1 |
commit: fe21ecac863d9081e7be747ad3e6c68678732bbd |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Jan 5 12:56:07 2022 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Jan 5 12:56:07 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=fe21ecac |
7 |
|
8 |
Linux patch 4.14.261 |
9 |
|
10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
11 |
|
12 |
0000_README | 4 + |
13 |
1260_linux-4.14.261.patch | 873 ++++++++++++++++++++++++++++++++++++++++++++++ |
14 |
2 files changed, 877 insertions(+) |
15 |
|
16 |
diff --git a/0000_README b/0000_README |
17 |
index a35bbc39..cb71c828 100644 |
18 |
--- a/0000_README |
19 |
+++ b/0000_README |
20 |
@@ -1087,6 +1087,10 @@ Patch: 1259_linux-4.14.260.patch |
21 |
From: https://www.kernel.org |
22 |
Desc: Linux 4.14.260 |
23 |
|
24 |
+Patch: 1260_linux-4.14.261.patch |
25 |
+From: https://www.kernel.org |
26 |
+Desc: Linux 4.14.261 |
27 |
+ |
28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
30 |
Desc: Support for namespace user.pax.* on tmpfs. |
31 |
|
32 |
diff --git a/1260_linux-4.14.261.patch b/1260_linux-4.14.261.patch |
33 |
new file mode 100644 |
34 |
index 00000000..34c7f687 |
35 |
--- /dev/null |
36 |
+++ b/1260_linux-4.14.261.patch |
37 |
@@ -0,0 +1,873 @@ |
38 |
+diff --git a/Makefile b/Makefile |
39 |
+index 8a87f5c06a830..38e64d636717b 100644 |
40 |
+--- a/Makefile |
41 |
++++ b/Makefile |
42 |
+@@ -1,7 +1,7 @@ |
43 |
+ # SPDX-License-Identifier: GPL-2.0 |
44 |
+ VERSION = 4 |
45 |
+ PATCHLEVEL = 14 |
46 |
+-SUBLEVEL = 260 |
47 |
++SUBLEVEL = 261 |
48 |
+ EXTRAVERSION = |
49 |
+ NAME = Petit Gorille |
50 |
+ |
51 |
+diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c |
52 |
+index f89ea0866892c..1687368ea71f3 100644 |
53 |
+--- a/drivers/android/binder_alloc.c |
54 |
++++ b/drivers/android/binder_alloc.c |
55 |
+@@ -619,7 +619,7 @@ static void binder_free_buf_locked(struct binder_alloc *alloc, |
56 |
+ BUG_ON(buffer->data > alloc->buffer + alloc->buffer_size); |
57 |
+ |
58 |
+ if (buffer->async_transaction) { |
59 |
+- alloc->free_async_space += size + sizeof(struct binder_buffer); |
60 |
++ alloc->free_async_space += buffer_size + sizeof(struct binder_buffer); |
61 |
+ |
62 |
+ binder_alloc_debug(BINDER_DEBUG_BUFFER_ALLOC_ASYNC, |
63 |
+ "%d: binder_free_buf size %zd async free %zd\n", |
64 |
+diff --git a/drivers/hid/Kconfig b/drivers/hid/Kconfig |
65 |
+index 5f5580fbd3518..a4fb3fccf1b28 100644 |
66 |
+--- a/drivers/hid/Kconfig |
67 |
++++ b/drivers/hid/Kconfig |
68 |
+@@ -148,6 +148,7 @@ config HID_APPLEIR |
69 |
+ |
70 |
+ config HID_ASUS |
71 |
+ tristate "Asus" |
72 |
++ depends on USB_HID |
73 |
+ depends on LEDS_CLASS |
74 |
+ ---help--- |
75 |
+ Support for Asus notebook built-in keyboard and touchpad via i2c, and |
76 |
+diff --git a/drivers/input/joystick/spaceball.c b/drivers/input/joystick/spaceball.c |
77 |
+index e9712a1b7cad9..43bc432e1d3aa 100644 |
78 |
+--- a/drivers/input/joystick/spaceball.c |
79 |
++++ b/drivers/input/joystick/spaceball.c |
80 |
+@@ -35,6 +35,7 @@ |
81 |
+ #include <linux/module.h> |
82 |
+ #include <linux/input.h> |
83 |
+ #include <linux/serio.h> |
84 |
++#include <asm/unaligned.h> |
85 |
+ |
86 |
+ #define DRIVER_DESC "SpaceTec SpaceBall 2003/3003/4000 FLX driver" |
87 |
+ |
88 |
+@@ -91,9 +92,15 @@ static void spaceball_process_packet(struct spaceball* spaceball) |
89 |
+ |
90 |
+ case 'D': /* Ball data */ |
91 |
+ if (spaceball->idx != 15) return; |
92 |
+- for (i = 0; i < 6; i++) |
93 |
++ /* |
94 |
++ * Skip first three bytes; read six axes worth of data. |
95 |
++ * Axis values are signed 16-bit big-endian. |
96 |
++ */ |
97 |
++ data += 3; |
98 |
++ for (i = 0; i < ARRAY_SIZE(spaceball_axes); i++) { |
99 |
+ input_report_abs(dev, spaceball_axes[i], |
100 |
+- (__s16)((data[2 * i + 3] << 8) | data[2 * i + 2])); |
101 |
++ (__s16)get_unaligned_be16(&data[i * 2])); |
102 |
++ } |
103 |
+ break; |
104 |
+ |
105 |
+ case 'K': /* Button data */ |
106 |
+diff --git a/drivers/input/mouse/appletouch.c b/drivers/input/mouse/appletouch.c |
107 |
+index 81a695d0b4e04..5b4f15a232935 100644 |
108 |
+--- a/drivers/input/mouse/appletouch.c |
109 |
++++ b/drivers/input/mouse/appletouch.c |
110 |
+@@ -929,6 +929,8 @@ static int atp_probe(struct usb_interface *iface, |
111 |
+ set_bit(BTN_TOOL_TRIPLETAP, input_dev->keybit); |
112 |
+ set_bit(BTN_LEFT, input_dev->keybit); |
113 |
+ |
114 |
++ INIT_WORK(&dev->work, atp_reinit); |
115 |
++ |
116 |
