Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mike Pagano <mpagano@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/linux-patches:4.10 commit in: /
Date: Fri, 31 Mar 2017 10:45:59
Message-Id: 1490957143.0ebaa38341c1d4266ba9b27e39a35bf296bd1c96.mpagano@gentoo
1 commit: 0ebaa38341c1d4266ba9b27e39a35bf296bd1c96
2 Author: Mike Pagano <mpagano <AT> gentoo <DOT> org>
3 AuthorDate: Fri Mar 31 10:45:43 2017 +0000
4 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org>
5 CommitDate: Fri Mar 31 10:45:43 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=0ebaa383
7
8 Linux patch 4.10.8
9
10 0000_README | 4 +
11 1007_linux-4.10.8.patch | 493 ++++++++++++++++++++++++++++++++++++++++++++++++
12 2 files changed, 497 insertions(+)
13
14 diff --git a/0000_README b/0000_README
15 index 02aad35..4c7de50 100644
16 --- a/0000_README
17 +++ b/0000_README
18 @@ -71,6 +71,10 @@ Patch: 1006_linux-4.10.7.patch
19 From: http://www.kernel.org
20 Desc: Linux 4.10.7
21
22 +Patch: 1007_linux-4.10.8.patch
23 +From: http://www.kernel.org
24 +Desc: Linux 4.10.8
25 +
26 Patch: 1500_XATTR_USER_PREFIX.patch
27 From: https://bugs.gentoo.org/show_bug.cgi?id=470644
28 Desc: Support for namespace user.pax.* on tmpfs.
29
30 diff --git a/1007_linux-4.10.8.patch b/1007_linux-4.10.8.patch
31 new file mode 100644
32 index 0000000..4928a4c
33 --- /dev/null
34 +++ b/1007_linux-4.10.8.patch
35 @@ -0,0 +1,493 @@
36 +diff --git a/Makefile b/Makefile
37 +index 976e8d1a468a..82e0809fed9b 100644
38 +--- a/Makefile
39 ++++ b/Makefile
40 +@@ -1,6 +1,6 @@
41 + VERSION = 4
42 + PATCHLEVEL = 10
43 +-SUBLEVEL = 7
44 ++SUBLEVEL = 8
45 + EXTRAVERSION =
46 + NAME = Fearless Coyote
47 +
48 +diff --git a/arch/c6x/kernel/ptrace.c b/arch/c6x/kernel/ptrace.c
49 +index 3c494e84444d..a511ac16a8e3 100644
50 +--- a/arch/c6x/kernel/ptrace.c
51 ++++ b/arch/c6x/kernel/ptrace.c
52 +@@ -69,46 +69,6 @@ static int gpr_get(struct task_struct *target,
53 + 0, sizeof(*regs));
54 + }
55 +
56 +-static int gpr_set(struct task_struct *target,
57 +- const struct user_regset *regset,
58 +- unsigned int pos, unsigned int count,
59 +- const void *kbuf, const void __user *ubuf)
60 +-{
61 +- int ret;
62 +- struct pt_regs *regs = task_pt_regs(target);
63 +-
64 +- /* Don't copyin TSR or CSR */
65 +- ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
66 +- &regs,
67 +- 0, PT_TSR * sizeof(long));
68 +- if (ret)
69 +- return ret;
70 +-
71 +- ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
72 +- PT_TSR * sizeof(long),
73 +- (PT_TSR + 1) * sizeof(long));
74 +- if (ret)
75 +- return ret;
76 +-
77 +- ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
78 +- &regs,
79 +- (PT_TSR + 1) * sizeof(long),
80 +- PT_CSR * sizeof(long));
81 +- if (ret)
82 +- return ret;
83 +-
