[PATCH 3.2 007/115] Bluetooth: btusb: Add new AR3012 ID 13d3:3395

3.2.80-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Tunin commit 609574eb46335cfac1421a07c0505627cbbab1f0 upstream. T: Bus=03 Lev=02 Prnt=02 Port=00 Cnt=01 Dev#= 3 Spd=12 MxCh= 0 D: Ver= 1.10 Cls=e0(wlcon) Sub=01

[PATCH 3.2 007/115] Bluetooth: btusb: Add new AR3012 ID 13d3:3395

3.2.80-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Tunin commit 609574eb46335cfac1421a07c0505627cbbab1f0 upstream. T: Bus=03 Lev=02 Prnt=02 Port=00 Cnt=01 Dev#= 3 Spd=12 MxCh= 0 D: Ver= 1.10 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1

[PATCH 3.16 000/217] 3.16.35-rc1 review

This is the start of the stable review cycle for the 3.16.35 release. There are 217 patches in this series, which will be posted as responses to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Apr 30 22:00:00 UTC 2016. Anything

[PATCH 3.16 000/217] 3.16.35-rc1 review

This is the start of the stable review cycle for the 3.16.35 release. There are 217 patches in this series, which will be posted as responses to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Apr 30 22:00:00 UTC 2016. Anything

[PATCH 3.16 056/217] net/mlx5: Make command timeout way shorter

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Or Gerlitz commit 6b6c07bdcdc97ccac2596063bfc32a5faddfe884 upstream. The command timeout is terribly long, whole two hours. Make it 60s so if things do go wrong, the

[PATCH 3.16 055/217] nfsd4: fix bad bounds checking

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "J. Bruce Fields" commit 4aed9c46afb80164401143aa0fdcfe3798baa9d5 upstream. A number of spots in the xdr decoding follow a pattern like n = be32_to_cpup(p++);

[PATCH 3.16 056/217] net/mlx5: Make command timeout way shorter

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Or Gerlitz commit 6b6c07bdcdc97ccac2596063bfc32a5faddfe884 upstream. The command timeout is terribly long, whole two hours. Make it 60s so if things do go wrong, the user gets feedback in

[PATCH 3.16 055/217] nfsd4: fix bad bounds checking

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "J. Bruce Fields" commit 4aed9c46afb80164401143aa0fdcfe3798baa9d5 upstream. A number of spots in the xdr decoding follow a pattern like n = be32_to_cpup(p++); READ_BUF(n +

[PATCH 3.16 057/217] xfs: fix two memory leaks in xfs_attr_list.c error paths

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Mateusz Guzik commit 2e83b79b2d6c78bf1b4aa227938a214dcbddc83f upstream. This plugs 2 trivial leaks in xfs_attr_shortform_list and xfs_attr3_leaf_list_int. Signed-off-by:

[PATCH 3.16 051/217] fbdev: da8xx-fb: fix videomodes of lcd panels

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Sushaanth Srirangapathi commit 713fced8d10fa1c759c8fb6bf9aaa681bae68cad upstream. Commit 028cd86b794f4a ("video: da8xx-fb: fix the polarities of the hsync/vsync pulse")

[PATCH 3.16 051/217] fbdev: da8xx-fb: fix videomodes of lcd panels

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Sushaanth Srirangapathi commit 713fced8d10fa1c759c8fb6bf9aaa681bae68cad upstream. Commit 028cd86b794f4a ("video: da8xx-fb: fix the polarities of the hsync/vsync pulse") fixes polarities of

[PATCH 3.16 057/217] xfs: fix two memory leaks in xfs_attr_list.c error paths

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Mateusz Guzik commit 2e83b79b2d6c78bf1b4aa227938a214dcbddc83f upstream. This plugs 2 trivial leaks in xfs_attr_shortform_list and xfs_attr3_leaf_list_int. Signed-off-by: Mateusz Guzik

