| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.131
wil6210: missing length check in wmi_set_ie
* swiotlb: clean up reporting
lib/swiotlb.c
sr: pass down correctly sized SCSI sense buffer
* posix-timers: Sanitize overrun handling
include/linux/posix-timers.h
kernel/time/posix-cpu-timers.c
kernel/time/posix-timers.c
* ALSA: pcm: remove SNDRV_PCM_IOCTL1_INFO internal command
include/sound/pcm.h
sound/core/pcm_lib.c
sound/core/pcm_native.c
ALSA: isa/wavefront: prevent some out of bound writes
i2c: scmi: Fix probe error on devices with an empty SMB0001 ACPI device node
* cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy (insecure cifs)
fs/cifs/Kconfig
ARM: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling
libata: whitelist all SAMSUNG MZ7KM* solid-state disks
Input: omap-keypad - fix keyboard debounce configuration
ide: pmac: add of_node_put()
drivers/tty: add missing of_node_put()
drivers/sbus/char: add of_node_put()
sbus: char: add of_node_put()
SUNRPC: Fix a potential race in xprt_connect()
* bonding: fix 802.3ad state sent to partner when unbinding slave
drivers/net/bonding/bond_3ad.c
x86/earlyprintk/efi: Fix infinite loop on some screen widths
scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload
scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset
powerpc: Look for "stdout-path" when setting up legacy consoles
tracing: Fix memory leak of instance function hash filters
* tracing: Fix memory leak in set_trigger_filter()
kernel/trace/trace_events_trigger.c
MMC: OMAP: fix broken MMC on OMAP15XX/OMAP5910/OMAP310
powerpc/boot: Fix random libfdt related build errors
* timer/debug: Change /proc/timer_list from 0444 to 0400
kernel/time/timer_list.c
lib/interval_tree_test.c: allow users to limit scope of endpoint
lib/rbtree-test: lower default params
lib/rbtree_test.c: make input module parameters
lib/interval_tree_test.c: allow full tree search
lib/interval_tree_test.c: make test options module parameters
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 2840f84f74035e5a535959d5f17269c69fa6edc5 upstream.
The following commands will cause a memory leak:
# cd /sys/kernel/tracing
# mkdir instances/foo
# echo schedule > instance/foo/set_ftrace_filter
# rmdir instances/foo
The reason is that the hashes that hold the filters to set_ftrace_filter and
set_ftrace_notrace are not freed if they contain any data on the instance
and the instance is removed.
Found by kmemleak detector.
Cc: stable@vger.kernel.org
Fixes: 591dffdade9f ("ftrace: Allow for function tracing instance to filter functions")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 3cec638b3d793b7cacdec5b8072364b41caeb0e1 upstream.
When create_event_filter() fails in set_trigger_filter(), the filter may
still be allocated and needs to be freed. The caller expects the
data->filter to be updated with the new filter, even if the new filter
failed (we could add an error message by setting set_str parameter of
create_event_filter(), but that's another update).
But because the error would just exit, filter was left hanging and
nothing could free it.
Found by kmemleak detector.
Cc: stable@vger.kernel.org
Fixes: bac5fb97a173a ("tracing: Add and use generic set_trigger_filter() implementation")
Reviewed-by: Tom Zanussi <tom.zanussi@linux.intel.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.125
* sched/fair: Fix throttle_list starvation with low CFS quota
kernel/sched/fair.c
kernel/sched/sched.h
* USB: fix the usbfs flag sanitization for control transfers
drivers/usb/core/devio.c
cdc-acm: correct counting of UART states in serial state notification
cachefiles: fix the race between cachefiles_bury_object() and rmdir(2)
net: sched: gred: pass the right attribute to gred_change_table_def()
* rtnetlink: Disallow FDB configuration for non-Ethernet device
net/core/rtnetlink.c
* net: drop skb on failure in ip_check_defrag()
net/ipv4/ip_fragment.c
sctp: fix race on sctp_id2asoc
r8169: fix NAPI handling under high load
net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules
* net: socket: fix a missing-check bug
net/socket.c
* net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs
net/ipv6/addrconf.c
* ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called
net/ipv6/ndisc.c
* ipv6: mcast: fix a use-after-free in inet6_mc_check
net/ipv6/mcast.c
* mremap: properly flush TLB before releasing the page
mm/mremap.c
* /proc/iomem: only expose physical resource addresses to privileged users
kernel/resource.c
perf tools: Disable parallelism for 'make clean'
* fs/fat/fatent.c: add cond_resched() to fat_count_free_clusters()
fs/fat/fatent.c
* unix: correctly track in-flight fds in sending process user_struct
include/net/af_unix.h
include/net/scm.h
net/core/scm.c
net/unix/af_unix.c
net/unix/garbage.c
x86/PCI: Mark Broadwell-EP Home Agent 1 as having non-compliant BARs
* net: fix warnings in 'make htmldocs' by moving macro definition out of field declaration
include/net/sock.h
* USB: hub: fix up early-exit pathway in hub_activate
drivers/usb/core/hub.c
* KEYS: put keyring if install_session_keyring_to_cred() fails
security/keys/process_keys.c
igb: fix NULL derefs due to skipped SR-IOV enabling
ovl: fix open in stacked overlay
iwlwifi: pcie: correctly define 7265-D cfg
sctp: translate network order to host order when users get a hmacid
* vfs: Make sendfile(2) killable even better
fs/splice.c
* PCI: Fix devfn for VPD access through function 0
drivers/pci/access.c
x86/ldt: Fix small LDT allocation for Xen
* Revert "SCSI: Fix NULL pointer dereference in runtime PM"
drivers/scsi/scsi_pm.c
* mm: migrate: hugetlb: putback destination hugepage to active list
mm/migrate.c
* perf: Fix PERF_EVENT_IOC_PERIOD deadlock
kernel/events/core.c
libata: blacklist Micron 500IT SSD with MU01 firmware
igb: Unpair the queues when changing the number of queues
Btrfs: do not ignore errors from btrfs_lookup_xattr in do_setxattr
* tty: audit: Fix audit source
drivers/tty/n_tty.c
drivers/tty/tty_audit.c
include/linux/tty.h
* ALSA: usb-audio: Add a more accurate volume quirk for AudioQuest DragonFly
sound/usb/mixer.c
sound/usb/mixer_maps.c
sound/usb/mixer_quirks.c
sound/usb/mixer_quirks.h
ALSA: hda - Add headset mic support for Acer Aspire V5-573G
rtlwifi: rtl8821ae: Fix lockups on boot
rtlwifi: rtl8821ae: Fix system lockups on boot
selftests: Introduce a new script to generate tc batch file
mtd: blkdevs: fix potential deadlock + lockdep warnings
* ASoC: dapm: Don't add prefix to widget stream name
sound/soc/soc-dapm.c
* lib: make memzero_explicit more robust against dead store elimination
include/linux/compiler-gcc.h
include/linux/compiler.h
lib/string.c
dm9000: Fix irq trigger type setup on non-dt platforms
MIPS: Fix up obsolete cpu_set usage
perf bench numa: Fix to show proper convergence stats
net: ethernet: davicom: fix devicetree irq resource
* ext4: fix an ext3 collapse range regression in xfstests
fs/ext4/extents.c
x86/idle: Restore trace_cpu_idle to mwait_idle() calls
tty: serial: fsl_lpuart: fix clearing of receive flag
iommu/vt-d: Fix VM domain ID leak
net/mlx4_en: Remove dependency between timestamping capability and service_task
arm/arm64: KVM: Take mmap_sem in stage2_unmap_vm
* dm: fix AB-BA deadlock in __dm_destroy()
drivers/md/dm.c
pinctrl: imx25: ensure that a pin with id i is at position i in the info array
Btrfs: avoid syncing log in the fast fsync path when not necessary
* of/pci: Remove duplicate kfree in of_pci_get_host_bridge_resources()
drivers/of/of_pci.c
x86/irq: Check for valid irq descriptor in check_irq_vectors_for_cpu_disable()
* rcu: Clear need_qs flag to prevent splat
kernel/rcu/tree_plugin.h
nfs: fix high load average due to callback thread sleeping
* rtnl: don't account unused struct ifla_port_vsi in rtnl_port_size
net/core/rtnetlink.c
* quota: Fix maximum quota limit settings
fs/quota/quota_v2.c
clk: rockchip: fix deadlock possibility in cpuclk
ARM: dts: disable CCI on exynos5420 based arndale-octa
drivers: bus: check cci device tree node status
perf tools: Fix segfault for symbol annotation on TUI
perf tools: Avoid build splat for syscall numbers with uclibc
perf tools: Fix statfs.f_type data type mismatch build error with uclibc
perf machine: Fix __machine__findnew_thread() error path
perf/x86/intel: Fix bug for "cycles:p" and "cycles:pp" on SLM
perf/rapl: Fix sysfs_show() initialization for RAPL PMU
* tracing: Fix enabling of syscall events on the command line
kernel/trace/trace_events.c
fbdev/broadsheetfb: fix memory leak
ARM: at91: board-dt-sama5: add phy_fixup to override NAND_Tree
ARM: at91/dt: sam9263: Add missing clocks to lcdc node
ARM: at91: sama5d3: dt: correct the sound route
ARM: at91/dt: sama5d4: fix the timer reg length
mcb: mcb-pci: Only remap the 1st 0x200 bytes of BAR 0
serial: samsung: Add the support for Exynos5433 SoC
* Revert "tty: Fix pty master poll() after slave closes v2"
drivers/tty/n_tty.c
usb: host: ehci-tegra: request deferred probe when failing to get phy
uas: disable UAS on Apricorn SATA dongles
USB: EHCI: adjust error return code
* scsi: ->queue_rq can't sleep
drivers/scsi/scsi_lib.c
arm: dts: Use pmu_system_controller phandle for dp phy
NFSv4: Remove incorrect check in can_open_delegated()
NFS: Ignore transport protocol when detecting server trunking
NFSv4/v4.1: Verify the client owner id during trunking detection
* NFSv4: Cache the NFSv4/v4.1 client owner_id in the struct nfs_client
include/linux/nfs_fs_sb.h
ARM: dra7xx: Fix counter frequency drift for AM572x errata i856
* iio: iio: Fix iio_channel_read return if channel havn't info
drivers/iio/inkern.c
phy: phy-ti-pipe3: fix inconsistent enumeration of PCIe gen2 cards
phy-sun4i-usb: Change disconnect threshold value for sun6i
usb: dwc2: gadget: kill requests with 'force' in s3c_hsotg_udc_stop()
* usb: musb: Fix randconfig build issues for Kconfig options
drivers/usb/musb/Kconfig
* usb: gadget: f_uac1: access freed memory at f_audio_free_inst
drivers/usb/gadget/function/f_uac1.c
usb: musb: Fix a few off-by-one lengths
ARM: shmobile: r8a7740: Instantiate GIC from C board code in legacy builds
* PCI: Mark Atheros AR9580 to avoid bus reset
drivers/pci/quirks.c
pinctrl: at91: fix null pointer dereference
Revert "drm/i915: Fix mutex->owner inspection race under DEBUG_MUTEXES"
ahci_xgene: Fix the DMA state machine lockup for the ATA_CMD_PACKET PIO mode command.
usb: gadget: gadgetfs: fix an oops in ep_write()
mmc: sdhci: restore behavior when setting VDD via external regulator
s390/ftrace/jprobes: Fix conflict between jprobes and function graph tracing
cxl: Fix issues when unmapping contexts
USB: qcserial: Fix support for HP lt4112 LTE/HSPA+ Gobi 4G Modem
s390/kvm: REPLACE barrier fixup with READ_ONCE
ocfs2: fix journal commit deadlock in ocfs2_convert_inline_data_to_extents
dm thin: restore requested 'error_if_no_space' setting on OODS to WRITE transition
net: cxgb3_main: fix a missing-check bug
* perf/ring_buffer: Prevent concurent ring buffer access
kernel/events/core.c
smsc95xx: Check for Wake-on-LAN modes
smsc75xx: Check for Wake-on-LAN modes
sr9800: Check for supported Wake-on-LAN modes
* ax88179_178a: Check for supported Wake-on-LAN modes
drivers/net/usb/ax88179_178a.c
* asix: Check for supported Wake-on-LAN modes
drivers/net/usb/asix_common.c
* xfrm: validate template mode
net/xfrm/xfrm_user.c
ARM: 8799/1: mm: fix pci_ioremap_io() offset check
* cfg80211: reg: Init wiphy_idx in regulatory_hint_core()
net/wireless/reg.c
* xfrm6: call kfree_skb when skb is toobig
net/ipv6/xfrm6_output.c
* xfrm: Validate address prefix lengths in the xfrm selector.
net/xfrm/xfrm_user.c
powerpc/tm: Avoid possible userspace r1 corruption on reclaim
powerpc/tm: Fix userspace r13 corruption
media: af9035: prevent buffer overflow on write
* ip6_tunnel: be careful when accessing the inner header
net/ipv6/ip6_tunnel.c
* rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
net/core/rtnetlink.c
net: systemport: Fix wake-up interrupt race during resume
net: mvpp2: Extract the correct ethtype from the skb for tx csum offload
team: Forbid enslaving team device to itself
qlcnic: fix Tx descriptor corruption on 82xx devices
net/usb: cancel pending work when unbinding smsc75xx
netlabel: check for IPV4MASK in addrinfo_get
* net/ipv6: Display all addresses in output of /proc/net/if_inet6
net/ipv6/addrconf.c
* ip_tunnel: be careful when accessing the inner header
net/ipv4/ip_tunnel.c
* xhci: Don't print a warning when setting link state for disabled ports
drivers/usb/host/xhci-hub.c
i2c: i2c-scmi: fix for i2c_smbus_write_block_data
mach64: detect the dot clock divider correctly on sparc
stmmac: fix valid numbers of unicast filter entries
mfd: omap-usb-host: Fix dts probe of children
selftests/efivarfs: add required kernel configs
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit ce1039bd3a89e99e4f624e75fb1777fc92d76eb3 ]
Commit 5f893b2639b2 "tracing: Move enabling tracepoints to just after
rcu_init()" broke the enabling of system call events from the command
line. The reason was that the enabling of command line trace events
was moved before PID 1 started, and the syscall tracepoints require
that all tasks have the TIF_SYSCALL_TRACEPOINT flag set. But the
swapper task (pid 0) is not part of that. Since the swapper task is the
only task that is running at this early in boot, no task gets the
flag set, and the tracepoint never gets reached.
Instead of setting the swapper task flag (there should be no reason to
do that), re-enabled trace events again after the init thread (PID 1)
has been started. It requires disabling all command line events and
re-enabling them, as just enabling them again will not reset the logic
to set the TIF_SYSCALL_TRACEPOINT flag, as the syscall tracepoint will
be fooled into thinking that it was already set, and wont try setting
it again. For this reason, we must first disable it and re-enable it.
