1 |
commit: 3fcf680a3582b9ec58290902948953cd55bbc916 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Oct 30 18:38:35 2015 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Oct 30 18:38:35 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=3fcf680a |
7 |
|
8 |
Linux patch 3.18.23 |
9 |
|
10 |
0000_README | 4 + |
11 |
1022_linux-3.18.23.patch | 10069 +++++++++++++++++++++++++++++++++++++++++++++ |
12 |
2 files changed, 10073 insertions(+) |
13 |
|
14 |
diff --git a/0000_README b/0000_README |
15 |
index 7e934be..84e11a6 100644 |
16 |
--- a/0000_README |
17 |
+++ b/0000_README |
18 |
@@ -131,6 +131,10 @@ Patch: 1021_linux-3.18.22.patch |
19 |
From: http://www.kernel.org |
20 |
Desc: Linux 3.18.22 |
21 |
|
22 |
+Patch: 1022_linux-3.18.23.patch |
23 |
+From: http://www.kernel.org |
24 |
+Desc: Linux 3.18.23 |
25 |
+ |
26 |
Patch: 1500_XATTR_USER_PREFIX.patch |
27 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
28 |
Desc: Support for namespace user.pax.* on tmpfs. |
29 |
|
30 |
diff --git a/1022_linux-3.18.23.patch b/1022_linux-3.18.23.patch |
31 |
new file mode 100644 |
32 |
index 0000000..2acbfc9 |
33 |
--- /dev/null |
34 |
+++ b/1022_linux-3.18.23.patch |
35 |
@@ -0,0 +1,10069 @@ |
36 |
+diff --git a/Documentation/ABI/testing/configfs-usb-gadget-loopback b/Documentation/ABI/testing/configfs-usb-gadget-loopback |
37 |
+index 9aae5bfb9908..06beefbcf061 100644 |
38 |
+--- a/Documentation/ABI/testing/configfs-usb-gadget-loopback |
39 |
++++ b/Documentation/ABI/testing/configfs-usb-gadget-loopback |
40 |
+@@ -5,4 +5,4 @@ Description: |
41 |
+ The attributes: |
42 |
+ |
43 |
+ qlen - depth of loopback queue |
44 |
+- bulk_buflen - buffer length |
45 |
++ buflen - buffer length |
46 |
+diff --git a/Documentation/ABI/testing/configfs-usb-gadget-sourcesink b/Documentation/ABI/testing/configfs-usb-gadget-sourcesink |
47 |
+index 29477c319f61..bc7ff731aa0c 100644 |
48 |
+--- a/Documentation/ABI/testing/configfs-usb-gadget-sourcesink |
49 |
++++ b/Documentation/ABI/testing/configfs-usb-gadget-sourcesink |
50 |
+@@ -9,4 +9,4 @@ Description: |
51 |
+ isoc_maxpacket - 0 - 1023 (fs), 0 - 1024 (hs/ss) |
52 |
+ isoc_mult - 0..2 (hs/ss only) |
53 |
+ isoc_maxburst - 0..15 (ss only) |
54 |
+- qlen - buffer length |
55 |
++ buflen - buffer length |
56 |
+diff --git a/Documentation/HOWTO b/Documentation/HOWTO |
57 |
+index 93aa8604630e..21152d397b88 100644 |
58 |
+--- a/Documentation/HOWTO |
59 |
++++ b/Documentation/HOWTO |
60 |
+@@ -218,16 +218,16 @@ The development process |
61 |
+ Linux kernel development process currently consists of a few different |
62 |
+ main kernel "branches" and lots of different subsystem-specific kernel |
63 |
+ branches. These different branches are: |
64 |
+- - main 3.x kernel tree |
65 |
+- - 3.x.y -stable kernel tree |
66 |
+- - 3.x -git kernel patches |
67 |
++ - main 4.x kernel tree |
68 |
++ - 4.x.y -stable kernel tree |
69 |
++ - 4.x -git kernel patches |
70 |
+ - subsystem specific kernel trees and patches |
71 |
+- - the 3.x -next kernel tree for integration tests |
72 |
++ - the 4.x -next kernel tree for integration tests |
73 |
+ |
74 |
+-3.x kernel tree |
75 |
++4.x kernel tree |
76 |
+ ----------------- |
77 |
+-3.x kernels are maintained by Linus Torvalds, and can be found on |
78 |
+-kernel.org in the pub/linux/kernel/v3.x/ directory. Its development |
79 |
++4.x kernels are maintained by Linus Torvalds, and can be found on |
80 |
++kernel.org in the pub/linux/kernel/v4.x/ directory. Its development |
81 |
+ process is as follows: |
82 |
+ - As soon as a new kernel is released a two weeks window is open, |
83 |
+ during this period of time maintainers can submit big diffs to |
84 |
+@@ -262,20 +262,20 @@ mailing list about kernel releases: |
85 |
+ released according to perceived bug status, not according to a |
86 |
+ preconceived timeline." |
87 |
+ |
88 |
+-3.x.y -stable kernel tree |
89 |
++4.x.y -stable kernel tree |
90 |
+ --------------------------- |
91 |
+ Kernels with 3-part versions are -stable kernels. They contain |
92 |
+ relatively small and critical fixes for security problems or significant |
93 |
+-regressions discovered in a given 3.x kernel. |
94 |
++regressions discovered in a given 4.x kernel. |
95 |
+ |
96 |
+ This is the recommended branch for users who want the most recent stable |
97 |
+ kernel and are not interested in helping test development/experimental |
98 |
+ versions. |
99 |
+ |
100 |
+-If no 3.x.y kernel is available, then the highest numbered 3.x |
101 |
++If no 4.x.y kernel is available, then the highest numbered 4.x |
102 |
+ kernel is the current stable kernel. |
103 |
+ |
104 |
+-3.x.y are maintained by the "stable" team <stable@×××××××××××.org>, and |
105 |
++4.x.y are maintained by the "stable" team <stable@×××××××××××.org>, and |
106 |
+ are released as needs dictate. The normal release period is approximately |
107 |
+ two weeks, but it can be longer if there are no pressing problems. A |
108 |
+ security-related problem, instead, can cause a release to happen almost |
109 |
+@@ -285,7 +285,7 @@ The file Documentation/stable_kernel_rules.txt in the kernel tree |
110 |
+ documents what kinds of changes are acceptable for the -stable tree, and |
111 |
+ how the release process works. |
112 |
+ |
113 |
+-3.x -git patches |
114 |
++4.x -git patches |
115 |
+ ------------------ |
116 |
+ These are daily snapshots of Linus' kernel tree which are managed in a |
117 |
+ git repository (hence the name.) These patches are usually released |
118 |
+@@ -317,9 +317,9 @@ revisions to it, and maintainers can mark patches as under review, |
119 |
+ accepted, or rejected. Most of these patchwork sites are listed at |
120 |
+ http://patchwork.kernel.org/. |
121 |
+ |
122 |
+-3.x -next kernel tree for integration tests |
123 |
++4.x -next kernel tree for integration tests |
124 |
+ --------------------------------------------- |
125 |
+-Before updates from subsystem trees are merged into the mainline 3.x |
126 |
++Before updates from subsystem trees are merged into the mainline 4.x |
127 |
+ tree, they need to be integration-tested. For this purpose, a special |
128 |
+ testing repository exists into which virtually all subsystem trees are |
129 |
+ pulled on an almost daily basis: |
130 |
+diff --git a/Documentation/devicetree/bindings/net/ethernet.txt b/Documentation/devicetree/bindings/net/ethernet.txt |
131 |
+index 3fc360523bc9..cb115a3b7e00 100644 |
132 |
+--- a/Documentation/devicetree/bindings/net/ethernet.txt |
133 |
++++ b/Documentation/devicetree/bindings/net/ethernet.txt |
134 |
+@@ -19,7 +19,11 @@ The following properties are common to the Ethernet controllers: |
135 |
+ - phy: the same as "phy-handle" property, not recommended for new bindings. |
136 |
+ - phy-device: the same as "phy-handle" property, not recommended for new |
137 |
+ bindings. |
138 |
++- managed: string, specifies the PHY management type. Supported values are: |
139 |
++ "auto", "in-band-status". "auto" is the default, it usess MDIO for |
140 |
++ management if fixed-link is not specified. |
141 |
+ |
142 |
+ Child nodes of the Ethernet controller are typically the individual PHY devices |
143 |
+ connected via the MDIO bus (sometimes the MDIO bus controller is separate). |
144 |
+ They are described in the phy.txt file in this same directory. |
145 |
++For non-MDIO PHY management see fixed-link.txt. |
146 |
+diff --git a/Makefile b/Makefile |
147 |
+index 7adbbbeeb421..2ebc49903d33 100644 |
148 |
+--- a/Makefile |
149 |
++++ b/Makefile |
150 |
+@@ -1,6 +1,6 @@ |
151 |
+ VERSION = 3 |
152 |
+ PATCHLEVEL = 18 |
153 |
+-SUBLEVEL = 22 |
154 |
++SUBLEVEL = 23 |
155 |
+ EXTRAVERSION = |
156 |
+ NAME = Diseased Newt |
157 |
+ |
158 |
+diff --git a/arch/arm/Makefile b/arch/arm/Makefile |
159 |
+index 034a94904d69..b5d79884b2af 100644 |
160 |
+--- a/arch/arm/Makefile |
161 |
++++ b/arch/arm/Makefile |
162 |
+@@ -50,6 +50,14 @@ AS += -EL |
163 |
+ LD += -EL |
164 |
+ endif |
165 |
+ |
166 |
++# |
167 |
++# The Scalar Replacement of Aggregates (SRA) optimization pass in GCC 4.9 and |
168 |
++# later may result in code being generated that handles signed short and signed |
169 |
++# char struct members incorrectly. So disable it. |
170 |
++# (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65932) |
171 |
++# |
172 |
++KBUILD_CFLAGS += $(call cc-option,-fno-ipa-sra) |
173 |
++ |
174 |
+ # This selects which instruction set is used. |
175 |
+ # Note that GCC does not numerically define an architecture version |
176 |
+ # macro, but instead defines a whole series of macros which makes |
177 |
+diff --git a/arch/arm/boot/dts/imx25-pdk.dts b/arch/arm/boot/dts/imx25-pdk.dts |
178 |
+index 9c21b1583762..300507fc722f 100644 |
179 |
+--- a/arch/arm/boot/dts/imx25-pdk.dts |
180 |
++++ b/arch/arm/boot/dts/imx25-pdk.dts |
181 |
+@@ -10,6 +10,7 @@ |
182 |
+ */ |
183 |
+ |
184 |
+ /dts-v1/; |
185 |
++#include <dt-bindings/gpio/gpio.h> |
186 |
+ #include <dt-bindings/input/input.h> |
187 |
+ #include "imx25.dtsi" |
188 |
+ |
189 |
+@@ -93,8 +94,8 @@ |
190 |
+ &esdhc1 { |
191 |
+ pinctrl-names = "default"; |
192 |
+ pinctrl-0 = <&pinctrl_esdhc1>; |
193 |
+- cd-gpios = <&gpio2 1 0>; |
194 |
+- wp-gpios = <&gpio2 0 0>; |
195 |
++ cd-gpios = <&gpio2 1 GPIO_ACTIVE_LOW>; |
196 |
++ wp-gpios = <&gpio2 0 GPIO_ACTIVE_HIGH>; |
197 |
+ status = "okay"; |
198 |
+ }; |
199 |
+ |
200 |
+diff --git a/arch/arm/boot/dts/imx51-apf51dev.dts b/arch/arm/boot/dts/imx51-apf51dev.dts |
201 |
+index c5a9a24c280a..cdd72e0eb4d4 100644 |
202 |
+--- a/arch/arm/boot/dts/imx51-apf51dev.dts |
203 |
++++ b/arch/arm/boot/dts/imx51-apf51dev.dts |
204 |
+@@ -90,7 +90,7 @@ |
205 |
+ &esdhc1 { |
206 |
+ pinctrl-names = "default"; |
207 |
+ pinctrl-0 = <&pinctrl_esdhc1>; |
208 |
+- cd-gpios = <&gpio2 29 GPIO_ACTIVE_HIGH>; |
209 |
++ cd-gpios = <&gpio2 29 GPIO_ACTIVE_LOW>; |
210 |
+ bus-width = <4>; |
211 |
+ status = "okay"; |
212 |
+ }; |
213 |
+diff --git a/arch/arm/boot/dts/imx53-ard.dts b/arch/arm/boot/dts/imx53-ard.dts |
214 |
+index e9337ad52f59..3bc18835fb4b 100644 |
215 |
+--- a/arch/arm/boot/dts/imx53-ard.dts |
216 |
++++ b/arch/arm/boot/dts/imx53-ard.dts |
217 |
+@@ -103,8 +103,8 @@ |
218 |
+ &esdhc1 { |
219 |
+ pinctrl-names = "default"; |
220 |
+ pinctrl-0 = <&pinctrl_esdhc1>; |
221 |
+- cd-gpios = <&gpio1 1 0>; |
222 |
+- wp-gpios = <&gpio1 9 0>; |
223 |
++ cd-gpios = <&gpio1 1 GPIO_ACTIVE_LOW>; |
224 |
++ wp-gpios = <&gpio1 9 GPIO_ACTIVE_HIGH>; |
225 |
+ status = "okay"; |
226 |
+ }; |
227 |
+ |
228 |
+diff --git a/arch/arm/boot/dts/imx53-m53evk.dts b/arch/arm/boot/dts/imx53-m53evk.dts |
229 |
+index d0e0f57eb432..53f40885c530 100644 |
230 |
+--- a/arch/arm/boot/dts/imx53-m53evk.dts |
231 |
++++ b/arch/arm/boot/dts/imx53-m53evk.dts |
232 |
+@@ -124,8 +124,8 @@ |
233 |
+ &esdhc1 { |
234 |
+ pinctrl-names = "default"; |
235 |
+ pinctrl-0 = <&pinctrl_esdhc1>; |
236 |
+- cd-gpios = <&gpio1 1 0>; |
237 |
+- wp-gpios = <&gpio1 9 0>; |
238 |
++ cd-gpios = <&gpio1 1 GPIO_ACTIVE_LOW>; |
239 |
++ wp-gpios = <&gpio1 9 GPIO_ACTIVE_HIGH>; |
240 |
+ status = "okay"; |
241 |
+ }; |
242 |
+ |
243 |
+diff --git a/arch/arm/boot/dts/imx53-qsb-common.dtsi b/arch/arm/boot/dts/imx53-qsb-common.dtsi |
244 |
+index 181ae5ebf23f..1f55187ed9ce 100644 |
245 |
+--- a/arch/arm/boot/dts/imx53-qsb-common.dtsi |
246 |
++++ b/arch/arm/boot/dts/imx53-qsb-common.dtsi |
247 |
+@@ -147,8 +147,8 @@ |
248 |
+ &esdhc3 { |
249 |
+ pinctrl-names = "default"; |
250 |
+ pinctrl-0 = <&pinctrl_esdhc3>; |
251 |
+- cd-gpios = <&gpio3 11 0>; |
252 |
+- wp-gpios = <&gpio3 12 0>; |
253 |
++ cd-gpios = <&gpio3 11 GPIO_ACTIVE_LOW>; |
254 |
++ wp-gpios = <&gpio3 12 GPIO_ACTIVE_HIGH>; |
255 |
+ bus-width = <8>; |
256 |
+ status = "okay"; |
257 |
+ }; |
258 |
+diff --git a/arch/arm/boot/dts/imx53-smd.dts b/arch/arm/boot/dts/imx53-smd.dts |
259 |
+index 1d325576bcc0..fc89ce1e5763 100644 |
260 |
+--- a/arch/arm/boot/dts/imx53-smd.dts |
261 |
++++ b/arch/arm/boot/dts/imx53-smd.dts |
262 |
+@@ -41,8 +41,8 @@ |
263 |
+ &esdhc1 { |
264 |
+ pinctrl-names = "default"; |
265 |
+ pinctrl-0 = <&pinctrl_esdhc1>; |
266 |
+- cd-gpios = <&gpio3 13 0>; |
267 |
+- wp-gpios = <&gpio4 11 0>; |
268 |
++ cd-gpios = <&gpio3 13 GPIO_ACTIVE_LOW>; |
269 |
++ wp-gpios = <&gpio4 11 GPIO_ACTIVE_HIGH>; |
270 |
+ status = "okay"; |
271 |
+ }; |
272 |
+ |
273 |
+diff --git a/arch/arm/boot/dts/imx53-tqma53.dtsi b/arch/arm/boot/dts/imx53-tqma53.dtsi |
274 |
+index 4f1f0e2868bf..e03373a58760 100644 |
275 |
+--- a/arch/arm/boot/dts/imx53-tqma53.dtsi |
276 |
++++ b/arch/arm/boot/dts/imx53-tqma53.dtsi |
277 |
+@@ -41,8 +41,8 @@ |
278 |
+ pinctrl-0 = <&pinctrl_esdhc2>, |
279 |
+ <&pinctrl_esdhc2_cdwp>; |
280 |
+ vmmc-supply = <®_3p3v>; |
281 |
+- wp-gpios = <&gpio1 2 0>; |
282 |
+- cd-gpios = <&gpio1 4 0>; |
283 |
++ wp-gpios = <&gpio1 2 GPIO_ACTIVE_HIGH>; |
284 |
++ cd-gpios = <&gpio1 4 GPIO_ACTIVE_LOW>; |
285 |
+ status = "disabled"; |
286 |
+ }; |
287 |
+ |
288 |
+diff --git a/arch/arm/boot/dts/imx53-tx53.dtsi b/arch/arm/boot/dts/imx53-tx53.dtsi |
289 |
+index 704bd72cbfec..d3e50b22064f 100644 |
290 |
+--- a/arch/arm/boot/dts/imx53-tx53.dtsi |
291 |
++++ b/arch/arm/boot/dts/imx53-tx53.dtsi |
292 |
+@@ -183,7 +183,7 @@ |
293 |
+ }; |
294 |
+ |
295 |
+ &esdhc1 { |
296 |
+- cd-gpios = <&gpio3 24 GPIO_ACTIVE_HIGH>; |
297 |
++ cd-gpios = <&gpio3 24 GPIO_ACTIVE_LOW>; |
298 |
+ fsl,wp-controller; |
299 |
+ pinctrl-names = "default"; |
300 |
+ pinctrl-0 = <&pinctrl_esdhc1>; |
301 |
+@@ -191,7 +191,7 @@ |
302 |
+ }; |
303 |
+ |
304 |
+ &esdhc2 { |
305 |
+- cd-gpios = <&gpio3 25 GPIO_ACTIVE_HIGH>; |
306 |
++ cd-gpios = <&gpio3 25 GPIO_ACTIVE_LOW>; |
307 |
+ fsl,wp-controller; |
308 |
+ pinctrl-names = "default"; |
309 |
+ pinctrl-0 = <&pinctrl_esdhc2>; |
310 |
+diff --git a/arch/arm/boot/dts/imx53-voipac-bsb.dts b/arch/arm/boot/dts/imx53-voipac-bsb.dts |
311 |
+index c17d3ad6dba5..fc51b87ad208 100644 |
312 |
+--- a/arch/arm/boot/dts/imx53-voipac-bsb.dts |
313 |
++++ b/arch/arm/boot/dts/imx53-voipac-bsb.dts |
314 |
+@@ -119,8 +119,8 @@ |
315 |
+ &esdhc2 { |
316 |
+ pinctrl-names = "default"; |
317 |
+ pinctrl-0 = <&pinctrl_esdhc2>; |
318 |
+- cd-gpios = <&gpio3 25 0>; |
319 |
+- wp-gpios = <&gpio2 19 0>; |
320 |
++ cd-gpios = <&gpio3 25 GPIO_ACTIVE_LOW>; |
321 |
++ wp-gpios = <&gpio2 19 GPIO_ACTIVE_HIGH>; |
322 |
+ vmmc-supply = <®_3p3v>; |
323 |
+ status = "okay"; |
324 |
+ }; |
325 |
+diff --git a/arch/arm/boot/dts/imx6qdl-rex.dtsi b/arch/arm/boot/dts/imx6qdl-rex.dtsi |
326 |
+index df7bcf86c156..4b5e8c87e53f 100644 |
327 |
+--- a/arch/arm/boot/dts/imx6qdl-rex.dtsi |
328 |
++++ b/arch/arm/boot/dts/imx6qdl-rex.dtsi |
329 |
+@@ -35,7 +35,6 @@ |
330 |
+ compatible = "regulator-fixed"; |
331 |
+ reg = <1>; |
332 |
+ pinctrl-names = "default"; |
333 |
+- pinctrl-0 = <&pinctrl_usbh1>; |
334 |
+ regulator-name = "usbh1_vbus"; |
335 |
+ regulator-min-microvolt = <5000000>; |
336 |
+ regulator-max-microvolt = <5000000>; |
337 |
+@@ -47,7 +46,6 @@ |
338 |
+ compatible = "regulator-fixed"; |
339 |
+ reg = <2>; |
340 |
+ pinctrl-names = "default"; |
341 |
+- pinctrl-0 = <&pinctrl_usbotg>; |
342 |
+ regulator-name = "usb_otg_vbus"; |
343 |
+ regulator-min-microvolt = <5000000>; |
344 |
+ regulator-max-microvolt = <5000000>; |
345 |
+diff --git a/arch/arm/boot/dts/omap3-beagle.dts b/arch/arm/boot/dts/omap3-beagle.dts |
346 |
+index a9aae88b74f5..bd603aa2cd82 100644 |
347 |
+--- a/arch/arm/boot/dts/omap3-beagle.dts |
348 |
++++ b/arch/arm/boot/dts/omap3-beagle.dts |
349 |
+@@ -176,7 +176,7 @@ |
350 |
+ |
351 |
+ tfp410_pins: pinmux_tfp410_pins { |
352 |
+ pinctrl-single,pins = < |
353 |
+- 0x194 (PIN_OUTPUT | MUX_MODE4) /* hdq_sio.gpio_170 */ |
354 |
++ 0x196 (PIN_OUTPUT | MUX_MODE4) /* hdq_sio.gpio_170 */ |
355 |
+ >; |
356 |
+ }; |
357 |
+ |
358 |
+diff --git a/arch/arm/boot/dts/omap5-uevm.dts b/arch/arm/boot/dts/omap5-uevm.dts |
359 |
+index 159720d6c956..ec23e86e7e4f 100644 |
360 |
+--- a/arch/arm/boot/dts/omap5-uevm.dts |
361 |
++++ b/arch/arm/boot/dts/omap5-uevm.dts |
362 |
+@@ -174,8 +174,8 @@ |
363 |
+ |
364 |
+ i2c5_pins: pinmux_i2c5_pins { |
365 |
+ pinctrl-single,pins = < |
366 |
+- 0x184 (PIN_INPUT | MUX_MODE0) /* i2c5_scl */ |
367 |
+- 0x186 (PIN_INPUT | MUX_MODE0) /* i2c5_sda */ |
368 |
++ 0x186 (PIN_INPUT | MUX_MODE0) /* i2c5_scl */ |
369 |
++ 0x188 (PIN_INPUT | MUX_MODE0) /* i2c5_sda */ |
370 |
+ >; |
371 |
+ }; |
372 |
+ |
373 |
+diff --git a/arch/arm/kernel/signal.c b/arch/arm/kernel/signal.c |
374 |
+index bd1983437205..ea6d69125dde 100644 |
375 |
+--- a/arch/arm/kernel/signal.c |
376 |
++++ b/arch/arm/kernel/signal.c |
377 |
+@@ -354,12 +354,17 @@ setup_return(struct pt_regs *regs, struct ksignal *ksig, |
378 |
+ */ |
379 |
+ thumb = handler & 1; |
380 |
+ |
381 |
+-#if __LINUX_ARM_ARCH__ >= 7 |
382 |
++#if __LINUX_ARM_ARCH__ >= 6 |
383 |
+ /* |
384 |
+- * Clear the If-Then Thumb-2 execution state |
385 |
+- * ARM spec requires this to be all 000s in ARM mode |
386 |
+- * Snapdragon S4/Krait misbehaves on a Thumb=>ARM |
387 |
+- * signal transition without this. |
388 |
++ * Clear the If-Then Thumb-2 execution state. ARM spec |
389 |
++ * requires this to be all 000s in ARM mode. Snapdragon |
390 |
++ * S4/Krait misbehaves on a Thumb=>ARM signal transition |
391 |
++ * without this. |
392 |
++ * |
393 |
++ * We must do this whenever we are running on a Thumb-2 |
394 |
++ * capable CPU, which includes ARMv6T2. However, we elect |
395 |
++ * to do this whenever we're on an ARMv6 or later CPU for |
396 |
++ * simplicity. |
397 |
+ */ |
398 |
+ cpsr &= ~PSR_IT_MASK; |
399 |
+ #endif |
400 |
+diff --git a/arch/arm/kvm/mmu.c b/arch/arm/kvm/mmu.c |
401 |
+index cba52cf6ed3f..3535480e0e6b 100644 |
402 |
+--- a/arch/arm/kvm/mmu.c |
403 |
++++ b/arch/arm/kvm/mmu.c |
404 |
+@@ -1439,8 +1439,10 @@ int kvm_arch_prepare_memory_region(struct kvm *kvm, |
405 |
+ if (vma->vm_flags & VM_PFNMAP) { |
406 |
+ gpa_t gpa = mem->guest_phys_addr + |
407 |
+ (vm_start - mem->userspace_addr); |
408 |
+- phys_addr_t pa = (vma->vm_pgoff << PAGE_SHIFT) + |
409 |
+- vm_start - vma->vm_start; |
410 |
++ phys_addr_t pa; |
411 |
++ |
412 |
++ pa = (phys_addr_t)vma->vm_pgoff << PAGE_SHIFT; |
413 |
++ pa += vm_start - vma->vm_start; |
414 |
+ |
415 |
+ ret = kvm_phys_addr_ioremap(kvm, gpa, pa, |
416 |
+ vm_end - vm_start, |
417 |
+diff --git a/arch/arm/mach-omap2/clockdomains7xx_data.c b/arch/arm/mach-omap2/clockdomains7xx_data.c |
418 |
+index 57d5df0c1fbd..7581e036bda6 100644 |
419 |
+--- a/arch/arm/mach-omap2/clockdomains7xx_data.c |
420 |
++++ b/arch/arm/mach-omap2/clockdomains7xx_data.c |
421 |
+@@ -331,7 +331,7 @@ static struct clockdomain l4per2_7xx_clkdm = { |
422 |
+ .dep_bit = DRA7XX_L4PER2_STATDEP_SHIFT, |
423 |
+ .wkdep_srcs = l4per2_wkup_sleep_deps, |
424 |
+ .sleepdep_srcs = l4per2_wkup_sleep_deps, |
425 |
+- .flags = CLKDM_CAN_HWSUP_SWSUP, |
426 |
++ .flags = CLKDM_CAN_SWSUP, |
427 |
+ }; |
428 |
+ |
429 |
+ static struct clockdomain mpu0_7xx_clkdm = { |
430 |
+diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig |
431 |
+index dc2d66cdf311..00b9c4870230 100644 |
432 |
+--- a/arch/arm64/Kconfig |
433 |
++++ b/arch/arm64/Kconfig |
434 |
+@@ -91,6 +91,10 @@ config NO_IOPORT_MAP |
435 |
+ config STACKTRACE_SUPPORT |
436 |
+ def_bool y |
437 |
+ |
438 |
++config ILLEGAL_POINTER_VALUE |
439 |
++ hex |
440 |
++ default 0xdead000000000000 |
441 |
++ |
442 |
+ config LOCKDEP_SUPPORT |
443 |
+ def_bool y |
444 |
+ |
445 |
+@@ -575,6 +579,22 @@ source "drivers/cpuidle/Kconfig" |
446 |
+ |
447 |
+ source "drivers/cpufreq/Kconfig" |
448 |
+ |
449 |
++config ARM64_ERRATUM_843419 |
450 |
++ bool "Cortex-A53: 843419: A load or store might access an incorrect address" |
451 |
++ depends on MODULES |
452 |
++ default y |
453 |
++ help |
454 |
++ This option builds kernel modules using the large memory model in |
455 |
++ order to avoid the use of the ADRP instruction, which can cause |
456 |
++ a subsequent memory access to use an incorrect address on Cortex-A53 |
457 |
++ parts up to r0p4. |
458 |
++ |
459 |
++ Note that the kernel itself must be linked with a version of ld |
460 |
++ which fixes potentially affected ADRP instructions through the |
461 |
++ use of veneers. |
462 |
++ |
463 |
++ If unsure, say Y. |
464 |
++ |
465 |
+ endmenu |
466 |
+ |
467 |
+ source "net/Kconfig" |
468 |
+diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile |
469 |
+index 20901ffed182..e7391aef5433 100644 |
470 |
+--- a/arch/arm64/Makefile |
471 |
++++ b/arch/arm64/Makefile |
472 |
+@@ -32,6 +32,10 @@ endif |
473 |
+ |
474 |
+ CHECKFLAGS += -D__aarch64__ |
475 |
+ |
476 |
++ifeq ($(CONFIG_ARM64_ERRATUM_843419), y) |
477 |
++CFLAGS_MODULE += -mcmodel=large |
478 |
++endif |
479 |
++ |
480 |
+ # Default value |
481 |
+ head-y := arch/arm64/kernel/head.o |
482 |
+ |
483 |
+diff --git a/arch/arm64/kernel/entry-ftrace.S b/arch/arm64/kernel/entry-ftrace.S |
484 |
+index 38e704e597f7..c85a02b6cca0 100644 |
485 |
+--- a/arch/arm64/kernel/entry-ftrace.S |
486 |
++++ b/arch/arm64/kernel/entry-ftrace.S |
487 |
+@@ -177,6 +177,24 @@ ENTRY(ftrace_stub) |
488 |
+ ENDPROC(ftrace_stub) |
489 |
+ |
490 |
+ #ifdef CONFIG_FUNCTION_GRAPH_TRACER |
491 |
++ /* save return value regs*/ |
492 |
++ .macro save_return_regs |
493 |
++ sub sp, sp, #64 |
494 |
++ stp x0, x1, [sp] |
495 |
++ stp x2, x3, [sp, #16] |
496 |
++ stp x4, x5, [sp, #32] |
497 |
++ stp x6, x7, [sp, #48] |
498 |
++ .endm |
499 |
++ |
500 |
++ /* restore return value regs*/ |
501 |
++ .macro restore_return_regs |
502 |
++ ldp x0, x1, [sp] |
503 |
++ ldp x2, x3, [sp, #16] |
504 |
++ ldp x4, x5, [sp, #32] |
505 |
++ ldp x6, x7, [sp, #48] |
506 |
++ add sp, sp, #64 |
507 |
++ .endm |
508 |
++ |
509 |
+ /* |
510 |
+ * void ftrace_graph_caller(void) |
511 |
+ * |
512 |
+@@ -203,11 +221,11 @@ ENDPROC(ftrace_graph_caller) |
513 |
+ * only when CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST is enabled. |
514 |
+ */ |
515 |
+ ENTRY(return_to_handler) |
516 |
+- str x0, [sp, #-16]! |
517 |
++ save_return_regs |
518 |
+ mov x0, x29 // parent's fp |
519 |
+ bl ftrace_return_to_handler// addr = ftrace_return_to_hander(fp); |
520 |
+ mov x30, x0 // restore the original return address |
521 |
+- ldr x0, [sp], #16 |
522 |
++ restore_return_regs |
523 |
+ ret |
524 |
+ END(return_to_handler) |
525 |
+ #endif /* CONFIG_FUNCTION_GRAPH_TRACER */ |
526 |
+diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S |
527 |
+index 0a6e4f924df8..2877dd818977 100644 |
528 |
+--- a/arch/arm64/kernel/head.S |
529 |
++++ b/arch/arm64/kernel/head.S |
530 |
+@@ -327,6 +327,11 @@ CPU_LE( movk x0, #0x30d0, lsl #16 ) // Clear EE and E0E on LE systems |
531 |
+ msr hstr_el2, xzr // Disable CP15 traps to EL2 |
532 |
+ #endif |
533 |
+ |
534 |
++ /* EL2 debug */ |
535 |
++ mrs x0, pmcr_el0 // Disable debug access traps |
536 |
++ ubfx x0, x0, #11, #5 // to EL2 and allow access to |
537 |
++ msr mdcr_el2, x0 // all PMU counters from EL1 |
538 |
++ |
539 |
+ /* Stage-2 translation */ |
540 |
+ msr vttbr_el2, xzr |
541 |
+ |
542 |
+diff --git a/arch/arm64/kernel/module.c b/arch/arm64/kernel/module.c |
543 |
+index 1eb1cc955139..e366329d96d8 100644 |
544 |
+--- a/arch/arm64/kernel/module.c |
545 |
++++ b/arch/arm64/kernel/module.c |
546 |
+@@ -330,12 +330,14 @@ int apply_relocate_add(Elf64_Shdr *sechdrs, |
547 |
+ ovf = reloc_insn_imm(RELOC_OP_PREL, loc, val, 0, 21, |
548 |
+ AARCH64_INSN_IMM_ADR); |
549 |
+ break; |
550 |
++#ifndef CONFIG_ARM64_ERRATUM_843419 |
551 |
+ case R_AARCH64_ADR_PREL_PG_HI21_NC: |
552 |
+ overflow_check = false; |
553 |
+ case R_AARCH64_ADR_PREL_PG_HI21: |
554 |
+ ovf = reloc_insn_imm(RELOC_OP_PAGE, loc, val, 12, 21, |
555 |
+ AARCH64_INSN_IMM_ADR); |
556 |
+ break; |
557 |
++#endif |
558 |
+ case R_AARCH64_ADD_ABS_LO12_NC: |
559 |
+ case R_AARCH64_LDST8_ABS_LO12_NC: |
560 |
+ overflow_check = false; |
561 |
+diff --git a/arch/arm64/kernel/signal32.c b/arch/arm64/kernel/signal32.c |
562 |
+index b4efc2e38336..15dd021b0025 100644 |
563 |
+--- a/arch/arm64/kernel/signal32.c |
564 |
++++ b/arch/arm64/kernel/signal32.c |
565 |
+@@ -206,14 +206,32 @@ int copy_siginfo_from_user32(siginfo_t *to, compat_siginfo_t __user *from) |
566 |
+ |
567 |
+ /* |
568 |
+ * VFP save/restore code. |
569 |
++ * |
570 |
++ * We have to be careful with endianness, since the fpsimd context-switch |
571 |
++ * code operates on 128-bit (Q) register values whereas the compat ABI |
572 |
++ * uses an array of 64-bit (D) registers. Consequently, we need to swap |
573 |
++ * the two halves of each Q register when running on a big-endian CPU. |
574 |
+ */ |
575 |
++union __fpsimd_vreg { |
576 |
++ __uint128_t raw; |
577 |
++ struct { |
578 |
++#ifdef __AARCH64EB__ |
579 |
++ u64 hi; |
580 |
++ u64 lo; |
581 |
++#else |
582 |
++ u64 lo; |
583 |
++ u64 hi; |
584 |
++#endif |
585 |
++ }; |
586 |
++}; |
587 |
++ |
588 |
+ static int compat_preserve_vfp_context(struct compat_vfp_sigframe __user *frame) |
589 |
+ { |
590 |
+ struct fpsimd_state *fpsimd = ¤t->thread.fpsimd_state; |
591 |
+ compat_ulong_t magic = VFP_MAGIC; |
592 |
+ compat_ulong_t size = VFP_STORAGE_SIZE; |
593 |
+ compat_ulong_t fpscr, fpexc; |
594 |
+- int err = 0; |
595 |
++ int i, err = 0; |
596 |
+ |
597 |
+ /* |
598 |
+ * Save the hardware registers to the fpsimd_state structure. |
599 |
+@@ -229,10 +247,15 @@ static int compat_preserve_vfp_context(struct compat_vfp_sigframe __user *frame) |
600 |
+ /* |
601 |
+ * Now copy the FP registers. Since the registers are packed, |
602 |
+ * we can copy the prefix we want (V0-V15) as it is. |
603 |
+- * FIXME: Won't work if big endian. |
604 |
+ */ |
605 |
+- err |= __copy_to_user(&frame->ufp.fpregs, fpsimd->vregs, |
606 |
+- sizeof(frame->ufp.fpregs)); |
607 |
++ for (i = 0; i < ARRAY_SIZE(frame->ufp.fpregs); i += 2) { |
608 |
++ union __fpsimd_vreg vreg = { |
609 |
++ .raw = fpsimd->vregs[i >> 1], |
610 |
++ }; |
611 |
++ |
612 |
++ __put_user_error(vreg.lo, &frame->ufp.fpregs[i], err); |
613 |
++ __put_user_error(vreg.hi, &frame->ufp.fpregs[i + 1], err); |
614 |
++ } |
615 |
+ |
616 |
+ /* Create an AArch32 fpscr from the fpsr and the fpcr. */ |
617 |
+ fpscr = (fpsimd->fpsr & VFP_FPSCR_STAT_MASK) | |
618 |
+@@ -257,7 +280,7 @@ static int compat_restore_vfp_context(struct compat_vfp_sigframe __user *frame) |
619 |
+ compat_ulong_t magic = VFP_MAGIC; |
620 |
+ compat_ulong_t size = VFP_STORAGE_SIZE; |
621 |
+ compat_ulong_t fpscr; |
622 |
+- int err = 0; |
623 |
++ int i, err = 0; |
624 |
+ |
625 |
+ __get_user_error(magic, &frame->magic, err); |
626 |
+ __get_user_error(size, &frame->size, err); |
627 |
+@@ -267,12 +290,14 @@ static int compat_restore_vfp_context(struct compat_vfp_sigframe __user *frame) |
628 |
+ if (magic != VFP_MAGIC || size != VFP_STORAGE_SIZE) |
629 |
+ return -EINVAL; |
630 |
+ |
631 |
+- /* |
632 |
+- * Copy the FP registers into the start of the fpsimd_state. |
633 |
+- * FIXME: Won't work if big endian. |
634 |
+- */ |
635 |
+- err |= __copy_from_user(fpsimd.vregs, frame->ufp.fpregs, |
636 |
+- sizeof(frame->ufp.fpregs)); |
637 |
++ /* Copy the FP registers into the start of the fpsimd_state. */ |
638 |
++ for (i = 0; i < ARRAY_SIZE(frame->ufp.fpregs); i += 2) { |
639 |
++ union __fpsimd_vreg vreg; |
640 |
++ |
641 |
++ __get_user_error(vreg.lo, &frame->ufp.fpregs[i], err); |
642 |
++ __get_user_error(vreg.hi, &frame->ufp.fpregs[i + 1], err); |
643 |
++ fpsimd.vregs[i >> 1] = vreg.raw; |
644 |
++ } |
645 |
+ |
646 |
+ /* Extract the fpsr and the fpcr from the fpscr */ |
647 |
+ __get_user_error(fpscr, &frame->ufp.fpscr, err); |
648 |
+diff --git a/arch/arm64/kvm/hyp.S b/arch/arm64/kvm/hyp.S |
649 |
+index a767f6a4ce54..566a457d1803 100644 |
650 |
+--- a/arch/arm64/kvm/hyp.S |
651 |
++++ b/arch/arm64/kvm/hyp.S |
652 |
+@@ -843,8 +843,6 @@ |
653 |
+ mrs x3, cntv_ctl_el0 |
654 |
+ and x3, x3, #3 |
655 |
+ str w3, [x0, #VCPU_TIMER_CNTV_CTL] |
656 |
+- bic x3, x3, #1 // Clear Enable |
657 |
+- msr cntv_ctl_el0, x3 |
658 |
+ |
659 |
+ isb |
660 |
+ |
661 |
+@@ -852,6 +850,9 @@ |
662 |
+ str x3, [x0, #VCPU_TIMER_CNTV_CVAL] |
663 |
+ |
664 |
+ 1: |
665 |
++ // Disable the virtual timer |
666 |
++ msr cntv_ctl_el0, xzr |
667 |
++ |
668 |
+ // Allow physical timer/counter access for the host |
669 |
+ mrs x2, cnthctl_el2 |
670 |
+ orr x2, x2, #3 |
671 |
+diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c |
672 |
+index 41cb6d3d6075..6094c64b3380 100644 |
673 |
+--- a/arch/arm64/mm/fault.c |
674 |
++++ b/arch/arm64/mm/fault.c |
675 |
+@@ -279,6 +279,7 @@ retry: |
676 |
+ * starvation. |
677 |
+ */ |
678 |
+ mm_flags &= ~FAULT_FLAG_ALLOW_RETRY; |
679 |
++ mm_flags |= FAULT_FLAG_TRIED; |
680 |
+ goto retry; |
681 |
+ } |
682 |
+ } |
683 |
+diff --git a/arch/m68k/include/asm/linkage.h b/arch/m68k/include/asm/linkage.h |
684 |
+index 5a822bb790f7..066e74f666ae 100644 |
685 |
+--- a/arch/m68k/include/asm/linkage.h |
686 |
++++ b/arch/m68k/include/asm/linkage.h |
687 |
+@@ -4,4 +4,34 @@ |
688 |
+ #define __ALIGN .align 4 |
689 |
+ #define __ALIGN_STR ".align 4" |
690 |
+ |
691 |
++/* |
692 |
++ * Make sure the compiler doesn't do anything stupid with the |
693 |
++ * arguments on the stack - they are owned by the *caller*, not |
694 |
++ * the callee. This just fools gcc into not spilling into them, |
695 |
++ * and keeps it from doing tailcall recursion and/or using the |
696 |
++ * stack slots for temporaries, since they are live and "used" |
697 |
++ * all the way to the end of the function. |
698 |
++ */ |
699 |
++#define asmlinkage_protect(n, ret, args...) \ |
700 |
++ __asmlinkage_protect##n(ret, ##args) |
701 |
++#define __asmlinkage_protect_n(ret, args...) \ |
702 |
++ __asm__ __volatile__ ("" : "=r" (ret) : "0" (ret), ##args) |
703 |
++#define __asmlinkage_protect0(ret) \ |
704 |
++ __asmlinkage_protect_n(ret) |
705 |
++#define __asmlinkage_protect1(ret, arg1) \ |
706 |
++ __asmlinkage_protect_n(ret, "m" (arg1)) |
707 |
++#define __asmlinkage_protect2(ret, arg1, arg2) \ |
708 |
++ __asmlinkage_protect_n(ret, "m" (arg1), "m" (arg2)) |
709 |
++#define __asmlinkage_protect3(ret, arg1, arg2, arg3) \ |
710 |
++ __asmlinkage_protect_n(ret, "m" (arg1), "m" (arg2), "m" (arg3)) |
711 |
++#define __asmlinkage_protect4(ret, arg1, arg2, arg3, arg4) \ |
712 |
++ __asmlinkage_protect_n(ret, "m" (arg1), "m" (arg2), "m" (arg3), \ |
713 |
++ "m" (arg4)) |
714 |
++#define __asmlinkage_protect5(ret, arg1, arg2, arg3, arg4, arg5) \ |
715 |
++ __asmlinkage_protect_n(ret, "m" (arg1), "m" (arg2), "m" (arg3), \ |
716 |
++ "m" (arg4), "m" (arg5)) |
717 |
++#define __asmlinkage_protect6(ret, arg1, arg2, arg3, arg4, arg5, arg6) \ |
718 |
++ __asmlinkage_protect_n(ret, "m" (arg1), "m" (arg2), "m" (arg3), \ |
719 |
++ "m" (arg4), "m" (arg5), "m" (arg6)) |
720 |
++ |
721 |
+ #endif |
722 |
+diff --git a/arch/mips/mm/dma-default.c b/arch/mips/mm/dma-default.c |
723 |
+index 33ba3c558fe4..027ad1f24e32 100644 |
724 |
+--- a/arch/mips/mm/dma-default.c |
725 |
++++ b/arch/mips/mm/dma-default.c |
726 |
+@@ -95,7 +95,7 @@ static gfp_t massage_gfp_flags(const struct device *dev, gfp_t gfp) |
727 |
+ else |
728 |
+ #endif |
729 |
+ #if defined(CONFIG_ZONE_DMA) && !defined(CONFIG_ZONE_DMA32) |
730 |
+- if (dev->coherent_dma_mask < DMA_BIT_MASK(64)) |
731 |
++ if (dev->coherent_dma_mask < DMA_BIT_MASK(sizeof(phys_addr_t) * 8)) |
732 |
+ dma_flag = __GFP_DMA; |
733 |
+ else |
734 |
+ #endif |
735 |
+diff --git a/arch/parisc/kernel/irq.c b/arch/parisc/kernel/irq.c |
736 |
+index cfe056fe7f5c..34f06be569d9 100644 |
737 |
+--- a/arch/parisc/kernel/irq.c |
738 |
++++ b/arch/parisc/kernel/irq.c |
739 |
+@@ -507,8 +507,8 @@ void do_cpu_irq_mask(struct pt_regs *regs) |
740 |
+ struct pt_regs *old_regs; |
741 |
+ unsigned long eirr_val; |
742 |
+ int irq, cpu = smp_processor_id(); |
743 |
+-#ifdef CONFIG_SMP |
744 |
+ struct irq_desc *desc; |
745 |
++#ifdef CONFIG_SMP |
746 |
+ cpumask_t dest; |
747 |
+ #endif |
748 |
+ |
749 |
+@@ -521,8 +521,12 @@ void do_cpu_irq_mask(struct pt_regs *regs) |
750 |
+ goto set_out; |
751 |
+ irq = eirr_to_irq(eirr_val); |
752 |
+ |
753 |
+-#ifdef CONFIG_SMP |
754 |
++ /* Filter out spurious interrupts, mostly from serial port at bootup */ |
755 |
+ desc = irq_to_desc(irq); |
756 |
++ if (unlikely(!desc->action)) |
757 |
++ goto set_out; |
758 |
++ |
759 |
++#ifdef CONFIG_SMP |
760 |
+ cpumask_copy(&dest, desc->irq_data.affinity); |
761 |
+ if (irqd_is_per_cpu(&desc->irq_data) && |
762 |
+ !cpu_isset(smp_processor_id(), dest)) { |
763 |
+diff --git a/arch/parisc/kernel/syscall.S b/arch/parisc/kernel/syscall.S |
764 |
+index 7ef22e3387e0..0b8d26d3ba43 100644 |
765 |
+--- a/arch/parisc/kernel/syscall.S |
766 |
++++ b/arch/parisc/kernel/syscall.S |
767 |
+@@ -821,7 +821,7 @@ cas2_action: |
768 |
+ /* 64bit CAS */ |
769 |
+ #ifdef CONFIG_64BIT |
770 |
+ 19: ldd,ma 0(%sr3,%r26), %r29 |
771 |
+- sub,= %r29, %r25, %r0 |
772 |
++ sub,*= %r29, %r25, %r0 |
773 |
+ b,n cas2_end |
774 |
+ 20: std,ma %r24, 0(%sr3,%r26) |
775 |
+ copy %r0, %r28 |
776 |
+diff --git a/arch/powerpc/include/asm/pgtable-ppc64.h b/arch/powerpc/include/asm/pgtable-ppc64.h |
777 |
+index ae153c40ab7c..daf4add50743 100644 |
778 |
+--- a/arch/powerpc/include/asm/pgtable-ppc64.h |
779 |
++++ b/arch/powerpc/include/asm/pgtable-ppc64.h |
780 |
+@@ -135,7 +135,19 @@ |
781 |
+ #define pte_iterate_hashed_end() } while(0) |
782 |
+ |
783 |
+ #ifdef CONFIG_PPC_HAS_HASH_64K |
784 |
+-#define pte_pagesize_index(mm, addr, pte) get_slice_psize(mm, addr) |
785 |
++/* |
786 |
++ * We expect this to be called only for user addresses or kernel virtual |
787 |
++ * addresses other than the linear mapping. |
788 |
++ */ |
789 |
++#define pte_pagesize_index(mm, addr, pte) \ |
790 |
++ ({ \ |
791 |
++ unsigned int psize; \ |
792 |
++ if (is_kernel_addr(addr)) \ |
793 |
++ psize = MMU_PAGE_4K; \ |
794 |
++ else \ |
795 |
++ psize = get_slice_psize(mm, addr); \ |
796 |
++ psize; \ |
797 |
++ }) |
798 |
+ #else |
799 |
+ #define pte_pagesize_index(mm, addr, pte) MMU_PAGE_4K |
800 |
+ #endif |
801 |
+diff --git a/arch/powerpc/include/asm/rtas.h b/arch/powerpc/include/asm/rtas.h |
802 |
+index b390f55b0df1..af37e69b3b74 100644 |
803 |
+--- a/arch/powerpc/include/asm/rtas.h |
804 |
++++ b/arch/powerpc/include/asm/rtas.h |
805 |
+@@ -316,6 +316,7 @@ extern void rtas_power_off(void); |
806 |
+ extern void rtas_halt(void); |
807 |
+ extern void rtas_os_term(char *str); |
808 |
+ extern int rtas_get_sensor(int sensor, int index, int *state); |
809 |
++extern int rtas_get_sensor_fast(int sensor, int index, int *state); |
810 |
+ extern int rtas_get_power_level(int powerdomain, int *level); |
811 |
+ extern int rtas_set_power_level(int powerdomain, int level, int *setlevel); |
812 |
+ extern bool rtas_indicator_present(int token, int *maxindex); |
813 |
+diff --git a/arch/powerpc/kernel/rtas.c b/arch/powerpc/kernel/rtas.c |
814 |
+index 8b4c857c1421..af0dafab5807 100644 |
815 |
+--- a/arch/powerpc/kernel/rtas.c |
816 |
++++ b/arch/powerpc/kernel/rtas.c |
817 |
+@@ -584,6 +584,23 @@ int rtas_get_sensor(int sensor, int index, int *state) |
818 |
+ } |
819 |
+ EXPORT_SYMBOL(rtas_get_sensor); |
820 |
+ |
821 |
++int rtas_get_sensor_fast(int sensor, int index, int *state) |
822 |
++{ |
823 |
++ int token = rtas_token("get-sensor-state"); |
824 |
++ int rc; |
825 |
++ |
826 |
++ if (token == RTAS_UNKNOWN_SERVICE) |
827 |
++ return -ENOENT; |
828 |
++ |
829 |
++ rc = rtas_call(token, 2, 2, state, sensor, index); |
830 |
++ WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN && |
831 |
++ rc <= RTAS_EXTENDED_DELAY_MAX)); |
832 |
++ |
833 |
++ if (rc < 0) |
834 |
++ return rtas_error_rc(rc); |
835 |
++ return rc; |
836 |
++} |
837 |
++ |
838 |
+ bool rtas_indicator_present(int token, int *maxindex) |
839 |
+ { |
840 |
+ int proplen, count, i; |
841 |
+diff --git a/arch/powerpc/mm/hugepage-hash64.c b/arch/powerpc/mm/hugepage-hash64.c |
842 |
+index 5f5e6328c21c..5061c6f676da 100644 |
843 |
+--- a/arch/powerpc/mm/hugepage-hash64.c |
844 |
++++ b/arch/powerpc/mm/hugepage-hash64.c |
845 |
+@@ -136,7 +136,6 @@ int __hash_page_thp(unsigned long ea, unsigned long access, unsigned long vsid, |
846 |
+ BUG_ON(index >= 4096); |
847 |
+ |
848 |
+ vpn = hpt_vpn(ea, vsid, ssize); |
849 |
+- hash = hpt_hash(vpn, shift, ssize); |
850 |
+ hpte_slot_array = get_hpte_slot_array(pmdp); |
851 |
+ if (psize == MMU_PAGE_4K) { |
852 |
+ /* |
853 |
+@@ -151,6 +150,7 @@ int __hash_page_thp(unsigned long ea, unsigned long access, unsigned long vsid, |
854 |
+ valid = hpte_valid(hpte_slot_array, index); |
855 |
+ if (valid) { |
856 |
+ /* update the hpte bits */ |
857 |
++ hash = hpt_hash(vpn, shift, ssize); |
858 |
+ hidx = hpte_hash_index(hpte_slot_array, index); |
859 |
+ if (hidx & _PTEIDX_SECONDARY) |
860 |
+ hash = ~hash; |
861 |
+@@ -176,6 +176,7 @@ int __hash_page_thp(unsigned long ea, unsigned long access, unsigned long vsid, |
862 |
+ if (!valid) { |
863 |
+ unsigned long hpte_group; |
864 |
+ |
865 |
++ hash = hpt_hash(vpn, shift, ssize); |
866 |
+ /* insert new entry */ |
867 |
+ pa = pmd_pfn(__pmd(old_pmd)) << PAGE_SHIFT; |
868 |
+ new_pmd |= _PAGE_HASHPTE; |
869 |
+diff --git a/arch/powerpc/platforms/powernv/pci.c b/arch/powerpc/platforms/powernv/pci.c |
870 |
+index 4b20f2c6b3b2..9ff55d59ac76 100644 |
871 |
+--- a/arch/powerpc/platforms/powernv/pci.c |
872 |
++++ b/arch/powerpc/platforms/powernv/pci.c |
873 |
+@@ -100,6 +100,7 @@ static void pnv_teardown_msi_irqs(struct pci_dev *pdev) |
874 |
+ struct pci_controller *hose = pci_bus_to_host(pdev->bus); |
875 |
+ struct pnv_phb *phb = hose->private_data; |
876 |
+ struct msi_desc *entry; |
877 |
++ irq_hw_number_t hwirq; |
878 |
+ |
879 |
+ if (WARN_ON(!phb)) |
880 |
+ return; |
881 |
+@@ -107,10 +108,10 @@ static void pnv_teardown_msi_irqs(struct pci_dev *pdev) |
882 |
+ list_for_each_entry(entry, &pdev->msi_list, list) { |
883 |
+ if (entry->irq == NO_IRQ) |
884 |
+ continue; |
885 |
++ hwirq = virq_to_hw(entry->irq); |
886 |
+ irq_set_msi_desc(entry->irq, NULL); |
887 |
+- msi_bitmap_free_hwirqs(&phb->msi_bmp, |
888 |
+- virq_to_hw(entry->irq) - phb->msi_base, 1); |
889 |
+ irq_dispose_mapping(entry->irq); |
890 |
++ msi_bitmap_free_hwirqs(&phb->msi_bmp, hwirq - phb->msi_base, 1); |
891 |
+ } |
892 |
+ } |
893 |
+ #endif /* CONFIG_PCI_MSI */ |
894 |
+diff --git a/arch/powerpc/platforms/pseries/ras.c b/arch/powerpc/platforms/pseries/ras.c |
895 |
+index 5a4d0fc03b03..d263f7bc80fc 100644 |
896 |
+--- a/arch/powerpc/platforms/pseries/ras.c |
897 |
++++ b/arch/powerpc/platforms/pseries/ras.c |
898 |
+@@ -187,7 +187,8 @@ static irqreturn_t ras_epow_interrupt(int irq, void *dev_id) |
899 |
+ int state; |
900 |
+ int critical; |
901 |
+ |
902 |
+- status = rtas_get_sensor(EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX, &state); |
903 |
++ status = rtas_get_sensor_fast(EPOW_SENSOR_TOKEN, EPOW_SENSOR_INDEX, |
904 |
++ &state); |
905 |
+ |
906 |
+ if (state > 3) |
907 |
+ critical = 1; /* Time Critical */ |
908 |
+diff --git a/arch/powerpc/sysdev/fsl_msi.c b/arch/powerpc/sysdev/fsl_msi.c |
909 |
+index da08ed088157..ea6b3a1c79d8 100644 |
910 |
+--- a/arch/powerpc/sysdev/fsl_msi.c |
911 |
++++ b/arch/powerpc/sysdev/fsl_msi.c |
912 |
+@@ -129,15 +129,16 @@ static void fsl_teardown_msi_irqs(struct pci_dev *pdev) |
913 |
+ { |
914 |
+ struct msi_desc *entry; |
915 |
+ struct fsl_msi *msi_data; |
916 |
++ irq_hw_number_t hwirq; |
917 |
+ |
918 |
+ list_for_each_entry(entry, &pdev->msi_list, list) { |
919 |
+ if (entry->irq == NO_IRQ) |
920 |
+ continue; |
921 |
++ hwirq = virq_to_hw(entry->irq); |
922 |
+ msi_data = irq_get_chip_data(entry->irq); |
923 |
+ irq_set_msi_desc(entry->irq, NULL); |
924 |
+- msi_bitmap_free_hwirqs(&msi_data->bitmap, |
925 |
+- virq_to_hw(entry->irq), 1); |
926 |
+ irq_dispose_mapping(entry->irq); |
927 |
++ msi_bitmap_free_hwirqs(&msi_data->bitmap, hwirq, 1); |
928 |
+ } |
929 |
+ |
930 |
+ return; |
931 |
+diff --git a/arch/powerpc/sysdev/mpic_pasemi_msi.c b/arch/powerpc/sysdev/mpic_pasemi_msi.c |
932 |
+index 15dccd35fa11..a6add4ae6c5a 100644 |
933 |
+--- a/arch/powerpc/sysdev/mpic_pasemi_msi.c |
934 |
++++ b/arch/powerpc/sysdev/mpic_pasemi_msi.c |
935 |
+@@ -66,6 +66,7 @@ static struct irq_chip mpic_pasemi_msi_chip = { |
936 |
+ static void pasemi_msi_teardown_msi_irqs(struct pci_dev *pdev) |
937 |
+ { |
938 |
+ struct msi_desc *entry; |
939 |
++ irq_hw_number_t hwirq; |
940 |
+ |
941 |
+ pr_debug("pasemi_msi_teardown_msi_irqs, pdev %p\n", pdev); |
942 |
+ |
943 |
+@@ -73,10 +74,11 @@ static void pasemi_msi_teardown_msi_irqs(struct pci_dev *pdev) |
944 |
+ if (entry->irq == NO_IRQ) |
945 |
+ continue; |
946 |
+ |
947 |
++ hwirq = virq_to_hw(entry->irq); |
948 |
+ irq_set_msi_desc(entry->irq, NULL); |
949 |
+- msi_bitmap_free_hwirqs(&msi_mpic->msi_bitmap, |
950 |
+- virq_to_hw(entry->irq), ALLOC_CHUNK); |
951 |
+ irq_dispose_mapping(entry->irq); |
952 |
++ msi_bitmap_free_hwirqs(&msi_mpic->msi_bitmap, |
953 |
++ hwirq, ALLOC_CHUNK); |
954 |
+ } |
955 |
+ |
956 |
+ return; |
957 |
+diff --git a/arch/powerpc/sysdev/mpic_u3msi.c b/arch/powerpc/sysdev/mpic_u3msi.c |
958 |
+index 623d7fba15b4..db35a4073127 100644 |
959 |
+--- a/arch/powerpc/sysdev/mpic_u3msi.c |
960 |
++++ b/arch/powerpc/sysdev/mpic_u3msi.c |
961 |
+@@ -108,15 +108,16 @@ static u64 find_u4_magic_addr(struct pci_dev *pdev, unsigned int hwirq) |
962 |
+ static void u3msi_teardown_msi_irqs(struct pci_dev *pdev) |
963 |
+ { |
964 |
+ struct msi_desc *entry; |
965 |
++ irq_hw_number_t hwirq; |
966 |
+ |
967 |
+ list_for_each_entry(entry, &pdev->msi_list, list) { |
968 |
+ if (entry->irq == NO_IRQ) |
969 |
+ continue; |
970 |
+ |
971 |
++ hwirq = virq_to_hw(entry->irq); |
972 |
+ irq_set_msi_desc(entry->irq, NULL); |
973 |
+- msi_bitmap_free_hwirqs(&msi_mpic->msi_bitmap, |
974 |
+- virq_to_hw(entry->irq), 1); |
975 |
+ irq_dispose_mapping(entry->irq); |
976 |
++ msi_bitmap_free_hwirqs(&msi_mpic->msi_bitmap, hwirq, 1); |
977 |
+ } |
978 |
+ |
979 |
+ return; |
980 |
+diff --git a/arch/powerpc/sysdev/ppc4xx_msi.c b/arch/powerpc/sysdev/ppc4xx_msi.c |
981 |
+index 22b5200636e7..85d9c1852d19 100644 |
982 |
+--- a/arch/powerpc/sysdev/ppc4xx_msi.c |
983 |
++++ b/arch/powerpc/sysdev/ppc4xx_msi.c |
984 |
+@@ -125,16 +125,17 @@ void ppc4xx_teardown_msi_irqs(struct pci_dev *dev) |
985 |
+ { |
986 |
+ struct msi_desc *entry; |
987 |
+ struct ppc4xx_msi *msi_data = &ppc4xx_msi; |
988 |
++ irq_hw_number_t hwirq; |
989 |
+ |
990 |
+ dev_dbg(&dev->dev, "PCIE-MSI: tearing down msi irqs\n"); |
991 |
+ |
992 |
+ list_for_each_entry(entry, &dev->msi_list, list) { |
993 |
+ if (entry->irq == NO_IRQ) |
994 |
+ continue; |
995 |
++ hwirq = virq_to_hw(entry->irq); |
996 |
+ irq_set_msi_desc(entry->irq, NULL); |
997 |
+- msi_bitmap_free_hwirqs(&msi_data->bitmap, |
998 |
+- virq_to_hw(entry->irq), 1); |
999 |
+ irq_dispose_mapping(entry->irq); |
1000 |
++ msi_bitmap_free_hwirqs(&msi_data->bitmap, hwirq, 1); |
1001 |
+ } |
1002 |
+ } |
1003 |
+ |
1004 |
+diff --git a/arch/s390/boot/compressed/Makefile b/arch/s390/boot/compressed/Makefile |
1005 |
+index f90d1fc6d603..f70b2321071e 100644 |
1006 |
+--- a/arch/s390/boot/compressed/Makefile |
1007 |
++++ b/arch/s390/boot/compressed/Makefile |
1008 |
+@@ -12,7 +12,7 @@ targets += misc.o piggy.o sizes.h head$(BITS).o |
1009 |
+ |
1010 |
+ KBUILD_CFLAGS := -m$(BITS) -D__KERNEL__ $(LINUX_INCLUDE) -O2 |
1011 |
+ KBUILD_CFLAGS += -DDISABLE_BRANCH_PROFILING |
1012 |
+-KBUILD_CFLAGS += $(cflags-y) -fno-delete-null-pointer-checks |
1013 |
++KBUILD_CFLAGS += $(cflags-y) -fno-delete-null-pointer-checks -msoft-float |
1014 |
+ KBUILD_CFLAGS += $(call cc-option,-mpacked-stack) |
1015 |
+ KBUILD_CFLAGS += $(call cc-option,-ffreestanding) |
1016 |
+ |
1017 |
+diff --git a/arch/s390/kernel/compat_signal.c b/arch/s390/kernel/compat_signal.c |
1018 |
+index 009f5eb11125..14c3e80e003a 100644 |
1019 |
+--- a/arch/s390/kernel/compat_signal.c |
1020 |
++++ b/arch/s390/kernel/compat_signal.c |
1021 |
+@@ -48,6 +48,19 @@ typedef struct |
1022 |
+ struct ucontext32 uc; |
1023 |
+ } rt_sigframe32; |
1024 |
+ |
1025 |
++static inline void sigset_to_sigset32(unsigned long *set64, |
1026 |
++ compat_sigset_word *set32) |
1027 |
++{ |
1028 |
++ set32[0] = (compat_sigset_word) set64[0]; |
1029 |
++ set32[1] = (compat_sigset_word)(set64[0] >> 32); |
1030 |
++} |
1031 |
++ |
1032 |
++static inline void sigset32_to_sigset(compat_sigset_word *set32, |
1033 |
++ unsigned long *set64) |
1034 |
++{ |
1035 |
++ set64[0] = (unsigned long) set32[0] | ((unsigned long) set32[1] << 32); |
1036 |
++} |
1037 |
++ |
1038 |
+ int copy_siginfo_to_user32(compat_siginfo_t __user *to, const siginfo_t *from) |
1039 |
+ { |
1040 |
+ int err; |
1041 |
+@@ -303,10 +316,12 @@ COMPAT_SYSCALL_DEFINE0(sigreturn) |
1042 |
+ { |
1043 |
+ struct pt_regs *regs = task_pt_regs(current); |
1044 |
+ sigframe32 __user *frame = (sigframe32 __user *)regs->gprs[15]; |
1045 |
++ compat_sigset_t cset; |
1046 |
+ sigset_t set; |
1047 |
+ |
1048 |
+- if (__copy_from_user(&set.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE32)) |
1049 |
++ if (__copy_from_user(&cset.sig, &frame->sc.oldmask, _SIGMASK_COPY_SIZE32)) |
1050 |
+ goto badframe; |
1051 |
++ sigset32_to_sigset(cset.sig, set.sig); |
1052 |
+ set_current_blocked(&set); |
1053 |
+ if (restore_sigregs32(regs, &frame->sregs)) |
1054 |
+ goto badframe; |
1055 |
+@@ -323,10 +338,12 @@ COMPAT_SYSCALL_DEFINE0(rt_sigreturn) |
1056 |
+ { |
1057 |
+ struct pt_regs *regs = task_pt_regs(current); |
1058 |
+ rt_sigframe32 __user *frame = (rt_sigframe32 __user *)regs->gprs[15]; |
1059 |
++ compat_sigset_t cset; |
1060 |
+ sigset_t set; |
1061 |
+ |
1062 |
+- if (__copy_from_user(&set, &frame->uc.uc_sigmask, sizeof(set))) |
1063 |
++ if (__copy_from_user(&cset, &frame->uc.uc_sigmask, sizeof(cset))) |
1064 |
+ goto badframe; |
1065 |
++ sigset32_to_sigset(cset.sig, set.sig); |
1066 |
+ set_current_blocked(&set); |
1067 |
+ if (compat_restore_altstack(&frame->uc.uc_stack)) |
1068 |
+ goto badframe; |
1069 |
+@@ -407,7 +424,7 @@ static int setup_frame32(struct ksignal *ksig, sigset_t *set, |
1070 |
+ return -EFAULT; |
1071 |
+ |
1072 |
+ /* Create struct sigcontext32 on the signal stack */ |
1073 |
+- memcpy(&sc.oldmask, &set->sig, _SIGMASK_COPY_SIZE32); |
1074 |
++ sigset_to_sigset32(set->sig, sc.oldmask); |
1075 |
+ sc.sregs = (__u32)(unsigned long __force) &frame->sregs; |
1076 |
+ if (__copy_to_user(&frame->sc, &sc, sizeof(frame->sc))) |
1077 |
+ return -EFAULT; |
1078 |
+@@ -468,6 +485,7 @@ static int setup_frame32(struct ksignal *ksig, sigset_t *set, |
1079 |
+ static int setup_rt_frame32(struct ksignal *ksig, sigset_t *set, |
1080 |
+ struct pt_regs *regs) |
1081 |
+ { |
1082 |
++ compat_sigset_t cset; |
1083 |
+ rt_sigframe32 __user *frame; |
1084 |
+ unsigned long restorer; |
1085 |
+ size_t frame_size; |
1086 |
+@@ -515,11 +533,12 @@ static int setup_rt_frame32(struct ksignal *ksig, sigset_t *set, |
1087 |
+ store_sigregs(); |
1088 |
+ |
1089 |
+ /* Create ucontext on the signal stack. */ |
1090 |
++ sigset_to_sigset32(set->sig, cset.sig); |
1091 |
+ if (__put_user(uc_flags, &frame->uc.uc_flags) || |
1092 |
+ __put_user(0, &frame->uc.uc_link) || |
1093 |
+ __compat_save_altstack(&frame->uc.uc_stack, regs->gprs[15]) || |
1094 |
+ save_sigregs32(regs, &frame->uc.uc_mcontext) || |
1095 |
+- __copy_to_user(&frame->uc.uc_sigmask, set, sizeof(*set)) || |
1096 |
++ __copy_to_user(&frame->uc.uc_sigmask, &cset, sizeof(cset)) || |
1097 |
+ save_sigregs_ext32(regs, &frame->uc.uc_mcontext_ext)) |
1098 |
+ return -EFAULT; |
1099 |
+ |
1100 |
+diff --git a/arch/x86/crypto/ghash-clmulni-intel_glue.c b/arch/x86/crypto/ghash-clmulni-intel_glue.c |
1101 |
+index 8253d85aa165..de1d72e3ec59 100644 |
1102 |
+--- a/arch/x86/crypto/ghash-clmulni-intel_glue.c |
1103 |
++++ b/arch/x86/crypto/ghash-clmulni-intel_glue.c |
1104 |
+@@ -291,6 +291,7 @@ static struct ahash_alg ghash_async_alg = { |
1105 |
+ .cra_name = "ghash", |
1106 |
+ .cra_driver_name = "ghash-clmulni", |
1107 |
+ .cra_priority = 400, |
1108 |
++ .cra_ctxsize = sizeof(struct ghash_async_ctx), |
1109 |
+ .cra_flags = CRYPTO_ALG_TYPE_AHASH | CRYPTO_ALG_ASYNC, |
1110 |
+ .cra_blocksize = GHASH_BLOCK_SIZE, |
1111 |
+ .cra_type = &crypto_ahash_type, |
1112 |
+diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h |
1113 |
+index ddd8d13a010f..26d5e05a7def 100644 |
1114 |
+--- a/arch/x86/include/asm/processor.h |
1115 |
++++ b/arch/x86/include/asm/processor.h |
1116 |
+@@ -852,7 +852,8 @@ extern unsigned long thread_saved_pc(struct task_struct *tsk); |
1117 |
+ #define task_pt_regs(task) \ |
1118 |
+ ({ \ |
1119 |
+ struct pt_regs *__regs__; \ |
1120 |
+- __regs__ = (struct pt_regs *)(KSTK_TOP(task_stack_page(task))-8); \ |
1121 |
++ __regs__ = (struct pt_regs *)(KSTK_TOP(task_stack_page(task)) - \ |
1122 |
++ TOP_OF_KERNEL_STACK_PADDING); \ |
1123 |
+ __regs__ - 1; \ |
1124 |
+ }) |
1125 |
+ |
1126 |
+diff --git a/arch/x86/include/asm/thread_info.h b/arch/x86/include/asm/thread_info.h |
1127 |
+index 547e344a6dc6..c4d96943e666 100644 |
1128 |
+--- a/arch/x86/include/asm/thread_info.h |
1129 |
++++ b/arch/x86/include/asm/thread_info.h |
1130 |
+@@ -13,6 +13,33 @@ |
1131 |
+ #include <asm/types.h> |
1132 |
+ |
1133 |
+ /* |
1134 |
++ * TOP_OF_KERNEL_STACK_PADDING is a number of unused bytes that we |
1135 |
++ * reserve at the top of the kernel stack. We do it because of a nasty |
1136 |
++ * 32-bit corner case. On x86_32, the hardware stack frame is |
1137 |
++ * variable-length. Except for vm86 mode, struct pt_regs assumes a |
1138 |
++ * maximum-length frame. If we enter from CPL 0, the top 8 bytes of |
1139 |
++ * pt_regs don't actually exist. Ordinarily this doesn't matter, but it |
1140 |
++ * does in at least one case: |
1141 |
++ * |
1142 |
++ * If we take an NMI early enough in SYSENTER, then we can end up with |
1143 |
++ * pt_regs that extends above sp0. On the way out, in the espfix code, |
1144 |
++ * we can read the saved SS value, but that value will be above sp0. |
1145 |
++ * Without this offset, that can result in a page fault. (We are |
1146 |
++ * careful that, in this case, the value we read doesn't matter.) |
1147 |
++ * |
1148 |
++ * In vm86 mode, the hardware frame is much longer still, but we neither |
1149 |
++ * access the extra members from NMI context, nor do we write such a |
1150 |
++ * frame at sp0 at all. |
1151 |
++ * |
1152 |
++ * x86_64 has a fixed-length stack frame. |
1153 |
++ */ |
1154 |
++#ifdef CONFIG_X86_32 |
1155 |
++# define TOP_OF_KERNEL_STACK_PADDING 8 |
1156 |
++#else |
1157 |
++# define TOP_OF_KERNEL_STACK_PADDING 0 |
1158 |
++#endif |
1159 |
++ |
1160 |
++/* |
1161 |
+ * low level task data that entry.S needs immediate access to |
1162 |
+ * - this struct should fit entirely inside of one cache line |
1163 |
+ * - this struct shares the supervisor stack pages |
1164 |
+diff --git a/arch/x86/kernel/apic/apic.c b/arch/x86/kernel/apic/apic.c |
1165 |
+index ba6cc041edb1..f7eef03fd4b3 100644 |
1166 |
+--- a/arch/x86/kernel/apic/apic.c |
1167 |
++++ b/arch/x86/kernel/apic/apic.c |
1168 |
+@@ -366,6 +366,13 @@ static void __setup_APIC_LVTT(unsigned int clocks, int oneshot, int irqen) |
1169 |
+ apic_write(APIC_LVTT, lvtt_value); |
1170 |
+ |
1171 |
+ if (lvtt_value & APIC_LVT_TIMER_TSCDEADLINE) { |
1172 |
++ /* |
1173 |
++ * See Intel SDM: TSC-Deadline Mode chapter. In xAPIC mode, |
1174 |
++ * writing to the APIC LVTT and TSC_DEADLINE MSR isn't serialized. |
1175 |
++ * According to Intel, MFENCE can do the serialization here. |
1176 |
++ */ |
1177 |
++ asm volatile("mfence" : : : "memory"); |
1178 |
++ |
1179 |
+ printk_once(KERN_DEBUG "TSC deadline timer enabled\n"); |
1180 |
+ return; |
1181 |
+ } |
1182 |
+diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c |
1183 |
+index e757fcbe90db..88635b301694 100644 |
1184 |
+--- a/arch/x86/kernel/cpu/common.c |
1185 |
++++ b/arch/x86/kernel/cpu/common.c |
1186 |
+@@ -1405,6 +1405,12 @@ void cpu_init(void) |
1187 |
+ |
1188 |
+ wait_for_master_cpu(cpu); |
1189 |
+ |
1190 |
++ /* |
1191 |
++ * Initialize the CR4 shadow before doing anything that could |
1192 |
++ * try to read it. |
1193 |
++ */ |
1194 |
++ cr4_init_shadow(); |
1195 |
++ |
1196 |
+ show_ucode_info_early(); |
1197 |
+ |
1198 |
+ printk(KERN_INFO "Initializing CPU#%d\n", cpu); |
1199 |
+diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c |
1200 |
+index f5ab56d14287..3af40315a127 100644 |
1201 |
+--- a/arch/x86/kernel/crash.c |
1202 |
++++ b/arch/x86/kernel/crash.c |
1203 |
+@@ -183,10 +183,9 @@ void native_machine_crash_shutdown(struct pt_regs *regs) |
1204 |
+ } |
1205 |
+ |
1206 |
+ #ifdef CONFIG_KEXEC_FILE |
1207 |
+-static int get_nr_ram_ranges_callback(unsigned long start_pfn, |
1208 |
+- unsigned long nr_pfn, void *arg) |
1209 |
++static int get_nr_ram_ranges_callback(u64 start, u64 end, void *arg) |
1210 |
+ { |
1211 |
+- int *nr_ranges = arg; |
1212 |
++ unsigned int *nr_ranges = arg; |
1213 |
+ |
1214 |
+ (*nr_ranges)++; |
1215 |
+ return 0; |
1216 |
+@@ -212,7 +211,7 @@ static void fill_up_crash_elf_data(struct crash_elf_data *ced, |
1217 |
+ |
1218 |
+ ced->image = image; |
1219 |
+ |
1220 |
+- walk_system_ram_range(0, -1, &nr_ranges, |
1221 |
++ walk_system_ram_res(0, -1, &nr_ranges, |
1222 |
+ get_nr_ram_ranges_callback); |
1223 |
