1. 27 Aug, 2020 4 commits
  2. 25 Aug, 2020 4 commits
    • Badhri Jagan Sridharan's avatar
      usb: typec: tcpm: Fix Fix source hard reset response for TDA 2.3.1.1 and TDA 2.3.1.2 failures · 23e26d05
      Badhri Jagan Sridharan authored
      The patch addresses the compliance test failures while running  TDA
      2.3.1.1 and  TDA 2.3.1.2 of the "PD Communications Engine USB PD
      Compliance MOI" test plan published in https://www.usb.org/usbc.
      For a product to be Type-C compliant, it's expected that these tests
      are run on usb.org certified Type-C compliance tester as mentioned in
      https://www.usb.org/usbc.
      
      While the purpose of TDA 2.3.1.1 and  TDA 2.3.1.2 is to verify that
      the static and dynamic electrical capabilities of a Source meet the
      requirements for each PDO offered,  while doing so, the tests also
      monitor that the timing of the VBUS waveform versus the messages meets
      the requirements for Hard Reset defined in PROT-PROC-HR-TSTR as
      mentioned in step 11 of TDA.2.3.1.1 and step 15 of TDA.2.3.1.2.
      
      TDB.2.2.13.1: PROT-PROC-HR-TSTR Procedure and Checks for Tester
      Originated Hard Reset
      Purpose: To perform the appropriate protocol checks relating to any
      circumstance in which the Hard Reset signal is sent by the Tester.
      
      UUT is behaving as source:
      The Tester sends a Hard Reset signal.
      1. Check VBUS stays within present valid voltage range for
      tPSHardReset min (25ms) after last bit of Hard Reset signal.
      [PROT_PROC_HR_TSTR_1]
      2. Check that VBUS starts to fall below present valid voltage range by
      tPSHardReset max (35ms). [PROT_PROC_HR_TSTR_2]
      3. Check that VBUS reaches vSafe0V within tSafe0v max (650 ms).
      [PROT_PROC_HR_TSTR_3]
      4. Check that VBUS starts rising to vSafe5V after a delay of
      tSrcRecover (0.66s - 1s) from reaching vSafe0V. [PROT_PROC_HR_TSTR_4]
      5. Check that VBUS reaches vSafe5V within tSrcTurnOn max (275ms) of
      rising above vSafe0v max (0.8V). [PROT_PROC_HR_TSTR_5] Power Delivery
      Compliance Plan 139 6. Check that Source Capabilities are finished
      sending within tFirstSourceCap max (250ms) of VBUS reaching vSafe5v
      min. [PROT_PROC_HR_TSTR_6].
      
      This is in line with 7.1.5 Response to Hard Resets of the USB Power
      Delivery Specification Revision 3.0, Version 1.2,
      "Hard Reset Signaling indicates a communication failure has occurred
      and the Source Shall stop driving VCONN, Shall remove Rp from the
      VCONN pin and Shall drive VBUS to vSafe0V as shown in Figure 7-9. The
      USB connection May reset during a Hard Reset since the VBUS voltage
      will be less than vSafe5V for an extended period of time. After
      establishing the vSafe0V voltage condition on VBUS, the Source Shall
      wait tSrcRecover before re-applying VCONN and restoring VBUS to
      vSafe5V. A Source Shall conform to the VCONN timing as specified in
      [USB Type-C 1.3]."
      
      With the above guidelines from the spec in mind, TCPM does not turn
      off VCONN while entering SRC_HARD_RESET_VBUS_OFF. The patch makes TCPM
      turn off VCONN while entering SRC_HARD_RESET_VBUS_OFF and turn it back
      on while entering SRC_HARD_RESET_VBUS_ON along with vbus instead of
      having VCONN on through hardreset.
      
      Also, the spec clearly states that "After establishing the vSafe0V
      voltage condition on VBUS",  the Source Shall wait tSrcRecover before
      re-applying VCONN and restoring VBUS to vSafe5V.
      TCPM does not conform to this requirement. If the TCPC driver calls
      tcpm_vbus_change with vbus off signal, TCPM right away enters
      SRC_HARD_RESET_VBUS_ON without waiting for tSrcRecover.
      For TCPC's which are buggy/does not call tcpm_vbus_change, TCPM
      assumes that the vsafe0v is instantaneous as TCPM only waits
      tSrcRecover instead of waiting for tSafe0v + tSrcRecover.
      This patch also fixes this behavior by making sure that TCPM waits for
      tSrcRecover before transitioning into SRC_HARD_RESET_VBUS_ON when
      tcpm_vbus_change is called by TCPC.
      When TCPC does not call tcpm_vbus_change, TCPM assumes the worst case
      i.e.  tSafe0v + tSrcRecover before transitioning into
      SRC_HARD_RESET_VBUS_ON.
      Signed-off-by: default avatarBadhri Jagan Sridharan <badhri@google.com>
      Reviewed-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Reviewed-by: default avatarHeikki Krogerus <heikki.krogerus@linux.intel.com>
      Cc: stable <stable@kernel.org>
      Link: https://lore.kernel.org/r/20200817184601.1899929-1-badhri@google.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      23e26d05
    • 周琰杰 (Zhou Yanjie)'s avatar
      USB: PHY: JZ4770: Fix static checker warning. · 41dd70b3
      周琰杰 (Zhou Yanjie) authored
      The commit 2a6c0b82 ("USB: PHY: JZ4770: Add support for new
      Ingenic SoCs.") introduced the initialization function for different
      chips, but left the relevant code involved in the resetting process
      in the original function, resulting in uninitialized variable calls.
      
