Netdev notification events are de-registered only when all
client iwdev instances are removed. If a single client is closed
and re-opened, netdev events could arrive even before the Control
Queue-Pair (CQP) is created, causing a NULL pointer dereference crash
in i40iw_get_cqp_request. Fix this by allowing netdev event
notification only after we have reached the INET_NOTIFIER state with
respect to device initialization.
Reported-by: Stefan Assmann <sassmann@redhat.com>
Signed-off-by: Shiraz Saleem <shiraz.saleem@intel.com>
Reviewed-by: Yuval Shaia <yuval.shaia@oracle.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJY1HHOAAoJEAx081l5xIa+sDMP/0jQXO3oPsGP4ifxlzv0vwrk
JZD/CQZc66u65I7HLTFj1Yt5omxD0GpRPJ5JB75Ek9gTXuVDHDUCHgisKDtm4LWN
IX+xmgzJxTtSN+T8S07TKlkGlqjNgwSUNnH0npJOKBkuVLOUfYudEKGi8RA0VoR3
owaMqWyQMy0SyREyl1rW3yDazYP47tNWm6XubIoDu3Y9Op3gsEPzk1hV8qNhL4KA
cKmvinlO53Pt6PHRPONjFJvLhXJOa8IpPltQuk2bC4rdbNzavj2w/EUJvUWNte+N
pLlSCLa7QWlAzwDyFzQSDIAu11IU6oHiI+zERLEZ3Rqj0F0W76HLH0KmJtGf8FIh
6sKsIFYV4F5xVFxNgds1ccrjTEcmntK1l+0tyuNdQ9vw0PnYPPXbN5ljV6kGyyFz
H4uvcYNQSA3RwfjonDspbI0attA/BX7WH0sfS+YDFLTuelORY25J3aZeRZ82fBcz
tfCkBW9BLIAalXdRGds/BWYUtY4SaX+xF4Tfzgpak5IhixBSgZXIwG8kMDJWW2qv
5QMOHrhDNiH31XwjCk2Ccb+KEUTk2HgeLbznrUUNOSWKZ/QylfGQKYpmJfD0kGst
skqBHhPpqbQQYZsoH0U0PBG7py6icw27DZFCmBV3x2V8yYoM/68+lWiD05QRKYp2
SLPB9DrJJTcVCQUBn9SS
=M2BT
-----END PGP SIGNATURE-----
Merge tag 'drm-fixes-for-v4.11-rc4' of git://people.freedesktop.org/~airlied/linux
Pull drm fixes from Dave Airlie:
- one core drm/fbdev regression fix
- a set of i915 fixes including a few GVT related fixes, along with
some reset fixes
- one new PCI id for amdgpu, and some minor workaround regression
fixes
- .. and a set of exynos fixes, dropping support for an old unsupported
SoC, some vblank timing fixes, and an info leak fix
* tag 'drm-fixes-for-v4.11-rc4' of git://people.freedesktop.org/~airlied/linux: (34 commits)
drm/fb-helper: Allow var->x/yres(_virtual) < fb->width/height again
drm/i915: make context status notifier head be per engine
drm/i915: Avoid rcu_barrier() from reclaim paths (shrinker)
drm/exynos/dsi: make te-gpios optional
drm/exynos: Print kernel pointers in a restricted form
drm/exynos/decon5433: fix software trigger mask
drm/exynos/fimd: signal frame done interrupt at front porch
drm/exynos/decon5433: signal frame done interrupt at front porch
drm/exynos/decon5433: fix vblank event handling
drm/exynos: move crtc event handling to drivers callbacks
drm/exynos: Remove support for Exynos4415 (SoC not supported anymore)
drm/exynos/decon5433: & vs | typo
drm/amd/amdgpu: add POLARIS12 PCI ID
drm/i915/gvt: Fix gvt scheduler interval time
drm/i915/gvt: GVT pin/unpin shadow context
drm/i915/gvt: scan shadow indirect context image when valid
drm/i915/kvmgt: fix suspicious rcu dereference usage
drm/i915/gvt: add enable_execlists check before enable gvt
drm/i915/gvt: Remove bogus retry around i915_wait_request
drm/i915/gvt: correct the ggtt valid bit check in pipe control command
...
The clock needs to be stored in the simple_dai structure, so it can
be enabled later on. This has been broken during the conversion to use
devm_* functions for the clk lookup.
Fixes: e984fd61e8 (ASoC: simple-card: use devm_get_clk_from_child())
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Acked-by: Kuninori Morimoto <kuninori.morimoto.gx@renesas.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
reader->substream is used in IRQ handler for error case but is never set.
Set value to pcm substream on DAI startup and clean it on dai shutdown.
Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@st.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
please pull the following:
- Jon adds missing "dma-coherent" property to the Northstar 2 DTS include file
in order to fix both performance and cache problems for: PCIe, Ethernet,
PDC/mailbox, SATA3 and SDHCI
-----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJY0rXOAAoJEIfQlpxEBwcEcCwQAI6nyawZL32CW5cRKcDqHeVG
l7bZJEdfcYA6TojvIGhdWh4VGSb2sLJsB7cU+eAtdHxI55sp1YR1HMEv5GBNthiq
JKtwnVKWpaM6lbJGJnQwvGCzrGWSIXJH7KjPHh+Krb8ZV7GWQiJ3neEe3jh7Pp5u
KEWIin22AowWo/5Hk8reEOoei9E+zer6Bo8YI2SVQ426epXnCocHzfaVIMq28310
xzlhR8xFACoJTPJBJ8keyjL/9UYoge4Q1PM4VH89ti3juF4ELNGJP2yZyTbXWjOg
gHDbQ13KWxE6xvCZbRLkiyBkIL5MZ8xKsP6ePqFtNU4STnPvnenWoEpBuY+8+lmz
YOCoWf+TzyfvFV6BsnbnvBPE09tzeqtY43+kLOAsizqPY1+MzflDNW1MLBKRzQBV
yGI6NhNB8wgKtCrYAGAd4O+Mb1GkGigw/C7l+/L68aBNqwy3pfPEM1zkobX7sBUi
T+CjYQoF5ZUNx+p6cQfZFnr7ygC/iUyo7jODY9fTbCQ51PiTw1uMcOUmaV2DbQ2T
Fq4jZRTVRubzBlCTNG1hRPqycGoXzjRS/uGKOLX5+XqRNKUBfFzy+XNoGqRlSO9n
E6ef1ZbCO5GwxG6otgmlARHgCigSusKvfccQ9WWcB+1CegeCFSbyG1YzYkhQZ281
te/nPRCmU/Uq0YvUoogd
=5KXs
-----END PGP SIGNATURE-----
Merge tag 'arm-soc/for-4.11/devicetree-arm64-fixes' of http://github.com/Broadcom/stblinux into fixes
Pull "Broadcom arm64 Device Tree fixes for 4.11" from Florian Fainelli:
This pull request contains Broadcom ARM64-based SoCs Device Tree fixes for 4.11,
please pull the following:
- Jon adds missing "dma-coherent" property to the Northstar 2 DTS include file
in order to fix both performance and cache problems for: PCIe, Ethernet,
PDC/mailbox, SATA3 and SDHCI
* tag 'arm-soc/for-4.11/devicetree-arm64-fixes' of http://github.com/Broadcom/stblinux:
arm64: dts: NS2: Add dma-coherent to relevant DT entries
please pull the following:
- Jon fixes a reboot issue on most Northstar Plus platforms by adding the
"open-source" property to the "gpio-restart" Device Tree nodes
-----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJY0rfzAAoJEIfQlpxEBwcEzCAQALNT1HOloxI7D+Ki1w5/ANum
IsZIfzffFV/gJW1tZDhbLnNcPU+H8W9hGi3veAOihlbJSMHkEV5ECYzx9CImwLyg
0le6H68w4eZwJQ4ZCyyu3qXPjhic6v3Dtzw2nqvWytRAbcyGh8k8z6riVRucCXJU
wvzjARTga1u2UffvVsQEw6o7MQE0B+1KcqGh+g069IQVQzTjTxPGOvQF2hfqabUt
45x2w5wlUKGX+SodqweDzFQu1tKErjkt8EH5zvqjeMRGFxHaDFXw4FuRWrkzp9ic
gE+3d/IuHxYivNsPg90y029e+ihTTxPfT1cLRJkN7kbzBKYngH+/T1HLb7EFJbcO
/haqnevKaWp3MCwkpH4LDQ3akKIaZvbo16qdxCNvQ80biTwHqOo5e+roMyk9Y9Ka
vYw22yW0LfeRHPnkQBIBOwS9b31r2D9FePKRrkNFZXy0247w0TW4lSUovvnIdwTq
awBBBkTS56ovnjmU08/72DVj4JE2/3mwqkYHUfEXls4RA8oYF4maHSEZI/FF16/2
YiMVE9fBaRjLKXthxuVaMsGUz94QR2W9gaOq8UV5E/ZM9YCckR+J28mhHehV+S2U
jsDv3iXgLpnYOnBqdoXLbcHr9QFx0OtItgACs3AlYP0SMmUryXrPdzVUY9cQBjJR
drXgohtIcxX1j0CHxDWf
=CKev
-----END PGP SIGNATURE-----
Merge tag 'arm-soc/for-4.11/devicetree-fixes-2' of http://github.com/Broadcom/stblinux into fixes
Pull "Broadcom arm Device Tree fixes for 4.11 (part 2)" from Florian Fainelli:
This pull request contains Broadcom ARM-based SoCs Device Tree fixes for 4.11,
please pull the following:
- Jon fixes a reboot issue on most Northstar Plus platforms by adding the
"open-source" property to the "gpio-restart" Device Tree nodes
* tag 'arm-soc/for-4.11/devicetree-fixes-2' of http://github.com/Broadcom/stblinux:
ARM: dts: NSP: GPIO reboot open-source
When a new event is queued while processing to resize the FIFO in
snd_seq_fifo_clear(), it may lead to a use-after-free, as the old pool
that is being queued gets removed. For avoiding this race, we need to
close the pool to be deleted and sync its usage before actually
deleting it.
The issue was spotted by syzkaller.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
There is a new clone of the XIN MO arcade controller which has same issue with
out of range like the original. This fix will solve the issue where 2
directions on the joystick are not recognized by the new THT 2P arcade
controller with device ID 0x75e1. In details the new device ID is added the
hid-id list and the hid-xinmo source code.
Signed-off-by: Peter Stein <peter@stuntstein.dk>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
In the generic XTS and LRW algorithms, for input data > 128 bytes, a
temporary buffer is allocated to hold the values to be XOR'ed with the
data before and after encryption or decryption. If the allocation
fails, the fixed-size buffer embedded in the request buffer is meant to
be used as a fallback --- resulting in more calls to the ECB algorithm,
but still producing the correct result. However, we weren't correctly
limiting subreq->cryptlen in this case, resulting in pre_crypt()
overrunning the embedded buffer. Fix this by setting subreq->cryptlen
correctly.
Fixes: f1c131b454 ("crypto: xts - Convert to skcipher")
Fixes: 700cb3f5fe ("crypto: lrw - Convert to skcipher")
Cc: stable@vger.kernel.org # v4.10+
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The CCP registers its queues as channels capable of handling
general DMA operations. The NTB driver will use DMA if
directed, but as public channels can be reserved for use in
asynchronous operations some channels should be held back
as private. Since the public/private determination is
handled at a device level, reserve the "other" (secondary)
CCP channels as private.
Add a module parameter that allows for override, to be
applied to all channels on all devices.
CC: <stable@vger.kernel.org> # 4.10.x-
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Under extremely heavy uses of padata, crashes occur, and with list
debugging turned on, this happens instead:
[87487.298728] WARNING: CPU: 1 PID: 882 at lib/list_debug.c:33
__list_add+0xae/0x130
[87487.301868] list_add corruption. prev->next should be next
(ffffb17abfc043d0), but was ffff8dba70872c80. (prev=ffff8dba70872b00).
[87487.339011] [<ffffffff9a53d075>] dump_stack+0x68/0xa3
[87487.342198] [<ffffffff99e119a1>] ? console_unlock+0x281/0x6d0
[87487.345364] [<ffffffff99d6b91f>] __warn+0xff/0x140
[87487.348513] [<ffffffff99d6b9aa>] warn_slowpath_fmt+0x4a/0x50
[87487.351659] [<ffffffff9a58b5de>] __list_add+0xae/0x130
[87487.354772] [<ffffffff9add5094>] ? _raw_spin_lock+0x64/0x70
[87487.357915] [<ffffffff99eefd66>] padata_reorder+0x1e6/0x420
[87487.361084] [<ffffffff99ef0055>] padata_do_serial+0xa5/0x120
padata_reorder calls list_add_tail with the list to which its adding
locked, which seems correct:
spin_lock(&squeue->serial.lock);
list_add_tail(&padata->list, &squeue->serial.list);
spin_unlock(&squeue->serial.lock);
This therefore leaves only place where such inconsistency could occur:
if padata->list is added at the same time on two different threads.
