[PATCH 3.16 010/204] uwb: ensure that endpoint is interrupt

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Andrey Konovalov commit 70e743e4cec3733dc13559f6184b35d358b9ef3f upstream. hwarc_neep_init() assumes that endpoint 0 is interrupt, but there's no check for that, which results in a WARNING in

[PATCH 3.16 128/204] usb: hub: Allow reset retry for USB2 devices on connect bounce

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Mathias Nyman commit 1ac7db6db1eeff901bfd6bbcd502b4634fa4 upstream. If the connect status change is set during reset signaling, but the status remains connected just retry port reset. Thi

Re: [RFC PATCH v11 4/5] PCI / PM: Add support for the PCIe WAKE# signal for OF

On Thursday, December 28, 2017 5:51:34 PM CET Tony Lindgren wrote: > * Rafael J. Wysocki [171228 12:21]: > > On Thu, Dec 28, 2017 at 5:22 AM, Tony Lindgren wrote: > > > * Rafael J. Wysocki [171228 00:51]: > > >> On Wed, Dec 27, 2017 at 4:08 PM, Tony Lindgren wrote: > > >> > * Rafael J. Wysocki

[PATCH 3.16 137/204] ipsec: Fix aborted xfrm policy dump crash

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Ben Hutchings commit 1137b5e2529a8f5ca8ee709288ecba3e68044df2 upstream. This is a fix for CVE-2017-16939 suitable for older stable branches. The upstream fix is commit 1137b5e2529a8f5ca8ee7092

[PATCH 3.16 177/204] MIPS: AR7: Ensure that serial ports are properly set up

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Oswald Buddenhagen commit b084116f8587b222a2c5ef6dcd846f40f24b9420 upstream. Without UPF_FIXED_TYPE, the data from the PORT_AR7 uart_config entry is never copied, resulting in a dead port. Fi

Re: [PATCH 0/4] Address error and recovery for AER and DPC

On Wed, Dec 27, 2017 at 02:20:18AM -0800, Oza Pawandeep wrote: > DPC should enumerate the devices after recovering the link, which is > achieved by implementing error_resume callback. Wouldn't that race with the link-up event that pciehp currently handles?

[PATCH 3.16 130/204] can: gs_usb: fix busy loop if no more TX context is available

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Wolfgang Grandegger commit 97819f943063b622eca44d3644067c190dc75039 upstream. If sending messages with no cable connected, it quickly happens that there is no more TX context available. Then "

[PATCH 3.16 119/204] tun: call dev_get_valid_name() before register_netdevice()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Cong Wang commit 0ad646c81b2182f7fa67ec0c8c825e0ee165696d upstream. register_netdevice() could fail early when we have an invalid dev name, in which case ->ndo_uninit() is not called. For tun

[PATCH 3.16 151/204] l2tp: hold tunnel in pppol2tp_connect()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Guillaume Nault commit f9e56baf03f9d36043a78f16e3e8b2cfd211e09e upstream. Use l2tp_tunnel_get() in pppol2tp_connect() to ensure the tunnel isn't going to disappear while processing the rest of

[PATCH 3.16 092/204] lsm: fix smack_inode_removexattr and xattr_getsecurity memleak

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Casey Schaufler commit 57e7ba04d422c3d41c8426380303ec9b7533ded9 upstream. security_inode_getsecurity() provides the text string value of a security attribute. It does not provide a "secctx". T

[PATCH 3.16 133/204] pci_ids: Add PCI device IDs for F15h M60h

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Aravind Gopalakrishnan commit 4cbbdb51cc921f95978360fd7a0652d493dadc3e upstream. Add F3, F4 device IDs to be used in amd_nb.c and amd64_edac.c Signed-off-by: Aravind Gopalakrishnan Acked-by:

[PATCH 3.16 124/204] ALSA: hda: Remove superfluous '-' added by printk conversion

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Takashi Iwai commit 6bf88a343db2b3c160edf9b82a74966b31cc80bd upstream. While converting the error messages to the standard macros in the commit 4e76a8833fac ("ALSA: hda - Replace with standard

