1 |
commit: f48809380831c2938a424bafa5ce8f1772159597 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Sep 26 14:16:04 2021 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Sep 26 14:16:04 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=f4880938 |
7 |
|
8 |
Linux patch 4.4.285 |
9 |
|
10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
11 |
|
12 |
0000_README | 4 + |
13 |
1284_linux-4.4.285.patch | 674 +++++++++++++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 678 insertions(+) |
15 |
|
16 |
diff --git a/0000_README b/0000_README |
17 |
index b242c5e..bd19b36 100644 |
18 |
--- a/0000_README |
19 |
+++ b/0000_README |
20 |
@@ -1179,6 +1179,10 @@ Patch: 1283_linux-4.4.284.patch |
21 |
From: http://www.kernel.org |
22 |
Desc: Linux 4.4.284 |
23 |
|
24 |
+Patch: 1284_linux-4.4.285.patch |
25 |
+From: http://www.kernel.org |
26 |
+Desc: Linux 4.4.285 |
27 |
+ |
28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
30 |
Desc: Support for namespace user.pax.* on tmpfs. |
31 |
|
32 |
diff --git a/1284_linux-4.4.285.patch b/1284_linux-4.4.285.patch |
33 |
new file mode 100644 |
34 |
index 0000000..99df87c |
35 |
--- /dev/null |
36 |
+++ b/1284_linux-4.4.285.patch |
37 |
@@ -0,0 +1,674 @@ |
38 |
+diff --git a/Makefile b/Makefile |
39 |
+index 05fe3ae4e67aa..96cb7da465043 100644 |
40 |
+--- a/Makefile |
41 |
++++ b/Makefile |
42 |
+@@ -1,6 +1,6 @@ |
43 |
+ VERSION = 4 |
44 |
+ PATCHLEVEL = 4 |
45 |
+-SUBLEVEL = 284 |
46 |
++SUBLEVEL = 285 |
47 |
+ EXTRAVERSION = |
48 |
+ NAME = Blurry Fish Butt |
49 |
+ |
50 |
+diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c |
51 |
+index 8b73ef59a8de6..03ad0455931dc 100644 |
52 |
+--- a/arch/s390/net/bpf_jit_comp.c |
53 |
++++ b/arch/s390/net/bpf_jit_comp.c |
54 |
+@@ -596,10 +596,10 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
55 |
+ EMIT4(0xb9080000, dst_reg, src_reg); |
56 |
+ break; |
57 |
+ case BPF_ALU | BPF_ADD | BPF_K: /* dst = (u32) dst + (u32) imm */ |
58 |
+- if (!imm) |
59 |
+- break; |
60 |
+- /* alfi %dst,imm */ |
61 |
+- EMIT6_IMM(0xc20b0000, dst_reg, imm); |
62 |
++ if (imm != 0) { |
63 |
++ /* alfi %dst,imm */ |
64 |
++ EMIT6_IMM(0xc20b0000, dst_reg, imm); |
65 |
++ } |
66 |
+ EMIT_ZERO(dst_reg); |
67 |
+ break; |
68 |
+ case BPF_ALU64 | BPF_ADD | BPF_K: /* dst = dst + imm */ |
69 |
+@@ -621,10 +621,10 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
70 |
+ EMIT4(0xb9090000, dst_reg, src_reg); |
71 |
+ break; |
72 |
+ case BPF_ALU | BPF_SUB | BPF_K: /* dst = (u32) dst - (u32) imm */ |
73 |
+- if (!imm) |
74 |
+- break; |
75 |
+- /* alfi %dst,-imm */ |
76 |
+- EMIT6_IMM(0xc20b0000, dst_reg, -imm); |
77 |
++ if (imm != 0) { |
78 |
++ /* alfi %dst,-imm */ |
79 |
++ EMIT6_IMM(0xc20b0000, dst_reg, -imm); |
80 |
++ } |
81 |
+ EMIT_ZERO(dst_reg); |
82 |
+ break; |
83 |
+ case BPF_ALU64 | BPF_SUB | BPF_K: /* dst = dst - imm */ |
84 |
+@@ -651,10 +651,10 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
85 |
+ EMIT4(0xb90c0000, dst_reg, src_reg); |
86 |
+ break; |
87 |
+ case BPF_ALU | BPF_MUL | BPF_K: /* dst = (u32) dst * (u32) imm */ |
88 |
+- if (imm == 1) |
89 |
+- break; |
90 |
+- /* msfi %r5,imm */ |
91 |
+- EMIT6_IMM(0xc2010000, dst_reg, imm); |
92 |
++ if (imm != 1) { |
93 |
++ /* msfi %r5,imm */ |
94 |
++ EMIT6_IMM(0xc2010000, dst_reg, imm); |
95 |
++ } |
96 |
+ EMIT_ZERO(dst_reg); |
97 |
+ break; |
98 |
+ case BPF_ALU64 | BPF_MUL | BPF_K: /* dst = dst * imm */ |
99 |
+@@ -715,6 +715,8 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
100 |
+ if (BPF_OP(insn->code) == BPF_MOD) |
101 |
+ /* lhgi %dst,0 */ |
102 |
+ EMIT4_IMM(0xa7090000, dst_reg, 0); |
103 |
++ else |
104 |
