1. 03 Feb, 2018 1 commit
    • Alexei Starovoitov's avatar
      bpf: fix bpf_prog_array_copy_to_user() issues · 0911287c
      Alexei Starovoitov authored
      1. move copy_to_user out of rcu section to fix the following issue:
      
      ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section!
      stack backtrace:
       __dump_stack lib/dump_stack.c:17 [inline]
       dump_stack+0x194/0x257 lib/dump_stack.c:53
       lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4592
       rcu_preempt_sleep_check include/linux/rcupdate.h:301 [inline]
       ___might_sleep+0x385/0x470 kernel/sched/core.c:6079
       __might_sleep+0x95/0x190 kernel/sched/core.c:6067
       __might_fault+0xab/0x1d0 mm/memory.c:4532
       _copy_to_user+0x2c/0xc0 lib/usercopy.c:25
       copy_to_user include/linux/uaccess.h:155 [inline]
       bpf_prog_array_copy_to_user+0x217/0x4d0 kernel/bpf/core.c:1587
       bpf_prog_array_copy_info+0x17b/0x1c0 kernel/bpf/core.c:1685
       perf_event_query_prog_array+0x196/0x280 kernel/trace/bpf_trace.c:877
       _perf_ioctl kernel/events/core.c:4737 [inline]
       perf_ioctl+0x3e1/0x1480 kernel/events/core.c:4757
      
      2. move *prog under rcu, since it's not ok to dereference it afterwards
      
      3. in a rare case of prog array being swapped between bpf_prog_array_length()
         and bpf_prog_array_copy_to_user() calls make sure to copy zeros to user space,
         so the user doesn't walk over uninited prog_ids while kernel reported
         uattr->query.prog_cnt > 0
      
      Reported-by: syzbot+7dbcd2d3b85f9b608b23@syzkaller.appspotmail.com
      Fixes: 468e2f64 ("bpf: introduce BPF_PROG_QUERY command")
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      0911287c
  2. 02 Feb, 2018 1 commit
  3. 01 Feb, 2018 3 commits
  4. 31 Jan, 2018 35 commits
    • Linus Torvalds's avatar
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next · b2fe5fa6
      Linus Torvalds authored
      Pull networking updates from David Miller:
      
       1) Significantly shrink the core networking routing structures. Result
          of http://vger.kernel.org/~davem/seoul2017_netdev_keynote.pdf
      
       2) Add netdevsim driver for testing various offloads, from Jakub
          Kicinski.
      
       3) Support cross-chip FDB operations in DSA, from Vivien Didelot.
      
       4) Add a 2nd listener hash table for TCP, similar to what was done for
          UDP. From Martin KaFai Lau.
      
       5) Add eBPF based queue selection to tun, from Jason Wang.
      
       6) Lockless qdisc support, from John Fastabend.
      
       7) SCTP stream interleave support, from Xin Long.
      
       8) Smoother TCP receive autotuning, from Eric Dumazet.
      
       9) Lots of erspan tunneling enhancements, from William Tu.
      
      10) Add true function call support to BPF, from Alexei Starovoitov.
      
      11) Add explicit support for GRO HW offloading, from Michael Chan.
      
      12) Support extack generation in more netlink subsystems. From Alexander
          Aring, Quentin Monnet, and Jakub Kicinski.
      
      13) Add 1000BaseX, flow control, and EEE support to mvneta driver. From
          Russell King.
      
      14) Add flow table abstraction to netfilter, from Pablo Neira Ayuso.
      
      15) Many improvements and simplifications to the NFP driver bpf JIT,
          from Jakub Kicinski.
      
      16) Support for ipv6 non-equal cost multipath routing, from Ido
          Schimmel.
      
      17) Add resource abstration to devlink, from Arkadi Sharshevsky.
      
      18) Packet scheduler classifier shared filter block support, from Jiri
          Pirko.
      
      19) Avoid locking in act_csum, from Davide Caratti.
      
      20) devinet_ioctl() simplifications from Al viro.
      
      21) More TCP bpf improvements from Lawrence Brakmo.
      
      22) Add support for onlink ipv6 route flag, similar to ipv4, from David
          Ahern.
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1925 commits)
        tls: Add support for encryption using async offload accelerator
        ip6mr: fix stale iterator
        net/sched: kconfig: Remove blank help texts
        openvswitch: meter: Use 64-bit arithmetic instead of 32-bit
        tcp_nv: fix potential integer overflow in tcpnv_acked
        r8169: fix RTL8168EP take too long to complete driver initialization.
        qmi_wwan: Add support for Quectel EP06
        rtnetlink: enable IFLA_IF_NETNSID for RTM_NEWLINK
        ipmr: Fix ptrdiff_t print formatting
        ibmvnic: Wait for device response when changing MAC
        qlcnic: fix deadlock bug
        tcp: release sk_frag.page in tcp_disconnect
        ipv4: Get the address of interface correctly.
        net_sched: gen_estimator: fix lockdep splat
        net: macb: Handle HRESP error
        net/mlx5e: IPoIB, Fix copy-paste bug in flow steering refactoring
        ipv6: addrconf: break critical section in addrconf_verify_rtnl()
        ipv6: change route cache aging logic
        i40e/i40evf: Update DESC_NEEDED value to reflect larger value
        bnxt_en: cleanup DIM work on device shutdown
        ...
      b2fe5fa6
    • Linus Torvalds's avatar
      Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 · a103950e
      Linus Torvalds authored
      Pull crypto updates from Herbert Xu:
       "API:
         - Enforce the setting of keys for keyed aead/hash/skcipher
           algorithms.
         - Add multibuf speed tests in tcrypt.
      
        Algorithms:
         - Improve performance of sha3-generic.
         - Add native sha512 support on arm64.
         - Add v8.2 Crypto Extentions version of sha3/sm3 on arm64.
         - Avoid hmac nesting by requiring underlying algorithm to be unkeyed.
         - Add cryptd_max_cpu_qlen module parameter to cryptd.
      
        Drivers:
         - Add support for EIP97 engine in inside-secure.
         - Add inline IPsec support to chelsio.
         - Add RevB core support to crypto4xx.
         - Fix AEAD ICV check in crypto4xx.
         - Add stm32 crypto driver.
         - Add support for BCM63xx platforms in bcm2835 and remove bcm63xx.
         - Add Derived Key Protocol (DKP) support in caam.
         - Add Samsung Exynos True RNG driver.
         - Add support for Exynos5250+ SoCs in exynos PRNG driver"
      
      * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (166 commits)
        crypto: picoxcell - Fix error handling in spacc_probe()
        crypto: arm64/sha512 - fix/improve new v8.2 Crypto Extensions code
        crypto: arm64/sm3 - new v8.2 Crypto Extensions implementation
        crypto: arm64/sha3 - new v8.2 Crypto Extensions implementation
        crypto: testmgr - add new testcases for sha3
        crypto: sha3-generic - export init/update/final routines
        crypto: sha3-generic - simplify code
        crypto: sha3-generic - rewrite KECCAK transform to help the compiler optimize
        crypto: sha3-generic - fixes for alignment and big endian operation
        crypto: aesni - handle zero length dst buffer
        crypto: artpec6 - remove select on non-existing CRYPTO_SHA384
        hwrng: bcm2835 - Remove redundant dev_err call in bcm2835_rng_probe()
        crypto: stm32 - remove redundant dev_err call in stm32_cryp_probe()
        crypto: axis - remove unnecessary platform_get_resource() error check
        crypto: testmgr - test misuse of result in ahash
        crypto: inside-secure - make function safexcel_try_push_requests static
        crypto: aes-generic - fix aes-generic regression on powerpc
        crypto: chelsio - Fix indentation warning
        crypto: arm64/sha1-ce - get rid of literal pool
        crypto: arm64/sha2-ce - move the round constant table to .rodata section
        ...
      a103950e
    • Linus Torvalds's avatar
      Merge tag 'selinux-pr-20180130' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux · 2cfa1cd3
      Linus Torvalds authored
      Pull selinux updates from Paul Moore:
       "A small pull request this time, just three patches, and one of these
        is just a comment update (swap the FSF physical address for a URL).
      
