Annotation of /trunk/kernel-alx/patches-4.9/0202-4.9.103-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 3179 -
(hide annotations)
(download)
Wed Aug 8 14:17:32 2018 UTC (5 years, 9 months ago) by niro
File size: 111844 byte(s)
Wed Aug 8 14:17:32 2018 UTC (5 years, 9 months ago) by niro
File size: 111844 byte(s)
-linux-4.9.103
| 1 | niro | 3179 | diff --git a/Makefile b/Makefile |
| 2 | index d84c39c290f7..6090f655fb32 100644 | ||
| 3 | --- a/Makefile | ||
| 4 | +++ b/Makefile | ||
| 5 | @@ -1,6 +1,6 @@ | ||
| 6 | VERSION = 4 | ||
| 7 | PATCHLEVEL = 9 | ||
| 8 | -SUBLEVEL = 102 | ||
| 9 | +SUBLEVEL = 103 | ||
| 10 | EXTRAVERSION = | ||
| 11 | NAME = Roaring Lionus | ||
| 12 | |||
| 13 | diff --git a/arch/s390/crypto/crc32be-vx.S b/arch/s390/crypto/crc32be-vx.S | ||
| 14 | index 8013989cd2e5..096affb74446 100644 | ||
| 15 | --- a/arch/s390/crypto/crc32be-vx.S | ||
| 16 | +++ b/arch/s390/crypto/crc32be-vx.S | ||
| 17 | @@ -12,6 +12,7 @@ | ||
| 18 | */ | ||
| 19 | |||
| 20 | #include <linux/linkage.h> | ||
| 21 | +#include <asm/nospec-insn.h> | ||
| 22 | #include <asm/vx-insn.h> | ||
| 23 | |||
| 24 | /* Vector register range containing CRC-32 constants */ | ||
| 25 | @@ -66,6 +67,8 @@ | ||
| 26 | |||
| 27 | .previous | ||
| 28 | |||
| 29 | + GEN_BR_THUNK %r14 | ||
| 30 | + | ||
| 31 | .text | ||
| 32 | /* | ||
| 33 | * The CRC-32 function(s) use these calling conventions: | ||
| 34 | @@ -202,6 +205,6 @@ ENTRY(crc32_be_vgfm_16) | ||
| 35 | |||
| 36 | .Ldone: | ||
| 37 | VLGVF %r2,%v2,3 | ||
| 38 | - br %r14 | ||
| 39 | + BR_EX %r14 | ||
| 40 | |||
| 41 | .previous | ||
| 42 | diff --git a/arch/s390/crypto/crc32le-vx.S b/arch/s390/crypto/crc32le-vx.S | ||
| 43 | index 17f2504c2633..8dc98c1d7cb1 100644 | ||
| 44 | --- a/arch/s390/crypto/crc32le-vx.S | ||
| 45 | +++ b/arch/s390/crypto/crc32le-vx.S | ||
| 46 | @@ -13,6 +13,7 @@ | ||
| 47 | */ | ||
| 48 | |||
| 49 | #include <linux/linkage.h> | ||
| 50 | +#include <asm/nospec-insn.h> | ||
| 51 | #include <asm/vx-insn.h> | ||
| 52 | |||
| 53 | /* Vector register range containing CRC-32 constants */ | ||
| 54 | @@ -75,6 +76,7 @@ | ||
| 55 | |||
| 56 | .previous | ||
| 57 | |||
| 58 | + GEN_BR_THUNK %r14 | ||
| 59 | |||
| 60 | .text | ||
| 61 | |||
| 62 | @@ -263,6 +265,6 @@ crc32_le_vgfm_generic: | ||
| 63 | |||
| 64 | .Ldone: | ||
| 65 | VLGVF %r2,%v2,2 | ||
| 66 | - br %r14 | ||
| 67 | + BR_EX %r14 | ||
| 68 | |||
| 69 | .previous | ||
| 70 | diff --git a/arch/s390/include/asm/alternative-asm.h b/arch/s390/include/asm/alternative-asm.h | ||
| 71 | new file mode 100644 | ||
| 72 | index 000000000000..955d620db23e | ||
| 73 | --- /dev/null | ||
| 74 | +++ b/arch/s390/include/asm/alternative-asm.h | ||
| 75 | @@ -0,0 +1,108 @@ | ||
| 76 | +/* SPDX-License-Identifier: GPL-2.0 */ | ||
| 77 | +#ifndef _ASM_S390_ALTERNATIVE_ASM_H | ||
| 78 | +#define _ASM_S390_ALTERNATIVE_ASM_H | ||
| 79 | + | ||
| 80 | +#ifdef __ASSEMBLY__ | ||
| 81 | + | ||
| 82 | +/* | ||
| 83 | + * Check the length of an instruction sequence. The length may not be larger | ||
| 84 | + * than 254 bytes and it has to be divisible by 2. | ||
| 85 | + */ | ||
| 86 | +.macro alt_len_check start,end | ||
| 87 | + .if ( \end - \start ) > 254 | ||
| 88 | + .error "cpu alternatives does not support instructions blocks > 254 bytes\n" | ||
| 89 | + .endif | ||
| 90 | + .if ( \end - \start ) % 2 | ||
| 91 | + .error "cpu alternatives instructions length is odd\n" | ||
| 92 | + .endif | ||
| 93 | +.endm | ||
| 94 | + | ||
| 95 | +/* | ||
| 96 | + * Issue one struct alt_instr descriptor entry (need to put it into | ||
| 97 | + * the section .altinstructions, see below). This entry contains | ||
| 98 | + * enough information for the alternatives patching code to patch an | ||
| 99 | + * instruction. See apply_alternatives(). | ||
| 100 | + */ | ||
| 101 | +.macro alt_entry orig_start, orig_end, alt_start, alt_end, feature | ||
| 102 | + .long \orig_start - . | ||
| 103 | + .long \alt_start - . | ||
| 104 | + .word \feature | ||
| 105 | + .byte \orig_end - \orig_start | ||
| 106 | + .byte \alt_end - \alt_start | ||
| 107 | +.endm | ||
| 108 | + | ||
| 109 | +/* | ||
| 110 | + * Fill up @bytes with nops. The macro emits 6-byte nop instructions | ||
| 111 | + * for the bulk of the area, possibly followed by a 4-byte and/or | ||
| 112 | + * a 2-byte nop if the size of the area is not divisible by 6. | ||
| 113 | + */ | ||
| 114 | +.macro alt_pad_fill bytes | ||
| 115 | + .fill ( \bytes ) / 6, 6, 0xc0040000 | ||
| 116 | + .fill ( \bytes ) % 6 / 4, 4, 0x47000000 | ||
| 117 | + .fill ( \bytes ) % 6 % 4 / 2, 2, 0x0700 | ||
| 118 | +.endm | ||
| 119 | + | ||
| 120 | +/* | ||
| 121 | + * Fill up @bytes with nops. If the number of bytes is larger | ||
| 122 | + * than 6, emit a jg instruction to branch over all nops, then | ||
| 123 | + * fill an area of size (@bytes - 6) with nop instructions. | ||
| 124 | + */ | ||
| 125 | +.macro alt_pad bytes | ||
| 126 | + .if ( \bytes > 0 ) | ||
| 127 | + .if ( \bytes > 6 ) | ||
| 128 | + jg . + \bytes | ||
| 129 | + alt_pad_fill \bytes - 6 | ||
| 130 | + .else | ||
| 131 | + alt_pad_fill \bytes | ||
| 132 | + .endif | ||
| 133 | + .endif | ||
| 134 | +.endm | ||
| 135 | + | ||
| 136 | +/* | ||
| 137 | + * Define an alternative between two instructions. If @feature is | ||
| 138 | + * present, early code in apply_alternatives() replaces @oldinstr with | ||
| 139 | + * @newinstr. ".skip" directive takes care of proper instruction padding | ||
| 140 | + * in case @newinstr is longer than @oldinstr. | ||
| 141 | + */ | ||
| 142 | +.macro ALTERNATIVE oldinstr, newinstr, feature | ||
| 143 | + .pushsection .altinstr_replacement,"ax" | ||
| 144 | +770: \newinstr | ||
| 145 | +771: .popsection | ||
| 146 | +772: \oldinstr | ||
| 147 | +773: alt_len_check 770b, 771b | ||
| 148 | + alt_len_check 772b, 773b | ||
| 149 | + alt_pad ( ( 771b - 770b ) - ( 773b - 772b ) ) | ||
| 150 | +774: .pushsection .altinstructions,"a" | ||
| 151 | + alt_entry 772b, 774b, 770b, 771b, \feature | ||
| 152 | + .popsection | ||
| 153 | +.endm | ||
| 154 | + | ||
| 155 | +/* | ||
| 156 | + * Define an alternative between two instructions. If @feature is | ||
| 157 | + * present, early code in apply_alternatives() replaces @oldinstr with | ||
| 158 | + * @newinstr. ".skip" directive takes care of proper instruction padding | ||
| 159 | + * in case @newinstr is longer than @oldinstr. | ||
| 160 | + */ | ||
| 161 | +.macro ALTERNATIVE_2 oldinstr, newinstr1, feature1, newinstr2, feature2 | ||
| 162 | + .pushsection .altinstr_replacement,"ax" | ||
| 163 | +770: \newinstr1 | ||
| 164 | +771: \newinstr2 | ||
| 165 | +772: .popsection | ||
| 166 | +773: \oldinstr | ||
| 167 | +774: alt_len_check 770b, 771b | ||
| 168 | + alt_len_check 771b, 772b | ||
| 169 | + alt_len_check 773b, 774b | ||
