TDM dai driver support optional clk attribute configuration from device
tree. To configure TDM interface as PCM mode, the clk attribute
should be couple no.
Implement set_sysclk callback to update TDM interface clk freq.
CRs-Fixed: 2054358
Change-Id: I41edaa8d99325e9582e04ddb81a6ad5b5e4435bc
Signed-off-by: Cong Tang <congt@codeaurora.org>
Assign the logical device number in the
swr_reset function so that the dev_num of
the speaker device is assigned to the
correct one after a reset event.
CRs-fixed: 2039206
Change-Id: Ief3c65c3b36c93e7dcf775413e527e92d9ec7b0c
Signed-off-by: Karthikeyan Mani <kmani@codeaurora.org>
This is a debug enhance feature. It shows rejuvenation
info in ICNSS stats report, which makes it easier to
track the reason for every rejuvenation.
CRs-Fixed: 2072253
Change-Id: I6d133b4b182943ed745d7587bd1ec23858c29750
Signed-off-by: Yuanyuan Liu <yuanliu@codeaurora.org>
Support PRI_TDM_TX routing to QUAT_TDM_RX port mixer for HFP downlink
usecase.
Change-Id: I18babd519c2a623898f4d3913e9e7b900e86c22c
CRs-Fixed: 2054358
Signed-off-by: Cong Tang <congt@codeaurora.org>
A race condition between queueing and processing the disable_work
instances results in having a work instance in the queue and the
deferred_disables variable of regulator device structure having a
value '0'. If no new regulator_disable_deferred() call later from
clients, the deferred_disables variable value remains '0' and hits
BUG() in regulator_disable_work() when the queued instance scheduled
for processing the work.
The race occurs as below:
Core-0 Core-1
..... /* deferred_disables = 2 */ .....
..... /* disable_work is queued */ .....
..... .....
regulator_disable_deferred: regulator_disable_work:
mutex_lock(&rdev->mutex); .....
rdev->deferred_disables++; mutex_lock(&rdev->mutex);
mutex_unlock(&rdev->mutex); .....
queue_delayed_work(...) count =rdev->deferred_disables;
..... rdev->deferred_disables = 0;
..... .....
..... mutex_unlock(&rdev->mutex);
..... .....
..... return;
..... .....
/* No new regulator_disable_deferred() calls from clients */
/* The newly queued instance is scheduled for processing */
..... .....
regulator_disable_work:
.....
mutex_lock(&rdev->mutex);
BUG_ON(!rdev->deferred_disables); /* deferred_disables = 0 */
The race is fixed by removing the work instance that is queued while
processing the previous queued instance. Cancel the newly queued instance
from disable_work() handler just after reset the deferred_disables variable
to value '0'. Also move the work queueing step before mutex_unlock in
regulator_disable_deferred().
Also use mod_delayed_work() in the pace of queue_delayed_work() as
queue_delayed_work() always uses the delay requested in the first call
when multiple consumers call regulator_disable_deferred() close in time
and does not guarantee the semantics of regulator_disable_deferred().
CRs-Fixed: 2064610
Change-Id: Iacaddc5e2f5c9998c4d038bdc10c4587cbf4812e
Signed-off-by: Tirupathi Reddy <tirupath@codeaurora.org>
* refs/heads/tmp-8c91412:
Linux 4.4.75
nvme: apply DELAY_BEFORE_CHK_RDY quirk at probe time too
nvme/quirk: Add a delay before checking for adapter readiness
net: phy: fix marvell phy status reading
net: phy: Initialize mdio clock at probe function
usb: gadget: f_fs: avoid out of bounds access on comp_desc
powerpc/slb: Force a full SLB flush when we insert for a bad EA
mtd: spi-nor: fix spansion quad enable
of: Add check to of_scan_flat_dt() before accessing initial_boot_params
rxrpc: Fix several cases where a padded len isn't checked in ticket decode
USB: usbip: fix nonconforming hub descriptor
drm/amdgpu: adjust default display clock
drm/amdgpu/atom: fix ps allocation size for EnableDispPowerGating
drm/radeon: add a quirk for Toshiba Satellite L20-183
drm/radeon: add a PX quirk for another K53TK variant
iscsi-target: Reject immediate data underflow larger than SCSI transfer length
target: Fix kref->refcount underflow in transport_cmd_finish_abort
time: Fix clock->read(clock) race around clocksource changes
Input: i8042 - add Fujitsu Lifebook AH544 to notimeout list
powerpc/kprobes: Pause function_graph tracing during jprobes handling
signal: Only reschedule timers on signals timers have sent
HID: Add quirk for Dell PIXART OEM mouse
CIFS: Improve readdir verbosity
KVM: PPC: Book3S HV: Preserve userspace HTM state properly
lib/cmdline.c: fix get_options() overflow while parsing ranges
autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL
fs/exec.c: account for argv/envp pointers
UPSTREAM: drivers/perf: arm-pmu: fix RCU usage on pmu resume from low-power
UPSTREAM: drivers/perf: arm_pmu: implement CPU_PM notifier
ANDROID: squashfs: Fix endianness issue
ANDROID: squashfs: Fix signed division issue
Change-Id: Iabe0921dd7b9a582f5237235338ef0f730de7edb
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
When a RX pipe runs out of buffers, a delayed work is scheduled
to re-attempt the replenish process but the single threaded
workqueue will not process that work till the existing work is
retired. The existing work will be retired after sufficient
inacvitivty is detected but in this corner-case, we can do this
immediately since no further packets will be received.
