When receiving a nec repeat, ensure the correct scancode is repeated
rather than a random value from the stack. This removes the need for
the bogus uninitialized_var() and also fixes the warnings:
drivers/media/usb/dvb-usb/dib0700_core.c: In function ‘dib0700_rc_urb_completion’:
drivers/media/usb/dvb-usb/dib0700_core.c:679: warning: ‘protocol’ may be used uninitialized in this function
[sean addon: So after writing the patch and submitting it, I've bought the
hardware on ebay. Without this patch you get random scancodes
on nec repeats, which the patch indeed fixes.]
Signed-off-by: Sean Young <sean@mess.org>
Tested-by: Sean Young <sean@mess.org>
Cc: stable@vger.kernel.org
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
gcc correctly warns about an incorrect use of the 'pa' variable in case
we pass an empty scatterlist to __s390_dma_map_sg:
arch/s390/pci/pci_dma.c: In function '__s390_dma_map_sg':
arch/s390/pci/pci_dma.c:309:13: warning: 'pa' may be used uninitialized in this function [-Wmaybe-uninitialized]
This adds a bogus initialization to the function to sanitize the debug
output. I would have preferred a solution without the initialization,
but I only got the report from the kbuild bot after turning on the
warning again, and didn't manage to reproduce it myself.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Sebastian Ott <sebott@linux.vnet.ibm.com>
Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
When called more than twice, the nios2_time_init() function return an
uninitialized value, as detected by gcc -Wmaybe-uninitialized
arch/nios2/kernel/time.c: warning: 'ret' may be used uninitialized in this function
This makes it return '0' here, matching the comment above the function.
Acked-by: Ley Foon Tan <lftan@altera.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
apm_bios_call() can fail, and return a status in its argument structure.
If that status however is zero during a call from
apm_get_power_status(), we end up using data that may have never been
set, as reported by "gcc -Wmaybe-uninitialized":
arch/x86/kernel/apm_32.c: In function ‘apm’:
arch/x86/kernel/apm_32.c:1729:17: error: ‘bx’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
arch/x86/kernel/apm_32.c:1835:5: error: ‘cx’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
arch/x86/kernel/apm_32.c:1730:17: note: ‘cx’ was declared here
arch/x86/kernel/apm_32.c:1842:27: error: ‘dx’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
arch/x86/kernel/apm_32.c:1731:17: note: ‘dx’ was declared here
This changes the function to return "APM_NO_ERROR" here, which makes the
code more robust to broken BIOS versions, and avoids the warning.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Jiri Kosina <jkosina@suse.cz>
Reviewed-by: Luis R. Rodriguez <mcgrof@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
A bugfix introduced a harmless gcc warning in nfs4_slot_seqid_in_use if
we enable -Wmaybe-uninitialized again:
fs/nfs/nfs4session.c:203:54: error: 'cur_seq' may be used uninitialized in this function [-Werror=maybe-uninitialized]
gcc is not smart enough to conclude that the IS_ERR/PTR_ERR pair results
in a nonzero return value here. Using PTR_ERR_OR_ZERO() instead makes
this clear to the compiler.
Fixes: e09c978aae ("NFSv4.1: Fix Oopsable condition in server callback races")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Traditionally, we have always had warnings about uninitialized variables
enabled, as this is part of -Wall, and generally a good idea [1], but it
also always produced false positives, mainly because this is a variation
of the halting problem and provably impossible to get right in all cases
[2].
Various people have identified cases that are particularly bad for false
positives, and in commit e74fc973b6 ("Turn off -Wmaybe-uninitialized
when building with -Os"), I turned off the warning for any build that
was done with CC_OPTIMIZE_FOR_SIZE. This drastically reduced the number
of false positive warnings in the default build but unfortunately had
the side effect of turning the warning off completely in 'allmodconfig'
builds, which in turn led to a lot of warnings (both actual bugs, and
remaining false positives) to go in unnoticed.
With commit 877417e6ff ("Kbuild: change CC_OPTIMIZE_FOR_SIZE
definition") enabled the warning again for allmodconfig builds in v4.7
and in v4.8-rc1, I had finally managed to address all warnings I get in
an ARM allmodconfig build and most other maybe-uninitialized warnings
for ARM randconfig builds.
However, commit 6e8d666e92 ("Disable "maybe-uninitialized" warning
globally") was merged at the same time and disabled it completely for
all configurations, because of false-positive warnings on x86 that I had
not addressed until then. This caused a lot of actual bugs to get
merged into mainline, and I sent several dozen patches for these during
the v4.9 development cycle. Most of these are actual bugs, some are for
correct code that is safe because it is only called under external
constraints that make it impossible to run into the case that gcc sees,
and in a few cases gcc is just stupid and finds something that can
obviously never happen.
I have now done a few thousand randconfig builds on x86 and collected
all patches that I needed to address every single warning I got (I can
provide the combined patch for the other warnings if anyone is
interested), so I hope we can get the warning back and let people catch
the actual bugs earlier.
This reverts the change to disable the warning completely and for now
brings it back at the "make W=1" level, so we can get it merged into
mainline without introducing false positives. A follow-up patch enables
it on all levels unless some configuration option turns it off because
of false-positives.
Link: https://rusty.ozlabs.org/?p=232 [1]
Link: https://gcc.gnu.org/wiki/Better_Uninitialized_Warnings [2]
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
this became a largish pull-request, as we've got a bunch of pending
ASoC fixes at this time. One noticeable change is the removal of
error directive in uapi/sound/asoc.h. We found that the API has
been already used on Chromebooks, so we need to support it even now.
A slight big LOC is found in Qualcomm lpass driver, but the rest are
all small and easy fixes for ASoC drivers (sti, sun4i, Realtek codecs,
Intel, tas571x, etc) in addition to the patches to harden the ALSA
core proc file accesses.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJYI3I4AAoJEGwxgFQ9KSmkgEMP/iGW/7T2AqD39pKtmfXH60gt
hU9ccBt+gSrKqyMZHjrqp69o2//9JSsx6ezJXAWm5OeDwPJCxwSBIy2fGzxBZDwW
0nhYbeoZFQbQucCTDLRO33n0xe7YIMtjp9H55PBBoaWKDdDoRiOdsKIRSFWToV2Q
IOPY3pvYUP8RzYA2GC9Ud5xDb0U/J3je7PGhwM880sBlOxykTJJwrq95tG8EGIF8
CAj/B/IJw0SuA79RDjBSziT9xAfHjiky4wYTw7HcjgBStLv3R2txM3775Cvhsnwr
ISdXmh2ImibCh5ADIivXoNTkptq0mTurWi/6W1fENqZVxaAh7/MsWjlVKfAmgUKT
kTRgLJLZIQ/P0ejKnbRI2+K4z0iLcF4w4GURi3iwEOKuvX1jDN/F9pte/ZCB3BIw
IKxRZ2ClWAdlpPt/reNNH3fKICguLlktoZWUkZm1rVZ2ACieQVMmodYjIMP0egXr
EHus0Pp+B9U3prvncGKSIG9+/8XFBdYh++811cVkT78W2nBmy9VjvbA2iBTo1Yzj
mWzpU/Zp+wC44TyMHP+AtZj+XsAM0l0gQRMUKoMe1RTdOmBleGsiGaN/V9kTuX0S
bHbPV1CKnfw/4mQDc9BGuVC6xz/kS3xgqqUscdIf0flN7/kYJbzOJlz2fM/svP7z
w0yH9d7pvEGKJTqLlyOm
=jmAA
-----END PGP SIGNATURE-----
Merge tag 'sound-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"This became a largish pull-request, as we've got a bunch of pending
ASoC fixes at this time. One noticeable change is the removal of error
directive in uapi/sound/asoc.h. We found that the API has been already
used on Chromebooks, so we need to support it even now.
