mirror of
https://github.com/hardkernel/linux.git
synced 2026-04-02 19:23:01 +09:00
ebd2ef4e301f6e4eac8012ccae9e1ff51c98ceea
10022 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Victor Wan
|
2c95ea743b |
Merge branch 'android-4.9' into amlogic-4.9-dev
Conflicts: arch/arm/configs/omap2plus_defconfig drivers/Makefile drivers/android/binder.c |
||
|
Victor Wan
|
1e547d2935 | Merge branch 'android-4.9' into amlogic-4.9-dev | ||
|
Greg Kroah-Hartman
|
44a3afcce1 |
Merge 4.9.63 into android-4.9
Changes in 4.9.63 gso: fix payload length when gso_size is zero tun/tap: sanitize TUNSETSNDBUF input ipv6: addrconf: increment ifp refcount before ipv6_del_addr() netlink: do not set cb_running if dump's start() errs net: call cgroup_sk_alloc() earlier in sk_clone_lock() tcp: fix tcp_mtu_probe() vs highest_sack l2tp: check ps->sock before running pppol2tp_session_ioctl() tun: call dev_get_valid_name() before register_netdevice() sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect tcp/dccp: fix ireq->opt races packet: avoid panic in packet_getsockopt() soreuseport: fix initialization race ipv6: flowlabel: do not leave opt->tot_len with garbage sctp: full support for ipv6 ip_nonlocal_bind & IP_FREEBIND tcp/dccp: fix lockdep splat in inet_csk_route_req() tcp/dccp: fix other lockdep splats accessing ireq_opt net/unix: don't show information about sockets from other namespaces tap: double-free in error path in tap_open() ipip: only increase err_count for some certain type icmp in ipip_err ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err ip6_gre: update dst pmtu if dev mtu has been updated by toobig in __gre6_xmit tun: allow positive return values on dev_get_valid_name() call sctp: reset owner sk for data chunks on out queues when migrating a sock net_sched: avoid matching qdisc with zero handle ppp: fix race in ppp device destruction mac80211: accept key reinstall without changing anything mac80211: use constant time comparison with keys mac80211: don't compare TKIP TX MIC key in reinstall prevention usb: usbtest: fix NULL pointer dereference Input: ims-psu - check if CDC union descriptor is sane ALSA: seq: Cancel pending autoload work at unbinding device Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config" netfilter: nat: avoid use of nf_conn_nat extension netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable" security/keys: add CONFIG_KEYS_COMPAT to Kconfig brcmfmac: remove setting IBSS mode when stopping AP target/iscsi: Fix iSCSI task reassignment handling qla2xxx: Fix incorrect tcm_qla2xxx_free_cmd use during TMR ABORT (v2) misc: panel: properly restore atomic counter on error path Linux 4.9.63 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Florian Westphal
|
a23349bb9f |
netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable"
commit |
||
|
Eric Dumazet
|
2af59c6557 |
tcp/dccp: fix other lockdep splats accessing ireq_opt
[ Upstream commit |
||
|
Eric Dumazet
|
2ffd261337 |
tcp/dccp: fix ireq->opt races
[ Upstream commit |
||
|
Eric Dumazet
|
e12c42c552 |
tcp: fix tcp_mtu_probe() vs highest_sack
[ Upstream commit |
||
|
Victor Wan
|
ee46236755 | Merge branch 'android-4.9' into amlogic-4.9-dev | ||
|
Wei Wang
|
d55e63001f |
BACKPORT: net/tcp-fastopen: Add new API support
This patch adds a new socket option, TCP_FASTOPEN_CONNECT, as an
alternative way to perform Fast Open on the active side (client). Prior
to this patch, a client needs to replace the connect() call with
sendto(MSG_FASTOPEN). This can be cumbersome for applications who want
to use Fast Open: these socket operations are often done in lower layer
libraries used by many other applications. Changing these libraries
and/or the socket call sequences are not trivial. A more convenient
approach is to perform Fast Open by simply enabling a socket option when
the socket is created w/o changing other socket calls sequence:
s = socket()
create a new socket
setsockopt(s, IPPROTO_TCP, TCP_FASTOPEN_CONNECT …);
newly introduced sockopt
If set, new functionality described below will be used.
Return ENOTSUPP if TFO is not supported or not enabled in the
kernel.
connect()
With cookie present, return 0 immediately.
With no cookie, initiate 3WHS with TFO cookie-request option and
return -1 with errno = EINPROGRESS.
write()/sendmsg()
With cookie present, send out SYN with data and return the number of
bytes buffered.
With no cookie, and 3WHS not yet completed, return -1 with errno =
EINPROGRESS.
No MSG_FASTOPEN flag is needed.
read()
Return -1 with errno = EWOULDBLOCK/EAGAIN if connect() is called but
write() is not called yet.
Return -1 with errno = EWOULDBLOCK/EAGAIN if connection is
established but no msg is received yet.
Return number of bytes read if socket is established and there is
msg received.
The new API simplifies life for applications that always perform a write()
immediately after a successful connect(). Such applications can now take
advantage of Fast Open by merely making one new setsockopt() call at the time
of creating the socket. Nothing else about the application's socket call
sequence needs to change.
Backport of upstream commit
|
||
|
Wei Wang
|
b9fde3e805 |
UPSTREAM: net/tcp-fastopen: refactor cookie check logic
Refactor the cookie check logic in tcp_send_syn_data() into a function.
This function will be called else where in later changes.
Bug: 63449462
Test: Tests in https://android-review.googlesource.com/535357/ pass
Change-Id: I14b0fadd8f97569f773a2e2f15f0b4e8dca48402
Signed-off-by: Wei Wang <weiwan@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry-picked from commit
|
||
|
Eric Dumazet
|
3347f3d676 |
tcp/dccp: drop SYN packets if accept queue is full
PD#152538: tcp/dccp: drop SYN packets if accept queue is full tcp/dccp: drop SYN packets if accept queue is full Per listen(fd, backlog) rules, there is really no point accepting a SYN, sending a SYNACK, and dropping the following ACK packet if accept queue is full, because application is not draining accept queue fast enough. This behavior is fooling TCP clients that believe they established a flow, while there is nothing at server side. They might then send about 10 MSS (if using IW10) that will be dropped anyway while server is under stress. Change-Id: I674728eac69b418255522afc8d345995b8891a7e Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Neal Cardwell <ncardwell@google.com> Acked-by: Yuchung Cheng <ycheng@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Ao Xu <ao.xu@amlogic.com> |
||
|
Greg Kroah-Hartman
|
cdbe07ad26 |
Merge 4.9.55 into android-4.9
Changes in 4.9.55
USB: gadgetfs: Fix crash caused by inadequate synchronization
USB: gadgetfs: fix copy_to_user while holding spinlock
usb: gadget: udc: atmel: set vbus irqflags explicitly
usb: gadget: udc: renesas_usb3: fix for no-data control transfer
usb: gadget: udc: renesas_usb3: fix Pn_RAMMAP.Pn_MPKT value
usb: gadget: udc: renesas_usb3: Fix return value of usb3_write_pipe()
usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives
usb-storage: fix bogus hardware error messages for ATA pass-thru devices
usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
usb: pci-quirks.c: Corrected timeout values used in handshake
USB: cdc-wdm: ignore -EPIPE from GetEncapsulatedResponse
USB: dummy-hcd: fix connection failures (wrong speed)
USB: dummy-hcd: fix infinite-loop resubmission bug
USB: dummy-hcd: Fix erroneous synchronization change
USB: devio: Don't corrupt user memory
usb: gadget: mass_storage: set msg_registered after msg registered
USB: g_mass_storage: Fix deadlock when driver is unbound
USB: uas: fix bug in handling of alternate settings
USB: core: harden cdc_parse_cdc_header
usb: Increase quirk delay for USB devices
USB: fix out-of-bounds in usb_set_configuration
xhci: fix finding correct bus_state structure for USB 3.1 hosts
xhci: Fix sleeping with spin_lock_irq() held in ASmedia 1042A workaround
xhci: set missing SuperSpeedPlus Link Protocol bit in roothub descriptor
Revert "xhci: Limit USB2 port wake support for AMD Promontory hosts"
iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling path of 'twl4030_madc_probe()'
iio: ad_sigma_delta: Implement a dedicated reset function
staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack.
iio: core: Return error for failed read_reg
IIO: BME280: Updates to Humidity readings need ctrl_reg write!
