[ Upstream commit 4fd44a98ffe0d048246efef67ed640fdf2098a62 ]
commit 079096f103 ("tcp/dccp: install syn_recv requests into ehash
table") introduced an optimization for the handling of child sockets
created for a new TCP connection.
But this optimization passes any data associated with the last ACK of the
connection handshake up the stack without verifying its checksum, because it
calls tcp_child_process(), which in turn calls tcp_rcv_state_process()
directly. These lower-level processing functions do not do any checksum
verification.
Insert a tcp_checksum_complete call in the TCP_NEW_SYN_RECEIVE path to
fix this.
Fixes: 079096f103 ("tcp/dccp: install syn_recv requests into ehash table")
Signed-off-by: Frank van der Linden <fllinden@amazon.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Tested-by: Balbir Singh <bsingharora@gmail.com>
Reviewed-by: Balbir Singh <bsingharora@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit eb55bbf865d9979098c6a7a17cbdb41237ece951 ]
There is a timing issue under active-standy mode, when bond_enslave() is
called, bond->params.primary might not be initialized yet.
Any time the primary slave string changes, bond->force_primary should be
set to true to make sure the primary becomes the active slave.
Signed-off-by: Xiangning Yu <yuxiangning@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit ebc3dd688cd988754a304147753b13e58de1b5a1 ]
It has been observed that writing 0xF2 to the power register while it
reads as 0xF4 results in the register having the value 0xF0, i.e. clearing
RESUME and setting SUSPENDM in one go does not work. It might also violate
the USB spec to transition directly from resume to suspend, especially
when not taking T_DRSMDN into account. But this is what happens when a
remote wakeup occurs between SetPortFeature USB_PORT_FEAT_SUSPEND on the
root hub and musb_bus_suspend being called.
This commit returns -EBUSY when musb_bus_suspend is called while remote
wakeup is signalled and thus avoids to reset the RESUME bit. Ignoring
this error when musb_port_suspend is called from musb_hub_control is ok.
Signed-off-by: Daniel Glöckner <dg@emlix.com>
Signed-off-by: Bin Liu <b-liu@ti.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 8810f7517a3bc4ca2d41d022446d3f5fd6b77c09 ]
There is a scenario that can end up with rebuild process failing to
return good content, i.e.
suppose that all disks can be read without problems and if the content
that was read out doesn't match its checksum, currently for raid6
btrfs at most retries twice,
- the 1st retry is to rebuild with all other stripes, it'll eventually
be a raid5 xor rebuild,
- if the 1st fails, the 2nd retry will deliberately fail parity p so
that it will do raid6 style rebuild,
however, the chances are that another non-parity stripe content also
has something corrupted, so that the above retries are not able to
return correct content, and users will think of this as data loss.
More seriouly, if the loss happens on some important internal btree
roots, it could refuse to mount.
This extends btrfs to do more retries and each retry fails only one
stripe. Since raid6 can tolerate 2 disk failures, if there is one
more failure besides the failure on which we're recovering, this can
always work.
The worst case is to retry as many times as the number of raid6 disks,
but given the fact that such a scenario is really rare in practice,
it's still acceptable.
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 02db55718d53f9d426cee504c27fb768e9ed4ffe upstream.
While rcvbuf is properly clamped by tcp_rmem[2], rcvwin
is left to a potentially too big value.
It has no serious effect, since :
1) tcp_grow_window() has very strict checks.
2) window_clamp can be mangled by user space to any value anyway.
tcp_init_buffer_space() and companions use tcp_full_space(),
we use tcp_win_from_space() to avoid reloading sk->sk_rcvbuf
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Acked-by: Wei Wang <weiwan@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Benjamin Gilbert <benjamin.gilbert@coreos.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This reverts commit 95b286daf7.
This commit used an incorrect log message.
Reported-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 26de0b76d9ba3200f09c6cb9d9618bda338be5f7 ]
With CONFIG_DMA_API_DEBUG=y, calling sonic_open() produces the
message, "DMA-API: device driver failed to check map error".
Add the missing dma_mapping_error() call.
Cc: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: Finn Thain <fthain@telegraphics.com.au>
Acked-by: Thomas Bogendoerfer <tsbogend@alpha.franken.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit f9c6442a8f0b1dde9e755eb4ff6fa22bcce4eabc ]
memcmp() returns int, but eprom_try_esi() cast it to unsigned char. One
can lose significant bits and get 0 from non-0 value returned by the
memcmp().
