1 |
commit: 0bb485efa0b9355b4481e6bfb740233c5b7cc018 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed May 2 16:13:16 2018 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed May 2 16:13:16 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=0bb485ef |
7 |
|
8 |
Linux patch 4.9.98 |
9 |
|
10 |
0000_README | 4 + |
11 |
1097_linux-4.9.98.patch | 2311 +++++++++++++++++++++++++++++++++++++++++++++++ |
12 |
2 files changed, 2315 insertions(+) |
13 |
|
14 |
diff --git a/0000_README b/0000_README |
15 |
index efef388..61cbdec 100644 |
16 |
--- a/0000_README |
17 |
+++ b/0000_README |
18 |
@@ -431,6 +431,10 @@ Patch: 1096_linux-4.9.97.patch |
19 |
From: http://www.kernel.org |
20 |
Desc: Linux 4.9.97 |
21 |
|
22 |
+Patch: 1097_linux-4.9.98.patch |
23 |
+From: http://www.kernel.org |
24 |
+Desc: Linux 4.9.98 |
25 |
+ |
26 |
Patch: 1500_XATTR_USER_PREFIX.patch |
27 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
28 |
Desc: Support for namespace user.pax.* on tmpfs. |
29 |
|
30 |
diff --git a/1097_linux-4.9.98.patch b/1097_linux-4.9.98.patch |
31 |
new file mode 100644 |
32 |
index 0000000..b6c3983 |
33 |
--- /dev/null |
34 |
+++ b/1097_linux-4.9.98.patch |
35 |
@@ -0,0 +1,2311 @@ |
36 |
+diff --git a/Makefile b/Makefile |
37 |
+index ee3e943c3bd9..96d770488ae6 100644 |
38 |
+--- a/Makefile |
39 |
++++ b/Makefile |
40 |
+@@ -1,6 +1,6 @@ |
41 |
+ VERSION = 4 |
42 |
+ PATCHLEVEL = 9 |
43 |
+-SUBLEVEL = 97 |
44 |
++SUBLEVEL = 98 |
45 |
+ EXTRAVERSION = |
46 |
+ NAME = Roaring Lionus |
47 |
+ |
48 |
+diff --git a/arch/powerpc/kernel/eeh_driver.c b/arch/powerpc/kernel/eeh_driver.c |
49 |
+index 6ef8f0bceacd..27843665da9e 100644 |
50 |
+--- a/arch/powerpc/kernel/eeh_driver.c |
51 |
++++ b/arch/powerpc/kernel/eeh_driver.c |
52 |
+@@ -207,18 +207,18 @@ static void *eeh_report_error(void *data, void *userdata) |
53 |
+ |
54 |
+ if (!dev || eeh_dev_removed(edev) || eeh_pe_passed(edev->pe)) |
55 |
+ return NULL; |
56 |
++ |
57 |
++ device_lock(&dev->dev); |
58 |
+ dev->error_state = pci_channel_io_frozen; |
59 |
+ |
60 |
+ driver = eeh_pcid_get(dev); |
61 |
+- if (!driver) return NULL; |
62 |
++ if (!driver) goto out_no_dev; |
63 |
+ |
64 |
+ eeh_disable_irq(dev); |
65 |
+ |
66 |
+ if (!driver->err_handler || |
67 |
+- !driver->err_handler->error_detected) { |
68 |
+- eeh_pcid_put(dev); |
69 |
+- return NULL; |
70 |
+- } |
71 |
++ !driver->err_handler->error_detected) |
72 |
++ goto out; |
73 |
+ |
74 |
+ rc = driver->err_handler->error_detected(dev, pci_channel_io_frozen); |
75 |
+ |
76 |
+@@ -227,7 +227,10 @@ static void *eeh_report_error(void *data, void *userdata) |
77 |
+ if (*res == PCI_ERS_RESULT_NONE) *res = rc; |
78 |
+ |
79 |
+ edev->in_error = true; |
80 |
++out: |
81 |
+ eeh_pcid_put(dev); |
82 |
++out_no_dev: |
83 |
++ device_unlock(&dev->dev); |
84 |
+ return NULL; |
85 |
+ } |
86 |
+ |
87 |
+@@ -250,15 +253,14 @@ static void *eeh_report_mmio_enabled(void *data, void *userdata) |
88 |
+ if (!dev || eeh_dev_removed(edev) || eeh_pe_passed(edev->pe)) |
89 |
+ return NULL; |
90 |
+ |
91 |
++ device_lock(&dev->dev); |
92 |
+ driver = eeh_pcid_get(dev); |
93 |
+- if (!driver) return NULL; |
94 |
++ if (!driver) goto out_no_dev; |
95 |
+ |
96 |
+ if (!driver->err_handler || |
97 |
+ !driver->err_handler->mmio_enabled || |
98 |
+- (edev->mode & EEH_DEV_NO_HANDLER)) { |
99 |
+- eeh_pcid_put(dev); |
100 |
+- return NULL; |
101 |
+- } |
102 |
++ (edev->mode & EEH_DEV_NO_HANDLER)) |
103 |
++ goto out; |
104 |
+ |
105 |
+ rc = driver->err_handler->mmio_enabled(dev); |
106 |
+ |
107 |
+@@ -266,7 +268,10 @@ static void *eeh_report_mmio_enabled(void *data, void *userdata) |
108 |
+ if (rc == PCI_ERS_RESULT_NEED_RESET) *res = rc; |
109 |
+ if (*res == PCI_ERS_RESULT_NONE) *res = rc; |
110 |
+ |
111 |
++out: |
112 |
+ eeh_pcid_put(dev); |
113 |
++out_no_dev: |
114 |
++ device_unlock(&dev->dev); |
115 |
+ return NULL; |
116 |
+ } |
117 |
+ |
118 |
+@@ -289,20 +294,20 @@ static void *eeh_report_reset(void *data, void *userdata) |
119 |
+ |
120 |
+ if (!dev || eeh_dev_removed(edev) || eeh_pe_passed(edev->pe)) |
121 |
+ return NULL; |
122 |
++ |
123 |
++ device_lock(&dev->dev); |
124 |
+ dev->error_state = pci_channel_io_normal; |
125 |
+ |
126 |
+ driver = eeh_pcid_get(dev); |
127 |
+- if (!driver) return NULL; |
128 |
++ if (!driver) goto out_no_dev; |
129 |
+ |
130 |
+ eeh_enable_irq(dev); |
131 |
+ |
132 |
+ if (!driver->err_handler || |
133 |
+ !driver->err_handler->slot_reset || |
134 |
+ (edev->mode & EEH_DEV_NO_HANDLER) || |
135 |
+- (!edev->in_error)) { |
136 |
+- eeh_pcid_put(dev); |
137 |
+- return NULL; |
138 |
+- } |
139 |
++ (!edev->in_error)) |
140 |
++ goto out; |
141 |
+ |
142 |
+ rc = driver->err_handler->slot_reset(dev); |
143 |
+ if ((*res == PCI_ERS_RESULT_NONE) || |
144 |
+@@ -310,7 +315,10 @@ static void *eeh_report_reset(void *data, void *userdata) |
145 |
+ if (*res == PCI_ERS_RESULT_DISCONNECT && |
146 |
+ rc == PCI_ERS_RESULT_NEED_RESET) *res = rc; |
147 |
+ |
148 |
++out: |
149 |
+ eeh_pcid_put(dev); |
150 |
++out_no_dev: |
151 |
++ device_unlock(&dev->dev); |
152 |
+ return NULL; |
153 |
+ } |
154 |
+ |
155 |
+@@ -361,10 +369,12 @@ static void *eeh_report_resume(void *data, void *userdata) |
156 |
+ |
157 |
+ if (!dev || eeh_dev_removed(edev) || eeh_pe_passed(edev->pe)) |
158 |
+ return NULL; |
159 |
++ |
160 |
++ device_lock(&dev->dev); |
161 |
+ dev->error_state = pci_channel_io_normal; |
162 |
+ |
163 |
+ driver = eeh_pcid_get(dev); |
164 |
+- if (!driver) return NULL; |
165 |
++ if (!driver) goto out_no_dev; |
166 |
+ |
167 |
+ was_in_error = edev->in_error; |
168 |
+ edev->in_error = false; |
169 |
+@@ -374,13 +384,15 @@ static void *eeh_report_resume(void *data, void *userdata) |
170 |
+ !driver->err_handler->resume || |
171 |
+ (edev->mode & EEH_DEV_NO_HANDLER) || !was_in_error) { |
172 |
+ edev->mode &= ~EEH_DEV_NO_HANDLER; |
173 |
+- eeh_pcid_put(dev); |
174 |
+- return NULL; |
175 |
++ goto out; |
176 |
+ } |
177 |
+ |
178 |
+ driver->err_handler->resume(dev); |
179 |
+ |
180 |
++out: |
181 |
+ eeh_pcid_put(dev); |
182 |
++out_no_dev: |
183 |
++ device_unlock(&dev->dev); |
184 |
+ return NULL; |
185 |
+ } |
186 |
+ |
187 |
+@@ -400,22 +412,25 @@ static void *eeh_report_failure(void *data, void *userdata) |
188 |
+ |
189 |
+ if (!dev || eeh_dev_removed(edev) || eeh_pe_passed(edev->pe)) |
190 |
+ return NULL; |
191 |
++ |
192 |
++ device_lock(&dev->dev); |
193 |
+ dev->error_state = pci_channel_io_perm_failure; |
194 |
+ |
195 |
+ driver = eeh_pcid_get(dev); |
196 |
+- if (!driver) return NULL; |
197 |
++ if (!driver) goto out_no_dev; |
198 |
+ |
199 |
+ eeh_disable_irq(dev); |
200 |
+ |
201 |
+ if (!driver->err_handler || |
202 |
+- !driver->err_handler->error_detected) { |
203 |
+- eeh_pcid_put(dev); |
204 |
+- return NULL; |
205 |
+- } |
206 |
++ !driver->err_handler->error_detected) |
207 |
++ goto out; |
208 |
+ |
209 |
+ driver->err_handler->error_detected(dev, pci_channel_io_perm_failure); |
210 |
+ |
211 |
++out: |
212 |
+ eeh_pcid_put(dev); |
213 |
++out_no_dev: |
214 |
++ device_unlock(&dev->dev); |
215 |
+ return NULL; |
216 |
+ } |
217 |
+ |
218 |
+diff --git a/arch/powerpc/platforms/powernv/opal-rtc.c b/arch/powerpc/platforms/powernv/opal-rtc.c |
219 |
+index f8868864f373..aa2a5139462e 100644 |
220 |
+--- a/arch/powerpc/platforms/powernv/opal-rtc.c |
221 |
++++ b/arch/powerpc/platforms/powernv/opal-rtc.c |
222 |
+@@ -48,10 +48,12 @@ unsigned long __init opal_get_boot_time(void) |
223 |
+ |
224 |
+ while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) { |
225 |
+ rc = opal_rtc_read(&__y_m_d, &__h_m_s_ms); |
226 |
+- if (rc == OPAL_BUSY_EVENT) |
227 |
++ if (rc == OPAL_BUSY_EVENT) { |
228 |
++ mdelay(OPAL_BUSY_DELAY_MS); |
229 |
+ opal_poll_events(NULL); |
230 |
+- else if (rc == OPAL_BUSY) |
231 |
+- mdelay(10); |
232 |
++ } else if (rc == OPAL_BUSY) { |
233 |
++ mdelay(OPAL_BUSY_DELAY_MS); |
234 |
++ } |
235 |
+ } |
236 |
+ if (rc != OPAL_SUCCESS) |
237 |
+ return 0; |
238 |
+diff --git a/arch/x86/include/uapi/asm/msgbuf.h b/arch/x86/include/uapi/asm/msgbuf.h |
239 |
+index 809134c644a6..90ab9a795b49 100644 |
240 |
+--- a/arch/x86/include/uapi/asm/msgbuf.h |
241 |
++++ b/arch/x86/include/uapi/asm/msgbuf.h |
242 |
+@@ -1 +1,32 @@ |
243 |
++/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ |
244 |
++#ifndef __ASM_X64_MSGBUF_H |
245 |
++#define __ASM_X64_MSGBUF_H |
246 |
++ |
247 |
++#if !defined(__x86_64__) || !defined(__ILP32__) |
248 |
+ #include <asm-generic/msgbuf.h> |
249 |
++#else |
250 |
++/* |
251 |
++ * The msqid64_ds structure for x86 architecture with x32 ABI. |
252 |
++ * |
253 |
++ * On x86-32 and x86-64 we can just use the generic definition, but |
254 |
++ * x32 uses the same binary layout as x86_64, which is differnet |
255 |
++ * from other 32-bit architectures. |
256 |
++ */ |
257 |
++ |
258 |
++struct msqid64_ds { |
259 |
++ struct ipc64_perm msg_perm; |
260 |
++ __kernel_time_t msg_stime; /* last msgsnd time */ |
261 |
++ __kernel_time_t msg_rtime; /* last msgrcv time */ |
262 |
++ __kernel_time_t msg_ctime; /* last change time */ |
263 |
++ __kernel_ulong_t msg_cbytes; /* current number of bytes on queue */ |
264 |
++ __kernel_ulong_t msg_qnum; /* number of messages in queue */ |
265 |
++ __kernel_ulong_t msg_qbytes; /* max number of bytes on queue */ |
266 |
++ __kernel_pid_t msg_lspid; /* pid of last msgsnd */ |
267 |
++ __kernel_pid_t msg_lrpid; /* last receive pid */ |
268 |
++ __kernel_ulong_t __unused4; |
269 |
++ __kernel_ulong_t __unused5; |
270 |
++}; |
271 |
++ |
272 |
++#endif |
273 |
++ |
274 |
++#endif /* __ASM_GENERIC_MSGBUF_H */ |
275 |
+diff --git a/arch/x86/include/uapi/asm/shmbuf.h b/arch/x86/include/uapi/asm/shmbuf.h |
276 |
+index 83c05fc2de38..644421f3823b 100644 |
277 |
+--- a/arch/x86/include/uapi/asm/shmbuf.h |
278 |
++++ b/arch/x86/include/uapi/asm/shmbuf.h |
279 |
+@@ -1 +1,43 @@ |
280 |
++/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ |
281 |
++#ifndef __ASM_X86_SHMBUF_H |
282 |
++#define __ASM_X86_SHMBUF_H |
283 |
++ |
284 |
++#if !defined(__x86_64__) || !defined(__ILP32__) |
285 |
+ #include <asm-generic/shmbuf.h> |
286 |
++#else |
287 |
++/* |
288 |
++ * The shmid64_ds structure for x86 architecture with x32 ABI. |
289 |
++ * |
290 |
++ * On x86-32 and x86-64 we can just use the generic definition, but |
291 |
++ * x32 uses the same binary layout as x86_64, which is differnet |
292 |
++ * from other 32-bit architectures. |
293 |
++ */ |
294 |
++ |
295 |
++struct shmid64_ds { |
296 |
++ struct ipc64_perm shm_perm; /* operation perms */ |
297 |
++ size_t shm_segsz; /* size of segment (bytes) */ |
298 |
++ __kernel_time_t shm_atime; /* last attach time */ |
299 |
++ __kernel_time_t shm_dtime; /* last detach time */ |
300 |
++ __kernel_time_t shm_ctime; /* last change time */ |
301 |
++ __kernel_pid_t shm_cpid; /* pid of creator */ |
302 |
++ __kernel_pid_t shm_lpid; /* pid of last operator */ |
303 |
++ __kernel_ulong_t shm_nattch; /* no. of current attaches */ |
304 |
++ __kernel_ulong_t __unused4; |
305 |
++ __kernel_ulong_t __unused5; |
306 |
++}; |
307 |
++ |
308 |
++struct shminfo64 { |
309 |
++ __kernel_ulong_t shmmax; |
310 |
++ __kernel_ulong_t shmmin; |
311 |
++ __kernel_ulong_t shmmni; |
312 |
++ __kernel_ulong_t shmseg; |
313 |
++ __kernel_ulong_t shmall; |
314 |
++ __kernel_ulong_t __unused1; |
315 |
++ __kernel_ulong_t __unused2; |
316 |
++ __kernel_ulong_t __unused3; |
317 |
++ __kernel_ulong_t __unused4; |
318 |
++}; |
319 |
++ |
320 |
++#endif |
321 |
++ |
322 |
++#endif /* __ASM_X86_SHMBUF_H */ |
323 |
+diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c |
324 |
+index 4bcd30c87531..79291d6fb301 100644 |
325 |
+--- a/arch/x86/kernel/cpu/microcode/intel.c |
326 |
++++ b/arch/x86/kernel/cpu/microcode/intel.c |
327 |
+@@ -474,7 +474,6 @@ static void show_saved_mc(void) |
328 |
+ */ |
329 |
+ static void save_mc_for_early(u8 *mc) |
330 |
+ { |
331 |
+-#ifdef CONFIG_HOTPLUG_CPU |
332 |
+ /* Synchronization during CPU hotplug. */ |
333 |
+ static DEFINE_MUTEX(x86_cpu_microcode_mutex); |
334 |
+ |
335 |
+@@ -521,7 +520,6 @@ static void save_mc_for_early(u8 *mc) |
336 |
+ |
337 |