[PATCH 3.16 087/204] sh: sh7264: remove nonexistent GPIO_PH[0-7] to fix pinctrl registration

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Geert Uytterhoeven commit eae3df7e82318d798f45dedf111e241805ec7a4a upstream. Pinmux_pins[] is initialized through PINMUX_GPIO(), using designated array initializers, where the GPIO_* enums ser

[PATCH 3.16 135/204] x86/amd_nb: Add Fam17h Data Fabric as "Northbridge"

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Yazen Ghannam commit b791c6b6a55c402367cc544f54921074253db061 upstream. AMD Fam17h uses a Data Fabric component instead of a traditional Northbridge. However, the DF is similar to a NB in that

[PATCH 3.16 161/204] KEYS: trusted: fix writing past end of buffer in trusted_read()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Biggers commit a3c812f7cfd80cf51e8f5b7034f7418f6beb56c1 upstream. When calling keyctl_read() on a key of type "trusted", if the user-supplied buffer was too small, the kernel ignored the

[PATCH 3.16 122/204] usb: cdc_acm: Add quirk for Elatec TWN3

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Maksim Salau commit 765fb2f181cad669f2beb87842a05d8071f2be85 upstream. Elatec TWN3 has the union descriptor on data interface. This results in failure to bind the device to the driver with the

[PATCH 3.16 040/204] SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Steve French commit 1013e760d10e614dc10b5624ce9fc41563ba2e65 upstream. Signed-off-by: Steve French Reviewed-by: Ronnie Sahlberg Reviewed-by: Pavel Shilovsky Signed-off-by: Ben Hutchings --

[PATCH 3.16 047/204] KEYS: don't revoke uninstantiated key in request_key_auth_new()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Biggers commit f7b48cf08fa63a68b59c2894806ee478216d7f91 upstream. If key_instantiate_and_link() were to fail (which fortunately isn't possible currently), the call to key_revoke(authkey)

[PATCH 3.16 157/204] tun/tap: sanitize TUNSETSNDBUF input

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Craig Gallek commit 93161922c658c714715686cd0cf69b090cb9bf1d upstream. Syzkaller found several variants of the lockup below by setting negative values with the TUNSETSNDBUF ioctl. This patch

[PATCH 3.16 045/204] staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack.

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Stefan Popa commit f790923f146140a261ad211e5baf75d169f16fb2 upstream. Depends on: 691c4b95d1 ("iio: ad_sigma_delta: Implement a dedicated reset function") SPI host drivers can use DMA to tra

[PATCH 3.16 071/204] packet: only test po->has_vnet_hdr once in packet_snd

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Willem de Bruijn commit da7c9561015e93d10fe6aab73e9288e0d09d65a6 upstream. Packet socket option po->has_vnet_hdr can be updated concurrently with other operations if no ring is attached. Do n

[PATCH 3.16 025/204] crypto: talitos - Don't provide setkey for non hmac hashing algs.

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: LEROY Christophe commit 56136631573baa537a15e0012055ffe8cfec1a33 upstream. Today, md5sum fails with error -ENOKEY because a setkey function is set for non hmac hashing algs, see strace output

[PATCH 3.16 192/204] mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: "Kirill A. Shutemov" commit a8f97366452ed491d13cf1e44241bc0b5740b1f0 upstream. Currently, we unconditionally make page table dirty in touch_pmd(). It may result in false-positive can_follow_wr

[PATCH 3.16 120/204] scsi: zfcp: fix erp_action use-before-initialize in REC action trace

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Steffen Maier commit ab31fd0ce65ec93828b617123792c1bb7c6dcc42 upstream. v4.10 commit 6f2ce1c6af37 ("scsi: zfcp: fix rport unblock race with LUN recovery") extended accessing parent pointer fie

[PATCH 3.16 129/204] can: esd_usb2: Fix can_dlc value for received RTR, frames

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Stefan Mätje commit 72d92e865d1560723e1957ee3f393688c49ca5bf upstream. The dlc member of the struct rx_msg contains also the ESD_RTR flag to mark received RTR frames. Without the fix the can_d

