lock_page() must operate on the whole compound page. It doesn't make
much sense to lock part of compound page. Change code to use head
page's PG_locked, if tail page is passed.
This patch also gets rid of custom helper functions --
__set_page_locked() and __clear_page_locked(). They are replaced with
helpers generated by __SETPAGEFLAG/__CLEARPAGEFLAG. Tail pages to these
helper would trigger VM_BUG_ON().
SLUB uses PG_locked as a bit spin locked. IIUC, tail pages should never
appear there. VM_BUG_ON() is added to make sure that this assumption is
correct.
[akpm@linux-foundation.org: fix fs/cifs/file.c]
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Mel Gorman <mgorman@suse.de>
Cc: Rik van Riel <riel@redhat.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Christoph Lameter <cl@linux.com>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Steve Capper <steve.capper@linaro.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@suse.cz>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Jérôme Glisse <jglisse@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: Ifeeb98c789880ff34b286383568db60e08672205
Git-Commit: 48c935ad88f5be20eb5445a77c171351b1eb5111
Git-Repo: git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluvTzgACgkQONu9yGCS
aT4cDBAAt3nIMdRL1imwklktUpNu+O8GlhoHi3Py3B5EijuaWMCrKHaONHCundtq
rZ5fSVtZkdTE6wOEJygY/w8foTmlC0iqpeOUzLXB/rPXaAwIC1EUx4/eaU3SBv3m
XN2XqKNnlF7lVoetIrS/RV2jGDM+h5p+oV0FOAMQb69/ozlpac0yIXABwiWXp7xe
v8ccCyqdc3b+nCB0x6/jMmKocPAVDfRl4oWYXKBi7qmD7n3dLXPyHNaxvfoKoZY/
Zfepjx3uaL+r7Z2nPwl3/5uiEqEDahIBCHoc/EpIHS7EnwVXD4G9lBRQPCdtZfjG
9qKz5pVgjv/c713UIbvuigxZgL39iuyMQvJn9kySoLjuBJ6auKIBJdVkzpYmUSaY
qMWVPW0l7j/VntF3hCTYYNXDU1xqI0d8BESkrA4dTQsLW8HbkNNmIPEwCZ0Fn60Y
HIzkXX+wv3N+G2uIs4aTVXYuvJ+ukiTYW5vc4a16cP62ZSyafRUn/0aiiuyaWg/q
lHI4jNnxEEkiOyH7EznBmxApWWfc8e9fVTsWva0p7ghFJ9dTbmE+eCEUzTIbE6I7
HITq7uu0VfB8WZWmL59HtZ+dI3CMN0oAzwHM0s5dbi/o0oPtiXGRkCAxjtq/+ikA
91+V3AAWkdADzKp+NQ0oV0GMe1M5lN61m19U93UCspE/Kn6UfX4=
=0NRm
-----END PGP SIGNATURE-----
Merge 4.4.159 into android-4.4-p
Changes in 4.4.159
NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
NFC: Fix the number of pipes
ASoC: cs4265: fix MMTLR Data switch control
ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping
ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO
platform/x86: alienware-wmi: Correct a memory leak
xen/netfront: don't bug in case of too many frags
xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code
ring-buffer: Allow for rescheduling when removing pages
mm: shmem.c: Correctly annotate new inodes for lockdep
gso_segment: Reset skb->mac_len after modifying network header
ipv6: fix possible use-after-free in ip6_xmit()
net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
net: hp100: fix always-true check for link up state
neighbour: confirm neigh entries when ARP packet is received
scsi: target: iscsi: Use hex2bin instead of a re-implementation
ocfs2: fix ocfs2 read block panic
drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
tty: vt_ioctl: fix potential Spectre v1
ext4: avoid divide by zero fault when deleting corrupted inline directories
ext4: recalucate superblock checksum after updating free blocks/inodes
ext4: fix online resize's handling of a too-small final block group
ext4: fix online resizing for bigalloc file systems with a 1k block size
ext4: don't mark mmp buffer head dirty
arm64: Add trace_hardirqs_off annotation in ret_to_user
HID: sony: Update device ids
HID: sony: Support DS4 dongle
iw_cxgb4: only allow 1 flush on user qps
Linux 4.4.159
Change-Id: Id8749dd7cbb3bc2d07163298fcd30744480c3e24
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluvTzgACgkQONu9yGCS
aT4cDBAAt3nIMdRL1imwklktUpNu+O8GlhoHi3Py3B5EijuaWMCrKHaONHCundtq
rZ5fSVtZkdTE6wOEJygY/w8foTmlC0iqpeOUzLXB/rPXaAwIC1EUx4/eaU3SBv3m
XN2XqKNnlF7lVoetIrS/RV2jGDM+h5p+oV0FOAMQb69/ozlpac0yIXABwiWXp7xe
v8ccCyqdc3b+nCB0x6/jMmKocPAVDfRl4oWYXKBi7qmD7n3dLXPyHNaxvfoKoZY/
Zfepjx3uaL+r7Z2nPwl3/5uiEqEDahIBCHoc/EpIHS7EnwVXD4G9lBRQPCdtZfjG
9qKz5pVgjv/c713UIbvuigxZgL39iuyMQvJn9kySoLjuBJ6auKIBJdVkzpYmUSaY
qMWVPW0l7j/VntF3hCTYYNXDU1xqI0d8BESkrA4dTQsLW8HbkNNmIPEwCZ0Fn60Y
HIzkXX+wv3N+G2uIs4aTVXYuvJ+ukiTYW5vc4a16cP62ZSyafRUn/0aiiuyaWg/q
lHI4jNnxEEkiOyH7EznBmxApWWfc8e9fVTsWva0p7ghFJ9dTbmE+eCEUzTIbE6I7
HITq7uu0VfB8WZWmL59HtZ+dI3CMN0oAzwHM0s5dbi/o0oPtiXGRkCAxjtq/+ikA
91+V3AAWkdADzKp+NQ0oV0GMe1M5lN61m19U93UCspE/Kn6UfX4=
=0NRm
-----END PGP SIGNATURE-----
Merge 4.4.159 into android-4.4
Changes in 4.4.159
NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
NFC: Fix the number of pipes
ASoC: cs4265: fix MMTLR Data switch control
ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping
ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO
platform/x86: alienware-wmi: Correct a memory leak
xen/netfront: don't bug in case of too many frags
xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code
ring-buffer: Allow for rescheduling when removing pages
mm: shmem.c: Correctly annotate new inodes for lockdep
gso_segment: Reset skb->mac_len after modifying network header
ipv6: fix possible use-after-free in ip6_xmit()
net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
net: hp100: fix always-true check for link up state
neighbour: confirm neigh entries when ARP packet is received
scsi: target: iscsi: Use hex2bin instead of a re-implementation
ocfs2: fix ocfs2 read block panic
drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()
tty: vt_ioctl: fix potential Spectre v1
ext4: avoid divide by zero fault when deleting corrupted inline directories
ext4: recalucate superblock checksum after updating free blocks/inodes
ext4: fix online resize's handling of a too-small final block group
ext4: fix online resizing for bigalloc file systems with a 1k block size
ext4: don't mark mmp buffer head dirty
arm64: Add trace_hardirqs_off annotation in ret_to_user
HID: sony: Update device ids
HID: sony: Support DS4 dongle
iw_cxgb4: only allow 1 flush on user qps
Linux 4.4.159
Change-Id: I98239ca60783ca69147f2f11034138fc22e2af65
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
* refs/heads/tmp-c139ea66
Linux 4.4.157
mm: get rid of vmacache_flush_all() entirely
x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
autofs: fix autofs_sbi() does not check super block type
mtd: ubi: wl: Fix error return code in ubi_wl_init()
crypto: vmx - Fix sleep-in-atomic bugs
ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle
net: ethernet: ti: cpsw: fix mdio device reference leak
drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
vmw_balloon: include asm/io.h
xhci: Fix use-after-free in xhci_free_virt_device
RDMA/cma: Do not ignore net namespace for unbound cm_id
MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
mfd: ti_am335x_tscadc: Fix struct clk memory leak
iommu/ipmmu-vmsa: Fix allocation in atomic context
partitions/aix: fix usage of uninitialized lv_info and lvname structures
partitions/aix: append null character to print data from disk
Input: atmel_mxt_ts - only use first T9 instance
net: dcb: For wild-card lookups, use priority -1, not 0
MIPS: Octeon: add missing of_node_put()
net: mvneta: fix mtu change on port without link
gpio: ml-ioh: Fix buffer underwrite on probe error path
x86/mm: Remove in_nmi() warning from vmalloc_fault()
Bluetooth: hidp: Fix handling of strncpy for hid->name information
ath10k: disable bundle mgmt tx completion event support
scsi: 3ware: fix return 0 on the error path of probe
ata: libahci: Correct setting of DEVSLP register
MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
ath10k: prevent active scans on potential unusable channels
macintosh/via-pmu: Add missing mmio accessors
NFSv4.0 fix client reference leak in callback
perf tools: Allow overriding MAX_NR_CPUS at compile time
f2fs: do not set free of current section
tty: rocket: Fix possible buffer overwrite on register_PCI
uio: potential double frees if __uio_register_device() fails
misc: ti-st: Fix memory leak in the error path of probe()
md/raid5: fix data corruption of replacements after originals dropped
scsi: target: fix __transport_register_session locking
gpio: tegra: Move driver registration to subsys_init level
Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
ethtool: Remove trailing semicolon for static inline
misc: mic: SCIF Fix scif_get_new_port() error handling
ARC: [plat-axs*]: Enable SWAP
locking/osq_lock: Fix osq_lock queue corruption
selinux: use GFP_NOWAIT in the AVC kmem_caches
locking/rwsem-xadd: Fix missed wakeup due to reordering of load
block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
staging/rts5208: Fix read overflow in memcpy
staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
kthread: fix boot hang (regression) on MIPS/OpenRISC
kthread: Fix use-after-free if kthread fork fails
cfq: Give a chance for arming slice idle timer in case of group_idle
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
i2c: i801: fix DNV's SMBCTRL register offset
i2c: xiic: Make the start and the byte count write atomic
Conflicts:
block/blk-cgroup.c
drivers/net/wireless/ath/ath10k/wmi-tlv.c
kernel/locking/rwsem-xadd.c
Change-Id: If6c24e0c16e173dc2a22e047200bbd7a4f11f713
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
* refs/heads/tmp-7eb7037
Linux 4.4.156
btrfs: use correct compare function of dirty_metadata_bytes
ASoC: wm8994: Fix missing break in switch
s390/lib: use expoline for all bcr instructions
mei: me: allow runtime pm for platform with D0i3
sch_tbf: fix two null pointer dereferences on init failure
sch_netem: avoid null pointer deref on init failure
sch_hhf: fix null pointer dereference on init failure
sch_multiq: fix double free on init failure
sch_htb: fix crash on init failure
ovl: proper cleanup of workdir
ovl: override creds with the ones from the superblock mounter
ovl: rename is_merge to is_lowest
irqchip/gic: Make interrupt ID 1020 invalid
irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size
irqchip/gicv3-its: Fix memory leak in its_free_tables()
irqchip/gic-v3-its: Recompute the number of pages on page size change
genirq: Delay incrementing interrupt count if it's disabled/pending
Fixes: Commit cdbf92675f ("mm: numa: avoid waiting on freed migrated pages")
enic: do not call enic_change_mtu in enic_probe
Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
irda: Only insert new objects into the global database via setsockopt
irda: Fix memory leak caused by repeated binds of irda socket
kbuild: make missing $DEPMOD a Warning instead of an Error
x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
debugobjects: Make stack check warning more informative
btrfs: Don't remove block group that still has pinned down bytes
btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized
btrfs: replace: Reset on-disk dev stats value after replace
powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
smb3: fix reset of bytes read and written stats
selftests/powerpc: Kill child processes on SIGINT
staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
dm kcopyd: avoid softlockup in run_complete_job
PCI: mvebu: Fix I/O space end address calculation
scsi: aic94xx: fix an error code in aic94xx_init()
s390/dasd: fix hanging offline processing due to canceled worker
powerpc: Fix size calculation using resource_size()
net/9p: fix error path of p9_virtio_probe
irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
mfd: sm501: Set coherent_dma_mask when creating subdevices
ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
mm/fadvise.c: fix signed overflow UBSAN complaint
scripts: modpost: check memory allocation results
fat: validate ->i_start before using
hfsplus: fix NULL dereference in hfsplus_lookup()
reiserfs: change j_timestamp type to time64_t
fork: don't copy inconsistent signal handler state to child
hfs: prevent crash on exit from failed search
hfsplus: don't return 0 when fill_super() failed
cifs: check if SMB2 PDU size has been padded and suppress the warning
vti6: remove !skb->ignore_df check from vti6_xmit()
tcp: do not restart timewait timer on rst reception
qlge: Fix netdev features configuration.
