Commit Graph

692563 Commits

Author SHA1 Message Date
Brijesh Singh
618232e219 KVM: x86: Avoid guest page table walk when gpa_available is set
When a guest causes a page fault which requires emulation, the
vcpu->arch.gpa_available flag is set to indicate that cr2 contains a
valid GPA.

Currently, emulator_read_write_onepage() makes use of gpa_available flag
to avoid a guest page walk for a known MMIO regions. Lets not limit
the gpa_available optimization to just MMIO region. The patch extends
the check to avoid page walk whenever gpa_available flag is set.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
[Fix EPT=0 according to Wanpeng Li's fix, plus ensure VMX also uses the
 new code. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
[Moved "ret < 0" to the else brach, as per David's review. - Radim]
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-18 14:37:49 +02:00
Paolo Bonzini
e08d26f071 KVM: x86: simplify ept_misconfig
Calling handle_mmio_page_fault() has been unnecessary since commit
e9ee956e31 ("KVM: x86: MMU: Move handle_mmio_page_fault() call to
kvm_mmu_page_fault()", 2016-02-22).

handle_mmio_page_fault() can now be made static.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-18 14:37:48 +02:00
Arnd Bergmann
076b925d51 kvm: avoid uninitialized-variable warnings
When PAGE_OFFSET is not a compile-time constant, we run into
warnings from the use of kvm_is_error_hva() that the compiler
cannot optimize out:

arch/arm/kvm/../../../virt/kvm/kvm_main.c: In function '__kvm_gfn_to_hva_cache_init':
arch/arm/kvm/../../../virt/kvm/kvm_main.c:1978:14: error: 'nr_pages_avail' may be used uninitialized in this function [-Werror=maybe-uninitialized]
arch/arm/kvm/../../../virt/kvm/kvm_main.c: In function 'gfn_to_page_many_atomic':
arch/arm/kvm/../../../virt/kvm/kvm_main.c:1660:5: error: 'entry' may be used uninitialized in this function [-Werror=maybe-uninitialized]

This adds fake initializations to the two instances I ran into.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-15 18:56:14 +02:00
Jim Mattson
d3802286fa kvm: x86: Disallow illegal IA32_APIC_BASE MSR values
Host-initiated writes to the IA32_APIC_BASE MSR do not have to follow
local APIC state transition constraints, but the value written must be
valid.

Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-11 18:59:30 +02:00
Wanpeng Li
26eeb53cf0 KVM: MMU: Bail out immediately if there is no available mmu page
Bailing out immediately if there is no available mmu page to alloc.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-11 18:59:29 +02:00
Wanpeng Li
42bcbebf11 KVM: MMU: Fix softlockup due to mmu_lock is held too long
watchdog: BUG: soft lockup - CPU#5 stuck for 22s! [warn_test:3089]
 irq event stamp: 20532
 hardirqs last  enabled at (20531): [<ffffffff8e9b6908>] restore_regs_and_iret+0x0/0x1d
 hardirqs last disabled at (20532): [<ffffffff8e9b7ae8>] apic_timer_interrupt+0x98/0xb0
 softirqs last  enabled at (8266): [<ffffffff8e9badc6>] __do_softirq+0x206/0x4c1
 softirqs last disabled at (8253): [<ffffffff8e083918>] irq_exit+0xf8/0x100
 CPU: 5 PID: 3089 Comm: warn_test Tainted: G           OE   4.13.0-rc3+ #8
 RIP: 0010:kvm_mmu_prepare_zap_page+0x72/0x4b0 [kvm]
 Call Trace:
  make_mmu_pages_available.isra.120+0x71/0xc0 [kvm]
  kvm_mmu_load+0x1cf/0x410 [kvm]
  kvm_arch_vcpu_ioctl_run+0x1316/0x1bf0 [kvm]
  kvm_vcpu_ioctl+0x340/0x700 [kvm]
  ? kvm_vcpu_ioctl+0x340/0x700 [kvm]
  ? __fget+0xfc/0x210
  do_vfs_ioctl+0xa4/0x6a0
  ? __fget+0x11d/0x210
  SyS_ioctl+0x79/0x90
  entry_SYSCALL_64_fastpath+0x23/0xc2
  ? __this_cpu_preempt_check+0x13/0x20

This can be reproduced readily by ept=N and running syzkaller tests since
many syzkaller testcases don't setup any memory regions. However, if ept=Y
rmode identity map will be created, then kvm_mmu_calculate_mmu_pages() will
extend the number of VM's mmu pages to at least KVM_MIN_ALLOC_MMU_PAGES
which just hide the issue.

I saw the scenario kvm->arch.n_max_mmu_pages == 0 && kvm->arch.n_used_mmu_pages == 1,
so there is one active mmu page on the list, kvm_mmu_prepare_zap_page() fails
to zap any pages, however prepare_zap_oldest_mmu_page() always returns true.
It incurs infinite loop in make_mmu_pages_available() which causes mmu->lock
softlockup.

This patch fixes it by setting the return value of prepare_zap_oldest_mmu_page()
according to whether or not there is mmu page zapped.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-11 18:59:28 +02:00
David Hildenbrand
a057e0e22c KVM: nVMX: validate eptp pointer
Let's reuse the function introduced with eptp switching.

We don't explicitly have to check against enable_ept_ad_bits, as this
is implicitly done when checking against nested_vmx_ept_caps in
valid_ept_address().

