1. 15 Aug, 2018 5 commits
  2. 09 Aug, 2018 18 commits
  3. 06 Aug, 2018 17 commits
    • Greg Kroah-Hartman's avatar
      Linux 4.9.118 · e01202b3
      Greg Kroah-Hartman authored
      e01202b3
    • Tony Battersby's avatar
      scsi: sg: fix minor memory leak in error path · 0ff94fb9
      Tony Battersby authored
      commit c170e5a8 upstream.
      
      Fix a minor memory leak when there is an error opening a /dev/sg device.
      
      Fixes: cc833acb ("sg: O_EXCL and other lock handling")
      Cc: <stable@vger.kernel.org>
      Reviewed-by: default avatarEwan D. Milne <emilne@redhat.com>
      Signed-off-by: default avatarTony Battersby <tonyb@cybernetics.com>
      Reviewed-by: default avatarBart Van Assche <bart.vanassche@wdc.com>
      Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      0ff94fb9
    • Boris Brezillon's avatar
      drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats · e79a2db2
      Boris Brezillon authored
      commit a6a00918 upstream.
      
      This is needed to ensure ->is_unity is correct when the plane was
      previously configured to output a multi-planar format with scaling
      enabled, and is then being reconfigured to output a uniplanar format.
      
      Fixes: fc04023f ("drm/vc4: Add support for YUV planes.")
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarBoris Brezillon <boris.brezillon@bootlin.com>
      Reviewed-by: default avatarEric Anholt <eric@anholt.net>
      Link: https://patchwork.freedesktop.org/patch/msgid/20180724133601.32114-1-boris.brezillon@bootlin.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      e79a2db2
    • Herbert Xu's avatar
      crypto: padlock-aes - Fix Nano workaround data corruption · 804f510b
      Herbert Xu authored
      commit 46d8c4b2 upstream.
      
      This was detected by the self-test thanks to Ard's chunking patch.
      
      I finally got around to testing this out on my ancient Via box.  It
      turns out that the workaround got the assembly wrong and we end up
      doing count + initial cycles of the loop instead of just count.
      
      This obviously causes corruption, either by overwriting the source
      that is yet to be processed, or writing over the end of the buffer.
      
      On CPUs that don't require the workaround only ECB is affected.
      On Nano CPUs both ECB and CBC are affected.
      
      This patch fixes it by doing the subtraction prior to the assembly.
      
      Fixes: a76c1c23 ("crypto: padlock-aes - work around Nano CPU...")
      Cc: <stable@vger.kernel.org>
      Reported-by: default avatarJamie Heilman <jamie@audible.transient.net>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      804f510b
    • Roman Kagan's avatar
      kvm: x86: vmx: fix vpid leak · 020a90f6
      Roman Kagan authored
      commit 63aff655 upstream.
      
      VPID for the nested vcpu is allocated at vmx_create_vcpu whenever nested
      vmx is turned on with the module parameter.
      
      However, it's only freed if the L1 guest has executed VMXON which is not
      a given.
      
      As a result, on a system with nested==on every creation+deletion of an
      L1 vcpu without running an L2 guest results in leaking one vpid.  Since
      the total number of vpids is limited to 64k, they can eventually get
      exhausted, preventing L2 from starting.
      
      Delay allocation of the L2 vpid until VMXON emulation, thus matching its
      freeing.
      
      Fixes: 5c614b35
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarRoman Kagan <rkagan@virtuozzo.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      020a90f6
    • Jiang Biao's avatar
      virtio_balloon: fix another race between migration and ballooning · 1d433144
      Jiang Biao authored
      commit 89da619b upstream.
      
