Contents of /trunk/kernel-alx-legacy/patches-4.9/0164-4.9.65-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 3608 -
(show annotations)
(download)
Fri Aug 14 07:34:29 2020 UTC (3 years, 8 months ago) by niro
File size: 20290 byte(s)
Fri Aug 14 07:34:29 2020 UTC (3 years, 8 months ago) by niro
File size: 20290 byte(s)
-added kerenl-alx-legacy pkg
| 1 | diff --git a/Makefile b/Makefile |
| 2 | index d29cace0da6d..87a641515e9c 100644 |
| 3 | --- a/Makefile |
| 4 | +++ b/Makefile |
| 5 | @@ -1,6 +1,6 @@ |
| 6 | VERSION = 4 |
| 7 | PATCHLEVEL = 9 |
| 8 | -SUBLEVEL = 64 |
| 9 | +SUBLEVEL = 65 |
| 10 | EXTRAVERSION = |
| 11 | NAME = Roaring Lionus |
| 12 | |
| 13 | diff --git a/crypto/dh.c b/crypto/dh.c |
| 14 | index 9d19360e7189..99e20fc63cc9 100644 |
| 15 | --- a/crypto/dh.c |
| 16 | +++ b/crypto/dh.c |
| 17 | @@ -21,19 +21,12 @@ struct dh_ctx { |
| 18 | MPI xa; |
| 19 | }; |
| 20 | |
| 21 | -static inline void dh_clear_params(struct dh_ctx *ctx) |
| 22 | +static void dh_clear_ctx(struct dh_ctx *ctx) |
| 23 | { |
| 24 | mpi_free(ctx->p); |
| 25 | mpi_free(ctx->g); |
| 26 | - ctx->p = NULL; |
| 27 | - ctx->g = NULL; |
| 28 | -} |
| 29 | - |
| 30 | -static void dh_free_ctx(struct dh_ctx *ctx) |
| 31 | -{ |
| 32 | - dh_clear_params(ctx); |
| 33 | mpi_free(ctx->xa); |
| 34 | - ctx->xa = NULL; |
| 35 | + memset(ctx, 0, sizeof(*ctx)); |
| 36 | } |
| 37 | |
| 38 | /* |
| 39 | @@ -71,10 +64,8 @@ static int dh_set_params(struct dh_ctx *ctx, struct dh *params) |
| 40 | return -EINVAL; |
| 41 | |
| 42 | ctx->g = mpi_read_raw_data(params->g, params->g_size); |
| 43 | - if (!ctx->g) { |
| 44 | - mpi_free(ctx->p); |
| 45 | + if (!ctx->g) |
| 46 | return -EINVAL; |
| 47 | - } |
| 48 | |
| 49 | return 0; |
| 50 | } |
| 51 | @@ -84,19 +75,24 @@ static int dh_set_secret(struct crypto_kpp *tfm, void *buf, unsigned int len) |
| 52 | struct dh_ctx *ctx = dh_get_ctx(tfm); |
| 53 | struct dh params; |
| 54 | |
| 55 | + /* Free the old MPI key if any */ |
| 56 | + dh_clear_ctx(ctx); |
| 57 | + |
| 58 | if (crypto_dh_decode_key(buf, len, ¶ms) < 0) |
| 59 | - return -EINVAL; |
| 60 | + goto err_clear_ctx; |
| 61 | |
| 62 | if (dh_set_params(ctx, ¶ms) < 0) |
| 63 | - return -EINVAL; |
| 64 | + goto err_clear_ctx; |
| 65 | |
| 66 | ctx->xa = mpi_read_raw_data(params.key, params.key_size); |
| 67 | - if (!ctx->xa) { |
| 68 | - dh_clear_params(ctx); |
| 69 | - return -EINVAL; |
| 70 | - } |
| 71 | + if (!ctx->xa) |
| 72 | + goto err_clear_ctx; |
| 73 | |
| 74 | return 0; |
| 75 | + |
| 76 | +err_clear_ctx: |
| 77 | + dh_clear_ctx(ctx); |
| 78 | + return -EINVAL; |
| 79 | } |
| 80 | |
| 81 | static int dh_compute_value(struct kpp_request *req) |
| 82 | @@ -154,7 +150,7 @@ static void dh_exit_tfm(struct crypto_kpp *tfm) |
| 83 | { |
| 84 | struct dh_ctx *ctx = dh_get_ctx(tfm); |
| 85 | |
| 86 | - dh_free_ctx(ctx); |
| 87 | + dh_clear_ctx(ctx); |
| 88 | } |
| 89 | |
| 90 | static struct kpp_alg dh = { |
| 91 | diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c |
| 92 | index 172a9dc06ec9..5d509ccf1299 100644 |
| 93 | --- a/drivers/char/ipmi/ipmi_msghandler.c |
| 94 | +++ b/drivers/char/ipmi/ipmi_msghandler.c |
| 95 | @@ -4029,7 +4029,8 @@ smi_from_recv_msg(ipmi_smi_t intf, struct ipmi_recv_msg *recv_msg, |