Signed-off-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-11 18:53:22 +02:00
Andrew Jones
a170504f9f KVM: MAINTAINERS improvements
Remove nonexistent files, allow less awkward expressions when
extracting arch-specific information, and only return relevant
information when using arch-specific expressions. Additionally
add include/trace/events/kvm.h, arch/*/include/uapi/asm/kvm*,
and arch/powerpc/kernel/kvm* to appropriate sections. The arch-
specific expressions are now:

 /KVM/                                        -- All KVM
 /\(KVM\)|\(KVM\/x86\)/                       -- X86
 /\(KVM\)|\(KVM\/x86\)|\(KVM\/amd\)/          -- X86 plus AMD
 /\(KVM\)|\(KVM\/arm\)/                       -- ARM
 /\(KVM\)|\(KVM\/arm\)|\(KVM\/arm64\)/        -- ARM plus ARM64
 /\(KVM\)|\(KVM\/powerpc\)/                   -- POWERPC
 /\(KVM\)|\(KVM\/s390\)/                      -- S390
 /\(KVM\)|\(KVM\/mips\)/                      -- MIPS

Signed-off-by: Andrew Jones <drjones@redhat.com>
Acked-by: Cornelia Huck <cohuck@redhat.com>
Acked-by: Joerg Roedel <jroedel@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-11 18:53:18 +02:00
Paolo Bonzini
eebed24389 kvm: nVMX: Add support for fast unprotection of nested guest page tables
This is the same as commit 147277540b ("kvm: svm: Add support for
additional SVM NPF error codes", 2016-11-23), but for Intel processors.
In this case, the exit qualification field's bit 8 says whether the
EPT violation occurred while translating the guest's final physical
address or rather while translating the guest page tables.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-10 16:44:04 +02:00
Brijesh Singh
64531a3b70 KVM: SVM: Limit PFERR_NESTED_GUEST_PAGE error_code check to L1 guest
Commit 147277540b ("kvm: svm: Add support for additional SVM NPF error
codes", 2016-11-23) added a new error code to aid nested page fault
handling.  The commit unprotects (kvm_mmu_unprotect_page) the page when
we get a NPF due to guest page table walk where the page was marked RO.

However, if an L0->L2 shadow nested page table can also be marked read-only
when a page is read only in L1's nested page table.  If such a page
is accessed by L2 while walking page tables it can cause a nested
page fault (page table walks are write accesses).  However, after
kvm_mmu_unprotect_page we may get another page fault, and again in an
endless stream.

To cover this use case, we qualify the new error_code check with
vcpu->arch.mmu_direct_map so that the error_code check would run on L1
guest, and not the L2 guest.  This avoids hitting the above scenario.

Fixes: 147277540b
Cc: stable@vger.kernel.org
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Thomas Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-10 16:44:04 +02:00
Wanpeng Li
bbeac2830f KVM: X86: Fix residual mmio emulation request to userspace
Reported by syzkaller:

The kvm-intel.unrestricted_guest=0

   WARNING: CPU: 5 PID: 1014 at /home/kernel/data/kvm/arch/x86/kvm//x86.c:7227 kvm_arch_vcpu_ioctl_run+0x38b/0x1be0 [kvm]
   CPU: 5 PID: 1014 Comm: warn_test Tainted: G        W  OE   4.13.0-rc3+ #8
   RIP: 0010:kvm_arch_vcpu_ioctl_run+0x38b/0x1be0 [kvm]
   Call Trace:
    ? put_pid+0x3a/0x50
    ? rcu_read_lock_sched_held+0x79/0x80
    ? kmem_cache_free+0x2f2/0x350
    kvm_vcpu_ioctl+0x340/0x700 [kvm]
    ? kvm_vcpu_ioctl+0x340/0x700 [kvm]
    ? __fget+0xfc/0x210
    do_vfs_ioctl+0xa4/0x6a0
    ? __fget+0x11d/0x210
    SyS_ioctl+0x79/0x90
    entry_SYSCALL_64_fastpath+0x23/0xc2
    ? __this_cpu_preempt_check+0x13/0x20

The syszkaller folks reported a residual mmio emulation request to userspace
due to vm86 fails to emulate inject real mode interrupt(fails to read CS) and
incurs a triple fault. The vCPU returns to userspace with vcpu->mmio_needed == true
and KVM_EXIT_SHUTDOWN exit reason. However, the syszkaller testcase constructs
several threads to launch the same vCPU, the thread which lauch this vCPU after
the thread whichs get the vcpu->mmio_needed == true and KVM_EXIT_SHUTDOWN will
trigger the warning.

   #define _GNU_SOURCE
   #include <pthread.h>
   #include <stdio.h>
   #include <stdlib.h>
   #include <string.h>
   #include <sys/wait.h>
   #include <sys/types.h>
   #include <sys/stat.h>
   #include <sys/mman.h>
   #include <fcntl.h>
   #include <unistd.h>
   #include <linux/kvm.h>
   #include <stdio.h>

   int kvmcpu;
   struct kvm_run *run;

   void* thr(void* arg)
   {
     int res;
     res = ioctl(kvmcpu, KVM_RUN, 0);
     printf("ret1=%d exit_reason=%d suberror=%d\n",
         res, run->exit_reason, run->internal.suberror);
     return 0;
   }

   void test()
   {
     int i, kvm, kvmvm;
     pthread_t th[4];

     kvm = open("/dev/kvm", O_RDWR);
     kvmvm = ioctl(kvm, KVM_CREATE_VM, 0);
     kvmcpu = ioctl(kvmvm, KVM_CREATE_VCPU, 0);
     run = (struct kvm_run*)mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_SHARED, kvmcpu, 0);
     srand(getpid());
     for (i = 0; i < 4; i++) {
       pthread_create(&th[i], 0, thr, 0);
       usleep(rand() % 10000);
     }
     for (i = 0; i < 4; i++)
       pthread_join(th[i], 0);
   }

   int main()
   {
     for (;;) {
       int pid = fork();
       if (pid < 0)
         exit(1);
       if (pid == 0) {
         test();
         exit(0);
       }
       int status;
       while (waitpid(pid, &status, __WALL) != pid) {}
     }
     return 0;
   }

This patch fixes it by resetting the vcpu->mmio_needed once we receive
the triple fault to avoid the residue.