        The other two patches are small bug fixes found by szybot/syzkaller;
        they individual patch descriptions should tell you all you ever wanted
        to know"
      
      * tag 'selinux-pr-20180130' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
        selinux: skip bounded transition processing if the policy isn't loaded
        selinux: ensure the context is NUL terminated in security_context_to_sid_core()
        security: replace FSF address with web source in license notices
      2cfa1cd3
    • Linus Torvalds's avatar
      Merge branch 'next-seccomp' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 3dbc4f54
      Linus Torvalds authored
      Pull seccomp updates from James Morris:
       "Add support for retrieving seccomp metadata"
      
      * 'next-seccomp' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        ptrace, seccomp: add support for retrieving seccomp metadata
        seccomp: hoist out filter resolving logic
      3dbc4f54
    • Linus Torvalds's avatar
      Merge branch 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · ae0cb7be
      Linus Torvalds authored
      Pull tpm updates from James Morris:
      
       - reduce polling delays in tpm_tis
      
       - support retrieving TPM 2.0 Event Log through EFI before
         ExitBootServices
      
       - replace tpm-rng.c with a hwrng device managed by the driver for each
         TPM device
      
       - TPM resource manager synthesizes TPM_RC_COMMAND_CODE response instead
         of returning -EINVAL for unknown TPM commands. This makes user space
         more sound.
      
       - CLKRUN fixes:
      
          * Keep #CLKRUN disable through the entier TPM command/response flow
      
          * Check whether #CLKRUN is enabled before disabling and enabling it
            again because enabling it breaks PS/2 devices on a system where it
            is disabled
      
      * 'next-tpm' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        tpm: remove unused variables
        tpm: remove unused data fields from I2C and OF device ID tables
        tpm: only attempt to disable the LPC CLKRUN if is already enabled
        tpm: follow coding style for variable declaration in tpm_tis_core_init()
        tpm: delete the TPM_TIS_CLK_ENABLE flag
        tpm: Update MAINTAINERS for Jason Gunthorpe
        tpm: Keep CLKRUN enabled throughout the duration of transmit_cmd()
        tpm_tis: Move ilb_base_addr to tpm_tis_data
        tpm2-cmd: allow more attempts for selftest execution
        tpm: return a TPM_RC_COMMAND_CODE response if command is not implemented
        tpm: Move Linux RNG connection to hwrng
        tpm: use struct tpm_chip for tpm_chip_find_get()
        tpm: parse TPM event logs based on EFI table
        efi: call get_event_log before ExitBootServices
        tpm: add event log format version
        tpm: rename event log provider files
        tpm: move tpm_eventlog.h outside of drivers folder
        tpm: use tpm_msleep() value as max delay
        tpm: reduce tpm polling delay in tpm_tis_core
        tpm: move wait_for_tpm_stat() to respective driver files
      ae0cb7be
    • Linus Torvalds's avatar
      Merge branch 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security · 2a714903
      Linus Torvalds authored
      Pull smack updates from James Morris:
       "Two minor fixes"
      
      * 'next-smack' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        Smack: Privilege check on key operations
        Smack: fix dereferenced before check
      2a714903
    • Linus Torvalds's avatar
      Merge branch 'next-integrity' of... · 3c29548f
      Linus Torvalds authored
      Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
      
      Pull integrity updates from James Morris:
       "This contains a mixture of bug fixes, code cleanup, and new
        functionality. Of note is the integrity cache locking fix, file change
        detection, and support for a new EVM portable and immutable signature
        type.
      
        The re-introduction of the integrity cache lock (iint) fixes the
        problem of attempting to take the i_rwsem shared a second time, when
        it was previously taken exclusively. Defining atomic flags resolves
        the original iint/i_rwsem circular locking - accessing the file data
        vs. modifying the file metadata. Although it fixes the O_DIRECT
        problem as well, a subsequent patch is needed to remove the explicit
        O_DIRECT prevention.
      
        For performance reasons, detecting when a file has changed and needs
        to be re-measured, re-appraised, and/or re-audited, was limited to
        after the last writer has closed, and only if the file data has
        changed. Detecting file change is based on i_version. For filesystems
        that do not support i_version, remote filesystems, or userspace
        filesystems, the file was measured, appraised and/or audited once and
        never re-evaluated. Now local filesystems, which do not support
        i_version or are not mounted with the i_version option, assume the
        file has changed and are required to re-evaluate the file. This change
        does not address detecting file change on remote or userspace
        filesystems.
      
        Unlike file data signatures, which can be included and distributed in
        software packages (eg. rpm, deb), the existing EVM signature, which
        protects the file metadata, could not be included in software
        packages, as it includes file system specific information (eg. i_ino,
        possibly the UUID). This pull request defines a new EVM portable and
        immutable file metadata signature format, which can be included in
        software packages"
      
      * 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
        ima/policy: fix parsing of fsuuid
        ima: Use i_version only when filesystem supports it
        integrity: remove unneeded initializations in integrity_iint_cache entries
        ima: log message to module appraisal error
        ima: pass filename to ima_rdwr_violation_check()
        ima: Fix line continuation format
        ima: support new "hash" and "dont_hash" policy actions
        ima: re-introduce own integrity cache lock
        EVM: Add support for portable signature format
        EVM: Allow userland to permit modification of EVM-protected metadata
        ima: relax requiring a file signature for new files with zero length
      3c29548f
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching · e1c70f32
      Linus Torvalds authored
      Pull livepatching updates from Jiri Kosina:
      
       - handle 'infinitely'-long sleeping tasks, from Miroslav Benes
      
       - remove 'immediate' feature, as it turns out it doesn't provide the
         originally expected semantics, and brings more issues than value
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching:
        livepatch: add locking to force and signal functions
        livepatch: Remove immediate feature
        livepatch: force transition to finish
        livepatch: send a fake signal to all blocking tasks
      e1c70f32
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid · 183b6366
      Linus Torvalds authored
      Pull HID updates from Jiri Kosina:
      
       - remove hid_have_special_driver[] entry hard requirement for any newly
         supported VID/PID by a specific non-core hid driver, and general
         related cleanup of HID matching core, from Benjamin Tissoires
      
       - support for new Wacom devices and a few small fixups for already
         supported ones in Wacom driver, from Aaron Armstrong Skomra and Jason
         Gerecke
      
