| 1 |
commit: 69436507150422f0a74f0fe0e6e7b586a4163f82 |
| 2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sat Nov 10 21:31:26 2018 +0000 |
| 4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Nov 14 13:48:41 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=69436507 |
| 7 |
|
| 8 |
Linux patch 4.14.80 |
| 9 |
|
| 10 |
Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org> |
| 11 |
|
| 12 |
0000_README | 4 + |
| 13 |
1079_linux-4.14.80.patch | 1098 ++++++++++++++++++++++++++++++++++++++++++++++ |
| 14 |
2 files changed, 1102 insertions(+) |
| 15 |
|
| 16 |
diff --git a/0000_README b/0000_README |
| 17 |
index 319ee36..9993aba 100644 |
| 18 |
--- a/0000_README |
| 19 |
+++ b/0000_README |
| 20 |
@@ -359,6 +359,10 @@ Patch: 1078_linux-4.14.79.patch |
| 21 |
From: http://www.kernel.org |
| 22 |
Desc: Linux 4.14.79 |
| 23 |
|
| 24 |
+Patch: 1079_linux-4.14.80.patch |
| 25 |
+From: http://www.kernel.org |
| 26 |
+Desc: Linux 4.14.80 |
| 27 |
+ |
| 28 |
Patch: 1500_XATTR_USER_PREFIX.patch |
| 29 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
| 30 |
Desc: Support for namespace user.pax.* on tmpfs. |
| 31 |
|
| 32 |
diff --git a/1079_linux-4.14.80.patch b/1079_linux-4.14.80.patch |
| 33 |
new file mode 100644 |
| 34 |
index 0000000..009344b |
| 35 |
--- /dev/null |
| 36 |
+++ b/1079_linux-4.14.80.patch |
| 37 |
@@ -0,0 +1,1098 @@ |
| 38 |
+diff --git a/Makefile b/Makefile |
| 39 |
+index 57a007bf1181..f4cad5e03561 100644 |
| 40 |
+--- a/Makefile |
| 41 |
++++ b/Makefile |
| 42 |
+@@ -1,7 +1,7 @@ |
| 43 |
+ # SPDX-License-Identifier: GPL-2.0 |
| 44 |
+ VERSION = 4 |
| 45 |
+ PATCHLEVEL = 14 |
| 46 |
+-SUBLEVEL = 79 |
| 47 |
++SUBLEVEL = 80 |
| 48 |
+ EXTRAVERSION = |
| 49 |
+ NAME = Petit Gorille |
| 50 |
+ |
| 51 |
+diff --git a/arch/arm/boot/dts/tegra20.dtsi b/arch/arm/boot/dts/tegra20.dtsi |
| 52 |
+index 2780e68a853b..914f59166a99 100644 |
| 53 |
+--- a/arch/arm/boot/dts/tegra20.dtsi |
| 54 |
++++ b/arch/arm/boot/dts/tegra20.dtsi |
| 55 |
+@@ -706,7 +706,7 @@ |
| 56 |
+ phy_type = "ulpi"; |
| 57 |
+ clocks = <&tegra_car TEGRA20_CLK_USB2>, |
| 58 |
+ <&tegra_car TEGRA20_CLK_PLL_U>, |
| 59 |
+- <&tegra_car TEGRA20_CLK_PLL_P_OUT4>; |
| 60 |
++ <&tegra_car TEGRA20_CLK_CDEV2>; |
| 61 |
+ clock-names = "reg", "pll_u", "ulpi-link"; |
| 62 |
+ resets = <&tegra_car 58>, <&tegra_car 22>; |
| 63 |
+ reset-names = "usb", "utmi-pads"; |
| 64 |
+diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h |
| 65 |
+index a38bf5a1e37a..69dcdf195b61 100644 |
| 66 |
+--- a/arch/x86/include/asm/fpu/internal.h |
| 67 |
++++ b/arch/x86/include/asm/fpu/internal.h |
| 68 |
+@@ -528,7 +528,7 @@ static inline void fpregs_activate(struct fpu *fpu) |
| 69 |
+ static inline void |
| 70 |
+ switch_fpu_prepare(struct fpu *old_fpu, int cpu) |
| 71 |
+ { |
| 72 |
+- if (old_fpu->initialized) { |
| 73 |
++ if (static_cpu_has(X86_FEATURE_FPU) && old_fpu->initialized) { |
| 74 |
+ if (!copy_fpregs_to_fpstate(old_fpu)) |
| 75 |
+ old_fpu->last_cpu = -1; |
| 76 |
+ else |
| 77 |
+diff --git a/arch/x86/include/asm/percpu.h b/arch/x86/include/asm/percpu.h |
| 78 |
+index ba3c523aaf16..12aa2bb6bac4 100644 |
| 79 |
+--- a/arch/x86/include/asm/percpu.h |
| 80 |
++++ b/arch/x86/include/asm/percpu.h |
| 81 |
+@@ -185,22 +185,22 @@ do { \ |
| 82 |
+ typeof(var) pfo_ret__; \ |
| 83 |
+ switch (sizeof(var)) { \ |
| 84 |
+ case 1: \ |
| 85 |
+- asm(op "b "__percpu_arg(1)",%0" \ |
| 86 |
++ asm volatile(op "b "__percpu_arg(1)",%0"\ |
| 87 |
+ : "=q" (pfo_ret__) \ |
| 88 |
+ : "m" (var)); \ |
| 89 |
+ break; \ |
| 90 |
+ case 2: \ |
| 91 |
+- asm(op "w "__percpu_arg(1)",%0" \ |
| 92 |
++ asm volatile(op "w "__percpu_arg(1)",%0"\ |
| 93 |
+ : "=r" (pfo_ret__) \ |
| 94 |
+ : "m" (var)); \ |
| 95 |
+ break; \ |
| 96 |
+ case 4: \ |
| 97 |
+- asm(op "l "__percpu_arg(1)",%0" \ |
| 98 |
++ asm volatile(op "l "__percpu_arg(1)",%0"\ |
| 99 |
+ : "=r" (pfo_ret__) \ |
| 100 |
+ : "m" (var)); \ |
| 101 |
+ break; \ |
| 102 |
+ case 8: \ |
| 103 |
+- asm(op "q "__percpu_arg(1)",%0" \ |
| 104 |
++ asm volatile(op "q "__percpu_arg(1)",%0"\ |
| 105 |
+ : "=r" (pfo_ret__) \ |
| 106 |
+ : "m" (var)); \ |
| 107 |
+ break; \ |
| 108 |
+diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c |
| 109 |
+index dcb00acb6583..4bc12447a50f 100644 |
| 110 |
+--- a/arch/x86/kernel/setup.c |
| 111 |
++++ b/arch/x86/kernel/setup.c |
| 112 |
+@@ -1287,7 +1287,7 @@ void __init setup_arch(char **cmdline_p) |
| 113 |
+ kvm_guest_init(); |
| 114 |
+ |
| 115 |
+ e820__reserve_resources(); |
| 116 |
+- e820__register_nosave_regions(max_low_pfn); |
| 117 |
++ e820__register_nosave_regions(max_pfn); |
| 118 |
+ |
| 119 |
+ x86_init.resources.reserve_resources(); |
| 120 |
+ |
| 121 |
+diff --git a/arch/x86/kernel/time.c b/arch/x86/kernel/time.c |
| 122 |
+index 49a5c394f3ed..ab0176ae985b 100644 |
| 123 |
+--- a/arch/x86/kernel/time.c |
| 124 |
++++ b/arch/x86/kernel/time.c |
| 125 |
+@@ -25,7 +25,7 @@ |
| 126 |
+ #include <asm/time.h> |
| 127 |
+ |
| 128 |
+ #ifdef CONFIG_X86_64 |
| 129 |
+-__visible volatile unsigned long jiffies __cacheline_aligned = INITIAL_JIFFIES; |
| 130 |
++__visible volatile unsigned long jiffies __cacheline_aligned_in_smp = INITIAL_JIFFIES; |
| 131 |
+ #endif |
| 132 |
+ |
| 133 |
+ unsigned long profile_pc(struct pt_regs *regs) |
| 134 |
+diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c |
| 135 |
+index 0bf06fa3027e..36d02484e384 100644 |
| 136 |
+--- a/arch/x86/kernel/tsc.c |
| 137 |
++++ b/arch/x86/kernel/tsc.c |
| 138 |
+@@ -60,7 +60,7 @@ struct cyc2ns { |
| 139 |
+ |
| 140 |
+ static DEFINE_PER_CPU_ALIGNED(struct cyc2ns, cyc2ns); |
| 141 |
+ |
| 142 |
+-void cyc2ns_read_begin(struct cyc2ns_data *data) |
| 143 |
++void __always_inline cyc2ns_read_begin(struct cyc2ns_data *data) |
| 144 |
+ { |
| 145 |
+ int seq, idx; |
| 146 |
+ |
| 147 |
+@@ -77,7 +77,7 @@ void cyc2ns_read_begin(struct cyc2ns_data *data) |
| 148 |
+ } while (unlikely(seq != this_cpu_read(cyc2ns.seq.sequence))); |
| 149 |
+ } |
| 150 |
+ |
| 151 |
+-void cyc2ns_read_end(void) |
| 152 |
++void __always_inline cyc2ns_read_end(void) |
| 153 |
+ { |
| 154 |
+ preempt_enable_notrace(); |
| 155 |
+ } |
| 156 |