Reported-by: Dmitry Vyukov <dvyukov@google.com>
Tested-by: Dmitry Vyukov <dvyukov@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-10 16:43:55 +02:00
Longpeng(Mike)
f01fbd2fad KVM: arm: implements the kvm_arch_vcpu_in_kernel()
This implements the kvm_arch_vcpu_in_kernel() for ARM, and adjusts
the calls to kvm_vcpu_on_spin().

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-08 10:57:43 +02:00
Longpeng(Mike)
0546c63d98 KVM: s390: implements the kvm_arch_vcpu_in_kernel()
This implements kvm_arch_vcpu_in_kernel() for s390.  DIAG is a privileged
operation, so it cannot be called from problem state (user mode).

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-08 10:57:43 +02:00
Longpeng(Mike)
de63ad4cf4 KVM: X86: implement the logic for spinlock optimization
get_cpl requires vcpu_load, so we must cache the result (whether the
vcpu was preempted when its cpl=0) in kvm_vcpu_arch.

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-08 10:57:43 +02:00
Longpeng(Mike)
199b5763d3 KVM: add spinlock optimization framework
If a vcpu exits due to request a user mode spinlock, then
the spinlock-holder may be preempted in user mode or kernel mode.
(Note that not all architectures trap spin loops in user mode,
only AMD x86 and ARM/ARM64 currently do).

But if a vcpu exits in kernel mode, then the holder must be
preempted in kernel mode, so we should choose a vcpu in kernel mode
as a more likely candidate for the lock holder.

This introduces kvm_arch_vcpu_in_kernel() to decide whether the
vcpu is in kernel-mode when it's preempted.  kvm_vcpu_on_spin's
new argument says the same of the spinning VCPU.

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-08 10:57:43 +02:00
Radim Krčmář
1b4d56b86a KVM: x86: use general helpers for some cpuid manipulation
Add guest_cpuid_clear() and use it instead of kvm_find_cpuid_entry().
Also replace some uses of kvm_find_cpuid_entry() with guest_cpuid_has().

Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-07 16:16:30 +02:00
Radim Krčmář
d6321d4933 KVM: x86: generalize guest_cpuid_has_ helpers
This patch turns guest_cpuid_has_XYZ(cpuid) into guest_cpuid_has(cpuid,
X86_FEATURE_XYZ), which gets rid of many very similar helpers.

When seeing a X86_FEATURE_*, we can know which cpuid it belongs to, but
this information isn't in common code, so we recreate it for KVM.

Add some BUILD_BUG_ONs to make sure that it runs nicely.

Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-07 16:11:50 +02:00
Radim Krčmář
c6bd18011f KVM: x86: X86_FEATURE_NRIPS is not scattered anymore
bit(X86_FEATURE_NRIPS) is 3 since 2ccd71f1b2 ("x86/cpufeature: Move
some of the scattered feature bits to x86_capability"), so we can
simplify the code.

Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-07 16:09:38 +02:00
Bandan Das
41ab937274 KVM: nVMX: Emulate EPTP switching for the L1 hypervisor
When L2 uses vmfunc, L0 utilizes the associated vmexit to
emulate a switching of the ept pointer by reloading the
guest MMU.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Bandan Das <bsd@redhat.com>
Acked-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-07 15:29:22 +02:00
Bandan Das
27c42a1bb8 KVM: nVMX: Enable VMFUNC for the L1 hypervisor
Expose VMFUNC in MSRs and VMCS fields. No actual VMFUNCs are enabled.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Bandan Das <bsd@redhat.com>
Acked-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-07 15:29:21 +02:00
Bandan Das
2a499e49c2 KVM: vmx: Enable VMFUNCs
Enable VMFUNC in the secondary execution controls.  This simplifies the
changes necessary to expose it to nested hypervisors.  VMFUNCs still
cause #UD when invoked.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Bandan Das <bsd@redhat.com>
Acked-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-07 15:29:20 +02:00
David Hildenbrand
53a70daf3c KVM: nVMX: get rid of nested_release_page*
Let's also just use the underlying functions directly here.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
[Rebased on top of 9f744c5974 ("KVM: nVMX: do not pin the VMCS12")]
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-08-07 15:29:20 +02:00
David Hildenbrand
5e2f30b756 KVM: nVMX: get rid of nested_get_page()
nested_get_page() just sounds confusing. All we want is a page from G1.
This is even unrelated to nested.

Let's introduce kvm_vcpu_gpa_to_page() so we don't get too lengthy
lines.

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
[Squash pasto fix from Wanpeng Li. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-07 15:27:00 +02:00
Paolo Bonzini
90a2db6d86 KVM: nVMX: INVPCID support
Expose the "Enable INVPCID" secondary execution control to the guest
and properly reflect the exit reason.

In addition, before this patch the guest was always running with
INVPCID enabled, causing pcid.flat's "Test on INVPCID when disabled"
test to fail.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-07 15:26:06 +02:00
Ladi Prosek
72c139bacf KVM: hyperv: support HV_X64_MSR_TSC_FREQUENCY and HV_X64_MSR_APIC_FREQUENCY
It has been experimentally confirmed that supporting these two MSRs is one
of the necessary conditions for nested Hyper-V to use the TSC page. Modern
Windows guests are noticeably slower when they fall back to reading
timestamps from the HV_X64_MSR_TIME_REF_COUNT MSR instead of using the TSC
page.

The newly supported MSRs are advertised with the AccessFrequencyRegs
partition privilege flag and CPUID.40000003H:EDX[8] "Support for
determining timer frequencies is available" (both outside of the scope of
this KVM patch).

Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-08-07 15:26:06 +02:00
Linus Torvalds
aae4e7a8bc Linux 4.13-rc4 2017-08-06 18:44:49 -07:00
Linus Torvalds
acdae9ee6a platform-drivers-x86 for v4.13-4
Fix loop preventing some platforms from waking up via the power
 button in s2idle.
 
 intel-vbtn:
  - match power button on press rather than release
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJZhjtgAAoJEKbMaAwKp3647u4IALEnsRt10hj2ognbpQUPxqzB
 uwjlQ7ukqwWVbpgElQ6q2hKUFHNnk2CGuzIEjvRKpme0UpsSPUQRPZGeUGDmvC3l
 cOxNSmyTJkmeCEU9G7yj1NrcaOEFQ9iRLrZmSRnYBSWBgjzYdpfC/xog2y8mVkgO
 FQAU2ul9Ph5eXEOTQBw56LtzsraJtBdV76aKESuJEAw3h0E8svhLeV43caVic/Go
 Yv9aRZRkj/5oQHwXe+GC5K4dFdWFYZ9iGLQFHgcICRACcUq7p0ysVvf8YMVQplyR
 Xm2j8Dq1ierId5g90p5fznIM4BeBnIM2Iclkk4dPaIrP3Fogd9eq1gvxQKvWgpY=
 =IOnZ
 -----END PGP SIGNATURE-----

Merge tag 'platform-drivers-x86-v4.13-4' of git://git.infradead.org/linux-platform-drivers-x86

Pull x86 platform driver fix from Darren Hart:
 "Fix loop preventing some platforms from waking up via the power button
  in s2idle:

   - intel-vbtn: match power button on press rather than release"

* tag 'platform-drivers-x86-v4.13-4' of git://git.infradead.org/linux-platform-drivers-x86:
  platform/x86: intel-vbtn: match power button on press rather than release
2017-08-06 16:11:34 -07:00
Linus Torvalds
ed66da1104 A large number of ext4 bug fixes and cleanups for v4.13
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEK2m5VNv+CHkogTfJ8vlZVpUNgaMFAlmHbBAACgkQ8vlZVpUN
 gaMu3gf+LpI5bI1XA3R8KbXB2snnz6wM7OzArfqvreX+m+xP1CK6nVpAIgpkZqfw
 QkQ1xPJk7Q25vex/pPcsgLO0Vxf0i4vpydK+fYnf30S4WvGQVq6OHZWFFv2zM2YB
 7TWxjG+KryM7j6JSXdUiSTKP3nX84TW/IMIWuZMR1nuOa8N5M4yD3uc+3EBTjSbq
 P/dxfmkp2hQKnlZVBWqCjJDhtxwUYTF4iZ/pbSVeGbgHCh1674ml+airb4K9ltNU
 0vR0JChD12YJaafjaAyIrqqKwDGvnN+H5wyhCodEV9w8jthbcU04Jfmi1auB9UxT
 y7/sgbV64W2o5hBwxY3RXjZkVLpDsw==
 =Mtr7
 -----END PGP SIGNATURE-----

Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4

Pull ext4 fixes from Ted Ts'o:
 "A large number of ext4 bug fixes and cleanups for v4.13"

* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
  ext4: fix copy paste error in ext4_swap_extents()
  ext4: fix overflow caused by missing cast in ext4_resize_fs()
  ext4, project: expand inode extra size if possible
  ext4: cleanup ext4_expand_extra_isize_ea()
  ext4: restructure ext4_expand_extra_isize
  ext4: fix forgetten xattr lock protection in ext4_expand_extra_isize
  ext4: make xattr inode reads faster
  ext4: inplace xattr block update fails to deduplicate blocks
  ext4: remove unused mode parameter
  ext4: fix warning about stack corruption
  ext4: fix dir_nlink behaviour
  ext4: silence array overflow warning
  ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
  ext4: release discard bio after sending discard commands
  ext4: convert swap_inode_data() over to use swap() on most of the fields
  ext4: error should be cleared if ea_inode isn't added to the cache
  ext4: Don't clear SGID when inheriting ACLs
  ext4: preserve i_mode if __ext4_set_acl() fails
  ext4: remove unused metadata accounting variables
  ext4: correct comment references to ext4_ext_direct_IO()
2017-08-06 12:31:17 -07:00
Linus Torvalds
6ea1bc9b1a Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus
Pull MIPS fixes from Ralf Baechle:
 "This fixes two build issues for ralink platforms, both due to missing
  #includes which used to be included indirectly via other headers"

* 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
  MIPS: ralink: mt7620: Add missing header
  MIPS: ralink: Fix build error due to missing header
2017-08-06 11:52:01 -07:00
Dmitry V. Levin
fbb77611e9 Fix compat_sys_sigpending breakage
The latest change of compat_sys_sigpending in commit 8f13621abc
("sigpending(): move compat to native") has broken it in two ways.

First, it tries to write 4 bytes more than userspace expects:
sizeof(old_sigset_t) == sizeof(long) == 8 instead of
sizeof(compat_old_sigset_t) == sizeof(u32) == 4.

Second, on big endian architectures these bytes are being written in the
wrong order.

This bug was found by strace test suite.

Reported-by: Anatoly Pugachev <matorola@gmail.com>
Inspired-by: Eugene Syromyatnikov <evgsyr@gmail.com>
Fixes: 8f13621abc ("sigpending(): move compat to native")
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
Acked-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-08-06 11:48:27 -07:00
Maninder Singh
4e56201321 ext4: fix copy paste error in ext4_swap_extents()
This bug was found by a static code checker tool for copy paste
problems.

Signed-off-by: Maninder Singh <maninder1.s@samsung.com>
Signed-off-by: Vaneet Narang <v.narang@samsung.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-06 01:33:07 -04:00
Jerry Lee
aec51758ce ext4: fix overflow caused by missing cast in ext4_resize_fs()
On a 32-bit platform, the value of n_blcoks_count may be wrong during
the file system is resized to size larger than 2^32 blocks.  This may
caused the superblock being corrupted with zero blocks count.

