Annotation of /trunk/kernel-alx/patches-4.19/0115-4.19.16-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 3394 -
(hide annotations)
(download)
Fri Aug 2 11:47:29 2019 UTC (4 years, 10 months ago) by niro
File size: 59485 byte(s)
Fri Aug 2 11:47:29 2019 UTC (4 years, 10 months ago) by niro
File size: 59485 byte(s)
-linux-4.19.16
| 1 | niro | 3394 | diff --git a/Makefile b/Makefile |
| 2 | index 0e30d48274fa..e8cb4875b86d 100644 | ||
| 3 | --- a/Makefile | ||
| 4 | +++ b/Makefile | ||
| 5 | @@ -1,7 +1,7 @@ | ||
| 6 | # SPDX-License-Identifier: GPL-2.0 | ||
| 7 | VERSION = 4 | ||
| 8 | PATCHLEVEL = 19 | ||
| 9 | -SUBLEVEL = 15 | ||
| 10 | +SUBLEVEL = 16 | ||
| 11 | EXTRAVERSION = | ||
| 12 | NAME = "People's Front" | ||
| 13 | |||
| 14 | diff --git a/arch/arm64/kernel/sys_compat.c b/arch/arm64/kernel/sys_compat.c | ||
| 15 | index 7be666062c7c..010212d35700 100644 | ||
| 16 | --- a/arch/arm64/kernel/sys_compat.c | ||
| 17 | +++ b/arch/arm64/kernel/sys_compat.c | ||
| 18 | @@ -66,12 +66,11 @@ do_compat_cache_op(unsigned long start, unsigned long end, int flags) | ||
| 19 | /* | ||
| 20 | * Handle all unrecognised system calls. | ||
| 21 | */ | ||
| 22 | -long compat_arm_syscall(struct pt_regs *regs) | ||
| 23 | +long compat_arm_syscall(struct pt_regs *regs, int scno) | ||
| 24 | { | ||
| 25 | siginfo_t info; | ||
| 26 | - unsigned int no = regs->regs[7]; | ||
| 27 | |||
| 28 | - switch (no) { | ||
| 29 | + switch (scno) { | ||
| 30 | /* | ||
| 31 | * Flush a region from virtual address 'r0' to virtual address 'r1' | ||
| 32 | * _exclusive_. There is no alignment requirement on either address; | ||
| 33 | @@ -107,7 +106,7 @@ long compat_arm_syscall(struct pt_regs *regs) | ||
| 34 | * way the calling program can gracefully determine whether | ||
| 35 | * a feature is supported. | ||
| 36 | */ | ||
| 37 | - if (no < __ARM_NR_COMPAT_END) | ||
| 38 | + if (scno < __ARM_NR_COMPAT_END) | ||
| 39 | return -ENOSYS; | ||
| 40 | break; | ||
| 41 | } | ||
| 42 | @@ -119,6 +118,6 @@ long compat_arm_syscall(struct pt_regs *regs) | ||
| 43 | info.si_addr = (void __user *)instruction_pointer(regs) - | ||
| 44 | (compat_thumb_mode(regs) ? 2 : 4); | ||
| 45 | |||
| 46 | - arm64_notify_die("Oops - bad compat syscall(2)", regs, &info, no); | ||
| 47 | + arm64_notify_die("Oops - bad compat syscall(2)", regs, &info, scno); | ||
| 48 | return 0; | ||
| 49 | } | ||
| 50 | diff --git a/arch/arm64/kernel/syscall.c b/arch/arm64/kernel/syscall.c | ||
| 51 | index 032d22312881..5610ac01c1ec 100644 | ||
| 52 | --- a/arch/arm64/kernel/syscall.c | ||
| 53 | +++ b/arch/arm64/kernel/syscall.c | ||
| 54 | @@ -13,16 +13,15 @@ | ||
| 55 | #include <asm/thread_info.h> | ||
| 56 | #include <asm/unistd.h> | ||
| 57 | |||
| 58 | -long compat_arm_syscall(struct pt_regs *regs); | ||
| 59 | - | ||
| 60 | +long compat_arm_syscall(struct pt_regs *regs, int scno); | ||
| 61 | long sys_ni_syscall(void); | ||
| 62 | |||
| 63 | -asmlinkage long do_ni_syscall(struct pt_regs *regs) | ||
| 64 | +static long do_ni_syscall(struct pt_regs *regs, int scno) | ||
| 65 | { | ||
| 66 | #ifdef CONFIG_COMPAT | ||
| 67 | long ret; | ||
| 68 | if (is_compat_task()) { | ||
| 69 | - ret = compat_arm_syscall(regs); | ||
| 70 | + ret = compat_arm_syscall(regs, scno); | ||
| 71 | if (ret != -ENOSYS) | ||
| 72 | return ret; | ||
| 73 | } | ||
| 74 | @@ -47,7 +46,7 @@ static void invoke_syscall(struct pt_regs *regs, unsigned int scno, | ||
| 75 | syscall_fn = syscall_table[array_index_nospec(scno, sc_nr)]; | ||
| 76 | ret = __invoke_syscall(regs, syscall_fn); | ||
| 77 | } else { | ||
| 78 | - ret = do_ni_syscall(regs); | ||
| 79 | + ret = do_ni_syscall(regs, scno); | ||
| 80 | } | ||
| 81 | |||
| 82 | regs->regs[0] = ret; | ||
| 83 | diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c | ||
| 84 | index abb92c341693..807d06a7acac 100644 | ||
| 85 | --- a/arch/x86/kernel/cpu/bugs.c | ||
| 86 | +++ b/arch/x86/kernel/cpu/bugs.c | ||
| 87 | @@ -213,7 +213,7 @@ static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = | ||
| 88 | static enum spectre_v2_user_mitigation spectre_v2_user __ro_after_init = | ||
| 89 | SPECTRE_V2_USER_NONE; | ||
| 90 | |||
| 91 | -#ifdef RETPOLINE | ||
| 92 | +#ifdef CONFIG_RETPOLINE | ||
| 93 | static bool spectre_v2_bad_module; | ||
| 94 | |||
| 95 | bool retpoline_module_ok(bool has_retpoline) | ||
| 96 | diff --git a/drivers/acpi/arm64/iort.c b/drivers/acpi/arm64/iort.c | ||
| 97 | index e938576e58cb..e48eebc27b81 100644 | ||
| 98 | --- a/drivers/acpi/arm64/iort.c | ||
| 99 | +++ b/drivers/acpi/arm64/iort.c | ||
| 100 | @@ -951,9 +951,10 @@ static int rc_dma_get_range(struct device *dev, u64 *size) | ||
| 101 | { | ||
| 102 | struct acpi_iort_node *node; | ||
| 103 | struct acpi_iort_root_complex *rc; | ||
| 104 | + struct pci_bus *pbus = to_pci_dev(dev)->bus; | ||
| 105 | |||
| 106 | node = iort_scan_node(ACPI_IORT_NODE_PCI_ROOT_COMPLEX, | ||
| 107 | - iort_match_node_callback, dev); | ||
| 108 | + iort_match_node_callback, &pbus->dev); | ||
| 109 | if (!node || node->revision < 1) | ||
| 110 | return -ENODEV; | ||
| 111 | |||
| 112 | diff --git a/drivers/acpi/pmic/intel_pmic_xpower.c b/drivers/acpi/pmic/intel_pmic_xpower.c | ||
| 113 | index 316e55174aa9..bb5391f59b8b 100644 | ||
| 114 | --- a/drivers/acpi/pmic/intel_pmic_xpower.c | ||
| 115 | +++ b/drivers/acpi/pmic/intel_pmic_xpower.c | ||
| 116 | @@ -27,8 +27,11 @@ | ||
| 117 | #define GPI1_LDO_ON (3 << 0) | ||
| 118 | #define GPI1_LDO_OFF (4 << 0) | ||
| 119 | |||
| 120 | -#define AXP288_ADC_TS_PIN_GPADC 0xf2 | ||
| 121 | -#define AXP288_ADC_TS_PIN_ON 0xf3 | ||
| 122 | +#define AXP288_ADC_TS_CURRENT_ON_OFF_MASK GENMASK(1, 0) | ||
| 123 | +#define AXP288_ADC_TS_CURRENT_OFF (0 << 0) | ||
| 124 | +#define AXP288_ADC_TS_CURRENT_ON_WHEN_CHARGING (1 << 0) | ||
| 125 | +#define AXP288_ADC_TS_CURRENT_ON_ONDEMAND (2 << 0) | ||
| 126 | +#define AXP288_ADC_TS_CURRENT_ON (3 << 0) | ||
| 127 | |||
| 128 | static struct pmic_table power_table[] = { | ||
| 129 | { | ||
| 130 | @@ -211,22 +214,44 @@ static int intel_xpower_pmic_update_power(struct regmap *regmap, int reg, | ||
| 131 | */ | ||
| 132 | static int intel_xpower_pmic_get_raw_temp(struct regmap *regmap, int reg) | ||
| 133 | { | ||
| 134 | + int ret, adc_ts_pin_ctrl; | ||
| 135 | u8 buf[2]; | ||
| 136 | - int ret; | ||
| 137 | |||
| 138 | - ret = regmap_write(regmap, AXP288_ADC_TS_PIN_CTRL, | ||
| 139 | - AXP288_ADC_TS_PIN_GPADC); | ||
| 140 | + /* | ||
| 141 | + * The current-source used for the battery temp-sensor (TS) is shared | ||
| 142 | + * with the GPADC. For proper fuel-gauge and charger operation the TS | ||
| 143 | + * current-source needs to be permanently on. But to read the GPADC we | ||
| 144 | + * need to temporary switch the TS current-source to ondemand, so that | ||
| 145 | + * the GPADC can use it, otherwise we will always read an all 0 value. | ||
| 146 | + * | ||
| 147 | + * Note that the switching from on to on-ondemand is not necessary | ||
| 148 | + * when the TS current-source is off (this happens on devices which | ||
| 149 | + * do not use the TS-pin). | ||
| 150 | + */ | ||
| 151 | + ret = regmap_read(regmap, AXP288_ADC_TS_PIN_CTRL, &adc_ts_pin_ctrl); | ||
| 152 | if (ret) | ||
| 153 | return ret; | ||
| 154 | |||
| 155 | - /* After switching to the GPADC pin give things some time to settle */ | ||
| 156 | - usleep_range(6000, 10000); | ||
| 157 | + if (adc_ts_pin_ctrl & AXP288_ADC_TS_CURRENT_ON_OFF_MASK) { | ||
| 158 | + ret = regmap_update_bits(regmap, AXP288_ADC_TS_PIN_CTRL, | ||
| 159 | + AXP288_ADC_TS_CURRENT_ON_OFF_MASK, | ||
| 160 | + AXP288_ADC_TS_CURRENT_ON_ONDEMAND); | ||
| 161 | + if (ret) | ||
| 162 | + return ret; | ||
| 163 | + | ||
| 164 | + /* Wait a bit after switching the current-source */ | ||
| 165 | + usleep_range(6000, 10000); | ||
| 166 | + } | ||
| 167 | |||
| 168 | ret = regmap_bulk_read(regmap, AXP288_GP_ADC_H, buf, 2); | ||
| 169 | if (ret == 0) | ||
| 170 | ret = (buf[0] << 4) + ((buf[1] >> 4) & 0x0f); | ||
| 171 | |||
| 172 | - regmap_write(regmap, AXP288_ADC_TS_PIN_CTRL, AXP288_ADC_TS_PIN_ON); | ||
| 173 | + if (adc_ts_pin_ctrl & AXP288_ADC_TS_CURRENT_ON_OFF_MASK) { | ||
| 174 | + regmap_update_bits(regmap, AXP288_ADC_TS_PIN_CTRL, | ||
| 175 | + AXP288_ADC_TS_CURRENT_ON_OFF_MASK, | ||
| 176 | + AXP288_ADC_TS_CURRENT_ON); | ||
| 177 | + } | ||
| 178 | |||
| 179 | return ret; | ||
| 180 | } | ||
| 181 | diff --git a/drivers/acpi/power.c b/drivers/acpi/power.c | ||
| 182 | index 1b475bc1ae16..665e93ca0b40 100644 | ||
| 183 | --- a/drivers/acpi/power.c | ||
| 184 | +++ b/drivers/acpi/power.c | ||
| 185 | @@ -131,6 +131,23 @@ void acpi_power_resources_list_free(struct list_head *list) | ||
| 186 | } | ||
| 187 | } | ||
| 188 | |||
| 189 | +static bool acpi_power_resource_is_dup(union acpi_object *package, | ||
| 190 | + unsigned int start, unsigned int i) | ||
| 191 | +{ | ||
| 192 | + acpi_handle rhandle, dup; | ||
| 193 | + unsigned int j; | ||
| 194 | + | ||
| 195 | + /* The caller is expected to check the package element types */ | ||
| 196 | + rhandle = package->package.elements[i].reference.handle; | ||
| 197 | + for (j = start; j < i; j++) { | ||
| 198 | + dup = package->package.elements[j].reference.handle; | ||
| 199 | + if (dup == rhandle) | ||
| 200 | + return true; | ||
| 201 | + } | ||
| 202 | + | ||
| 203 | + return false; | ||
| 204 | +} | ||
| 205 | + | ||
| 206 | int acpi_extract_power_resources(union acpi_object *package, unsigned int start, | ||
| 207 | struct list_head *list) | ||
| 208 | { | ||
| 209 | @@ -150,6 +167,11 @@ int acpi_extract_power_resources(union acpi_object *package, unsigned int start, | ||
| 210 | err = -ENODEV; | ||
| 211 | break; | ||
| 212 | } | ||
| 213 | + | ||
| 214 | + /* Some ACPI tables contain duplicate power resource references */ | ||
| 215 | + if (acpi_power_resource_is_dup(package, start, i)) | ||
| 216 | + continue; | ||
| 217 | + | ||
| 218 | err = acpi_add_power_resource(rhandle); | ||
| 219 | if (err) | ||
| 220 | break; | ||
| 221 | diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c | ||