84 +- ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
85 +- PT_CSR * sizeof(long),
86 +- (PT_CSR + 1) * sizeof(long));
87 +- if (ret)
88 +- return ret;
89 +-
90 +- ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
91 +- &regs,
92 +- (PT_CSR + 1) * sizeof(long), -1);
93 +- return ret;
94 +-}
95 +-
96 + enum c6x_regset {
97 + REGSET_GPR,
98 + };
99 +@@ -120,7 +80,6 @@ static const struct user_regset c6x_regsets[] = {
100 + .size = sizeof(u32),
101 + .align = sizeof(u32),
102 + .get = gpr_get,
103 +- .set = gpr_set
104 + },
105 + };
106 +
107 +diff --git a/arch/h8300/kernel/ptrace.c b/arch/h8300/kernel/ptrace.c
108 +index 92075544a19a..0dc1c8f622bc 100644
109 +--- a/arch/h8300/kernel/ptrace.c
110 ++++ b/arch/h8300/kernel/ptrace.c
111 +@@ -95,7 +95,8 @@ static int regs_get(struct task_struct *target,
112 + long *reg = (long *)&regs;
113 +
114 + /* build user regs in buffer */
115 +- for (r = 0; r < ARRAY_SIZE(register_offset); r++)
116 ++ BUILD_BUG_ON(sizeof(regs) % sizeof(long) != 0);
117 ++ for (r = 0; r < sizeof(regs) / sizeof(long); r++)
118 + *reg++ = h8300_get_reg(target, r);
119 +
120 + return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
121 +@@ -113,7 +114,8 @@ static int regs_set(struct task_struct *target,
122 + long *reg;
123 +
124 + /* build user regs in buffer */
125 +- for (reg = (long *)&regs, r = 0; r < ARRAY_SIZE(register_offset); r++)
126 ++ BUILD_BUG_ON(sizeof(regs) % sizeof(long) != 0);
127 ++ for (reg = (long *)&regs, r = 0; r < sizeof(regs) / sizeof(long); r++)
128 + *reg++ = h8300_get_reg(target, r);
129 +
130 + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
131 +@@ -122,7 +124,7 @@ static int regs_set(struct task_struct *target,
132 + return ret;
133 +
134 + /* write back to pt_regs */
135 +- for (reg = (long *)&regs, r = 0; r < ARRAY_SIZE(register_offset); r++)
136 ++ for (reg = (long *)&regs, r = 0; r < sizeof(regs) / sizeof(long); r++)
137 + h8300_put_reg(target, r, *reg++);
138 + return 0;
139 + }
140 +diff --git a/arch/metag/kernel/ptrace.c b/arch/metag/kernel/ptrace.c
141 +index 7563628822bd..5e2dc7defd2c 100644
142 +--- a/arch/metag/kernel/ptrace.c
143 ++++ b/arch/metag/kernel/ptrace.c
144 +@@ -24,6 +24,16 @@
145 + * user_regset definitions.
146 + */
147 +
148 ++static unsigned long user_txstatus(const struct pt_regs *regs)
149 ++{
150 ++ unsigned long data = (unsigned long)regs->ctx.Flags;
151 ++
152 ++ if (regs->ctx.SaveMask & TBICTX_CBUF_BIT)
153 ++ data |= USER_GP_REGS_STATUS_CATCH_BIT;
154 ++
155 ++ return data;
156 ++}
157 ++
158 + int metag_gp_regs_copyout(const struct pt_regs *regs,
159 + unsigned int pos, unsigned int count,
160 + void *kbuf, void __user *ubuf)
161 +@@ -62,9 +72,7 @@ int metag_gp_regs_copyout(const struct pt_regs *regs,
162 + if (ret)
163 + goto out;
164 + /* TXSTATUS */