[PATCH 3.2 004/115] net: irda: Fix use-after-free in irtty_open()

3.2.80-rc1 review patch. If anyone has any objections, please let me know. -- From: Peter Hurley commit 401879c57f01cbf2da204ad2e8db910525c6dbea upstream. The N_IRDA line discipline may access the previous line discipline's closed and already-fre

[PATCH 3.2 004/115] net: irda: Fix use-after-free in irtty_open()

3.2.80-rc1 review patch. If anyone has any objections, please let me know. -- From: Peter Hurley commit 401879c57f01cbf2da204ad2e8db910525c6dbea upstream. The N_IRDA line discipline may access the previous line discipline's closed and already-fre private data on open [1].

[PATCH 3.16 048/217] Bluetooth: btusb: Add a new AR3012 ID 04ca:3014

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Tunin commit 81d90442eac779938217c3444b240aa51fd3db47 upstream. T: Bus=01 Lev=01 Prnt=01 Port=04 Cnt=03 Dev#= 5 Spd=12 MxCh= 0 D: Ver= 1.10 Cls=e0(wlcon)

[PATCH 3.16 048/217] Bluetooth: btusb: Add a new AR3012 ID 04ca:3014

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Tunin commit 81d90442eac779938217c3444b240aa51fd3db47 upstream. T: Bus=01 Lev=01 Prnt=01 Port=04 Cnt=03 Dev#= 5 Spd=12 MxCh= 0 D: Ver= 1.10 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs=

[PATCH 3.16 058/217] drivers/misc/ad525x_dpot: AD5274 fix RDAC read back errors

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Michael Hennerich commit f3df53e4d70b5736368a8fe8aa1bb70c1cb1f577 upstream. Fix RDAC read back errors caused by a typo. Value must shift by 2. Fixes:

[PATCH 3.16 046/217] kbuild/mkspec: fix grub2 installkernel issue

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Jiri Kosina commit c8b08ca558c0067bc9e15ce3f1e70af260410bb2 upstream. mkspec is copying built kernel to temporrary location /boot/vmlinuz-$KERNELRELEASE-rpm and

[PATCH 3.16 058/217] drivers/misc/ad525x_dpot: AD5274 fix RDAC read back errors

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Michael Hennerich commit f3df53e4d70b5736368a8fe8aa1bb70c1cb1f577 upstream. Fix RDAC read back errors caused by a typo. Value must shift by 2. Fixes: a4bd394956f2

[PATCH 3.16 046/217] kbuild/mkspec: fix grub2 installkernel issue

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Jiri Kosina commit c8b08ca558c0067bc9e15ce3f1e70af260410bb2 upstream. mkspec is copying built kernel to temporrary location /boot/vmlinuz-$KERNELRELEASE-rpm and runs installkernel

[PATCH 3.16 059/217] mtip32xx: Fix broken service thread handling

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Asai Thambi SP commit cfc05bd31384c4898bf2437a4de5557f3cf9803a upstream. Service thread does not detect the need for taskfile error hanlding. Fixed the flag condition

[PATCH 3.16 064/217] usb: hub: fix a typo in hub_port_init() leading to wrong logic

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Oliver Neukum commit 0d5ce778c43bf888328231bcdce05d5c860655aa upstream. A typo of j for i led to a logic bug. To rule out future confusion, the variable names are made

[PATCH 3.16 059/217] mtip32xx: Fix broken service thread handling

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Asai Thambi SP commit cfc05bd31384c4898bf2437a4de5557f3cf9803a upstream. Service thread does not detect the need for taskfile error hanlding. Fixed the flag condition to process taskfile

[PATCH 3.16 064/217] usb: hub: fix a typo in hub_port_init() leading to wrong logic

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Oliver Neukum commit 0d5ce778c43bf888328231bcdce05d5c860655aa upstream. A typo of j for i led to a logic bug. To rule out future confusion, the variable names are made meaningful.