| 96 | } |
| 97 | |
| 98 | static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, |
| 99 | - struct list_head *timeouts, long timeout_period, |
| 100 | + struct list_head *timeouts, |
| 101 | + unsigned long timeout_period, |
| 102 | int slot, unsigned long *flags, |
| 103 | unsigned int *waiting_msgs) |
| 104 | { |
| 105 | @@ -4042,8 +4043,8 @@ static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, |
| 106 | if (!ent->inuse) |
| 107 | return; |
| 108 | |
| 109 | - ent->timeout -= timeout_period; |
| 110 | - if (ent->timeout > 0) { |
| 111 | + if (timeout_period < ent->timeout) { |
| 112 | + ent->timeout -= timeout_period; |
| 113 | (*waiting_msgs)++; |
| 114 | return; |
| 115 | } |
| 116 | @@ -4109,7 +4110,8 @@ static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, |
| 117 | } |
| 118 | } |
| 119 | |
| 120 | -static unsigned int ipmi_timeout_handler(ipmi_smi_t intf, long timeout_period) |
| 121 | +static unsigned int ipmi_timeout_handler(ipmi_smi_t intf, |
| 122 | + unsigned long timeout_period) |
| 123 | { |
| 124 | struct list_head timeouts; |
| 125 | struct ipmi_recv_msg *msg, *msg2; |
| 126 | diff --git a/drivers/dma/dmatest.c b/drivers/dma/dmatest.c |
| 127 | index cf76fc6149e5..fbb75514dfb4 100644 |
| 128 | --- a/drivers/dma/dmatest.c |
| 129 | +++ b/drivers/dma/dmatest.c |
| 130 | @@ -666,6 +666,7 @@ static int dmatest_func(void *data) |
| 131 | * free it this time?" dancing. For now, just |
| 132 | * leave it dangling. |
| 133 | */ |
| 134 | + WARN(1, "dmatest: Kernel stack may be corrupted!!\n"); |
| 135 | dmaengine_unmap_put(um); |
| 136 | result("test timed out", total_tests, src_off, dst_off, |
| 137 | len, 0); |
| 138 | diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c |
| 139 | index 5fa36ebc0640..63d61c084815 100644 |
| 140 | --- a/drivers/net/bonding/bond_main.c |
| 141 | +++ b/drivers/net/bonding/bond_main.c |
| 142 | @@ -3217,7 +3217,7 @@ u32 bond_xmit_hash(struct bonding *bond, struct sk_buff *skb) |
| 143 | hash ^= (hash >> 16); |
| 144 | hash ^= (hash >> 8); |
| 145 | |
| 146 | - return hash; |
| 147 | + return hash >> 1; |
| 148 | } |
| 149 | |
| 150 | /*-------------------------- Device entry points ----------------------------*/ |
| 151 | diff --git a/drivers/net/ethernet/fealnx.c b/drivers/net/ethernet/fealnx.c |
| 152 | index c08bd763172a..a300ed48a7d8 100644 |
| 153 | --- a/drivers/net/ethernet/fealnx.c |
| 154 | +++ b/drivers/net/ethernet/fealnx.c |
| 155 | @@ -257,8 +257,8 @@ enum rx_desc_status_bits { |
| 156 | RXFSD = 0x00000800, /* first descriptor */ |
| 157 | RXLSD = 0x00000400, /* last descriptor */ |
| 158 | ErrorSummary = 0x80, /* error summary */ |
| 159 | - RUNT = 0x40, /* runt packet received */ |
| 160 | - LONG = 0x20, /* long packet received */ |
| 161 | + RUNTPKT = 0x40, /* runt packet received */ |
| 162 | + LONGPKT = 0x20, /* long packet received */ |
| 163 | FAE = 0x10, /* frame align error */ |
| 164 | CRC = 0x08, /* crc error */ |
| 165 | RXER = 0x04, /* receive error */ |
| 166 | @@ -1633,7 +1633,7 @@ static int netdev_rx(struct net_device *dev) |
| 167 | dev->name, rx_status); |
| 168 | |
| 169 | dev->stats.rx_errors++; /* end of a packet. */ |