       - sysfs interface fix for roccat driver from Dan Carpenter
      
       - support for new Asus HW (T100TAF, T100HA, T200TA) from Hans de Goede
      
       - improved support for Jabra devices, from Niels Skou Olsen
      
       - other assorted small fixes and new device IDs
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: (30 commits)
        HID: quirks: Fix keyboard + touchpad on Toshiba Click Mini not working
        HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
        HID: asus: Fix special function keys on T200TA
        HID: asus: Add touchpad max x/y and resolution info for the T200TA
        HID: wacom: Add support for One by Wacom (CTL-472 / CTL-672)
        HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events
        HID: intel-ish-hid: Enable Cannon Lake and Coffee Lake laptop/desktop
        HID: elecom: rewrite report fixup for EX-G and future mice
        HID: sony: Report DS4 version info through sysfs
        HID: sony: Print reversed MAC address via %pMR
        HID: wacom: EKR: ensure devres groups at higher indexes are released
        HID: rmi: Support the Fujitsu R726 Pad dock using hid-rmi
        HID: add quirk for another PIXART OEM mouse used by HP
        HID: quirks: make array hid_quirks static
        HID: hid-multitouch: support fine-grain orientation reporting
        HID: asus: Add product-id for the T100TAF and T100HA keyboard docks
        HID: elo: clear BTN_LEFT mapping
        HID: multitouch: Combine all left-button events in a frame
        HID: multitouch: Only look at non touch fields in first packet of a frame
        HID: multitouch: Properly deal with Win8 PTP reports with 0 touches
        ...
      183b6366
    • Linus Torvalds's avatar
      Merge tag 'for-linus-4.16-1' of git://github.com/cminyard/linux-ipmi · 4c6790c4
      Linus Torvalds authored
      Pull IPMI updates from Corey Minyard:
       "Small fixes for various things, been sitting in next for a while (some
        a long time)"
      
      * tag 'for-linus-4.16-1' of git://github.com/cminyard/linux-ipmi:
        ipmi_ssif: Remove duplicate NULL check
        ipmi/powernv: Fix error return code in ipmi_powernv_probe()
        ipmi: use dynamic memory for DMI driver override
        ipmi/ipmi_powernv: remove outdated todo in powernv IPMI driver
        ipmi: Clear smi_info->thread to prevent use-after-free during module unload
        ipmi: use correct string length
        ipmi_si: Fix error handling of platform device
        ipmi watchdog: fix typo in parameter description
        ipmi_si_platform: Fix typo in parameter description
      4c6790c4
    • Linus Torvalds's avatar
      Merge tag 'for-v4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply · 972058ad
      Linus Torvalds authored
      Pull power supply and reset updates from Sebastian Reichel:
      
       - bq27xxx: add bq27521 support
      
       - drop unused imx-snvs-poweroff driver
      
       - improve axp288 driver
      
       - misc fixes
      
      * tag 'for-v4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-power-supply: (32 commits)
        power: supply: max17042_battery: Always fall back to default platform-data
        power: supply: max17042_battery: Check battery current for status when supplied
        MAINTAINERS: Add AXP288 PMIC entry
        power: supply: axp288_fuel_gauge: Do not register our psy on (some) HDMI sticks
        power: supply: axp288_fuel_gauge: Optimize get_current()
        power: supply: axp288_fuel_gauge: Rework get_status()
        power: reset: account for const type of of_device_id.data
        power: supply: account for const type of of_device_id.data
        bq24190: Simplify code in property_is_writeable
        power: supply: axp288_fuel_gauge: Get iio-channels once during boot
        power: supply: axp288_charger: Properly stop work on probe-error / remove
        power: supply: axp288_charger: Simplify extcon cable handling
        power: supply: axp288_charger: Use the right property for the input current limit
        power: supply: axp288_charger: Pick lower input current limit not higher
        power: supply: axp288_charger: Do not cache input current limit value
        power: supply: axp288_charger: Remove no longer needed locking
        power: supply: axp288_charger: Use regmap_update_bits to set the input limits
        power: supply: axp288_charger: Cleanup some double empty lines
        power: supply: axp288_charger: Remove charger-enabled state tracking
        power: supply: axp288_charger: Add missing newlines to some messages
        ...
      972058ad
    • Linus Torvalds's avatar
      Merge tag 'hsi-for-4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-hsi · a9e89e54
      Linus Torvalds authored
      Pull HSI update from Sebastian Reichel:
       "Y2038 fix for cmt-speech"
      
      * tag 'hsi-for-4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/sre/linux-hsi:
        HSI: cmt_speech: use timespec64 instead of timespec
      a9e89e54
    • Linus Torvalds's avatar
      Merge tag 'gpio-v4.16-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio · 9798f517
      Linus Torvalds authored
      Pull GPIO updates from Linus Walleij:
       "The is the bulk of GPIO changes for the v4.16 kernel cycle. It is
        pretty calm this time around I think. I even got time to get to things
        like starting to clean up header includes.
      
        Core changes:
      
         - Disallow open drain and open source flags to be set simultaneously.
           This doesn't make electrical sense, and would the hardware actually
           respond to this setting, the result would be short circuit.
      
         - ACPI GPIO has a new core infrastructure for handling quirks. The
           quirks are there to deal with broken ACPI tables centrally instead
           of pushing the work to individual drivers. In the world of BIOS
           writers, the ACPI tables are perfect. Until they find a mistake in
           it. When such a mistake is found, we can patch it with a quirk. It
           should never happen, the problem is that it happens. So we
           accomodate for it.
      
         - Several documentation updates.
      
         - Revert the patch setting up initial direction state from reading
           the device. This was causing bad things for drivers that can't read
           status on all its pins. It is only affecting debugfs information
           quality.
      
         - Label descriptors with the device name if no explicit label is
           passed in.
      
         - Pave the ground for transitioning SPI and regulators to use GPIO
           descriptors by implementing some quirks in the device tree GPIO
           parsing code.
      
        New drivers:
      
         - New driver for the Access PCIe IDIO 24 family.
      
        Other:
      
         - Major refactorings and improvements to the GPIO mockup driver used
           for test and verification.
      
         - Moved the AXP209 driver over to pin control since it gained a pin
           control back-end. These patches will appear (with the same hashes)
           in the pin control pull request as well.
      
         - Convert the onewire GPIO driver w1-gpio to use descriptors. This is
           merged here since the W1 maintainers send very few pull requests
           and he ACKed it.
      
