commit a9903f04e0 upstream.
The definition of sysctl_sched_migration_cost, sysctl_sched_nr_migrate
and sysctl_sched_time_avg includes the attribute const_debug. This
attribute is not part of the extern declaration of these variables in
include/linux/sched/sysctl.h, while it is in kernel/sched/sched.h,
and as a result Clang generates warnings like this:
kernel/sched/sched.h:1618:33: warning: section attribute is specified on redeclared variable [-Wsection]
extern const_debug unsigned int sysctl_sched_time_avg;
^
./include/linux/sched/sysctl.h:42:21: note: previous declaration is here
extern unsigned int sysctl_sched_time_avg;
The header only declares the variables when CONFIG_SCHED_DEBUG is defined,
therefore it is not necessary to duplicate the definition of const_debug.
Instead we can use the attribute __read_mostly, which is the expansion of
const_debug when CONFIG_SCHED_DEBUG=y is set.
Signed-off-by: Matthias Kaehlcke <mka@chromium.org>
Reviewed-by: Nick Desaulniers <nick.desaulniers@gmail.com>
Cc: Douglas Anderson <dianders@chromium.org>
Cc: Guenter Roeck <groeck@chromium.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Shile Zhang <shile.zhang@nokia.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20171030180816.170850-1-mka@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
[nc: Backport to 4.9]
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit cc1780fc42 upstream.
Align the payload of "user" and "logon" keys so that users of the
keyrings service can access it as a struct that requires more than
2-byte alignment. fscrypt currently does this which results in the read
of fscrypt_key::size being misaligned as it needs 4-byte alignment.
Align to __alignof__(u64) rather than __alignof__(long) since in the
future it's conceivable that people would use structs beginning with
u64, which on some platforms would require more than 'long' alignment.
Reported-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Fixes: 2aa349f6e3 ("[PATCH] Keys: Export user-defined keyring operations")
Fixes: 88bd6ccdcd ("ext4 crypto: add encryption key management facilities")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Tested-by: Aaro Koskinen <aaro.koskinen@iki.fi>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
PD#OTT-1204
Problem:
don't support dvp camera
Solution:
add dvp camera gc2145 camera driver
Verify:
test pass on U200
Change-Id: I5927d49a93952587af7bb460a5c405293d692153
Signed-off-by: Guosong Zhou <guosong.zhou@amlogic.com>
Signed-off-by: Luan Yuan <luan.yuan@amlogic.com>
Conflicts:
MAINTAINERS
PD#SWPL-365
Problem:
System can't use resample function on GVA project.
Solution:
Add resample node in axg_s420_v03gva.dts
Verify:
Passed on s420
Change-Id: Ie48c579e9e9f6e1d61147f5410c95e5bca55b0a7
Signed-off-by: riqun.ou <riqun.ou@amlogic.com>
audio: codecs: fix TL1 reference board volume too small [2/2]
PD#SWPL-2652
Problem:
X301/T309 AMP volume configured to small
Solution:
change the default external AMP codec mixer name to a match
the ini parsing function in audio hal.
TODO: need dynamically check the different codec mixer name
in ini file.
Verify:
verify by x301
Change-Id: Iba835d37ea02bec3095556d54fbf327bd6390904
Signed-off-by: Jian Xu <jian.xu@amlogic.com>
audio: codec: the DAC gain set of acodec not work [1/1]
PD#SWPL-3134
Problem:
the DAC gain set is not work
Solution:
update and aml_codec_tl1_acodec.c, change the method of
getting codec pointer from kcontrol pointer.
Verify:
verify by T962x2_X301 board
Change-Id: I02f02b73fab3b8391ef4866a71ffaf0d48bbbbbf
Signed-off-by: Shuyu Li <shuyu.li@amlogic.com>
audio: add tas5805 [1/1]
PD#SWPL-3081
Problem:
compatiable tas5805 module
Solution:
add tas5805 drivers
Verify:
T962X2
Change-Id: I3608e47fe768af0f924751a8bcc103389d0811de
Signed-off-by: Yonghao Jiao <yonghao.jiao@amlogic.com>
audio: auge: add HDMIRX SPDIF in support [1/2]
PD#SWPL-2956
Problem:
HDMI in DTS/Dolby input has noise when treated to LPCM
Solution:
By default,we are using PAO mode for HDMIRX,but we have not
enabled the PaPb search for 61937 raw data input, after add
that, we can detect the raw data, but it can not by clear when
switch from NONE-LPCM to NONE-LPCM, need add IRQ function to
clear that by sw.we enabled spdif in from HDMIRX, which is the same
design as txl/txlx.we can get the Pc information now.
also we add a new interface to set spdif in source when hdmirx input.