+ |
1224 |
+ ced->max_nr_ranges = nr_ranges; |
1225 |
+diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S |
1226 |
+index 3dddb89ba320..fe611c4ae3ff 100644 |
1227 |
+--- a/arch/x86/kernel/entry_32.S |
1228 |
++++ b/arch/x86/kernel/entry_32.S |
1229 |
+@@ -398,7 +398,7 @@ sysenter_past_esp: |
1230 |
+ * A tiny bit of offset fixup is necessary - 4*4 means the 4 words |
1231 |
+ * pushed above; +8 corresponds to copy_thread's esp0 setting. |
1232 |
+ */ |
1233 |
+- pushl_cfi ((TI_sysenter_return)-THREAD_SIZE+8+4*4)(%esp) |
1234 |
++ pushl_cfi ((TI_sysenter_return)-THREAD_SIZE+TOP_OF_KERNEL_STACK_PADDING+4*4)(%esp) |
1235 |
+ CFI_REL_OFFSET eip, 0 |
1236 |
+ |
1237 |
+ pushl_cfi %eax |
1238 |
+diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S |
1239 |
+index fad5cd9d7c4b..a3255ca219ea 100644 |
1240 |
+--- a/arch/x86/kernel/entry_64.S |
1241 |
++++ b/arch/x86/kernel/entry_64.S |
1242 |
+@@ -1428,7 +1428,18 @@ END(error_exit) |
1243 |
+ /* runs on exception stack */ |
1244 |
+ ENTRY(nmi) |
1245 |
+ INTR_FRAME |
1246 |
++ /* |
1247 |
++ * Fix up the exception frame if we're on Xen. |
1248 |
++ * PARAVIRT_ADJUST_EXCEPTION_FRAME is guaranteed to push at most |
1249 |
++ * one value to the stack on native, so it may clobber the rdx |
1250 |
++ * scratch slot, but it won't clobber any of the important |
1251 |
++ * slots past it. |
1252 |
++ * |
1253 |
++ * Xen is a different story, because the Xen frame itself overlaps |
1254 |
++ * the "NMI executing" variable. |
1255 |
++ */ |
1256 |
+ PARAVIRT_ADJUST_EXCEPTION_FRAME |
1257 |
++ |
1258 |
+ /* |
1259 |
+ * We allow breakpoints in NMIs. If a breakpoint occurs, then |
1260 |
+ * the iretq it performs will take us out of NMI context. |
1261 |
+@@ -1446,11 +1457,12 @@ ENTRY(nmi) |
1262 |
+ * If the variable is not set and the stack is not the NMI |
1263 |
+ * stack then: |
1264 |
+ * o Set the special variable on the stack |
1265 |
+- * o Copy the interrupt frame into a "saved" location on the stack |
1266 |
+- * o Copy the interrupt frame into a "copy" location on the stack |
1267 |
++ * o Copy the interrupt frame into an "outermost" location on the |
1268 |
++ * stack |
1269 |
++ * o Copy the interrupt frame into an "iret" location on the stack |
1270 |
+ * o Continue processing the NMI |
1271 |
+ * If the variable is set or the previous stack is the NMI stack: |
1272 |
+- * o Modify the "copy" location to jump to the repeate_nmi |
1273 |
++ * o Modify the "iret" location to jump to the repeat_nmi |
1274 |
+ * o return back to the first NMI |
1275 |
+ * |
1276 |
+ * Now on exit of the first NMI, we first clear the stack variable |
1277 |
+@@ -1479,9 +1491,11 @@ ENTRY(nmi) |
1278 |
+ * we don't want to enable interrupts, because then we'll end |
1279 |
+ * up in an awkward situation in which IRQs are on but NMIs |
1280 |
+ * are off. |
1281 |
++ * |
1282 |
++ * We also must not push anything to the stack before switching |
1283 |
++ * stacks lest we corrupt the "NMI executing" variable. |
1284 |
+ */ |
1285 |
+- |
1286 |
+- SWAPGS |
1287 |
++ SWAPGS_UNSAFE_STACK |
1288 |
+ cld |
1289 |
+ movq %rsp, %rdx |
1290 |
+ movq PER_CPU_VAR(kernel_stack), %rsp |
1291 |
+@@ -1530,38 +1544,101 @@ ENTRY(nmi) |
1292 |
+ |
1293 |
+ .Lnmi_from_kernel: |
1294 |
+ /* |
1295 |
+- * Check the special variable on the stack to see if NMIs are |
1296 |
+- * executing. |
1297 |
++ * Here's what our stack frame will look like: |
1298 |
++ * +---------------------------------------------------------+ |
1299 |
++ * | original SS | |
1300 |
++ * | original Return RSP | |
1301 |
++ * | original RFLAGS | |
1302 |
++ * | original CS | |
1303 |
++ * | original RIP | |
1304 |
++ * +---------------------------------------------------------+ |
1305 |
++ * | temp storage for rdx | |
1306 |
++ * +---------------------------------------------------------+ |
1307 |
++ * | "NMI executing" variable | |
1308 |
++ * +---------------------------------------------------------+ |
1309 |
++ * | iret SS } Copied from "outermost" frame | |
1310 |
++ * | iret Return RSP } on each loop iteration; overwritten | |
1311 |
++ * | iret RFLAGS } by a nested NMI to force another | |
1312 |
++ * | iret CS } iteration if needed. | |
1313 |
++ * | iret RIP } | |
1314 |
++ * +---------------------------------------------------------+ |
1315 |
++ * | outermost SS } initialized in first_nmi; | |
1316 |
++ * | outermost Return RSP } will not be changed before | |
1317 |
++ * | outermost RFLAGS } NMI processing is done. | |
1318 |
++ * | outermost CS } Copied to "iret" frame on each | |
1319 |
++ * | outermost RIP } iteration. | |
1320 |
++ * +---------------------------------------------------------+ |
1321 |
++ * | pt_regs | |
1322 |
++ * +---------------------------------------------------------+ |
1323 |
++ * |
1324 |
++ * The "original" frame is used by hardware. Before re-enabling |
1325 |
++ * NMIs, we need to be done with it, and we need to leave enough |
1326 |
++ * space for the asm code here. |
1327 |
++ * |
1328 |
++ * We return by executing IRET while RSP points to the "iret" frame. |
1329 |
++ * That will either return for real or it will loop back into NMI |
1330 |
++ * processing. |
1331 |
++ * |
1332 |
++ * The "outermost" frame is copied to the "iret" frame on each |
1333 |
++ * iteration of the loop, so each iteration starts with the "iret" |
1334 |
++ * frame pointing to the final return target. |
1335 |
++ */ |
1336 |
++ |
1337 |
++ /* |
1338 |
++ * Determine whether we're a nested NMI. |
1339 |
++ * |
1340 |
++ * If we interrupted kernel code between repeat_nmi and |
1341 |
++ * end_repeat_nmi, then we are a nested NMI. We must not |
1342 |
++ * modify the "iret" frame because it's being written by |
1343 |
++ * the outer NMI. That's okay; the outer NMI handler is |
1344 |
++ * about to about to call do_nmi anyway, so we can just |
1345 |
++ * resume the outer NMI. |
1346 |
++ */ |
1347 |
++ movq $repeat_nmi, %rdx |
1348 |
++ cmpq 8(%rsp), %rdx |
1349 |
++ ja 1f |
1350 |
++ movq $end_repeat_nmi, %rdx |
1351 |
++ cmpq 8(%rsp), %rdx |
1352 |
++ ja nested_nmi_out |
1353 |
++1: |
1354 |
++ |
1355 |
++ /* |
1356 |
++ * Now check "NMI executing". If it's set, then we're nested. |
1357 |
++ * This will not detect if we interrupted an outer NMI just |
1358 |
++ * before IRET. |
1359 |
+ */ |
1360 |
+ cmpl $1, -8(%rsp) |
1361 |
+ je nested_nmi |
1362 |
+ |
1363 |
+ /* |
1364 |
+- * Now test if the previous stack was an NMI stack. |
1365 |
+- * We need the double check. We check the NMI stack to satisfy the |
1366 |
+- * race when the first NMI clears the variable before returning. |
1367 |
+- * We check the variable because the first NMI could be in a |
1368 |
+- * breakpoint routine using a breakpoint stack. |
1369 |
++ * Now test if the previous stack was an NMI stack. This covers |
1370 |
++ * the case where we interrupt an outer NMI after it clears |
1371 |
++ * "NMI executing" but before IRET. We need to be careful, though: |
1372 |
++ * there is one case in which RSP could point to the NMI stack |
1373 |
++ * despite there being no NMI active: naughty userspace controls |
1374 |
++ * RSP at the very beginning of the SYSCALL targets. We can |
1375 |
++ * pull a fast one on naughty userspace, though: we program |
1376 |
++ * SYSCALL to mask DF, so userspace cannot cause DF to be set |
1377 |
++ * if it controls the kernel's RSP. We set DF before we clear |
1378 |
++ * "NMI executing". |
1379 |
+ */ |
1380 |
+ lea 6*8(%rsp), %rdx |
1381 |
+ test_in_nmi rdx, 4*8(%rsp), nested_nmi, first_nmi |
1382 |
++ |
1383 |
++ /* Ah, it is within the NMI stack. */ |
1384 |
++ |
1385 |
++ testb $(X86_EFLAGS_DF >> 8), (3*8 + 1)(%rsp) |
1386 |
++ jz first_nmi /* RSP was user controlled. */ |
1387 |
++ |
1388 |
++ /* This is a nested NMI. */ |
1389 |
++ |
1390 |
+ CFI_REMEMBER_STATE |
1391 |
+ |
1392 |
+ nested_nmi: |
1393 |
+ /* |
1394 |
+- * Do nothing if we interrupted the fixup in repeat_nmi. |
1395 |
+- * It's about to repeat the NMI handler, so we are fine |
1396 |
+- * with ignoring this one. |
1397 |
++ * Modify the "iret" frame to point to repeat_nmi, forcing another |
1398 |
++ * iteration of NMI handling. |
1399 |
+ */ |
1400 |
+- movq $repeat_nmi, %rdx |
1401 |
+- cmpq 8(%rsp), %rdx |
1402 |
+- ja 1f |
1403 |
+- movq $end_repeat_nmi, %rdx |
1404 |
+- cmpq 8(%rsp), %rdx |
1405 |
+- ja nested_nmi_out |
1406 |
+- |
1407 |
+-1: |
1408 |
+- /* Set up the interrupted NMIs stack to jump to repeat_nmi */ |
1409 |
+ leaq -1*8(%rsp), %rdx |
1410 |
+ movq %rdx, %rsp |
1411 |
+ CFI_ADJUST_CFA_OFFSET 1*8 |
1412 |
+@@ -1580,60 +1657,23 @@ nested_nmi_out: |
1413 |
+ popq_cfi %rdx |
1414 |
+ CFI_RESTORE rdx |
1415 |
+ |
1416 |
+- /* No need to check faults here */ |
1417 |
++ /* We are returning to kernel mode, so this cannot result in a fault. */ |
1418 |
+ INTERRUPT_RETURN |
1419 |
+ |
1420 |
+ CFI_RESTORE_STATE |
1421 |
+ first_nmi: |
1422 |
+- /* |
1423 |
+- * Because nested NMIs will use the pushed location that we |
1424 |
+- * stored in rdx, we must keep that space available. |
1425 |
+- * Here's what our stack frame will look like: |
1426 |
+- * +-------------------------+ |
1427 |
+- * | original SS | |
1428 |
+- * | original Return RSP | |
1429 |
+- * | original RFLAGS | |
1430 |
+- * | original CS | |
1431 |
+- * | original RIP | |
1432 |
+- * +-------------------------+ |
1433 |
+- * | temp storage for rdx | |
1434 |
+- * +-------------------------+ |
1435 |
+- * | NMI executing variable | |
1436 |
+- * +-------------------------+ |
1437 |
+- * | copied SS | |
1438 |
+- * | copied Return RSP | |
1439 |
+- * | copied RFLAGS | |
1440 |
+- * | copied CS | |
1441 |
+- * | copied RIP | |
1442 |
+- * +-------------------------+ |
1443 |
+- * | Saved SS | |
1444 |
+- * | Saved Return RSP | |
1445 |
+- * | Saved RFLAGS | |
1446 |
+- * | Saved CS | |
1447 |
+- * | Saved RIP | |
1448 |
+- * +-------------------------+ |
1449 |
+- * | pt_regs | |
1450 |
+- * +-------------------------+ |
1451 |
+- * |
1452 |
+- * The saved stack frame is used to fix up the copied stack frame |
1453 |
+- * that a nested NMI may change to make the interrupted NMI iret jump |
1454 |
+- * to the repeat_nmi. The original stack frame and the temp storage |
1455 |
+- * is also used by nested NMIs and can not be trusted on exit. |
1456 |
+- */ |
1457 |
+- /* Do not pop rdx, nested NMIs will corrupt that part of the stack */ |
1458 |
++ /* Restore rdx. */ |
1459 |
+ movq (%rsp), %rdx |
1460 |
+ CFI_RESTORE rdx |
1461 |
+ |
1462 |
+- /* Set the NMI executing variable on the stack. */ |
1463 |
++ /* Set "NMI executing" on the stack. */ |
1464 |
+ pushq_cfi $1 |
1465 |
+ |
1466 |
+- /* |
1467 |
+- * Leave room for the "copied" frame |
1468 |
+- */ |
1469 |
++ /* Leave room for the "iret" frame */ |
1470 |
+ subq $(5*8), %rsp |
1471 |
+ CFI_ADJUST_CFA_OFFSET 5*8 |
1472 |
+ |
1473 |
+- /* Copy the stack frame to the Saved frame */ |
1474 |
++ /* Copy the "original" frame to the "outermost" frame */ |
1475 |
+ .rept 5 |
1476 |
+ pushq_cfi 11*8(%rsp) |
1477 |
+ .endr |
1478 |
+@@ -1641,6 +1681,7 @@ first_nmi: |
1479 |
+ |
1480 |
+ /* Everything up to here is safe from nested NMIs */ |
1481 |
+ |
1482 |
++repeat_nmi: |
1483 |
+ /* |
1484 |
+ * If there was a nested NMI, the first NMI's iret will return |
1485 |
+ * here. But NMIs are still enabled and we can take another |
1486 |
+@@ -1649,16 +1690,21 @@ first_nmi: |
1487 |
+ * it will just return, as we are about to repeat an NMI anyway. |
1488 |
+ * This makes it safe to copy to the stack frame that a nested |
1489 |
+ * NMI will update. |
1490 |
+- */ |
1491 |
+-repeat_nmi: |
1492 |
+- /* |
1493 |
+- * Update the stack variable to say we are still in NMI (the update |
1494 |
+- * is benign for the non-repeat case, where 1 was pushed just above |
1495 |
+- * to this very stack slot). |
1496 |
++ * |
1497 |
++ * RSP is pointing to "outermost RIP". gsbase is unknown, but, if |
1498 |
++ * we're repeating an NMI, gsbase has the same value that it had on |
1499 |
++ * the first iteration. paranoid_entry will load the kernel |
1500 |
++ * gsbase if needed before we call do_nmi. |
1501 |
++ * |
1502 |
++ * Set "NMI executing" in case we came back here via IRET. |
1503 |
+ */ |
1504 |
+ movq $1, 10*8(%rsp) |
1505 |
+ |
1506 |
+- /* Make another copy, this one may be modified by nested NMIs */ |
1507 |
++ /* |
1508 |
++ * Copy the "outermost" frame to the "iret" frame. NMIs that nest |
1509 |
++ * here must not modify the "iret" frame while we're writing to |
1510 |
++ * it or it will end up containing garbage. |
1511 |
++ */ |
1512 |
+ addq $(10*8), %rsp |
1513 |
+ CFI_ADJUST_CFA_OFFSET -10*8 |
1514 |
+ .rept 5 |
1515 |
+@@ -1669,9 +1715,9 @@ repeat_nmi: |
1516 |
+ end_repeat_nmi: |
1517 |
+ |
1518 |
+ /* |
1519 |
+- * Everything below this point can be preempted by a nested |
1520 |
+- * NMI if the first NMI took an exception and reset our iret stack |
1521 |
+- * so that we repeat another NMI. |
1522 |
++ * Everything below this point can be preempted by a nested NMI. |
1523 |
++ * If this happens, then the inner NMI will change the "iret" |
1524 |
++ * frame to point back to repeat_nmi. |
1525 |
+ */ |
1526 |
+ pushq_cfi $-1 /* ORIG_RAX: no syscall to restart */ |
1527 |
+ subq $ORIG_RAX-R15, %rsp |
1528 |
+@@ -1699,9 +1745,23 @@ nmi_restore: |
1529 |
+ /* Pop the extra iret frame at once */ |
1530 |
+ RESTORE_ALL 6*8 |
1531 |
+ |
1532 |
+- /* Clear the NMI executing stack variable */ |
1533 |
+- movq $0, 5*8(%rsp) |
1534 |
+- jmp irq_return |
1535 |
++ /* |
1536 |
++ * Clear "NMI executing". Set DF first so that we can easily |
1537 |
++ * distinguish the remaining code between here and IRET from |
1538 |
++ * the SYSCALL entry and exit paths. On a native kernel, we |
1539 |
++ * could just inspect RIP, but, on paravirt kernels, |
1540 |
++ * INTERRUPT_RETURN can translate into a jump into a |
1541 |
++ * hypercall page. |
1542 |
++ */ |
1543 |
++ std |
1544 |
++ movq $0, 5*8(%rsp) /* clear "NMI executing" */ |
1545 |
++ |
1546 |
++ /* |
1547 |
++ * INTERRUPT_RETURN reads the "iret" frame and exits the NMI |
1548 |
++ * stack in a single instruction. We are returning to kernel |
1549 |
++ * mode, so this cannot result in a fault. |
1550 |
++ */ |
1551 |
++ INTERRUPT_RETURN |
1552 |
+ CFI_ENDPROC |
1553 |
+ END(nmi) |
1554 |
+ |
1555 |
+diff --git a/arch/x86/kernel/nmi.c b/arch/x86/kernel/nmi.c |
1556 |
+index 5c5ec7d28d9b..a701b49e8c87 100644 |
1557 |
+--- a/arch/x86/kernel/nmi.c |
1558 |
++++ b/arch/x86/kernel/nmi.c |
1559 |
+@@ -408,8 +408,8 @@ static void default_do_nmi(struct pt_regs *regs) |
1560 |
+ NOKPROBE_SYMBOL(default_do_nmi); |
1561 |
+ |
1562 |
+ /* |
1563 |
+- * NMIs can hit breakpoints which will cause it to lose its NMI context |
1564 |
+- * with the CPU when the breakpoint or page fault does an IRET. |
1565 |
++ * NMIs can page fault or hit breakpoints which will cause it to lose |
1566 |
++ * its NMI context with the CPU when the breakpoint or page fault does an IRET. |
1567 |
+ * |
1568 |
+ * As a result, NMIs can nest if NMIs get unmasked due an IRET during |
1569 |
+ * NMI processing. On x86_64, the asm glue protects us from nested NMIs |
1570 |
+diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c |
1571 |
+index 548d25f00c90..8d12f0546dfc 100644 |
1572 |
+--- a/arch/x86/kernel/paravirt.c |
1573 |
++++ b/arch/x86/kernel/paravirt.c |
1574 |
+@@ -41,10 +41,18 @@ |
1575 |
+ #include <asm/timer.h> |
1576 |
+ #include <asm/special_insns.h> |
1577 |
+ |
1578 |
+-/* nop stub */ |
1579 |
+-void _paravirt_nop(void) |
1580 |
+-{ |
1581 |
+-} |
1582 |
++/* |
1583 |
++ * nop stub, which must not clobber anything *including the stack* to |
1584 |
++ * avoid confusing the entry prologues. |
1585 |
++ */ |
1586 |
++extern void _paravirt_nop(void); |
1587 |
++asm (".pushsection .entry.text, \"ax\"\n" |
1588 |
++ ".global _paravirt_nop\n" |
1589 |
++ "_paravirt_nop:\n\t" |
1590 |
++ "ret\n\t" |
1591 |
++ ".size _paravirt_nop, . - _paravirt_nop\n\t" |
1592 |
++ ".type _paravirt_nop, @function\n\t" |
1593 |
++ ".popsection"); |
1594 |
+ |
1595 |
+ /* identity function, which can be inlined */ |
1596 |
+ u32 _paravirt_ident_32(u32 x) |
1597 |
+diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c |
1598 |
+index 63a4b5092203..54cfd5ebd96c 100644 |
1599 |
+--- a/arch/x86/kernel/process_64.c |
1600 |
++++ b/arch/x86/kernel/process_64.c |
1601 |
+@@ -476,27 +476,59 @@ void set_personality_ia32(bool x32) |
1602 |
+ } |
1603 |
+ EXPORT_SYMBOL_GPL(set_personality_ia32); |
1604 |
+ |
1605 |
++/* |
1606 |
++ * Called from fs/proc with a reference on @p to find the function |
1607 |
++ * which called into schedule(). This needs to be done carefully |
1608 |
++ * because the task might wake up and we might look at a stack |
1609 |
++ * changing under us. |
1610 |
++ */ |
1611 |
+ unsigned long get_wchan(struct task_struct *p) |
1612 |
+ { |
1613 |
+- unsigned long stack; |
1614 |
+- u64 fp, ip; |
1615 |
++ unsigned long start, bottom, top, sp, fp, ip; |
1616 |
+ int count = 0; |
1617 |
+ |
1618 |
+ if (!p || p == current || p->state == TASK_RUNNING) |
1619 |
+ return 0; |
1620 |
+- stack = (unsigned long)task_stack_page(p); |
1621 |
+- if (p->thread.sp < stack || p->thread.sp >= stack+THREAD_SIZE) |
1622 |
++ |
1623 |
++ start = (unsigned long)task_stack_page(p); |
1624 |
++ if (!start) |
1625 |
++ return 0; |
1626 |
++ |
1627 |
++ /* |
1628 |
++ * Layout of the stack page: |
1629 |
++ * |
1630 |
++ * ----------- topmax = start + THREAD_SIZE - sizeof(unsigned long) |
1631 |
++ * PADDING |
1632 |
++ * ----------- top = topmax - TOP_OF_KERNEL_STACK_PADDING |
1633 |
++ * stack |
1634 |
++ * ----------- bottom = start + sizeof(thread_info) |
1635 |
++ * thread_info |
1636 |
++ * ----------- start |
1637 |
++ * |
1638 |
++ * The tasks stack pointer points at the location where the |
1639 |
++ * framepointer is stored. The data on the stack is: |
1640 |
++ * ... IP FP ... IP FP |
1641 |
++ * |
1642 |
++ * We need to read FP and IP, so we need to adjust the upper |
1643 |
++ * bound by another unsigned long. |
1644 |
++ */ |
1645 |
++ top = start + THREAD_SIZE - TOP_OF_KERNEL_STACK_PADDING; |
1646 |
++ top -= 2 * sizeof(unsigned long); |
1647 |
++ bottom = start + sizeof(struct thread_info); |
1648 |
++ |
1649 |
++ sp = READ_ONCE(p->thread.sp); |
1650 |
++ if (sp < bottom || sp > top) |
1651 |
+ return 0; |
1652 |
+- fp = *(u64 *)(p->thread.sp); |
1653 |
++ |
1654 |
++ fp = READ_ONCE(*(unsigned long *)sp); |
1655 |
+ do { |
1656 |
+- if (fp < (unsigned long)stack || |
1657 |
+- fp >= (unsigned long)stack+THREAD_SIZE) |
1658 |
++ if (fp < bottom || fp > top) |
1659 |
+ return 0; |
1660 |
+- ip = *(u64 *)(fp+8); |
1661 |
++ ip = READ_ONCE(*(unsigned long *)(fp + sizeof(unsigned long))); |
1662 |
+ if (!in_sched_functions(ip)) |
1663 |
+ return ip; |
1664 |
+- fp = *(u64 *)fp; |
1665 |
+- } while (count++ < 16); |
1666 |
++ fp = READ_ONCE(*(unsigned long *)fp); |
1667 |
++ } while (count++ < 16 && p->state != TASK_RUNNING); |
1668 |
+ return 0; |
1669 |
+ } |
1670 |
+ |
1671 |
+diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c |
1672 |
+index 505449700e0c..21187ebee7d0 100644 |
1673 |
+--- a/arch/x86/kernel/tsc.c |
1674 |
++++ b/arch/x86/kernel/tsc.c |
1675 |
+@@ -21,6 +21,7 @@ |
1676 |
+ #include <asm/hypervisor.h> |
1677 |
+ #include <asm/nmi.h> |
1678 |
+ #include <asm/x86_init.h> |
1679 |
++#include <asm/geode.h> |
1680 |
+ |
1681 |
+ unsigned int __read_mostly cpu_khz; /* TSC clocks / usec, not used here */ |
1682 |
+ EXPORT_SYMBOL(cpu_khz); |
1683 |
+@@ -1004,15 +1005,17 @@ EXPORT_SYMBOL_GPL(mark_tsc_unstable); |
1684 |
+ |
1685 |
+ static void __init check_system_tsc_reliable(void) |
1686 |
+ { |
1687 |
+-#ifdef CONFIG_MGEODE_LX |
1688 |
+- /* RTSC counts during suspend */ |
1689 |
++#if defined(CONFIG_MGEODEGX1) || defined(CONFIG_MGEODE_LX) || defined(CONFIG_X86_GENERIC) |
1690 |
++ if (is_geode_lx()) { |
1691 |
++ /* RTSC counts during suspend */ |
1692 |
+ #define RTSC_SUSP 0x100 |
1693 |
+- unsigned long res_low, res_high; |
1694 |
++ unsigned long res_low, res_high; |
1695 |
+ |
1696 |
+- rdmsr_safe(MSR_GEODE_BUSCONT_CONF0, &res_low, &res_high); |
1697 |
+- /* Geode_LX - the OLPC CPU has a very reliable TSC */ |
1698 |
+- if (res_low & RTSC_SUSP) |
1699 |
+- tsc_clocksource_reliable = 1; |
1700 |
++ rdmsr_safe(MSR_GEODE_BUSCONT_CONF0, &res_low, &res_high); |
1701 |
++ /* Geode_LX - the OLPC CPU has a very reliable TSC */ |
1702 |
++ if (res_low & RTSC_SUSP) |
1703 |
++ tsc_clocksource_reliable = 1; |
1704 |
++ } |
1705 |
+ #endif |
1706 |
+ if (boot_cpu_has(X86_FEATURE_TSC_RELIABLE)) |
1707 |
+ tsc_clocksource_reliable = 1; |
1708 |
+diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c |
1709 |
+index f696dedb0fa7..23875c26fb34 100644 |
1710 |
+--- a/arch/x86/kvm/mmu.c |
1711 |
++++ b/arch/x86/kvm/mmu.c |
1712 |
+@@ -372,12 +372,6 @@ static u64 __get_spte_lockless(u64 *sptep) |
1713 |
+ { |
1714 |
+ return ACCESS_ONCE(*sptep); |
1715 |
+ } |
1716 |
+- |
1717 |
+-static bool __check_direct_spte_mmio_pf(u64 spte) |
1718 |
+-{ |
1719 |
+- /* It is valid if the spte is zapped. */ |
1720 |
+- return spte == 0ull; |
1721 |
+-} |
1722 |
+ #else |
1723 |
+ union split_spte { |
1724 |
+ struct { |
1725 |
+@@ -493,23 +487,6 @@ retry: |
1726 |
+ |
1727 |
+ return spte.spte; |
1728 |
+ } |
1729 |
+- |
1730 |
+-static bool __check_direct_spte_mmio_pf(u64 spte) |
1731 |
+-{ |
1732 |
+- union split_spte sspte = (union split_spte)spte; |
1733 |
+- u32 high_mmio_mask = shadow_mmio_mask >> 32; |
1734 |
+- |
1735 |
+- /* It is valid if the spte is zapped. */ |
1736 |
+- if (spte == 0ull) |
1737 |
+- return true; |
1738 |
+- |
1739 |
+- /* It is valid if the spte is being zapped. */ |
1740 |
+- if (sspte.spte_low == 0ull && |
1741 |
+- (sspte.spte_high & high_mmio_mask) == high_mmio_mask) |
1742 |
+- return true; |
1743 |
+- |
1744 |
+- return false; |
1745 |
+-} |
1746 |
+ #endif |
1747 |
+ |
1748 |
+ static bool spte_is_locklessly_modifiable(u64 spte) |
1749 |
+@@ -3230,21 +3207,6 @@ static bool quickly_check_mmio_pf(struct kvm_vcpu *vcpu, u64 addr, bool direct) |
1750 |
+ return vcpu_match_mmio_gva(vcpu, addr); |
1751 |
+ } |
1752 |
+ |
1753 |
+- |
1754 |
+-/* |
1755 |
+- * On direct hosts, the last spte is only allows two states |
1756 |
+- * for mmio page fault: |
1757 |
+- * - It is the mmio spte |
1758 |
+- * - It is zapped or it is being zapped. |
1759 |
+- * |
1760 |
+- * This function completely checks the spte when the last spte |
1761 |
+- * is not the mmio spte. |
1762 |
+- */ |
1763 |
+-static bool check_direct_spte_mmio_pf(u64 spte) |
1764 |
+-{ |
1765 |
+- return __check_direct_spte_mmio_pf(spte); |
1766 |
+-} |
1767 |
+- |
1768 |
+ static u64 walk_shadow_page_get_mmio_spte(struct kvm_vcpu *vcpu, u64 addr) |
1769 |
+ { |
1770 |
+ struct kvm_shadow_walk_iterator iterator; |
1771 |
+@@ -3287,13 +3249,6 @@ int handle_mmio_page_fault_common(struct kvm_vcpu *vcpu, u64 addr, bool direct) |
1772 |
+ } |
1773 |
+ |
1774 |
+ /* |
1775 |
+- * It's ok if the gva is remapped by other cpus on shadow guest, |
1776 |
+- * it's a BUG if the gfn is not a mmio page. |
1777 |
+- */ |
1778 |
+- if (direct && !check_direct_spte_mmio_pf(spte)) |
1779 |
+- return RET_MMIO_PF_BUG; |
1780 |
+- |
1781 |
+- /* |
1782 |
+ * If the page table is zapped by other cpus, let CPU fault again on |
1783 |
+ * the address. |
1784 |
+ */ |
1785 |
+diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c |
1786 |
+index b83bff87408f..f98baebfa9a7 100644 |
1787 |
+--- a/arch/x86/kvm/svm.c |
1788 |
++++ b/arch/x86/kvm/svm.c |
1789 |
+@@ -512,7 +512,7 @@ static void skip_emulated_instruction(struct kvm_vcpu *vcpu) |
1790 |
+ struct vcpu_svm *svm = to_svm(vcpu); |
1791 |
+ |
1792 |
+ if (svm->vmcb->control.next_rip != 0) { |
1793 |
+- WARN_ON(!static_cpu_has(X86_FEATURE_NRIPS)); |
1794 |
++ WARN_ON_ONCE(!static_cpu_has(X86_FEATURE_NRIPS)); |
1795 |
+ svm->next_rip = svm->vmcb->control.next_rip; |
1796 |
+ } |
1797 |
+ |
1798 |
+diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c |
1799 |
+index c8140e12816a..c23ab1ee3a9a 100644 |
1800 |
+--- a/arch/x86/mm/init_32.c |
1801 |
++++ b/arch/x86/mm/init_32.c |
1802 |
+@@ -137,6 +137,7 @@ page_table_range_init_count(unsigned long start, unsigned long end) |
1803 |
+ |
1804 |
+ vaddr = start; |
1805 |
+ pgd_idx = pgd_index(vaddr); |
1806 |
++ pmd_idx = pmd_index(vaddr); |
1807 |
+ |
1808 |
+ for ( ; (pgd_idx < PTRS_PER_PGD) && (vaddr != end); pgd_idx++) { |
1809 |
+ for (; (pmd_idx < PTRS_PER_PMD) && (vaddr != end); |
1810 |
+diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c |
1811 |
+index 4e5dfec750fc..fa77995b62a4 100644 |
1812 |
+--- a/arch/x86/mm/init_64.c |
1813 |
++++ b/arch/x86/mm/init_64.c |
1814 |
+@@ -1144,7 +1144,7 @@ void mark_rodata_ro(void) |
1815 |
+ * has been zapped already via cleanup_highmem(). |
1816 |
+ */ |
1817 |
+ all_end = roundup((unsigned long)_brk_end, PMD_SIZE); |
1818 |
+- set_memory_nx(rodata_start, (all_end - rodata_start) >> PAGE_SHIFT); |
1819 |
++ set_memory_nx(text_end, (all_end - text_end) >> PAGE_SHIFT); |
1820 |
+ |
1821 |
+ rodata_test(); |
1822 |
+ |
1823 |
+diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c |
1824 |
+index dbc8627a5cdf..6d6080f3fa35 100644 |
1825 |
+--- a/arch/x86/platform/efi/efi.c |
1826 |
++++ b/arch/x86/platform/efi/efi.c |
1827 |
+@@ -670,6 +670,70 @@ out: |
1828 |
+ } |
1829 |
+ |
1830 |
+ /* |
1831 |
++ * Iterate the EFI memory map in reverse order because the regions |
1832 |
++ * will be mapped top-down. The end result is the same as if we had |
1833 |
++ * mapped things forward, but doesn't require us to change the |
1834 |
++ * existing implementation of efi_map_region(). |
1835 |
++ */ |
1836 |
++static inline void *efi_map_next_entry_reverse(void *entry) |
1837 |
++{ |
1838 |
++ /* Initial call */ |
1839 |
++ if (!entry) |
1840 |
++ return memmap.map_end - memmap.desc_size; |
1841 |
++ |
1842 |
++ entry -= memmap.desc_size; |
1843 |
++ if (entry < memmap.map) |
1844 |
++ return NULL; |
1845 |
++ |
1846 |
++ return entry; |
1847 |
++} |
1848 |
++ |
1849 |
++/* |
1850 |
++ * efi_map_next_entry - Return the next EFI memory map descriptor |
1851 |
++ * @entry: Previous EFI memory map descriptor |
1852 |
++ * |
1853 |
++ * This is a helper function to iterate over the EFI memory map, which |
1854 |
++ * we do in different orders depending on the current configuration. |
1855 |
++ * |
1856 |
++ * To begin traversing the memory map @entry must be %NULL. |
1857 |
++ * |
1858 |
++ * Returns %NULL when we reach the end of the memory map. |
1859 |
++ */ |
1860 |
++static void *efi_map_next_entry(void *entry) |
1861 |
++{ |
1862 |
++ if (!efi_enabled(EFI_OLD_MEMMAP) && efi_enabled(EFI_64BIT)) { |
1863 |
++ /* |
1864 |
++ * Starting in UEFI v2.5 the EFI_PROPERTIES_TABLE |
1865 |
++ * config table feature requires us to map all entries |
1866 |
++ * in the same order as they appear in the EFI memory |
1867 |
++ * map. That is to say, entry N must have a lower |
1868 |
++ * virtual address than entry N+1. This is because the |
1869 |
++ * firmware toolchain leaves relative references in |
1870 |
++ * the code/data sections, which are split and become |
1871 |
++ * separate EFI memory regions. Mapping things |
1872 |
++ * out-of-order leads to the firmware accessing |
1873 |
++ * unmapped addresses. |
1874 |
++ * |
1875 |
++ * Since we need to map things this way whether or not |
1876 |
++ * the kernel actually makes use of |
1877 |
++ * EFI_PROPERTIES_TABLE, let's just switch to this |
1878 |
++ * scheme by default for 64-bit. |
1879 |
++ */ |
1880 |
++ return efi_map_next_entry_reverse(entry); |
1881 |
++ } |
1882 |
++ |
1883 |
++ /* Initial call */ |
1884 |
++ if (!entry) |
1885 |
++ return memmap.map; |
1886 |
++ |
1887 |
++ entry += memmap.desc_size; |
1888 |
++ if (entry >= memmap.map_end) |
1889 |
++ return NULL; |
1890 |
++ |
1891 |
++ return entry; |
1892 |
++} |
1893 |
++ |
1894 |
++/* |
1895 |
+ * Map the efi memory ranges of the runtime services and update new_mmap with |
1896 |
+ * virtual addresses. |
1897 |
+ */ |
1898 |
+@@ -679,7 +743,8 @@ static void * __init efi_map_regions(int *count, int *pg_shift) |
1899 |
+ unsigned long left = 0; |
1900 |
+ efi_memory_desc_t *md; |
1901 |
+ |
1902 |
+- for (p = memmap.map; p < memmap.map_end; p += memmap.desc_size) { |
1903 |
++ p = NULL; |
1904 |
++ while ((p = efi_map_next_entry(p))) { |
1905 |
+ md = p; |
1906 |
+ if (!(md->attribute & EFI_MEMORY_RUNTIME)) { |
1907 |
+ #ifdef CONFIG_X86_64 |
1908 |
+diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c |
1909 |
+index d8d81d1aa1d5..7e365d231a93 100644 |
1910 |
+--- a/arch/x86/xen/enlighten.c |
1911 |
++++ b/arch/x86/xen/enlighten.c |
1912 |
+@@ -33,6 +33,10 @@ |
1913 |
+ #include <linux/memblock.h> |
1914 |
+ #include <linux/edd.h> |
1915 |
+ |
1916 |
++#ifdef CONFIG_KEXEC_CORE |
1917 |
++#include <linux/kexec.h> |
1918 |
++#endif |
1919 |
++ |
1920 |
+ #include <xen/xen.h> |
1921 |
+ #include <xen/events.h> |
1922 |
+ #include <xen/interface/xen.h> |
1923 |
+@@ -1859,6 +1863,21 @@ static struct notifier_block xen_hvm_cpu_notifier = { |
1924 |
+ .notifier_call = xen_hvm_cpu_notify, |
1925 |
+ }; |
1926 |
+ |
1927 |
++#ifdef CONFIG_KEXEC_CORE |
1928 |
++static void xen_hvm_shutdown(void) |
1929 |
++{ |
1930 |
++ native_machine_shutdown(); |
1931 |
++ if (kexec_in_progress) |
1932 |
++ xen_reboot(SHUTDOWN_soft_reset); |
1933 |
++} |
1934 |
++ |
1935 |
++static void xen_hvm_crash_shutdown(struct pt_regs *regs) |
1936 |
++{ |
1937 |
++ native_machine_crash_shutdown(regs); |
1938 |
++ xen_reboot(SHUTDOWN_soft_reset); |
1939 |
++} |
1940 |
++#endif |
1941 |
++ |
1942 |
+ static void __init xen_hvm_guest_init(void) |
1943 |
+ { |
1944 |
+ init_hvm_pv_info(); |
1945 |
+@@ -1875,6 +1894,10 @@ static void __init xen_hvm_guest_init(void) |
1946 |
+ x86_init.irqs.intr_init = xen_init_IRQ; |
1947 |
+ xen_hvm_init_time_ops(); |
1948 |
+ xen_hvm_init_mmu_ops(); |
1949 |
++#ifdef CONFIG_KEXEC_CORE |
1950 |
++ machine_ops.shutdown = xen_hvm_shutdown; |
1951 |
++ machine_ops.crash_shutdown = xen_hvm_crash_shutdown; |
1952 |
++#endif |
1953 |
+ } |
1954 |
+ |
1955 |
+ static bool xen_nopv = false; |
1956 |
+diff --git a/arch/xtensa/include/asm/traps.h b/arch/xtensa/include/asm/traps.h |
1957 |
+index 677bfcf4ee5d..28f33a8b7f5f 100644 |
1958 |
+--- a/arch/xtensa/include/asm/traps.h |
1959 |
++++ b/arch/xtensa/include/asm/traps.h |
1960 |
+@@ -25,30 +25,39 @@ static inline void spill_registers(void) |
1961 |
+ { |
1962 |
+ #if XCHAL_NUM_AREGS > 16 |
1963 |
+ __asm__ __volatile__ ( |
1964 |
+- " call12 1f\n" |
1965 |
++ " call8 1f\n" |
1966 |
+ " _j 2f\n" |
1967 |
+ " retw\n" |
1968 |
+ " .align 4\n" |
1969 |
+ "1:\n" |
1970 |
++#if XCHAL_NUM_AREGS == 32 |
1971 |
++ " _entry a1, 32\n" |
1972 |
++ " addi a8, a0, 3\n" |
1973 |
++ " _entry a1, 16\n" |
1974 |
++ " mov a12, a12\n" |
1975 |
++ " retw\n" |
1976 |
++#else |
1977 |
+ " _entry a1, 48\n" |
1978 |
+- " addi a12, a0, 3\n" |
1979 |
+-#if XCHAL_NUM_AREGS > 32 |
1980 |
+- " .rept (" __stringify(XCHAL_NUM_AREGS) " - 32) / 12\n" |
1981 |
++ " call12 1f\n" |
1982 |
++ " retw\n" |
1983 |
++ " .align 4\n" |
1984 |
++ "1:\n" |
1985 |
++ " .rept (" __stringify(XCHAL_NUM_AREGS) " - 16) / 12\n" |
1986 |
+ " _entry a1, 48\n" |
1987 |
+ " mov a12, a0\n" |
1988 |
+ " .endr\n" |
1989 |
+-#endif |
1990 |
+- " _entry a1, 48\n" |
1991 |
++ " _entry a1, 16\n" |
1992 |
+ #if XCHAL_NUM_AREGS % 12 == 0 |
1993 |
+- " mov a8, a8\n" |
1994 |
+-#elif XCHAL_NUM_AREGS % 12 == 4 |
1995 |
+ " mov a12, a12\n" |
1996 |
+-#elif XCHAL_NUM_AREGS % 12 == 8 |
1997 |
++#elif XCHAL_NUM_AREGS % 12 == 4 |
1998 |
+ " mov a4, a4\n" |
1999 |
++#elif XCHAL_NUM_AREGS % 12 == 8 |
2000 |
++ " mov a8, a8\n" |
2001 |
+ #endif |
2002 |
+ " retw\n" |
2003 |
++#endif |
2004 |
+ "2:\n" |
2005 |
+- : : : "a12", "a13", "memory"); |
2006 |
++ : : : "a8", "a9", "memory"); |
2007 |
+ #else |
2008 |
+ __asm__ __volatile__ ( |
2009 |
+ " mov a12, a12\n" |
2010 |
+diff --git a/arch/xtensa/kernel/entry.S b/arch/xtensa/kernel/entry.S |
2011 |
+index 82bbfa5a05b3..a2a902140c4e 100644 |
2012 |
+--- a/arch/xtensa/kernel/entry.S |
2013 |
++++ b/arch/xtensa/kernel/entry.S |
2014 |
+@@ -568,12 +568,13 @@ user_exception_exit: |
2015 |
+ * (if we have restored WSBITS-1 frames). |
2016 |
+ */ |
2017 |
+ |
2018 |
++2: |
2019 |
+ #if XCHAL_HAVE_THREADPTR |
2020 |
+ l32i a3, a1, PT_THREADPTR |
2021 |
+ wur a3, threadptr |
2022 |
+ #endif |
2023 |
+ |
2024 |
+-2: j common_exception_exit |
2025 |
++ j common_exception_exit |
2026 |
+ |
2027 |
+ /* This is the kernel exception exit. |
2028 |
+ * We avoided to do a MOVSP when we entered the exception, but we |
2029 |
+@@ -1820,7 +1821,7 @@ ENDPROC(system_call) |
2030 |
+ mov a12, a0 |
2031 |
+ .endr |
2032 |
+ #endif |
2033 |
+- _entry a1, 48 |
2034 |
++ _entry a1, 16 |
2035 |
+ #if XCHAL_NUM_AREGS % 12 == 0 |
2036 |
+ mov a8, a8 |
2037 |
+ #elif XCHAL_NUM_AREGS % 12 == 4 |
2038 |
+@@ -1844,7 +1845,7 @@ ENDPROC(system_call) |
2039 |
+ |
2040 |
+ ENTRY(_switch_to) |
2041 |
+ |
2042 |
+- entry a1, 16 |
2043 |
++ entry a1, 48 |
2044 |
+ |
2045 |
+ mov a11, a3 # and 'next' (a3) |
2046 |
+ |
2047 |
+diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c |
2048 |
+index 1630a20d5dcf..d477f83f29bf 100644 |
2049 |
+--- a/block/blk-mq-sysfs.c |
2050 |
++++ b/block/blk-mq-sysfs.c |
2051 |
+@@ -141,15 +141,26 @@ static ssize_t blk_mq_sysfs_completed_show(struct blk_mq_ctx *ctx, char *page) |
2052 |
+ |
2053 |
+ static ssize_t sysfs_list_show(char *page, struct list_head *list, char *msg) |
2054 |
+ { |
2055 |
+- char *start_page = page; |
2056 |
+ struct request *rq; |
2057 |
++ int len = snprintf(page, PAGE_SIZE - 1, "%s:\n", msg); |
2058 |
++ |
2059 |
++ list_for_each_entry(rq, list, queuelist) { |
2060 |
++ const int rq_len = 2 * sizeof(rq) + 2; |
2061 |
++ |
2062 |
++ /* if the output will be truncated */ |
2063 |
++ if (PAGE_SIZE - 1 < len + rq_len) { |
2064 |
++ /* backspacing if it can't hold '\t...\n' */ |
2065 |
++ if (PAGE_SIZE - 1 < len + 5) |
2066 |
++ len -= rq_len; |
2067 |
++ len += snprintf(page + len, PAGE_SIZE - 1 - len, |
2068 |
++ "\t...\n"); |
2069 |
++ break; |
2070 |
++ } |
2071 |
++ len += snprintf(page + len, PAGE_SIZE - 1 - len, |
2072 |
++ "\t%p\n", rq); |
2073 |
++ } |
2074 |
+ |
2075 |
+- page += sprintf(page, "%s:\n", msg); |
2076 |
+- |
2077 |
+- list_for_each_entry(rq, list, queuelist) |
2078 |
+- page += sprintf(page, "\t%p\n", rq); |
2079 |
+- |
2080 |
+- return page - start_page; |
2081 |
++ return len; |
2082 |
+ } |
2083 |
+ |
2084 |
+ static ssize_t blk_mq_sysfs_rq_list_show(struct blk_mq_ctx *ctx, char *page) |
2085 |
+diff --git a/drivers/auxdisplay/ks0108.c b/drivers/auxdisplay/ks0108.c |
2086 |
+index 5b93852392b8..0d752851a1ee 100644 |
2087 |
+--- a/drivers/auxdisplay/ks0108.c |
2088 |
++++ b/drivers/auxdisplay/ks0108.c |
2089 |
+@@ -139,6 +139,7 @@ static int __init ks0108_init(void) |
2090 |
+ |
2091 |
+ ks0108_pardevice = parport_register_device(ks0108_parport, KS0108_NAME, |
2092 |
+ NULL, NULL, NULL, PARPORT_DEV_EXCL, NULL); |
2093 |
++ parport_put_port(ks0108_parport); |
2094 |
+ if (ks0108_pardevice == NULL) { |
2095 |
+ printk(KERN_ERR KS0108_NAME ": ERROR: " |
2096 |
+ "parport didn't register new device\n"); |
2097 |
+diff --git a/drivers/base/devres.c b/drivers/base/devres.c |
2098 |
+index c8a53d1e019f..875464690117 100644 |
2099 |
+--- a/drivers/base/devres.c |
2100 |
++++ b/drivers/base/devres.c |
2101 |
+@@ -297,10 +297,10 @@ void * devres_get(struct device *dev, void *new_res, |
2102 |
+ if (!dr) { |
2103 |
+ add_dr(dev, &new_dr->node); |
2104 |
+ dr = new_dr; |
2105 |
+- new_dr = NULL; |
2106 |
++ new_res = NULL; |
2107 |
+ } |
2108 |
+ spin_unlock_irqrestore(&dev->devres_lock, flags); |
2109 |
+- devres_free(new_dr); |
2110 |
++ devres_free(new_res); |
2111 |
+ |
2112 |
+ return dr->data; |
2113 |
+ } |
2114 |
+diff --git a/drivers/base/node.c b/drivers/base/node.c |
2115 |
+index 472168cd0c97..74d45823890b 100644 |
2116 |
+--- a/drivers/base/node.c |
2117 |
++++ b/drivers/base/node.c |
2118 |
+@@ -396,6 +396,16 @@ int register_mem_sect_under_node(struct memory_block *mem_blk, int nid) |
2119 |
+ for (pfn = sect_start_pfn; pfn <= sect_end_pfn; pfn++) { |
2120 |
+ int page_nid; |
2121 |
+ |
2122 |
++ /* |
2123 |
++ * memory block could have several absent sections from start. |
2124 |
++ * skip pfn range from absent section |
2125 |
++ */ |
2126 |
++ if (!pfn_present(pfn)) { |
2127 |
++ pfn = round_down(pfn + PAGES_PER_SECTION, |
2128 |
++ PAGES_PER_SECTION) - 1; |
2129 |
++ continue; |
2130 |
++ } |
2131 |
++ |
2132 |
+ page_nid = get_nid_for_pfn(pfn); |
2133 |
+ if (page_nid < 0) |
2134 |
+ continue; |
2135 |
+diff --git a/drivers/base/platform.c b/drivers/base/platform.c |
2136 |
+index 360272cd4549..317e0e491ea0 100644 |
2137 |
+--- a/drivers/base/platform.c |
2138 |
++++ b/drivers/base/platform.c |
2139 |
+@@ -375,9 +375,7 @@ int platform_device_add(struct platform_device *pdev) |
2140 |
+ |
2141 |
+ while (--i >= 0) { |
2142 |
+ struct resource *r = &pdev->resource[i]; |
2143 |
+- unsigned long type = resource_type(r); |
2144 |
+- |
2145 |
+- if (type == IORESOURCE_MEM || type == IORESOURCE_IO) |
2146 |
++ if (r->parent) |
2147 |
+ release_resource(r); |
2148 |
+ } |
2149 |
+ |
2150 |
+@@ -408,9 +406,7 @@ void platform_device_del(struct platform_device *pdev) |
2151 |
+ |
2152 |
+ for (i = 0; i < pdev->num_resources; i++) { |
2153 |
+ struct resource *r = &pdev->resource[i]; |
2154 |
+- unsigned long type = resource_type(r); |
2155 |
+- |
2156 |
+- if (type == IORESOURCE_MEM || type == IORESOURCE_IO) |
2157 |
++ if (r->parent) |
2158 |
+ release_resource(r); |
2159 |
+ } |
2160 |
+ } |
2161 |
+diff --git a/drivers/base/regmap/regmap-debugfs.c b/drivers/base/regmap/regmap-debugfs.c |
2162 |
+index 5799a0b9e6cc..c8941f39c919 100644 |
2163 |
+--- a/drivers/base/regmap/regmap-debugfs.c |
2164 |
++++ b/drivers/base/regmap/regmap-debugfs.c |
2165 |
+@@ -32,8 +32,7 @@ static DEFINE_MUTEX(regmap_debugfs_early_lock); |
2166 |
+ /* Calculate the length of a fixed format */ |
2167 |
+ static size_t regmap_calc_reg_len(int max_val, char *buf, size_t buf_size) |
2168 |
+ { |
2169 |
+- snprintf(buf, buf_size, "%x", max_val); |
2170 |
+- return strlen(buf); |
2171 |
++ return snprintf(NULL, 0, "%x", max_val); |
2172 |
+ } |
2173 |
+ |
2174 |
+ static ssize_t regmap_name_read_file(struct file *file, |
2175 |
+@@ -432,7 +431,7 @@ static ssize_t regmap_access_read_file(struct file *file, |
2176 |
+ /* If we're in the region the user is trying to read */ |
2177 |
+ if (p >= *ppos) { |
2178 |
+ /* ...but not beyond it */ |
2179 |
+- if (buf_pos >= count - 1 - tot_len) |
2180 |
++ if (buf_pos + tot_len + 1 >= count) |
2181 |
+ break; |
2182 |
+ |
2183 |
+ /* Format the register */ |
2184 |
+diff --git a/drivers/block/zram/zcomp.c b/drivers/block/zram/zcomp.c |
2185 |
+index f1ff39a3d1c1..54d946a9eee6 100644 |
2186 |
+--- a/drivers/block/zram/zcomp.c |
2187 |
++++ b/drivers/block/zram/zcomp.c |
2188 |
+@@ -325,12 +325,14 @@ void zcomp_destroy(struct zcomp *comp) |
2189 |
+ * allocate new zcomp and initialize it. return compressing |
2190 |
+ * backend pointer or ERR_PTR if things went bad. ERR_PTR(-EINVAL) |
2191 |
+ * if requested algorithm is not supported, ERR_PTR(-ENOMEM) in |
2192 |
+- * case of allocation error. |
2193 |
++ * case of allocation error, or any other error potentially |
2194 |
++ * returned by functions zcomp_strm_{multi,single}_create. |
2195 |
+ */ |
2196 |
+ struct zcomp *zcomp_create(const char *compress, int max_strm) |
2197 |
+ { |
2198 |
+ struct zcomp *comp; |
2199 |
+ struct zcomp_backend *backend; |
2200 |
++ int error; |
2201 |
+ |
2202 |
+ backend = find_backend(compress); |
2203 |
+ if (!backend) |
2204 |
+@@ -342,12 +344,12 @@ struct zcomp *zcomp_create(const char *compress, int max_strm) |
2205 |
+ |
2206 |
+ comp->backend = backend; |
2207 |
+ if (max_strm > 1) |
2208 |
+- zcomp_strm_multi_create(comp, max_strm); |
2209 |
++ error = zcomp_strm_multi_create(comp, max_strm); |
2210 |
+ else |
2211 |
+- zcomp_strm_single_create(comp); |
2212 |
+- if (!comp->stream) { |
2213 |
++ error = zcomp_strm_single_create(comp); |
2214 |
++ if (error) { |
2215 |
+ kfree(comp); |
2216 |
+- return ERR_PTR(-ENOMEM); |
2217 |
++ return ERR_PTR(error); |
2218 |
+ } |
2219 |
+ return comp; |
2220 |
+ } |
2221 |
+diff --git a/drivers/clk/ti/clk-3xxx.c b/drivers/clk/ti/clk-3xxx.c |
2222 |
+index 0d1750a8aea4..088930c3ee4b 100644 |
2223 |
+--- a/drivers/clk/ti/clk-3xxx.c |
2224 |
++++ b/drivers/clk/ti/clk-3xxx.c |
2225 |
+@@ -170,7 +170,6 @@ static struct ti_dt_clk omap3xxx_clks[] = { |
2226 |
+ DT_CLK(NULL, "gpio2_ick", "gpio2_ick"), |
2227 |
+ DT_CLK(NULL, "wdt3_ick", "wdt3_ick"), |
2228 |
+ DT_CLK(NULL, "uart3_ick", "uart3_ick"), |
2229 |
+- DT_CLK(NULL, "uart4_ick", "uart4_ick"), |
2230 |
+ DT_CLK(NULL, "gpt9_ick", "gpt9_ick"), |
2231 |
+ DT_CLK(NULL, "gpt8_ick", "gpt8_ick"), |
2232 |
+ DT_CLK(NULL, "gpt7_ick", "gpt7_ick"), |
2233 |
+@@ -313,6 +312,7 @@ static struct ti_dt_clk am35xx_clks[] = { |
2234 |
+ static struct ti_dt_clk omap36xx_clks[] = { |
2235 |
+ DT_CLK(NULL, "omap_192m_alwon_fck", "omap_192m_alwon_fck"), |
2236 |
+ DT_CLK(NULL, "uart4_fck", "uart4_fck"), |
2237 |
++ DT_CLK(NULL, "uart4_ick", "uart4_ick"), |
2238 |
+ { .node_name = NULL }, |
2239 |
+ }; |
2240 |
+ |
2241 |
+diff --git a/drivers/clk/versatile/clk-sp810.c b/drivers/clk/versatile/clk-sp810.c |
2242 |
+index c6e86a9a2aa3..5122ef25f595 100644 |
2243 |
+--- a/drivers/clk/versatile/clk-sp810.c |
2244 |
++++ b/drivers/clk/versatile/clk-sp810.c |
2245 |
+@@ -128,8 +128,8 @@ static struct clk *clk_sp810_timerclken_of_get(struct of_phandle_args *clkspec, |
2246 |
+ { |
2247 |
+ struct clk_sp810 *sp810 = data; |
2248 |
+ |
2249 |
+- if (WARN_ON(clkspec->args_count != 1 || clkspec->args[0] > |
2250 |
+- ARRAY_SIZE(sp810->timerclken))) |
2251 |
++ if (WARN_ON(clkspec->args_count != 1 || |
2252 |
++ clkspec->args[0] >= ARRAY_SIZE(sp810->timerclken))) |
2253 |
+ return NULL; |
2254 |
+ |
2255 |
+ return sp810->timerclken[clkspec->args[0]].clk; |
2256 |
+diff --git a/drivers/cpufreq/cpufreq-dt.c b/drivers/cpufreq/cpufreq-dt.c |
2257 |
+index f657c571b18e..bdb6951d0978 100644 |
2258 |
+--- a/drivers/cpufreq/cpufreq-dt.c |
2259 |
++++ b/drivers/cpufreq/cpufreq-dt.c |
2260 |
+@@ -240,7 +240,8 @@ static int cpufreq_init(struct cpufreq_policy *policy) |
2261 |
+ rcu_read_unlock(); |
2262 |
+ |
2263 |
+ tol_uV = opp_uV * priv->voltage_tolerance / 100; |
2264 |
+- if (regulator_is_supported_voltage(cpu_reg, opp_uV, |
2265 |
++ if (regulator_is_supported_voltage(cpu_reg, |
2266 |
++ opp_uV - tol_uV, |
2267 |
+ opp_uV + tol_uV)) { |
2268 |
+ if (opp_uV < min_uV) |
2269 |
+ min_uV = opp_uV; |
2270 |
+diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c |
2271 |
+index d0d21363c63f..c1da6e121a67 100644 |
2272 |
+--- a/drivers/cpufreq/intel_pstate.c |
2273 |
++++ b/drivers/cpufreq/intel_pstate.c |
2274 |
+@@ -47,9 +47,9 @@ static inline int32_t mul_fp(int32_t x, int32_t y) |
2275 |
+ return ((int64_t)x * (int64_t)y) >> FRAC_BITS; |
2276 |
+ } |
2277 |
+ |
2278 |
+-static inline int32_t div_fp(int32_t x, int32_t y) |
2279 |
++static inline int32_t div_fp(s64 x, s64 y) |
2280 |
+ { |
2281 |
+- return div_s64((int64_t)x << FRAC_BITS, y); |
2282 |
++ return div64_s64((int64_t)x << FRAC_BITS, y); |
2283 |
+ } |
2284 |
+ |
2285 |
+ static inline int ceiling_fp(int32_t x) |
2286 |
+@@ -659,7 +659,7 @@ static inline void intel_pstate_set_sample_time(struct cpudata *cpu) |
2287 |
+ static inline int32_t intel_pstate_get_scaled_busy(struct cpudata *cpu) |
2288 |
+ { |
2289 |
+ int32_t core_busy, max_pstate, current_pstate, sample_ratio; |
2290 |
+- u32 duration_us; |
2291 |
++ s64 duration_us; |
2292 |
+ u32 sample_time; |
2293 |
+ |
2294 |
+ core_busy = cpu->sample.core_pct_busy; |
2295 |
+@@ -668,8 +668,8 @@ static inline int32_t intel_pstate_get_scaled_busy(struct cpudata *cpu) |
2296 |
+ core_busy = mul_fp(core_busy, div_fp(max_pstate, current_pstate)); |
2297 |
+ |
2298 |
+ sample_time = pid_params.sample_rate_ms * USEC_PER_MSEC; |
2299 |
+- duration_us = (u32) ktime_us_delta(cpu->sample.time, |
2300 |
+- cpu->last_sample_time); |
2301 |
++ duration_us = ktime_us_delta(cpu->sample.time, |
2302 |
++ cpu->last_sample_time); |
2303 |
+ if (duration_us > sample_time * 3) { |
2304 |
+ sample_ratio = div_fp(int_tofp(sample_time), |
2305 |
+ int_tofp(duration_us)); |
2306 |
+diff --git a/drivers/dma/dw/core.c b/drivers/dma/dw/core.c |
2307 |
+index 244722170410..9da24a5e1561 100644 |
2308 |
+--- a/drivers/dma/dw/core.c |
2309 |
++++ b/drivers/dma/dw/core.c |
2310 |
+@@ -1579,7 +1579,6 @@ int dw_dma_probe(struct dw_dma_chip *chip, struct dw_dma_platform_data *pdata) |
2311 |
+ INIT_LIST_HEAD(&dw->dma.channels); |
2312 |
+ for (i = 0; i < nr_channels; i++) { |
2313 |
+ struct dw_dma_chan *dwc = &dw->chan[i]; |
2314 |
+- int r = nr_channels - i - 1; |
2315 |
+ |
2316 |
+ dwc->chan.device = &dw->dma; |
2317 |
+ dma_cookie_init(&dwc->chan); |
2318 |
+@@ -1591,7 +1590,7 @@ int dw_dma_probe(struct dw_dma_chip *chip, struct dw_dma_platform_data *pdata) |
2319 |
+ |
2320 |
+ /* 7 is highest priority & 0 is lowest. */ |
2321 |
+ if (pdata->chan_priority == CHAN_PRIORITY_ASCENDING) |
2322 |
+- dwc->priority = r; |
2323 |
++ dwc->priority = nr_channels - i - 1; |
2324 |
+ else |
2325 |
+ dwc->priority = i; |
2326 |
+ |
2327 |
+@@ -1610,6 +1609,7 @@ int dw_dma_probe(struct dw_dma_chip *chip, struct dw_dma_platform_data *pdata) |
2328 |
+ /* Hardware configuration */ |
2329 |
+ if (autocfg) { |
2330 |
+ unsigned int dwc_params; |
2331 |
++ unsigned int r = DW_DMA_MAX_NR_CHANNELS - i - 1; |
2332 |
+ void __iomem *addr = chip->regs + r * sizeof(u32); |
2333 |
+ |
2334 |
+ dwc_params = dma_read_byaddr(addr, DWC_PARAMS); |
2335 |
+diff --git a/drivers/gpu/drm/drm_lock.c b/drivers/gpu/drm/drm_lock.c |
2336 |
+index f861361a635e..4924d381b664 100644 |
2337 |
+--- a/drivers/gpu/drm/drm_lock.c |
2338 |
++++ b/drivers/gpu/drm/drm_lock.c |
2339 |
+@@ -61,6 +61,9 @@ int drm_legacy_lock(struct drm_device *dev, void *data, |
2340 |
+ struct drm_master *master = file_priv->master; |
2341 |
+ int ret = 0; |
2342 |
+ |
2343 |
++ if (drm_core_check_feature(dev, DRIVER_MODESET)) |
2344 |
++ return -EINVAL; |
2345 |
++ |
2346 |
+ ++file_priv->lock_count; |
2347 |
+ |
2348 |
+ if (lock->context == DRM_KERNEL_CONTEXT) { |
2349 |
+@@ -153,6 +156,9 @@ int drm_legacy_unlock(struct drm_device *dev, void *data, struct drm_file *file_ |
2350 |
+ struct drm_lock *lock = data; |
2351 |
+ struct drm_master *master = file_priv->master; |
2352 |
+ |
2353 |
++ if (drm_core_check_feature(dev, DRIVER_MODESET)) |
2354 |
++ return -EINVAL; |
2355 |
++ |
2356 |
+ if (lock->context == DRM_KERNEL_CONTEXT) { |
2357 |
+ DRM_ERROR("Process %d using kernel context %d\n", |
2358 |
+ task_pid_nr(current), lock->context); |
2359 |
+diff --git a/drivers/gpu/drm/i915/intel_bios.c b/drivers/gpu/drm/i915/intel_bios.c |
2360 |
+index a4bd90f36a03..d96b152a6e04 100644 |
2361 |
+--- a/drivers/gpu/drm/i915/intel_bios.c |
2362 |
++++ b/drivers/gpu/drm/i915/intel_bios.c |
2363 |
+@@ -41,7 +41,7 @@ find_section(struct bdb_header *bdb, int section_id) |
2364 |
+ { |
2365 |
+ u8 *base = (u8 *)bdb; |
2366 |
+ int index = 0; |
2367 |
+- u16 total, current_size; |
2368 |
++ u32 total, current_size; |
2369 |
+ u8 current_id; |
2370 |
+ |
2371 |
+ /* skip to first section */ |
2372 |
+@@ -56,6 +56,10 @@ find_section(struct bdb_header *bdb, int section_id) |
2373 |
+ current_size = *((u16 *)(base + index)); |
2374 |
+ index += 2; |
2375 |
+ |
2376 |
++ /* The MIPI Sequence Block v3+ has a separate size field. */ |
2377 |
++ if (current_id == BDB_MIPI_SEQUENCE && *(base + index) >= 3) |
2378 |
++ current_size = *((const u32 *)(base + index + 1)); |
2379 |
++ |
2380 |
+ if (index + current_size > total) |
2381 |
+ return NULL; |
2382 |
+ |
2383 |
+@@ -794,6 +798,12 @@ parse_mipi(struct drm_i915_private *dev_priv, struct bdb_header *bdb) |
2384 |
+ return; |
2385 |
+ } |
2386 |
+ |
2387 |
++ /* Fail gracefully for forward incompatible sequence block. */ |
2388 |
++ if (sequence->version >= 3) { |
2389 |
++ DRM_ERROR("Unable to parse MIPI Sequence Block v3+\n"); |
2390 |
++ return; |
2391 |
++ } |
2392 |
++ |
2393 |
+ DRM_DEBUG_DRIVER("Found MIPI sequence block\n"); |
2394 |
+ |
2395 |
+ block_size = get_blocksize(sequence); |
2396 |
+diff --git a/drivers/gpu/drm/qxl/qxl_display.c b/drivers/gpu/drm/qxl/qxl_display.c |
2397 |
+index 0d1396266857..011b22836fd6 100644 |
2398 |
+--- a/drivers/gpu/drm/qxl/qxl_display.c |
2399 |
++++ b/drivers/gpu/drm/qxl/qxl_display.c |
2400 |
+@@ -136,9 +136,35 @@ static int qxl_add_monitors_config_modes(struct drm_connector *connector, |
2401 |
+ *pwidth = head->width; |
2402 |
+ *pheight = head->height; |
2403 |
+ drm_mode_probed_add(connector, mode); |
2404 |
++ /* remember the last custom size for mode validation */ |
2405 |
++ qdev->monitors_config_width = mode->hdisplay; |
2406 |
++ qdev->monitors_config_height = mode->vdisplay; |
2407 |
+ return 1; |
2408 |
+ } |
2409 |
+ |
2410 |
++static struct mode_size { |
2411 |
++ int w; |
2412 |
++ int h; |
2413 |
++} common_modes[] = { |
2414 |
++ { 640, 480}, |
2415 |
++ { 720, 480}, |
2416 |
++ { 800, 600}, |
2417 |
++ { 848, 480}, |
2418 |
++ {1024, 768}, |
2419 |
++ {1152, 768}, |
2420 |
++ {1280, 720}, |
2421 |
++ {1280, 800}, |
2422 |
++ {1280, 854}, |
2423 |
++ {1280, 960}, |
2424 |
++ {1280, 1024}, |
2425 |
++ {1440, 900}, |
2426 |
++ {1400, 1050}, |
2427 |
++ {1680, 1050}, |
2428 |
++ {1600, 1200}, |
2429 |
++ {1920, 1080}, |
2430 |
++ {1920, 1200} |
2431 |
++}; |
2432 |
++ |
2433 |
+ static int qxl_add_common_modes(struct drm_connector *connector, |
2434 |
+ unsigned pwidth, |
2435 |
+ unsigned pheight) |
2436 |
+@@ -146,29 +172,6 @@ static int qxl_add_common_modes(struct drm_connector *connector, |
2437 |
+ struct drm_device *dev = connector->dev; |
2438 |
+ struct drm_display_mode *mode = NULL; |
2439 |
+ int i; |
2440 |
+- struct mode_size { |
2441 |
+- int w; |
2442 |
+- int h; |
2443 |
+- } common_modes[] = { |
2444 |
+- { 640, 480}, |
2445 |
+- { 720, 480}, |
2446 |
+- { 800, 600}, |
2447 |
+- { 848, 480}, |
2448 |
+- {1024, 768}, |
2449 |
+- {1152, 768}, |
2450 |
+- {1280, 720}, |
2451 |
+- {1280, 800}, |
2452 |
+- {1280, 854}, |
2453 |
+- {1280, 960}, |
2454 |
+- {1280, 1024}, |
2455 |
+- {1440, 900}, |
2456 |
+- {1400, 1050}, |
2457 |
+- {1680, 1050}, |
2458 |
+- {1600, 1200}, |
2459 |
+- {1920, 1080}, |
2460 |
+- {1920, 1200} |
2461 |
+- }; |
2462 |
+- |
2463 |
+ for (i = 0; i < ARRAY_SIZE(common_modes); i++) { |
2464 |
+ mode = drm_cvt_mode(dev, common_modes[i].w, common_modes[i].h, |
2465 |
+ 60, false, false, false); |
2466 |
+@@ -598,7 +601,7 @@ static int qxl_crtc_mode_set(struct drm_crtc *crtc, |
2467 |
+ adjusted_mode->hdisplay, |
2468 |
+ adjusted_mode->vdisplay); |
2469 |
+ |
2470 |
+- if (qcrtc->index == 0) |
2471 |
++ if (bo->is_primary == false) |
2472 |
+ recreate_primary = true; |
2473 |
+ |
2474 |
+ if (bo->surf.stride * bo->surf.height > qdev->vram_size) { |
2475 |
+@@ -806,11 +809,22 @@ static int qxl_conn_get_modes(struct drm_connector *connector) |
2476 |
+ static int qxl_conn_mode_valid(struct drm_connector *connector, |
2477 |
+ struct drm_display_mode *mode) |
2478 |
+ { |
2479 |
++ struct drm_device *ddev = connector->dev; |
2480 |
++ struct qxl_device *qdev = ddev->dev_private; |
2481 |
++ int i; |
2482 |
++ |
2483 |
+ /* TODO: is this called for user defined modes? (xrandr --add-mode) |
2484 |
+ * TODO: check that the mode fits in the framebuffer */ |
2485 |
+- DRM_DEBUG("%s: %dx%d status=%d\n", mode->name, mode->hdisplay, |
2486 |
+- mode->vdisplay, mode->status); |
2487 |
+- return MODE_OK; |
2488 |
++ |
2489 |
++ if(qdev->monitors_config_width == mode->hdisplay && |
2490 |
++ qdev->monitors_config_height == mode->vdisplay) |
2491 |
++ return MODE_OK; |
2492 |
++ |
2493 |
++ for (i = 0; i < ARRAY_SIZE(common_modes); i++) { |
2494 |
++ if (common_modes[i].w == mode->hdisplay && common_modes[i].h == mode->vdisplay) |
2495 |
++ return MODE_OK; |
2496 |
++ } |
2497 |
++ return MODE_BAD; |
2498 |
+ } |
2499 |
+ |
2500 |
+ static struct drm_encoder *qxl_best_encoder(struct drm_connector *connector) |
2501 |
+@@ -855,13 +869,15 @@ static enum drm_connector_status qxl_conn_detect( |
2502 |
+ drm_connector_to_qxl_output(connector); |
2503 |
+ struct drm_device *ddev = connector->dev; |
2504 |
+ struct qxl_device *qdev = ddev->dev_private; |
2505 |
+- int connected; |
2506 |
++ bool connected = false; |
2507 |
+ |
2508 |
+ /* The first monitor is always connected */ |
2509 |
+- connected = (output->index == 0) || |
2510 |
+- (qdev->client_monitors_config && |
2511 |
+- qdev->client_monitors_config->count > output->index && |
2512 |
+- qxl_head_enabled(&qdev->client_monitors_config->heads[output->index])); |
2513 |
++ if (!qdev->client_monitors_config) { |
2514 |
++ if (output->index == 0) |
2515 |
++ connected = true; |
2516 |
++ } else |
2517 |
++ connected = qdev->client_monitors_config->count > output->index && |
2518 |
