Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mike Pagano <mpagano@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/linux-patches:4.19 commit in: /
Date: Mon, 28 Mar 2022 10:59:43
Message-Id: 1648465167.3038f0c1e16b2a5807f83b890d2add421177d9c4.mpagano@gentoo
1 commit: 3038f0c1e16b2a5807f83b890d2add421177d9c4
2 Author: Mike Pagano <mpagano <AT> gentoo <DOT> org>
3 AuthorDate: Mon Mar 28 10:59:27 2022 +0000
4 Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org>
5 CommitDate: Mon Mar 28 10:59:27 2022 +0000
6 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=3038f0c1
7
8 Linux patch 4.19.237
9
10 Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org>
11
12 0000_README | 4 +
13 1236_linux-4.19.237.patch | 755 ++++++++++++++++++++++++++++++++++++++++++++++
14 2 files changed, 759 insertions(+)
15
16 diff --git a/0000_README b/0000_README
17 index 0e8f7f4a..eccf1864 100644
18 --- a/0000_README
19 +++ b/0000_README
20 @@ -983,6 +983,10 @@ Patch: 1235_linux-4.19.236.patch
21 From: https://www.kernel.org
22 Desc: Linux 4.19.236
23
24 +Patch: 1236_linux-4.19.237.patch
25 +From: https://www.kernel.org
26 +Desc: Linux 4.19.237
27 +
28 Patch: 1500_XATTR_USER_PREFIX.patch
29 From: https://bugs.gentoo.org/show_bug.cgi?id=470644
30 Desc: Support for namespace user.pax.* on tmpfs.
31
32 diff --git a/1236_linux-4.19.237.patch b/1236_linux-4.19.237.patch
33 new file mode 100644
34 index 00000000..38435553
35 --- /dev/null
36 +++ b/1236_linux-4.19.237.patch
37 @@ -0,0 +1,755 @@
38 +diff --git a/Makefile b/Makefile
39 +index d83513c135206..834336f971c15 100644
40 +--- a/Makefile
41 ++++ b/Makefile
42 +@@ -1,7 +1,7 @@
43 + # SPDX-License-Identifier: GPL-2.0
44 + VERSION = 4
45 + PATCHLEVEL = 19
46 +-SUBLEVEL = 236
47 ++SUBLEVEL = 237
48 + EXTRAVERSION =
49 + NAME = "People's Front"
50 +
51 +diff --git a/arch/nds32/include/asm/uaccess.h b/arch/nds32/include/asm/uaccess.h
52 +index 362a32d9bd168..c8b4b8cc65294 100644
53 +--- a/arch/nds32/include/asm/uaccess.h
54 ++++ b/arch/nds32/include/asm/uaccess.h
55 +@@ -75,9 +75,7 @@ static inline void set_fs(mm_segment_t fs)
56 + * versions are void (ie, don't return a value as such).
57 + */
58 +
59 +-#define get_user __get_user \
60 +-
61 +-#define __get_user(x, ptr) \
62 ++#define get_user(x, ptr) \
63 + ({ \
64 + long __gu_err = 0; \
65 + __get_user_check((x), (ptr), __gu_err); \
66 +@@ -90,6 +88,14 @@ static inline void set_fs(mm_segment_t fs)
67 + (void)0; \
68 + })
69 +
70 ++#define __get_user(x, ptr) \
71 ++({ \
72 ++ long __gu_err = 0; \
73 ++ const __typeof__(*(ptr)) __user *__p = (ptr); \
74 ++ __get_user_err((x), __p, (__gu_err)); \
75 ++ __gu_err; \
76 ++})
77 ++
78 + #define __get_user_check(x, ptr, err) \
79 + ({ \
80 + const __typeof__(*(ptr)) __user *__p = (ptr); \
81 +@@ -170,12 +176,18 @@ do { \
82 + : "r"(addr), "i"(-EFAULT) \
83 + : "cc")
84 +
85 +-#define put_user __put_user \
86 ++#define put_user(x, ptr) \
87 ++({ \
88 ++ long __pu_err = 0; \
89 ++ __put_user_check((x), (ptr), __pu_err); \
90 ++ __pu_err; \
91 ++})
92 +
93 + #define __put_user(x, ptr) \
94 + ({ \
95 + long __pu_err = 0; \
96 +- __put_user_err((x), (ptr), __pu_err); \
97 ++ __typeof__(*(ptr)) __user *__p = (ptr); \
98 ++ __put_user_err((x), __p, __pu_err); \
99 + __pu_err; \
100 + })
101 +