Verify:
x301
Change-Id: I3c4e8b387308ef862a069c29d15b8b5a9e865564
Signed-off-by: Jian Xu <jian.xu@amlogic.com>
udio: auge: tl1 acodec mapping to data 1 [1/2]
PD#SWPL-3277
Problem:
tl1 internal codec volume can by adjusted
Solution:
configure the acodec data layout mapping
to a fixed volume
Verify:
x301
Change-Id: I14d3762b39a0a5291722ef5489026f10fc960120
Signed-off-by: Jian Xu <jian.xu@amlogic.com>
Conflicts:
arch/arm/boot/dts/amlogic/tl1_t962x2_t309.dts
audio: Fix TDM not wokring on HDMI I2S in [1/1]
PD#SWPL-2887
Problem:
When TDM is used for HDMI I2S in, the solt set is wrong.
Solution:
Fix the lane max value from 3 to 4
Verify:
A113
Change-Id: I33f5ca21bf1e2407d83fa5d0f22e21f7b1f5e749
Signed-off-by: yujie.wu <yujie.wu@amlogic.com>
audio: codec: fix to resume ad82584's volume after suspend [1/1]
PD#SWPL-3456
Problem:
1) After suspend, volume is not resume
2) ARC connected, still sound out from spk
Solution:
1) save channel volume when suspend, then resume the volume
2) add mute mixer control for ad82584
Verify:
x301
Change-Id: Ic6e7502e3f9689cc2d1053295f26aaf4d5be2603
Signed-off-by: Xing Wang <xing.wang@amlogic.com>
audio: auge: add vad driver [1/1]
PD#SWPL-2404
Problem:
VAD for wake up
Solution:
Add vad driver to fetch VAD buffer and ALSA buffer, in userspace, they
will be combined for wakeup engine
Verify:
x301
Change-Id: I3b4de5fdfe173ce18e58a187a3adeda601e226b3
Signed-off-by: Xing Wang <xing.wang@amlogic.com>
audio: fix pop snd after bootup [2/2]
PD#SWPL-3178
Problem:
output big pop noise after system boot up.
Solution:
Add zero and then unmute the stream.
NOTICE: user should unmute the AD82584F after boot.
Verify:
local verified.
Change-Id: I21555318f9347c5340a28f7e5cf0e3e2cde849a0
Signed-off-by: Shuai Li <shuai.li@amlogic.com>
audio: fix no audio after resume of ad82584f [1/1]
PD#SWPL-4090
Problem:
No audio after suspend and resume.
Suspend won't save the mute value,
and after resume, it could not be restored.
Solution:
Add a mute val to save when suspend,
and after resume, restore the mute value.
Verify:
Verified by QA.
Change-Id: Ie24bb11f5c565048391846a66b5d12bab1d55666
Signed-off-by: Shuai Li <shuai.li@amlogic.com>
audio: auge: fix sharebuffer channel map [1/1]
PD#SWPL-2645
Problem:
play ddp source, then play pcm source, no sound
Solution:
1. fix same source control and channel map issue
2. i2s 8ch, spdif 2ch, channels are not mapped, make spdif 8 channel mask
3. when same source used, keep mpll use same mpll
Verify:
x301
Change-Id: I2fe4bbcbcbfff0a1c1a6cebf61d1da5aba9b7a9d
Signed-off-by: Xing Wang <xing.wang@amlogic.com>
Conflicts:
arch/arm64/boot/dts/amlogic/tl1_t962x2_t309.dts
arch/arm64/boot/dts/amlogic/tl1_t962x2_x301.dts
audio: add stream mute and continuous clk [1/1]
PD#SWPL-2952
Problem:
Pop noise could be heard
when switching between sources.