+@@ -123,7 +123,7 @@ static void cyc2ns_init(int cpu) |
| 157 |
+ seqcount_init(&c2n->seq); |
| 158 |
+ } |
| 159 |
+ |
| 160 |
+-static inline unsigned long long cycles_2_ns(unsigned long long cyc) |
| 161 |
++static __always_inline unsigned long long cycles_2_ns(unsigned long long cyc) |
| 162 |
+ { |
| 163 |
+ struct cyc2ns_data data; |
| 164 |
+ unsigned long long ns; |
| 165 |
+diff --git a/drivers/gpio/gpio-mxs.c b/drivers/gpio/gpio-mxs.c |
| 166 |
+index 435def22445d..f66395524d0e 100644 |
| 167 |
+--- a/drivers/gpio/gpio-mxs.c |
| 168 |
++++ b/drivers/gpio/gpio-mxs.c |
| 169 |
+@@ -32,8 +32,6 @@ |
| 170 |
+ #include <linux/platform_device.h> |
| 171 |
+ #include <linux/slab.h> |
| 172 |
+ #include <linux/gpio/driver.h> |
| 173 |
+-/* FIXME: for gpio_get_value(), replace this by direct register read */ |
| 174 |
+-#include <linux/gpio.h> |
| 175 |
+ #include <linux/module.h> |
| 176 |
+ |
| 177 |
+ #define MXS_SET 0x4 |
| 178 |
+@@ -100,7 +98,7 @@ static int mxs_gpio_set_irq_type(struct irq_data *d, unsigned int type) |
| 179 |
+ port->both_edges &= ~pin_mask; |
| 180 |
+ switch (type) { |
| 181 |
+ case IRQ_TYPE_EDGE_BOTH: |
| 182 |
+- val = gpio_get_value(port->gc.base + d->hwirq); |
| 183 |
++ val = port->gc.get(&port->gc, d->hwirq); |
| 184 |
+ if (val) |
| 185 |
+ edge = GPIO_INT_FALL_EDGE; |
| 186 |
+ else |
| 187 |
+diff --git a/drivers/gpu/drm/drm_edid.c b/drivers/gpu/drm/drm_edid.c |
| 188 |
+index c29dea895605..d1191ebed072 100644 |
| 189 |
+--- a/drivers/gpu/drm/drm_edid.c |
| 190 |
++++ b/drivers/gpu/drm/drm_edid.c |
| 191 |
+@@ -111,6 +111,9 @@ static const struct edid_quirk { |
| 192 |
+ /* AEO model 0 reports 8 bpc, but is a 6 bpc panel */ |
| 193 |
+ { "AEO", 0, EDID_QUIRK_FORCE_6BPC }, |
| 194 |
+ |
| 195 |
++ /* BOE model on HP Pavilion 15-n233sl reports 8 bpc, but is a 6 bpc panel */ |
| 196 |
++ { "BOE", 0x78b, EDID_QUIRK_FORCE_6BPC }, |
| 197 |
++ |
| 198 |
+ /* CPT panel of Asus UX303LA reports 8 bpc, but is a 6 bpc panel */ |
| 199 |
+ { "CPT", 0x17df, EDID_QUIRK_FORCE_6BPC }, |
| 200 |
+ |
| 201 |
+@@ -4220,7 +4223,7 @@ static void drm_parse_ycbcr420_deep_color_info(struct drm_connector *connector, |
| 202 |
+ struct drm_hdmi_info *hdmi = &connector->display_info.hdmi; |
| 203 |
+ |
| 204 |
+ dc_mask = db[7] & DRM_EDID_YCBCR420_DC_MASK; |
| 205 |
+- hdmi->y420_dc_modes |= dc_mask; |
| 206 |
++ hdmi->y420_dc_modes = dc_mask; |
| 207 |
+ } |
| 208 |
+ |
| 209 |
+ static void drm_parse_hdmi_forum_vsdb(struct drm_connector *connector, |
| 210 |
+diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c |
| 211 |
+index 5e93589c335c..29d1d3df3164 100644 |
| 212 |
+--- a/drivers/gpu/drm/drm_fb_helper.c |
| 213 |
++++ b/drivers/gpu/drm/drm_fb_helper.c |
| 214 |
+@@ -1490,6 +1490,25 @@ unlock: |
| 215 |
+ } |
| 216 |
+ EXPORT_SYMBOL(drm_fb_helper_ioctl); |
| 217 |
+ |
| 218 |
++static bool drm_fb_pixel_format_equal(const struct fb_var_screeninfo *var_1, |
| 219 |
++ const struct fb_var_screeninfo *var_2) |
| 220 |
++{ |
| 221 |
++ return var_1->bits_per_pixel == var_2->bits_per_pixel && |
| 222 |
++ var_1->grayscale == var_2->grayscale && |
| 223 |
++ var_1->red.offset == var_2->red.offset && |
| 224 |
++ var_1->red.length == var_2->red.length && |
| 225 |
++ var_1->red.msb_right == var_2->red.msb_right && |
| 226 |
++ var_1->green.offset == var_2->green.offset && |
| 227 |
++ var_1->green.length == var_2->green.length && |
| 228 |
++ var_1->green.msb_right == var_2->green.msb_right && |
| 229 |
++ var_1->blue.offset == var_2->blue.offset && |
| 230 |
++ var_1->blue.length == var_2->blue.length && |
| 231 |
++ var_1->blue.msb_right == var_2->blue.msb_right && |
| 232 |
++ var_1->transp.offset == var_2->transp.offset && |
| 233 |
++ var_1->transp.length == var_2->transp.length && |
| 234 |
++ var_1->transp.msb_right == var_2->transp.msb_right; |
| 235 |
++} |
| 236 |
++ |
| 237 |
+ /** |
| 238 |
+ * drm_fb_helper_check_var - implementation for &fb_ops.fb_check_var |
| 239 |
+ * @var: screeninfo to check |
| 240 |
+@@ -1500,7 +1519,6 @@ int drm_fb_helper_check_var(struct fb_var_screeninfo *var, |
| 241 |
+ { |
| 242 |
+ struct drm_fb_helper *fb_helper = info->par; |
| 243 |
+ struct drm_framebuffer *fb = fb_helper->fb; |
| 244 |
+- int depth; |
| 245 |
+ |
| 246 |
+ if (var->pixclock != 0 || in_dbg_master()) |
| 247 |
+ return -EINVAL; |
| 248 |
+@@ -1520,72 +1538,15 @@ int drm_fb_helper_check_var(struct fb_var_screeninfo *var, |
| 249 |
+ return -EINVAL; |
| 250 |
+ } |
| 251 |
+ |
| 252 |
+- switch (var->bits_per_pixel) { |
| 253 |
+- case 16: |
| 254 |
+- depth = (var->green.length == 6) ? 16 : 15; |
| 255 |
+- break; |
| 256 |
+- case 32: |
| 257 |
+- depth = (var->transp.length > 0) ? 32 : 24; |
| 258 |
+- break; |
| 259 |
+- default: |
| 260 |
+- depth = var->bits_per_pixel; |
| 261 |
+- break; |
| 262 |
+- } |
| 263 |
+- |
| 264 |
+- switch (depth) { |
| 265 |
+- case 8: |
| 266 |
+- var->red.offset = 0; |
| 267 |
+- var->green.offset = 0; |
| 268 |
+- var->blue.offset = 0; |
| 269 |
+- var->red.length = 8; |
| 270 |
+- var->green.length = 8; |
| 271 |
+- var->blue.length = 8; |
| 272 |
+- var->transp.length = 0; |
| 273 |
+- var->transp.offset = 0; |
| 274 |
+- break; |
| 275 |
+- case 15: |
| 276 |
+- var->red.offset = 10; |
| 277 |
+- var->green.offset = 5; |
| 278 |
+- var->blue.offset = 0; |
| 279 |
+- var->red.length = 5; |
| 280 |
+- var->green.length = 5; |
| 281 |
+- var->blue.length = 5; |
| 282 |
+- var->transp.length = 1; |
| 283 |
+- var->transp.offset = 15; |
| 284 |
+- break; |
| 285 |
+- case 16: |
| 286 |
+- var->red.offset = 11; |
| 287 |
+- var->green.offset = 5; |
| 288 |
+- var->blue.offset = 0; |
| 289 |
+- var->red.length = 5; |
| 290 |
+- var->green.length = 6; |
| 291 |
+- var->blue.length = 5; |
| 292 |
+- var->transp.length = 0; |
| 293 |
+- var->transp.offset = 0; |
| 294 |
+- break; |
| 295 |
+- case 24: |
| 296 |
+- var->red.offset = 16; |
| 297 |
+- var->green.offset = 8; |
| 298 |
+- var->blue.offset = 0; |
| 299 |
+- var->red.length = 8; |
| 300 |
+- var->green.length = 8; |
| 301 |
+- var->blue.length = 8; |
| 302 |
+- var->transp.length = 0; |
| 303 |
+- var->transp.offset = 0; |
| 304 |
+- break; |
| 305 |