         - Start to clean up driver headers using <linux/gpio.h> to just use
           <linux/gpio/driver.h> as appropriate"
      
      * tag 'gpio-v4.16-1' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio: (103 commits)
        gpio: Timestamp events in hardirq handler
        gpio: Fix kernel stack leak to userspace
        gpio: Fix a documentation spelling mistake
        gpio: Documentation update
        gpiolib: remove redundant initialization of pointer desc
        gpio: of: Fix NPE from OF flags
        gpio: stmpe: Delete an unnecessary variable initialisation in stmpe_gpio_probe()
        gpio: stmpe: Move an assignment in stmpe_gpio_probe()
        gpio: stmpe: Improve a size determination in stmpe_gpio_probe()
        gpio: stmpe: Use seq_putc() in stmpe_dbg_show()
        gpio: No NULL owner
        gpio: stmpe: i2c transfer are forbiden in atomic context
        gpio: davinci: Include proper header
        gpio: da905x: Include proper header
        gpio: cs5535: Include proper header
        gpio: crystalcove: Include proper header
        gpio: bt8xx: Include proper header
        gpio: bcm-kona: Include proper header
        gpio: arizona: Include proper header
        gpio: amd8111: Include proper header
        ...
      9798f517
    • Linus Torvalds's avatar
      Merge tag 'leds_for_4.16-rc1' of... · 50081e43
      Linus Torvalds authored
      Merge tag 'leds_for_4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/j.anaszewski/linux-leds
      
      Pull LED updates from Jacek Anaszewski:
       "New LED class driver:
         - introduce LM3692x dual string driver
      
        New LED trigger:
         - introduce a NETDEV trigger
      
        leds-lp8860:
         - various fixes to align with LED framework
         - add regulator enable during init
         - DT support related improvements
      
        Minor fixes and cleanups to the LED class drivers:
         - leds-pwm
         - ledtrig-activity
         - leds-blinkm
         - leds-as3645a
         - ledtrig-transient"
      
      * tag 'leds_for_4.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/j.anaszewski/linux-leds:
        leds: ledtrig-transient: Add SPDX license identifiers
        leds: lp8860: Various fixes to align with LED framework
        leds: lp8860: Add DT parsing to retrieve the trigger node
        dt: bindings: lp8860: Add trigger binding to the lp8860
        leds: lp8860: Update the dt parsing for LED labeling
        dt: bindings: lp8860: Update DT label binding
        dt: bindings: lp8860: Update bindings for lp8860
        leds: as3645a: Fix line over 80 characters
        leds: as3645a: Fix quoted string split warning
        leds: lm3692x: Introduce LM3692x dual string driver
        dt: bindings: lm3692x: Add bindings for lm3692x LED driver
        leds: trigger: Introduce a NETDEV trigger
        leds: blinkm: avoid uninitialized data use
        ledtrig-activity: Grammar s/a immediate/an immediate/
        leds: pwm: Remove unneeded header file
        leds: lp8860: Add regulator enable during init
        leds: lp8860: Fix linuxdoc format for structure
      50081e43
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma · 7b1cd95d
      Linus Torvalds authored
      Pull RDMA subsystem updates from Jason Gunthorpe:
       "Overall this cycle did not have any major excitement, and did not
        require any shared branch with netdev.
      
        Lots of driver updates, particularly of the scale-up and performance
        variety. The largest body of core work was Parav's patches fixing and
        restructing some of the core code to make way for future RDMA
        containerization.
      
        Summary:
      
         - misc small driver fixups to
           bnxt_re/hfi1/qib/hns/ocrdma/rdmavt/vmw_pvrdma/nes
      
         - several major feature adds to bnxt_re driver: SRIOV VF RoCE
           support, HugePages support, extended hardware stats support, and
           SRQ support
      
         - a notable number of fixes to the i40iw driver from debugging scale
           up testing
      
         - more work to enable the new hip08 chip in the hns driver
      
         - misc small ULP fixups to srp/srpt//ipoib
      
         - preparation for srp initiator and target to support the RDMA-CM
           protocol for connections
      
         - add RDMA-CM support to srp initiator, srp target is still a WIP
      
         - fixes for a couple of places where ipoib could spam the dmesg log
      
         - fix encode/decode of FDR/EDR data rates in the core
      
         - many patches from Parav with ongoing work to clean up
           inconsistencies and bugs in RoCE support around the rdma_cm
      
         - mlx5 driver support for the userspace features 'thread domain',
           'wallclock timestamps' and 'DV Direct Connected transport'. Support
           for the firmware dual port rocee capability
      
         - core support for more than 32 rdma devices in the char dev
           allocation
      
         - kernel doc updates from Randy Dunlap
      
         - new netlink uAPI for inspecting RDMA objects similar in spirit to 'ss'
      
         - one minor change to the kobject code acked by Greg KH"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma: (259 commits)
        RDMA/nldev: Provide detailed QP information
        RDMA/nldev: Provide global resource utilization
        RDMA/core: Add resource tracking for create and destroy PDs
        RDMA/core: Add resource tracking for create and destroy CQs
        RDMA/core: Add resource tracking for create and destroy QPs
        RDMA/restrack: Add general infrastructure to track RDMA resources
        RDMA/core: Save kernel caller name when creating PD and CQ objects
        RDMA/core: Use the MODNAME instead of the function name for pd callers
        RDMA: Move enum ib_cq_creation_flags to uapi headers
        IB/rxe: Change RDMA_RXE kconfig to use select
        IB/qib: remove qib_keys.c
        IB/mthca: remove mthca_user.h
        RDMA/cm: Fix access to uninitialized variable
        RDMA/cma: Use existing netif_is_bond_master function
        IB/core: Avoid SGID attributes query while converting GID from OPA to IB
        RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
        IB/umad: Fix use of unprotected device pointer
        IB/iser: Combine substrings for three messages
        IB/iser: Delete an unnecessary variable initialisation in iser_send_data_out()
        IB/iser: Delete an error message for a failed memory allocation in iser_send_data_out()
        ...
      7b1cd95d
    • Linus Torvalds's avatar
      Merge tag 'dmaengine-4.16-rc1' of git://git.infradead.org/users/vkoul/slave-dma · 2155e69a
      Linus Torvalds authored
      Pull dmaengine updates from Vinod Koul:
       "This time is smallish update with updates mainly to drivers:
      
         - updates to xilinx and zynqmp dma controllers
      
         - update reside calculation for rcar controller
      
         - more RSTify fixes for documentation
      
         - add support for race free transfer termination and updating for
           users for that
      
         - support for new rev of hidma with addition new APIs to get device
           match data in ACPI/OF
      
         - random updates to bunch of other drivers"
      
      * tag 'dmaengine-4.16-rc1' of git://git.infradead.org/users/vkoul/slave-dma: (47 commits)
        dmaengine: dmatest: fix container_of member in dmatest_callback
        dmaengine: stm32-dmamux: Remove unnecessary platform_get_resource() error check
        dmaengine: sprd: statify 'sprd_dma_prep_dma_memcpy'
        dmaengine: qcom_hidma: simplify DT resource parsing
        dmaengine: xilinx_dma: Free BD consistent memory
        dmaengine: xilinx_dma: Fix warning variable prev set but not used
        dmaengine: xilinx_dma: properly configure the SG mode bit in the driver for cdma
        dmaengine: doc: format struct fields using monospace
        dmaengine: doc: fix bullet list formatting
        dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63
        dmaengine: cppi41: Fix channel queues array size check
        dmaengine: imx-sdma: Add MODULE_FIRMWARE
        dmaengine: xilinx_dma: Fix typos
        dmaengine: xilinx_dma: Differentiate probe based on the ip type
        dmaengine: xilinx_dma: fix style issues from checkpatch
        dmaengine: xilinx_dma: Fix kernel doc warnings
        dmaengine: xilinx_dma: Fix race condition in the driver for multiple descriptor scenario
        dmaeninge: xilinx_dma: Fix bug in multiple frame stores scenario in vdma
        dmaengine: xilinx_dma: Check for channel idle state before submitting dma descriptor
        dmaengine: zynqmp_dma: Fix race condition in the probe
        ...
      2155e69a
    • Linus Torvalds's avatar
      Merge tag 'dma-mapping-4.16' of git://git.infradead.org/users/hch/dma-mapping · 2382dc9a
      Linus Torvalds authored
      Pull dma mapping updates from Christoph Hellwig:
       "Except for a runtime warning fix from Christian this is all about
        consolidation of the generic no-IOMMU code, a well as the glue code
        for swiotlb.
      