[PATCH 3.16 047/217] crypto: ccp - memset request context to zero during import

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Tom Lendacky commit ce0ae266feaf35930394bd770c69778e4ef03ba9 upstream. Since a crypto_ahash_import() can be called against a request context that has not had a

[PATCH 3.16 047/217] crypto: ccp - memset request context to zero during import

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Tom Lendacky commit ce0ae266feaf35930394bd770c69778e4ef03ba9 upstream. Since a crypto_ahash_import() can be called against a request context that has not had a crypto_ahash_init() performed,

[PATCH 3.16 053/217] [media] bttv: Width must be a multiple of 16 when capturing planar formats

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Hans de Goede commit 5c915c68763889f0183a1cc61c84bb228b60124a upstream. On my bttv card "Hauppauge WinTV [card=10]" capturing in YV12 fmt at max size results in a solid

[PATCH 3.16 054/217] watchdog: rc32434_wdt: fix ioctl error handling

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "Michael S. Tsirkin" commit 10e7ac22cdd4d211cef99afcb9371b70cb175be6 upstream. Calling return copy_to_user(...) in an ioctl will not do the right thing if there's a

[PATCH 3.16 054/217] watchdog: rc32434_wdt: fix ioctl error handling

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "Michael S. Tsirkin" commit 10e7ac22cdd4d211cef99afcb9371b70cb175be6 upstream. Calling return copy_to_user(...) in an ioctl will not do the right thing if there's a pagefault: copy_to_user

[PATCH 3.16 053/217] [media] bttv: Width must be a multiple of 16 when capturing planar formats

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Hans de Goede commit 5c915c68763889f0183a1cc61c84bb228b60124a upstream. On my bttv card "Hauppauge WinTV [card=10]" capturing in YV12 fmt at max size results in a solid green rectangle being

[PATCH 3.16 049/217] mmc: sdhci: fix data timeout (part 1)

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Russell King commit fafcfda9e78cae8796d1799f14e6457790797555 upstream. The data timeout gives the minimum amount of time that should be waited before timing out

[PATCH 3.16 049/217] mmc: sdhci: fix data timeout (part 1)

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Russell King commit fafcfda9e78cae8796d1799f14e6457790797555 upstream. The data timeout gives the minimum amount of time that should be waited before timing out if no data is received from

Re: [-mmots 2016-04-25] hugetlb: error: ‘cpu_has_pse’ undeclared

On (04/26/16 15:00), Andrew Morton wrote: > > v4.6-rc5-mmots-2016-04-25-17-33 > > > > > > In file included from include/linux/hugetlb.h:418:0, > > from fs/hugetlbfs/inode.c:28: > > fs/hugetlbfs/inode.c: In function 'init_hugetlbfs_fs': > > ./arch/x86/include/asm/hugetlb.h:7:31:

Re: [-mmots 2016-04-25] hugetlb: error: ‘cpu_has_pse’ undeclared

On (04/26/16 15:00), Andrew Morton wrote: > > v4.6-rc5-mmots-2016-04-25-17-33 > > > > > > In file included from include/linux/hugetlb.h:418:0, > > from fs/hugetlbfs/inode.c:28: > > fs/hugetlbfs/inode.c: In function 'init_hugetlbfs_fs': > > ./arch/x86/include/asm/hugetlb.h:7:31:

[PATCH 3.16 061/217] mtip32xx: Avoid issuing standby immediate cmd during FTL rebuild

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Asai Thambi SP commit d8a18d2d8f5de55666c6011ed175939d22c8e3d8 upstream. Prevent standby immediate command from being issued in remove, suspend and shutdown paths,

[PATCH 3.16 061/217] mtip32xx: Avoid issuing standby immediate cmd during FTL rebuild

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Asai Thambi SP commit d8a18d2d8f5de55666c6011ed175939d22c8e3d8 upstream. Prevent standby immediate command from being issued in remove, suspend and shutdown paths, while drive is in FTL