Fixes: 1c6bd7173d
Signed-off-by: Jerry Lee <jerrylee@qnap.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org # 3.7+
2017-08-06 01:18:31 -04:00
Miao Xie
c03b45b853 ext4, project: expand inode extra size if possible
When upgrading from old format, try to set project id
to old file first time, it will return EOVERFLOW, but if
that file is dirtied(touch etc), changing project id will
be allowed, this might be confusing for users, we could
try to expand @i_extra_isize here too.

Reported-by: Zhang Yi <yi.zhang@huawei.com>
Signed-off-by: Miao Xie <miaoxie@huawei.com>
Signed-off-by: Wang Shilong <wshilong@ddn.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-06 01:00:49 -04:00
Miao Xie
b640b2c51b ext4: cleanup ext4_expand_extra_isize_ea()
Clean up some goto statement, make ext4_expand_extra_isize_ea() clearer.

Signed-off-by: Miao Xie <miaoxie@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Wang Shilong <wshilong@ddn.com>
2017-08-06 00:55:48 -04:00
Miao Xie
cf0a5e818f ext4: restructure ext4_expand_extra_isize
Current ext4_expand_extra_isize just tries to expand extra isize, if
someone is holding xattr lock or some check fails, it will give up.
So rename its name to ext4_try_to_expand_extra_isize.

Besides that, we clean up unnecessary check and move some relative checks
into it.

Signed-off-by: Miao Xie <miaoxie@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Wang Shilong <wshilong@ddn.com>
2017-08-06 00:40:01 -04:00
Miao Xie
3b10fdc6d8 ext4: fix forgetten xattr lock protection in ext4_expand_extra_isize
We should avoid the contention between the i_extra_isize update and
the inline data insertion, so move the xattr trylock in front of
i_extra_isize update.

Signed-off-by: Miao Xie <miaoxie@huawei.com>
Reviewed-by: Wang Shilong <wshilong@ddn.com>
2017-08-06 00:27:38 -04:00
Tahsin Erdogan
9699d4f91d ext4: make xattr inode reads faster
ext4_xattr_inode_read() currently reads each block sequentially while
waiting for io operation to complete before moving on to the next
block. This prevents request merging in block layer.

Add a ext4_bread_batch() function that starts reads for all blocks
then optionally waits for them to complete. A similar logic is used
in ext4_find_entry(), so update that code to use the new function.

Signed-off-by: Tahsin Erdogan <tahsin@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-06 00:07:01 -04:00
Tahsin Erdogan
ec00022030 ext4: inplace xattr block update fails to deduplicate blocks
When an xattr block has a single reference, block is updated inplace
and it is reinserted to the cache. Later, a cache lookup is performed
to see whether an existing block has the same contents. This cache
lookup will most of the time return the just inserted entry so
deduplication is not achieved.

Running the following test script will produce two xattr blocks which
can be observed in "File ACL: " line of debugfs output:

  mke2fs -b 1024 -I 128 -F -O extent /dev/sdb 1G
  mount /dev/sdb /mnt/sdb

  touch /mnt/sdb/{x,y}

  setfattr -n user.1 -v aaa /mnt/sdb/x
  setfattr -n user.2 -v bbb /mnt/sdb/x

  setfattr -n user.1 -v aaa /mnt/sdb/y
  setfattr -n user.2 -v bbb /mnt/sdb/y

  debugfs -R 'stat x' /dev/sdb | cat
  debugfs -R 'stat y' /dev/sdb | cat

This patch defers the reinsertion to the cache so that we can locate
other blocks with the same contents.

Signed-off-by: Tahsin Erdogan <tahsin@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
2017-08-05 22:41:42 -04:00
Tahsin Erdogan
77a2e84d51 ext4: remove unused mode parameter
ext4_alloc_file_blocks() does not use its mode parameter. Remove it.

Signed-off-by: Tahsin Erdogan <tahsin@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-05 22:15:45 -04:00
Arnd Bergmann
2df2c3402f ext4: fix warning about stack corruption
After commit 62d1034f53e3 ("fortify: use WARN instead of BUG for now"),
we get a warning about possible stack overflow from a memcpy that
was not strictly bounded to the size of the local variable:

    inlined from 'ext4_mb_seq_groups_show' at fs/ext4/mballoc.c:2322:2:
include/linux/string.h:309:9: error: '__builtin_memcpy': writing between 161 and 1116 bytes into a region of size 160 overflows the destination [-Werror=stringop-overflow=]

We actually had a bug here that would have been found by the warning,
but it was already fixed last year in commit 30a9d7afe7 ("ext4: fix
stack memory corruption with 64k block size").

This replaces the fixed-length structure on the stack with a variable-length
structure, using the correct upper bound that tells the compiler that
everything is really fine here. I also change the loop count to check
for the same upper bound for consistency, but the existing code is
already correct here.

Note that while clang won't allow certain kinds of variable-length arrays
in structures, this particular instance is fine, as the array is at the
end of the structure, and the size is strictly bounded.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-05 21:57:46 -04:00
Andreas Dilger
c741489206 ext4: fix dir_nlink behaviour
The dir_nlink feature has been enabled by default for new ext4
filesystems since e2fsprogs-1.41 in 2008, and was automatically
enabled by the kernel for older ext4 filesystems since the
dir_nlink feature was added with ext4 in kernel 2.6.28+ when
the subdirectory count exceeded EXT4_LINK_MAX-1.

Automatically adding the file system features such as dir_nlink is
generally frowned upon, since it could cause the file system to not be
mountable on older kernel, thus preventing the administrator from
rolling back to an older kernel if necessary.

In this case, the administrator might also want to disable the feature
because glibc's fts_read() function does not correctly optimize
directory traversal for directories that use st_nlinks field of 1 to
indicate that the number of links in the directory are not tracked by
the file system, and could fail to traverse the full directory
hierarchy.  Fortunately, in the past ten years very few users have
complained about incomplete file system traversal by glibc's
fts_read().

