[PATCH 5.2 111/131] drivers/perf: arm_pmu: Fix failure path in PM notifier

2019-08-05 Thread Greg Kroah-Hartman
From: Will Deacon commit 0d7fd70f26039bd4b33444ca47f0e69ce3ae0354 upstream. Handling of the CPU_PM_ENTER_FAILED transition in the Arm PMU PM notifier code incorrectly skips restoration of the counters. Fix the logic so that CPU_PM_ENTER_FAILED follows the same path as CPU_PM_EXIT. Cc: Fixes: d

[PATCH 5.2 110/131] parisc: Fix build of compressed kernel even with debug enabled

2019-08-05 Thread Greg Kroah-Hartman
From: Helge Deller commit 3fe6c873af2f2247544debdbe51ec29f690a2ccf upstream. With debug info enabled (CONFIG_DEBUG_INFO=y) the resulting vmlinux may get that huge that we need to increase the start addresss for the decompression text section otherwise one will face a linker error. Reported-by:

Re: [PATCH 0/9] arm64: Stolen time support

2019-08-05 Thread Marc Zyngier
On 05/08/2019 14:06, Steven Price wrote: > On 03/08/2019 19:05, Marc Zyngier wrote: >> On Fri, 2 Aug 2019 15:50:08 +0100 >> Steven Price wrote: >> >> Hi Steven, >> >>> This series add support for paravirtualized time for arm64 guests and >>> KVM hosts following the specification in Arm's document

[PATCH 5.2 112/131] arm64: compat: Allow single-byte watchpoints on all addresses

2019-08-05 Thread Greg Kroah-Hartman
From: Will Deacon commit 849adec41203ac5837c40c2d7e08490ffdef3c2c upstream. Commit d968d2b801d8 ("ARM: 7497/1: hw_breakpoint: allow single-byte watchpoints on all addresses") changed the validation requirements for hardware watchpoints on arch/arm/. Update our compat layer to implement the same

[PATCH 5.2 107/131] cgroup: kselftest: relax fs_spec checks

2019-08-05 Thread Greg Kroah-Hartman
From: Chris Down commit b59b1baab789eacdde809135542e3d4f256f6878 upstream. On my laptop most memcg kselftests were being skipped because it claimed cgroup v2 hierarchy wasn't mounted, but this isn't correct. Instead, it seems current systemd HEAD mounts it with the name "cgroup2" instead of "cg

[PATCH 5.2 109/131] parisc: Strip debug info from kernel before creating compressed vmlinuz

2019-08-05 Thread Greg Kroah-Hartman
From: Helge Deller commit e50beea8e7738377b4fa664078547be338038ff9 upstream. Same as on x86-64, strip the .comment, .note and debug sections from the Linux kernel before creating the compressed image for the boot loader. Reported-by: James Bottomley Reported-by: Sven Schnelle Cc: sta...@vger.

[PATCH 5.2 131/131] drm/i915/gvt: fix incorrect cache entry for guest page mapping

2019-08-05 Thread Greg Kroah-Hartman
From: Xiaolin Zhang commit 7366aeb77cd840f3edea02c65065d40affaa7f45 upstream. GPU hang observed during the guest OCL conformance test which is caused by THP GTT feature used durning the test. It was observed the same GFN with different size (4K and 2M) requested from the guest in GVT. So during

[PATCH 5.2 124/131] IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache

2019-08-05 Thread Greg Kroah-Hartman
From: Yishai Hadas commit 9ec4483a3f0f71a228a5933bc040441322bfb090 upstream. Fix unreg_umr to move the MR to a kernel owned PD (i.e. the UMR PD) which can't be accessed by userspace. This ensures that nothing can continue to access the MR once it has been placed in the kernels cache for reuse.

[PATCH 5.2 123/131] IB/mlx5: Use direct mkey destroy command upon UMR unreg failure

2019-08-05 Thread Greg Kroah-Hartman
From: Yishai Hadas commit afd1417404fba6dbfa6c0a8e5763bd348da682e4 upstream. Use a direct firmware command to destroy the mkey in case the unreg UMR operation has failed. This prevents a case that a mkey will leak out from the cache post a failure to be destroyed by a UMR WR. In case the MR ca

[PATCH 5.2 125/131] IB/mlx5: Fix clean_mr() to work in the expected order

2019-08-05 Thread Greg Kroah-Hartman
From: Yishai Hadas commit b9332dad987018745a0c0bb718d12dacfa760489 upstream. Any dma map underlying the MR should only be freed once the MR is fenced at the hardware. As of the above we first destroy the MKEY and just after that can safely call to dma_unmap_single(). Link: https://lore.kernel.