iio: ad7793: Fix the serial interface reset
iio: adc: mcp320x: Fix readout of negative voltages
iio: adc: mcp320x: Fix oops on module unload
uwb: properly check kthread_run return value
uwb: ensure that endpoint is interrupt
staging: vchiq_2835_arm: Fix NULL ptr dereference in free_pagelist
mm, oom_reaper: skip mm structs with mmu notifiers
lib/ratelimit.c: use deferred printk() version
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
ALSA: compress: Remove unused variable
Revert "ALSA: echoaudio: purge contradictions between dimension matrix members and total number of members"
ALSA: usx2y: Suppress kernel warning at page allocation failures
mlxsw: spectrum: Prevent mirred-related crash on removal
net: sched: fix use-after-free in tcf_action_destroy and tcf_del_walker
sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
tcp: update skb->skb_mstamp more carefully
bpf/verifier: reject BPF_ALU64|BPF_END
tcp: fix data delivery rate
udpv6: Fix the checksum computation when HW checksum does not apply
ip6_gre: skb_push ipv6hdr before packing the header in ip6gre_header
net: phy: Fix mask value write on gmii2rgmii converter speed register
ip6_tunnel: do not allow loading ip6_tunnel if ipv6 is disabled in cmdline
net/sched: cls_matchall: fix crash when used with classful qdisc
tcp: fastopen: fix on syn-data transmit failure
net: emac: Fix napi poll list corruption
packet: hold bind lock when rebinding to fanout hook
bpf: one perf event close won't free bpf program attached by another perf event
isdn/i4l: fetch the ppp_write buffer in one shot
net_sched: always reset qdisc backlog in qdisc_reset()
net: qcom/emac: specify the correct size when mapping a DMA buffer
vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
l2tp: Avoid schedule while atomic in exit_net
l2tp: fix race condition in l2tp_tunnel_delete
tun: bail out from tun_get_user() if the skb is empty
net: dsa: Fix network device registration order
packet: in packet_do_bind, test fanout with bind_lock held
packet: only test po->has_vnet_hdr once in packet_snd
net: Set sk_prot_creator when cloning sockets to the right proto
netlink: do not proceed if dump's start() errs
ip6_gre: ip6gre_tap device should keep dst
ip6_tunnel: update mtu properly for ARPHRD_ETHER tunnel device in tx path
tipc: use only positive error codes in messages
net: rtnetlink: fix info leak in RTM_GETSTATS call
socket, bpf: fix possible use after free
powerpc/64s: Use emergency stack for kernel TM Bad Thing program checks
powerpc/tm: Fix illegal TM state in signal handler
percpu: make this_cpu_generic_read() atomic w.r.t. interrupts
driver core: platform: Don't read past the end of "driver_override" buffer
Drivers: hv: fcopy: restore correct transfer length
stm class: Fix a use-after-free
ftrace: Fix kmemleak in unregister_ftrace_graph
HID: i2c-hid: allocate hid buffers for real worst case
HID: wacom: leds: Don't try to control the EKR's read-only LEDs
HID: wacom: Always increment hdev refcount within wacom_get_hdev_data
HID: wacom: bits shifted too much for 9th and 10th buttons
rocker: fix rocker_tlv_put_* functions for KASAN
netlink: fix nla_put_{u8,u16,u32} for KASAN
iwlwifi: mvm: use IWL_HCMD_NOCOPY for MCAST_FILTER_CMD
iwlwifi: add workaround to disable wide channels in 5GHz
scsi: sd: Do not override max_sectors_kb sysfs setting
brcmfmac: add length check in brcmf_cfg80211_escan_handler()
brcmfmac: setup passive scan if requested by user-space
drm/i915/bios: ignore HDMI on port A
nvme-pci: Use PCI bus address for data/queues in CMB
mmc: core: add driver strength selection when selecting hs400es
sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
vfs: deny copy_file_range() for non regular files
ext4: fix data corruption for mmap writes
ext4: Don't clear SGID when inheriting ACLs
ext4: don't allow encrypted operations without keys
f2fs: don't allow encrypted operations without keys
KVM: x86: fix singlestepping over syscall
Linux 4.9.55
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Arnd Bergmann
|
9a19bc44c6 |
netlink: fix nla_put_{u8,u16,u32} for KASAN
commit |
||
|
Dan Carpenter
|
b70bb9bb72 |
sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
[ Upstream commit
|
||
|
Lorenzo Colitti
|
34e23dee72 |
BACKPORT: net: xfrm: support setting an output mark.
On systems that use mark-based routing it may be necessary for
routing lookups to use marks in order for packets to be routed
correctly. An example of such a system is Android, which uses
socket marks to route packets via different networks.
Currently, routing lookups in tunnel mode always use a mark of
zero, making routing incorrect on such systems.
This patch adds a new output_mark element to the xfrm state and
a corresponding XFRMA_OUTPUT_MARK netlink attribute. The output
mark differs from the existing xfrm mark in two ways:
1. The xfrm mark is used to match xfrm policies and states, while
the xfrm output mark is used to set the mark (and influence
the routing) of the packets emitted by those states.
2. The existing mark is constrained to be a subset of the bits of
the originating socket or transformed packet, but the output
mark is arbitrary and depends only on the state.
The use of a separate mark provides additional flexibility. For
example:
- A packet subject to two transforms (e.g., transport mode inside
tunnel mode) can have two different output marks applied to it,
one for the transport mode SA and one for the tunnel mode SA.
- On a system where socket marks determine routing, the packets
emitted by an IPsec tunnel can be routed based on a mark that
is determined by the tunnel, not by the marks of the
unencrypted packets.
- Support for setting the output marks can be introduced without
breaking any existing setups that employ both mark-based
routing and xfrm tunnel mode. Simply changing the code to use
the xfrm mark for routing output packets could xfrm mark could
change behaviour in a way that breaks these setups.
If the output mark is unspecified or set to zero, the mark is not
set or changed.
[backport of upstream
|
||
|
Greg Kroah-Hartman
|
e5eba30388 |
Merge 4.9.54 into android-4.9
Changes in 4.9.54 drm_fourcc: Fix DRM_FORMAT_MOD_LINEAR #define drm: bridge: add DT bindings for TI ths8135 GFS2: Fix reference to ERR_PTR in gfs2_glock_iter_next drm/i915: Fix the overlay frontbuffer tracking ARM: dts: exynos: Add CPU OPPs for Exynos4412 Prime clk: sunxi-ng: fix PLL_CPUX adjusting on H3 RDS: RDMA: Fix the composite message user notification ARM: dts: r8a7790: Use R-Car Gen 2 fallback binding for msiof nodes MIPS: Ensure bss section ends on a long-aligned address MIPS: ralink: Fix a typo in the pinmux setup. MIPS: ralink: Fix incorrect assignment on ralink_soc power: supply: axp288_fuel_gauge: Fix fuel_gauge_reg_readb return on error scsi: be2iscsi: Add checks to validate CID alloc/free ARM: dts: am335x-chilisom: Wakeup from RTC-only state by power on event igb: re-assign hw address pointer on reset after PCI error extcon: axp288: Use vbus-valid instead of -present to determine cable presence reset: ti_syscon: fix a ti_syscon_reset_status issue sh_eth: use correct name for ECMR_MPDE bit clk/axs10x: Clear init field in driver probe usb: make the MTK XHCI driver compile for older MIPS SoCs hwmon: (gl520sm) Fix overflows and crash seen when writing into limit attributes iio: adc: imx25-gcq: Fix module autoload iio: adc: axp288: Drop bogus AXP288_ADC_TS_PIN_CTRL register modifications iio: adc: hx711: Add DT binding for avia,hx711 IB/rxe: Add a runtime check in alloc_index() IB/rxe: Fix a MR reference leak in check_rkey() ARM: 8635/1: nommu: allow enabling REMAP_VECTORS_TO_RAM drm/i915/psr: disable psr2 for resolution greater than 32X20 serial: 8250: moxa: Store num_ports in brd tty: goldfish: Fix a parameter of a call to free_irq serial: 8250_port: Remove dangerous pr_debug() IB/ipoib: Fix deadlock over vlan_mutex IB/ipoib: rtnl_unlock can not come after free_netdev IB/ipoib: Replace list_del of the neigh->list with list_del_init arm: dts: mt2701: Add subsystem clock controller device nodes drm/amdkfd: fix improper return value on error USB: serial: mos7720: fix control-message error handling USB: serial: mos7840: fix control-message error handling sfc: get PIO buffer size from the NIC partitions/efi: Fix integer overflow in GPT size calculation ASoC: dapm: handle probe deferrals audit: log 32-bit socketcalls ath10k: prevent sta pointer rcu violation spi: pxa2xx: Add support for Intel Gemini Lake iommu/arm-smmu: Set privileged attribute to 'default' instead of 'unprivileged' usb: chipidea: vbus event may exist before starting gadget rtl8xxxu: Add additional USB IDs for rtl8192eu devices ASoC: dapm: fix some pointer error handling drm: mali-dp: Fix destination size handling when rotating drm: mali-dp: Fix transposed horizontal/vertical flip HID: wacom: release the resources before leaving despite devm MIPS: Lantiq: Fix another request_mem_region() return code check mips: ath79: clock:- Unmap region obtained by of_iomap lkdtm: Fix Oops when unloading the module net: core: Prevent from dereferencing null pointer when releasing SKB net/packet: check length in getsockopt() called with PACKET_HDRLEN team: fix memory leaks usb: plusb: Add support for PL-27A1 udp: disable inner UDP checksum offloads in IPsec case net: dsa: b53: Include IMP/CPU port in dumb forwarding mode qed: Fix possible system hang in the dcbnl-getdcbx() path. mmc: sdio: fix alignment issue in struct sdio_func bridge: netlink: register netdevice before executing changelink Btrfs: fix segmentation fault when doing dio read Btrfs: fix potential use-after-free for cloned bio sata_via: Enable hotplug only on VT6421 hugetlbfs: initialize shared policy as part of inode allocation kasan: do not sanitize kexec purgatory drivers/rapidio/devices/tsi721.c: make module parameter variable name unique netfilter: invoke synchronize_rcu after set the _hook_ to NULL MIPS: IRQ Stack: Unwind IRQ stack onto task stack iommu/exynos: Block SYSMMU while invalidating FLPD cache exynos-gsc: Do not swap cb/cr for semi planar formats MIPS: smp-cps: Fix retrieval of VPE mask on big endian CPUs nvme-rdma: handle cpu unplug when re-establishing the controller netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max parisc: perf: Fix potential NULL pointer dereference nfs: make nfs4_cb_sv_ops static ibmvnic: Free tx/rx scrq pointer array when releasing sub-crqs cpufreq: intel_pstate: Update pid_params.sample_rate_ns in pid_param_set() x86/acpi: Restore the order of CPU IDs iommu/io-pgtable-arm: Check for leaf entry before dereferencing it mm/cgroup: avoid panic when init with low memory rds: ib: add error handle md/raid10: submit bio directly to replacement disk netfilter: nf_tables: set pktinfo->thoff at AH header if found i2c: meson: fix wrong variable usage in meson_i2c_put_data xfs: remove kmem_zalloc_greedy ASoC: wm_adsp: Return an error on write to a disabled volatile control libata: transport: Remove circular dependency at free time ARM: dts: BCM5301X: Fix memory start address tools/power turbostat: bugfix: GFXMHz column not changing IB/qib: fix false-postive maybe-uninitialized warning ARM: remove duplicate 'const' annotations' ASoC: rt5514: fix gcc-7 warning ASoC: rt5659: drop double const ASoC: rt5660: remove double const ALSA: au88x0: avoid theoretical uninitialized access ttpci: address stringop overflow warning s390/mm: make pmdp_invalidate() do invalidation only Linux 4.9.54 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Pablo Neira Ayuso