Solution:
1. Add stream digital mute functions.
2. continuous clock to eliminate
the clk reset issue.
Verify:
Local verified.
Change-Id: I372f4c03aaf875d75aa903c9c2dfda00619af000
Signed-off-by: Shuai Li <shuai.li@amlogic.com>
dts: tl1: enable resample for tl1 [1/2]
PD#SWPL-3365
Problem:
not resample for audio in, so output in wrong sample rate
Solution:
1. enable resample in dts
2. fix to check whether resample is needed
Verify:
x301
Change-Id: I99238cc21a00ab53df6a1f8ab1703bc9ab48cbaa
Signed-off-by: Xing Wang <xing.wang@amlogic.com>
Conflicts:
arch/arm64/boot/dts/amlogic/tl1_t962x2_t309.dts
arch/arm64/boot/dts/amlogic/tl1_t962x2_x301.dts
PD#SWPL-4048
Problem:
omx can not detect first frame have toggled
Solution:
omx get first frame toggoled flag
Verify:
verify by p212
Change-Id: I632824390287dd0257dca23a009ff8851054f68d
Signed-off-by: shuanglong.wang <shuanglong.wang@amlogic.com>
PD#SWPL-1738
Problem:
support frame crc32 check and dump yuv.
Solution:
support frame check and yuv dump in media_module, add interface
to get canvas width/height.
Verify:
u212
Change-Id: Ieadc95521c4a21bec5685f8c8926d3bb2f92637b
Signed-off-by: shihong.zheng <shihong.zheng@amlogic.com>
PD#SWPL-3498
Problem:
ethernet need read data from efuse
Solution:
add interface to read data
Verify:
g12a_skt
Change-Id: I7ce7ffe2f194c875155e6db8acb55eb8ac5500a0
Signed-off-by: Shunzhou Jiang <shunzhou.jiang@amlogic.com>
PD#SWPL-3719
Problem:
optimize sdio 1bit cfg fail for dts.
Solution:
move MMC_PM_KEEP_POWER setting from
amlsd_get_host_caps(). so modify dts to
set 1bit mode.
Verify:
p212
Change-Id: I268f25a9550058e7bbf3562eec53c8cd92b58b1b
Signed-off-by: Nan Li <nan.li@amlogic.com>
PD#SWPL-2206
Problem:
decoding thread was blocked to wait scatter memory to be cached done. it
may take 30+ ms and lead to cts/vts fail
Solution:
not to wait scatter cached done. it save timing of system
Verify:
Verified U212
Change-Id: I75fa3e892e0b9b8023c07b62a31ebd43d3c92044
Signed-off-by: Hui Zhang <hui.zhang@amlogic.com>
PD#SWPL-3583
Problem:
After merge change:
http://scgit.amlogic.com:8080/#/c/55018/
Too many wrong kasan report occur when booting kernel
Solution:
Fix kasan poison address range when free wasted memory.
Verify:
P212
Change-Id: I576a7edb7b4e70f9c6c782639f433ad45bafba1d
Signed-off-by: Tao Zeng <tao.zeng@amlogic.com>
PD#SWPL-1767
Problem:
When driver/kernel call kmalloc with large size, memory may waste
if size is not equal to 2^n. For example, driver call kmalloc with
size 129KB, kmalloc will allocate a 256KB memory block to caller.
Then 127kb memory will be wasted if this caller don't free it.
Solution:
Free tail of slab memory if size is not match to 2^n. This change
can save about 900KB memory after boot, and more than 100KB during
run time.
Verify:
P212
Change-Id: Iba378792ec30003358b64384361c0f0c4c2800d8
Signed-off-by: tao zeng <tao.zeng@amlogic.com>
PD#172256
Problem:
ddr bandwidth prot config can only set 1 port for 1 channel. But
dmc controller support measure many ports on 1 channel.
Solution:
Using bit mask to support multi-ports config for one channel.
