[ Upstream commit 6a8ca24590a2136921439b376c926c11a6effc0e ]
phydm.internal is allocated using kzalloc which is used multiple
times without a check for NULL pointer. This patch avoids such a
scenario by returning 0, consistent with the failure case.
Signed-off-by: Aditya Pakki
Reviewed-by: Mukes
[ Upstream commit 05b7639da55fb9866a1f4b7e8995232a6323 ]
Otherwise, we hit bogus ENOENT when removing elements.
Fixes: e701001e7cbe ("netfilter: nft_rbtree: allow adjacent intervals with
dynamic updates")
Reported-by: Václav Zindulka
Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Sasha Le
[ Upstream commit 90cd9bed5adb3e3bd4d3ac4cbcecbc4a8028bbaf ]
Add depends on PCI for PCI_MT7621
Signed-off-by: Maxim Zhukov
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/staging/mt7621-pci/Kconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/driver
[ Upstream commit e166e4fdaced850bee3d5ee12a5740258fb30587 ]
Since Commit 21d1196a35f5 ("ipv4: set transport header earlier"),
skb->transport_header has been always set before entering INET
netfilter. This patch is to set skb->transport_header for bridge
before entering INET netfilter by bridge-nf
[ Upstream commit fcfc2aa0185f4a731d05a21e9f359968fdfd02e7 ]
There are a few system calls (pselect, ppoll, etc) which replace a task
sigmask while they are running in a kernel-space
When a task calls one of these syscalls, the kernel saves a current
sigmask in task->saved_sigmask and sets a sysca
[ Upstream commit 776e78677f514ecddd12dba48b9040958999bd5a ]
meson_drv_bind() registers a meson_drm struct as the device's privdata,
but meson_drv_unbind() tries to retrieve a drm_device. This may cause a
segfault on shutdown:
[ 5194.593429] Unable to handle kernel NULL pointer dereference at vir
[ Upstream commit 977c7a6d1e263ff1d755f28595b99e4bc0c48a9f ]
Since commit 1fb87b8e9599 ("perf machine: Don't search for active kernel
start in __machine__create_kernel_maps"), the __machine__create_kernel_maps()
just create a map what start and end are both zero. Though the address will be
updated
[ Upstream commit 6cf4511e9729c00a7306cf94085f9cc3c52ee723 ]
In case devm_kzalloc, the patch returns ENOMEM to avoid potential
NULL pointer dereference.
Signed-off-by: Kangjie Lu
Reviewed-by: Andrew Jeffery
Signed-off-by: Bartosz Golaszewski
Signed-off-by: Sasha Levin (Microsoft)
---
drivers
[ Upstream commit ebff0b0e3d3c862c16c487959db5e0d879632559 ]
We've become very cautious to now always reset the vcpu when nothing
is loaded on the physical CPU. To do so, we now disable preemption
and do a kvm_arch_vcpu_put() to make sure we have all the state
in memory (and that it won't be loade
[ Upstream commit e166e4fdaced850bee3d5ee12a5740258fb30587 ]
Since Commit 21d1196a35f5 ("ipv4: set transport header earlier"),
skb->transport_header has been always set before entering INET
netfilter. This patch is to set skb->transport_header for bridge
before entering INET netfilter by bridge-nf
[ Upstream commit 0c17e83fe423467e3ccf0a02f99bd050a73bbeb4 ]
The call to of_get_next_child returns a node pointer with refcount
incremented thus it must be explicitly decremented after the last
usage.
Detected by coccinelle with the following warnings:
./arch/arm/mach-imx/mach-imx51.c:64:2-8: ERR
[ Upstream commit 7221b727f0079a32aca91f657141e1de564d4b97 ]
The ucast IP table is utilized by some of the L3-specific sysfs attributes
that qeth_l3_create_device_attributes() provides. So initialize the table
_before_ registering the attributes.
Fixes: ebccc7397e4a ("s390/qeth: add missing hash
From: Paulo Alcantara
commit dfbd199a7cfe3e3cd8531e1353cdbd7175bfbc5e upstream.