+ out: |
338 |
+ mutex_unlock(&x86_cpu_microcode_mutex); |
339 |
+-#endif |
340 |
+ } |
341 |
+ |
342 |
+ static bool __init load_builtin_intel_microcode(struct cpio_data *cp) |
343 |
+diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c |
344 |
+index e803d72ef525..83929cc47a4b 100644 |
345 |
+--- a/arch/x86/kernel/smpboot.c |
346 |
++++ b/arch/x86/kernel/smpboot.c |
347 |
+@@ -1591,6 +1591,8 @@ static inline void mwait_play_dead(void) |
348 |
+ void *mwait_ptr; |
349 |
+ int i; |
350 |
+ |
351 |
++ if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD) |
352 |
++ return; |
353 |
+ if (!this_cpu_has(X86_FEATURE_MWAIT)) |
354 |
+ return; |
355 |
+ if (!this_cpu_has(X86_FEATURE_CLFLUSH)) |
356 |
+diff --git a/crypto/drbg.c b/crypto/drbg.c |
357 |
+index 942ddff68408..4bb5f93c94cd 100644 |
358 |
+--- a/crypto/drbg.c |
359 |
++++ b/crypto/drbg.c |
360 |
+@@ -1134,8 +1134,10 @@ static inline void drbg_dealloc_state(struct drbg_state *drbg) |
361 |
+ if (!drbg) |
362 |
+ return; |
363 |
+ kzfree(drbg->Vbuf); |
364 |
++ drbg->Vbuf = NULL; |
365 |
+ drbg->V = NULL; |
366 |
+ kzfree(drbg->Cbuf); |
367 |
++ drbg->Cbuf = NULL; |
368 |
+ drbg->C = NULL; |
369 |
+ kzfree(drbg->scratchpadbuf); |
370 |
+ drbg->scratchpadbuf = NULL; |
371 |
+diff --git a/drivers/amba/bus.c b/drivers/amba/bus.c |
372 |
+index a56fa2a1e9aa..93888ccb4e26 100644 |
373 |
+--- a/drivers/amba/bus.c |
374 |
++++ b/drivers/amba/bus.c |
375 |
+@@ -69,11 +69,12 @@ static ssize_t driver_override_show(struct device *_dev, |
376 |
+ struct device_attribute *attr, char *buf) |
377 |
+ { |
378 |
+ struct amba_device *dev = to_amba_device(_dev); |
379 |
++ ssize_t len; |
380 |
+ |
381 |
+- if (!dev->driver_override) |
382 |
+- return 0; |
383 |
+- |
384 |
+- return sprintf(buf, "%s\n", dev->driver_override); |
385 |
++ device_lock(_dev); |
386 |
++ len = sprintf(buf, "%s\n", dev->driver_override); |
387 |
++ device_unlock(_dev); |
388 |
++ return len; |
389 |
+ } |
390 |
+ |
391 |
+ static ssize_t driver_override_store(struct device *_dev, |
392 |
+@@ -81,9 +82,10 @@ static ssize_t driver_override_store(struct device *_dev, |
393 |
+ const char *buf, size_t count) |
394 |
+ { |
395 |
+ struct amba_device *dev = to_amba_device(_dev); |
396 |
+- char *driver_override, *old = dev->driver_override, *cp; |
397 |
++ char *driver_override, *old, *cp; |
398 |
+ |
399 |
+- if (count > PATH_MAX) |
400 |
++ /* We need to keep extra room for a newline */ |
401 |
++ if (count >= (PAGE_SIZE - 1)) |
402 |
+ return -EINVAL; |
403 |
+ |
404 |
+ driver_override = kstrndup(buf, count, GFP_KERNEL); |
405 |
+@@ -94,12 +96,15 @@ static ssize_t driver_override_store(struct device *_dev, |
406 |
+ if (cp) |
407 |
+ *cp = '\0'; |
408 |
+ |
409 |
++ device_lock(_dev); |
410 |
++ old = dev->driver_override; |
411 |
+ if (strlen(driver_override)) { |
412 |
+ dev->driver_override = driver_override; |
413 |
+ } else { |
414 |
+ kfree(driver_override); |
415 |
+ dev->driver_override = NULL; |
416 |
+ } |
417 |
++ device_unlock(_dev); |
418 |
+ |
419 |
+ kfree(old); |
420 |
+ |
421 |
+diff --git a/drivers/char/random.c b/drivers/char/random.c |
422 |
+index 8d08a8062904..ddeac4eefd0a 100644 |
423 |
+--- a/drivers/char/random.c |
424 |
++++ b/drivers/char/random.c |
425 |
+@@ -259,6 +259,7 @@ |
426 |
+ #include <linux/kmemcheck.h> |
427 |
+ #include <linux/workqueue.h> |
428 |
+ #include <linux/irq.h> |
429 |
++#include <linux/ratelimit.h> |
430 |
+ #include <linux/syscalls.h> |
431 |
+ #include <linux/completion.h> |
432 |
+ #include <linux/uuid.h> |
433 |
+@@ -444,6 +445,16 @@ static void _crng_backtrack_protect(struct crng_state *crng, |
434 |
+ __u8 tmp[CHACHA20_BLOCK_SIZE], int used); |
435 |
+ static void process_random_ready_list(void); |
436 |
+ |
437 |
++static struct ratelimit_state unseeded_warning = |
438 |
++ RATELIMIT_STATE_INIT("warn_unseeded_randomness", HZ, 3); |
439 |
++static struct ratelimit_state urandom_warning = |
440 |
++ RATELIMIT_STATE_INIT("warn_urandom_randomness", HZ, 3); |
441 |
++ |
442 |
++static int ratelimit_disable __read_mostly; |
443 |
++ |
444 |
++module_param_named(ratelimit_disable, ratelimit_disable, int, 0644); |
445 |
++MODULE_PARM_DESC(ratelimit_disable, "Disable random ratelimit suppression"); |
446 |
++ |
447 |
+ /********************************************************************** |
448 |
+ * |
449 |
+ * OS independent entropy store. Here are the functions which handle |
450 |
+@@ -819,6 +830,39 @@ static int crng_fast_load(const char *cp, size_t len) |
451 |
+ return 1; |
452 |
+ } |
453 |
+ |
454 |
++#ifdef CONFIG_NUMA |
455 |
++static void do_numa_crng_init(struct work_struct *work) |
456 |
++{ |
457 |
++ int i; |
458 |
++ struct crng_state *crng; |
459 |
++ struct crng_state **pool; |
460 |
++ |
461 |
++ pool = kcalloc(nr_node_ids, sizeof(*pool), GFP_KERNEL|__GFP_NOFAIL); |
462 |
++ for_each_online_node(i) { |
463 |
++ crng = kmalloc_node(sizeof(struct crng_state), |
464 |
++ GFP_KERNEL | __GFP_NOFAIL, i); |
465 |
++ spin_lock_init(&crng->lock); |
466 |
++ crng_initialize(crng); |
467 |
++ pool[i] = crng; |
468 |
++ } |
469 |
++ mb(); |
470 |
++ if (cmpxchg(&crng_node_pool, NULL, pool)) { |
471 |
++ for_each_node(i) |
472 |
++ kfree(pool[i]); |
473 |
++ kfree(pool); |
474 |
++ } |
475 |
++} |
476 |
++ |
477 |
++static DECLARE_WORK(numa_crng_init_work, do_numa_crng_init); |
478 |
++ |
479 |
++static void numa_crng_init(void) |
480 |
++{ |
481 |
++ schedule_work(&numa_crng_init_work); |
482 |
++} |
483 |
++#else |
484 |
++static void numa_crng_init(void) {} |
485 |
++#endif |
486 |
++ |
487 |
+ static void crng_reseed(struct crng_state *crng, struct entropy_store *r) |
488 |
+ { |
489 |
+ unsigned long flags; |
490 |
+@@ -848,10 +892,23 @@ static void crng_reseed(struct crng_state *crng, struct entropy_store *r) |
491 |
+ memzero_explicit(&buf, sizeof(buf)); |
492 |
+ crng->init_time = jiffies; |
493 |
+ if (crng == &primary_crng && crng_init < 2) { |
494 |
++ numa_crng_init(); |
495 |
+ crng_init = 2; |
496 |
+ process_random_ready_list(); |
497 |
+ wake_up_interruptible(&crng_init_wait); |
498 |
+ pr_notice("random: crng init done\n"); |
499 |
++ if (unseeded_warning.missed) { |
500 |
++ pr_notice("random: %d get_random_xx warning(s) missed " |
501 |
++ "due to ratelimiting\n", |
502 |
++ unseeded_warning.missed); |
503 |
++ unseeded_warning.missed = 0; |
504 |
++ } |
505 |
++ if (urandom_warning.missed) { |
506 |
++ pr_notice("random: %d urandom warning(s) missed " |
507 |
++ "due to ratelimiting\n", |
508 |
++ urandom_warning.missed); |
509 |
++ urandom_warning.missed = 0; |
510 |
++ } |
511 |
+ } |
512 |
+ spin_unlock_irqrestore(&crng->lock, flags); |
513 |
+ } |
514 |
+@@ -1661,29 +1718,14 @@ static void init_std_data(struct entropy_store *r) |
515 |
+ */ |
516 |
+ static int rand_initialize(void) |
517 |
+ { |
518 |
+-#ifdef CONFIG_NUMA |
519 |
+- int i; |
520 |
+- struct crng_state *crng; |
521 |
+- struct crng_state **pool; |
522 |
+-#endif |
523 |
+- |
524 |
+ init_std_data(&input_pool); |
525 |
+ init_std_data(&blocking_pool); |
526 |
+ crng_initialize(&primary_crng); |
527 |
+ crng_global_init_time = jiffies; |
528 |
+- |
529 |
+-#ifdef CONFIG_NUMA |
530 |
+- pool = kcalloc(nr_node_ids, sizeof(*pool), GFP_KERNEL|__GFP_NOFAIL); |
531 |
+- for_each_online_node(i) { |
532 |
+- crng = kmalloc_node(sizeof(struct crng_state), |
533 |
+- GFP_KERNEL | __GFP_NOFAIL, i); |
534 |
+- spin_lock_init(&crng->lock); |
535 |
+- crng_initialize(crng); |
536 |
+- pool[i] = crng; |
537 |
++ if (ratelimit_disable) { |
538 |
++ urandom_warning.interval = 0; |
539 |
++ unseeded_warning.interval = 0; |
540 |
+ } |
541 |
+- mb(); |
542 |
+- crng_node_pool = pool; |
543 |
+-#endif |
544 |
+ return 0; |
545 |
+ } |
546 |
+ early_initcall(rand_initialize); |
547 |
+@@ -1751,9 +1793,10 @@ urandom_read(struct file *file, char __user *buf, size_t nbytes, loff_t *ppos) |
548 |
+ |
549 |
+ if (!crng_ready() && maxwarn > 0) { |
550 |
+ maxwarn--; |
551 |
+- printk(KERN_NOTICE "random: %s: uninitialized urandom read " |
552 |
+- "(%zd bytes read)\n", |
553 |
+- current->comm, nbytes); |
554 |
++ if (__ratelimit(&urandom_warning)) |
555 |
++ printk(KERN_NOTICE "random: %s: uninitialized " |
556 |
++ "urandom read (%zd bytes read)\n", |
557 |
++ current->comm, nbytes); |
558 |
+ spin_lock_irqsave(&primary_crng.lock, flags); |
559 |
+ crng_init_cnt = 0; |
560 |
+ spin_unlock_irqrestore(&primary_crng.lock, flags); |
561 |
+diff --git a/drivers/char/virtio_console.c b/drivers/char/virtio_console.c |
562 |
+index 8f890c1aca57..8c0017d48571 100644 |
563 |
+--- a/drivers/char/virtio_console.c |
564 |
++++ b/drivers/char/virtio_console.c |
565 |
+@@ -1405,7 +1405,6 @@ static int add_port(struct ports_device *portdev, u32 id) |
566 |
+ { |
567 |
+ char debugfs_name[16]; |
568 |
+ struct port *port; |
569 |
+- struct port_buffer *buf; |
570 |
+ dev_t devt; |
571 |
+ unsigned int nr_added_bufs; |
572 |
+ int err; |
573 |
+@@ -1516,8 +1515,6 @@ static int add_port(struct ports_device *portdev, u32 id) |
574 |
+ return 0; |
575 |
+ |
576 |
+ free_inbufs: |
577 |
+- while ((buf = virtqueue_detach_unused_buf(port->in_vq))) |
578 |
+- free_buf(buf, true); |
579 |
+ free_device: |
580 |
+ device_destroy(pdrvdata.class, port->dev->devt); |
581 |
+ free_cdev: |
582 |
+@@ -1542,34 +1539,14 @@ static void remove_port(struct kref *kref) |
583 |
+ |
584 |
+ static void remove_port_data(struct port *port) |
585 |
+ { |
586 |
+- struct port_buffer *buf; |
587 |
+- |
588 |
+ spin_lock_irq(&port->inbuf_lock); |
589 |
+ /* Remove unused data this port might have received. */ |
590 |
+ discard_port_data(port); |
591 |
+ spin_unlock_irq(&port->inbuf_lock); |
592 |
+ |
593 |
+- /* Remove buffers we queued up for the Host to send us data in. */ |
594 |
+- do { |
595 |
+- spin_lock_irq(&port->inbuf_lock); |
596 |
+- buf = virtqueue_detach_unused_buf(port->in_vq); |
597 |
+- spin_unlock_irq(&port->inbuf_lock); |
598 |
+- if (buf) |
599 |
+- free_buf(buf, true); |
600 |
+- } while (buf); |
601 |
+- |
602 |
+ spin_lock_irq(&port->outvq_lock); |
603 |
+ reclaim_consumed_buffers(port); |
604 |
+ spin_unlock_irq(&port->outvq_lock); |
605 |
+- |
606 |
+- /* Free pending buffers from the out-queue. */ |
607 |
+- do { |
608 |
+- spin_lock_irq(&port->outvq_lock); |
609 |
+- buf = virtqueue_detach_unused_buf(port->out_vq); |
610 |
+- spin_unlock_irq(&port->outvq_lock); |
611 |
+- if (buf) |
612 |
+- free_buf(buf, true); |
613 |
+- } while (buf); |
614 |
+ } |
615 |
+ |
616 |
+ /* |
617 |
+@@ -1794,13 +1771,24 @@ static void control_work_handler(struct work_struct *work) |
618 |
+ spin_unlock(&portdev->c_ivq_lock); |
619 |
+ } |
620 |
+ |
621 |
++static void flush_bufs(struct virtqueue *vq, bool can_sleep) |
622 |
++{ |
623 |
++ struct port_buffer *buf; |
624 |
++ unsigned int len; |
625 |
++ |
626 |
++ while ((buf = virtqueue_get_buf(vq, &len))) |
627 |
++ free_buf(buf, can_sleep); |
628 |
++} |
629 |
++ |
630 |
+ static void out_intr(struct virtqueue *vq) |
631 |
+ { |
632 |
+ struct port *port; |
633 |
+ |
634 |
+ port = find_port_by_vq(vq->vdev->priv, vq); |
635 |
+- if (!port) |
636 |
++ if (!port) { |
637 |
++ flush_bufs(vq, false); |
638 |
+ return; |
639 |
++ } |
640 |
+ |
641 |
+ wake_up_interruptible(&port->waitqueue); |
642 |
+ } |
643 |
+@@ -1811,8 +1799,10 @@ static void in_intr(struct virtqueue *vq) |
644 |
+ unsigned long flags; |
645 |
+ |
646 |
+ port = find_port_by_vq(vq->vdev->priv, vq); |
647 |
+- if (!port) |
648 |
++ if (!port) { |
649 |
++ flush_bufs(vq, false); |
650 |
+ return; |
651 |
++ } |
652 |
+ |
653 |
+ spin_lock_irqsave(&port->inbuf_lock, flags); |
654 |
+ port->inbuf = get_inbuf(port); |
655 |
+@@ -1987,6 +1977,15 @@ static const struct file_operations portdev_fops = { |
656 |
+ |
657 |
+ static void remove_vqs(struct ports_device *portdev) |
658 |
+ { |
659 |
++ struct virtqueue *vq; |
660 |
++ |
661 |
++ virtio_device_for_each_vq(portdev->vdev, vq) { |
662 |
++ struct port_buffer *buf; |
663 |
++ |
664 |
++ flush_bufs(vq, true); |
665 |
++ while ((buf = virtqueue_detach_unused_buf(vq))) |
666 |
++ free_buf(buf, true); |
667 |
++ } |
668 |