++ EMIT_ZERO(dst_reg); |
105 |
+ break; |
106 |
+ } |
107 |
+ /* lhi %w0,0 */ |
108 |
+@@ -807,10 +809,10 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
109 |
+ EMIT4(0xb9820000, dst_reg, src_reg); |
110 |
+ break; |
111 |
+ case BPF_ALU | BPF_XOR | BPF_K: /* dst = (u32) dst ^ (u32) imm */ |
112 |
+- if (!imm) |
113 |
+- break; |
114 |
+- /* xilf %dst,imm */ |
115 |
+- EMIT6_IMM(0xc0070000, dst_reg, imm); |
116 |
++ if (imm != 0) { |
117 |
++ /* xilf %dst,imm */ |
118 |
++ EMIT6_IMM(0xc0070000, dst_reg, imm); |
119 |
++ } |
120 |
+ EMIT_ZERO(dst_reg); |
121 |
+ break; |
122 |
+ case BPF_ALU64 | BPF_XOR | BPF_K: /* dst = dst ^ imm */ |
123 |
+@@ -831,10 +833,10 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
124 |
+ EMIT6_DISP_LH(0xeb000000, 0x000d, dst_reg, dst_reg, src_reg, 0); |
125 |
+ break; |
126 |
+ case BPF_ALU | BPF_LSH | BPF_K: /* dst = (u32) dst << (u32) imm */ |
127 |
+- if (imm == 0) |
128 |
+- break; |
129 |
+- /* sll %dst,imm(%r0) */ |
130 |
+- EMIT4_DISP(0x89000000, dst_reg, REG_0, imm); |
131 |
++ if (imm != 0) { |
132 |
++ /* sll %dst,imm(%r0) */ |
133 |
++ EMIT4_DISP(0x89000000, dst_reg, REG_0, imm); |
134 |
++ } |
135 |
+ EMIT_ZERO(dst_reg); |
136 |
+ break; |
137 |
+ case BPF_ALU64 | BPF_LSH | BPF_K: /* dst = dst << imm */ |
138 |
+@@ -856,10 +858,10 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i |
139 |
+ EMIT6_DISP_LH(0xeb000000, 0x000c, dst_reg, dst_reg, src_reg, 0); |
140 |
+ break; |
141 |
+ case BPF_ALU | BPF_RSH | BPF_K: /* dst = (u32) dst >> (u32) imm */ |
142 |
+- if (imm == 0) |
143 |
+- break; |
144 |
+- /* srl %dst,imm(%r0) */ |
145 |
+- EMIT4_DISP(0x88000000, dst_reg, REG_0, imm); |
146 |
++ if (imm != 0) { |
147 |
++ /* srl %dst,imm(%r0) */ |
148 |
++ EMIT4_DISP(0x88000000, dst_reg, REG_0, imm); |
149 |
++ } |
150 |
+ EMIT_ZERO(dst_reg); |
151 |
+ break; |
152 |
+ case BPF_ALU64 | BPF_RSH | BPF_K: /* dst = dst >> imm */ |
153 |
+diff --git a/block/blk-throttle.c b/block/blk-throttle.c |
154 |
+index 17bdd6b55bebc..fbd08c4569ced 100644 |
155 |
+--- a/block/blk-throttle.c |
156 |
++++ b/block/blk-throttle.c |
157 |
+@@ -1588,6 +1588,7 @@ int blk_throtl_init(struct request_queue *q) |
158 |
+ void blk_throtl_exit(struct request_queue *q) |
159 |
+ { |
160 |
+ BUG_ON(!q->td); |
161 |
++ del_timer_sync(&q->td->service_queue.pending_timer); |
162 |
+ throtl_shutdown_wq(q); |
163 |
+ blkcg_deactivate_policy(q, &blkcg_policy_throtl); |
164 |
+ kfree(q->td); |
165 |
+diff --git a/drivers/base/power/wakeirq.c b/drivers/base/power/wakeirq.c |
166 |
+index ee63ccaea8d57..8c05e7a5e777b 100644 |
167 |
+--- a/drivers/base/power/wakeirq.c |
168 |
++++ b/drivers/base/power/wakeirq.c |
169 |
+@@ -320,7 +320,8 @@ void dev_pm_arm_wake_irq(struct wake_irq *wirq) |
170 |
+ return; |
171 |
+ |
172 |
+ if (device_may_wakeup(wirq->dev)) { |
173 |
+- if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED) |
174 |
++ if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED && |
175 |
++ !pm_runtime_status_suspended(wirq->dev)) |
176 |
+ enable_irq(wirq->irq); |
177 |
+ |
178 |
+ enable_irq_wake(wirq->irq); |
179 |
+@@ -342,7 +343,8 @@ void dev_pm_disarm_wake_irq(struct wake_irq *wirq) |
180 |
+ if (device_may_wakeup(wirq->dev)) { |
181 |
+ disable_irq_wake(wirq->irq); |
182 |
+ |
183 |
+- if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED) |
184 |
++ if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED && |
185 |
++ !pm_runtime_status_suspended(wirq->dev)) |
186 |
+ disable_irq_nosync(wirq->irq); |
187 |
+ } |
188 |
+ } |
189 |
+diff --git a/drivers/dma/Kconfig b/drivers/dma/Kconfig |
190 |
+index e6cd1a32025a9..f450f3d8f63aa 100644 |
191 |