When compiling genheaders and mdp from a newer host kernel, the
following error happens:
In file included from scripts/selinux/genheaders/genheaders.c:18:
./security/selinux/include/classmap.h:238:2: error:
From: Hans Verkuil
commit ed356f110403f6acc64dcbbbfdc38662ab9b06c2 upstream.
If CEC is not enabled for the vivid driver, then the adap pointer is NULL
and 'adap->phys_addr' will fail.
Cc: # for v4.12 and up
Signed-off-by: Hans Verkuil
Signed-off-by: Mauro Carvalho Chehab
[ Naresh: Fixed
[ Upstream commit be693df3cf9dd113ff1d2c0d8150199efdba37f6 ]
The call to ehea_get_eth_dn returns a node pointer with refcount
incremented thus it must be explicitly decremented after the last
usage.
Detected by coccinelle with the following warnings:
./drivers/net/ethernet/ibm/ehea/ehea_main.c:31
This is the start of the stable review cycle for the 4.19.39 release.
There are 72 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat 04 May 2019 02:32:17 PM UTC.
Anything rec
[ Upstream commit e166e4fdaced850bee3d5ee12a5740258fb30587 ]
Since Commit 21d1196a35f5 ("ipv4: set transport header earlier"),
skb->transport_header has been always set before entering INET
netfilter. This patch is to set skb->transport_header for bridge
before entering INET netfilter by bridge-nf
From: Paulo Alcantara
commit dfbd199a7cfe3e3cd8531e1353cdbd7175bfbc5e upstream.
When compiling genheaders and mdp from a newer host kernel, the
following error happens:
In file included from scripts/selinux/genheaders/genheaders.c:18:
./security/selinux/include/classmap.h:238:2: error:
[ Upstream commit daf5cc27eed99afdea8d96e71b89ba41f5406ef6 ]
free the symlink body after the same RCU delay we have for freeing the
struct inode itself, so that traversal during RCU pathwalk wouldn't step
into freed memory.
Signed-off-by: Al Viro
Reviewed-by: Jeff Layton
Signed-off-by: Ilya Dry
[ Upstream commit f276e002793cdb820862e8ea8f76769d56bba575 ]
if platform_driver_register fails, cleanup the allocated resource
gracefully.
Signed-off-by: Mukesh Ojha
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/usb/host/u132-hcd.c | 3 +++
1 file change
[ Upstream commit cd5afa91f078c0787be0a62b5ef90301c00b0271 ]
Both PCLK and HCLK are "required" clocks according to macb devicetree
documentation. There is a chance that devm_clk_get doesn't return a
negative error but just a NULL clock structure instead. In such a case
the driver proceeds as usual
[ Upstream commit c8206579175c34a2546de8a74262456278a7795a ]
If an incoming ELS of type RSCN contains more than one element, zfcp
suboptimally causes repeated erp trigger NOP trace records for each
previously failed port. These could be ports that went away. It loops over
each RSCN element, and f
[ Upstream commit 2795e8c251614ac0784c9d41008551109f665716 ]
In case alloc_ordered_workqueue fails, the fix releases
sources and returns -ENOMEM to avoid NULL pointer dereference.
Signed-off-by: Kangjie Lu
Acked-by: Michael Hennerich
Signed-off-by: Stefan Schmidt
Signed-off-by: Sasha Levin (Mi
On Wed, May 01, 2019 at 10:57:23AM -0500, Pierre-Louis Bossart wrote:
> SoundWire support will be provided in Linux with the Sound Open
> Firmware (SOF) on Intel platforms. Before we start adding the missing
> pieces, there are a number of warnings and style issues reported by
> checkpatch, cppchec
[ Upstream commit d268f31552794abf5b6aa5af31021643411f25f5 ]
The ks8851 driver currently requests the IRQ before registering the
net_device. Because the net_device name is used as IRQ name and is
still "eth%d" when the IRQ is requested, it's impossibe to tell IRQs
apart if multiple ks8851 chips a
[ Upstream commit 032f85c9360fb1a08385c584c2c4ed114b33c260 ]
Increase the reset duration to ensure correct phy functionality. The
reset duration is taken from barebox commit 52fdd510de ("ARM: dts:
pfla02: use long enough reset for ethernet phy"):
Use a longer reset time for ethernet phy Micrel
[ Upstream commit 032f85c9360fb1a08385c584c2c4ed114b33c260 ]
Increase the reset duration to ensure correct phy functionality. The
reset duration is taken from barebox commit 52fdd510de ("ARM: dts:
pfla02: use long enough reset for ethernet phy"):
Use a longer reset time for ethernet phy Micrel
From: Rafael J. Wysocki
commit 2c2a2fb1e2a9256714338875bede6b7cbd4b9542 upstream.
