[ Upstream commit 4f45d62a52297b10ded963412a158685647ecdec ]
The following error occurs for the `make ARCH=arm64 checkstack` case:
aarch64-linux-gnu-objdump -d vmlinux $(find . -name '*.ko') | \
perl ./scripts/checkstack.pl arm64
wrong or unknown architecture "arm64"
As suggested by Masahiro Yamada, fix the above error using regular
expressions in the same way it was fixed for the `ARCH=x86` case via
commit fda9f9903b ("scripts/checkstack.pl: automatically handle
32-bit and 64-bit mode for ARCH=x86").
Suggested-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: George G. Davis <george_davis@mentor.com>
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 56cd0aefa475079e9613085b14a0f05037518fed ]
The PERF_EVENT_IOC_PERIOD ioctl command can be used to change the
sample period of a running perf_event. Consequently, when calculating
the next event period, the new period will only be considered after the
previous one has overflowed.
This patch changes the calculation of the remaining event ticks so that
they are offset if the period has changed.
See commit 3581fe0ef3 ("ARM: 7556/1: perf: fix updated event period in
response to PERF_EVENT_IOC_PERIOD") for details.
Signed-off-by: Young Xiao <92siuyang@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 2e1f164861e500f4e068a9d909bbd3fcc7841483 ]
When doing a loopback test at copper ports, the serdes loopback
and the phy loopback will fail, because of the adjust link had
not finished, and phy not ready.
Adds sleep between adjust link and test process to fix it.
Signed-off-by: Yonglong Liu <liuyonglong@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit f532beeeff0c0a3586cc15538bc52d249eb19e7c ]
Fixes gcc '-Wunused-but-set-variable' warning:
arch/mips/kernel/uprobes.c: In function 'arch_uprobe_pre_xol':
arch/mips/kernel/uprobes.c:115:17: warning: variable 'epc' set but not used [-Wunused-but-set-variable]
It's never used since introduction in
commit 40e084a506 ("MIPS: Add uprobes support.")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Paul Burton <paul.burton@mips.com>
Cc: <ralf@linux-mips.org>
Cc: <jhogan@kernel.org>
Cc: <linux-kernel@vger.kernel.org>
Cc: <linux-mips@vger.kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 6d517353c70bb0818b691ca003afdcb5ee5ea44e ]
By code inspection, the freeze_work is never canceled.
Fix by adding a cancel_work_sync in the shutdown path to insure it is no
longer running.
Fixes: 7724105686 ("IB/hfi1: add driver files")
Reviewed-by: Michael J. Ruhl <michael.j.ruhl@intel.com>
Reviewed-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: Mike Marciniszyn <mike.marciniszyn@intel.com>
Signed-off-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
commit 8404d7a674c49278607d19726e0acc0cae299357 upstream.
A packed AppArmor policy contains null-terminated tag strings that are read
by unpack_nameX(). However, unpack_nameX() uses string functions on them
without ensuring that they are actually null-terminated, potentially
leading to out-of-bounds accesses.
Make sure that the tag string is null-terminated before passing it to
strcmp().
Cc: stable@vger.kernel.org
Fixes: 736ec752d9 ("AppArmor: policy routines for loading and unpacking policy")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 7c7da40da1640ce6814dab1e8031b44e19e5a3f6 upstream.
In the case of compat syscall ioctl numbers for UI_BEGIN_FF_UPLOAD and
UI_END_FF_UPLOAD need to be adjusted before being passed on
uinput_ioctl_handler() since code built with -m32 will be passing
slightly different values. Extend the code already covering
UI_SET_PHYS to cover UI_BEGIN_FF_UPLOAD and UI_END_FF_UPLOAD as well.
Reported-by: Pierre-Loup A. Griffais <pgriffais@valvesoftware.com>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit c19dffc0a9511a7d7493ec21019aefd97e9a111b upstream.
An endpoint conflict occurs when the USB is working in device mode
during an isochronous communication. When the endpointA IN direction
is an isochronous IN endpoint, and the host sends an IN token to
endpointA on another device, then the OUT transaction may be missed
regardless the OUT endpoint number. Generally, this occurs when the
device is connected to the host through a hub and other devices are
connected to the same hub.
The affected OUT endpoint can be either control, bulk, isochronous, or
an interrupt endpoint. After the OUT endpoint is primed, if an IN token
to the same endpoint number on another device is received, then the OUT
endpoint may be unprimed (cannot be detected by software), which causes
this endpoint to no longer respond to the host OUT token, and thus, no
corresponding interrupt occurs.
There is no good workaround for this issue, the only thing the software
could do is numbering isochronous IN from the highest endpoint since we
have observed most of device number endpoint from the lowest.