net: bcmgenet: use MAC link status for fixed phy
staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
Conflicts:
drivers/staging/android/ion/ion.c
Change-Id: I7153f61c3a676a788f64eeb8bab13e840bbbf985
[readded the function ion_handle_get_by_id() which got deleted with
commit 'staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free'
since it is used in msm/msm_ion.c]
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluitjwACgkQONu9yGCS
aT7iuA/9FDL/m4yOFPh6lFP6b5JnpDoKniJM3R6eg8am9TYaCe0mwJImEy8yP8sH
BOK/LECOJqV8Waw0ANQieJYZj/GsRXk9TOwUwvOCbhNwfu+e2x4/31dRIpxSQaCs
dYROb4ISGd9wyLMKqgh0zqMxKKfb/Ija4oBjfz7xUJYoHFuc8hlfic6HUr8i/J76
kz5LJ5uPWyrBOKzQT15o0bz05LmnKBX8TyhpzzPBf/+eQ1jzh7uvpawcOz03u8iV
6VpNXCbTTUf863nmOxcEfuClI1GnCHstAHTKaEc6u5MUhkJKKqxWDTsO92qhnUne
FXB7/UeVwsGA69Oy4nInJMGI7hHlJ6LR1CBA9SmfjzUvBY9P6nT2vrU6NYg0n3Bd
tP7S69xXQUdkkvDNjphsOuexuResITJ48obg+Lx2ijCAHNosafKyN1It8t/euOAD
xCeTxfLtXMCO+3z+UvOwFnKwgLImt1Bh8fGynjpk7fvIycrm+FP0iZ+2cw4NUiMU
jKtjvQCWbfK64fZ5eIdxo/rKyX7hK3PRMw6r6rEvaW/z6Cm33Dvy+1Rn3fiXJpIS
oEt7knHsoBraHtrUvbPXMc5S0ZNvoNLD3omWm1Ot+NlP3ogIi/ZFwvwUU537FZmL
2g8V16o0IliBOqNr3vkDyInv/5+LDVI22noc3bjEoi/LsoYe4j4=
=2RHb
-----END PGP SIGNATURE-----
Merge 4.4.157 into android-4.4-p
Changes in 4.4.157
i2c: xiic: Make the start and the byte count write atomic
i2c: i801: fix DNV's SMBCTRL register offset
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
cfq: Give a chance for arming slice idle timer in case of group_idle
kthread: Fix use-after-free if kthread fork fails
kthread: fix boot hang (regression) on MIPS/OpenRISC
staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
staging/rts5208: Fix read overflow in memcpy
block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
locking/rwsem-xadd: Fix missed wakeup due to reordering of load
selinux: use GFP_NOWAIT in the AVC kmem_caches
locking/osq_lock: Fix osq_lock queue corruption
ARC: [plat-axs*]: Enable SWAP
misc: mic: SCIF Fix scif_get_new_port() error handling
ethtool: Remove trailing semicolon for static inline
Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
gpio: tegra: Move driver registration to subsys_init level
scsi: target: fix __transport_register_session locking
md/raid5: fix data corruption of replacements after originals dropped
misc: ti-st: Fix memory leak in the error path of probe()
uio: potential double frees if __uio_register_device() fails
tty: rocket: Fix possible buffer overwrite on register_PCI
f2fs: do not set free of current section
perf tools: Allow overriding MAX_NR_CPUS at compile time
NFSv4.0 fix client reference leak in callback
macintosh/via-pmu: Add missing mmio accessors
ath10k: prevent active scans on potential unusable channels
MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
ata: libahci: Correct setting of DEVSLP register
scsi: 3ware: fix return 0 on the error path of probe
ath10k: disable bundle mgmt tx completion event support
Bluetooth: hidp: Fix handling of strncpy for hid->name information
x86/mm: Remove in_nmi() warning from vmalloc_fault()
gpio: ml-ioh: Fix buffer underwrite on probe error path
net: mvneta: fix mtu change on port without link
MIPS: Octeon: add missing of_node_put()
net: dcb: For wild-card lookups, use priority -1, not 0
Input: atmel_mxt_ts - only use first T9 instance
partitions/aix: append null character to print data from disk
partitions/aix: fix usage of uninitialized lv_info and lvname structures
iommu/ipmmu-vmsa: Fix allocation in atomic context
mfd: ti_am335x_tscadc: Fix struct clk memory leak
f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
RDMA/cma: Do not ignore net namespace for unbound cm_id
xhci: Fix use-after-free in xhci_free_virt_device
vmw_balloon: include asm/io.h
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config
net: ethernet: ti: cpsw: fix mdio device reference leak
ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle
crypto: vmx - Fix sleep-in-atomic bugs
mtd: ubi: wl: Fix error return code in ubi_wl_init()
autofs: fix autofs_sbi() does not check super block type
x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
mm: get rid of vmacache_flush_all() entirely
Linux 4.4.157
Change-Id: I08e4c24c1a22ef0e97f9185bc9da72f4a651ca73
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluitjwACgkQONu9yGCS
aT7iuA/9FDL/m4yOFPh6lFP6b5JnpDoKniJM3R6eg8am9TYaCe0mwJImEy8yP8sH
BOK/LECOJqV8Waw0ANQieJYZj/GsRXk9TOwUwvOCbhNwfu+e2x4/31dRIpxSQaCs
dYROb4ISGd9wyLMKqgh0zqMxKKfb/Ija4oBjfz7xUJYoHFuc8hlfic6HUr8i/J76
kz5LJ5uPWyrBOKzQT15o0bz05LmnKBX8TyhpzzPBf/+eQ1jzh7uvpawcOz03u8iV
6VpNXCbTTUf863nmOxcEfuClI1GnCHstAHTKaEc6u5MUhkJKKqxWDTsO92qhnUne
FXB7/UeVwsGA69Oy4nInJMGI7hHlJ6LR1CBA9SmfjzUvBY9P6nT2vrU6NYg0n3Bd
tP7S69xXQUdkkvDNjphsOuexuResITJ48obg+Lx2ijCAHNosafKyN1It8t/euOAD
xCeTxfLtXMCO+3z+UvOwFnKwgLImt1Bh8fGynjpk7fvIycrm+FP0iZ+2cw4NUiMU
jKtjvQCWbfK64fZ5eIdxo/rKyX7hK3PRMw6r6rEvaW/z6Cm33Dvy+1Rn3fiXJpIS
oEt7knHsoBraHtrUvbPXMc5S0ZNvoNLD3omWm1Ot+NlP3ogIi/ZFwvwUU537FZmL
2g8V16o0IliBOqNr3vkDyInv/5+LDVI22noc3bjEoi/LsoYe4j4=
=2RHb
-----END PGP SIGNATURE-----
Merge 4.4.157 into android-4.4
Changes in 4.4.157
i2c: xiic: Make the start and the byte count write atomic
i2c: i801: fix DNV's SMBCTRL register offset
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
cfq: Give a chance for arming slice idle timer in case of group_idle
kthread: Fix use-after-free if kthread fork fails
kthread: fix boot hang (regression) on MIPS/OpenRISC
staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
staging/rts5208: Fix read overflow in memcpy
block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
locking/rwsem-xadd: Fix missed wakeup due to reordering of load
selinux: use GFP_NOWAIT in the AVC kmem_caches
locking/osq_lock: Fix osq_lock queue corruption
ARC: [plat-axs*]: Enable SWAP
misc: mic: SCIF Fix scif_get_new_port() error handling
ethtool: Remove trailing semicolon for static inline
Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
gpio: tegra: Move driver registration to subsys_init level
scsi: target: fix __transport_register_session locking
md/raid5: fix data corruption of replacements after originals dropped
misc: ti-st: Fix memory leak in the error path of probe()
uio: potential double frees if __uio_register_device() fails
tty: rocket: Fix possible buffer overwrite on register_PCI
f2fs: do not set free of current section
perf tools: Allow overriding MAX_NR_CPUS at compile time
NFSv4.0 fix client reference leak in callback
macintosh/via-pmu: Add missing mmio accessors
ath10k: prevent active scans on potential unusable channels
MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
ata: libahci: Correct setting of DEVSLP register
scsi: 3ware: fix return 0 on the error path of probe
ath10k: disable bundle mgmt tx completion event support
Bluetooth: hidp: Fix handling of strncpy for hid->name information
x86/mm: Remove in_nmi() warning from vmalloc_fault()
gpio: ml-ioh: Fix buffer underwrite on probe error path
net: mvneta: fix mtu change on port without link
MIPS: Octeon: add missing of_node_put()
net: dcb: For wild-card lookups, use priority -1, not 0
Input: atmel_mxt_ts - only use first T9 instance
partitions/aix: append null character to print data from disk
partitions/aix: fix usage of uninitialized lv_info and lvname structures
iommu/ipmmu-vmsa: Fix allocation in atomic context
mfd: ti_am335x_tscadc: Fix struct clk memory leak
f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
RDMA/cma: Do not ignore net namespace for unbound cm_id
xhci: Fix use-after-free in xhci_free_virt_device
vmw_balloon: include asm/io.h
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config
net: ethernet: ti: cpsw: fix mdio device reference leak
ethernet: ti: davinci_emac: add missing of_node_put after calling of_parse_phandle
crypto: vmx - Fix sleep-in-atomic bugs
mtd: ubi: wl: Fix error return code in ubi_wl_init()
autofs: fix autofs_sbi() does not check super block type
x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
mm: get rid of vmacache_flush_all() entirely
Linux 4.4.157
Change-Id: I30fc9e099e9065aff5e53c648d822c405525bb07
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 7a9cdebdcc17e426fb5287e4a82db1dfe86339b2 upstream.
Jann Horn points out that the vmacache_flush_all() function is not only
potentially expensive, it's buggy too. It also happens to be entirely
unnecessary, because the sequence number overflow case can be avoided by
simply making the sequence number be 64-bit. That doesn't even grow the
data structures in question, because the other adjacent fields are
already 64-bit.
So simplify the whole thing by just making the sequence number overflow
case go away entirely, which gets rid of all the complications and makes
the code faster too. Win-win.
[ Oleg Nesterov points out that the VMACACHE_FULL_FLUSHES statistics
also just goes away entirely with this ]
Reported-by: Jann Horn <jannh@google.com>
Suggested-by: Will Deacon <will.deacon@arm.com>
Acked-by: Davidlohr Bueso <dave@stgolabs.net>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If the caller has set __GFP_NOWARN don't print the following message:
vmap allocation for size 15736832 failed: use vmalloc=<size> to increase
size.
This can happen with the ARM/Linux or ARM64/Linux module loader built
with CONFIG_ARM{,64}_MODULE_PLTS=y which does a first attempt at loading
a large module from module space, then falls back to vmalloc space.
Change-Id: Ib907156055959e22a419b79fb424772baea556d0
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Git-Commit: 03497d761c55438144fd63534d4223418fdfd345
Git-Repo: git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluct34ACgkQONu9yGCS
aT70pA/7BywAtLPUPyLTGsWGJLzM++Kfn/Z2HFL3aEA+F7pmhjbC+49tpk07hCyV
LRczYt0GFUWX8bqr80EdojbwQHKLi68VYJLskgzA3YtCDFtUMBsoVSaUS8dK4lTs
xBWfyccndk4RQffY8zSP50z3cQCTYPb/cmwDqUiXdQ2hinpoxPZJy/v4o4JFnkug
gHS9U01dH5xlfY5YhI+r+KTvoc9+lvTc+NneK4RkE1CUv4hVO9cdRS/SMLF04L2s
2ffBOEOtvgT9SvR7WspzGFf6TdZkM9/+nolomoPdmH6ZLbTY+30tks3COWUn0vEI
l6Ut86aDnjukNz2l7Bdf05lo2vkYcP5YxdFiWypFjLRufb5QXVm1h7Jp8J5WP9Ub
VM3sNZpE/GTX+y8AqGJaPmnxaSKAhPsc8qxKJ+wyYjMhjgiLNmMiYnCi9mc2VtGp
xW62OtKu8HuBnM3hlaLtgmb/TUQE7pNZqBn6rb+SJlgrYrz+qjpl9xR9xwGHnmFU
Ll8u+Ytn01eGvkqElOYzoGJh48iC/SOLPwPMoYC0hr2ReSAnQHWFlUFarFVmHzoA
CCSSRQLFR0otb5jlHlCmKDnzsEOUQqg5IIu3IfpX/eLMSbgrpc8BdvY98yzeAbcM
uTKK6a/TUPma05G9mcxZTKSxUQqixeoM4BOtrE1thqeqNa4dJZ0=
=7Z2j
-----END PGP SIGNATURE-----
Merge 4.4.156 into android-4.4-p
Changes in 4.4.156
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
net: bcmgenet: use MAC link status for fixed phy
qlge: Fix netdev features configuration.
tcp: do not restart timewait timer on rst reception
vti6: remove !skb->ignore_df check from vti6_xmit()
cifs: check if SMB2 PDU size has been padded and suppress the warning
hfsplus: don't return 0 when fill_super() failed
hfs: prevent crash on exit from failed search
fork: don't copy inconsistent signal handler state to child
reiserfs: change j_timestamp type to time64_t
hfsplus: fix NULL dereference in hfsplus_lookup()
fat: validate ->i_start before using
scripts: modpost: check memory allocation results
mm/fadvise.c: fix signed overflow UBSAN complaint
fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
mfd: sm501: Set coherent_dma_mask when creating subdevices
platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
net/9p: fix error path of p9_virtio_probe
powerpc: Fix size calculation using resource_size()
s390/dasd: fix hanging offline processing due to canceled worker
scsi: aic94xx: fix an error code in aic94xx_init()
PCI: mvebu: Fix I/O space end address calculation
dm kcopyd: avoid softlockup in run_complete_job
staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
selftests/powerpc: Kill child processes on SIGINT
smb3: fix reset of bytes read and written stats
SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
btrfs: replace: Reset on-disk dev stats value after replace
btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized
btrfs: Don't remove block group that still has pinned down bytes
debugobjects: Make stack check warning more informative
x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
kbuild: make missing $DEPMOD a Warning instead of an Error
irda: Fix memory leak caused by repeated binds of irda socket
irda: Only insert new objects into the global database via setsockopt
Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
enic: do not call enic_change_mtu in enic_probe
Fixes: Commit cdbf92675f ("mm: numa: avoid waiting on freed migrated pages")
genirq: Delay incrementing interrupt count if it's disabled/pending
irqchip/gic-v3-its: Recompute the number of pages on page size change
irqchip/gicv3-its: Fix memory leak in its_free_tables()
irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size
irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
irqchip/gic: Make interrupt ID 1020 invalid
ovl: rename is_merge to is_lowest
ovl: override creds with the ones from the superblock mounter
ovl: proper cleanup of workdir
sch_htb: fix crash on init failure
sch_multiq: fix double free on init failure
sch_hhf: fix null pointer dereference on init failure
sch_netem: avoid null pointer deref on init failure
sch_tbf: fix two null pointer dereferences on init failure
mei: me: allow runtime pm for platform with D0i3
s390/lib: use expoline for all bcr instructions
ASoC: wm8994: Fix missing break in switch
btrfs: use correct compare function of dirty_metadata_bytes
Linux 4.4.156
Change-Id: I8322cf746e099eaaf40af64bf8a25bb2cf33821f
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluct34ACgkQONu9yGCS
aT70pA/7BywAtLPUPyLTGsWGJLzM++Kfn/Z2HFL3aEA+F7pmhjbC+49tpk07hCyV
LRczYt0GFUWX8bqr80EdojbwQHKLi68VYJLskgzA3YtCDFtUMBsoVSaUS8dK4lTs
xBWfyccndk4RQffY8zSP50z3cQCTYPb/cmwDqUiXdQ2hinpoxPZJy/v4o4JFnkug
gHS9U01dH5xlfY5YhI+r+KTvoc9+lvTc+NneK4RkE1CUv4hVO9cdRS/SMLF04L2s
2ffBOEOtvgT9SvR7WspzGFf6TdZkM9/+nolomoPdmH6ZLbTY+30tks3COWUn0vEI
l6Ut86aDnjukNz2l7Bdf05lo2vkYcP5YxdFiWypFjLRufb5QXVm1h7Jp8J5WP9Ub
VM3sNZpE/GTX+y8AqGJaPmnxaSKAhPsc8qxKJ+wyYjMhjgiLNmMiYnCi9mc2VtGp
xW62OtKu8HuBnM3hlaLtgmb/TUQE7pNZqBn6rb+SJlgrYrz+qjpl9xR9xwGHnmFU
Ll8u+Ytn01eGvkqElOYzoGJh48iC/SOLPwPMoYC0hr2ReSAnQHWFlUFarFVmHzoA
CCSSRQLFR0otb5jlHlCmKDnzsEOUQqg5IIu3IfpX/eLMSbgrpc8BdvY98yzeAbcM
uTKK6a/TUPma05G9mcxZTKSxUQqixeoM4BOtrE1thqeqNa4dJZ0=
=7Z2j
-----END PGP SIGNATURE-----
Merge 4.4.156 into android-4.4
Changes in 4.4.156
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
net: bcmgenet: use MAC link status for fixed phy
qlge: Fix netdev features configuration.
tcp: do not restart timewait timer on rst reception
vti6: remove !skb->ignore_df check from vti6_xmit()
cifs: check if SMB2 PDU size has been padded and suppress the warning
hfsplus: don't return 0 when fill_super() failed
hfs: prevent crash on exit from failed search
fork: don't copy inconsistent signal handler state to child
reiserfs: change j_timestamp type to time64_t
hfsplus: fix NULL dereference in hfsplus_lookup()
fat: validate ->i_start before using
scripts: modpost: check memory allocation results
mm/fadvise.c: fix signed overflow UBSAN complaint
fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
mfd: sm501: Set coherent_dma_mask when creating subdevices
platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
net/9p: fix error path of p9_virtio_probe
powerpc: Fix size calculation using resource_size()
s390/dasd: fix hanging offline processing due to canceled worker
scsi: aic94xx: fix an error code in aic94xx_init()
PCI: mvebu: Fix I/O space end address calculation
dm kcopyd: avoid softlockup in run_complete_job
staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
selftests/powerpc: Kill child processes on SIGINT
smb3: fix reset of bytes read and written stats
SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
btrfs: replace: Reset on-disk dev stats value after replace
btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized
btrfs: Don't remove block group that still has pinned down bytes
debugobjects: Make stack check warning more informative
x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
kbuild: make missing $DEPMOD a Warning instead of an Error
irda: Fix memory leak caused by repeated binds of irda socket
irda: Only insert new objects into the global database via setsockopt
Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
enic: do not call enic_change_mtu in enic_probe
Fixes: Commit cdbf92675f ("mm: numa: avoid waiting on freed migrated pages")
genirq: Delay incrementing interrupt count if it's disabled/pending
irqchip/gic-v3-its: Recompute the number of pages on page size change
irqchip/gicv3-its: Fix memory leak in its_free_tables()
irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size
irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar()
irqchip/gic: Make interrupt ID 1020 invalid
ovl: rename is_merge to is_lowest
ovl: override creds with the ones from the superblock mounter
ovl: proper cleanup of workdir
sch_htb: fix crash on init failure
sch_multiq: fix double free on init failure
sch_hhf: fix null pointer dereference on init failure
sch_netem: avoid null pointer deref on init failure
sch_tbf: fix two null pointer dereferences on init failure
mei: me: allow runtime pm for platform with D0i3
s390/lib: use expoline for all bcr instructions
ASoC: wm8994: Fix missing break in switch
btrfs: use correct compare function of dirty_metadata_bytes
Linux 4.4.156
Change-Id: Ia12d5f0a8ae43215e26b67f5db492738496635b7
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Commit cdbf92675f ("mm: numa: avoid waiting on freed migrated pages")
was an incomplete backport of the upstream commit. It is necessary to
always reset page_nid before attempting any early exit.