| 222 | index 73ed5f3a862d..585378bc988c 100644 | ||
| 223 | --- a/drivers/block/rbd.c | ||
| 224 | +++ b/drivers/block/rbd.c | ||
| 225 | @@ -5982,7 +5982,6 @@ static ssize_t do_rbd_remove(struct bus_type *bus, | ||
| 226 | struct list_head *tmp; | ||
| 227 | int dev_id; | ||
| 228 | char opt_buf[6]; | ||
| 229 | - bool already = false; | ||
| 230 | bool force = false; | ||
| 231 | int ret; | ||
| 232 | |||
| 233 | @@ -6015,13 +6014,13 @@ static ssize_t do_rbd_remove(struct bus_type *bus, | ||
| 234 | spin_lock_irq(&rbd_dev->lock); | ||
| 235 | if (rbd_dev->open_count && !force) | ||
| 236 | ret = -EBUSY; | ||
| 237 | - else | ||
| 238 | - already = test_and_set_bit(RBD_DEV_FLAG_REMOVING, | ||
| 239 | - &rbd_dev->flags); | ||
| 240 | + else if (test_and_set_bit(RBD_DEV_FLAG_REMOVING, | ||
| 241 | + &rbd_dev->flags)) | ||
| 242 | + ret = -EINPROGRESS; | ||
| 243 | spin_unlock_irq(&rbd_dev->lock); | ||
| 244 | } | ||
| 245 | spin_unlock(&rbd_dev_list_lock); | ||
| 246 | - if (ret < 0 || already) | ||
| 247 | + if (ret) | ||
| 248 | return ret; | ||
| 249 | |||
| 250 | if (force) { | ||
| 251 | diff --git a/drivers/cpufreq/scmi-cpufreq.c b/drivers/cpufreq/scmi-cpufreq.c | ||
| 252 | index 50b1551ba894..3f0693439486 100644 | ||
| 253 | --- a/drivers/cpufreq/scmi-cpufreq.c | ||
| 254 | +++ b/drivers/cpufreq/scmi-cpufreq.c | ||
| 255 | @@ -52,9 +52,9 @@ scmi_cpufreq_set_target(struct cpufreq_policy *policy, unsigned int index) | ||
| 256 | int ret; | ||
| 257 | struct scmi_data *priv = policy->driver_data; | ||
| 258 | struct scmi_perf_ops *perf_ops = handle->perf_ops; | ||
| 259 | - u64 freq = policy->freq_table[index].frequency * 1000; | ||
| 260 | + u64 freq = policy->freq_table[index].frequency; | ||
| 261 | |||
| 262 | - ret = perf_ops->freq_set(handle, priv->domain_id, freq, false); | ||
| 263 | + ret = perf_ops->freq_set(handle, priv->domain_id, freq * 1000, false); | ||
| 264 | if (!ret) | ||
| 265 | arch_set_freq_scale(policy->related_cpus, freq, | ||
| 266 | policy->cpuinfo.max_freq); | ||
| 267 | diff --git a/drivers/gpu/drm/Kconfig b/drivers/gpu/drm/Kconfig | ||
| 268 | index cb88528e7b10..e44e567bd789 100644 | ||
| 269 | --- a/drivers/gpu/drm/Kconfig | ||
| 270 | +++ b/drivers/gpu/drm/Kconfig | ||
| 271 | @@ -110,6 +110,26 @@ config DRM_FBDEV_OVERALLOC | ||
| 272 | is 100. Typical values for double buffering will be 200, | ||
| 273 | triple buffering 300. | ||
| 274 | |||
| 275 | +config DRM_FBDEV_LEAK_PHYS_SMEM | ||
| 276 | + bool "Shamelessly allow leaking of fbdev physical address (DANGEROUS)" | ||
| 277 | + depends on DRM_FBDEV_EMULATION && EXPERT | ||
| 278 | + default n | ||
| 279 | + help | ||
| 280 | + In order to keep user-space compatibility, we want in certain | ||
| 281 | + use-cases to keep leaking the fbdev physical address to the | ||
| 282 | + user-space program handling the fbdev buffer. | ||
| 283 | + This affects, not only, Amlogic, Allwinner or Rockchip devices | ||
| 284 | + with ARM Mali GPUs using an userspace Blob. | ||
| 285 | + This option is not supported by upstream developers and should be | ||
| 286 | + removed as soon as possible and be considered as a broken and | ||
| 287 | + legacy behaviour from a modern fbdev device driver. | ||
| 288 | + | ||
| 289 | + Please send any bug reports when using this to your proprietary | ||
| 290 | + software vendor that requires this. | ||
| 291 | + | ||
| 292 | + If in doubt, say "N" or spread the word to your closed source | ||
| 293 | + library vendor. | ||
| 294 | + | ||
| 295 | config DRM_LOAD_EDID_FIRMWARE | ||
| 296 | bool "Allow to specify an EDID data set instead of probing for it" | ||
| 297 | depends on DRM | ||
| 298 | diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | ||
| 299 | index 8e26e1ca14c6..b40e9c76af0c 100644 | ||
| 300 | --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | ||
| 301 | +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | ||
| 302 | @@ -753,6 +753,7 @@ static const struct pci_device_id pciidlist[] = { | ||
| 303 | /* VEGAM */ | ||
| 304 | {0x1002, 0x694C, PCI_ANY_ID, PCI_ANY_ID, 0, 0, CHIP_VEGAM}, | ||
| 305 | {0x1002, 0x694E, PCI_ANY_ID, PCI_ANY_ID, 0, 0, CHIP_VEGAM}, | ||
| 306 | + {0x1002, 0x694F, PCI_ANY_ID, PCI_ANY_ID, 0, 0, CHIP_VEGAM}, | ||
| 307 | /* Vega 10 */ | ||
| 308 | {0x1002, 0x6860, PCI_ANY_ID, PCI_ANY_ID, 0, 0, CHIP_VEGA10}, | ||
| 309 | {0x1002, 0x6861, PCI_ANY_ID, PCI_ANY_ID, 0, 0, CHIP_VEGA10}, | ||
| 310 | diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | ||
| 311 | index d792735f1365..a851bb07443f 100644 | ||
| 312 | --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | ||
| 313 | +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | ||
| 314 | @@ -565,22 +565,36 @@ static void s3_handle_mst(struct drm_device *dev, bool suspend) | ||
| 315 | { | ||
| 316 | struct amdgpu_dm_connector *aconnector; | ||
| 317 | struct drm_connector *connector; | ||
| 318 | + struct drm_dp_mst_topology_mgr *mgr; | ||
| 319 | + int ret; | ||
| 320 | + bool need_hotplug = false; | ||
| 321 | |||
| 322 | drm_modeset_lock(&dev->mode_config.connection_mutex, NULL); | ||
| 323 | |||
| 324 | - list_for_each_entry(connector, &dev->mode_config.connector_list, head) { | ||
| 325 | - aconnector = to_amdgpu_dm_connector(connector); | ||
| 326 | - if (aconnector->dc_link->type == dc_connection_mst_branch && | ||
| 327 | - !aconnector->mst_port) { | ||
| 328 | + list_for_each_entry(connector, &dev->mode_config.connector_list, | ||
| 329 | + head) { | ||
| 330 | + aconnector = to_amdgpu_dm_connector(connector); | ||
| 331 | + if (aconnector->dc_link->type != dc_connection_mst_branch || | ||
| 332 | + aconnector->mst_port) | ||
| 333 | + continue; | ||
| 334 | |||
| 335 | - if (suspend) | ||
| 336 | - drm_dp_mst_topology_mgr_suspend(&aconnector->mst_mgr); | ||
| 337 | - else | ||
| 338 | - drm_dp_mst_topology_mgr_resume(&aconnector->mst_mgr); | ||
| 339 | - } | ||
| 340 | + mgr = &aconnector->mst_mgr; | ||
| 341 | + | ||
| 342 | + if (suspend) { | ||
| 343 | + drm_dp_mst_topology_mgr_suspend(mgr); | ||
| 344 | + } else { | ||
| 345 | + ret = drm_dp_mst_topology_mgr_resume(mgr); | ||
| 346 | + if (ret < 0) { | ||
| 347 | + drm_dp_mst_topology_mgr_set_mst(mgr, false); | ||
| 348 | + need_hotplug = true; | ||
| 349 | + } | ||
| 350 | + } | ||
| 351 | } | ||
| 352 | |||
| 353 | drm_modeset_unlock(&dev->mode_config.connection_mutex); | ||
| 354 | + | ||
| 355 | + if (need_hotplug) | ||
| 356 | + drm_kms_helper_hotplug_event(dev); | ||
| 357 | } | ||
| 358 | |||
| 359 | static int dm_hw_init(void *handle) | ||
| 360 | @@ -736,7 +750,6 @@ static int dm_resume(void *handle) | ||
| 361 | struct drm_plane_state *new_plane_state; | ||
| 362 | struct dm_plane_state *dm_new_plane_state; | ||
| 363 | enum dc_connection_type new_connection_type = dc_connection_none; | ||
| 364 | - int ret; | ||
| 365 | int i; | ||
| 366 | |||
| 367 | /* power on hardware */ | ||
| 368 | @@ -809,13 +822,13 @@ static int dm_resume(void *handle) | ||
| 369 | } | ||
| 370 | } | ||
| 371 | |||
| 372 | - ret = drm_atomic_helper_resume(ddev, dm->cached_state); | ||
| 373 | + drm_atomic_helper_resume(ddev, dm->cached_state); | ||
| 374 | |||
| 375 | dm->cached_state = NULL; | ||
| 376 | |||
| 377 | amdgpu_dm_irq_resume_late(adev); | ||
| 378 | |||
| 379 | - return ret; | ||
| 380 | + return 0; | ||
| 381 | } | ||
| 382 | |||
| 383 | static const struct amd_ip_funcs amdgpu_dm_funcs = { | ||
| 384 | diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link.c b/drivers/gpu/drm/amd/display/dc/core/dc_link.c | ||
| 385 | index fced3c1c2ef5..7c89785fd731 100644 | ||
| 386 | --- a/drivers/gpu/drm/amd/display/dc/core/dc_link.c | ||
| 387 | +++ b/drivers/gpu/drm/amd/display/dc/core/dc_link.c | ||
| 388 | @@ -2457,11 +2457,11 @@ void core_link_disable_stream(struct pipe_ctx *pipe_ctx, int option) | ||
| 389 | { | ||
| 390 | struct dc *core_dc = pipe_ctx->stream->ctx->dc; | ||
| 391 | |||
| 392 | + core_dc->hwss.blank_stream(pipe_ctx); | ||
| 393 | + | ||
| 394 | if (pipe_ctx->stream->signal == SIGNAL_TYPE_DISPLAY_PORT_MST) | ||
| 395 | deallocate_mst_payload(pipe_ctx); | ||
| 396 | |||
| 397 | - core_dc->hwss.blank_stream(pipe_ctx); | ||
| 398 | - | ||
| 399 | core_dc->hwss.disable_stream(pipe_ctx, option); | ||
| 400 | |||
| 401 | disable_link(pipe_ctx->stream->sink->link, pipe_ctx->stream->signal); | ||
| 402 | diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c | ||
| 403 | index 9214c8b02484..b5b9f15549c2 100644 | ||
| 404 | --- a/drivers/gpu/drm/drm_fb_helper.c | ||
| 405 | +++ b/drivers/gpu/drm/drm_fb_helper.c | ||
| 406 | @@ -56,6 +56,25 @@ MODULE_PARM_DESC(drm_fbdev_overalloc, | ||
| 407 | "Overallocation of the fbdev buffer (%) [default=" | ||
| 408 | __MODULE_STRING(CONFIG_DRM_FBDEV_OVERALLOC) "]"); | ||
| 409 | |||
| 410 | +/* | ||
| 411 | + * In order to keep user-space compatibility, we want in certain use-cases | ||
| 412 | + * to keep leaking the fbdev physical address to the user-space program | ||
| 413 | + * handling the fbdev buffer. | ||
| 414 | + * This is a bad habit essentially kept into closed source opengl driver | ||
| 415 | + * that should really be moved into open-source upstream projects instead | ||
| 416 | + * of using legacy physical addresses in user space to communicate with | ||
| 417 | + * other out-of-tree kernel modules. | ||
| 418 | + * | ||
| 419 | + * This module_param *should* be removed as soon as possible and be | ||
| 420 | + * considered as a broken and legacy behaviour from a modern fbdev device. | ||
| 421 | + */ | ||
| 422 | +#if IS_ENABLED(CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM) | ||
| 423 | +static bool drm_leak_fbdev_smem = false; | ||
| 424 | +module_param_unsafe(drm_leak_fbdev_smem, bool, 0600); | ||
| 425 | +MODULE_PARM_DESC(fbdev_emulation, | ||
| 426 | + "Allow unsafe leaking fbdev physical smem address [default=false]"); | ||
| 427 | +#endif | ||
| 428 | + | ||
| 429 | static LIST_HEAD(kernel_fb_helper_list); | ||
| 430 | static DEFINE_MUTEX(kernel_fb_helper_lock); | ||
| 431 | |||
