1 |
commit: 310f5c1a8c792bf9601dccaa67621ff87d95d8a8 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Oct 1 12:45:24 2020 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Oct 1 12:45:24 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=310f5c1a |
7 |
|
8 |
Linux patch 4.19.149 |
9 |
|
10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
11 |
|
12 |
0000_README | 4 + |
13 |
1148_linux-4.19.149.patch | 9972 +++++++++++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 9976 insertions(+) |
15 |
|
16 |
diff --git a/0000_README b/0000_README |
17 |
index 9707ae7..e7a8587 100644 |
18 |
--- a/0000_README |
19 |
+++ b/0000_README |
20 |
@@ -631,6 +631,10 @@ Patch: 1147_linux-4.19.148.patch |
21 |
From: https://www.kernel.org |
22 |
Desc: Linux 4.19.148 |
23 |
|
24 |
+Patch: 1148_linux-4.19.149.patch |
25 |
+From: https://www.kernel.org |
26 |
+Desc: Linux 4.19.149 |
27 |
+ |
28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
30 |
Desc: Support for namespace user.pax.* on tmpfs. |
31 |
|
32 |
diff --git a/1148_linux-4.19.149.patch b/1148_linux-4.19.149.patch |
33 |
new file mode 100644 |
34 |
index 0000000..75c6340 |
35 |
--- /dev/null |
36 |
+++ b/1148_linux-4.19.149.patch |
37 |
@@ -0,0 +1,9972 @@ |
38 |
+diff --git a/Documentation/devicetree/bindings/sound/wm8994.txt b/Documentation/devicetree/bindings/sound/wm8994.txt |
39 |
+index 68cccc4653ba3..367b58ce1bb92 100644 |
40 |
+--- a/Documentation/devicetree/bindings/sound/wm8994.txt |
41 |
++++ b/Documentation/devicetree/bindings/sound/wm8994.txt |
42 |
+@@ -14,9 +14,15 @@ Required properties: |
43 |
+ - #gpio-cells : Must be 2. The first cell is the pin number and the |
44 |
+ second cell is used to specify optional parameters (currently unused). |
45 |
+ |
46 |
+- - AVDD2-supply, DBVDD1-supply, DBVDD2-supply, DBVDD3-supply, CPVDD-supply, |
47 |
+- SPKVDD1-supply, SPKVDD2-supply : power supplies for the device, as covered |
48 |
+- in Documentation/devicetree/bindings/regulator/regulator.txt |
49 |
++ - power supplies for the device, as covered in |
50 |
++ Documentation/devicetree/bindings/regulator/regulator.txt, depending |
51 |
++ on compatible: |
52 |
++ - for wlf,wm1811 and wlf,wm8958: |
53 |
++ AVDD1-supply, AVDD2-supply, DBVDD1-supply, DBVDD2-supply, DBVDD3-supply, |
54 |
++ DCVDD-supply, CPVDD-supply, SPKVDD1-supply, SPKVDD2-supply |
55 |
++ - for wlf,wm8994: |
56 |
++ AVDD1-supply, AVDD2-supply, DBVDD-supply, DCVDD-supply, CPVDD-supply, |
57 |
++ SPKVDD1-supply, SPKVDD2-supply |
58 |
+ |
59 |
+ Optional properties: |
60 |
+ |
61 |
+@@ -73,11 +79,11 @@ wm8994: codec@1a { |
62 |
+ |
63 |
+ lineout1-se; |
64 |
+ |
65 |
++ AVDD1-supply = <®ulator>; |
66 |
+ AVDD2-supply = <®ulator>; |
67 |
+ CPVDD-supply = <®ulator>; |
68 |
+- DBVDD1-supply = <®ulator>; |
69 |
+- DBVDD2-supply = <®ulator>; |
70 |
+- DBVDD3-supply = <®ulator>; |
71 |
++ DBVDD-supply = <®ulator>; |
72 |
++ DCVDD-supply = <®ulator>; |
73 |
+ SPKVDD1-supply = <®ulator>; |
74 |
+ SPKVDD2-supply = <®ulator>; |
75 |
+ }; |
76 |
+diff --git a/Documentation/driver-api/libata.rst b/Documentation/driver-api/libata.rst |
77 |
+index 70e180e6b93dc..9f3e5dc311840 100644 |
78 |
+--- a/Documentation/driver-api/libata.rst |
79 |
++++ b/Documentation/driver-api/libata.rst |
80 |
+@@ -250,7 +250,7 @@ High-level taskfile hooks |
81 |
+ |
82 |
+ :: |
83 |
+ |
84 |
+- void (*qc_prep) (struct ata_queued_cmd *qc); |
85 |
++ enum ata_completion_errors (*qc_prep) (struct ata_queued_cmd *qc); |
86 |
+ int (*qc_issue) (struct ata_queued_cmd *qc); |
87 |
+ |
88 |
+ |
89 |
+diff --git a/Makefile b/Makefile |
90 |
+index 3ffd5b03e6ddf..3ff5cf33ef55c 100644 |
91 |
+--- a/Makefile |
92 |
++++ b/Makefile |
93 |
+@@ -1,7 +1,7 @@ |
94 |
+ # SPDX-License-Identifier: GPL-2.0 |
95 |
+ VERSION = 4 |
96 |
+ PATCHLEVEL = 19 |
97 |
+-SUBLEVEL = 148 |
98 |
++SUBLEVEL = 149 |
99 |
+ EXTRAVERSION = |
100 |
+ NAME = "People's Front" |
101 |
+ |
102 |
+diff --git a/arch/arm/include/asm/kvm_emulate.h b/arch/arm/include/asm/kvm_emulate.h |
103 |
+index 7d2ca035d6c8f..11d4ff9f3e4df 100644 |
104 |
+--- a/arch/arm/include/asm/kvm_emulate.h |
105 |
++++ b/arch/arm/include/asm/kvm_emulate.h |
106 |
+@@ -216,7 +216,7 @@ static inline int kvm_vcpu_dabt_get_rd(struct kvm_vcpu *vcpu) |
107 |
+ return (kvm_vcpu_get_hsr(vcpu) & HSR_SRT_MASK) >> HSR_SRT_SHIFT; |
108 |
+ } |
109 |
+ |
110 |
+-static inline bool kvm_vcpu_dabt_iss1tw(struct kvm_vcpu *vcpu) |
111 |
++static inline bool kvm_vcpu_abt_iss1tw(const struct kvm_vcpu *vcpu) |
112 |
+ { |
113 |
+ return kvm_vcpu_get_hsr(vcpu) & HSR_DABT_S1PTW; |
114 |
+ } |
115 |
+@@ -248,16 +248,21 @@ static inline bool kvm_vcpu_trap_il_is32bit(struct kvm_vcpu *vcpu) |
116 |
+ return kvm_vcpu_get_hsr(vcpu) & HSR_IL; |
117 |
+ } |
118 |
+ |
119 |
+-static inline u8 kvm_vcpu_trap_get_class(struct kvm_vcpu *vcpu) |
120 |
++static inline u8 kvm_vcpu_trap_get_class(const struct kvm_vcpu *vcpu) |
121 |
+ { |
122 |
+ return kvm_vcpu_get_hsr(vcpu) >> HSR_EC_SHIFT; |
123 |
+ } |
124 |
+ |
125 |
+-static inline bool kvm_vcpu_trap_is_iabt(struct kvm_vcpu *vcpu) |
126 |
++static inline bool kvm_vcpu_trap_is_iabt(const struct kvm_vcpu *vcpu) |
127 |
+ { |
128 |
+ return kvm_vcpu_trap_get_class(vcpu) == HSR_EC_IABT; |
129 |
+ } |
130 |
+ |
131 |
++static inline bool kvm_vcpu_trap_is_exec_fault(const struct kvm_vcpu *vcpu) |
132 |
++{ |
133 |
++ return kvm_vcpu_trap_is_iabt(vcpu) && !kvm_vcpu_abt_iss1tw(vcpu); |
134 |
++} |
135 |
++ |
136 |
+ static inline u8 kvm_vcpu_trap_get_fault(struct kvm_vcpu *vcpu) |
137 |
+ { |
138 |
+ return kvm_vcpu_get_hsr(vcpu) & HSR_FSC; |
139 |
+diff --git a/arch/arm/kernel/stacktrace.c b/arch/arm/kernel/stacktrace.c |
140 |
+index a4d4a28fe07df..d23ab9ec130a3 100644 |
141 |
+--- a/arch/arm/kernel/stacktrace.c |
142 |
++++ b/arch/arm/kernel/stacktrace.c |
143 |
+@@ -115,6 +115,8 @@ static int save_trace(struct stackframe *frame, void *d) |
144 |
+ return 0; |
145 |
+ |
146 |
+ regs = (struct pt_regs *)frame->sp; |
147 |
++ if ((unsigned long)®s[1] > ALIGN(frame->sp, THREAD_SIZE)) |
148 |
++ return 0; |
149 |
+ |
150 |
+ trace->entries[trace->nr_entries++] = regs->ARM_pc; |
151 |
+ |
152 |
+diff --git a/arch/arm/kernel/traps.c b/arch/arm/kernel/traps.c |
153 |
+index badf02ca36938..aec533168f046 100644 |
154 |
+--- a/arch/arm/kernel/traps.c |
155 |
++++ b/arch/arm/kernel/traps.c |
156 |
+@@ -67,14 +67,16 @@ static void dump_mem(const char *, const char *, unsigned long, unsigned long); |
157 |
+ |
158 |
+ void dump_backtrace_entry(unsigned long where, unsigned long from, unsigned long frame) |
159 |
+ { |
160 |
++ unsigned long end = frame + 4 + sizeof(struct pt_regs); |
161 |
++ |
162 |
+ #ifdef CONFIG_KALLSYMS |
163 |
+ printk("[<%08lx>] (%ps) from [<%08lx>] (%pS)\n", where, (void *)where, from, (void *)from); |
164 |
+ #else |
165 |
+ printk("Function entered at [<%08lx>] from [<%08lx>]\n", where, from); |
166 |
+ #endif |
167 |
+ |
168 |
+- if (in_entry_text(from)) |
169 |
+- dump_mem("", "Exception stack", frame + 4, frame + 4 + sizeof(struct pt_regs)); |
170 |
++ if (in_entry_text(from) && end <= ALIGN(frame, THREAD_SIZE)) |
171 |
++ dump_mem("", "Exception stack", frame + 4, end); |
172 |
+ } |
173 |
+ |
174 |
+ void dump_backtrace_stm(u32 *stack, u32 instruction) |
175 |
+diff --git a/arch/arm64/include/asm/kvm_emulate.h b/arch/arm64/include/asm/kvm_emulate.h |
176 |
+index 778cb4f868d9b..669c960dd069c 100644 |
177 |
+--- a/arch/arm64/include/asm/kvm_emulate.h |
178 |
++++ b/arch/arm64/include/asm/kvm_emulate.h |
179 |
+@@ -303,7 +303,7 @@ static inline int kvm_vcpu_dabt_get_rd(const struct kvm_vcpu *vcpu) |
180 |
+ return (kvm_vcpu_get_hsr(vcpu) & ESR_ELx_SRT_MASK) >> ESR_ELx_SRT_SHIFT; |
181 |
+ } |
182 |
+ |
183 |
+-static inline bool kvm_vcpu_dabt_iss1tw(const struct kvm_vcpu *vcpu) |
184 |
++static inline bool kvm_vcpu_abt_iss1tw(const struct kvm_vcpu *vcpu) |
185 |
+ { |
186 |
+ return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_S1PTW); |
187 |
+ } |
188 |
+@@ -311,7 +311,7 @@ static inline bool kvm_vcpu_dabt_iss1tw(const struct kvm_vcpu *vcpu) |
189 |
+ static inline bool kvm_vcpu_dabt_iswrite(const struct kvm_vcpu *vcpu) |
190 |
+ { |
191 |
+ return !!(kvm_vcpu_get_hsr(vcpu) & ESR_ELx_WNR) || |
192 |
+- kvm_vcpu_dabt_iss1tw(vcpu); /* AF/DBM update */ |
193 |
++ kvm_vcpu_abt_iss1tw(vcpu); /* AF/DBM update */ |
194 |
+ } |
195 |
+ |
196 |
+ static inline bool kvm_vcpu_dabt_is_cm(const struct kvm_vcpu *vcpu) |
197 |
+@@ -340,6 +340,11 @@ static inline bool kvm_vcpu_trap_is_iabt(const struct kvm_vcpu *vcpu) |
198 |
+ return kvm_vcpu_trap_get_class(vcpu) == ESR_ELx_EC_IABT_LOW; |
199 |
+ } |
200 |
+ |
201 |
++static inline bool kvm_vcpu_trap_is_exec_fault(const struct kvm_vcpu *vcpu) |
202 |
++{ |
203 |
++ return kvm_vcpu_trap_is_iabt(vcpu) && !kvm_vcpu_abt_iss1tw(vcpu); |
204 |
++} |
205 |
++ |
206 |
+ static inline u8 kvm_vcpu_trap_get_fault(const struct kvm_vcpu *vcpu) |
207 |
+ { |
208 |
+ return kvm_vcpu_get_hsr(vcpu) & ESR_ELx_FSC; |
209 |
+diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c |
210 |
+index ac3126aba0368..de6fa9b4abfa0 100644 |
211 |
+--- a/arch/arm64/kernel/cpufeature.c |
212 |
++++ b/arch/arm64/kernel/cpufeature.c |
213 |
+@@ -155,11 +155,10 @@ static const struct arm64_ftr_bits ftr_id_aa64pfr0[] = { |
214 |
+ ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_GIC_SHIFT, 4, 0), |
215 |
+ S_ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_ASIMD_SHIFT, 4, ID_AA64PFR0_ASIMD_NI), |
216 |
+ S_ARM64_FTR_BITS(FTR_VISIBLE, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_FP_SHIFT, 4, ID_AA64PFR0_FP_NI), |
217 |
+- /* Linux doesn't care about the EL3 */ |
218 |
+ ARM64_FTR_BITS(FTR_HIDDEN, FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL3_SHIFT, 4, 0), |
219 |
+- ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL2_SHIFT, 4, 0), |
220 |
+- ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL1_SHIFT, 4, ID_AA64PFR0_EL1_64BIT_ONLY), |
221 |
+- ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL0_SHIFT, 4, ID_AA64PFR0_EL0_64BIT_ONLY), |
222 |
++ ARM64_FTR_BITS(FTR_HIDDEN, FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL2_SHIFT, 4, 0), |
223 |
++ ARM64_FTR_BITS(FTR_HIDDEN, FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL1_SHIFT, 4, ID_AA64PFR0_EL1_64BIT_ONLY), |
224 |
++ ARM64_FTR_BITS(FTR_HIDDEN, FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_EL0_SHIFT, 4, ID_AA64PFR0_EL0_64BIT_ONLY), |
225 |
+ ARM64_FTR_END, |
226 |
+ }; |
227 |
+ |
228 |
+@@ -301,7 +300,7 @@ static const struct arm64_ftr_bits ftr_id_pfr0[] = { |
229 |
+ }; |
230 |
+ |
231 |
+ static const struct arm64_ftr_bits ftr_id_dfr0[] = { |
232 |
+- ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 28, 4, 0), |
233 |
++ /* [31:28] TraceFilt */ |
234 |
+ S_ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 24, 4, 0xf), /* PerfMon */ |
235 |
+ ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 20, 4, 0), |
236 |
+ ARM64_FTR_BITS(FTR_HIDDEN, FTR_STRICT, FTR_LOWER_SAFE, 16, 4, 0), |
237 |
+@@ -671,9 +670,6 @@ void update_cpu_features(int cpu, |
238 |
+ taint |= check_update_ftr_reg(SYS_ID_AA64MMFR2_EL1, cpu, |
239 |
+ info->reg_id_aa64mmfr2, boot->reg_id_aa64mmfr2); |
240 |
+ |
241 |
+- /* |
242 |
+- * EL3 is not our concern. |
243 |
+- */ |
244 |
+ taint |= check_update_ftr_reg(SYS_ID_AA64PFR0_EL1, cpu, |
245 |
+ info->reg_id_aa64pfr0, boot->reg_id_aa64pfr0); |
246 |
+ taint |= check_update_ftr_reg(SYS_ID_AA64PFR1_EL1, cpu, |
247 |
+diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c |
248 |
+index f146bff53edf9..15312e429b7d1 100644 |
249 |
+--- a/arch/arm64/kvm/hyp/switch.c |
250 |
++++ b/arch/arm64/kvm/hyp/switch.c |
251 |
+@@ -430,7 +430,7 @@ static bool __hyp_text fixup_guest_exit(struct kvm_vcpu *vcpu, u64 *exit_code) |
252 |
+ kvm_vcpu_trap_get_fault_type(vcpu) == FSC_FAULT && |
253 |
+ kvm_vcpu_dabt_isvalid(vcpu) && |
254 |
+ !kvm_vcpu_dabt_isextabt(vcpu) && |
255 |
+- !kvm_vcpu_dabt_iss1tw(vcpu); |
256 |
++ !kvm_vcpu_abt_iss1tw(vcpu); |
257 |
+ |
258 |
+ if (valid) { |
259 |
+ int ret = __vgic_v2_perform_cpuif_access(vcpu); |
260 |
+diff --git a/arch/m68k/q40/config.c b/arch/m68k/q40/config.c |
261 |
+index 96810d91da2bd..4a25ce6a1823d 100644 |
262 |
+--- a/arch/m68k/q40/config.c |
263 |
++++ b/arch/m68k/q40/config.c |
264 |
+@@ -273,6 +273,7 @@ static int q40_get_rtc_pll(struct rtc_pll_info *pll) |
265 |
+ { |
266 |
+ int tmp = Q40_RTC_CTRL; |
267 |
+ |
268 |
++ pll->pll_ctrl = 0; |
269 |
+ pll->pll_value = tmp & Q40_RTC_PLL_MASK; |
270 |
+ if (tmp & Q40_RTC_PLL_SIGN) |
271 |
+ pll->pll_value = -pll->pll_value; |
272 |
+diff --git a/arch/mips/include/asm/cpu-type.h b/arch/mips/include/asm/cpu-type.h |
273 |
+index a45af3de075d9..d43e4ab20b238 100644 |
274 |
+--- a/arch/mips/include/asm/cpu-type.h |
275 |
++++ b/arch/mips/include/asm/cpu-type.h |
276 |
+@@ -47,6 +47,7 @@ static inline int __pure __get_cpu_type(const int cpu_type) |
277 |
+ case CPU_34K: |
278 |
+ case CPU_1004K: |
279 |
+ case CPU_74K: |
280 |
++ case CPU_1074K: |
281 |
+ case CPU_M14KC: |
282 |
+ case CPU_M14KEC: |
283 |
+ case CPU_INTERAPTIV: |
284 |
+diff --git a/arch/powerpc/include/asm/kvm_asm.h b/arch/powerpc/include/asm/kvm_asm.h |
285 |
+index a790d5cf6ea37..684e8ae00d160 100644 |
286 |
+--- a/arch/powerpc/include/asm/kvm_asm.h |
287 |
++++ b/arch/powerpc/include/asm/kvm_asm.h |
288 |
+@@ -163,4 +163,7 @@ |
289 |
+ |
290 |
+ #define KVM_INST_FETCH_FAILED -1 |
291 |
+ |
292 |
++/* Extract PO and XOP opcode fields */ |
293 |
++#define PO_XOP_OPCODE_MASK 0xfc0007fe |
294 |
++ |
295 |
+ #endif /* __POWERPC_KVM_ASM_H__ */ |
296 |
+diff --git a/arch/powerpc/kernel/eeh.c b/arch/powerpc/kernel/eeh.c |
297 |
+index fe3c6f3bd3b62..d123cba0992d0 100644 |
298 |
+--- a/arch/powerpc/kernel/eeh.c |
299 |
++++ b/arch/powerpc/kernel/eeh.c |
300 |
+@@ -502,7 +502,7 @@ int eeh_dev_check_failure(struct eeh_dev *edev) |
301 |
+ rc = 1; |
302 |
+ if (pe->state & EEH_PE_ISOLATED) { |
303 |
+ pe->check_count++; |
304 |
+- if (pe->check_count % EEH_MAX_FAILS == 0) { |
305 |
++ if (pe->check_count == EEH_MAX_FAILS) { |
306 |
+ dn = pci_device_to_OF_node(dev); |
307 |
+ if (dn) |
308 |
+ location = of_get_property(dn, "ibm,loc-code", |
309 |
+diff --git a/arch/powerpc/kernel/traps.c b/arch/powerpc/kernel/traps.c |
310 |
+index d5f351f02c153..7781f0168ce8c 100644 |
311 |
+--- a/arch/powerpc/kernel/traps.c |
312 |
++++ b/arch/powerpc/kernel/traps.c |
313 |
+@@ -430,11 +430,11 @@ out: |
314 |
+ #ifdef CONFIG_PPC_BOOK3S_64 |
315 |
+ BUG_ON(get_paca()->in_nmi == 0); |
316 |
+ if (get_paca()->in_nmi > 1) |
317 |
+- nmi_panic(regs, "Unrecoverable nested System Reset"); |
318 |
++ die("Unrecoverable nested System Reset", regs, SIGABRT); |
319 |
+ #endif |
320 |
+ /* Must die if the interrupt is not recoverable */ |
321 |
+ if (!(regs->msr & MSR_RI)) |
322 |
+- nmi_panic(regs, "Unrecoverable System Reset"); |
323 |
++ die("Unrecoverable System Reset", regs, SIGABRT); |
324 |
+ |
325 |
+ if (!nested) |
326 |
+ nmi_exit(); |
327 |
+@@ -775,7 +775,7 @@ void machine_check_exception(struct pt_regs *regs) |
328 |
+ |
329 |
+ /* Must die if the interrupt is not recoverable */ |
330 |
+ if (!(regs->msr & MSR_RI)) |
331 |
+- nmi_panic(regs, "Unrecoverable Machine check"); |
332 |
++ die("Unrecoverable Machine check", regs, SIGBUS); |
333 |
+ |
334 |
+ return; |
335 |
+ |
336 |
+diff --git a/arch/powerpc/kvm/book3s_hv_tm.c b/arch/powerpc/kvm/book3s_hv_tm.c |
337 |
+index 31cd0f327c8a2..e7fd60cf97804 100644 |
338 |
+--- a/arch/powerpc/kvm/book3s_hv_tm.c |
339 |
++++ b/arch/powerpc/kvm/book3s_hv_tm.c |
340 |
+@@ -6,6 +6,8 @@ |
341 |
+ * published by the Free Software Foundation. |
342 |
+ */ |
343 |
+ |
344 |
++#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt |
345 |
++ |
346 |
+ #include <linux/kvm_host.h> |
347 |
+ |
348 |
+ #include <asm/kvm_ppc.h> |
349 |
+@@ -47,7 +49,18 @@ int kvmhv_p9_tm_emulation(struct kvm_vcpu *vcpu) |
350 |
+ u64 newmsr, bescr; |
351 |
+ int ra, rs; |
352 |
+ |
353 |
+- switch (instr & 0xfc0007ff) { |
354 |
++ /* |
355 |
++ * rfid, rfebb, and mtmsrd encode bit 31 = 0 since it's a reserved bit |
356 |
++ * in these instructions, so masking bit 31 out doesn't change these |
357 |
++ * instructions. For treclaim., tsr., and trechkpt. instructions if bit |
358 |
++ * 31 = 0 then they are per ISA invalid forms, however P9 UM, in section |
359 |
++ * 4.6.10 Book II Invalid Forms, informs specifically that ignoring bit |
360 |
++ * 31 is an acceptable way to handle these invalid forms that have |
361 |
++ * bit 31 = 0. Moreover, for emulation purposes both forms (w/ and wo/ |
362 |
++ * bit 31 set) can generate a softpatch interrupt. Hence both forms |
363 |
++ * are handled below for these instructions so they behave the same way. |
364 |
++ */ |
365 |
++ switch (instr & PO_XOP_OPCODE_MASK) { |
366 |
+ case PPC_INST_RFID: |
367 |
+ /* XXX do we need to check for PR=0 here? */ |
368 |
+ newmsr = vcpu->arch.shregs.srr1; |
369 |
+@@ -108,7 +121,8 @@ int kvmhv_p9_tm_emulation(struct kvm_vcpu *vcpu) |
370 |
+ vcpu->arch.shregs.msr = newmsr; |
371 |
+ return RESUME_GUEST; |
372 |
+ |
373 |
+- case PPC_INST_TSR: |
374 |
++ /* ignore bit 31, see comment above */ |
375 |
++ case (PPC_INST_TSR & PO_XOP_OPCODE_MASK): |
376 |
+ /* check for PR=1 and arch 2.06 bit set in PCR */ |
377 |
+ if ((msr & MSR_PR) && (vcpu->arch.vcore->pcr & PCR_ARCH_206)) { |
378 |
+ /* generate an illegal instruction interrupt */ |
379 |
+@@ -143,7 +157,8 @@ int kvmhv_p9_tm_emulation(struct kvm_vcpu *vcpu) |
380 |
+ vcpu->arch.shregs.msr = msr; |
381 |
+ return RESUME_GUEST; |
382 |
+ |
383 |
+- case PPC_INST_TRECLAIM: |
384 |
++ /* ignore bit 31, see comment above */ |
385 |
++ case (PPC_INST_TRECLAIM & PO_XOP_OPCODE_MASK): |
386 |
+ /* check for TM disabled in the HFSCR or MSR */ |
387 |
+ if (!(vcpu->arch.hfscr & HFSCR_TM)) { |
388 |
+ /* generate an illegal instruction interrupt */ |
389 |
+@@ -179,7 +194,8 @@ int kvmhv_p9_tm_emulation(struct kvm_vcpu *vcpu) |
390 |
+ vcpu->arch.shregs.msr &= ~MSR_TS_MASK; |
391 |
+ return RESUME_GUEST; |
392 |
+ |
393 |
+- case PPC_INST_TRECHKPT: |
394 |
++ /* ignore bit 31, see comment above */ |
395 |
++ case (PPC_INST_TRECHKPT & PO_XOP_OPCODE_MASK): |
396 |
+ /* XXX do we need to check for PR=0 here? */ |
397 |
+ /* check for TM disabled in the HFSCR or MSR */ |
398 |
+ if (!(vcpu->arch.hfscr & HFSCR_TM)) { |
399 |
+@@ -211,6 +227,8 @@ int kvmhv_p9_tm_emulation(struct kvm_vcpu *vcpu) |
400 |
+ } |
401 |
+ |
402 |
+ /* What should we do here? We didn't recognize the instruction */ |
403 |
+- WARN_ON_ONCE(1); |
404 |
++ kvmppc_core_queue_program(vcpu, SRR1_PROGILL); |
405 |
++ pr_warn_ratelimited("Unrecognized TM-related instruction %#x for emulation", instr); |
406 |
++ |
407 |
+ return RESUME_GUEST; |
408 |
+ } |
409 |
+diff --git a/arch/powerpc/kvm/book3s_hv_tm_builtin.c b/arch/powerpc/kvm/book3s_hv_tm_builtin.c |
410 |
+index 3cf5863bc06e8..3c7ca2fa19597 100644 |
411 |
+--- a/arch/powerpc/kvm/book3s_hv_tm_builtin.c |
412 |
++++ b/arch/powerpc/kvm/book3s_hv_tm_builtin.c |
413 |
+@@ -26,7 +26,18 @@ int kvmhv_p9_tm_emulation_early(struct kvm_vcpu *vcpu) |
414 |
+ u64 newmsr, msr, bescr; |
415 |
+ int rs; |
416 |
+ |
417 |
+- switch (instr & 0xfc0007ff) { |
418 |
++ /* |
419 |
++ * rfid, rfebb, and mtmsrd encode bit 31 = 0 since it's a reserved bit |
420 |
++ * in these instructions, so masking bit 31 out doesn't change these |
421 |
++ * instructions. For the tsr. instruction if bit 31 = 0 then it is per |
422 |
++ * ISA an invalid form, however P9 UM, in section 4.6.10 Book II Invalid |
423 |
++ * Forms, informs specifically that ignoring bit 31 is an acceptable way |
424 |
++ * to handle TM-related invalid forms that have bit 31 = 0. Moreover, |
425 |
++ * for emulation purposes both forms (w/ and wo/ bit 31 set) can |
426 |
++ * generate a softpatch interrupt. Hence both forms are handled below |
427 |
++ * for tsr. to make them behave the same way. |
428 |
++ */ |
429 |
++ switch (instr & PO_XOP_OPCODE_MASK) { |
430 |
+ case PPC_INST_RFID: |
431 |
+ /* XXX do we need to check for PR=0 here? */ |
432 |
+ newmsr = vcpu->arch.shregs.srr1; |
433 |
+@@ -76,7 +87,8 @@ int kvmhv_p9_tm_emulation_early(struct kvm_vcpu *vcpu) |
434 |
+ vcpu->arch.shregs.msr = newmsr; |
435 |
+ return 1; |
436 |
+ |
437 |
+- case PPC_INST_TSR: |
438 |
++ /* ignore bit 31, see comment above */ |
439 |
++ case (PPC_INST_TSR & PO_XOP_OPCODE_MASK): |
440 |
+ /* we know the MSR has the TS field = S (0b01) here */ |
441 |
+ msr = vcpu->arch.shregs.msr; |
442 |
+ /* check for PR=1 and arch 2.06 bit set in PCR */ |
443 |
+diff --git a/arch/riscv/include/asm/ftrace.h b/arch/riscv/include/asm/ftrace.h |
444 |
+index c6dcc5291f972..02fbc175142e2 100644 |
445 |
+--- a/arch/riscv/include/asm/ftrace.h |
446 |
++++ b/arch/riscv/include/asm/ftrace.h |
447 |
+@@ -63,4 +63,11 @@ do { \ |
448 |
+ * Let auipc+jalr be the basic *mcount unit*, so we make it 8 bytes here. |
449 |
+ */ |
450 |
+ #define MCOUNT_INSN_SIZE 8 |
451 |
++ |
452 |
++#ifndef __ASSEMBLY__ |
453 |
++struct dyn_ftrace; |
454 |
++int ftrace_init_nop(struct module *mod, struct dyn_ftrace *rec); |
455 |
++#define ftrace_init_nop ftrace_init_nop |
456 |
++#endif |
457 |
++ |
458 |
+ #endif |
459 |
+diff --git a/arch/riscv/kernel/ftrace.c b/arch/riscv/kernel/ftrace.c |
460 |
+index 6d39f64e4dce4..fa8530f05ed4f 100644 |
461 |
+--- a/arch/riscv/kernel/ftrace.c |
462 |
++++ b/arch/riscv/kernel/ftrace.c |
463 |
+@@ -88,6 +88,25 @@ int ftrace_make_nop(struct module *mod, struct dyn_ftrace *rec, |
464 |
+ return __ftrace_modify_call(rec->ip, addr, false); |
465 |
+ } |
466 |
+ |
467 |
++ |
468 |
++/* |
469 |
++ * This is called early on, and isn't wrapped by |
470 |
++ * ftrace_arch_code_modify_{prepare,post_process}() and therefor doesn't hold |
471 |
++ * text_mutex, which triggers a lockdep failure. SMP isn't running so we could |
472 |
++ * just directly poke the text, but it's simpler to just take the lock |
473 |
++ * ourselves. |
474 |
++ */ |
475 |
++int ftrace_init_nop(struct module *mod, struct dyn_ftrace *rec) |
476 |
++{ |
477 |
++ int out; |
478 |
++ |
479 |
++ ftrace_arch_code_modify_prepare(); |
480 |
++ out = ftrace_make_nop(mod, rec, MCOUNT_ADDR); |
481 |
++ ftrace_arch_code_modify_post_process(); |
482 |
++ |
483 |
++ return out; |
484 |
++} |
485 |
++ |
486 |
+ int ftrace_update_ftrace_func(ftrace_func_t func) |
487 |
+ { |
488 |
+ int ret = __ftrace_modify_call((unsigned long)&ftrace_call, |
489 |
+diff --git a/arch/s390/kernel/perf_cpum_sf.c b/arch/s390/kernel/perf_cpum_sf.c |
490 |
+index 74a296cea21cc..0e6d01225a670 100644 |
491 |
+--- a/arch/s390/kernel/perf_cpum_sf.c |
492 |
++++ b/arch/s390/kernel/perf_cpum_sf.c |
493 |
+@@ -1377,8 +1377,8 @@ static int aux_output_begin(struct perf_output_handle *handle, |
494 |
+ idx = aux->empty_mark + 1; |
495 |
+ for (i = 0; i < range_scan; i++, idx++) { |
496 |
+ te = aux_sdb_trailer(aux, idx); |
497 |
+- te->flags = te->flags & ~SDB_TE_BUFFER_FULL_MASK; |
498 |
+- te->flags = te->flags & ~SDB_TE_ALERT_REQ_MASK; |
499 |
++ te->flags &= ~(SDB_TE_BUFFER_FULL_MASK | |
500 |
++ SDB_TE_ALERT_REQ_MASK); |
501 |
+ te->overflow = 0; |
502 |
+ } |
503 |
+ /* Save the position of empty SDBs */ |
504 |
+@@ -1425,8 +1425,7 @@ static bool aux_set_alert(struct aux_buffer *aux, unsigned long alert_index, |
505 |
+ te = aux_sdb_trailer(aux, alert_index); |
506 |
+ do { |
507 |
+ orig_flags = te->flags; |
508 |
+- orig_overflow = te->overflow; |
509 |
+- *overflow = orig_overflow; |
510 |
++ *overflow = orig_overflow = te->overflow; |
511 |
+ if (orig_flags & SDB_TE_BUFFER_FULL_MASK) { |
512 |
+ /* |
513 |
+ * SDB is already set by hardware. |
514 |
+@@ -1660,7 +1659,7 @@ static void *aux_buffer_setup(struct perf_event *event, void **pages, |
515 |
+ } |
516 |
+ |
517 |
+ /* Allocate aux_buffer struct for the event */ |
518 |
+- aux = kmalloc(sizeof(struct aux_buffer), GFP_KERNEL); |
519 |
++ aux = kzalloc(sizeof(struct aux_buffer), GFP_KERNEL); |
520 |
+ if (!aux) |
521 |
+ goto no_aux; |
522 |
+ sfb = &aux->sfb; |
523 |
+diff --git a/arch/s390/kernel/setup.c b/arch/s390/kernel/setup.c |
524 |
+index 5f85e0dfa66d1..4bda9055daefa 100644 |
525 |
+--- a/arch/s390/kernel/setup.c |
526 |
++++ b/arch/s390/kernel/setup.c |
527 |
+@@ -537,7 +537,7 @@ static struct notifier_block kdump_mem_nb = { |
528 |
+ /* |
529 |
+ * Make sure that the area behind memory_end is protected |
530 |
+ */ |
531 |
+-static void reserve_memory_end(void) |
532 |
++static void __init reserve_memory_end(void) |
533 |
+ { |
534 |
+ #ifdef CONFIG_CRASH_DUMP |
535 |
+ if (ipl_info.type == IPL_TYPE_FCP_DUMP && |
536 |
+@@ -555,7 +555,7 @@ static void reserve_memory_end(void) |
537 |
+ /* |
538 |
+ * Make sure that oldmem, where the dump is stored, is protected |
539 |
+ */ |
540 |
+-static void reserve_oldmem(void) |
541 |
++static void __init reserve_oldmem(void) |
542 |
+ { |
543 |
+ #ifdef CONFIG_CRASH_DUMP |
544 |
+ if (OLDMEM_BASE) |
545 |
+@@ -567,7 +567,7 @@ static void reserve_oldmem(void) |
546 |
+ /* |
547 |
+ * Make sure that oldmem, where the dump is stored, is protected |
548 |
+ */ |
549 |
+-static void remove_oldmem(void) |
550 |
++static void __init remove_oldmem(void) |
551 |
+ { |
552 |
+ #ifdef CONFIG_CRASH_DUMP |
553 |
+ if (OLDMEM_BASE) |
554 |
+diff --git a/arch/x86/include/asm/nospec-branch.h b/arch/x86/include/asm/nospec-branch.h |
555 |
+index e3f70c60e8ccd..62f9903544b59 100644 |
556 |
+--- a/arch/x86/include/asm/nospec-branch.h |
557 |
++++ b/arch/x86/include/asm/nospec-branch.h |
558 |
+@@ -330,7 +330,7 @@ DECLARE_STATIC_KEY_FALSE(mds_idle_clear); |
559 |
+ * combination with microcode which triggers a CPU buffer flush when the |
560 |
+ * instruction is executed. |
561 |
+ */ |
562 |
+-static inline void mds_clear_cpu_buffers(void) |
563 |
++static __always_inline void mds_clear_cpu_buffers(void) |
564 |
+ { |
565 |
+ static const u16 ds = __KERNEL_DS; |
566 |
+ |
567 |
+@@ -351,7 +351,7 @@ static inline void mds_clear_cpu_buffers(void) |
568 |
+ * |
569 |
+ * Clear CPU buffers if the corresponding static key is enabled |
570 |
+ */ |
571 |
+-static inline void mds_user_clear_cpu_buffers(void) |
572 |
++static __always_inline void mds_user_clear_cpu_buffers(void) |
573 |
+ { |
574 |
+ if (static_branch_likely(&mds_user_clear)) |
575 |
+ mds_clear_cpu_buffers(); |
576 |
+diff --git a/arch/x86/include/asm/pkeys.h b/arch/x86/include/asm/pkeys.h |
577 |
+index 19b137f1b3beb..2ff9b98812b76 100644 |
578 |
+--- a/arch/x86/include/asm/pkeys.h |
579 |
++++ b/arch/x86/include/asm/pkeys.h |
580 |
+@@ -4,6 +4,11 @@ |
581 |
+ |
582 |
+ #define ARCH_DEFAULT_PKEY 0 |
583 |
+ |
584 |
++/* |
585 |
++ * If more than 16 keys are ever supported, a thorough audit |
586 |
++ * will be necessary to ensure that the types that store key |
587 |
++ * numbers and masks have sufficient capacity. |
588 |
++ */ |
589 |
+ #define arch_max_pkey() (boot_cpu_has(X86_FEATURE_OSPKE) ? 16 : 1) |
590 |
+ |
591 |
+ extern int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, |
592 |
+diff --git a/arch/x86/kernel/apic/io_apic.c b/arch/x86/kernel/apic/io_apic.c |
593 |
+index 95e21c4380124..15234885e60bc 100644 |
594 |
+--- a/arch/x86/kernel/apic/io_apic.c |
595 |
++++ b/arch/x86/kernel/apic/io_apic.c |
596 |
+@@ -2250,6 +2250,7 @@ static inline void __init check_timer(void) |
597 |
+ legacy_pic->init(0); |
598 |
+ legacy_pic->make_irq(0); |
599 |
+ apic_write(APIC_LVT0, APIC_DM_EXTINT); |
600 |
++ legacy_pic->unmask(0); |
601 |
+ |
602 |
+ unlock_ExtINT_logic(); |
603 |
+ |
604 |
+diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c |
605 |
+index 4b900035f2202..601a5da1d196a 100644 |
606 |
+--- a/arch/x86/kernel/fpu/xstate.c |
607 |
++++ b/arch/x86/kernel/fpu/xstate.c |
608 |
+@@ -907,8 +907,6 @@ const void *get_xsave_field_ptr(int xsave_state) |
609 |
+ |
610 |
+ #ifdef CONFIG_ARCH_HAS_PKEYS |
611 |
+ |
612 |
+-#define NR_VALID_PKRU_BITS (CONFIG_NR_PROTECTION_KEYS * 2) |
613 |
+-#define PKRU_VALID_MASK (NR_VALID_PKRU_BITS - 1) |
614 |
+ /* |
615 |
+ * This will go out and modify PKRU register to set the access |
616 |
+ * rights for @pkey to @init_val. |
617 |
+@@ -927,6 +925,13 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, |
618 |
+ if (!boot_cpu_has(X86_FEATURE_OSPKE)) |
619 |
+ return -EINVAL; |
620 |
+ |
621 |
++ /* |
622 |
++ * This code should only be called with valid 'pkey' |
623 |
++ * values originating from in-kernel users. Complain |
624 |
++ * if a bad value is observed. |
625 |
++ */ |
626 |
++ WARN_ON_ONCE(pkey >= arch_max_pkey()); |
627 |
++ |
628 |
+ /* Set the bits we need in PKRU: */ |
629 |
+ if (init_val & PKEY_DISABLE_ACCESS) |
630 |
+ new_pkru_bits |= PKRU_AD_BIT; |
631 |
+diff --git a/arch/x86/kvm/mmutrace.h b/arch/x86/kvm/mmutrace.h |
632 |
+index cb41b036eb264..7e0dc8c7da2c0 100644 |
633 |
+--- a/arch/x86/kvm/mmutrace.h |
634 |
++++ b/arch/x86/kvm/mmutrace.h |
635 |
+@@ -339,7 +339,7 @@ TRACE_EVENT( |
636 |
+ /* These depend on page entry type, so compute them now. */ |
637 |
+ __field(bool, r) |
638 |
+ __field(bool, x) |
639 |
+- __field(u8, u) |
640 |
++ __field(signed char, u) |
641 |
+ ), |
642 |
+ |
643 |
+ TP_fast_assign( |
644 |
+diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c |
645 |
+index 2aafb6c791345..cb09a0ec87500 100644 |
646 |
+--- a/arch/x86/kvm/svm.c |
647 |
++++ b/arch/x86/kvm/svm.c |
648 |
+@@ -3942,6 +3942,12 @@ static int iret_interception(struct vcpu_svm *svm) |
649 |
+ return 1; |
650 |
+ } |
651 |
+ |
652 |
++static int invd_interception(struct vcpu_svm *svm) |
653 |
++{ |
654 |
++ /* Treat an INVD instruction as a NOP and just skip it. */ |
655 |
++ return kvm_skip_emulated_instruction(&svm->vcpu); |
656 |
++} |
657 |
++ |
658 |
+ static int invlpg_interception(struct vcpu_svm *svm) |
659 |
+ { |
660 |
+ if (!static_cpu_has(X86_FEATURE_DECODEASSISTS)) |
661 |
+@@ -4831,7 +4837,7 @@ static int (*const svm_exit_handlers[])(struct vcpu_svm *svm) = { |
662 |
+ [SVM_EXIT_RDPMC] = rdpmc_interception, |
663 |
+ [SVM_EXIT_CPUID] = cpuid_interception, |
664 |
+ [SVM_EXIT_IRET] = iret_interception, |
665 |
+- [SVM_EXIT_INVD] = emulate_on_interception, |
666 |
++ [SVM_EXIT_INVD] = invd_interception, |
667 |
+ [SVM_EXIT_PAUSE] = pause_interception, |
668 |
+ [SVM_EXIT_HLT] = halt_interception, |
669 |
+ [SVM_EXIT_INVLPG] = invlpg_interception, |
670 |
+diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c |
671 |
+index 430a4bc66f604..dd182228be714 100644 |
672 |
+--- a/arch/x86/kvm/x86.c |
673 |
++++ b/arch/x86/kvm/x86.c |
674 |
+@@ -858,6 +858,7 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) |
675 |
+ unsigned long old_cr4 = kvm_read_cr4(vcpu); |
676 |
+ unsigned long pdptr_bits = X86_CR4_PGE | X86_CR4_PSE | X86_CR4_PAE | |
677 |
+ X86_CR4_SMEP; |
678 |
++ unsigned long mmu_role_bits = pdptr_bits | X86_CR4_SMAP | X86_CR4_PKE; |
679 |
+ |
680 |
+ if (kvm_valid_cr4(vcpu, cr4)) |
681 |
+ return 1; |
682 |
+@@ -885,7 +886,7 @@ int kvm_set_cr4(struct kvm_vcpu *vcpu, unsigned long cr4) |
683 |
+ if (kvm_x86_ops->set_cr4(vcpu, cr4)) |
684 |
+ return 1; |
685 |
+ |
686 |
+- if (((cr4 ^ old_cr4) & pdptr_bits) || |
687 |
++ if (((cr4 ^ old_cr4) & mmu_role_bits) || |
688 |
+ (!(cr4 & X86_CR4_PCIDE) && (old_cr4 & X86_CR4_PCIDE))) |
689 |
+ kvm_mmu_reset_context(vcpu); |
690 |
+ |
691 |
+@@ -4668,10 +4669,13 @@ set_identity_unlock: |
692 |
+ r = -EFAULT; |
693 |
+ if (copy_from_user(&u.ps, argp, sizeof u.ps)) |
694 |
+ goto out; |
695 |
++ mutex_lock(&kvm->lock); |
696 |
+ r = -ENXIO; |
697 |
+ if (!kvm->arch.vpit) |
698 |
+- goto out; |
699 |
++ goto set_pit_out; |
700 |
+ r = kvm_vm_ioctl_set_pit(kvm, &u.ps); |
701 |
++set_pit_out: |
702 |
++ mutex_unlock(&kvm->lock); |
703 |
+ break; |
704 |
+ } |
705 |
+ case KVM_GET_PIT2: { |
706 |
+@@ -4691,10 +4695,13 @@ set_identity_unlock: |
707 |
+ r = -EFAULT; |
708 |
+ if (copy_from_user(&u.ps2, argp, sizeof(u.ps2))) |
709 |
+ goto out; |
710 |
++ mutex_lock(&kvm->lock); |
711 |
+ r = -ENXIO; |
712 |
+ if (!kvm->arch.vpit) |
713 |
+- goto out; |
714 |
++ goto set_pit2_out; |
715 |
+ r = kvm_vm_ioctl_set_pit2(kvm, &u.ps2); |
716 |
++set_pit2_out: |
717 |
++ mutex_unlock(&kvm->lock); |
718 |
+ break; |
719 |
+ } |
720 |
+ case KVM_REINJECT_CONTROL: { |
721 |
+diff --git a/arch/x86/lib/usercopy_64.c b/arch/x86/lib/usercopy_64.c |
722 |
+index 7077b3e282414..40dbbd8f1fe41 100644 |
723 |
+--- a/arch/x86/lib/usercopy_64.c |
724 |
++++ b/arch/x86/lib/usercopy_64.c |
725 |
+@@ -139,7 +139,7 @@ long __copy_user_flushcache(void *dst, const void __user *src, unsigned size) |
726 |
+ */ |
727 |
+ if (size < 8) { |
728 |
+ if (!IS_ALIGNED(dest, 4) || size != 4) |
729 |
+- clean_cache_range(dst, 1); |
730 |
++ clean_cache_range(dst, size); |
731 |
+ } else { |
732 |
+ if (!IS_ALIGNED(dest, 8)) { |
733 |
+ dest = ALIGN(dest, boot_cpu_data.x86_clflush_size); |
734 |
+diff --git a/drivers/acpi/ec.c b/drivers/acpi/ec.c |
735 |
+index 49e16f0090957..9415a0041aaf7 100644 |
736 |
+--- a/drivers/acpi/ec.c |
737 |
++++ b/drivers/acpi/ec.c |
738 |
+@@ -1080,29 +1080,21 @@ void acpi_ec_dispatch_gpe(void) |
739 |
+ /* -------------------------------------------------------------------------- |
740 |
+ Event Management |
741 |
+ -------------------------------------------------------------------------- */ |
742 |
+-static struct acpi_ec_query_handler * |
743 |
+-acpi_ec_get_query_handler(struct acpi_ec_query_handler *handler) |
744 |
+-{ |
745 |
+- if (handler) |
746 |
+- kref_get(&handler->kref); |
747 |
+- return handler; |
748 |
+-} |
749 |
+- |
750 |
+ static struct acpi_ec_query_handler * |
751 |
+ acpi_ec_get_query_handler_by_value(struct acpi_ec *ec, u8 value) |
752 |
+ { |
753 |
+ struct acpi_ec_query_handler *handler; |
754 |
+- bool found = false; |
755 |
+ |
756 |
+ mutex_lock(&ec->mutex); |
757 |
+ list_for_each_entry(handler, &ec->list, node) { |
758 |
+ if (value == handler->query_bit) { |
759 |
+- found = true; |
760 |
+- break; |
761 |
++ kref_get(&handler->kref); |
762 |
++ mutex_unlock(&ec->mutex); |
763 |
++ return handler; |
764 |
+ } |
765 |
+ } |
766 |
+ mutex_unlock(&ec->mutex); |
767 |
+- return found ? acpi_ec_get_query_handler(handler) : NULL; |
768 |
++ return NULL; |
769 |
+ } |
770 |
+ |
771 |
+ static void acpi_ec_query_handler_release(struct kref *kref) |
772 |
+diff --git a/drivers/ata/acard-ahci.c b/drivers/ata/acard-ahci.c |
773 |
+index 583e366be7e23..505f8c3168188 100644 |
774 |
+--- a/drivers/ata/acard-ahci.c |
775 |
++++ b/drivers/ata/acard-ahci.c |
776 |
+@@ -72,7 +72,7 @@ struct acard_sg { |
777 |
+ __le32 size; /* bit 31 (EOT) max==0x10000 (64k) */ |
778 |
+ }; |
779 |
+ |
780 |
+-static void acard_ahci_qc_prep(struct ata_queued_cmd *qc); |
781 |
++static enum ata_completion_errors acard_ahci_qc_prep(struct ata_queued_cmd *qc); |
782 |
+ static bool acard_ahci_qc_fill_rtf(struct ata_queued_cmd *qc); |
783 |
+ static int acard_ahci_port_start(struct ata_port *ap); |
784 |
+ static int acard_ahci_init_one(struct pci_dev *pdev, const struct pci_device_id *ent); |
785 |
+@@ -257,7 +257,7 @@ static unsigned int acard_ahci_fill_sg(struct ata_queued_cmd *qc, void *cmd_tbl) |
786 |
+ return si; |
787 |
+ } |
788 |
+ |
789 |
+-static void acard_ahci_qc_prep(struct ata_queued_cmd *qc) |
790 |
++static enum ata_completion_errors acard_ahci_qc_prep(struct ata_queued_cmd *qc) |
791 |
+ { |
792 |
+ struct ata_port *ap = qc->ap; |
793 |
+ struct ahci_port_priv *pp = ap->private_data; |
794 |
+@@ -295,6 +295,8 @@ static void acard_ahci_qc_prep(struct ata_queued_cmd *qc) |
795 |
+ opts |= AHCI_CMD_ATAPI | AHCI_CMD_PREFETCH; |
796 |
+ |
797 |
+ ahci_fill_cmd_slot(pp, qc->hw_tag, opts); |
798 |
++ |
799 |
++ return AC_ERR_OK; |
800 |
+ } |
801 |
+ |
802 |
+ static bool acard_ahci_qc_fill_rtf(struct ata_queued_cmd *qc) |
803 |
+diff --git a/drivers/ata/libahci.c b/drivers/ata/libahci.c |
804 |
+index 2bdb250a2142c..f1153e7ba3b3a 100644 |
805 |
+--- a/drivers/ata/libahci.c |
806 |
++++ b/drivers/ata/libahci.c |
807 |
+@@ -73,7 +73,7 @@ static int ahci_scr_write(struct ata_link *link, unsigned int sc_reg, u32 val); |
808 |
+ static bool ahci_qc_fill_rtf(struct ata_queued_cmd *qc); |
809 |
+ static int ahci_port_start(struct ata_port *ap); |
810 |
+ static void ahci_port_stop(struct ata_port *ap); |
811 |
+-static void ahci_qc_prep(struct ata_queued_cmd *qc); |
812 |
++static enum ata_completion_errors ahci_qc_prep(struct ata_queued_cmd *qc); |
813 |
+ static int ahci_pmp_qc_defer(struct ata_queued_cmd *qc); |
814 |
+ static void ahci_freeze(struct ata_port *ap); |
815 |
+ static void ahci_thaw(struct ata_port *ap); |
816 |
+@@ -1640,7 +1640,7 @@ static int ahci_pmp_qc_defer(struct ata_queued_cmd *qc) |
817 |
+ return sata_pmp_qc_defer_cmd_switch(qc); |
818 |
+ } |
819 |
+ |
820 |
+-static void ahci_qc_prep(struct ata_queued_cmd *qc) |
821 |
++static enum ata_completion_errors ahci_qc_prep(struct ata_queued_cmd *qc) |
822 |
+ { |
823 |
+ struct ata_port *ap = qc->ap; |
824 |
+ struct ahci_port_priv *pp = ap->private_data; |
825 |
+@@ -1676,6 +1676,8 @@ static void ahci_qc_prep(struct ata_queued_cmd *qc) |
826 |
+ opts |= AHCI_CMD_ATAPI | AHCI_CMD_PREFETCH; |
827 |
+ |
828 |
+ ahci_fill_cmd_slot(pp, qc->hw_tag, opts); |
829 |
++ |
830 |
++ return AC_ERR_OK; |
831 |
+ } |
832 |
+ |
833 |
+ static void ahci_fbs_dec_intr(struct ata_port *ap) |
834 |
+diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c |
835 |
+index fead7243930c0..db1d86af21b4d 100644 |
836 |
+--- a/drivers/ata/libata-core.c |
837 |
++++ b/drivers/ata/libata-core.c |
838 |
+@@ -4996,7 +4996,10 @@ int ata_std_qc_defer(struct ata_queued_cmd *qc) |
839 |
+ return ATA_DEFER_LINK; |
840 |
+ } |
841 |
+ |
842 |
+-void ata_noop_qc_prep(struct ata_queued_cmd *qc) { } |
843 |
++enum ata_completion_errors ata_noop_qc_prep(struct ata_queued_cmd *qc) |
844 |
++{ |
845 |
++ return AC_ERR_OK; |
846 |
++} |
847 |
+ |
848 |
+ /** |
849 |
+ * ata_sg_init - Associate command with scatter-gather table. |
850 |
+@@ -5483,7 +5486,9 @@ void ata_qc_issue(struct ata_queued_cmd *qc) |
851 |
+ return; |
852 |
+ } |
853 |
+ |
854 |
+- ap->ops->qc_prep(qc); |
855 |
++ qc->err_mask |= ap->ops->qc_prep(qc); |
856 |
++ if (unlikely(qc->err_mask)) |
857 |
++ goto err; |
858 |
+ trace_ata_qc_issue(qc); |
859 |
+ qc->err_mask |= ap->ops->qc_issue(qc); |
860 |
+ if (unlikely(qc->err_mask)) |
861 |
+diff --git a/drivers/ata/libata-sff.c b/drivers/ata/libata-sff.c |
862 |
+index 873cc09060551..7484ffdabd543 100644 |
863 |
+--- a/drivers/ata/libata-sff.c |
864 |
++++ b/drivers/ata/libata-sff.c |
865 |
+@@ -2695,12 +2695,14 @@ static void ata_bmdma_fill_sg_dumb(struct ata_queued_cmd *qc) |
866 |
+ * LOCKING: |
867 |
+ * spin_lock_irqsave(host lock) |
868 |
+ */ |
869 |
+-void ata_bmdma_qc_prep(struct ata_queued_cmd *qc) |
870 |
++enum ata_completion_errors ata_bmdma_qc_prep(struct ata_queued_cmd *qc) |
871 |
+ { |
872 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
873 |
+- return; |
874 |
++ return AC_ERR_OK; |
875 |
+ |
876 |
+ ata_bmdma_fill_sg(qc); |
877 |
++ |
878 |
++ return AC_ERR_OK; |
879 |
+ } |
880 |
+ EXPORT_SYMBOL_GPL(ata_bmdma_qc_prep); |
881 |
+ |
882 |
+@@ -2713,12 +2715,14 @@ EXPORT_SYMBOL_GPL(ata_bmdma_qc_prep); |
883 |
+ * LOCKING: |
884 |
+ * spin_lock_irqsave(host lock) |
885 |
+ */ |
886 |
+-void ata_bmdma_dumb_qc_prep(struct ata_queued_cmd *qc) |
887 |
++enum ata_completion_errors ata_bmdma_dumb_qc_prep(struct ata_queued_cmd *qc) |
888 |
+ { |
889 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
890 |
+- return; |
891 |
++ return AC_ERR_OK; |
892 |
+ |
893 |
+ ata_bmdma_fill_sg_dumb(qc); |
894 |
++ |
895 |
++ return AC_ERR_OK; |
896 |
+ } |
897 |
+ EXPORT_SYMBOL_GPL(ata_bmdma_dumb_qc_prep); |
898 |
+ |
899 |
+diff --git a/drivers/ata/pata_macio.c b/drivers/ata/pata_macio.c |
900 |
+index 9588e685d994c..765b99319d3cd 100644 |
901 |
+--- a/drivers/ata/pata_macio.c |
902 |
++++ b/drivers/ata/pata_macio.c |
903 |
+@@ -507,7 +507,7 @@ static int pata_macio_cable_detect(struct ata_port *ap) |
904 |
+ return ATA_CBL_PATA40; |
905 |
+ } |
906 |
+ |
907 |
+-static void pata_macio_qc_prep(struct ata_queued_cmd *qc) |
908 |
++static enum ata_completion_errors pata_macio_qc_prep(struct ata_queued_cmd *qc) |
909 |
+ { |
910 |
+ unsigned int write = (qc->tf.flags & ATA_TFLAG_WRITE); |
911 |
+ struct ata_port *ap = qc->ap; |
912 |
+@@ -520,7 +520,7 @@ static void pata_macio_qc_prep(struct ata_queued_cmd *qc) |
913 |
+ __func__, qc, qc->flags, write, qc->dev->devno); |
914 |
+ |
915 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
916 |
+- return; |
917 |
++ return AC_ERR_OK; |
918 |
+ |
919 |
+ table = (struct dbdma_cmd *) priv->dma_table_cpu; |
920 |
+ |
921 |
+@@ -565,6 +565,8 @@ static void pata_macio_qc_prep(struct ata_queued_cmd *qc) |
922 |
+ table->command = cpu_to_le16(DBDMA_STOP); |
923 |
+ |
924 |
+ dev_dbgdma(priv->dev, "%s: %d DMA list entries\n", __func__, pi); |
925 |
++ |
926 |
++ return AC_ERR_OK; |
927 |
+ } |
928 |
+ |
929 |
+ |
930 |
+diff --git a/drivers/ata/pata_pxa.c b/drivers/ata/pata_pxa.c |
931 |
+index e8b6a2e464c98..5b1458ca986b6 100644 |
932 |
+--- a/drivers/ata/pata_pxa.c |
933 |
++++ b/drivers/ata/pata_pxa.c |
934 |
+@@ -58,25 +58,27 @@ static void pxa_ata_dma_irq(void *d) |
935 |
+ /* |
936 |
+ * Prepare taskfile for submission. |
937 |
+ */ |
938 |
+-static void pxa_qc_prep(struct ata_queued_cmd *qc) |
939 |
++static enum ata_completion_errors pxa_qc_prep(struct ata_queued_cmd *qc) |
940 |
+ { |
941 |
+ struct pata_pxa_data *pd = qc->ap->private_data; |
942 |
+ struct dma_async_tx_descriptor *tx; |
943 |
+ enum dma_transfer_direction dir; |
944 |
+ |
945 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
946 |
+- return; |
947 |
++ return AC_ERR_OK; |
948 |
+ |
949 |
+ dir = (qc->dma_dir == DMA_TO_DEVICE ? DMA_MEM_TO_DEV : DMA_DEV_TO_MEM); |
950 |
+ tx = dmaengine_prep_slave_sg(pd->dma_chan, qc->sg, qc->n_elem, dir, |
951 |
+ DMA_PREP_INTERRUPT); |
952 |
+ if (!tx) { |
953 |
+ ata_dev_err(qc->dev, "prep_slave_sg() failed\n"); |
954 |
+- return; |
955 |
++ return AC_ERR_OK; |
956 |
+ } |
957 |
+ tx->callback = pxa_ata_dma_irq; |
958 |
+ tx->callback_param = pd; |
959 |
+ pd->dma_cookie = dmaengine_submit(tx); |
960 |
++ |
961 |
++ return AC_ERR_OK; |
962 |
+ } |
963 |
+ |
964 |
+ /* |
965 |
+diff --git a/drivers/ata/pdc_adma.c b/drivers/ata/pdc_adma.c |
966 |
+index f1e873a37465e..096b4771b19da 100644 |
967 |
+--- a/drivers/ata/pdc_adma.c |
968 |
++++ b/drivers/ata/pdc_adma.c |
969 |
+@@ -132,7 +132,7 @@ static int adma_ata_init_one(struct pci_dev *pdev, |
970 |
+ const struct pci_device_id *ent); |
971 |
+ static int adma_port_start(struct ata_port *ap); |
972 |
+ static void adma_port_stop(struct ata_port *ap); |
973 |
+-static void adma_qc_prep(struct ata_queued_cmd *qc); |
974 |
++static enum ata_completion_errors adma_qc_prep(struct ata_queued_cmd *qc); |
975 |
+ static unsigned int adma_qc_issue(struct ata_queued_cmd *qc); |
976 |
+ static int adma_check_atapi_dma(struct ata_queued_cmd *qc); |
977 |
+ static void adma_freeze(struct ata_port *ap); |
978 |
+@@ -311,7 +311,7 @@ static int adma_fill_sg(struct ata_queued_cmd *qc) |
979 |
+ return i; |
980 |
+ } |
981 |
+ |
982 |
+-static void adma_qc_prep(struct ata_queued_cmd *qc) |
983 |
++static enum ata_completion_errors adma_qc_prep(struct ata_queued_cmd *qc) |
984 |
+ { |
985 |
+ struct adma_port_priv *pp = qc->ap->private_data; |
986 |
+ u8 *buf = pp->pkt; |
987 |
+@@ -322,7 +322,7 @@ static void adma_qc_prep(struct ata_queued_cmd *qc) |
988 |
+ |
989 |
+ adma_enter_reg_mode(qc->ap); |
990 |
+ if (qc->tf.protocol != ATA_PROT_DMA) |
991 |
+- return; |
992 |
++ return AC_ERR_OK; |
993 |
+ |
994 |
+ buf[i++] = 0; /* Response flags */ |
995 |
+ buf[i++] = 0; /* reserved */ |
996 |
+@@ -387,6 +387,7 @@ static void adma_qc_prep(struct ata_queued_cmd *qc) |
997 |
+ printk("%s\n", obuf); |
998 |
+ } |
999 |
+ #endif |
1000 |
++ return AC_ERR_OK; |
1001 |
+ } |
1002 |
+ |
1003 |
+ static inline void adma_packet_start(struct ata_queued_cmd *qc) |
1004 |
+diff --git a/drivers/ata/sata_fsl.c b/drivers/ata/sata_fsl.c |
1005 |
+index ae52a45fab5f7..8b3be0ff91cb4 100644 |
1006 |
+--- a/drivers/ata/sata_fsl.c |
1007 |
++++ b/drivers/ata/sata_fsl.c |
1008 |
+@@ -507,7 +507,7 @@ static unsigned int sata_fsl_fill_sg(struct ata_queued_cmd *qc, void *cmd_desc, |
1009 |
+ return num_prde; |
1010 |
+ } |
1011 |
+ |
1012 |
+-static void sata_fsl_qc_prep(struct ata_queued_cmd *qc) |
1013 |
++static enum ata_completion_errors sata_fsl_qc_prep(struct ata_queued_cmd *qc) |
1014 |
+ { |
1015 |
+ struct ata_port *ap = qc->ap; |
1016 |
+ struct sata_fsl_port_priv *pp = ap->private_data; |
1017 |
+@@ -553,6 +553,8 @@ static void sata_fsl_qc_prep(struct ata_queued_cmd *qc) |
1018 |
+ |
1019 |
+ VPRINTK("SATA FSL : xx_qc_prep, di = 0x%x, ttl = %d, num_prde = %d\n", |
1020 |
+ desc_info, ttl_dwords, num_prde); |
1021 |
++ |
1022 |
++ return AC_ERR_OK; |
1023 |
+ } |
1024 |
+ |
1025 |
+ static unsigned int sata_fsl_qc_issue(struct ata_queued_cmd *qc) |
1026 |
+diff --git a/drivers/ata/sata_inic162x.c b/drivers/ata/sata_inic162x.c |
1027 |
+index 9b6d7930d1c79..6c7ddc037fce9 100644 |
1028 |
+--- a/drivers/ata/sata_inic162x.c |
1029 |
++++ b/drivers/ata/sata_inic162x.c |
1030 |
+@@ -472,7 +472,7 @@ static void inic_fill_sg(struct inic_prd *prd, struct ata_queued_cmd *qc) |
1031 |
+ prd[-1].flags |= PRD_END; |
1032 |
+ } |
1033 |
+ |
1034 |
+-static void inic_qc_prep(struct ata_queued_cmd *qc) |
1035 |
++static enum ata_completion_errors inic_qc_prep(struct ata_queued_cmd *qc) |
1036 |
+ { |
1037 |
+ struct inic_port_priv *pp = qc->ap->private_data; |
1038 |
+ struct inic_pkt *pkt = pp->pkt; |
1039 |
+@@ -532,6 +532,8 @@ static void inic_qc_prep(struct ata_queued_cmd *qc) |
1040 |
+ inic_fill_sg(prd, qc); |
1041 |
+ |
1042 |
+ pp->cpb_tbl[0] = pp->pkt_dma; |
1043 |
++ |
1044 |
++ return AC_ERR_OK; |
1045 |
+ } |
1046 |
+ |
1047 |
+ static unsigned int inic_qc_issue(struct ata_queued_cmd *qc) |
1048 |
+diff --git a/drivers/ata/sata_mv.c b/drivers/ata/sata_mv.c |
1049 |
+index ab2e9f62ddc1a..2910b22fac117 100644 |
1050 |
+--- a/drivers/ata/sata_mv.c |
1051 |
++++ b/drivers/ata/sata_mv.c |
1052 |
+@@ -605,8 +605,8 @@ static int mv5_scr_write(struct ata_link *link, unsigned int sc_reg_in, u32 val) |
1053 |
+ static int mv_port_start(struct ata_port *ap); |
1054 |
+ static void mv_port_stop(struct ata_port *ap); |
1055 |
+ static int mv_qc_defer(struct ata_queued_cmd *qc); |
1056 |
+-static void mv_qc_prep(struct ata_queued_cmd *qc); |
1057 |
+-static void mv_qc_prep_iie(struct ata_queued_cmd *qc); |
1058 |
++static enum ata_completion_errors mv_qc_prep(struct ata_queued_cmd *qc); |
1059 |
++static enum ata_completion_errors mv_qc_prep_iie(struct ata_queued_cmd *qc); |
1060 |
+ static unsigned int mv_qc_issue(struct ata_queued_cmd *qc); |
1061 |
+ static int mv_hardreset(struct ata_link *link, unsigned int *class, |
1062 |
+ unsigned long deadline); |
1063 |
+@@ -2044,7 +2044,7 @@ static void mv_rw_multi_errata_sata24(struct ata_queued_cmd *qc) |
1064 |
+ * LOCKING: |
1065 |
+ * Inherited from caller. |
1066 |
+ */ |
1067 |
+-static void mv_qc_prep(struct ata_queued_cmd *qc) |
1068 |
++static enum ata_completion_errors mv_qc_prep(struct ata_queued_cmd *qc) |
1069 |
+ { |
1070 |
+ struct ata_port *ap = qc->ap; |
1071 |
+ struct mv_port_priv *pp = ap->private_data; |
1072 |
+@@ -2056,15 +2056,15 @@ static void mv_qc_prep(struct ata_queued_cmd *qc) |
1073 |
+ switch (tf->protocol) { |
1074 |
+ case ATA_PROT_DMA: |
1075 |
+ if (tf->command == ATA_CMD_DSM) |
1076 |
+- return; |
1077 |
++ return AC_ERR_OK; |
1078 |
+ /* fall-thru */ |
1079 |
+ case ATA_PROT_NCQ: |
1080 |
+ break; /* continue below */ |
1081 |
+ case ATA_PROT_PIO: |
1082 |
+ mv_rw_multi_errata_sata24(qc); |
1083 |
+- return; |
1084 |
++ return AC_ERR_OK; |
1085 |
+ default: |
1086 |
+- return; |
1087 |
++ return AC_ERR_OK; |
1088 |
+ } |
1089 |
+ |
1090 |
+ /* Fill in command request block |
1091 |
+@@ -2111,12 +2111,10 @@ static void mv_qc_prep(struct ata_queued_cmd *qc) |
1092 |
+ * non-NCQ mode are: [RW] STREAM DMA and W DMA FUA EXT, none |
1093 |
+ * of which are defined/used by Linux. If we get here, this |
1094 |
+ * driver needs work. |
1095 |
+- * |
1096 |
+- * FIXME: modify libata to give qc_prep a return value and |
1097 |
+- * return error here. |
1098 |
+ */ |
1099 |
+- BUG_ON(tf->command); |
1100 |
+- break; |
1101 |
++ ata_port_err(ap, "%s: unsupported command: %.2x\n", __func__, |
1102 |
++ tf->command); |
1103 |
++ return AC_ERR_INVALID; |
1104 |
+ } |
1105 |
+ mv_crqb_pack_cmd(cw++, tf->nsect, ATA_REG_NSECT, 0); |
1106 |
+ mv_crqb_pack_cmd(cw++, tf->hob_lbal, ATA_REG_LBAL, 0); |
1107 |
+@@ -2129,8 +2127,10 @@ static void mv_qc_prep(struct ata_queued_cmd *qc) |
1108 |
+ mv_crqb_pack_cmd(cw++, tf->command, ATA_REG_CMD, 1); /* last */ |
1109 |
+ |
1110 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
1111 |
+- return; |
1112 |
++ return AC_ERR_OK; |
1113 |
+ mv_fill_sg(qc); |
1114 |
++ |
1115 |
++ return AC_ERR_OK; |
1116 |
+ } |
1117 |
+ |
1118 |
+ /** |
1119 |
+@@ -2145,7 +2145,7 @@ static void mv_qc_prep(struct ata_queued_cmd *qc) |
1120 |
+ * LOCKING: |
1121 |
+ * Inherited from caller. |
1122 |
+ */ |
1123 |
+-static void mv_qc_prep_iie(struct ata_queued_cmd *qc) |
1124 |
++static enum ata_completion_errors mv_qc_prep_iie(struct ata_queued_cmd *qc) |
1125 |
+ { |
1126 |
+ struct ata_port *ap = qc->ap; |
1127 |
+ struct mv_port_priv *pp = ap->private_data; |
1128 |
+@@ -2156,9 +2156,9 @@ static void mv_qc_prep_iie(struct ata_queued_cmd *qc) |
1129 |
+ |
1130 |
+ if ((tf->protocol != ATA_PROT_DMA) && |
1131 |
+ (tf->protocol != ATA_PROT_NCQ)) |
1132 |
+- return; |
1133 |
++ return AC_ERR_OK; |
1134 |
+ if (tf->command == ATA_CMD_DSM) |
1135 |
+- return; /* use bmdma for this */ |
1136 |
++ return AC_ERR_OK; /* use bmdma for this */ |
1137 |
+ |
1138 |
+ /* Fill in Gen IIE command request block */ |
1139 |
+ if (!(tf->flags & ATA_TFLAG_WRITE)) |
1140 |
+@@ -2199,8 +2199,10 @@ static void mv_qc_prep_iie(struct ata_queued_cmd *qc) |
1141 |
+ ); |
1142 |
+ |
1143 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
1144 |
+- return; |
1145 |
++ return AC_ERR_OK; |
1146 |
+ mv_fill_sg(qc); |
1147 |
++ |
1148 |
++ return AC_ERR_OK; |
1149 |
+ } |
1150 |
+ |
1151 |
+ /** |
1152 |
+diff --git a/drivers/ata/sata_nv.c b/drivers/ata/sata_nv.c |
1153 |
+index 761577d57ff37..798d549435cc1 100644 |
1154 |
+--- a/drivers/ata/sata_nv.c |
1155 |
++++ b/drivers/ata/sata_nv.c |
1156 |
+@@ -313,7 +313,7 @@ static void nv_ck804_freeze(struct ata_port *ap); |
1157 |
+ static void nv_ck804_thaw(struct ata_port *ap); |
1158 |
+ static int nv_adma_slave_config(struct scsi_device *sdev); |
1159 |
+ static int nv_adma_check_atapi_dma(struct ata_queued_cmd *qc); |
1160 |
+-static void nv_adma_qc_prep(struct ata_queued_cmd *qc); |
1161 |
++static enum ata_completion_errors nv_adma_qc_prep(struct ata_queued_cmd *qc); |
1162 |
+ static unsigned int nv_adma_qc_issue(struct ata_queued_cmd *qc); |
1163 |
+ static irqreturn_t nv_adma_interrupt(int irq, void *dev_instance); |
1164 |
+ static void nv_adma_irq_clear(struct ata_port *ap); |
1165 |
+@@ -335,7 +335,7 @@ static void nv_mcp55_freeze(struct ata_port *ap); |
1166 |
+ static void nv_swncq_error_handler(struct ata_port *ap); |
1167 |
+ static int nv_swncq_slave_config(struct scsi_device *sdev); |
1168 |
+ static int nv_swncq_port_start(struct ata_port *ap); |
1169 |
+-static void nv_swncq_qc_prep(struct ata_queued_cmd *qc); |
1170 |
++static enum ata_completion_errors nv_swncq_qc_prep(struct ata_queued_cmd *qc); |
1171 |
+ static void nv_swncq_fill_sg(struct ata_queued_cmd *qc); |
1172 |
+ static unsigned int nv_swncq_qc_issue(struct ata_queued_cmd *qc); |
1173 |
+ static void nv_swncq_irq_clear(struct ata_port *ap, u16 fis); |
1174 |
+@@ -1365,7 +1365,7 @@ static int nv_adma_use_reg_mode(struct ata_queued_cmd *qc) |
1175 |
+ return 1; |
1176 |
+ } |
1177 |
+ |
1178 |
+-static void nv_adma_qc_prep(struct ata_queued_cmd *qc) |
1179 |
++static enum ata_completion_errors nv_adma_qc_prep(struct ata_queued_cmd *qc) |
1180 |
+ { |
1181 |
+ struct nv_adma_port_priv *pp = qc->ap->private_data; |
1182 |
+ struct nv_adma_cpb *cpb = &pp->cpb[qc->hw_tag]; |
1183 |
+@@ -1377,7 +1377,7 @@ static void nv_adma_qc_prep(struct ata_queued_cmd *qc) |
1184 |
+ (qc->flags & ATA_QCFLAG_DMAMAP)); |
1185 |
+ nv_adma_register_mode(qc->ap); |
1186 |
+ ata_bmdma_qc_prep(qc); |
1187 |
+- return; |
1188 |
++ return AC_ERR_OK; |
1189 |
+ } |
1190 |
+ |
1191 |
+ cpb->resp_flags = NV_CPB_RESP_DONE; |
1192 |
+@@ -1409,6 +1409,8 @@ static void nv_adma_qc_prep(struct ata_queued_cmd *qc) |
1193 |
+ cpb->ctl_flags = ctl_flags; |
1194 |
+ wmb(); |
1195 |
+ cpb->resp_flags = 0; |
1196 |
++ |
1197 |
++ return AC_ERR_OK; |
1198 |
+ } |
1199 |
+ |
1200 |
+ static unsigned int nv_adma_qc_issue(struct ata_queued_cmd *qc) |
1201 |
+@@ -1972,17 +1974,19 @@ static int nv_swncq_port_start(struct ata_port *ap) |
1202 |
+ return 0; |
1203 |
+ } |
1204 |
+ |
1205 |
+-static void nv_swncq_qc_prep(struct ata_queued_cmd *qc) |
1206 |
++static enum ata_completion_errors nv_swncq_qc_prep(struct ata_queued_cmd *qc) |
1207 |
+ { |
1208 |
+ if (qc->tf.protocol != ATA_PROT_NCQ) { |
1209 |
+ ata_bmdma_qc_prep(qc); |
1210 |
+- return; |
1211 |
++ return AC_ERR_OK; |
1212 |
+ } |
1213 |
+ |
