1 |
commit: a246795e14884680031e6838755d88dfa0ce1790 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Sep 29 17:50:31 2015 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Sep 29 17:50:31 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=a246795e |
7 |
|
8 |
Linux patch 4.1.9 |
9 |
|
10 |
0000_README | 4 + |
11 |
1008_linux-4.1.9.patch | 5955 ++++++++++++++++++++++++++++++++++++++++++++++++ |
12 |
2 files changed, 5959 insertions(+) |
13 |
|
14 |
diff --git a/0000_README b/0000_README |
15 |
index 4a96d2e..46b8cb0 100644 |
16 |
--- a/0000_README |
17 |
+++ b/0000_README |
18 |
@@ -75,6 +75,10 @@ Patch: 1007_linux-4.1.8.patch |
19 |
From: http://www.kernel.org |
20 |
Desc: Linux 4.1.8 |
21 |
|
22 |
+Patch: 1008_linux-4.1.9.patch |
23 |
+From: http://www.kernel.org |
24 |
+Desc: Linux 4.1.9 |
25 |
+ |
26 |
Patch: 1500_XATTR_USER_PREFIX.patch |
27 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
28 |
Desc: Support for namespace user.pax.* on tmpfs. |
29 |
|
30 |
diff --git a/1008_linux-4.1.9.patch b/1008_linux-4.1.9.patch |
31 |
new file mode 100644 |
32 |
index 0000000..000c373 |
33 |
--- /dev/null |
34 |
+++ b/1008_linux-4.1.9.patch |
35 |
@@ -0,0 +1,5955 @@ |
36 |
+diff --git a/Makefile b/Makefile |
37 |
+index dbf3baa5fabb..e071176b2ce6 100644 |
38 |
+--- a/Makefile |
39 |
++++ b/Makefile |
40 |
+@@ -1,6 +1,6 @@ |
41 |
+ VERSION = 4 |
42 |
+ PATCHLEVEL = 1 |
43 |
+-SUBLEVEL = 8 |
44 |
++SUBLEVEL = 9 |
45 |
+ EXTRAVERSION = |
46 |
+ NAME = Series 4800 |
47 |
+ |
48 |
+diff --git a/arch/arm/boot/compressed/decompress.c b/arch/arm/boot/compressed/decompress.c |
49 |
+index bd245d34952d..a0765e7ed6c7 100644 |
50 |
+--- a/arch/arm/boot/compressed/decompress.c |
51 |
++++ b/arch/arm/boot/compressed/decompress.c |
52 |
+@@ -57,5 +57,5 @@ extern char * strstr(const char * s1, const char *s2); |
53 |
+ |
54 |
+ int do_decompress(u8 *input, int len, u8 *output, void (*error)(char *x)) |
55 |
+ { |
56 |
+- return decompress(input, len, NULL, NULL, output, NULL, error); |
57 |
++ return __decompress(input, len, NULL, NULL, output, 0, NULL, error); |
58 |
+ } |
59 |
+diff --git a/arch/arm/kvm/arm.c b/arch/arm/kvm/arm.c |
60 |
+index d9631ecddd56..d6223cbcb661 100644 |
61 |
+--- a/arch/arm/kvm/arm.c |
62 |
++++ b/arch/arm/kvm/arm.c |
63 |
+@@ -450,7 +450,7 @@ static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu) |
64 |
+ * Map the VGIC hardware resources before running a vcpu the first |
65 |
+ * time on this VM. |
66 |
+ */ |
67 |
+- if (unlikely(!vgic_ready(kvm))) { |
68 |
++ if (unlikely(irqchip_in_kernel(kvm) && !vgic_ready(kvm))) { |
69 |
+ ret = kvm_vgic_map_resources(kvm); |
70 |
+ if (ret) |
71 |
+ return ret; |
72 |
+diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig |
73 |
+index 7796af4b1d6f..6f0a3b41b009 100644 |
74 |
+--- a/arch/arm64/Kconfig |
75 |
++++ b/arch/arm64/Kconfig |
76 |
+@@ -101,6 +101,10 @@ config NO_IOPORT_MAP |
77 |
+ config STACKTRACE_SUPPORT |
78 |
+ def_bool y |
79 |
+ |
80 |
++config ILLEGAL_POINTER_VALUE |
81 |
++ hex |
82 |
++ default 0xdead000000000000 |
83 |
++ |
84 |
+ config LOCKDEP_SUPPORT |
85 |
+ def_bool y |
86 |
+ |
87 |
+@@ -409,6 +413,22 @@ config ARM64_ERRATUM_845719 |
88 |
+ |
89 |
+ If unsure, say Y. |
90 |
+ |
91 |
++config ARM64_ERRATUM_843419 |
92 |
++ bool "Cortex-A53: 843419: A load or store might access an incorrect address" |
93 |
++ depends on MODULES |
94 |
++ default y |
95 |
++ help |
96 |
++ This option builds kernel modules using the large memory model in |
97 |
++ order to avoid the use of the ADRP instruction, which can cause |
98 |
++ a subsequent memory access to use an incorrect address on Cortex-A53 |
99 |
++ parts up to r0p4. |
100 |
++ |
101 |
++ Note that the kernel itself must be linked with a version of ld |
102 |
++ which fixes potentially affected ADRP instructions through the |
103 |
++ use of veneers. |
104 |
++ |
105 |
++ If unsure, say Y. |
106 |
++ |
107 |
+ endmenu |
108 |
+ |
109 |
+ |
110 |
+diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile |
111 |
+index 4d2a925998f9..81151663ef38 100644 |
112 |
+--- a/arch/arm64/Makefile |
113 |
++++ b/arch/arm64/Makefile |
114 |
+@@ -30,6 +30,10 @@ endif |
115 |
+ |
116 |
+ CHECKFLAGS += -D__aarch64__ |
117 |
+ |
118 |
++ifeq ($(CONFIG_ARM64_ERRATUM_843419), y) |
119 |
++CFLAGS_MODULE += -mcmodel=large |
120 |
++endif |
121 |
++ |
122 |
+ # Default value |
123 |
+ head-y := arch/arm64/kernel/head.o |
124 |
+ |
125 |
+diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h |
126 |
+index f800d45ea226..44a59c20e773 100644 |
127 |
+--- a/arch/arm64/include/asm/memory.h |
128 |
++++ b/arch/arm64/include/asm/memory.h |
129 |
+@@ -114,6 +114,14 @@ extern phys_addr_t memstart_addr; |
130 |
+ #define PHYS_OFFSET ({ memstart_addr; }) |
131 |
+ |
132 |
+ /* |
133 |
++ * The maximum physical address that the linear direct mapping |
134 |
++ * of system RAM can cover. (PAGE_OFFSET can be interpreted as |
135 |
++ * a 2's complement signed quantity and negated to derive the |
136 |
++ * maximum size of the linear mapping.) |
137 |
++ */ |
138 |
++#define MAX_MEMBLOCK_ADDR ({ memstart_addr - PAGE_OFFSET - 1; }) |
139 |
++ |
140 |
++/* |
141 |
+ * PFNs are used to describe any physical page; this means |
142 |
+ * PFN 0 == physical address 0. |
143 |
+ * |
144 |
+diff --git a/arch/arm64/kernel/fpsimd.c b/arch/arm64/kernel/fpsimd.c |
145 |
+index 3dca15634e69..c31e59fe2cb8 100644 |
146 |
+--- a/arch/arm64/kernel/fpsimd.c |
147 |
++++ b/arch/arm64/kernel/fpsimd.c |
148 |
+@@ -157,6 +157,7 @@ void fpsimd_thread_switch(struct task_struct *next) |
149 |
+ void fpsimd_flush_thread(void) |
150 |
+ { |
151 |
+ memset(¤t->thread.fpsimd_state, 0, sizeof(struct fpsimd_state)); |
152 |
++ fpsimd_flush_task_state(current); |
153 |
+ set_thread_flag(TIF_FOREIGN_FPSTATE); |
154 |
+ } |
155 |
+ |
156 |
+diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S |
157 |
+index 19f915e8f6e0..36aa31ff2c06 100644 |
158 |
+--- a/arch/arm64/kernel/head.S |
159 |
++++ b/arch/arm64/kernel/head.S |
160 |
+@@ -565,6 +565,11 @@ CPU_LE( movk x0, #0x30d0, lsl #16 ) // Clear EE and E0E on LE systems |
161 |
+ msr hstr_el2, xzr // Disable CP15 traps to EL2 |
162 |
+ #endif |
163 |
+ |
164 |
++ /* EL2 debug */ |
165 |
++ mrs x0, pmcr_el0 // Disable debug access traps |
166 |
++ ubfx x0, x0, #11, #5 // to EL2 and allow access to |
167 |
++ msr mdcr_el2, x0 // all PMU counters from EL1 |
168 |
++ |
169 |
+ /* Stage-2 translation */ |
170 |
+ msr vttbr_el2, xzr |
171 |
+ |
172 |
+diff --git a/arch/arm64/kernel/module.c b/arch/arm64/kernel/module.c |
173 |
+index 67bf4107f6ef..876eb8df50bf 100644 |
174 |
+--- a/arch/arm64/kernel/module.c |
175 |
++++ b/arch/arm64/kernel/module.c |
176 |
+@@ -332,12 +332,14 @@ int apply_relocate_add(Elf64_Shdr *sechdrs, |
177 |
+ ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 0, 21, |
178 |
+ AARCH64_INSN_IMM_ADR); |
179 |
+ break; |
180 |
++#ifndef CONFIG_ARM64_ERRATUM_843419 |
181 |
+ case R_AARCH64_ADR_PREL_PG_HI21_NC: |
182 |
+ overflow_check = false; |
183 |
+ case R_AARCH64_ADR_PREL_PG_HI21: |
184 |
+ ovf = reloc_insn_imm(RELOC_OP_PAGE, loc, val, 12, 21, |
185 |
+ AARCH64_INSN_IMM_ADR); |
186 |
+ break; |
187 |
++#endif |
188 |
+ case R_AARCH64_ADD_ABS_LO12_NC: |
189 |
+ case R_AARCH64_LDST8_ABS_LO12_NC: |
190 |
+ overflow_check = false; |
191 |
+diff --git a/arch/arm64/kernel/signal32.c b/arch/arm64/kernel/signal32.c |
192 |
+index c0cff3410166..c58aee062590 100644 |
193 |
+--- a/arch/arm64/kernel/signal32.c |
194 |
++++ b/arch/arm64/kernel/signal32.c |
195 |
+@@ -212,14 +212,32 @@ int copy_siginfo_from_user32(siginfo_t *to, compat_siginfo_t __user *from) |
196 |
+ |
197 |
+ /* |
198 |
+ * VFP save/restore code. |
199 |
++ * |
200 |
++ * We have to be careful with endianness, since the fpsimd context-switch |
201 |
++ * code operates on 128-bit (Q) register values whereas the compat ABI |
202 |
++ * uses an array of 64-bit (D) registers. Consequently, we need to swap |
203 |
++ * the two halves of each Q register when running on a big-endian CPU. |
204 |
+ */ |
205 |
++union __fpsimd_vreg { |
206 |
++ __uint128_t raw; |
207 |
++ struct { |
208 |
++#ifdef __AARCH64EB__ |
209 |
++ u64 hi; |
210 |
++ u64 lo; |
211 |
++#else |
212 |
++ u64 lo; |
213 |
++ u64 hi; |
214 |
++#endif |
215 |
++ }; |
216 |
++}; |
217 |
++ |
218 |
+ static int compat_preserve_vfp_context(struct compat_vfp_sigframe __user *frame) |
219 |
+ { |
220 |
+ struct fpsimd_state *fpsimd = ¤t->thread.fpsimd_state; |
221 |
+ compat_ulong_t magic = VFP_MAGIC; |
222 |
+ compat_ulong_t size = VFP_STORAGE_SIZE; |
223 |
+ compat_ulong_t fpscr, fpexc; |
224 |
+- int err = 0; |
225 |
++ int i, err = 0; |
226 |
+ |
227 |
+ /* |
228 |
+ * Save the hardware registers to the fpsimd_state structure. |
229 |
+@@ -235,10 +253,15 @@ static int compat_preserve_vfp_context(struct compat_vfp_sigframe __user *frame) |
230 |
+ /* |
231 |
+ * Now copy the FP registers. Since the registers are packed, |
232 |
+ * we can copy the prefix we want (V0-V15) as it is. |
233 |
+- * FIXME: Won't work if big endian. |
234 |
+ */ |
235 |
+- err |= __copy_to_user(&frame->ufp.fpregs, fpsimd->vregs, |
236 |
+- sizeof(frame->ufp.fpregs)); |
237 |
++ for (i = 0; i < ARRAY_SIZE(frame->ufp.fpregs); i += 2) { |
238 |
++ union __fpsimd_vreg vreg = { |
239 |
++ .raw = fpsimd->vregs[i >> 1], |
240 |
++ }; |
241 |
++ |
242 |
++ __put_user_error(vreg.lo, &frame->ufp.fpregs[i], err); |
243 |
++ __put_user_error(vreg.hi, &frame->ufp.fpregs[i + 1], err); |
244 |
++ } |
245 |
+ |
246 |
+ /* Create an AArch32 fpscr from the fpsr and the fpcr. */ |
247 |
+ fpscr = (fpsimd->fpsr & VFP_FPSCR_STAT_MASK) | |
248 |
+@@ -263,7 +286,7 @@ static int compat_restore_vfp_context(struct compat_vfp_sigframe __user *frame) |
249 |
+ compat_ulong_t magic = VFP_MAGIC; |
250 |
+ compat_ulong_t size = VFP_STORAGE_SIZE; |
251 |
+ compat_ulong_t fpscr; |
252 |
+- int err = 0; |
253 |
++ int i, err = 0; |
254 |
+ |
255 |
+ __get_user_error(magic, &frame->magic, err); |
256 |
+ __get_user_error(size, &frame->size, err); |
257 |
+@@ -273,12 +296,14 @@ static int compat_restore_vfp_context(struct compat_vfp_sigframe __user *frame) |
258 |
+ if (magic != VFP_MAGIC || size != VFP_STORAGE_SIZE) |
259 |
+ return -EINVAL; |
260 |
+ |
261 |
+- /* |
262 |
+- * Copy the FP registers into the start of the fpsimd_state. |
263 |
+- * FIXME: Won't work if big endian. |
264 |
+- */ |
265 |
+- err |= __copy_from_user(fpsimd.vregs, frame->ufp.fpregs, |
266 |
+- sizeof(frame->ufp.fpregs)); |
267 |
++ /* Copy the FP registers into the start of the fpsimd_state. */ |
268 |
++ for (i = 0; i < ARRAY_SIZE(frame->ufp.fpregs); i += 2) { |
269 |
++ union __fpsimd_vreg vreg; |
270 |
++ |
271 |
++ __get_user_error(vreg.lo, &frame->ufp.fpregs[i], err); |
272 |
++ __get_user_error(vreg.hi, &frame->ufp.fpregs[i + 1], err); |
273 |
++ fpsimd.vregs[i >> 1] = vreg.raw; |
274 |
++ } |
275 |
+ |
276 |
+ /* Extract the fpsr and the fpcr from the fpscr */ |
277 |
+ __get_user_error(fpscr, &frame->ufp.fpscr, err); |
278 |
+diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S |
279 |
+index 5befd010e232..64f9e60b31da 100644 |
280 |
+--- a/arch/arm64/kvm/hyp.S |
281 |
++++ b/arch/arm64/kvm/hyp.S |
282 |
+@@ -844,8 +844,6 @@ |
283 |
+ mrs x3, cntv_ctl_el0 |
284 |
+ and x3, x3, #3 |
285 |
+ str w3, [x0, #VCPU_TIMER_CNTV_CTL] |
286 |
+- bic x3, x3, #1 // Clear Enable |
287 |
+- msr cntv_ctl_el0, x3 |
288 |
+ |
289 |
+ isb |
290 |
+ |
291 |
+@@ -853,6 +851,9 @@ |
292 |
+ str x3, [x0, #VCPU_TIMER_CNTV_CVAL] |
293 |
+ |
294 |
+ 1: |
295 |
++ // Disable the virtual timer |
296 |
++ msr cntv_ctl_el0, xzr |
297 |
++ |
298 |
+ // Allow physical timer/counter access for the host |
299 |
+ mrs x2, cnthctl_el2 |
300 |
+ orr x2, x2, #3 |
301 |
+@@ -947,13 +948,15 @@ ENTRY(__kvm_vcpu_run) |
302 |
+ // Guest context |
303 |
+ add x2, x0, #VCPU_CONTEXT |
304 |
+ |
305 |
++ // We must restore the 32-bit state before the sysregs, thanks |
306 |
++ // to Cortex-A57 erratum #852523. |
307 |
++ restore_guest_32bit_state |
308 |
+ bl __restore_sysregs |
309 |
+ bl __restore_fpsimd |
310 |
+ |
311 |
+ skip_debug_state x3, 1f |
312 |
+ bl __restore_debug |
313 |
+ 1: |
314 |
+- restore_guest_32bit_state |
315 |
+ restore_guest_regs |
316 |
+ |
317 |
+ // That's it, no more messing around. |
318 |
+diff --git a/arch/m32r/boot/compressed/misc.c b/arch/m32r/boot/compressed/misc.c |
319 |
+index 28a09529f206..3a7692745868 100644 |
320 |
+--- a/arch/m32r/boot/compressed/misc.c |
321 |
++++ b/arch/m32r/boot/compressed/misc.c |
322 |
+@@ -86,6 +86,7 @@ decompress_kernel(int mmu_on, unsigned char *zimage_data, |
323 |
+ free_mem_end_ptr = free_mem_ptr + BOOT_HEAP_SIZE; |
324 |
+ |
325 |
+ puts("\nDecompressing Linux... "); |
326 |
+- decompress(input_data, input_len, NULL, NULL, output_data, NULL, error); |
327 |
++ __decompress(input_data, input_len, NULL, NULL, output_data, 0, |
328 |
++ NULL, error); |
329 |
+ puts("done.\nBooting the kernel.\n"); |
330 |
+ } |
331 |
+diff --git a/arch/mips/boot/compressed/decompress.c b/arch/mips/boot/compressed/decompress.c |
332 |
+index 54831069a206..080cd53bac36 100644 |
333 |
+--- a/arch/mips/boot/compressed/decompress.c |
334 |
++++ b/arch/mips/boot/compressed/decompress.c |
335 |
+@@ -111,8 +111,8 @@ void decompress_kernel(unsigned long boot_heap_start) |
336 |
+ puts("\n"); |
337 |
+ |
338 |
+ /* Decompress the kernel with according algorithm */ |
339 |
+- decompress((char *)zimage_start, zimage_size, 0, 0, |
340 |
+- (void *)VMLINUX_LOAD_ADDRESS_ULL, 0, error); |
341 |
++ __decompress((char *)zimage_start, zimage_size, 0, 0, |
342 |
++ (void *)VMLINUX_LOAD_ADDRESS_ULL, 0, 0, error); |
343 |
+ |
344 |
+ /* FIXME: should we flush cache here? */ |
345 |
+ puts("Now, booting the kernel...\n"); |
346 |
+diff --git a/arch/mips/math-emu/cp1emu.c b/arch/mips/math-emu/cp1emu.c |
347 |
+index 6983fcd48131..2b95e34fa9e8 100644 |
348 |
+--- a/arch/mips/math-emu/cp1emu.c |
349 |
++++ b/arch/mips/math-emu/cp1emu.c |
350 |
+@@ -1137,7 +1137,7 @@ emul: |
351 |
+ break; |
352 |
+ |
353 |
+ case mfhc_op: |
354 |
+- if (!cpu_has_mips_r2) |
355 |
++ if (!cpu_has_mips_r2_r6) |
356 |
+ goto sigill; |
357 |
+ |
358 |
+ /* copregister rd -> gpr[rt] */ |
359 |
+@@ -1148,7 +1148,7 @@ emul: |
360 |
+ break; |
361 |
+ |
362 |
+ case mthc_op: |
363 |
+- if (!cpu_has_mips_r2) |
364 |
++ if (!cpu_has_mips_r2_r6) |
365 |
+ goto sigill; |
366 |
+ |
367 |
+ /* copregister rd <- gpr[rt] */ |
368 |
+@@ -1181,6 +1181,24 @@ emul: |
369 |
+ } |
370 |
+ break; |
371 |
+ |
372 |
++ case bc1eqz_op: |
373 |
++ case bc1nez_op: |
374 |
++ if (!cpu_has_mips_r6 || delay_slot(xcp)) |
375 |
++ return SIGILL; |
376 |
++ |
377 |
++ cond = likely = 0; |
378 |
++ switch (MIPSInst_RS(ir)) { |
379 |
++ case bc1eqz_op: |
380 |
++ if (get_fpr32(¤t->thread.fpu.fpr[MIPSInst_RT(ir)], 0) & 0x1) |
381 |
++ cond = 1; |
382 |
++ break; |
383 |
++ case bc1nez_op: |
384 |
++ if (!(get_fpr32(¤t->thread.fpu.fpr[MIPSInst_RT(ir)], 0) & 0x1)) |
385 |
++ cond = 1; |
386 |
++ break; |
387 |
++ } |
388 |
++ goto branch_common; |
389 |
++ |
390 |
+ case bc_op: |
391 |
+ if (delay_slot(xcp)) |
392 |
+ return SIGILL; |
393 |
+@@ -1207,7 +1225,7 @@ emul: |
394 |
+ case bct_op: |
395 |
+ break; |
396 |
+ } |
397 |
+- |
398 |
++branch_common: |
399 |
+ set_delay_slot(xcp); |
400 |
+ if (cond) { |
401 |
+ /* |
402 |
+diff --git a/arch/parisc/kernel/irq.c b/arch/parisc/kernel/irq.c |
403 |
+index f3191db6e2e9..c0eab24f6a9e 100644 |
404 |
+--- a/arch/parisc/kernel/irq.c |
405 |
++++ b/arch/parisc/kernel/irq.c |
406 |
+@@ -507,8 +507,8 @@ void do_cpu_irq_mask(struct pt_regs *regs) |
407 |
+ struct pt_regs *old_regs; |
408 |
+ unsigned long eirr_val; |
409 |
+ int irq, cpu = smp_processor_id(); |
410 |
+-#ifdef CONFIG_SMP |
411 |
+ struct irq_desc *desc; |
412 |
++#ifdef CONFIG_SMP |
413 |
+ cpumask_t dest; |
414 |
+ #endif |
415 |
+ |
416 |
+@@ -521,8 +521,12 @@ void do_cpu_irq_mask(struct pt_regs *regs) |
417 |
+ goto set_out; |
418 |
+ irq = eirr_to_irq(eirr_val); |
419 |
+ |
420 |
+-#ifdef CONFIG_SMP |
421 |
++ /* Filter out spurious interrupts, mostly from serial port at bootup */ |
422 |
+ desc = irq_to_desc(irq); |
423 |
++ if (unlikely(!desc->action)) |
424 |
++ goto set_out; |
425 |
++ |
426 |
++#ifdef CONFIG_SMP |
427 |
+ cpumask_copy(&dest, desc->irq_data.affinity); |
428 |
+ if (irqd_is_per_cpu(&desc->irq_data) && |
429 |
+ !cpumask_test_cpu(smp_processor_id(), &dest)) { |
430 |
+diff --git a/arch/parisc/kernel/syscall.S b/arch/parisc/kernel/syscall.S |
431 |
+index 7ef22e3387e0..0b8d26d3ba43 100644 |
432 |
+--- a/arch/parisc/kernel/syscall.S |
433 |
++++ b/arch/parisc/kernel/syscall.S |
434 |
+@@ -821,7 +821,7 @@ cas2_action: |
435 |
+ /* 64bit CAS */ |
436 |
+ #ifdef CONFIG_64BIT |
437 |
+ 19: ldd,ma 0(%sr3,%r26), %r29 |
438 |
+- sub,= %r29, %r25, %r0 |
439 |
++ sub,*= %r29, %r25, %r0 |
440 |
+ b,n cas2_end |
441 |
+ 20: std,ma %r24, 0(%sr3,%r26) |
442 |
+ copy %r0, %r28 |
443 |
+diff --git a/arch/powerpc/boot/Makefile b/arch/powerpc/boot/Makefile |
444 |
+index 73eddda53b8e..4eec430d8fa8 100644 |
445 |
+--- a/arch/powerpc/boot/Makefile |
446 |
++++ b/arch/powerpc/boot/Makefile |
447 |
+@@ -28,6 +28,9 @@ BOOTCFLAGS += -m64 |
448 |
+ endif |
449 |
+ ifdef CONFIG_CPU_BIG_ENDIAN |
450 |
+ BOOTCFLAGS += -mbig-endian |
451 |
++else |
452 |
++BOOTCFLAGS += -mlittle-endian |
453 |
++BOOTCFLAGS += $(call cc-option,-mabi=elfv2) |
454 |
+ endif |
455 |
+ |
456 |
+ BOOTAFLAGS := -D__ASSEMBLY__ $(BOOTCFLAGS) -traditional -nostdinc |
457 |
+diff --git a/arch/powerpc/include/asm/pgtable-ppc64.h b/arch/powerpc/include/asm/pgtable-ppc64.h |
458 |
+index 43e6ad424c7f..88d27e3258d2 100644 |
459 |
+--- a/arch/powerpc/include/asm/pgtable-ppc64.h |
460 |
++++ b/arch/powerpc/include/asm/pgtable-ppc64.h |
461 |
+@@ -135,7 +135,19 @@ |
462 |
+ #define pte_iterate_hashed_end() } while(0) |
463 |
+ |
464 |
+ #ifdef CONFIG_PPC_HAS_HASH_64K |
465 |
+-#define pte_pagesize_index(mm, addr, pte) get_slice_psize(mm, addr) |
466 |
++/* |
467 |
++ * We expect this to be called only for user addresses or kernel virtual |
468 |
++ * addresses other than the linear mapping. |
469 |
++ */ |
470 |
++#define pte_pagesize_index(mm, addr, pte) \ |
471 |
++ ({ \ |
472 |
++ unsigned int psize; \ |
473 |
++ if (is_kernel_addr(addr)) \ |
474 |
++ psize = MMU_PAGE_4K; \ |
475 |
++ else \ |
476 |
++ psize = get_slice_psize(mm, addr); \ |
477 |
++ psize; \ |
478 |
++ }) |
479 |
+ #else |
480 |
+ #define pte_pagesize_index(mm, addr, pte) MMU_PAGE_4K |
481 |
+ #endif |
482 |
+diff --git a/arch/powerpc/include/asm/rtas.h b/arch/powerpc/include/asm/rtas.h |
483 |
+index 7a4ede16b283..b77ef369c0f0 100644 |
484 |
+--- a/arch/powerpc/include/asm/rtas.h |
485 |
++++ b/arch/powerpc/include/asm/rtas.h |
486 |
+@@ -343,6 +343,7 @@ extern void rtas_power_off(void); |
487 |
+ extern void rtas_halt(void); |
488 |
+ extern void rtas_os_term(char *str); |
489 |
+ extern int rtas_get_sensor(int sensor, int index, int *state); |
490 |
++extern int rtas_get_sensor_fast(int sensor, int index, int *state); |
491 |
+ extern int rtas_get_power_level(int powerdomain, int *level); |
492 |
+ extern int rtas_set_power_level(int powerdomain, int level, int *setlevel); |
493 |
+ extern bool rtas_indicator_present(int token, int *maxindex); |
494 |
+diff --git a/arch/powerpc/include/asm/switch_to.h b/arch/powerpc/include/asm/switch_to.h |
495 |
+index 58abeda64cb7..15cca17cba4b 100644 |
496 |
+--- a/arch/powerpc/include/asm/switch_to.h |
497 |
++++ b/arch/powerpc/include/asm/switch_to.h |
498 |
+@@ -29,6 +29,7 @@ static inline void save_early_sprs(struct thread_struct *prev) {} |
499 |
+ |
500 |
+ extern void enable_kernel_fp(void); |
501 |
+ extern void enable_kernel_altivec(void); |
502 |
++extern void enable_kernel_vsx(void); |
503 |
+ extern int emulate_altivec(struct pt_regs *); |
504 |
+ extern void __giveup_vsx(struct task_struct *); |
505 |
+ extern void giveup_vsx(struct task_struct *); |
506 |
+diff --git a/arch/powerpc/kernel/eeh.c b/arch/powerpc/kernel/eeh.c |
507 |
+index 9ee61d15653d..cb565ad0a5b6 100644 |
508 |
+--- a/arch/powerpc/kernel/eeh.c |
509 |
++++ b/arch/powerpc/kernel/eeh.c |
510 |
+@@ -310,11 +310,26 @@ void eeh_slot_error_detail(struct eeh_pe *pe, int severity) |
511 |
+ if (!(pe->type & EEH_PE_PHB)) { |
512 |
+ if (eeh_has_flag(EEH_ENABLE_IO_FOR_LOG)) |
513 |
+ eeh_pci_enable(pe, EEH_OPT_THAW_MMIO); |
514 |
++ |
515 |
++ /* |
516 |
++ * The config space of some PCI devices can't be accessed |
517 |
++ * when their PEs are in frozen state. Otherwise, fenced |
518 |
++ * PHB might be seen. Those PEs are identified with flag |
519 |
++ * EEH_PE_CFG_RESTRICTED, indicating EEH_PE_CFG_BLOCKED |
520 |
++ * is set automatically when the PE is put to EEH_PE_ISOLATED. |
521 |
++ * |
522 |
++ * Restoring BARs possibly triggers PCI config access in |
523 |
++ * (OPAL) firmware and then causes fenced PHB. If the |
524 |
++ * PCI config is blocked with flag EEH_PE_CFG_BLOCKED, it's |
525 |
++ * pointless to restore BARs and dump config space. |
526 |
++ */ |
527 |
+ eeh_ops->configure_bridge(pe); |
528 |
+- eeh_pe_restore_bars(pe); |
529 |
++ if (!(pe->state & EEH_PE_CFG_BLOCKED)) { |
530 |
++ eeh_pe_restore_bars(pe); |
531 |
+ |
532 |
+- pci_regs_buf[0] = 0; |
533 |
+- eeh_pe_traverse(pe, eeh_dump_pe_log, &loglen); |
534 |
++ pci_regs_buf[0] = 0; |
535 |
++ eeh_pe_traverse(pe, eeh_dump_pe_log, &loglen); |
536 |
++ } |
537 |
+ } |
538 |
+ |
539 |
+ eeh_ops->get_log(pe, severity, pci_regs_buf, loglen); |
540 |
+@@ -1118,9 +1133,6 @@ void eeh_add_device_late(struct pci_dev *dev) |
541 |
+ return; |
542 |
+ } |
543 |
+ |
544 |
+- if (eeh_has_flag(EEH_PROBE_MODE_DEV)) |
545 |
+- eeh_ops->probe(pdn, NULL); |
546 |
+- |
547 |
+ /* |
548 |
+ * The EEH cache might not be removed correctly because of |
549 |
+ * unbalanced kref to the device during unplug time, which |
550 |
+@@ -1144,6 +1156,9 @@ void eeh_add_device_late(struct pci_dev *dev) |
551 |
+ dev->dev.archdata.edev = NULL; |
552 |
+ } |
553 |
+ |
554 |
++ if (eeh_has_flag(EEH_PROBE_MODE_DEV)) |
555 |
++ eeh_ops->probe(pdn, NULL); |
556 |
++ |
557 |
+ edev->pdev = dev; |
558 |
+ dev->dev.archdata.edev = edev; |
559 |
+ |
560 |
+diff --git a/arch/powerpc/kernel/process.c b/arch/powerpc/kernel/process.c |
561 |
+index febb50dd5328..0596373cd1c3 100644 |
562 |
+--- a/arch/powerpc/kernel/process.c |
563 |
++++ b/arch/powerpc/kernel/process.c |
564 |
+@@ -204,8 +204,6 @@ EXPORT_SYMBOL_GPL(flush_altivec_to_thread); |
565 |
+ #endif /* CONFIG_ALTIVEC */ |
566 |
+ |
567 |
+ #ifdef CONFIG_VSX |
568 |
+-#if 0 |
569 |
+-/* not currently used, but some crazy RAID module might want to later */ |
570 |
+ void enable_kernel_vsx(void) |
571 |
+ { |
572 |
+ WARN_ON(preemptible()); |
573 |
+@@ -220,7 +218,6 @@ void enable_kernel_vsx(void) |
574 |
+ #endif /* CONFIG_SMP */ |
575 |
+ } |
576 |
+ EXPORT_SYMBOL(enable_kernel_vsx); |
577 |
+-#endif |
578 |
+ |
579 |
+ void giveup_vsx(struct task_struct *tsk) |
580 |
+ { |
581 |
+diff --git a/arch/powerpc/kernel/rtas.c b/arch/powerpc/kernel/rtas.c |
582 |
+index 7a488c108410..caffb10e7aa3 100644 |
583 |
+--- a/arch/powerpc/kernel/rtas.c |
584 |
++++ b/arch/powerpc/kernel/rtas.c |
585 |
+@@ -584,6 +584,23 @@ int rtas_get_sensor(int sensor, int index, int *state) |
586 |
+ } |
587 |
+ EXPORT_SYMBOL(rtas_get_sensor); |
588 |
+ |
589 |
++int rtas_get_sensor_fast(int sensor, int index, int *state) |
590 |
++{ |
591 |
++ int token = rtas_token("get-sensor-state"); |
592 |
++ int rc; |
593 |
++ |
594 |
++ if (token == RTAS_UNKNOWN_SERVICE) |
595 |
++ return -ENOENT; |
596 |
++ |
597 |
++ rc = rtas_call(token, 2, 2, state, sensor, index); |
598 |
++ WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN && |
599 |
++ rc <= RTAS_EXTENDED_DELAY_MAX)); |
600 |
++ |
601 |
++ if (rc < 0) |
602 |
++ return rtas_error_rc(rc); |
603 |
++ return rc; |
604 |
++} |
605 |
++ |
606 |
+ bool rtas_indicator_present(int token, int *maxindex) |
607 |
+ { |
608 |
+ int proplen, count, i; |
609 |
+diff --git a/arch/powerpc/mm/hugepage-hash64.c b/arch/powerpc/mm/hugepage-hash64.c |
610 |
+index 43dafb9d6a46..4d87122cf6a7 100644 |
611 |
+--- a/arch/powerpc/mm/hugepage-hash64.c |
612 |
++++ b/arch/powerpc/mm/hugepage-hash64.c |
613 |
+@@ -85,7 +85,6 @@ int __hash_page_thp(unsigned long ea, unsigned long access, unsigned long vsid, |
614 |
+ BUG_ON(index >= 4096); |
615 |
+ |
616 |
+ vpn = hpt_vpn(ea, vsid, ssize); |
617 |
+- hash = hpt_hash(vpn, shift, ssize); |
618 |
+ hpte_slot_array = get_hpte_slot_array(pmdp); |
619 |
+ if (psize == MMU_PAGE_4K) { |
620 |
+ /* |
621 |
+@@ -101,6 +100,7 @@ int __hash_page_thp(unsigned long ea, unsigned long access, unsigned long vsid, |
622 |
+ valid = hpte_valid(hpte_slot_array, index); |
623 |
+ if (valid) { |
624 |
+ /* update the hpte bits */ |
625 |
++ hash = hpt_hash(vpn, shift, ssize); |
626 |
+ hidx = hpte_hash_index(hpte_slot_array, index); |
627 |
+ if (hidx & _PTEIDX_SECONDARY) |
628 |
+ hash = ~hash; |
629 |
+@@ -126,6 +126,7 @@ int __hash_page_thp(unsigned long ea, unsigned long access, unsigned long vsid, |
630 |
+ if (!valid) { |
631 |
+ unsigned long hpte_group; |
632 |
+ |
633 |
++ hash = hpt_hash(vpn, shift, ssize); |
634 |
+ /* insert new entry */ |
635 |
+ pa = pmd_pfn(__pmd(old_pmd)) << PAGE_SHIFT; |
636 |
+ new_pmd |= _PAGE_HASHPTE; |
637 |
+diff --git a/arch/powerpc/platforms/pseries/ras.c b/arch/powerpc/platforms/pseries/ras.c |
638 |
+index 02e4a1745516..3b6647e574b6 100644 |
639 |
+--- a/arch/powerpc/platforms/pseries/ras.c |
640 |
++++ b/arch/powerpc/platforms/pseries/ras.c |
641 |
+@@ -189,7 +189,8 @@ static irqreturn_t ras_epow_interrupt(int irq, void *dev_id) |
642 |
+ int state; |
643 |
+ int critical; |
644 |
+ |
645 |
+- status = rtas_get_sensor(EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX, &state); |
646 |
++ status = rtas_get_sensor_fast(EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX, |
647 |
++ &state); |
648 |
+ |
649 |
+ if (state > 3) |
650 |
+ critical = 1; /* Time Critical */ |
651 |
+diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c |
652 |
+index df6a7041922b..e6e8b241d717 100644 |
653 |
+--- a/arch/powerpc/platforms/pseries/setup.c |
654 |
++++ b/arch/powerpc/platforms/pseries/setup.c |
655 |
+@@ -268,6 +268,11 @@ static int pci_dn_reconfig_notifier(struct notifier_block *nb, unsigned long act |
656 |
+ eeh_dev_init(PCI_DN(np), pci->phb); |
657 |
+ } |
658 |
+ break; |
659 |
++ case OF_RECONFIG_DETACH_NODE: |
660 |
++ pci = PCI_DN(np); |
661 |
++ if (pci) |
662 |
++ list_del(&pci->list); |
663 |
++ break; |
664 |
+ default: |
665 |
+ err = NOTIFY_DONE; |
666 |
+ break; |
667 |
+diff --git a/arch/s390/boot/compressed/misc.c b/arch/s390/boot/compressed/misc.c |
668 |
+index 42506b371b74..4da604ebf6fd 100644 |
669 |
+--- a/arch/s390/boot/compressed/misc.c |
670 |
++++ b/arch/s390/boot/compressed/misc.c |
671 |
+@@ -167,7 +167,7 @@ unsigned long decompress_kernel(void) |
672 |
+ #endif |
673 |
+ |
674 |
+ puts("Uncompressing Linux... "); |
675 |
+- decompress(input_data, input_len, NULL, NULL, output, NULL, error); |
676 |
++ __decompress(input_data, input_len, NULL, NULL, output, 0, NULL, error); |
677 |
+ puts("Ok, booting the kernel.\n"); |
678 |
+ return (unsigned long) output; |
679 |
+ } |
680 |
+diff --git a/arch/sh/boot/compressed/misc.c b/arch/sh/boot/compressed/misc.c |
681 |
+index 95470a472d2c..208a9753ab38 100644 |
682 |
+--- a/arch/sh/boot/compressed/misc.c |
683 |
++++ b/arch/sh/boot/compressed/misc.c |
684 |
+@@ -132,7 +132,7 @@ void decompress_kernel(void) |
685 |
+ |
686 |
+ puts("Uncompressing Linux... "); |
687 |
+ cache_control(CACHE_ENABLE); |
688 |
+- decompress(input_data, input_len, NULL, NULL, output, NULL, error); |
689 |
++ __decompress(input_data, input_len, NULL, NULL, output, 0, NULL, error); |
690 |
+ cache_control(CACHE_DISABLE); |
691 |
+ puts("Ok, booting the kernel.\n"); |
692 |
+ } |
693 |
+diff --git a/arch/unicore32/boot/compressed/misc.c b/arch/unicore32/boot/compressed/misc.c |
694 |
+index 176d5bda3559..5c65dfee278c 100644 |
695 |
+--- a/arch/unicore32/boot/compressed/misc.c |
696 |
++++ b/arch/unicore32/boot/compressed/misc.c |
697 |
+@@ -119,8 +119,8 @@ unsigned long decompress_kernel(unsigned long output_start, |
698 |
+ output_ptr = get_unaligned_le32(tmp); |
699 |
+ |
700 |
+ arch_decomp_puts("Uncompressing Linux..."); |
701 |
+- decompress(input_data, input_data_end - input_data, NULL, NULL, |
702 |
+- output_data, NULL, error); |
703 |
++ __decompress(input_data, input_data_end - input_data, NULL, NULL, |
704 |
++ output_data, 0, NULL, error); |
705 |
+ arch_decomp_puts(" done, booting the kernel.\n"); |
706 |
+ return output_ptr; |
707 |
+ } |
708 |
+diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c |
709 |
+index a107b935e22f..e28437e0f708 100644 |
710 |
+--- a/arch/x86/boot/compressed/misc.c |
711 |
++++ b/arch/x86/boot/compressed/misc.c |
712 |
+@@ -424,7 +424,8 @@ asmlinkage __visible void *decompress_kernel(void *rmode, memptr heap, |
713 |
+ #endif |
714 |
+ |
715 |
+ debug_putstr("\nDecompressing Linux... "); |
716 |
+- decompress(input_data, input_len, NULL, NULL, output, NULL, error); |
717 |
++ __decompress(input_data, input_len, NULL, NULL, output, output_len, |
718 |
++ NULL, error); |
719 |
+ parse_elf(output); |
720 |
+ /* |
721 |
+ * 32-bit always performs relocations. 64-bit relocations are only |
722 |
+diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c |
723 |
+index c8140e12816a..c23ab1ee3a9a 100644 |
724 |
+--- a/arch/x86/mm/init_32.c |
725 |
++++ b/arch/x86/mm/init_32.c |
726 |
+@@ -137,6 +137,7 @@ page_table_range_init_count(unsigned long start, unsigned long end) |
727 |
+ |
728 |
+ vaddr = start; |
729 |
+ pgd_idx = pgd_index(vaddr); |
730 |
++ pmd_idx = pmd_index(vaddr); |
731 |
+ |
732 |
+ for ( ; (pgd_idx < PTRS_PER_PGD) && (vaddr != end); pgd_idx++) { |
733 |
+ for (; (pmd_idx < PTRS_PER_PMD) && (vaddr != end); |
734 |
+diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c |
735 |
+index b79685e06b70..279c5d674edf 100644 |
736 |
+--- a/block/blk-mq-sysfs.c |
737 |
++++ b/block/blk-mq-sysfs.c |
738 |
+@@ -141,15 +141,26 @@ static ssize_t blk_mq_sysfs_completed_show(struct blk_mq_ctx *ctx, char *page) |
739 |
+ |
740 |
+ static ssize_t sysfs_list_show(char *page, struct list_head *list, char *msg) |
741 |
+ { |
742 |
+- char *start_page = page; |
743 |
+ struct request *rq; |
744 |
++ int len = snprintf(page, PAGE_SIZE - 1, "%s:\n", msg); |
745 |
++ |
746 |
++ list_for_each_entry(rq, list, queuelist) { |
747 |
++ const int rq_len = 2 * sizeof(rq) + 2; |
748 |
++ |
749 |
++ /* if the output will be truncated */ |
750 |
++ if (PAGE_SIZE - 1 < len + rq_len) { |
751 |
++ /* backspacing if it can't hold '\t...\n' */ |
752 |
++ if (PAGE_SIZE - 1 < len + 5) |
753 |
++ len -= rq_len; |
754 |
++ len += snprintf(page + len, PAGE_SIZE - 1 - len, |
755 |
++ "\t...\n"); |
756 |
++ break; |
