[PATCH 4.9 128/171] rxrpc: Only take the rwind and mtu values from latest ACK

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 298bc15b2079c324e82d0a6fda39c3d762af7282 ] Move the out-of-order and duplicate ACK packet check to before the call to rxrpc_input_ackinfo() so that the receive window size and MTU

[PATCH 4.9 128/171] rxrpc: Only take the rwind and mtu values from latest ACK

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 298bc15b2079c324e82d0a6fda39c3d762af7282 ] Move the out-of-order and duplicate ACK packet check to before the call to rxrpc_input_ackinfo() so that the receive window size and MTU

[PATCH 4.9 107/171] l2tp: remove configurable payload offset

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 900631ee6a2651dc4fbaecb8ef9fa5f1e3378853 ] If L2TP_ATTR_OFFSET is set to a non-zero value in L2TPv3 tunnels, it results in L2TPv3 packets being transmitted which might not be

[PATCH 4.9 107/171] l2tp: remove configurable payload offset

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 900631ee6a2651dc4fbaecb8ef9fa5f1e3378853 ] If L2TP_ATTR_OFFSET is set to a non-zero value in L2TPv3 tunnels, it results in L2TPv3 packets being transmitted which might not be

[PATCH 4.9 109/171] perf/core: Fix locking for children siblings group read

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 2aeb1883547626d82c597cce2c99f0b9c62e2425 ] We're missing ctx lock when iterating children siblings within the perf_read path for group reading. Following race and crash can happen:

[PATCH 4.9 142/171] net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Niklas Cassel [ Upstream commit 30549aab146ccb1275230c3b4b4bc6b4181fd54e ] When building stmmac, it is only possible to select CONFIG_DWMAC_GENERIC, or any of the glue drivers, when

[PATCH 4.9 109/171] perf/core: Fix locking for children siblings group read

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 2aeb1883547626d82c597cce2c99f0b9c62e2425 ] We're missing ctx lock when iterating children siblings within the perf_read path for group reading. Following race and crash can happen:

[PATCH 4.9 142/171] net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Niklas Cassel [ Upstream commit 30549aab146ccb1275230c3b4b4bc6b4181fd54e ] When building stmmac, it is only possible to select CONFIG_DWMAC_GENERIC, or any of the glue drivers, when

[PATCH 4.9 101/171] i40e: avoid NVM acquire deadlock during NVM update

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 09f79fd49d94cda5837e9bfd0cb32b3b6d9f ] X722 devices use the AdminQ to access the NVM, and this requires taking the AdminQ lock. Because of this, we lock the AdminQ during

[PATCH 4.9 110/171] cifs: Use ULL suffix for 64-bit constant

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 3995bbf53bd2047f2720c6fdd4bf38f6d942a0c0 ] On 32-bit (e.g. with m68k-linux-gnu-gcc-4.1): fs/cifs/inode.c: In function ‘simple_hashstr’: fs/cifs/inode.c:713: warning: integer

[PATCH 4.9 101/171] i40e: avoid NVM acquire deadlock during NVM update

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 09f79fd49d94cda5837e9bfd0cb32b3b6d9f ] X722 devices use the AdminQ to access the NVM, and this requires taking the AdminQ lock. Because of this, we lock the AdminQ during

[PATCH 4.9 110/171] cifs: Use ULL suffix for 64-bit constant

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 3995bbf53bd2047f2720c6fdd4bf38f6d942a0c0 ] On 32-bit (e.g. with m68k-linux-gnu-gcc-4.1): fs/cifs/inode.c: In function ‘simple_hashstr’: fs/cifs/inode.c:713: warning: integer

[PATCH 4.9 145/171] sctp: fix race on sctp_id2asoc

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Marcelo Ricardo Leitner [ Upstream commit b336decab22158937975293aea79396525f92bb3 ] syzbot reported an use-after-free involving sctp_id2asoc. Dmitry Vyukov helped to root cause it and it is

[PATCH 4.9 144/171] r8169: fix NAPI handling under high load

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Heiner Kallweit [ Upstream commit 6b839b6cf9eada30b086effb51e5d6076bafc761 ] rtl_rx() and rtl_tx() are called only if the respective bits are set in the interrupt status register. Under high