102 +diff --git a/arch/x86/kernel/acpi/boot.c b/arch/x86/kernel/acpi/boot.c
103 +index b35c34cfbe522..8b1aa1206d980 100644
104 +--- a/arch/x86/kernel/acpi/boot.c
105 ++++ b/arch/x86/kernel/acpi/boot.c
106 +@@ -1351,6 +1351,17 @@ static int __init disable_acpi_pci(const struct dmi_system_id *d)
107 + return 0;
108 + }
109 +
110 ++static int __init disable_acpi_xsdt(const struct dmi_system_id *d)
111 ++{
112 ++ if (!acpi_force) {
113 ++ pr_notice("%s detected: force use of acpi=rsdt\n", d->ident);
114 ++ acpi_gbl_do_not_use_xsdt = TRUE;
115 ++ } else {
116 ++ pr_notice("Warning: DMI blacklist says broken, but acpi XSDT forced\n");
117 ++ }
118 ++ return 0;
119 ++}
120 ++
121 + static int __init dmi_disable_acpi(const struct dmi_system_id *d)
122 + {
123 + if (!acpi_force) {
124 +@@ -1475,6 +1486,19 @@ static const struct dmi_system_id acpi_dmi_table[] __initconst = {
125 + DMI_MATCH(DMI_PRODUCT_NAME, "TravelMate 360"),
126 + },
127 + },
128 ++ /*
129 ++ * Boxes that need ACPI XSDT use disabled due to corrupted tables
130 ++ */
131 ++ {
132 ++ .callback = disable_acpi_xsdt,
133 ++ .ident = "Advantech DAC-BJ01",
134 ++ .matches = {
135 ++ DMI_MATCH(DMI_SYS_VENDOR, "NEC"),
136 ++ DMI_MATCH(DMI_PRODUCT_NAME, "Bearlake CRB Board"),
137 ++ DMI_MATCH(DMI_BIOS_VERSION, "V1.12"),
138 ++ DMI_MATCH(DMI_BIOS_DATE, "02/01/2011"),
139 ++ },
140 ++ },
141 + {}
142 + };
143 +
144 +diff --git a/drivers/acpi/battery.c b/drivers/acpi/battery.c
145 +index d4e42a578e186..c0c533206e02d 100644
146 +--- a/drivers/acpi/battery.c
147 ++++ b/drivers/acpi/battery.c
148 +@@ -90,6 +90,10 @@ extern void *acpi_unlock_battery_dir(struct proc_dir_entry *acpi_battery_dir);
149 +
150 + static const struct acpi_device_id battery_device_ids[] = {
151 + {"PNP0C0A", 0},
152 ++
153 ++ /* Microsoft Surface Go 3 */
154 ++ {"MSHW0146", 0},
155 ++
156 + {"", 0},
157 + };
158 +
159 +@@ -1416,6 +1420,14 @@ static const struct dmi_system_id bat_dmi_table[] __initconst = {
160 + DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad"),
161 + },
162 + },
163 ++ {
164 ++ /* Microsoft Surface Go 3 */
165 ++ .callback = battery_notification_delay_quirk,
166 ++ .matches = {
167 ++ DMI_MATCH(DMI_SYS_VENDOR, "Microsoft Corporation"),
168 ++ DMI_MATCH(DMI_PRODUCT_NAME, "Surface Go 3"),
169 ++ },
170 ++ },
171 + {},
172 + };
173 +
174 +diff --git a/drivers/acpi/video_detect.c b/drivers/acpi/video_detect.c
175 +index 86ffb4af4afca..298d9c65e0848 100644
176 +--- a/drivers/acpi/video_detect.c
177 ++++ b/drivers/acpi/video_detect.c
178 +@@ -356,6 +356,81 @@ static const struct dmi_system_id video_detect_dmi_table[] = {
179 + DMI_MATCH(DMI_BOARD_NAME, "BA51_MV"),
180 + },
181 + },
182 ++ /*
183 ++ * Clevo NL5xRU and NL5xNU/TUXEDO Aura 15 Gen1 and Gen2 have both a
184 ++ * working native and video interface. However the default detection
185 ++ * mechanism first registers the video interface before unregistering
186 ++ * it again and switching to the native interface during boot. This
187 ++ * results in a dangling SBIOS request for backlight change for some
188 ++ * reason, causing the backlight to switch to ~2% once per boot on the
189 ++ * first power cord connect or disconnect event. Setting the native
190 ++ * interface explicitly circumvents this buggy behaviour, by avoiding
191 ++ * the unregistering process.