165 +- data = (unsigned long)regs->ctx.Flags;
166 +- if (regs->ctx.SaveMask & TBICTX_CBUF_BIT)
167 +- data |= USER_GP_REGS_STATUS_CATCH_BIT;
168 ++ data = user_txstatus(regs);
169 + ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf,
170 + &data, 4*25, 4*26);
171 + if (ret)
172 +@@ -119,6 +127,7 @@ int metag_gp_regs_copyin(struct pt_regs *regs,
173 + if (ret)
174 + goto out;
175 + /* TXSTATUS */
176 ++ data = user_txstatus(regs);
177 + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
178 + &data, 4*25, 4*26);
179 + if (ret)
180 +@@ -244,6 +253,8 @@ int metag_rp_state_copyin(struct pt_regs *regs,
181 + unsigned long long *ptr;
182 + int ret, i;
183 +
184 ++ if (count < 4*13)
185 ++ return -EINVAL;
186 + /* Read the entire pipeline before making any changes */
187 + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
188 + &rp, 0, 4*13);
189 +@@ -303,7 +314,7 @@ static int metag_tls_set(struct task_struct *target,
190 + const void *kbuf, const void __user *ubuf)
191 + {
192 + int ret;
193 +- void __user *tls;
194 ++ void __user *tls = target->thread.tls_ptr;
195 +
196 + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
197 + if (ret)
198 +diff --git a/arch/mips/kernel/ptrace.c b/arch/mips/kernel/ptrace.c
199 +index c8ba26072132..5d2498eb2340 100644
200 +--- a/arch/mips/kernel/ptrace.c
201 ++++ b/arch/mips/kernel/ptrace.c
202 +@@ -485,7 +485,8 @@ static int fpr_set(struct task_struct *target,
203 + &target->thread.fpu,
204 + 0, sizeof(elf_fpregset_t));
205 +
206 +- for (i = 0; i < NUM_FPU_REGS; i++) {
207 ++ BUILD_BUG_ON(sizeof(fpr_val) != sizeof(elf_fpreg_t));
208 ++ for (i = 0; i < NUM_FPU_REGS && count >= sizeof(elf_fpreg_t); i++) {
209 + err = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
210 + &fpr_val, i * sizeof(elf_fpreg_t),
211 + (i + 1) * sizeof(elf_fpreg_t));
212 +diff --git a/arch/sparc/kernel/ptrace_64.c b/arch/sparc/kernel/ptrace_64.c
213 +index 901063c1cf7e..341129a40e94 100644
214 +--- a/arch/sparc/kernel/ptrace_64.c
215 ++++ b/arch/sparc/kernel/ptrace_64.c
216 +@@ -350,7 +350,7 @@ static int genregs64_set(struct task_struct *target,
217 + }
218 +
219 + if (!ret) {
220 +- unsigned long y;
221 ++ unsigned long y = regs->y;
222 +
223 + ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
224 + &y,
225 +diff --git a/arch/x86/include/asm/kvm_page_track.h b/arch/x86/include/asm/kvm_page_track.h
226 +index d74747b031ec..c4eda791f877 100644
227 +--- a/arch/x86/include/asm/kvm_page_track.h
228 ++++ b/arch/x86/include/asm/kvm_page_track.h
229 +@@ -46,6 +46,7 @@ struct kvm_page_track_notifier_node {
230 + };
231 +
232 + void kvm_page_track_init(struct kvm *kvm);
233 ++void kvm_page_track_cleanup(struct kvm *kvm);
234 +
235 + void kvm_page_track_free_memslot(struct kvm_memory_slot *free,