A slight big LOC is found in Qualcomm lpass driver, but the rest are
all small and easy fixes for ASoC drivers (sti, sun4i, Realtek codecs,
Intel, tas571x, etc) in addition to the patches to harden the ALSA
core proc file accesses"
* tag 'sound-4.9-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (26 commits)
ALSA: info: Return error for invalid read/write
ALSA: info: Limit the proc text input size
ASoC: samsung: spdif: Fix DMA filter initialization
ASoC: sun4i-codec: Enable bus clock after getting GPIO
ASoC: lpass-cpu: add module licence and description
ASoC: lpass-platform: Fix broken pcm data usage
ASoC: sun4i-codec: return error code instead of NULL when create_card fails
ASoC: hdmi-codec: Fix hdmi_of_xlate_dai_name when #sound-dai-cells = <0>
ASoC: samsung: get access to DMA engine early to defer probe properly
ASoC: da7219: Connect output enable register to DAIOUT
ASoC: Intel: Skylake: Fix to turn off hdmi power on probe failure
ASoC: sti-sas: enable fast io for regmap
ASoC: sti: fix channel status update after playback start
ASoC: PXA: Brownstone needs I2C
ASoC: Intel: Skylake: Always acquire runtime pm ref on unload
ASoC: Intel: Atom: add terminate entry for dmi_system_id tables
ASoC: rt298: fix jack type detect error
ASoC: rt5663: fix a debug statement
ASoC: cs4270: fix DAPM stream name mismatch
ASoC: Intel: haswell depends on sst-firmware
...
The refactor seemed to trigger dan.carpenter@oracle.com's
static tester to find a possible double-free in the code.
While designing the fix we saw a condition under which the
buffer being freed could also be overflowed.
We also realized how to rebuild the related debugfs file's
"contents" (a string) without deleting and re-creating the file.
This fix should eliminate the possible double-free, the
potential overflow and improve code readability.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYI04nAAoJEM9EDqnrzg2+rT4P/1sN1ZUDwKgyJ3Qk3n5AAvlR
PtbqeRhzUD7QdTR5yb/k/37rqYB7BBB5xd5VDlYKuD8luppjoAS2J4SRkngPFQiV
NZMP1Sq5nWeEyeG8it+MzH364zBUGK+D94VqlhUDLHKa27WMWTB2vrcLq/DI06np
35r4dWnV3+2+lgg0zvJGP7QoQLlPByB5q7pwTA9TBaPnDHVh/Myq4jS70wfEYDqY
NMxkq02vQHS7a2mysZbrE2fXC2OBRTCGP+9lsdvJx9XfYQkIHfe4qMAxu0XlqDSM
6POHEr5cPizENGSp7myV9G97FuF0UHZXnLEKe04DLbuGao2omMiNHvrnS/zPgKRQ
zpCMsf4FVChjCipQzne1eLQbQskWVDy58ziURzefO+bV8aFe61KBOvAiNEZ+7i21
CeEBeU2A5brd1y6ELcFCf2SDjmyd/ScyYqwIIrsY0eK1D3GveeHX1tkMGH8y7hWD
CoY/cKUSHwZ6ZwFpzeCs96wzZ19o7BLKogyIyYQWc1s09uijIHInxkRxUqtfVErj
2SpOXOqLkpjpU0Kga8beU6OtXLRv/ob518RPTPF5NAzjl08xn20pZckKL092uhVj
k/VlJUE72Om2XJmBbta2Sz7iN8QfujJO0Ql/Nl51lX++pVbQIjFDaRhIYt6Yb0af
y1XRJXqDJ3sh9J/od3fN
=ELyS
-----END PGP SIGNATURE-----
Merge tag 'for-linus-4.9-rc4-ofs-1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux
Pull orangefs fix from Mike Marshall:
"We recently refactored the Orangefs debugfs code. The refactor seemed
to trigger dan.carpenter@oracle.com's static tester to find a possible
double-free in the code.
While designing the fix we saw a condition under which the buffer
being freed could also be overflowed.
We also realized how to rebuild the related debugfs file's "contents"
(a string) without deleting and re-creating the file.
This fix should eliminate the possible double-free, the potential
overflow and improve code readability"
* tag 'for-linus-4.9-rc4-ofs-1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux:
orangefs: clean up debugfs
Pull s390 fixes from Martin Schwidefsky:
"Two bug fixes
- a memory alignment fix in the s390 only hypfs code
- a fix for the generic percpu code that caused ftrace to break on
s390. This is not relevant for x86 but for all architectures that
use the generic percpu code"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
percpu: use notrace variant of preempt_disable/preempt_enable
s390/hypfs: Use get_free_page() instead of kmalloc to ensure page alignment
Two places need fixing:
* Four patches from Robin Murphy fix several issues with the
recently merged generic DT-bindings support for arm-smmu
drivers
* A fix for a dead-lock issue in the VT-d driver, which shows up
on iommu hotplug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJYIe6KAAoJECvwRC2XARrjJtgP/0O2b5JBuMGPBdCcFdClGji4
ozxDwfOMUohRfo6p33V7G+bQiNmF5NUhqWPuEXQ64BejFe3GY2+jWS5C0bj2w+Cm
5u8C5K6WJ93q2Bdg8BLhe17H00kjM+vFucMZBvcZlDWZlrDzbSR1tVG84zhlAUR+
ewuBzf8qEAAK1xLuVU6ywLBHK6L/tX4mACgvwktQR8qRrz5bGGIecH9ZAHCzYODb
6PJ3/hchn1e0Ckntg1i+Ggx6A9+aof+U+t0iJeFBN1HpAuN+FhaGNmf8b7v7AQAn
0el/ByVfp51kzGo1/mi/bW1odgNMSqhOn+oA2Na2fHrn9A0/2c8LtYmsGmRacNqi
HPLm0iKAZUb7HAKlSJnm4eVjQsFxAcIXe+rEE3RgxJbbKpWPVy2zaEXw6c++ALhi
R2xI1L9cLXhV/bOfba05uuSTp604yAFcli4tbo81AziZZ+hpXCPTAYrjtw11LbiC
JaFBPksctESm2bOSDXkbSgwIQN+jRnMH7xR/t9L2vCIt0m3IGCFqz5ia4rcmCq1+
quRp6GCd9G2oW8DemI9bggYCZeGzbWbOAQCQfKoRGl50WJ279vUpVhpUUo8OBcPg
xE+GqGNAEcWchNDODH5nVrfuCK3TV0NWW+N3tOh0IC2QT85JMa+9nc287vq4ZwqQ
bhionSy/gs2ht9NPa9XO
=N8iu
-----END PGP SIGNATURE-----
Merge tag 'iommu-fixes-v4.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu
Pull IOMMU fixes from Joerg Roedel:
- Four patches from Robin Murphy fix several issues with the recently
merged generic DT-bindings support for arm-smmu drivers
- A fix for a dead-lock issue in the VT-d driver, which shows up on
iommu hotplug
* tag 'iommu-fixes-v4.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
iommu/vt-d: Fix dead-locks in disable_dmar_iommu() path
iommu/arm-smmu: Fix out-of-bounds dereference
iommu/arm-smmu: Check that iommu_fwspecs are ours
iommu/arm-smmu: Don't inadvertently reject multiple SMMUv3s
iommu/arm-smmu: Work around ARM DMA configuration
It turns out that the disable_dmar_iommu() code-path tried
to get the device_domain_lock recursivly, which will
dead-lock when this code runs on dmar removal. Fix both
code-paths that could lead to the dead-lock.