1214 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
1215 |
+- return; |
1216 |
++ return AC_ERR_OK; |
1217 |
+ |
1218 |
+ nv_swncq_fill_sg(qc); |
1219 |
++ |
1220 |
++ return AC_ERR_OK; |
1221 |
+ } |
1222 |
+ |
1223 |
+ static void nv_swncq_fill_sg(struct ata_queued_cmd *qc) |
1224 |
+diff --git a/drivers/ata/sata_promise.c b/drivers/ata/sata_promise.c |
1225 |
+index d032bf657f709..29d2bb465f60d 100644 |
1226 |
+--- a/drivers/ata/sata_promise.c |
1227 |
++++ b/drivers/ata/sata_promise.c |
1228 |
+@@ -155,7 +155,7 @@ static int pdc_sata_scr_write(struct ata_link *link, unsigned int sc_reg, u32 va |
1229 |
+ static int pdc_ata_init_one(struct pci_dev *pdev, const struct pci_device_id *ent); |
1230 |
+ static int pdc_common_port_start(struct ata_port *ap); |
1231 |
+ static int pdc_sata_port_start(struct ata_port *ap); |
1232 |
+-static void pdc_qc_prep(struct ata_queued_cmd *qc); |
1233 |
++static enum ata_completion_errors pdc_qc_prep(struct ata_queued_cmd *qc); |
1234 |
+ static void pdc_tf_load_mmio(struct ata_port *ap, const struct ata_taskfile *tf); |
1235 |
+ static void pdc_exec_command_mmio(struct ata_port *ap, const struct ata_taskfile *tf); |
1236 |
+ static int pdc_check_atapi_dma(struct ata_queued_cmd *qc); |
1237 |
+@@ -649,7 +649,7 @@ static void pdc_fill_sg(struct ata_queued_cmd *qc) |
1238 |
+ prd[idx - 1].flags_len |= cpu_to_le32(ATA_PRD_EOT); |
1239 |
+ } |
1240 |
+ |
1241 |
+-static void pdc_qc_prep(struct ata_queued_cmd *qc) |
1242 |
++static enum ata_completion_errors pdc_qc_prep(struct ata_queued_cmd *qc) |
1243 |
+ { |
1244 |
+ struct pdc_port_priv *pp = qc->ap->private_data; |
1245 |
+ unsigned int i; |
1246 |
+@@ -681,6 +681,8 @@ static void pdc_qc_prep(struct ata_queued_cmd *qc) |
1247 |
+ default: |
1248 |
+ break; |
1249 |
+ } |
1250 |
++ |
1251 |
++ return AC_ERR_OK; |
1252 |
+ } |
1253 |
+ |
1254 |
+ static int pdc_is_sataii_tx4(unsigned long flags) |
1255 |
+diff --git a/drivers/ata/sata_qstor.c b/drivers/ata/sata_qstor.c |
1256 |
+index 1fe941688e95d..a66d10628c183 100644 |
1257 |
+--- a/drivers/ata/sata_qstor.c |
1258 |
++++ b/drivers/ata/sata_qstor.c |
1259 |
+@@ -116,7 +116,7 @@ static int qs_scr_write(struct ata_link *link, unsigned int sc_reg, u32 val); |
1260 |
+ static int qs_ata_init_one(struct pci_dev *pdev, const struct pci_device_id *ent); |
1261 |
+ static int qs_port_start(struct ata_port *ap); |
1262 |
+ static void qs_host_stop(struct ata_host *host); |
1263 |
+-static void qs_qc_prep(struct ata_queued_cmd *qc); |
1264 |
++static enum ata_completion_errors qs_qc_prep(struct ata_queued_cmd *qc); |
1265 |
+ static unsigned int qs_qc_issue(struct ata_queued_cmd *qc); |
1266 |
+ static int qs_check_atapi_dma(struct ata_queued_cmd *qc); |
1267 |
+ static void qs_freeze(struct ata_port *ap); |
1268 |
+@@ -276,7 +276,7 @@ static unsigned int qs_fill_sg(struct ata_queued_cmd *qc) |
1269 |
+ return si; |
1270 |
+ } |
1271 |
+ |
1272 |
+-static void qs_qc_prep(struct ata_queued_cmd *qc) |
1273 |
++static enum ata_completion_errors qs_qc_prep(struct ata_queued_cmd *qc) |
1274 |
+ { |
1275 |
+ struct qs_port_priv *pp = qc->ap->private_data; |
1276 |
+ u8 dflags = QS_DF_PORD, *buf = pp->pkt; |
1277 |
+@@ -288,7 +288,7 @@ static void qs_qc_prep(struct ata_queued_cmd *qc) |
1278 |
+ |
1279 |
+ qs_enter_reg_mode(qc->ap); |
1280 |
+ if (qc->tf.protocol != ATA_PROT_DMA) |
1281 |
+- return; |
1282 |
++ return AC_ERR_OK; |
1283 |
+ |
1284 |
+ nelem = qs_fill_sg(qc); |
1285 |
+ |
1286 |
+@@ -311,6 +311,8 @@ static void qs_qc_prep(struct ata_queued_cmd *qc) |
1287 |
+ |
1288 |
+ /* frame information structure (FIS) */ |
1289 |
+ ata_tf_to_fis(&qc->tf, 0, 1, &buf[32]); |
1290 |
++ |
1291 |
++ return AC_ERR_OK; |
1292 |
+ } |
1293 |
+ |
1294 |
+ static inline void qs_packet_start(struct ata_queued_cmd *qc) |
1295 |
+diff --git a/drivers/ata/sata_rcar.c b/drivers/ata/sata_rcar.c |
1296 |
+index 50ebd779d975f..8323f88d17a53 100644 |
1297 |
+--- a/drivers/ata/sata_rcar.c |
1298 |
++++ b/drivers/ata/sata_rcar.c |
1299 |
+@@ -554,12 +554,14 @@ static void sata_rcar_bmdma_fill_sg(struct ata_queued_cmd *qc) |
1300 |
+ prd[si - 1].addr |= cpu_to_le32(SATA_RCAR_DTEND); |
1301 |
+ } |
1302 |
+ |
1303 |
+-static void sata_rcar_qc_prep(struct ata_queued_cmd *qc) |
1304 |
++static enum ata_completion_errors sata_rcar_qc_prep(struct ata_queued_cmd *qc) |
1305 |
+ { |
1306 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
1307 |
+- return; |
1308 |
++ return AC_ERR_OK; |
1309 |
+ |
1310 |
+ sata_rcar_bmdma_fill_sg(qc); |
1311 |
++ |
1312 |
++ return AC_ERR_OK; |
1313 |
+ } |
1314 |
+ |
1315 |
+ static void sata_rcar_bmdma_setup(struct ata_queued_cmd *qc) |
1316 |
+diff --git a/drivers/ata/sata_sil.c b/drivers/ata/sata_sil.c |
1317 |
+index ed76f070d21e4..82adaf02887fb 100644 |
1318 |
+--- a/drivers/ata/sata_sil.c |
1319 |
++++ b/drivers/ata/sata_sil.c |
1320 |
+@@ -119,7 +119,7 @@ static void sil_dev_config(struct ata_device *dev); |
1321 |
+ static int sil_scr_read(struct ata_link *link, unsigned int sc_reg, u32 *val); |
1322 |
+ static int sil_scr_write(struct ata_link *link, unsigned int sc_reg, u32 val); |
1323 |
+ static int sil_set_mode(struct ata_link *link, struct ata_device **r_failed); |
1324 |
+-static void sil_qc_prep(struct ata_queued_cmd *qc); |
1325 |
++static enum ata_completion_errors sil_qc_prep(struct ata_queued_cmd *qc); |
1326 |
+ static void sil_bmdma_setup(struct ata_queued_cmd *qc); |
1327 |
+ static void sil_bmdma_start(struct ata_queued_cmd *qc); |
1328 |
+ static void sil_bmdma_stop(struct ata_queued_cmd *qc); |
1329 |
+@@ -333,12 +333,14 @@ static void sil_fill_sg(struct ata_queued_cmd *qc) |
1330 |
+ last_prd->flags_len |= cpu_to_le32(ATA_PRD_EOT); |
1331 |
+ } |
1332 |
+ |
1333 |
+-static void sil_qc_prep(struct ata_queued_cmd *qc) |
1334 |
++static enum ata_completion_errors sil_qc_prep(struct ata_queued_cmd *qc) |
1335 |
+ { |
1336 |
+ if (!(qc->flags & ATA_QCFLAG_DMAMAP)) |
1337 |
+- return; |
1338 |
++ return AC_ERR_OK; |
1339 |
+ |
1340 |
+ sil_fill_sg(qc); |
1341 |
++ |
1342 |
++ return AC_ERR_OK; |
1343 |
+ } |
1344 |
+ |
1345 |
+ static unsigned char sil_get_device_cache_line(struct pci_dev *pdev) |
1346 |
+diff --git a/drivers/ata/sata_sil24.c b/drivers/ata/sata_sil24.c |
1347 |
+index 319f517137cd5..7a8ca81e52bfc 100644 |
1348 |
+--- a/drivers/ata/sata_sil24.c |
1349 |
++++ b/drivers/ata/sata_sil24.c |
1350 |
+@@ -336,7 +336,7 @@ static void sil24_dev_config(struct ata_device *dev); |
1351 |
+ static int sil24_scr_read(struct ata_link *link, unsigned sc_reg, u32 *val); |
1352 |
+ static int sil24_scr_write(struct ata_link *link, unsigned sc_reg, u32 val); |
1353 |
+ static int sil24_qc_defer(struct ata_queued_cmd *qc); |
1354 |
+-static void sil24_qc_prep(struct ata_queued_cmd *qc); |
1355 |
++static enum ata_completion_errors sil24_qc_prep(struct ata_queued_cmd *qc); |
1356 |
+ static unsigned int sil24_qc_issue(struct ata_queued_cmd *qc); |
1357 |
+ static bool sil24_qc_fill_rtf(struct ata_queued_cmd *qc); |
1358 |
+ static void sil24_pmp_attach(struct ata_port *ap); |
1359 |
+@@ -840,7 +840,7 @@ static int sil24_qc_defer(struct ata_queued_cmd *qc) |
1360 |
+ return ata_std_qc_defer(qc); |
1361 |
+ } |
1362 |
+ |
1363 |
+-static void sil24_qc_prep(struct ata_queued_cmd *qc) |
1364 |
++static enum ata_completion_errors sil24_qc_prep(struct ata_queued_cmd *qc) |
1365 |
+ { |
1366 |
+ struct ata_port *ap = qc->ap; |
1367 |
+ struct sil24_port_priv *pp = ap->private_data; |
1368 |
+@@ -884,6 +884,8 @@ static void sil24_qc_prep(struct ata_queued_cmd *qc) |
1369 |
+ |
1370 |
+ if (qc->flags & ATA_QCFLAG_DMAMAP) |
1371 |
+ sil24_fill_sg(qc, sge); |
1372 |
++ |
1373 |
++ return AC_ERR_OK; |
1374 |
+ } |
1375 |
+ |
1376 |
+ static unsigned int sil24_qc_issue(struct ata_queued_cmd *qc) |
1377 |
+diff --git a/drivers/ata/sata_sx4.c b/drivers/ata/sata_sx4.c |
1378 |
+index 405e606a234d1..0d742457925ec 100644 |
1379 |
+--- a/drivers/ata/sata_sx4.c |
1380 |
++++ b/drivers/ata/sata_sx4.c |
1381 |
+@@ -218,7 +218,7 @@ static void pdc_error_handler(struct ata_port *ap); |
1382 |
+ static void pdc_freeze(struct ata_port *ap); |
1383 |
+ static void pdc_thaw(struct ata_port *ap); |
1384 |
+ static int pdc_port_start(struct ata_port *ap); |
1385 |
+-static void pdc20621_qc_prep(struct ata_queued_cmd *qc); |
1386 |
++static enum ata_completion_errors pdc20621_qc_prep(struct ata_queued_cmd *qc); |
1387 |
+ static void pdc_tf_load_mmio(struct ata_port *ap, const struct ata_taskfile *tf); |
1388 |
+ static void pdc_exec_command_mmio(struct ata_port *ap, const struct ata_taskfile *tf); |
1389 |
+ static unsigned int pdc20621_dimm_init(struct ata_host *host); |
1390 |
+@@ -546,7 +546,7 @@ static void pdc20621_nodata_prep(struct ata_queued_cmd *qc) |
1391 |
+ VPRINTK("ata pkt buf ofs %u, mmio copied\n", i); |
1392 |
+ } |
1393 |
+ |
1394 |
+-static void pdc20621_qc_prep(struct ata_queued_cmd *qc) |
1395 |
++static enum ata_completion_errors pdc20621_qc_prep(struct ata_queued_cmd *qc) |
1396 |
+ { |
1397 |
+ switch (qc->tf.protocol) { |
1398 |
+ case ATA_PROT_DMA: |
1399 |
+@@ -558,6 +558,8 @@ static void pdc20621_qc_prep(struct ata_queued_cmd *qc) |
1400 |
+ default: |
1401 |
+ break; |
1402 |
+ } |
1403 |
++ |
1404 |
++ return AC_ERR_OK; |
1405 |
+ } |
1406 |
+ |
1407 |
+ static void __pdc20621_push_hdma(struct ata_queued_cmd *qc, |
1408 |
+diff --git a/drivers/atm/eni.c b/drivers/atm/eni.c |
1409 |
+index 7323e9210f4b1..38fec976e62d4 100644 |
1410 |
+--- a/drivers/atm/eni.c |
1411 |
++++ b/drivers/atm/eni.c |
1412 |
+@@ -2243,7 +2243,7 @@ static int eni_init_one(struct pci_dev *pci_dev, |
1413 |
+ |
1414 |
+ rc = dma_set_mask_and_coherent(&pci_dev->dev, DMA_BIT_MASK(32)); |
1415 |
+ if (rc < 0) |
1416 |
+- goto out; |
1417 |
++ goto err_disable; |
1418 |
+ |
1419 |
+ rc = -ENOMEM; |
1420 |
+ eni_dev = kmalloc(sizeof(struct eni_dev), GFP_KERNEL); |
1421 |
+diff --git a/drivers/base/regmap/regmap.c b/drivers/base/regmap/regmap.c |
1422 |
+index d26b485ccc7d0..e8b3353c18eb8 100644 |
1423 |
+--- a/drivers/base/regmap/regmap.c |
1424 |
++++ b/drivers/base/regmap/regmap.c |
1425 |
+@@ -2367,7 +2367,7 @@ int regmap_raw_write_async(struct regmap *map, unsigned int reg, |
1426 |
+ EXPORT_SYMBOL_GPL(regmap_raw_write_async); |
1427 |
+ |
1428 |
+ static int _regmap_raw_read(struct regmap *map, unsigned int reg, void *val, |
1429 |
+- unsigned int val_len) |
1430 |
++ unsigned int val_len, bool noinc) |
1431 |
+ { |
1432 |
+ struct regmap_range_node *range; |
1433 |
+ int ret; |
1434 |
+@@ -2380,7 +2380,7 @@ static int _regmap_raw_read(struct regmap *map, unsigned int reg, void *val, |
1435 |
+ range = _regmap_range_lookup(map, reg); |
1436 |
+ if (range) { |
1437 |
+ ret = _regmap_select_page(map, ®, range, |
1438 |
+- val_len / map->format.val_bytes); |
1439 |
++ noinc ? 1 : val_len / map->format.val_bytes); |
1440 |
+ if (ret != 0) |
1441 |
+ return ret; |
1442 |
+ } |
1443 |
+@@ -2418,7 +2418,7 @@ static int _regmap_bus_read(void *context, unsigned int reg, |
1444 |
+ if (!map->format.parse_val) |
1445 |
+ return -EINVAL; |
1446 |
+ |
1447 |
+- ret = _regmap_raw_read(map, reg, work_val, map->format.val_bytes); |
1448 |
++ ret = _regmap_raw_read(map, reg, work_val, map->format.val_bytes, false); |
1449 |
+ if (ret == 0) |
1450 |
+ *val = map->format.parse_val(work_val); |
1451 |
+ |
1452 |
+@@ -2536,7 +2536,7 @@ int regmap_raw_read(struct regmap *map, unsigned int reg, void *val, |
1453 |
+ |
1454 |
+ /* Read bytes that fit into whole chunks */ |
1455 |
+ for (i = 0; i < chunk_count; i++) { |
1456 |
+- ret = _regmap_raw_read(map, reg, val, chunk_bytes); |
1457 |
++ ret = _regmap_raw_read(map, reg, val, chunk_bytes, false); |
1458 |
+ if (ret != 0) |
1459 |
+ goto out; |
1460 |
+ |
1461 |
+@@ -2547,7 +2547,7 @@ int regmap_raw_read(struct regmap *map, unsigned int reg, void *val, |
1462 |
+ |
1463 |
+ /* Read remaining bytes */ |
1464 |
+ if (val_len) { |
1465 |
+- ret = _regmap_raw_read(map, reg, val, val_len); |
1466 |
++ ret = _regmap_raw_read(map, reg, val, val_len, false); |
1467 |
+ if (ret != 0) |
1468 |
+ goto out; |
1469 |
+ } |
1470 |
+@@ -2622,7 +2622,7 @@ int regmap_noinc_read(struct regmap *map, unsigned int reg, |
1471 |
+ read_len = map->max_raw_read; |
1472 |
+ else |
1473 |
+ read_len = val_len; |
1474 |
+- ret = _regmap_raw_read(map, reg, val, read_len); |
1475 |
++ ret = _regmap_raw_read(map, reg, val, read_len, true); |
1476 |
+ if (ret) |
1477 |
+ goto out_unlock; |
1478 |
+ val = ((u8 *)val) + read_len; |
1479 |
+diff --git a/drivers/bluetooth/btrtl.c b/drivers/bluetooth/btrtl.c |
1480 |
+index 8d1cd2479e36f..cc51395d8b0e5 100644 |
1481 |
+--- a/drivers/bluetooth/btrtl.c |
1482 |
++++ b/drivers/bluetooth/btrtl.c |
1483 |
+@@ -343,11 +343,11 @@ static int rtlbt_parse_firmware(struct hci_dev *hdev, |
1484 |
+ * the end. |
1485 |
+ */ |
1486 |
+ len = patch_length; |
1487 |
+- buf = kmemdup(btrtl_dev->fw_data + patch_offset, patch_length, |
1488 |
+- GFP_KERNEL); |
1489 |
++ buf = kvmalloc(patch_length, GFP_KERNEL); |
1490 |
+ if (!buf) |
1491 |
+ return -ENOMEM; |
1492 |
+ |
1493 |
++ memcpy(buf, btrtl_dev->fw_data + patch_offset, patch_length - 4); |
1494 |
+ memcpy(buf + patch_length - 4, &epatch_info->fw_version, 4); |
1495 |
+ |
1496 |
+ *_buf = buf; |
1497 |
+@@ -415,8 +415,10 @@ static int rtl_load_file(struct hci_dev *hdev, const char *name, u8 **buff) |
1498 |
+ if (ret < 0) |
1499 |
+ return ret; |
1500 |
+ ret = fw->size; |
1501 |
+- *buff = kmemdup(fw->data, ret, GFP_KERNEL); |
1502 |
+- if (!*buff) |
1503 |
++ *buff = kvmalloc(fw->size, GFP_KERNEL); |
1504 |
++ if (*buff) |
1505 |
++ memcpy(*buff, fw->data, ret); |
1506 |
++ else |
1507 |
+ ret = -ENOMEM; |
1508 |
+ |
1509 |
+ release_firmware(fw); |
1510 |
+@@ -454,14 +456,14 @@ static int btrtl_setup_rtl8723b(struct hci_dev *hdev, |
1511 |
+ goto out; |
1512 |
+ |
1513 |
+ if (btrtl_dev->cfg_len > 0) { |
1514 |
+- tbuff = kzalloc(ret + btrtl_dev->cfg_len, GFP_KERNEL); |
1515 |
++ tbuff = kvzalloc(ret + btrtl_dev->cfg_len, GFP_KERNEL); |
1516 |
+ if (!tbuff) { |
1517 |
+ ret = -ENOMEM; |
1518 |
+ goto out; |
1519 |
+ } |
1520 |
+ |
1521 |
+ memcpy(tbuff, fw_data, ret); |
1522 |
+- kfree(fw_data); |
1523 |
++ kvfree(fw_data); |
1524 |
+ |
1525 |
+ memcpy(tbuff + ret, btrtl_dev->cfg_data, btrtl_dev->cfg_len); |
1526 |
+ ret += btrtl_dev->cfg_len; |
1527 |
+@@ -474,7 +476,7 @@ static int btrtl_setup_rtl8723b(struct hci_dev *hdev, |
1528 |
+ ret = rtl_download_firmware(hdev, fw_data, ret); |
1529 |
+ |
1530 |
+ out: |
1531 |
+- kfree(fw_data); |
1532 |
++ kvfree(fw_data); |
1533 |
+ return ret; |
1534 |
+ } |
1535 |
+ |
1536 |
+@@ -501,8 +503,8 @@ static struct sk_buff *btrtl_read_local_version(struct hci_dev *hdev) |
1537 |
+ |
1538 |
+ void btrtl_free(struct btrtl_device_info *btrtl_dev) |
1539 |
+ { |
1540 |
+- kfree(btrtl_dev->fw_data); |
1541 |
+- kfree(btrtl_dev->cfg_data); |
1542 |
++ kvfree(btrtl_dev->fw_data); |
1543 |
++ kvfree(btrtl_dev->cfg_data); |
1544 |
+ kfree(btrtl_dev); |
1545 |
+ } |
1546 |
+ EXPORT_SYMBOL_GPL(btrtl_free); |
1547 |
+diff --git a/drivers/bus/hisi_lpc.c b/drivers/bus/hisi_lpc.c |
1548 |
+index e31c02dc77709..cbd970fb02f18 100644 |
1549 |
+--- a/drivers/bus/hisi_lpc.c |
1550 |
++++ b/drivers/bus/hisi_lpc.c |
1551 |
+@@ -358,6 +358,26 @@ static int hisi_lpc_acpi_xlat_io_res(struct acpi_device *adev, |
1552 |
+ return 0; |
1553 |
+ } |
1554 |
+ |
1555 |
++/* |
1556 |
++ * Released firmware describes the IO port max address as 0x3fff, which is |
1557 |
++ * the max host bus address. Fixup to a proper range. This will probably |
1558 |
++ * never be fixed in firmware. |
1559 |
++ */ |
1560 |
++static void hisi_lpc_acpi_fixup_child_resource(struct device *hostdev, |
1561 |
++ struct resource *r) |
1562 |
++{ |
1563 |
++ if (r->end != 0x3fff) |
1564 |
++ return; |
1565 |
++ |
1566 |
++ if (r->start == 0xe4) |
1567 |
++ r->end = 0xe4 + 0x04 - 1; |
1568 |
++ else if (r->start == 0x2f8) |
1569 |
++ r->end = 0x2f8 + 0x08 - 1; |
1570 |
++ else |
1571 |
++ dev_warn(hostdev, "unrecognised resource %pR to fixup, ignoring\n", |
1572 |
++ r); |
1573 |
++} |
1574 |
++ |
1575 |
+ /* |
1576 |
+ * hisi_lpc_acpi_set_io_res - set the resources for a child |
1577 |
+ * @child: the device node to be updated the I/O resource |
1578 |
+@@ -419,8 +439,11 @@ static int hisi_lpc_acpi_set_io_res(struct device *child, |
1579 |
+ return -ENOMEM; |
1580 |
+ } |
1581 |
+ count = 0; |
1582 |
+- list_for_each_entry(rentry, &resource_list, node) |
1583 |
+- resources[count++] = *rentry->res; |
1584 |
++ list_for_each_entry(rentry, &resource_list, node) { |
1585 |
++ resources[count] = *rentry->res; |
1586 |
++ hisi_lpc_acpi_fixup_child_resource(hostdev, &resources[count]); |
1587 |
++ count++; |
1588 |
++ } |
1589 |
+ |
1590 |
+ acpi_dev_free_resource_list(&resource_list); |
1591 |
+ |
1592 |
+diff --git a/drivers/char/random.c b/drivers/char/random.c |
1593 |
+index 6a5d4dfafc474..80dedecfe15c5 100644 |
1594 |
+--- a/drivers/char/random.c |
1595 |
++++ b/drivers/char/random.c |
1596 |
+@@ -1150,14 +1150,14 @@ static void add_timer_randomness(struct timer_rand_state *state, unsigned num) |
1597 |
+ * We take into account the first, second and third-order deltas |
1598 |
+ * in order to make our estimate. |
1599 |
+ */ |
1600 |
+- delta = sample.jiffies - state->last_time; |
1601 |
+- state->last_time = sample.jiffies; |
1602 |
++ delta = sample.jiffies - READ_ONCE(state->last_time); |
1603 |
++ WRITE_ONCE(state->last_time, sample.jiffies); |
1604 |
+ |
1605 |
+- delta2 = delta - state->last_delta; |
1606 |
+- state->last_delta = delta; |
1607 |
++ delta2 = delta - READ_ONCE(state->last_delta); |
1608 |
++ WRITE_ONCE(state->last_delta, delta); |
1609 |
+ |
1610 |
+- delta3 = delta2 - state->last_delta2; |
1611 |
+- state->last_delta2 = delta2; |
1612 |
++ delta3 = delta2 - READ_ONCE(state->last_delta2); |
1613 |
++ WRITE_ONCE(state->last_delta2, delta2); |
1614 |
+ |
1615 |
+ if (delta < 0) |
1616 |
+ delta = -delta; |
1617 |
+diff --git a/drivers/char/tlclk.c b/drivers/char/tlclk.c |
1618 |
+index 8eeb4190207d1..dce22b7fc5449 100644 |
1619 |
+--- a/drivers/char/tlclk.c |
1620 |
++++ b/drivers/char/tlclk.c |
1621 |
+@@ -776,17 +776,21 @@ static int __init tlclk_init(void) |
1622 |
+ { |
1623 |
+ int ret; |
1624 |
+ |
1625 |
++ telclk_interrupt = (inb(TLCLK_REG7) & 0x0f); |
1626 |
++ |
1627 |
++ alarm_events = kzalloc( sizeof(struct tlclk_alarms), GFP_KERNEL); |
1628 |
++ if (!alarm_events) { |
1629 |
++ ret = -ENOMEM; |
1630 |
++ goto out1; |
1631 |
++ } |
1632 |
++ |
1633 |
+ ret = register_chrdev(tlclk_major, "telco_clock", &tlclk_fops); |
1634 |
+ if (ret < 0) { |
1635 |
+ printk(KERN_ERR "tlclk: can't get major %d.\n", tlclk_major); |
1636 |
++ kfree(alarm_events); |
1637 |
+ return ret; |
1638 |
+ } |
1639 |
+ tlclk_major = ret; |
1640 |
+- alarm_events = kzalloc( sizeof(struct tlclk_alarms), GFP_KERNEL); |
1641 |
+- if (!alarm_events) { |
1642 |
+- ret = -ENOMEM; |
1643 |
+- goto out1; |
1644 |
+- } |
1645 |
+ |
1646 |
+ /* Read telecom clock IRQ number (Set by BIOS) */ |
1647 |
+ if (!request_region(TLCLK_BASE, 8, "telco_clock")) { |
1648 |
+@@ -795,7 +799,6 @@ static int __init tlclk_init(void) |
1649 |
+ ret = -EBUSY; |
1650 |
+ goto out2; |
1651 |
+ } |
1652 |
+- telclk_interrupt = (inb(TLCLK_REG7) & 0x0f); |
1653 |
+ |
1654 |
+ if (0x0F == telclk_interrupt ) { /* not MCPBL0010 ? */ |
1655 |
+ printk(KERN_ERR "telclk_interrupt = 0x%x non-mcpbl0010 hw.\n", |
1656 |
+@@ -836,8 +839,8 @@ out3: |
1657 |
+ release_region(TLCLK_BASE, 8); |
1658 |
+ out2: |
1659 |
+ kfree(alarm_events); |
1660 |
+-out1: |
1661 |
+ unregister_chrdev(tlclk_major, "telco_clock"); |
1662 |
++out1: |
1663 |
+ return ret; |
1664 |
+ } |
1665 |
+ |
1666 |
+diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c |
1667 |
+index 763fc7e6c0058..20f27100708bd 100644 |
1668 |
+--- a/drivers/char/tpm/tpm_crb.c |
1669 |
++++ b/drivers/char/tpm/tpm_crb.c |
1670 |
+@@ -26,6 +26,7 @@ |
1671 |
+ #include "tpm.h" |
1672 |
+ |
1673 |
+ #define ACPI_SIG_TPM2 "TPM2" |
1674 |
++#define TPM_CRB_MAX_RESOURCES 3 |
1675 |
+ |
1676 |
+ static const guid_t crb_acpi_start_guid = |
1677 |
+ GUID_INIT(0x6BBF6CAB, 0x5463, 0x4714, |
1678 |
+@@ -95,7 +96,6 @@ enum crb_status { |
1679 |
+ struct crb_priv { |
1680 |
+ u32 sm; |
1681 |
+ const char *hid; |
1682 |
+- void __iomem *iobase; |
1683 |
+ struct crb_regs_head __iomem *regs_h; |
1684 |
+ struct crb_regs_tail __iomem *regs_t; |
1685 |
+ u8 __iomem *cmd; |
1686 |
+@@ -438,21 +438,27 @@ static const struct tpm_class_ops tpm_crb = { |
1687 |
+ |
1688 |
+ static int crb_check_resource(struct acpi_resource *ares, void *data) |
1689 |
+ { |
1690 |
+- struct resource *io_res = data; |
1691 |
++ struct resource *iores_array = data; |
1692 |
+ struct resource_win win; |
1693 |
+ struct resource *res = &(win.res); |
1694 |
++ int i; |
1695 |
+ |
1696 |
+ if (acpi_dev_resource_memory(ares, res) || |
1697 |
+ acpi_dev_resource_address_space(ares, &win)) { |
1698 |
+- *io_res = *res; |
1699 |
+- io_res->name = NULL; |
1700 |
++ for (i = 0; i < TPM_CRB_MAX_RESOURCES + 1; ++i) { |
1701 |
++ if (resource_type(iores_array + i) != IORESOURCE_MEM) { |
1702 |
++ iores_array[i] = *res; |
1703 |
++ iores_array[i].name = NULL; |
1704 |
++ break; |
1705 |
++ } |
1706 |
++ } |
1707 |
+ } |
1708 |
+ |
1709 |
+ return 1; |
1710 |
+ } |
1711 |
+ |
1712 |
+-static void __iomem *crb_map_res(struct device *dev, struct crb_priv *priv, |
1713 |
+- struct resource *io_res, u64 start, u32 size) |
1714 |
++static void __iomem *crb_map_res(struct device *dev, struct resource *iores, |
1715 |
++ void __iomem **iobase_ptr, u64 start, u32 size) |
1716 |
+ { |
1717 |
+ struct resource new_res = { |
1718 |
+ .start = start, |
1719 |
+@@ -464,10 +470,16 @@ static void __iomem *crb_map_res(struct device *dev, struct crb_priv *priv, |
1720 |
+ if (start != new_res.start) |
1721 |
+ return (void __iomem *) ERR_PTR(-EINVAL); |
1722 |
+ |
1723 |
+- if (!resource_contains(io_res, &new_res)) |
1724 |
++ if (!iores) |
1725 |
+ return devm_ioremap_resource(dev, &new_res); |
1726 |
+ |
1727 |
+- return priv->iobase + (new_res.start - io_res->start); |
1728 |
++ if (!*iobase_ptr) { |
1729 |
++ *iobase_ptr = devm_ioremap_resource(dev, iores); |
1730 |
++ if (IS_ERR(*iobase_ptr)) |
1731 |
++ return *iobase_ptr; |
1732 |
++ } |
1733 |
++ |
1734 |
++ return *iobase_ptr + (new_res.start - iores->start); |
1735 |
+ } |
1736 |
+ |
1737 |
+ /* |
1738 |
+@@ -494,9 +506,13 @@ static u64 crb_fixup_cmd_size(struct device *dev, struct resource *io_res, |
1739 |
+ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, |
1740 |
+ struct acpi_table_tpm2 *buf) |
1741 |
+ { |
1742 |
+- struct list_head resources; |
1743 |
+- struct resource io_res; |
1744 |
++ struct list_head acpi_resource_list; |
1745 |
++ struct resource iores_array[TPM_CRB_MAX_RESOURCES + 1] = { {0} }; |
1746 |
++ void __iomem *iobase_array[TPM_CRB_MAX_RESOURCES] = {NULL}; |
1747 |
+ struct device *dev = &device->dev; |
1748 |
++ struct resource *iores; |
1749 |
++ void __iomem **iobase_ptr; |
1750 |
++ int i; |
1751 |
+ u32 pa_high, pa_low; |
1752 |
+ u64 cmd_pa; |
1753 |
+ u32 cmd_size; |
1754 |
+@@ -505,21 +521,41 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, |
1755 |
+ u32 rsp_size; |
1756 |
+ int ret; |
1757 |
+ |
1758 |
+- INIT_LIST_HEAD(&resources); |
1759 |
+- ret = acpi_dev_get_resources(device, &resources, crb_check_resource, |
1760 |
+- &io_res); |
1761 |
++ INIT_LIST_HEAD(&acpi_resource_list); |
1762 |
++ ret = acpi_dev_get_resources(device, &acpi_resource_list, |
1763 |
++ crb_check_resource, iores_array); |
1764 |
+ if (ret < 0) |
1765 |
+ return ret; |
1766 |
+- acpi_dev_free_resource_list(&resources); |
1767 |
++ acpi_dev_free_resource_list(&acpi_resource_list); |
1768 |
+ |
1769 |
+- if (resource_type(&io_res) != IORESOURCE_MEM) { |
1770 |
++ if (resource_type(iores_array) != IORESOURCE_MEM) { |
1771 |
+ dev_err(dev, FW_BUG "TPM2 ACPI table does not define a memory resource\n"); |
1772 |
+ return -EINVAL; |
1773 |
++ } else if (resource_type(iores_array + TPM_CRB_MAX_RESOURCES) == |
1774 |
++ IORESOURCE_MEM) { |
1775 |
++ dev_warn(dev, "TPM2 ACPI table defines too many memory resources\n"); |
1776 |
++ memset(iores_array + TPM_CRB_MAX_RESOURCES, |
1777 |
++ 0, sizeof(*iores_array)); |
1778 |
++ iores_array[TPM_CRB_MAX_RESOURCES].flags = 0; |
1779 |
+ } |
1780 |
+ |
1781 |
+- priv->iobase = devm_ioremap_resource(dev, &io_res); |
1782 |
+- if (IS_ERR(priv->iobase)) |
1783 |
+- return PTR_ERR(priv->iobase); |
1784 |
++ iores = NULL; |
1785 |
++ iobase_ptr = NULL; |
1786 |
++ for (i = 0; resource_type(iores_array + i) == IORESOURCE_MEM; ++i) { |
1787 |
++ if (buf->control_address >= iores_array[i].start && |
1788 |
++ buf->control_address + sizeof(struct crb_regs_tail) - 1 <= |
1789 |
++ iores_array[i].end) { |
1790 |
++ iores = iores_array + i; |
1791 |
++ iobase_ptr = iobase_array + i; |
1792 |
++ break; |
1793 |
++ } |
1794 |
++ } |
1795 |
++ |
1796 |
++ priv->regs_t = crb_map_res(dev, iores, iobase_ptr, buf->control_address, |
1797 |
++ sizeof(struct crb_regs_tail)); |
1798 |
++ |
1799 |
++ if (IS_ERR(priv->regs_t)) |
1800 |
++ return PTR_ERR(priv->regs_t); |
1801 |
+ |
1802 |
+ /* The ACPI IO region starts at the head area and continues to include |
1803 |
+ * the control area, as one nice sane region except for some older |
1804 |
+@@ -527,9 +563,10 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, |
1805 |
+ */ |
1806 |
+ if ((priv->sm == ACPI_TPM2_COMMAND_BUFFER) || |
1807 |
+ (priv->sm == ACPI_TPM2_MEMORY_MAPPED)) { |
1808 |
+- if (buf->control_address == io_res.start + |
1809 |
++ if (iores && |
1810 |
++ buf->control_address == iores->start + |
1811 |
+ sizeof(*priv->regs_h)) |
1812 |
+- priv->regs_h = priv->iobase; |
1813 |
++ priv->regs_h = *iobase_ptr; |
1814 |
+ else |
1815 |
+ dev_warn(dev, FW_BUG "Bad ACPI memory layout"); |
1816 |
+ } |
1817 |
+@@ -538,13 +575,6 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, |
1818 |
+ if (ret) |
1819 |
+ return ret; |
1820 |
+ |
1821 |
+- priv->regs_t = crb_map_res(dev, priv, &io_res, buf->control_address, |
1822 |
+- sizeof(struct crb_regs_tail)); |
1823 |
+- if (IS_ERR(priv->regs_t)) { |
1824 |
+- ret = PTR_ERR(priv->regs_t); |
1825 |
+- goto out_relinquish_locality; |
1826 |
+- } |
1827 |
+- |
1828 |
+ /* |
1829 |
+ * PTT HW bug w/a: wake up the device to access |
1830 |
+ * possibly not retained registers. |
1831 |
+@@ -556,13 +586,26 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, |
1832 |
+ pa_high = ioread32(&priv->regs_t->ctrl_cmd_pa_high); |
1833 |
+ pa_low = ioread32(&priv->regs_t->ctrl_cmd_pa_low); |
1834 |
+ cmd_pa = ((u64)pa_high << 32) | pa_low; |
1835 |
+- cmd_size = crb_fixup_cmd_size(dev, &io_res, cmd_pa, |
1836 |
+- ioread32(&priv->regs_t->ctrl_cmd_size)); |
1837 |
++ cmd_size = ioread32(&priv->regs_t->ctrl_cmd_size); |
1838 |
++ |
1839 |
++ iores = NULL; |
1840 |
++ iobase_ptr = NULL; |
1841 |
++ for (i = 0; iores_array[i].end; ++i) { |
1842 |
++ if (cmd_pa >= iores_array[i].start && |
1843 |
++ cmd_pa <= iores_array[i].end) { |
1844 |
++ iores = iores_array + i; |
1845 |
++ iobase_ptr = iobase_array + i; |
1846 |
++ break; |
1847 |
++ } |
1848 |
++ } |
1849 |
++ |
1850 |
++ if (iores) |
1851 |
++ cmd_size = crb_fixup_cmd_size(dev, iores, cmd_pa, cmd_size); |
1852 |
+ |
1853 |
+ dev_dbg(dev, "cmd_hi = %X cmd_low = %X cmd_size %X\n", |
1854 |
+ pa_high, pa_low, cmd_size); |
1855 |
+ |
1856 |
+- priv->cmd = crb_map_res(dev, priv, &io_res, cmd_pa, cmd_size); |
1857 |
++ priv->cmd = crb_map_res(dev, iores, iobase_ptr, cmd_pa, cmd_size); |
1858 |
+ if (IS_ERR(priv->cmd)) { |
1859 |
+ ret = PTR_ERR(priv->cmd); |
1860 |
+ goto out; |
1861 |
+@@ -570,11 +613,25 @@ static int crb_map_io(struct acpi_device *device, struct crb_priv *priv, |
1862 |
+ |
1863 |
+ memcpy_fromio(&__rsp_pa, &priv->regs_t->ctrl_rsp_pa, 8); |
1864 |
+ rsp_pa = le64_to_cpu(__rsp_pa); |
1865 |
+- rsp_size = crb_fixup_cmd_size(dev, &io_res, rsp_pa, |
1866 |
+- ioread32(&priv->regs_t->ctrl_rsp_size)); |
1867 |
++ rsp_size = ioread32(&priv->regs_t->ctrl_rsp_size); |
1868 |
++ |
1869 |
++ iores = NULL; |
1870 |
++ iobase_ptr = NULL; |
1871 |
++ for (i = 0; resource_type(iores_array + i) == IORESOURCE_MEM; ++i) { |
1872 |
++ if (rsp_pa >= iores_array[i].start && |
1873 |
++ rsp_pa <= iores_array[i].end) { |
1874 |
++ iores = iores_array + i; |
1875 |
++ iobase_ptr = iobase_array + i; |
1876 |
++ break; |
1877 |
++ } |
1878 |
++ } |
1879 |
++ |
1880 |
++ if (iores) |
1881 |
++ rsp_size = crb_fixup_cmd_size(dev, iores, rsp_pa, rsp_size); |
1882 |
+ |
1883 |
+ if (cmd_pa != rsp_pa) { |
1884 |
+- priv->rsp = crb_map_res(dev, priv, &io_res, rsp_pa, rsp_size); |
1885 |
++ priv->rsp = crb_map_res(dev, iores, iobase_ptr, |
1886 |
++ rsp_pa, rsp_size); |
1887 |
+ ret = PTR_ERR_OR_ZERO(priv->rsp); |
1888 |
+ goto out; |
1889 |
+ } |
1890 |
+diff --git a/drivers/char/tpm/tpm_ibmvtpm.c b/drivers/char/tpm/tpm_ibmvtpm.c |
1891 |
+index 569e93e1f06cc..3ba67bc6baba0 100644 |
1892 |
+--- a/drivers/char/tpm/tpm_ibmvtpm.c |
1893 |
++++ b/drivers/char/tpm/tpm_ibmvtpm.c |
1894 |
+@@ -588,6 +588,7 @@ static irqreturn_t ibmvtpm_interrupt(int irq, void *vtpm_instance) |
1895 |
+ */ |
1896 |
+ while ((crq = ibmvtpm_crq_get_next(ibmvtpm)) != NULL) { |
1897 |
+ ibmvtpm_crq_process(crq, ibmvtpm); |
1898 |
++ wake_up_interruptible(&ibmvtpm->crq_queue.wq); |
1899 |
+ crq->valid = 0; |
1900 |
+ smp_wmb(); |
1901 |
+ } |
1902 |
+@@ -635,6 +636,7 @@ static int tpm_ibmvtpm_probe(struct vio_dev *vio_dev, |
1903 |
+ } |
1904 |
+ |
1905 |
+ crq_q->num_entry = CRQ_RES_BUF_SIZE / sizeof(*crq_q->crq_addr); |
1906 |
++ init_waitqueue_head(&crq_q->wq); |
1907 |
+ ibmvtpm->crq_dma_handle = dma_map_single(dev, crq_q->crq_addr, |
1908 |
+ CRQ_RES_BUF_SIZE, |
1909 |
+ DMA_BIDIRECTIONAL); |
1910 |
+@@ -687,6 +689,13 @@ static int tpm_ibmvtpm_probe(struct vio_dev *vio_dev, |
1911 |
+ if (rc) |
1912 |
+ goto init_irq_cleanup; |
1913 |
+ |
1914 |
++ if (!wait_event_timeout(ibmvtpm->crq_queue.wq, |
1915 |
++ ibmvtpm->rtce_buf != NULL, |
1916 |
++ HZ)) { |
1917 |
++ dev_err(dev, "CRQ response timed out\n"); |
1918 |
++ goto init_irq_cleanup; |
1919 |
++ } |
1920 |
++ |
1921 |
+ return tpm_chip_register(chip); |
1922 |
+ init_irq_cleanup: |
1923 |
+ do { |
1924 |
+diff --git a/drivers/char/tpm/tpm_ibmvtpm.h b/drivers/char/tpm/tpm_ibmvtpm.h |
1925 |
+index 91dfe766d0800..4f6a124601db4 100644 |
1926 |
+--- a/drivers/char/tpm/tpm_ibmvtpm.h |
1927 |
++++ b/drivers/char/tpm/tpm_ibmvtpm.h |
1928 |
+@@ -31,6 +31,7 @@ struct ibmvtpm_crq_queue { |
1929 |
+ struct ibmvtpm_crq *crq_addr; |
1930 |
+ u32 index; |
1931 |
+ u32 num_entry; |
1932 |
++ wait_queue_head_t wq; |
1933 |
+ }; |
1934 |
+ |
1935 |
+ struct ibmvtpm_dev { |
1936 |
+diff --git a/drivers/clk/socfpga/clk-pll-s10.c b/drivers/clk/socfpga/clk-pll-s10.c |
1937 |
+index c4d0b6f6abf2e..fc2e2839fe570 100644 |
1938 |
+--- a/drivers/clk/socfpga/clk-pll-s10.c |
1939 |
++++ b/drivers/clk/socfpga/clk-pll-s10.c |
1940 |
+@@ -38,7 +38,9 @@ static unsigned long clk_pll_recalc_rate(struct clk_hw *hwclk, |
1941 |
+ /* read VCO1 reg for numerator and denominator */ |
1942 |
+ reg = readl(socfpgaclk->hw.reg); |
1943 |
+ refdiv = (reg & SOCFPGA_PLL_REFDIV_MASK) >> SOCFPGA_PLL_REFDIV_SHIFT; |
1944 |
+- vco_freq = (unsigned long long)parent_rate / refdiv; |
1945 |
++ |
1946 |
++ vco_freq = parent_rate; |
1947 |
++ do_div(vco_freq, refdiv); |
1948 |
+ |
1949 |
+ /* Read mdiv and fdiv from the fdbck register */ |
1950 |
+ reg = readl(socfpgaclk->hw.reg + 0x4); |
1951 |
+diff --git a/drivers/clk/ti/adpll.c b/drivers/clk/ti/adpll.c |
1952 |
+index 688e403333b91..14926e07d09ae 100644 |
1953 |
+--- a/drivers/clk/ti/adpll.c |
1954 |
++++ b/drivers/clk/ti/adpll.c |
1955 |
+@@ -193,15 +193,8 @@ static const char *ti_adpll_clk_get_name(struct ti_adpll_data *d, |
1956 |
+ if (err) |
1957 |
+ return NULL; |
1958 |
+ } else { |
1959 |
+- const char *base_name = "adpll"; |
1960 |
+- char *buf; |
1961 |
+- |
1962 |
+- buf = devm_kzalloc(d->dev, 8 + 1 + strlen(base_name) + 1 + |
1963 |
+- strlen(postfix), GFP_KERNEL); |
1964 |
+- if (!buf) |
1965 |
+- return NULL; |
1966 |
+- sprintf(buf, "%08lx.%s.%s", d->pa, base_name, postfix); |
1967 |
+- name = buf; |
1968 |
++ name = devm_kasprintf(d->dev, GFP_KERNEL, "%08lx.adpll.%s", |
1969 |
++ d->pa, postfix); |
1970 |
+ } |
1971 |
+ |
1972 |
+ return name; |
1973 |
+diff --git a/drivers/clocksource/h8300_timer8.c b/drivers/clocksource/h8300_timer8.c |
1974 |
+index 1d740a8c42ab3..47114c2a7cb54 100644 |
1975 |
+--- a/drivers/clocksource/h8300_timer8.c |
1976 |
++++ b/drivers/clocksource/h8300_timer8.c |
1977 |
+@@ -169,7 +169,7 @@ static int __init h8300_8timer_init(struct device_node *node) |
1978 |
+ return PTR_ERR(clk); |
1979 |
+ } |
1980 |
+ |
1981 |
+- ret = ENXIO; |
1982 |
++ ret = -ENXIO; |
1983 |
+ base = of_iomap(node, 0); |
1984 |
+ if (!base) { |
1985 |
+ pr_err("failed to map registers for clockevent\n"); |
1986 |
+diff --git a/drivers/cpufreq/powernv-cpufreq.c b/drivers/cpufreq/powernv-cpufreq.c |
1987 |
+index 687c92ef76440..79942f7057576 100644 |
1988 |
+--- a/drivers/cpufreq/powernv-cpufreq.c |
1989 |
++++ b/drivers/cpufreq/powernv-cpufreq.c |
1990 |
+@@ -903,6 +903,7 @@ static struct notifier_block powernv_cpufreq_reboot_nb = { |
1991 |
+ void powernv_cpufreq_work_fn(struct work_struct *work) |
1992 |
+ { |
1993 |
+ struct chip *chip = container_of(work, struct chip, throttle); |
1994 |
++ struct cpufreq_policy *policy; |
1995 |
+ unsigned int cpu; |
1996 |
+ cpumask_t mask; |
1997 |
+ |
1998 |
+@@ -917,12 +918,14 @@ void powernv_cpufreq_work_fn(struct work_struct *work) |
1999 |
+ chip->restore = false; |
2000 |
+ for_each_cpu(cpu, &mask) { |
2001 |
+ int index; |
2002 |
+- struct cpufreq_policy policy; |
2003 |
+ |
2004 |
+- cpufreq_get_policy(&policy, cpu); |
2005 |
+- index = cpufreq_table_find_index_c(&policy, policy.cur); |
2006 |
+- powernv_cpufreq_target_index(&policy, index); |
2007 |
+- cpumask_andnot(&mask, &mask, policy.cpus); |
2008 |
++ policy = cpufreq_cpu_get(cpu); |
2009 |
++ if (!policy) |
2010 |
++ continue; |
2011 |
++ index = cpufreq_table_find_index_c(policy, policy->cur); |
2012 |
++ powernv_cpufreq_target_index(policy, index); |
2013 |
++ cpumask_andnot(&mask, &mask, policy->cpus); |
2014 |
++ cpufreq_cpu_put(policy); |
2015 |
+ } |
2016 |
+ out: |
2017 |
+ put_online_cpus(); |
2018 |
+diff --git a/drivers/crypto/chelsio/chcr_algo.c b/drivers/crypto/chelsio/chcr_algo.c |
2019 |
+index 9b3c259f081d3..ee508bbbb7504 100644 |
2020 |
+--- a/drivers/crypto/chelsio/chcr_algo.c |
2021 |
++++ b/drivers/crypto/chelsio/chcr_algo.c |
2022 |
+@@ -2418,8 +2418,9 @@ int chcr_aead_dma_map(struct device *dev, |
2023 |
+ else |
2024 |
+ reqctx->b0_dma = 0; |
2025 |
+ if (req->src == req->dst) { |
2026 |
+- error = dma_map_sg(dev, req->src, sg_nents(req->src), |
2027 |
+- DMA_BIDIRECTIONAL); |
2028 |
++ error = dma_map_sg(dev, req->src, |
2029 |
++ sg_nents_for_len(req->src, dst_size), |
2030 |
++ DMA_BIDIRECTIONAL); |
2031 |
+ if (!error) |
2032 |
+ goto err; |
2033 |
+ } else { |
2034 |
+diff --git a/drivers/crypto/chelsio/chtls/chtls_io.c b/drivers/crypto/chelsio/chtls/chtls_io.c |
2035 |
+index 1e0cc96306dd7..2c1f3ddb0cc79 100644 |
2036 |
+--- a/drivers/crypto/chelsio/chtls/chtls_io.c |
2037 |
++++ b/drivers/crypto/chelsio/chtls/chtls_io.c |
2038 |
+@@ -1449,7 +1449,7 @@ static int chtls_pt_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, |
2039 |
+ csk->wr_max_credits)) |
2040 |
+ sk->sk_write_space(sk); |
2041 |
+ |
2042 |
+- if (copied >= target && !sk->sk_backlog.tail) |
2043 |
++ if (copied >= target && !READ_ONCE(sk->sk_backlog.tail)) |
2044 |
+ break; |
2045 |
+ |
2046 |
+ if (copied) { |
2047 |
+@@ -1482,7 +1482,7 @@ static int chtls_pt_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, |
2048 |
+ break; |
2049 |
+ } |
2050 |
+ } |
2051 |
+- if (sk->sk_backlog.tail) { |
2052 |
++ if (READ_ONCE(sk->sk_backlog.tail)) { |
2053 |
+ release_sock(sk); |
2054 |
+ lock_sock(sk); |
2055 |
+ chtls_cleanup_rbuf(sk, copied); |
2056 |
+@@ -1627,7 +1627,7 @@ static int peekmsg(struct sock *sk, struct msghdr *msg, |
2057 |
+ break; |
2058 |
+ } |
2059 |
+ |
2060 |
+- if (sk->sk_backlog.tail) { |
2061 |
++ if (READ_ONCE(sk->sk_backlog.tail)) { |
2062 |
+ /* Do not sleep, just process backlog. */ |
2063 |
+ release_sock(sk); |
2064 |
+ lock_sock(sk); |
2065 |
+@@ -1759,7 +1759,7 @@ int chtls_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, |
2066 |
+ csk->wr_max_credits)) |
2067 |
+ sk->sk_write_space(sk); |
2068 |
+ |
2069 |
+- if (copied >= target && !sk->sk_backlog.tail) |
2070 |
++ if (copied >= target && !READ_ONCE(sk->sk_backlog.tail)) |
2071 |
+ break; |
2072 |
+ |
2073 |
+ if (copied) { |
2074 |
+@@ -1790,7 +1790,7 @@ int chtls_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, |
2075 |
+ } |
2076 |
+ } |
2077 |
+ |
2078 |
+- if (sk->sk_backlog.tail) { |
2079 |
++ if (READ_ONCE(sk->sk_backlog.tail)) { |
2080 |
+ release_sock(sk); |
2081 |
+ lock_sock(sk); |
2082 |
+ chtls_cleanup_rbuf(sk, copied); |
2083 |
+diff --git a/drivers/devfreq/tegra-devfreq.c b/drivers/devfreq/tegra-devfreq.c |
2084 |
+index 06768074d2d82..479d9575e1245 100644 |
2085 |
+--- a/drivers/devfreq/tegra-devfreq.c |
2086 |
++++ b/drivers/devfreq/tegra-devfreq.c |
2087 |
+@@ -80,6 +80,8 @@ |
2088 |
+ |
2089 |
+ #define KHZ 1000 |
2090 |
+ |
2091 |
++#define KHZ_MAX (ULONG_MAX / KHZ) |
2092 |
++ |
2093 |
+ /* Assume that the bus is saturated if the utilization is 25% */ |
2094 |
+ #define BUS_SATURATION_RATIO 25 |
2095 |
+ |
2096 |
+@@ -180,7 +182,7 @@ struct tegra_actmon_emc_ratio { |
2097 |
+ }; |
2098 |
+ |
2099 |
+ static struct tegra_actmon_emc_ratio actmon_emc_ratios[] = { |
2100 |
+- { 1400000, ULONG_MAX }, |
2101 |
++ { 1400000, KHZ_MAX }, |
2102 |
+ { 1200000, 750000 }, |
2103 |
+ { 1100000, 600000 }, |
2104 |
+ { 1000000, 500000 }, |
2105 |
+diff --git a/drivers/dma-buf/dma-fence.c b/drivers/dma-buf/dma-fence.c |
2106 |
+index 1551ca7df3941..8586cc05def17 100644 |
2107 |
+--- a/drivers/dma-buf/dma-fence.c |
2108 |
++++ b/drivers/dma-buf/dma-fence.c |
2109 |
+@@ -244,6 +244,30 @@ void dma_fence_free(struct dma_fence *fence) |
2110 |
+ } |
2111 |
+ EXPORT_SYMBOL(dma_fence_free); |
2112 |
+ |
2113 |
++static bool __dma_fence_enable_signaling(struct dma_fence *fence) |
2114 |
++{ |
2115 |
++ bool was_set; |
2116 |
++ |
2117 |
++ lockdep_assert_held(fence->lock); |
2118 |
++ |
2119 |
++ was_set = test_and_set_bit(DMA_FENCE_FLAG_ENABLE_SIGNAL_BIT, |
2120 |
++ &fence->flags); |
2121 |
++ |
2122 |
++ if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) |
2123 |
++ return false; |
2124 |
++ |
2125 |
++ if (!was_set && fence->ops->enable_signaling) { |
2126 |
++ trace_dma_fence_enable_signal(fence); |
2127 |
++ |
2128 |
++ if (!fence->ops->enable_signaling(fence)) { |
2129 |
++ dma_fence_signal_locked(fence); |
2130 |
++ return false; |
2131 |
++ } |
2132 |
++ } |
2133 |
++ |
2134 |
++ return true; |
2135 |
++} |
2136 |
++ |
2137 |
+ /** |
2138 |
+ * dma_fence_enable_sw_signaling - enable signaling on fence |
2139 |
+ * @fence: the fence to enable |
2140 |
+@@ -256,19 +280,12 @@ void dma_fence_enable_sw_signaling(struct dma_fence *fence) |
2141 |
+ { |
2142 |
+ unsigned long flags; |
2143 |
+ |
2144 |
+- if (!test_and_set_bit(DMA_FENCE_FLAG_ENABLE_SIGNAL_BIT, |
2145 |
+- &fence->flags) && |
2146 |
+- !test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags) && |
2147 |
+- fence->ops->enable_signaling) { |
2148 |
+- trace_dma_fence_enable_signal(fence); |
2149 |
+- |
2150 |
+- spin_lock_irqsave(fence->lock, flags); |
2151 |
+- |
2152 |
+- if (!fence->ops->enable_signaling(fence)) |
2153 |
+- dma_fence_signal_locked(fence); |
2154 |
++ if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) |
2155 |
++ return; |
2156 |
+ |
2157 |
+- spin_unlock_irqrestore(fence->lock, flags); |
2158 |
+- } |
2159 |
++ spin_lock_irqsave(fence->lock, flags); |
2160 |
++ __dma_fence_enable_signaling(fence); |
2161 |
++ spin_unlock_irqrestore(fence->lock, flags); |
2162 |
+ } |
2163 |
+ EXPORT_SYMBOL(dma_fence_enable_sw_signaling); |
2164 |
+ |
2165 |
+@@ -302,7 +319,6 @@ int dma_fence_add_callback(struct dma_fence *fence, struct dma_fence_cb *cb, |
2166 |
+ { |
2167 |
+ unsigned long flags; |
2168 |
+ int ret = 0; |
2169 |
+- bool was_set; |
2170 |
+ |
2171 |
+ if (WARN_ON(!fence || !func)) |
2172 |
+ return -EINVAL; |
2173 |
+@@ -314,25 +330,14 @@ int dma_fence_add_callback(struct dma_fence *fence, struct dma_fence_cb *cb, |
2174 |
+ |
2175 |
+ spin_lock_irqsave(fence->lock, flags); |
2176 |
+ |
2177 |
+- was_set = test_and_set_bit(DMA_FENCE_FLAG_ENABLE_SIGNAL_BIT, |
2178 |
+- &fence->flags); |
2179 |
+- |
2180 |
+- if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) |
2181 |
+- ret = -ENOENT; |
2182 |
+- else if (!was_set && fence->ops->enable_signaling) { |
2183 |
+- trace_dma_fence_enable_signal(fence); |
2184 |
+- |
2185 |
+- if (!fence->ops->enable_signaling(fence)) { |
2186 |
+- dma_fence_signal_locked(fence); |
2187 |
+- ret = -ENOENT; |
2188 |
+- } |
2189 |
+- } |
2190 |
+- |
2191 |
+- if (!ret) { |
2192 |
++ if (__dma_fence_enable_signaling(fence)) { |
2193 |
+ cb->func = func; |
2194 |
+ list_add_tail(&cb->node, &fence->cb_list); |
2195 |
+- } else |
2196 |
++ } else { |
2197 |
+ INIT_LIST_HEAD(&cb->node); |
2198 |
++ ret = -ENOENT; |
2199 |
++ } |
2200 |
++ |
2201 |
+ spin_unlock_irqrestore(fence->lock, flags); |
2202 |
+ |
2203 |
+ return ret; |
2204 |
+@@ -432,7 +437,6 @@ dma_fence_default_wait(struct dma_fence *fence, bool intr, signed long timeout) |
2205 |
+ struct default_wait_cb cb; |
2206 |
+ unsigned long flags; |
2207 |
+ signed long ret = timeout ? timeout : 1; |
2208 |
+- bool was_set; |
2209 |
+ |
2210 |
+ if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) |
2211 |
+ return ret; |
2212 |
+@@ -444,21 +448,9 @@ dma_fence_default_wait(struct dma_fence *fence, bool intr, signed long timeout) |
2213 |
+ goto out; |
2214 |
+ } |
2215 |
+ |
2216 |
+- was_set = test_and_set_bit(DMA_FENCE_FLAG_ENABLE_SIGNAL_BIT, |
2217 |
+- &fence->flags); |
2218 |
+- |
2219 |
+- if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) |
2220 |
++ if (!__dma_fence_enable_signaling(fence)) |
2221 |
+ goto out; |
2222 |
+ |
2223 |
+- if (!was_set && fence->ops->enable_signaling) { |
2224 |
+- trace_dma_fence_enable_signal(fence); |
2225 |
+- |
2226 |
+- if (!fence->ops->enable_signaling(fence)) { |
2227 |
+- dma_fence_signal_locked(fence); |
2228 |
+- goto out; |
2229 |
+- } |
2230 |
+- } |
2231 |
+- |
2232 |
+ if (!timeout) { |
2233 |
+ ret = 0; |
2234 |
+ goto out; |
2235 |
+diff --git a/drivers/dma/mediatek/mtk-hsdma.c b/drivers/dma/mediatek/mtk-hsdma.c |
2236 |
+index b7ec56ae02a6e..fca232b1d4a64 100644 |
2237 |
+--- a/drivers/dma/mediatek/mtk-hsdma.c |
2238 |
++++ b/drivers/dma/mediatek/mtk-hsdma.c |
2239 |
+@@ -997,7 +997,7 @@ static int mtk_hsdma_probe(struct platform_device *pdev) |
2240 |
+ if (err) { |
2241 |
+ dev_err(&pdev->dev, |
2242 |
+ "request_irq failed with err %d\n", err); |
2243 |
+- goto err_unregister; |
2244 |
++ goto err_free; |
2245 |
+ } |
2246 |
+ |
2247 |
+ platform_set_drvdata(pdev, hsdma); |
2248 |
+@@ -1006,6 +1006,8 @@ static int mtk_hsdma_probe(struct platform_device *pdev) |
2249 |
+ |
2250 |
+ return 0; |
2251 |
+ |
2252 |
++err_free: |
2253 |
++ of_dma_controller_free(pdev->dev.of_node); |
2254 |
+ err_unregister: |
2255 |
+ dma_async_device_unregister(dd); |
2256 |
+ |
2257 |
+diff --git a/drivers/dma/stm32-dma.c b/drivers/dma/stm32-dma.c |
2258 |
+index 4903a408fc146..ac7af440f8658 100644 |
2259 |
+--- a/drivers/dma/stm32-dma.c |
2260 |
++++ b/drivers/dma/stm32-dma.c |
2261 |
+@@ -494,8 +494,10 @@ static int stm32_dma_terminate_all(struct dma_chan *c) |
2262 |
+ |
2263 |
+ spin_lock_irqsave(&chan->vchan.lock, flags); |
2264 |
+ |
2265 |
+- if (chan->busy) { |
2266 |
+- stm32_dma_stop(chan); |
2267 |
++ if (chan->desc) { |
2268 |
++ vchan_terminate_vdesc(&chan->desc->vdesc); |
2269 |
++ if (chan->busy) |
2270 |
++ stm32_dma_stop(chan); |
2271 |
+ chan->desc = NULL; |
2272 |
+ } |
2273 |
+ |
2274 |
+@@ -551,6 +553,8 @@ static void stm32_dma_start_transfer(struct stm32_dma_chan *chan) |
2275 |
+ if (!vdesc) |
2276 |
+ return; |
2277 |
+ |
2278 |
++ list_del(&vdesc->node); |
2279 |
++ |
2280 |
+ chan->desc = to_stm32_dma_desc(vdesc); |
2281 |
+ chan->next_sg = 0; |
2282 |
+ } |
2283 |
+@@ -628,7 +632,6 @@ static void stm32_dma_handle_chan_done(struct stm32_dma_chan *chan) |
2284 |
+ } else { |
2285 |
+ chan->busy = false; |
2286 |
+ if (chan->next_sg == chan->desc->num_sgs) { |
2287 |
+- list_del(&chan->desc->vdesc.node); |
2288 |
+ vchan_cookie_complete(&chan->desc->vdesc); |
2289 |
+ chan->desc = NULL; |
2290 |
+ } |
2291 |
+diff --git a/drivers/dma/stm32-mdma.c b/drivers/dma/stm32-mdma.c |
2292 |
+index 8c3c3e5b812a8..9c6867916e890 100644 |
2293 |
+--- a/drivers/dma/stm32-mdma.c |
2294 |
++++ b/drivers/dma/stm32-mdma.c |
2295 |
+@@ -1137,6 +1137,8 @@ static void stm32_mdma_start_transfer(struct stm32_mdma_chan *chan) |
2296 |
+ return; |
2297 |
+ } |
2298 |
+ |
2299 |
++ list_del(&vdesc->node); |
2300 |
++ |
2301 |
+ chan->desc = to_stm32_mdma_desc(vdesc); |
2302 |
+ hwdesc = chan->desc->node[0].hwdesc; |
2303 |
+ chan->curr_hwdesc = 0; |
2304 |
+@@ -1252,8 +1254,10 @@ static int stm32_mdma_terminate_all(struct dma_chan *c) |
2305 |
+ LIST_HEAD(head); |
2306 |
+ |
2307 |
+ spin_lock_irqsave(&chan->vchan.lock, flags); |
2308 |
+- if (chan->busy) { |
2309 |
+- stm32_mdma_stop(chan); |
2310 |
++ if (chan->desc) { |
2311 |
++ vchan_terminate_vdesc(&chan->desc->vdesc); |
2312 |
++ if (chan->busy) |
2313 |
++ stm32_mdma_stop(chan); |
2314 |
+ chan->desc = NULL; |
2315 |
+ } |
2316 |
+ vchan_get_all_descriptors(&chan->vchan, &head); |
2317 |
+@@ -1341,7 +1345,6 @@ static enum dma_status stm32_mdma_tx_status(struct dma_chan *c, |
2318 |
+ |
2319 |
+ static void stm32_mdma_xfer_end(struct stm32_mdma_chan *chan) |
2320 |
+ { |
2321 |
+- list_del(&chan->desc->vdesc.node); |
2322 |
+ vchan_cookie_complete(&chan->desc->vdesc); |
2323 |
+ chan->desc = NULL; |
2324 |
+ chan->busy = false; |
2325 |
+diff --git a/drivers/dma/tegra20-apb-dma.c b/drivers/dma/tegra20-apb-dma.c |
2326 |
+index 15481aeaeecd1..5ccd24a46e381 100644 |
2327 |
+--- a/drivers/dma/tegra20-apb-dma.c |
2328 |
++++ b/drivers/dma/tegra20-apb-dma.c |
2329 |
+@@ -1225,8 +1225,7 @@ static void tegra_dma_free_chan_resources(struct dma_chan *dc) |
2330 |
+ |
2331 |
+ dev_dbg(tdc2dev(tdc), "Freeing channel %d\n", tdc->id); |
2332 |
+ |
2333 |
+- if (tdc->busy) |
2334 |
+- tegra_dma_terminate_all(dc); |
2335 |
++ tegra_dma_terminate_all(dc); |
2336 |
+ |
2337 |
+ spin_lock_irqsave(&tdc->lock, flags); |
2338 |
+ list_splice_init(&tdc->pending_sg_req, &sg_req_list); |
2339 |
+diff --git a/drivers/dma/xilinx/zynqmp_dma.c b/drivers/dma/xilinx/zynqmp_dma.c |
2340 |
+index 73de6a6179fcd..e002ff8413e2a 100644 |
2341 |
+--- a/drivers/dma/xilinx/zynqmp_dma.c |
2342 |
++++ b/drivers/dma/xilinx/zynqmp_dma.c |
2343 |
+@@ -127,10 +127,12 @@ |
2344 |
+ /* Max transfer size per descriptor */ |
2345 |
+ #define ZYNQMP_DMA_MAX_TRANS_LEN 0x40000000 |
2346 |
+ |
2347 |
++/* Max burst lengths */ |
2348 |
++#define ZYNQMP_DMA_MAX_DST_BURST_LEN 32768U |
2349 |
++#define ZYNQMP_DMA_MAX_SRC_BURST_LEN 32768U |
2350 |
++ |
2351 |
+ /* Reset values for data attributes */ |
2352 |
+ #define ZYNQMP_DMA_AXCACHE_VAL 0xF |
2353 |
+-#define ZYNQMP_DMA_ARLEN_RST_VAL 0xF |
2354 |
+-#define ZYNQMP_DMA_AWLEN_RST_VAL 0xF |
2355 |
+ |
2356 |
+ #define ZYNQMP_DMA_SRC_ISSUE_RST_VAL 0x1F |
2357 |
+ |
2358 |
+@@ -536,17 +538,19 @@ static void zynqmp_dma_handle_ovfl_int(struct zynqmp_dma_chan *chan, u32 status) |
2359 |
+ |
2360 |
+ static void zynqmp_dma_config(struct zynqmp_dma_chan *chan) |
2361 |
+ { |
2362 |
+- u32 val; |
2363 |
++ u32 val, burst_val; |
2364 |
+ |
2365 |
+ val = readl(chan->regs + ZYNQMP_DMA_CTRL0); |
2366 |
+ val |= ZYNQMP_DMA_POINT_TYPE_SG; |
2367 |
+ writel(val, chan->regs + ZYNQMP_DMA_CTRL0); |
2368 |
+ |
2369 |
+ val = readl(chan->regs + ZYNQMP_DMA_DATA_ATTR); |
2370 |
++ burst_val = __ilog2_u32(chan->src_burst_len); |
2371 |
+ val = (val & ~ZYNQMP_DMA_ARLEN) | |
2372 |
+- (chan->src_burst_len << ZYNQMP_DMA_ARLEN_OFST); |
2373 |
++ ((burst_val << ZYNQMP_DMA_ARLEN_OFST) & ZYNQMP_DMA_ARLEN); |
2374 |
++ burst_val = __ilog2_u32(chan->dst_burst_len); |
2375 |
+ val = (val & ~ZYNQMP_DMA_AWLEN) | |
2376 |
+- (chan->dst_burst_len << ZYNQMP_DMA_AWLEN_OFST); |
2377 |
++ ((burst_val << ZYNQMP_DMA_AWLEN_OFST) & ZYNQMP_DMA_AWLEN); |
2378 |
+ writel(val, chan->regs + ZYNQMP_DMA_DATA_ATTR); |
2379 |
+ } |
2380 |
+ |
2381 |
+@@ -562,8 +566,10 @@ static int zynqmp_dma_device_config(struct dma_chan *dchan, |
2382 |
+ { |
2383 |
+ struct zynqmp_dma_chan *chan = to_chan(dchan); |
2384 |
+ |
2385 |
+- chan->src_burst_len = config->src_maxburst; |
2386 |
+- chan->dst_burst_len = config->dst_maxburst; |
2387 |
++ chan->src_burst_len = clamp(config->src_maxburst, 1U, |
2388 |
++ ZYNQMP_DMA_MAX_SRC_BURST_LEN); |
2389 |
++ chan->dst_burst_len = clamp(config->dst_maxburst, 1U, |
2390 |
++ ZYNQMP_DMA_MAX_DST_BURST_LEN); |
2391 |
+ |
2392 |
+ return 0; |
2393 |
+ } |
2394 |
+@@ -884,8 +890,8 @@ static int zynqmp_dma_chan_probe(struct zynqmp_dma_device *zdev, |
2395 |
+ return PTR_ERR(chan->regs); |
2396 |
+ |
2397 |
+ chan->bus_width = ZYNQMP_DMA_BUS_WIDTH_64; |
2398 |
+- chan->dst_burst_len = ZYNQMP_DMA_AWLEN_RST_VAL; |
2399 |
+- chan->src_burst_len = ZYNQMP_DMA_ARLEN_RST_VAL; |
2400 |
++ chan->dst_burst_len = ZYNQMP_DMA_MAX_DST_BURST_LEN; |
2401 |
++ chan->src_burst_len = ZYNQMP_DMA_MAX_SRC_BURST_LEN; |
2402 |
+ err = of_property_read_u32(node, "xlnx,bus-width", &chan->bus_width); |
2403 |
+ if (err < 0) { |
2404 |
+ dev_err(&pdev->dev, "missing xlnx,bus-width property\n"); |
2405 |
+diff --git a/drivers/firmware/arm_sdei.c b/drivers/firmware/arm_sdei.c |
2406 |
+index 05b528c7ed8fd..e809f4d9a9e93 100644 |
2407 |
+--- a/drivers/firmware/arm_sdei.c |
2408 |
++++ b/drivers/firmware/arm_sdei.c |
2409 |
+@@ -410,14 +410,19 @@ int sdei_event_enable(u32 event_num) |
2410 |
+ return -ENOENT; |
2411 |
+ } |
2412 |
+ |
2413 |
+- spin_lock(&sdei_list_lock); |
2414 |
+- event->reenable = true; |
2415 |
+- spin_unlock(&sdei_list_lock); |
2416 |
+ |
2417 |
++ cpus_read_lock(); |
2418 |
+ if (event->type == SDEI_EVENT_TYPE_SHARED) |
2419 |
+ err = sdei_api_event_enable(event->event_num); |
2420 |
+ else |
2421 |
+ err = sdei_do_cross_call(_local_event_enable, event); |
2422 |
++ |
2423 |
++ if (!err) { |
2424 |
++ spin_lock(&sdei_list_lock); |
2425 |
++ event->reenable = true; |
2426 |
++ spin_unlock(&sdei_list_lock); |
2427 |
++ } |
2428 |
++ cpus_read_unlock(); |
2429 |
+ mutex_unlock(&sdei_events_lock); |
2430 |
+ |
2431 |
+ return err; |
2432 |
+@@ -619,21 +624,18 @@ int sdei_event_register(u32 event_num, sdei_event_callback *cb, void *arg) |
2433 |
+ break; |
2434 |
+ } |
2435 |
+ |
2436 |
+- spin_lock(&sdei_list_lock); |
2437 |
+- event->reregister = true; |
2438 |
+- spin_unlock(&sdei_list_lock); |
2439 |
+- |
2440 |
++ cpus_read_lock(); |
2441 |
+ err = _sdei_event_register(event); |
2442 |
+ if (err) { |
2443 |
+- spin_lock(&sdei_list_lock); |
2444 |
+- event->reregister = false; |
2445 |
+- event->reenable = false; |
2446 |
+- spin_unlock(&sdei_list_lock); |
2447 |
+- |
2448 |
+ sdei_event_destroy(event); |
2449 |
+ pr_warn("Failed to register event %u: %d\n", event_num, |
2450 |
+ err); |
2451 |
++ } else { |
2452 |
++ spin_lock(&sdei_list_lock); |
2453 |
++ event->reregister = true; |
2454 |
++ spin_unlock(&sdei_list_lock); |
2455 |
+ } |
2456 |
++ cpus_read_unlock(); |
2457 |
+ } while (0); |
2458 |
+ mutex_unlock(&sdei_events_lock); |
2459 |
+ |
2460 |
+diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c |
2461 |
+index a5df80d50d447..6cf3dd5edffda 100644 |
2462 |
+--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c |
2463 |
++++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c |
2464 |
+@@ -191,30 +191,35 @@ static bool amdgpu_read_bios_from_rom(struct amdgpu_device *adev) |
2465 |
+ |
2466 |
+ static bool amdgpu_read_platform_bios(struct amdgpu_device *adev) |
2467 |
+ { |
2468 |
+- uint8_t __iomem *bios; |
2469 |
+- size_t size; |
2470 |
++ phys_addr_t rom = adev->pdev->rom; |
2471 |
++ size_t romlen = adev->pdev->romlen; |
2472 |
++ void __iomem *bios; |
2473 |
+ |
2474 |
+ adev->bios = NULL; |
2475 |
+ |
2476 |
+- bios = pci_platform_rom(adev->pdev, &size); |
2477 |
+- if (!bios) { |
2478 |
++ if (!rom || romlen == 0) |
2479 |
+ return false; |
2480 |
+- } |
2481 |
+ |
2482 |
+- adev->bios = kzalloc(size, GFP_KERNEL); |
2483 |
+- if (adev->bios == NULL) |
2484 |
++ adev->bios = kzalloc(romlen, GFP_KERNEL); |
2485 |
++ if (!adev->bios) |
2486 |
+ return false; |
2487 |
+ |
2488 |
+- memcpy_fromio(adev->bios, bios, size); |
2489 |
++ bios = ioremap(rom, romlen); |
2490 |
++ if (!bios) |
2491 |
++ goto free_bios; |
2492 |
+ |
2493 |
+- if (!check_atom_bios(adev->bios, size)) { |
2494 |
+- kfree(adev->bios); |
2495 |
+- return false; |
2496 |
+- } |
2497 |
++ memcpy_fromio(adev->bios, bios, romlen); |
2498 |
++ iounmap(bios); |
2499 |
+ |
2500 |
+- adev->bios_size = size; |
2501 |
++ if (!check_atom_bios(adev->bios, romlen)) |
2502 |
++ goto free_bios; |
2503 |
++ |
2504 |
++ adev->bios_size = romlen; |