[PATCH 3.16 179/204] can: c_can: don't indicate triple sampling support for D_CAN

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Richard Schütz commit fb5f0b3ef69b95e665e4bbe8a3de7201f09f1071 upstream. The D_CAN controller doesn't provide a triple sampling mode, so don't set the CAN_CTRLMODE_3_SAMPLES flag in ctrlmode_s

[PATCH 3.16 086/204] sh: sh7757: remove nonexistent GPIO_PT[JLNQ]7_RESV to fix pinctrl registration

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Geert Uytterhoeven commit d8ce38f69843a56da044e56b6c16aecfbc3c6e39 upstream. Commit 3810e96056ff ("sh: modify pinmux for SH7757 2nd cut") renamed GPIO_PT[JLNQ]7 to GPIO_PT[JLNQ]7_RESV, and rem

Re: [PATCH 5/7] MIPS: jz4780: dts: Fix watchdog node

Hi Paul, On Thu, Dec 28, 2017 at 5:29 PM, Paul Cercueil wrote: > - The previous node requested a memory area of 0x100 bytes, while the > driver only manipulates four registers present in the first 0x10 bytes. > > - The driver requests for the "rtc" clock, but the previous node did not > provi

[PATCH 3.16 051/204] KEYS: prevent creating a different user's keyrings

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Biggers commit 237bbd29f7a049d310d907f4b2716a7feef9abf3 upstream. It was possible for an unprivileged user to create the user and user session keyrings for another user. For example:

[PATCH 3.16 178/204] rbd: use GFP_NOIO for parent stat and data requests

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Ilya Dryomov commit 1e37f2f84680fa7f8394fd444b6928e334495ccc upstream. rbd_img_obj_exists_submit() and rbd_img_obj_parent_read_full() are on the writeback path for cloned images -- we attempt

[PATCH 3.16 073/204] arm64: fault: Route pte translation faults via do_translation_fault

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Will Deacon commit 760bfb47c36a07741a089bf6a28e854ffbee7dc9 upstream. We currently route pte translation faults via do_page_fault, which elides the address check against TASK_SIZE before invok

[PATCH 3.16 057/204] btrfs: prevent to set invalid default subvolid

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: satoru takeuchi commit 6d6d282932d1a609e60dc4467677e0e863682f57 upstream. `btrfs sub set-default` succeeds to set an ID which isn't corresponding to any fs/file tree. If such the bad ID is set

[PATCH 3.16 131/204] sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Xin Long commit 1cc276cec9ec574d41cf47dfc0f51406b6f26ab4 upstream. Now sctp processes icmp redirect packet in sctp_icmp_redirect where it calls sctp_transport_dst_check in which tp->dst can be

[PATCH 3.16 059/204] vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Alexey Kodanev commit 36f6ee22d2d66046e369757ec6bbe1c482957ba6 upstream. When running LTP IPsec tests, KASan might report: BUG: KASAN: use-after-free in vti_tunnel_xmit+0xeee/0xff0 [ip_vti] R

[PATCH 3.16 043/204] iio: ad7793: Fix the serial interface reset

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Dragos Bogdan commit 7ee3b7ebcb74714df6d94c8f500f307e1ee5dda5 upstream. The serial interface can be reset by writing 32 consecutive 1s to the device. 'ret' was initialized correctly but its va

[PATCH 3.16 022/204] powerpc/sysrq: Fix oops whem ppmu is not registered

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Ravi Bangoria commit 4917fcb58cc73f6b81455e3c5f960144809ddf1a upstream. Kernel crashes if power pmu is not registered and user tries to dump regs with 'echo p > /proc/sysrq-trigger'. Sample lo

[PATCH 3.16 090/204] mm/memory_hotplug: define find_{smallest|biggest}_section_pfn as unsigned long

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: YASUAKI ISHIMATSU commit d09b0137d204bebeaafed672bc5a244e9ac92edb upstream. find_{smallest|biggest}_section_pfn()s find the smallest/biggest section and return the pfn of the section. But the

