[PATCH 4.4 20/47] drbd: fix access after free

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Lars Ellenberg commit 64dafbc9530c10300acffc57fae3269d95fa8f93 upstream. We have struct drbd_requests { ... struct bio *private_bio; ... } to hold a bio clone for local submission. On local

[PATCH 4.4 26/47] ext4: verify the depth of extent tree in ext4_find_extent()

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bc890a60247171294acc0bd67d211fa4b88d40ba upstream. If there is a corupted file system where the claimed depth of the extent tree is -1, this can cause a massive buffer over

[PATCH 4.4 27/47] ext4: include the illegal physical block in the bad map ext4_error msg

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bdbd6ce01a70f02e9373a584d0ae9538dcf0a121 upstream. Signed-off-by: Theodore Ts'o Cc: sta...@kernel.org Signed-off-by: Greg Kroah-Hartman --- fs/ext4/inode.c |4 ++--

[PATCH 4.4 05/47] staging: android: ion: Return an ERR_PTR in ion_map_kernel

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Laura Abbott commit 0a2bc00341dcfcc793c0dbf4f8d43adf60458b05 upstream. The expected return value from ion_map_kernel is an ERR_PTR. The error path for a vmalloc failure currently just returns N

[PATCH 4.4 00/47] 4.4.140-stable review

This is the start of the stable review cycle for the 4.4.140 release. There are 47 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Jul 12 18:23:24 UTC 2018. Anything receiv

[PATCH 4.4 06/47] n_tty: Access echo_* variables carefully.

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Tetsuo Handa commit ebec3f8f5271139df618ebdf8427e24ba102ba94 upstream. syzbot is reporting stalls at __process_echoes() [1]. This is because since ldata->echo_commit < ldata->echo_tail becomes

[PATCH 4.4 04/47] n_tty: Fix stall at n_tty_receive_char_special().

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Tetsuo Handa commit 3d63b7e4ae0dc5e02d28ddd2fa1f945defc68d81 upstream. syzbot is reporting stalls at n_tty_receive_char_special() [1]. This is because comparison is not working as expected sinc

[PATCH 4.4 03/47] USB: serial: cp210x: add Silicon Labs IDs for Windows Update

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Karoly Pados commit 2f839823382748664b643daa73f41ee0cc01ced6 upstream. Silicon Labs defines alternative VID/PID pairs for some chips that when used will automatically install drivers for Window

[PATCH 4.4 29/47] ext4: add more inode number paranoia checks

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit c37e9e013469521d9adb932d17a1795c139b36db upstream. If there is a directory entry pointing to a system inode (such as a journal inode), complain and declare the file system

Re: [PATCH v9 5/7] tracing: Centralize preemptirq tracepoints and unify their usage

On Tue, Jul 10, 2018 at 10:20:50AM -0400, Steven Rostedt wrote: > On Thu, 28 Jun 2018 11:21:47 -0700 > Joel Fernandes wrote: > > > diff --git a/kernel/trace/trace_preemptirq.c > > b/kernel/trace/trace_preemptirq.c > > new file mode 100644 > > index ..dc01c7f4d326 > > --- /dev/null >

[PATCH 4.4 07/47] x86/boot: Fix early command-line parsing when matching at end

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Dave Hansen commit 02afeaae9843733a39cd9b11053748b2d1dc5ae7 upstream. The x86 early command line parsing in cmdline_find_option_bool() is buggy. If it matches a specified 'option' all the way t

[PATCH 4.4 40/47] dm bufio: drop the lock when doing GFP_NOIO allocation

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 41c73a49df31151f4ff868f28fe4f129f113fa2c upstream. If the first allocation attempt using GFP_NOWAIT fails, drop the lock and retry using GFP_NOIO allocation (lock is drop

[PATCH 4.4 39/47] dm bufio: avoid sleeping while holding the dm_bufio lock

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Douglas Anderson commit 9ea61cac0b1ad0c09022f39fd97e9b99a2cfc2dc upstream. We've seen in-field reports showing _lots_ (18 in one case, 41 in another) of tasks all sitting there blocked on: m

[PATCH 4.4 38/47] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Vlastimil Babka commit 7810e6781e0fcbca78b91cf65053f895bf59e85f upstream. In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. T