757 |
++ } |
758 |
++ len += snprintf(page + len, PAGE_SIZE - 1 - len, |
759 |
++ "\t%p\n", rq); |
760 |
++ } |
761 |
+ |
762 |
+- page += sprintf(page, "%s:\n", msg); |
763 |
+- |
764 |
+- list_for_each_entry(rq, list, queuelist) |
765 |
+- page += sprintf(page, "\t%p\n", rq); |
766 |
+- |
767 |
+- return page - start_page; |
768 |
++ return len; |
769 |
+ } |
770 |
+ |
771 |
+ static ssize_t blk_mq_sysfs_rq_list_show(struct blk_mq_ctx *ctx, char *page) |
772 |
+diff --git a/drivers/base/node.c b/drivers/base/node.c |
773 |
+index a2aa65b4215d..b10479c87357 100644 |
774 |
+--- a/drivers/base/node.c |
775 |
++++ b/drivers/base/node.c |
776 |
+@@ -388,6 +388,16 @@ int register_mem_sect_under_node(struct memory_block *mem_blk, int nid) |
777 |
+ for (pfn = sect_start_pfn; pfn <= sect_end_pfn; pfn++) { |
778 |
+ int page_nid; |
779 |
+ |
780 |
++ /* |
781 |
++ * memory block could have several absent sections from start. |
782 |
++ * skip pfn range from absent section |
783 |
++ */ |
784 |
++ if (!pfn_present(pfn)) { |
785 |
++ pfn = round_down(pfn + PAGES_PER_SECTION, |
786 |
++ PAGES_PER_SECTION) - 1; |
787 |
++ continue; |
788 |
++ } |
789 |
++ |
790 |
+ page_nid = get_nid_for_pfn(pfn); |
791 |
+ if (page_nid < 0) |
792 |
+ continue; |
793 |
+diff --git a/drivers/crypto/vmx/aes.c b/drivers/crypto/vmx/aes.c |
794 |
+index ab300ea19434..41f93334cc44 100644 |
795 |
+--- a/drivers/crypto/vmx/aes.c |
796 |
++++ b/drivers/crypto/vmx/aes.c |
797 |
+@@ -80,6 +80,7 @@ static int p8_aes_setkey(struct crypto_tfm *tfm, const u8 *key, |
798 |
+ |
799 |
+ pagefault_disable(); |
800 |
+ enable_kernel_altivec(); |
801 |
++ enable_kernel_vsx(); |
802 |
+ ret = aes_p8_set_encrypt_key(key, keylen * 8, &ctx->enc_key); |
803 |
+ ret += aes_p8_set_decrypt_key(key, keylen * 8, &ctx->dec_key); |
804 |
+ pagefault_enable(); |
805 |
+@@ -97,6 +98,7 @@ static void p8_aes_encrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) |
806 |
+ } else { |
807 |
+ pagefault_disable(); |
808 |
+ enable_kernel_altivec(); |
809 |
++ enable_kernel_vsx(); |
810 |
+ aes_p8_encrypt(src, dst, &ctx->enc_key); |
811 |
+ pagefault_enable(); |
812 |
+ } |
813 |
+@@ -111,6 +113,7 @@ static void p8_aes_decrypt(struct crypto_tfm *tfm, u8 *dst, const u8 *src) |
814 |
+ } else { |
815 |
+ pagefault_disable(); |
816 |
+ enable_kernel_altivec(); |
817 |
++ enable_kernel_vsx(); |
818 |
+ aes_p8_decrypt(src, dst, &ctx->dec_key); |
819 |
+ pagefault_enable(); |
820 |
+ } |
821 |
+diff --git a/drivers/crypto/vmx/aes_cbc.c b/drivers/crypto/vmx/aes_cbc.c |
822 |
+index 1a559b7dddb5..c8e7f653e5d3 100644 |
823 |
+--- a/drivers/crypto/vmx/aes_cbc.c |
824 |
++++ b/drivers/crypto/vmx/aes_cbc.c |
825 |
+@@ -81,6 +81,7 @@ static int p8_aes_cbc_setkey(struct crypto_tfm *tfm, const u8 *key, |
826 |
+ |
827 |
+ pagefault_disable(); |
828 |
+ enable_kernel_altivec(); |
829 |
++ enable_kernel_vsx(); |
830 |
+ ret = aes_p8_set_encrypt_key(key, keylen * 8, &ctx->enc_key); |
831 |
+ ret += aes_p8_set_decrypt_key(key, keylen * 8, &ctx->dec_key); |
832 |
+ pagefault_enable(); |
833 |
+@@ -108,6 +109,7 @@ static int p8_aes_cbc_encrypt(struct blkcipher_desc *desc, |
834 |
+ } else { |
835 |
+ pagefault_disable(); |
836 |
+ enable_kernel_altivec(); |
837 |
++ enable_kernel_vsx(); |
838 |
+ |
839 |
+ blkcipher_walk_init(&walk, dst, src, nbytes); |
840 |
+ ret = blkcipher_walk_virt(desc, &walk); |
841 |
+@@ -143,6 +145,7 @@ static int p8_aes_cbc_decrypt(struct blkcipher_desc *desc, |
842 |
+ } else { |
843 |
+ pagefault_disable(); |
844 |
+ enable_kernel_altivec(); |
845 |
++ enable_kernel_vsx(); |
846 |
+ |
847 |
+ blkcipher_walk_init(&walk, dst, src, nbytes); |
848 |
+ ret = blkcipher_walk_virt(desc, &walk); |
849 |
+diff --git a/drivers/crypto/vmx/aes_ctr.c b/drivers/crypto/vmx/aes_ctr.c |
850 |
+index 96dbee4bf4a6..266e708d63df 100644 |
851 |
+--- a/drivers/crypto/vmx/aes_ctr.c |
852 |
++++ b/drivers/crypto/vmx/aes_ctr.c |
853 |
+@@ -79,6 +79,7 @@ static int p8_aes_ctr_setkey(struct crypto_tfm *tfm, const u8 *key, |
854 |
+ |
855 |
+ pagefault_disable(); |
856 |
+ enable_kernel_altivec(); |
857 |
++ enable_kernel_vsx(); |
858 |
+ ret = aes_p8_set_encrypt_key(key, keylen * 8, &ctx->enc_key); |
859 |
+ pagefault_enable(); |
860 |
+ |
861 |
+@@ -97,6 +98,7 @@ static void p8_aes_ctr_final(struct p8_aes_ctr_ctx *ctx, |
862 |
+ |
863 |
+ pagefault_disable(); |
864 |
+ enable_kernel_altivec(); |
865 |
++ enable_kernel_vsx(); |
866 |
+ aes_p8_encrypt(ctrblk, keystream, &ctx->enc_key); |
867 |
+ pagefault_enable(); |
868 |
+ |
869 |
+@@ -127,6 +129,7 @@ static int p8_aes_ctr_crypt(struct blkcipher_desc *desc, |
870 |
+ while ((nbytes = walk.nbytes) >= AES_BLOCK_SIZE) { |
871 |
+ pagefault_disable(); |
872 |
+ enable_kernel_altivec(); |
873 |
++ enable_kernel_vsx(); |
874 |
+ aes_p8_ctr32_encrypt_blocks(walk.src.virt.addr, walk.dst.virt.addr, |
875 |
+ (nbytes & AES_BLOCK_MASK)/AES_BLOCK_SIZE, &ctx->enc_key, walk.iv); |
876 |
+ pagefault_enable(); |
877 |
+diff --git a/drivers/crypto/vmx/ghash.c b/drivers/crypto/vmx/ghash.c |
878 |
+index d0ffe277af5c..917b3f09e724 100644 |
879 |
+--- a/drivers/crypto/vmx/ghash.c |
880 |
++++ b/drivers/crypto/vmx/ghash.c |
881 |
+@@ -116,6 +116,7 @@ static int p8_ghash_setkey(struct crypto_shash *tfm, const u8 *key, |
882 |
+ |
883 |
+ pagefault_disable(); |
884 |
+ enable_kernel_altivec(); |
885 |
++ enable_kernel_vsx(); |
886 |
+ enable_kernel_fp(); |
887 |
+ gcm_init_p8(ctx->htable, (const u64 *) key); |
888 |
+ pagefault_enable(); |
889 |
+@@ -142,6 +143,7 @@ static int p8_ghash_update(struct shash_desc *desc, |
890 |
+ GHASH_DIGEST_SIZE - dctx->bytes); |
891 |
+ pagefault_disable(); |
892 |
+ enable_kernel_altivec(); |
893 |
++ enable_kernel_vsx(); |
894 |
+ enable_kernel_fp(); |
895 |
+ gcm_ghash_p8(dctx->shash, ctx->htable, dctx->buffer, |
896 |
+ GHASH_DIGEST_SIZE); |
897 |
+@@ -154,6 +156,7 @@ static int p8_ghash_update(struct shash_desc *desc, |
898 |
+ if (len) { |
899 |
+ pagefault_disable(); |
900 |
+ enable_kernel_altivec(); |
901 |
++ enable_kernel_vsx(); |
902 |
+ enable_kernel_fp(); |
903 |
+ gcm_ghash_p8(dctx->shash, ctx->htable, src, len); |
904 |
+ pagefault_enable(); |
905 |
+@@ -182,6 +185,7 @@ static int p8_ghash_final(struct shash_desc *desc, u8 *out) |
906 |
+ dctx->buffer[i] = 0; |
907 |
+ pagefault_disable(); |
908 |
+ enable_kernel_altivec(); |
909 |
++ enable_kernel_vsx(); |
910 |
+ enable_kernel_fp(); |
911 |
+ gcm_ghash_p8(dctx->shash, ctx->htable, dctx->buffer, |
912 |
+ GHASH_DIGEST_SIZE); |
913 |
+diff --git a/drivers/gpu/drm/radeon/radeon_combios.c b/drivers/gpu/drm/radeon/radeon_combios.c |
914 |
+index c097d3a82bda..a9b01bcf7d0a 100644 |
915 |
+--- a/drivers/gpu/drm/radeon/radeon_combios.c |
916 |
++++ b/drivers/gpu/drm/radeon/radeon_combios.c |
917 |
+@@ -3387,6 +3387,14 @@ void radeon_combios_asic_init(struct drm_device *dev) |
918 |
+ rdev->pdev->subsystem_device == 0x30ae) |
919 |
+ return; |
920 |
+ |
921 |
++ /* quirk for rs4xx HP Compaq dc5750 Small Form Factor to make it resume |
922 |
++ * - it hangs on resume inside the dynclk 1 table. |
923 |
++ */ |
924 |
++ if (rdev->family == CHIP_RS480 && |
925 |
++ rdev->pdev->subsystem_vendor == 0x103c && |
926 |
++ rdev->pdev->subsystem_device == 0x280a) |
927 |
++ return; |
928 |
++ |
929 |
+ /* DYN CLK 1 */ |
930 |
+ table = combios_get_table_offset(dev, COMBIOS_DYN_CLK_1_TABLE); |
931 |
+ if (table) |
932 |
+diff --git a/drivers/infiniband/core/uverbs.h b/drivers/infiniband/core/uverbs.h |
933 |
+index b716b0815644..bebf11a6622a 100644 |
934 |
+--- a/drivers/infiniband/core/uverbs.h |
935 |
++++ b/drivers/infiniband/core/uverbs.h |
936 |
+@@ -85,7 +85,7 @@ |
937 |
+ */ |
938 |
+ |
939 |
+ struct ib_uverbs_device { |
940 |
+- struct kref ref; |
941 |
++ atomic_t refcount; |
942 |
+ int num_comp_vectors; |
943 |
+ struct completion comp; |
944 |
+ struct device *dev; |
945 |
+@@ -94,6 +94,7 @@ struct ib_uverbs_device { |
946 |
+ struct cdev cdev; |
947 |
+ struct rb_root xrcd_tree; |
948 |
+ struct mutex xrcd_tree_mutex; |
949 |
++ struct kobject kobj; |
950 |
+ }; |
951 |
+ |
952 |
+ struct ib_uverbs_event_file { |
953 |
+diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c |
954 |
+index a9f048990dfc..ccc2494b4ea7 100644 |
955 |
+--- a/drivers/infiniband/core/uverbs_cmd.c |
956 |
++++ b/drivers/infiniband/core/uverbs_cmd.c |
957 |
+@@ -2244,6 +2244,12 @@ ssize_t ib_uverbs_post_send(struct ib_uverbs_file *file, |
958 |
+ next->send_flags = user_wr->send_flags; |
959 |
+ |
960 |
+ if (is_ud) { |
961 |
++ if (next->opcode != IB_WR_SEND && |
962 |
++ next->opcode != IB_WR_SEND_WITH_IMM) { |
963 |
++ ret = -EINVAL; |
964 |
++ goto out_put; |
965 |
++ } |
966 |
++ |
967 |
+ next->wr.ud.ah = idr_read_ah(user_wr->wr.ud.ah, |
968 |
+ file->ucontext); |
969 |
+ if (!next->wr.ud.ah) { |
970 |
+@@ -2283,9 +2289,11 @@ ssize_t ib_uverbs_post_send(struct ib_uverbs_file *file, |
971 |
+ user_wr->wr.atomic.compare_add; |
972 |
+ next->wr.atomic.swap = user_wr->wr.atomic.swap; |
973 |
+ next->wr.atomic.rkey = user_wr->wr.atomic.rkey; |
974 |
++ case IB_WR_SEND: |
975 |
+ break; |
976 |
+ default: |
977 |
+- break; |
978 |
++ ret = -EINVAL; |
979 |
++ goto out_put; |
980 |
+ } |
981 |
+ } |
982 |
+ |
983 |
+diff --git a/drivers/infiniband/core/uverbs_main.c b/drivers/infiniband/core/uverbs_main.c |
984 |
+index 88cce9bb72fe..09686d49d4c1 100644 |
985 |
+--- a/drivers/infiniband/core/uverbs_main.c |
986 |
++++ b/drivers/infiniband/core/uverbs_main.c |
987 |
+@@ -129,14 +129,18 @@ static int (*uverbs_ex_cmd_table[])(struct ib_uverbs_file *file, |
988 |
+ static void ib_uverbs_add_one(struct ib_device *device); |
989 |
+ static void ib_uverbs_remove_one(struct ib_device *device); |
990 |
+ |
991 |
+-static void ib_uverbs_release_dev(struct kref *ref) |
992 |
++static void ib_uverbs_release_dev(struct kobject *kobj) |
993 |
+ { |
994 |
+ struct ib_uverbs_device *dev = |
995 |
+- container_of(ref, struct ib_uverbs_device, ref); |
996 |
++ container_of(kobj, struct ib_uverbs_device, kobj); |
997 |
+ |
998 |
+- complete(&dev->comp); |
999 |
++ kfree(dev); |
1000 |
+ } |
1001 |
+ |
1002 |
++static struct kobj_type ib_uverbs_dev_ktype = { |
1003 |
++ .release = ib_uverbs_release_dev, |
1004 |
++}; |
1005 |
++ |
1006 |
+ static void ib_uverbs_release_event_file(struct kref *ref) |
1007 |
+ { |
1008 |
+ struct ib_uverbs_event_file *file = |
1009 |
+@@ -302,13 +306,19 @@ static int ib_uverbs_cleanup_ucontext(struct ib_uverbs_file *file, |
1010 |
+ return context->device->dealloc_ucontext(context); |
1011 |
+ } |
1012 |
+ |
1013 |
++static void ib_uverbs_comp_dev(struct ib_uverbs_device *dev) |
1014 |
++{ |
1015 |
++ complete(&dev->comp); |
1016 |
++} |
1017 |
++ |
1018 |
+ static void ib_uverbs_release_file(struct kref *ref) |
1019 |
+ { |
1020 |
+ struct ib_uverbs_file *file = |
1021 |
+ container_of(ref, struct ib_uverbs_file, ref); |
1022 |
+ |
1023 |
+ module_put(file->device->ib_dev->owner); |
1024 |
+- kref_put(&file->device->ref, ib_uverbs_release_dev); |
1025 |
++ if (atomic_dec_and_test(&file->device->refcount)) |
1026 |
++ ib_uverbs_comp_dev(file->device); |
1027 |
+ |
1028 |
+ kfree(file); |
1029 |
+ } |
1030 |
+@@ -742,9 +752,7 @@ static int ib_uverbs_open(struct inode *inode, struct file *filp) |
1031 |
+ int ret; |
1032 |
+ |
1033 |
+ dev = container_of(inode->i_cdev, struct ib_uverbs_device, cdev); |
1034 |
+- if (dev) |
1035 |
+- kref_get(&dev->ref); |
1036 |
+- else |
1037 |
++ if (!atomic_inc_not_zero(&dev->refcount)) |
1038 |
+ return -ENXIO; |
1039 |
+ |
1040 |
+ if (!try_module_get(dev->ib_dev->owner)) { |
1041 |
+@@ -765,6 +773,7 @@ static int ib_uverbs_open(struct inode *inode, struct file *filp) |
1042 |
+ mutex_init(&file->mutex); |
1043 |
+ |
1044 |
+ filp->private_data = file; |
1045 |
++ kobject_get(&dev->kobj); |
1046 |
+ |
1047 |
+ return nonseekable_open(inode, filp); |
1048 |
+ |
1049 |
+@@ -772,13 +781,16 @@ err_module: |
1050 |
+ module_put(dev->ib_dev->owner); |
1051 |
+ |
1052 |
+ err: |
1053 |
+- kref_put(&dev->ref, ib_uverbs_release_dev); |
1054 |
++ if (atomic_dec_and_test(&dev->refcount)) |
1055 |
++ ib_uverbs_comp_dev(dev); |
1056 |
++ |
1057 |
+ return ret; |
1058 |
+ } |
1059 |
+ |
1060 |
+ static int ib_uverbs_close(struct inode *inode, struct file *filp) |
1061 |
+ { |
1062 |
+ struct ib_uverbs_file *file = filp->private_data; |
1063 |
++ struct ib_uverbs_device *dev = file->device; |
1064 |
+ |
1065 |
+ ib_uverbs_cleanup_ucontext(file, file->ucontext); |
1066 |
+ |
1067 |
+@@ -786,6 +798,7 @@ static int ib_uverbs_close(struct inode *inode, struct file *filp) |
1068 |
+ kref_put(&file->async_file->ref, ib_uverbs_release_event_file); |
1069 |
+ |
1070 |
+ kref_put(&file->ref, ib_uverbs_release_file); |
1071 |
++ kobject_put(&dev->kobj); |
1072 |
+ |
1073 |
+ return 0; |
1074 |
+ } |
1075 |
+@@ -881,10 +894,11 @@ static void ib_uverbs_add_one(struct ib_device *device) |
1076 |
+ if (!uverbs_dev) |
1077 |
+ return; |
1078 |
+ |
1079 |
+- kref_init(&uverbs_dev->ref); |
1080 |
++ atomic_set(&uverbs_dev->refcount, 1); |
1081 |
+ init_completion(&uverbs_dev->comp); |
1082 |
+ uverbs_dev->xrcd_tree = RB_ROOT; |
1083 |
+ mutex_init(&uverbs_dev->xrcd_tree_mutex); |
1084 |
++ kobject_init(&uverbs_dev->kobj, &ib_uverbs_dev_ktype); |
1085 |
+ |
1086 |
+ spin_lock(&map_lock); |
1087 |
+ devnum = find_first_zero_bit(dev_map, IB_UVERBS_MAX_DEVICES); |
1088 |
+@@ -911,6 +925,7 @@ static void ib_uverbs_add_one(struct ib_device *device) |
1089 |
+ cdev_init(&uverbs_dev->cdev, NULL); |
1090 |
+ uverbs_dev->cdev.owner = THIS_MODULE; |
1091 |
+ uverbs_dev->cdev.ops = device->mmap ? &uverbs_mmap_fops : &uverbs_fops; |
1092 |
++ uverbs_dev->cdev.kobj.parent = &uverbs_dev->kobj; |
1093 |
+ kobject_set_name(&uverbs_dev->cdev.kobj, "uverbs%d", uverbs_dev->devnum); |
1094 |
+ if (cdev_add(&uverbs_dev->cdev, base, 1)) |
1095 |
+ goto err_cdev; |
1096 |
+@@ -941,9 +956,10 @@ err_cdev: |
1097 |
+ clear_bit(devnum, overflow_map); |
1098 |
+ |
1099 |
+ err: |
1100 |
+- kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); |
1101 |
++ if (atomic_dec_and_test(&uverbs_dev->refcount)) |
1102 |
++ ib_uverbs_comp_dev(uverbs_dev); |
1103 |
+ wait_for_completion(&uverbs_dev->comp); |
1104 |
+- kfree(uverbs_dev); |
1105 |
++ kobject_put(&uverbs_dev->kobj); |
1106 |
+ return; |
1107 |
+ } |
1108 |
+ |
1109 |
+@@ -963,9 +979,10 @@ static void ib_uverbs_remove_one(struct ib_device *device) |
1110 |
+ else |
1111 |
+ clear_bit(uverbs_dev->devnum - IB_UVERBS_MAX_DEVICES, overflow_map); |
1112 |
+ |
1113 |
+- kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); |
1114 |
++ if (atomic_dec_and_test(&uverbs_dev->refcount)) |
1115 |
++ ib_uverbs_comp_dev(uverbs_dev); |
1116 |
+ wait_for_completion(&uverbs_dev->comp); |
1117 |
+- kfree(uverbs_dev); |
1118 |
++ kobject_put(&uverbs_dev->kobj); |
1119 |
+ } |
1120 |
+ |
1121 |
+ static char *uverbs_devnode(struct device *dev, umode_t *mode) |
1122 |
+diff --git a/drivers/infiniband/hw/mlx4/ah.c b/drivers/infiniband/hw/mlx4/ah.c |
1123 |
+index f50a546224ad..33fdd50123f7 100644 |
1124 |
+--- a/drivers/infiniband/hw/mlx4/ah.c |
1125 |
++++ b/drivers/infiniband/hw/mlx4/ah.c |
1126 |
+@@ -148,9 +148,13 @@ int mlx4_ib_query_ah(struct ib_ah *ibah, struct ib_ah_attr *ah_attr) |
1127 |
+ enum rdma_link_layer ll; |
1128 |
+ |
1129 |
+ memset(ah_attr, 0, sizeof *ah_attr); |
1130 |
+- ah_attr->sl = be32_to_cpu(ah->av.ib.sl_tclass_flowlabel) >> 28; |
1131 |
+ ah_attr->port_num = be32_to_cpu(ah->av.ib.port_pd) >> 24; |
1132 |
+ ll = rdma_port_get_link_layer(ibah->device, ah_attr->port_num); |
1133 |
++ if (ll == IB_LINK_LAYER_ETHERNET) |
1134 |
++ ah_attr->sl = be32_to_cpu(ah->av.eth.sl_tclass_flowlabel) >> 29; |
1135 |
++ else |
1136 |
++ ah_attr->sl = be32_to_cpu(ah->av.ib.sl_tclass_flowlabel) >> 28; |
1137 |
++ |
1138 |
+ ah_attr->dlid = ll == IB_LINK_LAYER_INFINIBAND ? be16_to_cpu(ah->av.ib.dlid) : 0; |
1139 |
+ if (ah->av.ib.stat_rate) |
1140 |
+ ah_attr->static_rate = ah->av.ib.stat_rate - MLX4_STAT_RATE_OFFSET; |
1141 |
+diff --git a/drivers/infiniband/hw/mlx4/cq.c b/drivers/infiniband/hw/mlx4/cq.c |
1142 |
+index 0176caa5792c..2857ed89725e 100644 |
1143 |
+--- a/drivers/infiniband/hw/mlx4/cq.c |
1144 |
++++ b/drivers/infiniband/hw/mlx4/cq.c |
1145 |
+@@ -629,7 +629,7 @@ static void mlx4_ib_poll_sw_comp(struct mlx4_ib_cq *cq, int num_entries, |
1146 |
+ * simulated FLUSH_ERR completions |
1147 |
+ */ |
1148 |
+ list_for_each_entry(qp, &cq->send_qp_list, cq_send_list) { |
1149 |
+- mlx4_ib_qp_sw_comp(qp, num_entries, wc, npolled, 1); |
1150 |
++ mlx4_ib_qp_sw_comp(qp, num_entries, wc + *npolled, npolled, 1); |
1151 |
+ if (*npolled >= num_entries) |
1152 |
+ goto out; |
1153 |
+ } |
1154 |
+diff --git a/drivers/infiniband/hw/mlx4/mcg.c b/drivers/infiniband/hw/mlx4/mcg.c |
1155 |
+index ed327e6c8fdc..a0559a8af4f4 100644 |
1156 |
+--- a/drivers/infiniband/hw/mlx4/mcg.c |
1157 |
++++ b/drivers/infiniband/hw/mlx4/mcg.c |
1158 |
+@@ -206,15 +206,16 @@ static int send_mad_to_wire(struct mlx4_ib_demux_ctx *ctx, struct ib_mad *mad) |
1159 |
+ { |
1160 |
+ struct mlx4_ib_dev *dev = ctx->dev; |
1161 |
+ struct ib_ah_attr ah_attr; |
1162 |
++ unsigned long flags; |
1163 |
+ |
1164 |
+- spin_lock(&dev->sm_lock); |
1165 |
++ spin_lock_irqsave(&dev->sm_lock, flags); |
1166 |
+ if (!dev->sm_ah[ctx->port - 1]) { |
1167 |
+ /* port is not yet Active, sm_ah not ready */ |
1168 |
+- spin_unlock(&dev->sm_lock); |
1169 |
++ spin_unlock_irqrestore(&dev->sm_lock, flags); |
1170 |
+ return -EAGAIN; |
1171 |
+ } |
1172 |
+ mlx4_ib_query_ah(dev->sm_ah[ctx->port - 1], &ah_attr); |
1173 |
+- spin_unlock(&dev->sm_lock); |
1174 |
++ spin_unlock_irqrestore(&dev->sm_lock, flags); |
1175 |
+ return mlx4_ib_send_to_wire(dev, mlx4_master_func_num(dev->dev), |
1176 |
+ ctx->port, IB_QPT_GSI, 0, 1, IB_QP1_QKEY, |
1177 |
+ &ah_attr, NULL, mad); |
1178 |
+diff --git a/drivers/infiniband/hw/mlx4/sysfs.c b/drivers/infiniband/hw/mlx4/sysfs.c |
1179 |
+index 6797108ce873..69fb5ba94d0f 100644 |
1180 |
+--- a/drivers/infiniband/hw/mlx4/sysfs.c |
1181 |
++++ b/drivers/infiniband/hw/mlx4/sysfs.c |
1182 |
+@@ -640,6 +640,8 @@ static int add_port(struct mlx4_ib_dev *dev, int port_num, int slave) |
1183 |
+ struct mlx4_port *p; |
1184 |
+ int i; |
1185 |
+ int ret; |
1186 |
++ int is_eth = rdma_port_get_link_layer(&dev->ib_dev, port_num) == |
1187 |
++ IB_LINK_LAYER_ETHERNET; |
1188 |
+ |
1189 |
+ p = kzalloc(sizeof *p, GFP_KERNEL); |
1190 |
+ if (!p) |
1191 |
+@@ -657,7 +659,8 @@ static int add_port(struct mlx4_ib_dev *dev, int port_num, int slave) |
1192 |
+ |
1193 |
+ p->pkey_group.name = "pkey_idx"; |
1194 |
+ p->pkey_group.attrs = |
1195 |
+- alloc_group_attrs(show_port_pkey, store_port_pkey, |
1196 |
++ alloc_group_attrs(show_port_pkey, |
1197 |
++ is_eth ? NULL : store_port_pkey, |
1198 |
+ dev->dev->caps.pkey_table_len[port_num]); |
1199 |
+ if (!p->pkey_group.attrs) { |
1200 |
+ ret = -ENOMEM; |
1201 |
+diff --git a/drivers/infiniband/hw/mlx5/mr.c b/drivers/infiniband/hw/mlx5/mr.c |
1202 |
+index 71c593583864..0c52f078759c 100644 |
1203 |
+--- a/drivers/infiniband/hw/mlx5/mr.c |
1204 |
++++ b/drivers/infiniband/hw/mlx5/mr.c |
1205 |
+@@ -1119,19 +1119,7 @@ struct ib_mr *mlx5_ib_reg_user_mr(struct ib_pd *pd, u64 start, u64 length, |
1206 |
+ return &mr->ibmr; |
1207 |
+ |
1208 |
+ error: |
1209 |
+- /* |
1210 |
+- * Destroy the umem *before* destroying the MR, to ensure we |
1211 |
+- * will not have any in-flight notifiers when destroying the |
1212 |
+- * MR. |
1213 |
+- * |
1214 |
+- * As the MR is completely invalid to begin with, and this |
1215 |
+- * error path is only taken if we can't push the mr entry into |
1216 |
+- * the pagefault tree, this is safe. |
1217 |
+- */ |
1218 |
+- |
1219 |
+ ib_umem_release(umem); |
1220 |
+- /* Kill the MR, and return an error code. */ |
1221 |
+- clean_mr(mr); |
1222 |
+ return ERR_PTR(err); |
1223 |
+ } |
1224 |
+ |
1225 |
+diff --git a/drivers/infiniband/hw/qib/qib_keys.c b/drivers/infiniband/hw/qib/qib_keys.c |
1226 |
+index ad843c786e72..5afaa218508d 100644 |
1227 |
+--- a/drivers/infiniband/hw/qib/qib_keys.c |
1228 |
++++ b/drivers/infiniband/hw/qib/qib_keys.c |
1229 |
+@@ -86,6 +86,10 @@ int qib_alloc_lkey(struct qib_mregion *mr, int dma_region) |
1230 |
+ * unrestricted LKEY. |
1231 |
+ */ |
1232 |
+ rkt->gen++; |
1233 |
++ /* |
1234 |
++ * bits are capped in qib_verbs.c to insure enough bits |
1235 |
++ * for generation number |
1236 |
++ */ |
1237 |
+ mr->lkey = (r << (32 - ib_qib_lkey_table_size)) | |
1238 |
+ ((((1 << (24 - ib_qib_lkey_table_size)) - 1) & rkt->gen) |
1239 |
+ << 8); |
1240 |
+diff --git a/drivers/infiniband/hw/qib/qib_verbs.c b/drivers/infiniband/hw/qib/qib_verbs.c |
1241 |
+index 4a3599890ea5..9dd5d9a0556b 100644 |
1242 |
+--- a/drivers/infiniband/hw/qib/qib_verbs.c |
1243 |
++++ b/drivers/infiniband/hw/qib/qib_verbs.c |
1244 |
+@@ -40,6 +40,7 @@ |
1245 |
+ #include <linux/rculist.h> |
1246 |
+ #include <linux/mm.h> |
1247 |
+ #include <linux/random.h> |
1248 |
++#include <linux/vmalloc.h> |
1249 |
+ |
1250 |
+ #include "qib.h" |
1251 |
+ #include "qib_common.h" |
1252 |
+@@ -2089,10 +2090,16 @@ int qib_register_ib_device(struct qib_devdata *dd) |
1253 |
+ * the LKEY). The remaining bits act as a generation number or tag. |
1254 |
+ */ |
1255 |
+ spin_lock_init(&dev->lk_table.lock); |
1256 |
++ /* insure generation is at least 4 bits see keys.c */ |
1257 |
++ if (ib_qib_lkey_table_size > MAX_LKEY_TABLE_BITS) { |
1258 |
++ qib_dev_warn(dd, "lkey bits %u too large, reduced to %u\n", |
1259 |
++ ib_qib_lkey_table_size, MAX_LKEY_TABLE_BITS); |
1260 |
++ ib_qib_lkey_table_size = MAX_LKEY_TABLE_BITS; |
1261 |
++ } |
1262 |
+ dev->lk_table.max = 1 << ib_qib_lkey_table_size; |
1263 |
+ lk_tab_size = dev->lk_table.max * sizeof(*dev->lk_table.table); |
1264 |
+ dev->lk_table.table = (struct qib_mregion __rcu **) |
1265 |
+- __get_free_pages(GFP_KERNEL, get_order(lk_tab_size)); |
1266 |
++ vmalloc(lk_tab_size); |
1267 |
+ if (dev->lk_table.table == NULL) { |
1268 |
+ ret = -ENOMEM; |
1269 |
+ goto err_lk; |
1270 |
+@@ -2265,7 +2272,7 @@ err_tx: |
1271 |
+ sizeof(struct qib_pio_header), |
1272 |
+ dev->pio_hdrs, dev->pio_hdrs_phys); |
1273 |
+ err_hdrs: |
1274 |
+- free_pages((unsigned long) dev->lk_table.table, get_order(lk_tab_size)); |
1275 |
++ vfree(dev->lk_table.table); |
1276 |
+ err_lk: |
1277 |
+ kfree(dev->qp_table); |
1278 |
+ err_qpt: |
1279 |
+@@ -2319,8 +2326,7 @@ void qib_unregister_ib_device(struct qib_devdata *dd) |
1280 |
+ sizeof(struct qib_pio_header), |
1281 |
+ dev->pio_hdrs, dev->pio_hdrs_phys); |
1282 |
+ lk_tab_size = dev->lk_table.max * sizeof(*dev->lk_table.table); |
1283 |
+- free_pages((unsigned long) dev->lk_table.table, |
1284 |
+- get_order(lk_tab_size)); |
1285 |
++ vfree(dev->lk_table.table); |
1286 |
+ kfree(dev->qp_table); |
1287 |
+ } |
1288 |
+ |
1289 |
+diff --git a/drivers/infiniband/hw/qib/qib_verbs.h b/drivers/infiniband/hw/qib/qib_verbs.h |
1290 |
+index bfc8948fdd35..44ca28c83fe6 100644 |
1291 |
+--- a/drivers/infiniband/hw/qib/qib_verbs.h |
1292 |
++++ b/drivers/infiniband/hw/qib/qib_verbs.h |
1293 |
+@@ -647,6 +647,8 @@ struct qib_qpn_table { |
1294 |
+ struct qpn_map map[QPNMAP_ENTRIES]; |
1295 |
+ }; |
1296 |
+ |
1297 |
++#define MAX_LKEY_TABLE_BITS 23 |
1298 |
++ |
1299 |
+ struct qib_lkey_table { |
1300 |
+ spinlock_t lock; /* protect changes in this struct */ |
1301 |
+ u32 next; /* next unused index (speeds search) */ |
1302 |
+diff --git a/drivers/infiniband/ulp/iser/iscsi_iser.c b/drivers/infiniband/ulp/iser/iscsi_iser.c |
1303 |
+index 6a594aac2290..c933d882c35c 100644 |
1304 |
+--- a/drivers/infiniband/ulp/iser/iscsi_iser.c |
1305 |
++++ b/drivers/infiniband/ulp/iser/iscsi_iser.c |
1306 |
+@@ -201,6 +201,7 @@ iser_initialize_task_headers(struct iscsi_task *task, |
1307 |
+ goto out; |
1308 |
+ } |
1309 |
+ |
1310 |
++ tx_desc->mapped = true; |
1311 |
+ tx_desc->dma_addr = dma_addr; |
1312 |
+ tx_desc->tx_sg[0].addr = tx_desc->dma_addr; |
1313 |
+ tx_desc->tx_sg[0].length = ISER_HEADERS_LEN; |
1314 |
+@@ -360,16 +361,19 @@ iscsi_iser_task_xmit(struct iscsi_task *task) |
1315 |
+ static void iscsi_iser_cleanup_task(struct iscsi_task *task) |
1316 |
+ { |
1317 |
+ struct iscsi_iser_task *iser_task = task->dd_data; |
1318 |
+- struct iser_tx_desc *tx_desc = &iser_task->desc; |
1319 |
+- struct iser_conn *iser_conn = task->conn->dd_data; |
1320 |
++ struct iser_tx_desc *tx_desc = &iser_task->desc; |
1321 |
++ struct iser_conn *iser_conn = task->conn->dd_data; |
1322 |
+ struct iser_device *device = iser_conn->ib_conn.device; |
1323 |
+ |
1324 |
+ /* DEVICE_REMOVAL event might have already released the device */ |
1325 |
+ if (!device) |
1326 |
+ return; |
1327 |
+ |
1328 |
+- ib_dma_unmap_single(device->ib_device, |
1329 |
+- tx_desc->dma_addr, ISER_HEADERS_LEN, DMA_TO_DEVICE); |
1330 |
++ if (likely(tx_desc->mapped)) { |
1331 |
++ ib_dma_unmap_single(device->ib_device, tx_desc->dma_addr, |
1332 |
++ ISER_HEADERS_LEN, DMA_TO_DEVICE); |
1333 |
++ tx_desc->mapped = false; |
1334 |
++ } |
1335 |
+ |
1336 |
+ /* mgmt tasks do not need special cleanup */ |
1337 |
+ if (!task->sc) |
1338 |
+diff --git a/drivers/infiniband/ulp/iser/iscsi_iser.h b/drivers/infiniband/ulp/iser/iscsi_iser.h |
1339 |
+index 262ba1f8ee50..d2b6caf7694d 100644 |
1340 |
+--- a/drivers/infiniband/ulp/iser/iscsi_iser.h |
1341 |
++++ b/drivers/infiniband/ulp/iser/iscsi_iser.h |
1342 |
+@@ -270,6 +270,7 @@ enum iser_desc_type { |
1343 |
+ * sg[1] optionally points to either of immediate data |
1344 |
+ * unsolicited data-out or control |
1345 |
+ * @num_sge: number sges used on this TX task |
1346 |
++ * @mapped: Is the task header mapped |
1347 |
+ */ |
1348 |
+ struct iser_tx_desc { |
1349 |
+ struct iser_hdr iser_header; |
1350 |
+@@ -278,6 +279,7 @@ struct iser_tx_desc { |
1351 |
+ u64 dma_addr; |
1352 |
+ struct ib_sge tx_sg[2]; |
1353 |
+ int num_sge; |
1354 |
++ bool mapped; |
1355 |
+ }; |
1356 |
+ |
1357 |
+ #define ISER_RX_PAD_SIZE (256 - (ISER_RX_PAYLOAD_SIZE + \ |
1358 |
+diff --git a/drivers/infiniband/ulp/iser/iser_initiator.c b/drivers/infiniband/ulp/iser/iser_initiator.c |
1359 |
+index 3e2118e8ed87..0a47f42fec24 100644 |
1360 |
+--- a/drivers/infiniband/ulp/iser/iser_initiator.c |
1361 |
++++ b/drivers/infiniband/ulp/iser/iser_initiator.c |
1362 |
+@@ -454,7 +454,7 @@ int iser_send_data_out(struct iscsi_conn *conn, |
1363 |
+ unsigned long buf_offset; |
1364 |
+ unsigned long data_seg_len; |
1365 |
+ uint32_t itt; |
1366 |
+- int err = 0; |
1367 |
++ int err; |
1368 |
+ struct ib_sge *tx_dsg; |
1369 |
+ |
1370 |
+ itt = (__force uint32_t)hdr->itt; |
1371 |
+@@ -475,7 +475,9 @@ int iser_send_data_out(struct iscsi_conn *conn, |
1372 |
+ memcpy(&tx_desc->iscsi_header, hdr, sizeof(struct iscsi_hdr)); |
1373 |
+ |
1374 |
+ /* build the tx desc */ |
1375 |
+- iser_initialize_task_headers(task, tx_desc); |
1376 |
++ err = iser_initialize_task_headers(task, tx_desc); |
1377 |
++ if (err) |
1378 |
++ goto send_data_out_error; |
1379 |
+ |
1380 |
+ mem_reg = &iser_task->rdma_reg[ISER_DIR_OUT]; |
1381 |
+ tx_dsg = &tx_desc->tx_sg[1]; |
1382 |
+@@ -502,7 +504,7 @@ int iser_send_data_out(struct iscsi_conn *conn, |
1383 |
+ |
1384 |
+ send_data_out_error: |
1385 |
+ kmem_cache_free(ig.desc_cache, tx_desc); |
1386 |
+- iser_err("conn %p failed err %d\n",conn, err); |
1387 |
++ iser_err("conn %p failed err %d\n", conn, err); |
1388 |
+ return err; |
1389 |
+ } |
1390 |
+ |
1391 |
+diff --git a/drivers/infiniband/ulp/srp/ib_srp.c b/drivers/infiniband/ulp/srp/ib_srp.c |
1392 |
+index 75c01b27bd0b..025f93105444 100644 |
1393 |
+--- a/drivers/infiniband/ulp/srp/ib_srp.c |
1394 |
++++ b/drivers/infiniband/ulp/srp/ib_srp.c |
1395 |
+@@ -2761,6 +2761,13 @@ static int srp_sdev_count(struct Scsi_Host *host) |
1396 |
+ return c; |
1397 |
+ } |
1398 |
+ |
1399 |
++/* |
1400 |
++ * Return values: |
1401 |
++ * < 0 upon failure. Caller is responsible for SRP target port cleanup. |
1402 |
++ * 0 and target->state == SRP_TARGET_REMOVED if asynchronous target port |
1403 |
++ * removal has been scheduled. |
1404 |
++ * 0 and target->state != SRP_TARGET_REMOVED upon success. |
1405 |
++ */ |
1406 |
+ static int srp_add_target(struct srp_host *host, struct srp_target_port *target) |
1407 |
+ { |
1408 |
+ struct srp_rport_identifiers ids; |
1409 |
+@@ -3266,7 +3273,7 @@ static ssize_t srp_create_target(struct device *dev, |
1410 |
+ srp_free_ch_ib(target, ch); |
1411 |
+ srp_free_req_data(target, ch); |
1412 |
+ target->ch_count = ch - target->ch; |
1413 |
+- break; |
1414 |
++ goto connected; |
1415 |
+ } |
1416 |
+ } |
1417 |
+ |
1418 |
+@@ -3276,6 +3283,7 @@ static ssize_t srp_create_target(struct device *dev, |
1419 |
+ node_idx++; |
1420 |
+ } |
1421 |
+ |
1422 |
++connected: |
1423 |
+ target->scsi_host->nr_hw_queues = target->ch_count; |
1424 |
+ |
1425 |
+ ret = srp_add_target(host, target); |
1426 |
+@@ -3298,6 +3306,8 @@ out: |
1427 |
+ mutex_unlock(&host->add_target_mutex); |
1428 |
+ |
1429 |
+ scsi_host_put(target->scsi_host); |
1430 |
++ if (ret < 0) |
1431 |
++ scsi_host_put(target->scsi_host); |
1432 |
+ |
1433 |
+ return ret; |
1434 |
+ |
1435 |
+diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c |
1436 |
+index a18f41b89b6a..2ae522f0d2b2 100644 |
1437 |
+--- a/drivers/input/evdev.c |
1438 |
++++ b/drivers/input/evdev.c |
1439 |
+@@ -290,19 +290,14 @@ static int evdev_flush(struct file *file, fl_owner_t id) |
1440 |
+ { |
1441 |
+ struct evdev_client *client = file->private_data; |
1442 |
+ struct evdev *evdev = client->evdev; |
1443 |
+- int retval; |
1444 |
+ |
1445 |
+- retval = mutex_lock_interruptible(&evdev->mutex); |
1446 |
+- if (retval) |
1447 |
+- return retval; |
1448 |
++ mutex_lock(&evdev->mutex); |
1449 |
+ |
1450 |
+- if (!evdev->exist || client->revoked) |
1451 |
+- retval = -ENODEV; |
1452 |
+- else |
1453 |
+- retval = input_flush_device(&evdev->handle, file); |
1454 |
++ if (evdev->exist && !client->revoked) |
1455 |
++ input_flush_device(&evdev->handle, file); |
1456 |
+ |
1457 |
+ mutex_unlock(&evdev->mutex); |
1458 |
+- return retval; |
1459 |
++ return 0; |
1460 |
+ } |
1461 |
+ |
1462 |
+ static void evdev_free(struct device *dev) |
1463 |
+diff --git a/drivers/iommu/fsl_pamu.c b/drivers/iommu/fsl_pamu.c |
1464 |
+index abeedc9a78c2..2570f2a25dc4 100644 |
1465 |
+--- a/drivers/iommu/fsl_pamu.c |
1466 |
++++ b/drivers/iommu/fsl_pamu.c |
1467 |
+@@ -41,7 +41,6 @@ struct pamu_isr_data { |
1468 |
+ |
1469 |
+ static struct paace *ppaact; |
1470 |
+ static struct paace *spaact; |
1471 |
+-static struct ome *omt __initdata; |
1472 |
+ |
1473 |
+ /* |
1474 |
+ * Table for matching compatible strings, for device tree |
1475 |
+@@ -50,7 +49,7 @@ static struct ome *omt __initdata; |
1476 |
+ * SOCs. For the older SOCs "fsl,qoriq-device-config-1.0" |
1477 |
+ * string would be used. |
1478 |
+ */ |
1479 |
+-static const struct of_device_id guts_device_ids[] __initconst = { |
1480 |