| 170 | - if (rx_status & (LONG | RUNT)) |
| 171 | + if (rx_status & (LONGPKT | RUNTPKT)) |
| 172 | dev->stats.rx_length_errors++; |
| 173 | if (rx_status & RXER) |
| 174 | dev->stats.rx_frame_errors++; |
| 175 | diff --git a/drivers/net/usb/asix_devices.c b/drivers/net/usb/asix_devices.c |
| 176 | index 50737def774c..32e9ec8f1521 100644 |
| 177 | --- a/drivers/net/usb/asix_devices.c |
| 178 | +++ b/drivers/net/usb/asix_devices.c |
| 179 | @@ -624,7 +624,7 @@ static int asix_suspend(struct usb_interface *intf, pm_message_t message) |
| 180 | struct usbnet *dev = usb_get_intfdata(intf); |
| 181 | struct asix_common_private *priv = dev->driver_priv; |
| 182 | |
| 183 | - if (priv->suspend) |
| 184 | + if (priv && priv->suspend) |
| 185 | priv->suspend(dev); |
| 186 | |
| 187 | return usbnet_suspend(intf, message); |
| 188 | @@ -676,7 +676,7 @@ static int asix_resume(struct usb_interface *intf) |
| 189 | struct usbnet *dev = usb_get_intfdata(intf); |
| 190 | struct asix_common_private *priv = dev->driver_priv; |
| 191 | |
| 192 | - if (priv->resume) |
| 193 | + if (priv && priv->resume) |
| 194 | priv->resume(dev); |
| 195 | |
| 196 | return usbnet_resume(intf); |
| 197 | diff --git a/drivers/net/usb/cdc_ether.c b/drivers/net/usb/cdc_ether.c |
| 198 | index b82be816256c..1fca0024f294 100644 |
| 199 | --- a/drivers/net/usb/cdc_ether.c |
| 200 | +++ b/drivers/net/usb/cdc_ether.c |
| 201 | @@ -221,7 +221,7 @@ int usbnet_generic_cdc_bind(struct usbnet *dev, struct usb_interface *intf) |
| 202 | goto bad_desc; |
| 203 | } |
| 204 | |
| 205 | - if (header.usb_cdc_ether_desc) { |
| 206 | + if (header.usb_cdc_ether_desc && info->ether->wMaxSegmentSize) { |
| 207 | dev->hard_mtu = le16_to_cpu(info->ether->wMaxSegmentSize); |
| 208 | /* because of Zaurus, we may be ignoring the host |
| 209 | * side link address we were given. |
| 210 | diff --git a/drivers/net/usb/qmi_wwan.c b/drivers/net/usb/qmi_wwan.c |
| 211 | index 49a27dc46e5e..9cf11c83993a 100644 |
| 212 | --- a/drivers/net/usb/qmi_wwan.c |
| 213 | +++ b/drivers/net/usb/qmi_wwan.c |
| 214 | @@ -205,6 +205,7 @@ static int qmi_wwan_rx_fixup(struct usbnet *dev, struct sk_buff *skb) |
| 215 | return 1; |
| 216 | } |
| 217 | if (rawip) { |
| 218 | + skb_reset_mac_header(skb); |
| 219 | skb->dev = dev->net; /* normally set by eth_type_trans */ |
| 220 | skb->protocol = proto; |
| 221 | return 1; |
| 222 | @@ -386,7 +387,7 @@ static int qmi_wwan_bind(struct usbnet *dev, struct usb_interface *intf) |
| 223 | } |
| 224 | |
| 225 | /* errors aren't fatal - we can live with the dynamic address */ |
| 226 | - if (cdc_ether) { |
| 227 | + if (cdc_ether && cdc_ether->wMaxSegmentSize) { |
| 228 | dev->hard_mtu = le16_to_cpu(cdc_ether->wMaxSegmentSize); |
| 229 | usbnet_get_ethernet_addr(dev, cdc_ether->iMACAddress); |
| 230 | } |
| 231 | diff --git a/drivers/net/vrf.c b/drivers/net/vrf.c |
| 232 | index 578bd5001d93..346e48698555 100644 |
| 233 | --- a/drivers/net/vrf.c |
| 234 | +++ b/drivers/net/vrf.c |
| 235 | @@ -1129,7 +1129,7 @@ static int vrf_fib_rule(const struct net_device *dev, __u8 family, bool add_it) |
| 236 | frh->family = family; |
| 237 | frh->action = FR_ACT_TO_TBL; |
| 238 | |
| 239 | - if (nla_put_u32(skb, FRA_L3MDEV, 1)) |