Fixes: 55d940430a ('iommu/vt-d: Get rid of domain->iommu_lock')
Signed-off-by: Joerg Roedel <jroedel@suse.de>
When we iterate a master's config entries, what we generally care
about is the entry's stream map index, rather than the entry index
itself, so it's nice to have the iterator automatically assign the
former from the latter. Unfortunately, booting with KASAN reveals
the oversight that using a simple comma operator results in the
entry index being dereferenced before being checked for validity,
so we always access one element past the end of the fwspec array.
Flip things around so that the check always happens before the index
may be dereferenced.
Fixes: adfec2e709 ("iommu/arm-smmu: Convert to iommu_fwspec")
Reported-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
We seem to have forgotten to check that iommu_fwspecs actually belong to
us before we go ahead and dereference their private data. Oops.
Fixes: 021bb8420d ("iommu/arm-smmu: Wire up generic configuration support")
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
We now delay installing our per-bus iommu_ops until we know an SMMU has
successfully probed, as they don't serve much purpose beforehand, and
doing so also avoids fights between multiple IOMMU drivers in a single
kernel. However, the upshot of passing the return value of bus_set_iommu()
back from our probe function is that if there happens to be more than
one SMMUv3 device in a system, the second and subsequent probes will
wind up returning -EBUSY to the driver core and getting torn down again.
Avoid re-setting ops if ours are already installed, so that any genuine
failures stand out.
Fixes: 08d4ca2a67 ("iommu/arm-smmu: Support non-PCI devices with SMMUv3")
CC: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
CC: Hanjun Guo <hanjun.guo@linaro.org>
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
The 32-bit ARM DMA configuration code predates the IOMMU core's default
domain functionality, and instead relies on allocating its own domains
and attaching any devices using the generic IOMMU binding to them.
Unfortunately, it does this relatively early on in the creation of the
device, before we've seen our add_device callback, which leads us to
attempt to operate on a half-configured master.
To avoid a crash, check for this situation on attach, but refuse to
play, as there's nothing we can do. This at least allows VFIO to keep
working for people who update their 32-bit DTs to the generic binding,
albeit with a few (innocuous) warnings from the DMA layer on boot.
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Joerg Roedel <jroedel@suse.de>
Currently the ALSA proc handler allows read or write even if the proc
file were write-only or read-only. It's mostly harmless, does thing
but allocating memory and ignores the input/output. But it doesn't
tell user about the invalid use, and it's confusing and inconsistent
in comparison with other proc files.
This patch adds some sanity checks and let the proc handler returning
an -EIO error when the invalid read/write is performed.
Cc: <stable@vger.kernel.org> # v4.2+
Signed-off-by: Takashi Iwai <tiwai@suse.de>
The ALSA proc handler allows currently the write in the unlimited size
until kmalloc() fails. But basically the write is supposed to be only
for small inputs, mostly for one line inputs, and we don't have to
handle too large sizes at all. Since the kmalloc error results in the
kernel warning, it's better to limit the size beforehand.
This patch adds the limit of 16kB, which must be large enough for the
currently existing code.
Cc: stable@vger.kernel.org # v4.2+
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Commit 345ddcc882 ("ftrace: Have set_ftrace_pid use the bitmap like
events do") added a couple of this_cpu_read calls to the ftrace code.
On x86 this is not a problem, since it has single instructions to read
percpu data. Other architectures which use the generic variant now
have additional preempt_disable and preempt_enable calls in the core
ftrace code. This may lead to recursive calls and in result to a dead
machine, e.g. if preemption and debugging options are enabled.
To fix this use the notrace variant of preempt_disable and
preempt_enable within the generic percpu code.
Reported-and-bisected-by: Sebastian Ott <sebott@linux.vnet.ibm.com>
Tested-by: Sebastian Ott <sebott@linux.vnet.ibm.com>
Fixes: 345ddcc882 ("ftrace: Have set_ftrace_pid use the bitmap like events do")
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Acked-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
- Fix build failure on compilers without asm goto
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJYH+anAAoJELescNyEwWM0fiQIALprhwbhNmqc5q6IVXYJuPw7
kPonaVa1MA6EGANkBwdxD4pbkK2fcsFYsUtiSewP71TwLrRhW/2gPJGUOv3sK6Bq
BXM10O9Meu4Toy45uPofKpRk4yNhJh4WBPPYedzlwitoBUaC4R4sclioqfIOJsvv
z3UI/EXsGpgEuEKQkNHZ5PGUzQ9eLwbhexMJROsdnqVektaDrCSkVtdQNxpMsmve
yy92epfnH9xlk79KrTF1a0lM/SwlQHscua9jsOO+C4Txu6z5s2ltHVtM95Rb5X3a
nmczpMAUesL8g89AdJYOrbSO+dGbCI7ZHhXmcTnWJdRp7g2Hyhei3jNUUwfDJUA=
=GgpB
-----END PGP SIGNATURE-----
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux
Pull arm64 fix from Will Deacon:
"It's been pretty quiet on the fixes side of things for us, but Artem
reported a build failure introduced during the merge window that
appears with older GCCs that do not support asm goto. The fix is
bigger than I'd like, but it's a mechnical move of some constants to
break an include dependency between atomic.h and jump_label.h when
!HAVE_JUMP_LABEL.