The original commit conflicted due to lack of commit 82b0f8c39a38
("mm: join struct fault_env and vm_fault") in 4.9 so it wasn't a clean
application, and the change must have just gotten lost in the noise.
Signed-off-by: Chas Williams <chas3@att.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit a718e28f538441a3b6612da9ff226973376cdf0f ]
Signed integer overflow is undefined according to the C standard. The
overflow in ksys_fadvise64_64() is deliberate, but since it is signed
overflow, UBSAN complains:
UBSAN: Undefined behaviour in mm/fadvise.c:76:10
signed integer overflow:
4 + 9223372036854775805 cannot be represented in type 'long long int'
Use unsigned types to do math. Unsigned overflow is defined so UBSAN
will not complain about it. This patch doesn't change generated code.
[akpm@linux-foundation.org: add comment explaining the casts]
Link: http://lkml.kernel.org/r/20180629184453.7614-1-aryabinin@virtuozzo.com
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Reported-by: <icytxw@gmail.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Alexander Potapenko <glider@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-b3f777e
Linux 4.4.155
drm/drivers: add support for using the arch wc mapping API.
x86/io: add interface to reserve io memtype for a resource range. (v1.1)
fs/quota: Fix spectre gadget in do_quotactl
perf auxtrace: Fix queue resize
bcache: release dc->writeback_lock properly in bch_writeback_thread()
getxattr: use correct xattr length
udlfb: set optimal write delay
fb: fix lost console when the user unplugs a USB adapter
pwm: tiehrpwm: Fix disabling of output of PWMs
ubifs: Fix synced_i_size calculation for xattr inodes
ubifs: Check data node size before truncate
Revert "UBIFS: Fix potential integer overflow in allocation"
ubifs: Fix memory leak in lprobs self-check
userns: move user access out of the mutex
sys: don't hold uts_sem while accessing userspace memory
osf_getdomainname(): use copy_to_user()
iommu/vt-d: Fix dev iotlb pfsid use
iommu/vt-d: Add definitions for PFSID
mm/tlb: Remove tlb_remove_table() non-concurrent condition
ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
pnfs/blocklayout: off by one in bl_map_stripe()
PM / sleep: wakeup: Fix build error caused by missing SRCU support
9p: fix multiple NULL-pointer-dereferences
uprobes: Use synchronize_rcu() not synchronize_sched()
kthread, tracing: Don't expose half-written comm when creating kthreads
tracing/blktrace: Fix to allow setting same value
tracing: Do not call start/stop() functions when tracing_on does not change
vmw_balloon: fix VMCI use when balloon built into kernel
vmw_balloon: VMCI_DOORBELL_SET does not check status
vmw_balloon: do not use 2MB without batching
vmw_balloon: fix inflation of 64-bit GFNs
iio: ad9523: Fix return value for ad952x_store()
iio: ad9523: Fix displayed phase
dm cache metadata: save in-core policy_hint_size to on-disk superblock
x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call
net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
net/9p/client.c: version pointer uninitialized
9p/virtio: fix off-by-one error in sg list bounds check
fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
powerpc/fadump: handle crash memory ranges array index overflow
drm/i915/userptr: reject zero user_size
spi: davinci: fix a NULL pointer dereference
net: lan78xx: Fix misplaced tasklet_schedule() call
9p/net: Fix zero-copy path in the 9p virtio transport
net: mac802154: tx: expand tailroom if necessary
net: 6lowpan: fix reserved space for single frames
BACKPORT: arm64/vdso: Fix nsec handling for CLOCK_MONOTONIC_RAW
ANDROID: arm64: mm: fix 4.4.154 merge
Change-Id: Id5969245c97b88f9618cb6123e992ea4540ca434
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
* refs/heads/tmp-d762e28
Linux 4.4.154
cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
iscsi target: fix session creation failure handling
scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
MIPS: Correct the 64-bit DSP accumulator register size
kprobes: Make list and blacklist root user read only
s390/pci: fix out of bounds access during irq setup
s390/qdio: reset old sbal_state flags
s390: fix br_r1_trampoline for machines without exrl
x86/spectre: Add missing family 6 check to microcode check
x86/irqflags: Mark native_restore_fl extern inline
pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
ASoC: sirf: Fix potential NULL pointer dereference
ASoC: dpcm: don't merge format from invalid codec dai
udl-kms: fix crash due to uninitialized memory
udl-kms: handle allocation failure
udl-kms: change down_interruptible to down
fuse: Add missed unlock_page() to fuse_readpages_fill()
fuse: Fix oops at process_init_reply()
fuse: umount should wait for all requests
fuse: fix unlocked access to processing queue
fuse: fix double request_end()
fuse: Don't access pipe->buffers without pipe_lock()
x86/process: Re-export start_thread()
x86/speculation/l1tf: Suggest what to do on systems with too much RAM
x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM
x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
KVM: arm/arm64: Skip updating PMD entry if no change
KVM: arm/arm64: Skip updating PTE entry if no change
arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
ext4: reset error code in ext4_find_entry in fallback
ext4: sysfs: print ext4_super_block fields as little-endian
ext4: check for NUL characters in extended attribute's name
s390/kvm: fix deadlock when killed by oom
btrfs: don't leak ret from do_chunk_alloc
smb3: don't request leases in symlink creation and query
smb3: Do not send SMB3 SET_INFO if nothing changed
cifs: check kmalloc before use
cifs: add missing debug entries for kconfig options
mm/memory.c: check return value of ioremap_prot
scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
scsi: fcoe: drop frames in ELS LOGO error path
drivers: net: lmc: fix case value for target abort error
arc: fix type warnings in arc/mm/cache.c
arc: fix build errors in arc/include/asm/delay.h
enic: handle mtu change for vf properly
Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
tools/power turbostat: Read extended processor family from CPUID
zswap: re-check zswap_is_full() after do zswap_shrink()
selftests/ftrace: Add snapshot and tracing_on test case
cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
cachefiles: Fix refcounting bug in backing-file read monitoring
fscache: Allow cancelled operations to be enqueued
net: axienet: Fix double deregister of mdio
bnx2x: Fix invalid memory access in rss hash config path.
media: staging: omap4iss: Include asm/cacheflush.h after generic includes
i2c: davinci: Avoid zero value of CLKH
can: mpc5xxx_can: check of_iomap return before use
net: prevent ISA drivers from building on PPC32
atl1c: reserve min skb headroom
qed: Fix possible race for the link state value.
net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
tools/power turbostat: fix -S on UP systems
usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
tools: usb: ffs-test: Fix build on big endian systems
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue()
usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller()
drm/imx: imx-ldb: check if channel is enabled before printing warning
drm/imx: imx-ldb: disable LDB on driver bind
scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
drm/bridge: adv7511: Reset registers on hotplug
nl80211: Add a missing break in parse_station_flags
mac80211: add stations tied to AP_VLANs during hw reconfig
xfrm: free skb if nlsk pointer is NULL
xfrm: fix missing dst_release() after policy blocking lbcast and multicast
vti6: fix PMTU caching and reporting on xmit
Cipso: cipso_v4_optptr enter infinite loop
sched/sysctl: Check user input value of sysctl_sched_time_avg
BACKPORT: zram: drop max_zpage_size and use zs_huge_class_size()
BACKPORT: zsmalloc: introduce zs_huge_class_size()
ANDROID: tracing: fix race condition reading saved tgids
Conflicts:
mm/zsmalloc.c
Change-Id: I1add2f0311c887c135ddc6160963702beeb7bb88
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluVYLUACgkQONu9yGCS
aT5MxhAArBSShT0IXHg9oXGtkm6g3mkZ/EAXPrl3Tq2ayLjXeMfNfsdKkBvusjTr
b/Fs9ZLm1x7bI4+kD/6sTLtGlWBr6djocnBtB8PxQxxkmIZRZPjE9laemsyBn7XD
7amJEHuyaQU10da2obX7z+Gge+bgSoN4Q5+19ZESr4fCxa7bMaY+VmLCuROe6Flo
9kUaLFvxrsowFLrdKfWb/Zc7WHQfYtfTd2c9T+lz3wC4+X3zxkwHl0odvwe1yX9a
xDc674yWepl1D8wMB3i7O5KGoOSghhZZmH2Cnb/cNWoeSmFO8rttCWYiSVEIOWWN
5HOmHRqMDPFUqH5g9F3z1A9uM5uQa9uOu7BGcDJjeU3oXZRFzTjJLMZj4Zcv0hLM
WMo2+5iXFBByUVvUk2nKHotNNmnzxITW9CDWEuAv4jGlA8bjpIwkHUncqknTesan
SRf63jC2+7N0PV5pGCLHA92NA/w663YtMyPPuLsYmprK1OFC1+X8o2bDyfX5ey59
bgkIItNRbgaBRTjPhS1EwJjuNRE59636x9EpFeb0M16j4YHFvGq2fS2LDuymPA3P
JMVwsxpLtwHjI6KMcnIcDVphiJjLpTq6ijc727mTsHrTqHRa3/w6Ay/TZjRlDn00
YKpVKQtoUk0FURyVwdJjo0eH5O6MYfaw4uj4h1zEOFMXszkVmL4=
=WUY2
-----END PGP SIGNATURE-----
Merge 4.4.155 into android-4.4-p
Changes in 4.4.155
net: 6lowpan: fix reserved space for single frames
net: mac802154: tx: expand tailroom if necessary
9p/net: Fix zero-copy path in the 9p virtio transport
net: lan78xx: Fix misplaced tasklet_schedule() call
spi: davinci: fix a NULL pointer dereference
drm/i915/userptr: reject zero user_size
powerpc/fadump: handle crash memory ranges array index overflow
powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
9p/virtio: fix off-by-one error in sg list bounds check
net/9p/client.c: version pointer uninitialized
net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call
dm cache metadata: save in-core policy_hint_size to on-disk superblock
iio: ad9523: Fix displayed phase
iio: ad9523: Fix return value for ad952x_store()
vmw_balloon: fix inflation of 64-bit GFNs
vmw_balloon: do not use 2MB without batching
vmw_balloon: VMCI_DOORBELL_SET does not check status
vmw_balloon: fix VMCI use when balloon built into kernel
tracing: Do not call start/stop() functions when tracing_on does not change
tracing/blktrace: Fix to allow setting same value
kthread, tracing: Don't expose half-written comm when creating kthreads
uprobes: Use synchronize_rcu() not synchronize_sched()
9p: fix multiple NULL-pointer-dereferences
PM / sleep: wakeup: Fix build error caused by missing SRCU support
pnfs/blocklayout: off by one in bl_map_stripe()
ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
mm/tlb: Remove tlb_remove_table() non-concurrent condition
iommu/vt-d: Add definitions for PFSID
iommu/vt-d: Fix dev iotlb pfsid use
osf_getdomainname(): use copy_to_user()
sys: don't hold uts_sem while accessing userspace memory
userns: move user access out of the mutex
ubifs: Fix memory leak in lprobs self-check
Revert "UBIFS: Fix potential integer overflow in allocation"
ubifs: Check data node size before truncate
ubifs: Fix synced_i_size calculation for xattr inodes
pwm: tiehrpwm: Fix disabling of output of PWMs
fb: fix lost console when the user unplugs a USB adapter
udlfb: set optimal write delay
getxattr: use correct xattr length
bcache: release dc->writeback_lock properly in bch_writeback_thread()
perf auxtrace: Fix queue resize
fs/quota: Fix spectre gadget in do_quotactl
x86/io: add interface to reserve io memtype for a resource range. (v1.1)
drm/drivers: add support for using the arch wc mapping API.
Linux 4.4.155
Change-Id: I34f5e28013b2762737e5f0c08b20ae1d0a0f34c0
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluVYLUACgkQONu9yGCS
aT5MxhAArBSShT0IXHg9oXGtkm6g3mkZ/EAXPrl3Tq2ayLjXeMfNfsdKkBvusjTr
b/Fs9ZLm1x7bI4+kD/6sTLtGlWBr6djocnBtB8PxQxxkmIZRZPjE9laemsyBn7XD
7amJEHuyaQU10da2obX7z+Gge+bgSoN4Q5+19ZESr4fCxa7bMaY+VmLCuROe6Flo
9kUaLFvxrsowFLrdKfWb/Zc7WHQfYtfTd2c9T+lz3wC4+X3zxkwHl0odvwe1yX9a
xDc674yWepl1D8wMB3i7O5KGoOSghhZZmH2Cnb/cNWoeSmFO8rttCWYiSVEIOWWN
5HOmHRqMDPFUqH5g9F3z1A9uM5uQa9uOu7BGcDJjeU3oXZRFzTjJLMZj4Zcv0hLM
WMo2+5iXFBByUVvUk2nKHotNNmnzxITW9CDWEuAv4jGlA8bjpIwkHUncqknTesan
SRf63jC2+7N0PV5pGCLHA92NA/w663YtMyPPuLsYmprK1OFC1+X8o2bDyfX5ey59
bgkIItNRbgaBRTjPhS1EwJjuNRE59636x9EpFeb0M16j4YHFvGq2fS2LDuymPA3P
JMVwsxpLtwHjI6KMcnIcDVphiJjLpTq6ijc727mTsHrTqHRa3/w6Ay/TZjRlDn00
YKpVKQtoUk0FURyVwdJjo0eH5O6MYfaw4uj4h1zEOFMXszkVmL4=
=WUY2
-----END PGP SIGNATURE-----
Merge 4.4.155 into android-4.4
Changes in 4.4.155
net: 6lowpan: fix reserved space for single frames
net: mac802154: tx: expand tailroom if necessary
9p/net: Fix zero-copy path in the 9p virtio transport
net: lan78xx: Fix misplaced tasklet_schedule() call
spi: davinci: fix a NULL pointer dereference
drm/i915/userptr: reject zero user_size
powerpc/fadump: handle crash memory ranges array index overflow
powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed
9p/virtio: fix off-by-one error in sg list bounds check
net/9p/client.c: version pointer uninitialized
net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call
dm cache metadata: save in-core policy_hint_size to on-disk superblock
iio: ad9523: Fix displayed phase
iio: ad9523: Fix return value for ad952x_store()
vmw_balloon: fix inflation of 64-bit GFNs
vmw_balloon: do not use 2MB without batching
vmw_balloon: VMCI_DOORBELL_SET does not check status
vmw_balloon: fix VMCI use when balloon built into kernel
tracing: Do not call start/stop() functions when tracing_on does not change
tracing/blktrace: Fix to allow setting same value
kthread, tracing: Don't expose half-written comm when creating kthreads
uprobes: Use synchronize_rcu() not synchronize_sched()
9p: fix multiple NULL-pointer-dereferences
PM / sleep: wakeup: Fix build error caused by missing SRCU support
pnfs/blocklayout: off by one in bl_map_stripe()
ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
mm/tlb: Remove tlb_remove_table() non-concurrent condition
iommu/vt-d: Add definitions for PFSID
iommu/vt-d: Fix dev iotlb pfsid use
osf_getdomainname(): use copy_to_user()
sys: don't hold uts_sem while accessing userspace memory
userns: move user access out of the mutex
ubifs: Fix memory leak in lprobs self-check
Revert "UBIFS: Fix potential integer overflow in allocation"
ubifs: Check data node size before truncate
ubifs: Fix synced_i_size calculation for xattr inodes
pwm: tiehrpwm: Fix disabling of output of PWMs
fb: fix lost console when the user unplugs a USB adapter
udlfb: set optimal write delay
getxattr: use correct xattr length
bcache: release dc->writeback_lock properly in bch_writeback_thread()
perf auxtrace: Fix queue resize
fs/quota: Fix spectre gadget in do_quotactl
x86/io: add interface to reserve io memtype for a resource range. (v1.1)
drm/drivers: add support for using the arch wc mapping API.