Verify:
P212
Change-Id: Iad79e6ebd6aeb74b0e31b3f1bee08de4fd557cc1
Signed-off-by: tao zeng <tao.zeng@amlogic.com>
PD#SWPL-3025
Problem:
Different frequency channel switch, the channel first pops up "no signal" and then displays the channel
Solution:
do dtmb sw reset before re-tune
Verify:
verified by t962x2_x301
Change-Id: Ibc14de37f2f3f6b07af4d125e9fb58dd308e61c4
Signed-off-by: Zhiwei Yuan <zhiwei.yuan@amlogic.com>
PD#SWPL-1773
Problem:
After adding optimization of vmap stack, we can found stack usage
of each functions when handle vmap fault. From test log we see some
functions using large stack size which over 256bytes. Especially
common call path from fs. We need to optimize stack usage of these
functions to reduce stack fault probability and save stack memory
usage.
Solution:
1. remove CONFIG_CC_STACKPROTECTOR_STRONG and set STACKPROTECTOR to
NONE. This can save stack usage add by compiler for most functions.
Kernel code size can also save over 1MB.
2. Add some noinline functions for android_fs_data rw trace calls. In
these trace call it allcated a 256 bytes local buffer.
3. Add a wrap function for mem abort handler. By default, it defined a
siginfo struct(size over 100 bytes) in local but only used when fault
can't be handled.
4. reduce cached page size for vmap stack since probability of page
fault caused by stack overflow is reduced after function stack usage
optimized.
Monkey test show real stack usage ratio compared with 1st vmap
implementation reduced from 35% ~ 38% to 26 ~ 27%. Which is very
close to 25%, theory limit.
Verify:
P212
Change-Id: I5505cacc1cab51f88654052902852fd648b6a036
Signed-off-by: tao zeng <tao.zeng@amlogic.com>
PD#SWPL-3009
Problem:
32bit frontend app can't call ioctl in 64bit-kernel
Solution:
Add 32bit define in header and handle in dvb_frontend in 64bit-kernel
Verify:
Verify at android_p at R311
Change-Id: I63178803cfb1cf7d670e3c2b55f104e97f5afa63
Signed-off-by: Chuangcheng Peng <chuangcheng.peng@amlogic.com>
PD#OTT-1025
Problem:
not support gen clock
Solution:
add gen clock
Verify:
test passed on g12a u200
Change-Id: I5199289d3cd1483fffbbd41f8d104369214ba302
Signed-off-by: Jian Hu <jian.hu@amlogic.com>
PD#SWPL-1219
Problem:
On arm64, thread stack is 16KB for each task. If running task number
is large, this type of memory may over 40MB. It's a large amount on
small memory platform. But most case thread only use less 4KB stack.
It's waste of memory and we need optimize it.
Solution:
1. Pre-allocate a vmalloc address space for task stack;
2. Only map 1st page for stack and handle page fault in EL1
when stack growth triggered exception;
3. handle stack switch for exception.
Verify:
p212
Change-Id: I47f511ccfa2868d982bc10a820ed6435b6d52ba9
Signed-off-by: tao zeng <tao.zeng@amlogic.com>
PD#SWPL-1081
Problem:
Need get freed handle for DRM frame mode
Solution:
Add ioctl cmd to get freed handle
Verify:
P212
Change-Id: Ic0ce64061e334fdea5580d9f92b3e0b58caa88eb
Signed-off-by: Tao Guo <tao.guo@amlogic.com>
[ Upstream commit c09551c6ff ]
According to the algorithm described in the comment block at the
beginning of ip_rt_send_redirect, the host should try to send
'ip_rt_redirect_number' ICMP redirect packets with an exponential
backoff and then stop sending them at all assuming that the destination
ignores redirects.
If the device has previously sent some ICMP error packets that are
rate-limited (e.g TTL expired) and continues to receive traffic,
the redirect packets will never be transmitted. This happens since
peer->rate_tokens will be typically greater than 'ip_rt_redirect_number'
and so it will never be reset even if the redirect silence timeout
(ip_rt_redirect_silence) has elapsed without receiving any packet
requiring redirects.