[PATCH 3.16 024/204] crypto: talitos - fix sha224

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: LEROY Christophe commit afd62fa26343be6445479e75de9f07092a061459 upstream. Kernel crypto tests report the following error at startup [2.752626] alg: hash: Test 4 failed for sha224-talitos

[PATCH 3.16 091/204] Smack: remove unneeded NULL-termination from securtity label

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Konstantin Khlebnikov commit da1b63566c469bf3e2b24182114422e16b1aa34c upstream. Values of extended attributes are stored as binary blobs. NULL-termination of them isn't required. It just waste

[PATCH 3.16 098/204] crypto: shash - Fix zero-length shash ahash digest crash

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Herbert Xu commit b61907bb42409adf9b3120f741af7c57dd7e3db2 upstream. The shash ahash digest adaptor function may crash if given a zero-length input together with a null SG list. This is becau

[PATCH 3.16 033/204] Input: uinput - avoid crash when sending FF request to device going away

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Torokhov commit 6b4877c7bdc6ae39ce03716df7caeecf204697eb upstream. If FF request comes in while uinput device is going away, uinput_request_send() will fail with -ENODEV, and uinput_req

[PATCH 3.16 067/204] USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Alan Stern commit f16443a034c7aa359ddf6f0f9bc40d01ca31faea upstream. Using the syzkaller kernel fuzzer, Andrey Konovalov generated the following error in gadgetfs: > BUG: KASAN: use-after-fre

[PATCH 3.16 055/204] PCI: Fix race condition with driver_override

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Nicolai Stange commit 9561475db680f7144d2223a409dd3d7e322aca03 upstream. The driver_override implementation is susceptible to a race condition when different threads are reading vs. storing a

[PATCH 3.16 021/204] tcp: fastopen: fix on syn-data transmit failure

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet commit b5b7db8d680464b1d631fd016f5e093419f0bfd9 upstream. Our recent change exposed a bug in TCP Fastopen Client that syzkaller found right away [1] When we prepare skb with SYN+

[PATCH 3.16 104/204] ALSA: caiaq: Fix stray URB at probe error path

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Takashi Iwai commit 99fee508245825765ff60155fed43f970ff83a8f upstream. caiaq driver doesn't kill the URB properly at its error path during the probe, which may lead to a use-after-free error l

[PATCH 3.16 186/204] Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Al Viro commit 71bb99a02b32b4cc4265118e85f6035ca72923f0 upstream. same story as cmtp Signed-off-by: Al Viro Signed-off-by: Marcel Holtmann Signed-off-by: Ben Hutchings --- net/bluetooth/b

[PATCH 3.16 053/204] IB/mlx5: Simplify mlx5_ib_cont_pages

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Ilya Lesokhin commit d67bc5d4e3e100d762c0f57ea67f28bc219698a6 upstream. The patch simplifies mlx5_ib_cont_pages and fixes the following issues in the original implementation: First issues is

Re: [PATCH 2/4] PCI/DPC/AER: Address Concurrency between AER and DPC

: https://github.com/0day-ci/linux/commits/Oza-Pawandeep/Address-error-and-recovery-for-AER-and-DPC/20171228-222058 config: arm64-defconfig (attached as .config) compiler: aarch64-linux-gnu-gcc (Debian 7.2.0-11) 7.2.0 reproduce: wget https://raw.githubusercontent.com/intel/lkp-tests

[PATCH 3.16 030/204] powerpc/pseries: Fix parent_dn reference leak in add_dt_node()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Tyrel Datwyler commit b537ca6fede69a281dc524983e5e633d79a10a08 upstream. A reference to the parent device node is held by add_dt_node() for the node to be added. If the call to dlpar_configure

[PATCH 3.16 052/204] IB/mlx5: Fix the size parameter to find_first_bit

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Christophe Jaillet commit fffd68734dc685e208e86d8c5f6522cd695a8d60 upstream. The 2nd parameter of 'find_first_bit' is the number of bits to search. In this case, we are passing 'sizeof(tmp)' w

[PATCH 3.16 126/204] Input: ti_am335x_tsc - fix incorrect step config for 5 wire touchscreen

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Jeff Lance commit cf5dd48907bebaefdb43a8ca079be77e8da2cb20 upstream. Step config setting for 5 wire touchscreen is incorrect for Y coordinates. It was broken while we moved to DT. If you look

[PATCH 3.16 036/204] USB: gadgetfs: fix copy_to_user while holding spinlock

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Alan Stern commit 6e76c01e71551cb221c1f3deacb9dcd9a7346784 upstream. The gadgetfs driver as a long-outstanding FIXME, regarding a call of copy_to_user() made while holding a spinlock. This pa

[PATCH 3.16 028/204] cifs: release auth_key.response for reconnect.

