]> git.proxmox.com Git - mirror_ubuntu-kernels.git/log
mirror_ubuntu-kernels.git
7 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input
Linus Torvalds [Sat, 23 Sep 2017 03:23:41 +0000 (17:23 -1000)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input

Pull input fixes from Dmitry Torokhov:

 - fixes for two long standing issues (lock up and a crash) in force
   feedback handling in uinput driver

 - tweak to firmware update timing in Elan I2C touchpad driver.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
  Input: elan_i2c - extend Flash-Write delay
  Input: uinput - avoid crash when sending FF request to device going away
  Input: uinput - avoid FF flush when destroying device

7 years agoMerge tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees...
Linus Torvalds [Sat, 23 Sep 2017 02:16:41 +0000 (16:16 -1000)]
Merge tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux

Pull seccomp updates from Kees Cook:
 "Major additions:

   - sysctl and seccomp operation to discover available actions
     (tyhicks)

   - new per-filter configurable logging infrastructure and sysctl
     (tyhicks)

   - SECCOMP_RET_LOG to log allowed syscalls (tyhicks)

   - SECCOMP_RET_KILL_PROCESS as the new strictest possible action

   - self-tests for new behaviors"

[ This is the seccomp part of the security pull request during the merge
  window that was nixed due to unrelated problems   - Linus ]

* tag 'seccomp-v4.14-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
  samples: Unrename SECCOMP_RET_KILL
  selftests/seccomp: Test thread vs process killing
  seccomp: Implement SECCOMP_RET_KILL_PROCESS action
  seccomp: Introduce SECCOMP_RET_KILL_PROCESS
  seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD
  seccomp: Action to log before allowing
  seccomp: Filter flag to log all actions except SECCOMP_RET_ALLOW
  seccomp: Selftest for detection of filter flag support
  seccomp: Sysctl to configure actions that are allowed to be logged
  seccomp: Operation for checking if an action is available
  seccomp: Sysctl to display available actions
  seccomp: Provide matching filter for introspection
  selftests/seccomp: Refactor RET_ERRNO tests
  selftests/seccomp: Add simple seccomp overhead benchmark
  selftests/seccomp: Add tests for basic ptrace actions

7 years agoMerge tag '4.14-smb3-fixes-from-recent-test-events-for-stable' of git://git.samba...
Linus Torvalds [Sat, 23 Sep 2017 02:11:48 +0000 (16:11 -1000)]
Merge tag '4.14-smb3-fixes-from-recent-test-events-for-stable' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:
 "Various SMB3 fixes for stable and security improvements from the
  recently completed SMB3/Samba test events

* tag '4.14-smb3-fixes-from-recent-test-events-for-stable' of git://git.samba.org/sfrench/cifs-2.6:
  SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
  SMB3: handle new statx fields
  SMB: Validate negotiate (to protect against downgrade) even if signing off
  cifs: release auth_key.response for reconnect.
  cifs: release cifs root_cred after exit_cifs
  CIFS: make arrays static const, reduces object code size
  [SMB3] Update session and share information displayed for debugging SMB2/SMB3
  cifs: show 'soft' in the mount options for hard mounts
  SMB3: Warn user if trying to sign connection that authenticated as guest
  SMB3: Fix endian warning
  Fix SMB3.1.1 guest authentication to Samba

7 years agoMerge tag 'ceph-for-4.14-rc2' of git://github.com/ceph/ceph-client
Linus Torvalds [Sat, 23 Sep 2017 02:09:31 +0000 (16:09 -1000)]
Merge tag 'ceph-for-4.14-rc2' of git://github.com/ceph/ceph-client

Pull ceph fixes from Ilya Dryomov:
 "Two small but important fixes: RADOS semantic change in upcoming v12.2.1
  release and a rare NULL dereference in create_session_open_msg()"

* tag 'ceph-for-4.14-rc2' of git://github.com/ceph/ceph-client:
  ceph: avoid panic in create_session_open_msg() if utsname() returns NULL
  libceph: don't allow bidirectional swap of pg-upmap-items

7 years agoSMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
Steve French [Fri, 22 Sep 2017 06:40:27 +0000 (01:40 -0500)]
SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags

Signed-off-by: Steve French <smfrench@gmail.com>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
7 years agoMerge tag 'pci-v4.14-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaa...
Linus Torvalds [Fri, 22 Sep 2017 23:09:11 +0000 (13:09 -1000)]
Merge tag 'pci-v4.14-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci

Pull PCI fixes from Bjorn Helgaas:

 - fix endpoint "end of test" interrupt issue (introduced in v4.14-rc1)
   (John Keeping)

 - fix MIPS use-after-free map_irq() issue (introduced in v4.14-rc1)
   (Lorenzo Pieralisi)

* tag 'pci-v4.14-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
  PCI: endpoint: Use correct "end of test" interrupt
  MIPS: PCI: Move map_irq() hooks out of initdata

7 years agoMerge tag 'iommu-fixes-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git...
Linus Torvalds [Fri, 22 Sep 2017 23:06:05 +0000 (13:06 -1000)]
Merge tag 'iommu-fixes-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu

Pull IOMMU fixes from Joerg Roedel:

 - two Kconfig fixes to fix dependencies that cause compile failures
   when they are not fulfilled.

 - a section mismatch fix for Intel VT-d

 - a fix for PCI topology detection in ARM device-tree code

* tag 'iommu-fixes-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
  iommu/of: Remove PCI host bridge node check
  iommu/qcom: Depend on HAS_DMA to fix compile error
  iommu/vt-d: Fix harmless section mismatch warning
  iommu: Add missing dependencies

7 years agoMerge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile
Linus Torvalds [Fri, 22 Sep 2017 23:02:54 +0000 (13:02 -1000)]
Merge git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile

Pull arch/tile fixes from Chris Metcalf:
 "These are a code cleanup and config cleanup, respectively"

* git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
  tile: array underflow in setup_maxnodemem()
  tile: defconfig: Cleanup from old Kconfig options

7 years agoMerge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Linus Torvalds [Fri, 22 Sep 2017 23:01:16 +0000 (13:01 -1000)]
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull arm64 fixes from Catalin Marinas:

 - #ifdef CONFIG_EFI around __efi_fpsimd_begin/end

 - Assembly code alignment reduced to 4 bytes from 16

 - Ensure the kernel is compiled for LP64 (there are some arm64
   compilers around defaulting to ILP32)

 - Fix arm_pmu_acpi memory leak on the error path

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  drivers/perf: arm_pmu_acpi: Release memory obtained by kasprintf
  arm64: ensure the kernel is compiled for LP64
  arm64: relax assembly code alignment from 16 byte to 4 byte
  arm64: efi: Don't include EFI fpsimd save/restore code in non-EFI kernels

7 years agoSMB3: handle new statx fields
Steve French [Fri, 22 Sep 2017 02:32:29 +0000 (21:32 -0500)]
SMB3: handle new statx fields

We weren't returning the creation time or the two easily supported
attributes (ENCRYPTED or COMPRESSED) for the getattr call to
allow statx to return these fields.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>\
Acked-by: Jeff Layton <jlayton@poochiereds.net>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
7 years agoarch: remove unused *_segments() macros/functions
Tobias Klauser [Fri, 22 Sep 2017 07:42:42 +0000 (09:42 +0200)]
arch: remove unused *_segments() macros/functions

Some architectures define the no-op macros/functions copy_segments,
release_segments and forget_segments. These are used nowhere in the
tree, so removed them.

Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Acked-by: Vineet Gupta <vgupta@synopsys.com> [for arch/arc]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
7 years agoInput: elan_i2c - extend Flash-Write delay
KT Liao [Fri, 22 Sep 2017 17:00:57 +0000 (10:00 -0700)]
Input: elan_i2c - extend Flash-Write delay

The original 20ms delay is only marginally enough delay after a block write
operation during firmware update. Let's increase the delay to ensure that
the controller finishes up storing the page to avoid failures in the
firmware updates.

Signed-off-by: KT Liao <kt.liao@emc.com.tw>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
7 years agoMerge tag 'for-linus-4.14b-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel...
Linus Torvalds [Fri, 22 Sep 2017 16:40:47 +0000 (06:40 -1000)]
Merge tag 'for-linus-4.14b-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip

Pull xen fixes from Juergen Gross:
 "A fix for a missing __init annotation and two cleanup patches"

* tag 'for-linus-4.14b-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen, arm64: drop dummy lookup_address()
  xen: don't compile pv-specific parts if XEN_PV isn't configured
  xen: x86: mark xen_find_pt_base as __init

7 years agoMerge tag 'powerpc-4.14-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc...
Linus Torvalds [Fri, 22 Sep 2017 16:39:09 +0000 (06:39 -1000)]
Merge tag 'powerpc-4.14-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:
 "It turns out our single-fix pull from last week was too good to be
  true. I missed a few fixes in that pull that had already come in
  because I was on leave, but also we hadn't found the bugs yet. So this
  week it's a bit bigger, though not ridiculous. Hopefully things will
  settle down from here on.

  Four fixes for the new instruction emulation code. A fix for CPU
  offline on bare metal machines when certain idle states are not
  supported, and a fix for a device_node refcounting oops during CPU
  hotplug, caused by recent changes.

  Going to stable are a fix for an oops during core dump on machines
  that have TM (Transactional Memory) disabled. Reordering some EEH
  initialisation to avoid trashing memory, and another device_node
  refcounting fix.

  And a few other minor things.

 Thanks to: Anton Blanchard, Benjamin Herrenschmidt, Cyril Bur, Gautham
 R. Shenoy, Gustavo Romero, Kamalesh Babulal, Matthew Weber, Matt Weber,
 Naveen N. Rao, Nicholas Piggin, Pavithra Prakash, Ravi Bangoria, Ronak
 Desai, Scott Wood, Tyrel Datwyler"

* tag 'powerpc-4.14-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
  powerpc/pseries: Fix "OF: ERROR: Bad of_node_put() on /cpus" during DLPAR
  powerpc/eeh: Create PHB PEs after EEH is initialized
  powerpc/kprobes: Update optprobes to use emulate_update_regs()
  powerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline
  powerpc/sstep: mullw should calculate a 64 bit signed result
  powerpc/sstep: Fix issues with mcrf
  powerpc/sstep: Fix issues with set_cr0()
  powerpc/tm: Flush TM only if CPU has TM feature
  powerpc/sysrq: Fix oops whem ppmu is not registered
  powerpc/configs: Update for CONFIG_SND changes
  powerpc/e6500: Update machine check for L1D cache err

7 years agoMerge branch '4.14-fixes' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus
Linus Torvalds [Fri, 22 Sep 2017 16:37:50 +0000 (06:37 -1000)]
Merge branch '4.14-fixes' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus

Pull MIPS fixes from Ralf Baechle:

 - Fix a build error on MSP71xx which used to rely on somehow magically
   <asm/setup.h> being pulled in which no longer happens.