Linux 4.4.155
Change-Id: Ie455609e00dd70d3fa723cd254f544109db8a788
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit a6f572084fbee8b30f91465f4a085d7a90901c57 upstream.
Will noted that only checking mm_users is incorrect; we should also
check mm_count in order to cover CPUs that have a lazy reference to
this mm (and could do speculative TLB operations).
If removing this turns out to be a performance issue, we can
re-instate a more complete check, but in tlb_table_flush() eliding the
call_rcu_sched().
Fixes: 2672391169 ("mm, powerpc: move the RCU page-table freeing into generic code")
Reported-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Rik van Riel <riel@surriel.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Cc: Nicholas Piggin <npiggin@gmail.com>
Cc: David Miller <davem@davemloft.net>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This size is the maximum amount of virtual address space we gather
up before attempting to purge with a TLB flush. It is 128M in most cases.
With repeated and high size vmalloc operations, it may easily generate
more fragments. This is wasting limited vmalloc area, for 32bits.
So make it configable and the default multiplier as 8, 32bits only.
Change-Id: I68a75acb16d3cff05f8b13c05ae78922269e219f
Signed-off-by: Zhenhua Huang <zhenhuah@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluPg1EACgkQONu9yGCS
aT537Q/+O5bk1aabRFnyL9hsPlL/fRi9uHkpyvO6/upcu+J0Vrx6NQPGDEGLsbc1
V1yk0V8bzDBdpfIHzqd3ttSzMdlL/ozKesUtG5Eg9gtyo3YDGf5vkrL2A4PRAI3R
TbwxnPfmy5C2hgAn/N4XXLJj0k95IKrs0HteOS3R1Jyt0FQ0sdHxlfFwE5FoPMGX
oL1zC/vDq8dNBuf9slVBwaq0QTtFl/cy1yoDKtybOkFOP7NSmXUIkHqhZthDodCu
kHYAe/E6lxspsZ2GgE+3hyI+UApqMhpqFO53EIFMom9eH6FgVi6nLewDZybm7Wgj
Oc1S1eo/8WNeoVjCjKNwcBPv4UMX6gsuBZQ3akmv2ib5Qkxe94+DQLcGputKZhQ6
XxuaTmiY7A4moALGpAt5lJaJ6NQdEl8HlgjKhxhtYnAPsNTOTLH91NY/ND30y02o
/W2LBf3ossbsWQJuzamldGSAstkbK/+JAw0CMTGhCS4V7bzfFhIo3y169/xb5ReV
edsMsnXanYXNTyn8jpCb4keCY9mMGwp9SPqhlQ+Kyh6E0mDPvTVQPyd5h4NTkmvN
881MIwkMmufM8MQhNsTrMSFhr94z6H1kARbzoK3AUd/nJtkCJfl0Zp3wQZjiOUy/
0kpso+xDmMMmB1Pu7c0Wevt40jadhMrxxREgjFUaN7KzD/PyLtA=
=GkQW
-----END PGP SIGNATURE-----
Merge 4.4.154 into android-4.4-p
Changes in 4.4.154
sched/sysctl: Check user input value of sysctl_sched_time_avg
Cipso: cipso_v4_optptr enter infinite loop
vti6: fix PMTU caching and reporting on xmit
xfrm: fix missing dst_release() after policy blocking lbcast and multicast
xfrm: free skb if nlsk pointer is NULL
mac80211: add stations tied to AP_VLANs during hw reconfig
nl80211: Add a missing break in parse_station_flags
drm/bridge: adv7511: Reset registers on hotplug
scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
drm/imx: imx-ldb: disable LDB on driver bind
drm/imx: imx-ldb: check if channel is enabled before printing warning
usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller()
usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue()
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
tools: usb: ffs-test: Fix build on big endian systems
usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
tools/power turbostat: fix -S on UP systems
net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
qed: Fix possible race for the link state value.
atl1c: reserve min skb headroom
net: prevent ISA drivers from building on PPC32
can: mpc5xxx_can: check of_iomap return before use
i2c: davinci: Avoid zero value of CLKH
media: staging: omap4iss: Include asm/cacheflush.h after generic includes
bnx2x: Fix invalid memory access in rss hash config path.
net: axienet: Fix double deregister of mdio
fscache: Allow cancelled operations to be enqueued
cachefiles: Fix refcounting bug in backing-file read monitoring
cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
selftests/ftrace: Add snapshot and tracing_on test case
zswap: re-check zswap_is_full() after do zswap_shrink()
tools/power turbostat: Read extended processor family from CPUID
Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
enic: handle mtu change for vf properly
arc: fix build errors in arc/include/asm/delay.h
arc: fix type warnings in arc/mm/cache.c
drivers: net: lmc: fix case value for target abort error
scsi: fcoe: drop frames in ELS LOGO error path
scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
mm/memory.c: check return value of ioremap_prot
cifs: add missing debug entries for kconfig options
cifs: check kmalloc before use
smb3: Do not send SMB3 SET_INFO if nothing changed
smb3: don't request leases in symlink creation and query
btrfs: don't leak ret from do_chunk_alloc
s390/kvm: fix deadlock when killed by oom
ext4: check for NUL characters in extended attribute's name
ext4: sysfs: print ext4_super_block fields as little-endian
ext4: reset error code in ext4_find_entry in fallback
arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
KVM: arm/arm64: Skip updating PTE entry if no change
KVM: arm/arm64: Skip updating PMD entry if no change
x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM
x86/speculation/l1tf: Suggest what to do on systems with too much RAM
x86/process: Re-export start_thread()
fuse: Don't access pipe->buffers without pipe_lock()
fuse: fix double request_end()
fuse: fix unlocked access to processing queue
fuse: umount should wait for all requests
fuse: Fix oops at process_init_reply()
fuse: Add missed unlock_page() to fuse_readpages_fill()
udl-kms: change down_interruptible to down
udl-kms: handle allocation failure
udl-kms: fix crash due to uninitialized memory
ASoC: dpcm: don't merge format from invalid codec dai
ASoC: sirf: Fix potential NULL pointer dereference
pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
x86/irqflags: Mark native_restore_fl extern inline
x86/spectre: Add missing family 6 check to microcode check
s390: fix br_r1_trampoline for machines without exrl
s390/qdio: reset old sbal_state flags
s390/pci: fix out of bounds access during irq setup
kprobes: Make list and blacklist root user read only
MIPS: Correct the 64-bit DSP accumulator register size
MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
iscsi target: fix session creation failure handling
cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
Linux 4.4.154
Change-Id: I1d173ebf72efb115b4889880cc2989b0ca7d751e
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAluPg1EACgkQONu9yGCS
aT537Q/+O5bk1aabRFnyL9hsPlL/fRi9uHkpyvO6/upcu+J0Vrx6NQPGDEGLsbc1
V1yk0V8bzDBdpfIHzqd3ttSzMdlL/ozKesUtG5Eg9gtyo3YDGf5vkrL2A4PRAI3R
TbwxnPfmy5C2hgAn/N4XXLJj0k95IKrs0HteOS3R1Jyt0FQ0sdHxlfFwE5FoPMGX
oL1zC/vDq8dNBuf9slVBwaq0QTtFl/cy1yoDKtybOkFOP7NSmXUIkHqhZthDodCu
kHYAe/E6lxspsZ2GgE+3hyI+UApqMhpqFO53EIFMom9eH6FgVi6nLewDZybm7Wgj
Oc1S1eo/8WNeoVjCjKNwcBPv4UMX6gsuBZQ3akmv2ib5Qkxe94+DQLcGputKZhQ6
XxuaTmiY7A4moALGpAt5lJaJ6NQdEl8HlgjKhxhtYnAPsNTOTLH91NY/ND30y02o
/W2LBf3ossbsWQJuzamldGSAstkbK/+JAw0CMTGhCS4V7bzfFhIo3y169/xb5ReV
edsMsnXanYXNTyn8jpCb4keCY9mMGwp9SPqhlQ+Kyh6E0mDPvTVQPyd5h4NTkmvN
881MIwkMmufM8MQhNsTrMSFhr94z6H1kARbzoK3AUd/nJtkCJfl0Zp3wQZjiOUy/
0kpso+xDmMMmB1Pu7c0Wevt40jadhMrxxREgjFUaN7KzD/PyLtA=
=GkQW
-----END PGP SIGNATURE-----
Merge 4.4.154 into android-4.4
Changes in 4.4.154
sched/sysctl: Check user input value of sysctl_sched_time_avg
Cipso: cipso_v4_optptr enter infinite loop
vti6: fix PMTU caching and reporting on xmit
xfrm: fix missing dst_release() after policy blocking lbcast and multicast
xfrm: free skb if nlsk pointer is NULL
mac80211: add stations tied to AP_VLANs during hw reconfig
nl80211: Add a missing break in parse_station_flags
drm/bridge: adv7511: Reset registers on hotplug
scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
drm/imx: imx-ldb: disable LDB on driver bind
drm/imx: imx-ldb: check if channel is enabled before printing warning
usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller()
usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue()
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
tools: usb: ffs-test: Fix build on big endian systems
usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
tools/power turbostat: fix -S on UP systems
net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
qed: Fix possible race for the link state value.
atl1c: reserve min skb headroom
net: prevent ISA drivers from building on PPC32
can: mpc5xxx_can: check of_iomap return before use
i2c: davinci: Avoid zero value of CLKH
media: staging: omap4iss: Include asm/cacheflush.h after generic includes
bnx2x: Fix invalid memory access in rss hash config path.
net: axienet: Fix double deregister of mdio
fscache: Allow cancelled operations to be enqueued
cachefiles: Fix refcounting bug in backing-file read monitoring
cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
selftests/ftrace: Add snapshot and tracing_on test case
zswap: re-check zswap_is_full() after do zswap_shrink()
tools/power turbostat: Read extended processor family from CPUID
Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
enic: handle mtu change for vf properly
arc: fix build errors in arc/include/asm/delay.h
arc: fix type warnings in arc/mm/cache.c
drivers: net: lmc: fix case value for target abort error
scsi: fcoe: drop frames in ELS LOGO error path
scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
mm/memory.c: check return value of ioremap_prot
cifs: add missing debug entries for kconfig options
cifs: check kmalloc before use
smb3: Do not send SMB3 SET_INFO if nothing changed
smb3: don't request leases in symlink creation and query
btrfs: don't leak ret from do_chunk_alloc
s390/kvm: fix deadlock when killed by oom
ext4: check for NUL characters in extended attribute's name
ext4: sysfs: print ext4_super_block fields as little-endian
ext4: reset error code in ext4_find_entry in fallback
arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
KVM: arm/arm64: Skip updating PTE entry if no change
KVM: arm/arm64: Skip updating PMD entry if no change
x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM
x86/speculation/l1tf: Suggest what to do on systems with too much RAM
x86/process: Re-export start_thread()
fuse: Don't access pipe->buffers without pipe_lock()
fuse: fix double request_end()
fuse: fix unlocked access to processing queue
fuse: umount should wait for all requests
fuse: Fix oops at process_init_reply()
fuse: Add missed unlock_page() to fuse_readpages_fill()
udl-kms: change down_interruptible to down
udl-kms: handle allocation failure
udl-kms: fix crash due to uninitialized memory
ASoC: dpcm: don't merge format from invalid codec dai
ASoC: sirf: Fix potential NULL pointer dereference
pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
x86/irqflags: Mark native_restore_fl extern inline
x86/spectre: Add missing family 6 check to microcode check
s390: fix br_r1_trampoline for machines without exrl
s390/qdio: reset old sbal_state flags
s390/pci: fix out of bounds access during irq setup
kprobes: Make list and blacklist root user read only
MIPS: Correct the 64-bit DSP accumulator register size
MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
iscsi target: fix session creation failure handling
cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
Linux 4.4.154
Change-Id: Ia008eef23c91fbd095f7b3343737cb2864875c52
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit 24eee1e4c47977bdfb71d6f15f6011e7b6188d04 ]
ioremap_prot() can return NULL which could lead to an oops.
Link: http://lkml.kernel.org/r/1533195441-58594-1-git-send-email-chenjie6@huawei.com
Signed-off-by: chen jie <chenjie6@huawei.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Li Zefan <lizefan@huawei.com>
Cc: chenjie <chenjie6@huawei.com>
Cc: Yang Shi <shy828301@gmail.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 16e536ef47f567289a5699abee9ff7bb304bc12d ]
/sys/../zswap/stored_pages keeps rising in a zswap test with
"zswap.max_pool_percent=0" parameter. But it should not compress or
store pages any more since there is no space in the compressed pool.
Reproduce steps:
1. Boot kernel with "zswap.enabled=1"
2. Set the max_pool_percent to 0
# echo 0 > /sys/module/zswap/parameters/max_pool_percent
3. Do memory stress test to see if some pages have been compressed
# stress --vm 1 --vm-bytes $mem_available"M" --timeout 60s
4. Watching the 'stored_pages' number increasing or not
The root cause is:
When zswap_max_pool_percent is set to 0 via kernel parameter,
zswap_is_full() will always return true due to zswap_shrink(). But if
the shinking is able to reclain a page successfully the code then
proceeds to compressing/storing another page, so the value of
stored_pages will keep changing.
To solve the issue, this patch adds a zswap_is_full() check again after
zswap_shrink() to make sure it's now under the max_pool_percent, and to
not compress/store if we reached the limit.
Link: http://lkml.kernel.org/r/20180530103936.17812-1-liwang@redhat.com
Signed-off-by: Li Wang <liwang@redhat.com>
Acked-by: Dan Streetman <ddstreet@ieee.org>
Cc: Seth Jennings <sjenning@redhat.com>
Cc: Huang Ying <huang.ying.caritas@gmail.com>
Cc: Yu Zhao <yuzhao@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Patch series "zsmalloc/zram: drop zram's max_zpage_size", v3.
ZRAM's max_zpage_size is a bad thing. It forces zsmalloc to store
normal objects as huge ones, which results in bigger zsmalloc memory
usage. Drop it and use actual zsmalloc huge-class value when decide if
the object is huge or not.
This patch (of 2):
Not every object can be share its zspage with other objects, e.g. when
the object is as big as zspage or nearly as big a zspage. For such
objects zsmalloc has a so called huge class - every object which belongs
to huge class consumes the entire zspage (which consists of a physical
page). On x86_64, PAGE_SHIFT 12 box, the first non-huge class size is
3264, so starting down from size 3264, objects can share page(-s) and
thus minimize memory wastage.
