Define macro to indicate backport support for
external authentication where authentication can be
offloaded to userspace in specific cases such as SAE.
Change-Id: Ib253b303e82f583f61bc13d14c8d491d5ea2af15
CRs-Fixed: 2468738
Signed-off-by: Srinivas Dasari <dasaris@codeaurora.org>
Signed-off-by: Jiachao Wu <jiacwu@codeaurora.org>
Signed-off-by: Min Liu <minliu@codeaurora.org>
Signed-off-by: stonez <stonez@codeaurora.org>
This interface allows the host driver to offload the authentication to
user space. This is exclusively defined for host drivers that do not
define separate commands for authentication and association, but rely on
userspace SME (e.g., in wpa_supplicant for the ~WPA_DRIVER_FLAGS_SME
case) for the authentication to happen. This can be used to implement
SAE without full implementation in the kernel/firmware while still being
able to use NL80211_CMD_CONNECT with driver-based BSS selection.
Host driver sends NL80211_CMD_EXTERNAL_AUTH event to start/abort
authentication to the port on which connect is triggered and status
of authentication is further indicated by user space to host
driver through the same command response interface.
User space entities advertise this capability through the
NL80211_ATTR_EXTERNAL_AUTH_SUPP flag in the NL80211_CMD_CONNECT request.
Host drivers shall look at this capability to offload the authentication.
Signed-off-by: Srinivas Dasari <dasaris@qti.qualcomm.com>
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
[add socket connection ownership check]
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Git-commit: 40cbfa90218bc570a7959b436b9d48a18c361041
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
CRs-Fixed: 2468738
Change-Id: Id925dd82d9a9c719b32aac2de75b6ad001f1a958
[dasaris@codeaurora.org: merging with msm-specific changes]
Signed-off-by: Srinivas Dasari <dasaris@codeaurora.org>
Signed-off-by: Jiachao Wu <jiacwu@codeaurora.org>
Signed-off-by: Min Liu <minliu@codeaurora.org>
Signed-off-by: stonez <stonez@codeaurora.org>
Disconnect or deauthenticate when the owning socket is closed if this
flag is supplied to CMD_CONNECT or CMD_ASSOCIATE. This may be used
to ensure userspace daemon doesn't leave an unmanaged connection behind.
In some situations it would be possible to account for that, to some
degree, in the deamon restart code or in the up/down scripts without
the use of this attribute. But there will be systems where the daemon
can go away for varying periods without a warning due to local resource
management.
Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Git-commit: 36a554cec119bbd20c4ec0cb96bd4712d124bfea
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next.git
Change-Id: Ic09ee323fc6215059d5c2572ba3e77c56addad32
CRs-Fixed: 2468738
Signed-off-by: Srinivas Dasari <dasaris@codeaurora.org>
Signed-off-by: Jiachao Wu <jiacwu@codeaurora.org>
Signed-off-by: Min Liu <minliu@codeaurora.org>
Signed-off-by: stonez <stonez@codeaurora.org>
This enum is already perfectly aliased to enum nl80211_band, and
the only reason for it is that we get IEEE80211_NUM_BANDS out of
it. There's no really good reason to not declare the number of
bands in nl80211 though, so do that and remove the cfg80211 one.
Change-Id: Ifc56e6297146c9095432b757fabd0c463d7cc583
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Bug: 62057517
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
There is potential integer truncation in the wcnss_prealloc_get api.
size_t is 8 byte on x64 platform and "unsigned int" is 4 byte.
To avoid this integer truncation, pass size as size_t instead
of unsigned int.
CRs-Fixed: 2269610
Change-Id: I14b274dd7cad98b55fdce1aaa27783272231afde
Signed-off-by: Anurag Chouhan <achouhan@codeaurora.org>
There is potential integer truncation in the wcnss_prealloc_get api.
size_t is 8 byte on x64 platform and "unsigned int" is 4 byte.
To avoid this integer truncation, pass size as size_t instead
of unsigned int.
CRs-Fixed: 2269610
Change-Id: I14b274dd7cad98b55fdce1aaa27783272231afde
Signed-off-by: Anurag Chouhan <achouhan@codeaurora.org>
API provision for WLAN host driver to check if WLAN PCIe device
is down.
Change-Id: I91efcd781af67c72b787c89e6b619c4cc49da34b
Signed-off-by: Yue Ma <yuem@codeaurora.org>
* refs/heads/tmp-5e24b4e
Linux 4.4.153
ovl: warn instead of error if d_type is not supported
ovl: Do d_type check only if work dir creation was successful
ovl: Ensure upper filesystem supports d_type
x86/mm: Fix use-after-free of ldt_struct
x86/mm/pat: Fix L1TF stable backport for CPA
ANDROID: x86_64_cuttlefish_defconfig: Enable lz4 compression for zram
UPSTREAM: drivers/block/zram/zram_drv.c: fix bug storing backing_dev
BACKPORT: zram: introduce zram memory tracking
BACKPORT: zram: record accessed second
BACKPORT: zram: mark incompressible page as ZRAM_HUGE
UPSTREAM: zram: correct flag name of ZRAM_ACCESS
UPSTREAM: zram: Delete gendisk before cleaning up the request queue
UPSTREAM: drivers/block/zram/zram_drv.c: make zram_page_end_io() static
BACKPORT: zram: set BDI_CAP_STABLE_WRITES once
UPSTREAM: zram: fix null dereference of handle
UPSTREAM: zram: add config and doc file for writeback feature
BACKPORT: zram: read page from backing device
BACKPORT: zram: write incompressible pages to backing device
BACKPORT: zram: identify asynchronous IO's return value
BACKPORT: zram: add free space management in backing device
UPSTREAM: zram: add interface to specif backing device
UPSTREAM: zram: rename zram_decompress_page to __zram_bvec_read
UPSTREAM: zram: inline zram_compress
UPSTREAM: zram: clean up duplicated codes in __zram_bvec_write
Linux 4.4.152
reiserfs: fix broken xattr handling (heap corruption, bad retval)
i2c: imx: Fix race condition in dma read
PCI: pciehp: Fix use-after-free on unplug
PCI: Skip MPS logic for Virtual Functions (VFs)
PCI: hotplug: Don't leak pci_slot on registration failure
parisc: Remove unnecessary barriers from spinlock.h
bridge: Propagate vlan add failure to user
packet: refine ring v3 block size test to hold one frame
netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
xfrm_user: prevent leaking 2 bytes of kernel memory
parisc: Remove ordered stores from syscall.S
ext4: fix spectre gadget in ext4_mb_regular_allocator()
KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
staging: android: ion: check for kref overflow
tcp: identify cryptic messages as TCP seq # bugs
net: qca_spi: Fix log level if probe fails
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Avoid packet drop during initial sync
net: usb: rtl8150: demote allmulti message to dev_dbg()
net/ethernet/freescale/fman: fix cross-build error
drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
tcp: remove DELAYED ACK events in DCTCP
qlogic: check kstrtoul() for errors
packet: reset network header if packet shorter than ll reserved space
ixgbe: Be more careful when modifying MAC filters
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
perf llvm-utils: Remove bashism from kernel include fetch script
bnxt_en: Fix for system hang if request_irq fails
drm/armada: fix colorkey mode property
ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
ieee802154: at86rf230: use __func__ macro for debug messages
ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
netfilter: x_tables: set module owner for icmp(6) matches
smsc75xx: Add workaround for gigabit link up hardware errata.
kasan: fix shadow_size calculation error in kasan_module_alloc
tracing: Use __printf markup to silence compiler
ARM: imx_v4_v5_defconfig: Select ULPI support
ARM: imx_v6_v7_defconfig: Select ULPI support
HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
m68k: fix "bad page state" oops on ColdFire boot
bnx2x: Fix receiving tx-timeout in error or recovery state.
drm/exynos: decon5433: Fix WINCONx reset value
drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
md/raid10: fix that replacement cannot complete recovery after reassemble
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
ARM: dts: da850: Fix interrups property for gpio
selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
perf report powerpc: Fix crash if callchain is empty
perf test session topology: Fix test on s390
usb: xhci: increase CRS timeout value
ARM: dts: am437x: make edt-ft5x06 a wakeup source
brcmfmac: stop watchdog before detach and free everything
cxgb4: when disabling dcb set txq dcb priority to 0
Smack: Mark inode instant in smack_task_to_inode
ipv6: mcast: fix unsolicited report interval after receiving querys
locking/lockdep: Do not record IRQ state within lockdep code
net: davinci_emac: match the mdio device against its compatible if possible
ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
net: propagate dev_get_valid_name return code
net: hamradio: use eth_broadcast_addr
enic: initialize enic->rfs_h.lock in enic_probe
qed: Add sanity check for SIMD fastpath handler.
arm64: make secondary_start_kernel() notrace
scsi: xen-scsifront: add error handling for xenbus_printf
usb: gadget: dwc2: fix memory leak in gadget_init()
usb: gadget: composite: fix delayed_status race condition when set_interface
usb: dwc2: fix isoc split in transfer with no data
ARM: dts: Cygnus: Fix I2C controller interrupt type
selftests: sync: add config fragment for testing sync framework
selftests: zram: return Kselftest Skip code for skipped tests
selftests: user: return Kselftest Skip code for skipped tests
selftests: static_keys: return Kselftest Skip code for skipped tests
selftests: pstore: return Kselftest Skip code for skipped tests
netfilter: ipv6: nf_defrag: reduce struct net memory waste
ARC: Explicitly add -mmedium-calls to CFLAGS
ANDROID: x86_64_cuttlefish_defconfig: Enable zram and zstd
BACKPORT: crypto: zstd - Add zstd support
UPSTREAM: zram: add zstd to the supported algorithms list
UPSTREAM: lib: Add zstd modules
UPSTREAM: lib: Add xxhash module
UPSTREAM: zram: rework copy of compressor name in comp_algorithm_store()
UPSTREAM: zram: constify attribute_group structures.
UPSTREAM: zram: count same page write as page_stored
UPSTREAM: zram: reduce load operation in page_same_filled
UPSTREAM: zram: use zram_free_page instead of open-coded
UPSTREAM: zram: introduce zram data accessor
UPSTREAM: zram: remove zram_meta structure
UPSTREAM: zram: use zram_slot_lock instead of raw bit_spin_lock op
BACKPORT: zram: partial IO refactoring
BACKPORT: zram: handle multiple pages attached bio's bvec
UPSTREAM: zram: fix operator precedence to get offset
BACKPORT: zram: extend zero pages to same element pages
BACKPORT: zram: remove waitqueue for IO done
UPSTREAM: zram: remove obsolete sysfs attrs
UPSTREAM: zram: support BDI_CAP_STABLE_WRITES
UPSTREAM: zram: revalidate disk under init_lock
BACKPORT: mm: support anonymous stable page
UPSTREAM: zram: use __GFP_MOVABLE for memory allocation
UPSTREAM: zram: drop gfp_t from zcomp_strm_alloc()
UPSTREAM: zram: add more compression algorithms
UPSTREAM: zram: delete custom lzo/lz4
UPSTREAM: zram: cosmetic: cleanup documentation
UPSTREAM: zram: use crypto api to check alg availability
BACKPORT: zram: switch to crypto compress API
UPSTREAM: zram: rename zstrm find-release functions
UPSTREAM: zram: introduce per-device debug_stat sysfs node
UPSTREAM: zram: remove max_comp_streams internals
UPSTREAM: zram: user per-cpu compression streams
BACKPORT: zsmalloc: require GFP in zs_malloc()
UPSTREAM: zram/zcomp: do not zero out zcomp private pages
UPSTREAM: zram: pass gfp from zcomp frontend to backend
UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
ANDROID: Refresh x86_64_cuttlefish_defconfig
Linux 4.4.151
isdn: Disable IIOCDBGVAR
Bluetooth: avoid killing an already killed socket
x86/mm: Simplify p[g4um]d_page() macros
serial: 8250_dw: always set baud rate in dw8250_set_termios
ACPI / PM: save NVS memory for ASUS 1025C laptop
ACPI: save NVS memory for Lenovo G50-45
USB: option: add support for DW5821e
USB: serial: sierra: fix potential deadlock at close
ALSA: vxpocket: Fix invalid endian conversions
ALSA: memalloc: Don't exceed over the requested size
ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry
ALSA: cs5535audio: Fix invalid endian conversion
ALSA: virmidi: Fix too long output trigger loop
ALSA: vx222: Fix invalid endian conversions
ALSA: hda - Turn CX8200 into D3 as well upon reboot
ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs
net_sched: fix NULL pointer dereference when delete tcindex filter
vsock: split dwork to avoid reinitializations
net_sched: Fix missing res info when create new tc_index filter
llc: use refcount_inc_not_zero() for llc_sap_find()
l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()
Conflicts:
drivers/block/zram/zram_drv.c
drivers/staging/android/ion/ion.c
include/linux/swap.h
mm/zsmalloc.c
Change-Id: I1c437ac5133503a939d06d51ec778b65371df6d1
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlt/64YACgkQONu9yGCS
aT4/pBAAynguZbVbn8QtYi37Kam0R4ZvXe7rKN8H1A7rwo9l9NJDaC4z2M0Iutfj
1CfIEOeaf7WtxL25xgvDHQEOfB3/DH0xHbP/DtwqzpT0PmOUqMPaboGqOqXb//1J
WetcluEOQfoYu1DWofPP1YkAR3vU4Bp40ucAGIN2wE4bvMTR2EMbV8Y5QYgIk6mN
6n+Smg2Xpkq6paOhIrEt3C1P3lXlpY5Hxd54TGTRQ5c+vccXNldczIcP2Z0wue9/
LRI8veyY1q/IDhVR8wCrlNb3df6kUQ0xixfTNnTkUJjLs3j+NAsaJiO8/nrdCUhJ
xQORM7gQIMlccSNanKH0MHoCxhT3iMb8S6Hixvai5O+5XjP03TA7aAZ9Cyp7UqHg
JY5SPbh7YOmvRXbx7/NAgyLYwRcJRt2PamNRApLQKFbot4bSvNJquhrAib5t6kCF
HfbXjr9N969gLR4WmGkyOi0IHt8kaVwQitfBLZdj2QdlvyYWXmj0MuJ/I4BuZqtj
0MyzS/v8cxkN/NWO1p1cB7pRzFtaXtHtC6rxzYXKCUycnHW9cJDf5PBgCfDMqyTY
SdyuCeMrUo4mNEDItrKF8nbswew1T4UsayvJ6UgKHKr3QaH3Xp1mzeyt1GU38tn1
ogKm9cVbOuAhnic67ikISFsj8oNptrq0w+Zqe3AKGO8B7CwXwis=
=Q/T6
-----END PGP SIGNATURE-----
Merge 4.4.152 into android-4.4
Changes in 4.4.152
ARC: Explicitly add -mmedium-calls to CFLAGS
netfilter: ipv6: nf_defrag: reduce struct net memory waste
selftests: pstore: return Kselftest Skip code for skipped tests
selftests: static_keys: return Kselftest Skip code for skipped tests
selftests: user: return Kselftest Skip code for skipped tests
selftests: zram: return Kselftest Skip code for skipped tests
selftests: sync: add config fragment for testing sync framework
ARM: dts: Cygnus: Fix I2C controller interrupt type
usb: dwc2: fix isoc split in transfer with no data
usb: gadget: composite: fix delayed_status race condition when set_interface
usb: gadget: dwc2: fix memory leak in gadget_init()
scsi: xen-scsifront: add error handling for xenbus_printf
arm64: make secondary_start_kernel() notrace
qed: Add sanity check for SIMD fastpath handler.