+--- a/drivers/dma/Kconfig |
192 |
++++ b/drivers/dma/Kconfig |
193 |
+@@ -239,7 +239,7 @@ config INTEL_IDMA64 |
194 |
+ |
195 |
+ config INTEL_IOATDMA |
196 |
+ tristate "Intel I/OAT DMA support" |
197 |
+- depends on PCI && X86_64 |
198 |
++ depends on PCI && X86_64 && !UML |
199 |
+ select DMA_ENGINE |
200 |
+ select DMA_ENGINE_RAID |
201 |
+ select DCA |
202 |
+diff --git a/drivers/dma/acpi-dma.c b/drivers/dma/acpi-dma.c |
203 |
+index 16d0daa058a54..eef1b93828c23 100644 |
204 |
+--- a/drivers/dma/acpi-dma.c |
205 |
++++ b/drivers/dma/acpi-dma.c |
206 |
+@@ -15,6 +15,7 @@ |
207 |
+ #include <linux/device.h> |
208 |
+ #include <linux/err.h> |
209 |
+ #include <linux/module.h> |
210 |
++#include <linux/kernel.h> |
211 |
+ #include <linux/list.h> |
212 |
+ #include <linux/mutex.h> |
213 |
+ #include <linux/slab.h> |
214 |
+@@ -71,8 +72,14 @@ static int acpi_dma_parse_resource_group(const struct acpi_csrt_group *grp, |
215 |
+ |
216 |
+ si = (const struct acpi_csrt_shared_info *)&grp[1]; |
217 |
+ |
218 |
+- /* Match device by MMIO and IRQ */ |
219 |
+- if (si->mmio_base_low != mem || si->gsi_interrupt != irq) |
220 |
++ /* Match device by MMIO */ |
221 |
++ if (si->mmio_base_low != lower_32_bits(mem) || |
222 |
++ si->mmio_base_high != upper_32_bits(mem)) |
223 |
++ return 0; |
224 |
++ |
225 |
++ /* Match device by Linux vIRQ */ |
226 |
++ ret = acpi_register_gsi(NULL, si->gsi_interrupt, si->interrupt_mode, si->interrupt_polarity); |
227 |
++ if (ret != irq) |
228 |
+ return 0; |
229 |
+ |
230 |
+ dev_dbg(&adev->dev, "matches with %.4s%04X (rev %u)\n", |
231 |
+diff --git a/drivers/gpu/drm/nouveau/nvkm/engine/device/ctrl.c b/drivers/gpu/drm/nouveau/nvkm/engine/device/ctrl.c |
232 |
+index cf8bc068e9b70..381c59279d7f0 100644 |
233 |
+--- a/drivers/gpu/drm/nouveau/nvkm/engine/device/ctrl.c |
234 |
++++ b/drivers/gpu/drm/nouveau/nvkm/engine/device/ctrl.c |
235 |
+@@ -56,7 +56,7 @@ nvkm_control_mthd_pstate_info(struct nvkm_control *ctrl, void *data, u32 size) |
236 |
+ args->v0.count = 0; |
237 |
+ args->v0.ustate_ac = NVIF_CONTROL_PSTATE_INFO_V0_USTATE_DISABLE; |
238 |
+ args->v0.ustate_dc = NVIF_CONTROL_PSTATE_INFO_V0_USTATE_DISABLE; |
239 |
+- args->v0.pwrsrc = -ENOSYS; |
240 |
++ args->v0.pwrsrc = -ENODEV; |
241 |
+ args->v0.pstate = NVIF_CONTROL_PSTATE_INFO_V0_PSTATE_UNKNOWN; |
242 |
+ } |
243 |
+ |
244 |
+diff --git a/drivers/parisc/dino.c b/drivers/parisc/dino.c |
245 |
+index 8524faf28acb6..88e760c88abaa 100644 |
246 |
+--- a/drivers/parisc/dino.c |
247 |
++++ b/drivers/parisc/dino.c |
248 |
+@@ -160,15 +160,6 @@ struct dino_device |
249 |
+ (struct dino_device *)__pdata; }) |
250 |
+ |
251 |
+ |
252 |
+-/* Check if PCI device is behind a Card-mode Dino. */ |
253 |
+-static int pci_dev_is_behind_card_dino(struct pci_dev *dev) |
254 |
+-{ |
255 |
+- struct dino_device *dino_dev; |
256 |
+- |
257 |
+- dino_dev = DINO_DEV(parisc_walk_tree(dev->bus->bridge)); |
258 |
+- return is_card_dino(&dino_dev->hba.dev->id); |
259 |
+-} |
260 |
+- |
261 |
+ /* |
262 |
+ * Dino Configuration Space Accessor Functions |
263 |
+ */ |
264 |
+@@ -452,6 +443,15 @@ static void quirk_cirrus_cardbus(struct pci_dev *dev) |
265 |
+ DECLARE_PCI_FIXUP_ENABLE(PCI_VENDOR_ID_CIRRUS, PCI_DEVICE_ID_CIRRUS_6832, quirk_cirrus_cardbus ); |
266 |
+ |
267 |
+ #ifdef CONFIG_TULIP |
268 |
++/* Check if PCI device is behind a Card-mode Dino. */ |
269 |
++static int pci_dev_is_behind_card_dino(struct pci_dev *dev) |
270 |
++{ |
271 |
++ struct dino_device *dino_dev; |
272 |
++ |
273 |
++ dino_dev = DINO_DEV(parisc_walk_tree(dev->bus->bridge)); |
274 |
++ return is_card_dino(&dino_dev->hba.dev->id); |
275 |
++} |