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Shu Wang commit f5c4ba816315d3b813af16f5571f86c8d4e897bd upstream. There is a race that cause cifs reconnect in cifs_mount, - cifs_mount - cifs_get_tcp_session - [ start thread cifs_demu

[PATCH 3.16 085/204] sh: sh7722: remove nonexistent GPIO_PTQ7 to fix pinctrl registration

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Geert Uytterhoeven commit b78412b8300a8453b78d2c1b0b925b66493bb011 upstream. Patch series "sh: sh7722/sh7757i/sh7264/sh7269: Fix pinctrl registration", v2. Magnus Damm reported that on sh7722

[PATCH 3.16 084/204] kernel/params.c: align add_sysfs_param documentation with code

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Jean Delvare commit 630cc2b30a42c70628368a412beb4a5e5dd71abe upstream. This parameter is named kp, so the documentation should use that. Fixes: 9b473de87209 ("param: Fix duplicate module pref

[PATCH 3.16 094/204] netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet commit e466af75c074e76107ae1cd5a2823e9c61894ffb upstream. syzkaller reports an out of bound read in strlcpy(), triggered by xt_copy_counters_from_user() Fix this by using memcpy(

Re: IRQ behaivour has been changed from v4.14 to v4.15-rc1

On Thu, 2017-12-28 at 18:21 +0100, Thomas Gleixner wrote: > On Thu, 28 Dec 2017, Shevchenko, Andriy wrote: > > > Hi! > > > > Experimenting with AtomISP (yes, code is ugly and MSI handling > > rather > > hackish, though...). > > > > So, with v4.14 base: > > > > [ 33.639224] atomisp-isp2 :0

[PATCH 3.16 099/204] direct-io: Prevent NULL pointer access in submit_page_section

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Andreas Gruenbacher commit 899f0429c7d3eed886406cd72182bee3b96aa1f9 upstream. In the code added to function submit_page_section by commit b1058b981, sdio->bio can currently be NULL when callin

[PATCH 3.16 029/204] SMB: Validate negotiate (to protect against downgrade) even if signing off

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Steve French commit 0603c96f3af50e2f9299fa410c224ab1d465e0f9 upstream. As long as signing is supported (ie not a guest user connection) and connection is SMB3 or SMB3.02, then validate negotia

[PATCH 3.16 142/204] SMB: fix validate negotiate info uninitialised memory use

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: David Disseldorp commit a2d9daad1d2dfbd307ab158044d1c323d7babbde upstream. An undersize validate negotiate info server response causes the client to use uninitialised memory for struct validat

[PATCH 3.16 088/204] sh: sh7269: remove nonexistent GPIO_PH[0-7] to fix pinctrl registration

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Geert Uytterhoeven commit d9d73e81fe82fdf4ee65a48c26531edc04108349 upstream. Pinmux_pins[] is initialized through PINMUX_GPIO(), using designated array initializers, where the GPIO_* enums ser

[PATCH 3.16 149/204] x86/uaccess, sched/preempt: Verify access_ok() context

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Peter Zijlstra commit 7c4788950ba5922fde976d80b72baf46f14dee8d upstream. I recently encountered wreckage because access_ok() was used where it should not be, add an explicit WARN when access_o

[PATCH 3.16 049/204] KEYS: fix key refcount leak in keyctl_read_key()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Biggers commit 7fc0786d956d9e59b68d282be9b156179846ea3d upstream. In keyctl_read_key(), if key_permission() were to return an error code other than EACCES, we would leak a the reference t

