Commit Graph

740974 Commits

Author SHA1 Message Date
David S. Miller
3d27484eba Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
Daniel Borkmann says:

====================
pull-request: bpf 2018-03-21

The following pull-request contains BPF updates for your *net* tree.

The main changes are:

1) Follow-up fix to the fault injection framework to prevent jump
   optimization on the kprobe by installing a dummy post-handler,
   from Masami.

2) Drop bpf_perf_prog_read_value helper from tracepoint type programs
   which was mistakenly added there and would otherwise crash due to
   wrong input context, from Yonghong.

3) Fix a crash in BPF fs when compiled with clang. Code appears to
   be fine just that clang tries to overly aggressive optimize in
   non C conform ways, therefore fix the kernel's Makefile to
   generally prevent such issues, from Daniel.

4) Skip unnecessary capability checks in bpf syscall, which is otherwise
   triggering unnecessary security hooks on capability checking and
   causing false alarms on unprivileged processes trying to access
   CAP_SYS_ADMIN restricted infra, from Chenbo.

5) Fix the test_bpf.ko module when CONFIG_BPF_JIT_ALWAYS_ON is set
   with regards to a test case that is really just supposed to fail
   on x8_64 JIT but not others, from Thadeu.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-21 12:09:04 -04:00
Chris Wilson
3a088dd1b7 drm/i915: Specify which engines to reset following semaphore/event lockups
If the GPU is stuck waiting for an event or for a semaphore, we need to
reset the GPU in order to recover. We have to tell the reset routine
which engines we want reset, but we were still using the old interface
and declaring it as "not-fatal".

Fixes: 14b730fcb8 ("drm/i915/tdr: Prepare error handler to accept mask of hung engines")
Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Cc: Mika Kuoppala <mika.kuoppala@intel.com>
Cc: Michel Thierry <michel.thierry@intel.com>
Reviewed-by: Michel Thierry <michel.thierry@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20180320100449.1360-1-chris@chris-wilson.co.uk
(cherry picked from commit ca98317b89)
Signed-off-by: Rodrigo Vivi <rodrigo.vivi@intel.com>
2018-03-21 07:59:08 -07:00
Joonas Lahtinen
8c5cb3c1c5 Merge tag 'gvt-next-fixes-2018-03-20' of https://github.com/intel/gvt-linux into drm-intel-next-fixes
gvt-next-fixes-2018-03-20

- No need warning on untracked regs (Colin)
- Error handling fix for dma unmap (Changbin)
- invalidate shadow ppgtt for vGPU reset (Zhi)
- ensure to update shadow ppgtt after pinned (Zhi)
- force guest ctx ctrl update for sanity (Zhenyu/Xiong)
- one typo fix (Colin)

Signed-off-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20180320024108.f3fdwunm55zhk6gw@zhen-hp.sh.intel.com
2018-03-21 16:25:16 +02:00
Sean Paul
1c7095d283 Merge airlied/drm-next into drm-misc-next
Refresh -misc-next

Signed-off-by: Sean Paul <seanpaul@chromium.org>
2018-03-21 09:40:55 -04:00
Johannes Berg
60b01bcce9 ath9k_htc: use non-QoS NDP for AP probing
When switching mac80211 to use QoS NDP, it turned out that
ath9k_htc is somehow broken by this, e.g. see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891060.

Fix this by using the new mac80211 flag to go back to the
old, incorrect, behaviour for this driver.

Fixes: 7b6ddeaf27 ("mac80211: use QoS NDP for AP probing")
Reported-by: Ben Caradoc-Davies <ben@transient.nz>
Acked-by: Kalle Valo <kvalo@codeaurora.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-03-21 13:01:55 +01:00
Andrew Zaborowski
4ea5aca27e mac80211_hwsim: Set wmediumd for new radios
Set the wmediumd to the net's wmediumd when the radio gets created.
Radios created after HWSIM_CMD_REGISTER don't currently get their
data->wmediumd set and the userspace would need to reconnect to
netlink to be able to call HWSIM_CMD_REGISTER again.

Alternatively I think data->netgroup and data->wmedium could be
replaced with a pointer to hwsim_net.

Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-03-21 13:01:54 +01:00
Adrian Hunter
d58ac803cf mmc: sdhci-acpi: Fix IRQ 0
Zero is a valid IRQ number and is being used on some CHT tablets. Stop
treating it as an error.

Reported-by: Luke Ross <luke@lukeross.name>
Fixes: 1b7ba57ecc ("mmc: sdhci-acpi: Handle return value of platform_get_irq")
Cc: Arvind Yadav <arvind.yadav.cs@gmail.com>
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Cc: stable@vger.kernel.org
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
2018-03-21 11:10:20 +01:00
Ben Caradoc-Davies
7c181f4fcd mac80211: add ieee80211_hw flag for QoS NDP support
Commit 7b6ddeaf27 ("mac80211: use QoS NDP for AP probing") added an
argument qos_ok to ieee80211_nullfunc_get to support QoS NDP. Despite
the claim in the commit log "Change all the drivers to *not* allow
QoS NDP for now, even though it looks like most of them should be OK
with that", this commit enables QoS NDP in response to beacons (see
change to mlme.c:ieee80211_send_nullfunc), causing ath9k_htc to lose
IP connectivity. See:
https://patchwork.kernel.org/patch/10241109/
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891060

Introduce a hardware flag to allow such buggy drivers to override the
correct default behaviour of mac80211 of sending QoS NDP packets.

Signed-off-by: Ben Caradoc-Davies <ben@transient.nz>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2018-03-21 10:56:18 +01:00
Thomas Hellstrom
73a88250b7 drm/vmwgfx: Fix a destoy-while-held mutex problem.
When validating legacy surfaces, the backup bo might be destroyed at
surface validate time. However, the kms resource validation code may have
the bo reserved, so we will destroy a locked mutex. While there shouldn't
be any other users of that mutex when it is destroyed, it causes a lock
leak and thus throws a lockdep error.

Fix this by having the kms resource validation code hold a reference to
the bo while we have it reserved. We do this by introducing a validation
context which might come in handy when the kms code is extended to validate
multiple resources or buffers.

Cc: <stable@vger.kernel.org>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Brian Paul <brianp@vmware.com>
Reviewed-by: Sinclair Yeh <syeh@vmware.com>
2018-03-21 10:52:01 +01:00
Thomas Hellstrom
140bcaa23a drm/vmwgfx: Fix black screen and device errors when running without fbdev
When we are running without fbdev, transitioning from the login screen to
X or gnome-shell/wayland will cause a vt switch and the driver will disable
svga mode, losing all modesetting resources. However, the kms atomic state
does not reflect that and may think that a crtc is still turned on, which
will cause device errors when we try to bind an fb to the crtc, and the
screen will remain black.

Fix this by turning off all kms resources before disabling svga mode.

Cc: <stable@vger.kernel.org>
Signed-off-by: Thomas Hellstrom <thellstrom@vmware.com>
Reviewed-by: Sinclair Yeh <syeh@vmware.com>
2018-03-21 10:51:23 +01:00
Daniel Stone
b24791fe00 drm: Reject getfb for multi-plane framebuffers
getfb can only return a single plane, so reject attempts to use it with
multi-plane framebuffers.

Signed-off-by: Daniel Stone <daniels@collabora.com>
Reported-by: Daniel van Vugt <daniel.van.vugt@canonical.com>
Reviewed-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Fixes: 308e5bcbdb ("drm: add an fb creation ioctl that takes a pixel format v5")
Cc: stable@vger.kernel.org # v3.3+
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105518
Link: https://patchwork.freedesktop.org/patch/msgid/20180320225839.30905-1-daniels@collabora.com
2018-03-21 09:43:21 +00:00
Takashi Iwai
a8d7bde23e ALSA: hda - Force polling mode on CFL for fixing codec communication
We've observed too long probe time with Coffee Lake (CFL) machines,
and the likely cause is some communication problem between the
HD-audio controller and the codec chips.  While the controller expects
an IRQ wakeup for each codec response, it seems sometimes missing, and
it takes one second for the controller driver to time out and read the
response in the polling mode.