ZRAM, however, has its own statically defined watermark for huge
objects, namely "3 * PAGE_SIZE / 4 = 3072", and forcibly stores every
object larger than this watermark (3072) as a PAGE_SIZE object, in other
words, to a huge class, while zsmalloc can keep some of those objects in
non-huge classes. This results in increased memory consumption.
zsmalloc knows better if the object is huge or not. Introduce
zs_huge_class_size() function which tells if the given object can be
stored in one of non-huge classes or not. This will let us to drop
ZRAM's huge object watermark and fully rely on zsmalloc when we decide
if the object is huge.
[sergey.senozhatsky.work@gmail.com: add pool param to zs_huge_class_size()]
Link: http://lkml.kernel.org/r/20180314081833.1096-2-sergey.senozhatsky@gmail.com
Link: http://lkml.kernel.org/r/20180306070639.7389-2-sergey.senozhatsky@gmail.com
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Acked-by: Minchan Kim <minchan@kernel.org>
Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 010b495e2fa32353d0ef6aa70a8169e5ef617a15)
Signed-off-by: Peter Kalauskas <peskal@google.com>
Bug: 113183619
Change-Id: Ic35f8c1ec75f0b78bf2d83729b6aedd2999f25c8
* refs/heads/tmp-5e24b4e
Linux 4.4.153
ovl: warn instead of error if d_type is not supported
ovl: Do d_type check only if work dir creation was successful
ovl: Ensure upper filesystem supports d_type
x86/mm: Fix use-after-free of ldt_struct
x86/mm/pat: Fix L1TF stable backport for CPA
ANDROID: x86_64_cuttlefish_defconfig: Enable lz4 compression for zram
UPSTREAM: drivers/block/zram/zram_drv.c: fix bug storing backing_dev
BACKPORT: zram: introduce zram memory tracking
BACKPORT: zram: record accessed second
BACKPORT: zram: mark incompressible page as ZRAM_HUGE
UPSTREAM: zram: correct flag name of ZRAM_ACCESS
UPSTREAM: zram: Delete gendisk before cleaning up the request queue
UPSTREAM: drivers/block/zram/zram_drv.c: make zram_page_end_io() static
BACKPORT: zram: set BDI_CAP_STABLE_WRITES once
UPSTREAM: zram: fix null dereference of handle
UPSTREAM: zram: add config and doc file for writeback feature
BACKPORT: zram: read page from backing device
BACKPORT: zram: write incompressible pages to backing device
BACKPORT: zram: identify asynchronous IO's return value
BACKPORT: zram: add free space management in backing device
UPSTREAM: zram: add interface to specif backing device
UPSTREAM: zram: rename zram_decompress_page to __zram_bvec_read
UPSTREAM: zram: inline zram_compress
UPSTREAM: zram: clean up duplicated codes in __zram_bvec_write
Linux 4.4.152
reiserfs: fix broken xattr handling (heap corruption, bad retval)
i2c: imx: Fix race condition in dma read
PCI: pciehp: Fix use-after-free on unplug
PCI: Skip MPS logic for Virtual Functions (VFs)
PCI: hotplug: Don't leak pci_slot on registration failure
parisc: Remove unnecessary barriers from spinlock.h
bridge: Propagate vlan add failure to user
packet: refine ring v3 block size test to hold one frame
netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
xfrm_user: prevent leaking 2 bytes of kernel memory
parisc: Remove ordered stores from syscall.S
ext4: fix spectre gadget in ext4_mb_regular_allocator()
KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
staging: android: ion: check for kref overflow
tcp: identify cryptic messages as TCP seq # bugs
net: qca_spi: Fix log level if probe fails
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Avoid packet drop during initial sync
net: usb: rtl8150: demote allmulti message to dev_dbg()
net/ethernet/freescale/fman: fix cross-build error
drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
tcp: remove DELAYED ACK events in DCTCP
qlogic: check kstrtoul() for errors
packet: reset network header if packet shorter than ll reserved space
ixgbe: Be more careful when modifying MAC filters
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
perf llvm-utils: Remove bashism from kernel include fetch script
bnxt_en: Fix for system hang if request_irq fails
drm/armada: fix colorkey mode property
ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
ieee802154: at86rf230: use __func__ macro for debug messages
ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
netfilter: x_tables: set module owner for icmp(6) matches
smsc75xx: Add workaround for gigabit link up hardware errata.
kasan: fix shadow_size calculation error in kasan_module_alloc
tracing: Use __printf markup to silence compiler
ARM: imx_v4_v5_defconfig: Select ULPI support
ARM: imx_v6_v7_defconfig: Select ULPI support
HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
m68k: fix "bad page state" oops on ColdFire boot
bnx2x: Fix receiving tx-timeout in error or recovery state.
drm/exynos: decon5433: Fix WINCONx reset value
drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
md/raid10: fix that replacement cannot complete recovery after reassemble
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
ARM: dts: da850: Fix interrups property for gpio
selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
perf report powerpc: Fix crash if callchain is empty
perf test session topology: Fix test on s390
usb: xhci: increase CRS timeout value
ARM: dts: am437x: make edt-ft5x06 a wakeup source
brcmfmac: stop watchdog before detach and free everything
cxgb4: when disabling dcb set txq dcb priority to 0
Smack: Mark inode instant in smack_task_to_inode
ipv6: mcast: fix unsolicited report interval after receiving querys
locking/lockdep: Do not record IRQ state within lockdep code
net: davinci_emac: match the mdio device against its compatible if possible
ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
net: propagate dev_get_valid_name return code
net: hamradio: use eth_broadcast_addr
enic: initialize enic->rfs_h.lock in enic_probe
qed: Add sanity check for SIMD fastpath handler.
arm64: make secondary_start_kernel() notrace
scsi: xen-scsifront: add error handling for xenbus_printf
usb: gadget: dwc2: fix memory leak in gadget_init()
usb: gadget: composite: fix delayed_status race condition when set_interface
usb: dwc2: fix isoc split in transfer with no data
ARM: dts: Cygnus: Fix I2C controller interrupt type
selftests: sync: add config fragment for testing sync framework
selftests: zram: return Kselftest Skip code for skipped tests
selftests: user: return Kselftest Skip code for skipped tests
selftests: static_keys: return Kselftest Skip code for skipped tests
selftests: pstore: return Kselftest Skip code for skipped tests
netfilter: ipv6: nf_defrag: reduce struct net memory waste
ARC: Explicitly add -mmedium-calls to CFLAGS
ANDROID: x86_64_cuttlefish_defconfig: Enable zram and zstd
BACKPORT: crypto: zstd - Add zstd support
UPSTREAM: zram: add zstd to the supported algorithms list
UPSTREAM: lib: Add zstd modules
UPSTREAM: lib: Add xxhash module
UPSTREAM: zram: rework copy of compressor name in comp_algorithm_store()
UPSTREAM: zram: constify attribute_group structures.
UPSTREAM: zram: count same page write as page_stored
UPSTREAM: zram: reduce load operation in page_same_filled
UPSTREAM: zram: use zram_free_page instead of open-coded
UPSTREAM: zram: introduce zram data accessor
UPSTREAM: zram: remove zram_meta structure
UPSTREAM: zram: use zram_slot_lock instead of raw bit_spin_lock op
BACKPORT: zram: partial IO refactoring
BACKPORT: zram: handle multiple pages attached bio's bvec
UPSTREAM: zram: fix operator precedence to get offset
BACKPORT: zram: extend zero pages to same element pages
BACKPORT: zram: remove waitqueue for IO done
UPSTREAM: zram: remove obsolete sysfs attrs
UPSTREAM: zram: support BDI_CAP_STABLE_WRITES
UPSTREAM: zram: revalidate disk under init_lock
BACKPORT: mm: support anonymous stable page
UPSTREAM: zram: use __GFP_MOVABLE for memory allocation
UPSTREAM: zram: drop gfp_t from zcomp_strm_alloc()
UPSTREAM: zram: add more compression algorithms
UPSTREAM: zram: delete custom lzo/lz4
UPSTREAM: zram: cosmetic: cleanup documentation
UPSTREAM: zram: use crypto api to check alg availability
BACKPORT: zram: switch to crypto compress API
UPSTREAM: zram: rename zstrm find-release functions
UPSTREAM: zram: introduce per-device debug_stat sysfs node
UPSTREAM: zram: remove max_comp_streams internals
UPSTREAM: zram: user per-cpu compression streams
BACKPORT: zsmalloc: require GFP in zs_malloc()
UPSTREAM: zram/zcomp: do not zero out zcomp private pages
UPSTREAM: zram: pass gfp from zcomp frontend to backend
UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
ANDROID: Refresh x86_64_cuttlefish_defconfig
Linux 4.4.151
isdn: Disable IIOCDBGVAR
Bluetooth: avoid killing an already killed socket
x86/mm: Simplify p[g4um]d_page() macros
serial: 8250_dw: always set baud rate in dw8250_set_termios
ACPI / PM: save NVS memory for ASUS 1025C laptop
ACPI: save NVS memory for Lenovo G50-45
USB: option: add support for DW5821e
USB: serial: sierra: fix potential deadlock at close
ALSA: vxpocket: Fix invalid endian conversions
ALSA: memalloc: Don't exceed over the requested size
ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry
ALSA: cs5535audio: Fix invalid endian conversion
ALSA: virmidi: Fix too long output trigger loop
ALSA: vx222: Fix invalid endian conversions
ALSA: hda - Turn CX8200 into D3 as well upon reboot
ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs
net_sched: fix NULL pointer dereference when delete tcindex filter
vsock: split dwork to avoid reinitializations
net_sched: Fix missing res info when create new tc_index filter
llc: use refcount_inc_not_zero() for llc_sap_find()
l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()
Conflicts:
drivers/block/zram/zram_drv.c
drivers/staging/android/ion/ion.c
include/linux/swap.h
mm/zsmalloc.c
Change-Id: I1c437ac5133503a939d06d51ec778b65371df6d1
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlt/64YACgkQONu9yGCS
aT4/pBAAynguZbVbn8QtYi37Kam0R4ZvXe7rKN8H1A7rwo9l9NJDaC4z2M0Iutfj
1CfIEOeaf7WtxL25xgvDHQEOfB3/DH0xHbP/DtwqzpT0PmOUqMPaboGqOqXb//1J
WetcluEOQfoYu1DWofPP1YkAR3vU4Bp40ucAGIN2wE4bvMTR2EMbV8Y5QYgIk6mN
6n+Smg2Xpkq6paOhIrEt3C1P3lXlpY5Hxd54TGTRQ5c+vccXNldczIcP2Z0wue9/
LRI8veyY1q/IDhVR8wCrlNb3df6kUQ0xixfTNnTkUJjLs3j+NAsaJiO8/nrdCUhJ
xQORM7gQIMlccSNanKH0MHoCxhT3iMb8S6Hixvai5O+5XjP03TA7aAZ9Cyp7UqHg
JY5SPbh7YOmvRXbx7/NAgyLYwRcJRt2PamNRApLQKFbot4bSvNJquhrAib5t6kCF
HfbXjr9N969gLR4WmGkyOi0IHt8kaVwQitfBLZdj2QdlvyYWXmj0MuJ/I4BuZqtj
0MyzS/v8cxkN/NWO1p1cB7pRzFtaXtHtC6rxzYXKCUycnHW9cJDf5PBgCfDMqyTY
SdyuCeMrUo4mNEDItrKF8nbswew1T4UsayvJ6UgKHKr3QaH3Xp1mzeyt1GU38tn1
ogKm9cVbOuAhnic67ikISFsj8oNptrq0w+Zqe3AKGO8B7CwXwis=
=Q/T6
-----END PGP SIGNATURE-----
Merge 4.4.152 into android-4.4-p
Changes in 4.4.152
ARC: Explicitly add -mmedium-calls to CFLAGS
netfilter: ipv6: nf_defrag: reduce struct net memory waste
selftests: pstore: return Kselftest Skip code for skipped tests
selftests: static_keys: return Kselftest Skip code for skipped tests
selftests: user: return Kselftest Skip code for skipped tests
selftests: zram: return Kselftest Skip code for skipped tests
selftests: sync: add config fragment for testing sync framework
ARM: dts: Cygnus: Fix I2C controller interrupt type
usb: dwc2: fix isoc split in transfer with no data
usb: gadget: composite: fix delayed_status race condition when set_interface
usb: gadget: dwc2: fix memory leak in gadget_init()
scsi: xen-scsifront: add error handling for xenbus_printf
arm64: make secondary_start_kernel() notrace
qed: Add sanity check for SIMD fastpath handler.
enic: initialize enic->rfs_h.lock in enic_probe
net: hamradio: use eth_broadcast_addr
net: propagate dev_get_valid_name return code
ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
net: davinci_emac: match the mdio device against its compatible if possible
locking/lockdep: Do not record IRQ state within lockdep code
ipv6: mcast: fix unsolicited report interval after receiving querys
Smack: Mark inode instant in smack_task_to_inode
cxgb4: when disabling dcb set txq dcb priority to 0
brcmfmac: stop watchdog before detach and free everything
ARM: dts: am437x: make edt-ft5x06 a wakeup source
usb: xhci: increase CRS timeout value
perf test session topology: Fix test on s390
perf report powerpc: Fix crash if callchain is empty
selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
ARM: dts: da850: Fix interrups property for gpio
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
md/raid10: fix that replacement cannot complete recovery after reassemble
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
drm/exynos: decon5433: Fix WINCONx reset value
bnx2x: Fix receiving tx-timeout in error or recovery state.
m68k: fix "bad page state" oops on ColdFire boot
HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
ARM: imx_v6_v7_defconfig: Select ULPI support
ARM: imx_v4_v5_defconfig: Select ULPI support
tracing: Use __printf markup to silence compiler
kasan: fix shadow_size calculation error in kasan_module_alloc
smsc75xx: Add workaround for gigabit link up hardware errata.