 - Fix the __write_64bit_c0_split inline assembler where there was the
   theoretical possibility of GCC interpret the constraints such that
   bad code could result.

 - A __init was causing section mismatch errors on Alchemy. Just to be
   on the safe side, Manuel's patch does away with all of them.

 - Fix perf event init.

* '4.14-fixes' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
  MIPS: PCI: fix pcibios_map_irq section mismatch
  MIPS: Fix input modify in __write_64bit_c0_split()
  MIPS: MSP71xx: Include asm/setup.h
  MIPS: Fix perf event init

7 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Linus Torvalds [Fri, 22 Sep 2017 16:32:07 +0000 (06:32 -1000)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux

Pull s390 fixes from Martin Schwidefsky:

 - A couple of bug fixes: memory management, perf, cio, dasd and
   scm_blk.

 - A larger change in regard to the CPU topology to improve performance
   for systems running under z/VM or KVM.

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/topology: enable / disable topology dynamically
  s390/topology: alternative topology for topology-less machines
  s390/mm: fix write access check in gup_huge_pmd()
  s390/mm: make pmdp_invalidate() do invalidation only
  s390/cio: recover from bad paths
  s390/scm_blk: consistently use blk_status_t as error type
  s390/dasd: fix race during dasd initialization
  s390/perf: fix bug when creating per-thread event

7 years agoMerge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Linus Torvalds [Fri, 22 Sep 2017 16:15:27 +0000 (06:15 -1000)]
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6

Pull crypto fixes from Herbert Xu:
 - Fix compiler warnings in inside-secure
 - Fix LS1021A support in caam
 - Avoid using RBP in x86 crypto code
 - Fix bug in talitos that prevents hashing with algif
 - Fix bugs talitos hashing code that cause incorrect hash result
 - Fix memory freeing path bug in drbg
 - Fix af_alg crash when two SG lists are chained

* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: af_alg - update correct dst SGL entry
  crypto: caam - fix LS1021A support on ARMv7 multiplatform kernel
  crypto: inside-secure - fix gcc-4.9 warnings
  crypto: talitos - Don't provide setkey for non hmac hashing algs
  crypto: talitos - fix hashing
  crypto: talitos - fix sha224
  crypto: x86/twofish - Fix RBP usage
  crypto: sha512-avx2 - Fix RBP usage
  crypto: x86/sha256-ssse3 - Fix RBP usage
  crypto: x86/sha256-avx2 - Fix RBP usage
  crypto: x86/sha256-avx - Fix RBP usage
  crypto: x86/sha1-ssse3 - Fix RBP usage
  crypto: x86/sha1-avx2 - Fix RBP usage
  crypto: x86/des3_ede - Fix RBP usage
  crypto: x86/cast6 - Fix RBP usage
  crypto: x86/cast5 - Fix RBP usage
  crypto: x86/camellia - Fix RBP usage
  crypto: x86/blowfish - Fix RBP usage
  crypto: drbg - fix freeing of resources

7 years agodrivers/perf: arm_pmu_acpi: Release memory obtained by kasprintf
Arvind Yadav [Wed, 20 Sep 2017 06:56:38 +0000 (12:26 +0530)]
drivers/perf: arm_pmu_acpi: Release memory obtained by kasprintf

Free memory region, if arm_pmu_acpi_probe is not successful.

Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Arvind Yadav <arvind.yadav.cs@gmail.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
7 years agoiommu/of: Remove PCI host bridge node check
Robin Murphy [Thu, 21 Sep 2017 10:20:58 +0000 (11:20 +0100)]
iommu/of: Remove PCI host bridge node check

of_pci_iommu_init() tries to be clever and stop its alias walk at the
device represented by master_np, in case of weird PCI topologies where
the bridge to the IOMMU and the rest of the system is not at the root.
It turns out this is a bit short-sighted, since there are plenty of
other callers of pci_for_each_dma_alias() which would also need the same
behaviour in that situation, and the only platform so far with such a
topology (Cavium ThunderX2) already solves it more generally via a PCI
quirk. As this check is effectively redundant, and returning a boolean
value as an int is a bit broken anyway, let's just get rid of it.

Reported-by: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
Fixes: d87beb749281 ("iommu/of: Handle PCI aliases properly")
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Tested-by: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
7 years agoMerge branch 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdim...
Linus Torvalds [Fri, 22 Sep 2017 01:51:19 +0000 (15:51 -1000)]
Merge branch 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm

Pull libnvdimm fixes from Dan Williams:
 "A crash fix and corresponding regression test enabling for the crash
  scenario. The unit test for this crash is available in ndctl-v58.2.

  This branch has received a build success notification from the
  0day-kbuild robot over 148 configs. The fix is tagged for -stable /
  backport to 4.13"

* 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
  libnvdimm, namespace: fix btt claim class crash
  tools/testing/nvdimm: disable labels for nfit_test.1

7 years agoInput: uinput - avoid crash when sending FF request to device going away
Dmitry Torokhov [Wed, 6 Sep 2017 23:22:59 +0000 (16:22 -0700)]
Input: uinput - avoid crash when sending FF request to device going away

If FF request comes in while uinput device is going away,
uinput_request_send() will fail with -ENODEV, and uinput_request_submit()
will attempt to mark the slot as unused by calling uinput_request_done().
Unfortunately in this case we haven't initialized request->done completion
yet, and we get a crash:

[   39.402036] BUG: spinlock bad magic on CPU#1, fftest/3108
[   39.402046]  lock: 0xffff88006a93bb00, .magic: 00000000, .owner: /39, .owner_cpu: 1217155072
[   39.402055] CPU: 1 PID: 3108 Comm: fftest Tainted: G        W 4.13.0+ #15
[   39.402059] Hardware name: LENOVO 20HQS0EG02/20HQS0EG02, BIOS N1MET37W (1.22 ) 07/04/2017
[   39.402064]  0000000000000086 f0fad82f3ceaa120 ffff88006a93b9a0 ffffffff9de941bb
[   39.402077]  ffff88026df8ae00 ffff88006a93bb00 ffff88006a93b9c0 ffffffff9dca62b7
[   39.402088]  ffff88006a93bb00 ffff88006a93baf8 ffff88006a93b9e0 ffffffff9dca62e7
[   39.402099] Call Trace:
[   39.402112]  [<ffffffff9de941bb>] dump_stack+0x4d/0x63
[   39.402123]  [<ffffffff9dca62b7>] spin_dump+0x97/0x9c
[   39.402130]  [<ffffffff9dca62e7>] spin_bug+0x2b/0x2d
[   39.402138]  [<ffffffff9dca6373>] do_raw_spin_lock+0x28/0xfd
[   39.402147]  [<ffffffff9e3055cd>] _raw_spin_lock_irqsave+0x19/0x1f
[   39.402154]  [<ffffffff9dca05b7>] complete+0x1d/0x48
[   39.402162]  [<ffffffffc04f30af>] 0xffffffffc04f30af
[   39.402167]  [<ffffffffc04f468c>] 0xffffffffc04f468c
[   39.402177]  [<ffffffff9dd59c16>] ? __slab_free+0x22f/0x359
[   39.402184]  [<ffffffff9dcc13e9>] ? tk_clock_read+0xc/0xe
[   39.402189]  [<ffffffffc04f471f>] 0xffffffffc04f471f
[   39.402195]  [<ffffffff9dc9ffe5>] ? __wake_up+0x44/0x4b
[   39.402200]  [<ffffffffc04f3240>] ? 0xffffffffc04f3240
[   39.402207]  [<ffffffff9e0f57f3>] erase_effect+0xa1/0xd2
[   39.402214]  [<ffffffff9e0f58c6>] input_ff_flush+0x43/0x5c
[   39.402219]  [<ffffffffc04f32ad>] 0xffffffffc04f32ad
[   39.402227]  [<ffffffff9e0f174f>] input_flush_device+0x3d/0x51
[   39.402234]  [<ffffffff9e0f69ae>] evdev_flush+0x49/0x5c
[   39.402243]  [<ffffffff9dd62d6e>] filp_close+0x3f/0x65
[   39.402253]  [<ffffffff9dd7dcf7>] put_files_struct+0x66/0xc1
[   39.402261]  [<ffffffff9dd7ddeb>] exit_files+0x47/0x4e
[   39.402270]  [<ffffffff9dc6b329>] do_exit+0x483/0x969
[   39.402278]  [<ffffffff9dc73211>] ? recalc_sigpending_tsk+0x3d/0x44
[   39.402285]  [<ffffffff9dc6c7a2>] do_group_exit+0x42/0xb0
[   39.402293]  [<ffffffff9dc767e1>] get_signal+0x58d/0x5bf
[   39.402300]  [<ffffffff9dc03701>] do_signal+0x37/0x53e
[   39.402307]  [<ffffffff9e0f8401>] ? evdev_ioctl_handler+0xac8/0xb04
[   39.402314]  [<ffffffff9e0f8464>] ? evdev_ioctl+0x10/0x12
[   39.402321]  [<ffffffff9dd74cfa>] ? do_vfs_ioctl+0x42e/0x501
[   39.402328]  [<ffffffff9dc0170e>] prepare_exit_to_usermode+0x66/0x90
[   39.402333]  [<ffffffff9dc0181b>] syscall_return_slowpath+0xe3/0xec
[   39.402339]  [<ffffffff9e305b7b>] int_ret_from_sys_call+0x25/0x8f

While we could solve this by simply initializing the completion earlier, we
are better off rearranging the code a bit so we avoid calling complete() on
requests that we did not send out. This patch consolidates marking request
slots as free in one place (in uinput_request_submit(), the same place
where we acquire them) and having everyone else simply signal completion
of the requests.