[PATCH 3.16 100/217] rtc: hym8563: fix invalid year calculation

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Alexander Kochetkov commit d5861262210067fc01b2fb4f7af2fd85a3453f15 upstream. Year field must be in BCD format, according to hym8563 datasheet. Due to the bug year 2016

[PATCH 3.16 100/217] rtc: hym8563: fix invalid year calculation

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Alexander Kochetkov commit d5861262210067fc01b2fb4f7af2fd85a3453f15 upstream. Year field must be in BCD format, according to hym8563 datasheet. Due to the bug year 2016 became 2010. Fixes:

[PATCH 3.16 078/217] bcache: Fix more early shutdown bugs

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Kent Overstreet commit d83353b319d47ef8cce82467da6a25c2d558253f upstream. Signed-off-by: Kent Overstreet Signed-off-by: Ben Hutchings

[PATCH 3.16 066/217] sched/cputime: Fix steal time accounting vs. CPU hotplug

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit e9532e69b8d1d1284e8ecf8d2586de34aec61244 upstream. On CPU hotplug the steal time accounting can keep a stale rq->prev_steal_time value over CPU down

[PATCH 3.16 050/217] mmc: sdhci: fix data timeout (part 2)

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Russell King commit 7f05538af71c7d30b5fc821cbe9f318edc645961 upstream. The calculation for the timeout based on the number of card clocks is incorrect. The

[PATCH 3.16 078/217] bcache: Fix more early shutdown bugs

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Kent Overstreet commit d83353b319d47ef8cce82467da6a25c2d558253f upstream. Signed-off-by: Kent Overstreet Signed-off-by: Ben Hutchings --- drivers/md/bcache/super.c | 7 --- 1 file

[PATCH 3.16 066/217] sched/cputime: Fix steal time accounting vs. CPU hotplug

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Thomas Gleixner commit e9532e69b8d1d1284e8ecf8d2586de34aec61244 upstream. On CPU hotplug the steal time accounting can keep a stale rq->prev_steal_time value over CPU down and up. So after

[PATCH 3.16 050/217] mmc: sdhci: fix data timeout (part 2)

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Russell King commit 7f05538af71c7d30b5fc821cbe9f318edc645961 upstream. The calculation for the timeout based on the number of card clocks is incorrect. The calculation assumed:

Re: [PATCH v5 0/4] Cleaning printk stuff in NMI context

On (04/21/16 13:48), Petr Mladek wrote: > v5 adds changes suggested by Sergey Senozhatsky. It should not longer > conflict with his async printk patchset. passes my tests. (apart from that cosmetic-nano-nit) the series looks good to me Reviewed-by: Sergey Senozhatsky

Re: [PATCH v5 0/4] Cleaning printk stuff in NMI context

On (04/21/16 13:48), Petr Mladek wrote: > v5 adds changes suggested by Sergey Senozhatsky. It should not longer > conflict with his async printk patchset. passes my tests. (apart from that cosmetic-nano-nit) the series looks good to me Reviewed-by: Sergey Senozhatsky -ss

[PATCH 3.16 119/217] Input: synaptics - handle spurious release of trackstick buttons, again

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Benjamin Tissoires commit 82be788c96ed5978d3cb4a00079e26b981a3df3f upstream. Looks like the fimware 8.2 still has the extra buttons spurious release bug. Link:

[PATCH 3.16 117/217] sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: NeilBrown commit a6ab1e8126d205238defbb55d23661a3a5c6a0d8 upstream. sunrpc_cache_pipe_upcall() can detect a race if CACHE_PENDING is no longer set. In this case it aborts the

[PATCH 3.16 109/217] HID: i2c-hid: fix OOB write in i2c_hid_set_or_send_report()