236 + struct kvm_memory_slot *dont);
237 +diff --git a/arch/x86/kvm/page_track.c b/arch/x86/kvm/page_track.c
238 +index 4a1c13eaa518..c9473acd65d6 100644
239 +--- a/arch/x86/kvm/page_track.c
240 ++++ b/arch/x86/kvm/page_track.c
241 +@@ -158,6 +158,14 @@ bool kvm_page_track_is_active(struct kvm_vcpu *vcpu, gfn_t gfn,
242 + return !!ACCESS_ONCE(slot->arch.gfn_track[mode][index]);
243 + }
244 +
245 ++void kvm_page_track_cleanup(struct kvm *kvm)
246 ++{
247 ++ struct kvm_page_track_notifier_head *head;
248 ++
249 ++ head = &kvm->arch.track_notifier_head;
250 ++ cleanup_srcu_struct(&head->track_srcu);
251 ++}
252 ++
253 + void kvm_page_track_init(struct kvm *kvm)
254 + {
255 + struct kvm_page_track_notifier_head *head;
256 +diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
257 +index 2c22aef35dbc..c989e67dcc9d 100644
258 +--- a/arch/x86/kvm/vmx.c
259 ++++ b/arch/x86/kvm/vmx.c
260 +@@ -2811,7 +2811,6 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx)
261 + SECONDARY_EXEC_RDTSCP |
262 + SECONDARY_EXEC_DESC |
263 + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE |
264 +- SECONDARY_EXEC_ENABLE_VPID |
265 + SECONDARY_EXEC_APIC_REGISTER_VIRT |
266 + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY |
267 + SECONDARY_EXEC_WBINVD_EXITING |
268 +@@ -2839,10 +2838,12 @@ static void nested_vmx_setup_ctls_msrs(struct vcpu_vmx *vmx)
269 + * though it is treated as global context. The alternative is
270 + * not failing the single-context invvpid, and it is worse.
271 + */
272 +- if (enable_vpid)
273 ++ if (enable_vpid) {
274 ++ vmx->nested.nested_vmx_secondary_ctls_high |=
275 ++ SECONDARY_EXEC_ENABLE_VPID;
276 + vmx->nested.nested_vmx_vpid_caps = VMX_VPID_INVVPID_BIT |
277 + VMX_VPID_EXTENT_SUPPORTED_MASK;
278 +- else
279 ++ } else
280 + vmx->nested.nested_vmx_vpid_caps = 0;
281 +
282 + if (enable_unrestricted_guest)
283 +diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
284 +index e52c9088660f..b3b212f20f78 100644
285 +--- a/arch/x86/kvm/x86.c
286 ++++ b/arch/x86/kvm/x86.c
287 +@@ -8052,6 +8052,7 @@ void kvm_arch_destroy_vm(struct kvm *kvm)
288 + kvm_free_vcpus(kvm);
289 + kvfree(rcu_dereference_check(kvm->arch.apic_map, 1));
290 + kvm_mmu_uninit_vm(kvm);
291 ++ kvm_page_track_cleanup(kvm);
292 + }
293 +
294 + void kvm_arch_free_memslot(struct kvm *kvm, struct kvm_memory_slot *free,
295 +diff --git a/drivers/pinctrl/qcom/pinctrl-msm.c b/drivers/pinctrl/qcom/pinctrl-msm.c
296 +index 775c88303017..bedce3453dd3 100644
297 +--- a/drivers/pinctrl/qcom/pinctrl-msm.c
298 ++++ b/drivers/pinctrl/qcom/pinctrl-msm.c
299 +@@ -594,10 +594,6 @@ static void msm_gpio_irq_unmask(struct irq_data *d)
300 +
301 + spin_lock_irqsave(&pctrl->lock, flags);
302 +
303 +- val = readl(pctrl->regs + g->intr_status_reg);
304 +- val &= ~BIT(g->intr_status_bit);