++ qxl_head_enabled(&qdev->client_monitors_config->heads[output->index]); |
2519 |
+ |
2520 |
+ DRM_DEBUG("#%d connected: %d\n", output->index, connected); |
2521 |
+ if (!connected) |
2522 |
+diff --git a/drivers/gpu/drm/qxl/qxl_drv.h b/drivers/gpu/drm/qxl/qxl_drv.h |
2523 |
+index 7c6cafe21f5f..e66143cc1a7a 100644 |
2524 |
+--- a/drivers/gpu/drm/qxl/qxl_drv.h |
2525 |
++++ b/drivers/gpu/drm/qxl/qxl_drv.h |
2526 |
+@@ -325,6 +325,8 @@ struct qxl_device { |
2527 |
+ struct work_struct fb_work; |
2528 |
+ |
2529 |
+ struct drm_property *hotplug_mode_update_property; |
2530 |
++ int monitors_config_width; |
2531 |
++ int monitors_config_height; |
2532 |
+ }; |
2533 |
+ |
2534 |
+ /* forward declaration for QXL_INFO_IO */ |
2535 |
+diff --git a/drivers/gpu/drm/radeon/atombios_encoders.c b/drivers/gpu/drm/radeon/atombios_encoders.c |
2536 |
+index b8cd7975f797..d8a5db204a81 100644 |
2537 |
+--- a/drivers/gpu/drm/radeon/atombios_encoders.c |
2538 |
++++ b/drivers/gpu/drm/radeon/atombios_encoders.c |
2539 |
+@@ -1586,8 +1586,9 @@ radeon_atom_encoder_dpms_avivo(struct drm_encoder *encoder, int mode) |
2540 |
+ } else |
2541 |
+ atom_execute_table(rdev->mode_info.atom_context, index, (uint32_t *)&args); |
2542 |
+ if (radeon_encoder->devices & (ATOM_DEVICE_LCD_SUPPORT)) { |
2543 |
+- args.ucAction = ATOM_LCD_BLON; |
2544 |
+- atom_execute_table(rdev->mode_info.atom_context, index, (uint32_t *)&args); |
2545 |
++ struct radeon_encoder_atom_dig *dig = radeon_encoder->enc_priv; |
2546 |
++ |
2547 |
++ atombios_set_backlight_level(radeon_encoder, dig->backlight_level); |
2548 |
+ } |
2549 |
+ break; |
2550 |
+ case DRM_MODE_DPMS_STANDBY: |
2551 |
+@@ -1668,8 +1669,7 @@ radeon_atom_encoder_dpms_dig(struct drm_encoder *encoder, int mode) |
2552 |
+ atombios_dig_encoder_setup(encoder, ATOM_ENCODER_CMD_DP_VIDEO_ON, 0); |
2553 |
+ } |
2554 |
+ if (radeon_encoder->devices & (ATOM_DEVICE_LCD_SUPPORT)) |
2555 |
+- atombios_dig_transmitter_setup(encoder, |
2556 |
+- ATOM_TRANSMITTER_ACTION_LCD_BLON, 0, 0); |
2557 |
++ atombios_set_backlight_level(radeon_encoder, dig->backlight_level); |
2558 |
+ if (ext_encoder) |
2559 |
+ atombios_external_encoder_setup(encoder, ext_encoder, ATOM_ENABLE); |
2560 |
+ break; |
2561 |
+diff --git a/drivers/gpu/drm/radeon/radeon_combios.c b/drivers/gpu/drm/radeon/radeon_combios.c |
2562 |
+index c097d3a82bda..a9b01bcf7d0a 100644 |
2563 |
+--- a/drivers/gpu/drm/radeon/radeon_combios.c |
2564 |
++++ b/drivers/gpu/drm/radeon/radeon_combios.c |
2565 |
+@@ -3387,6 +3387,14 @@ void radeon_combios_asic_init(struct drm_device *dev) |
2566 |
+ rdev->pdev->subsystem_device == 0x30ae) |
2567 |
+ return; |
2568 |
+ |
2569 |
++ /* quirk for rs4xx HP Compaq dc5750 Small Form Factor to make it resume |
2570 |
++ * - it hangs on resume inside the dynclk 1 table. |
2571 |
++ */ |
2572 |
++ if (rdev->family == CHIP_RS480 && |
2573 |
++ rdev->pdev->subsystem_vendor == 0x103c && |
2574 |
++ rdev->pdev->subsystem_device == 0x280a) |
2575 |
++ return; |
2576 |
++ |
2577 |
+ /* DYN CLK 1 */ |
2578 |
+ table = combios_get_table_offset(dev, COMBIOS_DYN_CLK_1_TABLE); |
2579 |
+ if (table) |
2580 |
+diff --git a/drivers/gpu/drm/radeon/radeon_connectors.c b/drivers/gpu/drm/radeon/radeon_connectors.c |
2581 |
+index 26baa9c05f6c..15f09068ac00 100644 |
2582 |
+--- a/drivers/gpu/drm/radeon/radeon_connectors.c |
2583 |
++++ b/drivers/gpu/drm/radeon/radeon_connectors.c |
2584 |
+@@ -72,6 +72,11 @@ void radeon_connector_hotplug(struct drm_connector *connector) |
2585 |
+ if (!radeon_hpd_sense(rdev, radeon_connector->hpd.hpd)) { |
2586 |
+ drm_helper_connector_dpms(connector, DRM_MODE_DPMS_OFF); |
2587 |
+ } else if (radeon_dp_needs_link_train(radeon_connector)) { |
2588 |
++ /* Don't try to start link training before we |
2589 |
++ * have the dpcd */ |
2590 |
++ if (!radeon_dp_getdpcd(radeon_connector)) |
2591 |
++ return; |
2592 |
++ |
2593 |
+ /* set it to OFF so that drm_helper_connector_dpms() |
2594 |
+ * won't return immediately since the current state |
2595 |
+ * is ON at this point. |
2596 |
+diff --git a/drivers/hid/usbhid/hid-core.c b/drivers/hid/usbhid/hid-core.c |
2597 |
+index ca6849a0121e..97342ebc7de7 100644 |
2598 |
+--- a/drivers/hid/usbhid/hid-core.c |
2599 |
++++ b/drivers/hid/usbhid/hid-core.c |
2600 |
+@@ -164,7 +164,7 @@ static void hid_io_error(struct hid_device *hid) |
2601 |
+ if (time_after(jiffies, usbhid->stop_retry)) { |
2602 |
+ |
2603 |
+ /* Retries failed, so do a port reset unless we lack bandwidth*/ |
2604 |
+- if (test_bit(HID_NO_BANDWIDTH, &usbhid->iofl) |
2605 |
++ if (!test_bit(HID_NO_BANDWIDTH, &usbhid->iofl) |
2606 |
+ && !test_and_set_bit(HID_RESET_PENDING, &usbhid->iofl)) { |
2607 |
+ |
2608 |
+ schedule_work(&usbhid->reset_work); |
2609 |
+diff --git a/drivers/hwmon/nct6775.c b/drivers/hwmon/nct6775.c |
2610 |
+index 6461964f49a8..3aa958b5d45d 100644 |
2611 |
+--- a/drivers/hwmon/nct6775.c |
2612 |
++++ b/drivers/hwmon/nct6775.c |
2613 |
+@@ -350,6 +350,10 @@ static const u16 NCT6775_REG_TEMP_CRIT[ARRAY_SIZE(nct6775_temp_label) - 1] |
2614 |
+ |
2615 |
+ /* NCT6776 specific data */ |
2616 |
+ |
2617 |
++/* STEP_UP_TIME and STEP_DOWN_TIME regs are swapped for all chips but NCT6775 */ |
2618 |
++#define NCT6776_REG_FAN_STEP_UP_TIME NCT6775_REG_FAN_STEP_DOWN_TIME |
2619 |
++#define NCT6776_REG_FAN_STEP_DOWN_TIME NCT6775_REG_FAN_STEP_UP_TIME |
2620 |
++ |
2621 |
+ static const s8 NCT6776_ALARM_BITS[] = { |
2622 |
+ 0, 1, 2, 3, 8, 21, 20, 16, /* in0.. in7 */ |
2623 |
+ 17, -1, -1, -1, -1, -1, -1, /* in8..in14 */ |
2624 |
+@@ -3476,8 +3480,8 @@ static int nct6775_probe(struct platform_device *pdev) |
2625 |
+ data->REG_FAN_PULSES = NCT6776_REG_FAN_PULSES; |
2626 |
+ data->FAN_PULSE_SHIFT = NCT6775_FAN_PULSE_SHIFT; |
2627 |
+ data->REG_FAN_TIME[0] = NCT6775_REG_FAN_STOP_TIME; |
2628 |
+- data->REG_FAN_TIME[1] = NCT6775_REG_FAN_STEP_UP_TIME; |
2629 |
+- data->REG_FAN_TIME[2] = NCT6775_REG_FAN_STEP_DOWN_TIME; |
2630 |
++ data->REG_FAN_TIME[1] = NCT6776_REG_FAN_STEP_UP_TIME; |
2631 |
++ data->REG_FAN_TIME[2] = NCT6776_REG_FAN_STEP_DOWN_TIME; |
2632 |
+ data->REG_TOLERANCE_H = NCT6776_REG_TOLERANCE_H; |
2633 |
+ data->REG_PWM[0] = NCT6775_REG_PWM; |
2634 |
+ data->REG_PWM[1] = NCT6775_REG_FAN_START_OUTPUT; |
2635 |
+@@ -3548,8 +3552,8 @@ static int nct6775_probe(struct platform_device *pdev) |
2636 |
+ data->REG_FAN_PULSES = NCT6779_REG_FAN_PULSES; |
2637 |
+ data->FAN_PULSE_SHIFT = NCT6775_FAN_PULSE_SHIFT; |
2638 |
+ data->REG_FAN_TIME[0] = NCT6775_REG_FAN_STOP_TIME; |
2639 |
+- data->REG_FAN_TIME[1] = NCT6775_REG_FAN_STEP_UP_TIME; |
2640 |
+- data->REG_FAN_TIME[2] = NCT6775_REG_FAN_STEP_DOWN_TIME; |
2641 |
++ data->REG_FAN_TIME[1] = NCT6776_REG_FAN_STEP_UP_TIME; |
2642 |
++ data->REG_FAN_TIME[2] = NCT6776_REG_FAN_STEP_DOWN_TIME; |
2643 |
+ data->REG_TOLERANCE_H = NCT6776_REG_TOLERANCE_H; |
2644 |
+ data->REG_PWM[0] = NCT6775_REG_PWM; |
2645 |
+ data->REG_PWM[1] = NCT6775_REG_FAN_START_OUTPUT; |
2646 |
+@@ -3624,8 +3628,8 @@ static int nct6775_probe(struct platform_device *pdev) |
2647 |
+ data->REG_FAN_PULSES = NCT6779_REG_FAN_PULSES; |
2648 |
+ data->FAN_PULSE_SHIFT = NCT6775_FAN_PULSE_SHIFT; |
2649 |
+ data->REG_FAN_TIME[0] = NCT6775_REG_FAN_STOP_TIME; |
2650 |
+- data->REG_FAN_TIME[1] = NCT6775_REG_FAN_STEP_UP_TIME; |
2651 |
+- data->REG_FAN_TIME[2] = NCT6775_REG_FAN_STEP_DOWN_TIME; |
2652 |
++ data->REG_FAN_TIME[1] = NCT6776_REG_FAN_STEP_UP_TIME; |
2653 |
++ data->REG_FAN_TIME[2] = NCT6776_REG_FAN_STEP_DOWN_TIME; |
2654 |
+ data->REG_TOLERANCE_H = NCT6776_REG_TOLERANCE_H; |
2655 |
+ data->REG_PWM[0] = NCT6775_REG_PWM; |
2656 |
+ data->REG_PWM[1] = NCT6775_REG_FAN_START_OUTPUT; |
2657 |
+diff --git a/drivers/iio/imu/adis16480.c b/drivers/iio/imu/adis16480.c |
2658 |
+index 989605dd6f78..b94bfd3f595b 100644 |
2659 |
+--- a/drivers/iio/imu/adis16480.c |
2660 |
++++ b/drivers/iio/imu/adis16480.c |
2661 |
+@@ -110,6 +110,10 @@ |
2662 |
+ struct adis16480_chip_info { |
2663 |
+ unsigned int num_channels; |
2664 |
+ const struct iio_chan_spec *channels; |
2665 |
++ unsigned int gyro_max_val; |
2666 |
++ unsigned int gyro_max_scale; |
2667 |
++ unsigned int accel_max_val; |
2668 |
++ unsigned int accel_max_scale; |
2669 |
+ }; |
2670 |
+ |
2671 |
+ struct adis16480 { |
2672 |
+@@ -497,19 +501,21 @@ static int adis16480_set_filter_freq(struct iio_dev *indio_dev, |
2673 |
+ static int adis16480_read_raw(struct iio_dev *indio_dev, |
2674 |
+ const struct iio_chan_spec *chan, int *val, int *val2, long info) |
2675 |
+ { |
2676 |
++ struct adis16480 *st = iio_priv(indio_dev); |
2677 |
++ |
2678 |
+ switch (info) { |
2679 |
+ case IIO_CHAN_INFO_RAW: |
2680 |
+ return adis_single_conversion(indio_dev, chan, 0, val); |
2681 |
+ case IIO_CHAN_INFO_SCALE: |
2682 |
+ switch (chan->type) { |
2683 |
+ case IIO_ANGL_VEL: |
2684 |
+- *val = 0; |
2685 |
+- *val2 = IIO_DEGREE_TO_RAD(20000); /* 0.02 degree/sec */ |
2686 |
+- return IIO_VAL_INT_PLUS_MICRO; |
2687 |
++ *val = st->chip_info->gyro_max_scale; |
2688 |
++ *val2 = st->chip_info->gyro_max_val; |
2689 |
++ return IIO_VAL_FRACTIONAL; |
2690 |
+ case IIO_ACCEL: |
2691 |
+- *val = 0; |
2692 |
+- *val2 = IIO_G_TO_M_S_2(800); /* 0.8 mg */ |
2693 |
+- return IIO_VAL_INT_PLUS_MICRO; |
2694 |
++ *val = st->chip_info->accel_max_scale; |
2695 |
++ *val2 = st->chip_info->accel_max_val; |
2696 |
++ return IIO_VAL_FRACTIONAL; |
2697 |
+ case IIO_MAGN: |
2698 |
+ *val = 0; |
2699 |
+ *val2 = 100; /* 0.0001 gauss */ |
2700 |
+@@ -674,18 +680,39 @@ static const struct adis16480_chip_info adis16480_chip_info[] = { |
2701 |
+ [ADIS16375] = { |
2702 |
+ .channels = adis16485_channels, |
2703 |
+ .num_channels = ARRAY_SIZE(adis16485_channels), |
2704 |
++ /* |
2705 |
++ * storing the value in rad/degree and the scale in degree |
2706 |
++ * gives us the result in rad and better precession than |
2707 |
++ * storing the scale directly in rad. |
2708 |
++ */ |
2709 |
++ .gyro_max_val = IIO_RAD_TO_DEGREE(22887), |
2710 |
++ .gyro_max_scale = 300, |
2711 |
++ .accel_max_val = IIO_M_S_2_TO_G(21973), |
2712 |
++ .accel_max_scale = 18, |
2713 |
+ }, |
2714 |
+ [ADIS16480] = { |
2715 |
+ .channels = adis16480_channels, |
2716 |
+ .num_channels = ARRAY_SIZE(adis16480_channels), |
2717 |
++ .gyro_max_val = IIO_RAD_TO_DEGREE(22500), |
2718 |
++ .gyro_max_scale = 450, |
2719 |
++ .accel_max_val = IIO_M_S_2_TO_G(12500), |
2720 |
++ .accel_max_scale = 5, |
2721 |
+ }, |
2722 |
+ [ADIS16485] = { |
2723 |
+ .channels = adis16485_channels, |
2724 |
+ .num_channels = ARRAY_SIZE(adis16485_channels), |
2725 |
++ .gyro_max_val = IIO_RAD_TO_DEGREE(22500), |
2726 |
++ .gyro_max_scale = 450, |
2727 |
++ .accel_max_val = IIO_M_S_2_TO_G(20000), |
2728 |
++ .accel_max_scale = 5, |
2729 |
+ }, |
2730 |
+ [ADIS16488] = { |
2731 |
+ .channels = adis16480_channels, |
2732 |
+ .num_channels = ARRAY_SIZE(adis16480_channels), |
2733 |
++ .gyro_max_val = IIO_RAD_TO_DEGREE(22500), |
2734 |
++ .gyro_max_scale = 450, |
2735 |
++ .accel_max_val = IIO_M_S_2_TO_G(22500), |
2736 |
++ .accel_max_scale = 18, |
2737 |
+ }, |
2738 |
+ }; |
2739 |
+ |
2740 |
+diff --git a/drivers/iio/industrialio-buffer.c b/drivers/iio/industrialio-buffer.c |
2741 |
+index f971f79103ec..25c68de393ad 100644 |
2742 |
+--- a/drivers/iio/industrialio-buffer.c |
2743 |
++++ b/drivers/iio/industrialio-buffer.c |
2744 |
+@@ -93,7 +93,7 @@ unsigned int iio_buffer_poll(struct file *filp, |
2745 |
+ struct iio_buffer *rb = indio_dev->buffer; |
2746 |
+ |
2747 |
+ if (!indio_dev->info) |
2748 |
+- return -ENODEV; |
2749 |
++ return 0; |
2750 |
+ |
2751 |
+ poll_wait(filp, &rb->pollq, wait); |
2752 |
+ if (iio_buffer_data_available(rb)) |
2753 |
+diff --git a/drivers/iio/industrialio-event.c b/drivers/iio/industrialio-event.c |
2754 |
+index 35c02aeec75e..158a760ada12 100644 |
2755 |
+--- a/drivers/iio/industrialio-event.c |
2756 |
++++ b/drivers/iio/industrialio-event.c |
2757 |
+@@ -84,7 +84,7 @@ static unsigned int iio_event_poll(struct file *filep, |
2758 |
+ unsigned int events = 0; |
2759 |
+ |
2760 |
+ if (!indio_dev->info) |
2761 |
+- return -ENODEV; |
2762 |
++ return events; |
2763 |
+ |
2764 |
+ poll_wait(filep, &ev_int->wait, wait); |
2765 |
+ |
2766 |
+diff --git a/drivers/infiniband/core/uverbs.h b/drivers/infiniband/core/uverbs.h |
2767 |
+index 643c08a025a5..1c74d89fd2ad 100644 |
2768 |
+--- a/drivers/infiniband/core/uverbs.h |
2769 |
++++ b/drivers/infiniband/core/uverbs.h |
2770 |
+@@ -85,7 +85,7 @@ |
2771 |
+ */ |
2772 |
+ |
2773 |
+ struct ib_uverbs_device { |
2774 |
+- struct kref ref; |
2775 |
++ atomic_t refcount; |
2776 |
+ int num_comp_vectors; |
2777 |
+ struct completion comp; |
2778 |
+ struct device *dev; |
2779 |
+@@ -94,6 +94,7 @@ struct ib_uverbs_device { |
2780 |
+ struct cdev cdev; |
2781 |
+ struct rb_root xrcd_tree; |
2782 |
+ struct mutex xrcd_tree_mutex; |
2783 |
++ struct kobject kobj; |
2784 |
+ }; |
2785 |
+ |
2786 |
+ struct ib_uverbs_event_file { |
2787 |
+diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c |
2788 |
+index 63a9f04bdb6c..f3748311d79b 100644 |
2789 |
+--- a/drivers/infiniband/core/uverbs_cmd.c |
2790 |
++++ b/drivers/infiniband/core/uverbs_cmd.c |
2791 |
+@@ -2204,6 +2204,12 @@ ssize_t ib_uverbs_post_send(struct ib_uverbs_file *file, |
2792 |
+ next->send_flags = user_wr->send_flags; |
2793 |
+ |
2794 |
+ if (is_ud) { |
2795 |
++ if (next->opcode != IB_WR_SEND && |
2796 |
++ next->opcode != IB_WR_SEND_WITH_IMM) { |
2797 |
++ ret = -EINVAL; |
2798 |
++ goto out_put; |
2799 |
++ } |
2800 |
++ |
2801 |
+ next->wr.ud.ah = idr_read_ah(user_wr->wr.ud.ah, |
2802 |
+ file->ucontext); |
2803 |
+ if (!next->wr.ud.ah) { |
2804 |
+@@ -2243,9 +2249,11 @@ ssize_t ib_uverbs_post_send(struct ib_uverbs_file *file, |
2805 |
+ user_wr->wr.atomic.compare_add; |
2806 |
+ next->wr.atomic.swap = user_wr->wr.atomic.swap; |
2807 |
+ next->wr.atomic.rkey = user_wr->wr.atomic.rkey; |
2808 |
++ case IB_WR_SEND: |
2809 |
+ break; |
2810 |
+ default: |
2811 |
+- break; |
2812 |
++ ret = -EINVAL; |
2813 |
++ goto out_put; |
2814 |
+ } |
2815 |
+ } |
2816 |
+ |
2817 |
+diff --git a/drivers/infiniband/core/uverbs_main.c b/drivers/infiniband/core/uverbs_main.c |
2818 |
+index 71ab83fde472..d3abb7ea2dee 100644 |
2819 |
+--- a/drivers/infiniband/core/uverbs_main.c |
2820 |
++++ b/drivers/infiniband/core/uverbs_main.c |
2821 |
+@@ -128,14 +128,18 @@ static int (*uverbs_ex_cmd_table[])(struct ib_uverbs_file *file, |
2822 |
+ static void ib_uverbs_add_one(struct ib_device *device); |
2823 |
+ static void ib_uverbs_remove_one(struct ib_device *device); |
2824 |
+ |
2825 |
+-static void ib_uverbs_release_dev(struct kref *ref) |
2826 |
++static void ib_uverbs_release_dev(struct kobject *kobj) |
2827 |
+ { |
2828 |
+ struct ib_uverbs_device *dev = |
2829 |
+- container_of(ref, struct ib_uverbs_device, ref); |
2830 |
++ container_of(kobj, struct ib_uverbs_device, kobj); |
2831 |
+ |
2832 |
+- complete(&dev->comp); |
2833 |
++ kfree(dev); |
2834 |
+ } |
2835 |
+ |
2836 |
++static struct kobj_type ib_uverbs_dev_ktype = { |
2837 |
++ .release = ib_uverbs_release_dev, |
2838 |
++}; |
2839 |
++ |
2840 |
+ static void ib_uverbs_release_event_file(struct kref *ref) |
2841 |
+ { |
2842 |
+ struct ib_uverbs_event_file *file = |
2843 |
+@@ -299,13 +303,19 @@ static int ib_uverbs_cleanup_ucontext(struct ib_uverbs_file *file, |
2844 |
+ return context->device->dealloc_ucontext(context); |
2845 |
+ } |
2846 |
+ |
2847 |
++static void ib_uverbs_comp_dev(struct ib_uverbs_device *dev) |
2848 |
++{ |
2849 |
++ complete(&dev->comp); |
2850 |
++} |
2851 |
++ |
2852 |
+ static void ib_uverbs_release_file(struct kref *ref) |
2853 |
+ { |
2854 |
+ struct ib_uverbs_file *file = |
2855 |
+ container_of(ref, struct ib_uverbs_file, ref); |
2856 |
+ |
2857 |
+ module_put(file->device->ib_dev->owner); |
2858 |
+- kref_put(&file->device->ref, ib_uverbs_release_dev); |
2859 |
++ if (atomic_dec_and_test(&file->device->refcount)) |
2860 |
++ ib_uverbs_comp_dev(file->device); |
2861 |
+ |
2862 |
+ kfree(file); |
2863 |
+ } |
2864 |
+@@ -739,9 +749,7 @@ static int ib_uverbs_open(struct inode *inode, struct file *filp) |
2865 |
+ int ret; |
2866 |
+ |
2867 |
+ dev = container_of(inode->i_cdev, struct ib_uverbs_device, cdev); |
2868 |
+- if (dev) |
2869 |
+- kref_get(&dev->ref); |
2870 |
+- else |
2871 |
++ if (!atomic_inc_not_zero(&dev->refcount)) |
2872 |
+ return -ENXIO; |
2873 |
+ |
2874 |
+ if (!try_module_get(dev->ib_dev->owner)) { |
2875 |
+@@ -762,6 +770,7 @@ static int ib_uverbs_open(struct inode *inode, struct file *filp) |
2876 |
+ mutex_init(&file->mutex); |
2877 |
+ |
2878 |
+ filp->private_data = file; |
2879 |
++ kobject_get(&dev->kobj); |
2880 |
+ |
2881 |
+ return nonseekable_open(inode, filp); |
2882 |
+ |
2883 |
+@@ -769,13 +778,16 @@ err_module: |
2884 |
+ module_put(dev->ib_dev->owner); |
2885 |
+ |
2886 |
+ err: |
2887 |
+- kref_put(&dev->ref, ib_uverbs_release_dev); |
2888 |
++ if (atomic_dec_and_test(&dev->refcount)) |
2889 |
++ ib_uverbs_comp_dev(dev); |
2890 |
++ |
2891 |
+ return ret; |
2892 |
+ } |
2893 |
+ |
2894 |
+ static int ib_uverbs_close(struct inode *inode, struct file *filp) |
2895 |
+ { |
2896 |
+ struct ib_uverbs_file *file = filp->private_data; |
2897 |
++ struct ib_uverbs_device *dev = file->device; |
2898 |
+ |
2899 |
+ ib_uverbs_cleanup_ucontext(file, file->ucontext); |
2900 |
+ |
2901 |
+@@ -783,6 +795,7 @@ static int ib_uverbs_close(struct inode *inode, struct file *filp) |
2902 |
+ kref_put(&file->async_file->ref, ib_uverbs_release_event_file); |
2903 |
+ |
2904 |
+ kref_put(&file->ref, ib_uverbs_release_file); |
2905 |
++ kobject_put(&dev->kobj); |
2906 |
+ |
2907 |
+ return 0; |
2908 |
+ } |
2909 |
+@@ -878,10 +891,11 @@ static void ib_uverbs_add_one(struct ib_device *device) |
2910 |
+ if (!uverbs_dev) |
2911 |
+ return; |
2912 |
+ |
2913 |
+- kref_init(&uverbs_dev->ref); |
2914 |
++ atomic_set(&uverbs_dev->refcount, 1); |
2915 |
+ init_completion(&uverbs_dev->comp); |
2916 |
+ uverbs_dev->xrcd_tree = RB_ROOT; |
2917 |
+ mutex_init(&uverbs_dev->xrcd_tree_mutex); |
2918 |
++ kobject_init(&uverbs_dev->kobj, &ib_uverbs_dev_ktype); |
2919 |
+ |
2920 |
+ spin_lock(&map_lock); |
2921 |
+ devnum = find_first_zero_bit(dev_map, IB_UVERBS_MAX_DEVICES); |
2922 |
+@@ -908,6 +922,7 @@ static void ib_uverbs_add_one(struct ib_device *device) |
2923 |
+ cdev_init(&uverbs_dev->cdev, NULL); |
2924 |
+ uverbs_dev->cdev.owner = THIS_MODULE; |
2925 |
+ uverbs_dev->cdev.ops = device->mmap ? &uverbs_mmap_fops : &uverbs_fops; |
2926 |
++ uverbs_dev->cdev.kobj.parent = &uverbs_dev->kobj; |
2927 |
+ kobject_set_name(&uverbs_dev->cdev.kobj, "uverbs%d", uverbs_dev->devnum); |
2928 |
+ if (cdev_add(&uverbs_dev->cdev, base, 1)) |
2929 |
+ goto err_cdev; |
2930 |
+@@ -938,9 +953,10 @@ err_cdev: |
2931 |
+ clear_bit(devnum, overflow_map); |
2932 |
+ |
2933 |
+ err: |
2934 |
+- kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); |
2935 |
++ if (atomic_dec_and_test(&uverbs_dev->refcount)) |
2936 |
++ ib_uverbs_comp_dev(uverbs_dev); |
2937 |
+ wait_for_completion(&uverbs_dev->comp); |
2938 |
+- kfree(uverbs_dev); |
2939 |
++ kobject_put(&uverbs_dev->kobj); |
2940 |
+ return; |
2941 |
+ } |
2942 |
+ |
2943 |
+@@ -960,9 +976,10 @@ static void ib_uverbs_remove_one(struct ib_device *device) |
2944 |
+ else |
2945 |
+ clear_bit(uverbs_dev->devnum - IB_UVERBS_MAX_DEVICES, overflow_map); |
2946 |
+ |
2947 |
+- kref_put(&uverbs_dev->ref, ib_uverbs_release_dev); |
2948 |
++ if (atomic_dec_and_test(&uverbs_dev->refcount)) |
2949 |
++ ib_uverbs_comp_dev(uverbs_dev); |
2950 |
+ wait_for_completion(&uverbs_dev->comp); |
2951 |
+- kfree(uverbs_dev); |
2952 |
++ kobject_put(&uverbs_dev->kobj); |
2953 |
+ } |
2954 |
+ |
2955 |
+ static char *uverbs_devnode(struct device *dev, umode_t *mode) |
2956 |
+diff --git a/drivers/infiniband/hw/mlx4/ah.c b/drivers/infiniband/hw/mlx4/ah.c |
2957 |
+index 2d8c3397774f..e65ee1947279 100644 |
2958 |
+--- a/drivers/infiniband/hw/mlx4/ah.c |
2959 |
++++ b/drivers/infiniband/hw/mlx4/ah.c |
2960 |
+@@ -147,9 +147,13 @@ int mlx4_ib_query_ah(struct ib_ah *ibah, struct ib_ah_attr *ah_attr) |
2961 |
+ enum rdma_link_layer ll; |
2962 |
+ |
2963 |
+ memset(ah_attr, 0, sizeof *ah_attr); |
2964 |
+- ah_attr->sl = be32_to_cpu(ah->av.ib.sl_tclass_flowlabel) >> 28; |
2965 |
+ ah_attr->port_num = be32_to_cpu(ah->av.ib.port_pd) >> 24; |
2966 |
+ ll = rdma_port_get_link_layer(ibah->device, ah_attr->port_num); |
2967 |
++ if (ll == IB_LINK_LAYER_ETHERNET) |
2968 |
++ ah_attr->sl = be32_to_cpu(ah->av.eth.sl_tclass_flowlabel) >> 29; |
2969 |
++ else |
2970 |
++ ah_attr->sl = be32_to_cpu(ah->av.ib.sl_tclass_flowlabel) >> 28; |
2971 |
++ |
2972 |
+ ah_attr->dlid = ll == IB_LINK_LAYER_INFINIBAND ? be16_to_cpu(ah->av.ib.dlid) : 0; |
2973 |
+ if (ah->av.ib.stat_rate) |
2974 |
+ ah_attr->static_rate = ah->av.ib.stat_rate - MLX4_STAT_RATE_OFFSET; |
2975 |
+diff --git a/drivers/infiniband/hw/mlx4/sysfs.c b/drivers/infiniband/hw/mlx4/sysfs.c |
2976 |
+index cb4c66e723b5..89b43da1978d 100644 |
2977 |
+--- a/drivers/infiniband/hw/mlx4/sysfs.c |
2978 |
++++ b/drivers/infiniband/hw/mlx4/sysfs.c |
2979 |
+@@ -660,6 +660,8 @@ static int add_port(struct mlx4_ib_dev *dev, int port_num, int slave) |
2980 |
+ struct mlx4_port *p; |
2981 |
+ int i; |
2982 |
+ int ret; |
2983 |
++ int is_eth = rdma_port_get_link_layer(&dev->ib_dev, port_num) == |
2984 |
++ IB_LINK_LAYER_ETHERNET; |
2985 |
+ |
2986 |
+ p = kzalloc(sizeof *p, GFP_KERNEL); |
2987 |
+ if (!p) |
2988 |
+@@ -677,7 +679,8 @@ static int add_port(struct mlx4_ib_dev *dev, int port_num, int slave) |
2989 |
+ |
2990 |
+ p->pkey_group.name = "pkey_idx"; |
2991 |
+ p->pkey_group.attrs = |
2992 |
+- alloc_group_attrs(show_port_pkey, store_port_pkey, |
2993 |
++ alloc_group_attrs(show_port_pkey, |
2994 |
++ is_eth ? NULL : store_port_pkey, |
2995 |
+ dev->dev->caps.pkey_table_len[port_num]); |
2996 |
+ if (!p->pkey_group.attrs) { |
2997 |
+ ret = -ENOMEM; |
2998 |
+diff --git a/drivers/infiniband/hw/qib/qib_keys.c b/drivers/infiniband/hw/qib/qib_keys.c |
2999 |
+index 3b9afccaaade..eabe54738be6 100644 |
3000 |
+--- a/drivers/infiniband/hw/qib/qib_keys.c |
3001 |
++++ b/drivers/infiniband/hw/qib/qib_keys.c |
3002 |
+@@ -86,6 +86,10 @@ int qib_alloc_lkey(struct qib_mregion *mr, int dma_region) |
3003 |
+ * unrestricted LKEY. |
3004 |
+ */ |
3005 |
+ rkt->gen++; |
3006 |
++ /* |
3007 |
++ * bits are capped in qib_verbs.c to insure enough bits |
3008 |
++ * for generation number |
3009 |
++ */ |
3010 |
+ mr->lkey = (r << (32 - ib_qib_lkey_table_size)) | |
3011 |
+ ((((1 << (24 - ib_qib_lkey_table_size)) - 1) & rkt->gen) |
3012 |
+ << 8); |
3013 |
+diff --git a/drivers/infiniband/hw/qib/qib_verbs.c b/drivers/infiniband/hw/qib/qib_verbs.c |
3014 |
+index 9bcfbd842980..40afdfce2fbc 100644 |
3015 |
+--- a/drivers/infiniband/hw/qib/qib_verbs.c |
3016 |
++++ b/drivers/infiniband/hw/qib/qib_verbs.c |
3017 |
+@@ -40,6 +40,7 @@ |
3018 |
+ #include <linux/rculist.h> |
3019 |
+ #include <linux/mm.h> |
3020 |
+ #include <linux/random.h> |
3021 |
++#include <linux/vmalloc.h> |
3022 |
+ |
3023 |
+ #include "qib.h" |
3024 |
+ #include "qib_common.h" |
3025 |
+@@ -2086,10 +2087,16 @@ int qib_register_ib_device(struct qib_devdata *dd) |
3026 |
+ * the LKEY). The remaining bits act as a generation number or tag. |
3027 |
+ */ |
3028 |
+ spin_lock_init(&dev->lk_table.lock); |
3029 |
++ /* insure generation is at least 4 bits see keys.c */ |
3030 |
++ if (ib_qib_lkey_table_size > MAX_LKEY_TABLE_BITS) { |
3031 |
++ qib_dev_warn(dd, "lkey bits %u too large, reduced to %u\n", |
3032 |
++ ib_qib_lkey_table_size, MAX_LKEY_TABLE_BITS); |
3033 |
++ ib_qib_lkey_table_size = MAX_LKEY_TABLE_BITS; |
3034 |
++ } |
3035 |
+ dev->lk_table.max = 1 << ib_qib_lkey_table_size; |
3036 |
+ lk_tab_size = dev->lk_table.max * sizeof(*dev->lk_table.table); |
3037 |
+ dev->lk_table.table = (struct qib_mregion __rcu **) |
3038 |
+- __get_free_pages(GFP_KERNEL, get_order(lk_tab_size)); |
3039 |
++ vmalloc(lk_tab_size); |
3040 |
+ if (dev->lk_table.table == NULL) { |
3041 |
+ ret = -ENOMEM; |
3042 |
+ goto err_lk; |
3043 |
+@@ -2262,7 +2269,7 @@ err_tx: |
3044 |
+ sizeof(struct qib_pio_header), |
3045 |
+ dev->pio_hdrs, dev->pio_hdrs_phys); |
3046 |
+ err_hdrs: |
3047 |
+- free_pages((unsigned long) dev->lk_table.table, get_order(lk_tab_size)); |
3048 |
++ vfree(dev->lk_table.table); |
3049 |
+ err_lk: |
3050 |
+ kfree(dev->qp_table); |
3051 |
+ err_qpt: |
3052 |
+@@ -2316,8 +2323,7 @@ void qib_unregister_ib_device(struct qib_devdata *dd) |
3053 |
+ sizeof(struct qib_pio_header), |
3054 |
+ dev->pio_hdrs, dev->pio_hdrs_phys); |
3055 |
+ lk_tab_size = dev->lk_table.max * sizeof(*dev->lk_table.table); |
3056 |
+- free_pages((unsigned long) dev->lk_table.table, |
3057 |
+- get_order(lk_tab_size)); |
3058 |
++ vfree(dev->lk_table.table); |
3059 |
+ kfree(dev->qp_table); |
3060 |
+ } |
3061 |
+ |
3062 |
+diff --git a/drivers/infiniband/hw/qib/qib_verbs.h b/drivers/infiniband/hw/qib/qib_verbs.h |
3063 |
+index bfc8948fdd35..44ca28c83fe6 100644 |
3064 |
+--- a/drivers/infiniband/hw/qib/qib_verbs.h |
3065 |
++++ b/drivers/infiniband/hw/qib/qib_verbs.h |
3066 |
+@@ -647,6 +647,8 @@ struct qib_qpn_table { |
3067 |
+ struct qpn_map map[QPNMAP_ENTRIES]; |
3068 |
+ }; |
3069 |
+ |
3070 |
++#define MAX_LKEY_TABLE_BITS 23 |
3071 |
++ |
3072 |
+ struct qib_lkey_table { |
3073 |
+ spinlock_t lock; /* protect changes in this struct */ |
3074 |
+ u32 next; /* next unused index (speeds search) */ |
3075 |
+diff --git a/drivers/infiniband/ulp/isert/ib_isert.c b/drivers/infiniband/ulp/isert/ib_isert.c |
3076 |
+index 7b8c29b295ac..357206a20017 100644 |
3077 |
+--- a/drivers/infiniband/ulp/isert/ib_isert.c |
3078 |
++++ b/drivers/infiniband/ulp/isert/ib_isert.c |
3079 |
+@@ -3110,9 +3110,16 @@ isert_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd, bool recovery) |
3080 |
+ static int |
3081 |
+ isert_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state) |
3082 |
+ { |
3083 |
+- int ret; |
3084 |
++ struct isert_cmd *isert_cmd = iscsit_priv_cmd(cmd); |
3085 |
++ int ret = 0; |
3086 |
+ |
3087 |
+ switch (state) { |
3088 |
++ case ISTATE_REMOVE: |
3089 |
++ spin_lock_bh(&conn->cmd_lock); |
3090 |
++ list_del_init(&cmd->i_conn_node); |
3091 |
++ spin_unlock_bh(&conn->cmd_lock); |
3092 |
++ isert_put_cmd(isert_cmd, true); |
3093 |
++ break; |
3094 |
+ case ISTATE_SEND_NOPIN_WANT_RESPONSE: |
3095 |
+ ret = isert_put_nopin(cmd, conn, false); |
3096 |
+ break; |
3097 |
+diff --git a/drivers/input/evdev.c b/drivers/input/evdev.c |
3098 |
+index 8afa28e4570e..928dec311c2b 100644 |
3099 |
+--- a/drivers/input/evdev.c |
3100 |
++++ b/drivers/input/evdev.c |
3101 |
+@@ -239,19 +239,14 @@ static int evdev_flush(struct file *file, fl_owner_t id) |
3102 |
+ { |
3103 |
+ struct evdev_client *client = file->private_data; |
3104 |
+ struct evdev *evdev = client->evdev; |
3105 |
+- int retval; |
3106 |
+ |
3107 |
+- retval = mutex_lock_interruptible(&evdev->mutex); |
3108 |
+- if (retval) |
3109 |
+- return retval; |
3110 |
++ mutex_lock(&evdev->mutex); |
3111 |
+ |
3112 |
+- if (!evdev->exist || client->revoked) |
3113 |
+- retval = -ENODEV; |
3114 |
+- else |
3115 |
+- retval = input_flush_device(&evdev->handle, file); |
3116 |
++ if (evdev->exist && !client->revoked) |
3117 |
++ input_flush_device(&evdev->handle, file); |
3118 |
+ |
3119 |
+ mutex_unlock(&evdev->mutex); |
3120 |
+- return retval; |
3121 |
++ return 0; |
3122 |
+ } |
3123 |
+ |
3124 |
+ static void evdev_free(struct device *dev) |
3125 |
+diff --git a/drivers/macintosh/windfarm_core.c b/drivers/macintosh/windfarm_core.c |
3126 |
+index 3ee198b65843..cc7ece1712b5 100644 |
3127 |
+--- a/drivers/macintosh/windfarm_core.c |
3128 |
++++ b/drivers/macintosh/windfarm_core.c |
3129 |
+@@ -435,7 +435,7 @@ int wf_unregister_client(struct notifier_block *nb) |
3130 |
+ { |
3131 |
+ mutex_lock(&wf_lock); |
3132 |
+ blocking_notifier_chain_unregister(&wf_client_list, nb); |
3133 |
+- wf_client_count++; |
3134 |
++ wf_client_count--; |
3135 |
+ if (wf_client_count == 0) |
3136 |
+ wf_stop_thread(); |
3137 |
+ mutex_unlock(&wf_lock); |
3138 |
+diff --git a/drivers/md/dm-cache-policy-cleaner.c b/drivers/md/dm-cache-policy-cleaner.c |
3139 |
+index b04d1f904d07..2eca9084defe 100644 |
3140 |
+--- a/drivers/md/dm-cache-policy-cleaner.c |
3141 |
++++ b/drivers/md/dm-cache-policy-cleaner.c |
3142 |
+@@ -434,7 +434,7 @@ static struct dm_cache_policy *wb_create(dm_cblock_t cache_size, |
3143 |
+ static struct dm_cache_policy_type wb_policy_type = { |
3144 |
+ .name = "cleaner", |
3145 |
+ .version = {1, 0, 0}, |
3146 |
+- .hint_size = 0, |
3147 |
++ .hint_size = 4, |
3148 |
+ .owner = THIS_MODULE, |
3149 |
+ .create = wb_create |
3150 |
+ }; |
3151 |
+diff --git a/drivers/md/dm-raid.c b/drivers/md/dm-raid.c |
3152 |
+index 07c0fa0fa284..e5d97da5f41e 100644 |
3153 |
+--- a/drivers/md/dm-raid.c |
3154 |
++++ b/drivers/md/dm-raid.c |
3155 |
+@@ -327,8 +327,7 @@ static int validate_region_size(struct raid_set *rs, unsigned long region_size) |
3156 |
+ */ |
3157 |
+ if (min_region_size > (1 << 13)) { |
3158 |
+ /* If not a power of 2, make it the next power of 2 */ |
3159 |
+- if (min_region_size & (min_region_size - 1)) |
3160 |
+- region_size = 1 << fls(region_size); |
3161 |
++ region_size = roundup_pow_of_two(min_region_size); |
3162 |
+ DMINFO("Choosing default region size of %lu sectors", |
3163 |
+ region_size); |
3164 |
+ } else { |
3165 |
+diff --git a/drivers/md/md.c b/drivers/md/md.c |
3166 |
+index dd7a3701b99c..9c5d53f3e4c6 100644 |
3167 |
+--- a/drivers/md/md.c |
3168 |
++++ b/drivers/md/md.c |
3169 |
+@@ -5073,6 +5073,8 @@ EXPORT_SYMBOL_GPL(md_stop_writes); |
3170 |
+ static void __md_stop(struct mddev *mddev) |
3171 |
+ { |
3172 |
+ mddev->ready = 0; |
3173 |
++ /* Ensure ->event_work is done */ |
3174 |
++ flush_workqueue(md_misc_wq); |
3175 |
+ mddev->pers->stop(mddev); |
3176 |
+ if (mddev->pers->sync_request && mddev->to_remove == NULL) |
3177 |
+ mddev->to_remove = &md_redundancy_group; |
3178 |
+diff --git a/drivers/md/persistent-data/dm-btree-internal.h b/drivers/md/persistent-data/dm-btree-internal.h |
3179 |
+index bf2b80d5c470..8731b6ea026b 100644 |
3180 |
+--- a/drivers/md/persistent-data/dm-btree-internal.h |
3181 |
++++ b/drivers/md/persistent-data/dm-btree-internal.h |
3182 |
+@@ -138,4 +138,10 @@ int lower_bound(struct btree_node *n, uint64_t key); |
3183 |
+ |
3184 |
+ extern struct dm_block_validator btree_node_validator; |
3185 |
+ |
3186 |
++/* |
3187 |
++ * Value type for upper levels of multi-level btrees. |
3188 |
++ */ |
3189 |
++extern void init_le64_type(struct dm_transaction_manager *tm, |
3190 |
++ struct dm_btree_value_type *vt); |
3191 |
++ |
3192 |
+ #endif /* DM_BTREE_INTERNAL_H */ |
3193 |
+diff --git a/drivers/md/persistent-data/dm-btree-remove.c b/drivers/md/persistent-data/dm-btree-remove.c |
3194 |
+index a03178e91a79..7c0d75547ccf 100644 |
3195 |
+--- a/drivers/md/persistent-data/dm-btree-remove.c |
3196 |
++++ b/drivers/md/persistent-data/dm-btree-remove.c |
3197 |
+@@ -544,14 +544,6 @@ static int remove_raw(struct shadow_spine *s, struct dm_btree_info *info, |
3198 |
+ return r; |
3199 |
+ } |
3200 |
+ |
3201 |
+-static struct dm_btree_value_type le64_type = { |
3202 |
+- .context = NULL, |
3203 |
+- .size = sizeof(__le64), |
3204 |
+- .inc = NULL, |
3205 |
+- .dec = NULL, |
3206 |
+- .equal = NULL |
3207 |
+-}; |
3208 |
+- |
3209 |
+ int dm_btree_remove(struct dm_btree_info *info, dm_block_t root, |
3210 |
+ uint64_t *keys, dm_block_t *new_root) |
3211 |
+ { |
3212 |
+@@ -559,12 +551,14 @@ int dm_btree_remove(struct dm_btree_info *info, dm_block_t root, |
3213 |
+ int index = 0, r = 0; |
3214 |
+ struct shadow_spine spine; |
3215 |
+ struct btree_node *n; |
3216 |
++ struct dm_btree_value_type le64_vt; |
3217 |
+ |
3218 |
++ init_le64_type(info->tm, &le64_vt); |
3219 |
+ init_shadow_spine(&spine, info); |
3220 |
+ for (level = 0; level < info->levels; level++) { |
3221 |
+ r = remove_raw(&spine, info, |
3222 |
+ (level == last_level ? |
3223 |
+- &info->value_type : &le64_type), |
3224 |
++ &info->value_type : &le64_vt), |
3225 |
+ root, keys[level], (unsigned *)&index); |
3226 |
+ if (r < 0) |
3227 |
+ break; |
3228 |
+diff --git a/drivers/md/persistent-data/dm-btree-spine.c b/drivers/md/persistent-data/dm-btree-spine.c |
3229 |
+index 1b5e13ec7f96..0dee514ba4c5 100644 |
3230 |
+--- a/drivers/md/persistent-data/dm-btree-spine.c |
3231 |
++++ b/drivers/md/persistent-data/dm-btree-spine.c |
3232 |
+@@ -249,3 +249,40 @@ int shadow_root(struct shadow_spine *s) |
3233 |
+ { |
3234 |
+ return s->root; |
3235 |
+ } |
3236 |
++ |
3237 |
++static void le64_inc(void *context, const void *value_le) |
3238 |
++{ |
3239 |
++ struct dm_transaction_manager *tm = context; |
3240 |
++ __le64 v_le; |
3241 |
++ |
3242 |
++ memcpy(&v_le, value_le, sizeof(v_le)); |
3243 |
++ dm_tm_inc(tm, le64_to_cpu(v_le)); |
3244 |
++} |
3245 |
++ |
3246 |
++static void le64_dec(void *context, const void *value_le) |
3247 |
++{ |
3248 |
++ struct dm_transaction_manager *tm = context; |
3249 |
++ __le64 v_le; |
3250 |
++ |
3251 |
++ memcpy(&v_le, value_le, sizeof(v_le)); |
3252 |
++ dm_tm_dec(tm, le64_to_cpu(v_le)); |
3253 |
++} |
3254 |
++ |
3255 |
++static int le64_equal(void *context, const void *value1_le, const void *value2_le) |
3256 |
++{ |
3257 |
++ __le64 v1_le, v2_le; |
3258 |
++ |
3259 |
++ memcpy(&v1_le, value1_le, sizeof(v1_le)); |
3260 |
++ memcpy(&v2_le, value2_le, sizeof(v2_le)); |
3261 |
++ return v1_le == v2_le; |
3262 |
++} |
3263 |
++ |
3264 |
++void init_le64_type(struct dm_transaction_manager *tm, |
3265 |
++ struct dm_btree_value_type *vt) |
3266 |
++{ |
3267 |
++ vt->context = tm; |
3268 |
++ vt->size = sizeof(__le64); |
3269 |
++ vt->inc = le64_inc; |
3270 |
++ vt->dec = le64_dec; |
3271 |
++ vt->equal = le64_equal; |
3272 |
++} |
3273 |
+diff --git a/drivers/md/persistent-data/dm-btree.c b/drivers/md/persistent-data/dm-btree.c |
3274 |
+index fdd3793e22f9..c7726cebc495 100644 |
3275 |
+--- a/drivers/md/persistent-data/dm-btree.c |
3276 |
++++ b/drivers/md/persistent-data/dm-btree.c |
3277 |
+@@ -667,12 +667,7 @@ static int insert(struct dm_btree_info *info, dm_block_t root, |
3278 |
+ struct btree_node *n; |
3279 |
+ struct dm_btree_value_type le64_type; |
3280 |
+ |
3281 |
+- le64_type.context = NULL; |
3282 |
+- le64_type.size = sizeof(__le64); |
3283 |
+- le64_type.inc = NULL; |
3284 |
+- le64_type.dec = NULL; |
3285 |
+- le64_type.equal = NULL; |
3286 |
+- |
3287 |
++ init_le64_type(info->tm, &le64_type); |
3288 |
+ init_shadow_spine(&spine, info); |
3289 |
+ |
3290 |
+ for (level = 0; level < (info->levels - 1); level++) { |
3291 |
+diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c |
3292 |
+index 32e282f4c83c..17eb76760bf5 100644 |
3293 |
+--- a/drivers/md/raid10.c |
3294 |
++++ b/drivers/md/raid10.c |
3295 |
+@@ -3581,6 +3581,7 @@ static struct r10conf *setup_conf(struct mddev *mddev) |
3296 |
+ /* far_copies must be 1 */ |
3297 |
+ conf->prev.stride = conf->dev_sectors; |
3298 |
+ } |
3299 |
++ conf->reshape_safe = conf->reshape_progress; |
3300 |
+ spin_lock_init(&conf->device_lock); |
3301 |
+ INIT_LIST_HEAD(&conf->retry_list); |
3302 |
+ |
3303 |
+@@ -3788,7 +3789,6 @@ static int run(struct mddev *mddev) |
3304 |
+ } |
3305 |
+ conf->offset_diff = min_offset_diff; |
3306 |
+ |
3307 |
+- conf->reshape_safe = conf->reshape_progress; |
3308 |
+ clear_bit(MD_RECOVERY_SYNC, &mddev->recovery); |
3309 |
+ clear_bit(MD_RECOVERY_CHECK, &mddev->recovery); |
3310 |
+ set_bit(MD_RECOVERY_RESHAPE, &mddev->recovery); |
3311 |
+@@ -4135,6 +4135,7 @@ static int raid10_start_reshape(struct mddev *mddev) |
3312 |
+ conf->reshape_progress = size; |
3313 |
+ } else |
3314 |
+ conf->reshape_progress = 0; |
3315 |
++ conf->reshape_safe = conf->reshape_progress; |
3316 |
+ spin_unlock_irq(&conf->device_lock); |
3317 |
+ |
3318 |
+ if (mddev->delta_disks && mddev->bitmap) { |
3319 |
+@@ -4201,6 +4202,7 @@ abort: |
3320 |
+ rdev->new_data_offset = rdev->data_offset; |
3321 |
+ smp_wmb(); |
3322 |
+ conf->reshape_progress = MaxSector; |
3323 |
++ conf->reshape_safe = MaxSector; |
3324 |
+ mddev->reshape_position = MaxSector; |
3325 |
+ spin_unlock_irq(&conf->device_lock); |
3326 |
+ return ret; |
3327 |
+@@ -4555,6 +4557,7 @@ static void end_reshape(struct r10conf *conf) |
3328 |
+ md_finish_reshape(conf->mddev); |
3329 |
+ smp_wmb(); |
3330 |
+ conf->reshape_progress = MaxSector; |
3331 |
++ conf->reshape_safe = MaxSector; |
3332 |
+ spin_unlock_irq(&conf->device_lock); |
3333 |
+ |
3334 |
+ /* read-ahead size must cover two whole stripes, which is |
3335 |
+diff --git a/drivers/media/platform/omap3isp/isp.c b/drivers/media/platform/omap3isp/isp.c |
3336 |
+index 72265e58ca60..233eccc5c33e 100644 |
3337 |
+--- a/drivers/media/platform/omap3isp/isp.c |
3338 |
++++ b/drivers/media/platform/omap3isp/isp.c |
3339 |
+@@ -813,14 +813,14 @@ static int isp_pipeline_link_notify(struct media_link *link, u32 flags, |
3340 |
+ int ret; |
3341 |
+ |
3342 |
+ if (notification == MEDIA_DEV_NOTIFY_POST_LINK_CH && |
3343 |
+- !(link->flags & MEDIA_LNK_FL_ENABLED)) { |
3344 |
++ !(flags & MEDIA_LNK_FL_ENABLED)) { |
3345 |
+ /* Powering off entities is assumed to never fail. */ |
3346 |
+ isp_pipeline_pm_power(source, -sink_use); |
3347 |
+ isp_pipeline_pm_power(sink, -source_use); |
3348 |
+ return 0; |
3349 |
+ } |
3350 |
+ |
3351 |
+- if (notification == MEDIA_DEV_NOTIFY_POST_LINK_CH && |
3352 |
++ if (notification == MEDIA_DEV_NOTIFY_PRE_LINK_CH && |
3353 |
+ (flags & MEDIA_LNK_FL_ENABLED)) { |
3354 |
+ |
3355 |
+ ret = isp_pipeline_pm_power(source, sink_use); |
3356 |
+diff --git a/drivers/media/rc/rc-main.c b/drivers/media/rc/rc-main.c |
3357 |
+index fc369b033484..b4ceda856939 100644 |
3358 |
+--- a/drivers/media/rc/rc-main.c |
3359 |
++++ b/drivers/media/rc/rc-main.c |
3360 |
+@@ -1191,9 +1191,6 @@ static int rc_dev_uevent(struct device *device, struct kobj_uevent_env *env) |
3361 |
+ { |
3362 |
+ struct rc_dev *dev = to_rc_dev(device); |
3363 |
+ |
3364 |
+- if (!dev || !dev->input_dev) |
3365 |
+- return -ENODEV; |
3366 |
+- |
3367 |
+ if (dev->rc_map.name) |
3368 |
+ ADD_HOTPLUG_VAR("NAME=%s", dev->rc_map.name); |
3369 |
+ if (dev->driver_name) |
3370 |
+diff --git a/drivers/misc/cxl/pci.c b/drivers/misc/cxl/pci.c |
3371 |
+index eee4fd606dc1..cc55691dbea6 100644 |
3372 |
+--- a/drivers/misc/cxl/pci.c |
3373 |
++++ b/drivers/misc/cxl/pci.c |
3374 |
+@@ -987,8 +987,6 @@ static int cxl_probe(struct pci_dev *dev, const struct pci_device_id *id) |
3375 |
+ int slice; |
3376 |
+ int rc; |
3377 |
+ |
3378 |
+- pci_dev_get(dev); |
3379 |
+- |
3380 |
+ if (cxl_verbose) |
3381 |
+ dump_cxl_config_space(dev); |
3382 |
+ |
3383 |
+diff --git a/drivers/mmc/core/core.c b/drivers/mmc/core/core.c |
3384 |
+index 297b4f912c2d..9a8cb9cd852d 100644 |
3385 |
+--- a/drivers/mmc/core/core.c |
3386 |
++++ b/drivers/mmc/core/core.c |
3387 |
+@@ -314,8 +314,10 @@ EXPORT_SYMBOL(mmc_start_bkops); |
3388 |
+ */ |
3389 |
+ static void mmc_wait_data_done(struct mmc_request *mrq) |
3390 |
+ { |
3391 |
+- mrq->host->context_info.is_done_rcv = true; |
3392 |
+- wake_up_interruptible(&mrq->host->context_info.wait); |
3393 |
++ struct mmc_context_info *context_info = &mrq->host->context_info; |
3394 |
++ |
3395 |
++ context_info->is_done_rcv = true; |
3396 |
++ wake_up_interruptible(&context_info->wait); |
3397 |
+ } |
3398 |
+ |
3399 |
+ static void mmc_wait_done(struct mmc_request *mrq) |
3400 |
+diff --git a/drivers/mtd/nand/pxa3xx_nand.c b/drivers/mtd/nand/pxa3xx_nand.c |
3401 |
+index bc677362bc73..eac876732f97 100644 |
3402 |
+--- a/drivers/mtd/nand/pxa3xx_nand.c |
3403 |
++++ b/drivers/mtd/nand/pxa3xx_nand.c |
3404 |
+@@ -1465,6 +1465,9 @@ static int pxa3xx_nand_scan(struct mtd_info *mtd) |
3405 |
+ if (pdata->keep_config && !pxa3xx_nand_detect_config(info)) |
3406 |
+ goto KEEP_CONFIG; |
3407 |
+ |
3408 |
++ /* Set a default chunk size */ |
3409 |
++ info->chunk_size = 512; |
3410 |
++ |
3411 |
+ ret = pxa3xx_nand_sensing(info); |
3412 |
+ if (ret) { |
3413 |
+ dev_info(&info->pdev->dev, "There is no chip on cs %d!\n", |
3414 |
+diff --git a/drivers/mtd/ubi/io.c b/drivers/mtd/ubi/io.c |
3415 |
+index d36134925d31..db657f2168d7 100644 |
3416 |
+--- a/drivers/mtd/ubi/io.c |
3417 |
++++ b/drivers/mtd/ubi/io.c |
3418 |
+@@ -921,6 +921,11 @@ static int validate_vid_hdr(const struct ubi_device *ubi, |
3419 |
+ goto bad; |
3420 |
+ } |
3421 |
+ |
3422 |
++ if (data_size > ubi->leb_size) { |
3423 |
++ ubi_err("bad data_size"); |
3424 |
++ goto bad; |
3425 |
++ } |
3426 |
++ |
3427 |
+ if (vol_type == UBI_VID_STATIC) { |
3428 |
+ /* |
3429 |
+ * Although from high-level point of view static volumes may |
3430 |
+diff --git a/drivers/mtd/ubi/vtbl.c b/drivers/mtd/ubi/vtbl.c |
3431 |
+index 07cac5f9ffb8..ec1009407fec 100644 |
3432 |
+--- a/drivers/mtd/ubi/vtbl.c |
3433 |
++++ b/drivers/mtd/ubi/vtbl.c |
3434 |
+@@ -651,6 +651,7 @@ static int init_volumes(struct ubi_device *ubi, |
3435 |
+ if (ubi->corr_peb_count) |
3436 |
+ ubi_err("%d PEBs are corrupted and not used", |
3437 |
+ ubi->corr_peb_count); |
3438 |
++ return -ENOSPC; |
3439 |
+ } |
3440 |
+ ubi->rsvd_pebs += reserved_pebs; |
3441 |
+ ubi->avail_pebs -= reserved_pebs; |
3442 |
+diff --git a/drivers/mtd/ubi/wl.c b/drivers/mtd/ubi/wl.c |
3443 |
+index ef670560971e..21d03130d8a7 100644 |
3444 |
+--- a/drivers/mtd/ubi/wl.c |
3445 |
++++ b/drivers/mtd/ubi/wl.c |
3446 |
+@@ -1982,6 +1982,7 @@ int ubi_wl_init(struct ubi_device *ubi, struct ubi_attach_info *ai) |
3447 |
+ if (ubi->corr_peb_count) |
3448 |
+ ubi_err("%d PEBs are corrupted and not used", |
3449 |
+ ubi->corr_peb_count); |
3450 |
++ err = -ENOSPC; |
3451 |
+ goto out_free; |
3452 |
+ } |
3453 |
+ ubi->avail_pebs -= reserved_pebs; |
3454 |
+diff --git a/drivers/net/dsa/bcm_sf2.c b/drivers/net/dsa/bcm_sf2.c |
3455 |
+index 4f4c2a7888e5..ea26483833f5 100644 |
3456 |
+--- a/drivers/net/dsa/bcm_sf2.c |
3457 |
++++ b/drivers/net/dsa/bcm_sf2.c |
3458 |
+@@ -684,16 +684,12 @@ static void bcm_sf2_sw_fixed_link_update(struct dsa_switch *ds, int port, |
3459 |
+ struct fixed_phy_status *status) |
3460 |
+ { |
3461 |
+ struct bcm_sf2_priv *priv = ds_to_priv(ds); |
3462 |
+- u32 link, duplex, pause, speed; |
3463 |
++ u32 link, duplex, pause; |
3464 |
+ u32 reg; |
3465 |
+ |
3466 |
+ link = core_readl(priv, CORE_LNKSTS); |
3467 |
+ duplex = core_readl(priv, CORE_DUPSTS); |
3468 |
+ pause = core_readl(priv, CORE_PAUSESTS); |
3469 |
+- speed = core_readl(priv, CORE_SPDSTS); |
3470 |
+- |
3471 |
+- speed >>= (port * SPDSTS_SHIFT); |
3472 |
+- speed &= SPDSTS_MASK; |
3473 |
+ |
3474 |
+ status->link = 0; |
3475 |
+ |
3476 |
+@@ -717,18 +713,6 @@ static void bcm_sf2_sw_fixed_link_update(struct dsa_switch *ds, int port, |
3477 |
+ status->duplex = !!(duplex & (1 << port)); |
3478 |
+ } |
3479 |
+ |
3480 |
+- switch (speed) { |
3481 |
+- case SPDSTS_10: |
3482 |
+- status->speed = SPEED_10; |
3483 |
+- break; |
3484 |
+- case SPDSTS_100: |
3485 |
+- status->speed = SPEED_100; |
3486 |
+- break; |
3487 |
+- case SPDSTS_1000: |
3488 |
+- status->speed = SPEED_1000; |
3489 |
+- break; |
3490 |
+- } |
3491 |
+- |
3492 |
+ if ((pause & (1 << port)) && |
3493 |
+ (pause & (1 << (port + PAUSESTS_TX_PAUSE_SHIFT)))) { |
3494 |
+ status->asym_pause = 1; |
3495 |
+diff --git a/drivers/net/dsa/bcm_sf2.h b/drivers/net/dsa/bcm_sf2.h |
3496 |
+index ee9f650d5026..3ecfda86366e 100644 |
3497 |
+--- a/drivers/net/dsa/bcm_sf2.h |
3498 |
++++ b/drivers/net/dsa/bcm_sf2.h |
3499 |
+@@ -110,8 +110,8 @@ static inline u64 name##_readq(struct bcm_sf2_priv *priv, u32 off) \ |
3500 |
+ spin_unlock(&priv->indir_lock); \ |
3501 |
+ return (u64)indir << 32 | dir; \ |
3502 |
+ } \ |
3503 |
+-static inline void name##_writeq(struct bcm_sf2_priv *priv, u32 off, \ |
3504 |
+- u64 val) \ |
3505 |
++static inline void name##_writeq(struct bcm_sf2_priv *priv, u64 val, \ |
3506 |
++ u32 off) \ |
3507 |
+ { \ |
3508 |
+ spin_lock(&priv->indir_lock); \ |
3509 |
+ reg_writel(priv, upper_32_bits(val), REG_DIR_DATA_WRITE); \ |
3510 |
+diff --git a/drivers/net/ethernet/altera/altera_tse_main.c b/drivers/net/ethernet/altera/altera_tse_main.c |
3511 |
+index 4efc4355d345..2eb6404755b1 100644 |
3512 |
+--- a/drivers/net/ethernet/altera/altera_tse_main.c |
3513 |
++++ b/drivers/net/ethernet/altera/altera_tse_main.c |
3514 |
+@@ -501,8 +501,7 @@ static int tse_poll(struct napi_struct *napi, int budget) |
3515 |
+ if (rxcomplete >= budget || txcomplete > 0) |
3516 |
+ return rxcomplete; |
3517 |
+ |
3518 |
+- napi_gro_flush(napi, false); |
3519 |
+- __napi_complete(napi); |
3520 |
++ napi_complete(napi); |
3521 |
+ |
3522 |
+ netdev_dbg(priv->dev, |
3523 |
+ "NAPI Complete, did %d packets with budget %d\n", |
3524 |
+diff --git a/drivers/net/ethernet/broadcom/tg3.c b/drivers/net/ethernet/broadcom/tg3.c |
3525 |
+index a37800ecb27c..6fa8272c8f31 100644 |
3526 |
+--- a/drivers/net/ethernet/broadcom/tg3.c |
3527 |
++++ b/drivers/net/ethernet/broadcom/tg3.c |
3528 |
+@@ -10752,7 +10752,7 @@ static ssize_t tg3_show_temp(struct device *dev, |
3529 |
+ tg3_ape_scratchpad_read(tp, &temperature, attr->index, |
3530 |
+ sizeof(temperature)); |
3531 |
+ spin_unlock_bh(&tp->lock); |
3532 |
+- return sprintf(buf, "%u\n", temperature); |
3533 |
++ return sprintf(buf, "%u\n", temperature * 1000); |
3534 |
+ } |
3535 |
+ |
3536 |
+ |
3537 |
+diff --git a/drivers/net/ethernet/brocade/bna/bnad.c b/drivers/net/ethernet/brocade/bna/bnad.c |
3538 |
+index c3861de9dc81..d864614f1255 100644 |
3539 |
+--- a/drivers/net/ethernet/brocade/bna/bnad.c |
3540 |
++++ b/drivers/net/ethernet/brocade/bna/bnad.c |
3541 |
+@@ -674,6 +674,7 @@ bnad_cq_process(struct bnad *bnad, struct bna_ccb *ccb, int budget) |
3542 |
+ if (!next_cmpl->valid) |
3543 |
+ break; |
3544 |
+ } |
3545 |
++ packets++; |
3546 |
+ |
3547 |
+ /* TODO: BNA_CQ_EF_LOCAL ? */ |
3548 |
+ if (unlikely(flags & (BNA_CQ_EF_MAC_ERROR | |
3549 |
+@@ -690,7 +691,6 @@ bnad_cq_process(struct bnad *bnad, struct bna_ccb *ccb, int budget) |
3550 |
+ else |
3551 |
+ bnad_cq_setup_skb_frags(rcb, skb, sop_ci, nvecs, len); |
3552 |
+ |
3553 |
+- packets++; |
3554 |
+ rcb->rxq->rx_packets++; |
3555 |
+ rcb->rxq->rx_bytes += totlen; |
3556 |
+ ccb->bytes_per_intr += totlen; |
3557 |
+diff --git a/drivers/net/ethernet/intel/igb/igb.h b/drivers/net/ethernet/intel/igb/igb.h |
3558 |
+index 82d891e183b1..95f47b9f50d4 100644 |
3559 |
+--- a/drivers/net/ethernet/intel/igb/igb.h |
3560 |
++++ b/drivers/net/ethernet/intel/igb/igb.h |
3561 |
+@@ -531,6 +531,7 @@ void igb_ptp_rx_pktstamp(struct igb_q_vector *q_vector, unsigned char *va, |
3562 |
+ struct sk_buff *skb); |
3563 |
+ int igb_ptp_set_ts_config(struct net_device *netdev, struct ifreq *ifr); |
3564 |
+ int igb_ptp_get_ts_config(struct net_device *netdev, struct ifreq *ifr); |
3565 |
++void igb_set_flag_queue_pairs(struct igb_adapter *, const u32); |
3566 |
+ #ifdef CONFIG_IGB_HWMON |
3567 |
+ void igb_sysfs_exit(struct igb_adapter *adapter); |
3568 |
+ int igb_sysfs_init(struct igb_adapter *adapter); |
3569 |
+diff --git a/drivers/net/ethernet/intel/igb/igb_ethtool.c b/drivers/net/ethernet/intel/igb/igb_ethtool.c |
3570 |
+index 02cfd3b14762..aa176cea5a41 100644 |
3571 |
+--- a/drivers/net/ethernet/intel/igb/igb_ethtool.c |
3572 |
++++ b/drivers/net/ethernet/intel/igb/igb_ethtool.c |
3573 |
+@@ -2979,6 +2979,7 @@ static int igb_set_channels(struct net_device *netdev, |
3574 |
+ { |
3575 |
+ struct igb_adapter *adapter = netdev_priv(netdev); |
3576 |
+ unsigned int count = ch->combined_count; |
3577 |
++ unsigned int max_combined = 0; |
3578 |
+ |
3579 |
+ /* Verify they are not requesting separate vectors */ |
3580 |
+ if (!count || ch->rx_count || ch->tx_count) |
3581 |
+@@ -2989,11 +2990,13 @@ static int igb_set_channels(struct net_device *netdev, |
3582 |
+ return -EINVAL; |
3583 |
+ |
3584 |
+ /* Verify the number of channels doesn't exceed hw limits */ |
3585 |
+- if (count > igb_max_channels(adapter)) |
3586 |
++ max_combined = igb_max_channels(adapter); |
3587 |
++ if (count > max_combined) |
3588 |
+ return -EINVAL; |
3589 |
+ |
3590 |
+ if (count != adapter->rss_queues) { |
3591 |
+ adapter->rss_queues = count; |
3592 |
++ igb_set_flag_queue_pairs(adapter, max_combined); |
3593 |
+ |
3594 |
+ /* Hardware has to reinitialize queues and interrupts to |
3595 |
+ * match the new configuration. |
3596 |
+diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c |
3597 |
+index 487cd9c4ac0d..e0f36647d3dd 100644 |
3598 |
+--- a/drivers/net/ethernet/intel/igb/igb_main.c |
3599 |
++++ b/drivers/net/ethernet/intel/igb/igb_main.c |
3600 |
+@@ -1207,8 +1207,14 @@ static int igb_alloc_q_vector(struct igb_adapter *adapter, |
3601 |
+ |
3602 |
+ /* allocate q_vector and rings */ |
3603 |
+ q_vector = adapter->q_vector[v_idx]; |
3604 |
+- if (!q_vector) |
3605 |
++ if (!q_vector) { |
3606 |
++ q_vector = kzalloc(size, GFP_KERNEL); |
3607 |
++ } else if (size > ksize(q_vector)) { |
3608 |
++ kfree_rcu(q_vector, rcu); |
3609 |
+ q_vector = kzalloc(size, GFP_KERNEL); |
3610 |
++ } else { |
3611 |
++ memset(q_vector, 0, size); |
3612 |
++ } |
3613 |
+ if (!q_vector) |
3614 |
+ return -ENOMEM; |
3615 |
+ |
3616 |
+@@ -2861,7 +2867,7 @@ static void igb_probe_vfs(struct igb_adapter *adapter) |
3617 |
+ return; |
3618 |
+ |
3619 |
+ pci_sriov_set_totalvfs(pdev, 7); |
3620 |
+- igb_pci_enable_sriov(pdev, max_vfs); |
3621 |
++ igb_enable_sriov(pdev, max_vfs); |
3622 |
+ |
3623 |
+ #endif /* CONFIG_PCI_IOV */ |
3624 |
+ } |
3625 |
+@@ -2902,6 +2908,14 @@ static void igb_init_queue_configuration(struct igb_adapter *adapter) |
3626 |
+ |
3627 |
+ adapter->rss_queues = min_t(u32, max_rss_queues, num_online_cpus()); |
3628 |
+ |
3629 |
++ igb_set_flag_queue_pairs(adapter, max_rss_queues); |
3630 |
++} |
3631 |
++ |
3632 |
++void igb_set_flag_queue_pairs(struct igb_adapter *adapter, |
3633 |
++ const u32 max_rss_queues) |
3634 |
++{ |
3635 |
++ struct e1000_hw *hw = &adapter->hw; |
3636 |
++ |
3637 |
+ /* Determine if we need to pair queues. */ |
3638 |
+ switch (hw->mac.type) { |
3639 |
+ case e1000_82575: |
3640 |
+diff --git a/drivers/net/usb/usbnet.c b/drivers/net/usb/usbnet.c |
3641 |
+index e7ed2513b1d1..7a598932f922 100644 |
3642 |
+--- a/drivers/net/usb/usbnet.c |
3643 |
++++ b/drivers/net/usb/usbnet.c |
3644 |
+@@ -779,7 +779,7 @@ int usbnet_stop (struct net_device *net) |
3645 |
+ { |
3646 |
+ struct usbnet *dev = netdev_priv(net); |
3647 |
+ struct driver_info *info = dev->driver_info; |
3648 |
+- int retval, pm; |
3649 |
++ int retval, pm, mpn; |
3650 |
+ |
3651 |
+ clear_bit(EVENT_DEV_OPEN, &dev->flags); |
3652 |
+ netif_stop_queue (net); |
3653 |
+@@ -810,6 +810,8 @@ int usbnet_stop (struct net_device *net) |
3654 |
+ |
3655 |
+ usbnet_purge_paused_rxq(dev); |
3656 |
+ |
3657 |
++ mpn = !test_and_clear_bit(EVENT_NO_RUNTIME_PM, &dev->flags); |
3658 |
++ |
3659 |
+ /* deferred work (task, timer, softirq) must also stop. |
3660 |
+ * can't flush_scheduled_work() until we drop rtnl (later), |
3661 |
+ * else workers could deadlock; so make workers a NOP. |
3662 |
+@@ -820,8 +822,7 @@ int usbnet_stop (struct net_device *net) |
3663 |
+ if (!pm) |
3664 |
+ usb_autopm_put_interface(dev->intf); |
3665 |
+ |
3666 |
+- if (info->manage_power && |
3667 |
+- !test_and_clear_bit(EVENT_NO_RUNTIME_PM, &dev->flags)) |
3668 |
++ if (info->manage_power && mpn) |
3669 |
+ info->manage_power(dev, 0); |
3670 |
+ else |
3671 |
+ usb_autopm_put_interface(dev->intf); |
3672 |
+diff --git a/drivers/net/wireless/ath/ath10k/htc.c b/drivers/net/wireless/ath/ath10k/htc.c |
3673 |
+index 676bd4ed969b..32003e682351 100644 |
3674 |
+--- a/drivers/net/wireless/ath/ath10k/htc.c |
3675 |
++++ b/drivers/net/wireless/ath/ath10k/htc.c |
3676 |
+@@ -162,8 +162,10 @@ int ath10k_htc_send(struct ath10k_htc *htc, |
3677 |
+ |
3678 |
+ skb_cb->paddr = dma_map_single(dev, skb->data, skb->len, DMA_TO_DEVICE); |
3679 |
+ ret = dma_mapping_error(dev, skb_cb->paddr); |
3680 |
+- if (ret) |
3681 |
++ if (ret) { |
3682 |
++ ret = -EIO; |
3683 |
+ goto err_credits; |
3684 |
++ } |
3685 |
+ |
3686 |
+ sg_item.transfer_id = ep->eid; |
3687 |
+ sg_item.transfer_context = skb; |
3688 |
+diff --git a/drivers/net/wireless/ath/ath10k/htt_tx.c b/drivers/net/wireless/ath/ath10k/htt_tx.c |
3689 |
+index bd87a35201d8..55c60783c129 100644 |
3690 |
+--- a/drivers/net/wireless/ath/ath10k/htt_tx.c |
3691 |
++++ b/drivers/net/wireless/ath/ath10k/htt_tx.c |
3692 |
+@@ -402,8 +402,10 @@ int ath10k_htt_mgmt_tx(struct ath10k_htt *htt, struct sk_buff *msdu) |
3693 |
+ skb_cb->paddr = dma_map_single(dev, msdu->data, msdu->len, |
3694 |
+ DMA_TO_DEVICE); |
3695 |
+ res = dma_mapping_error(dev, skb_cb->paddr); |
3696 |
+- if (res) |
3697 |
++ if (res) { |
3698 |
++ res = -EIO; |
3699 |
+ goto err_free_txdesc; |
3700 |
++ } |
3701 |
+ |
3702 |
+ skb_put(txdesc, len); |
3703 |
+ cmd = (struct htt_cmd *)txdesc->data; |
3704 |
+@@ -488,8 +490,10 @@ int ath10k_htt_tx(struct ath10k_htt *htt, struct sk_buff *msdu) |
3705 |
+ skb_cb->paddr = dma_map_single(dev, msdu->data, msdu->len, |
3706 |
+ DMA_TO_DEVICE); |
3707 |
+ res = dma_mapping_error(dev, skb_cb->paddr); |
3708 |
+- if (res) |
3709 |
++ if (res) { |
3710 |
++ res = -EIO; |