This pdata pointer comes from the function call to
padata_get_next(pd), which has in it the following block:
next_queue = per_cpu_ptr(pd->pqueue, cpu);
padata = NULL;
reorder = &next_queue->reorder;
if (!list_empty(&reorder->list)) {
padata = list_entry(reorder->list.next,
struct padata_priv, list);
spin_lock(&reorder->lock);
list_del_init(&padata->list);
atomic_dec(&pd->reorder_objects);
spin_unlock(&reorder->lock);
pd->processed++;
goto out;
}
out:
return padata;
I strongly suspect that the problem here is that two threads can race
on reorder list. Even though the deletion is locked, call to
list_entry is not locked, which means it's feasible that two threads
pick up the same padata object and subsequently call list_add_tail on
them at the same time. The fix is thus be hoist that lock outside of
that block.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Acked-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Commit 52060836f7 ("dt-bindings: omap-rng: Document SafeXcel IP-76
device variant") update the omap_rng Device Tree binding to add support
for the IP-76 variation of the IP. As part of this change, a "clocks"
property was added, but is indicated as "Required", without indicated
it's actually only required for some compatible strings.
This commit fixes that, by explicitly stating that the clocks property
is only required with the inside-secure,safexcel-eip76 compatible
string.
Fixes: 52060836f7 ("dt-bindings: omap-rng: Document SafeXcel IP-76 device variant")
Cc: <stable@vger.kernel.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
The spec for the pca9546 was missing. This chip is the same as the pca9545
except that it lacks interrupt lines. While the i2c_device_id table mapped
the pca9546 to the pca9545 definition the compatible table did not.
Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Peter Rosin <peda@axentia.se>
Currently KASLR is enabled on three regions: the direct mapping of physical
memory, vamlloc and vmemmap. However the EFI region is also mistakenly
included for VA space randomization because of misusing EFI_VA_START macro
and assuming EFI_VA_START < EFI_VA_END.
(This breaks kexec and possibly other things that rely on stable addresses.)
The EFI region is reserved for EFI runtime services virtual mapping which
should not be included in KASLR ranges. In Documentation/x86/x86_64/mm.txt,
we can see:
ffffffef00000000 - fffffffeffffffff (=64 GB) EFI region mapping space
EFI uses the space from -4G to -64G thus EFI_VA_START > EFI_VA_END,
Here EFI_VA_START = -4G, and EFI_VA_END = -64G.
Changing EFI_VA_START to EFI_VA_END in mm/kaslr.c fixes this problem.
Signed-off-by: Baoquan He <bhe@redhat.com>
Reviewed-by: Bhupesh Sharma <bhsharma@redhat.com>
Acked-by: Dave Young <dyoung@redhat.com>
Acked-by: Thomas Garnier <thgarnie@google.com>
Cc: <stable@vger.kernel.org> #4.8+
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1490331592-31860-1-git-send-email-bhe@redhat.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Commit:
aa1f1a6396 ("lib/syscall: Pin the task stack in collect_syscall()")
... added logic to handle a process stack not existing, but left sp and pc
uninitialized, which can be later reported via /proc/$pid/syscall for zombie
processes, potentially exposing kernel memory to userspace.
Zombie /proc/$pid/syscall before:
-1 0xffffffff9a060100 0xffff92f42d6ad900
Zombie /proc/$pid/syscall after:
-1 0x0 0x0
Reported-by: Robert Święcki <robert@swiecki.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org # v4.9+
Fixes: aa1f1a6396 ("lib/syscall: Pin the task stack in collect_syscall()")
Link: http://lkml.kernel.org/r/20170323224616.GA92694@beast
Signed-off-by: Ingo Molnar <mingo@kernel.org>
- Make intel_pstate use one set of global P-state limits in the
active mode regardless of the scaling_governor settings for
individual CPUs instead of switching back and forth between two
of them in a way that is hard to control (Rafael Wysocki).
- Drop a useless function from intel_pstate to prevent it from
modifying the maximum supported frequency value unexpectedly
which may confuse the cpufreq core (Rafael Wysocki).
- Fix the cpufreq core to restore policy limits on CPU online so
that the limits are not reset over system suspend/resume, among
other things (Viresh Kumar).
- Fix the initialization of the schedutil cpufreq governor to
make the IO-wait boosting mechanism in it actually work on
systems with one CPU per cpufreq policy (Rafael Wysocki).
- Add a sanity check to the cpuidle core to prevent crashes from
happening if the architecture code initialization fails to set
up things as expected (Vaidyanathan Srinivasan).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJY1HLGAAoJEILEb/54YlRxjAsQAIFcYfJKosA8IlmKcricR/WH
CqBMCH9S6Y5YsggrFjcj3lVJbf5P43/h3U++O+/97lJsevfp4inCChpvVSQIWX4v
xzk2v+5Ms8ROqVSLy34yTaB0ysCC//J5FvdQLsj0Zw9W/8yvi0DosPfeiAD7sYeb
4qkJK3+yv5sLtZ41FmdVYabhC5KHQSAV6p6X+KOZnFV8cm+8TfOSERhStXASMTGc
tvDpjIjPA1GLpHYdOK4UQ+Er1Hgwk2fNX7eXrpHh7QCQx4eZEN+g7DAC95Ify9Am
gkTFc5eUfOFKU5KMshdQh6gnfoNaKi4d3E/ahmnU+KQuyKiy4KMyTNcuUBszSaDM
ZTm0GooseV0UajaLH08BNbfpqDsiKc2fm1qkCQkXxpGjs80/bYn5gK+fpvkziq9x
210Wc7XTWf7JfmPs0d3gZekaohHtqJVigCuA4dXH6kvbDvbDcfKOza6rqNmpSFrQ
ifWH6M12Ut/G5NfwihhTRhoKkeQjqHFgikNC8BjF2Myem20026Vr6MKZrubDAlkq
VWP7lT2zNSs1btsNqDrA9+wejwK8OwwrpfZOx3hbYL6Q+u/AuljIJ79aRz8ROZcE
jQZeOKprmlAaDIASdxIM4yjwzSQE0l/CaHteHfKaddmcWTrtKR+CEfU0ODzYWoK0
dcQwyMF3tOToj7BjWqKM
=jy4C
-----END PGP SIGNATURE-----
Merge tag 'pm-4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull power management fixes from Rafael Wysocki:
"One of these is an intel_pstate regression fix and it is not a small
change, but it mostly removes code that shouldn't be there. That code
was acquired by mistake and has been a source of constant pain since
then, so the time has come to get rid of it finally. We have not seen
problems with this change in the lab, so fingers crossed.
