Leaf changes summary: 4 artifacts changed (1 filtered out)
Changed leaf types summary: 4 (1 filtered out) leaf types changed
Removed/Changed/Added functions summary: 0 Removed, 0 Changed, 0 Added function
Removed/Changed/Added variables summary: 0 Removed, 0 Changed, 0 Added variable
'struct net_device at netdevice.h:1747:1' changed:
type size hasn't changed
there are data member changes:
'possible_net_t net_device::nd_net' size changed from 0 to 64 (in bits) (by +64 bits)
offset changed from 9472 to 9536 (in bits) (by +64 bits)
'device net_device::dev' offset changed from 9536 to 9600 (in bits) (by +64 bits)
'const attribute_group* net_device::sysfs_groups[4]' offset changed from 15744 to 15808 (in bits) (by +64 bits)
'const attribute_group* net_device::sysfs_rx_queue_group' offset changed from 16000 to 16064 (in bits) (by +64 bits)
'const rtnl_link_ops* net_device::rtnl_link_ops' offset changed from 16064 to 16128 (in bits) (by +64 bits)
'unsigned int net_device::gso_max_size' offset changed from 16128 to 16192 (in bits) (by +64 bits)
'u16 net_device::gso_max_segs' offset changed from 16160 to 16224 (in bits) (by +64 bits)
's16 net_device::num_tc' offset changed from 16176 to 16240 (in bits) (by +64 bits)
'netdev_tc_txq net_device::tc_to_txq[16]' offset changed from 16192 to 16256 (in bits) (by +64 bits)
'u8 net_device::prio_tc_map[16]' offset changed from 16704 to 16768 (in bits) (by +64 bits)
'phy_device* net_device::phydev' offset changed from 16832 to 16896 (in bits) (by +64 bits)
'sfp_bus* net_device::sfp_bus' offset changed from 16896 to 16960 (in bits) (by +64 bits)
'lock_class_key* net_device::qdisc_tx_busylock' offset changed from 16960 to 17024 (in bits) (by +64 bits)
'lock_class_key* net_device::qdisc_running_key' offset changed from 17024 to 17088 (in bits) (by +64 bits)
'bool net_device::proto_down' offset changed from 17088 to 17152 (in bits) (by +64 bits)
95 impacted interfaces
'struct request_sock at request_sock.h:50:1' changed:
type size changed from 1728 to 1792 (in bits)
there are data member changes:
type 'struct sock_common' of 'request_sock::__req_common' changed:
, size changed from 1024 to 1088 (in bits) (by +64 bits)
'request_sock* request_sock::dl_next' offset changed from 1024 to 1088 (in bits) (by +64 bits)
'u16 request_sock::mss' offset changed from 1088 to 1152 (in bits) (by +64 bits)
'u8 request_sock::num_retrans' offset changed from 1104 to 1168 (in bits) (by +64 bits)
'u8 request_sock::num_timeout' offset changed from 1112 to 1176 (in bits) (by +64 bits)
'u32 request_sock::ts_recent' offset changed from 1120 to 1184 (in bits) (by +64 bits)
'timer_list request_sock::rsk_timer' offset changed from 1152 to 1216 (in bits) (by +64 bits)
'const request_sock_ops* request_sock::rsk_ops' offset changed from 1472 to 1536 (in bits) (by +64 bits)
'sock* request_sock::sk' offset changed from 1536 to 1600 (in bits) (by +64 bits)
'u32* request_sock::saved_syn' offset changed from 1600 to 1664 (in bits) (by +64 bits)
'u32 request_sock::secid' offset changed from 1664 to 1728 (in bits) (by +64 bits)
'u32 request_sock::peer_secid' offset changed from 1696 to 1760 (in bits) (by +64 bits)
29 impacted interfaces
'struct sock at sock.h:327:1' changed:
type size changed from 5696 to 5760 (in bits)
there are data member changes:
type 'struct sock_common' of 'sock::__sk_common' changed:
type size changed from 1024 to 1088 (in bits)
there are data member changes:
'possible_net_t sock_common::skc_net' size changed from 0 to 64 (in bits) (by +64 bits)
'in6_addr sock_common::skc_v6_daddr' offset changed from 384 to 448 (in bits) (by +64 bits)
'in6_addr sock_common::skc_v6_rcv_saddr' offset changed from 512 to 576 (in bits) (by +64 bits)