Cc: <stable@vger.kernel.org> #v3.14+
Cc: Fabio Estevam <festevam@gmail.com>
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Sergei Shtylyov <sergei.shtylyov@cogentembedded.com>
Cc: Jun Li <jun.li@nxp.com>
Signed-off-by: Peter Chen <peter.chen@nxp.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 6f303d60534c46aa1a239f29c321f95c83dda748 upstream.
We already did this for clang, but now gcc has that warning too. Yes,
yes, the address may be unaligned. And that's kind of the point.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 0c97bf863efce63d6ab7971dad811601e6171d2f upstream.
Starting with GCC 9, -Warray-bounds detects cases when memset is called
starting on a member of a struct but the size to be cleared ends up
writing over further members.
Such a call happens in the trace code to clear, at once, all members
after and including `seq` on struct trace_iterator:
In function 'memset',
inlined from 'ftrace_dump' at kernel/trace/trace.c:8914:3:
./include/linux/string.h:344:9: warning: '__builtin_memset' offset
[8505, 8560] from the object at 'iter' is out of the bounds of
referenced subobject 'seq' with type 'struct trace_seq' at offset
4368 [-Warray-bounds]
344 | return __builtin_memset(p, c, size);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In order to avoid GCC complaining about it, we compute the address
ourselves by adding the offsetof distance instead of referring
directly to the member.
Since there are two places doing this clear (trace.c and trace_kdb.c),
take the chance to move the workaround into a single place in
the internal header.
Link: http://lkml.kernel.org/r/20190523124535.GA12931@gmail.com
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
[ Removed unnecessary parenthesis around "iter" ]
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 240b4cc8fd5db138b675297d4226ec46594d9b3b upstream.
Once we unlock adapter->hw_lock in pvscsi_queue_lck() nothing prevents just
queued scsi_cmnd from completing and freeing the request. Thus cmd->cmnd[0]
dereference can dereference already freed request leading to kernel crashes
or other issues (which one of our customers observed). Store cmd->cmnd[0]
in a local variable before unlocking adapter->hw_lock to fix the issue.
CC: <stable@vger.kernel.org>
Signed-off-by: Jan Kara <jack@suse.cz>
Reviewed-by: Ewan D. Milne <emilne@redhat.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 867bfa4a5fcee66f2b25639acae718e8b28b25a5 upstream.
load_flat_shared_library() is broken: It only calls load_flat_file() if
prepare_binprm() returns zero, but prepare_binprm() returns the number of
bytes read - so this only happens if the file is empty.
Instead, call into load_flat_file() if the number of bytes read is
non-negative. (Even if the number of bytes is zero - in that case,
load_flat_file() will see nullbytes and return a nice -ENOEXEC.)
In addition, remove the code related to bprm creds and stop using
prepare_binprm() - this code is loading a library, not a main executable,
and it only actually uses the members "buf", "file" and "filename" of the
linux_binprm struct. Instead, call kernel_read() directly.
Link: http://lkml.kernel.org/r/20190524201817.16509-1-jannh@google.com
Fixes: 287980e49ffc ("remove lots of IS_ERR_VALUE abuses")
Signed-off-by: Jann Horn <jannh@google.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Kees Cook <keescook@chromium.org>
Cc: Nicolas Pitre <nicolas.pitre@linaro.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Greg Ungerer <gerg@linux-m68k.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Data pointer may be NULL, check for reset value
to be false in that case and return EINVAL for
invalid argument.
Change-Id: I05a4aa96724c123516a7965bd0e939bdf0c86553
Signed-off-by: Mohammed Javid <mjavid@codeaurora.org>
During dwc3 suspend clk_disable is directly getting
called without calling clk_enable in dwc3 resume
functionality for SS Phy. This fix add a check and
disables clock only if it is enabled.
Change-Id: Id4c4a71ca4e57274c0f09a83ce4d22fe13909cd1
Signed-off-by: Chetan C R <cravin@codeaurora.org>
The charger associated with MSM8996 does not support
HVDCP detection by default. Enable DP DM pulsing support
so that charger driver can support HVDCP detection.
And all the 8996 platforms does not have this charger,
hence enable the pulsing support on those platforms
where this charger is present.
Change-Id: I70549df99bd11303d7c334227c869767f5ea51a8
Signed-off-by: Sriharsha Allenki <sallenki@codeaurora.org>
get_task_struct used to reserve 'selected' outside rcu_read_lock block.
Remove the need for get_task_mm, removing the possibility of lock issues there.
Bug: 133479338
Signed-off-by: Jim Blackler <jimblackler@google.com>
Change-Id: I1399e2f669242c04e0e397bc09c987358aa97a0a
Conflicting lock events have been reported resulting from
rcu_read_lock, mmap_sem (in get_cmdline) and lmk_event_lock.