Although we aren't sure about the real culprit yet, in this patch, we
put a workaround by forcing the polling mode as default for CFL
machines; the polling mode itself isn't too heavy, and much better
than other workarounds initially suggested (e.g. disabling
power-save), at least.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199007
Fixes: e79b0006c4 ("ALSA: hda - Add Coffelake PCI ID")
Reported-and-tested-by: Hui Wang <hui.wang@canonical.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
2018-03-21 10:23:07 +01:00
Jagdish Gediya
6b00c35138 mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0
Due to missing information in Hardware manual, current
implementation doesn't read ECCSTAT0 and ECCSTAT1 registers
for IFC 2.0.

Add support to read ECCSTAT0 and ECCSTAT1 registers during
ecccheck for IFC 2.0.

Fixes: 656441478e ("mtd: nand: ifc: Fix location of eccstat registers for IFC V1.0")
Cc: stable@vger.kernel.org # v3.18+
Signed-off-by: Jagdish Gediya <jagdish.gediya@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
2018-03-21 10:22:28 +01:00
Jagdish Gediya
843c3a5999 mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0
Number of ECC status registers i.e. (ECCSTATx) has been increased in IFC
version 2.0.0 due to increase in SRAM size. This is causing eccstat
array to over flow.

So, replace eccstat array with u32 variable to make it fail-safe and
independent of number of ECC status registers or SRAM size.

Fixes: bccb06c353 ("mtd: nand: ifc: update bufnum mask for ver >= 2.0.0")
Cc: stable@vger.kernel.org # 3.18+
Signed-off-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Signed-off-by: Jagdish Gediya <jagdish.gediya@nxp.com>
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
2018-03-21 10:18:34 +01:00
Jagdish Gediya
fa8e6d58c5 mtd: nand: fsl_ifc: Fix nand waitfunc return value
As per the IFC hardware manual, Most significant 2 bytes in
nand_fsr register are the outcome of NAND READ STATUS command.

So status value need to be shifted and aligned as per the nand
framework requirement.

Fixes: 82771882d9 ("NAND Machine support for Integrated Flash Controller")
Cc: stable@vger.kernel.org # v3.18+
Signed-off-by: Jagdish Gediya <jagdish.gediya@nxp.com>
Reviewed-by: Prabhakar Kushwaha <prabhakar.kushwaha@nxp.com>
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
2018-03-21 10:13:13 +01:00
Santha Meena Ramamoorthy
2793c1d77a drm/qxl: Replace drm_gem_object_reference/unreference() with _get/put()
Replace drm_gem_object_reference/unreference function with *_get/put()
suffixes, because it is shorter and consistent with the kernel
kref_get/put() functions. The following Coccinelle script was used:

@@
expression e;
@@

(
-drm_gem_object_reference(e);
+drm_gem_object_get(e);
|
-drm_gem_object_unreference(e);
+drm_gem_object_put(e);
|
-drm_gem_object_unreference_unlocked(e);
+drm_gem_object_put_unlocked(e);
)

Signed-off-by: Santha Meena Ramamoorthy <santhameena13@gmail.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: https://patchwork.freedesktop.org/patch/msgid/1521570567-22519-1-git-send-email-santhameena13@gmail.com
2018-03-21 09:19:56 +01:00
Harry Wentland
731a373698 drm/amd/display: Add one to EDID's audio channel count when passing to DC
DC takes channel count to mean the actual count. cea_sad's channels
represent it as number of channels - 1.

Signed-off-by: Harry Wentland <harry.wentland@amd.com>
Reviewed-by: Tony Cheng <Tony.Cheng@amd.com>
Acked-by: Harry Wentland <harry.wentland@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
2018-03-21 00:24:47 -05:00
Harry Wentland
509648fcf0 drm/amd/display: We shouldn't set format_default on plane as atomic driver
This is still a leftover from early atomic brinup days.

Signed-off-by: Harry Wentland <harry.wentland@amd.com>
Reviewed-by: Tony Cheng <Tony.Cheng@amd.com>
Acked-by: Harry Wentland <harry.wentland@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
2018-03-21 00:23:51 -05:00
Mikita Lipski
4407a29bad drm/amd/display: Fix FMT truncation programming
Switch the order of parameters being set for depth
and mode of truncation, as it previously was not correct

Signed-off-by: Mikita Lipski <mikita.lipski@amd.com>
Reviewed-by: Harry Wentland <Harry.Wentland@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-21 00:22:35 -05:00
Mikita Lipski
8bfac12f88 drm/amd/display: Allow truncation to 10 bits
The truncation isn't being programmed if the truncation
depth is set to 2, it causes an issue with dce11.2 asic
using 6bit eDP panel. It required to truncate 12:10 in order to
perform spatial dither 10:6.

This change will allow 12:10 truncation to be enabled.

Signed-off-by: Mikita Lipski <mikita.lipski@amd.com>
Reviewed-by: Jun Lei <Jun.Lei@amd.com>
Acked-by: Harry Wentland <harry.wentland@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-21 00:22:08 -05:00
Rex Zhu
46b27ee925 drm/amd/pp: Fix unable to handle kernel paging request
when set pp table

Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Rex Zhu <Rex.Zhu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:45:10 -05:00
Rex Zhu
d3472266fb drm/amd/pp: Fix gfx ring test failed on Fiji without hw avfs support
caused by
'commit ca82cec868d1 ("drm/amd/pp: Simplified the avfs btc state on smu7")'

Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Rex Zhu <Rex.Zhu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:45:01 -05:00
Rex Zhu
eb4900aa4c drm/amdgpu: Fix kernel NULL pointer dereference in dpm functions
caused by
'commit 83e3c4615872 ("drm/amdgpu: Remove wrapper layer of smu ip functions")'

BUG: unable to handle kernel NULL pointer dereference at 00000000000005d8
[  313.241459] IP: ci_dpm_read_sensor+0x37/0xf0 [amdgpu]

Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Rex Zhu <Rex.Zhu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:44:50 -05:00
Rex Zhu
81ce8bea03 drm/amdgpu: Fix kernel NULL pointer dereference when amdgpu fini
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Rex Zhu <Rex.Zhu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:44:21 -05:00
Mikita Lipski
e5b03032e3 drm/amdgpu - Disable all irqs before disabling all CRTCs
By moving amdgpu_irq_disable_all earlier in the sequence
fixes an issue with disabling pflip interrupts:

*ERROR* dal_irq_service_dummy_ack: called for non-implemented irq source

Earlier patch fixed a memory corruption and revealed irq
warnings.This way it seems to be there no obvious issues
with unloading the module.

Signed-off-by: Mikita Lipski <mikita.lipski@amd.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:44:12 -05:00
Mikita Lipski
088e7c1617 drm/amdgpu: Disable irq on device before destroying it
Disable irq on devices before destroying them. That prevents
use-after-free memory access when unloading the driver.

Signed-off-by: Mikita Lipski <mikita.lipski@amd.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:44:03 -05:00
Mikita Lipski
ff97cba8c1 drm/amdgpu: Use atomic function to disable crtcs with dc enabled
This change fixes the deadlock when unloading the driver with displays
connected.

Signed-off-by: Mikita Lipski <mikita.lipski@amd.com>
Reviewed-by: Andrey Grodzovsky <andrey.grodzovsky@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:43:42 -05:00
Tom St Denis
864917a3b8 drm/amd/amdgpu: fix offset into page with amdgpu_iomem debugfs file
The offset inside the page wasn't included in the copy call meaning
the start of the page was being read/written instead.