      Fixes: 2a6c0b82 ("USB: PHY: JZ4770: Add support for new Ingenic SoCs.").
      Signed-off-by: default avatar周琰杰 (Zhou Yanjie) <zhouyanjie@wanyeetech.com>
      Link: https://lore.kernel.org/r/20200825081654.18186-2-zhouyanjie@wanyeetech.comSigned-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      41dd70b3
    • Brooke Basile's avatar
      USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() · 2b74b0a0
      Brooke Basile authored
      Some values extracted by ncm_unwrap_ntb() could possibly lead to several
      different out of bounds reads of memory.  Specifically the values passed
      to netdev_alloc_skb_ip_align() need to be checked so that memory is not
      overflowed.
      
      Resolve this by applying bounds checking to a number of different
      indexes and lengths of the structure parsing logic.
      Reported-by: default avatarIlja Van Sprundel <ivansprundel@ioactive.com>
      Signed-off-by: default avatarBrooke Basile <brookebasile@gmail.com>
      Acked-by: default avatarFelipe Balbi <balbi@kernel.org>
      Cc: stable <stable@kernel.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      2b74b0a0
    • Brooke Basile's avatar
      USB: gadget: u_f: add overflow checks to VLA macros · b1cd1b65
      Brooke Basile authored
      size can potentially hold an overflowed value if its assigned expression
      is left unchecked, leading to a smaller than needed allocation when
      vla_group_size() is used by callers to allocate memory.
      To fix this, add a test for saturation before declaring variables and an
      overflow check to (n) * sizeof(type).
      If the expression results in overflow, vla_group_size() will return SIZE_MAX.
      Reported-by: default avatarIlja Van Sprundel <ivansprundel@ioactive.com>
      Suggested-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarBrooke Basile <brookebasile@gmail.com>
      Acked-by: default avatarFelipe Balbi <balbi@kernel.org>
      Cc: stable <stable@kernel.org>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      b1cd1b65
  3. 23 Aug, 2020 3 commits
  4. 19 Aug, 2020 3 commits
  5. 18 Aug, 2020 15 commits
  6. 17 Aug, 2020 4 commits
  7. 16 Aug, 2020 6 commits
    • Linus Torvalds's avatar
      Linux 5.9-rc1 · 9123e3a7
      Linus Torvalds authored
      9123e3a7
    • Linus Torvalds's avatar
      Merge tag 'io_uring-5.9-2020-08-15' of git://git.kernel.dk/linux-block · 2cc3c4b3
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
       "A few differerent things in here.
      
        Seems like syzbot got some more io_uring bits wired up, and we got a
        handful of reports and the associated fixes are in here.
      
        General fixes too, and a lot of them marked for stable.
      
        Lastly, a bit of fallout from the async buffered reads, where we now
        more easily trigger short reads. Some applications don't really like
        that, so the io_read() code now handles short reads internally, and
        got a cleanup along the way so that it's now easier to read (and
        documented). We're now passing tests that failed before"
      
      * tag 'io_uring-5.9-2020-08-15' of git://git.kernel.dk/linux-block:
        io_uring: short circuit -EAGAIN for blocking read attempt
        io_uring: sanitize double poll handling
        io_uring: internally retry short reads
        io_uring: retain iov_iter state over io_read/io_write calls
        task_work: only grab task signal lock when needed
        io_uring: enable lookup of links holding inflight files
        io_uring: fail poll arm on queue proc failure
        io_uring: hold 'ctx' reference around task_work queue + execute
        fs: RWF_NOWAIT should imply IOCB_NOIO
        io_uring: defer file table grabbing request cleanup for locked requests
        io_uring: add missing REQ_F_COMP_LOCKED for nested requests
        io_uring: fix recursive completion locking on oveflow flush
        io_uring: use TWA_SIGNAL for task_work uncondtionally
        io_uring: account locked memory before potential error case
        io_uring: set ctx sq/cq entry count earlier
        io_uring: Fix NULL pointer dereference in loop_rw_iter()
        io_uring: add comments on how the async buffered read retry works
        io_uring: io_async_buf_func() need not test page bit
      2cc3c4b3
    • Mike Rapoport's avatar
      parisc: fix PMD pages allocation by restoring pmd_alloc_one() · 6f6aea7e
      Mike Rapoport authored
      Commit 1355c31e ("asm-generic: pgalloc: provide generic pmd_alloc_one()
      and pmd_free_one()") converted parisc to use generic version of
      pmd_alloc_one() but it missed the fact that parisc uses order-1 pages for
      PMD.
      