3711 |
+ goto err_free_txbuf; |
3712 |
++ } |
3713 |
+ |
3714 |
+ if (likely(use_frags)) { |
3715 |
+ frags = skb_cb->htt.txbuf->frags; |
3716 |
+diff --git a/drivers/net/wireless/ath/ath10k/pci.c b/drivers/net/wireless/ath/ath10k/pci.c |
3717 |
+index 59e0ea83be50..06620657cc19 100644 |
3718 |
+--- a/drivers/net/wireless/ath/ath10k/pci.c |
3719 |
++++ b/drivers/net/wireless/ath/ath10k/pci.c |
3720 |
+@@ -1298,8 +1298,10 @@ static int ath10k_pci_hif_exchange_bmi_msg(struct ath10k *ar, |
3721 |
+ |
3722 |
+ req_paddr = dma_map_single(ar->dev, treq, req_len, DMA_TO_DEVICE); |
3723 |
+ ret = dma_mapping_error(ar->dev, req_paddr); |
3724 |
+- if (ret) |
3725 |
++ if (ret) { |
3726 |
++ ret = -EIO; |
3727 |
+ goto err_dma; |
3728 |
++ } |
3729 |
+ |
3730 |
+ if (resp && resp_len) { |
3731 |
+ tresp = kzalloc(*resp_len, GFP_KERNEL); |
3732 |
+@@ -1311,8 +1313,10 @@ static int ath10k_pci_hif_exchange_bmi_msg(struct ath10k *ar, |
3733 |
+ resp_paddr = dma_map_single(ar->dev, tresp, *resp_len, |
3734 |
+ DMA_FROM_DEVICE); |
3735 |
+ ret = dma_mapping_error(ar->dev, resp_paddr); |
3736 |
+- if (ret) |
3737 |
++ if (ret) { |
3738 |
++ ret = EIO; |
3739 |
+ goto err_req; |
3740 |
++ } |
3741 |
+ |
3742 |
+ xfer.wait_for_resp = true; |
3743 |
+ xfer.resp_len = 0; |
3744 |
+diff --git a/drivers/net/wireless/ath/ath10k/wmi.c b/drivers/net/wireless/ath/ath10k/wmi.c |
3745 |
+index 2c42bd504b79..8a091485960d 100644 |
3746 |
+--- a/drivers/net/wireless/ath/ath10k/wmi.c |
3747 |
++++ b/drivers/net/wireless/ath/ath10k/wmi.c |
3748 |
+@@ -1661,6 +1661,7 @@ static void ath10k_wmi_event_host_swba(struct ath10k *ar, struct sk_buff *skb) |
3749 |
+ ATH10K_SKB_CB(bcn)->paddr); |
3750 |
+ if (ret) { |
3751 |
+ ath10k_warn(ar, "failed to map beacon: %d\n", ret); |
3752 |
++ ret = -EIO; |
3753 |
+ dev_kfree_skb_any(bcn); |
3754 |
+ goto skip; |
3755 |
+ } |
3756 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c b/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c |
3757 |
+index 43c14d4da563..e17b728a21aa 100644 |
3758 |
+--- a/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c |
3759 |
++++ b/drivers/net/wireless/rtlwifi/rtl8821ae/hw.c |
3760 |
+@@ -2180,7 +2180,7 @@ static int _rtl8821ae_set_media_status(struct ieee80211_hw *hw, |
3761 |
+ |
3762 |
+ rtl_write_byte(rtlpriv, (MSR), bt_msr); |
3763 |
+ rtlpriv->cfg->ops->led_control(hw, ledaction); |
3764 |
+- if ((bt_msr & 0xfc) == MSR_AP) |
3765 |
++ if ((bt_msr & MSR_MASK) == MSR_AP) |
3766 |
+ rtl_write_byte(rtlpriv, REG_BCNTCFG + 1, 0x00); |
3767 |
+ else |
3768 |
+ rtl_write_byte(rtlpriv, REG_BCNTCFG + 1, 0x66); |
3769 |
+diff --git a/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h b/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h |
3770 |
+index 53668fc8f23e..1d6110f9c1fb 100644 |
3771 |
+--- a/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h |
3772 |
++++ b/drivers/net/wireless/rtlwifi/rtl8821ae/reg.h |
3773 |
+@@ -429,6 +429,7 @@ |
3774 |
+ #define MSR_ADHOC 0x01 |
3775 |
+ #define MSR_INFRA 0x02 |
3776 |
+ #define MSR_AP 0x03 |
3777 |
++#define MSR_MASK 0x03 |
3778 |
+ |
3779 |
+ #define RRSR_RSC_OFFSET 21 |
3780 |
+ #define RRSR_SHORT_OFFSET 23 |
3781 |
+diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c |
3782 |
+index 2b0b4e62f171..2a64f28b2dad 100644 |
3783 |
+--- a/drivers/net/xen-netfront.c |
3784 |
++++ b/drivers/net/xen-netfront.c |
3785 |
+@@ -1432,7 +1432,8 @@ static void xennet_disconnect_backend(struct netfront_info *info) |
3786 |
+ queue->tx_evtchn = queue->rx_evtchn = 0; |
3787 |
+ queue->tx_irq = queue->rx_irq = 0; |
3788 |
+ |
3789 |
+- napi_synchronize(&queue->napi); |
3790 |
++ if (netif_running(info->netdev)) |
3791 |
++ napi_synchronize(&queue->napi); |
3792 |
+ |
3793 |
+ xennet_release_tx_bufs(queue); |
3794 |
+ xennet_release_rx_bufs(queue); |
3795 |
+diff --git a/drivers/of/address.c b/drivers/of/address.c |
3796 |
+index 1dba1a9c1fcf..9e77614391a0 100644 |
3797 |
+--- a/drivers/of/address.c |
3798 |
++++ b/drivers/of/address.c |
3799 |
+@@ -845,10 +845,10 @@ struct device_node *of_find_matching_node_by_address(struct device_node *from, |
3800 |
+ struct resource res; |
3801 |
+ |
3802 |
+ while (dn) { |
3803 |
+- if (of_address_to_resource(dn, 0, &res)) |
3804 |
+- continue; |
3805 |
+- if (res.start == base_address) |
3806 |
++ if (!of_address_to_resource(dn, 0, &res) && |
3807 |
++ res.start == base_address) |
3808 |
+ return dn; |
3809 |
++ |
3810 |
+ dn = of_find_matching_node(dn, matches); |
3811 |
+ } |
3812 |
+ |
3813 |
+diff --git a/drivers/of/of_mdio.c b/drivers/of/of_mdio.c |
3814 |
+index 1bd43053b8c7..5dc1ef955a0f 100644 |
3815 |
+--- a/drivers/of/of_mdio.c |
3816 |
++++ b/drivers/of/of_mdio.c |
3817 |
+@@ -262,7 +262,8 @@ EXPORT_SYMBOL(of_phy_attach); |
3818 |
+ bool of_phy_is_fixed_link(struct device_node *np) |
3819 |
+ { |
3820 |
+ struct device_node *dn; |
3821 |
+- int len; |
3822 |
++ int len, err; |
3823 |
++ const char *managed; |
3824 |
+ |
3825 |
+ /* New binding */ |
3826 |
+ dn = of_get_child_by_name(np, "fixed-link"); |
3827 |
+@@ -271,6 +272,10 @@ bool of_phy_is_fixed_link(struct device_node *np) |
3828 |
+ return true; |
3829 |
+ } |
3830 |
+ |
3831 |
++ err = of_property_read_string(np, "managed", &managed); |
3832 |
++ if (err == 0 && strcmp(managed, "auto") != 0) |
3833 |
++ return true; |
3834 |
++ |
3835 |
+ /* Old binding */ |
3836 |
+ if (of_get_property(np, "fixed-link", &len) && |
3837 |
+ len == (5 * sizeof(__be32))) |
3838 |
+@@ -285,8 +290,18 @@ int of_phy_register_fixed_link(struct device_node *np) |
3839 |
+ struct fixed_phy_status status = {}; |
3840 |
+ struct device_node *fixed_link_node; |
3841 |
+ const __be32 *fixed_link_prop; |
3842 |
+- int len; |
3843 |
++ int len, err; |
3844 |
+ struct phy_device *phy; |
3845 |
++ const char *managed; |
3846 |
++ |
3847 |
++ err = of_property_read_string(np, "managed", &managed); |
3848 |
++ if (err == 0) { |
3849 |
++ if (strcmp(managed, "in-band-status") == 0) { |
3850 |
++ /* status is zeroed, namely its .link member */ |
3851 |
++ phy = fixed_phy_register(PHY_POLL, &status, np); |
3852 |
++ return IS_ERR(phy) ? PTR_ERR(phy) : 0; |
3853 |
++ } |
3854 |
++ } |
3855 |
+ |
3856 |
+ /* New binding */ |
3857 |
+ fixed_link_node = of_get_child_by_name(np, "fixed-link"); |
3858 |
+diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c |
3859 |
+index 04ea682ab2aa..00b1cd32a4b1 100644 |
3860 |
+--- a/drivers/pci/quirks.c |
3861 |
++++ b/drivers/pci/quirks.c |
3862 |
+@@ -2818,12 +2818,15 @@ DECLARE_PCI_FIXUP_EARLY(PCI_VENDOR_ID_INTEL, 0x3c28, vtd_mask_spec_errors); |
3863 |
+ |
3864 |
+ static void fixup_ti816x_class(struct pci_dev *dev) |
3865 |
+ { |
3866 |
++ u32 class = dev->class; |
3867 |
++ |
3868 |
+ /* TI 816x devices do not have class code set when in PCIe boot mode */ |
3869 |
+- dev_info(&dev->dev, "Setting PCI class for 816x PCIe device\n"); |
3870 |
+- dev->class = PCI_CLASS_MULTIMEDIA_VIDEO; |
3871 |
++ dev->class = PCI_CLASS_MULTIMEDIA_VIDEO << 8; |
3872 |
++ dev_info(&dev->dev, "PCI class overridden (%#08x -> %#08x)\n", |
3873 |
++ class, dev->class); |
3874 |
+ } |
3875 |
+ DECLARE_PCI_FIXUP_CLASS_EARLY(PCI_VENDOR_ID_TI, 0xb800, |
3876 |
+- PCI_CLASS_NOT_DEFINED, 0, fixup_ti816x_class); |
3877 |
++ PCI_CLASS_NOT_DEFINED, 0, fixup_ti816x_class); |
3878 |
+ |
3879 |
+ /* Some PCIe devices do not work reliably with the claimed maximum |
3880 |
+ * payload size supported. |
3881 |
+diff --git a/drivers/platform/x86/hp-wmi.c b/drivers/platform/x86/hp-wmi.c |
3882 |
+index 4c559640dcba..301386c4d85b 100644 |
3883 |
+--- a/drivers/platform/x86/hp-wmi.c |
3884 |
++++ b/drivers/platform/x86/hp-wmi.c |
3885 |
+@@ -54,8 +54,9 @@ MODULE_ALIAS("wmi:5FB7F034-2C63-45e9-BE91-3D44E2C707E4"); |
3886 |
+ #define HPWMI_HARDWARE_QUERY 0x4 |
3887 |
+ #define HPWMI_WIRELESS_QUERY 0x5 |
3888 |
+ #define HPWMI_BIOS_QUERY 0x9 |
3889 |
++#define HPWMI_FEATURE_QUERY 0xb |
3890 |
+ #define HPWMI_HOTKEY_QUERY 0xc |
3891 |
+-#define HPWMI_FEATURE_QUERY 0xd |
3892 |
++#define HPWMI_FEATURE2_QUERY 0xd |
3893 |
+ #define HPWMI_WIRELESS2_QUERY 0x1b |
3894 |
+ #define HPWMI_POSTCODEERROR_QUERY 0x2a |
3895 |
+ |
3896 |
+@@ -295,25 +296,33 @@ static int hp_wmi_tablet_state(void) |
3897 |
+ return (state & 0x4) ? 1 : 0; |
3898 |
+ } |
3899 |
+ |
3900 |
+-static int __init hp_wmi_bios_2009_later(void) |
3901 |
++static int __init hp_wmi_bios_2008_later(void) |
3902 |
+ { |
3903 |
+ int state = 0; |
3904 |
+ int ret = hp_wmi_perform_query(HPWMI_FEATURE_QUERY, 0, &state, |
3905 |
+ sizeof(state), sizeof(state)); |
3906 |
+- if (ret) |
3907 |
+- return ret; |
3908 |
++ if (!ret) |
3909 |
++ return 1; |
3910 |
+ |
3911 |
+- return (state & 0x10) ? 1 : 0; |
3912 |
++ return (ret == HPWMI_RET_UNKNOWN_CMDTYPE) ? 0 : -ENXIO; |
3913 |
+ } |
3914 |
+ |
3915 |
+-static int hp_wmi_enable_hotkeys(void) |
3916 |
++static int __init hp_wmi_bios_2009_later(void) |
3917 |
+ { |
3918 |
+- int ret; |
3919 |
+- int query = 0x6e; |
3920 |
++ int state = 0; |
3921 |
++ int ret = hp_wmi_perform_query(HPWMI_FEATURE2_QUERY, 0, &state, |
3922 |
++ sizeof(state), sizeof(state)); |
3923 |
++ if (!ret) |
3924 |
++ return 1; |
3925 |
+ |
3926 |
+- ret = hp_wmi_perform_query(HPWMI_BIOS_QUERY, 1, &query, sizeof(query), |
3927 |
+- 0); |
3928 |
++ return (ret == HPWMI_RET_UNKNOWN_CMDTYPE) ? 0 : -ENXIO; |
3929 |
++} |
3930 |
+ |
3931 |
++static int __init hp_wmi_enable_hotkeys(void) |
3932 |
++{ |
3933 |
++ int value = 0x6e; |
3934 |
++ int ret = hp_wmi_perform_query(HPWMI_BIOS_QUERY, 1, &value, |
3935 |
++ sizeof(value), 0); |
3936 |
+ if (ret) |
3937 |
+ return -EINVAL; |
3938 |
+ return 0; |
3939 |
+@@ -663,7 +672,7 @@ static int __init hp_wmi_input_setup(void) |
3940 |
+ hp_wmi_tablet_state()); |
3941 |
+ input_sync(hp_wmi_input_dev); |
3942 |
+ |
3943 |
+- if (hp_wmi_bios_2009_later() == 4) |
3944 |
++ if (!hp_wmi_bios_2009_later() && hp_wmi_bios_2008_later()) |
3945 |
+ hp_wmi_enable_hotkeys(); |
3946 |
+ |
3947 |
+ status = wmi_install_notify_handler(HPWMI_EVENT_GUID, hp_wmi_notify, NULL); |
3948 |
+diff --git a/drivers/power/avs/Kconfig b/drivers/power/avs/Kconfig |
3949 |
+index 7f3d389bd601..a67eeace6a89 100644 |
3950 |
+--- a/drivers/power/avs/Kconfig |
3951 |
++++ b/drivers/power/avs/Kconfig |
3952 |
+@@ -13,7 +13,7 @@ menuconfig POWER_AVS |
3953 |
+ |
3954 |
+ config ROCKCHIP_IODOMAIN |
3955 |
+ tristate "Rockchip IO domain support" |
3956 |
+- depends on ARCH_ROCKCHIP && OF |
3957 |
++ depends on POWER_AVS && ARCH_ROCKCHIP && OF |
3958 |
+ help |
3959 |
+ Say y here to enable support io domains on Rockchip SoCs. It is |
3960 |
+ necessary for the io domain setting of the SoC to match the |
3961 |
+diff --git a/drivers/s390/char/sclp_early.c b/drivers/s390/char/sclp_early.c |
3962 |
+index 5bd6cb145a87..efc9a13bf457 100644 |
3963 |
+--- a/drivers/s390/char/sclp_early.c |
3964 |
++++ b/drivers/s390/char/sclp_early.c |
3965 |
+@@ -7,6 +7,7 @@ |
3966 |
+ #define KMSG_COMPONENT "sclp_early" |
3967 |
+ #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt |
3968 |
+ |
3969 |
++#include <linux/errno.h> |
3970 |
+ #include <asm/ctl_reg.h> |
3971 |
+ #include <asm/sclp.h> |
3972 |
+ #include <asm/ipl.h> |
3973 |
+diff --git a/drivers/scsi/3w-9xxx.c b/drivers/scsi/3w-9xxx.c |
3974 |
+index 5f57e3d35e26..6adf9abdf955 100644 |
3975 |
+--- a/drivers/scsi/3w-9xxx.c |
3976 |
++++ b/drivers/scsi/3w-9xxx.c |
3977 |
+@@ -225,6 +225,17 @@ static const struct file_operations twa_fops = { |
3978 |
+ .llseek = noop_llseek, |
3979 |
+ }; |
3980 |
+ |
3981 |
++/* |
3982 |
++ * The controllers use an inline buffer instead of a mapped SGL for small, |
3983 |
++ * single entry buffers. Note that we treat a zero-length transfer like |
3984 |
++ * a mapped SGL. |
3985 |
++ */ |
3986 |
++static bool twa_command_mapped(struct scsi_cmnd *cmd) |
3987 |
++{ |
3988 |
++ return scsi_sg_count(cmd) != 1 || |
3989 |
++ scsi_bufflen(cmd) >= TW_MIN_SGL_LENGTH; |
3990 |
++} |
3991 |
++ |
3992 |
+ /* This function will complete an aen request from the isr */ |
3993 |
+ static int twa_aen_complete(TW_Device_Extension *tw_dev, int request_id) |
3994 |
+ { |
3995 |
+@@ -1351,7 +1362,8 @@ static irqreturn_t twa_interrupt(int irq, void *dev_instance) |
3996 |
+ } |
3997 |
+ |
3998 |
+ /* Now complete the io */ |
3999 |
+- scsi_dma_unmap(cmd); |
4000 |
++ if (twa_command_mapped(cmd)) |
4001 |
++ scsi_dma_unmap(cmd); |
4002 |
+ cmd->scsi_done(cmd); |
4003 |
+ tw_dev->state[request_id] = TW_S_COMPLETED; |
4004 |
+ twa_free_request_id(tw_dev, request_id); |
4005 |
+@@ -1594,7 +1606,8 @@ static int twa_reset_device_extension(TW_Device_Extension *tw_dev) |
4006 |
+ struct scsi_cmnd *cmd = tw_dev->srb[i]; |
4007 |
+ |
4008 |
+ cmd->result = (DID_RESET << 16); |
4009 |
+- scsi_dma_unmap(cmd); |
4010 |
++ if (twa_command_mapped(cmd)) |
4011 |
++ scsi_dma_unmap(cmd); |
4012 |
+ cmd->scsi_done(cmd); |
4013 |
+ } |
4014 |
+ } |
4015 |
+@@ -1777,12 +1790,14 @@ static int twa_scsi_queue_lck(struct scsi_cmnd *SCpnt, void (*done)(struct scsi_ |
4016 |
+ retval = twa_scsiop_execute_scsi(tw_dev, request_id, NULL, 0, NULL); |
4017 |
+ switch (retval) { |
4018 |
+ case SCSI_MLQUEUE_HOST_BUSY: |
4019 |
+- scsi_dma_unmap(SCpnt); |
4020 |
++ if (twa_command_mapped(SCpnt)) |
4021 |
++ scsi_dma_unmap(SCpnt); |
4022 |
+ twa_free_request_id(tw_dev, request_id); |
4023 |
+ break; |
4024 |
+ case 1: |
4025 |
+ SCpnt->result = (DID_ERROR << 16); |
4026 |
+- scsi_dma_unmap(SCpnt); |
4027 |
++ if (twa_command_mapped(SCpnt)) |
4028 |
++ scsi_dma_unmap(SCpnt); |
4029 |
+ done(SCpnt); |
4030 |
+ tw_dev->state[request_id] = TW_S_COMPLETED; |
4031 |
+ twa_free_request_id(tw_dev, request_id); |
4032 |
+@@ -1843,8 +1858,7 @@ static int twa_scsiop_execute_scsi(TW_Device_Extension *tw_dev, int request_id, |
4033 |
+ /* Map sglist from scsi layer to cmd packet */ |
4034 |
+ |
4035 |
+ if (scsi_sg_count(srb)) { |
4036 |
+- if ((scsi_sg_count(srb) == 1) && |
4037 |
+- (scsi_bufflen(srb) < TW_MIN_SGL_LENGTH)) { |
4038 |
++ if (!twa_command_mapped(srb)) { |
4039 |
+ if (srb->sc_data_direction == DMA_TO_DEVICE || |
4040 |
+ srb->sc_data_direction == DMA_BIDIRECTIONAL) |
4041 |
+ scsi_sg_copy_to_buffer(srb, |
4042 |
+@@ -1917,7 +1931,7 @@ static void twa_scsiop_execute_scsi_complete(TW_Device_Extension *tw_dev, int re |
4043 |
+ { |
4044 |
+ struct scsi_cmnd *cmd = tw_dev->srb[request_id]; |
4045 |
+ |
4046 |
+- if (scsi_bufflen(cmd) < TW_MIN_SGL_LENGTH && |
4047 |
++ if (!twa_command_mapped(cmd) && |
4048 |
+ (cmd->sc_data_direction == DMA_FROM_DEVICE || |
4049 |
+ cmd->sc_data_direction == DMA_BIDIRECTIONAL)) { |
4050 |
+ if (scsi_sg_count(cmd) == 1) { |
4051 |
+diff --git a/drivers/scsi/scsi_error.c b/drivers/scsi/scsi_error.c |
4052 |
+index 01a79473350a..3d12c52c3f81 100644 |
4053 |
+--- a/drivers/scsi/scsi_error.c |
4054 |
++++ b/drivers/scsi/scsi_error.c |
4055 |
+@@ -2166,8 +2166,17 @@ int scsi_error_handler(void *data) |
4056 |
+ * We never actually get interrupted because kthread_run |
4057 |
+ * disables signal delivery for the created thread. |
4058 |
+ */ |
4059 |
+- while (!kthread_should_stop()) { |
4060 |
++ while (true) { |
4061 |
++ /* |
4062 |
++ * The sequence in kthread_stop() sets the stop flag first |
4063 |
++ * then wakes the process. To avoid missed wakeups, the task |
4064 |
++ * should always be in a non running state before the stop |
4065 |
++ * flag is checked |
4066 |
++ */ |
4067 |
+ set_current_state(TASK_INTERRUPTIBLE); |
4068 |
++ if (kthread_should_stop()) |
4069 |
++ break; |
4070 |
++ |
4071 |
+ if ((shost->host_failed == 0 && shost->host_eh_scheduled == 0) || |
4072 |
+ shost->host_failed != atomic_read(&shost->host_busy)) { |
4073 |
+ SCSI_LOG_ERROR_RECOVERY(1, |
4074 |
+diff --git a/drivers/spi/spi-pxa2xx.c b/drivers/spi/spi-pxa2xx.c |
4075 |
+index d95656d05eb6..e56802d85ff9 100644 |
4076 |
+--- a/drivers/spi/spi-pxa2xx.c |
4077 |
++++ b/drivers/spi/spi-pxa2xx.c |
4078 |
+@@ -564,6 +564,10 @@ static irqreturn_t ssp_int(int irq, void *dev_id) |
4079 |
+ if (!(sccr1_reg & SSCR1_TIE)) |
4080 |
+ mask &= ~SSSR_TFS; |
4081 |
+ |
4082 |
++ /* Ignore RX timeout interrupt if it is disabled */ |
4083 |
++ if (!(sccr1_reg & SSCR1_TINTE)) |
4084 |
++ mask &= ~SSSR_TINT; |
4085 |
++ |
4086 |
+ if (!(status & mask)) |
4087 |
+ return IRQ_NONE; |
4088 |
+ |
4089 |
+diff --git a/drivers/spi/spi-xtensa-xtfpga.c b/drivers/spi/spi-xtensa-xtfpga.c |
4090 |
+index 0dc5df5233a9..cb030389a265 100644 |
4091 |
+--- a/drivers/spi/spi-xtensa-xtfpga.c |
4092 |
++++ b/drivers/spi/spi-xtensa-xtfpga.c |
4093 |
+@@ -34,13 +34,13 @@ struct xtfpga_spi { |
4094 |
+ static inline void xtfpga_spi_write32(const struct xtfpga_spi *spi, |
4095 |
+ unsigned addr, u32 val) |
4096 |
+ { |
4097 |
+- iowrite32(val, spi->regs + addr); |
4098 |
++ __raw_writel(val, spi->regs + addr); |
4099 |
+ } |
4100 |
+ |
4101 |
+ static inline unsigned int xtfpga_spi_read32(const struct xtfpga_spi *spi, |
4102 |
+ unsigned addr) |
4103 |
+ { |
4104 |
+- return ioread32(spi->regs + addr); |
4105 |
++ return __raw_readl(spi->regs + addr); |
4106 |
+ } |
4107 |
+ |
4108 |
+ static inline void xtfpga_spi_wait_busy(struct xtfpga_spi *xspi) |
4109 |
+diff --git a/drivers/spi/spi.c b/drivers/spi/spi.c |
4110 |
+index 115ad5dbc7c5..85a6da81723a 100644 |
4111 |
+--- a/drivers/spi/spi.c |
4112 |
++++ b/drivers/spi/spi.c |
4113 |
+@@ -1478,8 +1478,7 @@ static struct class spi_master_class = { |
4114 |
+ * |
4115 |
+ * The caller is responsible for assigning the bus number and initializing |
4116 |
+ * the master's methods before calling spi_register_master(); and (after errors |
4117 |
+- * adding the device) calling spi_master_put() and kfree() to prevent a memory |
4118 |
+- * leak. |
4119 |
++ * adding the device) calling spi_master_put() to prevent a memory leak. |
4120 |
+ */ |
4121 |
+ struct spi_master *spi_alloc_master(struct device *dev, unsigned size) |
4122 |
+ { |
4123 |
+diff --git a/drivers/staging/android/ion/ion.c b/drivers/staging/android/ion/ion.c |
4124 |
+index 56604f41ec48..ce3808a868e7 100644 |
4125 |
+--- a/drivers/staging/android/ion/ion.c |
4126 |
++++ b/drivers/staging/android/ion/ion.c |
4127 |
+@@ -1176,13 +1176,13 @@ struct ion_handle *ion_import_dma_buf(struct ion_client *client, int fd) |
4128 |
+ mutex_unlock(&client->lock); |
4129 |
+ goto end; |
4130 |
+ } |
4131 |
+- mutex_unlock(&client->lock); |
4132 |
+ |
4133 |
+ handle = ion_handle_create(client, buffer); |
4134 |
+- if (IS_ERR(handle)) |
4135 |
++ if (IS_ERR(handle)) { |
4136 |
++ mutex_unlock(&client->lock); |
4137 |
+ goto end; |
4138 |
++ } |
4139 |
+ |
4140 |
+- mutex_lock(&client->lock); |
4141 |
+ ret = ion_handle_add(client, handle); |
4142 |
+ mutex_unlock(&client->lock); |
4143 |
+ if (ret) { |
4144 |
+diff --git a/drivers/staging/comedi/drivers/adl_pci7x3x.c b/drivers/staging/comedi/drivers/adl_pci7x3x.c |
4145 |
+index fb8e5f582496..3346c0753d7e 100644 |
4146 |
+--- a/drivers/staging/comedi/drivers/adl_pci7x3x.c |
4147 |
++++ b/drivers/staging/comedi/drivers/adl_pci7x3x.c |
4148 |
+@@ -113,8 +113,20 @@ static int adl_pci7x3x_do_insn_bits(struct comedi_device *dev, |
4149 |
+ { |
4150 |
+ unsigned long reg = (unsigned long)s->private; |
4151 |
+ |
4152 |
+- if (comedi_dio_update_state(s, data)) |
4153 |
+- outl(s->state, dev->iobase + reg); |
4154 |
++ if (comedi_dio_update_state(s, data)) { |
4155 |
++ unsigned int val = s->state; |
4156 |
++ |
4157 |
++ if (s->n_chan == 16) { |
4158 |
++ /* |
4159 |
++ * It seems the PCI-7230 needs the 16-bit DO state |
4160 |
++ * to be shifted left by 16 bits before being written |
4161 |
++ * to the 32-bit register. Set the value in both |
4162 |
++ * halves of the register to be sure. |
4163 |
++ */ |
4164 |
++ val |= val << 16; |
4165 |
++ } |
4166 |
++ outl(val, dev->iobase + reg); |
4167 |
++ } |
4168 |
+ |
4169 |
+ data[1] = s->state; |
4170 |
+ |
4171 |
+diff --git a/drivers/staging/speakup/fakekey.c b/drivers/staging/speakup/fakekey.c |
4172 |
+index 4299cf45f947..5e1f16c36b49 100644 |
4173 |
+--- a/drivers/staging/speakup/fakekey.c |
4174 |
++++ b/drivers/staging/speakup/fakekey.c |
4175 |
+@@ -81,6 +81,7 @@ void speakup_fake_down_arrow(void) |
4176 |
+ __this_cpu_write(reporting_keystroke, true); |
4177 |
+ input_report_key(virt_keyboard, KEY_DOWN, PRESSED); |
4178 |
+ input_report_key(virt_keyboard, KEY_DOWN, RELEASED); |
4179 |
++ input_sync(virt_keyboard); |
4180 |
+ __this_cpu_write(reporting_keystroke, false); |
4181 |
+ |
4182 |
+ /* reenable preemption */ |
4183 |
+diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c |
4184 |
+index 06ea1a113e45..062633295bc2 100644 |
4185 |
+--- a/drivers/target/iscsi/iscsi_target.c |
4186 |
++++ b/drivers/target/iscsi/iscsi_target.c |
4187 |
+@@ -343,7 +343,6 @@ static struct iscsi_np *iscsit_get_np( |
4188 |
+ |
4189 |
+ struct iscsi_np *iscsit_add_np( |
4190 |
+ struct __kernel_sockaddr_storage *sockaddr, |
4191 |
+- char *ip_str, |
4192 |
+ int network_transport) |
4193 |
+ { |
4194 |
+ struct sockaddr_in *sock_in; |
4195 |
+@@ -372,11 +371,9 @@ struct iscsi_np *iscsit_add_np( |
4196 |
+ np->np_flags |= NPF_IP_NETWORK; |
4197 |
+ if (sockaddr->ss_family == AF_INET6) { |
4198 |
+ sock_in6 = (struct sockaddr_in6 *)sockaddr; |
4199 |
+- snprintf(np->np_ip, IPV6_ADDRESS_SPACE, "%s", ip_str); |
4200 |
+ np->np_port = ntohs(sock_in6->sin6_port); |
4201 |
+ } else { |
4202 |
+ sock_in = (struct sockaddr_in *)sockaddr; |
4203 |
+- sprintf(np->np_ip, "%s", ip_str); |
4204 |
+ np->np_port = ntohs(sock_in->sin_port); |
4205 |
+ } |
4206 |
+ |
4207 |
+@@ -413,8 +410,8 @@ struct iscsi_np *iscsit_add_np( |
4208 |
+ list_add_tail(&np->np_list, &g_np_list); |
4209 |
+ mutex_unlock(&np_lock); |
4210 |
+ |
4211 |
+- pr_debug("CORE[0] - Added Network Portal: %s:%hu on %s\n", |
4212 |
+- np->np_ip, np->np_port, np->np_transport->name); |
4213 |
++ pr_debug("CORE[0] - Added Network Portal: %pISc:%hu on %s\n", |
4214 |
++ &np->np_sockaddr, np->np_port, np->np_transport->name); |
4215 |
+ |
4216 |
+ return np; |
4217 |
+ } |
4218 |
+@@ -483,8 +480,8 @@ int iscsit_del_np(struct iscsi_np *np) |
4219 |
+ list_del(&np->np_list); |
4220 |
+ mutex_unlock(&np_lock); |
4221 |
+ |
4222 |
+- pr_debug("CORE[0] - Removed Network Portal: %s:%hu on %s\n", |
4223 |
+- np->np_ip, np->np_port, np->np_transport->name); |
4224 |
++ pr_debug("CORE[0] - Removed Network Portal: %pISc:%hu on %s\n", |
4225 |
++ &np->np_sockaddr, np->np_port, np->np_transport->name); |
4226 |
+ |
4227 |
+ iscsit_put_transport(np->np_transport); |
4228 |
+ kfree(np); |
4229 |
+@@ -3482,11 +3479,18 @@ iscsit_build_sendtargets_response(struct iscsi_cmd *cmd, |
4230 |
+ target_name_printed = 1; |
4231 |
+ } |
4232 |
+ |
4233 |
+- len = sprintf(buf, "TargetAddress=" |
4234 |
+- "%s:%hu,%hu", |
4235 |
+- inaddr_any ? conn->local_ip : np->np_ip, |
4236 |
+- np->np_port, |
4237 |
+- tpg->tpgt); |
4238 |
++ if (inaddr_any) { |
4239 |
++ len = sprintf(buf, "TargetAddress=" |
4240 |
++ "%s:%hu,%hu", |
4241 |
++ conn->local_ip, |
4242 |
++ np->np_port, |
4243 |
++ tpg->tpgt); |
4244 |
++ } else { |
4245 |
++ len = sprintf(buf, "TargetAddress=" |
4246 |
++ "%pISpc,%hu", |
4247 |
++ &np->np_sockaddr, |
4248 |
++ tpg->tpgt); |
4249 |
++ } |
4250 |
+ len += 1; |
4251 |
+ |
4252 |
+ if ((len + payload_len) > buffer_len) { |
4253 |
+diff --git a/drivers/target/iscsi/iscsi_target.h b/drivers/target/iscsi/iscsi_target.h |
4254 |
+index e936d56fb523..3ef6ef582b10 100644 |
4255 |
+--- a/drivers/target/iscsi/iscsi_target.h |
4256 |
++++ b/drivers/target/iscsi/iscsi_target.h |
4257 |
+@@ -13,7 +13,7 @@ extern int iscsit_deaccess_np(struct iscsi_np *, struct iscsi_portal_group *, |
4258 |
+ extern bool iscsit_check_np_match(struct __kernel_sockaddr_storage *, |
4259 |
+ struct iscsi_np *, int); |
4260 |
+ extern struct iscsi_np *iscsit_add_np(struct __kernel_sockaddr_storage *, |
4261 |
+- char *, int); |
4262 |
++ int); |
4263 |
+ extern int iscsit_reset_np_thread(struct iscsi_np *, struct iscsi_tpg_np *, |
4264 |
+ struct iscsi_portal_group *, bool); |
4265 |
+ extern int iscsit_del_np(struct iscsi_np *); |
4266 |
+diff --git a/drivers/target/iscsi/iscsi_target_configfs.c b/drivers/target/iscsi/iscsi_target_configfs.c |
4267 |
+index 9059c1e0b26e..49b34655e57a 100644 |
4268 |
+--- a/drivers/target/iscsi/iscsi_target_configfs.c |
4269 |
++++ b/drivers/target/iscsi/iscsi_target_configfs.c |
4270 |
+@@ -103,7 +103,7 @@ static ssize_t lio_target_np_store_sctp( |
4271 |
+ * Use existing np->np_sockaddr for SCTP network portal reference |
4272 |
+ */ |
4273 |
+ tpg_np_sctp = iscsit_tpg_add_network_portal(tpg, &np->np_sockaddr, |
4274 |
+- np->np_ip, tpg_np, ISCSI_SCTP_TCP); |
4275 |
++ tpg_np, ISCSI_SCTP_TCP); |
4276 |
+ if (!tpg_np_sctp || IS_ERR(tpg_np_sctp)) |
4277 |
+ goto out; |
4278 |
+ } else { |
4279 |
+@@ -181,7 +181,7 @@ static ssize_t lio_target_np_store_iser( |
4280 |
+ } |
4281 |
+ |
4282 |
+ tpg_np_iser = iscsit_tpg_add_network_portal(tpg, &np->np_sockaddr, |
4283 |
+- np->np_ip, tpg_np, ISCSI_INFINIBAND); |
4284 |
++ tpg_np, ISCSI_INFINIBAND); |
4285 |
+ if (IS_ERR(tpg_np_iser)) { |
4286 |
+ rc = PTR_ERR(tpg_np_iser); |
4287 |
+ goto out; |
4288 |
+@@ -252,8 +252,8 @@ static struct se_tpg_np *lio_target_call_addnptotpg( |
4289 |
+ return ERR_PTR(-EINVAL); |
4290 |
+ } |
4291 |
+ str++; /* Skip over leading "[" */ |
4292 |
+- *str2 = '\0'; /* Terminate the IPv6 address */ |
4293 |
+- str2++; /* Skip over the "]" */ |
4294 |
++ *str2 = '\0'; /* Terminate the unbracketed IPv6 address */ |
4295 |
++ str2++; /* Skip over the \0 */ |
4296 |
+ port_str = strstr(str2, ":"); |
4297 |
+ if (!port_str) { |
4298 |
+ pr_err("Unable to locate \":port\"" |
4299 |
+@@ -320,7 +320,7 @@ static struct se_tpg_np *lio_target_call_addnptotpg( |
4300 |
+ * sys/kernel/config/iscsi/$IQN/$TPG/np/$IP:$PORT/ |
4301 |
+ * |
4302 |
+ */ |
4303 |
+- tpg_np = iscsit_tpg_add_network_portal(tpg, &sockaddr, str, NULL, |
4304 |
++ tpg_np = iscsit_tpg_add_network_portal(tpg, &sockaddr, NULL, |
4305 |
+ ISCSI_TCP); |
4306 |
+ if (IS_ERR(tpg_np)) { |
4307 |
+ iscsit_put_tpg(tpg); |
4308 |
+@@ -348,8 +348,8 @@ static void lio_target_call_delnpfromtpg( |
4309 |
+ |
4310 |
+ se_tpg = &tpg->tpg_se_tpg; |
4311 |
+ pr_debug("LIO_Target_ConfigFS: DEREGISTER -> %s TPGT: %hu" |
4312 |
+- " PORTAL: %s:%hu\n", config_item_name(&se_tpg->se_tpg_wwn->wwn_group.cg_item), |
4313 |
+- tpg->tpgt, tpg_np->tpg_np->np_ip, tpg_np->tpg_np->np_port); |
4314 |
++ " PORTAL: %pISc:%hu\n", config_item_name(&se_tpg->se_tpg_wwn->wwn_group.cg_item), |
4315 |
++ tpg->tpgt, &tpg_np->tpg_np->np_sockaddr, tpg_np->tpg_np->np_port); |
4316 |
+ |
4317 |
+ ret = iscsit_tpg_del_network_portal(tpg, tpg_np); |
4318 |
+ if (ret < 0) |
4319 |
+diff --git a/drivers/target/iscsi/iscsi_target_login.c b/drivers/target/iscsi/iscsi_target_login.c |
4320 |
+index 719ec300cd24..eb320e6eb93d 100644 |
4321 |
+--- a/drivers/target/iscsi/iscsi_target_login.c |
4322 |
++++ b/drivers/target/iscsi/iscsi_target_login.c |
4323 |
+@@ -879,8 +879,8 @@ static void iscsi_handle_login_thread_timeout(unsigned long data) |
4324 |
+ struct iscsi_np *np = (struct iscsi_np *) data; |
4325 |
+ |
4326 |
+ spin_lock_bh(&np->np_thread_lock); |
4327 |
+- pr_err("iSCSI Login timeout on Network Portal %s:%hu\n", |
4328 |
+- np->np_ip, np->np_port); |
4329 |
++ pr_err("iSCSI Login timeout on Network Portal %pISc:%hu\n", |
4330 |
++ &np->np_sockaddr, np->np_port); |
4331 |
+ |
4332 |
+ if (np->np_login_timer_flags & ISCSI_TF_STOP) { |
4333 |
+ spin_unlock_bh(&np->np_thread_lock); |
4334 |
+@@ -1357,8 +1357,8 @@ static int __iscsi_target_login_thread(struct iscsi_np *np) |
4335 |
+ spin_lock_bh(&np->np_thread_lock); |
4336 |
+ if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) { |
4337 |
+ spin_unlock_bh(&np->np_thread_lock); |
4338 |
+- pr_err("iSCSI Network Portal on %s:%hu currently not" |
4339 |
+- " active.\n", np->np_ip, np->np_port); |
4340 |
++ pr_err("iSCSI Network Portal on %pISc:%hu currently not" |
4341 |
++ " active.\n", &np->np_sockaddr, np->np_port); |
4342 |
+ iscsit_tx_login_rsp(conn, ISCSI_STATUS_CLS_TARGET_ERR, |
4343 |
+ ISCSI_LOGIN_STATUS_SVC_UNAVAILABLE); |
4344 |
+ goto new_sess_out; |
4345 |
+diff --git a/drivers/target/iscsi/iscsi_target_tpg.c b/drivers/target/iscsi/iscsi_target_tpg.c |
4346 |
+index c3cb5c15efda..5530321c44f2 100644 |
4347 |
+--- a/drivers/target/iscsi/iscsi_target_tpg.c |
4348 |
++++ b/drivers/target/iscsi/iscsi_target_tpg.c |
4349 |
+@@ -464,7 +464,6 @@ static bool iscsit_tpg_check_network_portal( |
4350 |
+ struct iscsi_tpg_np *iscsit_tpg_add_network_portal( |
4351 |
+ struct iscsi_portal_group *tpg, |
4352 |
+ struct __kernel_sockaddr_storage *sockaddr, |
4353 |
+- char *ip_str, |
4354 |
+ struct iscsi_tpg_np *tpg_np_parent, |
4355 |
+ int network_transport) |
4356 |
+ { |
4357 |
+@@ -474,8 +473,8 @@ struct iscsi_tpg_np *iscsit_tpg_add_network_portal( |
4358 |
+ if (!tpg_np_parent) { |
4359 |
+ if (iscsit_tpg_check_network_portal(tpg->tpg_tiqn, sockaddr, |
4360 |
+ network_transport)) { |
4361 |
+- pr_err("Network Portal: %s already exists on a" |
4362 |
+- " different TPG on %s\n", ip_str, |
4363 |
++ pr_err("Network Portal: %pISc already exists on a" |
4364 |
++ " different TPG on %s\n", sockaddr, |
4365 |
+ tpg->tpg_tiqn->tiqn); |
4366 |
+ return ERR_PTR(-EEXIST); |
4367 |
+ } |
4368 |
+@@ -488,7 +487,7 @@ struct iscsi_tpg_np *iscsit_tpg_add_network_portal( |
4369 |
+ return ERR_PTR(-ENOMEM); |
4370 |
+ } |
4371 |
+ |
4372 |
+- np = iscsit_add_np(sockaddr, ip_str, network_transport); |
4373 |
++ np = iscsit_add_np(sockaddr, network_transport); |
4374 |
+ if (IS_ERR(np)) { |
4375 |
+ kfree(tpg_np); |
4376 |
+ return ERR_CAST(np); |
4377 |
+@@ -519,8 +518,8 @@ struct iscsi_tpg_np *iscsit_tpg_add_network_portal( |
4378 |
+ spin_unlock(&tpg_np_parent->tpg_np_parent_lock); |
4379 |
+ } |
4380 |
+ |
4381 |
+- pr_debug("CORE[%s] - Added Network Portal: %s:%hu,%hu on %s\n", |
4382 |
+- tpg->tpg_tiqn->tiqn, np->np_ip, np->np_port, tpg->tpgt, |
4383 |
++ pr_debug("CORE[%s] - Added Network Portal: %pISc:%hu,%hu on %s\n", |
4384 |
++ tpg->tpg_tiqn->tiqn, &np->np_sockaddr, np->np_port, tpg->tpgt, |
4385 |
+ np->np_transport->name); |
4386 |
+ |
4387 |
+ return tpg_np; |
4388 |
+@@ -533,8 +532,8 @@ static int iscsit_tpg_release_np( |
4389 |
+ { |
4390 |
+ iscsit_clear_tpg_np_login_thread(tpg_np, tpg, true); |
4391 |
+ |
4392 |
+- pr_debug("CORE[%s] - Removed Network Portal: %s:%hu,%hu on %s\n", |
4393 |
+- tpg->tpg_tiqn->tiqn, np->np_ip, np->np_port, tpg->tpgt, |
4394 |
++ pr_debug("CORE[%s] - Removed Network Portal: %pISc:%hu,%hu on %s\n", |
4395 |
++ tpg->tpg_tiqn->tiqn, &np->np_sockaddr, np->np_port, tpg->tpgt, |
4396 |
+ np->np_transport->name); |
4397 |
+ |
4398 |
+ tpg_np->tpg_np = NULL; |
4399 |
+diff --git a/drivers/target/iscsi/iscsi_target_tpg.h b/drivers/target/iscsi/iscsi_target_tpg.h |
4400 |
+index e7265337bc43..e216128b5a98 100644 |
4401 |
+--- a/drivers/target/iscsi/iscsi_target_tpg.h |
4402 |
++++ b/drivers/target/iscsi/iscsi_target_tpg.h |
4403 |
+@@ -22,7 +22,7 @@ extern struct iscsi_node_attrib *iscsit_tpg_get_node_attrib(struct iscsi_session |
4404 |
+ extern void iscsit_tpg_del_external_nps(struct iscsi_tpg_np *); |
4405 |
+ extern struct iscsi_tpg_np *iscsit_tpg_locate_child_np(struct iscsi_tpg_np *, int); |
4406 |
+ extern struct iscsi_tpg_np *iscsit_tpg_add_network_portal(struct iscsi_portal_group *, |
4407 |
+- struct __kernel_sockaddr_storage *, char *, struct iscsi_tpg_np *, |
4408 |
++ struct __kernel_sockaddr_storage *, struct iscsi_tpg_np *, |
4409 |
+ int); |
4410 |
+ extern int iscsit_tpg_del_network_portal(struct iscsi_portal_group *, |
4411 |
+ struct iscsi_tpg_np *); |
4412 |
+diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c |
4413 |
+index e3ebb674a693..fea7d905e77c 100644 |
4414 |
+--- a/drivers/tty/n_tty.c |
4415 |
++++ b/drivers/tty/n_tty.c |
4416 |
+@@ -364,8 +364,8 @@ static void n_tty_packet_mode_flush(struct tty_struct *tty) |
4417 |
+ spin_lock_irqsave(&tty->ctrl_lock, flags); |
4418 |
+ if (tty->link->packet) { |
4419 |
+ tty->ctrl_status |= TIOCPKT_FLUSHREAD; |
4420 |
+- if (waitqueue_active(&tty->link->read_wait)) |
4421 |
+- wake_up_interruptible(&tty->link->read_wait); |
4422 |
++ spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
4423 |
++ wake_up_interruptible(&tty->link->read_wait); |
4424 |
+ } |
4425 |
+ spin_unlock_irqrestore(&tty->ctrl_lock, flags); |
4426 |
+ } |
4427 |
+@@ -1387,8 +1387,7 @@ handle_newline: |
4428 |
+ put_tty_queue(c, ldata); |
4429 |
+ ldata->canon_head = ldata->read_head; |
4430 |
+ kill_fasync(&tty->fasync, SIGIO, POLL_IN); |
4431 |
+- if (waitqueue_active(&tty->read_wait)) |
4432 |
+- wake_up_interruptible_poll(&tty->read_wait, POLLIN); |
4433 |
++ wake_up_interruptible_poll(&tty->read_wait, POLLIN); |
4434 |
+ return 0; |
4435 |
+ } |
4436 |
+ } |
4437 |
+@@ -1671,8 +1670,7 @@ static void __receive_buf(struct tty_struct *tty, const unsigned char *cp, |
4438 |
+ if ((!ldata->icanon && (read_cnt(ldata) >= ldata->minimum_to_wake)) || |
4439 |
+ L_EXTPROC(tty)) { |
4440 |
+ kill_fasync(&tty->fasync, SIGIO, POLL_IN); |
4441 |
+- if (waitqueue_active(&tty->read_wait)) |
4442 |
+- wake_up_interruptible_poll(&tty->read_wait, POLLIN); |
4443 |
++ wake_up_interruptible_poll(&tty->read_wait, POLLIN); |
4444 |
+ } |
4445 |
+ } |
4446 |
+ |
4447 |
+@@ -1891,10 +1889,8 @@ static void n_tty_set_termios(struct tty_struct *tty, struct ktermios *old) |
4448 |
+ } |
4449 |
+ |
4450 |
+ /* The termios change make the tty ready for I/O */ |
4451 |
+- if (waitqueue_active(&tty->write_wait)) |
4452 |
+- wake_up_interruptible(&tty->write_wait); |
4453 |
+- if (waitqueue_active(&tty->read_wait)) |
4454 |
+- wake_up_interruptible(&tty->read_wait); |
4455 |
++ wake_up_interruptible(&tty->write_wait); |
4456 |
++ wake_up_interruptible(&tty->read_wait); |
4457 |
+ } |
4458 |
+ |
4459 |
+ /** |
4460 |
+diff --git a/drivers/tty/serial/8250/8250_pnp.c b/drivers/tty/serial/8250/8250_pnp.c |
4461 |
+index 682a2fbe5c06..2b22cc1e57a2 100644 |
4462 |
+--- a/drivers/tty/serial/8250/8250_pnp.c |
4463 |
++++ b/drivers/tty/serial/8250/8250_pnp.c |
4464 |
+@@ -364,6 +364,11 @@ static const struct pnp_device_id pnp_dev_table[] = { |
4465 |
+ /* Winbond CIR port, should not be probed. We should keep track |
4466 |
+ of it to prevent the legacy serial driver from probing it */ |
4467 |
+ { "WEC1022", CIR_PORT }, |
4468 |
++ /* |
4469 |
++ * SMSC IrCC SIR/FIR port, should not be probed by serial driver |
4470 |
++ * as well so its own driver can bind to it. |
4471 |
++ */ |
4472 |
++ { "SMCF010", CIR_PORT }, |
4473 |
+ { "", 0 } |
4474 |
+ }; |
4475 |
+ |
4476 |
+diff --git a/drivers/usb/chipidea/udc.c b/drivers/usb/chipidea/udc.c |
4477 |
+index c42bf8da56db..7b362870277e 100644 |
4478 |
+--- a/drivers/usb/chipidea/udc.c |
4479 |
++++ b/drivers/usb/chipidea/udc.c |
4480 |
+@@ -638,6 +638,44 @@ __acquires(hwep->lock) |
4481 |
+ return 0; |
4482 |
+ } |
4483 |
+ |
4484 |
++static int _ep_set_halt(struct usb_ep *ep, int value, bool check_transfer) |
4485 |
++{ |
4486 |
++ struct ci_hw_ep *hwep = container_of(ep, struct ci_hw_ep, ep); |
4487 |
++ int direction, retval = 0; |
4488 |
++ unsigned long flags; |
4489 |
++ |
4490 |
++ if (ep == NULL || hwep->ep.desc == NULL) |
4491 |
++ return -EINVAL; |
4492 |
++ |
4493 |
++ if (usb_endpoint_xfer_isoc(hwep->ep.desc)) |
4494 |
++ return -EOPNOTSUPP; |
4495 |
++ |
4496 |
++ spin_lock_irqsave(hwep->lock, flags); |
4497 |
++ |
4498 |
++ if (value && hwep->dir == TX && check_transfer && |
4499 |
++ !list_empty(&hwep->qh.queue) && |
4500 |
++ !usb_endpoint_xfer_control(hwep->ep.desc)) { |
4501 |
++ spin_unlock_irqrestore(hwep->lock, flags); |
4502 |
++ return -EAGAIN; |
4503 |
++ } |
4504 |
++ |
4505 |
++ direction = hwep->dir; |
4506 |
++ do { |
4507 |
++ retval |= hw_ep_set_halt(hwep->ci, hwep->num, hwep->dir, value); |
4508 |
++ |
4509 |
++ if (!value) |
4510 |
++ hwep->wedge = 0; |
4511 |
++ |
4512 |
++ if (hwep->type == USB_ENDPOINT_XFER_CONTROL) |
4513 |
++ hwep->dir = (hwep->dir == TX) ? RX : TX; |
4514 |
++ |
4515 |
++ } while (hwep->dir != direction); |
4516 |
++ |
4517 |
++ spin_unlock_irqrestore(hwep->lock, flags); |
4518 |
++ return retval; |
4519 |
++} |
4520 |
++ |
4521 |
++ |
4522 |
+ /** |
4523 |
+ * _gadget_stop_activity: stops all USB activity, flushes & disables all endpts |
4524 |
+ * @gadget: gadget |
4525 |
+@@ -1037,7 +1075,7 @@ __acquires(ci->lock) |
4526 |
+ num += ci->hw_ep_max / 2; |
4527 |
+ |
4528 |
+ spin_unlock(&ci->lock); |
4529 |
+- err = usb_ep_set_halt(&ci->ci_hw_ep[num].ep); |
4530 |
++ err = _ep_set_halt(&ci->ci_hw_ep[num].ep, 1, false); |
4531 |
+ spin_lock(&ci->lock); |
4532 |
+ if (!err) |
4533 |
+ isr_setup_status_phase(ci); |
4534 |
+@@ -1096,8 +1134,8 @@ delegate: |
4535 |
+ |
4536 |
+ if (err < 0) { |
4537 |
+ spin_unlock(&ci->lock); |
4538 |
+- if (usb_ep_set_halt(&hwep->ep)) |
4539 |
+- dev_err(ci->dev, "error: ep_set_halt\n"); |
4540 |
++ if (_ep_set_halt(&hwep->ep, 1, false)) |
4541 |
++ dev_err(ci->dev, "error: _ep_set_halt\n"); |
4542 |
+ spin_lock(&ci->lock); |
4543 |
+ } |
4544 |
+ } |
4545 |
+@@ -1128,9 +1166,9 @@ __acquires(ci->lock) |
4546 |
+ err = isr_setup_status_phase(ci); |
4547 |
+ if (err < 0) { |
4548 |
+ spin_unlock(&ci->lock); |
4549 |
+- if (usb_ep_set_halt(&hwep->ep)) |
4550 |
++ if (_ep_set_halt(&hwep->ep, 1, false)) |
4551 |
+ dev_err(ci->dev, |
4552 |
+- "error: ep_set_halt\n"); |
4553 |
++ "error: _ep_set_halt\n"); |
4554 |
+ spin_lock(&ci->lock); |
4555 |
+ } |
4556 |
+ } |
4557 |
+@@ -1373,41 +1411,7 @@ static int ep_dequeue(struct usb_ep *ep, struct usb_request *req) |
4558 |
+ */ |
4559 |
+ static int ep_set_halt(struct usb_ep *ep, int value) |
4560 |
+ { |
4561 |
+- struct ci_hw_ep *hwep = container_of(ep, struct ci_hw_ep, ep); |
4562 |
+- int direction, retval = 0; |
4563 |
+- unsigned long flags; |
4564 |
+- |
4565 |
+- if (ep == NULL || hwep->ep.desc == NULL) |
4566 |
+- return -EINVAL; |
4567 |
+- |
4568 |
+- if (usb_endpoint_xfer_isoc(hwep->ep.desc)) |
4569 |
+- return -EOPNOTSUPP; |
4570 |
+- |
4571 |
+- spin_lock_irqsave(hwep->lock, flags); |
4572 |
+- |
4573 |
+-#ifndef STALL_IN |
4574 |
+- /* g_file_storage MS compliant but g_zero fails chapter 9 compliance */ |
4575 |
+- if (value && hwep->type == USB_ENDPOINT_XFER_BULK && hwep->dir == TX && |
4576 |
+- !list_empty(&hwep->qh.queue)) { |
4577 |
+- spin_unlock_irqrestore(hwep->lock, flags); |
4578 |
+- return -EAGAIN; |
4579 |
+- } |
4580 |
+-#endif |
4581 |
+- |
4582 |
+- direction = hwep->dir; |
4583 |
+- do { |
4584 |
+- retval |= hw_ep_set_halt(hwep->ci, hwep->num, hwep->dir, value); |
4585 |
+- |
4586 |
+- if (!value) |
4587 |
+- hwep->wedge = 0; |
4588 |
+- |
4589 |
+- if (hwep->type == USB_ENDPOINT_XFER_CONTROL) |
4590 |
+- hwep->dir = (hwep->dir == TX) ? RX : TX; |
4591 |
+- |
4592 |
+- } while (hwep->dir != direction); |
4593 |
+- |
4594 |
+- spin_unlock_irqrestore(hwep->lock, flags); |
4595 |
+- return retval; |
4596 |
++ return _ep_set_halt(ep, value, true); |
4597 |
+ } |
4598 |
+ |
4599 |
+ /** |
4600 |
+diff --git a/drivers/usb/core/config.c b/drivers/usb/core/config.c |
4601 |
+index b2a540b43f97..b9ddf0c1ffe5 100644 |
4602 |
+--- a/drivers/usb/core/config.c |
4603 |
++++ b/drivers/usb/core/config.c |
4604 |
+@@ -112,7 +112,7 @@ static void usb_parse_ss_endpoint_companion(struct device *ddev, int cfgno, |
4605 |
+ cfgno, inum, asnum, ep->desc.bEndpointAddress); |
4606 |
+ ep->ss_ep_comp.bmAttributes = 16; |
4607 |
+ } else if (usb_endpoint_xfer_isoc(&ep->desc) && |
4608 |
+- desc->bmAttributes > 2) { |
4609 |
++ USB_SS_MULT(desc->bmAttributes) > 3) { |
4610 |
+ dev_warn(ddev, "Isoc endpoint has Mult of %d in " |
4611 |
+ "config %d interface %d altsetting %d ep %d: " |
4612 |
+ "setting to 3\n", desc->bmAttributes + 1, |
4613 |
+@@ -121,7 +121,8 @@ static void usb_parse_ss_endpoint_companion(struct device *ddev, int cfgno, |
4614 |
+ } |
4615 |
+ |
4616 |
+ if (usb_endpoint_xfer_isoc(&ep->desc)) |
4617 |
+- max_tx = (desc->bMaxBurst + 1) * (desc->bmAttributes + 1) * |
4618 |
++ max_tx = (desc->bMaxBurst + 1) * |
4619 |
++ (USB_SS_MULT(desc->bmAttributes)) * |
4620 |
+ usb_endpoint_maxp(&ep->desc); |
4621 |
+ else if (usb_endpoint_xfer_int(&ep->desc)) |
4622 |
+ max_tx = usb_endpoint_maxp(&ep->desc) * |
4623 |
+diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c |
4624 |
+index 41e510ae8c83..8a77a417ccfd 100644 |
4625 |
+--- a/drivers/usb/core/quirks.c |
4626 |
++++ b/drivers/usb/core/quirks.c |
4627 |
+@@ -54,6 +54,13 @@ static const struct usb_device_id usb_quirk_list[] = { |
4628 |
+ { USB_DEVICE(0x046d, 0x082d), .driver_info = USB_QUIRK_DELAY_INIT }, |
4629 |
+ { USB_DEVICE(0x046d, 0x0843), .driver_info = USB_QUIRK_DELAY_INIT }, |
4630 |
+ |
4631 |
++ /* Logitech ConferenceCam CC3000e */ |
4632 |
++ { USB_DEVICE(0x046d, 0x0847), .driver_info = USB_QUIRK_DELAY_INIT }, |
4633 |
++ { USB_DEVICE(0x046d, 0x0848), .driver_info = USB_QUIRK_DELAY_INIT }, |
4634 |
++ |
4635 |
++ /* Logitech PTZ Pro Camera */ |
4636 |
++ { USB_DEVICE(0x046d, 0x0853), .driver_info = USB_QUIRK_DELAY_INIT }, |
4637 |
++ |
4638 |
+ /* Logitech Quickcam Fusion */ |
4639 |
+ { USB_DEVICE(0x046d, 0x08c1), .driver_info = USB_QUIRK_RESET_RESUME }, |
4640 |
+ |
4641 |
+@@ -78,6 +85,12 @@ static const struct usb_device_id usb_quirk_list[] = { |
4642 |
+ /* Philips PSC805 audio device */ |
4643 |
+ { USB_DEVICE(0x0471, 0x0155), .driver_info = USB_QUIRK_RESET_RESUME }, |
4644 |
+ |
4645 |
++ /* Plantronic Audio 655 DSP */ |
4646 |
++ { USB_DEVICE(0x047f, 0xc008), .driver_info = USB_QUIRK_RESET_RESUME }, |
4647 |
++ |
4648 |
++ /* Plantronic Audio 648 USB */ |
4649 |
++ { USB_DEVICE(0x047f, 0xc013), .driver_info = USB_QUIRK_RESET_RESUME }, |
4650 |
++ |
4651 |
+ /* Artisman Watchdog Dongle */ |
4652 |
+ { USB_DEVICE(0x04b4, 0x0526), .driver_info = |
4653 |
+ USB_QUIRK_CONFIG_INTF_STRINGS }, |
4654 |
+diff --git a/drivers/usb/dwc3/ep0.c b/drivers/usb/dwc3/ep0.c |
4655 |
+index bdc995da3420..1c1525b0a1fb 100644 |
4656 |
+--- a/drivers/usb/dwc3/ep0.c |
4657 |
++++ b/drivers/usb/dwc3/ep0.c |
4658 |
+@@ -818,6 +818,11 @@ static void dwc3_ep0_complete_data(struct dwc3 *dwc, |
4659 |
+ unsigned maxp = ep0->endpoint.maxpacket; |
4660 |
+ |
4661 |
+ transfer_size += (maxp - (transfer_size % maxp)); |
4662 |
++ |
4663 |
++ /* Maximum of DWC3_EP0_BOUNCE_SIZE can only be received */ |
4664 |
++ if (transfer_size > DWC3_EP0_BOUNCE_SIZE) |
4665 |
++ transfer_size = DWC3_EP0_BOUNCE_SIZE; |
4666 |
++ |
4667 |
+ transferred = min_t(u32, ur->length, |
4668 |
+ transfer_size - length); |
4669 |
+ memcpy(ur->buf, dwc->ep0_bounce, transferred); |
4670 |
+@@ -937,11 +942,14 @@ static void __dwc3_ep0_do_control_data(struct dwc3 *dwc, |
4671 |
+ return; |
4672 |
+ } |
4673 |
+ |
4674 |
+- WARN_ON(req->request.length > DWC3_EP0_BOUNCE_SIZE); |
4675 |
+- |
4676 |
+ maxpacket = dep->endpoint.maxpacket; |
4677 |
+ transfer_size = roundup(req->request.length, maxpacket); |
4678 |
+ |
4679 |
++ if (transfer_size > DWC3_EP0_BOUNCE_SIZE) { |
4680 |
++ dev_WARN(dwc->dev, "bounce buf can't handle req len\n"); |
4681 |
++ transfer_size = DWC3_EP0_BOUNCE_SIZE; |
4682 |
++ } |
4683 |
++ |
4684 |
+ dwc->ep0_bounced = true; |
4685 |
+ |
4686 |
+ /* |
4687 |
+diff --git a/drivers/usb/host/ehci-sysfs.c b/drivers/usb/host/ehci-sysfs.c |
4688 |
+index f6459dfb6f54..94054dad7710 100644 |
4689 |
+--- a/drivers/usb/host/ehci-sysfs.c |
4690 |
++++ b/drivers/usb/host/ehci-sysfs.c |
4691 |
+@@ -29,7 +29,7 @@ static ssize_t show_companion(struct device *dev, |
4692 |
+ int count = PAGE_SIZE; |
4693 |
+ char *ptr = buf; |
4694 |
+ |
4695 |
+- ehci = hcd_to_ehci(bus_to_hcd(dev_get_drvdata(dev))); |
4696 |
++ ehci = hcd_to_ehci(dev_get_drvdata(dev)); |
4697 |
+ nports = HCS_N_PORTS(ehci->hcs_params); |
4698 |
+ |
4699 |
+ for (index = 0; index < nports; ++index) { |
4700 |
+@@ -54,7 +54,7 @@ static ssize_t store_companion(struct device *dev, |
4701 |
+ struct ehci_hcd *ehci; |
4702 |
+ int portnum, new_owner; |
4703 |
+ |
4704 |
+- ehci = hcd_to_ehci(bus_to_hcd(dev_get_drvdata(dev))); |
4705 |
++ ehci = hcd_to_ehci(dev_get_drvdata(dev)); |
4706 |
+ new_owner = PORT_OWNER; /* Owned by companion */ |
4707 |
+ if (sscanf(buf, "%d", &portnum) != 1) |
4708 |
+ return -EINVAL; |
4709 |
+@@ -85,7 +85,7 @@ static ssize_t show_uframe_periodic_max(struct device *dev, |
4710 |
+ struct ehci_hcd *ehci; |
4711 |
+ int n; |
4712 |
+ |
4713 |
+- ehci = hcd_to_ehci(bus_to_hcd(dev_get_drvdata(dev))); |
4714 |
++ ehci = hcd_to_ehci(dev_get_drvdata(dev)); |
4715 |
+ n = scnprintf(buf, PAGE_SIZE, "%d\n", ehci->uframe_periodic_max); |
4716 |
+ return n; |
4717 |
+ } |
4718 |
+@@ -101,7 +101,7 @@ static ssize_t store_uframe_periodic_max(struct device *dev, |
4719 |
+ unsigned long flags; |
4720 |
+ ssize_t ret; |
4721 |
+ |
4722 |
+- ehci = hcd_to_ehci(bus_to_hcd(dev_get_drvdata(dev))); |
4723 |
++ ehci = hcd_to_ehci(dev_get_drvdata(dev)); |
4724 |
+ if (kstrtouint(buf, 0, &uframe_periodic_max) < 0) |
4725 |
+ return -EINVAL; |
4726 |
+ |
4727 |
+diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c |
4728 |
+index d44c904df055..ce3087bd95d2 100644 |
4729 |
+--- a/drivers/usb/host/xhci-mem.c |
4730 |
++++ b/drivers/usb/host/xhci-mem.c |
4731 |
+@@ -1502,10 +1502,10 @@ int xhci_endpoint_init(struct xhci_hcd *xhci, |
4732 |
+ * use Event Data TRBs, and we don't chain in a link TRB on short |
4733 |
+ * transfers, we're basically dividing by 1. |
4734 |
+ * |
4735 |
+- * xHCI 1.0 specification indicates that the Average TRB Length should |
4736 |
+- * be set to 8 for control endpoints. |
4737 |
++ * xHCI 1.0 and 1.1 specification indicates that the Average TRB Length |
4738 |
++ * should be set to 8 for control endpoints. |
4739 |
+ */ |
4740 |
+- if (usb_endpoint_xfer_control(&ep->desc) && xhci->hci_version == 0x100) |
4741 |
++ if (usb_endpoint_xfer_control(&ep->desc) && xhci->hci_version >= 0x100) |
4742 |
+ ep_ctx->tx_info |= cpu_to_le32(AVG_TRB_LENGTH_FOR_EP(8)); |
4743 |
+ else |
4744 |
+ ep_ctx->tx_info |= |
4745 |
+@@ -1796,8 +1796,7 @@ void xhci_mem_cleanup(struct xhci_hcd *xhci) |
4746 |
+ int size; |
4747 |
+ int i, j, num_ports; |
4748 |
+ |
4749 |
+- if (timer_pending(&xhci->cmd_timer)) |
4750 |
+- del_timer_sync(&xhci->cmd_timer); |
4751 |
++ del_timer_sync(&xhci->cmd_timer); |
4752 |
+ |
4753 |
+ /* Free the Event Ring Segment Table and the actual Event Ring */ |
4754 |
+ size = sizeof(struct xhci_erst_entry)*(xhci->erst.num_entries); |
4755 |
+@@ -2325,6 +2324,10 @@ int xhci_mem_init(struct xhci_hcd *xhci, gfp_t flags) |
4756 |
+ |
4757 |
+ INIT_LIST_HEAD(&xhci->cmd_list); |
4758 |
+ |
4759 |
++ /* init command timeout timer */ |
4760 |
++ setup_timer(&xhci->cmd_timer, xhci_handle_command_timeout, |
4761 |
++ (unsigned long)xhci); |
4762 |
++ |
4763 |
+ page_size = readl(&xhci->op_regs->page_size); |
4764 |
+ xhci_dbg_trace(xhci, trace_xhci_dbg_init, |
4765 |
+ "Supported page size register = 0x%x", page_size); |
4766 |
+@@ -2509,11 +2512,6 @@ int xhci_mem_init(struct xhci_hcd *xhci, gfp_t flags) |
4767 |
+ "Wrote ERST address to ir_set 0."); |
4768 |
+ xhci_print_ir_set(xhci, 0); |
4769 |
+ |
4770 |
+- /* init command timeout timer */ |
4771 |
+- init_timer(&xhci->cmd_timer); |
4772 |
+- xhci->cmd_timer.data = (unsigned long) xhci; |
4773 |
+- xhci->cmd_timer.function = xhci_handle_command_timeout; |
4774 |
+- |
4775 |
+ /* |
4776 |
+ * XXX: Might need to set the Interrupter Moderation Register to |
4777 |
+ * something other than the default (~1ms minimum between interrupts). |
4778 |
+diff --git a/drivers/usb/host/xhci-ring.c b/drivers/usb/host/xhci-ring.c |
4779 |
+index c70291cffc27..136259bc93b8 100644 |
4780 |
+--- a/drivers/usb/host/xhci-ring.c |
4781 |
++++ b/drivers/usb/host/xhci-ring.c |
4782 |
+@@ -3049,9 +3049,11 @@ static int queue_bulk_sg_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4783 |
+ struct xhci_td *td; |
4784 |
+ struct scatterlist *sg; |
4785 |
+ int num_sgs; |
4786 |
+- int trb_buff_len, this_sg_len, running_total; |
4787 |
++ int trb_buff_len, this_sg_len, running_total, ret; |
4788 |
+ unsigned int total_packet_count; |
4789 |
++ bool zero_length_needed; |
4790 |
+ bool first_trb; |
4791 |
++ int last_trb_num; |
4792 |
+ u64 addr; |
4793 |
+ bool more_trbs_coming; |
4794 |
+ |
4795 |
+@@ -3067,13 +3069,27 @@ static int queue_bulk_sg_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4796 |
+ total_packet_count = DIV_ROUND_UP(urb->transfer_buffer_length, |
4797 |
+ usb_endpoint_maxp(&urb->ep->desc)); |
4798 |
+ |
4799 |
+- trb_buff_len = prepare_transfer(xhci, xhci->devs[slot_id], |
4800 |
++ ret = prepare_transfer(xhci, xhci->devs[slot_id], |
4801 |
+ ep_index, urb->stream_id, |
4802 |
+ num_trbs, urb, 0, mem_flags); |
4803 |
+- if (trb_buff_len < 0) |
4804 |
+- return trb_buff_len; |
4805 |
++ if (ret < 0) |
4806 |
++ return ret; |
4807 |
+ |
4808 |
+ urb_priv = urb->hcpriv; |
4809 |
++ |
4810 |
++ /* Deal with URB_ZERO_PACKET - need one more td/trb */ |
4811 |
++ zero_length_needed = urb->transfer_flags & URB_ZERO_PACKET && |
4812 |
++ urb_priv->length == 2; |
4813 |
++ if (zero_length_needed) { |
4814 |
++ num_trbs++; |
4815 |
++ xhci_dbg(xhci, "Creating zero length td.\n"); |
4816 |
++ ret = prepare_transfer(xhci, xhci->devs[slot_id], |
4817 |
++ ep_index, urb->stream_id, |
4818 |
++ 1, urb, 1, mem_flags); |
4819 |
++ if (ret < 0) |
4820 |
++ return ret; |
4821 |
++ } |
4822 |
++ |
4823 |
+ td = urb_priv->td[0]; |
4824 |
+ |
4825 |
+ /* |
4826 |
+@@ -3103,6 +3119,7 @@ static int queue_bulk_sg_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4827 |
+ trb_buff_len = urb->transfer_buffer_length; |
4828 |
+ |
4829 |
+ first_trb = true; |
4830 |
++ last_trb_num = zero_length_needed ? 2 : 1; |
4831 |
+ /* Queue the first TRB, even if it's zero-length */ |
4832 |
+ do { |
4833 |
+ u32 field = 0; |
4834 |
+@@ -3120,12 +3137,15 @@ static int queue_bulk_sg_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4835 |
+ /* Chain all the TRBs together; clear the chain bit in the last |
4836 |
+ * TRB to indicate it's the last TRB in the chain. |
4837 |
+ */ |
4838 |
+- if (num_trbs > 1) { |
4839 |
++ if (num_trbs > last_trb_num) { |
4840 |
+ field |= TRB_CHAIN; |
4841 |
+- } else { |
4842 |
+- /* FIXME - add check for ZERO_PACKET flag before this */ |
4843 |
++ } else if (num_trbs == last_trb_num) { |
4844 |
+ td->last_trb = ep_ring->enqueue; |
4845 |
+ field |= TRB_IOC; |
4846 |
++ } else if (zero_length_needed && num_trbs == 1) { |
4847 |
++ trb_buff_len = 0; |
4848 |
++ urb_priv->td[1]->last_trb = ep_ring->enqueue; |
4849 |
++ field |= TRB_IOC; |
4850 |
+ } |
4851 |
+ |
4852 |
+ /* Only set interrupt on short packet for IN endpoints */ |
4853 |
+@@ -3187,7 +3207,7 @@ static int queue_bulk_sg_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4854 |
+ if (running_total + trb_buff_len > urb->transfer_buffer_length) |
4855 |
+ trb_buff_len = |
4856 |
+ urb->transfer_buffer_length - running_total; |
4857 |
+- } while (running_total < urb->transfer_buffer_length); |
4858 |
++ } while (num_trbs > 0); |
4859 |
+ |
4860 |
+ check_trb_math(urb, num_trbs, running_total); |
4861 |
+ giveback_first_trb(xhci, slot_id, ep_index, urb->stream_id, |
4862 |
+@@ -3205,7 +3225,9 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4863 |
+ int num_trbs; |
4864 |
+ struct xhci_generic_trb *start_trb; |
4865 |
+ bool first_trb; |
4866 |
++ int last_trb_num; |
4867 |
+ bool more_trbs_coming; |
4868 |
++ bool zero_length_needed; |
4869 |
+ int start_cycle; |
4870 |
+ u32 field, length_field; |
4871 |
+ |
4872 |
+@@ -3236,7 +3258,6 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4873 |
+ num_trbs++; |
4874 |
+ running_total += TRB_MAX_BUFF_SIZE; |
4875 |
+ } |
4876 |
+- /* FIXME: this doesn't deal with URB_ZERO_PACKET - need one more */ |
4877 |
+ |
4878 |
+ ret = prepare_transfer(xhci, xhci->devs[slot_id], |
4879 |
+ ep_index, urb->stream_id, |
4880 |
+@@ -3245,6 +3266,20 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4881 |
+ return ret; |
4882 |
+ |
4883 |
+ urb_priv = urb->hcpriv; |
4884 |
++ |
4885 |
++ /* Deal with URB_ZERO_PACKET - need one more td/trb */ |
4886 |
++ zero_length_needed = urb->transfer_flags & URB_ZERO_PACKET && |
4887 |
++ urb_priv->length == 2; |
4888 |
++ if (zero_length_needed) { |
4889 |
++ num_trbs++; |
4890 |
++ xhci_dbg(xhci, "Creating zero length td.\n"); |
4891 |
++ ret = prepare_transfer(xhci, xhci->devs[slot_id], |
4892 |
++ ep_index, urb->stream_id, |
4893 |
++ 1, urb, 1, mem_flags); |
4894 |
++ if (ret < 0) |
4895 |
++ return ret; |
4896 |
++ } |
4897 |
++ |
4898 |
+ td = urb_priv->td[0]; |
4899 |
+ |
4900 |
+ /* |
4901 |
+@@ -3266,7 +3301,7 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4902 |
+ trb_buff_len = urb->transfer_buffer_length; |
4903 |
+ |
4904 |
+ first_trb = true; |
4905 |
+- |
4906 |
++ last_trb_num = zero_length_needed ? 2 : 1; |
4907 |
+ /* Queue the first TRB, even if it's zero-length */ |
4908 |
+ do { |
4909 |
+ u32 remainder = 0; |
4910 |
+@@ -3283,12 +3318,15 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4911 |
+ /* Chain all the TRBs together; clear the chain bit in the last |
4912 |
+ * TRB to indicate it's the last TRB in the chain. |
4913 |
+ */ |
4914 |
+- if (num_trbs > 1) { |