276 |
++ |
277 |
+ static void pci_fixup_tulip(struct pci_dev *dev) |
278 |
+ { |
279 |
+ if (!pci_dev_is_behind_card_dino(dev)) |
280 |
+diff --git a/drivers/thermal/samsung/exynos_tmu.c b/drivers/thermal/samsung/exynos_tmu.c |
281 |
+index 16d45a25284f1..a4c0542f61417 100644 |
282 |
+--- a/drivers/thermal/samsung/exynos_tmu.c |
283 |
++++ b/drivers/thermal/samsung/exynos_tmu.c |
284 |
+@@ -1347,6 +1347,7 @@ static int exynos_tmu_probe(struct platform_device *pdev) |
285 |
+ data->sclk = devm_clk_get(&pdev->dev, "tmu_sclk"); |
286 |
+ if (IS_ERR(data->sclk)) { |
287 |
+ dev_err(&pdev->dev, "Failed to get sclk\n"); |
288 |
++ ret = PTR_ERR(data->sclk); |
289 |
+ goto err_clk; |
290 |
+ } else { |
291 |
+ ret = clk_prepare_enable(data->sclk); |
292 |
+diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c |
293 |
+index 9d74cd37b3958..154c47282a340 100644 |
294 |
+--- a/fs/ceph/caps.c |
295 |
++++ b/fs/ceph/caps.c |
296 |
+@@ -1545,6 +1545,8 @@ static int __mark_caps_flushing(struct inode *inode, |
297 |
+ * try to invalidate mapping pages without blocking. |
298 |
+ */ |
299 |
+ static int try_nonblocking_invalidate(struct inode *inode) |
300 |
++ __releases(ci->i_ceph_lock) |
301 |
++ __acquires(ci->i_ceph_lock) |
302 |
+ { |
303 |
+ struct ceph_inode_info *ci = ceph_inode(inode); |
304 |
+ u32 invalidating_gen = ci->i_rdcache_gen; |
305 |
+diff --git a/fs/nilfs2/sysfs.c b/fs/nilfs2/sysfs.c |
306 |
+index c3b629eec294a..49a148ebbcda9 100644 |
307 |
+--- a/fs/nilfs2/sysfs.c |
308 |
++++ b/fs/nilfs2/sysfs.c |
309 |
+@@ -73,11 +73,9 @@ static const struct sysfs_ops nilfs_##name##_attr_ops = { \ |
310 |
+ #define NILFS_DEV_INT_GROUP_TYPE(name, parent_name) \ |
311 |
+ static void nilfs_##name##_attr_release(struct kobject *kobj) \ |
312 |
+ { \ |
313 |
+- struct nilfs_sysfs_##parent_name##_subgroups *subgroups; \ |
314 |
+- struct the_nilfs *nilfs = container_of(kobj->parent, \ |
315 |
+- struct the_nilfs, \ |
316 |
+- ns_##parent_name##_kobj); \ |
317 |
+- subgroups = nilfs->ns_##parent_name##_subgroups; \ |
318 |
++ struct nilfs_sysfs_##parent_name##_subgroups *subgroups = container_of(kobj, \ |
319 |
++ struct nilfs_sysfs_##parent_name##_subgroups, \ |
320 |
++ sg_##name##_kobj); \ |
321 |
+ complete(&subgroups->sg_##name##_kobj_unregister); \ |
322 |
+ } \ |
323 |
+ static struct kobj_type nilfs_##name##_ktype = { \ |
324 |
+@@ -103,12 +101,12 @@ static int nilfs_sysfs_create_##name##_group(struct the_nilfs *nilfs) \ |
325 |
+ err = kobject_init_and_add(kobj, &nilfs_##name##_ktype, parent, \ |
326 |
+ #name); \ |
327 |
+ if (err) \ |
328 |
+- return err; \ |
329 |
+- return 0; \ |
330 |
++ kobject_put(kobj); \ |
331 |
++ return err; \ |
332 |
+ } \ |
333 |
+ static void nilfs_sysfs_delete_##name##_group(struct the_nilfs *nilfs) \ |
334 |
+ { \ |
335 |
+- kobject_del(&nilfs->ns_##parent_name##_subgroups->sg_##name##_kobj); \ |
336 |
++ kobject_put(&nilfs->ns_##parent_name##_subgroups->sg_##name##_kobj); \ |
337 |
+ } |
338 |
+ |
339 |
+ /************************************************************************ |
340 |
+@@ -219,14 +217,14 @@ int nilfs_sysfs_create_snapshot_group(struct nilfs_root *root) |
341 |
+ } |
342 |
+ |
343 |
+ if (err) |
344 |
+- return err; |
345 |
++ kobject_put(&root->snapshot_kobj); |
346 |
+ |
347 |
+- return 0; |
348 |
++ return err; |
349 |
+ } |
350 |
+ |
351 |
+ void nilfs_sysfs_delete_snapshot_group(struct nilfs_root *root) |
352 |
+ { |
353 |
+- kobject_del(&root->snapshot_kobj); |
354 |
++ kobject_put(&root->snapshot_kobj); |
355 |
+ } |
356 |
+ |
357 |
+ /************************************************************************ |
358 |