      Restore the original version of pmd_alloc_one() for parisc, just use
      GFP_PGTABLE_KERNEL that implies __GFP_ZERO instead of GFP_KERNEL and
      memset.
      
      Fixes: 1355c31e ("asm-generic: pgalloc: provide generic pmd_alloc_one() and pmd_free_one()")
      Reported-by: default avatarMeelis Roos <mroos@linux.ee>
      Signed-off-by: default avatarMike Rapoport <rppt@linux.ibm.com>
      Tested-by: default avatarMeelis Roos <mroos@linux.ee>
      Reviewed-by: default avatarMatthew Wilcox (Oracle) <willy@infradead.org>
      Link: https://lkml.kernel.org/r/9f2b5ebd-e4a4-0fa1-6cd3-4b9f6892d1ad@linux.eeSigned-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6f6aea7e
    • Linus Torvalds's avatar
      Merge tag 'block-5.9-2020-08-14' of git://git.kernel.dk/linux-block · 4b6c093e
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
       "A few fixes on the block side of things:
      
         - Discard granularity fix (Coly)
      
         - rnbd cleanups (Guoqing)
      
         - md error handling fix (Dan)
      
         - md sysfs fix (Junxiao)
      
         - Fix flush request accounting, which caused an IO slowdown for some
           configurations (Ming)
      
         - Properly propagate loop flag for partition scanning (Lennart)"
      
      * tag 'block-5.9-2020-08-14' of git://git.kernel.dk/linux-block:
        block: fix double account of flush request's driver tag
        loop: unset GENHD_FL_NO_PART_SCAN on LOOP_CONFIGURE
        rnbd: no need to set bi_end_io in rnbd_bio_map_kern
        rnbd: remove rnbd_dev_submit_io
        md-cluster: Fix potential error pointer dereference in resize_bitmaps()
        block: check queue's limits.discard_granularity in __blkdev_issue_discard()
        md: get sysfs entry after redundancy attr group create
      4b6c093e
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-5.9-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux · d84835b1
      Linus Torvalds authored
      Pull RISC-V fix from Palmer Dabbelt:
       "I collected a single fix during the merge window: we managed to break
        the early trap setup on !MMU, this fixes it"
      
      * tag 'riscv-for-linus-5.9-mw1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
        riscv: Setup exception vector for nommu platform
      d84835b1
    • Linus Torvalds's avatar
      Merge tag 'sh-for-5.9' of git://git.libc.org/linux-sh · 5bbec3cf
      Linus Torvalds authored
      Pull arch/sh updates from Rich Felker:
       "Cleanup, SECCOMP_FILTER support, message printing fixes, and other
        changes to arch/sh"
      
      * tag 'sh-for-5.9' of git://git.libc.org/linux-sh: (34 commits)
        sh: landisk: Add missing initialization of sh_io_port_base
        sh: bring syscall_set_return_value in line with other architectures
        sh: Add SECCOMP_FILTER
        sh: Rearrange blocks in entry-common.S
        sh: switch to copy_thread_tls()
        sh: use the generic dma coherent remap allocator
        sh: don't allow non-coherent DMA for NOMMU
        dma-mapping: consolidate the NO_DMA definition in kernel/dma/Kconfig
        sh: unexport register_trapped_io and match_trapped_io_handler
        sh: don't include <asm/io_trapped.h> in <asm/io.h>
        sh: move the ioremap implementation out of line
        sh: move ioremap_fixed details out of <asm/io.h>
        sh: remove __KERNEL__ ifdefs from non-UAPI headers
        sh: sort the selects for SUPERH alphabetically
        sh: remove -Werror from Makefiles
        sh: Replace HTTP links with HTTPS ones
        arch/sh/configs: remove obsolete CONFIG_SOC_CAMERA*
        sh: stacktrace: Remove stacktrace_ops.stack()
        sh: machvec: Modernize printing of kernel messages
        sh: pci: Modernize printing of kernel messages
        ...
      5bbec3cf
  8. 15 Aug, 2020 1 commit
    • Jens Axboe's avatar
      io_uring: short circuit -EAGAIN for blocking read attempt · f91daf56
      Jens Axboe authored
      One case was missed in the short IO retry handling, and that's hitting
      -EAGAIN on a blocking attempt read (eg from io-wq context). This is a
      problem on sockets that are marked as non-blocking when created, they
      don't carry any REQ_F_NOWAIT information to help us terminate them
      instead of perpetually retrying.
      
      Fixes: 227c0c96 ("io_uring: internally retry short reads")
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      f91daf56