+ portdev->vdev->config->del_vqs(portdev->vdev); |
669 |
+ kfree(portdev->in_vqs); |
670 |
+ kfree(portdev->out_vqs); |
671 |
+diff --git a/drivers/cpufreq/powernv-cpufreq.c b/drivers/cpufreq/powernv-cpufreq.c |
672 |
+index 6fb3cd24c1b6..a1d7fa48229d 100644 |
673 |
+--- a/drivers/cpufreq/powernv-cpufreq.c |
674 |
++++ b/drivers/cpufreq/powernv-cpufreq.c |
675 |
+@@ -599,6 +599,16 @@ void gpstate_timer_handler(unsigned long data) |
676 |
+ |
677 |
+ if (!spin_trylock(&gpstates->gpstate_lock)) |
678 |
+ return; |
679 |
++ /* |
680 |
++ * If the timer has migrated to the different cpu then bring |
681 |
++ * it back to one of the policy->cpus |
682 |
++ */ |
683 |
++ if (!cpumask_test_cpu(raw_smp_processor_id(), policy->cpus)) { |
684 |
++ gpstates->timer.expires = jiffies + msecs_to_jiffies(1); |
685 |
++ add_timer_on(&gpstates->timer, cpumask_first(policy->cpus)); |
686 |
++ spin_unlock(&gpstates->gpstate_lock); |
687 |
++ return; |
688 |
++ } |
689 |
+ |
690 |
+ gpstates->last_sampled_time += time_diff; |
691 |
+ gpstates->elapsed_time += time_diff; |
692 |
+@@ -626,10 +636,8 @@ void gpstate_timer_handler(unsigned long data) |
693 |
+ gpstates->last_gpstate_idx = pstate_to_idx(freq_data.gpstate_id); |
694 |
+ gpstates->last_lpstate_idx = pstate_to_idx(freq_data.pstate_id); |
695 |
+ |
696 |
++ set_pstate(&freq_data); |
697 |
+ spin_unlock(&gpstates->gpstate_lock); |
698 |
+- |
699 |
+- /* Timer may get migrated to a different cpu on cpu hot unplug */ |
700 |
+- smp_call_function_any(policy->cpus, set_pstate, &freq_data, 1); |
701 |
+ } |
702 |
+ |
703 |
+ /* |
704 |
+diff --git a/drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c b/drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c |
705 |
+index a88d365be4c5..564362e8b486 100644 |
706 |
+--- a/drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c |
707 |
++++ b/drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c |
708 |
+@@ -1484,10 +1484,11 @@ static const u32 sgpr_init_compute_shader[] = |
709 |
+ static const u32 vgpr_init_regs[] = |
710 |
+ { |
711 |
+ mmCOMPUTE_STATIC_THREAD_MGMT_SE0, 0xffffffff, |
712 |
+- mmCOMPUTE_RESOURCE_LIMITS, 0, |
713 |
++ mmCOMPUTE_RESOURCE_LIMITS, 0x1000000, /* CU_GROUP_COUNT=1 */ |
714 |
+ mmCOMPUTE_NUM_THREAD_X, 256*4, |
715 |
+ mmCOMPUTE_NUM_THREAD_Y, 1, |
716 |
+ mmCOMPUTE_NUM_THREAD_Z, 1, |
717 |
++ mmCOMPUTE_PGM_RSRC1, 0x100004f, /* VGPRS=15 (64 logical VGPRs), SGPRS=1 (16 SGPRs), BULKY=1 */ |
718 |
+ mmCOMPUTE_PGM_RSRC2, 20, |
719 |
+ mmCOMPUTE_USER_DATA_0, 0xedcedc00, |
720 |
+ mmCOMPUTE_USER_DATA_1, 0xedcedc01, |
721 |
+@@ -1504,10 +1505,11 @@ static const u32 vgpr_init_regs[] = |
722 |
+ static const u32 sgpr1_init_regs[] = |
723 |
+ { |
724 |
+ mmCOMPUTE_STATIC_THREAD_MGMT_SE0, 0x0f, |
725 |
+- mmCOMPUTE_RESOURCE_LIMITS, 0x1000000, |
726 |
++ mmCOMPUTE_RESOURCE_LIMITS, 0x1000000, /* CU_GROUP_COUNT=1 */ |
727 |
+ mmCOMPUTE_NUM_THREAD_X, 256*5, |
728 |
+ mmCOMPUTE_NUM_THREAD_Y, 1, |
729 |
+ mmCOMPUTE_NUM_THREAD_Z, 1, |
730 |
++ mmCOMPUTE_PGM_RSRC1, 0x240, /* SGPRS=9 (80 GPRS) */ |
731 |
+ mmCOMPUTE_PGM_RSRC2, 20, |
732 |
+ mmCOMPUTE_USER_DATA_0, 0xedcedc00, |
733 |
+ mmCOMPUTE_USER_DATA_1, 0xedcedc01, |
734 |
+@@ -1528,6 +1530,7 @@ static const u32 sgpr2_init_regs[] = |
735 |
+ mmCOMPUTE_NUM_THREAD_X, 256*5, |
736 |
+ mmCOMPUTE_NUM_THREAD_Y, 1, |
737 |
+ mmCOMPUTE_NUM_THREAD_Z, 1, |
738 |
++ mmCOMPUTE_PGM_RSRC1, 0x240, /* SGPRS=9 (80 GPRS) */ |
739 |
+ mmCOMPUTE_PGM_RSRC2, 20, |
740 |
+ mmCOMPUTE_USER_DATA_0, 0xedcedc00, |
741 |
+ mmCOMPUTE_USER_DATA_1, 0xedcedc01, |
742 |
+diff --git a/drivers/gpu/drm/virtio/virtgpu_vq.c b/drivers/gpu/drm/virtio/virtgpu_vq.c |
743 |
+index 5a0f8a745b9d..52436b3c01bb 100644 |
744 |
+--- a/drivers/gpu/drm/virtio/virtgpu_vq.c |
745 |
++++ b/drivers/gpu/drm/virtio/virtgpu_vq.c |
746 |
+@@ -324,7 +324,7 @@ static int virtio_gpu_queue_ctrl_buffer_locked(struct virtio_gpu_device *vgdev, |
747 |
+ ret = virtqueue_add_sgs(vq, sgs, outcnt, incnt, vbuf, GFP_ATOMIC); |
748 |
+ if (ret == -ENOSPC) { |
749 |
+ spin_unlock(&vgdev->ctrlq.qlock); |
750 |
+- wait_event(vgdev->ctrlq.ack_queue, vq->num_free); |
751 |
++ wait_event(vgdev->ctrlq.ack_queue, vq->num_free >= outcnt + incnt); |
752 |
+ spin_lock(&vgdev->ctrlq.qlock); |
753 |
+ goto retry; |
754 |
+ } else { |
755 |
+@@ -399,7 +399,7 @@ static int virtio_gpu_queue_cursor(struct virtio_gpu_device *vgdev, |
756 |
+ ret = virtqueue_add_sgs(vq, sgs, outcnt, 0, vbuf, GFP_ATOMIC); |
757 |
+ if (ret == -ENOSPC) { |
758 |
+ spin_unlock(&vgdev->cursorq.qlock); |
759 |
+- wait_event(vgdev->cursorq.ack_queue, vq->num_free); |
760 |
++ wait_event(vgdev->cursorq.ack_queue, vq->num_free >= outcnt); |
761 |
+ spin_lock(&vgdev->cursorq.qlock); |
762 |
+ goto retry; |
763 |
+ } else { |
764 |
+diff --git a/drivers/mtd/chips/cfi_cmdset_0001.c b/drivers/mtd/chips/cfi_cmdset_0001.c |
765 |
+index 5e1b68cbcd0a..e1b603ca0170 100644 |
766 |
+--- a/drivers/mtd/chips/cfi_cmdset_0001.c |
767 |
++++ b/drivers/mtd/chips/cfi_cmdset_0001.c |
768 |
+@@ -45,6 +45,7 @@ |
769 |
+ #define I82802AB 0x00ad |
770 |
+ #define I82802AC 0x00ac |
771 |
+ #define PF38F4476 0x881c |
772 |
++#define M28F00AP30 0x8963 |
773 |
+ /* STMicroelectronics chips */ |
774 |
+ #define M50LPW080 0x002F |
775 |
+ #define M50FLW080A 0x0080 |
776 |
+@@ -375,6 +376,17 @@ static void cfi_fixup_major_minor(struct cfi_private *cfi, |
777 |
+ extp->MinorVersion = '1'; |
778 |
+ } |
779 |
+ |
780 |
++static int cfi_is_micron_28F00AP30(struct cfi_private *cfi, struct flchip *chip) |
781 |
++{ |
782 |
++ /* |
783 |
++ * Micron(was Numonyx) 1Gbit bottom boot are buggy w.r.t |
784 |
++ * Erase Supend for their small Erase Blocks(0x8000) |
785 |
++ */ |
786 |
++ if (cfi->mfr == CFI_MFR_INTEL && cfi->id == M28F00AP30) |
787 |
++ return 1; |
788 |
++ return 0; |
789 |
++} |
790 |
++ |
791 |
+ static inline struct cfi_pri_intelext * |
792 |
+ read_pri_intelext(struct map_info *map, __u16 adr) |
793 |
+ { |
794 |
+@@ -831,21 +843,30 @@ static int chip_ready (struct map_info *map, struct flchip *chip, unsigned long |
795 |
+ (mode == FL_WRITING && (cfip->SuspendCmdSupport & 1)))) |
796 |
+ goto sleep; |
797 |
+ |
798 |
++ /* Do not allow suspend iff read/write to EB address */ |
799 |
++ if ((adr & chip->in_progress_block_mask) == |
800 |
++ chip->in_progress_block_addr) |
801 |
++ goto sleep; |
802 |
++ |
803 |
++ /* do not suspend small EBs, buggy Micron Chips */ |
804 |
++ if (cfi_is_micron_28F00AP30(cfi, chip) && |
805 |
++ (chip->in_progress_block_mask == ~(0x8000-1))) |
806 |
++ goto sleep; |
807 |
+ |
808 |
+ /* Erase suspend */ |
809 |
+- map_write(map, CMD(0xB0), adr); |
810 |
++ map_write(map, CMD(0xB0), chip->in_progress_block_addr); |
811 |
+ |
812 |
+ /* If the flash has finished erasing, then 'erase suspend' |
813 |
+ * appears to make some (28F320) flash devices switch to |
814 |
+ * 'read' mode. Make sure that we switch to 'read status' |
815 |
+ * mode so we get the right data. --rmk |
816 |
+ */ |
817 |
+- map_write(map, CMD(0x70), adr); |
818 |
++ map_write(map, CMD(0x70), chip->in_progress_block_addr); |
819 |
+ chip->oldstate = FL_ERASING; |
820 |
+ chip->state = FL_ERASE_SUSPENDING; |
821 |
+ chip->erase_suspended = 1; |
822 |
+ for (;;) { |
823 |
+- status = map_read(map, adr); |
824 |
++ status = map_read(map, chip->in_progress_block_addr); |
825 |
+ if (map_word_andequal(map, status, status_OK, status_OK)) |
826 |
+ break; |
827 |
+ |
828 |
+@@ -1041,8 +1062,8 @@ static void put_chip(struct map_info *map, struct flchip *chip, unsigned long ad |
829 |
+ sending the 0x70 (Read Status) command to an erasing |
830 |
+ chip and expecting it to be ignored, that's what we |
831 |
+ do. */ |
832 |
+- map_write(map, CMD(0xd0), adr); |
833 |
+- map_write(map, CMD(0x70), adr); |
834 |
++ map_write(map, CMD(0xd0), chip->in_progress_block_addr); |
835 |
++ map_write(map, CMD(0x70), chip->in_progress_block_addr); |
836 |
+ chip->oldstate = FL_READY; |
837 |
+ chip->state = FL_ERASING; |
838 |
+ break; |
839 |
+@@ -1933,6 +1954,8 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, |
840 |
+ map_write(map, CMD(0xD0), adr); |
841 |
+ chip->state = FL_ERASING; |
842 |
+ chip->erase_suspended = 0; |
843 |
++ chip->in_progress_block_addr = adr; |
844 |
++ chip->in_progress_block_mask = ~(len - 1); |
845 |
+ |
846 |
+ ret = INVAL_CACHE_AND_WAIT(map, chip, adr, |
847 |
+ adr, len, |
848 |
+diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c |
849 |
+index 9dca881bb378..107c05b3ddbb 100644 |
850 |
+--- a/drivers/mtd/chips/cfi_cmdset_0002.c |
851 |
++++ b/drivers/mtd/chips/cfi_cmdset_0002.c |
852 |
+@@ -812,9 +812,10 @@ static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr |
853 |
+ (mode == FL_WRITING && (cfip->EraseSuspend & 0x2)))) |
854 |
+ goto sleep; |
855 |
+ |
856 |
+- /* We could check to see if we're trying to access the sector |
857 |
+- * that is currently being erased. However, no user will try |
858 |
+- * anything like that so we just wait for the timeout. */ |
859 |
++ /* Do not allow suspend iff read/write to EB address */ |
860 |
++ if ((adr & chip->in_progress_block_mask) == |
861 |
++ chip->in_progress_block_addr) |
862 |
++ goto sleep; |
863 |
+ |
864 |
+ /* Erase suspend */ |
865 |
+ /* It's harmless to issue the Erase-Suspend and Erase-Resume |
866 |
+@@ -2263,6 +2264,7 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) |
867 |
+ chip->state = FL_ERASING; |
868 |
+ chip->erase_suspended = 0; |
869 |
+ chip->in_progress_block_addr = adr; |
870 |
++ chip->in_progress_block_mask = ~(map->size - 1); |
871 |
+ |
872 |
+ INVALIDATE_CACHE_UDELAY(map, chip, |
873 |
+ adr, map->size, |
874 |
+@@ -2352,6 +2354,7 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, |
875 |
+ chip->state = FL_ERASING; |
876 |
+ chip->erase_suspended = 0; |
877 |
+ chip->in_progress_block_addr = adr; |
878 |
++ chip->in_progress_block_mask = ~(len - 1); |
879 |
+ |
880 |
+ INVALIDATE_CACHE_UDELAY(map, chip, |
881 |
+ adr, len, |
882 |
+diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c |
883 |
+index 502f5547a1f2..e9360d5cbcba 100644 |
884 |
+--- a/drivers/of/fdt.c |
885 |
++++ b/drivers/of/fdt.c |
886 |
+@@ -935,7 +935,7 @@ int __init early_init_dt_scan_chosen_stdout(void) |
887 |
+ int offset; |
888 |
+ const char *p, *q, *options = NULL; |
889 |
+ int l; |
890 |
+- const struct earlycon_id *match; |
891 |
++ const struct earlycon_id **p_match; |
892 |
+ const void *fdt = initial_boot_params; |
893 |
+ |
894 |
+ offset = fdt_path_offset(fdt, "/chosen"); |
895 |
+@@ -962,7 +962,10 @@ int __init early_init_dt_scan_chosen_stdout(void) |
896 |
+ return 0; |
897 |
+ } |
898 |
+ |
899 |
+- for (match = __earlycon_table; match < __earlycon_table_end; match++) { |
900 |
++ for (p_match = __earlycon_table; p_match < __earlycon_table_end; |
901 |
++ p_match++) { |
902 |
++ const struct earlycon_id *match = *p_match; |
903 |
++ |
904 |
+ if (!match->compatible[0]) |
905 |
+ continue; |
906 |
+ |
907 |
+diff --git a/drivers/pci/host/pci-aardvark.c b/drivers/pci/host/pci-aardvark.c |
908 |
+index 4fce494271cc..11bad826683e 100644 |
909 |
+--- a/drivers/pci/host/pci-aardvark.c |
910 |
++++ b/drivers/pci/host/pci-aardvark.c |
911 |
+@@ -32,6 +32,7 @@ |
912 |
+ #define PCIE_CORE_DEV_CTRL_STATS_MAX_PAYLOAD_SZ_SHIFT 5 |
913 |
+ #define PCIE_CORE_DEV_CTRL_STATS_SNOOP_DISABLE (0 << 11) |
914 |
+ #define PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT 12 |
915 |
++#define PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SZ 0x2 |
916 |
+ #define PCIE_CORE_LINK_CTRL_STAT_REG 0xd0 |
917 |
+ #define PCIE_CORE_LINK_L0S_ENTRY BIT(0) |
918 |
+ #define PCIE_CORE_LINK_TRAINING BIT(5) |
919 |
+@@ -175,8 +176,6 @@ |
920 |
+ #define PCIE_CONFIG_WR_TYPE0 0xa |
921 |
+ #define PCIE_CONFIG_WR_TYPE1 0xb |
922 |
+ |
923 |
+-/* PCI_BDF shifts 8bit, so we need extra 4bit shift */ |
924 |
+-#define PCIE_BDF(dev) (dev << 4) |
925 |
+ #define PCIE_CONF_BUS(bus) (((bus) & 0xff) << 20) |
926 |
+ #define PCIE_CONF_DEV(dev) (((dev) & 0x1f) << 15) |
927 |
+ #define PCIE_CONF_FUNC(fun) (((fun) & 0x7) << 12) |
928 |
+@@ -298,7 +297,8 @@ static void advk_pcie_setup_hw(struct advk_pcie *pcie) |
929 |