'atomic64_t sock_common::skc_cookie' offset changed from 640 to 704 (in bits) (by +64 bits)
'int sock_common::skc_dontcopy_begin[]' offset changed from 768 to 832 (in bits) (by +64 bits)
'unsigned short int sock_common::skc_tx_queue_mapping' offset changed from 896 to 960 (in bits) (by +64 bits)
'unsigned short int sock_common::skc_rx_queue_mapping' offset changed from 912 to 976 (in bits) (by +64 bits)
'refcount_t sock_common::skc_refcnt' offset changed from 960 to 1024 (in bits) (by +64 bits)
'int sock_common::skc_dontcopy_end[]' offset changed from 992 to 1056 (in bits) (by +64 bits)
29 impacted interfaces
, offset changed from 1728 to 1792 (in bits) (by +64 bits)
'int sock::sk_forward_alloc' offset changed from 1920 to 1984 (in bits) (by +64 bits)
'unsigned int sock::sk_ll_usec' offset changed from 1952 to 2016 (in bits) (by +64 bits)
'unsigned int sock::sk_napi_id' offset changed from 1984 to 2048 (in bits) (by +64 bits)
'int sock::sk_rcvbuf' offset changed from 2016 to 2080 (in bits) (by +64 bits)
'sk_filter* sock::sk_filter' offset changed from 2048 to 2112 (in bits) (by +64 bits)
offset changed from 2112 to 2176 (in bits) (by +64 bits)
'xfrm_policy* sock::sk_policy[2]' offset changed from 2176 to 2240 (in bits) (by +64 bits)
'dst_entry* sock::sk_rx_dst' offset changed from 2304 to 2368 (in bits) (by +64 bits)
'dst_entry* sock::sk_dst_cache' offset changed from 2368 to 2432 (in bits) (by +64 bits)
'atomic_t sock::sk_omem_alloc' offset changed from 2432 to 2496 (in bits) (by +64 bits)
'int sock::sk_sndbuf' offset changed from 2464 to 2528 (in bits) (by +64 bits)
'int sock::sk_wmem_queued' offset changed from 2496 to 2560 (in bits) (by +64 bits)
'refcount_t sock::sk_wmem_alloc' offset changed from 2528 to 2592 (in bits) (by +64 bits)
'unsigned long int sock::sk_tsq_flags' offset changed from 2560 to 2624 (in bits) (by +64 bits)
'sk_buff_head sock::sk_write_queue' offset changed from 2688 to 2752 (in bits) (by +64 bits)
'__s32 sock::sk_peek_off' offset changed from 2880 to 2944 (in bits) (by +64 bits)
'int sock::sk_write_pending' offset changed from 2912 to 2976 (in bits) (by +64 bits)
'__u32 sock::sk_dst_pending_confirm' offset changed from 2944 to 3008 (in bits) (by +64 bits)
'u32 sock::sk_pacing_status' offset changed from 2976 to 3040 (in bits) (by +64 bits)
'long int sock::sk_sndtimeo' offset changed from 3008 to 3072 (in bits) (by +64 bits)
'timer_list sock::sk_timer' offset changed from 3072 to 3136 (in bits) (by +64 bits)
'__u32 sock::sk_priority' offset changed from 3392 to 3456 (in bits) (by +64 bits)
'__u32 sock::sk_mark' offset changed from 3424 to 3488 (in bits) (by +64 bits)
'u32 sock::sk_pacing_rate' offset changed from 3456 to 3520 (in bits) (by +64 bits)
'u32 sock::sk_max_pacing_rate' offset changed from 3488 to 3552 (in bits) (by +64 bits)
'page_frag sock::sk_frag' offset changed from 3520 to 3584 (in bits) (by +64 bits)
'netdev_features_t sock::sk_route_caps' offset changed from 3648 to 3712 (in bits) (by +64 bits)
'netdev_features_t sock::sk_route_nocaps' offset changed from 3712 to 3776 (in bits) (by +64 bits)
'netdev_features_t sock::sk_route_forced_caps' offset changed from 3776 to 3840 (in bits) (by +64 bits)
'int sock::sk_gso_type' offset changed from 3840 to 3904 (in bits) (by +64 bits)
'unsigned int sock::sk_gso_max_size' offset changed from 3872 to 3936 (in bits) (by +64 bits)
'gfp_t sock::sk_allocation' offset changed from 3904 to 3968 (in bits) (by +64 bits)
'__u32 sock::sk_txhash' offset changed from 3936 to 4000 (in bits) (by +64 bits)
'unsigned int sock::__sk_flags_offset[]' offset changed from 3968 to 4032 (in bits) (by +64 bits)
'unsigned int sock::sk_type' offset changed from 3968 to 4032 (in bits) (by +64 bits)