Revert commit c8b1917c8987 ("ACPICA: Clear status of GPEs before
enabling them") that causes problems with Thunderbolt controllers
to occur if a dock device is connected at init time (the xhci_hcd
and thunderbolt m
[ Upstream commit fe384e2fa36ca084a456fd3055875b4b3fbd ]
callers of tcf_gact_goto_chain_index() can potentially read an old value
of the chain index, or even dereference a NULL 'goto_chain' pointer,
because 'goto_chain' and 'tcfa_action' are read in the traffic path
without caring of concurren
[ Upstream commit 9624bafa5f6418b9ca5b3f66d1f6a6a2e8bf6d4c ]
The ks8851 chip's initial carrier state is down. A Link Change Interrupt
is signaled once interrupts are enabled if the carrier is up.
The ks8851 driver has it backwards by assuming that the initial carrier
state is up. The state is the
[ Upstream commit 7494cec6cb3ba7385a6a223b81906384f15aae34 ]
Calling kvm_is_visible_gfn() implies that we're parsing the memslots,
and doing this without the srcu lock is frown upon:
[12704.164532] =
[12704.164544] WARNING: suspicious RCU usage
[12704.164560] 5.1.0-rc1
[ Upstream commit daf5cc27eed99afdea8d96e71b89ba41f5406ef6 ]
free the symlink body after the same RCU delay we have for freeing the
struct inode itself, so that traversal during RCU pathwalk wouldn't step
into freed memory.
Signed-off-by: Al Viro
Reviewed-by: Jeff Layton
Signed-off-by: Ilya Dry
[ Upstream commit 9624bafa5f6418b9ca5b3f66d1f6a6a2e8bf6d4c ]
The ks8851 chip's initial carrier state is down. A Link Change Interrupt
is signaled once interrupts are enabled if the carrier is up.
The ks8851 driver has it backwards by assuming that the initial carrier
state is up. The state is the
This is the start of the stable review cycle for the 4.14.116 release.
There are 49 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat 04 May 2019 02:32:06 PM UTC.
Anything re
* Robert O'Callahan wrote:
> On Sat, Apr 27, 2019 at 10:46 PM Ingo Molnar wrote:
> > - A C language runtime that is a subset of current C syntax and
> >semantics used in the kernel, and which doesn't allow access outside
> >of existing objects and thus creates a strictly enforced sepa
[ Upstream commit 091dacc3cc10979ab0422f0a9f7fcc27eee97e69 ]
Restore the status of ep->stopped in function net2272_dequeue().
When the given request is not found in the endpoint queue
the function returns -EINVAL without restoring the state of
ep->stopped. Thus the endpoint keeps blocked and does
[ Upstream commit 90cd9bed5adb3e3bd4d3ac4cbcecbc4a8028bbaf ]
Add depends on PCI for PCI_MT7621
Signed-off-by: Maxim Zhukov
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/staging/mt7621-pci/Kconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/driver
[ Upstream commit fa3a419d2f674b431d38748cb58fb7da17ee8949 ]
The call to of_parse_phandle returns a node pointer with refcount
incremented thus it must be explicitly decremented after the last
usage.
Detected by coccinelle with the following warnings:
./drivers/net/ethernet/xilinx/xilinx_axienet_
[ Upstream commit f7299d441a4da8a5088e651ea55023525a793a13 ]
If the call to of_gpiochip_scan_gpios() in of_gpiochip_add() fails, no
error handling is performed. This lead to the need of callers to call
of_gpiochip_remove() on failure, which causes "BAD of_node_put() on ..."
if the failure happene
[ Upstream commit 92c77f7c4d5dfaaf45b2ce19360e69977c264766 ]
valid_phys_addr_range() is used to sanity check the physical address range
of an operation, e.g., access to /dev/mem. It uses __pa(high_memory)
internally.