netfilter: x_tables: set module owner for icmp(6) matches
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
ieee802154: at86rf230: use __func__ macro for debug messages
ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
drm/armada: fix colorkey mode property
bnxt_en: Fix for system hang if request_irq fails
perf llvm-utils: Remove bashism from kernel include fetch script
ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
ixgbe: Be more careful when modifying MAC filters
packet: reset network header if packet shorter than ll reserved space
qlogic: check kstrtoul() for errors
tcp: remove DELAYED ACK events in DCTCP
drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
net/ethernet/freescale/fman: fix cross-build error
net: usb: rtl8150: demote allmulti message to dev_dbg()
net: qca_spi: Avoid packet drop during initial sync
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Fix log level if probe fails
tcp: identify cryptic messages as TCP seq # bugs
staging: android: ion: check for kref overflow
KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
ext4: fix spectre gadget in ext4_mb_regular_allocator()
parisc: Remove ordered stores from syscall.S
xfrm_user: prevent leaking 2 bytes of kernel memory
netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
packet: refine ring v3 block size test to hold one frame
bridge: Propagate vlan add failure to user
parisc: Remove unnecessary barriers from spinlock.h
PCI: hotplug: Don't leak pci_slot on registration failure
PCI: Skip MPS logic for Virtual Functions (VFs)
PCI: pciehp: Fix use-after-free on unplug
i2c: imx: Fix race condition in dma read
reiserfs: fix broken xattr handling (heap corruption, bad retval)
Linux 4.4.152
Change-Id: I73c1d3bcfb25d83fa0985b095a6426c207cd2726
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlt/64YACgkQONu9yGCS
aT4/pBAAynguZbVbn8QtYi37Kam0R4ZvXe7rKN8H1A7rwo9l9NJDaC4z2M0Iutfj
1CfIEOeaf7WtxL25xgvDHQEOfB3/DH0xHbP/DtwqzpT0PmOUqMPaboGqOqXb//1J
WetcluEOQfoYu1DWofPP1YkAR3vU4Bp40ucAGIN2wE4bvMTR2EMbV8Y5QYgIk6mN
6n+Smg2Xpkq6paOhIrEt3C1P3lXlpY5Hxd54TGTRQ5c+vccXNldczIcP2Z0wue9/
LRI8veyY1q/IDhVR8wCrlNb3df6kUQ0xixfTNnTkUJjLs3j+NAsaJiO8/nrdCUhJ
xQORM7gQIMlccSNanKH0MHoCxhT3iMb8S6Hixvai5O+5XjP03TA7aAZ9Cyp7UqHg
JY5SPbh7YOmvRXbx7/NAgyLYwRcJRt2PamNRApLQKFbot4bSvNJquhrAib5t6kCF
HfbXjr9N969gLR4WmGkyOi0IHt8kaVwQitfBLZdj2QdlvyYWXmj0MuJ/I4BuZqtj
0MyzS/v8cxkN/NWO1p1cB7pRzFtaXtHtC6rxzYXKCUycnHW9cJDf5PBgCfDMqyTY
SdyuCeMrUo4mNEDItrKF8nbswew1T4UsayvJ6UgKHKr3QaH3Xp1mzeyt1GU38tn1
ogKm9cVbOuAhnic67ikISFsj8oNptrq0w+Zqe3AKGO8B7CwXwis=
=Q/T6
-----END PGP SIGNATURE-----
Merge 4.4.152 into android-4.4
Changes in 4.4.152
ARC: Explicitly add -mmedium-calls to CFLAGS
netfilter: ipv6: nf_defrag: reduce struct net memory waste
selftests: pstore: return Kselftest Skip code for skipped tests
selftests: static_keys: return Kselftest Skip code for skipped tests
selftests: user: return Kselftest Skip code for skipped tests
selftests: zram: return Kselftest Skip code for skipped tests
selftests: sync: add config fragment for testing sync framework
ARM: dts: Cygnus: Fix I2C controller interrupt type
usb: dwc2: fix isoc split in transfer with no data
usb: gadget: composite: fix delayed_status race condition when set_interface
usb: gadget: dwc2: fix memory leak in gadget_init()
scsi: xen-scsifront: add error handling for xenbus_printf
arm64: make secondary_start_kernel() notrace
qed: Add sanity check for SIMD fastpath handler.
enic: initialize enic->rfs_h.lock in enic_probe
net: hamradio: use eth_broadcast_addr
net: propagate dev_get_valid_name return code
ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP
net: davinci_emac: match the mdio device against its compatible if possible
locking/lockdep: Do not record IRQ state within lockdep code
ipv6: mcast: fix unsolicited report interval after receiving querys
Smack: Mark inode instant in smack_task_to_inode
cxgb4: when disabling dcb set txq dcb priority to 0
brcmfmac: stop watchdog before detach and free everything
ARM: dts: am437x: make edt-ft5x06 a wakeup source
usb: xhci: increase CRS timeout value
perf test session topology: Fix test on s390
perf report powerpc: Fix crash if callchain is empty
selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs
ARM: dts: da850: Fix interrups property for gpio
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
md/raid10: fix that replacement cannot complete recovery after reassemble
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes
drm/exynos: decon5433: Fix WINCONx reset value
bnx2x: Fix receiving tx-timeout in error or recovery state.
m68k: fix "bad page state" oops on ColdFire boot
HID: wacom: Correct touch maximum XY of 2nd-gen Intuos
ARM: imx_v6_v7_defconfig: Select ULPI support
ARM: imx_v4_v5_defconfig: Select ULPI support
tracing: Use __printf markup to silence compiler
kasan: fix shadow_size calculation error in kasan_module_alloc
smsc75xx: Add workaround for gigabit link up hardware errata.
netfilter: x_tables: set module owner for icmp(6) matches
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem
ieee802154: at86rf230: use __func__ macro for debug messages
ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem
drm/armada: fix colorkey mode property
bnxt_en: Fix for system hang if request_irq fails
perf llvm-utils: Remove bashism from kernel include fetch script
ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
ixgbe: Be more careful when modifying MAC filters
packet: reset network header if packet shorter than ll reserved space
qlogic: check kstrtoul() for errors
tcp: remove DELAYED ACK events in DCTCP
drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply()
net/ethernet/freescale/fman: fix cross-build error
net: usb: rtl8150: demote allmulti message to dev_dbg()
net: qca_spi: Avoid packet drop during initial sync
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Fix log level if probe fails
tcp: identify cryptic messages as TCP seq # bugs
staging: android: ion: check for kref overflow
KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer
ext4: fix spectre gadget in ext4_mb_regular_allocator()
parisc: Remove ordered stores from syscall.S
xfrm_user: prevent leaking 2 bytes of kernel memory
netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
packet: refine ring v3 block size test to hold one frame
bridge: Propagate vlan add failure to user
parisc: Remove unnecessary barriers from spinlock.h
PCI: hotplug: Don't leak pci_slot on registration failure
PCI: Skip MPS logic for Virtual Functions (VFs)
PCI: pciehp: Fix use-after-free on unplug
i2c: imx: Fix race condition in dma read
reiserfs: fix broken xattr handling (heap corruption, bad retval)
Linux 4.4.152
Change-Id: I1058813031709d20abd0bc45e9ac5fc68ab3a1d7
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit 1e8e18f694a52d703665012ca486826f64bac29d ]
There is a special case that the size is "(N << KASAN_SHADOW_SCALE_SHIFT)
Pages plus X", the value of X is [1, KASAN_SHADOW_SCALE_SIZE-1]. The
operation "size >> KASAN_SHADOW_SCALE_SHIFT" will drop X, and the
roundup operation can not retrieve the missed one page. For example:
size=0x28006, PAGE_SIZE=0x1000, KASAN_SHADOW_SCALE_SHIFT=3, we will get
shadow_size=0x5000, but actually we need 6 pages.
shadow_size = round_up(size >> KASAN_SHADOW_SCALE_SHIFT, PAGE_SIZE);
This can lead to a kernel crash when kasan is enabled and the value of
mod->core_layout.size or mod->init_layout.size is like above. Because
the shadow memory of X has not been allocated and mapped.
move_module:
ptr = module_alloc(mod->core_layout.size);
...
memset(ptr, 0, mod->core_layout.size); //crashed
Unable to handle kernel paging request at virtual address ffff0fffff97b000
......
Call trace:
__asan_storeN+0x174/0x1a8
memset+0x24/0x48
layout_and_allocate+0xcd8/0x1800
load_module+0x190/0x23e8
SyS_finit_module+0x148/0x180
Link: http://lkml.kernel.org/r/1529659626-12660-1-git-send-email-thunder.leizhen@huawei.com
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Reviewed-by: Dmitriy Vyukov <dvyukov@google.com>
Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Cc: Alexander Potapenko <glider@google.com>
Cc: Hanjun Guo <guohanjun@huawei.com>
Cc: Libin <huawei.libin@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
During developemnt for zram-swap asynchronous writeback, I found strange
corruption of compressed page, resulting in:
Modules linked in: zram(E)
CPU: 3 PID: 1520 Comm: zramd-1 Tainted: G E 4.8.0-mm1-00320-ge0d4894c9c38-dirty #3274
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
task: ffff88007620b840 task.stack: ffff880078090000
RIP: set_freeobj.part.43+0x1c/0x1f
RSP: 0018:ffff880078093ca8 EFLAGS: 00010246
RAX: 0000000000000018 RBX: ffff880076798d88 RCX: ffffffff81c408c8
RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000246
RBP: ffff880078093cb0 R08: 0000000000000000 R09: 0000000000000000
R10: ffff88005bc43030 R11: 0000000000001df3 R12: ffff880076798d88
R13: 000000000005bc43 R14: ffff88007819d1b8 R15: 0000000000000001
FS: 0000000000000000(0000) GS:ffff88007e380000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc934048f20 CR3: 0000000077b01000 CR4: 00000000000406e0
Call Trace:
obj_malloc+0x22b/0x260
zs_malloc+0x1e4/0x580
zram_bvec_rw+0x4cd/0x830 [zram]
page_requests_rw+0x9c/0x130 [zram]
zram_thread+0xe6/0x173 [zram]
kthread+0xca/0xe0
ret_from_fork+0x25/0x30
With investigation, it reveals currently stable page doesn't support
anonymous page. IOW, reuse_swap_page can reuse the page without waiting
writeback completion so it can overwrite page zram is compressing.
Unfortunately, zram has used per-cpu stream feature from v4.7.
It aims for increasing cache hit ratio of scratch buffer for
compressing. Downside of that approach is that zram should ask
memory space for compressed page in per-cpu context which requires
stricted gfp flag which could be failed. If so, it retries to
allocate memory space out of per-cpu context so it could get memory
this time and compress the data again, copies it to the memory space.
In this scenario, zram assumes the data should never be changed
but it is not true unless stable page supports. So, If the data is
changed under us, zram can make buffer overrun because second
compression size could be bigger than one we got in previous trial
and blindly, copy bigger size object to smaller buffer which is
buffer overrun. The overrun breaks zsmalloc free object chaining
so system goes crash like above.
I think below is same problem.
https://bugzilla.suse.com/show_bug.cgi?id=997574
Unfortunately, reuse_swap_page should be atomic so that we cannot wait on
writeback in there so the approach in this patch is simply return false if
we found it needs stable page. Although it increases memory footprint
temporarily, it happens rarely and it should be reclaimed easily althoug
it happened. Also, It would be better than waiting of IO completion,
which is critial path for application latency.
Fixes: da9556a2367c ("zram: user per-cpu compression streams")
Link: http://lkml.kernel.org/r/20161120233015.GA14113@bbox
Link: http://lkml.kernel.org/r/1482366980-3782-2-git-send-email-minchan@kernel.org
Signed-off-by: Minchan Kim <minchan@kernel.org>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Cc: Darrick J. Wong <darrick.wong@oracle.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Hyeoncheol Lee <cheol.lee@lge.com>
Cc: <yjay.kim@lge.com>
Cc: Sangseok Lee <sangseok.lee@lge.com>
Cc: <stable@vger.kernel.org> [4.7+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit f05714293a591038304ddae7cb0dd747bb3786cc)
Signed-off-by: Peter Kalauskas <peskal@google.com>
Bug: 112488418
Change-Id: I0fa5012aff9daf614b2d1d04f35b86ff7043ff21
Pass GFP flags to zs_malloc() instead of using a fixed mask supplied to
zs_create_pool(), so we can be more flexible, but, more importantly, we
need this to switch zram to per-cpu compression streams -- zram will try
to allocate handle with preemption disabled in a fast path and switch to
a slow path (using different gfp mask) if the fast one has failed.
Apart from that, this also align zs_malloc() interface with zspool/zbud.
[sergey.senozhatsky@gmail.com: pass GFP flags to zs_malloc() instead of using a fixed mask]
Link: http://lkml.kernel.org/r/20160429150942.GA637@swordfish
Link: http://lkml.kernel.org/r/20160429150942.GA637@swordfish
Signed-off-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Acked-by: Minchan Kim <minchan@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit d0d8da2dc49dfdfe1d788eaf4d55eb5d4964d926)
Signed-off-by: Peter Kalauskas <peskal@google.com>
Bug: 112488418
Change-Id: I31276c9351be21a4ed588681b332e98142b76526
* refs/heads/tmp-f057ff9
Linux 4.4.148
x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
x86/init: fix build with CONFIG_SWAP=n
x86/speculation/l1tf: Fix up CPU feature flags
x86/mm/kmmio: Make the tracer robust against L1TF
x86/mm/pat: Make set_memory_np() L1TF safe
x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
x86/speculation/l1tf: Invert all not present mappings
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
x86/speculation/l1tf: Protect PAE swap entries against L1TF
x86/cpufeatures: Add detection of L1D cache flush support.
x86/speculation/l1tf: Extend 64bit swap file size limit
x86/bugs: Move the l1tf function and define pr_fmt properly
x86/speculation/l1tf: Limit swap file size to MAX_PA/2
x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
mm: fix cache mode tracking in vm_insert_mixed()
mm: Add vm_insert_pfn_prot()
x86/speculation/l1tf: Add sysfs reporting for l1tf
x86/speculation/l1tf: Make sure the first page is always reserved
x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
x86/speculation/l1tf: Protect swap entries against L1TF
x86/speculation/l1tf: Change order of offset/type in swap entry
mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
x86/mm: Fix swap entry comment and macro
x86/mm: Move swap offset/type up in PTE to work around erratum
x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
x86/irqflags: Provide a declaration for native_save_fl
kprobes/x86: Fix %p uses in error messages
x86/speculation: Protect against userspace-userspace spectreRSB
x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
ARM: dts: imx6sx: fix irq for pcie bridge
IB/ocrdma: fix out of bounds access to local buffer
IB/mlx4: Mark user MR as writable if actual virtual memory is writable
IB/core: Make testing MR flags for writability a static inline function
fix __legitimize_mnt()/mntput() race
fix mntput/mntput race
root dentries need RCU-delayed freeing
scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled
ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
xen/netfront: don't cache skb_shinfo()
parisc: Define mb() and add memory barriers to assembler unlock sequences
parisc: Enable CONFIG_MLONGCALLS by default
fork: unconditionally clear stack on fork
ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
tpm: fix race condition in tpm_common_write()
ext4: fix check to prevent initializing reserved inodes
Linux 4.4.147
jfs: Fix inconsistency between memory allocation and ea_buf->max_size
i2c: imx: Fix reinit_completion() use
ring_buffer: tracing: Inherit the tracing setting to next ring buffer
ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle
ext4: fix false negatives *and* false positives in ext4_check_descriptors()
netlink: Don't shift on 64 for ngroups
netlink: Don't shift with UB on nlk->ngroups
netlink: Do not subscribe to non-existent groups
nohz: Fix local_timer_softirq_pending()
genirq: Make force irq threading setup more robust
scsi: qla2xxx: Return error when TMF returns
scsi: qla2xxx: Fix ISP recovery on unload
Conflicts:
include/linux/swapfile.h
Removed CONFIG_CRYPTO_ECHAINIV from defconfig files since this upmerge is
adding this config to Kconfig file.