      Kernel panic when with high memory pressure, calltrace looks like,
      
      PID: 21439 TASK: ffff881be3afedd0 CPU: 16 COMMAND: "java"
       #0 [ffff881ec7ed7630] machine_kexec at ffffffff81059beb
       #1 [ffff881ec7ed7690] __crash_kexec at ffffffff81105942
       #2 [ffff881ec7ed7760] crash_kexec at ffffffff81105a30
       #3 [ffff881ec7ed7778] oops_end at ffffffff816902c8
       #4 [ffff881ec7ed77a0] no_context at ffffffff8167ff46
       #5 [ffff881ec7ed77f0] __bad_area_nosemaphore at ffffffff8167ffdc
       #6 [ffff881ec7ed7838] __node_set at ffffffff81680300
       #7 [ffff881ec7ed7860] __do_page_fault at ffffffff8169320f
       #8 [ffff881ec7ed78c0] do_page_fault at ffffffff816932b5
       #9 [ffff881ec7ed78f0] page_fault at ffffffff8168f4c8
          [exception RIP: _raw_spin_lock_irqsave+47]
          RIP: ffffffff8168edef RSP: ffff881ec7ed79a8 RFLAGS: 00010046
          RAX: 0000000000000246 RBX: ffffea0019740d00 RCX: ffff881ec7ed7fd8
          RDX: 0000000000020000 RSI: 0000000000000016 RDI: 0000000000000008
          RBP: ffff881ec7ed79a8 R8: 0000000000000246 R9: 000000000001a098
          R10: ffff88107ffda000 R11: 0000000000000000 R12: 0000000000000000
          R13: 0000000000000008 R14: ffff881ec7ed7a80 R15: ffff881be3afedd0
          ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
      
      It happens in the pagefault and results in double pagefault
      during compacting pages when memory allocation fails.
      
      Analysed the vmcore, the page leads to second pagefault is corrupted
      with _mapcount=-256, but private=0.
      
      It's caused by the race between migration and ballooning, and lock
      missing in virtballoon_migratepage() of virtio_balloon driver.
      This patch fix the bug.
      
      Fixes: e2250429 ("virtio_balloon: introduce migration primitives to balloon pages")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarJiang Biao <jiang.biao2@zte.com.cn>
      Signed-off-by: default avatarHuang Chong <huang.chong@zte.com.cn>
      Signed-off-by: default avatarMichael S. Tsirkin <mst@redhat.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      1d433144
    • Jeremy Cline's avatar
      net: socket: fix potential spectre v1 gadget in socketcall · 9a492f8c
      Jeremy Cline authored
      commit c8e8cd57 upstream.
      
      'call' is a user-controlled value, so sanitize the array index after the
      bounds check to avoid speculating past the bounds of the 'nargs' array.
      
      Found with the help of Smatch:
      
      net/socket.c:2508 __do_sys_socketcall() warn: potential spectre issue
      'nargs' [r] (local cap)
      
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarJeremy Cline <jcline@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      9a492f8c
    • Anton Vasilyev's avatar
      can: ems_usb: Fix memory leak on ems_usb_disconnect() · 18d97180
      Anton Vasilyev authored
      commit 72c05f32 upstream.
      
      ems_usb_probe() allocates memory for dev->tx_msg_buffer, but there
      is no its deallocation in ems_usb_disconnect().
      
      Found by Linux Driver Verification project (linuxtesting.org).
      Signed-off-by: default avatarAnton Vasilyev <vasilyev@ispras.ru>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      18d97180
    • Linus Torvalds's avatar
      squashfs: more metadata hardenings · 52cd8f37
      Linus Torvalds authored
      commit 71755ee5 upstream.
      
      The squashfs fragment reading code doesn't actually verify that the
      fragment is inside the fragment table.  The end result _is_ verified to
      be inside the image when actually reading the fragment data, but before
      that is done, we may end up taking a page fault because the fragment
      table itself might not even exist.
      
      Another report from Anatoly and his endless squashfs image fuzzing.
      Reported-by: default avatarАнатолий Тросиненко <anatoly.trosinenko@gmail.com>
      Acked-by:: Phillip Lougher <phillip.lougher@gmail.com>,
      Cc: Willy Tarreau <w@1wt.eu>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      52cd8f37
    • Linus Torvalds's avatar
      squashfs: more metadata hardening · 3abef060
      Linus Torvalds authored
      commit d5125847 upstream.
      
      Anatoly reports another squashfs fuzzing issue, where the decompression
      parameters themselves are in a compressed block.
      
      This causes squashfs_read_data() to be called in order to read the
      decompression options before the decompression stream having been set
      up, making squashfs go sideways.
      Reported-by: default avatarAnatoly Trosinenko <anatoly.trosinenko@gmail.com>
      Acked-by: default avatarPhillip Lougher <phillip.lougher@gmail.com>
      Cc: stable@kernel.org
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      3abef060
    • Jose Abreu's avatar
      net: stmmac: Fix WoL for PCI-based setups · c9bd4fd4
      Jose Abreu authored
      [ Upstream commit b7d0f08e ]
      
      WoL won't work in PCI-based setups because we are not saving the PCI EP
      state before entering suspend state and not allowing D3 wake.
      