[PATCH 4.9 145/171] sctp: fix race on sctp_id2asoc

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Marcelo Ricardo Leitner [ Upstream commit b336decab22158937975293aea79396525f92bb3 ] syzbot reported an use-after-free involving sctp_id2asoc. Dmitry Vyukov helped to root cause it and it is

[PATCH 4.9 144/171] r8169: fix NAPI handling under high load

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Heiner Kallweit [ Upstream commit 6b839b6cf9eada30b086effb51e5d6076bafc761 ] rtl_rx() and rtl_tx() are called only if the respective bits are set in the interrupt status register. Under high

[PATCH 4.9 143/171] net: udp: fix handling of CHECKSUM_COMPLETE packets

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sean Tranchetti [ Upstream commit db4f1be3ca9b0ef7330763d07bf4ace83ad6f913 ] Current handling of CHECKSUM_COMPLETE packets by the UDP stack is incorrect for any packet that has an incorrect

[PATCH 4.9 143/171] net: udp: fix handling of CHECKSUM_COMPLETE packets

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Sean Tranchetti [ Upstream commit db4f1be3ca9b0ef7330763d07bf4ace83ad6f913 ] Current handling of CHECKSUM_COMPLETE packets by the UDP stack is incorrect for any packet that has an incorrect

[PATCH 4.9 148/171] bonding: fix length of actor system

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tobias Jungel [ Upstream commit 414dd6fb9a1a1b59983aea7bf0f79f0085ecc5b8 ] The attribute IFLA_BOND_AD_ACTOR_SYSTEM is sent to user space having the length of

[PATCH 4.9 133/171] perf tools: Disable parallelism for make clean

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit da15fc2fa9c07b23db8f5e479bd8a9f0d741ca07 ] The Yocto build system does a 'make clean' when rebuilding due to changed dependencies, and that consistently fails for me (causing the

[PATCH 4.9 133/171] perf tools: Disable parallelism for make clean

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit da15fc2fa9c07b23db8f5e479bd8a9f0d741ca07 ] The Yocto build system does a 'make clean' when rebuilding due to changed dependencies, and that consistently fails for me (causing the

[PATCH 4.9 148/171] bonding: fix length of actor system

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tobias Jungel [ Upstream commit 414dd6fb9a1a1b59983aea7bf0f79f0085ecc5b8 ] The attribute IFLA_BOND_AD_ACTOR_SYSTEM is sent to user space having the length of

[PATCH 4.9 147/171] ethtool: fix a privilege escalation bug

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Wenwen Wang [ Upstream commit 58f5bbe331c566f49c9559568f982202a278aa78 ] In dev_ethtool(), the eth command 'ethcmd' is firstly copied from the use-space buffer 'useraddr' and checked to see

[PATCH 4.9 147/171] ethtool: fix a privilege escalation bug

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Wenwen Wang [ Upstream commit 58f5bbe331c566f49c9559568f982202a278aa78 ] In dev_ethtool(), the eth command 'ethcmd' is firstly copied from the use-space buffer 'useraddr' and checked to see

[PATCH 4.9 149/171] net: drop skb on failure in ip_check_defrag()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Cong Wang [ Upstream commit 7de414a9dd91426318df7b63da024b2b07e53df5 ] Most callers of pskb_trim_rcsum() simply drop the skb when it fails, however, ip_check_defrag() still continues to pass

[PATCH 4.9 146/171] vhost: Fix Spectre V1 vulnerability

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jason Wang [ Upstream commit ff002269a4ee9c769dbf9365acef633ebcbd6cbe ] The idx in vhost_vring_ioctl() was controlled by userspace, hence a potential exploitation of the Spectre variant 1

[PATCH 4.9 150/171] net: fix pskb_trim_rcsum_slow() with odd trim offset

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Dimitris Michailidis [ Upstream commit d55bef5059dd057bd077155375c581b49d25be7e ] We've been getting checksum errors involving small UDP packets, usually 59B packets with 1 extra non-zero

[PATCH 4.9 146/171] vhost: Fix Spectre V1 vulnerability

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jason Wang [ Upstream commit ff002269a4ee9c769dbf9365acef633ebcbd6cbe ] The idx in vhost_vring_ioctl() was controlled by userspace, hence a potential exploitation of the Spectre variant 1