2505 |
+ |
2506 |
+ return true; |
2507 |
++free_bios: |
2508 |
++ kfree(adev->bios); |
2509 |
++ return false; |
2510 |
+ } |
2511 |
+ |
2512 |
+ #ifdef CONFIG_ACPI |
2513 |
+diff --git a/drivers/gpu/drm/amd/amdgpu/atom.c b/drivers/gpu/drm/amd/amdgpu/atom.c |
2514 |
+index e9934de1b9cf8..0222bb7ea49b4 100644 |
2515 |
+--- a/drivers/gpu/drm/amd/amdgpu/atom.c |
2516 |
++++ b/drivers/gpu/drm/amd/amdgpu/atom.c |
2517 |
+@@ -742,8 +742,8 @@ static void atom_op_jump(atom_exec_context *ctx, int *ptr, int arg) |
2518 |
+ cjiffies = jiffies; |
2519 |
+ if (time_after(cjiffies, ctx->last_jump_jiffies)) { |
2520 |
+ cjiffies -= ctx->last_jump_jiffies; |
2521 |
+- if ((jiffies_to_msecs(cjiffies) > 5000)) { |
2522 |
+- DRM_ERROR("atombios stuck in loop for more than 5secs aborting\n"); |
2523 |
++ if ((jiffies_to_msecs(cjiffies) > 10000)) { |
2524 |
++ DRM_ERROR("atombios stuck in loop for more than 10secs aborting\n"); |
2525 |
+ ctx->abort = true; |
2526 |
+ } |
2527 |
+ } else { |
2528 |
+diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c b/drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c |
2529 |
+index 189212cb35475..bff39f561264e 100644 |
2530 |
+--- a/drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c |
2531 |
++++ b/drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c |
2532 |
+@@ -1101,6 +1101,8 @@ static int stop_cpsch(struct device_queue_manager *dqm) |
2533 |
+ unmap_queues_cpsch(dqm, KFD_UNMAP_QUEUES_FILTER_ALL_QUEUES, 0); |
2534 |
+ dqm_unlock(dqm); |
2535 |
+ |
2536 |
++ pm_release_ib(&dqm->packets); |
2537 |
++ |
2538 |
+ kfd_gtt_sa_free(dqm->dev, dqm->fence_mem); |
2539 |
+ pm_uninit(&dqm->packets); |
2540 |
+ |
2541 |
+diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link.c b/drivers/gpu/drm/amd/display/dc/core/dc_link.c |
2542 |
+index 3abc0294c05f5..2fb2c683ad54b 100644 |
2543 |
+--- a/drivers/gpu/drm/amd/display/dc/core/dc_link.c |
2544 |
++++ b/drivers/gpu/drm/amd/display/dc/core/dc_link.c |
2545 |
+@@ -1576,8 +1576,7 @@ static void write_i2c_retimer_setting( |
2546 |
+ buffer, sizeof(buffer)); |
2547 |
+ |
2548 |
+ if (!i2c_success) |
2549 |
+- /* Write failure */ |
2550 |
+- ASSERT(i2c_success); |
2551 |
++ goto i2c_write_fail; |
2552 |
+ |
2553 |
+ /* Based on DP159 specs, APPLY_RX_TX_CHANGE bit in 0x0A |
2554 |
+ * needs to be set to 1 on every 0xA-0xC write. |
2555 |
+@@ -1595,8 +1594,7 @@ static void write_i2c_retimer_setting( |
2556 |
+ pipe_ctx->stream->sink->link->ddc, |
2557 |
+ slave_address, &offset, 1, &value, 1); |
2558 |
+ if (!i2c_success) |
2559 |
+- /* Write failure */ |
2560 |
+- ASSERT(i2c_success); |
2561 |
++ goto i2c_write_fail; |
2562 |
+ } |
2563 |
+ |
2564 |
+ buffer[0] = offset; |
2565 |
+@@ -1605,8 +1603,7 @@ static void write_i2c_retimer_setting( |
2566 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2567 |
+ buffer, sizeof(buffer)); |
2568 |
+ if (!i2c_success) |
2569 |
+- /* Write failure */ |
2570 |
+- ASSERT(i2c_success); |
2571 |
++ goto i2c_write_fail; |
2572 |
+ } |
2573 |
+ } |
2574 |
+ } |
2575 |
+@@ -1623,8 +1620,7 @@ static void write_i2c_retimer_setting( |
2576 |
+ buffer, sizeof(buffer)); |
2577 |
+ |
2578 |
+ if (!i2c_success) |
2579 |
+- /* Write failure */ |
2580 |
+- ASSERT(i2c_success); |
2581 |
++ goto i2c_write_fail; |
2582 |
+ |
2583 |
+ /* Based on DP159 specs, APPLY_RX_TX_CHANGE bit in 0x0A |
2584 |
+ * needs to be set to 1 on every 0xA-0xC write. |
2585 |
+@@ -1642,8 +1638,7 @@ static void write_i2c_retimer_setting( |
2586 |
+ pipe_ctx->stream->sink->link->ddc, |
2587 |
+ slave_address, &offset, 1, &value, 1); |
2588 |
+ if (!i2c_success) |
2589 |
+- /* Write failure */ |
2590 |
+- ASSERT(i2c_success); |
2591 |
++ goto i2c_write_fail; |
2592 |
+ } |
2593 |
+ |
2594 |
+ buffer[0] = offset; |
2595 |
+@@ -1652,8 +1647,7 @@ static void write_i2c_retimer_setting( |
2596 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2597 |
+ buffer, sizeof(buffer)); |
2598 |
+ if (!i2c_success) |
2599 |
+- /* Write failure */ |
2600 |
+- ASSERT(i2c_success); |
2601 |
++ goto i2c_write_fail; |
2602 |
+ } |
2603 |
+ } |
2604 |
+ } |
2605 |
+@@ -1668,8 +1662,7 @@ static void write_i2c_retimer_setting( |
2606 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2607 |
+ buffer, sizeof(buffer)); |
2608 |
+ if (!i2c_success) |
2609 |
+- /* Write failure */ |
2610 |
+- ASSERT(i2c_success); |
2611 |
++ goto i2c_write_fail; |
2612 |
+ |
2613 |
+ /* Write offset 0x00 to 0x23 */ |
2614 |
+ buffer[0] = 0x00; |
2615 |
+@@ -1677,8 +1670,7 @@ static void write_i2c_retimer_setting( |
2616 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2617 |
+ buffer, sizeof(buffer)); |
2618 |
+ if (!i2c_success) |
2619 |
+- /* Write failure */ |
2620 |
+- ASSERT(i2c_success); |
2621 |
++ goto i2c_write_fail; |
2622 |
+ |
2623 |
+ /* Write offset 0xff to 0x00 */ |
2624 |
+ buffer[0] = 0xff; |
2625 |
+@@ -1686,10 +1678,14 @@ static void write_i2c_retimer_setting( |
2626 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2627 |
+ buffer, sizeof(buffer)); |
2628 |
+ if (!i2c_success) |
2629 |
+- /* Write failure */ |
2630 |
+- ASSERT(i2c_success); |
2631 |
++ goto i2c_write_fail; |
2632 |
+ |
2633 |
+ } |
2634 |
++ |
2635 |
++ return; |
2636 |
++ |
2637 |
++i2c_write_fail: |
2638 |
++ DC_LOG_DEBUG("Set retimer failed"); |
2639 |
+ } |
2640 |
+ |
2641 |
+ static void write_i2c_default_retimer_setting( |
2642 |
+@@ -1710,8 +1706,7 @@ static void write_i2c_default_retimer_setting( |
2643 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2644 |
+ buffer, sizeof(buffer)); |
2645 |
+ if (!i2c_success) |
2646 |
+- /* Write failure */ |
2647 |
+- ASSERT(i2c_success); |
2648 |
++ goto i2c_write_fail; |
2649 |
+ |
2650 |
+ /* Write offset 0x0A to 0x17 */ |
2651 |
+ buffer[0] = 0x0A; |
2652 |
+@@ -1719,8 +1714,7 @@ static void write_i2c_default_retimer_setting( |
2653 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2654 |
+ buffer, sizeof(buffer)); |
2655 |
+ if (!i2c_success) |
2656 |
+- /* Write failure */ |
2657 |
+- ASSERT(i2c_success); |
2658 |
++ goto i2c_write_fail; |
2659 |
+ |
2660 |
+ /* Write offset 0x0B to 0xDA or 0xD8 */ |
2661 |
+ buffer[0] = 0x0B; |
2662 |
+@@ -1728,8 +1722,7 @@ static void write_i2c_default_retimer_setting( |
2663 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2664 |
+ buffer, sizeof(buffer)); |
2665 |
+ if (!i2c_success) |
2666 |
+- /* Write failure */ |
2667 |
+- ASSERT(i2c_success); |
2668 |
++ goto i2c_write_fail; |
2669 |
+ |
2670 |
+ /* Write offset 0x0A to 0x17 */ |
2671 |
+ buffer[0] = 0x0A; |
2672 |
+@@ -1737,8 +1730,7 @@ static void write_i2c_default_retimer_setting( |
2673 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2674 |
+ buffer, sizeof(buffer)); |
2675 |
+ if (!i2c_success) |
2676 |
+- /* Write failure */ |
2677 |
+- ASSERT(i2c_success); |
2678 |
++ goto i2c_write_fail; |
2679 |
+ |
2680 |
+ /* Write offset 0x0C to 0x1D or 0x91 */ |
2681 |
+ buffer[0] = 0x0C; |
2682 |
+@@ -1746,8 +1738,7 @@ static void write_i2c_default_retimer_setting( |
2683 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2684 |
+ buffer, sizeof(buffer)); |
2685 |
+ if (!i2c_success) |
2686 |
+- /* Write failure */ |
2687 |
+- ASSERT(i2c_success); |
2688 |
++ goto i2c_write_fail; |
2689 |
+ |
2690 |
+ /* Write offset 0x0A to 0x17 */ |
2691 |
+ buffer[0] = 0x0A; |
2692 |
+@@ -1755,8 +1746,7 @@ static void write_i2c_default_retimer_setting( |
2693 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2694 |
+ buffer, sizeof(buffer)); |
2695 |
+ if (!i2c_success) |
2696 |
+- /* Write failure */ |
2697 |
+- ASSERT(i2c_success); |
2698 |
++ goto i2c_write_fail; |
2699 |
+ |
2700 |
+ |
2701 |
+ if (is_vga_mode) { |
2702 |
+@@ -1768,8 +1758,7 @@ static void write_i2c_default_retimer_setting( |
2703 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2704 |
+ buffer, sizeof(buffer)); |
2705 |
+ if (!i2c_success) |
2706 |
+- /* Write failure */ |
2707 |
+- ASSERT(i2c_success); |
2708 |
++ goto i2c_write_fail; |
2709 |
+ |
2710 |
+ /* Write offset 0x00 to 0x23 */ |
2711 |
+ buffer[0] = 0x00; |
2712 |
+@@ -1777,8 +1766,7 @@ static void write_i2c_default_retimer_setting( |
2713 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2714 |
+ buffer, sizeof(buffer)); |
2715 |
+ if (!i2c_success) |
2716 |
+- /* Write failure */ |
2717 |
+- ASSERT(i2c_success); |
2718 |
++ goto i2c_write_fail; |
2719 |
+ |
2720 |
+ /* Write offset 0xff to 0x00 */ |
2721 |
+ buffer[0] = 0xff; |
2722 |
+@@ -1786,9 +1774,13 @@ static void write_i2c_default_retimer_setting( |
2723 |
+ i2c_success = i2c_write(pipe_ctx, slave_address, |
2724 |
+ buffer, sizeof(buffer)); |
2725 |
+ if (!i2c_success) |
2726 |
+- /* Write failure */ |
2727 |
+- ASSERT(i2c_success); |
2728 |
++ goto i2c_write_fail; |
2729 |
+ } |
2730 |
++ |
2731 |
++ return; |
2732 |
++ |
2733 |
++i2c_write_fail: |
2734 |
++ DC_LOG_DEBUG("Set default retimer failed"); |
2735 |
+ } |
2736 |
+ |
2737 |
+ static void write_i2c_redriver_setting( |
2738 |
+@@ -1811,8 +1803,7 @@ static void write_i2c_redriver_setting( |
2739 |
+ buffer, sizeof(buffer)); |
2740 |
+ |
2741 |
+ if (!i2c_success) |
2742 |
+- /* Write failure */ |
2743 |
+- ASSERT(i2c_success); |
2744 |
++ DC_LOG_DEBUG("Set redriver failed"); |
2745 |
+ } |
2746 |
+ |
2747 |
+ static void enable_link_hdmi(struct pipe_ctx *pipe_ctx) |
2748 |
+diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link_ddc.c b/drivers/gpu/drm/amd/display/dc/core/dc_link_ddc.c |
2749 |
+index 46c9cb47a96e5..145af3bb2dfcb 100644 |
2750 |
+--- a/drivers/gpu/drm/amd/display/dc/core/dc_link_ddc.c |
2751 |
++++ b/drivers/gpu/drm/amd/display/dc/core/dc_link_ddc.c |
2752 |
+@@ -127,22 +127,16 @@ struct aux_payloads { |
2753 |
+ struct vector payloads; |
2754 |
+ }; |
2755 |
+ |
2756 |
+-static struct i2c_payloads *dal_ddc_i2c_payloads_create(struct dc_context *ctx, uint32_t count) |
2757 |
++static bool dal_ddc_i2c_payloads_create( |
2758 |
++ struct dc_context *ctx, |
2759 |
++ struct i2c_payloads *payloads, |
2760 |
++ uint32_t count) |
2761 |
+ { |
2762 |
+- struct i2c_payloads *payloads; |
2763 |
+- |
2764 |
+- payloads = kzalloc(sizeof(struct i2c_payloads), GFP_KERNEL); |
2765 |
+- |
2766 |
+- if (!payloads) |
2767 |
+- return NULL; |
2768 |
+- |
2769 |
+ if (dal_vector_construct( |
2770 |
+ &payloads->payloads, ctx, count, sizeof(struct i2c_payload))) |
2771 |
+- return payloads; |
2772 |
+- |
2773 |
+- kfree(payloads); |
2774 |
+- return NULL; |
2775 |
++ return true; |
2776 |
+ |
2777 |
++ return false; |
2778 |
+ } |
2779 |
+ |
2780 |
+ static struct i2c_payload *dal_ddc_i2c_payloads_get(struct i2c_payloads *p) |
2781 |
+@@ -155,14 +149,12 @@ static uint32_t dal_ddc_i2c_payloads_get_count(struct i2c_payloads *p) |
2782 |
+ return p->payloads.count; |
2783 |
+ } |
2784 |
+ |
2785 |
+-static void dal_ddc_i2c_payloads_destroy(struct i2c_payloads **p) |
2786 |
++static void dal_ddc_i2c_payloads_destroy(struct i2c_payloads *p) |
2787 |
+ { |
2788 |
+- if (!p || !*p) |
2789 |
++ if (!p) |
2790 |
+ return; |
2791 |
+- dal_vector_destruct(&(*p)->payloads); |
2792 |
+- kfree(*p); |
2793 |
+- *p = NULL; |
2794 |
+ |
2795 |
++ dal_vector_destruct(&p->payloads); |
2796 |
+ } |
2797 |
+ |
2798 |
+ static struct aux_payloads *dal_ddc_aux_payloads_create(struct dc_context *ctx, uint32_t count) |
2799 |
+@@ -580,9 +572,13 @@ bool dal_ddc_service_query_ddc_data( |
2800 |
+ |
2801 |
+ uint32_t payloads_num = write_payloads + read_payloads; |
2802 |
+ |
2803 |
++ |
2804 |
+ if (write_size > EDID_SEGMENT_SIZE || read_size > EDID_SEGMENT_SIZE) |
2805 |
+ return false; |
2806 |
+ |
2807 |
++ if (!payloads_num) |
2808 |
++ return false; |
2809 |
++ |
2810 |
+ /*TODO: len of payload data for i2c and aux is uint8!!!!, |
2811 |
+ * but we want to read 256 over i2c!!!!*/ |
2812 |
+ if (dal_ddc_service_is_in_aux_transaction_mode(ddc)) { |
2813 |
+@@ -613,23 +609,25 @@ bool dal_ddc_service_query_ddc_data( |
2814 |
+ dal_ddc_aux_payloads_destroy(&payloads); |
2815 |
+ |
2816 |
+ } else { |
2817 |
+- struct i2c_payloads *payloads = |
2818 |
+- dal_ddc_i2c_payloads_create(ddc->ctx, payloads_num); |
2819 |
++ struct i2c_command command = {0}; |
2820 |
++ struct i2c_payloads payloads; |
2821 |
+ |
2822 |
+- struct i2c_command command = { |
2823 |
+- .payloads = dal_ddc_i2c_payloads_get(payloads), |
2824 |
+- .number_of_payloads = 0, |
2825 |
+- .engine = DDC_I2C_COMMAND_ENGINE, |
2826 |
+- .speed = ddc->ctx->dc->caps.i2c_speed_in_khz }; |
2827 |
++ if (!dal_ddc_i2c_payloads_create(ddc->ctx, &payloads, payloads_num)) |
2828 |
++ return false; |
2829 |
++ |
2830 |
++ command.payloads = dal_ddc_i2c_payloads_get(&payloads); |
2831 |
++ command.number_of_payloads = 0; |
2832 |
++ command.engine = DDC_I2C_COMMAND_ENGINE; |
2833 |
++ command.speed = ddc->ctx->dc->caps.i2c_speed_in_khz; |
2834 |
+ |
2835 |
+ dal_ddc_i2c_payloads_add( |
2836 |
+- payloads, address, write_size, write_buf, true); |
2837 |
++ &payloads, address, write_size, write_buf, true); |
2838 |
+ |
2839 |
+ dal_ddc_i2c_payloads_add( |
2840 |
+- payloads, address, read_size, read_buf, false); |
2841 |
++ &payloads, address, read_size, read_buf, false); |
2842 |
+ |
2843 |
+ command.number_of_payloads = |
2844 |
+- dal_ddc_i2c_payloads_get_count(payloads); |
2845 |
++ dal_ddc_i2c_payloads_get_count(&payloads); |
2846 |
+ |
2847 |
+ ret = dm_helpers_submit_i2c( |
2848 |
+ ddc->ctx, |
2849 |
+diff --git a/drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c b/drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c |
2850 |
+index 72c0a2ae2dd4f..058898b321b8a 100644 |
2851 |
+--- a/drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c |
2852 |
++++ b/drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c |
2853 |
+@@ -3970,6 +3970,13 @@ static int smu7_set_power_state_tasks(struct pp_hwmgr *hwmgr, const void *input) |
2854 |
+ "Failed to populate and upload SCLK MCLK DPM levels!", |
2855 |
+ result = tmp_result); |
2856 |
+ |
2857 |
++ /* |
2858 |
++ * If a custom pp table is loaded, set DPMTABLE_OD_UPDATE_VDDC flag. |
2859 |
++ * That effectively disables AVFS feature. |
2860 |
++ */ |
2861 |
++ if (hwmgr->hardcode_pp_table != NULL) |
2862 |
++ data->need_update_smu7_dpm_table |= DPMTABLE_OD_UPDATE_VDDC; |
2863 |
++ |
2864 |
+ tmp_result = smu7_update_avfs(hwmgr); |
2865 |
+ PP_ASSERT_WITH_CODE((0 == tmp_result), |
2866 |
+ "Failed to update avfs voltages!", |
2867 |
+diff --git a/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_hwmgr.c b/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_hwmgr.c |
2868 |
+index ce459ea4ec3ad..da9e6923fa659 100644 |
2869 |
+--- a/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_hwmgr.c |
2870 |
++++ b/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_hwmgr.c |
2871 |
+@@ -3591,6 +3591,13 @@ static int vega10_set_power_state_tasks(struct pp_hwmgr *hwmgr, |
2872 |
+ PP_ASSERT_WITH_CODE(!result, |
2873 |
+ "Failed to upload PPtable!", return result); |
2874 |
+ |
2875 |
++ /* |
2876 |
++ * If a custom pp table is loaded, set DPMTABLE_OD_UPDATE_VDDC flag. |
2877 |
++ * That effectively disables AVFS feature. |
2878 |
++ */ |
2879 |
++ if(hwmgr->hardcode_pp_table != NULL) |
2880 |
++ data->need_update_dpm_table |= DPMTABLE_OD_UPDATE_VDDC; |
2881 |
++ |
2882 |
+ vega10_update_avfs(hwmgr); |
2883 |
+ |
2884 |
+ data->need_update_dpm_table &= DPMTABLE_OD_UPDATE_VDDC; |
2885 |
+diff --git a/drivers/gpu/drm/gma500/cdv_intel_display.c b/drivers/gpu/drm/gma500/cdv_intel_display.c |
2886 |
+index 17db4b4749d5a..2e8479744ca4a 100644 |
2887 |
+--- a/drivers/gpu/drm/gma500/cdv_intel_display.c |
2888 |
++++ b/drivers/gpu/drm/gma500/cdv_intel_display.c |
2889 |
+@@ -415,6 +415,8 @@ static bool cdv_intel_find_dp_pll(const struct gma_limit_t *limit, |
2890 |
+ struct gma_crtc *gma_crtc = to_gma_crtc(crtc); |
2891 |
+ struct gma_clock_t clock; |
2892 |
+ |
2893 |
++ memset(&clock, 0, sizeof(clock)); |
2894 |
++ |
2895 |
+ switch (refclk) { |
2896 |
+ case 27000: |
2897 |
+ if (target < 200000) { |
2898 |
+diff --git a/drivers/gpu/drm/msm/adreno/a5xx_gpu.c b/drivers/gpu/drm/msm/adreno/a5xx_gpu.c |
2899 |
+index 1fc9a7fa37b45..d29a58bd2f7a3 100644 |
2900 |
+--- a/drivers/gpu/drm/msm/adreno/a5xx_gpu.c |
2901 |
++++ b/drivers/gpu/drm/msm/adreno/a5xx_gpu.c |
2902 |
+@@ -1474,18 +1474,31 @@ static const struct adreno_gpu_funcs funcs = { |
2903 |
+ static void check_speed_bin(struct device *dev) |
2904 |
+ { |
2905 |
+ struct nvmem_cell *cell; |
2906 |
+- u32 bin, val; |
2907 |
++ u32 val; |
2908 |
++ |
2909 |
++ /* |
2910 |
++ * If the OPP table specifies a opp-supported-hw property then we have |
2911 |
++ * to set something with dev_pm_opp_set_supported_hw() or the table |
2912 |
++ * doesn't get populated so pick an arbitrary value that should |
2913 |
++ * ensure the default frequencies are selected but not conflict with any |
2914 |
++ * actual bins |
2915 |
++ */ |
2916 |
++ val = 0x80; |
2917 |
+ |
2918 |
+ cell = nvmem_cell_get(dev, "speed_bin"); |
2919 |
+ |
2920 |
+- /* If a nvmem cell isn't defined, nothing to do */ |
2921 |
+- if (IS_ERR(cell)) |
2922 |
+- return; |
2923 |
++ if (!IS_ERR(cell)) { |
2924 |
++ void *buf = nvmem_cell_read(cell, NULL); |
2925 |
++ |
2926 |
++ if (!IS_ERR(buf)) { |
2927 |
++ u8 bin = *((u8 *) buf); |
2928 |
+ |
2929 |
+- bin = *((u32 *) nvmem_cell_read(cell, NULL)); |
2930 |
+- nvmem_cell_put(cell); |
2931 |
++ val = (1 << bin); |
2932 |
++ kfree(buf); |
2933 |
++ } |
2934 |
+ |
2935 |
+- val = (1 << bin); |
2936 |
++ nvmem_cell_put(cell); |
2937 |
++ } |
2938 |
+ |
2939 |
+ dev_pm_opp_set_supported_hw(dev, &val, 1); |
2940 |
+ } |
2941 |
+diff --git a/drivers/gpu/drm/msm/msm_drv.c b/drivers/gpu/drm/msm/msm_drv.c |
2942 |
+index 7f45486b6650b..3ba3ae9749bec 100644 |
2943 |
+--- a/drivers/gpu/drm/msm/msm_drv.c |
2944 |
++++ b/drivers/gpu/drm/msm/msm_drv.c |
2945 |
+@@ -495,8 +495,10 @@ static int msm_drm_init(struct device *dev, struct drm_driver *drv) |
2946 |
+ if (!dev->dma_parms) { |
2947 |
+ dev->dma_parms = devm_kzalloc(dev, sizeof(*dev->dma_parms), |
2948 |
+ GFP_KERNEL); |
2949 |
+- if (!dev->dma_parms) |
2950 |
+- return -ENOMEM; |
2951 |
++ if (!dev->dma_parms) { |
2952 |
++ ret = -ENOMEM; |
2953 |
++ goto err_msm_uninit; |
2954 |
++ } |
2955 |
+ } |
2956 |
+ dma_set_max_seg_size(dev, DMA_BIT_MASK(32)); |
2957 |
+ |
2958 |
+diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c |
2959 |
+index e06ea8c8184cb..1bb0a9f6fa730 100644 |
2960 |
+--- a/drivers/gpu/drm/nouveau/dispnv50/disp.c |
2961 |
++++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c |
2962 |
+@@ -909,8 +909,10 @@ nv50_mstc_detect(struct drm_connector *connector, bool force) |
2963 |
+ return connector_status_disconnected; |
2964 |
+ |
2965 |
+ ret = pm_runtime_get_sync(connector->dev->dev); |
2966 |
+- if (ret < 0 && ret != -EACCES) |
2967 |
++ if (ret < 0 && ret != -EACCES) { |
2968 |
++ pm_runtime_put_autosuspend(connector->dev->dev); |
2969 |
+ return connector_status_disconnected; |
2970 |
++ } |
2971 |
+ |
2972 |
+ conn_status = drm_dp_mst_detect_port(connector, mstc->port->mgr, |
2973 |
+ mstc->port); |
2974 |
+diff --git a/drivers/gpu/drm/nouveau/nouveau_debugfs.c b/drivers/gpu/drm/nouveau/nouveau_debugfs.c |
2975 |
+index 9635704a1d864..4561a786fab07 100644 |
2976 |
+--- a/drivers/gpu/drm/nouveau/nouveau_debugfs.c |
2977 |
++++ b/drivers/gpu/drm/nouveau/nouveau_debugfs.c |
2978 |
+@@ -161,8 +161,11 @@ nouveau_debugfs_pstate_set(struct file *file, const char __user *ubuf, |
2979 |
+ } |
2980 |
+ |
2981 |
+ ret = pm_runtime_get_sync(drm->dev); |
2982 |
+- if (ret < 0 && ret != -EACCES) |
2983 |
++ if (ret < 0 && ret != -EACCES) { |
2984 |
++ pm_runtime_put_autosuspend(drm->dev); |
2985 |
+ return ret; |
2986 |
++ } |
2987 |
++ |
2988 |
+ ret = nvif_mthd(ctrl, NVIF_CONTROL_PSTATE_USER, &args, sizeof(args)); |
2989 |
+ pm_runtime_put_autosuspend(drm->dev); |
2990 |
+ if (ret < 0) |
2991 |
+diff --git a/drivers/gpu/drm/nouveau/nouveau_gem.c b/drivers/gpu/drm/nouveau/nouveau_gem.c |
2992 |
+index 791f970714ed6..a98fccb0d32f9 100644 |
2993 |
+--- a/drivers/gpu/drm/nouveau/nouveau_gem.c |
2994 |
++++ b/drivers/gpu/drm/nouveau/nouveau_gem.c |
2995 |
+@@ -82,8 +82,10 @@ nouveau_gem_object_open(struct drm_gem_object *gem, struct drm_file *file_priv) |
2996 |
+ return ret; |
2997 |
+ |
2998 |
+ ret = pm_runtime_get_sync(dev); |
2999 |
+- if (ret < 0 && ret != -EACCES) |
3000 |
++ if (ret < 0 && ret != -EACCES) { |
3001 |
++ pm_runtime_put_autosuspend(dev); |
3002 |
+ goto out; |
3003 |
++ } |
3004 |
+ |
3005 |
+ ret = nouveau_vma_new(nvbo, &cli->vmm, &vma); |
3006 |
+ pm_runtime_mark_last_busy(dev); |
3007 |
+diff --git a/drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowpci.c b/drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowpci.c |
3008 |
+index 9b91da09dc5f8..8d9812a51ef63 100644 |
3009 |
+--- a/drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowpci.c |
3010 |
++++ b/drivers/gpu/drm/nouveau/nvkm/subdev/bios/shadowpci.c |
3011 |
+@@ -101,9 +101,13 @@ platform_init(struct nvkm_bios *bios, const char *name) |
3012 |
+ else |
3013 |
+ return ERR_PTR(-ENODEV); |
3014 |
+ |
3015 |
++ if (!pdev->rom || pdev->romlen == 0) |
3016 |
++ return ERR_PTR(-ENODEV); |
3017 |
++ |
3018 |
+ if ((priv = kmalloc(sizeof(*priv), GFP_KERNEL))) { |
3019 |
++ priv->size = pdev->romlen; |
3020 |
+ if (ret = -ENODEV, |
3021 |
+- (priv->rom = pci_platform_rom(pdev, &priv->size))) |
3022 |
++ (priv->rom = ioremap(pdev->rom, pdev->romlen))) |
3023 |
+ return priv; |
3024 |
+ kfree(priv); |
3025 |
+ } |
3026 |
+@@ -111,11 +115,20 @@ platform_init(struct nvkm_bios *bios, const char *name) |
3027 |
+ return ERR_PTR(ret); |
3028 |
+ } |
3029 |
+ |
3030 |
++static void |
3031 |
++platform_fini(void *data) |
3032 |
++{ |
3033 |
++ struct priv *priv = data; |
3034 |
++ |
3035 |
++ iounmap(priv->rom); |
3036 |
++ kfree(priv); |
3037 |
++} |
3038 |
++ |
3039 |
+ const struct nvbios_source |
3040 |
+ nvbios_platform = { |
3041 |
+ .name = "PLATFORM", |
3042 |
+ .init = platform_init, |
3043 |
+- .fini = (void(*)(void *))kfree, |
3044 |
++ .fini = platform_fini, |
3045 |
+ .read = pcirom_read, |
3046 |
+ .rw = true, |
3047 |
+ }; |
3048 |
+diff --git a/drivers/gpu/drm/omapdrm/dss/omapdss-boot-init.c b/drivers/gpu/drm/omapdrm/dss/omapdss-boot-init.c |
3049 |
+index 3bfb95d230e0e..d8fb686c1fda9 100644 |
3050 |
+--- a/drivers/gpu/drm/omapdrm/dss/omapdss-boot-init.c |
3051 |
++++ b/drivers/gpu/drm/omapdrm/dss/omapdss-boot-init.c |
3052 |
+@@ -193,7 +193,7 @@ static int __init omapdss_boot_init(void) |
3053 |
+ dss = of_find_matching_node(NULL, omapdss_of_match); |
3054 |
+ |
3055 |
+ if (dss == NULL || !of_device_is_available(dss)) |
3056 |
+- return 0; |
3057 |
++ goto put_node; |
3058 |
+ |
3059 |
+ omapdss_walk_device(dss, true); |
3060 |
+ |
3061 |
+@@ -218,6 +218,8 @@ static int __init omapdss_boot_init(void) |
3062 |
+ kfree(n); |
3063 |
+ } |
3064 |
+ |
3065 |
++put_node: |
3066 |
++ of_node_put(dss); |
3067 |
+ return 0; |
3068 |
+ } |
3069 |
+ |
3070 |
+diff --git a/drivers/gpu/drm/radeon/radeon_bios.c b/drivers/gpu/drm/radeon/radeon_bios.c |
3071 |
+index 04c0ed41374f1..dd0528cf98183 100644 |
3072 |
+--- a/drivers/gpu/drm/radeon/radeon_bios.c |
3073 |
++++ b/drivers/gpu/drm/radeon/radeon_bios.c |
3074 |
+@@ -104,25 +104,33 @@ static bool radeon_read_bios(struct radeon_device *rdev) |
3075 |
+ |
3076 |
+ static bool radeon_read_platform_bios(struct radeon_device *rdev) |
3077 |
+ { |
3078 |
+- uint8_t __iomem *bios; |
3079 |
+- size_t size; |
3080 |
++ phys_addr_t rom = rdev->pdev->rom; |
3081 |
++ size_t romlen = rdev->pdev->romlen; |
3082 |
++ void __iomem *bios; |
3083 |
+ |
3084 |
+ rdev->bios = NULL; |
3085 |
+ |
3086 |
+- bios = pci_platform_rom(rdev->pdev, &size); |
3087 |
+- if (!bios) { |
3088 |
++ if (!rom || romlen == 0) |
3089 |
+ return false; |
3090 |
+- } |
3091 |
+ |
3092 |
+- if (size == 0 || bios[0] != 0x55 || bios[1] != 0xaa) { |
3093 |
++ rdev->bios = kzalloc(romlen, GFP_KERNEL); |
3094 |
++ if (!rdev->bios) |
3095 |
+ return false; |
3096 |
+- } |
3097 |
+- rdev->bios = kmemdup(bios, size, GFP_KERNEL); |
3098 |
+- if (rdev->bios == NULL) { |
3099 |
+- return false; |
3100 |
+- } |
3101 |
++ |
3102 |
++ bios = ioremap(rom, romlen); |
3103 |
++ if (!bios) |
3104 |
++ goto free_bios; |
3105 |
++ |
3106 |
++ memcpy_fromio(rdev->bios, bios, romlen); |
3107 |
++ iounmap(bios); |
3108 |
++ |
3109 |
++ if (rdev->bios[0] != 0x55 || rdev->bios[1] != 0xaa) |
3110 |
++ goto free_bios; |
3111 |
+ |
3112 |
+ return true; |
3113 |
++free_bios: |
3114 |
++ kfree(rdev->bios); |
3115 |
++ return false; |
3116 |
+ } |
3117 |
+ |
3118 |
+ #ifdef CONFIG_ACPI |
3119 |
+diff --git a/drivers/gpu/drm/sun4i/sun8i_csc.h b/drivers/gpu/drm/sun4i/sun8i_csc.h |
3120 |
+index 880e8fbb08556..242752b2d328c 100644 |
3121 |
+--- a/drivers/gpu/drm/sun4i/sun8i_csc.h |
3122 |
++++ b/drivers/gpu/drm/sun4i/sun8i_csc.h |
3123 |
+@@ -14,7 +14,7 @@ struct sun8i_mixer; |
3124 |
+ |
3125 |
+ /* VI channel CSC units offsets */ |
3126 |
+ #define CCSC00_OFFSET 0xAA050 |
3127 |
+-#define CCSC01_OFFSET 0xFA000 |
3128 |
++#define CCSC01_OFFSET 0xFA050 |
3129 |
+ #define CCSC10_OFFSET 0xA0000 |
3130 |
+ #define CCSC11_OFFSET 0xF0000 |
3131 |
+ |
3132 |
+diff --git a/drivers/gpu/drm/vc4/vc4_hdmi.c b/drivers/gpu/drm/vc4/vc4_hdmi.c |
3133 |
+index 86b98856756d9..1161662664577 100644 |
3134 |
+--- a/drivers/gpu/drm/vc4/vc4_hdmi.c |
3135 |
++++ b/drivers/gpu/drm/vc4/vc4_hdmi.c |
3136 |
+@@ -1134,6 +1134,7 @@ static int vc4_hdmi_audio_init(struct vc4_hdmi *hdmi) |
3137 |
+ card->num_links = 1; |
3138 |
+ card->name = "vc4-hdmi"; |
3139 |
+ card->dev = dev; |
3140 |
++ card->owner = THIS_MODULE; |
3141 |
+ |
3142 |
+ /* |
3143 |
+ * Be careful, snd_soc_register_card() calls dev_set_drvdata() and |
3144 |
+diff --git a/drivers/i2c/i2c-core-base.c b/drivers/i2c/i2c-core-base.c |
3145 |
+index f225bef1e043c..41dd0a08a625c 100644 |
3146 |
+--- a/drivers/i2c/i2c-core-base.c |
3147 |
++++ b/drivers/i2c/i2c-core-base.c |
3148 |
+@@ -1292,8 +1292,8 @@ static int i2c_register_adapter(struct i2c_adapter *adap) |
3149 |
+ |
3150 |
+ /* create pre-declared device nodes */ |
3151 |
+ of_i2c_register_devices(adap); |
3152 |
+- i2c_acpi_register_devices(adap); |
3153 |
+ i2c_acpi_install_space_handler(adap); |
3154 |
++ i2c_acpi_register_devices(adap); |
3155 |
+ |
3156 |
+ if (adap->nr < __i2c_first_dynamic_bus_num) |
3157 |
+ i2c_scan_static_board_info(adap); |
3158 |
+diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c |
3159 |
+index 64f206e11d497..4ebf63360a697 100644 |
3160 |
+--- a/drivers/infiniband/core/cm.c |
3161 |
++++ b/drivers/infiniband/core/cm.c |
3162 |
+@@ -1100,14 +1100,22 @@ retest: |
3163 |
+ break; |
3164 |
+ } |
3165 |
+ |
3166 |
+- spin_lock_irq(&cm.lock); |
3167 |
++ spin_lock_irq(&cm_id_priv->lock); |
3168 |
++ spin_lock(&cm.lock); |
3169 |
++ /* Required for cleanup paths related cm_req_handler() */ |
3170 |
++ if (cm_id_priv->timewait_info) { |
3171 |
++ cm_cleanup_timewait(cm_id_priv->timewait_info); |
3172 |
++ kfree(cm_id_priv->timewait_info); |
3173 |
++ cm_id_priv->timewait_info = NULL; |
3174 |
++ } |
3175 |
+ if (!list_empty(&cm_id_priv->altr_list) && |
3176 |
+ (!cm_id_priv->altr_send_port_not_ready)) |
3177 |
+ list_del(&cm_id_priv->altr_list); |
3178 |
+ if (!list_empty(&cm_id_priv->prim_list) && |
3179 |
+ (!cm_id_priv->prim_send_port_not_ready)) |
3180 |
+ list_del(&cm_id_priv->prim_list); |
3181 |
+- spin_unlock_irq(&cm.lock); |
3182 |
++ spin_unlock(&cm.lock); |
3183 |
++ spin_unlock_irq(&cm_id_priv->lock); |
3184 |
+ |
3185 |
+ cm_free_id(cm_id->local_id); |
3186 |
+ cm_deref_id(cm_id_priv); |
3187 |
+@@ -1424,7 +1432,7 @@ int ib_send_cm_req(struct ib_cm_id *cm_id, |
3188 |
+ /* Verify that we're not in timewait. */ |
3189 |
+ cm_id_priv = container_of(cm_id, struct cm_id_private, id); |
3190 |
+ spin_lock_irqsave(&cm_id_priv->lock, flags); |
3191 |
+- if (cm_id->state != IB_CM_IDLE) { |
3192 |
++ if (cm_id->state != IB_CM_IDLE || WARN_ON(cm_id_priv->timewait_info)) { |
3193 |
+ spin_unlock_irqrestore(&cm_id_priv->lock, flags); |
3194 |
+ ret = -EINVAL; |
3195 |
+ goto out; |
3196 |
+@@ -1442,12 +1450,12 @@ int ib_send_cm_req(struct ib_cm_id *cm_id, |
3197 |
+ param->ppath_sgid_attr, &cm_id_priv->av, |
3198 |
+ cm_id_priv); |
3199 |
+ if (ret) |
3200 |
+- goto error1; |
3201 |
++ goto out; |
3202 |
+ if (param->alternate_path) { |
3203 |
+ ret = cm_init_av_by_path(param->alternate_path, NULL, |
3204 |
+ &cm_id_priv->alt_av, cm_id_priv); |
3205 |
+ if (ret) |
3206 |
+- goto error1; |
3207 |
++ goto out; |
3208 |
+ } |
3209 |
+ cm_id->service_id = param->service_id; |
3210 |
+ cm_id->service_mask = ~cpu_to_be64(0); |
3211 |
+@@ -1465,7 +1473,7 @@ int ib_send_cm_req(struct ib_cm_id *cm_id, |
3212 |
+ |
3213 |
+ ret = cm_alloc_msg(cm_id_priv, &cm_id_priv->msg); |
3214 |
+ if (ret) |
3215 |
+- goto error1; |
3216 |
++ goto out; |
3217 |
+ |
3218 |
+ req_msg = (struct cm_req_msg *) cm_id_priv->msg->mad; |
3219 |
+ cm_format_req(req_msg, cm_id_priv, param); |
3220 |
+@@ -1488,7 +1496,6 @@ int ib_send_cm_req(struct ib_cm_id *cm_id, |
3221 |
+ return 0; |
3222 |
+ |
3223 |
+ error2: cm_free_msg(cm_id_priv->msg); |
3224 |
+-error1: kfree(cm_id_priv->timewait_info); |
3225 |
+ out: return ret; |
3226 |
+ } |
3227 |
+ EXPORT_SYMBOL(ib_send_cm_req); |
3228 |
+@@ -1973,7 +1980,7 @@ static int cm_req_handler(struct cm_work *work) |
3229 |
+ pr_debug("%s: local_id %d, no listen_cm_id_priv\n", __func__, |
3230 |
+ be32_to_cpu(cm_id->local_id)); |
3231 |
+ ret = -EINVAL; |
3232 |
+- goto free_timeinfo; |
3233 |
++ goto destroy; |
3234 |
+ } |
3235 |
+ |
3236 |
+ cm_id_priv->id.cm_handler = listen_cm_id_priv->id.cm_handler; |
3237 |
+@@ -2057,8 +2064,6 @@ static int cm_req_handler(struct cm_work *work) |
3238 |
+ rejected: |
3239 |
+ atomic_dec(&cm_id_priv->refcount); |
3240 |
+ cm_deref_id(listen_cm_id_priv); |
3241 |
+-free_timeinfo: |
3242 |
+- kfree(cm_id_priv->timewait_info); |
3243 |
+ destroy: |
3244 |
+ ib_destroy_cm_id(cm_id); |
3245 |
+ return ret; |
3246 |
+diff --git a/drivers/infiniband/hw/cxgb4/cm.c b/drivers/infiniband/hw/cxgb4/cm.c |
3247 |
+index 16145b0a14583..3fd3dfa3478b7 100644 |
3248 |
+--- a/drivers/infiniband/hw/cxgb4/cm.c |
3249 |
++++ b/drivers/infiniband/hw/cxgb4/cm.c |
3250 |
+@@ -3293,7 +3293,7 @@ int c4iw_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) |
3251 |
+ if (raddr->sin_addr.s_addr == htonl(INADDR_ANY)) { |
3252 |
+ err = pick_local_ipaddrs(dev, cm_id); |
3253 |
+ if (err) |
3254 |
+- goto fail2; |
3255 |
++ goto fail3; |
3256 |
+ } |
3257 |
+ |
3258 |
+ /* find a route */ |
3259 |
+@@ -3315,7 +3315,7 @@ int c4iw_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param) |
3260 |
+ if (ipv6_addr_type(&raddr6->sin6_addr) == IPV6_ADDR_ANY) { |
3261 |
+ err = pick_local_ip6addrs(dev, cm_id); |
3262 |
+ if (err) |
3263 |
+- goto fail2; |
3264 |
++ goto fail3; |
3265 |
+ } |
3266 |
+ |
3267 |
+ /* find a route */ |
3268 |
+diff --git a/drivers/infiniband/hw/i40iw/i40iw_cm.c b/drivers/infiniband/hw/i40iw/i40iw_cm.c |
3269 |
+index 4321b9e3dbb4b..0273d0404e740 100644 |
3270 |
+--- a/drivers/infiniband/hw/i40iw/i40iw_cm.c |
3271 |
++++ b/drivers/infiniband/hw/i40iw/i40iw_cm.c |
3272 |
+@@ -2071,9 +2071,9 @@ static int i40iw_addr_resolve_neigh_ipv6(struct i40iw_device *iwdev, |
3273 |
+ dst = i40iw_get_dst_ipv6(&src_addr, &dst_addr); |
3274 |
+ if (!dst || dst->error) { |
3275 |
+ if (dst) { |
3276 |
+- dst_release(dst); |
3277 |
+ i40iw_pr_err("ip6_route_output returned dst->error = %d\n", |
3278 |
+ dst->error); |
3279 |
++ dst_release(dst); |
3280 |
+ } |
3281 |
+ return rc; |
3282 |
+ } |
3283 |
+diff --git a/drivers/infiniband/hw/qedr/qedr_iw_cm.c b/drivers/infiniband/hw/qedr/qedr_iw_cm.c |
3284 |
+index 2566715773675..e908dfbaa1378 100644 |
3285 |
+--- a/drivers/infiniband/hw/qedr/qedr_iw_cm.c |
3286 |
++++ b/drivers/infiniband/hw/qedr/qedr_iw_cm.c |
3287 |
+@@ -460,10 +460,10 @@ qedr_addr6_resolve(struct qedr_dev *dev, |
3288 |
+ |
3289 |
+ if ((!dst) || dst->error) { |
3290 |
+ if (dst) { |
3291 |
+- dst_release(dst); |
3292 |
+ DP_ERR(dev, |
3293 |
+ "ip6_route_output returned dst->error = %d\n", |
3294 |
+ dst->error); |
3295 |
++ dst_release(dst); |
3296 |
+ } |
3297 |
+ return -EINVAL; |
3298 |
+ } |
3299 |
+diff --git a/drivers/infiniband/sw/rxe/rxe.c b/drivers/infiniband/sw/rxe/rxe.c |
3300 |
+index 94dedabe648c2..6589ff51eaf5c 100644 |
3301 |
+--- a/drivers/infiniband/sw/rxe/rxe.c |
3302 |
++++ b/drivers/infiniband/sw/rxe/rxe.c |
3303 |
+@@ -121,6 +121,8 @@ static void rxe_init_device_param(struct rxe_dev *rxe) |
3304 |
+ rxe->attr.max_fast_reg_page_list_len = RXE_MAX_FMR_PAGE_LIST_LEN; |
3305 |
+ rxe->attr.max_pkeys = RXE_MAX_PKEYS; |
3306 |
+ rxe->attr.local_ca_ack_delay = RXE_LOCAL_CA_ACK_DELAY; |
3307 |
++ addrconf_addr_eui48((unsigned char *)&rxe->attr.sys_image_guid, |
3308 |
++ rxe->ndev->dev_addr); |
3309 |
+ |
3310 |
+ rxe->max_ucontext = RXE_MAX_UCONTEXT; |
3311 |
+ } |
3312 |
+diff --git a/drivers/infiniband/sw/rxe/rxe_qp.c b/drivers/infiniband/sw/rxe/rxe_qp.c |
3313 |
+index 230697fa31fe3..8a22ab8b29e9b 100644 |
3314 |
+--- a/drivers/infiniband/sw/rxe/rxe_qp.c |
3315 |
++++ b/drivers/infiniband/sw/rxe/rxe_qp.c |
3316 |
+@@ -583,15 +583,16 @@ int rxe_qp_from_attr(struct rxe_qp *qp, struct ib_qp_attr *attr, int mask, |
3317 |
+ int err; |
3318 |
+ |
3319 |
+ if (mask & IB_QP_MAX_QP_RD_ATOMIC) { |
3320 |
+- int max_rd_atomic = __roundup_pow_of_two(attr->max_rd_atomic); |
3321 |
++ int max_rd_atomic = attr->max_rd_atomic ? |
3322 |
++ roundup_pow_of_two(attr->max_rd_atomic) : 0; |
3323 |
+ |
3324 |
+ qp->attr.max_rd_atomic = max_rd_atomic; |
3325 |
+ atomic_set(&qp->req.rd_atomic, max_rd_atomic); |
3326 |
+ } |
3327 |
+ |
3328 |
+ if (mask & IB_QP_MAX_DEST_RD_ATOMIC) { |
3329 |
+- int max_dest_rd_atomic = |
3330 |
+- __roundup_pow_of_two(attr->max_dest_rd_atomic); |
3331 |
++ int max_dest_rd_atomic = attr->max_dest_rd_atomic ? |
3332 |
++ roundup_pow_of_two(attr->max_dest_rd_atomic) : 0; |
3333 |
+ |
3334 |
+ qp->attr.max_dest_rd_atomic = max_dest_rd_atomic; |
3335 |
+ |
3336 |
+diff --git a/drivers/leds/leds-mlxreg.c b/drivers/leds/leds-mlxreg.c |
3337 |
+index 1ee48cb21df95..022e973dc7c31 100644 |
3338 |
+--- a/drivers/leds/leds-mlxreg.c |
3339 |
++++ b/drivers/leds/leds-mlxreg.c |
3340 |
+@@ -209,8 +209,8 @@ static int mlxreg_led_config(struct mlxreg_led_priv_data *priv) |
3341 |
+ brightness = LED_OFF; |
3342 |
+ led_data->base_color = MLXREG_LED_GREEN_SOLID; |
3343 |
+ } |
3344 |
+- sprintf(led_data->led_cdev_name, "%s:%s", "mlxreg", |
3345 |
+- data->label); |
3346 |
++ snprintf(led_data->led_cdev_name, sizeof(led_data->led_cdev_name), |
3347 |
++ "mlxreg:%s", data->label); |
3348 |
+ led_cdev->name = led_data->led_cdev_name; |
3349 |
+ led_cdev->brightness = brightness; |
3350 |
+ led_cdev->max_brightness = LED_ON; |
3351 |
+diff --git a/drivers/md/bcache/bcache.h b/drivers/md/bcache/bcache.h |
3352 |
+index 1cc6ae3e058c6..6a380ed4919a0 100644 |
3353 |
+--- a/drivers/md/bcache/bcache.h |
3354 |
++++ b/drivers/md/bcache/bcache.h |
3355 |
+@@ -585,6 +585,7 @@ struct cache_set { |
3356 |
+ */ |
3357 |
+ wait_queue_head_t btree_cache_wait; |
3358 |
+ struct task_struct *btree_cache_alloc_lock; |
3359 |
++ spinlock_t btree_cannibalize_lock; |
3360 |
+ |
3361 |
+ /* |
3362 |
+ * When we free a btree node, we increment the gen of the bucket the |
3363 |
+diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c |
3364 |
+index d320574b9a4c8..e388e7bb7b5db 100644 |
3365 |
+--- a/drivers/md/bcache/btree.c |
3366 |
++++ b/drivers/md/bcache/btree.c |
3367 |
+@@ -876,15 +876,17 @@ out: |
3368 |
+ |
3369 |
+ static int mca_cannibalize_lock(struct cache_set *c, struct btree_op *op) |
3370 |
+ { |
3371 |
+- struct task_struct *old; |
3372 |
+- |
3373 |
+- old = cmpxchg(&c->btree_cache_alloc_lock, NULL, current); |
3374 |
+- if (old && old != current) { |
3375 |
++ spin_lock(&c->btree_cannibalize_lock); |
3376 |
++ if (likely(c->btree_cache_alloc_lock == NULL)) { |
3377 |
++ c->btree_cache_alloc_lock = current; |
3378 |
++ } else if (c->btree_cache_alloc_lock != current) { |
3379 |
+ if (op) |
3380 |
+ prepare_to_wait(&c->btree_cache_wait, &op->wait, |
3381 |
+ TASK_UNINTERRUPTIBLE); |
3382 |
++ spin_unlock(&c->btree_cannibalize_lock); |
3383 |
+ return -EINTR; |
3384 |
+ } |
3385 |
++ spin_unlock(&c->btree_cannibalize_lock); |
3386 |
+ |
3387 |
+ return 0; |
3388 |
+ } |
3389 |
+@@ -919,10 +921,12 @@ static struct btree *mca_cannibalize(struct cache_set *c, struct btree_op *op, |
3390 |
+ */ |
3391 |
+ static void bch_cannibalize_unlock(struct cache_set *c) |
3392 |
+ { |
3393 |
++ spin_lock(&c->btree_cannibalize_lock); |
3394 |
+ if (c->btree_cache_alloc_lock == current) { |
3395 |
+ c->btree_cache_alloc_lock = NULL; |
3396 |
+ wake_up(&c->btree_cache_wait); |
3397 |
+ } |
3398 |
++ spin_unlock(&c->btree_cannibalize_lock); |
3399 |
+ } |
3400 |
+ |
3401 |
+ static struct btree *mca_alloc(struct cache_set *c, struct btree_op *op, |
3402 |
+diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c |
3403 |
+index 825bfde10c694..7787ec42f81e1 100644 |
3404 |
+--- a/drivers/md/bcache/super.c |
3405 |
++++ b/drivers/md/bcache/super.c |
3406 |
+@@ -1737,6 +1737,7 @@ struct cache_set *bch_cache_set_alloc(struct cache_sb *sb) |
3407 |
+ sema_init(&c->sb_write_mutex, 1); |
3408 |
+ mutex_init(&c->bucket_lock); |
3409 |
+ init_waitqueue_head(&c->btree_cache_wait); |
3410 |
++ spin_lock_init(&c->btree_cannibalize_lock); |
3411 |
+ init_waitqueue_head(&c->bucket_wait); |
3412 |
+ init_waitqueue_head(&c->gc_wait); |
3413 |
+ sema_init(&c->uuid_write_mutex, 1); |
3414 |
+diff --git a/drivers/media/dvb-frontends/tda10071.c b/drivers/media/dvb-frontends/tda10071.c |
3415 |
+index 097c42d3f8c26..df0c7243eafe4 100644 |
3416 |
+--- a/drivers/media/dvb-frontends/tda10071.c |
3417 |
++++ b/drivers/media/dvb-frontends/tda10071.c |
3418 |
+@@ -483,10 +483,11 @@ static int tda10071_read_status(struct dvb_frontend *fe, enum fe_status *status) |
3419 |
+ goto error; |
3420 |
+ |
3421 |
+ if (dev->delivery_system == SYS_DVBS) { |
3422 |
+- dev->dvbv3_ber = buf[0] << 24 | buf[1] << 16 | |
3423 |
+- buf[2] << 8 | buf[3] << 0; |
3424 |
+- dev->post_bit_error += buf[0] << 24 | buf[1] << 16 | |
3425 |
+- buf[2] << 8 | buf[3] << 0; |
3426 |
++ u32 bit_error = buf[0] << 24 | buf[1] << 16 | |
3427 |
++ buf[2] << 8 | buf[3] << 0; |
3428 |
++ |
3429 |
++ dev->dvbv3_ber = bit_error; |
3430 |
++ dev->post_bit_error += bit_error; |
3431 |
+ c->post_bit_error.stat[0].scale = FE_SCALE_COUNTER; |
3432 |
+ c->post_bit_error.stat[0].uvalue = dev->post_bit_error; |
3433 |
+ dev->block_error += buf[4] << 8 | buf[5] << 0; |
3434 |
+diff --git a/drivers/media/i2c/smiapp/smiapp-core.c b/drivers/media/i2c/smiapp/smiapp-core.c |
3435 |
+index 4731e1c72f960..0a434bdce3b3b 100644 |
3436 |
+--- a/drivers/media/i2c/smiapp/smiapp-core.c |
3437 |
++++ b/drivers/media/i2c/smiapp/smiapp-core.c |
3438 |
+@@ -2337,11 +2337,12 @@ smiapp_sysfs_nvm_read(struct device *dev, struct device_attribute *attr, |
3439 |
+ if (rval < 0) { |
3440 |
+ if (rval != -EBUSY && rval != -EAGAIN) |
3441 |
+ pm_runtime_set_active(&client->dev); |
3442 |
+- pm_runtime_put(&client->dev); |
3443 |
++ pm_runtime_put_noidle(&client->dev); |
3444 |
+ return -ENODEV; |
3445 |
+ } |
3446 |
+ |
3447 |
+ if (smiapp_read_nvm(sensor, sensor->nvm)) { |
3448 |
++ pm_runtime_put(&client->dev); |
3449 |
+ dev_err(&client->dev, "nvm read failed\n"); |
3450 |
+ return -ENODEV; |
3451 |
+ } |
3452 |
+diff --git a/drivers/media/media-device.c b/drivers/media/media-device.c |
3453 |
+index ed518b1f82e4a..d04ed438a45de 100644 |
3454 |
+--- a/drivers/media/media-device.c |
3455 |
++++ b/drivers/media/media-device.c |
3456 |
+@@ -568,6 +568,38 @@ static void media_device_release(struct media_devnode *devnode) |
3457 |
+ dev_dbg(devnode->parent, "Media device released\n"); |
3458 |
+ } |
3459 |
+ |
3460 |
++static void __media_device_unregister_entity(struct media_entity *entity) |
3461 |
++{ |
3462 |
++ struct media_device *mdev = entity->graph_obj.mdev; |
3463 |
++ struct media_link *link, *tmp; |
3464 |
++ struct media_interface *intf; |
3465 |
++ unsigned int i; |
3466 |
++ |
3467 |
++ ida_free(&mdev->entity_internal_idx, entity->internal_idx); |
3468 |
++ |
3469 |
++ /* Remove all interface links pointing to this entity */ |
3470 |
++ list_for_each_entry(intf, &mdev->interfaces, graph_obj.list) { |
3471 |
++ list_for_each_entry_safe(link, tmp, &intf->links, list) { |
3472 |
++ if (link->entity == entity) |
3473 |
++ __media_remove_intf_link(link); |
3474 |
++ } |
3475 |
++ } |
3476 |
++ |
3477 |
++ /* Remove all data links that belong to this entity */ |
3478 |
++ __media_entity_remove_links(entity); |
3479 |
++ |
3480 |
++ /* Remove all pads that belong to this entity */ |
3481 |
++ for (i = 0; i < entity->num_pads; i++) |
3482 |
++ media_gobj_destroy(&entity->pads[i].graph_obj); |
3483 |
++ |
3484 |
++ /* Remove the entity */ |
3485 |
++ media_gobj_destroy(&entity->graph_obj); |
3486 |
++ |
3487 |
++ /* invoke entity_notify callbacks to handle entity removal?? */ |
3488 |
++ |
3489 |
++ entity->graph_obj.mdev = NULL; |
3490 |
++} |
3491 |
++ |
3492 |
+ /** |
3493 |
+ * media_device_register_entity - Register an entity with a media device |
3494 |
+ * @mdev: The media device |
3495 |
+@@ -625,6 +657,7 @@ int __must_check media_device_register_entity(struct media_device *mdev, |
3496 |
+ */ |
3497 |
+ ret = media_graph_walk_init(&new, mdev); |
3498 |
+ if (ret) { |
3499 |
++ __media_device_unregister_entity(entity); |
3500 |
+ mutex_unlock(&mdev->graph_mutex); |
3501 |
+ return ret; |
3502 |
+ } |
3503 |
+@@ -637,38 +670,6 @@ int __must_check media_device_register_entity(struct media_device *mdev, |
3504 |
+ } |
3505 |
+ EXPORT_SYMBOL_GPL(media_device_register_entity); |
3506 |
+ |
3507 |
+-static void __media_device_unregister_entity(struct media_entity *entity) |
3508 |
+-{ |
3509 |
+- struct media_device *mdev = entity->graph_obj.mdev; |
3510 |
+- struct media_link *link, *tmp; |
3511 |
+- struct media_interface *intf; |
3512 |
+- unsigned int i; |
3513 |
+- |
3514 |
+- ida_free(&mdev->entity_internal_idx, entity->internal_idx); |
3515 |
+- |
3516 |
+- /* Remove all interface links pointing to this entity */ |
3517 |
+- list_for_each_entry(intf, &mdev->interfaces, graph_obj.list) { |
3518 |
+- list_for_each_entry_safe(link, tmp, &intf->links, list) { |
3519 |
+- if (link->entity == entity) |
3520 |
+- __media_remove_intf_link(link); |
3521 |
+- } |
3522 |
+- } |
3523 |
+- |
3524 |
+- /* Remove all data links that belong to this entity */ |
3525 |
+- __media_entity_remove_links(entity); |
3526 |
+- |
3527 |
+- /* Remove all pads that belong to this entity */ |
3528 |
+- for (i = 0; i < entity->num_pads; i++) |
3529 |
+- media_gobj_destroy(&entity->pads[i].graph_obj); |
3530 |
+- |
3531 |
+- /* Remove the entity */ |
3532 |
+- media_gobj_destroy(&entity->graph_obj); |
3533 |
+- |
3534 |
+- /* invoke entity_notify callbacks to handle entity removal?? */ |
3535 |
+- |
3536 |
+- entity->graph_obj.mdev = NULL; |
3537 |
+-} |
3538 |
+- |
3539 |
+ void media_device_unregister_entity(struct media_entity *entity) |
3540 |
+ { |
3541 |
+ struct media_device *mdev = entity->graph_obj.mdev; |
3542 |
+diff --git a/drivers/media/platform/ti-vpe/cal.c b/drivers/media/platform/ti-vpe/cal.c |
3543 |
+index be3155275a6ba..d945323fc437d 100644 |
3544 |
+--- a/drivers/media/platform/ti-vpe/cal.c |
3545 |
++++ b/drivers/media/platform/ti-vpe/cal.c |
3546 |
+@@ -684,12 +684,13 @@ static void pix_proc_config(struct cal_ctx *ctx) |
3547 |
+ } |
3548 |
+ |
3549 |
+ static void cal_wr_dma_config(struct cal_ctx *ctx, |
3550 |
+- unsigned int width) |
3551 |
++ unsigned int width, unsigned int height) |
3552 |
+ { |
3553 |
+ u32 val; |
3554 |
+ |
3555 |
+ val = reg_read(ctx->dev, CAL_WR_DMA_CTRL(ctx->csi2_port)); |
3556 |
+ set_field(&val, ctx->csi2_port, CAL_WR_DMA_CTRL_CPORT_MASK); |
3557 |
++ set_field(&val, height, CAL_WR_DMA_CTRL_YSIZE_MASK); |
3558 |
+ set_field(&val, CAL_WR_DMA_CTRL_DTAG_PIX_DAT, |
3559 |
+ CAL_WR_DMA_CTRL_DTAG_MASK); |
3560 |
+ set_field(&val, CAL_WR_DMA_CTRL_MODE_CONST, |
3561 |
+@@ -1315,7 +1316,8 @@ static int cal_start_streaming(struct vb2_queue *vq, unsigned int count) |
3562 |
+ csi2_lane_config(ctx); |
3563 |
+ csi2_ctx_config(ctx); |
3564 |
+ pix_proc_config(ctx); |
3565 |
+- cal_wr_dma_config(ctx, ctx->v_fmt.fmt.pix.bytesperline); |
3566 |
++ cal_wr_dma_config(ctx, ctx->v_fmt.fmt.pix.bytesperline, |
3567 |
++ ctx->v_fmt.fmt.pix.height); |
3568 |
+ cal_wr_dma_addr(ctx, addr); |
3569 |
+ csi2_ppi_enable(ctx); |
3570 |
+ |
3571 |
+diff --git a/drivers/media/usb/go7007/go7007-usb.c b/drivers/media/usb/go7007/go7007-usb.c |
3572 |
+index 19c6a0354ce00..b84a6f6548610 100644 |
3573 |
+--- a/drivers/media/usb/go7007/go7007-usb.c |
3574 |
++++ b/drivers/media/usb/go7007/go7007-usb.c |
3575 |
+@@ -1052,6 +1052,7 @@ static int go7007_usb_probe(struct usb_interface *intf, |
3576 |
+ struct go7007_usb *usb; |
3577 |
+ const struct go7007_usb_board *board; |
3578 |
+ struct usb_device *usbdev = interface_to_usbdev(intf); |
3579 |
++ struct usb_host_endpoint *ep; |
3580 |
+ unsigned num_i2c_devs; |
3581 |
+ char *name; |
3582 |
+ int video_pipe, i, v_urb_len; |
3583 |
+@@ -1148,7 +1149,8 @@ static int go7007_usb_probe(struct usb_interface *intf, |
3584 |
+ if (usb->intr_urb->transfer_buffer == NULL) |
3585 |
+ goto allocfail; |
3586 |
+ |
3587 |
+- if (go->board_id == GO7007_BOARDID_SENSORAY_2250) |
3588 |
++ ep = usb->usbdev->ep_in[4]; |
3589 |
++ if (usb_endpoint_type(&ep->desc) == USB_ENDPOINT_XFER_BULK) |
3590 |
+ usb_fill_bulk_urb(usb->intr_urb, usb->usbdev, |
3591 |
+ usb_rcvbulkpipe(usb->usbdev, 4), |
3592 |
+ usb->intr_urb->transfer_buffer, 2*sizeof(u16), |
3593 |
+diff --git a/drivers/mfd/mfd-core.c b/drivers/mfd/mfd-core.c |
3594 |
+index 182973df1aed4..77c965c6a65f1 100644 |
3595 |
+--- a/drivers/mfd/mfd-core.c |
3596 |
++++ b/drivers/mfd/mfd-core.c |
3597 |
+@@ -32,6 +32,11 @@ int mfd_cell_enable(struct platform_device *pdev) |
3598 |
+ const struct mfd_cell *cell = mfd_get_cell(pdev); |
3599 |
+ int err = 0; |
3600 |
+ |
3601 |
++ if (!cell->enable) { |
3602 |
++ dev_dbg(&pdev->dev, "No .enable() call-back registered\n"); |
3603 |
++ return 0; |
3604 |
++ } |
3605 |
++ |
3606 |
+ /* only call enable hook if the cell wasn't previously enabled */ |
3607 |
+ if (atomic_inc_return(cell->usage_count) == 1) |
3608 |
+ err = cell->enable(pdev); |
3609 |
+@@ -49,6 +54,11 @@ int mfd_cell_disable(struct platform_device *pdev) |
3610 |
+ const struct mfd_cell *cell = mfd_get_cell(pdev); |
3611 |
+ int err = 0; |
3612 |
+ |
3613 |
++ if (!cell->disable) { |
3614 |
++ dev_dbg(&pdev->dev, "No .disable() call-back registered\n"); |
3615 |
++ return 0; |
3616 |
++ } |
3617 |
++ |
3618 |
+ /* only disable if no other clients are using it */ |
3619 |
+ if (atomic_dec_return(cell->usage_count) == 0) |
3620 |
+ err = cell->disable(pdev); |
3621 |
+diff --git a/drivers/mmc/core/mmc.c b/drivers/mmc/core/mmc.c |
3622 |
+index 5ca53e225382d..4b18034537f53 100644 |
3623 |
+--- a/drivers/mmc/core/mmc.c |
3624 |
++++ b/drivers/mmc/core/mmc.c |
3625 |
+@@ -300,7 +300,7 @@ static void mmc_manage_enhanced_area(struct mmc_card *card, u8 *ext_csd) |
3626 |
+ } |
3627 |
+ } |
3628 |
+ |
3629 |
+-static void mmc_part_add(struct mmc_card *card, unsigned int size, |
3630 |
++static void mmc_part_add(struct mmc_card *card, u64 size, |
3631 |
+ unsigned int part_cfg, char *name, int idx, bool ro, |
3632 |
+ int area_type) |
3633 |
+ { |
3634 |
+@@ -316,7 +316,7 @@ static void mmc_manage_gp_partitions(struct mmc_card *card, u8 *ext_csd) |
3635 |
+ { |
3636 |
+ int idx; |
3637 |
+ u8 hc_erase_grp_sz, hc_wp_grp_sz; |
3638 |
+- unsigned int part_size; |
3639 |
++ u64 part_size; |
3640 |
+ |
3641 |
+ /* |
3642 |
+ * General purpose partition feature support -- |
3643 |
+@@ -346,8 +346,7 @@ static void mmc_manage_gp_partitions(struct mmc_card *card, u8 *ext_csd) |
3644 |
+ (ext_csd[EXT_CSD_GP_SIZE_MULT + idx * 3 + 1] |
3645 |
+ << 8) + |
3646 |
+ ext_csd[EXT_CSD_GP_SIZE_MULT + idx * 3]; |
3647 |
+- part_size *= (size_t)(hc_erase_grp_sz * |
3648 |
+- hc_wp_grp_sz); |
3649 |
++ part_size *= (hc_erase_grp_sz * hc_wp_grp_sz); |
3650 |
+ mmc_part_add(card, part_size << 19, |
3651 |
+ EXT_CSD_PART_CONFIG_ACC_GP0 + idx, |
3652 |
+ "gp%d", idx, false, |
3653 |
+@@ -365,7 +364,7 @@ static void mmc_manage_gp_partitions(struct mmc_card *card, u8 *ext_csd) |
3654 |
+ static int mmc_decode_ext_csd(struct mmc_card *card, u8 *ext_csd) |
3655 |
+ { |
3656 |
+ int err = 0, idx; |
3657 |
+- unsigned int part_size; |
3658 |
++ u64 part_size; |
3659 |
+ struct device_node *np; |
3660 |
+ bool broken_hpi = false; |
3661 |
+ |
3662 |
+diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c |
3663 |
+index 1dbc9554a0786..3ab75d3e2ce32 100644 |
3664 |
+--- a/drivers/mtd/chips/cfi_cmdset_0002.c |
3665 |
++++ b/drivers/mtd/chips/cfi_cmdset_0002.c |
3666 |
+@@ -727,7 +727,6 @@ static struct mtd_info *cfi_amdstd_setup(struct mtd_info *mtd) |
3667 |
+ kfree(mtd->eraseregions); |
3668 |
+ kfree(mtd); |
3669 |
+ kfree(cfi->cmdset_priv); |
3670 |
+- kfree(cfi->cfiq); |
3671 |
+ return NULL; |
3672 |
+ } |
3673 |
+ |
3674 |
+diff --git a/drivers/mtd/cmdlinepart.c b/drivers/mtd/cmdlinepart.c |
3675 |
+index 3ea44cff9b759..c29205ee82e20 100644 |
3676 |
+--- a/drivers/mtd/cmdlinepart.c |
3677 |
++++ b/drivers/mtd/cmdlinepart.c |
3678 |
+@@ -231,12 +231,29 @@ static int mtdpart_setup_real(char *s) |
3679 |
+ struct cmdline_mtd_partition *this_mtd; |
3680 |
+ struct mtd_partition *parts; |
3681 |
+ int mtd_id_len, num_parts; |
3682 |
+- char *p, *mtd_id; |
3683 |
++ char *p, *mtd_id, *semicol; |
3684 |
++ |
3685 |
++ /* |
3686 |
++ * Replace the first ';' by a NULL char so strrchr can work |
3687 |
++ * properly. |
3688 |
++ */ |
3689 |
++ semicol = strchr(s, ';'); |
3690 |
++ if (semicol) |
3691 |
++ *semicol = '\0'; |
3692 |
+ |
3693 |
+ mtd_id = s; |
3694 |
+ |
3695 |
+- /* fetch <mtd-id> */ |
3696 |
+- p = strchr(s, ':'); |
3697 |
++ /* |
3698 |
++ * fetch <mtd-id>. We use strrchr to ignore all ':' that could |
3699 |
++ * be present in the MTD name, only the last one is interpreted |
3700 |
++ * as an <mtd-id>/<part-definition> separator. |
3701 |
++ */ |
3702 |
++ p = strrchr(s, ':'); |
3703 |
++ |
3704 |
++ /* Restore the ';' now. */ |
3705 |
++ if (semicol) |
3706 |
++ *semicol = ';'; |
3707 |
++ |
3708 |
+ if (!p) { |
3709 |
+ pr_err("no mtd-id\n"); |
3710 |
+ return -EINVAL; |
3711 |
+diff --git a/drivers/mtd/nand/raw/omap_elm.c b/drivers/mtd/nand/raw/omap_elm.c |
3712 |
+index a3f32f939cc17..6736777a41567 100644 |
3713 |
+--- a/drivers/mtd/nand/raw/omap_elm.c |
3714 |
++++ b/drivers/mtd/nand/raw/omap_elm.c |
3715 |
+@@ -421,6 +421,7 @@ static int elm_probe(struct platform_device *pdev) |
3716 |
+ pm_runtime_enable(&pdev->dev); |
3717 |
+ if (pm_runtime_get_sync(&pdev->dev) < 0) { |
3718 |
+ ret = -EINVAL; |
3719 |
++ pm_runtime_put_sync(&pdev->dev); |
3720 |
+ pm_runtime_disable(&pdev->dev); |
3721 |
+ dev_err(&pdev->dev, "can't enable clock\n"); |
3722 |
+ return ret; |
3723 |
+diff --git a/drivers/mtd/ubi/fastmap-wl.c b/drivers/mtd/ubi/fastmap-wl.c |
3724 |
+index 98f7d6be8d1fc..e08f6b4637dda 100644 |
3725 |
+--- a/drivers/mtd/ubi/fastmap-wl.c |
3726 |
++++ b/drivers/mtd/ubi/fastmap-wl.c |
3727 |
+@@ -48,6 +48,13 @@ static struct ubi_wl_entry *find_anchor_wl_entry(struct rb_root *root) |
3728 |
+ return victim; |
3729 |
+ } |
3730 |
+ |
3731 |
++static inline void return_unused_peb(struct ubi_device *ubi, |
3732 |
++ struct ubi_wl_entry *e) |
3733 |
++{ |
3734 |
++ wl_tree_add(e, &ubi->free); |
3735 |
++ ubi->free_count++; |
3736 |
++} |
3737 |
++ |
3738 |
+ /** |
3739 |
+ * return_unused_pool_pebs - returns unused PEB to the free tree. |
3740 |
+ * @ubi: UBI device description object |
3741 |
+@@ -61,23 +68,10 @@ static void return_unused_pool_pebs(struct ubi_device *ubi, |
3742 |
+ |
3743 |
+ for (i = pool->used; i < pool->size; i++) { |
3744 |
+ e = ubi->lookuptbl[pool->pebs[i]]; |
3745 |
+- wl_tree_add(e, &ubi->free); |
3746 |
+- ubi->free_count++; |
3747 |
++ return_unused_peb(ubi, e); |
3748 |
+ } |
3749 |
+ } |
3750 |
+ |
3751 |
+-static int anchor_pebs_available(struct rb_root *root) |
3752 |
+-{ |
3753 |
+- struct rb_node *p; |
3754 |
+- struct ubi_wl_entry *e; |
3755 |
+- |
3756 |
+- ubi_rb_for_each_entry(p, e, root, u.rb) |
3757 |
+- if (e->pnum < UBI_FM_MAX_START) |
3758 |
+- return 1; |
3759 |
+- |
3760 |
+- return 0; |
3761 |
+-} |
3762 |
+- |
3763 |
+ /** |
3764 |
+ * ubi_wl_get_fm_peb - find a physical erase block with a given maximal number. |
3765 |
+ * @ubi: UBI device description object |
3766 |
+@@ -286,8 +280,26 @@ static struct ubi_wl_entry *get_peb_for_wl(struct ubi_device *ubi) |
3767 |
+ int ubi_ensure_anchor_pebs(struct ubi_device *ubi) |
3768 |
+ { |
3769 |
+ struct ubi_work *wrk; |
3770 |
++ struct ubi_wl_entry *anchor; |
3771 |
+ |
3772 |
+ spin_lock(&ubi->wl_lock); |
3773 |
++ |
3774 |
++ /* Do we already have an anchor? */ |
3775 |
++ if (ubi->fm_anchor) { |
3776 |
++ spin_unlock(&ubi->wl_lock); |
3777 |
++ return 0; |
3778 |
++ } |
3779 |
++ |
3780 |
++ /* See if we can find an anchor PEB on the list of free PEBs */ |
3781 |
++ anchor = ubi_wl_get_fm_peb(ubi, 1); |
3782 |
++ if (anchor) { |
3783 |
++ ubi->fm_anchor = anchor; |