| 170 | + .if ( 771b - 770b > 772b - 771b ) | ||
| 171 | + alt_pad ( ( 771b - 770b ) - ( 774b - 773b ) ) | ||
| 172 | + .else | ||
| 173 | + alt_pad ( ( 772b - 771b ) - ( 774b - 773b ) ) | ||
| 174 | + .endif | ||
| 175 | +775: .pushsection .altinstructions,"a" | ||
| 176 | + alt_entry 773b, 775b, 770b, 771b,\feature1 | ||
| 177 | + alt_entry 773b, 775b, 771b, 772b,\feature2 | ||
| 178 | + .popsection | ||
| 179 | +.endm | ||
| 180 | + | ||
| 181 | +#endif /* __ASSEMBLY__ */ | ||
| 182 | + | ||
| 183 | +#endif /* _ASM_S390_ALTERNATIVE_ASM_H */ | ||
| 184 | diff --git a/arch/s390/include/asm/nospec-insn.h b/arch/s390/include/asm/nospec-insn.h | ||
| 185 | new file mode 100644 | ||
| 186 | index 000000000000..9a56e738d645 | ||
| 187 | --- /dev/null | ||
| 188 | +++ b/arch/s390/include/asm/nospec-insn.h | ||
| 189 | @@ -0,0 +1,195 @@ | ||
| 190 | +/* SPDX-License-Identifier: GPL-2.0 */ | ||
| 191 | +#ifndef _ASM_S390_NOSPEC_ASM_H | ||
| 192 | +#define _ASM_S390_NOSPEC_ASM_H | ||
| 193 | + | ||
| 194 | +#include <asm/alternative-asm.h> | ||
| 195 | +#include <asm/asm-offsets.h> | ||
| 196 | + | ||
| 197 | +#ifdef __ASSEMBLY__ | ||
| 198 | + | ||
| 199 | +#ifdef CONFIG_EXPOLINE | ||
| 200 | + | ||
| 201 | +_LC_BR_R1 = __LC_BR_R1 | ||
| 202 | + | ||
| 203 | +/* | ||
| 204 | + * The expoline macros are used to create thunks in the same format | ||
| 205 | + * as gcc generates them. The 'comdat' section flag makes sure that | ||
| 206 | + * the various thunks are merged into a single copy. | ||
| 207 | + */ | ||
| 208 | + .macro __THUNK_PROLOG_NAME name | ||
| 209 | + .pushsection .text.\name,"axG",@progbits,\name,comdat | ||
| 210 | + .globl \name | ||
| 211 | + .hidden \name | ||
| 212 | + .type \name,@function | ||
| 213 | +\name: | ||
| 214 | + .cfi_startproc | ||
| 215 | + .endm | ||
| 216 | + | ||
| 217 | + .macro __THUNK_EPILOG | ||
| 218 | + .cfi_endproc | ||
| 219 | + .popsection | ||
| 220 | + .endm | ||
| 221 | + | ||
| 222 | + .macro __THUNK_PROLOG_BR r1,r2 | ||
| 223 | + __THUNK_PROLOG_NAME __s390x_indirect_jump_r\r2\()use_r\r1 | ||
| 224 | + .endm | ||
| 225 | + | ||
| 226 | + .macro __THUNK_PROLOG_BC d0,r1,r2 | ||
| 227 | + __THUNK_PROLOG_NAME __s390x_indirect_branch_\d0\()_\r2\()use_\r1 | ||
| 228 | + .endm | ||
| 229 | + | ||
| 230 | + .macro __THUNK_BR r1,r2 | ||
| 231 | + jg __s390x_indirect_jump_r\r2\()use_r\r1 | ||
| 232 | + .endm | ||
| 233 | + | ||
| 234 | + .macro __THUNK_BC d0,r1,r2 | ||
| 235 | + jg __s390x_indirect_branch_\d0\()_\r2\()use_\r1 | ||
| 236 | + .endm | ||
| 237 | + | ||
| 238 | + .macro __THUNK_BRASL r1,r2,r3 | ||
| 239 | + brasl \r1,__s390x_indirect_jump_r\r3\()use_r\r2 | ||
| 240 | + .endm | ||
| 241 | + | ||
| 242 | + .macro __DECODE_RR expand,reg,ruse | ||
| 243 | + .set __decode_fail,1 | ||
| 244 | + .irp r1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 245 | + .ifc \reg,%r\r1 | ||
| 246 | + .irp r2,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 247 | + .ifc \ruse,%r\r2 | ||
| 248 | + \expand \r1,\r2 | ||
| 249 | + .set __decode_fail,0 | ||
| 250 | + .endif | ||
| 251 | + .endr | ||
| 252 | + .endif | ||
| 253 | + .endr | ||
| 254 | + .if __decode_fail == 1 | ||
| 255 | + .error "__DECODE_RR failed" | ||
| 256 | + .endif | ||
| 257 | + .endm | ||
| 258 | + | ||
| 259 | + .macro __DECODE_RRR expand,rsave,rtarget,ruse | ||
| 260 | + .set __decode_fail,1 | ||
| 261 | + .irp r1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 262 | + .ifc \rsave,%r\r1 | ||
| 263 | + .irp r2,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 264 | + .ifc \rtarget,%r\r2 | ||
| 265 | + .irp r3,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 266 | + .ifc \ruse,%r\r3 | ||
| 267 | + \expand \r1,\r2,\r3 | ||
| 268 | + .set __decode_fail,0 | ||
| 269 | + .endif | ||
| 270 | + .endr | ||
| 271 | + .endif | ||
| 272 | + .endr | ||
| 273 | + .endif | ||
| 274 | + .endr | ||
| 275 | + .if __decode_fail == 1 | ||
| 276 | + .error "__DECODE_RRR failed" | ||
| 277 | + .endif | ||
| 278 | + .endm | ||
| 279 | + | ||
| 280 | + .macro __DECODE_DRR expand,disp,reg,ruse | ||
| 281 | + .set __decode_fail,1 | ||
| 282 | + .irp r1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 283 | + .ifc \reg,%r\r1 | ||
| 284 | + .irp r2,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15 | ||
| 285 | + .ifc \ruse,%r\r2 | ||
| 286 | + \expand \disp,\r1,\r2 | ||
| 287 | + .set __decode_fail,0 | ||
| 288 | + .endif | ||
| 289 | + .endr | ||
| 290 | + .endif | ||
| 291 | + .endr | ||
| 292 | + .if __decode_fail == 1 | ||
| 293 | + .error "__DECODE_DRR failed" | ||
| 294 | + .endif | ||
| 295 | + .endm | ||
| 296 | + | ||
| 297 | + .macro __THUNK_EX_BR reg,ruse | ||
| 298 | + # Be very careful when adding instructions to this macro! | ||
| 299 | + # The ALTERNATIVE replacement code has a .+10 which targets | ||
| 300 | + # the "br \reg" after the code has been patched. | ||
| 301 | +#ifdef CONFIG_HAVE_MARCH_Z10_FEATURES | ||
| 302 | + exrl 0,555f | ||
| 303 | + j . | ||
| 304 | +#else | ||
| 305 | + .ifc \reg,%r1 | ||
| 306 | + ALTERNATIVE "ex %r0,_LC_BR_R1", ".insn ril,0xc60000000000,0,.+10", 35 | ||
| 307 | + j . | ||
| 308 | + .else | ||
| 309 | + larl \ruse,555f | ||
| 310 | + ex 0,0(\ruse) | ||
| 311 | + j . | ||
| 312 | + .endif | ||
| 313 | +#endif | ||
| 314 | +555: br \reg | ||
| 315 | + .endm | ||
| 316 | + | ||
| 317 | + .macro __THUNK_EX_BC disp,reg,ruse | ||
| 318 | +#ifdef CONFIG_HAVE_MARCH_Z10_FEATURES | ||
| 319 | + exrl 0,556f | ||
| 320 | + j . | ||
| 321 | +#else | ||
| 322 | + larl \ruse,556f | ||
| 323 | + ex 0,0(\ruse) | ||
| 324 | + j . | ||
| 325 | +#endif | ||
| 326 | +556: b \disp(\reg) | ||
| 327 | + .endm | ||
| 328 | + | ||
| 329 | + .macro GEN_BR_THUNK reg,ruse=%r1 | ||
| 330 | + __DECODE_RR __THUNK_PROLOG_BR,\reg,\ruse | ||
| 331 | + __THUNK_EX_BR \reg,\ruse | ||
| 332 | + __THUNK_EPILOG | ||
| 333 | + .endm | ||
| 334 | + | ||
| 335 | + .macro GEN_B_THUNK disp,reg,ruse=%r1 | ||
| 336 | + __DECODE_DRR __THUNK_PROLOG_BC,\disp,\reg,\ruse | ||
| 337 | + __THUNK_EX_BC \disp,\reg,\ruse | ||
| 338 | + __THUNK_EPILOG | ||
| 339 | + .endm | ||
| 340 | + | ||
| 341 | + .macro BR_EX reg,ruse=%r1 | ||
| 342 | +557: __DECODE_RR __THUNK_BR,\reg,\ruse | ||
| 343 | + .pushsection .s390_indirect_branches,"a",@progbits | ||
| 344 | + .long 557b-. | ||
| 345 | + .popsection | ||
| 346 | + .endm | ||
| 347 | + | ||
| 348 | + .macro B_EX disp,reg,ruse=%r1 | ||
| 349 | +558: __DECODE_DRR __THUNK_BC,\disp,\reg,\ruse | ||
| 350 | + .pushsection .s390_indirect_branches,"a",@progbits | ||
| 351 | + .long 558b-. | ||
| 352 | + .popsection | ||
| 353 | + .endm | ||
| 354 | + | ||
| 355 | + .macro BASR_EX rsave,rtarget,ruse=%r1 | ||
| 356 | +559: __DECODE_RRR __THUNK_BRASL,\rsave,\rtarget,\ruse | ||
| 357 | + .pushsection .s390_indirect_branches,"a",@progbits | ||