305 +- writel(val, pctrl->regs + g->intr_status_reg);
306 +-
307 + val = readl(pctrl->regs + g->intr_cfg_reg);
308 + val |= BIT(g->intr_enable_bit);
309 + writel(val, pctrl->regs + g->intr_cfg_reg);
310 +diff --git a/drivers/scsi/qla2xxx/qla_attr.c b/drivers/scsi/qla2xxx/qla_attr.c
311 +index f201f4099620..f204d7cd5354 100644
312 +--- a/drivers/scsi/qla2xxx/qla_attr.c
313 ++++ b/drivers/scsi/qla2xxx/qla_attr.c
314 +@@ -2154,8 +2154,6 @@ qla24xx_vport_delete(struct fc_vport *fc_vport)
315 + "Timer for the VP[%d] has stopped\n", vha->vp_idx);
316 + }
317 +
318 +- BUG_ON(atomic_read(&vha->vref_count));
319 +-
320 + qla2x00_free_fcports(vha);
321 +
322 + mutex_lock(&ha->vport_lock);
323 +@@ -2163,7 +2161,7 @@ qla24xx_vport_delete(struct fc_vport *fc_vport)
324 + clear_bit(vha->vp_idx, ha->vp_idx_map);
325 + mutex_unlock(&ha->vport_lock);
326 +
327 +- if (vha->qpair->vp_idx == vha->vp_idx) {
328 ++ if (vha->qpair && vha->qpair->vp_idx == vha->vp_idx) {
329 + if (qla2xxx_delete_qpair(vha, vha->qpair) != QLA_SUCCESS)
330 + ql_log(ql_log_warn, vha, 0x7087,
331 + "Queue Pair delete failed.\n");
332 +diff --git a/drivers/scsi/qla2xxx/qla_def.h b/drivers/scsi/qla2xxx/qla_def.h
333 +index 5b1287a63c49..7887f9b0950d 100644
334 +--- a/drivers/scsi/qla2xxx/qla_def.h
335 ++++ b/drivers/scsi/qla2xxx/qla_def.h
336 +@@ -3788,6 +3788,7 @@ typedef struct scsi_qla_host {
337 + struct qla8044_reset_template reset_tmplt;
338 + struct qla_tgt_counters tgt_counters;
339 + uint16_t bbcr;
340 ++ wait_queue_head_t vref_waitq;
341 + } scsi_qla_host_t;
342 +
343 + struct qla27xx_image_status {
344 +@@ -3843,14 +3844,17 @@ struct qla2_sgx {
345 + mb(); \
346 + if (__vha->flags.delete_progress) { \
347 + atomic_dec(&__vha->vref_count); \
348 ++ wake_up(&__vha->vref_waitq); \
349 + __bail = 1; \
350 + } else { \
351 + __bail = 0; \
352 + } \
353 + } while (0)
354 +
355 +-#define QLA_VHA_MARK_NOT_BUSY(__vha) \
356 ++#define QLA_VHA_MARK_NOT_BUSY(__vha) do { \
357 + atomic_dec(&__vha->vref_count); \
358 ++ wake_up(&__vha->vref_waitq); \
359 ++} while (0) \
360 +
361 + #define QLA_QPAIR_MARK_BUSY(__qpair, __bail) do { \
362 + atomic_inc(&__qpair->ref_count); \
363 +diff --git a/drivers/scsi/qla2xxx/qla_init.c b/drivers/scsi/qla2xxx/qla_init.c
364 +index 7b6317c8c2e9..e2b2d7b6a085 100644
365 +--- a/drivers/scsi/qla2xxx/qla_init.c
366 ++++ b/drivers/scsi/qla2xxx/qla_init.c
367 +@@ -4352,6 +4352,7 @@ qla2x00_update_fcports(scsi_qla_host_t *base_vha)
368 + }
369 + }
370 + atomic_dec(&vha->vref_count);
371 ++ wake_up(&vha->vref_waitq);
372 + }
373 + spin_unlock_irqrestore(&ha->vport_slock, flags);
374 + }
375 +diff --git a/drivers/scsi/qla2xxx/qla_mid.c b/drivers/scsi/qla2xxx/qla_mid.c
376 +index c6d6f0d912ff..09a490c98763 100644