[PATCH 5.2 130/131] drm/i915/perf: fix ICL perf register offsets

2019-08-05 Thread Greg Kroah-Hartman
From: Lionel Landwerlin commit 95eef14cdad150fed43147bcd4f29eea3d0a3f03 upstream. We got the wrong offsets (could they have changed?). New values were computed off an error state by looking up the register offset in the context image as written by the HW. Signed-off-by: Lionel Landwerlin Fixes

[PATCH 5.2 129/131] IB/hfi1: Field not zero-ed when allocating TID flow memory

2019-08-05 Thread Greg Kroah-Hartman
From: Kaike Wan commit dc25b239ebeaa3c58e5ceaa732140427d386aa16 upstream. The field flow->resync_npkts is added for TID RDMA WRITE request and zero-ed when a TID RDMA WRITE RESP packet is received by the requester. This field is used to rewind a request during retry in the function hfi1_tid_rdma

[PATCH 5.2 128/131] IB/hfi1: Drop all TID RDMA READ RESP packets after r_next_psn

2019-08-05 Thread Greg Kroah-Hartman
From: Kaike Wan commit f4d46119f214f9a7620b0d18b153d7e0e8c90b4f upstream. When a TID sequence error occurs while receiving TID RDMA READ RESP packets, all packets after flow->flow_state.r_next_psn should be dropped, including those response packets for subsequent segments. The current implement

[PATCH 5.2 105/131] loop: Fix mount(2) failure due to race with LOOP_SET_FD

2019-08-05 Thread Greg Kroah-Hartman
From: Jan Kara commit 89e524c04fa966330e2e80ab2bc50b9944c5847a upstream. Commit 33ec3e53e7b1 ("loop: Don't change loop device under exclusive opener") made LOOP_SET_FD ioctl acquire exclusive block device reference while it updates loop device binding. However this can make perfectly valid mount

[PATCH 5.2 122/131] IB/mlx5: Fix unreg_umr to ignore the mkey state

2019-08-05 Thread Greg Kroah-Hartman
From: Yishai Hadas commit 6a053953739d23694474a5f9c81d1a30093da81a upstream. Fix unreg_umr to ignore the mkey state and do not fail if was freed. This prevents a case that a user space application already changed the mkey state to free and then the UMR operation will fail leaving the mkey in an

[PATCH 5.2 119/131] xen/gntdev.c: Replace vm_map_pages() with vm_map_pages_zero()

2019-08-05 Thread Greg Kroah-Hartman
From: Souptick Joarder commit 8d1502f629c9966743de45744f4c1ba93a57d105 upstream. 'commit df9bde015a72 ("xen/gntdev.c: convert to use vm_map_pages()")' breaks gntdev driver. If vma->vm_pgoff > 0, vm_map_pages() will: - use map->pages starting at vma->vm_pgoff instead of 0 - verify map->count ag

[PATCH 5.2 120/131] RDMA/bnxt_re: Honor vlan_id in GID entry comparison

2019-08-05 Thread Greg Kroah-Hartman
From: Selvin Xavier commit c56b593d2af4cbd189c6af5fd6790728fade80cc upstream. A GID entry consists of GID, vlan, netdev and smac. Extend GID duplicate check comparisons to consider vlan_id as well to support IPv6 VLAN based link local addresses. Introduce a new structure (bnxt_qplib_gid_info) t

[PATCH 5.2 115/131] clk: mediatek: mt8183: Register 13MHz clock earlier for clocksource

2019-08-05 Thread Greg Kroah-Hartman
From: Weiyi Lu commit c93d059a80450af99dd6c0e8c36790579343675a upstream. The 13MHz clock should be registered before clocksource driver is initialized. Use CLK_OF_DECLARE_DRIVER() to guarantee. Fixes: acddfc2c261b ("clk: mediatek: Add MT8183 clock support") Cc: Signed-off-by: Weiyi Lu Signed-

[PATCH 5.2 114/131] io_uring: fix KASAN use after free in io_sq_wq_submit_work

2019-08-05 Thread Greg Kroah-Hartman
From: Jackie Liu commit d0ee879187df966ef638031b5f5183078d672141 upstream. [root@localhost ~]# ./liburing/test/link QEMU Standard PC report that: [ 29.379892] CPU: 0 PID: 84 Comm: kworker/u2:2 Not tainted 5.3.0-rc2-00051-g4010b622f1d2-dirty #86 [ 29.379902] Hardware name: QEMU Standard PC

[PATCH 5.2 116/131] scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA

2019-08-05 Thread Greg Kroah-Hartman
From: Suganath Prabu commit df9a606184bfdb5ae3ca9d226184e9489f5c24f7 upstream. Although SAS3 & SAS3.5 IT HBA controllers support 64-bit DMA addressing, as per hardware design, if DMA-able range contains all 64-bits set (0x-) then it results in a firmware fault. E.g. SGE's start

[PATCH 5.2 113/131] arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}

2019-08-05 Thread Greg Kroah-Hartman
From: Will Deacon commit 147b9635e6347104b91f48ca9dca61eb0fbf2a54 upstream. If CTR_EL0.{CWG,ERG} are 0b then they must be interpreted to have their architecturally maximum values, which defeats the use of FTR_HIGHER_SAFE when sanitising CPU ID registers on heterogeneous machines. Introduce

[PATCH 5.2 076/131] kbuild: initialize CLANG_FLAGS correctly in the top Makefile

2019-08-05 Thread Greg Kroah-Hartman
From: Masahiro Yamada commit 5241ab4cf42d3a93b933b55d3d53f43049081fa1 upstream. CLANG_FLAGS is initialized by the following line: CLANG_FLAGS := --target=$(notdir $(CROSS_COMPILE:%-=%)) ..., which is run only when CROSS_COMPILE is set. Some build targets (bindeb-pkg etc.) recurse to the

[PATCH 5.2 073/131] dma-direct: correct the physical addr in dma_direct_sync_sg_for_cpu/device

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 449fa54d6815be8c2c1f68fa9dbbae9384a7c03e ] dma_map_sg() may use swiotlb buffer when the kernel command line includes "swiotlb=force" or the dma_addr is out of dev->dma_mask range. After DMA complete the memory moving from device to memory, then user call dma_sync_sg_for_cpu() to

