Annotation of /trunk/kernel-alx/patches-4.9/0192-4.9.93-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 3169 -
(hide annotations)
(download)
Wed Aug 8 14:17:25 2018 UTC (5 years, 9 months ago) by niro
File size: 121072 byte(s)
Wed Aug 8 14:17:25 2018 UTC (5 years, 9 months ago) by niro
File size: 121072 byte(s)
-linux-4.9.93
| 1 | niro | 3169 | diff --git a/Documentation/devicetree/bindings/pinctrl/pinctrl-palmas.txt b/Documentation/devicetree/bindings/pinctrl/pinctrl-palmas.txt |
| 2 | index caf297bee1fb..c28d4eb83b76 100644 | ||
| 3 | --- a/Documentation/devicetree/bindings/pinctrl/pinctrl-palmas.txt | ||
| 4 | +++ b/Documentation/devicetree/bindings/pinctrl/pinctrl-palmas.txt | ||
| 5 | @@ -35,6 +35,15 @@ Optional properties: | ||
| 6 | - ti,palmas-enable-dvfs2: Enable DVFS2. Configure pins for DVFS2 mode. | ||
| 7 | Selection primary or secondary function associated to GPADC_START | ||
| 8 | and SYSEN2 pin/pad for DVFS2 interface | ||
| 9 | +- ti,palmas-override-powerhold: This is applicable for PMICs for which | ||
| 10 | + GPIO7 is configured in POWERHOLD mode which has higher priority | ||
| 11 | + over DEV_ON bit and keeps the PMIC supplies on even after the DEV_ON | ||
| 12 | + bit is turned off. This property enables driver to over ride the | ||
| 13 | + POWERHOLD value to GPIO7 so as to turn off the PMIC in power off | ||
| 14 | + scenarios. So for GPIO7 if ti,palmas-override-powerhold is set | ||
| 15 | + then the GPIO_7 field should never be muxed to anything else. | ||
| 16 | + It should be set to POWERHOLD by default and only in case of | ||
| 17 | + power off scenarios the driver will over ride the mux value. | ||
| 18 | |||
| 19 | This binding uses the following generic properties as defined in | ||
| 20 | pinctrl-bindings.txt: | ||
| 21 | diff --git a/Makefile b/Makefile | ||
| 22 | index 3ab3b8203bf6..f5cf4159fc20 100644 | ||
| 23 | --- a/Makefile | ||
| 24 | +++ b/Makefile | ||
| 25 | @@ -1,6 +1,6 @@ | ||
| 26 | VERSION = 4 | ||
| 27 | PATCHLEVEL = 9 | ||
| 28 | -SUBLEVEL = 92 | ||
| 29 | +SUBLEVEL = 93 | ||
| 30 | EXTRAVERSION = | ||
| 31 | NAME = Roaring Lionus | ||
| 32 | |||
| 33 | diff --git a/arch/arm/boot/dts/am335x-pepper.dts b/arch/arm/boot/dts/am335x-pepper.dts | ||
| 34 | index 42b62f54e4b7..30e2f8770aaf 100644 | ||
| 35 | --- a/arch/arm/boot/dts/am335x-pepper.dts | ||
| 36 | +++ b/arch/arm/boot/dts/am335x-pepper.dts | ||
| 37 | @@ -139,7 +139,7 @@ | ||
| 38 | &audio_codec { | ||
| 39 | status = "okay"; | ||
| 40 | |||
| 41 | - reset-gpios = <&gpio1 16 GPIO_ACTIVE_LOW>; | ||
| 42 | + gpio-reset = <&gpio1 16 GPIO_ACTIVE_LOW>; | ||
| 43 | AVDD-supply = <&ldo3_reg>; | ||
| 44 | IOVDD-supply = <&ldo3_reg>; | ||
| 45 | DRVDD-supply = <&ldo3_reg>; | ||
| 46 | diff --git a/arch/arm/boot/dts/am57xx-beagle-x15-common.dtsi b/arch/arm/boot/dts/am57xx-beagle-x15-common.dtsi | ||
| 47 | index 6df7829a2c15..78bee26361f1 100644 | ||
| 48 | --- a/arch/arm/boot/dts/am57xx-beagle-x15-common.dtsi | ||
| 49 | +++ b/arch/arm/boot/dts/am57xx-beagle-x15-common.dtsi | ||
| 50 | @@ -204,6 +204,7 @@ | ||
| 51 | interrupt-controller; | ||
| 52 | |||
| 53 | ti,system-power-controller; | ||
| 54 | + ti,palmas-override-powerhold; | ||
| 55 | |||
| 56 | tps659038_pmic { | ||
| 57 | compatible = "ti,tps659038-pmic"; | ||
| 58 | diff --git a/arch/arm/boot/dts/am57xx-idk-common.dtsi b/arch/arm/boot/dts/am57xx-idk-common.dtsi | ||
| 59 | index db858fff4e18..1cc62727e43a 100644 | ||
| 60 | --- a/arch/arm/boot/dts/am57xx-idk-common.dtsi | ||
| 61 | +++ b/arch/arm/boot/dts/am57xx-idk-common.dtsi | ||
| 62 | @@ -57,6 +57,7 @@ | ||
| 63 | #interrupt-cells = <2>; | ||
| 64 | interrupt-controller; | ||
| 65 | ti,system-power-controller; | ||
| 66 | + ti,palmas-override-powerhold; | ||
| 67 | |||
| 68 | tps659038_pmic { | ||
| 69 | compatible = "ti,tps659038-pmic"; | ||
| 70 | diff --git a/arch/arm/boot/dts/dra7-evm.dts b/arch/arm/boot/dts/dra7-evm.dts | ||
| 71 | index 132f2be10889..56311fd34f81 100644 | ||
| 72 | --- a/arch/arm/boot/dts/dra7-evm.dts | ||
| 73 | +++ b/arch/arm/boot/dts/dra7-evm.dts | ||
| 74 | @@ -398,6 +398,8 @@ | ||
| 75 | tps659038: tps659038@58 { | ||
| 76 | compatible = "ti,tps659038"; | ||
| 77 | reg = <0x58>; | ||
| 78 | + ti,palmas-override-powerhold; | ||
| 79 | + ti,system-power-controller; | ||
| 80 | |||
| 81 | tps659038_pmic { | ||
| 82 | compatible = "ti,tps659038-pmic"; | ||
| 83 | diff --git a/arch/arm/boot/dts/omap3-n900.dts b/arch/arm/boot/dts/omap3-n900.dts | ||
| 84 | index 6003b29c0fc0..4d448f145ed1 100644 | ||
| 85 | --- a/arch/arm/boot/dts/omap3-n900.dts | ||
| 86 | +++ b/arch/arm/boot/dts/omap3-n900.dts | ||
| 87 | @@ -510,7 +510,7 @@ | ||
| 88 | tlv320aic3x: tlv320aic3x@18 { | ||
| 89 | compatible = "ti,tlv320aic3x"; | ||
| 90 | reg = <0x18>; | ||
| 91 | - reset-gpios = <&gpio2 28 GPIO_ACTIVE_LOW>; /* 60 */ | ||
| 92 | + gpio-reset = <&gpio2 28 GPIO_ACTIVE_HIGH>; /* 60 */ | ||
| 93 | ai3x-gpio-func = < | ||
| 94 | 0 /* AIC3X_GPIO1_FUNC_DISABLED */ | ||
| 95 | 5 /* AIC3X_GPIO2_FUNC_DIGITAL_MIC_INPUT */ | ||
| 96 | @@ -527,7 +527,7 @@ | ||
| 97 | tlv320aic3x_aux: tlv320aic3x@19 { | ||
| 98 | compatible = "ti,tlv320aic3x"; | ||
| 99 | reg = <0x19>; | ||
| 100 | - reset-gpios = <&gpio2 28 GPIO_ACTIVE_LOW>; /* 60 */ | ||
| 101 | + gpio-reset = <&gpio2 28 GPIO_ACTIVE_HIGH>; /* 60 */ | ||
| 102 | |||
| 103 | AVDD-supply = <&vmmc2>; | ||
| 104 | DRVDD-supply = <&vmmc2>; | ||
| 105 | diff --git a/arch/arm/vfp/vfpmodule.c b/arch/arm/vfp/vfpmodule.c | ||
| 106 | index da0b33deba6d..5629d7580973 100644 | ||
| 107 | --- a/arch/arm/vfp/vfpmodule.c | ||
| 108 | +++ b/arch/arm/vfp/vfpmodule.c | ||
| 109 | @@ -648,7 +648,7 @@ int vfp_restore_user_hwstate(struct user_vfp __user *ufp, | ||
| 110 | */ | ||
| 111 | static int vfp_dying_cpu(unsigned int cpu) | ||
| 112 | { | ||
| 113 | - vfp_force_reload(cpu, current_thread_info()); | ||
| 114 | + vfp_current_hw_state[cpu] = NULL; | ||
| 115 | return 0; | ||
| 116 | } | ||
| 117 | |||
| 118 | diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig | ||
| 119 | index 7769c2e27788..c8471cf46cbb 100644 | ||
| 120 | --- a/arch/arm64/Kconfig | ||
| 121 | +++ b/arch/arm64/Kconfig | ||
| 122 | @@ -733,6 +733,18 @@ config FORCE_MAX_ZONEORDER | ||
| 123 | However for 4K, we choose a higher default value, 11 as opposed to 10, giving us | ||
| 124 | 4M allocations matching the default size used by generic code. | ||
| 125 | |||
| 126 | +config UNMAP_KERNEL_AT_EL0 | ||
| 127 | + bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT | ||
| 128 | + default y | ||
| 129 | + help | ||
| 130 | + Speculation attacks against some high-performance processors can | ||
| 131 | + be used to bypass MMU permission checks and leak kernel data to | ||
| 132 | + userspace. This can be defended against by unmapping the kernel | ||
| 133 | + when running in userspace, mapping it back in on exception entry | ||
| 134 | + via a trampoline page in the vector table. | ||
| 135 | + | ||
| 136 | + If unsure, say Y. | ||
| 137 | + | ||
| 138 | menuconfig ARMV8_DEPRECATED | ||
| 139 | bool "Emulate deprecated/obsolete ARMv8 instructions" | ||
| 140 | depends on COMPAT | ||
| 141 | diff --git a/arch/arm64/include/asm/assembler.h b/arch/arm64/include/asm/assembler.h | ||
| 142 | index 851290d2bfe3..7193bf97b8da 100644 | ||
| 143 | --- a/arch/arm64/include/asm/assembler.h | ||
| 144 | +++ b/arch/arm64/include/asm/assembler.h | ||
| 145 | @@ -413,4 +413,7 @@ alternative_endif | ||
| 146 | movk \reg, :abs_g0_nc:\val | ||
| 147 | .endm | ||
| 148 | |||
| 149 | + .macro pte_to_phys, phys, pte | ||
| 150 | + and \phys, \pte, #(((1 << (48 - PAGE_SHIFT)) - 1) << PAGE_SHIFT) | ||
| 151 | + .endm | ||
| 152 | #endif /* __ASM_ASSEMBLER_H */ | ||
| 153 | diff --git a/arch/arm64/include/asm/cpucaps.h b/arch/arm64/include/asm/cpucaps.h | ||
| 154 | index 87b446535185..7ddf233f05bd 100644 | ||
| 155 | --- a/arch/arm64/include/asm/cpucaps.h | ||
| 156 | +++ b/arch/arm64/include/asm/cpucaps.h | ||
| 157 | @@ -34,7 +34,8 @@ | ||
| 158 | #define ARM64_HAS_32BIT_EL0 13 | ||
| 159 | #define ARM64_HYP_OFFSET_LOW 14 | ||
| 160 | #define ARM64_MISMATCHED_CACHE_LINE_SIZE 15 | ||
| 161 | +#define ARM64_UNMAP_KERNEL_AT_EL0 16 | ||
| 162 | |||
| 163 | -#define ARM64_NCAPS 16 | ||
| 164 | +#define ARM64_NCAPS 17 | ||
| 165 | |||
| 166 | #endif /* __ASM_CPUCAPS_H */ | ||
| 167 | diff --git a/arch/arm64/include/asm/cputype.h b/arch/arm64/include/asm/cputype.h | ||
| 168 | index 26a68ddb11c1..1d47930c30dc 100644 | ||
| 169 | --- a/arch/arm64/include/asm/cputype.h | ||
| 170 | +++ b/arch/arm64/include/asm/cputype.h | ||
| 171 | @@ -81,6 +81,7 @@ | ||
| 172 | |||
| 173 | #define CAVIUM_CPU_PART_THUNDERX 0x0A1 | ||
| 174 | #define CAVIUM_CPU_PART_THUNDERX_81XX 0x0A2 | ||
| 175 | +#define CAVIUM_CPU_PART_THUNDERX2 0x0AF | ||
| 176 | |||
| 177 | #define BRCM_CPU_PART_VULCAN 0x516 | ||
| 178 | |||
| 179 | @@ -88,6 +89,8 @@ | ||
| 180 | #define MIDR_CORTEX_A57 MIDR_CPU_MODEL(ARM_CPU_IMP_ARM, ARM_CPU_PART_CORTEX_A57) | ||
| 181 | #define MIDR_THUNDERX MIDR_CPU_MODEL(ARM_CPU_IMP_CAVIUM, CAVIUM_CPU_PART_THUNDERX) | ||
| 182 | #define MIDR_THUNDERX_81XX MIDR_CPU_MODEL(ARM_CPU_IMP_CAVIUM, CAVIUM_CPU_PART_THUNDERX_81XX) | ||
| 183 | +#define MIDR_CAVIUM_THUNDERX2 MIDR_CPU_MODEL(ARM_CPU_IMP_CAVIUM, CAVIUM_CPU_PART_THUNDERX2) | ||
| 184 | +#define MIDR_BRCM_VULCAN MIDR_CPU_MODEL(ARM_CPU_IMP_BRCM, BRCM_CPU_PART_VULCAN) | ||
| 185 | |||
| 186 | #ifndef __ASSEMBLY__ | ||
| 187 | |||
| 188 | diff --git a/arch/arm64/include/asm/fixmap.h b/arch/arm64/include/asm/fixmap.h | ||
| 189 | index caf86be815ba..d8e58051f32d 100644 | ||
| 190 | --- a/arch/arm64/include/asm/fixmap.h | ||
| 191 | +++ b/arch/arm64/include/asm/fixmap.h | ||
| 192 | @@ -51,6 +51,12 @@ enum fixed_addresses { | ||
| 193 | |||
| 194 | FIX_EARLYCON_MEM_BASE, | ||
| 195 | FIX_TEXT_POKE0, | ||
| 196 | + | ||
| 197 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 198 | + FIX_ENTRY_TRAMP_DATA, | ||
| 199 | + FIX_ENTRY_TRAMP_TEXT, | ||
| 200 | +#define TRAMP_VALIAS (__fix_to_virt(FIX_ENTRY_TRAMP_TEXT)) | ||
| 201 | +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ | ||
| 202 | __end_of_permanent_fixed_addresses, | ||
| 203 | |||
| 204 | /* | ||
| 205 | diff --git a/arch/arm64/include/asm/memory.h b/arch/arm64/include/asm/memory.h | ||
| 206 | index 53211a0acf0f..5e3faba689e0 100644 | ||
| 207 | --- a/arch/arm64/include/asm/memory.h | ||
| 208 | +++ b/arch/arm64/include/asm/memory.h | ||
| 209 | @@ -64,8 +64,10 @@ | ||
| 210 | * TASK_UNMAPPED_BASE - the lower boundary of the mmap VM area. | ||
| 211 | */ | ||
| 212 | #define VA_BITS (CONFIG_ARM64_VA_BITS) | ||
| 213 | -#define VA_START (UL(0xffffffffffffffff) << VA_BITS) | ||
| 214 | -#define PAGE_OFFSET (UL(0xffffffffffffffff) << (VA_BITS - 1)) | ||
| 215 | +#define VA_START (UL(0xffffffffffffffff) - \ | ||
| 216 | + (UL(1) << VA_BITS) + 1) | ||
| 217 | +#define PAGE_OFFSET (UL(0xffffffffffffffff) - \ | ||
| 218 | + (UL(1) << (VA_BITS - 1)) + 1) | ||
| 219 | #define KIMAGE_VADDR (MODULES_END) | ||
| 220 | #define MODULES_END (MODULES_VADDR + MODULES_VSIZE) | ||
| 221 | #define MODULES_VADDR (VA_START + KASAN_SHADOW_SIZE) | ||
| 222 | diff --git a/arch/arm64/include/asm/mmu.h b/arch/arm64/include/asm/mmu.h | ||
| 223 | index 8d9fce037b2f..a813edf28737 100644 | ||
| 224 | --- a/arch/arm64/include/asm/mmu.h | ||
| 225 | +++ b/arch/arm64/include/asm/mmu.h | ||
| 226 | @@ -16,6 +16,10 @@ | ||
| 227 | #ifndef __ASM_MMU_H | ||
| 228 | #define __ASM_MMU_H | ||
| 229 | |||
| 230 | +#define USER_ASID_FLAG (UL(1) << 48) | ||
| 231 | + | ||
| 232 | +#ifndef __ASSEMBLY__ | ||
| 233 | + | ||
| 234 | typedef struct { | ||
| 235 | atomic64_t id; | ||
| 236 | void *vdso; | ||
| 237 | @@ -28,6 +32,12 @@ typedef struct { | ||
| 238 | */ | ||
| 239 | #define ASID(mm) ((mm)->context.id.counter & 0xffff) | ||
| 240 | |||
| 241 | +static inline bool arm64_kernel_unmapped_at_el0(void) | ||
| 242 | +{ | ||
| 243 | + return IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0) && | ||
| 244 | + cpus_have_cap(ARM64_UNMAP_KERNEL_AT_EL0); | ||
| 245 | +} | ||
| 246 | + | ||
| 247 | extern void paging_init(void); | ||
| 248 | extern void bootmem_init(void); | ||
| 249 | extern void __iomem *early_io_map(phys_addr_t phys, unsigned long virt); | ||
| 250 | @@ -37,4 +47,5 @@ extern void create_pgd_mapping(struct mm_struct *mm, phys_addr_t phys, | ||
| 251 | pgprot_t prot, bool allow_block_mappings); | ||
| 252 | extern void *fixmap_remap_fdt(phys_addr_t dt_phys); | ||
| 253 | |||
| 254 | +#endif /* !__ASSEMBLY__ */ | ||
| 255 | #endif | ||
| 256 | diff --git a/arch/arm64/include/asm/mmu_context.h b/arch/arm64/include/asm/mmu_context.h | ||
| 257 | index a50185375f09..b96c4799f881 100644 | ||
| 258 | --- a/arch/arm64/include/asm/mmu_context.h | ||
| 259 | +++ b/arch/arm64/include/asm/mmu_context.h | ||
| 260 | @@ -50,6 +50,13 @@ static inline void cpu_set_reserved_ttbr0(void) | ||
| 261 | isb(); | ||
| 262 | } | ||
| 263 | |||
| 264 | +static inline void cpu_switch_mm(pgd_t *pgd, struct mm_struct *mm) | ||
| 265 | +{ | ||
| 266 | + BUG_ON(pgd == swapper_pg_dir); | ||
| 267 | + cpu_set_reserved_ttbr0(); | ||
| 268 | + cpu_do_switch_mm(virt_to_phys(pgd),mm); | ||
| 269 | +} | ||
| 270 | + | ||
| 271 | /* | ||
| 272 | * TCR.T0SZ value to use when the ID map is active. Usually equals | ||
| 273 | * TCR_T0SZ(VA_BITS), unless system RAM is positioned very high in | ||
| 274 | diff --git a/arch/arm64/include/asm/pgtable-hwdef.h b/arch/arm64/include/asm/pgtable-hwdef.h | ||
| 275 | index eb0c2bd90de9..8df4cb6ac6f7 100644 | ||
| 276 | --- a/arch/arm64/include/asm/pgtable-hwdef.h | ||
| 277 | +++ b/arch/arm64/include/asm/pgtable-hwdef.h | ||
| 278 | @@ -272,6 +272,7 @@ | ||
| 279 | #define TCR_TG1_4K (UL(2) << TCR_TG1_SHIFT) | ||
| 280 | #define TCR_TG1_64K (UL(3) << TCR_TG1_SHIFT) | ||
| 281 | |||
| 282 | +#define TCR_A1 (UL(1) << 22) | ||
| 283 | #define TCR_ASID16 (UL(1) << 36) | ||
| 284 | #define TCR_TBI0 (UL(1) << 37) | ||
| 285 | #define TCR_HA (UL(1) << 39) | ||
| 286 | diff --git a/arch/arm64/include/asm/pgtable-prot.h b/arch/arm64/include/asm/pgtable-prot.h | ||
| 287 | index 2142c7726e76..f705d96a76f2 100644 | ||
| 288 | --- a/arch/arm64/include/asm/pgtable-prot.h | ||
| 289 | +++ b/arch/arm64/include/asm/pgtable-prot.h | ||
| 290 | @@ -34,8 +34,14 @@ | ||
| 291 | |||
| 292 | #include <asm/pgtable-types.h> | ||
| 293 | |||
| 294 | -#define PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) | ||
| 295 | -#define PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) | ||
| 296 | +#define _PROT_DEFAULT (PTE_TYPE_PAGE | PTE_AF | PTE_SHARED) | ||
| 297 | +#define _PROT_SECT_DEFAULT (PMD_TYPE_SECT | PMD_SECT_AF | PMD_SECT_S) | ||
| 298 | + | ||
| 299 | +#define PTE_MAYBE_NG (arm64_kernel_unmapped_at_el0() ? PTE_NG : 0) | ||
| 300 | +#define PMD_MAYBE_NG (arm64_kernel_unmapped_at_el0() ? PMD_SECT_NG : 0) | ||
| 301 | + | ||
| 302 | +#define PROT_DEFAULT (_PROT_DEFAULT | PTE_MAYBE_NG) | ||
| 303 | +#define PROT_SECT_DEFAULT (_PROT_SECT_DEFAULT | PMD_MAYBE_NG) | ||
| 304 | |||
| 305 | #define PROT_DEVICE_nGnRnE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRnE)) | ||
| 306 | #define PROT_DEVICE_nGnRE (PROT_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_ATTRINDX(MT_DEVICE_nGnRE)) | ||
| 307 | @@ -47,23 +53,24 @@ | ||
| 308 | #define PROT_SECT_NORMAL (PROT_SECT_DEFAULT | PMD_SECT_PXN | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL)) | ||
| 309 | #define PROT_SECT_NORMAL_EXEC (PROT_SECT_DEFAULT | PMD_SECT_UXN | PMD_ATTRINDX(MT_NORMAL)) | ||
| 310 | |||
| 311 | -#define _PAGE_DEFAULT (PROT_DEFAULT | PTE_ATTRINDX(MT_NORMAL)) | ||
| 312 | +#define _PAGE_DEFAULT (_PROT_DEFAULT | PTE_ATTRINDX(MT_NORMAL)) | ||
| 313 | +#define _HYP_PAGE_DEFAULT _PAGE_DEFAULT | ||
| 314 | |||
| 315 | -#define PAGE_KERNEL __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_WRITE) | ||
| 316 | -#define PAGE_KERNEL_RO __pgprot(_PAGE_DEFAULT | PTE_PXN | PTE_UXN | PTE_DIRTY | PTE_RDONLY) | ||
| 317 | -#define PAGE_KERNEL_ROX __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_RDONLY) | ||
| 318 | -#define PAGE_KERNEL_EXEC __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE) | ||
| 319 | -#define PAGE_KERNEL_EXEC_CONT __pgprot(_PAGE_DEFAULT | PTE_UXN | PTE_DIRTY | PTE_WRITE | PTE_CONT) | ||
| 320 | +#define PAGE_KERNEL __pgprot(PROT_NORMAL) | ||
| 321 | +#define PAGE_KERNEL_RO __pgprot((PROT_NORMAL & ~PTE_WRITE) | PTE_RDONLY) | ||
| 322 | +#define PAGE_KERNEL_ROX __pgprot((PROT_NORMAL & ~(PTE_WRITE | PTE_PXN)) | PTE_RDONLY) | ||
| 323 | +#define PAGE_KERNEL_EXEC __pgprot(PROT_NORMAL & ~PTE_PXN) | ||
| 324 | +#define PAGE_KERNEL_EXEC_CONT __pgprot((PROT_NORMAL & ~PTE_PXN) | PTE_CONT) | ||
| 325 | |||
| 326 | -#define PAGE_HYP __pgprot(_PAGE_DEFAULT | PTE_HYP | PTE_HYP_XN) | ||
| 327 | -#define PAGE_HYP_EXEC __pgprot(_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY) | ||
| 328 | -#define PAGE_HYP_RO __pgprot(_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY | PTE_HYP_XN) | ||
| 329 | +#define PAGE_HYP __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP | PTE_HYP_XN) | ||
| 330 | +#define PAGE_HYP_EXEC __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY) | ||
| 331 | +#define PAGE_HYP_RO __pgprot(_HYP_PAGE_DEFAULT | PTE_HYP | PTE_RDONLY | PTE_HYP_XN) | ||
| 332 | #define PAGE_HYP_DEVICE __pgprot(PROT_DEVICE_nGnRE | PTE_HYP) | ||
| 333 | |||
| 334 | -#define PAGE_S2 __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_NORMAL) | PTE_S2_RDONLY) | ||
| 335 | -#define PAGE_S2_DEVICE __pgprot(PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_UXN) | ||
| 336 | +#define PAGE_S2 __pgprot(_PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_NORMAL) | PTE_S2_RDONLY) | ||
| 337 | +#define PAGE_S2_DEVICE __pgprot(_PROT_DEFAULT | PTE_S2_MEMATTR(MT_S2_DEVICE_nGnRE) | PTE_S2_RDONLY | PTE_UXN) | ||
| 338 | |||
| 339 | -#define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_PXN | PTE_UXN) | ||
| 340 | +#define PAGE_NONE __pgprot(((_PAGE_DEFAULT) & ~PTE_VALID) | PTE_PROT_NONE | PTE_NG | PTE_PXN | PTE_UXN) | ||
| 341 | #define PAGE_SHARED __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN | PTE_WRITE) | ||
| 342 | #define PAGE_SHARED_EXEC __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_WRITE) | ||
| 343 | #define PAGE_COPY __pgprot(_PAGE_DEFAULT | PTE_USER | PTE_NG | PTE_PXN | PTE_UXN) | ||
| 344 | diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h | ||
| 345 | index 7acd3c5c7643..3a30a3994e4a 100644 | ||
| 346 | --- a/arch/arm64/include/asm/pgtable.h | ||
| 347 | +++ b/arch/arm64/include/asm/pgtable.h | ||
| 348 | @@ -692,6 +692,7 @@ static inline void pmdp_set_wrprotect(struct mm_struct *mm, | ||
| 349 | |||
| 350 | extern pgd_t swapper_pg_dir[PTRS_PER_PGD]; | ||
| 351 | extern pgd_t idmap_pg_dir[PTRS_PER_PGD]; | ||
| 352 | +extern pgd_t tramp_pg_dir[PTRS_PER_PGD]; | ||
| 353 | |||
| 354 | /* | ||
| 355 | * Encode and decode a swap entry: | ||
| 356 | diff --git a/arch/arm64/include/asm/proc-fns.h b/arch/arm64/include/asm/proc-fns.h | ||
| 357 | index 14ad6e4e87d1..16cef2e8449e 100644 | ||
| 358 | --- a/arch/arm64/include/asm/proc-fns.h | ||
| 359 | +++ b/arch/arm64/include/asm/proc-fns.h | ||
| 360 | @@ -35,12 +35,6 @@ extern u64 cpu_do_resume(phys_addr_t ptr, u64 idmap_ttbr); | ||
| 361 | |||
| 362 | #include <asm/memory.h> | ||
| 363 | |||
| 364 | -#define cpu_switch_mm(pgd,mm) \ | ||
| 365 | -do { \ | ||
| 366 | - BUG_ON(pgd == swapper_pg_dir); \ | ||
| 367 | - cpu_do_switch_mm(virt_to_phys(pgd),mm); \ | ||
| 368 | -} while (0) | ||
| 369 | - | ||
| 370 | #endif /* __ASSEMBLY__ */ | ||
| 371 | #endif /* __KERNEL__ */ | ||
| 372 | #endif /* __ASM_PROCFNS_H */ | ||
| 373 | diff --git a/arch/arm64/include/asm/sysreg.h b/arch/arm64/include/asm/sysreg.h | ||
| 374 | index 7393cc767edb..7cb7f7cdcfbc 100644 | ||
| 375 | --- a/arch/arm64/include/asm/sysreg.h | ||
| 376 | +++ b/arch/arm64/include/asm/sysreg.h | ||
| 377 | @@ -117,6 +117,7 @@ | ||
| 378 | #define ID_AA64ISAR0_AES_SHIFT 4 | ||
| 379 | |||
| 380 | /* id_aa64pfr0 */ | ||
| 381 | +#define ID_AA64PFR0_CSV3_SHIFT 60 | ||
| 382 | #define ID_AA64PFR0_GIC_SHIFT 24 | ||
| 383 | #define ID_AA64PFR0_ASIMD_SHIFT 20 | ||
| 384 | #define ID_AA64PFR0_FP_SHIFT 16 | ||
| 385 | diff --git a/arch/arm64/include/asm/tlbflush.h b/arch/arm64/include/asm/tlbflush.h | ||
| 386 | index deab52374119..ad6bd8b26ada 100644 | ||
| 387 | --- a/arch/arm64/include/asm/tlbflush.h | ||
| 388 | +++ b/arch/arm64/include/asm/tlbflush.h | ||
| 389 | @@ -23,6 +23,7 @@ | ||
| 390 | |||
| 391 | #include <linux/sched.h> | ||
| 392 | #include <asm/cputype.h> | ||
| 393 | +#include <asm/mmu.h> | ||
| 394 | |||
| 395 | /* | ||
| 396 | * Raw TLBI operations. | ||
| 397 | @@ -42,6 +43,11 @@ | ||
| 398 | |||
| 399 | #define __tlbi(op, ...) __TLBI_N(op, ##__VA_ARGS__, 1, 0) | ||
| 400 | |||
| 401 | +#define __tlbi_user(op, arg) do { \ | ||
| 402 | + if (arm64_kernel_unmapped_at_el0()) \ | ||
| 403 | + __tlbi(op, (arg) | USER_ASID_FLAG); \ | ||
| 404 | +} while (0) | ||
| 405 | + | ||