Reported-by: Jay Cornwall <Jay.Cornwall@amd.com>
Signed-off-by: Tom St Denis <tom.stdenis@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:43:34 -05:00
Hawking Zhang
bd08a8d9e8 drm/amdgpu/nbio6: Correct PCIE_INDEX/DATA pair used for smn register accessing
PCIE_INDEX2/DATA2 pair will be used for smn register accessing since from vega.
PCIE_INDEX/DATA pair should be reserved for smu

Signed-off-by: Hawking Zhang <Hawking.Zhang@amd.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:43:25 -05:00
Andrey Grodzovsky
f004938f78 drm/amd/powerplay: Fix NULL pointer deref on driver unbind.
Signed-off-by: Andrey Grodzovsky <andrey.grodzovsky@amd.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:43:05 -05:00
Alex Deucher
e3ecdffac9 drm/amdgpu: add documentation for amdgpu_device.c
Add kernel doc for the functions in amdgpu_device.c

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:43:05 -05:00
Alex Deucher
3ac952b10d drm/amdgpu: add VCN to firmware query interface
Need to be able to query the VCN firmware version from
userspace to determine supported features, etc.

Reviewed-by: Huang Rui <ray.huang@amd.com>
Acked-by: Leo Liu <leo.liu@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
2018-03-20 23:42:49 -05:00
Dave Airlie
78230c46ec omapdrm patches for v4.17
* Fix sparse warnings from omapdrm
 * HPD support for DVI connector
 * Big cleanup to remove static variables
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJaqOBqAAoJEPo9qoy8lh711mMP/Aw6YI4/VOLjmqI2fMA6cTwS
 FAHIutQj2oGAsxMJ9X84CvI+HAE9kfWkV5fqcqo92Ori7whJqrmOGkEIZT8hUfOJ
 x2hyHHBOGF53X1EDqP3t8F2mETA+i7TAzxZnaDvEEIE2Ud0QzL1IdSZGFDKKDGCl
 aqX7H1h5EqwkH8XWaFUF1W4Oi3s4wQ0VM0ofEim9qNTeRG8hxuAQY8PwpmNOTKHW
 fg9OPia2yWGLlFd8d1oqPJbpLusaTRLqWfiWWp5GntZpK73Cxk59ze5b8HcCxJhX
 XvC/U0pJqzqkHhqVITreP2a7a8W9kgW4/ls2T6SHRQu2rfcrqyGBPnwtnMjYbmPD
 9o8/3P2dSoPupN/vv8zHVmPJpIfHLJvXbZAS7v8gGlX5X49fsb+Ky+AGb9wRQxll
 DmdhrCI15NEE8kz7gyCprP+f9pyV5d28doXILCRhBy6TJUtrcZExxHNQUZobW6Y9
 5AC4qXYPCW60HsvvpJGIQdy+p9W2f8PupuYyZSH8zbOgVTBI5sqX53NKWGG9iiv9
 Bzk2YoyY/zITkWLUN976IVoKk0HWKqNHwigvjs8i29FEXKerojF3kOmZfXOxyVDt
 DIUCEZg8D9tZ01SeC6bygEb+HbFvGQehj1wj7+lTJbUxnssEN0pSNk0s1lGX2yNA
 M5dNxgGUd4LvGXtLMFVX
 =YdNo
 -----END PGP SIGNATURE-----

Merge tag 'omapdrm-4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux into drm-next

omapdrm patches for v4.17

* Fix sparse warnings from omapdrm
* HPD support for DVI connector
* Big cleanup to remove static variables

* tag 'omapdrm-4.17' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux: (69 commits)
  drm/omap: fix compile error when DPI is disabled
  drm/omap: fix compile error when debugfs is disabled
  drm: omapdrm: displays: panel-dsi-cm: Fix field access before set
  drm/omap: cleanup color space conversion
  drm/omap: Allow HDMI audio setup even if we do not have video configured
  drm/omap: fix maximum sizes
  drm/omap: add writeback funcs to dispc_ops
  drm/omap: fix scaling limits for WB
  drm/omap: fix WB height with interlace
  drm/omap: fix WBDELAYCOUNT with interlace
  drm/omap: fix WBDELAYCOUNT for HDMI
  drm/omap: set WB channel-in in wb_setup()
  drm/omap: Add pclk setting case when channel is DSS_WB
  drm/omap: dispc: disp_wb_setup to check return code
  drm/omap: remove leftover enums
  dt-bindings: display: add HPD gpio to DVI connector
  drm/omap: add HPD support to connector-dvi
  drm/omap: Init fbdev emulation only when we have displays
  drm/omap: cleanup fbdev init/free
  drm/omap: fix omap_fbdev_free() when omap_fbdev_create() wasn't called
  ...
2018-03-21 14:07:03 +10:00
Dave Airlie
b65bd40311 Merge tag 'drm-msm-next-2018-03-20' of git://people.freedesktop.org/~robclark/linux into drm-next
Updates for 4.17.  Sorry, running a bit late on this, didn't have a
chance to send pull-req before heading to linaro.  But it has all been
in linux-next for a while.  Main updates:

 + DSI updates from 10nm / SDM845
 + fix for race condition with a3xx/a4xx fence completion irq
 + some refactoring/prep work for eventual a6xx support (ie. when we have
   a userspace)
 + a5xx debugfs enhancements
 + some mdp5 fixes/cleanups to prepare for eventually merging writeback
   support (ie. when we have a userspace)

* tag 'drm-msm-next-2018-03-20' of git://people.freedesktop.org/~robclark/linux: (36 commits)
  drm/msm: fix building without debugfs
  drm/msm/mdp5: don't pre-reserve LM's if no dual-dsi
  drm/msm/mdp5: add missing LM flush bits
  drm/msm/mdp5: print a bit more of the atomic state
  drm/msm/mdp5: rework CTL START signal handling
  drm/msm: Trigger fence completion from GPU
  drm/msm/dsi: fix direct caller of msm_gem_free_object()
  drm/msm: strip out msm_fence_cb
  drm/msm: rename mdp->disp
  drm/msm/dsi: Fix potential NULL pointer dereference in msm_dsi_modeset_init
  drm/msm/adreno/a5xx_debugfs: fix potential NULL pointer dereference
  drm/msm/dsi: Get byte_intf_clk only for versions that need it
  drm/msm/adreno: Use generic function to load firmware to a buffer object
  drm/msm/adreno: Define a list of firmware files to load per target
  drm/msm/adreno: Rename gpmufw to powerfw
  drm/msm: Pass the correct aperture end to drm_mm_init
  drm/msm/gpu: Set number of clocks to 0 if the list allocation fails
  drm/msm: Replace gem_object deprecated functions
  drm/msm/hdmi: fix semicolon.cocci warnings
  drm/msm/mdp5: Fix trailing semicolon
  ...
2018-03-21 14:06:00 +10:00
Dave Airlie
19c800caa6 drm/tegra: Changes for v4.17-rc1
This fixes mmap() for fbdev devices by providing a custom implementation
 based on the KMS variant. This is a fairly exotic case these days, hence
 why it is not flagged for stable.
 
 There is also support for dedicating one of the overlay planes to serve
 as a hardware cursor on older Tegra that did support hardware cursors
 but not RGBA formats for it.
 
 Planes will now also export the IN_FORMATS property by supporting the
 various block-linear tiling modifiers for RGBA pixel formats.
 