+ reg = PCIE_CORE_DEV_CTRL_STATS_RELAX_ORDER_DISABLE | |
930 |
+ (7 << PCIE_CORE_DEV_CTRL_STATS_MAX_PAYLOAD_SZ_SHIFT) | |
931 |
+ PCIE_CORE_DEV_CTRL_STATS_SNOOP_DISABLE | |
932 |
+- PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT; |
933 |
++ (PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SZ << |
934 |
++ PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT); |
935 |
+ advk_writel(pcie, reg, PCIE_CORE_DEV_CTRL_STATS_REG); |
936 |
+ |
937 |
+ /* Program PCIe Control 2 to disable strict ordering */ |
938 |
+@@ -439,7 +439,7 @@ static int advk_pcie_rd_conf(struct pci_bus *bus, u32 devfn, |
939 |
+ u32 reg; |
940 |
+ int ret; |
941 |
+ |
942 |
+- if (PCI_SLOT(devfn) != 0) { |
943 |
++ if ((bus->number == pcie->root_bus_nr) && PCI_SLOT(devfn) != 0) { |
944 |
+ *val = 0xffffffff; |
945 |
+ return PCIBIOS_DEVICE_NOT_FOUND; |
946 |
+ } |
947 |
+@@ -458,7 +458,7 @@ static int advk_pcie_rd_conf(struct pci_bus *bus, u32 devfn, |
948 |
+ advk_writel(pcie, reg, PIO_CTRL); |
949 |
+ |
950 |
+ /* Program the address registers */ |
951 |
+- reg = PCIE_BDF(devfn) | PCIE_CONF_REG(where); |
952 |
++ reg = PCIE_CONF_ADDR(bus->number, devfn, where); |
953 |
+ advk_writel(pcie, reg, PIO_ADDR_LS); |
954 |
+ advk_writel(pcie, 0, PIO_ADDR_MS); |
955 |
+ |
956 |
+@@ -493,7 +493,7 @@ static int advk_pcie_wr_conf(struct pci_bus *bus, u32 devfn, |
957 |
+ int offset; |
958 |
+ int ret; |
959 |
+ |
960 |
+- if (PCI_SLOT(devfn) != 0) |
961 |
++ if ((bus->number == pcie->root_bus_nr) && PCI_SLOT(devfn) != 0) |
962 |
+ return PCIBIOS_DEVICE_NOT_FOUND; |
963 |
+ |
964 |
+ if (where % size) |
965 |
+diff --git a/drivers/rtc/rtc-opal.c b/drivers/rtc/rtc-opal.c |
966 |
+index aa53fceaa5e0..180ec1f8c917 100644 |
967 |
+--- a/drivers/rtc/rtc-opal.c |
968 |
++++ b/drivers/rtc/rtc-opal.c |
969 |
+@@ -57,7 +57,7 @@ static void tm_to_opal(struct rtc_time *tm, u32 *y_m_d, u64 *h_m_s_ms) |
970 |
+ |
971 |
+ static int opal_get_rtc_time(struct device *dev, struct rtc_time *tm) |
972 |
+ { |
973 |
+- long rc = OPAL_BUSY; |
974 |
++ s64 rc = OPAL_BUSY; |
975 |
+ int retries = 10; |
976 |
+ u32 y_m_d; |
977 |
+ u64 h_m_s_ms; |
978 |
+@@ -66,13 +66,17 @@ static int opal_get_rtc_time(struct device *dev, struct rtc_time *tm) |
979 |
+ |
980 |
+ while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) { |
981 |
+ rc = opal_rtc_read(&__y_m_d, &__h_m_s_ms); |
982 |
+- if (rc == OPAL_BUSY_EVENT) |
983 |
++ if (rc == OPAL_BUSY_EVENT) { |
984 |
++ msleep(OPAL_BUSY_DELAY_MS); |
985 |
+ opal_poll_events(NULL); |
986 |
+- else if (retries-- && (rc == OPAL_HARDWARE |
987 |
+- || rc == OPAL_INTERNAL_ERROR)) |
988 |
+- msleep(10); |
989 |
+- else if (rc != OPAL_BUSY && rc != OPAL_BUSY_EVENT) |
990 |
+- break; |
991 |
++ } else if (rc == OPAL_BUSY) { |
992 |
++ msleep(OPAL_BUSY_DELAY_MS); |
993 |
++ } else if (rc == OPAL_HARDWARE || rc == OPAL_INTERNAL_ERROR) { |
994 |
++ if (retries--) { |
995 |
++ msleep(10); /* Wait 10ms before retry */ |
996 |
++ rc = OPAL_BUSY; /* go around again */ |
997 |
++ } |
998 |
++ } |
999 |
+ } |
1000 |
+ |
1001 |
+ if (rc != OPAL_SUCCESS) |
1002 |
+@@ -87,21 +91,26 @@ static int opal_get_rtc_time(struct device *dev, struct rtc_time *tm) |
1003 |
+ |
1004 |
+ static int opal_set_rtc_time(struct device *dev, struct rtc_time *tm) |
1005 |
+ { |
1006 |
+- long rc = OPAL_BUSY; |
1007 |
++ s64 rc = OPAL_BUSY; |
1008 |
+ int retries = 10; |
1009 |
+ u32 y_m_d = 0; |
1010 |
+ u64 h_m_s_ms = 0; |
1011 |
+ |
1012 |
+ tm_to_opal(tm, &y_m_d, &h_m_s_ms); |
1013 |
++ |
1014 |
+ while (rc == OPAL_BUSY || rc == OPAL_BUSY_EVENT) { |
1015 |
+ rc = opal_rtc_write(y_m_d, h_m_s_ms); |
1016 |
+- if (rc == OPAL_BUSY_EVENT) |
1017 |
++ if (rc == OPAL_BUSY_EVENT) { |
1018 |
++ msleep(OPAL_BUSY_DELAY_MS); |
1019 |
+ opal_poll_events(NULL); |
1020 |
+- else if (retries-- && (rc == OPAL_HARDWARE |
1021 |
+- || rc == OPAL_INTERNAL_ERROR)) |
1022 |
+- msleep(10); |
1023 |
+- else if (rc != OPAL_BUSY && rc != OPAL_BUSY_EVENT) |
1024 |
+- break; |
1025 |
++ } else if (rc == OPAL_BUSY) { |
1026 |
++ msleep(OPAL_BUSY_DELAY_MS); |
1027 |
++ } else if (rc == OPAL_HARDWARE || rc == OPAL_INTERNAL_ERROR) { |
1028 |
++ if (retries--) { |
1029 |
++ msleep(10); /* Wait 10ms before retry */ |
1030 |
++ rc = OPAL_BUSY; /* go around again */ |
1031 |
++ } |
1032 |
++ } |
1033 |
+ } |
1034 |
+ |
1035 |
+ return rc == OPAL_SUCCESS ? 0 : -EIO; |
1036 |
+diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c |
1037 |
+index ace56c5e61e1..14ba1a2c0b7c 100644 |
1038 |
+--- a/drivers/scsi/sd.c |
1039 |
++++ b/drivers/scsi/sd.c |
1040 |
+@@ -1935,6 +1935,8 @@ sd_spinup_disk(struct scsi_disk *sdkp) |
1041 |
+ break; /* standby */ |
1042 |
+ if (sshdr.asc == 4 && sshdr.ascq == 0xc) |
1043 |
+ break; /* unavailable */ |
1044 |
++ if (sshdr.asc == 4 && sshdr.ascq == 0x1b) |
1045 |
++ break; /* sanitize in progress */ |
1046 |
+ /* |
1047 |
+ * Issue command to spin up drive when not ready |
1048 |
+ */ |
1049 |
+diff --git a/drivers/tty/n_gsm.c b/drivers/tty/n_gsm.c |
1050 |
+index fe2291795d2f..9e9016e67843 100644 |
1051 |
+--- a/drivers/tty/n_gsm.c |
1052 |
++++ b/drivers/tty/n_gsm.c |
1053 |
+@@ -137,6 +137,9 @@ struct gsm_dlci { |
1054 |
+ struct mutex mutex; |
1055 |
+ |
1056 |
+ /* Link layer */ |
1057 |
++ int mode; |
1058 |
++#define DLCI_MODE_ABM 0 /* Normal Asynchronous Balanced Mode */ |
1059 |
++#define DLCI_MODE_ADM 1 /* Asynchronous Disconnected Mode */ |
1060 |
+ spinlock_t lock; /* Protects the internal state */ |
1061 |
+ struct timer_list t1; /* Retransmit timer for SABM and UA */ |
1062 |
+ int retries; |
1063 |
+@@ -1380,7 +1383,13 @@ static struct gsm_control *gsm_control_send(struct gsm_mux *gsm, |
1064 |
+ ctrl->data = data; |
1065 |
+ ctrl->len = clen; |
1066 |
+ gsm->pending_cmd = ctrl; |
1067 |
+- gsm->cretries = gsm->n2; |
1068 |
++ |
1069 |
++ /* If DLCI0 is in ADM mode skip retries, it won't respond */ |
1070 |
++ if (gsm->dlci[0]->mode == DLCI_MODE_ADM) |
1071 |
++ gsm->cretries = 1; |
1072 |
++ else |
1073 |
++ gsm->cretries = gsm->n2; |
1074 |
++ |
1075 |
+ mod_timer(&gsm->t2_timer, jiffies + gsm->t2 * HZ / 100); |
1076 |
+ gsm_control_transmit(gsm, ctrl); |
1077 |
+ spin_unlock_irqrestore(&gsm->control_lock, flags); |
1078 |
+@@ -1488,6 +1497,7 @@ static void gsm_dlci_t1(unsigned long data) |
1079 |
+ if (debug & 8) |
1080 |
+ pr_info("DLCI %d opening in ADM mode.\n", |
1081 |
+ dlci->addr); |
1082 |
++ dlci->mode = DLCI_MODE_ADM; |
1083 |
+ gsm_dlci_open(dlci); |
1084 |
+ } else { |
1085 |
+ gsm_dlci_close(dlci); |
1086 |
+@@ -2865,11 +2875,22 @@ static int gsmtty_modem_update(struct gsm_dlci *dlci, u8 brk) |
1087 |
+ static int gsm_carrier_raised(struct tty_port *port) |
1088 |
+ { |
1089 |
+ struct gsm_dlci *dlci = container_of(port, struct gsm_dlci, port); |
1090 |
++ struct gsm_mux *gsm = dlci->gsm; |
1091 |
++ |
1092 |
+ /* Not yet open so no carrier info */ |
1093 |
+ if (dlci->state != DLCI_OPEN) |
1094 |
+ return 0; |
1095 |
+ if (debug & 2) |
1096 |
+ return 1; |
1097 |
++ |
1098 |
++ /* |
1099 |
++ * Basic mode with control channel in ADM mode may not respond |
1100 |
++ * to CMD_MSC at all and modem_rx is empty. |
1101 |
++ */ |
1102 |
++ if (gsm->encoding == 0 && gsm->dlci[0]->mode == DLCI_MODE_ADM && |
1103 |
++ !dlci->modem_rx) |
1104 |
++ return 1; |
1105 |
++ |
1106 |
+ return dlci->modem_rx & TIOCM_CD; |
1107 |
+ } |
1108 |
+ |
1109 |
+diff --git a/drivers/tty/serial/earlycon.c b/drivers/tty/serial/earlycon.c |
1110 |
+index 3b31fd8863eb..b9a4625b8690 100644 |
1111 |
+--- a/drivers/tty/serial/earlycon.c |
1112 |
++++ b/drivers/tty/serial/earlycon.c |
1113 |
+@@ -172,7 +172,7 @@ static int __init register_earlycon(char *buf, const struct earlycon_id *match) |
1114 |
+ */ |
1115 |
+ int __init setup_earlycon(char *buf) |
1116 |
+ { |
1117 |
+- const struct earlycon_id *match; |
1118 |
++ const struct earlycon_id **p_match; |
1119 |
+ |
1120 |
+ if (!buf || !buf[0]) |
1121 |
+ return -EINVAL; |
1122 |
+@@ -180,7 +180,9 @@ int __init setup_earlycon(char *buf) |
1123 |
+ if (early_con.flags & CON_ENABLED) |
1124 |
+ return -EALREADY; |
1125 |
+ |
1126 |
+- for (match = __earlycon_table; match < __earlycon_table_end; match++) { |
1127 |
++ for (p_match = __earlycon_table; p_match < __earlycon_table_end; |
1128 |
++ p_match++) { |
1129 |
++ const struct earlycon_id *match = *p_match; |
1130 |
+ size_t len = strlen(match->name); |
1131 |
+ |
1132 |
+ if (strncmp(buf, match->name, len)) |
1133 |
+diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c |
1134 |
+index 4ee0a9de7556..789c81482542 100644 |
1135 |
+--- a/drivers/tty/tty_io.c |
1136 |
++++ b/drivers/tty/tty_io.c |
1137 |
+@@ -3170,7 +3170,10 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) |
1138 |
+ |
1139 |
+ kref_init(&tty->kref); |
1140 |
+ tty->magic = TTY_MAGIC; |
1141 |
+- tty_ldisc_init(tty); |
1142 |
++ if (tty_ldisc_init(tty)) { |
1143 |
++ kfree(tty); |
1144 |
++ return NULL; |
1145 |
++ } |
1146 |
+ tty->session = NULL; |
1147 |
+ tty->pgrp = NULL; |
1148 |
+ mutex_init(&tty->legacy_mutex); |
1149 |
+diff --git a/drivers/tty/tty_ldisc.c b/drivers/tty/tty_ldisc.c |
1150 |
+index 3a9e2a2fd4c6..4ab518d43758 100644 |
1151 |
+--- a/drivers/tty/tty_ldisc.c |
1152 |
++++ b/drivers/tty/tty_ldisc.c |
1153 |
+@@ -175,12 +175,11 @@ static struct tty_ldisc *tty_ldisc_get(struct tty_struct *tty, int disc) |
1154 |
+ return ERR_CAST(ldops); |
1155 |
+ } |
1156 |
+ |
1157 |
+- ld = kmalloc(sizeof(struct tty_ldisc), GFP_KERNEL); |
1158 |
+- if (ld == NULL) { |
1159 |
+- put_ldops(ldops); |
1160 |
+- return ERR_PTR(-ENOMEM); |
1161 |
+- } |
1162 |
+- |
1163 |
++ /* |
1164 |
++ * There is no way to handle allocation failure of only 16 bytes. |
1165 |
++ * Let's simplify error handling and save more memory. |
1166 |
++ */ |
1167 |
++ ld = kmalloc(sizeof(struct tty_ldisc), GFP_KERNEL | __GFP_NOFAIL); |
1168 |
+ ld->ops = ldops; |
1169 |
+ ld->tty = tty; |
1170 |
+ |
1171 |
+@@ -753,12 +752,13 @@ void tty_ldisc_release(struct tty_struct *tty) |
1172 |
+ * the tty structure is not completely set up when this call is made. |
1173 |
+ */ |
1174 |
+ |
1175 |
+-void tty_ldisc_init(struct tty_struct *tty) |
1176 |
++int tty_ldisc_init(struct tty_struct *tty) |
1177 |
+ { |
1178 |
+ struct tty_ldisc *ld = tty_ldisc_get(tty, N_TTY); |
1179 |
+ if (IS_ERR(ld)) |
1180 |
+- panic("n_tty: init_tty"); |
1181 |
++ return PTR_ERR(ld); |
1182 |
+ tty->ldisc = ld; |
1183 |
++ return 0; |
1184 |
+ } |
1185 |
+ |
1186 |
+ /** |
1187 |
+diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c |
1188 |
+index fcc7aa248ce7..bdb0d7a08ff9 100644 |
1189 |
+--- a/drivers/usb/core/hcd.c |
1190 |
++++ b/drivers/usb/core/hcd.c |
1191 |
+@@ -2365,6 +2365,7 @@ void usb_hcd_resume_root_hub (struct usb_hcd *hcd) |
1192 |
+ |
1193 |
+ spin_lock_irqsave (&hcd_root_hub_lock, flags); |
1194 |
+ if (hcd->rh_registered) { |
1195 |
++ pm_wakeup_event(&hcd->self.root_hub->dev, 0); |
1196 |
+ set_bit(HCD_FLAG_WAKEUP_PENDING, &hcd->flags); |
1197 |
+ queue_work(pm_wq, &hcd->wakeup_work); |
1198 |
+ } |
1199 |
+diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c |
1200 |
+index d0d3f9ef9f10..d8d992b73e88 100644 |
1201 |
+--- a/drivers/usb/core/hub.c |
1202 |
++++ b/drivers/usb/core/hub.c |
1203 |
+@@ -648,12 +648,17 @@ void usb_wakeup_notification(struct usb_device *hdev, |
1204 |
+ unsigned int portnum) |
1205 |
+ { |
1206 |
+ struct usb_hub *hub; |
1207 |
++ struct usb_port *port_dev; |
1208 |
+ |
1209 |
+ if (!hdev) |
1210 |
+ return; |
1211 |
+ |
1212 |
+ hub = usb_hub_to_struct_hub(hdev); |
1213 |
+ if (hub) { |
1214 |
++ port_dev = hub->ports[portnum - 1]; |
1215 |
++ if (port_dev && port_dev->child) |
1216 |
++ pm_wakeup_event(&port_dev->child->dev, 0); |
1217 |
++ |
1218 |
+ set_bit(portnum, hub->wakeup_bits); |
1219 |
+ kick_hub_wq(hub); |
1220 |
+ } |
1221 |
+@@ -3417,8 +3422,11 @@ int usb_port_resume(struct usb_device *udev, pm_message_t msg) |
1222 |
+ |
1223 |
+ /* Skip the initial Clear-Suspend step for a remote wakeup */ |
1224 |
+ status = hub_port_status(hub, port1, &portstatus, &portchange); |
1225 |
+- if (status == 0 && !port_is_suspended(hub, portstatus)) |
1226 |
++ if (status == 0 && !port_is_suspended(hub, portstatus)) { |
