Code added for cpu pause feature should be conditional based on
CONFIG_SUSPEND
Fixes: 5ada76d056 ("ANDROID: sched/pause: prevent wake up paused cpus")
Bug: 161210528
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Todd Kjos <tkjos@google.com>
Change-Id: I8dc31064bafb31dd570daae97b7bb547384a771f
Vendor hooks required explicitly defining macros or inline functions
to handle the non-GKI build case (!CONFIG_ANDROID_VENDOR_HOOKS). Added
support for generating them automatically so the macros are no longer
required.
Both models are now supported so we can transition.
Bug: 177416721
Signed-off-by: Todd Kjos <tkjos@google.com>
Change-Id: I01acc389d315a5d509b0c48116854342a42e1058
Fixes use of %p format for u64 (should be %llx)
Fixes: e091aa59b9 ("ANDROID: tracing: Add register read and write
tracing support")
Signed-off-by: Todd Kjos <tkjos@google.com>
Change-Id: I4cd3a179e08a3fb682db6d9bb8530d504eb71720
CFI has additional overhead on indirect branches to modules as the
target is not known at kernel compile-time. This has been demonstrated
to cause problematic performance regressions on benchmarks using GKI
together with modularized scheduler callbacks attached to restricted
vendor hooks.
To restore some of the performance back, let's disable CFI around the
restricted hook call sites and issue a raw indirect call in fast paths.
We should be able to drop this patch when/if the arm64 static_call
port lands upstream [1] as this would make tracepoints circumvent some
of the CFI checks using text patching, but that still remain to be
proven.
[1] https://lore.kernel.org/linux-arm-kernel/20201028184114.6834-1-ardb@kernel.org/
Bug: 168521642
Change-Id: I7cd59f582b12fed15be64059f08122f96786e650
Signed-off-by: Quentin Perret <qperret@google.com>
e820__mapped_all() is passed as a callback to is_mmconf_reserved(),
which expects a function of type:
typedef bool (*check_reserved_t)(u64 start, u64 end, unsigned type);
However, e820__mapped_all() accepts enum e820_type as the last argument
and this type mismatch trips indirect call checking with Clang's
Control-Flow Integrity (CFI).
As is_mmconf_reserved() only passes enum e820_type values for the
type argument, change the typedef and the unused type argument in
is_acpi_reserved() to enum e820_type to fix the type mismatch.
Bug: 145210207
Change-Id: Ic7d0f28887e44c40d09e2392c4301547e642a294
(cherry picked from commit 83321c335d)
Reported-by: Sedat Dilek <sedat.dilek@gmail.com>
Suggested-by: Borislav Petkov <bp@alien8.de>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20201130193900.456726-1-samitolvanen@google.com
Disable CFI for the stand-alone purgatory.ro.
Bug: 145210207
Change-Id: I957fd1d000ed27ca9fe9adb6c0ec2b6e0f6d73ce
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
optprobe_template_func is not marked as a global symbol, which
conflicts with the C declaration and confuses LLVM when CFI is
enabled. However, marking the symbol global results in a CFI jump
table entry being generated for it, which makes objtool unhappy as the
jump table contains a jump to .rodata.
This change solves both issues by removing the C reference to
optprobe_template_func and generates the STACK_FRAME_NON_STANDARD
entry in inline assembly instead.
Bug: 145210207
Change-Id: Ib19b86cf437277036fa218d6e8d7292f10bef940
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Allow CFI enabled entry code to make indirect calls by also mapping
CFI jump tables, and add a check to ensure the jump table section is
not empty.
Bug: 145210207
Change-Id: I4ad3506f7a365cd068009348d45b54e228e42e33
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Also ignore these relocations when loading modules.
Bug: 145210207
Change-Id: I53c8ed4811fee4b770fc5824376fef657ab47bdf
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
The __typeid__* symbols aren't actually relocations, so they can be
ignored during relocation generation.
Bug: 145210207
Change-Id: Ib9abe21c3c2aeee2a41491f8358f1a88717fa843
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Instead of using inline asm for the int3 selftest (which confuses the
Clang's ThinLTO pass), this restores the C function but disables KASAN
(and tracing for good measure) to keep the things simple and avoid
unexpected side-effects. This attempts to keep the fix from commit
ecc6061038 ("x86/alternatives: Fix int3_emulate_call() selftest stack
corruption") without using inline asm.