++static const struct of_device_id guts_device_ids[] = { |
1481 |
+ { .compatible = "fsl,qoriq-device-config-1.0", }, |
1482 |
+ { .compatible = "fsl,qoriq-device-config-2.0", }, |
1483 |
+ {} |
1484 |
+@@ -599,7 +598,7 @@ found_cpu_node: |
1485 |
+ * Memory accesses to QMAN and BMAN private memory need not be coherent, so |
1486 |
+ * clear the PAACE entry coherency attribute for them. |
1487 |
+ */ |
1488 |
+-static void __init setup_qbman_paace(struct paace *ppaace, int paace_type) |
1489 |
++static void setup_qbman_paace(struct paace *ppaace, int paace_type) |
1490 |
+ { |
1491 |
+ switch (paace_type) { |
1492 |
+ case QMAN_PAACE: |
1493 |
+@@ -629,7 +628,7 @@ static void __init setup_qbman_paace(struct paace *ppaace, int paace_type) |
1494 |
+ * this table to translate device transaction to appropriate corenet |
1495 |
+ * transaction. |
1496 |
+ */ |
1497 |
+-static void __init setup_omt(struct ome *omt) |
1498 |
++static void setup_omt(struct ome *omt) |
1499 |
+ { |
1500 |
+ struct ome *ome; |
1501 |
+ |
1502 |
+@@ -666,7 +665,7 @@ static void __init setup_omt(struct ome *omt) |
1503 |
+ * Get the maximum number of PAACT table entries |
1504 |
+ * and subwindows supported by PAMU |
1505 |
+ */ |
1506 |
+-static void __init get_pamu_cap_values(unsigned long pamu_reg_base) |
1507 |
++static void get_pamu_cap_values(unsigned long pamu_reg_base) |
1508 |
+ { |
1509 |
+ u32 pc_val; |
1510 |
+ |
1511 |
+@@ -676,9 +675,9 @@ static void __init get_pamu_cap_values(unsigned long pamu_reg_base) |
1512 |
+ } |
1513 |
+ |
1514 |
+ /* Setup PAMU registers pointing to PAACT, SPAACT and OMT */ |
1515 |
+-static int __init setup_one_pamu(unsigned long pamu_reg_base, unsigned long pamu_reg_size, |
1516 |
+- phys_addr_t ppaact_phys, phys_addr_t spaact_phys, |
1517 |
+- phys_addr_t omt_phys) |
1518 |
++static int setup_one_pamu(unsigned long pamu_reg_base, unsigned long pamu_reg_size, |
1519 |
++ phys_addr_t ppaact_phys, phys_addr_t spaact_phys, |
1520 |
++ phys_addr_t omt_phys) |
1521 |
+ { |
1522 |
+ u32 *pc; |
1523 |
+ struct pamu_mmap_regs *pamu_regs; |
1524 |
+@@ -720,7 +719,7 @@ static int __init setup_one_pamu(unsigned long pamu_reg_base, unsigned long pamu |
1525 |
+ } |
1526 |
+ |
1527 |
+ /* Enable all device LIODNS */ |
1528 |
+-static void __init setup_liodns(void) |
1529 |
++static void setup_liodns(void) |
1530 |
+ { |
1531 |
+ int i, len; |
1532 |
+ struct paace *ppaace; |
1533 |
+@@ -846,7 +845,7 @@ struct ccsr_law { |
1534 |
+ /* |
1535 |
+ * Create a coherence subdomain for a given memory block. |
1536 |
+ */ |
1537 |
+-static int __init create_csd(phys_addr_t phys, size_t size, u32 csd_port_id) |
1538 |
++static int create_csd(phys_addr_t phys, size_t size, u32 csd_port_id) |
1539 |
+ { |
1540 |
+ struct device_node *np; |
1541 |
+ const __be32 *iprop; |
1542 |
+@@ -988,7 +987,7 @@ error: |
1543 |
+ static const struct { |
1544 |
+ u32 svr; |
1545 |
+ u32 port_id; |
1546 |
+-} port_id_map[] __initconst = { |
1547 |
++} port_id_map[] = { |
1548 |
+ {(SVR_P2040 << 8) | 0x10, 0xFF000000}, /* P2040 1.0 */ |
1549 |
+ {(SVR_P2040 << 8) | 0x11, 0xFF000000}, /* P2040 1.1 */ |
1550 |
+ {(SVR_P2041 << 8) | 0x10, 0xFF000000}, /* P2041 1.0 */ |
1551 |
+@@ -1006,7 +1005,7 @@ static const struct { |
1552 |
+ |
1553 |
+ #define SVR_SECURITY 0x80000 /* The Security (E) bit */ |
1554 |
+ |
1555 |
+-static int __init fsl_pamu_probe(struct platform_device *pdev) |
1556 |
++static int fsl_pamu_probe(struct platform_device *pdev) |
1557 |
+ { |
1558 |
+ struct device *dev = &pdev->dev; |
1559 |
+ void __iomem *pamu_regs = NULL; |
1560 |
+@@ -1022,6 +1021,7 @@ static int __init fsl_pamu_probe(struct platform_device *pdev) |
1561 |
+ int irq; |
1562 |
+ phys_addr_t ppaact_phys; |
1563 |
+ phys_addr_t spaact_phys; |
1564 |
++ struct ome *omt; |
1565 |
+ phys_addr_t omt_phys; |
1566 |
+ size_t mem_size = 0; |
1567 |
+ unsigned int order = 0; |
1568 |
+@@ -1200,7 +1200,7 @@ error: |
1569 |
+ return ret; |
1570 |
+ } |
1571 |
+ |
1572 |
+-static struct platform_driver fsl_of_pamu_driver __initdata = { |
1573 |
++static struct platform_driver fsl_of_pamu_driver = { |
1574 |
+ .driver = { |
1575 |
+ .name = "fsl-of-pamu", |
1576 |
+ }, |
1577 |
+diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c |
1578 |
+index c87c4b1bfc00..c23427951ec1 100644 |
1579 |
+--- a/drivers/iommu/intel-iommu.c |
1580 |
++++ b/drivers/iommu/intel-iommu.c |
1581 |
+@@ -681,6 +681,7 @@ static inline struct context_entry *iommu_context_addr(struct intel_iommu *iommu |
1582 |
+ struct context_entry *context; |
1583 |
+ u64 *entry; |
1584 |
+ |
1585 |
++ entry = &root->lo; |
1586 |
+ if (ecs_enabled(iommu)) { |
1587 |
+ if (devfn >= 0x80) { |
1588 |
+ devfn -= 0x80; |
1589 |
+@@ -688,7 +689,6 @@ static inline struct context_entry *iommu_context_addr(struct intel_iommu *iommu |
1590 |
+ } |
1591 |
+ devfn *= 2; |
1592 |
+ } |
1593 |
+- entry = &root->lo; |
1594 |
+ if (*entry & 1) |
1595 |
+ context = phys_to_virt(*entry & VTD_PAGE_MASK); |
1596 |
+ else { |
1597 |
+diff --git a/drivers/iommu/io-pgtable-arm.c b/drivers/iommu/io-pgtable-arm.c |
1598 |
+index 4e460216bd16..e29d5d7fe220 100644 |
1599 |
+--- a/drivers/iommu/io-pgtable-arm.c |
1600 |
++++ b/drivers/iommu/io-pgtable-arm.c |
1601 |
+@@ -200,6 +200,10 @@ typedef u64 arm_lpae_iopte; |
1602 |
+ |
1603 |
+ static bool selftest_running = false; |
1604 |
+ |
1605 |
++static int __arm_lpae_unmap(struct arm_lpae_io_pgtable *data, |
1606 |
++ unsigned long iova, size_t size, int lvl, |
1607 |
++ arm_lpae_iopte *ptep); |
1608 |
++ |
1609 |
+ static int arm_lpae_init_pte(struct arm_lpae_io_pgtable *data, |
1610 |
+ unsigned long iova, phys_addr_t paddr, |
1611 |
+ arm_lpae_iopte prot, int lvl, |
1612 |
+@@ -207,10 +211,21 @@ static int arm_lpae_init_pte(struct arm_lpae_io_pgtable *data, |
1613 |
+ { |
1614 |
+ arm_lpae_iopte pte = prot; |
1615 |
+ |
1616 |
+- /* We require an unmap first */ |
1617 |
+ if (iopte_leaf(*ptep, lvl)) { |
1618 |
++ /* We require an unmap first */ |
1619 |
+ WARN_ON(!selftest_running); |
1620 |
+ return -EEXIST; |
1621 |
++ } else if (iopte_type(*ptep, lvl) == ARM_LPAE_PTE_TYPE_TABLE) { |
1622 |
++ /* |
1623 |
++ * We need to unmap and free the old table before |
1624 |
++ * overwriting it with a block entry. |
1625 |
++ */ |
1626 |
++ arm_lpae_iopte *tblp; |
1627 |
++ size_t sz = ARM_LPAE_BLOCK_SIZE(lvl, data); |
1628 |
++ |
1629 |
++ tblp = ptep - ARM_LPAE_LVL_IDX(iova, lvl, data); |
1630 |
++ if (WARN_ON(__arm_lpae_unmap(data, iova, sz, lvl, tblp) != sz)) |
1631 |
++ return -EINVAL; |
1632 |
+ } |
1633 |
+ |
1634 |
+ if (data->iop.cfg.quirks & IO_PGTABLE_QUIRK_ARM_NS) |
1635 |
+diff --git a/drivers/iommu/tegra-smmu.c b/drivers/iommu/tegra-smmu.c |
1636 |
+index c845d99ecf6b..e0ff5f4d7fed 100644 |
1637 |
+--- a/drivers/iommu/tegra-smmu.c |
1638 |
++++ b/drivers/iommu/tegra-smmu.c |
1639 |
+@@ -26,6 +26,7 @@ struct tegra_smmu { |
1640 |
+ const struct tegra_smmu_soc *soc; |
1641 |
+ |
1642 |
+ unsigned long pfn_mask; |
1643 |
++ unsigned long tlb_mask; |
1644 |
+ |
1645 |
+ unsigned long *asids; |
1646 |
+ struct mutex lock; |
1647 |
+@@ -65,7 +66,8 @@ static inline u32 smmu_readl(struct tegra_smmu *smmu, unsigned long offset) |
1648 |
+ #define SMMU_TLB_CONFIG 0x14 |
1649 |
+ #define SMMU_TLB_CONFIG_HIT_UNDER_MISS (1 << 29) |
1650 |
+ #define SMMU_TLB_CONFIG_ROUND_ROBIN_ARBITRATION (1 << 28) |
1651 |
+-#define SMMU_TLB_CONFIG_ACTIVE_LINES(x) ((x) & 0x3f) |
1652 |
++#define SMMU_TLB_CONFIG_ACTIVE_LINES(smmu) \ |
1653 |
++ ((smmu)->soc->num_tlb_lines & (smmu)->tlb_mask) |
1654 |
+ |
1655 |
+ #define SMMU_PTC_CONFIG 0x18 |
1656 |
+ #define SMMU_PTC_CONFIG_ENABLE (1 << 29) |
1657 |
+@@ -716,6 +718,9 @@ struct tegra_smmu *tegra_smmu_probe(struct device *dev, |
1658 |
+ smmu->pfn_mask = BIT_MASK(mc->soc->num_address_bits - PAGE_SHIFT) - 1; |
1659 |
+ dev_dbg(dev, "address bits: %u, PFN mask: %#lx\n", |
1660 |
+ mc->soc->num_address_bits, smmu->pfn_mask); |
1661 |
++ smmu->tlb_mask = (smmu->soc->num_tlb_lines << 1) - 1; |
1662 |
++ dev_dbg(dev, "TLB lines: %u, mask: %#lx\n", smmu->soc->num_tlb_lines, |
1663 |
++ smmu->tlb_mask); |
1664 |
+ |
1665 |
+ value = SMMU_PTC_CONFIG_ENABLE | SMMU_PTC_CONFIG_INDEX_MAP(0x3f); |
1666 |
+ |
1667 |
+@@ -725,7 +730,7 @@ struct tegra_smmu *tegra_smmu_probe(struct device *dev, |
1668 |
+ smmu_writel(smmu, value, SMMU_PTC_CONFIG); |
1669 |
+ |
1670 |
+ value = SMMU_TLB_CONFIG_HIT_UNDER_MISS | |
1671 |
+- SMMU_TLB_CONFIG_ACTIVE_LINES(0x20); |
1672 |
++ SMMU_TLB_CONFIG_ACTIVE_LINES(smmu); |
1673 |
+ |
1674 |
+ if (soc->supports_round_robin_arbitration) |
1675 |
+ value |= SMMU_TLB_CONFIG_ROUND_ROBIN_ARBITRATION; |
1676 |
+diff --git a/drivers/isdn/gigaset/ser-gigaset.c b/drivers/isdn/gigaset/ser-gigaset.c |
1677 |
+index 8c91fd5eb6fd..3ac9c4194814 100644 |
1678 |
+--- a/drivers/isdn/gigaset/ser-gigaset.c |
1679 |
++++ b/drivers/isdn/gigaset/ser-gigaset.c |
1680 |
+@@ -524,9 +524,18 @@ gigaset_tty_open(struct tty_struct *tty) |
1681 |
+ cs->hw.ser->tty = tty; |
1682 |
+ atomic_set(&cs->hw.ser->refcnt, 1); |
1683 |
+ init_completion(&cs->hw.ser->dead_cmp); |
1684 |
+- |
1685 |
+ tty->disc_data = cs; |
1686 |
+ |
1687 |
++ /* Set the amount of data we're willing to receive per call |
1688 |
++ * from the hardware driver to half of the input buffer size |
1689 |
++ * to leave some reserve. |
1690 |
++ * Note: We don't do flow control towards the hardware driver. |
1691 |
++ * If more data is received than will fit into the input buffer, |
1692 |
++ * it will be dropped and an error will be logged. This should |
1693 |
++ * never happen as the device is slow and the buffer size ample. |
1694 |
++ */ |
1695 |
++ tty->receive_room = RBUFSIZE/2; |
1696 |
++ |
1697 |
+ /* OK.. Initialization of the datastructures and the HW is done.. Now |
1698 |
+ * startup system and notify the LL that we are ready to run |
1699 |
+ */ |
1700 |
+diff --git a/drivers/md/md.c b/drivers/md/md.c |
1701 |
+index e4621511d118..e8c44fcb1ad1 100644 |
1702 |
+--- a/drivers/md/md.c |
1703 |
++++ b/drivers/md/md.c |
1704 |
+@@ -5365,6 +5365,8 @@ static void __md_stop(struct mddev *mddev) |
1705 |
+ { |
1706 |
+ struct md_personality *pers = mddev->pers; |
1707 |
+ mddev_detach(mddev); |
1708 |
++ /* Ensure ->event_work is done */ |
1709 |
++ flush_workqueue(md_misc_wq); |
1710 |
+ spin_lock(&mddev->lock); |
1711 |
+ mddev->ready = 0; |
1712 |
+ mddev->pers = NULL; |
1713 |
+diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c |
1714 |
+index f55c3f35b746..fe0122771642 100644 |
1715 |
+--- a/drivers/md/raid10.c |
1716 |
++++ b/drivers/md/raid10.c |
1717 |
+@@ -3566,6 +3566,7 @@ static struct r10conf *setup_conf(struct mddev *mddev) |
1718 |
+ /* far_copies must be 1 */ |
1719 |
+ conf->prev.stride = conf->dev_sectors; |
1720 |
+ } |
1721 |
++ conf->reshape_safe = conf->reshape_progress; |
1722 |
+ spin_lock_init(&conf->device_lock); |
1723 |
+ INIT_LIST_HEAD(&conf->retry_list); |
1724 |
+ |
1725 |
+@@ -3770,7 +3771,6 @@ static int run(struct mddev *mddev) |
1726 |
+ } |
1727 |
+ conf->offset_diff = min_offset_diff; |
1728 |
+ |
1729 |
+- conf->reshape_safe = conf->reshape_progress; |
1730 |
+ clear_bit(MD_RECOVERY_SYNC, &mddev->recovery); |
1731 |
+ clear_bit(MD_RECOVERY_CHECK, &mddev->recovery); |
1732 |
+ set_bit(MD_RECOVERY_RESHAPE, &mddev->recovery); |
1733 |
+@@ -4113,6 +4113,7 @@ static int raid10_start_reshape(struct mddev *mddev) |
1734 |
+ conf->reshape_progress = size; |
1735 |
+ } else |
1736 |
+ conf->reshape_progress = 0; |
1737 |
++ conf->reshape_safe = conf->reshape_progress; |
1738 |
+ spin_unlock_irq(&conf->device_lock); |
1739 |
+ |
1740 |
+ if (mddev->delta_disks && mddev->bitmap) { |
1741 |
+@@ -4180,6 +4181,7 @@ abort: |
1742 |
+ rdev->new_data_offset = rdev->data_offset; |
1743 |
+ smp_wmb(); |
1744 |
+ conf->reshape_progress = MaxSector; |
1745 |
++ conf->reshape_safe = MaxSector; |
1746 |
+ mddev->reshape_position = MaxSector; |
1747 |
+ spin_unlock_irq(&conf->device_lock); |
1748 |
+ return ret; |
1749 |
+@@ -4534,6 +4536,7 @@ static void end_reshape(struct r10conf *conf) |
1750 |
+ md_finish_reshape(conf->mddev); |
1751 |
+ smp_wmb(); |
1752 |
+ conf->reshape_progress = MaxSector; |
1753 |
++ conf->reshape_safe = MaxSector; |
1754 |
+ spin_unlock_irq(&conf->device_lock); |
1755 |
+ |
1756 |
+ /* read-ahead size must cover two whole stripes, which is |
1757 |
+diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c |
1758 |
+index b6793d2e051f..23af6772f146 100644 |
1759 |
+--- a/drivers/md/raid5.c |
1760 |
++++ b/drivers/md/raid5.c |
1761 |
+@@ -2151,6 +2151,9 @@ static int resize_stripes(struct r5conf *conf, int newsize) |
1762 |
+ if (!sc) |
1763 |
+ return -ENOMEM; |
1764 |
+ |
1765 |
++ /* Need to ensure auto-resizing doesn't interfere */ |
1766 |
++ mutex_lock(&conf->cache_size_mutex); |
1767 |
++ |
1768 |
+ for (i = conf->max_nr_stripes; i; i--) { |
1769 |
+ nsh = alloc_stripe(sc, GFP_KERNEL); |
1770 |
+ if (!nsh) |
1771 |
+@@ -2167,6 +2170,7 @@ static int resize_stripes(struct r5conf *conf, int newsize) |
1772 |
+ kmem_cache_free(sc, nsh); |
1773 |
+ } |
1774 |
+ kmem_cache_destroy(sc); |
1775 |
++ mutex_unlock(&conf->cache_size_mutex); |
1776 |
+ return -ENOMEM; |
1777 |
+ } |
1778 |
+ /* Step 2 - Must use GFP_NOIO now. |
1779 |
+@@ -2213,6 +2217,7 @@ static int resize_stripes(struct r5conf *conf, int newsize) |
1780 |
+ } else |
1781 |
+ err = -ENOMEM; |
1782 |
+ |
1783 |
++ mutex_unlock(&conf->cache_size_mutex); |
1784 |
+ /* Step 4, return new stripes to service */ |
1785 |
+ while(!list_empty(&newstripes)) { |
1786 |
+ nsh = list_entry(newstripes.next, struct stripe_head, lru); |
1787 |
+@@ -2240,7 +2245,7 @@ static int resize_stripes(struct r5conf *conf, int newsize) |
1788 |
+ static int drop_one_stripe(struct r5conf *conf) |
1789 |
+ { |
1790 |
+ struct stripe_head *sh; |
1791 |
+- int hash = (conf->max_nr_stripes - 1) % NR_STRIPE_HASH_LOCKS; |
1792 |
++ int hash = (conf->max_nr_stripes - 1) & STRIPE_HASH_LOCKS_MASK; |
1793 |
+ |
1794 |
+ spin_lock_irq(conf->hash_locks + hash); |
1795 |
+ sh = get_free_stripe(conf, hash); |
1796 |
+@@ -5846,12 +5851,14 @@ static void raid5d(struct md_thread *thread) |
1797 |
+ pr_debug("%d stripes handled\n", handled); |
1798 |
+ |
1799 |
+ spin_unlock_irq(&conf->device_lock); |
1800 |
+- if (test_and_clear_bit(R5_ALLOC_MORE, &conf->cache_state)) { |
1801 |
++ if (test_and_clear_bit(R5_ALLOC_MORE, &conf->cache_state) && |
1802 |
++ mutex_trylock(&conf->cache_size_mutex)) { |
1803 |
+ grow_one_stripe(conf, __GFP_NOWARN); |
1804 |
+ /* Set flag even if allocation failed. This helps |
1805 |
+ * slow down allocation requests when mem is short |
1806 |
+ */ |
1807 |
+ set_bit(R5_DID_ALLOC, &conf->cache_state); |
1808 |
++ mutex_unlock(&conf->cache_size_mutex); |
1809 |
+ } |
1810 |
+ |
1811 |
+ async_tx_issue_pending_all(); |
1812 |
+@@ -5883,18 +5890,22 @@ raid5_set_cache_size(struct mddev *mddev, int size) |
1813 |
+ return -EINVAL; |
1814 |
+ |
1815 |
+ conf->min_nr_stripes = size; |
1816 |
++ mutex_lock(&conf->cache_size_mutex); |
1817 |
+ while (size < conf->max_nr_stripes && |
1818 |
+ drop_one_stripe(conf)) |
1819 |
+ ; |
1820 |
++ mutex_unlock(&conf->cache_size_mutex); |
1821 |
+ |
1822 |
+ |
1823 |
+ err = md_allow_write(mddev); |
1824 |
+ if (err) |
1825 |
+ return err; |
1826 |
+ |
1827 |
++ mutex_lock(&conf->cache_size_mutex); |
1828 |
+ while (size > conf->max_nr_stripes) |
1829 |
+ if (!grow_one_stripe(conf, GFP_KERNEL)) |
1830 |
+ break; |
1831 |
++ mutex_unlock(&conf->cache_size_mutex); |
1832 |
+ |
1833 |
+ return 0; |
1834 |
+ } |
1835 |
+@@ -6360,11 +6371,19 @@ static unsigned long raid5_cache_scan(struct shrinker *shrink, |
1836 |
+ struct shrink_control *sc) |
1837 |
+ { |
1838 |
+ struct r5conf *conf = container_of(shrink, struct r5conf, shrinker); |
1839 |
+- int ret = 0; |
1840 |
+- while (ret < sc->nr_to_scan) { |
1841 |
+- if (drop_one_stripe(conf) == 0) |
1842 |
+- return SHRINK_STOP; |
1843 |
+- ret++; |
1844 |
++ unsigned long ret = SHRINK_STOP; |
1845 |
++ |
1846 |
++ if (mutex_trylock(&conf->cache_size_mutex)) { |
1847 |
++ ret= 0; |
1848 |
++ while (ret < sc->nr_to_scan && |
1849 |
++ conf->max_nr_stripes > conf->min_nr_stripes) { |
1850 |
++ if (drop_one_stripe(conf) == 0) { |
1851 |
++ ret = SHRINK_STOP; |
1852 |
++ break; |
1853 |
++ } |
1854 |
++ ret++; |
1855 |
++ } |
1856 |
++ mutex_unlock(&conf->cache_size_mutex); |
1857 |
+ } |
1858 |
+ return ret; |
1859 |
+ } |
1860 |
+@@ -6433,6 +6452,7 @@ static struct r5conf *setup_conf(struct mddev *mddev) |
1861 |
+ goto abort; |
1862 |
+ spin_lock_init(&conf->device_lock); |
1863 |
+ seqcount_init(&conf->gen_lock); |
1864 |
++ mutex_init(&conf->cache_size_mutex); |
1865 |
+ init_waitqueue_head(&conf->wait_for_stripe); |
1866 |
+ init_waitqueue_head(&conf->wait_for_overlap); |
1867 |
+ INIT_LIST_HEAD(&conf->handle_list); |
1868 |
+diff --git a/drivers/md/raid5.h b/drivers/md/raid5.h |
1869 |
+index 896d603ad0da..03472fbbd882 100644 |
1870 |
+--- a/drivers/md/raid5.h |
1871 |
++++ b/drivers/md/raid5.h |
1872 |
+@@ -482,7 +482,8 @@ struct r5conf { |
1873 |
+ */ |
1874 |
+ int active_name; |
1875 |
+ char cache_name[2][32]; |
1876 |
+- struct kmem_cache *slab_cache; /* for allocating stripes */ |
1877 |
++ struct kmem_cache *slab_cache; /* for allocating stripes */ |
1878 |
++ struct mutex cache_size_mutex; /* Protect changes to cache size */ |
1879 |
+ |
1880 |
+ int seq_flush, seq_write; |
1881 |
+ int quiesce; |
1882 |
+diff --git a/drivers/media/platform/am437x/am437x-vpfe.c b/drivers/media/platform/am437x/am437x-vpfe.c |
1883 |
+index a30cc2f7e4f1..ddf59ee5ca40 100644 |
1884 |
+--- a/drivers/media/platform/am437x/am437x-vpfe.c |
1885 |
++++ b/drivers/media/platform/am437x/am437x-vpfe.c |
1886 |
+@@ -1185,14 +1185,24 @@ static int vpfe_initialize_device(struct vpfe_device *vpfe) |
1887 |
+ static int vpfe_release(struct file *file) |
1888 |
+ { |
1889 |
+ struct vpfe_device *vpfe = video_drvdata(file); |
1890 |
++ bool fh_singular; |
1891 |
+ int ret; |
1892 |
+ |
1893 |
+ mutex_lock(&vpfe->lock); |
1894 |
+ |
1895 |
+- if (v4l2_fh_is_singular_file(file)) |
1896 |
+- vpfe_ccdc_close(&vpfe->ccdc, vpfe->pdev); |
1897 |
++ /* Save the singular status before we call the clean-up helper */ |
1898 |
++ fh_singular = v4l2_fh_is_singular_file(file); |
1899 |
++ |
1900 |
++ /* the release helper will cleanup any on-going streaming */ |
1901 |
+ ret = _vb2_fop_release(file, NULL); |
1902 |
+ |
1903 |
++ /* |
1904 |
++ * If this was the last open file. |
1905 |
++ * Then de-initialize hw module. |
1906 |
++ */ |
1907 |
++ if (fh_singular) |
1908 |
++ vpfe_ccdc_close(&vpfe->ccdc, vpfe->pdev); |
1909 |
++ |
1910 |
+ mutex_unlock(&vpfe->lock); |
1911 |
+ |
1912 |
+ return ret; |
1913 |
+@@ -1577,7 +1587,7 @@ static int vpfe_s_fmt(struct file *file, void *priv, |
1914 |
+ return -EBUSY; |
1915 |
+ } |
1916 |
+ |
1917 |
+- ret = vpfe_try_fmt(file, priv, fmt); |
1918 |
++ ret = vpfe_try_fmt(file, priv, &format); |
1919 |
+ if (ret) |
1920 |
+ return ret; |
1921 |
+ |
1922 |
+diff --git a/drivers/media/platform/omap3isp/isp.c b/drivers/media/platform/omap3isp/isp.c |
1923 |
+index 18d0a871747f..947d8be7b245 100644 |
1924 |
+--- a/drivers/media/platform/omap3isp/isp.c |
1925 |
++++ b/drivers/media/platform/omap3isp/isp.c |
1926 |
+@@ -829,14 +829,14 @@ static int isp_pipeline_link_notify(struct media_link *link, u32 flags, |
1927 |
+ int ret; |
1928 |
+ |
1929 |
+ if (notification == MEDIA_DEV_NOTIFY_POST_LINK_CH && |
1930 |
+- !(link->flags & MEDIA_LNK_FL_ENABLED)) { |
1931 |
++ !(flags & MEDIA_LNK_FL_ENABLED)) { |
1932 |
+ /* Powering off entities is assumed to never fail. */ |
1933 |
+ isp_pipeline_pm_power(source, -sink_use); |
1934 |
+ isp_pipeline_pm_power(sink, -source_use); |
1935 |
+ return 0; |
1936 |
+ } |
1937 |
+ |
1938 |
+- if (notification == MEDIA_DEV_NOTIFY_POST_LINK_CH && |
1939 |
++ if (notification == MEDIA_DEV_NOTIFY_PRE_LINK_CH && |
1940 |
+ (flags & MEDIA_LNK_FL_ENABLED)) { |
1941 |
+ |
1942 |
+ ret = isp_pipeline_pm_power(source, sink_use); |
1943 |
+diff --git a/drivers/media/rc/rc-main.c b/drivers/media/rc/rc-main.c |
1944 |
+index f8c5e47a30aa..0aba9ff92102 100644 |
1945 |
+--- a/drivers/media/rc/rc-main.c |
1946 |
++++ b/drivers/media/rc/rc-main.c |
1947 |
+@@ -1191,9 +1191,6 @@ static int rc_dev_uevent(struct device *device, struct kobj_uevent_env *env) |
1948 |
+ { |
1949 |
+ struct rc_dev *dev = to_rc_dev(device); |
1950 |
+ |
1951 |
+- if (!dev || !dev->input_dev) |
1952 |
+- return -ENODEV; |
1953 |
+- |
1954 |
+ if (dev->rc_map.name) |
1955 |
+ ADD_HOTPLUG_VAR("NAME=%s", dev->rc_map.name); |
1956 |
+ if (dev->driver_name) |
1957 |
+diff --git a/drivers/memory/tegra/tegra114.c b/drivers/memory/tegra/tegra114.c |
1958 |
+index 511e9a25c151..16c4d26f51e7 100644 |
1959 |
+--- a/drivers/memory/tegra/tegra114.c |
1960 |
++++ b/drivers/memory/tegra/tegra114.c |
1961 |
+@@ -935,6 +935,7 @@ static const struct tegra_smmu_soc tegra114_smmu_soc = { |
1962 |
+ .num_swgroups = ARRAY_SIZE(tegra114_swgroups), |
1963 |
+ .supports_round_robin_arbitration = false, |
1964 |
+ .supports_request_limit = false, |
1965 |
++ .num_tlb_lines = 32, |
1966 |
+ .num_asids = 4, |
1967 |
+ .ops = &tegra114_smmu_ops, |
1968 |
+ }; |
1969 |
+diff --git a/drivers/memory/tegra/tegra124.c b/drivers/memory/tegra/tegra124.c |
1970 |
+index 278d40b854c1..b153d0b732cf 100644 |
1971 |
+--- a/drivers/memory/tegra/tegra124.c |
1972 |
++++ b/drivers/memory/tegra/tegra124.c |
1973 |
+@@ -981,6 +981,7 @@ static const struct tegra_smmu_soc tegra124_smmu_soc = { |
1974 |
+ .num_swgroups = ARRAY_SIZE(tegra124_swgroups), |
1975 |
+ .supports_round_robin_arbitration = true, |
1976 |
+ .supports_request_limit = true, |
1977 |
++ .num_tlb_lines = 32, |
1978 |
+ .num_asids = 128, |
1979 |
+ .ops = &tegra124_smmu_ops, |
1980 |
+ }; |
1981 |
+diff --git a/drivers/memory/tegra/tegra30.c b/drivers/memory/tegra/tegra30.c |
1982 |
+index 71fe9376fe53..f422b18f45f3 100644 |
1983 |
+--- a/drivers/memory/tegra/tegra30.c |
1984 |
++++ b/drivers/memory/tegra/tegra30.c |
1985 |
+@@ -957,6 +957,7 @@ static const struct tegra_smmu_soc tegra30_smmu_soc = { |
1986 |
+ .num_swgroups = ARRAY_SIZE(tegra30_swgroups), |
1987 |
+ .supports_round_robin_arbitration = false, |
1988 |
+ .supports_request_limit = false, |
1989 |
++ .num_tlb_lines = 16, |
1990 |
+ .num_asids = 4, |
1991 |
+ .ops = &tegra30_smmu_ops, |
1992 |
+ }; |
1993 |
+diff --git a/drivers/misc/cxl/pci.c b/drivers/misc/cxl/pci.c |
1994 |
+index 1ef01647265f..4f1b0bdb9cf8 100644 |
1995 |
+--- a/drivers/misc/cxl/pci.c |
1996 |
++++ b/drivers/misc/cxl/pci.c |
1997 |
+@@ -778,14 +778,9 @@ int cxl_reset(struct cxl *adapter) |
1998 |
+ { |
1999 |
+ struct pci_dev *dev = to_pci_dev(adapter->dev.parent); |
2000 |
+ int rc; |
2001 |
+- int i; |
2002 |
+- u32 val; |
2003 |
+ |
2004 |
+ dev_info(&dev->dev, "CXL reset\n"); |
2005 |
+ |
2006 |
+- for (i = 0; i < adapter->slices; i++) |
2007 |
+- cxl_remove_afu(adapter->afu[i]); |
2008 |
+- |
2009 |
+ /* pcie_warm_reset requests a fundamental pci reset which includes a |
2010 |
+ * PERST assert/deassert. PERST triggers a loading of the image |
2011 |
+ * if "user" or "factory" is selected in sysfs */ |
2012 |
+@@ -794,20 +789,6 @@ int cxl_reset(struct cxl *adapter) |
2013 |
+ return rc; |
2014 |
+ } |
2015 |
+ |
2016 |
+- /* the PERST done above fences the PHB. So, reset depends on EEH |
2017 |
+- * to unbind the driver, tell Sapphire to reinit the PHB, and rebind |
2018 |
+- * the driver. Do an mmio read explictly to ensure EEH notices the |
2019 |
+- * fenced PHB. Retry for a few seconds before giving up. */ |
2020 |
+- i = 0; |
2021 |
+- while (((val = mmio_read32be(adapter->p1_mmio)) != 0xffffffff) && |
2022 |
+- (i < 5)) { |
2023 |
+- msleep(500); |
2024 |
+- i++; |
2025 |
+- } |
2026 |
+- |
2027 |
+- if (val != 0xffffffff) |
2028 |
+- dev_err(&dev->dev, "cxl: PERST failed to trigger EEH\n"); |
2029 |
+- |
2030 |
+ return rc; |
2031 |
+ } |
2032 |
+ |
2033 |
+@@ -1062,8 +1043,6 @@ static int cxl_probe(struct pci_dev *dev, const struct pci_device_id *id) |
2034 |
+ int slice; |
2035 |
+ int rc; |
2036 |
+ |
2037 |
+- pci_dev_get(dev); |
2038 |
+- |
2039 |
+ if (cxl_verbose) |
2040 |
+ dump_cxl_config_space(dev); |
2041 |
+ |
2042 |
+diff --git a/drivers/mmc/core/core.c b/drivers/mmc/core/core.c |
2043 |
+index 92e7671426eb..588fb7908642 100644 |
2044 |
+--- a/drivers/mmc/core/core.c |
2045 |
++++ b/drivers/mmc/core/core.c |
2046 |
+@@ -330,8 +330,10 @@ EXPORT_SYMBOL(mmc_start_bkops); |
2047 |
+ */ |
2048 |
+ static void mmc_wait_data_done(struct mmc_request *mrq) |
2049 |
+ { |
2050 |
+- mrq->host->context_info.is_done_rcv = true; |
2051 |
+- wake_up_interruptible(&mrq->host->context_info.wait); |
2052 |
++ struct mmc_context_info *context_info = &mrq->host->context_info; |
2053 |
++ |
2054 |
++ context_info->is_done_rcv = true; |
2055 |
++ wake_up_interruptible(&context_info->wait); |
2056 |
+ } |
2057 |
+ |
2058 |
+ static void mmc_wait_done(struct mmc_request *mrq) |
2059 |
+diff --git a/drivers/mmc/host/sdhci-pci.c b/drivers/mmc/host/sdhci-pci.c |
2060 |
+index 7a3fc16d0a6c..53cfc7cedefe 100644 |
2061 |
+--- a/drivers/mmc/host/sdhci-pci.c |
2062 |
++++ b/drivers/mmc/host/sdhci-pci.c |
2063 |
+@@ -549,6 +549,7 @@ static int jmicron_resume(struct sdhci_pci_chip *chip) |
2064 |
+ static const struct sdhci_pci_fixes sdhci_o2 = { |
2065 |
+ .probe = sdhci_pci_o2_probe, |
2066 |
+ .quirks = SDHCI_QUIRK_NO_ENDATTR_IN_NOPDESC, |
2067 |
++ .quirks2 = SDHCI_QUIRK2_CLEAR_TRANSFERMODE_REG_BEFORE_CMD, |
2068 |
+ .probe_slot = sdhci_pci_o2_probe_slot, |
2069 |
+ .resume = sdhci_pci_o2_resume, |
2070 |
+ }; |
2071 |
+diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c |
2072 |
+index bec8a307f8cd..fd41b91436ec 100644 |
2073 |
+--- a/drivers/mmc/host/sdhci.c |
2074 |
++++ b/drivers/mmc/host/sdhci.c |
2075 |
+@@ -1146,6 +1146,7 @@ static u16 sdhci_get_preset_value(struct sdhci_host *host) |
2076 |
+ preset = sdhci_readw(host, SDHCI_PRESET_FOR_SDR104); |
2077 |
+ break; |
2078 |
+ case MMC_TIMING_UHS_DDR50: |
2079 |
++ case MMC_TIMING_MMC_DDR52: |
2080 |
+ preset = sdhci_readw(host, SDHCI_PRESET_FOR_DDR50); |
2081 |
+ break; |
2082 |
+ case MMC_TIMING_MMC_HS400: |
2083 |
+@@ -1598,7 +1599,8 @@ static void sdhci_do_set_ios(struct sdhci_host *host, struct mmc_ios *ios) |
2084 |
+ (ios->timing == MMC_TIMING_UHS_SDR25) || |
2085 |
+ (ios->timing == MMC_TIMING_UHS_SDR50) || |
2086 |
+ (ios->timing == MMC_TIMING_UHS_SDR104) || |
2087 |
+- (ios->timing == MMC_TIMING_UHS_DDR50))) { |
2088 |
++ (ios->timing == MMC_TIMING_UHS_DDR50) || |
2089 |
++ (ios->timing == MMC_TIMING_MMC_DDR52))) { |
2090 |
+ u16 preset; |
2091 |
+ |
2092 |
+ sdhci_enable_preset_value(host, true); |
2093 |
+diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c |
2094 |
+index d5fe5d5f490f..16d87bf8ac3c 100644 |
2095 |
+--- a/drivers/net/bonding/bond_main.c |
2096 |
++++ b/drivers/net/bonding/bond_main.c |
2097 |
+@@ -625,6 +625,23 @@ static void bond_set_dev_addr(struct net_device *bond_dev, |
2098 |
+ call_netdevice_notifiers(NETDEV_CHANGEADDR, bond_dev); |
2099 |
+ } |
2100 |
+ |
2101 |
++static struct slave *bond_get_old_active(struct bonding *bond, |
2102 |
++ struct slave *new_active) |
2103 |
++{ |
2104 |
++ struct slave *slave; |
2105 |
++ struct list_head *iter; |
2106 |
++ |
2107 |
++ bond_for_each_slave(bond, slave, iter) { |
2108 |
++ if (slave == new_active) |
2109 |
++ continue; |
2110 |
++ |
2111 |
++ if (ether_addr_equal(bond->dev->dev_addr, slave->dev->dev_addr)) |
2112 |
++ return slave; |
2113 |
++ } |
2114 |
++ |
2115 |
++ return NULL; |
2116 |
++} |
2117 |
++ |
2118 |
+ /* bond_do_fail_over_mac |
2119 |
+ * |
2120 |
+ * Perform special MAC address swapping for fail_over_mac settings |
2121 |
+@@ -652,6 +669,9 @@ static void bond_do_fail_over_mac(struct bonding *bond, |
2122 |
+ if (!new_active) |
2123 |
+ return; |
2124 |
+ |
2125 |
++ if (!old_active) |
2126 |
++ old_active = bond_get_old_active(bond, new_active); |
2127 |
++ |
2128 |
+ if (old_active) { |
2129 |
+ ether_addr_copy(tmp_mac, new_active->dev->dev_addr); |
2130 |
+ ether_addr_copy(saddr.sa_data, |
2131 |
+@@ -1902,6 +1922,7 @@ static int bond_release_and_destroy(struct net_device *bond_dev, |
2132 |
+ bond_dev->priv_flags |= IFF_DISABLE_NETPOLL; |
2133 |
+ netdev_info(bond_dev, "Destroying bond %s\n", |
2134 |
+ bond_dev->name); |
2135 |
++ bond_remove_proc_entry(bond); |
2136 |
+ unregister_netdevice(bond_dev); |
2137 |
+ } |
2138 |
+ return ret; |
2139 |
+diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
2140 |
+index 069952fa5d64..0d8af5bb5907 100644 |
2141 |
+--- a/drivers/net/ethernet/broadcom/tg3.c |
2142 |
++++ b/drivers/net/ethernet/broadcom/tg3.c |
2143 |
+@@ -10757,7 +10757,7 @@ static ssize_t tg3_show_temp(struct device *dev, |
2144 |
+ tg3_ape_scratchpad_read(tp, &temperature, attr->index, |
2145 |
+ sizeof(temperature)); |
2146 |
+ spin_unlock_bh(&tp->lock); |
2147 |
+- return sprintf(buf, "%u\n", temperature); |
2148 |
++ return sprintf(buf, "%u\n", temperature * 1000); |
2149 |
+ } |
2150 |
+ |
2151 |
+ |
2152 |
+diff --git a/drivers/net/ethernet/brocade/bna/bnad.c b/drivers/net/ethernet/brocade/bna/bnad.c |
2153 |
+index caae6cb2bc1a..a1c30ee60888 100644 |
2154 |
+--- a/drivers/net/ethernet/brocade/bna/bnad.c |
2155 |
++++ b/drivers/net/ethernet/brocade/bna/bnad.c |
2156 |
+@@ -675,6 +675,7 @@ bnad_cq_process(struct bnad *bnad, struct bna_ccb *ccb, int budget) |
2157 |
+ if (!next_cmpl->valid) |
2158 |
+ break; |
2159 |
+ } |
2160 |
++ packets++; |
2161 |
+ |
2162 |
+ /* TODO: BNA_CQ_EF_LOCAL ? */ |
2163 |
+ if (unlikely(flags & (BNA_CQ_EF_MAC_ERROR | |
2164 |
+@@ -691,7 +692,6 @@ bnad_cq_process(struct bnad *bnad, struct bna_ccb *ccb, int budget) |
2165 |
+ else |
2166 |
+ bnad_cq_setup_skb_frags(rcb, skb, sop_ci, nvecs, len); |
2167 |
+ |
2168 |
+- packets++; |
2169 |
+ rcb->rxq->rx_packets++; |
2170 |
+ rcb->rxq->rx_bytes += totlen; |
2171 |
+ ccb->bytes_per_intr += totlen; |
2172 |
+diff --git a/drivers/net/ethernet/intel/fm10k/fm10k_main.c b/drivers/net/ethernet/intel/fm10k/fm10k_main.c |
2173 |
+index c754b2027281..c9da1b5d4804 100644 |
2174 |
+--- a/drivers/net/ethernet/intel/fm10k/fm10k_main.c |
2175 |
++++ b/drivers/net/ethernet/intel/fm10k/fm10k_main.c |
2176 |
+@@ -216,7 +216,7 @@ static void fm10k_reuse_rx_page(struct fm10k_ring *rx_ring, |
2177 |
+ |
2178 |
+ static inline bool fm10k_page_is_reserved(struct page *page) |
2179 |
+ { |
2180 |
+- return (page_to_nid(page) != numa_mem_id()) || page->pfmemalloc; |
2181 |
++ return (page_to_nid(page) != numa_mem_id()) || page_is_pfmemalloc(page); |
2182 |
+ } |
2183 |
+ |
2184 |
+ static bool fm10k_can_reuse_rx_page(struct fm10k_rx_buffer *rx_buffer, |
2185 |
+diff --git a/drivers/net/ethernet/intel/igb/igb.h b/drivers/net/ethernet/intel/igb/igb.h |
2186 |
+index c2bd4f98a837..212d668dabb3 100644 |
2187 |
+--- a/drivers/net/ethernet/intel/igb/igb.h |
2188 |