Summary:
- Fix build failure on compilers without asm goto"
* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
arm64: Fix circular include of asm/lse.h through linux/jump_label.h
Pull HID fixes from Jiri Kosina:
- modprobe-after-rmmod load failure bugfix for intel-ish, from Even Xu
- IRQ probing bugfix for intel-ish, from Srinivas Pandruvada
- attribute parsing fix in hid-sensor, from Ooi, Joyce
- other small misc fixes / quirky device additions
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid:
HID: sensor: fix attributes in HID sensor interface
HID: intel-ish-hid: request_irq failure
HID: intel-ish-hid: Fix driver reinit failure
HID: intel-ish-hid: Move DMA disable code to new function
HID: intel-ish-hid: consolidate ish wake up operation
HID: usbhid: add ATEN CS962 to list of quirky devices
HID: intel-ish-hid: Fix !CONFIG_PM build warning
HID: sensor-hub: Fix packing of result buffer for feature report
We recently refactored the Orangefs debugfs code.
The refactor seemed to trigger dan.carpenter@oracle.com's
static tester to find a possible double-free in the code.
While designing the fix we saw a condition under which the
buffer being freed could also be overflowed.
We also realized how to rebuild the related debugfs file's
"contents" (a string) without deleting and re-creating the file.
This fix should eliminate the possible double-free, the
potential overflow and improve code readability.
Signed-off-by: Mike Marshall <hubcap@omnibond.com>
Signed-off-by: Martin Brandenburg <martin@omnibond.com>
Pull i2c fix from Wolfram Sang:
"A bugfix for the I2C core fixing a (rare) race condition"
* 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
i2c: core: fix NULL pointer dereference under race condition
Commit efd9e03fac ("arm64: Use static keys for CPU features")
introduced support for static keys in asm/cpufeature.h, including
linux/jump_label.h. When CC_HAVE_ASM_GOTO is not defined, this causes a
circular dependency via linux/atomic.h, asm/lse.h and asm/cpufeature.h.
This patch moves the capability macros out out of asm/cpufeature.h into
a separate asm/cpucaps.h and modifies some of the #includes accordingly.
Fixes: efd9e03fac ("arm64: Use static keys for CPU features")
Reported-by: Artem Savkov <asavkov@redhat.com>
Tested-by: Artem Savkov <asavkov@redhat.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Pull stack vmap fixups from Thomas Gleixner:
"Two small patches related to sched_show_task():
- make sure to hold a reference on the task stack while accessing it
- remove the thread_saved_pc printout
.. and add a sanity check into release_task_stack() to catch problems
with task stack references"
* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
sched/core: Remove pointless printout in sched_show_task()
sched/core: Fix oops in sched_show_task()
* 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
fork: Add task stack refcounting sanity check and prevent premature task stack freeing
Pull MD fixes from Shaohua Li:
"There are several bug fixes queued:
- fix raid5-cache recovery bugs
- fix discard IO error handling for raid1/10
- fix array sync writes bogus position to superblock
- fix IO error handling for raid array with external metadata"
* tag 'md/4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md:
md: be careful not lot leak internal curr_resync value into metadata. -- (all)
raid1: handle read error also in readonly mode
raid5-cache: correct condition for empty metadata write
md: report 'write_pending' state when array in sync
md/raid5: write an empty meta-block when creating log super-block
md/raid5: initialize next_checkpoint field before use
RAID10: ignore discard error
RAID1: ignore discard error
Two more important data integrity fixes related to RAID device drivers which
wrongly throw away the SYNCHRONIZE CACHE command in the non-RAID path and a
memory leak in the scsi_debug driver
Signed-off-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJYHd5nAAoJEAVr7HOZEZN4BeIP/RmOchL8Xdm2GObAJYeeC5Jv
7jYqcjsV3LHz8ubebRk/GmrcXVmF52VJ0nc6IgcoAhG44kaY99kapah7wDioMci4
DC1m9twxQMfclEjk+8nL59iC4HR+A5TlMRnXf3XRTQ399w9KxGe1jGS2/OIOYpPd
goeQdSfSLxQX87c4eZldotQDY/9NUDe/O0Af3JboX5ySCDnqKiu+xqhE+kXKY7oY
bfsBurF875bER63YCeRIjmc/iO/klYGcm/7wsEJfxDZerY2/Sr6LaAd+bcComWX2
YAcoTwOGHwbjhKUbkHGjsQIaT+VFNOCDfXF1Bm37WTF5/AFiBfHRgQEClXm5I6kD
aRfcwfXeb6jDvUujCksIngSCeQc6/3np9gvmBV6hjKEmn07ny8j7vsDbI2gUL6rs
IVzMrFUw8O/InyooJD9CubnV7cgKnU+3/WIw3J92UudiEDRJSpCiBszoKL7JnOeA
aAeUl3hhQBr50w0nLCFcm65PnHjCY/4VuJ7ZXF6Z1e6y+yd81zrbzHYC4rb9sFsa
3KJ4UgIajhC0t5FxDbwFfOj/b0WhLzqJeMrOnTyI+mrjpHWexNW+iIMw6qRi6yv9
YuL9XvaaRblnmxOEma3A3xiTCQ6mFl4yYcMa4ppBlDgbTZSJff4kRB+Nma/qw1+v
VrKlOiKXC5wYp8jPlRwT
=xrlP
-----END PGP SIGNATURE-----
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull SCSI fixes from James Bottomley:
"Two more important data integrity fixes related to RAID device drivers
which wrongly throw away the SYNCHRONIZE CACHE command in the non-RAID
path and a memory leak in the scsi_debug driver"
* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware
scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded
scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices
- Add missing input validation to the firewire-net driver.
Invalid IP-over-1394 encapsulation headers could trigger
buffer overflows (CVE 2016-8633).
- IP-over-1394 link fragmentation headers were read and written
incorrectly, breaking fragmented RX/TX with other OS's stacks.
-----BEGIN PGP SIGNATURE-----
iQI3BAABCAAhBQJYHgSgGhxzdGVmYW5yQHM1cjYuaW4tYmVybGluLmRlAAoJEHnz
b7JUXXnQFGIP/AvXrsLFgO8vOZd967145Jz0FydmwRBsX1F90xugFIxJI8kRQSN4
MQ/WHPaHl55LqX88VrxDTfN04TAtb243CDPXDnMN6rEzaSY4O7J6JO/zaUKMGyaW
rocX3s3uufIqk/GXDk2+I0Ze6xHynbWEPaoDh0rHYkJcD0NHHi9SJPFZf8RnCx3g
s7GAiU5V9o1SZydY9dCGo66Zl3JSujOsxpbVllT2ux+FWRReea5+O9ntWpPcW+E0
Elc9v7Nt3BcOEDXrVYg8UIIX6RCt8IBDCaF6D7n8JrhU/ag+OH8+KondktU5P+BI
MXcsm92UbM+/739RC7V6JbDSodUn1DisoOTyNmH58ZZerKWWt+7E27WXWuRu9ch7
rBra6pcOhkhO9sHkrwf3DlP9nubAfVbznVxZFOI4O96fnpn284J0RX8brsMOeHcF
iPAIpGc5PLyvyhczZSfokKj9S4kUvbwhNwCnHs32ttdrGSHRIVFKHsipsFFtcts2
K7QAN9mxWtBeP8i3gd5tJO8FT7tvg4Ixtt/BzpsFpxaYk9b/k2RnrSt4b4/0mC2q
fQ6urSQalvffmbU9eMm78NbaFV26s217gZHqqD++tAVLLgkwRaC2k/MucOJJz4xb
5PYoGLDfCusReBP/MYdpqOhAUEBeeZ03IQT7gaGGDQ27x8k1UIpB57Sk
=PxAL
-----END PGP SIGNATURE-----
Merge tag 'firewire-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394
Pull FireWire (IEEE 1394) fixes from Stefan Richter:
- add missing input validation to the firewire-net driver. Invalid
IP-over-1394 encapsulation headers could trigger buffer overflows
(CVE 2016-8633).