| 406 | /* | ||
| 407 | * TLB Management | ||
| 408 | * ============== | ||
| 409 | @@ -103,6 +109,7 @@ static inline void flush_tlb_mm(struct mm_struct *mm) | ||
| 410 | |||
| 411 | dsb(ishst); | ||
| 412 | __tlbi(aside1is, asid); | ||
| 413 | + __tlbi_user(aside1is, asid); | ||
| 414 | dsb(ish); | ||
| 415 | } | ||
| 416 | |||
| 417 | @@ -113,6 +120,7 @@ static inline void flush_tlb_page(struct vm_area_struct *vma, | ||
| 418 | |||
| 419 | dsb(ishst); | ||
| 420 | __tlbi(vale1is, addr); | ||
| 421 | + __tlbi_user(vale1is, addr); | ||
| 422 | dsb(ish); | ||
| 423 | } | ||
| 424 | |||
| 425 | @@ -139,10 +147,13 @@ static inline void __flush_tlb_range(struct vm_area_struct *vma, | ||
| 426 | |||
| 427 | dsb(ishst); | ||
| 428 | for (addr = start; addr < end; addr += 1 << (PAGE_SHIFT - 12)) { | ||
| 429 | - if (last_level) | ||
| 430 | + if (last_level) { | ||
| 431 | __tlbi(vale1is, addr); | ||
| 432 | - else | ||
| 433 | + __tlbi_user(vale1is, addr); | ||
| 434 | + } else { | ||
| 435 | __tlbi(vae1is, addr); | ||
| 436 | + __tlbi_user(vae1is, addr); | ||
| 437 | + } | ||
| 438 | } | ||
| 439 | dsb(ish); | ||
| 440 | } | ||
| 441 | @@ -182,6 +193,7 @@ static inline void __flush_tlb_pgtable(struct mm_struct *mm, | ||
| 442 | unsigned long addr = uaddr >> 12 | (ASID(mm) << 48); | ||
| 443 | |||
| 444 | __tlbi(vae1is, addr); | ||
| 445 | + __tlbi_user(vae1is, addr); | ||
| 446 | dsb(ish); | ||
| 447 | } | ||
| 448 | |||
| 449 | diff --git a/arch/arm64/kernel/asm-offsets.c b/arch/arm64/kernel/asm-offsets.c | ||
| 450 | index c58ddf8c4062..5f4bf3c6f016 100644 | ||
| 451 | --- a/arch/arm64/kernel/asm-offsets.c | ||
| 452 | +++ b/arch/arm64/kernel/asm-offsets.c | ||
| 453 | @@ -24,6 +24,7 @@ | ||
| 454 | #include <linux/kvm_host.h> | ||
| 455 | #include <linux/suspend.h> | ||
| 456 | #include <asm/cpufeature.h> | ||
| 457 | +#include <asm/fixmap.h> | ||
| 458 | #include <asm/thread_info.h> | ||
| 459 | #include <asm/memory.h> | ||
| 460 | #include <asm/smp_plat.h> | ||
| 461 | @@ -144,11 +145,14 @@ int main(void) | ||
| 462 | DEFINE(ARM_SMCCC_RES_X2_OFFS, offsetof(struct arm_smccc_res, a2)); | ||
| 463 | DEFINE(ARM_SMCCC_QUIRK_ID_OFFS, offsetof(struct arm_smccc_quirk, id)); | ||
| 464 | DEFINE(ARM_SMCCC_QUIRK_STATE_OFFS, offsetof(struct arm_smccc_quirk, state)); | ||
| 465 | - | ||
| 466 | BLANK(); | ||
| 467 | DEFINE(HIBERN_PBE_ORIG, offsetof(struct pbe, orig_address)); | ||
| 468 | DEFINE(HIBERN_PBE_ADDR, offsetof(struct pbe, address)); | ||
| 469 | DEFINE(HIBERN_PBE_NEXT, offsetof(struct pbe, next)); | ||
| 470 | DEFINE(ARM64_FTR_SYSVAL, offsetof(struct arm64_ftr_reg, sys_val)); | ||
| 471 | + BLANK(); | ||
| 472 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 473 | + DEFINE(TRAMP_VALIAS, TRAMP_VALIAS); | ||
| 474 | +#endif | ||
| 475 | return 0; | ||
| 476 | } | ||
| 477 | diff --git a/arch/arm64/kernel/cpu-reset.S b/arch/arm64/kernel/cpu-reset.S | ||
| 478 | index 65f42d257414..f736a6f81ecd 100644 | ||
| 479 | --- a/arch/arm64/kernel/cpu-reset.S | ||
| 480 | +++ b/arch/arm64/kernel/cpu-reset.S | ||
| 481 | @@ -16,7 +16,7 @@ | ||
| 482 | #include <asm/virt.h> | ||
| 483 | |||
| 484 | .text | ||
| 485 | -.pushsection .idmap.text, "ax" | ||
| 486 | +.pushsection .idmap.text, "awx" | ||
| 487 | |||
| 488 | /* | ||
| 489 | * __cpu_soft_restart(el2_switch, entry, arg0, arg1, arg2) - Helper for | ||
| 490 | diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c | ||
| 491 | index 3a129d48674e..5056fc597ae9 100644 | ||
| 492 | --- a/arch/arm64/kernel/cpufeature.c | ||
| 493 | +++ b/arch/arm64/kernel/cpufeature.c | ||
| 494 | @@ -93,7 +93,8 @@ static const struct arm64_ftr_bits ftr_id_aa64isar0[] = { | ||
| 495 | }; | ||
| 496 | |||
| 497 | static const struct arm64_ftr_bits ftr_id_aa64pfr0[] = { | ||
| 498 | - ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 32, 0), | ||
| 499 | + ARM64_FTR_BITS(FTR_NONSTRICT, FTR_LOWER_SAFE, ID_AA64PFR0_CSV3_SHIFT, 4, 0), | ||
| 500 | + ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 32, 28, 0), | ||
| 501 | ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 28, 4, 0), | ||
| 502 | ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, ID_AA64PFR0_GIC_SHIFT, 4, 0), | ||
| 503 | S_ARM64_FTR_BITS(FTR_STRICT, FTR_LOWER_SAFE, ID_AA64PFR0_ASIMD_SHIFT, 4, ID_AA64PFR0_ASIMD_NI), | ||
| 504 | @@ -746,6 +747,86 @@ static bool hyp_offset_low(const struct arm64_cpu_capabilities *entry, | ||
| 505 | return idmap_addr > GENMASK(VA_BITS - 2, 0) && !is_kernel_in_hyp_mode(); | ||
| 506 | } | ||
| 507 | |||
| 508 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 509 | +static int __kpti_forced; /* 0: not forced, >0: forced on, <0: forced off */ | ||
| 510 | + | ||
| 511 | +static bool unmap_kernel_at_el0(const struct arm64_cpu_capabilities *entry, | ||
| 512 | + int __unused) | ||
| 513 | +{ | ||
| 514 | + char const *str = "command line option"; | ||
| 515 | + u64 pfr0 = read_system_reg(SYS_ID_AA64PFR0_EL1); | ||
| 516 | + | ||
| 517 | + /* | ||
| 518 | + * For reasons that aren't entirely clear, enabling KPTI on Cavium | ||
| 519 | + * ThunderX leads to apparent I-cache corruption of kernel text, which | ||
| 520 | + * ends as well as you might imagine. Don't even try. | ||
| 521 | + */ | ||
| 522 | + if (cpus_have_cap(ARM64_WORKAROUND_CAVIUM_27456)) { | ||
| 523 | + str = "ARM64_WORKAROUND_CAVIUM_27456"; | ||
| 524 | + __kpti_forced = -1; | ||
| 525 | + } | ||
| 526 | + | ||
| 527 | + /* Forced? */ | ||
| 528 | + if (__kpti_forced) { | ||
| 529 | + pr_info_once("kernel page table isolation forced %s by %s\n", | ||
| 530 | + __kpti_forced > 0 ? "ON" : "OFF", str); | ||
| 531 | + return __kpti_forced > 0; | ||
| 532 | + } | ||
| 533 | + | ||
| 534 | + /* Useful for KASLR robustness */ | ||
| 535 | + if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) | ||
| 536 | + return true; | ||
| 537 | + | ||
| 538 | + /* Don't force KPTI for CPUs that are not vulnerable */ | ||
| 539 | + switch (read_cpuid_id() & MIDR_CPU_MODEL_MASK) { | ||
| 540 | + case MIDR_CAVIUM_THUNDERX2: | ||
| 541 | + case MIDR_BRCM_VULCAN: | ||
| 542 | + return false; | ||
| 543 | + } | ||
| 544 | + | ||
| 545 | + /* Defer to CPU feature registers */ | ||
| 546 | + return !cpuid_feature_extract_unsigned_field(pfr0, | ||
| 547 | + ID_AA64PFR0_CSV3_SHIFT); | ||
| 548 | +} | ||
| 549 | + | ||
| 550 | +static int kpti_install_ng_mappings(void *__unused) | ||
| 551 | +{ | ||
| 552 | + typedef void (kpti_remap_fn)(int, int, phys_addr_t); | ||
| 553 | + extern kpti_remap_fn idmap_kpti_install_ng_mappings; | ||
| 554 | + kpti_remap_fn *remap_fn; | ||
| 555 | + | ||
| 556 | + static bool kpti_applied = false; | ||
| 557 | + int cpu = smp_processor_id(); | ||
| 558 | + | ||
| 559 | + if (kpti_applied) | ||
| 560 | + return 0; | ||
| 561 | + | ||
| 562 | + remap_fn = (void *)__pa_symbol(idmap_kpti_install_ng_mappings); | ||
| 563 | + | ||
| 564 | + cpu_install_idmap(); | ||
| 565 | + remap_fn(cpu, num_online_cpus(), __pa_symbol(swapper_pg_dir)); | ||
| 566 | + cpu_uninstall_idmap(); | ||
| 567 | + | ||
| 568 | + if (!cpu) | ||
| 569 | + kpti_applied = true; | ||
| 570 | + | ||
| 571 | + return 0; | ||
| 572 | +} | ||
| 573 | + | ||
| 574 | +static int __init parse_kpti(char *str) | ||
| 575 | +{ | ||
| 576 | + bool enabled; | ||
| 577 | + int ret = strtobool(str, &enabled); | ||
| 578 | + | ||
| 579 | + if (ret) | ||
| 580 | + return ret; | ||
| 581 | + | ||
| 582 | + __kpti_forced = enabled ? 1 : -1; | ||
| 583 | + return 0; | ||
| 584 | +} | ||
| 585 | +__setup("kpti=", parse_kpti); | ||
| 586 | +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ | ||
| 587 | + | ||
| 588 | static const struct arm64_cpu_capabilities arm64_features[] = { | ||
| 589 | { | ||
| 590 | .desc = "GIC system register CPU interface", | ||
| 591 | @@ -829,6 +910,15 @@ static const struct arm64_cpu_capabilities arm64_features[] = { | ||
| 592 | .def_scope = SCOPE_SYSTEM, | ||
| 593 | .matches = hyp_offset_low, | ||
| 594 | }, | ||
| 595 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 596 | + { | ||
| 597 | + .desc = "Kernel page table isolation (KPTI)", | ||
| 598 | + .capability = ARM64_UNMAP_KERNEL_AT_EL0, | ||
| 599 | + .def_scope = SCOPE_SYSTEM, | ||
| 600 | + .matches = unmap_kernel_at_el0, | ||
| 601 | + .enable = kpti_install_ng_mappings, | ||
| 602 | + }, | ||
| 603 | +#endif | ||
| 604 | {}, | ||
| 605 | }; | ||
| 606 | |||
| 607 | @@ -922,6 +1012,26 @@ static void __init setup_elf_hwcaps(const struct arm64_cpu_capabilities *hwcaps) | ||
| 608 | cap_set_elf_hwcap(hwcaps); | ||
| 609 | } | ||
| 610 | |||
| 611 | +/* | ||
| 612 | + * Check if the current CPU has a given feature capability. | ||
| 613 | + * Should be called from non-preemptible context. | ||
| 614 | + */ | ||
| 615 | +static bool __this_cpu_has_cap(const struct arm64_cpu_capabilities *cap_array, | ||
| 616 | + unsigned int cap) | ||
| 617 | +{ | ||
| 618 | + const struct arm64_cpu_capabilities *caps; | ||
| 619 | + | ||
| 620 | + if (WARN_ON(preemptible())) | ||
| 621 | + return false; | ||
| 622 | + | ||
| 623 | + for (caps = cap_array; caps->desc; caps++) | ||
| 624 | + if (caps->capability == cap && | ||
| 625 | + caps->matches && | ||
| 626 | + caps->matches(caps, SCOPE_LOCAL_CPU)) | ||
| 627 | + return true; | ||
| 628 | + return false; | ||
| 629 | +} | ||
| 630 | + | ||
| 631 | void update_cpu_capabilities(const struct arm64_cpu_capabilities *caps, | ||
| 632 | const char *info) | ||
| 633 | { | ||
| 634 | @@ -990,8 +1100,9 @@ verify_local_elf_hwcaps(const struct arm64_cpu_capabilities *caps) | ||
| 635 | } | ||
| 636 | |||
| 637 | static void | ||
| 638 | -verify_local_cpu_features(const struct arm64_cpu_capabilities *caps) | ||
| 639 | +verify_local_cpu_features(const struct arm64_cpu_capabilities *caps_list) | ||
| 640 | { | ||
| 641 | + const struct arm64_cpu_capabilities *caps = caps_list; | ||
| 642 | for (; caps->matches; caps++) { | ||
| 643 | if (!cpus_have_cap(caps->capability)) | ||
| 644 | continue; | ||
| 645 | @@ -999,7 +1110,7 @@ verify_local_cpu_features(const struct arm64_cpu_capabilities *caps) | ||
| 646 | * If the new CPU misses an advertised feature, we cannot proceed | ||
| 647 | * further, park the cpu. | ||
| 648 | */ | ||
| 649 | - if (!caps->matches(caps, SCOPE_LOCAL_CPU)) { | ||
| 650 | + if (!__this_cpu_has_cap(caps_list, caps->capability)) { | ||
| 651 | pr_crit("CPU%d: missing feature: %s\n", | ||
| 652 | smp_processor_id(), caps->desc); | ||
| 653 | cpu_die_early(); | ||
| 654 | @@ -1052,22 +1163,12 @@ static void __init setup_feature_capabilities(void) | ||
| 655 | enable_cpu_capabilities(arm64_features); | ||
| 656 | } | ||
| 657 | |||
| 658 | -/* | ||
| 659 | - * Check if the current CPU has a given feature capability. | ||
| 660 | - * Should be called from non-preemptible context. | ||
| 661 | - */ | ||
| 662 | +extern const struct arm64_cpu_capabilities arm64_errata[]; | ||
| 663 | + | ||
| 664 | bool this_cpu_has_cap(unsigned int cap) | ||
| 665 | { | ||
| 666 | - const struct arm64_cpu_capabilities *caps; | ||
| 667 | - | ||
| 668 | - if (WARN_ON(preemptible())) | ||
| 669 | - return false; | ||
| 670 | - | ||
| 671 | - for (caps = arm64_features; caps->desc; caps++) | ||
| 672 | - if (caps->capability == cap && caps->matches) | ||
| 673 | - return caps->matches(caps, SCOPE_LOCAL_CPU); | ||
| 674 | - | ||
| 675 | - return false; | ||
| 676 | + return (__this_cpu_has_cap(arm64_features, cap) || | ||
| 677 | + __this_cpu_has_cap(arm64_errata, cap)); | ||
| 678 | } | ||
| 679 | |||
| 680 | void __init setup_cpu_features(void) | ||
| 681 | diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S | ||
| 682 | index b4c7db434654..8d1600b18562 100644 | ||
| 683 | --- a/arch/arm64/kernel/entry.S | ||
| 684 | +++ b/arch/arm64/kernel/entry.S | ||
| 685 | @@ -29,9 +29,11 @@ | ||
| 686 | #include <asm/esr.h> | ||
| 687 | #include <asm/irq.h> | ||
| 688 | #include <asm/memory.h> | ||
| 689 | +#include <asm/mmu.h> | ||
| 690 | #include <asm/thread_info.h> | ||
| 691 | #include <asm/asm-uaccess.h> | ||
| 692 | #include <asm/unistd.h> | ||
| 693 | +#include <asm/kernel-pgtable.h> | ||
| 694 | |||
| 695 | /* | ||
| 696 | * Context tracking subsystem. Used to instrument transitions | ||
| 697 | @@ -68,8 +70,31 @@ | ||
| 698 | #define BAD_FIQ 2 | ||
| 699 | #define BAD_ERROR 3 | ||
| 700 | |||
| 701 | - .macro kernel_entry, el, regsize = 64 | ||
| 702 | + .macro kernel_ventry, el, label, regsize = 64 | ||
| 703 | + .align 7 | ||
| 704 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 705 | +alternative_if ARM64_UNMAP_KERNEL_AT_EL0 | ||
| 706 | + .if \el == 0 | ||
| 707 | + .if \regsize == 64 | ||
| 708 | + mrs x30, tpidrro_el0 | ||
| 709 | + msr tpidrro_el0, xzr | ||
| 710 | + .else | ||
| 711 | + mov x30, xzr | ||
| 712 | + .endif | ||
| 713 | + .endif | ||
| 714 | +alternative_else_nop_endif | ||
| 715 | +#endif | ||
| 716 | + | ||
| 717 | sub sp, sp, #S_FRAME_SIZE | ||
| 718 | + b el\()\el\()_\label | ||
| 719 | + .endm | ||
| 720 | + | ||
| 721 | + .macro tramp_alias, dst, sym | ||
| 722 | + mov_q \dst, TRAMP_VALIAS | ||
| 723 | + add \dst, \dst, #(\sym - .entry.tramp.text) | ||
| 724 | + .endm | ||
| 725 | + | ||
| 726 | + .macro kernel_entry, el, regsize = 64 | ||
| 727 | .if \regsize == 32 | ||
| 728 | mov w0, w0 // zero upper 32 bits of x0 | ||
| 729 | .endif | ||
| 730 | @@ -150,18 +175,20 @@ | ||
| 731 | ct_user_enter | ||
| 732 | ldr x23, [sp, #S_SP] // load return stack pointer | ||
| 733 | msr sp_el0, x23 | ||
| 734 | + tst x22, #PSR_MODE32_BIT // native task? | ||
| 735 | + b.eq 3f | ||
| 736 | + | ||
| 737 | #ifdef CONFIG_ARM64_ERRATUM_845719 | ||
| 738 | alternative_if ARM64_WORKAROUND_845719 | ||
| 739 | - tbz x22, #4, 1f | ||
| 740 | #ifdef CONFIG_PID_IN_CONTEXTIDR | ||
| 741 | mrs x29, contextidr_el1 | ||
| 742 | msr contextidr_el1, x29 | ||
| 743 | #else | ||
| 744 | msr contextidr_el1, xzr | ||
| 745 | #endif | ||
| 746 | -1: | ||
| 747 | alternative_else_nop_endif | ||
| 748 | #endif | ||
| 749 | +3: | ||
| 750 | .endif | ||
| 751 | msr elr_el1, x21 // set up the return data | ||
| 752 | msr spsr_el1, x22 | ||
| 753 | @@ -182,7 +209,21 @@ alternative_else_nop_endif | ||
| 754 | ldp x28, x29, [sp, #16 * 14] | ||
| 755 | ldr lr, [sp, #S_LR] | ||
| 756 | add sp, sp, #S_FRAME_SIZE // restore sp | ||
| 757 | - eret // return to kernel | ||
| 758 | + | ||
| 759 | + .if \el == 0 | ||
| 760 | +alternative_insn eret, nop, ARM64_UNMAP_KERNEL_AT_EL0 | ||
| 761 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 762 | + bne 4f | ||
| 763 | + msr far_el1, x30 | ||
| 764 | + tramp_alias x30, tramp_exit_native | ||
| 765 | + br x30 | ||
| 766 | +4: | ||
| 767 | + tramp_alias x30, tramp_exit_compat | ||
| 768 | + br x30 | ||
| 769 | +#endif | ||
| 770 | + .else | ||
| 771 | + eret | ||
| 772 | + .endif | ||
| 773 | .endm | ||
| 774 | |||
| 775 | .macro get_thread_info, rd | ||
| 776 | @@ -257,31 +298,31 @@ tsk .req x28 // current thread_info | ||
| 777 | |||
| 778 | .align 11 | ||
| 779 | ENTRY(vectors) | ||
| 780 | - ventry el1_sync_invalid // Synchronous EL1t | ||
| 781 | - ventry el1_irq_invalid // IRQ EL1t | ||
| 782 | - ventry el1_fiq_invalid // FIQ EL1t | ||
| 783 | - ventry el1_error_invalid // Error EL1t | ||
| 784 | + kernel_ventry 1, sync_invalid // Synchronous EL1t | ||
| 785 | + kernel_ventry 1, irq_invalid // IRQ EL1t | ||
| 786 | + kernel_ventry 1, fiq_invalid // FIQ EL1t | ||
| 787 | + kernel_ventry 1, error_invalid // Error EL1t | ||
| 788 | |||
| 789 | - ventry el1_sync // Synchronous EL1h | ||
| 790 | - ventry el1_irq // IRQ EL1h | ||
| 791 | - ventry el1_fiq_invalid // FIQ EL1h | ||
| 792 | - ventry el1_error_invalid // Error EL1h | ||
| 793 | + kernel_ventry 1, sync // Synchronous EL1h | ||
| 794 | + kernel_ventry 1, irq // IRQ EL1h | ||
| 795 | + kernel_ventry 1, fiq_invalid // FIQ EL1h | ||
| 796 | + kernel_ventry 1, error_invalid // Error EL1h | ||
| 797 | |||
| 798 | - ventry el0_sync // Synchronous 64-bit EL0 | ||
| 799 | - ventry el0_irq // IRQ 64-bit EL0 | ||
| 800 | - ventry el0_fiq_invalid // FIQ 64-bit EL0 | ||
| 801 | - ventry el0_error_invalid // Error 64-bit EL0 | ||
| 802 | + kernel_ventry 0, sync // Synchronous 64-bit EL0 | ||
| 803 | + kernel_ventry 0, irq // IRQ 64-bit EL0 | ||
| 804 | + kernel_ventry 0, fiq_invalid // FIQ 64-bit EL0 | ||
| 805 | + kernel_ventry 0, error_invalid // Error 64-bit EL0 | ||
| 806 | |||
| 807 | #ifdef CONFIG_COMPAT | ||
| 808 | - ventry el0_sync_compat // Synchronous 32-bit EL0 | ||
| 809 | - ventry el0_irq_compat // IRQ 32-bit EL0 | ||
| 810 | - ventry el0_fiq_invalid_compat // FIQ 32-bit EL0 | ||
| 811 | - ventry el0_error_invalid_compat // Error 32-bit EL0 | ||
| 812 | + kernel_ventry 0, sync_compat, 32 // Synchronous 32-bit EL0 | ||
| 813 | + kernel_ventry 0, irq_compat, 32 // IRQ 32-bit EL0 | ||
| 814 | + kernel_ventry 0, fiq_invalid_compat, 32 // FIQ 32-bit EL0 | ||
| 815 | + kernel_ventry 0, error_invalid_compat, 32 // Error 32-bit EL0 | ||
| 816 | #else | ||
| 817 | - ventry el0_sync_invalid // Synchronous 32-bit EL0 | ||
| 818 | - ventry el0_irq_invalid // IRQ 32-bit EL0 | ||
| 819 | - ventry el0_fiq_invalid // FIQ 32-bit EL0 | ||
| 820 | - ventry el0_error_invalid // Error 32-bit EL0 | ||
| 821 | + kernel_ventry 0, sync_invalid, 32 // Synchronous 32-bit EL0 | ||
| 822 | + kernel_ventry 0, irq_invalid, 32 // IRQ 32-bit EL0 | ||
| 823 | + kernel_ventry 0, fiq_invalid, 32 // FIQ 32-bit EL0 | ||
| 824 | + kernel_ventry 0, error_invalid, 32 // Error 32-bit EL0 | ||
| 825 | #endif | ||
| 826 | END(vectors) | ||
| 827 | |||
| 828 | @@ -801,6 +842,105 @@ __ni_sys_trace: | ||
| 829 | |||
| 830 | .popsection // .entry.text | ||
| 831 | |||
| 832 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 833 | +/* | ||
| 834 | + * Exception vectors trampoline. | ||
| 835 | + */ | ||
| 836 | + .pushsection ".entry.tramp.text", "ax" | ||
| 837 | + | ||
| 838 | + .macro tramp_map_kernel, tmp | ||
| 839 | + mrs \tmp, ttbr1_el1 | ||
| 840 | + sub \tmp, \tmp, #SWAPPER_DIR_SIZE | ||
| 841 | + bic \tmp, \tmp, #USER_ASID_FLAG | ||
| 842 | + msr ttbr1_el1, \tmp | ||
| 843 | + .endm | ||
| 844 | + | ||
| 845 | + .macro tramp_unmap_kernel, tmp | ||
| 846 | + mrs \tmp, ttbr1_el1 | ||
| 847 | + add \tmp, \tmp, #SWAPPER_DIR_SIZE | ||
| 848 | + orr \tmp, \tmp, #USER_ASID_FLAG | ||
| 849 | + msr ttbr1_el1, \tmp | ||
| 850 | + /* | ||
| 851 | + * We avoid running the post_ttbr_update_workaround here because | ||
| 852 | + * it's only needed by Cavium ThunderX, which requires KPTI to be | ||
| 853 | + * disabled. | ||
| 854 | + */ | ||
| 855 | + .endm | ||
| 856 | + | ||
| 857 | + .macro tramp_ventry, regsize = 64 | ||
| 858 | + .align 7 | ||
| 859 | +1: | ||
| 860 | + .if \regsize == 64 | ||
| 861 | + msr tpidrro_el0, x30 // Restored in kernel_ventry | ||
| 862 | + .endif | ||
| 863 | + /* | ||
| 864 | + * Defend against branch aliasing attacks by pushing a dummy | ||
| 865 | + * entry onto the return stack and using a RET instruction to | ||
| 866 | + * enter the full-fat kernel vectors. | ||
| 867 | + */ | ||
| 868 | + bl 2f | ||
| 869 | + b . | ||
| 870 | +2: | ||
| 871 | + tramp_map_kernel x30 | ||
| 872 | +#ifdef CONFIG_RANDOMIZE_BASE | ||
| 873 | + adr x30, tramp_vectors + PAGE_SIZE | ||
| 874 | + isb | ||
| 875 | + ldr x30, [x30] | ||
| 876 | +#else | ||
| 877 | + ldr x30, =vectors | ||
| 878 | +#endif | ||
| 879 | + prfm plil1strm, [x30, #(1b - tramp_vectors)] | ||
| 880 | + msr vbar_el1, x30 | ||
| 881 | + add x30, x30, #(1b - tramp_vectors) | ||
| 882 | + isb | ||
| 883 | + ret | ||
| 884 | + .endm | ||
| 885 | + | ||
| 886 | + .macro tramp_exit, regsize = 64 | ||
| 887 | + adr x30, tramp_vectors | ||
| 888 | + msr vbar_el1, x30 | ||
| 889 | + tramp_unmap_kernel x30 | ||
| 890 | + .if \regsize == 64 | ||
| 891 | + mrs x30, far_el1 | ||
| 892 | + .endif | ||
| 893 | + eret | ||
| 894 | + .endm | ||
| 895 | + | ||
| 896 | + .align 11 | ||
| 897 | +ENTRY(tramp_vectors) | ||
| 898 | + .space 0x400 | ||
| 899 | + | ||
| 900 | + tramp_ventry | ||
| 901 | + tramp_ventry | ||
| 902 | + tramp_ventry | ||
| 903 | + tramp_ventry | ||
| 904 | + | ||
| 905 | + tramp_ventry 32 | ||
| 906 | + tramp_ventry 32 | ||
| 907 | + tramp_ventry 32 | ||
| 908 | + tramp_ventry 32 | ||
| 909 | +END(tramp_vectors) | ||
| 910 | + | ||
| 911 | +ENTRY(tramp_exit_native) | ||
| 912 | + tramp_exit | ||
| 913 | +END(tramp_exit_native) | ||
| 914 | + | ||
| 915 | +ENTRY(tramp_exit_compat) | ||
| 916 | + tramp_exit 32 | ||
| 917 | +END(tramp_exit_compat) | ||
| 918 | + | ||
| 919 | + .ltorg | ||
| 920 | + .popsection // .entry.tramp.text | ||
| 921 | +#ifdef CONFIG_RANDOMIZE_BASE | ||
| 922 | + .pushsection ".rodata", "a" | ||
| 923 | + .align PAGE_SHIFT | ||
| 924 | + .globl __entry_tramp_data_start | ||
| 925 | +__entry_tramp_data_start: | ||
| 926 | + .quad vectors | ||
| 927 | + .popsection // .rodata | ||
| 928 | +#endif /* CONFIG_RANDOMIZE_BASE */ | ||
| 929 | +#endif /* CONFIG_UNMAP_KERNEL_AT_EL0 */ | ||
| 930 | + | ||
| 931 | /* | ||
| 932 | * Special system call wrappers. | ||
| 933 | */ | ||