[PATCH 5.2 077/131] kbuild: modpost: include .*.cmd files only when targets exist

2019-08-05 Thread Greg Kroah-Hartman
From: Masahiro Yamada commit 944cfe9be1fbbec73bab2f7e77fe2e8f9c72970f upstream. If a build rule fails, the .DELETE_ON_ERROR special target removes the target, but does nothing for the .*.cmd file, which might be corrupted. So, .*.cmd files should be included only when the corresponding targets e

[PATCH 5.2 104/131] mm/migrate.c: initialize pud_entry in migrate_vma()

2019-08-05 Thread Greg Kroah-Hartman
From: Ralph Campbell commit 7b358c6f12dc82364f6d317f8c8f1d794adbc3f5 upstream. When CONFIG_MIGRATE_VMA_HELPER is enabled, migrate_vma() calls migrate_vma_collect() which initializes a struct mm_walk but didn't initialize mm_walk.pud_entry. (Found by code inspection) Use a C structure initializa

[PATCH 5.2 081/131] dax: Fix missed wakeup in put_unlocked_entry()

2019-08-05 Thread Greg Kroah-Hartman
From: Jan Kara commit 61c30c98ef17e5a330d7bb8494b78b3d6dffe9b8 upstream. The condition checking whether put_unlocked_entry() needs to wake up following waiter got broken by commit 23c84eb78375 ("dax: Fix missed wakeup with PMD faults"). We need to wake the waiter whenever the passed entry is val

[PATCH 5.2 082/131] fgraph: Remove redundant ftrace_graph_notrace_addr() test

2019-08-05 Thread Greg Kroah-Hartman
From: Changbin Du commit 6c77221df96177da0520847ce91e33f539fb8b2d upstream. We already have tested it before. The second one should be removed. With this change, the performance should have little improvement. Link: http://lkml.kernel.org/r/20190730140850.7927-1-changbin...@gmail.com Cc: sta..

[PATCH 5.2 091/131] drm/nouveau: Only release VCPI slots on mode changes

2019-08-05 Thread Greg Kroah-Hartman
From: Lyude Paul commit 412e85b605315fd129a849599cf4a5a7959573a8 upstream. Looks like a regression got introduced into nv50_mstc_atomic_check() that somehow didn't get found until now. If userspace changes crtc_state->active to false but leaves the CRTC enabled, we end up calling drm_dp_atomic_f

[PATCH 5.2 100/131] mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker

2019-08-05 Thread Greg Kroah-Hartman
From: Yang Shi commit fa1e512fac717f34e7c12d7a384c46e90a647392 upstream. Shakeel Butt reported premature oom on kernel with "cgroup_disable=memory" since mem_cgroup_is_root() returns false even though memcg is actually NULL. The drop_caches is also broken. It is because commit aeed1d325d42 ("m

[PATCH 5.2 094/131] i2c: iproc: Fix i2c master read more than 63 bytes

2019-08-05 Thread Greg Kroah-Hartman
From: Rayagonda Kokatanur commit fd01eecdf9591453177d7b06faaabef8c300114a upstream. Use SMBUS_MASTER_DATA_READ.MASTER_RD_STATUS bit to check for RX FIFO empty condition because SMBUS_MASTER_FIFO_CONTROL.MASTER_RX_PKT_COUNT is not updated for read >= 64 bytes. This fixes the issue when trying to

[PATCH 5.2 075/131] kconfig: Clear "written" flag to avoid data loss

2019-08-05 Thread Greg Kroah-Hartman
From: M. Vefa Bicakci commit 0c5b6c28ed68becb692b43eae5e44d5aa7e160ce upstream. Prior to this commit, starting nconfig, xconfig or gconfig, and saving the .config file more than once caused data loss, where a .config file that contained only comments would be written to disk starting from the se

[PATCH 5.2 087/131] gpiolib: Preserve desc->flags when setting state

2019-08-05 Thread Greg Kroah-Hartman
From: Chris Packham commit d95da993383c78f7efd25957ba3af23af4b1c613 upstream. desc->flags may already have values set by of_gpiochip_add() so make sure that this isn't undone when setting the initial direction. Cc: sta...@vger.kernel.org Fixes: 3edfb7bd76bd1cba ("gpiolib: Show correct direction

[PATCH 5.2 088/131] gpio: dont WARN() on NULL descs if gpiolib is disabled

2019-08-05 Thread Greg Kroah-Hartman
From: Bartosz Golaszewski commit ffe0bbabb0cffceceae07484fde1ec2a63b1537c upstream. If gpiolib is disabled, we use the inline stubs from gpio/consumer.h instead of regular definitions of GPIO API. The stubs for 'optional' variants of gpiod_get routines return NULL in this case as if the relevant

[PATCH 5.2 096/131] i2c: at91: fix clk_offset for sama5d2

2019-08-05 Thread Greg Kroah-Hartman
From: Michał Mirosław commit b1ac6704493fa14b5dc19eb6b69a73932361a131 upstream. In SAMA5D2 datasheet, TWIHS_CWGR register rescription mentions clock offset of 3 cycles (compared to 4 in eg. SAMA5D3). Cc: sta...@vger.kernel.org # 5.2.x [needs applying to i2c-at91.c instead for earlier kernels] F