1227 |
++ if (portchange & USB_PORT_STAT_C_SUSPEND) |
1228 |
++ pm_wakeup_event(&udev->dev, 0); |
1229 |
+ goto SuspendCleared; |
1230 |
++ } |
1231 |
+ |
1232 |
+ /* see 7.1.7.7; affects power usage, but not budgeting */ |
1233 |
+ if (hub_is_superspeed(hub->hdev)) |
1234 |
+diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c |
1235 |
+index 4f1c6f8d4352..40ce175655e6 100644 |
1236 |
+--- a/drivers/usb/core/quirks.c |
1237 |
++++ b/drivers/usb/core/quirks.c |
1238 |
+@@ -45,6 +45,9 @@ static const struct usb_device_id usb_quirk_list[] = { |
1239 |
+ { USB_DEVICE(0x03f0, 0x0701), .driver_info = |
1240 |
+ USB_QUIRK_STRING_FETCH_255 }, |
1241 |
+ |
1242 |
++ /* HP v222w 16GB Mini USB Drive */ |
1243 |
++ { USB_DEVICE(0x03f0, 0x3f40), .driver_info = USB_QUIRK_DELAY_INIT }, |
1244 |
++ |
1245 |
+ /* Creative SB Audigy 2 NX */ |
1246 |
+ { USB_DEVICE(0x041e, 0x3020), .driver_info = USB_QUIRK_RESET_RESUME }, |
1247 |
+ |
1248 |
+diff --git a/drivers/usb/serial/Kconfig b/drivers/usb/serial/Kconfig |
1249 |
+index 584ae8cbaf1c..77c3ebe860c5 100644 |
1250 |
+--- a/drivers/usb/serial/Kconfig |
1251 |
++++ b/drivers/usb/serial/Kconfig |
1252 |
+@@ -62,6 +62,7 @@ config USB_SERIAL_SIMPLE |
1253 |
+ - Fundamental Software dongle. |
1254 |
+ - Google USB serial devices |
1255 |
+ - HP4x calculators |
1256 |
++ - Libtransistor USB console |
1257 |
+ - a number of Motorola phones |
1258 |
+ - Motorola Tetra devices |
1259 |
+ - Novatel Wireless GPS receivers |
1260 |
+diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c |
1261 |
+index cab80acace4e..d98531823998 100644 |
1262 |
+--- a/drivers/usb/serial/cp210x.c |
1263 |
++++ b/drivers/usb/serial/cp210x.c |
1264 |
+@@ -211,6 +211,7 @@ static const struct usb_device_id id_table[] = { |
1265 |
+ { USB_DEVICE(0x3195, 0xF190) }, /* Link Instruments MSO-19 */ |
1266 |
+ { USB_DEVICE(0x3195, 0xF280) }, /* Link Instruments MSO-28 */ |
1267 |
+ { USB_DEVICE(0x3195, 0xF281) }, /* Link Instruments MSO-28 */ |
1268 |
++ { USB_DEVICE(0x3923, 0x7A0B) }, /* National Instruments USB Serial Console */ |
1269 |
+ { USB_DEVICE(0x413C, 0x9500) }, /* DW700 GPS USB interface */ |
1270 |
+ { } /* Terminating Entry */ |
1271 |
+ }; |
1272 |
+diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c |
1273 |
+index 71cbc6890ac4..2e2f736384ab 100644 |
1274 |
+--- a/drivers/usb/serial/ftdi_sio.c |
1275 |
++++ b/drivers/usb/serial/ftdi_sio.c |
1276 |
+@@ -1911,7 +1911,8 @@ static int ftdi_8u2232c_probe(struct usb_serial *serial) |
1277 |
+ return ftdi_jtag_probe(serial); |
1278 |
+ |
1279 |
+ if (udev->product && |
1280 |
+- (!strcmp(udev->product, "BeagleBone/XDS100V2") || |
1281 |
++ (!strcmp(udev->product, "Arrow USB Blaster") || |
1282 |
++ !strcmp(udev->product, "BeagleBone/XDS100V2") || |
1283 |
+ !strcmp(udev->product, "SNAP Connect E10"))) |
1284 |
+ return ftdi_jtag_probe(serial); |
1285 |
+ |
1286 |
+diff --git a/drivers/usb/serial/usb-serial-simple.c b/drivers/usb/serial/usb-serial-simple.c |
1287 |
+index 6aa7ff2c1cf7..2674da40d9cd 100644 |
1288 |
+--- a/drivers/usb/serial/usb-serial-simple.c |
1289 |
++++ b/drivers/usb/serial/usb-serial-simple.c |
1290 |
+@@ -66,6 +66,11 @@ DEVICE(flashloader, FLASHLOADER_IDS); |
1291 |
+ 0x01) } |
1292 |
+ DEVICE(google, GOOGLE_IDS); |
1293 |
+ |
1294 |
++/* Libtransistor USB console */ |
1295 |
++#define LIBTRANSISTOR_IDS() \ |
1296 |
++ { USB_DEVICE(0x1209, 0x8b00) } |
1297 |
++DEVICE(libtransistor, LIBTRANSISTOR_IDS); |
1298 |
++ |
1299 |
+ /* ViVOpay USB Serial Driver */ |
1300 |
+ #define VIVOPAY_IDS() \ |
1301 |
+ { USB_DEVICE(0x1d5f, 0x1004) } /* ViVOpay 8800 */ |
1302 |
+@@ -113,6 +118,7 @@ static struct usb_serial_driver * const serial_drivers[] = { |
1303 |
+ &funsoft_device, |
1304 |
+ &flashloader_device, |
1305 |
+ &google_device, |
1306 |
++ &libtransistor_device, |
1307 |
+ &vivopay_device, |
1308 |
+ &moto_modem_device, |
1309 |
+ &motorola_tetra_device, |
1310 |
+@@ -129,6 +135,7 @@ static const struct usb_device_id id_table[] = { |
1311 |
+ FUNSOFT_IDS(), |
1312 |
+ FLASHLOADER_IDS(), |
1313 |
+ GOOGLE_IDS(), |
1314 |
++ LIBTRANSISTOR_IDS(), |
1315 |
+ VIVOPAY_IDS(), |
1316 |
+ MOTO_IDS(), |
1317 |
+ MOTOROLA_TETRA_IDS(), |
1318 |
+diff --git a/drivers/usb/usbip/stub_main.c b/drivers/usb/usbip/stub_main.c |
1319 |
+index 325b4c05acdd..f761e02e75c9 100644 |
1320 |
+--- a/drivers/usb/usbip/stub_main.c |
1321 |
++++ b/drivers/usb/usbip/stub_main.c |
1322 |
+@@ -201,7 +201,12 @@ static ssize_t rebind_store(struct device_driver *dev, const char *buf, |
1323 |
+ if (!bid) |
1324 |
+ return -ENODEV; |
1325 |
+ |
1326 |
++ /* device_attach() callers should hold parent lock for USB */ |
1327 |
++ if (bid->udev->dev.parent) |
1328 |
++ device_lock(bid->udev->dev.parent); |
1329 |
+ ret = device_attach(&bid->udev->dev); |
1330 |
++ if (bid->udev->dev.parent) |
1331 |
++ device_unlock(bid->udev->dev.parent); |
1332 |
+ if (ret < 0) { |
1333 |
+ dev_err(&bid->udev->dev, "rebind failed\n"); |
1334 |
+ return ret; |
1335 |
+diff --git a/drivers/usb/usbip/usbip_common.h b/drivers/usb/usbip/usbip_common.h |
1336 |
+index f0b955f8504e..109e65ba01a0 100644 |
1337 |
+--- a/drivers/usb/usbip/usbip_common.h |
1338 |
++++ b/drivers/usb/usbip/usbip_common.h |
1339 |
+@@ -258,7 +258,7 @@ enum usbip_side { |
1340 |
+ #define VUDC_EVENT_ERROR_USB (USBIP_EH_SHUTDOWN | USBIP_EH_UNUSABLE) |
1341 |
+ #define VUDC_EVENT_ERROR_MALLOC (USBIP_EH_SHUTDOWN | USBIP_EH_UNUSABLE) |
1342 |
+ |
1343 |
+-#define VDEV_EVENT_REMOVED (USBIP_EH_SHUTDOWN | USBIP_EH_BYE) |
1344 |
++#define VDEV_EVENT_REMOVED (USBIP_EH_SHUTDOWN | USBIP_EH_RESET | USBIP_EH_BYE) |
1345 |
+ #define VDEV_EVENT_DOWN (USBIP_EH_SHUTDOWN | USBIP_EH_RESET) |
1346 |
+ #define VDEV_EVENT_ERROR_TCP (USBIP_EH_SHUTDOWN | USBIP_EH_RESET) |
1347 |
+ #define VDEV_EVENT_ERROR_MALLOC (USBIP_EH_SHUTDOWN | USBIP_EH_UNUSABLE) |
1348 |
+diff --git a/drivers/usb/usbip/usbip_event.c b/drivers/usb/usbip/usbip_event.c |
1349 |
+index f1635662c299..f8f7f3803a99 100644 |
1350 |
+--- a/drivers/usb/usbip/usbip_event.c |
1351 |
++++ b/drivers/usb/usbip/usbip_event.c |
1352 |
+@@ -105,10 +105,6 @@ static void event_handler(struct work_struct *work) |
1353 |
+ unset_event(ud, USBIP_EH_UNUSABLE); |
1354 |
+ } |
1355 |
+ |
1356 |
+- /* Stop the error handler. */ |
1357 |
+- if (ud->event & USBIP_EH_BYE) |
1358 |
+- usbip_dbg_eh("removed %p\n", ud); |
1359 |
+- |
1360 |
+ wake_up(&ud->eh_waitq); |
1361 |
+ } |
1362 |
+ } |
1363 |
+diff --git a/fs/ext4/balloc.c b/fs/ext4/balloc.c |
1364 |
+index 176b4b27a27a..6776f4aa3d12 100644 |
1365 |
+--- a/fs/ext4/balloc.c |
1366 |
++++ b/fs/ext4/balloc.c |
1367 |
+@@ -320,6 +320,7 @@ static ext4_fsblk_t ext4_valid_block_bitmap(struct super_block *sb, |
1368 |
+ struct ext4_sb_info *sbi = EXT4_SB(sb); |
1369 |
+ ext4_grpblk_t offset; |
1370 |
+ ext4_grpblk_t next_zero_bit; |
1371 |
++ ext4_grpblk_t max_bit = EXT4_CLUSTERS_PER_GROUP(sb); |
1372 |
+ ext4_fsblk_t blk; |
1373 |
+ ext4_fsblk_t group_first_block; |
1374 |
+ |
1375 |
+@@ -337,20 +338,25 @@ static ext4_fsblk_t ext4_valid_block_bitmap(struct super_block *sb, |
1376 |
+ /* check whether block bitmap block number is set */ |
1377 |
+ blk = ext4_block_bitmap(sb, desc); |
1378 |
+ offset = blk - group_first_block; |
1379 |
+- if (!ext4_test_bit(EXT4_B2C(sbi, offset), bh->b_data)) |
1380 |
++ if (offset < 0 || EXT4_B2C(sbi, offset) >= max_bit || |
1381 |
++ !ext4_test_bit(EXT4_B2C(sbi, offset), bh->b_data)) |
1382 |
+ /* bad block bitmap */ |
1383 |
+ return blk; |
1384 |
+ |
1385 |
+ /* check whether the inode bitmap block number is set */ |
1386 |
+ blk = ext4_inode_bitmap(sb, desc); |
1387 |
+ offset = blk - group_first_block; |
1388 |
+- if (!ext4_test_bit(EXT4_B2C(sbi, offset), bh->b_data)) |
1389 |
++ if (offset < 0 || EXT4_B2C(sbi, offset) >= max_bit || |
1390 |
++ !ext4_test_bit(EXT4_B2C(sbi, offset), bh->b_data)) |
1391 |
+ /* bad block bitmap */ |
1392 |
+ return blk; |
1393 |
+ |
1394 |
+ /* check whether the inode table block number is set */ |
1395 |
+ blk = ext4_inode_table(sb, desc); |
1396 |
+ offset = blk - group_first_block; |
1397 |
++ if (offset < 0 || EXT4_B2C(sbi, offset) >= max_bit || |
1398 |
++ EXT4_B2C(sbi, offset + sbi->s_itb_per_group) >= max_bit) |
1399 |
++ return blk; |
1400 |
+ next_zero_bit = ext4_find_next_zero_bit(bh->b_data, |
1401 |
+ EXT4_B2C(sbi, offset + EXT4_SB(sb)->s_itb_per_group), |
1402 |
+ EXT4_B2C(sbi, offset)); |
1403 |
+@@ -416,6 +422,7 @@ struct buffer_head * |
1404 |
+ ext4_read_block_bitmap_nowait(struct super_block *sb, ext4_group_t block_group) |
1405 |
+ { |
1406 |
+ struct ext4_group_desc *desc; |
1407 |
++ struct ext4_sb_info *sbi = EXT4_SB(sb); |
1408 |
+ struct buffer_head *bh; |
1409 |
+ ext4_fsblk_t bitmap_blk; |
1410 |
+ int err; |
1411 |
+@@ -424,6 +431,12 @@ ext4_read_block_bitmap_nowait(struct super_block *sb, ext4_group_t block_group) |
1412 |
+ if (!desc) |
1413 |
+ return ERR_PTR(-EFSCORRUPTED); |
1414 |
+ bitmap_blk = ext4_block_bitmap(sb, desc); |
1415 |
++ if ((bitmap_blk <= le32_to_cpu(sbi->s_es->s_first_data_block)) || |
1416 |
++ (bitmap_blk >= ext4_blocks_count(sbi->s_es))) { |
1417 |
++ ext4_error(sb, "Invalid block bitmap block %llu in " |
1418 |
++ "block_group %u", bitmap_blk, block_group); |
1419 |
++ return ERR_PTR(-EFSCORRUPTED); |
1420 |
++ } |
1421 |
+ bh = sb_getblk(sb, bitmap_blk); |
1422 |
+ if (unlikely(!bh)) { |
1423 |
+ ext4_error(sb, "Cannot get buffer for block bitmap - " |
1424 |
+diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c |
1425 |
+index 1a0c57100f28..63c702b4b24c 100644 |
1426 |
+--- a/fs/ext4/extents.c |
1427 |
++++ b/fs/ext4/extents.c |
1428 |
+@@ -5356,8 +5356,9 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle, |
1429 |
+ stop = le32_to_cpu(extent->ee_block); |
1430 |
+ |
1431 |
+ /* |
1432 |
+- * In case of left shift, Don't start shifting extents until we make |
1433 |
+- * sure the hole is big enough to accommodate the shift. |
1434 |
++ * For left shifts, make sure the hole on the left is big enough to |
1435 |
++ * accommodate the shift. For right shifts, make sure the last extent |
1436 |
++ * won't be shifted beyond EXT_MAX_BLOCKS. |
1437 |
+ */ |
1438 |
+ if (SHIFT == SHIFT_LEFT) { |
1439 |
+ path = ext4_find_extent(inode, start - 1, &path, |
1440 |
+@@ -5377,9 +5378,14 @@ ext4_ext_shift_extents(struct inode *inode, handle_t *handle, |
1441 |
+ |
1442 |
+ if ((start == ex_start && shift > ex_start) || |
1443 |
+ (shift > start - ex_end)) { |
1444 |
+- ext4_ext_drop_refs(path); |
1445 |
+- kfree(path); |
1446 |
+- return -EINVAL; |
1447 |
++ ret = -EINVAL; |
1448 |
++ goto out; |
1449 |
++ } |
1450 |
++ } else { |
1451 |
++ if (shift > EXT_MAX_BLOCKS - |
1452 |
++ (stop + ext4_ext_get_actual_len(extent))) { |
1453 |
++ ret = -EINVAL; |
1454 |
++ goto out; |
1455 |
+ } |
1456 |
+ } |
1457 |
+ |
1458 |
+diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c |
1459 |
+index 79a9a1bddafc..dcf63daefee0 100644 |
1460 |
+--- a/fs/ext4/ialloc.c |
1461 |
++++ b/fs/ext4/ialloc.c |
1462 |
+@@ -119,6 +119,7 @@ static struct buffer_head * |
1463 |
+ ext4_read_inode_bitmap(struct super_block *sb, ext4_group_t block_group) |
1464 |
+ { |
1465 |
+ struct ext4_group_desc *desc; |
1466 |
++ struct ext4_sb_info *sbi = EXT4_SB(sb); |
1467 |
+ struct buffer_head *bh = NULL; |
1468 |
+ ext4_fsblk_t bitmap_blk; |
1469 |
+ int err; |
1470 |
+@@ -128,6 +129,12 @@ ext4_read_inode_bitmap(struct super_block *sb, ext4_group_t block_group) |
1471 |
+ return ERR_PTR(-EFSCORRUPTED); |
1472 |
+ |
1473 |
+ bitmap_blk = ext4_inode_bitmap(sb, desc); |
1474 |
++ if ((bitmap_blk <= le32_to_cpu(sbi->s_es->s_first_data_block)) || |
1475 |
++ (bitmap_blk >= ext4_blocks_count(sbi->s_es))) { |
1476 |
++ ext4_error(sb, "Invalid inode bitmap blk %llu in " |
1477 |
++ "block_group %u", bitmap_blk, block_group); |
1478 |
++ return ERR_PTR(-EFSCORRUPTED); |
1479 |
++ } |
1480 |
+ bh = sb_getblk(sb, bitmap_blk); |
1481 |
+ if (unlikely(!bh)) { |
1482 |
+ ext4_error(sb, "Cannot read inode bitmap - " |
1483 |
+diff --git a/fs/jbd2/transaction.c b/fs/jbd2/transaction.c |
1484 |
+index 4e5c6103b76c..9e9e0936138b 100644 |
1485 |
