This reverts commit 19c4d6c7b0.
It breaks the ABI right now, but will be brought back at the next ABI
break as it will be needed for Android systems.
Bug: 161946584
Change-Id: I0d81c2395d7e4e42c81631040b40e936f2ccdf6a
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
The tcindex code was removed from the tree in 5.15.100, so remove the
config option from the gki_defconfig files to fix up the build.
Fixes: 7c183dc0af ("net/sched: Retire tcindex classifier")
Change-Id: Id4927815ec2fd0ebc8065d891dfb721551f3dbc6
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit cf52c320cf.
It breaks the ABI and really, isn't that important of a fix to deserve
the abi churn. It can come back later at an ABI break point in time if
really needed.
Bug: 161946584
Change-Id: I60b5c92bd4d03b7eef928cdcae241cac7446de14
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
CONFIG_TYPEC_DP_ALTMODE: DisplayPort Alternate Mode driver
DisplayPort USB Type-C Alternate Mode allows DisplayPort
displays and adapters to be attached to the USB Type-C
connectors on the system.
Bug: 273310676
Test: TH
Change-Id: Iedde3b15911674161a5a5aa658afdce26aa6d2fe
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
This is a last part to remove the memory sharing for rb_tree in extent_cache.
This should also fix arm32 memory alignment issue.
[struct extent_node] [struct rb_entry]
[0] struct rb_node rb_node; [0] struct rb_node rb_node;
union { union {
struct { struct {
[16] unsigned int fofs; [12] unsigned int ofs;
unsigned int len; unsigned int len;
};
unsigned long long key;
} __packed;
Cc: <stable@vger.kernel.org>
Fixes: 13054c548a ("f2fs: introduce infra macro and data structure of rb-tree extent cache")
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
(cherry picked from commit 6b40bc364c1073d7d26fb80c4a833025d9590311
https: //git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev)
Change-Id: I5dd3b281971bf0f25c94660971ba993e09b30e35
This is a second part to remove the mixed use of rb_tree in discard_cmd from
extent_cache.
This should also fix arm32 memory alignment issue caused by shared rb_entry.
[struct discard_cmd] [struct rb_entry]
[0] struct rb_node rb_node; [0] struct rb_node rb_node;
union { union {
struct { struct {
[16] block_t lstart; [12] unsigned int ofs;
block_t len; unsigned int len;
};
unsigned long long key;
} __packed;
Cc: <stable@vger.kernel.org>
Fixes: 004b686218 ("f2fs: use rb-tree to track pending discard commands")
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
(cherry picked from commit 7e9775a516ff6c1e73ee2b42ec563cafee38f42f
https: //git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev)
Change-Id: I61ee2b6bcc283406ca40f0ed7c3146de1e813d61
Let's reduce the complexity of mixed use of rb_tree in victim_entry from
extent_cache and discard_cmd.
This should fix arm32 memory alignment issue caused by shared rb_entry.
[struct victim_entry] [struct rb_entry]
[0] struct rb_node rb_node; [0] struct rb_node rb_node;
union {
struct {
unsigned int ofs;
unsigned int len;
};
[16] unsigned long long mtime; [12] unsigned long long key;
} __packed;
Cc: <stable@vger.kernel.org>
Fixes: 093749e296 ("f2fs: support age threshold based garbage collection")
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
(cherry picked from commit e433c78875858d5207a886a8bc3e33c02a544eb3
https: //git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git dev)
Change-Id: I0a59b05b293bfbd8479f748730b429ccfe5522a3
Changes in 5.15.100
net/sched: Retire tcindex classifier
auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()
fs/jfs: fix shift exponent db_agl2size negative
objtool: Fix memory leak in create_static_call_sections()
pwm: sifive: Reduce time the controller lock is held
pwm: sifive: Always let the first pwm_apply_state succeed
pwm: stm32-lp: fix the check on arr and cmp registers update
f2fs: use memcpy_{to,from}_page() where possible
fs: f2fs: initialize fsdata in pagecache_write()
f2fs: allow set compression option of files without blocks
um: vector: Fix memory leak in vector_config
ubi: ensure that VID header offset + VID header size <= alloc, size
ubifs: Fix build errors as symbol undefined
ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
ubifs: Rectify space budget for ubifs_xrename()
ubifs: Fix wrong dirty space budget for dirty inode
ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1
ubifs: Reserve one leb for each journal head while doing budget
ubi: Fix use-after-free when volume resizing failed
ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()
ubifs: Fix memory leak in alloc_wbufs()
ubi: Fix possible null-ptr-deref in ubi_free_volume()
ubifs: Re-statistic cleaned znode count if commit failed
ubifs: dirty_cow_znode: Fix memleak in error handling path
ubifs: ubifs_writepage: Mark page dirty after writing inode failed
ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling fastmap
ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed
f2fs: fix to avoid potential memory corruption in __update_iostat_latency()
ext4: use ext4_fc_tl_mem in fast-commit replay path
netfilter: nf_tables: allow to fetch set elements when table has an owner
x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list
um: virtio_uml: free command if adding to virtqueue failed
um: virtio_uml: mark device as unregistered when breaking it
um: virtio_uml: move device breaking into workqueue
um: virt-pci: properly remove PCI device from bus
watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path
watchdog: Fix kmemleak in watchdog_cdev_register
watchdog: pcwd_usb: Fix attempting to access uninitialized memory
watchdog: sbsa_wdog: Make sure the timeout programming is within the limits
netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack()
netfilter: ebtables: fix table blob use-after-free
netfilter: x_tables: fix percpu counter block leak on error path when creating new netns
ipv6: Add lwtunnel encap size of all siblings in nexthop calculation
sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
octeontx2-pf: Use correct struct reference in test condition
net: fix __dev_kfree_skb_any() vs drop monitor
9p/xen: fix version parsing
9p/xen: fix connection sequence
9p/rdma: unmap receive dma buffer in rdma_request()/post_recv()
net/mlx5e: Verify flow_source cap before using it
net/mlx5: Geneve, Fix handling of Geneve object id as error code
nfc: fix memory leak of se_io context in nfc_genl_se_io
net/sched: transition act_pedit to rcu and percpu stats
net/sched: act_pedit: fix action bind logic
net/sched: act_mpls: fix action bind logic
net/sched: act_sample: fix action bind logic
ARM: dts: spear320-hmi: correct STMPE GPIO compatible
tcp: tcp_check_req() can be called from process context
vc_screen: modify vcs_size() handling in vcs_read()
rtc: sun6i: Always export the internal oscillator
genirq: Refactor accessors to use irq_data_get_affinity_mask
genirq: Add and use an irq_data_update_affinity helper
scsi: ipr: Work around fortify-string warning
rtc: allow rtc_read_alarm without read_alarm callback
loop: loop_set_status_from_info() check before assignment
ASoC: adau7118: don't disable regulators on device unbind
ASoC: zl38060: Remove spurious gpiolib select
ASoC: zl38060 add gpiolib dependency
ASoC: mediatek: mt8195: add missing initialization
thermal: intel: quark_dts: fix error pointer dereference
thermal: intel: BXT_PMIC: select REGMAP instead of depending on it
tracing: Add NULL checks for buffer in ring_buffer_free_read_page()
kernel/printk/index.c: fix memory leak with using debugfs_lookup()
firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3
bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC support
mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak
IB/hfi1: Update RMT size calculation
iommu/amd: Fix error handling for pdev_pri_ats_enable()
media: uvcvideo: Remove format descriptions
media: uvcvideo: Handle cameras with invalid descriptors
media: uvcvideo: Handle errors from calls to usb_string
media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910
media: uvcvideo: Silence memcpy() run-time false positive warnings
USB: fix memory leak with using debugfs_lookup()
staging: emxx_udc: Add checks for dma_alloc_coherent()