 Other than that, there's a bit of cleanup of DMA API abuse, use of the
 private object infrastructure for global state (rather than subclassing
 atomic state objects) and an implementation of ->{begin,end}_cpu_access
 callbacks for PRIME exported buffers, which allow users to perform cache
 maintenance on these buffers.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEiOrDCAFJzPfAjcif3SOs138+s6EFAlqviKkTHHRyZWRpbmdA
 bnZpZGlhLmNvbQAKCRDdI6zXfz6zod+zD/9p04Jmsbd30dttPqb1Dns1e4N/cXcP
 hLgqYjc+Apov3ksrFS7bhlmIKxMcIXvw6s/ciwapO4tNMuWfKke6+LX7eGxyzMFn
 aGm7Na0fcb+R6U7Cs8J45b9XB0NBGuz2Vv9rIne/I7BoVE1XCPfEBYgYGT6hR0cj
 fPWKAldD1CVJXJX48mIsgUe8w8PHBijN0qEfrNTmQTA/zZ4PeZQpdoilLS8lsb74
 fg9BWaTHYLchHFaLShsuSJwS/qHCMLCMv01dhCV5OlpaZWXki4iqhjuIuHeZnk3c
 ygWcmjDkE4Aaihq5mcPD1tYe8D223TW3XbtHDsl1MKVLdHliSSp3xsWlbqB42BiK
 QtXNhmEUbx4cnvNA6e/5wXTZImNHRJnkcAIMro7z5Vq3Xav+4bcPiLROd9nz28GS
 WNuAoV26YedWtK9taJEAoO6Nas6K+f2jQKcph97Rrii+LwkZqNLeHzikTXcIAwDF
 M55wIcLRt1b2a3ZPxWOE3sl0gTyMdJbITt5t2zyl3OXCnGINmSCn6Bfm8EZsFY+j
 2J8v25T6VTQC5MWyR75abppMvdqk4ihIWSmIH4vdlpj202dD5q9T+CWaLCguxZPY
 racx4bDUEJB9Gt5iJAQNVq8alDhioynygXwGbVuPY7BAiBKQWNyHBbgRWBAPGjXR
 CnGh3KfFFEFWkA==
 =gOLI
 -----END PGP SIGNATURE-----

Merge tag 'drm/tegra/for-4.17-rc1' of git://anongit.freedesktop.org/tegra/linux into drm-next

drm/tegra: Changes for v4.17-rc1

This fixes mmap() for fbdev devices by providing a custom implementation
based on the KMS variant. This is a fairly exotic case these days, hence
why it is not flagged for stable.

There is also support for dedicating one of the overlay planes to serve
as a hardware cursor on older Tegra that did support hardware cursors
but not RGBA formats for it.

Planes will now also export the IN_FORMATS property by supporting the
various block-linear tiling modifiers for RGBA pixel formats.

Other than that, there's a bit of cleanup of DMA API abuse, use of the
private object infrastructure for global state (rather than subclassing
atomic state objects) and an implementation of ->{begin,end}_cpu_access
callbacks for PRIME exported buffers, which allow users to perform cache
maintenance on these buffers.

* tag 'drm/tegra/for-4.17-rc1' of git://anongit.freedesktop.org/tegra/linux:
  drm/tegra: prime: Implement ->{begin,end}_cpu_access()
  drm/tegra: gem: Map pages via the DMA API
  drm/tegra: hub: Use private object for global state
  drm/tegra: fb: Properly support linear modifier
  drm/tegra: plane: Support format modifiers
  drm/tegra: dc: Dedicate overlay plane to cursor on older Tegra's
  drm/tegra: plane: Make tegra_plane_get_overlap_index() static
  drm/tegra: fb: Implement ->fb_mmap() callback
  drm/tegra: gem: Make __tegra_gem_mmap() available more widely
  drm/tegra: gem: Reshuffle declarations
2018-03-21 14:04:38 +10:00
Dave Airlie
4f6dd8d685 Merge branch 'for-upstream/mali-dp' of git://linux-arm.org/linux-ld into drm-next
I have accumulated some patches as we went through some internal testing
for mali-dp and I was waiting for the YUV2RGB patches to land in your
tree.

* 'for-upstream/mali-dp' of git://linux-arm.org/linux-ld:
  drm: mali-dp: Add YUV->RGB conversion support for video layers
  drm: mali-dp: Turn off CRTC vblank when removing module.
  drm: arm: malidp: Use drm_atomic_helper_shutdown() to disable planes on removal
  drm: arm: malidp: Don't destroy planes manually in error handlers
  drm/mali-dp: Fix malidp_atomic_commit_hw_done() for event sending.
  drm/arm/malidp: Disable pixel alpha blending for colors that do not have alpha
  drm: mali-dp: Fix bug on scaling with rotation
  drm/mali-dp: Don't enable scaling engine for planes that only rotate.
  drm: mali-dp: Uninitialized variable in malidp_se_check_scaling()
  drm/mali-dp: Align pitch size to be multiple of bus burst read size.
  drm/mali-dp: Rotated planes need a larger pitch size.
2018-03-21 13:58:43 +10:00
Dave Airlie
fca3c46abc Add a device tree property description for hdmi device node
. '#sound-dai-cells' property is required to describe link between
 the HDMI IP block and the SoC's audio subsystem and Exynos SoC device
 tree files already have this property but we missed its description.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJarvroAAoJEFc4NIkMQxK4leUP/07NWT/B6UNv5rRTGX4ZwSOK
 u+q8TMq11MFXm+oVhk9RRJr6Y2WBKlfe/ue+FbotDHAAOd7eqQaqGe+FraqiOV5p
 iqQIUJgroUsMGVSHgeZBa+cBP6o7JRzA1XAvn4Ln0cXi4bhurO9y4IRtoXSx5ZYl
 nLQZWJL0diJTTtBLDZGLFU/ZGWg6gATsDjhKGehN0l2p82xQyKGsYW8vi2q0BTKu
 o+dQipMavf17Sz+0bqiAcBq+48+amKDTY27cUW6n/8CDNzF7cFKKltoNEcvFDeC9
 2syQCYM6Drg0Rj2iV0R9bfIxhCQ3UM1/QsvTwcxgPUlpTNR+F5OrmS6Y+weOPveA
 FcsCY1Pl3vf53cUx+JWXSUW7bnvtR1mnWFqdR1i8pdSyX/7ZjRiD+0U92x728pT+
 UDiUkCGr4gRPJMhApFxIccSnzSgjmT121SDn7VdcdFZlnvfc67T40GyJvoQlSVQ1
 X+sPkM8CDqBunA8jSaBvhuNHJU+X4SKiZy/fVoxe8DsyUWLTV8cV85C0nc1+X2qe
 ojwackMzY6EpDQ1WHImwcaPcYyAAiey47IlZF15CItEP0LcPdKI9LWYRx2oYllEV
 4vXax/PF2YzXNvXDHEfA4/TkzEt2ACJot18QLARejo3WMosQYvuGg/gG66ckMM/s
 guRcLpjdnp7wFgrpwAn8
 =Y79z
 -----END PGP SIGNATURE-----

Merge tag 'exynos-drm-fixes-for-v4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos into drm-fixes

Add a device tree property description for hdmi device node
. '#sound-dai-cells' property is required to describe link between
the HDMI IP block and the SoC's audio subsystem and Exynos SoC device
tree files already have this property but we missed its description.

* tag 'exynos-drm-fixes-for-v4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos:
  dt-bindings: exynos: Document #sound-dai-cells property of the HDMI node
2018-03-21 13:56:07 +10:00
Dave Airlie
ebfb821d2f drm/tegra: Fixes for v4.16-rc7
This contains two small fixes for the alpha blending support that was
 merged into v4.16-rc1 and a fix for connector reference leaks caused by
 the fact that display pipelines are no longer automatically disabled if
 the framebuffer is removed.
 