++++ b/drivers/net/ethernet/intel/igb/igb.h |
2189 |
+@@ -540,6 +540,7 @@ void igb_ptp_rx_pktstamp(struct igb_q_vector *q_vector, unsigned char *va, |
2190 |
+ struct sk_buff *skb); |
2191 |
+ int igb_ptp_set_ts_config(struct net_device *netdev, struct ifreq *ifr); |
2192 |
+ int igb_ptp_get_ts_config(struct net_device *netdev, struct ifreq *ifr); |
2193 |
++void igb_set_flag_queue_pairs(struct igb_adapter *, const u32); |
2194 |
+ #ifdef CONFIG_IGB_HWMON |
2195 |
+ void igb_sysfs_exit(struct igb_adapter *adapter); |
2196 |
+ int igb_sysfs_init(struct igb_adapter *adapter); |
2197 |
+diff --git a/drivers/net/ethernet/intel/igb/igb_ethtool.c b/drivers/net/ethernet/intel/igb/igb_ethtool.c |
2198 |
+index d5673eb90c54..0afc0913e5b9 100644 |
2199 |
+--- a/drivers/net/ethernet/intel/igb/igb_ethtool.c |
2200 |
++++ b/drivers/net/ethernet/intel/igb/igb_ethtool.c |
2201 |
+@@ -2991,6 +2991,7 @@ static int igb_set_channels(struct net_device *netdev, |
2202 |
+ { |
2203 |
+ struct igb_adapter *adapter = netdev_priv(netdev); |
2204 |
+ unsigned int count = ch->combined_count; |
2205 |
++ unsigned int max_combined = 0; |
2206 |
+ |
2207 |
+ /* Verify they are not requesting separate vectors */ |
2208 |
+ if (!count || ch->rx_count || ch->tx_count) |
2209 |
+@@ -3001,11 +3002,13 @@ static int igb_set_channels(struct net_device *netdev, |
2210 |
+ return -EINVAL; |
2211 |
+ |
2212 |
+ /* Verify the number of channels doesn't exceed hw limits */ |
2213 |
+- if (count > igb_max_channels(adapter)) |
2214 |
++ max_combined = igb_max_channels(adapter); |
2215 |
++ if (count > max_combined) |
2216 |
+ return -EINVAL; |
2217 |
+ |
2218 |
+ if (count != adapter->rss_queues) { |
2219 |
+ adapter->rss_queues = count; |
2220 |
++ igb_set_flag_queue_pairs(adapter, max_combined); |
2221 |
+ |
2222 |
+ /* Hardware has to reinitialize queues and interrupts to |
2223 |
+ * match the new configuration. |
2224 |
+diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c |
2225 |
+index a0a9b1fcb5e8..4f6bf996851e 100644 |
2226 |
+--- a/drivers/net/ethernet/intel/igb/igb_main.c |
2227 |
++++ b/drivers/net/ethernet/intel/igb/igb_main.c |
2228 |
+@@ -1205,10 +1205,14 @@ static int igb_alloc_q_vector(struct igb_adapter *adapter, |
2229 |
+ |
2230 |
+ /* allocate q_vector and rings */ |
2231 |
+ q_vector = adapter->q_vector[v_idx]; |
2232 |
+- if (!q_vector) |
2233 |
++ if (!q_vector) { |
2234 |
+ q_vector = kzalloc(size, GFP_KERNEL); |
2235 |
+- else |
2236 |
++ } else if (size > ksize(q_vector)) { |
2237 |
++ kfree_rcu(q_vector, rcu); |
2238 |
++ q_vector = kzalloc(size, GFP_KERNEL); |
2239 |
++ } else { |
2240 |
+ memset(q_vector, 0, size); |
2241 |
++ } |
2242 |
+ if (!q_vector) |
2243 |
+ return -ENOMEM; |
2244 |
+ |
2245 |
+@@ -2901,6 +2905,14 @@ static void igb_init_queue_configuration(struct igb_adapter *adapter) |
2246 |
+ |
2247 |
+ adapter->rss_queues = min_t(u32, max_rss_queues, num_online_cpus()); |
2248 |
+ |
2249 |
++ igb_set_flag_queue_pairs(adapter, max_rss_queues); |
2250 |
++} |
2251 |
++ |
2252 |
++void igb_set_flag_queue_pairs(struct igb_adapter *adapter, |
2253 |
++ const u32 max_rss_queues) |
2254 |
++{ |
2255 |
++ struct e1000_hw *hw = &adapter->hw; |
2256 |
++ |
2257 |
+ /* Determine if we need to pair queues. */ |
2258 |
+ switch (hw->mac.type) { |
2259 |
+ case e1000_82575: |
2260 |
+@@ -6584,7 +6596,7 @@ static void igb_reuse_rx_page(struct igb_ring *rx_ring, |
2261 |
+ |
2262 |
+ static inline bool igb_page_is_reserved(struct page *page) |
2263 |
+ { |
2264 |
+- return (page_to_nid(page) != numa_mem_id()) || page->pfmemalloc; |
2265 |
++ return (page_to_nid(page) != numa_mem_id()) || page_is_pfmemalloc(page); |
2266 |
+ } |
2267 |
+ |
2268 |
+ static bool igb_can_reuse_rx_page(struct igb_rx_buffer *rx_buffer, |
2269 |
+diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c |
2270 |
+index 5be12a00e1f4..463ff47200f1 100644 |
2271 |
+--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c |
2272 |
++++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c |
2273 |
+@@ -1829,7 +1829,7 @@ static void ixgbe_reuse_rx_page(struct ixgbe_ring *rx_ring, |
2274 |
+ |
2275 |
+ static inline bool ixgbe_page_is_reserved(struct page *page) |
2276 |
+ { |
2277 |
+- return (page_to_nid(page) != numa_mem_id()) || page->pfmemalloc; |
2278 |
++ return (page_to_nid(page) != numa_mem_id()) || page_is_pfmemalloc(page); |
2279 |
+ } |
2280 |
+ |
2281 |
+ /** |
2282 |
+diff --git a/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c b/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c |
2283 |
+index e71cdde9cb01..1d7b00b038a2 100644 |
2284 |
+--- a/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c |
2285 |
++++ b/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c |
2286 |
+@@ -765,7 +765,7 @@ static void ixgbevf_reuse_rx_page(struct ixgbevf_ring *rx_ring, |
2287 |
+ |
2288 |
+ static inline bool ixgbevf_page_is_reserved(struct page *page) |
2289 |
+ { |
2290 |
+- return (page_to_nid(page) != numa_mem_id()) || page->pfmemalloc; |
2291 |
++ return (page_to_nid(page) != numa_mem_id()) || page_is_pfmemalloc(page); |
2292 |
+ } |
2293 |
+ |
2294 |
+ /** |
2295 |
+diff --git a/drivers/net/ethernet/mellanox/mlx4/eq.c b/drivers/net/ethernet/mellanox/mlx4/eq.c |
2296 |
+index 2619c9fbf42d..983b1d51244d 100644 |
2297 |
+--- a/drivers/net/ethernet/mellanox/mlx4/eq.c |
2298 |
++++ b/drivers/net/ethernet/mellanox/mlx4/eq.c |
2299 |
+@@ -573,7 +573,7 @@ static int mlx4_eq_int(struct mlx4_dev *dev, struct mlx4_eq *eq) |
2300 |
+ continue; |
2301 |
+ mlx4_dbg(dev, "%s: Sending MLX4_PORT_CHANGE_SUBTYPE_DOWN to slave: %d, port:%d\n", |
2302 |
+ __func__, i, port); |
2303 |
+- s_info = &priv->mfunc.master.vf_oper[slave].vport[port].state; |
2304 |
++ s_info = &priv->mfunc.master.vf_oper[i].vport[port].state; |
2305 |
+ if (IFLA_VF_LINK_STATE_AUTO == s_info->link_state) { |
2306 |
+ eqe->event.port_change.port = |
2307 |
+ cpu_to_be32( |
2308 |
+@@ -608,7 +608,7 @@ static int mlx4_eq_int(struct mlx4_dev *dev, struct mlx4_eq *eq) |
2309 |
+ continue; |
2310 |
+ if (i == mlx4_master_func_num(dev)) |
2311 |
+ continue; |
2312 |
+- s_info = &priv->mfunc.master.vf_oper[slave].vport[port].state; |
2313 |
++ s_info = &priv->mfunc.master.vf_oper[i].vport[port].state; |
2314 |
+ if (IFLA_VF_LINK_STATE_AUTO == s_info->link_state) { |
2315 |
+ eqe->event.port_change.port = |
2316 |
+ cpu_to_be32( |
2317 |
+diff --git a/drivers/net/ethernet/rocker/rocker.c b/drivers/net/ethernet/rocker/rocker.c |
2318 |
+index cf98cc9bbc8d..73b6fc21ea00 100644 |
2319 |
+--- a/drivers/net/ethernet/rocker/rocker.c |
2320 |
++++ b/drivers/net/ethernet/rocker/rocker.c |
2321 |
+@@ -4587,6 +4587,7 @@ static void rocker_remove_ports(struct rocker *rocker) |
2322 |
+ rocker_port = rocker->ports[i]; |
2323 |
+ rocker_port_ig_tbl(rocker_port, ROCKER_OP_FLAG_REMOVE); |
2324 |
+ unregister_netdev(rocker_port->dev); |
2325 |
++ free_netdev(rocker_port->dev); |
2326 |
+ } |
2327 |
+ kfree(rocker->ports); |
2328 |
+ } |
2329 |
+diff --git a/drivers/net/ethernet/stmicro/stmmac/descs.h b/drivers/net/ethernet/stmicro/stmmac/descs.h |
2330 |
+index ad3996038018..799c2929c536 100644 |
2331 |
+--- a/drivers/net/ethernet/stmicro/stmmac/descs.h |
2332 |
++++ b/drivers/net/ethernet/stmicro/stmmac/descs.h |
2333 |
+@@ -158,6 +158,8 @@ struct dma_desc { |
2334 |
+ u32 buffer2_size:13; |
2335 |
+ u32 reserved4:3; |
2336 |
+ } etx; /* -- enhanced -- */ |
2337 |
++ |
2338 |
++ u64 all_flags; |
2339 |
+ } des01; |
2340 |
+ unsigned int des2; |
2341 |
+ unsigned int des3; |
2342 |
+diff --git a/drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c b/drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c |
2343 |
+index 6249a4ec08f0..573708123338 100644 |
2344 |
+--- a/drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c |
2345 |
++++ b/drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c |
2346 |
+@@ -38,7 +38,6 @@ struct rk_priv_data { |
2347 |
+ bool clock_input; |
2348 |
+ |
2349 |
+ struct clk *clk_mac; |
2350 |
+- struct clk *clk_mac_pll; |
2351 |
+ struct clk *gmac_clkin; |
2352 |
+ struct clk *mac_clk_rx; |
2353 |
+ struct clk *mac_clk_tx; |
2354 |
+@@ -208,7 +207,7 @@ static int gmac_clk_init(struct rk_priv_data *bsp_priv) |
2355 |
+ dev_info(dev, "%s: clock input from PHY\n", __func__); |
2356 |
+ } else { |
2357 |
+ if (bsp_priv->phy_iface == PHY_INTERFACE_MODE_RMII) |
2358 |
+- clk_set_rate(bsp_priv->clk_mac_pll, 50000000); |
2359 |
++ clk_set_rate(bsp_priv->clk_mac, 50000000); |
2360 |
+ } |
2361 |
+ |
2362 |
+ return 0; |
2363 |
+diff --git a/drivers/net/ethernet/stmicro/stmmac/enh_desc.c b/drivers/net/ethernet/stmicro/stmmac/enh_desc.c |
2364 |
+index 1e2bcf5f89e1..7d944449f5ef 100644 |
2365 |
+--- a/drivers/net/ethernet/stmicro/stmmac/enh_desc.c |
2366 |
++++ b/drivers/net/ethernet/stmicro/stmmac/enh_desc.c |
2367 |
+@@ -240,6 +240,7 @@ static int enh_desc_get_rx_status(void *data, struct stmmac_extra_stats *x, |
2368 |
+ static void enh_desc_init_rx_desc(struct dma_desc *p, int disable_rx_ic, |
2369 |
+ int mode, int end) |
2370 |
+ { |
2371 |
++ p->des01.all_flags = 0; |
2372 |
+ p->des01.erx.own = 1; |
2373 |
+ p->des01.erx.buffer1_size = BUF_SIZE_8KiB - 1; |
2374 |
+ |
2375 |
+@@ -254,7 +255,7 @@ static void enh_desc_init_rx_desc(struct dma_desc *p, int disable_rx_ic, |
2376 |
+ |
2377 |
+ static void enh_desc_init_tx_desc(struct dma_desc *p, int mode, int end) |
2378 |
+ { |
2379 |
+- p->des01.etx.own = 0; |
2380 |
++ p->des01.all_flags = 0; |
2381 |
+ if (mode == STMMAC_CHAIN_MODE) |
2382 |
+ ehn_desc_tx_set_on_chain(p, end); |
2383 |
+ else |
2384 |
+diff --git a/drivers/net/ethernet/stmicro/stmmac/norm_desc.c b/drivers/net/ethernet/stmicro/stmmac/norm_desc.c |
2385 |
+index 35ad4f427ae2..48c3456445b2 100644 |
2386 |
+--- a/drivers/net/ethernet/stmicro/stmmac/norm_desc.c |
2387 |
++++ b/drivers/net/ethernet/stmicro/stmmac/norm_desc.c |
2388 |
+@@ -123,6 +123,7 @@ static int ndesc_get_rx_status(void *data, struct stmmac_extra_stats *x, |
2389 |
+ static void ndesc_init_rx_desc(struct dma_desc *p, int disable_rx_ic, int mode, |
2390 |
+ int end) |
2391 |
+ { |
2392 |
++ p->des01.all_flags = 0; |
2393 |
+ p->des01.rx.own = 1; |
2394 |
+ p->des01.rx.buffer1_size = BUF_SIZE_2KiB - 1; |
2395 |
+ |
2396 |
+@@ -137,7 +138,7 @@ static void ndesc_init_rx_desc(struct dma_desc *p, int disable_rx_ic, int mode, |
2397 |
+ |
2398 |
+ static void ndesc_init_tx_desc(struct dma_desc *p, int mode, int end) |
2399 |
+ { |
2400 |
+- p->des01.tx.own = 0; |
2401 |
++ p->des01.all_flags = 0; |
2402 |
+ if (mode == STMMAC_CHAIN_MODE) |
2403 |
+ ndesc_tx_set_on_chain(p, end); |
2404 |
+ else |
2405 |
+diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
2406 |
+index 2c5ce2baca87..c274cdc5df1e 100644 |
2407 |
+--- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
2408 |
++++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c |
2409 |
+@@ -829,8 +829,11 @@ static int stmmac_init_phy(struct net_device *dev) |
2410 |
+ |
2411 |
+ phydev = phy_connect(dev, phy_id_fmt, &stmmac_adjust_link, interface); |
2412 |
+ |
2413 |
+- if (IS_ERR(phydev)) { |
2414 |
++ if (IS_ERR_OR_NULL(phydev)) { |
2415 |
+ pr_err("%s: Could not attach to PHY\n", dev->name); |
2416 |
++ if (!phydev) |
2417 |
++ return -ENODEV; |
2418 |
++ |
2419 |
+ return PTR_ERR(phydev); |
2420 |
+ } |
2421 |
+ |
2422 |
+@@ -1189,41 +1192,41 @@ static int alloc_dma_desc_resources(struct stmmac_priv *priv) |
2423 |
+ goto err_tx_skbuff; |
2424 |
+ |
2425 |
+ if (priv->extend_desc) { |
2426 |
+- priv->dma_erx = dma_alloc_coherent(priv->device, rxsize * |
2427 |
+- sizeof(struct |
2428 |
+- dma_extended_desc), |
2429 |
+- &priv->dma_rx_phy, |
2430 |
+- GFP_KERNEL); |
2431 |
++ priv->dma_erx = dma_zalloc_coherent(priv->device, rxsize * |
2432 |
++ sizeof(struct |
2433 |
++ dma_extended_desc), |
2434 |
++ &priv->dma_rx_phy, |
2435 |
++ GFP_KERNEL); |
2436 |
+ if (!priv->dma_erx) |
2437 |
+ goto err_dma; |
2438 |
+ |
2439 |
+- priv->dma_etx = dma_alloc_coherent(priv->device, txsize * |
2440 |
+- sizeof(struct |
2441 |
+- dma_extended_desc), |
2442 |
+- &priv->dma_tx_phy, |
2443 |
+- GFP_KERNEL); |
2444 |
++ priv->dma_etx = dma_zalloc_coherent(priv->device, txsize * |
2445 |
++ sizeof(struct |
2446 |
++ dma_extended_desc), |
2447 |
++ &priv->dma_tx_phy, |
2448 |
++ GFP_KERNEL); |
2449 |
+ if (!priv->dma_etx) { |
2450 |
+ dma_free_coherent(priv->device, priv->dma_rx_size * |
2451 |
+- sizeof(struct dma_extended_desc), |
2452 |
+- priv->dma_erx, priv->dma_rx_phy); |
2453 |
++ sizeof(struct dma_extended_desc), |
2454 |
++ priv->dma_erx, priv->dma_rx_phy); |
2455 |
+ goto err_dma; |
2456 |
+ } |
2457 |
+ } else { |
2458 |
+- priv->dma_rx = dma_alloc_coherent(priv->device, rxsize * |
2459 |
+- sizeof(struct dma_desc), |
2460 |
+- &priv->dma_rx_phy, |
2461 |
+- GFP_KERNEL); |
2462 |
++ priv->dma_rx = dma_zalloc_coherent(priv->device, rxsize * |
2463 |
++ sizeof(struct dma_desc), |
2464 |
++ &priv->dma_rx_phy, |
2465 |
++ GFP_KERNEL); |
2466 |
+ if (!priv->dma_rx) |
2467 |
+ goto err_dma; |
2468 |
+ |
2469 |
+- priv->dma_tx = dma_alloc_coherent(priv->device, txsize * |
2470 |
+- sizeof(struct dma_desc), |
2471 |
+- &priv->dma_tx_phy, |
2472 |
+- GFP_KERNEL); |
2473 |
++ priv->dma_tx = dma_zalloc_coherent(priv->device, txsize * |
2474 |
++ sizeof(struct dma_desc), |
2475 |
++ &priv->dma_tx_phy, |
2476 |
++ GFP_KERNEL); |
2477 |
+ if (!priv->dma_tx) { |
2478 |
+ dma_free_coherent(priv->device, priv->dma_rx_size * |
2479 |
+- sizeof(struct dma_desc), |
2480 |
+- priv->dma_rx, priv->dma_rx_phy); |
2481 |
++ sizeof(struct dma_desc), |
2482 |
++ priv->dma_rx, priv->dma_rx_phy); |
2483 |
+ goto err_dma; |
2484 |
+ } |
2485 |
+ } |
2486 |
+diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c |
2487 |
+index 63c7810e1545..7fbca37a1adf 100644 |
2488 |
+--- a/drivers/net/virtio_net.c |
2489 |
++++ b/drivers/net/virtio_net.c |
2490 |
+@@ -1828,7 +1828,8 @@ static int virtnet_probe(struct virtio_device *vdev) |
2491 |
+ else |
2492 |
+ vi->hdr_len = sizeof(struct virtio_net_hdr); |
2493 |
+ |
2494 |
+- if (virtio_has_feature(vdev, VIRTIO_F_ANY_LAYOUT)) |
2495 |
++ if (virtio_has_feature(vdev, VIRTIO_F_ANY_LAYOUT) || |
2496 |
++ virtio_has_feature(vdev, VIRTIO_F_VERSION_1)) |
2497 |
+ vi->any_header_sg = true; |
2498 |
+ |
2499 |
+ if (virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_VQ)) |
2500 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8192cu/sw.c b/drivers/net/wireless/rtlwifi/rtl8192cu/sw.c |
2501 |
+index 23806c243a53..fd4a5353d216 100644 |
2502 |
+--- a/drivers/net/wireless/rtlwifi/rtl8192cu/sw.c |
2503 |
++++ b/drivers/net/wireless/rtlwifi/rtl8192cu/sw.c |
2504 |
+@@ -321,6 +321,7 @@ static struct usb_device_id rtl8192c_usb_ids[] = { |
2505 |
+ {RTL_USB_DEVICE(0x07b8, 0x8188, rtl92cu_hal_cfg)}, /*Abocom - Abocom*/ |
2506 |
+ {RTL_USB_DEVICE(0x07b8, 0x8189, rtl92cu_hal_cfg)}, /*Funai - Abocom*/ |
2507 |
+ {RTL_USB_DEVICE(0x0846, 0x9041, rtl92cu_hal_cfg)}, /*NetGear WNA1000M*/ |
2508 |
++ {RTL_USB_DEVICE(0x0846, 0x9043, rtl92cu_hal_cfg)}, /*NG WNA1000Mv2*/ |
2509 |
+ {RTL_USB_DEVICE(0x0b05, 0x17ba, rtl92cu_hal_cfg)}, /*ASUS-Edimax*/ |
2510 |
+ {RTL_USB_DEVICE(0x0bda, 0x5088, rtl92cu_hal_cfg)}, /*Thinkware-CC&C*/ |
2511 |
+ {RTL_USB_DEVICE(0x0df6, 0x0052, rtl92cu_hal_cfg)}, /*Sitecom - Edimax*/ |
2512 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c b/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c |
2513 |
+index 57966e3c8e8d..3fa2fb7c8e4e 100644 |
2514 |
+--- a/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c |
2515 |
++++ b/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c |
2516 |
+@@ -2180,7 +2180,7 @@ static int _rtl8821ae_set_media_status(struct ieee80211_hw *hw, |
2517 |
+ |
2518 |
+ rtl_write_byte(rtlpriv, MSR, bt_msr); |
2519 |
+ rtlpriv->cfg->ops->led_control(hw, ledaction); |
2520 |
+- if ((bt_msr & 0xfc) == MSR_AP) |
2521 |
++ if ((bt_msr & MSR_MASK) == MSR_AP) |
2522 |
+ rtl_write_byte(rtlpriv, REG_BCNTCFG + 1, 0x00); |
2523 |
+ else |
2524 |
+ rtl_write_byte(rtlpriv, REG_BCNTCFG + 1, 0x66); |
2525 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h b/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h |
2526 |
+index 53668fc8f23e..1d6110f9c1fb 100644 |
2527 |
+--- a/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h |
2528 |
++++ b/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h |
2529 |
+@@ -429,6 +429,7 @@ |
2530 |
+ #define MSR_ADHOC 0x01 |
2531 |
+ #define MSR_INFRA 0x02 |
2532 |
+ #define MSR_AP 0x03 |
2533 |
++#define MSR_MASK 0x03 |
2534 |
+ |
2535 |
+ #define RRSR_RSC_OFFSET 21 |
2536 |
+ #define RRSR_SHORT_OFFSET 23 |
2537 |
+diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c |
2538 |
+index 0d2594395ffb..0866c5dfdf87 100644 |
2539 |
+--- a/drivers/net/xen-netback/netback.c |
2540 |
++++ b/drivers/net/xen-netback/netback.c |
2541 |
+@@ -1571,13 +1571,13 @@ static inline void xenvif_tx_dealloc_action(struct xenvif_queue *queue) |
2542 |
+ smp_rmb(); |
2543 |
+ |
2544 |
+ while (dc != dp) { |
2545 |
+- BUG_ON(gop - queue->tx_unmap_ops > MAX_PENDING_REQS); |
2546 |
++ BUG_ON(gop - queue->tx_unmap_ops >= MAX_PENDING_REQS); |
2547 |
+ pending_idx = |
2548 |
+ queue->dealloc_ring[pending_index(dc++)]; |
2549 |
+ |
2550 |
+- pending_idx_release[gop-queue->tx_unmap_ops] = |
2551 |
++ pending_idx_release[gop - queue->tx_unmap_ops] = |
2552 |
+ pending_idx; |
2553 |
+- queue->pages_to_unmap[gop-queue->tx_unmap_ops] = |
2554 |
++ queue->pages_to_unmap[gop - queue->tx_unmap_ops] = |
2555 |
+ queue->mmap_pages[pending_idx]; |
2556 |
+ gnttab_set_unmap_op(gop, |
2557 |
+ idx_to_kaddr(queue, pending_idx), |
2558 |
+diff --git a/drivers/nfc/st21nfca/st21nfca.c b/drivers/nfc/st21nfca/st21nfca.c |
2559 |
+index d251f7229c4e..051286562fab 100644 |
2560 |
+--- a/drivers/nfc/st21nfca/st21nfca.c |
2561 |
++++ b/drivers/nfc/st21nfca/st21nfca.c |
2562 |
+@@ -148,14 +148,14 @@ static int st21nfca_hci_load_session(struct nfc_hci_dev *hdev) |
2563 |
+ ST21NFCA_DEVICE_MGNT_GATE, |
2564 |
+ ST21NFCA_DEVICE_MGNT_PIPE); |
2565 |
+ if (r < 0) |
2566 |
+- goto free_info; |
2567 |
++ return r; |
2568 |
+ |
2569 |
+ /* Get pipe list */ |
2570 |
+ r = nfc_hci_send_cmd(hdev, ST21NFCA_DEVICE_MGNT_GATE, |
2571 |
+ ST21NFCA_DM_GETINFO, pipe_list, sizeof(pipe_list), |
2572 |
+ &skb_pipe_list); |
2573 |
+ if (r < 0) |
2574 |
+- goto free_info; |
2575 |
++ return r; |
2576 |
+ |
2577 |
+ /* Complete the existing gate_pipe table */ |
2578 |
+ for (i = 0; i < skb_pipe_list->len; i++) { |
2579 |
+@@ -181,6 +181,7 @@ static int st21nfca_hci_load_session(struct nfc_hci_dev *hdev) |
2580 |
+ info->src_host_id != ST21NFCA_ESE_HOST_ID) { |
2581 |
+ pr_err("Unexpected apdu_reader pipe on host %x\n", |
2582 |
+ info->src_host_id); |
2583 |
++ kfree_skb(skb_pipe_info); |
2584 |
+ continue; |
2585 |
+ } |
2586 |
+ |
2587 |
+@@ -200,6 +201,7 @@ static int st21nfca_hci_load_session(struct nfc_hci_dev *hdev) |
2588 |
+ hdev->pipes[st21nfca_gates[j].pipe].dest_host = |
2589 |
+ info->src_host_id; |
2590 |
+ } |
2591 |
++ kfree_skb(skb_pipe_info); |
2592 |
+ } |
2593 |
+ |
2594 |
+ /* |
2595 |
+@@ -214,13 +216,12 @@ static int st21nfca_hci_load_session(struct nfc_hci_dev *hdev) |
2596 |
+ st21nfca_gates[i].gate, |
2597 |
+ st21nfca_gates[i].pipe); |
2598 |
+ if (r < 0) |
2599 |
+- goto free_info; |
2600 |
++ goto free_list; |
2601 |
+ } |
2602 |
+ } |
2603 |
+ |
2604 |
+ memcpy(hdev->init_data.gates, st21nfca_gates, sizeof(st21nfca_gates)); |
2605 |
+-free_info: |
2606 |
+- kfree_skb(skb_pipe_info); |
2607 |
++free_list: |
2608 |
+ kfree_skb(skb_pipe_list); |
2609 |
+ return r; |
2610 |
+ } |
2611 |
+diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c |
2612 |
+index cde35c5d0191..d91f721a05b6 100644 |
2613 |
+--- a/drivers/of/fdt.c |
2614 |
++++ b/drivers/of/fdt.c |
2615 |
+@@ -955,7 +955,9 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname, |
2616 |
+ } |
2617 |
+ |
2618 |
+ #ifdef CONFIG_HAVE_MEMBLOCK |
2619 |
+-#define MAX_PHYS_ADDR ((phys_addr_t)~0) |
2620 |
++#ifndef MAX_MEMBLOCK_ADDR |
2621 |
++#define MAX_MEMBLOCK_ADDR ((phys_addr_t)~0) |
2622 |
++#endif |
2623 |
+ |
2624 |
+ void __init __weak early_init_dt_add_memory_arch(u64 base, u64 size) |
2625 |
+ { |
2626 |
+@@ -972,16 +974,16 @@ void __init __weak early_init_dt_add_memory_arch(u64 base, u64 size) |
2627 |
+ } |
2628 |
+ size &= PAGE_MASK; |
2629 |
+ |
2630 |
+- if (base > MAX_PHYS_ADDR) { |
2631 |
++ if (base > MAX_MEMBLOCK_ADDR) { |
2632 |
+ pr_warning("Ignoring memory block 0x%llx - 0x%llx\n", |
2633 |
+ base, base + size); |
2634 |
+ return; |
2635 |
+ } |
2636 |
+ |
2637 |
+- if (base + size - 1 > MAX_PHYS_ADDR) { |
2638 |
++ if (base + size - 1 > MAX_MEMBLOCK_ADDR) { |
2639 |
+ pr_warning("Ignoring memory range 0x%llx - 0x%llx\n", |
2640 |
+- ((u64)MAX_PHYS_ADDR) + 1, base + size); |
2641 |
+- size = MAX_PHYS_ADDR - base + 1; |
2642 |
++ ((u64)MAX_MEMBLOCK_ADDR) + 1, base + size); |
2643 |
++ size = MAX_MEMBLOCK_ADDR - base + 1; |
2644 |
+ } |
2645 |
+ |
2646 |
+ if (base + size < phys_offset) { |
2647 |
+diff --git a/drivers/parisc/lba_pci.c b/drivers/parisc/lba_pci.c |
2648 |
+index dceb9ddfd99a..a32c1f6c252c 100644 |
2649 |
+--- a/drivers/parisc/lba_pci.c |
2650 |
++++ b/drivers/parisc/lba_pci.c |
2651 |
+@@ -1556,8 +1556,11 @@ lba_driver_probe(struct parisc_device *dev) |
2652 |
+ if (lba_dev->hba.lmmio_space.flags) |
2653 |
+ pci_add_resource_offset(&resources, &lba_dev->hba.lmmio_space, |
2654 |
+ lba_dev->hba.lmmio_space_offset); |
2655 |
+- if (lba_dev->hba.gmmio_space.flags) |
2656 |
+- pci_add_resource(&resources, &lba_dev->hba.gmmio_space); |
2657 |
++ if (lba_dev->hba.gmmio_space.flags) { |
2658 |
++ /* pci_add_resource(&resources, &lba_dev->hba.gmmio_space); */ |
2659 |
++ pr_warn("LBA: Not registering GMMIO space %pR\n", |
2660 |
++ &lba_dev->hba.gmmio_space); |
2661 |
++ } |
2662 |
+ |
2663 |
+ pci_add_resource(&resources, &lba_dev->hba.bus_num); |
2664 |
+ |
2665 |
+diff --git a/drivers/pci/Kconfig b/drivers/pci/Kconfig |
2666 |
+index 944f50015ed0..73de4efcbe6e 100644 |
2667 |
+--- a/drivers/pci/Kconfig |
2668 |
++++ b/drivers/pci/Kconfig |
2669 |
+@@ -2,7 +2,7 @@ |
2670 |
+ # PCI configuration |
2671 |
+ # |
2672 |
+ config PCI_BUS_ADDR_T_64BIT |
2673 |
+- def_bool y if (ARCH_DMA_ADDR_T_64BIT || (64BIT && !PARISC)) |
2674 |
++ def_bool y if (ARCH_DMA_ADDR_T_64BIT || 64BIT) |
2675 |
+ depends on PCI |
2676 |
+ |
2677 |
+ config PCI_MSI |
2678 |
+diff --git a/drivers/pinctrl/pinctrl-at91.c b/drivers/pinctrl/pinctrl-at91.c |
2679 |
+index 2f797cb7e205..774781450885 100644 |
2680 |
+--- a/drivers/pinctrl/pinctrl-at91.c |
2681 |
++++ b/drivers/pinctrl/pinctrl-at91.c |
2682 |
+@@ -320,6 +320,9 @@ static const struct pinctrl_ops at91_pctrl_ops = { |
2683 |
+ static void __iomem *pin_to_controller(struct at91_pinctrl *info, |
2684 |
+ unsigned int bank) |
2685 |
+ { |
2686 |
++ if (!gpio_chips[bank]) |
2687 |
++ return NULL; |
2688 |
++ |
2689 |
+ return gpio_chips[bank]->regbase; |
2690 |
+ } |
2691 |
+ |
2692 |
+@@ -729,6 +732,10 @@ static int at91_pmx_set(struct pinctrl_dev *pctldev, unsigned selector, |
2693 |
+ pin = &pins_conf[i]; |
2694 |
+ at91_pin_dbg(info->dev, pin); |
2695 |
+ pio = pin_to_controller(info, pin->bank); |
2696 |
++ |
2697 |
++ if (!pio) |
2698 |
++ continue; |
2699 |
++ |
2700 |
+ mask = pin_to_mask(pin->pin); |
2701 |
+ at91_mux_disable_interrupt(pio, mask); |
2702 |
+ switch (pin->mux) { |
2703 |
+@@ -848,6 +855,10 @@ static int at91_pinconf_get(struct pinctrl_dev *pctldev, |
2704 |
+ *config = 0; |
2705 |
+ dev_dbg(info->dev, "%s:%d, pin_id=%d", __func__, __LINE__, pin_id); |
2706 |
+ pio = pin_to_controller(info, pin_to_bank(pin_id)); |
2707 |
++ |
2708 |
++ if (!pio) |
2709 |
++ return -EINVAL; |
2710 |
++ |
2711 |
+ pin = pin_id % MAX_NB_GPIO_PER_BANK; |
2712 |
+ |
2713 |
+ if (at91_mux_get_multidrive(pio, pin)) |
2714 |
+@@ -889,6 +900,10 @@ static int at91_pinconf_set(struct pinctrl_dev *pctldev, |
2715 |
+ "%s:%d, pin_id=%d, config=0x%lx", |
2716 |
+ __func__, __LINE__, pin_id, config); |
2717 |
+ pio = pin_to_controller(info, pin_to_bank(pin_id)); |
2718 |
++ |
2719 |
++ if (!pio) |
2720 |
++ return -EINVAL; |
2721 |
++ |
2722 |
+ pin = pin_id % MAX_NB_GPIO_PER_BANK; |
2723 |
+ mask = pin_to_mask(pin); |
2724 |
+ |
2725 |
+diff --git a/drivers/platform/x86/ideapad-laptop.c b/drivers/platform/x86/ideapad-laptop.c |
2726 |
+index cb7cd8d79329..cd78f1166b33 100644 |
2727 |
+--- a/drivers/platform/x86/ideapad-laptop.c |
2728 |
++++ b/drivers/platform/x86/ideapad-laptop.c |
2729 |
+@@ -852,6 +852,13 @@ static const struct dmi_system_id no_hw_rfkill_list[] = { |
2730 |
+ }, |
2731 |
+ }, |
2732 |
+ { |
2733 |
++ .ident = "Lenovo Yoga 3 14", |
2734 |
++ .matches = { |
2735 |
++ DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), |
2736 |
++ DMI_MATCH(DMI_PRODUCT_VERSION, "Lenovo Yoga 3 14"), |
2737 |
++ }, |
2738 |
++ }, |
2739 |
++ { |
2740 |
+ .ident = "Lenovo Yoga 3 Pro 1370", |
2741 |
+ .matches = { |
2742 |
+ DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), |
2743 |
+diff --git a/drivers/rtc/rtc-abx80x.c b/drivers/rtc/rtc-abx80x.c |
2744 |
+index 4337c3bc6ace..afea84c7a155 100644 |
2745 |
+--- a/drivers/rtc/rtc-abx80x.c |
2746 |
++++ b/drivers/rtc/rtc-abx80x.c |
2747 |
+@@ -28,7 +28,7 @@ |
2748 |
+ #define ABX8XX_REG_WD 0x07 |
2749 |
+ |
2750 |
+ #define ABX8XX_REG_CTRL1 0x10 |
2751 |
+-#define ABX8XX_CTRL_WRITE BIT(1) |
2752 |
++#define ABX8XX_CTRL_WRITE BIT(0) |
2753 |
+ #define ABX8XX_CTRL_12_24 BIT(6) |
2754 |
+ |
2755 |
+ #define ABX8XX_REG_CFG_KEY 0x1f |
2756 |
+diff --git a/drivers/rtc/rtc-s3c.c b/drivers/rtc/rtc-s3c.c |
2757 |
+index 76cbad7a99d3..c5a2523b0185 100644 |
2758 |
+--- a/drivers/rtc/rtc-s3c.c |
2759 |
++++ b/drivers/rtc/rtc-s3c.c |
2760 |
+@@ -39,6 +39,7 @@ struct s3c_rtc { |
2761 |
+ void __iomem *base; |
2762 |
+ struct clk *rtc_clk; |
2763 |
+ struct clk *rtc_src_clk; |
2764 |
++ bool clk_disabled; |
2765 |
+ |
2766 |
+ struct s3c_rtc_data *data; |
2767 |
+ |
2768 |
+@@ -71,9 +72,12 @@ static void s3c_rtc_enable_clk(struct s3c_rtc *info) |
2769 |
+ unsigned long irq_flags; |
2770 |
+ |
2771 |
+ spin_lock_irqsave(&info->alarm_clk_lock, irq_flags); |
2772 |
+- clk_enable(info->rtc_clk); |
2773 |
+- if (info->data->needs_src_clk) |
2774 |
+- clk_enable(info->rtc_src_clk); |
2775 |
++ if (info->clk_disabled) { |
2776 |
++ clk_enable(info->rtc_clk); |
2777 |
++ if (info->data->needs_src_clk) |
2778 |
++ clk_enable(info->rtc_src_clk); |
2779 |
++ info->clk_disabled = false; |
2780 |
++ } |
2781 |
+ spin_unlock_irqrestore(&info->alarm_clk_lock, irq_flags); |
2782 |
+ } |
2783 |
+ |
2784 |
+@@ -82,9 +86,12 @@ static void s3c_rtc_disable_clk(struct s3c_rtc *info) |
2785 |
+ unsigned long irq_flags; |
2786 |
+ |
2787 |
+ spin_lock_irqsave(&info->alarm_clk_lock, irq_flags); |
2788 |
+- if (info->data->needs_src_clk) |
2789 |
+- clk_disable(info->rtc_src_clk); |
2790 |
+- clk_disable(info->rtc_clk); |
2791 |
++ if (!info->clk_disabled) { |
2792 |
++ if (info->data->needs_src_clk) |
2793 |
++ clk_disable(info->rtc_src_clk); |
2794 |
++ clk_disable(info->rtc_clk); |
2795 |
++ info->clk_disabled = true; |
2796 |
++ } |
2797 |
+ spin_unlock_irqrestore(&info->alarm_clk_lock, irq_flags); |
2798 |
+ } |
2799 |
+ |
2800 |
+@@ -128,6 +135,11 @@ static int s3c_rtc_setaie(struct device *dev, unsigned int enabled) |
2801 |
+ |
2802 |
+ s3c_rtc_disable_clk(info); |
2803 |
+ |
2804 |
++ if (enabled) |
2805 |
++ s3c_rtc_enable_clk(info); |
2806 |
++ else |
2807 |
++ s3c_rtc_disable_clk(info); |
2808 |
++ |
2809 |
+ return 0; |
2810 |
+ } |
2811 |
+ |
2812 |
+diff --git a/drivers/rtc/rtc-s5m.c b/drivers/rtc/rtc-s5m.c |
2813 |
+index 8c70d785ba73..ab60287ee72d 100644 |
2814 |
+--- a/drivers/rtc/rtc-s5m.c |
2815 |
++++ b/drivers/rtc/rtc-s5m.c |
2816 |
+@@ -635,6 +635,16 @@ static int s5m8767_rtc_init_reg(struct s5m_rtc_info *info) |
2817 |
+ case S2MPS13X: |
2818 |
+ data[0] = (0 << BCD_EN_SHIFT) | (1 << MODEL24_SHIFT); |
2819 |
+ ret = regmap_write(info->regmap, info->regs->ctrl, data[0]); |
2820 |
++ if (ret < 0) |
2821 |
++ break; |
2822 |
++ |
2823 |
++ /* |
2824 |
++ * Should set WUDR & (RUDR or AUDR) bits to high after writing |
2825 |
++ * RTC_CTRL register like writing Alarm registers. We can't find |
2826 |
++ * the description from datasheet but vendor code does that |
2827 |
++ * really. |
2828 |
++ */ |
2829 |
++ ret = s5m8767_rtc_set_alarm_reg(info); |
2830 |
+ break; |
2831 |
+ |
2832 |
+ default: |
2833 |
+diff --git a/fs/btrfs/transaction.c b/fs/btrfs/transaction.c |
2834 |
+index 94e909c5a503..00d18c2bdb0f 100644 |
2835 |
+--- a/fs/btrfs/transaction.c |
2836 |
++++ b/fs/btrfs/transaction.c |
2837 |
+@@ -1875,8 +1875,11 @@ int btrfs_commit_transaction(struct btrfs_trans_handle *trans, |
2838 |
+ spin_unlock(&root->fs_info->trans_lock); |
2839 |
+ |
2840 |
+ wait_for_commit(root, prev_trans); |
2841 |
++ ret = prev_trans->aborted; |
2842 |
+ |
2843 |
+ btrfs_put_transaction(prev_trans); |
2844 |
++ if (ret) |
2845 |
++ goto cleanup_transaction; |
2846 |
+ } else { |
2847 |
+ spin_unlock(&root->fs_info->trans_lock); |
2848 |
+ } |
2849 |
+diff --git a/fs/cifs/ioctl.c b/fs/cifs/ioctl.c |
2850 |
+index 8b7898b7670f..64a9bca976d0 100644 |
2851 |
+--- a/fs/cifs/ioctl.c |
2852 |
++++ b/fs/cifs/ioctl.c |
2853 |
+@@ -67,6 +67,12 @@ static long cifs_ioctl_clone(unsigned int xid, struct file *dst_file, |
2854 |
+ goto out_drop_write; |
2855 |
+ } |
2856 |
+ |
2857 |
++ if (src_file.file->f_op->unlocked_ioctl != cifs_ioctl) { |
2858 |
++ rc = -EBADF; |
2859 |
++ cifs_dbg(VFS, "src file seems to be from a different filesystem type\n"); |
2860 |
++ goto out_fput; |
2861 |
++ } |
2862 |
++ |
2863 |
+ if ((!src_file.file->private_data) || (!dst_file->private_data)) { |
2864 |
+ rc = -EBADF; |
2865 |
+ cifs_dbg(VFS, "missing cifsFileInfo on copy range src file\n"); |
2866 |
+diff --git a/fs/coredump.c b/fs/coredump.c |
2867 |
+index bbbe139ab280..8dd099dc5f9b 100644 |
2868 |
+--- a/fs/coredump.c |
2869 |
++++ b/fs/coredump.c |
2870 |
+@@ -506,10 +506,10 @@ void do_coredump(const siginfo_t *siginfo) |
2871 |
+ const struct cred *old_cred; |
2872 |
+ struct cred *cred; |
2873 |
+ int retval = 0; |
2874 |
+- int flag = 0; |
2875 |
+ int ispipe; |
2876 |
+ struct files_struct *displaced; |
2877 |
+- bool need_nonrelative = false; |
2878 |
++ /* require nonrelative corefile path and be extra careful */ |
2879 |
++ bool need_suid_safe = false; |
2880 |
+ bool core_dumped = false; |
2881 |
+ static atomic_t core_dump_count = ATOMIC_INIT(0); |
2882 |
+ struct coredump_params cprm = { |
2883 |
+@@ -543,9 +543,8 @@ void do_coredump(const siginfo_t *siginfo) |
2884 |
+ */ |
2885 |
+ if (__get_dumpable(cprm.mm_flags) == SUID_DUMP_ROOT) { |
2886 |
+ /* Setuid core dump mode */ |
2887 |
+- flag = O_EXCL; /* Stop rewrite attacks */ |
2888 |
+ cred->fsuid = GLOBAL_ROOT_UID; /* Dump root private */ |
2889 |
+- need_nonrelative = true; |
2890 |
++ need_suid_safe = true; |
2891 |
+ } |
2892 |