+@@ -1008,7 +1006,7 @@ int nilfs_sysfs_create_device_group(struct super_block *sb) |
359 |
+ err = kobject_init_and_add(&nilfs->ns_dev_kobj, &nilfs_dev_ktype, NULL, |
360 |
+ "%s", sb->s_id); |
361 |
+ if (err) |
362 |
+- goto free_dev_subgroups; |
363 |
++ goto cleanup_dev_kobject; |
364 |
+ |
365 |
+ err = nilfs_sysfs_create_mounted_snapshots_group(nilfs); |
366 |
+ if (err) |
367 |
+@@ -1045,9 +1043,7 @@ delete_mounted_snapshots_group: |
368 |
+ nilfs_sysfs_delete_mounted_snapshots_group(nilfs); |
369 |
+ |
370 |
+ cleanup_dev_kobject: |
371 |
+- kobject_del(&nilfs->ns_dev_kobj); |
372 |
+- |
373 |
+-free_dev_subgroups: |
374 |
++ kobject_put(&nilfs->ns_dev_kobj); |
375 |
+ kfree(nilfs->ns_dev_subgroups); |
376 |
+ |
377 |
+ failed_create_device_group: |
378 |
+diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h |
379 |
+index eea9bdeecba27..1d24da658f43e 100644 |
380 |
+--- a/include/net/sctp/structs.h |
381 |
++++ b/include/net/sctp/structs.h |
382 |
+@@ -469,7 +469,7 @@ struct sctp_af { |
383 |
+ int saddr); |
384 |
+ void (*from_sk) (union sctp_addr *, |
385 |
+ struct sock *sk); |
386 |
+- void (*from_addr_param) (union sctp_addr *, |
387 |
++ bool (*from_addr_param) (union sctp_addr *, |
388 |
+ union sctp_addr_param *, |
389 |
+ __be16 port, int iif); |
390 |
+ int (*to_addr_param) (const union sctp_addr *, |
391 |
+diff --git a/kernel/profile.c b/kernel/profile.c |
392 |
+index 9cd8e18e6f18e..927a0345e259f 100644 |
393 |
+--- a/kernel/profile.c |
394 |
++++ b/kernel/profile.c |
395 |
+@@ -38,7 +38,8 @@ struct profile_hit { |
396 |
+ #define NR_PROFILE_GRP (NR_PROFILE_HIT/PROFILE_GRPSZ) |
397 |
+ |
398 |
+ static atomic_t *prof_buffer; |
399 |
+-static unsigned long prof_len, prof_shift; |
400 |
++static unsigned long prof_len; |
401 |
++static unsigned short int prof_shift; |
402 |
+ |
403 |
+ int prof_on __read_mostly; |
404 |
+ EXPORT_SYMBOL_GPL(prof_on); |
405 |
+@@ -63,8 +64,8 @@ int profile_setup(char *str) |
406 |
+ if (str[strlen(sleepstr)] == ',') |
407 |
+ str += strlen(sleepstr) + 1; |
408 |
+ if (get_option(&str, &par)) |
409 |
+- prof_shift = par; |
410 |
+- pr_info("kernel sleep profiling enabled (shift: %ld)\n", |
411 |
++ prof_shift = clamp(par, 0, BITS_PER_LONG - 1); |
412 |
++ pr_info("kernel sleep profiling enabled (shift: %u)\n", |
413 |
+ prof_shift); |
414 |
+ #else |
415 |
+ pr_warn("kernel sleep profiling requires CONFIG_SCHEDSTATS\n"); |
416 |
+@@ -74,21 +75,21 @@ int profile_setup(char *str) |
417 |
+ if (str[strlen(schedstr)] == ',') |
418 |
+ str += strlen(schedstr) + 1; |
419 |
+ if (get_option(&str, &par)) |
420 |
+- prof_shift = par; |
421 |
+- pr_info("kernel schedule profiling enabled (shift: %ld)\n", |
422 |
++ prof_shift = clamp(par, 0, BITS_PER_LONG - 1); |
423 |
++ pr_info("kernel schedule profiling enabled (shift: %u)\n", |
424 |
+ prof_shift); |
425 |
+ } else if (!strncmp(str, kvmstr, strlen(kvmstr))) { |
426 |
+ prof_on = KVM_PROFILING; |
427 |
+ if (str[strlen(kvmstr)] == ',') |
428 |
+ str += strlen(kvmstr) + 1; |
429 |
+ if (get_option(&str, &par)) |
430 |
+- prof_shift = par; |
431 |
+- pr_info("kernel KVM profiling enabled (shift: %ld)\n", |
432 |
++ prof_shift = clamp(par, 0, BITS_PER_LONG - 1); |
433 |
++ pr_info("kernel KVM profiling enabled (shift: %u)\n", |
434 |
+ prof_shift); |
435 |
+ } else if (get_option(&str, &par)) { |
436 |
+- prof_shift = par; |
437 |
++ prof_shift = clamp(par, 0, BITS_PER_LONG - 1); |
438 |
+ prof_on = CPU_PROFILING; |
439 |
+- pr_info("kernel profiling enabled (shift: %ld)\n", |
440 |
++ pr_info("kernel profiling enabled (shift: %u)\n", |
441 |
+ prof_shift); |
442 |
+ } |
443 |
+ return 1; |
