-mux: Fix compatible string in example code
iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw()
xtensa: fix xtensa_pmu_setup prototype
cifs: Fix leak when handling lease break for cached root fid
powerpc: Allow 4224 bytes of stack expansion for the signal frame
powerpc: Fix circular dependency between percpu.h and mmu.h
media: vsp1: dl: Fix NULL pointer dereference on unbind
net: ethernet: stmmac: Disable hardware multicast filter
net: stmmac: dwmac1000: provide multicast filter fallback
net/compat: Add missing sock updates for SCM_RIGHTS
md/raid5: Fix Force reconstruct-write io stuck in degraded raid5
bcache: allocate meta data pages as compound pages
bcache: fix overflow in offset_to_stripe()
mac80211: fix misplaced while instead of if
driver core: Avoid binding drivers to dead devices
MIPS: CPU#0 is not hotpluggable
ext2: fix missing percpu_counter_inc
ocfs2: change slot number type s16 to u16
mm/page_counter.c: fix protection usage propagation
ftrace: Setup correct FTRACE_FL_REGS flags for module
kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler
tracing/hwlat: Honor the tracing_cpumask
tracing: Use trace_sched_process_free() instead of exit() for pid tracing
watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in watchdog_info.options
watchdog: f71808e_wdt: remove use of wrong watchdog_info option
watchdog: f71808e_wdt: clear watchdog timeout occurred flag
pseries: Fix 64 bit logical memory block panic
module: Correctly truncate sysfs sections output
perf intel-pt: Fix FUP packet state
remoteproc: qcom: q6v5: Update running state before requesting stop
drm/imx: imx-ldb: Disable both channels for split mode in enc->disable()
mfd: arizona: Ensure 32k clock is put on driver unbind and error
RDMA/ipoib: Return void from ipoib_ib_dev_stop()
RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah()
media: rockchip: rga: Introduce color fmt macros and refactor CSC mode logic
media: rockchip: rga: Only set output CSC mode for RGB input
USB: serial: ftdi_sio: make process-packet buffer unsigned
USB: serial: ftdi_sio: clean up receive processing
mmc: renesas_sdhi_internal_dmac: clean up the code for dma complete
gpu: ipu-v3: image-convert: Combine rotate/no-rotate irq handlers
dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue()
selftests/powerpc: ptrace-pkey: Rename variables to make it easier to follow code
selftests/powerpc: ptrace-pkey: Update the test to mark an invalid pkey correctly
selftests/powerpc: ptrace-pkey: Don't update expected UAMOR value
iommu/omap: Check for failure of a call to omap_iommu_dump_ctx
iommu/vt-d: Enforce PASID devTLB field mask
i2c: rcar: slave: only send STOP event when we have been addressed
clk: clk-atlas6: fix return value check in atlas6_clk_init()
pwm: bcm-iproc: handle clk_get_rate() return
tools build feature: Use CC and CXX from parent
i2c: rcar: avoid race when unregistering slave
openrisc: Fix oops caused when dumping stack
scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport
watchdog: initialize device before misc_register
Input: sentelic - fix error return when fsp_reg_write fails
drm/vmwgfx: Use correct vmw_legacy_display_unit pointer
drm/vmwgfx: Fix two list_for_each loop exit tests
net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init
nfs: Fix getxattr kernel panic and memory overflow
fs/minix: set s_maxbytes correctly
fs/minix: fix block limit check for V1 filesystems
fs/minix: remove expected error message in block_to_path()
fs/ufs: avoid potential u32 multiplication overflow
test_kmod: avoid potential double free in trigger_config_run_type()
mfd: dln2: Run event handler loop under spinlock
ALSA: echoaudio: Fix potential Oops in snd_echo_resume()
perf bench mem: Always memset source before memcpy
tools build feature: Quote CC and CXX for their arguments
sh: landisk: Add missing initialization of sh_io_port_base
khugepaged: retract_page_tables() remember to test exit
arm64: dts: marvell: espressobin: add ethernet alias
drm: Added orientation quirk for ASUS tablet model T103HAF
drm/amdgpu: Fix bug where DPM is not enabled after hibernate and resume
Linux 4.19.141
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0800f8e03919fd8f054c1bcda87efd70a6e5db6b
commit f0c7baca180046824e07fc5f1326e83a8fd150c7 upstream.
John reported that on a RK3288 system the perf per CPU interrupts are all
affine to CPU0 and provided the analysis:
"It looks like what happens is that because the interrupts are not per-CPU
in the hardware, armpmu_request_irq() calls irq_force_affinity() while
the interrupt is deactivated and then request_irq() with IRQF_PERCPU |
IRQF_NOBALANCING.
Now when irq_startup() runs with IRQ_STARTUP_NORMAL, it calls
irq_setup_affinity() which returns early because IRQF_PERCPU and
IRQF_NOBALANCING are set, leaving the interrupt on its original CPU."
This was broken by the recent commit which blocked interrupt affinity
setting in hardware before activation of the interrupt. While this works in
general, it does not work for this particular case. As contrary to the
initial analysis not all interrupt chip drivers implement an activate
callback, the safe cure is to make the deferred interrupt affinity setting
at activation time opt-in.
Implement the necessary core logic and make the two irqchip implementations
for which this is required opt-in. In hindsight this would have been the
right thing to do, but ...
Fixes: baedb87d1b53 ("genirq/affinity: Handle affinity setting on inactive interrupts correctly")
Reported-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Marc Zyngier <maz@kernel.org>
Acked-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/87blk4tzgm.fsf@nanos.tec.linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl88w3UACgkQONu9yGCS
aT4fZQ/+NYyfbsgFARqld2HbOIDSYyua90k42Xj7nlHXa3UcbPCsNEWIWn2k5SXU
kvzwXSUuI14AOyqBOp/swKkEZh7Dh5c6q8QBHA6YJnNaJBQQxv2tjMpA4TngMifG
oUSnxgHKNHtiD/6D7ZZ36l8u83sXfE6qPiginJAECdC2bVjpdfT7EqK5bY2lFd1s
yiz9RxEDXSlrVMXqew75XBEj+304RYhZcJEVPQrqFb/q2Q+rSYs1mAkCazFvAkX+
6Yooyp0tYlfUlkF2ItDpWmuKDcbGtWDd/I9LVGwZ0J67uAN86ZhNGbqlI8bpig9o
qNW0FXAN2TNjpBvKXwg1qavfs5xYQu2E0OrRpCUleL1yD/kWu2vfK4HqyIardsVq
63ffUvMJnJaWPnIvB2gx5f5tRt3Ca7uqvoM4LlYR1fwNZwVaU1fyWNEfeID4MAkr
jBhC8x3n40TF1ngdaZ/XETiAJbjiYve2uEVuvdCtnp1fFbQ892QD5A8MQYsOVFuh
6aR4f6bsR23F/h+tOMJc89wZTRYsCrFxbjwjye+tsWPcBm2GR7hgvCxo1JFqHgrz
elY15u+AWj4pjVhiQcsnXLL8pGKkZTvPrq+iwg12AE23gvE4ww1lpYbxO46GUWuw
q6L8oaHYA6cZiEnIde6yTUpkm6zag0MK+HDutiFUrEAmJTmeWds=
=9oFP
-----END PGP SIGNATURE-----
Merge 4.19.140 into android-4.19-stable
Changes in 4.19.140
tracepoint: Mark __tracepoint_string's __used
HID: input: Fix devices that return multiple bytes in battery report
cgroup: add missing skcd->no_refcnt check in cgroup_sk_clone()
x86/mce/inject: Fix a wrong assignment of i_mce.status
sched/fair: Fix NOHZ next idle balance
sched: correct SD_flags returned by tl->sd_flags()
arm64: dts: rockchip: fix rk3368-lion gmac reset gpio
arm64: dts: rockchip: fix rk3399-puma vcc5v0-host gpio
arm64: dts: rockchip: fix rk3399-puma gmac reset gpio
EDAC: Fix reference count leaks
arm64: dts: qcom: msm8916: Replace invalid bias-pull-none property
crypto: ccree - fix resource leak on error path
firmware: arm_scmi: Fix SCMI genpd domain probing
arm64: dts: exynos: Fix silent hang after boot on Espresso
clk: scmi: Fix min and max rate when registering clocks with discrete rates
m68k: mac: Don't send IOP message until channel is idle
m68k: mac: Fix IOP status/control register writes
platform/x86: intel-hid: Fix return value check in check_acpi_dev()
platform/x86: intel-vbtn: Fix return value check in check_acpi_dev()
ARM: dts: gose: Fix ports node name for adv7180
ARM: dts: gose: Fix ports node name for adv7612
ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
spi: lantiq: fix: Rx overflow error in full duplex mode
ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh()
drm/tilcdc: fix leak & null ref in panel_connector_get_modes
soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag
Bluetooth: add a mutex lock to avoid UAF in do_enale_set
loop: be paranoid on exit and prevent new additions / removals
fs/btrfs: Add cond_resched() for try_release_extent_mapping() stalls
drm/amdgpu: avoid dereferencing a NULL pointer
drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
crypto: aesni - Fix build with LLVM_IAS=1
video: fbdev: neofb: fix memory leak in neo_scan_monitor()
md-cluster: fix wild pointer of unlock_all_bitmaps()
arm64: dts: hisilicon: hikey: fixes to comply with adi, adv7533 DT binding
drm/etnaviv: fix ref count leak via pm_runtime_get_sync
drm/nouveau: fix multiple instances of reference count leaks
usb: mtu3: clear dual mode of u3port when disable device
drm/debugfs: fix plain echo to connector "force" attribute
drm/radeon: disable AGP by default
irqchip/irq-mtk-sysirq: Replace spinlock with raw_spinlock
mm/mmap.c: Add cond_resched() for exit_mmap() CPU stalls
brcmfmac: keep SDIO watchdog running when console_interval is non-zero
brcmfmac: To fix Bss Info flag definition Bug
brcmfmac: set state of hanger slot to FREE when flushing PSQ
iwlegacy: Check the return value of pcie_capability_read_*()
gpu: host1x: debug: Fix multiple channels emitting messages simultaneously
usb: gadget: net2280: fix memory leak on probe error handling paths
bdc: Fix bug causing crash after multiple disconnects
usb: bdc: Halt controller on suspend
dyndbg: fix a BUG_ON in ddebug_describe_flags
bcache: fix super block seq numbers comparision in register_cache_set()
ACPICA: Do not increment operation_region reference counts for field units
drm/msm: ratelimit crtc event overflow error
agp/intel: Fix a memory leak on module initialisation failure
video: fbdev: sm712fb: fix an issue about iounmap for a wrong address
console: newport_con: fix an issue about leak related system resources
video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()' call
ath10k: Acquire tx_lock in tx error paths
iio: improve IIO_CONCENTRATION channel type description
drm/etnaviv: Fix error path on failure to enable bus clk
drm/arm: fix unintentional integer overflow on left shift
leds: lm355x: avoid enum conversion warning
media: omap3isp: Add missed v4l2_ctrl_handler_free() for preview_init_entities()
ASoC: Intel: bxt_rt298: add missing .owner field
scsi: cumana_2: Fix different dev_id between request_irq() and free_irq()
drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline
cxl: Fix kobject memleak
drm/radeon: fix array out-of-bounds read and write issues
scsi: powertec: Fix different dev_id between request_irq() and free_irq()
scsi: eesox: Fix different dev_id between request_irq() and free_irq()
ipvs: allow connection reuse for unconfirmed conntrack
media: firewire: Using uninitialized values in node_probe()
media: exynos4-is: Add missed check for pinctrl_lookup_state()
xfs: don't eat an EIO/ENOSPC writeback error when scrubbing data fork
xfs: fix reflink quota reservation accounting error
RDMA/rxe: Skip dgid check in loopback mode
PCI: Fix pci_cfg_wait queue locking problem
leds: core: Flush scheduled work for system suspend
drm: panel: simple: Fix bpc for LG LB070WV8 panel
phy: exynos5-usbdrd: Calibrating makes sense only for USB2.0 PHY
drm/bridge: sil_sii8620: initialize return of sii8620_readb
scsi: scsi_debug: Add check for sdebug_max_queue during module init
mwifiex: Prevent memory corruption handling keys
powerpc/vdso: Fix vdso cpu truncation
RDMA/qedr: SRQ's bug fixes
RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue
staging: rtl8192u: fix a dubious looking mask before a shift
PCI/ASPM: Add missing newline in sysfs 'policy'
powerpc/book3s64/pkeys: Use PVR check instead of cpu feature
drm/imx: tve: fix regulator_disable error path
USB: serial: iuu_phoenix: fix led-activity helpers
usb: core: fix quirks_param_set() writing to a const pointer
thermal: ti-soc-thermal: Fix reversed condition in ti_thermal_expose_sensor()
coresight: tmc: Fix TMC mode read in tmc_read_unprepare_etb()
MIPS: OCTEON: add missing put_device() call in dwc3_octeon_device_init()
usb: dwc2: Fix error path in gadget registration
scsi: mesh: Fix panic after host or bus reset
net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration
PCI: cadence: Fix updating Vendor ID and Subsystem Vendor ID register
RDMA/core: Fix return error value in _ib_modify_qp() to negative
Smack: fix another vsscanf out of bounds
Smack: prevent underflow in smk_set_cipso()
power: supply: check if calc_soc succeeded in pm860x_init_battery
Bluetooth: hci_h5: Set HCI_UART_RESET_ON_INIT to correct flags
Bluetooth: hci_serdev: Only unregister device if it was registered
net: dsa: rtl8366: Fix VLAN semantics
net: dsa: rtl8366: Fix VLAN set-up
powerpc/boot: Fix CONFIG_PPC_MPC52XX references
selftests/powerpc: Fix CPU affinity for child process
PCI: Release IVRS table in AMD ACS quirk
selftests/powerpc: Fix online CPU selection
ASoC: meson: axg-tdm-interface: fix link fmt setup
s390/qeth: don't process empty bridge port events
wl1251: fix always return 0 error
tools, build: Propagate build failures from tools/build/Makefile.build
net: ethernet: aquantia: Fix wrong return value
liquidio: Fix wrong return value in cn23xx_get_pf_num()
net: spider_net: Fix the size used in a 'dma_free_coherent()' call
fsl/fman: use 32-bit unsigned integer
fsl/fman: fix dereference null return value
fsl/fman: fix unreachable code
fsl/fman: check dereferencing null pointer
fsl/fman: fix eth hash table allocation
dlm: Fix kobject memleak
ocfs2: fix unbalanced locking
pinctrl-single: fix pcs_parse_pinconf() return value
svcrdma: Fix page leak in svc_rdma_recv_read_chunk()
x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task
crypto: aesni - add compatibility with IAS
af_packet: TPACKET_V3: fix fill status rwlock imbalance
drivers/net/wan/lapbether: Added needed_headroom and a skb->len check
net/nfc/rawsock.c: add CAP_NET_RAW check.