Re: [RFC PATCH v11 4/5] PCI / PM: Add support for the PCIe WAKE# signal for OF

On Thu, Dec 28, 2017 at 6:29 PM, Rafael J. Wysocki wrote: > On Thursday, December 28, 2017 5:51:34 PM CET Tony Lindgren wrote: >> * Rafael J. Wysocki [171228 12:21]: >> > On Thu, Dec 28, 2017 at 5:22 AM, Tony Lindgren wrote: >> > > * Rafael J. Wysocki [171228 00:51]: >> > >> On Wed, Dec 27, 201

[PATCH 3.16 023/204] ARM: dts: da850-evm: add serial and ethernet aliases

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Sekhar Nori commit ce21574ad1922b403198ee664c4dff276f514f1d upstream. Add aliases for serial and ethernet nodes. Serial aliases help keep order of tty nodes fixed and ethernet alias is used by

[PATCH 3.16 038/204] USB: g_mass_storage: Fix deadlock when driver is unbound

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Alan Stern commit 1fbbb78f25d1291274f320462bf6908906f538db upstream. As a holdover from the old g_file_storage gadget, the g_mass_storage legacy gadget driver attempts to unregister itself whe

[PATCH 3.16 140/204] fuse: fix READDIRPLUS skipping an entry

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Miklos Szeredi commit c6cdd51404b7ac12dd95173ddfc548c59ecf037f upstream. Marios Titas running a Haskell program noticed a problem with fuse's readdirplus: when it is interrupted by a signal, i

[PATCH 3.16 127/204] parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: John David Anglin commit 374b3bf8e8b519f61eb9775888074c6e46b3bf0c upstream. As discussed on the debian-hppa list, double-wordcompare and exchange operations fail on 32-bit kernels. Looking at

[PATCH 3.16 118/204] net: enable interface alias removal via rtnl

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Nicolas Dichtel commit 2459b4c635858094df78abb9ca87d99f89fe8ca5 upstream. IFLA_IFALIAS is defined as NLA_STRING. It means that the minimal length of the attribute is 1 ("\0"). However, to remo

Re: IRQ behaivour has been changed from v4.14 to v4.15-rc1

On Thu, 28 Dec 2017, Andy Shevchenko wrote: > On Thu, 2017-12-28 at 18:21 +0100, Thomas Gleixner wrote: > > > [ 85.167061] spurious APIC interrupt through vector ff on CPU#0, > > > should never happen. > > > [ 85.199886] atomisp-isp2 :00:03.0: stream[0] started. > > > > > > and Ctrl+C does

[PATCH 3.16 145/204] SMB3: Validate negotiate request must always be signed

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Steve French commit 4587eee04e2ac7ac3ac9fa2bc164fb6e548f99cd upstream. According to MS-SMB2 3.2.55 validate_negotiate request must always be signed. Some Windows can fail the request if you se

[PATCH 3.16 026/204] usb: gadget: dummy: fix nonsensical comparisons

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Arnd Bergmann commit 7661ca09b2ff98f48693f431bb01fed62830e433 upstream. gcc-8 points out two comparisons that are clearly bogus and almost certainly not what the author intended to write: dri

[PATCH 3.16 054/204] security/keys: properly zero out sensitive key material in big_key

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: "Jason A. Donenfeld" commit 910801809b2e40a4baedd080ef5d80b4a180e70e upstream. Error paths forgot to zero out sensitive material, so this patch changes some kfrees into a kzfrees. Signed-off-

[PATCH 3.16 062/204] vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Andreas Gruenbacher commit fc46820b27a2d9a46f7e90c9ceb4a64a1bc5fab8 upstream. In generic_file_llseek_size, return -ENXIO for negative offsets as well as offsets beyond EOF. This affects files

[PATCH 3.16 044/204] iio: core: Return error for failed read_reg

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Matt Fornero commit 3d62c78a6eb9a7d67bace9622b66ad51e81c5f9b upstream. If an IIO device returns an error code for a read access via debugfs, it is currently ignored by the IIO core (other than

