1. 25 Feb, 2018 3 commits
    • Yufen Yu's avatar
      md/raid1: fix NULL pointer dereference · 3de59bb9
      Yufen Yu authored
      In handle_write_finished(), if r1_bio->bios[m] != NULL, it thinks
      the corresponding conf->mirrors[m].rdev is also not NULL. But, it
      is not always true.
      
      Even if some io hold replacement rdev(i.e. rdev->nr_pending.count > 0),
      raid1_remove_disk() can also set the rdev as NULL. That means,
      bios[m] != NULL, but mirrors[m].rdev is NULL, resulting in NULL
      pointer dereference in handle_write_finished and sync_request_write.
      
      This patch can fix BUGs as follows:
      
       BUG: unable to handle kernel NULL pointer dereference at 0000000000000140
       IP: [<ffffffff815bbbbd>] raid1d+0x2bd/0xfc0
       PGD 12ab52067 PUD 12f587067 PMD 0
       Oops: 0000 [#1] SMP
       CPU: 1 PID: 2008 Comm: md3_raid1 Not tainted 4.1.44+ #130
       Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1.fc26 04/01/2014
       Call Trace:
        ? schedule+0x37/0x90
        ? prepare_to_wait_event+0x83/0xf0
        md_thread+0x144/0x150
        ? wake_atomic_t_function+0x70/0x70
        ? md_start_sync+0xf0/0xf0
        kthread+0xd8/0xf0
        ? kthread_worker_fn+0x160/0x160
        ret_from_fork+0x42/0x70
        ? kthread_worker_fn+0x160/0x160
      
       BUG: unable to handle kernel NULL pointer dereference at 00000000000000b8
       IP: sync_request_write+0x9e/0x980
       PGD 800000007c518067 P4D 800000007c518067 PUD 8002b067 PMD 0
       Oops: 0000 [#1] SMP PTI
       CPU: 24 PID: 2549 Comm: md3_raid1 Not tainted 4.15.0+ #118
       Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1.fc26 04/01/2014
       Call Trace:
        ? sched_clock+0x5/0x10
        ? sched_clock_cpu+0xc/0xb0
        ? flush_pending_writes+0x3a/0xd0
        ? pick_next_task_fair+0x4d5/0x5f0
        ? __switch_to+0xa2/0x430
        raid1d+0x65a/0x870
        ? find_pers+0x70/0x70
        ? find_pers+0x70/0x70
        ? md_thread+0x11c/0x160
        md_thread+0x11c/0x160
        ? finish_wait+0x80/0x80
        kthread+0x111/0x130
        ? kthread_create_worker_on_cpu+0x70/0x70
        ? do_syscall_64+0x6f/0x190
        ? SyS_exit_group+0x10/0x10
        ret_from_fork+0x35/0x40
      Reviewed-by: default avatarNeilBrown <neilb@suse.com>
      Signed-off-by: default avatarYufen Yu <yuyufen@huawei.com>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      3de59bb9
    • BingJing Chang's avatar
      md: fix a potential deadlock of raid5/raid10 reshape · 8876391e
      BingJing Chang authored
      There is a potential deadlock if mount/umount happens when
      raid5_finish_reshape() tries to grow the size of emulated disk.
      
      How the deadlock happens?
      1) The raid5 resync thread finished reshape (expanding array).
      2) The mount or umount thread holds VFS sb->s_umount lock and tries to
         write through critical data into raid5 emulated block device. So it
         waits for raid5 kernel thread handling stripes in order to finish it
         I/Os.
      3) In the routine of raid5 kernel thread, md_check_recovery() will be
         called first in order to reap the raid5 resync thread. That is,
         raid5_finish_reshape() will be called. In this function, it will try
         to update conf and call VFS revalidate_disk() to grow the raid5
         emulated block device. It will try to acquire VFS sb->s_umount lock.
      The raid5 kernel thread cannot continue, so no one can handle mount/
      umount I/Os (stripes). Once the write-through I/Os cannot be finished,
      mount/umount will not release sb->s_umount lock. The deadlock happens.
      
      The raid5 kernel thread is an emulated block device. It is responible to
      handle I/Os (stripes) from upper layers. The emulated block device
      should not request any I/Os on itself. That is, it should not call VFS
      layer functions. (If it did, it will try to acquire VFS locks to
      guarantee the I/Os sequence.) So we have the resync thread to send
      resync I/O requests and to wait for the results.
      