+--- a/fs/jbd2/transaction.c |
1486 |
++++ b/fs/jbd2/transaction.c |
1487 |
+@@ -528,6 +528,7 @@ int jbd2_journal_start_reserved(handle_t *handle, unsigned int type, |
1488 |
+ */ |
1489 |
+ ret = start_this_handle(journal, handle, GFP_NOFS); |
1490 |
+ if (ret < 0) { |
1491 |
++ handle->h_journal = journal; |
1492 |
+ jbd2_journal_free_reserved(handle); |
1493 |
+ return ret; |
1494 |
+ } |
1495 |
+diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h |
1496 |
+index 2e6000a4eb2c..1462071a19bf 100644 |
1497 |
+--- a/include/asm-generic/vmlinux.lds.h |
1498 |
++++ b/include/asm-generic/vmlinux.lds.h |
1499 |
+@@ -170,7 +170,7 @@ |
1500 |
+ #endif |
1501 |
+ |
1502 |
+ #ifdef CONFIG_SERIAL_EARLYCON |
1503 |
+-#define EARLYCON_TABLE() STRUCT_ALIGN(); \ |
1504 |
++#define EARLYCON_TABLE() . = ALIGN(8); \ |
1505 |
+ VMLINUX_SYMBOL(__earlycon_table) = .; \ |
1506 |
+ *(__earlycon_table) \ |
1507 |
+ VMLINUX_SYMBOL(__earlycon_table_end) = .; |
1508 |
+diff --git a/include/linux/mtd/flashchip.h b/include/linux/mtd/flashchip.h |
1509 |
+index b63fa457febd..3529683f691e 100644 |
1510 |
+--- a/include/linux/mtd/flashchip.h |
1511 |
++++ b/include/linux/mtd/flashchip.h |
1512 |
+@@ -85,6 +85,7 @@ struct flchip { |
1513 |
+ unsigned int write_suspended:1; |
1514 |
+ unsigned int erase_suspended:1; |
1515 |
+ unsigned long in_progress_block_addr; |
1516 |
++ unsigned long in_progress_block_mask; |
1517 |
+ |
1518 |
+ struct mutex mutex; |
1519 |
+ wait_queue_head_t wq; /* Wait on here when we're waiting for the chip |
1520 |
+diff --git a/include/linux/serial_core.h b/include/linux/serial_core.h |
1521 |
+index 344201437017..7b16c5322673 100644 |
1522 |
+--- a/include/linux/serial_core.h |
1523 |
++++ b/include/linux/serial_core.h |
1524 |
+@@ -347,10 +347,10 @@ struct earlycon_id { |
1525 |
+ char name[16]; |
1526 |
+ char compatible[128]; |
1527 |
+ int (*setup)(struct earlycon_device *, const char *options); |
1528 |
+-} __aligned(32); |
1529 |
++}; |
1530 |
+ |
1531 |
+-extern const struct earlycon_id __earlycon_table[]; |
1532 |
+-extern const struct earlycon_id __earlycon_table_end[]; |
1533 |
++extern const struct earlycon_id *__earlycon_table[]; |
1534 |
++extern const struct earlycon_id *__earlycon_table_end[]; |
1535 |
+ |
1536 |
+ #if defined(CONFIG_SERIAL_EARLYCON) && !defined(MODULE) |
1537 |
+ #define EARLYCON_USED_OR_UNUSED __used |
1538 |
+@@ -358,12 +358,19 @@ extern const struct earlycon_id __earlycon_table_end[]; |
1539 |
+ #define EARLYCON_USED_OR_UNUSED __maybe_unused |
1540 |
+ #endif |
1541 |
+ |
1542 |
+-#define OF_EARLYCON_DECLARE(_name, compat, fn) \ |
1543 |
+- static const struct earlycon_id __UNIQUE_ID(__earlycon_##_name) \ |
1544 |
+- EARLYCON_USED_OR_UNUSED __section(__earlycon_table) \ |
1545 |
++#define _OF_EARLYCON_DECLARE(_name, compat, fn, unique_id) \ |
1546 |
++ static const struct earlycon_id unique_id \ |
1547 |
++ EARLYCON_USED_OR_UNUSED __initconst \ |
1548 |
+ = { .name = __stringify(_name), \ |
1549 |
+ .compatible = compat, \ |
1550 |
+- .setup = fn } |
1551 |
++ .setup = fn }; \ |
1552 |
++ static const struct earlycon_id EARLYCON_USED_OR_UNUSED \ |
1553 |
++ __section(__earlycon_table) \ |
1554 |
++ * const __PASTE(__p, unique_id) = &unique_id |
1555 |
++ |
1556 |
++#define OF_EARLYCON_DECLARE(_name, compat, fn) \ |
1557 |
++ _OF_EARLYCON_DECLARE(_name, compat, fn, \ |
1558 |
++ __UNIQUE_ID(__earlycon_##_name)) |
1559 |
+ |
1560 |
+ #define EARLYCON_DECLARE(_name, fn) OF_EARLYCON_DECLARE(_name, "", fn) |
1561 |
+ |
1562 |
+diff --git a/include/linux/tty.h b/include/linux/tty.h |
1563 |
+index 6f1ee8528210..fe1b8623a3a1 100644 |
1564 |
+--- a/include/linux/tty.h |
1565 |
++++ b/include/linux/tty.h |
1566 |
+@@ -657,7 +657,7 @@ extern int tty_unregister_ldisc(int disc); |
1567 |
+ extern int tty_set_ldisc(struct tty_struct *tty, int disc); |
1568 |
+ extern int tty_ldisc_setup(struct tty_struct *tty, struct tty_struct *o_tty); |
1569 |
+ extern void tty_ldisc_release(struct tty_struct *tty); |
1570 |
+-extern void tty_ldisc_init(struct tty_struct *tty); |
1571 |
++extern int __must_check tty_ldisc_init(struct tty_struct *tty); |
1572 |
+ extern void tty_ldisc_deinit(struct tty_struct *tty); |
1573 |
+ extern int tty_ldisc_receive_buf(struct tty_ldisc *ld, unsigned char *p, |
1574 |
+ char *f, int count); |
1575 |
+diff --git a/include/linux/virtio.h b/include/linux/virtio.h |
1576 |
+index d5eb5479a425..3f8f35053260 100644 |
1577 |
+--- a/include/linux/virtio.h |
1578 |
++++ b/include/linux/virtio.h |
1579 |
+@@ -143,6 +143,9 @@ int virtio_device_freeze(struct virtio_device *dev); |
1580 |
+ int virtio_device_restore(struct virtio_device *dev); |
1581 |
+ #endif |
1582 |
+ |
1583 |
++#define virtio_device_for_each_vq(vdev, vq) \ |
1584 |
++ list_for_each_entry(vq, &vdev->vqs, list) |
1585 |
++ |
1586 |
+ /** |
1587 |
+ * virtio_driver - operations for a virtio I/O driver |
1588 |
+ * @driver: underlying device driver (populate name and owner). |
1589 |
+diff --git a/include/sound/control.h b/include/sound/control.h |
1590 |
+index 21d047f229a1..4142757080f8 100644 |
1591 |
+--- a/include/sound/control.h |
1592 |
++++ b/include/sound/control.h |
1593 |
+@@ -22,6 +22,7 @@ |
1594 |
+ * |
1595 |
+ */ |
1596 |
+ |
1597 |
++#include <linux/nospec.h> |
1598 |
+ #include <sound/asound.h> |
1599 |
+ |
1600 |
+ #define snd_kcontrol_chip(kcontrol) ((kcontrol)->private_data) |
1601 |
+@@ -147,12 +148,14 @@ int snd_ctl_get_preferred_subdevice(struct snd_card *card, int type); |
1602 |
+ |
1603 |
+ static inline unsigned int snd_ctl_get_ioffnum(struct snd_kcontrol *kctl, struct snd_ctl_elem_id *id) |
1604 |
+ { |
1605 |
+- return id->numid - kctl->id.numid; |
1606 |
++ unsigned int ioff = id->numid - kctl->id.numid; |
1607 |
++ return array_index_nospec(ioff, kctl->count); |
1608 |
+ } |
1609 |
+ |
1610 |
+ static inline unsigned int snd_ctl_get_ioffidx(struct snd_kcontrol *kctl, struct snd_ctl_elem_id *id) |
1611 |
+ { |
1612 |
+- return id->index - kctl->id.index; |
1613 |
++ unsigned int ioff = id->index - kctl->id.index; |
1614 |
++ return array_index_nospec(ioff, kctl->count); |
1615 |
+ } |
1616 |
+ |
1617 |
+ static inline unsigned int snd_ctl_get_ioff(struct snd_kcontrol *kctl, struct snd_ctl_elem_id *id) |
1618 |
+diff --git a/lib/kobject.c b/lib/kobject.c |
1619 |
+index 445dcaeb0f56..b733a83e5294 100644 |
1620 |
+--- a/lib/kobject.c |
1621 |
++++ b/lib/kobject.c |
1622 |
+@@ -234,14 +234,12 @@ static int kobject_add_internal(struct kobject *kobj) |
1623 |
+ |
1624 |
+ /* be noisy on error issues */ |
1625 |
+ if (error == -EEXIST) |
1626 |
+- WARN(1, "%s failed for %s with " |
1627 |
+- "-EEXIST, don't try to register things with " |
1628 |
+- "the same name in the same directory.\n", |
1629 |
+- __func__, kobject_name(kobj)); |
1630 |
++ pr_err("%s failed for %s with -EEXIST, don't try to register things with the same name in the same directory.\n", |
1631 |
++ __func__, kobject_name(kobj)); |
1632 |
+ else |
1633 |
+- WARN(1, "%s failed for %s (error: %d parent: %s)\n", |
1634 |
+- __func__, kobject_name(kobj), error, |
1635 |
+- parent ? kobject_name(parent) : "'none'"); |
1636 |
++ pr_err("%s failed for %s (error: %d parent: %s)\n", |
1637 |
++ __func__, kobject_name(kobj), error, |
1638 |
++ parent ? kobject_name(parent) : "'none'"); |
1639 |
+ } else |
1640 |
+ kobj->state_in_sysfs = 1; |
1641 |
+ |
1642 |
+diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c |
1643 |
+index 25a30be862e9..98ea28dc03f9 100644 |
1644 |
+--- a/net/ceph/messenger.c |
1645 |
++++ b/net/ceph/messenger.c |
1646 |
+@@ -2512,6 +2512,11 @@ static int try_write(struct ceph_connection *con) |
1647 |
+ int ret = 1; |
1648 |
+ |
1649 |
+ dout("try_write start %p state %lu\n", con, con->state); |
1650 |
++ if (con->state != CON_STATE_PREOPEN && |
1651 |
++ con->state != CON_STATE_CONNECTING && |
1652 |
++ con->state != CON_STATE_NEGOTIATING && |
1653 |
++ con->state != CON_STATE_OPEN) |
1654 |
++ return 0; |
1655 |
+ |
1656 |
+ more: |
1657 |
+ dout("try_write out_kvec_bytes %d\n", con->out_kvec_bytes); |
1658 |
+@@ -2537,6 +2542,8 @@ static int try_write(struct ceph_connection *con) |
1659 |
+ } |
1660 |
+ |
1661 |
+ more_kvec: |
1662 |
++ BUG_ON(!con->sock); |
1663 |
++ |
1664 |
+ /* kvec data queued? */ |
1665 |
+ if (con->out_kvec_left) { |
1666 |
+ ret = write_partial_kvec(con); |
1667 |
+diff --git a/net/ceph/mon_client.c b/net/ceph/mon_client.c |
1668 |
+index a8effc8b7280..500481003de4 100644 |
1669 |
+--- a/net/ceph/mon_client.c |
1670 |
++++ b/net/ceph/mon_client.c |
1671 |
+@@ -209,6 +209,14 @@ static void reopen_session(struct ceph_mon_client *monc) |
1672 |
+ __open_session(monc); |
1673 |
+ } |
1674 |
+ |
1675 |
++static void un_backoff(struct ceph_mon_client *monc) |
1676 |
++{ |
1677 |
++ monc->hunt_mult /= 2; /* reduce by 50% */ |
1678 |
++ if (monc->hunt_mult < 1) |
1679 |
++ monc->hunt_mult = 1; |
1680 |
++ dout("%s hunt_mult now %d\n", __func__, monc->hunt_mult); |
1681 |
++} |
1682 |
++ |
1683 |
+ /* |
1684 |
+ * Reschedule delayed work timer. |
1685 |
+ */ |
1686 |
+@@ -955,6 +963,7 @@ static void delayed_work(struct work_struct *work) |
1687 |
+ if (!monc->hunting) { |
1688 |
+ ceph_con_keepalive(&monc->con); |
1689 |
+ __validate_auth(monc); |
1690 |
++ un_backoff(monc); |
1691 |
+ } |
1692 |
+ |
1693 |
+ if (is_auth) { |
1694 |
+@@ -1114,9 +1123,8 @@ static void finish_hunting(struct ceph_mon_client *monc) |
1695 |
+ dout("%s found mon%d\n", __func__, monc->cur_mon); |
1696 |
+ monc->hunting = false; |
1697 |
+ monc->had_a_connection = true; |
1698 |
+- monc->hunt_mult /= 2; /* reduce by 50% */ |
1699 |
+- if (monc->hunt_mult < 1) |
1700 |
+- monc->hunt_mult = 1; |
1701 |
++ un_backoff(monc); |
1702 |
++ __schedule_delayed(monc); |
1703 |
+ } |
1704 |
+ } |
1705 |
+ |
1706 |
+diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c |
1707 |
+index d503285867e7..79018697b477 100644 |
1708 |
+--- a/sound/core/pcm_native.c |
1709 |
++++ b/sound/core/pcm_native.c |
1710 |
+@@ -2729,6 +2729,7 @@ static int snd_pcm_sync_ptr(struct snd_pcm_substream *substream, |
1711 |
+ sync_ptr.s.status.hw_ptr = status->hw_ptr; |
1712 |
+ sync_ptr.s.status.tstamp = status->tstamp; |
1713 |
+ sync_ptr.s.status.suspended_state = status->suspended_state; |
1714 |
++ sync_ptr.s.status.audio_tstamp = status->audio_tstamp; |
1715 |
+ snd_pcm_stream_unlock_irq(substream); |
1716 |
+ if (copy_to_user(_sync_ptr, &sync_ptr, sizeof(sync_ptr))) |
1717 |
+ return -EFAULT; |
1718 |
+diff --git a/sound/core/seq/oss/seq_oss_event.c b/sound/core/seq/oss/seq_oss_event.c |
1719 |
+index c3908862bc8b..86ca584c27b2 100644 |
1720 |
+--- a/sound/core/seq/oss/seq_oss_event.c |
1721 |
++++ b/sound/core/seq/oss/seq_oss_event.c |
1722 |
+@@ -26,6 +26,7 @@ |
1723 |
+ #include <sound/seq_oss_legacy.h> |
1724 |
+ #include "seq_oss_readq.h" |
1725 |
+ #include "seq_oss_writeq.h" |
1726 |
++#include <linux/nospec.h> |
1727 |
+ |
1728 |
+ |
1729 |
+ /* |
1730 |
+@@ -287,10 +288,10 @@ note_on_event(struct seq_oss_devinfo *dp, int dev, int ch, int note, int vel, st |
1731 |
+ { |
1732 |
+ struct seq_oss_synthinfo *info; |
1733 |
+ |
1734 |
+- if (!snd_seq_oss_synth_is_valid(dp, dev)) |
1735 |
++ info = snd_seq_oss_synth_info(dp, dev); |
1736 |
++ if (!info) |
1737 |
+ return -ENXIO; |
1738 |
+ |
1739 |
+- info = &dp->synths[dev]; |
1740 |
+ switch (info->arg.event_passing) { |
1741 |
+ case SNDRV_SEQ_OSS_PROCESS_EVENTS: |
1742 |
+ if (! info->ch || ch < 0 || ch >= info->nr_voices) { |
1743 |
+@@ -298,6 +299,7 @@ note_on_event(struct seq_oss_devinfo *dp, int dev, int ch, int note, int vel, st |
1744 |
+ return set_note_event(dp, dev, SNDRV_SEQ_EVENT_NOTEON, ch, note, vel, ev); |
1745 |
+ } |
1746 |
+ |
1747 |
++ ch = array_index_nospec(ch, info->nr_voices); |
1748 |
+ if (note == 255 && info->ch[ch].note >= 0) { |
1749 |
+ /* volume control */ |
1750 |
+ int type; |
1751 |
+@@ -347,10 +349,10 @@ note_off_event(struct seq_oss_devinfo *dp, int dev, int ch, int note, int vel, s |
1752 |
+ { |
1753 |
+ struct seq_oss_synthinfo *info; |
1754 |
+ |
1755 |
+- if (!snd_seq_oss_synth_is_valid(dp, dev)) |
1756 |