Bug: 145210207
Change-Id: Ib4cdfde61473febd867c2329f57ec9a8a5eced2f
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
The exception table entries are constructed out of a relative offset
and point to the actual function, not the CFI table entry. For now,
just mark the caller as not checking CFI. The failure is most visible
at boot with CONFIG_DEBUG_RODATA_TEST=y.
Bug: 145210207
Change-Id: Idf6efed424fc95ef20ddd69596478dc813754ce4
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Older versions of Clang didn't generate BTI instructions for the
compiler-generated CFI check functions. As CFI provides a more
fine-grained control-flow checking then BTI, disable BTI when CFI is
enabled and we're using Clang <12.
Bug: 145210207
Change-Id: I248bc761443e4f354cf4dfbfc3db0fc22385ce63
Link: https://bugs.llvm.org/show_bug.cgi?id=46258
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Disable LTO+CFI for code that runs at EL2 to avoid address space
confusion as the CFI jump tables point to EL1 addresses.
Bug: 145210207
Change-Id: I81359ec648b2616e85dfd3bb399327bac980b3fe
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
__apply_alternatives makes indirect calls to functions whose address is
taken in assembly code using the alternative_cb macro. With CFI enabled
using non-canonical jump tables, the compiler isn't able to replace the
function reference with the jump table reference, which trips CFI.
Bug: 145210207
Change-Id: I2361b601d987cd25f88aa0b9f37b400ff566febc
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
We use non-canonical CFI jump tables with CONFIG_CFI_CLANG, which
means the compiler replaces function address references with the
address of the function's CFI jump table entry. This results in
__pa_symbol(function), for example, returning the physical address
of the jump table entry, which can lead to address space confusion
since the jump table itself points to a virtual address. The same
issue happens when passing function pointers to hypervisor code
running at EL2.
This change adds __va_function and __pa_function macros, which use
inline assembly to take the actual function address instead, and
changes the relevant code to use these macros.
Bug: 145210207
Change-Id: Ie3079c10427bde705a2244cfb3cb5fb954e5e065
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Disable CFI checking for functions that switch to linear mapping and
make an indirect call to a physical address, since the compiler only
understands virtual addresses.
Bug: 145210207
Change-Id: I2bd39c5891d4f2ce033e5ee515cf86d96eb0447f
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
To ensure we take the actual address of a function in kernel text,
use __va_function. Otherwise, with CONFIG_CFI_CLANG, the compiler
may replace the address with a pointer to the CFI jump table, which
can reside inside the module, when compiled with CONFIG_LKDTM=m.
Bug: 145210207
Change-Id: Ie65d3aace55695a5e515436267c048b13ace9002
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Casting the comparison function to a different type trips indirect call
Control-Flow Integrity (CFI) checking. Remove the additional consts from
cmp_func, and the now unneeded casts.
Bug: 145210207
Change-Id: Iffe0eeec8e7f65a5937513a4bb87e5107faa004e
Link: https://lore.kernel.org/lkml/20200110225602.91663-1-samitolvanen@google.com/
Fixes: 043b3f7b63 ("lib/list_sort: simplify and remove MAX_LIST_LENGTH_BITS")
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
BPF dispatcher functions are patched at runtime to perform direct
instead of indirect calls. Disable CFI for the dispatcher functions
to avoid conflicts.
Bug: 145210207
Change-Id: Iea72f5a9fe09dd5adbb90b0174945707f42594b0
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With ThinLTO and CFI both enabled, LLVM appends a hash to the
names of all static functions. This breaks userspace tools, so
strip out the hash from output.
Bug: 145210207
Change-Id: Icc0173f1d754b378ae81a9f91d84c0814ba26b78
Suggested-by: Jack Pham <jackp@codeaurora.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With CFI, a callback function passed to __kthread_queue_delayed_work
from a module can point to a jump table entry defined in the module
instead of the one used in the core kernel, which breaks this test:
WARN_ON_ONCE(timer->function != kthread_delayed_work_timer_fn);
To work around the problem, disable the warning when CFI and modules
are both enabled.