Change-Id: Ia12a35aaadcb95c94471ae0ffea8c61a9a3d26f7
CRs-Fixed: 854938
Acked-by: Ady Abraham <adya@qti.qualcomm.com>
Signed-off-by: Skylar Chang <chiaweic@codeaurora.org>
ALSA lacks support to accept shared memory supplied
from userspace. But some usecases need to get a shareable
file descriptor for the dma buffer. As an alternate
to adding custom ioctls to the ALSA framework, use
a hwdep node to get a file descriptor to the underlying dma buffer.
Maintain compat mode as well.
CRs-Fixed: 2041151
Change-Id: Id783bb84e8ef59b28e42d982903971625577b9a3
Signed-off-by: Haynes Mathew George <hgeorge@codeaurora.org>
Zero out cnss_utils priv structure during initalization to make
sure it starts cleanly.
CRs-Fixed: 2072421
Change-Id: I72caa5fb7e1df16b018165d277cd3a404b81c304
Signed-off-by: Yuanyuan Liu <yuanliu@codeaurora.org>
The spcom allows only one owner per channel, so only one app can open()
a channel char device at a time.
However, the channel owner process might share the channel file
descriptor (fd) with other threads, that might write() concurrently
a command to spcom, that can cause a race.
Add a mutex to "serialize" handling of the commands.
Change-Id: Ief9c6c48a862444dfff66d14d2317568cd6e81e6
Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
Currently driver is enabling autoresume feature even if no device is
connected which is not required. Hence enable auto resume only when
any HS/FS/LS devices are connected during bus suspend.
Change-Id: Id02a357597dde64fe4026ccaacf73bf3abd4b565
Signed-off-by: Vijayavardhan Vennapusa <vvreddy@codeaurora.org>
For downscaling a 32 BPP surface with scale ratio greater than
or equal to 3.5, it is recommended to increase the mdp core clock
by 10%. This is to avoid any stalls on the bus during high concurreny
scenarios.
Change-Id: I77c8c25c73e4232271a93397e52798a6d5d74cf3
Signed-off-by: Krishna Chaitanya Devarakonda <kdevarak@codeaurora.org>
Access to dma shared buffer is set at device probe, avoid making
multiple hypervisor assign calls for the same buffer.
Change-Id: I91f7dd0bca109fa774af49159bdec57b8acd65b2
Signed-off-by: Sathish Ambley <sathishambley@codeaurora.org>
Acked-by: Viswanatham Paduchuri <vpaduchu@qti.qualcomm.com>
Set FDE encryption key size to 256bit for sdm660_64
target.
Change-Id: Ib90068dc1a4a7c1caa1a65753c1b91827b1eb798
Signed-off-by: Neeraj Soni <neersoni@codeaurora.org>
Add a check to ensure that the acquire fence count
does not exceed the maximum possible value.
Change-Id: I7198899be2d720214152d49fdbb6b6a69750fb3a
Signed-off-by: Krishna Manikandan <mkrishn@codeaurora.org>
Signed-off-by: Sachin Bhayare <sachin.bhayare@codeaurora.org>
Make sure to use proper locks when using the
vma_struct_area. This will avoid the race condition
in a scenario where one thread gets a vma_struct_area
and other thread is unmapping the vma from the process.
Change-Id: I6c7837d1a8dd24fc6955ab5be8b1917a42f2cb53
Signed-off-by: Sunil Khatri <sunilkh@codeaurora.org>
This reverts commit 2bb686dccd ("defconfig: arm64: msm: Enable
virtual platform"). The configs added in this change are not in
proper state and have build failures.