Link: http://lkml.kernel.org/r/1421188517-18312-1-git-send-email-mpe@ellerman.id.au
Link: http://lkml.kernel.org/r/20150115040506.216066449@goodmis.org
Reported-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.124
* ebtables: arpreply: Add the standard target sanity check
include/linux/netfilter_bridge/ebtables.h
ubifs: Check for name being NULL while mounting
* cgroup: Fix deadlock in cpu hotplug path
kernel/cgroup.c
* ext4: avoid running out of journal credits when appending to an inline file
fs/ext4/ext4.h
fs/ext4/inline.c
fs/ext4/xattr.c
* jbd2: don't mark block as modified if the handle is out of credits
fs/jbd2/transaction.c
* ext4: add more inode number paranoia checks
fs/ext4/ext4.h
fs/ext4/inode.c
fs/ext4/super.c
* ext4: never move the system.data xattr out of the inode body
fs/ext4/xattr.c
* ext4: always verify the magic number in xattr blocks
fs/ext4/xattr.c
* ext4: add corruption check in ext4_xattr_set_entry()
fs/ext4/xattr.c
* ext4: fix false negatives *and* false positives in ext4_check_descriptors()
fs/ext4/super.c
* ext4: always check block group bounds in ext4_init_block_bitmap()
fs/ext4/balloc.c
* ext4: fix check to prevent initializing reserved inodes
fs/ext4/ialloc.c
fs/ext4/super.c
* ext4: only look at the bg_flags field if it is valid
fs/ext4/balloc.c
fs/ext4/ialloc.c
fs/ext4/mballoc.c
fs/ext4/super.c
USB: serial: simple: add Motorola Tetra MTP6550 id
* PM / core: Clear the direct_complete flag on errors
drivers/base/power/main.c
mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
* PCI: Reprogram bridge prefetch registers on resume
drivers/pci/pci.c
x86/vdso: Fix vDSO syscall fallback asm constraint regression
x86/vdso: Fix asm constraints on vDSO syscall fallbacks
fbdev/omapfb: fix omapfb_memory_read infoleak
* proc: restrict kernel stack dumps to root
fs/proc/base.c
mtd: fsl-quadspi: fix macro collision problems with READ/WRITE
* Make file credentials available to the seqfile interfaces
fs/seq_file.c
include/linux/seq_file.h
dm thin metadata: fix __udivdi3 undefined on 32-bit
ocfs2: fix locking for res->tracking and dlm->tracking_list
crypto: mxs-dcp - Fix wait logic on chan threads
smb2: fix missing files in root share directory listing
xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage
xen/manage: don't complain about an empty value in control/sysrq node
cifs: read overflow in is_valid_oplock_break()
s390/qeth: don't dump past end of unknown HW header
r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
hexagon: modify ffs() and fls() to return int
arch/hexagon: fix kernel/dma.c build warning
dm thin metadata: try to avoid ever aborting transactions
fs/cifs: suppress a string overflow warning
USB: yurex: Check for truncation in yurex_read()
RDMA/ucma: check fd type in ucma_migrate_id()
* mm: madvise(MADV_DODUMP): allow hugetlbfs pages
mm/madvise.c
tools/vm/page-types.c: fix "defined but not used" warning
tools/vm/slabinfo.c: fix sign-compare warning
mac80211: shorten the IBSS debug messages
mac80211: Fix station bandwidth setting after channel switch
mac80211: fix a race between restart and CSA flows
fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
* cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
net/wireless/nl80211.c
gpio: adp5588: Fix sleep-in-atomic-context bug
mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
* media: v4l: event: Prevent freeing event subscriptions while accessed
drivers/media/v4l2-core/v4l2-event.c
drivers/media/v4l2-core/v4l2-fh.c
include/media/v4l2-fh.h
arm64: KVM: Sanitize PSTATE.M when being set from userspace
hwmon: (adt7475) Make adt7475_read_word() return errors
e1000: ensure to free old tx/rx rings in set_ringparam()
e1000: check on netif_running() before calling e1000_up()
* thermal: of-thermal: disable passive polling when thermal zone is disabled
drivers/thermal/of-thermal.c
* ext4: verify the depth of extent tree in ext4_find_extent()
fs/ext4/ext4_extents.h
fs/ext4/extents.c
arm64: KVM: Tighten guest core register access from userspace
* staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free
drivers/staging/android/ion/ion.c
scsi: target: iscsi: Use bin2hex instead of a re-implementation
* USB: remove LPM management from usb_driver_claim_interface()
drivers/usb/core/driver.c
Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()"
* USB: usbdevfs: restore warning for nonsensical flags
drivers/usb/core/devio.c
* USB: usbdevfs: sanitize flags more
drivers/usb/core/devio.c
media: uvcvideo: Support realtek's UVC 1.5 device
* slub: make ->cpu_partial unsigned int
include/linux/slub_def.h
mm/slub.c
* USB: handle NULL config in usb_find_alt_setting()
drivers/usb/core/usb.c
* USB: fix error handling in usb_driver_claim_interface()
drivers/usb/core/driver.c
spi: rspi: Fix interrupted DMA transfers
spi: sh-msiof: Fix handling of write value for SISTR register
spi: tegra20-slink: explicitly enable/disable clock
serial: cpm_uart: return immediately from console poll
floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
nfsd: fix corrupted reply to badly ordered compound
* module: exclude SHN_UNDEF symbols from kallsyms api
kernel/module.c
* ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
sound/soc/soc-dapm.c
scsi: bnx2i: add error handling for ioremap_nocache
HID: hid-ntrig: add error handling for sysfs_create_group
ARM: mvebu: declare asm symbols as character arrays in pmsu.c
wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
media: tm6000: add error handling for dvb_register_adapter
drivers/tty: add error handling for pcmcia_loop_config
* staging: android: ashmem: Fix mmap size validation
drivers/staging/android/ashmem.c
media: soc_camera: ov772x: correct setting of banding filter
media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
ALSA: snd-aoa: add of_node_put() in error path
s390/extmem: fix gcc 8 stringop-overflow warning
* alarmtimer: Prevent overflow for relative nanosleep
kernel/time/alarmtimer.c
usb: wusbcore: security: cast sizeof to int for comparison
scsi: ibmvscsi: Improve strings handling
scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size
x86/tsc: Add missing header to tsc_msr.c
powerpc/kdump: Handle crashkernel memory reservation failure
media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
USB: serial: kobil_sct: fix modem-status error handling
uwb: hwa-rc: fix memory leak at probe
x86/numa_emulation: Fix emulated-to-physical node mapping
tsl2550: fix lux1_input error in low light
* crypto: skcipher - Fix -Wstringop-truncation warnings
crypto/ablkcipher.c
crypto/blkcipher.c
* HID: sony: Support DS4 dongle
drivers/hid/hid-core.c
drivers/hid/hid-ids.h
drivers/hid/hid-sony.c
* HID: sony: Update device ids
drivers/hid/hid-core.c
drivers/hid/hid-ids.h
drivers/hid/hid-sony.c
* arm64: Add trace_hardirqs_off annotation in ret_to_user
arch/arm64/kernel/entry.S
* ext4: don't mark mmp buffer head dirty
fs/ext4/mmp.c
* ext4: fix online resize's handling of a too-small final block group
fs/ext4/resize.c
* ext4: recalucate superblock checksum after updating free blocks/inodes
fs/ext4/super.c
* ext4: avoid divide by zero fault when deleting corrupted inline directories
fs/ext4/dir.c
fs/ext4/inline.c
ocfs2: fix ocfs2 read block panic
scsi: target: iscsi: Use hex2bin instead of a re-implementation
* ipv6: fix possible use-after-free in ip6_xmit()
net/ipv6/ip6_output.c
* neighbour: confirm neigh entries when ARP packet is received
net/core/neighbour.c
net: hp100: fix always-true check for link up state
net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT
* gso_segment: Reset skb->mac_len after modifying network header
net/ipv4/af_inet.c
net/ipv6/ip6_offload.c
* mm: shmem.c: Correctly annotate new inodes for lockdep
mm/shmem.c
* ring-buffer: Allow for rescheduling when removing pages
kernel/trace/ring_buffer.c
ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO
ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping
ASoC: cs4265: fix MMTLR Data switch control
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 83f365554e47997ec68dc4eca3f5dce525cd15c3 upstream.
When reducing ring buffer size, pages are removed by scheduling a work
item on each CPU for the corresponding CPU ring buffer. After the pages
are removed from ring buffer linked list, the pages are free()d in a
tight loop. The loop does not give up CPU until all pages are removed.
In a worst case behavior, when lot of pages are to be freed, it can
cause system stall.
After the pages are removed from the list, the free() can happen while
the work is rescheduled. Call cond_resched() in the loop to prevent the
system hangup.
Link: http://lkml.kernel.org/r/20180907223129.71994-1-vnagarnaik@google.com
Cc: stable@vger.kernel.org
Fixes: 83f40318dab00 ("ring-buffer: Make removal of ring buffer pages atomic")
Reported-by: Jason Behmer <jbehmer@google.com>
Signed-off-by: Vaibhav Nagarnaik <vnagarnaik@google.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.122
bcache: release dc->writeback_lock properly in bch_writeback_thread()
* getxattr: use correct xattr length
fs/xattr.c
udlfb: set optimal write delay
* fb: fix lost console when the user unplugs a USB adapter
drivers/video/fbdev/core/fbmem.c
pwm: tiehrpwm: Fix disabling of output of PWMs
ubifs: Fix synced_i_size calculation for xattr inodes
Revert "UBIFS: Fix potential integer overflow in allocation"
ubifs: Fix memory leak in lprobs self-check
userns: move user access out of the mutex
userns; Correct the comment in map_write
* sys: don't hold uts_sem while accessing userspace memory
kernel/sys.c
kernel/utsname_sysctl.c
osf_getdomainname(): use copy_to_user()
* mm/tlb: Remove tlb_remove_table() non-concurrent condition
mm/memory.c
ARM: tegra: Fix Tegra30 Cardhu PCA954x reset
pnfs/blocklayout: off by one in bl_map_stripe()
9p: fix multiple NULL-pointer-dereferences
uprobes: Use synchronize_rcu() not synchronize_sched()
* kthread, tracing: Don't expose half-written comm when creating kthreads
kernel/kthread.c
* tracing/blktrace: Fix to allow setting same value
kernel/trace/blktrace.c
* tracing: Do not call start/stop() functions when tracing_on does not change
kernel/trace/trace.c
iio: ad9523: Fix return value for ad952x_store()
iio: ad9523: Fix displayed phase
dm cache metadata: save in-core policy_hint_size to on-disk superblock
net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
net/9p/client.c: version pointer uninitialized
9p/virtio: fix off-by-one error in sg list bounds check
powerpc/pseries: Fix endianness while restoring of r3 in MCE handler.
powerpc/fadump: handle crash memory ranges array index overflow
spi: davinci: fix a NULL pointer dereference
Change-Id: I3be93732bb8171e1057aa4a384b56a020f027770
Signed-off-by: Petri Gynther <pgynther@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 016f8ffc48cb01d1e7701649c728c5d2e737d295 upstream.
While debugging another bug, I was looking at all the synchronize*()
functions being used in kernel/trace, and noticed that trace_uprobes was
using synchronize_sched(), with a comment to synchronize with
{u,ret}_probe_trace_func(). When looking at those functions, the data is
protected with "rcu_read_lock()" and not with "rcu_read_lock_sched()". This
is using the wrong synchronize_*() function.
Link: http://lkml.kernel.org/r/20180809160553.469e1e32@gandalf.local.home
Cc: stable@vger.kernel.org
Fixes: 70ed91c6ec7f8 ("tracing/uprobes: Support ftrace_event_file base multibuffer")
Acked-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 757d9140072054528b13bbe291583d9823cde195 upstream.
Masami Hiramatsu reported:
Current trace-enable attribute in sysfs returns an error
if user writes the same setting value as current one,
e.g.
# cat /sys/block/sda/trace/enable
0
# echo 0 > /sys/block/sda/trace/enable
bash: echo: write error: Invalid argument
# echo 1 > /sys/block/sda/trace/enable
# echo 1 > /sys/block/sda/trace/enable
bash: echo: write error: Device or resource busy
But this is not a preferred behavior, it should ignore
if new setting is same as current one. This fixes the
problem as below.
# cat /sys/block/sda/trace/enable
0
# echo 0 > /sys/block/sda/trace/enable
# echo 1 > /sys/block/sda/trace/enable
# echo 1 > /sys/block/sda/trace/enable
Link: http://lkml.kernel.org/r/20180816103802.08678002@gandalf.local.home
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: linux-block@vger.kernel.org
Cc: stable@vger.kernel.org
Fixes: cd649b8bb830d ("blktrace: remove sysfs_blk_trace_enable_show/store()")
Reported-by: Masami Hiramatsu <mhiramat@kernel.org>
Tested-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit f143641bfef9a4a60c57af30de26c63057e7e695 upstream.
Currently, when one echo's in 1 into tracing_on, the current tracer's
"start()" function is executed, even if tracing_on was already one. This can
lead to strange side effects. One being that if the hwlat tracer is enabled,
and someone does "echo 1 > tracing_on" into tracing_on, the hwlat tracer's
start() function is called again which will recreate another kernel thread,
and make it unable to remove the old one.
Link: http://lkml.kernel.org/r/1533120354-22923-1-git-send-email-erica.bugden@linutronix.de
Cc: stable@vger.kernel.org
Fixes: 2df8f8a6a897e ("tracing: Fix regression with irqsoff tracer and tracing_on file")
Reported-by: Erica Bugden <erica.bugden@linutronix.de>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.120
reiserfs: fix broken xattr handling (heap corruption, bad retval)
PCI: hotplug: Don't leak pci_slot on registration failure
* packet: refine ring v3 block size test to hold one frame
net/packet/af_packet.c
* netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
net/netfilter/nf_conntrack_proto_dccp.c
* xfrm_user: prevent leaking 2 bytes of kernel memory
net/xfrm/xfrm_user.c
* staging: android: ion: check for kref overflow
drivers/staging/android/ion/ion.c
* tcp: identify cryptic messages as TCP seq # bugs
net/ipv4/tcp.c
net: qca_spi: Make sure the QCA7000 reset is triggered
net: qca_spi: Avoid packet drop during initial sync
* net: usb: rtl8150: demote allmulti message to dev_dbg()
drivers/net/usb/rtl8150.c
qlogic: check kstrtoul() for errors
ixgbe: Be more careful when modifying MAC filters
ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller
drm/armada: fix colorkey mode property
ARM: pxa: irq: fix handling of ICMR registers in suspend/resume
* netfilter: x_tables: set module owner for icmp(6) matches
net/ipv4/netfilter/ip_tables.c
net/ipv6/netfilter/ip6_tables.c
smsc75xx: Add workaround for gigabit link up hardware errata.
* tracing: Use __printf markup to silence compiler
kernel/trace/trace.c
ARM: imx_v4_v5_defconfig: Select ULPI support
m68k: fix "bad page state" oops on ColdFire boot
bnx2x: Fix receiving tx-timeout in error or recovery state.
drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes
md/raid10: fix that replacement cannot complete recovery after reassemble
dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate()
ARM: dts: da850: Fix interrups property for gpio
perf report powerpc: Fix crash if callchain is empty
ARM: dts: am437x: make edt-ft5x06 a wakeup source
brcmfmac: stop watchdog before detach and free everything
cxgb4: when disabling dcb set txq dcb priority to 0
Smack: Mark inode instant in smack_task_to_inode
* ipv6: mcast: fix unsolicited report interval after receiving querys
net/ipv6/mcast.c
locking/lockdep: Do not record IRQ state within lockdep code
net: davinci_emac: match the mdio device against its compatible if possible
* net: propagate dev_get_valid_name return code
net/core/dev.c
net: hamradio: use eth_broadcast_addr
enic: initialize enic->rfs_h.lock in enic_probe
* arm64: make secondary_start_kernel() notrace
arch/arm64/kernel/smp.c
* usb: gadget: composite: fix delayed_status race condition when set_interface
drivers/usb/gadget/composite.c
usb: dwc2: fix isoc split in transfer with no data
selftests: sync: add config fragment for testing sync framework
* netfilter: ipv6: nf_defrag: reduce struct net memory waste
include/net/net_namespace.h
include/net/netns/ipv6.h
net/ipv6/netfilter/nf_conntrack_reasm.c
isdn: Disable IIOCDBGVAR
* Bluetooth: avoid killing an already killed socket
net/bluetooth/sco.c
serial: 8250_dw: always set baud rate in dw8250_set_termios
USB: serial: sierra: fix potential deadlock at close
ALSA: vxpocket: Fix invalid endian conversions
* ALSA: memalloc: Don't exceed over the requested size
sound/core/memalloc.c
ALSA: cs5535audio: Fix invalid endian conversion
ALSA: virmidi: Fix too long output trigger loop
ALSA: vx222: Fix invalid endian conversions
vsock: split dwork to avoid reinitializations
net_sched: fix NULL pointer dereference when delete tcindex filter
net_sched: Fix missing res info when create new tc_index filter
* llc: use refcount_inc_not_zero() for llc_sap_find()
include/net/llc.h
net/llc/llc_core.c
* l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
net/l2tp/l2tp_core.c
dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart()
Change-Id: I49005b88c155468fdbe6caf72db4e977f32db57d
Signed-off-by: Petri Gynther <pgynther@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 26b68dd2f48fe7699a89f0cfbb9f4a650dc1c837 ]
Silence warnings (triggered at W=1) by adding relevant __printf attributes.