|
625cb13a89 |
netfilter: nf_tables: set pktinfo->thoff at AH header if found
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
379e3b2a6d |
Merge 4.9.53 into android-4.9
Changes in 4.9.53 cifs: release cifs root_cred after exit_cifs cifs: release auth_key.response for reconnect. fs/proc: Report eip/esp in /prod/PID/stat for coredumping mac80211: fix VLAN handling with TXQs mac80211_hwsim: Use proper TX power mac80211: flush hw_roc_start work before cancelling the ROC genirq: Make sparse_irq_lock protect what it should protect KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce() KVM: PPC: Book3S HV: Protect updates to spapr_tce_tables list tracing: Fix trace_pipe behavior for instance traces tracing: Erase irqsoff trace with empty write md/raid5: fix a race condition in stripe batch md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly drm/radeon: disable hard reset in hibernate for APUs crypto: drbg - fix freeing of resources crypto: talitos - Don't provide setkey for non hmac hashing algs. crypto: talitos - fix sha224 crypto: talitos - fix hashing security/keys: properly zero out sensitive key material in big_key security/keys: rewrite all of big_key crypto KEYS: fix writing past end of user-supplied buffer in keyring_read() KEYS: prevent creating a different user's keyrings KEYS: prevent KEYCTL_READ on negative key powerpc/pseries: Fix parent_dn reference leak in add_dt_node() powerpc/tm: Flush TM only if CPU has TM feature powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS s390/mm: fix write access check in gup_huge_pmd() PM: core: Fix device_pm_check_callbacks() Fix SMB3.1.1 guest authentication to Samba SMB3: Warn user if trying to sign connection that authenticated as guest SMB: Validate negotiate (to protect against downgrade) even if signing off SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets nl80211: check for the required netlink attributes presence bsg-lib: don't free job in bsg_prepare_job iw_cxgb4: remove the stid on listen create failure iw_cxgb4: put ep reference in pass_accept_req() selftests/seccomp: Support glibc 2.26 siginfo_t.h seccomp: fix the usage of get/put_seccomp_filter() in seccomp_get_filter() arm64: Make sure SPsel is always set arm64: fault: Route pte translation faults via do_translation_fault KVM: VMX: extract __pi_post_block KVM: VMX: avoid double list add with VT-d posted interrupts KVM: VMX: simplify and fix vmx_vcpu_pi_load kvm/x86: Handle async PF in RCU read-side critical sections KVM: VMX: Do not BUG() on out-of-bounds guest IRQ kvm: nVMX: Don't allow L2 to access the hardware CR8 xfs: validate bdev support for DAX inode flag etnaviv: fix gem object list corruption PCI: Fix race condition with driver_override btrfs: fix NULL pointer dereference from free_reloc_roots() btrfs: propagate error to btrfs_cmp_data_prepare caller btrfs: prevent to set invalid default subvolid x86/mm: Fix fault error path using unsafe vma pointer x86/fpu: Don't let userspace set bogus xcomp_bv gfs2: Fix debugfs glocks dump timer/sysclt: Restrict timer migration sysctl values to 0 and 1 KVM: VMX: do not change SN bit in vmx_update_pi_irte() KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt cxl: Fix driver use count KVM: VMX: use cmpxchg64 video: fbdev: aty: do not leak uninitialized padding in clk to userspace swiotlb-xen: implement xen_swiotlb_dma_mmap callback Linux 4.9.53 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Johannes Berg
|
59862b0429 |
mac80211: fix VLAN handling with TXQs
commit
|
||
|
Greg Kroah-Hartman
|
9452b2c248 |
Merge 4.9.51 into android-4.9
Changes in 4.9.51 ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt() ipv6: add rcu grace period before freeing fib6_node ipv6: fix sparse warning on rt6i_node macsec: add genl family module alias udp: on peeking bad csum, drop packets even if not at head fsl/man: Inherit parent device and of_node sctp: Avoid out-of-bounds reads from address storage qlge: avoid memcpy buffer overflow netvsc: fix deadlock betwen link status and removal cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox() packet: Don't write vnet header beyond end of buffer kcm: do not attach PF_KCM sockets to avoid deadlock Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()" tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 mlxsw: spectrum: Forbid linking to devices that have uppers bridge: switchdev: Clear forward mark when transmitting packet Revert "net: use lib/percpu_counter API for fragmentation mem accounting" Revert "net: fix percpu memory leaks" gianfar: Fix Tx flow control deactivation vhost_net: correctly check tx avail during rx busy polling ip6_gre: update mtu properly in ip6gre_err ipv6: fix memory leak with multiple tables during netns destruction ipv6: fix typo in fib6_net_exit() sctp: fix missing wake ups in some situations ip_tunnel: fix setting ttl and tos value in collect_md mode f2fs: let fill_super handle roll-forward errors f2fs: check hot_data for roll-forward recovery x86/fsgsbase/64: Fully initialize FS and GS state in start_thread_common x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps x86/switch_to/64: Rewrite FS/GS switching yet again to fix AMD CPUs xfs: Move handling of missing page into one place in xfs_find_get_desired_pgoff() xfs: fix spurious spin_is_locked() assert failures on non-smp kernels xfs: push buffer of flush locked dquot to avoid quotacheck deadlock xfs: try to avoid blowing out the transaction reservation when bunmaping a shared extent xfs: release bli from transaction properly on fs shutdown xfs: remove bli from AIL before release on transaction abort xfs: don't allow bmap on rt files xfs: free uncommitted transactions during log recovery xfs: free cowblocks and retry on buffered write ENOSPC xfs: don't crash on unexpected holes in dir/attr btrees xfs: check _btree_check_block value xfs: set firstfsb to NULLFSBLOCK before feeding it to _bmapi_write xfs: check _alloc_read_agf buffer pointer before using xfs: fix quotacheck dquot id overflow infinite loop xfs: fix multi-AG deadlock in xfs_bunmapi xfs: Fix per-inode DAX flag inheritance xfs: fix inobt inode allocation search optimization xfs: clear MS_ACTIVE after finishing log recovery xfs: don't leak quotacheck dquots when cow recovery iomap: fix integer truncation issues in the zeroing and dirtying helpers xfs: write unmount record for ro mounts xfs: toggle readonly state around xfs_log_mount_finish xfs: remove xfs_trans_ail_delete_bulk xfs: Add infrastructure needed for error propagation during buffer IO failure xfs: Properly retry failed inode items in case of error during buffer writeback xfs: fix recovery failure when log record header wraps log end xfs: always verify the log tail during recovery xfs: fix log recovery corruption error due to tail overwrite xfs: handle -EFSCORRUPTED during head/tail verification xfs: add log recovery tracepoint for head/tail xfs: stop searching for free slots in an inode chunk when there are none xfs: evict all inodes involved with log redo item xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster() xfs: open-code xfs_buf_item_dirty() xfs: remove unnecessary dirty bli format check for ordered bufs xfs: ordered buffer log items are never formatted xfs: refactor buffer logging into buffer dirtying helper xfs: don't log dirty ranges for ordered buffers xfs: skip bmbt block ino validation during owner change xfs: move bmbt owner change to last step of extent swap xfs: disallow marking previously dirty buffers as ordered xfs: relog dirty buffers during swapext bmbt owner change xfs: disable per-inode DAX flag xfs: fix incorrect log_flushed on fsync xfs: don't set v3 xflags for v2 inodes xfs: open code end_buffer_async_write in xfs_finish_page_writeback xfs: use kmem_free to free return value of kmem_zalloc md/raid5: release/flush io in raid5_do_work() xfs: fix compiler warnings ipv6: Fix may be used uninitialized warning in rt6_check Linux 4.9.51 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Jesper Dangaard Brouer
|
1bcf18718e |
Revert "net: fix percpu memory leaks"
[ Upstream commit |
||
|
Jesper Dangaard Brouer
|
5a7a40bad2 |
Revert "net: use lib/percpu_counter API for fragmentation mem accounting"
[ Upstream commit |
||
|
Wei Wang
|
43c792a848 |
ipv6: fix sparse warning on rt6i_node
[ Upstream commit |
||
|
Wei Wang
|
7f8f23fc80 |
ipv6: add rcu grace period before freeing fib6_node
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
a3840b1234 |
Merge 4.9.46 into android-4.9
Changes in 4.9.46
sparc64: remove unnecessary log message
af_key: do not use GFP_KERNEL in atomic contexts
dccp: purge write queue in dccp_destroy_sock()
dccp: defer ccid_hc_tx_delete() at dismantle time
ipv4: fix NULL dereference in free_fib_info_rcu()
net_sched/sfq: update hierarchical backlog when drop packet
net_sched: remove warning from qdisc_hash_add
bpf: fix bpf_trace_printk on 32 bit archs
openvswitch: fix skb_panic due to the incorrect actions attrlen
ptr_ring: use kmalloc_array()
ipv4: better IP_MAX_MTU enforcement
nfp: fix infinite loop on umapping cleanup
sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
tipc: fix use-after-free