192 ++ */
193 ++ {
194 ++ .callback = video_detect_force_native,
195 ++ .ident = "Clevo NL5xRU",
196 ++ .matches = {
197 ++ DMI_MATCH(DMI_SYS_VENDOR, "TUXEDO"),
198 ++ DMI_MATCH(DMI_BOARD_NAME, "NL5xRU"),
199 ++ },
200 ++ },
201 ++ {
202 ++ .callback = video_detect_force_native,
203 ++ .ident = "Clevo NL5xRU",
204 ++ .matches = {
205 ++ DMI_MATCH(DMI_SYS_VENDOR, "SchenkerTechnologiesGmbH"),
206 ++ DMI_MATCH(DMI_BOARD_NAME, "NL5xRU"),
207 ++ },
208 ++ },
209 ++ {
210 ++ .callback = video_detect_force_native,
211 ++ .ident = "Clevo NL5xRU",
212 ++ .matches = {
213 ++ DMI_MATCH(DMI_SYS_VENDOR, "Notebook"),
214 ++ DMI_MATCH(DMI_BOARD_NAME, "NL5xRU"),
215 ++ },
216 ++ },
217 ++ {
218 ++ .callback = video_detect_force_native,
219 ++ .ident = "Clevo NL5xRU",
220 ++ .matches = {
221 ++ DMI_MATCH(DMI_SYS_VENDOR, "TUXEDO"),
222 ++ DMI_MATCH(DMI_BOARD_NAME, "AURA1501"),
223 ++ },
224 ++ },
225 ++ {
226 ++ .callback = video_detect_force_native,
227 ++ .ident = "Clevo NL5xRU",
228 ++ .matches = {
229 ++ DMI_MATCH(DMI_SYS_VENDOR, "TUXEDO"),
230 ++ DMI_MATCH(DMI_BOARD_NAME, "EDUBOOK1502"),
231 ++ },
232 ++ },
233 ++ {
234 ++ .callback = video_detect_force_native,
235 ++ .ident = "Clevo NL5xNU",
236 ++ .matches = {
237 ++ DMI_MATCH(DMI_SYS_VENDOR, "TUXEDO"),
238 ++ DMI_MATCH(DMI_BOARD_NAME, "NL5xNU"),
239 ++ },
240 ++ },
241 ++ {
242 ++ .callback = video_detect_force_native,
243 ++ .ident = "Clevo NL5xNU",
244 ++ .matches = {
245 ++ DMI_MATCH(DMI_SYS_VENDOR, "SchenkerTechnologiesGmbH"),
246 ++ DMI_MATCH(DMI_BOARD_NAME, "NL5xNU"),
247 ++ },
248 ++ },
249 ++ {
250 ++ .callback = video_detect_force_native,
251 ++ .ident = "Clevo NL5xNU",
252 ++ .matches = {
253 ++ DMI_MATCH(DMI_SYS_VENDOR, "Notebook"),
254 ++ DMI_MATCH(DMI_BOARD_NAME, "NL5xNU"),
255 ++ },
256 ++ },
257 +
258 + /*
259 + * Desktops which falsely report a backlight and which our heuristics
260 +diff --git a/drivers/crypto/qat/qat_common/qat_crypto.c b/drivers/crypto/qat/qat_common/qat_crypto.c
261 +index 3852d31ce0a4b..37a9f969c59cd 100644
262 +--- a/drivers/crypto/qat/qat_common/qat_crypto.c
263 ++++ b/drivers/crypto/qat/qat_common/qat_crypto.c
264 +@@ -170,6 +170,14 @@ int qat_crypto_dev_config(struct adf_accel_dev *accel_dev)
265 + goto err;
266 + if (adf_cfg_section_add(accel_dev, "Accelerator0"))
267 + goto err;
268 ++
269 ++ /* Temporarily set the number of crypto instances to zero to avoid
270 ++ * registering the crypto algorithms.
271 ++ * This will be removed when the algorithms will support the
272 ++ * CRYPTO_TFM_REQ_MAY_BACKLOG flag
273 ++ */
274 ++ instances = 0;
275 ++
276 + for (i = 0; i < instances; i++) {
277 + val = i;
278 + snprintf(key, sizeof(key), ADF_CY "%d" ADF_RING_BANK_NUM, i);
279 +diff --git a/drivers/net/ethernet/apm/xgene/xgene_enet_main.c b/drivers/net/ethernet/apm/xgene/xgene_enet_main.c
280 +index 3a489b2b99c99..86811de191edb 100644
281 +--- a/drivers/net/ethernet/apm/xgene/xgene_enet_main.c
282 ++++ b/drivers/net/ethernet/apm/xgene/xgene_enet_main.c
283 +@@ -707,6 +707,12 @@ static int xgene_enet_rx_frame(struct xgene_enet_desc_ring *rx_ring,
284 + buf_pool->rx_skb[skb_index] = NULL;
285 +
286 + datalen = xgene_enet_get_data_len(le64_to_cpu(raw_desc->m1));
287 ++
288 ++ /* strip off CRC as HW isn't doing this */
289 ++ nv = GET_VAL(NV, le64_to_cpu(raw_desc->m0));
290 ++ if (!nv)
291 ++ datalen -= 4;
292 ++
293 + skb_put(skb, datalen);
294 + prefetch(skb->data - NET_IP_ALIGN);
295 + skb->protocol = eth_type_trans(skb, ndev);
296 +@@ -728,12 +734,8 @@ static int xgene_enet_rx_frame(struct xgene_enet_desc_ring *rx_ring,
297 + }
298 + }
299 +
300 +- nv = GET_VAL(NV, le64_to_cpu(raw_desc->m0));
301 +- if (!nv) {
302 +- /* strip off CRC as HW isn't doing this */
303 +- datalen -= 4;
304 ++ if (!nv)
305 + goto skip_jumbo;
306 +- }
307 +
308 + slots = page_pool->slots - 1;
