- 18 Jul, 2016 3 commits
-
-
Mat Martineau authored
Arbitrary X.509 certificates without authority key identifiers (AKIs) can be added to "trusted" keyrings, including IMA or EVM certs loaded from the filesystem. Signature verification is currently bypassed for certs without AKIs. Trusted keys were recently refactored, and this bug is not present in 4.6. restrict_link_by_signature should return -ENOKEY (no matching parent certificate found) if the certificate being evaluated has no AKIs, instead of bypassing signature checks and returning 0 (new certificate accepted). Reported-by:
Petko Manolov <petkan@mip-labs.com> Signed-off-by:
Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by:
David Howells <dhowells@redhat.com> Signed-off-by:
James Morris <james.l.morris@oracle.com>
-
Lans Zhang authored
Commit e68503bd forgot to set digest_len and thus cause the following error reported by kexec when launching a crash kernel: kexec_file_load failed: Bad message Fixes: e68503bd (KEYS: Generalise system_verify_data() to provide access to internal content) Signed-off-by:
Lans Zhang <jia.zhang@windriver.com> Tested-by:
Dave Young <dyoung@redhat.com> Signed-off-by:
-
Lans Zhang authored
This fix resolves the following kernel panic if an empty or missing AuthorityKeyIdentifier is encountered and DEBUG is defined in pkcs7_verify.c. [ 459.041989] PKEY: <==public_key_verify_signature() = 0 [ 459.041993] PKCS7: Verified signature 1 [ 459.041995] PKCS7: ==> pkcs7_verify_sig_chain() [ 459.041999] PKCS7: verify Sample DB Certificate for SCP: 01 [ 459.042002] PKCS7: - issuer Sample KEK Certificate for SCP [ 459.042014] BUG: unable to handle kernel NULL pointer dereference at (null) [ 459.042135] IP: [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0 [ 459.042217] PGD 739e6067 PUD 77719067 PMD 0 [ 459.042286] Oops: 0000 [#1] PREEMPT SMP [ 459.042328] Modules linked in: [ 459.042368] CPU: 0 PID: 474 Comm: kexec Not tainted 4.7.0-rc7-WR8.0.0.0_standard+ #18 [ 459.042462] Hardware name: To be filled by O.E.M. To be filled by O.E.M./Aptio CRB, BIOS 5.6.5 10/09/2014 [ 459.042586] task: ffff880073a50000 ti: ffff8800738e8000 task.ti: ffff8800738e8000 [ 459.042675] RIP: 0010:[<ffffffff813e7b4c>] [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0 [ 459.042784] RSP: 0018:ffff8800738ebd58 EFLAGS: 00010246 [ 459.042845] RAX: 0000000000000000 RBX: ffff880076b7da80 RCX: 0000000000000006 [ 459.042929] RDX: 0000000000000001 RSI: ffffffff81c85001 RDI: ffffffff81ca00a9 [ 459.043014] RBP: ffff8800738ebd98 R08: 0000000000000400 R09: ffff8800788a304c [ 459.043098] R10: 0000000000000000 R11: 00000000000060ca R12: ffff8800769a2bc0 [ 459.043182] R13: ffff880077358300 R14: 0000000000000000 R15: ffff8800769a2dc0 [ 459.043268] FS: 00007f24cc741700(0000) GS:ffff880074e00000(0000) knlGS:0000000000000000 [ 459.043365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 459.043431] CR2: 0000000000000000 CR3: 0000000073a36000 CR4: 00000000001006f0 [ 459.043514] Stack: [ 459.043530] 0000000000000000 ffffffbf00000020 31ffffff813e68b0 0000000000000002 [ 459.043644] ffff8800769a2bc0 0000000000000000 00000000007197b8 0000000000000002 [ 459.043756] ffff8800738ebdd8 ffffffff81153fb1 0000000000000000 0000000000000000 [ 459.043869] Call Trace: [ 459.043898] [<ffffffff81153fb1>] verify_pkcs7_signature+0x61/0x140 [ 459.043974] [<ffffffff813e7f0b>] verify_pefile_signature+0x2cb/0x830 [ 459.044052] [<ffffffff813e8470>] ? verify_pefile_signature+0x830/0x830 [ 459.044134] [<ffffffff81048e25>] bzImage64_verify_sig+0x15/0x20 [ 459.046332] [<ffffffff81046e09>] arch_kexec_kernel_verify_sig+0x29/0x40 [ 459.048552] [<ffffffff810f10e4>] SyS_kexec_file_load+0x1f4/0x6c0 [ 459.050768] [<ffffffff81050e36>] ? __do_page_fault+0x1b6/0x550 [ 459.052996] [<ffffffff8199241f>] entry_SYSCALL_64_fastpath+0x17/0x93 [ 459.055242] Code: e8 0a d6 ff ff 85 c0 0f 88 7a fb ff ff 4d 39 fd 4d 89 7d 08 74 45 4d 89 fd e9 14 fe ff ff 4d 8b 76 08 31 c0 48 c7 c7 a9 00 ca 81 <41> 0f b7 36 49 8d 56 02 e8 d0 91 d6 ff 4d 8b 3c 24 4d 85 ff 0f [ 459.060535] RIP [<ffffffff813e7b4c>] pkcs7_verify+0x72c/0x7f0 [ 459.063040] RSP <ffff8800738ebd58> [ 459.065456] CR2: 0000000000000000 [ 459.075998] ---[ end trace c15f0e897cda28dc ]--- Signed-off-by:
-
- 16 Jul, 2016 1 commit
-
-
git://git.infradead.org/linux-mtdLinus Torvalds authored
Pull MTD fix from Brian Norris: "Late MTD fix for v4.7: One regression in the Device Tree handling for OMAP NAND handling of the ELM node. TI migrated to using the property name "ti,elm-id", but forgot to keep compatibility with the old "elm_id" property. Also, might as well send out this MAINTAINERS fixup now" * tag 'for-linus-20160715' of git://git.infradead.org/linux-mtd: mtd: nand: omap2: Add check for old elm binding MAINTAINERS: Add file patterns for mtd device tree bindings
-
- 15 Jul, 2016 33 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/dtor/inputLinus Torvalds authored
Pull input fixes from Dmitry Torokhov: "A few last-minute updates for the input subsystem" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: Input: ts4800-ts - add missing of_node_put after calling of_parse_phandle Input: synaptics-rmi4 - use of_get_child_by_name() to fix refcount Revert "Input: wacom_w8001 - drop use of ABS_MT_TOOL_TYPE" Input: xpad - validate USB endpoint count during probe Input: add SW_PEN_INSERTED define
-
git://git.kernel.org/pub/scm/linux/kernel/git/tj/wqLinus Torvalds authored
Pull workqueue fix from Tejun Heo: "The optimization for setting unbound worker affinity masks collided with recent scheduler changes triggering warning messages. This late pull request fixes the bug by removing the optimization" * 'for-4.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: workqueue: Fix setting affinity of unbound worker threads
-
Jann Horn authored
Without this check, the following XFS_I invocations would return bad pointers when used on non-XFS inodes (perhaps pointers into preceding allocator chunks). This could be used by an attacker to trick xfs_swap_extents into performing locking operations on attacker-chosen structures in kernel memory, potentially leading to code execution in the kernel. (I have not investigated how likely this is to be usable for an attack in practice.) Signed-off-by:
Jann Horn <jann@thejh.net> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Dave Chinner <david@fromorbit.com> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
James Patrick-Evans authored
Fix a memory leak on probe error of the airspy usb device driver. The problem is triggered when more than 64 usb devices register with v4l2 of type VFL_TYPE_SDR or VFL_TYPE_SUBDEV. The memory leak is caused by the probe function of the airspy driver mishandeling errors and not freeing the corresponding control structures when an error occours registering the device to v4l2 core. A badusb device can emulate 64 of these devices, and then through continual emulated connect/disconnect of the 65th device, cause the kernel to run out of RAM and crash the kernel, thus causing a local DOS vulnerability. Fixes CVE-2016-5400 Signed-off-by:
James Patrick-Evans <james@jmp-e.com> Reviewed-by:
Kees Cook <keescook@chromium.org> Cc: stable@vger.kernel.org # 3.17+ Signed-off-by:
-
Tony Luck authored