ipv6: reset fn->rr_ptr when replacing route
ipv6: repair fib6 tree in failure case
tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP
net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled
irda: do not leak initialized list.dev to userspace
net: sched: fix NULL pointer dereference when action calls some targets
net_sched: fix order of queue length updates in qdisc_replace()
bpf, verifier: add additional patterns to evaluate_reg_imm_alu
bpf: adjust verifier heuristics
bpf, verifier: fix alu ops against map_value{, _adj} register types
bpf: fix mixed signed/unsigned derived min/max value bounds
bpf/verifier: fix min/max handling in BPF_SUB
Input: trackpoint - add new trackpoint firmware ID
Input: elan_i2c - add ELAN0602 ACPI ID to support Lenovo Yoga310
Input: ALPS - fix two-finger scroll breakage in right side on ALPS touchpad
KVM: s390: sthyi: fix sthyi inline assembly
KVM: s390: sthyi: fix specification exception detection
KVM: x86: block guest protection keys unless the host has them enabled
ALSA: usb-audio: Add delay quirk for H650e/Jabra 550a USB headsets
ALSA: core: Fix unexpected error at replacing user TLV
ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
ALSA: firewire: fix NULL pointer dereference when releasing uninitialized data of iso-resource
ARCv2: PAE40: Explicitly set MSB counterpart of SLC region ops addresses
mm, shmem: fix handling /sys/kernel/mm/transparent_hugepage/shmem_enabled
i2c: designware: Fix system suspend
mm/madvise.c: fix freeing of locked page with MADV_FREE
fork: fix incorrect fput of ->exe_file causing use-after-free
mm/memblock.c: reversed logic in memblock_discard()
drm: Release driver tracking before making the object available again
drm/atomic: If the atomic check fails, return its value first
drm: rcar-du: Fix crash in encoder failure error path
drm: rcar-du: Fix display timing controller parameter
drm: rcar-du: Fix H/V sync signal polarity configuration
tracing: Call clear_boot_tracer() at lateinit_sync
tracing: Fix kmemleak in tracing_map_array_free()
tracing: Fix freeing of filter in create_filter() when set_str is false
kbuild: linker script do not match C names unless LD_DEAD_CODE_DATA_ELIMINATION is configured
cifs: Fix df output for users with quota limits
cifs: return ENAMETOOLONG for overlong names in cifs_open()/cifs_lookup()
nfsd: Limit end of page list when decoding NFSv4 WRITE
ftrace: Check for null ret_stack on profile function graph entry function
perf/core: Fix group {cpu,task} validation
perf probe: Fix --funcs to show correct symbols for offline module
perf/x86/intel/rapl: Make package handling more robust
timers: Fix excessive granularity of new timers after a nohz idle
x86/mm: Fix use-after-free of ldt_struct
net: sunrpc: svcsock: fix NULL-pointer exception
Revert "leds: handle suspend/resume in heartbeat trigger"
netfilter: nat: fix src map lookup
Bluetooth: hidp: fix possible might sleep error in hidp_session_thread
Bluetooth: cmtp: fix possible might sleep error in cmtp_session
Bluetooth: bnep: fix possible might sleep error in bnep_session
Revert "android: binder: Sanity check at binder ioctl"
binder: use group leader instead of open thread
binder: Use wake up hint for synchronous transactions.
ANDROID: binder: fix proc->tsk check.
iio: imu: adis16480: Fix acceleration scale factor for adis16480
iio: hid-sensor-trigger: Fix the race with user space powering up sensors
staging: rtl8188eu: add RNX-N150NUB support
Clarify (and fix) MAX_LFS_FILESIZE macros
ntb_transport: fix qp count bug
ntb_transport: fix bug calculating num_qps_mw
NTB: ntb_test: fix bug printing ntb_perf results
ntb: no sleep in ntb_async_tx_submit
ntb: ntb_test: ensure the link is up before trying to configure the mws
ntb: transport shouldn't disable link due to bogus values in SPADs
ACPI: ioapic: Clear on-stack resource before using it
ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
ACPI: EC: Fix regression related to wrong ECDT initialization order
powerpc/mm: Ensure cpumask update is ordered
Linux 4.9.46
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Konstantin Khlebnikov
|
7fa2fdf9f1 |
net_sched: fix order of queue length updates in qdisc_replace()
[ Upstream commit |
||
|
Eric Dumazet
|
f29c9f46af |
ipv4: better IP_MAX_MTU enforcement
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
02f29ab1b9 |
Merge 4.9.42 into android-4.9
Changes in 4.9.42
parisc: Handle vma's whose context is not current in flush_cache_range
cgroup: create dfl_root files on subsys registration
cgroup: fix error return value from cgroup_subtree_control()
libata: array underflow in ata_find_dev()
workqueue: restore WQ_UNBOUND/max_active==1 to be ordered
iwlwifi: dvm: prevent an out of bounds access
brcmfmac: fix memleak due to calling brcmf_sdiod_sgtable_alloc() twice
NFSv4: Fix EXCHANGE_ID corrupt verifier issue
mmc: sdhci-of-at91: force card detect value for non removable devices
device property: Make dev_fwnode() public
mmc: core: Fix access to HS400-ES devices
mm, mprotect: flush TLB if potentially racing with a parallel reclaim leaving stale TLB entries
cpuset: fix a deadlock due to incomplete patching of cpusets_enabled()
ALSA: hda - Fix speaker output from VAIO VPCL14M1R
drm/amdgpu: Fix undue fallthroughs in golden registers initialization
ASoC: do not close shared backend dailink
KVM: async_pf: make rcu irq exit if not triggered from idle task
mm/page_alloc: Remove kernel address exposure in free_reserved_area()
timers: Fix overflow in get_next_timer_interrupt
powerpc/tm: Fix saving of TM SPRs in core dump
powerpc/64: Fix __check_irq_replay missing decrementer interrupt
iommu/amd: Enable ga_log_intr when enabling guest_mode
gpiolib: skip unwanted events, don't convert them to opposite edge
ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
ext4: fix overflow caused by missing cast in ext4_resize_fs()
ARM: dts: armada-38x: Fix irq type for pca955
ARM: dts: tango4: Request RGMII RX and TX clock delays
media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl
iscsi-target: Fix initial login PDU asynchronous socket close OOPs
mmc: dw_mmc: Use device_property_read instead of of_property_read
mmc: core: Use device_property_read instead of of_property_read
media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
f2fs: sanity check checkpoint segno and blkoff
Btrfs: fix early ENOSPC due to delalloc
saa7164: fix double fetch PCIe access condition
tcp_bbr: cut pacing rate only if filled pipe
tcp_bbr: introduce bbr_bw_to_pacing_rate() helper
tcp_bbr: introduce bbr_init_pacing_rate_from_rtt() helper
tcp_bbr: remove sk_pacing_rate=0 transient during init
tcp_bbr: init pacing rate on first RTT sample
ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check()
net: Zero terminate ifr_name in dev_ifname().
ipv6: avoid overflow of offset in ip6_find_1stfragopt
net: dsa: b53: Add missing ARL entries for BCM53125
ipv4: initialize fib_trie prior to register_netdev_notifier call.
rtnetlink: allocate more memory for dev_set_mac_address()
mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled
openvswitch: fix potential out of bound access in parse_ct
packet: fix use-after-free in prb_retire_rx_blk_timer_expired()
ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment()
net: ethernet: nb8800: Handle all 4 RGMII modes identically
dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly
dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly
dccp: fix a memleak for dccp_feat_init err process
sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
net/mlx5: Consider tx_enabled in all modes on remap
net/mlx5: Fix command bad flow on command entry allocation failure
net/mlx5e: Fix outer_header_zero() check size
net/mlx5e: Fix wrong delay calculation for overflow check scheduling
net/mlx5e: Schedule overflow check work to mlx5e workqueue
net: phy: Correctly process PHY_HALTED in phy_stop_machine()
xen-netback: correctly schedule rate-limited queues
sparc64: Measure receiver forward progress to avoid send mondo timeout
sparc64: Fix exception handling in UltraSPARC-III memcpy.
wext: handle NULL extra data in iwe_stream_add_point better
sh_eth: fix EESIPR values for SH77{34|63}
sh_eth: R8A7740 supports packet shecksumming
net: phy: dp83867: fix irq generation
tg3: Fix race condition in tg3_get_stats64().
x86/boot: Add missing declaration of string functions
spi: spi-axi: Free resources on error path
ASoC: rt5645: set sel_i2s_pre_div1 to 2
netfilter: use fwmark_reflect in nf_send_reset
phy state machine: failsafe leave invalid RUNNING state
ipv4: make tcp_notsent_lowat sysctl knob behave as true unsigned int
clk/samsung: exynos542x: mark some clocks as critical
scsi: qla2xxx: Get mutex lock before checking optrom_state
drm/virtio: fix framebuffer sparse warning
ARM: dts: sun8i: Support DTB build for NanoPi M1
ARM: dts: sunxi: Change node name for pwrseq pin on Olinuxino-lime2-emmc
iw_cxgb4: do not send RX_DATA_ACK CPLs after close/abort
nbd: blk_mq_init_queue returns an error code on failure, not NULL
virtio_blk: fix panic in initialization error path
ARM: 8632/1: ftrace: fix syscall name matching
mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER
lib/Kconfig.debug: fix frv build failure
signal: protect SIGNAL_UNKILLABLE from unintentional clearing.
mm: don't dereference struct page fields of invalid pages
net/mlx5: E-Switch, Re-enable RoCE on mode change only after FDB destroy
ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output
net: account for current skb length when deciding about UFO
net: phy: Fix PHY unbind crash
workqueue: implicit ordered attribute should be overridable
Linux 4.9.42
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Arnd Bergmann
|
b87145215a |
wext: handle NULL extra data in iwe_stream_add_point better
commit
|
||
|
Xin Long
|
df32d08293 |
sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
[ Upstream commit |
||
|
Alexander Potapenko
|
cc6f1486f2 |
sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
14accea70e |
Merge 4.9.39 into android-4.9
Changes in 4.9.39
xen-netfront: Rework the fix for Rx stall during OOM and network stress
net_sched: fix error recovery at qdisc creation
net: sched: Fix one possible panic when no destroy callback
net/phy: micrel: configure intterupts after autoneg workaround
ipv6: avoid unregistering inet6_dev for loopback
net: dp83640: Avoid NULL pointer dereference.