enic: initialize enic->rfs_h.lock in enic_probe
net: hamradio: use eth_broadcast_addr
net: propagate dev_get_valid_name return code
ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
net: davinci_emac: match the mdio device against its compatible if possible
locking/lockdep: Do not record IRQ state within lockdep code
ipv6: mcast: fix unsolicited report interval after receiving querys
Smack: Mark inode instant in smack_task_to_inode
cxgb4: when disabling dcb set txq dcb priority to 0
brcmfmac: stop watchdog before detach and free everything
ARM: dts: am437x: make edt-ft5x06 a wakeup source
usb: xhci: increase CRS timeout value
perf test session topology: Fix test on s390
perf report powerpc: Fix crash if callchain is empty
selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
ARM: dts: da850: Fix interrups property for gpio
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
md/raid10: fix that replacement cannot complete recovery after reassemble
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
drm/exynos: decon5433: Fix WINCONx reset value
bnx2x: Fix receiving tx-timeout in error or recovery state.
m68k: fix "bad page state" oops on ColdFire boot
HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
ARM: imx_v6_v7_defconfig: Select ULPI support
ARM: imx_v4_v5_defconfig: Select ULPI support
tracing: Use __printf markup to silence compiler
kasan: fix shadow_size calculation error in kasan_module_alloc
smsc75xx: Add workaround for gigabit link up hardware errata.
netfilter: x_tables: set module owner for icmp(6) matches
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
ieee802154: at86rf230: use __func__ macro for debug messages
ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
drm/armada: fix colorkey mode property
bnxt_en: Fix for system hang if request_irq fails
perf llvm-utils: Remove bashism from kernel include fetch script
ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
ixgbe: Be more careful when modifying MAC filters
packet: reset network header if packet shorter than ll reserved space
qlogic: check kstrtoul() for errors
tcp: remove DELAYED ACK events in DCTCP
drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
net/ethernet/freescale/fman: fix cross-build error
net: usb: rtl8150: demote allmulti message to dev_dbg()
net: qca_spi: Avoid packet drop during initial sync
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Fix log level if probe fails
tcp: identify cryptic messages as TCP seq # bugs
staging: android: ion: check for kref overflow
KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
ext4: fix spectre gadget in ext4_mb_regular_allocator()
parisc: Remove ordered stores from syscall.S
xfrm_user: prevent leaking 2 bytes of kernel memory
netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
packet: refine ring v3 block size test to hold one frame
bridge: Propagate vlan add failure to user
parisc: Remove unnecessary barriers from spinlock.h
PCI: hotplug: Don't leak pci_slot on registration failure
PCI: Skip MPS logic for Virtual Functions (VFs)
PCI: pciehp: Fix use-after-free on unplug
i2c: imx: Fix race condition in dma read
reiserfs: fix broken xattr handling (heap corruption, bad retval)
Linux 4.4.152
Change-Id: I1058813031709d20abd0bc45e9ac5fc68ab3a1d7
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit a69258f7aa2623e0930212f09c586fd06674ad79 ]
After fixing the way DCTCP tracking delayed ACKs, the delayed-ACK
related callbacks are no longer needed
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Acked-by: Lawrence Brakmo <brakmo@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 9ce7bc036ae4cfe3393232c86e9e1fea2153c237 ]
It is a waste of memory to use a full "struct netns_sysctl_ipv6"
while only one pointer is really used, considering netns_sysctl_ipv6
keeps growing.
Also, since "struct netns_frags" has cache line alignment,
it is better to move the frags_hdr pointer outside, otherwise
we spend a full cache line for this pointer.
This saves 192 bytes of memory per netns.
Fixes: c038a767cd ("ipv6: add a new namespace for nf_conntrack_reasm")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 455f05ecd2b219e9a216050796d30c830d9bc393 ]
syzbot reported that we reinitialize an active delayed
work in vsock_stream_connect():
ODEBUG: init active (active state 0) object type: timer_list hint:
delayed_work_timer_fn+0x0/0x90 kernel/workqueue.c:1414
WARNING: CPU: 1 PID: 11518 at lib/debugobjects.c:329
debug_print_object+0x16a/0x210 lib/debugobjects.c:326
The pattern is apparently wrong, we should only initialize
the dealyed work once and could repeatly schedule it. So we
have to move out the initializations to allocation side.
And to avoid confusion, we can split the shared dwork
into two, instead of re-using the same one.
Fixes: d021c34405 ("VSOCK: Introduce VM Sockets")
Reported-by: <syzbot+8a9b1bd330476a4f3db6@syzkaller.appspotmail.com>
Cc: Andy king <acking@vmware.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Cc: Jorgen Hansen <jhansen@vmware.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 0dcb82254d65f72333aa50ad626d1e9665ad093b ]
llc_sap_put() decreases the refcnt before deleting sap
from the global list. Therefore, there is a chance
llc_sap_find() could find a sap with zero refcnt
in this global list.
Close this race condition by checking if refcnt is zero
or not in llc_sap_find(), if it is zero then it is being
removed so we can just treat it as gone.
Reported-by: <syzbot+278893f3f7803871f7ce@syzkaller.appspotmail.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-13962260
Linux 4.4.146
scsi: sg: fix minor memory leak in error path
crypto: padlock-aes - Fix Nano workaround data corruption
kvm: x86: vmx: fix vpid leak
virtio_balloon: fix another race between migration and ballooning
net: socket: fix potential spectre v1 gadget in socketcall
can: ems_usb: Fix memory leak on ems_usb_disconnect()
squashfs: more metadata hardenings
squashfs: more metadata hardening
netlink: Fix spectre v1 gadget in netlink_create()
net: dsa: Do not suspend/resume closed slave_dev
inet: frag: enforce memory limits earlier
tcp: add one more quick ack after after ECN events
tcp: refactor tcp_ecn_check_ce to remove sk type cast
tcp: do not aggressively quick ack after ECN events
tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
tcp: do not force quickack when receiving out-of-order packets
NET: stmmac: align DMA stuff to largest cache line length
xen-netfront: wait xenbus state change when load module manually
net: lan78xx: fix rx handling before first packet is send
net: fix amd-xgbe flow-control issue
ipv4: remove BUG_ON() from fib_compute_spec_dst
ASoC: pxa: Fix module autoload for platform drivers
dmaengine: pxa_dma: remove duplicate const qualifier
ext4: check for allocation block validity with block group locked
ext4: fix inline data updates with checksums enabled
squashfs: be more careful about metadata corruption
random: mix rdrand with entropy sent in from userspace
drm: Add DP PSR2 sink enable bit
media: si470x: fix __be16 annotations
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
scsi: scsi_dh: replace too broad "TP9" string with the exact models
media: omap3isp: fix unbalanced dma_iommu_mapping
crypto: authenc - don't leak pointers to authenc keys
crypto: authencesn - don't leak pointers to authenc keys
usb: hub: Don't wait for connect state at resume for powered-off ports
microblaze: Fix simpleImage format generation
audit: allow not equal op for audit by executable
rsi: Fix 'invalid vdd' warning in mmc
ipconfig: Correctly initialise ic_nameservers
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
memory: tegra: Apply interrupts mask per SoC
memory: tegra: Do not handle spurious interrupts
ALSA: hda/ca0132: fix build failure when a local macro is defined
drm/atomic: Handling the case when setting old crtc for plane
media: siano: get rid of __le32/__le16 cast warnings
bpf: fix references to free_bpf_prog_info() in comments
thermal: exynos: fix setting rising_threshold for Exynos5433
scsi: megaraid: silence a static checker bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: 3w-9xxx: fix a missing-check bug
perf: fix invalid bit in diagnostic entry
s390/cpum_sf: Add data entry sizes to sampling trailer entry
brcmfmac: Add support for bcm43364 wireless chipset
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
media: saa7164: Fix driver name in debug output
libata: Fix command retry decision
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
tty: Fix data race in tty_insert_flip_string_fixed_flag
HID: i2c-hid: check if device is there before really probing
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
drm/radeon: fix mode_valid's return type
HID: hid-plantronics: Re-resend Update to map button for PTT products
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
media: smiapp: fix timeout checking in smiapp_read_nvm
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
ALSA: emu10k1: Rate-limit error messages about page errors
scsi: ufs: fix exception event handling
mwifiex: correct histogram data with appropriate index
PCI: pciehp: Request control of native hotplug only if supported
pinctrl: at91-pio4: add missing of_node_put
powerpc/8xx: fix invalid register expression in head_8xx.S
powerpc/powermac: Mark variable x as unused
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/32: Add a missing include header
ath: Add regulatory mapping for Bahamas
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for FCC3_ETSIC
PCI: Prevent sysfs disable of device while driver is attached
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
media: videobuf2-core: don't call memop 'finish' when queueing
wlcore: sdio: check for valid platform device data before suspend
mwifiex: handle race during mwifiex_usb_disconnect
mfd: cros_ec: Fail early if we cannot identify the EC
ASoC: dpcm: fix BE dai not hw_free and shutdown
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
iwlwifi: pcie: fix race in Rx buffer allocator
perf/x86/intel/uncore: Correct fixed counter index check for NHM
perf/x86/intel/uncore: Correct fixed counter index check in generic code
usbip: usbip_detach: Fix memory, udev context and udev leak
f2fs: fix to don't trigger writeback during recovery
disable loading f2fs module on PAGE_SIZE > 4KB
RDMA/mad: Convert BUG_ONs to error flows
powerpc/64s: Fix compiler store ordering to SLB shadow area
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
infiniband: fix a possible use-after-free bug
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
rtc: ensure rtc_set_alarm fails when alarms are not supported
mm/slub.c: add __printf verification to slab_err()
mm: vmalloc: avoid racy handling of debugobjects in vunmap
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
ALSA: fm801: add error handling for snd_ctl_add
ALSA: emu10k1: add error handling for snd_ctl_add
xen/netfront: raise max number of slots in xennet_get_responses()
tracing: Quiet gcc warning about maybe unused link variable
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
tracing: Fix possible double free in event_enable_trigger_func()
tracing: Fix double free of event_trigger_data
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
MIPS: Fix off-by-one in pci_resource_to_user()
kernel/sys.c: fix merge error with 4.4.144
Conflicts:
drivers/scsi/ufs/ufshcd.c
include/net/tcp.h
net/socket.c
Change-Id: Ie84fdcf54b0a45508f76ef56330291f54e35ed30
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltoWioACgkQONu9yGCS
aT6YrQ//d8dWKaNZK08Z/l2ZqRS56wlNTJyHIB81p1uM2PuPHfLjsZzLQ+HnZ3Ha
G+fedEj3sbwJp8i61TRu9Q1p/PyLWsnaryWZaK3gm4Yo8GrdVbXAY47EHwz3fbUK
yxrC0+zQmIlyZgwzbUNGspDuAdNt2MFDug97RFF8BdhJd84Rv0BbicGMwKJQFfFN
g0Tv6yB+8cjmnCMjmLreLyi+puWvXZtZXAi+idl9eTC4ysGDKNvO1ERptv2NC5C6
171cbsS/ngpY5ZIUcmLy0QPPFh/ZCeoft22R3gOxZDkjT4Ro6lY5ubPKDEcn57Hv
FSV5fuQ3cBtmsODn7LMIWqLDKuCRM/gTmvXrWxM91JDLSsuAdZWATj8k4iIoocmk
l/3iOixBMFCGToQ1I2/O33QZOssKoDIz4bpG6+HM/Cj4anSnVZKjouJSTlNZr/3i
ZJOXpu/MpQItc/RGo/PumzJLkXhS+HyGwPbTIOPy29NMqp+xvjZv4DttuJbqyHJ2
Pm/OZcvU7z1wSMhcTknvZLLMQVRIICQjfPJNDefqAdrCdd233cRo37cU8egg4A0l
F3q+ZI/ny01YWQP8KrCJyWB5lHHbEc44wUHCxet0TPZ1qaqvVcXzaWhwxP2H0L3I
7r2u9bDg15ielw3jhPpRWZMvANbQlToNoj6YROqj5ArcIowcBPc=
=7/iL
-----END PGP SIGNATURE-----
Merge 4.4.146 into android-4.4
Changes in 4.4.146
MIPS: Fix off-by-one in pci_resource_to_user()
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
tracing: Fix double free of event_trigger_data
tracing: Fix possible double free in event_enable_trigger_func()
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
tracing: Quiet gcc warning about maybe unused link variable
xen/netfront: raise max number of slots in xennet_get_responses()