      Fix this by using a wrapper around stmmac_{suspend/resume} which
      correctly sets the PCI EP state.
      Signed-off-by: default avatarJose Abreu <joabreu@synopsys.com>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Joao Pinto <jpinto@synopsys.com>
      Cc: Giuseppe Cavallaro <peppe.cavallaro@st.com>
      Cc: Alexandre Torgue <alexandre.torgue@st.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      c9bd4fd4
    • Jeremy Cline's avatar
      netlink: Fix spectre v1 gadget in netlink_create() · 67f0a288
      Jeremy Cline authored
      [ Upstream commit bc5b6c0b ]
      
      'protocol' is a user-controlled value, so sanitize it after the bounds
      check to avoid using it for speculative out-of-bounds access to arrays
      indexed by it.
      
      This addresses the following accesses detected with the help of smatch:
      
      * net/netlink/af_netlink.c:654 __netlink_create() warn: potential
        spectre issue 'nlk_cb_mutex_keys' [w]
      
      * net/netlink/af_netlink.c:654 __netlink_create() warn: potential
        spectre issue 'nlk_cb_mutex_key_strings' [w]
      
      * net/netlink/af_netlink.c:685 netlink_create() warn: potential spectre
        issue 'nl_table' [w] (local cap)
      
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Signed-off-by: default avatarJeremy Cline <jcline@redhat.com>
      Reviewed-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      67f0a288
    • Florian Fainelli's avatar
      net: dsa: Do not suspend/resume closed slave_dev · ab9a0f80
      Florian Fainelli authored
      [ Upstream commit a94c689e ]
      
      If a DSA slave network device was previously disabled, there is no need
      to suspend or resume it.
      
      Fixes: 24462549 ("net: dsa: allow switch drivers to implement suspend/resume hooks")
      Signed-off-by: default avatarFlorian Fainelli <f.fainelli@gmail.com>
      Reviewed-by: default avatarAndrew Lunn <andrew@lunn.ch>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      ab9a0f80
    • Eric Dumazet's avatar
      ipv4: frags: handle possible skb truesize change · d59dcdf1
      Eric Dumazet authored
      [ Upstream commit 4672694b ]
      
      ip_frag_queue() might call pskb_pull() on one skb that
      is already in the fragment queue.
      
      We need to take care of possible truesize change, or we
      might have an imbalance of the netns frags memory usage.
      
      IPv6 is immune to this bug, because RFC5722, Section 4,
      amended by Errata ID 3089 states :
      
        When reassembling an IPv6 datagram, if
        one or more its constituent fragments is determined to be an
        overlapping fragment, the entire datagram (and any constituent
        fragments) MUST be silently discarded.
      
      Fixes: 158f323b ("net: adjust skb->truesize in pskb_expand_head()")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      d59dcdf1
    • Eric Dumazet's avatar
      inet: frag: enforce memory limits earlier · c5282a03
      Eric Dumazet authored
      [ Upstream commit 56e2c94f ]
      
      We currently check current frags memory usage only when
      a new frag queue is created. This allows attackers to first
      consume the memory budget (default : 4 MB) creating thousands
      of frag queues, then sending tiny skbs to exceed high_thresh
      limit by 2 to 3 order of magnitude.
      
      Note that before commit 648700f7 ("inet: frags: use rhashtables
      for reassembly units"), work queue could be starved under DOS,
      getting no cpu cycles.
      After commit 648700f7, only the per frag queue timer can eventually
      remove an incomplete frag queue and its skbs.
      
      Fixes: b13d3cbf ("inet: frag: move eviction of queues to work queue")
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Reported-by: default avatarJann Horn <jannh@google.com>
      Cc: Florian Westphal <fw@strlen.de>
      Cc: Peter Oskolkov <posk@google.com>
      Cc: Paolo Abeni <pabeni@redhat.com>
      Acked-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      c5282a03
    • Eric Dumazet's avatar
      bonding: avoid lockdep confusion in bond_get_stats() · 7142fdb6
      Eric Dumazet authored
      [ Upstream commit 7e2556e4 ]
      
      syzbot found that the following sequence produces a LOCKDEP splat [1]
      
      ip link add bond10 type bond
      ip link add bond11 type bond
      ip link set bond11 master bond10
      
      To fix this, we can use the already provided nest_level.
      