[PATCH 5.2 090/131] IB/hfi1: Fix Spectre v1 vulnerability

2019-08-05 Thread Greg Kroah-Hartman
From: Gustavo A. R. Silva commit 6497d0a9c53df6e98b25e2b79f2295d7caa47b6e upstream. sl is controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. Fix this by sanitizing sl before using it to index ibp->sl_to_sc. Notice that given that specula

[PATCH 5.2 080/131] Btrfs: fix race leading to fs corruption after transaction abort

2019-08-05 Thread Greg Kroah-Hartman
From: Filipe Manana commit cb2d3daddbfb6318d170e79aac1f7d5e4d49f0d7 upstream. When one transaction is finishing its commit, it is possible for another transaction to start and enter its initial commit phase as well. If the first ends up getting aborted, we have a small time window where the seco

[PATCH 5.2 093/131] eeprom: at24: make spd world-readable again

2019-08-05 Thread Greg Kroah-Hartman
From: Jean Delvare commit 25e5ef302c24a6fead369c0cfe88c073d7b97ca8 upstream. The integration of the at24 driver into the nvmem framework broke the world-readability of spd EEPROMs. Fix it. Signed-off-by: Jean Delvare Cc: sta...@vger.kernel.org Fixes: 57d155506dd5 ("eeprom: at24: extend driver

[PATCH 5.2 079/131] Btrfs: fix incremental send failure after deduplication

2019-08-05 Thread Greg Kroah-Hartman
From: Filipe Manana commit b4f9a1a87a48c255bb90d8a6c3d555a1abb88130 upstream. When doing an incremental send operation we can fail if we previously did deduplication operations against a file that exists in both snapshots. In that case we will fail the send operation with -EIO and print a messag

[PATCH 5.2 089/131] gpiolib: fix incorrect IRQ requesting of an active-low lineevent

2019-08-05 Thread Greg Kroah-Hartman
From: Michael Wu commit 223ecaf140b1dd1c1d2a1a1d96281efc5c906984 upstream. When a pin is active-low, logical trigger edge should be inverted to match the same interrupt opportunity. For example, a button pushed triggers falling edge in ACTIVE_HIGH case; in ACTIVE_LOW case, the button pushed tri

[PATCH 5.2 101/131] mm: migrate: fix reference check race between __find_get_block() and migration

2019-08-05 Thread Greg Kroah-Hartman
From: Jan Kara commit ebdf4de5642fb6580b0763158b6b4b791c4d6a4d upstream. buffer_migrate_page_norefs() can race with bh users in the following way: CPU1CPU2 buffer_migrate_page_norefs() buffer_migrate_lock_buffers() checks bh refs spin_unlock(&mapping->p

[PATCH 5.2 083/131] mmc: dw_mmc: Fix occasional hang after tuning on eMMC

2019-08-05 Thread Greg Kroah-Hartman
From: Douglas Anderson commit ba2d139b02ba684c6c101de42fed782d6cd2b997 upstream. In commit 46d179525a1f ("mmc: dw_mmc: Wait for data transfer after response errors.") we fixed a tuning-induced hang that I saw when stress testing tuning on certain SD cards. I won't re-hash that whole commit, but

[PATCH 5.2 085/131] mmc: host: sdhci-sprd: Fix the missing pm_runtime_put_noidle()

2019-08-05 Thread Greg Kroah-Hartman
From: Baolin Wang commit fc62113b32c95906b3ea8ba42e91014c7d0c6fa6 upstream. When the SD host controller tries to probe again due to the derferred probe mechanism, it will always keep the SD host device as runtime resume state due to missing the runtime put operation in error path last time. Thu

[PATCH 5.2 049/131] mm/memcontrol.c: keep local VM counters in sync with the hierarchical ones

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 766a4c19d880887c457811b86f1f68525e416965 ] After commit 815744d75152 ("mm: memcontrol: don't batch updates of local VM stats and events"), the local VM counter are not in sync with the hierarchical ones. Below is one example in a leaf memcg on my server (with 8 CPUs): i

[PATCH 5.2 040/131] cifs: fix crash in cifs_dfs_do_automount

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit ce465bf94b70f03136171a62b607864f00093b19 ] RHBZ: 1649907 Fix a crash that happens while attempting to mount a DFS referral from the same server on the root of a filesystem. Signed-off-by: Ronnie Sahlberg Signed-off-by: Steve French Signed-off-by: Sasha Levin --- fs/cifs/co

[PATCH 5.2 048/131] mm/slab_common.c: work around clang bug #42570

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit a07057dce2823e10d64a2b73cefbf09d8645efe9 ] Clang gets rather confused about two variables in the same special section when one of them is not initialized, leading to an assembler warning later: /tmp/slab_common-18f869.s: Assembler messages: /tmp/slab_common-18f869.s:7526: Wa

[PATCH 5.2 047/131] mm/z3fold: dont try to use buddy slots after free

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit bb9a374dfa3a2f46581455ab66cd1d24c5e3d183 ] As reported by Henry Burns: Running z3fold stress testing with address sanitization showed zhdr->slots was being used after it was freed. z3fold_free(z3fold_pool, handle) free_handle(handle) kmem_cache_free(pool->c_handle,

[PATCH 5.2 072/131] drm/nouveau: fix memory leak in nouveau_conn_reset()