 Furthermore this contains a fix for a crash on IOMMU detach at driver
 unbind time and a regulator enable/disable unbalance fix.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEiOrDCAFJzPfAjcif3SOs138+s6EFAlqvfJoTHHRyZWRpbmdA
 bnZpZGlhLmNvbQAKCRDdI6zXfz6zoZpQD/959jXhGJk/q8ryhs8iVa/fQOiAWQXP
 mZ3zkXmLvDWhZSQf9Nq4Mvbc2yxrSpinqnqA7jbEACz3Tcc27je1bgqkL5zCCbdR
 qCYPG2m/GvNEGEX+tb5ADdP+Y4fz0tYADlrYS3dqZdAZ4Y5xX4j9oDp7qbaWUKEJ
 w27188FGzptG57Ptyc4nNPUqfaEyPGa02zQ9J1zpYLg4i4JHXbJawLwPChdKdspd
 H0h1Xxhdgu+fwuIwfDUkAsWb2GzdOCfLoWyN6gf6V+NHxyea2G0AjfTcf6w8hudF
 O4GCEP05Q7nZinzFk4U2ieZ/GdP105jMLvf6sqAE9IztiiptAYyLVm/Rb8wv2GLv
 9HkgKWTpSnwNgtdDg5/GnfzdsKIt/HEenD7jQrvcjk155LUnSSqxlbXW6UGfDcvX
 7x1TLkaPSJSwG9YhD3JuKeXMwlmGUQqVgIhkd+72IYzEEbk9dkro7ecz2yH++vr1
 ZYHIm2WhtsNdKeflaPlAc5BntmpDnxLZLlET3dRlGV4kH0buZfheTGf+wx5rO+za
 PwIzmuQ+9Vl6iKp39EcmzcTNZrJV+y35pkncnCuFEBlkRlkZu7Ldomlf4D+doZoi
 49gehS/5WJ1su+CU6MKk4UgyPjxhOtpBHlkt1byHE5OzEEySGpyvPy6gCleIhNzx
 A0Jh/9vqfJvXBg==
 =iuUO
 -----END PGP SIGNATURE-----

Merge tag 'drm/tegra/for-4.16-rc7-fixes' of git://anongit.freedesktop.org/tegra/linux into drm-fixes

drm/tegra: Fixes for v4.16-rc7

This contains two small fixes for the alpha blending support that was
merged into v4.16-rc1 and a fix for connector reference leaks caused by
the fact that display pipelines are no longer automatically disabled if
the framebuffer is removed.

Furthermore this contains a fix for a crash on IOMMU detach at driver
unbind time and a regulator enable/disable unbalance fix.

* tag 'drm/tegra/for-4.16-rc7-fixes' of git://anongit.freedesktop.org/tegra/linux:
  drm/tegra: Shutdown on driver unbind
  drm/tegra: dsi: Don't disable regulator on ->exit()
  drm/tegra: dc: Detach IOMMU group from domain only once
  drm/tegra: plane: Correct legacy blending
  drm/tegra: plane: Fix RGB565 format on older Tegra
2018-03-21 13:55:47 +10:00
Dave Airlie
287d2ac36b Merge branch 'drm-next-4.17' of git://people.freedesktop.org/~agd5f/linux into drm-next
- Continued cleanup and restructuring of powerplay
- Fetch VRAM type from vbios rather than hardcoding for SOC15 asics
- Allow ttm to drop its backing store when drivers don't need it
- DC bandwidth calc updates
- Enable DC backlight control pre-DCE11 asics
- Enable DC on all supported asics
- DC Fixes for planes due to the way our hw is ordered vs what drm expects
- DC CTM/regamma fixes
- Misc cleanup and bug fixes

* 'drm-next-4.17' of git://people.freedesktop.org/~agd5f/linux: (89 commits)
  amdgpu/dm: Default PRE_VEGA ASIC support to 'y'
  drm/amd/pp: Remove the cgs wrapper for notify smu version on APU
  drm/amd/display: fix dereferencing possible ERR_PTR()
  drm/amd/display: Refine disable VGA
  drm/amdgpu: Improve documentation of bo_ptr in amdgpu_bo_create_kernel
  drm/radeon: Don't turn off DP sink when disconnected
  drm/amd/pp: Rename file name cz_* to smu8_*
  drm/amd/pp: Replace function/struct name cz_* with smu8_*
  drm/amd/pp: Remove unneeded void * casts in cz_hwmgr.c/cz_smumgr.c
  drm/amd/pp: Mv cz uvd/vce pg/dpm functions to cz_hwmgr.c
  drm/amd/pp: Remove dead header file pp_asicblocks.h
  drm/amd/pp: Delete dead code on cz_clockpowergating.c
  drm/amdgpu: Call amdgpu_ucode_fini_bo in amd_powerplay.c
  drm/amdgpu: Remove wrapper layer of smu ip functions
  drm/amdgpu: Don't compared ip_block_type with ip_block_index
  drm/amdgpu: Plus NULL function pointer check
  drm/amd/pp: Move helper functions to smu_help.c
  drm/amd/pp: Replace rv_* with smu10_*
  drm/amd/pp: Fix function parameter not correct
  drm/amd/pp: Add rv_copy_table_from/to_smc to smu backend function table
  ...
2018-03-21 11:46:05 +10:00
Linus Torvalds
3215b9d57a A late collection of fixes for regressions seen this release cycle.
Normally I send this earlier than now but real life got in the way.
 Things are back to normal now.
 
 There's the normal set of SoC driver fixes: i.MX boot warning, TI
 display clks, allwinner clk ops being wrong (fun), driver probe
 badness on error paths, correctness fix for the new aspeed driver,
 and even a fix for a race condition in the bcm2835 clk driver.
 
 At the core framework level we also got some fixes for the clk
 phase API caching at the wrong time, better handling of the enabled
 state of orphan clks, and a fix for a newly introduced bug in how we
 handle rate calculations for pass-through clks.
 -----BEGIN PGP SIGNATURE-----
 
 iQJFBAABCAAvFiEE9L57QeeUxqYDyoaDrQKIl8bklSUFAlqxkWcRHHNib3lkQGtl
 cm5lbC5vcmcACgkQrQKIl8bklSVe/xAAwlUj9cVBVGfTpK7M58XZiH+Igm4fR0qp
 GxpcvU5AXc+YpUZJ8q7Wuu429JQllmgfwuEwm78Jte42ITtTo/jT4E5IY9yWxaaI
 H1WlwEde/FFQDkffaDa/wUPI5doO3cAdwqvJPW9XjyO6tCpADM1mmY35wAr0mdk3
 HFN/pOEbpSasNAevYfg8MPEyZacYXALR+qQKDEhLJmliwa6xA2acEl2suBzu3w3D
 3ncRNZMT82SA42aT5i4JfmD7b/NKAlvcqEmyc9MLkakyZz0nMYcRDkXtJHkVezMG
 Ij8QvLSWUP0YVHVmf69sMQdvAaJ91iOEg15AJ2Sbh6rie9DjLhQlVyqDhTaDtSTZ
 RSCxMESuI0Eq+mhRAPlVmgRnuklTP+afo83Hyg4CdJiK357LcjWz8rXcPnw7KlAh
 iiF3S/rtfOHTue2F0Ar9qiWlMhZPX0wh6Xv7TTYgyU6+W9GwTqBqgj7wJDLBwj8N
 D37p5q/5iAP73I1vwtpDqiQzZdA9B/sYebAjChPqqA1n6K6LQ6pl99shuavflKvH
 pHsp8TColZJSu6kqrM17rS5A0FFYy+hqBhlifOwQpXV5L0CwINafpOl3AfNU7Eom
 lvzM4rswFpHLUUmLaqOuyNzPO8tNkJ7w9nKEjvaOM3YxC3d+vK56pA2k5TGjvsdi
 5+jzmtj4AbA=
 =Yjti
 -----END PGP SIGNATURE-----

Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux

Pull clk fixes from Stephen Boyd:
 "A late collection of fixes for regressions seen this release cycle.
  Normally I send this earlier than now but real life got in the way.
  Things are back to normal now.