This commit also changes ext4_inc_count() to allow i_nlinks to reach
the full EXT4_LINK_MAX links on the parent directory (including "."
and "..") before changing i_links_count to be 1.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=196405
Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-05 19:47:34 -04:00
Dan Carpenter
381cebfe72 ext4: silence array overflow warning
I get a static checker warning:

    fs/ext4/ext4.h:3091 ext4_set_de_type()
    error: buffer overflow 'ext4_type_by_mode' 15 <= 15

It seems unlikely that we would hit this read overflow in real life, but
it's also simple enough to make the array 16 bytes instead of 15.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2017-08-05 19:00:31 -04:00
Jan Kara
fcf5ea1099 ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
ext4_find_unwritten_pgoff() does not properly handle a situation when
starting index is in the middle of a page and blocksize < pagesize. The
following command shows the bug on filesystem with 1k blocksize:

  xfs_io -f -c "falloc 0 4k" \
            -c "pwrite 1k 1k" \
            -c "pwrite 3k 1k" \
            -c "seek -a -r 0" foo

In this example, neither lseek(fd, 1024, SEEK_HOLE) nor lseek(fd, 2048,
SEEK_DATA) will return the correct result.

Fix the problem by neglecting buffers in a page before starting offset.

Reported-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Jan Kara <jack@suse.cz>
CC: stable@vger.kernel.org # 3.8+
2017-08-05 17:43:24 -04:00
Mario Limonciello
946da69954 platform/x86: intel-vbtn: match power button on press rather than release
This fixes a problem where the system gets stuck in a loop
unable to wakeup via power button in s2idle.

The problem happens because:
 - press power button:
   - system emits 0xc0 (power press), event ignored
   - system emits 0xc1 (power release), event processed,
     emited as KEY_POWER
   - set wakeup_mode to true
   - system goes to s2idle
 - press power button
   - system emits 0xc0 (power press), wakeup_mode is true,
     system wakes
   - system emits 0xc1 (power release), event processed,
     emited as KEY_POWER
   - system goes to s2idle again

To avoid this situation, process the presses (which matches what
intel-hid does too).

Verified on an Dell XPS 9365

Signed-off-by: Mario Limonciello <mario.limonciello@dell.com>
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Signed-off-by: Darren Hart (VMware) <dvhart@infradead.org>
2017-08-05 14:37:19 -07:00
Linus Torvalds
0fdd951c9b media fixes for v4.13-rc2
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJZhZWFAAoJEAhfPr2O5OEV690P/10GYZrdz4QbhTP0l0M6/VZv
 KXmW+zFzmmt8NQCxo8RUflcmWezTHzlVmcFpYiX1GWWXC6tnjlc+PVwTHOjLkpdK
 UO/0K8UDQwahUa84XaoDJmT/xd+JaXJSxu78gqHF7KTyVPj8qPxjjZhdBSEV83/E
 tH3q1si0QS6hRWNh3Cb4VqeimV0qGS/onu6uFTgBuTXZRh4iyOYxC7NRQOxw0eu5
 VrNvmYOWDWGaoGKII6XoHTjOuVvmCCgNDRh3YrM73elT+W4FCfej6CqsbiQQvYf9
 PL0aroi2sIyhTGLR3dtQ5KjfIExUF/lZ3hpp+rByW5HebJXrBTEW7YgSvmf1eeJt
 dhP901Y1rp6cj8cjKroCh5Gh0WMV4cnboA7iKxhpiEcV6/Iid1aB2qLvwuSXrdlM
 DRqXic9iFTljtEZuFz8/HgxQO6f84ljc6yMaapQHiGDlx/CD0aSJOBEAxTRYfKXt
 R36E2Um2Wo5GMvcaHf8GNlwyKipZbn4ECI9zdqH7rlCGa6xc3nr+3VoY/KqUd7ZS
 OhHh8c8bQEhCAG56yGEbUsmS5zUjY1nrD4eLEA3hZI1kSw+KQOrvYXtQsZp7X06h
 ih0XvyEDH5ATFBH8P7hr+NvtdEh5WzOFkNmrv3POhYn8dLrixeC3cgy+5jVcsh0j
 GCm20eNXdsjfebAE9Bgb
 =wQ04
 -----END PGP SIGNATURE-----

Merge tag 'media/v4.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media

Pull media fixes from Mauro Carvalho Chehab:
 "This series is larger than I would like to submit for -rc4. My
  original intent were to sent it to either -rc2 or -rc3. Unfortunately,
  due to my vacations, I got a lot of pending stuff after my return, and
  had to do some biz trips, with prevented me to send this earlier.

  Several fixes:

   - some fixes at atomisp staging driver

   - several gcc 7 warning fixes

   - cleanup media SVG files, in order to fix PDF build on some distros

   - fix random Kconfig build of venus driver

   - some fixes for the venus driver

   - some changes from semaphone to mutex in ngene's driver

   - some locking fixes at dib0700 driver

   - several fixes on ngene's driver and frontends to make it properly
     support some new boards added on Kernel 4.13

   - some fixes to CEC drivers

   - omap_vout: vrfb: convert to dmaengine

   - docs-rst: document EBUSY for VIDIOC_S_FMT

  Please notice that the big diffstat changes here are at the SVG files.