        All the code is based on the x86 implementation with hooks to allow
        all architectures that aren't cache coherent to use it.
      
        The x86 conversion itself has been deferred because the x86
        maintainers were a little busy in the last months"
      
      * tag 'dma-mapping-4.16' of git://git.infradead.org/users/hch/dma-mapping: (57 commits)
        MAINTAINERS: add the iommu list for swiotlb and xen-swiotlb
        arm64: use swiotlb_alloc and swiotlb_free
        arm64: replace ZONE_DMA with ZONE_DMA32
        mips: use swiotlb_{alloc,free}
        mips/netlogic: remove swiotlb support
        tile: use generic swiotlb_ops
        tile: replace ZONE_DMA with ZONE_DMA32
        unicore32: use generic swiotlb_ops
        ia64: remove an ifdef around the content of pci-dma.c
        ia64: clean up swiotlb support
        ia64: use generic swiotlb_ops
        ia64: replace ZONE_DMA with ZONE_DMA32
        swiotlb: remove various exports
        swiotlb: refactor coherent buffer allocation
        swiotlb: refactor coherent buffer freeing
        swiotlb: wire up ->dma_supported in swiotlb_dma_ops
        swiotlb: add common swiotlb_map_ops
        swiotlb: rename swiotlb_free to swiotlb_exit
        x86: rename swiotlb_dma_ops
        powerpc: rename swiotlb_dma_ops
        ...
      2382dc9a
    • Linus Torvalds's avatar
      Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 28bc6fb9
      Linus Torvalds authored
      Pull SCSI updates from James Bottomley:
       "This is mostly updates of the usual driver suspects: arcmsr,
        scsi_debug, mpt3sas, lpfc, cxlflash, qla2xxx, aacraid, megaraid_sas,
        hisi_sas.
      
        We also have a rework of the libsas hotplug handling to make it more
        robust, a slew of 32 bit time conversions and fixes, and a host of the
        usual minor updates and style changes. The biggest potential for
        regressions is the libsas hotplug changes, but so far they seem stable
        under testing"
      
      * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (313 commits)
        scsi: qla2xxx: Fix logo flag for qlt_free_session_done()
        scsi: arcmsr: avoid do_gettimeofday
        scsi: core: Add VENDOR_SPECIFIC sense code definitions
        scsi: qedi: Drop cqe response during connection recovery
        scsi: fas216: fix sense buffer initialization
        scsi: ibmvfc: Remove unneeded semicolons
        scsi: hisi_sas: fix a bug in hisi_sas_dev_gone()
        scsi: hisi_sas: directly attached disk LED feature for v2 hw
        scsi: hisi_sas: devicetree: bindings: add LED feature for v2 hw
        scsi: megaraid_sas: NVMe passthrough command support
        scsi: megaraid: use ktime_get_real for firmware time
        scsi: fnic: use 64-bit timestamps
        scsi: qedf: Fix error return code in __qedf_probe()
        scsi: devinfo: fix format of the device list
        scsi: qla2xxx: Update driver version to 10.00.00.05-k
        scsi: qla2xxx: Add XCB counters to debugfs
        scsi: qla2xxx: Fix queue ID for async abort with Multiqueue
        scsi: qla2xxx: Fix warning for code intentation in __qla24xx_handle_gpdb_event()
        scsi: qla2xxx: Fix warning during port_name debug print
        scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
        ...
      28bc6fb9
    • Linus Torvalds's avatar
      Merge tag 'for-4.16/dm-changes' of... · 0be600a5
      Linus Torvalds authored
      Merge tag 'for-4.16/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
      
      Pull device mapper updates from Mike Snitzer:
      
       - DM core fixes to ensure that bio submission follows a depth-first
         tree walk; this is critical to allow forward progress without the
         need to use the bioset's BIOSET_NEED_RESCUER.
      
       - Remove DM core's BIOSET_NEED_RESCUER based dm_offload infrastructure.
      
       - DM core cleanups and improvements to make bio-based DM more efficient
         (e.g. reduced memory footprint as well leveraging per-bio-data more).
      
       - Introduce new bio-based mode (DM_TYPE_NVME_BIO_BASED) that leverages
         the more direct IO submission path in the block layer; this mode is
         used by DM multipath and also optimizes targets like DM thin-pool
         that stack directly on NVMe data device.
      
       - DM multipath improvements to factor out legacy SCSI-only (e.g.
         scsi_dh) code paths to allow for more optimized support for NVMe
         multipath.
      
       - A fix for DM multipath path selectors (service-time and queue-length)
         to select paths in a more balanced way; largely academic but doesn't
         hurt.
      
       - Numerous DM raid target fixes and improvements.
      
       - Add a new DM "unstriped" target that enables Intel to workaround
         firmware limitations in some NVMe drives that are striped internally
         (this target also works when stacked above the DM "striped" target).
      
       - Various Documentation fixes and improvements.
      
       - Misc cleanups and fixes across various DM infrastructure and targets
         (e.g. bufio, flakey, log-writes, snapshot).
      
      * tag 'for-4.16/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: (69 commits)
        dm cache: Documentation: update default migration_throttling value
        dm mpath selector: more evenly distribute ties
        dm unstripe: fix target length versus number of stripes size check
        dm thin: fix trailing semicolon in __remap_and_issue_shared_cell
        dm table: fix NVMe bio-based dm_table_determine_type() validation
        dm: various cleanups to md->queue initialization code
        dm mpath: delay the retry of a request if the target responded as busy
        dm mpath: return DM_MAPIO_DELAY_REQUEUE if QUEUE_IO or PG_INIT_REQUIRED
        dm mpath: return DM_MAPIO_REQUEUE on blk-mq rq allocation failure
        dm log writes: fix max length used for kstrndup
        dm: backfill missing calls to mutex_destroy()
        dm snapshot: use mutex instead of rw_semaphore
        dm flakey: check for null arg_name in parse_features()
        dm thin: extend thinpool status format string with omitted fields
        dm thin: fixes in thin-provisioning.txt
        dm thin: document representation of <highest mapped sector> when there is none
        dm thin: fix documentation relative to low water mark threshold
        dm cache: be consistent in specifying sectors and SI units in cache.txt
        dm cache: delete obsoleted paragraph in cache.txt
        dm cache: fix grammar in cache-policies.txt
        ...
      0be600a5
    • Linus Torvalds's avatar
      Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md · 040639b7
      Linus Torvalds authored
      Pull MD updates from Shaohua Li:
       "Some small fixes for MD:
      
         - fix raid5-cache potential problems if raid5 cache isn't fully
           recovered
      
         - fix a wait-within-wait warning in raid1/10
      
         - make raid5-PPL support disks with writeback cache enabled"
      
      * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/shli/md:
        raid5-ppl: PPL support for disks with write-back cache enabled
        md/r5cache: print more info of log recovery
        md/raid1,raid10: silence warning about wait-within-wait
        md: introduce new personality funciton start()
      040639b7
    • Linus Torvalds's avatar
      Merge tag 'xfs-4.16-merge-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux · 20c59c71
      Linus Torvalds authored
      Pull xfs updates from Darrick Wong:
       "This merge cycle, we're again some substantive changes to XFS.
      