+ |
2893 |
+ retval = coredump_wait(siginfo->si_signo, &core_state); |
2894 |
+@@ -626,7 +625,7 @@ void do_coredump(const siginfo_t *siginfo) |
2895 |
+ if (cprm.limit < binfmt->min_coredump) |
2896 |
+ goto fail_unlock; |
2897 |
+ |
2898 |
+- if (need_nonrelative && cn.corename[0] != '/') { |
2899 |
++ if (need_suid_safe && cn.corename[0] != '/') { |
2900 |
+ printk(KERN_WARNING "Pid %d(%s) can only dump core "\ |
2901 |
+ "to fully qualified path!\n", |
2902 |
+ task_tgid_vnr(current), current->comm); |
2903 |
+@@ -634,8 +633,35 @@ void do_coredump(const siginfo_t *siginfo) |
2904 |
+ goto fail_unlock; |
2905 |
+ } |
2906 |
+ |
2907 |
++ /* |
2908 |
++ * Unlink the file if it exists unless this is a SUID |
2909 |
++ * binary - in that case, we're running around with root |
2910 |
++ * privs and don't want to unlink another user's coredump. |
2911 |
++ */ |
2912 |
++ if (!need_suid_safe) { |
2913 |
++ mm_segment_t old_fs; |
2914 |
++ |
2915 |
++ old_fs = get_fs(); |
2916 |
++ set_fs(KERNEL_DS); |
2917 |
++ /* |
2918 |
++ * If it doesn't exist, that's fine. If there's some |
2919 |
++ * other problem, we'll catch it at the filp_open(). |
2920 |
++ */ |
2921 |
++ (void) sys_unlink((const char __user *)cn.corename); |
2922 |
++ set_fs(old_fs); |
2923 |
++ } |
2924 |
++ |
2925 |
++ /* |
2926 |
++ * There is a race between unlinking and creating the |
2927 |
++ * file, but if that causes an EEXIST here, that's |
2928 |
++ * fine - another process raced with us while creating |
2929 |
++ * the corefile, and the other process won. To userspace, |
2930 |
++ * what matters is that at least one of the two processes |
2931 |
++ * writes its coredump successfully, not which one. |
2932 |
++ */ |
2933 |
+ cprm.file = filp_open(cn.corename, |
2934 |
+- O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, |
2935 |
++ O_CREAT | 2 | O_NOFOLLOW | |
2936 |
++ O_LARGEFILE | O_EXCL, |
2937 |
+ 0600); |
2938 |
+ if (IS_ERR(cprm.file)) |
2939 |
+ goto fail_unlock; |
2940 |
+@@ -652,11 +678,15 @@ void do_coredump(const siginfo_t *siginfo) |
2941 |
+ if (!S_ISREG(inode->i_mode)) |
2942 |
+ goto close_fail; |
2943 |
+ /* |
2944 |
+- * Dont allow local users get cute and trick others to coredump |
2945 |
+- * into their pre-created files. |
2946 |
++ * Don't dump core if the filesystem changed owner or mode |
2947 |
++ * of the file during file creation. This is an issue when |
2948 |
++ * a process dumps core while its cwd is e.g. on a vfat |
2949 |
++ * filesystem. |
2950 |
+ */ |
2951 |
+ if (!uid_eq(inode->i_uid, current_fsuid())) |
2952 |
+ goto close_fail; |
2953 |
++ if ((inode->i_mode & 0677) != 0600) |
2954 |
++ goto close_fail; |
2955 |
+ if (!(cprm.file->f_mode & FMODE_CAN_WRITE)) |
2956 |
+ goto close_fail; |
2957 |
+ if (do_truncate(cprm.file->f_path.dentry, 0, 0, cprm.file)) |
2958 |
+diff --git a/fs/ecryptfs/dentry.c b/fs/ecryptfs/dentry.c |
2959 |
+index 8db0b464483f..63cd2c147221 100644 |
2960 |
+--- a/fs/ecryptfs/dentry.c |
2961 |
++++ b/fs/ecryptfs/dentry.c |
2962 |
+@@ -45,20 +45,20 @@ |
2963 |
+ static int ecryptfs_d_revalidate(struct dentry *dentry, unsigned int flags) |
2964 |
+ { |
2965 |
+ struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry); |
2966 |
+- int rc; |
2967 |
+- |
2968 |
+- if (!(lower_dentry->d_flags & DCACHE_OP_REVALIDATE)) |
2969 |
+- return 1; |
2970 |
++ int rc = 1; |
2971 |
+ |
2972 |
+ if (flags & LOOKUP_RCU) |
2973 |
+ return -ECHILD; |
2974 |
+ |
2975 |
+- rc = lower_dentry->d_op->d_revalidate(lower_dentry, flags); |
2976 |
++ if (lower_dentry->d_flags & DCACHE_OP_REVALIDATE) |
2977 |
++ rc = lower_dentry->d_op->d_revalidate(lower_dentry, flags); |
2978 |
++ |
2979 |
+ if (d_really_is_positive(dentry)) { |
2980 |
+- struct inode *lower_inode = |
2981 |
+- ecryptfs_inode_to_lower(d_inode(dentry)); |
2982 |
++ struct inode *inode = d_inode(dentry); |
2983 |
+ |
2984 |
+- fsstack_copy_attr_all(d_inode(dentry), lower_inode); |
2985 |
++ fsstack_copy_attr_all(inode, ecryptfs_inode_to_lower(inode)); |
2986 |
++ if (!inode->i_nlink) |
2987 |
++ return 0; |
2988 |
+ } |
2989 |
+ return rc; |
2990 |
+ } |
2991 |
+diff --git a/fs/ext4/super.c b/fs/ext4/super.c |
2992 |
+index 6b4eb94b04a5..ff89971e3ee0 100644 |
2993 |
+--- a/fs/ext4/super.c |
2994 |
++++ b/fs/ext4/super.c |
2995 |
+@@ -324,6 +324,22 @@ static void save_error_info(struct super_block *sb, const char *func, |
2996 |
+ ext4_commit_super(sb, 1); |
2997 |
+ } |
2998 |
+ |
2999 |
++/* |
3000 |
++ * The del_gendisk() function uninitializes the disk-specific data |
3001 |
++ * structures, including the bdi structure, without telling anyone |
3002 |
++ * else. Once this happens, any attempt to call mark_buffer_dirty() |
3003 |
++ * (for example, by ext4_commit_super), will cause a kernel OOPS. |
3004 |
++ * This is a kludge to prevent these oops until we can put in a proper |
3005 |
++ * hook in del_gendisk() to inform the VFS and file system layers. |
3006 |
++ */ |
3007 |
++static int block_device_ejected(struct super_block *sb) |
3008 |
++{ |
3009 |
++ struct inode *bd_inode = sb->s_bdev->bd_inode; |
3010 |
++ struct backing_dev_info *bdi = inode_to_bdi(bd_inode); |
3011 |
++ |
3012 |
++ return bdi->dev == NULL; |
3013 |
++} |
3014 |
++ |
3015 |
+ static void ext4_journal_commit_callback(journal_t *journal, transaction_t *txn) |
3016 |
+ { |
3017 |
+ struct super_block *sb = journal->j_private; |
3018 |
+@@ -4591,7 +4607,7 @@ static int ext4_commit_super(struct super_block *sb, int sync) |
3019 |
+ struct buffer_head *sbh = EXT4_SB(sb)->s_sbh; |
3020 |
+ int error = 0; |
3021 |
+ |
3022 |
+- if (!sbh) |
3023 |
++ if (!sbh || block_device_ejected(sb)) |
3024 |
+ return error; |
3025 |
+ if (buffer_write_io_error(sbh)) { |
3026 |
+ /* |
3027 |
+@@ -4807,10 +4823,11 @@ static int ext4_freeze(struct super_block *sb) |
3028 |
+ error = jbd2_journal_flush(journal); |
3029 |
+ if (error < 0) |
3030 |
+ goto out; |
3031 |
++ |
3032 |
++ /* Journal blocked and flushed, clear needs_recovery flag. */ |
3033 |
++ EXT4_CLEAR_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
3034 |
+ } |
3035 |
+ |
3036 |
+- /* Journal blocked and flushed, clear needs_recovery flag. */ |
3037 |
+- EXT4_CLEAR_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
3038 |
+ error = ext4_commit_super(sb, 1); |
3039 |
+ out: |
3040 |
+ if (journal) |
3041 |
+@@ -4828,8 +4845,11 @@ static int ext4_unfreeze(struct super_block *sb) |
3042 |
+ if (sb->s_flags & MS_RDONLY) |
3043 |
+ return 0; |
3044 |
+ |
3045 |
+- /* Reset the needs_recovery flag before the fs is unlocked. */ |
3046 |
+- EXT4_SET_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
3047 |
++ if (EXT4_SB(sb)->s_journal) { |
3048 |
++ /* Reset the needs_recovery flag before the fs is unlocked. */ |
3049 |
++ EXT4_SET_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
3050 |
++ } |
3051 |
++ |
3052 |
+ ext4_commit_super(sb, 1); |
3053 |
+ return 0; |
3054 |
+ } |
3055 |
+diff --git a/fs/hfs/bnode.c b/fs/hfs/bnode.c |
3056 |
+index d3fa6bd9503e..221719eac5de 100644 |
3057 |
+--- a/fs/hfs/bnode.c |
3058 |
++++ b/fs/hfs/bnode.c |
3059 |
+@@ -288,7 +288,6 @@ static struct hfs_bnode *__hfs_bnode_create(struct hfs_btree *tree, u32 cnid) |
3060 |
+ page_cache_release(page); |
3061 |
+ goto fail; |
3062 |
+ } |
3063 |
+- page_cache_release(page); |
3064 |
+ node->page[i] = page; |
3065 |
+ } |
3066 |
+ |
3067 |
+@@ -398,11 +397,11 @@ node_error: |
3068 |
+ |
3069 |
+ void hfs_bnode_free(struct hfs_bnode *node) |
3070 |
+ { |
3071 |
+- //int i; |
3072 |
++ int i; |
3073 |
+ |
3074 |
+- //for (i = 0; i < node->tree->pages_per_bnode; i++) |
3075 |
+- // if (node->page[i]) |
3076 |
+- // page_cache_release(node->page[i]); |
3077 |
++ for (i = 0; i < node->tree->pages_per_bnode; i++) |
3078 |
++ if (node->page[i]) |
3079 |
++ page_cache_release(node->page[i]); |
3080 |
+ kfree(node); |
3081 |
+ } |
3082 |
+ |
3083 |
+diff --git a/fs/hfs/brec.c b/fs/hfs/brec.c |
3084 |
+index 9f4ee7f52026..6fc766df0461 100644 |
3085 |
+--- a/fs/hfs/brec.c |
3086 |
++++ b/fs/hfs/brec.c |
3087 |
+@@ -131,13 +131,16 @@ skip: |
3088 |
+ hfs_bnode_write(node, entry, data_off + key_len, entry_len); |
3089 |
+ hfs_bnode_dump(node); |
3090 |
+ |
3091 |
+- if (new_node) { |
3092 |
+- /* update parent key if we inserted a key |
3093 |
+- * at the start of the first node |
3094 |
+- */ |
3095 |
+- if (!rec && new_node != node) |
3096 |
+- hfs_brec_update_parent(fd); |
3097 |
++ /* |
3098 |
++ * update parent key if we inserted a key |
3099 |
++ * at the start of the node and it is not the new node |
3100 |
++ */ |
3101 |
++ if (!rec && new_node != node) { |
3102 |
++ hfs_bnode_read_key(node, fd->search_key, data_off + size); |
3103 |
++ hfs_brec_update_parent(fd); |
3104 |
++ } |
3105 |
+ |
3106 |
++ if (new_node) { |
3107 |
+ hfs_bnode_put(fd->bnode); |
3108 |
+ if (!new_node->parent) { |
3109 |
+ hfs_btree_inc_height(tree); |
3110 |
+@@ -166,9 +169,6 @@ skip: |
3111 |
+ goto again; |
3112 |
+ } |
3113 |
+ |
3114 |
+- if (!rec) |
3115 |
+- hfs_brec_update_parent(fd); |
3116 |
+- |
3117 |
+ return 0; |
3118 |
+ } |
3119 |
+ |
3120 |
+@@ -366,6 +366,8 @@ again: |
3121 |
+ if (IS_ERR(parent)) |
3122 |
+ return PTR_ERR(parent); |
3123 |
+ __hfs_brec_find(parent, fd); |
3124 |
++ if (fd->record < 0) |
3125 |
++ return -ENOENT; |
3126 |
+ hfs_bnode_dump(parent); |
3127 |
+ rec = fd->record; |
3128 |
+ |
3129 |
+diff --git a/fs/hfsplus/bnode.c b/fs/hfsplus/bnode.c |
3130 |
+index 759708fd9331..63924662aaf3 100644 |
3131 |
+--- a/fs/hfsplus/bnode.c |
3132 |
++++ b/fs/hfsplus/bnode.c |
3133 |
+@@ -454,7 +454,6 @@ static struct hfs_bnode *__hfs_bnode_create(struct hfs_btree *tree, u32 cnid) |
3134 |
+ page_cache_release(page); |
3135 |
+ goto fail; |
3136 |
+ } |
3137 |
+- page_cache_release(page); |
3138 |
+ node->page[i] = page; |
3139 |
+ } |
3140 |
+ |
3141 |
+@@ -566,13 +565,11 @@ node_error: |
3142 |
+ |
3143 |
+ void hfs_bnode_free(struct hfs_bnode *node) |
3144 |
+ { |
3145 |
+-#if 0 |
3146 |
+ int i; |
3147 |
+ |
3148 |
+ for (i = 0; i < node->tree->pages_per_bnode; i++) |
3149 |
+ if (node->page[i]) |
3150 |
+ page_cache_release(node->page[i]); |
3151 |
+-#endif |
3152 |
+ kfree(node); |
3153 |
+ } |
3154 |
+ |
3155 |
+diff --git a/fs/jbd2/checkpoint.c b/fs/jbd2/checkpoint.c |
3156 |
+index 4227dc4f7437..8c44654ce274 100644 |
3157 |
+--- a/fs/jbd2/checkpoint.c |
3158 |
++++ b/fs/jbd2/checkpoint.c |
3159 |
+@@ -417,12 +417,12 @@ int jbd2_cleanup_journal_tail(journal_t *journal) |
3160 |
+ * journal_clean_one_cp_list |
3161 |
+ * |
3162 |
+ * Find all the written-back checkpoint buffers in the given list and |
3163 |
+- * release them. |
3164 |
++ * release them. If 'destroy' is set, clean all buffers unconditionally. |
3165 |
+ * |
3166 |
+ * Called with j_list_lock held. |
3167 |
+ * Returns 1 if we freed the transaction, 0 otherwise. |
3168 |
+ */ |
3169 |
+-static int journal_clean_one_cp_list(struct journal_head *jh) |
3170 |
++static int journal_clean_one_cp_list(struct journal_head *jh, bool destroy) |
3171 |
+ { |
3172 |
+ struct journal_head *last_jh; |
3173 |
+ struct journal_head *next_jh = jh; |
3174 |
+@@ -436,7 +436,10 @@ static int journal_clean_one_cp_list(struct journal_head *jh) |
3175 |
+ do { |
3176 |
+ jh = next_jh; |
3177 |
+ next_jh = jh->b_cpnext; |
3178 |
+- ret = __try_to_free_cp_buf(jh); |
3179 |
++ if (!destroy) |
3180 |
++ ret = __try_to_free_cp_buf(jh); |
3181 |
++ else |
3182 |
++ ret = __jbd2_journal_remove_checkpoint(jh) + 1; |
3183 |
+ if (!ret) |
3184 |
+ return freed; |
3185 |
+ if (ret == 2) |
3186 |
+@@ -459,10 +462,11 @@ static int journal_clean_one_cp_list(struct journal_head *jh) |
3187 |
+ * journal_clean_checkpoint_list |
3188 |
+ * |
3189 |
+ * Find all the written-back checkpoint buffers in the journal and release them. |
3190 |
++ * If 'destroy' is set, release all buffers unconditionally. |
3191 |
+ * |
3192 |
+ * Called with j_list_lock held. |
3193 |
+ */ |
3194 |
+-void __jbd2_journal_clean_checkpoint_list(journal_t *journal) |
3195 |
++void __jbd2_journal_clean_checkpoint_list(journal_t *journal, bool destroy) |
3196 |
+ { |
3197 |
+ transaction_t *transaction, *last_transaction, *next_transaction; |
3198 |
+ int ret; |
3199 |
+@@ -476,7 +480,8 @@ void __jbd2_journal_clean_checkpoint_list(journal_t *journal) |
3200 |
+ do { |
3201 |
+ transaction = next_transaction; |
3202 |
+ next_transaction = transaction->t_cpnext; |
3203 |
+- ret = journal_clean_one_cp_list(transaction->t_checkpoint_list); |
3204 |
++ ret = journal_clean_one_cp_list(transaction->t_checkpoint_list, |
3205 |
++ destroy); |
3206 |
+ /* |
3207 |
+ * This function only frees up some memory if possible so we |
3208 |
+ * dont have an obligation to finish processing. Bail out if |
3209 |
+@@ -492,7 +497,7 @@ void __jbd2_journal_clean_checkpoint_list(journal_t *journal) |
3210 |
+ * we can possibly see not yet submitted buffers on io_list |
3211 |
+ */ |
3212 |
+ ret = journal_clean_one_cp_list(transaction-> |
3213 |
+- t_checkpoint_io_list); |
3214 |
++ t_checkpoint_io_list, destroy); |
3215 |
+ if (need_resched()) |
3216 |
+ return; |
3217 |
+ /* |
3218 |
+@@ -506,6 +511,28 @@ void __jbd2_journal_clean_checkpoint_list(journal_t *journal) |
3219 |
+ } |
3220 |
+ |
3221 |
+ /* |
3222 |
++ * Remove buffers from all checkpoint lists as journal is aborted and we just |
3223 |
++ * need to free memory |
3224 |
++ */ |
3225 |
++void jbd2_journal_destroy_checkpoint(journal_t *journal) |
3226 |
++{ |
3227 |
++ /* |
3228 |
++ * We loop because __jbd2_journal_clean_checkpoint_list() may abort |
3229 |
++ * early due to a need of rescheduling. |
3230 |
++ */ |
3231 |
++ while (1) { |
3232 |
++ spin_lock(&journal->j_list_lock); |
3233 |
++ if (!journal->j_checkpoint_transactions) { |
3234 |
++ spin_unlock(&journal->j_list_lock); |
3235 |
++ break; |
3236 |
++ } |
3237 |
++ __jbd2_journal_clean_checkpoint_list(journal, true); |
3238 |
++ spin_unlock(&journal->j_list_lock); |
3239 |
++ cond_resched(); |
3240 |
++ } |
3241 |
++} |
3242 |
++ |
3243 |
++/* |
3244 |
+ * journal_remove_checkpoint: called after a buffer has been committed |
3245 |
+ * to disk (either by being write-back flushed to disk, or being |
3246 |
+ * committed to the log). |
3247 |
+diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c |
3248 |
+index b73e0215baa7..362e5f614450 100644 |
3249 |
+--- a/fs/jbd2/commit.c |
3250 |
++++ b/fs/jbd2/commit.c |
3251 |
+@@ -510,7 +510,7 @@ void jbd2_journal_commit_transaction(journal_t *journal) |
3252 |
+ * frees some memory |
3253 |
+ */ |
3254 |
+ spin_lock(&journal->j_list_lock); |
3255 |
+- __jbd2_journal_clean_checkpoint_list(journal); |
3256 |
++ __jbd2_journal_clean_checkpoint_list(journal, false); |
3257 |
+ spin_unlock(&journal->j_list_lock); |
3258 |
+ |
3259 |
+ jbd_debug(3, "JBD2: commit phase 1\n"); |
3260 |
+diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c |
3261 |
+index 112fad9e1e20..7003c0925760 100644 |
3262 |
+--- a/fs/jbd2/journal.c |
3263 |
++++ b/fs/jbd2/journal.c |
3264 |
+@@ -1708,8 +1708,17 @@ int jbd2_journal_destroy(journal_t *journal) |
3265 |
+ while (journal->j_checkpoint_transactions != NULL) { |
3266 |
+ spin_unlock(&journal->j_list_lock); |
3267 |
+ mutex_lock(&journal->j_checkpoint_mutex); |
3268 |
+- jbd2_log_do_checkpoint(journal); |
3269 |
++ err = jbd2_log_do_checkpoint(journal); |
3270 |
+ mutex_unlock(&journal->j_checkpoint_mutex); |
3271 |
++ /* |
3272 |
++ * If checkpointing failed, just free the buffers to avoid |
3273 |
++ * looping forever |
3274 |
++ */ |
3275 |
++ if (err) { |
3276 |
++ jbd2_journal_destroy_checkpoint(journal); |
3277 |
++ spin_lock(&journal->j_list_lock); |
3278 |
++ break; |
3279 |
++ } |
3280 |
+ spin_lock(&journal->j_list_lock); |
3281 |
+ } |
3282 |
+ |
3283 |
+diff --git a/fs/nfs/flexfilelayout/flexfilelayout.c b/fs/nfs/flexfilelayout/flexfilelayout.c |
3284 |
+index 6f5f0f425e86..fecd9201dbad 100644 |
3285 |
+--- a/fs/nfs/flexfilelayout/flexfilelayout.c |
3286 |
++++ b/fs/nfs/flexfilelayout/flexfilelayout.c |
3287 |
+@@ -1039,6 +1039,11 @@ static int ff_layout_write_done_cb(struct rpc_task *task, |
3288 |
+ hdr->res.verf->committed == NFS_DATA_SYNC) |
3289 |
+ ff_layout_set_layoutcommit(hdr); |
3290 |
+ |
3291 |
++ /* zero out fattr since we don't care DS attr at all */ |
3292 |
++ hdr->fattr.valid = 0; |
3293 |
++ if (task->tk_status >= 0) |
3294 |
++ nfs_writeback_update_inode(hdr); |
3295 |
++ |
3296 |
+ return 0; |
3297 |
+ } |
3298 |
+ |
3299 |
+diff --git a/fs/nfs/flexfilelayout/flexfilelayoutdev.c b/fs/nfs/flexfilelayout/flexfilelayoutdev.c |
3300 |
+index f13e1969eedd..b28fa4cbea52 100644 |
3301 |
+--- a/fs/nfs/flexfilelayout/flexfilelayoutdev.c |
3302 |
++++ b/fs/nfs/flexfilelayout/flexfilelayoutdev.c |
3303 |
+@@ -500,16 +500,19 @@ int ff_layout_encode_ds_ioerr(struct nfs4_flexfile_layout *flo, |
3304 |
+ range->offset, range->length)) |
3305 |
+ continue; |
3306 |
+ /* offset(8) + length(8) + stateid(NFS4_STATEID_SIZE) |
3307 |
+- * + deviceid(NFS4_DEVICEID4_SIZE) + status(4) + opnum(4) |
3308 |
++ * + array length + deviceid(NFS4_DEVICEID4_SIZE) |
3309 |
++ * + status(4) + opnum(4) |
3310 |
+ */ |
3311 |
+ p = xdr_reserve_space(xdr, |
3312 |
+- 24 + NFS4_STATEID_SIZE + NFS4_DEVICEID4_SIZE); |
3313 |
++ 28 + NFS4_STATEID_SIZE + NFS4_DEVICEID4_SIZE); |
3314 |
+ if (unlikely(!p)) |
3315 |
+ return -ENOBUFS; |
3316 |
+ p = xdr_encode_hyper(p, err->offset); |
3317 |
+ p = xdr_encode_hyper(p, err->length); |
3318 |
+ p = xdr_encode_opaque_fixed(p, &err->stateid, |
3319 |
+ NFS4_STATEID_SIZE); |
3320 |
++ /* Encode 1 error */ |
3321 |
++ *p++ = cpu_to_be32(1); |
3322 |
+ p = xdr_encode_opaque_fixed(p, &err->deviceid, |
3323 |
+ NFS4_DEVICEID4_SIZE); |
3324 |
+ *p++ = cpu_to_be32(err->status); |
3325 |
+diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c |
3326 |
+index 5d25b9d97c29..976ba792fbc6 100644 |
3327 |
+--- a/fs/nfs/inode.c |
3328 |
++++ b/fs/nfs/inode.c |
3329 |
+@@ -1270,13 +1270,6 @@ static int nfs_check_inode_attributes(struct inode *inode, struct nfs_fattr *fat |
3330 |
+ return 0; |
3331 |
+ } |
3332 |
+ |
3333 |
+-static int nfs_ctime_need_update(const struct inode *inode, const struct nfs_fattr *fattr) |
3334 |
+-{ |
3335 |
+- if (!(fattr->valid & NFS_ATTR_FATTR_CTIME)) |
3336 |
+- return 0; |
3337 |
+- return timespec_compare(&fattr->ctime, &inode->i_ctime) > 0; |
3338 |
+-} |
3339 |
+- |
3340 |
+ static atomic_long_t nfs_attr_generation_counter; |
3341 |
+ |
3342 |
+ static unsigned long nfs_read_attr_generation_counter(void) |
3343 |
+@@ -1425,7 +1418,6 @@ static int nfs_inode_attrs_need_update(const struct inode *inode, const struct n |
3344 |
+ const struct nfs_inode *nfsi = NFS_I(inode); |
3345 |
+ |
3346 |
+ return ((long)fattr->gencount - (long)nfsi->attr_gencount) > 0 || |
3347 |
+- nfs_ctime_need_update(inode, fattr) || |
3348 |
+ ((long)nfsi->attr_gencount - (long)nfs_read_attr_generation_counter() > 0); |
3349 |
+ } |
3350 |
+ |
3351 |
+@@ -1488,6 +1480,13 @@ static int nfs_post_op_update_inode_locked(struct inode *inode, struct nfs_fattr |
3352 |
+ { |
3353 |
+ unsigned long invalid = NFS_INO_INVALID_ATTR|NFS_INO_REVAL_PAGECACHE; |
3354 |
+ |
3355 |
++ /* |
3356 |
++ * Don't revalidate the pagecache if we hold a delegation, but do |
3357 |
++ * force an attribute update |
3358 |
++ */ |
3359 |
++ if (NFS_PROTO(inode)->have_delegation(inode, FMODE_READ)) |
3360 |
++ invalid = NFS_INO_INVALID_ATTR|NFS_INO_REVAL_FORCED; |
3361 |
++ |
3362 |
+ if (S_ISDIR(inode->i_mode)) |
3363 |
+ invalid |= NFS_INO_INVALID_DATA; |
3364 |
+ nfs_set_cache_invalid(inode, invalid); |
3365 |
+diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
3366 |
+index d3f205126609..c245874d7e9d 100644 |
3367 |
+--- a/fs/nfs/nfs4proc.c |
3368 |
++++ b/fs/nfs/nfs4proc.c |
3369 |
+@@ -1152,6 +1152,8 @@ static int can_open_delegated(struct nfs_delegation *delegation, fmode_t fmode) |
3370 |
+ return 0; |
3371 |
+ if ((delegation->type & fmode) != fmode) |
3372 |
+ return 0; |
3373 |
++ if (test_bit(NFS_DELEGATION_NEED_RECLAIM, &delegation->flags)) |
3374 |
++ return 0; |
3375 |
+ if (test_bit(NFS_DELEGATION_RETURNING, &delegation->flags)) |
3376 |
+ return 0; |
3377 |
+ nfs_mark_delegation_referenced(delegation); |
3378 |
+@@ -1216,6 +1218,7 @@ static void nfs_resync_open_stateid_locked(struct nfs4_state *state) |
3379 |
+ } |
3380 |
+ |
3381 |
+ static void nfs_clear_open_stateid_locked(struct nfs4_state *state, |
3382 |
++ nfs4_stateid *arg_stateid, |
3383 |
+ nfs4_stateid *stateid, fmode_t fmode) |
3384 |
+ { |
3385 |
+ clear_bit(NFS_O_RDWR_STATE, &state->flags); |
3386 |
+@@ -1234,8 +1237,9 @@ static void nfs_clear_open_stateid_locked(struct nfs4_state *state, |
3387 |
+ if (stateid == NULL) |
3388 |
+ return; |
3389 |
+ /* Handle races with OPEN */ |
3390 |
+- if (!nfs4_stateid_match_other(stateid, &state->open_stateid) || |
3391 |
+- !nfs4_stateid_is_newer(stateid, &state->open_stateid)) { |
3392 |
++ if (!nfs4_stateid_match_other(arg_stateid, &state->open_stateid) || |
3393 |
++ (nfs4_stateid_match_other(stateid, &state->open_stateid) && |
3394 |
++ !nfs4_stateid_is_newer(stateid, &state->open_stateid))) { |
3395 |
+ nfs_resync_open_stateid_locked(state); |
3396 |
+ return; |
3397 |
+ } |
3398 |
+@@ -1244,10 +1248,12 @@ static void nfs_clear_open_stateid_locked(struct nfs4_state *state, |
3399 |
+ nfs4_stateid_copy(&state->open_stateid, stateid); |
3400 |
+ } |
3401 |
+ |
3402 |
+-static void nfs_clear_open_stateid(struct nfs4_state *state, nfs4_stateid *stateid, fmode_t fmode) |
3403 |
++static void nfs_clear_open_stateid(struct nfs4_state *state, |
3404 |
++ nfs4_stateid *arg_stateid, |
3405 |
++ nfs4_stateid *stateid, fmode_t fmode) |
3406 |
+ { |
3407 |
+ write_seqlock(&state->seqlock); |
3408 |
+- nfs_clear_open_stateid_locked(state, stateid, fmode); |
3409 |
++ nfs_clear_open_stateid_locked(state, arg_stateid, stateid, fmode); |
3410 |
+ write_sequnlock(&state->seqlock); |
3411 |
+ if (test_bit(NFS_STATE_RECLAIM_NOGRACE, &state->flags)) |
3412 |
+ nfs4_schedule_state_manager(state->owner->so_server->nfs_client); |
3413 |
+@@ -2413,7 +2419,7 @@ static int _nfs4_do_open(struct inode *dir, |
3414 |
+ goto err_free_label; |
3415 |
+ state = ctx->state; |
3416 |
+ |
3417 |
+- if ((opendata->o_arg.open_flags & O_EXCL) && |
3418 |
++ if ((opendata->o_arg.open_flags & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL) && |
3419 |
+ (opendata->o_arg.createmode != NFS4_CREATE_GUARDED)) { |
3420 |
+ nfs4_exclusive_attrset(opendata, sattr); |
3421 |
+ |
3422 |
+@@ -2672,7 +2678,8 @@ static void nfs4_close_done(struct rpc_task *task, void *data) |
3423 |
+ goto out_release; |
3424 |
+ } |
3425 |
+ } |
3426 |
+- nfs_clear_open_stateid(state, res_stateid, calldata->arg.fmode); |
3427 |
++ nfs_clear_open_stateid(state, &calldata->arg.stateid, |
3428 |
++ res_stateid, calldata->arg.fmode); |
3429 |
+ out_release: |
3430 |
+ nfs_release_seqid(calldata->arg.seqid); |
3431 |
+ nfs_refresh_inode(calldata->inode, calldata->res.fattr); |
3432 |
+@@ -8571,6 +8578,7 @@ static const struct nfs4_minor_version_ops nfs_v4_2_minor_ops = { |
3433 |
+ .reboot_recovery_ops = &nfs41_reboot_recovery_ops, |
3434 |
+ .nograce_recovery_ops = &nfs41_nograce_recovery_ops, |
3435 |
+ .state_renewal_ops = &nfs41_state_renewal_ops, |
3436 |
++ .mig_recovery_ops = &nfs41_mig_recovery_ops, |
3437 |
+ }; |
3438 |
+ #endif |
3439 |
+ |
3440 |
+diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c |
3441 |
+index 7b4552678536..069914ce7641 100644 |
3442 |
+--- a/fs/nfs/pagelist.c |
3443 |
++++ b/fs/nfs/pagelist.c |
3444 |
+@@ -77,8 +77,8 @@ EXPORT_SYMBOL_GPL(nfs_pgheader_init); |
3445 |
+ void nfs_set_pgio_error(struct nfs_pgio_header *hdr, int error, loff_t pos) |
3446 |
+ { |
3447 |
+ spin_lock(&hdr->lock); |
3448 |
+- if (pos < hdr->io_start + hdr->good_bytes) { |
3449 |
+- set_bit(NFS_IOHDR_ERROR, &hdr->flags); |
3450 |
++ if (!test_and_set_bit(NFS_IOHDR_ERROR, &hdr->flags) |
3451 |
++ || pos < hdr->io_start + hdr->good_bytes) { |
3452 |
+ clear_bit(NFS_IOHDR_EOF, &hdr->flags); |
3453 |
+ hdr->good_bytes = pos - hdr->io_start; |
3454 |
+ hdr->error = error; |
3455 |
+diff --git a/fs/nfs/pnfs_nfs.c b/fs/nfs/pnfs_nfs.c |
3456 |
+index f37e25b6311c..1705c78ee2d8 100644 |
3457 |
+--- a/fs/nfs/pnfs_nfs.c |
3458 |
++++ b/fs/nfs/pnfs_nfs.c |
3459 |
+@@ -359,26 +359,31 @@ same_sockaddr(struct sockaddr *addr1, struct sockaddr *addr2) |
3460 |
+ return false; |
3461 |
+ } |
3462 |
+ |
3463 |
++/* |
3464 |
++ * Checks if 'dsaddrs1' contains a subset of 'dsaddrs2'. If it does, |
3465 |
++ * declare a match. |
3466 |
++ */ |
3467 |
+ static bool |
3468 |
+ _same_data_server_addrs_locked(const struct list_head *dsaddrs1, |
3469 |
+ const struct list_head *dsaddrs2) |
3470 |
+ { |
3471 |
+ struct nfs4_pnfs_ds_addr *da1, *da2; |
3472 |
+- |
3473 |
+- /* step through both lists, comparing as we go */ |
3474 |
+- for (da1 = list_first_entry(dsaddrs1, typeof(*da1), da_node), |
3475 |
+- da2 = list_first_entry(dsaddrs2, typeof(*da2), da_node); |
3476 |
+- da1 != NULL && da2 != NULL; |
3477 |
+- da1 = list_entry(da1->da_node.next, typeof(*da1), da_node), |
3478 |
+- da2 = list_entry(da2->da_node.next, typeof(*da2), da_node)) { |
3479 |
+- if (!same_sockaddr((struct sockaddr *)&da1->da_addr, |
3480 |
+- (struct sockaddr *)&da2->da_addr)) |
3481 |
+- return false; |
3482 |
++ struct sockaddr *sa1, *sa2; |
3483 |
++ bool match = false; |
3484 |
++ |
3485 |
++ list_for_each_entry(da1, dsaddrs1, da_node) { |
3486 |
++ sa1 = (struct sockaddr *)&da1->da_addr; |
3487 |
++ match = false; |
3488 |
++ list_for_each_entry(da2, dsaddrs2, da_node) { |
3489 |
++ sa2 = (struct sockaddr *)&da2->da_addr; |
3490 |
++ match = same_sockaddr(sa1, sa2); |
3491 |
++ if (match) |
3492 |
++ break; |
3493 |
++ } |
3494 |
++ if (!match) |
3495 |
++ break; |
3496 |
+ } |
3497 |
+- if (da1 == NULL && da2 == NULL) |
3498 |
+- return true; |
3499 |
+- |
3500 |
+- return false; |
3501 |
++ return match; |
3502 |
+ } |
3503 |
+ |
3504 |
+ /* |
3505 |
+diff --git a/fs/nfs/write.c b/fs/nfs/write.c |
3506 |
+index daf355642845..07115b9b1ad2 100644 |
3507 |
+--- a/fs/nfs/write.c |
3508 |
++++ b/fs/nfs/write.c |
3509 |
+@@ -1383,24 +1383,27 @@ static void nfs_writeback_check_extend(struct nfs_pgio_header *hdr, |
3510 |
+ { |
3511 |
+ struct nfs_pgio_args *argp = &hdr->args; |
3512 |
+ struct nfs_pgio_res *resp = &hdr->res; |
3513 |
++ u64 size = argp->offset + resp->count; |
3514 |
+ |
3515 |
+ if (!(fattr->valid & NFS_ATTR_FATTR_SIZE)) |
3516 |
++ fattr->size = size; |
3517 |
++ if (nfs_size_to_loff_t(fattr->size) < i_size_read(hdr->inode)) { |
3518 |
++ fattr->valid &= ~NFS_ATTR_FATTR_SIZE; |
3519 |
+ return; |
3520 |
+- if (argp->offset + resp->count != fattr->size) |
3521 |
+- return; |
3522 |
+- if (nfs_size_to_loff_t(fattr->size) < i_size_read(hdr->inode)) |
3523 |
++ } |
3524 |
++ if (size != fattr->size) |
3525 |
+ return; |
3526 |
+ /* Set attribute barrier */ |
3527 |
+ nfs_fattr_set_barrier(fattr); |
3528 |
++ /* ...and update size */ |
3529 |
++ fattr->valid |= NFS_ATTR_FATTR_SIZE; |
3530 |
+ } |
3531 |
+ |
3532 |
+ void nfs_writeback_update_inode(struct nfs_pgio_header *hdr) |
3533 |
+ { |
3534 |
+- struct nfs_fattr *fattr = hdr->res.fattr; |
3535 |
++ struct nfs_fattr *fattr = &hdr->fattr; |
3536 |
+ struct inode *inode = hdr->inode; |
3537 |
+ |
3538 |
+- if (fattr == NULL) |
3539 |
+- return; |
3540 |
+ spin_lock(&inode->i_lock); |
3541 |
+ nfs_writeback_check_extend(hdr, fattr); |
3542 |
+ nfs_post_op_update_inode_force_wcc_locked(inode, fattr); |
3543 |
+diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c |
3544 |
+index 6e13504f736e..397798368b1a 100644 |
3545 |
+--- a/fs/nfsd/nfs4state.c |
3546 |
++++ b/fs/nfsd/nfs4state.c |
3547 |
+@@ -777,13 +777,16 @@ hash_delegation_locked(struct nfs4_delegation *dp, struct nfs4_file *fp) |
3548 |
+ list_add(&dp->dl_perclnt, &dp->dl_stid.sc_client->cl_delegations); |
3549 |
+ } |
3550 |
+ |
3551 |
+-static void |
3552 |
++static bool |
3553 |
+ unhash_delegation_locked(struct nfs4_delegation *dp) |
3554 |
+ { |
3555 |
+ struct nfs4_file *fp = dp->dl_stid.sc_file; |
3556 |
+ |
3557 |
+ lockdep_assert_held(&state_lock); |
3558 |
+ |
3559 |
++ if (list_empty(&dp->dl_perfile)) |
3560 |
++ return false; |
3561 |
++ |
3562 |
+ dp->dl_stid.sc_type = NFS4_CLOSED_DELEG_STID; |
3563 |
+ /* Ensure that deleg break won't try to requeue it */ |
3564 |
+ ++dp->dl_time; |
3565 |
+@@ -792,16 +795,21 @@ unhash_delegation_locked(struct nfs4_delegation *dp) |
3566 |
+ list_del_init(&dp->dl_recall_lru); |
3567 |
+ list_del_init(&dp->dl_perfile); |
3568 |
+ spin_unlock(&fp->fi_lock); |
3569 |
++ return true; |
3570 |
+ } |
3571 |
+ |
3572 |
+ static void destroy_delegation(struct nfs4_delegation *dp) |
3573 |
+ { |
3574 |
++ bool unhashed; |
3575 |
++ |
3576 |
+ spin_lock(&state_lock); |
3577 |
+- unhash_delegation_locked(dp); |
3578 |
++ unhashed = unhash_delegation_locked(dp); |
3579 |
+ spin_unlock(&state_lock); |
3580 |
+- put_clnt_odstate(dp->dl_clnt_odstate); |
3581 |
+- nfs4_put_deleg_lease(dp->dl_stid.sc_file); |
3582 |
+- nfs4_put_stid(&dp->dl_stid); |
3583 |
++ if (unhashed) { |
3584 |
++ put_clnt_odstate(dp->dl_clnt_odstate); |
3585 |
++ nfs4_put_deleg_lease(dp->dl_stid.sc_file); |
3586 |
++ nfs4_put_stid(&dp->dl_stid); |
3587 |
++ } |
3588 |
+ } |
3589 |
+ |
3590 |
+ static void revoke_delegation(struct nfs4_delegation *dp) |
3591 |
+@@ -1004,16 +1012,20 @@ static void nfs4_put_stateowner(struct nfs4_stateowner *sop) |
3592 |
+ sop->so_ops->so_free(sop); |
3593 |
+ } |
3594 |
+ |
3595 |
+-static void unhash_ol_stateid(struct nfs4_ol_stateid *stp) |
3596 |
++static bool unhash_ol_stateid(struct nfs4_ol_stateid *stp) |
3597 |
+ { |
3598 |
+ struct nfs4_file *fp = stp->st_stid.sc_file; |
3599 |
+ |
3600 |
+ lockdep_assert_held(&stp->st_stateowner->so_client->cl_lock); |
3601 |
+ |
3602 |
++ if (list_empty(&stp->st_perfile)) |
3603 |
++ return false; |
3604 |
++ |
3605 |
+ spin_lock(&fp->fi_lock); |
3606 |
+- list_del(&stp->st_perfile); |
3607 |
++ list_del_init(&stp->st_perfile); |
3608 |
+ spin_unlock(&fp->fi_lock); |
3609 |
+ list_del(&stp->st_perstateowner); |
3610 |
++ return true; |
3611 |
+ } |
3612 |
+ |
3613 |
+ static void nfs4_free_ol_stateid(struct nfs4_stid *stid) |
3614 |
+@@ -1063,25 +1075,27 @@ static void put_ol_stateid_locked(struct nfs4_ol_stateid *stp, |
3615 |
+ list_add(&stp->st_locks, reaplist); |
3616 |
+ } |
3617 |
+ |
3618 |
+-static void unhash_lock_stateid(struct nfs4_ol_stateid *stp) |
3619 |
++static bool unhash_lock_stateid(struct nfs4_ol_stateid *stp) |
3620 |
+ { |
3621 |
+ struct nfs4_openowner *oo = openowner(stp->st_openstp->st_stateowner); |
3622 |
+ |
3623 |
+ lockdep_assert_held(&oo->oo_owner.so_client->cl_lock); |
3624 |
+ |
3625 |
+ list_del_init(&stp->st_locks); |
3626 |
+- unhash_ol_stateid(stp); |
3627 |
+ nfs4_unhash_stid(&stp->st_stid); |
3628 |
++ return unhash_ol_stateid(stp); |
3629 |
+ } |
3630 |
+ |
3631 |