ALSA: emu10k1: add error handling for snd_ctl_add
ALSA: fm801: add error handling for snd_ctl_add
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
mm: vmalloc: avoid racy handling of debugobjects in vunmap
mm/slub.c: add __printf verification to slab_err()
rtc: ensure rtc_set_alarm fails when alarms are not supported
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
infiniband: fix a possible use-after-free bug
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
powerpc/64s: Fix compiler store ordering to SLB shadow area
RDMA/mad: Convert BUG_ONs to error flows
disable loading f2fs module on PAGE_SIZE > 4KB
f2fs: fix to don't trigger writeback during recovery
usbip: usbip_detach: Fix memory, udev context and udev leak
perf/x86/intel/uncore: Correct fixed counter index check in generic code
perf/x86/intel/uncore: Correct fixed counter index check for NHM
iwlwifi: pcie: fix race in Rx buffer allocator
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
ASoC: dpcm: fix BE dai not hw_free and shutdown
mfd: cros_ec: Fail early if we cannot identify the EC
mwifiex: handle race during mwifiex_usb_disconnect
wlcore: sdio: check for valid platform device data before suspend
media: videobuf2-core: don't call memop 'finish' when queueing
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
PCI: Prevent sysfs disable of device while driver is attached
ath: Add regulatory mapping for FCC3_ETSIC
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Bahamas
powerpc/32: Add a missing include header
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/powermac: Mark variable x as unused
powerpc/8xx: fix invalid register expression in head_8xx.S
pinctrl: at91-pio4: add missing of_node_put
PCI: pciehp: Request control of native hotplug only if supported
mwifiex: correct histogram data with appropriate index
scsi: ufs: fix exception event handling
ALSA: emu10k1: Rate-limit error messages about page errors
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
media: smiapp: fix timeout checking in smiapp_read_nvm
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
HID: hid-plantronics: Re-resend Update to map button for PTT products
drm/radeon: fix mode_valid's return type
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
HID: i2c-hid: check if device is there before really probing
tty: Fix data race in tty_insert_flip_string_fixed_flag
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
libata: Fix command retry decision
media: saa7164: Fix driver name in debug output
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
brcmfmac: Add support for bcm43364 wireless chipset
s390/cpum_sf: Add data entry sizes to sampling trailer entry
perf: fix invalid bit in diagnostic entry
scsi: 3w-9xxx: fix a missing-check bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: megaraid: silence a static checker bug
thermal: exynos: fix setting rising_threshold for Exynos5433
bpf: fix references to free_bpf_prog_info() in comments
media: siano: get rid of __le32/__le16 cast warnings
drm/atomic: Handling the case when setting old crtc for plane
ALSA: hda/ca0132: fix build failure when a local macro is defined
memory: tegra: Do not handle spurious interrupts
memory: tegra: Apply interrupts mask per SoC
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
ipconfig: Correctly initialise ic_nameservers
rsi: Fix 'invalid vdd' warning in mmc
audit: allow not equal op for audit by executable
microblaze: Fix simpleImage format generation
usb: hub: Don't wait for connect state at resume for powered-off ports
crypto: authencesn - don't leak pointers to authenc keys
crypto: authenc - don't leak pointers to authenc keys
media: omap3isp: fix unbalanced dma_iommu_mapping
scsi: scsi_dh: replace too broad "TP9" string with the exact models
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
media: si470x: fix __be16 annotations
drm: Add DP PSR2 sink enable bit
random: mix rdrand with entropy sent in from userspace
squashfs: be more careful about metadata corruption
ext4: fix inline data updates with checksums enabled
ext4: check for allocation block validity with block group locked
dmaengine: pxa_dma: remove duplicate const qualifier
ASoC: pxa: Fix module autoload for platform drivers
ipv4: remove BUG_ON() from fib_compute_spec_dst
net: fix amd-xgbe flow-control issue
net: lan78xx: fix rx handling before first packet is send
xen-netfront: wait xenbus state change when load module manually
NET: stmmac: align DMA stuff to largest cache line length
tcp: do not force quickack when receiving out-of-order packets
tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
tcp: do not aggressively quick ack after ECN events
tcp: refactor tcp_ecn_check_ce to remove sk type cast
tcp: add one more quick ack after after ECN events
inet: frag: enforce memory limits earlier
net: dsa: Do not suspend/resume closed slave_dev
netlink: Fix spectre v1 gadget in netlink_create()
squashfs: more metadata hardening
squashfs: more metadata hardenings
can: ems_usb: Fix memory leak on ems_usb_disconnect()
net: socket: fix potential spectre v1 gadget in socketcall
virtio_balloon: fix another race between migration and ballooning
kvm: x86: vmx: fix vpid leak
crypto: padlock-aes - Fix Nano workaround data corruption
scsi: sg: fix minor memory leak in error path
Linux 4.4.146
Change-Id: Ia7e43a90d0f5603c741811436b8de41884cb2851
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit 9a9c9b51e54618861420093ae6e9b50a961914c5 ]
We want to add finer control of the number of ACK packets sent after
ECN events.
This patch is not changing current behavior, it only enables following
change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
cnss api update for genoa pcie to pass the memory information for
read index update.
Change-Id: Ic6a96bef1dfacdc78bc127cc2570e148e9cd4baf
CRs-fixed: 2272072
Signed-off-by: Jayachandran Sreekumaran <jsreekum@codeaurora.org>
* refs/heads/tmp-05670d3
Linux 4.4.145
ARM: fix put_user() for gcc-8
turn off -Wattribute-alias
can: xilinx_can: fix RX overflow interrupt not being enabled
can: xilinx_can: fix incorrect clear of non-processed interrupts
can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
can: xilinx_can: fix device dropping off bus on RX overrun
can: xilinx_can: fix recovery from error states not being propagated
can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
driver core: Partially revert "driver core: correct device's shutdown order"
usb: gadget: f_fs: Only return delayed status when len is 0
usb: core: handle hub C_PORT_OVER_CURRENT condition
usb: cdc_acm: Add quirk for Castles VEGA3000
ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
tcp: detect malicious patterns in tcp_collapse_ofo_queue()
tcp: avoid collapses in tcp_prune_queue() if possible
tcp: do not delay ACK in DCTCP upon CE status change
tcp: do not cancel delay-AcK on DCTCP special ACK
tcp: helpers to send special DCTCP ack
tcp: fix dctcp delayed ACK schedule
rtnetlink: add rtnl_link_state check in rtnl_configure_link
net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
ip: hash fragments consistently
MIPS: ath79: fix register address in ath79_ddr_wb_flush()
Conflicts:
drivers/usb/gadget/function/f_fs.c
include/net/tcp.h
Change-Id: Ib1c2f633df7b9f28c5f99609c35600cbb916e657
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
* refs/heads/tmp-4b2d6ba
Linux 4.4.144
ubi: fastmap: Erase outdated anchor PEBs during attach
ubi: Fix Fastmap's update_vol()
ubi: Fix races around ubi_refill_pools()
ubi: Be more paranoid while seaching for the most recent Fastmap
ubi: Rework Fastmap attach base code
ubi: Introduce vol_ignored()
clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
block: do not use interruptible wait anywhere
x86/cpu: Re-apply forced caps every time CPU caps are re-read
x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
x86/bugs: Rename SSBD_NO to SSB_NO
x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
x86/bugs: Rework spec_ctrl base and mask logic
x86/bugs: Remove x86_spec_ctrl_set()
x86/bugs: Expose x86_spec_ctrl_base directly
x86/bugs: Unify x86_spec_ctrl_{set_guest, restore_host}
x86/speculation: Rework speculative_store_bypass_update()
x86/speculation: Add virtualized speculative store bypass disable support
x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
x86/speculation: Handle HT correctly on AMD
x86/cpufeatures: Add FEATURE_ZEN
x86/cpu/AMD: Fix erratum 1076 (CPB bit)
x86/cpufeatures: Disentangle SSBD enumeration
x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
x86/cpu: Make alternative_msr_write work for 32-bit code
x86/bugs: Fix the parameters alignment and missing void
x86/bugs: Make cpu_show_common() static
x86/bugs: Fix __ssb_select_mitigation() return type
Documentation/spec_ctrl: Do some minor cleanups
proc: Use underscores for SSBD in 'status'
x86/bugs: Rename _RDS to _SSBD
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass
seccomp: Move speculation migitation control to arch code
seccomp: Add filter flag to opt-out of SSB mitigation
seccomp: Use PR_SPEC_FORCE_DISABLE
prctl: Add force disable speculation
seccomp: Enable speculation flaw mitigations
proc: Provide details on speculation flaw mitigations
nospec: Allow getting/setting on non-current task
x86/speculation: Add prctl for Speculative Store Bypass mitigation
x86/process: Allow runtime control of Speculative Store Bypass
x86/process: Optimize TIF_NOTSC switch
x86/process: Correct and optimize TIF_BLOCKSTEP switch
x86/process: Optimize TIF checks in __switch_to_xtra()
prctl: Add speculation control prctls
x86/speculation: Create spec-ctrl.h to avoid include hell
x86/bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if requested
x86/bugs: Whitelist allowed SPEC_CTRL MSR values
x86/bugs/intel: Set proper CPU features and setup RDS
x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
x86/cpufeatures: Add X86_FEATURE_RDS
x86/bugs: Expose /sys/../spec_store_bypass
x86/cpu/intel: Add Knights Mill to Intel family
x86/cpu: Rename Merrifield2 to Moorefield
x86/bugs, KVM: Support the combination of guest and host IBRS
x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
x86/bugs: Concentrate bug reporting into a separate function
x86/bugs: Concentrate bug detection into a separate function
x86/nospec: Simplify alternative_msr_write()
x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
xen: set cpu capabilities from xen_start_kernel()
selftest/seccomp: Fix the seccomp(2) signature
selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
x86/speculation: Use IBRS if available before calling into firmware
x86/spectre_v2: Don't check microcode versions when running under hypervisors
x86/speculation: Use Indirect Branch Prediction Barrier in context switch
x86/mm: Give each mm TLB flush generation a unique ID
x86/mm: Factor out LDT init from context init
x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
x86/speculation: Add <asm/msr-index.h> dependency
x86/speculation: Fix up array_index_nospec_mask() asm constraint
x86/speculation: Clean up various Spectre related details
x86/speculation: Correct Speculation Control microcode blacklist again
x86/speculation: Update Speculation Control microcode blacklist
x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface
x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
x86/pti: Mark constant arrays as __initconst
x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
x86/cpufeatures: Clean up Spectre v2 related CPUID flags
x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
x86/msr: Add definitions for new speculation control MSRs
x86/cpufeatures: Add AMD feature bits for Speculation Control
x86/cpufeatures: Add Intel feature bits for Speculation Control
x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
x86/paravirt: Make native_save_fl() extern inline
xhci: Fix perceived dead host due to runtime suspend race with event handler
skbuff: Unconditionally copy pfmemalloc in __skb_clone()
net: Don't copy pfmemalloc flag in __copy_skb_header()
tg3: Add higher cpu clock for 5762.
ptp: fix missing break in switch
net: phy: fix flag masking in __set_phy_supported
net/ipv4: Set oif in fib_compute_spec_dst
lib/rhashtable: consider param->min_size when setting initial table size
ipv6: fix useless rol32 call on hash
ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
mm: memcg: fix use after free in mem_cgroup_iter()
ARC: mm: allow mprotect to make stack mappings executable
ARC: Fix CONFIG_SWAP
ALSA: rawmidi: Change resized buffers atomically
fat: fix memory allocation failure handling of match_strdup()
x86/MCE: Remove min interval polling limitation
KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.