+ error = input_register_device(dev->input); |
117 |
+ if (error) |
118 |
+ goto err_free_buffer; |
119 |
+@@ -936,8 +938,6 @@ static int atp_probe(struct usb_interface *iface, |
120 |
+ /* save our data pointer in this interface device */ |
121 |
+ usb_set_intfdata(iface, dev); |
122 |
+ |
123 |
+- INIT_WORK(&dev->work, atp_reinit); |
124 |
+- |
125 |
+ return 0; |
126 |
+ |
127 |
+ err_free_buffer: |
128 |
+diff --git a/drivers/net/ethernet/freescale/fman/fman_port.c b/drivers/net/ethernet/freescale/fman/fman_port.c |
129 |
+index ac3d791f52821..b7295f21aa580 100644 |
130 |
+--- a/drivers/net/ethernet/freescale/fman/fman_port.c |
131 |
++++ b/drivers/net/ethernet/freescale/fman/fman_port.c |
132 |
+@@ -1779,7 +1779,7 @@ static int fman_port_probe(struct platform_device *of_dev) |
133 |
+ fman = dev_get_drvdata(&fm_pdev->dev); |
134 |
+ if (!fman) { |
135 |
+ err = -EINVAL; |
136 |
+- goto return_err; |
137 |
++ goto put_device; |
138 |
+ } |
139 |
+ |
140 |
+ err = of_property_read_u32(port_node, "cell-index", &val); |
141 |
+@@ -1787,7 +1787,7 @@ static int fman_port_probe(struct platform_device *of_dev) |
142 |
+ dev_err(port->dev, "%s: reading cell-index for %pOF failed\n", |
143 |
+ __func__, port_node); |
144 |
+ err = -EINVAL; |
145 |
+- goto return_err; |
146 |
++ goto put_device; |
147 |
+ } |
148 |
+ port_id = (u8)val; |
149 |
+ port->dts_params.id = port_id; |
150 |
+@@ -1821,7 +1821,7 @@ static int fman_port_probe(struct platform_device *of_dev) |
151 |
+ } else { |
152 |
+ dev_err(port->dev, "%s: Illegal port type\n", __func__); |
153 |
+ err = -EINVAL; |
154 |
+- goto return_err; |
155 |
++ goto put_device; |
156 |
+ } |
157 |
+ |
158 |
+ port->dts_params.type = port_type; |
159 |
+@@ -1835,7 +1835,7 @@ static int fman_port_probe(struct platform_device *of_dev) |
160 |
+ dev_err(port->dev, "%s: incorrect qman-channel-id\n", |
161 |
+ __func__); |
162 |
+ err = -EINVAL; |
163 |
+- goto return_err; |
164 |
++ goto put_device; |
165 |
+ } |
166 |
+ port->dts_params.qman_channel_id = qman_channel_id; |
167 |
+ } |
168 |
+@@ -1845,7 +1845,7 @@ static int fman_port_probe(struct platform_device *of_dev) |
169 |
+ dev_err(port->dev, "%s: of_address_to_resource() failed\n", |
170 |
+ __func__); |
171 |
+ err = -ENOMEM; |
172 |
+- goto return_err; |
173 |
++ goto put_device; |
174 |
+ } |
175 |
+ |
176 |
+ port->dts_params.fman = fman; |
177 |
+@@ -1870,6 +1870,8 @@ static int fman_port_probe(struct platform_device *of_dev) |
178 |
+ |
179 |
+ return 0; |
180 |
+ |
181 |
++put_device: |
182 |
++ put_device(&fm_pdev->dev); |
183 |
+ return_err: |
184 |
+ of_node_put(port_node); |
185 |
+ free_port: |
186 |
+diff --git a/drivers/net/usb/pegasus.c b/drivers/net/usb/pegasus.c |
187 |
+index d18a283a0ccff..408b996ff4dfb 100644 |
188 |
+--- a/drivers/net/usb/pegasus.c |
189 |
++++ b/drivers/net/usb/pegasus.c |
190 |
+@@ -498,11 +498,11 @@ static void read_bulk_callback(struct urb *urb) |
191 |
+ goto goon; |
192 |
+ |
193 |
+ rx_status = buf[count - 2]; |
194 |
+- if (rx_status & 0x1e) { |
195 |
++ if (rx_status & 0x1c) { |
196 |
+ netif_dbg(pegasus, rx_err, net, |
197 |
+ "RX packet error %x\n", rx_status); |
198 |
+ net->stats.rx_errors++; |
199 |
+- if (rx_status & 0x06) /* long or runt */ |
200 |
++ if (rx_status & 0x04) /* runt */ |
201 |
+ net->stats.rx_length_errors++; |
202 |
+ if (rx_status & 0x08) |
203 |
+ net->stats.rx_crc_errors++; |
204 |
+diff --git a/drivers/nfc/st21nfca/i2c.c b/drivers/nfc/st21nfca/i2c.c |
205 |
+index cd1f7bfa75ebe..dc9dd66cf6735 100644 |
206 |
+--- a/drivers/nfc/st21nfca/i2c.c |
207 |
++++ b/drivers/nfc/st21nfca/i2c.c |
208 |
+@@ -544,7 +544,8 @@ static int st21nfca_hci_i2c_probe(struct i2c_client *client, |
209 |
+ phy->gpiod_ena = devm_gpiod_get(dev, "enable", GPIOD_OUT_LOW); |
210 |
+ if (IS_ERR(phy->gpiod_ena)) { |
211 |
+ nfc_err(dev, "Unable to get ENABLE GPIO\n"); |
212 |
+- return PTR_ERR(phy->gpiod_ena); |
213 |
++ r = PTR_ERR(phy->gpiod_ena); |
214 |
++ goto out_free; |
215 |
+ } |
216 |
+ |
217 |
+ phy->se_status.is_ese_present = |
218 |
+@@ -555,7 +556,7 @@ static int st21nfca_hci_i2c_probe(struct i2c_client *client, |
219 |
+ r = st21nfca_hci_platform_init(phy); |
220 |
+ if (r < 0) { |
221 |
+ nfc_err(&client->dev, "Unable to reboot st21nfca\n"); |
222 |
+- return r; |
223 |
++ goto out_free; |
224 |
+ } |
225 |
+ |
226 |
+ r = devm_request_threaded_irq(&client->dev, client->irq, NULL, |
227 |
+@@ -564,15 +565,23 @@ static int st21nfca_hci_i2c_probe(struct i2c_client *client, |