The rest is more usual: one more intel_pstate commit removing useless
code, a cpufreq core fix to make it restore policy limits on CPU
online (which prevents the limits from being reset over system
suspend/resume), a schedutil cpufreq governor initialization fix to
make it actually work as advertised on all systems and an extra sanity
check in the cpuidle core to prevent crashes from happening if the
arch code messes things up.
Specifics:
- Make intel_pstate use one set of global P-state limits in the
active mode regardless of the scaling_governor settings for
individual CPUs instead of switching back and forth between two of
them in a way that is hard to control (Rafael Wysocki).
- Drop a useless function from intel_pstate to prevent it from
modifying the maximum supported frequency value unexpectedly which
may confuse the cpufreq core (Rafael Wysocki).
- Fix the cpufreq core to restore policy limits on CPU online so that
the limits are not reset over system suspend/resume, among other
things (Viresh Kumar).
- Fix the initialization of the schedutil cpufreq governor to make
the IO-wait boosting mechanism in it actually work on systems with
one CPU per cpufreq policy (Rafael Wysocki).
- Add a sanity check to the cpuidle core to prevent crashes from
happening if the architecture code initialization fails to set up
things as expected (Vaidyanathan Srinivasan)"
* tag 'pm-4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: Restore policy min/max limits on CPU online
cpuidle: Validate cpu_dev in cpuidle_add_sysfs()
cpufreq: intel_pstate: Fix policy data management in passive mode
cpufreq: schedutil: Fix per-CPU structure initialization in sugov_start()
cpufreq: intel_pstate: One set of global limits in active mode
Pull input fixes from Dmitry Torokhov:
"Fixes to various USB drivers to validate existence of endpoints before
trying to use them, fixes to APLS v8 protocol, and a couple of i8042
quirks"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input:
Input: ALPS - fix trackstick button handling on V8 devices
Input: ALPS - fix V8+ protocol handling (73 03 28)
Input: sur40 - validate number of endpoints before using them
Input: kbtab - validate number of endpoints before using them
Input: hanwang - validate number of endpoints before using them
Input: yealink - validate number of endpoints before using them
Input: ims-pcu - validate number of endpoints before using them
Input: cm109 - validate number of endpoints before using them
Input: iforce - validate number of endpoints before using them
Input: elan_i2c - add ASUS EeeBook X205TA special touchpad fw
Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list
Input: synaptics-rmi4 - prevent null pointer dereference in f30
Input: i8042 - add noloop quirk for Dell Embedded Box PC 3000
A few small fixes for 4.11
* 'drm-fixes-4.11' of git://people.freedesktop.org/~agd5f/linux:
drm/amd/amdgpu: add POLARIS12 PCI ID
drm/amdgpu: fix the clearing wb size
drm/amdgpu: reinstate oland workaround for sclk
drm/radeon: reinstate oland workaround for sclk
One fbdev regression fix from Michel
* tag 'drm-misc-fixes-2017-03-23' of git://anongit.freedesktop.org/git/drm-misc:
drm/fb-helper: Allow var->x/yres(_virtual) < fb->width/height again
Just several fixups,
- fix page fault and vblank timeout issues due to delayed vblank handling.
- fix panel driver probing to fail without te-gpios property.
- fix potential security hole by using "%pK" format.
- fix wrong if statement condition.
And one cleanup which removes Exynos4415 SoC support which is not supported
anymore.
* 'exynos-drm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/daeinki/drm-exynos:
drm/exynos/dsi: make te-gpios optional
drm/exynos: Print kernel pointers in a restricted form
drm/exynos/decon5433: fix software trigger mask
drm/exynos/fimd: signal frame done interrupt at front porch
drm/exynos/decon5433: signal frame done interrupt at front porch
drm/exynos/decon5433: fix vblank event handling
drm/exynos: move crtc event handling to drivers callbacks
drm/exynos: Remove support for Exynos4415 (SoC not supported anymore)
drm/exynos/decon5433: & vs | typo
* pm-cpufreq-fixes:
cpufreq: Restore policy min/max limits on CPU online
* pm-cpufreq-sched-fixes:
cpufreq: schedutil: Fix per-CPU structure initialization in sugov_start()
* intel_pstate-fixes:
cpufreq: intel_pstate: Fix policy data management in passive mode
cpufreq: intel_pstate: One set of global limits in active mode
A few fixes for a bunch of clocks on a few SoCs. The most important one is
probably one that fixes the NKMP clock frequency calculation and could end
up with clocking the CPU frequency to out of bounds rates.
-----BEGIN PGP SIGNATURE-----
iQIcBAABCAAGBQJYz6SKAAoJEBx+YmzsjxAgDOwP/RIJDNpZJNr7b2tiqzLCAgr2
yYJ9+sO/qBQ3gV2MhusE8BApvjWqTaiuOR/SO53tpGiC/5eX30JzlwTRuf4tLcpe
sug8KYvL1VHgnQISo4oa+zUglWv0TFZYZKBC5IQhRq01OGo9bHhs/+nSyKpYYQA2
T+NO8UbeVwOaPGGxYsA0edXtbnqAlDlWeZAxq+smZFyk3q95+O2vYLGRAxGNPK7s
X8V91Q38ysB7RxeTbyKYd2VdyCqrAupF3OMGnybxpvfQ6ndNjUPe54ljvAlVIV4p
51i7U4Ayr6YeTmgYYq4wsXWKmxoRtaauIeW0ZuGaCaNjTXY28r68qOVUignHTlRU
XuV0cfhzxUYp8qbSpS0LEXBWc4aL52V1najYfDMY9tKsc42bhogc//kkssha9dI7
uvPn4FBg7QsmgFZJwnIL9mujCJGByU1pN1+6JR0oSw5n3cnOyqq5LltyEbFHmGAc
JTt+a03029fVyvxXa1BQYv05W9ANBqnF13puVRoywGmcRL2L2ytyzhrNSQhuOhSB
/8kos+IOvrkeMgyCMmT0LGCdls4yd3wH0rl6r3ZNqyZHgD4LF9Qm5/L73GJkRHZP
ymOU6sTonPsBir/T95PT/LYfsl3wF2YpmrqCuTPyF/Lek24d0SU5s5DO3XRSqKxS
quM4ey2fux1Qre0OjLJk
=27Fn
-----END PGP SIGNATURE-----
Merge tag 'sunxi-clk-fixes-for-4.11' of https://git.kernel.org/pub/scm/linux/kernel/git/mripard/linux into clk-fixes
Pull Allwinner clock fixes from Maxime Ripard:
A few fixes for a bunch of clocks on a few SoCs. The most important one is
probably one that fixes the NKMP clock frequency calculation and could end
up with clocking the CPU frequency to out of bounds rates.