- IP-over-1394 link fragmentation headers were read and written
incorrectly, breaking fragmented RX/TX with other OS's stacks.
* tag 'firewire-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394:
firewire: net: fix fragmented datagram_size off-by-one
firewire: net: guard against rx buffer overflows
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYGZuzAAoJEAhfPr2O5OEVEakQAJKu+4OwrzoWajdIibR9IVpP
1gbwqAeTDp4XuHC4WyA8U3no3I5RG+moo4GNv87LNZ/H2ix1EGQn6IwbpYG0YmOB
wdcZ2WViLc4tEYN/Rn7slwjY32dNplra6xNNSb0JHOT5tp6YOCLljqApd9FBvP25
Yo10z0pRL78ce6VbXyDB5JuqUsjtHivzU45/O5M5giDFIngdqFuu0zneQeMbvulF
rCz6HSqNutFaeRMdnbP6f2Vtmd2QjeCY4aYg5kQLqWiuXsdMplp9uJkeYaDgccDp
TF9z33cJlmyPXY6/YH95yfca156EZIVco3yLnNp9Ehmr4S12NV0D3xMKCXPyucEJ
A6FH60zqxe3qUv7sPi6w4MM7ufgq3F/i33lhhDLsNjw0R8m7ijohfIj7HI84XC+z
Jjr44A/7p4hqbfvkBePyLHcqaglWnc0E6LnS7lUgJC4/h7z3H2DMoPaUwkjedAI6
ynd5Ikfw+VvI0UQFyVBBWfH+ol+6BP7QO3TmHES9zfbPNMfhXc3ON4sk9yBzY50S
cH6/TagQVmuk4zA457oAU+rrYR4g+di97Wk3AMi+gKGWu2qZmHE4Tv0gQsNHoPrK
06VD1Ur04khRR3tOQ/OqDMGNyLHbCMIMXeUYc363uZ6wrcmVF5caDZ3oy3i1LNNO
ZALCj0FYwNFmDs7+Ckmq
=MRLH
-----END PGP SIGNATURE-----
Merge tag 'media/v4.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
Pull media fixes from Mauro Carvalho Chehab:
"A series of fixup patches meant to fix the usage of DMA on stack, plus
one warning fixup"
* tag 'media/v4.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (32 commits)
[media] radio-bcm2048: don't ignore errors
[media] pctv452e: fix semicolon.cocci warnings
[media] flexcop-usb: don't use stack for DMA
[media] stk-webcam: don't use stack for DMA
[media] s2255drv: don't use stack for DMA
[media] cpia2_usb: don't use stack for DMA
[media] digitv: handle error code on RC query
[media] dw2102: return error if su3000_power_ctrl() fails
[media] nova-t-usb2: handle error code on RC query
[media] technisat-usb2: use DMA buffers for I2C transfers
[media] pctv452e: don't call BUG_ON() on non-fatal error
[media] pctv452e: don't do DMA on stack
[media] nova-t-usb2: don't do DMA on stack
[media] gp8psk: don't go past the buffer size
[media] gp8psk: don't do DMA on stack
[media] dtv5100: don't do DMA on stack
[media] dtt200u: handle USB control message errors
[media] dtt200u: don't do DMA on stack
[media] dtt200u-fe: handle errors on USB control messages
[media] dtt200u-fe: don't do DMA on stack
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJYHO/8AAoJEFmIoMA60/r8z/0P/1JT1lHNtDgC3RBr5NRy6x+K
9xAfxeHJjxS/6YbFCBgPlzQJBzZMiSHptb/Y44Cqpr8Gz5WWnn18gbdMoBGQFc6k
n7iVvEGlvf2YR3CulqdsUH3/B2hDjNbM45HT2Rwd1agq+qku6nMpXdUix+z7TNEg
Tht/a8XAs77/XOl/uhGSCy5hvGKErcLNrZ1qFWmiUJEsFFgzSx3eqtx2MNJSiJyv
/F9dzDIgNKAOdOv34hYndE+VLwyFAwqzvIgB5J4oLL23+FzRW68yvQgmt45cogTF
NA4uFCfnaSK2Dy7qFOfevRE2AfQcSSfvvsGukQQaFoKyY8Jb6Z8w6WWO0P/RBQsY
ZvmP10JfyjQ5z2SSAMcVNDXR2dL58zc6kuGZISUToX22mMSUsmFMhLq2350657C9
0A8BkfO86z4EfgmO8aiBfgE7A6RrCR6yfouQTTGJ91COYEG60D/mPhlhtkmHE4yd
3tqmBSEw11yv92OLU4DdoXFA7Cbm7DElEk6fPcw5TbbWCwbToTHNo/jHbe+0+Esy
je5AFZe8IIuBHVkN3tcsoaRw2KKCtnBrLbfdyLME6KDXj7eZMg3WWoU0E5uwzIO3
jLOSCBb2dtqrJmiE4sNiYob8wI+jOLsC/XHHczYWnIzLiYyvYeZP6cBhHao0KCLD
/ao0YY6m3eUtwSJZbU2q
=n738
-----END PGP SIGNATURE-----
Merge tag 'pci-v4.9-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
Pull PCI fixes from Bjorn Helgaas:
- fix for a Qualcomm driver issue that causes a use-before-set crash
- fix for DesignWare iATU unroll support that causes external aborts
when enabling the host bridge
* tag 'pci-v4.9-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
PCI: designware: Check for iATU unroll support after initializing host
PCI: qcom: Fix pp->dev usage before assignment
* MAINTAINERS updates to reflect some new maintainers/submaintainers -- we
have some great volunteers who've been developing and reviewing already.
We're going to try a group maintainership model, so eventually you'll
probably see pull requests from people besides me.