| 358 | + .long 559b-. | ||
| 359 | + .popsection | ||
| 360 | + .endm | ||
| 361 | + | ||
| 362 | +#else | ||
| 363 | + .macro GEN_BR_THUNK reg,ruse=%r1 | ||
| 364 | + .endm | ||
| 365 | + | ||
| 366 | + .macro GEN_B_THUNK disp,reg,ruse=%r1 | ||
| 367 | + .endm | ||
| 368 | + | ||
| 369 | + .macro BR_EX reg,ruse=%r1 | ||
| 370 | + br \reg | ||
| 371 | + .endm | ||
| 372 | + | ||
| 373 | + .macro B_EX disp,reg,ruse=%r1 | ||
| 374 | + b \disp(\reg) | ||
| 375 | + .endm | ||
| 376 | + | ||
| 377 | + .macro BASR_EX rsave,rtarget,ruse=%r1 | ||
| 378 | + basr \rsave,\rtarget | ||
| 379 | + .endm | ||
| 380 | +#endif | ||
| 381 | + | ||
| 382 | +#endif /* __ASSEMBLY__ */ | ||
| 383 | + | ||
| 384 | +#endif /* _ASM_S390_NOSPEC_ASM_H */ | ||
| 385 | diff --git a/arch/s390/kernel/Makefile b/arch/s390/kernel/Makefile | ||
| 386 | index 0501cac2ab95..5b139977a3a4 100644 | ||
| 387 | --- a/arch/s390/kernel/Makefile | ||
| 388 | +++ b/arch/s390/kernel/Makefile | ||
| 389 | @@ -63,6 +63,7 @@ obj-y += nospec-branch.o | ||
| 390 | |||
| 391 | extra-y += head.o head64.o vmlinux.lds | ||
| 392 | |||
| 393 | +obj-$(CONFIG_SYSFS) += nospec-sysfs.o | ||
| 394 | CFLAGS_REMOVE_nospec-branch.o += $(CC_FLAGS_EXPOLINE) | ||
| 395 | |||
| 396 | obj-$(CONFIG_MODULES) += module.o | ||
| 397 | diff --git a/arch/s390/kernel/asm-offsets.c b/arch/s390/kernel/asm-offsets.c | ||
| 398 | index f3df9e0a5dec..85c8ead29582 100644 | ||
| 399 | --- a/arch/s390/kernel/asm-offsets.c | ||
| 400 | +++ b/arch/s390/kernel/asm-offsets.c | ||
| 401 | @@ -175,6 +175,7 @@ int main(void) | ||
| 402 | OFFSET(__LC_MACHINE_FLAGS, lowcore, machine_flags); | ||
| 403 | OFFSET(__LC_GMAP, lowcore, gmap); | ||
| 404 | OFFSET(__LC_PASTE, lowcore, paste); | ||
| 405 | + OFFSET(__LC_BR_R1, lowcore, br_r1_trampoline); | ||
| 406 | /* software defined ABI-relevant lowcore locations 0xe00 - 0xe20 */ | ||
| 407 | OFFSET(__LC_DUMP_REIPL, lowcore, ipib); | ||
| 408 | /* hardware defined lowcore locations 0x1000 - 0x18ff */ | ||
| 409 | diff --git a/arch/s390/kernel/base.S b/arch/s390/kernel/base.S | ||
| 410 | index 326f717df587..61fca549a93b 100644 | ||
| 411 | --- a/arch/s390/kernel/base.S | ||
| 412 | +++ b/arch/s390/kernel/base.S | ||
| 413 | @@ -8,18 +8,22 @@ | ||
| 414 | |||
| 415 | #include <linux/linkage.h> | ||
| 416 | #include <asm/asm-offsets.h> | ||
| 417 | +#include <asm/nospec-insn.h> | ||
| 418 | #include <asm/ptrace.h> | ||
| 419 | #include <asm/sigp.h> | ||
| 420 | |||
| 421 | + GEN_BR_THUNK %r9 | ||
| 422 | + GEN_BR_THUNK %r14 | ||
| 423 | + | ||
| 424 | ENTRY(s390_base_mcck_handler) | ||
| 425 | basr %r13,0 | ||
| 426 | 0: lg %r15,__LC_PANIC_STACK # load panic stack | ||
| 427 | aghi %r15,-STACK_FRAME_OVERHEAD | ||
| 428 | larl %r1,s390_base_mcck_handler_fn | ||
| 429 | - lg %r1,0(%r1) | ||
| 430 | - ltgr %r1,%r1 | ||
| 431 | + lg %r9,0(%r1) | ||
| 432 | + ltgr %r9,%r9 | ||
| 433 | jz 1f | ||
| 434 | - basr %r14,%r1 | ||
| 435 | + BASR_EX %r14,%r9 | ||
| 436 | 1: la %r1,4095 | ||
| 437 | lmg %r0,%r15,__LC_GPREGS_SAVE_AREA-4095(%r1) | ||
| 438 | lpswe __LC_MCK_OLD_PSW | ||
| 439 | @@ -36,10 +40,10 @@ ENTRY(s390_base_ext_handler) | ||
| 440 | basr %r13,0 | ||
| 441 | 0: aghi %r15,-STACK_FRAME_OVERHEAD | ||
| 442 | larl %r1,s390_base_ext_handler_fn | ||
| 443 | - lg %r1,0(%r1) | ||
| 444 | - ltgr %r1,%r1 | ||
| 445 | + lg %r9,0(%r1) | ||
| 446 | + ltgr %r9,%r9 | ||
| 447 | jz 1f | ||
| 448 | - basr %r14,%r1 | ||
| 449 | + BASR_EX %r14,%r9 | ||
| 450 | 1: lmg %r0,%r15,__LC_SAVE_AREA_ASYNC | ||
| 451 | ni __LC_EXT_OLD_PSW+1,0xfd # clear wait state bit | ||
| 452 | lpswe __LC_EXT_OLD_PSW | ||
| 453 | @@ -56,10 +60,10 @@ ENTRY(s390_base_pgm_handler) | ||
| 454 | basr %r13,0 | ||
| 455 | 0: aghi %r15,-STACK_FRAME_OVERHEAD | ||
| 456 | larl %r1,s390_base_pgm_handler_fn | ||
| 457 | - lg %r1,0(%r1) | ||
| 458 | - ltgr %r1,%r1 | ||
| 459 | + lg %r9,0(%r1) | ||
| 460 | + ltgr %r9,%r9 | ||
| 461 | jz 1f | ||
| 462 | - basr %r14,%r1 | ||
| 463 | + BASR_EX %r14,%r9 | ||
| 464 | lmg %r0,%r15,__LC_SAVE_AREA_SYNC | ||
| 465 | lpswe __LC_PGM_OLD_PSW | ||
| 466 | 1: lpswe disabled_wait_psw-0b(%r13) | ||
| 467 | @@ -116,7 +120,7 @@ ENTRY(diag308_reset) | ||
| 468 | larl %r4,.Lcontinue_psw # Restore PSW flags | ||
| 469 | lpswe 0(%r4) | ||
| 470 | .Lcontinue: | ||
| 471 | - br %r14 | ||
| 472 | + BR_EX %r14 | ||
| 473 | .align 16 | ||
| 474 | .Lrestart_psw: | ||
| 475 | .long 0x00080000,0x80000000 + .Lrestart_part2 | ||
| 476 | diff --git a/arch/s390/kernel/entry.S b/arch/s390/kernel/entry.S | ||
| 477 | index 1996afeb2e81..a4fd00064c80 100644 | ||
| 478 | --- a/arch/s390/kernel/entry.S | ||
| 479 | +++ b/arch/s390/kernel/entry.S | ||
| 480 | @@ -24,6 +24,7 @@ | ||
| 481 | #include <asm/setup.h> | ||
| 482 | #include <asm/nmi.h> | ||
| 483 | #include <asm/export.h> | ||
| 484 | +#include <asm/nospec-insn.h> | ||
| 485 | |||
| 486 | __PT_R0 = __PT_GPRS | ||
| 487 | __PT_R1 = __PT_GPRS + 8 | ||
| 488 | @@ -226,67 +227,9 @@ _PIF_WORK = (_PIF_PER_TRAP) | ||
| 489 | .popsection | ||
| 490 | .endm | ||
| 491 | |||
| 492 | -#ifdef CONFIG_EXPOLINE | ||
| 493 | - | ||
| 494 | - .macro GEN_BR_THUNK name,reg,tmp | ||
| 495 | - .section .text.\name,"axG",@progbits,\name,comdat | ||
| 496 | - .globl \name | ||
| 497 | - .hidden \name | ||
| 498 | - .type \name,@function | ||
| 499 | -\name: | ||
| 500 | - .cfi_startproc | ||
| 501 | -#ifdef CONFIG_HAVE_MARCH_Z10_FEATURES | ||
| 502 | - exrl 0,0f | ||
| 503 | -#else | ||
| 504 | - larl \tmp,0f | ||
| 505 | - ex 0,0(\tmp) | ||
| 506 | -#endif | ||
| 507 | - j . | ||
| 508 | -0: br \reg | ||
| 509 | - .cfi_endproc | ||
| 510 | - .endm | ||
| 511 | - | ||
| 512 | - GEN_BR_THUNK __s390x_indirect_jump_r1use_r9,%r9,%r1 | ||
| 513 | - GEN_BR_THUNK __s390x_indirect_jump_r1use_r14,%r14,%r1 | ||
| 514 | - GEN_BR_THUNK __s390x_indirect_jump_r11use_r14,%r14,%r11 | ||
| 515 | - | ||
| 516 | - .macro BASR_R14_R9 | ||
| 517 | -0: brasl %r14,__s390x_indirect_jump_r1use_r9 | ||
| 518 | - .pushsection .s390_indirect_branches,"a",@progbits | ||
| 519 | - .long 0b-. | ||
| 520 | - .popsection | ||
| 521 | - .endm | ||
| 522 | - | ||
| 523 | - .macro BR_R1USE_R14 | ||
| 524 | -0: jg __s390x_indirect_jump_r1use_r14 | ||
| 525 | - .pushsection .s390_indirect_branches,"a",@progbits | ||
| 526 | - .long 0b-. | ||
| 527 | - .popsection | ||
| 528 | - .endm | ||
| 529 | - | ||
| 530 | - .macro BR_R11USE_R14 | ||
| 531 | -0: jg __s390x_indirect_jump_r11use_r14 | ||
| 532 | - .pushsection .s390_indirect_branches,"a",@progbits | ||
| 533 | - .long 0b-. | ||
| 534 | - .popsection | ||
| 535 | - .endm | ||
| 536 | - | ||
| 537 | -#else /* CONFIG_EXPOLINE */ | ||
| 538 | - | ||
| 539 | - .macro BASR_R14_R9 | ||
| 540 | - basr %r14,%r9 | ||
| 541 | - .endm | ||
| 542 | - | ||
| 543 | - .macro BR_R1USE_R14 | ||
| 544 | - br %r14 | ||