* tag 'sunxi-clk-fixes-for-4.11' of https://git.kernel.org/pub/scm/linux/kernel/git/mripard/linux:
clk: sunxi-ng: fix recalc_rate formula of NKMP clocks
clk: sunxi-ng: Fix div/mult settings for osc12M on A64
clk: sunxi-ng: sun6i: Fix enable bit offset for hdmi-ddc module clock
clk: sunxi: ccu-sun5i needs nkmp
clk: sunxi-ng: mp: Adjust parent rate for pre-dividers
During early days of PCI quirks support, ThunderX firmware did not provide
PNP0c02 node with PCI configuration space and PEM-specific register ranges.
This means that for legacy FW we are not reserving these resources and
cannot gather PEM-specific resources for further PEM initialization.
To support already deployed legacy FW, calculate PEM-specific ranges and
provide resources reservation as fallback scenario into PEM driver when we
could not gather PEM reg base from ACPI tables.
Tested-by: Robert Richter <rrichter@cavium.com>
Signed-off-by: Tomasz Nowicki <tn@semihalf.com>
Signed-off-by: Vadim Lomovtsev <Vadim.Lomovtsev@caviumnetworks.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Robert Richter <rrichter@cavium.com>
CC: stable@vger.kernel.org # v4.10+
"CAV" is the only PNP/ACPI hardware ID vendor prefix assigned to Cavium so
fix this as it should be from day one.
Fixes: 44f22bd91e ("PCI: Add MCFG quirks for Cavium ThunderX pass2.x host controller")
Tested-by: Robert Richter <rrichter@cavium.com>
Signed-off-by: Tomasz Nowicki <tn@semihalf.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Acked-by: Robert Richter <rrichter@cavium.com>
CC: stable@vger.kernel.org # v4.10+
In ACPI world any ID should be carefully chosen and registered
officially. The commit bbf9d262a1 seems did a wrong assumption because
PCA is the registered PNP ID for "PHILIPS BU ADD ON CARD". I'm pretty
sure this prefix has nothing to do with the driver in question.
Moreover, newer ACPI specification has a support of _DSD method and
special device IDs to allow drivers be enumerated via compatible string.
The slight change to support this kind of enumeration will be added in
sequential patch against pca954x.c.
Revert the commit bbf9d262a1 for good.
Cc: Tin Huynh <tnhuynh@apm.com>
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Peter Rosin <peda@axentia.se>
Some more device ids for option and qcserial.
Signed-off-by: Johan Hovold <johan@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEEHszNKQClByu0A+9RQQ3kT97htJUFAljT/WsRHGpvaGFuQGtl
cm5lbC5vcmcACgkQQQ3kT97htJUsWRAAwtPPUUc5nqUKZ/a+OsWaJBEdTcCHDU9e
LZdZyVI3qSzATmNzylD/fCSz7kdxzctInq1Ug6doHTatNuiqC79MhEthLRWNRItQ
okJeF9HYzK6WcOMHxKrNfvQxRKoRhbhA/cwkLsVx7xay6POHkKd2NsTlOf+X678g
0lcPG0J7DKefS3Fs9IM3L3+BW2JNoBpBPTya93TmZSi8M2HpCOl7gGq6KCMVjCsW
o0IyOA8hrA14j7gizahL9P7YG9s134vA12S6KSpV2nJl8g1Z8sIDBSVjpJp1voOd
/ojNy2bfV6hqAASNkscAo9HxtUG0XTWShT67hzHh/FxXFTcHJhbPkV2NCoyRdTKW
mAS9gALdkH82f60yyY9318EIffJ1WtPcBcGvCTRcTrQmhSBQQCobNuCOQZfrGPTY
LDTcsPlkc9WCC4Bnl53Mv4hMEKAoxQQwiV06IwvjpZze73Q6vR3sWqUUNIJngBy2
4whIpijRBNPRBEHT2oUAxDdqvoDqf9DYcDZ5VubYtwfmGOqMuuyM4uFVvjE1OB4L
ZhFt3uN7Ut2I4yKsk4jEdFJ4sWcYEI63NMjBxIsrYQKYXYmSU4pL1wXrkuCLsvx5
vwvuYLRzj544ORVOLNChE+XPAOi7u7tMzK8MTX0dIz7aiNoiaXeTlpSjDn9x+pnW
x8a1pgToBWA=
=JfAm
-----END PGP SIGNATURE-----
Merge tag 'usb-serial-4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/johan/usb-serial into usb-linus
Johan writes:
USB-serial fixes for v4.11-rc4
Some more device ids for option and qcserial.
Signed-off-by: Johan Hovold <johan@kernel.org>
f_acm got an endianness fix by Oliver Neukum. This has been around for a
long time but it's finally fixed.
f_hid learned that it should never access hidg->req without first
grabbing the spinlock.
Roger Quadros fixed two bugs in the f_uvc function driver.
Janusz Dziedzic fixed a very peculiar bug with EP0, one that's rather
difficult to trigger. When we're dealing with bounced EP0 requests, we
should delay unmap until after ->complete() is called.
UDC class got a use-after-free fix.
-----BEGIN PGP SIGNATURE-----
iQJRBAABCAA7FiEElLzh7wn96CXwjh2IzL64meEamQYFAljTv0EdHGZlbGlwZS5i
YWxiaUBsaW51eC5pbnRlbC5jb20ACgkQzL64meEamQbhehAAvauDyMvvL4S2PpCS
zkarfhJfF4xOB8jzyewdz8oN57XogoUQIY6KOXFIIj9sWBt5Kx2zfA7uK3FBeflm
lEaf2Mkbo3qXw9ChkrpUDEzpezYhnLPOpm7rMoXxseiVhew1Jt6AUjyzxMkOSG+I
ng/bMRFvJY1Crp7V0kIba0PiR/owlVxZNTad5/C5Fi1wJQtpjd6Ry0cH7Pa/Eh1W
KI5Mrdwgh0gZJUF8u8O1MZehyUXSTzkjvHeNV7lnL4TE19hoSGngQhvTYhnoU5lT
XdphOntQ3m4p8rvNuEvqcwuS5BT2HQoW+BwyNdJF+FUtbbrNN2gUjbY5KD7ZuQtT
cb67cLrQD04t0ig5zFo51SEZQiYei3rBfr8y0RXepY0RAqCzpqsSoXHxZJyfp1xb
XzNnnYinbOe2bU3b/Ovs3mMQ4kfpygTHVDMT9iYsRJZmD7DGBhG9J6AR5jD+44Js
etY82xW7pXiDazMm9OnQ4kuMii8nse3QDynhURU7H39Jw8ty4AdIgbngHgCjRvZA
ulAeanjGtNNsDs0bsL9L3Q2gLUGiW/y5Ds+AQXKH6388FrwwoUYqCeqBIH5xI+wF
LIErvqZyi3+Jd/SkmvKeubix3vTxgPZ72WY4xdO45vWznKWscyUWdj0OzXpdycLx
gOK1mf6y9vRsyoyJ9l09JZ6CAsc=
=BWuW
-----END PGP SIGNATURE-----
Merge tag 'fixes-for-v4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/balbi/usb into usb-linus
Felipe writes:
usb: fixes for v4.11-rc4
f_acm got an endianness fix by Oliver Neukum. This has been around for a
long time but it's finally fixed.
f_hid learned that it should never access hidg->req without first
grabbing the spinlock.