      For solving this potential deadlock, we can put the size growth of the
      emulated block device as the final step of reshape thread.
      
      2017/12/29:
      Thanks to Guoqing Jiang <gqjiang@suse.com>,
      we confirmed that there is the same deadlock issue in raid10. It's
      reproducible and can be fixed by this patch. For raid10.c, we can remove
      the similar code to prevent deadlock as well since they has been called
      before.
      Reported-by: default avatarAlex Wu <alexwu@synology.com>
      Reviewed-by: default avatarAlex Wu <alexwu@synology.com>
      Reviewed-by: default avatarChung-Chiang Cheng <cccheng@synology.com>
      Signed-off-by: default avatarBingJing Chang <bingjingc@synology.com>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      8876391e
    • Lidong Zhong's avatar
      md-cluster: choose correct label when clustered layout is not supported · 43a52123
      Lidong Zhong authored
      r10conf is already successfully allocated before checking the layout
      Signed-off-by: default avatarLidong Zhong <lzhong@suse.com>
      Reviewed-by: default avatarGuoqing Jiang <gqjiang@suse.com>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      43a52123
  2. 21 Feb, 2018 2 commits
    • Arnd Bergmann's avatar
      md: raid5: avoid string overflow warning · 53b8d89d
      Arnd Bergmann authored
      gcc warns about a possible overflow of the kmem_cache string, when adding
      four characters to a string of the same length:
      
      drivers/md/raid5.c: In function 'setup_conf':
      drivers/md/raid5.c:2207:34: error: '-alt' directive writing 4 bytes into a region of size between 1 and 32 [-Werror=format-overflow=]
        sprintf(conf->cache_name[1], "%s-alt", conf->cache_name[0]);
                                        ^~~~
      drivers/md/raid5.c:2207:2: note: 'sprintf' output between 5 and 36 bytes into a destination of size 32
        sprintf(conf->cache_name[1], "%s-alt", conf->cache_name[0]);
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      
      If I'm counting correctly, we need 11 characters for the fixed part
      of the string and 18 characters for a 64-bit pointer (when no gendisk
      is used), so that leaves three characters for conf->level, which should
      always be sufficient.
      
      This makes the code use snprintf() with the correct length, to
      make the code more robust against changes, and to get the compiler
      to shut up.
      
      In commit f4be6b43 ("md/raid5: ensure we create a unique name for
      kmem_cache when mddev has no gendisk") from 2010, Neil said that
      the pointer could be removed "shortly" once devices without gendisk
      are disallowed. I have no idea if that happened, but if it did, that
      should probably be changed as well.
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      53b8d89d
    • Artur Paszkiewicz's avatar
      raid5-ppl: fix handling flush requests · f4bc0c81
      Artur Paszkiewicz authored
      Add missing bio completion. Without this any flush request would hang.
      
      Fixes: 1532d9e8 ("raid5-ppl: PPL support for disks with write-back cache enabled")
      Signed-off-by: default avatarArtur Paszkiewicz <artur.paszkiewicz@intel.com>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      f4bc0c81
  3. 19 Feb, 2018 2 commits
    • Yufen Yu's avatar
      md raid10: fix NULL deference in handle_write_completed() · 01a69cab
      Yufen Yu authored
      In the case of 'recover', an r10bio with R10BIO_WriteError &
      R10BIO_IsRecover will be progressed by handle_write_completed().
      This function traverses all r10bio->devs[copies].
      If devs[m].repl_bio != NULL, it thinks conf->mirrors[dev].replacement
      is also not NULL. However, this is not always true.
      
      When there is an rdev of raid10 has replacement, then each r10bio
      ->devs[m].repl_bio != NULL in conf->r10buf_pool. However, in 'recover',
      even if corresponded replacement is NULL, it doesn't clear r10bio
      ->devs[m].repl_bio, resulting in replacement NULL deference.
      
      This bug was introduced when replacement support for raid10 was
      added in Linux 3.3.
      
      As NeilBrown suggested:
      	Elsewhere the determination of "is this device part of the
      	resync/recovery" is made by resting bio->bi_end_io.
      	If this is end_sync_write, then we tried to write here.
      	If it is NULL, then we didn't try to write.
      