CC kernel/trace/trace.o
kernel/trace/trace.c: In function ‘__trace_array_vprintk’:
kernel/trace/trace.c:2979:2: warning: function might be possible candidate for ‘gnu_printf’ format attribute [-Wsuggest-attribute=format]
len = vscnprintf(tbuffer, TRACE_BUF_SIZE, fmt, args);
^~~
AR kernel/trace/built-in.o
Link: http://lkml.kernel.org/r/20180308205843.27447-1-malat@debian.org
Signed-off-by: Mathieu Malaterre <malat@debian.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.118
jfs: Fix inconsistency between memory allocation and ea_buf->max_size
* ring_buffer: tracing: Inherit the tracing setting to next ring buffer
include/linux/ring_buffer.h
kernel/trace/ring_buffer.c
kernel/trace/trace.c
scsi: qla2xxx: Return error when TMF returns
scsi: qla2xxx: Fix ISP recovery on unload
* scsi: sg: fix minor memory leak in error path
drivers/scsi/sg.c
crypto: padlock-aes - Fix Nano workaround data corruption
virtio_balloon: fix another race between migration and ballooning
can: ems_usb: Fix memory leak on ems_usb_disconnect()
squashfs: more metadata hardenings
squashfs: more metadata hardening
net: dsa: Do not suspend/resume closed slave_dev
* inet: frag: enforce memory limits earlier
net/ipv4/inet_fragment.c
* ipv4: remove BUG_ON() from fib_compute_spec_dst
net/ipv4/fib_frontend.c
* tcp: add one more quick ack after after ECN events
net/ipv4/tcp_input.c
* tcp: refactor tcp_ecn_check_ce to remove sk type cast
net/ipv4/tcp_input.c
* tcp: do not aggressively quick ack after ECN events
net/ipv4/tcp_input.c
* tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
include/net/tcp.h
net/ipv4/tcp_input.c
* tcp: do not force quickack when receiving out-of-order packets
net/ipv4/tcp_input.c
xen-netfront: wait xenbus state change when load module manually
NET: stmmac: align DMA stuff to largest cache line length
* squashfs: be more careful about metadata corruption
fs/squashfs/squashfs_fs.h
* random: mix rdrand with entropy sent in from userspace
drivers/char/random.c
media: si470x: fix __be16 annotations
media: omap3isp: fix unbalanced dma_iommu_mapping
* crypto: authenc - don't leak pointers to authenc keys
crypto/authenc.c
* crypto: authencesn - don't leak pointers to authenc keys
crypto/authencesn.c
* usb: hub: Don't wait for connect state at resume for powered-off ports
drivers/usb/core/hub.c
microblaze: Fix simpleImage format generation
rsi: Fix 'invalid vdd' warning in mmc
* ipconfig: Correctly initialise ic_nameservers
net/ipv4/ipconfig.c
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
ALSA: hda/ca0132: fix build failure when a local macro is defined
media: siano: get rid of __le32/__le16 cast warnings
bpf: fix references to free_bpf_prog_info() in comments
scsi: megaraid: silence a static checker bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: 3w-9xxx: fix a missing-check bug
perf: fix invalid bit in diagnostic entry
s390/cpum_sf: Add data entry sizes to sampling trailer entry
media: saa7164: Fix driver name in debug output
libata: Fix command retry decision
* tty: Fix data race in tty_insert_flip_string_fixed_flag
drivers/tty/pty.c
HID: i2c-hid: check if device is there before really probing
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
drm/radeon: fix mode_valid's return type
* ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
sound/usb/pcm.c
media: smiapp: fix timeout checking in smiapp_read_nvm
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
ALSA: emu10k1: Rate-limit error messages about page errors
* scsi: ufs: fix exception event handling
drivers/scsi/ufs/ufshcd.c
PCI: pciehp: Request control of native hotplug only if supported
powerpc/8xx: fix invalid register expression in head_8xx.S
powerpc/powermac: Mark variable x as unused
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/32: Add a missing include header
ath: Add regulatory mapping for Bahamas
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for FCC3_ETSIC
* PCI: Prevent sysfs disable of device while driver is attached
drivers/pci/pci-sysfs.c
wlcore: sdio: check for valid platform device data before suspend
mwifiex: handle race during mwifiex_usb_disconnect
* ASoC: dpcm: fix BE dai not hw_free and shutdown
sound/soc/soc-pcm.c
perf/x86/intel/uncore: Correct fixed counter index check for NHM
perf/x86/intel/uncore: Correct fixed counter index check in generic code
usbip: usbip_detach: Fix memory, udev context and udev leak
RDMA/mad: Convert BUG_ONs to error flows
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
infiniband: fix a possible use-after-free bug
* rtc: ensure rtc_set_alarm fails when alarms are not supported
drivers/rtc/interface.c
* mm/slub.c: add __printf verification to slab_err()
mm/slub.c
* mm: vmalloc: avoid racy handling of debugobjects in vunmap
mm/vmalloc.c
ALSA: fm801: add error handling for snd_ctl_add
ALSA: emu10k1: add error handling for snd_ctl_add
tracing: Quiet gcc warning about maybe unused link variable
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
* tracing: Fix possible double free in event_enable_trigger_func()
kernel/trace/trace_events_trigger.c
* tracing: Fix double free of event_trigger_data
kernel/trace/trace_events_trigger.c
Change-Id: If69c30350792e742a9c1a5927208383449eb7b12
Signed-off-by: Petri Gynther <pgynther@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 73c8d8945505acdcbae137c2e00a1232e0be709f upstream.
Maintain the tracing on/off setting of the ring_buffer when switching
to the trace buffer snapshot.
Taking a snapshot is done by swapping the backup ring buffer
(max_tr_buffer). But since the tracing on/off setting is defined
by the ring buffer, when swapping it, the tracing on/off setting
can also be changed. This causes a strange result like below:
/sys/kernel/debug/tracing # cat tracing_on
1
/sys/kernel/debug/tracing # echo 0 > tracing_on
/sys/kernel/debug/tracing # cat tracing_on
0
/sys/kernel/debug/tracing # echo 1 > snapshot
/sys/kernel/debug/tracing # cat tracing_on
1
/sys/kernel/debug/tracing # echo 1 > snapshot
/sys/kernel/debug/tracing # cat tracing_on
0
We don't touch tracing_on, but snapshot changes tracing_on
setting each time. This is an anomaly, because user doesn't know
that each "ring_buffer" stores its own tracing-enable state and
the snapshot is done by swapping ring buffers.
Link: http://lkml.kernel.org/r/153149929558.11274.11730609978254724394.stgit@devbox
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Tom Zanussi <tom.zanussi@linux.intel.com>
Cc: Hiraku Toyooka <hiraku.toyooka@cybertrust.co.jp>
Cc: stable@vger.kernel.org
Fixes: debdd57f5145 ("tracing: Make a snapshot feature available from userspace")
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
[ Updated commit log and comment in the code ]
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 2519c1bbe38d7acacc9aacba303ca6f97482ed53 upstream.
Commit 57ea2a34adf4 ("tracing/kprobes: Fix trace_probe flags on
enable_trace_kprobe() failure") added an if statement that depends on another
if statement that gcc doesn't see will initialize the "link" variable and
gives the warning:
"warning: 'link' may be used uninitialized in this function"
It is really a false positive, but to quiet the warning, and also to make
sure that it never actually is used uninitialized, initialize the "link"
variable to NULL and add an if (!WARN_ON_ONCE(!link)) where the compiler
thinks it could be used uninitialized.
Cc: stable@vger.kernel.org
Fixes: 57ea2a34adf4 ("tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure")
Reported-by: kbuild test robot <lkp@intel.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 57ea2a34adf40f3a6e88409aafcf803b8945619a upstream.
If enable_trace_kprobe fails to enable the probe in enable_k(ret)probe
it returns an error, but does not unset the tp flags it set previously.
This results in a probe being considered enabled and failures like being
unable to remove the probe through kprobe_events file since probes_open()
expects every probe to be disabled.
Link: http://lkml.kernel.org/r/20180725102826.8300-1-asavkov@redhat.com
Link: http://lkml.kernel.org/r/20180725142038.4765-1-asavkov@redhat.com
Cc: Ingo Molnar <mingo@redhat.com>
Cc: stable@vger.kernel.org
Fixes: 41a7dd420c57 ("tracing/kprobes: Support ftrace_event_file base multibuffer")
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Artem Savkov <asavkov@redhat.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 15cc78644d0075e76d59476a4467e7143860f660 upstream.
There was a case that triggered a double free in event_trigger_callback()
due to the called reg() function freeing the trigger_data and then it
getting freed again by the error return by the caller. The solution there
was to up the trigger_data ref count.
Code inspection found that event_enable_trigger_func() has the same issue,
but is not as easy to trigger (requires harder to trigger failures). It
needs to be solved slightly different as it needs more to clean up when the
reg() function fails.
Link: http://lkml.kernel.org/r/20180725124008.7008e586@gandalf.local.home
Cc: stable@vger.kernel.org
Fixes: 7862ad1846e99 ("tracing: Add 'enable_event' and 'disable_event' event trigger commands")
Reivewed-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 1863c387259b629e4ebfb255495f67cd06aa229b upstream.
Running the following:
# cd /sys/kernel/debug/tracing
# echo 500000 > buffer_size_kb
[ Or some other number that takes up most of memory ]
# echo snapshot > events/sched/sched_switch/trigger
Triggers the following bug:
------------[ cut here ]------------
kernel BUG at mm/slub.c:296!
invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC PTI
CPU: 6 PID: 6878 Comm: bash Not tainted 4.18.0-rc6-test+ #1066
Hardware name: Hewlett-Packard HP Compaq Pro 6300 SFF/339A, BIOS K01 v03.03 07/14/2016
RIP: 0010:kfree+0x16c/0x180
Code: 05 41 0f b6 72 51 5b 5d 41 5c 4c 89 d7 e9 ac b3 f8 ff 48 89 d9 48 89 da 41 b8 01 00 00 00 5b 5d 41 5c 4c 89 d6 e9 f4 f3 ff ff <0f> 0b 0f 0b 48 8b 3d d9 d8 f9 00 e9 c1 fe ff ff 0f 1f 40 00 0f 1f
RSP: 0018:ffffb654436d3d88 EFLAGS: 00010246
RAX: ffff91a9d50f3d80 RBX: ffff91a9d50f3d80 RCX: ffff91a9d50f3d80
RDX: 00000000000006a4 RSI: ffff91a9de5a60e0 RDI: ffff91a9d9803500
RBP: ffffffff8d267c80 R08: 00000000000260e0 R09: ffffffff8c1a56be
R10: fffff0d404543cc0 R11: 0000000000000389 R12: ffffffff8c1a56be
R13: ffff91a9d9930e18 R14: ffff91a98c0c2890 R15: ffffffff8d267d00
FS: 00007f363ea64700(0000) GS:ffff91a9de580000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055c1cacc8e10 CR3: 00000000d9b46003 CR4: 00000000001606e0
Call Trace:
event_trigger_callback+0xee/0x1d0
event_trigger_write+0xfc/0x1a0
__vfs_write+0x33/0x190
? handle_mm_fault+0x115/0x230
? _cond_resched+0x16/0x40
vfs_write+0xb0/0x190
ksys_write+0x52/0xc0
do_syscall_64+0x5a/0x160
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f363e16ab50
Code: 73 01 c3 48 8b 0d 38 83 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 79 db 2c 00 00 75 10 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e e3 01 00 48 89 04 24
RSP: 002b:00007fff9a4c6378 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f363e16ab50
RDX: 0000000000000009 RSI: 000055c1cacc8e10 RDI: 0000000000000001
RBP: 000055c1cacc8e10 R08: 00007f363e435740 R09: 00007f363ea64700
R10: 0000000000000073 R11: 0000000000000246 R12: 0000000000000009
R13: 0000000000000001 R14: 00007f363e4345e0 R15: 00007f363e4303c0
Modules linked in: ip6table_filter ip6_tables snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hwdep snd_hda_core snd_seq snd_seq_device i915 snd_pcm snd_timer i2c_i801 snd soundcore i2c_algo_bit drm_kms_helper
86_pkg_temp_thermal video kvm_intel kvm irqbypass wmi e1000e
---[ end trace d301afa879ddfa25 ]---
The cause is because the register_snapshot_trigger() call failed to
allocate the snapshot buffer, and then called unregister_trigger()
which freed the data that was passed to it. Then on return to the
function that called register_snapshot_trigger(), as it sees it
failed to register, it frees the trigger_data again and causes
a double free.
By calling event_trigger_init() on the trigger_data (which only ups
the reference counter for it), and then event_trigger_free() afterward,
the trigger_data would not get freed by the registering trigger function
as it would only up and lower the ref count for it. If the register
trigger function fails, then the event_trigger_free() called after it
will free the trigger data normally.
Link: http://lkml.kernel.org/r/20180724191331.738eb819@gandalf.local.home
Cc: stable@vger.kerne.org
Fixes: 93e31ffbf417 ("tracing: Add 'snapshot' event trigger command")
Reported-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.113
* rtnetlink: validate attributes in do_setlink()
net/core/rtnetlink.c
team: use netdev_features_t instead of u32
net/mlx4: Fix irq-unsafe spinlock usage
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
* net/packet: refine check for priv area size
net/packet/af_packet.c
isdn: eicon: fix a missing-check bug
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
enic: set DMA mask to 47 bit
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
bnx2x: use the right constant
drm: set FMODE_UNSIGNED_OFFSET for drm files
* mmap: relax file size limit for regular files
mm/mmap.c
* mmap: introduce sane default mmap limits
mm/mmap.c
* mm: fix the NULL mapping case in __isolate_lru_page()
mm/vmscan.c
* fix io_destroy()/aio_complete() race
fs/aio.c
drm/i915: Disable LVDS on Radiant P845
MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
* tcp: avoid integer overflows in tcp_rcv_space_adjust()
include/linux/tcp.h
net/ipv4/tcp_input.c
* cfg80211: further limit wiphy names to 64 bytes
include/uapi/linux/nl80211.h
* selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
security/selinux/ss/services.c
* tracing: Fix crash when freeing instances with event triggers
kernel/trace/trace_events_trigger.c
Change-Id: I08d5e737acc607f76cab0d67297a7c0cdef60ec0
Signed-off-by: Petri Gynther <pgynther@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 86b389ff22bd6ad8fd3cb98e41cd271886c6d023 upstream.
If a instance has an event trigger enabled when it is freed, it could cause
an access of free memory. Here's the case that crashes:
# cd /sys/kernel/tracing
# mkdir instances/foo
# echo snapshot > instances/foo/events/initcall/initcall_start/trigger
# rmdir instances/foo
Would produce:
general protection fault: 0000 [#1] PREEMPT SMP PTI
Modules linked in: tun bridge ...
CPU: 5 PID: 6203 Comm: rmdir Tainted: G W 4.17.0-rc4-test+ #933
Hardware name: Hewlett-Packard HP Compaq Pro 6300 SFF/339A, BIOS K01 v03.03 07/14/2016
RIP: 0010:clear_event_triggers+0x3b/0x70
RSP: 0018:ffffc90003783de0 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 6b6b6b6b6b6b6b2b RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8800c7130ba0
RBP: ffffc90003783e00 R08: ffff8801131993f8 R09: 0000000100230016
R10: ffffc90003783d80 R11: 0000000000000000 R12: ffff8800c7130ba0
R13: ffff8800c7130bd8 R14: ffff8800cc093768 R15: 00000000ffffff9c
FS: 00007f6f4aa86700(0000) GS:ffff88011eb40000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f6f4a5aed60 CR3: 00000000cd552001 CR4: 00000000001606e0
Call Trace:
event_trace_del_tracer+0x2a/0xc5
instance_rmdir+0x15c/0x200
tracefs_syscall_rmdir+0x52/0x90
vfs_rmdir+0xdb/0x160
do_rmdir+0x16d/0x1c0
__x64_sys_rmdir+0x17/0x20
do_syscall_64+0x55/0x1a0
entry_SYSCALL_64_after_hwframe+0x49/0xbe
This was due to the call the clears out the triggers when an instance is
being deleted not removing the trigger from the link list.