| 934 | diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S | ||
| 935 | index 539bebc1222f..fa52817d84c5 100644 | ||
| 936 | --- a/arch/arm64/kernel/head.S | ||
| 937 | +++ b/arch/arm64/kernel/head.S | ||
| 938 | @@ -473,7 +473,7 @@ ENDPROC(__primary_switched) | ||
| 939 | * end early head section, begin head code that is also used for | ||
| 940 | * hotplug and needs to have the same protections as the text region | ||
| 941 | */ | ||
| 942 | - .section ".idmap.text","ax" | ||
| 943 | + .section ".idmap.text","awx" | ||
| 944 | |||
| 945 | ENTRY(kimage_vaddr) | ||
| 946 | .quad _text - TEXT_OFFSET | ||
| 947 | diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c | ||
| 948 | index 0e7394915c70..0972ce58316d 100644 | ||
| 949 | --- a/arch/arm64/kernel/process.c | ||
| 950 | +++ b/arch/arm64/kernel/process.c | ||
| 951 | @@ -306,17 +306,17 @@ int copy_thread(unsigned long clone_flags, unsigned long stack_start, | ||
| 952 | |||
| 953 | static void tls_thread_switch(struct task_struct *next) | ||
| 954 | { | ||
| 955 | - unsigned long tpidr, tpidrro; | ||
| 956 | + unsigned long tpidr; | ||
| 957 | |||
| 958 | tpidr = read_sysreg(tpidr_el0); | ||
| 959 | *task_user_tls(current) = tpidr; | ||
| 960 | |||
| 961 | - tpidr = *task_user_tls(next); | ||
| 962 | - tpidrro = is_compat_thread(task_thread_info(next)) ? | ||
| 963 | - next->thread.tp_value : 0; | ||
| 964 | + if (is_compat_thread(task_thread_info(next))) | ||
| 965 | + write_sysreg(next->thread.tp_value, tpidrro_el0); | ||
| 966 | + else if (!arm64_kernel_unmapped_at_el0()) | ||
| 967 | + write_sysreg(0, tpidrro_el0); | ||
| 968 | |||
| 969 | - write_sysreg(tpidr, tpidr_el0); | ||
| 970 | - write_sysreg(tpidrro, tpidrro_el0); | ||
| 971 | + write_sysreg(*task_user_tls(next), tpidr_el0); | ||
| 972 | } | ||
| 973 | |||
| 974 | /* Restore the UAO state depending on next's addr_limit */ | ||
| 975 | diff --git a/arch/arm64/kernel/sleep.S b/arch/arm64/kernel/sleep.S | ||
| 976 | index 1bec41b5fda3..0030d6964e65 100644 | ||
| 977 | --- a/arch/arm64/kernel/sleep.S | ||
| 978 | +++ b/arch/arm64/kernel/sleep.S | ||
| 979 | @@ -95,7 +95,7 @@ ENTRY(__cpu_suspend_enter) | ||
| 980 | ret | ||
| 981 | ENDPROC(__cpu_suspend_enter) | ||
| 982 | |||
| 983 | - .pushsection ".idmap.text", "ax" | ||
| 984 | + .pushsection ".idmap.text", "awx" | ||
| 985 | ENTRY(cpu_resume) | ||
| 986 | bl el2_setup // if in EL2 drop to EL1 cleanly | ||
| 987 | bl __cpu_setup | ||
| 988 | diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S | ||
| 989 | index 1105aab1e6d6..6a584558b29d 100644 | ||
| 990 | --- a/arch/arm64/kernel/vmlinux.lds.S | ||
| 991 | +++ b/arch/arm64/kernel/vmlinux.lds.S | ||
| 992 | @@ -56,6 +56,17 @@ jiffies = jiffies_64; | ||
| 993 | #define HIBERNATE_TEXT | ||
| 994 | #endif | ||
| 995 | |||
| 996 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 997 | +#define TRAMP_TEXT \ | ||
| 998 | + . = ALIGN(PAGE_SIZE); \ | ||
| 999 | + VMLINUX_SYMBOL(__entry_tramp_text_start) = .; \ | ||
| 1000 | + *(.entry.tramp.text) \ | ||
| 1001 | + . = ALIGN(PAGE_SIZE); \ | ||
| 1002 | + VMLINUX_SYMBOL(__entry_tramp_text_end) = .; | ||
| 1003 | +#else | ||
| 1004 | +#define TRAMP_TEXT | ||
| 1005 | +#endif | ||
| 1006 | + | ||
| 1007 | /* | ||
| 1008 | * The size of the PE/COFF section that covers the kernel image, which | ||
| 1009 | * runs from stext to _edata, must be a round multiple of the PE/COFF | ||
| 1010 | @@ -128,6 +139,7 @@ SECTIONS | ||
| 1011 | HYPERVISOR_TEXT | ||
| 1012 | IDMAP_TEXT | ||
| 1013 | HIBERNATE_TEXT | ||
| 1014 | + TRAMP_TEXT | ||
| 1015 | *(.fixup) | ||
| 1016 | *(.gnu.warning) | ||
| 1017 | . = ALIGN(16); | ||
| 1018 | @@ -216,6 +228,11 @@ SECTIONS | ||
| 1019 | swapper_pg_dir = .; | ||
| 1020 | . += SWAPPER_DIR_SIZE; | ||
| 1021 | |||
| 1022 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 1023 | + tramp_pg_dir = .; | ||
| 1024 | + . += PAGE_SIZE; | ||
| 1025 | +#endif | ||
| 1026 | + | ||
| 1027 | _end = .; | ||
| 1028 | |||
| 1029 | STABS_DEBUG | ||
| 1030 | @@ -235,7 +252,10 @@ ASSERT(__idmap_text_end - (__idmap_text_start & ~(SZ_4K - 1)) <= SZ_4K, | ||
| 1031 | ASSERT(__hibernate_exit_text_end - (__hibernate_exit_text_start & ~(SZ_4K - 1)) | ||
| 1032 | <= SZ_4K, "Hibernate exit text too big or misaligned") | ||
| 1033 | #endif | ||
| 1034 | - | ||
| 1035 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 1036 | +ASSERT((__entry_tramp_text_end - __entry_tramp_text_start) == PAGE_SIZE, | ||
| 1037 | + "Entry trampoline text too big") | ||
| 1038 | +#endif | ||
| 1039 | /* | ||
| 1040 | * If padding is applied before .head.text, virt<->phys conversions will fail. | ||
| 1041 | */ | ||
| 1042 | diff --git a/arch/arm64/mm/context.c b/arch/arm64/mm/context.c | ||
| 1043 | index efcf1f7ef1e4..f00f5eeb556f 100644 | ||
| 1044 | --- a/arch/arm64/mm/context.c | ||
| 1045 | +++ b/arch/arm64/mm/context.c | ||
| 1046 | @@ -39,7 +39,16 @@ static cpumask_t tlb_flush_pending; | ||
| 1047 | |||
| 1048 | #define ASID_MASK (~GENMASK(asid_bits - 1, 0)) | ||
| 1049 | #define ASID_FIRST_VERSION (1UL << asid_bits) | ||
| 1050 | -#define NUM_USER_ASIDS ASID_FIRST_VERSION | ||
| 1051 | + | ||
| 1052 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 1053 | +#define NUM_USER_ASIDS (ASID_FIRST_VERSION >> 1) | ||
| 1054 | +#define asid2idx(asid) (((asid) & ~ASID_MASK) >> 1) | ||
| 1055 | +#define idx2asid(idx) (((idx) << 1) & ~ASID_MASK) | ||
| 1056 | +#else | ||
| 1057 | +#define NUM_USER_ASIDS (ASID_FIRST_VERSION) | ||
| 1058 | +#define asid2idx(asid) ((asid) & ~ASID_MASK) | ||
| 1059 | +#define idx2asid(idx) asid2idx(idx) | ||
| 1060 | +#endif | ||
| 1061 | |||
| 1062 | /* Get the ASIDBits supported by the current CPU */ | ||
| 1063 | static u32 get_cpu_asid_bits(void) | ||
| 1064 | @@ -104,7 +113,7 @@ static void flush_context(unsigned int cpu) | ||
| 1065 | */ | ||
| 1066 | if (asid == 0) | ||
| 1067 | asid = per_cpu(reserved_asids, i); | ||
| 1068 | - __set_bit(asid & ~ASID_MASK, asid_map); | ||
| 1069 | + __set_bit(asid2idx(asid), asid_map); | ||
| 1070 | per_cpu(reserved_asids, i) = asid; | ||
| 1071 | } | ||
| 1072 | |||
| 1073 | @@ -159,16 +168,16 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) | ||
| 1074 | * We had a valid ASID in a previous life, so try to re-use | ||
| 1075 | * it if possible. | ||
| 1076 | */ | ||
| 1077 | - asid &= ~ASID_MASK; | ||
| 1078 | - if (!__test_and_set_bit(asid, asid_map)) | ||
| 1079 | + if (!__test_and_set_bit(asid2idx(asid), asid_map)) | ||
| 1080 | return newasid; | ||
| 1081 | } | ||
| 1082 | |||
| 1083 | /* | ||
| 1084 | * Allocate a free ASID. If we can't find one, take a note of the | ||
| 1085 | - * currently active ASIDs and mark the TLBs as requiring flushes. | ||
| 1086 | - * We always count from ASID #1, as we use ASID #0 when setting a | ||
| 1087 | - * reserved TTBR0 for the init_mm. | ||
| 1088 | + * currently active ASIDs and mark the TLBs as requiring flushes. We | ||
| 1089 | + * always count from ASID #2 (index 1), as we use ASID #0 when setting | ||
| 1090 | + * a reserved TTBR0 for the init_mm and we allocate ASIDs in even/odd | ||
| 1091 | + * pairs. | ||
| 1092 | */ | ||
| 1093 | asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, cur_idx); | ||
| 1094 | if (asid != NUM_USER_ASIDS) | ||
| 1095 | @@ -185,7 +194,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) | ||
| 1096 | set_asid: | ||
| 1097 | __set_bit(asid, asid_map); | ||
| 1098 | cur_idx = asid; | ||
| 1099 | - return asid | generation; | ||
| 1100 | + return idx2asid(asid) | generation; | ||
| 1101 | } | ||
| 1102 | |||
| 1103 | void check_and_switch_context(struct mm_struct *mm, unsigned int cpu) | ||
| 1104 | diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c | ||
| 1105 | index 638f7f2bd79c..4cd4862845cd 100644 | ||
| 1106 | --- a/arch/arm64/mm/mmu.c | ||
| 1107 | +++ b/arch/arm64/mm/mmu.c | ||
| 1108 | @@ -419,6 +419,37 @@ static void __init map_kernel_segment(pgd_t *pgd, void *va_start, void *va_end, | ||
| 1109 | vm_area_add_early(vma); | ||
| 1110 | } | ||
| 1111 | |||
| 1112 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 1113 | +static int __init map_entry_trampoline(void) | ||
| 1114 | +{ | ||
| 1115 | + extern char __entry_tramp_text_start[]; | ||
| 1116 | + | ||
| 1117 | + pgprot_t prot = rodata_enabled ? PAGE_KERNEL_ROX : PAGE_KERNEL_EXEC; | ||
| 1118 | + phys_addr_t pa_start = __pa_symbol(__entry_tramp_text_start); | ||
| 1119 | + | ||
| 1120 | + /* The trampoline is always mapped and can therefore be global */ | ||
| 1121 | + pgprot_val(prot) &= ~PTE_NG; | ||
| 1122 | + | ||
| 1123 | + /* Map only the text into the trampoline page table */ | ||
| 1124 | + memset(tramp_pg_dir, 0, PGD_SIZE); | ||
| 1125 | + __create_pgd_mapping(tramp_pg_dir, pa_start, TRAMP_VALIAS, PAGE_SIZE, | ||
| 1126 | + prot, pgd_pgtable_alloc, 0); | ||
| 1127 | + | ||
| 1128 | + /* Map both the text and data into the kernel page table */ | ||
| 1129 | + __set_fixmap(FIX_ENTRY_TRAMP_TEXT, pa_start, prot); | ||
| 1130 | + if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) { | ||
| 1131 | + extern char __entry_tramp_data_start[]; | ||
| 1132 | + | ||
| 1133 | + __set_fixmap(FIX_ENTRY_TRAMP_DATA, | ||
| 1134 | + __pa_symbol(__entry_tramp_data_start), | ||
| 1135 | + PAGE_KERNEL_RO); | ||
| 1136 | + } | ||
| 1137 | + | ||
| 1138 | + return 0; | ||
| 1139 | +} | ||
| 1140 | +core_initcall(map_entry_trampoline); | ||
| 1141 | +#endif | ||
| 1142 | + | ||
| 1143 | /* | ||
| 1144 | * Create fine-grained mappings for the kernel. | ||
| 1145 | */ | ||
| 1146 | diff --git a/arch/arm64/mm/proc.S b/arch/arm64/mm/proc.S | ||
| 1147 | index 352c73b6a59e..c07d9cc057e6 100644 | ||
| 1148 | --- a/arch/arm64/mm/proc.S | ||
| 1149 | +++ b/arch/arm64/mm/proc.S | ||
| 1150 | @@ -83,7 +83,7 @@ ENDPROC(cpu_do_suspend) | ||
| 1151 | * | ||
| 1152 | * x0: Address of context pointer | ||
| 1153 | */ | ||
| 1154 | - .pushsection ".idmap.text", "ax" | ||
| 1155 | + .pushsection ".idmap.text", "awx" | ||
| 1156 | ENTRY(cpu_do_resume) | ||
| 1157 | ldp x2, x3, [x0] | ||
| 1158 | ldp x4, x5, [x0, #16] | ||
| 1159 | @@ -132,9 +132,12 @@ ENDPROC(cpu_do_resume) | ||
| 1160 | * - pgd_phys - physical address of new TTB | ||
| 1161 | */ | ||
| 1162 | ENTRY(cpu_do_switch_mm) | ||
| 1163 | + mrs x2, ttbr1_el1 | ||
| 1164 | mmid x1, x1 // get mm->context.id | ||
| 1165 | - bfi x0, x1, #48, #16 // set the ASID | ||
| 1166 | - msr ttbr0_el1, x0 // set TTBR0 | ||
| 1167 | + bfi x2, x1, #48, #16 // set the ASID | ||
| 1168 | + msr ttbr1_el1, x2 // in TTBR1 (since TCR.A1 is set) | ||
| 1169 | + isb | ||
| 1170 | + msr ttbr0_el1, x0 // now update TTBR0 | ||
| 1171 | isb | ||
| 1172 | alternative_if ARM64_WORKAROUND_CAVIUM_27456 | ||
| 1173 | ic iallu | ||
| 1174 | @@ -144,7 +147,17 @@ alternative_else_nop_endif | ||
| 1175 | ret | ||
| 1176 | ENDPROC(cpu_do_switch_mm) | ||
| 1177 | |||
| 1178 | - .pushsection ".idmap.text", "ax" | ||
| 1179 | + .pushsection ".idmap.text", "awx" | ||
| 1180 | + | ||
| 1181 | +.macro __idmap_cpu_set_reserved_ttbr1, tmp1, tmp2 | ||
| 1182 | + adrp \tmp1, empty_zero_page | ||
| 1183 | + msr ttbr1_el1, \tmp1 | ||
| 1184 | + isb | ||
| 1185 | + tlbi vmalle1 | ||
| 1186 | + dsb nsh | ||
| 1187 | + isb | ||
| 1188 | +.endm | ||
| 1189 | + | ||
| 1190 | /* | ||
| 1191 | * void idmap_cpu_replace_ttbr1(phys_addr_t new_pgd) | ||
| 1192 | * | ||
| 1193 | @@ -155,13 +168,7 @@ ENTRY(idmap_cpu_replace_ttbr1) | ||
| 1194 | mrs x2, daif | ||
| 1195 | msr daifset, #0xf | ||
| 1196 | |||
| 1197 | - adrp x1, empty_zero_page | ||
| 1198 | - msr ttbr1_el1, x1 | ||
| 1199 | - isb | ||
| 1200 | - | ||
| 1201 | - tlbi vmalle1 | ||
| 1202 | - dsb nsh | ||
| 1203 | - isb | ||
| 1204 | + __idmap_cpu_set_reserved_ttbr1 x1, x3 | ||
| 1205 | |||
| 1206 | msr ttbr1_el1, x0 | ||
| 1207 | isb | ||
| 1208 | @@ -172,13 +179,196 @@ ENTRY(idmap_cpu_replace_ttbr1) | ||
| 1209 | ENDPROC(idmap_cpu_replace_ttbr1) | ||
| 1210 | .popsection | ||
| 1211 | |||
| 1212 | +#ifdef CONFIG_UNMAP_KERNEL_AT_EL0 | ||
| 1213 | + .pushsection ".idmap.text", "awx" | ||
| 1214 | + | ||
| 1215 | + .macro __idmap_kpti_get_pgtable_ent, type | ||
| 1216 | + dc cvac, cur_\()\type\()p // Ensure any existing dirty | ||
| 1217 | + dmb sy // lines are written back before | ||
| 1218 | + ldr \type, [cur_\()\type\()p] // loading the entry | ||
| 1219 | + tbz \type, #0, next_\()\type // Skip invalid entries | ||
| 1220 | + .endm | ||
| 1221 | + | ||
| 1222 | + .macro __idmap_kpti_put_pgtable_ent_ng, type | ||
| 1223 | + orr \type, \type, #PTE_NG // Same bit for blocks and pages | ||
| 1224 | + str \type, [cur_\()\type\()p] // Update the entry and ensure it | ||
| 1225 | + dc civac, cur_\()\type\()p // is visible to all CPUs. | ||
| 1226 | + .endm | ||
| 1227 | + | ||
| 1228 | +/* | ||
| 1229 | + * void __kpti_install_ng_mappings(int cpu, int num_cpus, phys_addr_t swapper) | ||
| 1230 | + * | ||
| 1231 | + * Called exactly once from stop_machine context by each CPU found during boot. | ||
| 1232 | + */ | ||
| 1233 | +__idmap_kpti_flag: | ||
| 1234 | + .long 1 | ||
| 1235 | +ENTRY(idmap_kpti_install_ng_mappings) | ||
| 1236 | + cpu .req w0 | ||
| 1237 | + num_cpus .req w1 | ||
| 1238 | + swapper_pa .req x2 | ||
| 1239 | + swapper_ttb .req x3 | ||
| 1240 | + flag_ptr .req x4 | ||
| 1241 | + cur_pgdp .req x5 | ||
| 1242 | + end_pgdp .req x6 | ||
| 1243 | + pgd .req x7 | ||
| 1244 | + cur_pudp .req x8 | ||
| 1245 | + end_pudp .req x9 | ||
| 1246 | + pud .req x10 | ||
| 1247 | + cur_pmdp .req x11 | ||
| 1248 | + end_pmdp .req x12 | ||
| 1249 | + pmd .req x13 | ||
| 1250 | + cur_ptep .req x14 | ||
| 1251 | + end_ptep .req x15 | ||
| 1252 | + pte .req x16 | ||
| 1253 | + | ||
| 1254 | + mrs swapper_ttb, ttbr1_el1 | ||
| 1255 | + adr flag_ptr, __idmap_kpti_flag | ||
| 1256 | + | ||
| 1257 | + cbnz cpu, __idmap_kpti_secondary | ||
| 1258 | + | ||
| 1259 | + /* We're the boot CPU. Wait for the others to catch up */ | ||
| 1260 | + sevl | ||
| 1261 | +1: wfe | ||
| 1262 | + ldaxr w18, [flag_ptr] | ||
| 1263 | + eor w18, w18, num_cpus | ||
| 1264 | + cbnz w18, 1b | ||
| 1265 | + | ||
| 1266 | + /* We need to walk swapper, so turn off the MMU. */ | ||
| 1267 | + mrs x18, sctlr_el1 | ||
| 1268 | + bic x18, x18, #SCTLR_ELx_M | ||
| 1269 | + msr sctlr_el1, x18 | ||
| 1270 | + isb | ||
| 1271 | + | ||
| 1272 | + /* Everybody is enjoying the idmap, so we can rewrite swapper. */ | ||
| 1273 | + /* PGD */ | ||
| 1274 | + mov cur_pgdp, swapper_pa | ||
| 1275 | + add end_pgdp, cur_pgdp, #(PTRS_PER_PGD * 8) | ||
| 1276 | +do_pgd: __idmap_kpti_get_pgtable_ent pgd | ||
| 1277 | + tbnz pgd, #1, walk_puds | ||
| 1278 | + __idmap_kpti_put_pgtable_ent_ng pgd | ||
| 1279 | +next_pgd: | ||
| 1280 | + add cur_pgdp, cur_pgdp, #8 | ||
| 1281 | + cmp cur_pgdp, end_pgdp | ||
| 1282 | + b.ne do_pgd | ||
| 1283 | + | ||
| 1284 | + /* Publish the updated tables and nuke all the TLBs */ | ||
| 1285 | + dsb sy | ||
| 1286 | + tlbi vmalle1is | ||
| 1287 | + dsb ish | ||
| 1288 | + isb | ||
| 1289 | + | ||
| 1290 | + /* We're done: fire up the MMU again */ | ||
| 1291 | + mrs x18, sctlr_el1 | ||
| 1292 | + orr x18, x18, #SCTLR_ELx_M | ||
| 1293 | + msr sctlr_el1, x18 | ||
| 1294 | + isb | ||
| 1295 | + | ||
| 1296 | + /* Set the flag to zero to indicate that we're all done */ | ||
| 1297 | + str wzr, [flag_ptr] | ||
| 1298 | + ret | ||
| 1299 | + | ||
| 1300 | + /* PUD */ | ||
| 1301 | +walk_puds: | ||
| 1302 | + .if CONFIG_PGTABLE_LEVELS > 3 | ||
| 1303 | + pte_to_phys cur_pudp, pgd | ||
| 1304 | + add end_pudp, cur_pudp, #(PTRS_PER_PUD * 8) | ||
| 1305 | +do_pud: __idmap_kpti_get_pgtable_ent pud | ||
| 1306 | + tbnz pud, #1, walk_pmds | ||
| 1307 | + __idmap_kpti_put_pgtable_ent_ng pud | ||
| 1308 | +next_pud: | ||
| 1309 | + add cur_pudp, cur_pudp, 8 | ||
| 1310 | + cmp cur_pudp, end_pudp | ||
| 1311 | + b.ne do_pud | ||
| 1312 | + b next_pgd | ||
| 1313 | + .else /* CONFIG_PGTABLE_LEVELS <= 3 */ | ||
| 1314 | + mov pud, pgd | ||
| 1315 | + b walk_pmds | ||
| 1316 | +next_pud: | ||
| 1317 | + b next_pgd | ||
| 1318 | + .endif | ||
| 1319 | + | ||
| 1320 | + /* PMD */ | ||
| 1321 | +walk_pmds: | ||
| 1322 | + .if CONFIG_PGTABLE_LEVELS > 2 | ||
| 1323 | + pte_to_phys cur_pmdp, pud | ||
| 1324 | + add end_pmdp, cur_pmdp, #(PTRS_PER_PMD * 8) | ||
| 1325 | +do_pmd: __idmap_kpti_get_pgtable_ent pmd | ||
| 1326 | + tbnz pmd, #1, walk_ptes | ||
| 1327 | + __idmap_kpti_put_pgtable_ent_ng pmd | ||
| 1328 | +next_pmd: | ||
| 1329 | + add cur_pmdp, cur_pmdp, #8 | ||
| 1330 | + cmp cur_pmdp, end_pmdp | ||
| 1331 | + b.ne do_pmd | ||
| 1332 | + b next_pud | ||
| 1333 | + .else /* CONFIG_PGTABLE_LEVELS <= 2 */ | ||
| 1334 | + mov pmd, pud | ||
| 1335 | + b walk_ptes | ||
| 1336 | +next_pmd: | ||
| 1337 | + b next_pud | ||
| 1338 | + .endif | ||
| 1339 | + | ||
| 1340 | + /* PTE */ | ||
| 1341 | +walk_ptes: | ||
| 1342 | + pte_to_phys cur_ptep, pmd | ||
| 1343 | + add end_ptep, cur_ptep, #(PTRS_PER_PTE * 8) | ||
| 1344 | +do_pte: __idmap_kpti_get_pgtable_ent pte | ||
| 1345 | + __idmap_kpti_put_pgtable_ent_ng pte | ||
| 1346 | +next_pte: | ||
| 1347 | + add cur_ptep, cur_ptep, #8 | ||
| 1348 | + cmp cur_ptep, end_ptep | ||
| 1349 | + b.ne do_pte | ||
| 1350 | + b next_pmd | ||
| 1351 | + | ||
| 1352 | + /* Secondary CPUs end up here */ | ||
| 1353 | +__idmap_kpti_secondary: | ||
| 1354 | + /* Uninstall swapper before surgery begins */ | ||
| 1355 | + __idmap_cpu_set_reserved_ttbr1 x18, x17 | ||
| 1356 | + | ||
| 1357 | + /* Increment the flag to let the boot CPU we're ready */ | ||
| 1358 | +1: ldxr w18, [flag_ptr] | ||
| 1359 | + add w18, w18, #1 | ||
| 1360 | + stxr w17, w18, [flag_ptr] | ||
| 1361 | + cbnz w17, 1b | ||
| 1362 | + | ||
| 1363 | + /* Wait for the boot CPU to finish messing around with swapper */ | ||
| 1364 | + sevl | ||
| 1365 | +1: wfe | ||
| 1366 | + ldxr w18, [flag_ptr] | ||
| 1367 | + cbnz w18, 1b | ||
| 1368 | + | ||
| 1369 | + /* All done, act like nothing happened */ | ||
| 1370 | + msr ttbr1_el1, swapper_ttb | ||
| 1371 | + isb | ||
| 1372 | + ret | ||
| 1373 | + | ||
| 1374 | + .unreq cpu | ||
| 1375 | + .unreq num_cpus | ||
| 1376 | + .unreq swapper_pa | ||
| 1377 | + .unreq swapper_ttb | ||
| 1378 | + .unreq flag_ptr | ||
| 1379 | + .unreq cur_pgdp | ||
| 1380 | + .unreq end_pgdp | ||
| 1381 | + .unreq pgd | ||
| 1382 | + .unreq cur_pudp | ||
| 1383 | + .unreq end_pudp | ||
| 1384 | + .unreq pud | ||
| 1385 | + .unreq cur_pmdp | ||
| 1386 | + .unreq end_pmdp | ||
| 1387 | + .unreq pmd | ||
| 1388 | + .unreq cur_ptep | ||
| 1389 | + .unreq end_ptep | ||
| 1390 | + .unreq pte | ||
| 1391 | +ENDPROC(idmap_kpti_install_ng_mappings) | ||
| 1392 | + .popsection | ||
| 1393 | +#endif | ||
| 1394 | + | ||
| 1395 | /* | ||
| 1396 | * __cpu_setup | ||
| 1397 | * | ||
| 1398 | * Initialise the processor for turning the MMU on. Return in x0 the | ||
| 1399 | * value of the SCTLR_EL1 register. | ||
| 1400 | */ | ||
| 1401 | - .pushsection ".idmap.text", "ax" | ||
| 1402 | + .pushsection ".idmap.text", "awx" | ||
| 1403 | ENTRY(__cpu_setup) | ||
| 1404 | tlbi vmalle1 // Invalidate local TLB | ||
| 1405 | dsb nsh | ||
| 1406 | @@ -222,7 +412,7 @@ ENTRY(__cpu_setup) | ||
| 1407 | * both user and kernel. | ||
| 1408 | */ | ||
| 1409 | ldr x10, =TCR_TxSZ(VA_BITS) | TCR_CACHE_FLAGS | TCR_SMP_FLAGS | \ | ||
| 1410 | - TCR_TG_FLAGS | TCR_ASID16 | TCR_TBI0 | ||
| 1411 | + TCR_TG_FLAGS | TCR_ASID16 | TCR_TBI0 | TCR_A1 | ||
| 1412 | tcr_set_idmap_t0sz x10, x9 | ||
| 1413 | |||
| 1414 | /* | ||
| 1415 | diff --git a/arch/frv/include/asm/timex.h b/arch/frv/include/asm/timex.h | ||
| 1416 | index a89bddefdacf..139093fab326 100644 | ||
| 1417 | --- a/arch/frv/include/asm/timex.h | ||
| 1418 | +++ b/arch/frv/include/asm/timex.h | ||
| 1419 | @@ -16,5 +16,11 @@ static inline cycles_t get_cycles(void) | ||
| 1420 | #define vxtime_lock() do {} while (0) | ||
| 1421 | #define vxtime_unlock() do {} while (0) | ||
| 1422 | |||
| 1423 | +/* This attribute is used in include/linux/jiffies.h alongside with | ||
| 1424 | + * __cacheline_aligned_in_smp. It is assumed that __cacheline_aligned_in_smp | ||
| 1425 | + * for frv does not contain another section specification. | ||
| 1426 | + */ | ||
| 1427 | +#define __jiffy_arch_data __attribute__((__section__(".data"))) | ||
| 1428 | + | ||
| 1429 | #endif | ||
| 1430 | |||
| 1431 | diff --git a/arch/powerpc/kernel/exceptions-64s.S b/arch/powerpc/kernel/exceptions-64s.S | ||
| 1432 | index 7614d1dd2c0b..94b5dfb087e9 100644 | ||
| 1433 | --- a/arch/powerpc/kernel/exceptions-64s.S | ||
| 1434 | +++ b/arch/powerpc/kernel/exceptions-64s.S | ||
| 1435 | @@ -723,7 +723,7 @@ EXC_COMMON_BEGIN(bad_addr_slb) | ||
| 1436 | ld r3, PACA_EXSLB+EX_DAR(r13) | ||
| 1437 | std r3, _DAR(r1) | ||
| 1438 | beq cr6, 2f | ||
| 1439 | - li r10, 0x480 /* fix trap number for I-SLB miss */ | ||
| 1440 | + li r10, 0x481 /* fix trap number for I-SLB miss */ | ||
| 1441 | std r10, _TRAP(r1) | ||
| 1442 | 2: bl save_nvgprs | ||
| 1443 | addi r3, r1, STACK_FRAME_OVERHEAD | ||
| 1444 | diff --git a/arch/powerpc/kernel/irq.c b/arch/powerpc/kernel/irq.c | ||