3784 |
++ spin_unlock(&ubi->wl_lock); |
3785 |
++ return 0; |
3786 |
++ } |
3787 |
++ |
3788 |
++ /* No luck, trigger wear leveling to produce a new anchor PEB */ |
3789 |
++ ubi->fm_do_produce_anchor = 1; |
3790 |
+ if (ubi->wl_scheduled) { |
3791 |
+ spin_unlock(&ubi->wl_lock); |
3792 |
+ return 0; |
3793 |
+@@ -303,7 +315,6 @@ int ubi_ensure_anchor_pebs(struct ubi_device *ubi) |
3794 |
+ return -ENOMEM; |
3795 |
+ } |
3796 |
+ |
3797 |
+- wrk->anchor = 1; |
3798 |
+ wrk->func = &wear_leveling_worker; |
3799 |
+ __schedule_ubi_work(ubi, wrk); |
3800 |
+ return 0; |
3801 |
+@@ -365,6 +376,11 @@ static void ubi_fastmap_close(struct ubi_device *ubi) |
3802 |
+ return_unused_pool_pebs(ubi, &ubi->fm_pool); |
3803 |
+ return_unused_pool_pebs(ubi, &ubi->fm_wl_pool); |
3804 |
+ |
3805 |
++ if (ubi->fm_anchor) { |
3806 |
++ return_unused_peb(ubi, ubi->fm_anchor); |
3807 |
++ ubi->fm_anchor = NULL; |
3808 |
++ } |
3809 |
++ |
3810 |
+ if (ubi->fm) { |
3811 |
+ for (i = 0; i < ubi->fm->used_blocks; i++) |
3812 |
+ kfree(ubi->fm->e[i]); |
3813 |
+diff --git a/drivers/mtd/ubi/fastmap.c b/drivers/mtd/ubi/fastmap.c |
3814 |
+index 8e292992f84c7..b88ef875236cc 100644 |
3815 |
+--- a/drivers/mtd/ubi/fastmap.c |
3816 |
++++ b/drivers/mtd/ubi/fastmap.c |
3817 |
+@@ -1552,14 +1552,6 @@ int ubi_update_fastmap(struct ubi_device *ubi) |
3818 |
+ return 0; |
3819 |
+ } |
3820 |
+ |
3821 |
+- ret = ubi_ensure_anchor_pebs(ubi); |
3822 |
+- if (ret) { |
3823 |
+- up_write(&ubi->fm_eba_sem); |
3824 |
+- up_write(&ubi->work_sem); |
3825 |
+- up_write(&ubi->fm_protect); |
3826 |
+- return ret; |
3827 |
+- } |
3828 |
+- |
3829 |
+ new_fm = kzalloc(sizeof(*new_fm), GFP_KERNEL); |
3830 |
+ if (!new_fm) { |
3831 |
+ up_write(&ubi->fm_eba_sem); |
3832 |
+@@ -1630,7 +1622,8 @@ int ubi_update_fastmap(struct ubi_device *ubi) |
3833 |
+ } |
3834 |
+ |
3835 |
+ spin_lock(&ubi->wl_lock); |
3836 |
+- tmp_e = ubi_wl_get_fm_peb(ubi, 1); |
3837 |
++ tmp_e = ubi->fm_anchor; |
3838 |
++ ubi->fm_anchor = NULL; |
3839 |
+ spin_unlock(&ubi->wl_lock); |
3840 |
+ |
3841 |
+ if (old_fm) { |
3842 |
+@@ -1682,6 +1675,9 @@ out_unlock: |
3843 |
+ up_write(&ubi->work_sem); |
3844 |
+ up_write(&ubi->fm_protect); |
3845 |
+ kfree(old_fm); |
3846 |
++ |
3847 |
++ ubi_ensure_anchor_pebs(ubi); |
3848 |
++ |
3849 |
+ return ret; |
3850 |
+ |
3851 |
+ err: |
3852 |
+diff --git a/drivers/mtd/ubi/ubi.h b/drivers/mtd/ubi/ubi.h |
3853 |
+index d47b9e436e673..d248ec371cc17 100644 |
3854 |
+--- a/drivers/mtd/ubi/ubi.h |
3855 |
++++ b/drivers/mtd/ubi/ubi.h |
3856 |
+@@ -504,6 +504,8 @@ struct ubi_debug_info { |
3857 |
+ * @fm_work: fastmap work queue |
3858 |
+ * @fm_work_scheduled: non-zero if fastmap work was scheduled |
3859 |
+ * @fast_attach: non-zero if UBI was attached by fastmap |
3860 |
++ * @fm_anchor: The next anchor PEB to use for fastmap |
3861 |
++ * @fm_do_produce_anchor: If true produce an anchor PEB in wl |
3862 |
+ * |
3863 |
+ * @used: RB-tree of used physical eraseblocks |
3864 |
+ * @erroneous: RB-tree of erroneous used physical eraseblocks |
3865 |
+@@ -612,6 +614,8 @@ struct ubi_device { |
3866 |
+ struct work_struct fm_work; |
3867 |
+ int fm_work_scheduled; |
3868 |
+ int fast_attach; |
3869 |
++ struct ubi_wl_entry *fm_anchor; |
3870 |
++ int fm_do_produce_anchor; |
3871 |
+ |
3872 |
+ /* Wear-leveling sub-system's stuff */ |
3873 |
+ struct rb_root used; |
3874 |
+@@ -802,7 +806,6 @@ struct ubi_attach_info { |
3875 |
+ * @vol_id: the volume ID on which this erasure is being performed |
3876 |
+ * @lnum: the logical eraseblock number |
3877 |
+ * @torture: if the physical eraseblock has to be tortured |
3878 |
+- * @anchor: produce a anchor PEB to by used by fastmap |
3879 |
+ * |
3880 |
+ * The @func pointer points to the worker function. If the @shutdown argument is |
3881 |
+ * not zero, the worker has to free the resources and exit immediately as the |
3882 |
+@@ -818,7 +821,6 @@ struct ubi_work { |
3883 |
+ int vol_id; |
3884 |
+ int lnum; |
3885 |
+ int torture; |
3886 |
+- int anchor; |
3887 |
+ }; |
3888 |
+ |
3889 |
+ #include "debug.h" |
3890 |
+diff --git a/drivers/mtd/ubi/wl.c b/drivers/mtd/ubi/wl.c |
3891 |
+index 6f2ac865ff05e..80d64d7e7a8be 100644 |
3892 |
+--- a/drivers/mtd/ubi/wl.c |
3893 |
++++ b/drivers/mtd/ubi/wl.c |
3894 |
+@@ -331,13 +331,6 @@ static struct ubi_wl_entry *find_wl_entry(struct ubi_device *ubi, |
3895 |
+ } |
3896 |
+ } |
3897 |
+ |
3898 |
+- /* If no fastmap has been written and this WL entry can be used |
3899 |
+- * as anchor PEB, hold it back and return the second best WL entry |
3900 |
+- * such that fastmap can use the anchor PEB later. */ |
3901 |
+- if (prev_e && !ubi->fm_disabled && |
3902 |
+- !ubi->fm && e->pnum < UBI_FM_MAX_START) |
3903 |
+- return prev_e; |
3904 |
+- |
3905 |
+ return e; |
3906 |
+ } |
3907 |
+ |
3908 |
+@@ -648,9 +641,6 @@ static int wear_leveling_worker(struct ubi_device *ubi, struct ubi_work *wrk, |
3909 |
+ { |
3910 |
+ int err, scrubbing = 0, torture = 0, protect = 0, erroneous = 0; |
3911 |
+ int erase = 0, keep = 0, vol_id = -1, lnum = -1; |
3912 |
+-#ifdef CONFIG_MTD_UBI_FASTMAP |
3913 |
+- int anchor = wrk->anchor; |
3914 |
+-#endif |
3915 |
+ struct ubi_wl_entry *e1, *e2; |
3916 |
+ struct ubi_vid_io_buf *vidb; |
3917 |
+ struct ubi_vid_hdr *vid_hdr; |
3918 |
+@@ -690,11 +680,7 @@ static int wear_leveling_worker(struct ubi_device *ubi, struct ubi_work *wrk, |
3919 |
+ } |
3920 |
+ |
3921 |
+ #ifdef CONFIG_MTD_UBI_FASTMAP |
3922 |
+- /* Check whether we need to produce an anchor PEB */ |
3923 |
+- if (!anchor) |
3924 |
+- anchor = !anchor_pebs_available(&ubi->free); |
3925 |
+- |
3926 |
+- if (anchor) { |
3927 |
++ if (ubi->fm_do_produce_anchor) { |
3928 |
+ e1 = find_anchor_wl_entry(&ubi->used); |
3929 |
+ if (!e1) |
3930 |
+ goto out_cancel; |
3931 |
+@@ -705,6 +691,7 @@ static int wear_leveling_worker(struct ubi_device *ubi, struct ubi_work *wrk, |
3932 |
+ self_check_in_wl_tree(ubi, e1, &ubi->used); |
3933 |
+ rb_erase(&e1->u.rb, &ubi->used); |
3934 |
+ dbg_wl("anchor-move PEB %d to PEB %d", e1->pnum, e2->pnum); |
3935 |
++ ubi->fm_do_produce_anchor = 0; |
3936 |
+ } else if (!ubi->scrub.rb_node) { |
3937 |
+ #else |
3938 |
+ if (!ubi->scrub.rb_node) { |
3939 |
+@@ -1037,7 +1024,6 @@ static int ensure_wear_leveling(struct ubi_device *ubi, int nested) |
3940 |
+ goto out_cancel; |
3941 |
+ } |
3942 |
+ |
3943 |
+- wrk->anchor = 0; |
3944 |
+ wrk->func = &wear_leveling_worker; |
3945 |
+ if (nested) |
3946 |
+ __schedule_ubi_work(ubi, wrk); |
3947 |
+@@ -1079,8 +1065,15 @@ static int __erase_worker(struct ubi_device *ubi, struct ubi_work *wl_wrk) |
3948 |
+ err = sync_erase(ubi, e, wl_wrk->torture); |
3949 |
+ if (!err) { |
3950 |
+ spin_lock(&ubi->wl_lock); |
3951 |
+- wl_tree_add(e, &ubi->free); |
3952 |
+- ubi->free_count++; |
3953 |
++ |
3954 |
++ if (!ubi->fm_anchor && e->pnum < UBI_FM_MAX_START) { |
3955 |
++ ubi->fm_anchor = e; |
3956 |
++ ubi->fm_do_produce_anchor = 0; |
3957 |
++ } else { |
3958 |
++ wl_tree_add(e, &ubi->free); |
3959 |
++ ubi->free_count++; |
3960 |
++ } |
3961 |
++ |
3962 |
+ spin_unlock(&ubi->wl_lock); |
3963 |
+ |
3964 |
+ /* |
3965 |
+@@ -1724,6 +1717,9 @@ int ubi_wl_init(struct ubi_device *ubi, struct ubi_attach_info *ai) |
3966 |
+ if (err) |
3967 |
+ goto out_free; |
3968 |
+ |
3969 |
++#ifdef CONFIG_MTD_UBI_FASTMAP |
3970 |
++ ubi_ensure_anchor_pebs(ubi); |
3971 |
++#endif |
3972 |
+ return 0; |
3973 |
+ |
3974 |
+ out_free: |
3975 |
+diff --git a/drivers/mtd/ubi/wl.h b/drivers/mtd/ubi/wl.h |
3976 |
+index a9e2d669acd81..c93a532937863 100644 |
3977 |
+--- a/drivers/mtd/ubi/wl.h |
3978 |
++++ b/drivers/mtd/ubi/wl.h |
3979 |
+@@ -2,7 +2,6 @@ |
3980 |
+ #ifndef UBI_WL_H |
3981 |
+ #define UBI_WL_H |
3982 |
+ #ifdef CONFIG_MTD_UBI_FASTMAP |
3983 |
+-static int anchor_pebs_available(struct rb_root *root); |
3984 |
+ static void update_fastmap_work_fn(struct work_struct *wrk); |
3985 |
+ static struct ubi_wl_entry *find_anchor_wl_entry(struct rb_root *root); |
3986 |
+ static struct ubi_wl_entry *get_peb_for_wl(struct ubi_device *ubi); |
3987 |
+diff --git a/drivers/net/ethernet/intel/e1000/e1000_main.c b/drivers/net/ethernet/intel/e1000/e1000_main.c |
3988 |
+index 47b867c64b147..195108858f38f 100644 |
3989 |
+--- a/drivers/net/ethernet/intel/e1000/e1000_main.c |
3990 |
++++ b/drivers/net/ethernet/intel/e1000/e1000_main.c |
3991 |
+@@ -542,8 +542,13 @@ void e1000_reinit_locked(struct e1000_adapter *adapter) |
3992 |
+ WARN_ON(in_interrupt()); |
3993 |
+ while (test_and_set_bit(__E1000_RESETTING, &adapter->flags)) |
3994 |
+ msleep(1); |
3995 |
+- e1000_down(adapter); |
3996 |
+- e1000_up(adapter); |
3997 |
++ |
3998 |
++ /* only run the task if not already down */ |
3999 |
++ if (!test_bit(__E1000_DOWN, &adapter->flags)) { |
4000 |
++ e1000_down(adapter); |
4001 |
++ e1000_up(adapter); |
4002 |
++ } |
4003 |
++ |
4004 |
+ clear_bit(__E1000_RESETTING, &adapter->flags); |
4005 |
+ } |
4006 |
+ |
4007 |
+@@ -1433,10 +1438,15 @@ int e1000_close(struct net_device *netdev) |
4008 |
+ struct e1000_hw *hw = &adapter->hw; |
4009 |
+ int count = E1000_CHECK_RESET_COUNT; |
4010 |
+ |
4011 |
+- while (test_bit(__E1000_RESETTING, &adapter->flags) && count--) |
4012 |
++ while (test_and_set_bit(__E1000_RESETTING, &adapter->flags) && count--) |
4013 |
+ usleep_range(10000, 20000); |
4014 |
+ |
4015 |
+- WARN_ON(test_bit(__E1000_RESETTING, &adapter->flags)); |
4016 |
++ WARN_ON(count < 0); |
4017 |
++ |
4018 |
++ /* signal that we're down so that the reset task will no longer run */ |
4019 |
++ set_bit(__E1000_DOWN, &adapter->flags); |
4020 |
++ clear_bit(__E1000_RESETTING, &adapter->flags); |
4021 |
++ |
4022 |
+ e1000_down(adapter); |
4023 |
+ e1000_power_down_phy(adapter); |
4024 |
+ e1000_free_irq(adapter); |
4025 |
+diff --git a/drivers/net/ethernet/qlogic/qed/qed_sriov.c b/drivers/net/ethernet/qlogic/qed/qed_sriov.c |
4026 |
+index 71a7af134dd8e..886c7aae662fa 100644 |
4027 |
+--- a/drivers/net/ethernet/qlogic/qed/qed_sriov.c |
4028 |
++++ b/drivers/net/ethernet/qlogic/qed/qed_sriov.c |
4029 |
+@@ -96,6 +96,7 @@ static int qed_sp_vf_start(struct qed_hwfn *p_hwfn, struct qed_vf_info *p_vf) |
4030 |
+ p_ramrod->personality = PERSONALITY_ETH; |
4031 |
+ break; |
4032 |
+ case QED_PCI_ETH_ROCE: |
4033 |
++ case QED_PCI_ETH_IWARP: |
4034 |
+ p_ramrod->personality = PERSONALITY_RDMA_AND_ETH; |
4035 |
+ break; |
4036 |
+ default: |
4037 |
+diff --git a/drivers/net/ieee802154/adf7242.c b/drivers/net/ieee802154/adf7242.c |
4038 |
+index 71be8524cca87..a686926bba71e 100644 |
4039 |
+--- a/drivers/net/ieee802154/adf7242.c |
4040 |
++++ b/drivers/net/ieee802154/adf7242.c |
4041 |
+@@ -883,7 +883,9 @@ static int adf7242_rx(struct adf7242_local *lp) |
4042 |
+ int ret; |
4043 |
+ u8 lqi, len_u8, *data; |
4044 |
+ |
4045 |
+- adf7242_read_reg(lp, 0, &len_u8); |
4046 |
++ ret = adf7242_read_reg(lp, 0, &len_u8); |
4047 |
++ if (ret) |
4048 |
++ return ret; |
4049 |
+ |
4050 |
+ len = len_u8; |
4051 |
+ |
4052 |
+diff --git a/drivers/net/ieee802154/ca8210.c b/drivers/net/ieee802154/ca8210.c |
4053 |
+index 38a41651e451c..deace0aadad24 100644 |
4054 |
+--- a/drivers/net/ieee802154/ca8210.c |
4055 |
++++ b/drivers/net/ieee802154/ca8210.c |
4056 |
+@@ -2923,6 +2923,7 @@ static int ca8210_dev_com_init(struct ca8210_priv *priv) |
4057 |
+ ); |
4058 |
+ if (!priv->irq_workqueue) { |
4059 |
+ dev_crit(&priv->spi->dev, "alloc of irq_workqueue failed!\n"); |
4060 |
++ destroy_workqueue(priv->mlme_workqueue); |
4061 |
+ return -ENOMEM; |
4062 |
+ } |
4063 |
+ |
4064 |
+diff --git a/drivers/net/wireless/ath/ar5523/ar5523.c b/drivers/net/wireless/ath/ar5523/ar5523.c |
4065 |
+index da2d179430ca5..4c57e79e5779a 100644 |
4066 |
+--- a/drivers/net/wireless/ath/ar5523/ar5523.c |
4067 |
++++ b/drivers/net/wireless/ath/ar5523/ar5523.c |
4068 |
+@@ -1770,6 +1770,8 @@ static const struct usb_device_id ar5523_id_table[] = { |
4069 |
+ AR5523_DEVICE_UX(0x0846, 0x4300), /* Netgear / WG111U */ |
4070 |
+ AR5523_DEVICE_UG(0x0846, 0x4250), /* Netgear / WG111T */ |
4071 |
+ AR5523_DEVICE_UG(0x0846, 0x5f00), /* Netgear / WPN111 */ |
4072 |
++ AR5523_DEVICE_UG(0x083a, 0x4506), /* SMC / EZ Connect |
4073 |
++ SMCWUSBT-G2 */ |
4074 |
+ AR5523_DEVICE_UG(0x157e, 0x3006), /* Umedia / AR5523_1 */ |
4075 |
+ AR5523_DEVICE_UX(0x157e, 0x3205), /* Umedia / AR5523_2 */ |
4076 |
+ AR5523_DEVICE_UG(0x157e, 0x3006), /* Umedia / TEW444UBEU */ |
4077 |
+diff --git a/drivers/net/wireless/ath/ath10k/debug.c b/drivers/net/wireless/ath/ath10k/debug.c |
4078 |
+index 0baaad90b8d18..4e980e78ba95c 100644 |
4079 |
+--- a/drivers/net/wireless/ath/ath10k/debug.c |
4080 |
++++ b/drivers/net/wireless/ath/ath10k/debug.c |
4081 |
+@@ -1521,7 +1521,7 @@ static void ath10k_tpc_stats_print(struct ath10k_tpc_stats *tpc_stats, |
4082 |
+ *len += scnprintf(buf + *len, buf_len - *len, |
4083 |
+ "No. Preamble Rate_code "); |
4084 |
+ |
4085 |
+- for (i = 0; i < WMI_TPC_TX_N_CHAIN; i++) |
4086 |
++ for (i = 0; i < tpc_stats->num_tx_chain; i++) |
4087 |
+ *len += scnprintf(buf + *len, buf_len - *len, |
4088 |
+ "tpc_value%d ", i); |
4089 |
+ |
4090 |
+@@ -2365,6 +2365,7 @@ void ath10k_debug_destroy(struct ath10k *ar) |
4091 |
+ ath10k_debug_fw_stats_reset(ar); |
4092 |
+ |
4093 |
+ kfree(ar->debug.tpc_stats); |
4094 |
++ kfree(ar->debug.tpc_stats_final); |
4095 |
+ } |
4096 |
+ |
4097 |
+ int ath10k_debug_register(struct ath10k *ar) |
4098 |
+diff --git a/drivers/net/wireless/ath/ath10k/sdio.c b/drivers/net/wireless/ath/ath10k/sdio.c |
4099 |
+index 0ecaba824fb28..0cdaecb0e28a9 100644 |
4100 |
+--- a/drivers/net/wireless/ath/ath10k/sdio.c |
4101 |
++++ b/drivers/net/wireless/ath/ath10k/sdio.c |
4102 |
+@@ -1567,23 +1567,33 @@ static int ath10k_sdio_hif_diag_read(struct ath10k *ar, u32 address, void *buf, |
4103 |
+ size_t buf_len) |
4104 |
+ { |
4105 |
+ int ret; |
4106 |
++ void *mem; |
4107 |
++ |
4108 |
++ mem = kzalloc(buf_len, GFP_KERNEL); |
4109 |
++ if (!mem) |
4110 |
++ return -ENOMEM; |
4111 |
+ |
4112 |
+ /* set window register to start read cycle */ |
4113 |
+ ret = ath10k_sdio_write32(ar, MBOX_WINDOW_READ_ADDR_ADDRESS, address); |
4114 |
+ if (ret) { |
4115 |
+ ath10k_warn(ar, "failed to set mbox window read address: %d", ret); |
4116 |
+- return ret; |
4117 |
++ goto out; |
4118 |
+ } |
4119 |
+ |
4120 |
+ /* read the data */ |
4121 |
+- ret = ath10k_sdio_read(ar, MBOX_WINDOW_DATA_ADDRESS, buf, buf_len); |
4122 |
++ ret = ath10k_sdio_read(ar, MBOX_WINDOW_DATA_ADDRESS, mem, buf_len); |
4123 |
+ if (ret) { |
4124 |
+ ath10k_warn(ar, "failed to read from mbox window data address: %d\n", |
4125 |
+ ret); |
4126 |
+- return ret; |
4127 |
++ goto out; |
4128 |
+ } |
4129 |
+ |
4130 |
+- return 0; |
4131 |
++ memcpy(buf, mem, buf_len); |
4132 |
++ |
4133 |
++out: |
4134 |
++ kfree(mem); |
4135 |
++ |
4136 |
++ return ret; |
4137 |
+ } |
4138 |
+ |
4139 |
+ static int ath10k_sdio_hif_diag_read32(struct ath10k *ar, u32 address, |
4140 |
+diff --git a/drivers/net/wireless/ath/ath10k/wmi.c b/drivers/net/wireless/ath/ath10k/wmi.c |
4141 |
+index 3372dfa0deccf..3f3fbee631c34 100644 |
4142 |
+--- a/drivers/net/wireless/ath/ath10k/wmi.c |
4143 |
++++ b/drivers/net/wireless/ath/ath10k/wmi.c |
4144 |
+@@ -4550,16 +4550,13 @@ static void ath10k_tpc_config_disp_tables(struct ath10k *ar, |
4145 |
+ } |
4146 |
+ |
4147 |
+ pream_idx = 0; |
4148 |
+- for (i = 0; i < __le32_to_cpu(ev->rate_max); i++) { |
4149 |
++ for (i = 0; i < tpc_stats->rate_max; i++) { |
4150 |
+ memset(tpc_value, 0, sizeof(tpc_value)); |
4151 |
+ memset(buff, 0, sizeof(buff)); |
4152 |
+ if (i == pream_table[pream_idx]) |
4153 |
+ pream_idx++; |
4154 |
+ |
4155 |
+- for (j = 0; j < WMI_TPC_TX_N_CHAIN; j++) { |
4156 |
+- if (j >= __le32_to_cpu(ev->num_tx_chain)) |
4157 |
+- break; |
4158 |
+- |
4159 |
++ for (j = 0; j < tpc_stats->num_tx_chain; j++) { |
4160 |
+ tpc[j] = ath10k_tpc_config_get_rate(ar, ev, i, j + 1, |
4161 |
+ rate_code[i], |
4162 |
+ type); |
4163 |
+@@ -4672,7 +4669,7 @@ void ath10k_wmi_tpc_config_get_rate_code(u8 *rate_code, u16 *pream_table, |
4164 |
+ |
4165 |
+ void ath10k_wmi_event_pdev_tpc_config(struct ath10k *ar, struct sk_buff *skb) |
4166 |
+ { |
4167 |
+- u32 num_tx_chain; |
4168 |
++ u32 num_tx_chain, rate_max; |
4169 |
+ u8 rate_code[WMI_TPC_RATE_MAX]; |
4170 |
+ u16 pream_table[WMI_TPC_PREAM_TABLE_MAX]; |
4171 |
+ struct wmi_pdev_tpc_config_event *ev; |
4172 |
+@@ -4688,6 +4685,13 @@ void ath10k_wmi_event_pdev_tpc_config(struct ath10k *ar, struct sk_buff *skb) |
4173 |
+ return; |
4174 |
+ } |
4175 |
+ |
4176 |
++ rate_max = __le32_to_cpu(ev->rate_max); |
4177 |
++ if (rate_max > WMI_TPC_RATE_MAX) { |
4178 |
++ ath10k_warn(ar, "number of rate is %d greater than TPC configured rate %d\n", |
4179 |
++ rate_max, WMI_TPC_RATE_MAX); |
4180 |
++ rate_max = WMI_TPC_RATE_MAX; |
4181 |
++ } |
4182 |
++ |
4183 |
+ tpc_stats = kzalloc(sizeof(*tpc_stats), GFP_ATOMIC); |
4184 |
+ if (!tpc_stats) |
4185 |
+ return; |
4186 |
+@@ -4704,8 +4708,8 @@ void ath10k_wmi_event_pdev_tpc_config(struct ath10k *ar, struct sk_buff *skb) |
4187 |
+ __le32_to_cpu(ev->twice_antenna_reduction); |
4188 |
+ tpc_stats->power_limit = __le32_to_cpu(ev->power_limit); |
4189 |
+ tpc_stats->twice_max_rd_power = __le32_to_cpu(ev->twice_max_rd_power); |
4190 |
+- tpc_stats->num_tx_chain = __le32_to_cpu(ev->num_tx_chain); |
4191 |
+- tpc_stats->rate_max = __le32_to_cpu(ev->rate_max); |
4192 |
++ tpc_stats->num_tx_chain = num_tx_chain; |
4193 |
++ tpc_stats->rate_max = rate_max; |
4194 |
+ |
4195 |
+ ath10k_tpc_config_disp_tables(ar, ev, tpc_stats, |
4196 |
+ rate_code, pream_table, |
4197 |
+@@ -4900,16 +4904,13 @@ ath10k_wmi_tpc_stats_final_disp_tables(struct ath10k *ar, |
4198 |
+ } |
4199 |
+ |
4200 |
+ pream_idx = 0; |
4201 |
+- for (i = 0; i < __le32_to_cpu(ev->rate_max); i++) { |
4202 |
++ for (i = 0; i < tpc_stats->rate_max; i++) { |
4203 |
+ memset(tpc_value, 0, sizeof(tpc_value)); |
4204 |
+ memset(buff, 0, sizeof(buff)); |
4205 |
+ if (i == pream_table[pream_idx]) |
4206 |
+ pream_idx++; |
4207 |
+ |
4208 |
+- for (j = 0; j < WMI_TPC_TX_N_CHAIN; j++) { |
4209 |
+- if (j >= __le32_to_cpu(ev->num_tx_chain)) |
4210 |
+- break; |
4211 |
+- |
4212 |
++ for (j = 0; j < tpc_stats->num_tx_chain; j++) { |
4213 |
+ tpc[j] = ath10k_wmi_tpc_final_get_rate(ar, ev, i, j + 1, |
4214 |
+ rate_code[i], |
4215 |
+ type, pream_idx); |
4216 |
+@@ -4925,7 +4926,7 @@ ath10k_wmi_tpc_stats_final_disp_tables(struct ath10k *ar, |
4217 |
+ |
4218 |
+ void ath10k_wmi_event_tpc_final_table(struct ath10k *ar, struct sk_buff *skb) |
4219 |
+ { |
4220 |
+- u32 num_tx_chain; |
4221 |
++ u32 num_tx_chain, rate_max; |
4222 |
+ u8 rate_code[WMI_TPC_FINAL_RATE_MAX]; |
4223 |
+ u16 pream_table[WMI_TPC_PREAM_TABLE_MAX]; |
4224 |
+ struct wmi_pdev_tpc_final_table_event *ev; |
4225 |
+@@ -4933,12 +4934,24 @@ void ath10k_wmi_event_tpc_final_table(struct ath10k *ar, struct sk_buff *skb) |
4226 |
+ |
4227 |
+ ev = (struct wmi_pdev_tpc_final_table_event *)skb->data; |
4228 |
+ |
4229 |
++ num_tx_chain = __le32_to_cpu(ev->num_tx_chain); |
4230 |
++ if (num_tx_chain > WMI_TPC_TX_N_CHAIN) { |
4231 |
++ ath10k_warn(ar, "number of tx chain is %d greater than TPC final configured tx chain %d\n", |
4232 |
++ num_tx_chain, WMI_TPC_TX_N_CHAIN); |
4233 |
++ return; |
4234 |
++ } |
4235 |
++ |
4236 |
++ rate_max = __le32_to_cpu(ev->rate_max); |
4237 |
++ if (rate_max > WMI_TPC_FINAL_RATE_MAX) { |
4238 |
++ ath10k_warn(ar, "number of rate is %d greater than TPC final configured rate %d\n", |
4239 |
++ rate_max, WMI_TPC_FINAL_RATE_MAX); |
4240 |
++ rate_max = WMI_TPC_FINAL_RATE_MAX; |
4241 |
++ } |
4242 |
++ |
4243 |
+ tpc_stats = kzalloc(sizeof(*tpc_stats), GFP_ATOMIC); |
4244 |
+ if (!tpc_stats) |
4245 |
+ return; |
4246 |
+ |
4247 |
+- num_tx_chain = __le32_to_cpu(ev->num_tx_chain); |
4248 |
+- |
4249 |
+ ath10k_wmi_tpc_config_get_rate_code(rate_code, pream_table, |
4250 |
+ num_tx_chain); |
4251 |
+ |
4252 |
+@@ -4951,8 +4964,8 @@ void ath10k_wmi_event_tpc_final_table(struct ath10k *ar, struct sk_buff *skb) |
4253 |
+ __le32_to_cpu(ev->twice_antenna_reduction); |
4254 |
+ tpc_stats->power_limit = __le32_to_cpu(ev->power_limit); |
4255 |
+ tpc_stats->twice_max_rd_power = __le32_to_cpu(ev->twice_max_rd_power); |
4256 |
+- tpc_stats->num_tx_chain = __le32_to_cpu(ev->num_tx_chain); |
4257 |
+- tpc_stats->rate_max = __le32_to_cpu(ev->rate_max); |
4258 |
++ tpc_stats->num_tx_chain = num_tx_chain; |
4259 |
++ tpc_stats->rate_max = rate_max; |
4260 |
+ |
4261 |
+ ath10k_wmi_tpc_stats_final_disp_tables(ar, ev, tpc_stats, |
4262 |
+ rate_code, pream_table, |
4263 |
+diff --git a/drivers/net/wireless/marvell/mwifiex/fw.h b/drivers/net/wireless/marvell/mwifiex/fw.h |
4264 |
+index 1fb76d2f5d3fd..8b9d0809daf62 100644 |
4265 |
+--- a/drivers/net/wireless/marvell/mwifiex/fw.h |
4266 |
++++ b/drivers/net/wireless/marvell/mwifiex/fw.h |
4267 |
+@@ -953,7 +953,7 @@ struct mwifiex_tkip_param { |
4268 |
+ struct mwifiex_aes_param { |
4269 |
+ u8 pn[WPA_PN_SIZE]; |
4270 |
+ __le16 key_len; |
4271 |
+- u8 key[WLAN_KEY_LEN_CCMP]; |
4272 |
++ u8 key[WLAN_KEY_LEN_CCMP_256]; |
4273 |
+ } __packed; |
4274 |
+ |
4275 |
+ struct mwifiex_wapi_param { |
4276 |
+diff --git a/drivers/net/wireless/marvell/mwifiex/sta_cmdresp.c b/drivers/net/wireless/marvell/mwifiex/sta_cmdresp.c |
4277 |
+index 797c2e9783943..7003767eef423 100644 |
4278 |
+--- a/drivers/net/wireless/marvell/mwifiex/sta_cmdresp.c |
4279 |
++++ b/drivers/net/wireless/marvell/mwifiex/sta_cmdresp.c |
4280 |
+@@ -620,7 +620,7 @@ static int mwifiex_ret_802_11_key_material_v2(struct mwifiex_private *priv, |
4281 |
+ key_v2 = &resp->params.key_material_v2; |
4282 |
+ |
4283 |
+ len = le16_to_cpu(key_v2->key_param_set.key_params.aes.key_len); |
4284 |
+- if (len > WLAN_KEY_LEN_CCMP) |
4285 |
++ if (len > sizeof(key_v2->key_param_set.key_params.aes.key)) |
4286 |
+ return -EINVAL; |
4287 |
+ |
4288 |
+ if (le16_to_cpu(key_v2->action) == HostCmd_ACT_GEN_SET) { |
4289 |
+@@ -636,7 +636,7 @@ static int mwifiex_ret_802_11_key_material_v2(struct mwifiex_private *priv, |
4290 |
+ return 0; |
4291 |
+ |
4292 |
+ memset(priv->aes_key_v2.key_param_set.key_params.aes.key, 0, |
4293 |
+- WLAN_KEY_LEN_CCMP); |
4294 |
++ sizeof(key_v2->key_param_set.key_params.aes.key)); |
4295 |
+ priv->aes_key_v2.key_param_set.key_params.aes.key_len = |
4296 |
+ cpu_to_le16(len); |
4297 |
+ memcpy(priv->aes_key_v2.key_param_set.key_params.aes.key, |
4298 |
+diff --git a/drivers/net/wireless/mediatek/mt76/agg-rx.c b/drivers/net/wireless/mediatek/mt76/agg-rx.c |
4299 |
+index d44d57e6eb27a..97df6b3a472b1 100644 |
4300 |
+--- a/drivers/net/wireless/mediatek/mt76/agg-rx.c |
4301 |
++++ b/drivers/net/wireless/mediatek/mt76/agg-rx.c |
4302 |
+@@ -278,6 +278,7 @@ static void mt76_rx_aggr_shutdown(struct mt76_dev *dev, struct mt76_rx_tid *tid) |
4303 |
+ if (!skb) |
4304 |
+ continue; |
4305 |
+ |
4306 |
++ tid->reorder_buf[i] = NULL; |
4307 |
+ tid->nframes--; |
4308 |
+ dev_kfree_skb(skb); |
4309 |
+ } |
4310 |
+diff --git a/drivers/net/wireless/ti/wlcore/main.c b/drivers/net/wireless/ti/wlcore/main.c |
4311 |
+index 2ca5658bbc2ab..43c7b37dec0c9 100644 |
4312 |
+--- a/drivers/net/wireless/ti/wlcore/main.c |
4313 |
++++ b/drivers/net/wireless/ti/wlcore/main.c |
4314 |
+@@ -3671,8 +3671,10 @@ void wlcore_regdomain_config(struct wl1271 *wl) |
4315 |
+ goto out; |
4316 |
+ |
4317 |
+ ret = pm_runtime_get_sync(wl->dev); |
4318 |
+- if (ret < 0) |
4319 |
++ if (ret < 0) { |
4320 |
++ pm_runtime_put_autosuspend(wl->dev); |
4321 |
+ goto out; |
4322 |
++ } |
4323 |
+ |
4324 |
+ ret = wlcore_cmd_regdomain_config_locked(wl); |
4325 |
+ if (ret < 0) { |
4326 |
+diff --git a/drivers/net/wireless/ti/wlcore/tx.c b/drivers/net/wireless/ti/wlcore/tx.c |
4327 |
+index b6e19c2d66b0a..250bcbf4ea2f2 100644 |
4328 |
+--- a/drivers/net/wireless/ti/wlcore/tx.c |
4329 |
++++ b/drivers/net/wireless/ti/wlcore/tx.c |
4330 |
+@@ -877,6 +877,7 @@ void wl1271_tx_work(struct work_struct *work) |
4331 |
+ |
4332 |
+ ret = wlcore_tx_work_locked(wl); |
4333 |
+ if (ret < 0) { |
4334 |
++ pm_runtime_put_noidle(wl->dev); |
4335 |
+ wl12xx_queue_recovery_work(wl); |
4336 |
+ goto out; |
4337 |
+ } |
4338 |
+diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c |
4339 |
+index 0d60f2f8f3eec..33dad9774da01 100644 |
4340 |
+--- a/drivers/nvme/host/core.c |
4341 |
++++ b/drivers/nvme/host/core.c |
4342 |
+@@ -255,11 +255,8 @@ void nvme_complete_rq(struct request *req) |
4343 |
+ trace_nvme_complete_rq(req); |
4344 |
+ |
4345 |
+ if (unlikely(status != BLK_STS_OK && nvme_req_needs_retry(req))) { |
4346 |
+- if ((req->cmd_flags & REQ_NVME_MPATH) && |
4347 |
+- blk_path_error(status)) { |
4348 |
+- nvme_failover_req(req); |
4349 |
++ if ((req->cmd_flags & REQ_NVME_MPATH) && nvme_failover_req(req)) |
4350 |
+ return; |
4351 |
+- } |
4352 |
+ |
4353 |
+ if (!blk_queue_dying(req->q)) { |
4354 |
+ nvme_req(req)->retries++; |
4355 |
+@@ -1602,7 +1599,7 @@ static void __nvme_revalidate_disk(struct gendisk *disk, struct nvme_id_ns *id) |
4356 |
+ if (ns->head->disk) { |
4357 |
+ nvme_update_disk_info(ns->head->disk, ns, id); |
4358 |
+ blk_queue_stack_limits(ns->head->disk->queue, ns->queue); |
4359 |
+- revalidate_disk(ns->head->disk); |
4360 |
++ nvme_mpath_update_disk_size(ns->head->disk); |
4361 |
+ } |
4362 |
+ #endif |
4363 |
+ } |
4364 |
+@@ -2859,6 +2856,10 @@ static ssize_t nvme_sysfs_delete(struct device *dev, |
4365 |
+ { |
4366 |
+ struct nvme_ctrl *ctrl = dev_get_drvdata(dev); |
4367 |
+ |
4368 |
++ /* Can't delete non-created controllers */ |
4369 |
++ if (!ctrl->created) |
4370 |
++ return -EBUSY; |
4371 |
++ |
4372 |
+ if (device_remove_file_self(dev, attr)) |
4373 |
+ nvme_delete_ctrl_sync(ctrl); |
4374 |
+ return count; |
4375 |
+@@ -3579,6 +3580,7 @@ void nvme_start_ctrl(struct nvme_ctrl *ctrl) |
4376 |
+ queue_work(nvme_wq, &ctrl->async_event_work); |
4377 |
+ nvme_start_queues(ctrl); |
4378 |
+ } |
4379 |
++ ctrl->created = true; |
4380 |
+ } |
4381 |
+ EXPORT_SYMBOL_GPL(nvme_start_ctrl); |
4382 |
+ |
4383 |
+diff --git a/drivers/nvme/host/multipath.c b/drivers/nvme/host/multipath.c |
4384 |
+index 2e63c1106030b..e71075338ff5c 100644 |
4385 |
+--- a/drivers/nvme/host/multipath.c |
4386 |
++++ b/drivers/nvme/host/multipath.c |
4387 |
+@@ -73,17 +73,12 @@ void nvme_set_disk_name(char *disk_name, struct nvme_ns *ns, |
4388 |
+ } |
4389 |
+ } |
4390 |
+ |
4391 |
+-void nvme_failover_req(struct request *req) |
4392 |
++bool nvme_failover_req(struct request *req) |
4393 |
+ { |
4394 |
+ struct nvme_ns *ns = req->q->queuedata; |
4395 |
+ u16 status = nvme_req(req)->status; |
4396 |
+ unsigned long flags; |
4397 |
+ |
4398 |
+- spin_lock_irqsave(&ns->head->requeue_lock, flags); |
4399 |
+- blk_steal_bios(&ns->head->requeue_list, req); |
4400 |
+- spin_unlock_irqrestore(&ns->head->requeue_lock, flags); |
4401 |
+- blk_mq_end_request(req, 0); |
4402 |
+- |
4403 |
+ switch (status & 0x7ff) { |
4404 |
+ case NVME_SC_ANA_TRANSITION: |
4405 |
+ case NVME_SC_ANA_INACCESSIBLE: |
4406 |
+@@ -111,15 +106,17 @@ void nvme_failover_req(struct request *req) |
4407 |
+ nvme_mpath_clear_current_path(ns); |
4408 |
+ break; |
4409 |
+ default: |
4410 |
+- /* |
4411 |
+- * Reset the controller for any non-ANA error as we don't know |
4412 |
+- * what caused the error. |
4413 |
+- */ |
4414 |
+- nvme_reset_ctrl(ns->ctrl); |
4415 |
+- break; |
4416 |
++ /* This was a non-ANA error so follow the normal error path. */ |
4417 |
++ return false; |
4418 |
+ } |
4419 |
+ |
4420 |
++ spin_lock_irqsave(&ns->head->requeue_lock, flags); |
4421 |
++ blk_steal_bios(&ns->head->requeue_list, req); |
4422 |
++ spin_unlock_irqrestore(&ns->head->requeue_lock, flags); |
4423 |
++ blk_mq_end_request(req, 0); |
4424 |
++ |
4425 |
+ kblockd_schedule_work(&ns->head->requeue_work); |
4426 |
++ return true; |
4427 |
+ } |
4428 |
+ |
4429 |
+ void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl) |
4430 |
+diff --git a/drivers/nvme/host/nvme.h b/drivers/nvme/host/nvme.h |
4431 |
+index cc4273f119894..9c2e7a151e400 100644 |
4432 |
+--- a/drivers/nvme/host/nvme.h |
4433 |
++++ b/drivers/nvme/host/nvme.h |
4434 |
+@@ -206,6 +206,7 @@ struct nvme_ctrl { |
4435 |
+ struct nvme_command ka_cmd; |
4436 |
+ struct work_struct fw_act_work; |
4437 |
+ unsigned long events; |
4438 |
++ bool created; |
4439 |
+ |
4440 |
+ #ifdef CONFIG_NVME_MULTIPATH |
4441 |
+ /* asymmetric namespace access: */ |
4442 |
+@@ -477,7 +478,7 @@ void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys); |
4443 |
+ void nvme_mpath_start_freeze(struct nvme_subsystem *subsys); |
4444 |
+ void nvme_set_disk_name(char *disk_name, struct nvme_ns *ns, |
4445 |
+ struct nvme_ctrl *ctrl, int *flags); |
4446 |
+-void nvme_failover_req(struct request *req); |
4447 |
++bool nvme_failover_req(struct request *req); |
4448 |
+ void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl); |
4449 |
+ int nvme_mpath_alloc_disk(struct nvme_ctrl *ctrl,struct nvme_ns_head *head); |
4450 |
+ void nvme_mpath_add_disk(struct nvme_ns *ns, struct nvme_id_ns *id); |
4451 |
+@@ -503,6 +504,16 @@ static inline void nvme_mpath_check_last_path(struct nvme_ns *ns) |
4452 |
+ kblockd_schedule_work(&head->requeue_work); |
4453 |
+ } |
4454 |
+ |
4455 |
++static inline void nvme_mpath_update_disk_size(struct gendisk *disk) |
4456 |
++{ |
4457 |
++ struct block_device *bdev = bdget_disk(disk, 0); |
4458 |
++ |
4459 |
++ if (bdev) { |
4460 |
++ bd_set_size(bdev, get_capacity(disk) << SECTOR_SHIFT); |
4461 |
++ bdput(bdev); |
4462 |
++ } |
4463 |
++} |
4464 |
++ |
4465 |
+ extern struct device_attribute dev_attr_ana_grpid; |
4466 |
+ extern struct device_attribute dev_attr_ana_state; |
4467 |
+ |
4468 |
+@@ -521,8 +532,9 @@ static inline void nvme_set_disk_name(char *disk_name, struct nvme_ns *ns, |
4469 |
+ sprintf(disk_name, "nvme%dn%d", ctrl->instance, ns->head->instance); |
4470 |
+ } |
4471 |
+ |
4472 |
+-static inline void nvme_failover_req(struct request *req) |
4473 |
++static inline bool nvme_failover_req(struct request *req) |
4474 |
+ { |
4475 |
++ return false; |
4476 |
+ } |
4477 |
+ static inline void nvme_kick_requeue_lists(struct nvme_ctrl *ctrl) |
4478 |
+ { |
4479 |
+@@ -568,6 +580,9 @@ static inline void nvme_mpath_wait_freeze(struct nvme_subsystem *subsys) |
4480 |
+ static inline void nvme_mpath_start_freeze(struct nvme_subsystem *subsys) |
4481 |
+ { |
4482 |
+ } |
4483 |
++static inline void nvme_mpath_update_disk_size(struct gendisk *disk) |
4484 |
++{ |
4485 |
++} |
4486 |
+ #endif /* CONFIG_NVME_MULTIPATH */ |
4487 |
+ |
4488 |
+ #ifdef CONFIG_NVM |
4489 |
+diff --git a/drivers/nvme/target/rdma.c b/drivers/nvme/target/rdma.c |
4490 |
+index 08f997a390d5d..cfd26437aeaea 100644 |
4491 |
+--- a/drivers/nvme/target/rdma.c |
4492 |
++++ b/drivers/nvme/target/rdma.c |
4493 |
+@@ -83,6 +83,7 @@ enum nvmet_rdma_queue_state { |
4494 |
+ |
4495 |
+ struct nvmet_rdma_queue { |
4496 |
+ struct rdma_cm_id *cm_id; |
4497 |
++ struct ib_qp *qp; |
4498 |
+ struct nvmet_port *port; |
4499 |
+ struct ib_cq *cq; |
4500 |
+ atomic_t sq_wr_avail; |
4501 |
+@@ -471,7 +472,7 @@ static int nvmet_rdma_post_recv(struct nvmet_rdma_device *ndev, |
4502 |
+ if (ndev->srq) |
4503 |
+ ret = ib_post_srq_recv(ndev->srq, &cmd->wr, NULL); |
4504 |
+ else |
4505 |
+- ret = ib_post_recv(cmd->queue->cm_id->qp, &cmd->wr, NULL); |
4506 |
++ ret = ib_post_recv(cmd->queue->qp, &cmd->wr, NULL); |
4507 |
+ |
4508 |
+ if (unlikely(ret)) |
4509 |
+ pr_err("post_recv cmd failed\n"); |
4510 |
+@@ -510,7 +511,7 @@ static void nvmet_rdma_release_rsp(struct nvmet_rdma_rsp *rsp) |
4511 |
+ atomic_add(1 + rsp->n_rdma, &queue->sq_wr_avail); |
4512 |
+ |
4513 |
+ if (rsp->n_rdma) { |
4514 |
+- rdma_rw_ctx_destroy(&rsp->rw, queue->cm_id->qp, |
4515 |
++ rdma_rw_ctx_destroy(&rsp->rw, queue->qp, |
4516 |
+ queue->cm_id->port_num, rsp->req.sg, |
4517 |
+ rsp->req.sg_cnt, nvmet_data_dir(&rsp->req)); |
4518 |
+ } |
4519 |
+@@ -594,7 +595,7 @@ static void nvmet_rdma_read_data_done(struct ib_cq *cq, struct ib_wc *wc) |
4520 |
+ |
4521 |
+ WARN_ON(rsp->n_rdma <= 0); |
4522 |
+ atomic_add(rsp->n_rdma, &queue->sq_wr_avail); |
4523 |
+- rdma_rw_ctx_destroy(&rsp->rw, queue->cm_id->qp, |
4524 |
++ rdma_rw_ctx_destroy(&rsp->rw, queue->qp, |
4525 |
+ queue->cm_id->port_num, rsp->req.sg, |
4526 |
+ rsp->req.sg_cnt, nvmet_data_dir(&rsp->req)); |
4527 |
+ rsp->n_rdma = 0; |
4528 |
+@@ -737,7 +738,7 @@ static bool nvmet_rdma_execute_command(struct nvmet_rdma_rsp *rsp) |
4529 |
+ } |
4530 |
+ |
4531 |
+ if (nvmet_rdma_need_data_in(rsp)) { |
4532 |
+- if (rdma_rw_ctx_post(&rsp->rw, queue->cm_id->qp, |
4533 |
++ if (rdma_rw_ctx_post(&rsp->rw, queue->qp, |
4534 |
+ queue->cm_id->port_num, &rsp->read_cqe, NULL)) |
4535 |
+ nvmet_req_complete(&rsp->req, NVME_SC_DATA_XFER_ERROR); |
4536 |
+ } else { |
4537 |
+@@ -1020,6 +1021,7 @@ static int nvmet_rdma_create_queue_ib(struct nvmet_rdma_queue *queue) |
4538 |
+ pr_err("failed to create_qp ret= %d\n", ret); |
4539 |
+ goto err_destroy_cq; |
4540 |
+ } |
4541 |
++ queue->qp = queue->cm_id->qp; |
4542 |
+ |
4543 |
+ atomic_set(&queue->sq_wr_avail, qp_attr.cap.max_send_wr); |
4544 |
+ |
4545 |
+@@ -1048,11 +1050,10 @@ err_destroy_cq: |
4546 |
+ |
4547 |
+ static void nvmet_rdma_destroy_queue_ib(struct nvmet_rdma_queue *queue) |
4548 |
+ { |
4549 |
+- struct ib_qp *qp = queue->cm_id->qp; |
4550 |
+- |
4551 |
+- ib_drain_qp(qp); |
4552 |
+- rdma_destroy_id(queue->cm_id); |
4553 |
+- ib_destroy_qp(qp); |
4554 |
++ ib_drain_qp(queue->qp); |
4555 |
++ if (queue->cm_id) |
4556 |
++ rdma_destroy_id(queue->cm_id); |
4557 |
++ ib_destroy_qp(queue->qp); |
4558 |
+ ib_free_cq(queue->cq); |
4559 |
+ } |
4560 |
+ |
4561 |
+@@ -1286,9 +1287,12 @@ static int nvmet_rdma_queue_connect(struct rdma_cm_id *cm_id, |
4562 |
+ |
4563 |
+ ret = nvmet_rdma_cm_accept(cm_id, queue, &event->param.conn); |
4564 |
+ if (ret) { |
4565 |
+- schedule_work(&queue->release_work); |
4566 |
+- /* Destroying rdma_cm id is not needed here */ |
4567 |
+- return 0; |
4568 |
++ /* |
4569 |
++ * Don't destroy the cm_id in free path, as we implicitly |
4570 |
++ * destroy the cm_id here with non-zero ret code. |
4571 |
++ */ |
4572 |
++ queue->cm_id = NULL; |
4573 |
++ goto free_queue; |
4574 |
+ } |
4575 |
+ |
4576 |
+ mutex_lock(&nvmet_rdma_queue_mutex); |
4577 |
+@@ -1297,6 +1301,8 @@ static int nvmet_rdma_queue_connect(struct rdma_cm_id *cm_id, |
4578 |
+ |
4579 |
+ return 0; |
4580 |
+ |
4581 |
++free_queue: |
4582 |
++ nvmet_rdma_free_queue(queue); |
4583 |
+ put_device: |
4584 |
+ kref_put(&ndev->ref, nvmet_rdma_free_dev); |
4585 |
+ |
4586 |
+diff --git a/drivers/pci/controller/pci-tegra.c b/drivers/pci/controller/pci-tegra.c |
4587 |
+index 6f86583605a46..097c02197ec8f 100644 |
4588 |
+--- a/drivers/pci/controller/pci-tegra.c |
4589 |
++++ b/drivers/pci/controller/pci-tegra.c |
4590 |
+@@ -2400,7 +2400,7 @@ static int tegra_pcie_probe(struct platform_device *pdev) |
4591 |
+ err = pm_runtime_get_sync(pcie->dev); |
4592 |
+ if (err < 0) { |
4593 |
+ dev_err(dev, "fail to enable pcie controller: %d\n", err); |
4594 |
+- goto teardown_msi; |
4595 |
++ goto pm_runtime_put; |
4596 |
+ } |
4597 |
+ |
4598 |
+ err = tegra_pcie_request_resources(pcie); |
4599 |
+@@ -2440,7 +2440,6 @@ free_resources: |
4600 |
+ pm_runtime_put: |
4601 |
+ pm_runtime_put_sync(pcie->dev); |
4602 |
+ pm_runtime_disable(pcie->dev); |
4603 |
+-teardown_msi: |
4604 |
+ tegra_pcie_msi_teardown(pcie); |
4605 |
+ put_resources: |
4606 |
+ tegra_pcie_put_resources(pcie); |
4607 |
+diff --git a/drivers/pci/hotplug/pciehp_hpc.c b/drivers/pci/hotplug/pciehp_hpc.c |
4608 |
+index 07940d1d83b70..005817e40ad39 100644 |
4609 |
+--- a/drivers/pci/hotplug/pciehp_hpc.c |
4610 |
++++ b/drivers/pci/hotplug/pciehp_hpc.c |
4611 |
+@@ -530,7 +530,7 @@ static irqreturn_t pciehp_isr(int irq, void *dev_id) |
4612 |
+ struct controller *ctrl = (struct controller *)dev_id; |
4613 |
+ struct pci_dev *pdev = ctrl_dev(ctrl); |
4614 |
+ struct device *parent = pdev->dev.parent; |
4615 |
+- u16 status, events; |
4616 |
++ u16 status, events = 0; |
4617 |
+ |
4618 |
+ /* |
4619 |
+ * Interrupts only occur in D3hot or shallower (PCIe r4.0, sec 6.7.3.4). |
4620 |
+@@ -553,6 +553,7 @@ static irqreturn_t pciehp_isr(int irq, void *dev_id) |
4621 |
+ } |
4622 |
+ } |
4623 |
+ |
4624 |
++read_status: |
4625 |
+ pcie_capability_read_word(pdev, PCI_EXP_SLTSTA, &status); |
4626 |
+ if (status == (u16) ~0) { |
4627 |
+ ctrl_info(ctrl, "%s: no response from device\n", __func__); |
4628 |
+@@ -565,24 +566,37 @@ static irqreturn_t pciehp_isr(int irq, void *dev_id) |
4629 |
+ * Slot Status contains plain status bits as well as event |
4630 |
+ * notification bits; right now we only want the event bits. |
4631 |
+ */ |
4632 |
+- events = status & (PCI_EXP_SLTSTA_ABP | PCI_EXP_SLTSTA_PFD | |
4633 |
+- PCI_EXP_SLTSTA_PDC | PCI_EXP_SLTSTA_CC | |
4634 |
+- PCI_EXP_SLTSTA_DLLSC); |
4635 |
++ status &= PCI_EXP_SLTSTA_ABP | PCI_EXP_SLTSTA_PFD | |
4636 |
++ PCI_EXP_SLTSTA_PDC | PCI_EXP_SLTSTA_CC | |
4637 |
++ PCI_EXP_SLTSTA_DLLSC; |
4638 |
+ |
4639 |
+ /* |
4640 |
+ * If we've already reported a power fault, don't report it again |
4641 |
+ * until we've done something to handle it. |
4642 |
+ */ |
4643 |
+ if (ctrl->power_fault_detected) |
4644 |
+- events &= ~PCI_EXP_SLTSTA_PFD; |
4645 |
++ status &= ~PCI_EXP_SLTSTA_PFD; |
4646 |
+ |
4647 |
++ events |= status; |
4648 |
+ if (!events) { |
4649 |
+ if (parent) |
4650 |
+ pm_runtime_put(parent); |
4651 |
+ return IRQ_NONE; |
4652 |
+ } |
4653 |
+ |
4654 |
+- pcie_capability_write_word(pdev, PCI_EXP_SLTSTA, events); |
4655 |
++ if (status) { |
4656 |
++ pcie_capability_write_word(pdev, PCI_EXP_SLTSTA, events); |
4657 |
++ |
4658 |
++ /* |
4659 |
++ * In MSI mode, all event bits must be zero before the port |
4660 |
++ * will send a new interrupt (PCIe Base Spec r5.0 sec 6.7.3.4). |
4661 |
++ * So re-read the Slot Status register in case a bit was set |
4662 |
++ * between read and write. |
4663 |
++ */ |
4664 |
++ if (pci_dev_msi_enabled(pdev) && !pciehp_poll_mode) |
4665 |
++ goto read_status; |
4666 |
++ } |
4667 |
++ |
4668 |
+ ctrl_dbg(ctrl, "pending interrupts %#06x from Slot Status\n", events); |
4669 |
+ if (parent) |
4670 |
+ pm_runtime_put(parent); |
4671 |
+diff --git a/drivers/pci/rom.c b/drivers/pci/rom.c |
4672 |
+index 137bf0cee897c..8fc9a4e911e3a 100644 |
4673 |
+--- a/drivers/pci/rom.c |
4674 |
++++ b/drivers/pci/rom.c |
4675 |
+@@ -195,20 +195,3 @@ void pci_unmap_rom(struct pci_dev *pdev, void __iomem *rom) |
4676 |
+ pci_disable_rom(pdev); |
4677 |
+ } |
4678 |
+ EXPORT_SYMBOL(pci_unmap_rom); |
4679 |
+- |
4680 |
+-/** |
4681 |
+- * pci_platform_rom - provides a pointer to any ROM image provided by the |
4682 |
+- * platform |
4683 |
+- * @pdev: pointer to pci device struct |
4684 |
+- * @size: pointer to receive size of pci window over ROM |
4685 |
+- */ |
4686 |
+-void __iomem *pci_platform_rom(struct pci_dev *pdev, size_t *size) |
4687 |
+-{ |
4688 |
+- if (pdev->rom && pdev->romlen) { |
4689 |
+- *size = pdev->romlen; |
4690 |
+- return phys_to_virt((phys_addr_t)pdev->rom); |
4691 |
+- } |
4692 |
+- |
4693 |
+- return NULL; |
4694 |
+-} |
4695 |
+-EXPORT_SYMBOL(pci_platform_rom); |
4696 |
+diff --git a/drivers/phy/samsung/phy-s5pv210-usb2.c b/drivers/phy/samsung/phy-s5pv210-usb2.c |
4697 |
+index f6f72339bbc32..bb7fdf491c1c2 100644 |
4698 |
+--- a/drivers/phy/samsung/phy-s5pv210-usb2.c |
4699 |
++++ b/drivers/phy/samsung/phy-s5pv210-usb2.c |
4700 |
+@@ -142,6 +142,10 @@ static void s5pv210_phy_pwr(struct samsung_usb2_phy_instance *inst, bool on) |
4701 |
+ udelay(10); |
4702 |
+ rst &= ~rstbits; |
4703 |
+ writel(rst, drv->reg_phy + S5PV210_UPHYRST); |
4704 |
++ /* The following delay is necessary for the reset sequence to be |
4705 |
++ * completed |
4706 |
++ */ |
4707 |
++ udelay(80); |
4708 |
+ } else { |
4709 |
+ pwr = readl(drv->reg_phy + S5PV210_UPHYPWR); |
4710 |
+ pwr |= phypwr; |
4711 |
+diff --git a/drivers/power/supply/max17040_battery.c b/drivers/power/supply/max17040_battery.c |
4712 |
+index 33c40f79d23d5..2c35c13ad546f 100644 |
4713 |
+--- a/drivers/power/supply/max17040_battery.c |
4714 |
++++ b/drivers/power/supply/max17040_battery.c |
4715 |
+@@ -109,7 +109,7 @@ static void max17040_get_vcell(struct i2c_client *client) |
4716 |
+ |
4717 |
+ vcell = max17040_read_reg(client, MAX17040_VCELL); |
4718 |
+ |
4719 |
+- chip->vcell = vcell; |
4720 |
++ chip->vcell = (vcell >> 4) * 1250; |
4721 |
+ } |
4722 |
+ |
4723 |
+ static void max17040_get_soc(struct i2c_client *client) |
4724 |
+diff --git a/drivers/rapidio/devices/rio_mport_cdev.c b/drivers/rapidio/devices/rio_mport_cdev.c |
4725 |
+index 5940780648e0f..f36a8a5261a13 100644 |
4726 |
+--- a/drivers/rapidio/devices/rio_mport_cdev.c |
4727 |
++++ b/drivers/rapidio/devices/rio_mport_cdev.c |
4728 |
+@@ -2385,13 +2385,6 @@ static struct mport_dev *mport_cdev_add(struct rio_mport *mport) |
4729 |
+ cdev_init(&md->cdev, &mport_fops); |
4730 |
+ md->cdev.owner = THIS_MODULE; |
4731 |
+ |
4732 |
+- ret = cdev_device_add(&md->cdev, &md->dev); |
4733 |
+- if (ret) { |
4734 |
+- rmcd_error("Failed to register mport %d (err=%d)", |
4735 |
+- mport->id, ret); |
4736 |
+- goto err_cdev; |
4737 |
+- } |
4738 |
+- |
4739 |
+ INIT_LIST_HEAD(&md->doorbells); |
4740 |
+ spin_lock_init(&md->db_lock); |
4741 |
+ INIT_LIST_HEAD(&md->portwrites); |
4742 |
+@@ -2411,6 +2404,13 @@ static struct mport_dev *mport_cdev_add(struct rio_mport *mport) |
4743 |
+ #else |
4744 |
+ md->properties.transfer_mode |= RIO_TRANSFER_MODE_TRANSFER; |
4745 |
+ #endif |
4746 |
++ |
4747 |
++ ret = cdev_device_add(&md->cdev, &md->dev); |
4748 |
++ if (ret) { |
4749 |
++ rmcd_error("Failed to register mport %d (err=%d)", |
4750 |
++ mport->id, ret); |
4751 |
++ goto err_cdev; |
4752 |
++ } |
4753 |
+ ret = rio_query_mport(mport, &attr); |
4754 |
+ if (!ret) { |
4755 |
+ md->properties.flags = attr.flags; |
4756 |
+diff --git a/drivers/rtc/rtc-ds1374.c b/drivers/rtc/rtc-ds1374.c |
4757 |
+index 38a2e9e684df4..77a106e90124b 100644 |
4758 |
+--- a/drivers/rtc/rtc-ds1374.c |
4759 |
++++ b/drivers/rtc/rtc-ds1374.c |
4760 |
+@@ -620,6 +620,10 @@ static int ds1374_probe(struct i2c_client *client, |
4761 |
+ if (!ds1374) |
4762 |
+ return -ENOMEM; |
4763 |
+ |
4764 |
++ ds1374->rtc = devm_rtc_allocate_device(&client->dev); |
4765 |
++ if (IS_ERR(ds1374->rtc)) |
4766 |
++ return PTR_ERR(ds1374->rtc); |
4767 |
++ |
4768 |
+ ds1374->client = client; |
4769 |
+ i2c_set_clientdata(client, ds1374); |
4770 |
+ |
4771 |
+@@ -641,12 +645,11 @@ static int ds1374_probe(struct i2c_client *client, |
4772 |
+ device_set_wakeup_capable(&client->dev, 1); |
4773 |
+ } |
4774 |
+ |
4775 |
+- ds1374->rtc = devm_rtc_device_register(&client->dev, client->name, |
4776 |
+- &ds1374_rtc_ops, THIS_MODULE); |
4777 |
+- if (IS_ERR(ds1374->rtc)) { |
4778 |
+- dev_err(&client->dev, "unable to register the class device\n"); |
4779 |
+- return PTR_ERR(ds1374->rtc); |
4780 |
+- } |
4781 |
++ ds1374->rtc->ops = &ds1374_rtc_ops; |
4782 |
++ |
4783 |
++ ret = rtc_register_device(ds1374->rtc); |
4784 |
++ if (ret) |
4785 |
++ return ret; |
4786 |
+ |
4787 |
+ #ifdef CONFIG_RTC_DRV_DS1374_WDT |
4788 |
+ save_client = client; |
4789 |
+diff --git a/drivers/rtc/rtc-sa1100.c b/drivers/rtc/rtc-sa1100.c |
4790 |
+index 304d905cb23fd..56f625371735f 100644 |
4791 |
+--- a/drivers/rtc/rtc-sa1100.c |
4792 |
++++ b/drivers/rtc/rtc-sa1100.c |
4793 |
+@@ -186,7 +186,6 @@ static const struct rtc_class_ops sa1100_rtc_ops = { |
4794 |
+ |
4795 |
+ int sa1100_rtc_init(struct platform_device *pdev, struct sa1100_rtc *info) |
4796 |
+ { |
4797 |
+- struct rtc_device *rtc; |
4798 |
+ int ret; |
4799 |
+ |
4800 |
+ spin_lock_init(&info->lock); |
4801 |
+@@ -215,15 +214,14 @@ int sa1100_rtc_init(struct platform_device *pdev, struct sa1100_rtc *info) |
4802 |
+ writel_relaxed(0, info->rcnr); |
4803 |
+ } |
4804 |
+ |
4805 |
+- rtc = devm_rtc_device_register(&pdev->dev, pdev->name, &sa1100_rtc_ops, |
4806 |
+- THIS_MODULE); |
4807 |
+- if (IS_ERR(rtc)) { |
4808 |
++ info->rtc->ops = &sa1100_rtc_ops; |
4809 |
++ info->rtc->max_user_freq = RTC_FREQ; |
4810 |
++ |
4811 |
++ ret = rtc_register_device(info->rtc); |
4812 |
++ if (ret) { |
4813 |
+ clk_disable_unprepare(info->clk); |
4814 |
+- return PTR_ERR(rtc); |
4815 |
++ return ret; |
4816 |
+ } |
4817 |
+- info->rtc = rtc; |
4818 |
+- |
4819 |
+- rtc->max_user_freq = RTC_FREQ; |
4820 |
+ |
4821 |
+ /* Fix for a nasty initialization problem the in SA11xx RTSR register. |
4822 |
+ * See also the comments in sa1100_rtc_interrupt(). |
4823 |
+@@ -272,6 +270,10 @@ static int sa1100_rtc_probe(struct platform_device *pdev) |
4824 |
+ info->irq_1hz = irq_1hz; |
4825 |
+ info->irq_alarm = irq_alarm; |
4826 |
+ |
4827 |
++ info->rtc = devm_rtc_allocate_device(&pdev->dev); |
4828 |
++ if (IS_ERR(info->rtc)) |
4829 |
++ return PTR_ERR(info->rtc); |
4830 |
++ |
4831 |
+ ret = devm_request_irq(&pdev->dev, irq_1hz, sa1100_rtc_interrupt, 0, |
4832 |
+ "rtc 1Hz", &pdev->dev); |
4833 |
+ if (ret) { |
4834 |
+diff --git a/drivers/s390/block/dasd_fba.c b/drivers/s390/block/dasd_fba.c |
4835 |
+index 56007a3e7f110..fab09455ba944 100644 |
4836 |
+--- a/drivers/s390/block/dasd_fba.c |
4837 |
++++ b/drivers/s390/block/dasd_fba.c |
4838 |
+@@ -40,6 +40,7 @@ |
4839 |
+ MODULE_LICENSE("GPL"); |
4840 |
+ |
4841 |
+ static struct dasd_discipline dasd_fba_discipline; |
4842 |
++static void *dasd_fba_zero_page; |
4843 |
+ |
4844 |
+ struct dasd_fba_private { |
4845 |
+ struct dasd_fba_characteristics rdc_data; |
4846 |
+@@ -270,7 +271,7 @@ static void ccw_write_zero(struct ccw1 *ccw, int count) |
4847 |
+ ccw->cmd_code = DASD_FBA_CCW_WRITE; |
4848 |
+ ccw->flags |= CCW_FLAG_SLI; |
4849 |
+ ccw->count = count; |
4850 |
+- ccw->cda = (__u32) (addr_t) page_to_phys(ZERO_PAGE(0)); |
4851 |
++ ccw->cda = (__u32) (addr_t) dasd_fba_zero_page; |
4852 |
+ } |
4853 |
+ |
4854 |
+ /* |
4855 |
+@@ -811,6 +812,11 @@ dasd_fba_init(void) |
4856 |
+ int ret; |
4857 |
+ |
4858 |
+ ASCEBC(dasd_fba_discipline.ebcname, 4); |
4859 |
++ |
4860 |
++ dasd_fba_zero_page = (void *)get_zeroed_page(GFP_KERNEL | GFP_DMA); |
4861 |
++ if (!dasd_fba_zero_page) |
4862 |
++ return -ENOMEM; |
4863 |
++ |
4864 |
+ ret = ccw_driver_register(&dasd_fba_driver); |
4865 |
+ if (!ret) |
4866 |
+ wait_for_device_probe(); |
4867 |
+@@ -822,6 +828,7 @@ static void __exit |
4868 |
+ dasd_fba_cleanup(void) |
4869 |
+ { |
4870 |
+ ccw_driver_unregister(&dasd_fba_driver); |
4871 |
++ free_page((unsigned long)dasd_fba_zero_page); |
4872 |
+ } |
4873 |
+ |
4874 |
+ module_init(dasd_fba_init); |
4875 |
+diff --git a/drivers/s390/crypto/zcrypt_api.c b/drivers/s390/crypto/zcrypt_api.c |
4876 |
+index 23c24a699cefe..b7cb897cd83e0 100644 |
4877 |
+--- a/drivers/s390/crypto/zcrypt_api.c |
4878 |
++++ b/drivers/s390/crypto/zcrypt_api.c |
4879 |
+@@ -915,7 +915,8 @@ static long zcrypt_unlocked_ioctl(struct file *filp, unsigned int cmd, |
4880 |
+ if (!reqcnt) |
4881 |
+ return -ENOMEM; |
4882 |
+ zcrypt_perdev_reqcnt(reqcnt, AP_DEVICES); |
4883 |
+- if (copy_to_user((int __user *) arg, reqcnt, sizeof(reqcnt))) |
4884 |
++ if (copy_to_user((int __user *) arg, reqcnt, |
4885 |
++ sizeof(u32) * AP_DEVICES)) |
4886 |
+ rc = -EFAULT; |
4887 |
+ kfree(reqcnt); |
4888 |
+ return rc; |
4889 |
+diff --git a/drivers/scsi/aacraid/aachba.c b/drivers/scsi/aacraid/aachba.c |
4890 |
+index 6e356325d8d98..54717fb84a54c 100644 |
4891 |
+--- a/drivers/scsi/aacraid/aachba.c |
4892 |
++++ b/drivers/scsi/aacraid/aachba.c |
4893 |
+@@ -2481,13 +2481,13 @@ static int aac_read(struct scsi_cmnd * scsicmd) |
4894 |
+ scsicmd->result = DID_OK << 16 | COMMAND_COMPLETE << 8 | |
4895 |
+ SAM_STAT_CHECK_CONDITION; |
4896 |
+ set_sense(&dev->fsa_dev[cid].sense_data, |
4897 |
+- HARDWARE_ERROR, SENCODE_INTERNAL_TARGET_FAILURE, |
4898 |
++ ILLEGAL_REQUEST, SENCODE_LBA_OUT_OF_RANGE, |
4899 |
+ ASENCODE_INTERNAL_TARGET_FAILURE, 0, 0); |
4900 |
+ memcpy(scsicmd->sense_buffer, &dev->fsa_dev[cid].sense_data, |
4901 |
+ min_t(size_t, sizeof(dev->fsa_dev[cid].sense_data), |
4902 |
+ SCSI_SENSE_BUFFERSIZE)); |
4903 |
+ scsicmd->scsi_done(scsicmd); |
4904 |
+- return 1; |
4905 |
++ return 0; |
4906 |
+ } |
4907 |
+ |
4908 |
+ dprintk((KERN_DEBUG "aac_read[cpu %d]: lba = %llu, t = %ld.\n", |
4909 |
+@@ -2573,13 +2573,13 @@ static int aac_write(struct scsi_cmnd * scsicmd) |
4910 |
+ scsicmd->result = DID_OK << 16 | COMMAND_COMPLETE << 8 | |
4911 |
+ SAM_STAT_CHECK_CONDITION; |
4912 |
+ set_sense(&dev->fsa_dev[cid].sense_data, |
4913 |
+- HARDWARE_ERROR, SENCODE_INTERNAL_TARGET_FAILURE, |
4914 |
++ ILLEGAL_REQUEST, SENCODE_LBA_OUT_OF_RANGE, |
4915 |
+ ASENCODE_INTERNAL_TARGET_FAILURE, 0, 0); |
4916 |
+ memcpy(scsicmd->sense_buffer, &dev->fsa_dev[cid].sense_data, |
4917 |
+ min_t(size_t, sizeof(dev->fsa_dev[cid].sense_data), |
4918 |
+ SCSI_SENSE_BUFFERSIZE)); |
4919 |
+ scsicmd->scsi_done(scsicmd); |
4920 |
+- return 1; |
4921 |
++ return 0; |
4922 |
+ } |
4923 |
+ |
4924 |
+ dprintk((KERN_DEBUG "aac_write[cpu %d]: lba = %llu, t = %ld.\n", |
4925 |
+diff --git a/drivers/scsi/aacraid/commsup.c b/drivers/scsi/aacraid/commsup.c |
4926 |
+index b7588de4484e5..4cb6ee6e1212e 100644 |
4927 |
+--- a/drivers/scsi/aacraid/commsup.c |
4928 |
++++ b/drivers/scsi/aacraid/commsup.c |
4929 |
+@@ -743,7 +743,7 @@ int aac_hba_send(u8 command, struct fib *fibptr, fib_callback callback, |
4930 |
+ hbacmd->request_id = |
4931 |
+ cpu_to_le32((((u32)(fibptr - dev->fibs)) << 2) + 1); |
4932 |
+ fibptr->flags |= FIB_CONTEXT_FLAG_SCSI_CMD; |
4933 |
+- } else if (command != HBA_IU_TYPE_SCSI_TM_REQ) |
4934 |
++ } else |
4935 |
+ return -EINVAL; |
4936 |
+ |
4937 |
+ |
4938 |
+diff --git a/drivers/scsi/aacraid/linit.c b/drivers/scsi/aacraid/linit.c |
4939 |
+index 1046947064a0b..eecffc03084c0 100644 |
4940 |
+--- a/drivers/scsi/aacraid/linit.c |
4941 |
++++ b/drivers/scsi/aacraid/linit.c |
4942 |
+@@ -736,7 +736,11 @@ static int aac_eh_abort(struct scsi_cmnd* cmd) |
4943 |
+ status = aac_hba_send(HBA_IU_TYPE_SCSI_TM_REQ, fib, |
4944 |
+ (fib_callback) aac_hba_callback, |
4945 |
+ (void *) cmd); |
4946 |
+- |
4947 |
++ if (status != -EINPROGRESS) { |
4948 |
++ aac_fib_complete(fib); |
4949 |
++ aac_fib_free(fib); |
4950 |
++ return ret; |
4951 |
++ } |
4952 |
+ /* Wait up to 15 secs for completion */ |
4953 |
+ for (count = 0; count < 15; ++count) { |
4954 |
+ if (cmd->SCp.sent_command) { |
4955 |
+@@ -915,11 +919,11 @@ static int aac_eh_dev_reset(struct scsi_cmnd *cmd) |
4956 |
+ |
4957 |
+ info = &aac->hba_map[bus][cid]; |
4958 |
+ |
4959 |
+- if (info->devtype != AAC_DEVTYPE_NATIVE_RAW && |
4960 |
+- info->reset_state > 0) |
4961 |
++ if (!(info->devtype == AAC_DEVTYPE_NATIVE_RAW && |
4962 |
++ !(info->reset_state > 0))) |
4963 |
+ return FAILED; |
4964 |
+ |
4965 |
+- pr_err("%s: Host adapter reset request. SCSI hang ?\n", |
4966 |
++ pr_err("%s: Host device reset request. SCSI hang ?\n", |
4967 |
+ AAC_DRIVERNAME); |
4968 |
+ |
4969 |
+ fib = aac_fib_alloc(aac); |
4970 |
+@@ -934,7 +938,12 @@ static int aac_eh_dev_reset(struct scsi_cmnd *cmd) |
4971 |
+ status = aac_hba_send(command, fib, |
4972 |
+ (fib_callback) aac_tmf_callback, |
4973 |
+ (void *) info); |
4974 |
+- |
4975 |
++ if (status != -EINPROGRESS) { |
4976 |
++ info->reset_state = 0; |
4977 |
++ aac_fib_complete(fib); |
4978 |
++ aac_fib_free(fib); |
4979 |
++ return ret; |
4980 |
++ } |
4981 |
+ /* Wait up to 15 seconds for completion */ |
4982 |
+ for (count = 0; count < 15; ++count) { |
4983 |
+ if (info->reset_state == 0) { |
4984 |
+@@ -973,11 +982,11 @@ static int aac_eh_target_reset(struct scsi_cmnd *cmd) |
4985 |
+ |
4986 |
+ info = &aac->hba_map[bus][cid]; |
4987 |
+ |
4988 |
+- if (info->devtype != AAC_DEVTYPE_NATIVE_RAW && |
4989 |
+- info->reset_state > 0) |
4990 |
++ if (!(info->devtype == AAC_DEVTYPE_NATIVE_RAW && |
4991 |
++ !(info->reset_state > 0))) |
4992 |
+ return FAILED; |
4993 |
+ |
4994 |
+- pr_err("%s: Host adapter reset request. SCSI hang ?\n", |
4995 |
++ pr_err("%s: Host target reset request. SCSI hang ?\n", |
4996 |
+ AAC_DRIVERNAME); |
4997 |
+ |
4998 |
+ fib = aac_fib_alloc(aac); |
4999 |
+@@ -994,6 +1003,13 @@ static int aac_eh_target_reset(struct scsi_cmnd *cmd) |
5000 |
+ (fib_callback) aac_tmf_callback, |
5001 |
+ (void *) info); |
5002 |
+ |
5003 |
++ if (status != -EINPROGRESS) { |
5004 |
++ info->reset_state = 0; |
5005 |
++ aac_fib_complete(fib); |
5006 |
++ aac_fib_free(fib); |
5007 |
++ return ret; |
5008 |
++ } |
5009 |
++ |
5010 |
+ /* Wait up to 15 seconds for completion */ |
5011 |
+ for (count = 0; count < 15; ++count) { |
5012 |
+ if (info->reset_state <= 0) { |
5013 |
+@@ -1046,7 +1062,7 @@ static int aac_eh_bus_reset(struct scsi_cmnd* cmd) |
5014 |
+ } |
5015 |
+ } |
5016 |
+ |
5017 |
+- pr_err("%s: Host adapter reset request. SCSI hang ?\n", AAC_DRIVERNAME); |
5018 |
++ pr_err("%s: Host bus reset request. SCSI hang ?\n", AAC_DRIVERNAME); |
5019 |
+ |
5020 |
+ /* |
5021 |
+ * Check the health of the controller |
5022 |
+@@ -1604,7 +1620,7 @@ static int aac_probe_one(struct pci_dev *pdev, const struct pci_device_id *id) |
5023 |
+ struct Scsi_Host *shost; |
5024 |
+ struct aac_dev *aac; |
5025 |
+ struct list_head *insert = &aac_devices; |
5026 |
+- int error = -ENODEV; |
5027 |
++ int error; |
5028 |
+ int unique_id = 0; |
5029 |
+ u64 dmamask; |
5030 |
+ int mask_bits = 0; |
5031 |