Conflicts:
drivers/mtd/ubi/wl.c
sound/core/rawmidi.c
Change-Id: I277fe9260a764e7923ddc90e7327d9aa5865a038
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
To add support for PCIe WLAN IPA uc SMMU feature, prvoide related
platform api for wlan driver to get the smmu map handle and do the
mapping.
Change-Id: I672b1a48879ada65b3ddb3f16c4bd787dc1b70a6
Signed-off-by: Frank Liu <qiliu@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltcAuIACgkQONu9yGCS
aT632hAAgtUvSZJZTh6nMePKNys+R3XhqSbJQRqgHsWP6e8gPJ/4A5G7VmoT0STX
0QG1+J4WscOa+0E2XznYqhEJGisS32skS8VIxfWW1ISPcx4p2tgMrSJdfjxEWiKA
/7x39msawlcshITTjoRZjV60WzHM2MQgWa24ifOXrxxM+VlLcVSUehyMyYWfrZEt
hJQtz6iZp3eUvbKopJnCu7iyTFo9RJciSRUmWmYg3CDROn4HJAUgV/NdgDvHmt5J
+11WAvjQ3RdBSWy7jDadJDqy1BP2r3VdmAS1clxmjCUMsCPeHtOqNlEjc+6FhYoj
93BNcqKpqPsN2lhuHWCHcZCWLuKA2DW+Rp3l6SvfSpxd55oQeIQEnsLnyCl9XAge
YhGJZfSd/Ug/fvqlHyqKiv3J3ykCDnq6T4uzyxxmoeFgVq4RvMxSl0u9vMO9CG5u
jq0Xc19ytvUUNe0ZHXSRPbgUJCEBfWIppgoXuTL4SI/E4hmyhDqUXiSiH+Hjfufc
tnuTnSSz1CxXHct07sU/kbOTYiVHZmu/eG2Nbx+pG+d48i3/OzdW5EQ5UYvorAb3
sOkZm5Au5VP/HTJoeW7SLGeZRI0b1SxECJOg5ENmchb8sWV9MjilUoUa408rPin9
OYYQ7OKA3FHIvxlUCgw6RT6AUZQrwRRY7iAqnR46u26I5Ejif4k=
=r3bN
-----END PGP SIGNATURE-----
Merge 4.4.145 into android-4.4
Changes in 4.4.145
MIPS: ath79: fix register address in ath79_ddr_wb_flush()
ip: hash fragments consistently
net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
rtnetlink: add rtnl_link_state check in rtnl_configure_link
tcp: fix dctcp delayed ACK schedule
tcp: helpers to send special DCTCP ack
tcp: do not cancel delay-AcK on DCTCP special ACK
tcp: do not delay ACK in DCTCP upon CE status change
tcp: avoid collapses in tcp_prune_queue() if possible
tcp: detect malicious patterns in tcp_collapse_ofo_queue()
ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
usb: cdc_acm: Add quirk for Castles VEGA3000
usb: core: handle hub C_PORT_OVER_CURRENT condition
usb: gadget: f_fs: Only return delayed status when len is 0
driver core: Partially revert "driver core: correct device's shutdown order"
can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
can: xilinx_can: fix recovery from error states not being propagated
can: xilinx_can: fix device dropping off bus on RX overrun
can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
can: xilinx_can: fix incorrect clear of non-processed interrupts
can: xilinx_can: fix RX overflow interrupt not being enabled
turn off -Wattribute-alias
ARM: fix put_user() for gcc-8
Linux 4.4.145
Change-Id: I449c110f7f186f2c72c9cc45e00a8deda0d54e40
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltYMlwACgkQONu9yGCS
aT5ZmxAAjAWUndXt7fTUyHgxkoG61sEkdX4jcsp6NFwQMudU0UHx4/kcZE+HdMjL
VU8BZtdUg+jMLXM4erVBpQRKY9YHIPi8nWMTm1UjduMCxVD6dVL1HU6/RXl1cYIx
rf/opYOimqT9lYCeffmd9ai2zEEJKSt7/avddcJY4qHiqLan27gbUdAq2H26aM/5
LUzAaSBzhq3VYo9Q5zv03b1+tORAxh2BIffZjGEFe8SQQl1o63WqwV4RxEhV/Bjt
hBgl/6B/+EHtQnYnbnoOT/an9Ma15ik4/z3vVv6yRLNK+hS5T31OKcYCsUrjp6O+
TQVaVLWWmn/VpIHAMkrhBs9Xxg5GmRziF77AkzyC506tK268M2+IoY77ursVl1YK
STaOwUcLUlKLbl5OADqMpYtNU9ybkP+MmgDZsIEXz9UiCZM721fL5Au2PHuzaYOD
2nE2EQb04It4k9GN8FStv2KPIiKUCEXi9MlNsHGPs6Mc+fliIigoKPhpU5JG+sxR
eJgPMNv4OWhwXWTd1wf0Gy5X+i0lQlwlGgIHFfSB8vzArJ0Y/yuPj2a6xhQshOza
Ivq7JudHvxYxhDSWYoCKgtTgzMdSBbJ3xjOoUUHy4ryamYeyaMvgFjsaCTMr0dsw
76BkgNTbpsip+I77a9h4Ozlk5QE7h61EsqjmZBkGVqLYjrUQ/IU=
=X4tZ
-----END PGP SIGNATURE-----
Merge 4.4.144 into android-4.4
Changes in 4.4.144
KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.
x86/MCE: Remove min interval polling limitation
fat: fix memory allocation failure handling of match_strdup()
ALSA: rawmidi: Change resized buffers atomically
ARC: Fix CONFIG_SWAP
ARC: mm: allow mprotect to make stack mappings executable
mm: memcg: fix use after free in mem_cgroup_iter()
ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
ipv6: fix useless rol32 call on hash
lib/rhashtable: consider param->min_size when setting initial table size
net/ipv4: Set oif in fib_compute_spec_dst
net: phy: fix flag masking in __set_phy_supported
ptp: fix missing break in switch
tg3: Add higher cpu clock for 5762.
net: Don't copy pfmemalloc flag in __copy_skb_header()
skbuff: Unconditionally copy pfmemalloc in __skb_clone()
xhci: Fix perceived dead host due to runtime suspend race with event handler
x86/paravirt: Make native_save_fl() extern inline
x86/cpufeatures: Add CPUID_7_EDX CPUID leaf
x86/cpufeatures: Add Intel feature bits for Speculation Control
x86/cpufeatures: Add AMD feature bits for Speculation Control
x86/msr: Add definitions for new speculation control MSRs
x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes
x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support
x86/cpufeatures: Clean up Spectre v2 related CPUID flags
x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel
x86/pti: Mark constant arrays as __initconst
x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs
x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface
x86/speculation: Update Speculation Control microcode blacklist
x86/speculation: Correct Speculation Control microcode blacklist again
x86/speculation: Clean up various Spectre related details
x86/speculation: Fix up array_index_nospec_mask() asm constraint
x86/speculation: Add <asm/msr-index.h> dependency
x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
x86/mm: Factor out LDT init from context init
x86/mm: Give each mm TLB flush generation a unique ID
x86/speculation: Use Indirect Branch Prediction Barrier in context switch
x86/spectre_v2: Don't check microcode versions when running under hypervisors
x86/speculation: Use IBRS if available before calling into firmware
x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC
selftest/seccomp: Fix the seccomp(2) signature
xen: set cpu capabilities from xen_start_kernel()
x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
x86/nospec: Simplify alternative_msr_write()
x86/bugs: Concentrate bug detection into a separate function
x86/bugs: Concentrate bug reporting into a separate function
x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
x86/bugs, KVM: Support the combination of guest and host IBRS
x86/cpu: Rename Merrifield2 to Moorefield
x86/cpu/intel: Add Knights Mill to Intel family
x86/bugs: Expose /sys/../spec_store_bypass
x86/cpufeatures: Add X86_FEATURE_RDS
x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
x86/bugs/intel: Set proper CPU features and setup RDS
x86/bugs: Whitelist allowed SPEC_CTRL MSR values
x86/bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if requested
x86/speculation: Create spec-ctrl.h to avoid include hell
prctl: Add speculation control prctls
x86/process: Optimize TIF checks in __switch_to_xtra()
x86/process: Correct and optimize TIF_BLOCKSTEP switch
x86/process: Optimize TIF_NOTSC switch
x86/process: Allow runtime control of Speculative Store Bypass
x86/speculation: Add prctl for Speculative Store Bypass mitigation
nospec: Allow getting/setting on non-current task
proc: Provide details on speculation flaw mitigations
seccomp: Enable speculation flaw mitigations
prctl: Add force disable speculation
seccomp: Use PR_SPEC_FORCE_DISABLE
seccomp: Add filter flag to opt-out of SSB mitigation
seccomp: Move speculation migitation control to arch code
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass
x86/bugs: Rename _RDS to _SSBD
proc: Use underscores for SSBD in 'status'
Documentation/spec_ctrl: Do some minor cleanups
x86/bugs: Fix __ssb_select_mitigation() return type
x86/bugs: Make cpu_show_common() static
x86/bugs: Fix the parameters alignment and missing void
x86/cpu: Make alternative_msr_write work for 32-bit code
x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
x86/cpufeatures: Disentangle SSBD enumeration
x86/cpu/AMD: Fix erratum 1076 (CPB bit)
x86/cpufeatures: Add FEATURE_ZEN
x86/speculation: Handle HT correctly on AMD
x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
x86/speculation: Add virtualized speculative store bypass disable support
x86/speculation: Rework speculative_store_bypass_update()
x86/bugs: Unify x86_spec_ctrl_{set_guest, restore_host}
x86/bugs: Expose x86_spec_ctrl_base directly
x86/bugs: Remove x86_spec_ctrl_set()
x86/bugs: Rework spec_ctrl base and mask logic
x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
x86/bugs: Rename SSBD_NO to SSB_NO
x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
x86/cpu: Re-apply forced caps every time CPU caps are re-read
block: do not use interruptible wait anywhere
clk: tegra: Fix PLL_U post divider and initial rate on Tegra30
ubi: Introduce vol_ignored()
ubi: Rework Fastmap attach base code
ubi: Be more paranoid while seaching for the most recent Fastmap
ubi: Fix races around ubi_refill_pools()
ubi: Fix Fastmap's update_vol()
ubi: fastmap: Erase outdated anchor PEBs during attach
Linux 4.4.144
Change-Id: Ia3e9b2b7bc653cba68b76878d34f8fcbbc007a13
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit a0496ef2c23b3b180902dd185d0d63ccbc624cf8 ]
Per DCTCP RFC8257 (Section 3.2) the ACK reflecting the CE status change
has to be sent immediately so the sender can respond quickly:
""" When receiving packets, the CE codepoint MUST be processed as follows:
1. If the CE codepoint is set and DCTCP.CE is false, set DCTCP.CE to
true and send an immediate ACK.
2. If the CE codepoint is not set and DCTCP.CE is true, set DCTCP.CE
to false and send an immediate ACK.
"""
Previously DCTCP implementation may continue to delay the ACK. This
patch fixes that to implement the RFC by forcing an immediate ACK.
Tested with this packetdrill script provided by Larry Brakmo
0.000 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3
0.000 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
0.000 setsockopt(3, SOL_TCP, TCP_CONGESTION, "dctcp", 5) = 0
0.000 bind(3, ..., ...) = 0
0.000 listen(3, 1) = 0
0.100 < [ect0] SEW 0:0(0) win 32792 <mss 1000,sackOK,nop,nop,nop,wscale 7>
0.100 > SE. 0:0(0) ack 1 <mss 1460,nop,nop,sackOK,nop,wscale 8>
0.110 < [ect0] . 1:1(0) ack 1 win 257
0.200 accept(3, ..., ...) = 4
+0 setsockopt(4, SOL_SOCKET, SO_DEBUG, [1], 4) = 0
0.200 < [ect0] . 1:1001(1000) ack 1 win 257
0.200 > [ect01] . 1:1(0) ack 1001
0.200 write(4, ..., 1) = 1
0.200 > [ect01] P. 1:2(1) ack 1001
0.200 < [ect0] . 1001:2001(1000) ack 2 win 257
+0.005 < [ce] . 2001:3001(1000) ack 2 win 257
+0.000 > [ect01] . 2:2(0) ack 2001
// Previously the ACK below would be delayed by 40ms
+0.000 > [ect01] E. 2:2(0) ack 3001
+0.500 < F. 9501:9501(0) ack 4 win 257
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 27cde44a259c380a3c09066fc4b42de7dde9b1ad ]
Currently when a DCTCP receiver delays an ACK and receive a
data packet with a different CE mark from the previous one's, it
sends two immediate ACKs acking previous and latest sequences
respectly (for ECN accounting).
Previously sending the first ACK may mark off the delayed ACK timer
(tcp_event_ack_sent). This may subsequently prevent sending the
second ACK to acknowledge the latest sequence (tcp_ack_snd_check).