[PATCH 4.9 150/171] net: fix pskb_trim_rcsum_slow() with odd trim offset

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Dimitris Michailidis [ Upstream commit d55bef5059dd057bd077155375c581b49d25be7e ] We've been getting checksum errors involving small UDP packets, usually 59B packets with 1 extra non-zero

[PATCH 4.9 149/171] net: drop skb on failure in ip_check_defrag()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Cong Wang [ Upstream commit 7de414a9dd91426318df7b63da024b2b07e53df5 ] Most callers of pskb_trim_rcsum() simply drop the skb when it fails, however, ip_check_defrag() still continues to pass

[PATCH 4.9 158/171] cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Al Viro commit 169b803397499be85bdd1e3d07d6f5e3d4bd669e upstream. the victim might've been rmdir'ed just before the lock_rename(); unlike the normal callers, we do not look the source up after

[PATCH 4.9 156/171] gpio: mxs: Get rid of external API call

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 833eacc7b5913da9896bacd30db7d490aa777868 ] The MXS driver was calling back into the GPIO API from its irqchip. This is not very elegant, as we are a driver, let's just shortcut back

[PATCH 4.9 151/171] rtnetlink: Disallow FDB configuration for non-Ethernet device

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Ido Schimmel [ Upstream commit da71577545a52be3e0e9225a946e5fd79cfab015 ] When an FDB entry is configured, the address is validated to have the length of an Ethernet address, but the device

[PATCH 4.9 153/171] Revert "x86/mm: Expand static page table for fixmap space"

4.9-stable review patch. If anyone has any objections, please let me know. -- This reverts commit 3a8304b7ad2e291777e8499e39390145d932a2fd, which was upstream commit 05ab1d8a4b36ee912b7087c6da127439ed0a903e. Ben Hutchings writes: This backport is incorrect. The part that

[PATCH 4.9 153/171] Revert "x86/mm: Expand static page table for fixmap space"

4.9-stable review patch. If anyone has any objections, please let me know. -- This reverts commit 3a8304b7ad2e291777e8499e39390145d932a2fd, which was upstream commit 05ab1d8a4b36ee912b7087c6da127439ed0a903e. Ben Hutchings writes: This backport is incorrect. The part that

[PATCH 4.9 158/171] cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Al Viro commit 169b803397499be85bdd1e3d07d6f5e3d4bd669e upstream. the victim might've been rmdir'ed just before the lock_rename(); unlike the normal callers, we do not look the source up after

[PATCH 4.9 156/171] gpio: mxs: Get rid of external API call

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 833eacc7b5913da9896bacd30db7d490aa777868 ] The MXS driver was calling back into the GPIO API from its irqchip. This is not very elegant, as we are a driver, let's just shortcut back

[PATCH 4.9 151/171] rtnetlink: Disallow FDB configuration for non-Ethernet device

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Ido Schimmel [ Upstream commit da71577545a52be3e0e9225a946e5fd79cfab015 ] When an FDB entry is configured, the address is validated to have the length of an Ethernet address, but the device

[PATCH 4.9 135/171] net: bridge: remove ipv6 zero address check in mcast queries

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Nikolay Aleksandrov commit 0fe5119e267f3e3d8ac206895f5922195ec55a8a upstream. Recently a check was added which prevents marking of routers with zero source address, but for IPv6 that cannot

[PATCH 4.9 136/171] ipv6: mcast: fix a use-after-free in inet6_mc_check

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit dc012f3628eaecfb5ba68404a5c30ef501daf63d ] syzbot found a use-after-free in inet6_mc_check [1] The problem here is that inet6_mc_check() uses rcu and

[PATCH 4.9 157/171] xfs: truncate transaction does not modify the inobt

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit a606ebdb859e78beb757dfefa08001df366e2ef5 ] The truncate transaction does not ever modify the inode btree, but includes an associated log reservation. Update

[PATCH 4.9 140/171] net: sched: gred: pass the right attribute to gred_change_table_def()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jakub Kicinski [ Upstream commit 38b4f18d56372e1e21771ab7b0357b853330186c ] gred_change_table_def() takes a pointer to TCA_GRED_DPS attribute, and expects it will be able to interpret its