tcp: reset sk_rx_dst in tcp_disconnect()
net: prevent sign extension in dev_get_stats()
bridge: mdb: fix leak on complete_info ptr on fail path
rocker: move dereference before free
bpf: prevent leaking pointer via xadd on unpriviledged
net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish()
net/mlx5: Cancel delayed recovery work when unloading the driver
liquidio: fix bug in soft reset failure detection
net/mlx5e: Fix TX carrier errors report in get stats ndo
ipv6: dad: don't remove dynamic addresses if link is down
vxlan: fix hlist corruption
net: core: Fix slab-out-of-bounds in netdev_stats_to_stats64
net: ipv6: Compare lwstate in detecting duplicate nexthops
vrf: fix bug_on triggered by rx when destroying a vrf
rds: tcp: use sock_create_lite() to create the accept socket
brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
brcmfmac: Fix a memory leak in error handling path in 'brcmf_cfg80211_attach'
brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain
sfc: don't read beyond unicast address list
cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
cfg80211: Validate frequencies nested in NL80211_ATTR_SCAN_FREQUENCIES
cfg80211: Check if PMKID attribute is of expected size
cfg80211: Check if NAN service ID is of expected size
irqchip/gic-v3: Fix out-of-bound access in gic_set_affinity
parisc: Report SIGSEGV instead of SIGBUS when running out of stack
parisc: use compat_sys_keyctl()
parisc: DMA API: return error instead of BUG_ON for dma ops on non dma devs
parisc/mm: Ensure IRQs are off in switch_mm()
tools/lib/lockdep: Reduce MAX_LOCK_DEPTH to avoid overflowing lock_chain/: Depth
thp, mm: fix crash due race in MADV_FREE handling
kernel/extable.c: mark core_kernel_text notrace
mm/list_lru.c: fix list_lru_count_node() to be race free
fs/dcache.c: fix spin lockup issue on nlru->lock
checkpatch: silence perl 5.26.0 unescaped left brace warnings
binfmt_elf: use ELF_ET_DYN_BASE only for PIE
arm: move ELF_ET_DYN_BASE to 4MB
arm64: move ELF_ET_DYN_BASE to 4GB / 4MB
powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB
s390: reduce ELF_ET_DYN_BASE
exec: Limit arg stack to at most 75% of _STK_LIM
ARM64: dts: marvell: armada37xx: Fix timer interrupt specifiers
vt: fix unchecked __put_user() in tioclinux ioctls
rcu: Add memory barriers for NOCB leader wakeup
nvmem: core: fix leaks on registration errors
mnt: In umount propagation reparent in a separate pass
mnt: In propgate_umount handle visiting mounts in any order
mnt: Make propagate_umount less slow for overlapping mount propagation trees
selftests/capabilities: Fix the test_execve test
mm: fix overflow check in expand_upwards()
crypto: talitos - Extend max key length for SHA384/512-HMAC and AEAD
crypto: atmel - only treat EBUSY as transient if backlog
crypto: sha1-ssse3 - Disable avx2
crypto: caam - properly set IV after {en,de}crypt
crypto: caam - fix signals handling
Revert "sched/core: Optimize SCHED_SMT"
sched/fair, cpumask: Export for_each_cpu_wrap()
sched/topology: Fix building of overlapping sched-groups
sched/topology: Optimize build_group_mask()
sched/topology: Fix overlapping sched_group_mask
PM / wakeirq: Convert to SRCU
PM / QoS: return -EINVAL for bogus strings
tracing: Use SOFTIRQ_OFFSET for softirq dectection for more accurate results
kvm: vmx: Do not disable intercepts for BNDCFGS
kvm: x86: Guest BNDCFGS requires guest MPX support
kvm: vmx: Check value written to IA32_BNDCFGS
kvm: vmx: allow host to access guest MSR_IA32_BNDCFGS
4.9.39
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
David Ahern
|
0bc26d1ca3 |
net: ipv6: Compare lwstate in detecting duplicate nexthops
commit |
||
|
Jiri Benc
|
beabc60327 |
vxlan: fix hlist corruption
[ Upstream commit |
||
|
Greg Kroah-Hartman
|
184ce810ce |
Merge 4.9.36 into android-4.9
Changes in 4.9.36 ipv6: release dst on error in ip6_dst_lookup_tail net: don't call strlen on non-terminated string in dev_set_alias() decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb net: Zero ifla_vf_info in rtnl_fill_vfinfo() net: vrf: Make add_fib_rules per network namespace flag af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers Fix an intermittent pr_emerg warning about lo becoming free. sctp: disable BH in sctp_for_each_endpoint net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx net: tipc: Fix a sleep-in-atomic bug in tipc_msg_reverse net/mlx5e: Added BW check for DIM decision mechanism net/mlx5e: Fix wrong indications in DIM due to counter wraparound proc: snmp6: Use correct type in memset igmp: acquire pmc lock for ip_mc_clear_src() igmp: add a missing spin_lock_init() ipv6: fix calling in6_ifa_hold incorrectly for dad work sctp: return next obj by passing pos + 1 into sctp_transport_get_idx net/mlx5e: Avoid doing a cleanup call if the profile doesn't have it net/mlx5: Wait for FW readiness before initializing command interface net/mlx5e: Fix timestamping capabilities reporting decnet: always not take dst->__refcnt when inserting dst into hash table net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev sfc: provide dummy definitions of vswitch functions ipv6: Do not leak throw route references rtnetlink: add IFLA_GROUP to ifla_policy netfilter: xt_TCPMSS: add more sanity tests on tcph->doff netfilter: synproxy: fix conntrackd interaction NFSv4: fix a reference leak caused WARNING messages NFSv4.x/callback: Create the callback service through svc_create_pooled xen/blkback: don't use xen_blkif_get() in xen-blkback kthread drm/ast: Handle configuration without P2A bridge mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() MIPS: head: Reorder instructions missing a delay slot MIPS: Avoid accidental raw backtrace MIPS: pm-cps: Drop manual cache-line alignment of ready_count MIPS: Fix IRQ tracing & lockdep when rescheduling ALSA: hda - Fix endless loop of codec configure ALSA: hda - set input_path bitmap to zero after moving it to new place NFSv4.1: Fix a race in nfs4_proc_layoutget gpiolib: fix filtering out unwanted events drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr dm thin: do not queue freed thin mapping for next stage processing x86/mm: Fix boot crash caused by incorrect loop count calculation in sync_global_pgds() usb: gadget: f_fs: Fix possibe deadlock l2tp: fix race in l2tp_recv_common() l2tp: ensure session can't get removed during pppol2tp_session_ioctl() l2tp: fix duplicate session creation l2tp: hold session while sending creation notifications l2tp: take a reference on sessions used in genetlink handlers mm: numa: avoid waiting on freed migrated pages sparc64: Handle PIO & MEM non-resumable errors. sparc64: Zero pages on allocation for mondo and error queues. net: ethtool: add support for 2500BaseT and 5000BaseT link modes net: phy: add an option to disable EEE advertisement dt-bindings: net: add EEE capability constants net: phy: fix sign type error in genphy_config_eee_advert net: phy: use boolean dt properties for eee broken modes dt: bindings: net: use boolean dt properties for eee broken modes ARM64: dts: meson-gxbb-odroidc2: fix GbE tx link breakage xen/blkback: don't free be structure too early KVM: x86: fix fixing of hypercalls scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type stmmac: add missing of_node_put scsi: lpfc: Set elsiocb contexts to NULL after freeing it qla2xxx: Terminate exchange if corrupted qla2xxx: Fix erroneous invalid handle message drm/amdgpu: fix program vce instance logic error. drm/amdgpu: add support for new hainan variants net: phy: dp83848: add DP83620 PHY support perf/x86/intel: Handle exclusive threadid correctly on CPU hotplug net: korina: Fix NAPI versus resources freeing powerpc/eeh: Enable IO path on permanent error net: ethtool: Initialize buffer when querying device channel settings xen-netback: fix memory leaks on XenBus disconnect xen-netback: protect resource cleaning on XenBus disconnect bnxt_en: Fix "uninitialized variable" bug in TPA code path. bpf: don't trigger OOM killer under pressure with map alloc objtool: Fix IRET's opcode gianfar: Do not reuse pages from emergency reserve Btrfs: Fix deadlock between direct IO and fast fsync Btrfs: fix truncate down when no_holes feature is enabled virtio_console: fix a crash in config_work_handler swiotlb-xen: update dev_addr after swapping pages xen-netfront: Fix Rx stall during network stress and OOM scsi: virtio_scsi: Reject commands when virtqueue is broken iwlwifi: fix kernel crash when unregistering thermal zone platform/x86: ideapad-laptop: handle ACPI event 1 amd-xgbe: Check xgbe_init() return code net: dsa: Check return value of phy_connect_direct() drm/amdgpu: check ring being ready before using vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null mlxsw: spectrum_router: Correctly reallocate adjacency entries virtio_net: fix PAGE_SIZE > 64k ip6_tunnel: must reload ipv6h in ip6ip6_tnl_xmit() vxlan: do not age static remote mac entries ibmveth: Add a proper check for the availability of the checksum features kernel/panic.c: add missing \n Documentation: devicetree: change the mediatek ethernet compatible string drm/etnaviv: trick drm_mm into giving out a low IOVA perf/x86/intel/uncore: Fix hardcoded socket 0 assumption in the Haswell init code pinctrl: intel: Set pin direction properly net: phy: marvell: fix Marvell 88E1512 used in SGMII mode mac80211: recalculate min channel width on VHT opmode changes perf/x86/intel: Use ULL constant to prevent undefined shift behaviour HID: i2c-hid: Add sleep between POWER ON and RESET scsi: lpfc: avoid double free of resource identifiers spi: davinci: use dma_mapping_error() arm64: assembler: make adr_l work in modules under KASLR net: thunderx: acpi: fix LMAC initialization drm/radeon/si: load special ucode for certain MC configs drm/amd/powerplay: fix vce cg logic error on CZ/St. drm/amd/powerplay: refine vce dpm update code on Cz. pmem: return EIO on read_pmem() failure mac80211: initialize SMPS field in HT capabilities x86/tsc: Add the Intel Denverton Processor to native_calibrate_tsc() x86/mpx: Use compatible types in comparison to fix sparse error perf/core: Fix sys_perf_event_open() vs. hotplug perf/x86: Reject non sampling events with precise_ip aio: fix lock dep warning coredump: Ensure proper size of sparse core files swiotlb: ensure that page-sized mappings are page-aligned s390/ctl_reg: make __ctl_load a full memory barrier usb: dwc2: gadget: Fix GUSBCFG.USBTRDTIM value be2net: fix status check in be_cmd_pmac_add() be2net: don't delete MAC on close on unprivileged BE3 VFs be2net: fix MAC addr setting on privileged BE3 VFs perf probe: Fix to show correct locations for events on modules net: phy: dp83867: allow RGMII_TXID/RGMII_RXID interface types tipc: allocate user memory with GFP_KERNEL flag perf probe: Fix to probe on gcc generated functions in modules net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV sctp: check af before verify address in sctp_addr_id2transport ip6_tunnel, ip6_gre: fix setting of DSCP on encapsulated packets ravb: Fix use-after-free on `ifconfig eth0 down` mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY xfrm: NULL dereference on allocation failure xfrm: Oops on error in pfkey_msg2xfrm_state() netfilter: use skb_to_full_sk in ip_route_me_harder watchdog: bcm281xx: Fix use of uninitialized spinlock. sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting spi: When no dma_chan map buffers with spi_master's parent spi: fix device-node leaks regulator: tps65086: Fix expected switch DT node names regulator: tps65086: Fix DT node referencing in of_parse_cb ARM: OMAP2+: omap_device: Sync omap_device and pm_runtime after probe defer ARM: dts: OMAP3: Fix MFG ID EEPROM ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation ARM: 8685/1: ensure memblock-limit is pmd-aligned tools arch: Sync arch/x86/lib/memcpy_64.S with the kernel x86/boot/KASLR: Fix kexec crash due to 'virt_addr' calculation bug x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space x86/mm: Fix flush_tlb_page() on Xen ocfs2: o2hb: revert hb threshold to keep compatible iommu/vt-d: Don't over-free page table directories iommu: Handle default domain attach failure iommu/dma: Don't reserve PCI I/O windows iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid() iommu/amd: Fix interrupt remapping when disable guest_mode cpufreq: s3c2416: double free on driver init error path clk: scpi: don't add cpufreq device if the scpi dvfs node is disabled objtool: Fix another GCC jump table detection issue infiniband: hns: avoid gcc-7.0.1 warning for uninitialized data brcmfmac: avoid writing channel out of allocated array i2c: brcmstb: Fix START and STOP conditions mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program arm64: fix NULL dereference in have_cpu_die() KVM: x86: fix emulation of RSM and IRET instructions KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh() KVM: x86: zero base3 of unusable segments KVM: nVMX: Fix exception injection Linux 4.9.36 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Sabrina Dubroca
|
1e1666257c |
xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY
commit |
||
|
Greg Kroah-Hartman
|
0d21cf1656 |
Merge 4.9.33 into android-4.9
Changes in 4.9.33 PCI/PM: Add needs_resume flag to avoid suspend complete optimization drm/i915: Prevent the system suspend complete optimization partitions/msdos: FreeBSD UFS2 file systems are not recognized netfilter: nf_conntrack_sip: fix wrong memory initialisation ibmvnic: Fix endian errors in error reporting output ibmvnic: Fix endian error when requesting device capabilities net: xilinx_emaclite: fix freezes due to unordered I/O net: xilinx_emaclite: fix receive buffer overflow tcp: tcp_probe: use spin_lock_bh() ipv6: Handle IPv4-mapped src to in6addr_any dst. ipv6: Inhibit IPv4-mapped src address on the wire. tipc: Fix tipc_sk_reinit race conditions gfs2: Use rhashtable walk interface in glock_hash_walk NET: Fix /proc/net/arp for AX.25 ibmvnic: Call napi_disable instead of napi_enable in failure path ibmvnic: Initialize completion variables before starting work NET: mkiss: Fix panic net: hns: Fix the device being used for dma mapping during TX sierra_net: Skip validating irrelevant fields for IDLE LSIs sierra_net: Add support for IPv6 and Dual-Stack Link Sense Indications i2c: piix4: Request the SMBUS semaphore inside the mutex i2c: piix4: Fix request_region size powerpc/powernv: Properly set "host-ipi" on IPIs kernel/ucount.c: mark user_header with kmemleak_ignore() net: thunderx: Fix PHY autoneg for SGMII QLM mode ipv6: addrconf: fix generation of new temporary addresses vfio/spapr_tce: Set window when adding additional groups to container ipv6: Fix IPv6 packet loss in scenarios involving roaming + snooping switches ARM: defconfigs: make NF_CT_PROTO_SCTP and NF_CT_PROTO_UDPLITE built-in PM / runtime: Avoid false-positive warnings from might_sleep_if() jump label: pass kbuild_cflags when checking for asm goto support shmem: fix sleeping from atomic context kasan: respect /proc/sys/kernel/traceoff_on_warning log2: make order_base_2() behave correctly on const input value zero ethtool: do not vzalloc(0) on registers dump net: phy: Fix lack of reference count on PHY driver net: phy: Fix PHY module checks and NULL deref in phy_attach_direct() net: fix ndo_features_check/ndo_fix_features comment ordering fscache: Fix dead object requeue fscache: Clear outstanding writes when disabling a cookie FS-Cache: Initialise stores_lock in netfs cookie ipv6: fix flow labels when the traffic class is non-0 drm/nouveau: prevent userspace from deleting client object drm/nouveau/fence/g84-: protect against concurrent access to semaphore buffers net/mlx4_core: Avoid command timeouts during VF driver device shutdown gianfar: synchronize DMA API usage by free_skb_rx_queue w/ gfar_new_page pinctrl: baytrail: Rectify debounce support (part 2) cec: fix wrong last_la determination drm: prevent double-(un)registration for connectors drm: Don't race connector registration pinctrl: berlin-bg4ct: fix the value for "sd1a" of pin SCRD0_CRD_PRES net: adaptec: starfire: add checks for dma mapping errors drm/i915: Check for NULL i915_vma in intel_unpin_fb_obj() net/mlx5: E-Switch, Err when retrieving steering name-space fails net/mlx5: Return EOPNOTSUPP when failing to get steering name-space parisc, parport_gsc: Fixes for printk continuation lines net: phy: micrel: add support for KSZ8795 gtp: add genl family modules alias drm/nouveau: Intercept ACPI_VIDEO_NOTIFY_PROBE drm/nouveau: Rename acpi_work to hpd_work drm/nouveau: Handle fbcon suspend/resume in seperate worker drm/nouveau: Don't enabling polling twice on runtime resume drm/nouveau: Fix drm poll_helper handling drm/ast: Fixed system hanged if disable P2A ravb: unmap descriptors when freeing rings nfs: Fix "Don't increment lock sequence ID after NFS4ERR_MOVED" nvmet-rdma: Fix missing dma sync to nvme data structures r8152: avoid start_xmit to call napi_schedule during autosuspend r8152: check rx after napi is enabled r8152: re-schedule napi for tx r8152: fix rtl8152_post_reset function r8152: avoid start_xmit to schedule napi when napi is disabled net-next: ethernet: mediatek: change the compatible string bnxt_en: Fix bnxt_reset() in the slow path task. bnxt_en: Enhance autoneg support. bnxt_en: Fix RTNL lock usage on bnxt_update_link(). bnxt_en: Fix RTNL lock usage on bnxt_get_port_module_status(). sctp: sctp gso should set feature with NETIF_F_SG when calling skb_segment sctp: sctp_addr_id2transport should verify the addr before looking up assoc usb: musb: Fix external abort on non-linefetch for musb_irq_work() mn10300: fix build error of missing fpu_save() romfs: use different way to generate fsid for BLOCK or MTD frv: add atomic64_add_unless() frv: add missing atomic64 operations proc: add a schedule point in proc_pid_readdir() userfaultfd: fix SIGBUS resulting from false rwsem wakeups kernel/watchdog.c: move hardlockup detector to separate file kernel/watchdog.c: move shared definitions to nmi.h kernel/watchdog: prevent false hardlockup on overloaded system vhost/vsock: handle vhost_vq_init_access() error ARC: smp-boot: Decouple Non masters waiting API from jump to entry point ARCv2: smp-boot: wake_flag polling by non-Masters needs to be uncached tipc: ignore requests when the connection state is not CONNECTED tipc: fix connection refcount error tipc: add subscription refcount to avoid invalid delete tipc: fix nametbl_lock soft lockup at node/link events netfilter: nf_tables: fix set->nelems counting with no NLM_F_EXCL netfilter: nft_log: restrict the log prefix length to 127 RDMA/qedr: Dispatch port active event from qedr_add RDMA/qedr: Fix and simplify memory leak in PD alloc RDMA/qedr: Don't reset QP when queues aren't flushed RDMA/qedr: Don't spam dmesg if QP is in error state RDMA/qedr: Return max inline data in QP query result xtensa: don't use linux IRQ #0 s390/kvm: do not rely on the ILC on kvm host protection fauls drm/i915: Workaround VLV/CHV DSI scanline counter hardware fail drm/i915: Always recompute watermarks when distrust_bios_wm is set, v2. sparc64: make string buffers large enough Linux 4.9.33 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Dimitris Michailidis