228 |
+ ST21NFCA_HCI_DRIVER_NAME, phy); |
229 |
+ if (r < 0) { |
230 |
+ nfc_err(&client->dev, "Unable to register IRQ handler\n"); |
231 |
+- return r; |
232 |
++ goto out_free; |
233 |
+ } |
234 |
+ |
235 |
+- return st21nfca_hci_probe(phy, &i2c_phy_ops, LLC_SHDLC_NAME, |
236 |
+- ST21NFCA_FRAME_HEADROOM, |
237 |
+- ST21NFCA_FRAME_TAILROOM, |
238 |
+- ST21NFCA_HCI_LLC_MAX_PAYLOAD, |
239 |
+- &phy->hdev, |
240 |
+- &phy->se_status); |
241 |
++ r = st21nfca_hci_probe(phy, &i2c_phy_ops, LLC_SHDLC_NAME, |
242 |
++ ST21NFCA_FRAME_HEADROOM, |
243 |
++ ST21NFCA_FRAME_TAILROOM, |
244 |
++ ST21NFCA_HCI_LLC_MAX_PAYLOAD, |
245 |
++ &phy->hdev, |
246 |
++ &phy->se_status); |
247 |
++ if (r) |
248 |
++ goto out_free; |
249 |
++ |
250 |
++ return 0; |
251 |
++ |
252 |
++out_free: |
253 |
++ kfree_skb(phy->pending_skb); |
254 |
++ return r; |
255 |
+ } |
256 |
+ |
257 |
+ static int st21nfca_hci_i2c_remove(struct i2c_client *client) |
258 |
+@@ -585,6 +594,8 @@ static int st21nfca_hci_i2c_remove(struct i2c_client *client) |
259 |
+ |
260 |
+ if (phy->powered) |
261 |
+ st21nfca_hci_i2c_disable(phy); |
262 |
++ if (phy->pending_skb) |
263 |
++ kfree_skb(phy->pending_skb); |
264 |
+ |
265 |
+ return 0; |
266 |
+ } |
267 |
+diff --git a/drivers/platform/x86/apple-gmux.c b/drivers/platform/x86/apple-gmux.c |
268 |
+index 7c4eb86c851ed..5463d740f3523 100644 |
269 |
+--- a/drivers/platform/x86/apple-gmux.c |
270 |
++++ b/drivers/platform/x86/apple-gmux.c |
271 |
+@@ -628,7 +628,7 @@ static int gmux_probe(struct pnp_dev *pnp, const struct pnp_device_id *id) |
272 |
+ } |
273 |
+ |
274 |
+ gmux_data->iostart = res->start; |
275 |
+- gmux_data->iolen = res->end - res->start; |
276 |
++ gmux_data->iolen = resource_size(res); |
277 |
+ |
278 |
+ if (gmux_data->iolen < GMUX_MIN_IO_LEN) { |
279 |
+ pr_err("gmux I/O region too small (%lu < %u)\n", |
280 |
+diff --git a/drivers/scsi/lpfc/lpfc_debugfs.c b/drivers/scsi/lpfc/lpfc_debugfs.c |
281 |
+index c77ad2b78ce49..39a1c9e18c0ea 100644 |
282 |
+--- a/drivers/scsi/lpfc/lpfc_debugfs.c |
283 |
++++ b/drivers/scsi/lpfc/lpfc_debugfs.c |
284 |
+@@ -2177,8 +2177,8 @@ lpfc_debugfs_nvmeio_trc_write(struct file *file, const char __user *buf, |
285 |
+ char mybuf[64]; |
286 |
+ char *pbuf; |
287 |
+ |
288 |
+- if (nbytes > 64) |
289 |
+- nbytes = 64; |
290 |
++ if (nbytes > 63) |
291 |
++ nbytes = 63; |
292 |
+ |
293 |
+ memset(mybuf, 0, sizeof(mybuf)); |
294 |
+ |
295 |
+diff --git a/drivers/scsi/vmw_pvscsi.c b/drivers/scsi/vmw_pvscsi.c |
296 |
+index 2c707b5c7b0b7..68b5177bf09d6 100644 |
297 |
+--- a/drivers/scsi/vmw_pvscsi.c |
298 |
++++ b/drivers/scsi/vmw_pvscsi.c |
299 |
+@@ -578,9 +578,12 @@ static void pvscsi_complete_request(struct pvscsi_adapter *adapter, |
300 |
+ * Commands like INQUIRY may transfer less data than |
301 |
+ * requested by the initiator via bufflen. Set residual |
302 |
+ * count to make upper layer aware of the actual amount |
303 |
+- * of data returned. |
304 |
++ * of data returned. There are cases when controller |
305 |
++ * returns zero dataLen with non zero data - do not set |
306 |
++ * residual count in that case. |
307 |
+ */ |
308 |
+- scsi_set_resid(cmd, scsi_bufflen(cmd) - e->dataLen); |
309 |
++ if (e->dataLen && (e->dataLen < scsi_bufflen(cmd))) |
310 |
++ scsi_set_resid(cmd, scsi_bufflen(cmd) - e->dataLen); |
311 |
+ cmd->result = (DID_OK << 16); |
312 |
+ break; |
313 |
+ |
314 |
+diff --git a/drivers/tee/tee_private.h b/drivers/tee/tee_private.h |
315 |
+index 21cb6be8bce94..4ef325f782d11 100644 |
316 |
+--- a/drivers/tee/tee_private.h |
317 |
++++ b/drivers/tee/tee_private.h |
318 |
+@@ -31,7 +31,7 @@ struct tee_device; |
319 |
+ * @paddr: physical address of the shared memory |
320 |
+ * @kaddr: virtual address of the shared memory |
321 |
+ * @size: size of shared memory |
322 |
+- * @dmabuf: dmabuf used to for exporting to user space |
323 |
++ * @refcount: reference counter |
324 |
+ * @flags: defined by TEE_SHM_* in tee_drv.h |
325 |
+ * @id: unique id of a shared memory object on this device |
326 |
+ */ |
327 |
+@@ -42,7 +42,7 @@ struct tee_shm { |
328 |
+ phys_addr_t paddr; |
329 |
+ void *kaddr; |
330 |
+ size_t size; |
331 |
+- struct dma_buf *dmabuf; |
332 |
++ refcount_t refcount; |
333 |
+ u32 flags; |
334 |
+ int id; |
335 |
+ }; |
336 |
+diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c |
337 |
+index ea3ce4e17b855..b8f171b9658b8 100644 |
338 |