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 09b90e2fe35faeace2488234e2a7728f2ea8ba26 ] In nouveau_conn_reset(), if connector->state is true, __drm_atomic_helper_connector_destroy_state() will be called, but the memory pointed by asyc isn't freed. Memory leak happens in the following function __drm_atomic_helper_connector_r

[PATCH 5.2 046/131] be2net: Signal that the device cannot transmit during reconfiguration

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 7429c6c0d9cb086d8e79f0d2a48ae14851d2115e ] While changing the number of interrupt channels, be2net stops adapter operation (including netif_tx_disable()) but it doesn't signal that it cannot transmit. This may lead dev_watchdog() to falsely trigger during that time. Add the miss

[PATCH 5.2 044/131] KVM: nVMX: Ignore segment base for VMX memory operand when segment not FS or GS

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 6694e48012826351036fd10fc506ca880023e25f ] As reported by Maxime at https://bugzilla.kernel.org/show_bug.cgi?id=204175: In vmx/nested.c::get_vmx_mem_address(), when the guest runs in long mode, the base address of the memory operand is computed with a simple: *ret = s.base +

[PATCH 5.2 045/131] bpf: fix BTF verifier size resolution logic

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 1acc5d5c5832da9a98b22374a8fae08ffe31b3f8 ] BTF verifier has a size resolution bug which in some circumstances leads to invalid size resolution for, e.g., TYPEDEF modifier. This happens if we have [1] PTR -> [2] TYPEDEF -> [3] ARRAY, in which case due to being in pointer context

[PATCH 5.2 071/131] bpf: Disable GCC -fgcse optimization for ___bpf_prog_run()

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 3193c0836f203a91bef96d88c64cccf0be090d9c ] On x86-64, with CONFIG_RETPOLINE=n, GCC's "global common subexpression elimination" optimization results in ___bpf_prog_run()'s jumptable code changing from this: select_insn: jmp *jumptable(, %rax, 8)

[PATCH 5.2 070/131] x86, boot: Remove multiple copy of static function sanitize_boot_params()

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 8c5477e8046ca139bac250386c08453da37ec1ae ] Kernel build warns: 'sanitize_boot_params' defined but not used [-Wunused-function] at below files: arch/x86/boot/compressed/cmdline.c arch/x86/boot/compressed/error.c arch/x86/boot/compressed/early_serial_console.c arch/x86/bo

[PATCH 5.2 061/131] ipc/mqueue.c: only perform resource calculation if user valid

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit a318f12ed8843cfac53198390c74a565c632f417 ] Andreas Christoforou reported: UBSAN: Undefined behaviour in ipc/mqueue.c:414:49 signed integer overflow: 9 * 2305843009213693951 cannot be represented in type 'long int' ... Call Trace: mqueue_evict_inode+0x8e7/0xa10 ipc/mq

[PATCH 5.2 069/131] x86/paravirt: Fix callee-saved function ELF sizes

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 083db6764821996526970e42d09c1ab2f4155dd4 ] The __raw_callee_save_*() functions have an ELF symbol size of zero, which confuses objtool and other tools. Fixes a bunch of warnings like the following: arch/x86/xen/mmu_pv.o: warning: objtool: __raw_callee_save_xen_pte_val() is m

[PATCH 5.2 067/131] xen/pv: Fix a boot up hang revealed by int3 self test

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit b23e5844dfe78a80ba672793187d3f52e4b528d7 ] Commit 7457c0da024b ("x86/alternatives: Add int3_emulate_call() selftest") is used to ensure there is a gap setup in int3 exception stack which could be used for inserting call return address. This gap is missed in XEN PV int3 exception

[PATCH 5.2 063/131] device-dax: fix memory and resource leak if hotplug fails

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 31e4ca92a7dd4cdebd7fe1456b3b0b6ace9a816f ] Patch series ""Hotremove" persistent memory", v6. Recently, adding a persistent memory to be used like a regular RAM was added to Linux. This work extends this functionality to also allow hot removing persistent memory. We (Microsoft)

[PATCH 5.2 068/131] x86/kvm: Dont call kvm_spurious_fault() from .fixup

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 3901336ed9887b075531bffaeef7742ba614058b ] After making a change to improve objtool's sibling call detection, it started showing the following warning: arch/x86/kvm/vmx/nested.o: warning: objtool: .fixup+0x15: sibling call from callable instruction with modified stack frame

[PATCH 5.2 058/131] coda: fix build using bare-metal toolchain

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit b2a57e334086602be56b74958d9f29b955cd157f ] The kernel is self-contained project and can be built with bare-metal toolchain. But bare-metal toolchain doesn't define __linux__. Because of this u_quad_t type is not defined when using bare-metal toolchain and codafs build fails. T

[PATCH 5.2 065/131] stacktrace: Force USER_DS for stack_trace_save_user()

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit cac9b9a4b08304f11daace03b8b48659355e44c1 ] When walking userspace stacks, USER_DS needs to be set, otherwise access_ok() will not function as expected. Reported-by: Vegard Nossum Reported-by: Eiichi Tsukata Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: Thomas Gleixner

[PATCH 5.2 057/131] coda: add error handling for fget

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 02551c23bcd85f0c68a8259c7b953d49d44f86af ] When fget fails, the lack of error-handling code may cause unexpected results. This patch adds error-handling code after calling fget. Link: http://lkml.kernel.org/r/2514ec03df9c33b86e56748513267a80dd8004d9.1558117389.git.jahar...@cs.