[PATCH 3.16 050/204] KEYS: fix writing past end of user-supplied buffer in keyring_read()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Biggers commit e645016abc803dafc75e4b8f6e4118f088900ffb upstream. Userspace can call keyctl_read() on a keyring to get the list of IDs of keys in the keyring. But if the user-supplied bu

[PATCH 3.16 194/204] security: let security modules use PTRACE_MODE_* with bitmasks

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Jann Horn commit 3dfb7d8cdbc7ea0c2970450e60818bb3eefbad69 upstream. It looks like smack and yama weren't aware that the ptrace mode can have flags ORed into it - PTRACE_MODE_NOAUDIT until now,

[PATCH 3.16 147/204] ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Xin Long commit f8d20b46ce55cf40afb30dcef6d9288f7ef46d9b upstream. The similar fix in patch 'ipip: only increase err_count for some certain type icmp in ipip_err' is needed for ip6gre_err. In

[PATCH 3.16 089/204] mm/memory_hotplug: change pfn_to_section_nr/section_nr_to_pfn macro to inline function

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: YASUAKI ISHIMATSU commit 1dd2bfc86818ddbc95f98e312e7704350223fd7d upstream. pfn_to_section_nr() and section_nr_to_pfn() are defined as macro. pfn_to_section_nr() has no issue even if it is def

Re: [PATCH 2/7] watchdog: jz4740: Use devm_* functions

On 12/28/2017 08:29 AM, Paul Cercueil wrote: - Use devm_clk_get instead of clk_get - Use devm_watchdog_register_device instead of watchdog_register_device Signed-off-by: Paul Cercueil --- drivers/watchdog/jz4740_wdt.c | 27 --- 1 file changed, 8 insertions(+), 19 dele

[PATCH 3.16 100/204] more bio_map_user_iov() leak fixes

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Al Viro commit 2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058 upstream. we need to take care of failure exit as well - pages already in bio should be dropped by analogue of bio_unmap_pages(), since

[PATCH 3.16 081/204] ALSA: usx2y: Suppress kernel warning at page allocation failures

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Takashi Iwai commit 7682e399485fe19622b6fd82510b1f4551e48a25 upstream. The usx2y driver allocates the stream read/write buffers in continuous pages depending on the stream setup, and this may

[PATCH 3.16 042/204] iio: ad_sigma_delta: Implement a dedicated reset function

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Dragos Bogdan commit 7fc10de8d49a748c476532c9d8e8fe19e548dd67 upstream. Since most of the SD ADCs have the option of reseting the serial interface by sending a number of SCLKs with CS = 0 and

[PATCH 3.16 146/204] ip6_gre: Reduce log level in ip6gre_err() to debug

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Matt Bennett commit a46496ce38eeb401344d5623c1960dbf2f1769be upstream. Currently error log messages in ip6gre_err are printed at 'warn' level. This is different to most other tunnel types whic

[PATCH 3.16 039/204] IB/ocrdma: fix incorrect fall-through on switch statement

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Colin Ian King commit 06564f60859bdf7e73d70ae35d7e285e96ae9c46 upstream. In the case where mbox_status is OCRDMA_MBX_STATUS_FAILED and add_status is OCRDMA_MBX_STATUS_FAILED err_num is assigne

[PATCH 3.16 077/204] udp: perform source validation for mcast early demux

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Paolo Abeni commit bc044e8db7962e727a75b591b9851ff2ac5cf846 upstream. The UDP early demux can leverate the rx dst cache even for multicast unconnected sockets. In such scenario the ipv4 sourc

Re: PROBLEM: 4.15.0-rc3 APIC causes lockups on Core 2 Duo laptop

No; it seems to be tied to this specific issue, and I was seeing even before getting logs just now, whenever I'd start one of the bad kernels in recovery mode. But no, I've never seen that in any other logs, or on any other screens outside of those popping up in relation to this problem. On Thu,

[PATCH 3.16 072/204] sched/sysctl: Check user input value of sysctl_sched_time_avg

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Ethan Zhao commit 5ccba44ba118a500050076b0344632459779 upstream. System will hang if user set sysctl_sched_time_avg to 0: [root@XXX ~]# sysctl kernel.sched_time_avg_ms=0 Stack traceb