Fixes: 00ce756ce53a ("Input: uinput - mark failed submission requests as free")
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
7 years agoInput: uinput - avoid FF flush when destroying device
Dmitry Torokhov [Sat, 2 Sep 2017 00:13:43 +0000 (17:13 -0700)]
Input: uinput - avoid FF flush when destroying device

Normally, when input device supporting force feedback effects is being
destroyed, we try to "flush" currently playing effects, so that the
physical device does not continue vibrating (or executing other effects).
Unfortunately this does not work well for uinput as flushing of the effects
deadlocks with the destroy action:

- if device is being destroyed because the file descriptor is being closed,
  then there is noone to even service FF requests;

- if device is being destroyed because userspace sent UI_DEV_DESTROY,
  while theoretically it could be possible to service FF requests,
  userspace is unlikely to do so (they'd need to make sure FF handling
  happens on a separate thread) even if kernel solves the issue with FF
  ioctls deadlocking with UI_DEV_DESTROY ioctl on udev->mutex.

To avoid lockups like the one below, let's install a custom input device
flush handler, and avoid trying to flush force feedback effects when we
destroying the device, and instead rely on uinput to shut off the device
properly.

NMI watchdog: Watchdog detected hard LOCKUP on cpu 3
...
 <<EOE>>  [<ffffffff817a0307>] _raw_spin_lock_irqsave+0x37/0x40
 [<ffffffff810e633d>] complete+0x1d/0x50
 [<ffffffffa00ba08c>] uinput_request_done+0x3c/0x40 [uinput]
 [<ffffffffa00ba587>] uinput_request_submit.part.7+0x47/0xb0 [uinput]
 [<ffffffffa00bb62b>] uinput_dev_erase_effect+0x5b/0x76 [uinput]
 [<ffffffff815d91ad>] erase_effect+0xad/0xf0
 [<ffffffff815d929d>] flush_effects+0x4d/0x90
 [<ffffffff815d4cc0>] input_flush_device+0x40/0x60
 [<ffffffff815daf1c>] evdev_cleanup+0xac/0xc0
 [<ffffffff815daf5b>] evdev_disconnect+0x2b/0x60
 [<ffffffff815d74ac>] __input_unregister_device+0xac/0x150
 [<ffffffff815d75f7>] input_unregister_device+0x47/0x70
 [<ffffffffa00bac45>] uinput_destroy_device+0xb5/0xc0 [uinput]
 [<ffffffffa00bb2de>] uinput_ioctl_handler.isra.9+0x65e/0x740 [uinput]
 [<ffffffff811231ab>] ? do_futex+0x12b/0xad0
 [<ffffffffa00bb3f8>] uinput_ioctl+0x18/0x20 [uinput]
 [<ffffffff81241248>] do_vfs_ioctl+0x298/0x480
 [<ffffffff81337553>] ? security_file_ioctl+0x43/0x60
 [<ffffffff812414a9>] SyS_ioctl+0x79/0x90
 [<ffffffff817a04ee>] entry_SYSCALL_64_fastpath+0x12/0x71

Reported-by: Rodrigo Rivas Costa <rodrigorivascosta@gmail.com>
Reported-by: Clément VUCHENER <clement.vuchener@gmail.com>
Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=193741
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
7 years agoMerge tag 'kbuild-fixes-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/masah...
Linus Torvalds [Thu, 21 Sep 2017 16:01:03 +0000 (06:01 -1000)]
Merge tag 'kbuild-fixes-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

Pull Kbuild fixes from Masahiro Yamada:
 "Here are some early Kbuild fixes.

  The in-kernel firmware was removed during the previous merge window.
  Since then, some bug reports of broken rpm building are flying in ML.
  We need to fix it now.

  Summary:

   - remove firmware install from rpm-pkg / deb-pkg

   - fix mismatch between release number and UTS_VERSION for rpm-pkg"

* tag 'kbuild-fixes-v4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
  kbuild: rpm-pkg: fix version number handling
  kbuild: deb-pkg: remove firmware package support
  kbuild: rpm-pkg: delete firmware_install to fix build error

7 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Linus Torvalds [Thu, 21 Sep 2017 15:57:50 +0000 (05:57 -1000)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Pull misc fixes from Al Viro:
 "A couple of regression fixes, one for this merge window, one for the
  previous cycle"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  ipc/shm: Fix order of parameters when calling copy_compat_shmid_to_user
  iov_iter: fix page_copy_sane for compound pages

7 years agoMerge tag 'mtd/fixes-for-4.14-rc2' of git://git.infradead.org/linux-mtd
Linus Torvalds [Thu, 21 Sep 2017 15:55:20 +0000 (05:55 -1000)]
Merge tag 'mtd/fixes-for-4.14-rc2' of git://git.infradead.org/linux-mtd

Pull mtd fixes from Boris Brezillon:
 "SPI NOR:
   - Fix the SFDP parsing code (bugs reported by Geert Uytterhoeven)

  NAND:
   - Fix a resource leak in the lpc32xx_mlc driver
   - Fix a build warning in the core"

* tag 'mtd/fixes-for-4.14-rc2' of git://git.infradead.org/linux-mtd:
  mtd: nand: remove unused blockmask variable
  mtd: nand: lpc32xx_mlc: Fix an error handling path in lpc32xx_nand_probe()
  mtd: spi-nor: fix DMA unsafe buffer issue in spi_nor_read_sfdp()
  mtd: spi-nor: Check consistency of the memory size extracted from the SFDP

7 years agoMerge tag 'drm-fixes-for-v4.14-rc2' of git://people.freedesktop.org/~airlied/linux
Linus Torvalds [Thu, 21 Sep 2017 15:52:36 +0000 (05:52 -1000)]
Merge tag 'drm-fixes-for-v4.14-rc2' of git://people.freedesktop.org/~airlied/linux

Pull drm fixes from Dave Airlie:
 "amdkfd, i915 and exynos fixes.

  I've ended up on unplanned + planned leave this week, but there were
  some fixes I decided to dequeue, some amdkfd bits missed the next pull
  but they are pretty trivial, so I included them.

  I'm not sure I'll see much else for rc2, lots of people are at XDC"

* tag 'drm-fixes-for-v4.14-rc2' of git://people.freedesktop.org/~airlied/linux:
  drm/exynos/hdmi: Fix unsafe list iteration
  drm: exynos: include linux/irq.h
  drm/exynos: Fix suspend/resume support
  drm/exynos: Fix locking in the suspend/resume paths
  drm/i915: Remove unused 'in_vbl' from i915_get_crtc_scanoutpos()
  drm/i915/cnp: set min brightness from VBT
  Revert "drm/i915/bxt: Disable device ready before shutdown command"
  drm/i915/bxt: set min brightness from VBT
  drm/i915: Fix an error handling in 'intel_framebuffer_init()'
  drm/i915/gvt: Fix incorrect PCI BARs reporting
  drm/amdkfd: pass queue's mqd when destroying mqd
  drm/amdkfd: remove memset before memcpy
  uapi linux/kfd_ioctl.h: only use __u32 and __u64

7 years agoMerge tag 'dma-mapping-4.14-2' of git://git.infradead.org/users/hch/dma-mapping
Linus Torvalds [Thu, 21 Sep 2017 15:51:03 +0000 (05:51 -1000)]
Merge tag 'dma-mapping-4.14-2' of git://git.infradead.org/users/hch/dma-mapping

Pull dma mapping fix from Christoph Hellwig:
 "A fix for a fix that went in this merge window from Arnd"

* tag 'dma-mapping-4.14-2' of git://git.infradead.org/users/hch/dma-mapping:
  dma-coherent: fix rmem_dma_device_init regression

7 years agoMIPS: PCI: fix pcibios_map_irq section mismatch
Manuel Lauss [Tue, 12 Sep 2017 18:36:28 +0000 (20:36 +0200)]
MIPS: PCI: fix pcibios_map_irq section mismatch

Drop  the __init from pcibios_map_irq() to make this section mis-
match go away:

WARNING: vmlinux.o(.text+0x56acd4): Section mismatch in reference from the function pcibios_scanbus() to the function .init.text:pcibios_map_irq()
The function pcibios_scanbus() references
the function __init pcibios_map_irq().
This is often because pcibios_scanbus lacks a __init
annotation or the annotation of pcibios_map_irq is wrong.

Run-Tested only on Alchemy.

Signed-off-by: Manuel Lauss <manuel.lauss@gmail.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/17267/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
7 years agoMIPS: Fix input modify in __write_64bit_c0_split()
James Hogan [Tue, 19 Sep 2017 13:11:22 +0000 (14:11 +0100)]
MIPS: Fix input modify in __write_64bit_c0_split()

The inline asm in __write_64bit_c0_split() modifies the 64-bit input
operand by shifting the high register left by 32, and constructing the
full 64-bit value in the low register (even on a 32-bit kernel), so if
that value is used again it could cause breakage as GCC would assume the
registers haven't changed when they have.

To quote the GCC extended asm documentation:
> Warning: Do not modify the contents of input-only operands (except for
> inputs tied to outputs). The compiler assumes that on exit from the
> asm statement these operands contain the same values as they had
> before executing the statement.

Avoid modifying the input by using a temporary variable as an output
which is modified instead of the input and not otherwise used. The asm
is always __volatile__ so GCC shouldn't optimise it out. The low
register of the temporary output is written before the high register of
the input is read, so we have two constraint alternatives, one where
both use the same registers (for when the input value isn't subsequently
used), and one with an early clobber on the output in case the low
output uses the same register as the high input. This allows the
resulting assembly to remain mostly unchanged.

A diff of a MIPS32r6 kernel reveals only three differences, two in
relation to write_c0_r10k_diag() in cpu_probe() (register allocation
rearranged slightly but otherwise identical), and one in relation to
write_c0_cvmmemctl2() in kvm_vz_local_flush_guesttlb_all(), but the
octeon CPU is only supported on 64-bit kernels where
__write_64bit_c0_split() isn't used so that shouldn't matter in
practice. So there currently doesn't appear to be anything broken by
this bug.