| 432 | @@ -1602,6 +1621,64 @@ static bool drm_fb_pixel_format_equal(const struct fb_var_screeninfo *var_1, | ||
| 433 | var_1->transp.msb_right == var_2->transp.msb_right; | ||
| 434 | } | ||
| 435 | |||
| 436 | +static void drm_fb_helper_fill_pixel_fmt(struct fb_var_screeninfo *var, | ||
| 437 | + u8 depth) | ||
| 438 | +{ | ||
| 439 | + switch (depth) { | ||
| 440 | + case 8: | ||
| 441 | + var->red.offset = 0; | ||
| 442 | + var->green.offset = 0; | ||
| 443 | + var->blue.offset = 0; | ||
| 444 | + var->red.length = 8; /* 8bit DAC */ | ||
| 445 | + var->green.length = 8; | ||
| 446 | + var->blue.length = 8; | ||
| 447 | + var->transp.offset = 0; | ||
| 448 | + var->transp.length = 0; | ||
| 449 | + break; | ||
| 450 | + case 15: | ||
| 451 | + var->red.offset = 10; | ||
| 452 | + var->green.offset = 5; | ||
| 453 | + var->blue.offset = 0; | ||
| 454 | + var->red.length = 5; | ||
| 455 | + var->green.length = 5; | ||
| 456 | + var->blue.length = 5; | ||
| 457 | + var->transp.offset = 15; | ||
| 458 | + var->transp.length = 1; | ||
| 459 | + break; | ||
| 460 | + case 16: | ||
| 461 | + var->red.offset = 11; | ||
| 462 | + var->green.offset = 5; | ||
| 463 | + var->blue.offset = 0; | ||
| 464 | + var->red.length = 5; | ||
| 465 | + var->green.length = 6; | ||
| 466 | + var->blue.length = 5; | ||
| 467 | + var->transp.offset = 0; | ||
| 468 | + break; | ||
| 469 | + case 24: | ||
| 470 | + var->red.offset = 16; | ||
| 471 | + var->green.offset = 8; | ||
| 472 | + var->blue.offset = 0; | ||
| 473 | + var->red.length = 8; | ||
| 474 | + var->green.length = 8; | ||
| 475 | + var->blue.length = 8; | ||
| 476 | + var->transp.offset = 0; | ||
| 477 | + var->transp.length = 0; | ||
| 478 | + break; | ||
| 479 | + case 32: | ||
| 480 | + var->red.offset = 16; | ||
| 481 | + var->green.offset = 8; | ||
| 482 | + var->blue.offset = 0; | ||
| 483 | + var->red.length = 8; | ||
| 484 | + var->green.length = 8; | ||
| 485 | + var->blue.length = 8; | ||
| 486 | + var->transp.offset = 24; | ||
| 487 | + var->transp.length = 8; | ||
| 488 | + break; | ||
| 489 | + default: | ||
| 490 | + break; | ||
| 491 | + } | ||
| 492 | +} | ||
| 493 | + | ||
| 494 | /** | ||
| 495 | * drm_fb_helper_check_var - implementation for &fb_ops.fb_check_var | ||
| 496 | * @var: screeninfo to check | ||
| 497 | @@ -1631,6 +1708,20 @@ int drm_fb_helper_check_var(struct fb_var_screeninfo *var, | ||
| 498 | return -EINVAL; | ||
| 499 | } | ||
| 500 | |||
| 501 | + /* | ||
| 502 | + * Workaround for SDL 1.2, which is known to be setting all pixel format | ||
| 503 | + * fields values to zero in some cases. We treat this situation as a | ||
| 504 | + * kind of "use some reasonable autodetected values". | ||
| 505 | + */ | ||
| 506 | + if (!var->red.offset && !var->green.offset && | ||
| 507 | + !var->blue.offset && !var->transp.offset && | ||
| 508 | + !var->red.length && !var->green.length && | ||
| 509 | + !var->blue.length && !var->transp.length && | ||
| 510 | + !var->red.msb_right && !var->green.msb_right && | ||
| 511 | + !var->blue.msb_right && !var->transp.msb_right) { | ||
| 512 | + drm_fb_helper_fill_pixel_fmt(var, fb->format->depth); | ||
| 513 | + } | ||
| 514 | + | ||
| 515 | /* | ||
| 516 | * drm fbdev emulation doesn't support changing the pixel format at all, | ||
| 517 | * so reject all pixel format changing requests. | ||
| 518 | @@ -1942,59 +2033,7 @@ void drm_fb_helper_fill_var(struct fb_info *info, struct drm_fb_helper *fb_helpe | ||
| 519 | info->var.yoffset = 0; | ||
| 520 | info->var.activate = FB_ACTIVATE_NOW; | ||
| 521 | |||
| 522 | - switch (fb->format->depth) { | ||
| 523 | - case 8: | ||
| 524 | - info->var.red.offset = 0; | ||
| 525 | - info->var.green.offset = 0; | ||
| 526 | - info->var.blue.offset = 0; | ||
| 527 | - info->var.red.length = 8; /* 8bit DAC */ | ||
| 528 | - info->var.green.length = 8; | ||
| 529 | - info->var.blue.length = 8; | ||
| 530 | - info->var.transp.offset = 0; | ||
| 531 | - info->var.transp.length = 0; | ||
| 532 | - break; | ||
| 533 | - case 15: | ||
| 534 | - info->var.red.offset = 10; | ||
| 535 | - info->var.green.offset = 5; | ||
| 536 | - info->var.blue.offset = 0; | ||
| 537 | - info->var.red.length = 5; | ||
| 538 | - info->var.green.length = 5; | ||
| 539 | - info->var.blue.length = 5; | ||
| 540 | - info->var.transp.offset = 15; | ||
| 541 | - info->var.transp.length = 1; | ||
| 542 | - break; | ||
| 543 | - case 16: | ||
| 544 | - info->var.red.offset = 11; | ||
| 545 | - info->var.green.offset = 5; | ||
| 546 | - info->var.blue.offset = 0; | ||
| 547 | - info->var.red.length = 5; | ||
| 548 | - info->var.green.length = 6; | ||
| 549 | - info->var.blue.length = 5; | ||
| 550 | - info->var.transp.offset = 0; | ||
| 551 | - break; | ||
| 552 | - case 24: | ||
| 553 | - info->var.red.offset = 16; | ||
| 554 | - info->var.green.offset = 8; | ||
| 555 | - info->var.blue.offset = 0; | ||
| 556 | - info->var.red.length = 8; | ||
| 557 | - info->var.green.length = 8; | ||
| 558 | - info->var.blue.length = 8; | ||
| 559 | - info->var.transp.offset = 0; | ||
| 560 | - info->var.transp.length = 0; | ||
| 561 | - break; | ||
| 562 | - case 32: | ||
| 563 | - info->var.red.offset = 16; | ||
| 564 | - info->var.green.offset = 8; | ||
| 565 | - info->var.blue.offset = 0; | ||
| 566 | - info->var.red.length = 8; | ||
| 567 | - info->var.green.length = 8; | ||
| 568 | - info->var.blue.length = 8; | ||
| 569 | - info->var.transp.offset = 24; | ||
| 570 | - info->var.transp.length = 8; | ||
| 571 | - break; | ||
| 572 | - default: | ||
| 573 | - break; | ||
| 574 | - } | ||
| 575 | + drm_fb_helper_fill_pixel_fmt(&info->var, fb->format->depth); | ||
| 576 | |||
| 577 | info->var.xres = fb_width; | ||
| 578 | info->var.yres = fb_height; | ||
| 579 | @@ -3041,6 +3080,12 @@ int drm_fb_helper_generic_probe(struct drm_fb_helper *fb_helper, | ||
| 580 | fbi->screen_size = fb->height * fb->pitches[0]; | ||
| 581 | fbi->fix.smem_len = fbi->screen_size; | ||
| 582 | fbi->screen_buffer = buffer->vaddr; | ||
| 583 | + /* Shamelessly leak the physical address to user-space */ | ||
| 584 | +#if IS_ENABLED(CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM) | ||
| 585 | + if (drm_leak_fbdev_smem && fbi->fix.smem_start == 0) | ||
| 586 | + fbi->fix.smem_start = | ||
| 587 | + page_to_phys(virt_to_page(fbi->screen_buffer)); | ||
| 588 | +#endif | ||
| 589 | strcpy(fbi->fix.id, "DRM emulated"); | ||
| 590 | |||
| 591 | drm_fb_helper_fill_fix(fbi, fb->pitches[0], fb->format->depth); | ||
| 592 | diff --git a/drivers/gpu/drm/i915/i915_gem_gtt.c b/drivers/gpu/drm/i915/i915_gem_gtt.c | ||
| 593 | index 5f57f4e1fbc8..87411a5aba77 100644 | ||
| 594 | --- a/drivers/gpu/drm/i915/i915_gem_gtt.c | ||
| 595 | +++ b/drivers/gpu/drm/i915/i915_gem_gtt.c | ||
| 596 | @@ -2128,6 +2128,7 @@ static struct i915_vma *pd_vma_create(struct gen6_hw_ppgtt *ppgtt, int size) | ||
| 597 | int gen6_ppgtt_pin(struct i915_hw_ppgtt *base) | ||
| 598 | { | ||
| 599 | struct gen6_hw_ppgtt *ppgtt = to_gen6_ppgtt(base); | ||
| 600 | + int err; | ||
| 601 | |||
| 602 | /* | ||
| 603 | * Workaround the limited maximum vma->pin_count and the aliasing_ppgtt | ||
| 604 | @@ -2143,9 +2144,17 @@ int gen6_ppgtt_pin(struct i915_hw_ppgtt *base) | ||
| 605 | * allocator works in address space sizes, so it's multiplied by page | ||
| 606 | * size. We allocate at the top of the GTT to avoid fragmentation. | ||
| 607 | */ | ||
| 608 | - return i915_vma_pin(ppgtt->vma, | ||
| 609 | - 0, GEN6_PD_ALIGN, | ||
| 610 | - PIN_GLOBAL | PIN_HIGH); | ||
| 611 | + err = i915_vma_pin(ppgtt->vma, | ||
| 612 | + 0, GEN6_PD_ALIGN, | ||
| 613 | + PIN_GLOBAL | PIN_HIGH); | ||
| 614 | + if (err) | ||
| 615 | + goto unpin; | ||
| 616 | + | ||
| 617 | + return 0; | ||
| 618 | + | ||
| 619 | +unpin: | ||
| 620 | + ppgtt->pin_count = 0; | ||
| 621 | + return err; | ||
| 622 | } | ||
| 623 | |||
| 624 | void gen6_ppgtt_unpin(struct i915_hw_ppgtt *base) | ||
| 625 | diff --git a/drivers/i2c/i2c-dev.c b/drivers/i2c/i2c-dev.c | ||
| 626 | index 1aca742fde4a..ccd76c71af09 100644 | ||
| 627 | --- a/drivers/i2c/i2c-dev.c | ||
| 628 | +++ b/drivers/i2c/i2c-dev.c | ||
| 629 | @@ -470,9 +470,15 @@ static long i2cdev_ioctl(struct file *file, unsigned int cmd, unsigned long arg) | ||
| 630 | data_arg.data); | ||
| 631 | } | ||
| 632 | case I2C_RETRIES: | ||
| 633 | + if (arg > INT_MAX) | ||
| 634 | + return -EINVAL; | ||
| 635 | + | ||
| 636 | client->adapter->retries = arg; | ||
| 637 | break; | ||
| 638 | case I2C_TIMEOUT: | ||
| 639 | + if (arg > INT_MAX) | ||
| 640 | + return -EINVAL; | ||
| 641 | + | ||
| 642 | /* For historical reasons, user-space sets the timeout | ||
| 643 | * value in units of 10 ms. | ||
| 644 | */ | ||
| 645 | diff --git a/drivers/mtd/nand/raw/qcom_nandc.c b/drivers/mtd/nand/raw/qcom_nandc.c | ||
| 646 | index 8815f3e2b718..880e75f63a19 100644 | ||
| 647 | --- a/drivers/mtd/nand/raw/qcom_nandc.c | ||
| 648 | +++ b/drivers/mtd/nand/raw/qcom_nandc.c | ||
| 649 | @@ -2839,6 +2839,16 @@ static int qcom_nand_host_init_and_register(struct qcom_nand_controller *nandc, | ||
| 650 | if (ret) | ||
| 651 | return ret; | ||
| 652 | |||
| 653 | + if (nandc->props->is_bam) { | ||
| 654 | + free_bam_transaction(nandc); | ||
| 655 | + nandc->bam_txn = alloc_bam_transaction(nandc); | ||
| 656 | + if (!nandc->bam_txn) { | ||
| 657 | + dev_err(nandc->dev, | ||
| 658 | + "failed to allocate bam transaction\n"); | ||
| 659 | + return -ENOMEM; | ||
| 660 | + } | ||
| 661 | + } | ||
| 662 | + | ||
| 663 | ret = mtd_device_register(mtd, NULL, 0); | ||
| 664 | if (ret) | ||
| 665 | nand_cleanup(chip); | ||
| 666 | @@ -2853,16 +2863,6 @@ static int qcom_probe_nand_devices(struct qcom_nand_controller *nandc) | ||
| 667 | struct qcom_nand_host *host; | ||
| 668 | int ret; | ||
| 669 | |||
| 670 | - if (nandc->props->is_bam) { | ||
| 671 | - free_bam_transaction(nandc); | ||
| 672 | - nandc->bam_txn = alloc_bam_transaction(nandc); | ||
| 673 | - if (!nandc->bam_txn) { | ||
| 674 | - dev_err(nandc->dev, | ||