309 + head = page_pool->head;
310 +diff --git a/drivers/nfc/st21nfca/se.c b/drivers/nfc/st21nfca/se.c
311 +index fd967a38a94a5..ced3c20d64539 100644
312 +--- a/drivers/nfc/st21nfca/se.c
313 ++++ b/drivers/nfc/st21nfca/se.c
314 +@@ -332,6 +332,11 @@ int st21nfca_connectivity_event_received(struct nfc_hci_dev *hdev, u8 host,
315 + return -ENOMEM;
316 +
317 + transaction->aid_len = skb->data[1];
318 ++
319 ++ /* Checking if the length of the AID is valid */
320 ++ if (transaction->aid_len > sizeof(transaction->aid))
321 ++ return -EINVAL;
322 ++
323 + memcpy(transaction->aid, &skb->data[2],
324 + transaction->aid_len);
325 +
326 +@@ -341,6 +346,11 @@ int st21nfca_connectivity_event_received(struct nfc_hci_dev *hdev, u8 host,
327 + return -EPROTO;
328 +
329 + transaction->params_len = skb->data[transaction->aid_len + 3];
330 ++
331 ++ /* Total size is allocated (skb->len - 2) minus fixed array members */
332 ++ if (transaction->params_len > ((skb->len - 2) - sizeof(struct nfc_evt_transaction)))
333 ++ return -EINVAL;
334 ++
335 + memcpy(transaction->params, skb->data +
336 + transaction->aid_len + 4, transaction->params_len);
337 +
338 +diff --git a/drivers/staging/fbtft/fb_st7789v.c b/drivers/staging/fbtft/fb_st7789v.c
339 +index 3c3f387936e80..30086ae03605f 100644
340 +--- a/drivers/staging/fbtft/fb_st7789v.c
341 ++++ b/drivers/staging/fbtft/fb_st7789v.c
342 +@@ -76,6 +76,8 @@ enum st7789v_command {
343 + */
344 + static int init_display(struct fbtft_par *par)
345 + {
346 ++ par->fbtftops.reset(par);
347 ++
348 + /* turn off sleep mode */
349 + write_reg(par, MIPI_DCS_EXIT_SLEEP_MODE);
350 + mdelay(120);
351 +diff --git a/drivers/thermal/int340x_thermal/int3400_thermal.c b/drivers/thermal/int340x_thermal/int3400_thermal.c
352 +index e9d58de8b5da6..77967da5d4061 100644
353 +--- a/drivers/thermal/int340x_thermal/int3400_thermal.c
354 ++++ b/drivers/thermal/int340x_thermal/int3400_thermal.c
355 +@@ -223,6 +223,10 @@ static void int3400_notify(acpi_handle handle,
356 + thermal_prop[4] = NULL;
357 + kobject_uevent_env(&priv->thermal->device.kobj, KOBJ_CHANGE,
358 + thermal_prop);
359 ++ kfree(thermal_prop[0]);
360 ++ kfree(thermal_prop[1]);
361 ++ kfree(thermal_prop[2]);
362 ++ kfree(thermal_prop[3]);
363 + break;
364 + default:
365 + /* Ignore unknown notification codes sent to INT3400 device */
366 +diff --git a/include/net/esp.h b/include/net/esp.h
367 +index 117652eb6ea32..465e38890ee98 100644
368 +--- a/include/net/esp.h
369 ++++ b/include/net/esp.h
370 +@@ -4,6 +4,8 @@
371 +
372 + #include <linux/skbuff.h>
373 +
374 ++#define ESP_SKB_FRAG_MAXSIZE (PAGE_SIZE << SKB_FRAG_PAGE_ORDER)
375 ++
376 + struct ip_esp_hdr;
377 +
378 + static inline struct ip_esp_hdr *ip_esp_hdr(const struct sk_buff *skb)
379 +diff --git a/include/net/sock.h b/include/net/sock.h
380 +index 75677050c82ed..2bf8dcf863f2c 100644
381 +--- a/include/net/sock.h
382 ++++ b/include/net/sock.h
383 +@@ -2518,6 +2518,9 @@ extern int sysctl_optmem_max;
384 + extern __u32 sysctl_wmem_default;
385 + extern __u32 sysctl_rmem_default;
386 +
387 ++/* On 32bit arches, an skb frag is limited to 2^15 */
388 ++#define SKB_FRAG_PAGE_ORDER get_order(32768)
389 ++
390 + static inline int sk_get_wmem0(const struct sock *sk, const struct proto *proto)
391 + {
392 + /* Does this proto have per netns sysctl_wmem ? */
393 +diff --git a/net/core/sock.c b/net/core/sock.c
394 +index 41a77027a549b..79f085df52cef 100644
395 +--- a/net/core/sock.c
396 ++++ b/net/core/sock.c
397 +@@ -2207,9 +2207,6 @@ static void sk_leave_memory_pressure(struct sock *sk)
398 + }
399 + }
400 +
401 +-/* On 32bit arches, an skb frag is limited to 2^15 */
402 +-#define SKB_FRAG_PAGE_ORDER get_order(32768)
403 +-
404 + /**
405 + * skb_page_frag_refill - check that a page_frag contains enough room
406 + * @sz: minimum size of the fragment we want to get