+@@ -1629,7 +1645,6 @@ static int aac_probe_one(struct pci_dev *pdev, const struct pci_device_id *id) |
5032 |
+ error = pci_enable_device(pdev); |
5033 |
+ if (error) |
5034 |
+ goto out; |
5035 |
+- error = -ENODEV; |
5036 |
+ |
5037 |
+ if (!(aac_drivers[index].quirks & AAC_QUIRK_SRC)) { |
5038 |
+ error = pci_set_dma_mask(pdev, DMA_BIT_MASK(32)); |
5039 |
+@@ -1661,8 +1676,10 @@ static int aac_probe_one(struct pci_dev *pdev, const struct pci_device_id *id) |
5040 |
+ pci_set_master(pdev); |
5041 |
+ |
5042 |
+ shost = scsi_host_alloc(&aac_driver_template, sizeof(struct aac_dev)); |
5043 |
+- if (!shost) |
5044 |
++ if (!shost) { |
5045 |
++ error = -ENOMEM; |
5046 |
+ goto out_disable_pdev; |
5047 |
++ } |
5048 |
+ |
5049 |
+ shost->irq = pdev->irq; |
5050 |
+ shost->unique_id = unique_id; |
5051 |
+@@ -1687,8 +1704,11 @@ static int aac_probe_one(struct pci_dev *pdev, const struct pci_device_id *id) |
5052 |
+ aac->fibs = kcalloc(shost->can_queue + AAC_NUM_MGT_FIB, |
5053 |
+ sizeof(struct fib), |
5054 |
+ GFP_KERNEL); |
5055 |
+- if (!aac->fibs) |
5056 |
++ if (!aac->fibs) { |
5057 |
++ error = -ENOMEM; |
5058 |
+ goto out_free_host; |
5059 |
++ } |
5060 |
++ |
5061 |
+ spin_lock_init(&aac->fib_lock); |
5062 |
+ |
5063 |
+ mutex_init(&aac->ioctl_mutex); |
5064 |
+diff --git a/drivers/scsi/cxlflash/main.c b/drivers/scsi/cxlflash/main.c |
5065 |
+index f987c40c47a13..443813feaef47 100644 |
5066 |
+--- a/drivers/scsi/cxlflash/main.c |
5067 |
++++ b/drivers/scsi/cxlflash/main.c |
5068 |
+@@ -3749,6 +3749,7 @@ static int cxlflash_probe(struct pci_dev *pdev, |
5069 |
+ cfg->afu_cookie = cfg->ops->create_afu(pdev); |
5070 |
+ if (unlikely(!cfg->afu_cookie)) { |
5071 |
+ dev_err(dev, "%s: create_afu failed\n", __func__); |
5072 |
++ rc = -ENOMEM; |
5073 |
+ goto out_remove; |
5074 |
+ } |
5075 |
+ |
5076 |
+diff --git a/drivers/scsi/fnic/fnic_scsi.c b/drivers/scsi/fnic/fnic_scsi.c |
5077 |
+index 73ffc16ec0225..b521fc7650cb9 100644 |
5078 |
+--- a/drivers/scsi/fnic/fnic_scsi.c |
5079 |
++++ b/drivers/scsi/fnic/fnic_scsi.c |
5080 |
+@@ -1034,7 +1034,8 @@ static void fnic_fcpio_icmnd_cmpl_handler(struct fnic *fnic, |
5081 |
+ atomic64_inc(&fnic_stats->io_stats.io_completions); |
5082 |
+ |
5083 |
+ |
5084 |
+- io_duration_time = jiffies_to_msecs(jiffies) - jiffies_to_msecs(io_req->start_time); |
5085 |
++ io_duration_time = jiffies_to_msecs(jiffies) - |
5086 |
++ jiffies_to_msecs(start_time); |
5087 |
+ |
5088 |
+ if(io_duration_time <= 10) |
5089 |
+ atomic64_inc(&fnic_stats->io_stats.io_btw_0_to_10_msec); |
5090 |
+diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c |
5091 |
+index f570b8c5d857c..11de2198bb87d 100644 |
5092 |
+--- a/drivers/scsi/hpsa.c |
5093 |
++++ b/drivers/scsi/hpsa.c |
5094 |
+@@ -507,6 +507,12 @@ static ssize_t host_store_rescan(struct device *dev, |
5095 |
+ return count; |
5096 |
+ } |
5097 |
+ |
5098 |
++static void hpsa_turn_off_ioaccel_for_device(struct hpsa_scsi_dev_t *device) |
5099 |
++{ |
5100 |
++ device->offload_enabled = 0; |
5101 |
++ device->offload_to_be_enabled = 0; |
5102 |
++} |
5103 |
++ |
5104 |
+ static ssize_t host_show_firmware_revision(struct device *dev, |
5105 |
+ struct device_attribute *attr, char *buf) |
5106 |
+ { |
5107 |
+@@ -1743,8 +1749,7 @@ static void hpsa_figure_phys_disk_ptrs(struct ctlr_info *h, |
5108 |
+ __func__, |
5109 |
+ h->scsi_host->host_no, logical_drive->bus, |
5110 |
+ logical_drive->target, logical_drive->lun); |
5111 |
+- logical_drive->offload_enabled = 0; |
5112 |
+- logical_drive->offload_to_be_enabled = 0; |
5113 |
++ hpsa_turn_off_ioaccel_for_device(logical_drive); |
5114 |
+ logical_drive->queue_depth = 8; |
5115 |
+ } |
5116 |
+ } |
5117 |
+@@ -2496,8 +2501,7 @@ static void process_ioaccel2_completion(struct ctlr_info *h, |
5118 |
+ IOACCEL2_SERV_RESPONSE_FAILURE) { |
5119 |
+ if (c2->error_data.status == |
5120 |
+ IOACCEL2_STATUS_SR_IOACCEL_DISABLED) { |
5121 |
+- dev->offload_enabled = 0; |
5122 |
+- dev->offload_to_be_enabled = 0; |
5123 |
++ hpsa_turn_off_ioaccel_for_device(dev); |
5124 |
+ } |
5125 |
+ |
5126 |
+ return hpsa_retry_cmd(h, c); |
5127 |
+@@ -3676,10 +3680,17 @@ static void hpsa_get_ioaccel_status(struct ctlr_info *h, |
5128 |
+ this_device->offload_config = |
5129 |
+ !!(ioaccel_status & OFFLOAD_CONFIGURED_BIT); |
5130 |
+ if (this_device->offload_config) { |
5131 |
+- this_device->offload_to_be_enabled = |
5132 |
++ bool offload_enabled = |
5133 |
+ !!(ioaccel_status & OFFLOAD_ENABLED_BIT); |
5134 |
+- if (hpsa_get_raid_map(h, scsi3addr, this_device)) |
5135 |
+- this_device->offload_to_be_enabled = 0; |
5136 |
++ /* |
5137 |
++ * Check to see if offload can be enabled. |
5138 |
++ */ |
5139 |
++ if (offload_enabled) { |
5140 |
++ rc = hpsa_get_raid_map(h, scsi3addr, this_device); |
5141 |
++ if (rc) /* could not load raid_map */ |
5142 |
++ goto out; |
5143 |
++ this_device->offload_to_be_enabled = 1; |
5144 |
++ } |
5145 |
+ } |
5146 |
+ |
5147 |
+ out: |
5148 |
+@@ -3998,8 +4009,7 @@ static int hpsa_update_device_info(struct ctlr_info *h, |
5149 |
+ } else { |
5150 |
+ this_device->raid_level = RAID_UNKNOWN; |
5151 |
+ this_device->offload_config = 0; |
5152 |
+- this_device->offload_enabled = 0; |
5153 |
+- this_device->offload_to_be_enabled = 0; |
5154 |
++ hpsa_turn_off_ioaccel_for_device(this_device); |
5155 |
+ this_device->hba_ioaccel_enabled = 0; |
5156 |
+ this_device->volume_offline = 0; |
5157 |
+ this_device->queue_depth = h->nr_cmds; |
5158 |
+@@ -5213,8 +5223,12 @@ static int hpsa_scsi_ioaccel_raid_map(struct ctlr_info *h, |
5159 |
+ /* Handles load balance across RAID 1 members. |
5160 |
+ * (2-drive R1 and R10 with even # of drives.) |
5161 |
+ * Appropriate for SSDs, not optimal for HDDs |
5162 |
++ * Ensure we have the correct raid_map. |
5163 |
+ */ |
5164 |
+- BUG_ON(le16_to_cpu(map->layout_map_count) != 2); |
5165 |
++ if (le16_to_cpu(map->layout_map_count) != 2) { |
5166 |
++ hpsa_turn_off_ioaccel_for_device(dev); |
5167 |
++ return IO_ACCEL_INELIGIBLE; |
5168 |
++ } |
5169 |
+ if (dev->offload_to_mirror) |
5170 |
+ map_index += le16_to_cpu(map->data_disks_per_row); |
5171 |
+ dev->offload_to_mirror = !dev->offload_to_mirror; |
5172 |
+@@ -5222,8 +5236,12 @@ static int hpsa_scsi_ioaccel_raid_map(struct ctlr_info *h, |
5173 |
+ case HPSA_RAID_ADM: |
5174 |
+ /* Handles N-way mirrors (R1-ADM) |
5175 |
+ * and R10 with # of drives divisible by 3.) |
5176 |
++ * Ensure we have the correct raid_map. |
5177 |
+ */ |
5178 |
+- BUG_ON(le16_to_cpu(map->layout_map_count) != 3); |
5179 |
++ if (le16_to_cpu(map->layout_map_count) != 3) { |
5180 |
++ hpsa_turn_off_ioaccel_for_device(dev); |
5181 |
++ return IO_ACCEL_INELIGIBLE; |
5182 |
++ } |
5183 |
+ |
5184 |
+ offload_to_mirror = dev->offload_to_mirror; |
5185 |
+ raid_map_helper(map, offload_to_mirror, |
5186 |
+@@ -5248,7 +5266,10 @@ static int hpsa_scsi_ioaccel_raid_map(struct ctlr_info *h, |
5187 |
+ r5or6_blocks_per_row = |
5188 |
+ le16_to_cpu(map->strip_size) * |
5189 |
+ le16_to_cpu(map->data_disks_per_row); |
5190 |
+- BUG_ON(r5or6_blocks_per_row == 0); |
5191 |
++ if (r5or6_blocks_per_row == 0) { |
5192 |
++ hpsa_turn_off_ioaccel_for_device(dev); |
5193 |
++ return IO_ACCEL_INELIGIBLE; |
5194 |
++ } |
5195 |
+ stripesize = r5or6_blocks_per_row * |
5196 |
+ le16_to_cpu(map->layout_map_count); |
5197 |
+ #if BITS_PER_LONG == 32 |
5198 |
+@@ -8218,7 +8239,7 @@ static int detect_controller_lockup(struct ctlr_info *h) |
5199 |
+ * |
5200 |
+ * Called from monitor controller worker (hpsa_event_monitor_worker) |
5201 |
+ * |
5202 |
+- * A Volume (or Volumes that comprise an Array set may be undergoing a |
5203 |
++ * A Volume (or Volumes that comprise an Array set) may be undergoing a |
5204 |
+ * transformation, so we will be turning off ioaccel for all volumes that |
5205 |
+ * make up the Array. |
5206 |
+ */ |
5207 |
+@@ -8241,6 +8262,9 @@ static void hpsa_set_ioaccel_status(struct ctlr_info *h) |
5208 |
+ * Run through current device list used during I/O requests. |
5209 |
+ */ |
5210 |
+ for (i = 0; i < h->ndevices; i++) { |
5211 |
++ int offload_to_be_enabled = 0; |
5212 |
++ int offload_config = 0; |
5213 |
++ |
5214 |
+ device = h->dev[i]; |
5215 |
+ |
5216 |
+ if (!device) |
5217 |
+@@ -8258,25 +8282,35 @@ static void hpsa_set_ioaccel_status(struct ctlr_info *h) |
5218 |
+ continue; |
5219 |
+ |
5220 |
+ ioaccel_status = buf[IOACCEL_STATUS_BYTE]; |
5221 |
+- device->offload_config = |
5222 |
++ |
5223 |
++ /* |
5224 |
++ * Check if offload is still configured on |
5225 |
++ */ |
5226 |
++ offload_config = |
5227 |
+ !!(ioaccel_status & OFFLOAD_CONFIGURED_BIT); |
5228 |
+- if (device->offload_config) |
5229 |
+- device->offload_to_be_enabled = |
5230 |
++ /* |
5231 |
++ * If offload is configured on, check to see if ioaccel |
5232 |
++ * needs to be enabled. |
5233 |
++ */ |
5234 |
++ if (offload_config) |
5235 |
++ offload_to_be_enabled = |
5236 |
+ !!(ioaccel_status & OFFLOAD_ENABLED_BIT); |
5237 |
+ |
5238 |
++ /* |
5239 |
++ * If ioaccel is to be re-enabled, re-enable later during the |
5240 |
++ * scan operation so the driver can get a fresh raidmap |
5241 |
++ * before turning ioaccel back on. |
5242 |
++ */ |
5243 |
++ if (offload_to_be_enabled) |
5244 |
++ continue; |
5245 |
++ |
5246 |
+ /* |
5247 |
+ * Immediately turn off ioaccel for any volume the |
5248 |
+ * controller tells us to. Some of the reasons could be: |
5249 |
+ * transformation - change to the LVs of an Array. |
5250 |
+ * degraded volume - component failure |
5251 |
+- * |
5252 |
+- * If ioaccel is to be re-enabled, re-enable later during the |
5253 |
+- * scan operation so the driver can get a fresh raidmap |
5254 |
+- * before turning ioaccel back on. |
5255 |
+- * |
5256 |
+ */ |
5257 |
+- if (!device->offload_to_be_enabled) |
5258 |
+- device->offload_enabled = 0; |
5259 |
++ hpsa_turn_off_ioaccel_for_device(device); |
5260 |
+ } |
5261 |
+ |
5262 |
+ kfree(buf); |
5263 |
+diff --git a/drivers/scsi/libfc/fc_rport.c b/drivers/scsi/libfc/fc_rport.c |
5264 |
+index 90a748551ede5..2b3239765c249 100644 |
5265 |
+--- a/drivers/scsi/libfc/fc_rport.c |
5266 |
++++ b/drivers/scsi/libfc/fc_rport.c |
5267 |
+@@ -145,8 +145,10 @@ struct fc_rport_priv *fc_rport_create(struct fc_lport *lport, u32 port_id) |
5268 |
+ lockdep_assert_held(&lport->disc.disc_mutex); |
5269 |
+ |
5270 |
+ rdata = fc_rport_lookup(lport, port_id); |
5271 |
+- if (rdata) |
5272 |
++ if (rdata) { |
5273 |
++ kref_put(&rdata->kref, fc_rport_destroy); |
5274 |
+ return rdata; |
5275 |
++ } |
5276 |
+ |
5277 |
+ if (lport->rport_priv_size > 0) |
5278 |
+ rport_priv_size = lport->rport_priv_size; |
5279 |
+@@ -493,10 +495,11 @@ static void fc_rport_enter_delete(struct fc_rport_priv *rdata, |
5280 |
+ |
5281 |
+ fc_rport_state_enter(rdata, RPORT_ST_DELETE); |
5282 |
+ |
5283 |
+- kref_get(&rdata->kref); |
5284 |
+- if (rdata->event == RPORT_EV_NONE && |
5285 |
+- !queue_work(rport_event_queue, &rdata->event_work)) |
5286 |
+- kref_put(&rdata->kref, fc_rport_destroy); |
5287 |
++ if (rdata->event == RPORT_EV_NONE) { |
5288 |
++ kref_get(&rdata->kref); |
5289 |
++ if (!queue_work(rport_event_queue, &rdata->event_work)) |
5290 |
++ kref_put(&rdata->kref, fc_rport_destroy); |
5291 |
++ } |
5292 |
+ |
5293 |
+ rdata->event = event; |
5294 |
+ } |
5295 |
+diff --git a/drivers/scsi/lpfc/lpfc_attr.c b/drivers/scsi/lpfc/lpfc_attr.c |
5296 |
+index fe084d47ed9e5..3447d19d4147a 100644 |
5297 |
+--- a/drivers/scsi/lpfc/lpfc_attr.c |
5298 |
++++ b/drivers/scsi/lpfc/lpfc_attr.c |
5299 |
+@@ -332,7 +332,6 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, |
5300 |
+ if (strlcat(buf, "\nNVME Initiator Enabled\n", PAGE_SIZE) >= PAGE_SIZE) |
5301 |
+ goto buffer_done; |
5302 |
+ |
5303 |
+- rcu_read_lock(); |
5304 |
+ scnprintf(tmp, sizeof(tmp), |
5305 |
+ "XRI Dist lpfc%d Total %d NVME %d SCSI %d ELS %d\n", |
5306 |
+ phba->brd_no, |
5307 |
+@@ -341,7 +340,7 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, |
5308 |
+ phba->sli4_hba.scsi_xri_max, |
5309 |
+ lpfc_sli4_get_els_iocb_cnt(phba)); |
5310 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5311 |
+- goto rcu_unlock_buf_done; |
5312 |
++ goto buffer_done; |
5313 |
+ |
5314 |
+ /* Port state is only one of two values for now. */ |
5315 |
+ if (localport->port_id) |
5316 |
+@@ -357,7 +356,9 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, |
5317 |
+ wwn_to_u64(vport->fc_nodename.u.wwn), |
5318 |
+ localport->port_id, statep); |
5319 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5320 |
+- goto rcu_unlock_buf_done; |
5321 |
++ goto buffer_done; |
5322 |
++ |
5323 |
++ spin_lock_irq(shost->host_lock); |
5324 |
+ |
5325 |
+ list_for_each_entry(ndlp, &vport->fc_nodes, nlp_listp) { |
5326 |
+ nrport = NULL; |
5327 |
+@@ -384,39 +385,39 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, |
5328 |
+ |
5329 |
+ /* Tab in to show lport ownership. */ |
5330 |
+ if (strlcat(buf, "NVME RPORT ", PAGE_SIZE) >= PAGE_SIZE) |
5331 |
+- goto rcu_unlock_buf_done; |
5332 |
++ goto unlock_buf_done; |
5333 |
+ if (phba->brd_no >= 10) { |
5334 |
+ if (strlcat(buf, " ", PAGE_SIZE) >= PAGE_SIZE) |
5335 |
+- goto rcu_unlock_buf_done; |
5336 |
++ goto unlock_buf_done; |
5337 |
+ } |
5338 |
+ |
5339 |
+ scnprintf(tmp, sizeof(tmp), "WWPN x%llx ", |
5340 |
+ nrport->port_name); |
5341 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5342 |
+- goto rcu_unlock_buf_done; |
5343 |
++ goto unlock_buf_done; |
5344 |
+ |
5345 |
+ scnprintf(tmp, sizeof(tmp), "WWNN x%llx ", |
5346 |
+ nrport->node_name); |
5347 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5348 |
+- goto rcu_unlock_buf_done; |
5349 |
++ goto unlock_buf_done; |
5350 |
+ |
5351 |
+ scnprintf(tmp, sizeof(tmp), "DID x%06x ", |
5352 |
+ nrport->port_id); |
5353 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5354 |
+- goto rcu_unlock_buf_done; |
5355 |
++ goto unlock_buf_done; |
5356 |
+ |
5357 |
+ /* An NVME rport can have multiple roles. */ |
5358 |
+ if (nrport->port_role & FC_PORT_ROLE_NVME_INITIATOR) { |
5359 |
+ if (strlcat(buf, "INITIATOR ", PAGE_SIZE) >= PAGE_SIZE) |
5360 |
+- goto rcu_unlock_buf_done; |
5361 |
++ goto unlock_buf_done; |
5362 |
+ } |
5363 |
+ if (nrport->port_role & FC_PORT_ROLE_NVME_TARGET) { |
5364 |
+ if (strlcat(buf, "TARGET ", PAGE_SIZE) >= PAGE_SIZE) |
5365 |
+- goto rcu_unlock_buf_done; |
5366 |
++ goto unlock_buf_done; |
5367 |
+ } |
5368 |
+ if (nrport->port_role & FC_PORT_ROLE_NVME_DISCOVERY) { |
5369 |
+ if (strlcat(buf, "DISCSRVC ", PAGE_SIZE) >= PAGE_SIZE) |
5370 |
+- goto rcu_unlock_buf_done; |
5371 |
++ goto unlock_buf_done; |
5372 |
+ } |
5373 |
+ if (nrport->port_role & ~(FC_PORT_ROLE_NVME_INITIATOR | |
5374 |
+ FC_PORT_ROLE_NVME_TARGET | |
5375 |
+@@ -424,14 +425,14 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, |
5376 |
+ scnprintf(tmp, sizeof(tmp), "UNKNOWN ROLE x%x", |
5377 |
+ nrport->port_role); |
5378 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5379 |
+- goto rcu_unlock_buf_done; |
5380 |
++ goto unlock_buf_done; |
5381 |
+ } |
5382 |
+ |
5383 |
+ scnprintf(tmp, sizeof(tmp), "%s\n", statep); |
5384 |
+ if (strlcat(buf, tmp, PAGE_SIZE) >= PAGE_SIZE) |
5385 |
+- goto rcu_unlock_buf_done; |
5386 |
++ goto unlock_buf_done; |
5387 |
+ } |
5388 |
+- rcu_read_unlock(); |
5389 |
++ spin_unlock_irq(shost->host_lock); |
5390 |
+ |
5391 |
+ if (!lport) |
5392 |
+ goto buffer_done; |
5393 |
+@@ -491,11 +492,11 @@ lpfc_nvme_info_show(struct device *dev, struct device_attribute *attr, |
5394 |
+ atomic_read(&lport->cmpl_fcp_err)); |
5395 |
+ strlcat(buf, tmp, PAGE_SIZE); |
5396 |
+ |
5397 |
+- /* RCU is already unlocked. */ |
5398 |
++ /* host_lock is already unlocked. */ |
5399 |
+ goto buffer_done; |
5400 |
+ |
5401 |
+- rcu_unlock_buf_done: |
5402 |
+- rcu_read_unlock(); |
5403 |
++ unlock_buf_done: |
5404 |
++ spin_unlock_irq(shost->host_lock); |
5405 |
+ |
5406 |
+ buffer_done: |
5407 |
+ len = strnlen(buf, PAGE_SIZE); |
5408 |
+diff --git a/drivers/scsi/lpfc/lpfc_ct.c b/drivers/scsi/lpfc/lpfc_ct.c |
5409 |
+index 384f5cd7c3c81..99b4ff78f9dce 100644 |
5410 |
+--- a/drivers/scsi/lpfc/lpfc_ct.c |
5411 |
++++ b/drivers/scsi/lpfc/lpfc_ct.c |
5412 |
+@@ -1737,8 +1737,8 @@ lpfc_fdmi_hba_attr_wwnn(struct lpfc_vport *vport, struct lpfc_fdmi_attr_def *ad) |
5413 |
+ struct lpfc_fdmi_attr_entry *ae; |
5414 |
+ uint32_t size; |
5415 |
+ |
5416 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5417 |
+- memset(ae, 0, sizeof(struct lpfc_name)); |
5418 |
++ ae = &ad->AttrValue; |
5419 |
++ memset(ae, 0, sizeof(*ae)); |
5420 |
+ |
5421 |
+ memcpy(&ae->un.AttrWWN, &vport->fc_sparam.nodeName, |
5422 |
+ sizeof(struct lpfc_name)); |
5423 |
+@@ -1754,8 +1754,8 @@ lpfc_fdmi_hba_attr_manufacturer(struct lpfc_vport *vport, |
5424 |
+ struct lpfc_fdmi_attr_entry *ae; |
5425 |
+ uint32_t len, size; |
5426 |
+ |
5427 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5428 |
+- memset(ae, 0, 256); |
5429 |
++ ae = &ad->AttrValue; |
5430 |
++ memset(ae, 0, sizeof(*ae)); |
5431 |
+ |
5432 |
+ /* This string MUST be consistent with other FC platforms |
5433 |
+ * supported by Broadcom. |
5434 |
+@@ -1779,8 +1779,8 @@ lpfc_fdmi_hba_attr_sn(struct lpfc_vport *vport, struct lpfc_fdmi_attr_def *ad) |
5435 |
+ struct lpfc_fdmi_attr_entry *ae; |
5436 |
+ uint32_t len, size; |
5437 |
+ |
5438 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5439 |
+- memset(ae, 0, 256); |
5440 |
++ ae = &ad->AttrValue; |
5441 |
++ memset(ae, 0, sizeof(*ae)); |
5442 |
+ |
5443 |
+ strncpy(ae->un.AttrString, phba->SerialNumber, |
5444 |
+ sizeof(ae->un.AttrString)); |
5445 |
+@@ -1801,8 +1801,8 @@ lpfc_fdmi_hba_attr_model(struct lpfc_vport *vport, |
5446 |
+ struct lpfc_fdmi_attr_entry *ae; |
5447 |
+ uint32_t len, size; |
5448 |
+ |
5449 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5450 |
+- memset(ae, 0, 256); |
5451 |
++ ae = &ad->AttrValue; |
5452 |
++ memset(ae, 0, sizeof(*ae)); |
5453 |
+ |
5454 |
+ strncpy(ae->un.AttrString, phba->ModelName, |
5455 |
+ sizeof(ae->un.AttrString)); |
5456 |
+@@ -1822,8 +1822,8 @@ lpfc_fdmi_hba_attr_description(struct lpfc_vport *vport, |
5457 |
+ struct lpfc_fdmi_attr_entry *ae; |
5458 |
+ uint32_t len, size; |
5459 |
+ |
5460 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5461 |
+- memset(ae, 0, 256); |
5462 |
++ ae = &ad->AttrValue; |
5463 |
++ memset(ae, 0, sizeof(*ae)); |
5464 |
+ |
5465 |
+ strncpy(ae->un.AttrString, phba->ModelDesc, |
5466 |
+ sizeof(ae->un.AttrString)); |
5467 |
+@@ -1845,8 +1845,8 @@ lpfc_fdmi_hba_attr_hdw_ver(struct lpfc_vport *vport, |
5468 |
+ struct lpfc_fdmi_attr_entry *ae; |
5469 |
+ uint32_t i, j, incr, size; |
5470 |
+ |
5471 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5472 |
+- memset(ae, 0, 256); |
5473 |
++ ae = &ad->AttrValue; |
5474 |
++ memset(ae, 0, sizeof(*ae)); |
5475 |
+ |
5476 |
+ /* Convert JEDEC ID to ascii for hardware version */ |
5477 |
+ incr = vp->rev.biuRev; |
5478 |
+@@ -1875,8 +1875,8 @@ lpfc_fdmi_hba_attr_drvr_ver(struct lpfc_vport *vport, |
5479 |
+ struct lpfc_fdmi_attr_entry *ae; |
5480 |
+ uint32_t len, size; |
5481 |
+ |
5482 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5483 |
+- memset(ae, 0, 256); |
5484 |
++ ae = &ad->AttrValue; |
5485 |
++ memset(ae, 0, sizeof(*ae)); |
5486 |
+ |
5487 |
+ strncpy(ae->un.AttrString, lpfc_release_version, |
5488 |
+ sizeof(ae->un.AttrString)); |
5489 |
+@@ -1897,8 +1897,8 @@ lpfc_fdmi_hba_attr_rom_ver(struct lpfc_vport *vport, |
5490 |
+ struct lpfc_fdmi_attr_entry *ae; |
5491 |
+ uint32_t len, size; |
5492 |
+ |
5493 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5494 |
+- memset(ae, 0, 256); |
5495 |
++ ae = &ad->AttrValue; |
5496 |
++ memset(ae, 0, sizeof(*ae)); |
5497 |
+ |
5498 |
+ if (phba->sli_rev == LPFC_SLI_REV4) |
5499 |
+ lpfc_decode_firmware_rev(phba, ae->un.AttrString, 1); |
5500 |
+@@ -1922,8 +1922,8 @@ lpfc_fdmi_hba_attr_fmw_ver(struct lpfc_vport *vport, |
5501 |
+ struct lpfc_fdmi_attr_entry *ae; |
5502 |
+ uint32_t len, size; |
5503 |
+ |
5504 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5505 |
+- memset(ae, 0, 256); |
5506 |
++ ae = &ad->AttrValue; |
5507 |
++ memset(ae, 0, sizeof(*ae)); |
5508 |
+ |
5509 |
+ lpfc_decode_firmware_rev(phba, ae->un.AttrString, 1); |
5510 |
+ len = strnlen(ae->un.AttrString, |
5511 |
+@@ -1942,8 +1942,8 @@ lpfc_fdmi_hba_attr_os_ver(struct lpfc_vport *vport, |
5512 |
+ struct lpfc_fdmi_attr_entry *ae; |
5513 |
+ uint32_t len, size; |
5514 |
+ |
5515 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5516 |
+- memset(ae, 0, 256); |
5517 |
++ ae = &ad->AttrValue; |
5518 |
++ memset(ae, 0, sizeof(*ae)); |
5519 |
+ |
5520 |
+ snprintf(ae->un.AttrString, sizeof(ae->un.AttrString), "%s %s %s", |
5521 |
+ init_utsname()->sysname, |
5522 |
+@@ -1965,7 +1965,7 @@ lpfc_fdmi_hba_attr_ct_len(struct lpfc_vport *vport, |
5523 |
+ struct lpfc_fdmi_attr_entry *ae; |
5524 |
+ uint32_t size; |
5525 |
+ |
5526 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5527 |
++ ae = &ad->AttrValue; |
5528 |
+ |
5529 |
+ ae->un.AttrInt = cpu_to_be32(LPFC_MAX_CT_SIZE); |
5530 |
+ size = FOURBYTES + sizeof(uint32_t); |
5531 |
+@@ -1981,8 +1981,8 @@ lpfc_fdmi_hba_attr_symbolic_name(struct lpfc_vport *vport, |
5532 |
+ struct lpfc_fdmi_attr_entry *ae; |
5533 |
+ uint32_t len, size; |
5534 |
+ |
5535 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5536 |
+- memset(ae, 0, 256); |
5537 |
++ ae = &ad->AttrValue; |
5538 |
++ memset(ae, 0, sizeof(*ae)); |
5539 |
+ |
5540 |
+ len = lpfc_vport_symbolic_node_name(vport, |
5541 |
+ ae->un.AttrString, 256); |
5542 |
+@@ -2000,7 +2000,7 @@ lpfc_fdmi_hba_attr_vendor_info(struct lpfc_vport *vport, |
5543 |
+ struct lpfc_fdmi_attr_entry *ae; |
5544 |
+ uint32_t size; |
5545 |
+ |
5546 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5547 |
++ ae = &ad->AttrValue; |
5548 |
+ |
5549 |
+ /* Nothing is defined for this currently */ |
5550 |
+ ae->un.AttrInt = cpu_to_be32(0); |
5551 |
+@@ -2017,7 +2017,7 @@ lpfc_fdmi_hba_attr_num_ports(struct lpfc_vport *vport, |
5552 |
+ struct lpfc_fdmi_attr_entry *ae; |
5553 |
+ uint32_t size; |
5554 |
+ |
5555 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5556 |
++ ae = &ad->AttrValue; |
5557 |
+ |
5558 |
+ /* Each driver instance corresponds to a single port */ |
5559 |
+ ae->un.AttrInt = cpu_to_be32(1); |
5560 |
+@@ -2034,8 +2034,8 @@ lpfc_fdmi_hba_attr_fabric_wwnn(struct lpfc_vport *vport, |
5561 |
+ struct lpfc_fdmi_attr_entry *ae; |
5562 |
+ uint32_t size; |
5563 |
+ |
5564 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5565 |
+- memset(ae, 0, sizeof(struct lpfc_name)); |
5566 |
++ ae = &ad->AttrValue; |
5567 |
++ memset(ae, 0, sizeof(*ae)); |
5568 |
+ |
5569 |
+ memcpy(&ae->un.AttrWWN, &vport->fabric_nodename, |
5570 |
+ sizeof(struct lpfc_name)); |
5571 |
+@@ -2053,8 +2053,8 @@ lpfc_fdmi_hba_attr_bios_ver(struct lpfc_vport *vport, |
5572 |
+ struct lpfc_fdmi_attr_entry *ae; |
5573 |
+ uint32_t len, size; |
5574 |
+ |
5575 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5576 |
+- memset(ae, 0, 256); |
5577 |
++ ae = &ad->AttrValue; |
5578 |
++ memset(ae, 0, sizeof(*ae)); |
5579 |
+ |
5580 |
+ lpfc_decode_firmware_rev(phba, ae->un.AttrString, 1); |
5581 |
+ len = strnlen(ae->un.AttrString, |
5582 |
+@@ -2073,7 +2073,7 @@ lpfc_fdmi_hba_attr_bios_state(struct lpfc_vport *vport, |
5583 |
+ struct lpfc_fdmi_attr_entry *ae; |
5584 |
+ uint32_t size; |
5585 |
+ |
5586 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5587 |
++ ae = &ad->AttrValue; |
5588 |
+ |
5589 |
+ /* Driver doesn't have access to this information */ |
5590 |
+ ae->un.AttrInt = cpu_to_be32(0); |
5591 |
+@@ -2090,8 +2090,8 @@ lpfc_fdmi_hba_attr_vendor_id(struct lpfc_vport *vport, |
5592 |
+ struct lpfc_fdmi_attr_entry *ae; |
5593 |
+ uint32_t len, size; |
5594 |
+ |
5595 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5596 |
+- memset(ae, 0, 256); |
5597 |
++ ae = &ad->AttrValue; |
5598 |
++ memset(ae, 0, sizeof(*ae)); |
5599 |
+ |
5600 |
+ strncpy(ae->un.AttrString, "EMULEX", |
5601 |
+ sizeof(ae->un.AttrString)); |
5602 |
+@@ -2112,8 +2112,8 @@ lpfc_fdmi_port_attr_fc4type(struct lpfc_vport *vport, |
5603 |
+ struct lpfc_fdmi_attr_entry *ae; |
5604 |
+ uint32_t size; |
5605 |
+ |
5606 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5607 |
+- memset(ae, 0, 32); |
5608 |
++ ae = &ad->AttrValue; |
5609 |
++ memset(ae, 0, sizeof(*ae)); |
5610 |
+ |
5611 |
+ ae->un.AttrTypes[3] = 0x02; /* Type 0x1 - ELS */ |
5612 |
+ ae->un.AttrTypes[2] = 0x01; /* Type 0x8 - FCP */ |
5613 |
+@@ -2134,7 +2134,7 @@ lpfc_fdmi_port_attr_support_speed(struct lpfc_vport *vport, |
5614 |
+ struct lpfc_fdmi_attr_entry *ae; |
5615 |
+ uint32_t size; |
5616 |
+ |
5617 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5618 |
++ ae = &ad->AttrValue; |
5619 |
+ |
5620 |
+ ae->un.AttrInt = 0; |
5621 |
+ if (!(phba->hba_flag & HBA_FCOE_MODE)) { |
5622 |
+@@ -2186,7 +2186,7 @@ lpfc_fdmi_port_attr_speed(struct lpfc_vport *vport, |
5623 |
+ struct lpfc_fdmi_attr_entry *ae; |
5624 |
+ uint32_t size; |
5625 |
+ |
5626 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5627 |
++ ae = &ad->AttrValue; |
5628 |
+ |
5629 |
+ if (!(phba->hba_flag & HBA_FCOE_MODE)) { |
5630 |
+ switch (phba->fc_linkspeed) { |
5631 |
+@@ -2253,7 +2253,7 @@ lpfc_fdmi_port_attr_max_frame(struct lpfc_vport *vport, |
5632 |
+ struct lpfc_fdmi_attr_entry *ae; |
5633 |
+ uint32_t size; |
5634 |
+ |
5635 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5636 |
++ ae = &ad->AttrValue; |
5637 |
+ |
5638 |
+ hsp = (struct serv_parm *)&vport->fc_sparam; |
5639 |
+ ae->un.AttrInt = (((uint32_t) hsp->cmn.bbRcvSizeMsb) << 8) | |
5640 |
+@@ -2273,8 +2273,8 @@ lpfc_fdmi_port_attr_os_devname(struct lpfc_vport *vport, |
5641 |
+ struct lpfc_fdmi_attr_entry *ae; |
5642 |
+ uint32_t len, size; |
5643 |
+ |
5644 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5645 |
+- memset(ae, 0, 256); |
5646 |
++ ae = &ad->AttrValue; |
5647 |
++ memset(ae, 0, sizeof(*ae)); |
5648 |
+ |
5649 |
+ snprintf(ae->un.AttrString, sizeof(ae->un.AttrString), |
5650 |
+ "/sys/class/scsi_host/host%d", shost->host_no); |
5651 |
+@@ -2294,8 +2294,8 @@ lpfc_fdmi_port_attr_host_name(struct lpfc_vport *vport, |
5652 |
+ struct lpfc_fdmi_attr_entry *ae; |
5653 |
+ uint32_t len, size; |
5654 |
+ |
5655 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5656 |
+- memset(ae, 0, 256); |
5657 |
++ ae = &ad->AttrValue; |
5658 |
++ memset(ae, 0, sizeof(*ae)); |
5659 |
+ |
5660 |
+ snprintf(ae->un.AttrString, sizeof(ae->un.AttrString), "%s", |
5661 |
+ init_utsname()->nodename); |
5662 |
+@@ -2315,8 +2315,8 @@ lpfc_fdmi_port_attr_wwnn(struct lpfc_vport *vport, |
5663 |
+ struct lpfc_fdmi_attr_entry *ae; |
5664 |
+ uint32_t size; |
5665 |
+ |
5666 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5667 |
+- memset(ae, 0, sizeof(struct lpfc_name)); |
5668 |
++ ae = &ad->AttrValue; |
5669 |
++ memset(ae, 0, sizeof(*ae)); |
5670 |
+ |
5671 |
+ memcpy(&ae->un.AttrWWN, &vport->fc_sparam.nodeName, |
5672 |
+ sizeof(struct lpfc_name)); |
5673 |
+@@ -2333,8 +2333,8 @@ lpfc_fdmi_port_attr_wwpn(struct lpfc_vport *vport, |
5674 |
+ struct lpfc_fdmi_attr_entry *ae; |
5675 |
+ uint32_t size; |
5676 |
+ |
5677 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5678 |
+- memset(ae, 0, sizeof(struct lpfc_name)); |
5679 |
++ ae = &ad->AttrValue; |
5680 |
++ memset(ae, 0, sizeof(*ae)); |
5681 |
+ |
5682 |
+ memcpy(&ae->un.AttrWWN, &vport->fc_sparam.portName, |
5683 |
+ sizeof(struct lpfc_name)); |
5684 |
+@@ -2351,8 +2351,8 @@ lpfc_fdmi_port_attr_symbolic_name(struct lpfc_vport *vport, |
5685 |
+ struct lpfc_fdmi_attr_entry *ae; |
5686 |
+ uint32_t len, size; |
5687 |
+ |
5688 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5689 |
+- memset(ae, 0, 256); |
5690 |
++ ae = &ad->AttrValue; |
5691 |
++ memset(ae, 0, sizeof(*ae)); |
5692 |
+ |
5693 |
+ len = lpfc_vport_symbolic_port_name(vport, ae->un.AttrString, 256); |
5694 |
+ len += (len & 3) ? (4 - (len & 3)) : 4; |
5695 |
+@@ -2370,7 +2370,7 @@ lpfc_fdmi_port_attr_port_type(struct lpfc_vport *vport, |
5696 |
+ struct lpfc_fdmi_attr_entry *ae; |
5697 |
+ uint32_t size; |
5698 |
+ |
5699 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5700 |
++ ae = &ad->AttrValue; |
5701 |
+ if (phba->fc_topology == LPFC_TOPOLOGY_LOOP) |
5702 |
+ ae->un.AttrInt = cpu_to_be32(LPFC_FDMI_PORTTYPE_NLPORT); |
5703 |
+ else |
5704 |
+@@ -2388,7 +2388,7 @@ lpfc_fdmi_port_attr_class(struct lpfc_vport *vport, |
5705 |
+ struct lpfc_fdmi_attr_entry *ae; |
5706 |
+ uint32_t size; |
5707 |
+ |
5708 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5709 |
++ ae = &ad->AttrValue; |
5710 |
+ ae->un.AttrInt = cpu_to_be32(FC_COS_CLASS2 | FC_COS_CLASS3); |
5711 |
+ size = FOURBYTES + sizeof(uint32_t); |
5712 |
+ ad->AttrLen = cpu_to_be16(size); |
5713 |
+@@ -2403,8 +2403,8 @@ lpfc_fdmi_port_attr_fabric_wwpn(struct lpfc_vport *vport, |
5714 |
+ struct lpfc_fdmi_attr_entry *ae; |
5715 |
+ uint32_t size; |
5716 |
+ |
5717 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5718 |
+- memset(ae, 0, sizeof(struct lpfc_name)); |
5719 |
++ ae = &ad->AttrValue; |
5720 |
++ memset(ae, 0, sizeof(*ae)); |
5721 |
+ |
5722 |
+ memcpy(&ae->un.AttrWWN, &vport->fabric_portname, |
5723 |
+ sizeof(struct lpfc_name)); |
5724 |
+@@ -2421,8 +2421,8 @@ lpfc_fdmi_port_attr_active_fc4type(struct lpfc_vport *vport, |
5725 |
+ struct lpfc_fdmi_attr_entry *ae; |
5726 |
+ uint32_t size; |
5727 |
+ |
5728 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5729 |
+- memset(ae, 0, 32); |
5730 |
++ ae = &ad->AttrValue; |
5731 |
++ memset(ae, 0, sizeof(*ae)); |
5732 |
+ |
5733 |
+ ae->un.AttrTypes[3] = 0x02; /* Type 0x1 - ELS */ |
5734 |
+ ae->un.AttrTypes[2] = 0x01; /* Type 0x8 - FCP */ |
5735 |
+@@ -2442,7 +2442,7 @@ lpfc_fdmi_port_attr_port_state(struct lpfc_vport *vport, |
5736 |
+ struct lpfc_fdmi_attr_entry *ae; |
5737 |
+ uint32_t size; |
5738 |
+ |
5739 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5740 |
++ ae = &ad->AttrValue; |
5741 |
+ /* Link Up - operational */ |
5742 |
+ ae->un.AttrInt = cpu_to_be32(LPFC_FDMI_PORTSTATE_ONLINE); |
5743 |
+ size = FOURBYTES + sizeof(uint32_t); |
5744 |
+@@ -2458,7 +2458,7 @@ lpfc_fdmi_port_attr_num_disc(struct lpfc_vport *vport, |
5745 |
+ struct lpfc_fdmi_attr_entry *ae; |
5746 |
+ uint32_t size; |
5747 |
+ |
5748 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5749 |
++ ae = &ad->AttrValue; |
5750 |
+ vport->fdmi_num_disc = lpfc_find_map_node(vport); |
5751 |
+ ae->un.AttrInt = cpu_to_be32(vport->fdmi_num_disc); |
5752 |
+ size = FOURBYTES + sizeof(uint32_t); |
5753 |
+@@ -2474,7 +2474,7 @@ lpfc_fdmi_port_attr_nportid(struct lpfc_vport *vport, |
5754 |
+ struct lpfc_fdmi_attr_entry *ae; |
5755 |
+ uint32_t size; |
5756 |
+ |
5757 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5758 |
++ ae = &ad->AttrValue; |
5759 |
+ ae->un.AttrInt = cpu_to_be32(vport->fc_myDID); |
5760 |
+ size = FOURBYTES + sizeof(uint32_t); |
5761 |
+ ad->AttrLen = cpu_to_be16(size); |
5762 |
+@@ -2489,8 +2489,8 @@ lpfc_fdmi_smart_attr_service(struct lpfc_vport *vport, |
5763 |
+ struct lpfc_fdmi_attr_entry *ae; |
5764 |
+ uint32_t len, size; |
5765 |
+ |
5766 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5767 |
+- memset(ae, 0, 256); |
5768 |
++ ae = &ad->AttrValue; |
5769 |
++ memset(ae, 0, sizeof(*ae)); |
5770 |
+ |
5771 |
+ strncpy(ae->un.AttrString, "Smart SAN Initiator", |
5772 |
+ sizeof(ae->un.AttrString)); |
5773 |
+@@ -2510,8 +2510,8 @@ lpfc_fdmi_smart_attr_guid(struct lpfc_vport *vport, |
5774 |
+ struct lpfc_fdmi_attr_entry *ae; |
5775 |
+ uint32_t size; |
5776 |
+ |
5777 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5778 |
+- memset(ae, 0, 256); |
5779 |
++ ae = &ad->AttrValue; |
5780 |
++ memset(ae, 0, sizeof(*ae)); |
5781 |
+ |
5782 |
+ memcpy(&ae->un.AttrString, &vport->fc_sparam.nodeName, |
5783 |
+ sizeof(struct lpfc_name)); |
5784 |
+@@ -2531,8 +2531,8 @@ lpfc_fdmi_smart_attr_version(struct lpfc_vport *vport, |
5785 |
+ struct lpfc_fdmi_attr_entry *ae; |
5786 |
+ uint32_t len, size; |
5787 |
+ |
5788 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5789 |
+- memset(ae, 0, 256); |
5790 |
++ ae = &ad->AttrValue; |
5791 |
++ memset(ae, 0, sizeof(*ae)); |
5792 |
+ |
5793 |
+ strncpy(ae->un.AttrString, "Smart SAN Version 2.0", |
5794 |
+ sizeof(ae->un.AttrString)); |
5795 |
+@@ -2553,8 +2553,8 @@ lpfc_fdmi_smart_attr_model(struct lpfc_vport *vport, |
5796 |
+ struct lpfc_fdmi_attr_entry *ae; |
5797 |
+ uint32_t len, size; |
5798 |
+ |
5799 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5800 |
+- memset(ae, 0, 256); |
5801 |
++ ae = &ad->AttrValue; |
5802 |
++ memset(ae, 0, sizeof(*ae)); |
5803 |
+ |
5804 |
+ strncpy(ae->un.AttrString, phba->ModelName, |
5805 |
+ sizeof(ae->un.AttrString)); |
5806 |
+@@ -2573,7 +2573,7 @@ lpfc_fdmi_smart_attr_port_info(struct lpfc_vport *vport, |
5807 |
+ struct lpfc_fdmi_attr_entry *ae; |
5808 |
+ uint32_t size; |
5809 |
+ |
5810 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5811 |
++ ae = &ad->AttrValue; |
5812 |
+ |
5813 |
+ /* SRIOV (type 3) is not supported */ |
5814 |
+ if (vport->vpi) |
5815 |
+@@ -2593,7 +2593,7 @@ lpfc_fdmi_smart_attr_qos(struct lpfc_vport *vport, |
5816 |
+ struct lpfc_fdmi_attr_entry *ae; |
5817 |
+ uint32_t size; |
5818 |
+ |
5819 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5820 |
++ ae = &ad->AttrValue; |
5821 |
+ ae->un.AttrInt = cpu_to_be32(0); |
5822 |
+ size = FOURBYTES + sizeof(uint32_t); |
5823 |
+ ad->AttrLen = cpu_to_be16(size); |
5824 |
+@@ -2608,7 +2608,7 @@ lpfc_fdmi_smart_attr_security(struct lpfc_vport *vport, |
5825 |
+ struct lpfc_fdmi_attr_entry *ae; |
5826 |
+ uint32_t size; |
5827 |
+ |
5828 |
+- ae = (struct lpfc_fdmi_attr_entry *)&ad->AttrValue; |
5829 |
++ ae = &ad->AttrValue; |
5830 |
+ ae->un.AttrInt = cpu_to_be32(1); |
5831 |
+ size = FOURBYTES + sizeof(uint32_t); |
5832 |
+ ad->AttrLen = cpu_to_be16(size); |
5833 |
+@@ -2756,7 +2756,8 @@ lpfc_fdmi_cmd(struct lpfc_vport *vport, struct lpfc_nodelist *ndlp, |
5834 |
+ /* Registered Port List */ |
5835 |
+ /* One entry (port) per adapter */ |
5836 |
+ rh->rpl.EntryCnt = cpu_to_be32(1); |
5837 |
+- memcpy(&rh->rpl.pe, &phba->pport->fc_sparam.portName, |
5838 |
++ memcpy(&rh->rpl.pe.PortName, |
5839 |
++ &phba->pport->fc_sparam.portName, |
5840 |
+ sizeof(struct lpfc_name)); |
5841 |
+ |
5842 |
+ /* point to the HBA attribute block */ |
5843 |
+diff --git a/drivers/scsi/lpfc/lpfc_hw.h b/drivers/scsi/lpfc/lpfc_hw.h |
5844 |
+index 009aa0eee0408..48d4d576d588e 100644 |
5845 |
+--- a/drivers/scsi/lpfc/lpfc_hw.h |
5846 |
++++ b/drivers/scsi/lpfc/lpfc_hw.h |
5847 |
+@@ -1333,25 +1333,8 @@ struct fc_rdp_res_frame { |
5848 |
+ /* lpfc_sli_ct_request defines the CT_IU preamble for FDMI commands */ |
5849 |
+ #define SLI_CT_FDMI_Subtypes 0x10 /* Management Service Subtype */ |
5850 |
+ |
5851 |
+-/* |
5852 |
+- * Registered Port List Format |
5853 |
+- */ |
5854 |
+-struct lpfc_fdmi_reg_port_list { |
5855 |
+- uint32_t EntryCnt; |
5856 |
+- uint32_t pe; /* Variable-length array */ |
5857 |
+-}; |
5858 |
+- |
5859 |
+- |
5860 |
+ /* Definitions for HBA / Port attribute entries */ |
5861 |
+ |
5862 |
+-struct lpfc_fdmi_attr_def { /* Defined in TLV format */ |
5863 |
+- /* Structure is in Big Endian format */ |
5864 |
+- uint32_t AttrType:16; |
5865 |
+- uint32_t AttrLen:16; |
5866 |
+- uint32_t AttrValue; /* Marks start of Value (ATTRIBUTE_ENTRY) */ |
5867 |
+-}; |
5868 |
+- |
5869 |
+- |
5870 |
+ /* Attribute Entry */ |
5871 |
+ struct lpfc_fdmi_attr_entry { |
5872 |
+ union { |
5873 |
+@@ -1362,7 +1345,13 @@ struct lpfc_fdmi_attr_entry { |
5874 |
+ } un; |
5875 |
+ }; |
5876 |
+ |
5877 |
+-#define LPFC_FDMI_MAX_AE_SIZE sizeof(struct lpfc_fdmi_attr_entry) |
5878 |
++struct lpfc_fdmi_attr_def { /* Defined in TLV format */ |
5879 |
++ /* Structure is in Big Endian format */ |
5880 |
++ uint32_t AttrType:16; |
5881 |
++ uint32_t AttrLen:16; |
5882 |
++ /* Marks start of Value (ATTRIBUTE_ENTRY) */ |
5883 |
++ struct lpfc_fdmi_attr_entry AttrValue; |
5884 |
++} __packed; |
5885 |
+ |
5886 |
+ /* |
5887 |
+ * HBA Attribute Block |
5888 |
+@@ -1386,13 +1375,20 @@ struct lpfc_fdmi_hba_ident { |
5889 |
+ struct lpfc_name PortName; |
5890 |
+ }; |
5891 |
+ |
5892 |
++/* |
5893 |
++ * Registered Port List Format |
5894 |
++ */ |
5895 |
++struct lpfc_fdmi_reg_port_list { |
5896 |
++ uint32_t EntryCnt; |
5897 |
++ struct lpfc_fdmi_port_entry pe; |
5898 |
++} __packed; |
5899 |
++ |
5900 |
+ /* |
5901 |
+ * Register HBA(RHBA) |
5902 |
+ */ |
5903 |
+ struct lpfc_fdmi_reg_hba { |
5904 |
+ struct lpfc_fdmi_hba_ident hi; |
5905 |
+- struct lpfc_fdmi_reg_port_list rpl; /* variable-length array */ |
5906 |
+-/* struct lpfc_fdmi_attr_block ab; */ |
5907 |
++ struct lpfc_fdmi_reg_port_list rpl; |
5908 |
+ }; |
5909 |
+ |
5910 |
+ /* |
5911 |
+diff --git a/drivers/scsi/lpfc/lpfc_sli.c b/drivers/scsi/lpfc/lpfc_sli.c |
5912 |
+index a56a939792ac1..2ab351260e815 100644 |
5913 |
+--- a/drivers/scsi/lpfc/lpfc_sli.c |
5914 |
++++ b/drivers/scsi/lpfc/lpfc_sli.c |
5915 |
+@@ -17413,6 +17413,10 @@ lpfc_prep_seq(struct lpfc_vport *vport, struct hbq_dmabuf *seq_dmabuf) |
5916 |
+ list_add_tail(&iocbq->list, &first_iocbq->list); |
5917 |
+ } |
5918 |
+ } |
5919 |
++ /* Free the sequence's header buffer */ |
5920 |
++ if (!first_iocbq) |
5921 |
++ lpfc_in_buf_free(vport->phba, &seq_dmabuf->dbuf); |
5922 |
++ |
5923 |
+ return first_iocbq; |
5924 |
+ } |
5925 |
+ |
5926 |
+diff --git a/drivers/scsi/pm8001/pm8001_sas.c b/drivers/scsi/pm8001/pm8001_sas.c |
5927 |
+index ba79b37d8cf7e..5becdde3ea324 100644 |
5928 |
+--- a/drivers/scsi/pm8001/pm8001_sas.c |
5929 |
++++ b/drivers/scsi/pm8001/pm8001_sas.c |
5930 |
+@@ -1184,8 +1184,8 @@ int pm8001_abort_task(struct sas_task *task) |
5931 |
+ pm8001_ha = pm8001_find_ha_by_dev(dev); |
5932 |
+ device_id = pm8001_dev->device_id; |
5933 |
+ phy_id = pm8001_dev->attached_phy; |
5934 |
+- rc = pm8001_find_tag(task, &tag); |
5935 |
+- if (rc == 0) { |
5936 |
++ ret = pm8001_find_tag(task, &tag); |
5937 |
++ if (ret == 0) { |
5938 |
+ pm8001_printk("no tag for task:%p\n", task); |
5939 |
+ return TMF_RESP_FUNC_FAILED; |
5940 |
+ } |
5941 |
+@@ -1223,26 +1223,50 @@ int pm8001_abort_task(struct sas_task *task) |
5942 |
+ |
5943 |
+ /* 2. Send Phy Control Hard Reset */ |
5944 |
+ reinit_completion(&completion); |
5945 |
++ phy->port_reset_status = PORT_RESET_TMO; |
5946 |
+ phy->reset_success = false; |
5947 |
+ phy->enable_completion = &completion; |
5948 |
+ phy->reset_completion = &completion_reset; |
5949 |
+ ret = PM8001_CHIP_DISP->phy_ctl_req(pm8001_ha, phy_id, |
5950 |
+ PHY_HARD_RESET); |
5951 |
+- if (ret) |
5952 |
+- goto out; |
5953 |
+- PM8001_MSG_DBG(pm8001_ha, |
5954 |
+- pm8001_printk("Waiting for local phy ctl\n")); |
5955 |
+- wait_for_completion(&completion); |
5956 |
+- if (!phy->reset_success) |
5957 |
++ if (ret) { |
5958 |
++ phy->enable_completion = NULL; |
5959 |
++ phy->reset_completion = NULL; |
5960 |
+ goto out; |
5961 |
++ } |
5962 |
+ |
5963 |
+- /* 3. Wait for Port Reset complete / Port reset TMO */ |
5964 |
++ /* In the case of the reset timeout/fail we still |
5965 |
++ * abort the command at the firmware. The assumption |
5966 |
++ * here is that the drive is off doing something so |
5967 |
++ * that it's not processing requests, and we want to |
5968 |
++ * avoid getting a completion for this and either |
5969 |
++ * leaking the task in libsas or losing the race and |
5970 |
++ * getting a double free. |
5971 |
++ */ |
5972 |
+ PM8001_MSG_DBG(pm8001_ha, |
5973 |
++ pm8001_printk("Waiting for local phy ctl\n")); |
5974 |
++ ret = wait_for_completion_timeout(&completion, |
5975 |
++ PM8001_TASK_TIMEOUT * HZ); |
5976 |
++ if (!ret || !phy->reset_success) { |
5977 |
++ phy->enable_completion = NULL; |
5978 |
++ phy->reset_completion = NULL; |
5979 |
++ } else { |
5980 |
++ /* 3. Wait for Port Reset complete or |
5981 |
++ * Port reset TMO |
5982 |
++ */ |
5983 |
++ PM8001_MSG_DBG(pm8001_ha, |
5984 |
+ pm8001_printk("Waiting for Port reset\n")); |
5985 |
+- wait_for_completion(&completion_reset); |
5986 |
+- if (phy->port_reset_status) { |
5987 |
+- pm8001_dev_gone_notify(dev); |
5988 |
+- goto out; |
5989 |
++ ret = wait_for_completion_timeout( |
5990 |
++ &completion_reset, |
5991 |
++ PM8001_TASK_TIMEOUT * HZ); |
5992 |
++ if (!ret) |
5993 |
++ phy->reset_completion = NULL; |
5994 |
++ WARN_ON(phy->port_reset_status == |
5995 |
++ PORT_RESET_TMO); |
5996 |
++ if (phy->port_reset_status == PORT_RESET_TMO) { |
5997 |
++ pm8001_dev_gone_notify(dev); |
5998 |
++ goto out; |
5999 |
++ } |
6000 |
+ } |
6001 |
+ |
6002 |
+ /* |
6003 |
+diff --git a/drivers/scsi/qedi/qedi_iscsi.c b/drivers/scsi/qedi/qedi_iscsi.c |
6004 |
+index 751941a3ed303..aa451c8b49e56 100644 |
6005 |
+--- a/drivers/scsi/qedi/qedi_iscsi.c |
6006 |
++++ b/drivers/scsi/qedi/qedi_iscsi.c |
6007 |
+@@ -1065,6 +1065,9 @@ static void qedi_ep_disconnect(struct iscsi_endpoint *ep) |
6008 |
+ break; |
6009 |
+ } |
6010 |
+ |
6011 |
++ if (!abrt_conn) |
6012 |
++ wait_delay += qedi->pf_params.iscsi_pf_params.two_msl_timer; |
6013 |
++ |
6014 |
+ qedi_ep->state = EP_STATE_DISCONN_START; |
6015 |
+ ret = qedi_ops->destroy_conn(qedi->cdev, qedi_ep->handle, abrt_conn); |
6016 |
+ if (ret) { |
6017 |
+diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c |
6018 |
+index eb10a5cacd90c..b2cbdd01ab10b 100644 |
6019 |
+--- a/drivers/scsi/ufs/ufshcd.c |
6020 |
++++ b/drivers/scsi/ufs/ufshcd.c |
6021 |
+@@ -353,27 +353,27 @@ static void ufshcd_add_command_trace(struct ufs_hba *hba, |
6022 |
+ u8 opcode = 0; |
6023 |
+ u32 intr, doorbell; |
6024 |
+ struct ufshcd_lrb *lrbp = &hba->lrb[tag]; |
6025 |
++ struct scsi_cmnd *cmd = lrbp->cmd; |
6026 |
+ int transfer_len = -1; |
6027 |
+ |
6028 |
+ if (!trace_ufshcd_command_enabled()) { |
6029 |
+ /* trace UPIU W/O tracing command */ |
6030 |
+- if (lrbp->cmd) |
6031 |
++ if (cmd) |
6032 |
+ ufshcd_add_cmd_upiu_trace(hba, tag, str); |
6033 |
+ return; |
6034 |
+ } |
6035 |
+ |
6036 |
+- if (lrbp->cmd) { /* data phase exists */ |
6037 |
++ if (cmd) { /* data phase exists */ |
6038 |
+ /* trace UPIU also */ |
6039 |
+ ufshcd_add_cmd_upiu_trace(hba, tag, str); |
6040 |
+- opcode = (u8)(*lrbp->cmd->cmnd); |
6041 |
++ opcode = cmd->cmnd[0]; |
6042 |
+ if ((opcode == READ_10) || (opcode == WRITE_10)) { |
6043 |
+ /* |
6044 |
+ * Currently we only fully trace read(10) and write(10) |
6045 |
+ * commands |
6046 |
+ */ |
6047 |
+- if (lrbp->cmd->request && lrbp->cmd->request->bio) |
6048 |
+- lba = |
6049 |
+- lrbp->cmd->request->bio->bi_iter.bi_sector; |
6050 |
++ if (cmd->request && cmd->request->bio) |
6051 |
++ lba = cmd->request->bio->bi_iter.bi_sector; |
6052 |
+ transfer_len = be32_to_cpu( |
6053 |
+ lrbp->ucd_req_ptr->sc.exp_data_transfer_len); |
6054 |
+ } |
6055 |
+@@ -1910,12 +1910,12 @@ void ufshcd_send_command(struct ufs_hba *hba, unsigned int task_tag) |
6056 |
+ { |
6057 |
+ hba->lrb[task_tag].issue_time_stamp = ktime_get(); |
6058 |
+ hba->lrb[task_tag].compl_time_stamp = ktime_set(0, 0); |
6059 |
++ ufshcd_add_command_trace(hba, task_tag, "send"); |
6060 |
+ ufshcd_clk_scaling_start_busy(hba); |
6061 |
+ __set_bit(task_tag, &hba->outstanding_reqs); |
6062 |
+ ufshcd_writel(hba, 1 << task_tag, REG_UTP_TRANSFER_REQ_DOOR_BELL); |
6063 |
+ /* Make sure that doorbell is committed immediately */ |
6064 |
+ wmb(); |
6065 |
+- ufshcd_add_command_trace(hba, task_tag, "send"); |
6066 |
+ } |
6067 |
+ |
6068 |
+ /** |
6069 |
+diff --git a/drivers/staging/media/imx/imx-media-capture.c b/drivers/staging/media/imx/imx-media-capture.c |
6070 |
+index 256039ce561e6..81a3370551dbc 100644 |
6071 |
+--- a/drivers/staging/media/imx/imx-media-capture.c |
6072 |
++++ b/drivers/staging/media/imx/imx-media-capture.c |
6073 |
+@@ -678,7 +678,7 @@ int imx_media_capture_device_register(struct imx_media_video_dev *vdev) |
6074 |
+ /* setup default format */ |
6075 |
+ fmt_src.pad = priv->src_sd_pad; |
6076 |
+ fmt_src.which = V4L2_SUBDEV_FORMAT_ACTIVE; |
6077 |
+- v4l2_subdev_call(sd, pad, get_fmt, NULL, &fmt_src); |
6078 |
++ ret = v4l2_subdev_call(sd, pad, get_fmt, NULL, &fmt_src); |
6079 |
+ if (ret) { |
6080 |
+ v4l2_err(sd, "failed to get src_sd format\n"); |
6081 |
+ goto unreg; |
6082 |
+diff --git a/drivers/staging/rtl8188eu/core/rtw_recv.c b/drivers/staging/rtl8188eu/core/rtw_recv.c |
6083 |
+index 17b4b9257b495..0ddf41b5a734a 100644 |
6084 |
+--- a/drivers/staging/rtl8188eu/core/rtw_recv.c |
6085 |
++++ b/drivers/staging/rtl8188eu/core/rtw_recv.c |
6086 |
+@@ -1535,21 +1535,14 @@ static int amsdu_to_msdu(struct adapter *padapter, struct recv_frame *prframe) |
6087 |
+ |
6088 |
+ /* Allocate new skb for releasing to upper layer */ |
6089 |
+ sub_skb = dev_alloc_skb(nSubframe_Length + 12); |
6090 |
+- if (sub_skb) { |
6091 |
+- skb_reserve(sub_skb, 12); |
6092 |
+- skb_put_data(sub_skb, pdata, nSubframe_Length); |
6093 |
+- } else { |
6094 |
+- sub_skb = skb_clone(prframe->pkt, GFP_ATOMIC); |
6095 |
+- if (sub_skb) { |
6096 |
+- sub_skb->data = pdata; |
6097 |
+- sub_skb->len = nSubframe_Length; |
6098 |
+- skb_set_tail_pointer(sub_skb, nSubframe_Length); |
6099 |
+- } else { |
6100 |
+- DBG_88E("skb_clone() Fail!!! , nr_subframes=%d\n", nr_subframes); |
6101 |
+- break; |
6102 |
+- } |
6103 |
++ if (!sub_skb) { |
6104 |
++ DBG_88E("dev_alloc_skb() Fail!!! , nr_subframes=%d\n", nr_subframes); |
6105 |
++ break; |
6106 |
+ } |
6107 |
+ |
6108 |
++ skb_reserve(sub_skb, 12); |
6109 |
++ skb_put_data(sub_skb, pdata, nSubframe_Length); |
6110 |
++ |
6111 |
+ subframes[nr_subframes++] = sub_skb; |
6112 |
+ |
6113 |
+ if (nr_subframes >= MAX_SUBFRAME_COUNT) { |
6114 |
+diff --git a/drivers/thermal/rcar_thermal.c b/drivers/thermal/rcar_thermal.c |
6115 |
+index 4dc30e7890f6c..140386d7c75a3 100644 |
6116 |
+--- a/drivers/thermal/rcar_thermal.c |
6117 |
++++ b/drivers/thermal/rcar_thermal.c |
6118 |
+@@ -505,8 +505,10 @@ static int rcar_thermal_probe(struct platform_device *pdev) |
6119 |
+ res = platform_get_resource(pdev, IORESOURCE_MEM, |
6120 |
+ mres++); |
6121 |
+ common->base = devm_ioremap_resource(dev, res); |
6122 |
+- if (IS_ERR(common->base)) |
6123 |
+- return PTR_ERR(common->base); |
6124 |
++ if (IS_ERR(common->base)) { |
6125 |
++ ret = PTR_ERR(common->base); |
6126 |
++ goto error_unregister; |
6127 |
++ } |
6128 |
+ |
6129 |
+ idle = 0; /* polling delay is not needed */ |
6130 |
+ } |
6131 |
+diff --git a/drivers/tty/serial/8250/8250_omap.c b/drivers/tty/serial/8250/8250_omap.c |
6132 |
+index a019286f8bb65..cbd006fb7fbb9 100644 |
6133 |
+--- a/drivers/tty/serial/8250/8250_omap.c |
6134 |
++++ b/drivers/tty/serial/8250/8250_omap.c |
6135 |
+@@ -781,7 +781,10 @@ static void __dma_rx_do_complete(struct uart_8250_port *p) |
6136 |
+ dmaengine_tx_status(dma->rxchan, dma->rx_cookie, &state); |
6137 |
+ |
6138 |
+ count = dma->rx_size - state.residue; |
6139 |
+- |
6140 |
++ if (count < dma->rx_size) |
6141 |
++ dmaengine_terminate_async(dma->rxchan); |
6142 |
++ if (!count) |
6143 |
++ goto unlock; |
6144 |
+ ret = tty_insert_flip_string(tty_port, dma->rx_buf, count); |
6145 |
+ |
6146 |
+ p->port.icount.rx += ret; |
6147 |
+@@ -843,7 +846,6 @@ static void omap_8250_rx_dma_flush(struct uart_8250_port *p) |
6148 |
+ spin_unlock_irqrestore(&priv->rx_dma_lock, flags); |
6149 |
+ |
6150 |
+ __dma_rx_do_complete(p); |
6151 |
+- dmaengine_terminate_all(dma->rxchan); |
6152 |
+ } |
6153 |
+ |
6154 |
+ static int omap_8250_rx_dma(struct uart_8250_port *p) |
6155 |
+@@ -1227,11 +1229,11 @@ static int omap8250_probe(struct platform_device *pdev) |
6156 |
+ spin_lock_init(&priv->rx_dma_lock); |
6157 |
+ |
6158 |
+ device_init_wakeup(&pdev->dev, true); |
6159 |
++ pm_runtime_enable(&pdev->dev); |
6160 |
+ pm_runtime_use_autosuspend(&pdev->dev); |
6161 |
+ pm_runtime_set_autosuspend_delay(&pdev->dev, -1); |
6162 |
+ |
6163 |
+ pm_runtime_irq_safe(&pdev->dev); |
6164 |
+- pm_runtime_enable(&pdev->dev); |
6165 |
+ |
6166 |
+ pm_runtime_get_sync(&pdev->dev); |
6167 |
+ |
6168 |
+diff --git a/drivers/tty/serial/8250/8250_port.c b/drivers/tty/serial/8250/8250_port.c |
6169 |
+index 09f0dc3b967b1..60ca19eca1f63 100644 |
6170 |
+--- a/drivers/tty/serial/8250/8250_port.c |
6171 |
++++ b/drivers/tty/serial/8250/8250_port.c |
6172 |
+@@ -1861,6 +1861,7 @@ int serial8250_handle_irq(struct uart_port *port, unsigned int iir) |
6173 |
+ unsigned char status; |
6174 |
+ unsigned long flags; |
6175 |
+ struct uart_8250_port *up = up_to_u8250p(port); |
6176 |
++ bool skip_rx = false; |
6177 |
+ |
6178 |
+ if (iir & UART_IIR_NO_INT) |
6179 |
+ return 0; |
6180 |
+@@ -1869,7 +1870,20 @@ int serial8250_handle_irq(struct uart_port *port, unsigned int iir) |
6181 |
+ |
6182 |
+ status = serial_port_in(port, UART_LSR); |
6183 |
+ |
6184 |
+- if (status & (UART_LSR_DR | UART_LSR_BI)) { |
6185 |
++ /* |
6186 |
++ * If port is stopped and there are no error conditions in the |
6187 |
++ * FIFO, then don't drain the FIFO, as this may lead to TTY buffer |
6188 |
++ * overflow. Not servicing, RX FIFO would trigger auto HW flow |
6189 |
++ * control when FIFO occupancy reaches preset threshold, thus |
6190 |
++ * halting RX. This only works when auto HW flow control is |
6191 |
++ * available. |
6192 |
++ */ |
6193 |
++ if (!(status & (UART_LSR_FIFOE | UART_LSR_BRK_ERROR_BITS)) && |
6194 |
++ (port->status & (UPSTAT_AUTOCTS | UPSTAT_AUTORTS)) && |
6195 |
++ !(port->read_status_mask & UART_LSR_DR)) |
6196 |
++ skip_rx = true; |
6197 |
++ |
6198 |
++ if (status & (UART_LSR_DR | UART_LSR_BI) && !skip_rx) { |
6199 |
+ if (!up->dma || handle_rx_dma(up, iir)) |
6200 |
+ status = serial8250_rx_chars(up, status); |
6201 |
+ } |
6202 |
+diff --git a/drivers/tty/serial/samsung.c b/drivers/tty/serial/samsung.c |
6203 |
+index fcb89bf2524d1..1528a7ba2bf4d 100644 |
6204 |
+--- a/drivers/tty/serial/samsung.c |
6205 |
++++ b/drivers/tty/serial/samsung.c |
6206 |
+@@ -1187,14 +1187,14 @@ static unsigned int s3c24xx_serial_getclk(struct s3c24xx_uart_port *ourport, |
6207 |
+ struct s3c24xx_uart_info *info = ourport->info; |
6208 |
+ struct clk *clk; |
6209 |
+ unsigned long rate; |
6210 |
+- unsigned int cnt, baud, quot, clk_sel, best_quot = 0; |
6211 |
++ unsigned int cnt, baud, quot, best_quot = 0; |
6212 |
+ char clkname[MAX_CLK_NAME_LENGTH]; |
6213 |
+ int calc_deviation, deviation = (1 << 30) - 1; |
6214 |
+ |
6215 |
+- clk_sel = (ourport->cfg->clk_sel) ? ourport->cfg->clk_sel : |
6216 |
+- ourport->info->def_clk_sel; |
6217 |
+ for (cnt = 0; cnt < info->num_clks; cnt++) { |
6218 |
+- if (!(clk_sel & (1 << cnt))) |
6219 |
++ /* Keep selected clock if provided */ |
6220 |
++ if (ourport->cfg->clk_sel && |
6221 |
++ !(ourport->cfg->clk_sel & (1 << cnt))) |
6222 |
+ continue; |
6223 |
+ |
6224 |
+ sprintf(clkname, "clk_uart_baud%d", cnt); |
6225 |
+diff --git a/drivers/tty/serial/xilinx_uartps.c b/drivers/tty/serial/xilinx_uartps.c |
6226 |
+index 31950a38f0fb7..23f9b0cdff086 100644 |
6227 |
+--- a/drivers/tty/serial/xilinx_uartps.c |
6228 |
++++ b/drivers/tty/serial/xilinx_uartps.c |
6229 |
+@@ -1236,6 +1236,7 @@ static int cdns_uart_console_setup(struct console *co, char *options) |
6230 |
+ int bits = 8; |
6231 |
+ int parity = 'n'; |
6232 |
+ int flow = 'n'; |
6233 |
++ unsigned long time_out; |
6234 |
+ |
6235 |
+ if (!port->membase) { |
6236 |
+ pr_debug("console on " CDNS_UART_TTY_NAME "%i not present\n", |
6237 |
+@@ -1246,6 +1247,13 @@ static int cdns_uart_console_setup(struct console *co, char *options) |
6238 |
+ if (options) |
6239 |
+ uart_parse_options(options, &baud, &parity, &bits, &flow); |
6240 |
+ |
6241 |
++ /* Wait for tx_empty before setting up the console */ |
6242 |
++ time_out = jiffies + usecs_to_jiffies(TX_TIMEOUT); |
6243 |
++ |
6244 |
++ while (time_before(jiffies, time_out) && |
6245 |
++ cdns_uart_tx_empty(port) != TIOCSER_TEMT) |
6246 |
++ cpu_relax(); |
6247 |
++ |
6248 |
+ return uart_set_options(port, co, baud, parity, bits, flow); |
6249 |
+ } |
6250 |
+ |
6251 |
+diff --git a/drivers/tty/vcc.c b/drivers/tty/vcc.c |
6252 |
+index 58b454c34560a..10a832a2135e2 100644 |
6253 |
+--- a/drivers/tty/vcc.c |
6254 |
++++ b/drivers/tty/vcc.c |
6255 |
+@@ -604,6 +604,7 @@ static int vcc_probe(struct vio_dev *vdev, const struct vio_device_id *id) |
6256 |
+ port->index = vcc_table_add(port); |
6257 |
+ if (port->index == -1) { |
6258 |
+ pr_err("VCC: no more TTY indices left for allocation\n"); |
6259 |
++ rv = -ENOMEM; |
6260 |
+ goto free_ldc; |
6261 |
+ } |
6262 |
+ |
6263 |
+diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c |
6264 |
+index 7bf2573dd459e..37cc3fd7c3cad 100644 |
6265 |
+--- a/drivers/usb/dwc3/gadget.c |
6266 |
++++ b/drivers/usb/dwc3/gadget.c |
6267 |
+@@ -270,7 +270,7 @@ int dwc3_send_gadget_ep_cmd(struct dwc3_ep *dep, unsigned cmd, |
6268 |
+ { |
6269 |
+ const struct usb_endpoint_descriptor *desc = dep->endpoint.desc; |
6270 |
+ struct dwc3 *dwc = dep->dwc; |
6271 |
+- u32 timeout = 1000; |
6272 |
++ u32 timeout = 5000; |
6273 |
+ u32 saved_config = 0; |
6274 |
+ u32 reg; |
6275 |
+ |
6276 |
+diff --git a/drivers/usb/host/ehci-mv.c b/drivers/usb/host/ehci-mv.c |
6277 |
+index de764459e05a6..9d93e7441bbca 100644 |
6278 |
+--- a/drivers/usb/host/ehci-mv.c |
6279 |
++++ b/drivers/usb/host/ehci-mv.c |
6280 |
+@@ -192,12 +192,10 @@ static int mv_ehci_probe(struct platform_device *pdev) |
6281 |
+ hcd->rsrc_len = resource_size(r); |
6282 |
+ hcd->regs = ehci_mv->op_regs; |
6283 |