| 1445 | index 028a22bfa90c..ad713f741ca8 100644 | ||
| 1446 | --- a/arch/powerpc/kernel/irq.c | ||
| 1447 | +++ b/arch/powerpc/kernel/irq.c | ||
| 1448 | @@ -372,6 +372,14 @@ void force_external_irq_replay(void) | ||
| 1449 | */ | ||
| 1450 | WARN_ON(!arch_irqs_disabled()); | ||
| 1451 | |||
| 1452 | + /* | ||
| 1453 | + * Interrupts must always be hard disabled before irq_happened is | ||
| 1454 | + * modified (to prevent lost update in case of interrupt between | ||
| 1455 | + * load and store). | ||
| 1456 | + */ | ||
| 1457 | + __hard_irq_disable(); | ||
| 1458 | + local_paca->irq_happened |= PACA_IRQ_HARD_DIS; | ||
| 1459 | + | ||
| 1460 | /* Indicate in the PACA that we have an interrupt to replay */ | ||
| 1461 | local_paca->irq_happened |= PACA_IRQ_EE; | ||
| 1462 | } | ||
| 1463 | diff --git a/arch/x86/crypto/cast5_avx_glue.c b/arch/x86/crypto/cast5_avx_glue.c | ||
| 1464 | index 8648158f3916..f8fe11d24cde 100644 | ||
| 1465 | --- a/arch/x86/crypto/cast5_avx_glue.c | ||
| 1466 | +++ b/arch/x86/crypto/cast5_avx_glue.c | ||
| 1467 | @@ -66,8 +66,6 @@ static int ecb_crypt(struct blkcipher_desc *desc, struct blkcipher_walk *walk, | ||
| 1468 | void (*fn)(struct cast5_ctx *ctx, u8 *dst, const u8 *src); | ||
| 1469 | int err; | ||
| 1470 | |||
| 1471 | - fn = (enc) ? cast5_ecb_enc_16way : cast5_ecb_dec_16way; | ||
| 1472 | - | ||
| 1473 | err = blkcipher_walk_virt(desc, walk); | ||
| 1474 | desc->flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; | ||
| 1475 | |||
| 1476 | @@ -79,6 +77,7 @@ static int ecb_crypt(struct blkcipher_desc *desc, struct blkcipher_walk *walk, | ||
| 1477 | |||
| 1478 | /* Process multi-block batch */ | ||
| 1479 | if (nbytes >= bsize * CAST5_PARALLEL_BLOCKS) { | ||
| 1480 | + fn = (enc) ? cast5_ecb_enc_16way : cast5_ecb_dec_16way; | ||
| 1481 | do { | ||
| 1482 | fn(ctx, wdst, wsrc); | ||
| 1483 | |||
| 1484 | diff --git a/arch/x86/kernel/kprobes/core.c b/arch/x86/kernel/kprobes/core.c | ||
| 1485 | index b8d3f1b60331..91c48cdfe81f 100644 | ||
| 1486 | --- a/arch/x86/kernel/kprobes/core.c | ||
| 1487 | +++ b/arch/x86/kernel/kprobes/core.c | ||
| 1488 | @@ -51,6 +51,7 @@ | ||
| 1489 | #include <linux/ftrace.h> | ||
| 1490 | #include <linux/frame.h> | ||
| 1491 | #include <linux/kasan.h> | ||
| 1492 | +#include <linux/moduleloader.h> | ||
| 1493 | |||
| 1494 | #include <asm/text-patching.h> | ||
| 1495 | #include <asm/cacheflush.h> | ||
| 1496 | @@ -405,6 +406,14 @@ int __copy_instruction(u8 *dest, u8 *src) | ||
| 1497 | return length; | ||
| 1498 | } | ||
| 1499 | |||
| 1500 | +/* Recover page to RW mode before releasing it */ | ||
| 1501 | +void free_insn_page(void *page) | ||
| 1502 | +{ | ||
| 1503 | + set_memory_nx((unsigned long)page & PAGE_MASK, 1); | ||
| 1504 | + set_memory_rw((unsigned long)page & PAGE_MASK, 1); | ||
| 1505 | + module_memfree(page); | ||
| 1506 | +} | ||
| 1507 | + | ||
| 1508 | static int arch_copy_kprobe(struct kprobe *p) | ||
| 1509 | { | ||
| 1510 | int ret; | ||
| 1511 | diff --git a/block/bio.c b/block/bio.c | ||
| 1512 | index 07f287b14cff..4f93345c6a82 100644 | ||
| 1513 | --- a/block/bio.c | ||
| 1514 | +++ b/block/bio.c | ||
| 1515 | @@ -42,9 +42,9 @@ | ||
| 1516 | * break badly! cannot be bigger than what you can fit into an | ||
| 1517 | * unsigned short | ||
| 1518 | */ | ||
| 1519 | -#define BV(x) { .nr_vecs = x, .name = "biovec-"__stringify(x) } | ||
| 1520 | +#define BV(x, n) { .nr_vecs = x, .name = "biovec-"#n } | ||
| 1521 | static struct biovec_slab bvec_slabs[BVEC_POOL_NR] __read_mostly = { | ||
| 1522 | - BV(1), BV(4), BV(16), BV(64), BV(128), BV(BIO_MAX_PAGES), | ||
| 1523 | + BV(1, 1), BV(4, 4), BV(16, 16), BV(64, 64), BV(128, 128), BV(BIO_MAX_PAGES, max), | ||
| 1524 | }; | ||
| 1525 | #undef BV | ||
| 1526 | |||
| 1527 | diff --git a/block/partitions/msdos.c b/block/partitions/msdos.c | ||
| 1528 | index 5610cd537da7..7d8d50c11ce7 100644 | ||
| 1529 | --- a/block/partitions/msdos.c | ||
| 1530 | +++ b/block/partitions/msdos.c | ||
| 1531 | @@ -300,7 +300,9 @@ static void parse_bsd(struct parsed_partitions *state, | ||
| 1532 | continue; | ||
| 1533 | bsd_start = le32_to_cpu(p->p_offset); | ||
| 1534 | bsd_size = le32_to_cpu(p->p_size); | ||
| 1535 | - if (memcmp(flavour, "bsd\0", 4) == 0) | ||
| 1536 | + /* FreeBSD has relative offset if C partition offset is zero */ | ||
| 1537 | + if (memcmp(flavour, "bsd\0", 4) == 0 && | ||
| 1538 | + le32_to_cpu(l->d_partitions[2].p_offset) == 0) | ||
| 1539 | bsd_start += offset; | ||
| 1540 | if (offset == bsd_start && size == bsd_size) | ||
| 1541 | /* full parent partition, we have it already */ | ||
| 1542 | diff --git a/crypto/ahash.c b/crypto/ahash.c | ||
| 1543 | index 14402ef6d826..90d73a22f129 100644 | ||
| 1544 | --- a/crypto/ahash.c | ||
| 1545 | +++ b/crypto/ahash.c | ||
| 1546 | @@ -91,13 +91,14 @@ int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err) | ||
| 1547 | |||
| 1548 | if (nbytes && walk->offset & alignmask && !err) { | ||
| 1549 | walk->offset = ALIGN(walk->offset, alignmask + 1); | ||
| 1550 | - walk->data += walk->offset; | ||
| 1551 | - | ||
| 1552 | nbytes = min(nbytes, | ||
| 1553 | ((unsigned int)(PAGE_SIZE)) - walk->offset); | ||
| 1554 | walk->entrylen -= nbytes; | ||
| 1555 | |||
| 1556 | - return nbytes; | ||
| 1557 | + if (nbytes) { | ||
| 1558 | + walk->data += walk->offset; | ||
| 1559 | + return nbytes; | ||
| 1560 | + } | ||
| 1561 | } | ||
| 1562 | |||
| 1563 | if (walk->flags & CRYPTO_ALG_ASYNC) | ||
| 1564 | diff --git a/drivers/block/mtip32xx/mtip32xx.c b/drivers/block/mtip32xx/mtip32xx.c | ||
| 1565 | index b86273fdf48e..3cfd879267b2 100644 | ||
| 1566 | --- a/drivers/block/mtip32xx/mtip32xx.c | ||
| 1567 | +++ b/drivers/block/mtip32xx/mtip32xx.c | ||
| 1568 | @@ -169,25 +169,6 @@ static bool mtip_check_surprise_removal(struct pci_dev *pdev) | ||
| 1569 | return false; /* device present */ | ||
| 1570 | } | ||
| 1571 | |||
| 1572 | -/* we have to use runtime tag to setup command header */ | ||
| 1573 | -static void mtip_init_cmd_header(struct request *rq) | ||
| 1574 | -{ | ||
| 1575 | - struct driver_data *dd = rq->q->queuedata; | ||
| 1576 | - struct mtip_cmd *cmd = blk_mq_rq_to_pdu(rq); | ||
| 1577 | - u32 host_cap_64 = readl(dd->mmio + HOST_CAP) & HOST_CAP_64; | ||
| 1578 | - | ||
| 1579 | - /* Point the command headers at the command tables. */ | ||
| 1580 | - cmd->command_header = dd->port->command_list + | ||
| 1581 | - (sizeof(struct mtip_cmd_hdr) * rq->tag); | ||
| 1582 | - cmd->command_header_dma = dd->port->command_list_dma + | ||
| 1583 | - (sizeof(struct mtip_cmd_hdr) * rq->tag); | ||
| 1584 | - | ||
| 1585 | - if (host_cap_64) | ||
| 1586 | - cmd->command_header->ctbau = __force_bit2int cpu_to_le32((cmd->command_dma >> 16) >> 16); | ||
| 1587 | - | ||
| 1588 | - cmd->command_header->ctba = __force_bit2int cpu_to_le32(cmd->command_dma & 0xFFFFFFFF); | ||
| 1589 | -} | ||
| 1590 | - | ||
| 1591 | static struct mtip_cmd *mtip_get_int_command(struct driver_data *dd) | ||
| 1592 | { | ||
| 1593 | struct request *rq; | ||
| 1594 | @@ -199,9 +180,6 @@ static struct mtip_cmd *mtip_get_int_command(struct driver_data *dd) | ||
| 1595 | if (IS_ERR(rq)) | ||
| 1596 | return NULL; | ||
| 1597 | |||
| 1598 | - /* Internal cmd isn't submitted via .queue_rq */ | ||
| 1599 | - mtip_init_cmd_header(rq); | ||
| 1600 | - | ||
| 1601 | return blk_mq_rq_to_pdu(rq); | ||
| 1602 | } | ||
| 1603 | |||
| 1604 | @@ -3833,8 +3811,6 @@ static int mtip_queue_rq(struct blk_mq_hw_ctx *hctx, | ||
| 1605 | struct request *rq = bd->rq; | ||
| 1606 | int ret; | ||
| 1607 | |||
| 1608 | - mtip_init_cmd_header(rq); | ||
| 1609 | - | ||
| 1610 | if (unlikely(mtip_check_unal_depth(hctx, rq))) | ||
| 1611 | return BLK_MQ_RQ_QUEUE_BUSY; | ||
| 1612 | |||
| 1613 | @@ -3866,6 +3842,7 @@ static int mtip_init_cmd(void *data, struct request *rq, unsigned int hctx_idx, | ||
| 1614 | { | ||
| 1615 | struct driver_data *dd = data; | ||
| 1616 | struct mtip_cmd *cmd = blk_mq_rq_to_pdu(rq); | ||
| 1617 | + u32 host_cap_64 = readl(dd->mmio + HOST_CAP) & HOST_CAP_64; | ||
| 1618 | |||
| 1619 | /* | ||
| 1620 | * For flush requests, request_idx starts at the end of the | ||
| 1621 | @@ -3882,6 +3859,17 @@ static int mtip_init_cmd(void *data, struct request *rq, unsigned int hctx_idx, | ||
| 1622 | |||
| 1623 | memset(cmd->command, 0, CMD_DMA_ALLOC_SZ); | ||
| 1624 | |||
| 1625 | + /* Point the command headers at the command tables. */ | ||
| 1626 | + cmd->command_header = dd->port->command_list + | ||
| 1627 | + (sizeof(struct mtip_cmd_hdr) * request_idx); | ||
| 1628 | + cmd->command_header_dma = dd->port->command_list_dma + | ||
| 1629 | + (sizeof(struct mtip_cmd_hdr) * request_idx); | ||
| 1630 | + | ||
| 1631 | + if (host_cap_64) | ||
| 1632 | + cmd->command_header->ctbau = __force_bit2int cpu_to_le32((cmd->command_dma >> 16) >> 16); | ||
| 1633 | + | ||
| 1634 | + cmd->command_header->ctba = __force_bit2int cpu_to_le32(cmd->command_dma & 0xFFFFFFFF); | ||
| 1635 | + | ||
| 1636 | sg_init_table(cmd->sg, MTIP_MAX_SG); | ||
| 1637 | return 0; | ||
| 1638 | } | ||
| 1639 | diff --git a/drivers/hid/hid-sony.c b/drivers/hid/hid-sony.c | ||
| 1640 | index b0bb99a821bd..1b1dccd37fbd 100644 | ||
| 1641 | --- a/drivers/hid/hid-sony.c | ||
| 1642 | +++ b/drivers/hid/hid-sony.c | ||
| 1643 | @@ -1056,7 +1056,6 @@ struct sony_sc { | ||
| 1644 | u8 battery_charging; | ||
| 1645 | u8 battery_capacity; | ||
| 1646 | u8 led_state[MAX_LEDS]; | ||
| 1647 | - u8 resume_led_state[MAX_LEDS]; | ||
| 1648 | u8 led_delay_on[MAX_LEDS]; | ||
| 1649 | u8 led_delay_off[MAX_LEDS]; | ||
| 1650 | u8 led_count; | ||
| 1651 | @@ -1793,6 +1792,7 @@ static int sony_leds_init(struct sony_sc *sc) | ||
| 1652 | led->name = name; | ||
| 1653 | led->brightness = sc->led_state[n]; | ||
| 1654 | led->max_brightness = max_brightness[n]; | ||
| 1655 | + led->flags = LED_CORE_SUSPENDRESUME; | ||
| 1656 | led->brightness_get = sony_led_get_brightness; | ||
| 1657 | led->brightness_set = sony_led_set_brightness; | ||
| 1658 | |||
| 1659 | @@ -2509,47 +2509,32 @@ static void sony_remove(struct hid_device *hdev) | ||
| 1660 | |||
| 1661 | static int sony_suspend(struct hid_device *hdev, pm_message_t message) | ||
| 1662 | { | ||
| 1663 | - /* | ||
| 1664 | - * On suspend save the current LED state, | ||
| 1665 | - * stop running force-feedback and blank the LEDS. | ||
| 1666 | - */ | ||
| 1667 | - if (SONY_LED_SUPPORT || SONY_FF_SUPPORT) { | ||
| 1668 | - struct sony_sc *sc = hid_get_drvdata(hdev); | ||
| 1669 | - | ||
| 1670 | #ifdef CONFIG_SONY_FF | ||
| 1671 | - sc->left = sc->right = 0; | ||
| 1672 | -#endif | ||
| 1673 | |||
| 1674 | - memcpy(sc->resume_led_state, sc->led_state, | ||
| 1675 | - sizeof(sc->resume_led_state)); | ||
| 1676 | - memset(sc->led_state, 0, sizeof(sc->led_state)); | ||
| 1677 | + /* On suspend stop any running force-feedback events */ | ||
| 1678 | + if (SONY_FF_SUPPORT) { | ||
| 1679 | + struct sony_sc *sc = hid_get_drvdata(hdev); | ||
| 1680 | |||
| 1681 | + sc->left = sc->right = 0; | ||
| 1682 | sony_send_output_report(sc); | ||
| 1683 | } | ||
| 1684 | |||
| 1685 | +#endif | ||
| 1686 | return 0; | ||
| 1687 | } | ||
| 1688 | |||
| 1689 | static int sony_resume(struct hid_device *hdev) | ||
| 1690 | { | ||
| 1691 | - /* Restore the state of controller LEDs on resume */ | ||
| 1692 | - if (SONY_LED_SUPPORT) { | ||
| 1693 | - struct sony_sc *sc = hid_get_drvdata(hdev); | ||
| 1694 | - | ||
| 1695 | - memcpy(sc->led_state, sc->resume_led_state, | ||
| 1696 | - sizeof(sc->led_state)); | ||
| 1697 | - | ||
| 1698 | - /* | ||
| 1699 | - * The Sixaxis and navigation controllers on USB need to be | ||
| 1700 | - * reinitialized on resume or they won't behave properly. | ||
| 1701 | - */ | ||
| 1702 | - if ((sc->quirks & SIXAXIS_CONTROLLER_USB) || | ||
| 1703 | - (sc->quirks & NAVIGATION_CONTROLLER_USB)) { | ||
| 1704 | - sixaxis_set_operational_usb(sc->hdev); | ||
| 1705 | - sc->defer_initialization = 1; | ||
| 1706 | - } | ||
| 1707 | + struct sony_sc *sc = hid_get_drvdata(hdev); | ||
| 1708 | |||
| 1709 | - sony_set_leds(sc); | ||
| 1710 | + /* | ||
| 1711 | + * The Sixaxis and navigation controllers on USB need to be | ||
| 1712 | + * reinitialized on resume or they won't behave properly. | ||
| 1713 | + */ | ||
| 1714 | + if ((sc->quirks & SIXAXIS_CONTROLLER_USB) || | ||
| 1715 | + (sc->quirks & NAVIGATION_CONTROLLER_USB)) { | ||
| 1716 | + sixaxis_set_operational_usb(sc->hdev); | ||
| 1717 | + sc->defer_initialization = 1; | ||
| 1718 | } | ||
| 1719 | |||
| 1720 | return 0; | ||
| 1721 | diff --git a/drivers/infiniband/core/addr.c b/drivers/infiniband/core/addr.c | ||
| 1722 | index fb4ce0394ac7..978b8d94f9a4 100644 | ||
| 1723 | --- a/drivers/infiniband/core/addr.c | ||
| 1724 | +++ b/drivers/infiniband/core/addr.c | ||
| 1725 | @@ -209,6 +209,22 @@ int rdma_addr_size(struct sockaddr *addr) | ||
| 1726 | } | ||
| 1727 | EXPORT_SYMBOL(rdma_addr_size); | ||
| 1728 | |||
| 1729 | +int rdma_addr_size_in6(struct sockaddr_in6 *addr) | ||
| 1730 | +{ | ||
| 1731 | + int ret = rdma_addr_size((struct sockaddr *) addr); | ||
| 1732 | + | ||
| 1733 | + return ret <= sizeof(*addr) ? ret : 0; | ||
| 1734 | +} | ||
| 1735 | +EXPORT_SYMBOL(rdma_addr_size_in6); | ||
| 1736 | + | ||
| 1737 | +int rdma_addr_size_kss(struct __kernel_sockaddr_storage *addr) | ||
| 1738 | +{ | ||
| 1739 | + int ret = rdma_addr_size((struct sockaddr *) addr); | ||
| 1740 | + | ||
| 1741 | + return ret <= sizeof(*addr) ? ret : 0; | ||
| 1742 | +} | ||
| 1743 | +EXPORT_SYMBOL(rdma_addr_size_kss); | ||
| 1744 | + | ||
| 1745 | static struct rdma_addr_client self; | ||
| 1746 | |||
| 1747 | void rdma_addr_register_client(struct rdma_addr_client *client) | ||
| 1748 | diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c | ||
| 1749 | index 017a09ceba3f..4d732810f6fc 100644 | ||
| 1750 | --- a/drivers/infiniband/core/ucma.c | ||
| 1751 | +++ b/drivers/infiniband/core/ucma.c | ||
| 1752 | @@ -132,7 +132,7 @@ static inline struct ucma_context *_ucma_find_context(int id, | ||
| 1753 | ctx = idr_find(&ctx_idr, id); | ||
| 1754 | if (!ctx) | ||
| 1755 | ctx = ERR_PTR(-ENOENT); | ||
| 1756 | - else if (ctx->file != file) | ||
| 1757 | + else if (ctx->file != file || !ctx->cm_id) | ||
| 1758 | ctx = ERR_PTR(-EINVAL); | ||
| 1759 | return ctx; | ||
| 1760 | } | ||
| 1761 | @@ -454,6 +454,7 @@ static ssize_t ucma_create_id(struct ucma_file *file, const char __user *inbuf, | ||
| 1762 | struct rdma_ucm_create_id cmd; | ||
| 1763 | struct rdma_ucm_create_id_resp resp; | ||
| 1764 | struct ucma_context *ctx; | ||
| 1765 | + struct rdma_cm_id *cm_id; | ||
| 1766 | enum ib_qp_type qp_type; | ||
| 1767 | int ret; | ||
| 1768 | |||
| 1769 | @@ -474,10 +475,10 @@ static ssize_t ucma_create_id(struct ucma_file *file, const char __user *inbuf, | ||
| 1770 | return -ENOMEM; | ||
| 1771 | |||
| 1772 | ctx->uid = cmd.uid; | ||
| 1773 | - ctx->cm_id = rdma_create_id(current->nsproxy->net_ns, | ||
| 1774 | - ucma_event_handler, ctx, cmd.ps, qp_type); | ||
| 1775 | - if (IS_ERR(ctx->cm_id)) { | ||
| 1776 | - ret = PTR_ERR(ctx->cm_id); | ||
| 1777 | + cm_id = rdma_create_id(current->nsproxy->net_ns, | ||
| 1778 | + ucma_event_handler, ctx, cmd.ps, qp_type); | ||
| 1779 | + if (IS_ERR(cm_id)) { | ||
| 1780 | + ret = PTR_ERR(cm_id); | ||
| 1781 | goto err1; | ||
| 1782 | } | ||
| 1783 | |||
| 1784 | @@ -487,14 +488,19 @@ static ssize_t ucma_create_id(struct ucma_file *file, const char __user *inbuf, | ||
| 1785 | ret = -EFAULT; | ||
| 1786 | goto err2; | ||
| 1787 | } | ||
| 1788 | + | ||
| 1789 | + ctx->cm_id = cm_id; | ||
| 1790 | return 0; | ||
| 1791 | |||
| 1792 | err2: | ||
| 1793 | - rdma_destroy_id(ctx->cm_id); | ||
| 1794 | + rdma_destroy_id(cm_id); | ||
| 1795 | err1: | ||
| 1796 | mutex_lock(&mut); | ||
| 1797 | idr_remove(&ctx_idr, ctx->id); | ||
| 1798 | mutex_unlock(&mut); | ||
| 1799 | + mutex_lock(&file->mut); | ||
| 1800 | + list_del(&ctx->list); | ||
| 1801 | + mutex_unlock(&file->mut); | ||
| 1802 | kfree(ctx); | ||
| 1803 | return ret; | ||
| 1804 | } | ||
| 1805 | @@ -624,6 +630,9 @@ static ssize_t ucma_bind_ip(struct ucma_file *file, const char __user *inbuf, | ||
| 1806 | if (copy_from_user(&cmd, inbuf, sizeof(cmd))) | ||
| 1807 | return -EFAULT; | ||
| 1808 | |||
| 1809 | + if (!rdma_addr_size_in6(&cmd.addr)) | ||
| 1810 | + return -EINVAL; | ||
| 1811 | + | ||
| 1812 | ctx = ucma_get_ctx(file, cmd.id); | ||
| 1813 | if (IS_ERR(ctx)) | ||
| 1814 | return PTR_ERR(ctx); | ||
| 1815 | @@ -637,22 +646,21 @@ static ssize_t ucma_bind(struct ucma_file *file, const char __user *inbuf, | ||
| 1816 | int in_len, int out_len) | ||
| 1817 | { | ||
| 1818 | struct rdma_ucm_bind cmd; | ||
| 1819 | - struct sockaddr *addr; | ||
| 1820 | struct ucma_context *ctx; | ||
| 1821 | int ret; | ||
| 1822 | |||
| 1823 | if (copy_from_user(&cmd, inbuf, sizeof(cmd))) | ||
| 1824 | return -EFAULT; | ||
| 1825 | |||
| 1826 | - addr = (struct sockaddr *) &cmd.addr; | ||
| 1827 | - if (cmd.reserved || !cmd.addr_size || (cmd.addr_size != rdma_addr_size(addr))) | ||
| 1828 | + if (cmd.reserved || !cmd.addr_size || | ||
| 1829 | + cmd.addr_size != rdma_addr_size_kss(&cmd.addr)) | ||
| 1830 | return -EINVAL; | ||
| 1831 | |||
| 1832 | ctx = ucma_get_ctx(file, cmd.id); | ||
| 1833 | if (IS_ERR(ctx)) | ||
| 1834 | return PTR_ERR(ctx); | ||
| 1835 | |||
| 1836 | - ret = rdma_bind_addr(ctx->cm_id, addr); | ||
| 1837 | + ret = rdma_bind_addr(ctx->cm_id, (struct sockaddr *) &cmd.addr); | ||
| 1838 | ucma_put_ctx(ctx); | ||
| 1839 | return ret; | ||
| 1840 | } | ||
| 1841 | @@ -668,13 +676,16 @@ static ssize_t ucma_resolve_ip(struct ucma_file *file, | ||
| 1842 | if (copy_from_user(&cmd, inbuf, sizeof(cmd))) | ||
| 1843 | return -EFAULT; | ||
| 1844 | |||
| 1845 | + if (!rdma_addr_size_in6(&cmd.src_addr) || | ||
| 1846 | + !rdma_addr_size_in6(&cmd.dst_addr)) | ||
| 1847 | + return -EINVAL; | ||
| 1848 | + | ||
| 1849 | ctx = ucma_get_ctx(file, cmd.id); | ||
| 1850 | if (IS_ERR(ctx)) | ||
| 1851 | return PTR_ERR(ctx); | ||
| 1852 | |||
| 1853 | ret = rdma_resolve_addr(ctx->cm_id, (struct sockaddr *) &cmd.src_addr, | ||
| 1854 | - (struct sockaddr *) &cmd.dst_addr, | ||
| 1855 | - cmd.timeout_ms); | ||
| 1856 | + (struct sockaddr *) &cmd.dst_addr, cmd.timeout_ms); | ||
| 1857 | ucma_put_ctx(ctx); | ||
| 1858 | return ret; | ||
| 1859 | } | ||
| 1860 | @@ -684,24 +695,23 @@ static ssize_t ucma_resolve_addr(struct ucma_file *file, | ||
| 1861 | int in_len, int out_len) | ||
| 1862 | { | ||
| 1863 | struct rdma_ucm_resolve_addr cmd; | ||
| 1864 | - struct sockaddr *src, *dst; | ||
| 1865 | struct ucma_context *ctx; | ||
| 1866 | int ret; | ||
| 1867 | |||
| 1868 | if (copy_from_user(&cmd, inbuf, sizeof(cmd))) | ||
| 1869 | return -EFAULT; | ||
| 1870 | |||
| 1871 | - src = (struct sockaddr *) &cmd.src_addr; | ||
| 1872 | - dst = (struct sockaddr *) &cmd.dst_addr; | ||
| 1873 | - if (cmd.reserved || (cmd.src_size && (cmd.src_size != rdma_addr_size(src))) || | ||
| 1874 | - !cmd.dst_size || (cmd.dst_size != rdma_addr_size(dst))) | ||
| 1875 | + if (cmd.reserved || | ||
| 1876 | + (cmd.src_size && (cmd.src_size != rdma_addr_size_kss(&cmd.src_addr))) || | ||
| 1877 | + !cmd.dst_size || (cmd.dst_size != rdma_addr_size_kss(&cmd.dst_addr))) | ||
| 1878 | return -EINVAL; | ||
| 1879 | |||
| 1880 | ctx = ucma_get_ctx(file, cmd.id); | ||
| 1881 | if (IS_ERR(ctx)) | ||
| 1882 | return PTR_ERR(ctx); | ||
| 1883 | |||
| 1884 | - ret = rdma_resolve_addr(ctx->cm_id, src, dst, cmd.timeout_ms); | ||
| 1885 | + ret = rdma_resolve_addr(ctx->cm_id, (struct sockaddr *) &cmd.src_addr, | ||
| 1886 | + (struct sockaddr *) &cmd.dst_addr, cmd.timeout_ms); | ||
| 1887 | ucma_put_ctx(ctx); | ||
| 1888 | return ret; | ||
| 1889 | } | ||
| 1890 | @@ -1146,6 +1156,11 @@ static ssize_t ucma_init_qp_attr(struct ucma_file *file, | ||
| 1891 | if (IS_ERR(ctx)) | ||
| 1892 | return PTR_ERR(ctx); | ||
| 1893 | |||
| 1894 | + if (!ctx->cm_id->device) { | ||
| 1895 | + ret = -EINVAL; | ||
| 1896 | + goto out; | ||
| 1897 | + } | ||
| 1898 | + | ||
| 1899 | resp.qp_attr_mask = 0; | ||
| 1900 | memset(&qp_attr, 0, sizeof qp_attr); | ||
| 1901 | qp_attr.qp_state = cmd.qp_state; | ||
| 1902 | @@ -1302,7 +1317,7 @@ static ssize_t ucma_notify(struct ucma_file *file, const char __user *inbuf, | ||
| 1903 | { | ||
| 1904 | struct rdma_ucm_notify cmd; | ||
| 1905 | struct ucma_context *ctx; | ||
| 1906 | - int ret; | ||
| 1907 | + int ret = -EINVAL; | ||
| 1908 | |||
| 1909 | if (copy_from_user(&cmd, inbuf, sizeof(cmd))) | ||
| 1910 | return -EFAULT; | ||
| 1911 | @@ -1311,7 +1326,9 @@ static ssize_t ucma_notify(struct ucma_file *file, const char __user *inbuf, | ||
| 1912 | if (IS_ERR(ctx)) | ||
| 1913 | return PTR_ERR(ctx); | ||
| 1914 | |||
| 1915 | - ret = rdma_notify(ctx->cm_id, (enum ib_event_type) cmd.event); | ||
| 1916 | + if (ctx->cm_id->device) | ||
| 1917 | + ret = rdma_notify(ctx->cm_id, (enum ib_event_type)cmd.event); | ||
| 1918 | + | ||
| 1919 | ucma_put_ctx(ctx); | ||
| 1920 | return ret; | ||