net: Set fput_needed iff FDPUT_FPUT is set
net/tls: Fix kmap usage
net: refactor bind_bucket fastreuse into helper
net: initialize fastreuse on inet_inherit_port
USB: serial: cp210x: re-enable auto-RTS on open
USB: serial: cp210x: enable usb generic throttle/unthrottle
ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support
ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109
ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109
pstore: Fix linking when crypto API disabled
crypto: hisilicon - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
crypto: qat - fix double free in qat_uclo_create_batch_init_list
crypto: ccp - Fix use of merged scatterlists
crypto: cpt - don't sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
bitfield.h: don't compile-time validate _val in FIELD_FIT
fs/minix: check return value of sb_getblk()
fs/minix: don't allow getting deleted inodes
fs/minix: reject too-large maximum file size
ALSA: usb-audio: add quirk for Pioneer DDJ-RB
9p: Fix memory leak in v9fs_mount
drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
NFS: Don't move layouts to plh_return_segs list while in use
NFS: Don't return layout segments that are in use
cpufreq: dt: fix oops on armada37xx
include/asm-generic/vmlinux.lds.h: align ro_after_init
spi: spidev: Align buffers for DMA
mtd: rawnand: qcom: avoid write to unavailable register
parisc: Implement __smp_store_release and __smp_load_acquire barriers
parisc: mask out enable and reserved bits from sba imask
ARM: 8992/1: Fix unwind_frame for clang-built kernels
irqdomain/treewide: Free firmware node after domain removal
xen/balloon: fix accounting in alloc_xenballooned_pages error path
xen/balloon: make the balloon wait interruptible
xen/gntdev: Fix dmabuf import with non-zero sgt offset
Linux 4.19.140
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I6b0d8dcf9ded022f62d9c62605388f1c1e9112d1
commit ec0160891e387f4771f953b888b1fe951398e5d9 upstream.
Commit 711419e504eb ("irqdomain: Add the missing assignment of
domain->fwnode for named fwnode") unintentionally caused a dangling pointer
page fault issue on firmware nodes that were freed after IRQ domain
allocation. Commit e3beca48a45b fixed that dangling pointer issue by only
freeing the firmware node after an IRQ domain allocation failure. That fix
no longer frees the firmware node immediately, but leaves the firmware node
allocated after the domain is removed.
The firmware node must be kept around through irq_domain_remove, but should be
freed it afterwards.
Add the missing free operations after domain removal where where appropriate.
Fixes: e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated")
Signed-off-by: Jon Derrick <jonathan.derrick@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Acked-by: Bjorn Helgaas <bhelgaas@google.com> # drivers/pci
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/1595363169-7157-1-git-send-email-jonathan.derrick@intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 44069737ac9625a0f02f0f7f5ab96aae4cd819bc ]
Clang's integrated assembler complains "invalid reassignment of
non-absolute variable 'var_ddq_add'" while assembling
arch/x86/crypto/aes_ctrby8_avx-x86_64.S. It was because var_ddq_add was
reassigned with non-absolute values several times, which IAS did not
support. We can avoid the reassignment by replacing the uses of
var_ddq_add with its definitions accordingly to have compatilibility
with IAS.
Link: https://github.com/ClangBuiltLinux/linux/issues/1008
Reported-by: Sedat Dilek <sedat.dilek@gmail.com>
Reported-by: Fangrui Song <maskray@google.com>
Tested-by: Sedat Dilek <sedat.dilek@gmail.com> # build+boot Linux v5.7.5; clang v11.0.0-git
Signed-off-by: Jian Cai <caij2003@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 8ab49526b53d3172d1d8dd03a75c7d1f5bd21239 ]
syzbot found its way in 86_fsgsbase_read_task() and triggered this oops:
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
CPU: 0 PID: 6866 Comm: syz-executor262 Not tainted 5.8.0-syzkaller #0
RIP: 0010:x86_fsgsbase_read_task+0x16d/0x310 arch/x86/kernel/process_64.c:393
Call Trace:
putreg32+0x3ab/0x530 arch/x86/kernel/ptrace.c:876
genregs32_set arch/x86/kernel/ptrace.c:1026 [inline]
genregs32_set+0xa4/0x100 arch/x86/kernel/ptrace.c:1006
copy_regset_from_user include/linux/regset.h:326 [inline]
ia32_arch_ptrace arch/x86/kernel/ptrace.c:1061 [inline]
compat_arch_ptrace+0x36c/0xd90 arch/x86/kernel/ptrace.c:1198
__do_compat_sys_ptrace kernel/ptrace.c:1420 [inline]
__se_compat_sys_ptrace kernel/ptrace.c:1389 [inline]
__ia32_compat_sys_ptrace+0x220/0x2f0 kernel/ptrace.c:1389
do_syscall_32_irqs_on arch/x86/entry/common.c:84 [inline]
__do_fast_syscall_32+0x57/0x80 arch/x86/entry/common.c:126
do_fast_syscall_32+0x2f/0x70 arch/x86/entry/common.c:149
entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
This can happen if ptrace() or sigreturn() pokes an LDT selector into FS
or GS for a task with no LDT and something tries to read the base before
a return to usermode notices the bad selector and fixes it.
The fix is to make sure ldt pointer is not NULL.
Fixes: 07e1d88adaae ("x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately")
Co-developed-by: Jann Horn <jannh@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Acked-by: Andy Lutomirski <luto@kernel.org>
Cc: Chang S. Bae <chang.seok.bae@intel.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Markus T Metzger <markus.t.metzger@intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ravi Shankar <ravi.v.shankar@intel.com>
Cc: Rik van Riel <riel@surriel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 3347c8a079d67af21760a78cc5f2abbcf06d9571 ]
When building with LLVM_IAS=1 means using Clang's Integrated Assembly (IAS)
from LLVM/Clang >= v10.0.1-rc1+ instead of GNU/as from GNU/binutils
I see the following breakage in Debian/testing AMD64:
<instantiation>:15:74: error: too many positional arguments
PRECOMPUTE 8*3+8(%rsp), %xmm1, %xmm2, %xmm3, %xmm4, %xmm5, %xmm6, %xmm7,
^
arch/x86/crypto/aesni-intel_asm.S:1598:2: note: while in macro instantiation
GCM_INIT %r9, 8*3 +8(%rsp), 8*3 +16(%rsp), 8*3 +24(%rsp)
^
<instantiation>:47:2: error: unknown use of instruction mnemonic without a size suffix
GHASH_4_ENCRYPT_4_PARALLEL_dec %xmm9, %xmm10, %xmm11, %xmm12, %xmm13, %xmm14, %xmm0, %xmm1, %xmm2, %xmm3, %xmm4, %xmm5, %xmm6, %xmm7, %xmm8, enc
^
arch/x86/crypto/aesni-intel_asm.S:1599:2: note: while in macro instantiation
GCM_ENC_DEC dec
^
<instantiation>:15:74: error: too many positional arguments
PRECOMPUTE 8*3+8(%rsp), %xmm1, %xmm2, %xmm3, %xmm4, %xmm5, %xmm6, %xmm7,
^
arch/x86/crypto/aesni-intel_asm.S:1686:2: note: while in macro instantiation
GCM_INIT %r9, 8*3 +8(%rsp), 8*3 +16(%rsp), 8*3 +24(%rsp)
^
<instantiation>:47:2: error: unknown use of instruction mnemonic without a size suffix
GHASH_4_ENCRYPT_4_PARALLEL_enc %xmm9, %xmm10, %xmm11, %xmm12, %xmm13, %xmm14, %xmm0, %xmm1, %xmm2, %xmm3, %xmm4, %xmm5, %xmm6, %xmm7, %xmm8, enc
^
arch/x86/crypto/aesni-intel_asm.S:1687:2: note: while in macro instantiation
GCM_ENC_DEC enc
Craig Topper suggested me in ClangBuiltLinux issue #1050:
> I think the "too many positional arguments" is because the parser isn't able
> to handle the trailing commas.
>
> The "unknown use of instruction mnemonic" is because the macro was named
> GHASH_4_ENCRYPT_4_PARALLEL_DEC but its being instantiated with
> GHASH_4_ENCRYPT_4_PARALLEL_dec I guess gas ignores case on the
> macro instantiation, but llvm doesn't.
First, I removed the trailing comma in the PRECOMPUTE line.
Second, I substituted:
1. GHASH_4_ENCRYPT_4_PARALLEL_DEC -> GHASH_4_ENCRYPT_4_PARALLEL_dec
2. GHASH_4_ENCRYPT_4_PARALLEL_ENC -> GHASH_4_ENCRYPT_4_PARALLEL_enc
With these changes I was able to build with LLVM_IAS=1 and boot on bare metal.
I confirmed that this works with Linux-kernel v5.7.5 final.
NOTE: This patch is on top of Linux v5.7 final.
Thanks to Craig and especially Nick for double-checking and his comments.
Suggested-by: Craig Topper <craig.topper@intel.com>
Suggested-by: Craig Topper <craig.topper@gmail.com>
Suggested-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Cc: "ClangBuiltLinux" <clang-built-linux@googlegroups.com>
Link: https://github.com/ClangBuiltLinux/linux/issues/1050
Link: https://bugs.llvm.org/show_bug.cgi?id=24494
Signed-off-by: Sedat Dilek <sedat.dilek@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 5d7f7d1d5e01c22894dee7c9c9266500478dca99 ]
The original code is a nop as i_mce.status is or'ed with part of itself,
fix it.
Fixes: a1300e5052 ("x86/ras/mce_amd_inj: Trigger deferred and thresholding errors interrupts")
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@gmail.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Yazen Ghannam <yazen.ghannam@amd.com>
Link: https://lkml.kernel.org/r/20200611023238.3830-1-zhenzhong.duan@gmail.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8qaHIACgkQONu9yGCS
aT62TxAAwZ04yMUrjhm9TpAYUGJXcZ77AL2fliW4Ep8VRE1umCoKhmp8kB6JV5TD
U/hxqufydvFbuRJK0hmrPhRPCkQfsTD6xKITjq1JgvEz5abGbrPXi7VZtJPQaiUN
LxcNLwYfe2j8cRMWOpPQ10V/HvFpvlyrGF5TYpCT/5h1Y48FdBFTywNzmbL/J55O
v7LMDgg2KB5SMPVsVktThWR5nsATiWBmJWb+4d0+GNkRX0idhu+XIKkNVWW8GAQa
zjaUP9E7ysNU+YBwgD6uaRu0sgIxxqi9eITqqk+46b4gy1S/n5iorIkddkMoaySN
ttLOiZZal9TDs1CTXXCPrw/14b+go9irEpwtYXGMdkmtOV28022m6YF7IkYHpX4I
IsEPfLRlulB0i8DddNguOhHKVkD6Kuf934+sYV447QyqlPSszaGGxh+EK+aOk4/4
PdwvUJlS90ExND0ID4whMgl50MOf6YcQxZ2oykDyNeVqU8USwdo0c6tYatNvdiu9
DRzV6AU9CwnA0rYpCSpXY89j1uWeJCgKvYH3rTBIqUPKWT3LMfshu8xJioxP+29R
eooKvy3I5miPv47s9cQKw+5dae0kH/8boR2flLBkGV/VB5VvnBBswP6Z0CCwMcT0
M5+z7oLnbJdPIJ58kAKDvg6Fu9S/8Y5KVwUiZp3KkNRl9L5lDQY=
=bZTL
-----END PGP SIGNATURE-----
Merge 4.19.137 into android-4.19-stable
Changes in 4.19.137
crypto: ccp - Release all allocated memory if sha type is invalid
media: rc: prevent memory leak in cx23888_ir_probe
iio: imu: adis16400: fix memory leak
drm/amdgpu: fix multiple memory leaks in acp_hw_init
tracing: Have error path in predicate_parse() free its allocated memory
ath9k_htc: release allocated buffer if timed out
ath9k: release allocated buffer if timed out
drm/amd/display: prevent memory leak
btrfs: inode: Verify inode mode to avoid NULL pointer dereference
sctp: implement memory accounting on tx path
Btrfs: fix selftests failure due to uninitialized i_mode in test inodes
PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work
wireless: Use offsetof instead of custom macro.
ARM: 8986/1: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers"
drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl()
drm: hold gem reference until object is no longer accessed
rds: Prevent kernel-infoleak in rds_notify_queue_get()
xfs: fix missed wakeup on l_flush_wait
net/x25: Fix x25_neigh refcnt leak when x25 disconnect
net/x25: Fix null-ptr-deref in x25_disconnect
xfrm: Fix crash when the hold queue is used.
selftests/net: rxtimestamp: fix clang issues for target arch PowerPC
selftests/net: psock_fanout: fix clang issues for target arch PowerPC
sh: Fix validation of system call number
net/mlx5: Verify Hardware supports requested ptp function on a given pin
net: lan78xx: add missing endpoint sanity check
net: lan78xx: fix transfer-buffer memory leak
mlx4: disable device on shutdown
mlxsw: core: Increase scope of RCU read-side critical section
mlxsw: core: Free EMAD transactions using kfree_rcu()
ibmvnic: Fix IRQ mapping disposal in error path
bpf: Fix map leak in HASH_OF_MAPS map
mac80211: mesh: Free ie data when leaving mesh
mac80211: mesh: Free pending skb when destroying a mpath
arm64/alternatives: move length validation inside the subsection
arm64: csum: Fix handling of bad packets
Bluetooth: fix kernel oops in store_pending_adv_report
net: gemini: Fix missing clk_disable_unprepare() in error path of gemini_ethernet_port_probe()
net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq
usb: hso: Fix debug compile warning on sparc32
qed: Disable "MFW indication via attention" SPAM every 5 minutes
nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame
parisc: add support for cmpxchg on u8 pointers
net: ethernet: ravb: exit if re-initialization fails in tx timeout
Revert "i2c: cadence: Fix the hold bit setting"
x86/unwind/orc: Fix ORC for newly forked tasks
cxgb4: add missing release on skb in uld_send()
xen-netfront: fix potential deadlock in xennet_remove()
KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled
x86/i8259: Use printk_deferred() to prevent deadlock
Linux 4.19.137
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ic57c1620f2febb595f4f764757b1792ffc866643
commit bdd65589593edd79b6a12ce86b3b7a7c6dae5208 upstream.