+--- a/drivers/tee/tee_shm.c |
339 |
++++ b/drivers/tee/tee_shm.c |
340 |
+@@ -1,5 +1,5 @@ |
341 |
+ /* |
342 |
+- * Copyright (c) 2015-2016, Linaro Limited |
343 |
++ * Copyright (c) 2015-2017, 2019-2021 Linaro Limited |
344 |
+ * |
345 |
+ * This software is licensed under the terms of the GNU General Public |
346 |
+ * License version 2, as published by the Free Software Foundation, and |
347 |
+@@ -11,26 +11,19 @@ |
348 |
+ * GNU General Public License for more details. |
349 |
+ * |
350 |
+ */ |
351 |
++#include <linux/anon_inodes.h> |
352 |
+ #include <linux/device.h> |
353 |
+-#include <linux/dma-buf.h> |
354 |
+-#include <linux/fdtable.h> |
355 |
+ #include <linux/idr.h> |
356 |
++#include <linux/mm.h> |
357 |
+ #include <linux/sched.h> |
358 |
+ #include <linux/slab.h> |
359 |
+ #include <linux/tee_drv.h> |
360 |
+ #include "tee_private.h" |
361 |
+ |
362 |
+-static void tee_shm_release(struct tee_shm *shm) |
363 |
++static void tee_shm_release(struct tee_device *teedev, struct tee_shm *shm) |
364 |
+ { |
365 |
+- struct tee_device *teedev = shm->teedev; |
366 |
+ struct tee_shm_pool_mgr *poolm; |
367 |
+ |
368 |
+- mutex_lock(&teedev->mutex); |
369 |
+- idr_remove(&teedev->idr, shm->id); |
370 |
+- if (shm->ctx) |
371 |
+- list_del(&shm->link); |
372 |
+- mutex_unlock(&teedev->mutex); |
373 |
+- |
374 |
+ if (shm->flags & TEE_SHM_DMA_BUF) |
375 |
+ poolm = &teedev->pool->dma_buf_mgr; |
376 |
+ else |
377 |
+@@ -42,53 +35,6 @@ static void tee_shm_release(struct tee_shm *shm) |
378 |
+ tee_device_put(teedev); |
379 |
+ } |
380 |
+ |
381 |
+-static struct sg_table *tee_shm_op_map_dma_buf(struct dma_buf_attachment |
382 |
+- *attach, enum dma_data_direction dir) |
383 |
+-{ |
384 |
+- return NULL; |
385 |
+-} |
386 |
+- |
387 |
+-static void tee_shm_op_unmap_dma_buf(struct dma_buf_attachment *attach, |
388 |
+- struct sg_table *table, |
389 |
+- enum dma_data_direction dir) |
390 |
+-{ |
391 |
+-} |
392 |
+- |
393 |
+-static void tee_shm_op_release(struct dma_buf *dmabuf) |
394 |
+-{ |
395 |
+- struct tee_shm *shm = dmabuf->priv; |
396 |
+- |
397 |
+- tee_shm_release(shm); |
398 |
+-} |
399 |
+- |
400 |
+-static void *tee_shm_op_map_atomic(struct dma_buf *dmabuf, unsigned long pgnum) |
401 |
+-{ |
402 |
+- return NULL; |
403 |
+-} |
404 |
+- |
405 |
+-static void *tee_shm_op_map(struct dma_buf *dmabuf, unsigned long pgnum) |
406 |
+-{ |
407 |
+- return NULL; |
408 |
+-} |
409 |
+- |
410 |
+-static int tee_shm_op_mmap(struct dma_buf *dmabuf, struct vm_area_struct *vma) |
411 |
+-{ |
412 |
+- struct tee_shm *shm = dmabuf->priv; |
413 |
+- size_t size = vma->vm_end - vma->vm_start; |
414 |
+- |
415 |
+- return remap_pfn_range(vma, vma->vm_start, shm->paddr >> PAGE_SHIFT, |
416 |
+- size, vma->vm_page_prot); |
417 |
+-} |
418 |
+- |
419 |
+-static const struct dma_buf_ops tee_shm_dma_buf_ops = { |
420 |
+- .map_dma_buf = tee_shm_op_map_dma_buf, |
421 |
+- .unmap_dma_buf = tee_shm_op_unmap_dma_buf, |
422 |
+- .release = tee_shm_op_release, |
423 |
+- .map_atomic = tee_shm_op_map_atomic, |
424 |
+- .map = tee_shm_op_map, |
425 |
+- .mmap = tee_shm_op_mmap, |
426 |
+-}; |
427 |
+- |
428 |
+ /** |
429 |
+ * tee_shm_alloc() - Allocate shared memory |
430 |
+ * @ctx: Context that allocates the shared memory |
431 |
+@@ -135,6 +81,7 @@ struct tee_shm *tee_shm_alloc(struct tee_context *ctx, size_t size, u32 flags) |
432 |
+ goto err_dev_put; |
433 |
+ } |
434 |
+ |
435 |
++ refcount_set(&shm->refcount, 1); |
436 |
+ shm->flags = flags; |
437 |
+ shm->teedev = teedev; |
438 |
+ shm->ctx = ctx; |
439 |
+@@ -157,29 +104,11 @@ struct tee_shm *tee_shm_alloc(struct tee_context *ctx, size_t size, u32 flags) |
440 |
+ goto err_pool_free; |
441 |
+ } |
442 |
+ |
443 |
+- if (flags & TEE_SHM_DMA_BUF) { |
444 |
+- DEFINE_DMA_BUF_EXPORT_INFO(exp_info); |
445 |
+- |
446 |
+- exp_info.ops = &tee_shm_dma_buf_ops; |
447 |
+- exp_info.size = shm->size; |
448 |
+- exp_info.flags = O_RDWR; |
449 |
+- exp_info.priv = shm; |
450 |
+- |
451 |
+- shm->dmabuf = dma_buf_export(&exp_info); |
452 |
+- if (IS_ERR(shm->dmabuf)) { |
453 |
+- ret = ERR_CAST(shm->dmabuf); |
454 |
+- goto err_rem; |
455 |
+- } |
456 |
+- } |
457 |
+ mutex_lock(&teedev->mutex); |
458 |
+ list_add_tail(&shm->link, &ctx->list_shm); |
459 |
+ mutex_unlock(&teedev->mutex); |
460 |
+ |
461 |
+ return shm; |
462 |
+-err_rem: |
463 |
+- mutex_lock(&teedev->mutex); |
464 |
+- idr_remove(&teedev->idr, shm->id); |
465 |