The culprit is that tcp_send_ack() assumes it always acknowleges
the latest sequence, which is not true for the first special ACK.
The fix is to not make the assumption in tcp_send_ack and check the
actual ack sequence before cancelling the delayed ACK. Further it's
safer to pass the ack sequence number as a local variable into
tcp_send_ack routine, instead of intercepting tp->rcv_nxt to avoid
future bugs like this.
Reported-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Yuchung Cheng <ycheng@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 169dc027fb02492ea37a0575db6a658cf922b854 ]
The rol32 call is currently rotating hash but the rol'd value is
being discarded. I believe the current code is incorrect and hash
should be assigned the rotated value returned from rol32.
Thanks to David Lebrun for spotting this.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-7ba5557
Linux 4.4.139
Bluetooth: Fix connection if directed advertising and privacy is used
cdc_ncm: avoid padding beyond end of skb
dm thin: handle running out of data space vs concurrent discard
block: Fix transfer when chunk sectors exceeds max
spi: Fix scatterlist elements size in spi_map_buf
Btrfs: fix unexpected cow in run_delalloc_nocow
ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
Input: elantech - fix V4 report decoding for module with middle key
Input: elantech - enable middle button of touchpads on ThinkPad P52
Input: elan_i2c_smbus - fix more potential stack buffer overflows
udf: Detect incorrect directory size
xen: Remove unnecessary BUG_ON from __unbind_from_irq()
Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
video: uvesafb: Fix integer overflow in allocation
NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message
nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
media: cx231xx: Add support for AverMedia DVD EZMaker 7
media: v4l2-compat-ioctl32: prevent go past max size
perf intel-pt: Fix packet decoding of CYC packets
perf intel-pt: Fix "Unexpected indirect branch" error
perf intel-pt: Fix MTC timing after overflow
perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
mfd: intel-lpss: Program REMAP register in PIO mode
backlight: tps65217_bl: Fix Device Tree node lookup
backlight: max8925_bl: Fix Device Tree node lookup
backlight: as3711_bl: Fix Device Tree node lookup
xfrm: skip policies marked as dead while rehashing
xfrm: Ignore socket policies when rebuilding hash tables
UBIFS: Fix potential integer overflow in allocation
ubi: fastmap: Cancel work upon detach
md: fix two problems with setting the "re-add" device state.
linvdimm, pmem: Preserve read-only setting for pmem devices
scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED
scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
iio:buffer: make length types match kfifo types
Btrfs: fix clone vs chattr NODATASUM race
time: Make sure jiffies_to_msecs() preserves non-zero time periods
MIPS: io: Add barrier after register read in inX()
PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume
MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
mtd: cfi_cmdset_0002: Change write buffer to check correct value
RDMA/mlx4: Discard unknown SQP work requests
IB/qib: Fix DMA api warning with debug kernel
of: unittest: for strings, account for trailing \0 in property length field
ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
powerpc/fadump: Unregister fadump on kexec down path.
cpuidle: powernv: Fix promotion from snooze if next state disabled
powerpc/ptrace: Fix enforcement of DAWR constraints
powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG
powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
fuse: fix control dir setup and teardown
fuse: don't keep dead fuse_conn at fuse_fill_super().
fuse: atomic_o_trunc should truncate pagecache
Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
ipmi:bt: Set the timeout before doing a capabilities check
branch-check: fix long->int truncation when profiling branches
mips: ftrace: fix static function graph tracing
lib/vsprintf: Remove atomic-unsafe support for %pCr
ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
ASoC: cirrus: i2s: Fix LRCLK configuration
ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
1wire: family module autoload fails because of upper/lower case mismatch.
usb: do not reset if a low-speed or full-speed device timed out
signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec()
fs/binfmt_misc.c: do not allow offset overflow
w1: mxc_w1: Enable clock before calling clk_get_rate() on it
libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
libata: zpodd: small read overflow in eject_tray()
libata: zpodd: make arrays cdb static, reduces object code size
cpufreq: Fix new policy initialization during limits updates via sysfs
ALSA: hda: add dock and led support for HP ProBook 640 G4
ALSA: hda: add dock and led support for HP EliteBook 830 G5
ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
btrfs: scrub: Don't use inode pages for device replace
driver core: Don't ignore class_dir_create_and_add() failure.
ext4: fix fencepost error in check for inode count overflow during resize
ext4: update mtime in ext4_punch_hole even if no blocks are released
tcp: verify the checksum of the first data segment in a new connection
bonding: re-evaluate force_primary when the primary slave name changes
usb: musb: fix remote wakeup racing with suspend
Btrfs: make raid6 rebuild retry more
tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
Revert "Btrfs: fix scrub to repair raid6 corruption"
net/sonic: Use dma_mapping_error()
net: qmi_wwan: Add Netgear Aircard 779S
atm: zatm: fix memcmp casting
ipvs: fix buffer overflow with sync daemon and service
netfilter: ebtables: handle string from userspace with care
xfrm6: avoid potential infinite loop in _decode_session6()
ANDROID: Add kconfig to make dm-verity check_at_most_once default enabled
ANDROID: sdcardfs: fix potential crash when reserved_mb is not zero
Change-Id: Ibcd2b6614843e4e8fd5a57acf350a9e83e1c0dbc
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAls7QB8ACgkQONu9yGCS
aT6trQ/9EO1dgc0lZO0zGCxFFiikPzzMp1auSKd99FhSaqlrCPutT5K0gBVc1rug
EvggbqWj2MBX2HZvxQR8LbGNvp7+kkM3apIdYOqyTQPvs7x03YNeuvXZUF3EFyPO
eDZ71nLuwgnEeySceJ+Z9HcVBcWR/0dEkwjhjpIJ2IO25tcecWzbqOOdzNypBIKK
EG4dGhO5JY6jLqxbEFZ9d302bGZQozOQHiDfEZz6NueI0yYVJIjQQvuLp/V0ChDg
TN+PgTOdzxIPCpZw9y4XzN4nhdsOial1xeX7agzAkZDjdbprNpbZrxjfY0NLdpQ0
4ZV3vLqIZ5rs8xuCRgNJ7yTVt6X7miw/h7TQp30qpeDuRf1SHZa4ITqMzdXJUahW
BT+XkjrrCjKxXkCH+rWy0txtouUaVwM+sKHIW0bvrOJwHM0UJXNAUppt4NrBtgtD
7Zt/FDKAHCJk1GuW3U5zXOHmgn+QkRNEndpwbUjwRowvHcE5jVSLLkH4XZkA0+SL
ucQCxOqGKrbHjhyXT+e2Kpx4Z5sqJIUHhc4iw6gi7xyaoJ55kHZ2S+sCwo3cjreq
B43SrwkQ0EJXwHzcrmvDfnvEFf7ylDVWH597lQsIQMNI7Gg04fXixYpvr6DYOBSN
AKHvoqd7VztHnX/ZogyLXp4jWiU5dU6qYXdj/zEs+tB8DYPZ4+c=
=Mli0
-----END PGP SIGNATURE-----
Merge 4.4.139 into android-4.4
Changes in 4.4.139
xfrm6: avoid potential infinite loop in _decode_session6()
netfilter: ebtables: handle string from userspace with care
ipvs: fix buffer overflow with sync daemon and service
atm: zatm: fix memcmp casting
net: qmi_wwan: Add Netgear Aircard 779S
net/sonic: Use dma_mapping_error()
Revert "Btrfs: fix scrub to repair raid6 corruption"
tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()
Btrfs: make raid6 rebuild retry more
usb: musb: fix remote wakeup racing with suspend
bonding: re-evaluate force_primary when the primary slave name changes
tcp: verify the checksum of the first data segment in a new connection
ext4: update mtime in ext4_punch_hole even if no blocks are released
ext4: fix fencepost error in check for inode count overflow during resize
driver core: Don't ignore class_dir_create_and_add() failure.
btrfs: scrub: Don't use inode pages for device replace
ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream()
ALSA: hda: add dock and led support for HP EliteBook 830 G5
ALSA: hda: add dock and led support for HP ProBook 640 G4
cpufreq: Fix new policy initialization during limits updates via sysfs
libata: zpodd: make arrays cdb static, reduces object code size
libata: zpodd: small read overflow in eject_tray()
libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk
w1: mxc_w1: Enable clock before calling clk_get_rate() on it
fs/binfmt_misc.c: do not allow offset overflow
x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec()
m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
usb: do not reset if a low-speed or full-speed device timed out
1wire: family module autoload fails because of upper/lower case mismatch.
ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
ASoC: cirrus: i2s: Fix LRCLK configuration
ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
lib/vsprintf: Remove atomic-unsafe support for %pCr
mips: ftrace: fix static function graph tracing
branch-check: fix long->int truncation when profiling branches
ipmi:bt: Set the timeout before doing a capabilities check
Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
fuse: atomic_o_trunc should truncate pagecache
fuse: don't keep dead fuse_conn at fuse_fill_super().
fuse: fix control dir setup and teardown
powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG
powerpc/ptrace: Fix enforcement of DAWR constraints
cpuidle: powernv: Fix promotion from snooze if next state disabled
powerpc/fadump: Unregister fadump on kexec down path.
ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
of: unittest: for strings, account for trailing \0 in property length field
IB/qib: Fix DMA api warning with debug kernel
RDMA/mlx4: Discard unknown SQP work requests
mtd: cfi_cmdset_0002: Change write buffer to check correct value
mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume
MIPS: io: Add barrier after register read in inX()
time: Make sure jiffies_to_msecs() preserves non-zero time periods
Btrfs: fix clone vs chattr NODATASUM race
iio:buffer: make length types match kfifo types
scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED
scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
linvdimm, pmem: Preserve read-only setting for pmem devices
md: fix two problems with setting the "re-add" device state.
ubi: fastmap: Cancel work upon detach
UBIFS: Fix potential integer overflow in allocation
xfrm: Ignore socket policies when rebuilding hash tables
xfrm: skip policies marked as dead while rehashing
backlight: as3711_bl: Fix Device Tree node lookup
backlight: max8925_bl: Fix Device Tree node lookup
backlight: tps65217_bl: Fix Device Tree node lookup
mfd: intel-lpss: Program REMAP register in PIO mode
perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
perf intel-pt: Fix MTC timing after overflow
perf intel-pt: Fix "Unexpected indirect branch" error
perf intel-pt: Fix packet decoding of CYC packets
media: v4l2-compat-ioctl32: prevent go past max size
media: cx231xx: Add support for AverMedia DVD EZMaker 7
media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message
video: uvesafb: Fix integer overflow in allocation
Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
xen: Remove unnecessary BUG_ON from __unbind_from_irq()
udf: Detect incorrect directory size
Input: elan_i2c_smbus - fix more potential stack buffer overflows
Input: elantech - enable middle button of touchpads on ThinkPad P52
Input: elantech - fix V4 report decoding for module with middle key
ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
Btrfs: fix unexpected cow in run_delalloc_nocow
spi: Fix scatterlist elements size in spi_map_buf
block: Fix transfer when chunk sectors exceeds max
dm thin: handle running out of data space vs concurrent discard
cdc_ncm: avoid padding beyond end of skb
Bluetooth: Fix connection if directed advertising and privacy is used
Linux 4.4.139
Change-Id: I93013bedf2ebe3e6a8718972d8854723609963cc
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
* refs/heads/tmp-c9d74f2
Linux 4.4.135
Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU"
Linux 4.4.134
s390/ftrace: use expoline for indirect branches
kdb: make "mdr" command repeat
Bluetooth: btusb: Add device ID for RTL8822BE
ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()'
scsi: lpfc: Fix frequency of Release WQE CQEs
scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
scsi: lpfc: Fix issue_lip if link is disabled
netlabel: If PF_INET6, check sk_buff ip header version
selftests/net: fixes psock_fanout eBPF test case
perf report: Fix memory corruption in --branch-history mode --branch-history
perf tests: Use arch__compare_symbol_names to compare symbols
x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified
drm/rockchip: Respect page offset for PRIME mmap calls
MIPS: Octeon: Fix logging messages with spurious periods after newlines
audit: return on memory error to avoid null pointer dereference
crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
clk: samsung: exynos3250: Fix PLL rates
clk: samsung: exynos5250: Fix PLL rates
clk: samsung: exynos5433: Fix PLL rates
clk: samsung: exynos5260: Fix PLL rates
clk: samsung: s3c2410: Fix PLL rates
media: cx25821: prevent out-of-bounds read on array card
udf: Provide saner default for invalid uid / gid
PCI: Add function 1 DMA alias quirk for Marvell 88SE9220
serial: arc_uart: Fix out-of-bounds access through DT alias
serial: fsl_lpuart: Fix out-of-bounds access through DT alias
serial: imx: Fix out-of-bounds access through serial port index
serial: mxs-auart: Fix out-of-bounds access through serial port index
serial: samsung: Fix out-of-bounds access through serial port index
serial: xuartps: Fix out-of-bounds access through DT alias
rtc: tx4939: avoid unintended sign extension on a 24 bit shift
staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
hwrng: stm32 - add reset during probe
enic: enable rq before updating rq descriptors
clk: rockchip: Prevent calculating mmc phase if clock rate is zero
media: em28xx: USB bulk packet size fix
dmaengine: pl330: fix a race condition in case of threaded irqs
media: s3c-camif: fix out-of-bounds array access
media: cx23885: Set subdev host data to clk_freq pointer
media: cx23885: Override 888 ImpactVCBe crystal frequency
ALSA: vmaster: Propagate slave error
x86/devicetree: Fix device IRQ settings in DT
x86/devicetree: Initialize device tree before using it
usb: gadget: composite: fix incorrect handling of OS desc requests
usb: gadget: udc: change comparison to bitshift when dealing with a mask
gfs2: Fix fallocate chunk size
cdrom: do not call check_disk_change() inside cdrom_open()
hwmon: (pmbus/adm1275) Accept negative page register values
hwmon: (pmbus/max8688) Accept negative page register values
perf/core: Fix perf_output_read_group()
ASoC: topology: create TLV data for dapm widgets
powerpc: Add missing prototype for arch_irq_work_raise()
usb: gadget: ffs: Execute copy_to_user() with USER_DS set
usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
usb: dwc2: Fix interval type issue
ipmi_ssif: Fix kernel panic at msg_done_handler
PCI: Restore config space on runtime resume despite being unbound
MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset
xhci: zero usb device slot_id member when disabling and freeing a xhci slot
KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use
i2c: mv64xxx: Apply errata delay only in standard mode
ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
ACPICA: Events: add a return on failure from acpi_hw_register_read
bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
zorro: Set up z->dev.dma_mask for the DMA API
clk: Don't show the incorrect clock phase
cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path
usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
arm: dts: socfpga: fix GIC PPI warning
virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
ima: Fallback to the builtin hash algorithm
ima: Fix Kconfig to select TPM 2.0 CRB interface
ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk)
net/mlx5: Protect from command bit overflow
selftests: Print the test we're running to /dev/kmsg
tools/thermal: tmon: fix for segfault
powerpc/perf: Fix kernel address leak via sampling registers
powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer
rtc: hctosys: Ensure system time doesn't overflow time_t
hwmon: (nct6775) Fix writing pwmX_mode
parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode
m68k: set dma and coherent masks for platform FEC ethernets
powerpc/mpic: Check if cpu_possible() in mpic_physmask()
ACPI: acpi_pad: Fix memory leak in power saving threads
xen/acpi: off by one in read_acpi_id()
btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers
Btrfs: fix copy_items() return value when logging an inode
btrfs: tests/qgroup: Fix wrong tree backref level
Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
net: bgmac: Fix endian access in bgmac_dma_tx_ring_free()
rtc: snvs: Fix usage of snvs_rtc_enable
sparc64: Make atomic_xchg() an inline function rather than a macro.