[PATCH 4.4 41/47] mtd: rawnand: mxc: set spare area size register explicitly

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Martin Kaiser commit 3f77f244d8ec28e3a0a81240ffac7d626390060c upstream. The v21 version of the NAND flash controller contains a Spare Area Size Register (SPAS) at offset 0x10. Its setting defau

[PATCH 4.4 09/47] i2c: rcar: fix resume by always initializing registers before transfer

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Wolfram Sang commit ae481cc139658e89eb3ea671dd00b67bd87f01a3 upstream. Resume failed because of uninitialized registers. Instead of adding a resume callback, we simply initialize registers befo

Re: [PATCH v2 2/3] asm-generic: unistd.h: Wire up sys_rseq

Hi Arnd, On Mon, Jul 09, 2018 at 03:19:44PM +0100, Will Deacon wrote: > The new rseq call arrived in 4.18-rc1, so provide it in the asm-generic > unistd.h for architectures such as arm64. > > Cc: Arnd Bergmann > Signed-off-by: Will Deacon > --- > include/uapi/asm-generic/unistd.h | 4 +++- > 1

[PATCH 4.4 08/47] ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Vasanthakumar Thiagarajan commit 2f38c3c01de945234d23dd163e3528ccb413066d upstream. Chipset from QCA99X0 onwards (QCA99X0, QCA9984, QCA4019 & future) rx_hdr_status is not padded to align in 4-b

[PATCH 4.4 21/47] cifs: Fix infinite loop when using hard mount option

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Paulo Alcantara commit 7ffbe65578b44fafdef577a360eb0583929f7c6e upstream. For every request we send, whether it is SMB1 or SMB2+, we attempt to reconnect tcon (cifs_reconnect_tcon or smb2_recon

[PATCH 4.4 28/47] ext4: clear i_data in ext4_inode_info when removing inline data

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 6e8ab72a812396996035a37e5ca4b3b99b5d214b upstream. When converting from an inode from storing the data in-line to a data block, ext4_destroy_inline_data_nolock() was only c

[PATCH 4.4 46/47] netfilter: nf_log: dont hold nf_log_mutex during user access

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Jann Horn commit ce00bf07cc95a57cd20b208e02b3c2604e532ae8 upstream. The old code would indefinitely block other users of nf_log_mutex if a userspace access in proc_dostring() blocked e.g. due t

[PATCH 4.4 32/47] HID: i2c-hid: Fix "incomplete report" noise

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Jason Andryuk commit ef6eaf27274c0351f7059163918f3795da13199c upstream. Commit ac75a041048b ("HID: i2c-hid: fix size check and type usage") started writing messages when the ret_size is <= 2 fr

[PATCH 4.4 37/47] media: cx25840: Use subdev host data for PLL override

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Brad Love commit 3ee9bc12342cf546313d300808ff47d7dbb8e7db upstream. The cx25840 driver currently configures 885, 887, and 888 using default divisors for each chip. This check to see if the cx23

[PATCH 4.4 31/47] ext4: check superblock mapped prior to committing

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Jon Derrick commit a17712c8e4be4fa5404d20e9cd3b2b21eae7bc56 upstream. This patch attempts to close a hole leading to a BUG seen with hot removals during writes [1]. A block device (NVME namesp

[PATCH 4.9 11/52] kprobes/x86: Do not modify singlestep buffer while resuming

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Masami Hiramatsu commit 804dec5bda9b4fcdab5f67fe61db4a0498af5221 upstream. Do not modify singlestep execution buffer (kprobe.ainsn.insn) while resuming from single-stepping, instead, modifies t

[PATCH 4.4 33/47] HID: hiddev: fix potential Spectre v1

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit 4f65245f2d178b9cba48350620d76faa4a098841 upstream. uref->field_index, uref->usage_index, finfo.field_index and cinfo.index can be indirectly controlled by user-space,

Re: [PATCH] block: iolatency: avoid 64-bit division

On 7/10/18 9:21 AM, Arnd Bergmann wrote: > On 32-bit architectures, dividing a 64-bit number needs to use the > do_div() function or something like it to avoid a link failure: > > block/blk-iolatency.o: In function `iolatency_prfill_limit': > blk-iolatency.c:(.text+0x8cc): undefined reference to `