Roger Quadros fixed two bugs in the f_uvc function driver.
Janusz Dziedzic fixed a very peculiar bug with EP0, one that's rather
difficult to trigger. When we're dealing with bounced EP0 requests, we
should delay unmap until after ->complete() is called.
UDC class got a use-after-free fix.
*) Revert USB3 PHY support for Broadcom NSP SoC
*) Fix compiler error on qcom-usb-hs when depends on EXTCON
is not added
*) Fix error handling in phy-exynos-pcie
Signed-off-by: Kishon Vijay Abraham I <kishon@ti.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABAgAGBQJY0o46AAoJEA5ceFyATYLZM5wP/ixfO3WBz1l/aUvfraZ60i0M
J10tRM3vWvbglRy30AMs+FOcSGlNq1eBWlpqjl8CH2YGGYsL9pjom1y5WDvgud+K
+KIdoUtZzOa5KbMB0uUaiRw+le0Y30zwv8/DrfidANAAdah597qWtXThloQ4tm/r
RmRF717ZL3SkkaLi7qcMpYUX0OXAZRPNbmmd0cAL7hwAYXk8WbZCeKu76YJfMckc
DJgcqWzR2cD38vkGpRvR33vX6km/oeG0FLGXzfUSbUtk2uZETOH3mG+8blef8cVY
9FUo90TN2rxp3D06QEwdCM3nu0WKuUCdXCcZldjYDZpUTMqeh49fk2DCnT89WyDc
VsqA/t5dt3I9lMBcXeNbIbJsiBpnIS958Vg0GKkEbgPQNBp5jdwlU6vbz+Xwkh+U
plcGvhm2r+g+oiULJiHTKO2QwksZ/qTBHLsz4TcGWjxpRu5F9xYe6VNxefPoarwE
9z+lR9RPCztlHPytOKcpUJcAsZJYlBKq+IkM9pEpuv0g9X8QpTMvwpFKX5/uS5mc
GX0Zw9bK43J8FgApyBMn92NIWgnlsXK1dHy3I9UORQDrWxPOSu32/rOmPnU8UaKO
iR0FjGxKliC1BIt0iiHktPw/rwHj1PjZSBHUtmD9iS7/dI6ZizsX+raPHgxcRkW8
/ESBEM7dxKAGQ0LWJYNY
=AZDi
-----END PGP SIGNATURE-----
Merge tag 'phy-for-4.11-rc' of git://git.kernel.org/pub/scm/linux/kernel/git/kishon/linux-phy into usb-linus
Kishon writes:
phy: for 4.11-rc
*) Revert USB3 PHY support for Broadcom NSP SoC
*) Fix compiler error on qcom-usb-hs when depends on EXTCON
is not added
*) Fix error handling in phy-exynos-pcie
Signed-off-by: Kishon Vijay Abraham I <kishon@ti.com>
The latest gcc-7 snapshot adds a warning to point out that when
atk_read_value_old or atk_read_value_new fails, we copy
uninitialized data into sensor->cached_value:
drivers/hwmon/asus_atk0110.c: In function 'atk_input_show':
drivers/hwmon/asus_atk0110.c:651:26: error: 'value' may be used uninitialized in this function [-Werror=maybe-uninitialized]
Adding an error check avoids this. All versions of the driver
are affected.
Fixes: 2c03d07ad5 ("hwmon: Add Asus ATK0110 support")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Luca Tettamanti <kronos.it@gmail.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
This contains the collection of small fixes for 4.11 that were pending
during my vacation:
- A few HD-audio quirks (more Dell headset support, docking station
support on HP laptops),
- A regression fix for the previous ctxfi DMA mask fix,
- A correction of the new CONFIG_SND_X86 menu entry, and
- A fix for the races in ALSA sequencer core spotted by syzkaller.
-----BEGIN PGP SIGNATURE-----
iQJCBAABCAAsFiEECxfAB4MH3rD5mfB6bDGAVD0pKaQFAljTzpwOHHRpd2FpQHN1
c2UuZGUACgkQbDGAVD0pKaQzKQ//WmOSF098ORabkxxapsEG9k/8Y5cdChOKmRrT
pmhbZ0APIxYHnBT09sDqWmCMQJB3hpI1fnGRQxz8TSGgYlWHV+PXwWKQz4XUil5b
Cq6AznbNZsPCT11AgBRQ5G4CBLIhrL/fGFHqKBZbj0i8RtaLtMzhMUVXy7jQZrK4
/CsZHUPAEH/TG3w3XDmlRQ0JLfAJ5eb1Vxvtq6aSwZ9C8CFuZqVef6gLbs81MSYz
ZEpyK1/lRzi6Um/xTcq0bZB5lbXAd6d4K9+6dvog2vQni7rXBr4h3ID+li2Hr6SW
4m3nxESkWAfXUFDKk6Ib8/LgZVXX5PonF3mnZJGrxQ1ZGFyhmXCvUIzhwOPTGEjo
PyX9yo8Gh9Avj9kX4DsFFVApX4AwtA104DLz/3uZDVKThZKcWOMEOODDYRHidl3i
MrWKsZvcilGeQ55xNhzvX/dw2G8Fjxq6892QEyIGNICk+lcTWHXeiTAYtd7iju+w
587AUOx7BOjqUA0PGY1qqp6sqIIes4zxaXHYttZJhpNEB8Ga/9uUcOwnXj8MmiGc
U1NWRZ0e+oQ+/08gMWq9aqQCaYwWxXXYFJcHKsJFoaqnrHeiX9gHdZlbkx8ZYZDt
KMyhPeN/aBTRcwMvnGII7g7ah/dziDHCekfwpINbxp7czb93+a81jFEkwDRgHXQt
POi+/w4=
=tHT0
-----END PGP SIGNATURE-----
Merge tag 'sound-4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"This contains the collection of small fixes for 4.11 that were pending
during my vacation:
- a few HD-audio quirks (more Dell headset support, docking station
support on HP laptops)
- a regression fix for the previous ctxfi DMA mask fix
- a correction of the new CONFIG_SND_X86 menu entry
- a fix for the races in ALSA sequencer core spotted by syzkaller"
* tag 'sound-4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA: hda - Adding a group of pin definition to fix headset problem
ALSA: seq: Fix racy cell insertions during snd_seq_pool_done()
ALSA: x86: Make CONFIG_SND_X86 bool
ALSA: hda - add support for docking station for HP 840 G3
ALSA: hda - add support for docking station for HP 820 G2
ALSA: ctxfi: Fix the incorrect check of dma_set_mask() call
Pull btrfs fixes from Chris Mason:
"Zygo tracked down a very old bug with inline compressed extents.