      Fixes: 9ad1aefc ("md/raid10:  Handle replacement devices during resync.")
      Cc: stable (V3.3+)
      Suggested-by: default avatarNeilBrown <neilb@suse.com>
      Signed-off-by: default avatarYufen Yu <yuyufen@huawei.com>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      01a69cab
    • NeilBrown's avatar
      md: only allow remove_and_add_spares when no sync_thread running. · 39772f0a
      NeilBrown authored
      The locking protocols in md assume that a device will
      never be removed from an array during resync/recovery/reshape.
      When that isn't happening, rcu or reconfig_mutex is needed
      to protect an rdev pointer while taking a refcount.  When
      it is happening, that protection isn't needed.
      
      Unfortunately there are cases were remove_and_add_spares() is
      called when recovery might be happening: is state_store(),
      slot_store() and hot_remove_disk().
      In each case, this is just an optimization, to try to expedite
      removal from the personality so the device can be removed from
      the array.  If resync etc is happening, we just have to wait
      for md_check_recover to find a suitable time to call
      remove_and_add_spares().
      
      This optimization and not essential so it doesn't
      matter if it fails.
      So change remove_and_add_spares() to abort early if
      resync/recovery/reshape is happening, unless it is called
      from md_check_recovery() as part of a newly started recovery.
      The parameter "this" is only NULL when called from
      md_check_recovery() so when it is NULL, there is no need to abort.
      
      As this can result in a NULL dereference, the fix is suitable
      for -stable.
      
      cc: yuyufen <yuyufen@huawei.com>
      Cc: Tomasz Majchrzak <tomasz.majchrzak@intel.com>
      Fixes: 8430e7e0 ("md: disconnect device from personality before trying to remove it.")
      Cc: stable@ver.kernel.org (v4.8+)
      Signed-off-by: default avatarNeilBrown <neilb@suse.com>
      Signed-off-by: default avatarShaohua Li <sh.li@alibaba-inc.com>
      39772f0a
  4. 18 Feb, 2018 2 commits
  5. 17 Feb, 2018 16 commits
  6. 16 Feb, 2018 15 commits
    • Linus Torvalds's avatar
      Merge tag 'dma-mapping-4.16-2' of git://git.infradead.org/users/hch/dma-mapping · 1e3510b2
      Linus Torvalds authored
      Pull dma-mapping fixes from Christoph Hellwig:
       "A few dma-mapping fixes for the fallout from the changes in rc1"
      
      * tag 'dma-mapping-4.16-2' of git://git.infradead.org/users/hch/dma-mapping:
        powerpc/macio: set a proper dma_coherent_mask
        dma-mapping: fix a comment typo
        dma-direct: comment the dma_direct_free calling convention
        dma-direct: mark as is_phys
        ia64: fix build failure with CONFIG_SWIOTLB
      1e3510b2
    • Will Deacon's avatar
      arm64: mm: Use READ_ONCE/WRITE_ONCE when accessing page tables · 20a004e7
      Will Deacon authored
      In many cases, page tables can be accessed concurrently by either another
      CPU (due to things like fast gup) or by the hardware page table walker
      itself, which may set access/dirty bits. In such cases, it is important
      to use READ_ONCE/WRITE_ONCE when accessing page table entries so that
      entries cannot be torn, merged or subject to apparent loss of coherence
      due to compiler transformations.
      
      Whilst there are some scenarios where this cannot happen (e.g. pinned
      kernel mappings for the linear region), the overhead of using READ_ONCE
      /WRITE_ONCE everywhere is minimal and makes the code an awful lot easier
      to reason about. This patch consistently uses these macros in the arch
      code, as well as explicitly namespacing pointers to page table entries
      from the entries themselves by using adopting a 'p' suffix for the former
      (as is sometimes used elsewhere in the kernel source).
      Tested-by: default avatarYury Norov <ynorov@caviumnetworks.com>
      Tested-by: default avatarRichard Ruigrok <rruigrok@codeaurora.org>
      Reviewed-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      Signed-off-by: default avatarWill Deacon <will.deacon@arm.com>
      Signed-off-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      20a004e7
    • Arnd Bergmann's avatar
      mm: hide a #warning for COMPILE_TEST · af27d940
      Arnd Bergmann authored
      We get a warning about some slow configurations in randconfig kernels:
      
        mm/memory.c:83:2: error: #warning Unfortunate NUMA and NUMA Balancing config, growing page-frame for last_cpupid. [-Werror=cpp]
      
      The warning is reasonable by itself, but gets in the way of randconfig
      build testing, so I'm hiding it whenever CONFIG_COMPILE_TEST is set.
      