| 545 | - .endm | ||
| 546 | - | ||
| 547 | - .macro BR_R11USE_R14 | ||
| 548 | - br %r14 | ||
| 549 | - .endm | ||
| 550 | - | ||
| 551 | -#endif /* CONFIG_EXPOLINE */ | ||
| 552 | - | ||
| 553 | + GEN_BR_THUNK %r9 | ||
| 554 | + GEN_BR_THUNK %r14 | ||
| 555 | + GEN_BR_THUNK %r14,%r11 | ||
| 556 | |||
| 557 | .section .kprobes.text, "ax" | ||
| 558 | .Ldummy: | ||
| 559 | @@ -303,7 +246,7 @@ _PIF_WORK = (_PIF_PER_TRAP) | ||
| 560 | ENTRY(__bpon) | ||
| 561 | .globl __bpon | ||
| 562 | BPON | ||
| 563 | - BR_R1USE_R14 | ||
| 564 | + BR_EX %r14 | ||
| 565 | |||
| 566 | /* | ||
| 567 | * Scheduler resume function, called by switch_to | ||
| 568 | @@ -333,7 +276,7 @@ ENTRY(__switch_to) | ||
| 569 | TSTMSK __LC_MACHINE_FLAGS,MACHINE_FLAG_LPP | ||
| 570 | jz 0f | ||
| 571 | .insn s,0xb2800000,__LC_LPP # set program parameter | ||
| 572 | -0: BR_R1USE_R14 | ||
| 573 | +0: BR_EX %r14 | ||
| 574 | |||
| 575 | .L__critical_start: | ||
| 576 | |||
| 577 | @@ -399,7 +342,7 @@ sie_exit: | ||
| 578 | xgr %r5,%r5 | ||
| 579 | lmg %r6,%r14,__SF_GPRS(%r15) # restore kernel registers | ||
| 580 | lg %r2,__SF_EMPTY+16(%r15) # return exit reason code | ||
| 581 | - BR_R1USE_R14 | ||
| 582 | + BR_EX %r14 | ||
| 583 | .Lsie_fault: | ||
| 584 | lghi %r14,-EFAULT | ||
| 585 | stg %r14,__SF_EMPTY+16(%r15) # set exit reason code | ||
| 586 | @@ -458,7 +401,7 @@ ENTRY(system_call) | ||
| 587 | lgf %r9,0(%r8,%r10) # get system call add. | ||
| 588 | TSTMSK __TI_flags(%r12),_TIF_TRACE | ||
| 589 | jnz .Lsysc_tracesys | ||
| 590 | - BASR_R14_R9 # call sys_xxxx | ||
| 591 | + BASR_EX %r14,%r9 # call sys_xxxx | ||
| 592 | stg %r2,__PT_R2(%r11) # store return value | ||
| 593 | |||
| 594 | .Lsysc_return: | ||
| 595 | @@ -598,7 +541,7 @@ ENTRY(system_call) | ||
| 596 | lmg %r3,%r7,__PT_R3(%r11) | ||
| 597 | stg %r7,STACK_FRAME_OVERHEAD(%r15) | ||
| 598 | lg %r2,__PT_ORIG_GPR2(%r11) | ||
| 599 | - BASR_R14_R9 # call sys_xxx | ||
| 600 | + BASR_EX %r14,%r9 # call sys_xxx | ||
| 601 | stg %r2,__PT_R2(%r11) # store return value | ||
| 602 | .Lsysc_tracenogo: | ||
| 603 | TSTMSK __TI_flags(%r12),_TIF_TRACE | ||
| 604 | @@ -622,7 +565,7 @@ ENTRY(ret_from_fork) | ||
| 605 | lmg %r9,%r10,__PT_R9(%r11) # load gprs | ||
| 606 | ENTRY(kernel_thread_starter) | ||
| 607 | la %r2,0(%r10) | ||
| 608 | - BASR_R14_R9 | ||
| 609 | + BASR_EX %r14,%r9 | ||
| 610 | j .Lsysc_tracenogo | ||
| 611 | |||
| 612 | /* | ||
| 613 | @@ -698,7 +641,7 @@ ENTRY(pgm_check_handler) | ||
| 614 | je .Lpgm_return | ||
| 615 | lgf %r9,0(%r10,%r1) # load address of handler routine | ||
| 616 | lgr %r2,%r11 # pass pointer to pt_regs | ||
| 617 | - BASR_R14_R9 # branch to interrupt-handler | ||
| 618 | + BASR_EX %r14,%r9 # branch to interrupt-handler | ||
| 619 | .Lpgm_return: | ||
| 620 | LOCKDEP_SYS_EXIT | ||
| 621 | tm __PT_PSW+1(%r11),0x01 # returning to user ? | ||
| 622 | @@ -976,7 +919,7 @@ ENTRY(psw_idle) | ||
| 623 | stpt __TIMER_IDLE_ENTER(%r2) | ||
| 624 | .Lpsw_idle_lpsw: | ||
| 625 | lpswe __SF_EMPTY(%r15) | ||
| 626 | - BR_R1USE_R14 | ||
| 627 | + BR_EX %r14 | ||
| 628 | .Lpsw_idle_end: | ||
| 629 | |||
| 630 | /* | ||
| 631 | @@ -1021,7 +964,7 @@ ENTRY(save_fpu_regs) | ||
| 632 | .Lsave_fpu_regs_done: | ||
| 633 | oi __LC_CPU_FLAGS+7,_CIF_FPU | ||
| 634 | .Lsave_fpu_regs_exit: | ||
| 635 | - BR_R1USE_R14 | ||
| 636 | + BR_EX %r14 | ||
| 637 | .Lsave_fpu_regs_end: | ||
| 638 | #if IS_ENABLED(CONFIG_KVM) | ||
| 639 | EXPORT_SYMBOL(save_fpu_regs) | ||
| 640 | @@ -1071,7 +1014,7 @@ load_fpu_regs: | ||
| 641 | .Lload_fpu_regs_done: | ||
| 642 | ni __LC_CPU_FLAGS+7,255-_CIF_FPU | ||
| 643 | .Lload_fpu_regs_exit: | ||
| 644 | - BR_R1USE_R14 | ||
| 645 | + BR_EX %r14 | ||
| 646 | .Lload_fpu_regs_end: | ||
| 647 | |||
| 648 | .L__critical_end: | ||
| 649 | @@ -1244,7 +1187,7 @@ cleanup_critical: | ||
| 650 | jl 0f | ||
| 651 | clg %r9,BASED(.Lcleanup_table+104) # .Lload_fpu_regs_end | ||
| 652 | jl .Lcleanup_load_fpu_regs | ||
| 653 | -0: BR_R11USE_R14 | ||
| 654 | +0: BR_EX %r14 | ||
| 655 | |||
| 656 | .align 8 | ||
| 657 | .Lcleanup_table: | ||
| 658 | @@ -1274,7 +1217,7 @@ cleanup_critical: | ||
| 659 | ni __SIE_PROG0C+3(%r9),0xfe # no longer in SIE | ||
| 660 | lctlg %c1,%c1,__LC_USER_ASCE # load primary asce | ||
| 661 | larl %r9,sie_exit # skip forward to sie_exit | ||
| 662 | - BR_R11USE_R14 | ||
| 663 | + BR_EX %r14 | ||
| 664 | #endif | ||
| 665 | |||
| 666 | .Lcleanup_system_call: | ||
| 667 | @@ -1332,7 +1275,7 @@ cleanup_critical: | ||
| 668 | stg %r15,56(%r11) # r15 stack pointer | ||
| 669 | # set new psw address and exit | ||
| 670 | larl %r9,.Lsysc_do_svc | ||
| 671 | - BR_R11USE_R14 | ||
| 672 | + BR_EX %r14,%r11 | ||
| 673 | .Lcleanup_system_call_insn: | ||
| 674 | .quad system_call | ||
| 675 | .quad .Lsysc_stmg | ||
| 676 | @@ -1342,7 +1285,7 @@ cleanup_critical: | ||
| 677 | |||
| 678 | .Lcleanup_sysc_tif: | ||
| 679 | larl %r9,.Lsysc_tif | ||
| 680 | - BR_R11USE_R14 | ||
| 681 | + BR_EX %r14,%r11 | ||
| 682 | |||
| 683 | .Lcleanup_sysc_restore: | ||
| 684 | # check if stpt has been executed | ||
| 685 | @@ -1359,14 +1302,14 @@ cleanup_critical: | ||
| 686 | mvc 0(64,%r11),__PT_R8(%r9) | ||
| 687 | lmg %r0,%r7,__PT_R0(%r9) | ||
| 688 | 1: lmg %r8,%r9,__LC_RETURN_PSW | ||
| 689 | - BR_R11USE_R14 | ||
| 690 | + BR_EX %r14,%r11 | ||
| 691 | .Lcleanup_sysc_restore_insn: | ||
| 692 | .quad .Lsysc_exit_timer | ||
| 693 | .quad .Lsysc_done - 4 | ||
| 694 | |||
| 695 | .Lcleanup_io_tif: | ||
| 696 | larl %r9,.Lio_tif | ||
| 697 | - BR_R11USE_R14 | ||
| 698 | + BR_EX %r14,%r11 | ||
| 699 | |||
| 700 | .Lcleanup_io_restore: | ||
| 701 | # check if stpt has been executed | ||
| 702 | @@ -1380,7 +1323,7 @@ cleanup_critical: | ||
| 703 | mvc 0(64,%r11),__PT_R8(%r9) | ||
| 704 | lmg %r0,%r7,__PT_R0(%r9) | ||
| 705 | 1: lmg %r8,%r9,__LC_RETURN_PSW | ||
| 706 | - BR_R11USE_R14 | ||
| 707 | + BR_EX %r14,%r11 | ||
| 708 | .Lcleanup_io_restore_insn: | ||
| 709 | .quad .Lio_exit_timer | ||
| 710 | .quad .Lio_done - 4 | ||
| 711 | @@ -1433,17 +1376,17 @@ cleanup_critical: | ||
| 712 | # prepare return psw | ||
| 713 | nihh %r8,0xfcfd # clear irq & wait state bits | ||
| 714 | lg %r9,48(%r11) # return from psw_idle | ||
| 715 | - BR_R11USE_R14 | ||
| 716 | + BR_EX %r14,%r11 | ||
| 717 | .Lcleanup_idle_insn: | ||
| 718 | .quad .Lpsw_idle_lpsw | ||
| 719 | |||
| 720 | .Lcleanup_save_fpu_regs: | ||
| 721 | larl %r9,save_fpu_regs | ||
| 722 | - BR_R11USE_R14 | ||
| 723 | + BR_EX %r14,%r11 | ||
| 724 | |||
| 725 | .Lcleanup_load_fpu_regs: | ||
| 726 | larl %r9,load_fpu_regs | ||
| 727 | - BR_R11USE_R14 | ||
| 728 | + BR_EX %r14,%r11 | ||
| 729 | |||
| 730 | /* | ||
| 731 | * Integer constants | ||
| 732 | diff --git a/arch/s390/kernel/mcount.S b/arch/s390/kernel/mcount.S | ||
| 733 | index 9a17e4475d27..be75e8e49e43 100644 | ||