| 240 | + if (nla_put_u8(skb, FRA_L3MDEV, 1)) |
| 241 | goto nla_put_failure; |
| 242 | |
| 243 | if (nla_put_u32(skb, FRA_PRIORITY, FIB_RULE_PREF)) |
| 244 | diff --git a/drivers/tty/serial/8250/8250_fintek.c b/drivers/tty/serial/8250/8250_fintek.c |
| 245 | index 0facc789fe7d..f8c31070a337 100644 |
| 246 | --- a/drivers/tty/serial/8250/8250_fintek.c |
| 247 | +++ b/drivers/tty/serial/8250/8250_fintek.c |
| 248 | @@ -54,6 +54,9 @@ static int fintek_8250_enter_key(u16 base_port, u8 key) |
| 249 | if (!request_muxed_region(base_port, 2, "8250_fintek")) |
| 250 | return -EBUSY; |
| 251 | |
| 252 | + /* Force to deactive all SuperIO in this base_port */ |
| 253 | + outb(EXIT_KEY, base_port + ADDR_PORT); |
| 254 | + |
| 255 | outb(key, base_port + ADDR_PORT); |
| 256 | outb(key, base_port + ADDR_PORT); |
| 257 | return 0; |
| 258 | diff --git a/drivers/tty/serial/omap-serial.c b/drivers/tty/serial/omap-serial.c |
| 259 | index 44e5b5bf713b..472ba3c813c1 100644 |
| 260 | --- a/drivers/tty/serial/omap-serial.c |
| 261 | +++ b/drivers/tty/serial/omap-serial.c |
| 262 | @@ -693,7 +693,7 @@ static void serial_omap_set_mctrl(struct uart_port *port, unsigned int mctrl) |
| 263 | if ((mctrl & TIOCM_RTS) && (port->status & UPSTAT_AUTORTS)) |
| 264 | up->efr |= UART_EFR_RTS; |
| 265 | else |
| 266 | - up->efr &= UART_EFR_RTS; |
| 267 | + up->efr &= ~UART_EFR_RTS; |
| 268 | serial_out(up, UART_EFR, up->efr); |
| 269 | serial_out(up, UART_LCR, lcr); |
| 270 | |
| 271 | diff --git a/fs/coda/upcall.c b/fs/coda/upcall.c |
| 272 | index f6c6c8adbc01..7289f0a7670b 100644 |
| 273 | --- a/fs/coda/upcall.c |
| 274 | +++ b/fs/coda/upcall.c |
| 275 | @@ -446,8 +446,7 @@ int venus_fsync(struct super_block *sb, struct CodaFid *fid) |
| 276 | UPARG(CODA_FSYNC); |
| 277 | |
| 278 | inp->coda_fsync.VFid = *fid; |
| 279 | - error = coda_upcall(coda_vcp(sb), sizeof(union inputArgs), |
| 280 | - &outsize, inp); |
| 281 | + error = coda_upcall(coda_vcp(sb), insize, &outsize, inp); |
| 282 | |
| 283 | CODA_FREE(inp, insize); |
| 284 | return error; |
| 285 | diff --git a/fs/ocfs2/dlm/dlmrecovery.c b/fs/ocfs2/dlm/dlmrecovery.c |
| 286 | index dd5cb8bcefd1..eef324823311 100644 |
| 287 | --- a/fs/ocfs2/dlm/dlmrecovery.c |
| 288 | +++ b/fs/ocfs2/dlm/dlmrecovery.c |
| 289 | @@ -2419,6 +2419,7 @@ static void dlm_do_local_recovery_cleanup(struct dlm_ctxt *dlm, u8 dead_node) |
| 290 | dlm_lockres_put(res); |
| 291 | continue; |
| 292 | } |
| 293 | + dlm_move_lockres_to_recovery_list(dlm, res); |
| 294 | } else if (res->owner == dlm->node_num) { |
| 295 | dlm_free_dead_locks(dlm, res, dead_node); |
| 296 | __dlm_lockres_calc_usage(dlm, res); |
| 297 | diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c |
| 298 | index 0db6f83fdea1..05a0fb9854f9 100644 |
| 299 | --- a/fs/ocfs2/file.c |
| 300 | +++ b/fs/ocfs2/file.c |
| 301 | @@ -1166,6 +1166,13 @@ int ocfs2_setattr(struct dentry *dentry, struct iattr *attr) |
| 302 | } |
| 303 | size_change = S_ISREG(inode->i_mode) && attr->ia_valid & ATTR_SIZE; |
| 304 | if (size_change) { |
| 305 | + /* |
| 306 | + * Here we should wait dio to finish before inode lock |
| 307 | + * to avoid a deadlock between ocfs2_setattr() and |