tty: fix out-of-bounds access in tty_driver_lookup_tty()
tty: serial: fsl_lpuart: disable the CTS when send break signal
serial: sc16is7xx: setup GPIO controller later in probe
mei: bus-fixup:upon error print return values of send and receive
tools/iio/iio_utils:fix memory leak
iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word()
iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word()
soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe()
PCI: loongson: Prevent LS7A MRRS increases
USB: dwc3: fix memory leak with using debugfs_lookup()
USB: chipidea: fix memory leak with using debugfs_lookup()
USB: uhci: fix memory leak with using debugfs_lookup()
USB: sl811: fix memory leak with using debugfs_lookup()
USB: fotg210: fix memory leak with using debugfs_lookup()
USB: isp116x: fix memory leak with using debugfs_lookup()
USB: isp1362: fix memory leak with using debugfs_lookup()
USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()
USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup()
USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup()
USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup()
USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup()
usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math
USB: ene_usb6250: Allocate enough memory for full object
usb: uvc: Enumerate valid values for color matching
usb: gadget: uvc: Make bSourceID read/write
PCI: Align extra resources for hotplug bridges properly
PCI: Take other bus devices into account when distributing resources
tty: pcn_uart: fix memory leak with using debugfs_lookup()
misc: vmw_balloon: fix memory leak with using debugfs_lookup()
drivers: base: component: fix memory leak with using debugfs_lookup()
drivers: base: dd: fix memory leak with using debugfs_lookup()
kernel/fail_function: fix memory leak with using debugfs_lookup()
PCI: loongson: Add more devices that need MRRS quirk
PCI: Add ACS quirk for Wangxun NICs
phy: rockchip-typec: Fix unsigned comparison with less than zero
soundwire: cadence: Remove wasted space in response_buf
soundwire: cadence: Drain the RX FIFO after an IO timeout
net: tls: avoid hanging tasks on the tx_lock
x86/resctl: fix scheduler confusion with 'current'
drm/display/dp_mst: Fix down/up message handling after sink disconnect
drm/display/dp_mst: Fix down message handling after a packet reception error
Bluetooth: hci_sock: purge socket queues in the destruct() callback
media: uvcvideo: Fix race condition with usb_kill_urb
drm/virtio: Fix error code in virtio_gpu_object_shmem_init()
Revert "scsi: mpt3sas: Fix return value check of dma_get_required_mask()"
scsi: mpt3sas: Don't change DMA mask while reallocating pools
scsi: mpt3sas: re-do lost mpt3sas DMA mask fix
scsi: mpt3sas: Remove usage of dma_get_required_mask() API
malidp: Fix NULL vs IS_ERR() checking
usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails
Linux 5.15.100
Change-Id: If8949c57602ea5475c2f68a78d0d2e421d7969f2
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
* changes:
ANDROID: Update the .stg file due to internal io_uring changes
Merge 5.15.99 into android14-5.15
Revert "FROMLIST: power_supply: Use of-thermal cdev registration API"
commit c993799baf upstream.
Apparently syzbot figured out that issuing this FSMAP call:
struct fsmap_head cmd = {
.fmh_count = ...;
.fmh_keys = {
{ .fmr_device = /* ext4 dev */, .fmr_physical = 0, },
{ .fmr_device = /* ext4 dev */, .fmr_physical = 0, },
},
...
};
ret = ioctl(fd, FS_IOC_GETFSMAP, &cmd);
Produces this crash if the underlying filesystem is a 1k-block ext4
filesystem:
kernel BUG at fs/ext4/ext4.h:3331!
invalid opcode: 0000 [#1] PREEMPT SMP
CPU: 3 PID: 3227965 Comm: xfs_io Tainted: G W O 6.2.0-rc8-achx
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014
RIP: 0010:ext4_mb_load_buddy_gfp+0x47c/0x570 [ext4]
RSP: 0018:ffffc90007c03998 EFLAGS: 00010246
RAX: ffff888004978000 RBX: ffffc90007c03a20 RCX: ffff888041618000
RDX: 0000000000000000 RSI: 00000000000005a4 RDI: ffffffffa0c99b11
RBP: ffff888012330000 R08: ffffffffa0c2b7d0 R09: 0000000000000400
R10: ffffc90007c03950 R11: 0000000000000000 R12: 0000000000000001
R13: 00000000ffffffff R14: 0000000000000c40 R15: ffff88802678c398
FS: 00007fdf2020c880(0000) GS:ffff88807e100000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffd318a5fe8 CR3: 000000007f80f001 CR4: 00000000001706e0
Call Trace:
<TASK>
ext4_mballoc_query_range+0x4b/0x210 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80]
ext4_getfsmap_datadev+0x713/0x890 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80]
ext4_getfsmap+0x2b7/0x330 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80]
ext4_ioc_getfsmap+0x153/0x2b0 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80]
__ext4_ioctl+0x2a7/0x17e0 [ext4 dfa189daddffe8fecd3cdfd00564e0f265a8ab80]
__x64_sys_ioctl+0x82/0xa0
do_syscall_64+0x2b/0x80
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fdf20558aff
RSP: 002b:00007ffd318a9e30 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000000200c0 RCX: 00007fdf20558aff
RDX: 00007fdf1feb2010 RSI: 00000000c0c0583b RDI: 0000000000000003
RBP: 00005625c0634be0 R08: 00005625c0634c40 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fdf1feb2010
R13: 00005625be70d994 R14: 0000000000000800 R15: 0000000000000000
For GETFSMAP calls, the caller selects a physical block device by
writing its block number into fsmap_head.fmh_keys[01].fmr_device.
To query mappings for a subrange of the device, the starting byte of the
range is written to fsmap_head.fmh_keys[0].fmr_physical and the last
byte of the range goes in fsmap_head.fmh_keys[1].fmr_physical.
IOWs, to query what mappings overlap with bytes 3-14 of /dev/sda, you'd
set the inputs as follows:
fmh_keys[0] = { .fmr_device = major(8, 0), .fmr_physical = 3},
fmh_keys[1] = { .fmr_device = major(8, 0), .fmr_physical = 14},
Which would return you whatever is mapped in the 12 bytes starting at
physical offset 3.
The crash is due to insufficient range validation of keys[1] in
ext4_getfsmap_datadev. On 1k-block filesystems, block 0 is not part of
the filesystem, which means that s_first_data_block is nonzero.
ext4_get_group_no_and_offset subtracts this quantity from the blocknr
argument before cracking it into a group number and a block number
within a group. IOWs, block group 0 spans blocks 1-8192 (1-based)
instead of 0-8191 (0-based) like what happens with larger blocksizes.
The net result of this encoding is that blocknr < s_first_data_block is
not a valid input to this function. The end_fsb variable is set from
the keys that are copied from userspace, which means that in the above
example, its value is zero. That leads to an underflow here:
blocknr = blocknr - le32_to_cpu(es->s_first_data_block);
The division then operates on -1:
offset = do_div(blocknr, EXT4_BLOCKS_PER_GROUP(sb)) >>
EXT4_SB(sb)->s_cluster_bits;
Leaving an impossibly large group number (2^32-1) in blocknr.
ext4_getfsmap_check_keys checked that keys[0].fmr_physical and
keys[1].fmr_physical are in increasing order, but
ext4_getfsmap_datadev adjusts keys[0].fmr_physical to be at least
s_first_data_block. This implies that we have to check it again after
the adjustment, which is the piece that I forgot.
Reported-by: syzbot+6be2b977c89f79b6b153@syzkaller.appspotmail.com
Fixes: 4a4956249d ("ext4: fix off-by-one fsmap error on 1k block filesystems")
Link: https://syzkaller.appspot.com/bug?id=79d5768e9bfe362911ac1a5057a36fc6b5c30002
Cc: stable@vger.kernel.org
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/Y+58NPTH7VNGgzdd@magnolia
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 260486287
Change-Id: I07ac9fcb91671016f4b6a10ef5c8711eea74fb26
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
commit 1e1c2b86ef upstream.
Block range to free is validated in ext4_free_blocks() using
ext4_inode_block_valid() and then it's passed to ext4_mb_clear_bb().
However in some situations on bigalloc file system the range might be
adjusted after the validation in ext4_free_blocks() which can lead to
troubles on corrupted file systems such as one found by syzkaller that
resulted in the following BUG
kernel BUG at fs/ext4/ext4.h:3319!