++ info = snd_seq_oss_synth_info(dp, dev); |
1757 |
++ if (!info) |
1758 |
+ return -ENXIO; |
1759 |
+ |
1760 |
+- info = &dp->synths[dev]; |
1761 |
+ switch (info->arg.event_passing) { |
1762 |
+ case SNDRV_SEQ_OSS_PROCESS_EVENTS: |
1763 |
+ if (! info->ch || ch < 0 || ch >= info->nr_voices) { |
1764 |
+@@ -358,6 +360,7 @@ note_off_event(struct seq_oss_devinfo *dp, int dev, int ch, int note, int vel, s |
1765 |
+ return set_note_event(dp, dev, SNDRV_SEQ_EVENT_NOTEON, ch, note, vel, ev); |
1766 |
+ } |
1767 |
+ |
1768 |
++ ch = array_index_nospec(ch, info->nr_voices); |
1769 |
+ if (info->ch[ch].note >= 0) { |
1770 |
+ note = info->ch[ch].note; |
1771 |
+ info->ch[ch].vel = 0; |
1772 |
+@@ -381,7 +384,7 @@ note_off_event(struct seq_oss_devinfo *dp, int dev, int ch, int note, int vel, s |
1773 |
+ static int |
1774 |
+ set_note_event(struct seq_oss_devinfo *dp, int dev, int type, int ch, int note, int vel, struct snd_seq_event *ev) |
1775 |
+ { |
1776 |
+- if (! snd_seq_oss_synth_is_valid(dp, dev)) |
1777 |
++ if (!snd_seq_oss_synth_info(dp, dev)) |
1778 |
+ return -ENXIO; |
1779 |
+ |
1780 |
+ ev->type = type; |
1781 |
+@@ -399,7 +402,7 @@ set_note_event(struct seq_oss_devinfo *dp, int dev, int type, int ch, int note, |
1782 |
+ static int |
1783 |
+ set_control_event(struct seq_oss_devinfo *dp, int dev, int type, int ch, int param, int val, struct snd_seq_event *ev) |
1784 |
+ { |
1785 |
+- if (! snd_seq_oss_synth_is_valid(dp, dev)) |
1786 |
++ if (!snd_seq_oss_synth_info(dp, dev)) |
1787 |
+ return -ENXIO; |
1788 |
+ |
1789 |
+ ev->type = type; |
1790 |
+diff --git a/sound/core/seq/oss/seq_oss_midi.c b/sound/core/seq/oss/seq_oss_midi.c |
1791 |
+index b30b2139e3f0..9debd1b8fd28 100644 |
1792 |
+--- a/sound/core/seq/oss/seq_oss_midi.c |
1793 |
++++ b/sound/core/seq/oss/seq_oss_midi.c |
1794 |
+@@ -29,6 +29,7 @@ |
1795 |
+ #include "../seq_lock.h" |
1796 |
+ #include <linux/init.h> |
1797 |
+ #include <linux/slab.h> |
1798 |
++#include <linux/nospec.h> |
1799 |
+ |
1800 |
+ |
1801 |
+ /* |
1802 |
+@@ -315,6 +316,7 @@ get_mididev(struct seq_oss_devinfo *dp, int dev) |
1803 |
+ { |
1804 |
+ if (dev < 0 || dev >= dp->max_mididev) |
1805 |
+ return NULL; |
1806 |
++ dev = array_index_nospec(dev, dp->max_mididev); |
1807 |
+ return get_mdev(dev); |
1808 |
+ } |
1809 |
+ |
1810 |
+diff --git a/sound/core/seq/oss/seq_oss_synth.c b/sound/core/seq/oss/seq_oss_synth.c |
1811 |
+index cd0e0ebbfdb1..278ebb993122 100644 |
1812 |
+--- a/sound/core/seq/oss/seq_oss_synth.c |
1813 |
++++ b/sound/core/seq/oss/seq_oss_synth.c |
1814 |
+@@ -26,6 +26,7 @@ |
1815 |
+ #include <linux/init.h> |
1816 |
+ #include <linux/module.h> |
1817 |
+ #include <linux/slab.h> |
1818 |
++#include <linux/nospec.h> |
1819 |
+ |
1820 |
+ /* |
1821 |
+ * constants |
1822 |
+@@ -339,17 +340,13 @@ snd_seq_oss_synth_cleanup(struct seq_oss_devinfo *dp) |
1823 |
+ dp->max_synthdev = 0; |
1824 |
+ } |
1825 |
+ |
1826 |
+-/* |
1827 |
+- * check if the specified device is MIDI mapped device |
1828 |
+- */ |
1829 |
+-static int |
1830 |
+-is_midi_dev(struct seq_oss_devinfo *dp, int dev) |
1831 |
++static struct seq_oss_synthinfo * |
1832 |
++get_synthinfo_nospec(struct seq_oss_devinfo *dp, int dev) |
1833 |
+ { |
1834 |
+ if (dev < 0 || dev >= dp->max_synthdev) |
1835 |
+- return 0; |
1836 |
+- if (dp->synths[dev].is_midi) |
1837 |
+- return 1; |
1838 |
+- return 0; |
1839 |
++ return NULL; |
1840 |
++ dev = array_index_nospec(dev, SNDRV_SEQ_OSS_MAX_SYNTH_DEVS); |
1841 |
++ return &dp->synths[dev]; |
1842 |
+ } |
1843 |
+ |
1844 |
+ /* |
1845 |
+@@ -359,14 +356,20 @@ static struct seq_oss_synth * |
1846 |
+ get_synthdev(struct seq_oss_devinfo *dp, int dev) |
1847 |
+ { |
1848 |
+ struct seq_oss_synth *rec; |
1849 |
+- if (dev < 0 || dev >= dp->max_synthdev) |
1850 |
+- return NULL; |
1851 |
+- if (! dp->synths[dev].opened) |
1852 |
++ struct seq_oss_synthinfo *info = get_synthinfo_nospec(dp, dev); |
1853 |
++ |
1854 |
++ if (!info) |
1855 |
+ return NULL; |
1856 |
+- if (dp->synths[dev].is_midi) |
1857 |
+- return &midi_synth_dev; |
1858 |
+- if ((rec = get_sdev(dev)) == NULL) |
1859 |
++ if (!info->opened) |
1860 |
+ return NULL; |
1861 |
++ if (info->is_midi) { |
1862 |
++ rec = &midi_synth_dev; |
1863 |
++ snd_use_lock_use(&rec->use_lock); |
1864 |
++ } else { |
1865 |
++ rec = get_sdev(dev); |
1866 |
++ if (!rec) |
1867 |
++ return NULL; |
1868 |
++ } |
1869 |
+ if (! rec->opened) { |
1870 |
+ snd_use_lock_free(&rec->use_lock); |
1871 |
+ return NULL; |
1872 |
+@@ -402,10 +405,8 @@ snd_seq_oss_synth_reset(struct seq_oss_devinfo *dp, int dev) |
1873 |
+ struct seq_oss_synth *rec; |
1874 |
+ struct seq_oss_synthinfo *info; |
1875 |
+ |
1876 |
+- if (snd_BUG_ON(dev < 0 || dev >= dp->max_synthdev)) |
1877 |
+- return; |
1878 |
+- info = &dp->synths[dev]; |
1879 |
+- if (! info->opened) |
1880 |
++ info = get_synthinfo_nospec(dp, dev); |
1881 |
++ if (!info || !info->opened) |
1882 |
+ return; |
1883 |
+ if (info->sysex) |
1884 |
+ info->sysex->len = 0; /* reset sysex */ |
1885 |
+@@ -454,12 +455,14 @@ snd_seq_oss_synth_load_patch(struct seq_oss_devinfo *dp, int dev, int fmt, |
1886 |
+ const char __user *buf, int p, int c) |
1887 |
+ { |
1888 |
+ struct seq_oss_synth *rec; |
1889 |
++ struct seq_oss_synthinfo *info; |
1890 |
+ int rc; |
1891 |
+ |
1892 |
+- if (dev < 0 || dev >= dp->max_synthdev) |
1893 |
++ info = get_synthinfo_nospec(dp, dev); |
1894 |
++ if (!info) |
1895 |
+ return -ENXIO; |
1896 |
+ |
1897 |
+- if (is_midi_dev(dp, dev)) |
1898 |
++ if (info->is_midi) |
1899 |
+ return 0; |
1900 |
+ if ((rec = get_synthdev(dp, dev)) == NULL) |
1901 |
+ return -ENXIO; |
1902 |
+@@ -467,24 +470,25 @@ snd_seq_oss_synth_load_patch(struct seq_oss_devinfo *dp, int dev, int fmt, |
1903 |
+ if (rec->oper.load_patch == NULL) |
1904 |
+ rc = -ENXIO; |
1905 |
+ else |
1906 |
+- rc = rec->oper.load_patch(&dp->synths[dev].arg, fmt, buf, p, c); |
1907 |
++ rc = rec->oper.load_patch(&info->arg, fmt, buf, p, c); |
1908 |
+ snd_use_lock_free(&rec->use_lock); |
1909 |
+ return rc; |
1910 |
+ } |
1911 |
+ |
1912 |
+ /* |
1913 |
+- * check if the device is valid synth device |
1914 |
++ * check if the device is valid synth device and return the synth info |
1915 |
+ */ |
1916 |
+-int |
1917 |
+-snd_seq_oss_synth_is_valid(struct seq_oss_devinfo *dp, int dev) |
1918 |
++struct seq_oss_synthinfo * |
1919 |
++snd_seq_oss_synth_info(struct seq_oss_devinfo *dp, int dev) |
1920 |
+ { |
1921 |
+ struct seq_oss_synth *rec; |
1922 |
++ |
1923 |
+ rec = get_synthdev(dp, dev); |
1924 |
+ if (rec) { |
1925 |
+ snd_use_lock_free(&rec->use_lock); |
1926 |
+- return 1; |
1927 |
++ return get_synthinfo_nospec(dp, dev); |
1928 |
+ } |
1929 |
+- return 0; |
1930 |
++ return NULL; |
1931 |
+ } |
1932 |
+ |
1933 |
+ |
1934 |
+@@ -499,16 +503,18 @@ snd_seq_oss_synth_sysex(struct seq_oss_devinfo *dp, int dev, unsigned char *buf, |
1935 |
+ int i, send; |
1936 |
+ unsigned char *dest; |
1937 |
+ struct seq_oss_synth_sysex *sysex; |
1938 |
++ struct seq_oss_synthinfo *info; |
1939 |
+ |
1940 |
+- if (! snd_seq_oss_synth_is_valid(dp, dev)) |
1941 |
++ info = snd_seq_oss_synth_info(dp, dev); |
1942 |
++ if (!info) |
1943 |
+ return -ENXIO; |
1944 |
+ |
1945 |
+- sysex = dp->synths[dev].sysex; |
1946 |
++ sysex = info->sysex; |
1947 |
+ if (sysex == NULL) { |
1948 |
+ sysex = kzalloc(sizeof(*sysex), GFP_KERNEL); |
1949 |
+ if (sysex == NULL) |
1950 |
+ return -ENOMEM; |
1951 |
+- dp->synths[dev].sysex = sysex; |
1952 |
++ info->sysex = sysex; |
1953 |
+ } |
1954 |
+ |
1955 |
+ send = 0; |
1956 |
+@@ -553,10 +559,12 @@ snd_seq_oss_synth_sysex(struct seq_oss_devinfo *dp, int dev, unsigned char *buf, |
1957 |
+ int |
1958 |
+ snd_seq_oss_synth_addr(struct seq_oss_devinfo *dp, int dev, struct snd_seq_event *ev) |
1959 |
+ { |
1960 |
+- if (! snd_seq_oss_synth_is_valid(dp, dev)) |
1961 |
++ struct seq_oss_synthinfo *info = snd_seq_oss_synth_info(dp, dev); |
1962 |
++ |
1963 |
++ if (!info) |
1964 |
+ return -EINVAL; |
1965 |
+- snd_seq_oss_fill_addr(dp, ev, dp->synths[dev].arg.addr.client, |
1966 |
+- dp->synths[dev].arg.addr.port); |
1967 |
++ snd_seq_oss_fill_addr(dp, ev, info->arg.addr.client, |
1968 |
++ info->arg.addr.port); |
1969 |
+ return 0; |
1970 |
+ } |
1971 |
+ |
1972 |
+@@ -568,16 +576,18 @@ int |
1973 |
+ snd_seq_oss_synth_ioctl(struct seq_oss_devinfo *dp, int dev, unsigned int cmd, unsigned long addr) |
1974 |
+ { |
1975 |
+ struct seq_oss_synth *rec; |
1976 |
++ struct seq_oss_synthinfo *info; |
1977 |
+ int rc; |
1978 |
+ |
1979 |
+- if (is_midi_dev(dp, dev)) |
1980 |
++ info = get_synthinfo_nospec(dp, dev); |
1981 |
++ if (!info || info->is_midi) |
1982 |
+ return -ENXIO; |
1983 |
+ if ((rec = get_synthdev(dp, dev)) == NULL) |
1984 |
+ return -ENXIO; |
1985 |
+ if (rec->oper.ioctl == NULL) |
1986 |
+ rc = -ENXIO; |
1987 |
+ else |
1988 |
+- rc = rec->oper.ioctl(&dp->synths[dev].arg, cmd, addr); |
1989 |
++ rc = rec->oper.ioctl(&info->arg, cmd, addr); |
1990 |
+ snd_use_lock_free(&rec->use_lock); |
1991 |
+ return rc; |
1992 |
+ } |
1993 |
+@@ -589,7 +599,10 @@ snd_seq_oss_synth_ioctl(struct seq_oss_devinfo *dp, int dev, unsigned int cmd, u |
1994 |
+ int |
1995 |
+ snd_seq_oss_synth_raw_event(struct seq_oss_devinfo *dp, int dev, unsigned char *data, struct snd_seq_event *ev) |
1996 |
+ { |
1997 |
+- if (! snd_seq_oss_synth_is_valid(dp, dev) || is_midi_dev(dp, dev)) |
1998 |
++ struct seq_oss_synthinfo *info; |
1999 |
++ |
2000 |
++ info = snd_seq_oss_synth_info(dp, dev); |
2001 |
++ if (!info || info->is_midi) |
2002 |
+ return -ENXIO; |
2003 |
+ ev->type = SNDRV_SEQ_EVENT_OSS; |
2004 |
+ memcpy(ev->data.raw8.d, data, 8); |
2005 |
+diff --git a/sound/core/seq/oss/seq_oss_synth.h b/sound/core/seq/oss/seq_oss_synth.h |
2006 |
+index 74ac55f166b6..a63f9e22974d 100644 |
2007 |
+--- a/sound/core/seq/oss/seq_oss_synth.h |
2008 |
++++ b/sound/core/seq/oss/seq_oss_synth.h |
2009 |
+@@ -37,7 +37,8 @@ void snd_seq_oss_synth_cleanup(struct seq_oss_devinfo *dp); |
2010 |
+ void snd_seq_oss_synth_reset(struct seq_oss_devinfo *dp, int dev); |
2011 |
+ int snd_seq_oss_synth_load_patch(struct seq_oss_devinfo *dp, int dev, int fmt, |
2012 |
+ const char __user *buf, int p, int c); |
2013 |
+-int snd_seq_oss_synth_is_valid(struct seq_oss_devinfo *dp, int dev); |
2014 |
++struct seq_oss_synthinfo *snd_seq_oss_synth_info(struct seq_oss_devinfo *dp, |
2015 |
++ int dev); |
2016 |
+ int snd_seq_oss_synth_sysex(struct seq_oss_devinfo *dp, int dev, unsigned char *buf, |
2017 |
+ struct snd_seq_event *ev); |
2018 |
+ int snd_seq_oss_synth_addr(struct seq_oss_devinfo *dp, int dev, struct snd_seq_event *ev); |
2019 |
+diff --git a/sound/drivers/opl3/opl3_synth.c b/sound/drivers/opl3/opl3_synth.c |
2020 |
+index ddcc1a325a61..42920a243328 100644 |
2021 |
+--- a/sound/drivers/opl3/opl3_synth.c |
2022 |
++++ b/sound/drivers/opl3/opl3_synth.c |
2023 |
+@@ -21,6 +21,7 @@ |
2024 |
+ |
2025 |
+ #include <linux/slab.h> |
2026 |
+ #include <linux/export.h> |
2027 |
++#include <linux/nospec.h> |
2028 |
+ #include <sound/opl3.h> |
2029 |
+ #include <sound/asound_fm.h> |
2030 |
+ |
2031 |
+@@ -448,7 +449,7 @@ static int snd_opl3_set_voice(struct snd_opl3 * opl3, struct snd_dm_fm_voice * v |
2032 |
+ { |
2033 |
+ unsigned short reg_side; |
2034 |
+ unsigned char op_offset; |
2035 |
+- unsigned char voice_offset; |
2036 |
++ unsigned char voice_offset, voice_op; |
2037 |
+ |
2038 |
+ unsigned short opl3_reg; |
2039 |
+ unsigned char reg_val; |
2040 |
+@@ -473,7 +474,9 @@ static int snd_opl3_set_voice(struct snd_opl3 * opl3, struct snd_dm_fm_voice * v |
2041 |
+ voice_offset = voice->voice - MAX_OPL2_VOICES; |
2042 |
+ } |
2043 |
+ /* Get register offset of operator */ |
2044 |
+- op_offset = snd_opl3_regmap[voice_offset][voice->op]; |
2045 |
++ voice_offset = array_index_nospec(voice_offset, MAX_OPL2_VOICES); |
2046 |
++ voice_op = array_index_nospec(voice->op, 4); |
2047 |
++ op_offset = snd_opl3_regmap[voice_offset][voice_op]; |
2048 |
+ |
2049 |
+ reg_val = 0x00; |
2050 |
+ /* Set amplitude modulation (tremolo) effect */ |
2051 |
+diff --git a/sound/firewire/dice/dice-stream.c b/sound/firewire/dice/dice-stream.c |
2052 |