If memory is populated at the end of the physical address space, then
__pa(high_
The PTE allocations in arm64 are identical to the generic ones modulo the
GFP flags.
Using the generic pte_alloc_one() functions ensures that the user page
tables are allocated with __GFP_ACCOUNT set.
The arm64 definition of PGALLOC_GFP is removed and replaced with
GFP_PGTABLE_USER for p[gum]d_al
[ Upstream commit 536d3680fd2dab5c39857d62a3e084198fc74ff9 ]
The ks8851 driver lets the chip auto-dequeue received packets once they
have been read in full. It achieves that by setting the ADRFE flag in
the RXQCR register ("Auto-Dequeue RXQ Frame Enable").
However if allocation of a packet's sock
[ Upstream commit 22c971db7dd4b0ad8dd88e99c407f7a1f4231a2e ]
Colin King reported a bug in read_bbreg_hdl():
memcpy(pcmd->rsp, (u8 *)&val, pcmd->rspsz);
The problem is that "val" is uninitialized.
This code is obviously not useful, but so far as I can tell
"pcmd->cmdcode" is never GEN_CM
[ Upstream commit 776e78677f514ecddd12dba48b9040958999bd5a ]
meson_drv_bind() registers a meson_drm struct as the device's privdata,
but meson_drv_unbind() tries to retrieve a drm_device. This may cause a
segfault on shutdown:
[ 5194.593429] Unable to handle kernel NULL pointer dereference at vir
From: Gustavo A. R. Silva
commit 61c59355e0154a938b28710dfa6c1d8be2ddcefa upstream.
_dev_ is being dereferenced before it is null checked, hence there
is a potential null pointer dereference.
Fix this by moving the pointer dereference after _dev_ has been null
checked.
Addresses-Coverity-ID: 1
[ Upstream commit ac0cdb3d990108df795b676cd0d0e65ac34b2273 ]
Add the missing uart_unregister_driver() and i2c_del_driver() before return
from sc16is7xx_init() in the error handling case.
Signed-off-by: Mao Wenan
Reviewed-by: Vladimir Zapolskiy
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: S
From: Alexander Kappner
commit bb1b40c7cb863f0800a6410c7dcb86cf3f28d3b1 upstream.
iOS devices require the host to be "trusted" before servicing network
packets. Establishing trust requires the user to confirm a dialog on the
iOS device.Until trust is established, the iOS device will silently dis
[ Upstream commit 72ff51d8dd262d1fef25baedc2ac35116435be47 ]
Andrey has reported on OpenWrt's bug tracking system[1], that he
currently can't use ar93xx_uart as pure serial UART without console
(CONFIG_SERIAL_8250_CONSOLE and CONFIG_SERIAL_AR933X_CONSOLE undefined),
because compilation ends with f
[ Upstream commit 72ff51d8dd262d1fef25baedc2ac35116435be47 ]
Andrey has reported on OpenWrt's bug tracking system[1], that he
currently can't use ar93xx_uart as pure serial UART without console
(CONFIG_SERIAL_8250_CONSOLE and CONFIG_SERIAL_AR933X_CONSOLE undefined),
because compilation ends with f
[ Upstream commit 6d65561f3d5ec933151939c543d006b79044e7a6 ]
skb_header_pointer may return NULL. The current code dereference
its return values without a NULL check.
The fix inserts the checks to avoid NULL pointer dereferences.
Fixes: 202a8ff545cc ("netfilter: add IPv6 segment routing header 's
From: Ville Syrjälä
commit 5aae7832d1b4ec614996ea0f4fafc4d9855ec0b0 upstream.
Currently we enable FEC even when DSC is no used. While that is
theoretically valid supposedly there isn't much of a benefit from
this. But more importantly we do not account for the FEC link
bandwidth overhead (2.4%)
[ Upstream commit dd08a8d9a66de4b54575c294a92630299f7e0fe7 ]
When CONFIG_VMAP_STACK=y, __pa() returns incorrect physical address for
a stack virtual address. Stack DMA buffers must be avoided.