+ |
6284 |
+- hcd->irq = platform_get_irq(pdev, 0); |
6285 |
+- if (!hcd->irq) { |
6286 |
+- dev_err(&pdev->dev, "Cannot get irq."); |
6287 |
+- retval = -ENODEV; |
6288 |
++ retval = platform_get_irq(pdev, 0); |
6289 |
++ if (retval < 0) |
6290 |
+ goto err_disable_clk; |
6291 |
+- } |
6292 |
++ hcd->irq = retval; |
6293 |
+ |
6294 |
+ ehci = hcd_to_ehci(hcd); |
6295 |
+ ehci->caps = (struct ehci_caps *) ehci_mv->cap_regs; |
6296 |
+diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c |
6297 |
+index 9f72a6ee13b53..58e7336b2748b 100644 |
6298 |
+--- a/drivers/vfio/pci/vfio_pci.c |
6299 |
++++ b/drivers/vfio/pci/vfio_pci.c |
6300 |
+@@ -409,6 +409,19 @@ static void vfio_pci_release(void *device_data) |
6301 |
+ if (!(--vdev->refcnt)) { |
6302 |
+ vfio_spapr_pci_eeh_release(vdev->pdev); |
6303 |
+ vfio_pci_disable(vdev); |
6304 |
++ mutex_lock(&vdev->igate); |
6305 |
++ if (vdev->err_trigger) { |
6306 |
++ eventfd_ctx_put(vdev->err_trigger); |
6307 |
++ vdev->err_trigger = NULL; |
6308 |
++ } |
6309 |
++ mutex_unlock(&vdev->igate); |
6310 |
++ |
6311 |
++ mutex_lock(&vdev->igate); |
6312 |
++ if (vdev->req_trigger) { |
6313 |
++ eventfd_ctx_put(vdev->req_trigger); |
6314 |
++ vdev->req_trigger = NULL; |
6315 |
++ } |
6316 |
++ mutex_unlock(&vdev->igate); |
6317 |
+ } |
6318 |
+ |
6319 |
+ mutex_unlock(&driver_lock); |
6320 |
+diff --git a/fs/block_dev.c b/fs/block_dev.c |
6321 |
+index 8ac8f7469354b..9f3faac490259 100644 |
6322 |
+--- a/fs/block_dev.c |
6323 |
++++ b/fs/block_dev.c |
6324 |
+@@ -1793,6 +1793,16 @@ static void __blkdev_put(struct block_device *bdev, fmode_t mode, int for_part) |
6325 |
+ struct gendisk *disk = bdev->bd_disk; |
6326 |
+ struct block_device *victim = NULL; |
6327 |
+ |
6328 |
++ /* |
6329 |
++ * Sync early if it looks like we're the last one. If someone else |
6330 |
++ * opens the block device between now and the decrement of bd_openers |
6331 |
++ * then we did a sync that we didn't need to, but that's not the end |
6332 |
++ * of the world and we want to avoid long (could be several minute) |
6333 |
++ * syncs while holding the mutex. |
6334 |
++ */ |
6335 |
++ if (bdev->bd_openers == 1) |
6336 |
++ sync_blockdev(bdev); |
6337 |
++ |
6338 |
+ mutex_lock_nested(&bdev->bd_mutex, for_part); |
6339 |
+ if (for_part) |
6340 |
+ bdev->bd_part_count--; |
6341 |
+diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c |
6342 |
+index 319a89d4d0735..ce5e0f6c6af4f 100644 |
6343 |
+--- a/fs/btrfs/extent-tree.c |
6344 |
++++ b/fs/btrfs/extent-tree.c |
6345 |
+@@ -9098,8 +9098,6 @@ out: |
6346 |
+ */ |
6347 |
+ if (!for_reloc && !root_dropped) |
6348 |
+ btrfs_add_dead_root(root); |
6349 |
+- if (err && err != -EAGAIN) |
6350 |
+- btrfs_handle_fs_error(fs_info, err, NULL); |
6351 |
+ return err; |
6352 |
+ } |
6353 |
+ |
6354 |
+diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c |
6355 |
+index bdfe159a60da6..64d459ca76d06 100644 |
6356 |
+--- a/fs/btrfs/inode.c |
6357 |
++++ b/fs/btrfs/inode.c |
6358 |
+@@ -8913,20 +8913,17 @@ again: |
6359 |
+ /* |
6360 |
+ * Qgroup reserved space handler |
6361 |
+ * Page here will be either |
6362 |
+- * 1) Already written to disk |
6363 |
+- * In this case, its reserved space is released from data rsv map |
6364 |
+- * and will be freed by delayed_ref handler finally. |
6365 |
+- * So even we call qgroup_free_data(), it won't decrease reserved |
6366 |
+- * space. |
6367 |
+- * 2) Not written to disk |
6368 |
+- * This means the reserved space should be freed here. However, |
6369 |
+- * if a truncate invalidates the page (by clearing PageDirty) |
6370 |
+- * and the page is accounted for while allocating extent |
6371 |
+- * in btrfs_check_data_free_space() we let delayed_ref to |
6372 |
+- * free the entire extent. |
6373 |
++ * 1) Already written to disk or ordered extent already submitted |
6374 |
++ * Then its QGROUP_RESERVED bit in io_tree is already cleaned. |
6375 |
++ * Qgroup will be handled by its qgroup_record then. |
6376 |
++ * btrfs_qgroup_free_data() call will do nothing here. |
6377 |
++ * |
6378 |
++ * 2) Not written to disk yet |
6379 |
++ * Then btrfs_qgroup_free_data() call will clear the QGROUP_RESERVED |
6380 |
++ * bit of its io_tree, and free the qgroup reserved data space. |
6381 |
++ * Since the IO will never happen for this page. |
6382 |
+ */ |
6383 |
+- if (PageDirty(page)) |
6384 |
+- btrfs_qgroup_free_data(inode, NULL, page_start, PAGE_SIZE); |
6385 |
++ btrfs_qgroup_free_data(inode, NULL, page_start, PAGE_SIZE); |
6386 |
+ if (!inode_evicting) { |
6387 |
+ clear_extent_bit(tree, page_start, page_end, |
6388 |
+ EXTENT_LOCKED | EXTENT_DIRTY | |
6389 |
+diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c |
6390 |
+index a2d4eed27f804..c0dbf8b7762b4 100644 |
6391 |
+--- a/fs/ceph/caps.c |
6392 |
++++ b/fs/ceph/caps.c |
6393 |
+@@ -2015,12 +2015,24 @@ ack: |
6394 |
+ if (mutex_trylock(&session->s_mutex) == 0) { |
6395 |
+ dout("inverting session/ino locks on %p\n", |
6396 |
+ session); |
6397 |
++ session = ceph_get_mds_session(session); |
6398 |
+ spin_unlock(&ci->i_ceph_lock); |
6399 |
+ if (took_snap_rwsem) { |
6400 |
+ up_read(&mdsc->snap_rwsem); |
6401 |
+ took_snap_rwsem = 0; |
6402 |
+ } |
6403 |
+- mutex_lock(&session->s_mutex); |
6404 |
++ if (session) { |
6405 |
++ mutex_lock(&session->s_mutex); |
6406 |
++ ceph_put_mds_session(session); |
6407 |
++ } else { |
6408 |
++ /* |
6409 |
++ * Because we take the reference while |
6410 |
++ * holding the i_ceph_lock, it should |
6411 |
++ * never be NULL. Throw a warning if it |
6412 |
++ * ever is. |
6413 |
++ */ |
6414 |
++ WARN_ON_ONCE(true); |
6415 |
++ } |
6416 |
+ goto retry; |
6417 |
+ } |
6418 |
+ } |
6419 |
+diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c |
6420 |
+index 1e438e0faf77e..3c24fb77ef325 100644 |
6421 |
+--- a/fs/ceph/inode.c |
6422 |
++++ b/fs/ceph/inode.c |
6423 |
+@@ -764,8 +764,11 @@ static int fill_inode(struct inode *inode, struct page *locked_page, |
6424 |
+ info_caps = le32_to_cpu(info->cap.caps); |
6425 |
+ |
6426 |
+ /* prealloc new cap struct */ |
6427 |
+- if (info_caps && ceph_snap(inode) == CEPH_NOSNAP) |
6428 |
++ if (info_caps && ceph_snap(inode) == CEPH_NOSNAP) { |
6429 |
+ new_cap = ceph_get_cap(mdsc, caps_reservation); |
6430 |
++ if (!new_cap) |
6431 |
++ return -ENOMEM; |
6432 |
++ } |
6433 |
+ |
6434 |
+ /* |
6435 |
+ * prealloc xattr data, if it looks like we'll need it. only |
6436 |
+diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h |
6437 |
+index 71c2dd0c7f038..2c632793c88c5 100644 |
6438 |
+--- a/fs/cifs/cifsglob.h |
6439 |
++++ b/fs/cifs/cifsglob.h |
6440 |
+@@ -259,8 +259,9 @@ struct smb_version_operations { |
6441 |
+ int (*check_message)(char *, unsigned int, struct TCP_Server_Info *); |
6442 |
+ bool (*is_oplock_break)(char *, struct TCP_Server_Info *); |
6443 |
+ int (*handle_cancelled_mid)(char *, struct TCP_Server_Info *); |
6444 |
+- void (*downgrade_oplock)(struct TCP_Server_Info *, |
6445 |
+- struct cifsInodeInfo *, bool); |
6446 |
++ void (*downgrade_oplock)(struct TCP_Server_Info *server, |
6447 |
++ struct cifsInodeInfo *cinode, __u32 oplock, |
6448 |
++ unsigned int epoch, bool *purge_cache); |
6449 |
+ /* process transaction2 response */ |
6450 |
+ bool (*check_trans2)(struct mid_q_entry *, struct TCP_Server_Info *, |
6451 |
+ char *, int); |
6452 |
+@@ -1160,6 +1161,8 @@ struct cifsFileInfo { |
6453 |
+ unsigned int f_flags; |
6454 |
+ bool invalidHandle:1; /* file closed via session abend */ |
6455 |
+ bool oplock_break_cancelled:1; |
6456 |
++ unsigned int oplock_epoch; /* epoch from the lease break */ |
6457 |
++ __u32 oplock_level; /* oplock/lease level from the lease break */ |
6458 |
+ int count; |
6459 |
+ spinlock_t file_info_lock; /* protects four flag/count fields above */ |
6460 |
+ struct mutex fh_mutex; /* prevents reopen race after dead ses*/ |
6461 |
+@@ -1300,7 +1303,7 @@ struct cifsInodeInfo { |
6462 |
+ unsigned int epoch; /* used to track lease state changes */ |
6463 |
+ #define CIFS_INODE_PENDING_OPLOCK_BREAK (0) /* oplock break in progress */ |
6464 |
+ #define CIFS_INODE_PENDING_WRITERS (1) /* Writes in progress */ |
6465 |
+-#define CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2 (2) /* Downgrade oplock to L2 */ |
6466 |
++#define CIFS_INODE_FLAG_UNUSED (2) /* Unused flag */ |
6467 |
+ #define CIFS_INO_DELETE_PENDING (3) /* delete pending on server */ |
6468 |
+ #define CIFS_INO_INVALID_MAPPING (4) /* pagecache is invalid */ |
6469 |
+ #define CIFS_INO_LOCK (5) /* lock bit for synchronization */ |
6470 |
+diff --git a/fs/cifs/file.c b/fs/cifs/file.c |
6471 |
+index 128cbd69911b4..5cb15649adb07 100644 |
6472 |
+--- a/fs/cifs/file.c |
6473 |
++++ b/fs/cifs/file.c |
6474 |
+@@ -3804,7 +3804,8 @@ readpages_get_pages(struct address_space *mapping, struct list_head *page_list, |
6475 |
+ break; |
6476 |
+ |
6477 |
+ __SetPageLocked(page); |
6478 |
+- if (add_to_page_cache_locked(page, mapping, page->index, gfp)) { |
6479 |
++ rc = add_to_page_cache_locked(page, mapping, page->index, gfp); |
6480 |
++ if (rc) { |
6481 |
+ __ClearPageLocked(page); |
6482 |
+ break; |
6483 |
+ } |
6484 |
+@@ -3820,6 +3821,7 @@ static int cifs_readpages(struct file *file, struct address_space *mapping, |
6485 |
+ struct list_head *page_list, unsigned num_pages) |
6486 |
+ { |
6487 |
+ int rc; |
6488 |
++ int err = 0; |
6489 |
+ struct list_head tmplist; |
6490 |
+ struct cifsFileInfo *open_file = file->private_data; |
6491 |
+ struct cifs_sb_info *cifs_sb = CIFS_FILE_SB(file); |
6492 |
+@@ -3860,7 +3862,7 @@ static int cifs_readpages(struct file *file, struct address_space *mapping, |
6493 |
+ * the order of declining indexes. When we put the pages in |
6494 |
+ * the rdata->pages, then we want them in increasing order. |
6495 |
+ */ |
6496 |
+- while (!list_empty(page_list)) { |
6497 |
++ while (!list_empty(page_list) && !err) { |
6498 |
+ unsigned int i, nr_pages, bytes, rsize; |
6499 |
+ loff_t offset; |
6500 |
+ struct page *page, *tpage; |
6501 |
+@@ -3883,9 +3885,10 @@ static int cifs_readpages(struct file *file, struct address_space *mapping, |
6502 |
+ return 0; |
6503 |
+ } |
6504 |
+ |
6505 |
+- rc = readpages_get_pages(mapping, page_list, rsize, &tmplist, |
6506 |
++ nr_pages = 0; |
6507 |
++ err = readpages_get_pages(mapping, page_list, rsize, &tmplist, |
6508 |
+ &nr_pages, &offset, &bytes); |
6509 |
+- if (rc) { |
6510 |
++ if (!nr_pages) { |
6511 |
+ add_credits_and_wake_if(server, credits, 0); |
6512 |
+ break; |
6513 |
+ } |
6514 |
+@@ -4185,12 +4188,13 @@ void cifs_oplock_break(struct work_struct *work) |
6515 |
+ struct cifs_tcon *tcon = tlink_tcon(cfile->tlink); |
6516 |
+ struct TCP_Server_Info *server = tcon->ses->server; |
6517 |
+ int rc = 0; |
6518 |
++ bool purge_cache = false; |
6519 |
+ |
6520 |
+ wait_on_bit(&cinode->flags, CIFS_INODE_PENDING_WRITERS, |
6521 |
+ TASK_UNINTERRUPTIBLE); |
6522 |
+ |
6523 |
+- server->ops->downgrade_oplock(server, cinode, |
6524 |
+- test_bit(CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, &cinode->flags)); |
6525 |
++ server->ops->downgrade_oplock(server, cinode, cfile->oplock_level, |
6526 |
++ cfile->oplock_epoch, &purge_cache); |
6527 |
+ |
6528 |
+ if (!CIFS_CACHE_WRITE(cinode) && CIFS_CACHE_READ(cinode) && |
6529 |
+ cifs_has_mand_locks(cinode)) { |
6530 |
+@@ -4205,18 +4209,21 @@ void cifs_oplock_break(struct work_struct *work) |
6531 |
+ else |
6532 |
+ break_lease(inode, O_WRONLY); |
6533 |
+ rc = filemap_fdatawrite(inode->i_mapping); |
6534 |
+- if (!CIFS_CACHE_READ(cinode)) { |
6535 |
++ if (!CIFS_CACHE_READ(cinode) || purge_cache) { |
6536 |
+ rc = filemap_fdatawait(inode->i_mapping); |
6537 |
+ mapping_set_error(inode->i_mapping, rc); |
6538 |
+ cifs_zap_mapping(inode); |
6539 |
+ } |
6540 |
+ cifs_dbg(FYI, "Oplock flush inode %p rc %d\n", inode, rc); |
6541 |
++ if (CIFS_CACHE_WRITE(cinode)) |
6542 |
++ goto oplock_break_ack; |
6543 |
+ } |
6544 |
+ |
6545 |
+ rc = cifs_push_locks(cfile); |
6546 |
+ if (rc) |
6547 |
+ cifs_dbg(VFS, "Push locks rc = %d\n", rc); |
6548 |
+ |
6549 |
++oplock_break_ack: |
6550 |
+ /* |
6551 |
+ * releasing stale oplock after recent reconnect of smb session using |
6552 |
+ * a now incorrect file handle is not a data integrity issue but do |
6553 |
+diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c |
6554 |
+index e45f8e321371c..dd67f56ea61e5 100644 |
6555 |
+--- a/fs/cifs/misc.c |
6556 |
++++ b/fs/cifs/misc.c |
6557 |
+@@ -477,21 +477,10 @@ is_valid_oplock_break(char *buffer, struct TCP_Server_Info *srv) |
6558 |
+ set_bit(CIFS_INODE_PENDING_OPLOCK_BREAK, |
6559 |
+ &pCifsInode->flags); |
6560 |
+ |
6561 |
+- /* |
6562 |
+- * Set flag if the server downgrades the oplock |
6563 |
+- * to L2 else clear. |
6564 |
+- */ |
6565 |
+- if (pSMB->OplockLevel) |
6566 |
+- set_bit( |
6567 |
+- CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, |
6568 |
+- &pCifsInode->flags); |
6569 |
+- else |
6570 |
+- clear_bit( |
6571 |
+- CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, |
6572 |
+- &pCifsInode->flags); |
6573 |
+- |
6574 |
+- cifs_queue_oplock_break(netfile); |
6575 |
++ netfile->oplock_epoch = 0; |
6576 |
++ netfile->oplock_level = pSMB->OplockLevel; |
6577 |
+ netfile->oplock_break_cancelled = false; |
6578 |
++ cifs_queue_oplock_break(netfile); |
6579 |
+ |
6580 |
+ spin_unlock(&tcon->open_file_lock); |
6581 |
+ spin_unlock(&cifs_tcp_ses_lock); |
6582 |
+diff --git a/fs/cifs/smb1ops.c b/fs/cifs/smb1ops.c |
6583 |
+index c7f0c85664425..0b7f924512848 100644 |
6584 |
+--- a/fs/cifs/smb1ops.c |
6585 |
++++ b/fs/cifs/smb1ops.c |
6586 |
+@@ -381,12 +381,10 @@ coalesce_t2(char *second_buf, struct smb_hdr *target_hdr) |
6587 |
+ |
6588 |
+ static void |
6589 |
+ cifs_downgrade_oplock(struct TCP_Server_Info *server, |
6590 |
+- struct cifsInodeInfo *cinode, bool set_level2) |
6591 |
++ struct cifsInodeInfo *cinode, __u32 oplock, |
6592 |
++ unsigned int epoch, bool *purge_cache) |
6593 |
+ { |
6594 |
+- if (set_level2) |
6595 |
+- cifs_set_oplock_level(cinode, OPLOCK_READ); |
6596 |
+- else |
6597 |
+- cifs_set_oplock_level(cinode, 0); |
6598 |
++ cifs_set_oplock_level(cinode, oplock); |
6599 |
+ } |
6600 |
+ |
6601 |
+ static bool |
6602 |
+diff --git a/fs/cifs/smb2misc.c b/fs/cifs/smb2misc.c |
6603 |
+index 2fc96f7923ee5..7d875a47d0226 100644 |
6604 |
+--- a/fs/cifs/smb2misc.c |
6605 |
++++ b/fs/cifs/smb2misc.c |
6606 |
+@@ -550,7 +550,7 @@ smb2_tcon_has_lease(struct cifs_tcon *tcon, struct smb2_lease_break *rsp) |
6607 |
+ |
6608 |
+ cifs_dbg(FYI, "found in the open list\n"); |
6609 |
+ cifs_dbg(FYI, "lease key match, lease break 0x%x\n", |
6610 |
+- le32_to_cpu(rsp->NewLeaseState)); |
6611 |
++ lease_state); |
6612 |
+ |
6613 |
+ if (ack_req) |
6614 |
+ cfile->oplock_break_cancelled = false; |
6615 |
+@@ -559,17 +559,8 @@ smb2_tcon_has_lease(struct cifs_tcon *tcon, struct smb2_lease_break *rsp) |
6616 |
+ |
6617 |
+ set_bit(CIFS_INODE_PENDING_OPLOCK_BREAK, &cinode->flags); |
6618 |
+ |
6619 |
+- /* |
6620 |
+- * Set or clear flags depending on the lease state being READ. |
6621 |
+- * HANDLE caching flag should be added when the client starts |
6622 |
+- * to defer closing remote file handles with HANDLE leases. |
6623 |
+- */ |
6624 |
+- if (lease_state & SMB2_LEASE_READ_CACHING_HE) |
6625 |
+- set_bit(CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, |
6626 |
+- &cinode->flags); |
6627 |
+- else |
6628 |
+- clear_bit(CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, |
6629 |
+- &cinode->flags); |
6630 |
++ cfile->oplock_epoch = le16_to_cpu(rsp->Epoch); |
6631 |
++ cfile->oplock_level = lease_state; |
6632 |
+ |
6633 |
+ cifs_queue_oplock_break(cfile); |
6634 |
+ return true; |
6635 |
+@@ -599,7 +590,7 @@ smb2_tcon_find_pending_open_lease(struct cifs_tcon *tcon, |
6636 |
+ |
6637 |
+ cifs_dbg(FYI, "found in the pending open list\n"); |
6638 |
+ cifs_dbg(FYI, "lease key match, lease break 0x%x\n", |
6639 |
+- le32_to_cpu(rsp->NewLeaseState)); |
6640 |
++ lease_state); |
6641 |
+ |
6642 |
+ open->oplock = lease_state; |
6643 |
+ } |
6644 |
+@@ -732,18 +723,9 @@ smb2_is_valid_oplock_break(char *buffer, struct TCP_Server_Info *server) |
6645 |
+ set_bit(CIFS_INODE_PENDING_OPLOCK_BREAK, |
6646 |
+ &cinode->flags); |
6647 |
+ |
6648 |
+- /* |
6649 |
+- * Set flag if the server downgrades the oplock |
6650 |
+- * to L2 else clear. |
6651 |
+- */ |
6652 |
+- if (rsp->OplockLevel) |
6653 |
+- set_bit( |
6654 |
+- CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, |
6655 |
+- &cinode->flags); |
6656 |
+- else |
6657 |
+- clear_bit( |
6658 |
+- CIFS_INODE_DOWNGRADE_OPLOCK_TO_L2, |
6659 |
+- &cinode->flags); |
6660 |
++ cfile->oplock_epoch = 0; |
6661 |
++ cfile->oplock_level = rsp->OplockLevel; |
6662 |
++ |
6663 |
+ spin_unlock(&cfile->file_info_lock); |
6664 |
+ |
6665 |
+ cifs_queue_oplock_break(cfile); |
6666 |
+diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c |
6667 |
+index 2a523139a05fb..947a40069d246 100644 |
6668 |
+--- a/fs/cifs/smb2ops.c |
6669 |
++++ b/fs/cifs/smb2ops.c |
6670 |
+@@ -2358,22 +2358,38 @@ static long smb3_fallocate(struct file *file, struct cifs_tcon *tcon, int mode, |
6671 |
+ |
6672 |
+ static void |
6673 |
+ smb2_downgrade_oplock(struct TCP_Server_Info *server, |
6674 |
+- struct cifsInodeInfo *cinode, bool set_level2) |
6675 |
++ struct cifsInodeInfo *cinode, __u32 oplock, |
6676 |
++ unsigned int epoch, bool *purge_cache) |
6677 |
+ { |
6678 |
+- if (set_level2) |
6679 |
+- server->ops->set_oplock_level(cinode, SMB2_OPLOCK_LEVEL_II, |
6680 |
+- 0, NULL); |
6681 |
+- else |
6682 |
+- server->ops->set_oplock_level(cinode, 0, 0, NULL); |
6683 |
++ server->ops->set_oplock_level(cinode, oplock, 0, NULL); |
6684 |
+ } |
6685 |
+ |
6686 |
+ static void |
6687 |
+-smb21_downgrade_oplock(struct TCP_Server_Info *server, |
6688 |
+- struct cifsInodeInfo *cinode, bool set_level2) |
6689 |
++smb21_set_oplock_level(struct cifsInodeInfo *cinode, __u32 oplock, |
6690 |
++ unsigned int epoch, bool *purge_cache); |
6691 |
++ |
6692 |
++static void |
6693 |
++smb3_downgrade_oplock(struct TCP_Server_Info *server, |
6694 |
++ struct cifsInodeInfo *cinode, __u32 oplock, |
6695 |
++ unsigned int epoch, bool *purge_cache) |
6696 |
+ { |
6697 |
+- server->ops->set_oplock_level(cinode, |
6698 |
+- set_level2 ? SMB2_LEASE_READ_CACHING_HE : |
6699 |
+- 0, 0, NULL); |
6700 |
++ unsigned int old_state = cinode->oplock; |
6701 |
++ unsigned int old_epoch = cinode->epoch; |
6702 |
++ unsigned int new_state; |
6703 |
++ |
6704 |
++ if (epoch > old_epoch) { |
6705 |
++ smb21_set_oplock_level(cinode, oplock, 0, NULL); |
6706 |
++ cinode->epoch = epoch; |
6707 |
++ } |
6708 |
++ |
6709 |
++ new_state = cinode->oplock; |
6710 |
++ *purge_cache = false; |
6711 |
++ |
6712 |
++ if ((old_state & CIFS_CACHE_READ_FLG) != 0 && |
6713 |
++ (new_state & CIFS_CACHE_READ_FLG) == 0) |
6714 |
++ *purge_cache = true; |
6715 |
++ else if (old_state == new_state && (epoch - old_epoch > 1)) |
6716 |
++ *purge_cache = true; |
6717 |
+ } |
6718 |
+ |
6719 |
+ static void |
6720 |
+@@ -3449,7 +3465,7 @@ struct smb_version_operations smb21_operations = { |
6721 |
+ .print_stats = smb2_print_stats, |
6722 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
6723 |
+ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
6724 |
+- .downgrade_oplock = smb21_downgrade_oplock, |
6725 |
++ .downgrade_oplock = smb2_downgrade_oplock, |
6726 |
+ .need_neg = smb2_need_neg, |
6727 |
+ .negotiate = smb2_negotiate, |
6728 |
+ .negotiate_wsize = smb2_negotiate_wsize, |
6729 |
+@@ -3546,7 +3562,7 @@ struct smb_version_operations smb30_operations = { |
6730 |
+ .dump_share_caps = smb2_dump_share_caps, |
6731 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
6732 |
+ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
6733 |
+- .downgrade_oplock = smb21_downgrade_oplock, |
6734 |
++ .downgrade_oplock = smb3_downgrade_oplock, |
6735 |
+ .need_neg = smb2_need_neg, |
6736 |
+ .negotiate = smb2_negotiate, |
6737 |
+ .negotiate_wsize = smb2_negotiate_wsize, |
6738 |
+@@ -3651,7 +3667,7 @@ struct smb_version_operations smb311_operations = { |
6739 |
+ .dump_share_caps = smb2_dump_share_caps, |
6740 |
+ .is_oplock_break = smb2_is_valid_oplock_break, |
6741 |
+ .handle_cancelled_mid = smb2_handle_cancelled_mid, |
6742 |
+- .downgrade_oplock = smb21_downgrade_oplock, |
6743 |
++ .downgrade_oplock = smb3_downgrade_oplock, |
6744 |
+ .need_neg = smb2_need_neg, |
6745 |
+ .negotiate = smb2_negotiate, |
6746 |
+ .negotiate_wsize = smb2_negotiate_wsize, |
6747 |
+diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h |
6748 |
+index 308c682fa4d3b..44501f8cbd75e 100644 |
6749 |
+--- a/fs/cifs/smb2pdu.h |
6750 |
++++ b/fs/cifs/smb2pdu.h |
6751 |
+@@ -1209,7 +1209,7 @@ struct smb2_oplock_break { |
6752 |
+ struct smb2_lease_break { |
6753 |
+ struct smb2_sync_hdr sync_hdr; |
6754 |
+ __le16 StructureSize; /* Must be 44 */ |
6755 |
+- __le16 Reserved; |
6756 |
++ __le16 Epoch; |
6757 |
+ __le32 Flags; |
6758 |
+ __u8 LeaseKey[16]; |
6759 |
+ __le32 CurrentLeaseState; |
6760 |
+diff --git a/fs/dcache.c b/fs/dcache.c |
6761 |
+index 6e0022326afe3..20370a0997bf9 100644 |
6762 |
+--- a/fs/dcache.c |
6763 |
++++ b/fs/dcache.c |
6764 |
+@@ -864,17 +864,19 @@ struct dentry *dget_parent(struct dentry *dentry) |
6765 |
+ { |
6766 |
+ int gotref; |
6767 |
+ struct dentry *ret; |
6768 |
++ unsigned seq; |
6769 |
+ |
6770 |
+ /* |
6771 |
+ * Do optimistic parent lookup without any |
6772 |
+ * locking. |
6773 |
+ */ |
6774 |
+ rcu_read_lock(); |
6775 |
++ seq = raw_seqcount_begin(&dentry->d_seq); |
6776 |
+ ret = READ_ONCE(dentry->d_parent); |
6777 |
+ gotref = lockref_get_not_zero(&ret->d_lockref); |
6778 |
+ rcu_read_unlock(); |
6779 |
+ if (likely(gotref)) { |
6780 |
+- if (likely(ret == READ_ONCE(dentry->d_parent))) |
6781 |
++ if (!read_seqcount_retry(&dentry->d_seq, seq)) |
6782 |
+ return ret; |
6783 |
+ dput(ret); |
6784 |
+ } |
6785 |
+diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c |
6786 |
+index cd833f4e64ef1..52be4c9650241 100644 |
6787 |
+--- a/fs/ext4/inode.c |
6788 |
++++ b/fs/ext4/inode.c |
6789 |
+@@ -5315,7 +5315,7 @@ static int ext4_do_update_inode(handle_t *handle, |
6790 |
+ raw_inode->i_file_acl_high = |
6791 |
+ cpu_to_le16(ei->i_file_acl >> 32); |
6792 |
+ raw_inode->i_file_acl_lo = cpu_to_le32(ei->i_file_acl); |
6793 |
+- if (ei->i_disksize != ext4_isize(inode->i_sb, raw_inode)) { |
6794 |
++ if (READ_ONCE(ei->i_disksize) != ext4_isize(inode->i_sb, raw_inode)) { |
6795 |
+ ext4_isize_set(raw_inode, ei->i_disksize); |
6796 |
+ need_datasync = 1; |
6797 |
+ } |
6798 |
+diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c |
6799 |
+index 8dd54a8a03610..054cfdd007d69 100644 |
6800 |
+--- a/fs/ext4/mballoc.c |
6801 |
++++ b/fs/ext4/mballoc.c |
6802 |
+@@ -1901,8 +1901,15 @@ void ext4_mb_simple_scan_group(struct ext4_allocation_context *ac, |
6803 |
+ BUG_ON(buddy == NULL); |
6804 |
+ |
6805 |
+ k = mb_find_next_zero_bit(buddy, max, 0); |
6806 |
+- BUG_ON(k >= max); |
6807 |
+- |
6808 |
++ if (k >= max) { |
6809 |
++ ext4_grp_locked_error(ac->ac_sb, e4b->bd_group, 0, 0, |
6810 |
++ "%d free clusters of order %d. But found 0", |
6811 |
++ grp->bb_counters[i], i); |
6812 |
++ ext4_mark_group_bitmap_corrupted(ac->ac_sb, |
6813 |
++ e4b->bd_group, |
6814 |
++ EXT4_GROUP_INFO_BBITMAP_CORRUPT); |
6815 |
++ break; |
6816 |
++ } |
6817 |
+ ac->ac_found++; |
6818 |
+ |
6819 |
+ ac->ac_b_ex.fe_len = 1 << i; |
6820 |
+diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c |
6821 |
+index 01e6ea11822bf..c51c9a6881e49 100644 |
6822 |
+--- a/fs/fuse/dev.c |
6823 |
++++ b/fs/fuse/dev.c |
6824 |
+@@ -831,7 +831,6 @@ static int fuse_check_page(struct page *page) |
6825 |
+ { |
6826 |
+ if (page_mapcount(page) || |
6827 |
+ page->mapping != NULL || |
6828 |
+- page_count(page) != 1 || |
6829 |
+ (page->flags & PAGE_FLAGS_CHECK_AT_PREP & |
6830 |
+ ~(1 << PG_locked | |
6831 |
+ 1 << PG_referenced | |
6832 |
+diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c |
6833 |
+index d968b5c5df217..a52b8b0dceeb9 100644 |
6834 |
+--- a/fs/gfs2/inode.c |
6835 |
++++ b/fs/gfs2/inode.c |
6836 |
+@@ -715,7 +715,7 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, |
6837 |
+ |
6838 |
+ error = gfs2_trans_begin(sdp, blocks, 0); |
6839 |
+ if (error) |
6840 |
+- goto fail_gunlock2; |
6841 |
++ goto fail_free_inode; |
6842 |
+ |
6843 |
+ if (blocks > 1) { |
6844 |
+ ip->i_eattr = ip->i_no_addr + 1; |
6845 |
+@@ -726,7 +726,7 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, |
6846 |
+ |
6847 |
+ error = gfs2_glock_get(sdp, ip->i_no_addr, &gfs2_iopen_glops, CREATE, &io_gl); |
6848 |
+ if (error) |
6849 |
+- goto fail_gunlock2; |
6850 |
++ goto fail_free_inode; |
6851 |
+ |
6852 |
+ BUG_ON(test_and_set_bit(GLF_INODE_CREATING, &io_gl->gl_flags)); |
6853 |
+ |
6854 |
+@@ -735,7 +735,6 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, |
6855 |
+ goto fail_gunlock2; |
6856 |
+ |
6857 |
+ glock_set_object(ip->i_iopen_gh.gh_gl, ip); |
6858 |
+- gfs2_glock_put(io_gl); |
6859 |
+ gfs2_set_iop(inode); |
6860 |
+ insert_inode_hash(inode); |
6861 |
+ |
6862 |
+@@ -768,6 +767,8 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, |
6863 |
+ |
6864 |
+ mark_inode_dirty(inode); |
6865 |
+ d_instantiate(dentry, inode); |
6866 |
++ /* After instantiate, errors should result in evict which will destroy |
6867 |
++ * both inode and iopen glocks properly. */ |
6868 |
+ if (file) { |
6869 |
+ file->f_mode |= FMODE_CREATED; |
6870 |
+ error = finish_open(file, dentry, gfs2_open_common); |
6871 |
+@@ -775,15 +776,15 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry, |
6872 |
+ gfs2_glock_dq_uninit(ghs); |
6873 |
+ gfs2_glock_dq_uninit(ghs + 1); |
6874 |
+ clear_bit(GLF_INODE_CREATING, &io_gl->gl_flags); |
6875 |
++ gfs2_glock_put(io_gl); |
6876 |
+ return error; |
6877 |
+ |
6878 |
+ fail_gunlock3: |
6879 |
+ glock_clear_object(io_gl, ip); |
6880 |
+ gfs2_glock_dq_uninit(&ip->i_iopen_gh); |
6881 |
+- gfs2_glock_put(io_gl); |
6882 |
+ fail_gunlock2: |
6883 |
+- if (io_gl) |
6884 |
+- clear_bit(GLF_INODE_CREATING, &io_gl->gl_flags); |
6885 |
++ clear_bit(GLF_INODE_CREATING, &io_gl->gl_flags); |
6886 |
++ gfs2_glock_put(io_gl); |
6887 |
+ fail_free_inode: |
6888 |
+ if (ip->i_gl) { |
6889 |
+ glock_clear_object(ip->i_gl, ip); |
6890 |
+diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c |
6891 |
+index 5dae7c85d9b6e..2c7d76b4c5e18 100644 |
6892 |
+--- a/fs/nfs/pagelist.c |
6893 |
++++ b/fs/nfs/pagelist.c |
6894 |
+@@ -132,47 +132,70 @@ nfs_async_iocounter_wait(struct rpc_task *task, struct nfs_lock_context *l_ctx) |
6895 |
+ EXPORT_SYMBOL_GPL(nfs_async_iocounter_wait); |
6896 |
+ |
6897 |
+ /* |
6898 |
+- * nfs_page_group_lock - lock the head of the page group |
6899 |
+- * @req - request in group that is to be locked |
6900 |
++ * nfs_page_set_headlock - set the request PG_HEADLOCK |
6901 |
++ * @req: request that is to be locked |
6902 |
+ * |
6903 |
+- * this lock must be held when traversing or modifying the page |
6904 |
+- * group list |
6905 |
++ * this lock must be held when modifying req->wb_head |
6906 |
+ * |
6907 |
+ * return 0 on success, < 0 on error |
6908 |
+ */ |
6909 |
+ int |
6910 |
+-nfs_page_group_lock(struct nfs_page *req) |
6911 |
++nfs_page_set_headlock(struct nfs_page *req) |
6912 |
+ { |
6913 |
+- struct nfs_page *head = req->wb_head; |
6914 |
+- |
6915 |
+- WARN_ON_ONCE(head != head->wb_head); |
6916 |
+- |
6917 |
+- if (!test_and_set_bit(PG_HEADLOCK, &head->wb_flags)) |
6918 |
++ if (!test_and_set_bit(PG_HEADLOCK, &req->wb_flags)) |
6919 |
+ return 0; |
6920 |
+ |
6921 |
+- set_bit(PG_CONTENDED1, &head->wb_flags); |
6922 |
++ set_bit(PG_CONTENDED1, &req->wb_flags); |
6923 |
+ smp_mb__after_atomic(); |
6924 |
+- return wait_on_bit_lock(&head->wb_flags, PG_HEADLOCK, |
6925 |
++ return wait_on_bit_lock(&req->wb_flags, PG_HEADLOCK, |
6926 |
+ TASK_UNINTERRUPTIBLE); |
6927 |
+ } |
6928 |
+ |
6929 |
+ /* |
6930 |
+- * nfs_page_group_unlock - unlock the head of the page group |
6931 |
+- * @req - request in group that is to be unlocked |
6932 |
++ * nfs_page_clear_headlock - clear the request PG_HEADLOCK |
6933 |
++ * @req: request that is to be locked |
6934 |
+ */ |
6935 |
+ void |
6936 |
+-nfs_page_group_unlock(struct nfs_page *req) |
6937 |
++nfs_page_clear_headlock(struct nfs_page *req) |
6938 |
+ { |
6939 |
+- struct nfs_page *head = req->wb_head; |
6940 |
+- |
6941 |
+- WARN_ON_ONCE(head != head->wb_head); |
6942 |
+- |
6943 |
+ smp_mb__before_atomic(); |
6944 |
+- clear_bit(PG_HEADLOCK, &head->wb_flags); |
6945 |
++ clear_bit(PG_HEADLOCK, &req->wb_flags); |
6946 |
+ smp_mb__after_atomic(); |
6947 |
+- if (!test_bit(PG_CONTENDED1, &head->wb_flags)) |
6948 |
++ if (!test_bit(PG_CONTENDED1, &req->wb_flags)) |
6949 |
+ return; |
6950 |
+- wake_up_bit(&head->wb_flags, PG_HEADLOCK); |
6951 |
++ wake_up_bit(&req->wb_flags, PG_HEADLOCK); |
6952 |
++} |
6953 |
++ |
6954 |
++/* |
6955 |
++ * nfs_page_group_lock - lock the head of the page group |
6956 |
++ * @req: request in group that is to be locked |
6957 |
++ * |
6958 |
++ * this lock must be held when traversing or modifying the page |
6959 |
++ * group list |
6960 |
++ * |
6961 |
++ * return 0 on success, < 0 on error |
6962 |
++ */ |
6963 |
++int |
6964 |
++nfs_page_group_lock(struct nfs_page *req) |
6965 |
++{ |
6966 |
++ int ret; |
6967 |
++ |
6968 |
++ ret = nfs_page_set_headlock(req); |
6969 |
++ if (ret || req->wb_head == req) |
6970 |
++ return ret; |
6971 |
++ return nfs_page_set_headlock(req->wb_head); |
6972 |
++} |
6973 |
++ |
6974 |
++/* |
6975 |
++ * nfs_page_group_unlock - unlock the head of the page group |
6976 |
++ * @req: request in group that is to be unlocked |
6977 |
++ */ |
6978 |
++void |
6979 |
++nfs_page_group_unlock(struct nfs_page *req) |
6980 |
++{ |
6981 |
++ if (req != req->wb_head) |
6982 |
++ nfs_page_clear_headlock(req->wb_head); |
6983 |
++ nfs_page_clear_headlock(req); |
6984 |
+ } |
6985 |
+ |
6986 |
+ /* |
6987 |
+diff --git a/fs/nfs/write.c b/fs/nfs/write.c |
6988 |
+index 63d20308a9bb7..d419d89b91f7c 100644 |
6989 |
+--- a/fs/nfs/write.c |
6990 |
++++ b/fs/nfs/write.c |
6991 |
+@@ -416,22 +416,28 @@ nfs_destroy_unlinked_subrequests(struct nfs_page *destroy_list, |
6992 |
+ destroy_list = (subreq->wb_this_page == old_head) ? |
6993 |
+ NULL : subreq->wb_this_page; |
6994 |
+ |
6995 |
++ /* Note: lock subreq in order to change subreq->wb_head */ |
6996 |
++ nfs_page_set_headlock(subreq); |
6997 |
+ WARN_ON_ONCE(old_head != subreq->wb_head); |
6998 |
+ |
6999 |
+ /* make sure old group is not used */ |
7000 |
+ subreq->wb_this_page = subreq; |
7001 |
++ subreq->wb_head = subreq; |
7002 |
+ |
7003 |
+ clear_bit(PG_REMOVE, &subreq->wb_flags); |
7004 |
+ |
7005 |
+ /* Note: races with nfs_page_group_destroy() */ |
7006 |
+ if (!kref_read(&subreq->wb_kref)) { |
7007 |
+ /* Check if we raced with nfs_page_group_destroy() */ |
7008 |
+- if (test_and_clear_bit(PG_TEARDOWN, &subreq->wb_flags)) |
7009 |
++ if (test_and_clear_bit(PG_TEARDOWN, &subreq->wb_flags)) { |
7010 |
++ nfs_page_clear_headlock(subreq); |
7011 |
+ nfs_free_request(subreq); |
7012 |
++ } else |
7013 |
++ nfs_page_clear_headlock(subreq); |
7014 |
+ continue; |
7015 |
+ } |
7016 |
++ nfs_page_clear_headlock(subreq); |
7017 |
+ |
7018 |
+- subreq->wb_head = subreq; |
7019 |
+ nfs_release_request(old_head); |
7020 |
+ |
7021 |
+ if (test_and_clear_bit(PG_INODE_REF, &subreq->wb_flags)) { |
7022 |
+diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c |
7023 |
+index c24306af9758f..655079ae1dd1f 100644 |
7024 |
+--- a/fs/nfsd/nfs4state.c |
7025 |
++++ b/fs/nfsd/nfs4state.c |
7026 |
+@@ -471,6 +471,8 @@ find_any_file(struct nfs4_file *f) |
7027 |
+ { |
7028 |
+ struct file *ret; |
7029 |
+ |
7030 |
++ if (!f) |
7031 |
++ return NULL; |
7032 |
+ spin_lock(&f->fi_lock); |
7033 |
+ ret = __nfs4_get_fd(f, O_RDWR); |
7034 |
+ if (!ret) { |
7035 |
+@@ -1207,6 +1209,12 @@ static void nfs4_put_stateowner(struct nfs4_stateowner *sop) |
7036 |
+ nfs4_free_stateowner(sop); |
7037 |
+ } |
7038 |
+ |
7039 |
++static bool |
7040 |
++nfs4_ol_stateid_unhashed(const struct nfs4_ol_stateid *stp) |
7041 |
++{ |
7042 |
++ return list_empty(&stp->st_perfile); |
7043 |
++} |
7044 |
++ |
7045 |
+ static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) |
7046 |
+ { |
7047 |
+ struct nfs4_file *fp = stp->st_stid.sc_file; |
7048 |
+@@ -1274,9 +1282,11 @@ static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) |
7049 |
+ { |
7050 |
+ lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); |
7051 |
+ |
7052 |
++ if (!unhash_ol_stateid(stp)) |
7053 |
++ return false; |
7054 |
+ list_del_init(&stp->st_locks); |
7055 |
+ nfs4_unhash_stid(&stp->st_stid); |
7056 |
+- return unhash_ol_stateid(stp); |
7057 |
++ return true; |
7058 |
+ } |
7059 |
+ |
7060 |
+ static void release_lock_stateid(struct nfs4_ol_stateid *stp) |
7061 |
+@@ -1341,13 +1351,12 @@ static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, |
7062 |
+ static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, |
7063 |
+ struct list_head *reaplist) |
7064 |
+ { |
7065 |
+- bool unhashed; |
7066 |
+- |
7067 |
+ lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); |
7068 |
+ |
7069 |
+- unhashed = unhash_ol_stateid(stp); |
7070 |
++ if (!unhash_ol_stateid(stp)) |
7071 |
++ return false; |
7072 |
+ release_open_stateid_locks(stp, reaplist); |
7073 |
+- return unhashed; |
7074 |
++ return true; |
7075 |
+ } |
7076 |
+ |
7077 |
+ static void release_open_stateid(struct nfs4_ol_stateid *stp) |
7078 |
+@@ -5774,21 +5783,21 @@ alloc_init_lock_stateowner(unsigned int strhashval, struct nfs4_client *clp, |
7079 |
+ } |
7080 |
+ |
7081 |
+ static struct nfs4_ol_stateid * |
7082 |
+-find_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fp) |
7083 |
++find_lock_stateid(const struct nfs4_lockowner *lo, |
7084 |
++ const struct nfs4_ol_stateid *ost) |
7085 |
+ { |
7086 |
+ struct nfs4_ol_stateid *lst; |
7087 |
+- struct nfs4_client *clp = lo->lo_owner.so_client; |
7088 |
+ |
7089 |
+- lockdep_assert_held(&clp->cl_lock); |
7090 |
++ lockdep_assert_held(&ost->st_stid.sc_client->cl_lock); |
7091 |
+ |
7092 |
+- list_for_each_entry(lst, &lo->lo_owner.so_stateids, st_perstateowner) { |
7093 |
+- if (lst->st_stid.sc_type != NFS4_LOCK_STID) |
7094 |
+- continue; |
7095 |
+- if (lst->st_stid.sc_file == fp) { |
7096 |
+- refcount_inc(&lst->st_stid.sc_count); |
7097 |
+- return lst; |
7098 |
++ /* If ost is not hashed, ost->st_locks will not be valid */ |
7099 |
++ if (!nfs4_ol_stateid_unhashed(ost)) |
7100 |
++ list_for_each_entry(lst, &ost->st_locks, st_locks) { |
7101 |
++ if (lst->st_stateowner == &lo->lo_owner) { |
7102 |
++ refcount_inc(&lst->st_stid.sc_count); |
7103 |
++ return lst; |
7104 |
++ } |
7105 |
+ } |
7106 |
+- } |
7107 |
+ return NULL; |
7108 |
+ } |
7109 |
+ |
7110 |
+@@ -5804,11 +5813,11 @@ init_lock_stateid(struct nfs4_ol_stateid *stp, struct nfs4_lockowner *lo, |
7111 |
+ mutex_lock_nested(&stp->st_mutex, OPEN_STATEID_MUTEX); |
7112 |
+ retry: |
7113 |
+ spin_lock(&clp->cl_lock); |
7114 |
+- spin_lock(&fp->fi_lock); |
7115 |
+- retstp = find_lock_stateid(lo, fp); |
7116 |
++ if (nfs4_ol_stateid_unhashed(open_stp)) |
7117 |
++ goto out_close; |
7118 |
++ retstp = find_lock_stateid(lo, open_stp); |
7119 |
+ if (retstp) |
7120 |
+- goto out_unlock; |
7121 |
+- |
7122 |
++ goto out_found; |
7123 |
+ refcount_inc(&stp->st_stid.sc_count); |
7124 |
+ stp->st_stid.sc_type = NFS4_LOCK_STID; |
7125 |
+ stp->st_stateowner = nfs4_get_stateowner(&lo->lo_owner); |
7126 |
+@@ -5817,22 +5826,26 @@ retry: |
7127 |
+ stp->st_access_bmap = 0; |
7128 |
+ stp->st_deny_bmap = open_stp->st_deny_bmap; |
7129 |
+ stp->st_openstp = open_stp; |
7130 |
++ spin_lock(&fp->fi_lock); |
7131 |
+ list_add(&stp->st_locks, &open_stp->st_locks); |
7132 |
+ list_add(&stp->st_perstateowner, &lo->lo_owner.so_stateids); |
7133 |
+ list_add(&stp->st_perfile, &fp->fi_stateids); |
7134 |
+-out_unlock: |
7135 |
+ spin_unlock(&fp->fi_lock); |
7136 |
+ spin_unlock(&clp->cl_lock); |
7137 |
+- if (retstp) { |
7138 |
+- if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { |
7139 |
+- nfs4_put_stid(&retstp->st_stid); |
7140 |
+- goto retry; |
7141 |
+- } |
7142 |
+- /* To keep mutex tracking happy */ |
7143 |
+- mutex_unlock(&stp->st_mutex); |
7144 |
+- stp = retstp; |
7145 |
+- } |
7146 |
+ return stp; |
7147 |
++out_found: |
7148 |
++ spin_unlock(&clp->cl_lock); |
7149 |
++ if (nfsd4_lock_ol_stateid(retstp) != nfs_ok) { |
7150 |
++ nfs4_put_stid(&retstp->st_stid); |
7151 |
++ goto retry; |
7152 |
++ } |
7153 |
++ /* To keep mutex tracking happy */ |
7154 |
++ mutex_unlock(&stp->st_mutex); |
7155 |
++ return retstp; |
7156 |
++out_close: |
7157 |
++ spin_unlock(&clp->cl_lock); |
7158 |
++ mutex_unlock(&stp->st_mutex); |
7159 |
++ return NULL; |
7160 |
+ } |
7161 |
+ |
7162 |
+ static struct nfs4_ol_stateid * |
7163 |
+@@ -5847,7 +5860,7 @@ find_or_create_lock_stateid(struct nfs4_lockowner *lo, struct nfs4_file *fi, |
7164 |
+ |
7165 |
+ *new = false; |
7166 |
+ spin_lock(&clp->cl_lock); |
7167 |
+- lst = find_lock_stateid(lo, fi); |
7168 |
++ lst = find_lock_stateid(lo, ost); |
7169 |
+ spin_unlock(&clp->cl_lock); |
7170 |
+ if (lst != NULL) { |
7171 |
+ if (nfsd4_lock_ol_stateid(lst) == nfs_ok) |
7172 |
+diff --git a/fs/ubifs/io.c b/fs/ubifs/io.c |
7173 |
+index 099bec94b8207..fab29f899f913 100644 |
7174 |
+--- a/fs/ubifs/io.c |
7175 |
++++ b/fs/ubifs/io.c |
7176 |
+@@ -237,7 +237,7 @@ int ubifs_is_mapped(const struct ubifs_info *c, int lnum) |
7177 |
+ int ubifs_check_node(const struct ubifs_info *c, const void *buf, int lnum, |
7178 |
+ int offs, int quiet, int must_chk_crc) |
7179 |
+ { |
7180 |
+- int err = -EINVAL, type, node_len; |
7181 |
++ int err = -EINVAL, type, node_len, dump_node = 1; |
7182 |
+ uint32_t crc, node_crc, magic; |
7183 |
+ const struct ubifs_ch *ch = buf; |
7184 |
+ |
7185 |
+@@ -290,10 +290,22 @@ int ubifs_check_node(const struct ubifs_info *c, const void *buf, int lnum, |
7186 |
+ out_len: |
7187 |
+ if (!quiet) |
7188 |
+ ubifs_err(c, "bad node length %d", node_len); |
7189 |
++ if (type == UBIFS_DATA_NODE && node_len > UBIFS_DATA_NODE_SZ) |
7190 |
++ dump_node = 0; |
7191 |
+ out: |
7192 |
+ if (!quiet) { |
7193 |
+ ubifs_err(c, "bad node at LEB %d:%d", lnum, offs); |
7194 |
+- ubifs_dump_node(c, buf); |
7195 |
++ if (dump_node) { |
7196 |
++ ubifs_dump_node(c, buf); |
7197 |
++ } else { |
7198 |
++ int safe_len = min3(node_len, c->leb_size - offs, |
7199 |
++ (int)UBIFS_MAX_DATA_NODE_SZ); |
7200 |
++ pr_err("\tprevent out-of-bounds memory access\n"); |
7201 |
++ pr_err("\ttruncated data node length %d\n", safe_len); |
7202 |
++ pr_err("\tcorrupted data node:\n"); |
7203 |
++ print_hex_dump(KERN_ERR, "\t", DUMP_PREFIX_OFFSET, 32, 1, |
7204 |
++ buf, safe_len, 0); |
7205 |
++ } |
7206 |
+ dump_stack(); |
7207 |
+ } |
7208 |
+ return err; |
7209 |
+diff --git a/fs/xfs/libxfs/xfs_attr_leaf.c b/fs/xfs/libxfs/xfs_attr_leaf.c |
7210 |
+index bd37f4a292c3b..efb586ea508bf 100644 |
7211 |
+--- a/fs/xfs/libxfs/xfs_attr_leaf.c |
7212 |
++++ b/fs/xfs/libxfs/xfs_attr_leaf.c |
7213 |
+@@ -1438,7 +1438,9 @@ xfs_attr3_leaf_add_work( |
7214 |
+ for (i = 0; i < XFS_ATTR_LEAF_MAPSIZE; i++) { |
7215 |
+ if (ichdr->freemap[i].base == tmp) { |
7216 |
+ ichdr->freemap[i].base += sizeof(xfs_attr_leaf_entry_t); |
7217 |
+- ichdr->freemap[i].size -= sizeof(xfs_attr_leaf_entry_t); |
7218 |
++ ichdr->freemap[i].size -= |
7219 |
++ min_t(uint16_t, ichdr->freemap[i].size, |
7220 |
++ sizeof(xfs_attr_leaf_entry_t)); |
7221 |
+ } |
7222 |
+ } |
7223 |
+ ichdr->usedbytes += xfs_attr_leaf_entsize(leaf, args->index); |
7224 |
+diff --git a/fs/xfs/libxfs/xfs_dir2_node.c b/fs/xfs/libxfs/xfs_dir2_node.c |
7225 |
+index f1bb3434f51c7..01e99806b941f 100644 |
7226 |
+--- a/fs/xfs/libxfs/xfs_dir2_node.c |
7227 |
++++ b/fs/xfs/libxfs/xfs_dir2_node.c |
7228 |
+@@ -214,6 +214,7 @@ __xfs_dir3_free_read( |
7229 |
+ if (fa) { |
7230 |
+ xfs_verifier_error(*bpp, -EFSCORRUPTED, fa); |
7231 |
+ xfs_trans_brelse(tp, *bpp); |
7232 |
++ *bpp = NULL; |
7233 |
+ return -EFSCORRUPTED; |
7234 |
+ } |
7235 |
+ |
7236 |
+diff --git a/fs/xfs/libxfs/xfs_trans_resv.c b/fs/xfs/libxfs/xfs_trans_resv.c |
7237 |
+index f99a7aefe4184..2b3cc5a8ced1b 100644 |
7238 |
+--- a/fs/xfs/libxfs/xfs_trans_resv.c |
7239 |
++++ b/fs/xfs/libxfs/xfs_trans_resv.c |
7240 |
+@@ -197,6 +197,24 @@ xfs_calc_inode_chunk_res( |
7241 |
+ return res; |
7242 |
+ } |
7243 |
+ |
7244 |
++/* |
7245 |
++ * Per-extent log reservation for the btree changes involved in freeing or |
7246 |
++ * allocating a realtime extent. We have to be able to log as many rtbitmap |
7247 |
++ * blocks as needed to mark inuse MAXEXTLEN blocks' worth of realtime extents, |
7248 |
++ * as well as the realtime summary block. |
7249 |
++ */ |
7250 |
++unsigned int |
7251 |
++xfs_rtalloc_log_count( |
7252 |
++ struct xfs_mount *mp, |
7253 |
++ unsigned int num_ops) |
7254 |
++{ |
7255 |
++ unsigned int blksz = XFS_FSB_TO_B(mp, 1); |
7256 |
++ unsigned int rtbmp_bytes; |
7257 |
++ |
7258 |
++ rtbmp_bytes = (MAXEXTLEN / mp->m_sb.sb_rextsize) / NBBY; |
7259 |
++ return (howmany(rtbmp_bytes, blksz) + 1) * num_ops; |
7260 |
++} |
7261 |
++ |
7262 |
+ /* |
7263 |
+ * Various log reservation values. |
7264 |
+ * |
7265 |
+@@ -219,13 +237,21 @@ xfs_calc_inode_chunk_res( |
7266 |
+ |
7267 |
+ /* |
7268 |
+ * In a write transaction we can allocate a maximum of 2 |
7269 |
+- * extents. This gives: |
7270 |
++ * extents. This gives (t1): |
7271 |
+ * the inode getting the new extents: inode size |
7272 |
+ * the inode's bmap btree: max depth * block size |
7273 |
+ * the agfs of the ags from which the extents are allocated: 2 * sector |
7274 |
+ * the superblock free block counter: sector size |
7275 |
+ * the allocation btrees: 2 exts * 2 trees * (2 * max depth - 1) * block size |
7276 |
+- * And the bmap_finish transaction can free bmap blocks in a join: |
7277 |
++ * Or, if we're writing to a realtime file (t2): |
7278 |
++ * the inode getting the new extents: inode size |
7279 |
++ * the inode's bmap btree: max depth * block size |
7280 |
++ * the agfs of the ags from which the extents are allocated: 2 * sector |
7281 |
++ * the superblock free block counter: sector size |
7282 |
++ * the realtime bitmap: ((MAXEXTLEN / rtextsize) / NBBY) bytes |
7283 |
++ * the realtime summary: 1 block |
7284 |
++ * the allocation btrees: 2 trees * (2 * max depth - 1) * block size |
7285 |
++ * And the bmap_finish transaction can free bmap blocks in a join (t3): |
7286 |
+ * the agfs of the ags containing the blocks: 2 * sector size |
7287 |
+ * the agfls of the ags containing the blocks: 2 * sector size |
7288 |
+ * the super block free block counter: sector size |
7289 |
+@@ -235,40 +261,72 @@ STATIC uint |
7290 |
+ xfs_calc_write_reservation( |
7291 |
+ struct xfs_mount *mp) |
7292 |
+ { |
7293 |
+- return XFS_DQUOT_LOGRES(mp) + |
7294 |
+- max((xfs_calc_inode_res(mp, 1) + |
7295 |
++ unsigned int t1, t2, t3; |
7296 |
++ unsigned int blksz = XFS_FSB_TO_B(mp, 1); |
7297 |
++ |
7298 |
++ t1 = xfs_calc_inode_res(mp, 1) + |
7299 |
++ xfs_calc_buf_res(XFS_BM_MAXLEVELS(mp, XFS_DATA_FORK), blksz) + |
7300 |
++ xfs_calc_buf_res(3, mp->m_sb.sb_sectsize) + |
7301 |
++ xfs_calc_buf_res(xfs_allocfree_log_count(mp, 2), blksz); |
7302 |
++ |
7303 |
++ if (xfs_sb_version_hasrealtime(&mp->m_sb)) { |
7304 |
++ t2 = xfs_calc_inode_res(mp, 1) + |
7305 |
+ xfs_calc_buf_res(XFS_BM_MAXLEVELS(mp, XFS_DATA_FORK), |
7306 |
+- XFS_FSB_TO_B(mp, 1)) + |
7307 |
++ blksz) + |
7308 |
+ xfs_calc_buf_res(3, mp->m_sb.sb_sectsize) + |
7309 |
+- xfs_calc_buf_res(xfs_allocfree_log_count(mp, 2), |
7310 |
+- XFS_FSB_TO_B(mp, 1))), |
7311 |
+- (xfs_calc_buf_res(5, mp->m_sb.sb_sectsize) + |
7312 |
+- xfs_calc_buf_res(xfs_allocfree_log_count(mp, 2), |
7313 |
+- XFS_FSB_TO_B(mp, 1)))); |
7314 |
++ xfs_calc_buf_res(xfs_rtalloc_log_count(mp, 1), blksz) + |
7315 |
++ xfs_calc_buf_res(xfs_allocfree_log_count(mp, 1), blksz); |
7316 |
++ } else { |
7317 |
++ t2 = 0; |
7318 |
++ } |
7319 |
++ |
7320 |
++ t3 = xfs_calc_buf_res(5, mp->m_sb.sb_sectsize) + |
7321 |
++ xfs_calc_buf_res(xfs_allocfree_log_count(mp, 2), blksz); |
7322 |
++ |
7323 |
++ return XFS_DQUOT_LOGRES(mp) + max3(t1, t2, t3); |
7324 |
+ } |
7325 |
+ |
7326 |
+ /* |
7327 |
+- * In truncating a file we free up to two extents at once. We can modify: |
7328 |
++ * In truncating a file we free up to two extents at once. We can modify (t1): |
7329 |
+ * the inode being truncated: inode size |
7330 |
+ * the inode's bmap btree: (max depth + 1) * block size |
7331 |
+- * And the bmap_finish transaction can free the blocks and bmap blocks: |
7332 |
++ * And the bmap_finish transaction can free the blocks and bmap blocks (t2): |
7333 |
+ * the agf for each of the ags: 4 * sector size |
7334 |
+ * the agfl for each of the ags: 4 * sector size |
7335 |
+ * the super block to reflect the freed blocks: sector size |
7336 |
+ * worst case split in allocation btrees per extent assuming 4 extents: |
7337 |
+ * 4 exts * 2 trees * (2 * max depth - 1) * block size |
7338 |
++ * Or, if it's a realtime file (t3): |
7339 |
++ * the agf for each of the ags: 2 * sector size |
7340 |
++ * the agfl for each of the ags: 2 * sector size |
7341 |
++ * the super block to reflect the freed blocks: sector size |
7342 |
++ * the realtime bitmap: 2 exts * ((MAXEXTLEN / rtextsize) / NBBY) bytes |
7343 |
++ * the realtime summary: 2 exts * 1 block |
7344 |
++ * worst case split in allocation btrees per extent assuming 2 extents: |
7345 |
++ * 2 exts * 2 trees * (2 * max depth - 1) * block size |
7346 |
+ */ |
7347 |
+ STATIC uint |
7348 |
+ xfs_calc_itruncate_reservation( |
7349 |
+ struct xfs_mount *mp) |
7350 |
+ { |
7351 |
+- return XFS_DQUOT_LOGRES(mp) + |
7352 |
+- max((xfs_calc_inode_res(mp, 1) + |
7353 |
+- xfs_calc_buf_res(XFS_BM_MAXLEVELS(mp, XFS_DATA_FORK) + 1, |
7354 |
+- XFS_FSB_TO_B(mp, 1))), |
7355 |
+- (xfs_calc_buf_res(9, mp->m_sb.sb_sectsize) + |
7356 |
+- xfs_calc_buf_res(xfs_allocfree_log_count(mp, 4), |
7357 |
+- XFS_FSB_TO_B(mp, 1)))); |
7358 |
++ unsigned int t1, t2, t3; |
7359 |
++ unsigned int blksz = XFS_FSB_TO_B(mp, 1); |
7360 |
++ |
7361 |
++ t1 = xfs_calc_inode_res(mp, 1) + |
7362 |
++ xfs_calc_buf_res(XFS_BM_MAXLEVELS(mp, XFS_DATA_FORK) + 1, blksz); |
7363 |
++ |
7364 |
++ t2 = xfs_calc_buf_res(9, mp->m_sb.sb_sectsize) + |
7365 |
++ xfs_calc_buf_res(xfs_allocfree_log_count(mp, 4), blksz); |
7366 |
++ |
7367 |
++ if (xfs_sb_version_hasrealtime(&mp->m_sb)) { |
7368 |
++ t3 = xfs_calc_buf_res(5, mp->m_sb.sb_sectsize) + |
7369 |
++ xfs_calc_buf_res(xfs_rtalloc_log_count(mp, 2), blksz) + |
7370 |
++ xfs_calc_buf_res(xfs_allocfree_log_count(mp, 2), blksz); |
7371 |
++ } else { |
7372 |
++ t3 = 0; |
7373 |
++ } |
7374 |
++ |
7375 |
++ return XFS_DQUOT_LOGRES(mp) + max3(t1, t2, t3); |
7376 |
+ } |
7377 |
+ |
7378 |
+ /* |
7379 |
+diff --git a/fs/xfs/scrub/dir.c b/fs/xfs/scrub/dir.c |
7380 |
+index cd3e4d768a18c..33dfcba72c7a0 100644 |
7381 |
+--- a/fs/xfs/scrub/dir.c |
7382 |
++++ b/fs/xfs/scrub/dir.c |
7383 |
+@@ -156,6 +156,9 @@ xchk_dir_actor( |
7384 |
+ xname.type = XFS_DIR3_FT_UNKNOWN; |
7385 |
+ |
7386 |
+ error = xfs_dir_lookup(sdc->sc->tp, ip, &xname, &lookup_ino, NULL); |
7387 |
++ /* ENOENT means the hash lookup failed and the dir is corrupt */ |
7388 |
++ if (error == -ENOENT) |
7389 |
++ error = -EFSCORRUPTED; |
7390 |
+ if (!xchk_fblock_process_error(sdc->sc, XFS_DATA_FORK, offset, |
7391 |
+ &error)) |
7392 |
+ goto out; |
7393 |
+diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h |
7394 |
+index 3b0ba54cc4d5b..3bc1034c57e66 100644 |
7395 |
+--- a/include/linux/debugfs.h |
7396 |
++++ b/include/linux/debugfs.h |
7397 |
+@@ -54,6 +54,8 @@ static const struct file_operations __fops = { \ |
7398 |
+ .llseek = no_llseek, \ |
7399 |
+ } |
7400 |
+ |
7401 |
++typedef struct vfsmount *(*debugfs_automount_t)(struct dentry *, void *); |
7402 |
++ |
7403 |
+ #if defined(CONFIG_DEBUG_FS) |
7404 |
+ |
7405 |
+ struct dentry *debugfs_lookup(const char *name, struct dentry *parent); |
7406 |
+@@ -75,7 +77,6 @@ struct dentry *debugfs_create_dir(const char *name, struct dentry *parent); |
7407 |
+ struct dentry *debugfs_create_symlink(const char *name, struct dentry *parent, |
7408 |
+ const char *dest); |
7409 |
+ |
7410 |
+-typedef struct vfsmount *(*debugfs_automount_t)(struct dentry *, void *); |
7411 |
+ struct dentry *debugfs_create_automount(const char *name, |
7412 |
+ struct dentry *parent, |
7413 |
+ debugfs_automount_t f, |
7414 |
+@@ -204,7 +205,7 @@ static inline struct dentry *debugfs_create_symlink(const char *name, |
7415 |
+ |
7416 |
+ static inline struct dentry *debugfs_create_automount(const char *name, |
7417 |
+ struct dentry *parent, |
7418 |
+- struct vfsmount *(*f)(void *), |
7419 |
++ debugfs_automount_t f, |
7420 |
+ void *data) |
7421 |
+ { |
7422 |
+ return ERR_PTR(-ENODEV); |
7423 |
+diff --git a/include/linux/libata.h b/include/linux/libata.h |
7424 |
+index afc1d72161ba5..3d076aca7ac2a 100644 |
7425 |
+--- a/include/linux/libata.h |
7426 |
++++ b/include/linux/libata.h |
7427 |
+@@ -503,6 +503,7 @@ enum hsm_task_states { |
7428 |
+ }; |
7429 |
+ |
7430 |
+ enum ata_completion_errors { |
7431 |
++ AC_ERR_OK = 0, /* no error */ |
7432 |
+ AC_ERR_DEV = (1 << 0), /* device reported error */ |
7433 |
+ AC_ERR_HSM = (1 << 1), /* host state machine violation */ |
7434 |
+ AC_ERR_TIMEOUT = (1 << 2), /* timeout */ |
7435 |
+@@ -912,9 +913,9 @@ struct ata_port_operations { |
7436 |
+ /* |
7437 |
+ * Command execution |
7438 |
+ */ |
7439 |
+- int (*qc_defer)(struct ata_queued_cmd *qc); |
7440 |
+- int (*check_atapi_dma)(struct ata_queued_cmd *qc); |
7441 |
+- void (*qc_prep)(struct ata_queued_cmd *qc); |
7442 |
++ int (*qc_defer)(struct ata_queued_cmd *qc); |
7443 |
++ int (*check_atapi_dma)(struct ata_queued_cmd *qc); |
7444 |
++ enum ata_completion_errors (*qc_prep)(struct ata_queued_cmd *qc); |
7445 |
+ unsigned int (*qc_issue)(struct ata_queued_cmd *qc); |
7446 |
+ bool (*qc_fill_rtf)(struct ata_queued_cmd *qc); |
7447 |
+ |
7448 |
+@@ -1181,7 +1182,7 @@ extern int ata_xfer_mode2shift(unsigned long xfer_mode); |
7449 |
+ extern const char *ata_mode_string(unsigned long xfer_mask); |
7450 |
+ extern unsigned long ata_id_xfermask(const u16 *id); |
7451 |
+ extern int ata_std_qc_defer(struct ata_queued_cmd *qc); |
7452 |
+-extern void ata_noop_qc_prep(struct ata_queued_cmd *qc); |
7453 |
++extern enum ata_completion_errors ata_noop_qc_prep(struct ata_queued_cmd *qc); |
7454 |
+ extern void ata_sg_init(struct ata_queued_cmd *qc, struct scatterlist *sg, |
7455 |
+ unsigned int n_elem); |
7456 |
+ extern unsigned int ata_dev_classify(const struct ata_taskfile *tf); |
7457 |
+@@ -1916,9 +1917,9 @@ extern const struct ata_port_operations ata_bmdma_port_ops; |
7458 |
+ .sg_tablesize = LIBATA_MAX_PRD, \ |
7459 |
+ .dma_boundary = ATA_DMA_BOUNDARY |
7460 |
+ |
7461 |
+-extern void ata_bmdma_qc_prep(struct ata_queued_cmd *qc); |
7462 |
++extern enum ata_completion_errors ata_bmdma_qc_prep(struct ata_queued_cmd *qc); |
7463 |
+ extern unsigned int ata_bmdma_qc_issue(struct ata_queued_cmd *qc); |
7464 |
+-extern void ata_bmdma_dumb_qc_prep(struct ata_queued_cmd *qc); |
7465 |
++extern enum ata_completion_errors ata_bmdma_dumb_qc_prep(struct ata_queued_cmd *qc); |
7466 |
+ extern unsigned int ata_bmdma_port_intr(struct ata_port *ap, |
7467 |
+ struct ata_queued_cmd *qc); |
7468 |
+ extern irqreturn_t ata_bmdma_interrupt(int irq, void *dev_instance); |
7469 |
+diff --git a/include/linux/mmc/card.h b/include/linux/mmc/card.h |
7470 |
+index 8ef330027b134..3f8e84a80b4ad 100644 |
7471 |
+--- a/include/linux/mmc/card.h |
7472 |
++++ b/include/linux/mmc/card.h |
7473 |
+@@ -227,7 +227,7 @@ struct mmc_queue_req; |
7474 |
+ * MMC Physical partitions |
7475 |
+ */ |
7476 |
+ struct mmc_part { |
7477 |
+- unsigned int size; /* partition size (in bytes) */ |
7478 |
++ u64 size; /* partition size (in bytes) */ |
7479 |
+ unsigned int part_cfg; /* partition type */ |
7480 |
+ char name[MAX_MMC_PART_NAME_LEN]; |
7481 |
+ bool force_ro; /* to make boot parts RO by default */ |
7482 |
+diff --git a/include/linux/nfs_page.h b/include/linux/nfs_page.h |
7483 |
+index ad69430fd0eb5..5162fc1533c2f 100644 |
7484 |
+--- a/include/linux/nfs_page.h |
7485 |
++++ b/include/linux/nfs_page.h |
7486 |
+@@ -142,6 +142,8 @@ extern void nfs_unlock_and_release_request(struct nfs_page *); |
7487 |
+ extern int nfs_page_group_lock(struct nfs_page *); |
7488 |
+ extern void nfs_page_group_unlock(struct nfs_page *); |
7489 |
+ extern bool nfs_page_group_sync_on_bit(struct nfs_page *, unsigned int); |
7490 |
++extern int nfs_page_set_headlock(struct nfs_page *req); |
7491 |
++extern void nfs_page_clear_headlock(struct nfs_page *req); |
7492 |
+ extern bool nfs_async_iocounter_wait(struct rpc_task *, struct nfs_lock_context *); |
7493 |
+ |
7494 |
+ /* |
7495 |
+diff --git a/include/linux/pci.h b/include/linux/pci.h |
7496 |
+index 2517492dd1855..2fda9893962d1 100644 |
7497 |
+--- a/include/linux/pci.h |
7498 |
++++ b/include/linux/pci.h |
7499 |
+@@ -1144,7 +1144,6 @@ int pci_enable_rom(struct pci_dev *pdev); |
7500 |
+ void pci_disable_rom(struct pci_dev *pdev); |
7501 |
+ void __iomem __must_check *pci_map_rom(struct pci_dev *pdev, size_t *size); |
7502 |