* NAND fixes from Boris:
"""
Three simple fixes:
- the first one is fixing a non-critical bug in the gpmi driver
- the second one is fixing a bug in the 'automatic NAND timings
selection' feature introduced in 4.9-rc1
- the last one is fixing a false positive uninitialized-var warning
"""
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJYHSUHAAoJEFySrpd9RFgtnzYQAKROCvMsD8+2k2kxAQiR4HXk
HtAVi7Pma3zBxbNYXyr1ThGS+Woiy4Ln4xrFyo2M4WQBjbwxZJmQ6BZi0WJ1Hmo0
aZ0J+jxZHAqXFMlMqaD40w7khW97oTmQ7elCp7agpunQYo1QkbT/Kq/oO3Jet1GX
lDA3JIbdpdk0nhS5p61tzlgzr6YaXvKQjbUxbtPgMi/sfEBAlG9AaoQWgYrvy0YD
8JXV74Mo7tG/gNVhsNqTAnzgOHevaW1h2Oiy87Rn7os2eCVzSR0TkQ7AEMEBF55x
2PpMhxPvxFn/rwAVyecgtkw8SJODng/ROa7iALoEGJiqSdWjhqpWkqhw4UQiHR2J
mBHFL5+wzsNGyUCPtSmxP+QDK2pueQale3skZivz7twxrRI5OF4DLHMLqktoeqEL
QGXZUzR+2guK0GK70UfsBiNkVjNH0AMCO+AedwhC6cc2Gei2qhivfIdwWNIY9otn
2JMVW+pWYlCCtczatgMb1+7/ZlPH+iLpJZHcs/fAh/MGrSDEcXxP5jOxXo3ZS1sK
jo8CbyRu/QfwWmnkskWfnmPvfbUpIyDmVddYoDmjDvtsea3s3zxvmUb0JhHY8se7
594NRqEXThmf7LkbVIAS5260fBTELu6jh+y+Fsnpd73nUnrZTspDEYKX1CbNM2k7
qpEeyozBpihUF9C6hq7o
=7VFh
-----END PGP SIGNATURE-----
Merge tag 'for-linus-20161104' of git://git.infradead.org/linux-mtd
Pull MTD fixes from Brian Norris:
- MAINTAINERS updates to reflect some new maintainers/submaintainers.
We have some great volunteers who've been developing and reviewing
already. We're going to try a group maintainership model, so
eventually you'll probably see pull requests from people besides me.
- NAND fixes from Boris:
"Three simple fixes:
- fix a non-critical bug in the gpmi driver
- fix a bug in the 'automatic NAND timings selection' feature
introduced in 4.9-rc1
- fix a false positive uninitialized-var warning"
* tag 'for-linus-20161104' of git://git.infradead.org/linux-mtd:
mtd: mtk: avoid warning in mtk_ecc_encode
mtd: nand: Fix data interface configuration logic
mtd: nand: gpmi: disable the clocks on errors
MAINTAINERS: add more people to the MTD maintainer team
MAINTAINERS: add a maintainer for the SPI NOR subsystem
- Fix a nasty file descriptor leak when getting line handles.
- A fix for a cleanup that seemed innocent but created a problem
for drivers instantiating several gpiochips for one single
OF node.
- Fix a unpredictable problem using irq_domain_simple() in the
mvebu driver by converting it to a lineas irqdomain.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYHIVAAAoJEEEQszewGV1zsPoP/1ZhUaz+w+KvKkAj0/6mPqiY
tdzuU+LvC9/jnD80EVfkRVITMGTxKFyK8mtKTdkVd5Y4ZZVpCi6dCxuVSYL7ZmRy
dQnjE+H+o3GuhhSsc1sjYPqG3QqWAF6f2bCqraI3HtbLonD1l7DUphfYSrgpDQoX
yVRG4bwti2vpYMuV4wjA/hKUonsyeVkuO/5QQVdG/xXurOcL9z0ByVC9g2vfRQKu
hw5CWx3XthhE/IWxKg9hjDcj4bYYaHlXfPKaBEzXm3wzF6MatJelVC/gIUZUS3wT
mQY7RdQ4flK+rKjMQkQpG6a+b2hufER687EA7LjQ90CFwWQGwpT7JS9ig8sEnvKd
DUtpk5oQJ99nZbVlMJ32AmFRSnSwUf3snbO8iUZvAa/tELdbBjDeXanzM4WMR4tZ
LExyOXQLksUZttkzUM1SF0G1I/QT83vjdyLec7ssOvxuC6FdmjAtp8x6r2deqijx
wkBMmuLayUFJu+lGCt0ssfOZ+14XquYax+1uVi3Uxb4MMrqEAz8YzBiM+Fyfr9tS
sIAT0g96htF3wdiDbi2WA2LttpAghYpjNj9Mkz7BEcvFQexg4+KneYXA33opLOu7
VVvTU5uJ5vegcAYxnEGjzaK4fgpNGgexyXzQZO3YMtMtnmXgfWmhKBV/7/fsB/E2
odeokW90GQumdU5lEGYS
=QmJl
-----END PGP SIGNATURE-----
Merge tag 'gpio-v4.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio
Pull GPIO fixes from Linus Walleij:
"Some GPIO fixes for the v4.9 series:
- Fix a nasty file descriptor leak when getting line handles.
- A fix for a cleanup that seemed innocent but created a problem for
drivers instantiating several gpiochips for one single OF node.
- Fix a unpredictable problem using irq_domain_simple() in the mvebu
driver by converting it to a lineas irqdomain"
* tag 'gpio-v4.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
gpio/mvebu: Use irq_domain_add_linear
gpio: of: fix GPIO drivers with multiple gpio_chip for a single node
gpio: GPIO_GET_LINE{HANDLE,EVENT}_IOCTL: Fix file descriptor leak
User is unable to access to input-X-yyy and feature-X-yyy where
X is a hex value and more than 9 (e.g. input-a-yyy, feature-b-yyy) in HID
sensor custom sysfs interface.
This is because when creating the attribute, the attribute index is
written to using %x (hex). However, when reading and writing values into
the attribute, the attribute index is scanned using %d (decimal). Hence,
user is unable to access to attributes with index in hex values
(e.g. 'a', 'b', 'c') but able to access to attributes with index in
decimal values (e.g. 1, 2, 3,..).
This fix will change input-%d-%x-%s and feature-%d-%x-%s to input-%x-%x-%s
and feature-%x-%x-%s in show_values() and store_values() accordingly.
Signed-off-by: Ooi, Joyce <joyce.ooi@intel.com>
Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Acked-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
On some platforms ISH interrupt is shared, which causes request_irq to
fail. This requires IRQF_SHARED irq flag.
But IRQF_NO_SUSPEND and IRQF_SHARED should not be used together, so
removed IRQF_NO_SUSPEND flag. Anyway this driver doesn't require
IRQF_NO_SUSPEND, as this interrupt is not required during "noirq" phases
of suspending and resuming devices as well as during the time when
nonboot CPUs are taken offline and brought back online.
Signed-off-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
When built as a module, modprobe followed by rmmod can fail because
DMA was still active. So to fix this, DMA needs to be disabled during
module exit.
This change disables DMA during modules exit and change the ISH PCI
device status to D3.