0day reported a possible circular locking dependency:
Chain exists of:
&irq_desc_lock_class --> console_owner --> &port_lock_key
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&port_lock_key);
lock(console_owner);
lock(&port_lock_key);
lock(&irq_desc_lock_class);
The reason for this is a printk() in the i8259 interrupt chip driver
which is invoked with the irq descriptor lock held, which reverses the
lock operations vs. printk() from arbitrary contexts.
Switch the printk() to printk_deferred() to avoid that.
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/87365abt2v.fsf@nanos.tec.linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit d2286ba7d574ba3103a421a2f9ec17cb5b0d87a1 upstream.
Prevent setting the tscdeadline timer if the lapic is hw disabled.
Fixes: bce87cce88 (KVM: x86: consolidate different ways to test for in-kernel LAPIC)
Cc: <stable@vger.kernel.org>
Signed-off-by: Wanpeng Li <wanpengli@tencent.com>
Message-Id: <1596165141-28874-1-git-send-email-wanpengli@tencent.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 372a8eaa05998cd45b3417d0e0ffd3a70978211a ]
The ORC unwinder fails to unwind newly forked tasks which haven't yet
run on the CPU. It correctly reads the 'ret_from_fork' instruction
pointer from the stack, but it incorrectly interprets that value as a
call stack address rather than a "signal" one, so the address gets
incorrectly decremented in the call to orc_find(), resulting in bad ORC
data.
Fix it by forcing 'ret_from_fork' frames to be signal frames.
Reported-by: Wang ShaoBo <bobo.shaobowang@huawei.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Wang ShaoBo <bobo.shaobowang@huawei.com>
Link: https://lkml.kernel.org/r/f91a8778dde8aae7f71884b5df2b16d552040441.1594994374.git.jpoimboe@redhat.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8hMIIACgkQONu9yGCS
aT4+fQ/+LvplGwblkH8vuttKsz17BHXD8/FcL6LIbLKTyaWJMWp/raMWQyQLrZpL
B58dFVZxenmpljLvupB9a1qifZk00U8M+aoU45Pf6PHAww2sGoU1h5sZexqRqOmN
FAh3hLMq1qyJ6qDIugZ0sbtDaO7t5GwvT1YKKo6V9hqi0XamTVrppI/EVVDDA0ve
/WigyxjT51DIPd3bmjJ3Xn920artrW+fydA+jTyMBBME/qFi5s2yN7Rui0ViNz44
crwGxAN1v3+MboulHFsnCdLAlh9hyI4VNXpvpNhKIoVE9BMHgBmmnWA+0KUIjAeA
8GfL2TcspjElNnz9T4f957Rj6Ft7qlStYIyJ45rcGRMXkyNs1lw5CDfkJcy8giVD
7yImkQZ2c8jCgkr/Vor/MfHOPtg1KzpAuNrWZnobTdnaBGxgcC61pnKHxF5Vx40h
78hOFXqunGNMwNBR4EEjmP4B3zapeHVo4GXBPtwY8M878Uj28z2pL4Vx6MhbvmTf
1i8xipclcgpV5ZyN+zv8XA55pcw8ahQOuUknEx+3yH0chlf5cIxXhr92g1DrDwoF
YvNYJQA7qJpgx/k582u6bJYkBdNa+XJaBLjQUhI/Z9UVS33S/CouGHpFyIMpVMx9
vo3ujFpuUP4ZCeKENjINa7RfQhD7oHQQQrk5RcsFBYJaWgCdi3A=
=ugxS
-----END PGP SIGNATURE-----
Merge 4.19.135 into android-4.19-stable
Changes in 4.19.135
soc: qcom: rpmh: Dirt can only make you dirtier, not cleaner
gpio: arizona: handle pm_runtime_get_sync failure case
gpio: arizona: put pm_runtime in case of failure
pinctrl: amd: fix npins for uart0 in kerncz_groups
mac80211: allow rx of mesh eapol frames with default rx key
scsi: scsi_transport_spi: Fix function pointer check
xtensa: fix __sync_fetch_and_{and,or}_4 declarations
xtensa: update *pos in cpuinfo_op.next
drivers/net/wan/lapbether: Fixed the value of hard_header_len
net: sky2: initialize return of gm_phy_read
drm/nouveau/i2c/g94-: increase NV_PMGR_DP_AUXCTL_TRANSACTREQ timeout
drivers/firmware/psci: Fix memory leakage in alloc_init_cpu_groups()
fuse: fix weird page warning
irqdomain/treewide: Keep firmware node unconditionally allocated
SUNRPC reverting d03727b248d0 ("NFSv4 fix CLOSE not waiting for direct IO compeletion")
spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours
tipc: clean up skb list lock handling on send path
IB/umem: fix reference count leak in ib_umem_odp_get()
uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression
ALSA: info: Drop WARN_ON() from buffer NULL sanity check
ASoC: rt5670: Correct RT5670_LDO_SEL_MASK
btrfs: fix double free on ulist after backref resolution failure
btrfs: fix mount failure caused by race with umount
btrfs: fix page leaks after failure to lock page for delalloc
bnxt_en: Fix race when modifying pause settings.
fpga: dfl: fix bug in port reset handshake
hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path
ax88172a: fix ax88172a_unbind() failures
net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration
ieee802154: fix one possible memleak in adf7242_probe
drm: sun4i: hdmi: Fix inverted HPD result
net: smc91x: Fix possible memory leak in smc_drv_probe()
bonding: check error value of register_netdevice() immediately
mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
qed: suppress "don't support RoCE & iWARP" flooding on HW init
ipvs: fix the connection sync failed in some cases
net: ethernet: ave: Fix error returns in ave_init
i2c: rcar: always clear ICSAR to avoid side effects
bonding: check return value of register_netdevice() in bond_newlink()
serial: exar: Fix GPIO configuration for Sealevel cards based on XR17V35X
scripts/decode_stacktrace: strip basepath from all paths
scripts/gdb: fix lx-symbols 'gdb.error' while loading modules
HID: i2c-hid: add Mediacom FlexBook edge13 to descriptor override
HID: alps: support devices with report id 2
HID: steam: fixes race in handling device list.
HID: apple: Disable Fn-key key-re-mapping on clone keyboards
dmaengine: tegra210-adma: Fix runtime PM imbalance on error
Input: add `SW_MACHINE_COVER`
spi: mediatek: use correct SPI_CFG2_REG MACRO
regmap: dev_get_regmap_match(): fix string comparison
hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow
dmaengine: ioat setting ioat timeout as module parameter
Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init()
hwmon: (adm1275) Make sure we are reading enough data for different chips
hwmon: (scmi) Fix potential buffer overflow in scmi_hwmon_probe()
arm64: Use test_tsk_thread_flag() for checking TIF_SINGLESTEP
x86: math-emu: Fix up 'cmp' insn for clang ias
RISC-V: Upgrade smp_mb__after_spinlock() to iorw,iorw
binder: Don't use mmput() from shrinker function.
usb: xhci-mtk: fix the failure of bandwidth allocation
usb: xhci: Fix ASM2142/ASM3142 DMA addressing
Revert "cifs: Fix the target file was deleted when rename failed."
staging: wlan-ng: properly check endpoint types
staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift
staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support
staging: comedi: addi_apci_1500: check INSN_CONFIG_DIGITAL_TRIG shift
staging: comedi: addi_apci_1564: check INSN_CONFIG_DIGITAL_TRIG shift
serial: 8250: fix null-ptr-deref in serial8250_start_tx()
serial: 8250_mtk: Fix high-speed baud rates clamping
fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
vt: Reject zero-sized screen buffer size.
Makefile: Fix GCC_TOOLCHAIN_DIR prefix for Clang cross compilation
mm/memcg: fix refcount error while moving and swapping
mm: memcg/slab: synchronize access to kmem_cache dying flag using a spinlock
mm: memcg/slab: fix memory leak at non-root kmem_cache destroy
io-mapping: indicate mapping failure
drm/amdgpu: Fix NULL dereference in dpm sysfs handlers
drm/amd/powerplay: fix a crash when overclocking Vega M
parisc: Add atomic64_set_release() define to avoid CPU soft lockups
x86, vmlinux.lds: Page-align end of ..page_aligned sections
ASoC: rt5670: Add new gpio1_is_ext_spk_en quirk and enable it on the Lenovo Miix 2 10
ASoC: qcom: Drop HAS_DMA dependency to fix link failure
dm integrity: fix integrity recalculation that is improperly skipped
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
ath9k: Fix regression with Atheros 9271
Linux 4.19.135
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0bbcde83e7c810352d998f28d3484efa2b9ede8e
commit de2b41be8fcccb2f5b6c480d35df590476344201 upstream.
On x86-32 the idt_table with 256 entries needs only 2048 bytes. It is
page-aligned, but the end of the .bss..page_aligned section is not
guaranteed to be page-aligned.
As a result, objects from other .bss sections may end up on the same 4k
page as the idt_table, and will accidentially get mapped read-only during
boot, causing unexpected page-faults when the kernel writes to them.
This could be worked around by making the objects in the page aligned
sections page sized, but that's wrong.
Explicit sections which store only page aligned objects have an implicit
guarantee that the object is alone in the page in which it is placed. That
works for all objects except the last one. That's inconsistent.
Enforcing page sized objects for these sections would wreckage memory
sanitizers, because the object becomes artificially larger than it should
be and out of bound access becomes legit.
Align the end of the .bss..page_aligned and .data..page_aligned section on
page-size so all objects places in these sections are guaranteed to have
their own page.
[ tglx: Amended changelog ]
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/20200721093448.10417-1-joro@8bytes.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 81e96851ea32deb2c921c870eecabf335f598aeb ]
The clang integrated assembler requires the 'cmp' instruction to
have a length prefix here:
arch/x86/math-emu/wm_sqrt.S:212:2: error: ambiguous instructions require an explicit suffix (could be 'cmpb', 'cmpw', or 'cmpl')
cmp $0xffffffff,-24(%ebp)
^
Make this a 32-bit comparison, which it was clearly meant to be.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Link: https://lkml.kernel.org/r/20200527135352.1198078-1-arnd@arndb.de
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb ]
Quite some non OF/ACPI users of irqdomains allocate firmware nodes of type
IRQCHIP_FWNODE_NAMED or IRQCHIP_FWNODE_NAMED_ID and free them right after
creating the irqdomain. The only purpose of these FW nodes is to convey
name information. When this was introduced the core code did not store the
pointer to the node in the irqdomain. A recent change stored the firmware
node pointer in irqdomain for other reasons and missed to notice that the
usage sites which do the alloc_fwnode/create_domain/free_fwnode sequence
are broken by this. Storing a dangling pointer is dangerous itself, but in
case that the domain is destroyed later on this leads to a double free.
Remove the freeing of the firmware node after creating the irqdomain from
all affected call sites to cure this.
Fixes: 711419e504eb ("irqdomain: Add the missing assignment of domain->fwnode for named fwnode")
Reported-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/873661qakd.fsf@nanos.tec.linutronix.de
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl8X634ACgkQONu9yGCS
aT5sNBAA0JUGRrRlbQMgMtjR7ua+OLi3e07A0QNzD9xHqCc6NEXPuk4yYF8Pcs3g
1ARyEDXybdfUFciChoH0zfBxEbXuB/8+3M3ikE6XV3V/aySzHpfXU/zrepq4kB4G
JOqtAxHaLF1tHzsdSZiT3Qj8k8QCcyN9kB08g67JKAe7vd03SKg7CAbBb0JLEUGF
6s7AxohupSJLBWaaQsgYiYMzkH8WceyGMGYydNUNtHLTbHPaj1f5KaRBuHA0Ls57
35ba0suCL3pTbOZ+dF7CqO3mfQgLAY3/vE0jZpoNn3s7BMgOwr3d3cEUhRxI9GPl
fO4Ua7Q9NZ67blLwD/fhcua8CeQUXSxqH5YcgDNqQHnZLx7CJW6kEKbFMlqWNaxf
yhJbmgZJl+BqTkrIaAbz5FCXO6zAnRehh9L54SzZEdBpp5Y5Ep5nuSkwyZra1KWd
b0YK5Yy7dzkZLgPsUc4JrC0o1859IrbvC84fPOk4nuovtCfugnSoIXYjmGQHPFH1
Y5qt/DazsVdzpZIrg2Nvr/LrKh0BOPBjj3SYiCPfZkQDWkKF6ABWSggBxFEqn690
dbJL2A0j+mvuYxUJnkNt0NR3qzXZewHJSqFpCPkN2/TbMNmr9FvKeox9HUIo4qq4
7fqMPs4JNGZHPU7CqxIPJ3s9fjluhkkUtOXZmpzCV/58xI5ZzN0=
=3LQn
-----END PGP SIGNATURE-----
Merge 4.19.134 into android-4.19-stable
Changes in 4.19.134
perf: Make perf able to build with latest libbfd
net: rmnet: fix lower interface leak
genetlink: remove genl_bind
ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
l2tp: remove skb_dst_set() from l2tp_xmit_skb()
llc: make sure applications use ARPHRD_ETHER
net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb
net_sched: fix a memory leak in atm_tc_init()
net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
tcp: fix SO_RCVLOWAT possible hangs under high mem pressure
tcp: make sure listeners don't initialize congestion-control state
tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key()
tcp: md5: do not send silly options in SYNCOOKIES
tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers
tcp: md5: allow changing MD5 keys in all socket states
cgroup: fix cgroup_sk_alloc() for sk_clone_lock()
cgroup: Fix sock_cgroup_data on big-endian.