| 675 | - "failed to allocate bam transaction\n"); | ||
| 676 | - return -ENOMEM; | ||
| 677 | - } | ||
| 678 | - } | ||
| 679 | - | ||
| 680 | for_each_available_child_of_node(dn, child) { | ||
| 681 | host = devm_kzalloc(dev, sizeof(*host), GFP_KERNEL); | ||
| 682 | if (!host) { | ||
| 683 | diff --git a/drivers/pci/controller/dwc/pcie-designware-host.c b/drivers/pci/controller/dwc/pcie-designware-host.c | ||
| 684 | index 29a05759a294..0fa9e8fdce66 100644 | ||
| 685 | --- a/drivers/pci/controller/dwc/pcie-designware-host.c | ||
| 686 | +++ b/drivers/pci/controller/dwc/pcie-designware-host.c | ||
| 687 | @@ -99,9 +99,6 @@ irqreturn_t dw_handle_msi_irq(struct pcie_port *pp) | ||
| 688 | (i * MAX_MSI_IRQS_PER_CTRL) + | ||
| 689 | pos); | ||
| 690 | generic_handle_irq(irq); | ||
| 691 | - dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_STATUS + | ||
| 692 | - (i * MSI_REG_CTRL_BLOCK_SIZE), | ||
| 693 | - 4, 1 << pos); | ||
| 694 | pos++; | ||
| 695 | } | ||
| 696 | } | ||
| 697 | @@ -168,8 +165,8 @@ static void dw_pci_bottom_mask(struct irq_data *data) | ||
| 698 | bit = data->hwirq % MAX_MSI_IRQS_PER_CTRL; | ||
| 699 | |||
| 700 | pp->irq_status[ctrl] &= ~(1 << bit); | ||
| 701 | - dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_ENABLE + res, 4, | ||
| 702 | - pp->irq_status[ctrl]); | ||
| 703 | + dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_MASK + res, 4, | ||
| 704 | + ~pp->irq_status[ctrl]); | ||
| 705 | } | ||
| 706 | |||
| 707 | raw_spin_unlock_irqrestore(&pp->lock, flags); | ||
| 708 | @@ -191,8 +188,8 @@ static void dw_pci_bottom_unmask(struct irq_data *data) | ||
| 709 | bit = data->hwirq % MAX_MSI_IRQS_PER_CTRL; | ||
| 710 | |||
| 711 | pp->irq_status[ctrl] |= 1 << bit; | ||
| 712 | - dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_ENABLE + res, 4, | ||
| 713 | - pp->irq_status[ctrl]); | ||
| 714 | + dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_MASK + res, 4, | ||
| 715 | + ~pp->irq_status[ctrl]); | ||
| 716 | } | ||
| 717 | |||
| 718 | raw_spin_unlock_irqrestore(&pp->lock, flags); | ||
| 719 | @@ -200,13 +197,22 @@ static void dw_pci_bottom_unmask(struct irq_data *data) | ||
| 720 | |||
| 721 | static void dw_pci_bottom_ack(struct irq_data *d) | ||
| 722 | { | ||
| 723 | - struct msi_desc *msi = irq_data_get_msi_desc(d); | ||
| 724 | - struct pcie_port *pp; | ||
| 725 | + struct pcie_port *pp = irq_data_get_irq_chip_data(d); | ||
| 726 | + unsigned int res, bit, ctrl; | ||
| 727 | + unsigned long flags; | ||
| 728 | + | ||
| 729 | + ctrl = d->hwirq / MAX_MSI_IRQS_PER_CTRL; | ||
| 730 | + res = ctrl * MSI_REG_CTRL_BLOCK_SIZE; | ||
| 731 | + bit = d->hwirq % MAX_MSI_IRQS_PER_CTRL; | ||
| 732 | + | ||
| 733 | + raw_spin_lock_irqsave(&pp->lock, flags); | ||
| 734 | |||
| 735 | - pp = msi_desc_to_pci_sysdata(msi); | ||
| 736 | + dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_STATUS + res, 4, 1 << bit); | ||
| 737 | |||
| 738 | if (pp->ops->msi_irq_ack) | ||
| 739 | pp->ops->msi_irq_ack(d->hwirq, pp); | ||
| 740 | + | ||
| 741 | + raw_spin_unlock_irqrestore(&pp->lock, flags); | ||
| 742 | } | ||
| 743 | |||
| 744 | static struct irq_chip dw_pci_msi_bottom_irq_chip = { | ||
| 745 | @@ -658,10 +664,15 @@ void dw_pcie_setup_rc(struct pcie_port *pp) | ||
| 746 | num_ctrls = pp->num_vectors / MAX_MSI_IRQS_PER_CTRL; | ||
| 747 | |||
| 748 | /* Initialize IRQ Status array */ | ||
| 749 | - for (ctrl = 0; ctrl < num_ctrls; ctrl++) | ||
| 750 | - dw_pcie_rd_own_conf(pp, PCIE_MSI_INTR0_ENABLE + | ||
| 751 | + for (ctrl = 0; ctrl < num_ctrls; ctrl++) { | ||
| 752 | + dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_MASK + | ||
| 753 | (ctrl * MSI_REG_CTRL_BLOCK_SIZE), | ||
| 754 | - 4, &pp->irq_status[ctrl]); | ||
| 755 | + 4, ~0); | ||
| 756 | + dw_pcie_wr_own_conf(pp, PCIE_MSI_INTR0_ENABLE + | ||
| 757 | + (ctrl * MSI_REG_CTRL_BLOCK_SIZE), | ||
| 758 | + 4, ~0); | ||
| 759 | + pp->irq_status[ctrl] = 0; | ||
| 760 | + } | ||
| 761 | |||
| 762 | /* Setup RC BARs */ | ||
| 763 | dw_pcie_writel_dbi(pci, PCI_BASE_ADDRESS_0, 0x00000004); | ||
| 764 | diff --git a/drivers/staging/rtl8188eu/core/rtw_security.c b/drivers/staging/rtl8188eu/core/rtw_security.c | ||
| 765 | index 2a48b09ea9ae..470ea2c0c433 100644 | ||
| 766 | --- a/drivers/staging/rtl8188eu/core/rtw_security.c | ||
| 767 | +++ b/drivers/staging/rtl8188eu/core/rtw_security.c | ||
| 768 | @@ -154,7 +154,7 @@ void rtw_wep_encrypt(struct adapter *padapter, u8 *pxmitframe) | ||
| 769 | |||
| 770 | pframe = ((struct xmit_frame *)pxmitframe)->buf_addr + hw_hdr_offset; | ||
| 771 | |||
| 772 | - crypto_ops = try_then_request_module(lib80211_get_crypto_ops("WEP"), "lib80211_crypt_wep"); | ||
| 773 | + crypto_ops = lib80211_get_crypto_ops("WEP"); | ||
| 774 | |||
| 775 | if (!crypto_ops) | ||
| 776 | return; | ||
| 777 | @@ -210,7 +210,7 @@ int rtw_wep_decrypt(struct adapter *padapter, u8 *precvframe) | ||
| 778 | void *crypto_private = NULL; | ||
| 779 | int status = _SUCCESS; | ||
| 780 | const int keyindex = prxattrib->key_index; | ||
| 781 | - struct lib80211_crypto_ops *crypto_ops = try_then_request_module(lib80211_get_crypto_ops("WEP"), "lib80211_crypt_wep"); | ||
| 782 | + struct lib80211_crypto_ops *crypto_ops = lib80211_get_crypto_ops("WEP"); | ||
| 783 | char iv[4], icv[4]; | ||
| 784 | |||
| 785 | if (!crypto_ops) { | ||
| 786 | @@ -1292,7 +1292,7 @@ u32 rtw_aes_decrypt(struct adapter *padapter, u8 *precvframe) | ||
| 787 | struct sk_buff *skb = ((struct recv_frame *)precvframe)->pkt; | ||
| 788 | void *crypto_private = NULL; | ||
| 789 | u8 *key, *pframe = skb->data; | ||
| 790 | - struct lib80211_crypto_ops *crypto_ops = try_then_request_module(lib80211_get_crypto_ops("CCMP"), "lib80211_crypt_ccmp"); | ||
| 791 | + struct lib80211_crypto_ops *crypto_ops = lib80211_get_crypto_ops("CCMP"); | ||
| 792 | struct security_priv *psecuritypriv = &padapter->securitypriv; | ||
| 793 | char iv[8], icv[8]; | ||
| 794 | |||
| 795 | diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c | ||
| 796 | index 2886b7b477c7..08b8aa5299b5 100644 | ||
| 797 | --- a/drivers/usb/class/cdc-acm.c | ||
| 798 | +++ b/drivers/usb/class/cdc-acm.c | ||
| 799 | @@ -1880,6 +1880,13 @@ static const struct usb_device_id acm_ids[] = { | ||
| 800 | .driver_info = IGNORE_DEVICE, | ||
| 801 | }, | ||
| 802 | |||
| 803 | + { USB_DEVICE(0x1bc7, 0x0021), /* Telit 3G ACM only composition */ | ||
| 804 | + .driver_info = SEND_ZERO_PACKET, | ||
| 805 | + }, | ||
| 806 | + { USB_DEVICE(0x1bc7, 0x0023), /* Telit 3G ACM + ECM composition */ | ||
| 807 | + .driver_info = SEND_ZERO_PACKET, | ||
| 808 | + }, | ||
| 809 | + | ||
| 810 | /* control interfaces without any protocol set */ | ||
| 811 | { USB_INTERFACE_INFO(USB_CLASS_COMM, USB_CDC_SUBCLASS_ACM, | ||
| 812 | USB_CDC_PROTO_NONE) }, | ||
| 813 | diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c | ||
| 814 | index 514c5214ddb2..8bc35d53408b 100644 | ||
| 815 | --- a/drivers/usb/core/quirks.c | ||
| 816 | +++ b/drivers/usb/core/quirks.c | ||
| 817 | @@ -394,7 +394,8 @@ static const struct usb_device_id usb_quirk_list[] = { | ||
| 818 | { USB_DEVICE(0x1a40, 0x0101), .driver_info = USB_QUIRK_HUB_SLOW_RESET }, | ||
| 819 | |||
| 820 | /* Corsair K70 RGB */ | ||
| 821 | - { USB_DEVICE(0x1b1c, 0x1b13), .driver_info = USB_QUIRK_DELAY_INIT }, | ||
| 822 | + { USB_DEVICE(0x1b1c, 0x1b13), .driver_info = USB_QUIRK_DELAY_INIT | | ||
| 823 | + USB_QUIRK_DELAY_CTRL_MSG }, | ||
| 824 | |||
| 825 | /* Corsair Strafe */ | ||
| 826 | { USB_DEVICE(0x1b1c, 0x1b15), .driver_info = USB_QUIRK_DELAY_INIT | | ||
| 827 | diff --git a/drivers/usb/storage/scsiglue.c b/drivers/usb/storage/scsiglue.c | ||
| 828 | index e227bb5b794f..101ebac43c87 100644 | ||
| 829 | --- a/drivers/usb/storage/scsiglue.c | ||
| 830 | +++ b/drivers/usb/storage/scsiglue.c | ||
| 831 | @@ -235,8 +235,12 @@ static int slave_configure(struct scsi_device *sdev) | ||
| 832 | if (!(us->fflags & US_FL_NEEDS_CAP16)) | ||
| 833 | sdev->try_rc_10_first = 1; | ||
| 834 | |||
| 835 | - /* assume SPC3 or latter devices support sense size > 18 */ | ||
| 836 | - if (sdev->scsi_level > SCSI_SPC_2) | ||
| 837 | + /* | ||
| 838 | + * assume SPC3 or latter devices support sense size > 18 | ||
| 839 | + * unless US_FL_BAD_SENSE quirk is specified. | ||
| 840 | + */ | ||
| 841 | + if (sdev->scsi_level > SCSI_SPC_2 && | ||
| 842 | + !(us->fflags & US_FL_BAD_SENSE)) | ||
| 843 | us->fflags |= US_FL_SANE_SENSE; | ||
| 844 | |||
| 845 | /* | ||
| 846 | diff --git a/drivers/usb/storage/unusual_devs.h b/drivers/usb/storage/unusual_devs.h | ||
| 847 | index f7f83b21dc74..ea0d27a94afe 100644 | ||
| 848 | --- a/drivers/usb/storage/unusual_devs.h | ||
| 849 | +++ b/drivers/usb/storage/unusual_devs.h | ||
| 850 | @@ -1265,6 +1265,18 @@ UNUSUAL_DEV( 0x090c, 0x1132, 0x0000, 0xffff, | ||
| 851 | USB_SC_DEVICE, USB_PR_DEVICE, NULL, | ||
| 852 | US_FL_FIX_CAPACITY ), | ||
| 853 | |||
| 854 | +/* | ||
| 855 | + * Reported by Icenowy Zheng <icenowy@aosc.io> | ||
| 856 | + * The SMI SM3350 USB-UFS bridge controller will enter a wrong state | ||
| 857 | + * that do not process read/write command if a long sense is requested, | ||
| 858 | + * so force to use 18-byte sense. | ||
| 859 | + */ | ||
| 860 | +UNUSUAL_DEV( 0x090c, 0x3350, 0x0000, 0xffff, | ||
| 861 | + "SMI", | ||
| 862 | + "SM3350 UFS-to-USB-Mass-Storage bridge", | ||
| 863 | + USB_SC_DEVICE, USB_PR_DEVICE, NULL, | ||
| 864 | + US_FL_BAD_SENSE ), | ||
| 865 | + | ||
| 866 | /* | ||
| 867 | * Reported by Paul Hartman <paul.hartman+linux@gmail.com> | ||
| 868 | * This card reader returns "Illegal Request, Logical Block Address | ||
| 869 | diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c | ||
| 870 | index d9fd3188615d..64cbc2d007c9 100644 | ||
| 871 | --- a/drivers/vfio/vfio_iommu_type1.c | ||
| 872 | +++ b/drivers/vfio/vfio_iommu_type1.c | ||
| 873 | @@ -878,7 +878,7 @@ static int vfio_dma_do_unmap(struct vfio_iommu *iommu, | ||
| 874 | return -EINVAL; | ||
| 875 | if (!unmap->size || unmap->size & mask) | ||
| 876 | return -EINVAL; | ||
| 877 | - if (unmap->iova + unmap->size < unmap->iova || | ||