Signed-off-by: Even Xu <even.xu@intel.com>
Acked-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Add a new function ish_disable_dma() and move DMA disable operations
here, so that this functionality can be reused.
Signed-off-by: Even Xu <even.xu@intel.com>
Acked-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Same operations are done in ish_hw_start() and _ish_hw_reset() to
wakeup ISH device. Consolidate them by introducing a new function
ish_wakeup() and move the code there.
Signed-off-by: Even Xu <even.xu@intel.com>
Acked-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
stack change (after which we can no longer encrypt stuff on the stack).
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYHNwpAAoJECebzXlCjuG++DMP/3mUUAF09DfFR/EHl7knDT1f
kZ53UVHYzr02w0wXfwxVLlp2H7TdSAufgsSvPT6qksA3eY7gL6nJ9zHkl+Nv5yCx
y6vsFWjO1QEUWFOZWCKcmT2dAI3Ddt9IhK13pfZEKN1XKvK2zWB16HEVzSg6fR2K
NwHlpMnQUI4HWThURzwTZb1M5YhxRCAnyiv8BTAAPjbEfzPzdL7j3jxwqtH8bOWp
qIcDDvjC744b9zy0YuAEY/NyGBhYZPdM6gWsBBes1TRzBWUL9qsUYTWDJTmg/F1l
Or0Jz7CUEN9uOHLGnkATPDc+eBg9YFV+bSsSnJu1/W4Er7dX1Af/lol79zEp/Zw1
Snd9FelSPj3vxmYAFTCLnHRTRgsyiDhbbb7gVrzH9bxnCrRNR6p2kY018s1Cl9Td
uWQoNNFQwwnYxWYEeZdO5PgX+pcgoCzhHACNk5oA93YaBE0GuLHHugwwIrYE8TM1
1iY20sLC5lJcnPqxdgnoprZnnHMuL6rx5KRbvBeflNZ4huK2PIcPJyeB83XH6s12
G67PjJ0rfWzSBF14O/ZtQA6he+kXvnH3pKqpNnaMiBxZZ2J8E1eQvrKTLLIwmtlP
18KKJpZIzh7jTTZ/99nAMAt/BGw97P9TToLdnI8dCxYygHEaywpEYtcsE8IWFAvA
3XkS5QdlJhhAaAUUYBXy
=oPbZ
-----END PGP SIGNATURE-----
Merge tag 'nfsd-4.9-1' of git://linux-nfs.org/~bfields/linux
Pull nfsd bugfixes from Bruce Fields:
"Fixes for some recent regressions including fallout from the vmalloc'd
stack change (after which we can no longer encrypt stuff on the
stack)"
* tag 'nfsd-4.9-1' of git://linux-nfs.org/~bfields/linux:
nfsd: Fix general protection fault in release_lock_stateid()
svcrdma: backchannel cannot share a page for send and rcv buffers
sunrpc: fix some missing rq_rbuffer assignments
sunrpc: don't pass on-stack memory to sg_set_buf
nfsd: move blocked lock handling under a dedicated spinlock
Pull btrfs fixes from Chris Mason:
"Some fixes that Dave Sterba collected. We held off on these last week
because I was focused on the memory corruption testing"
* 'for-4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
btrfs: fix WARNING in btrfs_select_ref_head()
Btrfs: remove some no-op casts
btrfs: pass correct args to btrfs_async_run_delayed_refs()
btrfs: make file clone aware of fatal signals
btrfs: qgroup: Prevent qgroup->reserved from going subzero
Btrfs: kill BUG_ON in do_relocation
Pull overlayfs fixes from Miklos Szeredi:
"Fix two more POSIX ACL bugs introduced in 4.8 and add a missing fsync
during copy up to prevent possible data loss"
* 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: fsync after copy-up
ovl: fix get_acl() on tmpfs
ovl: update S_ISGID when setting posix ACLs
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYGoOdAAoJEAx081l5xIa+yxoQAJq5EYvmTQGjP8xP9gh2PaU/
icQP5IWQipr0rZ7TbCsYTys75RDfYJBkbnERIoONGaNCxLvF72mzEfoIG7Abqrrn
uyXb4bipKxxqWLsnb+RwjO5nwcI7lLqbUmU3kqa8XTpwdBFZUPlyGTLfkQKGgfbA
gUrSgUstCskVDoTNRU4/z0hb1yvMVOIffUZ14QIhVp8yk+ljXvgSikSjtbfaKwPX
q4zzD/Ny9zw9dMJgQc6kGNzbABzhdsFfIdt29yxLncg8vfOy2ht6L+1TUIi9NTz2
4Xf9B1E8FnAyOPS9UdVasOIc/FOimoC8A/nwd2Yts5l422dnvRQqeob0w8RQxA4E
4dAeKHiZt+Xt5IeNg2Sj62hdz/4h3y6UU6MRfNpHNGXNWx3M5Og+jnwu5jxsuufz
PA39OgE36C3BBO2YrpZ46QA7Ggl36uLvoD/EcwH+Y0ILSmgBhll2tbEuqk5XjBGY
4OMWjRd+HEkCjA1RBU67OYIJXKwIN6y8fftU1gTjauS2eZUapg+s74zhTVBgs+22
ew4H7h2TTbx/1WjG3YwE1ENn0boxboh4CzfHTYUMfEZpGxW88BzsHvAAqdcV9ou6
DzaGb5JBthX86Q9OxTtQhSFaD66jFU1TCmiPNwVDoDtPasR8jHOXWKGjni4xe/RR
LIJDkcXk1cc1WUcASXf4
=PI1l
-----END PGP SIGNATURE-----
Merge tag 'drm-fixes-for-v4.9-rc4' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
"Fixes for amdgpu, radeon, intel, imx and virtio-gpu.
This is a bit larger than I'd like, but I had some stuff I meant to
send for -rc3 but was waiting for the PAT regression fix to land. So
this is really fixes for rc3 and rc4 in one go.
There are a set of fixes for an oops we've been seeing around MST
display unplug, along with more suspend/resume and shutdown fixes for
amdgpu, one power management follow on fix for nouveau, and set of imx
fixes, and a single virtio-gpu regression fix"
* tag 'drm-fixes-for-v4.9-rc4' of git://people.freedesktop.org/~airlied/linux: (54 commits)
virtio-gpu: fix vblank events
drm/nouveau/acpi: fix check for power resources support
drm/i915: Fix SKL+ 90/270 degree rotated plane coordinate computation
drm/i915: Remove two invalid warns
drm/i915: Rotated view does not need a fence
drm/i915/fbc: fix CFB size calculation for gen8+
drm: i915: Wait for fences on new fb, not old
drm/i915: Clean up DDI DDC/AUX CH sanitation
drm/i915: Respect alternate_aux_channel for all DDI ports
drm/i915/gen9: fix watermarks when using the pipe scaler
drm/i915: Fix mismatched INIT power domain disabling during suspend
drm/i915: fix a read size argument
drm/i915: Use fence_write() from rpm resume
drm/i915/gen9: fix DDB partitioning for multi-screen cases
drm/i915: workaround sparse warning on variable length arrays
drm/i915: keep declarations in i915_drv.h
drm/amd/powerplay: fix bug get wrong evv voltage of Polaris.
drm/amdgpu/si_dpm: workaround for SI kickers
drm/radeon/si_dpm: workaround for SI kickers
drm/amdgpu: fix s3 resume back, uvd dpm randomly can't disable.