Signed-off-by: raymond pang
Signed-off-by: Jens Axboe
Signed-off-by: Sasha Levin (Microsoft)
---
dri
[ Upstream commit 05b7639da55fb9866a1f4b7e8995232a6323 ]
Otherwise, we hit bogus ENOENT when removing elements.
Fixes: e701001e7cbe ("netfilter: nft_rbtree: allow adjacent intervals with
dynamic updates")
Reported-by: Václav Zindulka
Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Sasha Le
[ Upstream commit 2d8f92897ad816f5dda54b2ed2fd9f2d7cb1abde ]
meson_drv_unbind() doesn't unregister the IRQ handler, which can lead to
use-after-free if the IRQ fires after unbind:
[ 64.656876] Unable to handle kernel paging request at virtual address
11706dbc
...
[ 64.662001] pc : me
[ Upstream commit 909346433064b8d840dc82af26161926b8d37558 ]
If userspace doesn't end the input with a newline (which can easily
happen if the write happens from a C program that does write(fd,
iface, strlen(iface))), we may end up including garbage from a
previous, longer value in the device_name
From: Paulo Alcantara
commit dfbd199a7cfe3e3cd8531e1353cdbd7175bfbc5e upstream.
When compiling genheaders and mdp from a newer host kernel, the
following error happens:
In file included from scripts/selinux/genheaders/genheaders.c:18:
./security/selinux/include/classmap.h:238:2: error:
[ Upstream commit c2fe742ff6e77c5b4fe4ad273191ddf28fdea25e ]
During expander reset handling, the driver invokes kernel function
scsi_host_find_tag() to obtain outstanding requests associated with the
scsi host managed by the driver. Driver loops from tag value zero to hba
queue depth to obtain the
[ Upstream commit b6554cfe09e1f610aed7d57164ab7760be57acd9 ]
There are a few windows during AER/EEH when we can access PCIe I/O mapped
registers. This will harden the access to insure we do not allow PCIe
access during errors
Signed-off-by: Dave Carroll
Reviewed-by: Sagar Biradar
Signed-off-by:
[ Upstream commit 45a042e3026824a7e910db7a4dd38fef0540b902 ]
Devices with external LNA need different values for AGC registers 8 and 9
Signed-off-by: Felix Fietkau
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/net/wireless/mediatek/mt76/mt76x2/phy.c | 11 ---
1 file changed, 8 ins
[ Upstream commit 2795e8c251614ac0784c9d41008551109f665716 ]
In case alloc_ordered_workqueue fails, the fix releases
sources and returns -ENOMEM to avoid NULL pointer dereference.
Signed-off-by: Kangjie Lu
Acked-by: Michael Hennerich
Signed-off-by: Stefan Schmidt
Signed-off-by: Sasha Levin (Mi
[ Upstream commit a6ecfb11bf37743c1ac49b266595582b107b61d4 ]
When halting a guest, QEMU flushes the virtual ITS caches, which
amounts to writing to the various tables that the guest has allocated.
When doing this, we fail to take the srcu lock, and the kernel
shouts loudly if running a lockdep ke
[ Upstream commit fba1bdd2a9a93f3e2181ec1936a3c2f6b37e7ed6 ]
In case iscsi_lookup_endpoint fails, the fix returns -EINVAL to avoid NULL
pointer dereference.
Signed-off-by: Kangjie Lu
Acked-by: Manish Rangankar
Reviewed-by: Mukesh Ojha
Signed-off-by: Martin K. Petersen
Signed-off-by: Sasha Lev
alpha allocates PTE pages with __get_free_page() and uses
GFP_KERNEL | __GFP_ZERO for the allocations.
Switch it to the generic version that does exactly the same thing for the
kernel page tables and adds __GFP_ACCOUNT for the user PTEs.
The alpha pte_free() and pte_free_kernel() versions are ide
[Adding Rui]
On Tue, Apr 30, 2019 at 4:47 AM Sébastien Szymanski
wrote:
>
> Add csi node for i.MX6UL SoC.