4915 |
++ if (num_trbs > last_trb_num) { |
4916 |
+ field |= TRB_CHAIN; |
4917 |
+- } else { |
4918 |
+- /* FIXME - add check for ZERO_PACKET flag before this */ |
4919 |
++ } else if (num_trbs == last_trb_num) { |
4920 |
+ td->last_trb = ep_ring->enqueue; |
4921 |
+ field |= TRB_IOC; |
4922 |
++ } else if (zero_length_needed && num_trbs == 1) { |
4923 |
++ trb_buff_len = 0; |
4924 |
++ urb_priv->td[1]->last_trb = ep_ring->enqueue; |
4925 |
++ field |= TRB_IOC; |
4926 |
+ } |
4927 |
+ |
4928 |
+ /* Only set interrupt on short packet for IN endpoints */ |
4929 |
+@@ -3326,7 +3364,7 @@ int xhci_queue_bulk_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4930 |
+ trb_buff_len = urb->transfer_buffer_length - running_total; |
4931 |
+ if (trb_buff_len > TRB_MAX_BUFF_SIZE) |
4932 |
+ trb_buff_len = TRB_MAX_BUFF_SIZE; |
4933 |
+- } while (running_total < urb->transfer_buffer_length); |
4934 |
++ } while (num_trbs > 0); |
4935 |
+ |
4936 |
+ check_trb_math(urb, num_trbs, running_total); |
4937 |
+ giveback_first_trb(xhci, slot_id, ep_index, urb->stream_id, |
4938 |
+@@ -3393,8 +3431,8 @@ int xhci_queue_ctrl_tx(struct xhci_hcd *xhci, gfp_t mem_flags, |
4939 |
+ if (start_cycle == 0) |
4940 |
+ field |= 0x1; |
4941 |
+ |
4942 |
+- /* xHCI 1.0 6.4.1.2.1: Transfer Type field */ |
4943 |
+- if (xhci->hci_version == 0x100) { |
4944 |
++ /* xHCI 1.0/1.1 6.4.1.2.1: Transfer Type field */ |
4945 |
++ if (xhci->hci_version >= 0x100) { |
4946 |
+ if (urb->transfer_buffer_length > 0) { |
4947 |
+ if (setup->bRequestType & USB_DIR_IN) |
4948 |
+ field |= TRB_TX_TYPE(TRB_DATA_IN); |
4949 |
+diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c |
4950 |
+index 8e5f46082316..98380fa68fbf 100644 |
4951 |
+--- a/drivers/usb/host/xhci.c |
4952 |
++++ b/drivers/usb/host/xhci.c |
4953 |
+@@ -147,7 +147,8 @@ static int xhci_start(struct xhci_hcd *xhci) |
4954 |
+ "waited %u microseconds.\n", |
4955 |
+ XHCI_MAX_HALT_USEC); |
4956 |
+ if (!ret) |
4957 |
+- xhci->xhc_state &= ~XHCI_STATE_HALTED; |
4958 |
++ xhci->xhc_state &= ~(XHCI_STATE_HALTED | XHCI_STATE_DYING); |
4959 |
++ |
4960 |
+ return ret; |
4961 |
+ } |
4962 |
+ |
4963 |
+@@ -1343,6 +1344,11 @@ int xhci_urb_enqueue(struct usb_hcd *hcd, struct urb *urb, gfp_t mem_flags) |
4964 |
+ |
4965 |
+ if (usb_endpoint_xfer_isoc(&urb->ep->desc)) |
4966 |
+ size = urb->number_of_packets; |
4967 |
++ else if (usb_endpoint_is_bulk_out(&urb->ep->desc) && |
4968 |
++ urb->transfer_buffer_length > 0 && |
4969 |
++ urb->transfer_flags & URB_ZERO_PACKET && |
4970 |
++ !(urb->transfer_buffer_length % usb_endpoint_maxp(&urb->ep->desc))) |
4971 |
++ size = 2; |
4972 |
+ else |
4973 |
+ size = 1; |
4974 |
+ |
4975 |
+@@ -3787,6 +3793,9 @@ static int xhci_setup_device(struct usb_hcd *hcd, struct usb_device *udev, |
4976 |
+ u64 temp_64; |
4977 |
+ struct xhci_command *command; |
4978 |
+ |
4979 |
++ if (xhci->xhc_state) /* dying or halted */ |
4980 |
++ return -EINVAL; |
4981 |
++ |
4982 |
+ if (!udev->slot_id) { |
4983 |
+ xhci_dbg_trace(xhci, trace_xhci_dbg_address, |
4984 |
+ "Bad Slot ID %d", udev->slot_id); |
4985 |
+diff --git a/drivers/usb/musb/musb_cppi41.c b/drivers/usb/musb/musb_cppi41.c |
4986 |
+index 5a9b977fbc19..d59b232614d5 100644 |
4987 |
+--- a/drivers/usb/musb/musb_cppi41.c |
4988 |
++++ b/drivers/usb/musb/musb_cppi41.c |
4989 |
+@@ -600,7 +600,7 @@ static int cppi41_dma_controller_start(struct cppi41_dma_controller *controller) |
4990 |
+ { |
4991 |
+ struct musb *musb = controller->musb; |
4992 |
+ struct device *dev = musb->controller; |
4993 |
+- struct device_node *np = dev->of_node; |
4994 |
++ struct device_node *np = dev->parent->of_node; |
4995 |
+ struct cppi41_dma_channel *cppi41_channel; |
4996 |
+ int count; |
4997 |
+ int i; |
4998 |
+@@ -650,7 +650,7 @@ static int cppi41_dma_controller_start(struct cppi41_dma_controller *controller) |
4999 |
+ musb_dma->status = MUSB_DMA_STATUS_FREE; |
5000 |
+ musb_dma->max_len = SZ_4M; |
5001 |
+ |
5002 |
+- dc = dma_request_slave_channel(dev, str); |
5003 |
++ dc = dma_request_slave_channel(dev->parent, str); |
5004 |
+ if (!dc) { |
5005 |
+ dev_err(dev, "Failed to request %s.\n", str); |
5006 |
+ ret = -EPROBE_DEFER; |
5007 |
+@@ -680,7 +680,7 @@ struct dma_controller *dma_controller_create(struct musb *musb, |
5008 |
+ struct cppi41_dma_controller *controller; |
5009 |
+ int ret = 0; |
5010 |
+ |
5011 |
+- if (!musb->controller->of_node) { |
5012 |
++ if (!musb->controller->parent->of_node) { |
5013 |
+ dev_err(musb->controller, "Need DT for the DMA engine.\n"); |
5014 |
+ return NULL; |
5015 |
+ } |
5016 |
+diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c |
5017 |
+index 4c8b3b82103d..a5a0376bbd48 100644 |
5018 |
+--- a/drivers/usb/serial/ftdi_sio.c |
5019 |
++++ b/drivers/usb/serial/ftdi_sio.c |
5020 |
+@@ -605,6 +605,10 @@ static const struct usb_device_id id_table_combined[] = { |
5021 |
+ { USB_DEVICE(FTDI_VID, FTDI_NT_ORIONLXM_PID), |
5022 |
+ .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, |
5023 |
+ { USB_DEVICE(FTDI_VID, FTDI_SYNAPSE_SS200_PID) }, |
5024 |
++ { USB_DEVICE(FTDI_VID, FTDI_CUSTOMWARE_MINIPLEX_PID) }, |
5025 |
++ { USB_DEVICE(FTDI_VID, FTDI_CUSTOMWARE_MINIPLEX2_PID) }, |
5026 |
++ { USB_DEVICE(FTDI_VID, FTDI_CUSTOMWARE_MINIPLEX2WI_PID) }, |
5027 |
++ { USB_DEVICE(FTDI_VID, FTDI_CUSTOMWARE_MINIPLEX3_PID) }, |
5028 |
+ /* |
5029 |
+ * ELV devices: |
5030 |
+ */ |
5031 |
+diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h |
5032 |
+index 792e054126de..2943b97b2a83 100644 |
5033 |
+--- a/drivers/usb/serial/ftdi_sio_ids.h |
5034 |
++++ b/drivers/usb/serial/ftdi_sio_ids.h |
5035 |
+@@ -568,6 +568,14 @@ |
5036 |
+ */ |
5037 |
+ #define FTDI_SYNAPSE_SS200_PID 0x9090 /* SS200 - SNAP Stick 200 */ |
5038 |
+ |
5039 |
++/* |
5040 |
++ * CustomWare / ShipModul NMEA multiplexers product ids (FTDI_VID) |
5041 |
++ */ |
5042 |
++#define FTDI_CUSTOMWARE_MINIPLEX_PID 0xfd48 /* MiniPlex first generation NMEA Multiplexer */ |
5043 |
++#define FTDI_CUSTOMWARE_MINIPLEX2_PID 0xfd49 /* MiniPlex-USB and MiniPlex-2 series */ |
5044 |
++#define FTDI_CUSTOMWARE_MINIPLEX2WI_PID 0xfd4a /* MiniPlex-2Wi */ |
5045 |
++#define FTDI_CUSTOMWARE_MINIPLEX3_PID 0xfd4b /* MiniPlex-3 series */ |
5046 |
++ |
5047 |
+ |
5048 |
+ /********************************/ |
5049 |
+ /** third-party VID/PID combos **/ |
5050 |
+diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c |
5051 |
+index 463feb836f20..17d04d98358c 100644 |
5052 |
+--- a/drivers/usb/serial/option.c |
5053 |
++++ b/drivers/usb/serial/option.c |
5054 |
+@@ -278,6 +278,10 @@ static void option_instat_callback(struct urb *urb); |
5055 |
+ #define ZTE_PRODUCT_MF622 0x0001 |
5056 |
+ #define ZTE_PRODUCT_MF628 0x0015 |
5057 |
+ #define ZTE_PRODUCT_MF626 0x0031 |
5058 |
++#define ZTE_PRODUCT_ZM8620_X 0x0396 |
5059 |
++#define ZTE_PRODUCT_ME3620_MBIM 0x0426 |
5060 |
++#define ZTE_PRODUCT_ME3620_X 0x1432 |
5061 |
++#define ZTE_PRODUCT_ME3620_L 0x1433 |
5062 |
+ #define ZTE_PRODUCT_AC2726 0xfff1 |
5063 |
+ #define ZTE_PRODUCT_MG880 0xfffd |
5064 |
+ #define ZTE_PRODUCT_CDMA_TECH 0xfffe |
5065 |
+@@ -552,6 +556,18 @@ static const struct option_blacklist_info zte_mc2716_z_blacklist = { |
5066 |
+ .sendsetup = BIT(1) | BIT(2) | BIT(3), |
5067 |
+ }; |
5068 |
+ |
5069 |
++static const struct option_blacklist_info zte_me3620_mbim_blacklist = { |
5070 |
++ .reserved = BIT(2) | BIT(3) | BIT(4), |
5071 |
++}; |
5072 |
++ |
5073 |
++static const struct option_blacklist_info zte_me3620_xl_blacklist = { |
5074 |
++ .reserved = BIT(3) | BIT(4) | BIT(5), |
5075 |
++}; |
5076 |
++ |
5077 |
++static const struct option_blacklist_info zte_zm8620_x_blacklist = { |
5078 |
++ .reserved = BIT(3) | BIT(4) | BIT(5), |
5079 |
++}; |
5080 |
++ |
5081 |
+ static const struct option_blacklist_info huawei_cdc12_blacklist = { |
5082 |
+ .reserved = BIT(1) | BIT(2), |
5083 |
+ }; |
5084 |
+@@ -1599,6 +1615,14 @@ static const struct usb_device_id option_ids[] = { |
5085 |
+ .driver_info = (kernel_ulong_t)&zte_ad3812_z_blacklist }, |
5086 |
+ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, ZTE_PRODUCT_MC2716, 0xff, 0xff, 0xff), |
5087 |
+ .driver_info = (kernel_ulong_t)&zte_mc2716_z_blacklist }, |
5088 |
++ { USB_DEVICE(ZTE_VENDOR_ID, ZTE_PRODUCT_ME3620_L), |
5089 |
++ .driver_info = (kernel_ulong_t)&zte_me3620_xl_blacklist }, |
5090 |
++ { USB_DEVICE(ZTE_VENDOR_ID, ZTE_PRODUCT_ME3620_MBIM), |
5091 |
++ .driver_info = (kernel_ulong_t)&zte_me3620_mbim_blacklist }, |
5092 |
++ { USB_DEVICE(ZTE_VENDOR_ID, ZTE_PRODUCT_ME3620_X), |
5093 |
++ .driver_info = (kernel_ulong_t)&zte_me3620_xl_blacklist }, |
5094 |
++ { USB_DEVICE(ZTE_VENDOR_ID, ZTE_PRODUCT_ZM8620_X), |
5095 |
++ .driver_info = (kernel_ulong_t)&zte_zm8620_x_blacklist }, |
5096 |
+ { USB_VENDOR_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0xff, 0x02, 0x01) }, |
5097 |
+ { USB_VENDOR_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0xff, 0x02, 0x05) }, |
5098 |
+ { USB_VENDOR_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0xff, 0x86, 0x10) }, |
5099 |
+diff --git a/drivers/usb/serial/symbolserial.c b/drivers/usb/serial/symbolserial.c |
5100 |
+index 8fceec7298e0..6ed804450a5a 100644 |
5101 |
+--- a/drivers/usb/serial/symbolserial.c |
5102 |
++++ b/drivers/usb/serial/symbolserial.c |
5103 |
+@@ -94,7 +94,7 @@ exit: |
5104 |
+ |
5105 |
+ static int symbol_open(struct tty_struct *tty, struct usb_serial_port *port) |
5106 |
+ { |
5107 |
+- struct symbol_private *priv = usb_get_serial_data(port->serial); |
5108 |
++ struct symbol_private *priv = usb_get_serial_port_data(port); |
5109 |
+ unsigned long flags; |
5110 |
+ int result = 0; |
5111 |
+ |
5112 |
+@@ -120,7 +120,7 @@ static void symbol_close(struct usb_serial_port *port) |
5113 |
+ static void symbol_throttle(struct tty_struct *tty) |
5114 |
+ { |
5115 |
+ struct usb_serial_port *port = tty->driver_data; |
5116 |
+- struct symbol_private *priv = usb_get_serial_data(port->serial); |
5117 |
++ struct symbol_private *priv = usb_get_serial_port_data(port); |
5118 |
+ |
5119 |
+ spin_lock_irq(&priv->lock); |
5120 |
+ priv->throttled = true; |
5121 |
+@@ -130,7 +130,7 @@ static void symbol_throttle(struct tty_struct *tty) |
5122 |
+ static void symbol_unthrottle(struct tty_struct *tty) |
5123 |
+ { |
5124 |
+ struct usb_serial_port *port = tty->driver_data; |
5125 |
+- struct symbol_private *priv = usb_get_serial_data(port->serial); |
5126 |
++ struct symbol_private *priv = usb_get_serial_port_data(port); |
5127 |
+ int result; |
5128 |
+ bool was_throttled; |
5129 |
+ |
5130 |
+diff --git a/drivers/usb/serial/whiteheat.c b/drivers/usb/serial/whiteheat.c |
5131 |
+index 6c3734d2b45a..d3ea90bef84d 100644 |
5132 |
+--- a/drivers/usb/serial/whiteheat.c |
5133 |
++++ b/drivers/usb/serial/whiteheat.c |
5134 |
+@@ -80,6 +80,8 @@ static int whiteheat_firmware_download(struct usb_serial *serial, |
5135 |
+ static int whiteheat_firmware_attach(struct usb_serial *serial); |
5136 |
+ |
5137 |
+ /* function prototypes for the Connect Tech WhiteHEAT serial converter */ |
5138 |
++static int whiteheat_probe(struct usb_serial *serial, |
5139 |
++ const struct usb_device_id *id); |
5140 |
+ static int whiteheat_attach(struct usb_serial *serial); |
5141 |
+ static void whiteheat_release(struct usb_serial *serial); |
5142 |
+ static int whiteheat_port_probe(struct usb_serial_port *port); |
5143 |
+@@ -116,6 +118,7 @@ static struct usb_serial_driver whiteheat_device = { |
5144 |
+ .description = "Connect Tech - WhiteHEAT", |
5145 |
+ .id_table = id_table_std, |
5146 |
+ .num_ports = 4, |
5147 |
++ .probe = whiteheat_probe, |
5148 |
+ .attach = whiteheat_attach, |
5149 |
+ .release = whiteheat_release, |
5150 |
+ .port_probe = whiteheat_port_probe, |
5151 |
+@@ -217,6 +220,34 @@ static int whiteheat_firmware_attach(struct usb_serial *serial) |
5152 |
+ /***************************************************************************** |
5153 |
+ * Connect Tech's White Heat serial driver functions |
5154 |
+ *****************************************************************************/ |
5155 |
++ |
5156 |
++static int whiteheat_probe(struct usb_serial *serial, |
5157 |
++ const struct usb_device_id *id) |
5158 |
++{ |
5159 |
++ struct usb_host_interface *iface_desc; |
5160 |
++ struct usb_endpoint_descriptor *endpoint; |
5161 |
++ size_t num_bulk_in = 0; |
5162 |
++ size_t num_bulk_out = 0; |
5163 |
++ size_t min_num_bulk; |
5164 |
++ unsigned int i; |
5165 |
++ |
5166 |
++ iface_desc = serial->interface->cur_altsetting; |
5167 |
++ |
5168 |
++ for (i = 0; i < iface_desc->desc.bNumEndpoints; i++) { |
5169 |
++ endpoint = &iface_desc->endpoint[i].desc; |
5170 |
++ if (usb_endpoint_is_bulk_in(endpoint)) |
5171 |
++ ++num_bulk_in; |
5172 |
++ if (usb_endpoint_is_bulk_out(endpoint)) |
5173 |
++ ++num_bulk_out; |
5174 |
++ } |
5175 |
++ |
5176 |
++ min_num_bulk = COMMAND_PORT + 1; |
5177 |
++ if (num_bulk_in < min_num_bulk || num_bulk_out < min_num_bulk) |
5178 |
++ return -ENODEV; |
5179 |
++ |
5180 |
++ return 0; |
5181 |
++} |
5182 |
++ |
5183 |
+ static int whiteheat_attach(struct usb_serial *serial) |
5184 |
+ { |
5185 |
+ struct usb_serial_port *command_port; |
5186 |
+diff --git a/drivers/video/fbdev/Kconfig b/drivers/video/fbdev/Kconfig |
5187 |
+index c7bf606a8706..a5f88377cec5 100644 |
5188 |
+--- a/drivers/video/fbdev/Kconfig |
5189 |
++++ b/drivers/video/fbdev/Kconfig |
5190 |
+@@ -298,7 +298,7 @@ config FB_ARMCLCD |
5191 |
+ |
5192 |
+ # Helper logic selected only by the ARM Versatile platform family. |
5193 |
+ config PLAT_VERSATILE_CLCD |
5194 |
+- def_bool ARCH_VERSATILE || ARCH_REALVIEW || ARCH_VEXPRESS |
5195 |
++ def_bool ARCH_VERSATILE || ARCH_REALVIEW || ARCH_VEXPRESS || ARCH_INTEGRATOR |
5196 |
+ depends on ARM |
5197 |
+ depends on FB_ARMCLCD && FB=y |
5198 |
+ |
5199 |
+diff --git a/drivers/watchdog/sunxi_wdt.c b/drivers/watchdog/sunxi_wdt.c |
5200 |
+index b62301e74e5f..a9b37bdac5d3 100644 |
5201 |
+--- a/drivers/watchdog/sunxi_wdt.c |
5202 |
++++ b/drivers/watchdog/sunxi_wdt.c |
5203 |
+@@ -184,7 +184,7 @@ static int sunxi_wdt_start(struct watchdog_device *wdt_dev) |
5204 |
+ /* Set system reset function */ |
5205 |
+ reg = readl(wdt_base + regs->wdt_cfg); |
5206 |
+ reg &= ~(regs->wdt_reset_mask); |
5207 |
+- reg |= ~(regs->wdt_reset_val); |
5208 |
++ reg |= regs->wdt_reset_val; |
5209 |
+ writel(reg, wdt_base + regs->wdt_cfg); |
5210 |
+ |
5211 |
+ /* Enable watchdog */ |
5212 |
+diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c |
5213 |
+index 02391f3eb9b0..cb239ddae5c9 100644 |
5214 |
+--- a/fs/btrfs/extent_io.c |
5215 |
++++ b/fs/btrfs/extent_io.c |
5216 |
+@@ -2767,7 +2767,8 @@ static int submit_extent_page(int rw, struct extent_io_tree *tree, |
5217 |
+ bio_end_io_t end_io_func, |
5218 |
+ int mirror_num, |
5219 |
+ unsigned long prev_bio_flags, |
5220 |
+- unsigned long bio_flags) |
5221 |
++ unsigned long bio_flags, |
5222 |
++ bool force_bio_submit) |
5223 |
+ { |
5224 |
+ int ret = 0; |
5225 |
+ struct bio *bio; |
5226 |
+@@ -2785,6 +2786,7 @@ static int submit_extent_page(int rw, struct extent_io_tree *tree, |
5227 |
+ contig = bio_end_sector(bio) == sector; |
5228 |
+ |
5229 |
+ if (prev_bio_flags != bio_flags || !contig || |
5230 |
++ force_bio_submit || |
5231 |
+ merge_bio(rw, tree, page, offset, page_size, bio, bio_flags) || |
5232 |
+ bio_add_page(bio, page, page_size, offset) < page_size) { |
5233 |
+ ret = submit_one_bio(rw, bio, mirror_num, |
5234 |
+@@ -2876,7 +2878,8 @@ static int __do_readpage(struct extent_io_tree *tree, |
5235 |
+ get_extent_t *get_extent, |
5236 |
+ struct extent_map **em_cached, |
5237 |
+ struct bio **bio, int mirror_num, |
5238 |
+- unsigned long *bio_flags, int rw) |
5239 |
++ unsigned long *bio_flags, int rw, |
5240 |
++ u64 *prev_em_start) |
5241 |
+ { |
5242 |
+ struct inode *inode = page->mapping->host; |
5243 |
+ u64 start = page_offset(page); |
5244 |
+@@ -2924,6 +2927,7 @@ static int __do_readpage(struct extent_io_tree *tree, |
5245 |
+ } |
5246 |
+ while (cur <= end) { |
5247 |
+ unsigned long pnr = (last_byte >> PAGE_CACHE_SHIFT) + 1; |
5248 |
++ bool force_bio_submit = false; |
5249 |
+ |
5250 |
+ if (cur >= last_byte) { |
5251 |
+ char *userpage; |
5252 |
+@@ -2974,6 +2978,49 @@ static int __do_readpage(struct extent_io_tree *tree, |
5253 |
+ block_start = em->block_start; |
5254 |
+ if (test_bit(EXTENT_FLAG_PREALLOC, &em->flags)) |
5255 |
+ block_start = EXTENT_MAP_HOLE; |
5256 |
++ |
5257 |
++ /* |
5258 |
++ * If we have a file range that points to a compressed extent |
5259 |
++ * and it's followed by a consecutive file range that points to |
5260 |
++ * to the same compressed extent (possibly with a different |
5261 |
++ * offset and/or length, so it either points to the whole extent |
5262 |
++ * or only part of it), we must make sure we do not submit a |
5263 |
++ * single bio to populate the pages for the 2 ranges because |
5264 |
++ * this makes the compressed extent read zero out the pages |
5265 |
++ * belonging to the 2nd range. Imagine the following scenario: |
5266 |
++ * |
5267 |
++ * File layout |
5268 |
++ * [0 - 8K] [8K - 24K] |
5269 |
++ * | | |
5270 |
++ * | | |
5271 |
++ * points to extent X, points to extent X, |
5272 |
++ * offset 4K, length of 8K offset 0, length 16K |
5273 |
++ * |
5274 |
++ * [extent X, compressed length = 4K uncompressed length = 16K] |
5275 |
++ * |
5276 |
++ * If the bio to read the compressed extent covers both ranges, |
5277 |
++ * it will decompress extent X into the pages belonging to the |
5278 |
++ * first range and then it will stop, zeroing out the remaining |
5279 |
++ * pages that belong to the other range that points to extent X. |
5280 |
++ * So here we make sure we submit 2 bios, one for the first |
5281 |
++ * range and another one for the third range. Both will target |
5282 |
++ * the same physical extent from disk, but we can't currently |
5283 |
++ * make the compressed bio endio callback populate the pages |
5284 |
++ * for both ranges because each compressed bio is tightly |
5285 |
++ * coupled with a single extent map, and each range can have |
5286 |
++ * an extent map with a different offset value relative to the |
5287 |
++ * uncompressed data of our extent and different lengths. This |
5288 |
++ * is a corner case so we prioritize correctness over |
5289 |
++ * non-optimal behavior (submitting 2 bios for the same extent). |
5290 |
++ */ |
5291 |
++ if (test_bit(EXTENT_FLAG_COMPRESSED, &em->flags) && |
5292 |
++ prev_em_start && *prev_em_start != (u64)-1 && |
5293 |
++ *prev_em_start != em->orig_start) |
5294 |
++ force_bio_submit = true; |
5295 |
++ |
5296 |
++ if (prev_em_start) |
5297 |
++ *prev_em_start = em->orig_start; |
5298 |
++ |
5299 |
+ free_extent_map(em); |
5300 |
+ em = NULL; |
5301 |
+ |
5302 |
+@@ -3023,7 +3070,8 @@ static int __do_readpage(struct extent_io_tree *tree, |
5303 |
+ bdev, bio, pnr, |
5304 |
+ end_bio_extent_readpage, mirror_num, |
5305 |
+ *bio_flags, |
5306 |
+- this_bio_flag); |
5307 |
++ this_bio_flag, |
5308 |
++ force_bio_submit); |
5309 |
+ if (!ret) { |
5310 |
+ nr++; |
5311 |
+ *bio_flags = this_bio_flag; |
5312 |
+@@ -3050,7 +3098,8 @@ static inline void __do_contiguous_readpages(struct extent_io_tree *tree, |
5313 |
+ get_extent_t *get_extent, |
5314 |
+ struct extent_map **em_cached, |
5315 |
+ struct bio **bio, int mirror_num, |
5316 |
+- unsigned long *bio_flags, int rw) |
5317 |
++ unsigned long *bio_flags, int rw, |
5318 |
++ u64 *prev_em_start) |
5319 |
+ { |
5320 |
+ struct inode *inode; |
5321 |
+ struct btrfs_ordered_extent *ordered; |
5322 |
+@@ -3070,7 +3119,7 @@ static inline void __do_contiguous_readpages(struct extent_io_tree *tree, |
5323 |
+ |
5324 |
+ for (index = 0; index < nr_pages; index++) { |
5325 |
+ __do_readpage(tree, pages[index], get_extent, em_cached, bio, |
5326 |
+- mirror_num, bio_flags, rw); |
5327 |
++ mirror_num, bio_flags, rw, prev_em_start); |
5328 |
+ page_cache_release(pages[index]); |
5329 |
+ } |
5330 |
+ } |
5331 |
+@@ -3080,7 +3129,8 @@ static void __extent_readpages(struct extent_io_tree *tree, |
5332 |
+ int nr_pages, get_extent_t *get_extent, |
5333 |
+ struct extent_map **em_cached, |
5334 |
+ struct bio **bio, int mirror_num, |
5335 |
+- unsigned long *bio_flags, int rw) |
5336 |
++ unsigned long *bio_flags, int rw, |
5337 |
++ u64 *prev_em_start) |
5338 |
+ { |
5339 |
+ u64 start = 0; |
5340 |
+ u64 end = 0; |
5341 |
+@@ -3101,7 +3151,7 @@ static void __extent_readpages(struct extent_io_tree *tree, |
5342 |
+ index - first_index, start, |
5343 |
+ end, get_extent, em_cached, |
5344 |
+ bio, mirror_num, bio_flags, |
5345 |
+- rw); |
5346 |
++ rw, prev_em_start); |
5347 |
+ start = page_start; |
5348 |
+ end = start + PAGE_CACHE_SIZE - 1; |
5349 |
+ first_index = index; |
5350 |
+@@ -3112,7 +3162,8 @@ static void __extent_readpages(struct extent_io_tree *tree, |
5351 |
+ __do_contiguous_readpages(tree, &pages[first_index], |
5352 |
+ index - first_index, start, |
5353 |
+ end, get_extent, em_cached, bio, |
5354 |
+- mirror_num, bio_flags, rw); |
5355 |
++ mirror_num, bio_flags, rw, |
5356 |
++ prev_em_start); |
5357 |
+ } |
5358 |
+ |
5359 |
+ static int __extent_read_full_page(struct extent_io_tree *tree, |
5360 |
+@@ -3138,7 +3189,7 @@ static int __extent_read_full_page(struct extent_io_tree *tree, |
5361 |
+ } |
5362 |
+ |
5363 |
+ ret = __do_readpage(tree, page, get_extent, NULL, bio, mirror_num, |
5364 |
+- bio_flags, rw); |
5365 |
++ bio_flags, rw, NULL); |
5366 |
+ return ret; |
5367 |
+ } |
5368 |
+ |
5369 |
+@@ -3164,7 +3215,7 @@ int extent_read_full_page_nolock(struct extent_io_tree *tree, struct page *page, |
5370 |
+ int ret; |
5371 |
+ |
5372 |
+ ret = __do_readpage(tree, page, get_extent, NULL, &bio, mirror_num, |
5373 |
+- &bio_flags, READ); |
5374 |
++ &bio_flags, READ, NULL); |
5375 |
+ if (bio) |
5376 |
+ ret = submit_one_bio(READ, bio, mirror_num, bio_flags); |
5377 |
+ return ret; |
5378 |
+@@ -3417,7 +3468,7 @@ static noinline_for_stack int __extent_writepage_io(struct inode *inode, |
5379 |
+ sector, iosize, pg_offset, |
5380 |
+ bdev, &epd->bio, max_nr, |
5381 |
+ end_bio_extent_writepage, |
5382 |
+- 0, 0, 0); |
5383 |
++ 0, 0, 0, false); |
5384 |
+ if (ret) |
5385 |
+ SetPageError(page); |
5386 |
+ } |
5387 |
+@@ -3719,7 +3770,7 @@ static noinline_for_stack int write_one_eb(struct extent_buffer *eb, |
5388 |
+ ret = submit_extent_page(rw, tree, p, offset >> 9, |
5389 |
+ PAGE_CACHE_SIZE, 0, bdev, &epd->bio, |
5390 |
+ -1, end_bio_extent_buffer_writepage, |
5391 |
+- 0, epd->bio_flags, bio_flags); |
5392 |
++ 0, epd->bio_flags, bio_flags, false); |
5393 |
+ epd->bio_flags = bio_flags; |
5394 |
+ if (ret) { |
5395 |
+ set_btree_ioerr(p); |
5396 |
+@@ -4123,6 +4174,7 @@ int extent_readpages(struct extent_io_tree *tree, |
5397 |
+ struct page *page; |
5398 |
+ struct extent_map *em_cached = NULL; |
5399 |
+ int nr = 0; |
5400 |
++ u64 prev_em_start = (u64)-1; |
5401 |
+ |
5402 |
+ for (page_idx = 0; page_idx < nr_pages; page_idx++) { |
5403 |
+ page = list_entry(pages->prev, struct page, lru); |
5404 |
+@@ -4139,12 +4191,12 @@ int extent_readpages(struct extent_io_tree *tree, |
5405 |
+ if (nr < ARRAY_SIZE(pagepool)) |
5406 |
+ continue; |
5407 |
+ __extent_readpages(tree, pagepool, nr, get_extent, &em_cached, |
5408 |
+- &bio, 0, &bio_flags, READ); |
5409 |
++ &bio, 0, &bio_flags, READ, &prev_em_start); |
5410 |
+ nr = 0; |
5411 |
+ } |
5412 |
+ if (nr) |
5413 |
+ __extent_readpages(tree, pagepool, nr, get_extent, &em_cached, |
5414 |
+- &bio, 0, &bio_flags, READ); |
5415 |
++ &bio, 0, &bio_flags, READ, &prev_em_start); |
5416 |
+ |
5417 |
+ if (em_cached) |
5418 |
+ free_extent_map(em_cached); |
5419 |
+diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c |
5420 |
+index edaa6178b4ec..0be09bb34b75 100644 |
5421 |
+--- a/fs/btrfs/inode.c |
5422 |
++++ b/fs/btrfs/inode.c |
5423 |
+@@ -4802,7 +4802,8 @@ void btrfs_evict_inode(struct inode *inode) |
5424 |
+ goto no_delete; |
5425 |
+ } |
5426 |
+ /* do we really want it for ->i_nlink > 0 and zero btrfs_root_refs? */ |
5427 |
+- btrfs_wait_ordered_range(inode, 0, (u64)-1); |
5428 |
++ if (!special_file(inode->i_mode)) |
5429 |
++ btrfs_wait_ordered_range(inode, 0, (u64)-1); |
5430 |
+ |
5431 |
+ btrfs_free_io_failure_record(inode, 0, (u64)-1); |
5432 |
+ |
5433 |
+diff --git a/fs/btrfs/transaction.c b/fs/btrfs/transaction.c |
5434 |
+index 63c6d05950f2..7dce00b91a71 100644 |
5435 |
+--- a/fs/btrfs/transaction.c |
5436 |
++++ b/fs/btrfs/transaction.c |
5437 |
+@@ -1756,8 +1756,11 @@ int btrfs_commit_transaction(struct btrfs_trans_handle *trans, |
5438 |
+ spin_unlock(&root->fs_info->trans_lock); |
5439 |
+ |
5440 |
+ wait_for_commit(root, prev_trans); |
5441 |
++ ret = prev_trans->aborted; |
5442 |
+ |
5443 |
+ btrfs_put_transaction(prev_trans); |
5444 |
++ if (ret) |
5445 |
++ goto cleanup_transaction; |
5446 |
+ } else { |
5447 |
+ spin_unlock(&root->fs_info->trans_lock); |
5448 |
+ } |
5449 |
+diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c |
5450 |
+index 4ac7445e6ec7..da7fbfaa60b4 100644 |
5451 |
+--- a/fs/cifs/cifsencrypt.c |
5452 |
++++ b/fs/cifs/cifsencrypt.c |
5453 |
+@@ -441,6 +441,48 @@ find_domain_name(struct cifs_ses *ses, const struct nls_table *nls_cp) |
5454 |
+ return 0; |
5455 |
+ } |
5456 |
+ |
5457 |
++/* Server has provided av pairs/target info in the type 2 challenge |
5458 |
++ * packet and we have plucked it and stored within smb session. |
5459 |
++ * We parse that blob here to find the server given timestamp |
5460 |
++ * as part of ntlmv2 authentication (or local current time as |
5461 |
++ * default in case of failure) |
5462 |
++ */ |
5463 |
++static __le64 |
5464 |
++find_timestamp(struct cifs_ses *ses) |
5465 |
++{ |
5466 |
++ unsigned int attrsize; |
5467 |
++ unsigned int type; |
5468 |
++ unsigned int onesize = sizeof(struct ntlmssp2_name); |
5469 |
++ unsigned char *blobptr; |
5470 |
++ unsigned char *blobend; |
5471 |
++ struct ntlmssp2_name *attrptr; |
5472 |
++ |
5473 |
++ if (!ses->auth_key.len || !ses->auth_key.response) |
5474 |
++ return 0; |
5475 |
++ |
5476 |
++ blobptr = ses->auth_key.response; |
5477 |
++ blobend = blobptr + ses->auth_key.len; |
5478 |
++ |
5479 |
++ while (blobptr + onesize < blobend) { |
5480 |
++ attrptr = (struct ntlmssp2_name *) blobptr; |
5481 |
++ type = le16_to_cpu(attrptr->type); |
5482 |
++ if (type == NTLMSSP_AV_EOL) |
5483 |
++ break; |
5484 |
++ blobptr += 2; /* advance attr type */ |
5485 |
++ attrsize = le16_to_cpu(attrptr->length); |
5486 |
++ blobptr += 2; /* advance attr size */ |
5487 |
++ if (blobptr + attrsize > blobend) |
5488 |
++ break; |
5489 |
++ if (type == NTLMSSP_AV_TIMESTAMP) { |
5490 |
++ if (attrsize == sizeof(u64)) |
5491 |
++ return *((__le64 *)blobptr); |
5492 |
++ } |
5493 |
++ blobptr += attrsize; /* advance attr value */ |
5494 |
++ } |
5495 |
++ |
5496 |
++ return cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); |
5497 |
++} |
5498 |
++ |
5499 |
+ static int calc_ntlmv2_hash(struct cifs_ses *ses, char *ntlmv2_hash, |
5500 |
+ const struct nls_table *nls_cp) |
5501 |
+ { |
5502 |
+@@ -637,6 +679,7 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) |
5503 |
+ struct ntlmv2_resp *ntlmv2; |
5504 |
+ char ntlmv2_hash[16]; |
5505 |
+ unsigned char *tiblob = NULL; /* target info blob */ |
5506 |
++ __le64 rsp_timestamp; |
5507 |
+ |
5508 |
+ if (ses->server->negflavor == CIFS_NEGFLAVOR_EXTENDED) { |
5509 |
+ if (!ses->domainName) { |
5510 |
+@@ -655,6 +698,12 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) |
5511 |
+ } |
5512 |
+ } |
5513 |
+ |
5514 |
++ /* Must be within 5 minutes of the server (or in range +/-2h |
5515 |
++ * in case of Mac OS X), so simply carry over server timestamp |
5516 |
++ * (as Windows 7 does) |
5517 |
++ */ |
5518 |
++ rsp_timestamp = find_timestamp(ses); |
5519 |
++ |
5520 |
+ baselen = CIFS_SESS_KEY_SIZE + sizeof(struct ntlmv2_resp); |
5521 |
+ tilen = ses->auth_key.len; |
5522 |
+ tiblob = ses->auth_key.response; |
5523 |
+@@ -671,8 +720,8 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) |
5524 |
+ (ses->auth_key.response + CIFS_SESS_KEY_SIZE); |
5525 |
+ ntlmv2->blob_signature = cpu_to_le32(0x00000101); |
5526 |
+ ntlmv2->reserved = 0; |
5527 |
+- /* Must be within 5 minutes of the server */ |
5528 |
+- ntlmv2->time = cpu_to_le64(cifs_UnixTimeToNT(CURRENT_TIME)); |
5529 |
++ ntlmv2->time = rsp_timestamp; |
5530 |
++ |
5531 |
+ get_random_bytes(&ntlmv2->client_chal, sizeof(ntlmv2->client_chal)); |
5532 |
+ ntlmv2->reserved2 = 0; |
5533 |
+ |
5534 |
+diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c |
5535 |
+index 0c3ce464cae4..c88a8279e532 100644 |
5536 |
+--- a/fs/cifs/inode.c |
5537 |
++++ b/fs/cifs/inode.c |
5538 |
+@@ -2010,7 +2010,6 @@ cifs_set_file_size(struct inode *inode, struct iattr *attrs, |
5539 |
+ struct tcon_link *tlink = NULL; |
5540 |
+ struct cifs_tcon *tcon = NULL; |
5541 |
+ struct TCP_Server_Info *server; |
5542 |
+- struct cifs_io_parms io_parms; |
5543 |
+ |
5544 |
+ /* |
5545 |
+ * To avoid spurious oplock breaks from server, in the case of |
5546 |
+@@ -2032,18 +2031,6 @@ cifs_set_file_size(struct inode *inode, struct iattr *attrs, |
5547 |
+ rc = -ENOSYS; |
5548 |
+ cifsFileInfo_put(open_file); |
5549 |
+ cifs_dbg(FYI, "SetFSize for attrs rc = %d\n", rc); |
5550 |
+- if ((rc == -EINVAL) || (rc == -EOPNOTSUPP)) { |
5551 |
+- unsigned int bytes_written; |
5552 |
+- |
5553 |
+- io_parms.netfid = open_file->fid.netfid; |
5554 |
+- io_parms.pid = open_file->pid; |
5555 |
+- io_parms.tcon = tcon; |
5556 |
+- io_parms.offset = 0; |
5557 |
+- io_parms.length = attrs->ia_size; |
5558 |
+- rc = CIFSSMBWrite(xid, &io_parms, &bytes_written, |
5559 |
+- NULL, NULL, 1); |
5560 |
+- cifs_dbg(FYI, "Wrt seteof rc %d\n", rc); |
5561 |
+- } |
5562 |
+ } else |
5563 |
+ rc = -EINVAL; |
5564 |
+ |
5565 |
+@@ -2069,28 +2056,7 @@ cifs_set_file_size(struct inode *inode, struct iattr *attrs, |
5566 |
+ else |
5567 |
+ rc = -ENOSYS; |
5568 |
+ cifs_dbg(FYI, "SetEOF by path (setattrs) rc = %d\n", rc); |
5569 |
+- if ((rc == -EINVAL) || (rc == -EOPNOTSUPP)) { |
5570 |
+- __u16 netfid; |
5571 |
+- int oplock = 0; |
5572 |
+ |
5573 |
+- rc = SMBLegacyOpen(xid, tcon, full_path, FILE_OPEN, |
5574 |
+- GENERIC_WRITE, CREATE_NOT_DIR, &netfid, |
5575 |
+- &oplock, NULL, cifs_sb->local_nls, |
5576 |
+- cifs_remap(cifs_sb)); |
5577 |
+- if (rc == 0) { |
5578 |
+- unsigned int bytes_written; |
5579 |
+- |
5580 |
+- io_parms.netfid = netfid; |
5581 |
+- io_parms.pid = current->tgid; |
5582 |
+- io_parms.tcon = tcon; |
5583 |
+- io_parms.offset = 0; |
5584 |
+- io_parms.length = attrs->ia_size; |
5585 |
+- rc = CIFSSMBWrite(xid, &io_parms, &bytes_written, NULL, |
5586 |
+- NULL, 1); |
5587 |
+- cifs_dbg(FYI, "wrt seteof rc %d\n", rc); |
5588 |
+- CIFSSMBClose(xid, tcon, netfid); |
5589 |
+- } |
5590 |
+- } |
5591 |
+ if (tlink) |
5592 |
+ cifs_put_tlink(tlink); |
5593 |
+ |
5594 |
+diff --git a/fs/cifs/ioctl.c b/fs/cifs/ioctl.c |
5595 |
+index 8b7898b7670f..64a9bca976d0 100644 |
5596 |
+--- a/fs/cifs/ioctl.c |
5597 |
++++ b/fs/cifs/ioctl.c |
5598 |
+@@ -67,6 +67,12 @@ static long cifs_ioctl_clone(unsigned int xid, struct file *dst_file, |
5599 |
+ goto out_drop_write; |
5600 |
+ } |
5601 |
+ |
5602 |
++ if (src_file.file->f_op->unlocked_ioctl != cifs_ioctl) { |
5603 |
++ rc = -EBADF; |
5604 |
++ cifs_dbg(VFS, "src file seems to be from a different filesystem type\n"); |
5605 |
++ goto out_fput; |
5606 |
++ } |
5607 |
++ |
5608 |
+ if ((!src_file.file->private_data) || (!dst_file->private_data)) { |
5609 |
+ rc = -EBADF; |
5610 |
+ cifs_dbg(VFS, "missing cifsFileInfo on copy range src file\n"); |
5611 |
+diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c |
5612 |
+index cc93a7ffe8e4..51f5251d7db5 100644 |
5613 |
+--- a/fs/cifs/smb2ops.c |
5614 |
++++ b/fs/cifs/smb2ops.c |
5615 |
+@@ -50,9 +50,13 @@ change_conf(struct TCP_Server_Info *server) |
5616 |
+ break; |
5617 |
+ default: |
5618 |
+ server->echoes = true; |
5619 |
+- server->oplocks = true; |
5620 |
++ if (enable_oplocks) { |
5621 |
++ server->oplocks = true; |
5622 |
++ server->oplock_credits = 1; |
5623 |
++ } else |
5624 |
++ server->oplocks = false; |
5625 |
++ |
5626 |
+ server->echo_credits = 1; |
5627 |
+- server->oplock_credits = 1; |
5628 |
+ } |
5629 |
+ server->credits -= server->echo_credits + server->oplock_credits; |
5630 |
+ return 0; |
5631 |
+diff --git a/fs/coredump.c b/fs/coredump.c |
5632 |
+index 4c5866b948e7..00d75e82f6f2 100644 |
5633 |
+--- a/fs/coredump.c |
5634 |
++++ b/fs/coredump.c |
5635 |
+@@ -506,10 +506,10 @@ void do_coredump(const siginfo_t *siginfo) |
5636 |
+ const struct cred *old_cred; |
5637 |
+ struct cred *cred; |
5638 |
+ int retval = 0; |
5639 |
+- int flag = 0; |
5640 |
+ int ispipe; |
5641 |
+ struct files_struct *displaced; |
5642 |
+- bool need_nonrelative = false; |
5643 |
++ /* require nonrelative corefile path and be extra careful */ |
5644 |
++ bool need_suid_safe = false; |
5645 |
+ bool core_dumped = false; |
5646 |
+ static atomic_t core_dump_count = ATOMIC_INIT(0); |
5647 |
+ struct coredump_params cprm = { |
5648 |
+@@ -543,9 +543,8 @@ void do_coredump(const siginfo_t *siginfo) |
5649 |
+ */ |
5650 |
+ if (__get_dumpable(cprm.mm_flags) == SUID_DUMP_ROOT) { |
5651 |
+ /* Setuid core dump mode */ |
5652 |
+- flag = O_EXCL; /* Stop rewrite attacks */ |
5653 |
+ cred->fsuid = GLOBAL_ROOT_UID; /* Dump root private */ |
5654 |
+- need_nonrelative = true; |
5655 |
++ need_suid_safe = true; |
5656 |
+ } |
5657 |
+ |
5658 |
+ retval = coredump_wait(siginfo->si_signo, &core_state); |
5659 |
+@@ -626,7 +625,7 @@ void do_coredump(const siginfo_t *siginfo) |
5660 |
+ if (cprm.limit < binfmt->min_coredump) |
5661 |
+ goto fail_unlock; |
5662 |
+ |
5663 |
+- if (need_nonrelative && cn.corename[0] != '/') { |
5664 |
++ if (need_suid_safe && cn.corename[0] != '/') { |
5665 |
+ printk(KERN_WARNING "Pid %d(%s) can only dump core "\ |
5666 |
+ "to fully qualified path!\n", |
5667 |
+ task_tgid_vnr(current), current->comm); |
5668 |
+@@ -634,8 +633,35 @@ void do_coredump(const siginfo_t *siginfo) |
5669 |
+ goto fail_unlock; |
5670 |
+ } |
5671 |
+ |
5672 |
++ /* |
5673 |
++ * Unlink the file if it exists unless this is a SUID |
5674 |
++ * binary - in that case, we're running around with root |
5675 |
++ * privs and don't want to unlink another user's coredump. |
5676 |
++ */ |
5677 |
++ if (!need_suid_safe) { |
5678 |
++ mm_segment_t old_fs; |
5679 |
++ |
5680 |
++ old_fs = get_fs(); |
5681 |
++ set_fs(KERNEL_DS); |
5682 |
++ /* |
5683 |
++ * If it doesn't exist, that's fine. If there's some |
5684 |
++ * other problem, we'll catch it at the filp_open(). |
5685 |
++ */ |
5686 |
++ (void) sys_unlink((const char __user *)cn.corename); |
5687 |
++ set_fs(old_fs); |
5688 |
++ } |
5689 |
++ |
5690 |
++ /* |
5691 |
++ * There is a race between unlinking and creating the |
5692 |
++ * file, but if that causes an EEXIST here, that's |
5693 |
++ * fine - another process raced with us while creating |
5694 |
++ * the corefile, and the other process won. To userspace, |
5695 |
++ * what matters is that at least one of the two processes |
5696 |
++ * writes its coredump successfully, not which one. |
5697 |
++ */ |
5698 |
+ cprm.file = filp_open(cn.corename, |
5699 |
+- O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag, |
5700 |
++ O_CREAT | 2 | O_NOFOLLOW | |
5701 |
++ O_LARGEFILE | O_EXCL, |
5702 |
+ 0600); |
5703 |
+ if (IS_ERR(cprm.file)) |
5704 |
+ goto fail_unlock; |
5705 |
+diff --git a/fs/dcache.c b/fs/dcache.c |
5706 |
+index a66d6d80e2d9..d25f8fdcd397 100644 |
5707 |
+--- a/fs/dcache.c |
5708 |
++++ b/fs/dcache.c |
5709 |
+@@ -1528,7 +1528,8 @@ void d_set_d_op(struct dentry *dentry, const struct dentry_operations *op) |
5710 |
+ DCACHE_OP_COMPARE | |
5711 |
+ DCACHE_OP_REVALIDATE | |
5712 |
+ DCACHE_OP_WEAK_REVALIDATE | |
5713 |
+- DCACHE_OP_DELETE )); |
5714 |
++ DCACHE_OP_DELETE | |
5715 |
++ DCACHE_OP_SELECT_INODE)); |
5716 |
+ dentry->d_op = op; |
5717 |
+ if (!op) |
5718 |
+ return; |
5719 |
+@@ -1544,6 +1545,8 @@ void d_set_d_op(struct dentry *dentry, const struct dentry_operations *op) |
5720 |
+ dentry->d_flags |= DCACHE_OP_DELETE; |
5721 |
+ if (op->d_prune) |
5722 |
+ dentry->d_flags |= DCACHE_OP_PRUNE; |
5723 |
++ if (op->d_select_inode) |
5724 |
++ dentry->d_flags |= DCACHE_OP_SELECT_INODE; |
5725 |
+ |
5726 |
+ } |
5727 |
+ EXPORT_SYMBOL(d_set_d_op); |
5728 |
+@@ -2889,6 +2892,13 @@ restart: |
5729 |
+ |
5730 |
+ if (dentry == vfsmnt->mnt_root || IS_ROOT(dentry)) { |
5731 |
+ struct mount *parent = ACCESS_ONCE(mnt->mnt_parent); |
5732 |
++ /* Escaped? */ |
5733 |
++ if (dentry != vfsmnt->mnt_root) { |
5734 |
++ bptr = *buffer; |
5735 |
++ blen = *buflen; |
5736 |
++ error = 3; |
5737 |
++ break; |
5738 |
++ } |
5739 |
+ /* Global root? */ |
5740 |
+ if (mnt != parent) { |
5741 |
+ dentry = ACCESS_ONCE(mnt->mnt_mountpoint); |
5742 |
+diff --git a/fs/ext4/super.c b/fs/ext4/super.c |
5743 |
+index bf038468d752..b5a2c29a8db8 100644 |
5744 |
+--- a/fs/ext4/super.c |
5745 |
++++ b/fs/ext4/super.c |
5746 |
+@@ -4754,10 +4754,11 @@ static int ext4_freeze(struct super_block *sb) |
5747 |
+ error = jbd2_journal_flush(journal); |
5748 |
+ if (error < 0) |
5749 |
+ goto out; |
5750 |
++ |
5751 |
++ /* Journal blocked and flushed, clear needs_recovery flag. */ |
5752 |
++ EXT4_CLEAR_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
5753 |
+ } |
5754 |
+ |
5755 |
+- /* Journal blocked and flushed, clear needs_recovery flag. */ |
5756 |
+- EXT4_CLEAR_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
5757 |
+ error = ext4_commit_super(sb, 1); |
5758 |
+ out: |
5759 |
+ if (journal) |
5760 |
+@@ -4775,8 +4776,11 @@ static int ext4_unfreeze(struct super_block *sb) |
5761 |
+ if (sb->s_flags & MS_RDONLY) |
5762 |
+ return 0; |
5763 |
+ |
5764 |
+- /* Reset the needs_recovery flag before the fs is unlocked. */ |
5765 |
+- EXT4_SET_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
5766 |
++ if (EXT4_SB(sb)->s_journal) { |
5767 |
++ /* Reset the needs_recovery flag before the fs is unlocked. */ |
5768 |
++ EXT4_SET_INCOMPAT_FEATURE(sb, EXT4_FEATURE_INCOMPAT_RECOVER); |
5769 |
++ } |
5770 |
++ |
5771 |
+ ext4_commit_super(sb, 1); |
5772 |
+ return 0; |
5773 |
+ } |
5774 |
+diff --git a/fs/hfs/bnode.c b/fs/hfs/bnode.c |
5775 |
+index d3fa6bd9503e..221719eac5de 100644 |
5776 |
+--- a/fs/hfs/bnode.c |
5777 |
++++ b/fs/hfs/bnode.c |
5778 |
+@@ -288,7 +288,6 @@ static struct hfs_bnode *__hfs_bnode_create(struct hfs_btree *tree, u32 cnid) |
5779 |
+ page_cache_release(page); |
5780 |
+ goto fail; |
5781 |
+ } |
5782 |
+- page_cache_release(page); |
5783 |
+ node->page[i] = page; |
5784 |
+ } |
5785 |
+ |
5786 |
+@@ -398,11 +397,11 @@ node_error: |
5787 |
+ |
5788 |
+ void hfs_bnode_free(struct hfs_bnode *node) |
5789 |
+ { |
5790 |
+- //int i; |
5791 |
++ int i; |
5792 |
+ |
5793 |
+- //for (i = 0; i < node->tree->pages_per_bnode; i++) |
5794 |
+- // if (node->page[i]) |
5795 |
+- // page_cache_release(node->page[i]); |
5796 |
++ for (i = 0; i < node->tree->pages_per_bnode; i++) |
5797 |
++ if (node->page[i]) |
5798 |
++ page_cache_release(node->page[i]); |
5799 |
+ kfree(node); |
5800 |
+ } |
5801 |
+ |
5802 |
+diff --git a/fs/hfs/brec.c b/fs/hfs/brec.c |
5803 |
+index 9f4ee7f52026..6fc766df0461 100644 |
5804 |
+--- a/fs/hfs/brec.c |
5805 |
++++ b/fs/hfs/brec.c |
5806 |
+@@ -131,13 +131,16 @@ skip: |
5807 |
+ hfs_bnode_write(node, entry, data_off + key_len, entry_len); |
5808 |
+ hfs_bnode_dump(node); |
5809 |
+ |
5810 |
+- if (new_node) { |
5811 |
+- /* update parent key if we inserted a key |
5812 |
+- * at the start of the first node |
5813 |
+- */ |
5814 |
+- if (!rec && new_node != node) |
5815 |
+- hfs_brec_update_parent(fd); |
5816 |
++ /* |
5817 |
++ * update parent key if we inserted a key |
5818 |
++ * at the start of the node and it is not the new node |
5819 |
++ */ |
5820 |
++ if (!rec && new_node != node) { |
5821 |
++ hfs_bnode_read_key(node, fd->search_key, data_off + size); |
5822 |
++ hfs_brec_update_parent(fd); |
5823 |
++ } |
5824 |
+ |
5825 |
++ if (new_node) { |
5826 |
+ hfs_bnode_put(fd->bnode); |
5827 |
+ if (!new_node->parent) { |
5828 |
+ hfs_btree_inc_height(tree); |
5829 |
+@@ -166,9 +169,6 @@ skip: |
5830 |
+ goto again; |
5831 |
+ } |
5832 |
+ |
5833 |
+- if (!rec) |
5834 |
+- hfs_brec_update_parent(fd); |
5835 |
+- |
5836 |
+ return 0; |
5837 |
+ } |
5838 |
+ |
5839 |
+@@ -366,6 +366,8 @@ again: |
5840 |
+ if (IS_ERR(parent)) |
5841 |
+ return PTR_ERR(parent); |
5842 |
+ __hfs_brec_find(parent, fd); |
5843 |
++ if (fd->record < 0) |
5844 |
++ return -ENOENT; |
5845 |
+ hfs_bnode_dump(parent); |
5846 |
+ rec = fd->record; |
5847 |
+ |
5848 |
+diff --git a/fs/hfsplus/bnode.c b/fs/hfsplus/bnode.c |
5849 |
+index 759708fd9331..63924662aaf3 100644 |
5850 |
+--- a/fs/hfsplus/bnode.c |
5851 |
++++ b/fs/hfsplus/bnode.c |
5852 |
+@@ -454,7 +454,6 @@ static struct hfs_bnode *__hfs_bnode_create(struct hfs_btree *tree, u32 cnid) |
5853 |
+ page_cache_release(page); |
5854 |
+ goto fail; |
5855 |
+ } |
5856 |
+- page_cache_release(page); |
5857 |
+ node->page[i] = page; |
5858 |
+ } |
5859 |
+ |
5860 |
+@@ -566,13 +565,11 @@ node_error: |
5861 |
+ |
5862 |
+ void hfs_bnode_free(struct hfs_bnode *node) |
5863 |
+ { |
5864 |
+-#if 0 |
5865 |
+ int i; |
5866 |
+ |
5867 |
+ for (i = 0; i < node->tree->pages_per_bnode; i++) |
5868 |
+ if (node->page[i]) |
5869 |
+ page_cache_release(node->page[i]); |
5870 |
+-#endif |
5871 |
+ kfree(node); |
5872 |
+ } |
5873 |
+ |
5874 |
+diff --git a/fs/hpfs/namei.c b/fs/hpfs/namei.c |
5875 |
+index bdbc2c3080a4..0642cafaab34 100644 |
5876 |
+--- a/fs/hpfs/namei.c |
5877 |
++++ b/fs/hpfs/namei.c |
5878 |
+@@ -8,6 +8,17 @@ |
5879 |
+ #include <linux/sched.h> |
5880 |
+ #include "hpfs_fn.h" |
5881 |
+ |
5882 |
++static void hpfs_update_directory_times(struct inode *dir) |
5883 |
++{ |
5884 |
++ time_t t = get_seconds(); |
5885 |
++ if (t == dir->i_mtime.tv_sec && |
5886 |
++ t == dir->i_ctime.tv_sec) |
5887 |
++ return; |
5888 |
++ dir->i_mtime.tv_sec = dir->i_ctime.tv_sec = t; |
5889 |
++ dir->i_mtime.tv_nsec = dir->i_ctime.tv_nsec = 0; |
5890 |
++ hpfs_write_inode_nolock(dir); |
5891 |
++} |
5892 |
++ |
5893 |
+ static int hpfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) |
5894 |
+ { |
5895 |
+ const unsigned char *name = dentry->d_name.name; |
5896 |
+@@ -99,6 +110,7 @@ static int hpfs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) |
5897 |
+ result->i_mode = mode | S_IFDIR; |
5898 |
+ hpfs_write_inode_nolock(result); |
5899 |
+ } |
5900 |
++ hpfs_update_directory_times(dir); |
5901 |
+ d_instantiate(dentry, result); |
5902 |
+ hpfs_unlock(dir->i_sb); |
5903 |
+ return 0; |
5904 |
+@@ -187,6 +199,7 @@ static int hpfs_create(struct inode *dir, struct dentry *dentry, umode_t mode, b |
5905 |
+ result->i_mode = mode | S_IFREG; |
5906 |
+ hpfs_write_inode_nolock(result); |
5907 |
+ } |
5908 |
++ hpfs_update_directory_times(dir); |
5909 |
+ d_instantiate(dentry, result); |
5910 |
+ hpfs_unlock(dir->i_sb); |
5911 |
+ return 0; |
5912 |
+@@ -262,6 +275,7 @@ static int hpfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, de |
5913 |
+ insert_inode_hash(result); |
5914 |
+ |
5915 |
+ hpfs_write_inode_nolock(result); |
5916 |
++ hpfs_update_directory_times(dir); |
5917 |
+ d_instantiate(dentry, result); |
5918 |
+ brelse(bh); |
5919 |
+ hpfs_unlock(dir->i_sb); |
5920 |
+@@ -340,6 +354,7 @@ static int hpfs_symlink(struct inode *dir, struct dentry *dentry, const char *sy |
5921 |
+ insert_inode_hash(result); |
5922 |
+ |
5923 |
+ hpfs_write_inode_nolock(result); |
5924 |
++ hpfs_update_directory_times(dir); |
5925 |
+ d_instantiate(dentry, result); |
5926 |
+ hpfs_unlock(dir->i_sb); |
5927 |
+ return 0; |
5928 |
+@@ -423,6 +438,8 @@ again: |
5929 |
+ out1: |
5930 |
+ hpfs_brelse4(&qbh); |
5931 |
+ out: |
5932 |
++ if (!err) |
5933 |
++ hpfs_update_directory_times(dir); |
5934 |
+ hpfs_unlock(dir->i_sb); |
5935 |
+ return err; |
5936 |
+ } |
5937 |
+@@ -477,6 +494,8 @@ static int hpfs_rmdir(struct inode *dir, struct dentry *dentry) |
5938 |
+ out1: |
5939 |
+ hpfs_brelse4(&qbh); |
5940 |
+ out: |
5941 |
++ if (!err) |
5942 |
++ hpfs_update_directory_times(dir); |
5943 |
+ hpfs_unlock(dir->i_sb); |
5944 |
+ return err; |
5945 |
+ } |
5946 |
+@@ -595,7 +614,7 @@ static int hpfs_rename(struct inode *old_dir, struct dentry *old_dentry, |
5947 |
+ goto end1; |
5948 |
+ } |
5949 |
+ |
5950 |
+- end: |
5951 |
++end: |
5952 |
+ hpfs_i(i)->i_parent_dir = new_dir->i_ino; |
5953 |
+ if (S_ISDIR(i->i_mode)) { |
5954 |
+ inc_nlink(new_dir); |
5955 |
+@@ -610,6 +629,10 @@ static int hpfs_rename(struct inode *old_dir, struct dentry *old_dentry, |
5956 |
+ brelse(bh); |
5957 |
+ } |
5958 |
+ end1: |
5959 |
++ if (!err) { |
5960 |
++ hpfs_update_directory_times(old_dir); |
5961 |
++ hpfs_update_directory_times(new_dir); |
5962 |
++ } |
5963 |
+ hpfs_unlock(i->i_sb); |
5964 |
+ return err; |
5965 |
+ } |
5966 |
+diff --git a/fs/internal.h b/fs/internal.h |
5967 |
+index 757ba2abf21e..53279bd90b72 100644 |
5968 |
+--- a/fs/internal.h |
5969 |
++++ b/fs/internal.h |
5970 |
+@@ -106,6 +106,7 @@ extern struct file *do_file_open_root(struct dentry *, struct vfsmount *, |
5971 |
+ extern long do_handle_open(int mountdirfd, |
5972 |
+ struct file_handle __user *ufh, int open_flag); |
5973 |
+ extern int open_check_o_direct(struct file *f); |
5974 |
++extern int vfs_open(const struct path *, struct file *, const struct cred *); |
5975 |
+ |
5976 |
+ /* |
5977 |
+ * inode.c |
5978 |
+diff --git a/fs/namei.c b/fs/namei.c |
5979 |
+index d20f061cddd3..be3d538d56b3 100644 |
5980 |
+--- a/fs/namei.c |
5981 |
++++ b/fs/namei.c |
5982 |
+@@ -487,6 +487,24 @@ void path_put(const struct path *path) |
5983 |
+ } |
5984 |
+ EXPORT_SYMBOL(path_put); |
5985 |
+ |
5986 |
++/** |
5987 |
++ * path_connected - Verify that a path->dentry is below path->mnt.mnt_root |
5988 |
++ * @path: nameidate to verify |
5989 |
++ * |
5990 |
++ * Rename can sometimes move a file or directory outside of a bind |
5991 |
++ * mount, path_connected allows those cases to be detected. |
5992 |
++ */ |
5993 |
++static bool path_connected(const struct path *path) |
5994 |
++{ |
5995 |
++ struct vfsmount *mnt = path->mnt; |
5996 |
++ |
5997 |
++ /* Only bind mounts can have disconnected paths */ |
5998 |
++ if (mnt->mnt_root == mnt->mnt_sb->s_root) |
5999 |
++ return true; |
6000 |
++ |
6001 |
++ return is_subdir(path->dentry, mnt->mnt_root); |
6002 |
++} |
6003 |
++ |
6004 |
+ /* |
6005 |
+ * Path walking has 2 modes, rcu-walk and ref-walk (see |
6006 |
+ * Documentation/filesystems/path-lookup.txt). In situations when we can't |
6007 |
+@@ -1164,6 +1182,8 @@ static int follow_dotdot_rcu(struct nameidata *nd) |
6008 |
+ goto failed; |
6009 |
+ nd->path.dentry = parent; |
6010 |
+ nd->seq = seq; |
6011 |
++ if (unlikely(!path_connected(&nd->path))) |
6012 |
++ goto failed; |
6013 |
+ break; |
6014 |
+ } |
6015 |
+ if (!follow_up_rcu(&nd->path)) |
6016 |
+@@ -1260,7 +1280,7 @@ static void follow_mount(struct path *path) |
6017 |
+ } |
6018 |
+ } |
6019 |
+ |
6020 |
+-static void follow_dotdot(struct nameidata *nd) |
6021 |
++static int follow_dotdot(struct nameidata *nd) |
6022 |
+ { |
6023 |
+ if (!nd->root.mnt) |
6024 |
+ set_root(nd); |
6025 |
+@@ -1276,6 +1296,10 @@ static void follow_dotdot(struct nameidata *nd) |
6026 |
+ /* rare case of legitimate dget_parent()... */ |
6027 |
+ nd->path.dentry = dget_parent(nd->path.dentry); |
6028 |
+ dput(old); |
6029 |
++ if (unlikely(!path_connected(&nd->path))) { |
6030 |
++ path_put(&nd->path); |
6031 |
++ return -ENOENT; |
6032 |
++ } |
6033 |
+ break; |
6034 |
+ } |
6035 |
+ if (!follow_up(&nd->path)) |
6036 |
+@@ -1283,6 +1307,7 @@ static void follow_dotdot(struct nameidata *nd) |
6037 |
+ } |
6038 |
+ follow_mount(&nd->path); |
6039 |
+ nd->inode = nd->path.dentry->d_inode; |
6040 |
++ return 0; |
6041 |
+ } |
6042 |
+ |
6043 |
+ /* |
6044 |
+@@ -1503,7 +1528,7 @@ static inline int handle_dots(struct nameidata *nd, int type) |
6045 |
+ if (follow_dotdot_rcu(nd)) |
6046 |
+ return -ECHILD; |
6047 |
+ } else |
6048 |
+- follow_dotdot(nd); |
6049 |
++ return follow_dotdot(nd); |
6050 |
+ } |
6051 |
+ return 0; |
6052 |
+ } |
6053 |
+@@ -2239,7 +2264,7 @@ mountpoint_last(struct nameidata *nd, struct path *path) |
6054 |
+ if (unlikely(nd->last_type != LAST_NORM)) { |
6055 |
+ error = handle_dots(nd, nd->last_type); |
6056 |
+ if (error) |
6057 |
+- goto out; |
6058 |
++ return error; |
6059 |
+ dentry = dget(nd->path.dentry); |
6060 |
+ goto done; |
6061 |
+ } |
6062 |
+diff --git a/fs/nfs/filelayout/filelayout.c b/fs/nfs/filelayout/filelayout.c |
6063 |
+index 7afb52f6a25a..32879965b255 100644 |
6064 |
+--- a/fs/nfs/filelayout/filelayout.c |
6065 |
++++ b/fs/nfs/filelayout/filelayout.c |
6066 |
+@@ -682,23 +682,18 @@ out_put: |
6067 |
+ goto out; |
6068 |
+ } |
6069 |
+ |
6070 |
+-static void filelayout_free_fh_array(struct nfs4_filelayout_segment *fl) |
6071 |
++static void _filelayout_free_lseg(struct nfs4_filelayout_segment *fl) |
6072 |
+ { |
6073 |
+ int i; |
6074 |
+ |
6075 |
+- for (i = 0; i < fl->num_fh; i++) { |
6076 |
+- if (!fl->fh_array[i]) |
6077 |
+- break; |
6078 |
+- kfree(fl->fh_array[i]); |
6079 |
++ if (fl->fh_array) { |
6080 |
++ for (i = 0; i < fl->num_fh; i++) { |
6081 |
++ if (!fl->fh_array[i]) |
6082 |
++ break; |
6083 |
++ kfree(fl->fh_array[i]); |
6084 |
++ } |
6085 |
++ kfree(fl->fh_array); |
6086 |
+ } |
6087 |
+- kfree(fl->fh_array); |
6088 |
+- fl->fh_array = NULL; |
6089 |
+-} |
6090 |
+- |
6091 |
+-static void |
6092 |
+-_filelayout_free_lseg(struct nfs4_filelayout_segment *fl) |
6093 |
+-{ |
6094 |
+- filelayout_free_fh_array(fl); |
6095 |
+ kfree(fl); |
6096 |
+ } |
6097 |
+ |
6098 |
+@@ -769,21 +764,21 @@ filelayout_decode_layout(struct pnfs_layout_hdr *flo, |
6099 |
+ /* Do we want to use a mempool here? */ |
6100 |
+ fl->fh_array[i] = kmalloc(sizeof(struct nfs_fh), gfp_flags); |
6101 |
+ if (!fl->fh_array[i]) |
6102 |
+- goto out_err_free; |
6103 |
++ goto out_err; |
6104 |
+ |
6105 |
+ p = xdr_inline_decode(&stream, 4); |
6106 |
+ if (unlikely(!p)) |
6107 |
+- goto out_err_free; |
6108 |
++ goto out_err; |
6109 |
+ fl->fh_array[i]->size = be32_to_cpup(p++); |
6110 |
+ if (sizeof(struct nfs_fh) < fl->fh_array[i]->size) { |
6111 |
+ printk(KERN_ERR "NFS: Too big fh %d received %d\n", |
6112 |
+ i, fl->fh_array[i]->size); |
6113 |
+- goto out_err_free; |
6114 |
++ goto out_err; |
6115 |
+ } |
6116 |
+ |
6117 |
+ p = xdr_inline_decode(&stream, fl->fh_array[i]->size); |
6118 |
+ if (unlikely(!p)) |
6119 |
+- goto out_err_free; |
6120 |
++ goto out_err; |
6121 |
+ memcpy(fl->fh_array[i]->data, p, fl->fh_array[i]->size); |
6122 |
+ dprintk("DEBUG: %s: fh len %d\n", __func__, |
6123 |
+ fl->fh_array[i]->size); |
6124 |
+@@ -792,8 +787,6 @@ filelayout_decode_layout(struct pnfs_layout_hdr *flo, |
6125 |
+ __free_page(scratch); |
6126 |
+ return 0; |
6127 |
+ |
6128 |
+-out_err_free: |
6129 |
+- filelayout_free_fh_array(fl); |
6130 |
+ out_err: |
6131 |
+ __free_page(scratch); |
6132 |
+ return -EIO; |
6133 |
+diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c |
6134 |
+index c9ff4a176a25..123a494d018b 100644 |
6135 |
+--- a/fs/nfs/nfs4proc.c |
6136 |
++++ b/fs/nfs/nfs4proc.c |
6137 |
+@@ -2346,7 +2346,7 @@ static int _nfs4_do_open(struct inode *dir, |
6138 |
+ goto err_free_label; |
6139 |
+ state = ctx->state; |
6140 |
+ |
6141 |
+- if ((opendata->o_arg.open_flags & O_EXCL) && |
6142 |
++ if ((opendata->o_arg.open_flags & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL) && |
6143 |
+ (opendata->o_arg.createmode != NFS4_CREATE_GUARDED)) { |
6144 |
+ nfs4_exclusive_attrset(opendata, sattr); |
6145 |
+ |
6146 |
+@@ -8443,6 +8443,7 @@ static const struct nfs4_minor_version_ops nfs_v4_2_minor_ops = { |
6147 |
+ .reboot_recovery_ops = &nfs41_reboot_recovery_ops, |
6148 |
+ .nograce_recovery_ops = &nfs41_nograce_recovery_ops, |
6149 |
+ .state_renewal_ops = &nfs41_state_renewal_ops, |
6150 |
++ .mig_recovery_ops = &nfs41_mig_recovery_ops, |
6151 |
+ }; |
6152 |
+ #endif |
6153 |
+ |
6154 |
+diff --git a/fs/nfs/pagelist.c b/fs/nfs/pagelist.c |
6155 |
+index ed0db61f8543..54631609d601 100644 |
6156 |
+--- a/fs/nfs/pagelist.c |
6157 |
++++ b/fs/nfs/pagelist.c |
6158 |
+@@ -63,8 +63,8 @@ EXPORT_SYMBOL_GPL(nfs_pgheader_init); |
6159 |
+ void nfs_set_pgio_error(struct nfs_pgio_header *hdr, int error, loff_t pos) |
6160 |
+ { |
6161 |
+ spin_lock(&hdr->lock); |
6162 |
+- if (pos < hdr->io_start + hdr->good_bytes) { |
6163 |
+- set_bit(NFS_IOHDR_ERROR, &hdr->flags); |
6164 |
++ if (!test_and_set_bit(NFS_IOHDR_ERROR, &hdr->flags) |
6165 |
++ || pos < hdr->io_start + hdr->good_bytes) { |
6166 |
+ clear_bit(NFS_IOHDR_EOF, &hdr->flags); |
6167 |
+ hdr->good_bytes = pos - hdr->io_start; |
6168 |
+ hdr->error = error; |
6169 |
+@@ -486,7 +486,7 @@ size_t nfs_generic_pg_test(struct nfs_pageio_descriptor *desc, |
6170 |
+ * for it without upsetting the slab allocator. |
6171 |
+ */ |
6172 |
+ if (((desc->pg_count + req->wb_bytes) >> PAGE_SHIFT) * |
6173 |
+- sizeof(struct page) > PAGE_SIZE) |
6174 |
++ sizeof(struct page *) > PAGE_SIZE) |