[PATCH 4.9 139/171] net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs

4.9-stable review patch. If anyone has any objections, please let me know. -- From: David Ahern [ Upstream commit 4ba4c566ba8448a05e6257e0b98a21f1a0d55315 ] The loop wants to skip previously dumped addresses, so loops until current index >= saved index. If the message fills

[PATCH 4.9 136/171] ipv6: mcast: fix a use-after-free in inet6_mc_check

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Eric Dumazet [ Upstream commit dc012f3628eaecfb5ba68404a5c30ef501daf63d ] syzbot found a use-after-free in inet6_mc_check [1] The problem here is that inet6_mc_check() uses rcu and

[PATCH 4.9 157/171] xfs: truncate transaction does not modify the inobt

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit a606ebdb859e78beb757dfefa08001df366e2ef5 ] The truncate transaction does not ever modify the inode btree, but includes an associated log reservation. Update

[PATCH 4.9 140/171] net: sched: gred: pass the right attribute to gred_change_table_def()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Jakub Kicinski [ Upstream commit 38b4f18d56372e1e21771ab7b0357b853330186c ] gred_change_table_def() takes a pointer to TCA_GRED_DPS attribute, and expects it will be able to interpret its

[PATCH 4.9 139/171] net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs

4.9-stable review patch. If anyone has any objections, please let me know. -- From: David Ahern [ Upstream commit 4ba4c566ba8448a05e6257e0b98a21f1a0d55315 ] The loop wants to skip previously dumped addresses, so loops until current index >= saved index. If the message fills

[PATCH 4.9 135/171] net: bridge: remove ipv6 zero address check in mcast queries

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Nikolay Aleksandrov commit 0fe5119e267f3e3d8ac206895f5922195ec55a8a upstream. Recently a check was added which prevents marking of routers with zero source address, but for IPv6 that cannot

[PATCH 4.9 166/171] Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mikhail Nikiforov commit 13c1c5e4d7f887cba36c5e3df3faa22071c1469f upstream. Add ELAN061C to the ACPI table to support Elan touchpad found in Lenovo IdeaPad 330-15IGM. Signed-off-by: Mikhail

[PATCH 4.9 168/171] x86/percpu: Fix this_cpu_read()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Peter Zijlstra commit b59167ac7bafd804c91e49ad53c6d33a7394d4c8 upstream. Eric reported that a sequence count loop using this_cpu_read() got optimized out. This is wrong, this_cpu_read() must

[PATCH 4.9 166/171] Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Mikhail Nikiforov commit 13c1c5e4d7f887cba36c5e3df3faa22071c1469f upstream. Add ELAN061C to the ACPI table to support Elan touchpad found in Lenovo IdeaPad 330-15IGM. Signed-off-by: Mikhail

[PATCH 4.9 168/171] x86/percpu: Fix this_cpu_read()

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Peter Zijlstra commit b59167ac7bafd804c91e49ad53c6d33a7394d4c8 upstream. Eric reported that a sequence count loop using this_cpu_read() got optimized out. This is wrong, this_cpu_read() must

[PATCH 4.9 159/171] ptp: fix Spectre v1 vulnerability

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit efa61c8cf2950ab5c0e66cff3cabe2a2b24e81ba upstream. pin_index can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.9 134/171] bridge: do not add port to router list when receives query with source 0.0.0.0

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Hangbin Liu commit 5a2de63fd1a59c30c02526d427bc014b98adf508 upstream. Based on RFC 4541, 2.1.1. IGMP Forwarding Rules The switch supporting IGMP snooping must maintain a list of

[PATCH 4.9 162/171] IB/ucm: Fix Spectre v1 vulnerability

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit 0295e39595e1146522f2722715dba7f7fba42217 upstream. hdr.cmd can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.9 160/171] drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kai-Heng Feng commit 0711a43b6d84ff9189adfbf83c8bbf56eef794bf upstream. There's another panel that reports "DFP 1.x compliant TMDS" but it supports 6bpc instead of 8 bpc. Apply 6 bpc quirk

[PATCH 4.9 160/171] drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Kai-Heng Feng commit 0711a43b6d84ff9189adfbf83c8bbf56eef794bf upstream. There's another panel that reports "DFP 1.x compliant TMDS" but it supports 6bpc instead of 8 bpc. Apply 6 bpc quirk