+- mutex_unlock(&teedev->mutex); |
466 |
+ err_pool_free: |
467 |
+ poolm->ops->free(poolm, shm); |
468 |
+ err_kfree: |
469 |
+@@ -190,6 +119,31 @@ err_dev_put: |
470 |
+ } |
471 |
+ EXPORT_SYMBOL_GPL(tee_shm_alloc); |
472 |
+ |
473 |
++static int tee_shm_fop_release(struct inode *inode, struct file *filp) |
474 |
++{ |
475 |
++ tee_shm_put(filp->private_data); |
476 |
++ return 0; |
477 |
++} |
478 |
++ |
479 |
++static int tee_shm_fop_mmap(struct file *filp, struct vm_area_struct *vma) |
480 |
++{ |
481 |
++ struct tee_shm *shm = filp->private_data; |
482 |
++ size_t size = vma->vm_end - vma->vm_start; |
483 |
++ |
484 |
++ /* check for overflowing the buffer's size */ |
485 |
++ if (vma->vm_pgoff + vma_pages(vma) > shm->size >> PAGE_SHIFT) |
486 |
++ return -EINVAL; |
487 |
++ |
488 |
++ return remap_pfn_range(vma, vma->vm_start, shm->paddr >> PAGE_SHIFT, |
489 |
++ size, vma->vm_page_prot); |
490 |
++} |
491 |
++ |
492 |
++static const struct file_operations tee_shm_fops = { |
493 |
++ .owner = THIS_MODULE, |
494 |
++ .release = tee_shm_fop_release, |
495 |
++ .mmap = tee_shm_fop_mmap, |
496 |
++}; |
497 |
++ |
498 |
+ /** |
499 |
+ * tee_shm_get_fd() - Increase reference count and return file descriptor |
500 |
+ * @shm: Shared memory handle |
501 |
+@@ -203,10 +157,11 @@ int tee_shm_get_fd(struct tee_shm *shm) |
502 |
+ if ((shm->flags & req_flags) != req_flags) |
503 |
+ return -EINVAL; |
504 |
+ |
505 |
+- get_dma_buf(shm->dmabuf); |
506 |
+- fd = dma_buf_fd(shm->dmabuf, O_CLOEXEC); |
507 |
++ /* matched by tee_shm_put() in tee_shm_op_release() */ |
508 |
++ refcount_inc(&shm->refcount); |
509 |
++ fd = anon_inode_getfd("tee_shm", &tee_shm_fops, shm, O_RDWR); |
510 |
+ if (fd < 0) |
511 |
+- dma_buf_put(shm->dmabuf); |
512 |
++ tee_shm_put(shm); |
513 |
+ return fd; |
514 |
+ } |
515 |
+ |
516 |
+@@ -216,17 +171,7 @@ int tee_shm_get_fd(struct tee_shm *shm) |
517 |
+ */ |
518 |
+ void tee_shm_free(struct tee_shm *shm) |
519 |
+ { |
520 |
+- /* |
521 |
+- * dma_buf_put() decreases the dmabuf reference counter and will |
522 |
+- * call tee_shm_release() when the last reference is gone. |
523 |
+- * |
524 |
+- * In the case of driver private memory we call tee_shm_release |
525 |
+- * directly instead as it doesn't have a reference counter. |
526 |
+- */ |
527 |
+- if (shm->flags & TEE_SHM_DMA_BUF) |
528 |
+- dma_buf_put(shm->dmabuf); |
529 |
+- else |
530 |
+- tee_shm_release(shm); |
531 |
++ tee_shm_put(shm); |
532 |
+ } |
533 |
+ EXPORT_SYMBOL_GPL(tee_shm_free); |
534 |
+ |
535 |
+@@ -327,10 +272,15 @@ struct tee_shm *tee_shm_get_from_id(struct tee_context *ctx, int id) |
536 |
+ teedev = ctx->teedev; |
537 |
+ mutex_lock(&teedev->mutex); |
538 |
+ shm = idr_find(&teedev->idr, id); |
539 |
++ /* |
540 |
++ * If the tee_shm was found in the IDR it must have a refcount |
541 |
++ * larger than 0 due to the guarantee in tee_shm_put() below. So |
542 |
++ * it's safe to use refcount_inc(). |
543 |
++ */ |
544 |
+ if (!shm || shm->ctx != ctx) |
545 |
+ shm = ERR_PTR(-EINVAL); |
546 |
+- else if (shm->flags & TEE_SHM_DMA_BUF) |
547 |
+- get_dma_buf(shm->dmabuf); |
548 |
++ else |
549 |
++ refcount_inc(&shm->refcount); |
550 |
+ mutex_unlock(&teedev->mutex); |
551 |
+ return shm; |
552 |
+ } |
553 |
+@@ -353,7 +303,24 @@ EXPORT_SYMBOL_GPL(tee_shm_get_id); |
554 |
+ */ |
555 |
+ void tee_shm_put(struct tee_shm *shm) |
556 |
+ { |
557 |
+- if (shm->flags & TEE_SHM_DMA_BUF) |
558 |
+- dma_buf_put(shm->dmabuf); |
559 |
++ struct tee_device *teedev = shm->teedev; |
560 |
++ bool do_release = false; |
561 |
++ |
562 |
++ mutex_lock(&teedev->mutex); |
563 |
++ if (refcount_dec_and_test(&shm->refcount)) { |
564 |
++ /* |
565 |
++ * refcount has reached 0, we must now remove it from the |
566 |
++ * IDR before releasing the mutex. This will guarantee |
567 |
++ * that the refcount_inc() in tee_shm_get_from_id() never |
568 |
++ * starts from 0. |
569 |
++ */ |
570 |
++ if (shm->ctx) |
571 |
++ list_del(&shm->link); |
572 |
++ do_release = true; |
573 |
++ } |
574 |
++ mutex_unlock(&teedev->mutex); |
575 |
++ |
576 |
++ if (do_release) |
577 |
++ tee_shm_release(teedev, shm); |
578 |
+ } |
579 |
+ EXPORT_SYMBOL_GPL(tee_shm_put); |
580 |
+diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c |
581 |
+index 5dfe926c251a7..6029f9b00b4a0 100644 |
582 |
+--- a/drivers/usb/gadget/function/f_fs.c |
583 |
++++ b/drivers/usb/gadget/function/f_fs.c |
584 |
+@@ -1688,11 +1688,15 @@ static void ffs_data_clear(struct ffs_data *ffs) |