+- case 32: |
| 306 |
+- var->red.offset = 16; |
| 307 |
+- var->green.offset = 8; |
| 308 |
+- var->blue.offset = 0; |
| 309 |
+- var->red.length = 8; |
| 310 |
+- var->green.length = 8; |
| 311 |
+- var->blue.length = 8; |
| 312 |
+- var->transp.length = 8; |
| 313 |
+- var->transp.offset = 24; |
| 314 |
+- break; |
| 315 |
+- default: |
| 316 |
++ /* |
| 317 |
++ * drm fbdev emulation doesn't support changing the pixel format at all, |
| 318 |
++ * so reject all pixel format changing requests. |
| 319 |
++ */ |
| 320 |
++ if (!drm_fb_pixel_format_equal(var, &info->var)) { |
| 321 |
++ DRM_DEBUG("fbdev emulation doesn't support changing the pixel format\n"); |
| 322 |
+ return -EINVAL; |
| 323 |
+ } |
| 324 |
++ |
| 325 |
+ return 0; |
| 326 |
+ } |
| 327 |
+ EXPORT_SYMBOL(drm_fb_helper_check_var); |
| 328 |
+diff --git a/drivers/infiniband/core/ucm.c b/drivers/infiniband/core/ucm.c |
| 329 |
+index f2a7f62c2834..09cb24353be3 100644 |
| 330 |
+--- a/drivers/infiniband/core/ucm.c |
| 331 |
++++ b/drivers/infiniband/core/ucm.c |
| 332 |
+@@ -46,6 +46,8 @@ |
| 333 |
+ #include <linux/mutex.h> |
| 334 |
+ #include <linux/slab.h> |
| 335 |
+ |
| 336 |
++#include <linux/nospec.h> |
| 337 |
++ |
| 338 |
+ #include <linux/uaccess.h> |
| 339 |
+ |
| 340 |
+ #include <rdma/ib.h> |
| 341 |
+@@ -1118,6 +1120,7 @@ static ssize_t ib_ucm_write(struct file *filp, const char __user *buf, |
| 342 |
+ |
| 343 |
+ if (hdr.cmd >= ARRAY_SIZE(ucm_cmd_table)) |
| 344 |
+ return -EINVAL; |
| 345 |
++ hdr.cmd = array_index_nospec(hdr.cmd, ARRAY_SIZE(ucm_cmd_table)); |
| 346 |
+ |
| 347 |
+ if (hdr.in + sizeof(hdr) > len) |
| 348 |
+ return -EINVAL; |
| 349 |
+diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c |
| 350 |
+index 17144a781aeb..c3e5f921da12 100644 |
| 351 |
+--- a/drivers/infiniband/core/ucma.c |
| 352 |
++++ b/drivers/infiniband/core/ucma.c |
| 353 |
+@@ -44,6 +44,8 @@ |
| 354 |
+ #include <linux/module.h> |
| 355 |
+ #include <linux/nsproxy.h> |
| 356 |
+ |
| 357 |
++#include <linux/nospec.h> |
| 358 |
++ |
| 359 |
+ #include <rdma/rdma_user_cm.h> |
| 360 |
+ #include <rdma/ib_marshall.h> |
| 361 |
+ #include <rdma/rdma_cm.h> |
| 362 |
+@@ -1659,6 +1661,7 @@ static ssize_t ucma_write(struct file *filp, const char __user *buf, |
| 363 |
+ |
| 364 |
+ if (hdr.cmd >= ARRAY_SIZE(ucma_cmd_table)) |
| 365 |
+ return -EINVAL; |
| 366 |
++ hdr.cmd = array_index_nospec(hdr.cmd, ARRAY_SIZE(ucma_cmd_table)); |
| 367 |
+ |
| 368 |
+ if (hdr.in + sizeof(hdr) > len) |
| 369 |
+ return -EINVAL; |
| 370 |
+diff --git a/drivers/input/mouse/elan_i2c_core.c b/drivers/input/mouse/elan_i2c_core.c |
| 371 |
+index 696e540304fd..766d30a7b085 100644 |
| 372 |
+--- a/drivers/input/mouse/elan_i2c_core.c |
| 373 |
++++ b/drivers/input/mouse/elan_i2c_core.c |
| 374 |
+@@ -1262,6 +1262,7 @@ static const struct acpi_device_id elan_acpi_id[] = { |
| 375 |
+ { "ELAN0611", 0 }, |
| 376 |
+ { "ELAN0612", 0 }, |
| 377 |
+ { "ELAN0618", 0 }, |
| 378 |
++ { "ELAN061C", 0 }, |
| 379 |
+ { "ELAN061D", 0 }, |
| 380 |
+ { "ELAN0622", 0 }, |
| 381 |
+ { "ELAN1000", 0 }, |
| 382 |
+diff --git a/drivers/misc/eeprom/at24.c b/drivers/misc/eeprom/at24.c |
| 383 |
+index 4cc0b42f2acc..ded48a0c77ee 100644 |
| 384 |
+--- a/drivers/misc/eeprom/at24.c |
| 385 |
++++ b/drivers/misc/eeprom/at24.c |
| 386 |
+@@ -577,6 +577,23 @@ static void at24_get_pdata(struct device *dev, struct at24_platform_data *chip) |
| 387 |
+ if (device_property_present(dev, "read-only")) |
| 388 |
+ chip->flags |= AT24_FLAG_READONLY; |
| 389 |
+ |
| 390 |
++ err = device_property_read_u32(dev, "address-width", &val); |
| 391 |
++ if (!err) { |
| 392 |
++ switch (val) { |
| 393 |
++ case 8: |
| 394 |
++ if (chip->flags & AT24_FLAG_ADDR16) |
| 395 |
++ dev_warn(dev, "Override address width to be 8, while default is 16\n"); |
| 396 |
++ chip->flags &= ~AT24_FLAG_ADDR16; |
| 397 |
++ break; |
| 398 |
++ case 16: |
| 399 |
++ chip->flags |= AT24_FLAG_ADDR16; |
| 400 |
++ break; |
| 401 |
++ default: |
| 402 |
++ dev_warn(dev, "Bad \"address-width\" property: %u\n", |
| 403 |
++ val); |
| 404 |
++ } |
| 405 |
++ } |
| 406 |
++ |
| 407 |
+ err = device_property_read_u32(dev, "pagesize", &val); |
| 408 |
+ if (!err) { |
| 409 |
+ chip->page_size = val; |
| 410 |
+diff --git a/drivers/net/ethernet/freescale/fs_enet/fs_enet-main.c b/drivers/net/ethernet/freescale/fs_enet/fs_enet-main.c |
| 411 |
+index 753259091b22..28bd4cf61741 100644 |
| 412 |
+--- a/drivers/net/ethernet/freescale/fs_enet/fs_enet-main.c |
| 413 |
++++ b/drivers/net/ethernet/freescale/fs_enet/fs_enet-main.c |
| 414 |
+@@ -613,9 +613,11 @@ static int fs_enet_start_xmit(struct sk_buff *skb, struct net_device *dev) |
| 415 |
+ return NETDEV_TX_OK; |
| 416 |
+ } |
| 417 |
+ |
| 418 |
+-static void fs_timeout(struct net_device *dev) |
| 419 |
++static void fs_timeout_work(struct work_struct *work) |
| 420 |
+ { |
| 421 |
+- struct fs_enet_private *fep = netdev_priv(dev); |
| 422 |
++ struct fs_enet_private *fep = container_of(work, struct fs_enet_private, |
| 423 |
++ timeout_work); |
| 424 |
++ struct net_device *dev = fep->ndev; |
| 425 |
+ unsigned long flags; |
| 426 |
+ int wake = 0; |
| 427 |
+ |
| 428 |
+@@ -627,7 +629,6 @@ static void fs_timeout(struct net_device *dev) |
| 429 |
+ phy_stop(dev->phydev); |
| 430 |
+ (*fep->ops->stop)(dev); |
| 431 |
+ (*fep->ops->restart)(dev); |
| 432 |
+- phy_start(dev->phydev); |
| 433 |
+ } |
| 434 |
+ |
| 435 |
+ phy_start(dev->phydev); |
| 436 |
+@@ -639,6 +640,13 @@ static void fs_timeout(struct net_device *dev) |
| 437 |
+ netif_wake_queue(dev); |
| 438 |
+ } |
| 439 |
+ |
| 440 |
++static void fs_timeout(struct net_device *dev) |
| 441 |
++{ |
| 442 |
++ struct fs_enet_private *fep = netdev_priv(dev); |
| 443 |
++ |
| 444 |
++ schedule_work(&fep->timeout_work); |
| 445 |
++} |
| 446 |
++ |
| 447 |
+ /*----------------------------------------------------------------------------- |
| 448 |
+ * generic link-change handler - should be sufficient for most cases |
| 449 |
+ *-----------------------------------------------------------------------------*/ |
| 450 |
+@@ -759,6 +767,7 @@ static int fs_enet_close(struct net_device *dev) |
| 451 |