      This patch also provides correct nesting for dev->addr_list_lock
      
      [1]
      WARNING: possible recursive locking detected
      4.18.0-rc6+ #167 Not tainted
      --------------------------------------------
      syz-executor751/4439 is trying to acquire lock:
      (____ptrval____) (&(&bond->stats_lock)->rlock){+.+.}, at: spin_lock include/linux/spinlock.h:310 [inline]
      (____ptrval____) (&(&bond->stats_lock)->rlock){+.+.}, at: bond_get_stats+0xb4/0x560 drivers/net/bonding/bond_main.c:3426
      
      but task is already holding lock:
      (____ptrval____) (&(&bond->stats_lock)->rlock){+.+.}, at: spin_lock include/linux/spinlock.h:310 [inline]
      (____ptrval____) (&(&bond->stats_lock)->rlock){+.+.}, at: bond_get_stats+0xb4/0x560 drivers/net/bonding/bond_main.c:3426
      
      other info that might help us debug this:
       Possible unsafe locking scenario:
      
             CPU0
             ----
        lock(&(&bond->stats_lock)->rlock);
        lock(&(&bond->stats_lock)->rlock);
      
       *** DEADLOCK ***
      
       May be due to missing lock nesting notation
      
      3 locks held by syz-executor751/4439:
       #0: (____ptrval____) (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
       #1: (____ptrval____) (&(&bond->stats_lock)->rlock){+.+.}, at: spin_lock include/linux/spinlock.h:310 [inline]
       #1: (____ptrval____) (&(&bond->stats_lock)->rlock){+.+.}, at: bond_get_stats+0xb4/0x560 drivers/net/bonding/bond_main.c:3426
       #2: (____ptrval____) (rcu_read_lock){....}, at: bond_get_stats+0x0/0x560 include/linux/compiler.h:215
      
      stack backtrace:
      CPU: 0 PID: 4439 Comm: syz-executor751 Not tainted 4.18.0-rc6+ #167
      Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
      Call Trace:
       __dump_stack lib/dump_stack.c:77 [inline]
       dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
       print_deadlock_bug kernel/locking/lockdep.c:1765 [inline]
       check_deadlock kernel/locking/lockdep.c:1809 [inline]
       validate_chain kernel/locking/lockdep.c:2405 [inline]
       __lock_acquire.cold.64+0x1fb/0x486 kernel/locking/lockdep.c:3435
       lock_acquire+0x1e4/0x540 kernel/locking/lockdep.c:3924
       __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
       _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144
       spin_lock include/linux/spinlock.h:310 [inline]
       bond_get_stats+0xb4/0x560 drivers/net/bonding/bond_main.c:3426
       dev_get_stats+0x10f/0x470 net/core/dev.c:8316
       bond_get_stats+0x232/0x560 drivers/net/bonding/bond_main.c:3432
       dev_get_stats+0x10f/0x470 net/core/dev.c:8316
       rtnl_fill_stats+0x4d/0xac0 net/core/rtnetlink.c:1169
       rtnl_fill_ifinfo+0x1aa6/0x3fb0 net/core/rtnetlink.c:1611
       rtmsg_ifinfo_build_skb+0xc8/0x190 net/core/rtnetlink.c:3268
       rtmsg_ifinfo_event.part.30+0x45/0xe0 net/core/rtnetlink.c:3300
       rtmsg_ifinfo_event net/core/rtnetlink.c:3297 [inline]
       rtnetlink_event+0x144/0x170 net/core/rtnetlink.c:4716
       notifier_call_chain+0x180/0x390 kernel/notifier.c:93
       __raw_notifier_call_chain kernel/notifier.c:394 [inline]
       raw_notifier_call_chain+0x2d/0x40 kernel/notifier.c:401
       call_netdevice_notifiers_info+0x3f/0x90 net/core/dev.c:1735
       call_netdevice_notifiers net/core/dev.c:1753 [inline]
       netdev_features_change net/core/dev.c:1321 [inline]
       netdev_change_features+0xb3/0x110 net/core/dev.c:7759
       bond_compute_features.isra.47+0x585/0xa50 drivers/net/bonding/bond_main.c:1120
       bond_enslave+0x1b25/0x5da0 drivers/net/bonding/bond_main.c:1755
       bond_do_ioctl+0x7cb/0xae0 drivers/net/bonding/bond_main.c:3528
       dev_ifsioc+0x43c/0xb30 net/core/dev_ioctl.c:327
       dev_ioctl+0x1b5/0xcc0 net/core/dev_ioctl.c:493
       sock_do_ioctl+0x1d3/0x3e0 net/socket.c:992
       sock_ioctl+0x30d/0x680 net/socket.c:1093
       vfs_ioctl fs/ioctl.c:46 [inline]
       file_ioctl fs/ioctl.c:500 [inline]
       do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
       ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
       __do_sys_ioctl fs/ioctl.c:708 [inline]
       __se_sys_ioctl fs/ioctl.c:706 [inline]
       __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
       do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
       entry_SYSCALL_64_after_hwframe+0x49/0xbe
      RIP: 0033:0x440859
      Code: e8 2c af 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
      RSP: 002b:00007ffc51a92878 EFLAGS: 00000213 ORIG_RAX: 0000000000000010
      RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440859
      RDX: 0000000020000040 RSI: 0000000000008990 RDI: 0000000000000003
      RBP: 0000000000000000 R08: 00000000004002c8 R09: 00000000004002c8
      R10: 00000000022d5880 R11: 0000000000000213 R12: 0000000000007390
      R13: 0000000000401db0 R14: 0000000000000000 R15: 0000000000000000
      Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
      Cc: Jay Vosburgh <j.vosburgh@gmail.com>
      Cc: Veaceslav Falico <vfalico@gmail.com>
      Cc: Andy Gospodarek <andy@greyhouse.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      7142fdb6
    • Boqun Feng's avatar
      sched/wait: Remove the lockless swait_active() check in swake_up*() · 047f9d6a
      Boqun Feng authored
      commit 35a2897c upstream.
      