377 +--- a/drivers/scsi/qla2xxx/qla_mid.c
378 ++++ b/drivers/scsi/qla2xxx/qla_mid.c
379 +@@ -74,13 +74,14 @@ qla24xx_deallocate_vp_id(scsi_qla_host_t *vha)
380 + * ensures no active vp_list traversal while the vport is removed
381 + * from the queue)
382 + */
383 +- spin_lock_irqsave(&ha->vport_slock, flags);
384 +- while (atomic_read(&vha->vref_count)) {
385 +- spin_unlock_irqrestore(&ha->vport_slock, flags);
386 +-
387 +- msleep(500);
388 ++ wait_event_timeout(vha->vref_waitq, atomic_read(&vha->vref_count),
389 ++ 10*HZ);
390 +
391 +- spin_lock_irqsave(&ha->vport_slock, flags);
392 ++ spin_lock_irqsave(&ha->vport_slock, flags);
393 ++ if (atomic_read(&vha->vref_count)) {
394 ++ ql_dbg(ql_dbg_vport, vha, 0xfffa,
395 ++ "vha->vref_count=%u timeout\n", vha->vref_count.counter);
396 ++ vha->vref_count = (atomic_t)ATOMIC_INIT(0);
397 + }
398 + list_del(&vha->list);
399 + qlt_update_vp_map(vha, RESET_VP_IDX);
400 +@@ -269,6 +270,7 @@ qla2x00_alert_all_vps(struct rsp_que *rsp, uint16_t *mb)
401 +
402 + spin_lock_irqsave(&ha->vport_slock, flags);
403 + atomic_dec(&vha->vref_count);
404 ++ wake_up(&vha->vref_waitq);
405 + }
406 + i++;
407 + }
408 +diff --git a/drivers/scsi/qla2xxx/qla_os.c b/drivers/scsi/qla2xxx/qla_os.c
409 +index 17cdd1d09a57..dc79524178ad 100644
410 +--- a/drivers/scsi/qla2xxx/qla_os.c
411 ++++ b/drivers/scsi/qla2xxx/qla_os.c
412 +@@ -4215,6 +4215,7 @@ struct scsi_qla_host *qla2x00_create_host(struct scsi_host_template *sht,
413 +
414 + spin_lock_init(&vha->work_lock);
415 + spin_lock_init(&vha->cmd_list_lock);
416 ++ init_waitqueue_head(&vha->vref_waitq);
417 +
418 + sprintf(vha->host_str, "%s_%ld", QLA2XXX_DRIVER_NAME, vha->host_no);
419 + ql_dbg(ql_dbg_init, vha, 0x0041,
420 +diff --git a/drivers/usb/musb/musb_core.c b/drivers/usb/musb/musb_core.c
421 +index 772f15821242..4387afabebfd 100644
422 +--- a/drivers/usb/musb/musb_core.c
423 ++++ b/drivers/usb/musb/musb_core.c
424 +@@ -2497,8 +2497,8 @@ static int musb_remove(struct platform_device *pdev)
425 + pm_runtime_get_sync(musb->controller);
426 + musb_host_cleanup(musb);
427 + musb_gadget_cleanup(musb);
428 +- spin_lock_irqsave(&musb->lock, flags);
429 + musb_platform_disable(musb);
430 ++ spin_lock_irqsave(&musb->lock, flags);
431 + musb_generic_disable(musb);
432 + spin_unlock_irqrestore(&musb->lock, flags);
433 + musb_writeb(musb->mregs, MUSB_DEVCTL, 0);
434 +diff --git a/drivers/virtio/virtio_balloon.c b/drivers/virtio/virtio_balloon.c
435 +index 9d2738e9217f..2c2e6792f7e0 100644
436 +--- a/drivers/virtio/virtio_balloon.c
437 ++++ b/drivers/virtio/virtio_balloon.c
438 +@@ -427,6 +427,8 @@ static int init_vqs(struct virtio_balloon *vb)
439 + * Prime this virtqueue with one buffer so the hypervisor can
440 + * use it to signal us later (it can't be broken yet!).