'u16 sock::sk_gso_max_segs' offset changed from 4000 to 4064 (in bits) (by +64 bits)
'u8 sock::sk_pacing_shift' offset changed from 4016 to 4080 (in bits) (by +64 bits)
'unsigned long int sock::sk_lingertime' offset changed from 4032 to 4096 (in bits) (by +64 bits)
'proto* sock::sk_prot_creator' offset changed from 4096 to 4160 (in bits) (by +64 bits)
'rwlock_t sock::sk_callback_lock' offset changed from 4160 to 4224 (in bits) (by +64 bits)
'int sock::sk_err' offset changed from 4224 to 4288 (in bits) (by +64 bits)
'int sock::sk_err_soft' offset changed from 4256 to 4320 (in bits) (by +64 bits)
'u32 sock::sk_ack_backlog' offset changed from 4288 to 4352 (in bits) (by +64 bits)
'u32 sock::sk_max_ack_backlog' offset changed from 4320 to 4384 (in bits) (by +64 bits)
'kuid_t sock::sk_uid' offset changed from 4352 to 4416 (in bits) (by +64 bits)
'pid* sock::sk_peer_pid' offset changed from 4416 to 4480 (in bits) (by +64 bits)
'const cred* sock::sk_peer_cred' offset changed from 4480 to 4544 (in bits) (by +64 bits)
'long int sock::sk_rcvtimeo' offset changed from 4544 to 4608 (in bits) (by +64 bits)
'ktime_t sock::sk_stamp' offset changed from 4608 to 4672 (in bits) (by +64 bits)
'u16 sock::sk_tsflags' offset changed from 4672 to 4736 (in bits) (by +64 bits)
'u8 sock::sk_shutdown' offset changed from 4688 to 4752 (in bits) (by +64 bits)
'u32 sock::sk_tskey' offset changed from 4704 to 4768 (in bits) (by +64 bits)
'atomic_t sock::sk_zckey' offset changed from 4736 to 4800 (in bits) (by +64 bits)
'u8 sock::sk_clockid' offset changed from 4768 to 4832 (in bits) (by +64 bits)
'u8 sock::sk_txtime_unused' offset changed from 4776 to 4840 (in bits) (by +64 bits)
'socket* sock::sk_socket' offset changed from 4800 to 4864 (in bits) (by +64 bits)
'void* sock::sk_user_data' offset changed from 4864 to 4928 (in bits) (by +64 bits)
'void* sock::sk_security' offset changed from 4928 to 4992 (in bits) (by +64 bits)
'sock_cgroup_data sock::sk_cgrp_data' offset changed from 4992 to 5056 (in bits) (by +64 bits)
'mem_cgroup* sock::sk_memcg' offset changed from 5056 to 5120 (in bits) (by +64 bits)
'void ()* sock::sk_state_change' offset changed from 5120 to 5184 (in bits) (by +64 bits)
'void ()* sock::sk_data_ready' offset changed from 5184 to 5248 (in bits) (by +64 bits)
'void ()* sock::sk_write_space' offset changed from 5248 to 5312 (in bits) (by +64 bits)
'void ()* sock::sk_error_report' offset changed from 5312 to 5376 (in bits) (by +64 bits)
'void ()* sock::sk_backlog_rcv' offset changed from 5376 to 5440 (in bits) (by +64 bits)
'void ()* sock::sk_destruct' offset changed from 5440 to 5504 (in bits) (by +64 bits)
'sock_reuseport* sock::sk_reuseport_cb' offset changed from 5504 to 5568 (in bits) (by +64 bits)
'callback_head sock::sk_rcu' offset changed from 5568 to 5632 (in bits) (by +64 bits)
29 impacted interfaces
'struct sock_common at sock.h:152:1' changed:
details were reported earlier
Fixes: c05bf9c3e6 ("ANDROID: gki_defconfig: Enable CONFIG_NET_NS")
Change-Id: Ib996c420fdd2b347c5ea65309543721a174fdc9c
Signed-off-by: Matthias Maennich <maennich@google.com>
Changes in 4.19.104
ASoC: pcm: update FE/BE trigger order based on the command
hv_sock: Remove the accept port restriction
IB/mlx4: Fix memory leak in add_gid error flow
RDMA/netlink: Do not always generate an ACK for some netlink operations
RDMA/core: Fix locking in ib_uverbs_event_read
RDMA/uverbs: Verify MR access flags
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
PCI/switchtec: Fix vep_vector_number ioread width
PCI: Don't disable bridge BARs when assigning bus resources
nfs: NFS_SWAP should depend on SWAP
NFS: Revalidate the file size on a fatal write error
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFSv4: try lease recovery on NFS4ERR_EXPIRED