6175 |
+ return 0; |
6176 |
+ |
6177 |
+ return min(desc->pg_bsize - desc->pg_count, (size_t)req->wb_bytes); |
6178 |
+diff --git a/fs/ocfs2/dlm/dlmmaster.c b/fs/ocfs2/dlm/dlmmaster.c |
6179 |
+index 9ec1eea7c3a3..5972f5a30713 100644 |
6180 |
+--- a/fs/ocfs2/dlm/dlmmaster.c |
6181 |
++++ b/fs/ocfs2/dlm/dlmmaster.c |
6182 |
+@@ -1447,6 +1447,7 @@ int dlm_master_request_handler(struct o2net_msg *msg, u32 len, void *data, |
6183 |
+ int found, ret; |
6184 |
+ int set_maybe; |
6185 |
+ int dispatch_assert = 0; |
6186 |
++ int dispatched = 0; |
6187 |
+ |
6188 |
+ if (!dlm_grab(dlm)) |
6189 |
+ return DLM_MASTER_RESP_NO; |
6190 |
+@@ -1653,14 +1654,17 @@ send_response: |
6191 |
+ mlog(ML_ERROR, "failed to dispatch assert master work\n"); |
6192 |
+ response = DLM_MASTER_RESP_ERROR; |
6193 |
+ dlm_lockres_put(res); |
6194 |
+- } else |
6195 |
++ } else { |
6196 |
++ dispatched = 1; |
6197 |
+ dlm_lockres_grab_inflight_worker(dlm, res); |
6198 |
++ } |
6199 |
+ } else { |
6200 |
+ if (res) |
6201 |
+ dlm_lockres_put(res); |
6202 |
+ } |
6203 |
+ |
6204 |
+- dlm_put(dlm); |
6205 |
++ if (!dispatched) |
6206 |
++ dlm_put(dlm); |
6207 |
+ return response; |
6208 |
+ } |
6209 |
+ |
6210 |
+@@ -2084,7 +2088,6 @@ int dlm_dispatch_assert_master(struct dlm_ctxt *dlm, |
6211 |
+ |
6212 |
+ |
6213 |
+ /* queue up work for dlm_assert_master_worker */ |
6214 |
+- dlm_grab(dlm); /* get an extra ref for the work item */ |
6215 |
+ dlm_init_work_item(dlm, item, dlm_assert_master_worker, NULL); |
6216 |
+ item->u.am.lockres = res; /* already have a ref */ |
6217 |
+ /* can optionally ignore node numbers higher than this node */ |
6218 |
+diff --git a/fs/ocfs2/dlm/dlmrecovery.c b/fs/ocfs2/dlm/dlmrecovery.c |
6219 |
+index 3365839d2971..8632f9c5fb5d 100644 |
6220 |
+--- a/fs/ocfs2/dlm/dlmrecovery.c |
6221 |
++++ b/fs/ocfs2/dlm/dlmrecovery.c |
6222 |
+@@ -1687,6 +1687,7 @@ int dlm_master_requery_handler(struct o2net_msg *msg, u32 len, void *data, |
6223 |
+ unsigned int hash; |
6224 |
+ int master = DLM_LOCK_RES_OWNER_UNKNOWN; |
6225 |
+ u32 flags = DLM_ASSERT_MASTER_REQUERY; |
6226 |
++ int dispatched = 0; |
6227 |
+ |
6228 |
+ if (!dlm_grab(dlm)) { |
6229 |
+ /* since the domain has gone away on this |
6230 |
+@@ -1708,8 +1709,10 @@ int dlm_master_requery_handler(struct o2net_msg *msg, u32 len, void *data, |
6231 |
+ mlog_errno(-ENOMEM); |
6232 |
+ /* retry!? */ |
6233 |
+ BUG(); |
6234 |
+- } else |
6235 |
++ } else { |
6236 |
++ dispatched = 1; |
6237 |
+ __dlm_lockres_grab_inflight_worker(dlm, res); |
6238 |
++ } |
6239 |
+ spin_unlock(&res->spinlock); |
6240 |
+ } else { |
6241 |
+ /* put.. incase we are not the master */ |
6242 |
+@@ -1719,7 +1722,8 @@ int dlm_master_requery_handler(struct o2net_msg *msg, u32 len, void *data, |
6243 |
+ } |
6244 |
+ spin_unlock(&dlm->spinlock); |
6245 |
+ |
6246 |
+- dlm_put(dlm); |
6247 |
++ if (!dispatched) |
6248 |
++ dlm_put(dlm); |
6249 |
+ return master; |
6250 |
+ } |
6251 |
+ |
6252 |
+diff --git a/fs/open.c b/fs/open.c |
6253 |
+index 4a8a355ffab8..d058ff1b841b 100644 |
6254 |
+--- a/fs/open.c |
6255 |
++++ b/fs/open.c |
6256 |
+@@ -665,18 +665,18 @@ int open_check_o_direct(struct file *f) |
6257 |
+ } |
6258 |
+ |
6259 |
+ static int do_dentry_open(struct file *f, |
6260 |
++ struct inode *inode, |
6261 |
+ int (*open)(struct inode *, struct file *), |
6262 |
+ const struct cred *cred) |
6263 |
+ { |
6264 |
+ static const struct file_operations empty_fops = {}; |
6265 |
+- struct inode *inode; |
6266 |
+ int error; |
6267 |
+ |
6268 |
+ f->f_mode = OPEN_FMODE(f->f_flags) | FMODE_LSEEK | |
6269 |
+ FMODE_PREAD | FMODE_PWRITE; |
6270 |
+ |
6271 |
+ path_get(&f->f_path); |
6272 |
+- inode = f->f_inode = f->f_path.dentry->d_inode; |
6273 |
++ f->f_inode = inode; |
6274 |
+ f->f_mapping = inode->i_mapping; |
6275 |
+ |
6276 |
+ if (unlikely(f->f_flags & O_PATH)) { |
6277 |
+@@ -780,7 +780,8 @@ int finish_open(struct file *file, struct dentry *dentry, |
6278 |
+ BUG_ON(*opened & FILE_OPENED); /* once it's opened, it's opened */ |
6279 |
+ |
6280 |
+ file->f_path.dentry = dentry; |
6281 |
+- error = do_dentry_open(file, open, current_cred()); |
6282 |
++ error = do_dentry_open(file, d_backing_inode(dentry), open, |
6283 |
++ current_cred()); |
6284 |
+ if (!error) |
6285 |
+ *opened |= FILE_OPENED; |
6286 |
+ |
6287 |
+@@ -809,6 +810,28 @@ int finish_no_open(struct file *file, struct dentry *dentry) |
6288 |
+ } |
6289 |
+ EXPORT_SYMBOL(finish_no_open); |
6290 |
+ |
6291 |
++/** |
6292 |
++ * vfs_open - open the file at the given path |
6293 |
++ * @path: path to open |
6294 |
++ * @file: newly allocated file with f_flag initialized |
6295 |
++ * @cred: credentials to use |
6296 |
++ */ |
6297 |
++int vfs_open(const struct path *path, struct file *file, |
6298 |
++ const struct cred *cred) |
6299 |
++{ |
6300 |
++ struct dentry *dentry = path->dentry; |
6301 |
++ struct inode *inode = dentry->d_inode; |
6302 |
++ |
6303 |
++ file->f_path = *path; |
6304 |
++ if (dentry->d_flags & DCACHE_OP_SELECT_INODE) { |
6305 |
++ inode = dentry->d_op->d_select_inode(dentry, file->f_flags); |
6306 |
++ if (IS_ERR(inode)) |
6307 |
++ return PTR_ERR(inode); |
6308 |
++ } |
6309 |
++ |
6310 |
++ return do_dentry_open(file, inode, NULL, cred); |
6311 |
++} |
6312 |
++ |
6313 |
+ struct file *dentry_open(const struct path *path, int flags, |
6314 |
+ const struct cred *cred) |
6315 |
+ { |
6316 |
+@@ -840,26 +863,6 @@ struct file *dentry_open(const struct path *path, int flags, |
6317 |
+ } |
6318 |
+ EXPORT_SYMBOL(dentry_open); |
6319 |
+ |
6320 |
+-/** |
6321 |
+- * vfs_open - open the file at the given path |
6322 |
+- * @path: path to open |
6323 |
+- * @filp: newly allocated file with f_flag initialized |
6324 |
+- * @cred: credentials to use |
6325 |
+- */ |
6326 |
+-int vfs_open(const struct path *path, struct file *filp, |
6327 |
+- const struct cred *cred) |
6328 |
+-{ |
6329 |
+- struct inode *inode = path->dentry->d_inode; |
6330 |
+- |
6331 |
+- if (inode->i_op->dentry_open) |
6332 |
+- return inode->i_op->dentry_open(path->dentry, filp, cred); |
6333 |
+- else { |
6334 |
+- filp->f_path = *path; |
6335 |
+- return do_dentry_open(filp, NULL, cred); |
6336 |
+- } |
6337 |
+-} |
6338 |
+-EXPORT_SYMBOL(vfs_open); |
6339 |
+- |
6340 |
+ static inline int build_open_flags(int flags, umode_t mode, struct open_flags *op) |
6341 |
+ { |
6342 |
+ int lookup_flags = 0; |
6343 |
+diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c |
6344 |
+index 07d74b24913b..e3903b74a1f2 100644 |
6345 |
+--- a/fs/overlayfs/inode.c |
6346 |
++++ b/fs/overlayfs/inode.c |
6347 |
+@@ -333,37 +333,33 @@ static bool ovl_open_need_copy_up(int flags, enum ovl_path_type type, |
6348 |
+ return true; |
6349 |
+ } |
6350 |
+ |
6351 |
+-static int ovl_dentry_open(struct dentry *dentry, struct file *file, |
6352 |
+- const struct cred *cred) |
6353 |
++struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags) |
6354 |
+ { |
6355 |
+ int err; |
6356 |
+ struct path realpath; |
6357 |
+ enum ovl_path_type type; |
6358 |
+- bool want_write = false; |
6359 |
++ |
6360 |
++ if (d_is_dir(dentry)) |
6361 |
++ return d_backing_inode(dentry); |
6362 |
+ |
6363 |
+ type = ovl_path_real(dentry, &realpath); |
6364 |
+- if (ovl_open_need_copy_up(file->f_flags, type, realpath.dentry)) { |
6365 |
+- want_write = true; |
6366 |
++ if (ovl_open_need_copy_up(file_flags, type, realpath.dentry)) { |
6367 |
+ err = ovl_want_write(dentry); |
6368 |
+ if (err) |
6369 |
+- goto out; |
6370 |
++ return ERR_PTR(err); |
6371 |
+ |
6372 |
+- if (file->f_flags & O_TRUNC) |
6373 |
++ if (file_flags & O_TRUNC) |
6374 |
+ err = ovl_copy_up_last(dentry, NULL, true); |
6375 |
+ else |
6376 |
+ err = ovl_copy_up(dentry); |
6377 |
++ ovl_drop_write(dentry); |
6378 |
+ if (err) |
6379 |
+- goto out_drop_write; |
6380 |
++ return ERR_PTR(err); |
6381 |
+ |
6382 |
+ ovl_path_upper(dentry, &realpath); |
6383 |
+ } |
6384 |
+ |
6385 |
+- err = vfs_open(&realpath, file, cred); |
6386 |
+-out_drop_write: |
6387 |
+- if (want_write) |
6388 |
+- ovl_drop_write(dentry); |
6389 |
+-out: |
6390 |
+- return err; |
6391 |
++ return d_backing_inode(realpath.dentry); |
6392 |
+ } |
6393 |
+ |
6394 |
+ static const struct inode_operations ovl_file_inode_operations = { |
6395 |
+@@ -374,7 +370,6 @@ static const struct inode_operations ovl_file_inode_operations = { |
6396 |
+ .getxattr = ovl_getxattr, |
6397 |
+ .listxattr = ovl_listxattr, |
6398 |
+ .removexattr = ovl_removexattr, |
6399 |
+- .dentry_open = ovl_dentry_open, |
6400 |
+ }; |
6401 |
+ |
6402 |
+ static const struct inode_operations ovl_symlink_inode_operations = { |
6403 |
+diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h |
6404 |
+index 814bed33dd07..1714fcc7603e 100644 |
6405 |
+--- a/fs/overlayfs/overlayfs.h |
6406 |
++++ b/fs/overlayfs/overlayfs.h |
6407 |
+@@ -165,6 +165,7 @@ ssize_t ovl_getxattr(struct dentry *dentry, const char *name, |
6408 |
+ void *value, size_t size); |
6409 |
+ ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size); |
6410 |
+ int ovl_removexattr(struct dentry *dentry, const char *name); |
6411 |
++struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags); |
6412 |
+ |
6413 |
+ struct inode *ovl_new_inode(struct super_block *sb, umode_t mode, |
6414 |
+ struct ovl_entry *oe); |
6415 |
+diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c |
6416 |
+index f16d318b71f8..6256c8ed52c9 100644 |
6417 |
+--- a/fs/overlayfs/super.c |
6418 |
++++ b/fs/overlayfs/super.c |
6419 |
+@@ -269,6 +269,7 @@ static void ovl_dentry_release(struct dentry *dentry) |
6420 |
+ |
6421 |
+ static const struct dentry_operations ovl_dentry_operations = { |
6422 |
+ .d_release = ovl_dentry_release, |
6423 |
++ .d_select_inode = ovl_d_select_inode, |
6424 |
+ }; |
6425 |
+ |
6426 |
+ static struct ovl_entry *ovl_alloc_entry(void) |
6427 |
+diff --git a/include/linux/dcache.h b/include/linux/dcache.h |
6428 |
+index 1c2f1b84468b..340ee0dae93b 100644 |
6429 |
+--- a/include/linux/dcache.h |
6430 |
++++ b/include/linux/dcache.h |
6431 |
+@@ -160,6 +160,7 @@ struct dentry_operations { |
6432 |
+ char *(*d_dname)(struct dentry *, char *, int); |
6433 |
+ struct vfsmount *(*d_automount)(struct path *); |
6434 |
+ int (*d_manage)(struct dentry *, bool); |
6435 |
++ struct inode *(*d_select_inode)(struct dentry *, unsigned); |
6436 |
+ } ____cacheline_aligned; |
6437 |
+ |
6438 |
+ /* |
6439 |
+@@ -222,6 +223,7 @@ struct dentry_operations { |
6440 |
+ #define DCACHE_FILE_TYPE 0x00400000 /* Other file type */ |
6441 |
+ |
6442 |
+ #define DCACHE_MAY_FREE 0x00800000 |
6443 |
++#define DCACHE_OP_SELECT_INODE 0x02000000 /* Unioned entry: dcache op selects inode */ |
6444 |
+ |
6445 |
+ extern seqlock_t rename_lock; |
6446 |
+ |
6447 |
+@@ -468,4 +470,61 @@ static inline unsigned long vfs_pressure_ratio(unsigned long val) |
6448 |
+ { |
6449 |
+ return mult_frac(val, sysctl_vfs_cache_pressure, 100); |
6450 |
+ } |
6451 |
++ |
6452 |
++/** |
6453 |
++ * d_inode - Get the actual inode of this dentry |
6454 |
++ * @dentry: The dentry to query |
6455 |
++ * |
6456 |
++ * This is the helper normal filesystems should use to get at their own inodes |
6457 |
++ * in their own dentries and ignore the layering superimposed upon them. |
6458 |
++ */ |
6459 |
++static inline struct inode *d_inode(const struct dentry *dentry) |
6460 |
++{ |
6461 |
++ return dentry->d_inode; |
6462 |
++} |
6463 |
++ |
6464 |
++/** |
6465 |
++ * d_inode_rcu - Get the actual inode of this dentry with ACCESS_ONCE() |
6466 |
++ * @dentry: The dentry to query |
6467 |
++ * |
6468 |
++ * This is the helper normal filesystems should use to get at their own inodes |
6469 |
++ * in their own dentries and ignore the layering superimposed upon them. |
6470 |
++ */ |
6471 |
++static inline struct inode *d_inode_rcu(const struct dentry *dentry) |
6472 |
++{ |
6473 |
++ return ACCESS_ONCE(dentry->d_inode); |
6474 |
++} |
6475 |
++ |
6476 |
++/** |
6477 |
++ * d_backing_inode - Get upper or lower inode we should be using |
6478 |
++ * @upper: The upper layer |
6479 |
++ * |
6480 |
++ * This is the helper that should be used to get at the inode that will be used |
6481 |
++ * if this dentry were to be opened as a file. The inode may be on the upper |
6482 |
++ * dentry or it may be on a lower dentry pinned by the upper. |
6483 |
++ * |
6484 |
++ * Normal filesystems should not use this to access their own inodes. |
6485 |
++ */ |
6486 |
++static inline struct inode *d_backing_inode(const struct dentry *upper) |
6487 |
++{ |
6488 |
++ struct inode *inode = upper->d_inode; |
6489 |
++ |
6490 |
++ return inode; |
6491 |
++} |
6492 |
++ |
6493 |
++/** |
6494 |
++ * d_backing_dentry - Get upper or lower dentry we should be using |
6495 |
++ * @upper: The upper layer |
6496 |
++ * |
6497 |
++ * This is the helper that should be used to get the dentry of the inode that |
6498 |
++ * will be used if this dentry were opened as a file. It may be the upper |
6499 |
++ * dentry or it may be a lower dentry pinned by the upper. |
6500 |
++ * |
6501 |
++ * Normal filesystems should not use this to access their own dentries. |
6502 |
++ */ |
6503 |
++static inline struct dentry *d_backing_dentry(struct dentry *upper) |
6504 |
++{ |
6505 |
++ return upper; |
6506 |
++} |
6507 |
++ |
6508 |
+ #endif /* __LINUX_DCACHE_H */ |
6509 |
+diff --git a/include/linux/fs.h b/include/linux/fs.h |
6510 |
+index 84d672914bd8..6fd017e25c0a 100644 |
6511 |
+--- a/include/linux/fs.h |
6512 |
++++ b/include/linux/fs.h |
6513 |
+@@ -1552,7 +1552,6 @@ struct inode_operations { |
6514 |
+ int (*set_acl)(struct inode *, struct posix_acl *, int); |
6515 |
+ |
6516 |
+ /* WARNING: probably going away soon, do not use! */ |
6517 |
+- int (*dentry_open)(struct dentry *, struct file *, const struct cred *); |
6518 |
+ } ____cacheline_aligned; |
6519 |
+ |
6520 |
+ ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector, |
6521 |
+@@ -2068,7 +2067,6 @@ extern struct file *file_open_name(struct filename *, int, umode_t); |
6522 |
+ extern struct file *filp_open(const char *, int, umode_t); |
6523 |
+ extern struct file *file_open_root(struct dentry *, struct vfsmount *, |
6524 |
+ const char *, int); |
6525 |
+-extern int vfs_open(const struct path *, struct file *, const struct cred *); |
6526 |
+ extern struct file * dentry_open(const struct path *, int, const struct cred *); |
6527 |
+ extern int filp_close(struct file *, fl_owner_t id); |
6528 |
+ |
6529 |
+diff --git a/include/linux/if_link.h b/include/linux/if_link.h |
6530 |
+index 119130e9298b..da4929927f69 100644 |
6531 |
+--- a/include/linux/if_link.h |
6532 |
++++ b/include/linux/if_link.h |
6533 |
+@@ -14,5 +14,6 @@ struct ifla_vf_info { |
6534 |
+ __u32 linkstate; |
6535 |
+ __u32 min_tx_rate; |
6536 |
+ __u32 max_tx_rate; |
6537 |
++ __u32 rss_query_en; |
6538 |
+ }; |
6539 |
+ #endif /* _LINUX_IF_LINK_H */ |
6540 |
+diff --git a/include/linux/iio/iio.h b/include/linux/iio/iio.h |
6541 |
+index 15dc6bc2bdd2..6c17af80823c 100644 |
6542 |
+--- a/include/linux/iio/iio.h |
6543 |
++++ b/include/linux/iio/iio.h |
6544 |
+@@ -614,6 +614,15 @@ int iio_str_to_fixpoint(const char *str, int fract_mult, int *integer, |
6545 |
+ #define IIO_DEGREE_TO_RAD(deg) (((deg) * 314159ULL + 9000000ULL) / 18000000ULL) |
6546 |
+ |
6547 |
+ /** |
6548 |
++ * IIO_RAD_TO_DEGREE() - Convert rad to degree |
6549 |
++ * @rad: A value in rad |
6550 |
++ * |
6551 |
++ * Returns the given value converted from rad to degree |
6552 |
++ */ |
6553 |
++#define IIO_RAD_TO_DEGREE(rad) \ |
6554 |
++ (((rad) * 18000000ULL + 314159ULL / 2) / 314159ULL) |
6555 |
++ |
6556 |
++/** |
6557 |
+ * IIO_G_TO_M_S_2() - Convert g to meter / second**2 |
6558 |
+ * @g: A value in g |
6559 |
+ * |
6560 |
+@@ -621,4 +630,12 @@ int iio_str_to_fixpoint(const char *str, int fract_mult, int *integer, |
6561 |
+ */ |
6562 |
+ #define IIO_G_TO_M_S_2(g) ((g) * 980665ULL / 100000ULL) |
6563 |
+ |
6564 |
++/** |
6565 |
++ * IIO_M_S_2_TO_G() - Convert meter / second**2 to g |
6566 |
++ * @ms2: A value in meter / second**2 |
6567 |
++ * |
6568 |
++ * Returns the given value converted from meter / second**2 to g |
6569 |
++ */ |
6570 |
++#define IIO_M_S_2_TO_G(ms2) (((ms2) * 100000ULL + 980665ULL / 2) / 980665ULL) |
6571 |
++ |
6572 |
+ #endif /* _INDUSTRIAL_IO_H_ */ |
6573 |
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h |
6574 |
+index c3fd34da6c08..70fde9c5c61d 100644 |
6575 |
+--- a/include/linux/netdevice.h |
6576 |
++++ b/include/linux/netdevice.h |
6577 |
+@@ -859,6 +859,11 @@ typedef u16 (*select_queue_fallback_t)(struct net_device *dev, |
6578 |
+ * int (*ndo_set_vf_link_state)(struct net_device *dev, int vf, int link_state); |
6579 |
+ * int (*ndo_set_vf_port)(struct net_device *dev, int vf, |
6580 |
+ * struct nlattr *port[]); |
6581 |
++ * |
6582 |
++ * Enable or disable the VF ability to query its RSS Redirection Table and |
6583 |
++ * Hash Key. This is needed since on some devices VF share this information |
6584 |
++ * with PF and querying it may adduce a theoretical security risk. |
6585 |
++ * int (*ndo_set_vf_rss_query_en)(struct net_device *dev, int vf, bool setting); |
6586 |
+ * int (*ndo_get_vf_port)(struct net_device *dev, int vf, struct sk_buff *skb); |
6587 |
+ * int (*ndo_setup_tc)(struct net_device *dev, u8 tc) |
6588 |
+ * Called to setup 'tc' number of traffic classes in the net device. This |
6589 |
+@@ -1071,6 +1076,9 @@ struct net_device_ops { |
6590 |
+ struct nlattr *port[]); |
6591 |
+ int (*ndo_get_vf_port)(struct net_device *dev, |
6592 |
+ int vf, struct sk_buff *skb); |
6593 |
++ int (*ndo_set_vf_rss_query_en)( |
6594 |
++ struct net_device *dev, |
6595 |
++ int vf, bool setting); |
6596 |
+ int (*ndo_setup_tc)(struct net_device *dev, u8 tc); |
6597 |
+ #if IS_ENABLED(CONFIG_FCOE) |
6598 |
+ int (*ndo_fcoe_enable)(struct net_device *dev); |
6599 |
+diff --git a/include/linux/security.h b/include/linux/security.h |
6600 |
+index ba96471c11ba..ea9eda4abdd5 100644 |
6601 |
+--- a/include/linux/security.h |
6602 |
++++ b/include/linux/security.h |
6603 |
+@@ -2471,7 +2471,7 @@ static inline int security_task_prctl(int option, unsigned long arg2, |
6604 |
+ unsigned long arg4, |
6605 |
+ unsigned long arg5) |
6606 |
+ { |
6607 |
+- return cap_task_prctl(option, arg2, arg3, arg3, arg5); |
6608 |
++ return cap_task_prctl(option, arg2, arg3, arg4, arg5); |
6609 |
+ } |
6610 |
+ |
6611 |
+ static inline void security_task_to_inode(struct task_struct *p, struct inode *inode) |
6612 |
+diff --git a/include/target/iscsi/iscsi_target_core.h b/include/target/iscsi/iscsi_target_core.h |
6613 |
+new file mode 100644 |
6614 |
+index 000000000000..7bd03f867fca |
6615 |
+--- /dev/null |
6616 |
++++ b/include/target/iscsi/iscsi_target_core.h |
6617 |
+@@ -0,0 +1,904 @@ |
6618 |
++#ifndef ISCSI_TARGET_CORE_H |
6619 |
++#define ISCSI_TARGET_CORE_H |
6620 |
++ |
6621 |
++#include <linux/in.h> |
6622 |
++#include <linux/configfs.h> |
6623 |
++#include <net/sock.h> |
6624 |
++#include <net/tcp.h> |
6625 |
++#include <scsi/scsi_cmnd.h> |
6626 |
++#include <scsi/iscsi_proto.h> |
6627 |
++#include <target/target_core_base.h> |
6628 |
++ |
6629 |
++#define ISCSIT_VERSION "v4.1.0" |
6630 |
++#define ISCSI_MAX_DATASN_MISSING_COUNT 16 |
6631 |
++#define ISCSI_TX_THREAD_TCP_TIMEOUT 2 |
6632 |
++#define ISCSI_RX_THREAD_TCP_TIMEOUT 2 |
6633 |
++#define SECONDS_FOR_ASYNC_LOGOUT 10 |
6634 |
++#define SECONDS_FOR_ASYNC_TEXT 10 |
6635 |
++#define SECONDS_FOR_LOGOUT_COMP 15 |
6636 |
++#define WHITE_SPACE " \t\v\f\n\r" |
6637 |
++#define ISCSIT_MIN_TAGS 16 |
6638 |
++#define ISCSIT_EXTRA_TAGS 8 |
6639 |
++#define ISCSIT_TCP_BACKLOG 256 |
6640 |
++#define ISCSI_RX_THREAD_NAME "iscsi_trx" |
6641 |
++#define ISCSI_TX_THREAD_NAME "iscsi_ttx" |
6642 |
++ |
6643 |
++/* struct iscsi_node_attrib sanity values */ |
6644 |
++#define NA_DATAOUT_TIMEOUT 3 |
6645 |
++#define NA_DATAOUT_TIMEOUT_MAX 60 |
6646 |
++#define NA_DATAOUT_TIMEOUT_MIX 2 |
6647 |
++#define NA_DATAOUT_TIMEOUT_RETRIES 5 |
6648 |
++#define NA_DATAOUT_TIMEOUT_RETRIES_MAX 15 |
6649 |
++#define NA_DATAOUT_TIMEOUT_RETRIES_MIN 1 |
6650 |
++#define NA_NOPIN_TIMEOUT 15 |
6651 |
++#define NA_NOPIN_TIMEOUT_MAX 60 |
6652 |
++#define NA_NOPIN_TIMEOUT_MIN 3 |
6653 |
++#define NA_NOPIN_RESPONSE_TIMEOUT 30 |
6654 |
++#define NA_NOPIN_RESPONSE_TIMEOUT_MAX 60 |
6655 |
++#define NA_NOPIN_RESPONSE_TIMEOUT_MIN 3 |
6656 |
++#define NA_RANDOM_DATAIN_PDU_OFFSETS 0 |
6657 |
++#define NA_RANDOM_DATAIN_SEQ_OFFSETS 0 |
6658 |
++#define NA_RANDOM_R2T_OFFSETS 0 |
6659 |
++ |
6660 |
++/* struct iscsi_tpg_attrib sanity values */ |
6661 |
++#define TA_AUTHENTICATION 1 |
6662 |
++#define TA_LOGIN_TIMEOUT 15 |
6663 |
++#define TA_LOGIN_TIMEOUT_MAX 30 |
6664 |
++#define TA_LOGIN_TIMEOUT_MIN 5 |
6665 |
++#define TA_NETIF_TIMEOUT 2 |
6666 |
++#define TA_NETIF_TIMEOUT_MAX 15 |
6667 |
++#define TA_NETIF_TIMEOUT_MIN 2 |
6668 |
++#define TA_GENERATE_NODE_ACLS 0 |
6669 |
++#define TA_DEFAULT_CMDSN_DEPTH 64 |
6670 |
++#define TA_DEFAULT_CMDSN_DEPTH_MAX 512 |
6671 |
++#define TA_DEFAULT_CMDSN_DEPTH_MIN 1 |
6672 |
++#define TA_CACHE_DYNAMIC_ACLS 0 |
6673 |
++/* Enabled by default in demo mode (generic_node_acls=1) */ |
6674 |
++#define TA_DEMO_MODE_WRITE_PROTECT 1 |
6675 |
++/* Disabled by default in production mode w/ explict ACLs */ |
6676 |
++#define TA_PROD_MODE_WRITE_PROTECT 0 |
6677 |
++#define TA_DEMO_MODE_DISCOVERY 1 |
6678 |
++#define TA_DEFAULT_ERL 0 |
6679 |
++#define TA_CACHE_CORE_NPS 0 |
6680 |
++/* T10 protection information disabled by default */ |
6681 |
++#define TA_DEFAULT_T10_PI 0 |
6682 |
++#define TA_DEFAULT_FABRIC_PROT_TYPE 0 |
6683 |
++ |
6684 |
++#define ISCSI_IOV_DATA_BUFFER 5 |
6685 |
++ |
6686 |
++enum iscsit_transport_type { |
6687 |
++ ISCSI_TCP = 0, |
6688 |
++ ISCSI_SCTP_TCP = 1, |
6689 |
++ ISCSI_SCTP_UDP = 2, |
6690 |
++ ISCSI_IWARP_TCP = 3, |
6691 |
++ ISCSI_IWARP_SCTP = 4, |
6692 |
++ ISCSI_INFINIBAND = 5, |
6693 |
++}; |
6694 |
++ |
6695 |
++/* RFC-3720 7.1.4 Standard Connection State Diagram for a Target */ |
6696 |
++enum target_conn_state_table { |
6697 |
++ TARG_CONN_STATE_FREE = 0x1, |
6698 |
++ TARG_CONN_STATE_XPT_UP = 0x3, |
6699 |
++ TARG_CONN_STATE_IN_LOGIN = 0x4, |
6700 |
++ TARG_CONN_STATE_LOGGED_IN = 0x5, |
6701 |
++ TARG_CONN_STATE_IN_LOGOUT = 0x6, |
6702 |
++ TARG_CONN_STATE_LOGOUT_REQUESTED = 0x7, |
6703 |
++ TARG_CONN_STATE_CLEANUP_WAIT = 0x8, |
6704 |
++}; |
6705 |
++ |
6706 |
++/* RFC-3720 7.3.2 Session State Diagram for a Target */ |
6707 |
++enum target_sess_state_table { |
6708 |
++ TARG_SESS_STATE_FREE = 0x1, |
6709 |
++ TARG_SESS_STATE_ACTIVE = 0x2, |
6710 |
++ TARG_SESS_STATE_LOGGED_IN = 0x3, |
6711 |
++ TARG_SESS_STATE_FAILED = 0x4, |
6712 |
++ TARG_SESS_STATE_IN_CONTINUE = 0x5, |
6713 |
++}; |
6714 |
++ |
6715 |
++/* struct iscsi_data_count->type */ |
6716 |
++enum data_count_type { |
6717 |
++ ISCSI_RX_DATA = 1, |
6718 |
++ ISCSI_TX_DATA = 2, |
6719 |
++}; |
6720 |
++ |
6721 |
++/* struct iscsi_datain_req->dr_complete */ |
6722 |
++enum datain_req_comp_table { |
6723 |
++ DATAIN_COMPLETE_NORMAL = 1, |
6724 |
++ DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY = 2, |
6725 |
++ DATAIN_COMPLETE_CONNECTION_RECOVERY = 3, |
6726 |
++}; |
6727 |
++ |
6728 |
++/* struct iscsi_datain_req->recovery */ |
6729 |
++enum datain_req_rec_table { |
6730 |
++ DATAIN_WITHIN_COMMAND_RECOVERY = 1, |
6731 |
++ DATAIN_CONNECTION_RECOVERY = 2, |
6732 |
++}; |
6733 |
++ |
6734 |
++/* struct iscsi_portal_group->state */ |
6735 |
++enum tpg_state_table { |
6736 |
++ TPG_STATE_FREE = 0, |
6737 |
++ TPG_STATE_ACTIVE = 1, |
6738 |
++ TPG_STATE_INACTIVE = 2, |
6739 |
++ TPG_STATE_COLD_RESET = 3, |
6740 |
++}; |
6741 |
++ |
6742 |
++/* struct iscsi_tiqn->tiqn_state */ |
6743 |
++enum tiqn_state_table { |
6744 |
++ TIQN_STATE_ACTIVE = 1, |
6745 |
++ TIQN_STATE_SHUTDOWN = 2, |
6746 |
++}; |
6747 |
++ |
6748 |
++/* struct iscsi_cmd->cmd_flags */ |
6749 |
++enum cmd_flags_table { |
6750 |
++ ICF_GOT_LAST_DATAOUT = 0x00000001, |
6751 |
++ ICF_GOT_DATACK_SNACK = 0x00000002, |
6752 |
++ ICF_NON_IMMEDIATE_UNSOLICITED_DATA = 0x00000004, |
6753 |
++ ICF_SENT_LAST_R2T = 0x00000008, |
6754 |
++ ICF_WITHIN_COMMAND_RECOVERY = 0x00000010, |
6755 |
++ ICF_CONTIG_MEMORY = 0x00000020, |
6756 |
++ ICF_ATTACHED_TO_RQUEUE = 0x00000040, |
6757 |
++ ICF_OOO_CMDSN = 0x00000080, |
6758 |
++ ICF_SENDTARGETS_ALL = 0x00000100, |
6759 |
++ ICF_SENDTARGETS_SINGLE = 0x00000200, |
6760 |
++}; |
6761 |
++ |
6762 |
++/* struct iscsi_cmd->i_state */ |
6763 |
++enum cmd_i_state_table { |
6764 |
++ ISTATE_NO_STATE = 0, |
6765 |
++ ISTATE_NEW_CMD = 1, |
6766 |
++ ISTATE_DEFERRED_CMD = 2, |
6767 |
++ ISTATE_UNSOLICITED_DATA = 3, |
6768 |
++ ISTATE_RECEIVE_DATAOUT = 4, |
6769 |
++ ISTATE_RECEIVE_DATAOUT_RECOVERY = 5, |
6770 |
++ ISTATE_RECEIVED_LAST_DATAOUT = 6, |
6771 |
++ ISTATE_WITHIN_DATAOUT_RECOVERY = 7, |
6772 |
++ ISTATE_IN_CONNECTION_RECOVERY = 8, |
6773 |
++ ISTATE_RECEIVED_TASKMGT = 9, |
6774 |
++ ISTATE_SEND_ASYNCMSG = 10, |
6775 |
++ ISTATE_SENT_ASYNCMSG = 11, |
6776 |
++ ISTATE_SEND_DATAIN = 12, |
6777 |
++ ISTATE_SEND_LAST_DATAIN = 13, |
6778 |
++ ISTATE_SENT_LAST_DATAIN = 14, |
6779 |
++ ISTATE_SEND_LOGOUTRSP = 15, |
6780 |
++ ISTATE_SENT_LOGOUTRSP = 16, |
6781 |
++ ISTATE_SEND_NOPIN = 17, |
6782 |
++ ISTATE_SENT_NOPIN = 18, |
6783 |
++ ISTATE_SEND_REJECT = 19, |
6784 |
++ ISTATE_SENT_REJECT = 20, |
6785 |
++ ISTATE_SEND_R2T = 21, |
6786 |
++ ISTATE_SENT_R2T = 22, |
6787 |
++ ISTATE_SEND_R2T_RECOVERY = 23, |
6788 |
++ ISTATE_SENT_R2T_RECOVERY = 24, |
6789 |
++ ISTATE_SEND_LAST_R2T = 25, |
6790 |
++ ISTATE_SENT_LAST_R2T = 26, |
6791 |
++ ISTATE_SEND_LAST_R2T_RECOVERY = 27, |
6792 |
++ ISTATE_SENT_LAST_R2T_RECOVERY = 28, |
6793 |
++ ISTATE_SEND_STATUS = 29, |
6794 |
++ ISTATE_SEND_STATUS_BROKEN_PC = 30, |
6795 |
++ ISTATE_SENT_STATUS = 31, |
6796 |
++ ISTATE_SEND_STATUS_RECOVERY = 32, |
6797 |
++ ISTATE_SENT_STATUS_RECOVERY = 33, |
6798 |
++ ISTATE_SEND_TASKMGTRSP = 34, |
6799 |
++ ISTATE_SENT_TASKMGTRSP = 35, |
6800 |
++ ISTATE_SEND_TEXTRSP = 36, |
6801 |
++ ISTATE_SENT_TEXTRSP = 37, |
6802 |
++ ISTATE_SEND_NOPIN_WANT_RESPONSE = 38, |
6803 |
++ ISTATE_SENT_NOPIN_WANT_RESPONSE = 39, |
6804 |
++ ISTATE_SEND_NOPIN_NO_RESPONSE = 40, |
6805 |
++ ISTATE_REMOVE = 41, |
6806 |
++ ISTATE_FREE = 42, |
6807 |
++}; |
6808 |
++ |
6809 |
++/* Used for iscsi_recover_cmdsn() return values */ |
6810 |
++enum recover_cmdsn_ret_table { |
6811 |
++ CMDSN_ERROR_CANNOT_RECOVER = -1, |
6812 |
++ CMDSN_NORMAL_OPERATION = 0, |
6813 |
++ CMDSN_LOWER_THAN_EXP = 1, |
6814 |
++ CMDSN_HIGHER_THAN_EXP = 2, |
6815 |
++ CMDSN_MAXCMDSN_OVERRUN = 3, |
6816 |
++}; |
6817 |
++ |
6818 |
++/* Used for iscsi_handle_immediate_data() return values */ |
6819 |
++enum immedate_data_ret_table { |
6820 |
++ IMMEDIATE_DATA_CANNOT_RECOVER = -1, |
6821 |
++ IMMEDIATE_DATA_NORMAL_OPERATION = 0, |
6822 |
++ IMMEDIATE_DATA_ERL1_CRC_FAILURE = 1, |
6823 |
++}; |
6824 |
++ |
6825 |
++/* Used for iscsi_decide_dataout_action() return values */ |
6826 |
++enum dataout_action_ret_table { |
6827 |
++ DATAOUT_CANNOT_RECOVER = -1, |
6828 |
++ DATAOUT_NORMAL = 0, |
6829 |
++ DATAOUT_SEND_R2T = 1, |
6830 |
++ DATAOUT_SEND_TO_TRANSPORT = 2, |
6831 |
++ DATAOUT_WITHIN_COMMAND_RECOVERY = 3, |
6832 |
++}; |
6833 |
++ |
6834 |
++/* Used for struct iscsi_node_auth->naf_flags */ |
6835 |
++enum naf_flags_table { |
6836 |
++ NAF_USERID_SET = 0x01, |
6837 |
++ NAF_PASSWORD_SET = 0x02, |
6838 |
++ NAF_USERID_IN_SET = 0x04, |
6839 |
++ NAF_PASSWORD_IN_SET = 0x08, |
6840 |
++}; |
6841 |
++ |
6842 |
++/* Used by various struct timer_list to manage iSCSI specific state */ |
6843 |
++enum iscsi_timer_flags_table { |
6844 |
++ ISCSI_TF_RUNNING = 0x01, |
6845 |
++ ISCSI_TF_STOP = 0x02, |
6846 |
++ ISCSI_TF_EXPIRED = 0x04, |
6847 |
++}; |
6848 |
++ |
6849 |
++/* Used for struct iscsi_np->np_flags */ |
6850 |
++enum np_flags_table { |
6851 |
++ NPF_IP_NETWORK = 0x00, |
6852 |
++}; |
6853 |
++ |
6854 |
++/* Used for struct iscsi_np->np_thread_state */ |
6855 |
++enum np_thread_state_table { |
6856 |
++ ISCSI_NP_THREAD_ACTIVE = 1, |
6857 |
++ ISCSI_NP_THREAD_INACTIVE = 2, |
6858 |
++ ISCSI_NP_THREAD_RESET = 3, |
6859 |
++ ISCSI_NP_THREAD_SHUTDOWN = 4, |
6860 |
++ ISCSI_NP_THREAD_EXIT = 5, |
6861 |
++}; |
6862 |
++ |
6863 |
++struct iscsi_conn_ops { |
6864 |
++ u8 HeaderDigest; /* [0,1] == [None,CRC32C] */ |
6865 |
++ u8 DataDigest; /* [0,1] == [None,CRC32C] */ |
6866 |
++ u32 MaxRecvDataSegmentLength; /* [512..2**24-1] */ |
6867 |
++ u32 MaxXmitDataSegmentLength; /* [512..2**24-1] */ |
6868 |
++ u8 OFMarker; /* [0,1] == [No,Yes] */ |
6869 |
++ u8 IFMarker; /* [0,1] == [No,Yes] */ |
6870 |
++ u32 OFMarkInt; /* [1..65535] */ |
6871 |
++ u32 IFMarkInt; /* [1..65535] */ |
6872 |
++ /* |
6873 |
++ * iSER specific connection parameters |
6874 |
++ */ |
6875 |
++ u32 InitiatorRecvDataSegmentLength; /* [512..2**24-1] */ |
6876 |
++ u32 TargetRecvDataSegmentLength; /* [512..2**24-1] */ |
6877 |
++}; |
6878 |
++ |
6879 |
++struct iscsi_sess_ops { |
6880 |
++ char InitiatorName[224]; |
6881 |
++ char InitiatorAlias[256]; |
6882 |
++ char TargetName[224]; |
6883 |
++ char TargetAlias[256]; |
6884 |
++ char TargetAddress[256]; |
6885 |
++ u16 TargetPortalGroupTag; /* [0..65535] */ |
6886 |
++ u16 MaxConnections; /* [1..65535] */ |
6887 |
++ u8 InitialR2T; /* [0,1] == [No,Yes] */ |
6888 |
++ u8 ImmediateData; /* [0,1] == [No,Yes] */ |
6889 |
++ u32 MaxBurstLength; /* [512..2**24-1] */ |
6890 |
++ u32 FirstBurstLength; /* [512..2**24-1] */ |
6891 |
++ u16 DefaultTime2Wait; /* [0..3600] */ |
6892 |
++ u16 DefaultTime2Retain; /* [0..3600] */ |
6893 |
++ u16 MaxOutstandingR2T; /* [1..65535] */ |
6894 |
++ u8 DataPDUInOrder; /* [0,1] == [No,Yes] */ |
6895 |
++ u8 DataSequenceInOrder; /* [0,1] == [No,Yes] */ |
6896 |
++ u8 ErrorRecoveryLevel; /* [0..2] */ |
6897 |
++ u8 SessionType; /* [0,1] == [Normal,Discovery]*/ |
6898 |
++ /* |
6899 |
++ * iSER specific session parameters |
6900 |
++ */ |
6901 |
++ u8 RDMAExtensions; /* [0,1] == [No,Yes] */ |
6902 |
++}; |
6903 |
++ |
6904 |
++struct iscsi_queue_req { |
6905 |
++ int state; |
6906 |
++ struct iscsi_cmd *cmd; |
6907 |
++ struct list_head qr_list; |
6908 |
++}; |
6909 |
++ |
6910 |
++struct iscsi_data_count { |
6911 |
++ int data_length; |
6912 |
++ int sync_and_steering; |
6913 |
++ enum data_count_type type; |
6914 |
++ u32 iov_count; |
6915 |
++ u32 ss_iov_count; |
6916 |
++ u32 ss_marker_count; |
6917 |
++ struct kvec *iov; |
6918 |
++}; |
6919 |
++ |
6920 |
++struct iscsi_param_list { |
6921 |
++ bool iser; |
6922 |
++ struct list_head param_list; |
6923 |
++ struct list_head extra_response_list; |
6924 |
++}; |
6925 |
++ |
6926 |
++struct iscsi_datain_req { |
6927 |
++ enum datain_req_comp_table dr_complete; |
6928 |
++ int generate_recovery_values; |
6929 |
++ enum datain_req_rec_table recovery; |
6930 |
++ u32 begrun; |
6931 |
++ u32 runlength; |
6932 |
++ u32 data_length; |
6933 |
++ u32 data_offset; |
6934 |
++ u32 data_sn; |
6935 |
++ u32 next_burst_len; |
6936 |
++ u32 read_data_done; |
6937 |
++ u32 seq_send_order; |
6938 |
++ struct list_head cmd_datain_node; |
6939 |
++} ____cacheline_aligned; |
6940 |
++ |
6941 |
++struct iscsi_ooo_cmdsn { |
6942 |
++ u16 cid; |
6943 |
++ u32 batch_count; |
6944 |
++ u32 cmdsn; |
6945 |
++ u32 exp_cmdsn; |
6946 |
++ struct iscsi_cmd *cmd; |
6947 |
++ struct list_head ooo_list; |
6948 |
++} ____cacheline_aligned; |
6949 |
++ |
6950 |
++struct iscsi_datain { |
6951 |
++ u8 flags; |
6952 |
++ u32 data_sn; |
6953 |
++ u32 length; |
6954 |
++ u32 offset; |
6955 |
++} ____cacheline_aligned; |
6956 |
++ |
6957 |
++struct iscsi_r2t { |
6958 |
++ int seq_complete; |
6959 |
++ int recovery_r2t; |
6960 |
++ int sent_r2t; |
6961 |
++ u32 r2t_sn; |
6962 |
++ u32 offset; |
6963 |
++ u32 targ_xfer_tag; |
6964 |
++ u32 xfer_len; |
6965 |
++ struct list_head r2t_list; |
6966 |
++} ____cacheline_aligned; |
6967 |
++ |
6968 |
++struct iscsi_cmd { |
6969 |
++ enum iscsi_timer_flags_table dataout_timer_flags; |
6970 |
++ /* DataOUT timeout retries */ |
6971 |
++ u8 dataout_timeout_retries; |
6972 |
++ /* Within command recovery count */ |
6973 |
++ u8 error_recovery_count; |
6974 |
++ /* iSCSI dependent state for out or order CmdSNs */ |
6975 |
++ enum cmd_i_state_table deferred_i_state; |
6976 |
++ /* iSCSI dependent state */ |
6977 |
++ enum cmd_i_state_table i_state; |
6978 |
++ /* Command is an immediate command (ISCSI_OP_IMMEDIATE set) */ |
6979 |
++ u8 immediate_cmd; |
6980 |
++ /* Immediate data present */ |
6981 |
++ u8 immediate_data; |
6982 |
++ /* iSCSI Opcode */ |
6983 |
++ u8 iscsi_opcode; |
6984 |
++ /* iSCSI Response Code */ |
6985 |
++ u8 iscsi_response; |
6986 |
++ /* Logout reason when iscsi_opcode == ISCSI_INIT_LOGOUT_CMND */ |
6987 |
++ u8 logout_reason; |
6988 |
++ /* Logout response code when iscsi_opcode == ISCSI_INIT_LOGOUT_CMND */ |
6989 |
++ u8 logout_response; |
6990 |
++ /* MaxCmdSN has been incremented */ |
6991 |
++ u8 maxcmdsn_inc; |
6992 |
++ /* Immediate Unsolicited Dataout */ |
6993 |
++ u8 unsolicited_data; |
6994 |
++ /* Reject reason code */ |
6995 |
++ u8 reject_reason; |
6996 |
++ /* CID contained in logout PDU when opcode == ISCSI_INIT_LOGOUT_CMND */ |
6997 |
++ u16 logout_cid; |
6998 |
++ /* Command flags */ |
6999 |
++ enum cmd_flags_table cmd_flags; |
7000 |
++ /* Initiator Task Tag assigned from Initiator */ |
7001 |
++ itt_t init_task_tag; |
7002 |
++ /* Target Transfer Tag assigned from Target */ |
7003 |
++ u32 targ_xfer_tag; |
7004 |
++ /* CmdSN assigned from Initiator */ |
7005 |
++ u32 cmd_sn; |
7006 |
++ /* ExpStatSN assigned from Initiator */ |
7007 |
++ u32 exp_stat_sn; |
7008 |
++ /* StatSN assigned to this ITT */ |
7009 |
++ u32 stat_sn; |
7010 |
++ /* DataSN Counter */ |
7011 |
++ u32 data_sn; |
7012 |
++ /* R2TSN Counter */ |
7013 |
++ u32 r2t_sn; |
7014 |
++ /* Last DataSN acknowledged via DataAck SNACK */ |
7015 |
++ u32 acked_data_sn; |
7016 |
++ /* Used for echoing NOPOUT ping data */ |
7017 |
++ u32 buf_ptr_size; |
7018 |
++ /* Used to store DataDigest */ |
7019 |
++ u32 data_crc; |
7020 |
++ /* Counter for MaxOutstandingR2T */ |
7021 |
++ u32 outstanding_r2ts; |
7022 |
++ /* Next R2T Offset when DataSequenceInOrder=Yes */ |
7023 |
++ u32 r2t_offset; |
7024 |
++ /* Iovec current and orig count for iscsi_cmd->iov_data */ |
7025 |
++ u32 iov_data_count; |
7026 |
++ u32 orig_iov_data_count; |
7027 |
++ /* Number of miscellaneous iovecs used for IP stack calls */ |
7028 |
++ u32 iov_misc_count; |
7029 |
++ /* Number of struct iscsi_pdu in struct iscsi_cmd->pdu_list */ |
7030 |
++ u32 pdu_count; |
7031 |
++ /* Next struct iscsi_pdu to send in struct iscsi_cmd->pdu_list */ |
7032 |
++ u32 pdu_send_order; |
7033 |
++ /* Current struct iscsi_pdu in struct iscsi_cmd->pdu_list */ |
7034 |
++ u32 pdu_start; |
7035 |
++ /* Next struct iscsi_seq to send in struct iscsi_cmd->seq_list */ |
7036 |
++ u32 seq_send_order; |
7037 |
++ /* Number of struct iscsi_seq in struct iscsi_cmd->seq_list */ |
7038 |
++ u32 seq_count; |
7039 |
++ /* Current struct iscsi_seq in struct iscsi_cmd->seq_list */ |
7040 |
++ u32 seq_no; |
7041 |
++ /* Lowest offset in current DataOUT sequence */ |
7042 |
++ u32 seq_start_offset; |
7043 |
++ /* Highest offset in current DataOUT sequence */ |
7044 |
++ u32 seq_end_offset; |
7045 |
++ /* Total size in bytes received so far of READ data */ |
7046 |
++ u32 read_data_done; |
7047 |
++ /* Total size in bytes received so far of WRITE data */ |
7048 |
++ u32 write_data_done; |
7049 |
++ /* Counter for FirstBurstLength key */ |
7050 |
++ u32 first_burst_len; |
7051 |
++ /* Counter for MaxBurstLength key */ |
7052 |
++ u32 next_burst_len; |
7053 |
++ /* Transfer size used for IP stack calls */ |
7054 |
++ u32 tx_size; |
7055 |
++ /* Buffer used for various purposes */ |
7056 |
++ void *buf_ptr; |
7057 |
++ /* Used by SendTargets=[iqn.,eui.] discovery */ |
7058 |
++ void *text_in_ptr; |
7059 |
++ /* See include/linux/dma-mapping.h */ |
7060 |
++ enum dma_data_direction data_direction; |
7061 |
++ /* iSCSI PDU Header + CRC */ |
7062 |
++ unsigned char pdu[ISCSI_HDR_LEN + ISCSI_CRC_LEN]; |
7063 |
++ /* Number of times struct iscsi_cmd is present in immediate queue */ |
7064 |
++ atomic_t immed_queue_count; |
7065 |
++ atomic_t response_queue_count; |
7066 |
++ spinlock_t datain_lock; |
7067 |
++ spinlock_t dataout_timeout_lock; |
7068 |
++ /* spinlock for protecting struct iscsi_cmd->i_state */ |
7069 |
++ spinlock_t istate_lock; |
7070 |
++ /* spinlock for adding within command recovery entries */ |
7071 |
++ spinlock_t error_lock; |
7072 |
++ /* spinlock for adding R2Ts */ |
7073 |
++ spinlock_t r2t_lock; |
7074 |
++ /* DataIN List */ |
7075 |
++ struct list_head datain_list; |
7076 |
++ /* R2T List */ |
7077 |
++ struct list_head cmd_r2t_list; |
7078 |
++ /* Timer for DataOUT */ |
7079 |
++ struct timer_list dataout_timer; |
7080 |
++ /* Iovecs for SCSI data payload RX/TX w/ kernel level sockets */ |
7081 |
++ struct kvec *iov_data; |
7082 |
++ /* Iovecs for miscellaneous purposes */ |
7083 |
++#define ISCSI_MISC_IOVECS 5 |
7084 |
++ struct kvec iov_misc[ISCSI_MISC_IOVECS]; |
7085 |
++ /* Array of struct iscsi_pdu used for DataPDUInOrder=No */ |
7086 |
++ struct iscsi_pdu *pdu_list; |
7087 |
++ /* Current struct iscsi_pdu used for DataPDUInOrder=No */ |
7088 |
++ struct iscsi_pdu *pdu_ptr; |
7089 |
++ /* Array of struct iscsi_seq used for DataSequenceInOrder=No */ |
7090 |
++ struct iscsi_seq *seq_list; |
7091 |
++ /* Current struct iscsi_seq used for DataSequenceInOrder=No */ |
7092 |
++ struct iscsi_seq *seq_ptr; |
7093 |
++ /* TMR Request when iscsi_opcode == ISCSI_OP_SCSI_TMFUNC */ |
7094 |
++ struct iscsi_tmr_req *tmr_req; |
7095 |
++ /* Connection this command is alligient to */ |
7096 |
++ struct iscsi_conn *conn; |
7097 |
++ /* Pointer to connection recovery entry */ |
7098 |
++ struct iscsi_conn_recovery *cr; |
7099 |
++ /* Session the command is part of, used for connection recovery */ |
7100 |
++ struct iscsi_session *sess; |
7101 |
++ /* list_head for connection list */ |
7102 |
++ struct list_head i_conn_node; |
7103 |
++ /* The TCM I/O descriptor that is accessed via container_of() */ |
7104 |
++ struct se_cmd se_cmd; |
7105 |
++ /* Sense buffer that will be mapped into outgoing status */ |
7106 |
++#define ISCSI_SENSE_BUFFER_LEN (TRANSPORT_SENSE_BUFFER + 2) |
7107 |
++ unsigned char sense_buffer[ISCSI_SENSE_BUFFER_LEN]; |
7108 |
++ |
7109 |
++ u32 padding; |
7110 |
++ u8 pad_bytes[4]; |
7111 |
++ |
7112 |
++ struct scatterlist *first_data_sg; |
7113 |
++ u32 first_data_sg_off; |
7114 |
++ u32 kmapped_nents; |
7115 |
++ sense_reason_t sense_reason; |
7116 |
++} ____cacheline_aligned; |
7117 |
++ |
7118 |
++struct iscsi_tmr_req { |
7119 |
++ bool task_reassign:1; |
7120 |
++ u32 exp_data_sn; |
7121 |
++ struct iscsi_cmd *ref_cmd; |
7122 |
++ struct iscsi_conn_recovery *conn_recovery; |
7123 |
++ struct se_tmr_req *se_tmr_req; |
7124 |
++}; |
7125 |
++ |
7126 |
++struct iscsi_conn { |
7127 |
++ wait_queue_head_t queues_wq; |
7128 |
++ /* Authentication Successful for this connection */ |
7129 |
++ u8 auth_complete; |
7130 |
++ /* State connection is currently in */ |
7131 |
++ u8 conn_state; |
7132 |
++ u8 conn_logout_reason; |
7133 |
++ u8 network_transport; |
7134 |
++ enum iscsi_timer_flags_table nopin_timer_flags; |
7135 |
++ enum iscsi_timer_flags_table nopin_response_timer_flags; |
7136 |
++ /* Used to know what thread encountered a transport failure */ |
7137 |
++ u8 which_thread; |
7138 |
++ /* connection id assigned by the Initiator */ |
7139 |
++ u16 cid; |
7140 |
++ /* Remote TCP Port */ |
7141 |
++ u16 login_port; |
7142 |
++ u16 local_port; |
7143 |
++ int net_size; |
7144 |
++ int login_family; |
7145 |
++ u32 auth_id; |
7146 |
++ u32 conn_flags; |
7147 |
++ /* Used for iscsi_tx_login_rsp() */ |
7148 |
++ itt_t login_itt; |
7149 |
++ u32 exp_statsn; |
7150 |
++ /* Per connection status sequence number */ |
7151 |
++ u32 stat_sn; |
7152 |
++ /* IFMarkInt's Current Value */ |
7153 |
++ u32 if_marker; |
7154 |
++ /* OFMarkInt's Current Value */ |
7155 |
++ u32 of_marker; |
7156 |
++ /* Used for calculating OFMarker offset to next PDU */ |
7157 |
++ u32 of_marker_offset; |
7158 |
++#define IPV6_ADDRESS_SPACE 48 |
7159 |
++ unsigned char login_ip[IPV6_ADDRESS_SPACE]; |
7160 |
++ unsigned char local_ip[IPV6_ADDRESS_SPACE]; |
7161 |
++ int conn_usage_count; |
7162 |
++ int conn_waiting_on_uc; |
7163 |
++ atomic_t check_immediate_queue; |
7164 |
++ atomic_t conn_logout_remove; |
7165 |
++ atomic_t connection_exit; |
7166 |
++ atomic_t connection_recovery; |
7167 |
++ atomic_t connection_reinstatement; |
7168 |
++ atomic_t connection_wait_rcfr; |
7169 |
++ atomic_t sleep_on_conn_wait_comp; |
7170 |
++ atomic_t transport_failed; |
7171 |
++ struct completion conn_post_wait_comp; |
7172 |
++ struct completion conn_wait_comp; |
7173 |
++ struct completion conn_wait_rcfr_comp; |
7174 |
++ struct completion conn_waiting_on_uc_comp; |
7175 |
++ struct completion conn_logout_comp; |
7176 |
++ struct completion tx_half_close_comp; |
7177 |
++ struct completion rx_half_close_comp; |
7178 |
++ /* socket used by this connection */ |
7179 |
++ struct socket *sock; |
7180 |
++ void (*orig_data_ready)(struct sock *); |
7181 |
++ void (*orig_state_change)(struct sock *); |
7182 |
++#define LOGIN_FLAGS_READ_ACTIVE 1 |
7183 |
++#define LOGIN_FLAGS_CLOSED 2 |
7184 |
++#define LOGIN_FLAGS_READY 4 |
7185 |
++ unsigned long login_flags; |
7186 |
++ struct delayed_work login_work; |
7187 |
++ struct delayed_work login_cleanup_work; |
7188 |
++ struct iscsi_login *login; |
7189 |
++ struct timer_list nopin_timer; |
7190 |
++ struct timer_list nopin_response_timer; |
7191 |
++ struct timer_list transport_timer; |
7192 |
++ struct task_struct *login_kworker; |
7193 |
++ /* Spinlock used for add/deleting cmd's from conn_cmd_list */ |
7194 |
++ spinlock_t cmd_lock; |
7195 |
++ spinlock_t conn_usage_lock; |
7196 |
++ spinlock_t immed_queue_lock; |
7197 |
++ spinlock_t nopin_timer_lock; |
7198 |
++ spinlock_t response_queue_lock; |
7199 |
++ spinlock_t state_lock; |
7200 |
++ /* libcrypto RX and TX contexts for crc32c */ |
7201 |
++ struct hash_desc conn_rx_hash; |
7202 |
++ struct hash_desc conn_tx_hash; |
7203 |
++ /* Used for scheduling TX and RX connection kthreads */ |
7204 |
++ cpumask_var_t conn_cpumask; |
7205 |
++ unsigned int conn_rx_reset_cpumask:1; |
7206 |
++ unsigned int conn_tx_reset_cpumask:1; |
7207 |
++ /* list_head of struct iscsi_cmd for this connection */ |
7208 |
++ struct list_head conn_cmd_list; |
7209 |
++ struct list_head immed_queue_list; |
7210 |
++ struct list_head response_queue_list; |
7211 |
++ struct iscsi_conn_ops *conn_ops; |
7212 |
++ struct iscsi_login *conn_login; |
7213 |
++ struct iscsit_transport *conn_transport; |
7214 |
++ struct iscsi_param_list *param_list; |
7215 |
++ /* Used for per connection auth state machine */ |
7216 |
++ void *auth_protocol; |
7217 |
++ void *context; |
7218 |
++ struct iscsi_login_thread_s *login_thread; |
7219 |
++ struct iscsi_portal_group *tpg; |
7220 |
++ struct iscsi_tpg_np *tpg_np; |
7221 |
++ /* Pointer to parent session */ |
7222 |
++ struct iscsi_session *sess; |
7223 |
++ int bitmap_id; |
7224 |
++ int rx_thread_active; |
7225 |
++ struct task_struct *rx_thread; |
7226 |
++ struct completion rx_login_comp; |
7227 |
++ int tx_thread_active; |
7228 |
++ struct task_struct *tx_thread; |
7229 |
++ /* list_head for session connection list */ |
7230 |
++ struct list_head conn_list; |
7231 |
++} ____cacheline_aligned; |
7232 |
++ |
7233 |
++struct iscsi_conn_recovery { |
7234 |
++ u16 cid; |
7235 |
++ u32 cmd_count; |
7236 |
++ u32 maxrecvdatasegmentlength; |
7237 |
++ u32 maxxmitdatasegmentlength; |
7238 |
++ int ready_for_reallegiance; |
7239 |
++ struct list_head conn_recovery_cmd_list; |
7240 |
++ spinlock_t conn_recovery_cmd_lock; |
7241 |
++ struct timer_list time2retain_timer; |
7242 |
++ struct iscsi_session *sess; |
7243 |
++ struct list_head cr_list; |
7244 |
++} ____cacheline_aligned; |
7245 |
++ |
7246 |
++struct iscsi_session { |
7247 |
++ u8 initiator_vendor; |
7248 |
++ u8 isid[6]; |
7249 |
++ enum iscsi_timer_flags_table time2retain_timer_flags; |
7250 |
++ u8 version_active; |
7251 |
++ u16 cid_called; |
7252 |
++ u16 conn_recovery_count; |
7253 |
++ u16 tsih; |
7254 |
++ /* state session is currently in */ |
7255 |
++ u32 session_state; |
7256 |
++ /* session wide counter: initiator assigned task tag */ |
7257 |
++ itt_t init_task_tag; |
7258 |
++ /* session wide counter: target assigned task tag */ |
7259 |
++ u32 targ_xfer_tag; |
7260 |
++ u32 cmdsn_window; |
7261 |
++ |
7262 |
++ /* protects cmdsn values */ |
7263 |
++ struct mutex cmdsn_mutex; |
7264 |
++ /* session wide counter: expected command sequence number */ |
7265 |
++ u32 exp_cmd_sn; |
7266 |
++ /* session wide counter: maximum allowed command sequence number */ |
7267 |
++ u32 max_cmd_sn; |
7268 |
++ struct list_head sess_ooo_cmdsn_list; |
7269 |
++ |
7270 |
++ /* LIO specific session ID */ |
7271 |
++ u32 sid; |
7272 |
++ char auth_type[8]; |
7273 |
++ /* unique within the target */ |
7274 |
++ int session_index; |
7275 |
++ /* Used for session reference counting */ |
7276 |
++ int session_usage_count; |
7277 |
++ int session_waiting_on_uc; |
7278 |
++ atomic_long_t cmd_pdus; |
7279 |
++ atomic_long_t rsp_pdus; |
7280 |
++ atomic_long_t tx_data_octets; |
7281 |
++ atomic_long_t rx_data_octets; |
7282 |
++ atomic_long_t conn_digest_errors; |
7283 |
++ atomic_long_t conn_timeout_errors; |
7284 |
++ u64 creation_time; |
7285 |
++ /* Number of active connections */ |
7286 |
++ atomic_t nconn; |
7287 |
++ atomic_t session_continuation; |
7288 |
++ atomic_t session_fall_back_to_erl0; |
7289 |
++ atomic_t session_logout; |
7290 |
++ atomic_t session_reinstatement; |
7291 |
++ atomic_t session_stop_active; |
7292 |
++ atomic_t sleep_on_sess_wait_comp; |
7293 |
++ /* connection list */ |
7294 |
++ struct list_head sess_conn_list; |
7295 |
++ struct list_head cr_active_list; |
7296 |
++ struct list_head cr_inactive_list; |
7297 |
++ spinlock_t conn_lock; |
7298 |
++ spinlock_t cr_a_lock; |
7299 |
++ spinlock_t cr_i_lock; |
7300 |
++ spinlock_t session_usage_lock; |
7301 |
++ spinlock_t ttt_lock; |
7302 |
++ struct completion async_msg_comp; |
7303 |
++ struct completion reinstatement_comp; |
7304 |
++ struct completion session_wait_comp; |
7305 |
++ struct completion session_waiting_on_uc_comp; |
7306 |
++ struct timer_list time2retain_timer; |
7307 |
++ struct iscsi_sess_ops *sess_ops; |
7308 |
++ struct se_session *se_sess; |
7309 |
++ struct iscsi_portal_group *tpg; |
7310 |
++} ____cacheline_aligned; |
7311 |
++ |
7312 |
++struct iscsi_login { |
7313 |
++ u8 auth_complete; |
7314 |
++ u8 checked_for_existing; |
7315 |
++ u8 current_stage; |
7316 |
++ u8 leading_connection; |
7317 |
++ u8 first_request; |
7318 |
++ u8 version_min; |
7319 |
++ u8 version_max; |
7320 |
++ u8 login_complete; |
7321 |
++ u8 login_failed; |
7322 |
++ bool zero_tsih; |
7323 |
++ char isid[6]; |
7324 |
++ u32 cmd_sn; |
7325 |
++ itt_t init_task_tag; |
7326 |
++ u32 initial_exp_statsn; |
7327 |
++ u32 rsp_length; |
7328 |
++ u16 cid; |
7329 |
++ u16 tsih; |
7330 |
++ char req[ISCSI_HDR_LEN]; |
7331 |
++ char rsp[ISCSI_HDR_LEN]; |
7332 |
++ char *req_buf; |
7333 |
++ char *rsp_buf; |
7334 |
++ struct iscsi_conn *conn; |
7335 |
++ struct iscsi_np *np; |
7336 |
++} ____cacheline_aligned; |
7337 |
++ |
7338 |
++struct iscsi_node_attrib { |
7339 |
++ u32 dataout_timeout; |
7340 |
++ u32 dataout_timeout_retries; |
7341 |
++ u32 default_erl; |
7342 |
++ u32 nopin_timeout; |
7343 |
++ u32 nopin_response_timeout; |
7344 |
++ u32 random_datain_pdu_offsets; |
7345 |
++ u32 random_datain_seq_offsets; |
7346 |
++ u32 random_r2t_offsets; |
7347 |
++ u32 tmr_cold_reset; |
7348 |
++ u32 tmr_warm_reset; |
7349 |
++ struct iscsi_node_acl *nacl; |
7350 |
++}; |
7351 |
++ |
7352 |
++struct se_dev_entry_s; |
7353 |
++ |
7354 |
++struct iscsi_node_auth { |
7355 |
++ enum naf_flags_table naf_flags; |
7356 |
++ int authenticate_target; |
7357 |
++ /* Used for iscsit_global->discovery_auth, |
7358 |
++ * set to zero (auth disabled) by default */ |
7359 |
++ int enforce_discovery_auth; |
7360 |
++#define MAX_USER_LEN 256 |
7361 |
++#define MAX_PASS_LEN 256 |
7362 |
++ char userid[MAX_USER_LEN]; |
7363 |
++ char password[MAX_PASS_LEN]; |
7364 |
++ char userid_mutual[MAX_USER_LEN]; |
7365 |
++ char password_mutual[MAX_PASS_LEN]; |
7366 |
++}; |
7367 |
++ |
7368 |
++#include "iscsi_target_stat.h" |
7369 |
++ |
7370 |
++struct iscsi_node_stat_grps { |
7371 |
++ struct config_group iscsi_sess_stats_group; |
7372 |
++ struct config_group iscsi_conn_stats_group; |
7373 |
++}; |
7374 |
++ |
7375 |
++struct iscsi_node_acl { |
7376 |
++ struct iscsi_node_attrib node_attrib; |
7377 |
++ struct iscsi_node_auth node_auth; |
7378 |
++ struct iscsi_node_stat_grps node_stat_grps; |
7379 |
++ struct se_node_acl se_node_acl; |
7380 |
++}; |
7381 |
++ |
7382 |
++struct iscsi_tpg_attrib { |
7383 |
++ u32 authentication; |
7384 |
++ u32 login_timeout; |
7385 |
++ u32 netif_timeout; |
7386 |
++ u32 generate_node_acls; |
7387 |
++ u32 cache_dynamic_acls; |
7388 |
++ u32 default_cmdsn_depth; |
7389 |
++ u32 demo_mode_write_protect; |
7390 |
++ u32 prod_mode_write_protect; |
7391 |
++ u32 demo_mode_discovery; |
7392 |
++ u32 default_erl; |
7393 |
++ u8 t10_pi; |
7394 |
++ u32 fabric_prot_type; |
7395 |
++ struct iscsi_portal_group *tpg; |
7396 |
++}; |
7397 |
++ |
7398 |
++struct iscsi_np { |
7399 |
++ int np_network_transport; |
7400 |
++ int np_ip_proto; |
7401 |
++ int np_sock_type; |
7402 |
++ enum np_thread_state_table np_thread_state; |
7403 |
++ bool enabled; |
7404 |
++ enum iscsi_timer_flags_table np_login_timer_flags; |
7405 |
++ u32 np_exports; |
7406 |
++ enum np_flags_table np_flags; |
7407 |
++ u16 np_port; |
7408 |
++ spinlock_t np_thread_lock; |
7409 |
++ struct completion np_restart_comp; |
7410 |
++ struct socket *np_socket; |
7411 |
++ struct __kernel_sockaddr_storage np_sockaddr; |
7412 |
++ struct task_struct *np_thread; |
7413 |
++ struct timer_list np_login_timer; |
7414 |
++ void *np_context; |
7415 |
++ struct iscsit_transport *np_transport; |
7416 |
++ struct list_head np_list; |
7417 |
++} ____cacheline_aligned; |
7418 |
++ |
7419 |
++struct iscsi_tpg_np { |
7420 |
++ struct iscsi_np *tpg_np; |
7421 |
++ struct iscsi_portal_group *tpg; |
7422 |
++ struct iscsi_tpg_np *tpg_np_parent; |
7423 |
++ struct list_head tpg_np_list; |
7424 |
++ struct list_head tpg_np_child_list; |
7425 |
++ struct list_head tpg_np_parent_list; |
7426 |
++ struct se_tpg_np se_tpg_np; |
7427 |
++ spinlock_t tpg_np_parent_lock; |
7428 |
++ struct completion tpg_np_comp; |
7429 |
++ struct kref tpg_np_kref; |
7430 |
++}; |
7431 |
++ |
7432 |
++struct iscsi_portal_group { |
7433 |
++ unsigned char tpg_chap_id; |
7434 |
++ /* TPG State */ |
7435 |
++ enum tpg_state_table tpg_state; |
7436 |
++ /* Target Portal Group Tag */ |
7437 |
++ u16 tpgt; |
7438 |
++ /* Id assigned to target sessions */ |
7439 |
++ u16 ntsih; |
7440 |
++ /* Number of active sessions */ |
7441 |
++ u32 nsessions; |
7442 |
++ /* Number of Network Portals available for this TPG */ |
7443 |
++ u32 num_tpg_nps; |
7444 |
++ /* Per TPG LIO specific session ID. */ |
7445 |
++ u32 sid; |
7446 |
++ /* Spinlock for adding/removing Network Portals */ |
7447 |
++ spinlock_t tpg_np_lock; |
7448 |
++ spinlock_t tpg_state_lock; |
7449 |
++ struct se_portal_group tpg_se_tpg; |
7450 |
++ struct mutex tpg_access_lock; |
7451 |
++ struct semaphore np_login_sem; |
7452 |
++ struct iscsi_tpg_attrib tpg_attrib; |
7453 |
++ struct iscsi_node_auth tpg_demo_auth; |
7454 |
++ /* Pointer to default list of iSCSI parameters for TPG */ |
7455 |
++ struct iscsi_param_list *param_list; |
7456 |
++ struct iscsi_tiqn *tpg_tiqn; |
7457 |
++ struct list_head tpg_gnp_list; |
7458 |
++ struct list_head tpg_list; |
7459 |
++} ____cacheline_aligned; |
7460 |
++ |
7461 |
++struct iscsi_wwn_stat_grps { |
7462 |
++ struct config_group iscsi_stat_group; |
7463 |
++ struct config_group iscsi_instance_group; |
7464 |
++ struct config_group iscsi_sess_err_group; |
7465 |
++ struct config_group iscsi_tgt_attr_group; |
7466 |
++ struct config_group iscsi_login_stats_group; |
7467 |
++ struct config_group iscsi_logout_stats_group; |
7468 |
++}; |
7469 |
++ |
7470 |
++struct iscsi_tiqn { |
7471 |
++#define ISCSI_IQN_LEN 224 |
7472 |
++ unsigned char tiqn[ISCSI_IQN_LEN]; |
7473 |
++ enum tiqn_state_table tiqn_state; |
7474 |
++ int tiqn_access_count; |
7475 |
++ u32 tiqn_active_tpgs; |
7476 |
++ u32 tiqn_ntpgs; |
7477 |
++ u32 tiqn_num_tpg_nps; |
7478 |
++ u32 tiqn_nsessions; |
7479 |
++ struct list_head tiqn_list; |
7480 |
++ struct list_head tiqn_tpg_list; |
7481 |
++ spinlock_t tiqn_state_lock; |
7482 |
++ spinlock_t tiqn_tpg_lock; |
7483 |
++ struct se_wwn tiqn_wwn; |
7484 |
++ struct iscsi_wwn_stat_grps tiqn_stat_grps; |
7485 |
++ int tiqn_index; |
7486 |
++ struct iscsi_sess_err_stats sess_err_stats; |
7487 |
++ struct iscsi_login_stats login_stats; |
7488 |
++ struct iscsi_logout_stats logout_stats; |