This CL avoids the possibility of these conditions by moving
handle_lmk_event outside rcu_read_lock and invoking get_cmdline before
lmk_event_lock is taken.
Bug: 133479338, 133829075
Signed-off-by: Jim Blackler <jimblackler@google.com>
Change-Id: Ib3c32587472bd972e3ac108798e2af3f4a5c329a
In case best_frame is not populated with virtual/physical capable frame,
NULL pointer is passed as an argument to of_iomap .To avoid NULL pointer
dereference add a check before.
Change-Id: Ia7bad6630662ee3a4ad7c9226f9d3858b2e7a36c
Signed-off-by: Ankit Mishra <ankimi@codeaurora.org>
The region index for bivcm is not validated against the region size.
This causes out-of-bound read on the KASAN kernel.
Add restriction that region index smaller than region size.
CRs-Fixed: 2379514
Change-Id: I72c4a41a4b41c8fa70c174ffd3215a81eaa14355
Signed-off-by: Haibin Liu <haibinl@codeaurora.org>
The dtb.img is made by concatenating all the compiled dtbs
after the kernel is compiled. This dtb.img is then added to be
a part of the boot.img.
Change-Id: I9684126c312e3f5988b1eaa298b37037a11fe747
Signed-off-by: Rahul Shahare <rshaha@codeaurora.org>
Enable CONFIG_HID_SONY for compliance with android Q CTS suite
requirement for SDM660 and MSM8998.
Change-Id: Ie87d55f861c47a018b7b368b58ef79f46d449268
Signed-off-by: Swetha Chikkaboraiah <schikk@codeaurora.org>
user space can send commit message with dest scaler structure populated,
this would cause null pointer access, if dest scaler is not initialized,
this change validate if target supports dest scaler.
Change-Id: I37516f4704a013d4628688930783d6e7ab93277f
Signed-off-by: Raghavendra Ambadas <rambad@codeaurora.org>
when pending requests are present due to drop_reconfig,
avoid skip_all programming to hardware during epoch event.
Change-Id: I9a56d179c30484c99c36bf1a9d60e8071fdd4a9a
Signed-off-by: Srikanth Uyyala <suyyala@codeaurora.org>
Signed-off-by: Sumalatha Malothu <smalot@codeaurora.org>
trace log support added for important VFE events,
these traces can be enabled with camera trace event.
Change-Id: I1e5c043ad3b69df632ff63130ff8eea10ab2097c
Signed-off-by: Srikanth Uyyala <suyyala@codeaurora.org>
Signed-off-by: Sumalatha Malothu <smalot@codeaurora.org>
Fix page fault in ISP when there is no reg update
for two consecutive request frame time.
Change-Id: Ie246f146c1ec0785e0e6fa0671dd2ff28fbe6b38
Signed-off-by: Lokesh Kumar Aakulu <lkumar@codeaurora.org>
Signed-off-by: Sumalatha Malothu <smalot@codeaurora.org>
There is possibility that due to scheduling latency of tasklet,
user threads VFE hardware could not be updated intime resulting
in fatal error, invalid memory access. Added logic to track
and gracefully handle the scheduling issues.
Change-Id: I29acde4fe23a59e6ff0e5190e1c4b9c59f6ae08f
Signed-off-by: Srikanth Uyyala <suyyala@codeaurora.org>
Signed-off-by: Sumalatha Malothu <smalot@codeaurora.org>
Sub-system shutdown timeout is 20 seconds. In wlan platform driver,
modem block shutdown timeout should be less than sub-system timeout.
Hence, change block shutdown timeout to 15 seconds.
Change-Id: I936e0c462858727b86b35b924dd124a5d1434780
Signed-off-by: Mohammed Siddiq <msiddiq@codeaurora.org>
Zero initialize the local variables that store information from the
remote. On the chance reading from the remote fails, the data in these
structs will now be zero instead of stale data.
Change-Id: Iafaeb71a5dc57e27a34b4250ea529fbe27df2393
Signed-off-by: Chris Lew <clew@codeaurora.org>
This change disables dynamic bind/unbind capability
for CPP/JPEG/FD modules since it is not currently supported.
Change-Id: Ice692d7d700c3b7a75463b109265f958993031eb
Signed-off-by: Venu Raidu <vraidu@codeaurora.org>
Signed-off-by: Sumalatha Malothu <smalot@codeaurora.org>
* refs/heads/tmp-282d84a
Linux 4.4.184
tcp: refine memory limit test in tcp_fragment()
Change-Id: I99ffacfb623b2cc5acb0401a3dfc08bae6461810
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