Change-Id: Ide96c29f919d76590c2bdccf356d1d464a892fd7
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Fix some null pointer dereference flaw and parameter not init issues.
change-Id: I0ed5f3f62c3794775bf97d353c4e50dd8ceb32da
Signed-off-by: Yao Jiang <yaojia@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlt0SdMACgkQONu9yGCS
aT4NLxAAovDVqFFejBk8M1nxAtQSqRzB2PMboc+l62clKa6BAJtWAsgPFjECgzEp
edlDeUttliQoTB6S3GYYM82oj50myUKlGvlJRptRE3Gr1iYubdB/U2RDmwEzCxbC
AEzu4tEv+Z23jaLGsuAIOg66faBTqqgVoKtp/TlKwl+Y/b6WzkI0gRzxWTBFnAlj
AKuhmoc1JoS9JF/MQ4q02gYSQ0g1eTpr1gIU2GMow9pK9Rahk4Jdl4yRjNLUFDxd
ojrBYCoElf90R3q+NvmZBbzxwanm2OgzeEBffhh647aB5kHEUd5h4z9w+sIoXmSq
50uD59q62Umdpp2O125HH5KHeHbcTUCXXp3g1VY6A/+d9dTs9GZqo//vf6aJsxEb
gixoYyNbIcqw1k0jhEEW2ah3F3j+ZHvNmLKPyV4U8h2Tw2K5QKzFu/fVnQw7Xfv6
Gv0z1TQ4Y+w2bqpzDiDBO4sRgKOXVr3hzWa0jggW5AoKWTco/oIVkE+Rqmj65AfK
DROqCMQq75K+pymrM8I3wTXRSxtSH9bO/iqCu2LiiaG+JAkvr0OIHEHgizxLtAFO
ivpREPDsWhVAYUmnoCgJa8Za1GdJk1I9uvxoJY1TBL8gbcYc61yjjeJDYqLghuNT
EhrvFvJ4r/fQ6BJ76+rO7FSJIl+Kov2Uf7CWql3Lzxps6/u5GNQ=
=73dO
-----END PGP SIGNATURE-----
Merge 4.4.148 into android-4.4-p
Changes in 4.4.148
ext4: fix check to prevent initializing reserved inodes
tpm: fix race condition in tpm_common_write()
ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
fork: unconditionally clear stack on fork
parisc: Enable CONFIG_MLONGCALLS by default
parisc: Define mb() and add memory barriers to assembler unlock sequences
xen/netfront: don't cache skb_shinfo()
ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled
root dentries need RCU-delayed freeing
fix mntput/mntput race
fix __legitimize_mnt()/mntput() race
IB/core: Make testing MR flags for writability a static inline function
IB/mlx4: Mark user MR as writable if actual virtual memory is writable
IB/ocrdma: fix out of bounds access to local buffer
ARM: dts: imx6sx: fix irq for pcie bridge
x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
x86/speculation: Protect against userspace-userspace spectreRSB
kprobes/x86: Fix %p uses in error messages
x86/irqflags: Provide a declaration for native_save_fl
x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
x86/mm: Move swap offset/type up in PTE to work around erratum
x86/mm: Fix swap entry comment and macro
mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
x86/speculation/l1tf: Change order of offset/type in swap entry
x86/speculation/l1tf: Protect swap entries against L1TF
x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
x86/speculation/l1tf: Make sure the first page is always reserved
x86/speculation/l1tf: Add sysfs reporting for l1tf
mm: Add vm_insert_pfn_prot()
mm: fix cache mode tracking in vm_insert_mixed()
x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
x86/speculation/l1tf: Limit swap file size to MAX_PA/2
x86/bugs: Move the l1tf function and define pr_fmt properly
x86/speculation/l1tf: Extend 64bit swap file size limit
x86/cpufeatures: Add detection of L1D cache flush support.
x86/speculation/l1tf: Protect PAE swap entries against L1TF
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
x86/speculation/l1tf: Invert all not present mappings
x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
x86/mm/pat: Make set_memory_np() L1TF safe
x86/mm/kmmio: Make the tracer robust against L1TF
x86/speculation/l1tf: Fix up CPU feature flags
x86/init: fix build with CONFIG_SWAP=n
x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
Linux 4.4.148
Change-Id: Id593840e382389d43e5e54f9d1cfa1d679d8d8be
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlt0SdMACgkQONu9yGCS
aT4NLxAAovDVqFFejBk8M1nxAtQSqRzB2PMboc+l62clKa6BAJtWAsgPFjECgzEp
edlDeUttliQoTB6S3GYYM82oj50myUKlGvlJRptRE3Gr1iYubdB/U2RDmwEzCxbC
AEzu4tEv+Z23jaLGsuAIOg66faBTqqgVoKtp/TlKwl+Y/b6WzkI0gRzxWTBFnAlj
AKuhmoc1JoS9JF/MQ4q02gYSQ0g1eTpr1gIU2GMow9pK9Rahk4Jdl4yRjNLUFDxd
ojrBYCoElf90R3q+NvmZBbzxwanm2OgzeEBffhh647aB5kHEUd5h4z9w+sIoXmSq
50uD59q62Umdpp2O125HH5KHeHbcTUCXXp3g1VY6A/+d9dTs9GZqo//vf6aJsxEb
gixoYyNbIcqw1k0jhEEW2ah3F3j+ZHvNmLKPyV4U8h2Tw2K5QKzFu/fVnQw7Xfv6
Gv0z1TQ4Y+w2bqpzDiDBO4sRgKOXVr3hzWa0jggW5AoKWTco/oIVkE+Rqmj65AfK
DROqCMQq75K+pymrM8I3wTXRSxtSH9bO/iqCu2LiiaG+JAkvr0OIHEHgizxLtAFO
ivpREPDsWhVAYUmnoCgJa8Za1GdJk1I9uvxoJY1TBL8gbcYc61yjjeJDYqLghuNT
EhrvFvJ4r/fQ6BJ76+rO7FSJIl+Kov2Uf7CWql3Lzxps6/u5GNQ=
=73dO
-----END PGP SIGNATURE-----
Merge 4.4.148 into android-4.4
Changes in 4.4.148
ext4: fix check to prevent initializing reserved inodes
tpm: fix race condition in tpm_common_write()
ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV
fork: unconditionally clear stack on fork
parisc: Enable CONFIG_MLONGCALLS by default
parisc: Define mb() and add memory barriers to assembler unlock sequences
xen/netfront: don't cache skb_shinfo()
ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled
root dentries need RCU-delayed freeing
fix mntput/mntput race
fix __legitimize_mnt()/mntput() race
IB/core: Make testing MR flags for writability a static inline function
IB/mlx4: Mark user MR as writable if actual virtual memory is writable
IB/ocrdma: fix out of bounds access to local buffer
ARM: dts: imx6sx: fix irq for pcie bridge
x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
x86/speculation: Protect against userspace-userspace spectreRSB
kprobes/x86: Fix %p uses in error messages
x86/irqflags: Provide a declaration for native_save_fl
x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
x86/mm: Move swap offset/type up in PTE to work around erratum
x86/mm: Fix swap entry comment and macro
mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
x86/speculation/l1tf: Change order of offset/type in swap entry
x86/speculation/l1tf: Protect swap entries against L1TF
x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
x86/speculation/l1tf: Make sure the first page is always reserved
x86/speculation/l1tf: Add sysfs reporting for l1tf
mm: Add vm_insert_pfn_prot()
mm: fix cache mode tracking in vm_insert_mixed()
x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
x86/speculation/l1tf: Limit swap file size to MAX_PA/2
x86/bugs: Move the l1tf function and define pr_fmt properly
x86/speculation/l1tf: Extend 64bit swap file size limit
x86/cpufeatures: Add detection of L1D cache flush support.
x86/speculation/l1tf: Protect PAE swap entries against L1TF
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
x86/speculation/l1tf: Invert all not present mappings
x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
x86/mm/pat: Make set_memory_np() L1TF safe
x86/mm/kmmio: Make the tracer robust against L1TF
x86/speculation/l1tf: Fix up CPU feature flags
x86/init: fix build with CONFIG_SWAP=n
x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
Linux 4.4.148
Change-Id: I83c857d9d9d74ee47e61d15eb411f276f057ba3d
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 377eeaa8e11fe815b1d07c81c4a0e2843a8c15eb upstream
For the L1TF workaround its necessary to limit the swap file size to below
MAX_PA/2, so that the higher bits of the swap offset inverted never point
to valid memory.
Add a mechanism for the architecture to override the swap file size check
in swapfile.c and add a x86 specific max swapfile check function that
enforces that limit.
The check is only enabled if the CPU is vulnerable to L1TF.
In VMs with 42bit MAX_PA the typical limit is 2TB now, on a native system
with 46bit PA it is 32TB. The limit is only per individual swap file, so
it's always possible to exceed these limits with multiple swap files or
partitions.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 42e4089c7890725fcd329999252dc489b72f2921 upstream
For L1TF PROT_NONE mappings are protected by inverting the PFN in the page
table entry. This sets the high bits in the CPU's address space, thus
making sure to point to not point an unmapped entry to valid cached memory.
Some server system BIOSes put the MMIO mappings high up in the physical
address space. If such an high mapping was mapped to unprivileged users
they could attack low memory by setting such a mapping to PROT_NONE. This
could happen through a special device driver which is not access
protected. Normal /dev/mem is of course access protected.
To avoid this forbid PROT_NONE mappings or mprotect for high MMIO mappings.
Valid page mappings are allowed because the system is then unsafe anyways.
It's not expected that users commonly use PROT_NONE on MMIO. But to
minimize any impact this is only enforced if the mapping actually refers to
a high MMIO address (defined as the MAX_PA-1 bit being set), and also skip
the check for root.
For mmaps this is straight forward and can be handled in vm_insert_pfn and
in remap_pfn_range().
For mprotect it's a bit trickier. At the point where the actual PTEs are
accessed a lot of state has been changed and it would be difficult to undo
on an error. Since this is a uncommon case use a separate early page talk
walk pass for MMIO PROT_NONE mappings that checks for this condition
early. For non MMIO and non PROT_NONE there are no changes.
[dwmw2: Backport to 4.9]
[groeck: Backport to 4.4]
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 87744ab3832b83ba71b931f86f9cfdb000d07da5 upstream
vm_insert_mixed() unlike vm_insert_pfn_prot() and vmf_insert_pfn_pmd(),
fails to check the pgprot_t it uses for the mapping against the one
recorded in the memtype tracking tree. Add the missing call to
track_pfn_insert() to preclude cases where incompatible aliased mappings
are established for a given physical address range.
[groeck: Backport to v4.4.y]
Link: http://lkml.kernel.org/r/147328717909.35069.14256589123570653697.stgit@dwillia2-desk3.amr.corp.intel.com
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Cc: David Airlie <airlied@linux.ie>
Cc: Matthew Wilcox <mawilcox@microsoft.com>
Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
commit 1745cbc5d0dee0749a6bc0ea8e872c5db0074061 upstream
The x86 vvar vma contains pages with differing cacheability
flags. x86 currently implements this by manually inserting all
the ptes using (io_)remap_pfn_range when the vma is set up.
x86 wants to move to using .fault with VM_FAULT_NOPAGE to set up
the mappings as needed. The correct API to use to insert a pfn
in .fault is vm_insert_pfn(), but vm_insert_pfn() can't override the
vma's cache mode, and the HPET page in particular needs to be
uncached despite the fact that the rest of the VMA is cached.
Add vm_insert_pfn_prot() to support varying cacheability within
the same non-COW VMA in a more sane manner.
x86 could alternatively use multiple VMAs, but that's messy,
would break CRIU, and would create unnecessary VMAs that would
waste memory.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Acked-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Fenghua Yu <fenghua.yu@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Quentin Casasnovas <quentin.casasnovas@oracle.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/d2938d1eb37be7a5e4f86182db646551f11e45aa.1451446564.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
* refs/heads/tmp-13962260
Linux 4.4.146
scsi: sg: fix minor memory leak in error path
crypto: padlock-aes - Fix Nano workaround data corruption
kvm: x86: vmx: fix vpid leak
virtio_balloon: fix another race between migration and ballooning
net: socket: fix potential spectre v1 gadget in socketcall
can: ems_usb: Fix memory leak on ems_usb_disconnect()
squashfs: more metadata hardenings
squashfs: more metadata hardening
netlink: Fix spectre v1 gadget in netlink_create()
net: dsa: Do not suspend/resume closed slave_dev
inet: frag: enforce memory limits earlier
tcp: add one more quick ack after after ECN events
tcp: refactor tcp_ecn_check_ce to remove sk type cast
tcp: do not aggressively quick ack after ECN events
tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
tcp: do not force quickack when receiving out-of-order packets
NET: stmmac: align DMA stuff to largest cache line length
xen-netfront: wait xenbus state change when load module manually
net: lan78xx: fix rx handling before first packet is send
net: fix amd-xgbe flow-control issue
ipv4: remove BUG_ON() from fib_compute_spec_dst
ASoC: pxa: Fix module autoload for platform drivers
dmaengine: pxa_dma: remove duplicate const qualifier
ext4: check for allocation block validity with block group locked
ext4: fix inline data updates with checksums enabled
squashfs: be more careful about metadata corruption
random: mix rdrand with entropy sent in from userspace
drm: Add DP PSR2 sink enable bit
media: si470x: fix __be16 annotations
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
scsi: scsi_dh: replace too broad "TP9" string with the exact models
media: omap3isp: fix unbalanced dma_iommu_mapping
crypto: authenc - don't leak pointers to authenc keys
crypto: authencesn - don't leak pointers to authenc keys
usb: hub: Don't wait for connect state at resume for powered-off ports
microblaze: Fix simpleImage format generation
audit: allow not equal op for audit by executable
rsi: Fix 'invalid vdd' warning in mmc
ipconfig: Correctly initialise ic_nameservers
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
memory: tegra: Apply interrupts mask per SoC
memory: tegra: Do not handle spurious interrupts
ALSA: hda/ca0132: fix build failure when a local macro is defined
drm/atomic: Handling the case when setting old crtc for plane
media: siano: get rid of __le32/__le16 cast warnings
bpf: fix references to free_bpf_prog_info() in comments
thermal: exynos: fix setting rising_threshold for Exynos5433
scsi: megaraid: silence a static checker bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: 3w-9xxx: fix a missing-check bug
perf: fix invalid bit in diagnostic entry
s390/cpum_sf: Add data entry sizes to sampling trailer entry
brcmfmac: Add support for bcm43364 wireless chipset
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
media: saa7164: Fix driver name in debug output
libata: Fix command retry decision
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
tty: Fix data race in tty_insert_flip_string_fixed_flag
HID: i2c-hid: check if device is there before really probing
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
drm/radeon: fix mode_valid's return type
HID: hid-plantronics: Re-resend Update to map button for PTT products
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
media: smiapp: fix timeout checking in smiapp_read_nvm
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
ALSA: emu10k1: Rate-limit error messages about page errors
scsi: ufs: fix exception event handling
mwifiex: correct histogram data with appropriate index
PCI: pciehp: Request control of native hotplug only if supported
pinctrl: at91-pio4: add missing of_node_put
powerpc/8xx: fix invalid register expression in head_8xx.S
powerpc/powermac: Mark variable x as unused
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/32: Add a missing include header
ath: Add regulatory mapping for Bahamas
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for FCC3_ETSIC
PCI: Prevent sysfs disable of device while driver is attached
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
media: videobuf2-core: don't call memop 'finish' when queueing
wlcore: sdio: check for valid platform device data before suspend
mwifiex: handle race during mwifiex_usb_disconnect
mfd: cros_ec: Fail early if we cannot identify the EC
ASoC: dpcm: fix BE dai not hw_free and shutdown
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
iwlwifi: pcie: fix race in Rx buffer allocator
perf/x86/intel/uncore: Correct fixed counter index check for NHM
perf/x86/intel/uncore: Correct fixed counter index check in generic code
usbip: usbip_detach: Fix memory, udev context and udev leak
f2fs: fix to don't trigger writeback during recovery
disable loading f2fs module on PAGE_SIZE > 4KB
RDMA/mad: Convert BUG_ONs to error flows
powerpc/64s: Fix compiler store ordering to SLB shadow area
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
infiniband: fix a possible use-after-free bug