[PATCH 4.9 159/171] ptp: fix Spectre v1 vulnerability

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit efa61c8cf2950ab5c0e66cff3cabe2a2b24e81ba upstream. pin_index can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.9 134/171] bridge: do not add port to router list when receives query with source 0.0.0.0

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Hangbin Liu commit 5a2de63fd1a59c30c02526d427bc014b98adf508 upstream. Based on RFC 4541, 2.1.1. IGMP Forwarding Rules The switch supporting IGMP snooping must maintain a list of

[PATCH 4.9 162/171] IB/ucm: Fix Spectre v1 vulnerability

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit 0295e39595e1146522f2722715dba7f7fba42217 upstream. hdr.cmd can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.9 163/171] cdc-acm: correct counting of UART states in serial state notification

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tobias Herzog commit f976d0e5747ca65ccd0fb2a4118b193d70aa1836 upstream. The usb standard ("Universal Serial Bus Class Definitions for Communication Devices") distiguishes between "consistent

[PATCH 4.14 11/31] cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Al Viro commit 169b803397499be85bdd1e3d07d6f5e3d4bd669e upstream. the victim might've been rmdir'ed just before the lock_rename(); unlike the normal callers, we do not look the source up

[PATCH 4.9 169/171] x86/time: Correct the attribute on jiffies definition

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Nathan Chancellor commit 53c13ba8ed39e89f21a0b98f4c8a241bb44e483d upstream. Clang warns that the declaration of jiffies in include/linux/jiffies.h doesn't match the definition in

[PATCH 4.9 163/171] cdc-acm: correct counting of UART states in serial state notification

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Tobias Herzog commit f976d0e5747ca65ccd0fb2a4118b193d70aa1836 upstream. The usb standard ("Universal Serial Bus Class Definitions for Communication Devices") distiguishes between "consistent

[PATCH 4.14 11/31] cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Al Viro commit 169b803397499be85bdd1e3d07d6f5e3d4bd669e upstream. the victim might've been rmdir'ed just before the lock_rename(); unlike the normal callers, we do not look the source up

[PATCH 4.9 169/171] x86/time: Correct the attribute on jiffies definition

4.9-stable review patch. If anyone has any objections, please let me know. -- From: Nathan Chancellor commit 53c13ba8ed39e89f21a0b98f4c8a241bb44e483d upstream. Clang warns that the declaration of jiffies in include/linux/jiffies.h doesn't match the definition in

[PATCH 4.9 171/171] posix-timers: Sanitize overrun handling

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 78c9c4dfbf8c04883941445a195276bb4bb92c76 ] The posix timer overrun handling is broken because the forwarding functions can return a huge number of overruns which does not fit in an

[PATCH 4.14 13/31] drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Kai-Heng Feng commit 0711a43b6d84ff9189adfbf83c8bbf56eef794bf upstream. There's another panel that reports "DFP 1.x compliant TMDS" but it supports 6bpc instead of 8 bpc. Apply 6 bpc quirk

[PATCH 4.9 170/171] net: fs_enet: do not call phy_stop() in interrupts

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit f8b39039cbf2a15f2b8c9f081e1cbd5dee00aaf5 ] In case of TX timeout, fs_timeout() calls phy_stop(), which triggers the following BUG_ON() as we are in interrupt. [92708.199889] kernel

[PATCH 4.14 13/31] drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Kai-Heng Feng commit 0711a43b6d84ff9189adfbf83c8bbf56eef794bf upstream. There's another panel that reports "DFP 1.x compliant TMDS" but it supports 6bpc instead of 8 bpc. Apply 6 bpc quirk

[PATCH 4.9 170/171] net: fs_enet: do not call phy_stop() in interrupts

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit f8b39039cbf2a15f2b8c9f081e1cbd5dee00aaf5 ] In case of TX timeout, fs_timeout() calls phy_stop(), which triggers the following BUG_ON() as we are in interrupt. [92708.199889] kernel

[PATCH 4.9 171/171] posix-timers: Sanitize overrun handling

4.9-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 78c9c4dfbf8c04883941445a195276bb4bb92c76 ] The posix timer overrun handling is broken because the forwarding functions can return a huge number of overruns which does not fit in an