sched: consistently handle layer3 header accesses in the presence of VLANs
vlan: consolidate VLAN parsing code and limit max parsing depth
drm/msm: fix potential memleak in error branch
drm/exynos: fix ref count leak in mic_pre_enable
m68k: nommu: register start of the memory with memblock
m68k: mm: fix node memblock init
arm64/alternatives: use subsections for replacement sequences
tpm_tis: extra chip->ops check on error path in tpm_tis_core_init
gfs2: read-only mounts should grab the sd_freeze_gl glock
i2c: eg20t: Load module automatically if ID matches
arm64/alternatives: don't patch up internal branches
iio:magnetometer:ak8974: Fix alignment and data leak issues
iio:humidity:hdc100x Fix alignment and data leak issues
iio: magnetometer: ak8974: Fix runtime PM imbalance on error
iio: mma8452: Add missed iio_device_unregister() call in mma8452_probe()
iio: pressure: zpa2326: handle pm_runtime_get_sync failure
iio:humidity:hts221 Fix alignment and data leak issues
iio:pressure:ms5611 Fix buffer element alignment
iio:health:afe4403 Fix timestamp alignment and prevent data leak.
spi: fix initial SPI_SR value in spi-fsl-dspi
spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
net: dsa: bcm_sf2: Fix node reference count
of: of_mdio: Correct loop scanning logic
Revert "usb/ohci-platform: Fix a warning when hibernating"
Revert "usb/xhci-plat: Set PM runtime as active on resume"
Revert "usb/ehci-platform: Set PM runtime as active on resume"
net: sfp: add support for module quirks
net: sfp: add some quirks for GPON modules
HID: quirks: Remove ITE 8595 entry from hid_have_special_driver
ARM: at91: pm: add quirk for sam9x60's ulp1
scsi: sr: remove references to BLK_DEV_SR_VENDOR, leave it enabled
ALSA: usb-audio: Create a registration quirk for Kingston HyperX Amp (0951:16d8)
doc: dt: bindings: usb: dwc3: Update entries for disabling SS instances in park mode
mmc: sdhci: do not enable card detect interrupt for gpio cd type
ALSA: usb-audio: Rewrite registration quirk handling
ACPI: video: Use native backlight on Acer Aspire 5783z
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S
Input: mms114 - add extra compatible for mms345l
ACPI: video: Use native backlight on Acer TravelMate 5735Z
ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S
iio:health:afe4404 Fix timestamp alignment and prevent data leak.
phy: sun4i-usb: fix dereference of pointer phy0 before it is null checked
arm64: dts: meson: add missing gxl rng clock
spi: spi-sun6i: sun6i_spi_transfer_one(): fix setting of clock rate
usb: gadget: udc: atmel: fix uninitialized read in debug printk
staging: comedi: verify array index is correct before using it
Revert "thermal: mediatek: fix register index error"
ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
regmap: debugfs: Don't sleep while atomic for fast_io regmaps
copy_xstate_to_kernel: Fix typo which caused GDB regression
apparmor: ensure that dfa state tables have entries
perf stat: Zero all the 'ena' and 'run' array slot stats for interval mode
soc: qcom: rpmh: Update dirty flag only when data changes
soc: qcom: rpmh: Invalidate SLEEP and WAKE TCSes before flushing new data
soc: qcom: rpmh-rsc: Clear active mode configuration for wake TCS
soc: qcom: rpmh-rsc: Allow using free WAKE TCS for active request
mtd: rawnand: marvell: Use nand_cleanup() when the device is not yet registered
mtd: rawnand: marvell: Fix probe error path
mtd: rawnand: timings: Fix default tR_max and tCCS_min timings
mtd: rawnand: brcmnand: fix CS0 layout
mtd: rawnand: oxnas: Keep track of registered devices
mtd: rawnand: oxnas: Unregister all devices on error
mtd: rawnand: oxnas: Release all devices in the _remove() path
slimbus: core: Fix mismatch in of_node_get/put
HID: magicmouse: do not set up autorepeat
HID: quirks: Always poll Obins Anne Pro 2 keyboard
HID: quirks: Ignore Simply Automated UPB PIM
ALSA: line6: Perform sanity check for each URB creation
ALSA: line6: Sync the pending work cancel at disconnection
ALSA: usb-audio: Fix race against the error recovery URB submission
ALSA: hda/realtek - change to suitable link model for ASUS platform
ALSA: hda/realtek - Enable Speaker for ASUS UX533 and UX534
USB: c67x00: fix use after free in c67x00_giveback_urb
usb: dwc2: Fix shutdown callback in platform
usb: chipidea: core: add wakeup support for extcon
usb: gadget: function: fix missing spinlock in f_uac1_legacy
USB: serial: iuu_phoenix: fix memory corruption
USB: serial: cypress_m8: enable Simply Automated UPB PIM
USB: serial: ch341: add new Product ID for CH340
USB: serial: option: add GosunCn GM500 series
USB: serial: option: add Quectel EG95 LTE modem
virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream
virt: vbox: Fix guest capabilities mask check
virtio: virtio_console: add missing MODULE_DEVICE_TABLE() for rproc serial
serial: mxs-auart: add missed iounmap() in probe failure and remove
ovl: inode reference leak in ovl_is_inuse true case.
ovl: relax WARN_ON() when decoding lower directory file handle
ovl: fix unneeded call to ovl_change_flags()
fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS
Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()"
mei: bus: don't clean driver pointer
Input: i8042 - add Lenovo XiaoXin Air 12 to i8042 nomux list
uio_pdrv_genirq: fix use without device tree and no interrupt
timer: Prevent base->clk from moving backward
timer: Fix wheel index calculation on last level
MIPS: Fix build for LTS kernel caused by backporting lpj adjustment
riscv: use 16KB kernel stack on 64-bit
hwmon: (emc2103) fix unable to change fan pwm1_enable attribute
powerpc/book3s64/pkeys: Fix pkey_access_permitted() for execute disable pkey
intel_th: pci: Add Jasper Lake CPU support
intel_th: pci: Add Tiger Lake PCH-H support
intel_th: pci: Add Emmitsburg PCH support
intel_th: Fix a NULL dereference when hub driver is not loaded
dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler
misc: atmel-ssc: lock with mutex instead of spinlock
thermal/drivers/cpufreq_cooling: Fix wrong frequency converted from power
arm64: ptrace: Override SPSR.SS when single-stepping is enabled
arm64: ptrace: Consistently use pseudo-singlestep exceptions
arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return
sched: Fix unreliable rseq cpu_id for new tasks
sched/fair: handle case of task_h_load() returning 0
genirq/affinity: Handle affinity setting on inactive interrupts correctly
printk: queue wake_up_klogd irq_work only if per-CPU areas are ready
libceph: don't omit recovery_deletes in target_copy()
rxrpc: Fix trace string
spi: sprd: switch the sequence of setting WDG_LOAD_LOW and _HIGH
Linux 4.19.134
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ieeb9e03f4a2d51aeebe3a3eadd9c1b93a26088a0
commit baedb87d1b53532f81b4bd0387f83b05d4f7eb9a upstream.
Setting interrupt affinity on inactive interrupts is inconsistent when
hierarchical irq domains are enabled. The core code should just store the
affinity and not call into the irq chip driver for inactive interrupts
because the chip drivers may not be in a state to handle such requests.
X86 has a hacky workaround for that but all other irq chips have not which
causes problems e.g. on GIC V3 ITS.
Instead of adding more ugly hacks all over the place, solve the problem in
the core code. If the affinity is set on an inactive interrupt then:
- Store it in the irq descriptors affinity mask
- Update the effective affinity to reflect that so user space has
a consistent view
- Don't call into the irq chip driver
This is the core equivalent of the X86 workaround and works correctly
because the affinity setting is established in the irq chip when the
interrupt is activated later on.
Note, that this is only effective when hierarchical irq domains are enabled
by the architecture. Doing it unconditionally would break legacy irq chip
implementations.
For hierarchial irq domains this works correctly as none of the drivers can
have a dependency on affinity setting in inactive state by design.
Remove the X86 workaround as it is not longer required.
Fixes: 02edee152d ("x86/apic/vector: Ignore set_affinity call for inactive interrupts")
Reported-by: Ali Saidi <alisaidi@amazon.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Ali Saidi <alisaidi@amazon.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20200529015501.15771-1-alisaidi@amazon.com
Link: https://lkml.kernel.org/r/877dv2rv25.fsf@nanos.tec.linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 5714ee50bb4375bd586858ad800b1d9772847452 upstream.
This fixes a regression encountered while running the
gdb.base/corefile.exp test in GDB's test suite.
In my testing, the typo prevented the sw_reserved field of struct
fxregs_state from being output to the kernel XSAVES area. Thus the
correct mask corresponding to XCR0 was not present in the core file for
GDB to interrogate, resulting in the following behavior:
[kev@f32-1 gdb]$ ./gdb -q testsuite/outputs/gdb.base/corefile/corefile testsuite/outputs/gdb.base/corefile/corefile.core
Reading symbols from testsuite/outputs/gdb.base/corefile/corefile...
[New LWP 232880]
warning: Unexpected size of section `.reg-xstate/232880' in core file.
With the typo fixed, the test works again as expected.
Signed-off-by: Kevin Buettner <kevinb@redhat.com>
Fixes: 9e4636545933 ("copy_xstate_to_kernel(): don't leave parts of destination uninitialized")
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Dave Airlie <airlied@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 679b2ec8e060ca7a90441aff5e7d384720a41b76 ]
This kernel configuration is basically enabling/disabling sr driver quirks
detection. While these quirks are for fairly rare devices (very old CD
burners, and a glucometer), the additional detection of these models is a
very minimal amount of code.
The logic behind the quirks is always built into the sr driver.
This also removes the config from all the defconfig files that are enabling
this already.
Link: https://lore.kernel.org/r/20200223191144.726-1-flameeyes@flameeyes.com
Reviewed-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Changes in 4.19.133
KVM: s390: reduce number of IO pins to 1
spi: spi-fsl-dspi: Adding shutdown hook
spi: spi-fsl-dspi: Fix lockup if device is removed during SPI transfer
spi: spi-fsl-dspi: use IRQF_SHARED mode to request IRQ
spi: spi-fsl-dspi: Fix external abort on interrupt in resume or exit paths
regmap: fix alignment issue
ARM: dts: omap4-droid4: Fix spi configuration and increase rate
drm/tegra: hub: Do not enable orphaned window group
gpu: host1x: Detach driver on unregister
spi: spidev: fix a race between spidev_release and spidev_remove
spi: spidev: fix a potential use-after-free in spidev_release()
ixgbe: protect ring accesses with READ- and WRITE_ONCE
i40e: protect ring accesses with READ- and WRITE_ONCE
drm: panel-orientation-quirks: Add quirk for Asus T101HA panel
drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003
s390/kasan: fix early pgm check handler execution
cifs: update ctime and mtime during truncate
ARM: imx6: add missing put_device() call in imx6q_suspend_init()
scsi: mptscsih: Fix read sense data size
usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work
block: release bip in a right way in error path
nvme-rdma: assign completion vector correctly
x86/entry: Increase entry_stack size to a full page
net: qrtr: Fix an out of bounds read qrtr_endpoint_post()
drm/mediatek: Check plane visibility in atomic_update
net: cxgb4: fix return error value in t4_prep_fw
smsc95xx: check return value of smsc95xx_reset
smsc95xx: avoid memory leak in smsc95xx_bind
net: hns3: fix use-after-free when doing self test
ALSA: compress: fix partial_drain completion state
arm64: kgdb: Fix single-step exception handling oops
nbd: Fix memory leak in nbd_add_socket
cxgb4: fix all-mask IP address comparison
bnxt_en: fix NULL dereference in case SR-IOV configuration fails
net: macb: mark device wake capable when "magic-packet" property present
mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON()
ALSA: opl3: fix infoleak in opl3
ALSA: hda - let hs_mic be picked ahead of hp_mic
ALSA: usb-audio: add quirk for MacroSilicon MS2109
KVM: arm64: Fix definition of PAGE_HYP_DEVICE
KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART
KVM: x86: bit 8 of non-leaf PDPEs is not reserved
KVM: x86: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode
KVM: x86: Mark CR4.TSD as being possibly owned by the guest
kallsyms: Refactor kallsyms_show_value() to take cred
kernel: module: Use struct_size() helper
module: Refactor section attr into bin attribute
module: Do not expose section addresses to non-CAP_SYSLOG
kprobes: Do not expose probe addresses to non-CAP_SYSLOG
bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok()
Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb"
btrfs: fix fatal extent_buffer readahead vs releasepage race
drm/radeon: fix double free
dm: use noio when sending kobject event
ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE
ARC: elf: use right ELF_ARCH
s390/mm: fix huge pte soft dirty copying
Linux 4.19.133
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0a0198d501017d2bc701b653d75dc9cedd1ebbd9
This is required on devices without sdcardfs.
Bug: 158733532
Bug: 161415296
Test: manual
Change-Id: I21d6ee488b7e4a094260cffc654a4c9dc3392081
Signed-off-by: Martijn Coenen <maco@google.com>
(cherry picked from commit 2f8b07b33144e9a831baa69f1df7b7eb8ea52aad)
Signed-off-by: Will McVicker <willmcvicker@google.com>
The android.security.cts.KernelConfigTest#testConfigDisableUsermodehelper
test is failing because CONFIG_STATIC_USERMODEHELPER_PATH is set to
an invalid value ("/sbin/usermode-helper") for the test. Setting to ""
instead.
Bug: 160949257
Bug: 161415285
Signed-off-by: Todd Kjos <tkjos@google.com>
Signed-off-by: Hridya Valsaraju <hridya@google.com>
Change-Id: I1d9f003c15a6b1d9a7f47804e50661a44a0725d5
(cherry picked from commit 183a32873919c05f080df82b627823b726a8cfeb)
commit 7c83d096aed055a7763a03384f92115363448b71 upstream.
Mark CR4.TSD as being possibly owned by the guest as that is indeed the
case on VMX. Without TSD being tagged as possibly owned by the guest, a
targeted read of CR4 to get TSD could observe a stale value. This bug
is benign in the current code base as the sole consumer of TSD is the
emulator (for RDTSC) and the emulator always "reads" the entirety of CR4
when grabbing bits.
Add a build-time assertion in to ensure VMX doesn't hand over more CR4
bits without also updating x86.