+ static void release_lock_stateid(struct nfs4_ol_stateid *stp) |
3632 |
+ { |
3633 |
+ struct nfs4_openowner *oo = openowner(stp->st_openstp->st_stateowner); |
3634 |
++ bool unhashed; |
3635 |
+ |
3636 |
+ spin_lock(&oo->oo_owner.so_client->cl_lock); |
3637 |
+- unhash_lock_stateid(stp); |
3638 |
++ unhashed = unhash_lock_stateid(stp); |
3639 |
+ spin_unlock(&oo->oo_owner.so_client->cl_lock); |
3640 |
+- nfs4_put_stid(&stp->st_stid); |
3641 |
++ if (unhashed) |
3642 |
++ nfs4_put_stid(&stp->st_stid); |
3643 |
+ } |
3644 |
+ |
3645 |
+ static void unhash_lockowner_locked(struct nfs4_lockowner *lo) |
3646 |
+@@ -1129,7 +1143,7 @@ static void release_lockowner(struct nfs4_lockowner *lo) |
3647 |
+ while (!list_empty(&lo->lo_owner.so_stateids)) { |
3648 |
+ stp = list_first_entry(&lo->lo_owner.so_stateids, |
3649 |
+ struct nfs4_ol_stateid, st_perstateowner); |
3650 |
+- unhash_lock_stateid(stp); |
3651 |
++ WARN_ON(!unhash_lock_stateid(stp)); |
3652 |
+ put_ol_stateid_locked(stp, &reaplist); |
3653 |
+ } |
3654 |
+ spin_unlock(&clp->cl_lock); |
3655 |
+@@ -1142,21 +1156,26 @@ static void release_open_stateid_locks(struct nfs4_ol_stateid *open_stp, |
3656 |
+ { |
3657 |
+ struct nfs4_ol_stateid *stp; |
3658 |
+ |
3659 |
++ lockdep_assert_held(&open_stp->st_stid.sc_client->cl_lock); |
3660 |
++ |
3661 |
+ while (!list_empty(&open_stp->st_locks)) { |
3662 |
+ stp = list_entry(open_stp->st_locks.next, |
3663 |
+ struct nfs4_ol_stateid, st_locks); |
3664 |
+- unhash_lock_stateid(stp); |
3665 |
++ WARN_ON(!unhash_lock_stateid(stp)); |
3666 |
+ put_ol_stateid_locked(stp, reaplist); |
3667 |
+ } |
3668 |
+ } |
3669 |
+ |
3670 |
+-static void unhash_open_stateid(struct nfs4_ol_stateid *stp, |
3671 |
++static bool unhash_open_stateid(struct nfs4_ol_stateid *stp, |
3672 |
+ struct list_head *reaplist) |
3673 |
+ { |
3674 |
++ bool unhashed; |
3675 |
++ |
3676 |
+ lockdep_assert_held(&stp->st_stid.sc_client->cl_lock); |
3677 |
+ |
3678 |
+- unhash_ol_stateid(stp); |
3679 |
++ unhashed = unhash_ol_stateid(stp); |
3680 |
+ release_open_stateid_locks(stp, reaplist); |
3681 |
++ return unhashed; |
3682 |
+ } |
3683 |
+ |
3684 |
+ static void release_open_stateid(struct nfs4_ol_stateid *stp) |
3685 |
+@@ -1164,8 +1183,8 @@ static void release_open_stateid(struct nfs4_ol_stateid *stp) |
3686 |
+ LIST_HEAD(reaplist); |
3687 |
+ |
3688 |
+ spin_lock(&stp->st_stid.sc_client->cl_lock); |
3689 |
+- unhash_open_stateid(stp, &reaplist); |
3690 |
+- put_ol_stateid_locked(stp, &reaplist); |
3691 |
++ if (unhash_open_stateid(stp, &reaplist)) |
3692 |
++ put_ol_stateid_locked(stp, &reaplist); |
3693 |
+ spin_unlock(&stp->st_stid.sc_client->cl_lock); |
3694 |
+ free_ol_stateid_reaplist(&reaplist); |
3695 |
+ } |
3696 |
+@@ -1210,8 +1229,8 @@ static void release_openowner(struct nfs4_openowner *oo) |
3697 |
+ while (!list_empty(&oo->oo_owner.so_stateids)) { |
3698 |
+ stp = list_first_entry(&oo->oo_owner.so_stateids, |
3699 |
+ struct nfs4_ol_stateid, st_perstateowner); |
3700 |
+- unhash_open_stateid(stp, &reaplist); |
3701 |
+- put_ol_stateid_locked(stp, &reaplist); |
3702 |
++ if (unhash_open_stateid(stp, &reaplist)) |
3703 |
++ put_ol_stateid_locked(stp, &reaplist); |
3704 |
+ } |
3705 |
+ spin_unlock(&clp->cl_lock); |
3706 |
+ free_ol_stateid_reaplist(&reaplist); |
3707 |
+@@ -1714,7 +1733,7 @@ __destroy_client(struct nfs4_client *clp) |
3708 |
+ spin_lock(&state_lock); |
3709 |
+ while (!list_empty(&clp->cl_delegations)) { |
3710 |
+ dp = list_entry(clp->cl_delegations.next, struct nfs4_delegation, dl_perclnt); |
3711 |
+- unhash_delegation_locked(dp); |
3712 |
++ WARN_ON(!unhash_delegation_locked(dp)); |
3713 |
+ list_add(&dp->dl_recall_lru, &reaplist); |
3714 |
+ } |
3715 |
+ spin_unlock(&state_lock); |
3716 |
+@@ -4346,7 +4365,7 @@ nfs4_laundromat(struct nfsd_net *nn) |
3717 |
+ new_timeo = min(new_timeo, t); |
3718 |
+ break; |
3719 |
+ } |
3720 |
+- unhash_delegation_locked(dp); |
3721 |
++ WARN_ON(!unhash_delegation_locked(dp)); |
3722 |
+ list_add(&dp->dl_recall_lru, &reaplist); |
3723 |
+ } |
3724 |
+ spin_unlock(&state_lock); |
3725 |
+@@ -4714,7 +4733,7 @@ nfsd4_free_stateid(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, |
3726 |
+ if (check_for_locks(stp->st_stid.sc_file, |
3727 |
+ lockowner(stp->st_stateowner))) |
3728 |
+ break; |
3729 |
+- unhash_lock_stateid(stp); |
3730 |
++ WARN_ON(!unhash_lock_stateid(stp)); |
3731 |
+ spin_unlock(&cl->cl_lock); |
3732 |
+ nfs4_put_stid(s); |
3733 |
+ ret = nfs_ok; |
3734 |
+@@ -4930,20 +4949,23 @@ out: |
3735 |
+ static void nfsd4_close_open_stateid(struct nfs4_ol_stateid *s) |
3736 |
+ { |
3737 |
+ struct nfs4_client *clp = s->st_stid.sc_client; |
3738 |
++ bool unhashed; |
3739 |
+ LIST_HEAD(reaplist); |
3740 |
+ |
3741 |
+ s->st_stid.sc_type = NFS4_CLOSED_STID; |
3742 |
+ spin_lock(&clp->cl_lock); |
3743 |
+- unhash_open_stateid(s, &reaplist); |
3744 |
++ unhashed = unhash_open_stateid(s, &reaplist); |
3745 |
+ |
3746 |
+ if (clp->cl_minorversion) { |
3747 |
+- put_ol_stateid_locked(s, &reaplist); |
3748 |
++ if (unhashed) |
3749 |
++ put_ol_stateid_locked(s, &reaplist); |
3750 |
+ spin_unlock(&clp->cl_lock); |
3751 |
+ free_ol_stateid_reaplist(&reaplist); |
3752 |
+ } else { |
3753 |
+ spin_unlock(&clp->cl_lock); |
3754 |
+ free_ol_stateid_reaplist(&reaplist); |
3755 |
+- move_to_close_lru(s, clp->net); |
3756 |
++ if (unhashed) |
3757 |
++ move_to_close_lru(s, clp->net); |
3758 |
+ } |
3759 |
+ } |
3760 |
+ |
3761 |
+@@ -5982,7 +6004,7 @@ nfsd_inject_add_lock_to_list(struct nfs4_ol_stateid *lst, |
3762 |
+ |
3763 |
+ static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, |
3764 |
+ struct list_head *collect, |
3765 |
+- void (*func)(struct nfs4_ol_stateid *)) |
3766 |
++ bool (*func)(struct nfs4_ol_stateid *)) |
3767 |
+ { |
3768 |
+ struct nfs4_openowner *oop; |
3769 |
+ struct nfs4_ol_stateid *stp, *st_next; |
3770 |
+@@ -5996,9 +6018,9 @@ static u64 nfsd_foreach_client_lock(struct nfs4_client *clp, u64 max, |
3771 |
+ list_for_each_entry_safe(lst, lst_next, |
3772 |
+ &stp->st_locks, st_locks) { |
3773 |
+ if (func) { |
3774 |
+- func(lst); |
3775 |
+- nfsd_inject_add_lock_to_list(lst, |
3776 |
+- collect); |
3777 |
++ if (func(lst)) |
3778 |
++ nfsd_inject_add_lock_to_list(lst, |
3779 |
++ collect); |
3780 |
+ } |
3781 |
+ ++count; |
3782 |
+ /* |
3783 |
+@@ -6268,7 +6290,7 @@ static u64 nfsd_find_all_delegations(struct nfs4_client *clp, u64 max, |
3784 |
+ continue; |
3785 |
+ |
3786 |
+ atomic_inc(&clp->cl_refcount); |
3787 |
+- unhash_delegation_locked(dp); |
3788 |
++ WARN_ON(!unhash_delegation_locked(dp)); |
3789 |
+ list_add(&dp->dl_recall_lru, victims); |
3790 |
+ } |
3791 |
+ ++count; |
3792 |
+@@ -6598,7 +6620,7 @@ nfs4_state_shutdown_net(struct net *net) |
3793 |
+ spin_lock(&state_lock); |
3794 |
+ list_for_each_safe(pos, next, &nn->del_recall_lru) { |
3795 |
+ dp = list_entry (pos, struct nfs4_delegation, dl_recall_lru); |
3796 |
+- unhash_delegation_locked(dp); |
3797 |
++ WARN_ON(!unhash_delegation_locked(dp)); |
3798 |
+ list_add(&dp->dl_recall_lru, &reaplist); |
3799 |
+ } |
3800 |
+ spin_unlock(&state_lock); |
3801 |
+diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c |
3802 |
+index d4d84451e0e6..3dd1b616b92b 100644 |
3803 |
+--- a/fs/nfsd/nfs4xdr.c |
3804 |
++++ b/fs/nfsd/nfs4xdr.c |
3805 |
+@@ -2139,6 +2139,27 @@ nfsd4_encode_aclname(struct xdr_stream *xdr, struct svc_rqst *rqstp, |
3806 |
+ return nfsd4_encode_user(xdr, rqstp, ace->who_uid); |
3807 |
+ } |
3808 |
+ |
3809 |
++static inline __be32 |
3810 |
++nfsd4_encode_layout_type(struct xdr_stream *xdr, enum pnfs_layouttype layout_type) |
3811 |
++{ |
3812 |
++ __be32 *p; |
3813 |
++ |
3814 |
++ if (layout_type) { |
3815 |
++ p = xdr_reserve_space(xdr, 8); |
3816 |
++ if (!p) |
3817 |
++ return nfserr_resource; |
3818 |
++ *p++ = cpu_to_be32(1); |
3819 |
++ *p++ = cpu_to_be32(layout_type); |
3820 |
++ } else { |
3821 |
++ p = xdr_reserve_space(xdr, 4); |
3822 |
++ if (!p) |
3823 |
++ return nfserr_resource; |
3824 |
++ *p++ = cpu_to_be32(0); |
3825 |
++ } |
3826 |
++ |
3827 |
++ return 0; |
3828 |
++} |
3829 |
++ |
3830 |
+ #define WORD0_ABSENT_FS_ATTRS (FATTR4_WORD0_FS_LOCATIONS | FATTR4_WORD0_FSID | \ |
3831 |
+ FATTR4_WORD0_RDATTR_ERROR) |
3832 |
+ #define WORD1_ABSENT_FS_ATTRS FATTR4_WORD1_MOUNTED_ON_FILEID |
3833 |
+@@ -2692,20 +2713,16 @@ out_acl: |
3834 |
+ p = xdr_encode_hyper(p, stat.ino); |
3835 |
+ } |
3836 |
+ #ifdef CONFIG_NFSD_PNFS |
3837 |
+- if ((bmval1 & FATTR4_WORD1_FS_LAYOUT_TYPES) || |
3838 |
+- (bmval2 & FATTR4_WORD2_LAYOUT_TYPES)) { |
3839 |
+- if (exp->ex_layout_type) { |
3840 |
+- p = xdr_reserve_space(xdr, 8); |
3841 |
+- if (!p) |
3842 |
+- goto out_resource; |
3843 |
+- *p++ = cpu_to_be32(1); |
3844 |
+- *p++ = cpu_to_be32(exp->ex_layout_type); |
3845 |
+- } else { |
3846 |
+- p = xdr_reserve_space(xdr, 4); |
3847 |
+- if (!p) |
3848 |
+- goto out_resource; |
3849 |
+- *p++ = cpu_to_be32(0); |
3850 |
+- } |
3851 |
++ if (bmval1 & FATTR4_WORD1_FS_LAYOUT_TYPES) { |
3852 |
++ status = nfsd4_encode_layout_type(xdr, exp->ex_layout_type); |
3853 |
++ if (status) |
3854 |
++ goto out; |
3855 |
++ } |
3856 |
++ |
3857 |
++ if (bmval2 & FATTR4_WORD2_LAYOUT_TYPES) { |
3858 |
++ status = nfsd4_encode_layout_type(xdr, exp->ex_layout_type); |
3859 |
++ if (status) |
3860 |
++ goto out; |
3861 |
+ } |
3862 |
+ |
3863 |
+ if (bmval2 & FATTR4_WORD2_LAYOUT_BLKSIZE) { |
3864 |
+diff --git a/include/linux/jbd2.h b/include/linux/jbd2.h |
3865 |
+index edb640ae9a94..eb1cebed3f36 100644 |
3866 |
+--- a/include/linux/jbd2.h |
3867 |
++++ b/include/linux/jbd2.h |
3868 |
+@@ -1042,8 +1042,9 @@ void jbd2_update_log_tail(journal_t *journal, tid_t tid, unsigned long block); |
3869 |
+ extern void jbd2_journal_commit_transaction(journal_t *); |
3870 |
+ |
3871 |
+ /* Checkpoint list management */ |
3872 |
+-void __jbd2_journal_clean_checkpoint_list(journal_t *journal); |
3873 |
++void __jbd2_journal_clean_checkpoint_list(journal_t *journal, bool destroy); |
3874 |
+ int __jbd2_journal_remove_checkpoint(struct journal_head *); |
3875 |
++void jbd2_journal_destroy_checkpoint(journal_t *journal); |
3876 |
+ void __jbd2_journal_insert_checkpoint(struct journal_head *, transaction_t *); |
3877 |
+ |
3878 |
+ |
3879 |
+diff --git a/include/linux/mm.h b/include/linux/mm.h |
3880 |
+index 0755b9fd03a7..b2085582d44e 100644 |
3881 |
+--- a/include/linux/mm.h |
3882 |
++++ b/include/linux/mm.h |
3883 |
+@@ -1002,6 +1002,34 @@ static inline int page_mapped(struct page *page) |
3884 |
+ } |
3885 |
+ |
3886 |
+ /* |
3887 |
++ * Return true only if the page has been allocated with |
3888 |
++ * ALLOC_NO_WATERMARKS and the low watermark was not |
3889 |
++ * met implying that the system is under some pressure. |
3890 |
++ */ |
3891 |
++static inline bool page_is_pfmemalloc(struct page *page) |
3892 |
++{ |
3893 |
++ /* |
3894 |
++ * Page index cannot be this large so this must be |
3895 |
++ * a pfmemalloc page. |
3896 |
++ */ |
3897 |
++ return page->index == -1UL; |
3898 |
++} |
3899 |
++ |
3900 |
++/* |
3901 |
++ * Only to be called by the page allocator on a freshly allocated |
3902 |
++ * page. |
3903 |
++ */ |
3904 |
++static inline void set_page_pfmemalloc(struct page *page) |
3905 |
++{ |
3906 |
++ page->index = -1UL; |
3907 |
++} |
3908 |
++ |
3909 |
++static inline void clear_page_pfmemalloc(struct page *page) |
3910 |
++{ |
3911 |
++ page->index = 0; |
3912 |
++} |
3913 |
++ |
3914 |
++/* |
3915 |
+ * Different kinds of faults, as returned by handle_mm_fault(). |
3916 |
+ * Used to decide whether a process gets delivered SIGBUS or |
3917 |
+ * just gets major/minor fault counters bumped up. |
3918 |
+diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h |
3919 |
+index 8d37e26a1007..c0c6b33535fb 100644 |
3920 |
+--- a/include/linux/mm_types.h |
3921 |
++++ b/include/linux/mm_types.h |
3922 |
+@@ -63,15 +63,6 @@ struct page { |
3923 |
+ union { |
3924 |
+ pgoff_t index; /* Our offset within mapping. */ |
3925 |
+ void *freelist; /* sl[aou]b first free object */ |
3926 |
+- bool pfmemalloc; /* If set by the page allocator, |
3927 |
+- * ALLOC_NO_WATERMARKS was set |
3928 |
+- * and the low watermark was not |
3929 |
+- * met implying that the system |
3930 |
+- * is under some pressure. The |
3931 |
+- * caller should try ensure |
3932 |
+- * this page is only used to |
3933 |
+- * free other pages. |
3934 |
+- */ |
3935 |
+ }; |
3936 |
+ |
3937 |
+ union { |
3938 |
+diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
3939 |
+index f15154a879c7..eb1c55b8255a 100644 |
3940 |
+--- a/include/linux/skbuff.h |
3941 |
++++ b/include/linux/skbuff.h |
3942 |
+@@ -1590,20 +1590,16 @@ static inline void __skb_fill_page_desc(struct sk_buff *skb, int i, |
3943 |
+ skb_frag_t *frag = &skb_shinfo(skb)->frags[i]; |
3944 |
+ |
3945 |
+ /* |
3946 |
+- * Propagate page->pfmemalloc to the skb if we can. The problem is |
3947 |
+- * that not all callers have unique ownership of the page. If |
3948 |
+- * pfmemalloc is set, we check the mapping as a mapping implies |
3949 |
+- * page->index is set (index and pfmemalloc share space). |
3950 |
+- * If it's a valid mapping, we cannot use page->pfmemalloc but we |
3951 |
+- * do not lose pfmemalloc information as the pages would not be |
3952 |
+- * allocated using __GFP_MEMALLOC. |
3953 |
++ * Propagate page pfmemalloc to the skb if we can. The problem is |
3954 |
++ * that not all callers have unique ownership of the page but rely |
3955 |
++ * on page_is_pfmemalloc doing the right thing(tm). |
3956 |
+ */ |
3957 |
+ frag->page.p = page; |
3958 |
+ frag->page_offset = off; |
3959 |
+ skb_frag_size_set(frag, size); |
3960 |
+ |
3961 |
+ page = compound_head(page); |
3962 |
+- if (page->pfmemalloc && !page->mapping) |
3963 |
++ if (page_is_pfmemalloc(page)) |
3964 |
+ skb->pfmemalloc = true; |
3965 |
+ } |
3966 |
+ |
3967 |
+@@ -2250,7 +2246,7 @@ static inline struct page *dev_alloc_page(void) |
3968 |
+ static inline void skb_propagate_pfmemalloc(struct page *page, |
3969 |
+ struct sk_buff *skb) |
3970 |
+ { |
3971 |
+- if (page && page->pfmemalloc) |
3972 |
++ if (page_is_pfmemalloc(page)) |
3973 |
+ skb->pfmemalloc = true; |
3974 |
+ } |
3975 |
+ |
3976 |
+diff --git a/include/linux/sunrpc/xprtsock.h b/include/linux/sunrpc/xprtsock.h |
3977 |
+index 7591788e9fbf..357e44c1a46b 100644 |
3978 |
+--- a/include/linux/sunrpc/xprtsock.h |
3979 |
++++ b/include/linux/sunrpc/xprtsock.h |
3980 |
+@@ -42,6 +42,7 @@ struct sock_xprt { |
3981 |
+ /* |
3982 |
+ * Connection of transports |
3983 |
+ */ |
3984 |
++ unsigned long sock_state; |
3985 |
+ struct delayed_work connect_worker; |
3986 |
+ struct sockaddr_storage srcaddr; |
3987 |
+ unsigned short srcport; |
3988 |
+@@ -76,6 +77,8 @@ struct sock_xprt { |
3989 |
+ */ |
3990 |
+ #define TCP_RPC_REPLY (1UL << 6) |
3991 |
+ |
3992 |
++#define XPRT_SOCK_CONNECTING 1U |
3993 |
++ |
3994 |
+ #endif /* __KERNEL__ */ |
3995 |
+ |
3996 |
+ #endif /* _LINUX_SUNRPC_XPRTSOCK_H */ |
3997 |
+diff --git a/include/net/act_api.h b/include/net/act_api.h |
3998 |
+index 3ee4c92afd1b..931738bc5bba 100644 |
3999 |
+--- a/include/net/act_api.h |
4000 |
++++ b/include/net/act_api.h |
4001 |
+@@ -99,7 +99,6 @@ struct tc_action_ops { |
4002 |
+ |
4003 |
+ int tcf_hash_search(struct tc_action *a, u32 index); |
4004 |
+ void tcf_hash_destroy(struct tc_action *a); |
4005 |
+-int tcf_hash_release(struct tc_action *a, int bind); |
4006 |
+ u32 tcf_hash_new_index(struct tcf_hashinfo *hinfo); |
4007 |
+ int tcf_hash_check(u32 index, struct tc_action *a, int bind); |
4008 |
+ int tcf_hash_create(u32 index, struct nlattr *est, struct tc_action *a, |
4009 |
+@@ -107,6 +106,13 @@ int tcf_hash_create(u32 index, struct nlattr *est, struct tc_action *a, |
4010 |
+ void tcf_hash_cleanup(struct tc_action *a, struct nlattr *est); |
4011 |
+ void tcf_hash_insert(struct tc_action *a); |
4012 |
+ |
4013 |
++int __tcf_hash_release(struct tc_action *a, bool bind, bool strict); |
4014 |
++ |
4015 |
++static inline int tcf_hash_release(struct tc_action *a, bool bind) |
4016 |
++{ |
4017 |
++ return __tcf_hash_release(a, bind, false); |
4018 |
++} |
4019 |
++ |
4020 |
+ int tcf_register_action(struct tc_action_ops *a, unsigned int mask); |
4021 |
+ int tcf_unregister_action(struct tc_action_ops *a); |
4022 |
+ int tcf_action_destroy(struct list_head *actions, int bind); |
4023 |
+diff --git a/include/net/ip.h b/include/net/ip.h |
4024 |
+index d14af7edd197..f41fc497b21b 100644 |
4025 |
+--- a/include/net/ip.h |
4026 |
++++ b/include/net/ip.h |
4027 |
+@@ -161,6 +161,7 @@ static inline __u8 get_rtconn_flags(struct ipcm_cookie* ipc, struct sock* sk) |
4028 |
+ } |
4029 |
+ |
4030 |
+ /* datagram.c */ |
4031 |
++int __ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len); |
4032 |
+ int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len); |
4033 |
+ |
4034 |
+ void ip4_datagram_release_cb(struct sock *sk); |
4035 |
+diff --git a/include/soc/tegra/mc.h b/include/soc/tegra/mc.h |
4036 |
+index 63deb8d9f82a..d298857cd845 100644 |
4037 |
+--- a/include/soc/tegra/mc.h |
4038 |
++++ b/include/soc/tegra/mc.h |
4039 |
+@@ -59,6 +59,7 @@ struct tegra_smmu_soc { |
4040 |
+ bool supports_round_robin_arbitration; |
4041 |
+ bool supports_request_limit; |
4042 |
+ |
4043 |
++ unsigned int num_tlb_lines; |
4044 |
+ unsigned int num_asids; |
4045 |
+ |
4046 |
+ const struct tegra_smmu_ops *ops; |
4047 |
+diff --git a/include/trace/events/sunrpc.h b/include/trace/events/sunrpc.h |
4048 |
+index fd1a02cb3c82..003dca933803 100644 |
4049 |
+--- a/include/trace/events/sunrpc.h |
4050 |
++++ b/include/trace/events/sunrpc.h |
4051 |
+@@ -529,18 +529,21 @@ TRACE_EVENT(svc_xprt_do_enqueue, |
4052 |
+ |
4053 |
+ TP_STRUCT__entry( |
4054 |
+ __field(struct svc_xprt *, xprt) |
4055 |
+- __field(struct svc_rqst *, rqst) |
4056 |
++ __field_struct(struct sockaddr_storage, ss) |
4057 |
++ __field(int, pid) |
4058 |
++ __field(unsigned long, flags) |
4059 |
+ ), |
4060 |
+ |
4061 |
+ TP_fast_assign( |
4062 |
+ __entry->xprt = xprt; |
4063 |
+- __entry->rqst = rqst; |
4064 |
++ xprt ? memcpy(&__entry->ss, &xprt->xpt_remote, sizeof(__entry->ss)) : memset(&__entry->ss, 0, sizeof(__entry->ss)); |
4065 |
++ __entry->pid = rqst? rqst->rq_task->pid : 0; |
4066 |
++ __entry->flags = xprt ? xprt->xpt_flags : 0; |
4067 |
+ ), |
4068 |
+ |
4069 |
+ TP_printk("xprt=0x%p addr=%pIScp pid=%d flags=%s", __entry->xprt, |
4070 |
+- (struct sockaddr *)&__entry->xprt->xpt_remote, |
4071 |
+- __entry->rqst ? __entry->rqst->rq_task->pid : 0, |
4072 |
+- show_svc_xprt_flags(__entry->xprt->xpt_flags)) |
4073 |
++ (struct sockaddr *)&__entry->ss, |
4074 |
++ __entry->pid, show_svc_xprt_flags(__entry->flags)) |
4075 |
+ ); |
4076 |
+ |
4077 |
+ TRACE_EVENT(svc_xprt_dequeue, |
4078 |
+@@ -589,16 +592,20 @@ TRACE_EVENT(svc_handle_xprt, |
4079 |
+ TP_STRUCT__entry( |
4080 |
+ __field(struct svc_xprt *, xprt) |
4081 |
+ __field(int, len) |
4082 |
++ __field_struct(struct sockaddr_storage, ss) |
4083 |
++ __field(unsigned long, flags) |
4084 |
+ ), |
4085 |
+ |
4086 |
+ TP_fast_assign( |
4087 |
+ __entry->xprt = xprt; |
4088 |
++ xprt ? memcpy(&__entry->ss, &xprt->xpt_remote, sizeof(__entry->ss)) : memset(&__entry->ss, 0, sizeof(__entry->ss)); |
4089 |
+ __entry->len = len; |
4090 |
++ __entry->flags = xprt ? xprt->xpt_flags : 0; |
4091 |
+ ), |
4092 |
+ |
4093 |
+ TP_printk("xprt=0x%p addr=%pIScp len=%d flags=%s", __entry->xprt, |
4094 |
+- (struct sockaddr *)&__entry->xprt->xpt_remote, __entry->len, |
4095 |
+- show_svc_xprt_flags(__entry->xprt->xpt_flags)) |
4096 |
++ (struct sockaddr *)&__entry->ss, |
4097 |
++ __entry->len, show_svc_xprt_flags(__entry->flags)) |
4098 |
+ ); |
4099 |
+ #endif /* _TRACE_SUNRPC_H */ |
4100 |
+ |
4101 |
+diff --git a/kernel/fork.c b/kernel/fork.c |
4102 |
+index 03c1eaaa6ef5..8209fa2d36ef 100644 |
4103 |
+--- a/kernel/fork.c |
4104 |
++++ b/kernel/fork.c |
4105 |
+@@ -1854,13 +1854,21 @@ static int check_unshare_flags(unsigned long unshare_flags) |
4106 |
+ CLONE_NEWUSER|CLONE_NEWPID)) |
4107 |
+ return -EINVAL; |
4108 |
+ /* |
4109 |
+- * Not implemented, but pretend it works if there is nothing to |
4110 |
+- * unshare. Note that unsharing CLONE_THREAD or CLONE_SIGHAND |
4111 |
+- * needs to unshare vm. |
4112 |
++ * Not implemented, but pretend it works if there is nothing |
4113 |
++ * to unshare. Note that unsharing the address space or the |
4114 |
++ * signal handlers also need to unshare the signal queues (aka |
4115 |
++ * CLONE_THREAD). |
4116 |
+ */ |
4117 |
+ if (unshare_flags & (CLONE_THREAD | CLONE_SIGHAND | CLONE_VM)) { |
4118 |
+- /* FIXME: get_task_mm() increments ->mm_users */ |
4119 |
+- if (atomic_read(¤t->mm->mm_users) > 1) |
4120 |
++ if (!thread_group_empty(current)) |
4121 |
++ return -EINVAL; |
4122 |
++ } |
4123 |
++ if (unshare_flags & (CLONE_SIGHAND | CLONE_VM)) { |
4124 |
++ if (atomic_read(¤t->sighand->count) > 1) |
4125 |
++ return -EINVAL; |
4126 |
++ } |
4127 |
++ if (unshare_flags & CLONE_VM) { |
4128 |
++ if (!current_is_single_threaded()) |
4129 |
+ return -EINVAL; |
4130 |
+ } |
4131 |
+ |
4132 |
+@@ -1929,16 +1937,16 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) |
4133 |
+ if (unshare_flags & CLONE_NEWUSER) |
4134 |
+ unshare_flags |= CLONE_THREAD | CLONE_FS; |
4135 |
+ /* |
4136 |
+- * If unsharing a thread from a thread group, must also unshare vm. |
4137 |
+- */ |
4138 |
+- if (unshare_flags & CLONE_THREAD) |
4139 |
+- unshare_flags |= CLONE_VM; |
4140 |
+- /* |
4141 |
+ * If unsharing vm, must also unshare signal handlers. |
4142 |
+ */ |
4143 |
+ if (unshare_flags & CLONE_VM) |
4144 |
+ unshare_flags |= CLONE_SIGHAND; |
4145 |
+ /* |
4146 |
++ * If unsharing a signal handlers, must also unshare the signal queues. |
4147 |
++ */ |
4148 |
++ if (unshare_flags & CLONE_SIGHAND) |
4149 |
++ unshare_flags |= CLONE_THREAD; |
4150 |
++ /* |
4151 |
+ * If unsharing namespace, must also unshare filesystem information. |
4152 |
+ */ |
4153 |
+ if (unshare_flags & CLONE_NEWNS) |
4154 |
+diff --git a/lib/decompress_bunzip2.c b/lib/decompress_bunzip2.c |
4155 |
+index 6dd0335ea61b..0234361b24b8 100644 |
4156 |
+--- a/lib/decompress_bunzip2.c |
4157 |
++++ b/lib/decompress_bunzip2.c |
4158 |
+@@ -743,12 +743,12 @@ exit_0: |
4159 |
+ } |
4160 |
+ |
4161 |
+ #ifdef PREBOOT |
4162 |
+-STATIC int INIT decompress(unsigned char *buf, long len, |
4163 |
++STATIC int INIT __decompress(unsigned char *buf, long len, |
4164 |
+ long (*fill)(void*, unsigned long), |
4165 |
+ long (*flush)(void*, unsigned long), |
4166 |
+- unsigned char *outbuf, |
4167 |
++ unsigned char *outbuf, long olen, |
4168 |
+ long *pos, |
4169 |
+- void(*error)(char *x)) |
4170 |
++ void (*error)(char *x)) |
4171 |
+ { |
4172 |
+ return bunzip2(buf, len - 4, fill, flush, outbuf, pos, error); |
4173 |
+ } |
4174 |
+diff --git a/lib/decompress_inflate.c b/lib/decompress_inflate.c |
4175 |
+index d4c7891635ec..555c06bf20da 100644 |
4176 |
+--- a/lib/decompress_inflate.c |
4177 |
++++ b/lib/decompress_inflate.c |
4178 |
+@@ -1,4 +1,5 @@ |
4179 |
+ #ifdef STATIC |
4180 |
++#define PREBOOT |
4181 |
+ /* Pre-boot environment: included */ |
4182 |
+ |
4183 |
+ /* prevent inclusion of _LINUX_KERNEL_H in pre-boot environment: lots |
4184 |
+@@ -33,23 +34,23 @@ static long INIT nofill(void *buffer, unsigned long len) |
4185 |
+ } |
4186 |
+ |
4187 |
+ /* Included from initramfs et al code */ |
4188 |
+-STATIC int INIT gunzip(unsigned char *buf, long len, |
4189 |
++STATIC int INIT __gunzip(unsigned char *buf, long len, |
4190 |
+ long (*fill)(void*, unsigned long), |
4191 |
+ long (*flush)(void*, unsigned long), |
4192 |
+- unsigned char *out_buf, |
4193 |
++ unsigned char *out_buf, long out_len, |
4194 |
+ long *pos, |
4195 |
+ void(*error)(char *x)) { |
4196 |
+ u8 *zbuf; |
4197 |
+ struct z_stream_s *strm; |
4198 |
+ int rc; |
4199 |
+- size_t out_len; |
4200 |
+ |
4201 |
+ rc = -1; |
4202 |
+ if (flush) { |
4203 |
+ out_len = 0x8000; /* 32 K */ |
4204 |
+ out_buf = malloc(out_len); |
4205 |
+ } else { |
4206 |
+- out_len = ((size_t)~0) - (size_t)out_buf; /* no limit */ |
4207 |
++ if (!out_len) |
4208 |
++ out_len = ((size_t)~0) - (size_t)out_buf; /* no limit */ |
4209 |
+ } |
4210 |
+ if (!out_buf) { |
4211 |
+ error("Out of memory while allocating output buffer"); |
4212 |
+@@ -181,4 +182,24 @@ gunzip_nomem1: |
4213 |
+ return rc; /* returns Z_OK (0) if successful */ |
4214 |
+ } |
4215 |
+ |
4216 |
+-#define decompress gunzip |
4217 |
++#ifndef PREBOOT |
4218 |
++STATIC int INIT gunzip(unsigned char *buf, long len, |
4219 |
++ long (*fill)(void*, unsigned long), |
4220 |
++ long (*flush)(void*, unsigned long), |
4221 |
++ unsigned char *out_buf, |
4222 |
++ long *pos, |
4223 |
++ void (*error)(char *x)) |
4224 |
++{ |
4225 |
++ return __gunzip(buf, len, fill, flush, out_buf, 0, pos, error); |
4226 |
++} |
4227 |
++#else |
4228 |
++STATIC int INIT __decompress(unsigned char *buf, long len, |
4229 |
++ long (*fill)(void*, unsigned long), |
4230 |
++ long (*flush)(void*, unsigned long), |
4231 |
++ unsigned char *out_buf, long out_len, |
4232 |
++ long *pos, |
4233 |
++ void (*error)(char *x)) |
4234 |
++{ |
4235 |
++ return __gunzip(buf, len, fill, flush, out_buf, out_len, pos, error); |
4236 |
++} |
4237 |
++#endif |
4238 |
+diff --git a/lib/decompress_unlz4.c b/lib/decompress_unlz4.c |
4239 |
+index 40f66ebe57b7..036fc882cd72 100644 |
4240 |
+--- a/lib/decompress_unlz4.c |
4241 |
++++ b/lib/decompress_unlz4.c |
4242 |
+@@ -196,12 +196,12 @@ exit_0: |
4243 |
+ } |
4244 |
+ |
4245 |
+ #ifdef PREBOOT |
4246 |
+-STATIC int INIT decompress(unsigned char *buf, long in_len, |
4247 |
++STATIC int INIT __decompress(unsigned char *buf, long in_len, |
4248 |
+ long (*fill)(void*, unsigned long), |
4249 |
+ long (*flush)(void*, unsigned long), |
4250 |
+- unsigned char *output, |
4251 |
++ unsigned char *output, long out_len, |
4252 |
+ long *posp, |
4253 |
+- void(*error)(char *x) |
4254 |
++ void (*error)(char *x) |
4255 |
+ ) |
4256 |
+ { |
4257 |
+ return unlz4(buf, in_len - 4, fill, flush, output, posp, error); |
4258 |
+diff --git a/lib/decompress_unlzma.c b/lib/decompress_unlzma.c |
4259 |
+index 0be83af62b88..decb64629c14 100644 |
4260 |
+--- a/lib/decompress_unlzma.c |
4261 |
++++ b/lib/decompress_unlzma.c |
4262 |
+@@ -667,13 +667,12 @@ exit_0: |
4263 |
+ } |
4264 |
+ |
4265 |
+ #ifdef PREBOOT |
4266 |
+-STATIC int INIT decompress(unsigned char *buf, long in_len, |
4267 |
++STATIC int INIT __decompress(unsigned char *buf, long in_len, |
4268 |
+ long (*fill)(void*, unsigned long), |
4269 |
+ long (*flush)(void*, unsigned long), |
4270 |
+- unsigned char *output, |
4271 |
++ unsigned char *output, long out_len, |
4272 |
+ long *posp, |
4273 |
+- void(*error)(char *x) |
4274 |
+- ) |
4275 |
++ void (*error)(char *x)) |
4276 |
+ { |
4277 |
+ return unlzma(buf, in_len - 4, fill, flush, output, posp, error); |
4278 |
+ } |
4279 |
+diff --git a/lib/decompress_unlzo.c b/lib/decompress_unlzo.c |
4280 |
+index b94a31bdd87d..f4c158e3a022 100644 |
4281 |
+--- a/lib/decompress_unlzo.c |
4282 |
++++ b/lib/decompress_unlzo.c |
4283 |
+@@ -31,6 +31,7 @@ |
4284 |
+ */ |
4285 |
+ |
4286 |
+ #ifdef STATIC |
4287 |
++#define PREBOOT |
4288 |
+ #include "lzo/lzo1x_decompress_safe.c" |
4289 |
+ #else |
4290 |
+ #include <linux/decompress/unlzo.h> |
4291 |
+@@ -287,4 +288,14 @@ exit: |
4292 |
+ return ret; |
4293 |
+ } |
4294 |
+ |
4295 |
+-#define decompress unlzo |
4296 |
++#ifdef PREBOOT |
4297 |
++STATIC int INIT __decompress(unsigned char *buf, long len, |
4298 |
++ long (*fill)(void*, unsigned long), |
4299 |
++ long (*flush)(void*, unsigned long), |
4300 |
++ unsigned char *out_buf, long olen, |
4301 |
++ long *pos, |
4302 |
++ void (*error)(char *x)) |
4303 |
++{ |
4304 |
++ return unlzo(buf, len, fill, flush, out_buf, pos, error); |
4305 |
++} |
4306 |
++#endif |
4307 |
+diff --git a/lib/decompress_unxz.c b/lib/decompress_unxz.c |
4308 |
+index b07a78340e9d..25d59a95bd66 100644 |
4309 |
+--- a/lib/decompress_unxz.c |
4310 |
++++ b/lib/decompress_unxz.c |
4311 |
+@@ -394,4 +394,14 @@ error_alloc_state: |
4312 |
+ * This macro is used by architecture-specific files to decompress |
4313 |
+ * the kernel image. |
4314 |
+ */ |
4315 |
+-#define decompress unxz |
4316 |
++#ifdef XZ_PREBOOT |
4317 |
++STATIC int INIT __decompress(unsigned char *buf, long len, |
4318 |
++ long (*fill)(void*, unsigned long), |
4319 |
++ long (*flush)(void*, unsigned long), |
4320 |
++ unsigned char *out_buf, long olen, |
4321 |
++ long *pos, |
4322 |
++ void (*error)(char *x)) |
4323 |
++{ |
4324 |
++ return unxz(buf, len, fill, flush, out_buf, pos, error); |
4325 |
++} |
4326 |
++#endif |
4327 |
+diff --git a/lib/rhashtable.c b/lib/rhashtable.c |
4328 |
+index 8609378e6505..cf910e48f8f2 100644 |
4329 |
+--- a/lib/rhashtable.c |
4330 |
++++ b/lib/rhashtable.c |
4331 |
+@@ -612,6 +612,8 @@ next: |
4332 |
+ iter->skip = 0; |
4333 |
+ } |
4334 |
+ |
4335 |
++ iter->p = NULL; |
4336 |
++ |
4337 |
+ /* Ensure we see any new tables. */ |
4338 |
+ smp_rmb(); |
4339 |
+ |
4340 |
+@@ -622,8 +624,6 @@ next: |
4341 |
+ return ERR_PTR(-EAGAIN); |
4342 |
+ } |
4343 |
+ |
4344 |
+- iter->p = NULL; |
4345 |
+- |
4346 |
+ out: |
4347 |
+ |
4348 |
+ return obj; |
4349 |
+diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
4350 |
+index ebffa0e4a9c0..18490f3bd7f1 100644 |
4351 |
+--- a/mm/page_alloc.c |
4352 |
++++ b/mm/page_alloc.c |
4353 |
+@@ -983,12 +983,15 @@ static int prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags, |
4354 |
+ set_page_owner(page, order, gfp_flags); |
4355 |
+ |
4356 |
+ /* |
4357 |
+- * page->pfmemalloc is set when ALLOC_NO_WATERMARKS was necessary to |
4358 |
++ * page is set pfmemalloc when ALLOC_NO_WATERMARKS was necessary to |
4359 |
+ * allocate the page. The expectation is that the caller is taking |
4360 |
+ * steps that will free more memory. The caller should avoid the page |
4361 |
+ * being used for !PFMEMALLOC purposes. |
4362 |
+ */ |
4363 |
+- page->pfmemalloc = !!(alloc_flags & ALLOC_NO_WATERMARKS); |
4364 |
++ if (alloc_flags & ALLOC_NO_WATERMARKS) |
4365 |
++ set_page_pfmemalloc(page); |
4366 |
++ else |
4367 |
++ clear_page_pfmemalloc(page); |
4368 |
+ |
4369 |
+ return 0; |
4370 |
+ } |
4371 |
+diff --git a/mm/slab.c b/mm/slab.c |
4372 |
+index 7eb38dd1cefa..3dd2d1ff9d5d 100644 |
4373 |
+--- a/mm/slab.c |
4374 |
++++ b/mm/slab.c |
4375 |
+@@ -1602,7 +1602,7 @@ static struct page *kmem_getpages(struct kmem_cache *cachep, gfp_t flags, |
4376 |
+ } |
4377 |
+ |
4378 |
+ /* Record if ALLOC_NO_WATERMARKS was set when allocating the slab */ |
4379 |
+- if (unlikely(page->pfmemalloc)) |
4380 |
++ if (page_is_pfmemalloc(page)) |
4381 |
+ pfmemalloc_active = true; |
4382 |
+ |
4383 |
+ nr_pages = (1 << cachep->gfporder); |
4384 |
+@@ -1613,7 +1613,7 @@ static struct page *kmem_getpages(struct kmem_cache *cachep, gfp_t flags, |
4385 |
+ add_zone_page_state(page_zone(page), |
4386 |