Bug: 145210207
Change-Id: I5b0a60bb69ce8e2bc0d8e4bf6736457b6425b6cf
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With CFI, a callback function passed to __queue_delayed_work from a
module can point to a jump table entry defined in the module instead
of the one used in the core kernel, which breaks this test:
WARN_ON_ONCE(timer->function != delayed_work_timer_fn);
To work around the problem, disable the warning when CFI and modules
are both enabled.
Bug: 145210207
Change-Id: I2a631ea3da9e401af38accf1001082b93b9b3443
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With -ffunction-sections, Clang can generate a jump beyond the end of a
section when the section ends in an unreachable instruction. If the
offset matches the section length, use the last instruction as the jump
destination.
Bug: 145210207
Change-Id: I422b805fe0e857915f0726404d14f62c01629849
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Skip checking for the compiler-generated jump table symbols when Clang's
Control-Flow Integrity (CFI) is enabled.
Bug: 145210207
Change-Id: Icd1fad50214016348289ac5980b062708ab9ecd0
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With CONFIG_CFI_CLANG, LLVM replaces function references with CFI
jump table addresses to allow type checking with indirect calls. This is
unnecessary in ksymtab, so this change uses inline assembly to emit
ksymtab entries that point to the actual function instead when CFI is
enabled.
Bug: 145210207
Change-Id: I894af2c7df476eb00d656c7692a33b25de31e26d
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
On modules with no executable code, LLVM generates a __cfi_check stub,
but won't align it to page size as expected. This change ensures the
function is at the beginning of the .text section and correctly aligned
for the CFI shadow.
Also discard the .eh_frame section, which LLD may emit with CFI_CLANG.
Bug: 145210207
Change-Id: I08923febb549aa64454282cc864ac80dadd717b9
Link: https://bugs.llvm.org/show_bug.cgi?id=46293
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
We use non-canonical CFI jump tables with CONFIG_CFI_CLANG, which
means the compiler replaces function address references with the
address of the function's CFI jump table entry. This results in
__pa_symbol(function), for example, returning the physical address
of the jump table entry, which can lead to address space confusion
since the jump table itself points to a virtual address.
This change adds generic definitions for __pa/va_function, which
architectures that support CFI can override.
Bug: 145210207
Change-Id: I5b616901d5582478df613a4d28bf2b9c911edb46
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
With non-canonical CFI, the compiler rewrites function references to
point to the CFI jump table for indirect call checking. This won't
happen when the address is taken in assembly, and will result in a CFI
failure if we jump to the address later in C code.
This change adds the __cficanonical attribute, which tells the
compiler to switch to a canonical jump table for the function. With
canonical CFI, the compiler appends a .cfi postfix to the function
name, and points the original symbol to the jump table. This allows
addresses taken in assembly code to be used for indirect calls without
tripping CFI checks.
Bug: 145210207
Change-Id: Iaca9d1d95f59d7169168d89bc10bf71420487a67
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
This change adds the CONFIG_CFI_CLANG option, CFI error handling,
and a faster look-up table for cross module CFI checks.
Bug: 145210207
Change-Id: I68d620ca548a911e2f49ba801bc0531406e679a3
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Bug: 177075428
Test: incfs_test passes
atest GtsIncrementalInstallTestCases has only 8 failures
Signed-off-by: Paul Lawrence <paullawrence@google.com>
Change-Id: I73accfc1982aec1cd7947996c25a23e4a97cfdac
.blocks_writen file handling was missing some operations:
SELinux xattr handlers, safety checks for it being a
pseudo file etc.
This CL generalizes pseudo file handling so that all such
files work in a generic way and next time it should be
easier to add all operations at once.