Change-Id: I30922e76761a1c436b54fb07f376ad9a5f5718f8
Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAllc3f0ACgkQONu9yGCS
aT4fmA/+OHeYbhpaMRKqrUpsxB3NpROr2Z47ow6vaVjYZzd0irrODLlfIfDQ6EEo
N3v28povu16VeYXk+4h8bsAP2K2j6/BlRaSi2hB6dmnY8GDMaXEfRojPYAlzVz50
qnK/6152siDDarUx1h5Zc8GcmX/tEl6h3bOOxDcwLR+RvyIcWxenuR+uqRM/AV6o
BPEiOuMu7P6LjID7KYgBTFNajVBMLrDXt4SCWdzOZmlNt0QXgKB9yw68vTcc+edC
ZcXqa0M6nEWSDvwobbwBZhFL8H2dJjzweyjeFBgxnxgmOrRh6kvZG2wsz2c8O3/P
g8TuMxU7siu+I3lFwKy+dgZ/1REz+6Q3oFBqXsuddrcPYu23rV6mz/GxqWy4cerb
M4eTWz6L9vA2GoYpvBaWi0tKC9tkNM49g48Y24a6CW1O4dJWlz3RrpTiZmequbNF
mo8EKomSXn4kYAm1xT03DGljQkK/i2JtyI5sk2hLEqqxKvZ/3q9xxLLKOVx8dPvs
PIbfpapfYMXXMWgR6e+UKueNLgevfWE12X/OU4SgvSY4n/07/mH40XEd3zd82IsZ
1Mw0qj3JnqCAFDBBMsDYa+OvABaGD1dHARuiv+aeqW8tqoBglFHxWqF+SQVNXLIE
qTLiKz78vjQpH0zGpkA3HEOh/h4L7a0y3qRMECsk5SUxXsgu1gg=
=bwNU
-----END PGP SIGNATURE-----
Merge 4.4.76 into android-4.4
Changes in 4.4.76
ipv6: release dst on error in ip6_dst_lookup_tail
net: don't call strlen on non-terminated string in dev_set_alias()
decnet: dn_rtmsg: Improve input length sanitization in dnrmg_receive_user_skb
net: Zero ifla_vf_info in rtnl_fill_vfinfo()
af_unix: Add sockaddr length checks before accessing sa_family in bind and connect handlers
Fix an intermittent pr_emerg warning about lo becoming free.
net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx
igmp: acquire pmc lock for ip_mc_clear_src()
igmp: add a missing spin_lock_init()
ipv6: fix calling in6_ifa_hold incorrectly for dad work
net/mlx5: Wait for FW readiness before initializing command interface
decnet: always not take dst->__refcnt when inserting dst into hash table
net: 8021q: Fix one possible panic caused by BUG_ON in free_netdev
sfc: provide dummy definitions of vswitch functions
ipv6: Do not leak throw route references
rtnetlink: add IFLA_GROUP to ifla_policy
netfilter: xt_TCPMSS: add more sanity tests on tcph->doff
netfilter: synproxy: fix conntrackd interaction
NFSv4: fix a reference leak caused WARNING messages
drm/ast: Handle configuration without P2A bridge
mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff()
MIPS: Avoid accidental raw backtrace
MIPS: pm-cps: Drop manual cache-line alignment of ready_count
MIPS: Fix IRQ tracing & lockdep when rescheduling
ALSA: hda - Fix endless loop of codec configure
ALSA: hda - set input_path bitmap to zero after moving it to new place
drm/vmwgfx: Free hash table allocated by cmdbuf managed res mgr
usb: gadget: f_fs: Fix possibe deadlock
sysctl: enable strict writes
block: fix module reference leak on put_disk() call for cgroups throttle
mm: numa: avoid waiting on freed migrated pages
KVM: x86: fix fixing of hypercalls
scsi: sd: Fix wrong DPOFUA disable in sd_read_cache_type
scsi: lpfc: Set elsiocb contexts to NULL after freeing it
qla2xxx: Fix erroneous invalid handle message
ARM: dts: BCM5301X: Correct GIC_PPI interrupt flags
net: mvneta: Fix for_each_present_cpu usage
MIPS: ath79: fix regression in PCI window initialization
net: korina: Fix NAPI versus resources freeing
MIPS: ralink: MT7688 pinmux fixes
MIPS: ralink: fix USB frequency scaling
MIPS: ralink: Fix invalid assignment of SoC type
MIPS: ralink: fix MT7628 pinmux typos
MIPS: ralink: fix MT7628 wled_an pinmux gpio
mtd: bcm47xxpart: limit scanned flash area on BCM47XX (MIPS) only
bgmac: fix a missing check for build_skb
mtd: bcm47xxpart: don't fail because of bit-flips
bgmac: Fix reversed test of build_skb() return value.