serial: uartps: Add a timeout to the tx empty wait
gpio: zynq: Report gpio direction at boot
spi: spi-mem: Add extra sanity checks on the op param
spi: spi-mem: Fix inverted logic in op sanity check
rtc: hym8563: Return -EINVAL if the time is known to be invalid
rtc: cmos: Stop using shared IRQ
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARM: dts: at91: Reenable UART TX pull-ups
ARM: dts: am43xx: add support for clkout1 clock
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: at91: sama5d3: define clock rate range for tcb1
tools/power/acpi: fix compilation error
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: 8949/1: mm: mark free_memmap as __init
arm64: cpufeature: Fix the type of no FP/SIMD capability
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
KVM: arm/arm64: Fix young bit from mmu notifier
KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
KVM: arm: Make inject_abt32() inject an external abort instead
KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
mtd: sharpslpart: Fix unsigned comparison to zero
crypto: artpec6 - return correct error code for failed setkey()
crypto: atmel-sha - fix error handling when setting hmac key
media: i2c: adv748x: Fix unsafe macros
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
libertas: make lbs_ibss_join_existing() return error code on rates overflow
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
x86/stackframe: Move ENCODE_FRAME_POINTER to asm/frame.h
x86/stackframe, x86/ftrace: Add pt_regs frame annotations
serial: uartps: Move the spinlock after the read of the tx empty
padata: fix null pointer deref of pd->pinst
Linux 4.19.104
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I42a465b140183dcc8cf49e19903d0e8f4b688930
This feature was noticed missing on the android emulator, but it's
normally default 'on', we just were able to disable it because we
turn CONFIG_EXPERT on too.
Bug: 147493341
Change-Id: Ia81b4f841a5b5d4a37ad8a1f3450dff70abc341d
Signed-off-by: Alistair Delva <adelva@google.com>
This was added when merging LTS.
Fixes: 44b82a3d1b ("Merge 4.19.85 into android-4.19")
Change-Id: Ic3ef52ec8f092f6a0e83ddb40ed57f1fa305b21c
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
advertises _DIRECT
INPUT_MT_DIRECT should be used only if the device advertises
INPUT_PROP_DIRECT.
Bug: 147493341
Bug: 149250379
Test: boot emulator with 5.4 kernel, check if touchscreen works
Signed-off-by: Roman Kiryanov <rkir@google.com>
Change-Id: Ic06ae2b9d0ab7c77cb8829e5392fd048139500a2
Previously the cuttlefish build was cat'ng the cuttlefish.fragment
with the gki_defconfig. The correct way to merge fragments is to use
the merge_configs script.
Bug: 139431025
Bug: 148247383
Test: Treehugger
Signed-off-by: Ram Muthiah <rammuthiah@google.com>
Change-Id: I0a62e6c5395b6933955894c8d5ad0484f5c7102d
This enables ebpf tethering offload from a cellular interface with
no L2 mac header to a wifi/ethernet/usb interface with one.
Will pursue upstreaming this along with further mtu related fixups.
Test: builds, real testing with identical patch on a 4.14 flame device
Bug: 149724482
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ic182320bf1abb248d0f86fa2973c60208710f664
Move SDCARD_FS into the fragments for cuttlefish and db845c as this
feature is still being used by AOSP master. These will be removed later.
Bug: 149410031
Change-Id: I9142338cd0709aa8ec067b9e7d8c22390630de02
Signed-off-by: Alistair Delva <adelva@google.com>
The 4.19 backport dc34710a7a ("padata: Remove broken queue flushing")
removed padata_alloc_pd()'s assignment to pd->pinst, resulting in:
Unable to handle kernel NULL pointer dereference ...
...
pc : padata_reorder+0x144/0x2e0
...