Bug: 175823975
Test: incfs_tests pass
Change-Id: Id2b1936018c81c62c8ab4cdbaa8827e2679b513f
Signed-off-by: Yurii Zubrytskyi <zyy@google.com>
Signed-off-by: Paul Lawrence <paullawrence@google.com>
When a buffer is added to the LRU list, a reference is taken which is
not dropped until the buffer is evicted from the LRU list. This is the
correct behavior, however this LRU reference will prevent the buffer
from being dropped. This means that the buffer can't actually be dropped
until it is selected for eviction. There's no bound on the time spent
on the LRU list, which means that the buffer may be undroppable for
very long periods of time. Given that migration involves dropping
buffers, the associated page is now unmigratible for long periods of
time as well. CMA relies on being able to migrate a specific range
of pages, so these types of failures make CMA significantly
less reliable, especially under high filesystem usage.
Rather than waiting for the LRU algorithm to eventually kick out
the buffer, explicitly remove the buffer from the LRU list when trying
to drop it. There is still the possibility that the buffer
could be added back on the list, but that indicates the buffer is
still in use and would probably have other 'in use' indicates to
prevent dropping.
Note: a bug reported by "kernel test robot" lead to a switch from
using xas_for_each() to xa_for_each().
Bug: 174118021
Link: https://lore.kernel.org/linux-mm/cover.1610572007.git.cgoldswo@codeaurora.org/
Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
Signed-off-by: Chris Goldsworthy <cgoldswo@codeaurora.org>
Cc: Matthew Wilcox <willy@infradead.org>
Reported-by: kernel test robot <oliver.sang@intel.com>
Change-Id: I4a93c4ed81c57874764d12f3beea1194a30c13b2
In order to debug critical domain and device power issues, it may be
necessary to disallow certain idle states at runtime. Enable a vendor
hook to check if a domain idle state is allowed for powering down the
domain.
Bug: 175718935
Signed-off-by: Lina Iyer <ilina@codeaurora.org>
Change-Id: I403c0c7d272439fb338bbf54a346861559385047
Previously idle_cpu is exported which is used by vendor module to check
if a cpu is in idle state, but later we think available_idle_cpu is
better than idle_cpu because it also checks vcpu_is_preempted.
Bug: 171740453
Change-Id: I17ccc4925650431f334a9eb2bbc94a138ab36ae0
Signed-off-by: Rick Yiu <rickyiu@google.com>
Signed-off-by: Will McVicker <willmcvicker@google.com>
If CONFIG_LOCKDEP is enabled, export sched_domains_mutex as it is
indirectly accessed by the macro for_each_domain, and that macro might
be used in module code.
Bug: 176254015
Signed-off-by: Daniel Mentz <danielmentz@google.com>
Change-Id: Ia9f2989de41b2224c63855f2fd129cbeeac4f195
Signed-off-by: Will McVicker <willmcvicker@google.com>
IOMMU_SYS_CACHE_ONLY_NWA allows buffers for non-coherent devices
to be mapped with the correct memory attributes so that the buffers
can be cached in the system cache, with a no write allocate cache policy.
However, this property is only usable by drivers that invoke the
IOMMU API directly; it is not usable by drivers that use the DMA API.
Thus, introduce DMA_ATTR_SYS_CACHE_ONLY_NWA, so that drivers for
non-coherent devices that use the DMA API can use it to specify if
they want a buffer to be cached in the system cache.
Bug: 176778547
Change-Id: Ic812a1fb144a58deb4279c2bf121fc6cc4c3b208
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
IOMMU_SYS_CACHE_ONLY allows buffers for non-coherent devices
to be mapped with the correct memory attributes so that the buffers
can be cached in the system cache. However, this property
is only usable by drivers that invoke the IOMMU API directly;
it is not usable by drivers that use the DMA API.
Thus, introduce DMA_ATTR_SYS_CACHE_ONLY, so that drivers for
non-coherent devices that use the DMA API can use it to specify if
they want a buffer to be cached in the system cache.
Bug: 176778547
Change-Id: I849d7a3f36b689afd2f6ee400507223fd6395158
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
Non-coherent devices on systems that support a system or
last level cache may want to request that allocations be
cached in the system cache. For memory that is allocated
by the kernel, and used for DMA with devices, the memory
attributes used for CPU access should match the memory
attributes that will be used for device access.
The memory attributes that need to be programmed into
the MAIR for system cache usage are:
0xf4 - Normal memory, outer write back read/write allocate,
inner non-cacheable.