        Metadata verifiers have been restructured to provide more detail about
        which part of a metadata structure failed checks, and we've enhanced
        the new online fsck feature to cross-reference extent allocation
        information with the other metadata structures. With this pull, the
        metadata verification part of online fsck is more or less finished,
        though the feature is still experimental and still disabled by
        default.
      
        We're also preparing to remove the EXPERIMENTAL tag from a couple of
        features this cycle. This week we're committing a bunch of space
        accounting fixes for reflink and removing the EXPERIMENTAL tag from
        reflink; I anticipate that we'll be ready to do the same for the
        reverse mapping feature next week. (I don't have any pending fixes for
        rmap; however I wish to remove the tags one at a time.)
      
        This giant pile of patches has been run through a full xfstests run
        over the weekend and through a quick xfstests run against this
        morning's master, with no major failures reported. Let me know if
        there's any merge problems -- git merge reported that one of our
        patches touched the same function as the i_version series, but it
        resolved things cleanly.
      
        Summary:
      
         - Log faulting code locations when verifiers fail, for improved
           diagnosis of corrupt filesystems.
      
         - Implement metadata verifiers for local format inode fork data.
      
         - Online scrub now cross-references metadata records with other
           metadata.
      
         - Refactor the fs geometry ioctl generation functions.
      
         - Harden various metadata verifiers.
      
         - Fix various accounting problems.
      
         - Fix uncancelled transactions leaking when xattr functions fail.
      
         - Prevent the copy-on-write speculative preallocation garbage
           collector from racing with writeback.
      
         - Emit log reservation type information as trace data so that we can
           compare against xfsprogs.
      
         - Fix some erroneous asserts in the online scrub code.
      
         - Clean up the transaction reservation calculations.
      
         - Fix various minor bugs in online scrub.
      
         - Log complaints about mixed dio/buffered writes once per day and
           less noisily than before.
      
         - Refactor buffer log item lists to use list_head.
      
         - Break PNFS leases before reflinking blocks.
      
         - Reduce lock contention on reflink source files.
      
         - Fix some quota accounting problems with reflink.
      
         - Fix a serious corruption problem in the direct cow write code where
           we fed bad iomaps to the vfs iomap consumers.
      
         - Various other refactorings.
      
         - Remove EXPERIMENTAL tag from reflink!"
      
      * tag 'xfs-4.16-merge-4' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (94 commits)
        xfs: remove experimental tag for reflinks
        xfs: don't screw up direct writes when freesp is fragmented
        xfs: check reflink allocation mappings
        iomap: warn on zero-length mappings
        xfs: treat CoW fork operations as delalloc for quota accounting
        xfs: only grab shared inode locks for source file during reflink
        xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes
        xfs: reflink should break pnfs leases before sharing blocks
        xfs: don't clobber inobt/finobt cursors when xref with rmap
        xfs: skip CoW writes past EOF when writeback races with truncate
        xfs: preserve i_rdev when recycling a reclaimable inode
        xfs: refactor accounting updates out of xfs_bmap_btalloc
        xfs: refactor inode verifier corruption error printing
        xfs: make tracepoint inode number format consistent
        xfs: always zero di_flags2 when we free the inode
        xfs: call xfs_qm_dqattach before performing reflink operations
        xfs: bmap code cleanup
        Use list_head infra-structure for buffer's log items list
        Split buffer's b_fspriv field
        Get rid of xfs_buf_log_item_t typedef
        ...
      20c59c71
    • Linus Torvalds's avatar
      Merge branch 'work.get_user_pages_fast' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 5a87e37e
      Linus Torvalds authored
      Pull get_user_pages_fast updates from Al Viro:
       "A bit more get_user_pages work"
      
      * 'work.get_user_pages_fast' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
        kvm: switch get_user_page_nowait() to get_user_pages_unlocked()
        __get_user_pages_locked(): get rid of notify_drop argument
        get_user_pages_unlocked(): pass true to __get_user_pages_locked() notify_drop
        cris: switch to get_user_pages_fast()
        fold __get_user_pages_unlocked() into its sole remaining caller
      5a87e37e
    • Linus Torvalds's avatar
      Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs · 19e7b5f9
      Linus Torvalds authored
      Pull misc vfs updates from Al Viro:
       "All kinds of misc stuff, without any unifying topic, from various
        people.
      
        Neil's d_anon patch, several bugfixes, introduction of kvmalloc
        analogue of kmemdup_user(), extending bitfield.h to deal with
        fixed-endians, assorted cleanups all over the place..."
      
      * 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (28 commits)
        alpha: osf_sys.c: use timespec64 where appropriate
        alpha: osf_sys.c: fix put_tv32 regression
        jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
        dcache: delete unused d_hash_mask
        dcache: subtract d_hash_shift from 32 in advance
        fs/buffer.c: fold init_buffer() into init_page_buffers()
        fs: fold __inode_permission() into inode_permission()
        fs: add RWF_APPEND
        sctp: use vmemdup_user() rather than badly open-coding memdup_user()
        snd_ctl_elem_init_enum_names(): switch to vmemdup_user()
        replace_user_tlv(): switch to vmemdup_user()
        new primitive: vmemdup_user()
        memdup_user(): switch to GFP_USER
        eventfd: fold eventfd_ctx_get() into eventfd_ctx_fileget()
        eventfd: fold eventfd_ctx_read() into eventfd_read()
        eventfd: convert to use anon_inode_getfd()
        nfs4file: get rid of pointless include of btrfs.h
        uvc_v4l2: clean copyin/copyout up
        vme_user: don't use __copy_..._user()
        usx2y: don't bother with memdup_user() for 16-byte structure
        ...
      19e7b5f9
    • Linus Torvalds's avatar
      Merge tag 'gfs2-4.16.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 · 26064ea4
      Linus Torvalds authored
      Pull GFS2 updates from Bob Peterson:
       "We've got 30 patches for this merge window. These generally fall into
        five categories:
      
         - code cleanups
      
         - patches related to adding PUNCH_HOLE support to GFS2
      
         - support for new fields in resource group headers
      
         - a few bug fixes
      
         - support for new fields in journal log headers. These new fields,
           which were previously unused, are designed to make it easier to
           track down file system corruption, and allow fsck.gfs2 to make more
           intelligent decisions when finding and fixing file system
           corruption.
      
        Details:
      
         - Two patches from Abhi Das, to trim the ordered writes list, which
           used to grow uncontrollably until unmount.
      
         - Several patches from Andreas Gruenbacher: remove an unused
           parameter from function gfs2_write_jdata_pagevec, remove a
           pointless BUG_ON, clean up an error patch in trunc_start, remove
           some unused parameters from truncate, make gfs2_journaled_truncate
           more efficient, clean up the support functions for truncate, fix
           metadata read-ahead for truncate to make it faster, fix up the
           non-recursive truncate code, rework and rename
           gfs2_block_truncate_page, generalize the non-recursive truncate
           code so it can take a range of values for punch_hole support,
           introduce new PUNCH_HOLE support that take advantage of the
           previous patches, add fallocate support with PUNCH_HOLE, fix some
           typos in the comments, add the function gfs2_max_stuffed_size to
           replace a piece of code that was needlessly repeated throughout
           GFS2, a minor cleanup to function gfs2_page_add_databufs, get rid
           of function gfs2_log_header_in in preparation for the new log
           header fields, and also fix up some missing newlines in kernel
           messages.
      