|
16f733d8db |
ipv6: fix flow labels when the traffic class is non-0
[ Upstream commit
|
||
|
Greg Kroah-Hartman
|
da3493c028 |
Merge 4.9.32 into android-4.9
Changes in 4.9.32 bnx2x: Fix Multi-Cos vxlan: eliminate cached dst leak ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() cxgb4: avoid enabling napi twice to the same queue tcp: disallow cwnd undo when switching congestion control vxlan: fix use-after-free on deletion ipv6: Fix leak in ipv6_gso_segment(). net: ping: do not abuse udp_poll() net/ipv6: Fix CALIPSO causing GPF with datagram support net: ethoc: enable NAPI before poll may be scheduled net: stmmac: fix completely hung TX when using TSO net: bridge: start hello timer only if device is up sparc64: Add __multi3 for gcc 7.x and later. sparc64: mm: fix copy_tsb to correctly copy huge page TSBs sparc: Machine description indices can vary sparc64: reset mm cpumask after wrap sparc64: combine activate_mm and switch_mm sparc64: redefine first version sparc64: add per-cpu mm of secondary contexts sparc64: new context wrap sparc64: delete old wrap code arch/sparc: support NR_CPUS = 4096 serial: ifx6x60: fix use-after-free on module unload ptrace: Properly initialize ptracer_cred on fork crypto: asymmetric_keys - handle EBUSY due to backlog correctly KEYS: fix dereferencing NULL payload with nonzero length KEYS: fix freeing uninitialized memory in key_update() KEYS: encrypted: avoid encrypting/decrypting stack buffers crypto: drbg - wait for crypto op not signal safe crypto: gcm - wait for crypto op not signal safe drm/amdgpu/ci: disable mclk switching for high refresh rates (v2) nfsd4: fix null dereference on replay nfsd: Fix up the "supattr_exclcreat" attributes efi: Don't issue error message when booted under Xen kvm: async_pf: fix rcu_irq_enter() with irqs enabled KVM: cpuid: Fix read/write out-of-bounds vulnerability in cpuid emulation arm64: KVM: Preserve RES1 bits in SCTLR_EL2 arm64: KVM: Allow unaligned accesses at EL2 arm: KVM: Allow unaligned accesses at HYP KVM: async_pf: avoid async pf injection when in guest mode KVM: arm/arm64: vgic-v3: Do not use Active+Pending state for a HW interrupt KVM: arm/arm64: vgic-v2: Do not use Active+Pending state for a HW interrupt dmaengine: usb-dmac: Fix DMAOR AE bit definition dmaengine: ep93xx: Always start from BASE0 dmaengine: ep93xx: Don't drain the transfers in terminate_all() dmaengine: mv_xor_v2: handle mv_xor_v2_prep_sw_desc() error properly dmaengine: mv_xor_v2: properly handle wrapping in the array of HW descriptors dmaengine: mv_xor_v2: do not use descriptors not acked by async_tx dmaengine: mv_xor_v2: enable XOR engine after its configuration dmaengine: mv_xor_v2: fix tx_submit() implementation dmaengine: mv_xor_v2: remove interrupt coalescing dmaengine: mv_xor_v2: set DMA mask to 40 bits cfq-iosched: fix the delay of cfq_group's vdisktime under iops mode xen/privcmd: Support correctly 64KB page granularity when mapping memory ext4: fix SEEK_HOLE ext4: keep existing extra fields when inode expands ext4: fix data corruption with EXT4_GET_BLOCKS_ZERO ext4: fix fdatasync(2) after extent manipulation operations drm: Fix oops + Xserver hang when unplugging USB drm devices usb: gadget: f_mass_storage: Serialize wake and sleep execution usb: chipidea: udc: fix NULL pointer dereference if udc_start failed usb: chipidea: debug: check before accessing ci_role staging/lustre/lov: remove set_fs() call from lov_getstripe() iio: adc: bcm_iproc_adc: swap primary and secondary isr handler's iio: light: ltr501 Fix interchanged als/ps register field iio: proximity: as3935: fix AS3935_INT mask iio: proximity: as3935: fix iio_trigger_poll issue mei: make sysfs modalias format similar as uevent modalias cpufreq: cpufreq_register_driver() should return -ENODEV if init fails target: Re-add check to reject control WRITEs with overflow data drm/msm: Expose our reservation object when exporting a dmabuf. ahci: Acer SA5-271 SSD Not Detected Fix cgroup: Prevent kill_css() from being called more than once Input: elantech - add Fujitsu Lifebook E546/E557 to force crc_enabled cpuset: consider dying css as offline fs: add i_blocksize() ufs: restore proper tail allocation fix ufs_isblockset() ufs: restore maintaining ->i_blocks ufs: set correct ->s_maxsize ufs_extend_tail(): fix the braino in calling conventions of ufs_new_fragments() ufs_getfrag_block(): we only grab ->truncate_mutex on block creation path cxl: Fix error path on bad ioctl cxl: Avoid double free_irq() for psl,slice interrupts btrfs: use correct types for page indices in btrfs_page_exists_in_range btrfs: fix memory leak in update_space_info failure path KVM: arm/arm64: Handle possible NULL stage2 pud when ageing pages scsi: qla2xxx: don't disable a not previously enabled PCI device scsi: qla2xxx: Modify T262 FW dump template to specify same start/end to debug customer issues scsi: qla2xxx: Set bit 15 for DIAG_ECHO_TEST MBC scsi: qla2xxx: Fix mailbox pointer error in fwdump capture powerpc/sysdev/simple_gpio: Fix oops in gpio save_regs function powerpc/numa: Fix percpu allocations to be NUMA aware powerpc/hotplug-mem: Fix missing endian conversion of aa_index powerpc/kernel: Fix FP and vector register restoration powerpc/kernel: Initialize load_tm on task creation perf/core: Drop kernel samples even though :u is specified drm/vmwgfx: Handle vmalloc() failure in vmw_local_fifo_reserve() drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() drm/vmwgfx: Make sure backup_handle is always valid drm/nouveau/tmr: fully separate alarm execution/pending lists ALSA: timer: Fix race between read and ioctl ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT ASoC: Fix use-after-free at card unregistration cpu/hotplug: Drop the device lock on error drivers: char: mem: Fix wraparound check to allow mappings up to the end serial: sh-sci: Fix panic when serial console and DMA are enabled arm64: traps: fix userspace cache maintenance emulation on a tagged pointer arm64: hw_breakpoint: fix watchpoint matching for tagged pointers arm64: entry: improve data abort handling of tagged pointers ARM: 8636/1: Cleanup sanity_check_meminfo ARM: 8637/1: Adjust memory boundaries after reservations usercopy: Adjust tests to deal with SMAP/PAN drm/i915/vbt: don't propagate errors from intel_bios_init() drm/i915/vbt: split out defaults that are set when there is no VBT cpufreq: schedutil: move cached_raw_freq to struct sugov_policy cpufreq: schedutil: Fix per-CPU structure initialization in sugov_start() netfilter: nft_set_rbtree: handle element re-addition after deletion Linux 4.9.32 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric Dumazet
|
0aa89f1b07 |
net: ping: do not abuse udp_poll()
[ Upstream commit |
||
|
Greg Kroah-Hartman
|
77d3588891 |
Merge 4.9.31 into android-4.9
Changes in 4.9.31
dccp/tcp: do not inherit mc_list from parent
driver: vrf: Fix one possible use-after-free issue
ipv6/dccp: do not inherit ipv6_mc_list from parent
s390/qeth: handle sysfs error during initialization
s390/qeth: unbreak OSM and OSN support
s390/qeth: avoid null pointer dereference on OSN
s390/qeth: add missing hash table initializations
bpf, arm64: fix faulty emission of map access in tail calls
netem: fix skb_orphan_partial()
net: fix compile error in skb_orphan_partial()
tcp: avoid fragmenting peculiar skbs in SACK
sctp: fix src address selection if using secondary addresses for ipv6
sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
net/packet: fix missing net_device reference release
net/mlx5e: Use the correct pause values for ethtool advertising
net/mlx5e: Fix ethtool pause support and advertise reporting
tcp: eliminate negative reordering in tcp_clean_rtx_queue
net: Improve handling of failures on link and route dumps
ipv6: Prevent overrun when parsing v6 header options
ipv6: Check ip6_find_1stfragopt() return value properly.