fscache: Fix hanging wait on page discarded by writeback
KVM: VMX: raise internal error for exception during invalid protected mode state
sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning
ocfs2/dlm: don't handle migrate lockres if already in shutdown
btrfs: Fix possible softlock on single core machines
Btrfs: fix NULL pointer dereference in log_dir_items
Btrfs: bail out on error during replay_dir_deletes
mm: fix races between address_space dereference and free in page_evicatable
mm/ksm: fix interaction with THP
dp83640: Ensure against premature access to PHY registers after reset
scsi: aacraid: Insure command thread is not recursively stopped
cpufreq: CPPC: Initialize shared perf capabilities of CPUs
Force log to disk before reading the AGF during a fstrim
sr: get/drop reference to device in revalidate and check_events
swap: divide-by-zero when zero length swap file on ssd
fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table
x86/pgtable: Don't set huge PUD/PMD on non-leaf entries
sh: fix debug trap failure to process signals before return to user
net: mvneta: fix enable of all initialized RXQs
net: Fix untag for vlan packets without ethernet header
mm/kmemleak.c: wait for scan completion before disabling free
llc: properly handle dev_queue_xmit() return value
net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
net/usb/qmi_wwan.c: Add USB id for lt4120 modem
net: qmi_wwan: add BroadMobi BM806U 2020:2033
ARM: 8748/1: mm: Define vdso_start, vdso_end as array
batman-adv: fix packet loss for broadcasted DHCP packets to a server
batman-adv: fix multicast-via-unicast transmission with AP isolation
selftests: ftrace: Add a testcase for probepoint
selftests: ftrace: Add a testcase for string type with kprobe_event
selftests: ftrace: Add probe event argument syntax testcase
mm/mempolicy.c: avoid use uninitialized preferred_node
RDMA/ucma: Correct option size check using optlen
perf/cgroup: Fix child event counting bug
vti4: Don't override MTU passed on link creation via IFLA_MTU
vti4: Don't count header length twice on tunnel setup
batman-adv: fix header size check in batadv_dbg_arp()
net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
sunvnet: does not support GSO for sctp
ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
workqueue: use put_device() instead of kfree()
bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa().
netfilter: ebtables: fix erroneous reject of last rule
USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
xen: xenbus: use put_device() instead of kfree()
fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper().
scsi: sd: Keep disk read-only when re-reading partition
scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
e1000e: allocate ring descriptors with dma_zalloc_coherent
e1000e: Fix check_for_link return value with autoneg off
watchdog: f71808e_wdt: Fix magic close handling
KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing
selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable
Btrfs: send, fix issuing write op when processing hole in no data mode
xen/pirq: fix error path cleanup when binding MSIs
net/tcp/illinois: replace broken algorithm reference link
gianfar: Fix Rx byte accounting for ndev stats
sit: fix IFLA_MTU ignored on NEWLINK
bcache: fix kcrashes with fio in RAID5 backend dev
dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3
virtio-gpu: fix ioctl and expose the fixed status to userspace.
r8152: fix tx packets accounting
clocksource/drivers/fsl_ftm_timer: Fix error return checking
nvme-pci: Fix nvme queue cleanup if IRQ setup fails
netfilter: ebtables: convert BUG_ONs to WARN_ONs
batman-adv: invalidate checksum on fragment reassembly
batman-adv: fix packet checksum in receive path
md/raid1: fix NULL pointer dereference
media: dmxdev: fix error code for invalid ioctls
x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations
locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
regulatory: add NUL to request alpha2
smsc75xx: fix smsc75xx_set_features()
ARM: OMAP: Fix dmtimer init for omap1
s390/cio: clear timer when terminating driver I/O
s390/cio: fix return code after missing interrupt
powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
md: raid5: avoid string overflow warning
locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
usb: musb: fix enumeration after resume
drm/exynos: fix comparison to bitshift when dealing with a mask
md raid10: fix NULL deference in handle_write_completed()
mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
NFC: llcp: Limit size of SDP URI
ARM: OMAP1: clock: Fix debugfs_create_*() usage
ARM: OMAP3: Fix prm wake interrupt for resume
ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
scsi: qla4xxx: skip error recovery in case of register disconnect.
scsi: aacraid: fix shutdown crash when init fails
scsi: storvsc: Increase cmd_per_lun for higher speed devices
selftests: memfd: add config fragment for fuse
usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
usb: gadget: fsl_udc_core: fix ep valid checks
usb: gadget: f_uac2: fix bFirstInterface in composite gadget
ARC: Fix malformed ARC_EMUL_UNALIGNED default
scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion()
scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
scsi: sym53c8xx_2: iterator underflow in sym_getsync()
scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
irqchip/gic-v3: Change pr_debug message to pr_devel
locking/qspinlock: Ensure node->count is updated before initialising node
tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
bcache: return attach error when no cache set exist
bcache: fix for data collapse after re-attaching an attached device
bcache: fix for allocator and register thread race
bcache: properly set task state in bch_writeback_thread()
cifs: silence compiler warnings showing up with gcc-8.0.0
proc: fix /proc/*/map_files lookup
arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
RDS: IB: Fix null pointer issue
xen/grant-table: Use put_page instead of free_page
xen-netfront: Fix race between device setup and open
MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
ACPI: processor_perflib: Do not send _PPC change notification if not ready
firmware: dmi_scan: Fix handling of empty DMI strings
x86/power: Fix swsusp_arch_resume prototype
IB/ipoib: Fix for potential no-carrier state
mm: pin address_space before dereferencing it while isolating an LRU page
asm-generic: provide generic_pmdp_establish()
mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
mm/mempolicy: fix the check of nodemask from user
ocfs2: return error when we attempt to access a dirty bh in jbd2
ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
ntb_transport: Fix bug with max_mw_size parameter
RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
powerpc/numa: Ensure nodes initialized for hotplug
powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
scsi: fas216: fix sense buffer initialization
Btrfs: fix scrub to repair raid6 corruption
btrfs: Fix out of bounds access in btrfs_search_slot
Btrfs: set plug for fsync
ipmi/powernv: Fix error return code in ipmi_powernv_probe()
mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
kconfig: Fix expr_free() E_NOT leak
kconfig: Fix automatic menu creation mem leak
kconfig: Don't leak main menus during parsing
watchdog: sp5100_tco: Fix watchdog disable bit
nfs: Do not convert nfs_idmap_cache_timeout to jiffies
dm thin: fix documentation relative to low water mark threshold
tools lib traceevent: Fix get_field_str() for dynamic strings
perf callchain: Fix attr.sample_max_stack setting
tools lib traceevent: Simplify pointer print logic and fix %pF
PCI: Add function 1 DMA alias quirk for Marvell 9128
tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account
kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
ALSA: hda - Use IS_REACHABLE() for dependency on input
NFSv4: always set NFS_LOCK_LOST when a lock is lost.
firewire-ohci: work around oversized DMA reads on JMicron controllers
do d_instantiate/unlock_new_inode combinations safely
xfs: remove racy hasattr check from attr ops
kernel/signal.c: avoid undefined behaviour in kill_something_info
kernel/sys.c: fix potential Spectre v1 issue
kasan: fix memory hotplug during boot
ipc/shm: fix shmat() nil address after round-down when remapping
Revert "ipc/shm: Fix shmat mmap nil-page protection"
xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
libata: blacklist Micron 500IT SSD with MU01 firmware
libata: Blacklist some Sandisk SSDs for NCQ
mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
ALSA: timer: Fix pause event notification
aio: fix io_destroy(2) vs. lookup_ioctx() race
affs_lookup(): close a race with affs_remove_link()
KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
MIPS: ptrace: Expose FIR register through FP regset
UPSTREAM: sched/fair: Consider RT/IRQ pressure in capacity_spare_wake
Conflicts:
drivers/media/dvb-core/dmxdev.c
drivers/scsi/sd.c
drivers/scsi/ufs/ufshcd.c
drivers/usb/gadget/function/f_fs.c
fs/ecryptfs/inode.c
Change-Id: I15751ed8c82ec65ba7eedcb0d385b9f803c333f7
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
During SSR, if power-up fails, wlan driver will
enter ssr_in_progress state, which will block
driver unloading, it's not reasonable.
To improve this, notify wlan driver about the
failure, then driver unloading can be handled
properly according to this flag.
CRs-Fixed: 2246361
Change-Id: I669cc0137811a991c00ff9e73ebbb2bcf2d621a1
Signed-off-by: Yu Wang <yyuwang@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlsOO14ACgkQONu9yGCS
aT4ulhAAhMVYSRa/cOFm0BHxSL/59WmJTa3Na8TJqkTrJy+LRluBiKCywyiMZknp
4rIffv4jcxcFNCpqYTjNTSStGLWCCkBLNSzxuzFv5M89Jdx4Gz1Ww1hzMESP3gxK
puHUewSJQm7qtVOiC2l4YcW3Q6nFK0kqbCWpSkHoGVfZoX9JS2P1V8n+KFZpUH1a
UyhVW48ainUpXfhSKJZ5xABiWYM2hcSq52RW1edNZvwuKwulZ+2EME26HgGCK7ff
WHzGHECE6Lem+iunR26J/QtbTo8LKEyU0F039X21E7FIxf33S0xyPx+MGjJfWBOo
Q6A23mAEWwEhlMomNKzdd/iUzSVlWSzKe8LJa7GI5G6BxftN8Z0TGTnKzIDkw++M
T6RfK03CP6c9rQ756d0fTPxdZh6ae9EN8WSot/Sbbc9SvGSfy6o4I8Y/uJygShmF
j13JfMweC+t7/6fyUqc5dcgY0Xy7LUFiWqfPxQj6axDiT82Mx2AvQaczrPUAKr1K
KQsetmyhHC+Cpy7ILrhUGYjEWlvQm11ZiFoX8BkocFLFWk736QA63iB7mOUpCOQR
SKLK00dF163GJdQC6nb4wCtyBxnCg4pSoP/72Z1foPtaSd3ccJ4CLsIE6GY5sP/I
sDlPnIlnzEDfDPIxtVfKC8e1JINP6awXwtoJJo6MnuCuP3LDb58=
=ogZQ
-----END PGP SIGNATURE-----
Merge 4.4.134 into android-4.4
Changes in 4.4.134
MIPS: ptrace: Expose FIR register through FP regset
MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs
KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable"
affs_lookup(): close a race with affs_remove_link()
aio: fix io_destroy(2) vs. lookup_ioctx() race
ALSA: timer: Fix pause event notification
mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register
libata: Blacklist some Sandisk SSDs for NCQ
libata: blacklist Micron 500IT SSD with MU01 firmware
xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
Revert "ipc/shm: Fix shmat mmap nil-page protection"
ipc/shm: fix shmat() nil address after round-down when remapping
kasan: fix memory hotplug during boot
kernel/sys.c: fix potential Spectre v1 issue
kernel/signal.c: avoid undefined behaviour in kill_something_info
xfs: remove racy hasattr check from attr ops
do d_instantiate/unlock_new_inode combinations safely
firewire-ohci: work around oversized DMA reads on JMicron controllers
NFSv4: always set NFS_LOCK_LOST when a lock is lost.