| 308 | + * ocfs2_dio_end_io_write() |
| 309 | + */ |
| 310 | + inode_dio_wait(inode); |
| 311 | + |
| 312 | status = ocfs2_rw_lock(inode, 1); |
| 313 | if (status < 0) { |
| 314 | mlog_errno(status); |
| 315 | @@ -1186,8 +1193,6 @@ int ocfs2_setattr(struct dentry *dentry, struct iattr *attr) |
| 316 | if (status) |
| 317 | goto bail_unlock; |
| 318 | |
| 319 | - inode_dio_wait(inode); |
| 320 | - |
| 321 | if (i_size_read(inode) >= attr->ia_size) { |
| 322 | if (ocfs2_should_order_data(inode)) { |
| 323 | status = ocfs2_begin_ordered_truncate(inode, |
| 324 | diff --git a/include/linux/mmzone.h b/include/linux/mmzone.h |
| 325 | index 6744eb40c4ea..fff21a82780c 100644 |
| 326 | --- a/include/linux/mmzone.h |
| 327 | +++ b/include/linux/mmzone.h |
| 328 | @@ -672,7 +672,8 @@ typedef struct pglist_data { |
| 329 | * is the first PFN that needs to be initialised. |
| 330 | */ |
| 331 | unsigned long first_deferred_pfn; |
| 332 | - unsigned long static_init_size; |
| 333 | + /* Number of non-deferred pages */ |
| 334 | + unsigned long static_init_pgcnt; |
| 335 | #endif /* CONFIG_DEFERRED_STRUCT_PAGE_INIT */ |
| 336 | |
| 337 | #ifdef CONFIG_TRANSPARENT_HUGEPAGE |
| 338 | diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h |
| 339 | index 32810f279f8e..601dfa849d30 100644 |
| 340 | --- a/include/linux/skbuff.h |
| 341 | +++ b/include/linux/skbuff.h |
| 342 | @@ -3584,6 +3584,13 @@ static inline void nf_reset_trace(struct sk_buff *skb) |
| 343 | #endif |
| 344 | } |
| 345 | |
| 346 | +static inline void ipvs_reset(struct sk_buff *skb) |
| 347 | +{ |
| 348 | +#if IS_ENABLED(CONFIG_IP_VS) |
| 349 | + skb->ipvs_property = 0; |
| 350 | +#endif |
| 351 | +} |
| 352 | + |
| 353 | /* Note: This doesn't put any conntrack and bridge info in dst. */ |
| 354 | static inline void __nf_copy(struct sk_buff *dst, const struct sk_buff *src, |
| 355 | bool copy) |
| 356 | diff --git a/mm/page_alloc.c b/mm/page_alloc.c |
| 357 | index 7064aae8ded7..4a044134ce84 100644 |
| 358 | --- a/mm/page_alloc.c |
| 359 | +++ b/mm/page_alloc.c |
| 360 | @@ -284,28 +284,37 @@ EXPORT_SYMBOL(nr_online_nodes); |
| 361 | int page_group_by_mobility_disabled __read_mostly; |
| 362 | |
| 363 | #ifdef CONFIG_DEFERRED_STRUCT_PAGE_INIT |
| 364 | + |
| 365 | +/* |
| 366 | + * Determine how many pages need to be initialized durig early boot |
| 367 | + * (non-deferred initialization). |
| 368 | + * The value of first_deferred_pfn will be set later, once non-deferred pages |
| 369 | + * are initialized, but for now set it ULONG_MAX. |
| 370 | + */ |
| 371 | static inline void reset_deferred_meminit(pg_data_t *pgdat) |
| 372 | { |
| 373 | - unsigned long max_initialise; |
| 374 | - unsigned long reserved_lowmem; |
| 375 | + phys_addr_t start_addr, end_addr; |
| 376 | + unsigned long max_pgcnt; |
| 377 | + unsigned long reserved; |
| 378 | |
| 379 | /* |
| 380 | * Initialise at least 2G of a node but also take into account that |
| 381 | * two large system hashes that can take up 1GB for 0.25TB/node. |
| 382 | */ |
| 383 | - max_initialise = max(2UL << (30 - PAGE_SHIFT), |
| 384 | - (pgdat->node_spanned_pages >> 8)); |
| 385 | + max_pgcnt = max(2UL << (30 - PAGE_SHIFT), |
| 386 | + (pgdat->node_spanned_pages >> 8)); |