Call trace:
padata_reorder+0x144/0x2e0
padata_do_serial+0xc8/0x128
pcrypt_aead_enc+0x60/0x70 [pcrypt]
padata_parallel_worker+0xd8/0x138
process_one_work+0x1bc/0x4b8
worker_thread+0x164/0x580
kthread+0x134/0x138
ret_from_fork+0x10/0x18
This happened because the backport was based on an enhancement that
moved this assignment but isn't in 4.19:
bfde23ce20 ("padata: unbind parallel jobs from specific CPUs")
Simply restore the assignment to fix the crash.
Fixes: dc34710a7a ("padata: Remove broken queue flushing")
Reported-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Daniel Jordan <daniel.m.jordan@oracle.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Sasha Levin <sashal@kernel.org>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: linux-kernel@vger.kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 107475685a upstream.
Currently we are doing a read of the status register.
Move the spinlock after that as the reads need not be spinlock
protected. This patch prevents relaxing the cpu with spinlock held.
Signed-off-by: Shubhrajyoti Datta <shubhrajyoti.datta@xilinx.com>
Cc: Pavel Machek <pavel@denx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 1754c4f60a ]
Commit e5e884b426 ("libertas: Fix two buffer overflows at parsing bss
descriptor") introduced a bounds check on the number of supplied rates to
lbs_ibss_join_existing() and made it to return on overflow.
However, the aforementioned commit doesn't set the return value accordingly
and thus, lbs_ibss_join_existing() would return with zero even though it
failed.
Make lbs_ibss_join_existing return -EINVAL in case the bounds check on the
number of supplied rates fails.
Fixes: e5e884b426 ("libertas: Fix two buffer overflows at parsing bss descriptor")
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit c7bf1fb7dd ]
Commit e5e884b426 ("libertas: Fix two buffer overflows at parsing bss
descriptor") introduced a bounds check on the number of supplied rates to
lbs_ibss_join_existing().
Unfortunately, it introduced a return path from within a RCU read side
critical section without a corresponding rcu_read_unlock(). Fix this.
Fixes: e5e884b426 ("libertas: Fix two buffer overflows at parsing bss descriptor")
Signed-off-by: Nicolai Stange <nstange@suse.de>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit b70261a288 ]
mwifiex_cmd_append_vsie_tlv() calls memcpy() without checking
the destination size may trigger a buffer overflower,
which a local user could use to cause denial of service
or the execution of arbitrary code.
Fix it by putting the length check before calling memcpy().
Signed-off-by: Qing Xu <m1s5p6688@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 3a9b153c55 ]
mwifiex_ret_wmm_get_status() calls memcpy() without checking the
destination size.Since the source is given from remote AP which
contains illegal wmm elements , this may trigger a heap buffer
overflow.
Fix it by putting the length check before calling memcpy().
Signed-off-by: Qing Xu <m1s5p6688@gmail.com>
Signed-off-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 0d962e061a upstream.
Enclose multiple macro parameters in parentheses in order to
make such macros safer and fix the Clang warning below:
drivers/media/i2c/adv748x/adv748x-afe.c:452:12: warning: operator '?:'
has lower precedence than '|'; '|' will be evaluated first
[-Wbitwise-conditional-parentheses]
ret = sdp_clrset(state, ADV748X_SDP_FRP, ADV748X_SDP_FRP_MASK, enable
? ctrl->val - 1 : 0);
Fixes: 3e89586a64 ("media: i2c: adv748x: add adv748x driver")
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
Reviewed-by: Kieran Bingham <kieran.bingham+renesas@ideasonboard.com>
Signed-off-by: Hans Verkuil <hverkuil-cisco@xs4all.nl>
Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit f33113b542 upstream.
The unsigned variable log_num is being assigned a return value
from the call to sharpsl_nand_get_logical_num that can return
-EINVAL.
Detected using Coccinelle:
./drivers/mtd/parsers/sharpslpart.c:207:6-13: WARNING: Unsigned expression compared with zero: log_num > 0
Fixes: 8a4580e4d2 ("mtd: sharpslpart: Add sharpslpart partition parser")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 0e7ca83e82 upstream.
Clang warns:
../drivers/mtd/nand/onenand/onenand_base.c:1269:3: warning: misleading
indentation; statement is not part of the previous 'if'
[-Wmisleading-indentation]
while (!ret) {
^
../drivers/mtd/nand/onenand/onenand_base.c:1266:2: note: previous
statement is here
if (column + thislen > writesize)
^
1 warning generated.
This warning occurs because there is a space before the tab of the while
loop. There are spaces at the beginning of a lot of the lines in this
block, remove them so that the indentation is consistent with the Linux
kernel coding style and clang no longer warns.