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Torokhov commit 3b654288b196ceaa156029d9457ccbded0489b98 upstream. Even though hid_hw_* checks that passed in data_len is less than HID_MAX_BUFFER_SIZE it is not

[PATCH 3.16 119/217] Input: synaptics - handle spurious release of trackstick buttons, again

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Benjamin Tissoires commit 82be788c96ed5978d3cb4a00079e26b981a3df3f upstream. Looks like the fimware 8.2 still has the extra buttons spurious release bug. Link:

[PATCH 3.16 117/217] sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: NeilBrown commit a6ab1e8126d205238defbb55d23661a3a5c6a0d8 upstream. sunrpc_cache_pipe_upcall() can detect a race if CACHE_PENDING is no longer set. In this case it aborts the queuing of the

[PATCH 3.16 109/217] HID: i2c-hid: fix OOB write in i2c_hid_set_or_send_report()

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Dmitry Torokhov commit 3b654288b196ceaa156029d9457ccbded0489b98 upstream. Even though hid_hw_* checks that passed in data_len is less than HID_MAX_BUFFER_SIZE it is not enough, as i2c-hid

[PATCH 3.16 125/217] tracing: Fix crash from reading trace_pipe with sendfile

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "Steven Rostedt (Red Hat)" commit a29054d9478d0435ab01b7544da4f674ab13f533 upstream. If tracing contains data and the trace_pipe file is read with sendfile(), then it can

[PATCH 3.16 118/217] Input: ims-pcu - sanity check against missing interfaces

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Oliver Neukum commit a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff upstream. A malicious device missing interface can make the driver oops. Add sanity checking. Signed-off-by:

[PATCH 3.16 125/217] tracing: Fix crash from reading trace_pipe with sendfile

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "Steven Rostedt (Red Hat)" commit a29054d9478d0435ab01b7544da4f674ab13f533 upstream. If tracing contains data and the trace_pipe file is read with sendfile(), then it can trigger a NULL

[PATCH 3.16 118/217] Input: ims-pcu - sanity check against missing interfaces

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Oliver Neukum commit a0ad220c96692eda76b2e3fd7279f3dcd1d8a8ff upstream. A malicious device missing interface can make the driver oops. Add sanity checking. Signed-off-by: Oliver Neukum

[PATCH 3.16 094/217] ALSA: hda - Add new GPU codec ID 0x10de0083 to snd-hda

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Aaron Plattner commit 3ec622f40913ae036f218e5e7e92df9c1f1753d9 upstream. Vendor ID 0x10de0083 is used by a yet-to-be-named GPU chip. This chip also has the 2-ch audio

[PATCH 3.16 094/217] ALSA: hda - Add new GPU codec ID 0x10de0083 to snd-hda

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Aaron Plattner commit 3ec622f40913ae036f218e5e7e92df9c1f1753d9 upstream. Vendor ID 0x10de0083 is used by a yet-to-be-named GPU chip. This chip also has the 2-ch audio swapping bug, so

[PATCH 3.16 129/217] tunnels: Don't apply GRO to multiple layers of encapsulation.

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Jesse Gross commit fac8e0f579695a3ecbc4d3cac369139d7f819971 upstream. When drivers express support for TSO of encapsulated packets, they only mean that they can do it for

Re: [PATCH v5 4/4] printk/nmi: flush NMI messages on the system panic

On (04/26/16 16:21), Petr Mladek wrote: [..] > > move printk_nmi_flush_on_panic() to printk.c, and place it next to > > printk_flush_on_panic() (so we will have two printk "flush-on-panic" > > functions sitting together). /* printk_nmi_flush() is in printk.h, > > so it's visible to printk anyway

[PATCH 3.16 073/217] perf/x86/intel: Fix PEBS warning by only restoring active PMU in pmi

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Kan Liang commit c3d266c8a9838cc141b69548bc3b1b18808ae8c4 upstream. This patch tries to fix a PEBS warning found in my stress test. The following perf command can easily

[PATCH 3.16 129/217] tunnels: Don't apply GRO to multiple layers of encapsulation.