407 +diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
408 +index 0792a9e2a555f..45bb5b60b9940 100644
409 +--- a/net/ipv4/esp4.c
410 ++++ b/net/ipv4/esp4.c
411 +@@ -275,6 +275,7 @@ int esp_output_head(struct xfrm_state *x, struct sk_buff *skb, struct esp_info *
412 + struct page *page;
413 + struct sk_buff *trailer;
414 + int tailen = esp->tailen;
415 ++ unsigned int allocsz;
416 +
417 + /* this is non-NULL only with UDP Encapsulation */
418 + if (x->encap) {
419 +@@ -284,6 +285,10 @@ int esp_output_head(struct xfrm_state *x, struct sk_buff *skb, struct esp_info *
420 + return err;
421 + }
422 +
423 ++ allocsz = ALIGN(skb->data_len + tailen, L1_CACHE_BYTES);
424 ++ if (allocsz > ESP_SKB_FRAG_MAXSIZE)
425 ++ goto cow;
426 ++
427 + if (!skb_cloned(skb)) {
428 + if (tailen <= skb_tailroom(skb)) {
429 + nfrags = 1;
430 +diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
431 +index 25317d5ccf2cc..e3abfc97fde7f 100644
432 +--- a/net/ipv6/esp6.c
433 ++++ b/net/ipv6/esp6.c
434 +@@ -241,6 +241,11 @@ int esp6_output_head(struct xfrm_state *x, struct sk_buff *skb, struct esp_info
435 + struct page *page;
436 + struct sk_buff *trailer;
437 + int tailen = esp->tailen;
438 ++ unsigned int allocsz;
439 ++
440 ++ allocsz = ALIGN(skb->data_len + tailen, L1_CACHE_BYTES);
441 ++ if (allocsz > ESP_SKB_FRAG_MAXSIZE)
442 ++ goto cow;
443 +
444 + if (!skb_cloned(skb)) {
445 + if (tailen <= skb_tailroom(skb)) {
446 +diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
447 +index fd496bda7ec78..373df391dc93c 100644
448 +--- a/net/ipv6/ip6_output.c
449 ++++ b/net/ipv6/ip6_output.c
450 +@@ -1325,8 +1325,8 @@ static int __ip6_append_data(struct sock *sk,
451 + sizeof(struct frag_hdr) : 0) +
452 + rt->rt6i_nfheader_len;
453 +
454 +- if (mtu < fragheaderlen ||
455 +- ((mtu - fragheaderlen) & ~7) + fragheaderlen < sizeof(struct frag_hdr))
456 ++ if (mtu <= fragheaderlen ||
457 ++ ((mtu - fragheaderlen) & ~7) + fragheaderlen <= sizeof(struct frag_hdr))
458 + goto emsgsize;
459 +
460 + maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
461 +diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c
462 +index 89a3dc7d5d400..5cba9199c3c91 100644
463 +--- a/net/llc/af_llc.c
464 ++++ b/net/llc/af_llc.c
465 +@@ -276,6 +276,7 @@ static int llc_ui_autobind(struct socket *sock, struct sockaddr_llc *addr)
466 + {
467 + struct sock *sk = sock->sk;
468 + struct llc_sock *llc = llc_sk(sk);
469 ++ struct net_device *dev = NULL;
470 + struct llc_sap *sap;
471 + int rc = -EINVAL;
472 +
473 +@@ -287,14 +288,14 @@ static int llc_ui_autobind(struct socket *sock, struct sockaddr_llc *addr)
474 + goto out;
475 + rc = -ENODEV;
476 + if (sk->sk_bound_dev_if) {
477 +- llc->dev = dev_get_by_index(&init_net, sk->sk_bound_dev_if);
478 +- if (llc->dev && addr->sllc_arphrd != llc->dev->type) {
479 +- dev_put(llc->dev);
480 +- llc->dev = NULL;
481 ++ dev = dev_get_by_index(&init_net, sk->sk_bound_dev_if);
482 ++ if (dev && addr->sllc_arphrd != dev->type) {
483 ++ dev_put(dev);
484 ++ dev = NULL;
485 + }
486 + } else
487 +- llc->dev = dev_getfirstbyhwtype(&init_net, addr->sllc_arphrd);
488 +- if (!llc->dev)
489 ++ dev = dev_getfirstbyhwtype(&init_net, addr->sllc_arphrd);
490 ++ if (!dev)
491 + goto out;
492 + rc = -EUSERS;
493 + llc->laddr.lsap = llc_ui_autoport();
494 +@@ -304,6 +305,11 @@ static int llc_ui_autobind(struct socket *sock, struct sockaddr_llc *addr)
495 + sap = llc_sap_open(llc->laddr.lsap, NULL);
496 + if (!sap)
497 + goto out;
498 ++
499 ++ /* Note: We do not expect errors from this point. */
500 ++ llc->dev = dev;
501 ++ dev = NULL;
502 ++
503 + memcpy(llc->laddr.mac, llc->dev->dev_addr, IFHWADDRLEN);
504 + memcpy(&llc->addr, addr, sizeof(llc->addr));
505 + /* assign new connection to its SAP */
506 +@@ -311,6 +317,7 @@ static int llc_ui_autobind(struct socket *sock, struct sockaddr_llc *addr)