Signed-off-by: James Hogan <james.hogan@imgtec.com>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/17315/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
7 years agoMIPS: MSP71xx: Include asm/setup.h
Arnd Bergmann [Mon, 18 Sep 2017 15:55:24 +0000 (17:55 +0200)]
MIPS: MSP71xx: Include asm/setup.h

msp71xx_defconfig can not be built at the in v4.14-rc1

arch/mips/pmcs-msp71xx/msp_smp.c:72:2: error: implicit declaration of function 'set_vi_handler' [-Werror=implicit-function-declaration]

I don't know what caused the regression, but including the right
header is the obvious fix.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: linux-mips@linux-mips.org
Cc: linux-kernel@vger.kernel.org
Patchwork: https://patchwork.linux-mips.org/patch/17309/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
7 years agopowerpc/pseries: Fix parent_dn reference leak in add_dt_node()
Tyrel Datwyler [Wed, 20 Sep 2017 21:02:52 +0000 (17:02 -0400)]
powerpc/pseries: Fix parent_dn reference leak in add_dt_node()

A reference to the parent device node is held by add_dt_node() for the
node to be added. If the call to dlpar_configure_connector() fails
add_dt_node() returns ENOENT and that reference is not freed.

Add a call to of_node_put(parent_dn) prior to bailing out after a
failed dlpar_configure_connector() call.

Fixes: 8d5ff320766f ("powerpc/pseries: Make dlpar_configure_connector parent node aware")
Cc: stable@vger.kernel.org # v3.12+
Signed-off-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/pseries: Fix "OF: ERROR: Bad of_node_put() on /cpus" during DLPAR
Tyrel Datwyler [Wed, 20 Sep 2017 21:02:51 +0000 (17:02 -0400)]
powerpc/pseries: Fix "OF: ERROR: Bad of_node_put() on /cpus" during DLPAR

Commit 215ee763f8cb ("powerpc: pseries: remove dlpar_attach_node
dependency on full path") reworked dlpar_attach_node() to no longer
look up the parent node "/cpus", but instead to have the parent node
passed by the caller in the function parameter list.

As a result dlpar_attach_node() is no longer responsible for freeing
the reference to the parent node. However, commit 215ee763f8cb failed
to remove the of_node_put(parent) call in dlpar_attach_node(), or to
take into account that the reference to the parent in the caller
dlpar_cpu_add() needs to be held until after dlpar_attach_node()
returns.

As a result doing repeated cpu add/remove dlpar operations will
eventually result in the following error:

  OF: ERROR: Bad of_node_put() on /cpus
  CPU: 0 PID: 10896 Comm: drmgr Not tainted 4.13.0-autotest #1
  Call Trace:
   dump_stack+0x15c/0x1f8 (unreliable)
   of_node_release+0x1a4/0x1c0
   kobject_put+0x1a8/0x310
   kobject_del+0xbc/0xf0
   __of_detach_node_sysfs+0x144/0x210
   of_detach_node+0xf0/0x180
   dlpar_detach_node+0xc4/0x120
   dlpar_cpu_remove+0x280/0x560
   dlpar_cpu_release+0xbc/0x1b0
   arch_cpu_release+0x6c/0xb0
   cpu_release_store+0xa0/0x100
   dev_attr_store+0x68/0xa0
   sysfs_kf_write+0xa8/0xf0
   kernfs_fop_write+0x2cc/0x400
   __vfs_write+0x5c/0x340
   vfs_write+0x1a8/0x3d0
   SyS_write+0xa8/0x1a0
   system_call+0x58/0x6c

Fix the issue by removing the of_node_put(parent) call from
dlpar_attach_node(), and ensuring that the reference to the parent
node is properly held and released by the caller dlpar_cpu_add().

Fixes: 215ee763f8cb ("powerpc: pseries: remove dlpar_attach_node dependency on full path")
Signed-off-by: Tyrel Datwyler <tyreld@linux.vnet.ibm.com>
Reported-by: Abdul Haleem <abdhalee@linux.vnet.ibm.com>
[mpe: Add a comment in the code and frob the change log slightly]
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/eeh: Create PHB PEs after EEH is initialized
Benjamin Herrenschmidt [Thu, 7 Sep 2017 06:35:40 +0000 (16:35 +1000)]
powerpc/eeh: Create PHB PEs after EEH is initialized

Otherwise we end up not yet having computed the right diag data size
on powernv where EEH initialization is delayed, thus causing memory
corruption later on when calling OPAL.

Fixes: 5cb1f8fdddb7 ("powerpc/powernv/pci: Dynamically allocate PHB diag data")
Cc: stable@vger.kernel.org # v4.13+
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: Russell Currey <ruscur@russell.cc>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agoipc/shm: Fix order of parameters when calling copy_compat_shmid_to_user
Will Deacon [Mon, 18 Sep 2017 16:47:38 +0000 (17:47 +0100)]
ipc/shm: Fix order of parameters when calling copy_compat_shmid_to_user

Commit 553f770ef71b ("ipc: move compat shmctl to native") moved the
compat IPC syscall handling into ipc/shm.c and refactored the struct
accessors in the process. Unfortunately, the call to
copy_compat_shmid_to_user when handling a compat {IPC,SHM}_STAT command
gets the arguments the wrong way round, passing a kernel stack address
as the user buffer (destination) and the user buffer as the kernel stack
address (source).

This patch fixes the parameter ordering so the buffers are accessed
correctly.

Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
7 years agoiov_iter: fix page_copy_sane for compound pages
Petar Penkov [Tue, 29 Aug 2017 18:20:32 +0000 (11:20 -0700)]
iov_iter: fix page_copy_sane for compound pages

Issue is that if the data crosses a page boundary inside a compound
page, this check will incorrectly trigger a WARN_ON.

To fix this, compute the order using the head of the compound page and
adjust the offset to be relative to that head.

Fixes: 72e809ed81ed ("iov_iter: sanity checks for copy to/from page
primitives")

Signed-off-by: Petar Penkov <ppenkov@google.com>
CC: Al Viro <viro@zeniv.linux.org.uk>
CC: Eric Dumazet <edumazet@google.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
7 years agoSMB: Validate negotiate (to protect against downgrade) even if signing off
Steve French [Thu, 21 Sep 2017 00:57:18 +0000 (19:57 -0500)]
SMB: Validate negotiate (to protect against downgrade) even if signing off

As long as signing is supported (ie not a guest user connection) and
connection is SMB3 or SMB3.02, then validate negotiate (protect
against man in the middle downgrade attacks).  We had been doing this
only when signing was required, not when signing was just enabled,
but this more closely matches recommended SMB3 behavior and is
better security.  Suggested by Metze.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Acked-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
7 years agocifs: release auth_key.response for reconnect.
Shu Wang [Fri, 8 Sep 2017 10:48:33 +0000 (18:48 +0800)]
cifs: release auth_key.response for reconnect.

There is a race that cause cifs reconnect in cifs_mount,
- cifs_mount
  - cifs_get_tcp_session
    - [ start thread cifs_demultiplex_thread
      - cifs_read_from_socket: -ECONNABORTED
        - DELAY_WORK smb2_reconnect_server ]
  - cifs_setup_session
  - [ smb2_reconnect_server ]

auth_key.response was allocated in cifs_setup_session, and
will release when the session destoried. So when session re-
connect, auth_key.response should be check and released.

Tested with my system:
CIFS VFS: Free previous auth_key.response = ffff8800320bbf80

A simple auth_key.response allocation call trace:
- cifs_setup_session
- SMB2_sess_setup
- SMB2_sess_auth_rawntlmssp_authenticate
- build_ntlmssp_auth_blob
- setup_ntlmv2_rsp

Signed-off-by: Shu Wang <shuwang@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
7 years agocifs: release cifs root_cred after exit_cifs
Shu Wang [Thu, 7 Sep 2017 08:03:27 +0000 (16:03 +0800)]
cifs: release cifs root_cred after exit_cifs

memory leak was found by kmemleak. exit_cifs_spnego
should be called before cifs module removed, or
cifs root_cred will not be released.

kmemleak report:
unreferenced object 0xffff880070a3ce40 (size 192):
  backtrace:
     kmemleak_alloc+0x4a/0xa0
     kmem_cache_alloc+0xc7/0x1d0
     prepare_kernel_cred+0x20/0x120
     init_cifs_spnego+0x2d/0x170 [cifs]
     0xffffffffc07801f3
     do_one_initcall+0x51/0x1b0
     do_init_module+0x60/0x1fd
     load_module+0x161e/0x1b60
     SYSC_finit_module+0xa9/0x100
     SyS_finit_module+0xe/0x10

Signed-off-by: Shu Wang <shuwang@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
7 years agoCIFS: make arrays static const, reduces object code size
Colin Ian King [Tue, 19 Sep 2017 15:27:39 +0000 (16:27 +0100)]
CIFS: make arrays static const, reduces object code size

Don't populate the read-only arrays types[] on the stack, instead make
them both static const.  Makes the object code smaller by over 200 bytes:

Before:
   text    data     bss     dec     hex filename
 111503   37696     448  149647   2488f fs/cifs/file.o

After:
   text    data     bss     dec     hex filename
 111140   37856     448  149444   247c4 fs/cifs/file.o

Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
7 years agoMerge tag 'exynos-drm-fixes-for-v4.14-rc1' of git://git.kernel.org/pub/scm/linux...
Dave Airlie [Wed, 20 Sep 2017 22:02:39 +0000 (08:02 +1000)]
Merge tag 'exynos-drm-fixes-for-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-fixes

- fix suspend/resume issues.
- fix memory corruption detected by kasan.
- fix build error on x86.

* tag 'exynos-drm-fixes-for-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos:
  drm/exynos/hdmi: Fix unsafe list iteration
  drm: exynos: include linux/irq.h
  drm/exynos: Fix suspend/resume support
  drm/exynos: Fix locking in the suspend/resume paths

7 years agoMerge tag 'drm-intel-fixes-2017-09-20' of git://anongit.freedesktop.org/git/drm-intel...
Dave Airlie [Wed, 20 Sep 2017 22:02:21 +0000 (08:02 +1000)]
Merge tag 'drm-intel-fixes-2017-09-20' of git://anongit.freedesktop.org/git/drm-intel into drm-fixes

drm/i915 fixes for 4.14-rc1

Couple fixes for stable:

- Fix MIPI panels on BXT.
- Fix PCI BARs information on GVT.