| 878 | + if (unmap->iova + unmap->size - 1 < unmap->iova || | ||
| 879 | unmap->size > SIZE_MAX) | ||
| 880 | return -EINVAL; | ||
| 881 | |||
| 882 | diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c | ||
| 883 | index fa18520529f3..7ad6f2eec711 100644 | ||
| 884 | --- a/fs/btrfs/ctree.c | ||
| 885 | +++ b/fs/btrfs/ctree.c | ||
| 886 | @@ -1051,19 +1051,21 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, | ||
| 887 | parent_start = parent->start; | ||
| 888 | |||
| 889 | /* | ||
| 890 | - * If we are COWing a node/leaf from the extent, chunk or device trees, | ||
| 891 | - * make sure that we do not finish block group creation of pending block | ||
| 892 | - * groups. We do this to avoid a deadlock. | ||
| 893 | + * If we are COWing a node/leaf from the extent, chunk, device or free | ||
| 894 | + * space trees, make sure that we do not finish block group creation of | ||
| 895 | + * pending block groups. We do this to avoid a deadlock. | ||
| 896 | * COWing can result in allocation of a new chunk, and flushing pending | ||
| 897 | * block groups (btrfs_create_pending_block_groups()) can be triggered | ||
| 898 | * when finishing allocation of a new chunk. Creation of a pending block | ||
| 899 | - * group modifies the extent, chunk and device trees, therefore we could | ||
| 900 | - * deadlock with ourselves since we are holding a lock on an extent | ||
| 901 | - * buffer that btrfs_create_pending_block_groups() may try to COW later. | ||
| 902 | + * group modifies the extent, chunk, device and free space trees, | ||
| 903 | + * therefore we could deadlock with ourselves since we are holding a | ||
| 904 | + * lock on an extent buffer that btrfs_create_pending_block_groups() may | ||
| 905 | + * try to COW later. | ||
| 906 | */ | ||
| 907 | if (root == fs_info->extent_root || | ||
| 908 | root == fs_info->chunk_root || | ||
| 909 | - root == fs_info->dev_root) | ||
| 910 | + root == fs_info->dev_root || | ||
| 911 | + root == fs_info->free_space_root) | ||
| 912 | trans->can_flush_pending_bgs = false; | ||
| 913 | |||
| 914 | cow = btrfs_alloc_tree_block(trans, root, parent_start, | ||
| 915 | diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c | ||
| 916 | index ff434663d65b..e1fcb28ad4cc 100644 | ||
| 917 | --- a/fs/btrfs/qgroup.c | ||
| 918 | +++ b/fs/btrfs/qgroup.c | ||
| 919 | @@ -1013,16 +1013,22 @@ out_add_root: | ||
| 920 | btrfs_abort_transaction(trans, ret); | ||
| 921 | goto out_free_path; | ||
| 922 | } | ||
| 923 | - spin_lock(&fs_info->qgroup_lock); | ||
| 924 | - fs_info->quota_root = quota_root; | ||
| 925 | - set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags); | ||
| 926 | - spin_unlock(&fs_info->qgroup_lock); | ||
| 927 | |||
| 928 | ret = btrfs_commit_transaction(trans); | ||
| 929 | trans = NULL; | ||
| 930 | if (ret) | ||
| 931 | goto out_free_path; | ||
| 932 | |||
| 933 | + /* | ||
| 934 | + * Set quota enabled flag after committing the transaction, to avoid | ||
| 935 | + * deadlocks on fs_info->qgroup_ioctl_lock with concurrent snapshot | ||
| 936 | + * creation. | ||
| 937 | + */ | ||
| 938 | + spin_lock(&fs_info->qgroup_lock); | ||
| 939 | + fs_info->quota_root = quota_root; | ||
| 940 | + set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags); | ||
| 941 | + spin_unlock(&fs_info->qgroup_lock); | ||
| 942 | + | ||
| 943 | ret = qgroup_rescan_init(fs_info, 0, 1); | ||
| 944 | if (!ret) { | ||
| 945 | qgroup_rescan_zero_tracking(fs_info); | ||
| 946 | diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c | ||
| 947 | index f4405e430da6..223334f08530 100644 | ||
| 948 | --- a/fs/btrfs/volumes.c | ||
| 949 | +++ b/fs/btrfs/volumes.c | ||
| 950 | @@ -3712,6 +3712,7 @@ int btrfs_balance(struct btrfs_fs_info *fs_info, | ||
| 951 | int ret; | ||
| 952 | u64 num_devices; | ||
| 953 | unsigned seq; | ||
| 954 | + bool reducing_integrity; | ||
| 955 | |||
| 956 | if (btrfs_fs_closing(fs_info) || | ||
| 957 | atomic_read(&fs_info->balance_pause_req) || | ||
| 958 | @@ -3796,24 +3797,30 @@ int btrfs_balance(struct btrfs_fs_info *fs_info, | ||
| 959 | !(bctl->sys.target & allowed)) || | ||
| 960 | ((bctl->meta.flags & BTRFS_BALANCE_ARGS_CONVERT) && | ||
| 961 | (fs_info->avail_metadata_alloc_bits & allowed) && | ||
| 962 | - !(bctl->meta.target & allowed))) { | ||
| 963 | - if (bctl->flags & BTRFS_BALANCE_FORCE) { | ||
| 964 | - btrfs_info(fs_info, | ||
| 965 | - "balance: force reducing metadata integrity"); | ||
| 966 | - } else { | ||
| 967 | - btrfs_err(fs_info, | ||
| 968 | - "balance: reduces metadata integrity, use --force if you want this"); | ||
| 969 | - ret = -EINVAL; | ||
| 970 | - goto out; | ||
| 971 | - } | ||
| 972 | - } | ||
| 973 | + !(bctl->meta.target & allowed))) | ||
| 974 | + reducing_integrity = true; | ||
| 975 | + else | ||
| 976 | + reducing_integrity = false; | ||
| 977 | + | ||
| 978 | + /* if we're not converting, the target field is uninitialized */ | ||
| 979 | + meta_target = (bctl->meta.flags & BTRFS_BALANCE_ARGS_CONVERT) ? | ||
| 980 | + bctl->meta.target : fs_info->avail_metadata_alloc_bits; | ||
| 981 | + data_target = (bctl->data.flags & BTRFS_BALANCE_ARGS_CONVERT) ? | ||
| 982 | + bctl->data.target : fs_info->avail_data_alloc_bits; | ||
| 983 | } while (read_seqretry(&fs_info->profiles_lock, seq)); | ||
| 984 | |||
| 985 | - /* if we're not converting, the target field is uninitialized */ | ||
| 986 | - meta_target = (bctl->meta.flags & BTRFS_BALANCE_ARGS_CONVERT) ? | ||
| 987 | - bctl->meta.target : fs_info->avail_metadata_alloc_bits; | ||
| 988 | - data_target = (bctl->data.flags & BTRFS_BALANCE_ARGS_CONVERT) ? | ||
| 989 | - bctl->data.target : fs_info->avail_data_alloc_bits; | ||
| 990 | + if (reducing_integrity) { | ||
| 991 | + if (bctl->flags & BTRFS_BALANCE_FORCE) { | ||
| 992 | + btrfs_info(fs_info, | ||
| 993 | + "balance: force reducing metadata integrity"); | ||
| 994 | + } else { | ||
| 995 | + btrfs_err(fs_info, | ||
| 996 | + "balance: reduces metadata integrity, use --force if you want this"); | ||
| 997 | + ret = -EINVAL; | ||
| 998 | + goto out; | ||
| 999 | + } | ||
| 1000 | + } | ||
| 1001 | + | ||
| 1002 | if (btrfs_get_num_tolerated_disk_barrier_failures(meta_target) < | ||
| 1003 | btrfs_get_num_tolerated_disk_barrier_failures(data_target)) { | ||
| 1004 | int meta_index = btrfs_bg_flags_to_raid_index(meta_target); | ||
| 1005 | diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c | ||
| 1006 | index ea78c3d6dcfc..f141b45ce349 100644 | ||
| 1007 | --- a/fs/btrfs/xattr.c | ||
| 1008 | +++ b/fs/btrfs/xattr.c | ||
| 1009 | @@ -11,6 +11,7 @@ | ||
| 1010 | #include <linux/security.h> | ||
| 1011 | #include <linux/posix_acl_xattr.h> | ||
| 1012 | #include <linux/iversion.h> | ||
| 1013 | +#include <linux/sched/mm.h> | ||
| 1014 | #include "ctree.h" | ||
| 1015 | #include "btrfs_inode.h" | ||
| 1016 | #include "transaction.h" | ||
| 1017 | @@ -422,9 +423,15 @@ static int btrfs_initxattrs(struct inode *inode, | ||
| 1018 | { | ||
| 1019 | const struct xattr *xattr; | ||
| 1020 | struct btrfs_trans_handle *trans = fs_info; | ||
| 1021 | + unsigned int nofs_flag; | ||
| 1022 | char *name; | ||
| 1023 | int err = 0; | ||
| 1024 | |||
| 1025 | + /* | ||
| 1026 | + * We're holding a transaction handle, so use a NOFS memory allocation | ||
| 1027 | + * context to avoid deadlock if reclaim happens. | ||
| 1028 | + */ | ||
| 1029 | + nofs_flag = memalloc_nofs_save(); | ||
| 1030 | for (xattr = xattr_array; xattr->name != NULL; xattr++) { | ||
| 1031 | name = kmalloc(XATTR_SECURITY_PREFIX_LEN + | ||
| 1032 | strlen(xattr->name) + 1, GFP_KERNEL); | ||
| 1033 | @@ -440,6 +447,7 @@ static int btrfs_initxattrs(struct inode *inode, | ||
| 1034 | if (err < 0) | ||
| 1035 | break; | ||
| 1036 | } | ||
| 1037 | + memalloc_nofs_restore(nofs_flag); | ||
| 1038 | return err; | ||
| 1039 | } | ||
| 1040 | |||
| 1041 | diff --git a/fs/cifs/file.c b/fs/cifs/file.c | ||
| 1042 | index 8d41ca7bfcf1..7b637fc27990 100644 | ||
| 1043 | --- a/fs/cifs/file.c | ||
| 1044 | +++ b/fs/cifs/file.c | ||
| 1045 | @@ -1120,10 +1120,10 @@ cifs_push_mandatory_locks(struct cifsFileInfo *cfile) | ||
| 1046 | |||
| 1047 | /* | ||
| 1048 | * Accessing maxBuf is racy with cifs_reconnect - need to store value | ||
| 1049 | - * and check it for zero before using. | ||
| 1050 | + * and check it before using. | ||
| 1051 | */ | ||
| 1052 | max_buf = tcon->ses->server->maxBuf; | ||
| 1053 | - if (!max_buf) { | ||
| 1054 | + if (max_buf < (sizeof(struct smb_hdr) + sizeof(LOCKING_ANDX_RANGE))) { | ||
| 1055 | free_xid(xid); | ||
| 1056 | return -EINVAL; | ||
| 1057 | } | ||
| 1058 | @@ -1460,10 +1460,10 @@ cifs_unlock_range(struct cifsFileInfo *cfile, struct file_lock *flock, | ||
| 1059 | |||
| 1060 | /* | ||
| 1061 | * Accessing maxBuf is racy with cifs_reconnect - need to store value | ||
| 1062 | - * and check it for zero before using. | ||
| 1063 | + * and check it before using. | ||
| 1064 | */ | ||
| 1065 | max_buf = tcon->ses->server->maxBuf; | ||
| 1066 | - if (!max_buf) | ||
| 1067 | + if (max_buf < (sizeof(struct smb_hdr) + sizeof(LOCKING_ANDX_RANGE))) | ||
| 1068 | return -EINVAL; | ||
| 1069 | |||
| 1070 | max_num = (max_buf - sizeof(struct smb_hdr)) / | ||
| 1071 | diff --git a/fs/cifs/smb2file.c b/fs/cifs/smb2file.c | ||
| 1072 | index 4ed10dd086e6..2fc3d31967ee 100644 | ||
| 1073 | --- a/fs/cifs/smb2file.c | ||
| 1074 | +++ b/fs/cifs/smb2file.c | ||
| 1075 | @@ -122,10 +122,10 @@ smb2_unlock_range(struct cifsFileInfo *cfile, struct file_lock *flock, | ||
| 1076 | |||
| 1077 | /* | ||
| 1078 | * Accessing maxBuf is racy with cifs_reconnect - need to store value | ||
| 1079 | - * and check it for zero before using. | ||
| 1080 | + * and check it before using. | ||
| 1081 | */ | ||
| 1082 | max_buf = tcon->ses->server->maxBuf; | ||
| 1083 | - if (!max_buf) | ||
| 1084 | + if (max_buf < sizeof(struct smb2_lock_element)) | ||
| 1085 | return -EINVAL; | ||
| 1086 | |||
| 1087 | max_num = max_buf / sizeof(struct smb2_lock_element); | ||