Fixes: a8de85d557 ("[MTD] OneNAND: Implement read-while-load")
Link: https://github.com/ClangBuiltLinux/linux/issues/794
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 21aecdbd7f upstream.
KVM's inject_abt64() injects an external-abort into an aarch64 guest.
The KVM_CAP_ARM_INJECT_EXT_DABT is intended to do exactly this, but
for an aarch32 guest inject_abt32() injects an implementation-defined
exception, 'Lockdown fault'.
Change this to external abort. For non-LPAE we now get the documented:
| Unhandled fault: external abort on non-linefetch (0x008) at 0x9c800f00
and for LPAE:
| Unhandled fault: synchronous external abort (0x210) at 0x9c800f00
Fixes: 74a64a9816 ("KVM: arm/arm64: Unify 32bit fault injection")
Reported-by: Beata Michalska <beata.michalska@linaro.org>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200121123356.203000-3-james.morse@arm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 018f22f95e upstream.
Beata reports that KVM_SET_VCPU_EVENTS doesn't inject the expected
exception to a non-LPAE aarch32 guest.
The host intends to inject DFSR.FS=0x14 "IMPLEMENTATION DEFINED fault
(Lockdown fault)", but the guest receives DFSR.FS=0x04 "Fault on
instruction cache maintenance". This fault is hooked by
do_translation_fault() since ARMv6, which goes on to silently 'handle'
the exception, and restart the faulting instruction.
It turns out, when TTBCR.EAE is clear DFSR is split, and FS[4] has
to shuffle up to DFSR[10].
As KVM only does this in one place, fix up the static values. We
now get the expected:
| Unhandled fault: lock abort (0x404) at 0x9c800f00
Fixes: 74a64a9816 ("KVM: arm/arm64: Unify 32bit fault injection")
Reported-by: Beata Michalska <beata.michalska@linaro.org>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200121123356.203000-2-james.morse@arm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit cf2d23e0ba upstream.
kvm_test_age_hva() is called upon mmu_notifier_test_young(), but wrong
address range has been passed to handle_hva_to_gpa(). With the wrong
address range, no young bits will be checked in handle_hva_to_gpa().
It means zero is always returned from mmu_notifier_test_young().
This fixes the issue by passing correct address range to the underly
function handle_hva_to_gpa(), so that the hardware young (access) bit
will be visited.
Fixes: 35307b9a5f ("arm/arm64: KVM: Implement Stage-2 page aging")
Signed-off-by: Gavin Shan <gshan@redhat.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20200121055659.19560-1-gshan@redhat.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 449443c03d upstream.
The NO_FPSIMD capability is defined with scope SYSTEM, which implies
that the "absence" of FP/SIMD on at least one CPU is detected only
after all the SMP CPUs are brought up. However, we use the status
of this capability for every context switch. So, let us change
the scope to LOCAL_CPU to allow the detection of this capability
as and when the first CPU without FP is brought up.
Also, the current type allows hotplugged CPU to be brought up without
FP/SIMD when all the current CPUs have FP/SIMD and we have the userspace
up. Fix both of these issues by changing the capability to
BOOT_RESTRICTED_LOCAL_CPU_FEATURE.
Fixes: 82e0191a1a ("arm64: Support systems without FP/ASIMD")
Cc: Will Deacon <will@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 31f3010e60 upstream.
As of commit ac7c3e4ff4 ("compiler: enable CONFIG_OPTIMIZE_INLINING
forcibly"), free_memmap() might not always be inlined, and thus is
triggering a section warning:
WARNING: vmlinux.o(.text.unlikely+0x904): Section mismatch in reference from the function free_memmap() to the function .meminit.text:memblock_free()
Mark it as __init, since the faller (free_unused_memmap) already is.
Fixes: ac7c3e4ff4 ("compiler: enable CONFIG_OPTIMIZE_INLINING forcibly")
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 935d43ba27 upstream.
CMDQ_OP_TLBI_NH_VA requires VMID and this was missing since
commit 1c27df1c0a ("iommu/arm-smmu: Use correct address mask
for CMD_TLBI_S2_IPA"). Add it back.
Fixes: 1c27df1c0a ("iommu/arm-smmu: Use correct address mask for CMD_TLBI_S2_IPA")
Signed-off-by: Shameer Kolothum <shameerali.kolothum.thodi@huawei.com>
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 7559d3d295 upstream.