| 734 | --- a/arch/s390/kernel/mcount.S | ||
| 735 | +++ b/arch/s390/kernel/mcount.S | ||
| 736 | @@ -8,13 +8,17 @@ | ||
| 737 | #include <linux/linkage.h> | ||
| 738 | #include <asm/asm-offsets.h> | ||
| 739 | #include <asm/ftrace.h> | ||
| 740 | +#include <asm/nospec-insn.h> | ||
| 741 | #include <asm/ptrace.h> | ||
| 742 | #include <asm/export.h> | ||
| 743 | |||
| 744 | + GEN_BR_THUNK %r1 | ||
| 745 | + GEN_BR_THUNK %r14 | ||
| 746 | + | ||
| 747 | .section .kprobes.text, "ax" | ||
| 748 | |||
| 749 | ENTRY(ftrace_stub) | ||
| 750 | - br %r14 | ||
| 751 | + BR_EX %r14 | ||
| 752 | |||
| 753 | #define STACK_FRAME_SIZE (STACK_FRAME_OVERHEAD + __PT_SIZE) | ||
| 754 | #define STACK_PTREGS (STACK_FRAME_OVERHEAD) | ||
| 755 | @@ -22,7 +26,7 @@ ENTRY(ftrace_stub) | ||
| 756 | #define STACK_PTREGS_PSW (STACK_PTREGS + __PT_PSW) | ||
| 757 | |||
| 758 | ENTRY(_mcount) | ||
| 759 | - br %r14 | ||
| 760 | + BR_EX %r14 | ||
| 761 | |||
| 762 | EXPORT_SYMBOL(_mcount) | ||
| 763 | |||
| 764 | @@ -52,7 +56,7 @@ ENTRY(ftrace_caller) | ||
| 765 | #endif | ||
| 766 | lgr %r3,%r14 | ||
| 767 | la %r5,STACK_PTREGS(%r15) | ||
| 768 | - basr %r14,%r1 | ||
| 769 | + BASR_EX %r14,%r1 | ||
| 770 | #ifdef CONFIG_FUNCTION_GRAPH_TRACER | ||
| 771 | # The j instruction gets runtime patched to a nop instruction. | ||
| 772 | # See ftrace_enable_ftrace_graph_caller. | ||
| 773 | @@ -67,7 +71,7 @@ ftrace_graph_caller_end: | ||
| 774 | #endif | ||
| 775 | lg %r1,(STACK_PTREGS_PSW+8)(%r15) | ||
| 776 | lmg %r2,%r15,(STACK_PTREGS_GPRS+2*8)(%r15) | ||
| 777 | - br %r1 | ||
| 778 | + BR_EX %r1 | ||
| 779 | |||
| 780 | #ifdef CONFIG_FUNCTION_GRAPH_TRACER | ||
| 781 | |||
| 782 | @@ -80,6 +84,6 @@ ENTRY(return_to_handler) | ||
| 783 | aghi %r15,STACK_FRAME_OVERHEAD | ||
| 784 | lgr %r14,%r2 | ||
| 785 | lmg %r2,%r5,32(%r15) | ||
| 786 | - br %r14 | ||
| 787 | + BR_EX %r14 | ||
| 788 | |||
| 789 | #endif | ||
| 790 | diff --git a/arch/s390/kernel/nospec-branch.c b/arch/s390/kernel/nospec-branch.c | ||
| 791 | index 9f3b5b382743..d5eed651b5ab 100644 | ||
| 792 | --- a/arch/s390/kernel/nospec-branch.c | ||
| 793 | +++ b/arch/s390/kernel/nospec-branch.c | ||
| 794 | @@ -44,24 +44,6 @@ static int __init nospec_report(void) | ||
| 795 | } | ||
| 796 | arch_initcall(nospec_report); | ||
| 797 | |||
| 798 | -#ifdef CONFIG_SYSFS | ||
| 799 | -ssize_t cpu_show_spectre_v1(struct device *dev, | ||
| 800 | - struct device_attribute *attr, char *buf) | ||
| 801 | -{ | ||
| 802 | - return sprintf(buf, "Mitigation: __user pointer sanitization\n"); | ||
| 803 | -} | ||
| 804 | - | ||
| 805 | -ssize_t cpu_show_spectre_v2(struct device *dev, | ||
| 806 | - struct device_attribute *attr, char *buf) | ||
| 807 | -{ | ||
| 808 | - if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable) | ||
| 809 | - return sprintf(buf, "Mitigation: execute trampolines\n"); | ||
| 810 | - if (__test_facility(82, S390_lowcore.alt_stfle_fac_list)) | ||
| 811 | - return sprintf(buf, "Mitigation: limited branch prediction.\n"); | ||
| 812 | - return sprintf(buf, "Vulnerable\n"); | ||
| 813 | -} | ||
| 814 | -#endif | ||
| 815 | - | ||
| 816 | #ifdef CONFIG_EXPOLINE | ||
| 817 | |||
| 818 | int nospec_disable = IS_ENABLED(CONFIG_EXPOLINE_OFF); | ||
| 819 | @@ -112,7 +94,6 @@ static void __init_or_module __nospec_revert(s32 *start, s32 *end) | ||
| 820 | s32 *epo; | ||
| 821 | |||
| 822 | /* Second part of the instruction replace is always a nop */ | ||
| 823 | - memcpy(insnbuf + 2, (char[]) { 0x47, 0x00, 0x00, 0x00 }, 4); | ||
| 824 | for (epo = start; epo < end; epo++) { | ||
| 825 | instr = (u8 *) epo + *epo; | ||
| 826 | if (instr[0] == 0xc0 && (instr[1] & 0x0f) == 0x04) | ||
| 827 | @@ -133,18 +114,34 @@ static void __init_or_module __nospec_revert(s32 *start, s32 *end) | ||
| 828 | br = thunk + (*(int *)(thunk + 2)) * 2; | ||
| 829 | else | ||
| 830 | continue; | ||
| 831 | - if (br[0] != 0x07 || (br[1] & 0xf0) != 0xf0) | ||
| 832 | + /* Check for unconditional branch 0x07f? or 0x47f???? */ | ||
| 833 | + if ((br[0] & 0xbf) != 0x07 || (br[1] & 0xf0) != 0xf0) | ||
| 834 | continue; | ||
| 835 | + | ||
| 836 | + memcpy(insnbuf + 2, (char[]) { 0x47, 0x00, 0x07, 0x00 }, 4); | ||
| 837 | switch (type) { | ||
| 838 | case BRCL_EXPOLINE: | ||
| 839 | - /* brcl to thunk, replace with br + nop */ | ||
| 840 | insnbuf[0] = br[0]; | ||
| 841 | insnbuf[1] = (instr[1] & 0xf0) | (br[1] & 0x0f); | ||
| 842 | + if (br[0] == 0x47) { | ||
| 843 | + /* brcl to b, replace with bc + nopr */ | ||
| 844 | + insnbuf[2] = br[2]; | ||
| 845 | + insnbuf[3] = br[3]; | ||
| 846 | + } else { | ||
| 847 | + /* brcl to br, replace with bcr + nop */ | ||
| 848 | + } | ||
| 849 | break; | ||
| 850 | case BRASL_EXPOLINE: | ||
| 851 | - /* brasl to thunk, replace with basr + nop */ | ||
| 852 | - insnbuf[0] = 0x0d; | ||
| 853 | insnbuf[1] = (instr[1] & 0xf0) | (br[1] & 0x0f); | ||
| 854 | + if (br[0] == 0x47) { | ||
| 855 | + /* brasl to b, replace with bas + nopr */ | ||
| 856 | + insnbuf[0] = 0x4d; | ||
| 857 | + insnbuf[2] = br[2]; | ||
| 858 | + insnbuf[3] = br[3]; | ||
| 859 | + } else { | ||
| 860 | + /* brasl to br, replace with basr + nop */ | ||
| 861 | + insnbuf[0] = 0x0d; | ||
| 862 | + } | ||
| 863 | break; | ||
| 864 | } | ||
| 865 | |||
| 866 | diff --git a/arch/s390/kernel/nospec-sysfs.c b/arch/s390/kernel/nospec-sysfs.c | ||
| 867 | new file mode 100644 | ||
| 868 | index 000000000000..8affad5f18cb | ||
| 869 | --- /dev/null | ||
| 870 | +++ b/arch/s390/kernel/nospec-sysfs.c | ||
| 871 | @@ -0,0 +1,21 @@ | ||
| 872 | +// SPDX-License-Identifier: GPL-2.0 | ||
| 873 | +#include <linux/device.h> | ||
| 874 | +#include <linux/cpu.h> | ||
| 875 | +#include <asm/facility.h> | ||
| 876 | +#include <asm/nospec-branch.h> | ||
| 877 | + | ||
| 878 | +ssize_t cpu_show_spectre_v1(struct device *dev, | ||
| 879 | + struct device_attribute *attr, char *buf) | ||
| 880 | +{ | ||
| 881 | + return sprintf(buf, "Mitigation: __user pointer sanitization\n"); | ||
| 882 | +} | ||
| 883 | + | ||
| 884 | +ssize_t cpu_show_spectre_v2(struct device *dev, | ||
| 885 | + struct device_attribute *attr, char *buf) | ||
| 886 | +{ | ||
| 887 | + if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable) | ||
| 888 | + return sprintf(buf, "Mitigation: execute trampolines\n"); | ||
| 889 | + if (__test_facility(82, S390_lowcore.alt_stfle_fac_list)) | ||
| 890 | + return sprintf(buf, "Mitigation: limited branch prediction\n"); | ||
| 891 | + return sprintf(buf, "Vulnerable\n"); | ||
| 892 | +} | ||
| 893 | diff --git a/arch/s390/kernel/reipl.S b/arch/s390/kernel/reipl.S | ||
| 894 | index 89ea8c213d82..70d635da782c 100644 | ||
| 895 | --- a/arch/s390/kernel/reipl.S | ||
| 896 | +++ b/arch/s390/kernel/reipl.S | ||
| 897 | @@ -6,8 +6,11 @@ | ||
| 898 | |||
| 899 | #include <linux/linkage.h> | ||