Signed-off-by: Ivan Bornyakov <brnkv.i1@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Do not unvote for the mss_cfg_ahb clock after the modem
boots up for modem ssr to work,so remove qcom,ahb-clk-vote
property for msm8996 auto boards
Change-Id: Id04bbb9c98bd3852727309c79a459a0bd353d534
Signed-off-by: Vivek Kumar <vivekuma@codeaurora.org>
Invoke kgsl_suspend and kgsl_resume during hibernation
of KGSL.
Change-Id: I8e1a8ad8b9293d568950a9e71667d1088ff6fbba
Signed-off-by: Suprith Malligere Shankaregowda <supgow@codeaurora.org>
Signed-off-by: Thomas (Wonyoung) Yun <wyun@codeaurora.org>
Socket event string, notifying userspace of socket event, can leak
data into userspace. Memset it before filling it using strlcpy.
Change-Id: I37851f32a1b7ce3307644998c2cc7dd617bb7022
Signed-off-by: Tejaswi Tanikella <tejaswit@codeaurora.org>
Add mutex lock protection to synchronize rtac
calibration set and get api calls.
Change-Id: Ieb2d01642ecefff6405bb59554157c304b4b651d
Signed-off-by: Ramprasad Katkam <katkam@codeaurora.org>
KASAN found a use-after-free in xhci_free_virt_device+0x33b/0x38e
where xhci_free_virt_device() sets slot id to 0 if udev exists:
if (dev->udev && dev->udev->slot_id)
dev->udev->slot_id = 0;
dev->udev will be true even if udev is freed because dev->udev is
not set to NULL.
set dev->udev pointer to NULL in xhci_free_dev()
The original patch went to stable so this fix needs to be applied
there as well.
Fixes: a400efe455f7 ("xhci: zero usb device slot_id member when disabling and freeing a xhci slot")
Cc: <stable@vger.kernel.org>
Reported-by: Guenter Roeck <linux@roeck-us.net>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Git-commit: 44a182b9d17765514fa2b1cc911e4e65134eef93
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
[hemantk@codeaurora.org: resolved merge conflict]
Signed-off-by: Hemant Kumar <hemantk@codeaurora.org>
Change-Id: I507d8439de007b3df6728f77407a4aee51463913
Currently, mask pointers are not updated in
case peripherals are supporting more mask
tables. The patch updates the mask pointers
properly.
Change-Id: I1360c722076fca0215e0ccd28247c4741a1ebd88
Signed-off-by: Mohit Aggarwal <maggarwa@codeaurora.org>
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
Added pm functions on sensor driver to control
sensor resume and suspend.
Change-Id: I17e51462e6e5ef2d0224daefc2ea8159748609af
Signed-off-by: Suprith Malligere Shankaregowda <supgow@codeaurora.org>
Re-adding lock_sock(sk) and release_lock(sk) back in packet_set_ring()
is incorrect and causing deadlock.
This reverts commit e513723258.
Change-Id: I1e5aa60d155f2c0803c127dc3e2e9dd81807e6f3
Signed-off-by: Srinivasa Rao Kuppala <srkupp@codeaurora.org>
Enable the PMIC MPP08 for msm8996 CV2X boards. This
GPIO is used to power on the external modem.
Change-Id: I834d3896687be292b9e6f68f719e4ea317da2035
Signed-off-by: Gustavo Solaira <gustavos@codeaurora.org>
Use flag CLKFLAG_NO_RATE_CACHE for RCG and branch clock
for mdss_extpclk_clk used for HDMI interface. Using this
flag will allow the clock framework to calculate rate
again and not depend on the cached rates.
Change-Id: I88f8924074a23e5a6fd48ce6243c7db89580109b
Signed-off-by: Rahul Sharma <rahsha@codeaurora.org>
This reverts commit 56902791977fa54fd0c34a7a6ea0c5da78b2334d.
Display blanking or black frames should be requested explicitly
by user space clients and shouldn't be triggered on system
suspend/resume transitions.
Change-Id: Ic0cf5b7b6d97dd118c0a43b81911eb9ee6ed8459
Signed-off-by: Clarence Ip <cip@codeaurora.org>
Signed-off-by: Rahul Sharma <rahsha@codeaurora.org>
SSM driver is not enabled and hence needs deprecation.
Remove all the SSM driver references.
CRs-Fixed: 2268386
Change-Id: I02f82817023d2fcc6d05a2f0d7eb3aec8f60a7d5
Signed-off-by: Manoj Prabhu B <bmanoj@codeaurora.org>
hab_qvm.h and its relevant stuffs are
only available when CONFIG_MSM_GVM_QUIN is enabled.
Change-Id: I7975f65f0f5bc627b7547c05245a37d4e6500c81
Signed-off-by: Yong Ding <yongding@codeaurora.org>