By default a pseries guest supports a H_PUT_TCE hypercall which maps
a single IOMMU page in a DMA window. Additionally the hypervisor may
support H_PUT_TCE_INDIRECT/H_STUFF_TCE which update multiple TCEs at once;
this is advertised via the device tree /rtas/ibm,hypertas-functions
property which Linux converts to FW_FEATURE_MULTITCE.
FW_FEATURE_MULTITCE is checked when dma_iommu_ops is used; however
the code managing the huge DMA window (DDW) ignores it and calls
H_PUT_TCE_INDIRECT even if it is explicitly disabled via
the "multitce=off" kernel command line parameter.
This adds FW_FEATURE_MULTITCE checking to the DDW code path.
This changes tce_build_pSeriesLP to take liobn and page size as
the huge window does not have iommu_table descriptor which usually
the place to store these numbers.
Fixes: 4e8b0cf46b ("powerpc/pseries: Add support for dynamic dma windows")
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Tested-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20191216041924.42318-3-aik@ozlabs.ru
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit aff8c8242b upstream.
Commit e5afdf9dd5 ("powerpc/vfio_spapr_tce: Add reference counting to
iommu_table") missed an iommu_table allocation in the pseries vio code.
The iommu_table is allocated with kzalloc and as a result the associated
kref gets a value of zero. This has the side effect that during a DLPAR
remove of the associated virtual IOA the iommu_tce_table_put() triggers
a use-after-free underflow warning.
Call Trace:
[c0000002879e39f0] [c00000000071ecb4] refcount_warn_saturate+0x184/0x190
(unreliable)
[c0000002879e3a50] [c0000000000500ac] iommu_tce_table_put+0x9c/0xb0
[c0000002879e3a70] [c0000000000f54e4] vio_dev_release+0x34/0x70
[c0000002879e3aa0] [c00000000087cfa4] device_release+0x54/0xf0
[c0000002879e3b10] [c000000000d64c84] kobject_cleanup+0xa4/0x240
[c0000002879e3b90] [c00000000087d358] put_device+0x28/0x40
[c0000002879e3bb0] [c0000000007a328c] dlpar_remove_slot+0x15c/0x250
[c0000002879e3c50] [c0000000007a348c] remove_slot_store+0xac/0xf0
[c0000002879e3cd0] [c000000000d64220] kobj_attr_store+0x30/0x60
[c0000002879e3cf0] [c0000000004ff13c] sysfs_kf_write+0x6c/0xa0
[c0000002879e3d10] [c0000000004fde4c] kernfs_fop_write+0x18c/0x260
[c0000002879e3d60] [c000000000410f3c] __vfs_write+0x3c/0x70
[c0000002879e3d80] [c000000000415408] vfs_write+0xc8/0x250
[c0000002879e3dd0] [c0000000004157dc] ksys_write+0x7c/0x120
[c0000002879e3e20] [c00000000000b278] system_call+0x5c/0x68
Further, since the refcount was always zero the iommu_tce_table_put()
fails to call the iommu_table release function resulting in a leak.
Fix this issue be initilizing the iommu_table kref immediately after
allocation.
Fixes: e5afdf9dd5 ("powerpc/vfio_spapr_tce: Add reference counting to iommu_table")
Signed-off-by: Tyrel Datwyler <tyreld@linux.ibm.com>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/1579558202-26052-1-git-send-email-tyreld@linux.ibm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 01053dadb7 upstream.
clkout1 clock node and its generation tree was missing. Add this based
on the data on TRM and PRCM functional spec.
commit 664ae1ab25 ("ARM: dts: am43xx: add clkctrl nodes") effectively
reverted this commit 8010f13a40 ("ARM: dts: am43xx: add support for
clkout1 clock") which is needed for the ov2659 camera sensor clock
definition hence it is being re-applied here.
Note that because of the current dts node name dependency for mapping to
clock domain, we must still use "clkout1-*ck" naming instead of generic
"clock@" naming for the node. And because of this, it's probably best to
apply the dts node addition together along with the other clock changes.
Fixes: 664ae1ab25 ("ARM: dts: am43xx: add clkctrl nodes")
Signed-off-by: Tero Kristo <t-kristo@ti.com>
Tested-by: Benoit Parrot <bparrot@ti.com>
Acked-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Benoit Parrot <bparrot@ti.com>
Signed-off-by: Tony Lindgren <tony@atomide.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 9d39d86cd4 upstream.