In commit 2c1ea4c7 ("EDAC, sb_edac: Use cpu family/model in driver detection") I broke Knights Landing because I failed to notice that it called a wrapper macro "sbridge_get_all_devices_knl" instead of "sbridge_get_all_devices" like all the other types. Now that we include the processor type in the pci_id_table structure we can skip the wrappers and just have the sbridge_get_all_devices() check the type to decide whether to allow duplicate devices and controllers to have registers spread across buses. Fixes: 2c1ea4c7 ("EDAC, sb_edac: Use cpu family/model in driver detection") Tested-by:
Lukasz Odzioba <lukasz.odzioba@intel.com> Acked-by:
Aristeu Rozanski <aris@redhat.com> Signed-off-by:
Tony Luck <tony.luck@intel.com> Signed-off-by:
-
Peter Chen authored
of_node_put needs to be called when the device node which is got from of_parse_phandle has finished using. Signed-off-by:
Peter Chen <peter.chen@nxp.com> Signed-off-by:
Dmitry Torokhov <dmitry.torokhov@gmail.com>
-
Linus Torvalds authored
Merge misc fixes from Andrew Morton: "20 fixes" * emailed patches from Andrew Morton <akpm@linux-foundation.org>: m32r: fix build warning about putc mm: workingset: printk missing log level, use pr_info() mm: thp: refix false positive BUG in page_move_anon_rmap() mm: rmap: call page_check_address() with sync enabled to avoid racy check mm: thp: move pmd check inside ptl for freeze_page() vmlinux.lds: account for destructor sections gcov: add support for gcc version >= 6 mm, meminit: ensure node is online before checking whether pages are uninitialised mm, meminit: always return a valid node from early_pfn_to_nid kasan/quarantine: fix bugs on qlist_move_cache() uapi: export lirc.h header madvise_free, thp: fix madvise_free_huge_pmd return value after splitting Revert "scripts/gdb: add documentation example for radix tree" Revert "scripts/gdb: add a Radix Tree Parser" scripts/gdb: Perform path expansion to lx-symbol's arguments scripts/gdb: add constants.py to .gitignore scripts/gdb: rebuild constants.py on dependancy change scripts/gdb: silence 'nothing to do' message kasan: add newline to messages mm, compaction: prevent VM_BUG_ON when terminating freeing scanner
-
git://git.kernel.org/pub/scm/linux/kernel/git/dledford/rdmaLinus Torvalds authored
Pull rdma fixes from Doug Ledford: "Round three of 4.7 rc fixes: - two fixes for hfi1 - two fixes for i40iw - one omission correction in the port table counter arrays" * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dledford/rdma: i40iw: Enable remote access rights for stag allocation i40iw: do not print unitialized variables in error message IB core: Add port_xmit_wait counter IB/hfi1: Fix sleep inside atomic issue in init_asic_data IB/hfi1: Correct issues with sc5 computation
-
git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linuxLinus Torvalds authored
Pull i2c fixes from Wolfram Sang: "Four driver bugfixes for the I2C subsystem" * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: mux: reg: wrong condition checked for of_address_to_resource return value i2c: tegra: Correct error path in probe i2c: remove __init from i2c_register_board_info() i2c: qup: Fix wrong value of index variable
-
git://people.freedesktop.org/~airlied/linuxLinus Torvalds authored
Pull drm vmware fixes from Dave Airlie: "These are some fixes for the vmware graphics driver, that fix some black screen issues on at least Ubuntu 16.04, I think VMware would like to get these in so stable can pick them up ASAP" * tag 'drm-fixes-for-v4.7-rc8-vmware' of git://people.freedesktop.org/~airlied/linux: drm/vmwgfx: Fix error paths when mapping framebuffer drm/vmwgfx: Fix corner case screen target management drm/vmwgfx: Delay pinning fbdev framebuffer until after mode set drm/vmwgfx: Check pin count before attempting to move a buffer drm/ttm: Make ttm_bo_mem_compat available drm/vmwgfx: Add an option to change assumed FB bpp drm/vmwgfx: Work around mode set failure in 2D VMs drm/vmwgfx: Add a check to handle host message failure