Fixes: 52ce3c21ae ("x86,kvm,vmx: Don't trap writes to CR4.TSD")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200703040422.31536-2-sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit d74fcfc1f0ff4b6c26ecef1f9e48d8089ab4eaac upstream.
Inject a #GP on MOV CR4 if CR4.LA57 is toggled in 64-bit mode, which is
illegal per Intel's SDM:
CR4.LA57
57-bit linear addresses (bit 12 of CR4) ... blah blah blah ...
This bit cannot be modified in IA-32e mode.
Note, the pseudocode for MOV CR doesn't call out the fault condition,
which is likely why the check was missed during initial development.
This is arguably an SDM bug and will hopefully be fixed in future
release of the SDM.
Fixes: fd8cb43373 ("KVM: MMU: Expose the LA57 feature to VM.")
Cc: stable@vger.kernel.org
Reported-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200703021714.5549-1-sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 5ecad245de2ae23dc4e2dbece92f8ccfbaed2fa7 upstream.
Bit 8 would be the "global" bit, which does not quite make sense for non-leaf
page table entries. Intel ignores it; AMD ignores it in PDEs and PDPEs, but
reserves it in PML4Es.
Probably, earlier versions of the AMD manual documented it as reserved in PDPEs
as well, and that behavior made it into KVM as well as kvm-unit-tests; fix it.
Cc: stable@vger.kernel.org
Reported-by: Nadav Amit <namit@vmware.com>
Fixes: a0c0feb579 ("KVM: x86: reserve bit 8 of non-leaf PDPEs and PML4Es in 64-bit mode on AMD", 2014-09-03)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit c7aadc09321d8f9a1d3bd1e6d8a47222ecddf6c5 ]
Marco crashed in bad_iret with a Clang11/KCSAN build due to
overflowing the stack. Now that we run C code on it, expand it to a
full page.
Suggested-by: Andy Lutomirski <luto@amacapital.net>
Reported-by: Marco Elver <elver@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Lai Jiangshan <jiangshanlai@gmail.com>
Tested-by: Marco Elver <elver@google.com>
Link: https://lkml.kernel.org/r/20200618144801.819246178@infradead.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAl78APEACgkQ3qZv95d3
LNyt+w/+PkFP8++ZsiI6GegXraxVbGuY4ndXroXAiTYa0uZjdsIhqJpgyVsJ/pbq
jU/Hcfv8a0UGme7Hqy61KwN6aaCpM27zxE3aV/N9othtJWn59hiB51CyCcKMrjxK
Mj6PN+yHxLPzCNBszEvOsICsBQt9HtJB11gcbJQPJ2skriVxSER0QrZi2s5jJuoS
vVbxfRngXCnzTsxmpbYjMh1sE9/z/dNpCuyQ13f1MPAPpWFP1SxmMUfknXEO8gkF
ThRIhI6uHDucAQxhP42McBsuoP64KfB90fKzFEuWmlit4OCmqW9subTeaI8V1muK
CxkPqwRnyYmqbAM9auRwbJxtYfT0ONtDZj4zbLulq4qMTJF650968RQNIW+B1K3C
jika93Am0YbNPOyq3m9Ac96NaTFjjhpIzu13P6xUQNf3/ydPKY9PHif2CnWCHPsX
BO9fap7gsWHa88khjEGYXwcQCOC+UzQlcsT6CsWPTUTmcLObHiv863Rqm7LpXjit
9gjKlNHdP6U0q+bz5aiiEtoNJ/2ZDwoz1I+srbrk7QMdVzAn+uRRtLRQxmJtryw1
oTnJJu0iv9Zspn/PFXwlrpsYDDEBFfXFWvC+izfz8nm8CPFKgH9G96XNefcXlI9e
3qxjDpkFb74R6ovnWKtJY8pR1qX/5TRC0/+/WpbZBILqW4Z0k5w=
=YVa/
-----END PGP SIGNATURE-----
Merge 4.19.131 into android-4.19-stable
Changes in 4.19.131
net: be more gentle about silly gso requests coming from user
block/bio-integrity: don't free 'buf' if bio_integrity_add_page() failed
fanotify: fix ignore mask logic for events on child and on dir
mtd: rawnand: marvell: Fix the condition on a return code
net: bcmgenet: remove HFB_CTRL access
net: sched: export __netdev_watchdog_up()
EDAC/amd64: Add Family 17h Model 30h PCI IDs
i2c: tegra: Cleanup kerneldoc comments
i2c: tegra: Add missing kerneldoc for some fields
i2c: tegra: Fix Maximum transfer size
fix a braino in "sparc32: fix register window handling in genregs32_[gs]et()"
ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294
ALSA: hda/realtek: Enable mute LED on an HP system
ALSA: hda/realtek - Enable micmute LED on and HP system
apparmor: don't try to replace stale label in ptraceme check
ibmveth: Fix max MTU limit
mld: fix memory leak in ipv6_mc_destroy_dev()
net: bridge: enfore alignment for ethernet address
net: fix memleak in register_netdevice()
net: place xmit recursion in softnet data
net: use correct this_cpu primitive in dev_recursion_level
net: increment xmit_recursion level in dev_direct_xmit()
net: usb: ax88179_178a: fix packet alignment padding
rocker: fix incorrect error handling in dma_rings_init
rxrpc: Fix notification call on completion of discarded calls
sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket
tcp: don't ignore ECN CWR on pure ACK
tcp: grow window for OOO packets only for SACK flows
tg3: driver sleeps indefinitely when EEH errors exceed eeh_max_freezes
ip6_gre: fix use-after-free in ip6gre_tunnel_lookup()
net: phy: Check harder for errors in get_phy_id()
ip_tunnel: fix use-after-free in ip_tunnel_lookup()
sch_cake: don't try to reallocate or unshare skb unconditionally
sch_cake: fix a few style nits
tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT
sch_cake: don't call diffserv parsing code when it is not needed
net: Fix the arp error in some cases
net: Do not clear the sock TX queue in sk_set_socket()
net: core: reduce recursion limit value
USB: ohci-sm501: Add missed iounmap() in remove
usb: dwc2: Postponed gadget registration to the udc class driver
usb: add USB_QUIRK_DELAY_INIT for Logitech C922
USB: ehci: reopen solution for Synopsys HC bug
usb: host: xhci-mtk: avoid runtime suspend when removing hcd
xhci: Poll for U0 after disabling USB2 LPM
usb: host: ehci-exynos: Fix error check in exynos_ehci_probe()
usb: typec: tcpci_rt1711h: avoid screaming irq causing boot hangs
ALSA: usb-audio: add quirk for Denon DCD-1500RE
ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG)
ALSA: usb-audio: Fix OOB access of mixer element list
scsi: zfcp: Fix panic on ERP timeout for previously dismissed ERP action
xhci: Fix incorrect EP_STATE_MASK
xhci: Fix enumeration issue when setting max packet size for FS devices.
xhci: Return if xHCI doesn't support LPM
cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip
loop: replace kill_bdev with invalidate_bdev
IB/mad: Fix use after free when destroying MAD agent
cifs/smb3: Fix data inconsistent when punch hole
cifs/smb3: Fix data inconsistent when zero file range
xfrm: Fix double ESP trailer insertion in IPsec crypto offload.
ASoC: q6asm: handle EOS correctly
efi/esrt: Fix reference count leak in esre_create_sysfs_entry.
regualtor: pfuze100: correct sw1a/sw2 on pfuze3000
ASoC: fsl_ssi: Fix bclk calculation for mono channel
ARM: dts: Fix duovero smsc interrupt for suspend
x86/resctrl: Fix a NULL vs IS_ERR() static checker warning in rdt_cdp_peer_get()
regmap: Fix memory leak from regmap_register_patch
ARM: dts: NSP: Correct FA2 mailbox node
rxrpc: Fix handling of rwind from an ACK packet
RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532
RDMA/cma: Protect bind_list and listen_list while finding matching cm id
ASoC: rockchip: Fix a reference count leak.
RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads()
net: qed: fix left elements count calculation
net: qed: fix NVMe login fails over VFs
net: qed: fix excessive QM ILT lines consumption
cxgb4: move handling L2T ARP failures to caller
ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram()
usb: gadget: udc: Potential Oops in error handling code
netfilter: ipset: fix unaligned atomic access
net: bcmgenet: use hardware padding of runt frames
i2c: fsi: Fix the port number field in status register
i2c: core: check returned size of emulated smbus block read
sched/deadline: Initialize ->dl_boosted
sched/core: Fix PI boosting between RT and DEADLINE tasks
sata_rcar: handle pm_runtime_get_sync failure cases
ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function
drm/amd/display: Use kfree() to free rgb_user in calculate_user_regamma_ramp()
riscv/atomic: Fix sign extension for RV64I
hwrng: ks-sa - Fix runtime PM imbalance on error
ibmvnic: Harden device login requests
net: alx: fix race condition in alx_remove
s390/ptrace: fix setting syscall number
s390/vdso: fix vDSO clock_getres()
arm64: sve: Fix build failure when ARM64_SVE=y and SYSCTL=n
kbuild: improve cc-option to clean up all temporary files
blktrace: break out of blktrace setup on concurrent calls
RISC-V: Don't allow write+exec only page mapping request in mmap
ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table
ALSA: hda/realtek - Add quirk for MSI GE63 laptop
ACPI: sysfs: Fix pm_profile_attr type
erofs: fix partially uninitialized misuse in z_erofs_onlinepage_fixup
KVM: X86: Fix MSR range of APIC registers in X2APIC mode
KVM: nVMX: Plumb L2 GPA through to PML emulation
x86/asm/64: Align start of __clear_user() loop to 16-bytes
btrfs: fix data block group relocation failure due to concurrent scrub
btrfs: fix failure of RWF_NOWAIT write into prealloc extent beyond eof
mm/slab: use memzero_explicit() in kzfree()
ocfs2: avoid inode removal while nfsd is accessing it
ocfs2: load global_inode_alloc
ocfs2: fix value of OCFS2_INVALID_SLOT
ocfs2: fix panic on nfs server over ocfs2
arm64: perf: Report the PC value in REGS_ABI_32 mode
tracing: Fix event trigger to accept redundant spaces
ring-buffer: Zero out time extend if it is nested and not absolute
drm: rcar-du: Fix build error
drm/radeon: fix fb_div check in ni_init_smc_spll_table()
Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate()
sunrpc: fixed rollback in rpc_gssd_dummy_populate()
SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment()
pNFS/flexfiles: Fix list corruption if the mirror count changes
NFSv4 fix CLOSE not waiting for direct IO compeletion
dm writecache: correct uncommitted_block when discarding uncommitted entry
dm writecache: add cond_resched to loop in persistent_memory_claim()
xfs: add agf freeblocks verify in xfs_agf_verify
Revert "tty: hvc: Fix data abort due to race in hvc_open"
Linux 4.19.131
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2c5abdfc2979e50d441bb0e0bcd499e03c61cefd
commit bb5570ad3b54e7930997aec76ab68256d5236d94 upstream.
x86 CPUs can suffer severe performance drops if a tight loop, such as
the ones in __clear_user(), straddles a 16-byte instruction fetch
window, or worse, a 64-byte cacheline. This issues was discovered in the
SUSE kernel with the following commit,
1153933703 ("x86/asm/64: Micro-optimize __clear_user() - Use immediate constants")
which increased the code object size from 10 bytes to 15 bytes and
caused the 8-byte copy loop in __clear_user() to be split across a
64-byte cacheline.
Aligning the start of the loop to 16-bytes makes this fit neatly inside
a single instruction fetch window again and restores the performance of
__clear_user() which is used heavily when reading from /dev/zero.
Here are some numbers from running libmicro's read_z* and pread_z*
microbenchmarks which read from /dev/zero:
Zen 1 (Naples)
libmicro-file
5.7.0-rc6 5.7.0-rc6 5.7.0-rc6
revert-1153933703d9+ align16+
Time mean95-pread_z100k 9.9195 ( 0.00%) 5.9856 ( 39.66%) 5.9938 ( 39.58%)
Time mean95-pread_z10k 1.1378 ( 0.00%) 0.7450 ( 34.52%) 0.7467 ( 34.38%)
Time mean95-pread_z1k 0.2623 ( 0.00%) 0.2251 ( 14.18%) 0.2252 ( 14.15%)
Time mean95-pread_zw100k 9.9974 ( 0.00%) 6.0648 ( 39.34%) 6.0756 ( 39.23%)
Time mean95-read_z100k 9.8940 ( 0.00%) 5.9885 ( 39.47%) 5.9994 ( 39.36%)
Time mean95-read_z10k 1.1394 ( 0.00%) 0.7483 ( 34.33%) 0.7482 ( 34.33%)
Note that this doesn't affect Haswell or Broadwell microarchitectures
which seem to avoid the alignment issue by executing the loop straight
out of the Loop Stream Detector (verified using perf events).
Fixes: 1153933703 ("x86/asm/64: Micro-optimize __clear_user() - Use immediate constants")
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: <stable@vger.kernel.org> # v4.19+
Link: https://lkml.kernel.org/r/20200618102002.30034-1-matt@codeblueprint.co.uk
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 2dbebf7ae1ed9a420d954305e2c9d5ed39ec57c3 upstream.
Explicitly pass the L2 GPA to kvm_arch_write_log_dirty(), which for all
intents and purposes is vmx_write_pml_buffer(), instead of having the
latter pull the GPA from vmcs.GUEST_PHYSICAL_ADDRESS. If the dirty bit
update is the result of KVM emulation (rare for L2), then the GPA in the
VMCS may be stale and/or hold a completely unrelated GPA.
Fixes: c5f983f6e8 ("nVMX: Implement emulated Page Modification Logging")
Cc: stable@vger.kernel.org
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200622215832.22090-2-sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit bf10bd0be53282183f374af23577b18b5fbf7801 upstream.
Only MSR address range 0x800 through 0x8ff is architecturally reserved
and dedicated for accessing APIC registers in x2APIC mode.