| 1088 | diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c | ||
| 1089 | index f54d07bda067..dba986524917 100644 | ||
| 1090 | --- a/fs/cifs/smb2pdu.c | ||
| 1091 | +++ b/fs/cifs/smb2pdu.c | ||
| 1092 | @@ -3185,12 +3185,14 @@ smb2_async_readv(struct cifs_readdata *rdata) | ||
| 1093 | if (rdata->credits) { | ||
| 1094 | shdr->CreditCharge = cpu_to_le16(DIV_ROUND_UP(rdata->bytes, | ||
| 1095 | SMB2_MAX_BUFFER_SIZE)); | ||
| 1096 | - shdr->CreditRequest = shdr->CreditCharge; | ||
| 1097 | + shdr->CreditRequest = | ||
| 1098 | + cpu_to_le16(le16_to_cpu(shdr->CreditCharge) + 1); | ||
| 1099 | spin_lock(&server->req_lock); | ||
| 1100 | server->credits += rdata->credits - | ||
| 1101 | le16_to_cpu(shdr->CreditCharge); | ||
| 1102 | spin_unlock(&server->req_lock); | ||
| 1103 | wake_up(&server->request_q); | ||
| 1104 | + rdata->credits = le16_to_cpu(shdr->CreditCharge); | ||
| 1105 | flags |= CIFS_HAS_CREDITS; | ||
| 1106 | } | ||
| 1107 | |||
| 1108 | @@ -3462,12 +3464,14 @@ smb2_async_writev(struct cifs_writedata *wdata, | ||
| 1109 | if (wdata->credits) { | ||
| 1110 | shdr->CreditCharge = cpu_to_le16(DIV_ROUND_UP(wdata->bytes, | ||
| 1111 | SMB2_MAX_BUFFER_SIZE)); | ||
| 1112 | - shdr->CreditRequest = shdr->CreditCharge; | ||
| 1113 | + shdr->CreditRequest = | ||
| 1114 | + cpu_to_le16(le16_to_cpu(shdr->CreditCharge) + 1); | ||
| 1115 | spin_lock(&server->req_lock); | ||
| 1116 | server->credits += wdata->credits - | ||
| 1117 | le16_to_cpu(shdr->CreditCharge); | ||
| 1118 | spin_unlock(&server->req_lock); | ||
| 1119 | wake_up(&server->request_q); | ||
| 1120 | + wdata->credits = le16_to_cpu(shdr->CreditCharge); | ||
| 1121 | flags |= CIFS_HAS_CREDITS; | ||
| 1122 | } | ||
| 1123 | |||
| 1124 | diff --git a/fs/cifs/transport.c b/fs/cifs/transport.c | ||
| 1125 | index 333729cf46cd..66348b3d28e6 100644 | ||
| 1126 | --- a/fs/cifs/transport.c | ||
| 1127 | +++ b/fs/cifs/transport.c | ||
| 1128 | @@ -378,7 +378,7 @@ smbd_done: | ||
| 1129 | if (rc < 0 && rc != -EINTR) | ||
| 1130 | cifs_dbg(VFS, "Error %d sending data on socket to server\n", | ||
| 1131 | rc); | ||
| 1132 | - else | ||
| 1133 | + else if (rc > 0) | ||
| 1134 | rc = 0; | ||
| 1135 | |||
| 1136 | return rc; | ||
| 1137 | @@ -786,7 +786,8 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses, | ||
| 1138 | int i, j, rc = 0; | ||
| 1139 | int timeout, optype; | ||
| 1140 | struct mid_q_entry *midQ[MAX_COMPOUND]; | ||
| 1141 | - unsigned int credits = 0; | ||
| 1142 | + bool cancelled_mid[MAX_COMPOUND] = {false}; | ||
| 1143 | + unsigned int credits[MAX_COMPOUND] = {0}; | ||
| 1144 | char *buf; | ||
| 1145 | |||
| 1146 | timeout = flags & CIFS_TIMEOUT_MASK; | ||
| 1147 | @@ -804,13 +805,31 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses, | ||
| 1148 | return -ENOENT; | ||
| 1149 | |||
| 1150 | /* | ||
| 1151 | - * Ensure that we do not send more than 50 overlapping requests | ||
| 1152 | - * to the same server. We may make this configurable later or | ||
| 1153 | - * use ses->maxReq. | ||
| 1154 | + * Ensure we obtain 1 credit per request in the compound chain. | ||
| 1155 | + * It can be optimized further by waiting for all the credits | ||
| 1156 | + * at once but this can wait long enough if we don't have enough | ||
| 1157 | + * credits due to some heavy operations in progress or the server | ||
| 1158 | + * not granting us much, so a fallback to the current approach is | ||
| 1159 | + * needed anyway. | ||
| 1160 | */ | ||
| 1161 | - rc = wait_for_free_request(ses->server, timeout, optype); | ||
| 1162 | - if (rc) | ||
| 1163 | - return rc; | ||
| 1164 | + for (i = 0; i < num_rqst; i++) { | ||
| 1165 | + rc = wait_for_free_request(ses->server, timeout, optype); | ||
| 1166 | + if (rc) { | ||
| 1167 | + /* | ||
| 1168 | + * We haven't sent an SMB packet to the server yet but | ||
| 1169 | + * we already obtained credits for i requests in the | ||
| 1170 | + * compound chain - need to return those credits back | ||
| 1171 | + * for future use. Note that we need to call add_credits | ||
| 1172 | + * multiple times to match the way we obtained credits | ||
| 1173 | + * in the first place and to account for in flight | ||
| 1174 | + * requests correctly. | ||
| 1175 | + */ | ||
| 1176 | + for (j = 0; j < i; j++) | ||
| 1177 | + add_credits(ses->server, 1, optype); | ||
| 1178 | + return rc; | ||
| 1179 | + } | ||
| 1180 | + credits[i] = 1; | ||
| 1181 | + } | ||
| 1182 | |||
| 1183 | /* | ||
| 1184 | * Make sure that we sign in the same order that we send on this socket | ||
| 1185 | @@ -826,8 +845,10 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses, | ||
| 1186 | for (j = 0; j < i; j++) | ||
| 1187 | cifs_delete_mid(midQ[j]); | ||
| 1188 | mutex_unlock(&ses->server->srv_mutex); | ||
| 1189 | + | ||
| 1190 | /* Update # of requests on wire to server */ | ||
| 1191 | - add_credits(ses->server, 1, optype); | ||
| 1192 | + for (j = 0; j < num_rqst; j++) | ||
| 1193 | + add_credits(ses->server, credits[j], optype); | ||
| 1194 | return PTR_ERR(midQ[i]); | ||
| 1195 | } | ||
| 1196 | |||
| 1197 | @@ -874,19 +895,16 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses, | ||
| 1198 | if (midQ[i]->mid_state == MID_REQUEST_SUBMITTED) { | ||
| 1199 | midQ[i]->mid_flags |= MID_WAIT_CANCELLED; | ||
| 1200 | midQ[i]->callback = DeleteMidQEntry; | ||
| 1201 | - spin_unlock(&GlobalMid_Lock); | ||
| 1202 | - add_credits(ses->server, 1, optype); | ||
| 1203 | - return rc; | ||
| 1204 | + cancelled_mid[i] = true; | ||
| 1205 | } | ||
| 1206 | spin_unlock(&GlobalMid_Lock); | ||
| 1207 | } | ||
| 1208 | } | ||
| 1209 | |||
| 1210 | for (i = 0; i < num_rqst; i++) | ||
| 1211 | - if (midQ[i]->resp_buf) | ||
| 1212 | - credits += ses->server->ops->get_credits(midQ[i]); | ||
| 1213 | - if (!credits) | ||
| 1214 | - credits = 1; | ||
| 1215 | + if (!cancelled_mid[i] && midQ[i]->resp_buf | ||
| 1216 | + && (midQ[i]->mid_state == MID_RESPONSE_RECEIVED)) | ||
| 1217 | + credits[i] = ses->server->ops->get_credits(midQ[i]); | ||
| 1218 | |||
| 1219 | for (i = 0; i < num_rqst; i++) { | ||
| 1220 | if (rc < 0) | ||
| 1221 | @@ -894,8 +912,9 @@ compound_send_recv(const unsigned int xid, struct cifs_ses *ses, | ||
| 1222 | |||
| 1223 | rc = cifs_sync_mid_result(midQ[i], ses->server); | ||
| 1224 | if (rc != 0) { | ||
| 1225 | - add_credits(ses->server, credits, optype); | ||
| 1226 | - return rc; | ||
| 1227 | + /* mark this mid as cancelled to not free it below */ | ||
| 1228 | + cancelled_mid[i] = true; | ||
| 1229 | + goto out; | ||
| 1230 | } | ||
| 1231 | |||
| 1232 | if (!midQ[i]->resp_buf || | ||
| 1233 | @@ -942,9 +961,11 @@ out: | ||
| 1234 | * This is prevented above by using a noop callback that will not | ||
| 1235 | * wake this thread except for the very last PDU. | ||
| 1236 | */ | ||
| 1237 | - for (i = 0; i < num_rqst; i++) | ||
| 1238 | - cifs_delete_mid(midQ[i]); | ||
| 1239 | - add_credits(ses->server, credits, optype); | ||
| 1240 | + for (i = 0; i < num_rqst; i++) { | ||
| 1241 | + if (!cancelled_mid[i]) | ||
| 1242 | + cifs_delete_mid(midQ[i]); | ||
| 1243 | + add_credits(ses->server, credits[i], optype); | ||
| 1244 | + } | ||
| 1245 | |||
| 1246 | return rc; | ||
| 1247 | } | ||
| 1248 | diff --git a/fs/ext4/fsync.c b/fs/ext4/fsync.c | ||
| 1249 | index 26a7fe5c4fd3..712f00995390 100644 | ||
| 1250 | --- a/fs/ext4/fsync.c | ||
| 1251 | +++ b/fs/ext4/fsync.c | ||
| 1252 | @@ -116,8 +116,16 @@ int ext4_sync_file(struct file *file, loff_t start, loff_t end, int datasync) | ||
| 1253 | goto out; | ||
| 1254 | } | ||
| 1255 | |||
| 1256 | + ret = file_write_and_wait_range(file, start, end); | ||
| 1257 | + if (ret) | ||
| 1258 | + return ret; | ||
| 1259 | + | ||
| 1260 | if (!journal) { | ||
| 1261 | - ret = __generic_file_fsync(file, start, end, datasync); | ||
| 1262 | + struct writeback_control wbc = { | ||
| 1263 | + .sync_mode = WB_SYNC_ALL | ||
| 1264 | + }; | ||
| 1265 | + | ||
| 1266 | + ret = ext4_write_inode(inode, &wbc); | ||
| 1267 | if (!ret) | ||
| 1268 | ret = ext4_sync_parent(inode); | ||
| 1269 | if (test_opt(inode->i_sb, BARRIER)) | ||
| 1270 | @@ -125,9 +133,6 @@ int ext4_sync_file(struct file *file, loff_t start, loff_t end, int datasync) | ||
| 1271 | goto out; | ||
| 1272 | } | ||
| 1273 | |||
| 1274 | - ret = file_write_and_wait_range(file, start, end); | ||
| 1275 | - if (ret) | ||
| 1276 | - return ret; | ||
| 1277 | /* | ||
| 1278 | * data=writeback,ordered: | ||
| 1279 | * The caller's filemap_fdatawrite()/wait will sync the data. | ||
| 1280 | @@ -159,6 +164,9 @@ int ext4_sync_file(struct file *file, loff_t start, loff_t end, int datasync) | ||
| 1281 | ret = err; | ||
| 1282 | } | ||
| 1283 | out: | ||
| 1284 | + err = file_check_and_advance_wb_err(file); | ||
| 1285 | + if (ret == 0) | ||
| 1286 | + ret = err; | ||
| 1287 | trace_ext4_sync_file_exit(inode, ret); | ||
| 1288 | return ret; | ||
| 1289 | } | ||
| 1290 | diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c | ||
| 1291 | index 27373d88b5f0..56f6e1782d5f 100644 | ||
| 1292 | --- a/fs/ext4/inline.c | ||
| 1293 | +++ b/fs/ext4/inline.c | ||
| 1294 | @@ -1890,12 +1890,12 @@ int ext4_inline_data_fiemap(struct inode *inode, | ||
| 1295 | physical += (char *)ext4_raw_inode(&iloc) - iloc.bh->b_data; | ||
| 1296 | physical += offsetof(struct ext4_inode, i_block); | ||
| 1297 | |||
| 1298 | - if (physical) | ||
| 1299 | - error = fiemap_fill_next_extent(fieinfo, start, physical, | ||
| 1300 | - inline_len, flags); | ||
| 1301 | brelse(iloc.bh); | ||
| 1302 | out: | ||
| 1303 | up_read(&EXT4_I(inode)->xattr_sem); | ||
| 1304 | + if (physical) | ||
| 1305 | + error = fiemap_fill_next_extent(fieinfo, start, physical, | ||
| 1306 | + inline_len, flags); | ||
| 1307 | return (error < 0 ? error : 0); | ||
| 1308 | } | ||
| 1309 | |||
| 1310 | diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c | ||
| 1311 | index 36abbdafb26e..2c43c5b92229 100644 | ||
| 1312 | --- a/fs/ext4/inode.c | ||
| 1313 | +++ b/fs/ext4/inode.c | ||
| 1314 | @@ -2748,7 +2748,8 @@ static int ext4_writepages(struct address_space *mapping, | ||