-
git://people.freedesktop.org/~airlied/linuxLinus Torvalds authored
Pull drm fixes from Dave Airlie: "These are just some i915 and amdgpu fixes that shows up, the amdgpu ones are polaris fixes, and the i915 one is a major regression fix" * tag 'drm-fixes-for-v4.7-rc8' of git://people.freedesktop.org/~airlied/linux: drm/amdgpu: fix power distribution issue for Polaris10 XT drm/amdgpu: Add a missing register to Polaris golden setting drm/i915: Ignore panel type from OpRegion on SKL drm/i915: Update ifdeffery for mutex->owner
-
git://git.kernel.org/pub/scm/linux/kernel/git/tip/tipLinus Torvalds authored
Pull scheduler fix from Ingo Molnar: "Fix a CPU hotplug related corruption of the load average that got introduced in this merge window" * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched/core: Correct off by one bug in load migration calculation
-
Sudip Mukherjee authored
We were getting build warning: arch/m32r/boot/compressed/m32r_sio.c:11:13: warning: conflicting types for built-in function 'putc' Here putc is used as a static function so lets just rename it to avoid the conflict with the builtin putc. Link: http://lkml.kernel.org/r/1466977046-24724-1-git-send-email-sudipm.mukherjee@gmail.comSigned-off-by:Sudip Mukherjee <sudip.mukherjee@codethink.co.uk> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Anton Blanchard authored
Commit 612e4493 ("mm: workingset: eviction buckets for bigmem/lowbit machines") added a printk without a log level. Quieten it by using pr_info(). Link: http://lkml.kernel.org/r/1466982072-29836-2-git-send-email-anton@ozlabs.orgSigned-off-by:
Anton Blanchard <anton@samba.org> Acked-by:
Johannes Weiner <hannes@cmpxchg.org> Signed-off-by:
-
Hugh Dickins authored
The VM_BUG_ON_PAGE in page_move_anon_rmap() is more trouble than it's worth: the syzkaller fuzzer hit it again. It's still wrong for some THP cases, because linear_page_index() was never intended to apply to addresses before the start of a vma. That's easily fixed with a signed long cast inside linear_page_index(); and Dmitry has tested such a patch, to verify the false positive. But why extend linear_page_index() just for this case? when the avoidance in page_move_anon_rmap() has already grown ugly, and there's no reason for the check at all (nothing else there is using address or index). Remove address arg from page_move_anon_rmap(), remove VM_BUG_ON_PAGE, remove CONFIG_DEBUG_VM PageTransHuge adjustment. And one more thing: should the compound_head(page) be done inside or outside page_move_anon_rmap()? It's usually pushed down to the lowest level nowadays (and mm/memory.c shows no other explicit use of it), so I think it's better done in page_move_anon_rmap() than by caller. Fixes: 0798d3c0 ("mm: thp: avoid false positive VM_BUG_ON_PAGE in page_move_anon_rmap()") Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1607120444540.12528@eggly.anvilsSigned-off-by:
Hugh Dickins <hughd@google.com> Reported-by:
Dmitry Vyukov <dvyukov@google.com> Acked-by:
Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Mika Westerberg <mika.westerberg@linux.intel.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: Rik van Riel <riel@redhat.com> Cc: <stable@vger.kernel.org> [4.5+] Signed-off-by:
-
Naoya Horiguchi authored