Fixes: 0105d1a526 ("KVM: x2apic interface to lapic")
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-Id: <20200616073307.16440-1-xiaoyao.li@intel.com>
Cc: stable@vger.kernel.org
Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit cc5277fe66cf3ad68f41f1c539b2ef0d5e432974 ]
The callers don't expect *d_cdp to be set to an error pointer, they only
check for NULL. This leads to a static checker warning:
arch/x86/kernel/cpu/resctrl/rdtgroup.c:2648 __init_one_rdt_domain()
warn: 'd_cdp' could be an error pointer
This would not trigger a bug in this specific case because
__init_one_rdt_domain() calls it with a valid domain that would not have
a negative id and thus not trigger the return of the ERR_PTR(). If this
was a negative domain id then the call to rdt_find_domain() in
domain_add_cpu() would have returned the ERR_PTR() much earlier and the
creation of the domain with an invalid id would have been prevented.
Even though a bug is not triggered currently the right and safe thing to
do is to set the pointer to NULL because that is what can be checked for
when the caller is handling the CDP and non-CDP cases.
Fixes: 52eb74339a62 ("x86/resctrl: Fix rdt_find_domain() return value and checks")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Acked-by: Reinette Chatre <reinette.chatre@intel.com>
Acked-by: Fenghua Yu <fenghua.yu@intel.com>
Link: https://lkml.kernel.org/r/20200602193611.GA190851@mwanda
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl70p5sACgkQONu9yGCS
aT4nRg/9HAG5FdyJgH3OnUY5LtrjtlVpRsD+AgdUnnftpDprZ0m4dZsUuUSF4fJJ
hzEr98/vX41yYqi2ne9mZcPnm4uOw21dEJK9X/2Z5+654i4qOwcv9FfVQSAdSpXC
KEN0rRlZw0MdXwISmU9UbBTwSRqxi0qJNWfSR3rS9DZRiSPhhxElMwbdcYXjpgKR
GZ7Wd/pDb0q371mR2Ar7+13PVxsvBzoEwYUngbeTr3EXtCiWiavBqBzABpJQYH9L
xm5ZfFLwLMsnQSd/gdW7DZGq+6JdLgf6HaY4FOcpkoDo5gSSDc2RNTg8jbzu8dM0
o2Wge54q9aTbuu+sc6k9x5HAaTPdv7uFnORdBvNhYGZWfXv69SZjCFgqwjsmPiww
+wg6D4uYWeh+faIz4tNBHk/bjIIMACnSJifsd131aXUed1cm4GeeQEQgimT8ea99
uOZrKPSTd+tbY3tZJrX2TyixYKgtaegdYTh3GWLx0AmYS8dOTHKfezUMMtFj4F7F
XTbZ3IWyVTSynO/7LRLdEGwAZjA/vWCK3YQS95qVCY1ni7h2vZw4FQb2C9CHyHAq
BIqiu2rOvxAsmIgh6GFcLLYN6cAa+lgIifmOMn2DPYrfF2gcrrGt6iOm1fc0gr5t
QbNYK7OQ/1L70BgvnI1lDAl4qG6lhSKV28SB6Csbzrz5WYzbfnE=
=iU+4
-----END PGP SIGNATURE-----
Merge 4.19.130 into android-4.19-stable
Changes in 4.19.130
power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select
clk: sunxi: Fix incorrect usage of round_down()
ASoC: tegra: tegra_wm8903: Support nvidia, headset property
i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
iio: pressure: bmp280: Tolerate IRQ before registering
remoteproc: Fix IDR initialisation in rproc_alloc()
clk: qcom: msm8916: Fix the address location of pll->config_reg
backlight: lp855x: Ensure regulators are disabled on probe failure
ASoC: davinci-mcasp: Fix dma_chan refcnt leak when getting dma type
ARM: integrator: Add some Kconfig selections
scsi: qedi: Check for buffer overflow in qedi_set_path()
ALSA: hda/realtek - Introduce polarity for micmute LED GPIO
ALSA: isa/wavefront: prevent out of bounds write in ioctl
PCI: Allow pci_resize_resource() for devices on root bus
scsi: qla2xxx: Fix issue with adapter's stopping state
iio: bmp280: fix compensation of humidity
f2fs: report delalloc reserve as non-free in statfs for project quota
i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
clk: samsung: Mark top ISP and CAM clocks on Exynos542x as critical
usblp: poison URBs upon disconnect
serial: 8250: Fix max baud limit in generic 8250 port
dm mpath: switch paths in dm_blk_ioctl() code path
PCI: aardvark: Don't blindly enable ASPM L0s and don't write to read-only register
ps3disk: use the default segment boundary
vfio/pci: fix memory leaks in alloc_perm_bits()
RDMA/mlx5: Add init2init as a modify command
m68k/PCI: Fix a memory leak in an error handling path
gpio: dwapb: Call acpi_gpiochip_free_interrupts() on GPIO chip de-registration
mfd: wm8994: Fix driver operation if loaded as modules
scsi: lpfc: Fix lpfc_nodelist leak when processing unsolicited event
clk: clk-flexgen: fix clock-critical handling
powerpc/perf/hv-24x7: Fix inconsistent output values incase multiple hv-24x7 events run
nfsd: Fix svc_xprt refcnt leak when setup callback client failed
PCI: vmd: Filter resource type bits from shadow register
powerpc/crashkernel: Take "mem=" option into account
pwm: img: Call pm_runtime_put() in pm_runtime_get_sync() failed case
yam: fix possible memory leak in yam_init_driver
NTB: ntb_pingpong: Choose doorbells based on port number
NTB: Fix the default port and peer numbers for legacy drivers
mksysmap: Fix the mismatch of '.L' symbols in System.map
apparmor: fix introspection of of task mode for unconfined tasks
apparmor: check/put label on apparmor_sk_clone_security()
ASoC: meson: add missing free_irq() in error path
scsi: sr: Fix sr_probe() missing deallocate of device minor
scsi: ibmvscsi: Don't send host info in adapter info MAD after LPM
apparmor: fix nnp subset test for unconfined
x86/purgatory: Disable various profiling and sanitizing options
staging: greybus: fix a missing-check bug in gb_lights_light_config()
arm64: dts: mt8173: fix unit name warnings
scsi: qedi: Do not flush offload work if ARP not resolved
ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity
gpio: dwapb: Append MODULE_ALIAS for platform driver
scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing
pinctrl: rza1: Fix wrong array assignment of rza1l_swio_entries
firmware: qcom_scm: fix bogous abuse of dma-direct internals
staging: gasket: Fix mapping refcnt leak when put attribute fails
staging: gasket: Fix mapping refcnt leak when register/store fails
ALSA: usb-audio: Improve frames size computation
ALSA: usb-audio: Fix racy list management in output queue
s390/qdio: put thinint indicator after early error
tty: hvc: Fix data abort due to race in hvc_open
slimbus: ngd: get drvdata from correct device
thermal/drivers/ti-soc-thermal: Avoid dereferencing ERR_PTR
usb: dwc3: gadget: Properly handle failed kick_transfer
staging: sm750fb: add missing case while setting FB_VISUAL
PCI: v3-semi: Fix a memory leak in v3_pci_probe() error handling paths
i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output
serial: amba-pl011: Make sure we initialize the port.lock spinlock
drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish
PCI: rcar: Fix incorrect programming of OB windows
PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges
scsi: qla2xxx: Fix warning after FC target reset
power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()'
power: supply: smb347-charger: IRQSTAT_D is volatile
scsi: mpt3sas: Fix double free warnings
pinctrl: rockchip: fix memleak in rockchip_dt_node_to_map
dlm: remove BUG() before panic()
clk: ti: composite: fix memory leak
PCI: Fix pci_register_host_bridge() device_register() error handling
powerpc/64: Don't initialise init_task->thread.regs
tty: n_gsm: Fix SOF skipping
tty: n_gsm: Fix waking up upper tty layer when room available
HID: Add quirks for Trust Panora Graphic Tablet
ipmi: use vzalloc instead of kmalloc for user creation
powerpc/pseries/ras: Fix FWNMI_VALID off by one
powerpc/ps3: Fix kexec shutdown hang
vfio-pci: Mask cap zero
usb/ohci-platform: Fix a warning when hibernating
drm/msm/mdp5: Fix mdp5_init error path for failed mdp5_kms allocation
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT8-A tablet
USB: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()
tty: n_gsm: Fix bogus i++ in gsm_data_kick
fpga: dfl: afu: Corrected error handling levels
clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
scsi: target: tcmu: Userspace must not complete queued commands
arm64: tegra: Fix ethernet phy-mode for Jetson Xavier
powerpc/64s/pgtable: fix an undefined behaviour
dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone
PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port
PCI: dwc: Fix inner MSI IRQ domain registration
IB/cma: Fix ports memory leak in cma_configfs
watchdog: da9062: No need to ping manually before setting timeout
usb: dwc2: gadget: move gadget resume after the core is in L0 state
USB: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke
usb: gadget: lpc32xx_udc: don't dereference ep pointer before null check
usb: gadget: fix potential double-free in m66592_probe.
usb: gadget: Fix issue with config_ep_by_speed function
RDMA/iw_cxgb4: cleanup device debugfs entries on ULD remove
x86/apic: Make TSC deadline timer detection message visible
ASoC: fix incomplete error-handling in img_i2s_in_probe.
scsi: target: tcmu: Fix a use after free in tcmu_check_expired_queue_cmd()
clk: bcm2835: Fix return type of bcm2835_register_gate
scsi: ufs-qcom: Fix scheduling while atomic issue
KVM: PPC: Book3S HV: Ignore kmemleak false positives
clk: sprd: return correct type of value for _sprd_pll_recalc_rate
net: sunrpc: Fix off-by-one issues in 'rpc_ntop6'
NFSv4.1 fix rpc_call_done assignment for BIND_CONN_TO_SESSION
of: Fix a refcounting bug in __of_attach_node_sysfs()
powerpc/4xx: Don't unmap NULL mbase
extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'
ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
vfio/mdev: Fix reference count leak in add_mdev_supported_type
rxrpc: Adjust /proc/net/rxrpc/calls to display call->debug_id not user_ID
openrisc: Fix issue with argument clobbering for clone/fork
gfs2: Allow lock_nolock mount to specify jid=X
scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
scsi: ufs: Don't update urgent bkops level when toggling auto bkops
pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'
pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()'
crypto: omap-sham - add proper load balancing support for multicore
geneve: change from tx_error to tx_dropped on missing metadata
lib/zlib: remove outdated and incorrect pre-increment optimization
include/linux/bitops.h: avoid clang shift-count-overflow warnings
elfnote: mark all .note sections SHF_ALLOC
selftests/vm/pkeys: fix alloc_random_pkey() to make it really random
blktrace: use errno instead of bi_status
blktrace: fix endianness in get_pdu_int()
blktrace: fix endianness for blk_log_remap()
gfs2: fix use-after-free on transaction ail lists
ntb_perf: pass correct struct device to dma_alloc_coherent
ntb_tool: pass correct struct device to dma_alloc_coherent
NTB: ntb_tool: reading the link file should not end in a NULL byte
NTB: Revert the change to use the NTB device dev for DMA allocations
NTB: perf: Don't require one more memory window than number of peers
NTB: perf: Fix support for hardware that doesn't have port numbers
NTB: perf: Fix race condition when run with ntb_test
NTB: ntb_test: Fix bug when counting remote files
drivers/perf: hisi: Fix wrong value for all counters enable
selftests/net: in timestamping, strncpy needs to preserve null byte
afs: Fix memory leak in afs_put_sysnames()
ASoC: core: only convert non DPCM link to DPCM link
ASoC: Intel: bytcr_rt5640: Add quirk for Toshiba Encore WT10-A tablet
ASoC: rt5645: Add platform-data for Asus T101HA
drm/sun4i: hdmi ddc clk: Fix size of m divider
scsi: acornscsi: Fix an error handling path in acornscsi_probe()
x86/idt: Keep spurious entries unset in system_vectors
net/filter: Permit reading NET in load_bytes_relative when MAC not set
xdp: Fix xsk_generic_xmit errno
usb/xhci-plat: Set PM runtime as active on resume
usb: host: ehci-platform: add a quirk to avoid stuck
usb/ehci-platform: Set PM runtime as active on resume
perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events()
ext4: stop overwrite the errcode in ext4_setup_super
bcache: fix potential deadlock problem in btree_gc_coalesce
afs: Fix non-setting of mtime when writing into mmap
afs: afs_write_end() should change i_size under the right lock
block: Fix use-after-free in blkdev_get()
arm64: hw_breakpoint: Don't invoke overflow handler on uaccess watchpoints
libata: Use per port sync for detach
drm: encoder_slave: fix refcouting error for modules
drm/dp_mst: Reformat drm_dp_check_act_status() a bit
drm/qxl: Use correct notify port address when creating cursor ring
drm/amdgpu: Replace invalid device ID with a valid device ID
selinux: fix double free
ext4: fix partial cluster initialization when splitting extent
ext4: avoid race conditions when remounting with options that change dax
drm/dp_mst: Increase ACT retry timeout to 3s
x86/boot/compressed: Relax sed symbol type regex for LLVM ld.lld
block: nr_sects_write(): Disable preemption on seqcount write
mtd: rawnand: Pass a nand_chip object to nand_scan()
mtd: rawnand: Pass a nand_chip object to nand_release()
mtd: rawnand: diskonchip: Fix the probe error path
mtd: rawnand: sharpsl: Fix the probe error path
mtd: rawnand: xway: Fix the probe error path
mtd: rawnand: orion: Fix the probe error path
mtd: rawnand: oxnas: Add of_node_put()
mtd: rawnand: oxnas: Fix the probe error path
mtd: rawnand: socrates: Fix the probe error path
mtd: rawnand: plat_nand: Fix the probe error path
mtd: rawnand: mtk: Fix the probe error path
mtd: rawnand: tmio: Fix the probe error path
s390: fix syscall_get_error for compat processes
drm/i915: Whitelist context-local timestamp in the gen9 cmdparser
drm/i915/icl+: Fix hotplug interrupt disabling after storm detection
crypto: algif_skcipher - Cap recv SG list at ctx->used
crypto: algboss - don't wait during notifier callback
kprobes: Fix to protect kick_kprobe_optimizer() by kprobe_mutex
e1000e: Do not wake up the system via WOL if device wakeup is disabled
net: octeon: mgmt: Repair filling of RX ring
kretprobe: Prevent triggering kretprobe from within kprobe_flush_task
sched/rt, net: Use CONFIG_PREEMPTION.patch
net: core: device_rename: Use rwsem instead of a seqcount
Revert "dpaa_eth: fix usage as DSA master, try 3"
md: add feature flag MD_FEATURE_RAID0_LAYOUT
kvm: x86: Move kvm_set_mmio_spte_mask() from x86.c to mmu.c
kvm: x86: Fix reserved bits related calculation errors caused by MKTME
KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated
Linux 4.19.130
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8fff23470852b747c3d75461b45f9d77460062d3
Fixes I23ce9e34fa25ae596298b4c03a7b36dd71adba68, which disabled incfs
only for arm64. Disable it for x86 too.