PREEMPT SMP NOPTI
CPU: 28 PID: 4243 Comm: repro Kdump: loaded Not tainted 5.19.0-rc6+ #1
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014
RIP: 0010:ext4_free_blocks+0x95e/0xa90
Call Trace:
<TASK>
? lock_timer_base+0x61/0x80
? __es_remove_extent+0x5a/0x760
? __mod_timer+0x256/0x380
? ext4_ind_truncate_ensure_credits+0x90/0x220
ext4_clear_blocks+0x107/0x1b0
ext4_free_data+0x15b/0x170
ext4_ind_truncate+0x214/0x2c0
? _raw_spin_unlock+0x15/0x30
? ext4_discard_preallocations+0x15a/0x410
? ext4_journal_check_start+0xe/0x90
? __ext4_journal_start_sb+0x2f/0x110
ext4_truncate+0x1b5/0x460
? __ext4_journal_start_sb+0x2f/0x110
ext4_evict_inode+0x2b4/0x6f0
evict+0xd0/0x1d0
ext4_enable_quotas+0x11f/0x1f0
ext4_orphan_cleanup+0x3de/0x430
? proc_create_seq_private+0x43/0x50
ext4_fill_super+0x295f/0x3ae0
? snprintf+0x39/0x40
? sget_fc+0x19c/0x330
? ext4_reconfigure+0x850/0x850
get_tree_bdev+0x16d/0x260
vfs_get_tree+0x25/0xb0
path_mount+0x431/0xa70
__x64_sys_mount+0xe2/0x120
do_syscall_64+0x5b/0x80
? do_user_addr_fault+0x1e2/0x670
? exc_page_fault+0x70/0x170
entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fdf4e512ace
Fix it by making sure that the block range is properly validated before
used every time it changes in ext4_free_blocks() or ext4_mb_clear_bb().
Link: https://syzkaller.appspot.com/bug?id=5266d464285a03cee9dbfda7d2452a72c3c2ae7c
Reported-by: syzbot+15cd994e273307bf5cfa@syzkaller.appspotmail.com
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Cc: Tadeusz Struk <tadeusz.struk@linaro.org>
Tested-by: Tadeusz Struk <tadeusz.struk@linaro.org>
Link: https://lore.kernel.org/r/20220714165903.58260-1-lczerner@redhat.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 237951970
Change-Id: I2a45df5fe3f47c9408bed79f83a61b68c00efa22
Signed-off-by: Tudor Ambarus <tudor.ambarus@linaro.org>
When introducing vma refcounting to stabilize the faulting vma, the
change also stopped copying the original vma. While refcounting
protects the vma from being destroyed, it does not protect it from
concurrent changes. This results in possible unexpected vma mutations
while page fault is being handled. To prevent that, revert back to
handling speculative page faults using a stable copy of the original
vma which can't be concurrently changed.
Fixes: d9d7f843da68 ("ANDROID: mm: introduce vma refcounting to protect vma during SPF")
Bug: 271817185
Change-Id: If4ec5a6282ddc037c96addb19510cc83ccd7b2ea
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
(cherry picked from commit 7ba7908a8d5207a00fca5170d183f868a3a9903e)
The below race is observed on the SPF path:
pthread1 pthread2
-------- --------
Speculatively enter
__pte_map_lock:
irq_disable()
............
All seq lock checks
are succeeded.
............
ptl = (pmd_page(*pmd))->ptl
__vm_munmap():
mmap_write_lock_killable();
(update the seq count)
__do_munmap()-->
unmap_region()-->
free_pgtables()-->
..........
free_pte_range():
ptl = pmd_lock()
unlock(ptl)
pte_free_tlb()-->
.........
pgtable_pte_page_dtor():
(Free the pmd_page(page)->ptl
to the slab, on which pthread1
still operating on)
spin_trylock(ptl)
Seq count check fails
spin_unlock():
SPIN_BUG() checks are passed
kmem_cache_free()-->
do_slab_free():
(a) *(ptl + offset) = c->freelist
(b) c->freelist = ptl
update ptl->owner, owner->cpu
(This is use-after-free of
the ptl slab object which is
corrupting the next pointer,(a),
filled by the pthread2 in the
cuuren->freelist)
Note that when DEBUG_SPINLOCK is not enabled, race won't exist as
ALLOC_SPLIT_PTLOCKS is not defined i.e. ptl is stored directly in the
page structure. Note that this change as uses smp sync doesn't have any
perf impact in the production builds as the intended code is under
ALLOC_SPLIT_PTLOCKS which will be absent.
Bug: 265837312
Change-Id: I05b11c80a45c285ab8d293cca925aa4388f62d05
Signed-off-by: Charan Teja Kalla <quic_charante@quicinc.com>
(cherry picked from commit 521f3bc70dc82a29f087883be2d77fd91399a843)
vm_area_dup() should reset the vma refcount to avoid leaking the newly
created vma in case the original vma being copies has an elevated
refcount due to concurrent page fault.
Fixes: d9d7f843da68 ("ANDROID: mm: introduce vma refcounting to protect vma during SPF")
Bug: 253557903
Change-Id: I11324ac5661823e9c97b71afe6a894a094439960
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
(cherry picked from commit c24377e58ac888484c9a613074b2ea0c76ee7e95)
SPF attempts page faults without taking the mmap lock, but takes the
PTL. If there is a concurrent fast mremap (at PMD/PUD level), this
can lead to a UAF as fast mremap will only take the PTL locks at the
PMD/PUD level. SPF cannot take the PTL locks at the larger subtree
granularity since this introduces much contention in the page fault
paths.
To address the race:
1) Only try fast mremaps if there are no users of the VMA. Android
is concerned with this optimization in the context of
GC stop-the-world pause. So there are no other threads active
and this should almost always succeed.
2) Speculative faults detect ongoing fast mremaps and fallback
to conventional fault handling (taking mmap read lock).
Bug: 263177905
Change-Id: I23917e493ddc8576de19883cac053dfde9982b7f
[ Kalesh Singh : CP'ed from 13-5.10
- vm_ref_count is file_ref_count in 13-5.15
for ABI compatibility reason.
- VMA default refcount is 0 instead of 1 in 13-5.15
See: vma_init() ]
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
This reverts commit 6db12ee045.
In Android, system_server registers psi trigger to detect memory
pressure. This commit requires processes registering new triggers to
have CAP_SYS_RESOURCE capability, which system_server does not have.
Reverting this change until a solution can be found to fix the breakage
of functionality in Android T using 5.15 kernels.
Bug: 243781242
Bug: 244148051
Reported-by: liuhailong <liuhailong@oppo.com>
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: If6c8580af8734f3b765d48c782a536aad357e6f0
(cherry picked from commit e1b8ef44fd2930d2cc840b2c179b691c83e1f20b)
We need to access thermal pressure, be able to call
cpufreq_update_util and static_key_enable and hook to
update_misfit_status rvh. Export necessary symbols to be able to do that
from vendor modules. And enable access to some additional vendor hooks.
Bug: 242673160
Bug: 261695814
Bug: 261695590
Change-Id: Iacebc903fe34a4d3c52f9de0257f00a34b09cbc7
Signed-off-by: Qais Yousef <qyousef@google.com>
Commit 345fb368e5 ("io_uring/poll: allow some retries for poll
triggering spuriously") changes the struct io_poll internal structure,
which is not exposed to any actual module code, but is noticed by the
checking tools. Update the signatures to handle this as it is not an
actual ABI break.
type 'struct io_poll' changed
member 'int retries' was added
Fixes: 345fb368e5 ("io_uring/poll: allow some retries for poll triggering spuriously")
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1b29e0a9e005f56963a41daad9122062c6b21619
Enables the KMI strict mode for the aarch64;
also remove the TODO comment for aarch64-debug
as KMI strict mode shouldn't be enabled for
that target.