[PATCH 5.2 066/131] crypto: ccp - Fix SEV_VERSION_GREATER_OR_EQUAL

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 83bf42510d7f7e1daa692c096e8e9919334d7b57 ] SEV_VERSION_GREATER_OR_EQUAL() will fail if upgrading from 2.2 to 3.1, for example, because the minor version is not equal to or greater than the major. Fix this and move to a static inline function for appropriate type checking. Fixes

[PATCH 5.2 043/131] ACPI: fix false-positive -Wuninitialized warning

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit dfd6f9ad36368b8dbd5f5a2b2f0a4705ae69a323 ] clang gets confused by an uninitialized variable in what looks to it like a never executed code path: arch/x86/kernel/acpi/boot.c:618:13: error: variable 'polarity' is uninitialized when used here [-Werror,-Wuninitialized] pola

[PATCH 5.2 062/131] nds32: fix asm/syscall.h

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 33644b95eb342201511fc951d8fcd10362bd435b ] PTRACE_GET_SYSCALL_INFO is a generic ptrace API that lets ptracer obtain details of the syscall the tracee is blocked in. There are two reasons for a special syscall-related ptrace request. Firstly, with the current ptrace API there ar

[PATCH 5.2 042/131] x86: kvm: avoid constant-conversion warning

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit a6a6d3b1f867d34ba5bd61aa7bb056b48ca67cff ] clang finds a contruct suspicious that converts an unsigned character to a signed integer and back, causing an overflow: arch/x86/kvm/mmu.c:4605:39: error: implicit conversion from 'int' to 'u8' (aka 'unsigned char') changes value from

[PATCH 5.2 060/131] drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 156e0b1a8112b76e351684ac948c59757037ac36 ] The dev_info.name[] array has space for RIO_MAX_DEVNAME_SZ + 1 characters. But the problem here is that we don't ensure that the user put a NUL terminator on the end of the string. It could lead to an out of bounds read. Link: http://

[PATCH 5.2 053/131] mm/cma.c: fail if fixed declaration cant be honored

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit c633324e311243586675e732249339685e5d6faa ] The description of cma_declare_contiguous() indicates that if the 'fixed' argument is true the reserved contiguous area must be exactly at the address of the 'base' argument. However, the function currently allows the 'base', 'size', an

[PATCH 5.2 012/131] arm64: dts: rockchip: fix isp iommu clocks and power domain

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit c432a29d3fc9ee928caeca2f5cf68b3aebfa6817 ] isp iommu requires wrapper variants of the clocks. noc variants are always on and using the wrapper variants will activate {A,H}CLK_ISP{0,1} due to the hierarchy. Tested using the pending isp patch set (which is not upstream yet). Witho

[PATCH 5.2 051/131] x86/apic: Silence -Wtype-limits compiler warnings

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit ec6335586953b0df32f83ef696002063090c7aef ] There are many compiler warnings like this, In file included from ./arch/x86/include/asm/smp.h:13, from ./arch/x86/include/asm/mmzone_64.h:11, from ./arch/x86/include/asm/mmzone.h:5, fr

[PATCH 5.2 052/131] x86: math-emu: Hide clang warnings for 16-bit overflow

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 29e7e9664aec17b94a9c8c5a75f8d216a206aa3a ] clang warns about a few parts of the math-emu implementation where a 16-bit integer becomes negative during assignment: arch/x86/math-emu/poly_tan.c:88:35: error: implicit conversion from 'int' to 'short' changes value from 49216 to -1

[PATCH 5.2 041/131] perf version: Fix segfault due to missing OPT_END()

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 916c31fff946fae0e05862f9b2435fdb29fd5090 ] 'perf version' on powerpc segfaults when used with non-supported option: # perf version -a Segmentation fault (core dumped) Fix this. Signed-off-by: Ravi Bangoria Reviewed-by: Kamalesh Babulal Tested-by: Mamatha Inamdar Cc: Jiri

[PATCH 5.2 033/131] ceph: fix dir_lease_is_valid()

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit feab6ac25dbfe3ab96299cb741925dc8d2da0caf ] It should call __ceph_dentry_dir_lease_touch() under dentry->d_lock. Besides, ceph_dentry(dentry) can be NULL when called by LOOKUP_RCU d_revalidate() Signed-off-by: "Yan, Zheng" Reviewed-by: Jeff Layton Signed-off-by: Ilya Dryomov S

[PATCH 5.2 039/131] drm/amd/display: Expose audio inst from DC to DM

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 5fdb7c4c7f2691efd760b0b0dc00da4a3699f1a6 ] [Why] In order to give pin notifications to the sound driver from DM we need to know whether audio is enabled on a stream and what pin it's using from DC. [How] Expose the instance via stream status if it's a mapped resource for the str

[PATCH 5.2 026/131] btrfs: tree-checker: Check if the file extent end overflows

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 4c094c33c9ed4b8d0d814bd1d7ff78e123d15d00 ] Under certain conditions, we could have strange file extent item in log tree like: item 18 key (69599 108 397312) itemoff 15208 itemsize 53 extent data disk bytenr 0 nr 0 extent data offset 0 nr 18446744073709547520 ra

[PATCH 5.2 009/131] arm64: dts: marvell: mcbin: enlarge PCI memory window

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit d3446b266a8c72a7bbc94b65f5fc6d206be77d24 ] Running a graphics adapter on the MACCHIATObin fails due to an insufficiently sized memory window. Enlarge the memory window for the PCIe slot to 512 MiB. With the patch I am able to use a GT710 graphics adapter with 1 GB onboard memor