444 |
+@@ -475,7 +476,7 @@ read_profile(struct file *file, char __user *buf, size_t count, loff_t *ppos) |
445 |
+ unsigned long p = *ppos; |
446 |
+ ssize_t read; |
447 |
+ char *pnt; |
448 |
+- unsigned int sample_step = 1 << prof_shift; |
449 |
++ unsigned long sample_step = 1UL << prof_shift; |
450 |
+ |
451 |
+ profile_flip_buffers(); |
452 |
+ if (p >= (prof_len+1)*sizeof(unsigned int)) |
453 |
+diff --git a/kernel/sys.c b/kernel/sys.c |
454 |
+index e98664039cb23..ee8d83885367c 100644 |
455 |
+--- a/kernel/sys.c |
456 |
++++ b/kernel/sys.c |
457 |
+@@ -1774,13 +1774,6 @@ static int validate_prctl_map(struct prctl_mm_map *prctl_map) |
458 |
+ |
459 |
+ error = -EINVAL; |
460 |
+ |
461 |
+- /* |
462 |
+- * @brk should be after @end_data in traditional maps. |
463 |
+- */ |
464 |
+- if (prctl_map->start_brk <= prctl_map->end_data || |
465 |
+- prctl_map->brk <= prctl_map->end_data) |
466 |
+- goto out; |
467 |
+- |
468 |
+ /* |
469 |
+ * Neither we should allow to override limits if they set. |
470 |
+ */ |
471 |
+diff --git a/net/9p/trans_virtio.c b/net/9p/trans_virtio.c |
472 |
+index 5892bd1457d4f..252a4c22898e9 100644 |
473 |
+--- a/net/9p/trans_virtio.c |
474 |
++++ b/net/9p/trans_virtio.c |
475 |
+@@ -605,7 +605,7 @@ static int p9_virtio_probe(struct virtio_device *vdev) |
476 |
+ chan->vc_wq = kmalloc(sizeof(wait_queue_head_t), GFP_KERNEL); |
477 |
+ if (!chan->vc_wq) { |
478 |
+ err = -ENOMEM; |
479 |
+- goto out_free_tag; |
480 |
++ goto out_remove_file; |
481 |
+ } |
482 |
+ init_waitqueue_head(chan->vc_wq); |
483 |
+ chan->ring_bufs_avail = 1; |
484 |
+@@ -623,6 +623,8 @@ static int p9_virtio_probe(struct virtio_device *vdev) |
485 |
+ |
486 |
+ return 0; |
487 |
+ |
488 |
++out_remove_file: |
489 |
++ sysfs_remove_file(&vdev->dev.kobj, &dev_attr_mount_tag.attr); |
490 |
+ out_free_tag: |
491 |
+ kfree(tag); |
492 |
+ out_free_vq: |
493 |
+diff --git a/net/sctp/bind_addr.c b/net/sctp/bind_addr.c |
494 |
+index 664215448d09f..40fd399a10356 100644 |
495 |
+--- a/net/sctp/bind_addr.c |
496 |
++++ b/net/sctp/bind_addr.c |
497 |
+@@ -284,19 +284,15 @@ int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list, |
498 |
+ rawaddr = (union sctp_addr_param *)raw_addr_list; |
499 |
+ |
500 |
+ af = sctp_get_af_specific(param_type2af(param->type)); |
501 |
+- if (unlikely(!af)) { |
502 |
++ if (unlikely(!af) || |
503 |
++ !af->from_addr_param(&addr, rawaddr, htons(port), 0)) { |
504 |
+ retval = -EINVAL; |
505 |
+- sctp_bind_addr_clean(bp); |
506 |
+- break; |
507 |
++ goto out_err; |
508 |
+ } |
509 |
+ |
510 |
+- af->from_addr_param(&addr, rawaddr, htons(port), 0); |
511 |
+ retval = sctp_add_bind_addr(bp, &addr, SCTP_ADDR_SRC, gfp); |
512 |
+- if (retval) { |
513 |
+- /* Can't finish building the list, clean up. */ |
514 |
+- sctp_bind_addr_clean(bp); |
515 |
+- break; |
516 |
+- } |
517 |
++ if (retval) |
518 |
++ goto out_err; |
519 |
+ |
520 |
+ len = ntohs(param->length); |
521 |
+ addrs_len -= len; |
522 |
+@@ -304,6 +300,12 @@ int sctp_raw_to_bind_addrs(struct sctp_bind_addr *bp, __u8 *raw_addr_list, |
523 |
+ } |
524 |
+ |
525 |
+ return retval; |
526 |
++ |
527 |
++out_err: |
528 |
++ if (retval) |
529 |
++ sctp_bind_addr_clean(bp); |
530 |
++ |
531 |
++ return retval; |
532 |
+ } |
533 |
+ |
534 |
+ /******************************************************************** |
535 |
+diff --git a/net/sctp/input.c b/net/sctp/input.c |
536 |
+index 9dcc18db99186..3f0b8aafc21ae 100644 |
537 |
+--- a/net/sctp/input.c |
538 |
++++ b/net/sctp/input.c |
539 |
+@@ -972,7 +972,8 @@ static struct sctp_association *__sctp_rcv_init_lookup(struct net *net, |
540 |
+ if (!af) |