I didn't tag this one for stable because I want to do individual
tested backports. It's a little tricky and I'd rather do some extra
testing on it along the way"
* 'for-linus-4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs:
btrfs: add missing memset while reading compressed inline extents
Btrfs: fix regression in lock_delalloc_pages
btrfs: remove btrfs_err_str function from uapi/linux/btrfs.h
Pull networking fixes from David Miller:
1) Several netfilter fixes from Pablo and the crew:
- Handle fragmented packets properly in netfilter conntrack, from
Florian Westphal.
- Fix SCTP ICMP packet handling, from Ying Xue.
- Fix big-endian bug in nftables, from Liping Zhang.
- Fix alignment of fake conntrack entry, from Steven Rostedt.
2) Fix feature flags setting in fjes driver, from Taku Izumi.
3) Openvswitch ipv6 tunnel source address not set properly, from Or
Gerlitz.
4) Fix jumbo MTU handling in amd-xgbe driver, from Thomas Lendacky.
5) sk->sk_frag.page not released properly in some cases, from Eric
Dumazet.
6) Fix RTNL deadlocks in nl80211, from Johannes Berg.
7) Fix erroneous RTNL lockdep splat in crypto, from Herbert Xu.
8) Cure improper inflight handling during AF_UNIX GC, from Andrey
Ulanov.
9) sch_dsmark doesn't write to packet headers properly, from Eric
Dumazet.
10) Fix SCM_TIMESTAMPING_OPT_STATS handling in TCP, from Soheil Hassas
Yeganeh.
11) Add some IDs for Motorola qmi_wwan chips, from Tony Lindgren.
12) Fix nametbl deadlock in tipc, from Ying Xue.
13) GRO and LRO packets not counted correctly in mlx5 driver, from Gal
Pressman.
14) Fix reset of internal PHYs in bcmgenet, from Doug Berger.
15) Fix hashmap allocation handling, from Alexei Starovoitov.
16) nl_fib_input() needs stronger netlink message length checking, from
Eric Dumazet.
17) Fix double-free of sk->sk_filter during sock clone, from Daniel
Borkmann.
18) Fix RX checksum offloading in aquantia driver, from Pavel Belous.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (85 commits)
net:ethernet:aquantia: Fix for RX checksum offload.
amd-xgbe: Fix the ECC-related bit position definitions
sfc: cleanup a condition in efx_udp_tunnel_del()
Bluetooth: btqcomsmd: fix compile-test dependency
inet: frag: release spinlock before calling icmp_send()
tcp: initialize icsk_ack.lrcvtime at session start time
genetlink: fix counting regression on ctrl_dumpfamily()
socket, bpf: fix sk_filter use after free in sk_clone_lock
ipv4: provide stronger user input validation in nl_fib_input()
bpf: fix hashmap extra_elems logic
enic: update enic maintainers
net: bcmgenet: remove bcmgenet_internal_phy_setup()
ipv6: make sure to initialize sockc.tsflags before first use
fjes: Do not load fjes driver if extended socket device is not power on.
fjes: Do not load fjes driver if system does not have extended socket device.
net/mlx5e: Count LRO packets correctly
net/mlx5e: Count GSO packets correctly
net/mlx5: Increase number of max QPs in default profile
net/mlx5e: Avoid supporting udp tunnel port ndo for VF reps
net/mlx5e: Use the proper UAPI values when offloading TC vlan actions
...
No caller currently checks the return value of
kvm_io_bus_unregister_dev(). This is evil, as all callers silently go on
freeing their device. A stale reference will remain in the io_bus,
getting at least used again, when the iobus gets teared down on
kvm_destroy_vm() - leading to use after free errors.
There is nothing the callers could do, except retrying over and over
again.
So let's simply remove the bus altogether, print an error and make
sure no one can access this broken bus again (returning -ENOMEM on any
attempt to access it).
Fixes: e93f8a0f82 ("KVM: convert io_bus to SRCU")
Cc: stable@vger.kernel.org # 3.4+
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This can be reproduced by running L2 on L1, and disable VPID on L0
if w/o commit "KVM: nVMX: Fix nested VPID vmx exec control", the L2
crash as below:
KVM: entry failed, hardware error 0x7
EAX=00000000 EBX=00000000 ECX=00000000 EDX=000306c3
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT= 00000000 0000ffff
IDT= 00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000000
Reference SDM 30.3 INVVPID:
Protected Mode Exceptions
- #UD
- If not in VMX operation.
- If the logical processor does not support VPIDs (IA32_VMX_PROCBASED_CTLS2[37]=0).
- If the logical processor supports VPIDs (IA32_VMX_PROCBASED_CTLS2[37]=1) but does
not support the INVVPID instruction (IA32_VMX_EPT_VPID_CAP[32]=0).
So we should check both VPID enable bit in vmx exec control and INVVPID support bit
in vmx capability MSRs to enable VPID. This patch adds the guarantee to not enable
VPID if either INVVPID or single-context/all-context invalidation is not exposed in
vmx capability MSRs.
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Jim Mattson <jmattson@google.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This can be reproduced by running kvm-unit-tests/vmx.flat on L0 w/ vpid disabled.
Test suite: VPID
Unhandled exception 6 #UD at ip 00000000004051a6
error_code=0000 rflags=00010047 cs=00000008
rax=0000000000000000 rcx=0000000000000001 rdx=0000000000000047 rbx=0000000000402f79
rbp=0000000000456240 rsi=0000000000000001 rdi=0000000000000000
r8=000000000000000a r9=00000000000003f8 r10=0000000080010011 r11=0000000000000000
r12=0000000000000003 r13=0000000000000708 r14=0000000000000000 r15=0000000000000000
cr0=0000000080010031 cr2=0000000000000000 cr3=0000000007fff000 cr4=0000000000002020
cr8=0000000000000000
STACK: @4051a6 40523e 400f7f 402059 40028f
We should hide and forbid VPID in L1 if it is disabled on L0. However, nested VPID
enable bit is set unconditionally during setup nested vmx exec controls though VPID
is not exposed through nested VMX capablity. This patch fixes it by don't set nested
VPID enable bit if it is disabled on L0.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: stable@vger.kernel.org
Fixes: 5c614b3583 (KVM: nVMX: nested VPID emulation)
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
After async pf setup successfully, there is a broadcast wakeup w/ special
token 0xffffffff which tells vCPU that it should wake up all processes
waiting for APFs though there is no real process waiting at the moment.