Cc: stable@vger.kernel.org
Fixes: 85f2b08268c01 ("tracing: Add basic event trigger framework")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.109
tracing/uprobe_event: Fix strncpy corner case
can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg()
* tracing: Fix regex_match_front() to not over compare the test string
kernel/trace/trace_events_filter.c
libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs
rfkill: gpio: fix memory leak in probe error path
* tcp: fix TCP_REPAIR_QUEUE bound checking
net/ipv4/tcp.c
* perf: Remove superfluous allocation error check
kernel/events/callchain.c
* soreuseport: initialise timewait reuseport field
include/net/inet_timewait_sock.h
net/ipv4/inet_timewait_sock.c
* net: fix uninit-value in __hw_addr_add_ex()
net/core/dev_addr_lists.c
* net: initialize skb->peeked when cloning
net/core/skbuff.c
* net: fix rtnh_ok()
include/net/nexthop.h
* netlink: fix uninit-value in netlink_sendmsg
net/netlink/af_netlink.c
usb: musb: host: fix potential NULL pointer dereference
USB: serial: visor: handle potential invalid device configuration
NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2
RDMA/mlx5: Protect from shift operand overflow
ALSA: aloop: Add missing cable lock to ctl API callbacks
ALSA: aloop: Mark paused device as inactive
ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger()
* ALSA: pcm: Check PCM state at xfern compat ioctl
sound/core/pcm_compat.c
perf session: Fix undeclared 'oe'
* perf/core: Fix the perf_cpu_time_max_percent check
kernel/events/core.c
* percpu: include linux/sched.h for cond_resched()
mm/percpu.c
Change-Id: I336fada82aba156445a8bbf6bbd1a23da7152109
Signed-off-by: Petri Gynther <pgynther@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 50268a3d266ecfdd6c5873d62b2758d9732fc598 upstream.
Fix string fetch function to terminate with NUL.
It is OK to drop the rest of string.
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Song Liu <songliubraving@fb.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: security@kernel.org
Cc: 范龙飞 <long7573@126.com>
Fixes: 5baaa59ef09e ("tracing/probes: Implement 'memory' fetch method for uprobes")
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit dc432c3d7f9bceb3de6f5b44fb9c657c9810ed6d upstream.
The regex match function regex_match_front() in the tracing filter logic,
was fixed to test just the pattern length from testing the entire test
string. That is, it went from strncmp(str, r->pattern, len) to
strcmp(str, r->pattern, r->len).
The issue is that str is not guaranteed to be nul terminated, and if r->len
is greater than the length of str, it can access more memory than is
allocated.
The solution is to add a simple test if (len < r->len) return 0.
Cc: stable@vger.kernel.org
Fixes: 285caad415f45 ("tracing/filters: Fix MATCH_FRONT_ONLY filter matching")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.103
Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin"
Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin"
* Revert "PCI/MSI: Stop disabling MSI/MSI-X in pci_device_shutdown()"
drivers/pci/pci-driver.c
md/raid10: reset the 'first' at the end of loop
ARM: dts: dra7: Add power hold and power controller properties to palmas
Documentation: pinctrl: palmas: Add ti,palmas-powerhold-override property definition
vt: change SGR 21 to follow the standards
Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad
Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list
* fs/proc: Stop trying to report thread stacks
fs/proc/task_mmu.c
* proc: revert /proc/<pid>/maps [stack:TID] annotation
fs/proc/task_mmu.c
include/linux/mm.h
mm/util.c
crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one
* crypto: ahash - Fix early termination in hash walk
crypto/ahash.c
parport_pc: Add support for WCH CH382L PCI-E single parallel port card.
media: usbtv: prevent double free in error case
mei: remove dev_err message on an unsupported ioctl
USB: serial: cp210x: add ELDAT Easywave RX09 id
USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator
USB: serial: ftdi_sio: add RT Systems VX-8 cable
* media: v4l2-compat-ioctl32: initialize a reserved field
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32: use compat_u64 for video standard
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: media/v4l2-ctrls: volatiles should not generate CH_VALUE
drivers/media/v4l2-core/v4l2-ctrls.c
* media: v4l2-ctrls: fix sparse warning
drivers/media/v4l2-core/v4l2-ctrls.c
* media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: avoid sizeof(type)
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: fix the indentation
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
* vb2: V4L2_BUF_FLAG_DONE is set after DQBUF
drivers/media/v4l2-core/videobuf2-core.c
* media: v4l2-ioctl.c: don't copy back the result for -ENOTTY
drivers/media/v4l2-core/v4l2-ioctl.c
scsi: virtio_scsi: always read VPD pages for multiqueue too
* Bluetooth: Fix missing encryption refresh on Security Request
net/bluetooth/smp.c
* netfilter: x_tables: add and use xt_check_proc_name
include/linux/netfilter/x_tables.h
net/netfilter/x_tables.c
net/netfilter/xt_hashlimit.c
netfilter: bridge: ebt_among: add more missing match size checks
* xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
net/xfrm/xfrm_state.c
* net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
net/xfrm/xfrm_ipcomp.c
* xfrm_user: uncoditionally validate esn replay attribute struct
net/xfrm/xfrm_user.c
kprobes/x86: Fix to set RWX bits correctly before releasing trampoline
* xhci: Fix ring leak in failure path of xhci_alloc_virt_device()
drivers/usb/host/xhci-mem.c
* Revert "led: core: Fix brightness setting when setting delay_off=0"
drivers/leds/led-core.c
usb: gadget: f_hid: fix: Prevent accessing released memory
* usb: gadget: align buffer size when allocating for OUT endpoint
drivers/usb/gadget/u_f.c
drivers/usb/gadget/u_f.h
* usb: gadget: fix usb_ep_align_maybe endianness and new usb_ep_align
include/linux/usb/gadget.h
* usb: gadget: change len to size_t on alloc_ep_req()
drivers/usb/gadget/u_f.c
drivers/usb/gadget/u_f.h
* usb: gadget: define free_ep_req as universal function
drivers/usb/gadget/function/f_midi.c
drivers/usb/gadget/u_f.c
drivers/usb/gadget/u_f.h
* partitions/msdos: Unable to mount UFS 44bsd partitions
block/partitions/msdos.c
* perf/hwbp: Simplify the perf-hwbp code, fix documentation
kernel/events/hw_breakpoint.c
ALSA: pcm: potential uninitialized return values
* ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent()
sound/core/pcm_native.c
mtd: jedec_probe: Fix crash in jedec_read_mfr()
net: fec: Fix unbalanced PM runtime calls
s390/qeth: on channel error, reject further cmd requests
s390/qeth: lock read device while queueing next buffer
s390/qeth: when thread completes, wake up all waiters
s390/qeth: free netdevice when removing a card
team: Fix double free in error path
* skbuff: Fix not waking applications when errors are enqueued
net/core/skbuff.c
* net: Only honor ifindex in IP_PKTINFO if non-0
net/ipv4/ip_sockglue.c
* netlink: avoid a double skb free in genlmsg_mcast()
net/netlink/genetlink.c
net/iucv: Free memory obtained by kzalloc
net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred
* l2tp: do not accept arbitrary sockets
net/l2tp/l2tp_core.c
* ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option()
net/ipv6/ndisc.c
dccp: check sk for closed state in dccp_sendmsg()
* Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs"
kernel/irq/manage.c
* scsi: sg: don't return bogus Sg_requests
drivers/scsi/sg.c
kvm/x86: fix icebp instruction handling
tty: vt: fix up tabstops properly
can: cc770: Fix use after free in cc770_tx_interrupt()
can: cc770: Fix queue stall & dropped RTR reply
can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
staging: ncpfs: memory corruption in ncp_read_kernel()
tracing: probeevent: Fix to support minus offset from symbol
brcmfmac: fix P2P_DEVICE ethernet address generation
drm: udl: Properly check framebuffer mmap offsets
libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
libata: Enable queued TRIM for Samsung SSD 860
libata: disable LPM for Crucial BX100 SSD 500GB drive
libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
libata: remove WARN() for DMA or PIO command without data
libata: fix length validation of ATAPI-relayed SCSI commands
ALSA: aloop: Fix access to not-yet-ready substream via cable
ALSA: aloop: Sync stale timer before release
* ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
include/uapi/linux/usb/audio.h
Change-Id: I1e821a4308efd258f9e7294e70429ae0335c2bb0
Signed-off-by: Petri Gynther <pgynther@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit c5d343b6b7badd1f5fe0873eff2e8d63a193e732 upstream.
In Documentation/trace/kprobetrace.txt, it says
@SYM[+|-offs] : Fetch memory at SYM +|- offs (SYM should be a data symbol)
However, the parser doesn't parse minus offset correctly, since
commit 2fba0c8867af ("tracing/kprobes: Fix probe offset to be
unsigned") drops minus ("-") offset support for kprobe probe
address usage.
This fixes the traceprobe_split_symbol_offset() to parse minus
offset again with checking the offset range, and add a minus
offset check in kprobe probe address usage.
Link: http://lkml.kernel.org/r/152129028983.31874.13419301530285775521.stgit@devbox
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Tom Zanussi <tom.zanussi@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Ravi Bangoria <ravi.bangoria@linux.vnet.ibm.com>
Cc: stable@vger.kernel.org
Fixes: 2fba0c8867af ("tracing/kprobes: Fix probe offset to be unsigned")
Acked-by: Namhyung Kim <namhyung@kernel.org>
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Linux 3.18.100
fixup: sctp: verify size of a new chunk in _sctp_make_chunk()
serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
usb: usbmon: Read text within supplied buffer size
USB: usbmon: remove assignment from IS_ERR argument
* usb: quirks: add control message delay for 1b1c:1b20
* staging: android: ashmem: Fix lockdep issue during llseek
uas: fix comparison for error code
tty/serial: atmel: add new version check for usart
serial: sh-sci: prevent lockup on full TTY buffers
x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
x86/module: Detect and skip invalid relocations
scripts: recordmcount: break hardlinks
ubi: Fix race condition between ubi volume creation and udev
netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
netfilter: bridge: ebt_among: add missing match size checks
* netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
* netfilter: IDLETIMER: be syzkaller friendly
* netfilter: nat: cope with negative port range
netfilter: x_tables: fix missing timer initialization in xt_LED
ALSA: seq: More protection for concurrent write and ioctl races
ALSA: seq: Don't allow resizing pool in use
x86/MCE: Serialize sysfs changes
Input: matrix_keypad - fix race when disabling interrupts
MIPS: BMIPS: Do not mask IPIs during suspend
scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS
Linux 3.18.99
* dm io: fix duplicate bio completion due to missing ref count
* fib_semantics: Don't match route with mismatching tclassid
* net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
sctp: verify size of a new chunk in _sctp_make_chunk()
s390/qeth: fix IPA command submission race
s390/qeth: fix SETIP command handling
sctp: fix dst refcnt leak in sctp_v6_get_dst()
* udplite: fix partial checksum initialization
* ppp: prevent unregistered channels from connecting to PPP units
* netlink: ensure to loop over all netns in genlmsg_multicast_allns()
* net: fix race on decreasing number of TX queues
* ipv6 sit: work around bogus gcc-8 -Wrestrict warning
hdlc_ppp: carrier detect ok, don't turn off negotiation
* bridge: check brport attr show in brport_show
* leds: do not overflow sysfs buffer in led_trigger_show
net: fec: introduce fec_ptp_stop and use in probe fail path
ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
* ALSA: usb-audio: Add a quirck for B&W PX headphones
tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus
tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus
Linux 3.18.98
net: gianfar_ptp: move set_fipers() to spinlock protecting area
sctp: make use of pre-calculated len
xen/gntdev: Fix partial gntdev_mmap() cleanup
xen/gntdev: Fix off-by-one error when unmapping with holes
SolutionEngine771x: fix Ether platform data
mdio-sun4i: Fix a memory leak
xen-netfront: enable device after manual module load
drm/ttm: check the return value of kzalloc
e1000: fix disabling already-disabled warning
xfs: quota: check result of register_shrinker()
xfs: quota: fix missed destroy of qi_tree_lock
s390/dasd: fix wrongly assigned configuration data
* led: core: Fix brightness setting when setting delay_off=0
bnx2x: Improve reliability in case of nested PCI errors
tg3: Enable PHY reset in MTU change path for 5720
tg3: Add workaround to restrict 5762 MRRS to 2048
scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
net: arc_emac: fix arc_emac_rx() error paths
spi: atmel: fixed spin_lock usage inside atmel_spi_remove
* sget(): handle failures of register_shrinker()
* ipv6: icmp6: Allow icmp messages to be looped back
mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM
* hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers)
* ipv6: Skip XFRM lookup if dst_entry in socket cache is valid
Linux 3.18.97
* ASN.1: fix out-of-bounds read when parsing indefinite length item
* usb: gadget: f_fs: Process all descriptors during bind
* usb: dwc3: gadget: Set maxpacket size for ep0 IN
* arm64: Disable unhandled signal log messages by default
* irqchip/gic-v3: Use wmb() instead of smb_wmb() in gic_raise_softirq()
x86/oprofile: Fix bogus GCC-8 warning in nmi_setup()
iio: adis_lib: Initialize trigger before requesting interrupt
* iio: buffer: check if a buffer has been set up when poll is called
cfg80211: fix cfg80211_beacon_dup
scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info
PCI: keystone: Fix interrupt-controller-node lookup
* netfilter: drop outermost socket lock in getsockopt()
Linux 3.18.96
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
KVM: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready" exceptions simultaneously
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
* xen: XEN_ACPI_PROCESSOR is Dom0-only
x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
* mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
dmaengine: jz4740: disable/unprepare clk if probe fails
* xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
spi: sun4i: disable clocks in the remove function
* 509: fix printing uninitialized stack memory when OID is empty
btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
net_sched: red: Avoid illegal values
net_sched: red: Avoid devision by zero
gianfar: fix a flooded alignment reports because of padding issue.