Bug: 269346251
Test: bazel build //common:kernel_aarch64
Test: TH
Change-Id: If8cb717d2e3dfef29004fafe1315a69caa940716
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Adding the following symbols:
- __sysfs_match_string
Bug: 270570684
Change-Id: I2dda870386df053ff3095656394821e960ed30bc
Signed-off-by: Ji Soo Shin <jisshin@google.com>
Changes in 5.15.99
HID: asus: use spinlock to protect concurrent accesses
HID: asus: use spinlock to safely schedule workers
powerpc/mm: Rearrange if-else block to avoid clang warning
ARM: OMAP2+: Fix memory leak in realtime_counter_init()
arm64: dts: qcom: qcs404: use symbol names for PCIe resets
arm64: dts: qcom: msm8996-tone: Fix USB taking 6 minutes to wake up
arm64: dts: qcom: sm8150-kumano: Panel framebuffer is 2.5k instead of 4k
arm64: dts: qcom: sm6125: Reorder HSUSB PHY clocks to match bindings
arm64: dts: imx8m: Align SoC unique ID node unit address
ARM: zynq: Fix refcount leak in zynq_early_slcr_init
arm64: dts: mediatek: mt8183: Fix systimer 13 MHz clock description
arm64: dts: qcom: sdm845-db845c: fix audio codec interrupt pin name
arm64: dts: qcom: sc7180: correct SPMI bus address cells
arm64: dts: qcom: sc7280: correct SPMI bus address cells
arm64: dts: meson-gx: Fix Ethernet MAC address unit name
arm64: dts: meson-g12a: Fix internal Ethernet PHY unit name
arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address
arm64: dts: msm8992-bullhead: add memory hole region
arm64: dts: qcom: msm8992-bullhead: Fix cont_splash_mem size
arm64: dts: qcom: msm8992-bullhead: Disable dfps_data_mem
arm64: dts: qcom: ipq8074: correct USB3 QMP PHY-s clock output names
arm64: dts: qcom: Fix IPQ8074 PCIe PHY nodes
arm64: dts: qcom: ipq8074: fix PCIe PHY serdes size
arm64: dts: qcom: ipq8074: fix Gen3 PCIe QMP PHY
arm64: dts: qcom: ipq8074: correct Gen2 PCIe ranges
arm64: dts: qcom: ipq8074: fix Gen3 PCIe node
arm64: dts: qcom: ipq8074: correct PCIe QMP PHY output clock names
arm64: dts: meson: remove CPU opps below 1GHz for G12A boards
ARM: OMAP1: call platform_device_put() in error case in omap1_dm_timer_init()
ARM: bcm2835_defconfig: Enable the framebuffer
ARM: s3c: fix s3c64xx_set_timer_source prototype
arm64: dts: ti: k3-j7200: Fix wakeup pinmux range
ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato
ARM: imx: Call ida_simple_remove() for ida_simple_get
arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name
arm64: dts: amlogic: meson-axg: fix SCPI clock dvfs node name
arm64: dts: amlogic: meson-gx: add missing SCPI sensors compatible
arm64: dts: amlogic: meson-gxl-s905d-sml5442tw: drop invalid clock-names property
arm64: dts: amlogic: meson-gx: add missing unit address to rng node name
arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node name
arm64: dts: amlogic: meson-gx-libretech-pc: fix update button name
arm64: dts: amlogic: meson-sm1-bananapi-m5: fix adc keys node names
arm64: dts: amlogic: meson-gxl-s905d-phicomm-n1: fix led node name
arm64: dts: amlogic: meson-gxbb-kii-pro: fix led node name
arm64: dts: amlogic: meson-sm1-odroid-hc4: fix active fan thermal trip
locking/rwsem: Optimize down_read_trylock() under highly contended case
locking/rwsem: Disable preemption in all down_read*() and up_read() code paths
arm64: dts: renesas: beacon-renesom: Fix gpio expander reference
arm64: dts: meson: bananapi-m5: switch VDDIO_C pin to OPEN_DRAIN
ARM: dts: sun8i: nanopi-duo2: Fix regulator GPIO reference
ARM: dts: imx7s: correct iomuxc gpr mux controller cells
arm64: dts: mt8192: Fix CPU map for single-cluster SoC
arm64: dts: mediatek: mt7622: Add missing pwm-cells to pwm node
blk-mq: avoid sleep in blk_mq_alloc_request_hctx
blk-mq: remove stale comment for blk_mq_sched_mark_restart_hctx
blk-mq: correct stale comment of .get_budget
arm64: dts: qcom: msm8992-lg-bullhead: Correct memory overlaps with the SMEM and MPSS memory regions
s390/dasd: Fix potential memleak in dasd_eckd_init()
sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity()
sched/rt: pick_next_rt_entity(): check list_entry
x86/perf/zhaoxin: Add stepping check for ZXC
KEYS: asymmetric: Fix ECDSA use via keyctl uapi
arm64: dts: qcom: pmk8350: Specify PBS register for PON
arm64: dts: qcom: pmk8350: Use the correct PON compatible
block: bio-integrity: Copy flags when bio_integrity_payload is cloned
wifi: rsi: Fix memory leak in rsi_coex_attach()
wifi: rtlwifi: rtl8821ae: don't call kfree_skb() under spin_lock_irqsave()
wifi: rtlwifi: rtl8188ee: don't call kfree_skb() under spin_lock_irqsave()
wifi: rtlwifi: rtl8723be: don't call kfree_skb() under spin_lock_irqsave()
wifi: iwlegacy: common: don't call dev_kfree_skb() under spin_lock_irqsave()
wifi: libertas: fix memory leak in lbs_init_adapter()
wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave()
wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit()
libbpf: Fix btf__align_of() by taking into account field offsets
wifi: ipw2x00: don't call dev_kfree_skb() under spin_lock_irqsave()
wifi: ipw2200: fix memory leak in ipw_wdev_init()
wifi: wilc1000: fix potential memory leak in wilc_mac_xmit()
wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()
wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid()
wifi: libertas_tf: don't call kfree_skb() under spin_lock_irqsave()
wifi: libertas: if_usb: don't call kfree_skb() under spin_lock_irqsave()
wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave()
wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave()
wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave()
crypto: x86/ghash - fix unaligned access in ghash_setkey()
ACPICA: Drop port I/O validation for some regions
genirq: Fix the return type of kstat_cpu_irqs_sum()
rcu-tasks: Improve comments explaining tasks_rcu_exit_srcu purpose
rcu-tasks: Remove preemption disablement around srcu_read_[un]lock() calls
rcu-tasks: Fix synchronize_rcu_tasks() VS zap_pid_ns_processes()
lib/mpi: Fix buffer overrun when SG is too long
crypto: ccp - Avoid page allocation failure warning for SEV_GET_ID2
ACPICA: nsrepair: handle cases without a return value correctly
thermal/drivers/tsens: Drop msm8976-specific defines
thermal/drivers/tsens: Add compat string for the qcom,msm8960
thermal/drivers/tsens: Sort out msm8976 vs msm8956 data
thermal/drivers/tsens: fix slope values for msm8939
thermal/drivers/tsens: limit num_sensors to 9 for msm8939
wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU
wifi: orinoco: check return value of hermes_write_wordrec()
wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function
ath9k: hif_usb: simplify if-if to if-else
ath9k: htc: clean up statistics macros
wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails
wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()
wifi: ath11k: Fix memory leak in ath11k_peer_rx_frag_setup
wifi: cfg80211: Fix extended KCK key length check in nl80211_set_rekey_data()
ACPI: battery: Fix missing NUL-termination with large strings
crypto: ccp - Failure on re-initialization due to duplicate sysfs filename
crypto: essiv - Handle EBUSY correctly
crypto: seqiv - Handle EBUSY correctly
powercap: fix possible name leak in powercap_register_zone()
x86: Mark stop_this_cpu() __noreturn
x86/microcode: Rip out the OLD_INTERFACE
x86/microcode: Default-disable late loading
x86/microcode: Print previous version of microcode after reload
x86/microcode: Add a parameter to microcode_check() to store CPU capabilities
x86/microcode: Check CPU capabilities after late microcode update correctly
x86/microcode: Adjust late loading result reporting message
crypto: xts - Handle EBUSY correctly
leds: led-class: Add missing put_device() to led_put()
crypto: ccp - Refactor out sev_fw_alloc()
crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware
bpftool: profile online CPUs instead of possible
mt76: mt7915: fix polling firmware-own status
net/mlx5: Enhance debug print in page allocation failure
irqchip: Fix refcount leak in platform_irqchip_probe
irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains
irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe
irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe
s390/mem_detect: fix detect_memory() error handling
s390/vmem: fix empty page tables cleanup under KASAN
net: add sock_init_data_uid()
tun: tun_chr_open(): correctly initialize socket uid
tap: tap_open(): correctly initialize socket uid
OPP: fix error checking in opp_migrate_dentry()
Bluetooth: L2CAP: Fix potential user-after-free
Bluetooth: hci_qca: get wakeup status from serdev device handle
s390/ap: fix status returned by ap_aqic()
s390/ap: fix status returned by ap_qact()
libbpf: Fix alen calculation in libbpf_nla_dump_errormsg()
rds: rds_rm_zerocopy_callback() correct order for list_add_tail()
crypto: rsa-pkcs1pad - Use akcipher_request_complete
m68k: /proc/hardware should depend on PROC_FS
RISC-V: time: initialize hrtimer based broadcast clock event device
wifi: iwl3945: Add missing check for create_singlethread_workqueue
wifi: iwl4965: Add missing check for create_singlethread_workqueue()
wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize()
selftests/bpf: Fix out-of-srctree build
ACPI: resource: Add IRQ overrides for MAINGEAR Vector Pro 2 models
ACPI: resource: Do IRQ override on all TongFang GMxRGxx
crypto: crypto4xx - Call dma_unmap_page when done
wifi: mac80211: make rate u32 in sta_set_rate_info_rx()
thermal/drivers/hisi: Drop second sensor hi3660
can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a bus error
bpf: Fix global subprog context argument resolution logic
irqchip/irq-brcmstb-l2: Set IRQ_LEVEL for level triggered interrupts
irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts
selftests/net: Interpret UDP_GRO cmsg data as an int value
l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
net: bcmgenet: fix MoCA LED control
selftest: fib_tests: Always cleanup before exit
sefltests: netdevsim: wait for devlink instance after netns removal
drm: Fix potential null-ptr-deref due to drmm_mode_config_init()
drm/fourcc: Add missing big-endian XRGB1555 and RGB565 formats
drm/bridge: ti-sn65dsi83: Fix delay after reset deassert to match spec
drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC
drm/bridge: megachips: Fix error handling in i2c_register_driver()
drm/vkms: Fix memory leak in vkms_init()
drm/vkms: Fix null-ptr-deref in vkms_release()
drm/vc4: dpi: Add option for inverting pixel clock and output enable
drm/vc4: dpi: Fix format mapping for RGB565
drm: tidss: Fix pixel format definition
gpu: ipu-v3: common: Add of_node_put() for reference returned by of_graph_get_port_by_id()
hwmon: (ftsteutates) Fix scaling of measurements
drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
pinctrl: qcom: pinctrl-msm8976: Correct function names for wcss pins
pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
drm/vc4: hvs: Set AXI panic modes
drm/vc4: hvs: Fix colour order for xRGB1555 on HVS5
drm/vc4: hdmi: Correct interlaced timings again
drm/msm: clean event_thread->worker in case of an error
scsi: qla2xxx: edif: Fix I/O timeout due to over-subscription
scsi: qla2xxx: Fix exchange oversubscription
scsi: qla2xxx: Fix exchange oversubscription for management commands
ASoC: fsl_sai: Update to modern clocking terminology
ASoC: fsl_sai: initialize is_dsp_mode flag
drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
ALSA: hda/ca0132: minor fix for allocation size
drm/msm/gem: Add check for kmalloc
drm/msm/dpu: Disallow unallocated resources to be returned
drm/bridge: lt9611: fix sleep mode setup
drm/bridge: lt9611: fix HPD reenablement
drm/bridge: lt9611: fix polarity programming
drm/bridge: lt9611: fix programming of video modes
drm/bridge: lt9611: fix clock calculation
drm/bridge: lt9611: pass a pointer to the of node
drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness
drm: exynos: dsi: Fix MIPI_DSI*_NO_* mode flags
drm/msm/dsi: Allow 2 CTRLs on v2.5.0
drm/msm: use strscpy instead of strncpy
drm/msm/dpu: Add check for cstate
drm/msm/dpu: Add check for pstates
drm/msm/mdp5: Add check for kzalloc
pinctrl: bcm2835: Remove of_node_put() in bcm2835_of_gpio_ranges_fallback()
pinctrl: mediatek: fix coding style
pinctrl: mediatek: Initialize variable pullen and pullup to zero
pinctrl: mediatek: Initialize variable *buf to zero
gpu: host1x: Don't skip assigning syncpoints to channels
drm/tegra: firewall: Check for is_addr_reg existence in IMM check
drm/msm/dpu: set pdpu->is_rt_pipe early in dpu_plane_sspp_atomic_update()
drm/mediatek: dsi: Reduce the time of dsi from LP11 to sending cmd
drm/mediatek: Use NULL instead of 0 for NULL pointer
drm/mediatek: Drop unbalanced obj unref
drm/mediatek: mtk_drm_crtc: Add checks for devm_kcalloc
drm/mediatek: Clean dangling pointer on bind error path
ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress()
gpio: vf610: connect GPIO label to dev name
spi: dw_bt1: fix MUX_MMIO dependencies
ASoC: mchp-spdifrx: fix controls which rely on rsr register
ASoC: mchp-spdifrx: fix return value in case completion times out
ASoC: mchp-spdifrx: fix controls that works with completion mechanism
ASoC: mchp-spdifrx: disable all interrupts in mchp_spdifrx_dai_remove()
ASoC: rsnd: fixup #endif position
ASoC: mchp-spdifrx: Fix uninitialized use of mr in mchp_spdifrx_hw_params()
ASoC: dt-bindings: meson: fix gx-card codec node regex
hwmon: (ltc2945) Handle error case in ltc2945_value_store
drm/amdgpu: fix enum odm_combine_mode mismatch
scsi: mpt3sas: Fix a memory leak
scsi: aic94xx: Add missing check for dma_map_single()
HID: multitouch: Add quirks for flipped axes
HID: retain initial quirks set up when creating HID devices
ASoC: codecs: Change bulk clock voting to optional voting in digital codecs
ASoC: codecs: rx-macro: move clk provider to managed variants
ASoC: codecs: tx-macro: move clk provider to managed variants
ASoC: codecs: rx-macro: move to individual clks from bulk
ASoC: codecs: tx-macro: move to individual clks from bulk
ASoC: codecs: lpass: fix incorrect mclk rate
spi: bcm63xx-hsspi: Fix multi-bit mode setting
hwmon: (mlxreg-fan) Return zero speed for broken fan
ASoC: tlv320adcx140: fix 'ti,gpio-config' DT property init
dm: remove flush_scheduled_work() during local_exit()
NFSv4: keep state manager thread active if swap is enabled
nfs4trace: fix state manager flag printing
NFS: fix disabling of swap
spi: synquacer: Fix timeout handling in synquacer_spi_transfer_one()
ASoC: soc-dapm.h: fixup warning struct snd_pcm_substream not declared
HID: bigben: use spinlock to protect concurrent accesses
HID: bigben_worker() remove unneeded check on report_field
HID: bigben: use spinlock to safely schedule workers
hid: bigben_probe(): validate report count
drm/shmem-helper: Fix locking for drm_gem_shmem_get_pages_sgt()
nfsd: fix race to check ls_layouts
cifs: Fix lost destroy smbd connection when MR allocate failed
cifs: Fix warning and UAF when destroy the MR list
gfs2: jdata writepage fix
perf llvm: Fix inadvertent file creation
leds: led-core: Fix refcount leak in of_led_get()
perf inject: Use perf_data__read() for auxtrace
perf intel-pt: Add documentation for Event Trace and TNT disable
perf intel-pt: Add link to the perf wiki's Intel PT page
perf intel-pt: Add support for emulated ptwrite
perf intel-pt: Do not try to queue auxtrace data on pipe
perf tools: Fix auto-complete on aarch64
sparc: allow PM configs for sparc32 COMPILE_TEST
selftests/ftrace: Fix bash specific "==" operator
printf: fix errname.c list
objtool: add UACCESS exceptions for __tsan_volatile_read/write
mfd: cs5535: Don't build on UML
mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read()
dmaengine: idxd: Set traffic class values in GRPCFG on DSA 2.0
dmaengine: HISI_DMA should depend on ARCH_HISI
iio: light: tsl2563: Do not hardcode interrupt trigger type
usb: gadget: fusb300_udc: free irq on the error path in fusb300_probe()
i2c: designware: fix i2c_dw_clk_rate() return size to be u32
soundwire: cadence: Don't overflow the command FIFOs
driver core: fix potential null-ptr-deref in device_add()
kobject: modify kobject_get_path() to take a const *