[PATCH 5.2 014/131] PCI: OF: Initialize dev->fwnode appropriately

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 59b099a6c75e4ddceeaf9676422d8d91d0049755 ] For PCI devices that have an OF node, set the fwnode as well. This way drivers that rely on fwnode don't need the special case described by commit f94277af03ea ("of/platform: Initialise dev->fwnode appropriately"). Acked-by: Bjorn Helga

[PATCH 5.2 027/131] btrfs: fix minimum number of chunk errors for DUP

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 0ee5f8ae082e1f675a2fb6db601c31ac9958a134 ] The list of profiles in btrfs_chunk_max_errors lists DUP as a profile DUP able to tolerate 1 device missing. Though this profile is special with 2 copies, it still needs the device, unlike the others. Looking at the history of changes,

[PATCH 5.2 011/131] dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit dc161064beb83c668e0f85766b92b1e7ed186e58 ] Apparently driver was never tested with DMA_PREP_INTERRUPT flag being unset since it completely disables interrupt handling instead of skipping the callbacks invocations, hence putting channel into unusable state. The flag is always set

[PATCH 5.2 034/131] ceph: return -ERANGE if virtual xattr value didnt fit in buffer

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 3b421018f48c482bdc9650f894aa1747cf90e51d ] The getxattr manpage states that we should return ERANGE if the destination buffer size is too small to hold the value. ceph_vxattrcb_layout does this internally, but we should be doing this for all vxattrs. Fix the only caller of getxa

[PATCH 5.2 028/131] btrfs: Flush before reflinking any extent to prevent NOCOW write falling back to COW without data reservation

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit a94d1d0cb3bf1983fcdf05b59d914dbff4f1f52c ] [BUG] The following script can cause unexpected fsync failure: #!/bin/bash dev=/dev/test/test mnt=/mnt/btrfs mkfs.btrfs -f $dev -b 512M > /dev/null mount $dev $mnt -o nospace_cache # Prealloc one extent xfs_io -f -c "fa

[PATCH 5.2 037/131] scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 484647088826f2f651acbda6bcf9536b8a466703 ] GCC v9 emits this warning: CC drivers/s390/scsi/zfcp_erp.o drivers/s390/scsi/zfcp_erp.c: In function 'zfcp_erp_action_enqueue': drivers/s390/scsi/zfcp_erp.c:217:26: warning: 'erp_action' may be used uninitialized in t

[PATCH 5.2 035/131] virtio-mmio: add error check for platform_get_irq

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 5e663f0410fa2f355042209154029842ba1abd43 ] in vm_find_vqs() irq has a wrong type so, in case of no IRQ resource defined, wrong parameter will be passed to request_irq() Signed-off-by: Ihor Matushchak Signed-off-by: Michael S. Tsirkin Reviewed-by: Ivan T. Ivanov Signed-off-by:

[PATCH 5.2 036/131] ACPI: blacklist: fix clang warning for unused DMI table

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit b80d6a42bdc97bdb6139107d6034222e9843c6e2 ] When CONFIG_DMI is disabled, we only have a tentative declaration, which causes a warning from clang: drivers/acpi/blacklist.c:20:35: error: tentative array definition assumed to have one element [-Werror] static const struct dmi_syste

[PATCH 5.2 020/131] dmaengine: rcar-dmac: Reject zero-length slave DMA requests

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 78efb76ab4dfb8f74f290ae743f34162cd627f19 ] While the .device_prep_slave_sg() callback rejects empty scatterlists, it still accepts single-entry scatterlists with a zero-length segment. These may happen if a driver calls dmaengine_prep_slave_single() with a zero len parameter. Th

[PATCH 5.2 021/131] ARM: exynos: Only build MCPM support if used

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 24d2c73ff28bcda48607eacc4bc804002dbf78d9 ] We get a link error for configurations that enable an Exynos SoC that does not require MCPM, but then manually enable MCPM anyway without also turning on the arm-cci: arch/arm/mach-exynos/mcpm-exynos.o: In function `exynos_pm_power_up_s

[PATCH 5.2 022/131] clk: tegra210: fix PLLU and PLLU_OUT1

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 0d34dfbf3023cf119b83f6470692c0b10c832495 ] Full-speed and low-speed USB devices do not work with Tegra210 platforms because of incorrect PLLU/PLLU_OUT1 clock settings. When full-speed device is connected: [ 14.059886] usb 1-3: new full-speed USB device number 2 using tegra-xus

[PATCH 5.2 017/131] arm64: qcom: qcs404: Add reset-cells to GCC node

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 0763d0c2273a3c72247d325c48fbac3d918d6b87 ] This patch adds a reset-cells property to the gcc controller on the QCS404. Without this in place, we get warnings like the following if nodes reference a gcc reset: arch/arm64/boot/dts/qcom/qcs404.dtsi:261.38-310.5: Warning (resets_pro

[PATCH 5.2 019/131] MIPS: lantiq: Fix bitfield masking

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit ba1bc0fcdeaf3bf583c1517bd2e3e29cf223c969 ] The modification of EXIN register doesn't clean the bitfield before the writing of a new value. After a few modifications the bitfield would accumulate only '1's. Signed-off-by: Petr Cvek Signed-off-by: Paul Burton Cc: ha...@hauke-m.d