ALSA: hda - Use IS_REACHABLE() for dependency on input
ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account
PCI: Add function 1 DMA alias quirk for Marvell 9128
tools lib traceevent: Simplify pointer print logic and fix %pF
perf callchain: Fix attr.sample_max_stack setting
tools lib traceevent: Fix get_field_str() for dynamic strings
dm thin: fix documentation relative to low water mark threshold
nfs: Do not convert nfs_idmap_cache_timeout to jiffies
watchdog: sp5100_tco: Fix watchdog disable bit
kconfig: Don't leak main menus during parsing
kconfig: Fix automatic menu creation mem leak
kconfig: Fix expr_free() E_NOT leak
mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
ipmi/powernv: Fix error return code in ipmi_powernv_probe()
Btrfs: set plug for fsync
btrfs: Fix out of bounds access in btrfs_search_slot
Btrfs: fix scrub to repair raid6 corruption
scsi: fas216: fix sense buffer initialization
HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
powerpc/numa: Ensure nodes initialized for hotplug
RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
ntb_transport: Fix bug with max_mw_size parameter
ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
ocfs2: return error when we attempt to access a dirty bh in jbd2
mm/mempolicy: fix the check of nodemask from user
mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
asm-generic: provide generic_pmdp_establish()
mm: pin address_space before dereferencing it while isolating an LRU page
IB/ipoib: Fix for potential no-carrier state
x86/power: Fix swsusp_arch_resume prototype
firmware: dmi_scan: Fix handling of empty DMI strings
ACPI: processor_perflib: Do not send _PPC change notification if not ready
bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
xen-netfront: Fix race between device setup and open
xen/grant-table: Use put_page instead of free_page
RDS: IB: Fix null pointer issue
arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
proc: fix /proc/*/map_files lookup
cifs: silence compiler warnings showing up with gcc-8.0.0
bcache: properly set task state in bch_writeback_thread()
bcache: fix for allocator and register thread race
bcache: fix for data collapse after re-attaching an attached device
bcache: return attach error when no cache set exist
tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
locking/qspinlock: Ensure node->count is updated before initialising node
irqchip/gic-v3: Change pr_debug message to pr_devel
scsi: ufs: Enable quirk to ignore sending WRITE_SAME command
scsi: bnx2fc: Fix check in SCSI completion handler for timed out request
scsi: sym53c8xx_2: iterator underflow in sym_getsync()
scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo()
scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion()
ARC: Fix malformed ARC_EMUL_UNALIGNED default
usb: gadget: f_uac2: fix bFirstInterface in composite gadget
usb: gadget: fsl_udc_core: fix ep valid checks
usb: dwc2: Fix dwc2_hsotg_core_init_disconnected()
selftests: memfd: add config fragment for fuse
scsi: storvsc: Increase cmd_per_lun for higher speed devices
scsi: aacraid: fix shutdown crash when init fails
scsi: qla4xxx: skip error recovery in case of register disconnect.
ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt
ARM: OMAP3: Fix prm wake interrupt for resume
ARM: OMAP1: clock: Fix debugfs_create_*() usage
NFC: llcp: Limit size of SDP URI
mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
md raid10: fix NULL deference in handle_write_completed()
drm/exynos: fix comparison to bitshift when dealing with a mask
usb: musb: fix enumeration after resume
locking/xchg/alpha: Add unconditional memory barrier to cmpxchg()
md: raid5: avoid string overflow warning
kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access
s390/cio: fix return code after missing interrupt
s390/cio: clear timer when terminating driver I/O
ARM: OMAP: Fix dmtimer init for omap1
smsc75xx: fix smsc75xx_set_features()
regulatory: add NUL to request alpha2
locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs
x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations
media: dmxdev: fix error code for invalid ioctls
md/raid1: fix NULL pointer dereference
batman-adv: fix packet checksum in receive path
batman-adv: invalidate checksum on fragment reassembly
netfilter: ebtables: convert BUG_ONs to WARN_ONs
nvme-pci: Fix nvme queue cleanup if IRQ setup fails
clocksource/drivers/fsl_ftm_timer: Fix error return checking
r8152: fix tx packets accounting
virtio-gpu: fix ioctl and expose the fixed status to userspace.
dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3
bcache: fix kcrashes with fio in RAID5 backend dev
sit: fix IFLA_MTU ignored on NEWLINK
gianfar: Fix Rx byte accounting for ndev stats
net/tcp/illinois: replace broken algorithm reference link
xen/pirq: fix error path cleanup when binding MSIs
Btrfs: send, fix issuing write op when processing hole in no data mode
selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable
KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing
watchdog: f71808e_wdt: Fix magic close handling
e1000e: Fix check_for_link return value with autoneg off
e1000e: allocate ring descriptors with dma_zalloc_coherent
usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM
scsi: sd: Keep disk read-only when re-reading partition
fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper().
xen: xenbus: use put_device() instead of kfree()
USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
netfilter: ebtables: fix erroneous reject of last rule
bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa().
workqueue: use put_device() instead of kfree()
ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu
sunvnet: does not support GSO for sctp
net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
batman-adv: fix header size check in batadv_dbg_arp()
vti4: Don't count header length twice on tunnel setup
vti4: Don't override MTU passed on link creation via IFLA_MTU
perf/cgroup: Fix child event counting bug
RDMA/ucma: Correct option size check using optlen
mm/mempolicy.c: avoid use uninitialized preferred_node
selftests: ftrace: Add probe event argument syntax testcase
selftests: ftrace: Add a testcase for string type with kprobe_event
selftests: ftrace: Add a testcase for probepoint
batman-adv: fix multicast-via-unicast transmission with AP isolation
batman-adv: fix packet loss for broadcasted DHCP packets to a server
ARM: 8748/1: mm: Define vdso_start, vdso_end as array
net: qmi_wwan: add BroadMobi BM806U 2020:2033
net/usb/qmi_wwan.c: Add USB id for lt4120 modem
net-usb: add qmi_wwan if on lte modem wistron neweb d18q1
llc: properly handle dev_queue_xmit() return value
mm/kmemleak.c: wait for scan completion before disabling free
net: Fix untag for vlan packets without ethernet header
net: mvneta: fix enable of all initialized RXQs
sh: fix debug trap failure to process signals before return to user
x86/pgtable: Don't set huge PUD/PMD on non-leaf entries
fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table
swap: divide-by-zero when zero length swap file on ssd
sr: get/drop reference to device in revalidate and check_events
Force log to disk before reading the AGF during a fstrim
cpufreq: CPPC: Initialize shared perf capabilities of CPUs
scsi: aacraid: Insure command thread is not recursively stopped
dp83640: Ensure against premature access to PHY registers after reset
mm/ksm: fix interaction with THP
mm: fix races between address_space dereference and free in page_evicatable
Btrfs: bail out on error during replay_dir_deletes
Btrfs: fix NULL pointer dereference in log_dir_items
btrfs: Fix possible softlock on single core machines
ocfs2/dlm: don't handle migrate lockres if already in shutdown
sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning
KVM: VMX: raise internal error for exception during invalid protected mode state
fscache: Fix hanging wait on page discarded by writeback
sparc64: Make atomic_xchg() an inline function rather than a macro.
rtc: snvs: Fix usage of snvs_rtc_enable
net: bgmac: Fix endian access in bgmac_dma_tx_ring_free()
Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB
btrfs: tests/qgroup: Fix wrong tree backref level
Btrfs: fix copy_items() return value when logging an inode
btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers
xen/acpi: off by one in read_acpi_id()
ACPI: acpi_pad: Fix memory leak in power saving threads
powerpc/mpic: Check if cpu_possible() in mpic_physmask()
m68k: set dma and coherent masks for platform FEC ethernets
parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode
hwmon: (nct6775) Fix writing pwmX_mode
rtc: hctosys: Ensure system time doesn't overflow time_t
powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer
powerpc/perf: Fix kernel address leak via sampling registers
tools/thermal: tmon: fix for segfault
selftests: Print the test we're running to /dev/kmsg
net/mlx5: Protect from command bit overflow
ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk)
ima: Fix Kconfig to select TPM 2.0 CRB interface
ima: Fallback to the builtin hash algorithm
virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS
arm: dts: socfpga: fix GIC PPI warning
usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields
cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path
clk: Don't show the incorrect clock phase
zorro: Set up z->dev.dma_mask for the DMA API
bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set
ACPICA: Events: add a return on failure from acpi_hw_register_read
ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c
i2c: mv64xxx: Apply errata delay only in standard mode
KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use
xhci: zero usb device slot_id member when disabling and freeing a xhci slot
MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset
PCI: Restore config space on runtime resume despite being unbound
ipmi_ssif: Fix kernel panic at msg_done_handler
usb: dwc2: Fix interval type issue
usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS
usb: gadget: ffs: Execute copy_to_user() with USER_DS set
powerpc: Add missing prototype for arch_irq_work_raise()
ASoC: topology: create TLV data for dapm widgets
perf/core: Fix perf_output_read_group()
hwmon: (pmbus/max8688) Accept negative page register values
hwmon: (pmbus/adm1275) Accept negative page register values
cdrom: do not call check_disk_change() inside cdrom_open()
gfs2: Fix fallocate chunk size
usb: gadget: udc: change comparison to bitshift when dealing with a mask
usb: gadget: composite: fix incorrect handling of OS desc requests
x86/devicetree: Initialize device tree before using it
x86/devicetree: Fix device IRQ settings in DT
ALSA: vmaster: Propagate slave error
media: cx23885: Override 888 ImpactVCBe crystal frequency
media: cx23885: Set subdev host data to clk_freq pointer
media: s3c-camif: fix out-of-bounds array access
dmaengine: pl330: fix a race condition in case of threaded irqs
media: em28xx: USB bulk packet size fix
clk: rockchip: Prevent calculating mmc phase if clock rate is zero
enic: enable rq before updating rq descriptors
hwrng: stm32 - add reset during probe
staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr
rtc: tx4939: avoid unintended sign extension on a 24 bit shift
serial: xuartps: Fix out-of-bounds access through DT alias
serial: samsung: Fix out-of-bounds access through serial port index
serial: mxs-auart: Fix out-of-bounds access through serial port index
serial: imx: Fix out-of-bounds access through serial port index
serial: fsl_lpuart: Fix out-of-bounds access through DT alias
serial: arc_uart: Fix out-of-bounds access through DT alias
PCI: Add function 1 DMA alias quirk for Marvell 88SE9220
udf: Provide saner default for invalid uid / gid
media: cx25821: prevent out-of-bounds read on array card
clk: samsung: s3c2410: Fix PLL rates
clk: samsung: exynos5260: Fix PLL rates
clk: samsung: exynos5433: Fix PLL rates
clk: samsung: exynos5250: Fix PLL rates
clk: samsung: exynos3250: Fix PLL rates
crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss
audit: return on memory error to avoid null pointer dereference
MIPS: Octeon: Fix logging messages with spurious periods after newlines
drm/rockchip: Respect page offset for PRIME mmap calls
x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified
perf tests: Use arch__compare_symbol_names to compare symbols
perf report: Fix memory corruption in --branch-history mode --branch-history
selftests/net: fixes psock_fanout eBPF test case
netlabel: If PF_INET6, check sk_buff ip header version
scsi: lpfc: Fix issue_lip if link is disabled
scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing
scsi: lpfc: Fix frequency of Release WQE CQEs
regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()'
ASoC: samsung: i2s: Ensure the RCLK rate is properly determined
Bluetooth: btusb: Add device ID for RTL8822BE
kdb: make "mdr" command repeat
s390/ftrace: use expoline for indirect branches
Linux 4.4.134
Change-Id: Iababaf9b89bc8d0437b95e1368d8b0a9126a178c
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit b85ab56c3f81c5a24b5a5213374f549df06430da ]
llc_conn_send_pdu() pushes the skb into write queue and
calls llc_conn_send_pdus() to flush them out. However, the
status of dev_queue_xmit() is not returned to caller,
in this case, llc_conn_state_process().
llc_conn_state_process() needs hold the skb no matter
success or failure, because it still uses it after that,
therefore we should hold skb before dev_queue_xmit() when
that skb is the one being processed by llc_conn_state_process().
For other callers, they can just pass NULL and ignore
the return value as they are.