bridge: netlink: check vlan_default_pvid range
qmi_wwan: add another Lenovo EM74xx device ID
bridge: start hello_timer when enabling KERNEL_STP in br_stp_start
ipv6: fix out of bound writes in __ip6_append_data()
bonding: fix accounting of active ports in 3ad
net/mlx5: Avoid using pending command interface slots
net: phy: marvell: Limit errata to 88m1101
vlan: Fix tcp checksum offloads in Q-in-Q vlans
be2net: Fix offload features for Q-in-Q packets
virtio-net: enable TSO/checksum offloads for Q-in-Q vlans
tcp: avoid fastopen API to be used on AF_UNSPEC
sctp: fix ICMP processing if skb is non-linear
ipv4: add reference counting to metrics
bpf: add bpf_clone_redirect to bpf_helper_changes_pkt_data
sparc: Fix -Wstringop-overflow warning
sparc/ftrace: Fix ftrace graph time measurement
fs/ufs: Set UFS default maximum bytes per file
powerpc/spufs: Fix hash faults for kernel regions
drivers/tty: 8250: only call fintek_8250_probe when doing port I/O
i2c: i2c-tiny-usb: fix buffer not being DMA capable
crypto: skcipher - Add missing API setkey checks
x86/MCE: Export memory_error()
acpi, nfit: Fix the memory error check in nfit_handle_mce()
Revert "ACPI / button: Change default behavior to lid_init_state=open"
mmc: sdhci-iproc: suppress spurious interrupt with Multiblock read
iscsi-target: Always wait for kthread_should_stop() before kthread exit
ibmvscsis: Clear left-over abort_cmd pointers
ibmvscsis: Fix the incorrect req_lim_delta
HID: wacom: Have wacom_tpc_irq guard against possible NULL dereference
nvme-rdma: support devices with queue size < 32
nvme: use blk_mq_start_hw_queues() in nvme_kill_queues()
nvme: avoid to use blk_mq_abort_requeue_list()
scsi: mpt3sas: Force request partial completion alignment
drm/radeon/ci: disable mclk switching for high refresh rates (v2)
drm/radeon: Unbreak HPD handling for r600+
drm/radeon: Fix vram_size/visible values in DRM_RADEON_GEM_INFO ioctl
pcmcia: remove left-over %Z format
ALSA: hda - apply STAC_9200_DELL_M22 quirk for Dell Latitude D430
mm/migrate: fix refcount handling when !hugepage_migration_supported()
mlock: fix mlock count can not decrease in race condition
mm: consider memblock reservations for deferred memory initialization sizing
RDMA/qib,hfi1: Fix MR reference count leak on write with immediate
x86/boot: Use CROSS_COMPILE prefix for readelf
ksm: prevent crash after write_protect_page fails
slub/memcg: cure the brainless abuse of sysfs attributes
mm/slub.c: trace free objects at KERN_INFO
drm/gma500/psb: Actually use VBT mode when it is found
xfs: Fix missed holes in SEEK_HOLE implementation
xfs: use ->b_state to fix buffer I/O accounting release race
xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff()
xfs: verify inline directory data forks
xfs: rework the inline directory verifiers
xfs: fix kernel memory exposure problems
xfs: use dedicated log worker wq to avoid deadlock with cil wq
xfs: fix over-copying of getbmap parameters from userspace
xfs: actually report xattr extents via iomap
xfs: drop iolock from reclaim context to appease lockdep
xfs: fix integer truncation in xfs_bmap_remap_alloc
xfs: handle array index overrun in xfs_dir2_leaf_readbuf()
xfs: prevent multi-fsb dir readahead from reading random blocks
xfs: fix up quotacheck buffer list error handling
xfs: support ability to wait on new inodes
xfs: update ag iterator to support wait on new inodes
xfs: wait on new inodes during quotaoff dquot release
xfs: reserve enough blocks to handle btree splits when remapping
xfs: fix use-after-free in xfs_finish_page_writeback
xfs: fix indlen accounting error on partial delalloc conversion
xfs: BMAPX shouldn't barf on inline-format directories
xfs: bad assertion for delalloc an extent that start at i_size
xfs: xfs_trans_alloc_empty
xfs: avoid mount-time deadlock in CoW extent recovery
xfs: fix unaligned access in xfs_btree_visit_blocks
xfs: Fix off-by-in in loop termination in xfs_find_get_desired_pgoff()
Linux 4.9.31
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Eric Dumazet
|
988b9792b8 |
ipv4: add reference counting to metrics
[ Upstream commit |
||
|
Greg Kroah-Hartman
|
a745b345b7 |
Merge 4.9.28 into android-4.9
Changes in 4.9.28 9p: fix a potential acl leak drm/sti: fix GDP size to support up to UHD resolution hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628 tpm: fix RC value check in tpm2_seal_trusted tmp: use pdev for parent device in tpm_chip_alloc crypto: caam - fix error path for ctx_dma mapping failure power: supply: lp8788: prevent out of bounds array access cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores powerpc/mm: Fixup wrong LPCR_VRMASD value powerpc/powernv: Fix opal_exit tracepoint opcode powerpc/ftrace: Fix confusing help text for DISABLE_MPROFILE_KERNEL powerpc: Correctly disable latent entropy GCC plugin on prom_init.o perf/x86/intel/pt: Add format strings for PTWRITE and power event tracing power: supply: bq24190_charger: Fix irq trigger to IRQF_TRIGGER_FALLING power: supply: bq24190_charger: Call set_mode_host() on pm_resume() power: supply: bq24190_charger: Install irq_handler_thread() at end of probe() power: supply: bq24190_charger: Call power_supply_changed() for relevant component power: supply: bq24190_charger: Don't read fault register outside irq_handle_thread() power: supply: bq24190_charger: Handle fault before status on interrupt arm64: dts: r8a7795: Mark EthernetAVB device node disabled arm: dts: qcom: Fix ipq board clock rates arm64: Improve detection of user/non-user mappings in set_pte(_at) leds: ktd2692: avoid harmless maybe-uninitialized warning ARM: dts: NSP: GPIO reboot open-source ARM: OMAP5 / DRA7: Fix HYP mode boot for thumb2 build ARM: dts: sun7i: lamobo-r1: Fix CPU port RGMII settings mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print mwifiex: remove redundant dma padding in AMSDU mwifiex: Avoid skipping WEP key deletion for AP iwlwifi: fix MODULE_FIRMWARE for 6030 iwlwifi: mvm: don't restart HW if suspend fails with unified image iwlwifi: mvm: overwrite skb info later iwlwifi: pcie: don't increment / decrement a bool iwlwifi: pcie: trans: Remove unused 'shift_param' iwlwifi: pcie: fix the set of DMA memory mask iwlwifi: mvm: fix reorder timer re-arming iwlwifi: mvm: Use aux queue for offchannel frames in dqa iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe iwlwifi: mvm: fix pending frame counter calculation iwlwifi: mvm: fix references to first_agg_queue in DQA mode iwlwifi: mvm: synchronize firmware DMA paging memory iwlwifi: mvm: writing zero bytes to debugfs causes a crash x86/ioapic: Restore IO-APIC irq_chip retrigger callback x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0 x86/mpx: Re-add MPX to selftests Makefile clk: Make x86/ conditional on CONFIG_COMMON_CLK kprobes/x86: Fix kernel panic when certain exception-handling addresses are probed x86/platform/intel-mid: Correct MSI IRQ line for watchdog device Revert "KVM: nested VMX: disable perf cpuid reporting" KVM: nVMX: initialize PML fields in vmcs02 KVM: nVMX: do not leak PML full vmexit to L1 usb: dwc2: host: use msleep() for long delay usb: host: ehci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths usb: host: ohci-exynos: Decrese node refcount on exynos_ehci_get_phy() error paths usb: chipidea: Only read/write OTGSC from one place usb: chipidea: Handle extcon events properly USB: serial: keyspan_pda: fix receive sanity checks USB: serial: digi_acceleport: fix incomplete rx sanity check USB: serial: ssu100: fix control-message error handling USB: serial: io_edgeport: fix epic-descriptor handling USB: serial: ti_usb_3410_5052: fix control-message error handling USB: serial: ark3116: fix open error handling USB: serial: ftdi_sio: fix latency-timer error handling USB: serial: quatech2: fix control-message error handling USB: serial: mct_u232: fix modem-status error handling USB: serial: io_edgeport: fix descriptor error handling clk: rockchip: add "," to mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036 phy: qcom-usb-hs: Add depends on EXTCON serial: 8250_omap: Fix probe and remove for PM runtime scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m scsi: smartpqi: fix time handling MIPS: R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix brcmfmac: Ensure pointer correctly set if skb data location changes brcmfmac: Make skb header writable before use staging/lustre/llite: move root_squash from sysfs to debugfs staging: wlan-ng: add missing byte order conversion staging: emxx_udc: remove incorrect __init annotations ALSA: hda - Fix deadlock of controller device lock at unbinding sparc64: fix fault handling in NGbzero.S and GENbzero.S macsec: dynamically allocate space for sglist tcp: do not underestimate skb->truesize in tcp_trim_head() bpf: enhance verifier to understand stack pointer arithmetic bpf, arm64: fix jit branch offset related to ldimm64 tcp: fix wraparound issue in tcp_lp net: ipv6: Do not duplicate DAD on link up net: usb: qmi_wwan: add Telit ME910 support tcp: do not inherit fastopen_req from parent ipv4, ipv6: ensure raw socket message is big enough to hold an IP header rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string ipv6: initialize route null entry in addrconf_init() ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf bnxt_en: allocate enough space for ->ntp_fltr_bmap bpf: don't let ldimm64 leak map addresses on unprivileged net: mdio-mux: bcm-iproc: call mdiobus_free() in error path f2fs: sanity check segment count xen: Revert commits |
||
|
WANG Cong
|
8795ee7bed |
ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
[ Upstream commit |
||
|
WANG Cong
|
ecbd3ed2dd |
ipv6: initialize route null entry in addrconf_init()
[ Upstream commit
|
||
|
Dmitry Shmidt
|
5ab69b4e77 |
Merge tag 'v4.9.11' into android-4.9-aosp
This is the 4.9.11 stable release |
||
|
Pablo Neira
|
0d4c19ee68 |
tcp: don't annotate mark on control socket from tcp_v6_send_response()
commit |
||
|
David Ahern
|
2b7f50d67f |
lwtunnel: valid encap attr check should return 0 when lwtunnel is disabled
[ Upstream commit |
||
|
Eric Dumazet
|
66cdd43475 |
netlabel: out of bound access in cipso_v4_validate()
[ Upstream commit |
||
|
Dmitry Shmidt
|
e37704d2d0 |
Merge tag 'v4.9.8' into android-4.9
This is the 4.9.8 stable release |