net: bgmac: Fix SOF bit checking
net: bgmac: Start transmit queue in bgmac_open
net: bgmac: Remove superflous netif_carrier_on()
powerpc/eeh: Enable IO path on permanent error
gianfar: Do not reuse pages from emergency reserve
Btrfs: fix truncate down when no_holes feature is enabled
virtio_console: fix a crash in config_work_handler
swiotlb-xen: update dev_addr after swapping pages
xen-netfront: Fix Rx stall during network stress and OOM
scsi: virtio_scsi: Reject commands when virtqueue is broken
platform/x86: ideapad-laptop: handle ACPI event 1
amd-xgbe: Check xgbe_init() return code
net: dsa: Check return value of phy_connect_direct()
drm/amdgpu: check ring being ready before using
vfio/spapr: fail tce_iommu_attach_group() when iommu_data is null
virtio_net: fix PAGE_SIZE > 64k
vxlan: do not age static remote mac entries
ibmveth: Add a proper check for the availability of the checksum features
kernel/panic.c: add missing \n
HID: i2c-hid: Add sleep between POWER ON and RESET
scsi: lpfc: avoid double free of resource identifiers
spi: davinci: use dma_mapping_error()
mac80211: initialize SMPS field in HT capabilities
x86/mpx: Use compatible types in comparison to fix sparse error
coredump: Ensure proper size of sparse core files
swiotlb: ensure that page-sized mappings are page-aligned
s390/ctl_reg: make __ctl_load a full memory barrier
be2net: fix status check in be_cmd_pmac_add()
perf probe: Fix to show correct locations for events on modules
net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV
sctp: check af before verify address in sctp_addr_id2transport
ravb: Fix use-after-free on `ifconfig eth0 down`
jump label: fix passing kbuild_cflags when checking for asm goto support
xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY
xfrm: NULL dereference on allocation failure
xfrm: Oops on error in pfkey_msg2xfrm_state()
watchdog: bcm281xx: Fix use of uninitialized spinlock.
sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting
ARM64/ACPI: Fix BAD_MADT_GICC_ENTRY() macro implementation
ARM: 8685/1: ensure memblock-limit is pmd-aligned
x86/mpx: Correctly report do_mpx_bt_fault() failures to user-space
x86/mm: Fix flush_tlb_page() on Xen
ocfs2: o2hb: revert hb threshold to keep compatible
iommu/vt-d: Don't over-free page table directories
iommu: Handle default domain attach failure
iommu/amd: Fix incorrect error handling in amd_iommu_bind_pasid()
cpufreq: s3c2416: double free on driver init error path
KVM: x86: fix emulation of RSM and IRET instructions
KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh()
KVM: x86: zero base3 of unusable segments
KVM: nVMX: Fix exception injection
Linux 4.4.76
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
There is a dead loop in kgsl_devfreq_target(), while governor request
to change GPU frequency. In governor 'userspace' mode, If the requested
frequency (set_freq) is more than the configured frequency and max_freq
is also set to more than the configured frequency, then there is a dead
loop while changing target frequency.
Dead loop occurs due to comparing signed integer with unsigned integer.
So, type casting unsigned integer to signed integer will terminate the
loop when loop variable is less than zero.
Change-Id: Ic82b7477d50d1abcd348b011f64246066887922c
Signed-off-by: Venkateswara Rao Tadikonda <vtadik@codeaurora.org>
Currently, there is a possibility of out-of-bound access while
processing data received from user space. The patch adds proper
checks for valid address.
CRs-Fixed: 2048536
Change-Id: I1e0fc7a9d69e69f3326429d5d9540dd3bb1a59b0
Signed-off-by: Hardik Arya <harya@codeaurora.org>
commit d4912215d1031e4fb3d1038d2e1857218dba0d0a upstream.