[PATCH 3.16 116/204] l2tp: check ps->sock before running pppol2tp_session_ioctl()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Guillaume Nault commit 5903f594935a3841137c86b9d5b75143a5b7121c upstream. When pppol2tp_session_ioctl() is called by pppol2tp_tunnel_ioctl(), the session may be unconnected. That is, it was cr

[PATCH 3.16 132/204] arm/arm64: KVM: set right LR register value for 32 bit guest when inject abort

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Dongjiu Geng commit fd6c8c206fc5d0717b0433b191de0715122f33bb upstream. When a exception is trapped to EL2, hardware uses ELR_ELx to hold the current fault instruction address. If KVM wants to

[PATCH 3.16 123/204] usb: quirks: add quirk for WORLDE MINI MIDI keyboard

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Felipe Balbi commit 2811501e6d8f5747d08f8e25b9ecf472d0dc4c7d upstream. This keyboard doesn't implement Get String descriptors properly even though string indexes are valid. What happens is tha

[PATCH 3.16 125/204] x86/microcode/intel: Disable late loading on model 79

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Borislav Petkov commit 723f2828a98c8ca19842042f418fb30dd8cfc0f7 upstream. Blacklist Broadwell X model 79 for late loading due to an erratum. Signed-off-by: Borislav Petkov Acked-by: Tony Luc

[PATCH 3.2 69/94] tcp: fix tcp_mtu_probe() vs highest_sack

3.2.97-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet commit 2b7cda9c35d3b940eb9ce74b30bbd5eb30db493d upstream. Based on SNMP values provided by Roman, Yuchung made the observation that some crashes in tcp_sacktag_walk() might be caus

[PATCH 3.16 121/204] usb: xhci: Handle error condition in xhci_stop_device()

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Mayank Rana commit b3207c65dfafae27e7c492cb9188c0dc0eeaf3fd upstream. xhci_stop_device() calls xhci_queue_stop_endpoint() multiple times without checking the return value. xhci_queue_stop_endp

[PATCH 3.16 117/204] USB: serial: metro-usb: add MS7820 device id

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Johan Hovold commit 31dc3f819bac28a0990b36510197560258ab7421 upstream. Add device-id entry for (Honeywell) Metrologic MS7820 bar code scanner. The device has two interfaces (in this mode?); a

[PATCH 3.16 105/204] scsi: libiscsi: fix shifting of DID_REQUEUE host byte

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Johannes Thumshirn commit eef9ffdf9cd39b2986367bc8395e2772bc1284ba upstream. The SCSI host byte should be shifted left by 16 in order to have scsi_decide_disposition() do the right thing (.i.e

[PATCH 3.16 115/204] fs/mpage.c: fix mpage_writepage() for pages with buffers

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Matthew Wilcox commit f892760aa66a2d657deaf59538fb69433036767c upstream. When using FAT on a block device which supports rw_page, we can hit BUG_ON(!PageLocked(page)) in try_to_free_buffers().

[PATCH 3.16 101/204] USB: dummy-hcd: Fix deadlock caused by disconnect detection

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Alan Stern commit ab219221a5064abfff9f78c323c4a257b16cdb81 upstream. The dummy-hcd driver calls the gadget driver's disconnect callback under the wrong conditions. It should invoke the callba

[PATCH 3.16 114/204] include/linux/of.h: provide of_n_{addr,size}_cells wrappers for !CONFIG_OF

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Arnd Bergmann commit 8a1ac5dc7be09883051b1bf89a5e57d7ad850fa5 upstream. The pci-rcar driver is enabled for compile tests, and this has shown that the driver cannot build without CONFIG_OF, fol

[PATCH 3.16 095/204] ALSA: seq: Fix copy_from_user() call inside lock

3.16.52-rc1 review patch. If anyone has any objections, please let me know. -- From: Takashi Iwai commit 5803b023881857db32ffefa0d269c90280a67ee0 upstream. The event handler in the virmidi sequencer code takes a read-lock for the linked list traverse, while it's calling snd_se

  1   2   3   4   5   6   7   8   9   >