Fix it by using a dedicated counter for the number of ICMP redirect
packets that has been sent by the host
I have not been able to identify a given commit that introduced the
issue since ip_rt_send_redirect implements the same rate-limiting
algorithm from commit 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 04c03114be ]
soukjin bae reported a crash in tcp_v4_err() handling
ICMP_DEST_UNREACH after tcp_write_queue_head(sk)
returned a NULL pointer.
Current logic should have prevented this :
if (seq != tp->snd_una || !icsk->icsk_retransmits ||
!icsk->icsk_backoff || fastopen)
break;
Problem is the write queue might have been purged
and icsk_backoff has not been cleared.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: soukjin bae <soukjin.bae@samsung.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 3b89ea9c59 ]
The features attribute is of type u64 and stored in the native endianes on
the system. The for_each_set_bit() macro takes a pointer to a 32 bit array
and goes over the bits in this area. On little Endian systems this also
works with an u64 as the most significant bit is on the highest address,
but on big endian the words are swapped. When we expect bit 15 here we get
bit 47 (15 + 32).
This patch converts it more or less to its own for_each_set_bit()
implementation which works on 64 bit integers directly. This is then
completely in host endianness and should work like expected.
Fixes: fd867d51f ("net/core: generic support for disabling netdev features down stack")
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit da360299b6 upstream.
This fixes a compile problem of some user space applications by not
including linux/libc-compat.h in uapi/if_ether.h.
linux/libc-compat.h checks which "features" the header files, included
from the libc, provide to make the Linux kernel uapi header files only
provide no conflicting structures and enums. If a user application mixes
kernel headers and libc headers it could happen that linux/libc-compat.h
gets included too early where not all other libc headers are included
yet. Then the linux/libc-compat.h would not prevent all the
redefinitions and we run into compile problems.
This patch removes the include of linux/libc-compat.h from
uapi/if_ether.h to fix the recently introduced case, but not all as this
is more or less impossible.
It is no problem to do the check directly in the if_ether.h file and not
in libc-compat.h as this does not need any fancy glibc header detection
as glibc never provided struct ethhdr and should define
__UAPI_DEF_ETHHDR by them self when they will provide this.
The following test program did not compile correctly any more:
#include <linux/if_ether.h>
#include <netinet/in.h>
#include <linux/in.h>
int main(void)
{
return 0;
}
Fixes: 6926e041a8 ("uapi/if_ether.h: prevent redefinition of struct ethhdr")
Reported-by: Guillaume Nault <g.nault@alphalink.fr>
Cc: <stable@vger.kernel.org> # 4.15
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 10596608c4 upstream.
Currently, there are two different methods to store an u16 integer to
the u32 data register. For example:
u32 *dest = ®s->data[priv->dreg];
1. *dest = 0; *(u16 *) dest = val_u16;
2. *dest = val_u16;
For method 1, the u16 value will be stored like this, either in
big-endian or little-endian system:
0 15 31
+-+-+-+-+-+-+-+-+-+-+-+-+
| Value | 0 |
+-+-+-+-+-+-+-+-+-+-+-+-+
For method 2, in little-endian system, the u16 value will be the same
as listed above. But in big-endian system, the u16 value will be stored
like this:
0 15 31
+-+-+-+-+-+-+-+-+-+-+-+-+
| 0 | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+
So later we use "memcmp(®s->data[priv->sreg], data, 2);" to do
compare in nft_cmp, nft_lookup expr ..., method 2 will get the wrong
result in big-endian system, as 0~15 bits will always be zero.
For the similar reason, when loading an u16 value from the u32 data
register, we should use "*(u16 *) sreg;" instead of "(u16)*sreg;",
the 2nd method will get the wrong value in the big-endian system.
So introduce some wrapper functions to store/load an u8 or u16
integer to/from the u32 data register, and use them in the right
place.
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 81ec3f3c4c upstream.
Vince (and later on Ravi) reported crashes in the BTS code during
fuzzing with the following backtrace:
general protection fault: 0000 [#1] SMP PTI
...
RIP: 0010:perf_prepare_sample+0x8f/0x510
...