507 + sock_reset_flag(sk, SOCK_ZAPPED);
508 + rc = 0;
509 + out:
510 ++ dev_put(dev);
511 + return rc;
512 + }
513 +
514 +@@ -333,6 +340,7 @@ static int llc_ui_bind(struct socket *sock, struct sockaddr *uaddr, int addrlen)
515 + struct sockaddr_llc *addr = (struct sockaddr_llc *)uaddr;
516 + struct sock *sk = sock->sk;
517 + struct llc_sock *llc = llc_sk(sk);
518 ++ struct net_device *dev = NULL;
519 + struct llc_sap *sap;
520 + int rc = -EINVAL;
521 +
522 +@@ -349,25 +357,26 @@ static int llc_ui_bind(struct socket *sock, struct sockaddr *uaddr, int addrlen)
523 + rc = -ENODEV;
524 + rcu_read_lock();
525 + if (sk->sk_bound_dev_if) {
526 +- llc->dev = dev_get_by_index_rcu(&init_net, sk->sk_bound_dev_if);
527 +- if (llc->dev) {
528 ++ dev = dev_get_by_index_rcu(&init_net, sk->sk_bound_dev_if);
529 ++ if (dev) {
530 + if (is_zero_ether_addr(addr->sllc_mac))
531 +- memcpy(addr->sllc_mac, llc->dev->dev_addr,
532 ++ memcpy(addr->sllc_mac, dev->dev_addr,
533 + IFHWADDRLEN);
534 +- if (addr->sllc_arphrd != llc->dev->type ||
535 ++ if (addr->sllc_arphrd != dev->type ||
536 + !ether_addr_equal(addr->sllc_mac,
537 +- llc->dev->dev_addr)) {
538 ++ dev->dev_addr)) {
539 + rc = -EINVAL;
540 +- llc->dev = NULL;
541 ++ dev = NULL;
542 + }
543 + }
544 +- } else
545 +- llc->dev = dev_getbyhwaddr_rcu(&init_net, addr->sllc_arphrd,
546 ++ } else {
547 ++ dev = dev_getbyhwaddr_rcu(&init_net, addr->sllc_arphrd,
548 + addr->sllc_mac);
549 +- if (llc->dev)
550 +- dev_hold(llc->dev);
551 ++ }
552 ++ if (dev)
553 ++ dev_hold(dev);
554 + rcu_read_unlock();
555 +- if (!llc->dev)
556 ++ if (!dev)
557 + goto out;
558 + if (!addr->sllc_sap) {
559 + rc = -EUSERS;
560 +@@ -400,6 +409,11 @@ static int llc_ui_bind(struct socket *sock, struct sockaddr *uaddr, int addrlen)
561 + goto out_put;
562 + }
563 + }
564 ++
565 ++ /* Note: We do not expect errors from this point. */
566 ++ llc->dev = dev;
567 ++ dev = NULL;
568 ++
569 + llc->laddr.lsap = addr->sllc_sap;
570 + memcpy(llc->laddr.mac, addr->sllc_mac, IFHWADDRLEN);
571 + memcpy(&llc->addr, addr, sizeof(llc->addr));
572 +@@ -410,6 +424,7 @@ static int llc_ui_bind(struct socket *sock, struct sockaddr *uaddr, int addrlen)
573 + out_put:
574 + llc_sap_put(sap);
575 + out:
576 ++ dev_put(dev);
577 + release_sock(sk);
578 + return rc;
579 + }
580 +diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
581 +index 6804cdd43befc..9348caf1c611d 100644
582 +--- a/net/mac80211/cfg.c
583 ++++ b/net/mac80211/cfg.c
584 +@@ -1823,13 +1823,11 @@ static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
585 + const struct mesh_setup *setup)
586 + {
587 + u8 *new_ie;
588 +- const u8 *old_ie;
589 + struct ieee80211_sub_if_data *sdata = container_of(ifmsh,
590 + struct ieee80211_sub_if_data, u.mesh);
591 +
592 + /* allocate information elements */
593 + new_ie = NULL;
594 +- old_ie = ifmsh->ie;
595 +
596 + if (setup->ie_len) {
597 + new_ie = kmemdup(setup->ie, setup->ie_len,
598 +@@ -1839,7 +1837,6 @@ static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
599 + }
600 + ifmsh->ie_len = setup->ie_len;
601 + ifmsh->ie = new_ie;
602 +- kfree(old_ie);
603 +
604 + /* now copy the rest of the setup parameters */
605 + ifmsh->mesh_id_len = setup->mesh_id_len;
606 +diff --git a/net/netfilter/nf_tables_core.c b/net/netfilter/nf_tables_core.c
607 +index a3850414dba2d..7dfaad783cd55 100644
608 +--- a/net/netfilter/nf_tables_core.c
609 ++++ b/net/netfilter/nf_tables_core.c
610 +@@ -144,7 +144,7 @@ nft_do_chain(struct nft_pktinfo *pkt, void *priv)
611 + struct nft_rule *const *rules;
612 + const struct nft_rule *rule;
613 + const struct nft_expr *expr, *last;
614 +- struct nft_regs regs;
615 ++ struct nft_regs regs = {};
616 + unsigned int stackptr = 0;
617 + struct nft_jumpstack jumpstack[NFT_JUMP_STACK_SIZE];
618 + bool genbit = READ_ONCE(net->nft.gencursor);