[PATCH 4.14 17/31] IB/ucm: Fix Spectre v1 vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit 0295e39595e1146522f2722715dba7f7fba42217 upstream. hdr.cmd can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.14 17/31] IB/ucm: Fix Spectre v1 vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit 0295e39595e1146522f2722715dba7f7fba42217 upstream. hdr.cmd can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.14 12/31] ptp: fix Spectre v1 vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit efa61c8cf2950ab5c0e66cff3cabe2a2b24e81ba upstream. pin_index can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.14 16/31] RDMA/ucma: Fix Spectre v1 vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit a3671a4f973ee9d9621d60166cc3b037c397d604 upstream. hdr.cmd can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.14 12/31] ptp: fix Spectre v1 vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit efa61c8cf2950ab5c0e66cff3cabe2a2b24e81ba upstream. pin_index can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.14 16/31] RDMA/ucma: Fix Spectre v1 vulnerability

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Gustavo A. R. Silva commit a3671a4f973ee9d9621d60166cc3b037c397d604 upstream. hdr.cmd can be indirectly controlled by user-space, hence leading to a potential exploitation of the Spectre

[PATCH 4.14 07/31] clk: tegra: Add quirk for getting CDEV1/2 clocks on Tegra20

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 5d797111afe12e488e08432fd9b372fae2cc7e93 ] CDEV1 and CDEV2 clocks are a bit special case, their parent clock is created by the pinctrl driver. It should be possible for clk user to

linux-next: Signed-off-by missing for commit in the rdma tree

Hi all, Commit 5736c7c499f1 ("RDMA/rxe: Distinguish between down links and disabled links") is missing a Signed-off-by from its committer. -- Cheers, Stephen Rothwell pgpt_d59gvFav.pgp Description: OpenPGP digital signature

[PATCH 4.14 14/31] drm/edid: VSDB yCBCr420 Deep Color mode bit definitions

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Clint Taylor commit 9068e02f58740778d8270840657f1e250a2cc60f upstream. HDMI Forum VSDB YCBCR420 deep color capability bits are 2:0. Correct definitions in the header for the mask to work

[PATCH 4.14 07/31] clk: tegra: Add quirk for getting CDEV1/2 clocks on Tegra20

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 5d797111afe12e488e08432fd9b372fae2cc7e93 ] CDEV1 and CDEV2 clocks are a bit special case, their parent clock is created by the pinctrl driver. It should be possible for clk user to

linux-next: Signed-off-by missing for commit in the rdma tree

Hi all, Commit 5736c7c499f1 ("RDMA/rxe: Distinguish between down links and disabled links") is missing a Signed-off-by from its committer. -- Cheers, Stephen Rothwell pgpt_d59gvFav.pgp Description: OpenPGP digital signature

[PATCH 4.14 14/31] drm/edid: VSDB yCBCr420 Deep Color mode bit definitions

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Clint Taylor commit 9068e02f58740778d8270840657f1e250a2cc60f upstream. HDMI Forum VSDB YCBCR420 deep color capability bits are 2:0. Correct definitions in the header for the mask to work

[PATCH 4.14 08/31] fsnotify: fix ignore mask logic in fsnotify()

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 9bdda4e9cf2dcecb60a0683b10ffb8cd7e5f2f45 ] Commit 92183a42898d ("fsnotify: fix ignore mask logic in send_to_group()") acknoledges the use case of ignoring an event on an inode mark,

[PATCH 4.14 08/31] fsnotify: fix ignore mask logic in fsnotify()

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 9bdda4e9cf2dcecb60a0683b10ffb8cd7e5f2f45 ] Commit 92183a42898d ("fsnotify: fix ignore mask logic in send_to_group()") acknoledges the use case of ignoring an event on an inode mark,

[PATCH 4.14 03/31] USB: serial: option: improve Quectel EP06 detection

4.14-stable review patch. If anyone has any objections, please let me know. -- commit 36cae568404a298a19a6e8a3f18641075d4cab04 upstream The Quectel EP06 (and EM06/EG06) LTE modem supports updating the USB configuration, without the VID/PID or configuration number changing. When

[PATCH 4.14 03/31] USB: serial: option: improve Quectel EP06 detection

4.14-stable review patch. If anyone has any objections, please let me know. -- commit 36cae568404a298a19a6e8a3f18641075d4cab04 upstream The Quectel EP06 (and EM06/EG06) LTE modem supports updating the USB configuration, without the VID/PID or configuration number changing. When