[PATCH 4.9 10/52] ipv4: Fix error return value in fib_convert_metrics()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Ben Hutchings The validation code modified by commit 5b5e7a0de2bb ("net: metrics: add proper netlink validation") is organised differently in older kernel versions. The fib_convert_metrics() fu

[PATCH 4.4 43/47] mtd: cfi_cmdset_0002: Change definition naming to retry write operation

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Tokunori Ikegami commit 85a82e28b023de9b259a86824afbd6ba07bd6475 upstream. The definition can be used for other program and erase operations also. So change the naming to MAX_RETRIES from MAX_W

[PATCH 4.4 45/47] mtd: cfi_cmdset_0002: Change erase functions to check chip good only

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Tokunori Ikegami commit 79ca484b613041ca223f74b34608bb6f5221724b upstream. Currently the functions use to check both chip ready and good. But the chip ready is not enough to check the operation

[PATCH 4.4 44/47] mtd: cfi_cmdset_0002: Change erase functions to retry for error

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Tokunori Ikegami commit 45f75b8a919a4255f52df454f1ffdee0e42443b2 upstream. For the word write functions it is retried for error. But it is not implemented to retry for the erase functions. To m

[PATCH 4.4 30/47] ext4: add more mount time checks of the superblock

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bfe0a5f47ada40d7984de67e59a7d3390b9b9ecc upstream. The kernel's ext4 mount-time checks were more permissive than e2fsprogs's libext2fs checks when opening a file system. T

[PATCH 4.9 01/52] usb: cdc_acm: Add quirk for Uniden UBC125 scanner

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Houston Yaroschoff commit 4a762569a2722b8a48066c7bacf0e1dc67d17fa1 upstream. Uniden UBC125 radio scanner has USB interface which fails to work with cdc_acm driver: usb 1-1.5: new full-speed U

[PATCH 4.9 12/52] netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Taehee Yoo commit adc972c5b88829d38ede08b1069718661c7330ae upstream. When depth of chain is bigger than NFT_JUMP_STACK_SIZE, the nft_do_chain crashes. But there is no need to crash hard here.

[PATCH 4.9 16/52] IB/hfi1: Fix user context tail allocation for DMA_RTAIL

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mike Marciniszyn commit 1bc0299d976e000ececc6acd76e33b4582646cb7 upstream. The following code fails to allocate a buffer for the tail address that the hardware DMAs into when the user context D

[PATCH 4.9 15/52] ARM: dts: imx6q: Use correct SDMA script for SPI5 core

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sean Nyekjaer commit df07101e1c4a29e820df02f9989a066988b160e6 upstream. According to the reference manual the shp_2_mcu / mcu_2_shp scripts must be used for devices connected through the SPBA.

[PATCH 4.4 36/47] x86/mce: Fix incorrect "Machine check from unknown source" message

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Tony Luck commit 40c36e2741d7fe1e66d6ec55477ba5fd19c9c5d2 upstream. Some injection testing resulted in the following console log: mce: [Hardware Error]: CPU 22: Machine Check Exception: f Ba

[PATCH 4.4 35/47] x86/mce: Detect local MCEs properly

4.4-stable review patch. If anyone has any objections, please let me know. -- From: Yazen Ghannam commit fead35c68926682c90c995f22b48f1c8d78865c1 upstream. Check the MCG_STATUS_LMCES bit on Intel to verify that current MCE is local. It is always local on AMD. Signed-off-by: Y

[PATCH 4.9 14/52] net: phy: micrel: fix crash when statistic requested for KSZ9031 phy

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Grygorii Strashko commit bfe72442578bb112626e476ffe1f276504d85b95 upstream. Now the command: ethtool --phy-statistics eth0 will cause system crash with meassage "Unable to handle kernel

[PATCH 4.9 13/52] Revert "sit: reload iphdr in ipip6_rcv"

4.9-stable review patch. If anyone has any objections, please let me know. -- From: David S. Miller commit f4eb17e1efe538d4da7d574bedb00a8dafcc26b7 upstream. This reverts commit b699d0035836f6712917a41e7ae58d84359b8ff9. As per Eric Dumazet, the pskb_may_pull() is a NOP in thi

[PATCH 4.9 21/52] scsi: sg: mitigate read/write abuse

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jann Horn commit 26b5b874aff5659a7e26e5b1997e3df2c41fa7fd upstream. As Al Viro noted in commit 128394eff343 ("sg_write()/bsg_write() is not fit to be called under KERNEL_DS"), sg improperly acc