| 387 | |
| 388 | /* |
| 389 | * Compensate the all the memblock reservations (e.g. crash kernel) |
| 390 | * from the initial estimation to make sure we will initialize enough |
| 391 | * memory to boot. |
| 392 | */ |
| 393 | - reserved_lowmem = memblock_reserved_memory_within(pgdat->node_start_pfn, |
| 394 | - pgdat->node_start_pfn + max_initialise); |
| 395 | - max_initialise += reserved_lowmem; |
| 396 | + start_addr = PFN_PHYS(pgdat->node_start_pfn); |
| 397 | + end_addr = PFN_PHYS(pgdat->node_start_pfn + max_pgcnt); |
| 398 | + reserved = memblock_reserved_memory_within(start_addr, end_addr); |
| 399 | + max_pgcnt += PHYS_PFN(reserved); |
| 400 | |
| 401 | - pgdat->static_init_size = min(max_initialise, pgdat->node_spanned_pages); |
| 402 | + pgdat->static_init_pgcnt = min(max_pgcnt, pgdat->node_spanned_pages); |
| 403 | pgdat->first_deferred_pfn = ULONG_MAX; |
| 404 | } |
| 405 | |
| 406 | @@ -332,7 +341,7 @@ static inline bool update_defer_init(pg_data_t *pgdat, |
| 407 | if (zone_end < pgdat_end_pfn(pgdat)) |
| 408 | return true; |
| 409 | (*nr_initialised)++; |
| 410 | - if ((*nr_initialised > pgdat->static_init_size) && |
| 411 | + if ((*nr_initialised > pgdat->static_init_pgcnt) && |
| 412 | (pfn & (PAGES_PER_SECTION - 1)) == 0) { |
| 413 | pgdat->first_deferred_pfn = pfn; |
| 414 | return false; |
| 415 | diff --git a/mm/pagewalk.c b/mm/pagewalk.c |
| 416 | index 207244489a68..d95341cffc2f 100644 |
| 417 | --- a/mm/pagewalk.c |
| 418 | +++ b/mm/pagewalk.c |
| 419 | @@ -142,8 +142,12 @@ static int walk_hugetlb_range(unsigned long addr, unsigned long end, |
| 420 | do { |
| 421 | next = hugetlb_entry_end(h, addr, end); |
| 422 | pte = huge_pte_offset(walk->mm, addr & hmask); |
| 423 | - if (pte && walk->hugetlb_entry) |
| 424 | + |
| 425 | + if (pte) |
| 426 | err = walk->hugetlb_entry(pte, hmask, addr, next, walk); |
| 427 | + else if (walk->pte_hole) |
| 428 | + err = walk->pte_hole(addr, next, walk); |
| 429 | + |
| 430 | if (err) |
| 431 | break; |
| 432 | } while (addr = next, addr != end); |
| 433 | diff --git a/net/8021q/vlan.c b/net/8021q/vlan.c |
| 434 | index 8d213f974448..4a47074d1d7f 100644 |
| 435 | --- a/net/8021q/vlan.c |
| 436 | +++ b/net/8021q/vlan.c |
| 437 | @@ -376,6 +376,9 @@ static int vlan_device_event(struct notifier_block *unused, unsigned long event, |
| 438 | dev->name); |
| 439 | vlan_vid_add(dev, htons(ETH_P_8021Q), 0); |
| 440 | } |
| 441 | + if (event == NETDEV_DOWN && |
| 442 | + (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER)) |
| 443 | + vlan_vid_del(dev, htons(ETH_P_8021Q), 0); |
| 444 | |
| 445 | vlan_info = rtnl_dereference(dev->vlan_info); |
| 446 | if (!vlan_info) |
| 447 | @@ -423,9 +426,6 @@ static int vlan_device_event(struct notifier_block *unused, unsigned long event, |
| 448 | struct net_device *tmp; |
| 449 | LIST_HEAD(close_list); |
| 450 | |
| 451 | - if (dev->features & NETIF_F_HW_VLAN_CTAG_FILTER) |
| 452 | - vlan_vid_del(dev, htons(ETH_P_8021Q), 0); |
| 453 | - |
| 454 | /* Put all VLANs for this dev in the down state too. */ |
| 455 | vlan_group_for_each_dev(grp, i, vlandev) { |
| 456 | flgs = vlandev->flags; |
| 457 | diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