  There's the normal set of SoC driver fixes: i.MX boot warning, TI
  display clks, allwinner clk ops being wrong (fun), driver probe
  badness on error paths, correctness fix for the new aspeed driver, and
  even a fix for a race condition in the bcm2835 clk driver.

  At the core framework level we also got some fixes for the clk phase
  API caching at the wrong time, better handling of the enabled state of
  orphan clks, and a fix for a newly introduced bug in how we handle
  rate calculations for pass-through clks"

* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
  clk: bcm2835: Protect sections updating shared registers
  clk: bcm2835: Fix ana->maskX definitions
  clk: aspeed: Prevent reset if clock is enabled
  clk: aspeed: Fix is_enabled for certain clocks
  clk: qcom: msm8916: Fix return value check in qcom_apcs_msm8916_clk_probe()
  clk: hisilicon: hi3660:Fix potential NULL dereference in hi3660_stub_clk_probe()
  clk: fix determine rate error with pass-through clock
  clk: migrate the count of orphaned clocks at init
  clk: update cached phase to respect the fact when setting phase
  clk: ti: am43xx: add set-rate-parent support for display clkctrl clock
  clk: ti: am33xx: add set-rate-parent support for display clkctrl clock
  clk: ti: clkctrl: add support for CLK_SET_RATE_PARENT flag
  clk: imx51-imx53: Fix UART4/5 registration on i.MX50 and i.MX53
  clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops
2018-03-20 17:44:27 -07:00
Daniel Borkmann
87e0d4f0f3 kbuild: disable clang's default use of -fmerge-all-constants
Prasad reported that he has seen crashes in BPF subsystem with netd
on Android with arm64 in the form of (note, the taint is unrelated):

  [ 4134.721483] Unable to handle kernel paging request at virtual address 800000001
  [ 4134.820925] Mem abort info:
  [ 4134.901283]   Exception class = DABT (current EL), IL = 32 bits
  [ 4135.016736]   SET = 0, FnV = 0
  [ 4135.119820]   EA = 0, S1PTW = 0
  [ 4135.201431] Data abort info:
  [ 4135.301388]   ISV = 0, ISS = 0x00000021
  [ 4135.359599]   CM = 0, WnR = 0
  [ 4135.470873] user pgtable: 4k pages, 39-bit VAs, pgd = ffffffe39b946000
  [ 4135.499757] [0000000800000001] *pgd=0000000000000000, *pud=0000000000000000
  [ 4135.660725] Internal error: Oops: 96000021 [#1] PREEMPT SMP
  [ 4135.674610] Modules linked in:
  [ 4135.682883] CPU: 5 PID: 1260 Comm: netd Tainted: G S      W       4.14.19+ #1
  [ 4135.716188] task: ffffffe39f4aa380 task.stack: ffffff801d4e0000
  [ 4135.731599] PC is at bpf_prog_add+0x20/0x68
  [ 4135.741746] LR is at bpf_prog_inc+0x20/0x2c
  [ 4135.751788] pc : [<ffffff94ab7ad584>] lr : [<ffffff94ab7ad638>] pstate: 60400145
  [ 4135.769062] sp : ffffff801d4e3ce0
  [...]
  [ 4136.258315] Process netd (pid: 1260, stack limit = 0xffffff801d4e0000)
  [ 4136.273746] Call trace:
  [...]
  [ 4136.442494] 3ca0: ffffff94ab7ad584 0000000060400145 ffffffe3a01bf8f8 0000000000000006
  [ 4136.460936] 3cc0: 0000008000000000 ffffff94ab844204 ffffff801d4e3cf0 ffffff94ab7ad584
  [ 4136.479241] [<ffffff94ab7ad584>] bpf_prog_add+0x20/0x68
  [ 4136.491767] [<ffffff94ab7ad638>] bpf_prog_inc+0x20/0x2c
  [ 4136.504536] [<ffffff94ab7b5d08>] bpf_obj_get_user+0x204/0x22c
  [ 4136.518746] [<ffffff94ab7ade68>] SyS_bpf+0x5a8/0x1a88

Android's netd was basically pinning the uid cookie BPF map in BPF
fs (/sys/fs/bpf/traffic_cookie_uid_map) and later on retrieving it
again resulting in above panic. Issue is that the map was wrongly
identified as a prog! Above kernel was compiled with clang 4.0,
and it turns out that clang decided to merge the bpf_prog_iops and
bpf_map_iops into a single memory location, such that the two i_ops
could then not be distinguished anymore.

Reason for this miscompilation is that clang has the more aggressive
-fmerge-all-constants enabled by default. In fact, clang source code
has a comment about it in lib/AST/ExprConstant.cpp on why it is okay
to do so:

  Pointers with different bases cannot represent the same object.
  (Note that clang defaults to -fmerge-all-constants, which can
  lead to inconsistent results for comparisons involving the address
  of a constant; this generally doesn't matter in practice.)

The issue never appeared with gcc however, since gcc does not enable
-fmerge-all-constants by default and even *explicitly* states in
it's option description that using this flag results in non-conforming
behavior, quote from man gcc:

  Languages like C or C++ require each variable, including multiple
  instances of the same variable in recursive calls, to have distinct
  locations, so using this option results in non-conforming behavior.

There are also various clang bug reports open on that matter [1],
where clang developers acknowledge the non-conforming behavior,
and refer to disabling it with -fno-merge-all-constants. But even
if this gets fixed in clang today, there are already users out there
that triggered this. Thus, fix this issue by explicitly adding
-fno-merge-all-constants to the kernel's Makefile to generically
disable this optimization, since potentially other places in the
kernel could subtly break as well.

Note, there is also a flag called -fmerge-constants (not supported
by clang), which is more conservative and only applies to strings
and it's enabled in gcc's -O/-O2/-O3/-Os optimization levels. In
gcc's code, the two flags -fmerge-{all-,}constants share the same
variable internally, so when disabling it via -fno-merge-all-constants,
then we really don't merge any const data (e.g. strings), and text
size increases with gcc (14,927,214 -> 14,942,646 for vmlinux.o).

  $ gcc -fverbose-asm -O2 foo.c -S -o foo.S
    -> foo.S lists -fmerge-constants under options enabled
  $ gcc -fverbose-asm -O2 -fno-merge-all-constants foo.c -S -o foo.S
    -> foo.S doesn't list -fmerge-constants under options enabled
  $ gcc -fverbose-asm -O2 -fno-merge-all-constants -fmerge-constants foo.c -S -o foo.S
    -> foo.S lists -fmerge-constants under options enabled

Thus, as a workaround we need to set both -fno-merge-all-constants
*and* -fmerge-constants in the Makefile in order for text size to
stay as is.