| 1921 | } | ||
| 1922 | @@ -1397,7 +1414,7 @@ static ssize_t ucma_join_ip_multicast(struct ucma_file *file, | ||
| 1923 | join_cmd.response = cmd.response; | ||
| 1924 | join_cmd.uid = cmd.uid; | ||
| 1925 | join_cmd.id = cmd.id; | ||
| 1926 | - join_cmd.addr_size = rdma_addr_size((struct sockaddr *) &cmd.addr); | ||
| 1927 | + join_cmd.addr_size = rdma_addr_size_in6(&cmd.addr); | ||
| 1928 | if (!join_cmd.addr_size) | ||
| 1929 | return -EINVAL; | ||
| 1930 | |||
| 1931 | @@ -1416,7 +1433,7 @@ static ssize_t ucma_join_multicast(struct ucma_file *file, | ||
| 1932 | if (copy_from_user(&cmd, inbuf, sizeof(cmd))) | ||
| 1933 | return -EFAULT; | ||
| 1934 | |||
| 1935 | - if (!rdma_addr_size((struct sockaddr *)&cmd.addr)) | ||
| 1936 | + if (!rdma_addr_size_kss(&cmd.addr)) | ||
| 1937 | return -EINVAL; | ||
| 1938 | |||
| 1939 | return ucma_process_join(file, &cmd, out_len); | ||
| 1940 | diff --git a/drivers/input/mouse/alps.c b/drivers/input/mouse/alps.c | ||
| 1941 | index af83d2e34913..a8a96def0ba2 100644 | ||
| 1942 | --- a/drivers/input/mouse/alps.c | ||
| 1943 | +++ b/drivers/input/mouse/alps.c | ||
| 1944 | @@ -2538,13 +2538,31 @@ static int alps_update_btn_info_ss4_v2(unsigned char otp[][4], | ||
| 1945 | } | ||
| 1946 | |||
| 1947 | static int alps_update_dual_info_ss4_v2(unsigned char otp[][4], | ||
| 1948 | - struct alps_data *priv) | ||
| 1949 | + struct alps_data *priv, | ||
| 1950 | + struct psmouse *psmouse) | ||
| 1951 | { | ||
| 1952 | bool is_dual = false; | ||
| 1953 | + int reg_val = 0; | ||
| 1954 | + struct ps2dev *ps2dev = &psmouse->ps2dev; | ||
| 1955 | |||
| 1956 | - if (IS_SS4PLUS_DEV(priv->dev_id)) | ||
| 1957 | + if (IS_SS4PLUS_DEV(priv->dev_id)) { | ||
| 1958 | is_dual = (otp[0][0] >> 4) & 0x01; | ||
| 1959 | |||
| 1960 | + if (!is_dual) { | ||
| 1961 | + /* For support TrackStick of Thinkpad L/E series */ | ||
| 1962 | + if (alps_exit_command_mode(psmouse) == 0 && | ||
| 1963 | + alps_enter_command_mode(psmouse) == 0) { | ||
| 1964 | + reg_val = alps_command_mode_read_reg(psmouse, | ||
| 1965 | + 0xD7); | ||
| 1966 | + } | ||
| 1967 | + alps_exit_command_mode(psmouse); | ||
| 1968 | + ps2_command(ps2dev, NULL, PSMOUSE_CMD_ENABLE); | ||
| 1969 | + | ||
| 1970 | + if (reg_val == 0x0C || reg_val == 0x1D) | ||
| 1971 | + is_dual = true; | ||
| 1972 | + } | ||
| 1973 | + } | ||
| 1974 | + | ||
| 1975 | if (is_dual) | ||
| 1976 | priv->flags |= ALPS_DUALPOINT | | ||
| 1977 | ALPS_DUALPOINT_WITH_PRESSURE; | ||
| 1978 | @@ -2567,7 +2585,7 @@ static int alps_set_defaults_ss4_v2(struct psmouse *psmouse, | ||
| 1979 | |||
| 1980 | alps_update_btn_info_ss4_v2(otp, priv); | ||
| 1981 | |||
| 1982 | - alps_update_dual_info_ss4_v2(otp, priv); | ||
| 1983 | + alps_update_dual_info_ss4_v2(otp, priv, psmouse); | ||
| 1984 | |||
| 1985 | return 0; | ||
| 1986 | } | ||
| 1987 | diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c | ||
| 1988 | index b604564dec5c..30328e57fdda 100644 | ||
| 1989 | --- a/drivers/input/mousedev.c | ||
| 1990 | +++ b/drivers/input/mousedev.c | ||
| 1991 | @@ -15,6 +15,7 @@ | ||
| 1992 | #define MOUSEDEV_MINORS 31 | ||
| 1993 | #define MOUSEDEV_MIX 63 | ||
| 1994 | |||
| 1995 | +#include <linux/bitops.h> | ||
| 1996 | #include <linux/sched.h> | ||
| 1997 | #include <linux/slab.h> | ||
| 1998 | #include <linux/poll.h> | ||
| 1999 | @@ -103,7 +104,7 @@ struct mousedev_client { | ||
| 2000 | spinlock_t packet_lock; | ||
| 2001 | int pos_x, pos_y; | ||
| 2002 | |||
| 2003 | - signed char ps2[6]; | ||
| 2004 | + u8 ps2[6]; | ||
| 2005 | unsigned char ready, buffer, bufsiz; | ||
| 2006 | unsigned char imexseq, impsseq; | ||
| 2007 | enum mousedev_emul mode; | ||
| 2008 | @@ -291,11 +292,10 @@ static void mousedev_notify_readers(struct mousedev *mousedev, | ||
| 2009 | } | ||
| 2010 | |||
| 2011 | client->pos_x += packet->dx; | ||
| 2012 | - client->pos_x = client->pos_x < 0 ? | ||
| 2013 | - 0 : (client->pos_x >= xres ? xres : client->pos_x); | ||
| 2014 | + client->pos_x = clamp_val(client->pos_x, 0, xres); | ||
| 2015 | + | ||
| 2016 | client->pos_y += packet->dy; | ||
| 2017 | - client->pos_y = client->pos_y < 0 ? | ||
| 2018 | - 0 : (client->pos_y >= yres ? yres : client->pos_y); | ||
| 2019 | + client->pos_y = clamp_val(client->pos_y, 0, yres); | ||
| 2020 | |||
| 2021 | p->dx += packet->dx; | ||
| 2022 | p->dy += packet->dy; | ||
| 2023 | @@ -571,44 +571,50 @@ static int mousedev_open(struct inode *inode, struct file *file) | ||
| 2024 | return error; | ||
| 2025 | } | ||
| 2026 | |||
| 2027 | -static inline int mousedev_limit_delta(int delta, int limit) | ||
| 2028 | -{ | ||
| 2029 | - return delta > limit ? limit : (delta < -limit ? -limit : delta); | ||
| 2030 | -} | ||
| 2031 | - | ||
| 2032 | -static void mousedev_packet(struct mousedev_client *client, | ||
| 2033 | - signed char *ps2_data) | ||
| 2034 | +static void mousedev_packet(struct mousedev_client *client, u8 *ps2_data) | ||
| 2035 | { | ||
| 2036 | struct mousedev_motion *p = &client->packets[client->tail]; | ||
| 2037 | + s8 dx, dy, dz; | ||
| 2038 | + | ||
| 2039 | + dx = clamp_val(p->dx, -127, 127); | ||
| 2040 | + p->dx -= dx; | ||
| 2041 | + | ||
| 2042 | + dy = clamp_val(p->dy, -127, 127); | ||
| 2043 | + p->dy -= dy; | ||
| 2044 | |||
| 2045 | - ps2_data[0] = 0x08 | | ||
| 2046 | - ((p->dx < 0) << 4) | ((p->dy < 0) << 5) | (p->buttons & 0x07); | ||
| 2047 | - ps2_data[1] = mousedev_limit_delta(p->dx, 127); | ||
| 2048 | - ps2_data[2] = mousedev_limit_delta(p->dy, 127); | ||
| 2049 | - p->dx -= ps2_data[1]; | ||
| 2050 | - p->dy -= ps2_data[2]; | ||
| 2051 | + ps2_data[0] = BIT(3); | ||
| 2052 | + ps2_data[0] |= ((dx & BIT(7)) >> 3) | ((dy & BIT(7)) >> 2); | ||
| 2053 | + ps2_data[0] |= p->buttons & 0x07; | ||
| 2054 | + ps2_data[1] = dx; | ||
| 2055 | + ps2_data[2] = dy; | ||
| 2056 | |||
| 2057 | switch (client->mode) { | ||
| 2058 | case MOUSEDEV_EMUL_EXPS: | ||
| 2059 | - ps2_data[3] = mousedev_limit_delta(p->dz, 7); | ||
| 2060 | - p->dz -= ps2_data[3]; | ||
| 2061 | - ps2_data[3] = (ps2_data[3] & 0x0f) | ((p->buttons & 0x18) << 1); | ||
| 2062 | + dz = clamp_val(p->dz, -7, 7); | ||
| 2063 | + p->dz -= dz; | ||
| 2064 | + | ||
| 2065 | + ps2_data[3] = (dz & 0x0f) | ((p->buttons & 0x18) << 1); | ||
| 2066 | client->bufsiz = 4; | ||
| 2067 | break; | ||
| 2068 | |||
| 2069 | case MOUSEDEV_EMUL_IMPS: | ||
| 2070 | - ps2_data[0] |= | ||
| 2071 | - ((p->buttons & 0x10) >> 3) | ((p->buttons & 0x08) >> 1); | ||
| 2072 | - ps2_data[3] = mousedev_limit_delta(p->dz, 127); | ||
| 2073 | - p->dz -= ps2_data[3]; | ||
| 2074 | + dz = clamp_val(p->dz, -127, 127); | ||
| 2075 | + p->dz -= dz; | ||
| 2076 | + | ||
| 2077 | + ps2_data[0] |= ((p->buttons & 0x10) >> 3) | | ||
| 2078 | + ((p->buttons & 0x08) >> 1); | ||
| 2079 | + ps2_data[3] = dz; | ||
| 2080 | + | ||
| 2081 | client->bufsiz = 4; | ||
| 2082 | break; | ||
| 2083 | |||
| 2084 | case MOUSEDEV_EMUL_PS2: | ||
| 2085 | default: | ||
| 2086 | - ps2_data[0] |= | ||
| 2087 | - ((p->buttons & 0x10) >> 3) | ((p->buttons & 0x08) >> 1); | ||
| 2088 | p->dz = 0; | ||
| 2089 | + | ||
| 2090 | + ps2_data[0] |= ((p->buttons & 0x10) >> 3) | | ||
| 2091 | + ((p->buttons & 0x08) >> 1); | ||
| 2092 | + | ||
| 2093 | client->bufsiz = 3; | ||
| 2094 | break; | ||
| 2095 | } | ||
| 2096 | @@ -714,7 +720,7 @@ static ssize_t mousedev_read(struct file *file, char __user *buffer, | ||
| 2097 | { | ||
| 2098 | struct mousedev_client *client = file->private_data; | ||
| 2099 | struct mousedev *mousedev = client->mousedev; | ||
| 2100 | - signed char data[sizeof(client->ps2)]; | ||
| 2101 | + u8 data[sizeof(client->ps2)]; | ||
| 2102 | int retval = 0; | ||
| 2103 | |||
| 2104 | if (!client->ready && !client->buffer && mousedev->exist && | ||
| 2105 | diff --git a/drivers/input/serio/i8042-x86ia64io.h b/drivers/input/serio/i8042-x86ia64io.h | ||
| 2106 | index d1051e3ce819..e484ea2dc787 100644 | ||
| 2107 | --- a/drivers/input/serio/i8042-x86ia64io.h | ||
| 2108 | +++ b/drivers/input/serio/i8042-x86ia64io.h | ||
| 2109 | @@ -530,6 +530,20 @@ static const struct dmi_system_id __initconst i8042_dmi_nomux_table[] = { | ||
| 2110 | { } | ||
| 2111 | }; | ||
| 2112 | |||
| 2113 | +static const struct dmi_system_id i8042_dmi_forcemux_table[] __initconst = { | ||
| 2114 | + { | ||
| 2115 | + /* | ||
| 2116 | + * Sony Vaio VGN-CS series require MUX or the touch sensor | ||
| 2117 | + * buttons will disturb touchpad operation | ||
| 2118 | + */ | ||
| 2119 | + .matches = { | ||
| 2120 | + DMI_MATCH(DMI_SYS_VENDOR, "Sony Corporation"), | ||
| 2121 | + DMI_MATCH(DMI_PRODUCT_NAME, "VGN-CS"), | ||
| 2122 | + }, | ||
| 2123 | + }, | ||
| 2124 | + { } | ||
| 2125 | +}; | ||
| 2126 | + | ||
| 2127 | /* | ||
| 2128 | * On some Asus laptops, just running self tests cause problems. | ||
| 2129 | */ | ||
| 2130 | @@ -692,6 +706,13 @@ static const struct dmi_system_id __initconst i8042_dmi_reset_table[] = { | ||
| 2131 | DMI_MATCH(DMI_PRODUCT_NAME, "20046"), | ||
| 2132 | }, | ||
| 2133 | }, | ||
| 2134 | + { | ||
| 2135 | + /* Lenovo ThinkPad L460 */ | ||
| 2136 | + .matches = { | ||
| 2137 | + DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), | ||
| 2138 | + DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad L460"), | ||
| 2139 | + }, | ||
| 2140 | + }, | ||
| 2141 | { | ||
| 2142 | /* Clevo P650RS, 650RP6, Sager NP8152-S, and others */ | ||
| 2143 | .matches = { | ||
| 2144 | @@ -1223,6 +1244,9 @@ static int __init i8042_platform_init(void) | ||
| 2145 | if (dmi_check_system(i8042_dmi_nomux_table)) | ||
| 2146 | i8042_nomux = true; | ||
| 2147 | |||
| 2148 | + if (dmi_check_system(i8042_dmi_forcemux_table)) | ||
| 2149 | + i8042_nomux = false; | ||
| 2150 | + | ||
| 2151 | if (dmi_check_system(i8042_dmi_notimeout_table)) | ||
| 2152 | i8042_notimeout = true; | ||
| 2153 | |||
| 2154 | diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c | ||
| 2155 | index a68c650aad11..b67414b5a64e 100644 | ||
| 2156 | --- a/drivers/md/dm-ioctl.c | ||
| 2157 | +++ b/drivers/md/dm-ioctl.c | ||
| 2158 | @@ -1777,12 +1777,12 @@ static int validate_params(uint cmd, struct dm_ioctl *param) | ||
| 2159 | cmd == DM_LIST_VERSIONS_CMD) | ||
| 2160 | return 0; | ||
| 2161 | |||
| 2162 | - if ((cmd == DM_DEV_CREATE_CMD)) { | ||
| 2163 | + if (cmd == DM_DEV_CREATE_CMD) { | ||
| 2164 | if (!*param->name) { | ||
| 2165 | DMWARN("name not supplied when creating device"); | ||
| 2166 | return -EINVAL; | ||
| 2167 | } | ||
| 2168 | - } else if ((*param->uuid && *param->name)) { | ||
| 2169 | + } else if (*param->uuid && *param->name) { | ||
| 2170 | DMWARN("only supply one of name or uuid, cmd(%u)", cmd); | ||
| 2171 | return -EINVAL; | ||
| 2172 | } | ||
| 2173 | diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c | ||
| 2174 | index 18a4271bf569..6a7b9b1dcfe3 100644 | ||
| 2175 | --- a/drivers/md/raid10.c | ||
| 2176 | +++ b/drivers/md/raid10.c | ||
| 2177 | @@ -3681,6 +3681,7 @@ static int raid10_run(struct mddev *mddev) | ||
| 2178 | |||
| 2179 | if (blk_queue_discard(bdev_get_queue(rdev->bdev))) | ||
| 2180 | discard_supported = true; | ||
| 2181 | + first = 0; | ||
| 2182 | } | ||
| 2183 | |||
| 2184 | if (mddev->queue) { | ||
| 2185 | diff --git a/drivers/media/usb/usbtv/usbtv-core.c b/drivers/media/usb/usbtv/usbtv-core.c | ||
| 2186 | index 0324633ede42..e56a49a5e8b1 100644 | ||
| 2187 | --- a/drivers/media/usb/usbtv/usbtv-core.c | ||
| 2188 | +++ b/drivers/media/usb/usbtv/usbtv-core.c | ||
| 2189 | @@ -109,6 +109,8 @@ static int usbtv_probe(struct usb_interface *intf, | ||
| 2190 | return 0; | ||
| 2191 | |||
| 2192 | usbtv_audio_fail: | ||
| 2193 | + /* we must not free at this point */ | ||
| 2194 | + usb_get_dev(usbtv->udev); | ||
| 2195 | usbtv_video_free(usbtv); | ||
| 2196 | |||
| 2197 | usbtv_video_fail: | ||
| 2198 | diff --git a/drivers/misc/mei/main.c b/drivers/misc/mei/main.c | ||
| 2199 | index 41f318631c6d..60f5a8ded8dd 100644 | ||
| 2200 | --- a/drivers/misc/mei/main.c | ||
| 2201 | +++ b/drivers/misc/mei/main.c | ||
| 2202 | @@ -551,7 +551,6 @@ static long mei_ioctl(struct file *file, unsigned int cmd, unsigned long data) | ||
| 2203 | break; | ||
| 2204 | |||
| 2205 | default: | ||
| 2206 | - dev_err(dev->dev, ": unsupported ioctl %d.\n", cmd); | ||
| 2207 | rets = -ENOIOCTLCMD; | ||
| 2208 | } | ||
| 2209 | |||
| 2210 | diff --git a/drivers/mtd/chips/jedec_probe.c b/drivers/mtd/chips/jedec_probe.c | ||
| 2211 | index 7c0b27d132b1..b479bd81120b 100644 | ||
| 2212 | --- a/drivers/mtd/chips/jedec_probe.c | ||
| 2213 | +++ b/drivers/mtd/chips/jedec_probe.c | ||
| 2214 | @@ -1889,6 +1889,8 @@ static inline u32 jedec_read_mfr(struct map_info *map, uint32_t base, | ||
| 2215 | do { | ||
| 2216 | uint32_t ofs = cfi_build_cmd_addr(0 + (bank << 8), map, cfi); | ||
| 2217 | mask = (1 << (cfi->device_type * 8)) - 1; | ||
| 2218 | + if (ofs >= map->size) | ||
| 2219 | + return 0; | ||
| 2220 | result = map_read(map, base + ofs); | ||
| 2221 | bank++; | ||
| 2222 | } while ((result.x[0] & mask) == CFI_MFR_CONTINUATION); | ||
| 2223 | diff --git a/drivers/net/ethernet/apm/xgene/xgene_enet_main.c b/drivers/net/ethernet/apm/xgene/xgene_enet_main.c | ||
| 2224 | index 651f308cdc60..fca2e428cd86 100644 | ||
| 2225 | --- a/drivers/net/ethernet/apm/xgene/xgene_enet_main.c | ||
| 2226 | +++ b/drivers/net/ethernet/apm/xgene/xgene_enet_main.c | ||
| 2227 | @@ -1680,6 +1680,30 @@ static void xgene_enet_napi_add(struct xgene_enet_pdata *pdata) | ||
| 2228 | } | ||
| 2229 | } | ||
| 2230 | |||
| 2231 | +#ifdef CONFIG_ACPI | ||
| 2232 | +static const struct acpi_device_id xgene_enet_acpi_match[] = { | ||
| 2233 | + { "APMC0D05", XGENE_ENET1}, | ||
| 2234 | + { "APMC0D30", XGENE_ENET1}, | ||
| 2235 | + { "APMC0D31", XGENE_ENET1}, | ||
| 2236 | + { "APMC0D3F", XGENE_ENET1}, | ||
| 2237 | + { "APMC0D26", XGENE_ENET2}, | ||
| 2238 | + { "APMC0D25", XGENE_ENET2}, | ||
| 2239 | + { } | ||
| 2240 | +}; | ||
| 2241 | +MODULE_DEVICE_TABLE(acpi, xgene_enet_acpi_match); | ||
| 2242 | +#endif | ||
| 2243 | + | ||
| 2244 | +static const struct of_device_id xgene_enet_of_match[] = { | ||
| 2245 | + {.compatible = "apm,xgene-enet", .data = (void *)XGENE_ENET1}, | ||
| 2246 | + {.compatible = "apm,xgene1-sgenet", .data = (void *)XGENE_ENET1}, | ||
| 2247 | + {.compatible = "apm,xgene1-xgenet", .data = (void *)XGENE_ENET1}, | ||
| 2248 | + {.compatible = "apm,xgene2-sgenet", .data = (void *)XGENE_ENET2}, | ||
| 2249 | + {.compatible = "apm,xgene2-xgenet", .data = (void *)XGENE_ENET2}, | ||
| 2250 | + {}, | ||
| 2251 | +}; | ||
| 2252 | + | ||
| 2253 | +MODULE_DEVICE_TABLE(of, xgene_enet_of_match); | ||
| 2254 | + | ||
| 2255 | static int xgene_enet_probe(struct platform_device *pdev) | ||
| 2256 | { | ||
| 2257 | struct net_device *ndev; | ||
| 2258 | @@ -1826,32 +1850,6 @@ static void xgene_enet_shutdown(struct platform_device *pdev) | ||
| 2259 | xgene_enet_remove(pdev); | ||
| 2260 | } | ||
| 2261 | |||
| 2262 | -#ifdef CONFIG_ACPI | ||
| 2263 | -static const struct acpi_device_id xgene_enet_acpi_match[] = { | ||
| 2264 | - { "APMC0D05", XGENE_ENET1}, | ||
| 2265 | - { "APMC0D30", XGENE_ENET1}, | ||
| 2266 | - { "APMC0D31", XGENE_ENET1}, | ||
| 2267 | - { "APMC0D3F", XGENE_ENET1}, | ||
| 2268 | - { "APMC0D26", XGENE_ENET2}, | ||
| 2269 | - { "APMC0D25", XGENE_ENET2}, | ||
| 2270 | - { } | ||
| 2271 | -}; | ||
| 2272 | -MODULE_DEVICE_TABLE(acpi, xgene_enet_acpi_match); | ||
| 2273 | -#endif | ||
| 2274 | - | ||
| 2275 | -#ifdef CONFIG_OF | ||
| 2276 | -static const struct of_device_id xgene_enet_of_match[] = { | ||
| 2277 | - {.compatible = "apm,xgene-enet", .data = (void *)XGENE_ENET1}, | ||
| 2278 | - {.compatible = "apm,xgene1-sgenet", .data = (void *)XGENE_ENET1}, | ||
| 2279 | - {.compatible = "apm,xgene1-xgenet", .data = (void *)XGENE_ENET1}, | ||
| 2280 | - {.compatible = "apm,xgene2-sgenet", .data = (void *)XGENE_ENET2}, | ||
| 2281 | - {.compatible = "apm,xgene2-xgenet", .data = (void *)XGENE_ENET2}, | ||
| 2282 | - {}, | ||
| 2283 | -}; | ||
| 2284 | - | ||
| 2285 | -MODULE_DEVICE_TABLE(of, xgene_enet_of_match); | ||
| 2286 | -#endif | ||
| 2287 | - | ||
| 2288 | static struct platform_driver xgene_enet_driver = { | ||
| 2289 | .driver = { | ||
| 2290 | .name = "xgene-enet", | ||
| 2291 | diff --git a/drivers/net/ethernet/hisilicon/hns/hns_dsaf_gmac.c b/drivers/net/ethernet/hisilicon/hns/hns_dsaf_gmac.c | ||
| 2292 | index 34b5e699a1d5..02a03bccde7b 100644 | ||
| 2293 | --- a/drivers/net/ethernet/hisilicon/hns/hns_dsaf_gmac.c | ||
| 2294 | +++ b/drivers/net/ethernet/hisilicon/hns/hns_dsaf_gmac.c | ||
| 2295 | @@ -671,7 +671,7 @@ static void hns_gmac_get_strings(u32 stringset, u8 *data) | ||
| 2296 | |||
| 2297 | static int hns_gmac_get_sset_count(int stringset) | ||
| 2298 | { | ||
| 2299 | - if (stringset == ETH_SS_STATS || stringset == ETH_SS_PRIV_FLAGS) | ||
| 2300 | + if (stringset == ETH_SS_STATS) | ||
| 2301 | return ARRAY_SIZE(g_gmac_stats_string); | ||
| 2302 | |||
| 2303 | return 0; | ||
| 2304 | diff --git a/drivers/net/ethernet/hisilicon/hns/hns_dsaf_ppe.c b/drivers/net/ethernet/hisilicon/hns/hns_dsaf_ppe.c | ||
| 2305 | index 4ecb809785f9..6ea872287307 100644 | ||
| 2306 | --- a/drivers/net/ethernet/hisilicon/hns/hns_dsaf_ppe.c | ||
| 2307 | +++ b/drivers/net/ethernet/hisilicon/hns/hns_dsaf_ppe.c | ||
| 2308 | @@ -422,7 +422,7 @@ void hns_ppe_update_stats(struct hns_ppe_cb *ppe_cb) | ||
| 2309 | |||
| 2310 | int hns_ppe_get_sset_count(int stringset) | ||
| 2311 | { | ||
| 2312 | - if (stringset == ETH_SS_STATS || stringset == ETH_SS_PRIV_FLAGS) | ||
| 2313 | + if (stringset == ETH_SS_STATS) | ||
| 2314 | return ETH_PPE_STATIC_NUM; | ||
| 2315 | return 0; | ||
| 2316 | } | ||
| 2317 | diff --git a/drivers/net/ethernet/hisilicon/hns/hns_dsaf_rcb.c b/drivers/net/ethernet/hisilicon/hns/hns_dsaf_rcb.c | ||
| 2318 | index fbbbbffd58dc..f3be9ac47bfb 100644 | ||
| 2319 | --- a/drivers/net/ethernet/hisilicon/hns/hns_dsaf_rcb.c | ||
| 2320 | +++ b/drivers/net/ethernet/hisilicon/hns/hns_dsaf_rcb.c | ||
| 2321 | @@ -798,7 +798,7 @@ void hns_rcb_get_stats(struct hnae_queue *queue, u64 *data) | ||
| 2322 | */ | ||
| 2323 | int hns_rcb_get_ring_sset_count(int stringset) | ||
| 2324 | { | ||
| 2325 | - if (stringset == ETH_SS_STATS || stringset == ETH_SS_PRIV_FLAGS) | ||
| 2326 | + if (stringset == ETH_SS_STATS) | ||
| 2327 | return HNS_RING_STATIC_REG_NUM; | ||
| 2328 | |||
| 2329 | return 0; | ||
| 2330 | diff --git a/drivers/net/ethernet/hisilicon/hns/hns_ethtool.c b/drivers/net/ethernet/hisilicon/hns/hns_ethtool.c | ||
| 2331 | index 86a496d71995..6be0cae44e9b 100644 | ||
| 2332 | --- a/drivers/net/ethernet/hisilicon/hns/hns_ethtool.c | ||
| 2333 | +++ b/drivers/net/ethernet/hisilicon/hns/hns_ethtool.c | ||
| 2334 | @@ -1017,8 +1017,10 @@ int hns_get_sset_count(struct net_device *netdev, int stringset) | ||
| 2335 | cnt--; | ||
| 2336 | |||
| 2337 | return cnt; | ||
| 2338 | - } else { | ||
| 2339 | + } else if (stringset == ETH_SS_STATS) { | ||
| 2340 | return (HNS_NET_STATS_CNT + ops->get_sset_count(h, stringset)); | ||
| 2341 | + } else { | ||
| 2342 | + return -EOPNOTSUPP; | ||
| 2343 | } | ||
| 2344 | } | ||
| 2345 | |||
| 2346 | diff --git a/drivers/net/phy/mdio-xgene.c b/drivers/net/phy/mdio-xgene.c | ||
| 2347 | index 39be3b82608f..20fbcc9c4687 100644 | ||
| 2348 | --- a/drivers/net/phy/mdio-xgene.c | ||
| 2349 | +++ b/drivers/net/phy/mdio-xgene.c | ||
| 2350 | @@ -314,6 +314,30 @@ static acpi_status acpi_register_phy(acpi_handle handle, u32 lvl, | ||
| 2351 | } | ||
| 2352 | #endif | ||
| 2353 | |||
| 2354 | +static const struct of_device_id xgene_mdio_of_match[] = { | ||
| 2355 | + { | ||
| 2356 | + .compatible = "apm,xgene-mdio-rgmii", | ||
| 2357 | + .data = (void *)XGENE_MDIO_RGMII | ||
| 2358 | + }, | ||
| 2359 | + { | ||
| 2360 | + .compatible = "apm,xgene-mdio-xfi", | ||
| 2361 | + .data = (void *)XGENE_MDIO_XFI | ||
| 2362 | + }, | ||
| 2363 | + {}, | ||
| 2364 | +}; | ||
| 2365 | +MODULE_DEVICE_TABLE(of, xgene_mdio_of_match); | ||
| 2366 | + | ||
| 2367 | +#ifdef CONFIG_ACPI | ||
| 2368 | +static const struct acpi_device_id xgene_mdio_acpi_match[] = { | ||
| 2369 | + { "APMC0D65", XGENE_MDIO_RGMII }, | ||
| 2370 | + { "APMC0D66", XGENE_MDIO_XFI }, | ||
| 2371 | + { } | ||
| 2372 | +}; | ||
| 2373 | + | ||
| 2374 | +MODULE_DEVICE_TABLE(acpi, xgene_mdio_acpi_match); | ||
| 2375 | +#endif | ||
| 2376 | + | ||
| 2377 | + | ||
| 2378 | static int xgene_mdio_probe(struct platform_device *pdev) | ||
| 2379 | { | ||
| 2380 | struct device *dev = &pdev->dev; | ||
| 2381 | @@ -439,32 +463,6 @@ static int xgene_mdio_remove(struct platform_device *pdev) | ||
| 2382 | return 0; | ||
| 2383 | } | ||
| 2384 | |||
| 2385 | -#ifdef CONFIG_OF | ||
| 2386 | -static const struct of_device_id xgene_mdio_of_match[] = { | ||
| 2387 | - { | ||
| 2388 | - .compatible = "apm,xgene-mdio-rgmii", | ||
| 2389 | - .data = (void *)XGENE_MDIO_RGMII | ||
| 2390 | - }, | ||
| 2391 | - { | ||
| 2392 | - .compatible = "apm,xgene-mdio-xfi", | ||
| 2393 | - .data = (void *)XGENE_MDIO_XFI | ||
| 2394 | - }, | ||
| 2395 | - {}, | ||