541 |
+ continue; |
542 |
+ |
543 |
+- af->from_addr_param(paddr, params.addr, sh->source, 0); |
544 |
++ if (!af->from_addr_param(paddr, params.addr, sh->source, 0)) |
545 |
++ continue; |
546 |
+ |
547 |
+ asoc = __sctp_lookup_association(net, laddr, paddr, &transport); |
548 |
+ if (asoc) |
549 |
+@@ -1008,6 +1009,9 @@ static struct sctp_association *__sctp_rcv_asconf_lookup( |
550 |
+ union sctp_addr_param *param; |
551 |
+ union sctp_addr paddr; |
552 |
+ |
553 |
++ if (ntohs(ch->length) < sizeof(*asconf) + sizeof(struct sctp_paramhdr)) |
554 |
++ return NULL; |
555 |
++ |
556 |
+ /* Skip over the ADDIP header and find the Address parameter */ |
557 |
+ param = (union sctp_addr_param *)(asconf + 1); |
558 |
+ |
559 |
+@@ -1015,7 +1019,8 @@ static struct sctp_association *__sctp_rcv_asconf_lookup( |
560 |
+ if (unlikely(!af)) |
561 |
+ return NULL; |
562 |
+ |
563 |
+- af->from_addr_param(&paddr, param, peer_port, 0); |
564 |
++ if (af->from_addr_param(&paddr, param, peer_port, 0)) |
565 |
++ return NULL; |
566 |
+ |
567 |
+ return __sctp_lookup_association(net, laddr, &paddr, transportp); |
568 |
+ } |
569 |
+diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c |
570 |
+index 1a6849add0e34..62c729402a049 100644 |
571 |
+--- a/net/sctp/ipv6.c |
572 |
++++ b/net/sctp/ipv6.c |
573 |
+@@ -488,15 +488,20 @@ static void sctp_v6_to_sk_daddr(union sctp_addr *addr, struct sock *sk) |
574 |
+ } |
575 |
+ |
576 |
+ /* Initialize a sctp_addr from an address parameter. */ |
577 |
+-static void sctp_v6_from_addr_param(union sctp_addr *addr, |
578 |
++static bool sctp_v6_from_addr_param(union sctp_addr *addr, |
579 |
+ union sctp_addr_param *param, |
580 |
+ __be16 port, int iif) |
581 |
+ { |
582 |
++ if (ntohs(param->v6.param_hdr.length) < sizeof(struct sctp_ipv6addr_param)) |
583 |
++ return false; |
584 |
++ |
585 |
+ addr->v6.sin6_family = AF_INET6; |
586 |
+ addr->v6.sin6_port = port; |
587 |
+ addr->v6.sin6_flowinfo = 0; /* BUG */ |
588 |
+ addr->v6.sin6_addr = param->v6.addr; |
589 |
+ addr->v6.sin6_scope_id = iif; |
590 |
++ |
591 |
++ return true; |
592 |
+ } |
593 |
+ |
594 |
+ /* Initialize an address parameter from a sctp_addr and return the length |
595 |
+diff --git a/net/sctp/protocol.c b/net/sctp/protocol.c |
596 |
+index 8c62792658b62..510b805aab2de 100644 |
597 |
+--- a/net/sctp/protocol.c |
598 |
++++ b/net/sctp/protocol.c |
599 |
+@@ -272,14 +272,19 @@ static void sctp_v4_to_sk_daddr(union sctp_addr *addr, struct sock *sk) |
600 |
+ } |
601 |
+ |
602 |
+ /* Initialize a sctp_addr from an address parameter. */ |
603 |
+-static void sctp_v4_from_addr_param(union sctp_addr *addr, |
604 |
++static bool sctp_v4_from_addr_param(union sctp_addr *addr, |
605 |
+ union sctp_addr_param *param, |
606 |
+ __be16 port, int iif) |
607 |
+ { |
608 |
++ if (ntohs(param->v4.param_hdr.length) < sizeof(struct sctp_ipv4addr_param)) |
609 |
++ return false; |
610 |
++ |
611 |
+ addr->v4.sin_family = AF_INET; |
612 |
+ addr->v4.sin_port = port; |
613 |
+ addr->v4.sin_addr.s_addr = param->v4.addr.s_addr; |
614 |
+ memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero)); |
615 |
++ |
616 |
++ return true; |
617 |
+ } |
618 |
+ |
619 |
+ /* Initialize an address parameter from a sctp_addr and return the length |
620 |
+diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c |
621 |
+index 9de03d2e5da9f..d31e0d6c641bb 100644 |
622 |
+--- a/net/sctp/sm_make_chunk.c |
623 |
++++ b/net/sctp/sm_make_chunk.c |
624 |
+@@ -2146,9 +2146,16 @@ static sctp_ierror_t sctp_verify_param(struct net *net, |
625 |
+ break; |
626 |
+ |
627 |
+ case SCTP_PARAM_SET_PRIMARY: |
628 |