+index ec4db3a514fc..257cfbfadb4a 100644 |
2053 |
+--- a/sound/firewire/dice/dice-stream.c |
2054 |
++++ b/sound/firewire/dice/dice-stream.c |
2055 |
+@@ -425,7 +425,7 @@ int snd_dice_stream_init_duplex(struct snd_dice *dice) |
2056 |
+ err = init_stream(dice, AMDTP_IN_STREAM, i); |
2057 |
+ if (err < 0) { |
2058 |
+ for (; i >= 0; i--) |
2059 |
+- destroy_stream(dice, AMDTP_OUT_STREAM, i); |
2060 |
++ destroy_stream(dice, AMDTP_IN_STREAM, i); |
2061 |
+ goto end; |
2062 |
+ } |
2063 |
+ } |
2064 |
+diff --git a/sound/firewire/dice/dice.c b/sound/firewire/dice/dice.c |
2065 |
+index 25e9f77275c4..0d3d36fb1540 100644 |
2066 |
+--- a/sound/firewire/dice/dice.c |
2067 |
++++ b/sound/firewire/dice/dice.c |
2068 |
+@@ -14,7 +14,7 @@ MODULE_LICENSE("GPL v2"); |
2069 |
+ #define OUI_WEISS 0x001c6a |
2070 |
+ #define OUI_LOUD 0x000ff2 |
2071 |
+ #define OUI_FOCUSRITE 0x00130e |
2072 |
+-#define OUI_TCELECTRONIC 0x001486 |
2073 |
++#define OUI_TCELECTRONIC 0x000166 |
2074 |
+ |
2075 |
+ #define DICE_CATEGORY_ID 0x04 |
2076 |
+ #define WEISS_CATEGORY_ID 0x00 |
2077 |
+diff --git a/sound/pci/asihpi/hpimsginit.c b/sound/pci/asihpi/hpimsginit.c |
2078 |
+index 7eb617175fde..a31a70dccecf 100644 |
2079 |
+--- a/sound/pci/asihpi/hpimsginit.c |
2080 |
++++ b/sound/pci/asihpi/hpimsginit.c |
2081 |
+@@ -23,6 +23,7 @@ |
2082 |
+ |
2083 |
+ #include "hpi_internal.h" |
2084 |
+ #include "hpimsginit.h" |
2085 |
++#include <linux/nospec.h> |
2086 |
+ |
2087 |
+ /* The actual message size for each object type */ |
2088 |
+ static u16 msg_size[HPI_OBJ_MAXINDEX + 1] = HPI_MESSAGE_SIZE_BY_OBJECT; |
2089 |
+@@ -39,10 +40,12 @@ static void hpi_init_message(struct hpi_message *phm, u16 object, |
2090 |
+ { |
2091 |
+ u16 size; |
2092 |
+ |
2093 |
+- if ((object > 0) && (object <= HPI_OBJ_MAXINDEX)) |
2094 |
++ if ((object > 0) && (object <= HPI_OBJ_MAXINDEX)) { |
2095 |
++ object = array_index_nospec(object, HPI_OBJ_MAXINDEX + 1); |
2096 |
+ size = msg_size[object]; |
2097 |
+- else |
2098 |
++ } else { |
2099 |
+ size = sizeof(*phm); |
2100 |
++ } |
2101 |
+ |
2102 |
+ memset(phm, 0, size); |
2103 |
+ phm->size = size; |
2104 |
+@@ -66,10 +69,12 @@ void hpi_init_response(struct hpi_response *phr, u16 object, u16 function, |
2105 |
+ { |
2106 |
+ u16 size; |
2107 |
+ |
2108 |
+- if ((object > 0) && (object <= HPI_OBJ_MAXINDEX)) |
2109 |
++ if ((object > 0) && (object <= HPI_OBJ_MAXINDEX)) { |
2110 |
++ object = array_index_nospec(object, HPI_OBJ_MAXINDEX + 1); |
2111 |
+ size = res_size[object]; |
2112 |
+- else |
2113 |
++ } else { |
2114 |
+ size = sizeof(*phr); |
2115 |
++ } |
2116 |
+ |
2117 |
+ memset(phr, 0, sizeof(*phr)); |
2118 |
+ phr->size = size; |
2119 |
+diff --git a/sound/pci/asihpi/hpioctl.c b/sound/pci/asihpi/hpioctl.c |
2120 |
+index 7e3aa50b21f9..3ef9af53ef49 100644 |
2121 |
+--- a/sound/pci/asihpi/hpioctl.c |
2122 |
++++ b/sound/pci/asihpi/hpioctl.c |
2123 |
+@@ -33,6 +33,7 @@ |
2124 |
+ #include <linux/stringify.h> |
2125 |
+ #include <linux/module.h> |
2126 |
+ #include <linux/vmalloc.h> |
2127 |
++#include <linux/nospec.h> |
2128 |
+ |
2129 |
+ #ifdef MODULE_FIRMWARE |
2130 |
+ MODULE_FIRMWARE("asihpi/dsp5000.bin"); |
2131 |
+@@ -182,7 +183,8 @@ long asihpi_hpi_ioctl(struct file *file, unsigned int cmd, unsigned long arg) |
2132 |
+ struct hpi_adapter *pa = NULL; |
2133 |
+ |
2134 |
+ if (hm->h.adapter_index < ARRAY_SIZE(adapters)) |
2135 |
+- pa = &adapters[hm->h.adapter_index]; |
2136 |
++ pa = &adapters[array_index_nospec(hm->h.adapter_index, |
2137 |
++ ARRAY_SIZE(adapters))]; |
2138 |
+ |
2139 |
+ if (!pa || !pa->adapter || !pa->adapter->type) { |
2140 |
+ hpi_init_response(&hr->r0, hm->h.object, |
2141 |
+diff --git a/sound/pci/hda/hda_hwdep.c b/sound/pci/hda/hda_hwdep.c |
2142 |
+index 57df06e76968..cc009a4a3d1d 100644 |
2143 |
+--- a/sound/pci/hda/hda_hwdep.c |
2144 |
++++ b/sound/pci/hda/hda_hwdep.c |
2145 |
+@@ -21,6 +21,7 @@ |
2146 |
+ #include <linux/init.h> |
2147 |
+ #include <linux/slab.h> |
2148 |
+ #include <linux/compat.h> |
2149 |
++#include <linux/nospec.h> |
2150 |
+ #include <sound/core.h> |
2151 |
+ #include "hda_codec.h" |
2152 |
+ #include "hda_local.h" |
2153 |
+@@ -51,7 +52,16 @@ static int get_wcap_ioctl(struct hda_codec *codec, |
2154 |
+ |
2155 |
+ if (get_user(verb, &arg->verb)) |
2156 |
+ return -EFAULT; |
2157 |
+- res = get_wcaps(codec, verb >> 24); |
2158 |
++ /* open-code get_wcaps(verb>>24) with nospec */ |
2159 |
++ verb >>= 24; |
2160 |
++ if (verb < codec->core.start_nid || |
2161 |
++ verb >= codec->core.start_nid + codec->core.num_nodes) { |
2162 |
++ res = 0; |
2163 |
++ } else { |
2164 |
++ verb -= codec->core.start_nid; |
2165 |
++ verb = array_index_nospec(verb, codec->core.num_nodes); |
2166 |
++ res = codec->wcaps[verb]; |
2167 |
++ } |
2168 |
+ if (put_user(res, &arg->res)) |
2169 |
+ return -EFAULT; |
2170 |
+ return 0; |
2171 |
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
2172 |
+index e2230bed7409..7ece1ab57eef 100644 |
2173 |
+--- a/sound/pci/hda/patch_realtek.c |
2174 |
++++ b/sound/pci/hda/patch_realtek.c |
2175 |
+@@ -329,6 +329,7 @@ static void alc_fill_eapd_coef(struct hda_codec *codec) |
2176 |
+ break; |
2177 |
+ case 0x10ec0225: |
2178 |
+ case 0x10ec0233: |
2179 |
++ case 0x10ec0235: |
2180 |
+ case 0x10ec0236: |
2181 |
+ case 0x10ec0255: |
2182 |
+ case 0x10ec0256: |
2183 |
+@@ -6359,6 +6360,7 @@ static int patch_alc269(struct hda_codec *codec) |
2184 |
+ case 0x10ec0298: |
2185 |
+ spec->codec_variant = ALC269_TYPE_ALC298; |
2186 |
+ break; |
2187 |
++ case 0x10ec0235: |
2188 |
+ case 0x10ec0255: |
2189 |
+ spec->codec_variant = ALC269_TYPE_ALC255; |
2190 |
+ break; |
2191 |
+diff --git a/sound/pci/rme9652/hdspm.c b/sound/pci/rme9652/hdspm.c |
2192 |
+index 14bbf55c1ef9..9899ef4c7efa 100644 |
2193 |
+--- a/sound/pci/rme9652/hdspm.c |
2194 |
++++ b/sound/pci/rme9652/hdspm.c |
2195 |
+@@ -137,6 +137,7 @@ |
2196 |
+ #include <linux/pci.h> |
2197 |
+ #include <linux/math64.h> |
2198 |
+ #include <linux/io.h> |
2199 |
++#include <linux/nospec.h> |
2200 |
+ |
2201 |
+ #include <sound/core.h> |
2202 |
+ #include <sound/control.h> |
2203 |
+@@ -5692,40 +5693,43 @@ static int snd_hdspm_channel_info(struct snd_pcm_substream *substream, |
2204 |
+ struct snd_pcm_channel_info *info) |
2205 |
+ { |
2206 |
+ struct hdspm *hdspm = snd_pcm_substream_chip(substream); |
2207 |
++ unsigned int channel = info->channel; |
2208 |
+ |
2209 |
+ if (substream->stream == SNDRV_PCM_STREAM_PLAYBACK) { |
2210 |
+- if (snd_BUG_ON(info->channel >= hdspm->max_channels_out)) { |
2211 |
++ if (snd_BUG_ON(channel >= hdspm->max_channels_out)) { |
2212 |
+ dev_info(hdspm->card->dev, |
2213 |
+ "snd_hdspm_channel_info: output channel out of range (%d)\n", |
2214 |
+- info->channel); |
2215 |
++ channel); |
2216 |
+ return -EINVAL; |
2217 |
+ } |
2218 |
+ |
2219 |
+- if (hdspm->channel_map_out[info->channel] < 0) { |
2220 |
++ channel = array_index_nospec(channel, hdspm->max_channels_out); |
2221 |
++ if (hdspm->channel_map_out[channel] < 0) { |
2222 |
+ dev_info(hdspm->card->dev, |
2223 |
+ "snd_hdspm_channel_info: output channel %d mapped out\n", |
2224 |
+- info->channel); |
2225 |
++ channel); |
2226 |
+ return -EINVAL; |
2227 |
+ } |
2228 |
+ |
2229 |
+- info->offset = hdspm->channel_map_out[info->channel] * |
2230 |
++ info->offset = hdspm->channel_map_out[channel] * |
2231 |
+ HDSPM_CHANNEL_BUFFER_BYTES; |
2232 |
+ } else { |
2233 |
+- if (snd_BUG_ON(info->channel >= hdspm->max_channels_in)) { |
2234 |
++ if (snd_BUG_ON(channel >= hdspm->max_channels_in)) { |
2235 |
+ dev_info(hdspm->card->dev, |
2236 |
+ "snd_hdspm_channel_info: input channel out of range (%d)\n", |
2237 |
+- info->channel); |
2238 |
++ channel); |
2239 |
+ return -EINVAL; |
2240 |
+ } |
2241 |
+ |
2242 |
+- if (hdspm->channel_map_in[info->channel] < 0) { |
2243 |
++ channel = array_index_nospec(channel, hdspm->max_channels_in); |
2244 |
++ if (hdspm->channel_map_in[channel] < 0) { |
2245 |
+ dev_info(hdspm->card->dev, |
2246 |
+ "snd_hdspm_channel_info: input channel %d mapped out\n", |
2247 |
+- info->channel); |
2248 |
++ channel); |
2249 |
+ return -EINVAL; |
2250 |
+ } |
2251 |
+ |
2252 |
+- info->offset = hdspm->channel_map_in[info->channel] * |
2253 |
++ info->offset = hdspm->channel_map_in[channel] * |
2254 |
+ HDSPM_CHANNEL_BUFFER_BYTES; |
2255 |
+ } |
2256 |
+ |
2257 |
+diff --git a/sound/pci/rme9652/rme9652.c b/sound/pci/rme9652/rme9652.c |
2258 |
+index 55172c689991..a76b1f147660 100644 |
2259 |
+--- a/sound/pci/rme9652/rme9652.c |
2260 |
++++ b/sound/pci/rme9652/rme9652.c |
2261 |
+@@ -26,6 +26,7 @@ |
2262 |
+ #include <linux/pci.h> |
2263 |
+ #include <linux/module.h> |
2264 |
+ #include <linux/io.h> |
2265 |
++#include <linux/nospec.h> |
2266 |
+ |
2267 |
+ #include <sound/core.h> |
2268 |
+ #include <sound/control.h> |
2269 |
+@@ -2036,9 +2037,10 @@ static int snd_rme9652_channel_info(struct snd_pcm_substream *substream, |
2270 |
+ if (snd_BUG_ON(info->channel >= RME9652_NCHANNELS)) |
2271 |
+ return -EINVAL; |
2272 |
+ |
2273 |
+- if ((chn = rme9652->channel_map[info->channel]) < 0) { |
2274 |
++ chn = rme9652->channel_map[array_index_nospec(info->channel, |
2275 |
++ RME9652_NCHANNELS)]; |
2276 |
++ if (chn < 0) |
2277 |
+ return -EINVAL; |
2278 |
+- } |
2279 |
+ |
2280 |
+ info->offset = chn * RME9652_CHANNEL_BUFFER_BYTES; |
2281 |
+ info->first = 0; |
2282 |
+diff --git a/sound/soc/fsl/fsl_esai.c b/sound/soc/fsl/fsl_esai.c |
2283 |
+index 38bfd46f4ad8..3ef174531344 100644 |
2284 |
+--- a/sound/soc/fsl/fsl_esai.c |
2285 |
++++ b/sound/soc/fsl/fsl_esai.c |
2286 |
+@@ -145,6 +145,13 @@ static int fsl_esai_divisor_cal(struct snd_soc_dai *dai, bool tx, u32 ratio, |
2287 |
+ |
2288 |
+ psr = ratio <= 256 * maxfp ? ESAI_xCCR_xPSR_BYPASS : ESAI_xCCR_xPSR_DIV8; |
2289 |
+ |
2290 |
++ /* Do not loop-search if PM (1 ~ 256) alone can serve the ratio */ |
2291 |
++ if (ratio <= 256) { |
2292 |
++ pm = ratio; |
2293 |
++ fp = 1; |
2294 |
++ goto out; |
2295 |
++ } |
2296 |
++ |
2297 |
+ /* Set the max fluctuation -- 0.1% of the max devisor */ |
2298 |
+ savesub = (psr ? 1 : 8) * 256 * maxfp / 1000; |
2299 |
+ |
2300 |
+diff --git a/sound/usb/mixer_maps.c b/sound/usb/mixer_maps.c |
2301 |
+index 9038b2e7df73..eaa03acd4686 100644 |
2302 |
+--- a/sound/usb/mixer_maps.c |
2303 |
++++ b/sound/usb/mixer_maps.c |
2304 |
+@@ -353,8 +353,11 @@ static struct usbmix_name_map bose_companion5_map[] = { |
2305 |
+ /* |
2306 |
+ * Dell usb dock with ALC4020 codec had a firmware problem where it got |
2307 |
+ * screwed up when zero volume is passed; just skip it as a workaround |
2308 |
++ * |
2309 |
++ * Also the extension unit gives an access error, so skip it as well. |
2310 |
+ */ |
2311 |
+ static const struct usbmix_name_map dell_alc4020_map[] = { |
2312 |
++ { 4, NULL }, /* extension unit */ |
2313 |
+ { 16, NULL }, |
2314 |
+ { 19, NULL }, |
2315 |
+ { 0 } |
2316 |
+diff --git a/tools/lib/str_error_r.c b/tools/lib/str_error_r.c |
2317 |
+index 503ae072244c..9ab2d0ad22d5 100644 |
2318 |
+--- a/tools/lib/str_error_r.c |
2319 |
++++ b/tools/lib/str_error_r.c |
2320 |
+@@ -21,6 +21,6 @@ char *str_error_r(int errnum, char *buf, size_t buflen) |
2321 |
+ { |
2322 |
+ int err = strerror_r(errnum, buf, buflen); |
2323 |
+ if (err) |
2324 |
+- snprintf(buf, buflen, "INTERNAL ERROR: strerror_r(%d, %p, %zd)=%d", errnum, buf, buflen, err); |
2325 |
++ snprintf(buf, buflen, "INTERNAL ERROR: strerror_r(%d, [buf], %zd)=%d", errnum, buflen, err); |
2326 |
+ return buf; |
2327 |
+ } |
2328 |
+diff --git a/tools/lib/subcmd/pager.c b/tools/lib/subcmd/pager.c |
2329 |
+index 6518bea926d6..68af60fdf0b9 100644 |
2330 |
+--- a/tools/lib/subcmd/pager.c |
2331 |
++++ b/tools/lib/subcmd/pager.c |
2332 |
+@@ -29,10 +29,13 @@ static void pager_preexec(void) |
2333 |
+ * have real input |
2334 |
+ */ |
2335 |
+ fd_set in; |
2336 |
++ fd_set exception; |
2337 |
+ |
2338 |
+ FD_ZERO(&in); |
2339 |
++ FD_ZERO(&exception); |
2340 |
+ FD_SET(0, &in); |
2341 |
+- select(1, &in, NULL, &in, NULL); |
2342 |
++ FD_SET(0, &exception); |
2343 |
++ select(1, &in, NULL, &exception, NULL); |
2344 |
+ |
2345 |
+ setenv("LESS", "FRSX", 0); |
2346 |
+ } |