>
> Signed-off-by: Sébastien Szymanski
> ---
> arch/arm/boot/dts/imx6ul.dtsi | 11 +++
> 1 file changed, 11 insertions(+)
>
> diff --git a/arch/arm/boot/dts/imx6ul.dtsi b/arch/arm/b
[ Upstream commit 19b39a25388e71390e059906c979f87be4ef0c71 ]
genlmsg_reply can fail, so propagate its return code
Signed-off-by: Li RongQing
Signed-off-by: Stefan Schmidt
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/net/ieee802154/mac802154_hwsim.c | 2 +-
1 file changed, 1 insertion(+)
[ Upstream commit 044175a06706d516aa42874bb44dbbfc3c4d20eb ]
When the umem is cleaned up, the task that created it might already be
gone. If the task was gone, the xdp_umem_release function did not free
the pages member of struct xdp_umem.
It turned out that the task lookup was not needed at all;
[ Upstream commit cd479eccd2e057116d504852814402a1e68ead80 ]
For a 64-bit process the randomization of the program break is quite
large with 1GB. That is as big as the randomization of the anonymous
mapping base, for a test case started with '/lib/ld64.so.1 '
it can happen that the heap is placed
[ Upstream commit 58f2ce6f61615dfd8dd3cc01c9e5bb54ed35637e ]
When sending non-linear skbs with jumbo frames, we set up the non-paged
data and mark that as a last segment, although the paged fragments are
also prepared. This will stall the TX queue and trigger a watchdog warning
(a simple reproduce
[ Upstream commit ac0cdb3d990108df795b676cd0d0e65ac34b2273 ]
Add the missing uart_unregister_driver() and i2c_del_driver() before return
from sc16is7xx_init() in the error handling case.
Signed-off-by: Mao Wenan
Reviewed-by: Vladimir Zapolskiy
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: S
MIPS allocates kernel PTE pages with
__get_free_pages(GFP_KERNEL | __GFP_ZERO, PTE_ORDER)
and user PTE pages with
alloc_pages(GFP_KERNEL | __GFP_ZERO, PTE_ORDER)
The PTE_ORDER is hardwired to zero, which makes MIPS implementation almost
identical to the generic one.
Switch MIPS
[ Upstream commit e20119f7eaaaf6aad5b44f35155ce500429e17f6 ]
According to the R-Car Gen3 Hardware Manual Errata for Rev 1.50 of Feb
12, 2019, the DMA channels for SCIF5 are corrected from 16..47 to 0..15
on R-Car E3.
Signed-off-by: Takeshi Kihara
Fixes: a5ebe5e49a862e21 ("arm64: dts: renesas: r8
The sun3 MMU variant of m68k uses GFP_KERNEL to allocate a PTE page and
then memset(0) or clear_highpage() to clear it.
This is equivalent to allocating the page with GFP_KERNEL | __GFP_ZERO,
which allows replacing sun3 implementation of pte_alloc_one() and
pte_alloc_one_kernel() with the generic
parisc allocates PTE pages with __get_free_page() and uses
GFP_KERNEL | __GFP_ZERO for the allocations.
Switch it to the generic version that does exactly the same thing for the
kernel page tables and adds __GFP_ACCOUNT for the user PTEs.
The pte_free_kernel() and pte_free() versions on are ident
[ Upstream commit 3c3736cd32bf5197aed1410ae826d2d254a5b277 ]
We rely on the mmu_notifier call backs to handle the split/merge
of huge pages and thus we are guaranteed that, while creating a
block mapping, either the entire block is unmapped at stage2 or it
is missing permission.
However, we miss
[ Upstream commit 72ff51d8dd262d1fef25baedc2ac35116435be47 ]
Andrey has reported on OpenWrt's bug tracking system[1], that he
currently can't use ar93xx_uart as pure serial UART without console
(CONFIG_SERIAL_8250_CONSOLE and CONFIG_SERIAL_AR933X_CONSOLE undefined),
because compilation ends with f
Replace __get_free_page() and alloc_pages() calls with the generic
__pte_alloc_one_kernel() and __pte_alloc_one().
There is no functional change for the kernel PTE allocation.
