commit b09c551c77 upstream.
Due to two copy/pastos, closing the MIC or EFX capture device would
make a running ADC capture hang due to unsetting its interrupt handler.
In principle, this would have also allowed dereferencing dangling
pointers, but we're actually rather thorough at disabling and flushing
the ints.
While it may sound like one, this actually wasn't a hypothetical bug:
PortAudio will open a capture stream at startup (and close it right
away) even if not asked to. If the first device is busy, it will just
proceed with the next one ... thus killing a concurrent capture.
Signed-off-by: Oswald Buddenhagen <oswald.buddenhagen@gmx.de>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20230405201220.2197923-1-oswald.buddenhagen@gmx.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This comment make no sense and is in the wrong place, so let's
remove it.
Signed-off-by: Qi Han <hanqi@vivo.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
When a node block is missing for atomic write block replacement, we need
to allocate it in advance of the replacement.
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Need to use cow inode data content instead of the one in the original
inode, when we try to write the already updated atomic write files.
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
drm_atomic_bridge_chain_enable in QCOM symbol list
following symbols are added to symbol list
drm_atomic_bridge_chain_disable
drm_atomic_bridge_chain_enable
function symbols added
'void drm_atomic_bridge_chain_disable(struct drm_bridge *bridge,struct drm_atomic_state *old_state)'
'void drm_atomic_bridge_chain_enable(struct drm_bridge *bridge,struct drm_atomic_state *old_state)'
Bug: 278512378
Change-Id: I46f6489b495f51f628d94120b3c1859ffafe5583
Signed-off-by: Venkata Rao Kakani <quic_vkakani@quicinc.com>
The PSCI MEM_PROTECT function does not have a 64-bit function identifier,
so remove the unused definition which was erroneously left intact when
applying fe3157f328 ("ANDROID: KVM: arm64: Use 32-bit function ID for
PSCI MEM_PROTECT call").
Bug: 260316363
Cc: Quentin Perret <qperret@google.com>
Signed-off-by: Will Deacon <willdeacon@google.com>
Change-Id: Ica948b202bf01175b6ab0961307899d269649880
This commit is for adding initial symbol list form Exynos SoC.
"abi_gki_aarch64_exynos" is generated from minimal configs for build.
2 function symbol(s) added
'int devm_hwrng_register(struct device*, struct hwrng*)'
'int irq_force_affinity(unsigned int, const struct cpumask*)'
Bug: 278466304
Change-Id: I6a700eda5639bf46f694524fefe91b759583704d
Signed-off-by: Junki Min <joonki.min@samsung.com>
Add vendor hook for module init, so we can get memory type and
use it to do memory type check for architecture
dependent page table setting. To make sure the architecture
dependent tables are created correctly, we need to know when
module parts are initialized and their attributes.
For releasing modules, corresponding tables and attributes should be
destroyed and restored.
These hooks may be invoked in non-atomic context, so it's
necessary to use restricted ones.
Bug: 248994334
Change-Id: Ie9f415c36bca1fb98e021522b627e562d27cdef4
Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
Add restricted vendor hook for creds, so we get the creds
information to monitor cred lifetime. During the lifetime,
we store the creds information in a standalone protected
memory and keep track of integrity.
These hooks may be invoked in non-atomic context, so it's
necessary to use restricted ones.
Bug: 248994334
Change-Id: I57fbb759452302fa1ba1e720c76bfe671eab96b5
Signed-off-by: Kuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
More platforms are using the Renesas XHCI controller, so enable it in
the configuration so that we do not have to export a bunch of internal
xhci controller functions that should not be part of any stable api.
Bug: 278153046
Change-Id: I9d8aa6a1783f0bb3bf0d794c7101d1762dd96b3d
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
The upstream commit 2b3d047870 ("unicode: Add utf8-data module") moved
the unicode nomalization functions into a module so that it could be
selectively included in the kernel based of support for case-folding.