There is currently no support for this memory attribute for
CPU mappings, so add it.
Bug: 176778547
Change-Id: I3abc7becd408f20ac5499cbbe3c6c6f53f784107
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
Export kstat_irqs_usr and kstat_irqs_cpu symbols for vendor
loadable modules. These symbols are useful for continuous
monitoring of irq stats to detect problems like interrupt
storms.
1) kstat_irqs_usr: it helps in getting total interrupt count
for an IRQ.
2) kstat_irqs_cpu: it helps in getting per cpu interrupt count
for an IRQ.
Bug: 177393442
Change-Id: I6f65c5759cd096db391e1c41e4260aa4ebc40fb4
Signed-off-by: Prateek Sood <prsood@codeaurora.org>
Signed-off-by: Mukesh Ojha <mojha@codeaurora.org>
Changes in 5.10.7
i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs
iavf: fix double-release of rtnl_lock
net/sched: sch_taprio: ensure to reset/destroy all child qdiscs
net: mvpp2: Add TCAM entry to drop flow control pause frames
net: mvpp2: prs: fix PPPoE with ipv6 packet parse
net: systemport: set dev->max_mtu to UMAC_MAX_MTU_SIZE
ethernet: ucc_geth: fix use-after-free in ucc_geth_remove()
ethernet: ucc_geth: set dev->max_mtu to 1518
ionic: account for vlan tag len in rx buffer len
atm: idt77252: call pci_disable_device() on error path
net: mvpp2: Fix GoP port 3 Networking Complex Control configurations
net: stmmac: dwmac-meson8b: ignore the second clock input
ibmvnic: fix login buffer memory leak
ibmvnic: continue fatal error reset after passive init
net: ethernet: mvneta: Fix error handling in mvneta_probe
qede: fix offload for IPIP tunnel packets
virtio_net: Fix recursive call to cpus_read_lock()
net/ncsi: Use real net-device for response handler
net: ethernet: Fix memleak in ethoc_probe
net-sysfs: take the rtnl lock when storing xps_cpus
net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc
net-sysfs: take the rtnl lock when storing xps_rxqs
net-sysfs: take the rtnl lock when accessing xps_rxqs_map and num_tc
net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered
tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS
e1000e: Only run S0ix flows if shutdown succeeded
e1000e: bump up timeout to wait when ME un-configures ULP mode
Revert "e1000e: disable s0ix entry and exit flows for ME systems"
e1000e: Export S0ix flags to ethtool
bnxt_en: Check TQM rings for maximum supported value.
net: mvpp2: fix pkt coalescing int-threshold configuration
bnxt_en: Fix AER recovery.
ipv4: Ignore ECN bits for fib lookups in fib_compute_spec_dst()
net: sched: prevent invalid Scell_log shift count
net: hns: fix return value check in __lb_other_process()
erspan: fix version 1 check in gre_parse_header()
net: hdlc_ppp: Fix issues when mod_timer is called while timer is running
bareudp: set NETIF_F_LLTX flag
bareudp: Fix use of incorrect min_headroom size
vhost_net: fix ubuf refcount incorrectly when sendmsg fails
r8169: work around power-saving bug on some chip versions
net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs
net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access
CDC-NCM: remove "connected" log message
ibmvnic: fix: NULL pointer dereference.