Bug: 156527199
Change-Id: I1926fab17a8ba6bfab299a683138390cad133611
Signed-off-by: Alistair Delva <adelva@google.com>
[ Upstream commit 6129ed877d409037b79866327102c9dc59a302fe ]
Set the mmio_value to '0' instead of simply clearing the present bit to
squash a benign warning in kvm_mmu_set_mmio_spte_mask() that complains
about the mmio_value overlapping the lower GFN mask on systems with 52
bits of PA space.
Opportunistically clean up the code and comments.
Cc: stable@vger.kernel.org
Fixes: d43e2675e96fc ("KVM: x86: only do L1TF workaround on affected processors")
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
Message-Id: <20200527084909.23492-1-sean.j.christopherson@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit f3ecb59dd49f1742b97df6ba071aaa3d031154ac ]
Intel MKTME repurposes several high bits of physical address as 'keyID'
for memory encryption thus effectively reduces platform's maximum
physical address bits. Exactly how many bits are reduced is configured
by BIOS. To honor such HW behavior, the repurposed bits are reduced from
cpuinfo_x86->x86_phys_bits when MKTME is detected in CPU detection.
Similarly, AMD SME/SEV also reduces physical address bits for memory
encryption, and cpuinfo->x86_phys_bits is reduced too when SME/SEV is
detected, so for both MKTME and SME/SEV, boot_cpu_data.x86_phys_bits
doesn't hold physical address bits reported by CPUID anymore.
Currently KVM treats bits from boot_cpu_data.x86_phys_bits to 51 as
reserved bits, but it's not true anymore for MKTME, since MKTME treats
those reduced bits as 'keyID', but not reserved bits. Therefore
boot_cpu_data.x86_phys_bits cannot be used to calculate reserved bits
anymore, although we can still use it for AMD SME/SEV since SME/SEV
treats the reduced bits differently -- they are treated as reserved
bits, the same as other reserved bits in page table entity [1].
Fix by introducing a new 'shadow_phys_bits' variable in KVM x86 MMU code
to store the effective physical bits w/o reserved bits -- for MKTME,
it equals to physical address reported by CPUID, and for SME/SEV, it is
boot_cpu_data.x86_phys_bits.
Note that for the physical address bits reported to guest should remain
unchanged -- KVM should report physical address reported by CPUID to
guest, but not boot_cpu_data.x86_phys_bits. Because for Intel MKTME,
there's no harm if guest sets up 'keyID' bits in guest page table (since
MKTME only works at physical address level), and KVM doesn't even expose
MKTME to guest. Arguably, for AMD SME/SEV, guest is aware of SEV thus it
should adjust boot_cpu_data.x86_phys_bits when it detects SEV, therefore
KVM should still reports physcial address reported by CPUID to guest.
Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 7b6f8a06e482960ba6ab06faba51c8f3727a5c7b ]
As a prerequisite to fix several SPTE reserved bits related calculation
errors caused by MKTME, which requires kvm_set_mmio_spte_mask() to use
local static variable defined in mmu.c.
Also move call site of kvm_set_mmio_spte_mask() from kvm_arch_init() to
kvm_mmu_module_init() so that kvm_set_mmio_spte_mask() can be static.
Reviewed-by: Sean Christopherson <sean.j.christopherson@intel.com>
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 9b38cc704e844e41d9cf74e647bff1d249512cb3 ]
Ziqian reported lockup when adding retprobe on _raw_spin_lock_irqsave.
My test was also able to trigger lockdep output:
============================================
WARNING: possible recursive locking detected
5.6.0-rc6+ #6 Not tainted
--------------------------------------------
sched-messaging/2767 is trying to acquire lock:
ffffffff9a492798 (&(kretprobe_table_locks[i].lock)){-.-.}, at: kretprobe_hash_lock+0x52/0xa0
but task is already holding lock:
ffffffff9a491a18 (&(kretprobe_table_locks[i].lock)){-.-.}, at: kretprobe_trampoline+0x0/0x50
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&(kretprobe_table_locks[i].lock));
lock(&(kretprobe_table_locks[i].lock));
*** DEADLOCK ***
May be due to missing lock nesting notation
1 lock held by sched-messaging/2767:
#0: ffffffff9a491a18 (&(kretprobe_table_locks[i].lock)){-.-.}, at: kretprobe_trampoline+0x0/0x50
stack backtrace:
CPU: 3 PID: 2767 Comm: sched-messaging Not tainted 5.6.0-rc6+ #6
Call Trace:
dump_stack+0x96/0xe0
__lock_acquire.cold.57+0x173/0x2b7
? native_queued_spin_lock_slowpath+0x42b/0x9e0
? lockdep_hardirqs_on+0x590/0x590
? __lock_acquire+0xf63/0x4030
lock_acquire+0x15a/0x3d0
? kretprobe_hash_lock+0x52/0xa0
_raw_spin_lock_irqsave+0x36/0x70
? kretprobe_hash_lock+0x52/0xa0
kretprobe_hash_lock+0x52/0xa0
trampoline_handler+0xf8/0x940
? kprobe_fault_handler+0x380/0x380
? find_held_lock+0x3a/0x1c0
kretprobe_trampoline+0x25/0x50
? lock_acquired+0x392/0xbc0
? _raw_spin_lock_irqsave+0x50/0x70
? __get_valid_kprobe+0x1f0/0x1f0
? _raw_spin_unlock_irqrestore+0x3b/0x40
? finish_task_switch+0x4b9/0x6d0
? __switch_to_asm+0x34/0x70
? __switch_to_asm+0x40/0x70
The code within the kretprobe handler checks for probe reentrancy,
so we won't trigger any _raw_spin_lock_irqsave probe in there.
The problem is in outside kprobe_flush_task, where we call:
kprobe_flush_task
kretprobe_table_lock
raw_spin_lock_irqsave
_raw_spin_lock_irqsave
where _raw_spin_lock_irqsave triggers the kretprobe and installs
kretprobe_trampoline handler on _raw_spin_lock_irqsave return.
The kretprobe_trampoline handler is then executed with already
locked kretprobe_table_locks, and first thing it does is to
lock kretprobe_table_locks ;-) the whole lockup path like:
kprobe_flush_task
kretprobe_table_lock
raw_spin_lock_irqsave
_raw_spin_lock_irqsave ---> probe triggered, kretprobe_trampoline installed
---> kretprobe_table_locks locked
kretprobe_trampoline
trampoline_handler
kretprobe_hash_lock(current, &head, &flags); <--- deadlock
Adding kprobe_busy_begin/end helpers that mark code with fake
probe installed to prevent triggering of another kprobe within
this code.
Using these helpers in kprobe_flush_task, so the probe recursion
protection check is hit and the probe is never set to prevent
above lockup.
Link: http://lkml.kernel.org/r/158927059835.27680.7011202830041561604.stgit@devnote2
Fixes: ef53d9c5e4 ("kprobes: improve kretprobe scalability with hashed locking")
Cc: Ingo Molnar <mingo@kernel.org>
Cc: "Gustavo A . R . Silva" <gustavoars@kernel.org>
Cc: Anders Roxell <anders.roxell@linaro.org>
Cc: "Naveen N . Rao" <naveen.n.rao@linux.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: David Miller <davem@davemloft.net>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: stable@vger.kernel.org
Reported-by: "Ziqian SUN (Zamir)" <zsun@redhat.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit bc310baf2ba381c648983c7f4748327f17324562 upstream.
The final build stage of the x86 kernel captures some symbol
addresses from the decompressor binary and copies them into zoffset.h.
It uses sed with a regular expression that matches the address, symbol
type and symbol name, and mangles the captured addresses and the names
of symbols of interest into #define directives that are added to
zoffset.h
The symbol type is indicated by a single letter, which we match
strictly: only letters in the set 'ABCDGRSTVW' are matched, even
though the actual symbol type is relevant and therefore ignored.
Commit bc7c9d620 ("efi/libstub/x86: Force 'hidden' visibility for
extern declarations") made a change to the way external symbol
references are classified, resulting in 'startup_32' now being
emitted as a hidden symbol. This prevents the use of GOT entries to
refer to this symbol via its absolute address, which recent toolchains
(including Clang based ones) already avoid by default, making this
change a no-op in the majority of cases.
However, as it turns out, the LLVM linker classifies such hidden
symbols as symbols with static linkage in fully linked ELF binaries,
causing tools such as NM to output a lowercase 't' rather than an upper
case 'T' for the type of such symbols. Since our sed expression only
matches upper case letters for the symbol type, the line describing
startup_32 is disregarded, resulting in a build error like the following
arch/x86/boot/header.S:568:18: error: symbol 'ZO_startup_32' can not be
undefined in a subtraction expression
init_size: .long (0x00000000008fd000 - ZO_startup_32 +
(((0x0000000001f6361c + ((0x0000000001f6361c >> 8) + 65536)
- 0x00000000008c32e5) + 4095) & ~4095)) # kernel initialization size
Given that we are only interested in the value of the symbol, let's match
any character in the set 'a-zA-Z' instead.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Tested-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 1f1fbc70c10e81f70e9fbe2102d439c883269811 ]
With commit dc20b2d526 ("x86/idt: Move interrupt gate initialization to
IDT code") non assigned system vectors are also marked as used in
'used_vectors' (now 'system_vectors') bitmap. This makes checks in
arch_show_interrupts() whether a particular system vector is allocated to
always pass and e.g. 'Hyper-V reenlightenment interrupts' entry always
shows up in /proc/interrupts.
Another side effect of having all unassigned system vectors marked as used
is that irq_matrix_debug_show() will wrongly count them among 'System'
vectors.
As it is now ensured that alloc_intr_gate() is not called after init, it is
possible to leave unused entries in 'system_vectors' unset to fix these
issues.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20200428093824.1451532-4-vkuznets@redhat.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit de308d1815c9e8fe602a958c5c76142ff6501d75 ]
The commit
c84cb3735fd5 ("x86/apic: Move TSC deadline timer debug printk")
removed the message which said that the deadline timer was enabled.
It added a pr_debug() message which is issued when deadline timer
validation succeeds.
Well, issued only when CONFIG_DYNAMIC_DEBUG is enabled - otherwise
pr_debug() calls get optimized away if DEBUG is not defined in the
compilation unit.
Therefore, make the above message pr_info() so that it is visible in
dmesg.
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200525104218.27018-1-bp@alien8.de
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit e2ac07c06058ae2d58b45bbf2a2a352771d76fcb ]
Since the purgatory is a special stand-alone binary, various profiling
and sanitizing options must be disabled. Having these options enabled
typically will cause dependencies on various special symbols exported by
special libs / stubs used by these frameworks. Since the purgatory is
special, it is not linked against these stubs causing missing symbols in
the purgatory if these options are not disabled.
Sync the set of disabled profiling and sanitizing options with that from
drivers/firmware/efi/libstub/Makefile, adding
-DDISABLE_BRANCH_PROFILING to the CFLAGS and setting:
GCOV_PROFILE := n
UBSAN_SANITIZE := n
This fixes broken references to ftrace_likely_update() when
CONFIG_TRACE_BRANCH_PROFILING is enabled and to __gcov_init() and
__gcov_exit() when CONFIG_GCOV_KERNEL is enabled.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20200317130841.290418-1-hdegoede@redhat.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
Compress the kernel with lz4 instead of gzip. On x86 this must be
controlled explicitly by kbuild, as decompressor code is prepended
to the compressed kernel artifact.
On arm64 this option is not needed as "make Image.lz4" can be used
instead, or the Image can be compressed in a separate step.