585 |
+ |
586 |
+ BUG_ON(ffs->gadget); |
587 |
+ |
588 |
+- if (ffs->epfiles) |
589 |
++ if (ffs->epfiles) { |
590 |
+ ffs_epfiles_destroy(ffs->epfiles, ffs->eps_count); |
591 |
++ ffs->epfiles = NULL; |
592 |
++ } |
593 |
+ |
594 |
+- if (ffs->ffs_eventfd) |
595 |
++ if (ffs->ffs_eventfd) { |
596 |
+ eventfd_ctx_put(ffs->ffs_eventfd); |
597 |
++ ffs->ffs_eventfd = NULL; |
598 |
++ } |
599 |
+ |
600 |
+ kfree(ffs->raw_descs_data); |
601 |
+ kfree(ffs->raw_strings); |
602 |
+@@ -1705,7 +1709,6 @@ static void ffs_data_reset(struct ffs_data *ffs) |
603 |
+ |
604 |
+ ffs_data_clear(ffs); |
605 |
+ |
606 |
+- ffs->epfiles = NULL; |
607 |
+ ffs->raw_descs_data = NULL; |
608 |
+ ffs->raw_descs = NULL; |
609 |
+ ffs->raw_strings = NULL; |
610 |
+diff --git a/drivers/usb/host/xhci-pci.c b/drivers/usb/host/xhci-pci.c |
611 |
+index 0e419cb53de4f..bf649af49cbdb 100644 |
612 |
+--- a/drivers/usb/host/xhci-pci.c |
613 |
++++ b/drivers/usb/host/xhci-pci.c |
614 |
+@@ -100,7 +100,6 @@ static void xhci_pci_quirks(struct device *dev, struct xhci_hcd *xhci) |
615 |
+ /* Look for vendor-specific quirks */ |
616 |
+ if (pdev->vendor == PCI_VENDOR_ID_FRESCO_LOGIC && |
617 |
+ (pdev->device == PCI_DEVICE_ID_FRESCO_LOGIC_PDK || |
618 |
+- pdev->device == PCI_DEVICE_ID_FRESCO_LOGIC_FL1100 || |
619 |
+ pdev->device == PCI_DEVICE_ID_FRESCO_LOGIC_FL1400)) { |
620 |
+ if (pdev->device == PCI_DEVICE_ID_FRESCO_LOGIC_PDK && |
621 |
+ pdev->revision == 0x0) { |
622 |
+@@ -135,6 +134,10 @@ static void xhci_pci_quirks(struct device *dev, struct xhci_hcd *xhci) |
623 |
+ pdev->device == PCI_DEVICE_ID_FRESCO_LOGIC_FL1009) |
624 |
+ xhci->quirks |= XHCI_BROKEN_STREAMS; |
625 |
+ |
626 |
++ if (pdev->vendor == PCI_VENDOR_ID_FRESCO_LOGIC && |
627 |
++ pdev->device == PCI_DEVICE_ID_FRESCO_LOGIC_FL1100) |
628 |
++ xhci->quirks |= XHCI_TRUST_TX_LENGTH; |
629 |
++ |
630 |
+ if (pdev->vendor == PCI_VENDOR_ID_NEC) |
631 |
+ xhci->quirks |= XHCI_NEC_HOST; |
632 |
+ |
633 |
+diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h |
634 |
+index c713bd62428f6..6c20a08a54ae1 100644 |
635 |
+--- a/include/net/sctp/sctp.h |
636 |
++++ b/include/net/sctp/sctp.h |
637 |
+@@ -118,6 +118,7 @@ extern struct percpu_counter sctp_sockets_allocated; |
638 |
+ int sctp_asconf_mgmt(struct sctp_sock *, struct sctp_sockaddr_entry *); |
639 |
+ struct sk_buff *sctp_skb_recv_datagram(struct sock *, int, int, int *); |
640 |
+ |
641 |
++typedef int (*sctp_callback_t)(struct sctp_endpoint *, struct sctp_transport *, void *); |
642 |
+ int sctp_transport_walk_start(struct rhashtable_iter *iter); |
643 |
+ void sctp_transport_walk_stop(struct rhashtable_iter *iter); |
644 |
+ struct sctp_transport *sctp_transport_get_next(struct net *net, |
645 |
+@@ -128,9 +129,8 @@ int sctp_transport_lookup_process(int (*cb)(struct sctp_transport *, void *), |
646 |
+ struct net *net, |
647 |
+ const union sctp_addr *laddr, |
648 |
+ const union sctp_addr *paddr, void *p); |
649 |
+-int sctp_for_each_transport(int (*cb)(struct sctp_transport *, void *), |
650 |
+- int (*cb_done)(struct sctp_transport *, void *), |
651 |
+- struct net *net, int *pos, void *p); |
652 |
++int sctp_transport_traverse_process(sctp_callback_t cb, sctp_callback_t cb_done, |
653 |
++ struct net *net, int *pos, void *p); |
654 |
+ int sctp_for_each_endpoint(int (*cb)(struct sctp_endpoint *, void *), void *p); |
655 |
+ int sctp_get_sctp_info(struct sock *sk, struct sctp_association *asoc, |
656 |
+ struct sctp_info *info); |
657 |
+diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h |
658 |
+index 5831a304e61b2..adbd8ad778f41 100644 |
659 |
+--- a/include/net/sctp/structs.h |
660 |
++++ b/include/net/sctp/structs.h |
661 |
+@@ -1272,6 +1272,7 @@ struct sctp_endpoint { |
662 |
+ reconf_enable:1; |
663 |
+ |
664 |
+ __u8 strreset_enable; |
665 |
++ struct rcu_head rcu; |
666 |
+ }; |
667 |
+ |
668 |
+ /* Recover the outter endpoint structure. */ |
669 |
+@@ -1287,7 +1288,7 @@ static inline struct sctp_endpoint *sctp_ep(struct sctp_ep_common *base) |
670 |
+ struct sctp_endpoint *sctp_endpoint_new(struct sock *, gfp_t); |
671 |
+ void sctp_endpoint_free(struct sctp_endpoint *); |
672 |
+ void sctp_endpoint_put(struct sctp_endpoint *); |
673 |
+-void sctp_endpoint_hold(struct sctp_endpoint *); |
674 |
++int sctp_endpoint_hold(struct sctp_endpoint *ep); |
675 |
+ void sctp_endpoint_add_asoc(struct sctp_endpoint *, struct sctp_association *); |