net: usb: qmi_wwan: add Quectel EM160R-GL
selftests: mlxsw: Set headroom size of correct port
stmmac: intel: Add PCI IDs for TGL-H platform
selftests/vm: fix building protection keys test
block: add debugfs stanza for QUEUE_FLAG_NOWAIT
workqueue: Kick a worker based on the actual activation of delayed works
scsi: ufs: Fix wrong print message in dev_err()
scsi: ufs-pci: Fix restore from S4 for Intel controllers
scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff()
scsi: ufs-pci: Fix recovery from hibernate exit errors for Intel controllers
scsi: ufs-pci: Enable UFSHCD_CAP_RPM_AUTOSUSPEND for Intel controllers
scsi: block: Introduce BLK_MQ_REQ_PM
scsi: ide: Do not set the RQF_PREEMPT flag for sense requests
scsi: ide: Mark power management requests with RQF_PM instead of RQF_PREEMPT
scsi: scsi_transport_spi: Set RQF_PM for domain validation commands
scsi: core: Only process PM requests if rpm_status != RPM_ACTIVE
local64.h: make <asm/local64.h> mandatory
lib/genalloc: fix the overflow when size is too big
depmod: handle the case of /sbin/depmod without /sbin in PATH
scsi: ufs: Clear UAC for FFU and RPMB LUNs
kbuild: don't hardcode depmod path
Bluetooth: revert: hci_h5: close serdev device and free hu in h5_close
scsi: block: Remove RQF_PREEMPT and BLK_MQ_REQ_PREEMPT
scsi: block: Do not accept any requests while suspended
crypto: ecdh - avoid buffer overflow in ecdh_set_secret()
crypto: asym_tpm: correct zero out potential secrets
powerpc: Handle .text.{hot,unlikely}.* in linker script
Staging: comedi: Return -EFAULT if copy_to_user() fails
staging: mt7621-dma: Fix a resource leak in an error handling path
usb: gadget: enable super speed plus
USB: cdc-acm: blacklist another IR Droid device
USB: cdc-wdm: Fix use after free in service_outstanding_interrupt().
usb: typec: intel_pmc_mux: Configure HPD first for HPD+IRQ request
usb: dwc3: meson-g12a: disable clk on error handling path in probe
usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup
usb: dwc3: gadget: Clear wait flag on dequeue
usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion
usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression
usb: chipidea: ci_hdrc_imx: add missing put_device() call in usbmisc_get_init_data()
USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set
usb: usbip: vhci_hcd: protect shift size
usb: uas: Add PNY USB Portable SSD to unusual_uas
USB: serial: iuu_phoenix: fix DMA from stack
USB: serial: option: add LongSung M5710 module support
USB: serial: option: add Quectel EM160R-GL
USB: yurex: fix control-URB timeout handling
USB: usblp: fix DMA to stack
ALSA: usb-audio: Fix UBSAN warnings for MIDI jacks
usb: gadget: select CONFIG_CRC32
USB: Gadget: dummy-hcd: Fix shift-out-of-bounds bug
usb: gadget: f_uac2: reset wMaxPacketSize
usb: gadget: function: printer: Fix a memory leak for interface descriptor
usb: gadget: u_ether: Fix MTU size mismatch with RX packet size
USB: gadget: legacy: fix return error code in acm_ms_bind()
usb: gadget: Fix spinlock lockup on usb_function_deactivate
usb: gadget: configfs: Preserve function ordering after bind failure
usb: gadget: configfs: Fix use-after-free issue with udc_name
USB: serial: keyspan_pda: remove unused variable
hwmon: (amd_energy) fix allocation of hwmon_channel_info config
mm: make wait_on_page_writeback() wait for multiple pending writebacks
x86/mm: Fix leak of pmd ptlock
KVM: x86/mmu: Use -1 to flag an undefined spte in get_mmio_spte()
KVM: x86/mmu: Get root level from walkers when retrieving MMIO SPTE
kvm: check tlbs_dirty directly
KVM: x86/mmu: Ensure TDP MMU roots are freed after yield
x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR
x86/resctrl: Don't move a task to the same resource group
blk-iocost: fix NULL iocg deref from racing against initialization
ALSA: hda/via: Fix runtime PM for Clevo W35xSS
ALSA: hda/conexant: add a new hda codec CX11970
ALSA: hda/realtek - Fix speaker volume control on Lenovo C940
ALSA: hda/realtek: Add mute LED quirk for more HP laptops
ALSA: hda/realtek: Enable mute and micmute LED on HP EliteBook 850 G7
ALSA: hda/realtek: Add two "Intel Reference board" SSID in the ALC256.