  [1] https://bugs.llvm.org/show_bug.cgi?id=18538

Reported-by: Prasad Sodagudi <psodagud@codeaurora.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Chenbo Feng <fengc@google.com>
Cc: Richard Smith <richard-llvm@metafoo.co.uk>
Cc: Chandler Carruth <chandlerc@gmail.com>
Cc: linux-kernel@vger.kernel.org
Tested-by: Prasad Sodagudi <psodagud@codeaurora.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2018-03-20 17:43:15 -07:00
Linus Torvalds
303851e14a Fourth pull request for 4.16-rc
- Many bug fixes related to syzkaller from Leon Romanovsky.
   These are still for the mlx driver and ucma interface.
 - Fix a situation with port reuse for iWarp, discovered during scale-up
   testing
 - Bug fixes for the profile and restrack patches accepted during this merge
   window
 - Compile warning cleanups from Arnd, this is apparently the last warning
   to make 32 bit builds quite.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABCgAGBQJasZXlAAoJEDht9xV+IJsaOv8QAJ7FwiS/DVadNBD9/Gjksb/V
 co41g9eK4s0qEKXJgMLjSr/aaK7gCG2waeXRSSJm52e1ERyiyceRaoLWqhJ98ZOt
 xs/rAj4aBKmRgQ5j082O3YYVaAHETTIcPYVjlULDNhkqH1xhtm7LmKxTHPxGxLdU
 IMKZeQStY46or3fuOyDmHQ7RbxRbl+7LhL1LEE9+dd7u6fSipgGWv6i3Wrqex/AV
 XC1C1Pabq7Qo+d516mNX2JSjo9jT4kuamLprxQtUJxMeU5UJ+7IlZlTOGgU0q2Zv
 x8W7744zVvifUc1gs3AFRvwhDkTrwnkhFullCyVN86r1jrduG1kxX+N0ksCY79yB
 h9A5r+qV63XPelDJAFQIllkLPh8p3raCfvfQZAMkVqh2Lqn2s1tlukN/6NLAaguW
 YAwbRk0Q1XgXRj4mGW+3vEH7UGMgaIqF2JlnU25hOuoyVSUkgvy88NG9aVx//a5h
 KCdRa/iqTDJthKfnCAu+yYa4k5AKeRkdNKB0GebiPrrdpgJHMBKuPCjLrd4NP9QG
 As1gi9N3gtNoZL7QEyYBL8NIXNpiiY4YANFf7otoZwvFBSzILKWJI74WOg8HWGJT
 jKDQk6WQfYS3Xe3WVy0WOXhsdvYyiCXdag63ErUlzAMffhpp1GZoBEEk+4z+lYL8
 W69w1xQcntpG9N+EBqBT
 =Gal+
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma

Pull rdma fixes from Jason Gunthorpe:
 "Not much exciting here, almost entirely syzkaller fixes.

  This is going to be on ongoing theme for some time, I think. Both
  Google and Mellanox are now running syzkaller on different parts of
  the user API.

  Summary:

   - Many bug fixes related to syzkaller from Leon Romanovsky. These are
     still for the mlx driver and ucma interface.

   - Fix a situation with port reuse for iWarp, discovered during
     scale-up testing

   - Bug fixes for the profile and restrack patches accepted during this
     merge window

   - Compile warning cleanups from Arnd, this is apparently the last
     warning to make 32 bit builds quiet"

* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
  RDMA/ucma: Ensure that CM_ID exists prior to access it
  RDMA/verbs: Remove restrack entry from XRCD structure
  RDMA/ucma: Fix use-after-free access in ucma_close
  RDMA/ucma: Check AF family prior resolving address
  infiniband: bnxt_re: use BIT_ULL() for 64-bit bit masks
  infiniband: qplib_fp: fix pointer cast
  IB/mlx5: Fix cleanup order on unload
  RDMA/ucma: Don't allow join attempts for unsupported AF family
  RDMA/ucma: Fix access to non-initialized CM_ID object
  RDMA/core: Do not use invalid destination in determining port reuse
  RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory
  IB/mlx5: Fix integer overflows in mlx5_ib_create_srq
  IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq
2018-03-20 17:39:07 -07:00
Linus Torvalds
76c0b6a36a SCSI fixes on 20180320
One driver patch (qla2xxx) which fixes a problem caused by an existing
 regression fix (FCP discovery is failing) and one generic fix to a
 longstanding bug in libsas that causes I/O eventually to hang to the
 device in the face of ATA error recovery.
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 
 iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCWrGPDCYcamFtZXMuYm90
 dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishbR8AQDshy6Y
 HV+x5K0kACcMSWA2WGH/1zgSmpAfSjLckD8YawEA99OGBUNHkiIYoNx3WrHHrHtT
 6PReg6htfY/1yDQ0vJk=
 =IBHa
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:

 - one driver patch (qla2xxx) which fixes a problem caused by an
   existing regression fix (FCP discovery is failing)

 - one generic fix to a longstanding bug in libsas that causes I/O
   eventually to hang to the device in the face of ATA error recovery.

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: qla2xxx: Remove FC_NO_LOOP_ID for FCP and FC-NVMe Discovery
  scsi: libsas: defer ata device eh commands to libata
2018-03-20 16:59:01 -07:00
Linus Torvalds
645102eac1 Just one fix for an occasional panic from Jeff Layton.
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJasXu4AAoJECebzXlCjuG+fNcP/3QYZwLdIYe0pZSIn/9V6sW1
 PwmxhTkBOEkeP4RTArI/4spZk3mrTqv7SC+ACYKbkD910uDC8cY3ElcwKxi82NL7
 9M4gNGnscKJtUye2LhoamZZLOLDIzr302pEv0IIh3v11sAu0rK1K0bqHSfI1ga/q
 r3S1sRtad+UktVH+jJ8MNE4NBfXC/xTqPz6Z+wd30CPmJKaA7Oqle7Wd3479zj0c
 A7l+EtleFo/bctHwY7yp+lVs1Yqr3ShS+qu+YAknBTnGco9JJFJsZM6x33DFMZC4
 EvFPO0gh4PuN/SkgT4zBvBlSXQjuqUWTU98ohqP7ugTtd0dXEIpR4DLLwWScA2KV
 z+YIJIKUh8Ryh8KI+J50Ed9WseVlmACHOBTJjLW7KnSYtey3+mgh5kp6Vcd9IxHc
 Gju7YgDK5FOV2JykaHQ/qCaSyL6ao1firapSrtZK4N27LpJ05FreK6qnLJtHmiwU
 pqVHyfrH4kfho1T0Nr/bw4bnugBKZVXBbBQLKp2twgJhYkUkP+vxV8QMX3h531hB
 jsQV9OIVPkdTjr5L0BmQMJ4GugM1Zr4mIunY6Mw0z5ax1JeBUelWeQccqL1YCSGL
 TZr+0N9yOuzQHX+e+mZ8vFYqfUTRF/Xfkn1+ZV3ZQU/yY8oBkDbQddaLoo1hjLUx
 2dpR3xIhzyDkP59jrK4M
 =oGAf
 -----END PGP SIGNATURE-----

Merge tag 'nfsd-4.16-1' of git://linux-nfs.org/~bfields/linux

Pull nfsd fix from Bruce Fields:
 "Just one fix for an occasional panic from Jeff Layton"

* tag 'nfsd-4.16-1' of git://linux-nfs.org/~bfields/linux:
  nfsd: remove blocked locks on client teardown
2018-03-20 16:10:26 -07:00
Chenbo Feng
0fa4fe85f4 bpf: skip unnecessary capability check
The current check statement in BPF syscall will do a capability check
for CAP_SYS_ADMIN before checking sysctl_unprivileged_bpf_disabled. This
code path will trigger unnecessary security hooks on capability checking
and cause false alarms on unprivileged process trying to get CAP_SYS_ADMIN
access. This can be resolved by simply switch the order of the statement
and CAP_SYS_ADMIN is not required anyway if unprivileged bpf syscall is
allowed.

Signed-off-by: Chenbo Feng <fengc@google.com>
Acked-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-03-20 23:50:39 +01:00
Yonghong Song
f005afede9 trace/bpf: remove helper bpf_perf_prog_read_value from tracepoint type programs
Commit 4bebdc7a85 ("bpf: add helper bpf_perf_prog_read_value")
added helper bpf_perf_prog_read_value so that perf_event type program
can read event counter and enabled/running time.
This commit, however, introduced a bug which allows this helper
for tracepoint type programs. This is incorrect as bpf_perf_prog_read_value
needs to access perf_event through its bpf_perf_event_data_kern type context,
which is not available for tracepoint type program.