619 +diff --git a/sound/core/oss/pcm_oss.c b/sound/core/oss/pcm_oss.c
620 +index cd68a0ae82d31..c85fa85285d93 100644
621 +--- a/sound/core/oss/pcm_oss.c
622 ++++ b/sound/core/oss/pcm_oss.c
623 +@@ -789,6 +789,11 @@ static int snd_pcm_oss_period_size(struct snd_pcm_substream *substream,
624 +
625 + if (oss_period_size < 16)
626 + return -EINVAL;
627 ++
628 ++ /* don't allocate too large period; 1MB period must be enough */
629 ++ if (oss_period_size > 1024 * 1024)
630 ++ return -ENOMEM;
631 ++
632 + runtime->oss.period_bytes = oss_period_size;
633 + runtime->oss.period_frames = 1;
634 + runtime->oss.periods = oss_periods;
635 +@@ -1060,10 +1065,9 @@ static int snd_pcm_oss_change_params_locked(struct snd_pcm_substream *substream)
636 + goto failure;
637 + }
638 + #endif
639 +- oss_period_size *= oss_frame_size;
640 +-
641 +- oss_buffer_size = oss_period_size * runtime->oss.periods;
642 +- if (oss_buffer_size < 0) {
643 ++ oss_period_size = array_size(oss_period_size, oss_frame_size);
644 ++ oss_buffer_size = array_size(oss_period_size, runtime->oss.periods);
645 ++ if (oss_buffer_size <= 0) {
646 + err = -EINVAL;
647 + goto failure;
648 + }
649 +diff --git a/sound/core/oss/pcm_plugin.c b/sound/core/oss/pcm_plugin.c
650 +index da400da1fafe6..8b7bbabeea24b 100644
651 +--- a/sound/core/oss/pcm_plugin.c
652 ++++ b/sound/core/oss/pcm_plugin.c
653 +@@ -61,7 +61,10 @@ static int snd_pcm_plugin_alloc(struct snd_pcm_plugin *plugin, snd_pcm_uframes_t
654 + }
655 + if ((width = snd_pcm_format_physical_width(format->format)) < 0)
656 + return width;
657 +- size = frames * format->channels * width;
658 ++ size = array3_size(frames, format->channels, width);
659 ++ /* check for too large period size once again */
660 ++ if (size > 1024 * 1024)
661 ++ return -ENOMEM;
662 + if (snd_BUG_ON(size % 8))
663 + return -ENXIO;
664 + size /= 8;
665 +diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c
666 +index db62dbe7eaa8a..c92eca6278407 100644
667 +--- a/sound/core/pcm_native.c
668 ++++ b/sound/core/pcm_native.c
669 +@@ -1648,21 +1648,25 @@ static int snd_pcm_do_reset(struct snd_pcm_substream *substream, int state)
670 + int err = substream->ops->ioctl(substream, SNDRV_PCM_IOCTL1_RESET, NULL);
671 + if (err < 0)
672 + return err;
673 ++ snd_pcm_stream_lock_irq(substream);
674 + runtime->hw_ptr_base = 0;
675 + runtime->hw_ptr_interrupt = runtime->status->hw_ptr -
676 + runtime->status->hw_ptr % runtime->period_size;
677 + runtime->silence_start = runtime->status->hw_ptr;
678 + runtime->silence_filled = 0;
679 ++ snd_pcm_stream_unlock_irq(substream);
680 + return 0;
681 + }
682 +
683 + static void snd_pcm_post_reset(struct snd_pcm_substream *substream, int state)
684 + {
685 + struct snd_pcm_runtime *runtime = substream->runtime;
686 ++ snd_pcm_stream_lock_irq(substream);
687 + runtime->control->appl_ptr = runtime->status->hw_ptr;
688 + if (substream->stream == SNDRV_PCM_STREAM_PLAYBACK &&
689 + runtime->silence_size > 0)
690 + snd_pcm_playback_silence(substream, ULONG_MAX);
691 ++ snd_pcm_stream_unlock_irq(substream);
692 + }
693 +
694 + static const struct action_ops snd_pcm_action_reset = {
695 +diff --git a/sound/pci/ac97/ac97_codec.c b/sound/pci/ac97/ac97_codec.c
696 +index 27b468f057dd4..34d75d4fb93f6 100644
697 +--- a/sound/pci/ac97/ac97_codec.c
698 ++++ b/sound/pci/ac97/ac97_codec.c
699 +@@ -958,8 +958,8 @@ static int snd_ac97_ad18xx_pcm_get_volume(struct snd_kcontrol *kcontrol, struct
700 + int codec = kcontrol->private_value & 3;
701 +
702 + mutex_lock(&ac97->page_mutex);
703 +- ucontrol->value.integer.value[0] = 31 - ((ac97->spec.ad18xx.pcmreg[codec] >> 0) & 31);
704 +- ucontrol->value.integer.value[1] = 31 - ((ac97->spec.ad18xx.pcmreg[codec] >> 8) & 31);
705 ++ ucontrol->value.integer.value[0] = 31 - ((ac97->spec.ad18xx.pcmreg[codec] >> 8) & 31);