      The warning was added in 2013 in commit 75980e97 ("mm: fold
      page->_last_nid into page->flags where possible").
      
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      af27d940
    • Linus Torvalds's avatar
      Merge tag 'mips_fixes_4.16_2' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips · 78352f18
      Linus Torvalds authored
      Pull MIPS fixes from James Hogan:
       "A few fixes for outstanding MIPS issues:
      
         - an __init section mismatch warning when brcmstb_pm is enabled
      
         - a regression handling multiple mem=X@Y arguments (4.11)
      
         - a USB Kconfig select warning, and related sparc cleanup (4.16)"
      
      * tag 'mips_fixes_4.16_2' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips:
        sparc,leon: Select USB_UHCI_BIG_ENDIAN_{MMIO,DESC}
        usb: Move USB_UHCI_BIG_ENDIAN_* out of USB_SUPPORT
        MIPS: Fix incorrect mem=X@Y handling
        MIPS: BMIPS: Fix section mismatch warning
      78352f18
    • Linus Torvalds's avatar
      Merge tag 'for-4.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · da370f1d
      Linus Torvalds authored
      Pull btrfs fixes from David Sterba:
       "We have a few assorted fixes, some of them show up during fstests so I
        gave them more testing"
      
      * tag 'for-4.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
        btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
        Btrfs: fix null pointer dereference when replacing missing device
        btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes
        btrfs: Ignore errors from btrfs_qgroup_trace_extent_post
        Btrfs: fix unexpected -EEXIST when creating new inode
        Btrfs: fix use-after-free on root->orphan_block_rsv
        Btrfs: fix btrfs_evict_inode to handle abnormal inodes correctly
        Btrfs: fix extent state leak from tree log
        Btrfs: fix crash due to not cleaning up tree log block's dirty bits
        Btrfs: fix deadlock in run_delalloc_nocow
      da370f1d
    • Linus Torvalds's avatar
      Merge tag 'for-4.16/dm-chained-bios-fix' of... · c85b0b14
      Linus Torvalds authored
      Merge tag 'for-4.16/dm-chained-bios-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
      
      Pull device mapper fix from Mike Snitzer:
       "Fix for DM core to properly propagate errors (avoids overriding
        non-zero error with 0). This is particularly important given DM core's
        increased use of chained bios"
      
      * tag 'for-4.16/dm-chained-bios-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
        dm: correctly handle chained bios in dec_pending()
      c85b0b14
    • Linus Torvalds's avatar
      Merge tag 'platform-drivers-x86-v4.16-4' of git://git.infradead.org/linux-platform-drivers-x86 · 5e8639b7
      Linus Torvalds authored
      Pull x86 platform driver fixes from Andy Shevchenko:
      
       - regression fix in keyboard support for Dell laptops
      
       - prevent out-of-boundary write in WMI bus driver
      
       - increase timeout to read functional key status on Lenovo laptops
      
      * tag 'platform-drivers-x86-v4.16-4' of git://git.infradead.org/linux-platform-drivers-x86:
        platform/x86: dell-laptop: Removed duplicates in DMI whitelist
        platform/x86: dell-laptop: fix kbd_get_state's request value
        platform/x86: ideapad-laptop: Increase timeout to wait for EC answer
        platform/x86: wmi: fix off-by-one write in wmi_dev_probe()
      5e8639b7
    • Linus Torvalds's avatar
      Merge tag 'sound-4.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 1a2a7d3e
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "A collection of usual suspects:
      
         - a handful USB-audio and HD-audio device-specific quirks
      
         - some trivial fixes for the new AC97 bus stuff
      
         - another race fix in ALSA sequencer core"
      
      * tag 'sound-4.16-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: hda/realtek: PCI quirk for Fujitsu U7x7
        ALSA: seq: Fix racy pool initializations
        ALSA: usb: add more device quirks for USB DSD devices
        ALSA: usb-audio: Fix UAC2 get_ctl request with a RANGE attribute
        ALSA: ac97: Fix copy and paste typo in documentation
        ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204
        ALSA: ac97: kconfig: Remove select of undefined symbol AC97
        ALSA: hda/realtek - Enable Thinkpad Dock device for ALC298 platform
        ALSA: hda/realtek - Add headset mode support for Dell laptop
        ALSA: hda - Fix headset mic detection problem for two Dell machines
      1a2a7d3e
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-for-v4.16-rc2' of git://people.freedesktop.org/~airlied/linux · bad57539
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "One nouveau regression fix, one AMD quirk and a full set of i915
        fixes.
      