The previous patch addresses the race between split_huge_pmd_address() and someone changing the pmd. The fix is only for splitting of normal thp (i.e. pmd-mapped thp,) and for splitting of pte-mapped thp there still is the similar race. For splitting pte-mapped thp, the pte's conversion is done by try_to_unmap_one(TTU_MIGRATION). This function checks page_check_address() to get the target pte, but it can return NULL under some race, leading to VM_BUG_ON() in freeze_page(). Fortunately, page_check_address() already has an argument to decide whether we do a quick/racy check or not, so let's flip it when called from freeze_page(). Link: http://lkml.kernel.org/r/1466990929-7452-2-git-send-email-n-horiguchi@ah.jp.nec.comSigned-off-by:
Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Signed-off-by:
-
Naoya Horiguchi authored
I found a race condition triggering VM_BUG_ON() in freeze_page(), when running a testcase with 3 processes: - process 1: keep writing thp, - process 2: keep clearing soft-dirty bits from virtual address of process 1 - process 3: call migratepages for process 1, The kernel message is like this: kernel BUG at /src/linux-dev/mm/huge_memory.c:3096! invalid opcode: 0000 [#1] SMP Modules linked in: cfg80211 rfkill crc32c_intel ppdev serio_raw pcspkr virtio_balloon virtio_console parport_pc parport pvpanic acpi_cpufreq tpm_tis tpm i2c_piix4 virtio_blk virtio_net ata_generic pata_acpi floppy virtio_pci virtio_ring virtio CPU: 0 PID: 28863 Comm: migratepages Not tainted 4.6.0-v4.6-160602-0827-+ #2 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 task: ffff880037320000 ti: ffff88007cdd0000 task.ti: ffff88007cdd0000 RIP: 0010:[<ffffffff811f8e06>] [<ffffffff811f8e06>] split_huge_page_to_list+0x496/0x590 RSP: 0018:ffff88007cdd3b70 EFLAGS: 00010202 RAX: 0000000000000001 RBX: ffff88007c7b88c0 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000700000200 RDI: ffffea0003188000 RBP: ffff88007cdd3bb8 R08: 0000000000000001 R09: 00003ffffffff000 R10: ffff880000000000 R11: ffffc000001fffff R12: ffffea0003188000 R13: ffffea0003188000 R14: 0000000000000000 R15: 0400000000000080 FS: 00007f8ec241d740(0000) GS:ffff88007dc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8ec1f3ed20 CR3: 000000003707b000 CR4: 00000000000006f0 Call Trace: ? list_del+0xd/0x30 queue_pages_pte_range+0x4d1/0x590 __walk_page_range+0x204/0x4e0 walk_page_range+0x71/0xf0 queue_pages_range+0x75/0x90 ? queue_pages_hugetlb+0x190/0x190 ? new_node_page+0xc0/0xc0 ? change_prot_numa+0x40/0x40 migrate_to_node+0x71/0xd0 do_migrate_pages+0x1c3/0x210 SyS_migrate_pages+0x261/0x290 entry_SYSCALL_64_fastpath+0x1a/0xa4 Code: e8 b0 87 fb ff 0f 0b 48 c7 c6 30 32 9f 81 e8 a2 87 fb ff 0f 0b 48 c7 c6 b8 46 9f 81 e8 94 87 fb ff 0f 0b 85 c0 0f 84 3e fd ff ff <0f> 0b 85 c0 0f 85 a6 00 00 00 48 8b 75 c0 4c 89 f7 41 be f0 ff RIP split_huge_page_to_list+0x496/0x590 I'm not sure of the full scenario of the reproduction, but my debug showed that split_huge_pmd_address(freeze=true) returned without running main code of pmd splitting because pmd_present(*pmd) in precheck somehow returned 0. If this happens, the subsequent try_to_unmap() fails and returns non-zero (because page_mapcount() still > 0), and finally VM_BUG_ON() fires. This patch tries to fix it by prechecking pmd state inside ptl. Link: http://lkml.kernel.org/r/1466990929-7452-1-git-send-email-n-horiguchi@ah.jp.nec.comSigned-off-by: -
Dmitry Vyukov authored