+ NR_SLAB_UNRECLAIMABLE, nr_pages); |
4387 |
+ __SetPageSlab(page); |
4388 |
+- if (page->pfmemalloc) |
4389 |
++ if (page_is_pfmemalloc(page)) |
4390 |
+ SetPageSlabPfmemalloc(page); |
4391 |
+ |
4392 |
+ if (kmemcheck_enabled && !(cachep->flags & SLAB_NOTRACK)) { |
4393 |
+diff --git a/mm/slub.c b/mm/slub.c |
4394 |
+index 54c0876b43d5..08342c523a85 100644 |
4395 |
+--- a/mm/slub.c |
4396 |
++++ b/mm/slub.c |
4397 |
+@@ -1427,7 +1427,7 @@ static struct page *new_slab(struct kmem_cache *s, gfp_t flags, int node) |
4398 |
+ inc_slabs_node(s, page_to_nid(page), page->objects); |
4399 |
+ page->slab_cache = s; |
4400 |
+ __SetPageSlab(page); |
4401 |
+- if (page->pfmemalloc) |
4402 |
++ if (page_is_pfmemalloc(page)) |
4403 |
+ SetPageSlabPfmemalloc(page); |
4404 |
+ |
4405 |
+ start = page_address(page); |
4406 |
+diff --git a/mm/vmscan.c b/mm/vmscan.c |
4407 |
+index 0d024fc8aa8e..1a17bd7c0ce5 100644 |
4408 |
+--- a/mm/vmscan.c |
4409 |
++++ b/mm/vmscan.c |
4410 |
+@@ -1153,7 +1153,7 @@ cull_mlocked: |
4411 |
+ if (PageSwapCache(page)) |
4412 |
+ try_to_free_swap(page); |
4413 |
+ unlock_page(page); |
4414 |
+- putback_lru_page(page); |
4415 |
++ list_add(&page->lru, &ret_pages); |
4416 |
+ continue; |
4417 |
+ |
4418 |
+ activate_locked: |
4419 |
+diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c |
4420 |
+index e97572b5d2cc..0ff6e1bbca91 100644 |
4421 |
+--- a/net/bridge/br_forward.c |
4422 |
++++ b/net/bridge/br_forward.c |
4423 |
+@@ -42,6 +42,7 @@ int br_dev_queue_push_xmit(struct sock *sk, struct sk_buff *skb) |
4424 |
+ } else { |
4425 |
+ skb_push(skb, ETH_HLEN); |
4426 |
+ br_drop_fake_rtable(skb); |
4427 |
++ skb_sender_cpu_clear(skb); |
4428 |
+ dev_queue_xmit(skb); |
4429 |
+ } |
4430 |
+ |
4431 |
+diff --git a/net/bridge/br_mdb.c b/net/bridge/br_mdb.c |
4432 |
+index e29ad70b3000..d1f910c0d586 100644 |
4433 |
+--- a/net/bridge/br_mdb.c |
4434 |
++++ b/net/bridge/br_mdb.c |
4435 |
+@@ -348,7 +348,6 @@ static int br_mdb_add_group(struct net_bridge *br, struct net_bridge_port *port, |
4436 |
+ return -ENOMEM; |
4437 |
+ rcu_assign_pointer(*pp, p); |
4438 |
+ |
4439 |
+- br_mdb_notify(br->dev, port, group, RTM_NEWMDB); |
4440 |
+ return 0; |
4441 |
+ } |
4442 |
+ |
4443 |
+@@ -371,6 +370,7 @@ static int __br_mdb_add(struct net *net, struct net_bridge *br, |
4444 |
+ if (!p || p->br != br || p->state == BR_STATE_DISABLED) |
4445 |
+ return -EINVAL; |
4446 |
+ |
4447 |
++ memset(&ip, 0, sizeof(ip)); |
4448 |
+ ip.proto = entry->addr.proto; |
4449 |
+ if (ip.proto == htons(ETH_P_IP)) |
4450 |
+ ip.u.ip4 = entry->addr.u.ip4; |
4451 |
+@@ -417,6 +417,7 @@ static int __br_mdb_del(struct net_bridge *br, struct br_mdb_entry *entry) |
4452 |
+ if (!netif_running(br->dev) || br->multicast_disabled) |
4453 |
+ return -EINVAL; |
4454 |
+ |
4455 |
++ memset(&ip, 0, sizeof(ip)); |
4456 |
+ ip.proto = entry->addr.proto; |
4457 |
+ if (ip.proto == htons(ETH_P_IP)) { |
4458 |
+ if (timer_pending(&br->ip4_other_query.timer)) |
4459 |
+diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c |
4460 |
+index 4b5c236998ff..a7559ef312bd 100644 |
4461 |
+--- a/net/bridge/br_netlink.c |
4462 |
++++ b/net/bridge/br_netlink.c |
4463 |
+@@ -112,6 +112,8 @@ static inline size_t br_port_info_size(void) |
4464 |
+ + nla_total_size(1) /* IFLA_BRPORT_FAST_LEAVE */ |
4465 |
+ + nla_total_size(1) /* IFLA_BRPORT_LEARNING */ |
4466 |
+ + nla_total_size(1) /* IFLA_BRPORT_UNICAST_FLOOD */ |
4467 |
++ + nla_total_size(1) /* IFLA_BRPORT_PROXYARP */ |
4468 |
++ + nla_total_size(1) /* IFLA_BRPORT_PROXYARP_WIFI */ |
4469 |
+ + 0; |
4470 |
+ } |
4471 |
+ |
4472 |
+@@ -504,6 +506,8 @@ static const struct nla_policy br_port_policy[IFLA_BRPORT_MAX + 1] = { |
4473 |
+ [IFLA_BRPORT_FAST_LEAVE]= { .type = NLA_U8 }, |
4474 |
+ [IFLA_BRPORT_LEARNING] = { .type = NLA_U8 }, |
4475 |
+ [IFLA_BRPORT_UNICAST_FLOOD] = { .type = NLA_U8 }, |
4476 |
++ [IFLA_BRPORT_PROXYARP] = { .type = NLA_U8 }, |
4477 |
++ [IFLA_BRPORT_PROXYARP_WIFI] = { .type = NLA_U8 }, |
4478 |
+ }; |
4479 |
+ |
4480 |
+ /* Change the state of the port and notify spanning tree */ |
4481 |
+@@ -711,9 +715,17 @@ static int br_port_slave_changelink(struct net_device *brdev, |
4482 |
+ struct nlattr *tb[], |
4483 |
+ struct nlattr *data[]) |
4484 |
+ { |
4485 |
++ struct net_bridge *br = netdev_priv(brdev); |
4486 |
++ int ret; |
4487 |
++ |
4488 |
+ if (!data) |
4489 |
+ return 0; |
4490 |
+- return br_setport(br_port_get_rtnl(dev), data); |
4491 |
++ |
4492 |
++ spin_lock_bh(&br->lock); |
4493 |
++ ret = br_setport(br_port_get_rtnl(dev), data); |
4494 |
++ spin_unlock_bh(&br->lock); |
4495 |
++ |
4496 |
++ return ret; |
4497 |
+ } |
4498 |
+ |
4499 |
+ static int br_port_fill_slave_info(struct sk_buff *skb, |
4500 |
+diff --git a/net/core/datagram.c b/net/core/datagram.c |
4501 |
+index b80fb91bb3f7..617088aee21d 100644 |
4502 |
+--- a/net/core/datagram.c |
4503 |
++++ b/net/core/datagram.c |
4504 |
+@@ -131,6 +131,35 @@ out_noerr: |
4505 |
+ goto out; |
4506 |
+ } |
4507 |
+ |
4508 |
++static struct sk_buff *skb_set_peeked(struct sk_buff *skb) |
4509 |
++{ |
4510 |
++ struct sk_buff *nskb; |
4511 |
++ |
4512 |
++ if (skb->peeked) |
4513 |
++ return skb; |
4514 |
++ |
4515 |
++ /* We have to unshare an skb before modifying it. */ |
4516 |
++ if (!skb_shared(skb)) |
4517 |
++ goto done; |
4518 |
++ |
4519 |
++ nskb = skb_clone(skb, GFP_ATOMIC); |
4520 |
++ if (!nskb) |
4521 |
++ return ERR_PTR(-ENOMEM); |
4522 |
++ |
4523 |
++ skb->prev->next = nskb; |
4524 |
++ skb->next->prev = nskb; |
4525 |
++ nskb->prev = skb->prev; |
4526 |
++ nskb->next = skb->next; |
4527 |
++ |
4528 |
++ consume_skb(skb); |
4529 |
++ skb = nskb; |
4530 |
++ |
4531 |
++done: |
4532 |
++ skb->peeked = 1; |
4533 |
++ |
4534 |
++ return skb; |
4535 |
++} |
4536 |
++ |
4537 |
+ /** |
4538 |
+ * __skb_recv_datagram - Receive a datagram skbuff |
4539 |
+ * @sk: socket |
4540 |
+@@ -165,7 +194,9 @@ out_noerr: |
4541 |
+ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
4542 |
+ int *peeked, int *off, int *err) |
4543 |
+ { |
4544 |
++ struct sk_buff_head *queue = &sk->sk_receive_queue; |
4545 |
+ struct sk_buff *skb, *last; |
4546 |
++ unsigned long cpu_flags; |
4547 |
+ long timeo; |
4548 |
+ /* |
4549 |
+ * Caller is allowed not to check sk->sk_err before skb_recv_datagram() |
4550 |
+@@ -184,8 +215,6 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
4551 |
+ * Look at current nfs client by the way... |
4552 |
+ * However, this function was correct in any case. 8) |
4553 |
+ */ |
4554 |
+- unsigned long cpu_flags; |
4555 |
+- struct sk_buff_head *queue = &sk->sk_receive_queue; |
4556 |
+ int _off = *off; |
4557 |
+ |
4558 |
+ last = (struct sk_buff *)queue; |
4559 |
+@@ -199,7 +228,12 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
4560 |
+ _off -= skb->len; |
4561 |
+ continue; |
4562 |
+ } |
4563 |
+- skb->peeked = 1; |
4564 |
++ |
4565 |
++ skb = skb_set_peeked(skb); |
4566 |
++ error = PTR_ERR(skb); |
4567 |
++ if (IS_ERR(skb)) |
4568 |
++ goto unlock_err; |
4569 |
++ |
4570 |
+ atomic_inc(&skb->users); |
4571 |
+ } else |
4572 |
+ __skb_unlink(skb, queue); |
4573 |
+@@ -223,6 +257,8 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
4574 |
+ |
4575 |
+ return NULL; |
4576 |
+ |
4577 |
++unlock_err: |
4578 |
++ spin_unlock_irqrestore(&queue->lock, cpu_flags); |
4579 |
+ no_packet: |
4580 |
+ *err = error; |
4581 |
+ return NULL; |
4582 |
+@@ -622,7 +658,8 @@ __sum16 __skb_checksum_complete_head(struct sk_buff *skb, int len) |
4583 |
+ !skb->csum_complete_sw) |
4584 |
+ netdev_rx_csum_fault(skb->dev); |
4585 |
+ } |
4586 |
+- skb->csum_valid = !sum; |
4587 |
++ if (!skb_shared(skb)) |
4588 |
++ skb->csum_valid = !sum; |
4589 |
+ return sum; |
4590 |
+ } |
4591 |
+ EXPORT_SYMBOL(__skb_checksum_complete_head); |
4592 |
+@@ -642,11 +679,13 @@ __sum16 __skb_checksum_complete(struct sk_buff *skb) |
4593 |
+ netdev_rx_csum_fault(skb->dev); |
4594 |
+ } |
4595 |
+ |
4596 |
+- /* Save full packet checksum */ |
4597 |
+- skb->csum = csum; |
4598 |
+- skb->ip_summed = CHECKSUM_COMPLETE; |
4599 |
+- skb->csum_complete_sw = 1; |
4600 |
+- skb->csum_valid = !sum; |
4601 |
++ if (!skb_shared(skb)) { |
4602 |
++ /* Save full packet checksum */ |
4603 |
++ skb->csum = csum; |
4604 |
++ skb->ip_summed = CHECKSUM_COMPLETE; |
4605 |
++ skb->csum_complete_sw = 1; |
4606 |
++ skb->csum_valid = !sum; |
4607 |
++ } |
4608 |
+ |
4609 |
+ return sum; |
4610 |
+ } |
4611 |
+diff --git a/net/core/dev.c b/net/core/dev.c |
4612 |
+index aa82f9ab6a36..a42b232805a5 100644 |
4613 |
+--- a/net/core/dev.c |
4614 |
++++ b/net/core/dev.c |
4615 |
+@@ -672,10 +672,6 @@ int dev_get_iflink(const struct net_device *dev) |
4616 |
+ if (dev->netdev_ops && dev->netdev_ops->ndo_get_iflink) |
4617 |
+ return dev->netdev_ops->ndo_get_iflink(dev); |
4618 |
+ |
4619 |
+- /* If dev->rtnl_link_ops is set, it's a virtual interface. */ |
4620 |
+- if (dev->rtnl_link_ops) |
4621 |
+- return 0; |
4622 |
+- |
4623 |
+ return dev->ifindex; |
4624 |
+ } |
4625 |
+ EXPORT_SYMBOL(dev_get_iflink); |
4626 |
+@@ -3341,6 +3337,8 @@ static int enqueue_to_backlog(struct sk_buff *skb, int cpu, |
4627 |
+ local_irq_save(flags); |
4628 |
+ |
4629 |
+ rps_lock(sd); |
4630 |
++ if (!netif_running(skb->dev)) |
4631 |
++ goto drop; |
4632 |
+ qlen = skb_queue_len(&sd->input_pkt_queue); |
4633 |
+ if (qlen <= netdev_max_backlog && !skb_flow_limit(skb, qlen)) { |
4634 |
+ if (qlen) { |
4635 |
+@@ -3362,6 +3360,7 @@ enqueue: |
4636 |
+ goto enqueue; |
4637 |
+ } |
4638 |
+ |
4639 |
++drop: |
4640 |
+ sd->dropped++; |
4641 |
+ rps_unlock(sd); |
4642 |
+ |
4643 |
+@@ -3667,8 +3666,6 @@ static int __netif_receive_skb_core(struct sk_buff *skb, bool pfmemalloc) |
4644 |
+ |
4645 |
+ pt_prev = NULL; |
4646 |
+ |
4647 |
+- rcu_read_lock(); |
4648 |
+- |
4649 |
+ another_round: |
4650 |
+ skb->skb_iif = skb->dev->ifindex; |
4651 |
+ |
4652 |
+@@ -3678,7 +3675,7 @@ another_round: |
4653 |
+ skb->protocol == cpu_to_be16(ETH_P_8021AD)) { |
4654 |
+ skb = skb_vlan_untag(skb); |
4655 |
+ if (unlikely(!skb)) |
4656 |
+- goto unlock; |
4657 |
++ goto out; |
4658 |
+ } |
4659 |
+ |
4660 |
+ #ifdef CONFIG_NET_CLS_ACT |
4661 |
+@@ -3708,7 +3705,7 @@ skip_taps: |
4662 |
+ if (static_key_false(&ingress_needed)) { |
4663 |
+ skb = handle_ing(skb, &pt_prev, &ret, orig_dev); |
4664 |
+ if (!skb) |
4665 |
+- goto unlock; |
4666 |
++ goto out; |
4667 |
+ } |
4668 |
+ |
4669 |
+ skb->tc_verd = 0; |
4670 |
+@@ -3725,7 +3722,7 @@ ncls: |
4671 |
+ if (vlan_do_receive(&skb)) |
4672 |
+ goto another_round; |
4673 |
+ else if (unlikely(!skb)) |
4674 |
+- goto unlock; |
4675 |
++ goto out; |
4676 |
+ } |
4677 |
+ |
4678 |
+ rx_handler = rcu_dereference(skb->dev->rx_handler); |
4679 |
+@@ -3737,7 +3734,7 @@ ncls: |
4680 |
+ switch (rx_handler(&skb)) { |
4681 |
+ case RX_HANDLER_CONSUMED: |
4682 |
+ ret = NET_RX_SUCCESS; |
4683 |
+- goto unlock; |
4684 |
++ goto out; |
4685 |
+ case RX_HANDLER_ANOTHER: |
4686 |
+ goto another_round; |
4687 |
+ case RX_HANDLER_EXACT: |
4688 |
+@@ -3791,8 +3788,7 @@ drop: |
4689 |
+ ret = NET_RX_DROP; |
4690 |
+ } |
4691 |
+ |
4692 |
+-unlock: |
4693 |
+- rcu_read_unlock(); |
4694 |
++out: |
4695 |
+ return ret; |
4696 |
+ } |
4697 |
+ |
4698 |
+@@ -3823,29 +3819,30 @@ static int __netif_receive_skb(struct sk_buff *skb) |
4699 |
+ |
4700 |
+ static int netif_receive_skb_internal(struct sk_buff *skb) |
4701 |
+ { |
4702 |
++ int ret; |
4703 |
++ |
4704 |
+ net_timestamp_check(netdev_tstamp_prequeue, skb); |
4705 |
+ |
4706 |
+ if (skb_defer_rx_timestamp(skb)) |
4707 |
+ return NET_RX_SUCCESS; |
4708 |
+ |
4709 |
++ rcu_read_lock(); |
4710 |
++ |
4711 |
+ #ifdef CONFIG_RPS |
4712 |
+ if (static_key_false(&rps_needed)) { |
4713 |
+ struct rps_dev_flow voidflow, *rflow = &voidflow; |
4714 |
+- int cpu, ret; |
4715 |
+- |
4716 |
+- rcu_read_lock(); |
4717 |
+- |
4718 |
+- cpu = get_rps_cpu(skb->dev, skb, &rflow); |
4719 |
++ int cpu = get_rps_cpu(skb->dev, skb, &rflow); |
4720 |
+ |
4721 |
+ if (cpu >= 0) { |
4722 |
+ ret = enqueue_to_backlog(skb, cpu, &rflow->last_qtail); |
4723 |
+ rcu_read_unlock(); |
4724 |
+ return ret; |
4725 |
+ } |
4726 |
+- rcu_read_unlock(); |
4727 |
+ } |
4728 |
+ #endif |
4729 |
+- return __netif_receive_skb(skb); |
4730 |
++ ret = __netif_receive_skb(skb); |
4731 |
++ rcu_read_unlock(); |
4732 |
++ return ret; |
4733 |
+ } |
4734 |
+ |
4735 |
+ /** |
4736 |
+@@ -4390,8 +4387,10 @@ static int process_backlog(struct napi_struct *napi, int quota) |
4737 |
+ struct sk_buff *skb; |
4738 |
+ |
4739 |
+ while ((skb = __skb_dequeue(&sd->process_queue))) { |
4740 |
++ rcu_read_lock(); |
4741 |
+ local_irq_enable(); |
4742 |
+ __netif_receive_skb(skb); |
4743 |
++ rcu_read_unlock(); |
4744 |
+ local_irq_disable(); |
4745 |
+ input_queue_head_incr(sd); |
4746 |
+ if (++work >= quota) { |
4747 |
+@@ -6027,6 +6026,7 @@ static void rollback_registered_many(struct list_head *head) |
4748 |
+ unlist_netdevice(dev); |
4749 |
+ |
4750 |
+ dev->reg_state = NETREG_UNREGISTERING; |
4751 |
++ on_each_cpu(flush_backlog, dev, 1); |
4752 |
+ } |
4753 |
+ |
4754 |
+ synchronize_net(); |
4755 |
+@@ -6297,7 +6297,8 @@ static int netif_alloc_netdev_queues(struct net_device *dev) |
4756 |
+ struct netdev_queue *tx; |
4757 |
+ size_t sz = count * sizeof(*tx); |
4758 |
+ |
4759 |
+- BUG_ON(count < 1 || count > 0xffff); |
4760 |
++ if (count < 1 || count > 0xffff) |
4761 |
++ return -EINVAL; |
4762 |
+ |
4763 |
+ tx = kzalloc(sz, GFP_KERNEL | __GFP_NOWARN | __GFP_REPEAT); |
4764 |
+ if (!tx) { |
4765 |
+@@ -6650,8 +6651,6 @@ void netdev_run_todo(void) |
4766 |
+ |
4767 |
+ dev->reg_state = NETREG_UNREGISTERED; |
4768 |
+ |
4769 |
+- on_each_cpu(flush_backlog, dev, 1); |
4770 |
+- |
4771 |
+ netdev_wait_allrefs(dev); |
4772 |
+ |
4773 |
+ /* paranoia */ |
4774 |
+diff --git a/net/core/pktgen.c b/net/core/pktgen.c |
4775 |
+index 508155b283dd..043ea1867d0f 100644 |
4776 |
+--- a/net/core/pktgen.c |
4777 |
++++ b/net/core/pktgen.c |
4778 |
+@@ -3490,8 +3490,10 @@ static int pktgen_thread_worker(void *arg) |
4779 |
+ pktgen_rem_thread(t); |
4780 |
+ |
4781 |
+ /* Wait for kthread_stop */ |
4782 |
+- while (!kthread_should_stop()) { |
4783 |
++ for (;;) { |
4784 |
+ set_current_state(TASK_INTERRUPTIBLE); |
4785 |
++ if (kthread_should_stop()) |
4786 |
++ break; |
4787 |
+ schedule(); |
4788 |
+ } |
4789 |
+ __set_current_state(TASK_RUNNING); |
4790 |
+diff --git a/net/core/request_sock.c b/net/core/request_sock.c |
4791 |
+index 87b22c0bc08c..b42f0e26f89e 100644 |
4792 |
+--- a/net/core/request_sock.c |
4793 |
++++ b/net/core/request_sock.c |
4794 |
+@@ -103,10 +103,16 @@ void reqsk_queue_destroy(struct request_sock_queue *queue) |
4795 |
+ spin_lock_bh(&queue->syn_wait_lock); |
4796 |
+ while ((req = lopt->syn_table[i]) != NULL) { |
4797 |
+ lopt->syn_table[i] = req->dl_next; |
4798 |
++ /* Because of following del_timer_sync(), |
4799 |
++ * we must release the spinlock here |
4800 |
++ * or risk a dead lock. |
4801 |
++ */ |
4802 |
++ spin_unlock_bh(&queue->syn_wait_lock); |
4803 |
+ atomic_inc(&lopt->qlen_dec); |
4804 |
+- if (del_timer(&req->rsk_timer)) |
4805 |
++ if (del_timer_sync(&req->rsk_timer)) |
4806 |
+ reqsk_put(req); |
4807 |
+ reqsk_put(req); |
4808 |
++ spin_lock_bh(&queue->syn_wait_lock); |
4809 |
+ } |
4810 |
+ spin_unlock_bh(&queue->syn_wait_lock); |
4811 |
+ } |
4812 |
+diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c |
4813 |
+index 8de36824018d..fe95cb704aaa 100644 |
4814 |
+--- a/net/core/rtnetlink.c |
4815 |
++++ b/net/core/rtnetlink.c |
4816 |
+@@ -1287,10 +1287,6 @@ static const struct nla_policy ifla_info_policy[IFLA_INFO_MAX+1] = { |
4817 |
+ [IFLA_INFO_SLAVE_DATA] = { .type = NLA_NESTED }, |
4818 |
+ }; |
4819 |
+ |
4820 |
+-static const struct nla_policy ifla_vfinfo_policy[IFLA_VF_INFO_MAX+1] = { |
4821 |
+- [IFLA_VF_INFO] = { .type = NLA_NESTED }, |
4822 |
+-}; |
4823 |
+- |
4824 |
+ static const struct nla_policy ifla_vf_policy[IFLA_VF_MAX+1] = { |
4825 |
+ [IFLA_VF_MAC] = { .len = sizeof(struct ifla_vf_mac) }, |
4826 |
+ [IFLA_VF_VLAN] = { .len = sizeof(struct ifla_vf_vlan) }, |
4827 |
+@@ -1437,96 +1433,98 @@ static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[]) |
4828 |
+ return 0; |
4829 |
+ } |
4830 |
+ |
4831 |
+-static int do_setvfinfo(struct net_device *dev, struct nlattr *attr) |
4832 |
++static int do_setvfinfo(struct net_device *dev, struct nlattr **tb) |
4833 |
+ { |
4834 |
+- int rem, err = -EINVAL; |
4835 |
+- struct nlattr *vf; |
4836 |
+ const struct net_device_ops *ops = dev->netdev_ops; |
4837 |
++ int err = -EINVAL; |
4838 |
+ |
4839 |
+- nla_for_each_nested(vf, attr, rem) { |
4840 |
+- switch (nla_type(vf)) { |
4841 |
+- case IFLA_VF_MAC: { |
4842 |
+- struct ifla_vf_mac *ivm; |
4843 |
+- ivm = nla_data(vf); |
4844 |
+- err = -EOPNOTSUPP; |
4845 |
+- if (ops->ndo_set_vf_mac) |
4846 |
+- err = ops->ndo_set_vf_mac(dev, ivm->vf, |
4847 |
+- ivm->mac); |
4848 |
+- break; |
4849 |
+- } |
4850 |
+- case IFLA_VF_VLAN: { |
4851 |
+- struct ifla_vf_vlan *ivv; |
4852 |
+- ivv = nla_data(vf); |
4853 |
+- err = -EOPNOTSUPP; |
4854 |
+- if (ops->ndo_set_vf_vlan) |
4855 |
+- err = ops->ndo_set_vf_vlan(dev, ivv->vf, |
4856 |
+- ivv->vlan, |
4857 |
+- ivv->qos); |
4858 |
+- break; |
4859 |
+- } |
4860 |
+- case IFLA_VF_TX_RATE: { |
4861 |
+- struct ifla_vf_tx_rate *ivt; |
4862 |
+- struct ifla_vf_info ivf; |
4863 |
+- ivt = nla_data(vf); |
4864 |
+- err = -EOPNOTSUPP; |
4865 |
+- if (ops->ndo_get_vf_config) |
4866 |
+- err = ops->ndo_get_vf_config(dev, ivt->vf, |
4867 |
+- &ivf); |
4868 |
+- if (err) |
4869 |
+- break; |
4870 |
+- err = -EOPNOTSUPP; |
4871 |
+- if (ops->ndo_set_vf_rate) |
4872 |
+- err = ops->ndo_set_vf_rate(dev, ivt->vf, |
4873 |
+- ivf.min_tx_rate, |
4874 |
+- ivt->rate); |
4875 |
+- break; |
4876 |
+- } |
4877 |
+- case IFLA_VF_RATE: { |
4878 |
+- struct ifla_vf_rate *ivt; |
4879 |
+- ivt = nla_data(vf); |
4880 |
+- err = -EOPNOTSUPP; |
4881 |
+- if (ops->ndo_set_vf_rate) |
4882 |
+- err = ops->ndo_set_vf_rate(dev, ivt->vf, |
4883 |
+- ivt->min_tx_rate, |
4884 |
+- ivt->max_tx_rate); |
4885 |
+- break; |
4886 |
+- } |
4887 |
+- case IFLA_VF_SPOOFCHK: { |
4888 |
+- struct ifla_vf_spoofchk *ivs; |
4889 |
+- ivs = nla_data(vf); |
4890 |
+- err = -EOPNOTSUPP; |
4891 |
+- if (ops->ndo_set_vf_spoofchk) |
4892 |
+- err = ops->ndo_set_vf_spoofchk(dev, ivs->vf, |
4893 |
+- ivs->setting); |
4894 |
+- break; |
4895 |
+- } |
4896 |
+- case IFLA_VF_LINK_STATE: { |
4897 |
+- struct ifla_vf_link_state *ivl; |
4898 |
+- ivl = nla_data(vf); |
4899 |
+- err = -EOPNOTSUPP; |
4900 |
+- if (ops->ndo_set_vf_link_state) |
4901 |
+- err = ops->ndo_set_vf_link_state(dev, ivl->vf, |
4902 |
+- ivl->link_state); |
4903 |
+- break; |
4904 |
+- } |
4905 |
+- case IFLA_VF_RSS_QUERY_EN: { |
4906 |
+- struct ifla_vf_rss_query_en *ivrssq_en; |
4907 |
++ if (tb[IFLA_VF_MAC]) { |
4908 |
++ struct ifla_vf_mac *ivm = nla_data(tb[IFLA_VF_MAC]); |
4909 |
+ |
4910 |
+- ivrssq_en = nla_data(vf); |
4911 |
+- err = -EOPNOTSUPP; |
4912 |
+- if (ops->ndo_set_vf_rss_query_en) |
4913 |
+- err = ops->ndo_set_vf_rss_query_en(dev, |
4914 |
+- ivrssq_en->vf, |
4915 |
+- ivrssq_en->setting); |
4916 |
+- break; |
4917 |
+- } |
4918 |
+- default: |
4919 |
+- err = -EINVAL; |
4920 |
+- break; |
4921 |
+- } |
4922 |
+- if (err) |
4923 |
+- break; |
4924 |
++ err = -EOPNOTSUPP; |
4925 |
++ if (ops->ndo_set_vf_mac) |
4926 |
++ err = ops->ndo_set_vf_mac(dev, ivm->vf, |
4927 |
++ ivm->mac); |
4928 |
++ if (err < 0) |
4929 |
++ return err; |
4930 |
++ } |
4931 |
++ |
4932 |
++ if (tb[IFLA_VF_VLAN]) { |
4933 |
++ struct ifla_vf_vlan *ivv = nla_data(tb[IFLA_VF_VLAN]); |
4934 |
++ |
4935 |
++ err = -EOPNOTSUPP; |
4936 |
++ if (ops->ndo_set_vf_vlan) |
4937 |
++ err = ops->ndo_set_vf_vlan(dev, ivv->vf, ivv->vlan, |
4938 |
++ ivv->qos); |
4939 |
++ if (err < 0) |
4940 |
++ return err; |
4941 |
++ } |
4942 |
++ |
4943 |
++ if (tb[IFLA_VF_TX_RATE]) { |
4944 |
++ struct ifla_vf_tx_rate *ivt = nla_data(tb[IFLA_VF_TX_RATE]); |
4945 |
++ struct ifla_vf_info ivf; |
4946 |
++ |
4947 |
++ err = -EOPNOTSUPP; |
4948 |
++ if (ops->ndo_get_vf_config) |
4949 |
++ err = ops->ndo_get_vf_config(dev, ivt->vf, &ivf); |
4950 |
++ if (err < 0) |
4951 |
++ return err; |
4952 |
++ |
4953 |
++ err = -EOPNOTSUPP; |
4954 |
++ if (ops->ndo_set_vf_rate) |
4955 |
++ err = ops->ndo_set_vf_rate(dev, ivt->vf, |
4956 |
++ ivf.min_tx_rate, |
4957 |
++ ivt->rate); |
4958 |
++ if (err < 0) |
4959 |
++ return err; |
4960 |
++ } |
4961 |
++ |
4962 |
++ if (tb[IFLA_VF_RATE]) { |
4963 |
++ struct ifla_vf_rate *ivt = nla_data(tb[IFLA_VF_RATE]); |
4964 |
++ |
4965 |
++ err = -EOPNOTSUPP; |
4966 |
++ if (ops->ndo_set_vf_rate) |
4967 |
++ err = ops->ndo_set_vf_rate(dev, ivt->vf, |
4968 |
++ ivt->min_tx_rate, |
4969 |
++ ivt->max_tx_rate); |
4970 |
++ if (err < 0) |
4971 |
++ return err; |
4972 |
+ } |
4973 |
++ |
4974 |
++ if (tb[IFLA_VF_SPOOFCHK]) { |
4975 |
++ struct ifla_vf_spoofchk *ivs = nla_data(tb[IFLA_VF_SPOOFCHK]); |
4976 |
++ |
4977 |
++ err = -EOPNOTSUPP; |
4978 |
++ if (ops->ndo_set_vf_spoofchk) |
4979 |
++ err = ops->ndo_set_vf_spoofchk(dev, ivs->vf, |
4980 |
++ ivs->setting); |
4981 |
++ if (err < 0) |
4982 |
++ return err; |
4983 |
++ } |
4984 |
++ |
4985 |
++ if (tb[IFLA_VF_LINK_STATE]) { |
4986 |
++ struct ifla_vf_link_state *ivl = nla_data(tb[IFLA_VF_LINK_STATE]); |
4987 |
++ |
4988 |
++ err = -EOPNOTSUPP; |
4989 |
++ if (ops->ndo_set_vf_link_state) |
4990 |
++ err = ops->ndo_set_vf_link_state(dev, ivl->vf, |
4991 |
++ ivl->link_state); |
4992 |
++ if (err < 0) |
4993 |
++ return err; |
4994 |
++ } |
4995 |
++ |
4996 |
++ if (tb[IFLA_VF_RSS_QUERY_EN]) { |
4997 |
++ struct ifla_vf_rss_query_en *ivrssq_en; |
4998 |
++ |
4999 |
++ err = -EOPNOTSUPP; |
5000 |
++ ivrssq_en = nla_data(tb[IFLA_VF_RSS_QUERY_EN]); |
5001 |
++ if (ops->ndo_set_vf_rss_query_en) |
5002 |
++ err = ops->ndo_set_vf_rss_query_en(dev, ivrssq_en->vf, |
5003 |
++ ivrssq_en->setting); |
5004 |
++ if (err < 0) |
5005 |
++ return err; |
5006 |
++ } |
5007 |
++ |
5008 |
+ return err; |
5009 |
+ } |
5010 |
+ |
5011 |
+@@ -1722,14 +1720,21 @@ static int do_setlink(const struct sk_buff *skb, |
5012 |
+ } |
5013 |
+ |
5014 |
+ if (tb[IFLA_VFINFO_LIST]) { |
5015 |
++ struct nlattr *vfinfo[IFLA_VF_MAX + 1]; |
5016 |
+ struct nlattr *attr; |
5017 |
+ int rem; |
5018 |
++ |
5019 |
+ nla_for_each_nested(attr, tb[IFLA_VFINFO_LIST], rem) { |
5020 |
+- if (nla_type(attr) != IFLA_VF_INFO) { |
5021 |
++ if (nla_type(attr) != IFLA_VF_INFO || |
5022 |
++ nla_len(attr) < NLA_HDRLEN) { |
5023 |
+ err = -EINVAL; |
5024 |
+ goto errout; |
5025 |
+ } |
5026 |
+- err = do_setvfinfo(dev, attr); |
5027 |
++ err = nla_parse_nested(vfinfo, IFLA_VF_MAX, attr, |
5028 |
++ ifla_vf_policy); |
5029 |
++ if (err < 0) |
5030 |
++ goto errout; |
5031 |
++ err = do_setvfinfo(dev, vfinfo); |
5032 |
+ if (err < 0) |
5033 |
+ goto errout; |
5034 |
+ status |= DO_SETLINK_NOTIFY; |
5035 |
+diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
5036 |
+index 41ec02242ea7..a2e4e47b2839 100644 |
5037 |
+--- a/net/core/skbuff.c |
5038 |
++++ b/net/core/skbuff.c |
5039 |
+@@ -340,7 +340,7 @@ struct sk_buff *build_skb(void *data, unsigned int frag_size) |
5040 |
+ |
5041 |
+ if (skb && frag_size) { |
5042 |
+ skb->head_frag = 1; |
5043 |
+- if (virt_to_head_page(data)->pfmemalloc) |
5044 |
++ if (page_is_pfmemalloc(virt_to_head_page(data))) |
5045 |
+ skb->pfmemalloc = 1; |
5046 |
+ } |
5047 |
+ return skb; |
5048 |
+diff --git a/net/dsa/slave.c b/net/dsa/slave.c |
5049 |
+index 827cda560a55..57978c5b2c91 100644 |
5050 |
+--- a/net/dsa/slave.c |
5051 |
++++ b/net/dsa/slave.c |
5052 |
+@@ -732,7 +732,8 @@ static int dsa_slave_phy_connect(struct dsa_slave_priv *p, |
5053 |
+ return -ENODEV; |
5054 |
+ |
5055 |
+ /* Use already configured phy mode */ |
5056 |
+- p->phy_interface = p->phy->interface; |
5057 |
++ if (p->phy_interface == PHY_INTERFACE_MODE_NA) |
5058 |
++ p->phy_interface = p->phy->interface; |
5059 |
+ phy_connect_direct(slave_dev, p->phy, dsa_slave_adjust_link, |
5060 |
+ p->phy_interface); |
5061 |
+ |
5062 |
+diff --git a/net/ipv4/datagram.c b/net/ipv4/datagram.c |
5063 |
+index 90c0e8386116..574fad9cca05 100644 |
5064 |
+--- a/net/ipv4/datagram.c |
5065 |
++++ b/net/ipv4/datagram.c |
5066 |
+@@ -20,7 +20,7 @@ |
5067 |
+ #include <net/route.h> |
5068 |
+ #include <net/tcp_states.h> |
5069 |
+ |
5070 |
+-int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5071 |
++int __ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5072 |
+ { |
5073 |
+ struct inet_sock *inet = inet_sk(sk); |
5074 |
+ struct sockaddr_in *usin = (struct sockaddr_in *) uaddr; |
5075 |
+@@ -39,8 +39,6 @@ int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5076 |
+ |
5077 |
+ sk_dst_reset(sk); |
5078 |
+ |
5079 |
+- lock_sock(sk); |
5080 |
+- |
5081 |
+ oif = sk->sk_bound_dev_if; |
5082 |
+ saddr = inet->inet_saddr; |
5083 |
+ if (ipv4_is_multicast(usin->sin_addr.s_addr)) { |
5084 |
+@@ -82,9 +80,19 @@ int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5085 |
+ sk_dst_set(sk, &rt->dst); |
5086 |
+ err = 0; |
5087 |
+ out: |
5088 |
+- release_sock(sk); |
5089 |
+ return err; |
5090 |
+ } |
5091 |
++EXPORT_SYMBOL(__ip4_datagram_connect); |
5092 |
++ |
5093 |
++int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5094 |
++{ |
5095 |
++ int res; |
5096 |
++ |
5097 |
++ lock_sock(sk); |
5098 |
++ res = __ip4_datagram_connect(sk, uaddr, addr_len); |
5099 |
++ release_sock(sk); |
5100 |
++ return res; |
5101 |
++} |
5102 |
+ EXPORT_SYMBOL(ip4_datagram_connect); |
5103 |
+ |
5104 |
+ /* Because UDP xmit path can manipulate sk_dst_cache without holding |
5105 |
+diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c |
5106 |
+index 09b62e17dd8c..0ca933db1b41 100644 |
5107 |
+--- a/net/ipv4/fib_trie.c |
5108 |
++++ b/net/ipv4/fib_trie.c |
5109 |
+@@ -1780,8 +1780,6 @@ void fib_table_flush_external(struct fib_table *tb) |
5110 |
+ if (hlist_empty(&n->leaf)) { |
5111 |
+ put_child_root(pn, n->key, NULL); |
5112 |
+ node_free(n); |
5113 |
+- } else { |
5114 |
+- leaf_pull_suffix(pn, n); |
5115 |
+ } |
5116 |
+ } |
5117 |
+ } |
5118 |
+@@ -1852,8 +1850,6 @@ int fib_table_flush(struct fib_table *tb) |
5119 |
+ if (hlist_empty(&n->leaf)) { |
5120 |
+ put_child_root(pn, n->key, NULL); |
5121 |
+ node_free(n); |
5122 |
+- } else { |
5123 |
+- leaf_pull_suffix(pn, n); |
5124 |
+ } |
5125 |
+ } |
5126 |
+ |
5127 |
+@@ -2457,7 +2453,7 @@ static struct key_vector *fib_route_get_idx(struct fib_route_iter *iter, |
5128 |
+ key = l->key + 1; |
5129 |
+ iter->pos++; |
5130 |
+ |
5131 |
+- if (pos-- <= 0) |
5132 |
++ if (--pos <= 0) |
5133 |
+ break; |
5134 |
+ |
5135 |
+ l = NULL; |
5136 |
+diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c |
5137 |
+index 8976ca423a07..b27fc401c6a9 100644 |
5138 |
+--- a/net/ipv4/inet_connection_sock.c |
5139 |
++++ b/net/ipv4/inet_connection_sock.c |
5140 |
+@@ -584,7 +584,7 @@ static bool reqsk_queue_unlink(struct request_sock_queue *queue, |
5141 |
+ } |
5142 |
+ |
5143 |
+ spin_unlock(&queue->syn_wait_lock); |
5144 |
+- if (del_timer(&req->rsk_timer)) |
5145 |
++ if (del_timer_sync(&req->rsk_timer)) |
5146 |
+ reqsk_put(req); |
5147 |
+ return found; |
5148 |
+ } |
5149 |
+diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c |
5150 |
+index cc1da6d9cb35..cae22a1a8777 100644 |
5151 |
+--- a/net/ipv4/ip_fragment.c |
5152 |
++++ b/net/ipv4/ip_fragment.c |
5153 |
+@@ -342,7 +342,7 @@ static int ip_frag_queue(struct ipq *qp, struct sk_buff *skb) |
5154 |
+ ihl = ip_hdrlen(skb); |
5155 |
+ |
5156 |
+ /* Determine the position of this fragment. */ |
5157 |
+- end = offset + skb->len - ihl; |
5158 |
++ end = offset + skb->len - skb_network_offset(skb) - ihl; |
5159 |
+ err = -EINVAL; |
5160 |
+ |
5161 |
+ /* Is this the final fragment? */ |
5162 |
+@@ -372,7 +372,7 @@ static int ip_frag_queue(struct ipq *qp, struct sk_buff *skb) |
5163 |
+ goto err; |
5164 |
+ |
5165 |
+ err = -ENOMEM; |
5166 |
+- if (!pskb_pull(skb, ihl)) |
5167 |
++ if (!pskb_pull(skb, skb_network_offset(skb) + ihl)) |
5168 |
+ goto err; |
5169 |
+ |
5170 |
+ err = pskb_trim_rcsum(skb, end - offset); |
5171 |
+@@ -613,6 +613,9 @@ static int ip_frag_reasm(struct ipq *qp, struct sk_buff *prev, |
5172 |
+ iph->frag_off = qp->q.max_size ? htons(IP_DF) : 0; |
5173 |
+ iph->tot_len = htons(len); |
5174 |
+ iph->tos |= ecn; |
5175 |
++ |
5176 |
++ ip_send_check(iph); |
5177 |
++ |
5178 |
+ IP_INC_STATS_BH(net, IPSTATS_MIB_REASMOKS); |
5179 |
+ qp->q.fragments = NULL; |
5180 |
+ qp->q.fragments_tail = NULL; |
5181 |
+diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c |
5182 |
+index 4c2c3ba4ba65..626d9e56a6bd 100644 |
5183 |
+--- a/net/ipv4/ip_tunnel.c |
5184 |
++++ b/net/ipv4/ip_tunnel.c |
5185 |
+@@ -586,7 +586,8 @@ int ip_tunnel_encap(struct sk_buff *skb, struct ip_tunnel *t, |
5186 |
+ EXPORT_SYMBOL(ip_tunnel_encap); |
5187 |
+ |
5188 |
+ static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb, |
5189 |
+- struct rtable *rt, __be16 df) |
5190 |
++ struct rtable *rt, __be16 df, |
5191 |
++ const struct iphdr *inner_iph) |
5192 |
+ { |
5193 |
+ struct ip_tunnel *tunnel = netdev_priv(dev); |
5194 |
+ int pkt_size = skb->len - tunnel->hlen - dev->hard_header_len; |
5195 |
+@@ -603,7 +604,8 @@ static int tnl_update_pmtu(struct net_device *dev, struct sk_buff *skb, |
5196 |
+ |
5197 |
+ if (skb->protocol == htons(ETH_P_IP)) { |
5198 |
+ if (!skb_is_gso(skb) && |
5199 |
+- (df & htons(IP_DF)) && mtu < pkt_size) { |
5200 |
++ (inner_iph->frag_off & htons(IP_DF)) && |
5201 |
++ mtu < pkt_size) { |
5202 |
+ memset(IPCB(skb), 0, sizeof(*IPCB(skb))); |
5203 |
+ icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, htonl(mtu)); |
5204 |
+ return -E2BIG; |
5205 |
+@@ -737,7 +739,7 @@ void ip_tunnel_xmit(struct sk_buff *skb, struct net_device *dev, |
5206 |
+ goto tx_error; |
5207 |
+ } |
5208 |
+ |
5209 |
+- if (tnl_update_pmtu(dev, skb, rt, tnl_params->frag_off)) { |
5210 |
++ if (tnl_update_pmtu(dev, skb, rt, tnl_params->frag_off, inner_iph)) { |
5211 |
+ ip_rt_put(rt); |
5212 |
+ goto tx_error; |
5213 |
+ } |
5214 |
+diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c |
5215 |
+index fc1c658ec6c1..441ca6f38981 100644 |
5216 |
+--- a/net/ipv4/tcp_ipv4.c |
5217 |
++++ b/net/ipv4/tcp_ipv4.c |
5218 |
+@@ -1348,7 +1348,7 @@ static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb) |
5219 |
+ req = inet_csk_search_req(sk, th->source, iph->saddr, iph->daddr); |
5220 |
+ if (req) { |
5221 |
+ nsk = tcp_check_req(sk, skb, req, false); |
5222 |
+- if (!nsk) |
5223 |
++ if (!nsk || nsk == sk) |
5224 |
+ reqsk_put(req); |
5225 |
+ return nsk; |
5226 |
+ } |
5227 |
+diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c |
5228 |
+index 83aa604f9273..1b8c5ba7d5f7 100644 |
5229 |
+--- a/net/ipv4/udp.c |
5230 |
++++ b/net/ipv4/udp.c |
5231 |
+@@ -1995,12 +1995,19 @@ void udp_v4_early_demux(struct sk_buff *skb) |
5232 |
+ |
5233 |
+ skb->sk = sk; |
5234 |
+ skb->destructor = sock_efree; |