+ void pci_unmap_rom(struct pci_dev *pdev, void __iomem *rom); |
7503 |
+-void __iomem __must_check *pci_platform_rom(struct pci_dev *pdev, size_t *size); |
7504 |
+ |
7505 |
+ /* Power management related routines */ |
7506 |
+ int pci_save_state(struct pci_dev *dev); |
7507 |
+diff --git a/include/linux/seqlock.h b/include/linux/seqlock.h |
7508 |
+index bcf4cf26b8c89..a42a29952889c 100644 |
7509 |
+--- a/include/linux/seqlock.h |
7510 |
++++ b/include/linux/seqlock.h |
7511 |
+@@ -243,6 +243,13 @@ static inline void raw_write_seqcount_end(seqcount_t *s) |
7512 |
+ * usual consistency guarantee. It is one wmb cheaper, because we can |
7513 |
+ * collapse the two back-to-back wmb()s. |
7514 |
+ * |
7515 |
++ * Note that, writes surrounding the barrier should be declared atomic (e.g. |
7516 |
++ * via WRITE_ONCE): a) to ensure the writes become visible to other threads |
7517 |
++ * atomically, avoiding compiler optimizations; b) to document which writes are |
7518 |
++ * meant to propagate to the reader critical section. This is necessary because |
7519 |
++ * neither writes before and after the barrier are enclosed in a seq-writer |
7520 |
++ * critical section that would ensure readers are aware of ongoing writes. |
7521 |
++ * |
7522 |
+ * seqcount_t seq; |
7523 |
+ * bool X = true, Y = false; |
7524 |
+ * |
7525 |
+@@ -262,11 +269,11 @@ static inline void raw_write_seqcount_end(seqcount_t *s) |
7526 |
+ * |
7527 |
+ * void write(void) |
7528 |
+ * { |
7529 |
+- * Y = true; |
7530 |
++ * WRITE_ONCE(Y, true); |
7531 |
+ * |
7532 |
+ * raw_write_seqcount_barrier(seq); |
7533 |
+ * |
7534 |
+- * X = false; |
7535 |
++ * WRITE_ONCE(X, false); |
7536 |
+ * } |
7537 |
+ */ |
7538 |
+ static inline void raw_write_seqcount_barrier(seqcount_t *s) |
7539 |
+diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
7540 |
+index cbc0294f39899..703ce71caeacb 100644 |
7541 |
+--- a/include/linux/skbuff.h |
7542 |
++++ b/include/linux/skbuff.h |
7543 |
+@@ -1688,6 +1688,18 @@ static inline __u32 skb_queue_len(const struct sk_buff_head *list_) |
7544 |
+ return list_->qlen; |
7545 |
+ } |
7546 |
+ |
7547 |
++/** |
7548 |
++ * skb_queue_len_lockless - get queue length |
7549 |
++ * @list_: list to measure |
7550 |
++ * |
7551 |
++ * Return the length of an &sk_buff queue. |
7552 |
++ * This variant can be used in lockless contexts. |
7553 |
++ */ |
7554 |
++static inline __u32 skb_queue_len_lockless(const struct sk_buff_head *list_) |
7555 |
++{ |
7556 |
++ return READ_ONCE(list_->qlen); |
7557 |
++} |
7558 |
++ |
7559 |
+ /** |
7560 |
+ * __skb_queue_head_init - initialize non-spinlock portions of sk_buff_head |
7561 |
+ * @list: queue to initialize |
7562 |
+@@ -1895,7 +1907,7 @@ static inline void __skb_unlink(struct sk_buff *skb, struct sk_buff_head *list) |
7563 |
+ { |
7564 |
+ struct sk_buff *next, *prev; |
7565 |
+ |
7566 |
+- list->qlen--; |
7567 |
++ WRITE_ONCE(list->qlen, list->qlen - 1); |
7568 |
+ next = skb->next; |
7569 |
+ prev = skb->prev; |
7570 |
+ skb->next = skb->prev = NULL; |
7571 |
+diff --git a/include/net/sock.h b/include/net/sock.h |
7572 |
+index 77f36257cac97..bc752237dff3f 100644 |
7573 |
+--- a/include/net/sock.h |
7574 |
++++ b/include/net/sock.h |
7575 |
+@@ -900,11 +900,11 @@ static inline void __sk_add_backlog(struct sock *sk, struct sk_buff *skb) |
7576 |
+ skb_dst_force(skb); |
7577 |
+ |
7578 |
+ if (!sk->sk_backlog.tail) |
7579 |
+- sk->sk_backlog.head = skb; |
7580 |
++ WRITE_ONCE(sk->sk_backlog.head, skb); |
7581 |
+ else |
7582 |
+ sk->sk_backlog.tail->next = skb; |
7583 |
+ |
7584 |
+- sk->sk_backlog.tail = skb; |
7585 |
++ WRITE_ONCE(sk->sk_backlog.tail, skb); |
7586 |
+ skb->next = NULL; |
7587 |
+ } |
7588 |
+ |
7589 |
+diff --git a/include/trace/events/sctp.h b/include/trace/events/sctp.h |
7590 |
+index 7475c7be165aa..d4aac34365955 100644 |
7591 |
+--- a/include/trace/events/sctp.h |
7592 |
++++ b/include/trace/events/sctp.h |
7593 |
+@@ -75,15 +75,6 @@ TRACE_EVENT(sctp_probe, |
7594 |
+ __entry->pathmtu = asoc->pathmtu; |
7595 |
+ __entry->rwnd = asoc->peer.rwnd; |
7596 |
+ __entry->unack_data = asoc->unack_data; |
7597 |
+- |
7598 |
+- if (trace_sctp_probe_path_enabled()) { |
7599 |
+- struct sctp_transport *sp; |
7600 |
+- |
7601 |
+- list_for_each_entry(sp, &asoc->peer.transport_addr_list, |
7602 |
+- transports) { |
7603 |
+- trace_sctp_probe_path(sp, asoc); |
7604 |
+- } |
7605 |
+- } |
7606 |
+ ), |
7607 |
+ |
7608 |
+ TP_printk("asoc=%#llx mark=%#x bind_port=%d peer_port=%d pathmtu=%d " |
7609 |
+diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c |
7610 |
+index 4f7262eba73d8..50952d6d81209 100644 |
7611 |
+--- a/kernel/audit_watch.c |
7612 |
++++ b/kernel/audit_watch.c |
7613 |
+@@ -317,8 +317,6 @@ static void audit_update_watch(struct audit_parent *parent, |
7614 |
+ if (oentry->rule.exe) |
7615 |
+ audit_remove_mark(oentry->rule.exe); |
7616 |
+ |
7617 |
+- audit_watch_log_rule_change(r, owatch, "updated_rules"); |
7618 |
+- |
7619 |
+ call_rcu(&oentry->rcu, audit_free_rule_rcu); |
7620 |
+ } |
7621 |
+ |
7622 |
+diff --git a/kernel/bpf/hashtab.c b/kernel/bpf/hashtab.c |
7623 |
+index 1b28fb006763a..3f3ed33bd2fdc 100644 |
7624 |
+--- a/kernel/bpf/hashtab.c |
7625 |
++++ b/kernel/bpf/hashtab.c |
7626 |
+@@ -667,15 +667,7 @@ static void htab_elem_free_rcu(struct rcu_head *head) |
7627 |
+ struct htab_elem *l = container_of(head, struct htab_elem, rcu); |
7628 |
+ struct bpf_htab *htab = l->htab; |
7629 |
+ |
7630 |
+- /* must increment bpf_prog_active to avoid kprobe+bpf triggering while |
7631 |
+- * we're calling kfree, otherwise deadlock is possible if kprobes |
7632 |
+- * are placed somewhere inside of slub |
7633 |
+- */ |
7634 |
+- preempt_disable(); |
7635 |
+- __this_cpu_inc(bpf_prog_active); |
7636 |
+ htab_elem_free(htab, l); |
7637 |
+- __this_cpu_dec(bpf_prog_active); |
7638 |
+- preempt_enable(); |
7639 |
+ } |
7640 |
+ |
7641 |
+ static void htab_put_fd_value(struct bpf_htab *htab, struct htab_elem *l) |
7642 |
+diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c |
7643 |
+index c04815bb15cc1..11fade89c1f38 100644 |
7644 |
+--- a/kernel/bpf/inode.c |
7645 |
++++ b/kernel/bpf/inode.c |
7646 |
+@@ -207,10 +207,12 @@ static void *map_seq_next(struct seq_file *m, void *v, loff_t *pos) |
7647 |
+ else |
7648 |
+ prev_key = key; |
7649 |
+ |
7650 |
++ rcu_read_lock(); |
7651 |
+ if (map->ops->map_get_next_key(map, prev_key, key)) { |
7652 |
+ map_iter(m)->done = true; |
7653 |
+- return NULL; |
7654 |
++ key = NULL; |
7655 |
+ } |
7656 |
++ rcu_read_unlock(); |
7657 |
+ return key; |
7658 |
+ } |
7659 |
+ |
7660 |
+diff --git a/kernel/kprobes.c b/kernel/kprobes.c |
7661 |
+index 230d9d599b5aa..2161f519d4812 100644 |
7662 |
+--- a/kernel/kprobes.c |
7663 |
++++ b/kernel/kprobes.c |
7664 |
+@@ -1065,9 +1065,20 @@ static int disarm_kprobe_ftrace(struct kprobe *p) |
7665 |
+ return ret; |
7666 |
+ } |
7667 |
+ #else /* !CONFIG_KPROBES_ON_FTRACE */ |
7668 |
+-#define prepare_kprobe(p) arch_prepare_kprobe(p) |
7669 |
+-#define arm_kprobe_ftrace(p) (-ENODEV) |
7670 |
+-#define disarm_kprobe_ftrace(p) (-ENODEV) |
7671 |
++static inline int prepare_kprobe(struct kprobe *p) |
7672 |
++{ |
7673 |
++ return arch_prepare_kprobe(p); |
7674 |
++} |
7675 |
++ |
7676 |
++static inline int arm_kprobe_ftrace(struct kprobe *p) |
7677 |
++{ |
7678 |
++ return -ENODEV; |
7679 |
++} |
7680 |
++ |
7681 |
++static inline int disarm_kprobe_ftrace(struct kprobe *p) |
7682 |
++{ |
7683 |
++ return -ENODEV; |
7684 |
++} |
7685 |
+ #endif |
7686 |
+ |
7687 |
+ /* Arm a kprobe with text_mutex */ |
7688 |
+@@ -2083,9 +2094,10 @@ static void kill_kprobe(struct kprobe *p) |
7689 |
+ |
7690 |
+ /* |
7691 |
+ * The module is going away. We should disarm the kprobe which |
7692 |
+- * is using ftrace. |
7693 |
++ * is using ftrace, because ftrace framework is still available at |
7694 |
++ * MODULE_STATE_GOING notification. |
7695 |
+ */ |
7696 |
+- if (kprobe_ftrace(p)) |
7697 |
++ if (kprobe_ftrace(p) && !kprobe_disabled(p) && !kprobes_all_disarmed) |
7698 |
+ disarm_kprobe_ftrace(p); |
7699 |
+ } |
7700 |
+ |
7701 |
+diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c |
7702 |
+index 3cb0e5b479ff3..cf272aba362be 100644 |
7703 |
+--- a/kernel/printk/printk.c |
7704 |
++++ b/kernel/printk/printk.c |
7705 |
+@@ -2148,6 +2148,9 @@ static int __init console_setup(char *str) |
7706 |
+ char *s, *options, *brl_options = NULL; |
7707 |
+ int idx; |
7708 |
+ |
7709 |
++ if (str[0] == 0) |
7710 |
++ return 1; |
7711 |
++ |
7712 |
+ if (_braille_console_setup(&str, &brl_options)) |
7713 |
+ return 1; |
7714 |
+ |
7715 |
+diff --git a/kernel/sys.c b/kernel/sys.c |
7716 |
+index 096932a450466..baf60a3aa34b7 100644 |
7717 |
+--- a/kernel/sys.c |
7718 |
++++ b/kernel/sys.c |
7719 |
+@@ -1275,11 +1275,13 @@ SYSCALL_DEFINE1(uname, struct old_utsname __user *, name) |
7720 |
+ |
7721 |
+ SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name) |
7722 |
+ { |
7723 |
+- struct oldold_utsname tmp = {}; |
7724 |
++ struct oldold_utsname tmp; |
7725 |
+ |
7726 |
+ if (!name) |
7727 |
+ return -EFAULT; |
7728 |
+ |
7729 |
++ memset(&tmp, 0, sizeof(tmp)); |
7730 |
++ |
7731 |
+ down_read(&uts_sem); |
7732 |
+ memcpy(&tmp.sysname, &utsname()->sysname, __OLD_UTS_LEN); |
7733 |
+ memcpy(&tmp.nodename, &utsname()->nodename, __OLD_UTS_LEN); |
7734 |
+diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c |
7735 |
+index 81ee5b83c9200..c66fd11d94bc4 100644 |
7736 |
+--- a/kernel/time/timekeeping.c |
7737 |
++++ b/kernel/time/timekeeping.c |
7738 |
+@@ -1004,9 +1004,8 @@ static int scale64_check_overflow(u64 mult, u64 div, u64 *base) |
7739 |
+ ((int)sizeof(u64)*8 - fls64(mult) < fls64(rem))) |
7740 |
+ return -EOVERFLOW; |
7741 |
+ tmp *= mult; |
7742 |
+- rem *= mult; |
7743 |
+ |
7744 |
+- do_div(rem, div); |
7745 |
++ rem = div64_u64(rem * mult, div); |
7746 |
+ *base = tmp + rem; |
7747 |
+ return 0; |
7748 |
+ } |
7749 |
+diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c |
7750 |
+index 4966410bb0f4d..6bf617ff03694 100644 |
7751 |
+--- a/kernel/trace/trace.c |
7752 |
++++ b/kernel/trace/trace.c |
7753 |
+@@ -3037,6 +3037,9 @@ int trace_array_printk(struct trace_array *tr, |
7754 |
+ if (!(global_trace.trace_flags & TRACE_ITER_PRINTK)) |
7755 |
+ return 0; |
7756 |
+ |
7757 |
++ if (!tr) |
7758 |
++ return -ENOENT; |
7759 |
++ |
7760 |
+ va_start(ap, fmt); |
7761 |
+ ret = trace_array_vprintk(tr, ip, fmt, ap); |
7762 |
+ va_end(ap); |
7763 |
+@@ -8526,7 +8529,7 @@ __init static int tracer_alloc_buffers(void) |
7764 |
+ goto out_free_buffer_mask; |
7765 |
+ |
7766 |
+ /* Only allocate trace_printk buffers if a trace_printk exists */ |
7767 |
+- if (__stop___trace_bprintk_fmt != __start___trace_bprintk_fmt) |
7768 |
++ if (&__stop___trace_bprintk_fmt != &__start___trace_bprintk_fmt) |
7769 |
+ /* Must be called before global_trace.buffer is allocated */ |
7770 |
+ trace_printk_init_buffers(); |
7771 |
+ |
7772 |
+diff --git a/kernel/trace/trace_entries.h b/kernel/trace/trace_entries.h |
7773 |
+index 06bb2fd9a56c5..a97aad105d367 100644 |
7774 |
+--- a/kernel/trace/trace_entries.h |
7775 |
++++ b/kernel/trace/trace_entries.h |
7776 |
+@@ -179,7 +179,7 @@ FTRACE_ENTRY(kernel_stack, stack_entry, |
7777 |
+ |
7778 |
+ F_STRUCT( |
7779 |
+ __field( int, size ) |
7780 |
+- __dynamic_array(unsigned long, caller ) |
7781 |
++ __array( unsigned long, caller, FTRACE_STACK_ENTRIES ) |
7782 |
+ ), |
7783 |
+ |
7784 |
+ F_printk("\t=> (" IP_FMT ")\n\t=> (" IP_FMT ")\n\t=> (" IP_FMT ")\n" |
7785 |
+diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c |
7786 |
+index 27726121d332c..0fc06a7da87fb 100644 |
7787 |
+--- a/kernel/trace/trace_events.c |
7788 |
++++ b/kernel/trace/trace_events.c |
7789 |
+@@ -800,6 +800,8 @@ static int ftrace_set_clr_event(struct trace_array *tr, char *buf, int set) |
7790 |
+ char *event = NULL, *sub = NULL, *match; |
7791 |
+ int ret; |
7792 |
+ |
7793 |
++ if (!tr) |
7794 |
++ return -ENOENT; |
7795 |
+ /* |
7796 |
+ * The buf format can be <subsystem>:<event-name> |
7797 |
+ * *:<event-name> means any event by that name. |
7798 |
+diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c |
7799 |
+index dbd3c97d1501a..3ed2d7f7e5712 100644 |
7800 |
+--- a/kernel/trace/trace_events_hist.c |
7801 |
++++ b/kernel/trace/trace_events_hist.c |
7802 |
+@@ -4225,7 +4225,6 @@ static int parse_var_defs(struct hist_trigger_data *hist_data) |
7803 |
+ |
7804 |
+ s = kstrdup(field_str, GFP_KERNEL); |
7805 |
+ if (!s) { |
7806 |
+- kfree(hist_data->attrs->var_defs.name[n_vars]); |
7807 |
+ ret = -ENOMEM; |
7808 |
+ goto free; |
7809 |
+ } |
7810 |
+diff --git a/kernel/trace/trace_preemptirq.c b/kernel/trace/trace_preemptirq.c |
7811 |
+index 71f553cceb3c1..0e373cb0106bb 100644 |
7812 |
+--- a/kernel/trace/trace_preemptirq.c |
7813 |
++++ b/kernel/trace/trace_preemptirq.c |
7814 |
+@@ -59,14 +59,14 @@ EXPORT_SYMBOL(trace_hardirqs_on_caller); |
7815 |
+ |
7816 |
+ __visible void trace_hardirqs_off_caller(unsigned long caller_addr) |
7817 |
+ { |
7818 |
++ lockdep_hardirqs_off(CALLER_ADDR0); |
7819 |
++ |
7820 |
+ if (!this_cpu_read(tracing_irq_cpu)) { |
7821 |
+ this_cpu_write(tracing_irq_cpu, 1); |
7822 |
+ tracer_hardirqs_off(CALLER_ADDR0, caller_addr); |
7823 |
+ if (!in_nmi()) |
7824 |
+ trace_irq_disable_rcuidle(CALLER_ADDR0, caller_addr); |
7825 |
+ } |
7826 |
+- |
7827 |
+- lockdep_hardirqs_off(CALLER_ADDR0); |
7828 |
+ } |
7829 |
+ EXPORT_SYMBOL(trace_hardirqs_off_caller); |
7830 |
+ #endif /* CONFIG_TRACE_IRQFLAGS */ |
7831 |
+diff --git a/lib/string.c b/lib/string.c |
7832 |
+index 72125fd5b4a64..edf4907ec946f 100644 |
7833 |
+--- a/lib/string.c |
7834 |
++++ b/lib/string.c |
7835 |
+@@ -236,6 +236,30 @@ ssize_t strscpy(char *dest, const char *src, size_t count) |
7836 |
+ EXPORT_SYMBOL(strscpy); |
7837 |
+ #endif |
7838 |
+ |
7839 |
++/** |
7840 |
++ * stpcpy - copy a string from src to dest returning a pointer to the new end |
7841 |
++ * of dest, including src's %NUL-terminator. May overrun dest. |
7842 |
++ * @dest: pointer to end of string being copied into. Must be large enough |
7843 |
++ * to receive copy. |
7844 |
++ * @src: pointer to the beginning of string being copied from. Must not overlap |
7845 |
++ * dest. |
7846 |
++ * |
7847 |
++ * stpcpy differs from strcpy in a key way: the return value is a pointer |
7848 |
++ * to the new %NUL-terminating character in @dest. (For strcpy, the return |
7849 |
++ * value is a pointer to the start of @dest). This interface is considered |
7850 |
++ * unsafe as it doesn't perform bounds checking of the inputs. As such it's |
7851 |
++ * not recommended for usage. Instead, its definition is provided in case |
7852 |
++ * the compiler lowers other libcalls to stpcpy. |
7853 |
++ */ |
7854 |
++char *stpcpy(char *__restrict__ dest, const char *__restrict__ src); |
7855 |
++char *stpcpy(char *__restrict__ dest, const char *__restrict__ src) |
7856 |
++{ |
7857 |
++ while ((*dest++ = *src++) != '\0') |
7858 |
++ /* nothing */; |
7859 |
++ return --dest; |
7860 |
++} |
7861 |
++EXPORT_SYMBOL(stpcpy); |
7862 |
++ |
7863 |
+ #ifndef __HAVE_ARCH_STRCAT |
7864 |
+ /** |
7865 |
+ * strcat - Append one %NUL-terminated string to another |
7866 |
+diff --git a/mm/filemap.c b/mm/filemap.c |
7867 |
+index 45f1c6d73b5b0..f2e777003b901 100644 |
7868 |
+--- a/mm/filemap.c |
7869 |
++++ b/mm/filemap.c |
7870 |
+@@ -2889,6 +2889,14 @@ filler: |
7871 |
+ unlock_page(page); |
7872 |
+ goto out; |
7873 |
+ } |
7874 |
++ |
7875 |
++ /* |
7876 |
++ * A previous I/O error may have been due to temporary |
7877 |
++ * failures. |
7878 |
++ * Clear page error before actual read, PG_error will be |
7879 |
++ * set again if read page fails. |
7880 |
++ */ |
7881 |
++ ClearPageError(page); |
7882 |
+ goto filler; |
7883 |
+ |
7884 |
+ out: |
7885 |
+diff --git a/mm/kmemleak.c b/mm/kmemleak.c |
7886 |
+index 5eeabece0c178..f54734abf9466 100644 |
7887 |
+--- a/mm/kmemleak.c |
7888 |
++++ b/mm/kmemleak.c |
7889 |
+@@ -2039,7 +2039,7 @@ void __init kmemleak_init(void) |
7890 |
+ create_object((unsigned long)__bss_start, __bss_stop - __bss_start, |
7891 |
+ KMEMLEAK_GREY, GFP_ATOMIC); |
7892 |
+ /* only register .data..ro_after_init if not within .data */ |
7893 |
+- if (__start_ro_after_init < _sdata || __end_ro_after_init > _edata) |
7894 |
++ if (&__start_ro_after_init < &_sdata || &__end_ro_after_init > &_edata) |
7895 |
+ create_object((unsigned long)__start_ro_after_init, |
7896 |
+ __end_ro_after_init - __start_ro_after_init, |
7897 |
+ KMEMLEAK_GREY, GFP_ATOMIC); |
7898 |
+diff --git a/mm/memory.c b/mm/memory.c |
7899 |
+index bbf0cc4066c84..eeae63bd95027 100644 |
7900 |
+--- a/mm/memory.c |
7901 |
++++ b/mm/memory.c |
7902 |
+@@ -116,6 +116,18 @@ int randomize_va_space __read_mostly = |
7903 |
+ 2; |
7904 |
+ #endif |
7905 |
+ |
7906 |
++#ifndef arch_faults_on_old_pte |
7907 |
++static inline bool arch_faults_on_old_pte(void) |
7908 |
++{ |
7909 |
++ /* |
7910 |
++ * Those arches which don't have hw access flag feature need to |
7911 |
++ * implement their own helper. By default, "true" means pagefault |
7912 |
++ * will be hit on old pte. |
7913 |
++ */ |
7914 |
++ return true; |
7915 |
++} |
7916 |
++#endif |
7917 |
++ |
7918 |
+ static int __init disable_randmaps(char *s) |
7919 |
+ { |
7920 |
+ randomize_va_space = 0; |
7921 |
+@@ -2335,32 +2347,101 @@ static inline int pte_unmap_same(struct mm_struct *mm, pmd_t *pmd, |
7922 |
+ return same; |
7923 |
+ } |
7924 |
+ |
7925 |
+-static inline void cow_user_page(struct page *dst, struct page *src, unsigned long va, struct vm_area_struct *vma) |
7926 |
++static inline bool cow_user_page(struct page *dst, struct page *src, |
7927 |
++ struct vm_fault *vmf) |
7928 |
+ { |
7929 |
++ bool ret; |
7930 |
++ void *kaddr; |
7931 |
++ void __user *uaddr; |
7932 |
++ bool locked = false; |
7933 |
++ struct vm_area_struct *vma = vmf->vma; |
7934 |
++ struct mm_struct *mm = vma->vm_mm; |
7935 |
++ unsigned long addr = vmf->address; |
7936 |
++ |
7937 |
+ debug_dma_assert_idle(src); |
7938 |
+ |
7939 |
++ if (likely(src)) { |
7940 |
++ copy_user_highpage(dst, src, addr, vma); |
7941 |
++ return true; |
7942 |
++ } |
7943 |
++ |
7944 |
+ /* |
7945 |
+ * If the source page was a PFN mapping, we don't have |
7946 |
+ * a "struct page" for it. We do a best-effort copy by |
7947 |
+ * just copying from the original user address. If that |
7948 |
+ * fails, we just zero-fill it. Live with it. |
7949 |
+ */ |
7950 |
+- if (unlikely(!src)) { |
7951 |
+- void *kaddr = kmap_atomic(dst); |
7952 |
+- void __user *uaddr = (void __user *)(va & PAGE_MASK); |
7953 |
++ kaddr = kmap_atomic(dst); |
7954 |
++ uaddr = (void __user *)(addr & PAGE_MASK); |
7955 |
++ |
7956 |
++ /* |
7957 |
++ * On architectures with software "accessed" bits, we would |
7958 |
++ * take a double page fault, so mark it accessed here. |
7959 |
++ */ |
7960 |
++ if (arch_faults_on_old_pte() && !pte_young(vmf->orig_pte)) { |
7961 |
++ pte_t entry; |
7962 |
++ |
7963 |
++ vmf->pte = pte_offset_map_lock(mm, vmf->pmd, addr, &vmf->ptl); |
7964 |
++ locked = true; |
7965 |
++ if (!likely(pte_same(*vmf->pte, vmf->orig_pte))) { |
7966 |
++ /* |
7967 |
++ * Other thread has already handled the fault |
7968 |
++ * and we don't need to do anything. If it's |
7969 |
++ * not the case, the fault will be triggered |
7970 |
++ * again on the same address. |
7971 |
++ */ |
7972 |
++ ret = false; |
7973 |
++ goto pte_unlock; |
7974 |
++ } |
7975 |
++ |
7976 |
++ entry = pte_mkyoung(vmf->orig_pte); |
7977 |
++ if (ptep_set_access_flags(vma, addr, vmf->pte, entry, 0)) |
7978 |
++ update_mmu_cache(vma, addr, vmf->pte); |
7979 |
++ } |
7980 |
++ |
7981 |
++ /* |
7982 |
++ * This really shouldn't fail, because the page is there |
7983 |
++ * in the page tables. But it might just be unreadable, |
7984 |
++ * in which case we just give up and fill the result with |
7985 |
++ * zeroes. |
7986 |
++ */ |
7987 |
++ if (__copy_from_user_inatomic(kaddr, uaddr, PAGE_SIZE)) { |
7988 |
++ if (locked) |
7989 |
++ goto warn; |
7990 |
++ |
7991 |
++ /* Re-validate under PTL if the page is still mapped */ |
7992 |
++ vmf->pte = pte_offset_map_lock(mm, vmf->pmd, addr, &vmf->ptl); |
7993 |
++ locked = true; |
7994 |
++ if (!likely(pte_same(*vmf->pte, vmf->orig_pte))) { |
7995 |
++ /* The PTE changed under us. Retry page fault. */ |
7996 |
++ ret = false; |
7997 |
++ goto pte_unlock; |
7998 |
++ } |
7999 |
+ |
8000 |
+ /* |
8001 |
+- * This really shouldn't fail, because the page is there |
8002 |
+- * in the page tables. But it might just be unreadable, |
8003 |
+- * in which case we just give up and fill the result with |
8004 |
+- * zeroes. |
8005 |
++ * The same page can be mapped back since last copy attampt. |
8006 |
++ * Try to copy again under PTL. |
8007 |
+ */ |
8008 |
+- if (__copy_from_user_inatomic(kaddr, uaddr, PAGE_SIZE)) |
8009 |
++ if (__copy_from_user_inatomic(kaddr, uaddr, PAGE_SIZE)) { |
8010 |
++ /* |
8011 |
++ * Give a warn in case there can be some obscure |
8012 |
++ * use-case |
8013 |
++ */ |
8014 |
++warn: |
8015 |
++ WARN_ON_ONCE(1); |
8016 |
+ clear_page(kaddr); |
8017 |
+- kunmap_atomic(kaddr); |
8018 |
+- flush_dcache_page(dst); |
8019 |
+- } else |
8020 |
+- copy_user_highpage(dst, src, va, vma); |
8021 |
++ } |
8022 |
++ } |
8023 |
++ |
8024 |
++ ret = true; |
8025 |
++ |
8026 |
++pte_unlock: |
8027 |
++ if (locked) |
8028 |
++ pte_unmap_unlock(vmf->pte, vmf->ptl); |
8029 |
++ kunmap_atomic(kaddr); |
8030 |
++ flush_dcache_page(dst); |
8031 |
++ |
8032 |
++ return ret; |
8033 |
+ } |
8034 |
+ |
8035 |
+ static gfp_t __get_fault_gfp_mask(struct vm_area_struct *vma) |
8036 |
+@@ -2514,7 +2595,19 @@ static vm_fault_t wp_page_copy(struct vm_fault *vmf) |
8037 |
+ vmf->address); |
8038 |
+ if (!new_page) |
8039 |
+ goto oom; |
8040 |
+- cow_user_page(new_page, old_page, vmf->address, vma); |
8041 |
++ |
8042 |
++ if (!cow_user_page(new_page, old_page, vmf)) { |
8043 |
++ /* |
8044 |
++ * COW failed, if the fault was solved by other, |
8045 |
++ * it's fine. If not, userspace would re-fault on |
8046 |
++ * the same address and we will handle the fault |
8047 |
++ * from the second attempt. |
8048 |
++ */ |
8049 |
++ put_page(new_page); |
8050 |
++ if (old_page) |
8051 |
++ put_page(old_page); |
8052 |
++ return 0; |
8053 |
++ } |
8054 |
+ } |
8055 |
+ |
8056 |
+ if (mem_cgroup_try_charge_delay(new_page, mm, GFP_KERNEL, &memcg, false)) |
8057 |
+diff --git a/mm/mmap.c b/mm/mmap.c |
8058 |
+index e84fd3347a518..f875386e7acd4 100644 |
8059 |
+--- a/mm/mmap.c |
8060 |
++++ b/mm/mmap.c |
8061 |
+@@ -2077,6 +2077,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, |
8062 |
+ info.low_limit = mm->mmap_base; |
8063 |
+ info.high_limit = TASK_SIZE; |
8064 |
+ info.align_mask = 0; |
8065 |
++ info.align_offset = 0; |
8066 |
+ return vm_unmapped_area(&info); |
8067 |
+ } |
8068 |
+ #endif |
8069 |
+@@ -2118,6 +2119,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, |
8070 |
+ info.low_limit = max(PAGE_SIZE, mmap_min_addr); |
8071 |
+ info.high_limit = mm->mmap_base; |
8072 |
+ info.align_mask = 0; |
8073 |
++ info.align_offset = 0; |
8074 |
+ addr = vm_unmapped_area(&info); |
8075 |
+ |
8076 |
+ /* |
8077 |
+diff --git a/mm/pagewalk.c b/mm/pagewalk.c |
8078 |
+index c3084ff2569d2..3c0930d94a295 100644 |
8079 |
+--- a/mm/pagewalk.c |
8080 |
++++ b/mm/pagewalk.c |
8081 |
+@@ -15,9 +15,9 @@ static int walk_pte_range(pmd_t *pmd, unsigned long addr, unsigned long end, |
8082 |
+ err = walk->pte_entry(pte, addr, addr + PAGE_SIZE, walk); |
8083 |
+ if (err) |
8084 |
+ break; |
8085 |
+- addr += PAGE_SIZE; |
8086 |
+- if (addr == end) |
8087 |
++ if (addr >= end - PAGE_SIZE) |
8088 |
+ break; |
8089 |
++ addr += PAGE_SIZE; |
8090 |
+ pte++; |
8091 |
+ } |
8092 |
+ |
8093 |
+diff --git a/mm/swap_state.c b/mm/swap_state.c |
8094 |
+index 09731f4174c7e..3febffe0fca4a 100644 |
8095 |
+--- a/mm/swap_state.c |
8096 |
++++ b/mm/swap_state.c |
8097 |
+@@ -537,10 +537,11 @@ static unsigned long swapin_nr_pages(unsigned long offset) |
8098 |
+ return 1; |
8099 |
+ |
8100 |
+ hits = atomic_xchg(&swapin_readahead_hits, 0); |
8101 |
+- pages = __swapin_nr_pages(prev_offset, offset, hits, max_pages, |
8102 |
++ pages = __swapin_nr_pages(READ_ONCE(prev_offset), offset, hits, |
8103 |
++ max_pages, |
8104 |
+ atomic_read(&last_readahead_pages)); |
8105 |
+ if (!hits) |
8106 |
+- prev_offset = offset; |
8107 |
++ WRITE_ONCE(prev_offset, offset); |
8108 |
+ atomic_set(&last_readahead_pages, pages); |
8109 |
+ |
8110 |
+ return pages; |
8111 |
+diff --git a/mm/swapfile.c b/mm/swapfile.c |
8112 |
+index 0047dcaf93697..adeb49fcad23e 100644 |
8113 |
+--- a/mm/swapfile.c |
8114 |
++++ b/mm/swapfile.c |
8115 |
+@@ -998,7 +998,7 @@ start_over: |
8116 |
+ goto nextsi; |
8117 |
+ } |
8118 |
+ if (size == SWAPFILE_CLUSTER) { |
8119 |
+- if (!(si->flags & SWP_FILE)) |
8120 |
++ if (si->flags & SWP_BLKDEV) |
8121 |
+ n_ret = swap_alloc_cluster(si, swp_entries); |
8122 |
+ } else |
8123 |
+ n_ret = scan_swap_map_slots(si, SWAP_HAS_CACHE, |
8124 |
+@@ -2738,10 +2738,10 @@ static void *swap_next(struct seq_file *swap, void *v, loff_t *pos) |
8125 |
+ else |
8126 |
+ type = si->type + 1; |
8127 |
+ |
8128 |
++ ++(*pos); |
8129 |
+ for (; (si = swap_type_to_swap_info(type)); type++) { |
8130 |
+ if (!(si->flags & SWP_USED) || !si->swap_map) |
8131 |
+ continue; |
8132 |
+- ++*pos; |
8133 |
+ return si; |
8134 |
+ } |
8135 |
+ |
8136 |
+diff --git a/mm/vmscan.c b/mm/vmscan.c |
8137 |
+index b93dc8fc6007f..b7d7f6d65bd5b 100644 |
8138 |
+--- a/mm/vmscan.c |
8139 |
++++ b/mm/vmscan.c |
8140 |
+@@ -3109,8 +3109,9 @@ static bool allow_direct_reclaim(pg_data_t *pgdat) |
8141 |
+ |
8142 |
+ /* kswapd must be awake if processes are being throttled */ |
8143 |
+ if (!wmark_ok && waitqueue_active(&pgdat->kswapd_wait)) { |
8144 |
+- pgdat->kswapd_classzone_idx = min(pgdat->kswapd_classzone_idx, |
8145 |
+- (enum zone_type)ZONE_NORMAL); |
8146 |
++ if (READ_ONCE(pgdat->kswapd_classzone_idx) > ZONE_NORMAL) |
8147 |
++ WRITE_ONCE(pgdat->kswapd_classzone_idx, ZONE_NORMAL); |
8148 |
++ |
8149 |
+ wake_up_interruptible(&pgdat->kswapd_wait); |
8150 |
+ } |
8151 |
+ |
8152 |
+@@ -3626,9 +3627,9 @@ out: |
8153 |
+ static enum zone_type kswapd_classzone_idx(pg_data_t *pgdat, |
8154 |
+ enum zone_type prev_classzone_idx) |
8155 |
+ { |
8156 |
+- if (pgdat->kswapd_classzone_idx == MAX_NR_ZONES) |
8157 |
+- return prev_classzone_idx; |
8158 |
+- return pgdat->kswapd_classzone_idx; |
8159 |
++ enum zone_type curr_idx = READ_ONCE(pgdat->kswapd_classzone_idx); |
8160 |
++ |
8161 |
++ return curr_idx == MAX_NR_ZONES ? prev_classzone_idx : curr_idx; |
8162 |
+ } |
8163 |
+ |
8164 |
+ static void kswapd_try_to_sleep(pg_data_t *pgdat, int alloc_order, int reclaim_order, |
8165 |
+@@ -3672,8 +3673,11 @@ static void kswapd_try_to_sleep(pg_data_t *pgdat, int alloc_order, int reclaim_o |
8166 |
+ * the previous request that slept prematurely. |
8167 |
+ */ |
8168 |
+ if (remaining) { |
8169 |
+- pgdat->kswapd_classzone_idx = kswapd_classzone_idx(pgdat, classzone_idx); |
8170 |
+- pgdat->kswapd_order = max(pgdat->kswapd_order, reclaim_order); |
8171 |
++ WRITE_ONCE(pgdat->kswapd_classzone_idx, |
8172 |
++ kswapd_classzone_idx(pgdat, classzone_idx)); |
8173 |
++ |
8174 |
++ if (READ_ONCE(pgdat->kswapd_order) < reclaim_order) |
8175 |
++ WRITE_ONCE(pgdat->kswapd_order, reclaim_order); |
8176 |
+ } |
8177 |
+ |
8178 |
+ finish_wait(&pgdat->kswapd_wait, &wait); |
8179 |
+@@ -3755,12 +3759,12 @@ static int kswapd(void *p) |
8180 |
+ tsk->flags |= PF_MEMALLOC | PF_SWAPWRITE | PF_KSWAPD; |
8181 |
+ set_freezable(); |
8182 |
+ |
8183 |
+- pgdat->kswapd_order = 0; |
8184 |
+- pgdat->kswapd_classzone_idx = MAX_NR_ZONES; |
8185 |
++ WRITE_ONCE(pgdat->kswapd_order, 0); |
8186 |
++ WRITE_ONCE(pgdat->kswapd_classzone_idx, MAX_NR_ZONES); |
8187 |
+ for ( ; ; ) { |
8188 |
+ bool ret; |
8189 |
+ |
8190 |
+- alloc_order = reclaim_order = pgdat->kswapd_order; |
8191 |
++ alloc_order = reclaim_order = READ_ONCE(pgdat->kswapd_order); |
8192 |
+ classzone_idx = kswapd_classzone_idx(pgdat, classzone_idx); |
8193 |
+ |
8194 |
+ kswapd_try_sleep: |
8195 |
+@@ -3768,10 +3772,10 @@ kswapd_try_sleep: |
8196 |
+ classzone_idx); |
8197 |
+ |
8198 |
+ /* Read the new order and classzone_idx */ |
8199 |
+- alloc_order = reclaim_order = pgdat->kswapd_order; |
8200 |
++ alloc_order = reclaim_order = READ_ONCE(pgdat->kswapd_order); |
8201 |
+ classzone_idx = kswapd_classzone_idx(pgdat, classzone_idx); |
8202 |
+- pgdat->kswapd_order = 0; |
8203 |
+- pgdat->kswapd_classzone_idx = MAX_NR_ZONES; |
8204 |
++ WRITE_ONCE(pgdat->kswapd_order, 0); |
8205 |
++ WRITE_ONCE(pgdat->kswapd_classzone_idx, MAX_NR_ZONES); |
8206 |
+ |
8207 |
+ ret = try_to_freeze(); |
8208 |
+ if (kthread_should_stop()) |
8209 |
+@@ -3816,20 +3820,23 @@ void wakeup_kswapd(struct zone *zone, gfp_t gfp_flags, int order, |
8210 |
+ enum zone_type classzone_idx) |
8211 |
+ { |
8212 |
+ pg_data_t *pgdat; |
8213 |
++ enum zone_type curr_idx; |
8214 |
+ |
8215 |
+ if (!managed_zone(zone)) |
8216 |
+ return; |
8217 |
+ |
8218 |
+ if (!cpuset_zone_allowed(zone, gfp_flags)) |
8219 |
+ return; |
8220 |
++ |
8221 |
+ pgdat = zone->zone_pgdat; |
8222 |
++ curr_idx = READ_ONCE(pgdat->kswapd_classzone_idx); |
8223 |
++ |
8224 |
++ if (curr_idx == MAX_NR_ZONES || curr_idx < classzone_idx) |
8225 |
++ WRITE_ONCE(pgdat->kswapd_classzone_idx, classzone_idx); |
8226 |
++ |
8227 |
++ if (READ_ONCE(pgdat->kswapd_order) < order) |
8228 |
++ WRITE_ONCE(pgdat->kswapd_order, order); |
8229 |
+ |
8230 |
+- if (pgdat->kswapd_classzone_idx == MAX_NR_ZONES) |
8231 |
+- pgdat->kswapd_classzone_idx = classzone_idx; |
8232 |
+- else |
8233 |
+- pgdat->kswapd_classzone_idx = max(pgdat->kswapd_classzone_idx, |
8234 |
+- classzone_idx); |
8235 |
+- pgdat->kswapd_order = max(pgdat->kswapd_order, order); |
8236 |
+ if (!waitqueue_active(&pgdat->kswapd_wait)) |
8237 |
+ return; |
8238 |
+ |
8239 |
+diff --git a/net/atm/lec.c b/net/atm/lec.c |
8240 |
+index ad4f829193f05..5a6186b809874 100644 |
8241 |
+--- a/net/atm/lec.c |
8242 |
++++ b/net/atm/lec.c |
8243 |
+@@ -1270,6 +1270,12 @@ static void lec_arp_clear_vccs(struct lec_arp_table *entry) |
8244 |
+ entry->vcc = NULL; |
8245 |
+ } |
8246 |
+ if (entry->recv_vcc) { |
8247 |
++ struct atm_vcc *vcc = entry->recv_vcc; |
8248 |
++ struct lec_vcc_priv *vpriv = LEC_VCC_PRIV(vcc); |
8249 |
++ |
8250 |
++ kfree(vpriv); |
8251 |
++ vcc->user_back = NULL; |
8252 |
++ |
8253 |
+ entry->recv_vcc->push = entry->old_recv_push; |
8254 |
+ vcc_release_async(entry->recv_vcc, -EPIPE); |
8255 |
+ entry->recv_vcc = NULL; |
8256 |
+diff --git a/net/batman-adv/bridge_loop_avoidance.c b/net/batman-adv/bridge_loop_avoidance.c |
8257 |
+index 9b8bf06ccb613..1401031f4bb4a 100644 |
8258 |
+--- a/net/batman-adv/bridge_loop_avoidance.c |
8259 |
++++ b/net/batman-adv/bridge_loop_avoidance.c |
8260 |
+@@ -37,6 +37,7 @@ |
8261 |
+ #include <linux/lockdep.h> |
8262 |
+ #include <linux/netdevice.h> |
8263 |
+ #include <linux/netlink.h> |
8264 |
++#include <linux/preempt.h> |
8265 |
+ #include <linux/rculist.h> |
8266 |
+ #include <linux/rcupdate.h> |
8267 |
+ #include <linux/seq_file.h> |
8268 |
+@@ -96,11 +97,12 @@ static inline u32 batadv_choose_claim(const void *data, u32 size) |
8269 |
+ */ |
8270 |
+ static inline u32 batadv_choose_backbone_gw(const void *data, u32 size) |
8271 |
+ { |
8272 |
+- const struct batadv_bla_claim *claim = (struct batadv_bla_claim *)data; |
8273 |
++ const struct batadv_bla_backbone_gw *gw; |
8274 |
+ u32 hash = 0; |
8275 |
+ |
8276 |
+- hash = jhash(&claim->addr, sizeof(claim->addr), hash); |
8277 |
+- hash = jhash(&claim->vid, sizeof(claim->vid), hash); |
8278 |
++ gw = (struct batadv_bla_backbone_gw *)data; |
8279 |
++ hash = jhash(&gw->orig, sizeof(gw->orig), hash); |
8280 |
++ hash = jhash(&gw->vid, sizeof(gw->vid), hash); |
8281 |
+ |
8282 |
+ return hash % size; |
8283 |
+ } |
8284 |
+@@ -1592,13 +1594,16 @@ int batadv_bla_init(struct batadv_priv *bat_priv) |
8285 |
+ } |
8286 |
+ |
8287 |
+ /** |
8288 |
+- * batadv_bla_check_bcast_duplist() - Check if a frame is in the broadcast dup. |
8289 |
++ * batadv_bla_check_duplist() - Check if a frame is in the broadcast dup. |
8290 |
+ * @bat_priv: the bat priv with all the soft interface information |
8291 |
+- * @skb: contains the bcast_packet to be checked |
8292 |
++ * @skb: contains the multicast packet to be checked |
8293 |
++ * @payload_ptr: pointer to position inside the head buffer of the skb |
8294 |
++ * marking the start of the data to be CRC'ed |
8295 |
++ * @orig: originator mac address, NULL if unknown |
8296 |
+ * |
8297 |
+- * check if it is on our broadcast list. Another gateway might |
8298 |
+- * have sent the same packet because it is connected to the same backbone, |
8299 |
+- * so we have to remove this duplicate. |
8300 |
++ * Check if it is on our broadcast list. Another gateway might have sent the |
8301 |
++ * same packet because it is connected to the same backbone, so we have to |
8302 |
++ * remove this duplicate. |
8303 |
+ * |
8304 |
+ * This is performed by checking the CRC, which will tell us |
8305 |
+ * with a good chance that it is the same packet. If it is furthermore |
8306 |
+@@ -1607,19 +1612,17 @@ int batadv_bla_init(struct batadv_priv *bat_priv) |
8307 |
+ * |
8308 |
+ * Return: true if a packet is in the duplicate list, false otherwise. |
8309 |
+ */ |
8310 |
+-bool batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv, |
8311 |
+- struct sk_buff *skb) |
8312 |
++static bool batadv_bla_check_duplist(struct batadv_priv *bat_priv, |
8313 |
++ struct sk_buff *skb, u8 *payload_ptr, |
8314 |
++ const u8 *orig) |
8315 |
+ { |
8316 |
+- int i, curr; |
8317 |
+- __be32 crc; |
8318 |
+- struct batadv_bcast_packet *bcast_packet; |
8319 |
+ struct batadv_bcast_duplist_entry *entry; |
8320 |
+ bool ret = false; |
8321 |
+- |
8322 |
+- bcast_packet = (struct batadv_bcast_packet *)skb->data; |
8323 |
++ int i, curr; |
8324 |
++ __be32 crc; |
8325 |
+ |
8326 |
+ /* calculate the crc ... */ |
8327 |
+- crc = batadv_skb_crc32(skb, (u8 *)(bcast_packet + 1)); |
8328 |
++ crc = batadv_skb_crc32(skb, payload_ptr); |
8329 |
+ |
8330 |
+ spin_lock_bh(&bat_priv->bla.bcast_duplist_lock); |
8331 |
+ |
8332 |
+@@ -1638,8 +1641,21 @@ bool batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv, |
8333 |
+ if (entry->crc != crc) |
8334 |
+ continue; |
8335 |
+ |
8336 |
+- if (batadv_compare_eth(entry->orig, bcast_packet->orig)) |
8337 |
+- continue; |
8338 |
++ /* are the originators both known and not anonymous? */ |
8339 |
++ if (orig && !is_zero_ether_addr(orig) && |
8340 |
++ !is_zero_ether_addr(entry->orig)) { |
8341 |
++ /* If known, check if the new frame came from |
8342 |
++ * the same originator: |
8343 |
++ * We are safe to take identical frames from the |
8344 |
++ * same orig, if known, as multiplications in |
8345 |
++ * the mesh are detected via the (orig, seqno) pair. |
8346 |
++ * So we can be a bit more liberal here and allow |
8347 |
++ * identical frames from the same orig which the source |
8348 |
++ * host might have sent multiple times on purpose. |
8349 |
++ */ |
8350 |
++ if (batadv_compare_eth(entry->orig, orig)) |
8351 |
++ continue; |
8352 |
++ } |
8353 |
+ |
8354 |
+ /* this entry seems to match: same crc, not too old, |
8355 |
+ * and from another gw. therefore return true to forbid it. |
8356 |
+@@ -1655,7 +1671,14 @@ bool batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv, |
8357 |
+ entry = &bat_priv->bla.bcast_duplist[curr]; |
8358 |
+ entry->crc = crc; |
8359 |
+ entry->entrytime = jiffies; |
8360 |
+- ether_addr_copy(entry->orig, bcast_packet->orig); |
8361 |
++ |
8362 |
++ /* known originator */ |
8363 |
++ if (orig) |
8364 |
++ ether_addr_copy(entry->orig, orig); |
8365 |
++ /* anonymous originator */ |
8366 |
++ else |
8367 |
++ eth_zero_addr(entry->orig); |
8368 |
++ |
8369 |
+ bat_priv->bla.bcast_duplist_curr = curr; |
8370 |
+ |
8371 |
+ out: |
8372 |
+@@ -1664,6 +1687,48 @@ out: |
8373 |
+ return ret; |
8374 |
+ } |
8375 |
+ |
8376 |
++/** |
8377 |
++ * batadv_bla_check_ucast_duplist() - Check if a frame is in the broadcast dup. |
8378 |
++ * @bat_priv: the bat priv with all the soft interface information |
8379 |
++ * @skb: contains the multicast packet to be checked, decapsulated from a |
8380 |
++ * unicast_packet |
8381 |
++ * |
8382 |
++ * Check if it is on our broadcast list. Another gateway might have sent the |
8383 |
++ * same packet because it is connected to the same backbone, so we have to |
8384 |
++ * remove this duplicate. |
8385 |
++ * |
8386 |
++ * Return: true if a packet is in the duplicate list, false otherwise. |
8387 |
++ */ |
8388 |
++static bool batadv_bla_check_ucast_duplist(struct batadv_priv *bat_priv, |
8389 |
++ struct sk_buff *skb) |
8390 |
++{ |
8391 |
++ return batadv_bla_check_duplist(bat_priv, skb, (u8 *)skb->data, NULL); |
8392 |
++} |
8393 |
++ |
8394 |
++/** |
8395 |
++ * batadv_bla_check_bcast_duplist() - Check if a frame is in the broadcast dup. |
8396 |
++ * @bat_priv: the bat priv with all the soft interface information |
8397 |
++ * @skb: contains the bcast_packet to be checked |
8398 |
++ * |
8399 |
++ * Check if it is on our broadcast list. Another gateway might have sent the |
8400 |
++ * same packet because it is connected to the same backbone, so we have to |
8401 |
++ * remove this duplicate. |
8402 |
++ * |
8403 |
++ * Return: true if a packet is in the duplicate list, false otherwise. |
8404 |
++ */ |
8405 |
++bool batadv_bla_check_bcast_duplist(struct batadv_priv *bat_priv, |
8406 |
++ struct sk_buff *skb) |
8407 |
++{ |
8408 |
++ struct batadv_bcast_packet *bcast_packet; |
8409 |
++ u8 *payload_ptr; |
8410 |
++ |
8411 |
++ bcast_packet = (struct batadv_bcast_packet *)skb->data; |
8412 |
++ payload_ptr = (u8 *)(bcast_packet + 1); |
8413 |
++ |
8414 |
++ return batadv_bla_check_duplist(bat_priv, skb, payload_ptr, |
8415 |
++ bcast_packet->orig); |
8416 |
++} |
8417 |
++ |
8418 |
+ /** |
8419 |
+ * batadv_bla_is_backbone_gw_orig() - Check if the originator is a gateway for |
8420 |
+ * the VLAN identified by vid. |
8421 |
+@@ -1825,7 +1890,7 @@ batadv_bla_loopdetect_check(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8422 |
+ * @bat_priv: the bat priv with all the soft interface information |
8423 |
+ * @skb: the frame to be checked |
8424 |
+ * @vid: the VLAN ID of the frame |
8425 |
+- * @is_bcast: the packet came in a broadcast packet type. |
8426 |
++ * @packet_type: the batman packet type this frame came in |
8427 |
+ * |
8428 |
+ * batadv_bla_rx avoidance checks if: |
8429 |
+ * * we have to race for a claim |
8430 |
+@@ -1837,7 +1902,7 @@ batadv_bla_loopdetect_check(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8431 |
+ * further process the skb. |
8432 |
+ */ |
8433 |
+ bool batadv_bla_rx(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8434 |
+- unsigned short vid, bool is_bcast) |
8435 |
++ unsigned short vid, int packet_type) |
8436 |
+ { |
8437 |
+ struct batadv_bla_backbone_gw *backbone_gw; |
8438 |
+ struct ethhdr *ethhdr; |
8439 |
+@@ -1859,9 +1924,32 @@ bool batadv_bla_rx(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8440 |
+ goto handled; |
8441 |
+ |
8442 |
+ if (unlikely(atomic_read(&bat_priv->bla.num_requests))) |
8443 |
+- /* don't allow broadcasts while requests are in flight */ |
8444 |
+- if (is_multicast_ether_addr(ethhdr->h_dest) && is_bcast) |
8445 |
+- goto handled; |
8446 |
++ /* don't allow multicast packets while requests are in flight */ |
8447 |
++ if (is_multicast_ether_addr(ethhdr->h_dest)) |
8448 |
++ /* Both broadcast flooding or multicast-via-unicasts |
8449 |
++ * delivery might send to multiple backbone gateways |
8450 |
++ * sharing the same LAN and therefore need to coordinate |
8451 |
++ * which backbone gateway forwards into the LAN, |
8452 |
++ * by claiming the payload source address. |
8453 |
++ * |
8454 |
++ * Broadcast flooding and multicast-via-unicasts |
8455 |
++ * delivery use the following two batman packet types. |
8456 |
++ * Note: explicitly exclude BATADV_UNICAST_4ADDR, |
8457 |
++ * as the DHCP gateway feature will send explicitly |
8458 |
++ * to only one BLA gateway, so the claiming process |
8459 |
++ * should be avoided there. |
8460 |
++ */ |
8461 |
++ if (packet_type == BATADV_BCAST || |
8462 |
++ packet_type == BATADV_UNICAST) |
8463 |
++ goto handled; |
8464 |
++ |
8465 |
++ /* potential duplicates from foreign BLA backbone gateways via |
8466 |
++ * multicast-in-unicast packets |
8467 |
++ */ |
8468 |
++ if (is_multicast_ether_addr(ethhdr->h_dest) && |
8469 |
++ packet_type == BATADV_UNICAST && |
8470 |
++ batadv_bla_check_ucast_duplist(bat_priv, skb)) |
8471 |
++ goto handled; |
8472 |
+ |
8473 |
+ ether_addr_copy(search_claim.addr, ethhdr->h_source); |
8474 |
+ search_claim.vid = vid; |
8475 |
+@@ -1896,13 +1984,14 @@ bool batadv_bla_rx(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8476 |
+ goto allow; |
8477 |
+ } |
8478 |
+ |
8479 |
+- /* if it is a broadcast ... */ |
8480 |
+- if (is_multicast_ether_addr(ethhdr->h_dest) && is_bcast) { |
8481 |
++ /* if it is a multicast ... */ |
8482 |
++ if (is_multicast_ether_addr(ethhdr->h_dest) && |
8483 |
++ (packet_type == BATADV_BCAST || packet_type == BATADV_UNICAST)) { |
8484 |
+ /* ... drop it. the responsible gateway is in charge. |
8485 |
+ * |
8486 |
+- * We need to check is_bcast because with the gateway |
8487 |
++ * We need to check packet type because with the gateway |
8488 |
+ * feature, broadcasts (like DHCP requests) may be sent |
8489 |
+- * using a unicast packet type. |
8490 |
++ * using a unicast 4 address packet type. See comment above. |
8491 |
+ */ |
8492 |
+ goto handled; |
8493 |
+ } else { |
8494 |
+diff --git a/net/batman-adv/bridge_loop_avoidance.h b/net/batman-adv/bridge_loop_avoidance.h |
8495 |
+index 71f95a3e4d3f3..af28fdb01467c 100644 |
8496 |
+--- a/net/batman-adv/bridge_loop_avoidance.h |
8497 |
++++ b/net/batman-adv/bridge_loop_avoidance.h |
8498 |
+@@ -48,7 +48,7 @@ static inline bool batadv_bla_is_loopdetect_mac(const uint8_t *mac) |
8499 |
+ |
8500 |
+ #ifdef CONFIG_BATMAN_ADV_BLA |
8501 |
+ bool batadv_bla_rx(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8502 |
+- unsigned short vid, bool is_bcast); |
8503 |
++ unsigned short vid, int packet_type); |
8504 |
+ bool batadv_bla_tx(struct batadv_priv *bat_priv, struct sk_buff *skb, |
8505 |
+ unsigned short vid); |
8506 |
+ bool batadv_bla_is_backbone_gw(struct sk_buff *skb, |
8507 |
+@@ -79,7 +79,7 @@ bool batadv_bla_check_claim(struct batadv_priv *bat_priv, u8 *addr, |
8508 |
+ |
8509 |
+ static inline bool batadv_bla_rx(struct batadv_priv *bat_priv, |
8510 |
+ struct sk_buff *skb, unsigned short vid, |
8511 |
+- bool is_bcast) |
8512 |
++ int packet_type) |
8513 |
+ { |
8514 |
+ return false; |
8515 |
+ } |
8516 |
+diff --git a/net/batman-adv/routing.c b/net/batman-adv/routing.c |
8517 |
+index cc3ed93a6d513..98af41e3810dc 100644 |
8518 |
+--- a/net/batman-adv/routing.c |
8519 |
++++ b/net/batman-adv/routing.c |
8520 |
+@@ -838,6 +838,10 @@ static bool batadv_check_unicast_ttvn(struct batadv_priv *bat_priv, |
8521 |
+ vid = batadv_get_vid(skb, hdr_len); |
8522 |
+ ethhdr = (struct ethhdr *)(skb->data + hdr_len); |
8523 |
+ |
8524 |
++ /* do not reroute multicast frames in a unicast header */ |
8525 |
++ if (is_multicast_ether_addr(ethhdr->h_dest)) |
8526 |
++ return true; |
8527 |
++ |
8528 |
+ /* check if the destination client was served by this node and it is now |
8529 |
+ * roaming. In this case, it means that the node has got a ROAM_ADV |
8530 |
+ * message and that it knows the new destination in the mesh to re-route |
8531 |
+diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c |
8532 |
+index a2976adeeedce..6ff78080ec7fb 100644 |
8533 |
+--- a/net/batman-adv/soft-interface.c |
8534 |
++++ b/net/batman-adv/soft-interface.c |
8535 |
+@@ -426,10 +426,10 @@ void batadv_interface_rx(struct net_device *soft_iface, |
8536 |
+ struct vlan_ethhdr *vhdr; |
8537 |
+ struct ethhdr *ethhdr; |
8538 |
+ unsigned short vid; |
8539 |
+- bool is_bcast; |
8540 |
++ int packet_type; |
8541 |
+ |
8542 |
+ batadv_bcast_packet = (struct batadv_bcast_packet *)skb->data; |
8543 |
+- is_bcast = (batadv_bcast_packet->packet_type == BATADV_BCAST); |
8544 |
++ packet_type = batadv_bcast_packet->packet_type; |
8545 |
+ |
8546 |
+ skb_pull_rcsum(skb, hdr_size); |
8547 |
+ skb_reset_mac_header(skb); |
8548 |
+@@ -472,7 +472,7 @@ void batadv_interface_rx(struct net_device *soft_iface, |
8549 |
+ /* Let the bridge loop avoidance check the packet. If will |
8550 |
+ * not handle it, we can safely push it up. |
8551 |
+ */ |
8552 |
+- if (batadv_bla_rx(bat_priv, skb, vid, is_bcast)) |
8553 |
++ if (batadv_bla_rx(bat_priv, skb, vid, packet_type)) |
8554 |
+ goto out; |
8555 |
+ |
8556 |
+ if (orig_node) |
8557 |
+diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c |
8558 |
+index 2b4a7cf03041b..310622086f74b 100644 |
8559 |
+--- a/net/bluetooth/hci_event.c |
8560 |
++++ b/net/bluetooth/hci_event.c |
8561 |
+@@ -41,12 +41,27 @@ |
8562 |
+ |
8563 |
+ /* Handle HCI Event packets */ |
8564 |
+ |
8565 |
+-static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb) |
8566 |
++static void hci_cc_inquiry_cancel(struct hci_dev *hdev, struct sk_buff *skb, |
8567 |
++ u8 *new_status) |
8568 |
+ { |
8569 |
+ __u8 status = *((__u8 *) skb->data); |
8570 |
+ |
8571 |
+ BT_DBG("%s status 0x%2.2x", hdev->name, status); |
8572 |
+ |
8573 |
++ /* It is possible that we receive Inquiry Complete event right |
8574 |
++ * before we receive Inquiry Cancel Command Complete event, in |
8575 |
++ * which case the latter event should have status of Command |
8576 |
++ * Disallowed (0x0c). This should not be treated as error, since |
8577 |
++ * we actually achieve what Inquiry Cancel wants to achieve, |
8578 |
++ * which is to end the last Inquiry session. |
8579 |
++ */ |
8580 |
++ if (status == 0x0c && !test_bit(HCI_INQUIRY, &hdev->flags)) { |
8581 |
++ bt_dev_warn(hdev, "Ignoring error of Inquiry Cancel command"); |
8582 |
++ status = 0x00; |
8583 |
++ } |
8584 |
++ |
8585 |
++ *new_status = status; |
8586 |
++ |
8587 |
+ if (status) |
8588 |
+ return; |
8589 |
+ |
8590 |
+@@ -3039,7 +3054,7 @@ static void hci_cmd_complete_evt(struct hci_dev *hdev, struct sk_buff *skb, |
8591 |
+ |
8592 |
+ switch (*opcode) { |
8593 |
+ case HCI_OP_INQUIRY_CANCEL: |
8594 |
+- hci_cc_inquiry_cancel(hdev, skb); |
8595 |
++ hci_cc_inquiry_cancel(hdev, skb, status); |
8596 |
+ break; |
8597 |
+ |
8598 |
+ case HCI_OP_PERIODIC_INQ: |
8599 |
+@@ -5738,6 +5753,11 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) |
8600 |
+ u8 status = 0, event = hdr->evt, req_evt = 0; |
8601 |
+ u16 opcode = HCI_OP_NOP; |
8602 |
+ |
8603 |
++ if (!event) { |
8604 |
++ bt_dev_warn(hdev, "Received unexpected HCI Event 00000000"); |
8605 |
++ goto done; |
8606 |
++ } |
8607 |
++ |
8608 |
+ if (hdev->sent_cmd && bt_cb(hdev->sent_cmd)->hci.req_event == event) { |
8609 |
+ struct hci_command_hdr *cmd_hdr = (void *) hdev->sent_cmd->data; |
8610 |
+ opcode = __le16_to_cpu(cmd_hdr->opcode); |
8611 |
+@@ -5949,6 +5969,7 @@ void hci_event_packet(struct hci_dev *hdev, struct sk_buff *skb) |
8612 |
+ req_complete_skb(hdev, status, opcode, orig_skb); |
8613 |
+ } |
8614 |
+ |
8615 |
++done: |
8616 |
+ kfree_skb(orig_skb); |
8617 |
+ kfree_skb(skb); |
8618 |
+ hdev->stat.evt_rx++; |
8619 |
+diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c |
8620 |
+index 0d84d1f820d4c..c04107d446016 100644 |
8621 |
+--- a/net/bluetooth/l2cap_core.c |
8622 |
++++ b/net/bluetooth/l2cap_core.c |
8623 |
+@@ -414,6 +414,9 @@ static void l2cap_chan_timeout(struct work_struct *work) |
8624 |
+ BT_DBG("chan %p state %s", chan, state_to_string(chan->state)); |
8625 |
+ |
8626 |
+ mutex_lock(&conn->chan_lock); |
8627 |
++ /* __set_chan_timer() calls l2cap_chan_hold(chan) while scheduling |
8628 |
++ * this work. No need to call l2cap_chan_hold(chan) here again. |
8629 |
++ */ |
8630 |
+ l2cap_chan_lock(chan); |
8631 |
+ |
8632 |
+ if (chan->state == BT_CONNECTED || chan->state == BT_CONFIG) |
8633 |
+@@ -426,12 +429,12 @@ static void l2cap_chan_timeout(struct work_struct *work) |
8634 |
+ |
8635 |
+ l2cap_chan_close(chan, reason); |
8636 |
+ |
8637 |
+- l2cap_chan_unlock(chan); |
8638 |
+- |
8639 |
+ chan->ops->close(chan); |
8640 |
+- mutex_unlock(&conn->chan_lock); |
8641 |
+ |
8642 |
++ l2cap_chan_unlock(chan); |
8643 |
+ l2cap_chan_put(chan); |
8644 |
++ |
8645 |
++ mutex_unlock(&conn->chan_lock); |
8646 |
+ } |
8647 |
+ |
8648 |
+ struct l2cap_chan *l2cap_chan_create(void) |
8649 |
+@@ -1725,9 +1728,9 @@ static void l2cap_conn_del(struct hci_conn *hcon, int err) |
8650 |
+ |
8651 |
+ l2cap_chan_del(chan, err); |
8652 |
+ |
8653 |
+- l2cap_chan_unlock(chan); |
8654 |
+- |
8655 |
+ chan->ops->close(chan); |
8656 |
++ |
8657 |
++ l2cap_chan_unlock(chan); |
8658 |
+ l2cap_chan_put(chan); |
8659 |
+ } |
8660 |
+ |
8661 |
+@@ -4114,7 +4117,8 @@ static inline int l2cap_config_req(struct l2cap_conn *conn, |
8662 |
+ return 0; |
8663 |
+ } |
8664 |
+ |
8665 |
+- if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2) { |
8666 |
++ if (chan->state != BT_CONFIG && chan->state != BT_CONNECT2 && |
8667 |
++ chan->state != BT_CONNECTED) { |
8668 |
+ cmd_reject_invalid_cid(conn, cmd->ident, chan->scid, |
8669 |
+ chan->dcid); |
8670 |
+ goto unlock; |
8671 |
+@@ -4337,6 +4341,7 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn, |
8672 |
+ return 0; |
8673 |
+ } |
8674 |
+ |
8675 |
++ l2cap_chan_hold(chan); |
8676 |
+ l2cap_chan_lock(chan); |
8677 |
+ |
8678 |
+ rsp.dcid = cpu_to_le16(chan->scid); |
8679 |
+@@ -4345,12 +4350,11 @@ static inline int l2cap_disconnect_req(struct l2cap_conn *conn, |
8680 |
+ |
8681 |
+ chan->ops->set_shutdown(chan); |
8682 |
+ |
8683 |
+- l2cap_chan_hold(chan); |
8684 |
+ l2cap_chan_del(chan, ECONNRESET); |
8685 |
+ |
8686 |
+- l2cap_chan_unlock(chan); |
8687 |
+- |
8688 |
+ chan->ops->close(chan); |
8689 |
++ |
8690 |
++ l2cap_chan_unlock(chan); |
8691 |
+ l2cap_chan_put(chan); |
8692 |
+ |
8693 |
+ mutex_unlock(&conn->chan_lock); |
8694 |
+@@ -4382,20 +4386,21 @@ static inline int l2cap_disconnect_rsp(struct l2cap_conn *conn, |
8695 |
+ return 0; |
8696 |
+ } |
8697 |
+ |
8698 |
++ l2cap_chan_hold(chan); |
8699 |
+ l2cap_chan_lock(chan); |
8700 |
+ |
8701 |
+ if (chan->state != BT_DISCONN) { |
8702 |
+ l2cap_chan_unlock(chan); |
8703 |
++ l2cap_chan_put(chan); |
8704 |
+ mutex_unlock(&conn->chan_lock); |
8705 |
+ return 0; |
8706 |
+ } |
8707 |
+ |
8708 |
+- l2cap_chan_hold(chan); |
8709 |
+ l2cap_chan_del(chan, 0); |
8710 |
+ |
8711 |
+- l2cap_chan_unlock(chan); |
8712 |
+- |
8713 |
+ chan->ops->close(chan); |
8714 |
++ |
8715 |
++ l2cap_chan_unlock(chan); |
8716 |
+ l2cap_chan_put(chan); |
8717 |
+ |
8718 |
+ mutex_unlock(&conn->chan_lock); |
8719 |
+diff --git a/net/bluetooth/l2cap_sock.c b/net/bluetooth/l2cap_sock.c |
8720 |
+index a3a2cd55e23a9..5572042f04531 100644 |
8721 |
+--- a/net/bluetooth/l2cap_sock.c |
8722 |
++++ b/net/bluetooth/l2cap_sock.c |
8723 |
+@@ -1039,7 +1039,7 @@ done: |
8724 |
+ } |
8725 |
+ |
8726 |
+ /* Kill socket (only if zapped and orphan) |
8727 |
+- * Must be called on unlocked socket. |
8728 |
++ * Must be called on unlocked socket, with l2cap channel lock. |
8729 |
+ */ |
8730 |
+ static void l2cap_sock_kill(struct sock *sk) |
8731 |
+ { |
8732 |
+@@ -1190,6 +1190,7 @@ static int l2cap_sock_release(struct socket *sock) |
8733 |
+ { |
8734 |
+ struct sock *sk = sock->sk; |
8735 |
+ int err; |
8736 |
++ struct l2cap_chan *chan; |
8737 |
+ |
8738 |
+ BT_DBG("sock %p, sk %p", sock, sk); |
8739 |
+ |
8740 |
+@@ -1199,9 +1200,17 @@ static int l2cap_sock_release(struct socket *sock) |
8741 |
+ bt_sock_unlink(&l2cap_sk_list, sk); |
8742 |
+ |
8743 |
+ err = l2cap_sock_shutdown(sock, 2); |
8744 |
++ chan = l2cap_pi(sk)->chan; |
8745 |
++ |
8746 |
++ l2cap_chan_hold(chan); |
8747 |
++ l2cap_chan_lock(chan); |
8748 |
+ |
8749 |
+ sock_orphan(sk); |
8750 |
+ l2cap_sock_kill(sk); |
8751 |
++ |
8752 |
++ l2cap_chan_unlock(chan); |
8753 |
++ l2cap_chan_put(chan); |
8754 |
++ |
8755 |
+ return err; |
8756 |
+ } |
8757 |
+ |
8758 |
+@@ -1219,12 +1228,15 @@ static void l2cap_sock_cleanup_listen(struct sock *parent) |
8759 |
+ BT_DBG("child chan %p state %s", chan, |
8760 |
+ state_to_string(chan->state)); |
8761 |
+ |
8762 |
++ l2cap_chan_hold(chan); |
8763 |
+ l2cap_chan_lock(chan); |
8764 |
++ |
8765 |
+ __clear_chan_timer(chan); |
8766 |
+ l2cap_chan_close(chan, ECONNRESET); |
8767 |
+- l2cap_chan_unlock(chan); |
8768 |
+- |
8769 |
+ l2cap_sock_kill(sk); |
8770 |
++ |
8771 |
++ l2cap_chan_unlock(chan); |
8772 |
++ l2cap_chan_put(chan); |
8773 |
+ } |
8774 |
+ } |
8775 |
+ |
8776 |
+diff --git a/net/core/filter.c b/net/core/filter.c |
8777 |
+index 25a2c3186e14a..557bd5cc8f94c 100644 |
8778 |
+--- a/net/core/filter.c |
8779 |
++++ b/net/core/filter.c |
8780 |
+@@ -5418,8 +5418,6 @@ static int bpf_gen_ld_abs(const struct bpf_insn *orig, |
8781 |
+ bool indirect = BPF_MODE(orig->code) == BPF_IND; |
8782 |
+ struct bpf_insn *insn = insn_buf; |
8783 |
+ |
8784 |
+- /* We're guaranteed here that CTX is in R6. */ |
8785 |
+- *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_CTX); |
8786 |
+ if (!indirect) { |