If CONFIG_KASAN is enabled and gcc is configured with --disable-initfini-array and/or gold linker is used, gcc emits .ctors/.dtors and .text.startup/.text.exit sections instead of .init_array/.fini_array. .dtors section is not explicitly accounted in the linker script and messes vvar/percpu layout. We want: ffffffff822bfd80 D _edata ffffffff822c0000 D __vvar_beginning_hack ffffffff822c0000 A __vvar_page ffffffff822c0080 0000000000000098 D vsyscall_gtod_data ffffffff822c1000 A __init_begin ffffffff822c1000 D init_per_cpu__irq_stack_union ffffffff822c1000 A __per_cpu_load ffffffff822d3000 D init_per_cpu__gdt_page We got: ffffffff8279a600 D _edata ffffffff8279b000 A __vvar_page ffffffff8279c000 A __init_begin ffffffff8279c000 D init_per_cpu__irq_stack_union ffffffff8279c000 A __per_cpu_load ffffffff8279e000 D __vvar_beginning_hack ffffffff8279e080 0000000000000098 D vsyscall_gtod_data ffffffff827ae000 D init_per_cpu__gdt_page This happens because __vvar_page and .vvar get different addresses in arch/x86/kernel/vmlinux.lds.S: . = ALIGN(PAGE_SIZE); __vvar_page = .; .vvar : AT(ADDR(.vvar) - LOAD_OFFSET) { /* work around gold bug 13023 */ __vvar_beginning_hack = .; Discard .dtors/.fini_array/.text.exit, since we don't call dtors. Merge .text.startup into init text. Link: http://lkml.kernel.org/r/1467386363-120030-1-git-send-email-dvyukov@google.comSigned-off-by:Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: <stable@vger.kernel.org> [4.0+] Signed-off-by:
-
Florian Meier authored
Link: http://lkml.kernel.org/r/20160701130914.GA23225@styxhpSigned-off-by:
Florian Meier <Florian.Meier@informatik.uni-erlangen.de> Reviewed-by:
Peter Oberparleiter <oberpar@linux.vnet.ibm.com> Tested-by:
-
Mel Gorman authored
early_page_uninitialised looks up an arbitrary PFN. While a machine without node 0 will boot with "mm, page_alloc: Always return a valid node from early_pfn_to_nid", it works because it assumes that nodes are always in PFN order. This is not guaranteed so this patch adds robustness by always checking if the node being checked is online. Link: http://lkml.kernel.org/r/1468008031-3848-4-git-send-email-mgorman@techsingularity.netSigned-off-by:
Mel Gorman <mgorman@techsingularity.net> Acked-by:
David Rientjes <rientjes@google.com> Cc: <stable@vger.kernel.org> [4.2+] Signed-off-by:
-
Mel Gorman authored
early_pfn_to_nid can return node 0 if a PFN is invalid on machines that has no node 0. A machine with only node 1 was observed to crash with the following message: BUG: unable to handle kernel paging request at 000000000002a3c8 PGD 0 Modules linked in: Hardware name: Supermicro H8DSP-8/H8DSP-8, BIOS 080011 06/30/2006 task: ffffffff81c0d500 ti: ffffffff81c00000 task.ti: ffffffff81c00000 RIP: reserve_bootmem_region+0x6a/0xef CR2: 000000000002a3c8 CR3: 0000000001c06000 CR4: 00000000000006b0 Call Trace: free_all_bootmem+0x4b/0x12a mem_init+0x70/0xa3 start_kernel+0x25b/0x49b The problem is that early_page_uninitialised uses the early_pfn_to_nid helper which returns node 0 for invalid PFNs. No caller of early_pfn_to_nid cares except early_page_uninitialised. This patch has early_pfn_to_nid always return a valid node. Link: http://lkml.kernel.org/r/1468008031-3848-3-git-send-email-mgorman@techsingularity.netSigned-off-by: -
Joonsoo Kim authored
There are two bugs on qlist_move_cache(). One is that qlist's tail isn't set properly. curr->next can be NULL since it is singly linked list and NULL value on tail is invalid if there is one item on qlist. Another one is that if cache is matched, qlist_put() is called and it will set curr->next to NULL. It would cause to stop the loop prematurely. These problems come from complicated implementation so I'd like to re-implement it completely. Implementation in this patch is really simple. Iterate all qlist_nodes and put them to appropriate list. Unfortunately, I got this bug sometime ago and lose oops message. But, the bug looks trivial and no need to attach oops. Fixes: 55834c59 ("mm: kasan: initial memory quarantine implementation") Link: http://lkml.kernel.org/r/1467766348-22419-1-git-send-email-iamjoonsoo.kim@lge.comSigned-off-by:
Joonsoo Kim <iamjoonsoo.kim@lge.com> Reviewed-by:
Alexander Potapenko <glider@google.com> Cc: Kuthonuzo Luruo <poll.stdin@gmail.com> Signed-off-by:
-
Mauro Carvalho Chehab authored
This header contains the userspace API for lirc. This is a fixup for commit b7be7557 ("[media] bz#75751: Move internal header file lirc.h to uapi/"). It moved the header to the right place, but it forgot to add it at Kbuild. So, despite being at uapi, it is not copied to the right place. Fixes: b7be7557 ("[media] bz#75751: Move internal header file lirc.h to uapi/") Link: http://lkml.kernel.org/r/320c765d32bfc82c582e336d52ffe1026c73c644.1468439021.git.mchehab@s-opensource.comSigned-off-by:
Mauro Carvalho Chehab <mchehab@s-opensource.com> Cc: Alec Leamas <leamas.alec@gmail.com> Cc: <stable@vger.kernel.org> Signed-off-by:
-
Huang Ying authored
madvise_free_huge_pmd should return 0 if the fallback PTE operations are required. In madvise_free_huge_pmd, if part pages of THP are discarded, the THP will be split and fallback PTE operations should be used if splitting succeeds. But the original code will make fallback PTE operations skipped, after splitting succeeds. Fix that via make madvise_free_huge_pmd return 0 after splitting successfully, so that the fallback PTE operations will be done. Link: http://lkml.kernel.org/r/1467135452-16688-1-git-send-email-ying.huang@intel.comSigned-off-by:
"Huang, Ying" <ying.huang@intel.com> Acked-by:
Minchan Kim <minchan@kernel.org> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Jerome Marchand <jmarchan@redhat.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: Ebru Akagunduz <ebru.akagunduz@gmail.com> Signed-off-by:
-
Kieran Bingham authored
This reverts commit 9b558035 ("scripts/gdb: add documentation example for radix tree") The python implementation of radix tree was merged at the same time as a refactoring of the radix tree implementation and doesn't work. The feature is being reverted, thus we revert the documentation as well. Link: http://lkml.kernel.org/r/1467127337-11135-7-git-send-email-kieran@bingham.xyzSigned-off-by:
Kieran Bingham <kieran@bingham.xyz> Signed-off-by:
-
Kieran Bingham authored
This reverts commit e127a73d ("scripts/gdb: add a Radix Tree Parser") The python implementation of radix-tree was merged at the same time as the radix-tree system was heavily reworked from commit e9256efc ("radix-tree: introduce radix_tree_empty") to 3bcadd6f ("radix-tree: free up the bottom bit of exceptional entries for reuse") and no longer functions, but also prevents other gdb scripts from loading. This functionality has not yet hit a release, so simply remove it for now Link: http://lkml.kernel.org/r/1467127337-11135-6-git-send-email-kieran@bingham.xyzSigned-off-by:
-
Nikolay Borisov authored
Python doesn't do automatic expansion of paths. In case one passes path of the from ~/foo/bar the gdb scripts won't automatically expand that and as a result the symbols files won't be loaded. Fix this by explicitly expanding all paths which begin with "~" Link: http://lkml.kernel.org/r/1467127337-11135-5-git-send-email-kieran@bingham.xyzSigned-off-by:
Nikolay Borisov <n.borisov.lkml@gmail.com> Signed-off-by:
Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by:
-
Omar Sandoval authored
Since scripts/gdb/linux/constants.py is autogenerated, this should have been added to .gitignore when it was introduced. Fixes: f197d75f ("scripts/gdb: provide linux constants") Link: http://lkml.kernel.org/r/1467127337-11135-4-git-send-email-kieran@bingham.xyzSigned-off-by:
Omar Sandoval <osandov@fb.com> Signed-off-by:
-
Kieran Bingham authored