+ netif_stop_queue(dev); |
| 452 |
+ netif_carrier_off(dev); |
| 453 |
+ napi_disable(&fep->napi); |
| 454 |
++ cancel_work_sync(&fep->timeout_work); |
| 455 |
+ phy_stop(dev->phydev); |
| 456 |
+ |
| 457 |
+ spin_lock_irqsave(&fep->lock, flags); |
| 458 |
+@@ -1019,6 +1028,7 @@ static int fs_enet_probe(struct platform_device *ofdev) |
| 459 |
+ |
| 460 |
+ ndev->netdev_ops = &fs_enet_netdev_ops; |
| 461 |
+ ndev->watchdog_timeo = 2 * HZ; |
| 462 |
++ INIT_WORK(&fep->timeout_work, fs_timeout_work); |
| 463 |
+ netif_napi_add(ndev, &fep->napi, fs_enet_napi, fpi->napi_weight); |
| 464 |
+ |
| 465 |
+ ndev->ethtool_ops = &fs_ethtool_ops; |
| 466 |
+diff --git a/drivers/net/ethernet/freescale/fs_enet/fs_enet.h b/drivers/net/ethernet/freescale/fs_enet/fs_enet.h |
| 467 |
+index 168e10ea487f..837c802ca302 100644 |
| 468 |
+--- a/drivers/net/ethernet/freescale/fs_enet/fs_enet.h |
| 469 |
++++ b/drivers/net/ethernet/freescale/fs_enet/fs_enet.h |
| 470 |
+@@ -125,6 +125,7 @@ struct fs_enet_private { |
| 471 |
+ spinlock_t lock; /* during all ops except TX pckt processing */ |
| 472 |
+ spinlock_t tx_lock; /* during fs_start_xmit and fs_tx */ |
| 473 |
+ struct fs_platform_info *fpi; |
| 474 |
++ struct work_struct timeout_work; |
| 475 |
+ const struct fs_ops *ops; |
| 476 |
+ int rx_ring, tx_ring; |
| 477 |
+ dma_addr_t ring_mem_addr; |
| 478 |
+diff --git a/drivers/ptp/ptp_chardev.c b/drivers/ptp/ptp_chardev.c |
| 479 |
+index 51364621f77c..a421d6c551b6 100644 |
| 480 |
+--- a/drivers/ptp/ptp_chardev.c |
| 481 |
++++ b/drivers/ptp/ptp_chardev.c |
| 482 |
+@@ -24,6 +24,8 @@ |
| 483 |
+ #include <linux/slab.h> |
| 484 |
+ #include <linux/timekeeping.h> |
| 485 |
+ |
| 486 |
++#include <linux/nospec.h> |
| 487 |
++ |
| 488 |
+ #include "ptp_private.h" |
| 489 |
+ |
| 490 |
+ static int ptp_disable_pinfunc(struct ptp_clock_info *ops, |
| 491 |
+@@ -248,6 +250,7 @@ long ptp_ioctl(struct posix_clock *pc, unsigned int cmd, unsigned long arg) |
| 492 |
+ err = -EINVAL; |
| 493 |
+ break; |
| 494 |
+ } |
| 495 |
++ pin_index = array_index_nospec(pin_index, ops->n_pins); |
| 496 |
+ if (mutex_lock_interruptible(&ptp->pincfg_mux)) |
| 497 |
+ return -ERESTARTSYS; |
| 498 |
+ pd = ops->pin_config[pin_index]; |
| 499 |
+@@ -266,6 +269,7 @@ long ptp_ioctl(struct posix_clock *pc, unsigned int cmd, unsigned long arg) |
| 500 |
+ err = -EINVAL; |
| 501 |
+ break; |
| 502 |
+ } |
| 503 |
++ pin_index = array_index_nospec(pin_index, ops->n_pins); |
| 504 |
+ if (mutex_lock_interruptible(&ptp->pincfg_mux)) |
| 505 |
+ return -ERESTARTSYS; |
| 506 |
+ err = ptp_set_pinfunc(ptp, pin_index, pd.func, pd.chan); |
| 507 |
+diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c |
| 508 |
+index 9f6f402470ac..e41d00bc7e97 100644 |
| 509 |
+--- a/drivers/usb/class/cdc-acm.c |
| 510 |
++++ b/drivers/usb/class/cdc-acm.c |
| 511 |
+@@ -322,17 +322,17 @@ static void acm_process_notification(struct acm *acm, unsigned char *buf) |
| 512 |
+ |
| 513 |
+ if (difference & ACM_CTRL_DSR) |
| 514 |
+ acm->iocount.dsr++; |
| 515 |
+- if (difference & ACM_CTRL_BRK) |
| 516 |
+- acm->iocount.brk++; |
| 517 |
+- if (difference & ACM_CTRL_RI) |
| 518 |
+- acm->iocount.rng++; |
| 519 |
+ if (difference & ACM_CTRL_DCD) |
| 520 |
+ acm->iocount.dcd++; |
| 521 |
+- if (difference & ACM_CTRL_FRAMING) |
| 522 |
++ if (newctrl & ACM_CTRL_BRK) |
| 523 |
++ acm->iocount.brk++; |
| 524 |
++ if (newctrl & ACM_CTRL_RI) |
| 525 |
++ acm->iocount.rng++; |
| 526 |
++ if (newctrl & ACM_CTRL_FRAMING) |
| 527 |
+ acm->iocount.frame++; |
| 528 |
+- if (difference & ACM_CTRL_PARITY) |
| 529 |
++ if (newctrl & ACM_CTRL_PARITY) |
| 530 |
+ acm->iocount.parity++; |
| 531 |
+- if (difference & ACM_CTRL_OVERRUN) |
| 532 |
++ if (newctrl & ACM_CTRL_OVERRUN) |
| 533 |
+ acm->iocount.overrun++; |
| 534 |
+ spin_unlock(&acm->read_lock); |
| 535 |
+ |
| 536 |
+@@ -367,7 +367,6 @@ static void acm_ctrl_irq(struct urb *urb) |
| 537 |
+ case -ENOENT: |
| 538 |
+ case -ESHUTDOWN: |
| 539 |
+ /* this urb is terminated, clean up */ |
| 540 |
+- acm->nb_index = 0; |
| 541 |
+ dev_dbg(&acm->control->dev, |
| 542 |
+ "%s - urb shutting down with status: %d\n", |
| 543 |
+ __func__, status); |
| 544 |
+@@ -1655,6 +1654,7 @@ static int acm_pre_reset(struct usb_interface *intf) |
| 545 |
+ struct acm *acm = usb_get_intfdata(intf); |
| 546 |
+ |
| 547 |
+ clear_bit(EVENT_RX_STALL, &acm->flags); |
| 548 |
++ acm->nb_index = 0; /* pending control transfers are lost */ |
| 549 |
+ |
| 550 |
+ return 0; |
| 551 |
+ } |
| 552 |
+diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c |
| 553 |
+index 76cb9b3649b4..492977f78fde 100644 |
| 554 |
+--- a/drivers/usb/core/devio.c |
| 555 |
++++ b/drivers/usb/core/devio.c |
| 556 |
+@@ -1491,8 +1491,6 @@ static int proc_do_submiturb(struct usb_dev_state *ps, struct usbdevfs_urb *uurb |
| 557 |
+ u = 0; |
| 558 |
+ switch (uurb->type) { |
| 559 |
+ case USBDEVFS_URB_TYPE_CONTROL: |
| 560 |
+- if (is_in) |
| 561 |
+- allow_short = true; |
| 562 |
+ if (!usb_endpoint_xfer_control(&ep->desc)) |
| 563 |
+ return -EINVAL; |
| 564 |
+ /* min 8 byte setup packet */ |
| 565 |
+@@ -1522,6 +1520,8 @@ static int proc_do_submiturb(struct usb_dev_state *ps, struct usbdevfs_urb *uurb |
| 566 |
+ is_in = 0; |
| 567 |
+ uurb->endpoint &= ~USB_DIR_IN; |
| 568 |
+ } |
| 569 |
++ if (is_in) |
| 570 |
++ allow_short = true; |
| 571 |
+ snoop(&ps->dev->dev, "control urb: bRequestType=%02x " |
| 572 |
+ "bRequest=%02x wValue=%04x " |
| 573 |
+ "wIndex=%04x wLength=%04x\n", |
| 574 |
+diff --git a/drivers/usb/gadget/function/f_mass_storage.c b/drivers/usb/gadget/function/f_mass_storage.c |
| 575 |
+index 5153e29870c3..25ba30329533 100644 |
| 576 |
+--- a/drivers/usb/gadget/function/f_mass_storage.c |
| 577 |
++++ b/drivers/usb/gadget/function/f_mass_storage.c |
| 578 |
+@@ -221,6 +221,8 @@ |
| 579 |
+ #include <linux/usb/gadget.h> |
| 580 |
+ #include <linux/usb/composite.h> |
| 581 |
+ |
| 582 |
++#include <linux/nospec.h> |
| 583 |
++ |
| 584 |
+ #include "configfs.h" |
| 585 |
+ |
| 586 |
+ |
| 587 |
+@@ -3170,6 +3172,7 @@ static struct config_group *fsg_lun_make(struct config_group *group, |
| 588 |
+ fsg_opts = to_fsg_opts(&group->cg_item); |