        The i915 fixes are mostly for things caught by their CI system, main
        ones being DSI panel fixes and GEM fixes"
      
      * tag 'drm-fixes-for-v4.16-rc2' of git://people.freedesktop.org/~airlied/linux:
        drm/nouveau: Make clock gate support conditional
        drm/i915: Fix DSI panels with v1 MIPI sequences without a DEASSERT sequence v3
        drm/i915: Free memdup-ed DSI VBT data structures on driver_unload
        drm/i915: Add intel_bios_cleanup() function
        drm/i915/vlv: Add cdclk workaround for DSI
        drm/i915/gvt: fix one typo of render_mmio trace
        drm/i915/gvt: Support BAR0 8-byte reads/writes
        drm/i915/gvt: add 0xe4f0 into gen9 render list
        drm/i915/pmu: Fix building without CONFIG_PM
        drm/i915/pmu: Fix sleep under atomic in RC6 readout
        drm/i915/pmu: Fix PMU enable vs execlists tasklet race
        drm/i915: Lock out execlist tasklet while peeking inside for busy-stats
        drm/i915/breadcrumbs: Ignore unsubmitted signalers
        drm/i915: Don't wake the device up to check if the engine is asleep
        drm/i915: Avoid truncation before clamping userspace's priority value
        drm/i915/perf: Fix compiler warning for string truncation
        drm/i915/perf: Fix compiler warning for string truncation
        drm/amdgpu: add new device to use atpx quirk
      bad57539
    • NeilBrown's avatar
      dm: correctly handle chained bios in dec_pending() · 8dd601fa
      NeilBrown authored
      dec_pending() is given an error status (possibly 0) to be recorded
      against a bio.  It can be called several times on the one 'struct
      dm_io', and it is careful to only assign a non-zero error to
      io->status.  However when it then assigned io->status to bio->bi_status,
      it is not careful and could overwrite a genuine error status with 0.
      
      This can happen when chained bios are in use.  If a bio is chained
      beneath the bio that this dm_io is handling, the child bio might
      complete and set bio->bi_status before the dm_io completes.
      
      This has been possible since chained bios were introduced in 3.14, and
      has become a lot easier to trigger with commit 18a25da8 ("dm: ensure
      bio submission follows a depth-first tree walk") as that commit caused
      dm to start using chained bios itself.
      
      A particular failure mode is that if a bio spans an 'error' target and a
      working target, the 'error' fragment will complete instantly and set the
      ->bi_status, and the other fragment will normally complete a little
      later, and will clear ->bi_status.
      
      The fix is simply to only assign io_error to bio->bi_status when
      io_error is not zero.
      Reported-and-tested-by: default avatarMilan Broz <gmazyland@gmail.com>
      Cc: stable@vger.kernel.org (v3.14+)
      Signed-off-by: default avatarNeilBrown <neilb@suse.com>
      Signed-off-by: default avatarMike Snitzer <snitzer@redhat.com>
      8dd601fa
    • Nathan Fontenot's avatar
      powerpc/pseries: Check for zero filled ibm,dynamic-memory property · 2c10636a
      Nathan Fontenot authored
      Some versions of QEMU will produce an ibm,dynamic-reconfiguration-memory
      node with a ibm,dynamic-memory property that is zero-filled. This
      causes the drmem code to oops trying to parse this property.
      
      The fix for this is to validate that the property does contain LMB
      entries before trying to parse it and bail if the count is zero.
      