s390/dasd: prevent prefix I/O error
powerpc/perf: Fix oops when grouping different pmu events
scripts/kernel-doc: Don't fail with status != 0 if error encountered with -none
media: s5k6aa: describe some function parameters
perf bench numa: Fixup discontiguous/sparse numa nodes
perf top: Fix window dimensions change handling
ARM: dts: am4372: Correct the interrupts_properties of McASP
ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
* usb: build drivers/usb/common/ when USB_SUPPORT is set
usbip: keep usbip_device sockfd state in sync with tcp_socket
dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
video: fbdev/mmp: add MODULE_LICENSE
ASoC: ux500: add MODULE_LICENSE tag
* selinux: ensure the context is NUL terminated in security_context_to_sid_core()
* Provide a function to create a NUL-terminated string from unterminated data
* net: avoid skb_warn_bad_offload on IS_ERR
netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
* netfilter: on sockopt() acquire sock lock only in the required scope
netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
* netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
* netfilter: x_tables: fix int overflow in xt_alloc_table_info()
crypto: x86/twofish-3way - Fix %rbp usage
* selinux: skip bounded transition processing if the policy isn't loaded
* xfrm: check id proto in validate_tmpl()
* mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
media: r820t: fix r820t_write_reg for KASAN
ARM: dts: s5pv210: add interrupt-parent for ohci
ALSA: seq: Fix racy pool initializations
Btrfs: fix crash due to not cleaning up tree log block's dirty bits
Btrfs: fix deadlock in run_delalloc_nocow
console/dummy: leave .con_font_get set to NULL
video: fbdev: atmel_lcdfb: fix display-timings lookup
ext4: correct documentation for grpid mount option
* ext4: save error to disk in __ext4_grp_locked_error()
drm/radeon: adjust tested variable
ALSA: seq: Fix regression by incorrect ioctl_mutex usages
arm: spear13xx: Fix spics gpio controller's warning
arm: spear13xx: Fix dmas cells
arm: spear600: Add missing interrupt-parent of rtc
s390: fix handling of -1 in set{,fs}[gu]id16 syscalls
* PM / devfreq: Propagate error from devfreq_add_device()
IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports
Linux 3.18.95
mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy
ACPI: sbshc: remove raw pointer from printk() message
pktcdvd: Fix pkt_setup_dev() error path
EDAC, octeon: Fix an uninitialized variable warning
xtensa: fix futex_atomic_cmpxchg_inatomic
alpha: fix reboot on Avanti platform
alpha: fix crash if pthread_create races with signal delivery
signal/sh: Ensure si_signo is initialized in do_divide_error
signal/openrisc: Fix do_unaligned_access to send the proper signal
* kernel/async.c: revert "async: simplify lowest_in_progress()"
media: cxusb, dib0700: ignore XC2028_I2C_FLUSH
crypto: caam - fix endless loop when DECO acquire fails
* crypto: cryptd - pass through absence of ->setkey()
* crypto: hash - introduce crypto_hash_alg_has_setkey()
* kernfs: fix regression in kernfs_fop_write caused by wrong type
NFS: commit direct writes even if they fail partially
NFS: Add a cond_resched() to nfs_commit_release_pages()
mtd: nand: Fix nand_do_read_oob() return value
media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner
media: dvb-usb-v2: lmedm04: Improve logic checking of warm start
dccp: CVE-2017-8824: use-after-free in DCCP code
usbip: vhci: stop printing kernel pointer addresses in messages
usbip: stub: stop printing kernel pointer addresses in messages
usbip: prevent leaking socket pointer address in messages
usbip: vhci-hcd: Add USB3 SuperSpeed support
usb: usbip: Fix possible deadlocks reported by lockdep
usbip: Fix potential format overflow in userspace tools
usbip: prevent vhci_hcd driver from leaking a socket pointer address
usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
usbip: fix stub_rx: get_pipe() to validate endpoint number
* posix-timer: Properly check sigevent->sigev_notify
CIFS: zero sensitive data when freeing
cifs: Fix autonegotiate security settings mismatch
cifs: Fix missing put_xid in cifs_file_strict_mmap
* ipv4: Map neigh lookup keys in __ipv4_neigh_lookup_noref()
* KEYS: encrypted: fix buffer overread in valid_master_desc()
ARM: exynos_defconfig: Enable NFSv4 client
ARM: exynos_defconfig: Enable options to mount a rootfs via NFS
* tcp: release sk_frag.page in tcp_disconnect
r8169: fix RTL8168EP take too long to complete driver initialization.
qlcnic: fix deadlock bug
* net: igmp: add a missing rcu locking section
ip6mr: fix stale iterator
vhost_net: stop device during reset owner
Linux 3.18.94
um: Fix out-of-tree build
ASoC: pcm512x: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
spi: imx: do not access registers while clocks disabled
* selinux: general protection fault in sock_has_perm
usb: uas: unconditionally bring back host after reset
* usb: f_fs: Prevent gadget unbind if it is already unbound
* USB: serial: simple: add Motorola Tetra driver
usbip: list: don't list devices attached to vhci_hcd
usbip: prevent bind loops on devices attached to vhci_hcd
USB: serial: io_edgeport: fix possible sleep-in-atomic
CDC-ACM: apply quirk for card reader
USB: cdc-acm: Do not log urb submission errors on disconnect
* USB: serial: pl2303: new device id for Chilitag
staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID
* usb: gadget: don't dereference g until after it has been null checked
media: usbtv: add a new usbid
* scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg
* quota: Check for register_shrinker() failure.
* net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit
hwmon: (pmbus) Use 64bit math for DIRECT format values
nfsd: check for use of the closed special stateid
nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0)
xen-netfront: remove warning when unloading module
KVM: VMX: Fix rflags cache during vCPU reset
mac80211: fix the update of path metric for RANN frame
bcache: check return value of register_shrinker
KVM: X86: Fix operand/address-size during instruction decoding
KVM: x86: Don't re-execute instruction when not passing CR2 value
KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure
igb: Free IRQs when device is hotplugged
gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
ALSA: seq: Make ioctls race-free
* loop: fix concurrent lo_open/lo_release
um: Remove copy&paste code from init.h
um: Stop abusing __KERNEL__
um: link vmlinux with -no-pie
* Input: do not emit unneeded EV_SYN when suspending
Linux 3.18.93
* hrtimer: Reset hrtimer cpu base proper on CPU hotplug
* ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY
* ipv6: fix udpv6 sendmsg crash caused by too small MTU
* net: Allow neigh contructor functions ability to modify the primary_key
vmxnet3: repair memory leak
sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
sctp: do not allow the v4 socket to bind a v4mapped v6 address
* pppoe: take ->needed_headroom of lower device into account on xmit
* net: qdisc_pkt_len_init() should be more robust
* tcp: __tcp_hdrlen() helper
* net: igmp: fix source address check for IGMPv3 reports
dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
* net: tcp: close sock if net namespace is exiting
x86/microcode/intel: Extend BDW late-loading further with LLC size check
* eventpoll.h: add missing epoll event masks
scsi: libiscsi: fix shifting of DID_REQUEUE host byte
* fs/fcntl: f_setown, avoid undefined behaviour
reiserfs: don't preallocate blocks for extended attributes
reiserfs: fix race in prealloc discard
netfilter: xt_osf: Add missing permission checks
netfilter: nfnetlink_cthelper: Add missing permission checks
netfilter: nf_conntrack_sip: extend request line validation
* netfilter: restart search if moved to other chain
* netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
ipc: msg, make msgrcv work with LONG_MIN
hwpoison, memcg: forcibly uncharge LRU pages
* mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
usbip: Fix implicit fallthrough warning
x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
MIPS: AR7: ensure the port type's FCR value is used
arm64: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls
dm thin metadata: THIN_MAX_CONCURRENT_LOCKS should be 6
dm btree: fix serious bug in btree_split_beneath()
ARM: dts: kirkwood: fix pin-muxing of MPP7 on OpenBlocks A7
* phy: work around 'phys' references to usb-nop-xceiv devices
Input: twl4030-vibra - fix sibling-node lookup
Input: twl4030-vibra - fix ERROR: Bad of_node_put() warning
Input: twl6040-vibra - fix child-node lookup
Input: twl6040-vibra - fix DT node memory management
Input: 88pm860x-ts - fix child-node lookup
* pipe: avoid round_pipe_size() nr_pages overflow on 32-bit
* af_key: fix buffer overread in parse_exthdrs()
* af_key: fix buffer overread in verify_address_len()
ALSA: hda - Apply the existing quirk to iMac 14,1
* ALSA: pcm: Remove yet superfluous WARN_ON()
* futex: Prevent overflow by strengthen input validation
* scsi: sg: disable SET_FORCE_LOW_DMA
* gcov: disable for COMPILE_TEST
Linux 3.18.92
e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
uas: ignore UAS for Norelsys NS1068(X) chips
* Bluetooth: Prevent stack info leak from the EFS element.
* staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
usbip: remove kernel addresses from usb device and urb debug msgs
USB: fix usbmon BUG trigger
usb: misc: usb3503: make sure reset is low for at least 100us
USB: serial: cp210x: add new device ID ELV ALC 8xxx
USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
Revert "can: kvaser_usb: free buf in error paths"
target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK
iscsi-target: Make TASK_REASSIGN use proper se_cmd->cmd_kref
x86/microcode/intel: Extend BDW late-loading with a revision check
* crypto: algapi - fix NULL dereference in crypto_remove_spawns()
* net: stmmac: enable EEE in MII, GMII or RGMII only
sh_eth: fix SH7757 GEther initialization
sh_eth: fix TSU resource handling
RDS: null pointer dereference in rds_atomic_free_op
RDS: Heap OOB write in rds_message_alloc_sgs()
8021q: fix a memory leak for VLAN 0 device
x86/acpi: Reduce code duplication in mp_override_legacy_irq()
ALSA: aloop: Fix racy hw constraints adjustment
ALSA: aloop: Fix inconsistent format due to incomplete rule
ALSA: aloop: Release cable upon open error path
ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
ALSA: pcm: Abort properly at pending signal in OSS read/write loops
ALSA: pcm: Add missing error checks in OSS emulation plugin builder
* ALSA: pcm: Remove incorrect snd_BUG_ON() usages
x86/acpi: Handle SCI interrupts above legacy space gracefully
kvm: vmx: Scrub hardware GPRs at VM-exit
* perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
MIPS: Factor out NT_PRFPREG regset access helpers
IB/srpt: Disable RDMA access by the initiator
can: gs_usb: fix return value of the "set_bittiming" callback
Input: elantech - add new icbody type 15
* kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
* kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals
* kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL
fscache: Fix the default for fscache_maybe_release_page()
crypto: n2 - cure use after free
kernel/acct.c: fix the acct->needcheck check in check_free_space()
Linux 3.18.91
* n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
* usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201
* usb: add RESET_RESUME for ELSA MicroLink 56K
* usb: Add device quirk for Logitech HD Pro Webcam C925e
USB: serial: option: add support for Telit ME910 PID 0x1101
* net: ipv4: fix for a race condition in raw_sendmsg
sctp: Replace use of sockets_allocated with specified macro.
net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case
tg3: Fix rx hang on MTU change with 5717/5719
* tcp md5sig: Use skb's saddr when replying to an incoming segment
net: qmi_wwan: add Sierra EM7565 1199:9091
* netlink: Add netns check on taps
* net: igmp: Use correct source address on IGMPv3 reports
* ipv6: mcast: better catch silly mtu values
* ipv4: igmp: guard against silly MTU values
* kbuild: add '-fno-stack-check' to kernel build options
ASoC: twl4030: fix child-node lookup
* ring-buffer: Mask out the info bits when returning buffer page length
* tracing: Fix crash when it fails to alloc ring buffer
* tracing: Fix possible double free on failure of allocating trace buffer
* tracing: Remove extra zeroing out of the ring buffer page
net: mvneta: clear interface link status on port disable
powerpc/perf: Dereference BHRB entries safely
KVM: X86: Fix load RFLAGS w/o the fixed bit
parisc: Hide Diva-built-in serial aux and graphics card
* PCI / PM: Force devices to D0 in pci_pm_thaw_noirq()
* ALSA: usb-audio: Fix the missing ctl name suffix at parsing SU
* ALSA: rawmidi: Avoid racy info ioctl via ctl device
mfd: twl6040: Fix child-node lookup
mfd: twl4030-audio: Fix sibling-node lookup
crypto: mcryptd - protect the per-CPU queue with a lock
ACPI: APEI / ERST: Fix missing error handling in erst_reader()
Linux 3.18.90
fm10k: ensure we process SM mbx when processing VF mbx
scsi: lpfc: PLOGI failures during NPIV testing
scsi: lpfc: Fix secure firmware updates
PCI/AER: Report non-fatal errors only to the affected endpoint
igb: check memory allocation failure
PCI: Create SR-IOV virtfn/physfn links before attaching driver
scsi: cxgb4i: fix Tx skb leak
* PCI: Avoid bus reset if bridge itself is broken
net: phy: at803x: Change error to EINVAL for invalid MAC
crypto: crypto4xx - increase context and scatter ring buffer elements
backlight: pwm_bl: Fix overflow condition
cpuidle: powernv: Pass correct drv->cpumask for registration
ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory
* xhci: plat: Register shutdown for xhci_plat
isdn: kcapi: avoid uninitialized data
ARM: dts: am335x-evmsk: adjust mmc2 param to allow suspend
netfilter: nf_nat_snmp: Fix panic when snmp_trap_helper fails to register
netfilter: nfnl_cthelper: fix a race when walk the nf_ct_helper_hash table
irda: vlsi_ir: fix check for DMA mapping errors
i40e: Do not enable NAPI on q_vectors that have no rings
* net: Do not allow negative values for busy_read and busy_poll sysctl interfaces
s390/qeth: no ETH header for outbound AF_IUCV
* HID: xinmo: fix for out of range for THT 2P arcade controller.
hwmon: (asus_atk0110) fix uninitialized data access
ARM: dts: ti: fix PCI bus dtc warnings
KVM: x86: correct async page present tracepoint
scsi: lpfc: Fix PT2PT PRLI reject
netfilter: nfnl_cthelper: Fix memory leak
netfilter: nfnl_cthelper: fix runtime expectation policy updates
usb: gadget: udc: remove pointer dereference after free
usb: gadget: f_uvc: Sanity check wMaxPacketSize for SuperSpeed
net: qmi_wwan: Add USB IDs for MDM6600 modem on Motorola Droid 4
* crypto: deadlock between crypto_alg_sem/rtnl_mutex/genl_mutex
* r8152: fix the list rx_done may be used without initialization
* cpuidle: Validate cpu_dev in cpuidle_add_sysfs()
ALSA: hda - add support for docking station for HP 820 G2
* arm64: Initialise high_memory global variable earlier
Linux 3.18.89
usb: musb: da8xx: fix babble condition handling
ath9k: fix tx99 potential info leak
macvlan: Only deliver one copy of the frame to the macvlan interface
udf: Avoid overflow when session starts at large offset
scsi: bfa: integer overflow in debugfs
* scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry
raid5: Set R5_Expanded on parity devices as well as data.
* pinctrl: adi2: Fix Kconfig build problem
* tty fix oops when rmmod 8250
* PCI: Detach driver before procfs & sysfs teardown on device remove
xfs: fix log block underflow during recovery cycle verification
bcache: fix wrong cache_misses statistics
bcache: explicitly destroy mutex while exiting
GFS2: Take inode off order_write list when setting jdata flag
* thermal/drivers/step_wise: Fix temperature regulation misbehavior
* ppp: Destroy the mutex when cleanup
clk: tegra: Fix cclk_lp divisor register
* mm: Handle 0 flags in _calc_vm_trans() macro
arm-ccn: perf: Prevent module unload while PMU is in use
target/file: Do not return error for UNMAP if length is zero
target:fix condition return in core_pr_dump_initiator_port()
iscsi-target: fix memory leak in lio_target_tiqn_addtpg()
target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd()
powerpc/ipic: Fix status get and status clear
powerpc/opal: Fix EBUSY bug in acquiring tokens
powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo
PCI/PME: Handle invalid data when reading Root Status
video: fbdev: au1200fb: Return an error code if a memory allocation fails
video: fbdev: au1200fb: Release some resources if a memory allocation fails
video: udlfb: Fix read EDID timeout
fbdev: controlfb: Add missing modes to fix out of bounds access
target: Use system workqueue for ALUA transitions
btrfs: add missing memset while reading compressed inline extents
NFSv4.1 respect server's max size in CREATE_SESSION
perf symbols: Fix symbols__fixup_end heuristic for corner cases
afs: Fix afs_kill_pages()
afs: Fix page leak in afs_write_begin()
afs: Populate and use client modification time
afs: Fix the maths in afs_fs_store_data()
afs: Flush outstanding writes when an fd is closed
afs: Adjust mode bits processing
afs: Populate group ID from vnode status
afs: Fix missing put_page()
drm/radeon: reinstate oland workaround for sclk
* sched/deadline: Use deadline instead of period when calculating overflow
drm/radeon/si: add dpm quirk for Oland
openrisc: fix issue handling 8 byte get_user calls
* net: Resend IGMP memberships upon peer notification.
* dmaengine: Fix array index out of bounds warning in __get_unmap_pool()
net: wimax/i2400m: fix NULL-deref at probe
Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list
NFSD: fix nfsd_reset_versions for NFSv4.