Call Trace:
<IRQ>
? intel_pmu_drain_bts_buffer+0x194/0x230
intel_pmu_drain_bts_buffer+0x160/0x230
? tick_nohz_irq_exit+0x31/0x40
? smp_call_function_single_interrupt+0x48/0xe0
? call_function_single_interrupt+0xf/0x20
? call_function_single_interrupt+0xa/0x20
? x86_schedule_events+0x1a0/0x2f0
? x86_pmu_commit_txn+0xb4/0x100
? find_busiest_group+0x47/0x5d0
? perf_event_set_state.part.42+0x12/0x50
? perf_mux_hrtimer_restart+0x40/0xb0
intel_pmu_disable_event+0xae/0x100
? intel_pmu_disable_event+0xae/0x100
x86_pmu_stop+0x7a/0xb0
x86_pmu_del+0x57/0x120
event_sched_out.isra.101+0x83/0x180
group_sched_out.part.103+0x57/0xe0
ctx_sched_out+0x188/0x240
ctx_resched+0xa8/0xd0
__perf_event_enable+0x193/0x1e0
event_function+0x8e/0xc0
remote_function+0x41/0x50
flush_smp_call_function_queue+0x68/0x100
generic_smp_call_function_single_interrupt+0x13/0x30
smp_call_function_single_interrupt+0x3e/0xe0
call_function_single_interrupt+0xf/0x20
</IRQ>
The reason is that while event init code does several checks
for BTS events and prevents several unwanted config bits for
BTS event (like precise_ip), the PERF_EVENT_IOC_PERIOD allows
to create BTS event without those checks being done.
Following sequence will cause the crash:
If we create an 'almost' BTS event with precise_ip and callchains,
and it into a BTS event it will crash the perf_prepare_sample()
function because precise_ip events are expected to come
in with callchain data initialized, but that's not the
case for intel_pmu_drain_bts_buffer() caller.
Adding a check_period callback to be called before the period
is changed via PERF_EVENT_IOC_PERIOD. It will deny the change
if the event would become BTS. Plus adding also the limit_period
check as well.
Reported-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Peter Zijlstra <peterz@infradead.org>
Cc: <stable@vger.kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
Cc: Ravi Bangoria <ravi.bangoria@linux.ibm.com>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20190204123532.GA4794@krava
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 2b16f04872 upstream
If you take a GSO skb, and split it into packets, will the MAC
length (L2 + L3 + L4 headers + payload) of those packets be small
enough to fit within a given length?
Move skb_gso_mac_seglen() to skbuff.h with other related functions
like skb_gso_network_seglen() so we can use it, and then create
skb_gso_validate_mac_len to do the full calculation.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
[jwang: cherry pick for CVE-2018-1000026]
Signed-off-by: Jack Wang <jinpu.wang@cloud.ionos.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 6926e041a8 upstream.
Musl provides its own ethhdr struct definition. Add a guard to prevent
its definition of the appropriate musl header has already been included.
glibc does not implement this header, but when glibc will implement this
they can just define __UAPI_DEF_ETHHDR 0 to make it work with the
kernel.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 13054abbaa upstream.
Ring buffer implementation in hid_debug_event() and hid_debug_events_read()
is strange allowing lost or corrupted data. After commit 717adfdaf1
("HID: debug: check length before copy_to_user()") it is possible to enter
an infinite loop in hid_debug_events_read() by providing 0 as count, this
locks up a system. Fix this by rewriting the ring buffer implementation
with kfifo and simplify the code.
This fixes CVE-2019-3819.
v2: fix an execution logic and add a comment
v3: use __set_current_state() instead of set_current_state()
Backport to v4.9: some tree-wide patches are missing in v4.9 so
cherry-pick relevant pieces from:
* 6396bb2215 ("treewide: kzalloc() -> kcalloc()")
* a9a08845e9 ("vfs: do bulk POLL* -> EPOLL* replacement")
* 174cd4b1e5 ("sched/headers: Prepare to move signal wakeup & sigpending
methods from <linux/sched.h> into <linux/sched/signal.h>")
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1669187
Cc: stable@vger.kernel.org # v4.18+
Fixes: cd667ce247 ("HID: use debugfs for events/reports dumping")
Fixes: 717adfdaf1 ("HID: debug: check length before copy_to_user()")
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