[PATCH 4.9 17/52] x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Juergen Gross commit 74899d92e3dc7671a8017b3146dcd4735f3b upstream. Commit: 1f50ddb4f418 ("x86/speculation: Handle HT correctly on AMD") ... added speculative_store_bypass_ht_init() to

[PATCH 4.9 18/52] x86/cpu: Re-apply forced caps every time CPU caps are re-read

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Andy Lutomirski commit 60d3450167433f2d099ce2869dc52dd9e7dc9b29 upstream. Calling get_cpu_cap() will reset a bunch of CPU features. This will cause the system to lose track of force-set and fo

[PATCH 4.9 20/52] tracing: Fix missing return symbol in function_graph output

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Changbin Du commit 1fe4293f4b8de75824935f8d8e9a99c7fc6873da upstream. The function_graph tracer does not show the interrupt return marker for the leaf entry. On leaf entries, we see an unbalanc

[PATCH 4.9 02/52] USB: serial: cp210x: add CESINEL device ids

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Johan Hovold commit 24160628a34af962ac99f2f58e547ac3c4cbd26f upstream. Add device ids for CESINEL products. Reported-by: Carlos Barcala Lara Cc: stable Signed-off-by: Johan Hovold Signed-of

[PATCH 4.9 22/52] s390: Correct register corruption in critical section cleanup

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Christian Borntraeger commit 891f6a726cacbb87e5b06076693ffab53bd378d7 upstream. In the critical section cleanup we must not mess with r1. For march=z9 or older, larl + ex (instead of exrl) are

[PATCH 4.9 23/52] drbd: fix access after free

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Lars Ellenberg commit 64dafbc9530c10300acffc57fae3269d95fa8f93 upstream. We have struct drbd_requests { ... struct bio *private_bio; ... } to hold a bio clone for local submission. On local

[PATCH 4.9 19/52] mm: hugetlb: yield when prepping struct pages

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Cannon Matthews commit 520495fe96d74e05db585fc748351e0504d8f40d upstream. When booting with very large numbers of gigantic (i.e. 1G) pages, the operations in the loop of gather_bootmem_preallo

[PATCH 4.9 26/52] jbd2: dont mark block as modified if the handle is out of credits

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit e09463f220ca9a1a1ecfda84fcda658f99a1f12a upstream. Do not set the b_modified flag in block's journal head should not until after we're sure that jbd2_journal_dirty_metadat(

[PATCH 4.9 25/52] drm/udl: fix display corruption of the last line

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 99ec9e77511dea55d81729fc80b6c63a61bfa8e0 upstream. The displaylink hardware has such a peculiarity that it doesn't render a command until next command is received. This p

[PATCH 4.9 29/52] ext4: only look at the bg_flags field if it is valid

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 8844618d8aa7a9973e7b527d038a2a589665002c upstream. The bg_flags field in the block group descripts is only valid if the uninit_bg or metadata_csum feature is enabled. We w

[PATCH 4.9 24/52] cifs: Fix infinite loop when using hard mount option

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Paulo Alcantara commit 7ffbe65578b44fafdef577a360eb0583929f7c6e upstream. For every request we send, whether it is SMB1 or SMB2+, we attempt to reconnect tcon (cifs_reconnect_tcon or smb2_recon

[PATCH 4.9 27/52] ext4: make sure bitmaps and the inode table dont overlap with bg descriptors

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 77260807d1170a8cf35dbb06e07461a655f67eee upstream. It's really bad when the allocation bitmaps and the inode table overlap with the block group descriptors, since it causes

[PATCH 4.9 31/52] ext4: include the illegal physical block in the bad map ext4_error msg

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bdbd6ce01a70f02e9373a584d0ae9538dcf0a121 upstream. Signed-off-by: Theodore Ts'o Cc: sta...@kernel.org Signed-off-by: Greg Kroah-Hartman --- fs/ext4/inode.c |4 ++--

[PATCH 4.9 03/52] USB: serial: cp210x: add Silicon Labs IDs for Windows Update

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Karoly Pados commit 2f839823382748664b643daa73f41ee0cc01ced6 upstream. Silicon Labs defines alternative VID/PID pairs for some chips that when used will automatically install drivers for Window