NFSD: fix nfsd_minorversion(.., NFSD_AVAIL)
net: bcmgenet: Power up the internal PHY before probing the MII
net: bcmgenet: correct MIB access of UniMAC RUNT counters
net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values
usb: phy: isp1301: Add OF device ID table
mac80211: Fix addition of mesh configuration element
* KEYS: Don't permit request_key() to construct a new keyring
* Don't leak a key reference if request_key() tries to use a revoked keyring
* ext4: fix crash when a directory's i_size is too small
* xhci: Don't add a virt_dev to the devs array before it's fully allocated
usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer
* USB: core: prevent malicious bNumInterfaces overflow
* USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID
autofs: fix careless error in recent commit
crypto: salsa20 - fix blkcipher_walk API usage
* crypto: hmac - require that the underlying hash algorithm is unkeyed
Linux 3.18.88
* usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping
arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one
* audit: ensure that 'audit=1' actually enables audit for PID 1
afs: Connect up the CB.ProbeUuid
IB/mlx5: Assign send CQ and recv CQ of UMR QP
IB/mlx4: Increase maximal message size under UD QP
* xfrm: Copy policy family in clone_policy
atm: horizon: Fix irq release error
sctp: use the right sk after waking up from wait_buf sleep
sctp: do not free asoc when it is already dead in sctp_sendmsg
sparc64/mm: set fields in deferred pages
sunrpc: Fix rpc_task_begin trace point
NFS: Fix a typo in nfs_rename()
dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0
* lib/genalloc.c: make the avail variable an atomic_long_t
* route: update fnhe_expires for redirect when the fnhe exists
* route: also update fnhe_genid when updating a route cache
EDAC, i5000, i5400: Fix definition of NRECMEMB register
EDAC, i5000, i5400: Fix use of MTR_DRAM_WIDTH macro
axonram: Fix gendisk handling
i2c: riic: fix restart condition
crypto: s5p-sss - Fix completing crypto request in IRQ handler
* ipv6: reorder icmpv6_init() and ip6_mr_init()
bnx2x: fix possible overrun of VFPF multicast addresses array
spi_ks8995: fix "BUG: key accdaa28 not in .data!"
arm: KVM: Survive unknown traps from guests
KVM: nVMX: reset nested_run_pending if the vCPU is going to be reset
irqchip/crossbar: Fix incorrect type of register size
scsi: lpfc: Fix crash during Hardware error recovery on SLI3 adapters
* workqueue: trigger WARN if queue_delayed_work() is called with NULL @wq
libata: drop WARN from protocol error in ata_sff_qc_issue()
USB: gadgetfs: Fix a potential memory leak in 'dev_config()'
usb: gadget: configs: plug memory leak
selftest/powerpc: Fix false failures for skipped tests
Revert "s390/kbuild: enable modversions for symbols exported from asm"
* Revert "drm/armada: Fix compile fail"
* net/packet: fix a race in packet_bind() and packet_notifier()
* sit: update frag_off info
rds: Fix NULL pointer dereference in __rds_rdma_map
* arm64: fpsimd: Prevent registers leaking from dead tasks
KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
* arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one
media: dvb: i2c transfers over usb cannot be done from stack
kdb: Fix handling of kallsyms_symbol_next() return value
iommu/vt-d: Fix scatterlist offset handling
* ALSA: usb-audio: Add check return value for usb_string()
* ALSA: usb-audio: Fix out-of-bound error
ALSA: seq: Remove spurious WARN_ON() at timer check
* ALSA: pcm: prevent UAF in snd_pcm_info
x86/PCI: Make broadcom_postcore_init() check acpi_disabled
* X.509: reject invalid BIT STRING for subjectPublicKey
* KEYS: add missing permission check for request_key() destination
* ASN.1: check for error from ASN1_OP_END__ACT actions
* efi: Move some sysfs files to be read-only by root
isa: Prevent NULL dereference in isa_bus driver callbacks
hv: kvp: Avoid reading past allocated blocks from KVP file
virtio: release virtio index when fail to device_register
can: usb_8dev: cancel urb on -EPIPE and -EPROTO
can: esd_usb2: cancel urb on -EPIPE and -EPROTO
can: ems_usb: cancel urb on -EPIPE and -EPROTO
can: kvaser_usb: cancel urb on -EPIPE and -EPROTO
can: kvaser_usb: ratelimit errors if incomplete messages are received
can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback()
can: kvaser_usb: free buf in error paths
Linux 3.18.87
usb: host: fix incorrect updating of offset
* USB: usbfs: Filter flags passed in from user space
* USB: devio: Prevent integer overflow in proc_do_submiturb()
* USB: Increase usbfs transfer limit
* usb: hub: Cycle HUB power when initialization fails
serial: 8250_pci: Add Amazon PCI serial device ID
* usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub
uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices
ima: fix hash algorithm initialization
net: fec: fix multicast filtering hardware setup
* mm: avoid returning VM_FAULT_RETRY from ->page_mkwrite handlers
tipc: fix cleanup at module unload
net: sctp: fix array overrun read on sctp_timer_tbl
NFSv4: Fix client recovery when server reboots multiple times
net/appletalk: Fix kernel memory disclosure
* vti6: fix device register to report IFLA_INFO_KIND
ARM: OMAP1: DMA: Correct the number of logical channels
perf test attr: Fix ignored test case result
* sysrq : fix Show Regs call trace on ARM
EDAC, sb_edac: Fix missing break in switch
spi: sh-msiof: Fix DMA transfer size check
serial: 8250_fintek: Fix rs485 disablement on invalid ioctl()
bcache: recover data from backing when data is clean
bcache: only permit to recovery read error when cache device is clean
Linux 3.18.86
drm/i915: Prevent zero length "index" write
drm/i915: Don't try indexed reads to alternate slave addresses
NFS: revalidate "." etc correctly on "open".
drm/panel: simple: Add missing panel_simple_unprepare() calls
eeprom: at24: check at24_read/write arguments
KVM: x86: inject exceptions produced by x86_decode_insn
KVM: x86: Exit to user-mode on #UD intercept when emulator requires
btrfs: clear space cache inode generation always
* mm/madvise.c: fix madvise() infinite loop under special circumstances
mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()
* ipsec: Fix aborted xfrm policy dump crash
* netlink: add a start callback for starting a netlink dump
Linux 3.18.85
xen: xenbus driver must not accept invalid transaction ids
s390/kbuild: enable modversions for symbols exported from asm
ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data
btrfs: return the actual error value from from btrfs_uuid_tree_iterate
netfilter: nf_tables: fix oob access
netfilter: nft_queue: use raw_smp_processor_id()
staging: iio: cdc: fix improper return value
mac80211: Suppress NEW_PEER_CANDIDATE event if no room
mac80211: Remove invalid flag operations in mesh TSF synchronization
ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE
* drm/armada: Fix compile fail
net: 3com: typhoon: typhoon_init_one: fix incorrect return values
net: 3com: typhoon: typhoon_init_one: make return values more specific
* PCI: Apply _HPX settings only to relevant devices
RDS: RDMA: return appropriate error on rdma map failures
e1000e: Separate signaling for link check/link up
e1000e: Fix return value test
e1000e: Fix error path in link detection
iio: iio-trig-periodic-rtc: Free trigger resource correctly
* USB: fix buffer overflows with parsing CDC headers
mtd: nand: Fix writing mtdoops to nand flash.
net/9p: Switch to wait_event_killable()
* media: v4l2-ctrl: Fix flags field on Control events
media: rc: check for integer overflow
media: Don't do DMA on stack for firmware upload in the AS102 driver
powerpc/signal: Properly handle return value from uprobe_deny_signal()
parisc: Fix validity check of pointer size argument in new CAS implementation
ixgbe: Fix skb list corruption on Power systems
fm10k: Use smp_rmb rather than read_barrier_depends
i40evf: Use smp_rmb rather than read_barrier_depends
ixgbevf: Use smp_rmb rather than read_barrier_depends
igbvf: Use smp_rmb rather than read_barrier_depends
igb: Use smp_rmb rather than read_barrier_depends
i40e: Use smp_rmb rather than read_barrier_depends
* time: Always make sure wall_to_monotonic isn't positive
NFC: fix device-allocation error return
IB/srpt: Do not accept invalid initiator port names
clk: ti: dra7-atl-clock: fix child-node lookups
clk: ti: dra7-atl-clock: Fix of_node reference counting
KVM: SVM: obey guest PAT
KVM: nVMX: set IDTR and GDTR limits when loading L1 host state
iscsi-target: Fix non-immediate TMR reference leak
fs/9p: Compare qid.path in v9fs_test_inode
* ALSA: timer: Remove kernel warning at compat ioctl error paths
* ALSA: usb-audio: Add sanity checks in v2 clock parsers
* ALSA: usb-audio: Fix potential out-of-bound access at parsing SU
* ALSA: usb-audio: Add sanity checks to FE parser
* ext4: fix interaction between i_size, fallocate, and delalloc after a crash
nfsd: deal with revoked delegations appropriately
nfs: Fix ugly referral attributes
NFS: Fix typo in nomigration mount option
isofs: fix timestamps beyond 2027
bcache: check ca->alloc_thread initialized before wake up it
eCryptfs: use after free in ecryptfs_release_messaging()
nilfs2: fix race condition that causes file system corruption
autofs: don't fail mount for transient error
MIPS: BCM47XX: Fix LED inversion for WRT54GSv1
MIPS: Fix an n32 core file generation regset support regression
* dm: fix race between dm_get_from_kobject() and __dm_destroy()
* dm bufio: fix integer overflow when limiting maximum cache size
ALSA: hda: Add Raven PCI ID
ARM: 8721/1: mm: dump: check hardware RO bit for LPAE
x86/decoder: Add new TEST instruction pattern
* lib/mpi: call cond_resched() from mpi_powm() loop
* sched: Make resched_cpu() unconditional
* ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER
s390/disassembler: increase show_code buffer size
Linux 3.18.84
coda: fix 'kernel memory exposure attempt' in fsync
ipmi: fix unsigned long underflow
ocfs2: should wait dio before inode lock in ocfs2_setattr()
ima: do not update security.ima if appraisal status is not INTEGRITY_PASS
vlan: fix a use-after-free in vlan_device_event()
* af_netlink: ensure that NLMSG_DONE never fails in dumps
fealnx: Fix building error on MIPS
sctp: do not peel off an assoc from one netns to another one
* netfilter/ipvs: clear ipvs_property flag when SKB net namespace changed
* tcp: do not mangle skb->cb[] in tcp_make_synack()
net/sctp: Always set scope_id in sctp_inet6_skb_msgname
* ipv6/dccp: do not inherit ipv6_mc_list from parent
Linux 3.18.83
USB: serial: garmin_gps: fix memory leak on probe errors
USB: serial: garmin_gps: fix I/O after failed probe and remove
USB: serial: garmin_gps: fix memory leak on failed URB submit
USB: serial: qcserial: add pid/vid for Sierra Wireless EM7355 fw update
* USB: Add delay-init quirk for Corsair K70 LUX keyboards
* USB: usbfs: compute urb->actual_length for isochronous
uapi: fix linux/rds.h userspace compilation errors
uapi: fix linux/rds.h userspace compilation error
Revert "uapi: fix linux/rds.h userspace compilation errors"
* Revert "crypto: xts - Add ECB dependency"
MIPS: Netlogic: Exclude netlogic,xlp-pic code from XLR builds
MIPS: init: Ensure reserved memory regions are not added to bootmem
MIPS: End asm function prologue macros with .insn
ixgbe: handle close/suspend race with netif_device_detach/present
ixgbe: fix AER error handling
gpu: drm: mgag200: mgag200_main:- Handle error from pci_iomap
backlight: adp5520: Fix error handling in adp5520_bl_probe()
* backlight: lcd: Fix race condition during register
ALSA: vx: Fix possible transfer overflow
ALSA: vx: Don't try to update capture stream before running
scsi: lpfc: Correct issue leading to oops during link reset
scsi: lpfc: Correct host name in symbolic_name field
scsi: lpfc: FCoE VPort enable-disable does not bring up the VPort
scsi: lpfc: Add missing memory barrier
staging: rtl8188eu: fix incorrect ERROR tags from logs
igb: Fix hw_dbg logging in igb_update_flash_i210
igb: close/suspend race in netif_device_detach
igb: reset the PHY before reading the PHY ID
drm/sti: sti_vtg: Handle return NULL error from devm_ioremap_nocache
* ata: SATA_MV should depend on HAS_DMA
* ata: SATA_HIGHBANK should depend on HAS_DMA
* ata: ATA_BMDMA should depend on HAS_DMA
ARM: dts: Fix omap3 off mode pull defines
ARM: OMAP2+: Fix init for multiple quirks for the same SoC
extcon: palmas: Check the parent instance to prevent the NULL
iscsi-target: Fix iscsi_np reset hung task during parallel delete
media: dib0700: fix invalid dvb_detach argument
media: imon: Fix null-ptr-deref in imon_probe
Linux 3.18.82
target/iscsi: Fix iSCSI task reassignment handling
* security/keys: add CONFIG_KEYS_COMPAT to Kconfig
ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err
ipip: only increase err_count for some certain type icmp in ipip_err
* ipv6: flowlabel: do not leave opt->tot_len with garbage
sctp: reset owner sk for data chunks on out queues when migrating a sock
* tun: allow positive return values on dev_get_valid_name() call
net/unix: don't show information about sockets from other namespaces
sctp: add the missing sock_owned_by_user check in sctp_icmp_redirect
* tun: call dev_get_valid_name() before register_netdevice()
* l2tp: check ps->sock before running pppol2tp_session_ioctl()
* tcp: fix tcp_mtu_probe() vs highest_sack
* tun/tap: sanitize TUNSETSNDBUF input
Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config"
Input: ims-psu - check if CDC union descriptor is sane
usb: usbtest: fix NULL pointer dereference
mac80211: don't compare TKIP TX MIC key in reinstall prevention
mac80211: use constant time comparison with keys
mac80211: accept key reinstall without changing anything
Revert "ceph: unlock dangling spinlock in try_flush_caps()"
Linux 3.18.81
x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
can: c_can: don't indicate triple sampling support for D_CAN
rbd: use GFP_NOIO for parent stat and data requests
MIPS: AR7: Ensure that serial ports are properly set up
MIPS: Fix CM region target definitions
MIPS: microMIPS: Fix incorrect mask in insn_table_MM
ALSA: seq: Avoid invalid lockdep class warning
ALSA: seq: Fix OSS sysex delivery in OSS emulation
ARM: 8720/1: ensure dump_instr() checks addr_limit
* KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
crypto: x86/sha1-mb - fix panic due to unaligned access
KEYS: trusted: fix writing past end of buffer in trusted_read()
KEYS: trusted: sanitize all key material
IB/ipoib: Change list_del to list_del_init in the tx object
Input: mpr121 - set missing event capability
Input: mpr121 - handle multiple bits change of status register
* IPsec: do not ignore crypto err in ah4 input
* usb: hcd: initialize hcd->flags to 0 when rm hcd
serial: sh-sci: Fix register offsets for the IRDA serial port
* phy: increase size of MII_BUS_ID_SIZE and bus_id
dt-bindings: Add vendor prefix for LEGO
dt-bindings: Add LEGO MINDSTORMS EV3 compatible specification
iio: trigger: free trigger resource correctly
ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6
drm: drm_minor_register(): Clean up debugfs on failure
ARM: dts: imx53-qsb-common: fix FEC pinmux config
xen/netback: set default upper limit of tx/rx queues to 8
video: fbdev: pmag-ba-fb: Remove bad `__init' annotation
Linux 3.18.80
staging: r8712u: Fix Sparse warning in rtl871x_xmit.c
xen: don't print error message in case of missing Xenstore entry
bt8xx: fix memory leak
s390/dasd: check for device error pointer within state change interrupts
staging: lustre: ptlrpc: skip lock if export failed
staging: lustre: hsm: stack overrun in hai_dump_data_field
platform/x86: intel_mid_thermal: Fix module autoload
xen/manage: correct return value check on xenbus_scanf()
cx231xx: Fix I2C on Internal Master 3 Bus
i2c: riic: correctly finish transfers
* ext4: do not use stripe_width if it is not set
* ext4: fix stripe-unaligned allocations
staging: rtl8712u: Fix endian settings for structs describing network packets
mmc: s3cmci: include linux/interrupt.h for tasklet_struct
x86/microcode/intel: Disable late loading on model 79
drm/msm: fix an integer overflow test
drm/msm: Fix potential buffer overflow issue
ocfs2: fstrim: Fix start offset of first cluster group during fstrim
ARM: 8715/1: add a private asm/unaligned.h
* arm64: ensure __dump_instr() checks addr_limit
ASoC: adau17x1: Workaround for noise bug in ADC
* KEYS: fix out-of-bounds read during ASN.1 parsing
* KEYS: return full count in keyring_read() if buffer is too small
cifs: check MaxPathNameComponentLength != 0 before using it
ALSA: seq: Fix nested rwsem annotation for lockdep splat
* ALSA: timer: Add missing mutex lock for compat ioctls
* blk-mq: fix race between timeout and freeing request
Linux 3.18.79
* ecryptfs: fix dereference of NULL user_key_payload
can: kvaser_usb: Correct return value in printout
* scsi: sg: Re-fix off by one in sg_fill_request_table()
scsi: zfcp: fix erp_action use-before-initialize in REC action trace
* assoc_array: Fix a buggy node-splitting case
Input: gtco - fix potential out-of-bound access
* fuse: fix READDIRPLUS skipping an entry
* spi: uapi: spidev: add missing ioctl header
* usb: xhci: Handle error condition in xhci_stop_device()
ceph: unlock dangling spinlock in try_flush_caps()
Linux 3.18.78
FS-Cache: fix dereference of NULL user_key_payload
* af_packet: don't pass empty blocks for PACKET_V3
parisc: Fix double-word compare and exchange in LWS code on 32-bit kernels
parisc: Avoid trashing sr2 and sr3 in LWS code
* cls_api.c: Fix dumping of non-existing actions' stats.