| 1315 | * We may need to convert up to one extent per block in | ||
| 1316 | * the page and we may dirty the inode. | ||
| 1317 | */ | ||
| 1318 | - rsv_blocks = 1 + (PAGE_SIZE >> inode->i_blkbits); | ||
| 1319 | + rsv_blocks = 1 + ext4_chunk_trans_blocks(inode, | ||
| 1320 | + PAGE_SIZE >> inode->i_blkbits); | ||
| 1321 | } | ||
| 1322 | |||
| 1323 | /* | ||
| 1324 | @@ -4802,7 +4803,7 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino, | ||
| 1325 | gid_t i_gid; | ||
| 1326 | projid_t i_projid; | ||
| 1327 | |||
| 1328 | - if (((flags & EXT4_IGET_NORMAL) && | ||
| 1329 | + if ((!(flags & EXT4_IGET_SPECIAL) && | ||
| 1330 | (ino < EXT4_FIRST_INO(sb) && ino != EXT4_ROOT_INO)) || | ||
| 1331 | (ino < EXT4_ROOT_INO) || | ||
| 1332 | (ino > le32_to_cpu(EXT4_SB(sb)->s_es->s_inodes_count))) { | ||
| 1333 | diff --git a/fs/ext4/super.c b/fs/ext4/super.c | ||
| 1334 | index ee0f30852835..a1cf7d68b4f0 100644 | ||
| 1335 | --- a/fs/ext4/super.c | ||
| 1336 | +++ b/fs/ext4/super.c | ||
| 1337 | @@ -4904,7 +4904,7 @@ static int ext4_commit_super(struct super_block *sb, int sync) | ||
| 1338 | ext4_superblock_csum_set(sb); | ||
| 1339 | if (sync) | ||
| 1340 | lock_buffer(sbh); | ||
| 1341 | - if (buffer_write_io_error(sbh)) { | ||
| 1342 | + if (buffer_write_io_error(sbh) || !buffer_uptodate(sbh)) { | ||
| 1343 | /* | ||
| 1344 | * Oh, dear. A previous attempt to write the | ||
| 1345 | * superblock failed. This could happen because the | ||
| 1346 | diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h | ||
| 1347 | index 4d36b27214fd..0242f6eec4ea 100644 | ||
| 1348 | --- a/include/linux/compiler-gcc.h | ||
| 1349 | +++ b/include/linux/compiler-gcc.h | ||
| 1350 | @@ -75,7 +75,7 @@ | ||
| 1351 | #define __must_be_array(a) BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0])) | ||
| 1352 | #endif | ||
| 1353 | |||
| 1354 | -#ifdef RETPOLINE | ||
| 1355 | +#ifdef CONFIG_RETPOLINE | ||
| 1356 | #define __noretpoline __attribute__((indirect_branch("keep"))) | ||
| 1357 | #endif | ||
| 1358 | |||
| 1359 | diff --git a/include/linux/module.h b/include/linux/module.h | ||
| 1360 | index e19ae08c7fb8..904f94628132 100644 | ||
| 1361 | --- a/include/linux/module.h | ||
| 1362 | +++ b/include/linux/module.h | ||
| 1363 | @@ -818,7 +818,7 @@ static inline void module_bug_finalize(const Elf_Ehdr *hdr, | ||
| 1364 | static inline void module_bug_cleanup(struct module *mod) {} | ||
| 1365 | #endif /* CONFIG_GENERIC_BUG */ | ||
| 1366 | |||
| 1367 | -#ifdef RETPOLINE | ||
| 1368 | +#ifdef CONFIG_RETPOLINE | ||
| 1369 | extern bool retpoline_module_ok(bool has_retpoline); | ||
| 1370 | #else | ||
| 1371 | static inline bool retpoline_module_ok(bool has_retpoline) | ||
| 1372 | diff --git a/include/linux/sunrpc/svc.h b/include/linux/sunrpc/svc.h | ||
| 1373 | index 73e130a840ce..fdb6b317d974 100644 | ||
| 1374 | --- a/include/linux/sunrpc/svc.h | ||
| 1375 | +++ b/include/linux/sunrpc/svc.h | ||
| 1376 | @@ -295,9 +295,12 @@ struct svc_rqst { | ||
| 1377 | struct svc_cacherep * rq_cacherep; /* cache info */ | ||
| 1378 | struct task_struct *rq_task; /* service thread */ | ||
| 1379 | spinlock_t rq_lock; /* per-request lock */ | ||
| 1380 | + struct net *rq_bc_net; /* pointer to backchannel's | ||
| 1381 | + * net namespace | ||
| 1382 | + */ | ||
| 1383 | }; | ||
| 1384 | |||
| 1385 | -#define SVC_NET(svc_rqst) (svc_rqst->rq_xprt->xpt_net) | ||
| 1386 | +#define SVC_NET(rqst) (rqst->rq_xprt ? rqst->rq_xprt->xpt_net : rqst->rq_bc_net) | ||
| 1387 | |||
| 1388 | /* | ||
| 1389 | * Rigorous type checking on sockaddr type conversions | ||
| 1390 | diff --git a/include/trace/events/sunrpc.h b/include/trace/events/sunrpc.h | ||
| 1391 | index bbb08a3ef5cc..a2644c494a9c 100644 | ||
| 1392 | --- a/include/trace/events/sunrpc.h | ||
| 1393 | +++ b/include/trace/events/sunrpc.h | ||
| 1394 | @@ -582,7 +582,8 @@ TRACE_EVENT(svc_process, | ||
| 1395 | __field(u32, vers) | ||
| 1396 | __field(u32, proc) | ||
| 1397 | __string(service, name) | ||
| 1398 | - __string(addr, rqst->rq_xprt->xpt_remotebuf) | ||
| 1399 | + __string(addr, rqst->rq_xprt ? | ||
| 1400 | + rqst->rq_xprt->xpt_remotebuf : "(null)") | ||
| 1401 | ), | ||
| 1402 | |||
| 1403 | TP_fast_assign( | ||
| 1404 | @@ -590,7 +591,8 @@ TRACE_EVENT(svc_process, | ||
| 1405 | __entry->vers = rqst->rq_vers; | ||
| 1406 | __entry->proc = rqst->rq_proc; | ||
| 1407 | __assign_str(service, name); | ||
| 1408 | - __assign_str(addr, rqst->rq_xprt->xpt_remotebuf); | ||
| 1409 | + __assign_str(addr, rqst->rq_xprt ? | ||
| 1410 | + rqst->rq_xprt->xpt_remotebuf : "(null)"); | ||
| 1411 | ), | ||
| 1412 | |||
| 1413 | TP_printk("addr=%s xid=0x%08x service=%s vers=%u proc=%u", | ||
| 1414 | diff --git a/mm/memory.c b/mm/memory.c | ||
| 1415 | index 5c5df53dbdf9..281172540a9c 100644 | ||
| 1416 | --- a/mm/memory.c | ||
| 1417 | +++ b/mm/memory.c | ||
| 1418 | @@ -3237,6 +3237,29 @@ static vm_fault_t __do_fault(struct vm_fault *vmf) | ||
| 1419 | struct vm_area_struct *vma = vmf->vma; | ||
| 1420 | vm_fault_t ret; | ||
| 1421 | |||
| 1422 | + /* | ||
| 1423 | + * Preallocate pte before we take page_lock because this might lead to | ||
| 1424 | + * deadlocks for memcg reclaim which waits for pages under writeback: | ||
| 1425 | + * lock_page(A) | ||
| 1426 | + * SetPageWriteback(A) | ||
| 1427 | + * unlock_page(A) | ||
| 1428 | + * lock_page(B) | ||
| 1429 | + * lock_page(B) | ||
| 1430 | + * pte_alloc_pne | ||
| 1431 | + * shrink_page_list | ||
| 1432 | + * wait_on_page_writeback(A) | ||
| 1433 | + * SetPageWriteback(B) | ||
| 1434 | + * unlock_page(B) | ||
| 1435 | + * # flush A, B to clear the writeback | ||
| 1436 | + */ | ||
| 1437 | + if (pmd_none(*vmf->pmd) && !vmf->prealloc_pte) { | ||
| 1438 | + vmf->prealloc_pte = pte_alloc_one(vmf->vma->vm_mm, | ||
| 1439 | + vmf->address); | ||
| 1440 | + if (!vmf->prealloc_pte) | ||
| 1441 | + return VM_FAULT_OOM; | ||
| 1442 | + smp_wmb(); /* See comment in __pte_alloc() */ | ||
| 1443 | + } | ||
| 1444 | + | ||
| 1445 | ret = vma->vm_ops->fault(vmf); | ||
| 1446 | if (unlikely(ret & (VM_FAULT_ERROR | VM_FAULT_NOPAGE | VM_FAULT_RETRY | | ||
| 1447 | VM_FAULT_DONE_COW))) | ||
| 1448 | diff --git a/mm/slab.c b/mm/slab.c | ||
| 1449 | index d73c7a4820a4..fad6839e8eab 100644 | ||
| 1450 | --- a/mm/slab.c | ||
| 1451 | +++ b/mm/slab.c | ||
| 1452 | @@ -679,8 +679,10 @@ static struct alien_cache *__alloc_alien_cache(int node, int entries, | ||
| 1453 | struct alien_cache *alc = NULL; | ||
| 1454 | |||
| 1455 | alc = kmalloc_node(memsize, gfp, node); | ||
| 1456 | - init_arraycache(&alc->ac, entries, batch); | ||
| 1457 | - spin_lock_init(&alc->lock); | ||
| 1458 | + if (alc) { | ||
| 1459 | + init_arraycache(&alc->ac, entries, batch); | ||
| 1460 | + spin_lock_init(&alc->lock); | ||
| 1461 | + } | ||
| 1462 | return alc; | ||
| 1463 | } | ||
| 1464 | |||
| 1465 | diff --git a/mm/usercopy.c b/mm/usercopy.c | ||
| 1466 | index 852eb4e53f06..14faadcedd06 100644 | ||
| 1467 | --- a/mm/usercopy.c | ||
| 1468 | +++ b/mm/usercopy.c | ||
| 1469 | @@ -247,7 +247,8 @@ static DEFINE_STATIC_KEY_FALSE_RO(bypass_usercopy_checks); | ||
| 1470 | /* | ||
| 1471 | * Validates that the given object is: | ||
| 1472 | * - not bogus address | ||
| 1473 | - * - known-safe heap or stack object | ||
| 1474 | + * - fully contained by stack (or stack frame, when available) | ||
| 1475 | + * - fully within SLAB object (or object whitelist area, when available) | ||
| 1476 | * - not in kernel text | ||
| 1477 | */ | ||
| 1478 | void __check_object_size(const void *ptr, unsigned long n, bool to_user) | ||
| 1479 | @@ -262,9 +263,6 @@ void __check_object_size(const void *ptr, unsigned long n, bool to_user) | ||
| 1480 | /* Check for invalid addresses. */ | ||
| 1481 | check_bogus_address((const unsigned long)ptr, n, to_user); | ||
| 1482 | |||
| 1483 | - /* Check for bad heap object. */ | ||
| 1484 | - check_heap_object(ptr, n, to_user); | ||
| 1485 | - | ||
| 1486 | /* Check for bad stack object. */ | ||
| 1487 | switch (check_stack_object(ptr, n)) { | ||
| 1488 | case NOT_STACK: | ||
| 1489 | @@ -282,6 +280,9 @@ void __check_object_size(const void *ptr, unsigned long n, bool to_user) | ||
| 1490 | usercopy_abort("process stack", NULL, to_user, 0, n); | ||
| 1491 | } | ||
| 1492 | |||
| 1493 | + /* Check for bad heap object. */ | ||
| 1494 | + check_heap_object(ptr, n, to_user); | ||
| 1495 | + | ||
| 1496 | /* Check for object in kernel to avoid text exposure. */ | ||
| 1497 | check_kernel_text_object((const unsigned long)ptr, n, to_user); | ||
| 1498 | } | ||
| 1499 | diff --git a/mm/util.c b/mm/util.c | ||
| 1500 | index 9e3ebd2ef65f..6a24a1025d77 100644 | ||
| 1501 | --- a/mm/util.c | ||
| 1502 | +++ b/mm/util.c | ||
| 1503 | @@ -485,7 +485,7 @@ bool page_mapped(struct page *page) | ||
| 1504 | return true; | ||
| 1505 | if (PageHuge(page)) | ||
| 1506 | return false; | ||
| 1507 | - for (i = 0; i < hpage_nr_pages(page); i++) { | ||
| 1508 | + for (i = 0; i < (1 << compound_order(page)); i++) { | ||
| 1509 | if (atomic_read(&page[i]._mapcount) >= 0) | ||
| 1510 | return true; | ||
| 1511 | } | ||
| 1512 | diff --git a/net/sunrpc/svc.c b/net/sunrpc/svc.c | ||
| 1513 | index d13e05f1a990..d65f8d35de87 100644 | ||
| 1514 | --- a/net/sunrpc/svc.c | ||
| 1515 | +++ b/net/sunrpc/svc.c | ||
| 1516 | @@ -1144,6 +1144,8 @@ void svc_printk(struct svc_rqst *rqstp, const char *fmt, ...) | ||
| 1517 | static __printf(2,3) void svc_printk(struct svc_rqst *rqstp, const char *fmt, ...) {} | ||
| 1518 | #endif | ||
| 1519 | |||
| 1520 | +extern void svc_tcp_prep_reply_hdr(struct svc_rqst *); | ||
| 1521 | + | ||
| 1522 | /* | ||
| 1523 | * Common routine for processing the RPC request. | ||
| 1524 | */ | ||
| 1525 | @@ -1172,7 +1174,8 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) | ||
| 1526 | clear_bit(RQ_DROPME, &rqstp->rq_flags); | ||
| 1527 | |||
| 1528 | /* Setup reply header */ | ||
| 1529 | - rqstp->rq_xprt->xpt_ops->xpo_prep_reply_hdr(rqstp); | ||
| 1530 | + if (rqstp->rq_prot == IPPROTO_TCP) | ||