[PATCH 4.9 30/52] ext4: verify the depth of extent tree in ext4_find_extent()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bc890a60247171294acc0bd67d211fa4b88d40ba upstream. If there is a corupted file system where the claimed depth of the extent tree is -1, this can cause a massive buffer over

[PATCH 4.9 04/52] usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub

4.9-stable review patch. If anyone has any objections, please let me know. -- From: William Wu commit 8760675932ddb614e83702117d36ea644050c609 upstream. The dwc2_get_ls_map() use ttport to reference into the bitmap if we're on a multi_tt hub. But the bitmaps index from 0 to (h

[PATCH 4.9 28/52] ext4: always check block group bounds in ext4_init_block_bitmap()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 819b23f1c501b17b9694325471789e6b5cc2d0d2 upstream. Regardless of whether the flex_bg feature is set, we should always check to make sure the bits we are setting in the bloc

[PATCH 4.9 05/52] n_tty: Fix stall at n_tty_receive_char_special().

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tetsuo Handa commit 3d63b7e4ae0dc5e02d28ddd2fa1f945defc68d81 upstream. syzbot is reporting stalls at n_tty_receive_char_special() [1]. This is because comparison is not working as expected sinc

[PATCH 4.9 06/52] n_tty: Access echo_* variables carefully.

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tetsuo Handa commit ebec3f8f5271139df618ebdf8427e24ba102ba94 upstream. syzbot is reporting stalls at __process_echoes() [1]. This is because since ldata->echo_commit < ldata->echo_tail becomes

[PATCH 4.9 07/52] staging: android: ion: Return an ERR_PTR in ion_map_kernel

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Laura Abbott commit 0a2bc00341dcfcc793c0dbf4f8d43adf60458b05 upstream. The expected return value from ion_map_kernel is an ERR_PTR. The error path for a vmalloc failure currently just returns N

[PATCH 4.9 33/52] ext4: add more inode number paranoia checks

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit c37e9e013469521d9adb932d17a1795c139b36db upstream. If there is a directory entry pointing to a system inode (such as a journal inode), complain and declare the file system

[PATCH 4.9 47/52] dm bufio: dont take the lock in dm_bufio_shrink_count

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit d12067f428c037b4575aaeb2be00847fc214c24a upstream. dm_bufio_shrink_count() is called from do_shrink_slab to find out how many freeable objects are there. The reported val

[PATCH 4.9 49/52] mtd: cfi_cmdset_0002: Change erase functions to retry for error

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tokunori Ikegami commit 45f75b8a919a4255f52df454f1ffdee0e42443b2 upstream. For the word write functions it is retried for error. But it is not implemented to retry for the erase functions. To m

[PATCH 4.9 00/52] 4.9.112-stable review

This is the start of the stable review cycle for the 4.9.112 release. There are 52 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Jul 12 18:24:30 UTC 2018. Anything receiv

[PATCH 4.9 34/52] ext4: add more mount time checks of the superblock

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bfe0a5f47ada40d7984de67e59a7d3390b9b9ecc upstream. The kernel's ext4 mount-time checks were more permissive than e2fsprogs's libext2fs checks when opening a file system. T

[PATCH 4.9 09/52] i2c: rcar: fix resume by always initializing registers before transfer

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Wolfram Sang commit ae481cc139658e89eb3ea671dd00b67bd87f01a3 upstream. Resume failed because of uninitialized registers. Instead of adding a resume callback, we simply initialize registers befo

[PATCH 4.9 43/52] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Vlastimil Babka commit 7810e6781e0fcbca78b91cf65053f895bf59e85f upstream. In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. T

[PATCH 4.9 52/52] staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Dan Carpenter commit 1376b0a2160319125c3a2822e8c09bd283cd8141 upstream. There is a '>' vs '<' typo so this loop is a no-op. Fixes: d35dcc89fc93 ("staging: comedi: quatech_daqp_cs: fix daqp_ao

[PATCH 4.9 35/52] ext4: check superblock mapped prior to committing

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jon Derrick commit a17712c8e4be4fa5404d20e9cd3b2b21eae7bc56 upstream. This patch attempts to close a hole leading to a BUG seen with hot removals during writes [1]. A block device (NVME namesp