* KEYS: don't let add_key() update an uninstantiated key
lib/digsig: fix dereference of NULL user_key_payload
* KEYS: encrypted: fix dereference of NULL user_key_payload
bus: mbus: fix window size calculation for 4GB windows
brcmsmac: make some local variables 'static const' to reduce stack size
i2c: ismt: Separate I2C block read from SMBus block read
ALSA: hda: Remove superfluous '-' added by printk conversion
ALSA: seq: Enable 'use' locking in all configurations
can: esd_usb2: Fix can_dlc value for received RTR, frames
can: gs_usb: fix busy loop if no more TX context is available
* usb: hub: Allow reset retry for USB2 devices on connect bounce
* usb: quirks: add quirk for WORLDE MINI MIDI keyboard
usb: cdc_acm: Add quirk for Elatec TWN3
USB: serial: metro-usb: add MS7820 device id
* USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
* USB: devio: Revert "USB: devio: Don't corrupt user memory"
Linux 3.18.77
Revert "tty: goldfish: Fix a parameter of a call to free_irq"
target/iscsi: Fix unsolicited data seq_end_offset calculation
* uapi: fix linux/mroute6.h userspace compilation errors
uapi: fix linux/rds.h userspace compilation errors
scsi: scsi_dh_emc: return success in clariion_std_inquiry()
ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
* crypto: xts - Add ECB dependency
net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs
Btrfs: send, fix failure to rename top level inode due to name collision
iio: adc: xilinx: Fix error handling
* netfilter: nf_ct_expect: Change __nf_ct_expect_check() return value.
irqchip/crossbar: Fix incorrect type of local variables
watchdog: kempld: fix gcc-4.3 build
locking/lockdep: Add nest_lock integrity test
Revert "bsg-lib: don't free job in bsg_prepare_job"
* net: Set sk_prot_creator when cloning sockets to the right proto
* packet: in packet_do_bind, test fanout with bind_lock held
* l2tp: fix race condition in l2tp_tunnel_delete
* l2tp: Avoid schedule while atomic in exit_net
* vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit
isdn/i4l: fetch the ppp_write buffer in one shot
* packet: hold bind lock when rebinding to fanout hook
bpf/verifier: reject BPF_ALU64|BPF_END
* sctp: potential read out of bounds in sctp_ulpevent_type_enabled()
* ext4: avoid deadlock when expanding inode size
drm/dp/mst: save vcpi with payloads
x86/mm: Disable preemption during CR3 read+write
Linux 3.18.76
Revert "usb: gadget: inode.c: fix unbalanced spin_lock in ep0_write"
ALSA: seq: Fix missing NULL check at remove_events ioctl
USB: serial: console: fix use-after-free after failed setup
USB: serial: qcserial: add Dell DW5818, DW5819
USB: serial: option: add support for TP-Link LTE module
USB: serial: cp210x: add support for ELV TFD500
* fix unbalanced page refcounting in bio_map_user_iov
* direct-io: Prevent NULL pointer access in submit_page_section
* usb: gadget: composite: Fix use-after-free in usb_composite_overwrite_options
ALSA: caiaq: Fix stray URB at probe error path
ALSA: seq: Fix copy_from_user() call inside lock
ALSA: seq: Fix use-after-free at creating a port
* ALSA: usb-audio: Kill stray URB at exiting
iommu/amd: Finish TLB flush in amd_iommu_unmap()
usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
* crypto: shash - Fix zero-length shash ahash digest crash
* HID: usbhid: fix out-of-bounds bug
CIFS: Reconnect expired SMB sessions
* ext4: in ext4_seek_{hole,data}, return -ENXIO for negative offsets
Linux 3.18.75
* ext4: fix fencepost in s_first_meta_bg validation
* ext4: validate s_first_meta_bg at mount time
ext4: Don't clear SGID when inheriting ACLs
* ext4: fix data corruption for mmap writes
* fs/super.c: fix race between freeze_super() and thaw_super()
* ext4: only call ext4_truncate when size <= isize
drm/i915/bios: ignore HDMI on port A
HID: i2c-hid: allocate hid buffers for real worst case
* driver core: platform: Don't read past the end of "driver_override" buffer
ALSA: usx2y: Suppress kernel warning at page allocation failures
* lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
uwb: ensure that endpoint is interrupt
uwb: properly check kthread_run return value
iio: adc: mcp320x: Fix oops on module unload
iio: ad7793: Fix the serial interface reset
* iio: core: Return error for failed read_reg
staging: iio: ad7192: Fix - use the dedicated reset function avoiding dma from stack.
iio: ad_sigma_delta: Implement a dedicated reset function
* xhci: fix finding correct bus_state structure for USB 3.1 hosts
* USB: fix out-of-bounds in usb_set_configuration
* usb: Increase quirk delay for USB devices
USB: uas: fix bug in handling of alternate settings
* USB: devio: Don't corrupt user memory
USB: dummy-hcd: fix infinite-loop resubmission bug
USB: dummy-hcd: fix connection failures (wrong speed)
* usb: pci-quirks.c: Corrected timeout values used in handshake
* ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
* usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives
USB: gadgetfs: fix copy_to_user while holding spinlock
USB: gadgetfs: Fix crash caused by inadequate synchronization
usb: gadget: inode.c: fix unbalanced spin_lock in ep0_write
Linux 3.18.74
* mpi: Fix NULL ptr dereference in mpi_powm() [ver #3]
crypto: algif_skcipher - Load TX SG list after waiting
staging: nvec: remove duplicated const
ttpci: address stringop overflow warning
ALSA: au88x0: avoid theoretical uninitialized access
IB/qib: fix false-postive maybe-uninitialized warning
libata: transport: Remove circular dependency at free time
xfs: remove kmem_zalloc_greedy
md/raid10: submit bio directly to replacement disk
rds: ib: add error handle
parisc: perf: Fix potential NULL pointer dereference
netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max
exynos-gsc: Do not swap cb/cr for semi planar formats
* netfilter: invoke synchronize_rcu after set the _hook_ to NULL
* mmc: sdio: fix alignment issue in struct sdio_func
* usb: plusb: Add support for PL-27A1
team: fix memory leaks
* net/packet: check length in getsockopt() called with PACKET_HDRLEN
* net: core: Prevent from dereferencing null pointer when releasing SKB
* audit: log 32-bit socketcalls
* partitions/efi: Fix integer overflow in GPT size calculation
USB: serial: mos7840: fix control-message error handling
USB: serial: mos7720: fix control-message error handling
IB/ipoib: Replace list_del of the neigh->list with list_del_init
IB/ipoib: rtnl_unlock can not come after free_netdev
IB/ipoib: Fix deadlock over vlan_mutex
tty: goldfish: Fix a parameter of a call to free_irq
ARM: 8635/1: nommu: allow enabling REMAP_VECTORS_TO_RAM
hwmon: (gl520sm) Fix overflows and crash seen when writing into limit attributes
sh_eth: use correct name for ECMR_MPDE bit
MIPS: Ensure bss section ends on a long-aligned address
RDS: RDMA: Fix the composite message user notification
drm: bridge: add DT bindings for TI ths8135
Linux 3.18.73
fix xen_swiotlb_dma_mmap prototype
swiotlb-xen: implement xen_swiotlb_dma_mmap callback
video: fbdev: aty: do not leak uninitialized padding in clk to userspace
x86/fpu: Don't let userspace set bogus xcomp_bv
btrfs: prevent to set invalid default subvolid
* PCI: Fix race condition with driver_override
kvm: nVMX: Don't allow L2 to access the hardware CR8
* arm64: Make sure SPsel is always set
bsg-lib: don't free job in bsg_prepare_job
* nl80211: check for the required netlink attributes presence
* vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags
SMB: Validate negotiate (to protect against downgrade) even if signing off
powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
* KEYS: prevent KEYCTL_READ on negative key
* KEYS: prevent creating a different user's keyrings
* KEYS: fix writing past end of user-supplied buffer in keyring_read()
crypto: talitos - fix sha224
scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly
* tracing: Erase irqsoff trace with empty write
* tracing: Fix trace_pipe behavior for instance traces
KVM: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
mac80211: flush hw_roc_start work before cancelling the ROC
cifs: release auth_key.response for reconnect.
cifs: release cifs root_cred after exit_cifs
Linux 3.18.72
bcache: fix bch_hprint crash and improve output
bcache: fix for gc and write-back race
bcache: Correct return value for sysfs attach errors
bcache: correct cache_dirty_target in __update_writeback_rate()
bcache: Fix leak of bdev reference
bcache: initialize dirty stripes in flash_dev_run()
media: uvcvideo: Prevent heap overflow when accessing mapped controls
* media: v4l2-compat-ioctl32: Fix timespec conversion
PCI: shpchp: Enable bridge bus mastering if MSI is enabled
ARC: Re-enable MMU upon Machine Check exception
* tracing: Apply trace_clock changes to instance max buffer
ftrace: Fix selftest goto location on error
scsi: qla2xxx: Fix an integer overflow in sysfs code
* scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE
* scsi: sg: factor out sg_fill_request_table()
* scsi: sg: off by one in sg_ioctl()
* scsi: sg: use standard lists for sg_requests
* scsi: sg: remove 'save_scat_len'
scsi: zfcp: trace high part of "new" 64 bit SCSI LUN
scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response
scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
scsi: zfcp: fix missing trace records for early returns in TMF eh handlers
scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
skd: Submit requests to firmware before triggering the doorbell
skd: Avoid that module unloading triggers a use-after-free
md/bitmap: disable bitmap_resize for file-backed bitmaps.
* block: Relax a check in blk_start_queue()
powerpc: Fix DAR reporting when alignment handler faults
* ext4: fix incorrect quotaoff if the quota feature is enabled
crypto: AF_ALG - remove SGL terminator indicator when chaining
Input: i8042 - add Gigabyte P57 to the keyboard reset table
ip6_gre: fix endianness errors in ip6gre_err
Revert "usb: musb: fix tx fifo flush handling again"
f2fs: check hot_data for roll-forward recovery
* ipv6: fix typo in fib6_net_exit()
* ipv6: fix memory leak with multiple tables during netns destruction
* tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0
* Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
qlge: avoid memcpy buffer overflow
* ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
Linux 3.18.71
xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present
ARM: 8692/1: mm: abort uaccess retries upon fatal signal
* Bluetooth: Properly check L2CAP config option output buffer length
ALSA: msnd: Optimize / harden DSP and MIDI loops
locktorture: Fix potential memory leak with rw lock test
btrfs: resume qgroup rescan on rw remount
* scsi: sg: recheck MMAP_IO request length with lock held
* scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE
* cs5536: add support for IDE controller variant
* workqueue: Fix flag collision
* cma: fix calculation of aligned offset
dlm: avoid double-free on error path in dlm_device_{register,unregister}
Input: trackpoint - assume 3 buttons when buttons detection fails
* driver core: bus: Fix a potential double free
staging/rts5208: fix incorrect shift to extract upper nybble
* USB: core: Avoid race of async_completed() w/ usbdev_release()
* usb:xhci:Fix regression when ATI chipsets detected
* usb: Add device quirk for Logitech HD Pro Webcam C920-C
USB: serial: option: add support for D-Link DWM-157 C1
* usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard
Conflicts:
drivers/input/input.c
drivers/media/v4l2-core/v4l2-compat-ioctl32.c
drivers/scsi/sg.c
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/function/f_fs.c
drivers/usb/host/xhci-hub.c
net/ipv4/raw.c
net/packet/af_packet.c
sound/usb/card.c
sound/usb/mixer.c
Change-Id: I4ca2d8f23d99e69b73d055262327f4c71da20a7c
Signed-off-by: Thierry Strudel <tstrudel@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 45d8b80c2ac5d21cd1e2954431fb676bc2b1e099 upstream.
Two info bits were added to the "commit" part of the ring buffer data page
when returned to be consumed. This was to inform the user space readers that
events have been missed, and that the count may be stored at the end of the
page.
What wasn't handled, was the splice code that actually called a function to
return the length of the data in order to zero out the rest of the page
before sending it up to user space. These data bits were returned with the
length making the value negative, and that negative value was not checked.
It was compared to PAGE_SIZE, and only used if the size was less than
PAGE_SIZE. Luckily PAGE_SIZE is unsigned long which made the compare an
unsigned compare, meaning the negative size value did not end up causing a
large portion of memory to be randomly zeroed out.
Fixes: 66a8cb95ed040 ("ring-buffer: Add place holder recording of dropped events")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 24f2aaf952ee0b59f31c3a18b8b36c9e3d3c2cf5 upstream.
Double free of the ring buffer happens when it fails to alloc new
ring buffer instance for max_buffer if TRACER_MAX_TRACE is configured.
The root cause is that the pointer is not set to NULL after the buffer
is freed in allocate_trace_buffers(), and the freeing of the ring
buffer is invoked again later if the pointer is not equal to Null,
as:
instance_mkdir()
|-allocate_trace_buffers()
|-allocate_trace_buffer(tr, &tr->trace_buffer...)
|-allocate_trace_buffer(tr, &tr->max_buffer...)
// allocate fail(-ENOMEM),first free
// and the buffer pointer is not set to null
|-ring_buffer_free(tr->trace_buffer.buffer)
// out_free_tr
|-free_trace_buffers()
|-free_trace_buffer(&tr->trace_buffer);
//if trace_buffer is not null, free again
|-ring_buffer_free(buf->buffer)
|-rb_free_cpu_buffer(buffer->buffers[cpu])
// ring_buffer_per_cpu is null, and
// crash in ring_buffer_per_cpu->pages
Link: http://lkml.kernel.org/r/20171226071253.8968-1-chunyan.zhang@spreadtrum.com
Fixes: 737223fbca3b1 ("tracing: Consolidate buffer allocation code")
Signed-off-by: Jing Xia <jing.xia@spreadtrum.com>
Signed-off-by: Chunyan Zhang <chunyan.zhang@spreadtrum.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 4397f04575c44e1440ec2e49b6302785c95fd2f8 upstream.
Jing Xia and Chunyan Zhang reported that on failing to allocate part of the
tracing buffer, memory is freed, but the pointers that point to them are not
initialized back to NULL, and later paths may try to free the freed memory
again. Jing and Chunyan fixed one of the locations that does this, but
missed a spot.
Link: http://lkml.kernel.org/r/20171226071253.8968-1-chunyan.zhang@spreadtrum.com
Fixes: 737223fbca3b1 ("tracing: Consolidate buffer allocation code")
Reported-by: Jing Xia <jing.xia@spreadtrum.com>
Reported-by: Chunyan Zhang <chunyan.zhang@spreadtrum.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 6b7e633fe9c24682df550e5311f47fb524701586 upstream.