| 2396 | -}; | ||
| 2397 | - | ||
| 2398 | -MODULE_DEVICE_TABLE(of, xgene_mdio_of_match); | ||
| 2399 | -#endif | ||
| 2400 | - | ||
| 2401 | -#ifdef CONFIG_ACPI | ||
| 2402 | -static const struct acpi_device_id xgene_mdio_acpi_match[] = { | ||
| 2403 | - { "APMC0D65", XGENE_MDIO_RGMII }, | ||
| 2404 | - { "APMC0D66", XGENE_MDIO_XFI }, | ||
| 2405 | - { } | ||
| 2406 | -}; | ||
| 2407 | - | ||
| 2408 | -MODULE_DEVICE_TABLE(acpi, xgene_mdio_acpi_match); | ||
| 2409 | -#endif | ||
| 2410 | - | ||
| 2411 | static struct platform_driver xgene_mdio_driver = { | ||
| 2412 | .driver = { | ||
| 2413 | .name = "xgene-mdio", | ||
| 2414 | diff --git a/drivers/net/phy/mdio-xgene.h b/drivers/net/phy/mdio-xgene.h | ||
| 2415 | index 354241b53c1d..594a11d42401 100644 | ||
| 2416 | --- a/drivers/net/phy/mdio-xgene.h | ||
| 2417 | +++ b/drivers/net/phy/mdio-xgene.h | ||
| 2418 | @@ -132,10 +132,6 @@ static inline u64 xgene_enet_get_field_value(int pos, int len, u64 src) | ||
| 2419 | #define GET_BIT(field, src) \ | ||
| 2420 | xgene_enet_get_field_value(field ## _POS, 1, src) | ||
| 2421 | |||
| 2422 | -static const struct of_device_id xgene_mdio_of_match[]; | ||
| 2423 | -#ifdef CONFIG_ACPI | ||
| 2424 | -static const struct acpi_device_id xgene_mdio_acpi_match[]; | ||
| 2425 | -#endif | ||
| 2426 | int xgene_mdio_rgmii_read(struct mii_bus *bus, int phy_id, int reg); | ||
| 2427 | int xgene_mdio_rgmii_write(struct mii_bus *bus, int phy_id, int reg, u16 data); | ||
| 2428 | struct phy_device *xgene_enet_phy_register(struct mii_bus *bus, int phy_addr); | ||
| 2429 | diff --git a/drivers/parport/parport_pc.c b/drivers/parport/parport_pc.c | ||
| 2430 | index 78530d1714dc..bdce0679674c 100644 | ||
| 2431 | --- a/drivers/parport/parport_pc.c | ||
| 2432 | +++ b/drivers/parport/parport_pc.c | ||
| 2433 | @@ -2646,6 +2646,7 @@ enum parport_pc_pci_cards { | ||
| 2434 | netmos_9901, | ||
| 2435 | netmos_9865, | ||
| 2436 | quatech_sppxp100, | ||
| 2437 | + wch_ch382l, | ||
| 2438 | }; | ||
| 2439 | |||
| 2440 | |||
| 2441 | @@ -2708,6 +2709,7 @@ static struct parport_pc_pci { | ||
| 2442 | /* netmos_9901 */ { 1, { { 0, -1 }, } }, | ||
| 2443 | /* netmos_9865 */ { 1, { { 0, -1 }, } }, | ||
| 2444 | /* quatech_sppxp100 */ { 1, { { 0, 1 }, } }, | ||
| 2445 | + /* wch_ch382l */ { 1, { { 2, -1 }, } }, | ||
| 2446 | }; | ||
| 2447 | |||
| 2448 | static const struct pci_device_id parport_pc_pci_tbl[] = { | ||
| 2449 | @@ -2797,6 +2799,8 @@ static const struct pci_device_id parport_pc_pci_tbl[] = { | ||
| 2450 | /* Quatech SPPXP-100 Parallel port PCI ExpressCard */ | ||
| 2451 | { PCI_VENDOR_ID_QUATECH, PCI_DEVICE_ID_QUATECH_SPPXP_100, | ||
| 2452 | PCI_ANY_ID, PCI_ANY_ID, 0, 0, quatech_sppxp100 }, | ||
| 2453 | + /* WCH CH382L PCI-E single parallel port card */ | ||
| 2454 | + { 0x1c00, 0x3050, 0x1c00, 0x3050, 0, 0, wch_ch382l }, | ||
| 2455 | { 0, } /* terminate list */ | ||
| 2456 | }; | ||
| 2457 | MODULE_DEVICE_TABLE(pci, parport_pc_pci_tbl); | ||
| 2458 | diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c | ||
| 2459 | index a98be6db7e93..56340abe4fc6 100644 | ||
| 2460 | --- a/drivers/pci/probe.c | ||
| 2461 | +++ b/drivers/pci/probe.c | ||
| 2462 | @@ -231,7 +231,7 @@ int __pci_read_base(struct pci_dev *dev, enum pci_bar_type type, | ||
| 2463 | res->flags |= IORESOURCE_ROM_ENABLE; | ||
| 2464 | l64 = l & PCI_ROM_ADDRESS_MASK; | ||
| 2465 | sz64 = sz & PCI_ROM_ADDRESS_MASK; | ||
| 2466 | - mask64 = (u32)PCI_ROM_ADDRESS_MASK; | ||
| 2467 | + mask64 = PCI_ROM_ADDRESS_MASK; | ||
| 2468 | } | ||
| 2469 | |||
| 2470 | if (res->flags & IORESOURCE_MEM_64) { | ||
| 2471 | diff --git a/drivers/pci/setup-res.c b/drivers/pci/setup-res.c | ||
| 2472 | index 4bc589ee78d0..85774b7a316a 100644 | ||
| 2473 | --- a/drivers/pci/setup-res.c | ||
| 2474 | +++ b/drivers/pci/setup-res.c | ||
| 2475 | @@ -63,7 +63,7 @@ static void pci_std_update_resource(struct pci_dev *dev, int resno) | ||
| 2476 | mask = (u32)PCI_BASE_ADDRESS_IO_MASK; | ||
| 2477 | new |= res->flags & ~PCI_BASE_ADDRESS_IO_MASK; | ||
| 2478 | } else if (resno == PCI_ROM_RESOURCE) { | ||
| 2479 | - mask = (u32)PCI_ROM_ADDRESS_MASK; | ||
| 2480 | + mask = PCI_ROM_ADDRESS_MASK; | ||
| 2481 | } else { | ||
| 2482 | mask = (u32)PCI_BASE_ADDRESS_MEM_MASK; | ||
| 2483 | new |= res->flags & ~PCI_BASE_ADDRESS_MEM_MASK; | ||
| 2484 | diff --git a/drivers/scsi/virtio_scsi.c b/drivers/scsi/virtio_scsi.c | ||
| 2485 | index 8f4adc1d9588..cbc8e9388268 100644 | ||
| 2486 | --- a/drivers/scsi/virtio_scsi.c | ||
| 2487 | +++ b/drivers/scsi/virtio_scsi.c | ||
| 2488 | @@ -819,6 +819,7 @@ static struct scsi_host_template virtscsi_host_template_multi = { | ||
| 2489 | .change_queue_depth = virtscsi_change_queue_depth, | ||
| 2490 | .eh_abort_handler = virtscsi_abort, | ||
| 2491 | .eh_device_reset_handler = virtscsi_device_reset, | ||
| 2492 | + .slave_alloc = virtscsi_device_alloc, | ||
| 2493 | |||
| 2494 | .can_queue = 1024, | ||
| 2495 | .dma_boundary = UINT_MAX, | ||
| 2496 | diff --git a/drivers/spi/Kconfig b/drivers/spi/Kconfig | ||
| 2497 | index 0e7415f6d093..b7995474148c 100644 | ||
| 2498 | --- a/drivers/spi/Kconfig | ||
| 2499 | +++ b/drivers/spi/Kconfig | ||
| 2500 | @@ -156,7 +156,6 @@ config SPI_BCM63XX_HSSPI | ||
| 2501 | config SPI_BCM_QSPI | ||
| 2502 | tristate "Broadcom BSPI and MSPI controller support" | ||
| 2503 | depends on ARCH_BRCMSTB || ARCH_BCM || ARCH_BCM_IPROC || COMPILE_TEST | ||
| 2504 | - depends on MTD_NORFLASH | ||
| 2505 | default ARCH_BCM_IPROC | ||
| 2506 | help | ||
| 2507 | Enables support for the Broadcom SPI flash and MSPI controller. | ||
| 2508 | diff --git a/drivers/spi/spi-davinci.c b/drivers/spi/spi-davinci.c | ||
| 2509 | index 02fb96797ac8..0d8f43a17edb 100644 | ||
| 2510 | --- a/drivers/spi/spi-davinci.c | ||
| 2511 | +++ b/drivers/spi/spi-davinci.c | ||
| 2512 | @@ -646,7 +646,7 @@ static int davinci_spi_bufs(struct spi_device *spi, struct spi_transfer *t) | ||
| 2513 | buf = t->rx_buf; | ||
| 2514 | t->rx_dma = dma_map_single(&spi->dev, buf, | ||
| 2515 | t->len, DMA_FROM_DEVICE); | ||
| 2516 | - if (dma_mapping_error(&spi->dev, !t->rx_dma)) { | ||
| 2517 | + if (dma_mapping_error(&spi->dev, t->rx_dma)) { | ||
| 2518 | ret = -EFAULT; | ||
| 2519 | goto err_rx_map; | ||
| 2520 | } | ||
| 2521 | diff --git a/drivers/staging/comedi/drivers/ni_mio_common.c b/drivers/staging/comedi/drivers/ni_mio_common.c | ||
| 2522 | index a574885ffba9..18c5312f7886 100644 | ||
| 2523 | --- a/drivers/staging/comedi/drivers/ni_mio_common.c | ||
| 2524 | +++ b/drivers/staging/comedi/drivers/ni_mio_common.c | ||
| 2525 | @@ -1284,6 +1284,8 @@ static void ack_a_interrupt(struct comedi_device *dev, unsigned short a_status) | ||
| 2526 | ack |= NISTC_INTA_ACK_AI_START; | ||
| 2527 | if (a_status & NISTC_AI_STATUS1_STOP) | ||
| 2528 | ack |= NISTC_INTA_ACK_AI_STOP; | ||
| 2529 | + if (a_status & NISTC_AI_STATUS1_OVER) | ||
| 2530 | + ack |= NISTC_INTA_ACK_AI_ERR; | ||
| 2531 | if (ack) | ||
| 2532 | ni_stc_writew(dev, ack, NISTC_INTA_ACK_REG); | ||
| 2533 | } | ||
| 2534 | diff --git a/drivers/tty/vt/vt.c b/drivers/tty/vt/vt.c | ||
| 2535 | index 68c7bb0b7991..9e1ac58e269e 100644 | ||
| 2536 | --- a/drivers/tty/vt/vt.c | ||
| 2537 | +++ b/drivers/tty/vt/vt.c | ||
| 2538 | @@ -1354,6 +1354,11 @@ static void csi_m(struct vc_data *vc) | ||
| 2539 | case 3: | ||
| 2540 | vc->vc_italic = 1; | ||
| 2541 | break; | ||
| 2542 | + case 21: | ||
| 2543 | + /* | ||
| 2544 | + * No console drivers support double underline, so | ||
| 2545 | + * convert it to a single underline. | ||
| 2546 | + */ | ||
| 2547 | case 4: | ||
| 2548 | vc->vc_underline = 1; | ||
| 2549 | break; | ||
| 2550 | @@ -1389,7 +1394,6 @@ static void csi_m(struct vc_data *vc) | ||
| 2551 | vc->vc_disp_ctrl = 1; | ||
| 2552 | vc->vc_toggle_meta = 1; | ||
| 2553 | break; | ||
| 2554 | - case 21: | ||
| 2555 | case 22: | ||
| 2556 | vc->vc_intensity = 1; | ||
| 2557 | break; | ||
| 2558 | diff --git a/drivers/usb/dwc2/hcd.c b/drivers/usb/dwc2/hcd.c | ||
| 2559 | index dfc0566bb155..919a32153060 100644 | ||
| 2560 | --- a/drivers/usb/dwc2/hcd.c | ||
| 2561 | +++ b/drivers/usb/dwc2/hcd.c | ||
| 2562 | @@ -3220,7 +3220,6 @@ static void dwc2_conn_id_status_change(struct work_struct *work) | ||
| 2563 | dwc2_core_init(hsotg, false); | ||
| 2564 | dwc2_enable_global_interrupts(hsotg); | ||
| 2565 | spin_lock_irqsave(&hsotg->lock, flags); | ||
| 2566 | - dwc2_hsotg_disconnect(hsotg); | ||
| 2567 | dwc2_hsotg_core_init_disconnected(hsotg, false); | ||
| 2568 | spin_unlock_irqrestore(&hsotg->lock, flags); | ||
| 2569 | dwc2_hsotg_core_connect(hsotg); | ||
| 2570 | @@ -3238,8 +3237,12 @@ static void dwc2_conn_id_status_change(struct work_struct *work) | ||
| 2571 | if (count > 250) | ||
| 2572 | dev_err(hsotg->dev, | ||
| 2573 | "Connection id status change timed out\n"); | ||
| 2574 | - hsotg->op_state = OTG_STATE_A_HOST; | ||
| 2575 | |||
| 2576 | + spin_lock_irqsave(&hsotg->lock, flags); | ||
| 2577 | + dwc2_hsotg_disconnect(hsotg); | ||
| 2578 | + spin_unlock_irqrestore(&hsotg->lock, flags); | ||
| 2579 | + | ||
| 2580 | + hsotg->op_state = OTG_STATE_A_HOST; | ||
| 2581 | /* Initialize the Core for Host mode */ | ||
| 2582 | dwc2_core_init(hsotg, false); | ||
| 2583 | dwc2_enable_global_interrupts(hsotg); | ||
| 2584 | diff --git a/drivers/usb/gadget/udc/core.c b/drivers/usb/gadget/udc/core.c | ||
| 2585 | index e97539fc127e..7d658565b20f 100644 | ||
| 2586 | --- a/drivers/usb/gadget/udc/core.c | ||
| 2587 | +++ b/drivers/usb/gadget/udc/core.c | ||
| 2588 | @@ -139,10 +139,8 @@ int usb_ep_disable(struct usb_ep *ep) | ||
| 2589 | goto out; | ||
| 2590 | |||
| 2591 | ret = ep->ops->disable(ep); | ||
| 2592 | - if (ret) { | ||
| 2593 | - ret = ret; | ||
| 2594 | + if (ret) | ||
| 2595 | goto out; | ||
| 2596 | - } | ||
| 2597 | |||
| 2598 | ep->enabled = false; | ||
| 2599 | |||
| 2600 | diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c | ||
| 2601 | index 3178d8afb3e6..cab80acace4e 100644 | ||
| 2602 | --- a/drivers/usb/serial/cp210x.c | ||
| 2603 | +++ b/drivers/usb/serial/cp210x.c | ||
| 2604 | @@ -152,6 +152,7 @@ static const struct usb_device_id id_table[] = { | ||
| 2605 | { USB_DEVICE(0x12B8, 0xEC62) }, /* Link G4+ ECU */ | ||
| 2606 | { USB_DEVICE(0x13AD, 0x9999) }, /* Baltech card reader */ | ||
| 2607 | { USB_DEVICE(0x1555, 0x0004) }, /* Owen AC4 USB-RS485 Converter */ | ||
| 2608 | + { USB_DEVICE(0x155A, 0x1006) }, /* ELDAT Easywave RX09 */ | ||
| 2609 | { USB_DEVICE(0x166A, 0x0201) }, /* Clipsal 5500PACA C-Bus Pascal Automation Controller */ | ||
| 2610 | { USB_DEVICE(0x166A, 0x0301) }, /* Clipsal 5800PC C-Bus Wireless PC Interface */ | ||
| 2611 | { USB_DEVICE(0x166A, 0x0303) }, /* Clipsal 5500PCU C-Bus USB interface */ | ||
| 2612 | diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c | ||
| 2613 | index 0c743e4cca1e..71cbc6890ac4 100644 | ||
| 2614 | --- a/drivers/usb/serial/ftdi_sio.c | ||
| 2615 | +++ b/drivers/usb/serial/ftdi_sio.c | ||
| 2616 | @@ -773,6 +773,7 @@ static const struct usb_device_id id_table_combined[] = { | ||
| 2617 | .driver_info = (kernel_ulong_t)&ftdi_NDI_device_quirk }, | ||
| 2618 | { USB_DEVICE(TELLDUS_VID, TELLDUS_TELLSTICK_PID) }, | ||
| 2619 | { USB_DEVICE(NOVITUS_VID, NOVITUS_BONO_E_PID) }, | ||
| 2620 | + { USB_DEVICE(FTDI_VID, RTSYSTEMS_USB_VX8_PID) }, | ||
| 2621 | { USB_DEVICE(RTSYSTEMS_VID, RTSYSTEMS_USB_S03_PID) }, | ||
| 2622 | { USB_DEVICE(RTSYSTEMS_VID, RTSYSTEMS_USB_59_PID) }, | ||
| 2623 | { USB_DEVICE(RTSYSTEMS_VID, RTSYSTEMS_USB_57A_PID) }, | ||
| 2624 | @@ -935,6 +936,7 @@ static const struct usb_device_id id_table_combined[] = { | ||
| 2625 | { USB_DEVICE(FTDI_VID, FTDI_SCIENCESCOPE_LS_LOGBOOK_PID) }, | ||
| 2626 | { USB_DEVICE(FTDI_VID, FTDI_SCIENCESCOPE_HS_LOGBOOK_PID) }, | ||
| 2627 | { USB_DEVICE(FTDI_VID, FTDI_CINTERION_MC55I_PID) }, | ||
| 2628 | + { USB_DEVICE(FTDI_VID, FTDI_FHE_PID) }, | ||
| 2629 | { USB_DEVICE(FTDI_VID, FTDI_DOTEC_PID) }, | ||
| 2630 | { USB_DEVICE(QIHARDWARE_VID, MILKYMISTONE_JTAGSERIAL_PID), | ||
| 2631 | .driver_info = (kernel_ulong_t)&ftdi_jtag_quirk }, | ||
| 2632 | diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h | ||
| 2633 | index 543d2801632b..76a10b222ff9 100644 | ||
| 2634 | --- a/drivers/usb/serial/ftdi_sio_ids.h | ||
| 2635 | +++ b/drivers/usb/serial/ftdi_sio_ids.h | ||
| 2636 | @@ -922,6 +922,9 @@ | ||
| 2637 | /* | ||
| 2638 | * RT Systems programming cables for various ham radios | ||
| 2639 | */ | ||
| 2640 | +/* This device uses the VID of FTDI */ | ||
| 2641 | +#define RTSYSTEMS_USB_VX8_PID 0x9e50 /* USB-VX8 USB to 7 pin modular plug for Yaesu VX-8 radio */ | ||
| 2642 | + | ||
| 2643 | #define RTSYSTEMS_VID 0x2100 /* Vendor ID */ | ||
| 2644 | #define RTSYSTEMS_USB_S03_PID 0x9001 /* RTS-03 USB to Serial Adapter */ | ||
| 2645 | #define RTSYSTEMS_USB_59_PID 0x9e50 /* USB-59 USB to 8 pin plug */ | ||
| 2646 | @@ -1440,6 +1443,12 @@ | ||
| 2647 | */ | ||
| 2648 | #define FTDI_CINTERION_MC55I_PID 0xA951 | ||
| 2649 | |||
| 2650 | +/* | ||
| 2651 | + * Product: FirmwareHubEmulator | ||
| 2652 | + * Manufacturer: Harman Becker Automotive Systems | ||
| 2653 | + */ | ||
| 2654 | +#define FTDI_FHE_PID 0xA9A0 | ||
| 2655 | + | ||
| 2656 | /* | ||
| 2657 | * Product: Comet Caller ID decoder | ||
| 2658 | * Manufacturer: Crucible Technologies | ||
| 2659 | diff --git a/fs/btrfs/tree-log.c b/fs/btrfs/tree-log.c | ||
| 2660 | index 5539f0b95efa..52401732cddc 100644 | ||
| 2661 | --- a/fs/btrfs/tree-log.c | ||
| 2662 | +++ b/fs/btrfs/tree-log.c | ||
| 2663 | @@ -3664,7 +3664,7 @@ static noinline int copy_items(struct btrfs_trans_handle *trans, | ||
| 2664 | |||
| 2665 | src_offset = btrfs_item_ptr_offset(src, start_slot + i); | ||
| 2666 | |||
| 2667 | - if ((i == (nr - 1))) | ||
| 2668 | + if (i == nr - 1) | ||
| 2669 | last_key = ins_keys[i]; | ||
| 2670 | |||
| 2671 | if (ins_keys[i].type == BTRFS_INODE_ITEM_KEY) { | ||
| 2672 | diff --git a/fs/ceph/file.c b/fs/ceph/file.c | ||
| 2673 | index ca3f630db90f..e7ddb23d9bb7 100644 | ||
| 2674 | --- a/fs/ceph/file.c | ||
| 2675 | +++ b/fs/ceph/file.c | ||
| 2676 | @@ -598,7 +598,8 @@ static ssize_t ceph_sync_read(struct kiocb *iocb, struct iov_iter *i, | ||
| 2677 | struct ceph_aio_request { | ||
| 2678 | struct kiocb *iocb; | ||
| 2679 | size_t total_len; | ||
| 2680 | - int write; | ||
| 2681 | + bool write; | ||
| 2682 | + bool should_dirty; | ||
| 2683 | int error; | ||
| 2684 | struct list_head osd_reqs; | ||
| 2685 | unsigned num_reqs; | ||
| 2686 | @@ -708,7 +709,7 @@ static void ceph_aio_complete_req(struct ceph_osd_request *req) | ||
| 2687 | } | ||
| 2688 | } | ||
| 2689 | |||
| 2690 | - ceph_put_page_vector(osd_data->pages, num_pages, !aio_req->write); | ||
| 2691 | + ceph_put_page_vector(osd_data->pages, num_pages, aio_req->should_dirty); | ||
| 2692 | ceph_osdc_put_request(req); | ||
| 2693 | |||
| 2694 | if (rc < 0) | ||
| 2695 | @@ -890,6 +891,7 @@ ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter, | ||
| 2696 | size_t count = iov_iter_count(iter); | ||
| 2697 | loff_t pos = iocb->ki_pos; | ||
| 2698 | bool write = iov_iter_rw(iter) == WRITE; | ||
| 2699 | + bool should_dirty = !write && iter_is_iovec(iter); | ||
| 2700 | |||
| 2701 | if (write && ceph_snap(file_inode(file)) != CEPH_NOSNAP) | ||
| 2702 | return -EROFS; | ||
| 2703 | @@ -954,6 +956,7 @@ ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter, | ||
| 2704 | if (aio_req) { | ||
| 2705 | aio_req->iocb = iocb; | ||
| 2706 | aio_req->write = write; | ||
| 2707 | + aio_req->should_dirty = should_dirty; | ||
| 2708 | INIT_LIST_HEAD(&aio_req->osd_reqs); | ||
| 2709 | if (write) { | ||
| 2710 | aio_req->mtime = mtime; | ||
| 2711 | @@ -1012,7 +1015,7 @@ ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter, | ||
| 2712 | len = ret; | ||
| 2713 | } | ||
| 2714 | |||
| 2715 | - ceph_put_page_vector(pages, num_pages, !write); | ||
| 2716 | + ceph_put_page_vector(pages, num_pages, should_dirty); | ||
| 2717 | |||
| 2718 | ceph_osdc_put_request(req); | ||
| 2719 | if (ret < 0) | ||
| 2720 | diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c | ||
| 2721 | index f2d7402abe02..93c8e4a4bbd3 100644 | ||
| 2722 | --- a/fs/compat_ioctl.c | ||
| 2723 | +++ b/fs/compat_ioctl.c | ||
| 2724 | @@ -833,7 +833,7 @@ static int compat_ioctl_preallocate(struct file *file, | ||
| 2725 | */ | ||
| 2726 | #define XFORM(i) (((i) ^ ((i) << 27) ^ ((i) << 17)) & 0xffffffff) | ||
| 2727 | |||
| 2728 | -#define COMPATIBLE_IOCTL(cmd) XFORM(cmd), | ||
| 2729 | +#define COMPATIBLE_IOCTL(cmd) XFORM((u32)cmd), | ||
| 2730 | /* ioctl should not be warned about even if it's not implemented. | ||
| 2731 | Valid reasons to use this: | ||
| 2732 | - It is implemented with ->compat_ioctl on some device, but programs | ||
| 2733 | diff --git a/include/linux/cpumask.h b/include/linux/cpumask.h | ||
| 2734 | index 2d65bbd6dbd1..18ba29ff1449 100644 | ||
| 2735 | --- a/include/linux/cpumask.h | ||
| 2736 | +++ b/include/linux/cpumask.h | ||
| 2737 | @@ -680,6 +680,11 @@ void alloc_bootmem_cpumask_var(cpumask_var_t *mask); | ||
| 2738 | void free_cpumask_var(cpumask_var_t mask); | ||
| 2739 | void free_bootmem_cpumask_var(cpumask_var_t mask); | ||
| 2740 | |||
| 2741 | +static inline bool cpumask_available(cpumask_var_t mask) | ||
| 2742 | +{ | ||
| 2743 | + return mask != NULL; | ||
| 2744 | +} | ||
| 2745 | + | ||
| 2746 | #else | ||
| 2747 | typedef struct cpumask cpumask_var_t[1]; | ||
| 2748 | |||
| 2749 | @@ -720,6 +725,11 @@ static inline void free_cpumask_var(cpumask_var_t mask) | ||
| 2750 | static inline void free_bootmem_cpumask_var(cpumask_var_t mask) | ||
| 2751 | { | ||
| 2752 | } | ||
| 2753 | + | ||
| 2754 | +static inline bool cpumask_available(cpumask_var_t mask) | ||
| 2755 | +{ | ||
| 2756 | + return true; | ||
| 2757 | +} | ||
| 2758 | #endif /* CONFIG_CPUMASK_OFFSTACK */ | ||
| 2759 | |||
| 2760 | /* It's common to want to use cpu_all_mask in struct member initializers, | ||
| 2761 | diff --git a/include/linux/init.h b/include/linux/init.h | ||
| 2762 | index 683508f6bb4e..0cca4142987f 100644 | ||
| 2763 | --- a/include/linux/init.h | ||
| 2764 | +++ b/include/linux/init.h | ||
| 2765 | @@ -133,6 +133,9 @@ void prepare_namespace(void); | ||
| 2766 | void __init load_default_modules(void); | ||
| 2767 | int __init init_rootfs(void); | ||
| 2768 | |||
| 2769 | +#if defined(CONFIG_DEBUG_RODATA) || defined(CONFIG_DEBUG_SET_MODULE_RONX) | ||
| 2770 | +extern bool rodata_enabled; | ||
| 2771 | +#endif | ||
| 2772 | #ifdef CONFIG_DEBUG_RODATA | ||
| 2773 | void mark_rodata_ro(void); | ||
| 2774 | #endif | ||
| 2775 | diff --git a/include/linux/jiffies.h b/include/linux/jiffies.h | ||
| 2776 | index 589d14e970ad..c2a0f0072274 100644 | ||
| 2777 | --- a/include/linux/jiffies.h | ||
| 2778 | +++ b/include/linux/jiffies.h | ||
| 2779 | @@ -1,6 +1,7 @@ | ||
| 2780 | #ifndef _LINUX_JIFFIES_H | ||
| 2781 | #define _LINUX_JIFFIES_H | ||
| 2782 | |||
| 2783 | +#include <linux/cache.h> | ||
| 2784 | #include <linux/math64.h> | ||
| 2785 | #include <linux/kernel.h> | ||
| 2786 | #include <linux/types.h> | ||
| 2787 | @@ -63,19 +64,17 @@ extern int register_refined_jiffies(long clock_tick_rate); | ||
| 2788 | /* TICK_USEC is the time between ticks in usec assuming fake USER_HZ */ | ||
| 2789 | #define TICK_USEC ((1000000UL + USER_HZ/2) / USER_HZ) | ||
| 2790 | |||
| 2791 | -/* some arch's have a small-data section that can be accessed register-relative | ||
| 2792 | - * but that can only take up to, say, 4-byte variables. jiffies being part of | ||
| 2793 | - * an 8-byte variable may not be correctly accessed unless we force the issue | ||
| 2794 | - */ | ||
| 2795 | -#define __jiffy_data __attribute__((section(".data"))) | ||
| 2796 | +#ifndef __jiffy_arch_data | ||
| 2797 | +#define __jiffy_arch_data | ||
| 2798 | +#endif | ||
| 2799 | |||
| 2800 | /* | ||
| 2801 | * The 64-bit value is not atomic - you MUST NOT read it | ||
| 2802 | * without sampling the sequence number in jiffies_lock. | ||
| 2803 | * get_jiffies_64() will do this for you as appropriate. | ||
| 2804 | */ | ||
| 2805 | -extern u64 __jiffy_data jiffies_64; | ||
| 2806 | -extern unsigned long volatile __jiffy_data jiffies; | ||
| 2807 | +extern u64 __cacheline_aligned_in_smp jiffies_64; | ||
| 2808 | +extern unsigned long volatile __cacheline_aligned_in_smp __jiffy_arch_data jiffies; | ||
| 2809 | |||
| 2810 | #if (BITS_PER_LONG < 64) | ||
| 2811 | u64 get_jiffies_64(void); | ||
| 2812 | diff --git a/include/linux/llist.h b/include/linux/llist.h | ||
| 2813 | index fd4ca0b4fe0f..ac6796138ba0 100644 | ||
| 2814 | --- a/include/linux/llist.h | ||
| 2815 | +++ b/include/linux/llist.h | ||
| 2816 | @@ -87,6 +87,23 @@ static inline void init_llist_head(struct llist_head *list) | ||
| 2817 | #define llist_entry(ptr, type, member) \ | ||
| 2818 | container_of(ptr, type, member) | ||
| 2819 | |||
| 2820 | +/** | ||
| 2821 | + * member_address_is_nonnull - check whether the member address is not NULL | ||
| 2822 | + * @ptr: the object pointer (struct type * that contains the llist_node) | ||