[PATCH 4.9 46/52] mtd: rawnand: mxc: set spare area size register explicitly

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Martin Kaiser commit 3f77f244d8ec28e3a0a81240ffac7d626390060c upstream. The v21 version of the NAND flash controller contains a Spare Area Size Register (SPAS) at offset 0x10. Its setting defau

[PATCH 4.9 44/52] dm bufio: avoid sleeping while holding the dm_bufio lock

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Douglas Anderson commit 9ea61cac0b1ad0c09022f39fd97e9b99a2cfc2dc upstream. We've seen in-field reports showing _lots_ (18 in one case, 41 in another) of tasks all sitting there blocked on: m

[PATCH 4.9 45/52] dm bufio: drop the lock when doing GFP_NOIO allocation

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 41c73a49df31151f4ff868f28fe4f129f113fa2c upstream. If the first allocation attempt using GFP_NOWAIT fails, drop the lock and retry using GFP_NOIO allocation (lock is drop

[PATCH 4.9 48/52] mtd: cfi_cmdset_0002: Change definition naming to retry write operation

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tokunori Ikegami commit 85a82e28b023de9b259a86824afbd6ba07bd6475 upstream. The definition can be used for other program and erase operations also. So change the naming to MAX_RETRIES from MAX_W

[PATCH 4.9 51/52] netfilter: nf_log: dont hold nf_log_mutex during user access

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jann Horn commit ce00bf07cc95a57cd20b208e02b3c2604e532ae8 upstream. The old code would indefinitely block other users of nf_log_mutex if a userspace access in proc_dostring() blocked e.g. due t

[PATCH 4.9 50/52] mtd: cfi_cmdset_0002: Change erase functions to check chip good only

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tokunori Ikegami commit 79ca484b613041ca223f74b34608bb6f5221724b upstream. Currently the functions use to check both chip ready and good. But the chip ready is not enough to check the operation

[PATCH 4.9 42/52] media: cx25840: Use subdev host data for PLL override

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Brad Love commit 3ee9bc12342cf546313d300808ff47d7dbb8e7db upstream. The cx25840 driver currently configures 885, 887, and 888 using default divisors for each chip. This check to see if the cx23

Re: [PATCH 4.9 08/52] vt: prevent leaking uninitialized data to userspace via /dev/vcs*

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Alexander Potapenko commit 21eff690e766ca0ce445b477698dc6a9f55a upstream. KMSAN reported an infoleak when reading from /dev/vcs*: BUG: KMSAN: kernel-infoleak in vcs_read+0x1

[PATCH 4.14 00/53] 4.14.55-stable review

This is the start of the stable review cycle for the 4.14.55 release. There are 53 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Jul 12 18:24:36 UTC 2018. Anything receiv

[PATCH 4.9 41/52] Kbuild: fix # escaping in .cmd files for future Make

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Rasmus Villemoes commit 9564a8cf422d7b58f6e857e3546d346fa970191e upstream. I tried building using a freshly built Make (4.2.1-69-g8a731d1), but already the objtool build broke with orc_dump.c:

[PATCH 4.14 14/53] drm/udl: fix display corruption of the last line

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Mikulas Patocka commit 99ec9e77511dea55d81729fc80b6c63a61bfa8e0 upstream. The displaylink hardware has such a peculiarity that it doesn't render a command until next command is received. This

[PATCH] locking/rwsem: Take read lock immediate if empty queue with no writer

It was found that a constant stream of readers might cause the count to go negative most of the time after an initial trigger by a writer even if no writer was present afterward. As a result, most of the readers would have to go through the slowpath reducing their performance. To avoid that from h

[PATCH 4.9 39/52] HID: debug: check length before copy_to_user()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Daniel Rosenberg commit 717adfdaf14704fd3ec7fa2c04520c0723247eac upstream. If our length is greater than the size of the buffer, we overflow the buffer Cc: sta...@vger.kernel.org Signed-off-by

[PATCH 4.9 32/52] ext4: clear i_data in ext4_inode_info when removing inline data

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 6e8ab72a812396996035a37e5ca4b3b99b5d214b upstream. When converting from an inode from storing the data in-line to a data block, ext4_destroy_inline_data_nolock() was only c

[PATCH 4.9 40/52] PM / OPP: Update voltage in case freq == old_freq

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Waldemar Rymarkiewicz commit c5c2a97b3ac7d1ec19e7cff9e38caca6afefc3de upstream. This commit fixes a rare but possible case when the clk rate is updated without update of the regulator voltage.