| 589 |
+ if (num >= FSG_MAX_LUNS) |
| 590 |
+ return ERR_PTR(-ERANGE); |
| 591 |
++ num = array_index_nospec(num, FSG_MAX_LUNS); |
| 592 |
+ |
| 593 |
+ mutex_lock(&fsg_opts->lock); |
| 594 |
+ if (fsg_opts->refcnt || fsg_opts->common->luns[num]) { |
| 595 |
+diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c |
| 596 |
+index 0600dadd6a0c..392fddc80c44 100644 |
| 597 |
+--- a/drivers/usb/serial/option.c |
| 598 |
++++ b/drivers/usb/serial/option.c |
| 599 |
+@@ -564,6 +564,9 @@ static void option_instat_callback(struct urb *urb); |
| 600 |
+ /* Interface is reserved */ |
| 601 |
+ #define RSVD(ifnum) ((BIT(ifnum) & 0xff) << 0) |
| 602 |
+ |
| 603 |
++/* Interface must have two endpoints */ |
| 604 |
++#define NUMEP2 BIT(16) |
| 605 |
++ |
| 606 |
+ |
| 607 |
+ static const struct usb_device_id option_ids[] = { |
| 608 |
+ { USB_DEVICE(OPTION_VENDOR_ID, OPTION_PRODUCT_COLT) }, |
| 609 |
+@@ -1084,8 +1087,9 @@ static const struct usb_device_id option_ids[] = { |
| 610 |
+ .driver_info = RSVD(4) }, |
| 611 |
+ { USB_DEVICE(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_BG96), |
| 612 |
+ .driver_info = RSVD(4) }, |
| 613 |
+- { USB_DEVICE(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_EP06), |
| 614 |
+- .driver_info = RSVD(4) | RSVD(5) }, |
| 615 |
++ { USB_DEVICE_AND_INTERFACE_INFO(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_EP06, 0xff, 0xff, 0xff), |
| 616 |
++ .driver_info = RSVD(1) | RSVD(2) | RSVD(3) | RSVD(4) | NUMEP2 }, |
| 617 |
++ { USB_DEVICE_AND_INTERFACE_INFO(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_EP06, 0xff, 0, 0) }, |
| 618 |
+ { USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_6001) }, |
| 619 |
+ { USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_CMU_300) }, |
| 620 |
+ { USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_6003), |
| 621 |
+@@ -2010,6 +2014,13 @@ static int option_probe(struct usb_serial *serial, |
| 622 |
+ iface_desc->bInterfaceClass != USB_CLASS_CDC_DATA) |
| 623 |
+ return -ENODEV; |
| 624 |
+ |
| 625 |
++ /* |
| 626 |
++ * Allow matching on bNumEndpoints for devices whose interface numbers |
| 627 |
++ * can change (e.g. Quectel EP06). |
| 628 |
++ */ |
| 629 |
++ if (device_flags & NUMEP2 && iface_desc->bNumEndpoints != 2) |
| 630 |
++ return -ENODEV; |
| 631 |
++ |
| 632 |
+ /* Store the device flags so we can use them during attach. */ |
| 633 |
+ usb_set_serial_data(serial, (void *)device_flags); |
| 634 |
+ |
| 635 |
+diff --git a/drivers/usb/usbip/vhci_hcd.c b/drivers/usb/usbip/vhci_hcd.c |
| 636 |
+index 05aa1ba351b6..84e2d7edaa5c 100644 |
| 637 |
+--- a/drivers/usb/usbip/vhci_hcd.c |
| 638 |
++++ b/drivers/usb/usbip/vhci_hcd.c |
| 639 |
+@@ -332,8 +332,9 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 640 |
+ struct vhci_hcd *vhci_hcd; |
| 641 |
+ struct vhci *vhci; |
| 642 |
+ int retval = 0; |
| 643 |
+- int rhport; |
| 644 |
++ int rhport = -1; |
| 645 |
+ unsigned long flags; |
| 646 |
++ bool invalid_rhport = false; |
| 647 |
+ |
| 648 |
+ u32 prev_port_status[VHCI_HC_PORTS]; |
| 649 |
+ |
| 650 |
+@@ -348,9 +349,19 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 651 |
+ usbip_dbg_vhci_rh("typeReq %x wValue %x wIndex %x\n", typeReq, wValue, |
| 652 |
+ wIndex); |
| 653 |
+ |
| 654 |
+- if (wIndex > VHCI_HC_PORTS) |
| 655 |
+- pr_err("invalid port number %d\n", wIndex); |
| 656 |
+- rhport = wIndex - 1; |
| 657 |
++ /* |
| 658 |
++ * wIndex can be 0 for some request types (typeReq). rhport is |
| 659 |
++ * in valid range when wIndex >= 1 and < VHCI_HC_PORTS. |
| 660 |
++ * |
| 661 |
++ * Reference port_status[] only with valid rhport when |
| 662 |
++ * invalid_rhport is false. |
| 663 |
++ */ |
| 664 |
++ if (wIndex < 1 || wIndex > VHCI_HC_PORTS) { |
| 665 |
++ invalid_rhport = true; |
| 666 |
++ if (wIndex > VHCI_HC_PORTS) |
| 667 |
++ pr_err("invalid port number %d\n", wIndex); |
| 668 |
++ } else |
| 669 |
++ rhport = wIndex - 1; |
| 670 |
+ |
| 671 |
+ vhci_hcd = hcd_to_vhci_hcd(hcd); |
| 672 |
+ vhci = vhci_hcd->vhci; |
| 673 |
+@@ -359,8 +370,9 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 674 |
+ |
| 675 |
+ /* store old status and compare now and old later */ |
| 676 |
+ if (usbip_dbg_flag_vhci_rh) { |
| 677 |
+- memcpy(prev_port_status, vhci_hcd->port_status, |
| 678 |
+- sizeof(prev_port_status)); |
| 679 |
++ if (!invalid_rhport) |
| 680 |
++ memcpy(prev_port_status, vhci_hcd->port_status, |
| 681 |
++ sizeof(prev_port_status)); |
| 682 |
+ } |
| 683 |
+ |
| 684 |
+ switch (typeReq) { |
| 685 |
+@@ -368,8 +380,10 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 686 |
+ usbip_dbg_vhci_rh(" ClearHubFeature\n"); |
| 687 |
+ break; |
| 688 |
+ case ClearPortFeature: |
| 689 |
+- if (rhport < 0) |
| 690 |
++ if (invalid_rhport) { |
| 691 |
++ pr_err("invalid port number %d\n", wIndex); |
| 692 |
+ goto error; |
| 693 |
++ } |
| 694 |
+ switch (wValue) { |
| 695 |
+ case USB_PORT_FEAT_SUSPEND: |
| 696 |
+ if (hcd->speed == HCD_USB3) { |
| 697 |
+@@ -429,9 +443,10 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 698 |
+ break; |
| 699 |
+ case GetPortStatus: |
| 700 |
+ usbip_dbg_vhci_rh(" GetPortStatus port %x\n", wIndex); |
| 701 |
+- if (wIndex < 1) { |
| 702 |
++ if (invalid_rhport) { |
| 703 |
+ pr_err("invalid port number %d\n", wIndex); |
| 704 |
+ retval = -EPIPE; |
| 705 |
++ goto error; |
| 706 |
+ } |
| 707 |
+ |
| 708 |
+ /* we do not care about resume. */ |
| 709 |
+@@ -527,16 +542,20 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 710 |
+ goto error; |
| 711 |
+ } |
| 712 |
+ |
| 713 |
+- if (rhport < 0) |
| 714 |
++ if (invalid_rhport) { |
| 715 |
++ pr_err("invalid port number %d\n", wIndex); |
| 716 |
+ goto error; |
| 717 |
++ } |
| 718 |
+ |
| 719 |
+ vhci_hcd->port_status[rhport] |= USB_PORT_STAT_SUSPEND; |
| 720 |
+ break; |
| 721 |
+ case USB_PORT_FEAT_POWER: |
| 722 |
+ usbip_dbg_vhci_rh( |
| 723 |
+ " SetPortFeature: USB_PORT_FEAT_POWER\n"); |
| 724 |
+- if (rhport < 0) |
| 725 |
++ if (invalid_rhport) { |
| 726 |
++ pr_err("invalid port number %d\n", wIndex); |
| 727 |
+ goto error; |
| 728 |
++ } |
| 729 |
+ if (hcd->speed == HCD_USB3) |
| 730 |