Pull-ups for SAM9 UART/USART TX lines were disabled in a previous
commit. However, several chips in the SAM9 family require pull-ups to
prevent the TX lines from falling (and causing an endless break
condition) when the transceiver is disabled.
From the SAM9G20 datasheet, 32.5.1: "To prevent the TXD line from
falling when the USART is disabled, the use of an internal pull up
is mandatory.". This commit reenables the pull-ups for all chips having
that sentence in their datasheets.
Fixes: 5e04822f7d ("ARM: dts: at91: fixes uart pinctrl, set pullup on rx, clear pullup on tx")
Signed-off-by: Ingo van Lil <inguin@gmx.de>
Cc: Peter Rosin <peda@axentia.se>
Link: https://lore.kernel.org/r/20191203142147.875227-1-inguin@gmx.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 5e0c94d3ae upstream.
The driver gets driver_data from memory that is marked as const (which
is probably put to read-only memory) and it then modifies it. This
likely causes some sort of fault to happen.
Fix this by taking a copy of the structure.
Fixes: c94a8ff14d ("platform/x86: intel_mid_powerbtn: make mid_pb_ddata const")
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Reviewed-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit b6da197a2e upstream.
As reported by Guilherme G. Piccoli:
---8<---8<---8<---
The rtc-cmos interrupt setting was changed in the commit 079062b28f
("rtc: cmos: prevent kernel warning on IRQ flags mismatch") in order
to allow shared interrupts; according to that commit's description,
some machine got kernel warnings due to the interrupt line being shared
between rtc-cmos and other hardware, and rtc-cmos didn't allow IRQ sharing
that time.
After the aforementioned commit though it was observed a huge increase
in lost HPET interrupts in some systems, observed through the following
kernel message:
[...] hpet1: lost 35 rtc interrupts
After investigation, it was narrowed down to the shared interrupts
usage when having the kernel option "irqpoll" enabled. In this case,
all IRQ handlers are called for non-timer interrupts, if such handlers
are setup in shared IRQ lines. The rtc-cmos IRQ handler could be set to
hpet_rtc_interrupt(), which will produce the kernel "lost interrupts"
message after doing work - lots of readl/writel to HPET registers, which
are known to be slow.
Although "irqpoll" is not a default kernel option, it's used in some contexts,
one being the kdump kernel (which is an already "impaired" kernel usually
running with 1 CPU available), so the performance burden could be considerable.
Also, the same issue would happen (in a shorter extent though) when using
"irqfixup" kernel option.
In a quick experiment, a virtual machine with uptime of 2 minutes produced
>300 calls to hpet_rtc_interrupt() when "irqpoll" was set, whereas without
sharing interrupts this number reduced to 1 interrupt. Machines with more
hardware than a VM should generate even more unnecessary HPET interrupts
in this scenario.
---8<---8<---8<---
After looking into the rtc-cmos driver history and DSDT table from
the Microsoft Surface 3, we may notice that Hans de Goede submitted
a correct fix (see dependency below). Thus, we simply revert
the culprit commit.
Fixes: 079062b28f ("rtc: cmos: prevent kernel warning on IRQ flags mismatch")
Depends-on: a1e23a42f1 ("rtc: cmos: Do not assume irq 8 for rtc when there are no legacy irqs")
Reported-by: Guilherme G. Piccoli <gpiccoli@canonical.com>
Cc: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Tested-by: Guilherme G. Piccoli <gpiccoli@canonical.com>
Reviewed-by: Hans de Goede <hdegoede@redhat.com>
Link: https://lore.kernel.org/r/20200123131437.28157-1-andriy.shevchenko@linux.intel.com
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit aea3877e24 ]
On r8a7791/koelsch:
m25p80 spi0.0: error -22 reading 9f
m25p80: probe of spi0.0 failed with error -22
Apparently the logic in spi_mem_check_op() is wrong, rejecting the
spi-mem operation if any buswidth is valid, instead of invalid.
Fixes: 380583227c ("spi: spi-mem: Add extra sanity checks on the op param")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Reviewed-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 380583227c upstream
Some combinations are simply not valid and should be rejected before
the op is passed to the SPI controller driver.
Add an spi_mem_check_op() helper and use it in spi_mem_exec_op() and
spi_mem_supports_op() to make sure the spi-mem operation is valid.
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
Cc: stable <stable@vger.kernel.org> # 4.19
Signed-off-by: Mathieu Poirier <mathieu.poirier@linaro.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