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Jesse Gross commit fac8e0f579695a3ecbc4d3cac369139d7f819971 upstream. When drivers express support for TSO of encapsulated packets, they only mean that they can do it for one layer of

Re: [PATCH v5 4/4] printk/nmi: flush NMI messages on the system panic

On (04/26/16 16:21), Petr Mladek wrote: [..] > > move printk_nmi_flush_on_panic() to printk.c, and place it next to > > printk_flush_on_panic() (so we will have two printk "flush-on-panic" > > functions sitting together). /* printk_nmi_flush() is in printk.h, > > so it's visible to printk anyway

[PATCH 3.16 073/217] perf/x86/intel: Fix PEBS warning by only restoring active PMU in pmi

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Kan Liang commit c3d266c8a9838cc141b69548bc3b1b18808ae8c4 upstream. This patch tries to fix a PEBS warning found in my stress test. The following perf command can easily trigger the pebs

[PATCH 3.16 127/217] ethernet: micrel: fix some error codes

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Dan Carpenter commit 3af0d554c1ce11e9d0953381ff566271f9ab81a9 upstream. There were two issues here: 1) dma_mapping_error() return true/false but we want to return

[PATCH 3.16 127/217] ethernet: micrel: fix some error codes

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Dan Carpenter commit 3af0d554c1ce11e9d0953381ff566271f9ab81a9 upstream. There were two issues here: 1) dma_mapping_error() return true/false but we want to return -ENOMEM 2) If

[PATCH 3.16 152/217] usb: renesas_usbhs: disable TX IRQ before starting TX DMAC transfer

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Yoshihiro Shimoda commit 6490865c67825277b29638e839850882600b48ec upstream. This patch adds a code to surely disable TX IRQ of the pipe before starting TX

[PATCH 3.16 152/217] usb: renesas_usbhs: disable TX IRQ before starting TX DMAC transfer

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Yoshihiro Shimoda commit 6490865c67825277b29638e839850882600b48ec upstream. This patch adds a code to surely disable TX IRQ of the pipe before starting TX DMAC transfer. Otherwise, a lot of

[PATCH 3.16 207/217] xfrm: Fix crash observed during device unregistration and decryption

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "subas...@codeaurora.org" [ Upstream commit 071d36bf21bcc837be00cea55bcef8d129e7f609 ] A crash is observed when a decrypted packet is processed in receive path.

[PATCH 3.16 207/217] xfrm: Fix crash observed during device unregistration and decryption

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "subas...@codeaurora.org" [ Upstream commit 071d36bf21bcc837be00cea55bcef8d129e7f609 ] A crash is observed when a decrypted packet is processed in receive path. get_rps_cpus() tries to

[PATCH 3.16 158/217] sd: Fix excessive capacity printing on devices with blocks bigger than 512 bytes

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "Martin K. Petersen" commit f08bb1e0dbdd0297258d0b8cd4dbfcc057e57b2a upstream. During revalidate we check whether device capacity has changed before we decide

[PATCH 3.16 158/217] sd: Fix excessive capacity printing on devices with blocks bigger than 512 bytes

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: "Martin K. Petersen" commit f08bb1e0dbdd0297258d0b8cd4dbfcc057e57b2a upstream. During revalidate we check whether device capacity has changed before we decide whether to output disk

[PATCH 3.16 128/217] net: bcmgenet: fix dma api length mismatch

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet commit eee577232203842b4dcadb7ab477a298479633ed upstream. When un-mapping skb->data in __bcmgenet_tx_reclaim(), we must use the length that was used in

[PATCH 3.16 115/217] ppp: ensure file->private_data can't be overridden

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Guillaume Nault commit e8e56ffd9d2973398b60ece1f1bebb8d67b4d032 upstream. Locking ppp_mutex must be done before dereferencing file->private_data, otherwise it could be