+ vhci_hcd->port_status[rhport] |= USB_SS_PORT_STAT_POWER; |
| 731 |
+ else |
| 732 |
+@@ -545,8 +564,10 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 733 |
+ case USB_PORT_FEAT_BH_PORT_RESET: |
| 734 |
+ usbip_dbg_vhci_rh( |
| 735 |
+ " SetPortFeature: USB_PORT_FEAT_BH_PORT_RESET\n"); |
| 736 |
+- if (rhport < 0) |
| 737 |
++ if (invalid_rhport) { |
| 738 |
++ pr_err("invalid port number %d\n", wIndex); |
| 739 |
+ goto error; |
| 740 |
++ } |
| 741 |
+ /* Applicable only for USB3.0 hub */ |
| 742 |
+ if (hcd->speed != HCD_USB3) { |
| 743 |
+ pr_err("USB_PORT_FEAT_BH_PORT_RESET req not " |
| 744 |
+@@ -557,8 +578,10 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 745 |
+ case USB_PORT_FEAT_RESET: |
| 746 |
+ usbip_dbg_vhci_rh( |
| 747 |
+ " SetPortFeature: USB_PORT_FEAT_RESET\n"); |
| 748 |
+- if (rhport < 0) |
| 749 |
++ if (invalid_rhport) { |
| 750 |
++ pr_err("invalid port number %d\n", wIndex); |
| 751 |
+ goto error; |
| 752 |
++ } |
| 753 |
+ /* if it's already enabled, disable */ |
| 754 |
+ if (hcd->speed == HCD_USB3) { |
| 755 |
+ vhci_hcd->port_status[rhport] = 0; |
| 756 |
+@@ -579,8 +602,10 @@ static int vhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, |
| 757 |
+ default: |
| 758 |
+ usbip_dbg_vhci_rh(" SetPortFeature: default %d\n", |
| 759 |
+ wValue); |
| 760 |
+- if (rhport < 0) |
| 761 |
++ if (invalid_rhport) { |
| 762 |
++ pr_err("invalid port number %d\n", wIndex); |
| 763 |
+ goto error; |
| 764 |
++ } |
| 765 |
+ if (hcd->speed == HCD_USB3) { |
| 766 |
+ if ((vhci_hcd->port_status[rhport] & |
| 767 |
+ USB_SS_PORT_STAT_POWER) != 0) { |
| 768 |
+@@ -622,7 +647,7 @@ error: |
| 769 |
+ if (usbip_dbg_flag_vhci_rh) { |
| 770 |
+ pr_debug("port %d\n", rhport); |
| 771 |
+ /* Only dump valid port status */ |
| 772 |
+- if (rhport >= 0) { |
| 773 |
++ if (!invalid_rhport) { |
| 774 |
+ dump_port_status_diff(prev_port_status[rhport], |
| 775 |
+ vhci_hcd->port_status[rhport], |
| 776 |
+ hcd->speed == HCD_USB3); |
| 777 |
+@@ -632,8 +657,10 @@ error: |
| 778 |
+ |
| 779 |
+ spin_unlock_irqrestore(&vhci->lock, flags); |
| 780 |
+ |
| 781 |
+- if ((vhci_hcd->port_status[rhport] & PORT_C_MASK) != 0) |
| 782 |
++ if (!invalid_rhport && |
| 783 |
++ (vhci_hcd->port_status[rhport] & PORT_C_MASK) != 0) { |
| 784 |
+ usb_hcd_poll_rh_status(hcd); |
| 785 |
++ } |
| 786 |
+ |
| 787 |
+ return retval; |
| 788 |
+ } |
| 789 |
+diff --git a/fs/cachefiles/namei.c b/fs/cachefiles/namei.c |
| 790 |
+index 5f2f67d220fa..f6ed795f4af6 100644 |
| 791 |
+--- a/fs/cachefiles/namei.c |
| 792 |
++++ b/fs/cachefiles/namei.c |
| 793 |
+@@ -340,7 +340,7 @@ try_again: |
| 794 |
+ trap = lock_rename(cache->graveyard, dir); |
| 795 |
+ |
| 796 |
+ /* do some checks before getting the grave dentry */ |
| 797 |
+- if (rep->d_parent != dir) { |
| 798 |
++ if (rep->d_parent != dir || IS_DEADDIR(d_inode(rep))) { |
| 799 |
+ /* the entry was probably culled when we dropped the parent dir |
| 800 |
+ * lock */ |
| 801 |
+ unlock_rename(cache->graveyard, dir); |
| 802 |
+diff --git a/fs/ioctl.c b/fs/ioctl.c |
| 803 |
+index 5ace7efb0d04..9db5ddaf7ef0 100644 |
| 804 |
+--- a/fs/ioctl.c |
| 805 |
++++ b/fs/ioctl.c |
| 806 |
+@@ -229,7 +229,7 @@ static long ioctl_file_clone(struct file *dst_file, unsigned long srcfd, |
| 807 |
+ ret = -EXDEV; |
| 808 |
+ if (src_file.file->f_path.mnt != dst_file->f_path.mnt) |
| 809 |
+ goto fdput; |
| 810 |
+- ret = do_clone_file_range(src_file.file, off, dst_file, destoff, olen); |
| 811 |
++ ret = vfs_clone_file_range(src_file.file, off, dst_file, destoff, olen); |
| 812 |
+ fdput: |
| 813 |
+ fdput(src_file); |
| 814 |
+ return ret; |
| 815 |
+diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c |
| 816 |
+index a3c9bfa77def..f55527ef21e8 100644 |
| 817 |
+--- a/fs/nfsd/vfs.c |
| 818 |
++++ b/fs/nfsd/vfs.c |
| 819 |
+@@ -541,7 +541,8 @@ __be32 nfsd4_set_nfs4_label(struct svc_rqst *rqstp, struct svc_fh *fhp, |
| 820 |
+ __be32 nfsd4_clone_file_range(struct file *src, u64 src_pos, struct file *dst, |
| 821 |
+ u64 dst_pos, u64 count) |
| 822 |
+ { |
| 823 |
+- return nfserrno(do_clone_file_range(src, src_pos, dst, dst_pos, count)); |
| 824 |
++ return nfserrno(vfs_clone_file_range(src, src_pos, dst, dst_pos, |
| 825 |
++ count)); |
| 826 |
+ } |
| 827 |
+ |
| 828 |
+ ssize_t nfsd_copy_file_range(struct file *src, u64 src_pos, struct file *dst, |
| 829 |
+diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c |
| 830 |
+index d76c81323dc1..2bc61e7543dd 100644 |
| 831 |
+--- a/fs/notify/fsnotify.c |
| 832 |
++++ b/fs/notify/fsnotify.c |
| 833 |
+@@ -286,17 +286,13 @@ int fsnotify(struct inode *to_tell, __u32 mask, const void *data, int data_is, |
| 834 |
+ |
| 835 |
+ iter_info.srcu_idx = srcu_read_lock(&fsnotify_mark_srcu); |
| 836 |
+ |
| 837 |
+- if ((mask & FS_MODIFY) || |
| 838 |
+- (test_mask & to_tell->i_fsnotify_mask)) { |
| 839 |
+- inode_conn = srcu_dereference(to_tell->i_fsnotify_marks, |
| 840 |
++ inode_conn = srcu_dereference(to_tell->i_fsnotify_marks, |
| 841 |
++ &fsnotify_mark_srcu); |
| 842 |
++ if (inode_conn) |
| 843 |
++ inode_node = srcu_dereference(inode_conn->list.first, |
| 844 |
+ &fsnotify_mark_srcu); |
| 845 |
+- if (inode_conn) |
| 846 |
+- inode_node = srcu_dereference(inode_conn->list.first, |
| 847 |
+- &fsnotify_mark_srcu); |
| 848 |
+- } |
| 849 |
+ |
| 850 |
+- if (mnt && ((mask & FS_MODIFY) || |
| 851 |
+- (test_mask & mnt->mnt_fsnotify_mask))) { |
| 852 |
++ if (mnt) { |
| 853 |
+ inode_conn = srcu_dereference(to_tell->i_fsnotify_marks, |
| 854 |
+ &fsnotify_mark_srcu); |
| 855 |
+ if (inode_conn) |
| 856 |
+diff --git a/fs/overlayfs/copy_up.c b/fs/overlayfs/copy_up.c |
| 857 |
+index c441f9387a1b..321eae740148 100644 |
| 858 |
+--- a/fs/overlayfs/copy_up.c |
| 859 |
++++ b/fs/overlayfs/copy_up.c |
| 860 |
+@@ -157,7 +157,7 @@ static int ovl_copy_up_data(struct path *old, struct path *new, loff_t len) |
| 861 |
+ } |
| 862 |
+ |
| 863 |
+ /* Try to use clone_file_range to clone up within the same fs */ |
| 864 |
+- error = vfs_clone_file_range(old_file, 0, new_file, 0, len); |
| 865 |
++ error = do_clone_file_range(old_file, 0, new_file, 0, len); |
| 866 |
+ if (!error) |
| 867 |
+ goto out; |