+- if (net->sctp.addip_enable) |
629 |
+- break; |
630 |
+- goto fallthrough; |
631 |
++ if (!net->sctp.addip_enable) |
632 |
++ goto fallthrough; |
633 |
++ |
634 |
++ if (ntohs(param.p->length) < sizeof(struct sctp_addip_param) + |
635 |
++ sizeof(struct sctp_paramhdr)) { |
636 |
++ sctp_process_inv_paramlength(asoc, param.p, |
637 |
++ chunk, err_chunk); |
638 |
++ retval = SCTP_IERROR_ABORT; |
639 |
++ } |
640 |
++ break; |
641 |
+ |
642 |
+ case SCTP_PARAM_HOST_NAME_ADDRESS: |
643 |
+ /* Tell the peer, we won't support this param. */ |
644 |
+@@ -2326,11 +2333,13 @@ int sctp_process_init(struct sctp_association *asoc, struct sctp_chunk *chunk, |
645 |
+ |
646 |
+ /* Process the initialization parameters. */ |
647 |
+ sctp_walk_params(param, peer_init, init_hdr.params) { |
648 |
+- if (!src_match && (param.p->type == SCTP_PARAM_IPV4_ADDRESS || |
649 |
+- param.p->type == SCTP_PARAM_IPV6_ADDRESS)) { |
650 |
++ if (!src_match && |
651 |
++ (param.p->type == SCTP_PARAM_IPV4_ADDRESS || |
652 |
++ param.p->type == SCTP_PARAM_IPV6_ADDRESS)) { |
653 |
+ af = sctp_get_af_specific(param_type2af(param.p->type)); |
654 |
+- af->from_addr_param(&addr, param.addr, |
655 |
+- chunk->sctp_hdr->source, 0); |
656 |
++ if (!af->from_addr_param(&addr, param.addr, |
657 |
++ chunk->sctp_hdr->source, 0)) |
658 |
++ continue; |
659 |
+ if (sctp_cmp_addr_exact(sctp_source(chunk), &addr)) |
660 |
+ src_match = 1; |
661 |
+ } |
662 |
+@@ -2524,7 +2533,8 @@ static int sctp_process_param(struct sctp_association *asoc, |
663 |
+ break; |
664 |
+ do_addr_param: |
665 |
+ af = sctp_get_af_specific(param_type2af(param.p->type)); |
666 |
+- af->from_addr_param(&addr, param.addr, htons(asoc->peer.port), 0); |
667 |
++ if (!af->from_addr_param(&addr, param.addr, htons(asoc->peer.port), 0)) |
668 |
++ break; |
669 |
+ scope = sctp_scope(peer_addr); |
670 |
+ if (sctp_in_scope(net, &addr, scope)) |
671 |
+ if (!sctp_assoc_add_peer(asoc, &addr, gfp, SCTP_UNCONFIRMED)) |
672 |
+@@ -2617,15 +2627,13 @@ do_addr_param: |
673 |
+ addr_param = param.v + sizeof(sctp_addip_param_t); |
674 |
+ |
675 |
+ af = sctp_get_af_specific(param_type2af(addr_param->p.type)); |
676 |
+- if (af == NULL) |
677 |
++ if (!af) |
678 |
+ break; |
679 |
+ |
680 |
+- af->from_addr_param(&addr, addr_param, |
681 |
+- htons(asoc->peer.port), 0); |
682 |
++ if (!af->from_addr_param(&addr, addr_param, |
683 |
++ htons(asoc->peer.port), 0)) |
684 |
++ break; |
685 |
+ |
686 |
+- /* if the address is invalid, we can't process it. |
687 |
+- * XXX: see spec for what to do. |
688 |
+- */ |
689 |
+ if (!af->addr_valid(&addr, NULL, NULL)) |
690 |
+ break; |
691 |
+ |
692 |
+@@ -3035,7 +3043,8 @@ static __be16 sctp_process_asconf_param(struct sctp_association *asoc, |
693 |
+ if (unlikely(!af)) |
694 |
+ return SCTP_ERROR_DNS_FAILED; |
695 |
+ |
696 |
+- af->from_addr_param(&addr, addr_param, htons(asoc->peer.port), 0); |
697 |
++ if (!af->from_addr_param(&addr, addr_param, htons(asoc->peer.port), 0)) |
698 |
++ return SCTP_ERROR_DNS_FAILED; |
699 |
+ |
700 |
+ /* ADDIP 4.2.1 This parameter MUST NOT contain a broadcast |
701 |
+ * or multicast address. |
702 |
+@@ -3301,7 +3310,8 @@ static void sctp_asconf_param_success(struct sctp_association *asoc, |
703 |
+ |
704 |
+ /* We have checked the packet before, so we do not check again. */ |
705 |
+ af = sctp_get_af_specific(param_type2af(addr_param->p.type)); |
706 |
+- af->from_addr_param(&addr, addr_param, htons(bp->port), 0); |
707 |
++ if (!af->from_addr_param(&addr, addr_param, htons(bp->port), 0)) |
708 |
++ return; |
709 |
+ |
710 |
+ switch (asconf_param->param_hdr.type) { |
711 |
+ case SCTP_PARAM_ADD_IP: |