kobject: Fix slab-out-of-bounds in fill_kobj_path()
alpha/boot/tools/objstrip: fix the check for ELF header
media: uvcvideo: Do not check for V4L2_CTRL_WHICH_DEF_VAL
media: uvcvideo: Remove s_ctrl and g_ctrl
media: uvcvideo: refactor __uvc_ctrl_add_mapping
media: uvcvideo: Add support for V4L2_CTRL_TYPE_CTRL_CLASS
media: uvcvideo: Use control names from framework
media: uvcvideo: Check controls flags before accessing them
media: uvcvideo: Check for INACTIVE in uvc_ctrl_is_accessible()
coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR
coresight: cti: Prevent negative values of enable count
coresight: cti: Add PM runtime call in enable_store
ACPI: resource: Add helper function acpi_dev_get_memory_resources()
usb: typec: intel_pmc_mux: Use the helper acpi_dev_get_memory_resources()
usb: typec: intel_pmc_mux: Don't leak the ACPI device reference count
PCI/IOV: Enlarge virtfn sysfs name buffer
PCI: switchtec: Return -EFAULT for copy_to_user() errors
tty: serial: fsl_lpuart: disable Rx/Tx DMA in lpuart32_shutdown()
tty: serial: fsl_lpuart: clear LPUART Status Register in lpuart32_shutdown()
serial: tegra: Add missing clk_disable_unprepare() in tegra_uart_hw_init()
Revert "char: pcmcia: cm4000_cs: Replace mdelay with usleep_range in set_protocol"
eeprom: idt_89hpesx: Fix error handling in idt_init()
applicom: Fix PCI device refcount leak in applicom_init()
firmware: stratix10-svc: add missing gen_pool_destroy() in stratix10_svc_drv_probe()
VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF
misc/mei/hdcp: Use correct macros to initialize uuid_le
driver core: fix resource leak in device_add()
drivers: base: transport_class: fix possible memory leak
drivers: base: transport_class: fix resource leak when transport_add_device() fails
firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle
fotg210-udc: Add missing completion handler
dmaengine: dw-edma: Fix missing src/dst address of interleaved xfers
usb: early: xhci-dbc: Fix a potential out-of-bound memory access
tty: serial: fsl_lpuart: Fix the wrong RXWATER setting for rx dma case
RDMA/cxgb4: add null-ptr-check after ip_dev_find()
usb: musb: mediatek: don't unregister something that wasn't registered
usb: gadget: configfs: use to_config_usb_cfg() in os_desc_link()
usb: gadget: configfs: use to_usb_function_instance() in cfg (un)link func
usb: gadget: configfs: remove using list iterator after loop body as a ptr
usb: gadget: configfs: Restrict symlink creation is UDC already binded
iommu/vt-d: Set No Execute Enable bit in PASID table entry
power: supply: remove faulty cooling logic
RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()
usb: max-3421: Fix setting of I/O pins
RDMA/irdma: Cap MSIX used to online CPUs + 1
serial: fsl_lpuart: fix RS485 RTS polariy inverse issue
tty: serial: imx: Handle RS485 DE signal active high
tty: serial: imx: disable Ageing Timer interrupt request irq
dmaengine: dw-edma: Fix readq_ch() return value truncation
phy: rockchip-typec: fix tcphy_get_mode error case
iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry()
iommu: Fix error unwind in iommu_group_alloc()
dmaengine: sf-pdma: pdma_desc memory leak fix
dmaengine: dw-axi-dmac: Do not dereference NULL structure
iommu/vt-d: Fix error handling in sva enable/disable paths
iommu/vt-d: Remove duplicate identity domain flag
iommu/vt-d: Check FL and SL capability sanity in scalable mode
iommu/vt-d: Use second level for GPA->HPA translation
iommu/vt-d: Allow to use flush-queue when first level is default
IB/hfi1: Fix math bugs in hfi1_can_pin_pages()
IB/hfi1: Fix sdma.h tx->num_descs off-by-one errors
remoteproc: qcom_q6v5_mss: Use a carveout to authenticate modem headers
media: ti: cal: fix possible memory leak in cal_ctx_create()
media: platform: ti: Add missing check for devm_regulator_get
powerpc: Remove linker flag from KBUILD_AFLAGS
s390/vdso: remove -nostdlib compiler flag
s390/vdso: Drop '-shared' from KBUILD_CFLAGS_64
builddeb: clean generated package content
media: max9286: Fix memleak in max9286_v4l2_register()
media: ov2740: Fix memleak in ov2740_init_controls()
media: ov5675: Fix memleak in ov5675_init_controls()
media: i2c: ov772x: Fix memleak in ov772x_probe()
media: i2c: imx219: Split common registers from mode tables
media: i2c: imx219: Fix binning for RAW8 capture
media: v4l2-jpeg: correct the skip count in jpeg_parse_app14_data
media: v4l2-jpeg: ignore the unknown APP14 marker
media: imx-jpeg: Apply clk_bulk api instead of operating specific clk
media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
media: i2c: ov7670: 0 instead of -EINVAL was returned
media: usb: siano: Fix use after free bugs caused by do_submit_urb
media: saa7134: Use video_unregister_device for radio_dev
rpmsg: glink: Avoid infinite loop on intent for missing channel
udf: Define EFSCORRUPTED error code
ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy
blk-iocost: fix divide by 0 error in calc_lcoefs()
trace/blktrace: fix memory leak with using debugfs_lookup()
wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()
rcu: Make RCU_LOCKDEP_WARN() avoid early lockdep checks
rcu: Suppress smp_processor_id() complaint in synchronize_rcu_expedited_wait()
rcu-tasks: Make rude RCU-Tasks work well with CPU hotplug
wifi: ath11k: debugfs: fix to work with multiple PCI devices
thermal: intel: Fix unsigned comparison with less than zero
timers: Prevent union confusion from unexpected restart_syscall()
x86/bugs: Reset speculation control settings on init
wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds
wifi: mt7601u: fix an integer underflow
inet: fix fast path in __inet_hash_connect()
ice: restrict PTP HW clock freq adjustments to 100, 000, 000 PPB
ice: add missing checks for PF vsi type
ACPI: Don't build ACPICA with '-Os'
thermal: intel: intel_pch: Add support for Wellsburg PCH
clocksource: Suspend the watchdog temporarily when high read latency detected
crypto: hisilicon: Wipe entire pool on error
net: bcmgenet: Add a check for oversized packets
m68k: Check syscall_trace_enter() return code
netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj()
tools/power/x86/intel-speed-select: Add Emerald Rapid quirk
wifi: mt76: dma: free rx_head in mt76_dma_rx_cleanup
ACPI: video: Fix Lenovo Ideapad Z570 DMI match
net/mlx5: fw_tracer: Fix debug print
coda: Avoid partial allocation of sig_inputArgs
uaccess: Add minimum bounds check on kernel buffer size
s390/idle: mark arch_cpu_idle() noinstr
time/debug: Fix memory leak with using debugfs_lookup()
PM: domains: fix memory leak with using debugfs_lookup()
PM: EM: fix memory leak with using debugfs_lookup()
Bluetooth: btusb: Add VID:PID 13d3:3529 for Realtek RTL8821CE
hv_netvsc: Check status in SEND_RNDIS_PKT completion message
scm: add user copy checks to put_cmsg()
drm/amd/display: Revert Reduce delay when sink device not able to ACK 00340h write
drm/amd/display: Fix potential null-deref in dm_resume
drm/omap: dsi: Fix excessive stack usage
HID: Add Mapping for System Microphone Mute
drm/tiny: ili9486: Do not assume 8-bit only SPI controllers
drm/radeon: free iio for atombios when driver shutdown
scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
Revert "fbcon: don't lose the console font across generic->chip driver switch"
drm: amd: display: Fix memory leakage
drm/msm/dsi: Add missing check for alloc_ordered_workqueue
docs/scripts/gdb: add necessary make scripts_gdb step
ASoC: soc-compress: Reposition and add pcm_mutex
ASoC: kirkwood: Iterate over array indexes instead of using pointer math
regulator: max77802: Bounds check regulator id against opmode
regulator: s5m8767: Bounds check id indexing into arrays
gfs2: Improve gfs2_make_fs_rw error handling
hwmon: (coretemp) Simplify platform device handling
pinctrl: at91: use devm_kasprintf() to avoid potential leaks
scsi: snic: Fix memory leak with using debugfs_lookup()
HID: logitech-hidpp: Don't restart communication if not necessary
drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5
dm thin: add cond_resched() to various workqueue loops