The async page present tracepoint print prematurely and fails to catch the
special token setup. This patch fixes it by moving the async page present
tracepoint after the special token setup.
Before patch:
qemu-system-x86-8499 [006] ...1 5973.473292: kvm_async_pf_ready: token 0x0 gva 0x0
After patch:
qemu-system-x86-8499 [006] ...1 5973.473292: kvm_async_pf_ready: token 0xffffffff gva 0x0
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Quoting from the Intel SDM, volume 3, section 28.3.3.4: Guidelines for
Use of the INVEPT Instruction:
If EPT was in use on a logical processor at one time with EPTP X, it
is recommended that software use the INVEPT instruction with the
"single-context" INVEPT type and with EPTP X in the INVEPT descriptor
before a VM entry on the same logical processor that enables EPT with
EPTP X and either (a) the "virtualize APIC accesses" VM-execution
control was changed from 0 to 1; or (b) the value of the APIC-access
address was changed.
In the nested case, the burden falls on L1, unless L0 enables EPT in
vmcs02 when L1 doesn't enable EPT in vmcs12.
Signed-off-by: Jim Mattson <jmattson@google.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
We have specific destructors for pic/ioapic, we'd better use them when
destroying the VM as well.
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Mostly used for split irqchip mode. In that case, these two things are
not inited at all, so no need to release.
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
This was broken in commit cd979883b9 ("xen/acpi-processor:
fix enabling interrupts on syscore_resume"). do_suspend (from
xen/manage.c) and thus xen_resume_notifier never get called on
the initial-domain at resume (it is if running as guest.)
The rationale for the breaking change was that upload_pm_data()
potentially does blocking work in syscore_resume(). This patch
addresses the original issue by scheduling upload_pm_data() to
execute in workqueue context.
Cc: Stanislaw Gruszka <sgruszka@redhat.com>
Cc: stable@vger.kernel.org
Based-on-patch-by: Konrad Wilk <konrad.wilk@oracle.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Stanislaw Gruszka <sgruszka@redhat.com>
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
On a randconfig build without CONFIG_SCSI_LPFC_DEBUG_FS, I ran into
multiple compile failures:
drivers/scsi/lpfc/lpfc_debugfs.h: In function 'lpfc_debug_dump_wq':
drivers/scsi/lpfc/lpfc_debugfs.h:405:15: error: 'DUMP_FCP' undeclared (first use in this function); did you mean 'DUMP_VAR'?
drivers/scsi/lpfc/lpfc_debugfs.h:405:15: note: each undeclared identifier is reported only once for each function it appears in
drivers/scsi/lpfc/lpfc_debugfs.h:408:22: error: 'DUMP_NVME' undeclared (first use in this function); did you mean 'DUMP_NONE'?
drivers/scsi/lpfc/lpfc_nvmet.c: In function 'lpfc_nvmet_xmt_ls_rsp_cmp':
drivers/scsi/lpfc/lpfc_nvmet.c:109:2: error: implicit declaration of function 'lpfc_nvmeio_data'; did you mean 'lpfc_mem_free'? [-Werror=implicit-function-declaration]
drivers/scsi/lpfc/lpfc_nvmet.c: In function 'lpfc_nvmet_xmt_fcp_op':
drivers/scsi/lpfc/lpfc_nvmet.c:523:10: error: unused variable 'id' [-Werror=unused-variable]
They are all trivial to fix, so I'm doing it in a combined patch here.
Fixes: 1d9d5a9879 ("scsi: lpfc: refactor debugfs queue dump routines")
Fixes: bd2cdd5e40 ("scsi: lpfc: NVME Initiator: Add debugfs support")
Fixes: 2b65e18202 ("scsi: lpfc: NVME Target: Add debugfs support")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Dick Kennedy <dick.kennedy@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
lpfc cannot establish connection with targets that send PRLI in P2P
configurations.
If lpfc rejects a PRLI that is sent from a target the target will not
resend and will reject the PRLI send from the initiator.
[mkp: applied by hand]
Signed-off-by: Dick Kennedy <dick.kennedy@broadcom.com>
Signed-off-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
In a previous patch a hpsa_scsi_dev_t.volume_offline update line has
been removed, so let us put it back..
Fixes: 85b29008d8 (hpsa: update check for logical volume status)
Signed-off-by: Tomas Henzl <thenzl@redhat.com>
Acked-by: Don Brace <don.brace@microsemi.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Otherwise this can also prevent modesets e.g. for switching VTs, when
multiple monitors with different native resolutions are connected.
The depths must match though, so keep the != test for that.
Also update the DRM_DEBUG output to be slightly more accurate, this
doesn't only affect requests from userspace.
Bugzilla: https://bugs.freedesktop.org/99841
Fixes: 865afb1194 ("drm/fb-helper: reject any changes to the fbdev")
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
Reviewed-by: Daniel Stone <daniels@collabora.com>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: http://patchwork.freedesktop.org/patch/msgid/20170323085326.20185-1-michel@daenzer.net
Replace hard coded "ACPI0007" with ACPI_PROCESSOR_DEVICE_HID
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Provide debugfs function stubs when EDAC_DEBUG is not enabled so that we
don't fail the build:
drivers/edac/pnd2_edac.c: In function ‘pnd2_init’:
drivers/edac/pnd2_edac.c:1521:2: error: implicit declaration of function ‘setup_pnd2_debug’ [-Werror=implicit-function-declaration]
setup_pnd2_debug();
^
drivers/edac/pnd2_edac.c: In function ‘pnd2_exit’:
drivers/edac/pnd2_edac.c:1529:2: error: implicit declaration of function ‘teardown_pnd2_debug’ [-Werror=implicit-function-declaration]
teardown_pnd2_debug();
^
Signed-off-by: Borislav Petkov <bp@suse.de>
This patch adds the missing PINGROUP for GPIO70-99.
This fixes a crash that happens in pinctrl-msm, if any
of the GPIO70-99 are accessed.
Fixes: 5303f7827f ("pinctrl: qcom: ipq4019: set ngpios to correct value")
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Acked-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>