Plus other fixes:

- Fix minimal brightness for BXT, GLK, CFL and CNL.
- Fix compilation warning: unused in_vbl
- Fix error handling in intel_framebuffer_init

* tag 'drm-intel-fixes-2017-09-20' of git://anongit.freedesktop.org/git/drm-intel:
  drm/i915: Remove unused 'in_vbl' from i915_get_crtc_scanoutpos()
  drm/i915/cnp: set min brightness from VBT
  Revert "drm/i915/bxt: Disable device ready before shutdown command"
  drm/i915/bxt: set min brightness from VBT
  drm/i915: Fix an error handling in 'intel_framebuffer_init()'
  drm/i915/gvt: Fix incorrect PCI BARs reporting

7 years ago[SMB3] Update session and share information displayed for debugging SMB2/SMB3
Steve French [Wed, 20 Sep 2017 21:46:49 +0000 (16:46 -0500)]
[SMB3] Update session and share information displayed for debugging SMB2/SMB3

We were not displaying some key fields (session status and capabilities and
whether guest authenticated) for SMB2/SMB3 session in /proc/fs/cifs/DebugData.

This is needed for real world triage of problems with the (now much more
common) SMB3 mounts.

Signed-off-by: Steve French <smfrench@gmail.com>
7 years agoPCI: endpoint: Use correct "end of test" interrupt
John Keeping [Wed, 20 Sep 2017 18:56:06 +0000 (13:56 -0500)]
PCI: endpoint: Use correct "end of test" interrupt

pci_epf_test_raise_irq() reads the interrupt to use for the response from
reg->command, but this has been cleared at the beginning of the command
handler so the value is always zero at this point.

Instead, extract the interrupt index before handling the command and then
pass the requested interrupt into pci_epf_test_raise_irq().  This allows us
to remove the specific code to extract the interrupt for
COMMAND_RAISE_MSI_IRQ since it is now handled in common code.

Fixes: 3ecf3232c54c ("PCI: endpoint: Do not reset *command* inadvertently")
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Kishon Vijay Abraham I <kishon@ti.com>
7 years agoMerge tag 'trace-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt...
Linus Torvalds [Wed, 20 Sep 2017 16:38:07 +0000 (06:38 -1000)]
Merge tag 'trace-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull tracing fixes from Steven Rostedt:
 "This includes three minor fixes.

    - Have writing to trace file clear the irqsoff (and friends) tracer

    - trace_pipe behavior for instance buffers was different than top
      buffer

    - Show a message of why mmiotrace doesn't start from commandline"

* tag 'trace-v4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  tracing: Fix trace_pipe behavior for instance traces
  tracing: Ignore mmiotrace from kernel commandline
  tracing: Erase irqsoff trace with empty write

7 years agokbuild: rpm-pkg: fix version number handling
Masahiro Yamada [Wed, 20 Sep 2017 13:01:26 +0000 (22:01 +0900)]
kbuild: rpm-pkg: fix version number handling

The "Release:" field of the spec file is determined based on the
.version file.

However, the .version file is not copied to the source tar file.
So, when we build the kernel from the source package, the UTS_VERSION
always indicates #1.  This does not match with "rpm -q".

The kernel UTS_VERSION and "rpm -q" do not agree for binrpm-pkg, either.
Please note the kernel has already been built before the spec file is
created.  Currently, mkspec invokes mkversion.  This script returns an
incremented version.  So, the "Release:" field of the spec file is
greater than the version in the kernel by one.

For the source package build (where .version file is missing), we can
give KBUILD_BUILD_VERSION=%{release} to the build command.

For the binary package build, we can simply read out the .version file
because it contains the version number that was used for building the
kernel image.

We can remove scripts/mkversion because scripts/package/Makefile need
not touch the .version file.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
7 years agokbuild: deb-pkg: remove firmware package support
Masahiro Yamada [Mon, 18 Sep 2017 09:22:19 +0000 (18:22 +0900)]
kbuild: deb-pkg: remove firmware package support

Commit 5620a0d1aacd ("firmware: delete in-kernel firmware") deleted
in-kernel firmware support, including the firmware install command.

So, the firmware package does not make sense any more.  Remove it.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Riku Voipio <riku.voipio@linaro.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
7 years agokbuild: rpm-pkg: delete firmware_install to fix build error
Masahiro Yamada [Mon, 18 Sep 2017 09:12:36 +0000 (18:12 +0900)]
kbuild: rpm-pkg: delete firmware_install to fix build error

Commit 5620a0d1aacd ("firmware: delete in-kernel firmware") deleted
in-kernel firmware support, including "make firmware_install".

Since then, "make rpm-pkg" / "make binrpm-pkg" fails to build with
the error:

  make[2]: *** No rule to make target `firmware_install'.  Stop.

Commit df85b2d767aa ("firmware: Restore support for built-in firmware")
restored the build infrastructure for CONFIG_EXTRA_FIRMWARE, but this
is out of the scope of "make firmware_install".  So, the right thing to
do is to kill the use of "make firmware_install".

Fixes: 5620a0d1aacd ("firmware: delete in-kernel firmware")
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
7 years agos390/topology: enable / disable topology dynamically
Heiko Carstens [Thu, 14 Sep 2017 12:42:32 +0000 (14:42 +0200)]
s390/topology: enable / disable topology dynamically

Add a new sysctl file /proc/sys/s390/topology which displays if
topology is on (1) or off (0) as specified by the "topology=" kernel
parameter.

This allows to change topology information during runtime and
configuring it via /etc/sysctl.conf instead of using the kernel line
parameter.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
7 years agos390/topology: alternative topology for topology-less machines
Heiko Carstens [Tue, 19 Sep 2017 10:52:22 +0000 (12:52 +0200)]
s390/topology: alternative topology for topology-less machines

If running on machines that do not provide topology information we
currently generate a "fake" topology which defines the maximum
distance between each cpu: each cpu will be put into an own drawer.

Historically this used to be the best option for (virtual) machines in
overcommited hypervisors.

For some workloads however it is better to generate a different
topology where all cpus are siblings within a package (all cpus are
core siblings). This shows performance improvements of up to 10%,
depending on the workload.

In order to keep the current behaviour, but also allow to switch to
the different core sibling topology use the existing "topology="
kernel parameter:

Specifying "topology=on" on machines without topology information will
generate the core siblings (fake) topology information, instead of the
default topology information where all cpus have the maximum distance.

On machines which provide topology information specifying
"topology=on" does not have any effect.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
7 years agopowerpc/kprobes: Update optprobes to use emulate_update_regs()
Naveen N. Rao [Fri, 15 Sep 2017 10:08:21 +0000 (15:38 +0530)]
powerpc/kprobes: Update optprobes to use emulate_update_regs()

Optprobes depended on an updated regs->nip from analyse_instr() to
identify the location to branch back from the optprobes trampoline.
However, since commit 3cdfcbfd32b9d ("powerpc: Change analyse_instr so
it doesn't modify *regs"), analyse_instr() doesn't update the registers
anymore.  Due to this, we end up branching back from the optprobes
trampoline to the same branch into the trampoline resulting in a loop.

Fix this by calling out to emulate_update_regs() before using the nip.
Additionally, explicitly compare the return value from analyse_instr()
to 1, rather than just checking for !0 so as to guard against any
future changes to analyse_instr() that may result in -1 being returned
in more scenarios.

Fixes: 3cdfcbfd32b9d ("powerpc: Change analyse_instr so it doesn't modify *regs")
Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agoMerge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/scottwood/linux...
Michael Ellerman [Wed, 20 Sep 2017 10:05:24 +0000 (20:05 +1000)]
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/scottwood/linux into fixes

Merge one commit from Scott which I missed while away.

7 years agocrypto: af_alg - update correct dst SGL entry
Stephan Mueller [Wed, 30 Aug 2017 07:17:39 +0000 (09:17 +0200)]
crypto: af_alg - update correct dst SGL entry

When two adjacent TX SGL are processed and parts of both TX SGLs
are pulled into the per-request TX SGL, the wrong per-request
TX SGL entries were updated.

This fixes a NULL pointer dereference when a cipher implementation walks
the TX SGL where some of the SGL entries were NULL.

Fixes: e870456d8e7c ("crypto: algif_skcipher - overhaul memory...")
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: caam - fix LS1021A support on ARMv7 multiplatform kernel
Horia Geantă [Fri, 1 Sep 2017 14:12:59 +0000 (17:12 +0300)]
crypto: caam - fix LS1021A support on ARMv7 multiplatform kernel

When built using multi_v7_defconfig, driver does not work on LS1021A:
[...]
caam 1700000.crypto: can't identify CAAM ipg clk: -2
caam: probe of 1700000.crypto failed with error -2
[...]

It turns out we have to detect at runtime whether driver is running
on an i.MX platform or not.

Cc: <stable@vger.kernel.org>
Fixes: 6c3af9559352 ("crypto: caam - add support for LS1021A")
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: inside-secure - fix gcc-4.9 warnings
Arnd Bergmann [Tue, 12 Sep 2017 10:12:16 +0000 (12:12 +0200)]
crypto: inside-secure - fix gcc-4.9 warnings

All older compiler versions up to gcc-4.9 produce these
harmless warnings:

drivers/crypto/inside-secure/safexcel_cipher.c:389:9: warning: missing braces around initializer [-Wmissing-braces]
drivers/crypto/inside-secure/safexcel_cipher.c:389:9: warning: (near initialization for ‘result.completion’) [-Wmissing-braces]
drivers/crypto/inside-secure/safexcel_hash.c:422:9: warning: missing braces around initializer [-Wmissing-braces]
drivers/crypto/inside-secure/safexcel_hash.c:422:9: warning: (near initialization for ‘result.completion’) [-Wmissing-braces]

This changes the syntax to something that works on all versions
without warnings.

Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: talitos - Don't provide setkey for non hmac hashing algs.
LEROY Christophe [Tue, 12 Sep 2017 09:03:39 +0000 (11:03 +0200)]
crypto: talitos - Don't provide setkey for non hmac hashing algs.

Today, md5sum fails with error -ENOKEY because a setkey
function is set for non hmac hashing algs, see strace output below:

mmap(NULL, 378880, PROT_READ, MAP_SHARED, 6, 0) = 0x77f50000
accept(3, 0, NULL)                      = 7
vmsplice(5, [{"bin/\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 378880}], 1, SPLICE_F_MORE|SPLICE_F_GIFT) = 262144
splice(4, NULL, 7, NULL, 262144, SPLICE_F_MORE) = -1 ENOKEY (Required key not available)
write(2, "Generation of hash for file kcap"..., 50) = 50
munmap(0x77f50000, 378880)              = 0

This patch ensures that setkey() function is set only
for hmac hashing.

Cc: <stable@vger.kernel.org>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: talitos - fix hashing
LEROY Christophe [Wed, 13 Sep 2017 10:44:57 +0000 (12:44 +0200)]
crypto: talitos - fix hashing

md5sum on some files gives wrong result

Exemple:

With the md5sum from libkcapi:
c15115c05bad51113f81bdaee735dd09  test

With the original md5sum:
bbdf41d80ba7e8b2b7be3a0772be76cb  test

This patch fixes this issue

Cc: <stable@vger.kernel.org>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: talitos - fix sha224
LEROY Christophe [Wed, 13 Sep 2017 10:44:51 +0000 (12:44 +0200)]
crypto: talitos - fix sha224

Kernel crypto tests report the following error at startup

[    2.752626] alg: hash: Test 4 failed for sha224-talitos
[    2.757907] 00000000: 30 e2 86 e2 e7 8a dd 0d d7 eb 9f d5 83 fe f1 b0
00000010: 2d 5a 6c a5 f9 55 ea fd 0e 72 05 22

This patch fixes it

Cc: <stable@vger.kernel.org>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/twofish - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:11 +0000 (14:42 -0500)]
crypto: x86/twofish - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use R13 instead of RBP.  Both are callee-saved registers, so the
substitution is straightforward.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: sha512-avx2 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:10 +0000 (14:42 -0500)]
crypto: sha512-avx2 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Mix things up a little bit to get rid of the RBP usage, without hurting
performance too much.  Use RDI instead of RBP for the TBL pointer.  That
will clobber CTX, so spill CTX onto the stack and use R12 to read it in
the outer loop.  R12 is used as a non-persistent temporary variable
elsewhere, so it's safe to use.

Also remove the unused y4 variable.

Reported-by: Eric Biggers <ebiggers3@gmail.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/sha256-ssse3 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:09 +0000 (14:42 -0500)]
crypto: x86/sha256-ssse3 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Swap the usages of R12 and RBP.  Use R12 for the TBL register, and use
RBP to store the pre-aligned stack pointer.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/sha256-avx2 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:08 +0000 (14:42 -0500)]
crypto: x86/sha256-avx2 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

There's no need to use RBP as a temporary register for the TBL value,
because it always stores the same value: the address of the K256 table.
Instead just reference the address of K256 directly.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/sha256-avx - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:07 +0000 (14:42 -0500)]
crypto: x86/sha256-avx - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Swap the usages of R12 and RBP.  Use R12 for the TBL register, and use
RBP to store the pre-aligned stack pointer.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/sha1-ssse3 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:06 +0000 (14:42 -0500)]
crypto: x86/sha1-ssse3 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Swap the usages of R12 and RBP.  Use R12 for the REG_D register, and use
RBP to store the pre-aligned stack pointer.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/sha1-avx2 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:05 +0000 (14:42 -0500)]
crypto: x86/sha1-avx2 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use R11 instead of RBP.  Since R11 isn't a callee-saved register, it
doesn't need to be saved and restored on the stack.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/des3_ede - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:04 +0000 (14:42 -0500)]
crypto: x86/des3_ede - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use RSI instead of RBP for RT1.  Since RSI is also used as a the 'dst'
function argument, it needs to be saved on the stack until the argument
is needed.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/cast6 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:03 +0000 (14:42 -0500)]
crypto: x86/cast6 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use R15 instead of RBP.  R15 can't be used as the RID1 register because
of x86 instruction encoding limitations.  So use R15 for CTX and RDI for
CTX.  This means that CTX is no longer an implicit function argument.
Instead it needs to be explicitly copied from RDI.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/cast5 - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:02 +0000 (14:42 -0500)]
crypto: x86/cast5 - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use R15 instead of RBP.  R15 can't be used as the RID1 register because
of x86 instruction encoding limitations.  So use R15 for CTX and RDI for
CTX.  This means that CTX is no longer an implicit function argument.
Instead it needs to be explicitly copied from RDI.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/camellia - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:01 +0000 (14:42 -0500)]
crypto: x86/camellia - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use R12 instead of RBP.  Both are callee-saved registers, so the
substitution is straightforward.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: x86/blowfish - Fix RBP usage
Josh Poimboeuf [Mon, 18 Sep 2017 19:42:00 +0000 (14:42 -0500)]
crypto: x86/blowfish - Fix RBP usage

Using RBP as a temporary register breaks frame pointer convention and
breaks stack traces when unwinding from an interrupt in the crypto code.

Use R12 instead of RBP.  R12 can't be used as the RT0 register because
of x86 instruction encoding limitations.  So use R12 for CTX and RDI for
CTX.  This means that CTX is no longer an implicit function argument.
Instead it needs to be explicitly copied from RDI.

Reported-by: Eric Biggers <ebiggers@google.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Tested-by: Eric Biggers <ebiggers@google.com>
Acked-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agocrypto: drbg - fix freeing of resources
Stephan Mueller [Thu, 14 Sep 2017 15:10:28 +0000 (17:10 +0200)]
crypto: drbg - fix freeing of resources

During the change to use aligned buffers, the deallocation code path was
not updated correctly. The current code tries to free the aligned buffer
pointer and not the original buffer pointer as it is supposed to.

Thus, the code is updated to free the original buffer pointer and set
the aligned buffer pointer that is used throughout the code to NULL.

Fixes: 3cfc3b9721123 ("crypto: drbg - use aligned buffers")
CC: <stable@vger.kernel.org>
CC: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
7 years agoMIPS: Fix perf event init
Paul Burton [Wed, 20 Sep 2017 05:07:18 +0000 (22:07 -0700)]
MIPS: Fix perf event init

Commit c311c797998c ("cpumask: make "nr_cpumask_bits" unsigned")
modified mipspmu_event_init() to cast the struct perf_event cpu field to
an unsigned integer before it is compared with nr_cpumask_bits (and
*ahem* did so without copying the linux-mips mailing list or any MIPS
developers...). This is broken because the cpu field may be -1 for
events which follow a process rather than being affine to a particular
CPU. When this is the case the cast to an unsigned int results in a
value equal to ULONG_MAX, which is always greater than nr_cpumask_bits
so we always fail mipspmu_event_init() and return -ENODEV.

The check against nr_cpumask_bits seems nonsensical anyway, so this
patch simply removes it. The cpu field is going to either be -1 or a
valid CPU number. Comparing it with nr_cpumask_bits is effectively
checking that it's a valid cpu number, but it seems safe to rely on the
core perf events code to ensure that's the case.

The end result is that this fixes use of perf on MIPS when not
constraining events to a particular CPU, and fixes the "perf list hw"
command which fails to list any events without this.

Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Fixes: c311c797998c ("cpumask: make "nr_cpumask_bits" unsigned")
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-mips@linux-mips.org
Cc: stable <stable@vger.kernel.org> # v4.12+
Patchwork: https://patchwork.linux-mips.org/patch/17323/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
7 years agocifs: show 'soft' in the mount options for hard mounts
Ronnie Sahlberg [Wed, 20 Sep 2017 03:09:23 +0000 (13:09 +1000)]
cifs: show 'soft' in the mount options for hard mounts

Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
7 years agoSMB3: Warn user if trying to sign connection that authenticated as guest
Steve French [Tue, 19 Sep 2017 23:40:03 +0000 (18:40 -0500)]
SMB3: Warn user if trying to sign connection that authenticated as guest

It can be confusing if user ends up authenticated as guest but they
requested signing (server will return error validating signed packets)
so add log message for this.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org>
7 years agoSMB3: Fix endian warning
Steve French [Tue, 19 Sep 2017 16:43:47 +0000 (11:43 -0500)]
SMB3: Fix endian warning

Multi-dialect negotiate patch had a minor endian error.

Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Stable <stable@vger.kernel.org> # 4.13+
7 years agopowerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline
Gautham R. Shenoy [Thu, 31 Aug 2017 11:47:41 +0000 (17:17 +0530)]
powerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline

Commit 24be85a23d1f ("powerpc/powernv: Clear PECE1 in LPCR via
stop-api only on Hotplug") clears the PECE1 bit of the LPCR via
stop-api during CPU-Hotplug to prevent wakeup due to a decrementer on
an offlined CPU which is in a deep stop state.

In the case where the stop-api support is found to be lacking, the
commit 785a12afdb4a ("powerpc/powernv/idle: Disable LOSE_FULL_CONTEXT
states when stop-api fails") disables deep states that lose hypervisor
context. Thus in this case, the offlined CPU will be put to some
shallow idle state.

However, we currently unconditionally clear the PECE1 in LPCR via
stop-api during CPU-Hotplug even when deep states are disabled due to
stop-api failure.

Fix this by clearing PECE1 of LPCR via stop-api during CPU-Hotplug
*only* when the offlined CPU will be put to a deep state that loses
hypervisor context.

Fixes: 24be85a23d1f ("powerpc/powernv: Clear PECE1 in LPCR via stop-api only on Hotplug")
Reported-by: Pavithra Prakash <pavirampu@linux.vnet.ibm.com>
Signed-off-by: Gautham R. Shenoy <ego@linux.vnet.ibm.com>
Reviewed-by: Nicholas Piggin <npiggin@gmail.com>
Tested-by: Pavithra Prakash <pavrampu@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/sstep: mullw should calculate a 64 bit signed result
Anton Blanchard [Tue, 19 Sep 2017 23:32:19 +0000 (09:32 +1000)]
powerpc/sstep: mullw should calculate a 64 bit signed result

mullw should do a 32 bit signed multiply and create a 64 bit signed
result. It currently truncates the result to 32 bits.

Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/sstep: Fix issues with mcrf
Anton Blanchard [Tue, 19 Sep 2017 10:45:53 +0000 (20:45 +1000)]
powerpc/sstep: Fix issues with mcrf

mcrf broke when we changed analyse_instr() to not modify the register
state. The instruction writes to the CR, so we need to store the result
in op->ccval, not op->val.

Fixes: 3cdfcbfd32b9 ("powerpc: Change analyse_instr so it doesn't modify *regs")
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/sstep: Fix issues with set_cr0()
Anton Blanchard [Tue, 19 Sep 2017 10:45:52 +0000 (20:45 +1000)]
powerpc/sstep: Fix issues with set_cr0()

set_cr0() broke when we changed analyse_instr() to not modify the
register state. Instead of looking at regs->gpr[x] which has not
been updated yet, we need to look at op->val.

Fixes: 3cdfcbfd32b9 ("powerpc: Change analyse_instr so it doesn't modify *regs")
Signed-off-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/tm: Flush TM only if CPU has TM feature
Gustavo Romero [Thu, 14 Sep 2017 02:13:48 +0000 (22:13 -0400)]
powerpc/tm: Flush TM only if CPU has TM feature

Commit cd63f3c ("powerpc/tm: Fix saving of TM SPRs in core dump")
added code to access TM SPRs in flush_tmregs_to_thread(). However
flush_tmregs_to_thread() does not check if TM feature is available on
CPU before trying to access TM SPRs in order to copy live state to
thread structures. flush_tmregs_to_thread() is indeed guarded by
CONFIG_PPC_TRANSACTIONAL_MEM but it might be the case that kernel
was compiled with CONFIG_PPC_TRANSACTIONAL_MEM enabled and ran on
a CPU without TM feature available, thus rendering the execution
of TM instructions that are treated by the CPU as illegal instructions.

The fix is just to add proper checking in flush_tmregs_to_thread()
if CPU has the TM feature before accessing any TM-specific resource,
returning immediately if TM is no available on the CPU. Adding
that checking in flush_tmregs_to_thread() instead of in places
where it is called, like in vsr_get() and vsr_set(), is better because
avoids the same problem cropping up elsewhere.

Cc: stable@vger.kernel.org # v4.13+
Fixes: cd63f3c ("powerpc/tm: Fix saving of TM SPRs in core dump")
Signed-off-by: Gustavo Romero <gromero@linux.vnet.ibm.com>
Reviewed-by: Cyril Bur <cyrilbur@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/sysrq: Fix oops whem ppmu is not registered
Ravi Bangoria [Tue, 19 Sep 2017 06:17:06 +0000 (11:47 +0530)]
powerpc/sysrq: Fix oops whem ppmu is not registered

Kernel crashes if power pmu is not registered and user tries to dump
regs with 'echo p > /proc/sysrq-trigger'. Sample log:

  Unable to handle kernel paging request for data at address 0x00000008
  Faulting instruction address: 0xc0000000000d52f0

  NIP [c0000000000d52f0] perf_event_print_debug+0x10/0x230
  LR [c00000000058a938] sysrq_handle_showregs+0x38/0x50
  Call Trace:
   printk+0x38/0x4c (unreliable)
   __handle_sysrq+0xe4/0x270
   write_sysrq_trigger+0x64/0x80
   proc_reg_write+0x80/0xd0
   __vfs_write+0x40/0x200
   vfs_write+0xc8/0x240
   SyS_write+0x60/0x110
   system_call+0x58/0x6c

Fixes: 5f6d0380c640 ("powerpc/perf: Define perf_event_print_debug() to print PMU register values")
Signed-off-by: Ravi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
Reviewed-by: Kamalesh Babulal <kamalesh@linux.vnet.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agopowerpc/configs: Update for CONFIG_SND changes
Michael Ellerman [Wed, 23 Aug 2017 05:37:53 +0000 (15:37 +1000)]
powerpc/configs: Update for CONFIG_SND changes

Commit eb3b705aaed9 ("ALSA: Make CONFIG_SND_OSSEMUL user-selectable")
means we need to set CONFIG_SND_OSSEMUL in our configs, otherwise we
lose some of the SND symbols.

And commit 0181307abc1d ("ALSA: seq: Reorganize kconfig and build")
reorganised things, which causes the churn.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
7 years agoMerge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Linus Torvalds [Wed, 20 Sep 2017 03:09:55 +0000 (17:09 -1000)]
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "This is a set of five small fixes: one is a null deref fix which is
  pretty critical for the fc transport class and one fixes a potential
  security issue of sg leaking kernel information"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
  scsi: sg: factor out sg_fill_request_table()
  scsi: sd: Remove unnecessary condition in sd_read_block_limits()
  scsi: acornscsi: fix build error
  scsi: scsi_transport_fc: fix NULL pointer dereference in fc_bsg_job_timeout

7 years agoMerge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm...
Linus Torvalds [Wed, 20 Sep 2017 03:07:18 +0000 (17:07 -1000)]
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull si_code fix from Eric Biederman:
 "When sorting out the si_code ambiguity fcntl I accidentally overshot
  and included SIGPOLL as well. Ooops! This is my trivial fix for that.

  Vince Weaver caught this when it landed in your tree with his
  perf_event_tests many of which started failing because the si_code
  changed"

Quoth Vince Weaver:
 "I've tested with this patch applied and can confirm all of my tests
  now pass again"

Fixes: d08477aa975e ("fcntl: Don't use ambiguous SIG_POLL si_codes")
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  fcntl: Don't set si_code to SI_SIGIO when sig == SIGPOLL

7 years agoMerge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Linus Torvalds [Wed, 20 Sep 2017 03:05:53 +0000 (17:05 -1000)]
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM fixes from Radim Krčmář:

 - fix build without CONFIG_HAVE_KVM_IRQ_ROUTING

 - fix NULL access in x86 CR access

 - fix race with VMX posted interrups

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
  KVM: VMX: do not change SN bit in vmx_update_pi_irte()
  KVM: x86: Fix the NULL pointer parameter in check_cr_write()
  Revert "KVM: Don't accept obviously wrong gsi values via KVM_IRQFD"

7 years agodrm/exynos/hdmi: Fix unsafe list iteration
Maciej Purski [Tue, 5 Sep 2017 12:23:02 +0000 (14:23 +0200)]
drm/exynos/hdmi: Fix unsafe list iteration

Function hdmi_mode_fixup() used bare list_for_each entry, which was
unsafe and caused memory corruption detected by kasan.
It now uses drm_for_each_connector_iter macro, which is now recommended
by the documentation and safe.

Signed-off-by: Maciej Purski <m.purski@samsung.com>
Signed-off-by: Inki Dae <inki.dae@samsung.com>
7 years agoFix SMB3.1.1 guest authentication to Samba
Steve French [Mon, 18 Sep 2017 23:18:45 +0000 (18:18 -0500)]
Fix SMB3.1.1 guest authentication to Samba

Samba rejects SMB3.1.1 dialect (vers=3.1.1) negotiate requests from
the kernel client due to the two byte pad at the end of the negotiate
contexts.

CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
7 years agotracing: Fix trace_pipe behavior for instance traces
Tahsin Erdogan [Sun, 17 Sep 2017 10:23:48 +0000 (03:23 -0700)]
tracing: Fix trace_pipe behavior for instance traces

When reading data from trace_pipe, tracing_wait_pipe() performs a
check to see if tracing has been turned off after some data was read.
Currently, this check always looks at global trace state, but it
should be checking the trace instance where trace_pipe is located at.

Because of this bug, cat instances/i1/trace_pipe in the following
script will immediately exit instead of waiting for data:

cd /sys/kernel/debug/tracing
echo 0 > tracing_on
mkdir -p instances/i1
echo 1 > instances/i1/tracing_on
echo 1 > instances/i1/events/sched/sched_process_exec/enable
cat instances/i1/trace_pipe

Link: http://lkml.kernel.org/r/20170917102348.1615-1-tahsin@google.com
Cc: stable@vger.kernel.org
Fixes: 10246fa35d4f ("tracing: give easy way to clear trace buffer")
Signed-off-by: Tahsin Erdogan <tahsin@google.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
7 years agoMIPS: PCI: Move map_irq() hooks out of initdata
Lorenzo Pieralisi [Tue, 19 Sep 2017 14:50:42 +0000 (15:50 +0100)]
MIPS: PCI: Move map_irq() hooks out of initdata

04c81c7293df ("MIPS: PCI: Replace pci_fixup_irqs() call with host bridge
IRQ mapping hooks") moved the PCI IRQ fixup to the new host bridge
map/swizzle_irq() hooks mechanism. Those hooks can also be called after
boot, when all the __init/__initdata/__initconst sections have been freed.
Therefore, functions called by them (and the data they refer to) must not
be marked as __init/__initdata/__initconst lest compilation trigger section
mismatch warnings.

Fix all the board files map_irq() hooks by simply removing the respective
__init/__initdata/__initconst section markers and by adding another
persistent hook IRQ map for the txx9 board files.

Fixes: 04c81c7293df ("MIPS: PCI: Replace pci_fixup_irqs() call with host bridge IRQ mapping hooks")
Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Steve French <smfrench@gmail.com>
7 years agoceph: avoid panic in create_session_open_msg() if utsname() returns NULL
Yan, Zheng [Mon, 11 Sep 2017 04:10:08 +0000 (12:10 +0800)]
ceph: avoid panic in create_session_open_msg() if utsname() returns NULL

utsname() can return NULL while process is exiting. Kernel releases
file locks during process exits. We send request to mds when releasing
file lock. So it's possible that we open mds session while process is
exiting. utsname() is called in create_session_open_msg().

Link: http://tracker.ceph.com/issues/21275
Signed-off-by: "Yan, Zheng" <zyan@redhat.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
[idryomov@gmail.com: drop utsname.h include from mds_client.c]
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
7 years agolibceph: don't allow bidirectional swap of pg-upmap-items
Ilya Dryomov [Mon, 18 Sep 2017 10:21:37 +0000 (12:21 +0200)]
libceph: don't allow bidirectional swap of pg-upmap-items

This reverts most of commit f53b7665c8ce ("libceph: upmap semantic
changes").