This patch fixed the issue by separating bpf_func_proto between tracepoint
and perf_event type programs and removed bpf_perf_prog_read_value
from tracepoint func prototype.

Fixes: 4bebdc7a85 ("bpf: add helper bpf_perf_prog_read_value")
Reported-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Yonghong Song <yhs@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-03-20 23:08:52 +01:00
Thadeu Lima de Souza Cascardo
52fda36d63 test_bpf: Fix testing with CONFIG_BPF_JIT_ALWAYS_ON=y on other arches
Function bpf_fill_maxinsns11 is designed to not be able to be JITed on
x86_64. So, it fails when CONFIG_BPF_JIT_ALWAYS_ON=y, and
commit 09584b4067 ("bpf: fix selftests/bpf test_kmod.sh failure when
CONFIG_BPF_JIT_ALWAYS_ON=y") makes sure that failure is detected on that
case.

However, it does not fail on other architectures, which have a different
JIT compiler design. So, test_bpf has started to fail to load on those.

After this fix, test_bpf loads fine on both x86_64 and ppc64el.

Fixes: 09584b4067 ("bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y")
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Reviewed-by: Yonghong Song <yhs@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-03-20 23:04:30 +01:00
Linus Torvalds
32d43cd391 kvm/x86: fix icebp instruction handling
The undocumented 'icebp' instruction (aka 'int1') works pretty much like
'int3' in the absense of in-circuit probing equipment (except,
obviously, that it raises #DB instead of raising #BP), and is used by
some validation test-suites as such.

But Andy Lutomirski noticed that his test suite acted differently in kvm
than on bare hardware.

The reason is that kvm used an inexact test for the icebp instruction:
it just assumed that an all-zero VM exit qualification value meant that
the VM exit was due to icebp.

That is not unlike the guess that do_debug() does for the actual
exception handling case, but it's purely a heuristic, not an absolute
rule.  do_debug() does it because it wants to ascribe _some_ reasons to
the #DB that happened, and an empty %dr6 value means that 'icebp' is the
most likely casue and we have no better information.

But kvm can just do it right, because unlike the do_debug() case, kvm
actually sees the real reason for the #DB in the VM-exit interruption
information field.

So instead of relying on an inexact heuristic, just use the actual VM
exit information that says "it was 'icebp'".

Right now the 'icebp' instruction isn't technically documented by Intel,
but that will hopefully change.  The special "privileged software
exception" information _is_ actually mentioned in the Intel SDM, even
though the cause of it isn't enumerated.

Reported-by: Andy Lutomirski <luto@kernel.org>
Tested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-03-20 14:58:34 -07:00
Leon Romanovsky
e8980d67d6 RDMA/ucma: Ensure that CM_ID exists prior to access it
Prior to access UCMA commands, the context should be initialized
and connected to CM_ID with ucma_create_id(). In case user skips
this step, he can provide non-valid ctx without CM_ID and cause
to multiple NULL dereferences.

Also there are situations where the create_id can be raced with
other user access, ensure that the context is only shared to
other threads once it is fully initialized to avoid the races.

[  109.088108] BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
[  109.090315] IP: ucma_connect+0x138/0x1d0
[  109.092595] PGD 80000001dc02d067 P4D 80000001dc02d067 PUD 1da9ef067 PMD 0
[  109.095384] Oops: 0000 [#1] SMP KASAN PTI
[  109.097834] CPU: 0 PID: 663 Comm: uclose Tainted: G    B 4.16.0-rc1-00062-g2975d5de6428 #45
[  109.100816] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.11.0-0-g63451fca13-prebuilt.qemu-project.org 04/01/2014
[  109.105943] RIP: 0010:ucma_connect+0x138/0x1d0
[  109.108850] RSP: 0018:ffff8801c8567a80 EFLAGS: 00010246
[  109.111484] RAX: 0000000000000000 RBX: 1ffff100390acf50 RCX: ffffffff9d7812e2
[  109.114496] RDX: 1ffffffff3f507a5 RSI: 0000000000000297 RDI: 0000000000000297
[  109.117490] RBP: ffff8801daa15600 R08: 0000000000000000 R09: ffffed00390aceeb
[  109.120429] R10: 0000000000000001 R11: ffffed00390aceea R12: 0000000000000000
[  109.123318] R13: 0000000000000120 R14: ffff8801de6459c0 R15: 0000000000000118
[  109.126221] FS:  00007fabb68d6700(0000) GS:ffff8801e5c00000(0000) knlGS:0000000000000000
[  109.129468] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  109.132523] CR2: 0000000000000020 CR3: 00000001d45d8003 CR4: 00000000003606b0
[  109.135573] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  109.138716] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  109.142057] Call Trace:
[  109.144160]  ? ucma_listen+0x110/0x110
[  109.146386]  ? wake_up_q+0x59/0x90
[  109.148853]  ? futex_wake+0x10b/0x2a0
[  109.151297]  ? save_stack+0x89/0xb0
[  109.153489]  ? _copy_from_user+0x5e/0x90
[  109.155500]  ucma_write+0x174/0x1f0
[  109.157933]  ? ucma_resolve_route+0xf0/0xf0
[  109.160389]  ? __mod_node_page_state+0x1d/0x80
[  109.162706]  __vfs_write+0xc4/0x350
[  109.164911]  ? kernel_read+0xa0/0xa0
[  109.167121]  ? path_openat+0x1b10/0x1b10
[  109.169355]  ? fsnotify+0x899/0x8f0
[  109.171567]  ? fsnotify_unmount_inodes+0x170/0x170
[  109.174145]  ? __fget+0xa8/0xf0
[  109.177110]  vfs_write+0xf7/0x280
[  109.179532]  SyS_write+0xa1/0x120
[  109.181885]  ? SyS_read+0x120/0x120
[  109.184482]  ? compat_start_thread+0x60/0x60
[  109.187124]  ? SyS_read+0x120/0x120
[  109.189548]  do_syscall_64+0xeb/0x250
[  109.192178]  entry_SYSCALL_64_after_hwframe+0x21/0x86
[  109.194725] RIP: 0033:0x7fabb61ebe99
[  109.197040] RSP: 002b:00007fabb68d5e98 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  109.200294] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fabb61ebe99
[  109.203399] RDX: 0000000000000120 RSI: 00000000200001c0 RDI: 0000000000000004
[  109.206548] RBP: 00007fabb68d5ec0 R08: 0000000000000000 R09: 0000000000000000
[  109.209902] R10: 0000000000000000 R11: 0000000000000202 R12: 00007fabb68d5fc0
[  109.213327] R13: 0000000000000000 R14: 00007fff40ab2430 R15: 00007fabb68d69c0
[  109.216613] Code: 88 44 24 2c 0f b6 84 24 6e 01 00 00 88 44 24 2d 0f
b6 84 24 69 01 00 00 88 44 24 2e 8b 44 24 60 89 44 24 30 e8 da f6 06 ff
31 c0 <66> 41 83 7c 24 20 1b 75 04 8b 44 24 64 48 8d 74 24 20 4c 89 e7
[  109.223602] RIP: ucma_connect+0x138/0x1d0 RSP: ffff8801c8567a80
[  109.226256] CR2: 0000000000000020

Fixes: 7521663857 ("RDMA/cma: Export rdma cm interface to userspace")
Reported-by: <syzbot+36712f50b0552615bf59@syzkaller.appspotmail.com>
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
2018-03-20 11:07:21 -06:00
Stefano Brivio
5f2fb802ee ipv6: old_dport should be a __be16 in __ip6_datagram_connect()
Fixes: 2f987a76a9 ("net: ipv6: keep sk status consistent after datagram connect failure")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Guillaume Nault <g.nault@alphalink.fr>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-03-20 12:43:43 -04:00