[PATCH 5.2 023/131] fs/adfs: super: fix use-after-free bug

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 5808b14a1f52554de612fee85ef517199855e310 ] Fix a use-after-free bug during filesystem initialisation, where we access the disc record (which is stored in a buffer) after we have released the buffer. Signed-off-by: Russell King Signed-off-by: Al Viro Signed-off-by: Sasha Levin

[PATCH 5.2 006/131] ftrace: Enable trampoline when rec count returns back to one

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit a124692b698b00026a58d89831ceda2331b2e1d0 ] Custom trampolines can only be enabled if there is only a single ops attached to it. If there's only a single callback registered to a function, and the ops has a trampoline registered for it, then we can call the trampoline directly. Th

[PATCH 5.2 015/131] firmware/psci: psci_checker: Park kthreads before stopping them

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 92e074acf6f7694e96204265eb18ac113f546e80 ] Since commit 85f1abe0019f ("kthread, sched/wait: Fix kthread_parkme() completion issue"), kthreads that are bound to a CPU must be parked before being stopped. At the moment the PSCI checker calls kthread_stop() directly on the suspend k

[PATCH 5.2 001/131] ARM: riscpc: fix DMA

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit ffd9a1ba9fdb7f2bd1d1ad9b9243d34e96756ba2 ] DMA got broken a while back in two different ways: 1) a change in the behaviour of disable_irq() to wait for the interrupt to finish executing causes us to deadlock at the end of DMA. 2) a change to avoid modifying the scatterlist lef

[PATCH 5.2 000/131] 5.2.7-stable review

2019-08-05 Thread Greg Kroah-Hartman
This is the start of the stable review cycle for the 5.2.7 release. There are 131 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed 07 Aug 2019 12:47:58 PM UTC. Anything rece

[PATCH 4.19 57/74] drivers/perf: arm_pmu: Fix failure path in PM notifier

2019-08-05 Thread Greg Kroah-Hartman
From: Will Deacon commit 0d7fd70f26039bd4b33444ca47f0e69ce3ae0354 upstream. Handling of the CPU_PM_ENTER_FAILED transition in the Arm PMU PM notifier code incorrectly skips restoration of the counters. Fix the logic so that CPU_PM_ENTER_FAILED follows the same path as CPU_PM_EXIT. Cc: Fixes: d

[PATCH 4.19 49/74] IB/hfi1: Fix Spectre v1 vulnerability

2019-08-05 Thread Greg Kroah-Hartman
From: Gustavo A. R. Silva commit 6497d0a9c53df6e98b25e2b79f2295d7caa47b6e upstream. sl is controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. Fix this by sanitizing sl before using it to index ibp->sl_to_sc. Notice that given that specula

[PATCH 4.19 53/74] mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker

2019-08-05 Thread Greg Kroah-Hartman
From: Yang Shi commit fa1e512fac717f34e7c12d7a384c46e90a647392 upstream. Shakeel Butt reported premature oom on kernel with "cgroup_disable=memory" since mem_cgroup_is_root() returns false even though memcg is actually NULL. The drop_caches is also broken. It is because commit aeed1d325d42 ("m

[PATCH 4.19 74/74] scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA

2019-08-05 Thread Greg Kroah-Hartman
From: Suganath Prabu commit df9a606184bfdb5ae3ca9d226184e9489f5c24f7 upstream. Although SAS3 & SAS3.5 IT HBA controllers support 64-bit DMA addressing, as per hardware design, if DMA-able range contains all 64-bits set (0x-) then it results in a firmware fault. E.g. SGE's start

[PATCH 5.2 003/131] ARM: dts: rockchip: Make rk3288-veyron-mickeys emmc work again

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit 99fa066710f75f18f4d9a5bc5f6a711968a581d5 ] When I try to boot rk3288-veyron-mickey I totally fail to make the eMMC work. Specifically my logs (on Chrome OS 4.19): mmc_host mmc1: card is non-removable. mmc_host mmc1: Bus speed (slot 0) = 40Hz (slot req 40Hz, actual

[PATCH 4.19 55/74] cgroup: kselftest: relax fs_spec checks

2019-08-05 Thread Greg Kroah-Hartman
From: Chris Down commit b59b1baab789eacdde809135542e3d4f256f6878 upstream. On my laptop most memcg kselftests were being skipped because it claimed cgroup v2 hierarchy wasn't mounted, but this isn't correct. Instead, it seems current systemd HEAD mounts it with the name "cgroup2" instead of "cg

[PATCH 5.2 004/131] clk: meson: mpll: properly handle spread spectrum

2019-08-05 Thread Greg Kroah-Hartman
[ Upstream commit f9b3eeebef6aabaa37a351715374de53b6da860c ] The bit 'SSEN' available on some MPLL DSS outputs is not related to the fractional part of the divider but to the function called 'Spread Spectrum'. This function might be used to solve EM issues by adding a jitter on clock signal. This

[PATCH 4.19 58/74] arm64: compat: Allow single-byte watchpoints on all addresses

2019-08-05 Thread Greg Kroah-Hartman
From: Will Deacon commit 849adec41203ac5837c40c2d7e08490ffdef3c2c upstream. Commit d968d2b801d8 ("ARM: 7497/1: hw_breakpoint: allow single-byte watchpoints on all addresses") changed the validation requirements for hardware watchpoints on arch/arm/. Update our compat layer to implement the same

<    3   4   5   6   7   8   9   10   11   12   >