dm cache: add cond_resched() to various workqueue loops
nfsd: zero out pointers after putting nfsd_files on COPY setup error
drm/shmem-helper: Revert accidental non-GPL export
wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu
firmware: coreboot: framebuffer: Ignore reserved pixel color bits
block: don't allow multiple bios for IOCB_NOWAIT issue
rtc: pm8xxx: fix set-alarm race
ipmi:ssif: resend_msg() cannot fail
ipmi_ssif: Rename idle state and check
s390/extmem: return correct segment type in __segment_load()
s390: discard .interp section
s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler
s390/kprobes: fix current_kprobe never cleared after kprobes reenter
cifs: Fix uninitialized memory read in smb3_qfs_tcon()
btrfs: hold block group refcount during async discard
locking/rwsem: Prevent non-first waiter from spinning in down_write() slowpath
ksmbd: fix wrong data area length for smb2 lock request
ksmbd: do not allow the actual frame length to be smaller than the rfc1002 length
ARM: dts: exynos: correct HDMI phy compatible in Exynos4
hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
fs: hfsplus: fix UAF issue in hfsplus_put_super
exfat: fix reporting fs error when reading dir beyond EOF
exfat: fix unexpected EOF while reading dir
exfat: redefine DIR_DELETED as the bad cluster number
exfat: fix inode->i_blocks for non-512 byte sector size device
fs: dlm: don't set stop rx flag after node reset
fs: dlm: move sending fin message into state change handling
fs: dlm: send FIN ack back in right cases
f2fs: fix information leak in f2fs_move_inline_dirents()
f2fs: fix cgroup writeback accounting with fs-layer encryption
ocfs2: fix defrag path triggering jbd2 ASSERT
ocfs2: fix non-auto defrag path not working issue
selftests/landlock: Skip overlayfs tests when not supported
selftests/landlock: Test ptrace as much as possible with Yama
udf: Truncate added extents on failed expansion
udf: Do not bother merging very long extents
udf: Do not update file length for failed writes to inline files
udf: Preserve link count of system files
udf: Detect system inodes linked into directory hierarchy
udf: Fix file corruption when appending just after end of preallocated extent
RDMA/siw: Fix user page pinning accounting
KVM: Destroy target device if coalesced MMIO unregistration fails
KVM: x86: Inject #GP if WRMSR sets reserved bits in APIC Self-IPI
KVM: SVM: Fix potential overflow in SEV's send|receive_update_data()
KVM: SVM: hyper-v: placate modpost section mismatch error
KVM: s390: disable migration mode when dirty tracking is disabled
x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows)
x86/crash: Disable virt in core NMI crash handler to avoid double shootdown
x86/reboot: Disable virtualization in an emergency if SVM is supported
x86/reboot: Disable SVM, not just VMX, when stopping CPUs
x86/kprobes: Fix __recover_optprobed_insn check optimizing logic
x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range
x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter
x86/microcode/AMD: Add a @cpu parameter to the reloading functions
x86/microcode/AMD: Fix mixed steppings support
x86/speculation: Allow enabling STIBP with legacy IBRS
Documentation/hw-vuln: Document the interaction between IBRS and STIBP
brd: return 0/-error from brd_insert_page()
ima: Align ima_file_mmap() parameters with mmap_file LSM hook
irqdomain: Fix association race
irqdomain: Fix disassociation race
irqdomain: Look for existing mapping only once
irqdomain: Drop bogus fwspec-mapping error handling
irqdomain: Fix domain registration race
crypto: qat - fix out-of-bounds read
io_uring: handle TIF_NOTIFY_RESUME when checking for task_work
io_uring: mark task TASK_RUNNING before handling resume/task work
io_uring: add a conditional reschedule to the IOPOLL cancelation loop
io_uring/rsrc: disallow multi-source reg buffers
io_uring: remove MSG_NOSIGNAL from recvmsg
io_uring/poll: allow some retries for poll triggering spuriously
ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls()
ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC
jbd2: fix data missing when reusing bh which is ready to be checkpointed
ext4: optimize ea_inode block expansion
ext4: refuse to create ea block when umounted
mtd: spi-nor: sfdp: Fix index value for SCCR dwords
mtd: spi-nor: spansion: Consider reserved bits in CFR5 register
mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
dm: send just one event on resize, not two
dm: add cond_resched() to dm_wq_work()
wifi: rtl8xxxu: Use a longer retry limit of 48
wifi: ath11k: allow system suspend to survive ath11k
wifi: cfg80211: Fix use after free for wext
qede: fix interrupt coalescing configuration
thermal: intel: powerclamp: Fix cur_state for multi package system
dm flakey: fix logic when corrupting a bio
dm flakey: don't corrupt the zero page
dm flakey: fix a bug with 32-bit highmem systems
ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node
ARM: dts: exynos: correct TMU phandle in Exynos4210
ARM: dts: exynos: correct TMU phandle in Exynos4
ARM: dts: exynos: correct TMU phandle in Odroid XU3 family
ARM: dts: exynos: correct TMU phandle in Exynos5250
ARM: dts: exynos: correct TMU phandle in Odroid XU
ARM: dts: exynos: correct TMU phandle in Odroid HC1
fuse: add inode/permission checks to fileattr_get/fileattr_set
rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
ceph: update the time stamps and try to drop the suid/sgid
alpha: fix FEN fault handling
dax/kmem: Fix leak of memory-hotplug resources
mips: fix syscall_get_nr
media: ipu3-cio2: Fix PM runtime usage_count in driver unbind
remoteproc/mtk_scp: Move clk ops outside send_lock
docs: gdbmacros: print newest record
mm: memcontrol: deprecate charge moving
mm/thp: check and bail out if page in deferred queue already
ktest.pl: Give back console on Ctrt^C on monitor
ktest.pl: Fix missing "end_monitor" when machine check fails
ktest.pl: Add RUN_TIMEOUT option with default unlimited
ring-buffer: Handle race between rb_move_tail and rb_check_pages
tools/bootconfig: fix single & used for logical condition
scsi: qla2xxx: Fix link failure in NPIV environment
scsi: qla2xxx: Check if port is online before sending ELS
scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests
scsi: qla2xxx: Remove unintended flag clearing
scsi: qla2xxx: Fix erroneous link down
scsi: qla2xxx: Remove increment of interface err cnt
scsi: ses: Don't attach if enclosure has no components
scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()
scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses
scsi: ses: Fix possible desc_ptr out-of-bounds accesses
scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()
RISC-V: add a spin_shadow_stack declaration
riscv: mm: fix regression due to update_mmu_cache change
riscv: jump_label: Fixup unaligned arch_static_branch function
riscv, mm: Perform BPF exhandler fixup on page fault
riscv: ftrace: Remove wasted nops for !RISCV_ISA_C
riscv: ftrace: Reduce the detour code size to half
MIPS: DTS: CI20: fix otg power gpio
PCI/PM: Observe reset delay irrespective of bridge_d3
PCI: hotplug: Allow marking devices as disconnected during bind/unbind
PCI: Avoid FLR for AMD FCH AHCI adapters
iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode
vfio/type1: prevent underflow of locked_vm via exec()
vfio/type1: track locked_vm per dma
vfio/type1: restore locked_vm
drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv
drm/radeon: Fix eDP for single-display iMac11,2
drm/i915: Don't use BAR mappings for ring buffers with LLC
drm/edid: fix AVI infoframe aspect ratio handling
perf intel-pt: pkt-decoder: Add CFE and EVD packets
qede: avoid uninitialized entries in coal_entry array
media: uvcvideo: Fix memory leak of object map on error exit path
iommu/vt-d: Fix an unbalanced rcu_read_lock/rcu_read_unlock()
arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY
wifi: ath9k: use proper statements in conditionals
kbuild: Port silent mode detection to future gnu make.