Reported-by: Noam Rathaus <noamr@beyondsecurity.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit d52e5a7e7ca49457dd31fc8b42fb7c0d58a31221 ]
Prior to the rework of PMTU information storage in commit
2c8cec5c10 ("ipv4: Cache learned PMTU information in inetpeer."),
when a PMTU event advertising a PMTU smaller than
net.ipv4.route.min_pmtu was received, we would disable setting the DF
flag on packets by locking the MTU metric, and set the PMTU to
net.ipv4.route.min_pmtu.
Since then, we don't disable DF, and set PMTU to
net.ipv4.route.min_pmtu, so the intermediate router that has this link
with a small MTU will have to drop the packets.
This patch reestablishes pre-2.6.39 behavior by splitting
rtable->rt_pmtu into a bitfield with rt_mtu_locked and rt_pmtu.
rt_mtu_locked indicates that we shouldn't set the DF bit on that path,
and is checked in ip_dont_fragment().
One possible workaround is to set net.ipv4.route.min_pmtu to a value low
enough to accommodate the lowest MTU encountered.
Fixes: 2c8cec5c10 ("ipv4: Cache learned PMTU information in inetpeer.")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 657308f73e674e86b60509a430a46e569bf02846 ]
Similar to the ancient commit a5fe8e7695 ("regulatory: add NUL
to alpha2"), add another byte to alpha2 in the request struct so
that when we use nla_put_string(), we don't overrun anything.
Fixes: 73d54c9e74 ("cfg80211: add regulatory netlink multicast group")
Reported-by: Kees Cook <keescook@google.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 651b9920d7a694ffb1f885aef2bbb068a25d9d66 ]
This ensures that mac80211 allocated management frames are properly
aligned, which makes copying them more efficient.
For instance, mt76 uses iowrite32_copy to copy beacon frames to beacon
template memory on the chip.
Misaligned 32-bit accesses cause CPU exceptions on MIPS and should be
avoided.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-46155cc
Linux 4.4.132
perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
tracing/uprobe_event: Fix strncpy corner case
Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
atm: zatm: Fix potential Spectre v1
net: atm: Fix potential Spectre v1
can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
tracing: Fix regex_match_front() to not over compare the test string
libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
rfkill: gpio: fix memory leak in probe error path
xfrm_user: fix return value from xfrm_user_rcv_msg
f2fs: fix a dead loop in f2fs_fiemap()
bdi: Fix oops in wb_workfn()
tcp: fix TCP_REPAIR_QUEUE bound checking
perf: Remove superfluous allocation error check
soreuseport: initialise timewait reuseport field
dccp: initialize ireq->ir_mark
net: fix uninit-value in __hw_addr_add_ex()
net: initialize skb->peeked when cloning
net: fix rtnh_ok()
netlink: fix uninit-value in netlink_sendmsg
crypto: af_alg - fix possible uninit-value in alg_bind()
ipvs: fix rtnl_lock lockups caused by start_sync_thread
usb: musb: host: fix potential NULL pointer dereference
USB: serial: option: adding support for ublox R410M
USB: serial: option: reimplement interface masking
USB: Accept bulk endpoints with 1024-byte maxpacket
USB: serial: visor: handle potential invalid device configuration
test_firmware: fix setting old custom fw path back on exit, second try
drm/vmwgfx: Fix a buffer object leak
IB/mlx5: Use unlimited rate when static rate is not supported
NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
RDMA/mlx5: Protect from shift operand overflow
RDMA/ucma: Allow resolving address w/o specifying source address
xfs: prevent creating negative-sized file via INSERT_RANGE
Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
Input: leds - fix out of bound access
tracepoint: Do not warn on ENOMEM
ALSA: aloop: Add missing cable lock to ctl API callbacks
ALSA: aloop: Mark paused device as inactive
ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
ALSA: pcm: Check PCM state at xfern compat ioctl
USB: serial: option: Add support for Quectel EP06
gpmi-nand: Handle ECC Errors in erased pages
ath10k: rebuild crypto header in rx data frames
ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
mac80211: Add RX flag to indicate ICV stripped
mac80211: allow same PN for AMSDU sub-frames
mac80211: allow not sending MIC up from driver for HW crypto
percpu: include linux/sched.h for cond_resched()
KVM: s390: Enable all facility bits that are known good for passthrough
bpf: map_get_next_key to return first key on NULL
perf/core: Fix the perf_cpu_time_max_percent check
goldfish: pipe: ANDROID: mark local functions static
Revert "goldfish: pipe: ANDROID: Allocate memory with GFP_KERNEL."
UPSTREAM: ANDROID: binder: prevent transactions into own process.
goldfish: pipe: ANDROID: Add DMA support
UPSTREAM: f2fs: clear PageError on writepage - part 2
UPSTREAM: f2fs: avoid fsync() failure caused by EAGAIN in writepage()
ANDROID: build.config: enforce trace_printk check
ANDROID: x86_64_cuttlefish_defconfig: Disable KPTI
UPSTREAM: mac80211: ibss: Fix channel type enum in ieee80211_sta_join_ibss()
UPSTREAM: mac80211: Fix clang warning about constant operand in logical operation
UPSTREAM: nl80211: Fix enum type of variable in nl80211_put_sta_rate()
UPSTREAM: sysfs: remove signedness from sysfs_get_dirent
UPSTREAM: tracing: Use cpumask_available() to check if cpumask variable may be used
BACKPORT: clocksource: Use GENMASK_ULL in definition of CLOCKSOURCE_MASK
UPSTREAM: netpoll: Fix device name check in netpoll_setup()
FROMLIST: staging: Fix sparse warnings in vsoc driver.
FROMLIST: staging: vsoc: Fix a i386-randconfig warning.
FROMLIST: staging: vsoc: Create wc kernel mapping for region shm.
Revert "goldfish: pipe: ANDROID: remove a redundant target"
goldfish: pipe: ANDROID: Replace writel with gf_write_ptr
goldfish: pipe: ANDROID: Use dev_ logging instead of pr_
goldfish: pipe: ANDROID: fix checkpatch warnings
goldfish: pipe: ANDROID: Update module license
Conflicts:
drivers/net/wireless/ath/ath10k/core.c
drivers/net/wireless/ath/ath10k/core.h
drivers/net/wireless/ath/ath10k/htt_rx.c
Change-Id: If2ede1dea6a07b3fd498724e83071fd547170e1c
[spathi@codeaurora.org: resolved compilation errors in ath10k
by rebuilding crypto header in rx data frames]
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Upstream commit aced43ce780dc5e683b3de00ce9fb3db7d28e1d3 ("cfg80211: Call
reg_notifier for self managed hints conditionally") adds support
for processing user cell_base hints when wiphy is self managed. Add
backport flag for the same.
Change-Id: I44e083f4346cc95eb2f80eeec7d56f305e7ecce0
CRs-Fixed: 2201959
Signed-off-by: Amar Singhal <asinghal@codeaurora.org>
This reverts commit 98d5572dd2. This API
no more needed since user would use existing kernel API.
Change-Id: I2d5a19fc9159da5ef7020cb1808b704b0344087e
CRs-Fixed: 2201959
Signed-off-by: Amar Singhal <asinghal@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlr75p0ACgkQONu9yGCS
aT7YbhAApRoY4GSubs/BHl0Rp24ElRrfxYzyAuB3BLkiMchnP2/5QvqVP1rUk44s
GjceRff2+Ylk8BmgbmynuXYnNuKss8QC+yk0HB5RGu5GkwWWj1XnP/TUkHCaWR0a
WeGs2L4anmg5yvf9gHkEjVKBxNTy/xKhGCKqnNEyZ6KE5o3mHigNZl0yW2yNWLSg
XItDPGSnanhRwDUZv5j7TBsH5K9YFtjT9m631NiTGF0I0MI5UDnnKvXqjLsO2qxs
oHerdOQcMZFCScn1GMSGDpz4kAp/JjQIAnwOsgw92usk2H8i6vGExIOKLGt5Jn/O
3a9hp4cn8dQiZ9oofPC43N3XmH3XfGQnQllkX7Zoh4qB6gheVHwiY0+rH9IDrdkn
/Mv6HCMTSGJ7CcLwMRxBqvOKX6DT1iNaw2n2zzOwoLecDYRYn1W6pgOHWKl4uBcd
j0xKEf1lUM0WrboOdF3j1slJXgpXXvJOrr7tPABbEKNcaOXdmIttN8CLRG5tV3GP
TLH+Qz+xDzYH2chy4RVsCXO9S2gwXgtladXVh4LR913sY+k5J6KWPkmmCmwZD3Z5
txUG13UtAiThrijoRngtz0MDYXyh6Mn/9ylChRcQSYecFD2awGXjORKcWQUXfH1n
2Wq00QC6wNYirpqpGWlS1mi9XGTTpkRgPN0cWV3+QLG3D0lofhU=
=bVRt
-----END PGP SIGNATURE-----
Merge 4.4.132 into android-4.4
Changes in 4.4.132
perf/core: Fix the perf_cpu_time_max_percent check
bpf: map_get_next_key to return first key on NULL
KVM: s390: Enable all facility bits that are known good for passthrough
percpu: include linux/sched.h for cond_resched()
mac80211: allow not sending MIC up from driver for HW crypto
mac80211: allow same PN for AMSDU sub-frames
mac80211: Add RX flag to indicate ICV stripped
ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode
ath10k: rebuild crypto header in rx data frames
gpmi-nand: Handle ECC Errors in erased pages
USB: serial: option: Add support for Quectel EP06
ALSA: pcm: Check PCM state at xfern compat ioctl
ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
ALSA: aloop: Mark paused device as inactive
ALSA: aloop: Add missing cable lock to ctl API callbacks
tracepoint: Do not warn on ENOMEM
Input: leds - fix out of bound access
Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro
xfs: prevent creating negative-sized file via INSERT_RANGE
RDMA/ucma: Allow resolving address w/o specifying source address
RDMA/mlx5: Protect from shift operand overflow
NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
IB/mlx5: Use unlimited rate when static rate is not supported
drm/vmwgfx: Fix a buffer object leak
test_firmware: fix setting old custom fw path back on exit, second try
USB: serial: visor: handle potential invalid device configuration
USB: Accept bulk endpoints with 1024-byte maxpacket
USB: serial: option: reimplement interface masking
USB: serial: option: adding support for ublox R410M
usb: musb: host: fix potential NULL pointer dereference
ipvs: fix rtnl_lock lockups caused by start_sync_thread
crypto: af_alg - fix possible uninit-value in alg_bind()
netlink: fix uninit-value in netlink_sendmsg
net: fix rtnh_ok()
net: initialize skb->peeked when cloning
net: fix uninit-value in __hw_addr_add_ex()
dccp: initialize ireq->ir_mark
soreuseport: initialise timewait reuseport field
perf: Remove superfluous allocation error check
tcp: fix TCP_REPAIR_QUEUE bound checking
bdi: Fix oops in wb_workfn()
f2fs: fix a dead loop in f2fs_fiemap()
xfrm_user: fix return value from xfrm_user_rcv_msg
rfkill: gpio: fix memory leak in probe error path
libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
tracing: Fix regex_match_front() to not over compare the test string
can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
net: atm: Fix potential Spectre v1
atm: zatm: Fix potential Spectre v1
Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174"
tracing/uprobe_event: Fix strncpy corner case
perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[]
perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
Linux 4.4.132
Change-Id: I66c21e374dff5a5735f1c5958021612387c635bf
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit b1993a2de12c9e75c35729e2ffbc3a92d50c0d31 upstream.
syzbot reported :
BUG: KMSAN: uninit-value in rtnh_ok include/net/nexthop.h:11 [inline]
BUG: KMSAN: uninit-value in fib_count_nexthops net/ipv4/fib_semantics.c:469 [inline]
BUG: KMSAN: uninit-value in fib_create_info+0x554/0x8d20 net/ipv4/fib_semantics.c:1091
@remaining is an integer, coming from user space.
If it is negative we want rtnh_ok() to return false.
Fixes: 4e902c5741 ("[IPv4]: FIB configuration using struct fib_config")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit cef0acd4d7d4811d2d19cd0195031bf0dfe41249 upstream.
Add a flag that indicates that the WEP ICV was stripped from an
RX packet, allowing the device to not transfer that if it's
already checked.
Signed-off-by: David Spinadel <david.spinadel@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Cc: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit f631a77ba920f7153a1094d09cd8f2ebbffd0328 upstream.
Some hardware (iwlwifi an example) de-aggregate AMSDUs and copy the IV
as is to the generated MPDUs, so the same PN appears in multiple
packets without being a replay attack. Allow driver to explicitly
indicate that a frame is allowed to have the same PN as the previous
frame.
Signed-off-by: Sara Sharon <sara.sharon@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Cc: Sriram R <srirrama@codeaurora.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Srinivas Dasari
Srinivas Dasari
codeworkx
Andrew Zaborowski
Srinivas Girigowda
Johannes Berg
Anurag Chouhan
Yue Ma
Srinivasarao P
Greg Kroah-Hartman
Yuchung Cheng
Eric Dumazet
Cong Wang
Linux Build Service Account
Jayachandran Sreekumaran
Frank Liu
Colin Ian King
Blagovest Kolenichev
Szymon Janc
Yu Wang
Sabrina Dubroca
Felix Fietkau
Amar Singhal
David Spinadel
Sara Sharon