441 + */
442 ++ update_balloon_stats(vb);
443 ++
444 + sg_init_one(&sg, vb->stats, sizeof vb->stats);
445 + if (virtqueue_add_outbuf(vb->stats_vq, &sg, 1, vb, GFP_KERNEL)
446 + < 0)
447 +diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c
448 +index 70ef2b1901e4..bf06ec6d7650 100644
449 +--- a/kernel/sched/deadline.c
450 ++++ b/kernel/sched/deadline.c
451 +@@ -1729,12 +1729,11 @@ static void switched_to_dl(struct rq *rq, struct task_struct *p)
452 + #ifdef CONFIG_SMP
453 + if (tsk_nr_cpus_allowed(p) > 1 && rq->dl.overloaded)
454 + queue_push_tasks(rq);
455 +-#else
456 ++#endif
457 + if (dl_task(rq->curr))
458 + check_preempt_curr_dl(rq, p, 0);
459 + else
460 + resched_curr(rq);
461 +-#endif
462 + }
463 + }
464 +
465 +diff --git a/kernel/sched/rt.c b/kernel/sched/rt.c
466 +index 2516b8df6dbb..f139f22ce30d 100644
467 +--- a/kernel/sched/rt.c
468 ++++ b/kernel/sched/rt.c
469 +@@ -2198,10 +2198,9 @@ static void switched_to_rt(struct rq *rq, struct task_struct *p)
470 + #ifdef CONFIG_SMP
471 + if (tsk_nr_cpus_allowed(p) > 1 && rq->rt.overloaded)
472 + queue_push_tasks(rq);
473 +-#else
474 ++#endif /* CONFIG_SMP */
475 + if (p->prio < rq->curr->prio)
476 + resched_curr(rq);
477 +-#endif /* CONFIG_SMP */
478 + }
479 + }
480 +
481 +diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
482 +index 177e208e8ff5..3c8f5b70abf8 100644
483 +--- a/net/xfrm/xfrm_policy.c
484 ++++ b/net/xfrm/xfrm_policy.c
485 +@@ -3062,6 +3062,11 @@ static int __net_init xfrm_net_init(struct net *net)
486 + {
487 + int rv;
488 +
489 ++ /* Initialize the per-net locks here */
490 ++ spin_lock_init(&net->xfrm.xfrm_state_lock);
491 ++ spin_lock_init(&net->xfrm.xfrm_policy_lock);
492 ++ mutex_init(&net->xfrm.xfrm_cfg_mutex);
493 ++
494 + rv = xfrm_statistics_init(net);
495 + if (rv < 0)
496 + goto out_statistics;
497 +@@ -3078,11 +3083,6 @@ static int __net_init xfrm_net_init(struct net *net)
498 + if (rv < 0)
499 + goto out;
500 +
501 +- /* Initialize the per-net locks here */
502 +- spin_lock_init(&net->xfrm.xfrm_state_lock);
503 +- spin_lock_init(&net->xfrm.xfrm_policy_lock);
504 +- mutex_init(&net->xfrm.xfrm_cfg_mutex);
505 +-
506 + return 0;
507 +
508 + out:
509 +diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
510 +index 9705c279494b..40a8aa39220d 100644
511 +--- a/net/xfrm/xfrm_user.c
512 ++++ b/net/xfrm/xfrm_user.c
513 +@@ -412,7 +412,14 @@ static inline int xfrm_replay_verify_len(struct xfrm_replay_state_esn *replay_es
514 + up = nla_data(rp);
515 + ulen = xfrm_replay_state_esn_len(up);
516 +
517 +- if (nla_len(rp) < ulen || xfrm_replay_state_esn_len(replay_esn) != ulen)
518 ++ /* Check the overall length and the internal bitmap length to avoid
519 ++ * potential overflow. */
520 ++ if (nla_len(rp) < ulen ||
521 ++ xfrm_replay_state_esn_len(replay_esn) != ulen ||
522 ++ replay_esn->bmp_len != up->bmp_len)
523 ++ return -EINVAL;
524 ++
525 ++ if (up->replay_window > up->bmp_len * sizeof(__u32) * 8)
526 + return -EINVAL;
527 +
528 + return 0;
Report Message
Find on MARC Find on Google Groups