5235 |
+- dst = sk->sk_rx_dst; |
5236 |
++ dst = READ_ONCE(sk->sk_rx_dst); |
5237 |
+ |
5238 |
+ if (dst) |
5239 |
+ dst = dst_check(dst, 0); |
5240 |
+- if (dst) |
5241 |
+- skb_dst_set_noref(skb, dst); |
5242 |
++ if (dst) { |
5243 |
++ /* DST_NOCACHE can not be used without taking a reference */ |
5244 |
++ if (dst->flags & DST_NOCACHE) { |
5245 |
++ if (likely(atomic_inc_not_zero(&dst->__refcnt))) |
5246 |
++ skb_dst_set(skb, dst); |
5247 |
++ } else { |
5248 |
++ skb_dst_set_noref(skb, dst); |
5249 |
++ } |
5250 |
++ } |
5251 |
+ } |
5252 |
+ |
5253 |
+ int udp_rcv(struct sk_buff *skb) |
5254 |
+diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c |
5255 |
+index 62d908e64eeb..b10a88986a98 100644 |
5256 |
+--- a/net/ipv6/datagram.c |
5257 |
++++ b/net/ipv6/datagram.c |
5258 |
+@@ -40,7 +40,7 @@ static bool ipv6_mapped_addr_any(const struct in6_addr *a) |
5259 |
+ return ipv6_addr_v4mapped(a) && (a->s6_addr32[3] == 0); |
5260 |
+ } |
5261 |
+ |
5262 |
+-int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5263 |
++static int __ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5264 |
+ { |
5265 |
+ struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; |
5266 |
+ struct inet_sock *inet = inet_sk(sk); |
5267 |
+@@ -56,7 +56,7 @@ int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5268 |
+ if (usin->sin6_family == AF_INET) { |
5269 |
+ if (__ipv6_only_sock(sk)) |
5270 |
+ return -EAFNOSUPPORT; |
5271 |
+- err = ip4_datagram_connect(sk, uaddr, addr_len); |
5272 |
++ err = __ip4_datagram_connect(sk, uaddr, addr_len); |
5273 |
+ goto ipv4_connected; |
5274 |
+ } |
5275 |
+ |
5276 |
+@@ -98,9 +98,9 @@ int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5277 |
+ sin.sin_addr.s_addr = daddr->s6_addr32[3]; |
5278 |
+ sin.sin_port = usin->sin6_port; |
5279 |
+ |
5280 |
+- err = ip4_datagram_connect(sk, |
5281 |
+- (struct sockaddr *) &sin, |
5282 |
+- sizeof(sin)); |
5283 |
++ err = __ip4_datagram_connect(sk, |
5284 |
++ (struct sockaddr *) &sin, |
5285 |
++ sizeof(sin)); |
5286 |
+ |
5287 |
+ ipv4_connected: |
5288 |
+ if (err) |
5289 |
+@@ -204,6 +204,16 @@ out: |
5290 |
+ fl6_sock_release(flowlabel); |
5291 |
+ return err; |
5292 |
+ } |
5293 |
++ |
5294 |
++int ip6_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len) |
5295 |
++{ |
5296 |
++ int res; |
5297 |
++ |
5298 |
++ lock_sock(sk); |
5299 |
++ res = __ip6_datagram_connect(sk, uaddr, addr_len); |
5300 |
++ release_sock(sk); |
5301 |
++ return res; |
5302 |
++} |
5303 |
+ EXPORT_SYMBOL_GPL(ip6_datagram_connect); |
5304 |
+ |
5305 |
+ int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *uaddr, |
5306 |
+diff --git a/net/ipv6/ip6_input.c b/net/ipv6/ip6_input.c |
5307 |
+index f2e464eba5ef..57990c929cd8 100644 |
5308 |
+--- a/net/ipv6/ip6_input.c |
5309 |
++++ b/net/ipv6/ip6_input.c |
5310 |
+@@ -331,10 +331,10 @@ int ip6_mc_input(struct sk_buff *skb) |
5311 |
+ if (offset < 0) |
5312 |
+ goto out; |
5313 |
+ |
5314 |
+- if (!ipv6_is_mld(skb, nexthdr, offset)) |
5315 |
+- goto out; |
5316 |
++ if (ipv6_is_mld(skb, nexthdr, offset)) |
5317 |
++ deliver = true; |
5318 |
+ |
5319 |
+- deliver = true; |
5320 |
++ goto out; |
5321 |
+ } |
5322 |
+ /* unknown RA - process it normally */ |
5323 |
+ } |
5324 |
+diff --git a/net/ipv6/ip6_offload.c b/net/ipv6/ip6_offload.c |
5325 |
+index e893cd18612f..08b62047c67f 100644 |
5326 |
+--- a/net/ipv6/ip6_offload.c |
5327 |
++++ b/net/ipv6/ip6_offload.c |
5328 |
+@@ -292,8 +292,6 @@ static struct packet_offload ipv6_packet_offload __read_mostly = { |
5329 |
+ static const struct net_offload sit_offload = { |
5330 |
+ .callbacks = { |
5331 |
+ .gso_segment = ipv6_gso_segment, |
5332 |
+- .gro_receive = ipv6_gro_receive, |
5333 |
+- .gro_complete = ipv6_gro_complete, |
5334 |
+ }, |
5335 |
+ }; |
5336 |
+ |
5337 |
+diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c |
5338 |
+index 3adffb300238..e541d68dba8b 100644 |
5339 |
+--- a/net/ipv6/tcp_ipv6.c |
5340 |
++++ b/net/ipv6/tcp_ipv6.c |
5341 |
+@@ -946,7 +946,7 @@ static struct sock *tcp_v6_hnd_req(struct sock *sk, struct sk_buff *skb) |
5342 |
+ &ipv6_hdr(skb)->daddr, tcp_v6_iif(skb)); |
5343 |
+ if (req) { |
5344 |
+ nsk = tcp_check_req(sk, skb, req, false); |
5345 |
+- if (!nsk) |
5346 |
++ if (!nsk || nsk == sk) |
5347 |
+ reqsk_put(req); |
5348 |
+ return nsk; |
5349 |
+ } |
5350 |
+diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c |
5351 |
+index 667111ee6a20..5787f15a3a12 100644 |
5352 |
+--- a/net/mac80211/tx.c |
5353 |
++++ b/net/mac80211/tx.c |
5354 |
+@@ -301,9 +301,6 @@ ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx) |
5355 |
+ if (tx->sdata->vif.type == NL80211_IFTYPE_WDS) |
5356 |
+ return TX_CONTINUE; |
5357 |
+ |
5358 |
+- if (tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT) |
5359 |
+- return TX_CONTINUE; |
5360 |
+- |
5361 |
+ if (tx->flags & IEEE80211_TX_PS_BUFFERED) |
5362 |
+ return TX_CONTINUE; |
5363 |
+ |
5364 |
+diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
5365 |
+index bf6e76643f78..4856d975492d 100644 |
5366 |
+--- a/net/netlink/af_netlink.c |
5367 |
++++ b/net/netlink/af_netlink.c |
5368 |
+@@ -355,25 +355,52 @@ err1: |
5369 |
+ return NULL; |
5370 |
+ } |
5371 |
+ |
5372 |
++ |
5373 |
++static void |
5374 |
++__netlink_set_ring(struct sock *sk, struct nl_mmap_req *req, bool tx_ring, void **pg_vec, |
5375 |
++ unsigned int order) |
5376 |
++{ |
5377 |
++ struct netlink_sock *nlk = nlk_sk(sk); |
5378 |
++ struct sk_buff_head *queue; |
5379 |
++ struct netlink_ring *ring; |
5380 |
++ |
5381 |
++ queue = tx_ring ? &sk->sk_write_queue : &sk->sk_receive_queue; |
5382 |
++ ring = tx_ring ? &nlk->tx_ring : &nlk->rx_ring; |
5383 |
++ |
5384 |
++ spin_lock_bh(&queue->lock); |
5385 |
++ |
5386 |
++ ring->frame_max = req->nm_frame_nr - 1; |
5387 |
++ ring->head = 0; |
5388 |
++ ring->frame_size = req->nm_frame_size; |
5389 |
++ ring->pg_vec_pages = req->nm_block_size / PAGE_SIZE; |
5390 |
++ |
5391 |
++ swap(ring->pg_vec_len, req->nm_block_nr); |
5392 |
++ swap(ring->pg_vec_order, order); |
5393 |
++ swap(ring->pg_vec, pg_vec); |
5394 |
++ |
5395 |
++ __skb_queue_purge(queue); |
5396 |
++ spin_unlock_bh(&queue->lock); |
5397 |
++ |
5398 |
++ WARN_ON(atomic_read(&nlk->mapped)); |
5399 |
++ |
5400 |
++ if (pg_vec) |
5401 |
++ free_pg_vec(pg_vec, order, req->nm_block_nr); |
5402 |
++} |
5403 |
++ |
5404 |
+ static int netlink_set_ring(struct sock *sk, struct nl_mmap_req *req, |
5405 |
+- bool closing, bool tx_ring) |
5406 |
++ bool tx_ring) |
5407 |
+ { |
5408 |
+ struct netlink_sock *nlk = nlk_sk(sk); |
5409 |
+ struct netlink_ring *ring; |
5410 |
+- struct sk_buff_head *queue; |
5411 |
+ void **pg_vec = NULL; |
5412 |
+ unsigned int order = 0; |
5413 |
+- int err; |
5414 |
+ |
5415 |
+ ring = tx_ring ? &nlk->tx_ring : &nlk->rx_ring; |
5416 |
+- queue = tx_ring ? &sk->sk_write_queue : &sk->sk_receive_queue; |
5417 |
+ |
5418 |
+- if (!closing) { |
5419 |
+- if (atomic_read(&nlk->mapped)) |
5420 |
+- return -EBUSY; |
5421 |
+- if (atomic_read(&ring->pending)) |
5422 |
+- return -EBUSY; |
5423 |
+- } |
5424 |
++ if (atomic_read(&nlk->mapped)) |
5425 |
++ return -EBUSY; |
5426 |
++ if (atomic_read(&ring->pending)) |
5427 |
++ return -EBUSY; |
5428 |
+ |
5429 |
+ if (req->nm_block_nr) { |
5430 |
+ if (ring->pg_vec != NULL) |
5431 |
+@@ -405,31 +432,19 @@ static int netlink_set_ring(struct sock *sk, struct nl_mmap_req *req, |
5432 |
+ return -EINVAL; |
5433 |
+ } |
5434 |
+ |
5435 |
+- err = -EBUSY; |
5436 |
+ mutex_lock(&nlk->pg_vec_lock); |
5437 |
+- if (closing || atomic_read(&nlk->mapped) == 0) { |
5438 |
+- err = 0; |
5439 |
+- spin_lock_bh(&queue->lock); |
5440 |
+- |
5441 |
+- ring->frame_max = req->nm_frame_nr - 1; |
5442 |
+- ring->head = 0; |
5443 |
+- ring->frame_size = req->nm_frame_size; |
5444 |
+- ring->pg_vec_pages = req->nm_block_size / PAGE_SIZE; |
5445 |
+- |
5446 |
+- swap(ring->pg_vec_len, req->nm_block_nr); |
5447 |
+- swap(ring->pg_vec_order, order); |
5448 |
+- swap(ring->pg_vec, pg_vec); |
5449 |
+- |
5450 |
+- __skb_queue_purge(queue); |
5451 |
+- spin_unlock_bh(&queue->lock); |
5452 |
+- |
5453 |
+- WARN_ON(atomic_read(&nlk->mapped)); |
5454 |
++ if (atomic_read(&nlk->mapped) == 0) { |
5455 |
++ __netlink_set_ring(sk, req, tx_ring, pg_vec, order); |
5456 |
++ mutex_unlock(&nlk->pg_vec_lock); |
5457 |
++ return 0; |
5458 |
+ } |
5459 |
++ |
5460 |
+ mutex_unlock(&nlk->pg_vec_lock); |
5461 |
+ |
5462 |
+ if (pg_vec) |
5463 |
+ free_pg_vec(pg_vec, order, req->nm_block_nr); |
5464 |
+- return err; |
5465 |
++ |
5466 |
++ return -EBUSY; |
5467 |
+ } |
5468 |
+ |
5469 |
+ static void netlink_mm_open(struct vm_area_struct *vma) |
5470 |
+@@ -898,10 +913,10 @@ static void netlink_sock_destruct(struct sock *sk) |
5471 |
+ |
5472 |
+ memset(&req, 0, sizeof(req)); |
5473 |
+ if (nlk->rx_ring.pg_vec) |
5474 |
+- netlink_set_ring(sk, &req, true, false); |
5475 |
++ __netlink_set_ring(sk, &req, false, NULL, 0); |
5476 |
+ memset(&req, 0, sizeof(req)); |
5477 |
+ if (nlk->tx_ring.pg_vec) |
5478 |
+- netlink_set_ring(sk, &req, true, true); |
5479 |
++ __netlink_set_ring(sk, &req, true, NULL, 0); |
5480 |
+ } |
5481 |
+ #endif /* CONFIG_NETLINK_MMAP */ |
5482 |
+ |
5483 |
+@@ -1079,6 +1094,11 @@ static int netlink_insert(struct sock *sk, u32 portid) |
5484 |
+ |
5485 |
+ err = __netlink_insert(table, sk); |
5486 |
+ if (err) { |
5487 |
++ /* In case the hashtable backend returns with -EBUSY |
5488 |
++ * from here, it must not escape to the caller. |
5489 |
++ */ |
5490 |
++ if (unlikely(err == -EBUSY)) |
5491 |
++ err = -EOVERFLOW; |
5492 |
+ if (err == -EEXIST) |
5493 |
+ err = -EADDRINUSE; |
5494 |
+ nlk_sk(sk)->portid = 0; |
5495 |
+@@ -2197,7 +2217,7 @@ static int netlink_setsockopt(struct socket *sock, int level, int optname, |
5496 |
+ return -EINVAL; |
5497 |
+ if (copy_from_user(&req, optval, sizeof(req))) |
5498 |
+ return -EFAULT; |
5499 |
+- err = netlink_set_ring(sk, &req, false, |
5500 |
++ err = netlink_set_ring(sk, &req, |
5501 |
+ optname == NETLINK_TX_RING); |
5502 |
+ break; |
5503 |
+ } |
5504 |
+diff --git a/net/nfc/nci/hci.c b/net/nfc/nci/hci.c |
5505 |
+index ed54ec533836..b33fed6d1584 100644 |
5506 |
+--- a/net/nfc/nci/hci.c |
5507 |
++++ b/net/nfc/nci/hci.c |
5508 |
+@@ -233,7 +233,7 @@ int nci_hci_send_cmd(struct nci_dev *ndev, u8 gate, u8 cmd, |
5509 |
+ r = nci_request(ndev, nci_hci_send_data_req, (unsigned long)&data, |
5510 |
+ msecs_to_jiffies(NCI_DATA_TIMEOUT)); |
5511 |
+ |
5512 |
+- if (r == NCI_STATUS_OK) |
5513 |
++ if (r == NCI_STATUS_OK && skb) |
5514 |
+ *skb = conn_info->rx_skb; |
5515 |
+ |
5516 |
+ return r; |
5517 |
+diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c |
5518 |
+index fe1610ddeacf..e1ea5d43b01e 100644 |
5519 |
+--- a/net/packet/af_packet.c |
5520 |
++++ b/net/packet/af_packet.c |
5521 |
+@@ -2307,7 +2307,8 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg) |
5522 |
+ } |
5523 |
+ tp_len = tpacket_fill_skb(po, skb, ph, dev, size_max, proto, |
5524 |
+ addr, hlen); |
5525 |
+- if (tp_len > dev->mtu + dev->hard_header_len) { |
5526 |
++ if (likely(tp_len >= 0) && |
5527 |
++ tp_len > dev->mtu + dev->hard_header_len) { |
5528 |
+ struct ethhdr *ehdr; |
5529 |
+ /* Earlier code assumed this would be a VLAN pkt, |
5530 |
+ * double-check this now that we have the actual |
5531 |
+@@ -2688,7 +2689,7 @@ static int packet_release(struct socket *sock) |
5532 |
+ static int packet_do_bind(struct sock *sk, struct net_device *dev, __be16 proto) |
5533 |
+ { |
5534 |
+ struct packet_sock *po = pkt_sk(sk); |
5535 |
+- const struct net_device *dev_curr; |
5536 |
++ struct net_device *dev_curr; |
5537 |
+ __be16 proto_curr; |
5538 |
+ bool need_rehook; |
5539 |
+ |
5540 |
+@@ -2712,15 +2713,13 @@ static int packet_do_bind(struct sock *sk, struct net_device *dev, __be16 proto) |
5541 |
+ |
5542 |
+ po->num = proto; |
5543 |
+ po->prot_hook.type = proto; |
5544 |
+- |
5545 |
+- if (po->prot_hook.dev) |
5546 |
+- dev_put(po->prot_hook.dev); |
5547 |
+- |
5548 |
+ po->prot_hook.dev = dev; |
5549 |
+ |
5550 |
+ po->ifindex = dev ? dev->ifindex : 0; |
5551 |
+ packet_cached_dev_assign(po, dev); |
5552 |
+ } |
5553 |
++ if (dev_curr) |
5554 |
++ dev_put(dev_curr); |
5555 |
+ |
5556 |
+ if (proto == 0 || !need_rehook) |
5557 |
+ goto out_unlock; |
5558 |
+diff --git a/net/rds/info.c b/net/rds/info.c |
5559 |
+index 9a6b4f66187c..140a44a5f7b7 100644 |
5560 |
+--- a/net/rds/info.c |
5561 |
++++ b/net/rds/info.c |
5562 |
+@@ -176,7 +176,7 @@ int rds_info_getsockopt(struct socket *sock, int optname, char __user *optval, |
5563 |
+ |
5564 |
+ /* check for all kinds of wrapping and the like */ |
5565 |
+ start = (unsigned long)optval; |
5566 |
+- if (len < 0 || len + PAGE_SIZE - 1 < len || start + len < start) { |
5567 |
++ if (len < 0 || len > INT_MAX - PAGE_SIZE + 1 || start + len < start) { |
5568 |
+ ret = -EINVAL; |
5569 |
+ goto out; |
5570 |
+ } |
5571 |
+diff --git a/net/sched/act_api.c b/net/sched/act_api.c |
5572 |
+index 3d43e4979f27..f8d9c2a2c451 100644 |
5573 |
+--- a/net/sched/act_api.c |
5574 |
++++ b/net/sched/act_api.c |
5575 |
+@@ -45,7 +45,7 @@ void tcf_hash_destroy(struct tc_action *a) |
5576 |
+ } |
5577 |
+ EXPORT_SYMBOL(tcf_hash_destroy); |
5578 |
+ |
5579 |
+-int tcf_hash_release(struct tc_action *a, int bind) |
5580 |
++int __tcf_hash_release(struct tc_action *a, bool bind, bool strict) |
5581 |
+ { |
5582 |
+ struct tcf_common *p = a->priv; |
5583 |
+ int ret = 0; |
5584 |
+@@ -53,7 +53,7 @@ int tcf_hash_release(struct tc_action *a, int bind) |
5585 |
+ if (p) { |
5586 |
+ if (bind) |
5587 |
+ p->tcfc_bindcnt--; |
5588 |
+- else if (p->tcfc_bindcnt > 0) |
5589 |
++ else if (strict && p->tcfc_bindcnt > 0) |
5590 |
+ return -EPERM; |
5591 |
+ |
5592 |
+ p->tcfc_refcnt--; |
5593 |
+@@ -64,9 +64,10 @@ int tcf_hash_release(struct tc_action *a, int bind) |
5594 |
+ ret = 1; |
5595 |
+ } |
5596 |
+ } |
5597 |
++ |
5598 |
+ return ret; |
5599 |
+ } |
5600 |
+-EXPORT_SYMBOL(tcf_hash_release); |
5601 |
++EXPORT_SYMBOL(__tcf_hash_release); |
5602 |
+ |
5603 |
+ static int tcf_dump_walker(struct sk_buff *skb, struct netlink_callback *cb, |
5604 |
+ struct tc_action *a) |
5605 |
+@@ -136,7 +137,7 @@ static int tcf_del_walker(struct sk_buff *skb, struct tc_action *a) |
5606 |
+ head = &hinfo->htab[tcf_hash(i, hinfo->hmask)]; |
5607 |
+ hlist_for_each_entry_safe(p, n, head, tcfc_head) { |
5608 |
+ a->priv = p; |
5609 |
+- ret = tcf_hash_release(a, 0); |
5610 |
++ ret = __tcf_hash_release(a, false, true); |
5611 |
+ if (ret == ACT_P_DELETED) { |
5612 |
+ module_put(a->ops->owner); |
5613 |
+ n_i++; |
5614 |
+@@ -413,7 +414,7 @@ int tcf_action_destroy(struct list_head *actions, int bind) |
5615 |
+ int ret = 0; |
5616 |
+ |
5617 |
+ list_for_each_entry_safe(a, tmp, actions, list) { |
5618 |
+- ret = tcf_hash_release(a, bind); |
5619 |
++ ret = __tcf_hash_release(a, bind, true); |
5620 |
+ if (ret == ACT_P_DELETED) |
5621 |
+ module_put(a->ops->owner); |
5622 |
+ else if (ret < 0) |
5623 |
+diff --git a/net/sched/act_bpf.c b/net/sched/act_bpf.c |
5624 |
+index dc6a2d324bd8..521ffca91228 100644 |
5625 |
+--- a/net/sched/act_bpf.c |
5626 |
++++ b/net/sched/act_bpf.c |
5627 |
+@@ -27,9 +27,10 @@ |
5628 |
+ struct tcf_bpf_cfg { |
5629 |
+ struct bpf_prog *filter; |
5630 |
+ struct sock_filter *bpf_ops; |
5631 |
+- char *bpf_name; |
5632 |
++ const char *bpf_name; |
5633 |
+ u32 bpf_fd; |
5634 |
+ u16 bpf_num_ops; |
5635 |
++ bool is_ebpf; |
5636 |
+ }; |
5637 |
+ |
5638 |
+ static int tcf_bpf(struct sk_buff *skb, const struct tc_action *act, |
5639 |
+@@ -200,6 +201,7 @@ static int tcf_bpf_init_from_ops(struct nlattr **tb, struct tcf_bpf_cfg *cfg) |
5640 |
+ cfg->bpf_ops = bpf_ops; |
5641 |
+ cfg->bpf_num_ops = bpf_num_ops; |
5642 |
+ cfg->filter = fp; |
5643 |
++ cfg->is_ebpf = false; |
5644 |
+ |
5645 |
+ return 0; |
5646 |
+ } |
5647 |
+@@ -234,18 +236,40 @@ static int tcf_bpf_init_from_efd(struct nlattr **tb, struct tcf_bpf_cfg *cfg) |
5648 |
+ cfg->bpf_fd = bpf_fd; |
5649 |
+ cfg->bpf_name = name; |
5650 |
+ cfg->filter = fp; |
5651 |
++ cfg->is_ebpf = true; |
5652 |
+ |
5653 |
+ return 0; |
5654 |
+ } |
5655 |
+ |
5656 |
++static void tcf_bpf_cfg_cleanup(const struct tcf_bpf_cfg *cfg) |
5657 |
++{ |
5658 |
++ if (cfg->is_ebpf) |
5659 |
++ bpf_prog_put(cfg->filter); |
5660 |
++ else |
5661 |
++ bpf_prog_destroy(cfg->filter); |
5662 |
++ |
5663 |
++ kfree(cfg->bpf_ops); |
5664 |
++ kfree(cfg->bpf_name); |
5665 |
++} |
5666 |
++ |
5667 |
++static void tcf_bpf_prog_fill_cfg(const struct tcf_bpf *prog, |
5668 |
++ struct tcf_bpf_cfg *cfg) |
5669 |
++{ |
5670 |
++ cfg->is_ebpf = tcf_bpf_is_ebpf(prog); |
5671 |
++ cfg->filter = prog->filter; |
5672 |
++ |
5673 |
++ cfg->bpf_ops = prog->bpf_ops; |
5674 |
++ cfg->bpf_name = prog->bpf_name; |
5675 |
++} |
5676 |
++ |
5677 |
+ static int tcf_bpf_init(struct net *net, struct nlattr *nla, |
5678 |
+ struct nlattr *est, struct tc_action *act, |
5679 |
+ int replace, int bind) |
5680 |
+ { |
5681 |
+ struct nlattr *tb[TCA_ACT_BPF_MAX + 1]; |
5682 |
++ struct tcf_bpf_cfg cfg, old; |
5683 |
+ struct tc_act_bpf *parm; |
5684 |
+ struct tcf_bpf *prog; |
5685 |
+- struct tcf_bpf_cfg cfg; |
5686 |
+ bool is_bpf, is_ebpf; |
5687 |
+ int ret; |
5688 |
+ |
5689 |
+@@ -294,6 +318,9 @@ static int tcf_bpf_init(struct net *net, struct nlattr *nla, |
5690 |
+ prog = to_bpf(act); |
5691 |
+ spin_lock_bh(&prog->tcf_lock); |
5692 |
+ |
5693 |
++ if (ret != ACT_P_CREATED) |
5694 |
++ tcf_bpf_prog_fill_cfg(prog, &old); |
5695 |
++ |
5696 |
+ prog->bpf_ops = cfg.bpf_ops; |
5697 |
+ prog->bpf_name = cfg.bpf_name; |
5698 |
+ |
5699 |
+@@ -309,29 +336,22 @@ static int tcf_bpf_init(struct net *net, struct nlattr *nla, |
5700 |
+ |
5701 |
+ if (ret == ACT_P_CREATED) |
5702 |
+ tcf_hash_insert(act); |
5703 |
++ else |
5704 |
++ tcf_bpf_cfg_cleanup(&old); |
5705 |
+ |
5706 |
+ return ret; |
5707 |
+ |
5708 |
+ destroy_fp: |
5709 |
+- if (is_ebpf) |
5710 |
+- bpf_prog_put(cfg.filter); |
5711 |
+- else |
5712 |
+- bpf_prog_destroy(cfg.filter); |
5713 |
+- |
5714 |
+- kfree(cfg.bpf_ops); |
5715 |
+- kfree(cfg.bpf_name); |
5716 |
+- |
5717 |
++ tcf_bpf_cfg_cleanup(&cfg); |
5718 |
+ return ret; |
5719 |
+ } |
5720 |
+ |
5721 |
+ static void tcf_bpf_cleanup(struct tc_action *act, int bind) |
5722 |
+ { |
5723 |
+- const struct tcf_bpf *prog = act->priv; |
5724 |
++ struct tcf_bpf_cfg tmp; |
5725 |
+ |
5726 |
+- if (tcf_bpf_is_ebpf(prog)) |
5727 |
+- bpf_prog_put(prog->filter); |
5728 |
+- else |
5729 |
+- bpf_prog_destroy(prog->filter); |
5730 |
++ tcf_bpf_prog_fill_cfg(act->priv, &tmp); |
5731 |
++ tcf_bpf_cfg_cleanup(&tmp); |
5732 |
+ } |
5733 |
+ |
5734 |
+ static struct tc_action_ops act_bpf_ops __read_mostly = { |
5735 |
+diff --git a/net/sched/cls_bpf.c b/net/sched/cls_bpf.c |
5736 |
+index 91bd9c19471d..c0b86f2bfe22 100644 |
5737 |
+--- a/net/sched/cls_bpf.c |
5738 |
++++ b/net/sched/cls_bpf.c |
5739 |
+@@ -364,7 +364,7 @@ static int cls_bpf_change(struct net *net, struct sk_buff *in_skb, |
5740 |
+ goto errout; |
5741 |
+ |
5742 |
+ if (oldprog) { |
5743 |
+- list_replace_rcu(&prog->link, &oldprog->link); |
5744 |
++ list_replace_rcu(&oldprog->link, &prog->link); |
5745 |
+ tcf_unbind_filter(tp, &oldprog->res); |
5746 |
+ call_rcu(&oldprog->rcu, __cls_bpf_delete_prog); |
5747 |
+ } else { |
5748 |
+diff --git a/net/sched/cls_flow.c b/net/sched/cls_flow.c |
5749 |
+index a620c4e288a5..75df923f5c03 100644 |
5750 |
+--- a/net/sched/cls_flow.c |
5751 |
++++ b/net/sched/cls_flow.c |
5752 |
+@@ -419,6 +419,8 @@ static int flow_change(struct net *net, struct sk_buff *in_skb, |
5753 |
+ if (!fnew) |
5754 |
+ goto err2; |
5755 |
+ |
5756 |
++ tcf_exts_init(&fnew->exts, TCA_FLOW_ACT, TCA_FLOW_POLICE); |
5757 |
++ |
5758 |
+ fold = (struct flow_filter *)*arg; |
5759 |
+ if (fold) { |
5760 |
+ err = -EINVAL; |
5761 |
+@@ -480,7 +482,6 @@ static int flow_change(struct net *net, struct sk_buff *in_skb, |
5762 |
+ fnew->mask = ~0U; |
5763 |
+ fnew->tp = tp; |
5764 |
+ get_random_bytes(&fnew->hashrnd, 4); |
5765 |
+- tcf_exts_init(&fnew->exts, TCA_FLOW_ACT, TCA_FLOW_POLICE); |
5766 |
+ } |
5767 |
+ |
5768 |
+ fnew->perturb_timer.function = flow_perturbation; |
5769 |
+@@ -520,7 +521,7 @@ static int flow_change(struct net *net, struct sk_buff *in_skb, |
5770 |
+ if (*arg == 0) |
5771 |
+ list_add_tail_rcu(&fnew->list, &head->filters); |
5772 |
+ else |
5773 |
+- list_replace_rcu(&fnew->list, &fold->list); |
5774 |
++ list_replace_rcu(&fold->list, &fnew->list); |
5775 |
+ |
5776 |
+ *arg = (unsigned long)fnew; |
5777 |
+ |
5778 |
+diff --git a/net/sched/sch_fq_codel.c b/net/sched/sch_fq_codel.c |
5779 |
+index c244c45b78d7..9291598b5aad 100644 |
5780 |
+--- a/net/sched/sch_fq_codel.c |
5781 |
++++ b/net/sched/sch_fq_codel.c |
5782 |
+@@ -162,10 +162,10 @@ static unsigned int fq_codel_drop(struct Qdisc *sch) |
5783 |
+ skb = dequeue_head(flow); |
5784 |
+ len = qdisc_pkt_len(skb); |
5785 |
+ q->backlogs[idx] -= len; |
5786 |
+- kfree_skb(skb); |
5787 |
+ sch->q.qlen--; |
5788 |
+ qdisc_qstats_drop(sch); |
5789 |
+ qdisc_qstats_backlog_dec(sch, skb); |
5790 |
++ kfree_skb(skb); |
5791 |
+ flow->dropped++; |
5792 |
+ return idx; |
5793 |
+ } |
5794 |
+diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c |
5795 |
+index 1d4fe24af06a..d109d308ec3a 100644 |
5796 |
+--- a/net/sunrpc/xprt.c |
5797 |
++++ b/net/sunrpc/xprt.c |
5798 |
+@@ -611,6 +611,7 @@ static void xprt_autoclose(struct work_struct *work) |
5799 |
+ xprt->ops->close(xprt); |
5800 |
+ clear_bit(XPRT_CLOSE_WAIT, &xprt->state); |
5801 |
+ xprt_release_write(xprt, NULL); |
5802 |
++ wake_up_bit(&xprt->state, XPRT_LOCKED); |
5803 |
+ } |
5804 |
+ |
5805 |
+ /** |
5806 |
+@@ -720,6 +721,7 @@ void xprt_unlock_connect(struct rpc_xprt *xprt, void *cookie) |
5807 |
+ xprt->ops->release_xprt(xprt, NULL); |
5808 |
+ out: |
5809 |
+ spin_unlock_bh(&xprt->transport_lock); |
5810 |
++ wake_up_bit(&xprt->state, XPRT_LOCKED); |
5811 |
+ } |
5812 |
+ |
5813 |
+ /** |
5814 |
+@@ -1389,6 +1391,10 @@ out: |
5815 |
+ static void xprt_destroy(struct rpc_xprt *xprt) |
5816 |
+ { |
5817 |
+ dprintk("RPC: destroying transport %p\n", xprt); |
5818 |
++ |
5819 |
++ /* Exclude transport connect/disconnect handlers */ |
5820 |
++ wait_on_bit_lock(&xprt->state, XPRT_LOCKED, TASK_UNINTERRUPTIBLE); |
5821 |
++ |
5822 |
+ del_timer_sync(&xprt->timer); |
5823 |
+ |
5824 |
+ rpc_xprt_debugfs_unregister(xprt); |
5825 |
+diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c |
5826 |
+index 66891e32c5e3..5e3ad598d3f5 100644 |
5827 |
+--- a/net/sunrpc/xprtsock.c |
5828 |
++++ b/net/sunrpc/xprtsock.c |
5829 |
+@@ -834,6 +834,7 @@ static void xs_reset_transport(struct sock_xprt *transport) |
5830 |
+ sk->sk_user_data = NULL; |
5831 |
+ |
5832 |
+ xs_restore_old_callbacks(transport, sk); |
5833 |
++ xprt_clear_connected(xprt); |
5834 |
+ write_unlock_bh(&sk->sk_callback_lock); |
5835 |
+ xs_sock_reset_connection_flags(xprt); |
5836 |
+ |
5837 |
+@@ -1433,6 +1434,7 @@ out: |
5838 |
+ static void xs_tcp_state_change(struct sock *sk) |
5839 |
+ { |
5840 |
+ struct rpc_xprt *xprt; |
5841 |
++ struct sock_xprt *transport; |
5842 |
+ |
5843 |
+ read_lock_bh(&sk->sk_callback_lock); |
5844 |
+ if (!(xprt = xprt_from_sock(sk))) |
5845 |
+@@ -1444,13 +1446,12 @@ static void xs_tcp_state_change(struct sock *sk) |
5846 |
+ sock_flag(sk, SOCK_ZAPPED), |
5847 |
+ sk->sk_shutdown); |
5848 |
+ |
5849 |
++ transport = container_of(xprt, struct sock_xprt, xprt); |
5850 |
+ trace_rpc_socket_state_change(xprt, sk->sk_socket); |
5851 |
+ switch (sk->sk_state) { |
5852 |
+ case TCP_ESTABLISHED: |
5853 |
+ spin_lock(&xprt->transport_lock); |
5854 |
+ if (!xprt_test_and_set_connected(xprt)) { |
5855 |
+- struct sock_xprt *transport = container_of(xprt, |
5856 |
+- struct sock_xprt, xprt); |
5857 |
+ |
5858 |
+ /* Reset TCP record info */ |
5859 |
+ transport->tcp_offset = 0; |
5860 |
+@@ -1459,6 +1460,8 @@ static void xs_tcp_state_change(struct sock *sk) |
5861 |
+ transport->tcp_flags = |
5862 |
+ TCP_RCV_COPY_FRAGHDR | TCP_RCV_COPY_XID; |
5863 |
+ xprt->connect_cookie++; |
5864 |
++ clear_bit(XPRT_SOCK_CONNECTING, &transport->sock_state); |
5865 |
++ xprt_clear_connecting(xprt); |
5866 |
+ |
5867 |
+ xprt_wake_pending_tasks(xprt, -EAGAIN); |
5868 |
+ } |
5869 |
+@@ -1494,6 +1497,9 @@ static void xs_tcp_state_change(struct sock *sk) |
5870 |
+ smp_mb__after_atomic(); |
5871 |
+ break; |
5872 |
+ case TCP_CLOSE: |
5873 |
++ if (test_and_clear_bit(XPRT_SOCK_CONNECTING, |
5874 |
++ &transport->sock_state)) |
5875 |
++ xprt_clear_connecting(xprt); |
5876 |
+ xs_sock_mark_closed(xprt); |
5877 |
+ } |
5878 |
+ out: |
5879 |
+@@ -2110,6 +2116,7 @@ static int xs_tcp_finish_connecting(struct rpc_xprt *xprt, struct socket *sock) |
5880 |
+ /* Tell the socket layer to start connecting... */ |
5881 |
+ xprt->stat.connect_count++; |
5882 |
+ xprt->stat.connect_start = jiffies; |
5883 |
++ set_bit(XPRT_SOCK_CONNECTING, &transport->sock_state); |
5884 |
+ ret = kernel_connect(sock, xs_addr(xprt), xprt->addrlen, O_NONBLOCK); |
5885 |
+ switch (ret) { |
5886 |
+ case 0: |
5887 |
+@@ -2174,7 +2181,6 @@ static void xs_tcp_setup_socket(struct work_struct *work) |
5888 |
+ case -EINPROGRESS: |
5889 |
+ case -EALREADY: |
5890 |
+ xprt_unlock_connect(xprt, transport); |
5891 |
+- xprt_clear_connecting(xprt); |
5892 |
+ return; |
5893 |
+ case -EINVAL: |
5894 |
+ /* Happens, for instance, if the user specified a link |
5895 |
+@@ -2216,13 +2222,14 @@ static void xs_connect(struct rpc_xprt *xprt, struct rpc_task *task) |
5896 |
+ |
5897 |
+ WARN_ON_ONCE(!xprt_lock_connect(xprt, task, transport)); |
5898 |
+ |
5899 |
+- /* Start by resetting any existing state */ |
5900 |
+- xs_reset_transport(transport); |
5901 |
+- |
5902 |
+- if (transport->sock != NULL && !RPC_IS_SOFTCONN(task)) { |
5903 |
++ if (transport->sock != NULL) { |
5904 |
+ dprintk("RPC: xs_connect delayed xprt %p for %lu " |
5905 |
+ "seconds\n", |
5906 |
+ xprt, xprt->reestablish_timeout / HZ); |
5907 |
++ |
5908 |
++ /* Start by resetting any existing state */ |
5909 |
++ xs_reset_transport(transport); |
5910 |
++ |
5911 |
+ queue_delayed_work(rpciod_workqueue, |
5912 |
+ &transport->connect_worker, |
5913 |
+ xprt->reestablish_timeout); |
5914 |
+diff --git a/net/tipc/socket.c b/net/tipc/socket.c |
5915 |
+index f485600c4507..20cc6df07157 100644 |
5916 |
+--- a/net/tipc/socket.c |
5917 |
++++ b/net/tipc/socket.c |
5918 |
+@@ -2009,6 +2009,7 @@ static int tipc_accept(struct socket *sock, struct socket *new_sock, int flags) |
5919 |
+ res = tipc_sk_create(sock_net(sock->sk), new_sock, 0, 1); |
5920 |
+ if (res) |
5921 |
+ goto exit; |
5922 |
++ security_sk_clone(sock->sk, new_sock->sk); |
5923 |
+ |
5924 |
+ new_sk = new_sock->sk; |
5925 |
+ new_tsock = tipc_sk(new_sk); |
5926 |
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
5927 |
+index 91f6928560e1..6fe862594e9b 100644 |
5928 |
+--- a/sound/pci/hda/patch_realtek.c |
5929 |
++++ b/sound/pci/hda/patch_realtek.c |
5930 |
+@@ -1134,7 +1134,7 @@ static const struct hda_fixup alc880_fixups[] = { |
5931 |
+ /* override all pins as BIOS on old Amilo is broken */ |
5932 |
+ .type = HDA_FIXUP_PINS, |
5933 |
+ .v.pins = (const struct hda_pintbl[]) { |
5934 |
+- { 0x14, 0x0121411f }, /* HP */ |
5935 |
++ { 0x14, 0x0121401f }, /* HP */ |
5936 |
+ { 0x15, 0x99030120 }, /* speaker */ |
5937 |
+ { 0x16, 0x99030130 }, /* bass speaker */ |
5938 |
+ { 0x17, 0x411111f0 }, /* N/A */ |
5939 |
+@@ -1154,7 +1154,7 @@ static const struct hda_fixup alc880_fixups[] = { |
5940 |
+ /* almost compatible with FUJITSU, but no bass and SPDIF */ |
5941 |
+ .type = HDA_FIXUP_PINS, |
5942 |
+ .v.pins = (const struct hda_pintbl[]) { |
5943 |
+- { 0x14, 0x0121411f }, /* HP */ |
5944 |
++ { 0x14, 0x0121401f }, /* HP */ |
5945 |
+ { 0x15, 0x99030120 }, /* speaker */ |
5946 |
+ { 0x16, 0x411111f0 }, /* N/A */ |
5947 |
+ { 0x17, 0x411111f0 }, /* N/A */ |
5948 |
+@@ -1363,7 +1363,7 @@ static const struct snd_pci_quirk alc880_fixup_tbl[] = { |
5949 |
+ SND_PCI_QUIRK(0x161f, 0x203d, "W810", ALC880_FIXUP_W810), |
5950 |
+ SND_PCI_QUIRK(0x161f, 0x205d, "Medion Rim 2150", ALC880_FIXUP_MEDION_RIM), |
5951 |
+ SND_PCI_QUIRK(0x1631, 0xe011, "PB 13201056", ALC880_FIXUP_6ST_AUTOMUTE), |
5952 |
+- SND_PCI_QUIRK(0x1734, 0x107c, "FSC F1734", ALC880_FIXUP_F1734), |
5953 |
++ SND_PCI_QUIRK(0x1734, 0x107c, "FSC Amilo M1437", ALC880_FIXUP_FUJITSU), |
5954 |
+ SND_PCI_QUIRK(0x1734, 0x1094, "FSC Amilo M1451G", ALC880_FIXUP_FUJITSU), |
5955 |
+ SND_PCI_QUIRK(0x1734, 0x10ac, "FSC AMILO Xi 1526", ALC880_FIXUP_F1734), |
5956 |
+ SND_PCI_QUIRK(0x1734, 0x10b0, "FSC Amilo Pi1556", ALC880_FIXUP_FUJITSU), |
5957 |
+@@ -5118,8 +5118,11 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { |
5958 |
+ SND_PCI_QUIRK(0x1028, 0x06c7, "Dell", ALC255_FIXUP_DELL1_MIC_NO_PRESENCE), |
5959 |
+ SND_PCI_QUIRK(0x1028, 0x06d9, "Dell", ALC293_FIXUP_DELL1_MIC_NO_PRESENCE), |
5960 |
+ SND_PCI_QUIRK(0x1028, 0x06da, "Dell", ALC293_FIXUP_DELL1_MIC_NO_PRESENCE), |
5961 |
+- SND_PCI_QUIRK(0x1028, 0x06de, "Dell", ALC292_FIXUP_DISABLE_AAMIX), |
5962 |
+ SND_PCI_QUIRK(0x1028, 0x06db, "Dell", ALC292_FIXUP_DISABLE_AAMIX), |
5963 |
++ SND_PCI_QUIRK(0x1028, 0x06dd, "Dell", ALC292_FIXUP_DISABLE_AAMIX), |
5964 |
++ SND_PCI_QUIRK(0x1028, 0x06de, "Dell", ALC292_FIXUP_DISABLE_AAMIX), |
5965 |
++ SND_PCI_QUIRK(0x1028, 0x06df, "Dell", ALC292_FIXUP_DISABLE_AAMIX), |
5966 |
++ SND_PCI_QUIRK(0x1028, 0x06e0, "Dell", ALC292_FIXUP_DISABLE_AAMIX), |
5967 |
+ SND_PCI_QUIRK(0x1028, 0x164a, "Dell", ALC293_FIXUP_DELL1_MIC_NO_PRESENCE), |
5968 |
+ SND_PCI_QUIRK(0x1028, 0x164b, "Dell", ALC293_FIXUP_DELL1_MIC_NO_PRESENCE), |
5969 |
+ SND_PCI_QUIRK(0x103c, 0x1586, "HP", ALC269_FIXUP_HP_MUTE_LED_MIC2), |
5970 |
+@@ -6454,6 +6457,7 @@ static const struct snd_pci_quirk alc662_fixup_tbl[] = { |
5971 |
+ SND_PCI_QUIRK(0x1028, 0x05db, "Dell", ALC668_FIXUP_DELL_MIC_NO_PRESENCE), |
5972 |
+ SND_PCI_QUIRK(0x1028, 0x05fe, "Dell XPS 15", ALC668_FIXUP_DELL_XPS13), |
5973 |
+ SND_PCI_QUIRK(0x1028, 0x060a, "Dell XPS 13", ALC668_FIXUP_DELL_XPS13), |
5974 |
++ SND_PCI_QUIRK(0x1028, 0x060d, "Dell M3800", ALC668_FIXUP_DELL_XPS13), |
5975 |
+ SND_PCI_QUIRK(0x1028, 0x0625, "Dell", ALC668_FIXUP_DELL_MIC_NO_PRESENCE), |
5976 |
+ SND_PCI_QUIRK(0x1028, 0x0626, "Dell", ALC668_FIXUP_DELL_MIC_NO_PRESENCE), |
5977 |
+ SND_PCI_QUIRK(0x1028, 0x0696, "Dell", ALC668_FIXUP_DELL_MIC_NO_PRESENCE), |
5978 |
+diff --git a/sound/usb/mixer.c b/sound/usb/mixer.c |
5979 |
+index 8b7e391dd0b8..cd8ed2e393a2 100644 |
5980 |
+--- a/sound/usb/mixer.c |
5981 |
++++ b/sound/usb/mixer.c |
5982 |
+@@ -2522,7 +2522,7 @@ static int restore_mixer_value(struct usb_mixer_elem_list *list) |
5983 |
+ for (c = 0; c < MAX_CHANNELS; c++) { |
5984 |
+ if (!(cval->cmask & (1 << c))) |
5985 |
+ continue; |
5986 |
+- if (cval->cached & (1 << c)) { |
5987 |
++ if (cval->cached & (1 << (c + 1))) { |
5988 |
+ err = snd_usb_set_cur_mix_value(cval, c + 1, idx, |
5989 |
+ cval->cache_val[idx]); |
5990 |
+ if (err < 0) |