         - Andy Price added a new field to resource groups to indicate where
           the next one should be, to allow fsck.gfs2 to make better repairs.
           He also added new rindex fields for consistency checking, and added
           a crc field to resource group headers for consistency checking.
      
         - I reduced redundancy in functions common to freeing dinodes, and
           when writing log headers between the journalling code and journal
           recovery code. Also added new fields to journal log headers based
           on a prototype from Steve Whitehouse, and log the source of journal
           log headers so we can better track down journal corruption. Minor
           comment typo fix and a fix for a BUG in an unlink error path.
      
         - Steve Whitehouse contributed a patch to fix an incorrect use of the
           gfs2_blk2rgrpd function.
      
         - Tetsuo Handa contributed a patch that fixes incorrect error
           handling in function init_gfs2_fs"
      
      * tag 'gfs2-4.16.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2: (30 commits)
        gfs2: Add a few missing newlines in messages
        gfs2: Remove inode from ordered write list in gfs2_write_inode()
        GFS2: Don't try to end a non-existent transaction in unlink
        GFS2: Fix minor comment typo
        GFS2: Log the reason for log flushes in every log header
        GFS2: Introduce new gfs2_log_header_v2
        gfs2: Get rid of gfs2_log_header_in
        gfs2: Minor gfs2_page_add_databufs cleanup
        gfs2: Add gfs2_max_stuffed_size
        gfs2: Typo fixes
        gfs2: Implement fallocate(FALLOC_FL_PUNCH_HOLE)
        gfs2: Turn trunc_dealloc into punch_hole
        gfs2: Generalize truncate code
        Turn gfs2_block_truncate_page into gfs2_block_zero_range
        gfs2: Improve non-recursive delete algorithm
        gfs2: Fix metadata read-ahead during truncate
        gfs2: Clean up {lookup,fillup}_metapath
        gfs2: Remove minor gfs2_journaled_truncate inefficiencies
        gfs2: truncate: Remove unnecessary oldsize parameters
        gfs2: Clean up trunc_start error path
        ...
      26064ea4
    • Eric Biggers's avatar
      devpts: fix error handling in devpts_mntget() · c9cc8d01
      Eric Biggers authored
      If devpts_ptmx_path() returns an error code, then devpts_mntget()
      dereferences an ERR_PTR():
      
          BUG: unable to handle kernel paging request at fffffffffffffff5
          IP: devpts_mntget+0x13f/0x280 fs/devpts/inode.c:173
      
      Fix it by returning early in the error paths.
      
      Reproducer:
      
          #define _GNU_SOURCE
          #include <fcntl.h>
          #include <sched.h>
          #include <sys/ioctl.h>
          #define TIOCGPTPEER _IO('T', 0x41)
      
          int main()
          {
              for (;;) {
                  int fd = open("/dev/ptmx", 0);
                  unshare(CLONE_NEWNS);
                  ioctl(fd, TIOCGPTPEER, 0);
              }
          }
      
      Fixes: 311fc65c ("pty: Repair TIOCGPTPEER")
      Reported-by: default avatarsyzbot <syzkaller@googlegroups.com>
      Cc: <stable@vger.kernel.org> # v4.13+
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      c9cc8d01
    • Jeff Layton's avatar
      iversion: make inode_cmp_iversion{+raw} return bool instead of s64 · c0cef30e
      Jeff Layton authored
      As Linus points out:
      
          The inode_cmp_iversion{+raw}() functions are pure and utter crap.
      
          Why?
      
          You say that they return 0/negative/positive, but they do so in a
          completely broken manner. They return that ternary value as the
          sequence number difference in a 's64', which means that if you
          actually care about that ternary value, and do the *sane* thing that
          the kernel-doc of the function implies is the right thing, you would
          do
      
              int cmp = inode_cmp_iversion(inode, old);
              if (cmp < 0 ...
      
          and as a result you get code that looks sane, but that doesn't
          actually *WORK* right.
      
      Since none of the callers actually care about the ternary value here,
      convert the inode_cmp_iversion{+raw} functions to just return a boolean
      value (false for matching, true for non-matching).
      
      This matches the existing use of these functions just fine, and makes it
      simple to convert them to return a ternary value in the future if we
      grow callers that need it.
      
      With this change we can also reimplement inode_cmp_iversion in a simpler
      way using inode_peek_iversion.
      Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      c0cef30e
    • Jiri Kosina's avatar
      Merge branch 'for-4.16/remove-immediate' into for-linus · d05b695c
      Jiri Kosina authored
      Pull 'immediate' feature removal from Miroslav Benes.
      d05b695c
    • Vakul Garg's avatar
      tls: Add support for encryption using async offload accelerator · a54667f6
      Vakul Garg authored
      Async crypto accelerators (e.g. drivers/crypto/caam) support offloading
      GCM operation. If they are enabled, crypto_aead_encrypt() return error
      code -EINPROGRESS. In this case tls_do_encryption() needs to wait on a
      completion till the time the response for crypto offload request is
      received.
      Signed-off-by: default avatarVakul Garg <vakul.garg@nxp.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      a54667f6
    • Nikolay Aleksandrov's avatar
      ip6mr: fix stale iterator · 4adfa79f
      Nikolay Aleksandrov authored
      When we dump the ip6mr mfc entries via proc, we initialize an iterator
      with the table to dump but we don't clear the cache pointer which might
      be initialized from a prior read on the same descriptor that ended. This
      can result in lock imbalance (an unnecessary unlock) leading to other
      crashes and hangs. Clear the cache pointer like ipmr does to fix the issue.
      Thanks for the reliable reproducer.
      
      Here's syzbot's trace:
       WARNING: bad unlock balance detected!
       4.15.0-rc3+ #128 Not tainted
       syzkaller971460/3195 is trying to release lock (mrt_lock) at:
       [<000000006898068d>] ipmr_mfc_seq_stop+0xe1/0x130 net/ipv6/ip6mr.c:553
       but there are no more locks to release!
      