The autogenerated constants.py file was only being built on the initial call, and if the constants.py.in file changed. As we are utilising the CPP hooks, we can successfully use the call if_changed_dep rules to determine when to rebuild the file based on it's inclusions. Link: http://lkml.kernel.org/r/1467127337-11135-3-git-send-email-kieran@bingham.xyzSigned-off-by:
Jan Kiszka <jan.kiszka@web.de> Signed-off-by:
-
Kieran Bingham authored
The constants.py generation, involves a rule to link into the main makefile. This rule has no command and generates a spurious warning message in the build logs when CONFIG_SCRIPTS_GDB is enabled. Fix simply by giving a no-op action Link: http://lkml.kernel.org/r/1467127337-11135-2-git-send-email-kieran@bingham.xyzSigned-off-by:
-
Dmitry Vyukov authored
Currently GPF messages with KASAN look as follows: kasan: GPF could be caused by NULL-ptr deref or user memory accessgeneral protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN Add newlines. Link: http://lkml.kernel.org/r/1467294357-98002-1-git-send-email-dvyukov@google.comSigned-off-by:
-
David Rientjes authored
It's possible to isolate some freepages in a pageblock and then fail split_free_page() due to the low watermark check. In this case, we hit VM_BUG_ON() because the freeing scanner terminated early without a contended lock or enough freepages. This should never have been a VM_BUG_ON() since it's not a fatal condition. It should have been a VM_WARN_ON() at best, or even handled gracefully. Regardless, we need to terminate anytime the full pageblock scan was not done. The logic belongs in isolate_freepages_block(), so handle its state gracefully by terminating the pageblock loop and making a note to restart at the same pageblock next time since it was not possible to complete the scan this time. [rientjes@google.com: don't rescan pages in a pageblock] Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1607111244150.83138@chino.kir.corp.google.com Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1606291436300.145590@chino.kir.corp.google.comSigned-off-by:
-
git://people.freedesktop.org/~syeh/repos_linuxDave Airlie authored
A bunch of vmwgfx fixes that fix a black screen issue on latest distros/hw combos. * 'drm-vmwgfx-fixes' of git://people.freedesktop.org/~syeh/repos_linux: drm/vmwgfx: Fix error paths when mapping framebuffer drm/vmwgfx: Fix corner case screen target management drm/vmwgfx: Delay pinning fbdev framebuffer until after mode set drm/vmwgfx: Check pin count before attempting to move a buffer drm/ttm: Make ttm_bo_mem_compat available drm/vmwgfx: Add an option to change assumed FB bpp drm/vmwgfx: Work around mode set failure in 2D VMs drm/vmwgfx: Add a check to handle host message failure
-
- 14 Jul, 2016 3 commits
-
-
git://anongit.freedesktop.org/drm-intelDave Airlie authored
I've also realized that a pile of hang fixes for kbl landed in next, and no one thought of backporting it to 4.7 - kbl has lost prelim_hw_support tagging in 4.7-rc1 already. Mika is prepping a topic branch for those, will send you a separate pull request since it's quite a bit (but should be all well restricted to kbl code, so similar to polaris in amdgpu). * tag 'drm-intel-fixes-2016-07-14' of git://anongit.freedesktop.org/drm-intel: drm/i915: Ignore panel type from OpRegion on SKL drm/i915: Update ifdeffery for mutex->owner
-
git://people.freedesktop.org/~agd5f/linuxDave Airlie authored
Two more polaris fixes. * 'drm-fixes-4.7' of git://people.freedesktop.org/~agd5f/linux: drm/amdgpu: fix power distribution issue for Polaris10 XT drm/amdgpu: Add a missing register to Polaris golden setting
-
Ken Wang authored
Signed-off-by:
Ken Wang <Qingqing.Wang@amd.com> Reviewed-by:
Alex Deucher <alexander.deucher@amd.com> Signed-off-by:
-