WARNING: CPU: 3 PID: 2840 at arch/x86/kvm/vmx.c:10966 nested_vmx_vmexit+0xdcd/0xde0 [kvm_intel]
CPU: 3 PID: 2840 Comm: qemu-system-x86 Tainted: G OE 4.12.0-rc3+ #23
RIP: 0010:nested_vmx_vmexit+0xdcd/0xde0 [kvm_intel]
Call Trace:
? kvm_check_async_pf_completion+0xef/0x120 [kvm]
? rcu_read_lock_sched_held+0x79/0x80
vmx_queue_exception+0x104/0x160 [kvm_intel]
? vmx_queue_exception+0x104/0x160 [kvm_intel]
kvm_arch_vcpu_ioctl_run+0x1171/0x1ce0 [kvm]
? kvm_arch_vcpu_load+0x47/0x240 [kvm]
? kvm_arch_vcpu_load+0x62/0x240 [kvm]
kvm_vcpu_ioctl+0x384/0x7b0 [kvm]
? kvm_vcpu_ioctl+0x384/0x7b0 [kvm]
? __fget+0xf3/0x210
do_vfs_ioctl+0xa4/0x700
? __fget+0x114/0x210
SyS_ioctl+0x79/0x90
do_syscall_64+0x81/0x220
entry_SYSCALL64_slow_path+0x25/0x25
This is triggered occasionally by running both win7 and win2016 in L2, in
addition, EPT is disabled on both L1 and L2. It can't be reproduced easily.
Commit 0b6ac343fc (KVM: nVMX: Correct handling of exception injection) mentioned
that "KVM wants to inject page-faults which it got to the guest. This function
assumes it is called with the exit reason in vmcs02 being a #PF exception".
Commit e011c663 (KVM: nVMX: Check all exceptions for intercept during delivery to
L2) allows to check all exceptions for intercept during delivery to L2. However,
there is no guarantee the exit reason is exception currently, when there is an
external interrupt occurred on host, maybe a time interrupt for host which should
not be injected to guest, and somewhere queues an exception, then the function
nested_vmx_check_exception() will be called and the vmexit emulation codes will
try to emulate the "Acknowledge interrupt on exit" behavior, the warning is
triggered.
Reusing the exit reason from the L2->L0 vmexit is wrong in this case,
the reason must always be EXCEPTION_NMI when injecting an exception into
L1 as a nested vmexit.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Fixes: e011c663b9 ("KVM: nVMX: Check all exceptions for intercept during delivery to L2")
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit f0367ee1d64d27fa08be2407df5c125442e885e3 upstream.
Static checker noticed that base3 could be used uninitialized if the
segment was not present (useable). Random stack values probably would
not pass VMCS entry checks.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 1aa366163b ("KVM: x86 emulator: consolidate segment accessors")
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 34b0dadbdf698f9b277a31b2747b625b9a75ea1f upstream.
Static analysis noticed that pmu->nr_arch_gp_counters can be 32
(INTEL_PMC_MAX_GENERIC) and therefore cannot be used to shift 'int'.
I didn't add BUILD_BUG_ON for it as we have a better checker.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 25462f7f52 ("KVM: x86/vPMU: Define kvm_pmu_ops to support vPMU function dispatch")
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 6ed071f051e12cf7baa1b69d3becb8f232fdfb7b upstream.
On AMD, the effect of set_nmi_mask called by emulate_iret_real and em_rsm
on hflags is reverted later on in x86_emulate_instruction where hflags are
overwritten with ctxt->emul_flags (the kvm_set_hflags call). This manifests
as a hang when rebooting Windows VMs with QEMU, OVMF, and >1 vcpu.
Instead of trying to merge ctxt->emul_flags into vcpu->arch.hflags after
an instruction is emulated, this commit deletes emul_flags altogether and
makes the emulator access vcpu->arch.hflags using two new accessors. This
way all changes, on the emulator side as well as in functions called from
the emulator and accessing vcpu state with emul_to_vcpu, are preserved.
More details on the bug and its manifestation with Windows and OVMF:
It's a KVM bug in the interaction between SMI/SMM and NMI, specific to AMD.
I believe that the SMM part explains why we started seeing this only with
OVMF.
KVM masks and unmasks NMI when entering and leaving SMM. When KVM emulates
the RSM instruction in em_rsm, the set_nmi_mask call doesn't stick because
later on in x86_emulate_instruction we overwrite arch.hflags with
ctxt->emul_flags, effectively reverting the effect of the set_nmi_mask call.
The AMD-specific hflag of interest here is HF_NMI_MASK.
When rebooting the system, Windows sends an NMI IPI to all but the current
cpu to shut them down. Only after all of them are parked in HLT will the
initiating cpu finish the restart. If NMI is masked, other cpus never get
the memo and the initiating cpu spins forever, waiting for
hal!HalpInterruptProcessorsStarted to drop. That's the symptom we observe.
Fixes: a584539b24 ("KVM: x86: pass the whole hflags field to emulator and back")
Signed-off-by: Ladi Prosek <lprosek@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