       other info that might help us debug this:
       1 lock held by syzkaller971460/3195:
        #0:  (&p->lock){+.+.}, at: [<00000000744a6565>] seq_read+0xd5/0x13d0
       fs/seq_file.c:165
      
       stack backtrace:
       CPU: 1 PID: 3195 Comm: syzkaller971460 Not tainted 4.15.0-rc3+ #128
       Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
       Google 01/01/2011
       Call Trace:
        __dump_stack lib/dump_stack.c:17 [inline]
        dump_stack+0x194/0x257 lib/dump_stack.c:53
        print_unlock_imbalance_bug+0x12f/0x140 kernel/locking/lockdep.c:3561
        __lock_release kernel/locking/lockdep.c:3775 [inline]
        lock_release+0x5f9/0xda0 kernel/locking/lockdep.c:4023
        __raw_read_unlock include/linux/rwlock_api_smp.h:225 [inline]
        _raw_read_unlock+0x1a/0x30 kernel/locking/spinlock.c:255
        ipmr_mfc_seq_stop+0xe1/0x130 net/ipv6/ip6mr.c:553
        traverse+0x3bc/0xa00 fs/seq_file.c:135
        seq_read+0x96a/0x13d0 fs/seq_file.c:189
        proc_reg_read+0xef/0x170 fs/proc/inode.c:217
        do_loop_readv_writev fs/read_write.c:673 [inline]
        do_iter_read+0x3db/0x5b0 fs/read_write.c:897
        compat_readv+0x1bf/0x270 fs/read_write.c:1140
        do_compat_preadv64+0xdc/0x100 fs/read_write.c:1189
        C_SYSC_preadv fs/read_write.c:1209 [inline]
        compat_SyS_preadv+0x3b/0x50 fs/read_write.c:1203
        do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
        do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
        entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
       RIP: 0023:0xf7f73c79
       RSP: 002b:00000000e574a15c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
       RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020a3afb0
       RDX: 0000000000000001 RSI: 0000000000000067 RDI: 0000000000000000
       RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
       R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
       R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
       BUG: sleeping function called from invalid context at lib/usercopy.c:25
       in_atomic(): 1, irqs_disabled(): 0, pid: 3195, name: syzkaller971460
       INFO: lockdep is turned off.
       CPU: 1 PID: 3195 Comm: syzkaller971460 Not tainted 4.15.0-rc3+ #128
       Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
       Google 01/01/2011
       Call Trace:
        __dump_stack lib/dump_stack.c:17 [inline]
        dump_stack+0x194/0x257 lib/dump_stack.c:53
        ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6060
        __might_sleep+0x95/0x190 kernel/sched/core.c:6013
        __might_fault+0xab/0x1d0 mm/memory.c:4525
        _copy_to_user+0x2c/0xc0 lib/usercopy.c:25
        copy_to_user include/linux/uaccess.h:155 [inline]
        seq_read+0xcb4/0x13d0 fs/seq_file.c:279
        proc_reg_read+0xef/0x170 fs/proc/inode.c:217
        do_loop_readv_writev fs/read_write.c:673 [inline]
        do_iter_read+0x3db/0x5b0 fs/read_write.c:897
        compat_readv+0x1bf/0x270 fs/read_write.c:1140
        do_compat_preadv64+0xdc/0x100 fs/read_write.c:1189
        C_SYSC_preadv fs/read_write.c:1209 [inline]
        compat_SyS_preadv+0x3b/0x50 fs/read_write.c:1203
        do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
        do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
        entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
       RIP: 0023:0xf7f73c79
       RSP: 002b:00000000e574a15c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
       RAX: ffffffffffffffda RBX: 000000000000000f RCX: 0000000020a3afb0
       RDX: 0000000000000001 RSI: 0000000000000067 RDI: 0000000000000000
       RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
       R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
       R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
       WARNING: CPU: 1 PID: 3195 at lib/usercopy.c:26 _copy_to_user+0xb5/0xc0
       lib/usercopy.c:26
      Reported-by: default avatarsyzbot <bot+eceb3204562c41a438fa1f2335e0fe4f6886d669@syzkaller.appspotmail.com>
      Signed-off-by: default avatarNikolay Aleksandrov <nikolay@cumulusnetworks.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      4adfa79f
    • Ulf Magnusson's avatar
      net/sched: kconfig: Remove blank help texts · 11eab148
      Ulf Magnusson authored
      Blank help texts are probably either a typo, a Kconfig misunderstanding,
      or some kind of half-committing to adding a help text (in which case a
      TODO comment would be clearer, if the help text really can't be added
      right away).
      
      Best to remove them, IMO.
      Signed-off-by: default avatarUlf Magnusson <ulfalizer@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      11eab148
    • Gustavo A. R. Silva's avatar
      openvswitch: meter: Use 64-bit arithmetic instead of 32-bit · 5b7789e8
      Gustavo A. R. Silva authored
      Add suffix LL to constant 1000 in order to give the compiler
      complete information about the proper arithmetic to use. Notice
      that this constant is used in a context that expects an expression
      of type long long int (64 bits, signed).
      
      The expression (band->burst_size + band->rate) * 1000 is currently
      being evaluated using 32-bit arithmetic.
      
      Addresses-Coverity-ID: 1461563 ("Unintentional integer overflow")
      Signed-off-by: default avatarGustavo A. R. Silva <gustavo@embeddedor.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5b7789e8
    • Gustavo A. R. Silva's avatar
      tcp_nv: fix potential integer overflow in tcpnv_acked · e4823fbd
      Gustavo A. R. Silva authored
      Add suffix ULL to constant 80000 in order to avoid a potential integer
      overflow and give the compiler complete information about the proper
      arithmetic to use. Notice that this constant is used in a context that
      expects an expression of type u64.
      
      The current cast to u64 effectively applies to the whole expression
      as an argument of type u64 to be passed to div64_u64, but it does
      not prevent it from being evaluated using 32-bit arithmetic instead
      of 64-bit arithmetic.
      
      Also, once the expression is properly evaluated using 64-bit arithmentic,
      there is no need for the parentheses and the external cast to u64.
      
      Addresses-Coverity-ID: 1357588 ("Unintentional integer overflow")
      Signed-off-by: default avatarGustavo A. R. Silva <gustavo@embeddedor.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      e4823fbd
    • Chunhao Lin's avatar
      r8169: fix RTL8168EP take too long to complete driver initialization. · 086ca23d
      Chunhao Lin authored
      Driver check the wrong register bit in rtl_ocp_tx_cond() that keep driver
      waiting until timeout.
      
      Fix this by waiting for the right register bit.
      Signed-off-by: default avatarChunhao Lin <hau@realtek.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      086ca23d
    • Kristian Evensen's avatar
      qmi_wwan: Add support for Quectel EP06 · c0b91a56
      Kristian Evensen authored
      The Quectel EP06 is a Cat. 6 LTE modem. It uses the same interface as
      the EC20/EC25 for QMI, and requires the same "set DTR"-quirk to work.
      Signed-off-by: default avatarKristian Evensen <kristian.evensen@gmail.com>
      Acked-by: default avatarBjørn Mork <bjorn@mork.no>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      c0b91a56
    • Christian Brauner's avatar
      rtnetlink: enable IFLA_IF_NETNSID for RTM_NEWLINK · 5bb8ed07
      Christian Brauner authored
      - Backwards Compatibility:
        If userspace wants to determine whether RTM_NEWLINK supports the
        IFLA_IF_NETNSID property they should first send an RTM_GETLINK request
        with IFLA_IF_NETNSID on lo. If either EACCESS is returned or the reply
        does not include IFLA_IF_NETNSID userspace should assume that
        IFLA_IF_NETNSID is not supported on this kernel.
        If the reply does contain an IFLA_IF_NETNSID property userspace
        can send an RTM_NEWLINK with a IFLA_IF_NETNSID property. If they receive
        EOPNOTSUPP then the kernel does not support the IFLA_IF_NETNSID property
        with RTM_NEWLINK. Userpace should then fallback to other means.
      
      - Security:
        Callers must have CAP_NET_ADMIN in the owning user namespace of the
        target network namespace.
      Signed-off-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      5bb8ed07