| 458 | index fe008f1bd930..aec5605944d3 100644 |
| 459 | --- a/net/core/skbuff.c |
| 460 | +++ b/net/core/skbuff.c |
| 461 | @@ -4375,6 +4375,7 @@ void skb_scrub_packet(struct sk_buff *skb, bool xnet) |
| 462 | if (!xnet) |
| 463 | return; |
| 464 | |
| 465 | + ipvs_reset(skb); |
| 466 | skb_orphan(skb); |
| 467 | skb->mark = 0; |
| 468 | } |
| 469 | diff --git a/net/ipv4/tcp_nv.c b/net/ipv4/tcp_nv.c |
| 470 | index 5de82a8d4d87..e45e2c41c7bd 100644 |
| 471 | --- a/net/ipv4/tcp_nv.c |
| 472 | +++ b/net/ipv4/tcp_nv.c |
| 473 | @@ -263,7 +263,7 @@ static void tcpnv_acked(struct sock *sk, const struct ack_sample *sample) |
| 474 | |
| 475 | /* rate in 100's bits per second */ |
| 476 | rate64 = ((u64)sample->in_flight) * 8000000; |
| 477 | - rate = (u32)div64_u64(rate64, (u64)(avg_rtt * 100)); |
| 478 | + rate = (u32)div64_u64(rate64, (u64)(avg_rtt ?: 1) * 100); |
| 479 | |
| 480 | /* Remember the maximum rate seen during this RTT |
| 481 | * Note: It may be more than one RTT. This function should be |
| 482 | diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
| 483 | index 566b43afe378..3d7b59ecc76c 100644 |
| 484 | --- a/net/ipv4/tcp_output.c |
| 485 | +++ b/net/ipv4/tcp_output.c |
| 486 | @@ -3110,13 +3110,8 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst, |
| 487 | tcp_ecn_make_synack(req, th); |
| 488 | th->source = htons(ireq->ir_num); |
| 489 | th->dest = ireq->ir_rmt_port; |
| 490 | - /* Setting of flags are superfluous here for callers (and ECE is |
| 491 | - * not even correctly set) |
| 492 | - */ |
| 493 | - tcp_init_nondata_skb(skb, tcp_rsk(req)->snt_isn, |
| 494 | - TCPHDR_SYN | TCPHDR_ACK); |
| 495 | - |
| 496 | - th->seq = htonl(TCP_SKB_CB(skb)->seq); |
| 497 | + skb->ip_summed = CHECKSUM_PARTIAL; |
| 498 | + th->seq = htonl(tcp_rsk(req)->snt_isn); |
| 499 | /* XXX data is queued and acked as is. No buffer/window check */ |
| 500 | th->ack_seq = htonl(tcp_rsk(req)->rcv_nxt); |
| 501 | |
| 502 | diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c |
| 503 | index a1dca3b169a1..c9fac08a53b1 100644 |
| 504 | --- a/net/netlink/af_netlink.c |
| 505 | +++ b/net/netlink/af_netlink.c |
| 506 | @@ -2077,7 +2077,7 @@ static int netlink_dump(struct sock *sk) |
| 507 | struct sk_buff *skb = NULL; |
| 508 | struct nlmsghdr *nlh; |
| 509 | struct module *module; |
| 510 | - int len, err = -ENOBUFS; |
| 511 | + int err = -ENOBUFS; |
| 512 | int alloc_min_size; |
| 513 | int alloc_size; |
| 514 | |
| 515 | @@ -2124,9 +2124,11 @@ static int netlink_dump(struct sock *sk) |
| 516 | skb_reserve(skb, skb_tailroom(skb) - alloc_size); |
| 517 | netlink_skb_set_owner_r(skb, sk); |
| 518 | |
| 519 | - len = cb->dump(skb, cb); |
| 520 | + if (nlk->dump_done_errno > 0) |
| 521 | + nlk->dump_done_errno = cb->dump(skb, cb); |
| 522 | |
| 523 | - if (len > 0) { |
| 524 | + if (nlk->dump_done_errno > 0 || |
| 525 | + skb_tailroom(skb) < nlmsg_total_size(sizeof(nlk->dump_done_errno))) { |
| 526 | mutex_unlock(nlk->cb_mutex); |
| 527 | |
| 528 | if (sk_filter(sk, skb)) |
| 529 | @@ -2136,13 +2138,15 @@ static int netlink_dump(struct sock *sk) |
| 530 | return 0; |
| 531 | } |
| 532 | |
| 533 | - nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE, sizeof(len), NLM_F_MULTI); |