| 2823 | + * @member: the name of the llist_node within the struct. | ||
| 2824 | + * | ||
| 2825 | + * This macro is conceptually the same as | ||
| 2826 | + * &ptr->member != NULL | ||
| 2827 | + * but it works around the fact that compilers can decide that taking a member | ||
| 2828 | + * address is never a NULL pointer. | ||
| 2829 | + * | ||
| 2830 | + * Real objects that start at a high address and have a member at NULL are | ||
| 2831 | + * unlikely to exist, but such pointers may be returned e.g. by the | ||
| 2832 | + * container_of() macro. | ||
| 2833 | + */ | ||
| 2834 | +#define member_address_is_nonnull(ptr, member) \ | ||
| 2835 | + ((uintptr_t)(ptr) + offsetof(typeof(*(ptr)), member) != 0) | ||
| 2836 | + | ||
| 2837 | /** | ||
| 2838 | * llist_for_each - iterate over some deleted entries of a lock-less list | ||
| 2839 | * @pos: the &struct llist_node to use as a loop cursor | ||
| 2840 | @@ -121,7 +138,7 @@ static inline void init_llist_head(struct llist_head *list) | ||
| 2841 | */ | ||
| 2842 | #define llist_for_each_entry(pos, node, member) \ | ||
| 2843 | for ((pos) = llist_entry((node), typeof(*(pos)), member); \ | ||
| 2844 | - &(pos)->member != NULL; \ | ||
| 2845 | + member_address_is_nonnull(pos, member); \ | ||
| 2846 | (pos) = llist_entry((pos)->member.next, typeof(*(pos)), member)) | ||
| 2847 | |||
| 2848 | /** | ||
| 2849 | @@ -143,7 +160,7 @@ static inline void init_llist_head(struct llist_head *list) | ||
| 2850 | */ | ||
| 2851 | #define llist_for_each_entry_safe(pos, n, node, member) \ | ||
| 2852 | for (pos = llist_entry((node), typeof(*pos), member); \ | ||
| 2853 | - &pos->member != NULL && \ | ||
| 2854 | + member_address_is_nonnull(pos, member) && \ | ||
| 2855 | (n = llist_entry(pos->member.next, typeof(*n), member), true); \ | ||
| 2856 | pos = n) | ||
| 2857 | |||
| 2858 | diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h | ||
| 2859 | index 9bfeb88fb940..69111fa2e578 100644 | ||
| 2860 | --- a/include/linux/netfilter/x_tables.h | ||
| 2861 | +++ b/include/linux/netfilter/x_tables.h | ||
| 2862 | @@ -254,6 +254,8 @@ unsigned int *xt_alloc_entry_offsets(unsigned int size); | ||
| 2863 | bool xt_find_jump_offset(const unsigned int *offsets, | ||
| 2864 | unsigned int target, unsigned int size); | ||
| 2865 | |||
| 2866 | +int xt_check_proc_name(const char *name, unsigned int size); | ||
| 2867 | + | ||
| 2868 | int xt_check_match(struct xt_mtchk_param *, unsigned int size, u_int8_t proto, | ||
| 2869 | bool inv_proto); | ||
| 2870 | int xt_check_target(struct xt_tgchk_param *, unsigned int size, u_int8_t proto, | ||
| 2871 | diff --git a/include/rdma/ib_addr.h b/include/rdma/ib_addr.h | ||
| 2872 | index 818a38f99221..f888263fd757 100644 | ||
| 2873 | --- a/include/rdma/ib_addr.h | ||
| 2874 | +++ b/include/rdma/ib_addr.h | ||
| 2875 | @@ -129,6 +129,8 @@ int rdma_copy_addr(struct rdma_dev_addr *dev_addr, struct net_device *dev, | ||
| 2876 | const unsigned char *dst_dev_addr); | ||
| 2877 | |||
| 2878 | int rdma_addr_size(struct sockaddr *addr); | ||
| 2879 | +int rdma_addr_size_in6(struct sockaddr_in6 *addr); | ||
| 2880 | +int rdma_addr_size_kss(struct __kernel_sockaddr_storage *addr); | ||
| 2881 | |||
| 2882 | int rdma_addr_find_smac_by_sgid(union ib_gid *sgid, u8 *smac, u16 *vlan_id); | ||
| 2883 | int rdma_addr_find_l2_eth_by_grh(const union ib_gid *sgid, | ||
| 2884 | diff --git a/include/uapi/linux/pci_regs.h b/include/uapi/linux/pci_regs.h | ||
| 2885 | index e5a2e68b2236..ecc8e01c5616 100644 | ||
| 2886 | --- a/include/uapi/linux/pci_regs.h | ||
| 2887 | +++ b/include/uapi/linux/pci_regs.h | ||
| 2888 | @@ -106,7 +106,7 @@ | ||
| 2889 | #define PCI_SUBSYSTEM_ID 0x2e | ||
| 2890 | #define PCI_ROM_ADDRESS 0x30 /* Bits 31..11 are address, 10..1 reserved */ | ||
| 2891 | #define PCI_ROM_ADDRESS_ENABLE 0x01 | ||
| 2892 | -#define PCI_ROM_ADDRESS_MASK (~0x7ffUL) | ||
| 2893 | +#define PCI_ROM_ADDRESS_MASK (~0x7ffU) | ||
| 2894 | |||
| 2895 | #define PCI_CAPABILITY_LIST 0x34 /* Offset of first capability list entry */ | ||
| 2896 | |||
| 2897 | diff --git a/init/main.c b/init/main.c | ||
| 2898 | index 99f026565608..f22957afb37e 100644 | ||
| 2899 | --- a/init/main.c | ||
| 2900 | +++ b/init/main.c | ||
| 2901 | @@ -81,6 +81,7 @@ | ||
| 2902 | #include <linux/proc_ns.h> | ||
| 2903 | #include <linux/io.h> | ||
| 2904 | #include <linux/kaiser.h> | ||
| 2905 | +#include <linux/cache.h> | ||
| 2906 | |||
| 2907 | #include <asm/io.h> | ||
| 2908 | #include <asm/bugs.h> | ||
| 2909 | @@ -914,14 +915,16 @@ static int try_to_run_init_process(const char *init_filename) | ||
| 2910 | |||
| 2911 | static noinline void __init kernel_init_freeable(void); | ||
| 2912 | |||
| 2913 | -#ifdef CONFIG_DEBUG_RODATA | ||
| 2914 | -static bool rodata_enabled = true; | ||
| 2915 | +#if defined(CONFIG_DEBUG_RODATA) || defined(CONFIG_SET_MODULE_RONX) | ||
| 2916 | +bool rodata_enabled __ro_after_init = true; | ||
| 2917 | static int __init set_debug_rodata(char *str) | ||
| 2918 | { | ||
| 2919 | return strtobool(str, &rodata_enabled); | ||
| 2920 | } | ||
| 2921 | __setup("rodata=", set_debug_rodata); | ||
| 2922 | +#endif | ||
| 2923 | |||
| 2924 | +#ifdef CONFIG_DEBUG_RODATA | ||
| 2925 | static void mark_readonly(void) | ||
| 2926 | { | ||
| 2927 | if (rodata_enabled) | ||
| 2928 | diff --git a/ipc/shm.c b/ipc/shm.c | ||
| 2929 | index e2072ae4f90e..de93d01bfce2 100644 | ||
| 2930 | --- a/ipc/shm.c | ||
| 2931 | +++ b/ipc/shm.c | ||
| 2932 | @@ -381,6 +381,17 @@ static int shm_fault(struct vm_area_struct *vma, struct vm_fault *vmf) | ||
| 2933 | return sfd->vm_ops->fault(vma, vmf); | ||
| 2934 | } | ||
| 2935 | |||
| 2936 | +static int shm_split(struct vm_area_struct *vma, unsigned long addr) | ||
| 2937 | +{ | ||
| 2938 | + struct file *file = vma->vm_file; | ||
| 2939 | + struct shm_file_data *sfd = shm_file_data(file); | ||
| 2940 | + | ||
| 2941 | + if (sfd->vm_ops && sfd->vm_ops->split) | ||
| 2942 | + return sfd->vm_ops->split(vma, addr); | ||
| 2943 | + | ||
| 2944 | + return 0; | ||
| 2945 | +} | ||
| 2946 | + | ||
| 2947 | #ifdef CONFIG_NUMA | ||
| 2948 | static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) | ||
| 2949 | { | ||
| 2950 | @@ -503,6 +514,7 @@ static const struct vm_operations_struct shm_vm_ops = { | ||
| 2951 | .open = shm_open, /* callback for a new vm-area open */ | ||
| 2952 | .close = shm_close, /* callback for when the vm-area is released */ | ||
| 2953 | .fault = shm_fault, | ||
| 2954 | + .split = shm_split, | ||
| 2955 | #if defined(CONFIG_NUMA) | ||
| 2956 | .set_policy = shm_set_policy, | ||
| 2957 | .get_policy = shm_get_policy, | ||
| 2958 | diff --git a/kernel/events/hw_breakpoint.c b/kernel/events/hw_breakpoint.c | ||
| 2959 | index 3f8cb1e14588..253ae2da13c3 100644 | ||
| 2960 | --- a/kernel/events/hw_breakpoint.c | ||
| 2961 | +++ b/kernel/events/hw_breakpoint.c | ||
| 2962 | @@ -427,16 +427,9 @@ EXPORT_SYMBOL_GPL(register_user_hw_breakpoint); | ||
| 2963 | * modify_user_hw_breakpoint - modify a user-space hardware breakpoint | ||
| 2964 | * @bp: the breakpoint structure to modify | ||
| 2965 | * @attr: new breakpoint attributes | ||
| 2966 | - * @triggered: callback to trigger when we hit the breakpoint | ||
| 2967 | - * @tsk: pointer to 'task_struct' of the process to which the address belongs | ||
| 2968 | */ | ||
| 2969 | int modify_user_hw_breakpoint(struct perf_event *bp, struct perf_event_attr *attr) | ||
| 2970 | { | ||
| 2971 | - u64 old_addr = bp->attr.bp_addr; | ||
| 2972 | - u64 old_len = bp->attr.bp_len; | ||
| 2973 | - int old_type = bp->attr.bp_type; | ||
| 2974 | - int err = 0; | ||
| 2975 | - | ||
| 2976 | /* | ||
| 2977 | * modify_user_hw_breakpoint can be invoked with IRQs disabled and hence it | ||
| 2978 | * will not be possible to raise IPIs that invoke __perf_event_disable. | ||
| 2979 | @@ -451,27 +444,18 @@ int modify_user_hw_breakpoint(struct perf_event *bp, struct perf_event_attr *att | ||
| 2980 | bp->attr.bp_addr = attr->bp_addr; | ||
| 2981 | bp->attr.bp_type = attr->bp_type; | ||
| 2982 | bp->attr.bp_len = attr->bp_len; | ||
| 2983 | + bp->attr.disabled = 1; | ||
| 2984 | |||
| 2985 | - if (attr->disabled) | ||
| 2986 | - goto end; | ||
| 2987 | - | ||
| 2988 | - err = validate_hw_breakpoint(bp); | ||
| 2989 | - if (!err) | ||
| 2990 | - perf_event_enable(bp); | ||
| 2991 | + if (!attr->disabled) { | ||
| 2992 | + int err = validate_hw_breakpoint(bp); | ||
| 2993 | |||
| 2994 | - if (err) { | ||
| 2995 | - bp->attr.bp_addr = old_addr; | ||
| 2996 | - bp->attr.bp_type = old_type; | ||
| 2997 | - bp->attr.bp_len = old_len; | ||
| 2998 | - if (!bp->attr.disabled) | ||
| 2999 | - perf_event_enable(bp); | ||
| 3000 | + if (err) | ||
| 3001 | + return err; | ||
| 3002 | |||
| 3003 | - return err; | ||
| 3004 | + perf_event_enable(bp); | ||
| 3005 | + bp->attr.disabled = 0; | ||
| 3006 | } | ||
| 3007 | |||
| 3008 | -end: | ||
| 3009 | - bp->attr.disabled = attr->disabled; | ||
| 3010 | - | ||
| 3011 | return 0; | ||
| 3012 | } | ||
| 3013 | EXPORT_SYMBOL_GPL(modify_user_hw_breakpoint); | ||
| 3014 | diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c | ||
| 3015 | index ea41820ab12e..5927da596d42 100644 | ||
| 3016 | --- a/kernel/irq/manage.c | ||
| 3017 | +++ b/kernel/irq/manage.c | ||
| 3018 | @@ -850,7 +850,7 @@ irq_thread_check_affinity(struct irq_desc *desc, struct irqaction *action) | ||
| 3019 | * This code is triggered unconditionally. Check the affinity | ||
| 3020 | * mask pointer. For CPU_MASK_OFFSTACK=n this is optimized out. | ||
| 3021 | */ | ||
| 3022 | - if (desc->irq_common_data.affinity) | ||
| 3023 | + if (cpumask_available(desc->irq_common_data.affinity)) | ||
| 3024 | cpumask_copy(mask, desc->irq_common_data.affinity); | ||
| 3025 | else | ||
| 3026 | valid = false; | ||
| 3027 | diff --git a/kernel/kprobes.c b/kernel/kprobes.c | ||
| 3028 | index a1a07cf1101f..69485183af79 100644 | ||
| 3029 | --- a/kernel/kprobes.c | ||
| 3030 | +++ b/kernel/kprobes.c | ||
| 3031 | @@ -125,7 +125,7 @@ static void *alloc_insn_page(void) | ||
| 3032 | return module_alloc(PAGE_SIZE); | ||
| 3033 | } | ||
| 3034 | |||
| 3035 | -static void free_insn_page(void *page) | ||
| 3036 | +void __weak free_insn_page(void *page) | ||
| 3037 | { | ||
| 3038 | module_memfree(page); | ||
| 3039 | } | ||
| 3040 | diff --git a/kernel/module.c b/kernel/module.c | ||
| 3041 | index 07bfb9971f2f..0651f2d25fc9 100644 | ||
| 3042 | --- a/kernel/module.c | ||
| 3043 | +++ b/kernel/module.c | ||
| 3044 | @@ -1911,6 +1911,9 @@ static void frob_writable_data(const struct module_layout *layout, | ||
| 3045 | /* livepatching wants to disable read-only so it can frob module. */ | ||
| 3046 | void module_disable_ro(const struct module *mod) | ||
| 3047 | { | ||
| 3048 | + if (!rodata_enabled) | ||
| 3049 | + return; | ||
| 3050 | + | ||
| 3051 | frob_text(&mod->core_layout, set_memory_rw); | ||
| 3052 | frob_rodata(&mod->core_layout, set_memory_rw); | ||
| 3053 | frob_ro_after_init(&mod->core_layout, set_memory_rw); | ||
| 3054 | @@ -1920,6 +1923,9 @@ void module_disable_ro(const struct module *mod) | ||
| 3055 | |||
| 3056 | void module_enable_ro(const struct module *mod, bool after_init) | ||
| 3057 | { | ||
| 3058 | + if (!rodata_enabled) | ||
| 3059 | + return; | ||
| 3060 | + | ||
| 3061 | frob_text(&mod->core_layout, set_memory_ro); | ||
| 3062 | frob_rodata(&mod->core_layout, set_memory_ro); | ||
| 3063 | frob_text(&mod->init_layout, set_memory_ro); | ||
| 3064 | @@ -1952,6 +1958,9 @@ void set_all_modules_text_rw(void) | ||
| 3065 | { | ||
| 3066 | struct module *mod; | ||
| 3067 | |||
| 3068 | + if (!rodata_enabled) | ||
| 3069 | + return; | ||
| 3070 | + | ||
| 3071 | mutex_lock(&module_mutex); | ||
| 3072 | list_for_each_entry_rcu(mod, &modules, list) { | ||
| 3073 | if (mod->state == MODULE_STATE_UNFORMED) | ||
| 3074 | @@ -1968,6 +1977,9 @@ void set_all_modules_text_ro(void) | ||
| 3075 | { | ||
| 3076 | struct module *mod; | ||
| 3077 | |||
| 3078 | + if (!rodata_enabled) | ||
| 3079 | + return; | ||
| 3080 | + | ||
| 3081 | mutex_lock(&module_mutex); | ||
| 3082 | list_for_each_entry_rcu(mod, &modules, list) { | ||
| 3083 | if (mod->state == MODULE_STATE_UNFORMED) | ||
| 3084 | @@ -1981,10 +1993,12 @@ void set_all_modules_text_ro(void) | ||
| 3085 | |||
| 3086 | static void disable_ro_nx(const struct module_layout *layout) | ||
| 3087 | { | ||
| 3088 | - frob_text(layout, set_memory_rw); | ||
| 3089 | - frob_rodata(layout, set_memory_rw); | ||
| 3090 | + if (rodata_enabled) { | ||
| 3091 | + frob_text(layout, set_memory_rw); | ||
| 3092 | + frob_rodata(layout, set_memory_rw); | ||
| 3093 | + frob_ro_after_init(layout, set_memory_rw); | ||
| 3094 | + } | ||
| 3095 | frob_rodata(layout, set_memory_x); | ||
| 3096 | - frob_ro_after_init(layout, set_memory_rw); | ||
| 3097 | frob_ro_after_init(layout, set_memory_x); | ||
| 3098 | frob_writable_data(layout, set_memory_x); | ||
| 3099 | } | ||
| 3100 | diff --git a/mm/vmscan.c b/mm/vmscan.c | ||
| 3101 | index cdd5c3b5c357..557ad1367595 100644 | ||
| 3102 | --- a/mm/vmscan.c | ||
| 3103 | +++ b/mm/vmscan.c | ||
| 3104 | @@ -2966,7 +2966,7 @@ unsigned long try_to_free_pages(struct zonelist *zonelist, int order, | ||
| 3105 | unsigned long nr_reclaimed; | ||
| 3106 | struct scan_control sc = { | ||
| 3107 | .nr_to_reclaim = SWAP_CLUSTER_MAX, | ||
| 3108 | - .gfp_mask = (gfp_mask = memalloc_noio_flags(gfp_mask)), | ||
| 3109 | + .gfp_mask = memalloc_noio_flags(gfp_mask), | ||
| 3110 | .reclaim_idx = gfp_zone(gfp_mask), | ||
| 3111 | .order = order, | ||
| 3112 | .nodemask = nodemask, | ||
| 3113 | @@ -2981,12 +2981,12 @@ unsigned long try_to_free_pages(struct zonelist *zonelist, int order, | ||
| 3114 | * 1 is returned so that the page allocator does not OOM kill at this | ||
| 3115 | * point. | ||
| 3116 | */ | ||
| 3117 | - if (throttle_direct_reclaim(gfp_mask, zonelist, nodemask)) | ||
| 3118 | + if (throttle_direct_reclaim(sc.gfp_mask, zonelist, nodemask)) | ||
| 3119 | return 1; | ||
| 3120 | |||
| 3121 | trace_mm_vmscan_direct_reclaim_begin(order, | ||
| 3122 | sc.may_writepage, | ||
| 3123 | - gfp_mask, | ||
| 3124 | + sc.gfp_mask, | ||
| 3125 | sc.reclaim_idx); | ||
| 3126 | |||
| 3127 | nr_reclaimed = do_try_to_free_pages(zonelist, &sc); | ||
| 3128 | @@ -3749,16 +3749,15 @@ static int __node_reclaim(struct pglist_data *pgdat, gfp_t gfp_mask, unsigned in | ||
| 3129 | const unsigned long nr_pages = 1 << order; | ||
| 3130 | struct task_struct *p = current; | ||
| 3131 | struct reclaim_state reclaim_state; | ||
| 3132 | - int classzone_idx = gfp_zone(gfp_mask); | ||
| 3133 | struct scan_control sc = { | ||
| 3134 | .nr_to_reclaim = max(nr_pages, SWAP_CLUSTER_MAX), | ||
| 3135 | - .gfp_mask = (gfp_mask = memalloc_noio_flags(gfp_mask)), | ||
| 3136 | + .gfp_mask = memalloc_noio_flags(gfp_mask), | ||
| 3137 | .order = order, | ||
| 3138 | .priority = NODE_RECLAIM_PRIORITY, | ||
| 3139 | .may_writepage = !!(node_reclaim_mode & RECLAIM_WRITE), | ||
| 3140 | .may_unmap = !!(node_reclaim_mode & RECLAIM_UNMAP), | ||
| 3141 | .may_swap = 1, | ||
| 3142 | - .reclaim_idx = classzone_idx, | ||
| 3143 | + .reclaim_idx = gfp_zone(gfp_mask), | ||
| 3144 | }; | ||
| 3145 | |||
| 3146 | cond_resched(); | ||
| 3147 | @@ -3768,7 +3767,7 @@ static int __node_reclaim(struct pglist_data *pgdat, gfp_t gfp_mask, unsigned in | ||
| 3148 | * and RECLAIM_UNMAP. | ||
| 3149 | */ | ||
| 3150 | p->flags |= PF_MEMALLOC | PF_SWAPWRITE; | ||
| 3151 | - lockdep_set_current_reclaim_state(gfp_mask); | ||
| 3152 | + lockdep_set_current_reclaim_state(sc.gfp_mask); | ||
| 3153 | reclaim_state.reclaimed_slab = 0; | ||
| 3154 | p->reclaim_state = &reclaim_state; | ||
| 3155 | |||
| 3156 | diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c | ||
| 3157 | index 658c900752c6..ead4d1baeaa6 100644 | ||
| 3158 | --- a/net/bluetooth/smp.c | ||
| 3159 | +++ b/net/bluetooth/smp.c | ||
| 3160 | @@ -2233,8 +2233,14 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) | ||
| 3161 | else | ||
| 3162 | sec_level = authreq_to_seclevel(auth); | ||
| 3163 | |||
| 3164 | - if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK)) | ||
| 3165 | + if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK)) { | ||
| 3166 | + /* If link is already encrypted with sufficient security we | ||
| 3167 | + * still need refresh encryption as per Core Spec 5.0 Vol 3, | ||
| 3168 | + * Part H 2.4.6 | ||
| 3169 | + */ | ||
| 3170 | + smp_ltk_encrypt(conn, hcon->sec_level); | ||
| 3171 | return 0; | ||
| 3172 | + } | ||
| 3173 | |||
| 3174 | if (sec_level > hcon->pending_sec_level) | ||
| 3175 | hcon->pending_sec_level = sec_level; | ||
| 3176 | diff --git a/net/bridge/netfilter/ebt_among.c b/net/bridge/netfilter/ebt_among.c | ||
| 3177 | index 9637a681bdda..9adf16258cab 100644 | ||
| 3178 | --- a/net/bridge/netfilter/ebt_among.c | ||
| 3179 | +++ b/net/bridge/netfilter/ebt_among.c | ||
| 3180 | @@ -177,6 +177,28 @@ static bool poolsize_invalid(const struct ebt_mac_wormhash *w) | ||
| 3181 | return w && w->poolsize >= (INT_MAX / sizeof(struct ebt_mac_wormhash_tuple)); | ||
| 3182 | } | ||
| 3183 | |||
| 3184 | +static bool wormhash_offset_invalid(int off, unsigned int len) | ||
| 3185 | +{ | ||
| 3186 | + if (off == 0) /* not present */ | ||
| 3187 | + return false; | ||
| 3188 | + | ||
| 3189 | + if (off < (int)sizeof(struct ebt_among_info) || | ||
| 3190 | + off % __alignof__(struct ebt_mac_wormhash)) | ||
| 3191 | + return true; | ||
| 3192 | + | ||
| 3193 | + off += sizeof(struct ebt_mac_wormhash); | ||
| 3194 | + | ||
| 3195 | + return off > len; | ||
| 3196 | +} | ||
| 3197 | + | ||
| 3198 | +static bool wormhash_sizes_valid(const struct ebt_mac_wormhash *wh, int a, int b) | ||
| 3199 | +{ | ||
| 3200 | + if (a == 0) | ||
| 3201 | + a = sizeof(struct ebt_among_info); | ||
| 3202 | + | ||
| 3203 | + return ebt_mac_wormhash_size(wh) + a == b; | ||
| 3204 | +} | ||
| 3205 | + | ||
| 3206 | static int ebt_among_mt_check(const struct xt_mtchk_param *par) | ||
| 3207 | { | ||
| 3208 | const struct ebt_among_info *info = par->matchinfo; | ||
| 3209 | @@ -189,6 +211,10 @@ static int ebt_among_mt_check(const struct xt_mtchk_param *par) | ||
| 3210 | if (expected_length > em->match_size) | ||
| 3211 | return -EINVAL; | ||
| 3212 | |||
| 3213 | + if (wormhash_offset_invalid(info->wh_dst_ofs, em->match_size) || | ||
| 3214 | + wormhash_offset_invalid(info->wh_src_ofs, em->match_size)) | ||
| 3215 | + return -EINVAL; | ||
| 3216 | + | ||
| 3217 | wh_dst = ebt_among_wh_dst(info); | ||
| 3218 | if (poolsize_invalid(wh_dst)) | ||
| 3219 | return -EINVAL; | ||
| 3220 | @@ -201,6 +227,14 @@ static int ebt_among_mt_check(const struct xt_mtchk_param *par) | ||
| 3221 | if (poolsize_invalid(wh_src)) | ||
| 3222 | return -EINVAL; | ||
| 3223 | |||
| 3224 | + if (info->wh_src_ofs < info->wh_dst_ofs) { | ||
| 3225 | + if (!wormhash_sizes_valid(wh_src, info->wh_src_ofs, info->wh_dst_ofs)) | ||
| 3226 | + return -EINVAL; | ||
| 3227 | + } else { | ||
| 3228 | + if (!wormhash_sizes_valid(wh_dst, info->wh_dst_ofs, info->wh_src_ofs)) | ||
| 3229 | + return -EINVAL; | ||
| 3230 | + } | ||
| 3231 | + | ||
| 3232 | expected_length += ebt_mac_wormhash_size(wh_src); | ||
| 3233 | |||
| 3234 | if (em->match_size != EBT_ALIGN(expected_length)) { | ||
| 3235 | diff --git a/net/ipv4/netfilter/nf_nat_h323.c b/net/ipv4/netfilter/nf_nat_h323.c | ||
| 3236 | index 574f7ebba0b6..ac8342dcb55e 100644 | ||
| 3237 | --- a/net/ipv4/netfilter/nf_nat_h323.c | ||
| 3238 | +++ b/net/ipv4/netfilter/nf_nat_h323.c | ||
| 3239 | @@ -252,16 +252,16 @@ static int nat_rtp_rtcp(struct sk_buff *skb, struct nf_conn *ct, | ||
| 3240 | if (set_h245_addr(skb, protoff, data, dataoff, taddr, | ||
| 3241 | &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3242 | htons((port & htons(1)) ? nated_port + 1 : | ||
| 3243 | - nated_port)) == 0) { | ||
| 3244 | - /* Save ports */ | ||
| 3245 | - info->rtp_port[i][dir] = rtp_port; | ||
| 3246 | - info->rtp_port[i][!dir] = htons(nated_port); | ||
| 3247 | - } else { | ||
| 3248 | + nated_port))) { | ||
| 3249 | nf_ct_unexpect_related(rtp_exp); | ||
| 3250 | nf_ct_unexpect_related(rtcp_exp); | ||
| 3251 | return -1; | ||
| 3252 | } | ||
| 3253 | |||
| 3254 | + /* Save ports */ | ||
| 3255 | + info->rtp_port[i][dir] = rtp_port; | ||
| 3256 | + info->rtp_port[i][!dir] = htons(nated_port); | ||
| 3257 | + | ||
| 3258 | /* Success */ | ||
| 3259 | pr_debug("nf_nat_h323: expect RTP %pI4:%hu->%pI4:%hu\n", | ||
| 3260 | &rtp_exp->tuple.src.u3.ip, | ||
| 3261 | @@ -370,15 +370,15 @@ static int nat_h245(struct sk_buff *skb, struct nf_conn *ct, | ||
| 3262 | /* Modify signal */ | ||
| 3263 | if (set_h225_addr(skb, protoff, data, dataoff, taddr, | ||
| 3264 | &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3265 | - htons(nated_port)) == 0) { | ||
| 3266 | - /* Save ports */ | ||
| 3267 | - info->sig_port[dir] = port; | ||
| 3268 | - info->sig_port[!dir] = htons(nated_port); | ||
| 3269 | - } else { | ||
| 3270 | + htons(nated_port))) { | ||