8787 |
+ *insn++ = BPF_MOV64_IMM(BPF_REG_2, orig->imm); |
8788 |
+ } else { |
8789 |
+@@ -5427,6 +5425,8 @@ static int bpf_gen_ld_abs(const struct bpf_insn *orig, |
8790 |
+ if (orig->imm) |
8791 |
+ *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, orig->imm); |
8792 |
+ } |
8793 |
++ /* We're guaranteed here that CTX is in R6. */ |
8794 |
++ *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_CTX); |
8795 |
+ |
8796 |
+ switch (BPF_SIZE(orig->code)) { |
8797 |
+ case BPF_B: |
8798 |
+diff --git a/net/core/neighbour.c b/net/core/neighbour.c |
8799 |
+index bf738ec68cb53..6e890f51b7d86 100644 |
8800 |
+--- a/net/core/neighbour.c |
8801 |
++++ b/net/core/neighbour.c |
8802 |
+@@ -2844,6 +2844,7 @@ static void *neigh_stat_seq_next(struct seq_file *seq, void *v, loff_t *pos) |
8803 |
+ *pos = cpu+1; |
8804 |
+ return per_cpu_ptr(tbl->stats, cpu); |
8805 |
+ } |
8806 |
++ (*pos)++; |
8807 |
+ return NULL; |
8808 |
+ } |
8809 |
+ |
8810 |
+diff --git a/net/ipv4/route.c b/net/ipv4/route.c |
8811 |
+index 84de87b7eedcd..3db428242b22d 100644 |
8812 |
+--- a/net/ipv4/route.c |
8813 |
++++ b/net/ipv4/route.c |
8814 |
+@@ -274,6 +274,7 @@ static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos) |
8815 |
+ *pos = cpu+1; |
8816 |
+ return &per_cpu(rt_cache_stat, cpu); |
8817 |
+ } |
8818 |
++ (*pos)++; |
8819 |
+ return NULL; |
8820 |
+ |
8821 |
+ } |
8822 |
+diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c |
8823 |
+index 616ff2970f4fc..4ce3397e6fcf7 100644 |
8824 |
+--- a/net/ipv4/tcp.c |
8825 |
++++ b/net/ipv4/tcp.c |
8826 |
+@@ -2038,7 +2038,7 @@ int tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int nonblock, |
8827 |
+ |
8828 |
+ /* Well, if we have backlog, try to process it now yet. */ |
8829 |
+ |
8830 |
+- if (copied >= target && !sk->sk_backlog.tail) |
8831 |
++ if (copied >= target && !READ_ONCE(sk->sk_backlog.tail)) |
8832 |
+ break; |
8833 |
+ |
8834 |
+ if (copied) { |
8835 |
+diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c |
8836 |
+index 05a206202e23d..b924941b96a31 100644 |
8837 |
+--- a/net/ipv6/ip6_fib.c |
8838 |
++++ b/net/ipv6/ip6_fib.c |
8839 |
+@@ -2377,14 +2377,13 @@ static void *ipv6_route_seq_next(struct seq_file *seq, void *v, loff_t *pos) |
8840 |
+ struct net *net = seq_file_net(seq); |
8841 |
+ struct ipv6_route_iter *iter = seq->private; |
8842 |
+ |
8843 |
++ ++(*pos); |
8844 |
+ if (!v) |
8845 |
+ goto iter_table; |
8846 |
+ |
8847 |
+ n = rcu_dereference_bh(((struct fib6_info *)v)->fib6_next); |
8848 |
+- if (n) { |
8849 |
+- ++*pos; |
8850 |
++ if (n) |
8851 |
+ return n; |
8852 |
+- } |
8853 |
+ |
8854 |
+ iter_table: |
8855 |
+ ipv6_route_check_sernum(iter); |
8856 |
+@@ -2392,8 +2391,6 @@ iter_table: |
8857 |
+ r = fib6_walk_continue(&iter->w); |
8858 |
+ spin_unlock_bh(&iter->tbl->tb6_lock); |
8859 |
+ if (r > 0) { |
8860 |
+- if (v) |
8861 |
+- ++*pos; |
8862 |
+ return iter->w.leaf; |
8863 |
+ } else if (r < 0) { |
8864 |
+ fib6_walker_unlink(net, &iter->w); |
8865 |
+diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c |
8866 |
+index 6ead3c39f3566..bcba579e292ff 100644 |
8867 |
+--- a/net/llc/af_llc.c |
8868 |
++++ b/net/llc/af_llc.c |
8869 |
+@@ -785,7 +785,7 @@ static int llc_ui_recvmsg(struct socket *sock, struct msghdr *msg, size_t len, |
8870 |
+ } |
8871 |
+ /* Well, if we have backlog, try to process it now yet. */ |
8872 |
+ |
8873 |
+- if (copied >= target && !sk->sk_backlog.tail) |
8874 |
++ if (copied >= target && !READ_ONCE(sk->sk_backlog.tail)) |
8875 |
+ break; |
8876 |
+ |
8877 |
+ if (copied) { |
8878 |
+diff --git a/net/mac802154/tx.c b/net/mac802154/tx.c |
8879 |
+index bcd1a5e6ebf42..2f873a0dc5836 100644 |
8880 |
+--- a/net/mac802154/tx.c |
8881 |
++++ b/net/mac802154/tx.c |
8882 |
+@@ -42,11 +42,11 @@ void ieee802154_xmit_worker(struct work_struct *work) |
8883 |
+ if (res) |
8884 |
+ goto err_tx; |
8885 |
+ |
8886 |
+- ieee802154_xmit_complete(&local->hw, skb, false); |
8887 |
+- |
8888 |
+ dev->stats.tx_packets++; |
8889 |
+ dev->stats.tx_bytes += skb->len; |
8890 |
+ |
8891 |
++ ieee802154_xmit_complete(&local->hw, skb, false); |
8892 |
++ |
8893 |
+ return; |
8894 |
+ |
8895 |
+ err_tx: |
8896 |
+@@ -86,6 +86,8 @@ ieee802154_tx(struct ieee802154_local *local, struct sk_buff *skb) |
8897 |
+ |
8898 |
+ /* async is priority, otherwise sync is fallback */ |
8899 |
+ if (local->ops->xmit_async) { |
8900 |
++ unsigned int len = skb->len; |
8901 |
++ |
8902 |
+ ret = drv_xmit_async(local, skb); |
8903 |
+ if (ret) { |
8904 |
+ ieee802154_wake_queue(&local->hw); |
8905 |
+@@ -93,7 +95,7 @@ ieee802154_tx(struct ieee802154_local *local, struct sk_buff *skb) |
8906 |
+ } |
8907 |
+ |
8908 |
+ dev->stats.tx_packets++; |
8909 |
+- dev->stats.tx_bytes += skb->len; |
8910 |
++ dev->stats.tx_bytes += len; |
8911 |
+ } else { |
8912 |
+ local->tx_skb = skb; |
8913 |
+ queue_work(local->workqueue, &local->tx_work); |
8914 |
+diff --git a/net/openvswitch/meter.c b/net/openvswitch/meter.c |
8915 |
+index c038e021a5916..5ea2471ffc03f 100644 |
8916 |
+--- a/net/openvswitch/meter.c |
8917 |
++++ b/net/openvswitch/meter.c |
8918 |
+@@ -255,8 +255,8 @@ static struct dp_meter *dp_meter_create(struct nlattr **a) |
8919 |
+ * |
8920 |
+ * Start with a full bucket. |
8921 |
+ */ |
8922 |
+- band->bucket = (band->burst_size + band->rate) * 1000; |
8923 |
+- band_max_delta_t = band->bucket / band->rate; |
8924 |
++ band->bucket = (band->burst_size + band->rate) * 1000ULL; |
8925 |
++ band_max_delta_t = div_u64(band->bucket, band->rate); |
8926 |
+ if (band_max_delta_t > meter->max_delta_t) |
8927 |
+ meter->max_delta_t = band_max_delta_t; |
8928 |
+ band++; |
8929 |
+diff --git a/net/openvswitch/meter.h b/net/openvswitch/meter.h |
8930 |
+index 964ace2650f89..970557ed5b5b6 100644 |
8931 |
+--- a/net/openvswitch/meter.h |
8932 |
++++ b/net/openvswitch/meter.h |
8933 |
+@@ -26,7 +26,7 @@ struct dp_meter_band { |
8934 |
+ u32 type; |
8935 |
+ u32 rate; |
8936 |
+ u32 burst_size; |
8937 |
+- u32 bucket; /* 1/1000 packets, or in bits */ |
8938 |
++ u64 bucket; /* 1/1000 packets, or in bits */ |
8939 |
+ struct ovs_flow_stats stats; |
8940 |
+ }; |
8941 |
+ |
8942 |
+diff --git a/net/sctp/outqueue.c b/net/sctp/outqueue.c |
8943 |
+index 7bb8e5603298d..d6e83a37a1adf 100644 |
8944 |
+--- a/net/sctp/outqueue.c |
8945 |
++++ b/net/sctp/outqueue.c |
8946 |
+@@ -51,6 +51,7 @@ |
8947 |
+ #include <net/sctp/sctp.h> |
8948 |
+ #include <net/sctp/sm.h> |
8949 |
+ #include <net/sctp/stream_sched.h> |
8950 |
++#include <trace/events/sctp.h> |
8951 |
+ |
8952 |
+ /* Declare internal functions here. */ |
8953 |
+ static int sctp_acked(struct sctp_sackhdr *sack, __u32 tsn); |
8954 |
+@@ -1257,6 +1258,11 @@ int sctp_outq_sack(struct sctp_outq *q, struct sctp_chunk *chunk) |
8955 |
+ /* Grab the association's destination address list. */ |
8956 |
+ transport_list = &asoc->peer.transport_addr_list; |
8957 |
+ |
8958 |
++ /* SCTP path tracepoint for congestion control debugging. */ |
8959 |
++ list_for_each_entry(transport, transport_list, transports) { |
8960 |
++ trace_sctp_probe_path(transport, asoc); |
8961 |
++ } |
8962 |
++ |
8963 |
+ sack_ctsn = ntohl(sack->cum_tsn_ack); |
8964 |
+ gap_ack_blocks = ntohs(sack->num_gap_ack_blocks); |
8965 |
+ asoc->stats.gapcnt += gap_ack_blocks; |
8966 |
+diff --git a/net/sunrpc/svc_xprt.c b/net/sunrpc/svc_xprt.c |
8967 |
+index c8ee8e801edb8..709c082dc9059 100644 |
8968 |
+--- a/net/sunrpc/svc_xprt.c |
8969 |
++++ b/net/sunrpc/svc_xprt.c |
8970 |
+@@ -103,8 +103,17 @@ void svc_unreg_xprt_class(struct svc_xprt_class *xcl) |
8971 |
+ } |
8972 |
+ EXPORT_SYMBOL_GPL(svc_unreg_xprt_class); |
8973 |
+ |
8974 |
+-/* |
8975 |
+- * Format the transport list for printing |
8976 |
++/** |
8977 |
++ * svc_print_xprts - Format the transport list for printing |
8978 |
++ * @buf: target buffer for formatted address |
8979 |
++ * @maxlen: length of target buffer |
8980 |
++ * |
8981 |
++ * Fills in @buf with a string containing a list of transport names, each name |
8982 |
++ * terminated with '\n'. If the buffer is too small, some entries may be |
8983 |
++ * missing, but it is guaranteed that all lines in the output buffer are |
8984 |
++ * complete. |
8985 |
++ * |
8986 |
++ * Returns positive length of the filled-in string. |
8987 |
+ */ |
8988 |
+ int svc_print_xprts(char *buf, int maxlen) |
8989 |
+ { |
8990 |
+@@ -117,9 +126,9 @@ int svc_print_xprts(char *buf, int maxlen) |
8991 |
+ list_for_each_entry(xcl, &svc_xprt_class_list, xcl_list) { |
8992 |
+ int slen; |
8993 |
+ |
8994 |
+- sprintf(tmpstr, "%s %d\n", xcl->xcl_name, xcl->xcl_max_payload); |
8995 |
+- slen = strlen(tmpstr); |
8996 |
+- if (len + slen > maxlen) |
8997 |
++ slen = snprintf(tmpstr, sizeof(tmpstr), "%s %d\n", |
8998 |
++ xcl->xcl_name, xcl->xcl_max_payload); |
8999 |
++ if (slen >= sizeof(tmpstr) || len + slen >= maxlen) |
9000 |
+ break; |
9001 |
+ len += slen; |
9002 |
+ strcat(buf, tmpstr); |
9003 |
+diff --git a/net/sunrpc/xprtrdma/svc_rdma_backchannel.c b/net/sunrpc/xprtrdma/svc_rdma_backchannel.c |
9004 |
+index b9827665ff355..d183d4aee822c 100644 |
9005 |
+--- a/net/sunrpc/xprtrdma/svc_rdma_backchannel.c |
9006 |
++++ b/net/sunrpc/xprtrdma/svc_rdma_backchannel.c |
9007 |
+@@ -256,6 +256,7 @@ xprt_rdma_bc_put(struct rpc_xprt *xprt) |
9008 |
+ { |
9009 |
+ dprintk("svcrdma: %s: xprt %p\n", __func__, xprt); |
9010 |
+ |
9011 |
++ xprt_rdma_free_addresses(xprt); |
9012 |
+ xprt_free(xprt); |
9013 |
+ module_put(THIS_MODULE); |
9014 |
+ } |
9015 |
+diff --git a/net/tipc/topsrv.c b/net/tipc/topsrv.c |
9016 |
+index 41f4464ac6cc5..ec9a7137d2677 100644 |
9017 |
+--- a/net/tipc/topsrv.c |
9018 |
++++ b/net/tipc/topsrv.c |
9019 |
+@@ -407,7 +407,9 @@ static int tipc_conn_rcv_from_sock(struct tipc_conn *con) |
9020 |
+ return -EWOULDBLOCK; |
9021 |
+ if (ret == sizeof(s)) { |
9022 |
+ read_lock_bh(&sk->sk_callback_lock); |
9023 |
+- ret = tipc_conn_rcv_sub(srv, con, &s); |
9024 |
++ /* RACE: the connection can be closed in the meantime */ |
9025 |
++ if (likely(connected(con))) |
9026 |
++ ret = tipc_conn_rcv_sub(srv, con, &s); |
9027 |
+ read_unlock_bh(&sk->sk_callback_lock); |
9028 |
+ if (!ret) |
9029 |
+ return 0; |
9030 |
+diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c |
9031 |
+index 2318e2e2748f4..2020306468af4 100644 |
9032 |
+--- a/net/unix/af_unix.c |
9033 |
++++ b/net/unix/af_unix.c |
9034 |
+@@ -192,11 +192,17 @@ static inline int unix_may_send(struct sock *sk, struct sock *osk) |
9035 |
+ return unix_peer(osk) == NULL || unix_our_peer(sk, osk); |
9036 |
+ } |
9037 |
+ |
9038 |
+-static inline int unix_recvq_full(struct sock const *sk) |
9039 |
++static inline int unix_recvq_full(const struct sock *sk) |
9040 |
+ { |
9041 |
+ return skb_queue_len(&sk->sk_receive_queue) > sk->sk_max_ack_backlog; |
9042 |
+ } |
9043 |
+ |
9044 |
++static inline int unix_recvq_full_lockless(const struct sock *sk) |
9045 |
++{ |
9046 |
++ return skb_queue_len_lockless(&sk->sk_receive_queue) > |
9047 |
++ READ_ONCE(sk->sk_max_ack_backlog); |
9048 |
++} |
9049 |
++ |
9050 |
+ struct sock *unix_peer_get(struct sock *s) |
9051 |
+ { |
9052 |
+ struct sock *peer; |
9053 |
+@@ -1788,7 +1794,8 @@ restart_locked: |
9054 |
+ * - unix_peer(sk) == sk by time of get but disconnected before lock |
9055 |
+ */ |
9056 |
+ if (other != sk && |
9057 |
+- unlikely(unix_peer(other) != sk && unix_recvq_full(other))) { |
9058 |
++ unlikely(unix_peer(other) != sk && |
9059 |
++ unix_recvq_full_lockless(other))) { |
9060 |
+ if (timeo) { |
9061 |
+ timeo = unix_wait_for_peer(other, timeo); |
9062 |
+ |
9063 |
+diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c |
9064 |
+index 452254fd89f87..250b725f5754c 100644 |
9065 |
+--- a/security/selinux/hooks.c |
9066 |
++++ b/security/selinux/hooks.c |
9067 |
+@@ -3304,6 +3304,9 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, |
9068 |
+ return dentry_has_perm(current_cred(), dentry, FILE__SETATTR); |
9069 |
+ } |
9070 |
+ |
9071 |
++ if (!selinux_state.initialized) |
9072 |
++ return (inode_owner_or_capable(inode) ? 0 : -EPERM); |
9073 |
++ |
9074 |
+ sbsec = inode->i_sb->s_security; |
9075 |
+ if (!(sbsec->flags & SBLABEL_MNT)) |
9076 |
+ return -EOPNOTSUPP; |
9077 |
+@@ -3387,6 +3390,15 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name, |
9078 |
+ return; |
9079 |
+ } |
9080 |
+ |
9081 |
++ if (!selinux_state.initialized) { |
9082 |
++ /* If we haven't even been initialized, then we can't validate |
9083 |
++ * against a policy, so leave the label as invalid. It may |
9084 |
++ * resolve to a valid label on the next revalidation try if |
9085 |
++ * we've since initialized. |
9086 |
++ */ |
9087 |
++ return; |
9088 |
++ } |
9089 |
++ |
9090 |
+ rc = security_context_to_sid_force(&selinux_state, value, size, |
9091 |
+ &newsid); |
9092 |
+ if (rc) { |
9093 |
+diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c |
9094 |
+index f3a5a138a096d..60b3f16bb5c7b 100644 |
9095 |
+--- a/security/selinux/selinuxfs.c |
9096 |
++++ b/security/selinux/selinuxfs.c |
9097 |
+@@ -1509,6 +1509,7 @@ static struct avc_cache_stats *sel_avc_get_stat_idx(loff_t *idx) |
9098 |
+ *idx = cpu + 1; |
9099 |
+ return &per_cpu(avc_cache_stats, cpu); |
9100 |
+ } |
9101 |
++ (*idx)++; |
9102 |
+ return NULL; |
9103 |
+ } |
9104 |
+ |
9105 |
+diff --git a/sound/hda/hdac_bus.c b/sound/hda/hdac_bus.c |
9106 |
+index 714a51721a313..ab9236e4c157e 100644 |
9107 |
+--- a/sound/hda/hdac_bus.c |
9108 |
++++ b/sound/hda/hdac_bus.c |
9109 |
+@@ -155,6 +155,7 @@ static void process_unsol_events(struct work_struct *work) |
9110 |
+ struct hdac_driver *drv; |
9111 |
+ unsigned int rp, caddr, res; |
9112 |
+ |
9113 |
++ spin_lock_irq(&bus->reg_lock); |
9114 |
+ while (bus->unsol_rp != bus->unsol_wp) { |
9115 |
+ rp = (bus->unsol_rp + 1) % HDA_UNSOL_QUEUE_SIZE; |
9116 |
+ bus->unsol_rp = rp; |
9117 |
+@@ -166,10 +167,13 @@ static void process_unsol_events(struct work_struct *work) |
9118 |
+ codec = bus->caddr_tbl[caddr & 0x0f]; |
9119 |
+ if (!codec || !codec->dev.driver) |
9120 |
+ continue; |
9121 |
++ spin_unlock_irq(&bus->reg_lock); |
9122 |
+ drv = drv_to_hdac_driver(codec->dev.driver); |
9123 |
+ if (drv->unsol_event) |
9124 |
+ drv->unsol_event(codec, res); |
9125 |
++ spin_lock_irq(&bus->reg_lock); |
9126 |
+ } |
9127 |
++ spin_unlock_irq(&bus->reg_lock); |
9128 |
+ } |
9129 |
+ |
9130 |
+ /** |
9131 |
+diff --git a/sound/pci/asihpi/hpioctl.c b/sound/pci/asihpi/hpioctl.c |
9132 |
+index 7d049569012c1..3f06986fbecf8 100644 |
9133 |
+--- a/sound/pci/asihpi/hpioctl.c |
9134 |
++++ b/sound/pci/asihpi/hpioctl.c |
9135 |
+@@ -350,7 +350,7 @@ int asihpi_adapter_probe(struct pci_dev *pci_dev, |
9136 |
+ struct hpi_message hm; |
9137 |
+ struct hpi_response hr; |
9138 |
+ struct hpi_adapter adapter; |
9139 |
+- struct hpi_pci pci; |
9140 |
++ struct hpi_pci pci = { 0 }; |
9141 |
+ |
9142 |
+ memset(&adapter, 0, sizeof(adapter)); |
9143 |
+ |
9144 |
+@@ -506,7 +506,7 @@ int asihpi_adapter_probe(struct pci_dev *pci_dev, |
9145 |
+ return 0; |
9146 |
+ |
9147 |
+ err: |
9148 |
+- for (idx = 0; idx < HPI_MAX_ADAPTER_MEM_SPACES; idx++) { |
9149 |
++ while (--idx >= 0) { |
9150 |
+ if (pci.ap_mem_base[idx]) { |
9151 |
+ iounmap(pci.ap_mem_base[idx]); |
9152 |
+ pci.ap_mem_base[idx] = NULL; |
9153 |
+diff --git a/sound/pci/hda/hda_controller.c b/sound/pci/hda/hda_controller.c |
9154 |
+index fa261b27d8588..8198d2e53b7df 100644 |
9155 |
+--- a/sound/pci/hda/hda_controller.c |
9156 |
++++ b/sound/pci/hda/hda_controller.c |
9157 |
+@@ -1169,16 +1169,23 @@ irqreturn_t azx_interrupt(int irq, void *dev_id) |
9158 |
+ if (snd_hdac_bus_handle_stream_irq(bus, status, stream_update)) |
9159 |
+ active = true; |
9160 |
+ |
9161 |
+- /* clear rirb int */ |
9162 |
+ status = azx_readb(chip, RIRBSTS); |
9163 |
+ if (status & RIRB_INT_MASK) { |
9164 |
++ /* |
9165 |
++ * Clearing the interrupt status here ensures that no |
9166 |
++ * interrupt gets masked after the RIRB wp is read in |
9167 |
++ * snd_hdac_bus_update_rirb. This avoids a possible |
9168 |
++ * race condition where codec response in RIRB may |
9169 |
++ * remain unserviced by IRQ, eventually falling back |
9170 |
++ * to polling mode in azx_rirb_get_response. |
9171 |
++ */ |
9172 |
++ azx_writeb(chip, RIRBSTS, RIRB_INT_MASK); |
9173 |
+ active = true; |
9174 |
+ if (status & RIRB_INT_RESPONSE) { |
9175 |
+ if (chip->driver_caps & AZX_DCAPS_CTX_WORKAROUND) |
9176 |
+ udelay(80); |
9177 |
+ snd_hdac_bus_update_rirb(bus); |
9178 |
+ } |
9179 |
+- azx_writeb(chip, RIRBSTS, RIRB_INT_MASK); |
9180 |
+ } |
9181 |
+ } while (active && ++repeat < 10); |
9182 |
+ |
9183 |
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
9184 |
+index 9c5b3d19bfa73..24bc9e4460473 100644 |
9185 |
+--- a/sound/pci/hda/patch_realtek.c |
9186 |
++++ b/sound/pci/hda/patch_realtek.c |
9187 |
+@@ -3290,7 +3290,11 @@ static void alc256_shutup(struct hda_codec *codec) |
9188 |
+ |
9189 |
+ /* 3k pull low control for Headset jack. */ |
9190 |
+ /* NOTE: call this before clearing the pin, otherwise codec stalls */ |
9191 |
+- alc_update_coef_idx(codec, 0x46, 0, 3 << 12); |
9192 |
++ /* If disable 3k pulldown control for alc257, the Mic detection will not work correctly |
9193 |
++ * when booting with headset plugged. So skip setting it for the codec alc257 |
9194 |
++ */ |
9195 |
++ if (codec->core.vendor_id != 0x10ec0257) |
9196 |
++ alc_update_coef_idx(codec, 0x46, 0, 3 << 12); |
9197 |
+ |
9198 |
+ if (!spec->no_shutup_pins) |
9199 |
+ snd_hda_codec_write(codec, hp_pin, 0, |
9200 |
+@@ -5612,6 +5616,7 @@ static void alc_fixup_thinkpad_acpi(struct hda_codec *codec, |
9201 |
+ #include "hp_x360_helper.c" |
9202 |
+ |
9203 |
+ enum { |
9204 |
++ ALC269_FIXUP_GPIO2, |
9205 |
+ ALC269_FIXUP_SONY_VAIO, |
9206 |
+ ALC275_FIXUP_SONY_VAIO_GPIO2, |
9207 |
+ ALC269_FIXUP_DELL_M101Z, |
9208 |
+@@ -5764,6 +5769,10 @@ enum { |
9209 |
+ }; |
9210 |
+ |
9211 |
+ static const struct hda_fixup alc269_fixups[] = { |
9212 |
++ [ALC269_FIXUP_GPIO2] = { |
9213 |
++ .type = HDA_FIXUP_FUNC, |
9214 |
++ .v.func = alc_fixup_gpio2, |
9215 |
++ }, |
9216 |
+ [ALC269_FIXUP_SONY_VAIO] = { |
9217 |
+ .type = HDA_FIXUP_PINCTLS, |
9218 |
+ .v.pins = (const struct hda_pintbl[]) { |
9219 |
+@@ -6559,6 +6568,8 @@ static const struct hda_fixup alc269_fixups[] = { |
9220 |
+ [ALC233_FIXUP_LENOVO_MULTI_CODECS] = { |
9221 |
+ .type = HDA_FIXUP_FUNC, |
9222 |
+ .v.func = alc233_alc662_fixup_lenovo_dual_codecs, |
9223 |
++ .chained = true, |
9224 |
++ .chain_id = ALC269_FIXUP_GPIO2 |
9225 |
+ }, |
9226 |
+ [ALC233_FIXUP_ACER_HEADSET_MIC] = { |
9227 |
+ .type = HDA_FIXUP_VERBS, |
9228 |
+diff --git a/sound/soc/codecs/max98090.c b/sound/soc/codecs/max98090.c |
9229 |
+index 89b6e187ac235..a5b0c40ee545f 100644 |
9230 |
+--- a/sound/soc/codecs/max98090.c |
9231 |
++++ b/sound/soc/codecs/max98090.c |
9232 |
+@@ -2130,10 +2130,16 @@ static void max98090_pll_work(struct max98090_priv *max98090) |
9233 |
+ |
9234 |
+ dev_info_ratelimited(component->dev, "PLL unlocked\n"); |
9235 |
+ |
9236 |
++ /* |
9237 |
++ * As the datasheet suggested, the maximum PLL lock time should be |
9238 |
++ * 7 msec. The workaround resets the codec softly by toggling SHDN |
9239 |
++ * off and on if PLL failed to lock for 10 msec. Notably, there is |
9240 |
++ * no suggested hold time for SHDN off. |
9241 |
++ */ |
9242 |
++ |
9243 |
+ /* Toggle shutdown OFF then ON */ |
9244 |
+ snd_soc_component_update_bits(component, M98090_REG_DEVICE_SHUTDOWN, |
9245 |
+ M98090_SHDNN_MASK, 0); |
9246 |
+- msleep(10); |
9247 |
+ snd_soc_component_update_bits(component, M98090_REG_DEVICE_SHUTDOWN, |
9248 |
+ M98090_SHDNN_MASK, M98090_SHDNN_MASK); |
9249 |
+ |
9250 |
+diff --git a/sound/soc/codecs/wm8994.c b/sound/soc/codecs/wm8994.c |
9251 |
+index 01acb8da2f48e..e3e069277a3ff 100644 |
9252 |
+--- a/sound/soc/codecs/wm8994.c |
9253 |
++++ b/sound/soc/codecs/wm8994.c |
9254 |
+@@ -3376,6 +3376,8 @@ int wm8994_mic_detect(struct snd_soc_component *component, struct snd_soc_jack * |
9255 |
+ return -EINVAL; |
9256 |
+ } |
9257 |
+ |
9258 |
++ pm_runtime_get_sync(component->dev); |
9259 |
++ |
9260 |
+ switch (micbias) { |
9261 |
+ case 1: |
9262 |
+ micdet = &wm8994->micdet[0]; |
9263 |
+@@ -3423,6 +3425,8 @@ int wm8994_mic_detect(struct snd_soc_component *component, struct snd_soc_jack * |
9264 |
+ |
9265 |
+ snd_soc_dapm_sync(dapm); |
9266 |
+ |
9267 |
++ pm_runtime_put(component->dev); |
9268 |
++ |
9269 |
+ return 0; |
9270 |
+ } |
9271 |
+ EXPORT_SYMBOL_GPL(wm8994_mic_detect); |
9272 |
+@@ -3790,6 +3794,8 @@ int wm8958_mic_detect(struct snd_soc_component *component, struct snd_soc_jack * |
9273 |
+ return -EINVAL; |
9274 |
+ } |
9275 |
+ |
9276 |
++ pm_runtime_get_sync(component->dev); |
9277 |
++ |
9278 |
+ if (jack) { |
9279 |
+ snd_soc_dapm_force_enable_pin(dapm, "CLK_SYS"); |
9280 |
+ snd_soc_dapm_sync(dapm); |
9281 |
+@@ -3858,6 +3864,8 @@ int wm8958_mic_detect(struct snd_soc_component *component, struct snd_soc_jack * |
9282 |
+ snd_soc_dapm_sync(dapm); |
9283 |
+ } |
9284 |
+ |
9285 |
++ pm_runtime_put(component->dev); |
9286 |
++ |
9287 |
+ return 0; |
9288 |
+ } |
9289 |
+ EXPORT_SYMBOL_GPL(wm8958_mic_detect); |
9290 |
+@@ -4051,11 +4059,13 @@ static int wm8994_component_probe(struct snd_soc_component *component) |
9291 |
+ wm8994->hubs.dcs_readback_mode = 2; |
9292 |
+ break; |
9293 |
+ } |
9294 |
++ wm8994->hubs.micd_scthr = true; |
9295 |
+ break; |
9296 |
+ |
9297 |
+ case WM8958: |
9298 |
+ wm8994->hubs.dcs_readback_mode = 1; |
9299 |
+ wm8994->hubs.hp_startup_mode = 1; |
9300 |
++ wm8994->hubs.micd_scthr = true; |
9301 |
+ |
9302 |
+ switch (control->revision) { |
9303 |
+ case 0: |
9304 |
+diff --git a/sound/soc/codecs/wm_hubs.c b/sound/soc/codecs/wm_hubs.c |
9305 |
+index fed6ea9b019f7..da7fa6f5459e6 100644 |
9306 |
+--- a/sound/soc/codecs/wm_hubs.c |
9307 |
++++ b/sound/soc/codecs/wm_hubs.c |
9308 |
+@@ -1227,6 +1227,9 @@ int wm_hubs_handle_analogue_pdata(struct snd_soc_component *component, |
9309 |
+ snd_soc_component_update_bits(component, WM8993_ADDITIONAL_CONTROL, |
9310 |
+ WM8993_LINEOUT2_FB, WM8993_LINEOUT2_FB); |
9311 |
+ |
9312 |
++ if (!hubs->micd_scthr) |
9313 |
++ return 0; |
9314 |
++ |
9315 |
+ snd_soc_component_update_bits(component, WM8993_MICBIAS, |
9316 |
+ WM8993_JD_SCTHR_MASK | WM8993_JD_THR_MASK | |
9317 |
+ WM8993_MICB1_LVL | WM8993_MICB2_LVL, |
9318 |
+diff --git a/sound/soc/codecs/wm_hubs.h b/sound/soc/codecs/wm_hubs.h |
9319 |
+index ee339ad8514d1..1433d73e09bf8 100644 |
9320 |
+--- a/sound/soc/codecs/wm_hubs.h |
9321 |
++++ b/sound/soc/codecs/wm_hubs.h |
9322 |
+@@ -31,6 +31,7 @@ struct wm_hubs_data { |
9323 |
+ int hp_startup_mode; |
9324 |
+ int series_startup; |
9325 |
+ int no_series_update; |
9326 |
++ bool micd_scthr; |
9327 |
+ |
9328 |
+ bool no_cache_dac_hp_direct; |
9329 |
+ struct list_head dcs_cache; |
9330 |
+diff --git a/sound/soc/img/img-i2s-out.c b/sound/soc/img/img-i2s-out.c |
9331 |
+index fc2d1dac63339..798ab579564cb 100644 |
9332 |
+--- a/sound/soc/img/img-i2s-out.c |
9333 |
++++ b/sound/soc/img/img-i2s-out.c |
9334 |
+@@ -350,8 +350,10 @@ static int img_i2s_out_set_fmt(struct snd_soc_dai *dai, unsigned int fmt) |
9335 |
+ chan_control_mask = IMG_I2S_OUT_CHAN_CTL_CLKT_MASK; |
9336 |
+ |
9337 |
+ ret = pm_runtime_get_sync(i2s->dev); |
9338 |
+- if (ret < 0) |
9339 |
++ if (ret < 0) { |
9340 |
++ pm_runtime_put_noidle(i2s->dev); |
9341 |
+ return ret; |
9342 |
++ } |
9343 |
+ |
9344 |
+ img_i2s_out_disable(i2s); |
9345 |
+ |
9346 |
+@@ -491,8 +493,10 @@ static int img_i2s_out_probe(struct platform_device *pdev) |
9347 |
+ goto err_pm_disable; |
9348 |
+ } |
9349 |
+ ret = pm_runtime_get_sync(&pdev->dev); |
9350 |
+- if (ret < 0) |
9351 |
++ if (ret < 0) { |
9352 |
++ pm_runtime_put_noidle(&pdev->dev); |
9353 |
+ goto err_suspend; |
9354 |
++ } |
9355 |
+ |
9356 |
+ reg = IMG_I2S_OUT_CTL_FRM_SIZE_MASK; |
9357 |
+ img_i2s_out_writel(i2s, reg, IMG_I2S_OUT_CTL); |
9358 |
+diff --git a/sound/soc/intel/boards/bytcr_rt5640.c b/sound/soc/intel/boards/bytcr_rt5640.c |
9359 |
+index 0dcd249877c55..ec630127ef2f3 100644 |
9360 |
+--- a/sound/soc/intel/boards/bytcr_rt5640.c |
9361 |
++++ b/sound/soc/intel/boards/bytcr_rt5640.c |
9362 |
+@@ -588,6 +588,16 @@ static const struct dmi_system_id byt_rt5640_quirk_table[] = { |
9363 |
+ BYT_RT5640_SSP0_AIF1 | |
9364 |
+ BYT_RT5640_MCLK_EN), |
9365 |
+ }, |
9366 |
++ { /* MPMAN Converter 9, similar hw as the I.T.Works TW891 2-in-1 */ |
9367 |
++ .matches = { |
9368 |
++ DMI_MATCH(DMI_SYS_VENDOR, "MPMAN"), |
9369 |
++ DMI_MATCH(DMI_PRODUCT_NAME, "Converter9"), |
9370 |
++ }, |
9371 |
++ .driver_data = (void *)(BYTCR_INPUT_DEFAULTS | |
9372 |
++ BYT_RT5640_MONO_SPEAKER | |
9373 |
++ BYT_RT5640_SSP0_AIF1 | |
9374 |
++ BYT_RT5640_MCLK_EN), |
9375 |
++ }, |
9376 |
+ { |
9377 |
+ /* MPMAN MPWIN895CL */ |
9378 |
+ .matches = { |
9379 |
+diff --git a/sound/soc/kirkwood/kirkwood-dma.c b/sound/soc/kirkwood/kirkwood-dma.c |
9380 |
+index c6a58520d377a..255cc45905b81 100644 |
9381 |
+--- a/sound/soc/kirkwood/kirkwood-dma.c |
9382 |
++++ b/sound/soc/kirkwood/kirkwood-dma.c |
9383 |
+@@ -136,7 +136,7 @@ static int kirkwood_dma_open(struct snd_pcm_substream *substream) |
9384 |
+ err = request_irq(priv->irq, kirkwood_dma_irq, IRQF_SHARED, |
9385 |
+ "kirkwood-i2s", priv); |
9386 |
+ if (err) |
9387 |
+- return -EBUSY; |
9388 |
++ return err; |
9389 |
+ |
9390 |
+ /* |
9391 |
+ * Enable Error interrupts. We're only ack'ing them but |
9392 |
+diff --git a/sound/usb/midi.c b/sound/usb/midi.c |
9393 |
+index 28a3ad8b1d74b..137e1e8718d6f 100644 |
9394 |
+--- a/sound/usb/midi.c |
9395 |
++++ b/sound/usb/midi.c |
9396 |
+@@ -1828,6 +1828,28 @@ static int snd_usbmidi_create_endpoints(struct snd_usb_midi *umidi, |
9397 |
+ return 0; |
9398 |
+ } |
9399 |
+ |
9400 |
++static struct usb_ms_endpoint_descriptor *find_usb_ms_endpoint_descriptor( |
9401 |
++ struct usb_host_endpoint *hostep) |
9402 |
++{ |
9403 |
++ unsigned char *extra = hostep->extra; |
9404 |
++ int extralen = hostep->extralen; |
9405 |
++ |
9406 |
++ while (extralen > 3) { |
9407 |
++ struct usb_ms_endpoint_descriptor *ms_ep = |
9408 |
++ (struct usb_ms_endpoint_descriptor *)extra; |
9409 |
++ |
9410 |
++ if (ms_ep->bLength > 3 && |
9411 |
++ ms_ep->bDescriptorType == USB_DT_CS_ENDPOINT && |
9412 |
++ ms_ep->bDescriptorSubtype == UAC_MS_GENERAL) |
9413 |
++ return ms_ep; |
9414 |
++ if (!extra[0]) |
9415 |
++ break; |
9416 |
++ extralen -= extra[0]; |
9417 |
++ extra += extra[0]; |
9418 |
++ } |
9419 |
++ return NULL; |
9420 |
++} |
9421 |
++ |
9422 |
+ /* |
9423 |
+ * Returns MIDIStreaming device capabilities. |
9424 |
+ */ |
9425 |
+@@ -1865,11 +1887,8 @@ static int snd_usbmidi_get_ms_info(struct snd_usb_midi *umidi, |
9426 |
+ ep = get_ep_desc(hostep); |
9427 |
+ if (!usb_endpoint_xfer_bulk(ep) && !usb_endpoint_xfer_int(ep)) |
9428 |
+ continue; |
9429 |
+- ms_ep = (struct usb_ms_endpoint_descriptor *)hostep->extra; |
9430 |
+- if (hostep->extralen < 4 || |
9431 |
+- ms_ep->bLength < 4 || |
9432 |
+- ms_ep->bDescriptorType != USB_DT_CS_ENDPOINT || |
9433 |
+- ms_ep->bDescriptorSubtype != UAC_MS_GENERAL) |
9434 |
++ ms_ep = find_usb_ms_endpoint_descriptor(hostep); |
9435 |
++ if (!ms_ep) |
9436 |
+ continue; |
9437 |
+ if (usb_endpoint_dir_out(ep)) { |
9438 |
+ if (endpoints[epidx].out_ep) { |
9439 |
+diff --git a/sound/usb/mixer.c b/sound/usb/mixer.c |
9440 |
+index 45bd3d54be54b..451b8ea383c61 100644 |
9441 |
+--- a/sound/usb/mixer.c |
9442 |
++++ b/sound/usb/mixer.c |
9443 |
+@@ -1699,6 +1699,16 @@ static void __build_feature_ctl(struct usb_mixer_interface *mixer, |
9444 |
+ /* get min/max values */ |
9445 |
+ get_min_max_with_quirks(cval, 0, kctl); |
9446 |
+ |
9447 |
++ /* skip a bogus volume range */ |
9448 |
++ if (cval->max <= cval->min) { |
9449 |
++ usb_audio_dbg(mixer->chip, |
9450 |
++ "[%d] FU [%s] skipped due to invalid volume\n", |
9451 |
++ cval->head.id, kctl->id.name); |
9452 |
++ snd_ctl_free_one(kctl); |
9453 |
++ return; |
9454 |
++ } |
9455 |
++ |
9456 |
++ |
9457 |
+ if (control == UAC_FU_VOLUME) { |
9458 |
+ check_mapped_dB(map, cval); |
9459 |
+ if (cval->dBmin < cval->dBmax || !cval->initialized) { |
9460 |
+diff --git a/sound/usb/quirks.c b/sound/usb/quirks.c |
9461 |
+index 8d9117312e30c..e6dea1c7112be 100644 |
9462 |
+--- a/sound/usb/quirks.c |
9463 |
++++ b/sound/usb/quirks.c |
9464 |
+@@ -1338,12 +1338,13 @@ void snd_usb_ctl_msg_quirk(struct usb_device *dev, unsigned int pipe, |
9465 |
+ && (requesttype & USB_TYPE_MASK) == USB_TYPE_CLASS) |
9466 |
+ msleep(20); |
9467 |
+ |
9468 |
+- /* Zoom R16/24, Logitech H650e, Jabra 550a, Kingston HyperX needs a tiny |
9469 |
+- * delay here, otherwise requests like get/set frequency return as |
9470 |
+- * failed despite actually succeeding. |
9471 |
++ /* Zoom R16/24, Logitech H650e/H570e, Jabra 550a, Kingston HyperX |
9472 |
++ * needs a tiny delay here, otherwise requests like get/set |
9473 |
++ * frequency return as failed despite actually succeeding. |
9474 |
+ */ |
9475 |
+ if ((chip->usb_id == USB_ID(0x1686, 0x00dd) || |
9476 |
+ chip->usb_id == USB_ID(0x046d, 0x0a46) || |
9477 |
++ chip->usb_id == USB_ID(0x046d, 0x0a56) || |
9478 |
+ chip->usb_id == USB_ID(0x0b0e, 0x0349) || |
9479 |
+ chip->usb_id == USB_ID(0x0951, 0x16ad)) && |
9480 |
+ (requesttype & USB_TYPE_MASK) == USB_TYPE_CLASS) |
9481 |
+diff --git a/tools/gpio/gpio-hammer.c b/tools/gpio/gpio-hammer.c |
9482 |
+index 4bcb234c0fcab..3da5462a0c7d3 100644 |
9483 |
+--- a/tools/gpio/gpio-hammer.c |
9484 |
++++ b/tools/gpio/gpio-hammer.c |
9485 |
+@@ -138,7 +138,14 @@ int main(int argc, char **argv) |
9486 |
+ device_name = optarg; |
9487 |
+ break; |
9488 |
+ case 'o': |
9489 |
+- lines[i] = strtoul(optarg, NULL, 10); |
9490 |
++ /* |
9491 |
++ * Avoid overflow. Do not immediately error, we want to |
9492 |
++ * be able to accurately report on the amount of times |
9493 |
++ * '-o' was given to give an accurate error message |
9494 |
++ */ |
9495 |
++ if (i < GPIOHANDLES_MAX) |
9496 |
++ lines[i] = strtoul(optarg, NULL, 10); |
9497 |
++ |
9498 |
+ i++; |
9499 |
+ break; |
9500 |
+ case '?': |
9501 |
+@@ -146,6 +153,14 @@ int main(int argc, char **argv) |
9502 |
+ return -1; |
9503 |
+ } |
9504 |
+ } |
9505 |
++ |
9506 |
++ if (i >= GPIOHANDLES_MAX) { |
9507 |
++ fprintf(stderr, |
9508 |
++ "Only %d occurences of '-o' are allowed, %d were found\n", |
9509 |
++ GPIOHANDLES_MAX, i + 1); |
9510 |
++ return -1; |
9511 |
++ } |
9512 |
++ |
9513 |
+ nlines = i; |
9514 |
+ |
9515 |
+ if (!device_name || !nlines) { |
9516 |
+diff --git a/tools/objtool/check.c b/tools/objtool/check.c |
9517 |
+index fd3071d83deae..c0ab27368a345 100644 |
9518 |
+--- a/tools/objtool/check.c |
9519 |
++++ b/tools/objtool/check.c |
9520 |
+@@ -503,7 +503,7 @@ static int add_jump_destinations(struct objtool_file *file) |
9521 |
+ insn->type != INSN_JUMP_UNCONDITIONAL) |
9522 |
+ continue; |
9523 |
+ |
9524 |
+- if (insn->ignore || insn->offset == FAKE_JUMP_OFFSET) |
9525 |
++ if (insn->offset == FAKE_JUMP_OFFSET) |
9526 |
+ continue; |
9527 |
+ |
9528 |
+ rela = find_rela_by_dest_range(insn->sec, insn->offset, |
9529 |
+diff --git a/tools/perf/builtin-stat.c b/tools/perf/builtin-stat.c |
9530 |
+index 6aae10ff954c7..adabe9d4dc866 100644 |
9531 |
+--- a/tools/perf/builtin-stat.c |
9532 |
++++ b/tools/perf/builtin-stat.c |
9533 |
+@@ -422,7 +422,7 @@ static void process_interval(void) |
9534 |
+ } |
9535 |
+ |
9536 |
+ init_stats(&walltime_nsecs_stats); |
9537 |
+- update_stats(&walltime_nsecs_stats, stat_config.interval * 1000000); |
9538 |
++ update_stats(&walltime_nsecs_stats, stat_config.interval * 1000000ULL); |
9539 |
+ print_counters(&rs, 0, NULL); |
9540 |
+ } |
9541 |
+ |
9542 |
+diff --git a/tools/perf/pmu-events/jevents.c b/tools/perf/pmu-events/jevents.c |
9543 |
+index c17e594041712..6631970f96832 100644 |
9544 |
+--- a/tools/perf/pmu-events/jevents.c |
9545 |
++++ b/tools/perf/pmu-events/jevents.c |
9546 |
+@@ -1064,10 +1064,9 @@ static int process_one_file(const char *fpath, const struct stat *sb, |
9547 |
+ */ |
9548 |
+ int main(int argc, char *argv[]) |
9549 |
+ { |
9550 |
+- int rc; |
9551 |
++ int rc, ret = 0; |
9552 |
+ int maxfds; |
9553 |
+ char ldirname[PATH_MAX]; |
9554 |
+- |
9555 |
+ const char *arch; |
9556 |
+ const char *output_file; |
9557 |
+ const char *start_dirname; |
9558 |
+@@ -1138,7 +1137,8 @@ int main(int argc, char *argv[]) |
9559 |
+ /* Make build fail */ |
9560 |
+ fclose(eventsfp); |
9561 |
+ free_arch_std_events(); |
9562 |
+- return 1; |
9563 |
++ ret = 1; |
9564 |
++ goto out_free_mapfile; |
9565 |
+ } else if (rc) { |
9566 |
+ goto empty_map; |
9567 |
+ } |
9568 |
+@@ -1156,14 +1156,17 @@ int main(int argc, char *argv[]) |
9569 |
+ /* Make build fail */ |
9570 |
+ fclose(eventsfp); |
9571 |
+ free_arch_std_events(); |
9572 |
+- return 1; |
9573 |
++ ret = 1; |
9574 |
+ } |
9575 |
+ |
9576 |
+- return 0; |
9577 |
++ |
9578 |
++ goto out_free_mapfile; |
9579 |
+ |
9580 |
+ empty_map: |
9581 |
+ fclose(eventsfp); |
9582 |
+ create_empty_mapping(output_file); |
9583 |
+ free_arch_std_events(); |
9584 |
+- return 0; |
9585 |
++out_free_mapfile: |
9586 |
++ free(mapfile); |
9587 |
++ return ret; |
9588 |
+ } |
9589 |
+diff --git a/tools/perf/tests/shell/lib/probe_vfs_getname.sh b/tools/perf/tests/shell/lib/probe_vfs_getname.sh |
9590 |
+index 7cb99b433888b..c2cc42daf9242 100644 |
9591 |
+--- a/tools/perf/tests/shell/lib/probe_vfs_getname.sh |
9592 |
++++ b/tools/perf/tests/shell/lib/probe_vfs_getname.sh |
9593 |
+@@ -14,7 +14,7 @@ add_probe_vfs_getname() { |
9594 |
+ if [ $had_vfs_getname -eq 1 ] ; then |
9595 |
+ line=$(perf probe -L getname_flags 2>&1 | egrep 'result.*=.*filename;' | sed -r 's/[[:space:]]+([[:digit:]]+)[[:space:]]+result->uptr.*/\1/') |
9596 |
+ perf probe -q "vfs_getname=getname_flags:${line} pathname=result->name:string" || \ |
9597 |
+- perf probe $verbose "vfs_getname=getname_flags:${line} pathname=filename:string" |
9598 |
++ perf probe $verbose "vfs_getname=getname_flags:${line} pathname=filename:ustring" |
9599 |
+ fi |
9600 |
+ } |
9601 |
+ |
9602 |
+diff --git a/tools/perf/trace/beauty/arch_errno_names.sh b/tools/perf/trace/beauty/arch_errno_names.sh |
9603 |
+index 22c9fc900c847..f8c44a85650be 100755 |
9604 |
+--- a/tools/perf/trace/beauty/arch_errno_names.sh |
9605 |
++++ b/tools/perf/trace/beauty/arch_errno_names.sh |
9606 |
+@@ -91,7 +91,7 @@ EoHEADER |
9607 |
+ # in tools/perf/arch |
9608 |
+ archlist="" |
9609 |
+ for arch in $(find $toolsdir/arch -maxdepth 1 -mindepth 1 -type d -printf "%f\n" | grep -v x86 | sort); do |
9610 |
+- test -d arch/$arch && archlist="$archlist $arch" |
9611 |
++ test -d $toolsdir/perf/arch/$arch && archlist="$archlist $arch" |
9612 |
+ done |
9613 |
+ |
9614 |
+ for arch in x86 $archlist generic; do |
9615 |
+diff --git a/tools/perf/util/cpumap.c b/tools/perf/util/cpumap.c |
9616 |
+index f93846edc1e0d..827d844f4efb1 100644 |
9617 |
+--- a/tools/perf/util/cpumap.c |
9618 |
++++ b/tools/perf/util/cpumap.c |
9619 |
+@@ -462,7 +462,7 @@ static void set_max_cpu_num(void) |
9620 |
+ |
9621 |
+ /* get the highest possible cpu number for a sparse allocation */ |
9622 |
+ ret = snprintf(path, PATH_MAX, "%s/devices/system/cpu/possible", mnt); |
9623 |
+- if (ret == PATH_MAX) { |
9624 |
++ if (ret >= PATH_MAX) { |
9625 |
+ pr_err("sysfs path crossed PATH_MAX(%d) size\n", PATH_MAX); |
9626 |
+ goto out; |
9627 |
+ } |
9628 |
+@@ -473,7 +473,7 @@ static void set_max_cpu_num(void) |
9629 |
+ |
9630 |
+ /* get the highest present cpu number for a sparse allocation */ |
9631 |
+ ret = snprintf(path, PATH_MAX, "%s/devices/system/cpu/present", mnt); |
9632 |
+- if (ret == PATH_MAX) { |
9633 |
++ if (ret >= PATH_MAX) { |
9634 |
+ pr_err("sysfs path crossed PATH_MAX(%d) size\n", PATH_MAX); |
9635 |
+ goto out; |
9636 |
+ } |
9637 |
+@@ -501,7 +501,7 @@ static void set_max_node_num(void) |
9638 |
+ |
9639 |
+ /* get the highest possible cpu number for a sparse allocation */ |
9640 |
+ ret = snprintf(path, PATH_MAX, "%s/devices/system/node/possible", mnt); |
9641 |
+- if (ret == PATH_MAX) { |
9642 |
++ if (ret >= PATH_MAX) { |
9643 |
+ pr_err("sysfs path crossed PATH_MAX(%d) size\n", PATH_MAX); |
9644 |
+ goto out; |
9645 |
+ } |
9646 |
+@@ -586,7 +586,7 @@ int cpu__setup_cpunode_map(void) |
9647 |
+ return 0; |
9648 |
+ |
9649 |
+ n = snprintf(path, PATH_MAX, "%s/devices/system/node", mnt); |
9650 |
+- if (n == PATH_MAX) { |
9651 |
++ if (n >= PATH_MAX) { |
9652 |
+ pr_err("sysfs path crossed PATH_MAX(%d) size\n", PATH_MAX); |
9653 |
+ return -1; |
9654 |
+ } |
9655 |
+@@ -601,7 +601,7 @@ int cpu__setup_cpunode_map(void) |
9656 |
+ continue; |
9657 |
+ |
9658 |
+ n = snprintf(buf, PATH_MAX, "%s/%s", path, dent1->d_name); |
9659 |
+- if (n == PATH_MAX) { |
9660 |
++ if (n >= PATH_MAX) { |
9661 |
+ pr_err("sysfs path crossed PATH_MAX(%d) size\n", PATH_MAX); |
9662 |
+ continue; |
9663 |
+ } |
9664 |
+diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c |
9665 |
+index 4fad92213609f..11a2aa80802d5 100644 |
9666 |
+--- a/tools/perf/util/evsel.c |
9667 |
++++ b/tools/perf/util/evsel.c |
9668 |
+@@ -1290,6 +1290,9 @@ void perf_evsel__exit(struct perf_evsel *evsel) |
9669 |
+ thread_map__put(evsel->threads); |
9670 |
+ zfree(&evsel->group_name); |
9671 |
+ zfree(&evsel->name); |
9672 |
++ zfree(&evsel->pmu_name); |
9673 |
++ zfree(&evsel->per_pkg_mask); |
9674 |
++ zfree(&evsel->metric_events); |
9675 |
+ perf_evsel__object.fini(evsel); |
9676 |
+ } |
9677 |
+ |
9678 |
+diff --git a/tools/perf/util/mem2node.c b/tools/perf/util/mem2node.c |
9679 |
+index c6fd81c025863..81c5a2e438b7d 100644 |
9680 |
+--- a/tools/perf/util/mem2node.c |
9681 |
++++ b/tools/perf/util/mem2node.c |
9682 |
+@@ -1,5 +1,6 @@ |
9683 |
+ #include <errno.h> |
9684 |
+ #include <inttypes.h> |
9685 |
++#include <asm/bug.h> |
9686 |
+ #include <linux/bitmap.h> |
9687 |
+ #include "mem2node.h" |
9688 |
+ #include "util.h" |
9689 |
+@@ -92,7 +93,7 @@ int mem2node__init(struct mem2node *map, struct perf_env *env) |
9690 |
+ |
9691 |
+ /* Cut unused entries, due to merging. */ |
9692 |
+ tmp_entries = realloc(entries, sizeof(*entries) * j); |
9693 |
+- if (tmp_entries) |
9694 |
++ if (tmp_entries || WARN_ON_ONCE(j == 0)) |
9695 |
+ entries = tmp_entries; |
9696 |
+ |
9697 |
+ for (i = 0; i < j; i++) { |
9698 |
+diff --git a/tools/perf/util/metricgroup.c b/tools/perf/util/metricgroup.c |
9699 |
+index 8b3dafe3fac3a..6dcc6e1182a54 100644 |
9700 |
+--- a/tools/perf/util/metricgroup.c |
9701 |
++++ b/tools/perf/util/metricgroup.c |
9702 |
+@@ -171,6 +171,7 @@ static int metricgroup__setup_events(struct list_head *groups, |
9703 |
+ if (!evsel) { |
9704 |
+ pr_debug("Cannot resolve %s: %s\n", |
9705 |
+ eg->metric_name, eg->metric_expr); |
9706 |
++ free(metric_events); |
9707 |
+ continue; |
9708 |
+ } |
9709 |
+ for (i = 0; i < eg->idnum; i++) |
9710 |
+@@ -178,11 +179,13 @@ static int metricgroup__setup_events(struct list_head *groups, |
9711 |
+ me = metricgroup__lookup(metric_events_list, evsel, true); |
9712 |
+ if (!me) { |
9713 |
+ ret = -ENOMEM; |
9714 |
++ free(metric_events); |
9715 |
+ break; |
9716 |
+ } |
9717 |
+ expr = malloc(sizeof(struct metric_expr)); |
9718 |
+ if (!expr) { |
9719 |
+ ret = -ENOMEM; |
9720 |
++ free(metric_events); |
9721 |
+ break; |
9722 |
+ } |
9723 |
+ expr->metric_expr = eg->metric_expr; |
9724 |
+diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c |
9725 |
+index 95043cae57740..0eff0c3ba9eeb 100644 |
9726 |
+--- a/tools/perf/util/parse-events.c |
9727 |
++++ b/tools/perf/util/parse-events.c |
9728 |
+@@ -1261,7 +1261,7 @@ int parse_events_add_pmu(struct parse_events_state *parse_state, |
9729 |
+ attr.type = pmu->type; |
9730 |
+ evsel = __add_event(list, &parse_state->idx, &attr, NULL, pmu, NULL, auto_merge_stats); |
9731 |
+ if (evsel) { |
9732 |
+- evsel->pmu_name = name; |
9733 |
++ evsel->pmu_name = name ? strdup(name) : NULL; |
9734 |
+ evsel->use_uncore_alias = use_uncore_alias; |
9735 |
+ return 0; |
9736 |
+ } else { |
9737 |
+@@ -1302,7 +1302,7 @@ int parse_events_add_pmu(struct parse_events_state *parse_state, |
9738 |
+ evsel->snapshot = info.snapshot; |
9739 |
+ evsel->metric_expr = info.metric_expr; |
9740 |
+ evsel->metric_name = info.metric_name; |
9741 |
+- evsel->pmu_name = name; |
9742 |
++ evsel->pmu_name = name ? strdup(name) : NULL; |
9743 |
+ evsel->use_uncore_alias = use_uncore_alias; |
9744 |
+ } |
9745 |
+ |
9746 |
+@@ -1421,12 +1421,11 @@ parse_events__set_leader_for_uncore_aliase(char *name, struct list_head *list, |
9747 |
+ * event. That can be used to distinguish the leader from |
9748 |
+ * other members, even they have the same event name. |
9749 |
+ */ |
9750 |
+- if ((leader != evsel) && (leader->pmu_name == evsel->pmu_name)) { |
9751 |
++ if ((leader != evsel) && |
9752 |
++ !strcmp(leader->pmu_name, evsel->pmu_name)) { |
9753 |
+ is_leader = false; |
9754 |
+ continue; |
9755 |
+ } |
9756 |
+- /* The name is always alias name */ |
9757 |
+- WARN_ON(strcmp(leader->name, evsel->name)); |
9758 |
+ |
9759 |
+ /* Store the leader event for each PMU */ |
9760 |
+ leaders[nr_pmu++] = (uintptr_t) evsel; |
9761 |
+diff --git a/tools/perf/util/sort.c b/tools/perf/util/sort.c |
9762 |
+index 46daa22b86e3b..85ff4f68adc00 100644 |
9763 |
+--- a/tools/perf/util/sort.c |
9764 |
++++ b/tools/perf/util/sort.c |
9765 |
+@@ -2690,7 +2690,7 @@ static char *prefix_if_not_in(const char *pre, char *str) |
9766 |
+ return str; |
9767 |
+ |
9768 |
+ if (asprintf(&n, "%s,%s", pre, str) < 0) |
9769 |
+- return NULL; |
9770 |
++ n = NULL; |
9771 |
+ |
9772 |
+ free(str); |
9773 |
+ return n; |
9774 |
+diff --git a/tools/perf/util/symbol-elf.c b/tools/perf/util/symbol-elf.c |
9775 |
+index a701a8a48f005..166c621e02235 100644 |
9776 |
+--- a/tools/perf/util/symbol-elf.c |
9777 |
++++ b/tools/perf/util/symbol-elf.c |
9778 |
+@@ -1421,6 +1421,7 @@ struct kcore_copy_info { |
9779 |
+ u64 first_symbol; |
9780 |
+ u64 last_symbol; |
9781 |
+ u64 first_module; |
9782 |
++ u64 first_module_symbol; |
9783 |
+ u64 last_module_symbol; |
9784 |
+ size_t phnum; |
9785 |
+ struct list_head phdrs; |
9786 |
+@@ -1497,6 +1498,8 @@ static int kcore_copy__process_kallsyms(void *arg, const char *name, char type, |
9787 |
+ return 0; |
9788 |
+ |
9789 |
+ if (strchr(name, '[')) { |
9790 |
++ if (!kci->first_module_symbol || start < kci->first_module_symbol) |
9791 |
++ kci->first_module_symbol = start; |
9792 |
+ if (start > kci->last_module_symbol) |
9793 |
+ kci->last_module_symbol = start; |
9794 |
+ return 0; |
9795 |
+@@ -1694,6 +1697,10 @@ static int kcore_copy__calc_maps(struct kcore_copy_info *kci, const char *dir, |
9796 |
+ kci->etext += page_size; |
9797 |
+ } |
9798 |
+ |
9799 |
++ if (kci->first_module_symbol && |
9800 |
++ (!kci->first_module || kci->first_module_symbol < kci->first_module)) |
9801 |
++ kci->first_module = kci->first_module_symbol; |
9802 |
++ |
9803 |
+ kci->first_module = round_down(kci->first_module, page_size); |
9804 |
+ |
9805 |
+ if (kci->last_module_symbol) { |
9806 |
+diff --git a/tools/power/x86/intel_pstate_tracer/intel_pstate_tracer.py b/tools/power/x86/intel_pstate_tracer/intel_pstate_tracer.py |
9807 |
+index 2fa3c5757bcb5..dbed3d213bf17 100755 |
9808 |
+--- a/tools/power/x86/intel_pstate_tracer/intel_pstate_tracer.py |
9809 |
++++ b/tools/power/x86/intel_pstate_tracer/intel_pstate_tracer.py |
9810 |
+@@ -10,11 +10,11 @@ then this utility enables and collects trace data for a user specified interval |
9811 |
+ and generates performance plots. |
9812 |
+ |
9813 |
+ Prerequisites: |
9814 |
+- Python version 2.7.x |
9815 |
++ Python version 2.7.x or higher |
9816 |
+ gnuplot 5.0 or higher |
9817 |
+- gnuplot-py 1.8 |
9818 |
++ gnuplot-py 1.8 or higher |
9819 |
+ (Most of the distributions have these required packages. They may be called |
9820 |
+- gnuplot-py, phython-gnuplot. ) |
9821 |
++ gnuplot-py, phython-gnuplot or phython3-gnuplot, gnuplot-nox, ... ) |
9822 |
+ |
9823 |
+ HWP (Hardware P-States are disabled) |
9824 |
+ Kernel config for Linux trace is enabled |
9825 |
+@@ -180,7 +180,7 @@ def plot_pstate_cpu_with_sample(): |
9826 |
+ g_plot('set xlabel "Samples"') |
9827 |
+ g_plot('set ylabel "P-State"') |
9828 |
+ g_plot('set title "{} : cpu pstate vs. sample : {:%F %H:%M}"'.format(testname, datetime.now())) |
9829 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9830 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9831 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_SAMPLE, C_TO) |
9832 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9833 |
+ g_plot(plot_str) |
9834 |
+@@ -197,7 +197,7 @@ def plot_pstate_cpu(): |
9835 |
+ # the following command is really cool, but doesn't work with the CPU masking option because it aborts on the first missing file. |
9836 |
+ # plot_str = 'plot for [i=0:*] file=sprintf("cpu%03d.csv",i) title_s=sprintf("cpu%03d",i) file using 16:7 pt 7 ps 1 title title_s' |
9837 |
+ # |
9838 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9839 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9840 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_TO) |
9841 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9842 |
+ g_plot(plot_str) |
9843 |
+@@ -211,7 +211,7 @@ def plot_load_cpu(): |
9844 |
+ g_plot('set ylabel "CPU load (percent)"') |
9845 |
+ g_plot('set title "{} : cpu loads : {:%F %H:%M}"'.format(testname, datetime.now())) |
9846 |
+ |
9847 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9848 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9849 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_LOAD) |
9850 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9851 |
+ g_plot(plot_str) |
9852 |
+@@ -225,7 +225,7 @@ def plot_frequency_cpu(): |
9853 |
+ g_plot('set ylabel "CPU Frequency (GHz)"') |
9854 |
+ g_plot('set title "{} : cpu frequencies : {:%F %H:%M}"'.format(testname, datetime.now())) |
9855 |
+ |
9856 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9857 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9858 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_FREQ) |
9859 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9860 |
+ g_plot(plot_str) |
9861 |
+@@ -240,7 +240,7 @@ def plot_duration_cpu(): |
9862 |
+ g_plot('set ylabel "Timer Duration (MilliSeconds)"') |
9863 |
+ g_plot('set title "{} : cpu durations : {:%F %H:%M}"'.format(testname, datetime.now())) |
9864 |
+ |
9865 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9866 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9867 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_DURATION) |
9868 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9869 |
+ g_plot(plot_str) |
9870 |
+@@ -254,7 +254,7 @@ def plot_scaled_cpu(): |
9871 |
+ g_plot('set ylabel "Scaled Busy (Unitless)"') |
9872 |
+ g_plot('set title "{} : cpu scaled busy : {:%F %H:%M}"'.format(testname, datetime.now())) |
9873 |
+ |
9874 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9875 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9876 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_SCALED) |
9877 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9878 |
+ g_plot(plot_str) |
9879 |
+@@ -268,7 +268,7 @@ def plot_boost_cpu(): |
9880 |
+ g_plot('set ylabel "CPU IO Boost (percent)"') |
9881 |
+ g_plot('set title "{} : cpu io boost : {:%F %H:%M}"'.format(testname, datetime.now())) |
9882 |
+ |
9883 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9884 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9885 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_BOOST) |
9886 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9887 |
+ g_plot(plot_str) |
9888 |
+@@ -282,7 +282,7 @@ def plot_ghz_cpu(): |
9889 |
+ g_plot('set ylabel "TSC Frequency (GHz)"') |
9890 |
+ g_plot('set title "{} : cpu TSC Frequencies (Sanity check calculation) : {:%F %H:%M}"'.format(testname, datetime.now())) |
9891 |
+ |
9892 |
+- title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).replace('\n', ' ') |
9893 |
++ title_list = subprocess.check_output('ls cpu???.csv | sed -e \'s/.csv//\'',shell=True).decode('utf-8').replace('\n', ' ') |
9894 |
+ plot_str = "plot for [i in title_list] i.'.csv' using {:d}:{:d} pt 7 ps 1 title i".format(C_ELAPSED, C_GHZ) |
9895 |
+ g_plot('title_list = "{}"'.format(title_list)) |
9896 |
+ g_plot(plot_str) |
9897 |
+diff --git a/tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc b/tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc |
9898 |
+index 27a54a17da65d..f4e92afab14b2 100644 |
9899 |
+--- a/tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc |
9900 |
++++ b/tools/testing/selftests/ftrace/test.d/ftrace/func-filter-glob.tc |
9901 |
+@@ -30,7 +30,7 @@ ftrace_filter_check '*schedule*' '^.*schedule.*$' |
9902 |
+ ftrace_filter_check 'schedule*' '^schedule.*$' |
9903 |
+ |
9904 |
+ # filter by *mid*end |
9905 |
+-ftrace_filter_check '*aw*lock' '.*aw.*lock$' |
9906 |
++ftrace_filter_check '*pin*lock' '.*pin.*lock$' |
9907 |
+ |
9908 |
+ # filter by start*mid* |
9909 |
+ ftrace_filter_check 'mutex*try*' '^mutex.*try.*' |
9910 |
+diff --git a/tools/testing/selftests/x86/syscall_nt.c b/tools/testing/selftests/x86/syscall_nt.c |
9911 |
+index 43fcab367fb0a..74e6b3fc2d09e 100644 |
9912 |
+--- a/tools/testing/selftests/x86/syscall_nt.c |
9913 |
++++ b/tools/testing/selftests/x86/syscall_nt.c |
9914 |
+@@ -67,6 +67,7 @@ static void do_it(unsigned long extraflags) |
9915 |
+ set_eflags(get_eflags() | extraflags); |
9916 |
+ syscall(SYS_getpid); |
9917 |
+ flags = get_eflags(); |
9918 |
++ set_eflags(X86_EFLAGS_IF | X86_EFLAGS_FIXED); |
9919 |
+ if ((flags & extraflags) == extraflags) { |
9920 |
+ printf("[OK]\tThe syscall worked and flags are still set\n"); |
9921 |
+ } else { |
9922 |
+diff --git a/virt/kvm/arm/mmio.c b/virt/kvm/arm/mmio.c |
9923 |
+index 878e0edb2e1b7..ff0a1c6083718 100644 |
9924 |
+--- a/virt/kvm/arm/mmio.c |
9925 |
++++ b/virt/kvm/arm/mmio.c |
9926 |
+@@ -142,7 +142,7 @@ static int decode_hsr(struct kvm_vcpu *vcpu, bool *is_write, int *len) |
9927 |
+ bool sign_extend; |
9928 |
+ bool sixty_four; |
9929 |
+ |
9930 |
+- if (kvm_vcpu_dabt_iss1tw(vcpu)) { |
9931 |
++ if (kvm_vcpu_abt_iss1tw(vcpu)) { |
9932 |
+ /* page table accesses IO mem: tell guest to fix its TTBR */ |
9933 |
+ kvm_inject_dabt(vcpu, kvm_vcpu_get_hfar(vcpu)); |
9934 |
+ return 1; |
9935 |
+diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c |
9936 |
+index 41d6285c3da99..787f7329d1b7f 100644 |
9937 |
+--- a/virt/kvm/arm/mmu.c |
9938 |
++++ b/virt/kvm/arm/mmu.c |
9939 |
+@@ -1282,6 +1282,9 @@ static bool transparent_hugepage_adjust(kvm_pfn_t *pfnp, phys_addr_t *ipap) |
9940 |
+ |
9941 |
+ static bool kvm_is_write_fault(struct kvm_vcpu *vcpu) |
9942 |
+ { |
9943 |
++ if (kvm_vcpu_abt_iss1tw(vcpu)) |
9944 |
++ return true; |
9945 |
++ |
9946 |
+ if (kvm_vcpu_trap_is_iabt(vcpu)) |
9947 |
+ return false; |
9948 |
+ |
9949 |
+@@ -1496,7 +1499,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, |
9950 |
+ unsigned long flags = 0; |
9951 |
+ |
9952 |
+ write_fault = kvm_is_write_fault(vcpu); |
9953 |
+- exec_fault = kvm_vcpu_trap_is_iabt(vcpu); |
9954 |
++ exec_fault = kvm_vcpu_trap_is_exec_fault(vcpu); |
9955 |
+ VM_BUG_ON(write_fault && exec_fault); |
9956 |
+ |
9957 |
+ if (fault_status == FSC_PERM && !write_fault && !exec_fault) { |
9958 |
+diff --git a/virt/kvm/arm/vgic/vgic-init.c b/virt/kvm/arm/vgic/vgic-init.c |
9959 |
+index cd75df25fe140..2fc1777da50d2 100644 |
9960 |
+--- a/virt/kvm/arm/vgic/vgic-init.c |
9961 |
++++ b/virt/kvm/arm/vgic/vgic-init.c |
9962 |
+@@ -187,6 +187,7 @@ static int kvm_vgic_dist_init(struct kvm *kvm, unsigned int nr_spis) |
9963 |
+ break; |
9964 |
+ default: |
9965 |
+ kfree(dist->spis); |
9966 |
++ dist->spis = NULL; |
9967 |
+ return -EINVAL; |
9968 |
+ } |
9969 |
+ } |
9970 |
+diff --git a/virt/kvm/arm/vgic/vgic-its.c b/virt/kvm/arm/vgic/vgic-its.c |
9971 |
+index 9295addea7ecf..f139b1c62ca38 100644 |
9972 |
+--- a/virt/kvm/arm/vgic/vgic-its.c |
9973 |
++++ b/virt/kvm/arm/vgic/vgic-its.c |
9974 |
+@@ -107,14 +107,21 @@ out_unlock: |
9975 |
+ * We "cache" the configuration table entries in our struct vgic_irq's. |
9976 |
+ * However we only have those structs for mapped IRQs, so we read in |
9977 |
+ * the respective config data from memory here upon mapping the LPI. |
9978 |
++ * |
9979 |
++ * Should any of these fail, behave as if we couldn't create the LPI |
9980 |
++ * by dropping the refcount and returning the error. |
9981 |
+ */ |
9982 |
+ ret = update_lpi_config(kvm, irq, NULL, false); |
9983 |
+- if (ret) |
9984 |
++ if (ret) { |
9985 |
++ vgic_put_irq(kvm, irq); |
9986 |
+ return ERR_PTR(ret); |
9987 |
++ } |
9988 |
+ |
9989 |
+ ret = vgic_v3_lpi_sync_pending_status(kvm, irq); |
9990 |
+- if (ret) |
9991 |
++ if (ret) { |
9992 |
++ vgic_put_irq(kvm, irq); |
9993 |
+ return ERR_PTR(ret); |
9994 |
++ } |
9995 |
+ |
9996 |
+ return irq; |
9997 |
+ } |
9998 |
+diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
9999 |
+index 6bd01d12df2ec..9312c7e750ed3 100644 |
10000 |
+--- a/virt/kvm/kvm_main.c |
10001 |
++++ b/virt/kvm/kvm_main.c |
10002 |
+@@ -169,6 +169,7 @@ bool kvm_is_reserved_pfn(kvm_pfn_t pfn) |
10003 |
+ */ |
10004 |
+ if (pfn_valid(pfn)) |
10005 |
+ return PageReserved(pfn_to_page(pfn)) && |
10006 |
++ !is_zero_pfn(pfn) && |
10007 |
+ !kvm_is_zone_device_pfn(pfn); |
10008 |
+ |
10009 |
+ return true; |