We need to prevent duplicates in the final result.  For example, we
can currently take

  [1,2,3] and apply [(1,2)] and get [2,2,3]

or

  [1,2,3] and apply [(3,2)] and get [1,2,2]

The rest of the system is not prepared to handle duplicates in the
result set like this.

The reverted piece was intended to allow

  [1,2,3] and [(1,2),(2,1)] to get [2,1,3]

to reorder primaries.  First, this bidirectional swap is hard to
implement in a way that also prevents dups.  For example, [1,2,3] and
[(1,4),(2,3),(3,4)] would give [4,3,4] but would we just drop the last
step we'd have [4,3,3] which is also invalid, etc.  Simpler to just not
handle bidirectional swaps.  In practice, they are not needed: if you
just want to choose a different primary then use primary_affinity, or
pg_upmap (not pg_upmap_items).

Cc: stable@vger.kernel.org # 4.13
Link: http://tracker.ceph.com/issues/21410
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
7 years agotracing: Ignore mmiotrace from kernel commandline
Ziqian SUN (Zamir) [Mon, 11 Sep 2017 06:26:35 +0000 (14:26 +0800)]
tracing: Ignore mmiotrace from kernel commandline

The mmiotrace tracer cannot be enabled with ftrace=mmiotrace in kernel
commandline. With this patch, noboot is added to the tracer struct,
and when system boot with a tracer that has noboot=true, it will print
out a warning message and continue booting.

Link: http://lkml.kernel.org/r/1505111195-31942-1-git-send-email-zsun@redhat.com
Signed-off-by: Ziqian SUN (Zamir) <zsun@redhat.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
7 years agotracing: Erase irqsoff trace with empty write
Bo Yan [Mon, 18 Sep 2017 17:03:35 +0000 (10:03 -0700)]
tracing: Erase irqsoff trace with empty write

One convenient way to erase trace is "echo > trace". However, this
is currently broken if the current tracer is irqsoff tracer. This
is because irqsoff tracer use max_buffer as the default trace
buffer.

Set the max_buffer as the one to be cleared when it's the trace
buffer currently in use.

Link: http://lkml.kernel.org/r/1505754215-29411-1-git-send-email-byan@nvidia.com
Cc: <mingo@redhat.com>
Cc: stable@vger.kernel.org
Fixes: 4acd4d00f ("tracing: give easy way to clear trace buffer")
Signed-off-by: Bo Yan <byan@nvidia.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
7 years agoMerge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md
Linus Torvalds [Tue, 19 Sep 2017 15:39:32 +0000 (08:39 -0700)]
Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md

Pull MD fixes from Shaohua Li:
 "Two small patches to fix long-lived raid5 stripe batch bugs, one from
  Dennis and the other from me"

* 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md:
  md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
  md/raid5: fix a race condition in stripe batch

7 years agoMerge tag '4.14-smb3-multidialect-support-and-fixes-for-stable' of git://git.samba...
Linus Torvalds [Tue, 19 Sep 2017 15:35:42 +0000 (08:35 -0700)]
Merge tag '4.14-smb3-multidialect-support-and-fixes-for-stable' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:
 "Convert default dialect to smb2.1 or later to allow connecting to
  Windows 7 for example, also includes some fixes for stable"

* tag '4.14-smb3-multidialect-support-and-fixes-for-stable' of git://git.samba.org/sfrench/cifs-2.6:
  Update version of cifs module
  cifs: hide unused functions
  SMB3: Add support for multidialect negotiate (SMB2.1 and later)
  CIFS/SMB3: Update documentation to reflect SMB3 and various changes
  cifs: check rsp for NULL before dereferencing in SMB2_open

7 years agoiommu/qcom: Depend on HAS_DMA to fix compile error
Geert Uytterhoeven [Mon, 11 Sep 2017 12:34:34 +0000 (14:34 +0200)]
iommu/qcom: Depend on HAS_DMA to fix compile error

If NO_DMA=y:

    warning: (IPMMU_VMSA && ARM_SMMU && ARM_SMMU_V3 && QCOM_IOMMU) selects IOMMU_IO_PGTABLE_LPAE which has unmet direct dependencies (IOMMU_SUPPORT && HAS_DMA && (ARM || ARM64 || COMPILE_TEST && !GENERIC_ATOMIC64))

and

    drivers/iommu/io-pgtable-arm.o: In function `__arm_lpae_sync_pte':
    io-pgtable-arm.c:(.text+0x206): undefined reference to `bad_dma_ops'
    drivers/iommu/io-pgtable-arm.o: In function `__arm_lpae_free_pages':
    io-pgtable-arm.c:(.text+0x6a6): undefined reference to `bad_dma_ops'
    drivers/iommu/io-pgtable-arm.o: In function `__arm_lpae_alloc_pages':
    io-pgtable-arm.c:(.text+0x812): undefined reference to `bad_dma_ops'
    io-pgtable-arm.c:(.text+0x81c): undefined reference to `bad_dma_ops'
    io-pgtable-arm.c:(.text+0x862): undefined reference to `bad_dma_ops'
    drivers/iommu/io-pgtable-arm.o: In function `arm_lpae_run_tests':
    io-pgtable-arm.c:(.init.text+0x86): undefined reference to `alloc_io_pgtable_ops'
    io-pgtable-arm.c:(.init.text+0x47c): undefined reference to `free_io_pgtable_ops'
    drivers/iommu/qcom_iommu.o: In function `qcom_iommu_init_domain':
    qcom_iommu.c:(.text+0x1ce): undefined reference to `alloc_io_pgtable_ops'
    drivers/iommu/qcom_iommu.o: In function `qcom_iommu_domain_free':
    qcom_iommu.c:(.text+0x754): undefined reference to `free_io_pgtable_ops'

QCOM_IOMMU selects IOMMU_IO_PGTABLE_LPAE, which bypasses its dependency
on HAS_DMA.  Make QCOM_IOMMU depend on HAS_DMA to fix this.

Fixes: 0ae349a0f33fb040 ("iommu/qcom: Add qcom_iommu")
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
7 years agoxen, arm64: drop dummy lookup_address()
Tycho Andersen [Mon, 18 Sep 2017 22:35:32 +0000 (16:35 -0600)]
xen, arm64: drop dummy lookup_address()

This is unused, and conflicts with the definition that we'll add for XPFO.

Signed-off-by: Tycho Andersen <tycho@docker.com>
Reviewed-by: Julien Grall <julien.grall@arm.com>
CC: Boris Ostrovsky <boris.ostrovsky@oracle.com>
CC: Juergen Gross <jgross@suse.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
7 years agoKVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
Haozhong Zhang [Mon, 18 Sep 2017 01:56:50 +0000 (09:56 +0800)]
KVM: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt

WARN_ON_ONCE(pi_test_sn(&vmx->pi_desc)) in kvm_vcpu_trigger_posted_interrupt()
intends to detect the violation of invariant that VT-d PI notification
event is not suppressed when vcpu is in the guest mode. Because the
two checks for the target vcpu mode and the target suppress field
cannot be performed atomically, the target vcpu mode may change in
between. If that does happen, WARN_ON_ONCE() here may raise false
alarms.

As the previous patch fixed the real invariant breaker, remove this
WARN_ON_ONCE() to avoid false alarms, and document the allowed cases
instead.

Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Reported-by: "Ramamurthy, Venkatesh" <venkatesh.ramamurthy@intel.com>
Reported-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Fixes: 28b835d60fcc ("KVM: Update Posted-Interrupts Descriptor when vCPU is preempted")
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
7 years agoKVM: VMX: do not change SN bit in vmx_update_pi_irte()
Haozhong Zhang [Mon, 18 Sep 2017 01:56:49 +0000 (09:56 +0800)]
KVM: VMX: do not change SN bit in vmx_update_pi_irte()

In kvm_vcpu_trigger_posted_interrupt() and pi_pre_block(), KVM
assumes that PI notification events should not be suppressed when the
target vCPU is not blocked.

vmx_update_pi_irte() sets the SN field before changing an interrupt
from posting to remapping, but it does not check the vCPU mode.
Therefore, the change of SN field may break above the assumption.
Besides, I don't see reasons to suppress notification events here, so
remove the changes of SN field to avoid race condition.

Signed-off-by: Haozhong Zhang <haozhong.zhang@intel.com>
Reported-by: "Ramamurthy, Venkatesh" <venkatesh.ramamurthy@intel.com>
Reported-by: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Fixes: 28b835d60fcc ("KVM: Update Posted-Interrupts Descriptor when vCPU is preempted")
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
7 years agoKVM: x86: Fix the NULL pointer parameter in check_cr_write()
Yu Zhang [Mon, 18 Sep 2017 10:45:01 +0000 (18:45 +0800)]
KVM: x86: Fix the NULL pointer parameter in check_cr_write()

Routine check_cr_write() will trigger emulator_get_cpuid()->
kvm_cpuid() to get maxphyaddr, and NULL is passed as values
for ebx/ecx/edx. This is problematic because kvm_cpuid() will
dereference these pointers.

Fixes: d1cd3ce90044 ("KVM: MMU: check guest CR3 reserved bits based on its physical address width.")
Reported-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Yu Zhang <yu.c.zhang@linux.intel.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
7 years agodrm: exynos: include linux/irq.h
Arnd Bergmann [Tue, 5 Sep 2017 08:19:55 +0000 (10:19 +0200)]
drm: exynos: include linux/irq.h

I ran into a build error on x86:

drivers/gpu/drm/exynos/exynos5433_drm_decon.c: In function 'decon_conf_irq':
drivers/gpu/drm/exynos/exynos5433_drm_decon.c:706:2: error: implicit declaration of function 'irq_set_status_flags'; did you mean 'dquot_state_flag'? [-Werror=implicit-function-declaration]
  irq_set_status_flags(irq, IRQ_NOAUTOEN);

Adding the missing include fixes the error.

Fixes: b37d53a0382c ("drm/exynos/decon5433: move TE handling to DECON")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Inki Dae <inki.dae@samsung.com>