The ring_buffer_read_page() takes care of zeroing out any extra data in the
page that it returns. There's no need to zero it out again from the
consumer. It was removed from one consumer of this function, but
read_buffers_splice_read() did not remove it, and worse, it contained a
nasty bug because of it.
Fixes: 2711ca237a084 ("ring-buffer: Move zeroing out excess in page to ring buffer code")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 8dd33bcb7050dd6f8c1432732f930932c9d3a33e upstream.
One convenient way to erase trace is "echo > trace". However, this
is currently broken if the current tracer is irqsoff tracer. This
is because irqsoff tracer use max_buffer as the default trace
buffer.
Set the max_buffer as the one to be cleared when it's the trace
buffer currently in use.
Link: http://lkml.kernel.org/r/1505754215-29411-1-git-send-email-byan@nvidia.com
Cc: <mingo@redhat.com>
Fixes: 4acd4d00f ("tracing: give easy way to clear trace buffer")
Signed-off-by: Bo Yan <byan@nvidia.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 75df6e688ccd517e339a7c422ef7ad73045b18a2 upstream.
When reading data from trace_pipe, tracing_wait_pipe() performs a
check to see if tracing has been turned off after some data was read.
Currently, this check always looks at global trace state, but it
should be checking the trace instance where trace_pipe is located at.
Because of this bug, cat instances/i1/trace_pipe in the following
script will immediately exit instead of waiting for data:
cd /sys/kernel/debug/tracing
echo 0 > tracing_on
mkdir -p instances/i1
echo 1 > instances/i1/tracing_on
echo 1 > instances/i1/events/sched/sched_process_exec/enable
cat instances/i1/trace_pipe
Link: http://lkml.kernel.org/r/20170917102348.1615-1-tahsin@google.com
Fixes: 10246fa35d4f ("tracing: give easy way to clear trace buffer")
Signed-off-by: Tahsin Erdogan <tahsin@google.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 170b3b1050e28d1ba0700e262f0899ffa4fccc52 upstream.
Currently trace_clock timestamps are applied to both regular and max
buffers only for global trace. For instance trace, trace_clock
timestamps are applied only to regular buffer. But, regular and max
buffers can be swapped, for example, following a snapshot. So, for
instance trace, bad timestamps can be seen following a snapshot.
Let's apply trace_clock timestamps to instance max buffer as well.
Link: http://lkml.kernel.org/r/ebdb168d0be042dcdf51f81e696b17fabe3609c1.1504642143.git.tom.zanussi@linux.intel.com
Fixes: 277ba0446 ("tracing: Add interface to allow multiple trace buffers")
Signed-off-by: Baohong Liu <baohong.liu@intel.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 46320a6acc4fb58f04bcf78c4c942cc43b20f986 upstream.
In the second iteration of trace_selftest_ops(), the error goto label is
wrong in the case where trace_selftest_test_global_cnt is off. In the
case of error, it leaks the dynamic ops that was allocated.
Fixes: 95950c2e ("ftrace: Add self-tests for multiple function trace users")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| | |
Change-Id: Ifbed5d4275df07fa37f66c873eab5740228e422a
Signed-off-by: Thierry Strudel <tstrudel@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 8b0db1a5bdfcee0dbfa89607672598ae203c9045 upstream.
Performing the following task with kmemleak enabled:
# cd /sys/kernel/tracing/events/irq/irq_handler_entry/
# echo 'enable_event:kmem:kmalloc:3 if irq >' > trigger
# echo 'enable_event:kmem:kmalloc:3 if irq > 31' > trigger
# echo scan > /sys/kernel/debug/kmemleak
# cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff8800b9290308 (size 32):
comm "bash", pid 1114, jiffies 4294848451 (age 141.139s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<ffffffff81cef5aa>] kmemleak_alloc+0x4a/0xa0
[<ffffffff81357938>] kmem_cache_alloc_trace+0x158/0x290
[<ffffffff81261c09>] create_filter_start.constprop.28+0x99/0x940
[<ffffffff812639c9>] create_filter+0xa9/0x160
[<ffffffff81263bdc>] create_event_filter+0xc/0x10
[<ffffffff812655e5>] set_trigger_filter+0xe5/0x210
[<ffffffff812660c4>] event_enable_trigger_func+0x324/0x490
[<ffffffff812652e2>] event_trigger_write+0x1a2/0x260
[<ffffffff8138cf87>] __vfs_write+0xd7/0x380
[<ffffffff8138f421>] vfs_write+0x101/0x260
[<ffffffff8139187b>] SyS_write+0xab/0x130
[<ffffffff81cfd501>] entry_SYSCALL_64_fastpath+0x1f/0xbe
[<ffffffffffffffff>] 0xffffffffffffffff
The function create_filter() is passed a 'filterp' pointer that gets
allocated, and if "set_str" is true, it is up to the caller to free it, even
on error. The problem is that the pointer is not freed by create_filter()
when set_str is false. This is a bug, and it is not up to the caller to free
the filter on error if it doesn't care about the string.
Link: http://lkml.kernel.org/r/1502705898-27571-2-git-send-email-chuhu@redhat.com
Fixes: 38b78eb85 ("tracing: Factorize filter creation")
Reported-by: Chunyu Hu <chuhu@redhat.com>
Tested-by: Chunyu Hu <chuhu@redhat.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit db9108e054700c96322b0f0028546aa4e643cf0b upstream.
Hit the kmemleak when executing instance_rmdir, it forgot releasing
mem of tracing_cpumask. With this fix, the warn does not appear any
more.
unreferenced object 0xffff93a8dfaa7c18 (size 8):
comm "mkdir", pid 1436, jiffies 4294763622 (age 9134.308s)
hex dump (first 8 bytes):
ff ff ff ff ff ff ff ff ........
backtrace:
[<ffffffff88b6567a>] kmemleak_alloc+0x4a/0xa0
[<ffffffff8861ea41>] __kmalloc_node+0xf1/0x280
[<ffffffff88b505d3>] alloc_cpumask_var_node+0x23/0x30
[<ffffffff88b5060e>] alloc_cpumask_var+0xe/0x10
[<ffffffff88571ab0>] instance_mkdir+0x90/0x240
[<ffffffff886e5100>] tracefs_syscall_mkdir+0x40/0x70
[<ffffffff886565c9>] vfs_mkdir+0x109/0x1b0
[<ffffffff8865b1d0>] SyS_mkdir+0xd0/0x100
[<ffffffff88403857>] do_syscall_64+0x67/0x150
[<ffffffff88b710e7>] return_from_SYSCALL_64+0x0/0x6a
[<ffffffffffffffff>] 0xffffffffffffffff
Link: http://lkml.kernel.org/r/1500546969-12594-1-git-send-email-chuhu@redhat.com
Fixes: ccfe9e42e451 ("tracing: Make tracing_cpumask available for all instances")
Signed-off-by: Chunyu Hu <chuhu@redhat.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit c59f29cb144a6a0dfac16ede9dc8eafc02dc56ca upstream.
The 's' flag is supposed to indicate that a softirq is running. This
can be detected by testing the preempt_count with SOFTIRQ_OFFSET.
The current code tests the preempt_count with SOFTIRQ_MASK, which
would be true even when softirqs are disabled but not serving a
softirq.
Link: http://lkml.kernel.org/r/1481300417-3564-1-git-send-email-pkondeti@codeaurora.org
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 9e52b32567126fe146f198971364f68d3bc5233f upstream.
Always try to parse an address, since kstrtoul() will safely fail when
given a symbol as input. If that fails (which will be the case for a
symbol), try to parse a symbol instead.
This allows creating a probe such as:
p:probe/vlan_gro_receive 8021q:vlan_gro_receive+0
Which is necessary for this command to work:
perf probe -m 8021q -a vlan_gro_receive
Link: http://lkml.kernel.org/r/fd72d666f45b114e2c5b9cf7e27b91de1ec966f1.1498122881.git.sd@queasysnail.net
Fixes: 413d37d1e ("tracing: Add kprobe-based event tracer")
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\ \ |
|
| | |\|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes in 3.18.55
USB: ene_usb6250: fix DMA to the stack
watchdog: pcwd_usb: fix NULL-deref at probe
char: lp: fix possible integer overflow in lp_setup()
USB: core: replace %p with %pK
dm btree: fix for dm_btree_find_lowest_key()
dm bufio: avoid a possible ABBA deadlock
dm thin metadata: call precommit before saving the roots
dm space map disk: fix some book keeping in the disk space map
mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
ima: accept previously set IMA_NEW_FILE
regulator: tps65023: Fix inverted core enable logic.
ath9k_htc: fix NULL-deref at probe
cdc-acm: fix possible invalid access when processing notification
of: fix sparse warning in of_pci_range_parser_one
of: fdt: add missing allocation-failure check
iio: dac: ad7303: fix channel description
pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
USB: serial: ftdi_sio: fix setting latency for unprivileged users
USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
usb: host: xhci-plat: propagate return value of platform_get_irq()
usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
net: irda: irda-usb: fix firmware name on big-endian hosts
usbvision: fix NULL-deref at probe
mceusb: fix NULL-deref at probe
ttusb2: limit messages to buffer size
usb: musb: tusb6010_omap: Do not reset the other direction's packet size
USB: iowarrior: fix info ioctl on big-endian hosts
usb: serial: option: add Telit ME910 support
USB: serial: qcserial: add more Lenovo EM74xx device IDs
USB: serial: mct_u232: fix big-endian baud-rate handling
USB: serial: io_ti: fix div-by-zero in set_termios
USB: hub: fix SS hub-descriptor handling
USB: hub: fix non-SS hub-descriptor handling
tty: Prevent ldisc drivers from re-using stale tty fields
ipx: call ipxitf_put() in ioctl error path
iio: proximity: as3935: fix as3935_write
gspca: konica: add missing endpoint sanity check
s5p-mfc: Fix unbalanced call to clock management
dib0700: fix NULL-deref at probe
zr364xx: enforce minimum size when reading header
cx231xx-cards: fix NULL-deref at probe
cx231xx-audio: fix NULL-deref at probe
powerpc/pseries: Fix of_node_put() underflow during DLPAR remove
ARM: dts: at91: sama5d3_xplained: fix ADC vref
ARM: dts: at91: sama5d3_xplained: not all ADC channels are available
arm64: uaccess: ensure extension of access_ok() addr
arm64: documentation: document tagged pointer stack constraints
xc2028: Fix use-after-free bug properly
mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp
metag/uaccess: Fix access_ok()
metag/uaccess: Check access_ok in strncpy_from_user
stackprotector: Increase the per-task stack canary's random range from 32 bits to 64 bits on 64-bit platforms
uwb: fix device quirk on big-endian hosts
osf_wait4(): fix infoleak
tracing/kprobes: Enforce kprobes teardown after testing
PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
PCI: Freeze PME scan before suspending devices
drivers: char: mem: Check for address space wraparound with mmap()
usb: misc: legousbtower: Fix memory leak
Linux 3.18.55
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
commit 30e7d894c1478c88d50ce94ddcdbd7f9763d9cdd upstream.
Enabling the tracer selftest triggers occasionally the warning in
text_poke(), which warns when the to be modified page is not marked
reserved.
The reason is that the tracer selftest installs kprobes on functions marked
__init for testing. These probes are removed after the tests, but that
removal schedules the delayed kprobes_optimizer work, which will do the
actual text poke. If the work is executed after the init text is freed,
then the warning triggers. The bug can be reproduced reliably when the work
delay is increased.
Flush the optimizer work and wait for the optimizing/unoptimizing lists to
become empty before returning from the kprobes tracer selftest. That
ensures that all operations which were queued due to the probes removal
have completed.
Link: http://lkml.kernel.org/r/20170516094802.76a468bb@gandalf.local.home
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Fixes: 6274de498 ("kprobes: Support delayed unoptimizing")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The size of the allocations depends on saved_cmdlines_size. Use vmalloc
to make sure the allocations succeed.
Bug: 62669736
Change-Id: Ic8943b5ac3c5afe8a8c0f5b58974dcc6880b0d5c
Signed-off-by: Joel Fernandes <joelaf@google.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since cmdline_num can change, make sure to consider it.
Bug: 62669736
Change-Id: Ia69d1381f126c8e9cfa132ad1baa7a1168c6fb58
Signed-off-by: Joel Fernandes <joelaf@google.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To avoid having non-zero tgid cache entries, use kzalloc.
Bug: 62669736
Change-Id: Iad77c16e2f6819c5587fe1367cb9aeb1ea9b62ba
Signed-off-by: Joel Fernandes <joelaf@google.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Kernel bug causes saved_tgids to be overwritten. Resize saved_tgids when
resize is requested to avoid memory corruption.
Bug: 62669736
Change-Id: I9157506c9d835b9dae854595a1d7ef5b2fb3967d
Signed-off-by: Joel Fernandes <joelaf@google.com>
|
| |\|
| |
| |
| |
| |
| |
| | |
This merges from 3.18.44 to 3.18.52 all in one big chunk to make things
go faster on the review side.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 86038c5ea81b519a8a1fcfcd5e4599aab0cdd119 upstream.
Both Linus (most recent) and Steve (a while ago) reported that perf
related callbacks have massive stack bloat.
The problem is that software events need a pt_regs in order to
properly report the event location and unwind stack. And because we
could not assume one was present we allocated one on stack and filled
it with minimal bits required for operation.
Now, pt_regs is quite large, so this is undesirable. Furthermore it
turns out that most sites actually have a pt_regs pointer available,
making this even more onerous, as the stack space is pointless waste.
This patch addresses the problem by observing that software events
have well defined nesting semantics, therefore we can use static
per-cpu storage instead of on-stack.
Linus made the further observation that all but the scheduler callers
of perf_sw_event() have a pt_regs available, so we change the regular
perf_sw_event() to require a valid pt_regs (where it used to be
optional) and add perf_sw_event_sched() for the scheduler.
We have a scheduler specific call instead of a more generic _noregs()
like construct because we can assume non-recursion from the scheduler
and thereby simplify the code further (_noregs would have to put the
recursion context call inline in order to assertain which __perf_regs
element to use).
One last note on the implementation of perf_trace_buf_prepare(); we
allow .regs = NULL for those cases where we already have a pt_regs
pointer available and do not need another.
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Reported-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Javi Merino <javi.merino@arm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Petr Mladek <pmladek@suse.cz>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Tom Zanussi <tom.zanussi@linux.intel.com>
Cc: Vaibhav Nagarnaik <vnagarnaik@google.com>
Link: http://lkml.kernel.org/r/20141216115041.GW3337@twins.programming.kicks-ass.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 78f7a45dac2a2d2002f98a3a95f7979867868d73 upstream.
I noticed that reading the snapshot file when it is empty no longer gives a
status. It suppose to show the status of the snapshot buffer as well as how
to allocate and use it. For example:
># cat snapshot
# tracer: nop
#
#
# * Snapshot is allocated *
#
# Snapshot commands:
# echo 0 > snapshot : Clears and frees snapshot buffer
# echo 1 > snapshot : Allocates snapshot buffer, if not already allocated.
# Takes a snapshot of the main buffer.
# echo 2 > snapshot : Clears snapshot buffer (but does not allocate or free)
# (Doesn't have to be '2' works with any number that
# is not a '0' or '1')
But instead it just showed an empty buffer:
># cat snapshot
# tracer: nop
#
# entries-in-buffer/entries-written: 0/0 #P:4
#
# _-----=> irqs-off
# / _----=> need-resched
# | / _---=> hardirq/softirq
# || / _--=> preempt-depth
# ||| / delay
# TASK-PID CPU# |||| TIMESTAMP FUNCTION
# | | | |||| | |
What happened was that it was using the ring_buffer_iter_empty() function to
see if it was empty, and if it was, it showed the status. But that function
was returning false when it was empty. The reason was that the iter header
page was on the reader page, and the reader page was empty, but so was the
buffer itself. The check only tested to see if the iter was on the commit
page, but the commit page was no longer pointing to the reader page, but as
all pages were empty, the buffer is also.
Fixes: 651e22f2701b ("ring-buffer: Always reset iterator to reader page")
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