The difference for the user PTEs, is that the clear_pte_table() is now
called after pgtable_page_ctor() and the addition
[ Upstream commit 7cf77b273a8fc51e7de622fa6691abd4436a9a6b ]
Reported-by: Dan Carpenter
Signed-off-by: Thierry Reding
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/gpu/drm/tegra/hub.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/tegra/hub.c b/driv
[ Upstream commit d268f31552794abf5b6aa5af31021643411f25f5 ]
The ks8851 driver currently requests the IRQ before registering the
net_device. Because the net_device name is used as IRQ name and is
still "eth%d" when the IRQ is requested, it's impossibe to tell IRQs
apart if multiple ks8851 chips a
[ Upstream commit 41b37f4c0fa67185691bcbd30201cad566f2f0d1 ]
This patch fixes a spelling typo.
Signed-off-by: Masanari Iida
Fixes: cc42603de320 ("ARM: dts: imx6q-icore-rqs: Add Engicam IMX6 Q7 initial
support")
Signed-off-by: Shawn Guo
Signed-off-by: Sasha Levin (Microsoft)
---
arch/arm/boot
[ Upstream commit 5a698243930c441afccec04e4d5dc8febfd2b775 ]
Specifying a retrans=0 mount parameter to a NFS/TCP mount, is
inadvertently causing the NFS client to rewrite any specified
timeout parameter to the default of 60 seconds.
Fixes: a956beda19a6 ("NFS: Allow the mount option retrans=0")
Si
[ Upstream commit 776e78677f514ecddd12dba48b9040958999bd5a ]
meson_drv_bind() registers a meson_drm struct as the device's privdata,
but meson_drv_unbind() tries to retrieve a drm_device. This may cause a
segfault on shutdown:
[ 5194.593429] Unable to handle kernel NULL pointer dereference at vir
[ Upstream commit fa3a419d2f674b431d38748cb58fb7da17ee8949 ]
The call to of_parse_phandle returns a node pointer with refcount
incremented thus it must be explicitly decremented after the last
usage.
Detected by coccinelle with the following warnings:
./drivers/net/ethernet/xilinx/xilinx_axienet_
[ Upstream commit 3f04e0a6cfebf48152ac64502346cdc258811f79 ]
If userspace has open fd(s) when drm_dev_unplug() is run, it will result
in drm_dev_unregister() being called twice. First in drm_dev_unplug() and
then later in drm_release() through the call to drm_put_dev().
Since userspace already ho
[ Upstream commit 6cf4511e9729c00a7306cf94085f9cc3c52ee723 ]
In case devm_kzalloc, the patch returns ENOMEM to avoid potential
NULL pointer dereference.
Signed-off-by: Kangjie Lu
Reviewed-by: Andrew Jeffery
Signed-off-by: Bartosz Golaszewski
Signed-off-by: Sasha Levin (Microsoft)
---
drivers
[ Upstream commit 2dbed152e2d4c3fe2442284918d14797898b1e8a ]
allnoconfig build with just ARCH_DAVINCI enabled
fails because drivers/clk/davinci/* depends on
REGMAP being enabled.
Fix it by selecting REGMAP_MMIO when building in
DaVinci support.
Signed-off-by: Sekhar Nori
Reviewed-by: David Lech
[ Upstream commit 9b9c87cf51783cbe7140c51472762094033cfeab ]
We need to set "err" on this error path.
Fixes: 187ac53e590c ("staging: vchiq_arm: rework probe and init functions")
Signed-off-by: Dan Carpenter
Acked-by: Stefan Wahren
Signed-off-by: Greg Kroah-Hartman
Signed-off-by: Sasha Levin (M
[ Upstream commit 7ae622c978db6b2e28b4fced6ecd2a174492059d ]
This patch simply adds a new PCI Device ID
Signed-off-by: Felipe Balbi
Signed-off-by: Sasha Levin (Microsoft)
---
drivers/usb/dwc3/dwc3-pci.c | 4
1 file changed, 4 insertions(+)
diff --git a/drivers/usb/dwc3/dwc3-pci.c b/drive
[ Upstream commit ca71228b42a96908eca7658861eafacd227856c9 ]
The normal interrupt flow is not to enable the vgic when no virtual
interrupt is to be injected (i.e. the LRs are empty). But when a guest
is likely to use GICv4 for LPIs, we absolutely need to switch it on
at all times. Otherwise, VLPIs
[ Upstream commit 9d6a54c1430647355a5e23434881b2ca3d192b48 ]
The OUT endpoint normally blocks (NAK) subsequent packets when a
short packet was received and returns an incomplete queue entry to
the gadget driver. Thereby the gadget driver can detect a short packet
when reading queue entries with a
[ Upstream commit fba1bdd2a9a93f3e2181ec1936a3c2f6b37e7ed6 ]
In case iscsi_lookup_endpoint fails, the fix returns -EINVAL to avoid NULL
pointer dereference.