In doing so, utf8-core.c uses symbol_request() to reference the
utf8_data_table symbol. Since GKI trims unused symbols, include
this symbol to our symbol list so that it doesn't get trimmed.
Link: https://lore.kernel.org/all/ZDnbW1qYmBLycefL@google.com/
Bug: 278561372
Change-Id: If6347087d8dffae63bb4af5d72b74f703f09b820
Signed-off-by: Will McVicker <willmcvicker@google.com>
Exporsing HotPlugDetect(HPD) helps userspace to infer HPD
state as defined by VESA DisplayPort Alt Mode on USB Type-C Standard.
This allows userspace to notify users for self help, for instance,
to hint user that the display port cable is probably detached (or)
the display port sink (viz., monitors ect.,) is un-powered.
Also helps to debug issues reported from field.
This change adds an additional attribute "hpd" to the existing
"displayport" attributes.
VESA DisplayPort Alt Mode on USB Type-C Standard defines how
HotPlugDetect(HPD) shall be supported on the USB-C connector
when operating in DisplayPort Alt Mode. This is a read only
node which reflects the current state of HPD.
Valid values:
- 1 when HPD’s logical state is high (HPD_High)
- 0 when HPD’s logical state is low (HPD_Low)
Bug: 253534975
Bug: 260915739
Change-Id: Id72e8ef6ede84038479649c2b753acdac547dea1
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Reviewed-by: Heikki Krogerus <heikki.krogerus@linux.intel.com>
Link: https://lore.kernel.org/lkml/20221211193755.1392128-1-badhri@google.com/T/
(cherry picked from commit 001b0c780e)
Context: https://lore.kernel.org/lkml/CAPTae5LbWVc4Bdiwe69cwwxEGfSYvRv=419dUGR1u8n-WUkYAA@mail.gmail.com/t/
Logs in /sys/kernel/debug/usb/tcpm* are key to debug issues related to
USB charging or data. However, tcpm logbuffer logs do not wraparound once full. Whereas we want it to wrap around so that we capture relevant info in the bugreport when the user collects one. There is sentiment in upstream to get rid of the logbuffer altogether and move to tracing. But trace events are not default enabled in Android, so that implies, even if user can somehow enable the trace event, user would have repro the issue and collect the bugreport. That would cause inconvenience to the end user. The vendor hooks is needed till upstream either allows wrapping around logs (or) Android has a generic way to default enable trace events which can be captured in bugreport.
bypass_log is set to true by the handler if logging into logbuffer is
not needed.
Bug: 189792358
Bug: 271294543
Change-Id: Icacfed2264b6c49b8e803c62f8bd820a146c169a
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
(cherry picked from commit bcfe28b62f)
Add a vendor hook to modify the port Source Capabilities. If the caps
are changed and the port state is feasible, start a Power Negotiation
AMS to update the current contract to the new one.
Bug: 201006190
Bug: 206108037
Bug: 271294543
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: I8b524242353781cb39b3ba85c6a75bd5a204ebcf
(cherry picked from commit 00e3210a2f)
Add a hook after receiving the source capabilities from the partner
port. Pass the address of the source capability array so that vendor
code is able to access them.
OOT bug:
Bug: 181629276
Bug: 169215197
Bug: 271294543
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: I11c4a7919c248690e63c3bfbebfa6b8d711175a6
(cherry picked from commit af7214914a)
linux/usb/pd.h has a bunch of timers for which the Type-C spec defines
a range of values. These values have to be tuned based on the latency
observed in a specific architecture. However, linux opensource sets
them to a specific value without providing a mechanism to set board
specific values. While a generic way is figured out, a vendor hook
is needed in the interim.
For instance, tCCDebounce can have a value between 100msec - 200msec.