[PATCH 4.14 06/31] Revert "ARM: tegra: Fix ULPI regression on Tegra20"

4.14-stable review patch. If anyone has any objections, please let me know. -- This reverts commit b39ac54215190bc178ae7de799e74d327a3c1a33. The issue was fixed by upstream commit 5d797111afe1 ("clk: tegra: Add quirk for getting CDEV1/2 clocks on Tegra20"). Signed-off-by:

[PATCH 4.14 05/31] bpf: fix partial copy of map_ptr when dst is scalar

4.14-stable review patch. If anyone has any objections, please let me know. -- commit 0962590e553331db2cc0aef2dc35c57f6300dbbe upstream. ALU operations on pointers such as scalar_reg += map_value_ptr are handled in adjust_ptr_min_max_vals(). Problem is however that map_ptr and

[PATCH 4.14 09/31] gpio: mxs: Get rid of external API call

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 833eacc7b5913da9896bacd30db7d490aa777868 ] The MXS driver was calling back into the GPIO API from its irqchip. This is not very elegant, as we are a driver, let's just shortcut back

[PATCH 4.14 06/31] Revert "ARM: tegra: Fix ULPI regression on Tegra20"

4.14-stable review patch. If anyone has any objections, please let me know. -- This reverts commit b39ac54215190bc178ae7de799e74d327a3c1a33. The issue was fixed by upstream commit 5d797111afe1 ("clk: tegra: Add quirk for getting CDEV1/2 clocks on Tegra20"). Signed-off-by:

[PATCH 4.14 05/31] bpf: fix partial copy of map_ptr when dst is scalar

4.14-stable review patch. If anyone has any objections, please let me know. -- commit 0962590e553331db2cc0aef2dc35c57f6300dbbe upstream. ALU operations on pointers such as scalar_reg += map_value_ptr are handled in adjust_ptr_min_max_vals(). Problem is however that map_ptr and

[PATCH 4.14 09/31] gpio: mxs: Get rid of external API call

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit 833eacc7b5913da9896bacd30db7d490aa777868 ] The MXS driver was calling back into the GPIO API from its irqchip. This is not very elegant, as we are a driver, let's just shortcut back

[PATCH 4.14 00/31] 4.14.80-stable review

This is the start of the stable review cycle for the 4.14.80 release. There are 31 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Nov 10 21:51:09 UTC 2018. Anything

[PATCH 4.14 30/31] x86/fpu: Fix i486 + no387 boot crash by only saving FPU registers on context switch if there is an FPU

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Sebastian Andrzej Siewior commit 2224d616528194b02424c91c2ee254b3d29942c3 upstream. Booting an i486 with "no387 nofxsr" ends with with the following crash: math_emulate: 0060:c101987d

[PATCH 4.14 00/31] 4.14.80-stable review

This is the start of the stable review cycle for the 4.14.80 release. There are 31 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Nov 10 21:51:09 UTC 2018. Anything

[PATCH 4.14 30/31] x86/fpu: Fix i486 + no387 boot crash by only saving FPU registers on context switch if there is an FPU

4.14-stable review patch. If anyone has any objections, please let me know. -- From: Sebastian Andrzej Siewior commit 2224d616528194b02424c91c2ee254b3d29942c3 upstream. Booting an i486 with "no387 nofxsr" ends with with the following crash: math_emulate: 0060:c101987d

[PATCH 4.18 11/34] drm/edid: VSDB yCBCr420 Deep Color mode bit definitions

4.18-stable review patch. If anyone has any objections, please let me know. -- From: Clint Taylor commit 9068e02f58740778d8270840657f1e250a2cc60f upstream. HDMI Forum VSDB YCBCR420 deep color capability bits are 2:0. Correct definitions in the header for the mask to work

[PATCH 4.14 31/31] net: fs_enet: do not call phy_stop() in interrupts

4.14-stable review patch. If anyone has any objections, please let me know. -- [ Upstream commit f8b39039cbf2a15f2b8c9f081e1cbd5dee00aaf5 ] In case of TX timeout, fs_timeout() calls phy_stop(), which triggers the following BUG_ON() as we are in interrupt. [92708.199889] kernel

<    4   5   6   7   8   9   10   11   12   13   >