| 900 | #include <asm/asm-offsets.h> | ||
| 901 | +#include <asm/nospec-insn.h> | ||
| 902 | #include <asm/sigp.h> | ||
| 903 | |||
| 904 | + GEN_BR_THUNK %r9 | ||
| 905 | + | ||
| 906 | # | ||
| 907 | # Issue "store status" for the current CPU to its prefix page | ||
| 908 | # and call passed function afterwards | ||
| 909 | @@ -66,9 +69,9 @@ ENTRY(store_status) | ||
| 910 | st %r4,0(%r1) | ||
| 911 | st %r5,4(%r1) | ||
| 912 | stg %r2,8(%r1) | ||
| 913 | - lgr %r1,%r2 | ||
| 914 | + lgr %r9,%r2 | ||
| 915 | lgr %r2,%r3 | ||
| 916 | - br %r1 | ||
| 917 | + BR_EX %r9 | ||
| 918 | |||
| 919 | .section .bss | ||
| 920 | .align 8 | ||
| 921 | diff --git a/arch/s390/kernel/swsusp.S b/arch/s390/kernel/swsusp.S | ||
| 922 | index 2d6b6e81f812..4e76aaf7bb38 100644 | ||
| 923 | --- a/arch/s390/kernel/swsusp.S | ||
| 924 | +++ b/arch/s390/kernel/swsusp.S | ||
| 925 | @@ -12,6 +12,7 @@ | ||
| 926 | #include <asm/ptrace.h> | ||
| 927 | #include <asm/thread_info.h> | ||
| 928 | #include <asm/asm-offsets.h> | ||
| 929 | +#include <asm/nospec-insn.h> | ||
| 930 | #include <asm/sigp.h> | ||
| 931 | |||
| 932 | /* | ||
| 933 | @@ -23,6 +24,8 @@ | ||
| 934 | * (see below) in the resume process. | ||
| 935 | * This function runs with disabled interrupts. | ||
| 936 | */ | ||
| 937 | + GEN_BR_THUNK %r14 | ||
| 938 | + | ||
| 939 | .section .text | ||
| 940 | ENTRY(swsusp_arch_suspend) | ||
| 941 | stmg %r6,%r15,__SF_GPRS(%r15) | ||
| 942 | @@ -102,7 +105,7 @@ ENTRY(swsusp_arch_suspend) | ||
| 943 | spx 0x318(%r1) | ||
| 944 | lmg %r6,%r15,STACK_FRAME_OVERHEAD + __SF_GPRS(%r15) | ||
| 945 | lghi %r2,0 | ||
| 946 | - br %r14 | ||
| 947 | + BR_EX %r14 | ||
| 948 | |||
| 949 | /* | ||
| 950 | * Restore saved memory image to correct place and restore register context. | ||
| 951 | @@ -200,7 +203,7 @@ pgm_check_entry: | ||
| 952 | lghi %r1,0 | ||
| 953 | sam31 | ||
| 954 | sigp %r1,%r0,SIGP_SET_ARCHITECTURE | ||
| 955 | - basr %r14,%r3 | ||
| 956 | + brasl %r14,_sclp_print_early | ||
| 957 | larl %r3,.Ldisabled_wait_31 | ||
| 958 | lpsw 0(%r3) | ||
| 959 | 4: | ||
| 960 | @@ -266,7 +269,7 @@ restore_registers: | ||
| 961 | /* Return 0 */ | ||
| 962 | lmg %r6,%r15,STACK_FRAME_OVERHEAD + __SF_GPRS(%r15) | ||
| 963 | lghi %r2,0 | ||
| 964 | - br %r14 | ||
| 965 | + BR_EX %r14 | ||
| 966 | |||
| 967 | .section .data..nosave,"aw",@progbits | ||
| 968 | .align 8 | ||
| 969 | diff --git a/arch/s390/lib/mem.S b/arch/s390/lib/mem.S | ||
| 970 | index be9fa65bfac4..e7672edc284a 100644 | ||
| 971 | --- a/arch/s390/lib/mem.S | ||
| 972 | +++ b/arch/s390/lib/mem.S | ||
| 973 | @@ -6,6 +6,9 @@ | ||
| 974 | |||
| 975 | #include <linux/linkage.h> | ||
| 976 | #include <asm/export.h> | ||
| 977 | +#include <asm/nospec-insn.h> | ||
| 978 | + | ||
| 979 | + GEN_BR_THUNK %r14 | ||
| 980 | |||
| 981 | /* | ||
| 982 | * memset implementation | ||
| 983 | @@ -39,7 +42,7 @@ ENTRY(memset) | ||
| 984 | .Lmemset_clear_rest: | ||
| 985 | larl %r3,.Lmemset_xc | ||
| 986 | ex %r4,0(%r3) | ||
| 987 | - br %r14 | ||
| 988 | + BR_EX %r14 | ||
| 989 | .Lmemset_fill: | ||
| 990 | stc %r3,0(%r2) | ||
| 991 | cghi %r4,1 | ||
| 992 | @@ -56,7 +59,7 @@ ENTRY(memset) | ||
| 993 | .Lmemset_fill_rest: | ||
| 994 | larl %r3,.Lmemset_mvc | ||
| 995 | ex %r4,0(%r3) | ||
| 996 | - br %r14 | ||
| 997 | + BR_EX %r14 | ||
| 998 | .Lmemset_xc: | ||
| 999 | xc 0(1,%r1),0(%r1) | ||
| 1000 | .Lmemset_mvc: | ||
| 1001 | @@ -79,7 +82,7 @@ ENTRY(memcpy) | ||
| 1002 | .Lmemcpy_rest: | ||
| 1003 | larl %r5,.Lmemcpy_mvc | ||
| 1004 | ex %r4,0(%r5) | ||
| 1005 | - br %r14 | ||
| 1006 | + BR_EX %r14 | ||
| 1007 | .Lmemcpy_loop: | ||
| 1008 | mvc 0(256,%r1),0(%r3) | ||
| 1009 | la %r1,256(%r1) | ||
| 1010 | diff --git a/arch/s390/net/bpf_jit.S b/arch/s390/net/bpf_jit.S | ||
| 1011 | index a1c917d881ec..fa716f2a95a7 100644 | ||
| 1012 | --- a/arch/s390/net/bpf_jit.S | ||
| 1013 | +++ b/arch/s390/net/bpf_jit.S | ||
| 1014 | @@ -8,6 +8,7 @@ | ||
| 1015 | */ | ||
| 1016 | |||
| 1017 | #include <linux/linkage.h> | ||
| 1018 | +#include <asm/nospec-insn.h> | ||
| 1019 | #include "bpf_jit.h" | ||
| 1020 | |||
| 1021 | /* | ||
| 1022 | @@ -53,7 +54,7 @@ ENTRY(sk_load_##NAME##_pos); \ | ||
| 1023 | clg %r3,STK_OFF_HLEN(%r15); /* Offset + SIZE > hlen? */ \ | ||
| 1024 | jh sk_load_##NAME##_slow; \ | ||
| 1025 | LOAD %r14,-SIZE(%r3,%r12); /* Get data from skb */ \ | ||
| 1026 | - b OFF_OK(%r6); /* Return */ \ | ||
| 1027 | + B_EX OFF_OK,%r6; /* Return */ \ | ||
| 1028 | \ | ||
| 1029 | sk_load_##NAME##_slow:; \ | ||
| 1030 | lgr %r2,%r7; /* Arg1 = skb pointer */ \ | ||
| 1031 | @@ -63,11 +64,14 @@ sk_load_##NAME##_slow:; \ | ||
| 1032 | brasl %r14,skb_copy_bits; /* Get data from skb */ \ | ||
| 1033 | LOAD %r14,STK_OFF_TMP(%r15); /* Load from temp bufffer */ \ | ||
| 1034 | ltgr %r2,%r2; /* Set cc to (%r2 != 0) */ \ | ||
| 1035 | - br %r6; /* Return */ | ||
| 1036 | + BR_EX %r6; /* Return */ | ||
| 1037 | |||
| 1038 | sk_load_common(word, 4, llgf) /* r14 = *(u32 *) (skb->data+offset) */ | ||
| 1039 | sk_load_common(half, 2, llgh) /* r14 = *(u16 *) (skb->data+offset) */ | ||
| 1040 | |||
| 1041 | + GEN_BR_THUNK %r6 | ||
| 1042 | + GEN_B_THUNK OFF_OK,%r6 | ||
| 1043 | + | ||
| 1044 | /* | ||
| 1045 | * Load 1 byte from SKB (optimized version) | ||
| 1046 | */ | ||
| 1047 | @@ -79,7 +83,7 @@ ENTRY(sk_load_byte_pos) | ||
| 1048 | clg %r3,STK_OFF_HLEN(%r15) # Offset >= hlen? | ||
| 1049 | jnl sk_load_byte_slow | ||
| 1050 | llgc %r14,0(%r3,%r12) # Get byte from skb | ||
| 1051 | - b OFF_OK(%r6) # Return OK | ||
| 1052 | + B_EX OFF_OK,%r6 # Return OK | ||
| 1053 | |||
| 1054 | sk_load_byte_slow: | ||
| 1055 | lgr %r2,%r7 # Arg1 = skb pointer | ||
| 1056 | @@ -89,7 +93,7 @@ sk_load_byte_slow: | ||
| 1057 | brasl %r14,skb_copy_bits # Get data from skb | ||
| 1058 | llgc %r14,STK_OFF_TMP(%r15) # Load result from temp buffer | ||
| 1059 | ltgr %r2,%r2 # Set cc to (%r2 != 0) | ||
| 1060 | - br %r6 # Return cc | ||
| 1061 | + BR_EX %r6 # Return cc | ||
| 1062 | |||
| 1063 | #define sk_negative_common(NAME, SIZE, LOAD) \ | ||
| 1064 | sk_load_##NAME##_slow_neg:; \ | ||
| 1065 | @@ -103,7 +107,7 @@ sk_load_##NAME##_slow_neg:; \ | ||
| 1066 | jz bpf_error; \ | ||
| 1067 | LOAD %r14,0(%r2); /* Get data from pointer */ \ | ||
| 1068 | xr %r3,%r3; /* Set cc to zero */ \ | ||
| 1069 | - br %r6; /* Return cc */ | ||
| 1070 | + BR_EX %r6; /* Return cc */ | ||
| 1071 | |||
| 1072 | sk_negative_common(word, 4, llgf) | ||
| 1073 | sk_negative_common(half, 2, llgh) | ||
| 1074 | @@ -112,4 +116,4 @@ sk_negative_common(byte, 1, llgc) | ||
| 1075 | bpf_error: | ||
| 1076 | # force a return 0 from jit handler | ||
| 1077 | ltgr %r15,%r15 # Set condition code | ||
| 1078 | - br %r6 | ||
| 1079 | + BR_EX %r6 | ||
| 1080 | diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c | ||