| 3271 | nf_ct_unexpect_related(exp); | ||
| 3272 | return -1; | ||
| 3273 | } | ||
| 3274 | |||
| 3275 | + /* Save ports */ | ||
| 3276 | + info->sig_port[dir] = port; | ||
| 3277 | + info->sig_port[!dir] = htons(nated_port); | ||
| 3278 | + | ||
| 3279 | pr_debug("nf_nat_q931: expect H.245 %pI4:%hu->%pI4:%hu\n", | ||
| 3280 | &exp->tuple.src.u3.ip, | ||
| 3281 | ntohs(exp->tuple.src.u.tcp.port), | ||
| 3282 | @@ -462,24 +462,27 @@ static int nat_q931(struct sk_buff *skb, struct nf_conn *ct, | ||
| 3283 | /* Modify signal */ | ||
| 3284 | if (set_h225_addr(skb, protoff, data, 0, &taddr[idx], | ||
| 3285 | &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3286 | - htons(nated_port)) == 0) { | ||
| 3287 | - /* Save ports */ | ||
| 3288 | - info->sig_port[dir] = port; | ||
| 3289 | - info->sig_port[!dir] = htons(nated_port); | ||
| 3290 | - | ||
| 3291 | - /* Fix for Gnomemeeting */ | ||
| 3292 | - if (idx > 0 && | ||
| 3293 | - get_h225_addr(ct, *data, &taddr[0], &addr, &port) && | ||
| 3294 | - (ntohl(addr.ip) & 0xff000000) == 0x7f000000) { | ||
| 3295 | - set_h225_addr(skb, protoff, data, 0, &taddr[0], | ||
| 3296 | - &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3297 | - info->sig_port[!dir]); | ||
| 3298 | - } | ||
| 3299 | - } else { | ||
| 3300 | + htons(nated_port))) { | ||
| 3301 | nf_ct_unexpect_related(exp); | ||
| 3302 | return -1; | ||
| 3303 | } | ||
| 3304 | |||
| 3305 | + /* Save ports */ | ||
| 3306 | + info->sig_port[dir] = port; | ||
| 3307 | + info->sig_port[!dir] = htons(nated_port); | ||
| 3308 | + | ||
| 3309 | + /* Fix for Gnomemeeting */ | ||
| 3310 | + if (idx > 0 && | ||
| 3311 | + get_h225_addr(ct, *data, &taddr[0], &addr, &port) && | ||
| 3312 | + (ntohl(addr.ip) & 0xff000000) == 0x7f000000) { | ||
| 3313 | + if (set_h225_addr(skb, protoff, data, 0, &taddr[0], | ||
| 3314 | + &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3315 | + info->sig_port[!dir])) { | ||
| 3316 | + nf_ct_unexpect_related(exp); | ||
| 3317 | + return -1; | ||
| 3318 | + } | ||
| 3319 | + } | ||
| 3320 | + | ||
| 3321 | /* Success */ | ||
| 3322 | pr_debug("nf_nat_ras: expect Q.931 %pI4:%hu->%pI4:%hu\n", | ||
| 3323 | &exp->tuple.src.u3.ip, | ||
| 3324 | @@ -550,9 +553,9 @@ static int nat_callforwarding(struct sk_buff *skb, struct nf_conn *ct, | ||
| 3325 | } | ||
| 3326 | |||
| 3327 | /* Modify signal */ | ||
| 3328 | - if (!set_h225_addr(skb, protoff, data, dataoff, taddr, | ||
| 3329 | - &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3330 | - htons(nated_port)) == 0) { | ||
| 3331 | + if (set_h225_addr(skb, protoff, data, dataoff, taddr, | ||
| 3332 | + &ct->tuplehash[!dir].tuple.dst.u3, | ||
| 3333 | + htons(nated_port))) { | ||
| 3334 | nf_ct_unexpect_related(exp); | ||
| 3335 | return -1; | ||
| 3336 | } | ||
| 3337 | diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c | ||
| 3338 | index 345efeb887ef..912333586de6 100644 | ||
| 3339 | --- a/net/ipv6/ip6_vti.c | ||
| 3340 | +++ b/net/ipv6/ip6_vti.c | ||
| 3341 | @@ -625,7 +625,6 @@ static void vti6_link_config(struct ip6_tnl *t) | ||
| 3342 | { | ||
| 3343 | struct net_device *dev = t->dev; | ||
| 3344 | struct __ip6_tnl_parm *p = &t->parms; | ||
| 3345 | - struct net_device *tdev = NULL; | ||
| 3346 | |||
| 3347 | memcpy(dev->dev_addr, &p->laddr, sizeof(struct in6_addr)); | ||
| 3348 | memcpy(dev->broadcast, &p->raddr, sizeof(struct in6_addr)); | ||
| 3349 | @@ -638,25 +637,6 @@ static void vti6_link_config(struct ip6_tnl *t) | ||
| 3350 | dev->flags |= IFF_POINTOPOINT; | ||
| 3351 | else | ||
| 3352 | dev->flags &= ~IFF_POINTOPOINT; | ||
| 3353 | - | ||
| 3354 | - if (p->flags & IP6_TNL_F_CAP_XMIT) { | ||
| 3355 | - int strict = (ipv6_addr_type(&p->raddr) & | ||
| 3356 | - (IPV6_ADDR_MULTICAST | IPV6_ADDR_LINKLOCAL)); | ||
| 3357 | - struct rt6_info *rt = rt6_lookup(t->net, | ||
| 3358 | - &p->raddr, &p->laddr, | ||
| 3359 | - p->link, strict); | ||
| 3360 | - | ||
| 3361 | - if (rt) | ||
| 3362 | - tdev = rt->dst.dev; | ||
| 3363 | - ip6_rt_put(rt); | ||
| 3364 | - } | ||
| 3365 | - | ||
| 3366 | - if (!tdev && p->link) | ||
| 3367 | - tdev = __dev_get_by_index(t->net, p->link); | ||
| 3368 | - | ||
| 3369 | - if (tdev) | ||
| 3370 | - dev->mtu = max_t(int, tdev->mtu - dev->hard_header_len, | ||
| 3371 | - IPV6_MIN_MTU); | ||
| 3372 | } | ||
| 3373 | |||
| 3374 | /** | ||
| 3375 | diff --git a/net/mac80211/ibss.c b/net/mac80211/ibss.c | ||
| 3376 | index d31818e7d10c..a5acaf1efaab 100644 | ||
| 3377 | --- a/net/mac80211/ibss.c | ||
| 3378 | +++ b/net/mac80211/ibss.c | ||
| 3379 | @@ -427,7 +427,7 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, | ||
| 3380 | case NL80211_CHAN_WIDTH_5: | ||
| 3381 | case NL80211_CHAN_WIDTH_10: | ||
| 3382 | cfg80211_chandef_create(&chandef, cbss->channel, | ||
| 3383 | - NL80211_CHAN_WIDTH_20_NOHT); | ||
| 3384 | + NL80211_CHAN_NO_HT); | ||
| 3385 | chandef.width = sdata->u.ibss.chandef.width; | ||
| 3386 | break; | ||
| 3387 | case NL80211_CHAN_WIDTH_80: | ||
| 3388 | @@ -439,7 +439,7 @@ static void ieee80211_sta_join_ibss(struct ieee80211_sub_if_data *sdata, | ||
| 3389 | default: | ||
| 3390 | /* fall back to 20 MHz for unsupported modes */ | ||
| 3391 | cfg80211_chandef_create(&chandef, cbss->channel, | ||
| 3392 | - NL80211_CHAN_WIDTH_20_NOHT); | ||
| 3393 | + NL80211_CHAN_NO_HT); | ||
| 3394 | break; | ||
| 3395 | } | ||
| 3396 | |||
| 3397 | diff --git a/net/mac80211/rate.c b/net/mac80211/rate.c | ||
| 3398 | index dbceb42c2a8e..e6096dfd0210 100644 | ||
| 3399 | --- a/net/mac80211/rate.c | ||
| 3400 | +++ b/net/mac80211/rate.c | ||
| 3401 | @@ -173,9 +173,11 @@ ieee80211_rate_control_ops_get(const char *name) | ||
| 3402 | /* try default if specific alg requested but not found */ | ||
| 3403 | ops = ieee80211_try_rate_control_ops_get(ieee80211_default_rc_algo); | ||
| 3404 | |||
| 3405 | - /* try built-in one if specific alg requested but not found */ | ||
| 3406 | - if (!ops && strlen(CONFIG_MAC80211_RC_DEFAULT)) | ||
| 3407 | + /* Note: check for > 0 is intentional to avoid clang warning */ | ||
| 3408 | + if (!ops && (strlen(CONFIG_MAC80211_RC_DEFAULT) > 0)) | ||
| 3409 | + /* try built-in one if specific alg requested but not found */ | ||
| 3410 | ops = ieee80211_try_rate_control_ops_get(CONFIG_MAC80211_RC_DEFAULT); | ||
| 3411 | + | ||
| 3412 | kernel_param_unlock(THIS_MODULE); | ||
| 3413 | |||
| 3414 | return ops; | ||
| 3415 | diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c | ||
| 3416 | index d5caed5bcfb1..d49a4639465f 100644 | ||
| 3417 | --- a/net/netfilter/nf_conntrack_netlink.c | ||
| 3418 | +++ b/net/netfilter/nf_conntrack_netlink.c | ||
| 3419 | @@ -1008,9 +1008,8 @@ static const struct nla_policy tuple_nla_policy[CTA_TUPLE_MAX+1] = { | ||
| 3420 | |||
| 3421 | static int | ||
| 3422 | ctnetlink_parse_tuple(const struct nlattr * const cda[], | ||
| 3423 | - struct nf_conntrack_tuple *tuple, | ||
| 3424 | - enum ctattr_type type, u_int8_t l3num, | ||
| 3425 | - struct nf_conntrack_zone *zone) | ||
| 3426 | + struct nf_conntrack_tuple *tuple, u32 type, | ||
| 3427 | + u_int8_t l3num, struct nf_conntrack_zone *zone) | ||
| 3428 | { | ||
| 3429 | struct nlattr *tb[CTA_TUPLE_MAX+1]; | ||
| 3430 | int err; | ||
| 3431 | @@ -2409,7 +2408,7 @@ static struct nfnl_ct_hook ctnetlink_glue_hook = { | ||
| 3432 | |||
| 3433 | static int ctnetlink_exp_dump_tuple(struct sk_buff *skb, | ||
| 3434 | const struct nf_conntrack_tuple *tuple, | ||
| 3435 | - enum ctattr_expect type) | ||
| 3436 | + u32 type) | ||
| 3437 | { | ||
| 3438 | struct nlattr *nest_parms; | ||
| 3439 | |||
| 3440 | diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c | ||
| 3441 | index 7ad1a863587a..59be89813a29 100644 | ||
| 3442 | --- a/net/netfilter/x_tables.c | ||
| 3443 | +++ b/net/netfilter/x_tables.c | ||
| 3444 | @@ -367,6 +367,36 @@ textify_hooks(char *buf, size_t size, unsigned int mask, uint8_t nfproto) | ||
| 3445 | return buf; | ||
| 3446 | } | ||
| 3447 | |||
| 3448 | +/** | ||
| 3449 | + * xt_check_proc_name - check that name is suitable for /proc file creation | ||
| 3450 | + * | ||
| 3451 | + * @name: file name candidate | ||
| 3452 | + * @size: length of buffer | ||
| 3453 | + * | ||
| 3454 | + * some x_tables modules wish to create a file in /proc. | ||
| 3455 | + * This function makes sure that the name is suitable for this | ||
| 3456 | + * purpose, it checks that name is NUL terminated and isn't a 'special' | ||
| 3457 | + * name, like "..". | ||
| 3458 | + * | ||
| 3459 | + * returns negative number on error or 0 if name is useable. | ||
| 3460 | + */ | ||
| 3461 | +int xt_check_proc_name(const char *name, unsigned int size) | ||
| 3462 | +{ | ||
| 3463 | + if (name[0] == '\0') | ||
| 3464 | + return -EINVAL; | ||
| 3465 | + | ||
| 3466 | + if (strnlen(name, size) == size) | ||
| 3467 | + return -ENAMETOOLONG; | ||
| 3468 | + | ||
| 3469 | + if (strcmp(name, ".") == 0 || | ||
| 3470 | + strcmp(name, "..") == 0 || | ||
| 3471 | + strchr(name, '/')) | ||
| 3472 | + return -EINVAL; | ||
| 3473 | + | ||
| 3474 | + return 0; | ||
| 3475 | +} | ||
| 3476 | +EXPORT_SYMBOL(xt_check_proc_name); | ||
| 3477 | + | ||
| 3478 | int xt_check_match(struct xt_mtchk_param *par, | ||
| 3479 | unsigned int size, u_int8_t proto, bool inv_proto) | ||
| 3480 | { | ||
| 3481 | diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c | ||
| 3482 | index b89b688e9d01..a1a29cdc58fc 100644 | ||
| 3483 | --- a/net/netfilter/xt_hashlimit.c | ||
| 3484 | +++ b/net/netfilter/xt_hashlimit.c | ||
| 3485 | @@ -794,8 +794,9 @@ static int hashlimit_mt_check_v1(const struct xt_mtchk_param *par) | ||
| 3486 | struct hashlimit_cfg2 cfg = {}; | ||
| 3487 | int ret; | ||
| 3488 | |||
| 3489 | - if (info->name[sizeof(info->name) - 1] != '\0') | ||
| 3490 | - return -EINVAL; | ||
| 3491 | + ret = xt_check_proc_name(info->name, sizeof(info->name)); | ||
| 3492 | + if (ret) | ||
| 3493 | + return ret; | ||
| 3494 | |||
| 3495 | ret = cfg_copy(&cfg, (void *)&info->cfg, 1); | ||
| 3496 | |||
| 3497 | @@ -809,9 +810,11 @@ static int hashlimit_mt_check_v1(const struct xt_mtchk_param *par) | ||
| 3498 | static int hashlimit_mt_check(const struct xt_mtchk_param *par) | ||
| 3499 | { | ||
| 3500 | struct xt_hashlimit_mtinfo2 *info = par->matchinfo; | ||
| 3501 | + int ret; | ||
| 3502 | |||
| 3503 | - if (info->name[sizeof(info->name) - 1] != '\0') | ||
| 3504 | - return -EINVAL; | ||
| 3505 | + ret = xt_check_proc_name(info->name, sizeof(info->name)); | ||
| 3506 | + if (ret) | ||
| 3507 | + return ret; | ||
| 3508 | |||
| 3509 | return hashlimit_mt_check_common(par, &info->hinfo, &info->cfg, | ||
| 3510 | info->name, 2); | ||
| 3511 | diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c | ||
| 3512 | index e3b7a09b103e..79d7ad621a80 100644 | ||
| 3513 | --- a/net/netfilter/xt_recent.c | ||
| 3514 | +++ b/net/netfilter/xt_recent.c | ||
| 3515 | @@ -361,9 +361,9 @@ static int recent_mt_check(const struct xt_mtchk_param *par, | ||
| 3516 | info->hit_count, XT_RECENT_MAX_NSTAMPS - 1); | ||
| 3517 | return -EINVAL; | ||
| 3518 | } | ||
| 3519 | - if (info->name[0] == '\0' || | ||
| 3520 | - strnlen(info->name, XT_RECENT_NAME_LEN) == XT_RECENT_NAME_LEN) | ||
| 3521 | - return -EINVAL; | ||
| 3522 | + ret = xt_check_proc_name(info->name, sizeof(info->name)); | ||
| 3523 | + if (ret) | ||
| 3524 | + return ret; | ||
| 3525 | |||
| 3526 | if (ip_pkt_list_tot && info->hit_count < ip_pkt_list_tot) | ||
| 3527 | nstamp_mask = roundup_pow_of_two(ip_pkt_list_tot) - 1; | ||
| 3528 | diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c | ||
| 3529 | index a89061d59c74..36280e114959 100644 | ||
| 3530 | --- a/net/wireless/nl80211.c | ||
| 3531 | +++ b/net/wireless/nl80211.c | ||
| 3532 | @@ -4081,7 +4081,7 @@ static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, | ||
| 3533 | struct nlattr *rate; | ||
| 3534 | u32 bitrate; | ||
| 3535 | u16 bitrate_compat; | ||
| 3536 | - enum nl80211_attrs rate_flg; | ||
| 3537 | + enum nl80211_rate_info rate_flg; | ||
| 3538 | |||
| 3539 | rate = nla_nest_start(msg, attr); | ||
| 3540 | if (!rate) | ||
| 3541 | diff --git a/net/wireless/util.c b/net/wireless/util.c | ||
| 3542 | index c921c2eed15d..bb54d9db82df 100644 | ||
| 3543 | --- a/net/wireless/util.c | ||
| 3544 | +++ b/net/wireless/util.c | ||
| 3545 | @@ -663,7 +663,7 @@ __ieee80211_amsdu_copy_frag(struct sk_buff *skb, struct sk_buff *frame, | ||
| 3546 | int offset, int len) | ||
| 3547 | { | ||
| 3548 | struct skb_shared_info *sh = skb_shinfo(skb); | ||
| 3549 | - const skb_frag_t *frag = &sh->frags[-1]; | ||
| 3550 | + const skb_frag_t *frag = &sh->frags[0]; | ||
| 3551 | struct page *frag_page; | ||
| 3552 | void *frag_ptr; | ||
| 3553 | int frag_len, frag_size; | ||
| 3554 | @@ -676,10 +676,10 @@ __ieee80211_amsdu_copy_frag(struct sk_buff *skb, struct sk_buff *frame, | ||
| 3555 | |||
| 3556 | while (offset >= frag_size) { | ||
| 3557 | offset -= frag_size; | ||
| 3558 | - frag++; | ||
| 3559 | frag_page = skb_frag_page(frag); | ||
| 3560 | frag_ptr = skb_frag_address(frag); | ||
| 3561 | frag_size = skb_frag_size(frag); | ||
| 3562 | + frag++; | ||
| 3563 | } | ||
| 3564 | |||
| 3565 | frag_ptr += offset; | ||
| 3566 | @@ -691,12 +691,12 @@ __ieee80211_amsdu_copy_frag(struct sk_buff *skb, struct sk_buff *frame, | ||
| 3567 | len -= cur_len; | ||
| 3568 | |||
| 3569 | while (len > 0) { | ||
| 3570 | - frag++; | ||
| 3571 | frag_len = skb_frag_size(frag); | ||
| 3572 | cur_len = min(len, frag_len); | ||
| 3573 | __frame_add_frag(frame, skb_frag_page(frag), | ||
| 3574 | skb_frag_address(frag), cur_len, frag_len); | ||
| 3575 | len -= cur_len; | ||
| 3576 | + frag++; | ||
| 3577 | } | ||
| 3578 | } | ||
| 3579 | |||
| 3580 | diff --git a/net/xfrm/xfrm_ipcomp.c b/net/xfrm/xfrm_ipcomp.c | ||
| 3581 | index ccfdc7115a83..a00ec715aa46 100644 | ||
| 3582 | --- a/net/xfrm/xfrm_ipcomp.c | ||
| 3583 | +++ b/net/xfrm/xfrm_ipcomp.c | ||
| 3584 | @@ -283,7 +283,7 @@ static struct crypto_comp * __percpu *ipcomp_alloc_tfms(const char *alg_name) | ||
| 3585 | struct crypto_comp *tfm; | ||
| 3586 | |||
| 3587 | /* This can be any valid CPU ID so we don't need locking. */ | ||
| 3588 | - tfm = __this_cpu_read(*pos->tfms); | ||
| 3589 | + tfm = this_cpu_read(*pos->tfms); | ||
| 3590 | |||
| 3591 | if (!strcmp(crypto_comp_name(tfm), alg_name)) { | ||
| 3592 | pos->users++; | ||
| 3593 | diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c | ||
| 3594 | index 13e0611a9085..fdb9742d934e 100644 | ||
| 3595 | --- a/net/xfrm/xfrm_state.c | ||
| 3596 | +++ b/net/xfrm/xfrm_state.c | ||
| 3597 | @@ -1883,6 +1883,11 @@ int xfrm_user_policy(struct sock *sk, int optname, u8 __user *optval, int optlen | ||
| 3598 | struct xfrm_mgr *km; | ||
| 3599 | struct xfrm_policy *pol = NULL; | ||
| 3600 | |||
| 3601 | +#ifdef CONFIG_COMPAT | ||
| 3602 | + if (in_compat_syscall()) | ||
| 3603 | + return -EOPNOTSUPP; | ||
| 3604 | +#endif | ||
| 3605 | + | ||
| 3606 | if (!optval && !optlen) { | ||
| 3607 | xfrm_sk_policy_insert(sk, XFRM_POLICY_IN, NULL); | ||
| 3608 | xfrm_sk_policy_insert(sk, XFRM_POLICY_OUT, NULL); | ||
| 3609 | diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c | ||
| 3610 | index 5d33967d9aa1..6a029358bfd1 100644 | ||
| 3611 | --- a/net/xfrm/xfrm_user.c | ||
| 3612 | +++ b/net/xfrm/xfrm_user.c | ||
| 3613 | @@ -121,22 +121,17 @@ static inline int verify_replay(struct xfrm_usersa_info *p, | ||
| 3614 | struct nlattr *rt = attrs[XFRMA_REPLAY_ESN_VAL]; | ||
| 3615 | struct xfrm_replay_state_esn *rs; | ||
| 3616 | |||
| 3617 | - if (p->flags & XFRM_STATE_ESN) { | ||
| 3618 | - if (!rt) | ||
| 3619 | - return -EINVAL; | ||
| 3620 | + if (!rt) | ||
| 3621 | + return (p->flags & XFRM_STATE_ESN) ? -EINVAL : 0; | ||
| 3622 | |||
| 3623 | - rs = nla_data(rt); | ||
| 3624 | + rs = nla_data(rt); | ||
| 3625 | |||
| 3626 | - if (rs->bmp_len > XFRMA_REPLAY_ESN_MAX / sizeof(rs->bmp[0]) / 8) | ||
| 3627 | - return -EINVAL; | ||
| 3628 | - | ||
| 3629 | - if (nla_len(rt) < xfrm_replay_state_esn_len(rs) && | ||
| 3630 | - nla_len(rt) != sizeof(*rs)) | ||
| 3631 | - return -EINVAL; | ||
| 3632 | - } | ||
| 3633 | + if (rs->bmp_len > XFRMA_REPLAY_ESN_MAX / sizeof(rs->bmp[0]) / 8) | ||
| 3634 | + return -EINVAL; | ||
| 3635 | |||
| 3636 | - if (!rt) | ||
| 3637 | - return 0; | ||
| 3638 | + if (nla_len(rt) < xfrm_replay_state_esn_len(rs) && | ||
| 3639 | + nla_len(rt) != sizeof(*rs)) | ||
| 3640 | + return -EINVAL; | ||
| 3641 | |||
| 3642 | /* As only ESP and AH support ESN feature. */ | ||
| 3643 | if ((p->id.proto != IPPROTO_ESP) && (p->id.proto != IPPROTO_AH)) | ||
| 3644 | diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c | ||
| 3645 | index b8278f3af9da..17627d8d5a26 100644 | ||
| 3646 | --- a/security/selinux/hooks.c | ||
| 3647 | +++ b/security/selinux/hooks.c | ||
| 3648 | @@ -406,18 +406,6 @@ static void superblock_free_security(struct super_block *sb) | ||
| 3649 | kfree(sbsec); | ||
| 3650 | } | ||
| 3651 | |||
| 3652 | -/* The file system's label must be initialized prior to use. */ | ||
| 3653 | - | ||
| 3654 | -static const char *labeling_behaviors[7] = { | ||
| 3655 | - "uses xattr", | ||
| 3656 | - "uses transition SIDs", | ||
| 3657 | - "uses task SIDs", | ||
| 3658 | - "uses genfs_contexts", | ||
| 3659 | - "not configured for labeling", | ||
| 3660 | - "uses mountpoint labeling", | ||
| 3661 | - "uses native labeling", | ||
| 3662 | -}; | ||
| 3663 | - | ||
| 3664 | static inline int inode_doinit(struct inode *inode) | ||
| 3665 | { | ||
| 3666 | return inode_doinit_with_dentry(inode, NULL); | ||
| 3667 | @@ -528,10 +516,6 @@ static int sb_finish_set_opts(struct super_block *sb) | ||
| 3668 | } | ||
| 3669 | } | ||
| 3670 | |||
| 3671 | - if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) | ||
| 3672 | - printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n", | ||
| 3673 | - sb->s_id, sb->s_type->name); | ||
| 3674 | - | ||
| 3675 | sbsec->flags |= SE_SBINITIALIZED; | ||
| 3676 | if (selinux_is_sblabel_mnt(sb)) | ||
| 3677 | sbsec->flags |= SBLABEL_MNT; | ||
| 3678 | diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c | ||
| 3679 | index 73275a92f2e2..d656b7c98394 100644 | ||
| 3680 | --- a/security/selinux/ss/services.c | ||
| 3681 | +++ b/security/selinux/ss/services.c | ||
| 3682 | @@ -155,7 +155,7 @@ static int selinux_set_mapping(struct policydb *pol, | ||
| 3683 | } | ||
| 3684 | |||
| 3685 | k = 0; | ||
| 3686 | - while (p_in->perms && p_in->perms[k]) { | ||
| 3687 | + while (p_in->perms[k]) { | ||
| 3688 | /* An empty permission string skips ahead */ | ||
| 3689 | if (!*p_in->perms[k]) { | ||
| 3690 | k++; | ||
| 3691 | diff --git a/sound/core/oss/pcm_oss.c b/sound/core/oss/pcm_oss.c | ||
| 3692 | index 3e7c3573871d..fa8741afadf5 100644 | ||
| 3693 | --- a/sound/core/oss/pcm_oss.c | ||
| 3694 | +++ b/sound/core/oss/pcm_oss.c | ||
| 3695 | @@ -1361,7 +1361,7 @@ static ssize_t snd_pcm_oss_write2(struct snd_pcm_substream *substream, const cha | ||
| 3696 | static ssize_t snd_pcm_oss_write1(struct snd_pcm_substream *substream, const char __user *buf, size_t bytes) | ||
| 3697 | { | ||
| 3698 | size_t xfer = 0; | ||
| 3699 | - ssize_t tmp; | ||
| 3700 | + ssize_t tmp = 0; | ||
| 3701 | struct snd_pcm_runtime *runtime = substream->runtime; | ||
| 3702 | |||
| 3703 | if (atomic_read(&substream->mmap_count)) | ||
| 3704 | @@ -1468,7 +1468,7 @@ static ssize_t snd_pcm_oss_read2(struct snd_pcm_substream *substream, char *buf, | ||
| 3705 | static ssize_t snd_pcm_oss_read1(struct snd_pcm_substream *substream, char __user *buf, size_t bytes) | ||
| 3706 | { | ||
| 3707 | size_t xfer = 0; | ||
| 3708 | - ssize_t tmp; | ||
| 3709 | + ssize_t tmp = 0; | ||
| 3710 | struct snd_pcm_runtime *runtime = substream->runtime; | ||
| 3711 | |||
| 3712 | if (atomic_read(&substream->mmap_count)) | ||
| 3713 | diff --git a/sound/core/pcm_native.c b/sound/core/pcm_native.c | ||
| 3714 | index 9d33c1e85c79..d503285867e7 100644 | ||
| 3715 | --- a/sound/core/pcm_native.c | ||
| 3716 | +++ b/sound/core/pcm_native.c | ||
| 3717 | @@ -3410,7 +3410,7 @@ int snd_pcm_lib_default_mmap(struct snd_pcm_substream *substream, | ||
| 3718 | area, | ||
| 3719 | substream->runtime->dma_area, | ||
| 3720 | substream->runtime->dma_addr, | ||
| 3721 | - area->vm_end - area->vm_start); | ||
| 3722 | + substream->runtime->dma_bytes); | ||
| 3723 | #endif /* CONFIG_X86 */ | ||
| 3724 | /* mmap with fault handler */ | ||
| 3725 | area->vm_ops = &snd_pcm_vm_ops_data_fault; | ||
| 3726 | diff --git a/sound/usb/quirks.c b/sound/usb/quirks.c | ||
| 3727 | index 1cd7f8b0bf77..45655b9108e8 100644 | ||
| 3728 | --- a/sound/usb/quirks.c | ||
| 3729 | +++ b/sound/usb/quirks.c | ||
| 3730 | @@ -1175,6 +1175,7 @@ static bool is_teac_dsd_dac(unsigned int id) | ||
| 3731 | switch (id) { | ||
| 3732 | case USB_ID(0x0644, 0x8043): /* TEAC UD-501/UD-503/NT-503 */ | ||
| 3733 | case USB_ID(0x0644, 0x8044): /* Esoteric D-05X */ | ||
| 3734 | + case USB_ID(0x0644, 0x804a): /* TEAC UD-301 */ | ||
| 3735 | return true; | ||
| 3736 | } | ||
| 3737 | return false; |