[PATCH 4.9 36/52] mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Ido Schimmel Jiri Slaby noticed that the backport of upstream commit 25cc72a33835 ("mlxsw: spectrum: Forbid linking to devices that have uppers") to kernel 4.9.y introduced the same check twice

[PATCH 4.14 17/53] ext4: always verify the magic number in xattr blocks

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 513f86d73855ce556ea9522b6bfd79f87356dc3a upstream. If there an inode points to a block which is also some other type of metadata block (such as a block allocation bitmap),

[PATCH 4.9 38/52] HID: hiddev: fix potential Spectre v1

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit 4f65245f2d178b9cba48350620d76faa4a098841 upstream. uref->field_index, uref->usage_index, finfo.field_index and cinfo.index can be indirectly controlled by user-space,

[PATCH 4.9 37/52] HID: i2c-hid: Fix "incomplete report" noise

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jason Andryuk commit ef6eaf27274c0351f7059163918f3795da13199c upstream. Commit ac75a041048b ("HID: i2c-hid: fix size check and type usage") started writing messages when the ret_size is <= 2 fr

[PATCH 4.14 16/53] ext4: add corruption check in ext4_xattr_set_entry()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d upstream. In theory this should have been caught earlier when the xattr list was verified, but in case it got missed, it's simple

[PATCH 4.14 19/53] ext4: always check block group bounds in ext4_init_block_bitmap()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 819b23f1c501b17b9694325471789e6b5cc2d0d2 upstream. Regardless of whether the flex_bg feature is set, we should always check to make sure the bits we are setting in the blo

[PATCH 4.14 20/53] ext4: only look at the bg_flags field if it is valid

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 8844618d8aa7a9973e7b527d038a2a589665002c upstream. The bg_flags field in the block group descripts is only valid if the uninit_bg or metadata_csum feature is enabled. We

[PATCH 4.14 12/53] cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Stefano Brivio commit f46ecbd97f508e68a7806291a139499794874f3d upstream. A "small" CIFS buffer is not big enough in general to hold a setacl request for SMB2, and we end up overflowing the buf

[PATCH 4.14 18/53] ext4: make sure bitmaps and the inode table dont overlap with bg descriptors

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 77260807d1170a8cf35dbb06e07461a655f67eee upstream. It's really bad when the allocation bitmaps and the inode table overlap with the block group descriptors, since it cause

[PATCH 4.14 13/53] drm: Use kvzalloc for allocating blob property memory

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Michel Dänzer commit 718b5406cd76f1aa6434311241b7febf0e8571ff upstream. The property size may be controlled by userspace, can be large (I've seen failure with order 4, i.e. 16 pages / 64 KB) a

[PATCH 4.14 21/53] ext4: verify the depth of extent tree in ext4_find_extent()

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit bc890a60247171294acc0bd67d211fa4b88d40ba upstream. If there is a corupted file system where the claimed depth of the extent tree is -1, this can cause a massive buffer ove

[PATCH 4.14 03/53] tracing: Fix missing return symbol in function_graph output

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Changbin Du commit 1fe4293f4b8de75824935f8d8e9a99c7fc6873da upstream. The function_graph tracer does not show the interrupt return marker for the leaf entry. On leaf entries, we see an unbalan

[PATCH 4.14 25/53] ext4: avoid running out of journal credits when appending to an inline file

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 8bc1379b82b8e809eef77a9fedbb75c6c297be19 upstream. Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwi

[PATCH 4.14 24/53] ext4: never move the system.data xattr out of the inode body

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 8cdb5240ec5928b20490a2bb34cb87e9a5f40226 upstream. When expanding the extra isize space, we must never move the system.data xattr out of the inode body. For performance r

[PATCH 4.14 23/53] ext4: clear i_data in ext4_inode_info when removing inline data

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Theodore Ts'o commit 6e8ab72a812396996035a37e5ca4b3b99b5d214b upstream. When converting from an inode from storing the data in-line to a data block, ext4_destroy_inline_data_nolock() was only

<    1   2   3   4   5   6   7   8   9   10   >