| 1081 | index e8dee623d545..e7ce2577f0c9 100644 | ||
| 1082 | --- a/arch/s390/net/bpf_jit_comp.c | ||
| 1083 | +++ b/arch/s390/net/bpf_jit_comp.c | ||
| 1084 | @@ -24,6 +24,8 @@ | ||
| 1085 | #include <linux/bpf.h> | ||
| 1086 | #include <asm/cacheflush.h> | ||
| 1087 | #include <asm/dis.h> | ||
| 1088 | +#include <asm/facility.h> | ||
| 1089 | +#include <asm/nospec-branch.h> | ||
| 1090 | #include "bpf_jit.h" | ||
| 1091 | |||
| 1092 | int bpf_jit_enable __read_mostly; | ||
| 1093 | @@ -41,6 +43,8 @@ struct bpf_jit { | ||
| 1094 | int base_ip; /* Base address for literal pool */ | ||
| 1095 | int ret0_ip; /* Address of return 0 */ | ||
| 1096 | int exit_ip; /* Address of exit */ | ||
| 1097 | + int r1_thunk_ip; /* Address of expoline thunk for 'br %r1' */ | ||
| 1098 | + int r14_thunk_ip; /* Address of expoline thunk for 'br %r14' */ | ||
| 1099 | int tail_call_start; /* Tail call start offset */ | ||
| 1100 | int labels[1]; /* Labels for local jumps */ | ||
| 1101 | }; | ||
| 1102 | @@ -251,6 +255,19 @@ static inline void reg_set_seen(struct bpf_jit *jit, u32 b1) | ||
| 1103 | REG_SET_SEEN(b2); \ | ||
| 1104 | }) | ||
| 1105 | |||
| 1106 | +#define EMIT6_PCREL_RILB(op, b, target) \ | ||
| 1107 | +({ \ | ||
| 1108 | + int rel = (target - jit->prg) / 2; \ | ||
| 1109 | + _EMIT6(op | reg_high(b) << 16 | rel >> 16, rel & 0xffff); \ | ||
| 1110 | + REG_SET_SEEN(b); \ | ||
| 1111 | +}) | ||
| 1112 | + | ||
| 1113 | +#define EMIT6_PCREL_RIL(op, target) \ | ||
| 1114 | +({ \ | ||
| 1115 | + int rel = (target - jit->prg) / 2; \ | ||
| 1116 | + _EMIT6(op | rel >> 16, rel & 0xffff); \ | ||
| 1117 | +}) | ||
| 1118 | + | ||
| 1119 | #define _EMIT6_IMM(op, imm) \ | ||
| 1120 | ({ \ | ||
| 1121 | unsigned int __imm = (imm); \ | ||
| 1122 | @@ -470,8 +487,45 @@ static void bpf_jit_epilogue(struct bpf_jit *jit) | ||
| 1123 | EMIT4(0xb9040000, REG_2, BPF_REG_0); | ||
| 1124 | /* Restore registers */ | ||
| 1125 | save_restore_regs(jit, REGS_RESTORE); | ||
| 1126 | + if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable) { | ||
| 1127 | + jit->r14_thunk_ip = jit->prg; | ||
| 1128 | + /* Generate __s390_indirect_jump_r14 thunk */ | ||
| 1129 | + if (test_facility(35)) { | ||
| 1130 | + /* exrl %r0,.+10 */ | ||
| 1131 | + EMIT6_PCREL_RIL(0xc6000000, jit->prg + 10); | ||
| 1132 | + } else { | ||
| 1133 | + /* larl %r1,.+14 */ | ||
| 1134 | + EMIT6_PCREL_RILB(0xc0000000, REG_1, jit->prg + 14); | ||
| 1135 | + /* ex 0,0(%r1) */ | ||
| 1136 | + EMIT4_DISP(0x44000000, REG_0, REG_1, 0); | ||
| 1137 | + } | ||
| 1138 | + /* j . */ | ||
| 1139 | + EMIT4_PCREL(0xa7f40000, 0); | ||
| 1140 | + } | ||
| 1141 | /* br %r14 */ | ||
| 1142 | _EMIT2(0x07fe); | ||
| 1143 | + | ||
| 1144 | + if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable && | ||
| 1145 | + (jit->seen & SEEN_FUNC)) { | ||
| 1146 | + jit->r1_thunk_ip = jit->prg; | ||
| 1147 | + /* Generate __s390_indirect_jump_r1 thunk */ | ||
| 1148 | + if (test_facility(35)) { | ||
| 1149 | + /* exrl %r0,.+10 */ | ||
| 1150 | + EMIT6_PCREL_RIL(0xc6000000, jit->prg + 10); | ||
| 1151 | + /* j . */ | ||
| 1152 | + EMIT4_PCREL(0xa7f40000, 0); | ||
| 1153 | + /* br %r1 */ | ||
| 1154 | + _EMIT2(0x07f1); | ||
| 1155 | + } else { | ||
| 1156 | + /* larl %r1,.+14 */ | ||
| 1157 | + EMIT6_PCREL_RILB(0xc0000000, REG_1, jit->prg + 14); | ||
| 1158 | + /* ex 0,S390_lowcore.br_r1_tampoline */ | ||
| 1159 | + EMIT4_DISP(0x44000000, REG_0, REG_0, | ||
| 1160 | + offsetof(struct lowcore, br_r1_trampoline)); | ||
| 1161 | + /* j . */ | ||
| 1162 | + EMIT4_PCREL(0xa7f40000, 0); | ||
| 1163 | + } | ||
| 1164 | + } | ||
| 1165 | } | ||
| 1166 | |||
| 1167 | /* | ||
| 1168 | @@ -977,8 +1031,13 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, int i | ||
| 1169 | /* lg %w1,<d(imm)>(%l) */ | ||
| 1170 | EMIT6_DISP_LH(0xe3000000, 0x0004, REG_W1, REG_0, REG_L, | ||
| 1171 | EMIT_CONST_U64(func)); | ||
| 1172 | - /* basr %r14,%w1 */ | ||
| 1173 | - EMIT2(0x0d00, REG_14, REG_W1); | ||
| 1174 | + if (IS_ENABLED(CC_USING_EXPOLINE) && !nospec_disable) { | ||
| 1175 | + /* brasl %r14,__s390_indirect_jump_r1 */ | ||
| 1176 | + EMIT6_PCREL_RILB(0xc0050000, REG_14, jit->r1_thunk_ip); | ||
| 1177 | + } else { | ||
| 1178 | + /* basr %r14,%w1 */ | ||
| 1179 | + EMIT2(0x0d00, REG_14, REG_W1); | ||
| 1180 | + } | ||
| 1181 | /* lgr %b0,%r2: load return value into %b0 */ | ||
| 1182 | EMIT4(0xb9040000, BPF_REG_0, REG_2); | ||
| 1183 | if (bpf_helper_changes_skb_data((void *)func)) { | ||
| 1184 | diff --git a/arch/x86/kernel/machine_kexec_32.c b/arch/x86/kernel/machine_kexec_32.c | ||
| 1185 | index 469b23d6acc2..fd7e9937ddd6 100644 | ||
| 1186 | --- a/arch/x86/kernel/machine_kexec_32.c | ||
| 1187 | +++ b/arch/x86/kernel/machine_kexec_32.c | ||
| 1188 | @@ -71,12 +71,17 @@ static void load_segments(void) | ||
| 1189 | static void machine_kexec_free_page_tables(struct kimage *image) | ||
| 1190 | { | ||
| 1191 | free_page((unsigned long)image->arch.pgd); | ||
| 1192 | + image->arch.pgd = NULL; | ||
| 1193 | #ifdef CONFIG_X86_PAE | ||
| 1194 | free_page((unsigned long)image->arch.pmd0); | ||
| 1195 | + image->arch.pmd0 = NULL; | ||
| 1196 | free_page((unsigned long)image->arch.pmd1); | ||
| 1197 | + image->arch.pmd1 = NULL; | ||
| 1198 | #endif | ||
| 1199 | free_page((unsigned long)image->arch.pte0); | ||
| 1200 | + image->arch.pte0 = NULL; | ||
| 1201 | free_page((unsigned long)image->arch.pte1); | ||
| 1202 | + image->arch.pte1 = NULL; | ||
| 1203 | } | ||
| 1204 | |||
| 1205 | static int machine_kexec_alloc_page_tables(struct kimage *image) | ||
| 1206 | @@ -93,7 +98,6 @@ static int machine_kexec_alloc_page_tables(struct kimage *image) | ||
| 1207 | !image->arch.pmd0 || !image->arch.pmd1 || | ||
| 1208 | #endif | ||
| 1209 | !image->arch.pte0 || !image->arch.pte1) { | ||
| 1210 | - machine_kexec_free_page_tables(image); | ||
| 1211 | return -ENOMEM; | ||
| 1212 | } | ||
| 1213 | return 0; | ||
| 1214 | diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c | ||
| 1215 | index a5784a14f8d1..eae59cad0b07 100644 | ||
| 1216 | --- a/arch/x86/kernel/machine_kexec_64.c | ||
| 1217 | +++ b/arch/x86/kernel/machine_kexec_64.c | ||
| 1218 | @@ -37,8 +37,11 @@ static struct kexec_file_ops *kexec_file_loaders[] = { | ||
| 1219 | static void free_transition_pgtable(struct kimage *image) | ||
| 1220 | { | ||
| 1221 | free_page((unsigned long)image->arch.pud); | ||
| 1222 | + image->arch.pud = NULL; | ||
| 1223 | free_page((unsigned long)image->arch.pmd); | ||
| 1224 | + image->arch.pmd = NULL; | ||
| 1225 | free_page((unsigned long)image->arch.pte); | ||
| 1226 | + image->arch.pte = NULL; | ||
| 1227 | } | ||
| 1228 | |||
| 1229 | static int init_transition_pgtable(struct kimage *image, pgd_t *pgd) | ||
| 1230 | @@ -79,7 +82,6 @@ static int init_transition_pgtable(struct kimage *image, pgd_t *pgd) | ||