      Steven Rostedt reported a potential race in RCU core because of
      swake_up():
      
              CPU0                            CPU1
              ----                            ----
                                      __call_rcu_core() {
      
                                       spin_lock(rnp_root)
                                       need_wake = __rcu_start_gp() {
                                        rcu_start_gp_advanced() {
                                         gp_flags = FLAG_INIT
                                        }
                                       }
      
       rcu_gp_kthread() {
         swait_event_interruptible(wq,
              gp_flags & FLAG_INIT) {
         spin_lock(q->lock)
      
                                      *fetch wq->task_list here! *
      
         list_add(wq->task_list, q->task_list)
         spin_unlock(q->lock);
      
         *fetch old value of gp_flags here *
      
                                       spin_unlock(rnp_root)
      
                                       rcu_gp_kthread_wake() {
                                        swake_up(wq) {
                                         swait_active(wq) {
                                          list_empty(wq->task_list)
      
                                         } * return false *
      
        if (condition) * false *
          schedule();
      
      In this case, a wakeup is missed, which could cause the rcu_gp_kthread
      waits for a long time.
      
      The reason of this is that we do a lockless swait_active() check in
      swake_up(). To fix this, we can either 1) add a smp_mb() in swake_up()
      before swait_active() to provide the proper order or 2) simply remove
      the swait_active() in swake_up().
      
      The solution 2 not only fixes this problem but also keeps the swait and
      wait API as close as possible, as wake_up() doesn't provide a full
      barrier and doesn't do a lockless check of the wait queue either.
      Moreover, there are users already using swait_active() to do their quick
      checks for the wait queues, so it make less sense that swake_up() and
      swake_up_all() do this on their own.
      
      This patch then removes the lockless swait_active() check in swake_up()
      and swake_up_all().
      Reported-by: default avatarSteven Rostedt <rostedt@goodmis.org>
      Signed-off-by: default avatarBoqun Feng <boqun.feng@gmail.com>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Krister Johansen <kjlx@templeofstupid.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
      Cc: Paul Gortmaker <paul.gortmaker@windriver.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Link: http://lkml.kernel.org/r/20170615041828.zk3a3sfyudm5p6nl@tardisSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      Cc: David Chen <david.chen@nutanix.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      047f9d6a