...
dw_pcie_iatu_unroll_enabled() reads a dbi_base register. Reading any
dbi_base register before pp->ops->host_init has been called causes
"imprecise external abort" on platforms like ARTPEC-6, where the PCIe
module is disabled at boot and first enabled in pp->ops->host_init. Move
dw_pcie_iatu_unroll_enabled() to dw_pcie_setup_rc(), since it is after
pp->ops->host_init, but before pp->iatu_unroll_enabled is actually used.
Fixes: a0601a4705 ("PCI: designware: Add iATU Unroll feature")
Tested-by: James Le Cuirot <chewi@gentoo.org>
Signed-off-by: Niklas Cassel <niklas.cassel@axis.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Joao Pinto <jpinto@synopsys.com>
Acked-by: Olof Johansson <olof@lixom.net>
during the merge window. The rest are fixes for MIPS, s390 and nested VMX.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAABAgAGBQJYG2H5AAoJEL/70l94x66DK/cH/0jEQ3ynuLAd5CKux7JxI/EP
msSJh1Xqr4+XhXZnuDpGQWrdsBlxoiqA6PsJrUTtyi4nQCDXlT8g+2MDuvqhWIHz
7vw58j/EMJDCVQzYAbN5VDUfk13uB5aSWTo3M9Rf09v0hU1Ql7z8u4CtKEdLpN5Y
LY9bT9fxUmXO7REKP7bdW6ZrDX/hUShYHgMqzXGFMyGBG3ym3a9bggXEzTCD6eNQ
ioogQIWqg+icdhta0iLNAwFClPlcKB2/xo4IUuNgrPwGoHFGJN/8+qxT4+sVbp2B
v8u1zOXlCFXBcskWE+yRRsGe72+mIzz6QScCyO+5HbhKYVfbE9H7KBlFX9rZZ2c=
=IbKx
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull KVM updates from Paolo Bonzini:
"One NULL pointer dereference, and two fixes for regressions introduced
during the merge window.
The rest are fixes for MIPS, s390 and nested VMX"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
kvm: x86: Check memopp before dereference (CVE-2016-8630)
kvm: nVMX: VMCLEAR an active shadow VMCS after last use
KVM: x86: drop TSC offsetting kvm_x86_ops to fix KVM_GET/SET_CLOCK
KVM: x86: fix wbinvd_dirty_mask use-after-free
kvm/x86: Show WRMSR data is in hex
kvm: nVMX: Fix kernel panics induced by illegal INVEPT/INVVPID types
KVM: document lock orders
KVM: fix OOPS on flush_work
KVM: s390: Fix STHYI buffer alignment for diag224
KVM: MIPS: Precalculate MMIO load resume PC
KVM: MIPS: Make ERET handle ERL before EXL
KVM: MIPS: Fix lazy user ASID regenerate for SMP
The most important fix in here is a change which removes the #error
making the topology API unusable as-is since we have recently discovered
some production uses on Chromebooks so need to acknowledge that what
we've got there now is an ABI.
There's also a very big batch of driver specific fixes here which have
kept on being delayed due to more arriving so the update is another of
these bigger than I would like ones. There is one especially big one in
there, for the Qualcomm code which fixes simultaneous playback and
capture which was broken during the merge window. The diff for that is
large because it moves blocks of code to different functions but it's
functionally fairly simple and if it breaks it should have been very
obvious in testing.
-----BEGIN PGP SIGNATURE-----
iQEwBAABCAAaBQJYHNX1Exxicm9vbmllQGtlcm5lbC5vcmcACgkQJNaLcl1Uh9AI
Ugf+N9PfhaautNjc/h6Y3ObYDNI40Y0E6Pm2vspq99DmU9XQikaPeZ99MK19mogY
wu1y1cfTEq5B3u1H9DgU0RoCLWLoFcxK3QebnLhlspUBkY/P7fuUIWGR31k9E3Ov
7sHiT5R6wcbDSkyLwHun07hEMS2hHIHgMCt6EOx96rVFPvqru2VIlmvpak8uE7qp
hx0hq7RmDCDETUdKhuSFYhkrNw4NV0TtNH+jna0m2QUJnVleHuLlkelIvypF8IIg
vyjJ2pP23+/pKbw3w6qx18agzVDOF8jYIudym4ywwMU0zn13ZpLXHuT1cobJdGu1
88TNnJIJZxiM0ppvuZwk2LXtkQ==
=nhm9
-----END PGP SIGNATURE-----
Merge tag 'asoc-fix-v4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v4.9
The most important fix in here is a change which removes the #error
making the topology API unusable as-is since we have recently discovered
some production uses on Chromebooks so need to acknowledge that what
we've got there now is an ABI.
There's also a very big batch of driver specific fixes here which have
kept on being delayed due to more arriving so the update is another of
these bigger than I would like ones. There is one especially big one in
there, for the Qualcomm code which fixes simultaneous playback and
capture which was broken during the merge window. The diff for that is
large because it moves blocks of code to different functions but it's
functionally fairly simple and if it breaks it should have been very
obvious in testing.
Pull MIPS fixes from Ralf Baechle:
"A set of MIPS fixes for 4.9:
- lots of fixes for printk continuations
- six fixes for FP related code.
- fix max_low_pfn with disabled highmem
- fix KASLR handling of NULL FDT and KASLR for generic kernels
- fix build of compressed image
- provide default mips_cpc_default_phys_base to ignore CPC
- fix reboot on Malta"
* 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
MIPS: Fix max_low_pfn with disabled highmem
MIPS: Correct MIPS I FP sigcontext layout
MIPS: Fix ISA I/II FP signal context offsets
MIPS: Remove FIR from ISA I FP signal context
MIPS: Fix ISA I FP sigcontext access violation handling
MIPS: Fix FCSR Cause bit handling for correct SIGFPE issue
MIPS: ptrace: Also initialize the FP context on individual FCSR writes
MIPS: dump_tlb: Fix printk continuations
MIPS: Fix __show_regs() output
MIPS: traps: Fix output of show_code
MIPS: traps: Fix output of show_stacktrace
MIPS: traps: Fix output of show_backtrace
MIPS: Fix build of compressed image
MIPS: generic: Fix KASLR for generic kernel.
MIPS: KASLR: Fix handling of NULL FDT
MIPS: Malta: Fixup reboot
MIPS: CPC: Provide default mips_cpc_default_phys_base to ignore CPC