[PATCH 3.16 115/217] ppp: ensure file->private_data can't be overridden

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Guillaume Nault commit e8e56ffd9d2973398b60ece1f1bebb8d67b4d032 upstream. Locking ppp_mutex must be done before dereferencing file->private_data, otherwise it could be modified before

[PATCH 3.16 128/217] net: bcmgenet: fix dma api length mismatch

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet commit eee577232203842b4dcadb7ab477a298479633ed upstream. When un-mapping skb->data in __bcmgenet_tx_reclaim(), we must use the length that was used in original dma_map_single(),

[PATCH 3.16 126/217] splice: handle zero nr_pages in splice_to_pipe()

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Rabin Vincent commit d6785d9152147596f60234157da2b02540c3e60f upstream. Running the following command: busybox cat /sys/kernel/debug/tracing/trace_pipe > /dev/null with any

[PATCH 3.16 217/217] crypto: gcm - Fix rfc4543 decryption crash

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Herbert Xu This bug has already bee fixed upstream since 4.2. However, it was fixed during the AEAD conversion so no fix was backported to the older kernels.

[PATCH 3.16 126/217] splice: handle zero nr_pages in splice_to_pipe()

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Rabin Vincent commit d6785d9152147596f60234157da2b02540c3e60f upstream. Running the following command: busybox cat /sys/kernel/debug/tracing/trace_pipe > /dev/null with any tracing enabled

[PATCH 3.16 217/217] crypto: gcm - Fix rfc4543 decryption crash

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Herbert Xu This bug has already bee fixed upstream since 4.2. However, it was fixed during the AEAD conversion so no fix was backported to the older kernels. [bwh: The upstream commit was

[PATCH 3.16 141/217] ideapad-laptop: Add ideapad Y700 (15) to the no_hw_rfkill DMI list

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: John Dahlstrom commit 4db9675d927a71faa66e5ab128d2390d6329750b upstream. Some Lenovo ideapad models lack a physical rfkill switch. On Lenovo models ideapad Y700 Touch-15ISK

[PATCH 3.16 141/217] ideapad-laptop: Add ideapad Y700 (15) to the no_hw_rfkill DMI list

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: John Dahlstrom commit 4db9675d927a71faa66e5ab128d2390d6329750b upstream. Some Lenovo ideapad models lack a physical rfkill switch. On Lenovo models ideapad Y700 Touch-15ISK and ideapad

[PATCH 3.16 176/217] parisc: Avoid function pointers for kernel exception routines

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Helge Deller commit e3893027a300927049efc1572f852201eb785142 upstream. We want to avoid the kernel module loader to create function pointers for the kernel fixup routines of

[PATCH 3.16 176/217] parisc: Avoid function pointers for kernel exception routines

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Helge Deller commit e3893027a300927049efc1572f852201eb785142 upstream. We want to avoid the kernel module loader to create function pointers for the kernel fixup routines of get_user() and

[PATCH 3.16 192/217] qmi_wwan: add Sierra Wireless MC74xx/EM74xx

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Bjørn Mork commit 0db65fcfcded76fe4f74e3ca9f4e2baf67b683ef upstream. New device IDs shamelessly lifted from the vendor driver. Signed-off-by: Bjørn Mork

[PATCH 3.16 180/217] netfilter: x_tables: make sure e->next_offset covers remaining blob size

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Florian Westphal commit 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 upstream. Otherwise this function may read data beyond the ruleset blob. Signed-off-by: Florian Westphal

[PATCH 3.16 116/217] x86/iopl: Fix iopl capability check on Xen PV

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Andy Lutomirski commit c29016cf41fe9fa994a5ecca607cf5f1cd98801e upstream. iopl(3) is supposed to work if iopl is already 3, even if unprivileged. This didn't work right on