iommu/vt-d: Move intel_iommu info from struct intel_svm to struct intel_svm_dev
btrfs: qgroup: don't try to wait flushing if we're already holding a transaction
btrfs: send: fix wrong file path when there is an inode with a pending rmdir
Revert "device property: Keep secondary firmware node secondary by type"
dmabuf: fix use-after-free of dmabuf's file->f_inode
arm64: link with -z norelro for LLD or aarch64-elf
drm/i915: clear the shadow batch
drm/i915: clear the gpu reloc batch
bcache: fix typo from SUUP to SUPP in features.h
bcache: check unsupported feature sets for bcache register
bcache: introduce BCH_FEATURE_INCOMPAT_LOG_LARGE_BUCKET_SIZE for large bucket
net/mlx5e: Fix SWP offsets when vlan inserted by driver
ARM: dts: OMAP3: disable AES on N950/N9
netfilter: x_tables: Update remaining dereference to RCU
netfilter: ipset: fix shift-out-of-bounds in htable_bits()
netfilter: xt_RATEEST: reject non-null terminated string from userspace
netfilter: nft_dynset: report EOPNOTSUPP on missing set feature
dmaengine: idxd: off by one in cleanup code
x86/mtrr: Correct the range check before performing MTRR type lookups
KVM: x86: fix shift out of bounds reported by UBSAN
xsk: Fix memory leak for failed bind
rtlwifi: rise completion at the last step of firmware callback
scsi: target: Fix XCOPY NAA identifier lookup
Linux 5.10.7
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I1a7c195af35831fe362b027fe013c0c7e4dc20ea
Changes in 5.10.6
Revert "drm/amd/display: Fix memory leaks in S3 resume"
Revert "mtd: spinand: Fix OOB read"
rtc: pcf2127: move watchdog initialisation to a separate function
rtc: pcf2127: only use watchdog when explicitly available
dt-bindings: rtc: add reset-source property
kdev_t: always inline major/minor helper functions
Bluetooth: Fix attempting to set RPA timeout when unsupported
ALSA: hda/realtek - Modify Dell platform name
ALSA: hda/hdmi: Fix incorrect mutex unlock in silent_stream_disable()
drm/i915/tgl: Fix Combo PHY DPLL fractional divider for 38.4MHz ref clock
scsi: ufs: Allow an error return value from ->device_reset()
scsi: ufs: Re-enable WriteBooster after device reset
RDMA/core: remove use of dma_virt_ops
RDMA/siw,rxe: Make emulated devices virtual in the device tree
fuse: fix bad inode
perf: Break deadlock involving exec_update_mutex
rwsem: Implement down_read_killable_nested
rwsem: Implement down_read_interruptible
exec: Transform exec_update_mutex into a rw_semaphore
mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start
Linux 5.10.6
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id4c57a151a1e8f2162163d2337b6055f04edbe9b
Fix an issue for non-GKI builds found by the 0-day test bot:
kernel/sched/fair.c: In function 'select_task_rq_fair':
>> kernel/sched/fair.c:6766:6: error: implicit declaration of function
'trace_android_rvh_select_task_rq_fair_enabled';
did you mean 'trace_android_rvh_select_task_rq_fair'?
6766 | if (trace_android_rvh_select_task_rq_fair_enabled())
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| trace_android_rvh_select_task_rq_fair
cc1: some warnings being treated as errors
Reported-by: kernel test robot <lkp@intel.com>
Fixes: c7ba09ce6a ("ANDROID: sched/fair: Sync task util for strf hook")
Signed-off-by: Todd Kjos <tkjos@google.com>
Change-Id: I1b15b9ada83dc5b2678cef3910a7aedc0d19f174
Export cpuidle_driver_state_disabled() so that CPU idle states may be
disabled at runtime for debugging CPU and cluster idle states.
Bug: 175718935
Signed-off-by: Lina Iyer <ilina@codeaurora.org>
Change-Id: Id9038074d64fb6c0444d9aca68420414c3223e93
Modules with a large number of compilation units may be
exceeding AR and LD command argument list. Handle this gracefully by
writing the long argument list in a file. The command line options
read from file are inserted in place of the original @file option.
The usage is well documented at
https://www.gnu.org/software/make/manual/html_node/File-Function.html
Bug: 175420573
Change-Id: I3f9b8b9c59b9ba0c01ddd00d39fc3bbc62fda832
Signed-off-by: Mahesh Kumar Kalikot Veetil <mkalikot@codeaurora.org>
Signed-off-by: Jeff Johnson <jjohnson@codeaurora.org>