Squashed <d98a1df78740eedcc4d3d4c8d44b39b73f81df2d>
"ANDROID: usb: typec: tcpm: Fixup the wait time for SNK_DISCOVERY"
OOT_bug:
Bug: 184308605
Bug: 168245874
Bug: 173252019
Bug: 271294543
Change-Id: I278b34654a7e48990b6ebe25fbe17e3aa4165098
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
(cherry picked from commit f694171a83)
This hook is for addressing hardware anomalies where
TCPC_POWER_STATUS_VBUS_PRES bit can return 0 even before falling
below sSinkDisconnect threshold.
Handler has to set bypass to override the value that would otherwise
be returned by this function.
Handler can set vbus or clear vbus to indicate vbus present or absent
Squashed <89f633a9f41259a168473917674dd5cb1bfb991d>
"ANDROID: usb: typec: tcpci: Migrate restricted vendor hook"
OOT_bug:
Bug: 183149028
Bug: 168245874
Bug: 173252019
Bug: 271294543
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: I2ca994d49b37bf8600c5913b892fde9acd0dc896
Needed for controlling BC1.2 detection logic specific to the chip architecture.
Also, needed to implement additional logic to make debug accessorires
specifically designed for Pixel work. These are outside the purview of Type-C spec.
OOT_bug:
Bug: 169213252
Bug: 168245874
Bug: 173252019
Bug: 271294543
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: I36fe75dddd8cd4e2054db01ed4fee7ea08dd8702
(cherry picked from commit 08879ea0d6)
This change fixes a bug where inbound packets to nested IPsec tunnels
fails to pass policy checks due to the inner tunnel's policy checks
not having a reference to the outer policy/template. This causes the
policy check to fail, since the first entries in the secpath correlate
to the outer tunnel, while the templates being verified are for the
inner tunnel.
In order to ensure that the appropriate policy and template context is
searchable, the policy checks must be done incrementally between each
decryption step. As such, this marks secpath entries as having been
successfully matched, skipping them (treating as optional) on subsequent
policy checks
By skipping the immediate error return in the case where the secpath
entry had previously been validated, this change allows secpath entries
that matched a policy/template previously, while still requiring that
each searched template find a match in the secpath.
For security:
- All templates must have matching secpath entries
- Unchanged by current patch; templates that do not match any secpath
entry still return -1. This patch simply allows skipping earlier
blocks of verified secpath entries
- All entries (except trailing transport mode entries) must have a
matching template
- Unvalidated entries, including transport-mode entries still return
the errored index if it does not match the correct template.
Bug: 236423446
Bug: 277711867
Test: Tested against Android Kernel Unit Tests
Link: https://lore.kernel.org/netdev/20220824221252.4130836-2-benedictwong@google.com/
[benedictwong: fixed minor style issues]
Signed-off-by: Benedict Wong <benedictwong@google.com>
Change-Id: Ic32831cb00151d0de2e465f18ec37d5f7b680e54
(cherry picked from commit 970e02667c)
This reverts commit 0b892d8fe9
After manual bisection, I found that 0b892d8fe9 is the culprit of the failed android.net.cts.IpSecManagerTunnelTest .
Bug: 277711867
Signed-off-by: Kelvin Zhang <zhangkelvin@google.com>
Change-Id: Ife350047225fb5d825ec92c5d087313c70965acf
This change ensures that all nested XFRM packets have their policy
checked before decryption of the next layer, so that policies are
verified at each intermediate step of the decryption process.
Notably, raw ESP/AH packets do not perform policy checks inherently,
whereas all other encapsulated packets (UDP, TCP encapsulated) do policy
checks after calling xfrm_input handling in the respective encapsulation
layer.
This is necessary especially for nested tunnels, as the IP addresses,
protocol and ports may all change, thus not matching the previous
policies. In order to ensure that packets match the relevant inbound
templates, the xfrm_policy_check should be done before handing off to
the inner XFRM protocol to decrypt and decapsulate.