Bug: 150391496
Change-Id: I2d0ce7f937f2a952b4310f53c8b03dc8d721b050
Signed-off-by: Alistair Delva <adelva@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7wXf4ACgkQONu9yGCS
aT6rDBAAg6jIYJhhb9lpK59hpMxNsaFnPfXdA3Z6qARqH7iIQa9TTP9JF5eFndS0
+2wV8t/8Nz/3BWq9NQAF525QJdqyY6Ahcj5QQXzIzEZyb/p5fRVCBOUcBP7uaBCu
gdORR7OhHI9+7aGLr05Svb7pVWPLi0Mk5vjvthEIkojEOIREGuGlERRZNlL1SN3y
cYDBCCJtD2XiuhyZNLNxtwE/2/d/1xuIG7T3VRDS6oBtqfOXdsy5xoU9lpbbmZQg
s1i3cjWgxEYjJOJqONwzfUSu9Zj4GUZfLTx3gtXG7iEiuUfEw3ljEvIrqSqtNxB5
aTysoOu4MSdJTALHkA7Szhk2Q8Pecmo+NdKLfgMCxAWwIEbn1X9seea7QC5M5/lr
Q1z150M2+Lcs6z9I/vR+vmPh9YKn1yGV4RbTeMXwiQLlWcRh7vh7jN+YJvrpmJSL
BGbsRLB02J4i58CLW7n2rgeq5ycO41bJeWdXSSZjJg7KiZMvuD7mnDv1nUoj3Ad0
lFxgfBRYYZzGCe53xLBXKnjua1lxp8rStUK4iotqkXyhaZqHo0J52okDxSqbP4VZ
DYMfgyiFDufITd7l7qK5H6OeWQJ2IPtaude0HiMQf00bdOIrIsl+xXCtFHo6kx6z
VxwFUAUZWIKZT9ZWo2DNmbbDSRmij3Pqm6ZiakDSPT+kZFqvkBo=
=u5pA
-----END PGP SIGNATURE-----
Merge 4.19.129 into android-4.19-stable
Changes in 4.19.129
ipv6: fix IPV6_ADDRFORM operation logic
net_failover: fixed rollback in net_failover_open()
bridge: Avoid infinite loop when suppressing NS messages with invalid options
vxlan: Avoid infinite loop when suppressing NS messages with invalid options
tun: correct header offsets in napi frags mode
selftests: bpf: fix use of undeclared RET_IF macro
make 'user_access_begin()' do 'access_ok()'
Fix 'acccess_ok()' on alpha and SH
arch/openrisc: Fix issues with access_ok()
x86: uaccess: Inhibit speculation past access_ok() in user_access_begin()
lib: Reduce user_access_begin() boundaries in strncpy_from_user() and strnlen_user()
btrfs: merge btrfs_find_device and find_device
btrfs: Detect unbalanced tree with empty leaf before crashing btree operations
crypto: talitos - fix ECB and CBC algs ivsize
Input: mms114 - fix handling of mms345l
ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
sched/fair: Don't NUMA balance for kthreads
Input: synaptics - add a second working PNP_ID for Lenovo T470s
drivers/net/ibmvnic: Update VNIC protocol version reporting
powerpc/xive: Clear the page tables for the ESB IO mapping
ath9k_htc: Silence undersized packet warnings
RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
x86/cpu/amd: Make erratum #1054 a legacy erratum
perf probe: Accept the instance number of kretprobe event
mm: add kvfree_sensitive() for freeing sensitive data objects
aio: fix async fsync creds
btrfs: tree-checker: Check level for leaves and nodes
x86_64: Fix jiffies ODR violation
x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
x86/speculation: Prevent rogue cross-process SSBD shutdown
x86/reboot/quirks: Add MacBook6,1 reboot quirk
efi/efivars: Add missing kobject_put() in sysfs entry creation error path
ALSA: es1688: Add the missed snd_card_free()
ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
ALSA: usb-audio: Fix inconsistent card PM state after resume
ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock
ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
ACPI: GED: add support for _Exx / _Lxx handler methods
ACPI: PM: Avoid using power resources if there are none for D0
cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages
nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
spi: dw: Fix controller unregister order
spi: bcm2835aux: Fix controller unregister order
spi: bcm-qspi: when tx/rx buffer is NULL set to 0
PM: runtime: clk: Fix clk_pm_runtime_get() error path
crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated
ALSA: pcm: disallow linking stream to itself
x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned
KVM: x86: Fix APIC page invalidation race
kvm: x86: Fix L1TF mitigation for shadow MMU
KVM: x86/mmu: Consolidate "is MMIO SPTE" code
KVM: x86: only do L1TF workaround on affected processors
x86/speculation: Change misspelled STIPB to STIBP
x86/speculation: Add support for STIBP always-on preferred mode
x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS.
x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
spi: No need to assign dummy value in spi_unregister_controller()
spi: Fix controller unregister order
spi: pxa2xx: Fix controller unregister order
spi: bcm2835: Fix controller unregister order
spi: pxa2xx: Balance runtime PM enable/disable on error
spi: pxa2xx: Fix runtime PM ref imbalance on probe error
crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req()
crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req()
crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req()
selftests/net: in rxtimestamp getopt_long needs terminating null entry
ovl: initialize error in ovl_copy_xattr
proc: Use new_inode not new_inode_pseudo
video: fbdev: w100fb: Fix a potential double free.
KVM: nSVM: fix condition for filtering async PF
KVM: nSVM: leave ASID aside in copy_vmcb_control_area
KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data)
KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts
scsi: megaraid_sas: TM command refire leads to controller firmware crash
ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx
ath9k: Fix use-after-free Write in ath9k_htc_rx_msg
ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb
Smack: slab-out-of-bounds in vsscanf
drm/vkms: Hold gem object while still in-use
mm/slub: fix a memory leak in sysfs_slab_add()
fat: don't allow to mount if the FAT length == 0
perf: Add cond_resched() to task_function_call()
agp/intel: Reinforce the barrier after GTT updates
mmc: sdhci-msm: Clear tuning done flag while hs400 tuning
ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description
mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card()
xen/pvcalls-back: test for errors when calling backend_connect()
KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception
ACPI: GED: use correct trigger type field in _Exx / _Lxx handling
drm: bridge: adv7511: Extend list of audio sample rates
crypto: ccp -- don't "select" CONFIG_DMADEVICES
media: si2157: Better check for running tuner in init
objtool: Ignore empty alternatives
spi: pxa2xx: Apply CS clk quirk to BXT
net: atlantic: make hw_get_regs optional
net: ena: fix error returning in ena_com_get_hash_function()
efi/libstub/x86: Work around LLVM ELF quirk build regression
arm64: cacheflush: Fix KGDB trap detection
spi: dw: Zero DMA Tx and Rx configurations on stack
arm64: insn: Fix two bugs in encoding 32-bit logical immediates
ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K
MIPS: Loongson: Build ATI Radeon GPU driver as module
Bluetooth: Add SCO fallback for invalid LMP parameters error
kgdb: Disable WARN_CONSOLE_UNLOCKED for all kgdb
kgdb: Prevent infinite recursive entries to the debugger
spi: dw: Enable interrupts in accordance with DMA xfer mode
clocksource: dw_apb_timer: Make CPU-affiliation being optional
clocksource: dw_apb_timer_of: Fix missing clockevent timers
btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums
ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE
batman-adv: Revert "disable ethtool link speed detection when auto negotiation off"
mmc: meson-mx-sdio: trigger a soft reset after a timeout or CRC error
spi: dw: Fix Rx-only DMA transfers
x86/kvm/hyper-v: Explicitly align hcall param for kvm_hyperv_exit
net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss()
staging: android: ion: use vmap instead of vm_map_ram
brcmfmac: fix wrong location to get firmware feature
tools api fs: Make xxx__mountpoint() more scalable
e1000: Distribute switch variables for initialization
dt-bindings: display: mediatek: control dpi pins mode to avoid leakage
audit: fix a net reference leak in audit_send_reply()
media: dvb: return -EREMOTEIO on i2c transfer failure.
media: platform: fcp: Set appropriate DMA parameters
MIPS: Make sparse_init() using top-down allocation
Bluetooth: btbcm: Add 2 missing models to subver tables
audit: fix a net reference leak in audit_list_rules_send()
netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported
selftests/bpf: Fix memory leak in extract_build_id()
net: bcmgenet: set Rx mode before starting netif
lib/mpi: Fix 64-bit MIPS build with Clang
exit: Move preemption fixup up, move blocking operations down
sched/core: Fix illegal RCU from offline CPUs
drivers/perf: hisi: Fix typo in events attribute array
net: lpc-enet: fix error return code in lpc_mii_init()
media: cec: silence shift wrapping warning in __cec_s_log_addrs()
net: allwinner: Fix use correct return type for ndo_start_xmit()
powerpc/spufs: fix copy_to_user while atomic
xfs: clean up the error handling in xfs_swap_extents
Crypto/chcr: fix for ccm(aes) failed test
MIPS: Truncate link address into 32bit for 32bit kernel
mips: cm: Fix an invalid error code of INTVN_*_ERR
kgdb: Fix spurious true from in_dbg_master()
xfs: reset buffer write failure state on successful completion
xfs: fix duplicate verification from xfs_qm_dqflush()
platform/x86: intel-vbtn: Use acpi_evaluate_integer()
platform/x86: intel-vbtn: Split keymap into buttons and switches parts
platform/x86: intel-vbtn: Do not advertise switches to userspace if they are not there
platform/x86: intel-vbtn: Also handle tablet-mode switch on "Detachable" and "Portable" chassis-types
nvme: refine the Qemu Identify CNS quirk
ath10k: Remove msdu from idr when management pkt send fails
wcn36xx: Fix error handling path in 'wcn36xx_probe()'
net: qed*: Reduce RX and TX default ring count when running inside kdump kernel
mt76: avoid rx reorder buffer overflow
md: don't flush workqueue unconditionally in md_open
veth: Adjust hard_start offset on redirect XDP frames
net/mlx5e: IPoIB, Drop multicast packets that this interface sent
rtlwifi: Fix a double free in _rtl_usb_tx_urb_setup()
mwifiex: Fix memory corruption in dump_station
x86/boot: Correct relocation destination on old linkers
mips: MAAR: Use more precise address mask
mips: Add udelay lpj numbers adjustment
crypto: stm32/crc32 - fix ext4 chksum BUG_ON()
crypto: stm32/crc32 - fix run-time self test issue.
crypto: stm32/crc32 - fix multi-instance
x86/mm: Stop printing BRK addresses
m68k: mac: Don't call via_flush_cache() on Mac IIfx
btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup
macvlan: Skip loopback packets in RX handler
PCI: Don't disable decoding when mmio_always_on is set
MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe()
bcache: fix refcount underflow in bcache_device_free()
mmc: sdhci-msm: Set SDHCI_QUIRK_MULTIBLOCK_READ_ACMD12 quirk
staging: greybus: sdio: Respect the cmd->busy_timeout from the mmc core
mmc: via-sdmmc: Respect the cmd->busy_timeout from the mmc core
ixgbe: fix signed-integer-overflow warning
mmc: sdhci-esdhc-imx: fix the mask for tuning start point
spi: dw: Return any value retrieved from the dma_transfer callback
cpuidle: Fix three reference count leaks
platform/x86: hp-wmi: Convert simple_strtoul() to kstrtou32()
platform/x86: intel-hid: Add a quirk to support HP Spectre X2 (2015)
platform/x86: intel-vbtn: Only blacklist SW_TABLET_MODE on the 9 / "Laptop" chasis-type
string.h: fix incompatibility between FORTIFY_SOURCE and KASAN
btrfs: include non-missing as a qualifier for the latest_bdev
btrfs: send: emit file capabilities after chown
mm: thp: make the THP mapcount atomic against __split_huge_pmd_locked()
mm: initialize deferred pages with interrupts enabled
ima: Fix ima digest hash table key calculation
ima: Directly assign the ima_default_policy pointer to ima_rules
evm: Fix possible memory leak in evm_calc_hmac_or_hash()
ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max
ext4: fix error pointer dereference
ext4: fix race between ext4_sync_parent() and rename()
PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect
PCI: Avoid FLR for AMD Matisse HD Audio & USB 3.0
PCI: Avoid FLR for AMD Starship USB 3.0
PCI: Add ACS quirk for iProc PAXB
PCI: Add ACS quirk for Intel Root Complex Integrated Endpoints
PCI: Remove unused NFP32xx IDs
pci:ipmi: Move IPMI PCI class id defines to pci_ids.h
hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs
x86/amd_nb: Add PCI device IDs for family 17h, model 30h
PCI: add USR vendor id and use it in r8169 and w6692 driver
PCI: Move Synopsys HAPS platform device IDs
PCI: Move Rohm Vendor ID to generic list
misc: pci_endpoint_test: Add the layerscape EP device support
misc: pci_endpoint_test: Add support to test PCI EP in AM654x
PCI: Add Synopsys endpoint EDDA Device ID
PCI: Add NVIDIA GPU multi-function power dependencies
PCI: Enable NVIDIA HDA controllers
PCI: mediatek: Add controller support for MT7629
x86/amd_nb: Add PCI device IDs for family 17h, model 70h
ALSA: lx6464es - add support for LX6464ESe pci express variant
PCI: Add Genesys Logic, Inc. Vendor ID
PCI: Add Amazon's Annapurna Labs vendor ID
PCI: vmd: Add device id for VMD device 8086:9A0B
x86/amd_nb: Add Family 19h PCI IDs
PCI: Add Loongson vendor ID
serial: 8250_pci: Move Pericom IDs to pci_ids.h
PCI: Make ACS quirk implementations more uniform
PCI: Unify ACS quirk desired vs provided checking
PCI: Generalize multi-function power dependency device links
btrfs: fix error handling when submitting direct I/O bio
btrfs: fix wrong file range cleanup after an error filling dealloc range
ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init()
PCI: Program MPS for RCiEP devices
e1000e: Disable TSO for buffer overrun workaround
e1000e: Relax condition to trigger reset for ME workaround
carl9170: remove P2P_GO support
media: go7007: fix a miss of snd_card_free
Bluetooth: hci_bcm: fix freeing not-requested IRQ
b43legacy: Fix case where channel status is corrupted
b43: Fix connection problem with WPA3
b43_legacy: Fix connection problem with WPA3
media: ov5640: fix use of destroyed mutex
igb: Report speed and duplex as unknown when device is runtime suspended
power: vexpress: add suppress_bind_attrs to true
pinctrl: samsung: Correct setting of eint wakeup mask on s5pv210
pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs
gnss: sirf: fix error return code in sirf_probe()
sparc32: fix register window handling in genregs32_[gs]et()
sparc64: fix misuses of access_process_vm() in genregs32_[sg]et()
dm crypt: avoid truncating the logical block size
alpha: fix memory barriers so that they conform to the specification
kernel/cpu_pm: Fix uninitted local in cpu_pm
ARM: tegra: Correct PL310 Auxiliary Control Register initialization
ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus
ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin
ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
drivers/macintosh: Fix memleak in windfarm_pm112 driver
powerpc/64s: Don't let DT CPU features set FSCR_DSCR
powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
kbuild: force to build vmlinux if CONFIG_MODVERSION=y
sunrpc: svcauth_gss_register_pseudoflavor must reject duplicate registrations.
sunrpc: clean up properly in gss_mech_unregister()
mtd: rawnand: brcmnand: fix hamming oob layout
mtd: rawnand: pasemi: Fix the probe error path
w1: omap-hdq: cleanup to add missing newline for some dev_dbg
perf probe: Do not show the skipped events
perf probe: Fix to check blacklist address correctly
perf probe: Check address correctness by map instead of _etext
perf symbols: Fix debuginfo search for Ubuntu
Linux 4.19.129
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7b1108d90ee1109a28fe488a4358b7a3e101d9c9
Alexander Potapenko
Greg Kroah-Hartman
Will Deacon
Randy Dunlap
Jim Mattson
Thomas Gleixner
Jon Derrick
Jian Cai
Eric Dumazet
Sedat Dilek
Zhenzhong Duan
Wanpeng Li
Josh Poimboeuf
Joerg Roedel
Arnd Bergmann
Kevin Buettner
Diego Elio Pettenò
Martijn Coenen
Todd Kjos
Sean Christopherson
Paolo Bonzini
Peter Zijlstra
Matt Fleming
Xiaoyao Li
Dan Carpenter
Alistair Delva
Kai Huang
Jiri Olsa
Ard Biesheuvel
Vitaly Kuznetsov
Borislav Petkov
Hans de Goede