| 1531 | + svc_tcp_prep_reply_hdr(rqstp); | ||
| 1532 | |||
| 1533 | svc_putu32(resv, rqstp->rq_xid); | ||
| 1534 | |||
| 1535 | @@ -1244,7 +1247,7 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) | ||
| 1536 | * for lower versions. RPC_PROG_MISMATCH seems to be the closest | ||
| 1537 | * fit. | ||
| 1538 | */ | ||
| 1539 | - if (versp->vs_need_cong_ctrl && | ||
| 1540 | + if (versp->vs_need_cong_ctrl && rqstp->rq_xprt && | ||
| 1541 | !test_bit(XPT_CONG_CTRL, &rqstp->rq_xprt->xpt_flags)) | ||
| 1542 | goto err_bad_vers; | ||
| 1543 | |||
| 1544 | @@ -1336,7 +1339,7 @@ svc_process_common(struct svc_rqst *rqstp, struct kvec *argv, struct kvec *resv) | ||
| 1545 | return 0; | ||
| 1546 | |||
| 1547 | close: | ||
| 1548 | - if (test_bit(XPT_TEMP, &rqstp->rq_xprt->xpt_flags)) | ||
| 1549 | + if (rqstp->rq_xprt && test_bit(XPT_TEMP, &rqstp->rq_xprt->xpt_flags)) | ||
| 1550 | svc_close_xprt(rqstp->rq_xprt); | ||
| 1551 | dprintk("svc: svc_process close\n"); | ||
| 1552 | return 0; | ||
| 1553 | @@ -1459,10 +1462,10 @@ bc_svc_process(struct svc_serv *serv, struct rpc_rqst *req, | ||
| 1554 | dprintk("svc: %s(%p)\n", __func__, req); | ||
| 1555 | |||
| 1556 | /* Build the svc_rqst used by the common processing routine */ | ||
| 1557 | - rqstp->rq_xprt = serv->sv_bc_xprt; | ||
| 1558 | rqstp->rq_xid = req->rq_xid; | ||
| 1559 | rqstp->rq_prot = req->rq_xprt->prot; | ||
| 1560 | rqstp->rq_server = serv; | ||
| 1561 | + rqstp->rq_bc_net = req->rq_xprt->xprt_net; | ||
| 1562 | |||
| 1563 | rqstp->rq_addrlen = sizeof(req->rq_xprt->addr); | ||
| 1564 | memcpy(&rqstp->rq_addr, &req->rq_xprt->addr, rqstp->rq_addrlen); | ||
| 1565 | diff --git a/net/sunrpc/svc_xprt.c b/net/sunrpc/svc_xprt.c | ||
| 1566 | index 83ccd0221c98..6cf0fd37cbf0 100644 | ||
| 1567 | --- a/net/sunrpc/svc_xprt.c | ||
| 1568 | +++ b/net/sunrpc/svc_xprt.c | ||
| 1569 | @@ -469,10 +469,11 @@ out: | ||
| 1570 | */ | ||
| 1571 | void svc_reserve(struct svc_rqst *rqstp, int space) | ||
| 1572 | { | ||
| 1573 | + struct svc_xprt *xprt = rqstp->rq_xprt; | ||
| 1574 | + | ||
| 1575 | space += rqstp->rq_res.head[0].iov_len; | ||
| 1576 | |||
| 1577 | - if (space < rqstp->rq_reserved) { | ||
| 1578 | - struct svc_xprt *xprt = rqstp->rq_xprt; | ||
| 1579 | + if (xprt && space < rqstp->rq_reserved) { | ||
| 1580 | atomic_sub((rqstp->rq_reserved - space), &xprt->xpt_reserved); | ||
| 1581 | rqstp->rq_reserved = space; | ||
| 1582 | |||
| 1583 | diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c | ||
| 1584 | index fc1c0d9ef57d..97a8282955a8 100644 | ||
| 1585 | --- a/net/sunrpc/svcsock.c | ||
| 1586 | +++ b/net/sunrpc/svcsock.c | ||
| 1587 | @@ -1198,7 +1198,7 @@ static int svc_tcp_sendto(struct svc_rqst *rqstp) | ||
| 1588 | /* | ||
| 1589 | * Setup response header. TCP has a 4B record length field. | ||
| 1590 | */ | ||
| 1591 | -static void svc_tcp_prep_reply_hdr(struct svc_rqst *rqstp) | ||
| 1592 | +void svc_tcp_prep_reply_hdr(struct svc_rqst *rqstp) | ||
| 1593 | { | ||
| 1594 | struct kvec *resv = &rqstp->rq_res.head[0]; | ||
| 1595 | |||
| 1596 | diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c | ||
| 1597 | index 0d998c54564d..5a5b3780456f 100644 | ||
| 1598 | --- a/scripts/mod/modpost.c | ||
| 1599 | +++ b/scripts/mod/modpost.c | ||
| 1600 | @@ -2157,7 +2157,7 @@ static void add_intree_flag(struct buffer *b, int is_intree) | ||
| 1601 | /* Cannot check for assembler */ | ||
| 1602 | static void add_retpoline(struct buffer *b) | ||
| 1603 | { | ||
| 1604 | - buf_printf(b, "\n#ifdef RETPOLINE\n"); | ||
| 1605 | + buf_printf(b, "\n#ifdef CONFIG_RETPOLINE\n"); | ||
| 1606 | buf_printf(b, "MODULE_INFO(retpoline, \"Y\");\n"); | ||
| 1607 | buf_printf(b, "#endif\n"); | ||
| 1608 | } | ||
| 1609 | diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c | ||
| 1610 | index 854d63c01dd2..8b9f2487969b 100644 | ||
| 1611 | --- a/sound/pci/hda/patch_realtek.c | ||
| 1612 | +++ b/sound/pci/hda/patch_realtek.c | ||
| 1613 | @@ -4102,6 +4102,7 @@ static void alc_headset_mode_unplugged(struct hda_codec *codec) | ||
| 1614 | case 0x10ec0295: | ||
| 1615 | case 0x10ec0289: | ||
| 1616 | case 0x10ec0299: | ||
| 1617 | + alc_process_coef_fw(codec, alc225_pre_hsmode); | ||
| 1618 | alc_process_coef_fw(codec, coef0225); | ||
| 1619 | break; | ||
| 1620 | case 0x10ec0867: | ||
| 1621 | @@ -5380,6 +5381,13 @@ static void alc285_fixup_invalidate_dacs(struct hda_codec *codec, | ||
| 1622 | snd_hda_override_wcaps(codec, 0x03, 0); | ||
| 1623 | } | ||
| 1624 | |||
| 1625 | +static void alc_fixup_disable_mic_vref(struct hda_codec *codec, | ||
| 1626 | + const struct hda_fixup *fix, int action) | ||
| 1627 | +{ | ||
| 1628 | + if (action == HDA_FIXUP_ACT_PRE_PROBE) | ||
| 1629 | + snd_hda_codec_set_pin_target(codec, 0x19, PIN_VREFHIZ); | ||
| 1630 | +} | ||
| 1631 | + | ||
| 1632 | /* for hda_fixup_thinkpad_acpi() */ | ||
| 1633 | #include "thinkpad_helper.c" | ||
| 1634 | |||
| 1635 | @@ -5492,6 +5500,7 @@ enum { | ||
| 1636 | ALC293_FIXUP_LENOVO_SPK_NOISE, | ||
| 1637 | ALC233_FIXUP_LENOVO_LINE2_MIC_HOTKEY, | ||
| 1638 | ALC255_FIXUP_DELL_SPK_NOISE, | ||
| 1639 | + ALC225_FIXUP_DISABLE_MIC_VREF, | ||
| 1640 | ALC225_FIXUP_DELL1_MIC_NO_PRESENCE, | ||
| 1641 | ALC295_FIXUP_DISABLE_DAC3, | ||
| 1642 | ALC280_FIXUP_HP_HEADSET_MIC, | ||
| 1643 | @@ -6191,6 +6200,12 @@ static const struct hda_fixup alc269_fixups[] = { | ||
| 1644 | .chained = true, | ||
| 1645 | .chain_id = ALC255_FIXUP_DELL1_MIC_NO_PRESENCE | ||
| 1646 | }, | ||
| 1647 | + [ALC225_FIXUP_DISABLE_MIC_VREF] = { | ||
| 1648 | + .type = HDA_FIXUP_FUNC, | ||
| 1649 | + .v.func = alc_fixup_disable_mic_vref, | ||
| 1650 | + .chained = true, | ||
| 1651 | + .chain_id = ALC269_FIXUP_DELL1_MIC_NO_PRESENCE | ||
| 1652 | + }, | ||
| 1653 | [ALC225_FIXUP_DELL1_MIC_NO_PRESENCE] = { | ||
| 1654 | .type = HDA_FIXUP_VERBS, | ||
| 1655 | .v.verbs = (const struct hda_verb[]) { | ||
| 1656 | @@ -6200,7 +6215,7 @@ static const struct hda_fixup alc269_fixups[] = { | ||
| 1657 | {} | ||
| 1658 | }, | ||
| 1659 | .chained = true, | ||
| 1660 | - .chain_id = ALC269_FIXUP_DELL1_MIC_NO_PRESENCE | ||
| 1661 | + .chain_id = ALC225_FIXUP_DISABLE_MIC_VREF | ||
| 1662 | }, | ||
| 1663 | [ALC280_FIXUP_HP_HEADSET_MIC] = { | ||
| 1664 | .type = HDA_FIXUP_FUNC, | ||
| 1665 | @@ -6503,6 +6518,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { | ||
| 1666 | SND_PCI_QUIRK(0x1028, 0x0871, "Dell Precision 3630", ALC255_FIXUP_DELL_HEADSET_MIC), | ||
| 1667 | SND_PCI_QUIRK(0x1028, 0x0872, "Dell Precision 3630", ALC255_FIXUP_DELL_HEADSET_MIC), | ||
| 1668 | SND_PCI_QUIRK(0x1028, 0x0873, "Dell Precision 3930", ALC255_FIXUP_DUMMY_LINEOUT_VERB), | ||
| 1669 | + SND_PCI_QUIRK(0x1028, 0x0935, "Dell", ALC274_FIXUP_DELL_AIO_LINEOUT_VERB), | ||
| 1670 | SND_PCI_QUIRK(0x1028, 0x164a, "Dell", ALC293_FIXUP_DELL1_MIC_NO_PRESENCE), | ||
| 1671 | SND_PCI_QUIRK(0x1028, 0x164b, "Dell", ALC293_FIXUP_DELL1_MIC_NO_PRESENCE), | ||
| 1672 | SND_PCI_QUIRK(0x103c, 0x1586, "HP", ALC269_FIXUP_HP_MUTE_LED_MIC2), | ||
| 1673 | diff --git a/virt/kvm/arm/arm.c b/virt/kvm/arm/arm.c | ||
| 1674 | index 8fb31a7cc22c..91495045ad5a 100644 | ||
| 1675 | --- a/virt/kvm/arm/arm.c | ||
| 1676 | +++ b/virt/kvm/arm/arm.c | ||
| 1677 | @@ -66,7 +66,7 @@ static DEFINE_PER_CPU(struct kvm_vcpu *, kvm_arm_running_vcpu); | ||
| 1678 | static atomic64_t kvm_vmid_gen = ATOMIC64_INIT(1); | ||
| 1679 | static u32 kvm_next_vmid; | ||
| 1680 | static unsigned int kvm_vmid_bits __read_mostly; | ||
| 1681 | -static DEFINE_RWLOCK(kvm_vmid_lock); | ||
| 1682 | +static DEFINE_SPINLOCK(kvm_vmid_lock); | ||
| 1683 | |||
| 1684 | static bool vgic_present; | ||
| 1685 | |||
| 1686 | @@ -482,7 +482,9 @@ void force_vm_exit(const cpumask_t *mask) | ||
| 1687 | */ | ||
| 1688 | static bool need_new_vmid_gen(struct kvm *kvm) | ||
| 1689 | { | ||
| 1690 | - return unlikely(kvm->arch.vmid_gen != atomic64_read(&kvm_vmid_gen)); | ||
| 1691 | + u64 current_vmid_gen = atomic64_read(&kvm_vmid_gen); | ||
| 1692 | + smp_rmb(); /* Orders read of kvm_vmid_gen and kvm->arch.vmid */ | ||
| 1693 | + return unlikely(READ_ONCE(kvm->arch.vmid_gen) != current_vmid_gen); | ||
| 1694 | } | ||
| 1695 | |||
| 1696 | /** | ||
| 1697 | @@ -497,16 +499,11 @@ static void update_vttbr(struct kvm *kvm) | ||
| 1698 | { | ||
| 1699 | phys_addr_t pgd_phys; | ||
| 1700 | u64 vmid; | ||
| 1701 | - bool new_gen; | ||
| 1702 | |||
| 1703 | - read_lock(&kvm_vmid_lock); | ||
| 1704 | - new_gen = need_new_vmid_gen(kvm); | ||
| 1705 | - read_unlock(&kvm_vmid_lock); | ||
| 1706 | - | ||
| 1707 | - if (!new_gen) | ||
| 1708 | + if (!need_new_vmid_gen(kvm)) | ||
| 1709 | return; | ||
| 1710 | |||
| 1711 | - write_lock(&kvm_vmid_lock); | ||
| 1712 | + spin_lock(&kvm_vmid_lock); | ||
| 1713 | |||
| 1714 | /* | ||
| 1715 | * We need to re-check the vmid_gen here to ensure that if another vcpu | ||
| 1716 | @@ -514,7 +511,7 @@ static void update_vttbr(struct kvm *kvm) | ||
| 1717 | * use the same vmid. | ||
| 1718 | */ | ||
| 1719 | if (!need_new_vmid_gen(kvm)) { | ||
| 1720 | - write_unlock(&kvm_vmid_lock); | ||
| 1721 | + spin_unlock(&kvm_vmid_lock); | ||
| 1722 | return; | ||
| 1723 | } | ||
| 1724 | |||
| 1725 | @@ -537,7 +534,6 @@ static void update_vttbr(struct kvm *kvm) | ||
| 1726 | kvm_call_hyp(__kvm_flush_vm_context); | ||
| 1727 | } | ||
| 1728 | |||
| 1729 | - kvm->arch.vmid_gen = atomic64_read(&kvm_vmid_gen); | ||
| 1730 | kvm->arch.vmid = kvm_next_vmid; | ||
| 1731 | kvm_next_vmid++; | ||
| 1732 | kvm_next_vmid &= (1 << kvm_vmid_bits) - 1; | ||
| 1733 | @@ -548,7 +544,10 @@ static void update_vttbr(struct kvm *kvm) | ||
| 1734 | vmid = ((u64)(kvm->arch.vmid) << VTTBR_VMID_SHIFT) & VTTBR_VMID_MASK(kvm_vmid_bits); | ||
| 1735 | kvm->arch.vttbr = kvm_phys_to_vttbr(pgd_phys) | vmid; | ||
| 1736 | |||
| 1737 | - write_unlock(&kvm_vmid_lock); | ||
| 1738 | + smp_wmb(); | ||
| 1739 | + WRITE_ONCE(kvm->arch.vmid_gen, atomic64_read(&kvm_vmid_gen)); | ||
| 1740 | + | ||
| 1741 | + spin_unlock(&kvm_vmid_lock); | ||
| 1742 | } | ||
| 1743 | |||
| 1744 | static int kvm_vcpu_first_run_init(struct kvm_vcpu *vcpu) |