  Visually, the images look the same, but the file size is now a lot
  smaller than before, and they don't use some XML tags that would cause
  them to be badly parsed by some ImageMagick versions, or to require a
  lot of memory by TeTex, with would break PDF output on some
  distributions"

* tag 'media/v4.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (68 commits)
  media: atomisp2: array underflow in imx_enum_frame_size()
  media: atomisp2: array underflow in ap1302_enum_frame_size()
  media: atomisp2: Array underflow in atomisp_enum_input()
  media: platform: davinci: drop VPFE_CMD_S_CCDC_RAW_PARAMS
  media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl
  media: venus: don't abuse dma_alloc for non-DMA allocations
  media: venus: hfi: fix error handling in hfi_sys_init_done()
  media: venus: fix compile-test build on non-qcom ARM platform
  media: venus: mark PM functions as __maybe_unused
  media: cec-notifier: small improvements
  media: pulse8-cec: persistent_config should be off by default
  media: cec: cec_transmit_attempt_done: ignore CEC_TX_STATUS_MAX_RETRIES
  media: staging: atomisp: array underflow in ioctl
  media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
  media: svg: avoid too long lines
  media: svg files: simplify files
  media: selection.svg: simplify the SVG file
  media: vimc: set id_table for platform drivers
  media: staging: atomisp: disable warnings with cc-disable-warning
  media: davinci: variable 'common' set but not used
  ...
2017-08-05 14:09:26 -07:00
Daeho Jeong
e45105772d ext4: release discard bio after sending discard commands
We've changed the discard command handling into parallel manner.
But, in this change, I forgot decreasing the usage count of the bio
which was used to send discard request. I'm sorry about that.

Fixes: a015434480 ("ext4: send parallel discards on commit completions")
Signed-off-by: Daeho Jeong <daeho.jeong@samsung.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Jan Kara <jack@suse.cz>
2017-08-05 13:11:57 -04:00
Linus Torvalds
aab7761c4f GPIO fixes in the first take after v4.13-rc1:
- LP87565: set the proper output level for direction_output.
 
 - stm32: fix the kernel build by selecting the hierarchical
   irqdomain symbol properly - this happens to be done in the
   pin control framework but whatever, it had dependencies to
   GPIO so we need to apply it here.
 
 - Select the hierarchical IRQ domain also for Xgene.
 
 - Fix wakeups to work on MXC.
 
 - Fix up the device tree binding on Exar that went astray,
   also add the right bindings.
 
 - Fix the unwanted events for edges from the library.
 
 - Fix the unbalanced chanined IRQ on the Tegra.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJZhZFuAAoJEEEQszewGV1zAmIP/iuxZJLY8LM+eJ3FwR8xnzF1
 qcOEoSEdKFTJUeZYSRE25LVxxBBGotKEzojLpjaBhQ9ikGnbtWlYv8VDi1SjIGb2
 A4r+Ba55/ScOax1oyFJSytdczx8WcxekTfQDs+CtAi5JO+GTNTUw2MYIKo1CjEX4
 gYHcLWJ16t0j/S/96Md1q3P2/ynhBcPF3mGoKSJzEW7iTTpLBjIscfiGGQpjX9fA
 k9WEhx9XvMLGCBTlrxR3WIzMQlYhfk3uY9C4MqtFiX86R6XsbXm256R4M+l0a31W
 I2TzVMJV5nUwIyPg8PpL53s1CiksbT1Yu1HlH01NXUpMxIVwotIRQe5eEKfdTULb
 wcLhj32skRGX7Kpz1SXWnm9LsCQlpwAHrZ4e1q509Fc/yFvinS/MJZ5Dtifs83I4
 91XN/ZZUfSCAKI3B2MkB1MjwnOG2ifTqtlBLidDaAmxgImsL9mEInlXw2J44M60g
 gpBPzggCTph/xZxnorMYmAZ5n/WKjwIX2+iT6qbxuADG4rgcsdM5m1GmRF2/WAxS
 VH6jJfT3H8NRZ/lzVLxYjyjmaxdEqZcI4LIBaUhm50dz68SLcbB5H4t50xdMAFVt
 PiwkLbQQj//R4iNk4zHuCpsc53kJvL3jRIvtXw/pxlEbXFM7l6ikmxopmmjMAldh
 BPulF1CrT9we9Qq+ocbf
 =0ZOK
 -----END PGP SIGNATURE-----

Merge tag 'gpio-v4.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio

Pull GPIO fixes from Linus Walleij:

 - LP87565: set the proper output level for direction_output.

 - stm32: fix the kernel build by selecting the hierarchical irqdomain
   symbol properly - this happens to be done in the pin control
   framework but whatever, it had dependencies to GPIO so we need to
   apply it here.

 - Select the hierarchical IRQ domain also for Xgene.

 - Fix wakeups to work on MXC.

 - Fix up the device tree binding on Exar that went astray, also add the
   right bindings.

 - Fix the unwanted events for edges from the library.

 - Fix the unbalanced chanined IRQ on the Tegra.

* tag 'gpio-v4.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
  gpio: tegra: fix unbalanced chained_irq_enter/exit
  gpiolib: skip unwanted events, don't convert them to opposite edge
  gpio: exar: Use correct property prefix and document bindings
  gpio: gpio-mxc: Fix: higher 16 GPIOs usable as wake source
  gpio: xgene-sb: select IRQ_DOMAIN_HIERARCHY
  pinctrl: stm32: select IRQ_DOMAIN_HIERARCHY instead of depends on
  gpio: lp87565: Set proper output level and direction for direction_output
  MAINTAINERS: Add entry for Whiskey Cove PMIC GPIO driver
2017-08-05 06:55:13 -07:00
Linus Torvalds
ef9ca02baa A handful of critical fixes for changes introduce this merge window. The TI
sci_clk_get() API was pretty broken and nobody noticed. There were some
 CPUfreq crashes on C.H.I.P devices because we failed to propagate rates
 up the clk tree. Also, the Intel Atom PMC clk driver needs to mark a clk
 critical if the firmware has it enabled already so that audio doesn't get
 killed on Baytrail. Gemini devices have a dead serial console because
 the reset control usage in the serial driver assume one method of reset
 that gemini doesn't support (this will be fixed in the next version in
 the reset framework so this is the small fix for -rc series). Finally
 we have two rate calculation fixes, one for Exynos and one for Meson SoCs,
 that fix rate inconsistencies.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABCAAGBQJZhPRKAAoJEK0CiJfG5JUlY7MP/3hSev0xnS7HDLdaVfyMDGuI
 RMo4wNmScma098CeEoGXCHw+Sd2i4HqqrbEPh0dohJSCPm2kotS5zjf7UhCKNROt
 VKKykz9p/YdBvC01txzqRwOr/iwTASt1981C/vjorxvoE7LaYT1qduY4OBrhFhce
 CyIRljk7fuoX01I5jEp/VwShlO+Pn5PxJ44jImBXd/A7SWX/wiviXOvHsZLNStVn
 PLDlS2EW5B7nLwqWFuUu9/UMOjdpstgS4vCfksYeeEwc9llLg/Fm40m+rPMNOHl8
 A+bxYVRU273Wzp8HM2bLzq7JDJZ8mlgGF5ov2ARNaUB1ZYixPVTQPhtfWo918hhC
 M+Fj5PBlzL5Hnm5rG0fqfABn/QUvSj6BUh4ykUwao3sF/hSK1f8WUcltE/+p30UP
 DPotIrcNUZsshXRcKEOY4NwXs4pAAEjRAdmgh+vZRblbvuUZayDcdmti9l7LFvBo
 6RtAKXIZFtOQ5IdHwkmHRYYcKCHnJTnuyao0VRid6cnJ6x11wwjmwP8M71C1kJ83
 LOWVz4/vys6tD59xOm+oriGJwQATscOlkt7QsbVJLhSIsZ37NxLdnPVY0W/HLMK+
 RpWyHXwW9tHWRpYmMM0luQm/UhWNXVxV8VezaTIU+NBq41vGJPYOMPLUUhHHLC9N
 UDqN6Rnr15NvhoeUnYlg
 =/JMb
 -----END PGP SIGNATURE-----

Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux

Pull clk fixes from Stephen Boyd:
 "A handful of critical fixes for changes introduce this merge window.

   - The TI sci_clk_get() API was pretty broken and nobody noticed.

   - There were some CPUfreq crashes on C.H.I.P devices because we
     failed to propagate rates up the clk tree.

   - Also, the Intel Atom PMC clk driver needs to mark a clk critical if
     the firmware has it enabled already so that audio doesn't get
     killed on Baytrail.

   - Gemini devices have a dead serial console because the reset control
     usage in the serial driver assume one method of reset that gemini
     doesn't support (this will be fixed in the next version in the
     reset framework so this is the small fix for -rc series).

   - Finally we have two rate calculation fixes, one for Exynos and one
     for Meson SoCs, that fix rate inconsistencies"

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  clk: keystone: sci-clk: Fix sci_clk_get
  clk: meson: mpll: fix mpll0 fractional part ignored
  clk: samsung: exynos5420: The EPLL rate table corrections
  clk: sunxi-ng: sun5i: Add clk_set_rate_parent to the CPU clock
  clk: x86: Do not gate clocks enabled by the firmware
  clk: gemini: Fix reset regression
2017-08-04 16:45:29 -07:00
Linus Torvalds
6999507416 KVM fixes for v4.13-rc4
ARM:
  - Yet another race with VM destruction plugged
  - A set of small vgic fixes
 
 x86:
  - Preserve pending INIT
  - RCU fixes in paravirtual async pf, VM teardown, and VMXOFF emulation
  - nVMX interrupt injection and dirty tracking fixes
  - initialize to make UBSAN happy
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJZhNZ2AAoJEED/6hsPKofoKDEH/iIw1pcgdEW2NP/kFtKXSMCK
 josdFwGPQMjBGzx6No4tfMCNDOjW2FKYXapN6CASAqMJo5H2krj8VHMVwm0h3lUl
 4RdbbkFTdfl/Znp8M39efFheWrjX+L37AltKV7xAgA7n8cO39KV4RReimzSc7aVq
 5dDt4k0dbF9/zXHxkGiKEhwaSSbZEEznQQ/09annSoOVe6om5esUrUtnUF5P99uz
 IhAsmJbZxE5VmowjT5MjaR1mXSLLNL55HWKvkf3B3ZGnyxQU+3Vz7IGf2Ma2j+jV
 IrdXA11NHDY1anDYgDhFlr3rTCPu9CBmTv4O8zsDRlX9TGpr8bBX2dvjRKl7uOo=
 =KM80
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM fixes from Radim Krčmář:
 "ARM:

   - Yet another race with VM destruction plugged

   - A set of small vgic fixes

  x86:

   - Preserve pending INIT

   - RCU fixes in paravirtual async pf, VM teardown, and VMXOFF
     emulation

   - nVMX interrupt injection and dirty tracking fixes

   - initialize to make UBSAN happy"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: arm/arm64: vgic: Use READ_ONCE fo cmpxchg
  KVM: nVMX: Fix interrupt window request with "Acknowledge interrupt on exit"
  KVM: nVMX: mark vmcs12 pages dirty on L2 exit
  kvm: nVMX: don't flush VMCS12 during VMXOFF or VCPU teardown
  KVM: nVMX: do not pin the VMCS12
  KVM: avoid using rcu_dereference_protected
  KVM: X86: init irq->level in kvm_pv_kick_cpu_op
  KVM: X86: Fix loss of pending INIT due to race
  KVM: async_pf: make rcu irq exit if not triggered from idle task
  KVM: nVMX: fixes to nested virt interrupt injection
  KVM: nVMX: do not fill vm_exit_intr_error_code in prepare_vmcs12
  KVM: arm/arm64: Handle hva aging while destroying the vm
  KVM: arm/arm64: PMU: Fix overflow interrupt injection
  KVM: arm/arm64: Fix bug in advertising KVM_CAP_MSI_DEVID capability
2017-08-04 15:18:27 -07:00
Linus Torvalds
0d5b994407 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 fix from Thomas Gleixner:
 "The recent irq core changes unearthed API abuse in the HPET code,
  which manifested itself in a suspend/resume regression.

  The fix replaces the cruft with the proper function calls and cures
  the regression"

* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/hpet: Cure interface abuse in the resume path
2017-08-04 15:16:09 -07:00