7489 |
++} ____cacheline_aligned; |
7490 |
++ |
7491 |
++struct iscsit_global { |
7492 |
++ /* In core shutdown */ |
7493 |
++ u32 in_shutdown; |
7494 |
++ u32 active_ts; |
7495 |
++ /* Unique identifier used for the authentication daemon */ |
7496 |
++ u32 auth_id; |
7497 |
++ u32 inactive_ts; |
7498 |
++#define ISCSIT_BITMAP_BITS 262144 |
7499 |
++ /* Thread Set bitmap pointer */ |
7500 |
++ unsigned long *ts_bitmap; |
7501 |
++ spinlock_t ts_bitmap_lock; |
7502 |
++ /* Used for iSCSI discovery session authentication */ |
7503 |
++ struct iscsi_node_acl discovery_acl; |
7504 |
++ struct iscsi_portal_group *discovery_tpg; |
7505 |
++}; |
7506 |
++ |
7507 |
++static inline u32 session_get_next_ttt(struct iscsi_session *session) |
7508 |
++{ |
7509 |
++ u32 ttt; |
7510 |
++ |
7511 |
++ spin_lock_bh(&session->ttt_lock); |
7512 |
++ ttt = session->targ_xfer_tag++; |
7513 |
++ if (ttt == 0xFFFFFFFF) |
7514 |
++ ttt = session->targ_xfer_tag++; |
7515 |
++ spin_unlock_bh(&session->ttt_lock); |
7516 |
++ |
7517 |
++ return ttt; |
7518 |
++} |
7519 |
++ |
7520 |
++extern struct iscsi_cmd *iscsit_find_cmd_from_itt(struct iscsi_conn *, itt_t); |
7521 |
++#endif /* ISCSI_TARGET_CORE_H */ |
7522 |
+diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h |
7523 |
+index 0bdb77e16875..fe017d125839 100644 |
7524 |
+--- a/include/uapi/linux/if_link.h |
7525 |
++++ b/include/uapi/linux/if_link.h |
7526 |
+@@ -436,6 +436,9 @@ enum { |
7527 |
+ IFLA_VF_SPOOFCHK, /* Spoof Checking on/off switch */ |
7528 |
+ IFLA_VF_LINK_STATE, /* link state enable/disable/auto switch */ |
7529 |
+ IFLA_VF_RATE, /* Min and Max TX Bandwidth Allocation */ |
7530 |
++ IFLA_VF_RSS_QUERY_EN, /* RSS Redirection Table and Hash Key query |
7531 |
++ * on/off switch |
7532 |
++ */ |
7533 |
+ __IFLA_VF_MAX, |
7534 |
+ }; |
7535 |
+ |
7536 |
+@@ -480,6 +483,11 @@ struct ifla_vf_link_state { |
7537 |
+ __u32 link_state; |
7538 |
+ }; |
7539 |
+ |
7540 |
++struct ifla_vf_rss_query_en { |
7541 |
++ __u32 vf; |
7542 |
++ __u32 setting; |
7543 |
++}; |
7544 |
++ |
7545 |
+ /* VF ports management section |
7546 |
+ * |
7547 |
+ * Nested layout of set/get msg is: |
7548 |
+diff --git a/include/xen/interface/sched.h b/include/xen/interface/sched.h |
7549 |
+index 9ce083960a25..f18490985fc8 100644 |
7550 |
+--- a/include/xen/interface/sched.h |
7551 |
++++ b/include/xen/interface/sched.h |
7552 |
+@@ -107,5 +107,13 @@ struct sched_watchdog { |
7553 |
+ #define SHUTDOWN_suspend 2 /* Clean up, save suspend info, kill. */ |
7554 |
+ #define SHUTDOWN_crash 3 /* Tell controller we've crashed. */ |
7555 |
+ #define SHUTDOWN_watchdog 4 /* Restart because watchdog time expired. */ |
7556 |
++/* |
7557 |
++ * Domain asked to perform 'soft reset' for it. The expected behavior is to |
7558 |
++ * reset internal Xen state for the domain returning it to the point where it |
7559 |
++ * was created but leaving the domain's memory contents and vCPU contexts |
7560 |
++ * intact. This will allow the domain to start over and set up all Xen specific |
7561 |
++ * interfaces again. |
7562 |
++ */ |
7563 |
++#define SHUTDOWN_soft_reset 5 |
7564 |
+ |
7565 |
+ #endif /* __XEN_PUBLIC_SCHED_H__ */ |
7566 |
+diff --git a/ipc/msg.c b/ipc/msg.c |
7567 |
+index c5d8e3749985..cfc8b388332d 100644 |
7568 |
+--- a/ipc/msg.c |
7569 |
++++ b/ipc/msg.c |
7570 |
+@@ -137,13 +137,6 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params) |
7571 |
+ return retval; |
7572 |
+ } |
7573 |
+ |
7574 |
+- /* ipc_addid() locks msq upon success. */ |
7575 |
+- id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni); |
7576 |
+- if (id < 0) { |
7577 |
+- ipc_rcu_putref(msq, msg_rcu_free); |
7578 |
+- return id; |
7579 |
+- } |
7580 |
+- |
7581 |
+ msq->q_stime = msq->q_rtime = 0; |
7582 |
+ msq->q_ctime = get_seconds(); |
7583 |
+ msq->q_cbytes = msq->q_qnum = 0; |
7584 |
+@@ -153,6 +146,13 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params) |
7585 |
+ INIT_LIST_HEAD(&msq->q_receivers); |
7586 |
+ INIT_LIST_HEAD(&msq->q_senders); |
7587 |
+ |
7588 |
++ /* ipc_addid() locks msq upon success. */ |
7589 |
++ id = ipc_addid(&msg_ids(ns), &msq->q_perm, ns->msg_ctlmni); |
7590 |
++ if (id < 0) { |
7591 |
++ ipc_rcu_putref(msq, msg_rcu_free); |
7592 |
++ return id; |
7593 |
++ } |
7594 |
++ |
7595 |
+ ipc_unlock_object(&msq->q_perm); |
7596 |
+ rcu_read_unlock(); |
7597 |
+ |
7598 |
+diff --git a/ipc/shm.c b/ipc/shm.c |
7599 |
+index 01454796ba3c..2511771a9a07 100644 |
7600 |
+--- a/ipc/shm.c |
7601 |
++++ b/ipc/shm.c |
7602 |
+@@ -549,12 +549,6 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) |
7603 |
+ if (IS_ERR(file)) |
7604 |
+ goto no_file; |
7605 |
+ |
7606 |
+- id = ipc_addid(&shm_ids(ns), &shp->shm_perm, ns->shm_ctlmni); |
7607 |
+- if (id < 0) { |
7608 |
+- error = id; |
7609 |
+- goto no_id; |
7610 |
+- } |
7611 |
+- |
7612 |
+ shp->shm_cprid = task_tgid_vnr(current); |
7613 |
+ shp->shm_lprid = 0; |
7614 |
+ shp->shm_atim = shp->shm_dtim = 0; |
7615 |
+@@ -563,6 +557,13 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params) |
7616 |
+ shp->shm_nattch = 0; |
7617 |
+ shp->shm_file = file; |
7618 |
+ shp->shm_creator = current; |
7619 |
++ |
7620 |
++ id = ipc_addid(&shm_ids(ns), &shp->shm_perm, ns->shm_ctlmni); |
7621 |
++ if (id < 0) { |
7622 |
++ error = id; |
7623 |
++ goto no_id; |
7624 |
++ } |
7625 |
++ |
7626 |
+ list_add(&shp->shm_clist, ¤t->sysvshm.shm_clist); |
7627 |
+ |
7628 |
+ /* |
7629 |
+diff --git a/ipc/util.c b/ipc/util.c |
7630 |
+index 88adc329888c..bc72cbf929da 100644 |
7631 |
+--- a/ipc/util.c |
7632 |
++++ b/ipc/util.c |
7633 |
+@@ -277,6 +277,10 @@ int ipc_addid(struct ipc_ids *ids, struct kern_ipc_perm *new, int size) |
7634 |
+ rcu_read_lock(); |
7635 |
+ spin_lock(&new->lock); |
7636 |
+ |
7637 |
++ current_euid_egid(&euid, &egid); |
7638 |
++ new->cuid = new->uid = euid; |
7639 |
++ new->gid = new->cgid = egid; |
7640 |
++ |
7641 |
+ id = idr_alloc(&ids->ipcs_idr, new, |
7642 |
+ (next_id < 0) ? 0 : ipcid_to_idx(next_id), 0, |
7643 |
+ GFP_NOWAIT); |
7644 |
+@@ -289,10 +293,6 @@ int ipc_addid(struct ipc_ids *ids, struct kern_ipc_perm *new, int size) |
7645 |
+ |
7646 |
+ ids->in_use++; |
7647 |
+ |
7648 |
+- current_euid_egid(&euid, &egid); |
7649 |
+- new->cuid = new->uid = euid; |
7650 |
+- new->gid = new->cgid = egid; |
7651 |
+- |
7652 |
+ if (next_id < 0) { |
7653 |
+ new->seq = ids->seq++; |
7654 |
+ if (ids->seq > IPCID_SEQ_MAX) |
7655 |
+diff --git a/kernel/fork.c b/kernel/fork.c |
7656 |
+index 9b7d746d6d62..0a4f601e35ab 100644 |
7657 |
+--- a/kernel/fork.c |
7658 |
++++ b/kernel/fork.c |
7659 |
+@@ -1800,13 +1800,21 @@ static int check_unshare_flags(unsigned long unshare_flags) |
7660 |
+ CLONE_NEWUSER|CLONE_NEWPID)) |
7661 |
+ return -EINVAL; |
7662 |
+ /* |
7663 |
+- * Not implemented, but pretend it works if there is nothing to |
7664 |
+- * unshare. Note that unsharing CLONE_THREAD or CLONE_SIGHAND |
7665 |
+- * needs to unshare vm. |
7666 |
++ * Not implemented, but pretend it works if there is nothing |
7667 |
++ * to unshare. Note that unsharing the address space or the |
7668 |
++ * signal handlers also need to unshare the signal queues (aka |
7669 |
++ * CLONE_THREAD). |
7670 |
+ */ |
7671 |
+ if (unshare_flags & (CLONE_THREAD | CLONE_SIGHAND | CLONE_VM)) { |
7672 |
+- /* FIXME: get_task_mm() increments ->mm_users */ |
7673 |
+- if (atomic_read(¤t->mm->mm_users) > 1) |
7674 |
++ if (!thread_group_empty(current)) |
7675 |
++ return -EINVAL; |
7676 |
++ } |
7677 |
++ if (unshare_flags & (CLONE_SIGHAND | CLONE_VM)) { |
7678 |
++ if (atomic_read(¤t->sighand->count) > 1) |
7679 |
++ return -EINVAL; |
7680 |
++ } |
7681 |
++ if (unshare_flags & CLONE_VM) { |
7682 |
++ if (!current_is_single_threaded()) |
7683 |
+ return -EINVAL; |
7684 |
+ } |
7685 |
+ |
7686 |
+@@ -1875,16 +1883,16 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) |
7687 |
+ if (unshare_flags & CLONE_NEWUSER) |
7688 |
+ unshare_flags |= CLONE_THREAD | CLONE_FS; |
7689 |
+ /* |
7690 |
+- * If unsharing a thread from a thread group, must also unshare vm. |
7691 |
+- */ |
7692 |
+- if (unshare_flags & CLONE_THREAD) |
7693 |
+- unshare_flags |= CLONE_VM; |
7694 |
+- /* |
7695 |
+ * If unsharing vm, must also unshare signal handlers. |
7696 |
+ */ |
7697 |
+ if (unshare_flags & CLONE_VM) |
7698 |
+ unshare_flags |= CLONE_SIGHAND; |
7699 |
+ /* |
7700 |
++ * If unsharing a signal handlers, must also unshare the signal queues. |
7701 |
++ */ |
7702 |
++ if (unshare_flags & CLONE_SIGHAND) |
7703 |
++ unshare_flags |= CLONE_THREAD; |
7704 |
++ /* |
7705 |
+ * If unsharing namespace, must also unshare filesystem information. |
7706 |
+ */ |
7707 |
+ if (unshare_flags & CLONE_NEWNS) |
7708 |
+diff --git a/kernel/irq/proc.c b/kernel/irq/proc.c |
7709 |
+index 9dc9bfd8a678..9791f93dd5f2 100644 |
7710 |
+--- a/kernel/irq/proc.c |
7711 |
++++ b/kernel/irq/proc.c |
7712 |
+@@ -12,6 +12,7 @@ |
7713 |
+ #include <linux/seq_file.h> |
7714 |
+ #include <linux/interrupt.h> |
7715 |
+ #include <linux/kernel_stat.h> |
7716 |
++#include <linux/mutex.h> |
7717 |
+ |
7718 |
+ #include "internals.h" |
7719 |
+ |
7720 |
+@@ -326,18 +327,29 @@ void register_handler_proc(unsigned int irq, struct irqaction *action) |
7721 |
+ |
7722 |
+ void register_irq_proc(unsigned int irq, struct irq_desc *desc) |
7723 |
+ { |
7724 |
++ static DEFINE_MUTEX(register_lock); |
7725 |
+ char name [MAX_NAMELEN]; |
7726 |
+ |
7727 |
+- if (!root_irq_dir || (desc->irq_data.chip == &no_irq_chip) || desc->dir) |
7728 |
++ if (!root_irq_dir || (desc->irq_data.chip == &no_irq_chip)) |
7729 |
+ return; |
7730 |
+ |
7731 |
++ /* |
7732 |
++ * irq directories are registered only when a handler is |
7733 |
++ * added, not when the descriptor is created, so multiple |
7734 |
++ * tasks might try to register at the same time. |
7735 |
++ */ |
7736 |
++ mutex_lock(®ister_lock); |
7737 |
++ |
7738 |
++ if (desc->dir) |
7739 |
++ goto out_unlock; |
7740 |
++ |
7741 |
+ memset(name, 0, MAX_NAMELEN); |
7742 |
+ sprintf(name, "%d", irq); |
7743 |
+ |
7744 |
+ /* create /proc/irq/1234 */ |
7745 |
+ desc->dir = proc_mkdir(name, root_irq_dir); |
7746 |
+ if (!desc->dir) |
7747 |
+- return; |
7748 |
++ goto out_unlock; |
7749 |
+ |
7750 |
+ #ifdef CONFIG_SMP |
7751 |
+ /* create /proc/irq/<irq>/smp_affinity */ |
7752 |
+@@ -358,6 +370,9 @@ void register_irq_proc(unsigned int irq, struct irq_desc *desc) |
7753 |
+ |
7754 |
+ proc_create_data("spurious", 0444, desc->dir, |
7755 |
+ &irq_spurious_proc_fops, (void *)(long)irq); |
7756 |
++ |
7757 |
++out_unlock: |
7758 |
++ mutex_unlock(®ister_lock); |
7759 |
+ } |
7760 |
+ |
7761 |
+ void unregister_irq_proc(unsigned int irq, struct irq_desc *desc) |
7762 |
+diff --git a/kernel/sched/core.c b/kernel/sched/core.c |
7763 |
+index 6810e572eda5..a882dd91722d 100644 |
7764 |
+--- a/kernel/sched/core.c |
7765 |
++++ b/kernel/sched/core.c |
7766 |
+@@ -2256,11 +2256,11 @@ static void finish_task_switch(struct rq *rq, struct task_struct *prev) |
7767 |
+ * If a task dies, then it sets TASK_DEAD in tsk->state and calls |
7768 |
+ * schedule one last time. The schedule call will never return, and |
7769 |
+ * the scheduled task must drop that reference. |
7770 |
+- * The test for TASK_DEAD must occur while the runqueue locks are |
7771 |
+- * still held, otherwise prev could be scheduled on another cpu, die |
7772 |
+- * there before we look at prev->state, and then the reference would |
7773 |
+- * be dropped twice. |
7774 |
+- * Manfred Spraul <manfred@××××××××××××.com> |
7775 |
++ * |
7776 |
++ * We must observe prev->state before clearing prev->on_cpu (in |
7777 |
++ * finish_lock_switch), otherwise a concurrent wakeup can get prev |
7778 |
++ * running on another CPU and we could rave with its RUNNING -> DEAD |
7779 |
++ * transition, resulting in a double drop. |
7780 |
+ */ |
7781 |
+ prev_state = prev->state; |
7782 |
+ vtime_task_switch(prev); |
7783 |
+@@ -2404,13 +2404,20 @@ unsigned long nr_running(void) |
7784 |
+ |
7785 |
+ /* |
7786 |
+ * Check if only the current task is running on the cpu. |
7787 |
++ * |
7788 |
++ * Caution: this function does not check that the caller has disabled |
7789 |
++ * preemption, thus the result might have a time-of-check-to-time-of-use |
7790 |
++ * race. The caller is responsible to use it correctly, for example: |
7791 |
++ * |
7792 |
++ * - from a non-preemptable section (of course) |
7793 |
++ * |
7794 |
++ * - from a thread that is bound to a single CPU |
7795 |
++ * |
7796 |
++ * - in a loop with very short iterations (e.g. a polling loop) |
7797 |
+ */ |
7798 |
+ bool single_task_running(void) |
7799 |
+ { |
7800 |
+- if (cpu_rq(smp_processor_id())->nr_running == 1) |
7801 |
+- return true; |
7802 |
+- else |
7803 |
+- return false; |
7804 |
++ return raw_rq()->nr_running == 1; |
7805 |
+ } |
7806 |
+ EXPORT_SYMBOL(single_task_running); |
7807 |
+ |
7808 |
+diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c |
7809 |
+index 2246a36050f9..07a75c150eeb 100644 |
7810 |
+--- a/kernel/sched/fair.c |
7811 |
++++ b/kernel/sched/fair.c |
7812 |
+@@ -4844,18 +4844,21 @@ again: |
7813 |
+ * entity, update_curr() will update its vruntime, otherwise |
7814 |
+ * forget we've ever seen it. |
7815 |
+ */ |
7816 |
+- if (curr && curr->on_rq) |
7817 |
+- update_curr(cfs_rq); |
7818 |
+- else |
7819 |
+- curr = NULL; |
7820 |
++ if (curr) { |
7821 |
++ if (curr->on_rq) |
7822 |
++ update_curr(cfs_rq); |
7823 |
++ else |
7824 |
++ curr = NULL; |
7825 |
+ |
7826 |
+- /* |
7827 |
+- * This call to check_cfs_rq_runtime() will do the throttle and |
7828 |
+- * dequeue its entity in the parent(s). Therefore the 'simple' |
7829 |
+- * nr_running test will indeed be correct. |
7830 |
+- */ |
7831 |
+- if (unlikely(check_cfs_rq_runtime(cfs_rq))) |
7832 |
+- goto simple; |
7833 |
++ /* |
7834 |
++ * This call to check_cfs_rq_runtime() will do the |
7835 |
++ * throttle and dequeue its entity in the parent(s). |
7836 |
++ * Therefore the 'simple' nr_running test will indeed |
7837 |
++ * be correct. |
7838 |
++ */ |
7839 |
++ if (unlikely(check_cfs_rq_runtime(cfs_rq))) |
7840 |
++ goto simple; |
7841 |
++ } |
7842 |
+ |
7843 |
+ se = pick_next_entity(cfs_rq, curr); |
7844 |
+ cfs_rq = group_cfs_rq(se); |
7845 |
+diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h |
7846 |
+index 2df8ef067cc5..f698089e10ca 100644 |
7847 |
+--- a/kernel/sched/sched.h |
7848 |
++++ b/kernel/sched/sched.h |
7849 |
+@@ -994,9 +994,10 @@ static inline void finish_lock_switch(struct rq *rq, struct task_struct *prev) |
7850 |
+ * After ->on_cpu is cleared, the task can be moved to a different CPU. |
7851 |
+ * We must ensure this doesn't happen until the switch is completely |
7852 |
+ * finished. |
7853 |
++ * |
7854 |
++ * Pairs with the control dependency and rmb in try_to_wake_up(). |
7855 |
+ */ |
7856 |
+- smp_wmb(); |
7857 |
+- prev->on_cpu = 0; |
7858 |
++ smp_store_release(&prev->on_cpu, 0); |
7859 |
+ #endif |
7860 |
+ #ifdef CONFIG_DEBUG_SPINLOCK |
7861 |
+ /* this is a valid case when another task releases the spinlock */ |
7862 |
+diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c |
7863 |
+index ec1791fae965..a4038c57e25d 100644 |
7864 |
+--- a/kernel/time/timekeeping.c |
7865 |
++++ b/kernel/time/timekeeping.c |
7866 |
+@@ -1369,7 +1369,7 @@ static __always_inline void timekeeping_freqadjust(struct timekeeper *tk, |
7867 |
+ negative = (tick_error < 0); |
7868 |
+ |
7869 |
+ /* Sort out the magnitude of the correction */ |
7870 |
+- tick_error = abs(tick_error); |
7871 |
++ tick_error = abs64(tick_error); |
7872 |
+ for (adj = 0; tick_error > interval; adj++) |
7873 |
+ tick_error >>= 1; |
7874 |
+ |
7875 |
+diff --git a/mm/hugetlb.c b/mm/hugetlb.c |
7876 |
+index a1d4dfa62023..77c8d03b4278 100644 |
7877 |
+--- a/mm/hugetlb.c |
7878 |
++++ b/mm/hugetlb.c |
7879 |
+@@ -2806,6 +2806,14 @@ static void unmap_ref_private(struct mm_struct *mm, struct vm_area_struct *vma, |
7880 |
+ continue; |
7881 |
+ |
7882 |
+ /* |
7883 |
++ * Shared VMAs have their own reserves and do not affect |
7884 |
++ * MAP_PRIVATE accounting but it is possible that a shared |
7885 |
++ * VMA is using the same page so check and skip such VMAs. |
7886 |
++ */ |
7887 |
++ if (iter_vma->vm_flags & VM_MAYSHARE) |
7888 |
++ continue; |
7889 |
++ |
7890 |
++ /* |
7891 |
+ * Unmap the page from other VMAs without their own reserves. |
7892 |
+ * They get marked to be SIGKILLed if they fault in these |
7893 |
+ * areas. This is because a future no-page fault on this VMA |
7894 |
+diff --git a/mm/slab.c b/mm/slab.c |
7895 |
+index f34e053ec46e..b7f9f6456a61 100644 |
7896 |
+--- a/mm/slab.c |
7897 |
++++ b/mm/slab.c |
7898 |
+@@ -2175,9 +2175,16 @@ __kmem_cache_create (struct kmem_cache *cachep, unsigned long flags) |
7899 |
+ size += BYTES_PER_WORD; |
7900 |
+ } |
7901 |
+ #if FORCED_DEBUG && defined(CONFIG_DEBUG_PAGEALLOC) |
7902 |
+- if (size >= kmalloc_size(INDEX_NODE + 1) |
7903 |
+- && cachep->object_size > cache_line_size() |
7904 |
+- && ALIGN(size, cachep->align) < PAGE_SIZE) { |
7905 |
++ /* |
7906 |
++ * To activate debug pagealloc, off-slab management is necessary |
7907 |
++ * requirement. In early phase of initialization, small sized slab |
7908 |
++ * doesn't get initialized so it would not be possible. So, we need |
7909 |
++ * to check size >= 256. It guarantees that all necessary small |
7910 |
++ * sized slab is initialized in current slab initialization sequence. |
7911 |
++ */ |
7912 |
++ if (!slab_early_init && size >= kmalloc_size(INDEX_NODE) && |
7913 |
++ size >= 256 && cachep->object_size > cache_line_size() && |
7914 |
++ ALIGN(size, cachep->align) < PAGE_SIZE) { |
7915 |
+ cachep->obj_offset += PAGE_SIZE - ALIGN(size, cachep->align); |
7916 |
+ size = PAGE_SIZE; |
7917 |
+ } |
7918 |
+diff --git a/mm/vmscan.c b/mm/vmscan.c |
7919 |
+index e321fe20b979..d48b28219edf 100644 |
7920 |
+--- a/mm/vmscan.c |
7921 |
++++ b/mm/vmscan.c |
7922 |
+@@ -1111,7 +1111,7 @@ cull_mlocked: |
7923 |
+ if (PageSwapCache(page)) |
7924 |
+ try_to_free_swap(page); |
7925 |
+ unlock_page(page); |
7926 |
+- putback_lru_page(page); |
7927 |
++ list_add(&page->lru, &ret_pages); |
7928 |
+ continue; |
7929 |
+ |
7930 |
+ activate_locked: |
7931 |
+diff --git a/net/batman-adv/distributed-arp-table.c b/net/batman-adv/distributed-arp-table.c |
7932 |
+index b5981113c9a7..4bbd72e90756 100644 |
7933 |
+--- a/net/batman-adv/distributed-arp-table.c |
7934 |
++++ b/net/batman-adv/distributed-arp-table.c |
7935 |
+@@ -15,6 +15,7 @@ |
7936 |
+ * along with this program; if not, see <http://www.gnu.org/licenses/>. |
7937 |
+ */ |
7938 |
+ |
7939 |
++#include <linux/bitops.h> |
7940 |
+ #include <linux/if_ether.h> |
7941 |
+ #include <linux/if_arp.h> |
7942 |
+ #include <linux/if_vlan.h> |
7943 |
+@@ -422,7 +423,7 @@ static bool batadv_is_orig_node_eligible(struct batadv_dat_candidate *res, |
7944 |
+ int j; |
7945 |
+ |
7946 |
+ /* check if orig node candidate is running DAT */ |
7947 |
+- if (!(candidate->capabilities & BATADV_ORIG_CAPA_HAS_DAT)) |
7948 |
++ if (!test_bit(BATADV_ORIG_CAPA_HAS_DAT, &candidate->capabilities)) |
7949 |
+ goto out; |
7950 |
+ |
7951 |
+ /* Check if this node has already been selected... */ |
7952 |
+@@ -682,9 +683,9 @@ static void batadv_dat_tvlv_ogm_handler_v1(struct batadv_priv *bat_priv, |
7953 |
+ uint16_t tvlv_value_len) |
7954 |
+ { |
7955 |
+ if (flags & BATADV_TVLV_HANDLER_OGM_CIFNOTFND) |
7956 |
+- orig->capabilities &= ~BATADV_ORIG_CAPA_HAS_DAT; |
7957 |
++ clear_bit(BATADV_ORIG_CAPA_HAS_DAT, &orig->capabilities); |
7958 |
+ else |
7959 |
+- orig->capabilities |= BATADV_ORIG_CAPA_HAS_DAT; |
7960 |
++ set_bit(BATADV_ORIG_CAPA_HAS_DAT, &orig->capabilities); |
7961 |
+ } |
7962 |
+ |
7963 |
+ /** |
7964 |
+diff --git a/net/batman-adv/network-coding.c b/net/batman-adv/network-coding.c |
7965 |
+index 8d04d174669e..65d19690d8ae 100644 |
7966 |
+--- a/net/batman-adv/network-coding.c |
7967 |
++++ b/net/batman-adv/network-coding.c |
7968 |
+@@ -15,6 +15,7 @@ |
7969 |
+ * along with this program; if not, see <http://www.gnu.org/licenses/>. |
7970 |
+ */ |
7971 |
+ |
7972 |
++#include <linux/bitops.h> |
7973 |
+ #include <linux/debugfs.h> |
7974 |
+ |
7975 |
+ #include "main.h" |
7976 |
+@@ -105,9 +106,9 @@ static void batadv_nc_tvlv_ogm_handler_v1(struct batadv_priv *bat_priv, |
7977 |
+ uint16_t tvlv_value_len) |
7978 |
+ { |
7979 |
+ if (flags & BATADV_TVLV_HANDLER_OGM_CIFNOTFND) |
7980 |
+- orig->capabilities &= ~BATADV_ORIG_CAPA_HAS_NC; |
7981 |
++ clear_bit(BATADV_ORIG_CAPA_HAS_NC, &orig->capabilities); |
7982 |
+ else |
7983 |
+- orig->capabilities |= BATADV_ORIG_CAPA_HAS_NC; |
7984 |
++ set_bit(BATADV_ORIG_CAPA_HAS_NC, &orig->capabilities); |
7985 |
+ } |
7986 |
+ |
7987 |
+ /** |
7988 |
+@@ -871,7 +872,7 @@ void batadv_nc_update_nc_node(struct batadv_priv *bat_priv, |
7989 |
+ goto out; |
7990 |
+ |
7991 |
+ /* check if orig node is network coding enabled */ |
7992 |
+- if (!(orig_node->capabilities & BATADV_ORIG_CAPA_HAS_NC)) |
7993 |
++ if (!test_bit(BATADV_ORIG_CAPA_HAS_NC, &orig_node->capabilities)) |
7994 |
+ goto out; |
7995 |
+ |
7996 |
+ /* accept ogms from 'good' neighbors and single hop neighbors */ |
7997 |
+diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c |
7998 |
+index 5467955eb27c..492b0593dc2f 100644 |
7999 |
+--- a/net/batman-adv/soft-interface.c |
8000 |
++++ b/net/batman-adv/soft-interface.c |
8001 |
+@@ -173,6 +173,7 @@ static int batadv_interface_tx(struct sk_buff *skb, |
8002 |
+ int gw_mode; |
8003 |
+ enum batadv_forw_mode forw_mode; |
8004 |
+ struct batadv_orig_node *mcast_single_orig = NULL; |
8005 |
++ int network_offset = ETH_HLEN; |
8006 |
+ |
8007 |
+ if (atomic_read(&bat_priv->mesh_state) != BATADV_MESH_ACTIVE) |
8008 |
+ goto dropped; |
8009 |
+@@ -185,14 +186,18 @@ static int batadv_interface_tx(struct sk_buff *skb, |
8010 |
+ case ETH_P_8021Q: |
8011 |
+ vhdr = vlan_eth_hdr(skb); |
8012 |
+ |
8013 |
+- if (vhdr->h_vlan_encapsulated_proto != ethertype) |
8014 |
++ if (vhdr->h_vlan_encapsulated_proto != ethertype) { |
8015 |
++ network_offset += VLAN_HLEN; |
8016 |
+ break; |
8017 |
++ } |
8018 |
+ |
8019 |
+ /* fall through */ |
8020 |
+ case ETH_P_BATMAN: |
8021 |
+ goto dropped; |
8022 |
+ } |
8023 |
+ |
8024 |
++ skb_set_network_header(skb, network_offset); |
8025 |
++ |
8026 |
+ if (batadv_bla_tx(bat_priv, skb, vid)) |
8027 |
+ goto dropped; |
8028 |
+ |
8029 |
+diff --git a/net/batman-adv/translation-table.c b/net/batman-adv/translation-table.c |
8030 |
+index 5f59e7f899a0..58ad6ba429b3 100644 |
8031 |
+--- a/net/batman-adv/translation-table.c |
8032 |
++++ b/net/batman-adv/translation-table.c |
8033 |
+@@ -15,6 +15,7 @@ |
8034 |
+ * along with this program; if not, see <http://www.gnu.org/licenses/>. |
8035 |
+ */ |
8036 |
+ |
8037 |
++#include <linux/bitops.h> |
8038 |
+ #include "main.h" |
8039 |
+ #include "translation-table.h" |
8040 |
+ #include "soft-interface.h" |
8041 |
+@@ -1015,6 +1016,7 @@ uint16_t batadv_tt_local_remove(struct batadv_priv *bat_priv, |
8042 |
+ struct batadv_tt_local_entry *tt_local_entry; |
8043 |
+ uint16_t flags, curr_flags = BATADV_NO_FLAGS; |
8044 |
+ struct batadv_softif_vlan *vlan; |
8045 |
++ void *tt_entry_exists; |
8046 |
+ |
8047 |
+ tt_local_entry = batadv_tt_local_hash_find(bat_priv, addr, vid); |
8048 |
+ if (!tt_local_entry) |
8049 |
+@@ -1042,7 +1044,15 @@ uint16_t batadv_tt_local_remove(struct batadv_priv *bat_priv, |
8050 |
+ * immediately purge it |
8051 |
+ */ |
8052 |
+ batadv_tt_local_event(bat_priv, tt_local_entry, BATADV_TT_CLIENT_DEL); |
8053 |
+- hlist_del_rcu(&tt_local_entry->common.hash_entry); |
8054 |
++ |
8055 |
++ tt_entry_exists = batadv_hash_remove(bat_priv->tt.local_hash, |
8056 |
++ batadv_compare_tt, |
8057 |
++ batadv_choose_tt, |
8058 |
++ &tt_local_entry->common); |
8059 |
++ if (!tt_entry_exists) |
8060 |
++ goto out; |
8061 |
++ |
8062 |
++ /* extra call to free the local tt entry */ |
8063 |
+ batadv_tt_local_entry_free_ref(tt_local_entry); |
8064 |
+ |
8065 |
+ /* decrease the reference held for this vlan */ |
8066 |
+@@ -1844,7 +1854,7 @@ void batadv_tt_global_del_orig(struct batadv_priv *bat_priv, |
8067 |
+ } |
8068 |
+ spin_unlock_bh(list_lock); |
8069 |
+ } |
8070 |
+- orig_node->capa_initialized &= ~BATADV_ORIG_CAPA_HAS_TT; |
8071 |
++ clear_bit(BATADV_ORIG_CAPA_HAS_TT, &orig_node->capa_initialized); |
8072 |
+ } |
8073 |
+ |
8074 |
+ static bool batadv_tt_global_to_purge(struct batadv_tt_global_entry *tt_global, |
8075 |
+@@ -2804,7 +2814,7 @@ static void _batadv_tt_update_changes(struct batadv_priv *bat_priv, |
8076 |
+ return; |
8077 |
+ } |
8078 |
+ } |
8079 |
+- orig_node->capa_initialized |= BATADV_ORIG_CAPA_HAS_TT; |
8080 |
++ set_bit(BATADV_ORIG_CAPA_HAS_TT, &orig_node->capa_initialized); |
8081 |
+ } |
8082 |
+ |
8083 |
+ static void batadv_tt_fill_gtable(struct batadv_priv *bat_priv, |
8084 |
+@@ -3304,7 +3314,8 @@ static void batadv_tt_update_orig(struct batadv_priv *bat_priv, |
8085 |
+ bool has_tt_init; |
8086 |
+ |
8087 |
+ tt_vlan = (struct batadv_tvlv_tt_vlan_data *)tt_buff; |
8088 |
+- has_tt_init = orig_node->capa_initialized & BATADV_ORIG_CAPA_HAS_TT; |
8089 |
++ has_tt_init = test_bit(BATADV_ORIG_CAPA_HAS_TT, |
8090 |
++ &orig_node->capa_initialized); |
8091 |
+ |
8092 |
+ /* orig table not initialised AND first diff is in the OGM OR the ttvn |
8093 |
+ * increased by one -> we can apply the attached changes |
8094 |
+diff --git a/net/batman-adv/types.h b/net/batman-adv/types.h |
8095 |
+index 8854c05622a9..fdf65b50e3ec 100644 |
8096 |
+--- a/net/batman-adv/types.h |
8097 |
++++ b/net/batman-adv/types.h |
8098 |
+@@ -258,8 +258,8 @@ struct batadv_orig_node { |
8099 |
+ struct hlist_node mcast_want_all_ipv4_node; |
8100 |
+ struct hlist_node mcast_want_all_ipv6_node; |
8101 |
+ #endif |
8102 |
+- uint8_t capabilities; |
8103 |
+- uint8_t capa_initialized; |
8104 |
++ unsigned long capabilities; |
8105 |
++ unsigned long capa_initialized; |
8106 |
+ atomic_t last_ttvn; |
8107 |
+ unsigned char *tt_buff; |
8108 |
+ int16_t tt_buff_len; |
8109 |
+@@ -298,9 +298,9 @@ struct batadv_orig_node { |
8110 |
+ * (= orig node announces a tvlv of type BATADV_TVLV_MCAST) |
8111 |
+ */ |
8112 |
+ enum batadv_orig_capabilities { |
8113 |
+- BATADV_ORIG_CAPA_HAS_DAT = BIT(0), |
8114 |
+- BATADV_ORIG_CAPA_HAS_NC = BIT(1), |
8115 |
+- BATADV_ORIG_CAPA_HAS_TT = BIT(2), |
8116 |
++ BATADV_ORIG_CAPA_HAS_DAT, |
8117 |
++ BATADV_ORIG_CAPA_HAS_NC, |
8118 |
++ BATADV_ORIG_CAPA_HAS_TT, |
8119 |
+ BATADV_ORIG_CAPA_HAS_MCAST = BIT(3), |
8120 |
+ }; |
8121 |
+ |
8122 |
+diff --git a/net/core/datagram.c b/net/core/datagram.c |
8123 |
+index 3a402a7b20e9..61e99f315ed9 100644 |
8124 |
+--- a/net/core/datagram.c |
8125 |
++++ b/net/core/datagram.c |
8126 |
+@@ -130,6 +130,35 @@ out_noerr: |
8127 |
+ goto out; |
8128 |
+ } |
8129 |
+ |
8130 |
++static int skb_set_peeked(struct sk_buff *skb) |
8131 |
++{ |
8132 |
++ struct sk_buff *nskb; |
8133 |
++ |
8134 |
++ if (skb->peeked) |
8135 |
++ return 0; |
8136 |
++ |
8137 |
++ /* We have to unshare an skb before modifying it. */ |
8138 |
++ if (!skb_shared(skb)) |
8139 |
++ goto done; |
8140 |
++ |
8141 |
++ nskb = skb_clone(skb, GFP_ATOMIC); |
8142 |
++ if (!nskb) |
8143 |
++ return -ENOMEM; |
8144 |
++ |
8145 |
++ skb->prev->next = nskb; |
8146 |
++ skb->next->prev = nskb; |
8147 |
++ nskb->prev = skb->prev; |
8148 |
++ nskb->next = skb->next; |
8149 |
++ |
8150 |
++ consume_skb(skb); |
8151 |
++ skb = nskb; |
8152 |
++ |
8153 |
++done: |
8154 |
++ skb->peeked = 1; |
8155 |
++ |
8156 |
++ return 0; |
8157 |
++} |
8158 |
++ |
8159 |
+ /** |
8160 |
+ * __skb_recv_datagram - Receive a datagram skbuff |
8161 |
+ * @sk: socket |
8162 |
+@@ -164,7 +193,9 @@ out_noerr: |
8163 |
+ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
8164 |
+ int *peeked, int *off, int *err) |
8165 |
+ { |
8166 |
++ struct sk_buff_head *queue = &sk->sk_receive_queue; |
8167 |
+ struct sk_buff *skb, *last; |
8168 |
++ unsigned long cpu_flags; |
8169 |
+ long timeo; |
8170 |
+ /* |
8171 |
+ * Caller is allowed not to check sk->sk_err before skb_recv_datagram() |
8172 |
+@@ -183,8 +214,6 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
8173 |
+ * Look at current nfs client by the way... |
8174 |
+ * However, this function was correct in any case. 8) |
8175 |
+ */ |
8176 |
+- unsigned long cpu_flags; |
8177 |
+- struct sk_buff_head *queue = &sk->sk_receive_queue; |
8178 |
+ int _off = *off; |
8179 |
+ |
8180 |
+ last = (struct sk_buff *)queue; |
8181 |
+@@ -198,7 +227,11 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
8182 |
+ _off -= skb->len; |
8183 |
+ continue; |
8184 |
+ } |
8185 |
+- skb->peeked = 1; |
8186 |
++ |
8187 |
++ error = skb_set_peeked(skb); |
8188 |
++ if (error) |
8189 |
++ goto unlock_err; |
8190 |
++ |
8191 |
+ atomic_inc(&skb->users); |
8192 |
+ } else |
8193 |
+ __skb_unlink(skb, queue); |
8194 |
+@@ -222,6 +255,8 @@ struct sk_buff *__skb_recv_datagram(struct sock *sk, unsigned int flags, |
8195 |
+ |
8196 |
+ return NULL; |
8197 |
+ |
8198 |
++unlock_err: |
8199 |
++ spin_unlock_irqrestore(&queue->lock, cpu_flags); |
8200 |
+ no_packet: |
8201 |
+ *err = error; |
8202 |
+ return NULL; |
8203 |
+diff --git a/net/core/fib_rules.c b/net/core/fib_rules.c |
8204 |
+index 185c341fafbd..99ae718b79be 100644 |
8205 |
+--- a/net/core/fib_rules.c |
8206 |
++++ b/net/core/fib_rules.c |
8207 |
+@@ -621,15 +621,17 @@ static int dump_rules(struct sk_buff *skb, struct netlink_callback *cb, |
8208 |
+ { |
8209 |
+ int idx = 0; |
8210 |
+ struct fib_rule *rule; |
8211 |
++ int err = 0; |
8212 |
+ |
8213 |
+ rcu_read_lock(); |
8214 |
+ list_for_each_entry_rcu(rule, &ops->rules_list, list) { |
8215 |
+ if (idx < cb->args[1]) |
8216 |
+ goto skip; |
8217 |
+ |
8218 |
+- if (fib_nl_fill_rule(skb, rule, NETLINK_CB(cb->skb).portid, |
8219 |
+- cb->nlh->nlmsg_seq, RTM_NEWRULE, |
8220 |
+- NLM_F_MULTI, ops) < 0) |
8221 |
++ err = fib_nl_fill_rule(skb, rule, NETLINK_CB(cb->skb).portid, |
8222 |
++ cb->nlh->nlmsg_seq, RTM_NEWRULE, |
8223 |
++ NLM_F_MULTI, ops); |
8224 |
++ if (err < 0) |
8225 |
+ break; |
8226 |
+ skip: |
8227 |
+ idx++; |
8228 |
+@@ -638,7 +640,7 @@ skip: |
8229 |
+ cb->args[1] = idx; |
8230 |
+ rules_ops_put(ops); |
8231 |
+ |
8232 |
+- return skb->len; |
8233 |
++ return err; |
8234 |
+ } |
8235 |
+ |
8236 |
+ static int fib_nl_dumprule(struct sk_buff *skb, struct netlink_callback *cb) |
8237 |
+@@ -654,7 +656,9 @@ static int fib_nl_dumprule(struct sk_buff *skb, struct netlink_callback *cb) |
8238 |
+ if (ops == NULL) |
8239 |
+ return -EAFNOSUPPORT; |
8240 |
+ |
8241 |
+- return dump_rules(skb, cb, ops); |
8242 |
++ dump_rules(skb, cb, ops); |
8243 |
++ |
8244 |
++ return skb->len; |
8245 |
+ } |
8246 |
+ |
8247 |
+ rcu_read_lock(); |
8248 |
+diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c |
8249 |
+index c522f7a00eab..c412db774603 100644 |
8250 |
+--- a/net/core/rtnetlink.c |
8251 |
++++ b/net/core/rtnetlink.c |
8252 |
+@@ -805,7 +805,8 @@ static inline int rtnl_vfinfo_size(const struct net_device *dev, |
8253 |
+ nla_total_size(sizeof(struct ifla_vf_vlan)) + |
8254 |
+ nla_total_size(sizeof(struct ifla_vf_spoofchk)) + |
8255 |
+ nla_total_size(sizeof(struct ifla_vf_rate)) + |
8256 |
+- nla_total_size(sizeof(struct ifla_vf_link_state))); |
8257 |
++ nla_total_size(sizeof(struct ifla_vf_link_state)) + |
8258 |
++ nla_total_size(sizeof(struct ifla_vf_rss_query_en))); |
8259 |
+ return size; |
8260 |
+ } else |
8261 |
+ return 0; |
8262 |
+@@ -1075,14 +1076,16 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, |
8263 |
+ struct ifla_vf_tx_rate vf_tx_rate; |
8264 |
+ struct ifla_vf_spoofchk vf_spoofchk; |
8265 |
+ struct ifla_vf_link_state vf_linkstate; |
8266 |
++ struct ifla_vf_rss_query_en vf_rss_query_en; |
8267 |
+ |
8268 |
+ /* |
8269 |
+ * Not all SR-IOV capable drivers support the |
8270 |
+- * spoofcheck query. Preset to -1 so the user |
8271 |
+- * space tool can detect that the driver didn't |
8272 |
+- * report anything. |
8273 |
++ * spoofcheck and "RSS query enable" query. Preset to |
8274 |
++ * -1 so the user space tool can detect that the driver |
8275 |
++ * didn't report anything. |
8276 |
+ */ |
8277 |
+ ivi.spoofchk = -1; |
8278 |
++ ivi.rss_query_en = -1; |
8279 |
+ memset(ivi.mac, 0, sizeof(ivi.mac)); |
8280 |
+ /* The default value for VF link state is "auto" |
8281 |
+ * IFLA_VF_LINK_STATE_AUTO which equals zero |
8282 |
+@@ -1095,7 +1098,8 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, |
8283 |
+ vf_rate.vf = |
8284 |
+ vf_tx_rate.vf = |
8285 |
+ vf_spoofchk.vf = |
8286 |
+- vf_linkstate.vf = ivi.vf; |
8287 |
++ vf_linkstate.vf = |
8288 |
++ vf_rss_query_en.vf = ivi.vf; |
8289 |
+ |
8290 |
+ memcpy(vf_mac.mac, ivi.mac, sizeof(ivi.mac)); |
8291 |
+ vf_vlan.vlan = ivi.vlan; |
8292 |
+@@ -1105,6 +1109,7 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, |
8293 |
+ vf_rate.max_tx_rate = ivi.max_tx_rate; |
8294 |
+ vf_spoofchk.setting = ivi.spoofchk; |
8295 |
+ vf_linkstate.link_state = ivi.linkstate; |
8296 |
++ vf_rss_query_en.setting = ivi.rss_query_en; |
8297 |
+ vf = nla_nest_start(skb, IFLA_VF_INFO); |
8298 |
+ if (!vf) { |
8299 |
+ nla_nest_cancel(skb, vfinfo); |
8300 |
+@@ -1119,7 +1124,10 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev, |
8301 |
+ nla_put(skb, IFLA_VF_SPOOFCHK, sizeof(vf_spoofchk), |
8302 |
+ &vf_spoofchk) || |
8303 |
+ nla_put(skb, IFLA_VF_LINK_STATE, sizeof(vf_linkstate), |
8304 |
+- &vf_linkstate)) |
8305 |
++ &vf_linkstate) || |
8306 |
++ nla_put(skb, IFLA_VF_RSS_QUERY_EN, |
8307 |
++ sizeof(vf_rss_query_en), |
8308 |
++ &vf_rss_query_en)) |
8309 |
+ goto nla_put_failure; |
8310 |
+ nla_nest_end(skb, vf); |
8311 |
+ } |
8312 |
+@@ -1207,10 +1215,6 @@ static const struct nla_policy ifla_info_policy[IFLA_INFO_MAX+1] = { |
8313 |
+ [IFLA_INFO_SLAVE_DATA] = { .type = NLA_NESTED }, |
8314 |
+ }; |
8315 |
+ |
8316 |
+-static const struct nla_policy ifla_vfinfo_policy[IFLA_VF_INFO_MAX+1] = { |
8317 |
+- [IFLA_VF_INFO] = { .type = NLA_NESTED }, |
8318 |
+-}; |
8319 |
+- |
8320 |
+ static const struct nla_policy ifla_vf_policy[IFLA_VF_MAX+1] = { |
8321 |
+ [IFLA_VF_MAC] = { .len = sizeof(struct ifla_vf_mac) }, |
8322 |
+ [IFLA_VF_VLAN] = { .len = sizeof(struct ifla_vf_vlan) }, |
8323 |
+@@ -1218,6 +1222,7 @@ static const struct nla_policy ifla_vf_policy[IFLA_VF_MAX+1] = { |
8324 |
+ [IFLA_VF_SPOOFCHK] = { .len = sizeof(struct ifla_vf_spoofchk) }, |
8325 |
+ [IFLA_VF_RATE] = { .len = sizeof(struct ifla_vf_rate) }, |
8326 |
+ [IFLA_VF_LINK_STATE] = { .len = sizeof(struct ifla_vf_link_state) }, |
8327 |
++ [IFLA_VF_RSS_QUERY_EN] = { .len = sizeof(struct ifla_vf_rss_query_en) }, |
8328 |
+ }; |
8329 |
+ |
8330 |
+ static const struct nla_policy ifla_port_policy[IFLA_PORT_MAX+1] = { |
8331 |
+@@ -1356,85 +1361,98 @@ static int validate_linkmsg(struct net_device *dev, struct nlattr *tb[]) |
8332 |
+ return 0; |
8333 |
+ } |
8334 |
+ |
8335 |
+-static int do_setvfinfo(struct net_device *dev, struct nlattr *attr) |
8336 |
++static int do_setvfinfo(struct net_device *dev, struct nlattr **tb) |
8337 |
+ { |
8338 |
+- int rem, err = -EINVAL; |
8339 |
+- struct nlattr *vf; |
8340 |
+ const struct net_device_ops *ops = dev->netdev_ops; |
8341 |
++ int err = -EINVAL; |
8342 |
+ |
8343 |
+- nla_for_each_nested(vf, attr, rem) { |
8344 |
+- switch (nla_type(vf)) { |
8345 |
+- case IFLA_VF_MAC: { |
8346 |
+- struct ifla_vf_mac *ivm; |
8347 |
+- ivm = nla_data(vf); |
8348 |
+- err = -EOPNOTSUPP; |
8349 |
+- if (ops->ndo_set_vf_mac) |
8350 |
+- err = ops->ndo_set_vf_mac(dev, ivm->vf, |
8351 |
+- ivm->mac); |
8352 |
+- break; |
8353 |
+- } |
8354 |
+- case IFLA_VF_VLAN: { |
8355 |
+- struct ifla_vf_vlan *ivv; |
8356 |
+- ivv = nla_data(vf); |
8357 |
+- err = -EOPNOTSUPP; |
8358 |
+- if (ops->ndo_set_vf_vlan) |
8359 |
+- err = ops->ndo_set_vf_vlan(dev, ivv->vf, |
8360 |
+- ivv->vlan, |
8361 |
+- ivv->qos); |
8362 |
+- break; |
8363 |
+- } |
8364 |
+- case IFLA_VF_TX_RATE: { |
8365 |
+- struct ifla_vf_tx_rate *ivt; |
8366 |
+- struct ifla_vf_info ivf; |
8367 |
+- ivt = nla_data(vf); |
8368 |
+- err = -EOPNOTSUPP; |
8369 |
+- if (ops->ndo_get_vf_config) |
8370 |
+- err = ops->ndo_get_vf_config(dev, ivt->vf, |
8371 |
+- &ivf); |
8372 |
+- if (err) |
8373 |
+- break; |
8374 |
+- err = -EOPNOTSUPP; |
8375 |
+- if (ops->ndo_set_vf_rate) |
8376 |
+- err = ops->ndo_set_vf_rate(dev, ivt->vf, |
8377 |
+- ivf.min_tx_rate, |
8378 |
+- ivt->rate); |
8379 |
+- break; |
8380 |
+- } |
8381 |
+- case IFLA_VF_RATE: { |
8382 |
+- struct ifla_vf_rate *ivt; |
8383 |
+- ivt = nla_data(vf); |
8384 |
+- err = -EOPNOTSUPP; |
8385 |
+- if (ops->ndo_set_vf_rate) |
8386 |
+- err = ops->ndo_set_vf_rate(dev, ivt->vf, |
8387 |
+- ivt->min_tx_rate, |
8388 |
+- ivt->max_tx_rate); |
8389 |
+- break; |
8390 |
+- } |
8391 |
+- case IFLA_VF_SPOOFCHK: { |
8392 |
+- struct ifla_vf_spoofchk *ivs; |
8393 |
+- ivs = nla_data(vf); |
8394 |
+- err = -EOPNOTSUPP; |
8395 |
+- if (ops->ndo_set_vf_spoofchk) |
8396 |
+- err = ops->ndo_set_vf_spoofchk(dev, ivs->vf, |
8397 |
+- ivs->setting); |
8398 |
+- break; |
8399 |
+- } |
8400 |
+- case IFLA_VF_LINK_STATE: { |
8401 |
+- struct ifla_vf_link_state *ivl; |
8402 |
+- ivl = nla_data(vf); |
8403 |
+- err = -EOPNOTSUPP; |
8404 |
+- if (ops->ndo_set_vf_link_state) |
8405 |
+- err = ops->ndo_set_vf_link_state(dev, ivl->vf, |
8406 |
+- ivl->link_state); |
8407 |
+- break; |
8408 |
+- } |
8409 |
+- default: |
8410 |
+- err = -EINVAL; |
8411 |
+- break; |
8412 |
+- } |
8413 |
+- if (err) |
8414 |
+- break; |
8415 |
++ if (tb[IFLA_VF_MAC]) { |
8416 |
++ struct ifla_vf_mac *ivm = nla_data(tb[IFLA_VF_MAC]); |
8417 |
++ |
8418 |
++ err = -EOPNOTSUPP; |
8419 |
++ if (ops->ndo_set_vf_mac) |
8420 |
++ err = ops->ndo_set_vf_mac(dev, ivm->vf, |
8421 |
++ ivm->mac); |
8422 |
++ if (err < 0) |
8423 |
++ return err; |
8424 |
++ } |
8425 |
++ |
8426 |
++ if (tb[IFLA_VF_VLAN]) { |
8427 |
++ struct ifla_vf_vlan *ivv = nla_data(tb[IFLA_VF_VLAN]); |
8428 |
++ |
8429 |
++ err = -EOPNOTSUPP; |
8430 |
++ if (ops->ndo_set_vf_vlan) |
8431 |
++ err = ops->ndo_set_vf_vlan(dev, ivv->vf, ivv->vlan, |
8432 |
++ ivv->qos); |
8433 |
++ if (err < 0) |
8434 |
++ return err; |
8435 |
+ } |
8436 |
++ |
8437 |
++ if (tb[IFLA_VF_TX_RATE]) { |
8438 |
++ struct ifla_vf_tx_rate *ivt = nla_data(tb[IFLA_VF_TX_RATE]); |
8439 |
++ struct ifla_vf_info ivf; |
8440 |
++ |
8441 |
++ err = -EOPNOTSUPP; |
8442 |
++ if (ops->ndo_get_vf_config) |
8443 |
++ err = ops->ndo_get_vf_config(dev, ivt->vf, &ivf); |
8444 |
++ if (err < 0) |
8445 |
++ return err; |
8446 |
++ |
8447 |
++ err = -EOPNOTSUPP; |
8448 |
++ if (ops->ndo_set_vf_rate) |
8449 |
++ err = ops->ndo_set_vf_rate(dev, ivt->vf, |
8450 |
++ ivf.min_tx_rate, |
8451 |
++ ivt->rate); |
8452 |
++ if (err < 0) |
8453 |
++ return err; |
8454 |
++ } |
8455 |
++ |
8456 |
++ if (tb[IFLA_VF_RATE]) { |
8457 |
++ struct ifla_vf_rate *ivt = nla_data(tb[IFLA_VF_RATE]); |
8458 |
++ |
8459 |
++ err = -EOPNOTSUPP; |
8460 |
++ if (ops->ndo_set_vf_rate) |
8461 |
++ err = ops->ndo_set_vf_rate(dev, ivt->vf, |
8462 |
++ ivt->min_tx_rate, |
8463 |
++ ivt->max_tx_rate); |
8464 |
++ if (err < 0) |
8465 |
++ return err; |
8466 |
++ } |
8467 |
++ |
8468 |
++ if (tb[IFLA_VF_SPOOFCHK]) { |
8469 |
++ struct ifla_vf_spoofchk *ivs = nla_data(tb[IFLA_VF_SPOOFCHK]); |
8470 |
++ |
8471 |
++ err = -EOPNOTSUPP; |
8472 |
++ if (ops->ndo_set_vf_spoofchk) |
8473 |
++ err = ops->ndo_set_vf_spoofchk(dev, ivs->vf, |
8474 |
++ ivs->setting); |
8475 |
++ if (err < 0) |
8476 |
++ return err; |
8477 |
++ } |
8478 |
++ |
8479 |
++ if (tb[IFLA_VF_LINK_STATE]) { |
8480 |
++ struct ifla_vf_link_state *ivl = nla_data(tb[IFLA_VF_LINK_STATE]); |
8481 |
++ |
8482 |
++ err = -EOPNOTSUPP; |
8483 |
++ if (ops->ndo_set_vf_link_state) |
8484 |
++ err = ops->ndo_set_vf_link_state(dev, ivl->vf, |
8485 |
++ ivl->link_state); |
8486 |
++ if (err < 0) |
8487 |
++ return err; |
8488 |
++ } |
8489 |
++ |
8490 |
++ if (tb[IFLA_VF_RSS_QUERY_EN]) { |
8491 |
++ struct ifla_vf_rss_query_en *ivrssq_en; |
8492 |
++ |
8493 |
++ err = -EOPNOTSUPP; |
8494 |
++ ivrssq_en = nla_data(tb[IFLA_VF_RSS_QUERY_EN]); |
8495 |
++ if (ops->ndo_set_vf_rss_query_en) |
8496 |
++ err = ops->ndo_set_vf_rss_query_en(dev, ivrssq_en->vf, |
8497 |
++ ivrssq_en->setting); |
8498 |
++ if (err < 0) |
8499 |
++ return err; |
8500 |
++ } |
8501 |
++ |
8502 |
+ return err; |
8503 |
+ } |
8504 |
+ |
8505 |
+@@ -1630,14 +1648,21 @@ static int do_setlink(const struct sk_buff *skb, |
8506 |
+ } |
8507 |
+ |
8508 |
+ if (tb[IFLA_VFINFO_LIST]) { |
8509 |
++ struct nlattr *vfinfo[IFLA_VF_MAX + 1]; |
8510 |
+ struct nlattr *attr; |
8511 |
+ int rem; |
8512 |
++ |
8513 |
+ nla_for_each_nested(attr, tb[IFLA_VFINFO_LIST], rem) { |
8514 |
+- if (nla_type(attr) != IFLA_VF_INFO) { |
8515 |
++ if (nla_type(attr) != IFLA_VF_INFO || |
8516 |
++ nla_len(attr) < NLA_HDRLEN) { |
8517 |
+ err = -EINVAL; |
8518 |
+ goto errout; |
8519 |
+ } |
8520 |
+- err = do_setvfinfo(dev, attr); |
8521 |
++ err = nla_parse_nested(vfinfo, IFLA_VF_MAX, attr, |
8522 |
++ ifla_vf_policy); |
8523 |
++ if (err < 0) |
8524 |
++ goto errout; |
8525 |
++ err = do_setvfinfo(dev, vfinfo); |
8526 |
+ if (err < 0) |
8527 |
+ goto errout; |
8528 |
+ status |= DO_SETLINK_NOTIFY; |
8529 |
+diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
8530 |
+index dc9f925b0cd5..9c7d88870e2b 100644 |
8531 |
+--- a/net/ipv4/tcp_output.c |
8532 |
++++ b/net/ipv4/tcp_output.c |
8533 |
+@@ -2798,6 +2798,7 @@ void tcp_send_active_reset(struct sock *sk, gfp_t priority) |
8534 |
+ skb_reserve(skb, MAX_TCP_HEADER); |
8535 |
+ tcp_init_nondata_skb(skb, tcp_acceptable_seq(sk), |
8536 |
+ TCPHDR_ACK | TCPHDR_RST); |
8537 |
++ skb_mstamp_get(&skb->skb_mstamp); |
8538 |
+ /* Send it off. */ |
8539 |
+ if (tcp_transmit_skb(sk, skb, 0, priority)) |
8540 |
+ NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTFAILED); |
8541 |
+diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c |
8542 |
+index c5e3194fd9a5..4ea975324888 100644 |
8543 |
+--- a/net/ipv4/udp.c |
8544 |
++++ b/net/ipv4/udp.c |
8545 |
+@@ -1983,12 +1983,19 @@ void udp_v4_early_demux(struct sk_buff *skb) |
8546 |
+ |
8547 |
+ skb->sk = sk; |
8548 |
+ skb->destructor = sock_efree; |
8549 |
+- dst = sk->sk_rx_dst; |
8550 |
++ dst = READ_ONCE(sk->sk_rx_dst); |
8551 |
+ |
8552 |
+ if (dst) |
8553 |
+ dst = dst_check(dst, 0); |
8554 |
+- if (dst) |
8555 |
+- skb_dst_set_noref(skb, dst); |
8556 |
++ if (dst) { |
8557 |
++ /* DST_NOCACHE can not be used without taking a reference */ |
8558 |
++ if (dst->flags & DST_NOCACHE) { |
8559 |
++ if (likely(atomic_inc_not_zero(&dst->__refcnt))) |
8560 |
++ skb_dst_set(skb, dst); |
8561 |
++ } else { |
8562 |
++ skb_dst_set_noref(skb, dst); |
8563 |
++ } |
8564 |
++ } |
8565 |
+ } |
8566 |
+ |
8567 |
+ int udp_rcv(struct sk_buff *skb) |
8568 |
+diff --git a/net/ipv6/exthdrs_offload.c b/net/ipv6/exthdrs_offload.c |
8569 |
+index 447a7fbd1bb6..f5e2ba1c18bf 100644 |
8570 |
+--- a/net/ipv6/exthdrs_offload.c |
8571 |
++++ b/net/ipv6/exthdrs_offload.c |
8572 |
+@@ -36,6 +36,6 @@ out: |
8573 |
+ return ret; |
8574 |
+ |
8575 |
+ out_rt: |
8576 |
+- inet_del_offload(&rthdr_offload, IPPROTO_ROUTING); |
8577 |
++ inet6_del_offload(&rthdr_offload, IPPROTO_ROUTING); |
8578 |
+ goto out; |
8579 |
+ } |
8580 |
+diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c |
8581 |
+index 0e32d2e1bdbf..28d7a245ea34 100644 |
8582 |
+--- a/net/ipv6/ip6_gre.c |
8583 |
++++ b/net/ipv6/ip6_gre.c |
8584 |
+@@ -360,7 +360,7 @@ static void ip6gre_tunnel_uninit(struct net_device *dev) |
8585 |
+ struct ip6_tnl *t = netdev_priv(dev); |
8586 |
+ struct ip6gre_net *ign = net_generic(t->net, ip6gre_net_id); |
8587 |
+ |
8588 |
+- ip6gre_tunnel_unlink(ign, t); |
8589 |
++ ip6_tnl_dst_reset(netdev_priv(dev)); |
8590 |
+ dev_put(dev); |
8591 |
+ } |
8592 |
+ |
8593 |
+diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c |
8594 |
+index 1a01d79b8698..0d58542f9db0 100644 |
8595 |
+--- a/net/ipv6/ip6mr.c |
8596 |
++++ b/net/ipv6/ip6mr.c |
8597 |
+@@ -552,7 +552,7 @@ static void ipmr_mfc_seq_stop(struct seq_file *seq, void *v) |
8598 |
+ |
8599 |
+ if (it->cache == &mrt->mfc6_unres_queue) |
8600 |
+ spin_unlock_bh(&mfc_unres_lock); |
8601 |
+- else if (it->cache == mrt->mfc6_cache_array) |
8602 |
++ else if (it->cache == &mrt->mfc6_cache_array[it->ct]) |
8603 |
+ read_unlock(&mrt_lock); |
8604 |
+ } |
8605 |
+ |
8606 |
+diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c |
8607 |
+index 80ce44f6693d..45e782825567 100644 |
8608 |
+--- a/net/mac80211/tx.c |
8609 |
++++ b/net/mac80211/tx.c |
8610 |
+@@ -299,9 +299,6 @@ ieee80211_tx_h_check_assoc(struct ieee80211_tx_data *tx) |
8611 |
+ if (tx->sdata->vif.type == NL80211_IFTYPE_WDS) |
8612 |
+ return TX_CONTINUE; |
8613 |
+ |
8614 |
+- if (tx->sdata->vif.type == NL80211_IFTYPE_MESH_POINT) |
8615 |
+- return TX_CONTINUE; |
8616 |
+- |
8617 |
+ if (tx->flags & IEEE80211_TX_PS_BUFFERED) |
8618 |
+ return TX_CONTINUE; |
8619 |
+ |
8620 |
+diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c |
8621 |
+index 990decba1fe4..3a2fa9c044f8 100644 |
8622 |
+--- a/net/netfilter/ipvs/ip_vs_core.c |
8623 |
++++ b/net/netfilter/ipvs/ip_vs_core.c |
8624 |
+@@ -313,7 +313,13 @@ ip_vs_sched_persist(struct ip_vs_service *svc, |
8625 |
+ * return *ignored=0 i.e. ICMP and NF_DROP |
8626 |
+ */ |
8627 |
+ sched = rcu_dereference(svc->scheduler); |
8628 |
+- dest = sched->schedule(svc, skb, iph); |
8629 |
++ if (sched) { |
8630 |
++ /* read svc->sched_data after svc->scheduler */ |
8631 |
++ smp_rmb(); |
8632 |
++ dest = sched->schedule(svc, skb, iph); |
8633 |
++ } else { |
8634 |
++ dest = NULL; |
8635 |
++ } |
8636 |
+ if (!dest) { |
8637 |
+ IP_VS_DBG(1, "p-schedule: no dest found.\n"); |
8638 |
+ kfree(param.pe_data); |
8639 |
+@@ -461,7 +467,13 @@ ip_vs_schedule(struct ip_vs_service *svc, struct sk_buff *skb, |
8640 |
+ } |
8641 |
+ |
8642 |
+ sched = rcu_dereference(svc->scheduler); |
8643 |
+- dest = sched->schedule(svc, skb, iph); |
8644 |
++ if (sched) { |
8645 |
++ /* read svc->sched_data after svc->scheduler */ |
8646 |
++ smp_rmb(); |
8647 |
++ dest = sched->schedule(svc, skb, iph); |
8648 |
++ } else { |
8649 |
++ dest = NULL; |
8650 |
++ } |
8651 |
+ if (dest == NULL) { |
8652 |
+ IP_VS_DBG(1, "Schedule: no dest found.\n"); |
8653 |
+ return NULL; |
8654 |
+diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c |
8655 |
+index ac7ba689efe7..9b1452e8e868 100644 |
8656 |
+--- a/net/netfilter/ipvs/ip_vs_ctl.c |
8657 |
++++ b/net/netfilter/ipvs/ip_vs_ctl.c |
8658 |
+@@ -828,15 +828,16 @@ __ip_vs_update_dest(struct ip_vs_service *svc, struct ip_vs_dest *dest, |
8659 |
+ __ip_vs_dst_cache_reset(dest); |
8660 |
+ spin_unlock_bh(&dest->dst_lock); |
8661 |
+ |
8662 |
+- sched = rcu_dereference_protected(svc->scheduler, 1); |
8663 |
+ if (add) { |
8664 |
+ ip_vs_start_estimator(svc->net, &dest->stats); |
8665 |
+ list_add_rcu(&dest->n_list, &svc->destinations); |
8666 |
+ svc->num_dests++; |
8667 |
+- if (sched->add_dest) |
8668 |
++ sched = rcu_dereference_protected(svc->scheduler, 1); |
8669 |
++ if (sched && sched->add_dest) |
8670 |
+ sched->add_dest(svc, dest); |
8671 |
+ } else { |
8672 |
+- if (sched->upd_dest) |
8673 |
++ sched = rcu_dereference_protected(svc->scheduler, 1); |
8674 |
++ if (sched && sched->upd_dest) |
8675 |
+ sched->upd_dest(svc, dest); |
8676 |
+ } |
8677 |
+ } |
8678 |
+@@ -1070,7 +1071,7 @@ static void __ip_vs_unlink_dest(struct ip_vs_service *svc, |
8679 |
+ struct ip_vs_scheduler *sched; |
8680 |
+ |
8681 |
+ sched = rcu_dereference_protected(svc->scheduler, 1); |
8682 |
+- if (sched->del_dest) |
8683 |
++ if (sched && sched->del_dest) |
8684 |
+ sched->del_dest(svc, dest); |
8685 |
+ } |
8686 |
+ } |
8687 |
+@@ -1161,11 +1162,14 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u, |
8688 |
+ ip_vs_use_count_inc(); |
8689 |
+ |
8690 |
+ /* Lookup the scheduler by 'u->sched_name' */ |
8691 |
+- sched = ip_vs_scheduler_get(u->sched_name); |
8692 |
+- if (sched == NULL) { |
8693 |
+- pr_info("Scheduler module ip_vs_%s not found\n", u->sched_name); |
8694 |
+- ret = -ENOENT; |
8695 |
+- goto out_err; |
8696 |
++ if (strcmp(u->sched_name, "none")) { |
8697 |
++ sched = ip_vs_scheduler_get(u->sched_name); |
8698 |
++ if (!sched) { |
8699 |
++ pr_info("Scheduler module ip_vs_%s not found\n", |
8700 |
++ u->sched_name); |
8701 |
++ ret = -ENOENT; |
8702 |
++ goto out_err; |
8703 |
++ } |
8704 |
+ } |
8705 |
+ |
8706 |
+ if (u->pe_name && *u->pe_name) { |
8707 |
+@@ -1226,10 +1230,12 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u, |
8708 |
+ spin_lock_init(&svc->stats.lock); |
8709 |
+ |
8710 |
+ /* Bind the scheduler */ |
8711 |
+- ret = ip_vs_bind_scheduler(svc, sched); |
8712 |
+- if (ret) |
8713 |
+- goto out_err; |
8714 |
+- sched = NULL; |
8715 |
++ if (sched) { |
8716 |
++ ret = ip_vs_bind_scheduler(svc, sched); |
8717 |
++ if (ret) |
8718 |
++ goto out_err; |
8719 |
++ sched = NULL; |
8720 |
++ } |
8721 |
+ |
8722 |
+ /* Bind the ct retriever */ |
8723 |
+ RCU_INIT_POINTER(svc->pe, pe); |
8724 |
+@@ -1277,17 +1283,20 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u, |
8725 |
+ static int |
8726 |
+ ip_vs_edit_service(struct ip_vs_service *svc, struct ip_vs_service_user_kern *u) |
8727 |
+ { |
8728 |
+- struct ip_vs_scheduler *sched, *old_sched; |
8729 |
++ struct ip_vs_scheduler *sched = NULL, *old_sched; |
8730 |
+ struct ip_vs_pe *pe = NULL, *old_pe = NULL; |
8731 |
+ int ret = 0; |
8732 |
+ |
8733 |
+ /* |
8734 |
+ * Lookup the scheduler, by 'u->sched_name' |
8735 |
+ */ |
8736 |
+- sched = ip_vs_scheduler_get(u->sched_name); |
8737 |
+- if (sched == NULL) { |
8738 |
+- pr_info("Scheduler module ip_vs_%s not found\n", u->sched_name); |
8739 |
+- return -ENOENT; |
8740 |
++ if (strcmp(u->sched_name, "none")) { |
8741 |
++ sched = ip_vs_scheduler_get(u->sched_name); |
8742 |
++ if (!sched) { |
8743 |
++ pr_info("Scheduler module ip_vs_%s not found\n", |
8744 |
++ u->sched_name); |
8745 |
++ return -ENOENT; |
8746 |
++ } |
8747 |
+ } |
8748 |
+ old_sched = sched; |
8749 |
+ |
8750 |
+@@ -1315,14 +1324,20 @@ ip_vs_edit_service(struct ip_vs_service *svc, struct ip_vs_service_user_kern *u) |
8751 |
+ |
8752 |
+ old_sched = rcu_dereference_protected(svc->scheduler, 1); |
8753 |
+ if (sched != old_sched) { |
8754 |
++ if (old_sched) { |
8755 |
++ ip_vs_unbind_scheduler(svc, old_sched); |
8756 |
++ RCU_INIT_POINTER(svc->scheduler, NULL); |
8757 |
++ /* Wait all svc->sched_data users */ |
8758 |
++ synchronize_rcu(); |
8759 |
++ } |
8760 |
+ /* Bind the new scheduler */ |
8761 |
+- ret = ip_vs_bind_scheduler(svc, sched); |
8762 |
+- if (ret) { |
8763 |
+- old_sched = sched; |
8764 |
+- goto out; |
8765 |
++ if (sched) { |
8766 |
++ ret = ip_vs_bind_scheduler(svc, sched); |
8767 |
++ if (ret) { |
8768 |
++ ip_vs_scheduler_put(sched); |
8769 |
++ goto out; |
8770 |
++ } |
8771 |
+ } |
8772 |
+- /* Unbind the old scheduler on success */ |
8773 |
+- ip_vs_unbind_scheduler(svc, old_sched); |
8774 |
+ } |
8775 |
+ |
8776 |
+ /* |
8777 |
+@@ -1962,6 +1977,7 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) |
8778 |
+ const struct ip_vs_iter *iter = seq->private; |
8779 |
+ const struct ip_vs_dest *dest; |
8780 |
+ struct ip_vs_scheduler *sched = rcu_dereference(svc->scheduler); |
8781 |
++ char *sched_name = sched ? sched->name : "none"; |
8782 |
+ |
8783 |
+ if (iter->table == ip_vs_svc_table) { |
8784 |
+ #ifdef CONFIG_IP_VS_IPV6 |
8785 |
+@@ -1970,18 +1986,18 @@ static int ip_vs_info_seq_show(struct seq_file *seq, void *v) |
8786 |
+ ip_vs_proto_name(svc->protocol), |
8787 |
+ &svc->addr.in6, |
8788 |
+ ntohs(svc->port), |
8789 |
+- sched->name); |
8790 |
++ sched_name); |
8791 |
+ else |
8792 |
+ #endif |
8793 |
+ seq_printf(seq, "%s %08X:%04X %s %s ", |
8794 |
+ ip_vs_proto_name(svc->protocol), |
8795 |
+ ntohl(svc->addr.ip), |
8796 |
+ ntohs(svc->port), |
8797 |
+- sched->name, |
8798 |
++ sched_name, |
8799 |
+ (svc->flags & IP_VS_SVC_F_ONEPACKET)?"ops ":""); |
8800 |
+ } else { |
8801 |
+ seq_printf(seq, "FWM %08X %s %s", |
8802 |
+- svc->fwmark, sched->name, |
8803 |
++ svc->fwmark, sched_name, |
8804 |
+ (svc->flags & IP_VS_SVC_F_ONEPACKET)?"ops ":""); |
8805 |
+ } |
8806 |
+ |
8807 |
+@@ -2401,13 +2417,15 @@ static void |
8808 |
+ ip_vs_copy_service(struct ip_vs_service_entry *dst, struct ip_vs_service *src) |
8809 |
+ { |
8810 |
+ struct ip_vs_scheduler *sched; |
8811 |
++ char *sched_name; |
8812 |
+ |
8813 |
+ sched = rcu_dereference_protected(src->scheduler, 1); |
8814 |
++ sched_name = sched ? sched->name : "none"; |
8815 |
+ dst->protocol = src->protocol; |
8816 |
+ dst->addr = src->addr.ip; |
8817 |
+ dst->port = src->port; |
8818 |
+ dst->fwmark = src->fwmark; |
8819 |
+- strlcpy(dst->sched_name, sched->name, sizeof(dst->sched_name)); |
8820 |
++ strlcpy(dst->sched_name, sched_name, sizeof(dst->sched_name)); |
8821 |
+ dst->flags = src->flags; |
8822 |
+ dst->timeout = src->timeout / HZ; |
8823 |
+ dst->netmask = src->netmask; |
8824 |
+@@ -2836,6 +2854,7 @@ static int ip_vs_genl_fill_service(struct sk_buff *skb, |
8825 |
+ struct nlattr *nl_service; |
8826 |
+ struct ip_vs_flags flags = { .flags = svc->flags, |
8827 |
+ .mask = ~0 }; |
8828 |