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
rtc: ensure rtc_set_alarm fails when alarms are not supported
mm/slub.c: add __printf verification to slab_err()
mm: vmalloc: avoid racy handling of debugobjects in vunmap
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
ALSA: fm801: add error handling for snd_ctl_add
ALSA: emu10k1: add error handling for snd_ctl_add
xen/netfront: raise max number of slots in xennet_get_responses()
tracing: Quiet gcc warning about maybe unused link variable
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
tracing: Fix possible double free in event_enable_trigger_func()
tracing: Fix double free of event_trigger_data
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
MIPS: Fix off-by-one in pci_resource_to_user()
kernel/sys.c: fix merge error with 4.4.144
Conflicts:
drivers/scsi/ufs/ufshcd.c
include/net/tcp.h
net/socket.c
Change-Id: Ie84fdcf54b0a45508f76ef56330291f54e35ed30
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltoWioACgkQONu9yGCS
aT6YrQ//d8dWKaNZK08Z/l2ZqRS56wlNTJyHIB81p1uM2PuPHfLjsZzLQ+HnZ3Ha
G+fedEj3sbwJp8i61TRu9Q1p/PyLWsnaryWZaK3gm4Yo8GrdVbXAY47EHwz3fbUK
yxrC0+zQmIlyZgwzbUNGspDuAdNt2MFDug97RFF8BdhJd84Rv0BbicGMwKJQFfFN
g0Tv6yB+8cjmnCMjmLreLyi+puWvXZtZXAi+idl9eTC4ysGDKNvO1ERptv2NC5C6
171cbsS/ngpY5ZIUcmLy0QPPFh/ZCeoft22R3gOxZDkjT4Ro6lY5ubPKDEcn57Hv
FSV5fuQ3cBtmsODn7LMIWqLDKuCRM/gTmvXrWxM91JDLSsuAdZWATj8k4iIoocmk
l/3iOixBMFCGToQ1I2/O33QZOssKoDIz4bpG6+HM/Cj4anSnVZKjouJSTlNZr/3i
ZJOXpu/MpQItc/RGo/PumzJLkXhS+HyGwPbTIOPy29NMqp+xvjZv4DttuJbqyHJ2
Pm/OZcvU7z1wSMhcTknvZLLMQVRIICQjfPJNDefqAdrCdd233cRo37cU8egg4A0l
F3q+ZI/ny01YWQP8KrCJyWB5lHHbEc44wUHCxet0TPZ1qaqvVcXzaWhwxP2H0L3I
7r2u9bDg15ielw3jhPpRWZMvANbQlToNoj6YROqj5ArcIowcBPc=
=7/iL
-----END PGP SIGNATURE-----
Merge 4.4.146 into android-4.4-p
Changes in 4.4.146
MIPS: Fix off-by-one in pci_resource_to_user()
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
tracing: Fix double free of event_trigger_data
tracing: Fix possible double free in event_enable_trigger_func()
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
tracing: Quiet gcc warning about maybe unused link variable
xen/netfront: raise max number of slots in xennet_get_responses()
ALSA: emu10k1: add error handling for snd_ctl_add
ALSA: fm801: add error handling for snd_ctl_add
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
mm: vmalloc: avoid racy handling of debugobjects in vunmap
mm/slub.c: add __printf verification to slab_err()
rtc: ensure rtc_set_alarm fails when alarms are not supported
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
infiniband: fix a possible use-after-free bug
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
powerpc/64s: Fix compiler store ordering to SLB shadow area
RDMA/mad: Convert BUG_ONs to error flows
disable loading f2fs module on PAGE_SIZE > 4KB
f2fs: fix to don't trigger writeback during recovery
usbip: usbip_detach: Fix memory, udev context and udev leak
perf/x86/intel/uncore: Correct fixed counter index check in generic code
perf/x86/intel/uncore: Correct fixed counter index check for NHM
iwlwifi: pcie: fix race in Rx buffer allocator
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
ASoC: dpcm: fix BE dai not hw_free and shutdown
mfd: cros_ec: Fail early if we cannot identify the EC
mwifiex: handle race during mwifiex_usb_disconnect
wlcore: sdio: check for valid platform device data before suspend
media: videobuf2-core: don't call memop 'finish' when queueing
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
PCI: Prevent sysfs disable of device while driver is attached
ath: Add regulatory mapping for FCC3_ETSIC
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Bahamas
powerpc/32: Add a missing include header
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/powermac: Mark variable x as unused
powerpc/8xx: fix invalid register expression in head_8xx.S
pinctrl: at91-pio4: add missing of_node_put
PCI: pciehp: Request control of native hotplug only if supported
mwifiex: correct histogram data with appropriate index
scsi: ufs: fix exception event handling
ALSA: emu10k1: Rate-limit error messages about page errors
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
media: smiapp: fix timeout checking in smiapp_read_nvm
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
HID: hid-plantronics: Re-resend Update to map button for PTT products
drm/radeon: fix mode_valid's return type
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
HID: i2c-hid: check if device is there before really probing
tty: Fix data race in tty_insert_flip_string_fixed_flag
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
libata: Fix command retry decision
media: saa7164: Fix driver name in debug output
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
brcmfmac: Add support for bcm43364 wireless chipset
s390/cpum_sf: Add data entry sizes to sampling trailer entry
perf: fix invalid bit in diagnostic entry
scsi: 3w-9xxx: fix a missing-check bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: megaraid: silence a static checker bug
thermal: exynos: fix setting rising_threshold for Exynos5433
bpf: fix references to free_bpf_prog_info() in comments
media: siano: get rid of __le32/__le16 cast warnings
drm/atomic: Handling the case when setting old crtc for plane
ALSA: hda/ca0132: fix build failure when a local macro is defined
memory: tegra: Do not handle spurious interrupts
memory: tegra: Apply interrupts mask per SoC
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
ipconfig: Correctly initialise ic_nameservers
rsi: Fix 'invalid vdd' warning in mmc
audit: allow not equal op for audit by executable
microblaze: Fix simpleImage format generation
usb: hub: Don't wait for connect state at resume for powered-off ports
crypto: authencesn - don't leak pointers to authenc keys
crypto: authenc - don't leak pointers to authenc keys
media: omap3isp: fix unbalanced dma_iommu_mapping
scsi: scsi_dh: replace too broad "TP9" string with the exact models
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
media: si470x: fix __be16 annotations
drm: Add DP PSR2 sink enable bit
random: mix rdrand with entropy sent in from userspace
squashfs: be more careful about metadata corruption
ext4: fix inline data updates with checksums enabled
ext4: check for allocation block validity with block group locked
dmaengine: pxa_dma: remove duplicate const qualifier
ASoC: pxa: Fix module autoload for platform drivers
ipv4: remove BUG_ON() from fib_compute_spec_dst
net: fix amd-xgbe flow-control issue
net: lan78xx: fix rx handling before first packet is send
xen-netfront: wait xenbus state change when load module manually
NET: stmmac: align DMA stuff to largest cache line length
tcp: do not force quickack when receiving out-of-order packets
tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
tcp: do not aggressively quick ack after ECN events
tcp: refactor tcp_ecn_check_ce to remove sk type cast
tcp: add one more quick ack after after ECN events
inet: frag: enforce memory limits earlier
net: dsa: Do not suspend/resume closed slave_dev
netlink: Fix spectre v1 gadget in netlink_create()
squashfs: more metadata hardening
squashfs: more metadata hardenings
can: ems_usb: Fix memory leak on ems_usb_disconnect()
net: socket: fix potential spectre v1 gadget in socketcall
virtio_balloon: fix another race between migration and ballooning
kvm: x86: vmx: fix vpid leak
crypto: padlock-aes - Fix Nano workaround data corruption
scsi: sg: fix minor memory leak in error path
Linux 4.4.146
Change-Id: I7b8ad5e297804f92b3e3a8c5daf8a26ba684029b
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltoWioACgkQONu9yGCS
aT6YrQ//d8dWKaNZK08Z/l2ZqRS56wlNTJyHIB81p1uM2PuPHfLjsZzLQ+HnZ3Ha
G+fedEj3sbwJp8i61TRu9Q1p/PyLWsnaryWZaK3gm4Yo8GrdVbXAY47EHwz3fbUK
yxrC0+zQmIlyZgwzbUNGspDuAdNt2MFDug97RFF8BdhJd84Rv0BbicGMwKJQFfFN
g0Tv6yB+8cjmnCMjmLreLyi+puWvXZtZXAi+idl9eTC4ysGDKNvO1ERptv2NC5C6
171cbsS/ngpY5ZIUcmLy0QPPFh/ZCeoft22R3gOxZDkjT4Ro6lY5ubPKDEcn57Hv
FSV5fuQ3cBtmsODn7LMIWqLDKuCRM/gTmvXrWxM91JDLSsuAdZWATj8k4iIoocmk
l/3iOixBMFCGToQ1I2/O33QZOssKoDIz4bpG6+HM/Cj4anSnVZKjouJSTlNZr/3i
ZJOXpu/MpQItc/RGo/PumzJLkXhS+HyGwPbTIOPy29NMqp+xvjZv4DttuJbqyHJ2
Pm/OZcvU7z1wSMhcTknvZLLMQVRIICQjfPJNDefqAdrCdd233cRo37cU8egg4A0l
F3q+ZI/ny01YWQP8KrCJyWB5lHHbEc44wUHCxet0TPZ1qaqvVcXzaWhwxP2H0L3I
7r2u9bDg15ielw3jhPpRWZMvANbQlToNoj6YROqj5ArcIowcBPc=
=7/iL
-----END PGP SIGNATURE-----
Merge 4.4.146 into android-4.4
Changes in 4.4.146
MIPS: Fix off-by-one in pci_resource_to_user()
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
tracing: Fix double free of event_trigger_data
tracing: Fix possible double free in event_enable_trigger_func()
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
tracing: Quiet gcc warning about maybe unused link variable
xen/netfront: raise max number of slots in xennet_get_responses()
ALSA: emu10k1: add error handling for snd_ctl_add
ALSA: fm801: add error handling for snd_ctl_add
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
mm: vmalloc: avoid racy handling of debugobjects in vunmap
mm/slub.c: add __printf verification to slab_err()
rtc: ensure rtc_set_alarm fails when alarms are not supported
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
infiniband: fix a possible use-after-free bug
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
powerpc/64s: Fix compiler store ordering to SLB shadow area
RDMA/mad: Convert BUG_ONs to error flows
disable loading f2fs module on PAGE_SIZE > 4KB
f2fs: fix to don't trigger writeback during recovery
usbip: usbip_detach: Fix memory, udev context and udev leak
perf/x86/intel/uncore: Correct fixed counter index check in generic code
perf/x86/intel/uncore: Correct fixed counter index check for NHM
iwlwifi: pcie: fix race in Rx buffer allocator
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
ASoC: dpcm: fix BE dai not hw_free and shutdown
mfd: cros_ec: Fail early if we cannot identify the EC
mwifiex: handle race during mwifiex_usb_disconnect
wlcore: sdio: check for valid platform device data before suspend
media: videobuf2-core: don't call memop 'finish' when queueing
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
PCI: Prevent sysfs disable of device while driver is attached
ath: Add regulatory mapping for FCC3_ETSIC
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Bahamas
powerpc/32: Add a missing include header
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/powermac: Mark variable x as unused
powerpc/8xx: fix invalid register expression in head_8xx.S
pinctrl: at91-pio4: add missing of_node_put
PCI: pciehp: Request control of native hotplug only if supported
mwifiex: correct histogram data with appropriate index
scsi: ufs: fix exception event handling
ALSA: emu10k1: Rate-limit error messages about page errors
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
media: smiapp: fix timeout checking in smiapp_read_nvm
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
HID: hid-plantronics: Re-resend Update to map button for PTT products
drm/radeon: fix mode_valid's return type
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
HID: i2c-hid: check if device is there before really probing
tty: Fix data race in tty_insert_flip_string_fixed_flag
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
libata: Fix command retry decision
media: saa7164: Fix driver name in debug output
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
brcmfmac: Add support for bcm43364 wireless chipset
s390/cpum_sf: Add data entry sizes to sampling trailer entry
perf: fix invalid bit in diagnostic entry
scsi: 3w-9xxx: fix a missing-check bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: megaraid: silence a static checker bug
thermal: exynos: fix setting rising_threshold for Exynos5433
bpf: fix references to free_bpf_prog_info() in comments
media: siano: get rid of __le32/__le16 cast warnings
drm/atomic: Handling the case when setting old crtc for plane
ALSA: hda/ca0132: fix build failure when a local macro is defined
memory: tegra: Do not handle spurious interrupts
memory: tegra: Apply interrupts mask per SoC
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
ipconfig: Correctly initialise ic_nameservers
rsi: Fix 'invalid vdd' warning in mmc
audit: allow not equal op for audit by executable
microblaze: Fix simpleImage format generation
usb: hub: Don't wait for connect state at resume for powered-off ports
crypto: authencesn - don't leak pointers to authenc keys
crypto: authenc - don't leak pointers to authenc keys
media: omap3isp: fix unbalanced dma_iommu_mapping
scsi: scsi_dh: replace too broad "TP9" string with the exact models
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
media: si470x: fix __be16 annotations
drm: Add DP PSR2 sink enable bit
random: mix rdrand with entropy sent in from userspace
squashfs: be more careful about metadata corruption
ext4: fix inline data updates with checksums enabled
ext4: check for allocation block validity with block group locked
dmaengine: pxa_dma: remove duplicate const qualifier
ASoC: pxa: Fix module autoload for platform drivers
ipv4: remove BUG_ON() from fib_compute_spec_dst
net: fix amd-xgbe flow-control issue
net: lan78xx: fix rx handling before first packet is send
xen-netfront: wait xenbus state change when load module manually
NET: stmmac: align DMA stuff to largest cache line length
tcp: do not force quickack when receiving out-of-order packets
tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
tcp: do not aggressively quick ack after ECN events
tcp: refactor tcp_ecn_check_ce to remove sk type cast
tcp: add one more quick ack after after ECN events
inet: frag: enforce memory limits earlier
net: dsa: Do not suspend/resume closed slave_dev
netlink: Fix spectre v1 gadget in netlink_create()
squashfs: more metadata hardening
squashfs: more metadata hardenings
can: ems_usb: Fix memory leak on ems_usb_disconnect()
net: socket: fix potential spectre v1 gadget in socketcall
virtio_balloon: fix another race between migration and ballooning
kvm: x86: vmx: fix vpid leak
crypto: padlock-aes - Fix Nano workaround data corruption
scsi: sg: fix minor memory leak in error path
Linux 4.4.146
Change-Id: Ia7e43a90d0f5603c741811436b8de41884cb2851
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
[ Upstream commit a38965bf941b7c2af50de09c96bc5f03e136caef ]
__printf is useful to verify format and arguments. Remove the following
warning (with W=1):
mm/slub.c:721:2: warning: function might be possible candidate for `gnu_printf' format attribute [-Wsuggest-attribute=format]
Link: http://lkml.kernel.org/r/20180505200706.19986-1-malat@debian.org
Signed-off-by: Mathieu Malaterre <malat@debian.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit f3c01d2f3ade6790db67f80fef60df84424f8964 ]
Currently, __vunmap flow is,
1) Release the VM area
2) Free the debug objects corresponding to that vm area.
This leave some race window open.
1) Release the VM area
1.5) Some other client gets the same vm area
1.6) This client allocates new debug objects on the same
vm area
2) Free the debug objects corresponding to this vm area.
Here, we actually free 'other' client's debug objects.
Fix this by freeing the debug objects first and then releasing the VM
area.
Link: http://lkml.kernel.org/r/1523961828-9485-2-git-send-email-cpandya@codeaurora.org
Signed-off-by: Chintan Pandya <cpandya@codeaurora.org>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Byungchul Park <byungchul.park@lge.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Wei Yang <richard.weiyang@gmail.com>
Cc: Yisheng Xie <xieyisheng1@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Linux Build Service Account
Kirill A. Shutemov
Greg Kroah-Hartman
Joel Fernandes (Google)
Srinivasarao P
Linus Torvalds
Florian Fainelli
Chas Williams
Andrey Ryabinin
Peter Zijlstra
Zhenhua Huang
jie@chenjie6@huwei.com
Li Wang
Sergey Senozhatsky
Zhen Lei
Minchan Kim
Sergey Senozhatsky
Yao Jiang
Andi Kleen
Dan Williams
Andy Lutomirski
Mathieu Malaterre
Chintan Pandya