| 534 | - if (!nlh) |
| 535 | + nlh = nlmsg_put_answer(skb, cb, NLMSG_DONE, |
| 536 | + sizeof(nlk->dump_done_errno), NLM_F_MULTI); |
| 537 | + if (WARN_ON(!nlh)) |
| 538 | goto errout_skb; |
| 539 | |
| 540 | nl_dump_check_consistent(cb, nlh); |
| 541 | |
| 542 | - memcpy(nlmsg_data(nlh), &len, sizeof(len)); |
| 543 | + memcpy(nlmsg_data(nlh), &nlk->dump_done_errno, |
| 544 | + sizeof(nlk->dump_done_errno)); |
| 545 | |
| 546 | if (sk_filter(sk, skb)) |
| 547 | kfree_skb(skb); |
| 548 | @@ -2214,6 +2218,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb, |
| 549 | } |
| 550 | |
| 551 | nlk->cb_running = true; |
| 552 | + nlk->dump_done_errno = INT_MAX; |
| 553 | |
| 554 | mutex_unlock(nlk->cb_mutex); |
| 555 | |
| 556 | diff --git a/net/netlink/af_netlink.h b/net/netlink/af_netlink.h |
| 557 | index 4fdb38318977..bae961cfa3ad 100644 |
| 558 | --- a/net/netlink/af_netlink.h |
| 559 | +++ b/net/netlink/af_netlink.h |
| 560 | @@ -24,6 +24,7 @@ struct netlink_sock { |
| 561 | wait_queue_head_t wait; |
| 562 | bool bound; |
| 563 | bool cb_running; |
| 564 | + int dump_done_errno; |
| 565 | struct netlink_callback cb; |
| 566 | struct mutex *cb_mutex; |
| 567 | struct mutex cb_def_mutex; |
| 568 | diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c |
| 569 | index f7f00d012888..5d015270e454 100644 |
| 570 | --- a/net/sctp/ipv6.c |
| 571 | +++ b/net/sctp/ipv6.c |
| 572 | @@ -806,9 +806,10 @@ static void sctp_inet6_skb_msgname(struct sk_buff *skb, char *msgname, |
| 573 | addr->v6.sin6_flowinfo = 0; |
| 574 | addr->v6.sin6_port = sh->source; |
| 575 | addr->v6.sin6_addr = ipv6_hdr(skb)->saddr; |
| 576 | - if (ipv6_addr_type(&addr->v6.sin6_addr) & IPV6_ADDR_LINKLOCAL) { |
| 577 | + if (ipv6_addr_type(&addr->v6.sin6_addr) & IPV6_ADDR_LINKLOCAL) |
| 578 | addr->v6.sin6_scope_id = sctp_v6_skb_iif(skb); |
| 579 | - } |
| 580 | + else |
| 581 | + addr->v6.sin6_scope_id = 0; |
| 582 | } |
| 583 | |
| 584 | *addr_len = sctp_v6_addr_to_user(sctp_sk(skb->sk), addr); |
| 585 | diff --git a/net/sctp/socket.c b/net/sctp/socket.c |
| 586 | index ffcc8aa78db7..c062ceae19e6 100644 |
| 587 | --- a/net/sctp/socket.c |
| 588 | +++ b/net/sctp/socket.c |
| 589 | @@ -4764,6 +4764,10 @@ int sctp_do_peeloff(struct sock *sk, sctp_assoc_t id, struct socket **sockp) |
| 590 | struct socket *sock; |
| 591 | int err = 0; |
| 592 | |
| 593 | + /* Do not peel off from one netns to another one. */ |
| 594 | + if (!net_eq(current->nsproxy->net_ns, sock_net(sk))) |
| 595 | + return -EINVAL; |
| 596 | + |
| 597 | if (!asoc) |
| 598 | return -EINVAL; |
| 599 | |
| 600 | diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c |
| 601 | index 097459830454..6830d2427e47 100644 |
| 602 | --- a/security/integrity/ima/ima_appraise.c |
| 603 | +++ b/security/integrity/ima/ima_appraise.c |
| 604 | @@ -303,6 +303,9 @@ void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file) |
| 605 | if (iint->flags & IMA_DIGSIG) |
| 606 | return; |
| 607 | |
| 608 | + if (iint->ima_file_status != INTEGRITY_PASS) |
| 609 | + return; |
| 610 | + |
| 611 | rc = ima_collect_measurement(iint, file, NULL, 0, ima_hash_algo); |
| 612 | if (rc < 0) |
| 613 | return; |