| 868 |
+ /* Couldn't clone, so now we try to copy the data */ |
| 869 |
+diff --git a/fs/read_write.c b/fs/read_write.c |
| 870 |
+index 0046d72efe94..57a00ef895b2 100644 |
| 871 |
+--- a/fs/read_write.c |
| 872 |
++++ b/fs/read_write.c |
| 873 |
+@@ -1812,8 +1812,8 @@ int vfs_clone_file_prep_inodes(struct inode *inode_in, loff_t pos_in, |
| 874 |
+ } |
| 875 |
+ EXPORT_SYMBOL(vfs_clone_file_prep_inodes); |
| 876 |
+ |
| 877 |
+-int vfs_clone_file_range(struct file *file_in, loff_t pos_in, |
| 878 |
+- struct file *file_out, loff_t pos_out, u64 len) |
| 879 |
++int do_clone_file_range(struct file *file_in, loff_t pos_in, |
| 880 |
++ struct file *file_out, loff_t pos_out, u64 len) |
| 881 |
+ { |
| 882 |
+ struct inode *inode_in = file_inode(file_in); |
| 883 |
+ struct inode *inode_out = file_inode(file_out); |
| 884 |
+@@ -1860,6 +1860,19 @@ int vfs_clone_file_range(struct file *file_in, loff_t pos_in, |
| 885 |
+ |
| 886 |
+ return ret; |
| 887 |
+ } |
| 888 |
++EXPORT_SYMBOL(do_clone_file_range); |
| 889 |
++ |
| 890 |
++int vfs_clone_file_range(struct file *file_in, loff_t pos_in, |
| 891 |
++ struct file *file_out, loff_t pos_out, u64 len) |
| 892 |
++{ |
| 893 |
++ int ret; |
| 894 |
++ |
| 895 |
++ file_start_write(file_out); |
| 896 |
++ ret = do_clone_file_range(file_in, pos_in, file_out, pos_out, len); |
| 897 |
++ file_end_write(file_out); |
| 898 |
++ |
| 899 |
++ return ret; |
| 900 |
++} |
| 901 |
+ EXPORT_SYMBOL(vfs_clone_file_range); |
| 902 |
+ |
| 903 |
+ /* |
| 904 |
+diff --git a/fs/xfs/libxfs/xfs_trans_resv.c b/fs/xfs/libxfs/xfs_trans_resv.c |
| 905 |
+index 6bd916bd35e2..48eff18c5496 100644 |
| 906 |
+--- a/fs/xfs/libxfs/xfs_trans_resv.c |
| 907 |
++++ b/fs/xfs/libxfs/xfs_trans_resv.c |
| 908 |
+@@ -232,8 +232,6 @@ xfs_calc_write_reservation( |
| 909 |
+ * the super block to reflect the freed blocks: sector size |
| 910 |
+ * worst case split in allocation btrees per extent assuming 4 extents: |
| 911 |
+ * 4 exts * 2 trees * (2 * max depth - 1) * block size |
| 912 |
+- * the inode btree: max depth * blocksize |
| 913 |
+- * the allocation btrees: 2 trees * (max depth - 1) * block size |
| 914 |
+ */ |
| 915 |
+ STATIC uint |
| 916 |
+ xfs_calc_itruncate_reservation( |
| 917 |
+@@ -245,12 +243,7 @@ xfs_calc_itruncate_reservation( |
| 918 |
+ XFS_FSB_TO_B(mp, 1))), |
| 919 |
+ (xfs_calc_buf_res(9, mp->m_sb.sb_sectsize) + |
| 920 |
+ xfs_calc_buf_res(xfs_allocfree_log_count(mp, 4), |
| 921 |
+- XFS_FSB_TO_B(mp, 1)) + |
| 922 |
+- xfs_calc_buf_res(5, 0) + |
| 923 |
+- xfs_calc_buf_res(xfs_allocfree_log_count(mp, 1), |
| 924 |
+- XFS_FSB_TO_B(mp, 1)) + |
| 925 |
+- xfs_calc_buf_res(2 + mp->m_ialloc_blks + |
| 926 |
+- mp->m_in_maxlevels, 0))); |
| 927 |
++ XFS_FSB_TO_B(mp, 1)))); |
| 928 |
+ } |
| 929 |
+ |
| 930 |
+ /* |
| 931 |
+diff --git a/include/drm/drm_edid.h b/include/drm/drm_edid.h |
| 932 |
+index a992434ded99..267e0426c479 100644 |
| 933 |
+--- a/include/drm/drm_edid.h |
| 934 |
++++ b/include/drm/drm_edid.h |
| 935 |
+@@ -214,9 +214,9 @@ struct detailed_timing { |
| 936 |
+ #define DRM_EDID_HDMI_DC_Y444 (1 << 3) |
| 937 |
+ |
| 938 |
+ /* YCBCR 420 deep color modes */ |
| 939 |
+-#define DRM_EDID_YCBCR420_DC_48 (1 << 6) |
| 940 |
+-#define DRM_EDID_YCBCR420_DC_36 (1 << 5) |
| 941 |
+-#define DRM_EDID_YCBCR420_DC_30 (1 << 4) |
| 942 |
++#define DRM_EDID_YCBCR420_DC_48 (1 << 2) |
| 943 |
++#define DRM_EDID_YCBCR420_DC_36 (1 << 1) |
| 944 |
++#define DRM_EDID_YCBCR420_DC_30 (1 << 0) |
| 945 |
+ #define DRM_EDID_YCBCR420_DC_MASK (DRM_EDID_YCBCR420_DC_48 | \ |
| 946 |
+ DRM_EDID_YCBCR420_DC_36 | \ |
| 947 |
+ DRM_EDID_YCBCR420_DC_30) |
| 948 |
+diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h |
| 949 |
+index 73bec75b74c8..a3333004fd2b 100644 |
| 950 |
+--- a/include/linux/bpf_verifier.h |
| 951 |
++++ b/include/linux/bpf_verifier.h |
| 952 |
+@@ -50,6 +50,9 @@ struct bpf_reg_state { |
| 953 |
+ * PTR_TO_MAP_VALUE_OR_NULL |
| 954 |
+ */ |
| 955 |
+ struct bpf_map *map_ptr; |
| 956 |
++ |
| 957 |
++ /* Max size from any of the above. */ |
| 958 |
++ unsigned long raw; |
| 959 |
+ }; |
| 960 |
+ /* Fixed part of pointer offset, pointer types only */ |
| 961 |
+ s32 off; |
| 962 |
+diff --git a/include/linux/fs.h b/include/linux/fs.h |
| 963 |
+index cc613f20e5a6..7374639f0aa0 100644 |
| 964 |
+--- a/include/linux/fs.h |
| 965 |
++++ b/include/linux/fs.h |
| 966 |
+@@ -1792,8 +1792,10 @@ extern ssize_t vfs_copy_file_range(struct file *, loff_t , struct file *, |
| 967 |
+ extern int vfs_clone_file_prep_inodes(struct inode *inode_in, loff_t pos_in, |
| 968 |
+ struct inode *inode_out, loff_t pos_out, |
| 969 |
+ u64 *len, bool is_dedupe); |
| 970 |
++extern int do_clone_file_range(struct file *file_in, loff_t pos_in, |
| 971 |
++ struct file *file_out, loff_t pos_out, u64 len); |
| 972 |
+ extern int vfs_clone_file_range(struct file *file_in, loff_t pos_in, |
| 973 |
+- struct file *file_out, loff_t pos_out, u64 len); |
| 974 |
++ struct file *file_out, loff_t pos_out, u64 len); |
| 975 |
+ extern int vfs_dedupe_file_range_compare(struct inode *src, loff_t srcoff, |
| 976 |
+ struct inode *dest, loff_t destoff, |
| 977 |
+ loff_t len, bool *is_same); |
| 978 |
+@@ -2712,19 +2714,6 @@ static inline void file_end_write(struct file *file) |
| 979 |
+ __sb_end_write(file_inode(file)->i_sb, SB_FREEZE_WRITE); |
| 980 |
+ } |
| 981 |
+ |
| 982 |
+-static inline int do_clone_file_range(struct file *file_in, loff_t pos_in, |
| 983 |
+- struct file *file_out, loff_t pos_out, |
| 984 |
+- u64 len) |
| 985 |
+-{ |
| 986 |
+- int ret; |
| 987 |
+- |
| 988 |
+- file_start_write(file_out); |
| 989 |
+- ret = vfs_clone_file_range(file_in, pos_in, file_out, pos_out, len); |
| 990 |
+- file_end_write(file_out); |
| 991 |
+- |
| 992 |
+- return ret; |
| 993 |
+-} |
| 994 |
+- |
| 995 |
+ /* |
| 996 |
+ * get_write_access() gets write permission for a file. |
| 997 |
+ * put_write_access() releases this write permission. |
| 998 |
+diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c |
| 999 |
+index a0ffc62e7677..013b0cd1958e 100644 |
| 1000 |
+--- a/kernel/bpf/verifier.c |
| 1001 |
++++ b/kernel/bpf/verifier.c |
| 1002 |