        Oops: Kernel access of bad area, sig: 11 [#1]
        DAR: 0000000000000010
        NIP read_drconf_v1_cell+0x54/0x9c
        LR  read_drconf_v1_cell+0x48/0x9c
        Call Trace:
          __param_initcall_debug+0x0/0x28 (unreliable)
          drmem_init+0x144/0x2f8
          do_one_initcall+0x64/0x1d0
          kernel_init_freeable+0x298/0x38c
          kernel_init+0x24/0x160
          ret_from_kernel_thread+0x5c/0xb4
      
      The ibm,dynamic-reconfiguration-memory device tree property generated
      that causes this:
      
        ibm,dynamic-reconfiguration-memory {
                ibm,lmb-size = <0x0 0x10000000>;
                ibm,memory-flags-mask = <0xff>;
                ibm,dynamic-memory = <0x0 0x0 0x0 0x0 0x0 0x0>;
                linux,phandle = <0x7e57eed8>;
                ibm,associativity-lookup-arrays = <0x1 0x4 0x0 0x0 0x0 0x0>;
                ibm,memory-preservation-time = <0x0>;
        };
      Signed-off-by: default avatarNathan Fontenot <nfont@linux.vnet.ibm.com>
      Reviewed-by: default avatarCyril Bur <cyrilbur@gmail.com>
      Tested-by: default avatarDaniel Black <daniel@linux.vnet.ibm.com>
      [mpe: Trim oops report]
      Signed-off-by: default avatarMichael Ellerman <mpe@ellerman.id.au>
      2c10636a
    • Dave Airlie's avatar
      Merge branch 'linux-4.16' of git://github.com/skeggsb/linux into drm-fixes · bfad2d08
      Dave Airlie authored
      single fix for older gpus.
      
      * 'linux-4.16' of git://github.com/skeggsb/linux:
        drm/nouveau: Make clock gate support conditional
      bfad2d08
    • Thierry Reding's avatar
      drm/nouveau: Make clock gate support conditional · 92256269
      Thierry Reding authored
      The recently introduced clock gate support breaks on Tegra chips because
      no thermal support is enabled for those devices. Conditionalize the code
      on the existence of thermal support to fix this.
      
      Fixes: b138eca6 ("drm/nouveau: Add support for basic clockgating on Kepler1")
      Cc: Martin Peres <martin.peres@free.fr>
      Cc: Lyude Paul <lyude@redhat.com>
      Signed-off-by: default avatarThierry Reding <treding@nvidia.com>
      Reviewed-by: default avatarLyude Paul <lyude@redhat.com>
      Signed-off-by: default avatarBen Skeggs <bskeggs@redhat.com>
      92256269
    • Dave Airlie's avatar
      Merge tag 'drm-intel-fixes-2018-02-14-1' of... · 8d3c6294
      Dave Airlie authored
      Merge tag 'drm-intel-fixes-2018-02-14-1' of git://anongit.freedesktop.org/drm/drm-intel into drm-fixes
      
      There are important fixes for VLV with MIPI/DSI panels,
      2 clean-up patches needed for this MIPI/DSI fix,
      and many fixes for GEM including fixes for Perf OA and PMU,
      and fixes on scheduler and preemption.
      
      This also includes GVT fixes: "This has one to fix GTT mmio 8b
      access from guest and two simple ones for mmio switch and typo fix"
      
      * tag 'drm-intel-fixes-2018-02-14-1' of git://anongit.freedesktop.org/drm/drm-intel:
        drm/i915: Fix DSI panels with v1 MIPI sequences without a DEASSERT sequence v3
        drm/i915: Free memdup-ed DSI VBT data structures on driver_unload
        drm/i915: Add intel_bios_cleanup() function
        drm/i915/vlv: Add cdclk workaround for DSI
        drm/i915/gvt: fix one typo of render_mmio trace
        drm/i915/gvt: Support BAR0 8-byte reads/writes
        drm/i915/gvt: add 0xe4f0 into gen9 render list
        drm/i915/pmu: Fix building without CONFIG_PM
        drm/i915/pmu: Fix sleep under atomic in RC6 readout
        drm/i915/pmu: Fix PMU enable vs execlists tasklet race
        drm/i915: Lock out execlist tasklet while peeking inside for busy-stats
        drm/i915/breadcrumbs: Ignore unsubmitted signalers
        drm/i915: Don't wake the device up to check if the engine is asleep
        drm/i915: Avoid truncation before clamping userspace's priority value
        drm/i915/perf: Fix compiler warning for string truncation
        drm/i915/perf: Fix compiler warning for string truncation
      8d3c6294
    • Dave Airlie's avatar
      Merge branch 'drm-next-4.16' of git://people.freedesktop.org/~agd5f/linux into drm-fixes · 6bdd5b4e
      Dave Airlie authored
      single atpx fix
      
      * 'drm-next-4.16' of git://people.freedesktop.org/~agd5f/linux:
        drm/amdgpu: add new device to use atpx quirk
      6bdd5b4e