[PATCH 3.16 192/217] qmi_wwan: add Sierra Wireless MC74xx/EM74xx

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Bjørn Mork commit 0db65fcfcded76fe4f74e3ca9f4e2baf67b683ef upstream. New device IDs shamelessly lifted from the vendor driver. Signed-off-by: Bjørn Mork Signed-off-by: David S. Miller

[PATCH 3.16 180/217] netfilter: x_tables: make sure e->next_offset covers remaining blob size

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Florian Westphal commit 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 upstream. Otherwise this function may read data beyond the ruleset blob. Signed-off-by: Florian Westphal Signed-off-by:

[PATCH 3.16 116/217] x86/iopl: Fix iopl capability check on Xen PV

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Andy Lutomirski commit c29016cf41fe9fa994a5ecca607cf5f1cd98801e upstream. iopl(3) is supposed to work if iopl is already 3, even if unprivileged. This didn't work right on Xen PV. Fix it.

[PATCH 3.16 179/217] netfilter: x_tables: validate e->target_offset early

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Florian Westphal commit bdf533de6968e9686df777dc178486f600c6e617 upstream. We should check that e->target_offset is sane before mark_source_chains gets called since it will

[PATCH 3.16 189/217] sctp: lack the check for ports in sctp_v6_cmp_addr

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Xin Long [ Upstream commit 40b4f0fd74e46c017814618d67ec9127ff20f157 ] As the member .cmp_addr of sctp_af_inet6, sctp_v6_cmp_addr should also check the port of addresses,

[PATCH 3.16 179/217] netfilter: x_tables: validate e->target_offset early

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Florian Westphal commit bdf533de6968e9686df777dc178486f600c6e617 upstream. We should check that e->target_offset is sane before mark_source_chains gets called since it will fetch the target

[PATCH 3.16 189/217] sctp: lack the check for ports in sctp_v6_cmp_addr

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Xin Long [ Upstream commit 40b4f0fd74e46c017814618d67ec9127ff20f157 ] As the member .cmp_addr of sctp_af_inet6, sctp_v6_cmp_addr should also check the port of addresses, just like

[PATCH 3.16 195/217] net: qmi_wwan: Add SIMCom 7230E

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Kristian Evensen commit 18715b261541f35ccede9b8686ee3ebaac697d38 upstream. SIMCom 7230E is a QMI LTE module with support for most "normal" bands. Manual testing

[PATCH 3.16 195/217] net: qmi_wwan: Add SIMCom 7230E

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Kristian Evensen commit 18715b261541f35ccede9b8686ee3ebaac697d38 upstream. SIMCom 7230E is a QMI LTE module with support for most "normal" bands. Manual testing has showed that only interface

[PATCH 3.16 188/217] net: jme: fix suspend/resume on JMC260

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Diego Viola [ Upstream commit ee50c130c82175eaa0820c96b6d3763928af2241 ] The JMC260 network card fails to suspend/resume because the call to jme_start_irq() was too

[PATCH 3.16 188/217] net: jme: fix suspend/resume on JMC260

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Diego Viola [ Upstream commit ee50c130c82175eaa0820c96b6d3763928af2241 ] The JMC260 network card fails to suspend/resume because the call to jme_start_irq() was too early, moving the call to

[PATCH 3.16 170/217] Btrfs: fix file/data loss caused by fsync after rename and new inode

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit 56f23fdbb600e6087db7b009775b95ce07cc3195 upstream. If we rename an inode A (be it a file or a directory), create a new inode B with the old name of

[PATCH 3.16 170/217] Btrfs: fix file/data loss caused by fsync after rename and new inode

3.16.35-rc1 review patch. If anyone has any objections, please let me know. -- From: Filipe Manana commit 56f23fdbb600e6087db7b009775b95ce07cc3195 upstream. If we rename an inode A (be it a file or a directory), create a new inode B with the old name of inode A and under the

<    1   2   3   4   5   6   7   8   9   10   >