++ char *sched_name; |
8829 |
+ |
8830 |
+ nl_service = nla_nest_start(skb, IPVS_CMD_ATTR_SERVICE); |
8831 |
+ if (!nl_service) |
8832 |
+@@ -2854,8 +2873,9 @@ static int ip_vs_genl_fill_service(struct sk_buff *skb, |
8833 |
+ } |
8834 |
+ |
8835 |
+ sched = rcu_dereference_protected(svc->scheduler, 1); |
8836 |
++ sched_name = sched ? sched->name : "none"; |
8837 |
+ pe = rcu_dereference_protected(svc->pe, 1); |
8838 |
+- if (nla_put_string(skb, IPVS_SVC_ATTR_SCHED_NAME, sched->name) || |
8839 |
++ if (nla_put_string(skb, IPVS_SVC_ATTR_SCHED_NAME, sched_name) || |
8840 |
+ (pe && nla_put_string(skb, IPVS_SVC_ATTR_PE_NAME, pe->name)) || |
8841 |
+ nla_put(skb, IPVS_SVC_ATTR_FLAGS, sizeof(flags), &flags) || |
8842 |
+ nla_put_u32(skb, IPVS_SVC_ATTR_TIMEOUT, svc->timeout / HZ) || |
8843 |
+diff --git a/net/netfilter/ipvs/ip_vs_sched.c b/net/netfilter/ipvs/ip_vs_sched.c |
8844 |
+index 4dbcda6258bc..21b6b515a09c 100644 |
8845 |
+--- a/net/netfilter/ipvs/ip_vs_sched.c |
8846 |
++++ b/net/netfilter/ipvs/ip_vs_sched.c |
8847 |
+@@ -74,7 +74,7 @@ void ip_vs_unbind_scheduler(struct ip_vs_service *svc, |
8848 |
+ |
8849 |
+ if (sched->done_service) |
8850 |
+ sched->done_service(svc); |
8851 |
+- /* svc->scheduler can not be set to NULL */ |
8852 |
++ /* svc->scheduler can be set to NULL only by caller */ |
8853 |
+ } |
8854 |
+ |
8855 |
+ |
8856 |
+@@ -148,21 +148,21 @@ void ip_vs_scheduler_put(struct ip_vs_scheduler *scheduler) |
8857 |
+ |
8858 |
+ void ip_vs_scheduler_err(struct ip_vs_service *svc, const char *msg) |
8859 |
+ { |
8860 |
+- struct ip_vs_scheduler *sched; |
8861 |
++ struct ip_vs_scheduler *sched = rcu_dereference(svc->scheduler); |
8862 |
++ char *sched_name = sched ? sched->name : "none"; |
8863 |
+ |
8864 |
+- sched = rcu_dereference(svc->scheduler); |
8865 |
+ if (svc->fwmark) { |
8866 |
+ IP_VS_ERR_RL("%s: FWM %u 0x%08X - %s\n", |
8867 |
+- sched->name, svc->fwmark, svc->fwmark, msg); |
8868 |
++ sched_name, svc->fwmark, svc->fwmark, msg); |
8869 |
+ #ifdef CONFIG_IP_VS_IPV6 |
8870 |
+ } else if (svc->af == AF_INET6) { |
8871 |
+ IP_VS_ERR_RL("%s: %s [%pI6c]:%d - %s\n", |
8872 |
+- sched->name, ip_vs_proto_name(svc->protocol), |
8873 |
++ sched_name, ip_vs_proto_name(svc->protocol), |
8874 |
+ &svc->addr.in6, ntohs(svc->port), msg); |
8875 |
+ #endif |
8876 |
+ } else { |
8877 |
+ IP_VS_ERR_RL("%s: %s %pI4:%d - %s\n", |
8878 |
+- sched->name, ip_vs_proto_name(svc->protocol), |
8879 |
++ sched_name, ip_vs_proto_name(svc->protocol), |
8880 |
+ &svc->addr.ip, ntohs(svc->port), msg); |
8881 |
+ } |
8882 |
+ } |
8883 |
+diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c |
8884 |
+index 7162c86fd50d..72fac696c85e 100644 |
8885 |
+--- a/net/netfilter/ipvs/ip_vs_sync.c |
8886 |
++++ b/net/netfilter/ipvs/ip_vs_sync.c |
8887 |
+@@ -612,7 +612,7 @@ static void ip_vs_sync_conn_v0(struct net *net, struct ip_vs_conn *cp, |
8888 |
+ pkts = atomic_add_return(1, &cp->in_pkts); |
8889 |
+ else |
8890 |
+ pkts = sysctl_sync_threshold(ipvs); |
8891 |
+- ip_vs_sync_conn(net, cp->control, pkts); |
8892 |
++ ip_vs_sync_conn(net, cp, pkts); |
8893 |
+ } |
8894 |
+ } |
8895 |
+ |
8896 |
+diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c |
8897 |
+index bd90bf8107da..72f030878e7a 100644 |
8898 |
+--- a/net/netfilter/ipvs/ip_vs_xmit.c |
8899 |
++++ b/net/netfilter/ipvs/ip_vs_xmit.c |
8900 |
+@@ -130,7 +130,6 @@ static struct rtable *do_output_route4(struct net *net, __be32 daddr, |
8901 |
+ |
8902 |
+ memset(&fl4, 0, sizeof(fl4)); |
8903 |
+ fl4.daddr = daddr; |
8904 |
+- fl4.saddr = (rt_mode & IP_VS_RT_MODE_CONNECT) ? *saddr : 0; |
8905 |
+ fl4.flowi4_flags = (rt_mode & IP_VS_RT_MODE_KNOWN_NH) ? |
8906 |
+ FLOWI_FLAG_KNOWN_NH : 0; |
8907 |
+ |
8908 |
+@@ -524,6 +523,21 @@ static inline int ip_vs_tunnel_xmit_prepare(struct sk_buff *skb, |
8909 |
+ return ret; |
8910 |
+ } |
8911 |
+ |
8912 |
++/* In the event of a remote destination, it's possible that we would have |
8913 |
++ * matches against an old socket (particularly a TIME-WAIT socket). This |
8914 |
++ * causes havoc down the line (ip_local_out et. al. expect regular sockets |
8915 |
++ * and invalid memory accesses will happen) so simply drop the association |
8916 |
++ * in this case. |
8917 |
++*/ |
8918 |
++static inline void ip_vs_drop_early_demux_sk(struct sk_buff *skb) |
8919 |
++{ |
8920 |
++ /* If dev is set, the packet came from the LOCAL_IN callback and |
8921 |
++ * not from a local TCP socket. |
8922 |
++ */ |
8923 |
++ if (skb->dev) |
8924 |
++ skb_orphan(skb); |
8925 |
++} |
8926 |
++ |
8927 |
+ /* return NF_STOLEN (sent) or NF_ACCEPT if local=1 (not sent) */ |
8928 |
+ static inline int ip_vs_nat_send_or_cont(int pf, struct sk_buff *skb, |
8929 |
+ struct ip_vs_conn *cp, int local) |
8930 |
+@@ -535,12 +549,21 @@ static inline int ip_vs_nat_send_or_cont(int pf, struct sk_buff *skb, |
8931 |
+ ip_vs_notrack(skb); |
8932 |
+ else |
8933 |
+ ip_vs_update_conntrack(skb, cp, 1); |
8934 |
++ |
8935 |
++ /* Remove the early_demux association unless it's bound for the |
8936 |
++ * exact same port and address on this host after translation. |
8937 |
++ */ |
8938 |
++ if (!local || cp->vport != cp->dport || |
8939 |
++ !ip_vs_addr_equal(cp->af, &cp->vaddr, &cp->daddr)) |
8940 |
++ ip_vs_drop_early_demux_sk(skb); |
8941 |
++ |
8942 |
+ if (!local) { |
8943 |
+ skb_forward_csum(skb); |
8944 |
+ NF_HOOK(pf, NF_INET_LOCAL_OUT, skb, NULL, skb_dst(skb)->dev, |
8945 |
+ dst_output); |
8946 |
+ } else |
8947 |
+ ret = NF_ACCEPT; |
8948 |
++ |
8949 |
+ return ret; |
8950 |
+ } |
8951 |
+ |
8952 |
+@@ -554,6 +577,7 @@ static inline int ip_vs_send_or_cont(int pf, struct sk_buff *skb, |
8953 |
+ if (likely(!(cp->flags & IP_VS_CONN_F_NFCT))) |
8954 |
+ ip_vs_notrack(skb); |
8955 |
+ if (!local) { |
8956 |
++ ip_vs_drop_early_demux_sk(skb); |
8957 |
+ skb_forward_csum(skb); |
8958 |
+ NF_HOOK(pf, NF_INET_LOCAL_OUT, skb, NULL, skb_dst(skb)->dev, |
8959 |
+ dst_output); |
8960 |
+@@ -842,6 +866,8 @@ ip_vs_prepare_tunneled_skb(struct sk_buff *skb, int skb_af, |
8961 |
+ struct ipv6hdr *old_ipv6h = NULL; |
8962 |
+ #endif |
8963 |
+ |
8964 |
++ ip_vs_drop_early_demux_sk(skb); |
8965 |
++ |
8966 |
+ if (skb_headroom(skb) < max_headroom || skb_cloned(skb)) { |
8967 |
+ new_skb = skb_realloc_headroom(skb, max_headroom); |
8968 |
+ if (!new_skb) |
8969 |
+diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c |
8970 |
+index 91a1837acd0e..26af45193ab7 100644 |
8971 |
+--- a/net/netfilter/nf_conntrack_expect.c |
8972 |
++++ b/net/netfilter/nf_conntrack_expect.c |
8973 |
+@@ -219,7 +219,8 @@ static inline int expect_clash(const struct nf_conntrack_expect *a, |
8974 |
+ a->mask.src.u3.all[count] & b->mask.src.u3.all[count]; |
8975 |
+ } |
8976 |
+ |
8977 |
+- return nf_ct_tuple_mask_cmp(&a->tuple, &b->tuple, &intersect_mask); |
8978 |
++ return nf_ct_tuple_mask_cmp(&a->tuple, &b->tuple, &intersect_mask) && |
8979 |
++ nf_ct_zone(a->master) == nf_ct_zone(b->master); |
8980 |
+ } |
8981 |
+ |
8982 |
+ static inline int expect_matches(const struct nf_conntrack_expect *a, |
8983 |
+diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c |
8984 |
+index 1bd9ed9e62f6..d3ea2999d0dc 100644 |
8985 |
+--- a/net/netfilter/nf_conntrack_netlink.c |
8986 |
++++ b/net/netfilter/nf_conntrack_netlink.c |
8987 |
+@@ -2956,11 +2956,6 @@ ctnetlink_create_expect(struct net *net, u16 zone, |
8988 |
+ } |
8989 |
+ |
8990 |
+ err = nf_ct_expect_related_report(exp, portid, report); |
8991 |
+- if (err < 0) |
8992 |
+- goto err_exp; |
8993 |
+- |
8994 |
+- return 0; |
8995 |
+-err_exp: |
8996 |
+ nf_ct_expect_put(exp); |
8997 |
+ err_ct: |
8998 |
+ nf_ct_put(ct); |
8999 |
+diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c |
9000 |
+index d7197649dba6..cfe93c2227c5 100644 |
9001 |
+--- a/net/netfilter/nf_log.c |
9002 |
++++ b/net/netfilter/nf_log.c |
9003 |
+@@ -19,6 +19,9 @@ |
9004 |
+ static struct nf_logger __rcu *loggers[NFPROTO_NUMPROTO][NF_LOG_TYPE_MAX] __read_mostly; |
9005 |
+ static DEFINE_MUTEX(nf_log_mutex); |
9006 |
+ |
9007 |
++#define nft_log_dereference(logger) \ |
9008 |
++ rcu_dereference_protected(logger, lockdep_is_held(&nf_log_mutex)) |
9009 |
++ |
9010 |
+ static struct nf_logger *__find_logger(int pf, const char *str_logger) |
9011 |
+ { |
9012 |
+ struct nf_logger *log; |
9013 |
+@@ -28,8 +31,7 @@ static struct nf_logger *__find_logger(int pf, const char *str_logger) |
9014 |
+ if (loggers[pf][i] == NULL) |
9015 |
+ continue; |
9016 |
+ |
9017 |
+- log = rcu_dereference_protected(loggers[pf][i], |
9018 |
+- lockdep_is_held(&nf_log_mutex)); |
9019 |
++ log = nft_log_dereference(loggers[pf][i]); |
9020 |
+ if (!strncasecmp(str_logger, log->name, strlen(log->name))) |
9021 |
+ return log; |
9022 |
+ } |
9023 |
+@@ -45,8 +47,7 @@ void nf_log_set(struct net *net, u_int8_t pf, const struct nf_logger *logger) |
9024 |
+ return; |
9025 |
+ |
9026 |
+ mutex_lock(&nf_log_mutex); |
9027 |
+- log = rcu_dereference_protected(net->nf.nf_loggers[pf], |
9028 |
+- lockdep_is_held(&nf_log_mutex)); |
9029 |
++ log = nft_log_dereference(net->nf.nf_loggers[pf]); |
9030 |
+ if (log == NULL) |
9031 |
+ rcu_assign_pointer(net->nf.nf_loggers[pf], logger); |
9032 |
+ |
9033 |
+@@ -61,8 +62,7 @@ void nf_log_unset(struct net *net, const struct nf_logger *logger) |
9034 |
+ |
9035 |
+ mutex_lock(&nf_log_mutex); |
9036 |
+ for (i = 0; i < NFPROTO_NUMPROTO; i++) { |
9037 |
+- log = rcu_dereference_protected(net->nf.nf_loggers[i], |
9038 |
+- lockdep_is_held(&nf_log_mutex)); |
9039 |
++ log = nft_log_dereference(net->nf.nf_loggers[i]); |
9040 |
+ if (log == logger) |
9041 |
+ RCU_INIT_POINTER(net->nf.nf_loggers[i], NULL); |
9042 |
+ } |
9043 |
+@@ -97,12 +97,17 @@ EXPORT_SYMBOL(nf_log_register); |
9044 |
+ |
9045 |
+ void nf_log_unregister(struct nf_logger *logger) |
9046 |
+ { |
9047 |
++ const struct nf_logger *log; |
9048 |
+ int i; |
9049 |
+ |
9050 |
+ mutex_lock(&nf_log_mutex); |
9051 |
+- for (i = 0; i < NFPROTO_NUMPROTO; i++) |
9052 |
+- RCU_INIT_POINTER(loggers[i][logger->type], NULL); |
9053 |
++ for (i = 0; i < NFPROTO_NUMPROTO; i++) { |
9054 |
++ log = nft_log_dereference(loggers[i][logger->type]); |
9055 |
++ if (log == logger) |
9056 |
++ RCU_INIT_POINTER(loggers[i][logger->type], NULL); |
9057 |
++ } |
9058 |
+ mutex_unlock(&nf_log_mutex); |
9059 |
++ synchronize_rcu(); |
9060 |
+ } |
9061 |
+ EXPORT_SYMBOL(nf_log_unregister); |
9062 |
+ |
9063 |
+@@ -297,8 +302,7 @@ static int seq_show(struct seq_file *s, void *v) |
9064 |
+ int i, ret; |
9065 |
+ struct net *net = seq_file_net(s); |
9066 |
+ |
9067 |
+- logger = rcu_dereference_protected(net->nf.nf_loggers[*pos], |
9068 |
+- lockdep_is_held(&nf_log_mutex)); |
9069 |
++ logger = nft_log_dereference(net->nf.nf_loggers[*pos]); |
9070 |
+ |
9071 |
+ if (!logger) |
9072 |
+ ret = seq_printf(s, "%2lld NONE (", *pos); |
9073 |
+@@ -312,8 +316,7 @@ static int seq_show(struct seq_file *s, void *v) |
9074 |
+ if (loggers[*pos][i] == NULL) |
9075 |
+ continue; |
9076 |
+ |
9077 |
+- logger = rcu_dereference_protected(loggers[*pos][i], |
9078 |
+- lockdep_is_held(&nf_log_mutex)); |
9079 |
++ logger = nft_log_dereference(loggers[*pos][i]); |
9080 |
+ ret = seq_printf(s, "%s", logger->name); |
9081 |
+ if (ret < 0) |
9082 |
+ return ret; |
9083 |
+@@ -385,8 +388,7 @@ static int nf_log_proc_dostring(struct ctl_table *table, int write, |
9084 |
+ mutex_unlock(&nf_log_mutex); |
9085 |
+ } else { |
9086 |
+ mutex_lock(&nf_log_mutex); |
9087 |
+- logger = rcu_dereference_protected(net->nf.nf_loggers[tindex], |
9088 |
+- lockdep_is_held(&nf_log_mutex)); |
9089 |
++ logger = nft_log_dereference(net->nf.nf_loggers[tindex]); |
9090 |
+ if (!logger) |
9091 |
+ table->data = "NONE"; |
9092 |
+ else |
9093 |
+diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c |
9094 |
+index 1aa7049c93f5..e41bab38a3ca 100644 |
9095 |
+--- a/net/netfilter/nfnetlink.c |
9096 |
++++ b/net/netfilter/nfnetlink.c |
9097 |
+@@ -433,6 +433,7 @@ done: |
9098 |
+ static void nfnetlink_rcv(struct sk_buff *skb) |
9099 |
+ { |
9100 |
+ struct nlmsghdr *nlh = nlmsg_hdr(skb); |
9101 |
++ u_int16_t res_id; |
9102 |
+ int msglen; |
9103 |
+ |
9104 |
+ if (nlh->nlmsg_len < NLMSG_HDRLEN || |
9105 |
+@@ -457,7 +458,12 @@ static void nfnetlink_rcv(struct sk_buff *skb) |
9106 |
+ |
9107 |
+ nfgenmsg = nlmsg_data(nlh); |
9108 |
+ skb_pull(skb, msglen); |
9109 |
+- nfnetlink_rcv_batch(skb, nlh, nfgenmsg->res_id); |
9110 |
++ /* Work around old nft using host byte order */ |
9111 |
++ if (nfgenmsg->res_id == NFNL_SUBSYS_NFTABLES) |
9112 |
++ res_id = NFNL_SUBSYS_NFTABLES; |
9113 |
++ else |
9114 |
++ res_id = ntohs(nfgenmsg->res_id); |
9115 |
++ nfnetlink_rcv_batch(skb, nlh, res_id); |
9116 |
+ } else { |
9117 |
+ netlink_rcv_skb(skb, &nfnetlink_rcv_msg); |
9118 |
+ } |
9119 |
+diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c |
9120 |
+index e22a2961cc39..ff6f35971ea2 100644 |
9121 |
+--- a/net/netfilter/nft_compat.c |
9122 |
++++ b/net/netfilter/nft_compat.c |
9123 |
+@@ -561,6 +561,13 @@ struct nft_xt { |
9124 |
+ |
9125 |
+ static struct nft_expr_type nft_match_type; |
9126 |
+ |
9127 |
++static bool nft_match_cmp(const struct xt_match *match, |
9128 |
++ const char *name, u32 rev, u32 family) |
9129 |
++{ |
9130 |
++ return strcmp(match->name, name) == 0 && match->revision == rev && |
9131 |
++ (match->family == NFPROTO_UNSPEC || match->family == family); |
9132 |
++} |
9133 |
++ |
9134 |
+ static const struct nft_expr_ops * |
9135 |
+ nft_match_select_ops(const struct nft_ctx *ctx, |
9136 |
+ const struct nlattr * const tb[]) |
9137 |
+@@ -568,7 +575,7 @@ nft_match_select_ops(const struct nft_ctx *ctx, |
9138 |
+ struct nft_xt *nft_match; |
9139 |
+ struct xt_match *match; |
9140 |
+ char *mt_name; |
9141 |
+- __u32 rev, family; |
9142 |
++ u32 rev, family; |
9143 |
+ |
9144 |
+ if (tb[NFTA_MATCH_NAME] == NULL || |
9145 |
+ tb[NFTA_MATCH_REV] == NULL || |
9146 |
+@@ -583,9 +590,12 @@ nft_match_select_ops(const struct nft_ctx *ctx, |
9147 |
+ list_for_each_entry(nft_match, &nft_match_list, head) { |
9148 |
+ struct xt_match *match = nft_match->ops.data; |
9149 |
+ |
9150 |
+- if (strcmp(match->name, mt_name) == 0 && |
9151 |
+- match->revision == rev && match->family == family) |
9152 |
++ if (nft_match_cmp(match, mt_name, rev, family)) { |
9153 |
++ if (!try_module_get(match->me)) |
9154 |
++ return ERR_PTR(-ENOENT); |
9155 |
++ |
9156 |
+ return &nft_match->ops; |
9157 |
++ } |
9158 |
+ } |
9159 |
+ |
9160 |
+ match = xt_request_find_match(family, mt_name, rev); |
9161 |
+@@ -631,6 +641,13 @@ static LIST_HEAD(nft_target_list); |
9162 |
+ |
9163 |
+ static struct nft_expr_type nft_target_type; |
9164 |
+ |
9165 |
++static bool nft_target_cmp(const struct xt_target *tg, |
9166 |
++ const char *name, u32 rev, u32 family) |
9167 |
++{ |
9168 |
++ return strcmp(tg->name, name) == 0 && tg->revision == rev && |
9169 |
++ (tg->family == NFPROTO_UNSPEC || tg->family == family); |
9170 |
++} |
9171 |
++ |
9172 |
+ static const struct nft_expr_ops * |
9173 |
+ nft_target_select_ops(const struct nft_ctx *ctx, |
9174 |
+ const struct nlattr * const tb[]) |
9175 |
+@@ -638,7 +655,7 @@ nft_target_select_ops(const struct nft_ctx *ctx, |
9176 |
+ struct nft_xt *nft_target; |
9177 |
+ struct xt_target *target; |
9178 |
+ char *tg_name; |
9179 |
+- __u32 rev, family; |
9180 |
++ u32 rev, family; |
9181 |
+ |
9182 |
+ if (tb[NFTA_TARGET_NAME] == NULL || |
9183 |
+ tb[NFTA_TARGET_REV] == NULL || |
9184 |
+@@ -653,9 +670,12 @@ nft_target_select_ops(const struct nft_ctx *ctx, |
9185 |
+ list_for_each_entry(nft_target, &nft_target_list, head) { |
9186 |
+ struct xt_target *target = nft_target->ops.data; |
9187 |
+ |
9188 |
+- if (strcmp(target->name, tg_name) == 0 && |
9189 |
+- target->revision == rev && target->family == family) |
9190 |
++ if (nft_target_cmp(target, tg_name, rev, family)) { |
9191 |
++ if (!try_module_get(target->me)) |
9192 |
++ return ERR_PTR(-ENOENT); |
9193 |
++ |
9194 |
+ return &nft_target->ops; |
9195 |
++ } |
9196 |
+ } |
9197 |
+ |
9198 |
+ target = xt_request_find_target(family, tg_name, rev); |
9199 |
+diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
9200 |
+index 6ffd1ebaba93..fe106b50053e 100644 |
9201 |
+--- a/net/netlink/af_netlink.c |
9202 |
++++ b/net/netlink/af_netlink.c |
9203 |
+@@ -133,6 +133,24 @@ static inline u32 netlink_group_mask(u32 group) |
9204 |
+ return group ? 1 << (group - 1) : 0; |
9205 |
+ } |
9206 |
+ |
9207 |
++static struct sk_buff *netlink_to_full_skb(const struct sk_buff *skb, |
9208 |
++ gfp_t gfp_mask) |
9209 |
++{ |
9210 |
++ unsigned int len = skb_end_offset(skb); |
9211 |
++ struct sk_buff *new; |
9212 |
++ |
9213 |
++ new = alloc_skb(len, gfp_mask); |
9214 |
++ if (new == NULL) |
9215 |
++ return NULL; |
9216 |
++ |
9217 |
++ NETLINK_CB(new).portid = NETLINK_CB(skb).portid; |
9218 |
++ NETLINK_CB(new).dst_group = NETLINK_CB(skb).dst_group; |
9219 |
++ NETLINK_CB(new).creds = NETLINK_CB(skb).creds; |
9220 |
++ |
9221 |
++ memcpy(skb_put(new, len), skb->data, len); |
9222 |
++ return new; |
9223 |
++} |
9224 |
++ |
9225 |
+ int netlink_add_tap(struct netlink_tap *nt) |
9226 |
+ { |
9227 |
+ if (unlikely(nt->dev->type != ARPHRD_NETLINK)) |
9228 |
+@@ -215,7 +233,11 @@ static int __netlink_deliver_tap_skb(struct sk_buff *skb, |
9229 |
+ int ret = -ENOMEM; |
9230 |
+ |
9231 |
+ dev_hold(dev); |
9232 |
+- nskb = skb_clone(skb, GFP_ATOMIC); |
9233 |
++ |
9234 |
++ if (netlink_skb_is_mmaped(skb) || is_vmalloc_addr(skb->head)) |
9235 |
++ nskb = netlink_to_full_skb(skb, GFP_ATOMIC); |
9236 |
++ else |
9237 |
++ nskb = skb_clone(skb, GFP_ATOMIC); |
9238 |
+ if (nskb) { |
9239 |
+ nskb->dev = dev; |
9240 |
+ nskb->protocol = htons((u16) sk->sk_protocol); |
9241 |
+@@ -287,11 +309,6 @@ static void netlink_rcv_wake(struct sock *sk) |
9242 |
+ } |
9243 |
+ |
9244 |
+ #ifdef CONFIG_NETLINK_MMAP |
9245 |
+-static bool netlink_skb_is_mmaped(const struct sk_buff *skb) |
9246 |
+-{ |
9247 |
+- return NETLINK_CB(skb).flags & NETLINK_SKB_MMAPED; |
9248 |
+-} |
9249 |
+- |
9250 |
+ static bool netlink_rx_is_mmaped(struct sock *sk) |
9251 |
+ { |
9252 |
+ return nlk_sk(sk)->rx_ring.pg_vec != NULL; |
9253 |
+@@ -843,7 +860,6 @@ static void netlink_ring_set_copied(struct sock *sk, struct sk_buff *skb) |
9254 |
+ } |
9255 |
+ |
9256 |
+ #else /* CONFIG_NETLINK_MMAP */ |
9257 |
+-#define netlink_skb_is_mmaped(skb) false |
9258 |
+ #define netlink_rx_is_mmaped(sk) false |
9259 |
+ #define netlink_tx_is_mmaped(sk) false |
9260 |
+ #define netlink_mmap sock_no_mmap |
9261 |
+diff --git a/net/netlink/af_netlink.h b/net/netlink/af_netlink.h |
9262 |
+index b20a1731759b..3951874e715d 100644 |
9263 |
+--- a/net/netlink/af_netlink.h |
9264 |
++++ b/net/netlink/af_netlink.h |
9265 |
+@@ -57,6 +57,15 @@ static inline struct netlink_sock *nlk_sk(struct sock *sk) |
9266 |
+ return container_of(sk, struct netlink_sock, sk); |
9267 |
+ } |
9268 |
+ |
9269 |
++static inline bool netlink_skb_is_mmaped(const struct sk_buff *skb) |
9270 |
++{ |
9271 |
++#ifdef CONFIG_NETLINK_MMAP |
9272 |
++ return NETLINK_CB(skb).flags & NETLINK_SKB_MMAPED; |
9273 |
++#else |
9274 |
++ return false; |
9275 |
++#endif /* CONFIG_NETLINK_MMAP */ |
9276 |
++} |
9277 |
++ |
9278 |
+ struct netlink_table { |
9279 |
+ struct rhashtable hash; |
9280 |
+ struct hlist_head mc_list; |
9281 |
+diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c |
9282 |
+index 28213dff723d..acf6b2edba65 100644 |
9283 |
+--- a/net/openvswitch/datapath.c |
9284 |
++++ b/net/openvswitch/datapath.c |
9285 |
+@@ -834,7 +834,7 @@ static int ovs_flow_cmd_new(struct sk_buff *skb, struct genl_info *info) |
9286 |
+ if (error) |
9287 |
+ goto err_kfree_flow; |
9288 |
+ |
9289 |
+- ovs_flow_mask_key(&new_flow->key, &new_flow->unmasked_key, &mask); |
9290 |
++ ovs_flow_mask_key(&new_flow->key, &new_flow->unmasked_key, true, &mask); |
9291 |
+ |
9292 |
+ /* Validate actions. */ |
9293 |
+ acts = ovs_nla_alloc_flow_actions(nla_len(a[OVS_FLOW_ATTR_ACTIONS])); |
9294 |
+@@ -949,7 +949,7 @@ static struct sw_flow_actions *get_flow_actions(const struct nlattr *a, |
9295 |
+ if (IS_ERR(acts)) |
9296 |
+ return acts; |
9297 |
+ |
9298 |
+- ovs_flow_mask_key(&masked_key, key, mask); |
9299 |
++ ovs_flow_mask_key(&masked_key, key, true, mask); |
9300 |
+ error = ovs_nla_copy_actions(a, &masked_key, 0, &acts); |
9301 |
+ if (error) { |
9302 |
+ OVS_NLERR("Flow actions may not be safe on all matching packets.\n"); |
9303 |
+diff --git a/net/openvswitch/flow_table.c b/net/openvswitch/flow_table.c |
9304 |
+index cf2d853646f0..740041a09b9d 100644 |
9305 |
+--- a/net/openvswitch/flow_table.c |
9306 |
++++ b/net/openvswitch/flow_table.c |
9307 |
+@@ -56,20 +56,21 @@ static u16 range_n_bytes(const struct sw_flow_key_range *range) |
9308 |
+ } |
9309 |
+ |
9310 |
+ void ovs_flow_mask_key(struct sw_flow_key *dst, const struct sw_flow_key *src, |
9311 |
+- const struct sw_flow_mask *mask) |
9312 |
++ bool full, const struct sw_flow_mask *mask) |
9313 |
+ { |
9314 |
+- const long *m = (const long *)((const u8 *)&mask->key + |
9315 |
+- mask->range.start); |
9316 |
+- const long *s = (const long *)((const u8 *)src + |
9317 |
+- mask->range.start); |
9318 |
+- long *d = (long *)((u8 *)dst + mask->range.start); |
9319 |
++ int start = full ? 0 : mask->range.start; |
9320 |
++ int len = full ? sizeof *dst : range_n_bytes(&mask->range); |
9321 |
++ const long *m = (const long *)((const u8 *)&mask->key + start); |
9322 |
++ const long *s = (const long *)((const u8 *)src + start); |
9323 |
++ long *d = (long *)((u8 *)dst + start); |
9324 |
+ int i; |
9325 |
+ |
9326 |
+- /* The memory outside of the 'mask->range' are not set since |
9327 |
+- * further operations on 'dst' only uses contents within |
9328 |
+- * 'mask->range'. |
9329 |
++ /* If 'full' is true then all of 'dst' is fully initialized. Otherwise, |
9330 |
++ * if 'full' is false the memory outside of the 'mask->range' is left |
9331 |
++ * uninitialized. This can be used as an optimization when further |
9332 |
++ * operations on 'dst' only use contents within 'mask->range'. |
9333 |
+ */ |
9334 |
+- for (i = 0; i < range_n_bytes(&mask->range); i += sizeof(long)) |
9335 |
++ for (i = 0; i < len; i += sizeof(long)) |
9336 |
+ *d++ = *s++ & *m++; |
9337 |
+ } |
9338 |
+ |
9339 |
+@@ -418,7 +419,7 @@ static struct sw_flow *masked_flow_lookup(struct table_instance *ti, |
9340 |
+ u32 hash; |
9341 |
+ struct sw_flow_key masked_key; |
9342 |
+ |
9343 |
+- ovs_flow_mask_key(&masked_key, unmasked, mask); |
9344 |
++ ovs_flow_mask_key(&masked_key, unmasked, false, mask); |
9345 |
+ hash = flow_hash(&masked_key, key_start, key_end); |
9346 |
+ head = find_bucket(ti, hash); |
9347 |
+ hlist_for_each_entry_rcu(flow, head, hash_node[ti->node_ver]) { |
9348 |
+diff --git a/net/openvswitch/flow_table.h b/net/openvswitch/flow_table.h |
9349 |
+index 5918bff7f3f6..2f0cf200ede9 100644 |
9350 |
+--- a/net/openvswitch/flow_table.h |
9351 |
++++ b/net/openvswitch/flow_table.h |
9352 |
+@@ -82,5 +82,5 @@ bool ovs_flow_cmp_unmasked_key(const struct sw_flow *flow, |
9353 |
+ struct sw_flow_match *match); |
9354 |
+ |
9355 |
+ void ovs_flow_mask_key(struct sw_flow_key *dst, const struct sw_flow_key *src, |
9356 |
+- const struct sw_flow_mask *mask); |
9357 |
++ bool full, const struct sw_flow_mask *mask); |
9358 |
+ #endif /* flow_table.h */ |
9359 |
+diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c |
9360 |
+index 5dcfe05ea232..bf6097793170 100644 |
9361 |
+--- a/net/packet/af_packet.c |
9362 |
++++ b/net/packet/af_packet.c |
9363 |
+@@ -2645,7 +2645,7 @@ static int packet_release(struct socket *sock) |
9364 |
+ static int packet_do_bind(struct sock *sk, struct net_device *dev, __be16 proto) |
9365 |
+ { |
9366 |
+ struct packet_sock *po = pkt_sk(sk); |
9367 |
+- const struct net_device *dev_curr; |
9368 |
++ struct net_device *dev_curr; |
9369 |
+ __be16 proto_curr; |
9370 |
+ bool need_rehook; |
9371 |
+ |
9372 |
+@@ -2669,15 +2669,13 @@ static int packet_do_bind(struct sock *sk, struct net_device *dev, __be16 proto) |
9373 |
+ |
9374 |
+ po->num = proto; |
9375 |
+ po->prot_hook.type = proto; |
9376 |
+- |
9377 |
+- if (po->prot_hook.dev) |
9378 |
+- dev_put(po->prot_hook.dev); |
9379 |
+- |
9380 |
+ po->prot_hook.dev = dev; |
9381 |
+ |
9382 |
+ po->ifindex = dev ? dev->ifindex : 0; |
9383 |
+ packet_cached_dev_assign(po, dev); |
9384 |
+ } |
9385 |
++ if (dev_curr) |
9386 |
++ dev_put(dev_curr); |
9387 |
+ |
9388 |
+ if (proto == 0 || !need_rehook) |
9389 |
+ goto out_unlock; |
9390 |
+diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c |
9391 |
+index 8f34b27d5775..143c4ebd55fa 100644 |
9392 |
+--- a/net/sctp/protocol.c |
9393 |
++++ b/net/sctp/protocol.c |
9394 |
+@@ -1166,7 +1166,7 @@ static void sctp_v4_del_protocol(void) |
9395 |
+ unregister_inetaddr_notifier(&sctp_inetaddr_notifier); |
9396 |
+ } |
9397 |
+ |
9398 |
+-static int __net_init sctp_net_init(struct net *net) |
9399 |
++static int __net_init sctp_defaults_init(struct net *net) |
9400 |
+ { |
9401 |
+ int status; |
9402 |
+ |
9403 |
+@@ -1259,12 +1259,6 @@ static int __net_init sctp_net_init(struct net *net) |
9404 |
+ |
9405 |
+ sctp_dbg_objcnt_init(net); |
9406 |
+ |
9407 |
+- /* Initialize the control inode/socket for handling OOTB packets. */ |
9408 |
+- if ((status = sctp_ctl_sock_init(net))) { |
9409 |
+- pr_err("Failed to initialize the SCTP control sock\n"); |
9410 |
+- goto err_ctl_sock_init; |
9411 |
+- } |
9412 |
+- |
9413 |
+ /* Initialize the local address list. */ |
9414 |
+ INIT_LIST_HEAD(&net->sctp.local_addr_list); |
9415 |
+ spin_lock_init(&net->sctp.local_addr_lock); |
9416 |
+@@ -1280,9 +1274,6 @@ static int __net_init sctp_net_init(struct net *net) |
9417 |
+ |
9418 |
+ return 0; |
9419 |
+ |
9420 |
+-err_ctl_sock_init: |
9421 |
+- sctp_dbg_objcnt_exit(net); |
9422 |
+- sctp_proc_exit(net); |
9423 |
+ err_init_proc: |
9424 |
+ cleanup_sctp_mibs(net); |
9425 |
+ err_init_mibs: |
9426 |
+@@ -1291,15 +1282,12 @@ err_sysctl_register: |
9427 |
+ return status; |
9428 |
+ } |
9429 |
+ |
9430 |
+-static void __net_exit sctp_net_exit(struct net *net) |
9431 |
++static void __net_exit sctp_defaults_exit(struct net *net) |
9432 |
+ { |
9433 |
+ /* Free the local address list */ |
9434 |
+ sctp_free_addr_wq(net); |
9435 |
+ sctp_free_local_addr_list(net); |
9436 |
+ |
9437 |
+- /* Free the control endpoint. */ |
9438 |
+- inet_ctl_sock_destroy(net->sctp.ctl_sock); |
9439 |
+- |
9440 |
+ sctp_dbg_objcnt_exit(net); |
9441 |
+ |
9442 |
+ sctp_proc_exit(net); |
9443 |
+@@ -1307,9 +1295,32 @@ static void __net_exit sctp_net_exit(struct net *net) |
9444 |
+ sctp_sysctl_net_unregister(net); |
9445 |
+ } |
9446 |
+ |
9447 |
+-static struct pernet_operations sctp_net_ops = { |
9448 |
+- .init = sctp_net_init, |
9449 |
+- .exit = sctp_net_exit, |
9450 |
++static struct pernet_operations sctp_defaults_ops = { |
9451 |
++ .init = sctp_defaults_init, |
9452 |
++ .exit = sctp_defaults_exit, |
9453 |
++}; |
9454 |
++ |
9455 |
++static int __net_init sctp_ctrlsock_init(struct net *net) |
9456 |
++{ |
9457 |
++ int status; |
9458 |
++ |
9459 |
++ /* Initialize the control inode/socket for handling OOTB packets. */ |
9460 |
++ status = sctp_ctl_sock_init(net); |
9461 |
++ if (status) |
9462 |
++ pr_err("Failed to initialize the SCTP control sock\n"); |
9463 |
++ |
9464 |
++ return status; |
9465 |
++} |
9466 |
++ |
9467 |
++static void __net_init sctp_ctrlsock_exit(struct net *net) |
9468 |
++{ |
9469 |
++ /* Free the control endpoint. */ |
9470 |
++ inet_ctl_sock_destroy(net->sctp.ctl_sock); |
9471 |
++} |
9472 |
++ |
9473 |
++static struct pernet_operations sctp_ctrlsock_ops = { |
9474 |
++ .init = sctp_ctrlsock_init, |
9475 |
++ .exit = sctp_ctrlsock_exit, |
9476 |
+ }; |
9477 |
+ |
9478 |
+ /* Initialize the universe into something sensible. */ |
9479 |
+@@ -1443,8 +1454,11 @@ static __init int sctp_init(void) |
9480 |
+ sctp_v4_pf_init(); |
9481 |
+ sctp_v6_pf_init(); |
9482 |
+ |
9483 |
+- status = sctp_v4_protosw_init(); |
9484 |
++ status = register_pernet_subsys(&sctp_defaults_ops); |
9485 |
++ if (status) |
9486 |
++ goto err_register_defaults; |
9487 |
+ |
9488 |
++ status = sctp_v4_protosw_init(); |
9489 |
+ if (status) |
9490 |
+ goto err_protosw_init; |
9491 |
+ |
9492 |
+@@ -1452,9 +1466,9 @@ static __init int sctp_init(void) |
9493 |
+ if (status) |
9494 |
+ goto err_v6_protosw_init; |
9495 |
+ |
9496 |
+- status = register_pernet_subsys(&sctp_net_ops); |
9497 |
++ status = register_pernet_subsys(&sctp_ctrlsock_ops); |
9498 |
+ if (status) |
9499 |
+- goto err_register_pernet_subsys; |
9500 |
++ goto err_register_ctrlsock; |
9501 |
+ |
9502 |
+ status = sctp_v4_add_protocol(); |
9503 |
+ if (status) |
9504 |
+@@ -1470,12 +1484,14 @@ out: |
9505 |
+ err_v6_add_protocol: |
9506 |
+ sctp_v4_del_protocol(); |
9507 |
+ err_add_protocol: |
9508 |
+- unregister_pernet_subsys(&sctp_net_ops); |
9509 |
+-err_register_pernet_subsys: |
9510 |
++ unregister_pernet_subsys(&sctp_ctrlsock_ops); |
9511 |
++err_register_ctrlsock: |
9512 |
+ sctp_v6_protosw_exit(); |
9513 |
+ err_v6_protosw_init: |
9514 |
+ sctp_v4_protosw_exit(); |
9515 |
+ err_protosw_init: |
9516 |
++ unregister_pernet_subsys(&sctp_defaults_ops); |
9517 |
++err_register_defaults: |
9518 |
+ sctp_v4_pf_exit(); |
9519 |
+ sctp_v6_pf_exit(); |
9520 |
+ sctp_sysctl_unregister(); |
9521 |
+@@ -1508,12 +1524,14 @@ static __exit void sctp_exit(void) |
9522 |
+ sctp_v6_del_protocol(); |
9523 |
+ sctp_v4_del_protocol(); |
9524 |
+ |
9525 |
+- unregister_pernet_subsys(&sctp_net_ops); |
9526 |
++ unregister_pernet_subsys(&sctp_ctrlsock_ops); |
9527 |
+ |
9528 |
+ /* Free protosw registrations */ |
9529 |
+ sctp_v6_protosw_exit(); |
9530 |
+ sctp_v4_protosw_exit(); |
9531 |
+ |
9532 |
++ unregister_pernet_subsys(&sctp_defaults_ops); |
9533 |
++ |
9534 |
+ /* Unregister with socket layer. */ |
9535 |
+ sctp_v6_pf_exit(); |
9536 |
+ sctp_v4_pf_exit(); |
9537 |
+diff --git a/net/sunrpc/xprtrdma/svc_rdma_sendto.c b/net/sunrpc/xprtrdma/svc_rdma_sendto.c |
9538 |
+index 9f1b50689c0f..03252a652e4b 100644 |
9539 |
+--- a/net/sunrpc/xprtrdma/svc_rdma_sendto.c |
9540 |
++++ b/net/sunrpc/xprtrdma/svc_rdma_sendto.c |
9541 |
+@@ -372,6 +372,7 @@ static int send_reply(struct svcxprt_rdma *rdma, |
9542 |
+ int byte_count) |
9543 |
+ { |
9544 |
+ struct ib_send_wr send_wr; |
9545 |
++ u32 xdr_off; |
9546 |
+ int sge_no; |
9547 |
+ int sge_bytes; |
9548 |
+ int page_no; |
9549 |
+@@ -406,8 +407,8 @@ static int send_reply(struct svcxprt_rdma *rdma, |
9550 |
+ ctxt->direction = DMA_TO_DEVICE; |
9551 |
+ |
9552 |
+ /* Map the payload indicated by 'byte_count' */ |
9553 |
++ xdr_off = 0; |
9554 |
+ for (sge_no = 1; byte_count && sge_no < vec->count; sge_no++) { |
9555 |
+- int xdr_off = 0; |
9556 |
+ sge_bytes = min_t(size_t, vec->sge[sge_no].iov_len, byte_count); |
9557 |
+ byte_count -= sge_bytes; |
9558 |
+ ctxt->sge[sge_no].addr = |
9559 |
+@@ -443,6 +444,14 @@ static int send_reply(struct svcxprt_rdma *rdma, |
9560 |
+ rqstp->rq_next_page = rqstp->rq_respages + 1; |
9561 |
+ |
9562 |
+ BUG_ON(sge_no > rdma->sc_max_sge); |
9563 |
++ |
9564 |
++ /* The loop above bumps sc_dma_used for each sge. The |
9565 |
++ * xdr_buf.tail gets a separate sge, but resides in the |
9566 |
++ * same page as xdr_buf.head. Don't count it twice. |
9567 |
++ */ |
9568 |
++ if (sge_no > ctxt->count) |
9569 |
++ atomic_dec(&rdma->sc_dma_used); |
9570 |
++ |
9571 |
+ memset(&send_wr, 0, sizeof send_wr); |
9572 |
+ ctxt->wr_op = IB_WR_SEND; |
9573 |
+ send_wr.wr_id = (unsigned long)ctxt; |
9574 |
+diff --git a/sound/arm/Kconfig b/sound/arm/Kconfig |
9575 |
+index 885683a3b0bd..e0406211716b 100644 |
9576 |
+--- a/sound/arm/Kconfig |
9577 |
++++ b/sound/arm/Kconfig |
9578 |
+@@ -9,6 +9,14 @@ menuconfig SND_ARM |
9579 |
+ Drivers that are implemented on ASoC can be found in |
9580 |
+ "ALSA for SoC audio support" section. |
9581 |
+ |
9582 |
++config SND_PXA2XX_LIB |
9583 |
++ tristate |
9584 |
++ select SND_AC97_CODEC if SND_PXA2XX_LIB_AC97 |
9585 |
++ select SND_DMAENGINE_PCM |
9586 |
++ |
9587 |
++config SND_PXA2XX_LIB_AC97 |
9588 |
++ bool |
9589 |
++ |
9590 |
+ if SND_ARM |
9591 |
+ |
9592 |
+ config SND_ARMAACI |
9593 |
+@@ -21,13 +29,6 @@ config SND_PXA2XX_PCM |
9594 |
+ tristate |
9595 |
+ select SND_PCM |
9596 |
+ |
9597 |
+-config SND_PXA2XX_LIB |
9598 |
+- tristate |
9599 |
+- select SND_AC97_CODEC if SND_PXA2XX_LIB_AC97 |
9600 |
+- |
9601 |
+-config SND_PXA2XX_LIB_AC97 |
9602 |
+- bool |
9603 |
+- |
9604 |
+ config SND_PXA2XX_AC97 |
9605 |
+ tristate "AC97 driver for the Intel PXA2xx chip" |
9606 |
+ depends on ARCH_PXA |
9607 |
+diff --git a/sound/pci/hda/patch_cirrus.c b/sound/pci/hda/patch_cirrus.c |
9608 |
+index e5dac8ea65e4..1b3b38d025fc 100644 |
9609 |
+--- a/sound/pci/hda/patch_cirrus.c |
9610 |
++++ b/sound/pci/hda/patch_cirrus.c |
9611 |
+@@ -634,6 +634,7 @@ static const struct snd_pci_quirk cs4208_mac_fixup_tbl[] = { |
9612 |
+ SND_PCI_QUIRK(0x106b, 0x5e00, "MacBookPro 11,2", CS4208_MBP11), |
9613 |
+ SND_PCI_QUIRK(0x106b, 0x7100, "MacBookAir 6,1", CS4208_MBA6), |
9614 |
+ SND_PCI_QUIRK(0x106b, 0x7200, "MacBookAir 6,2", CS4208_MBA6), |
9615 |
++ SND_PCI_QUIRK(0x106b, 0x7b00, "MacBookPro 12,1", CS4208_MBP11), |
9616 |
+ {} /* terminator */ |
9617 |
+ }; |
9618 |
+ |
9619 |
+diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c |
9620 |
+index f979293b421a..d36cdb27a02c 100644 |
9621 |
+--- a/sound/pci/hda/patch_realtek.c |
9622 |
++++ b/sound/pci/hda/patch_realtek.c |
9623 |
+@@ -1131,7 +1131,7 @@ static const struct hda_fixup alc880_fixups[] = { |
9624 |
+ /* override all pins as BIOS on old Amilo is broken */ |
9625 |
+ .type = HDA_FIXUP_PINS, |
9626 |
+ .v.pins = (const struct hda_pintbl[]) { |
9627 |
+- { 0x14, 0x0121411f }, /* HP */ |
9628 |
++ { 0x14, 0x0121401f }, /* HP */ |
9629 |
+ { 0x15, 0x99030120 }, /* speaker */ |
9630 |
+ { 0x16, 0x99030130 }, /* bass speaker */ |
9631 |
+ { 0x17, 0x411111f0 }, /* N/A */ |
9632 |
+@@ -1151,7 +1151,7 @@ static const struct hda_fixup alc880_fixups[] = { |
9633 |
+ /* almost compatible with FUJITSU, but no bass and SPDIF */ |
9634 |
+ .type = HDA_FIXUP_PINS, |
9635 |
+ .v.pins = (const struct hda_pintbl[]) { |
9636 |
+- { 0x14, 0x0121411f }, /* HP */ |
9637 |
++ { 0x14, 0x0121401f }, /* HP */ |
9638 |
+ { 0x15, 0x99030120 }, /* speaker */ |
9639 |
+ { 0x16, 0x411111f0 }, /* N/A */ |
9640 |
+ { 0x17, 0x411111f0 }, /* N/A */ |
9641 |
+@@ -1360,7 +1360,7 @@ static const struct snd_pci_quirk alc880_fixup_tbl[] = { |
9642 |
+ SND_PCI_QUIRK(0x161f, 0x203d, "W810", ALC880_FIXUP_W810), |
9643 |
+ SND_PCI_QUIRK(0x161f, 0x205d, "Medion Rim 2150", ALC880_FIXUP_MEDION_RIM), |
9644 |
+ SND_PCI_QUIRK(0x1631, 0xe011, "PB 13201056", ALC880_FIXUP_6ST_AUTOMUTE), |
9645 |
+- SND_PCI_QUIRK(0x1734, 0x107c, "FSC F1734", ALC880_FIXUP_F1734), |
9646 |
++ SND_PCI_QUIRK(0x1734, 0x107c, "FSC Amilo M1437", ALC880_FIXUP_FUJITSU), |
9647 |
+ SND_PCI_QUIRK(0x1734, 0x1094, "FSC Amilo M1451G", ALC880_FIXUP_FUJITSU), |
9648 |
+ SND_PCI_QUIRK(0x1734, 0x10ac, "FSC AMILO Xi 1526", ALC880_FIXUP_F1734), |
9649 |
+ SND_PCI_QUIRK(0x1734, 0x10b0, "FSC Amilo Pi1556", ALC880_FIXUP_FUJITSU), |
9650 |
+@@ -5050,6 +5050,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { |
9651 |
+ SND_PCI_QUIRK(0x17aa, 0x2212, "Thinkpad T440", ALC292_FIXUP_TPT440_DOCK), |
9652 |
+ SND_PCI_QUIRK(0x17aa, 0x2214, "Thinkpad X240", ALC292_FIXUP_TPT440_DOCK), |
9653 |
+ SND_PCI_QUIRK(0x17aa, 0x2215, "Thinkpad", ALC269_FIXUP_LIMIT_INT_MIC_BOOST), |
9654 |
++ SND_PCI_QUIRK(0x17aa, 0x2223, "ThinkPad T550", ALC292_FIXUP_TPT440_DOCK), |
9655 |
+ SND_PCI_QUIRK(0x17aa, 0x2226, "ThinkPad X250", ALC292_FIXUP_TPT440_DOCK), |
9656 |
+ SND_PCI_QUIRK(0x17aa, 0x3977, "IdeaPad S210", ALC283_FIXUP_INT_MIC), |
9657 |
+ SND_PCI_QUIRK(0x17aa, 0x3978, "IdeaPad Y410P", ALC269_FIXUP_NO_SHUTUP), |
9658 |
+diff --git a/sound/soc/dwc/designware_i2s.c b/sound/soc/dwc/designware_i2s.c |
9659 |
+index 10e1b8ca42ed..8086f3da5de8 100644 |
9660 |
+--- a/sound/soc/dwc/designware_i2s.c |
9661 |
++++ b/sound/soc/dwc/designware_i2s.c |
9662 |
+@@ -100,10 +100,10 @@ static inline void i2s_clear_irqs(struct dw_i2s_dev *dev, u32 stream) |
9663 |
+ |
9664 |
+ if (stream == SNDRV_PCM_STREAM_PLAYBACK) { |
9665 |
+ for (i = 0; i < 4; i++) |
9666 |
+- i2s_write_reg(dev->i2s_base, TOR(i), 0); |
9667 |
++ i2s_read_reg(dev->i2s_base, TOR(i)); |
9668 |
+ } else { |
9669 |
+ for (i = 0; i < 4; i++) |
9670 |
+- i2s_write_reg(dev->i2s_base, ROR(i), 0); |
9671 |
++ i2s_read_reg(dev->i2s_base, ROR(i)); |
9672 |
+ } |
9673 |
+ } |
9674 |
+ |
9675 |
+diff --git a/sound/soc/pxa/Kconfig b/sound/soc/pxa/Kconfig |
9676 |
+index 2434b6d61675..e1f501b46c9d 100644 |
9677 |
+--- a/sound/soc/pxa/Kconfig |
9678 |
++++ b/sound/soc/pxa/Kconfig |
9679 |
+@@ -1,7 +1,6 @@ |
9680 |
+ config SND_PXA2XX_SOC |
9681 |
+ tristate "SoC Audio for the Intel PXA2xx chip" |
9682 |
+ depends on ARCH_PXA |
9683 |
+- select SND_ARM |
9684 |
+ select SND_PXA2XX_LIB |
9685 |
+ help |
9686 |
+ Say Y or M if you want to add support for codecs attached to |
9687 |
+@@ -25,7 +24,6 @@ config SND_PXA2XX_AC97 |
9688 |
+ config SND_PXA2XX_SOC_AC97 |
9689 |
+ tristate |
9690 |
+ select AC97_BUS |
9691 |
+- select SND_ARM |
9692 |
+ select SND_PXA2XX_LIB_AC97 |
9693 |
+ select SND_SOC_AC97_BUS |
9694 |
+ |
9695 |
+diff --git a/sound/soc/pxa/pxa2xx-ac97.c b/sound/soc/pxa/pxa2xx-ac97.c |
9696 |
+index ae956e3f4b9d..593e3202fc35 100644 |
9697 |
+--- a/sound/soc/pxa/pxa2xx-ac97.c |
9698 |
++++ b/sound/soc/pxa/pxa2xx-ac97.c |
9699 |
+@@ -49,7 +49,7 @@ static struct snd_ac97_bus_ops pxa2xx_ac97_ops = { |
9700 |
+ .reset = pxa2xx_ac97_cold_reset, |
9701 |
+ }; |
9702 |
+ |
9703 |
+-static unsigned long pxa2xx_ac97_pcm_stereo_in_req = 12; |
9704 |
++static unsigned long pxa2xx_ac97_pcm_stereo_in_req = 11; |
9705 |
+ static struct snd_dmaengine_dai_dma_data pxa2xx_ac97_pcm_stereo_in = { |
9706 |
+ .addr = __PREG(PCDR), |
9707 |
+ .addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES, |
9708 |
+@@ -57,7 +57,7 @@ static struct snd_dmaengine_dai_dma_data pxa2xx_ac97_pcm_stereo_in = { |
9709 |
+ .filter_data = &pxa2xx_ac97_pcm_stereo_in_req, |
9710 |
+ }; |
9711 |
+ |
9712 |
+-static unsigned long pxa2xx_ac97_pcm_stereo_out_req = 11; |
9713 |
++static unsigned long pxa2xx_ac97_pcm_stereo_out_req = 12; |
9714 |
+ static struct snd_dmaengine_dai_dma_data pxa2xx_ac97_pcm_stereo_out = { |
9715 |
+ .addr = __PREG(PCDR), |
9716 |
+ .addr_width = DMA_SLAVE_BUSWIDTH_4_BYTES, |
9717 |
+diff --git a/sound/synth/emux/emux_oss.c b/sound/synth/emux/emux_oss.c |
9718 |
+index daf61abc3670..646b66703bd8 100644 |
9719 |
+--- a/sound/synth/emux/emux_oss.c |
9720 |
++++ b/sound/synth/emux/emux_oss.c |
9721 |
+@@ -69,7 +69,8 @@ snd_emux_init_seq_oss(struct snd_emux *emu) |
9722 |
+ struct snd_seq_oss_reg *arg; |
9723 |
+ struct snd_seq_device *dev; |
9724 |
+ |
9725 |
+- if (snd_seq_device_new(emu->card, 0, SNDRV_SEQ_DEV_ID_OSS, |
9726 |
++ /* using device#1 here for avoiding conflicts with OPL3 */ |
9727 |
++ if (snd_seq_device_new(emu->card, 1, SNDRV_SEQ_DEV_ID_OSS, |
9728 |
+ sizeof(struct snd_seq_oss_reg), &dev) < 0) |
9729 |
+ return; |
9730 |
+ |
9731 |
+diff --git a/tools/lib/traceevent/event-parse.c b/tools/lib/traceevent/event-parse.c |
9732 |
+index cf3a44bf1ec3..dfb8be78ff75 100644 |
9733 |
+--- a/tools/lib/traceevent/event-parse.c |
9734 |
++++ b/tools/lib/traceevent/event-parse.c |
9735 |
+@@ -3658,7 +3658,7 @@ static void print_str_arg(struct trace_seq *s, void *data, int size, |
9736 |
+ struct format_field *field; |
9737 |
+ struct printk_map *printk; |
9738 |
+ unsigned long long val, fval; |
9739 |
+- unsigned long addr; |
9740 |
++ unsigned long long addr; |
9741 |
+ char *str; |
9742 |
+ unsigned char *hex; |
9743 |
+ int print; |
9744 |
+@@ -3691,13 +3691,30 @@ static void print_str_arg(struct trace_seq *s, void *data, int size, |
9745 |
+ */ |
9746 |
+ if (!(field->flags & FIELD_IS_ARRAY) && |
9747 |
+ field->size == pevent->long_size) { |
9748 |
+- addr = *(unsigned long *)(data + field->offset); |
9749 |
++ |
9750 |
++ /* Handle heterogeneous recording and processing |
9751 |
++ * architectures |
9752 |
++ * |
9753 |
++ * CASE I: |
9754 |
++ * Traces recorded on 32-bit devices (32-bit |
9755 |
++ * addressing) and processed on 64-bit devices: |
9756 |
++ * In this case, only 32 bits should be read. |
9757 |
++ * |
9758 |
++ * CASE II: |
9759 |
++ * Traces recorded on 64 bit devices and processed |
9760 |
++ * on 32-bit devices: |
9761 |
++ * In this case, 64 bits must be read. |
9762 |
++ */ |
9763 |
++ addr = (pevent->long_size == 8) ? |
9764 |
++ *(unsigned long long *)(data + field->offset) : |
9765 |
++ (unsigned long long)*(unsigned int *)(data + field->offset); |
9766 |
++ |
9767 |
+ /* Check if it matches a print format */ |
9768 |
+ printk = find_printk(pevent, addr); |
9769 |
+ if (printk) |
9770 |
+ trace_seq_puts(s, printk->printk); |
9771 |
+ else |
9772 |
+- trace_seq_printf(s, "%lx", addr); |
9773 |
++ trace_seq_printf(s, "%llx", addr); |
9774 |
+ break; |
9775 |
+ } |
9776 |
+ str = malloc(len + 1); |
9777 |
+diff --git a/tools/perf/builtin-stat.c b/tools/perf/builtin-stat.c |
9778 |
+index 055ce9232c9e..66c9fc730a14 100644 |
9779 |
+--- a/tools/perf/builtin-stat.c |
9780 |
++++ b/tools/perf/builtin-stat.c |
9781 |
+@@ -1117,7 +1117,7 @@ static void abs_printout(int id, int nr, struct perf_evsel *evsel, double avg) |
9782 |
+ static void print_aggr(char *prefix) |
9783 |
+ { |
9784 |
+ struct perf_evsel *counter; |
9785 |
+- int cpu, cpu2, s, s2, id, nr; |
9786 |
++ int cpu, s, s2, id, nr; |
9787 |
+ double uval; |
9788 |
+ u64 ena, run, val; |
9789 |
+ |
9790 |
+@@ -1130,8 +1130,7 @@ static void print_aggr(char *prefix) |
9791 |
+ val = ena = run = 0; |
9792 |
+ nr = 0; |
9793 |
+ for (cpu = 0; cpu < perf_evsel__nr_cpus(counter); cpu++) { |
9794 |
+- cpu2 = perf_evsel__cpus(counter)->map[cpu]; |
9795 |
+- s2 = aggr_get_id(evsel_list->cpus, cpu2); |
9796 |
++ s2 = aggr_get_id(perf_evsel__cpus(counter), cpu); |
9797 |
+ if (s2 != id) |
9798 |
+ continue; |
9799 |
+ val += counter->counts->cpu[cpu].val; |
9800 |
+diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c |
9801 |
+index 26f5b2fe5dc8..74caa262ace5 100644 |
9802 |
+--- a/tools/perf/util/header.c |
9803 |
++++ b/tools/perf/util/header.c |
9804 |
+@@ -1775,7 +1775,7 @@ static int process_nrcpus(struct perf_file_section *section __maybe_unused, |
9805 |
+ if (ph->needs_swap) |
9806 |
+ nr = bswap_32(nr); |
9807 |
+ |
9808 |
+- ph->env.nr_cpus_online = nr; |
9809 |
++ ph->env.nr_cpus_avail = nr; |
9810 |
+ |
9811 |
+ ret = readn(fd, &nr, sizeof(nr)); |
9812 |
+ if (ret != sizeof(nr)) |
9813 |
+@@ -1784,7 +1784,7 @@ static int process_nrcpus(struct perf_file_section *section __maybe_unused, |
9814 |
+ if (ph->needs_swap) |
9815 |
+ nr = bswap_32(nr); |
9816 |
+ |
9817 |
+- ph->env.nr_cpus_avail = nr; |
9818 |
++ ph->env.nr_cpus_online = nr; |
9819 |
+ return 0; |
9820 |
+ } |
9821 |
+ |
9822 |
+diff --git a/tools/perf/util/hist.c b/tools/perf/util/hist.c |
9823 |
+index 6e88b9e395df..06868c61f8dd 100644 |
9824 |
+--- a/tools/perf/util/hist.c |
9825 |
++++ b/tools/perf/util/hist.c |
9826 |
+@@ -150,6 +150,9 @@ void hists__calc_col_len(struct hists *hists, struct hist_entry *h) |
9827 |
+ hists__new_col_len(hists, HISTC_LOCAL_WEIGHT, 12); |
9828 |
+ hists__new_col_len(hists, HISTC_GLOBAL_WEIGHT, 12); |
9829 |
+ |
9830 |
++ if (h->srcline) |
9831 |
++ hists__new_col_len(hists, HISTC_SRCLINE, strlen(h->srcline)); |
9832 |
++ |
9833 |
+ if (h->transaction) |
9834 |
+ hists__new_col_len(hists, HISTC_TRANSACTION, |
9835 |
+ hist_entry__transaction_len()); |
9836 |
+diff --git a/tools/perf/util/symbol-elf.c b/tools/perf/util/symbol-elf.c |
9837 |
+index fcaf06b40558..194300a08197 100644 |
9838 |
+--- a/tools/perf/util/symbol-elf.c |
9839 |
++++ b/tools/perf/util/symbol-elf.c |
9840 |
+@@ -1166,8 +1166,6 @@ out_close: |
9841 |
+ static int kcore__init(struct kcore *kcore, char *filename, int elfclass, |
9842 |
+ bool temp) |
9843 |
+ { |
9844 |
+- GElf_Ehdr *ehdr; |
9845 |
+- |
9846 |
+ kcore->elfclass = elfclass; |
9847 |
+ |
9848 |
+ if (temp) |
9849 |
+@@ -1184,9 +1182,7 @@ static int kcore__init(struct kcore *kcore, char *filename, int elfclass, |
9850 |
+ if (!gelf_newehdr(kcore->elf, elfclass)) |
9851 |
+ goto out_end; |
9852 |
+ |
9853 |
+- ehdr = gelf_getehdr(kcore->elf, &kcore->ehdr); |
9854 |
+- if (!ehdr) |
9855 |
+- goto out_end; |
9856 |
++ memset(&kcore->ehdr, 0, sizeof(GElf_Ehdr)); |
9857 |
+ |
9858 |
+ return 0; |
9859 |
+ |
9860 |
+@@ -1243,23 +1239,18 @@ static int kcore__copy_hdr(struct kcore *from, struct kcore *to, size_t count) |
9861 |
+ static int kcore__add_phdr(struct kcore *kcore, int idx, off_t offset, |
9862 |
+ u64 addr, u64 len) |
9863 |
+ { |
9864 |
+- GElf_Phdr gphdr; |
9865 |
+- GElf_Phdr *phdr; |
9866 |
+- |
9867 |
+- phdr = gelf_getphdr(kcore->elf, idx, &gphdr); |
9868 |
+- if (!phdr) |
9869 |
+- return -1; |
9870 |
+- |
9871 |
+- phdr->p_type = PT_LOAD; |
9872 |
+- phdr->p_flags = PF_R | PF_W | PF_X; |
9873 |
+- phdr->p_offset = offset; |
9874 |
+- phdr->p_vaddr = addr; |
9875 |
+- phdr->p_paddr = 0; |
9876 |
+- phdr->p_filesz = len; |
9877 |
+- phdr->p_memsz = len; |
9878 |
+- phdr->p_align = page_size; |
9879 |
+- |
9880 |
+- if (!gelf_update_phdr(kcore->elf, idx, phdr)) |
9881 |
++ GElf_Phdr phdr = { |
9882 |
++ .p_type = PT_LOAD, |
9883 |
++ .p_flags = PF_R | PF_W | PF_X, |
9884 |
++ .p_offset = offset, |
9885 |
++ .p_vaddr = addr, |
9886 |
++ .p_paddr = 0, |
9887 |
++ .p_filesz = len, |
9888 |
++ .p_memsz = len, |
9889 |
++ .p_align = page_size, |
9890 |
++ }; |
9891 |
++ |
9892 |
++ if (!gelf_update_phdr(kcore->elf, idx, &phdr)) |
9893 |
+ return -1; |
9894 |
+ |
9895 |
+ return 0; |
9896 |
+diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c |
9897 |
+index b0fb390943c6..5a310caf4bbe 100644 |
9898 |
+--- a/virt/kvm/eventfd.c |
9899 |
++++ b/virt/kvm/eventfd.c |
9900 |
+@@ -775,40 +775,14 @@ static enum kvm_bus ioeventfd_bus_from_flags(__u32 flags) |
9901 |
+ return KVM_MMIO_BUS; |
9902 |
+ } |
9903 |
+ |
9904 |
+-static int |
9905 |
+-kvm_assign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
9906 |
++static int kvm_assign_ioeventfd_idx(struct kvm *kvm, |
9907 |
++ enum kvm_bus bus_idx, |
9908 |
++ struct kvm_ioeventfd *args) |
9909 |
+ { |
9910 |
+- enum kvm_bus bus_idx; |
9911 |
+- struct _ioeventfd *p; |
9912 |
+- struct eventfd_ctx *eventfd; |
9913 |
+- int ret; |
9914 |
+- |
9915 |
+- bus_idx = ioeventfd_bus_from_flags(args->flags); |
9916 |
+- /* must be natural-word sized, or 0 to ignore length */ |
9917 |
+- switch (args->len) { |
9918 |
+- case 0: |
9919 |
+- case 1: |
9920 |
+- case 2: |
9921 |
+- case 4: |
9922 |
+- case 8: |
9923 |
+- break; |
9924 |
+- default: |
9925 |
+- return -EINVAL; |
9926 |
+- } |
9927 |
+- |
9928 |
+- /* check for range overflow */ |
9929 |
+- if (args->addr + args->len < args->addr) |
9930 |
+- return -EINVAL; |
9931 |
+ |
9932 |
+- /* check for extra flags that we don't understand */ |
9933 |
+- if (args->flags & ~KVM_IOEVENTFD_VALID_FLAG_MASK) |
9934 |
+- return -EINVAL; |
9935 |
+- |
9936 |
+- /* ioeventfd with no length can't be combined with DATAMATCH */ |
9937 |
+- if (!args->len && |
9938 |
+- args->flags & (KVM_IOEVENTFD_FLAG_PIO | |
9939 |
+- KVM_IOEVENTFD_FLAG_DATAMATCH)) |
9940 |
+- return -EINVAL; |
9941 |
++ struct eventfd_ctx *eventfd; |
9942 |
++ struct _ioeventfd *p; |
9943 |
++ int ret; |
9944 |
+ |
9945 |
+ eventfd = eventfd_ctx_fdget(args->fd); |
9946 |
+ if (IS_ERR(eventfd)) |
9947 |
+@@ -847,16 +821,6 @@ kvm_assign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
9948 |
+ if (ret < 0) |
9949 |
+ goto unlock_fail; |
9950 |
+ |
9951 |
+- /* When length is ignored, MMIO is also put on a separate bus, for |
9952 |
+- * faster lookups. |
9953 |
+- */ |
9954 |
+- if (!args->len && !(args->flags & KVM_IOEVENTFD_FLAG_PIO)) { |
9955 |
+- ret = kvm_io_bus_register_dev(kvm, KVM_FAST_MMIO_BUS, |
9956 |
+- p->addr, 0, &p->dev); |
9957 |
+- if (ret < 0) |
9958 |
+- goto register_fail; |
9959 |
+- } |
9960 |
+- |
9961 |
+ kvm->buses[bus_idx]->ioeventfd_count++; |
9962 |
+ list_add_tail(&p->list, &kvm->ioeventfds); |
9963 |
+ |
9964 |
+@@ -864,8 +828,6 @@ kvm_assign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
9965 |
+ |
9966 |
+ return 0; |
9967 |
+ |
9968 |
+-register_fail: |
9969 |
+- kvm_io_bus_unregister_dev(kvm, bus_idx, &p->dev); |
9970 |
+ unlock_fail: |
9971 |
+ mutex_unlock(&kvm->slots_lock); |
9972 |
+ |
9973 |
+@@ -877,14 +839,13 @@ fail: |
9974 |
+ } |
9975 |
+ |
9976 |
+ static int |
9977 |
+-kvm_deassign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
9978 |
++kvm_deassign_ioeventfd_idx(struct kvm *kvm, enum kvm_bus bus_idx, |
9979 |
++ struct kvm_ioeventfd *args) |
9980 |
+ { |
9981 |
+- enum kvm_bus bus_idx; |
9982 |
+ struct _ioeventfd *p, *tmp; |
9983 |
+ struct eventfd_ctx *eventfd; |
9984 |
+ int ret = -ENOENT; |
9985 |
+ |
9986 |
+- bus_idx = ioeventfd_bus_from_flags(args->flags); |
9987 |
+ eventfd = eventfd_ctx_fdget(args->fd); |
9988 |
+ if (IS_ERR(eventfd)) |
9989 |
+ return PTR_ERR(eventfd); |
9990 |
+@@ -905,10 +866,6 @@ kvm_deassign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
9991 |
+ continue; |
9992 |
+ |
9993 |
+ kvm_io_bus_unregister_dev(kvm, bus_idx, &p->dev); |
9994 |
+- if (!p->length) { |
9995 |
+- kvm_io_bus_unregister_dev(kvm, KVM_FAST_MMIO_BUS, |
9996 |
+- &p->dev); |
9997 |
+- } |
9998 |
+ kvm->buses[bus_idx]->ioeventfd_count--; |
9999 |
+ ioeventfd_release(p); |
10000 |
+ ret = 0; |
10001 |
+@@ -922,6 +879,71 @@ kvm_deassign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
10002 |
+ return ret; |
10003 |
+ } |
10004 |
+ |
10005 |
++static int kvm_deassign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
10006 |
++{ |
10007 |
++ enum kvm_bus bus_idx = ioeventfd_bus_from_flags(args->flags); |
10008 |
++ int ret = kvm_deassign_ioeventfd_idx(kvm, bus_idx, args); |
10009 |
++ |
10010 |
++ if (!args->len && bus_idx == KVM_MMIO_BUS) |
10011 |
++ kvm_deassign_ioeventfd_idx(kvm, KVM_FAST_MMIO_BUS, args); |
10012 |
++ |
10013 |
++ return ret; |
10014 |
++} |
10015 |
++ |
10016 |
++static int |
10017 |
++kvm_assign_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
10018 |
++{ |
10019 |
++ enum kvm_bus bus_idx; |
10020 |
++ int ret; |
10021 |
++ |
10022 |
++ bus_idx = ioeventfd_bus_from_flags(args->flags); |
10023 |
++ /* must be natural-word sized, or 0 to ignore length */ |
10024 |
++ switch (args->len) { |
10025 |
++ case 0: |
10026 |
++ case 1: |
10027 |
++ case 2: |
10028 |
++ case 4: |
10029 |
++ case 8: |
10030 |
++ break; |
10031 |
++ default: |
10032 |
++ return -EINVAL; |
10033 |
++ } |
10034 |
++ |
10035 |
++ /* check for range overflow */ |
10036 |
++ if (args->addr + args->len < args->addr) |
10037 |
++ return -EINVAL; |
10038 |
++ |
10039 |
++ /* check for extra flags that we don't understand */ |
10040 |
++ if (args->flags & ~KVM_IOEVENTFD_VALID_FLAG_MASK) |
10041 |
++ return -EINVAL; |
10042 |
++ |
10043 |
++ /* ioeventfd with no length can't be combined with DATAMATCH */ |
10044 |
++ if (!args->len && |
10045 |
++ args->flags & (KVM_IOEVENTFD_FLAG_PIO | |
10046 |
++ KVM_IOEVENTFD_FLAG_DATAMATCH)) |
10047 |
++ return -EINVAL; |
10048 |
++ |
10049 |
++ ret = kvm_assign_ioeventfd_idx(kvm, bus_idx, args); |
10050 |
++ if (ret) |
10051 |
++ goto fail; |
10052 |
++ |
10053 |
++ /* When length is ignored, MMIO is also put on a separate bus, for |
10054 |
++ * faster lookups. |
10055 |
++ */ |
10056 |
++ if (!args->len && bus_idx == KVM_MMIO_BUS) { |
10057 |
++ ret = kvm_assign_ioeventfd_idx(kvm, KVM_FAST_MMIO_BUS, args); |
10058 |
++ if (ret < 0) |
10059 |
++ goto fast_fail; |
10060 |
++ } |
10061 |
++ |
10062 |
++ return 0; |
10063 |
++ |
10064 |
++fast_fail: |
10065 |
++ kvm_deassign_ioeventfd_idx(kvm, bus_idx, args); |
10066 |
++fail: |
10067 |
++ return ret; |
10068 |
++} |
10069 |
++ |
10070 |
+ int |
10071 |
+ kvm_ioeventfd(struct kvm *kvm, struct kvm_ioeventfd *args) |
10072 |
+ { |
10073 |
+diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c |
10074 |
+index 4e52bb926374..329c3c91bb68 100644 |
10075 |
+--- a/virt/kvm/kvm_main.c |
10076 |
++++ b/virt/kvm/kvm_main.c |
10077 |
+@@ -2875,10 +2875,25 @@ static void kvm_io_bus_destroy(struct kvm_io_bus *bus) |
10078 |
+ static inline int kvm_io_bus_cmp(const struct kvm_io_range *r1, |
10079 |
+ const struct kvm_io_range *r2) |
10080 |
+ { |
10081 |
+- if (r1->addr < r2->addr) |
10082 |
++ gpa_t addr1 = r1->addr; |
10083 |
++ gpa_t addr2 = r2->addr; |
10084 |
++ |
10085 |
++ if (addr1 < addr2) |
10086 |
+ return -1; |
10087 |
+- if (r1->addr + r1->len > r2->addr + r2->len) |
10088 |
++ |
10089 |
++ /* If r2->len == 0, match the exact address. If r2->len != 0, |
10090 |
++ * accept any overlapping write. Any order is acceptable for |
10091 |
++ * overlapping ranges, because kvm_io_bus_get_first_dev ensures |
10092 |
++ * we process all of them. |
10093 |
++ */ |
10094 |
++ if (r2->len) { |
10095 |
++ addr1 += r1->len; |
10096 |
++ addr2 += r2->len; |
10097 |
++ } |
10098 |
++ |
10099 |
++ if (addr1 > addr2) |
10100 |
+ return 1; |
10101 |
++ |
10102 |
+ return 0; |
10103 |
+ } |
10104 |
+ |