Linux 5.15.99
Change-Id: I52781008c0a83946c09698b9b5625a5f7ee2e545
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit 287479f403.
It causes merge conflicts with the upstream release of 5.15.99 as the
code it modifies is removed entirely there as it is buggy.
If this really needs to come back, please resubmit it in a way that can
work properly.
Bug: 211709650
Cc: Manaf Meethalavalappu Pallikunhi <quic_manafm@quicinc.com>
Change-Id: I8311d1c3a60f2189bfe6a213495d98bb6fa0a3f3
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit 2d80f682ca.
It causes merge conflicts with the upstream release of 5.15.99 as the
code it modifies is removed entirely there as it is buggy.
If this really needs to come back, please resubmit it in a way that can
work properly.
Bug: 211709650
Cc: Manaf Meethalavalappu Pallikunhi <quic_manafm@quicinc.com>
Change-Id: Ice34a04f94e416a04d70f116c212fd1e86cf5567
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit ca743f9d51, which rolls back
to mainline.
Bug: 270741871
Change-Id: I0928faebe141409eebcd70305c1a33a0c1e13536
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
If CONFIG_LOCKDEP is enabled, export `sched_domains_mutex` as it is
indirectly accessed by the macro `for_each_domain()`. This allows
vendors to call the `for_each_domain()` macro with CONFIG_LOCKDEP
enabled via the GKI_BUILD_CONFIG_FRAGMENT.
Bug: 176254015
Signed-off-by: Daniel Mentz <danielmentz@google.com>
Change-Id: Ia9f2989de41b2224c63855f2fd129cbeeac4f195
Signed-off-by: Will McVicker <willmcvicker@google.com>
(cherry picked from commit 7171a5de98)
The following change: 16d9a0f908 ("ANDROID: KVM: arm64: Rename nVHE
hyp event ELF sections") Interverted the hyp events with the hypervisor
read-only sections. This had the side-effect of breaking the alignment
for idmap_pg_dir.
Bug: 273752182
Change-Id: I50a2220aa93b10d97e20d794b0283aa9e18839c1
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
Adding the following symbols:
- usb_udc_vbus_handler
Bug: 267846601
Change-Id: I5282adb6350ae91758f6ec3f8462aba57f37ce79
Signed-off-by: Ray Chi <raychi@google.com>
do_req_filebacked() calls blk_mq_complete_request() synchronously or
asynchronously when using asynchronous I/O unless memory allocation fails.
Hence, modify loop_handle_cmd() such that it does not dereference 'cmd' nor
'rq' after do_req_filebacked() finished unless we are sure that the request
has not yet been completed. This patch fixes the following kernel crash:
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000054
Call trace:
css_put.42938+0x1c/0x1ac
loop_process_work+0xc8c/0xfd4
loop_rootcg_workfn+0x24/0x34
process_one_work+0x244/0x558
worker_thread+0x400/0x8fc
kthread+0x16c/0x1e0
ret_from_fork+0x10/0x20
Cc: Christoph Hellwig <hch@lst.de>
Cc: Ming Lei <ming.lei@redhat.com>
Cc: Jan Kara <jack@suse.cz>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Dan Schatzberg <schatzberg.dan@gmail.com>
Fixes: c74d40e8b5 ("loop: charge i/o to mem and blk cg")
Fixes: bc07c10a36 ("block: loop: support DIO & AIO")
Change-Id: I42284fbd98e9c28bacfe71c5958353a55a296e77
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Bug: 267551550
Link: https://lore.kernel.org/linux-block/20230314182155.80625-1-bvanassche@acm.org/T/#u
Signed-off-by: Bart Van Assche <bvanassche@google.com>
AF_RXRPC imposes a 49 char limit on UTS_RELEASE, but building with
BUILD_NUMBER=P12345678 bazel build //common:kernel_x86_64_allmodconfig --config=stamp
requires more than 49 chars in UTS_RELEASE. Hence, this module
is disabled for allmodconfig.
Bug: 273576197
Test: ABTD
Change-Id: Ife604db109f870eda2fdbc0668d6bd1f4e4e906e
Signed-off-by: Yifan Hong <elsk@google.com>
Since the Exynos UFS host controller driver is supported by the GKI
kernel, CONFIG_SCSI_UFS_VARIABLE_SG_ENTRY_SIZE needs to be enabled.
This CL is necessary because the Pixel 6/7 Exynos UFS host controller
driver is not upstream and because the kernel configuration symbol that
controls whether or not that driver is built is not present in the
upstream kernel either (CONFIG_SCSI_UFS_EXYNOS_GS).
Bug: 271162672
Change-Id: Ib74f2c2638b8de272edfb2b2e4d2d9f006468e51
Signed-off-by: Robin Peng <robinpeng@google.com>
[ bvanassche: modified CL title and rewrote CL description ]
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Since evicting inodes triggers writes to the backing file, which uses
the mi_owner field from the mount_info struct, make sure inodes are
evicted before we free the mount_info data
Test: incfs_test
Bug: 270117845
Change-Id: I673b2e0e04b5adc3998caf6f22443598a30338af
Signed-off-by: Paul Lawrence <paullawrence@google.com>
kvm-arm.protected_modules="" takes a list of modules that pKVM will load
before de-privileging the host. This is necessary as no loading will be
allowed later.
We can't rely on request_module() that might be disabled by umh's
configuration. Instead, create our own version, locked by the pKVM/KVM
static keys and marked as __init to be cleared once the kernel init is
done. Belt and braces.
Keep the previous kvm-arm.protected_modules for compatibility.
Bug: 254835242
Change-Id: Ia6881b4c7a60cf81d19ead12c5d4638a27eff3eb
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
In preparation for early loading of pKVM modules (i.e. before
deprivilege), move the pKVM finalization in device_initcall. This is
needed as modules are found in the initramfs whom unpack starts in the
previous initcall.
A deprivilege failure now ends-up in erasing the PVM firmware and simply
prevent loading of any protected VM.
As an interesting side effect, it also allows us to mark the module
loading functions as __init. Those functions will then be erased once
the init is complete, reducing the attack surface.
Bug: 254835242
Change-Id: Ifab4b9167b8924222bc8b6c2a0af529a3f8540c0
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
While introducing ("KVM: arm64: Rework pKVM module locking") some bits
have been missed. Remove them.
Bug: 254835242
Change-Id: Ib2b5c84c6d900cfa452232c9ec62483dd230af0c
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
Early loading of pKVM modules (i.e. before deprivilege) implies to let
the kernel call modprobe. Notice this doesn't really enable
request_module: UMH is still "disabled" due to
CONFIG_STATIC_USERMODEHELPER_PATH="".
Bug: 254835242
Change-Id: I753ac4177e5017f7d913804bb8439f676d7c2fd8
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
Align with the host tracing events by adding another layer in the event
path. As no group exists at the moment, move all of them in a common
hyp/ one.
Bug: 249050813
Change-Id: I4c77d1ec676f896bba77f147e0a4b30bc9c92606
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
Some userspace tools might poke hyp tracing files without a newline
char. Accomodate for them.
Bug: 249050813
Change-Id: I2641080897646dcd299ca491a562b36a7b9b22dc
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
The nVHE hypervisor having no way of telling the host events occured,
the host needs to poll. A second long period has been proven to be a bit
too light compared to storm of events that can occur during this window.
Make it 10x shorter.
Bug: 249050813
Change-Id: I4ff243aff615f0a7d40193485b3da8970feeb5d2
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
Some entry and exit points were not covered. This hopefully won't miss
anything: each SMC call is exiting EL2 and when a CPU is being turned on,
it goes directly through kvm_host_psci_cpu_entry().
Bug: 249050813
Change-Id: Ie88d36df249cb6f0f8e8a49df20654b0628d43d5
Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