676 |
+ struct sctp_association *sctp_endpoint_lookup_assoc( |
677 |
+ const struct sctp_endpoint *ep, |
678 |
+diff --git a/include/uapi/linux/nfc.h b/include/uapi/linux/nfc.h |
679 |
+index 399f39ff8048d..1b6d54a328bad 100644 |
680 |
+--- a/include/uapi/linux/nfc.h |
681 |
++++ b/include/uapi/linux/nfc.h |
682 |
+@@ -261,7 +261,7 @@ enum nfc_sdp_attr { |
683 |
+ #define NFC_SE_ENABLED 0x1 |
684 |
+ |
685 |
+ struct sockaddr_nfc { |
686 |
+- sa_family_t sa_family; |
687 |
++ __kernel_sa_family_t sa_family; |
688 |
+ __u32 dev_idx; |
689 |
+ __u32 target_idx; |
690 |
+ __u32 nfc_protocol; |
691 |
+@@ -269,14 +269,14 @@ struct sockaddr_nfc { |
692 |
+ |
693 |
+ #define NFC_LLCP_MAX_SERVICE_NAME 63 |
694 |
+ struct sockaddr_nfc_llcp { |
695 |
+- sa_family_t sa_family; |
696 |
++ __kernel_sa_family_t sa_family; |
697 |
+ __u32 dev_idx; |
698 |
+ __u32 target_idx; |
699 |
+ __u32 nfc_protocol; |
700 |
+ __u8 dsap; /* Destination SAP, if known */ |
701 |
+ __u8 ssap; /* Source SAP to be bound to */ |
702 |
+ char service_name[NFC_LLCP_MAX_SERVICE_NAME]; /* Service name URI */; |
703 |
+- size_t service_name_len; |
704 |
++ __kernel_size_t service_name_len; |
705 |
+ }; |
706 |
+ |
707 |
+ /* NFC socket protocols */ |
708 |
+diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c |
709 |
+index f31c09873d0f8..d0ef51d49f8a9 100644 |
710 |
+--- a/net/ipv4/af_inet.c |
711 |
++++ b/net/ipv4/af_inet.c |
712 |
+@@ -1883,6 +1883,10 @@ static int __init inet_init(void) |
713 |
+ |
714 |
+ ip_init(); |
715 |
+ |
716 |
++ /* Initialise per-cpu ipv4 mibs */ |
717 |
++ if (init_ipv4_mibs()) |
718 |
++ panic("%s: Cannot init ipv4 mibs\n", __func__); |
719 |
++ |
720 |
+ /* Setup TCP slab cache for open requests. */ |
721 |
+ tcp_init(); |
722 |
+ |
723 |
+@@ -1911,12 +1915,6 @@ static int __init inet_init(void) |
724 |
+ |
725 |
+ if (init_inet_pernet_ops()) |
726 |
+ pr_crit("%s: Cannot init ipv4 inet pernet ops\n", __func__); |
727 |
+- /* |
728 |
+- * Initialise per-cpu ipv4 mibs |
729 |
+- */ |
730 |
+- |
731 |
+- if (init_ipv4_mibs()) |
732 |
+- pr_crit("%s: Cannot init ipv4 mibs\n", __func__); |
733 |
+ |
734 |
+ ipv4_proc_init(); |
735 |
+ |
736 |
+diff --git a/net/sctp/endpointola.c b/net/sctp/endpointola.c |
737 |
+index c71b4191df1e7..8d3ee8bb6181d 100644 |
738 |
+--- a/net/sctp/endpointola.c |
739 |
++++ b/net/sctp/endpointola.c |
740 |
+@@ -242,6 +242,18 @@ void sctp_endpoint_free(struct sctp_endpoint *ep) |
741 |
+ } |
742 |
+ |
743 |
+ /* Final destructor for endpoint. */ |
744 |
++static void sctp_endpoint_destroy_rcu(struct rcu_head *head) |
745 |
++{ |
746 |
++ struct sctp_endpoint *ep = container_of(head, struct sctp_endpoint, rcu); |
747 |
++ struct sock *sk = ep->base.sk; |
748 |
++ |
749 |
++ sctp_sk(sk)->ep = NULL; |
750 |
++ sock_put(sk); |
751 |
++ |
752 |
++ kfree(ep); |
753 |
++ SCTP_DBG_OBJCNT_DEC(ep); |
754 |
++} |
755 |
++ |
756 |
+ static void sctp_endpoint_destroy(struct sctp_endpoint *ep) |
757 |
+ { |
758 |
+ struct sock *sk; |
759 |
+@@ -275,18 +287,13 @@ static void sctp_endpoint_destroy(struct sctp_endpoint *ep) |
760 |
+ if (sctp_sk(sk)->bind_hash) |
761 |
+ sctp_put_port(sk); |
762 |
+ |
763 |
+- sctp_sk(sk)->ep = NULL; |
764 |
+- /* Give up our hold on the sock */ |
765 |
+- sock_put(sk); |
766 |
+- |
767 |
+- kfree(ep); |
768 |
+- SCTP_DBG_OBJCNT_DEC(ep); |
769 |
++ call_rcu(&ep->rcu, sctp_endpoint_destroy_rcu); |
770 |
+ } |
771 |
+ |
772 |
+ /* Hold a reference to an endpoint. */ |
773 |
+-void sctp_endpoint_hold(struct sctp_endpoint *ep) |
774 |
++int sctp_endpoint_hold(struct sctp_endpoint *ep) |
775 |
+ { |
776 |
+- refcount_inc(&ep->base.refcnt); |
777 |
++ return refcount_inc_not_zero(&ep->base.refcnt); |
778 |
+ } |
779 |
+ |
780 |
+ /* Release a reference to an endpoint and clean up if there are |
781 |
+diff --git a/net/sctp/sctp_diag.c b/net/sctp/sctp_diag.c |
782 |
+index 6a5a3dfa6c8d6..7c7b476bad310 100644 |
783 |
+--- a/net/sctp/sctp_diag.c |
784 |
++++ b/net/sctp/sctp_diag.c |
785 |
+@@ -276,9 +276,8 @@ out: |
786 |
+ return err; |
787 |
+ } |
788 |
+ |
789 |
+-static int sctp_sock_dump(struct sctp_transport *tsp, void *p) |
790 |
++static int sctp_sock_dump(struct sctp_endpoint *ep, struct sctp_transport *tsp, void *p) |
791 |
+ { |
792 |
+- struct sctp_endpoint *ep = tsp->asoc->ep; |
793 |
+ struct sctp_comm_param *commp = p; |
794 |
+ struct sock *sk = ep->base.sk; |
795 |
+ struct sk_buff *skb = commp->skb; |
796 |