Signed-off-by: Kangjie Lu
Acked-by: Manish Rangankar
Reviewed-by: Mukesh Ojha
Signed-off-by: Martin K. Petersen
Signed-off-by: Sasha Lev
[ Upstream commit e5545c94e43b8f6599ffc01df8d1aedf18ee912a ]
SPI GPIO device has more than just "cs-gpio" property in its node and
would request those GPIOs as a part of its initialization. To avoid
applying CS-specific quirk to all of them add a check to make sure
that propname is "cs-gpios".
Si
[ Upstream commit 8c7ae38d1ce12a0eaeba655df8562552b3596c7f ]
The marshalling of AFS.StoreData, AFS.StoreData64 and YFS.StoreData64 calls
generated by ->setattr() ops for the purpose of expanding a file is
incorrect due to older documentation incorrectly describing the way the RPC
'FileLength' para
[ Upstream commit dd08a8d9a66de4b54575c294a92630299f7e0fe7 ]
When CONFIG_VMAP_STACK=y, __pa() returns incorrect physical address for
a stack virtual address. Stack DMA buffers must be avoided.
Signed-off-by: raymond pang
Signed-off-by: Jens Axboe
Signed-off-by: Sasha Levin (Microsoft)
---
dri
[ Upstream commit 7ce40277bf848391705011ba37eac2e377cbd9e6 ]
"spi-cs-high" is going to be specified in child node of an SPI
controller's representing attached SPI device, so change the code to
look for it there, instead of checking parent node.
Signed-off-by: Andrey Smirnov
Cc: Linus Walleij
Cc
[ Upstream commit 2bdb76c015df7125783d8394d6339d181cb5bc30 ]
Since MSR_IA32_ARCH_CAPABILITIES is emualted unconditionally even if
host doesn't suppot it. We should move it to array emulated_msrs from
arry msrs_to_save, to report to userspace that guest support this msr.
Signed-off-by: Xiaoyao Li
[ Upstream commit 41f00e6e9e55546390031996b773e7f3c1d95928 ]
of_match_device in usb251xb_probe can fail and returns a NULL pointer.
The patch avoids a potential NULL pointer dereference in this scenario.
Signed-off-by: Aditya Pakki
Reviewed-by: Richard Leitner
Signed-off-by: Greg Kroah-Hartman
[ Upstream commit 8df98ae0ab2ead9a02228756eec26f8d7b17f499 ]
...so that the test doesn't end up in an infinite loop if it fails for
whatever reason, e.g. SHUTDOWN due to gcc inserting stack canary code
into ucall() and attempting to derefence a null segment.
Fixes: ca359066889f7 ("kvm: selftests:
[ Upstream commit ffac839d040619847217647434b2b02469926871 ]
Since 4.8.3, gcc has enabled -fstack-protector by default. This is
problematic for the KVM selftests as they do not configure fs or gs
segments (the stack canary is pulled from fs:0x28). With the default
behavior, gcc will insert a sta
[ Upstream commit 0f73bbc851ed32d22bbd86be09e0365c460bcd2e ]
Documentation/virtual/kvm/api.txt states:
NOTE: For KVM_EXIT_IO, KVM_EXIT_MMIO, KVM_EXIT_OSI, KVM_EXIT_PAPR and
KVM_EXIT_EPR the corresponding operations are complete (and guest
state is consistent) only after userspac
[ Upstream commit 02db99548d3608a625cf481cff2bb7b626829b3f ]
There are two mistakes for building bvec from sg list for file
backed ns:
- use request data length to compute number of io vector, this way
doesn't consider sg->offset, and the result may be smaller than required
io vectors
- bvec->bv
301 - 400 of 895 matches
Mail list logo