706 ++ ucontrol->value.integer.value[1] = 31 - ((ac97->spec.ad18xx.pcmreg[codec] >> 0) & 31);
707 + mutex_unlock(&ac97->page_mutex);
708 + return 0;
709 + }
710 +diff --git a/sound/pci/cmipci.c b/sound/pci/cmipci.c
711 +index 452cc79b44af3..79df78a7ec56e 100644
712 +--- a/sound/pci/cmipci.c
713 ++++ b/sound/pci/cmipci.c
714 +@@ -315,7 +315,6 @@ MODULE_PARM_DESC(joystick_port, "Joystick port address.");
715 + #define CM_MICGAINZ 0x01 /* mic boost */
716 + #define CM_MICGAINZ_SHIFT 0
717 +
718 +-#define CM_REG_MIXER3 0x24
719 + #define CM_REG_AUX_VOL 0x26
720 + #define CM_VAUXL_MASK 0xf0
721 + #define CM_VAUXR_MASK 0x0f
722 +@@ -3326,7 +3325,7 @@ static void snd_cmipci_remove(struct pci_dev *pci)
723 + */
724 + static unsigned char saved_regs[] = {
725 + CM_REG_FUNCTRL1, CM_REG_CHFORMAT, CM_REG_LEGACY_CTRL, CM_REG_MISC_CTRL,
726 +- CM_REG_MIXER0, CM_REG_MIXER1, CM_REG_MIXER2, CM_REG_MIXER3, CM_REG_PLL,
727 ++ CM_REG_MIXER0, CM_REG_MIXER1, CM_REG_MIXER2, CM_REG_AUX_VOL, CM_REG_PLL,
728 + CM_REG_CH0_FRAME1, CM_REG_CH0_FRAME2,
729 + CM_REG_CH1_FRAME1, CM_REG_CH1_FRAME2, CM_REG_EXT_MISC,
730 + CM_REG_INT_STATUS, CM_REG_INT_HLDCLR, CM_REG_FUNCTRL0,
731 +diff --git a/sound/soc/sti/uniperif_player.c b/sound/soc/sti/uniperif_player.c
732 +index 4b0beb372cd94..908f13623f8cd 100644
733 +--- a/sound/soc/sti/uniperif_player.c
734 ++++ b/sound/soc/sti/uniperif_player.c
735 +@@ -91,7 +91,7 @@ static irqreturn_t uni_player_irq_handler(int irq, void *dev_id)
736 + SET_UNIPERIF_ITM_BCLR_FIFO_ERROR(player);
737 +
738 + /* Stop the player */
739 +- snd_pcm_stop_xrun(player->substream);
740 ++ snd_pcm_stop(player->substream, SNDRV_PCM_STATE_XRUN);
741 + }
742 +
743 + ret = IRQ_HANDLED;
744 +@@ -105,7 +105,7 @@ static irqreturn_t uni_player_irq_handler(int irq, void *dev_id)
745 + SET_UNIPERIF_ITM_BCLR_DMA_ERROR(player);
746 +
747 + /* Stop the player */
748 +- snd_pcm_stop_xrun(player->substream);
749 ++ snd_pcm_stop(player->substream, SNDRV_PCM_STATE_XRUN);
750 +
751 + ret = IRQ_HANDLED;
752 + }
753 +@@ -138,7 +138,7 @@ static irqreturn_t uni_player_irq_handler(int irq, void *dev_id)
754 + dev_err(player->dev, "Underflow recovery failed\n");
755 +
756 + /* Stop the player */
757 +- snd_pcm_stop_xrun(player->substream);
758 ++ snd_pcm_stop(player->substream, SNDRV_PCM_STATE_XRUN);
759 +
760 + ret = IRQ_HANDLED;
761 + }
762 +diff --git a/sound/soc/sti/uniperif_reader.c b/sound/soc/sti/uniperif_reader.c
763 +index 7b63d35ef428b..ee0055e608529 100644
764 +--- a/sound/soc/sti/uniperif_reader.c
765 ++++ b/sound/soc/sti/uniperif_reader.c
766 +@@ -65,7 +65,7 @@ static irqreturn_t uni_reader_irq_handler(int irq, void *dev_id)
767 + if (unlikely(status & UNIPERIF_ITS_FIFO_ERROR_MASK(reader))) {
768 + dev_err(reader->dev, "FIFO error detected\n");
769 +
770 +- snd_pcm_stop_xrun(reader->substream);
771 ++ snd_pcm_stop(reader->substream, SNDRV_PCM_STATE_XRUN);
772 +
773 + ret = IRQ_HANDLED;
774 + }
775 +diff --git a/sound/usb/mixer_quirks.c b/sound/usb/mixer_quirks.c
776 +index a74e07eff60c3..3bb89fcaa2f5c 100644
777 +--- a/sound/usb/mixer_quirks.c
778 ++++ b/sound/usb/mixer_quirks.c
779 +@@ -1997,9 +1997,10 @@ void snd_usb_mixer_fu_apply_quirk(struct usb_mixer_interface *mixer,
780 + if (unitid == 7 && cval->control == UAC_FU_VOLUME)
781 + snd_dragonfly_quirk_db_scale(mixer, cval, kctl);
782 + break;
783 +- /* lowest playback value is muted on C-Media devices */
784 +- case USB_ID(0x0d8c, 0x000c):
785 +- case USB_ID(0x0d8c, 0x0014):
786 ++ /* lowest playback value is muted on some devices */
787 ++ case USB_ID(0x0d8c, 0x000c): /* C-Media */
788 ++ case USB_ID(0x0d8c, 0x0014): /* C-Media */
789 ++ case USB_ID(0x19f7, 0x0003): /* RODE NT-USB */
790 + if (strstr(kctl->id.name, "Playback"))
791 + cval->min_mute = 1;
792 + break;
Report Message
Find on MARC Find on Google Groups