In order to prevent double-checking packets both here and in the
encapsulation layers, this check is currently limited to nested
tunnel-mode transforms and checked prior to decapsulation of inner
tunnel layers (prior to hitting a nested tunnel's xfrm_input, there
is no great way to detect a nested tunnel). This is primarily a
performance consideration, as a general blanket check at the end of
xfrm_input would suffice, but may result in multiple policy checks.
Bug: 236423446
Bug: 277711867
Test: Tested against Android Kernel Unit Tests
Link: https://lore.kernel.org/netdev/20220824221252.4130836-3-benedictwong@google.com/
Signed-off-by: Benedict Wong <benedictwong@google.com>
Change-Id: I20c5abf39512d7f6cf438c0921a78a84e281b4e9
(cherry picked from commit b5bf2997c3)
The major change is to call checkpoint, if there's not enough space while having
some prefree segments in FG_GC case.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
We have maintain PagePrivate and page_private and page reference
w/ {set,clear}_page_private_*, it doesn't need to call
folio_detach_private() in the end of .invalidate_folio and
.release_folio, remove it and use f2fs_bug_on instead.
Signed-off-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Convert to use remove_proc_subtree() and kill kobject_del() directly.
kobject_put() actually covers kobject removal automatically, which is
single stage removal.
Signed-off-by: Yangtao Li <frank.li@vivo.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Wire up the iopoll method to the common implementation.
As f2fs use common dio infrastructure:
commit a1e09b03e6 ("f2fs: use iomap for direct I/O")
Signed-off-by: Wu Bo <bo.wu@vivo.com>
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
[ Upstream commit 44a726c3f2 ]
btf_dump_emit_struct_def attempts to print empty structures at a
single line, e.g. `struct empty {}`. However, it has to account for a
case when there are no regular but some padding fields in the struct.
In such case `vlen` would be zero, but size would be non-zero.
E.g. here is struct bpf_timer from vmlinux.h before this patch:
struct bpf_timer {
long: 64;
long: 64;};
And after this patch:
struct bpf_dynptr {
long: 64;
long: 64;
};
Signed-off-by: Eduard Zingerman <eddyz87@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20221001104425.415768-1-eddyz87@gmail.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 3dd4432549 upstream.
Use the maple tree in RCU mode for VMA tracking.
The maple tree tracks the stack and is able to update the pivot
(lower/upper boundary) in-place to allow the page fault handler to write
to the tree while holding just the mmap read lock. This is safe as the
writes to the stack have a guard VMA which ensures there will always be
a NULL in the direction of the growth and thus will only update a pivot.
It is possible, but not recommended, to have VMAs that grow up/down
without guard VMAs. syzbot has constructed a testcase which sets up a
VMA to grow and consume the empty space. Overwriting the entire NULL
entry causes the tree to be altered in a way that is not safe for
concurrent readers; the readers may see a node being rewritten or one
that does not match the maple state they are using.
Enabling RCU mode allows the concurrent readers to see a stable node and
will return the expected result.
Link: https://lkml.kernel.org/r/20230227173632.3292573-9-surenb@google.com
Cc: stable@vger.kernel.org
Fixes: d4af56c5c7 ("mm: start tracking VMAs with maple tree")
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Reported-by: syzbot+8d95422d3537159ca390@syzkaller.appspotmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 790e1fa86b upstream.
Dereferencing RCU objects within the RCU callback without the RCU check
has caused lockdep to complain. Fix the RCU dereferencing by using the
RCU callback lock to ensure the operation is safe.
Also stop creating a new lock to use for dereferencing during destruction
of the tree or subtree. Instead, pass through a pointer to the tree that
has the lock that is held for RCU dereferencing checking. It also does
not make sense to use the maple state in the freeing scenario as the tree
walk is a special case where the tree no longer has the normal encodings
and parent pointers.
Link: https://lkml.kernel.org/r/20230227173632.3292573-8-surenb@google.com
Fixes: 54a611b605 ("Maple Tree: add new data structure")
Cc: stable@vger.kernel.org
Reported-by: Suren Baghdasaryan <surenb@google.com>
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