+@@ -288,6 +287,8 @@ static int sctp_sock_dump(struct sctp_transport *tsp, void *p) |
797 |
+ int err = 0; |
798 |
+ |
799 |
+ lock_sock(sk); |
800 |
++ if (ep != tsp->asoc->ep) |
801 |
++ goto release; |
802 |
+ list_for_each_entry(assoc, &ep->asocs, asocs) { |
803 |
+ if (cb->args[4] < cb->args[1]) |
804 |
+ goto next; |
805 |
+@@ -330,9 +331,8 @@ release: |
806 |
+ return err; |
807 |
+ } |
808 |
+ |
809 |
+-static int sctp_sock_filter(struct sctp_transport *tsp, void *p) |
810 |
++static int sctp_sock_filter(struct sctp_endpoint *ep, struct sctp_transport *tsp, void *p) |
811 |
+ { |
812 |
+- struct sctp_endpoint *ep = tsp->asoc->ep; |
813 |
+ struct sctp_comm_param *commp = p; |
814 |
+ struct sock *sk = ep->base.sk; |
815 |
+ const struct inet_diag_req_v2 *r = commp->r; |
816 |
+@@ -490,8 +490,8 @@ skip: |
817 |
+ if (!(idiag_states & ~(TCPF_LISTEN | TCPF_CLOSE))) |
818 |
+ goto done; |
819 |
+ |
820 |
+- sctp_for_each_transport(sctp_sock_filter, sctp_sock_dump, |
821 |
+- net, &pos, &commp); |
822 |
++ sctp_transport_traverse_process(sctp_sock_filter, sctp_sock_dump, |
823 |
++ net, &pos, &commp); |
824 |
+ cb->args[2] = pos; |
825 |
+ |
826 |
+ done: |
827 |
+diff --git a/net/sctp/socket.c b/net/sctp/socket.c |
828 |
+index 8d64caa72cbaa..fac24f329c1d0 100644 |
829 |
+--- a/net/sctp/socket.c |
830 |
++++ b/net/sctp/socket.c |
831 |
+@@ -4738,11 +4738,12 @@ int sctp_transport_lookup_process(int (*cb)(struct sctp_transport *, void *), |
832 |
+ } |
833 |
+ EXPORT_SYMBOL_GPL(sctp_transport_lookup_process); |
834 |
+ |
835 |
+-int sctp_for_each_transport(int (*cb)(struct sctp_transport *, void *), |
836 |
+- int (*cb_done)(struct sctp_transport *, void *), |
837 |
+- struct net *net, int *pos, void *p) { |
838 |
++int sctp_transport_traverse_process(sctp_callback_t cb, sctp_callback_t cb_done, |
839 |
++ struct net *net, int *pos, void *p) |
840 |
++{ |
841 |
+ struct rhashtable_iter hti; |
842 |
+ struct sctp_transport *tsp; |
843 |
++ struct sctp_endpoint *ep; |
844 |
+ int ret; |
845 |
+ |
846 |
+ again: |
847 |
+@@ -4752,26 +4753,32 @@ again: |
848 |
+ |
849 |
+ tsp = sctp_transport_get_idx(net, &hti, *pos + 1); |
850 |
+ for (; !IS_ERR_OR_NULL(tsp); tsp = sctp_transport_get_next(net, &hti)) { |
851 |
+- ret = cb(tsp, p); |
852 |
+- if (ret) |
853 |
+- break; |
854 |
++ ep = tsp->asoc->ep; |
855 |
++ if (sctp_endpoint_hold(ep)) { /* asoc can be peeled off */ |
856 |
++ ret = cb(ep, tsp, p); |
857 |
++ if (ret) |
858 |
++ break; |
859 |
++ sctp_endpoint_put(ep); |
860 |
++ } |
861 |
+ (*pos)++; |
862 |
+ sctp_transport_put(tsp); |
863 |
+ } |
864 |
+ sctp_transport_walk_stop(&hti); |
865 |
+ |
866 |
+ if (ret) { |
867 |
+- if (cb_done && !cb_done(tsp, p)) { |
868 |
++ if (cb_done && !cb_done(ep, tsp, p)) { |
869 |
+ (*pos)++; |
870 |
++ sctp_endpoint_put(ep); |
871 |
+ sctp_transport_put(tsp); |
872 |
+ goto again; |
873 |
+ } |
874 |
++ sctp_endpoint_put(ep); |
875 |
+ sctp_transport_put(tsp); |
876 |
+ } |
877 |
+ |
878 |
+ return ret; |
879 |
+ } |
880 |
+-EXPORT_SYMBOL_GPL(sctp_for_each_transport); |
881 |
++EXPORT_SYMBOL_GPL(sctp_transport_traverse_process); |
882 |
+ |
883 |
+ /* 7.2.1 Association Status (SCTP_STATUS) |
884 |
+ |
885 |
+diff --git a/scripts/recordmcount.pl b/scripts/recordmcount.pl |
886 |
+index ebc78cb3bc7dc..5a5916fe56928 100755 |
887 |
+--- a/scripts/recordmcount.pl |
888 |
++++ b/scripts/recordmcount.pl |
889 |
+@@ -252,7 +252,7 @@ if ($arch eq "x86_64") { |
890 |
+ |
891 |
+ } elsif ($arch eq "s390" && $bits == 64) { |
892 |
+ if ($cc =~ /-DCC_USING_HOTPATCH/) { |
893 |
+- $mcount_regex = "^\\s*([0-9a-fA-F]+):\\s*c0 04 00 00 00 00\\s*(bcrl\\s*0,|jgnop\\s*)[0-9a-f]+ <([^\+]*)>\$"; |
894 |
++ $mcount_regex = "^\\s*([0-9a-fA-F]+):\\s*c0 04 00 00 00 00\\s*(brcl\\s*0,|jgnop\\s*)[0-9a-f]+ <([^\+]*)>\$"; |
895 |
+ $mcount_adjust = 0; |
896 |
+ } else { |
897 |
+ $mcount_regex = "^\\s*([0-9a-fA-F]+):\\s*R_390_(PC|PLT)32DBL\\s+_mcount\\+0x2\$"; |
898 |
+diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c |
899 |
+index 9bb1d492f7047..38a4db1f3aaa3 100644 |
900 |
+--- a/security/selinux/hooks.c |
901 |
++++ b/security/selinux/hooks.c |
902 |
+@@ -5321,7 +5321,7 @@ static unsigned int selinux_ip_postroute_compat(struct sk_buff *skb, |
903 |
+ struct common_audit_data ad; |
904 |
+ struct lsm_network_audit net = {0,}; |
905 |
+ char *addrp; |
906 |
+- u8 proto; |
907 |
++ u8 proto = 0; |
908 |
+ |
909 |
+ if (sk == NULL) |
910 |
+ return NF_ACCEPT; |