+@@ -1935,7 +1935,7 @@ static int adjust_ptr_min_max_vals(struct bpf_verifier_env *env, |
| 1003 |
+ dst_reg->umax_value = umax_ptr; |
| 1004 |
+ dst_reg->var_off = ptr_reg->var_off; |
| 1005 |
+ dst_reg->off = ptr_reg->off + smin_val; |
| 1006 |
+- dst_reg->range = ptr_reg->range; |
| 1007 |
++ dst_reg->raw = ptr_reg->raw; |
| 1008 |
+ break; |
| 1009 |
+ } |
| 1010 |
+ /* A new variable offset is created. Note that off_reg->off |
| 1011 |
+@@ -1965,10 +1965,11 @@ static int adjust_ptr_min_max_vals(struct bpf_verifier_env *env, |
| 1012 |
+ } |
| 1013 |
+ dst_reg->var_off = tnum_add(ptr_reg->var_off, off_reg->var_off); |
| 1014 |
+ dst_reg->off = ptr_reg->off; |
| 1015 |
++ dst_reg->raw = ptr_reg->raw; |
| 1016 |
+ if (ptr_reg->type == PTR_TO_PACKET) { |
| 1017 |
+ dst_reg->id = ++env->id_gen; |
| 1018 |
+ /* something was added to pkt_ptr, set range to zero */ |
| 1019 |
+- dst_reg->range = 0; |
| 1020 |
++ dst_reg->raw = 0; |
| 1021 |
+ } |
| 1022 |
+ break; |
| 1023 |
+ case BPF_SUB: |
| 1024 |
+@@ -1999,7 +2000,7 @@ static int adjust_ptr_min_max_vals(struct bpf_verifier_env *env, |
| 1025 |
+ dst_reg->var_off = ptr_reg->var_off; |
| 1026 |
+ dst_reg->id = ptr_reg->id; |
| 1027 |
+ dst_reg->off = ptr_reg->off - smin_val; |
| 1028 |
+- dst_reg->range = ptr_reg->range; |
| 1029 |
++ dst_reg->raw = ptr_reg->raw; |
| 1030 |
+ break; |
| 1031 |
+ } |
| 1032 |
+ /* A new variable offset is created. If the subtrahend is known |
| 1033 |
+@@ -2025,11 +2026,12 @@ static int adjust_ptr_min_max_vals(struct bpf_verifier_env *env, |
| 1034 |
+ } |
| 1035 |
+ dst_reg->var_off = tnum_sub(ptr_reg->var_off, off_reg->var_off); |
| 1036 |
+ dst_reg->off = ptr_reg->off; |
| 1037 |
++ dst_reg->raw = ptr_reg->raw; |
| 1038 |
+ if (ptr_reg->type == PTR_TO_PACKET) { |
| 1039 |
+ dst_reg->id = ++env->id_gen; |
| 1040 |
+ /* something was added to pkt_ptr, set range to zero */ |
| 1041 |
+ if (smin_val < 0) |
| 1042 |
+- dst_reg->range = 0; |
| 1043 |
++ dst_reg->raw = 0; |
| 1044 |
+ } |
| 1045 |
+ break; |
| 1046 |
+ case BPF_AND: |
| 1047 |
+diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c |
| 1048 |
+index b2d699f28304..19bfa21f7197 100644 |
| 1049 |
+--- a/kernel/sched/fair.c |
| 1050 |
++++ b/kernel/sched/fair.c |
| 1051 |
+@@ -4299,9 +4299,13 @@ static void throttle_cfs_rq(struct cfs_rq *cfs_rq) |
| 1052 |
+ |
| 1053 |
+ /* |
| 1054 |
+ * Add to the _head_ of the list, so that an already-started |
| 1055 |
+- * distribute_cfs_runtime will not see us |
| 1056 |
++ * distribute_cfs_runtime will not see us. If disribute_cfs_runtime is |
| 1057 |
++ * not running add to the tail so that later runqueues don't get starved. |
| 1058 |
+ */ |
| 1059 |
+- list_add_rcu(&cfs_rq->throttled_list, &cfs_b->throttled_cfs_rq); |
| 1060 |
++ if (cfs_b->distribute_running) |
| 1061 |
++ list_add_rcu(&cfs_rq->throttled_list, &cfs_b->throttled_cfs_rq); |
| 1062 |
++ else |
| 1063 |
++ list_add_tail_rcu(&cfs_rq->throttled_list, &cfs_b->throttled_cfs_rq); |
| 1064 |
+ |
| 1065 |
+ /* |
| 1066 |
+ * If we're the first throttled task, make sure the bandwidth |
| 1067 |
+@@ -4445,14 +4449,16 @@ static int do_sched_cfs_period_timer(struct cfs_bandwidth *cfs_b, int overrun) |
| 1068 |
+ * in us over-using our runtime if it is all used during this loop, but |
| 1069 |
+ * only by limited amounts in that extreme case. |
| 1070 |
+ */ |
| 1071 |
+- while (throttled && cfs_b->runtime > 0) { |
| 1072 |
++ while (throttled && cfs_b->runtime > 0 && !cfs_b->distribute_running) { |
| 1073 |
+ runtime = cfs_b->runtime; |
| 1074 |
++ cfs_b->distribute_running = 1; |
| 1075 |
+ raw_spin_unlock(&cfs_b->lock); |
| 1076 |
+ /* we can't nest cfs_b->lock while distributing bandwidth */ |
| 1077 |
+ runtime = distribute_cfs_runtime(cfs_b, runtime, |
| 1078 |
+ runtime_expires); |
| 1079 |
+ raw_spin_lock(&cfs_b->lock); |
| 1080 |
+ |
| 1081 |
++ cfs_b->distribute_running = 0; |
| 1082 |
+ throttled = !list_empty(&cfs_b->throttled_cfs_rq); |
| 1083 |
+ |
| 1084 |
+ cfs_b->runtime -= min(runtime, cfs_b->runtime); |
| 1085 |
+@@ -4563,6 +4569,11 @@ static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b) |
| 1086 |
+ |
| 1087 |
+ /* confirm we're still not at a refresh boundary */ |
| 1088 |
+ raw_spin_lock(&cfs_b->lock); |
| 1089 |
++ if (cfs_b->distribute_running) { |
| 1090 |
++ raw_spin_unlock(&cfs_b->lock); |
| 1091 |
++ return; |
| 1092 |
++ } |
| 1093 |
++ |
| 1094 |
+ if (runtime_refresh_within(cfs_b, min_bandwidth_expiration)) { |
| 1095 |
+ raw_spin_unlock(&cfs_b->lock); |
| 1096 |
+ return; |
| 1097 |
+@@ -4572,6 +4583,9 @@ static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b) |
| 1098 |
+ runtime = cfs_b->runtime; |
| 1099 |
+ |
| 1100 |
+ expires = cfs_b->runtime_expires; |
| 1101 |
++ if (runtime) |
| 1102 |
++ cfs_b->distribute_running = 1; |
| 1103 |
++ |
| 1104 |
+ raw_spin_unlock(&cfs_b->lock); |
| 1105 |
+ |
| 1106 |
+ if (!runtime) |
| 1107 |
+@@ -4582,6 +4596,7 @@ static void do_sched_cfs_slack_timer(struct cfs_bandwidth *cfs_b) |
| 1108 |
+ raw_spin_lock(&cfs_b->lock); |
| 1109 |
+ if (expires == cfs_b->runtime_expires) |
| 1110 |
+ cfs_b->runtime -= min(runtime, cfs_b->runtime); |
| 1111 |
++ cfs_b->distribute_running = 0; |
| 1112 |
+ raw_spin_unlock(&cfs_b->lock); |
| 1113 |
+ } |
| 1114 |
+ |
| 1115 |
+@@ -4690,6 +4705,7 @@ void init_cfs_bandwidth(struct cfs_bandwidth *cfs_b) |
| 1116 |
+ cfs_b->period_timer.function = sched_cfs_period_timer; |
| 1117 |
+ hrtimer_init(&cfs_b->slack_timer, CLOCK_MONOTONIC, HRTIMER_MODE_REL); |
| 1118 |
+ cfs_b->slack_timer.function = sched_cfs_slack_timer; |
| 1119 |
++ cfs_b->distribute_running = 0; |
| 1120 |
+ } |
| 1121 |
+ |
| 1122 |
+ static void init_cfs_rq_runtime(struct cfs_rq *cfs_rq) |
| 1123 |
+diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h |
| 1124 |
+index b29376169f3f..63d999dfec80 100644 |
| 1125 |
+--- a/kernel/sched/sched.h |
| 1126 |
++++ b/kernel/sched/sched.h |
| 1127 |
+@@ -288,6 +288,8 @@ struct cfs_bandwidth { |
| 1128 |
+ /* statistics */ |
| 1129 |
+ int nr_periods, nr_throttled; |
| 1130 |
+ u64 throttled_time; |
| 1131 |
++ |
| 1132 |
++ bool distribute_running; |
| 1133 |
+ #endif |
| 1134 |
+ }; |
| 1135 |
+ |
Archives