| 1231 | set_pte(pte, pfn_pte(paddr >> PAGE_SHIFT, PAGE_KERNEL_EXEC)); | ||
| 1232 | return 0; | ||
| 1233 | err: | ||
| 1234 | - free_transition_pgtable(image); | ||
| 1235 | return result; | ||
| 1236 | } | ||
| 1237 | |||
| 1238 | diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c | ||
| 1239 | index 3257647d4f74..bff67c5a5fe7 100644 | ||
| 1240 | --- a/drivers/bluetooth/btusb.c | ||
| 1241 | +++ b/drivers/bluetooth/btusb.c | ||
| 1242 | @@ -345,6 +345,9 @@ static const struct usb_device_id blacklist_table[] = { | ||
| 1243 | { USB_DEVICE(0x13d3, 0x3459), .driver_info = BTUSB_REALTEK }, | ||
| 1244 | { USB_DEVICE(0x13d3, 0x3494), .driver_info = BTUSB_REALTEK }, | ||
| 1245 | |||
| 1246 | + /* Additional Realtek 8723BU Bluetooth devices */ | ||
| 1247 | + { USB_DEVICE(0x7392, 0xa611), .driver_info = BTUSB_REALTEK }, | ||
| 1248 | + | ||
| 1249 | /* Additional Realtek 8821AE Bluetooth devices */ | ||
| 1250 | { USB_DEVICE(0x0b05, 0x17dc), .driver_info = BTUSB_REALTEK }, | ||
| 1251 | { USB_DEVICE(0x13d3, 0x3414), .driver_info = BTUSB_REALTEK }, | ||
| 1252 | @@ -352,6 +355,9 @@ static const struct usb_device_id blacklist_table[] = { | ||
| 1253 | { USB_DEVICE(0x13d3, 0x3461), .driver_info = BTUSB_REALTEK }, | ||
| 1254 | { USB_DEVICE(0x13d3, 0x3462), .driver_info = BTUSB_REALTEK }, | ||
| 1255 | |||
| 1256 | + /* Additional Realtek 8822BE Bluetooth devices */ | ||
| 1257 | + { USB_DEVICE(0x0b05, 0x185c), .driver_info = BTUSB_REALTEK }, | ||
| 1258 | + | ||
| 1259 | /* Silicon Wave based devices */ | ||
| 1260 | { USB_DEVICE(0x0c10, 0x0000), .driver_info = BTUSB_SWAVE }, | ||
| 1261 | |||
| 1262 | diff --git a/drivers/clk/clk.c b/drivers/clk/clk.c | ||
| 1263 | index 0cdb8550729d..c745dad7f85e 100644 | ||
| 1264 | --- a/drivers/clk/clk.c | ||
| 1265 | +++ b/drivers/clk/clk.c | ||
| 1266 | @@ -1929,6 +1929,9 @@ static int clk_core_get_phase(struct clk_core *core) | ||
| 1267 | int ret; | ||
| 1268 | |||
| 1269 | clk_prepare_lock(); | ||
| 1270 | + /* Always try to update cached phase if possible */ | ||
| 1271 | + if (core->ops->get_phase) | ||
| 1272 | + core->phase = core->ops->get_phase(core->hw); | ||
| 1273 | ret = core->phase; | ||
| 1274 | clk_prepare_unlock(); | ||
| 1275 | |||
| 1276 | diff --git a/drivers/clk/rockchip/clk-mmc-phase.c b/drivers/clk/rockchip/clk-mmc-phase.c | ||
| 1277 | index 077fcdc7908b..fe7d9ed1d436 100644 | ||
| 1278 | --- a/drivers/clk/rockchip/clk-mmc-phase.c | ||
| 1279 | +++ b/drivers/clk/rockchip/clk-mmc-phase.c | ||
| 1280 | @@ -58,6 +58,12 @@ static int rockchip_mmc_get_phase(struct clk_hw *hw) | ||
| 1281 | u16 degrees; | ||
| 1282 | u32 delay_num = 0; | ||
| 1283 | |||
| 1284 | + /* See the comment for rockchip_mmc_set_phase below */ | ||
| 1285 | + if (!rate) { | ||
| 1286 | + pr_err("%s: invalid clk rate\n", __func__); | ||
| 1287 | + return -EINVAL; | ||
| 1288 | + } | ||
| 1289 | + | ||
| 1290 | raw_value = readl(mmc_clock->reg) >> (mmc_clock->shift); | ||
| 1291 | |||
| 1292 | degrees = (raw_value & ROCKCHIP_MMC_DEGREE_MASK) * 90; | ||
| 1293 | @@ -84,6 +90,23 @@ static int rockchip_mmc_set_phase(struct clk_hw *hw, int degrees) | ||
| 1294 | u32 raw_value; | ||
| 1295 | u32 delay; | ||
| 1296 | |||
| 1297 | + /* | ||
| 1298 | + * The below calculation is based on the output clock from | ||
| 1299 | + * MMC host to the card, which expects the phase clock inherits | ||
| 1300 | + * the clock rate from its parent, namely the output clock | ||
| 1301 | + * provider of MMC host. However, things may go wrong if | ||
| 1302 | + * (1) It is orphan. | ||
| 1303 | + * (2) It is assigned to the wrong parent. | ||
| 1304 | + * | ||
| 1305 | + * This check help debug the case (1), which seems to be the | ||
| 1306 | + * most likely problem we often face and which makes it difficult | ||
| 1307 | + * for people to debug unstable mmc tuning results. | ||
| 1308 | + */ | ||
| 1309 | + if (!rate) { | ||
| 1310 | + pr_err("%s: invalid clk rate\n", __func__); | ||
| 1311 | + return -EINVAL; | ||
| 1312 | + } | ||
| 1313 | + | ||
| 1314 | nineties = degrees / 90; | ||
| 1315 | remainder = (degrees % 90); | ||
| 1316 | |||
| 1317 | diff --git a/drivers/clk/rockchip/clk-rk3228.c b/drivers/clk/rockchip/clk-rk3228.c | ||
| 1318 | index db6e5a9e6de6..53f16efbb8f4 100644 | ||
| 1319 | --- a/drivers/clk/rockchip/clk-rk3228.c | ||
| 1320 | +++ b/drivers/clk/rockchip/clk-rk3228.c | ||
| 1321 | @@ -369,7 +369,7 @@ static struct rockchip_clk_branch rk3228_clk_branches[] __initdata = { | ||
| 1322 | RK2928_CLKSEL_CON(23), 5, 2, MFLAGS, 0, 6, DFLAGS, | ||
| 1323 | RK2928_CLKGATE_CON(2), 15, GFLAGS), | ||
| 1324 | |||
| 1325 | - COMPOSITE(SCLK_SDMMC, "sclk_sdmmc0", mux_mmc_src_p, 0, | ||
| 1326 | + COMPOSITE(SCLK_SDMMC, "sclk_sdmmc", mux_mmc_src_p, 0, | ||
| 1327 | RK2928_CLKSEL_CON(11), 8, 2, MFLAGS, 0, 8, DFLAGS, | ||
| 1328 | RK2928_CLKGATE_CON(2), 11, GFLAGS), | ||
| 1329 | |||
| 1330 | diff --git a/drivers/clk/samsung/clk-exynos3250.c b/drivers/clk/samsung/clk-exynos3250.c | ||
| 1331 | index 1b81e283f605..ed36728424a2 100644 | ||
| 1332 | --- a/drivers/clk/samsung/clk-exynos3250.c | ||
| 1333 | +++ b/drivers/clk/samsung/clk-exynos3250.c | ||
| 1334 | @@ -698,7 +698,7 @@ static const struct samsung_pll_rate_table exynos3250_epll_rates[] __initconst = | ||
| 1335 | PLL_36XX_RATE(144000000, 96, 2, 3, 0), | ||
| 1336 | PLL_36XX_RATE( 96000000, 128, 2, 4, 0), | ||
| 1337 | PLL_36XX_RATE( 84000000, 112, 2, 4, 0), | ||
| 1338 | - PLL_36XX_RATE( 80000004, 106, 2, 4, 43691), | ||
| 1339 | + PLL_36XX_RATE( 80000003, 106, 2, 4, 43691), | ||
| 1340 | PLL_36XX_RATE( 73728000, 98, 2, 4, 19923), | ||
| 1341 | PLL_36XX_RATE( 67737598, 270, 3, 5, 62285), | ||
| 1342 | PLL_36XX_RATE( 65535999, 174, 2, 5, 49982), | ||
| 1343 | @@ -734,7 +734,7 @@ static const struct samsung_pll_rate_table exynos3250_vpll_rates[] __initconst = | ||
| 1344 | PLL_36XX_RATE(148352005, 98, 2, 3, 59070), | ||
| 1345 | PLL_36XX_RATE(108000000, 144, 2, 4, 0), | ||
| 1346 | PLL_36XX_RATE( 74250000, 99, 2, 4, 0), | ||
| 1347 | - PLL_36XX_RATE( 74176002, 98, 3, 4, 59070), | ||
| 1348 | + PLL_36XX_RATE( 74176002, 98, 2, 4, 59070), | ||
| 1349 | PLL_36XX_RATE( 54054000, 216, 3, 5, 14156), | ||
| 1350 | PLL_36XX_RATE( 54000000, 144, 2, 5, 0), | ||
| 1351 | { /* sentinel */ } | ||
| 1352 | diff --git a/drivers/clk/samsung/clk-exynos5250.c b/drivers/clk/samsung/clk-exynos5250.c | ||
| 1353 | index 27a227d6620c..6a0cb8a515e8 100644 | ||
| 1354 | --- a/drivers/clk/samsung/clk-exynos5250.c | ||
| 1355 | +++ b/drivers/clk/samsung/clk-exynos5250.c | ||
| 1356 | @@ -711,13 +711,13 @@ static const struct samsung_pll_rate_table epll_24mhz_tbl[] __initconst = { | ||
| 1357 | /* sorted in descending order */ | ||
| 1358 | /* PLL_36XX_RATE(rate, m, p, s, k) */ | ||
| 1359 | PLL_36XX_RATE(192000000, 64, 2, 2, 0), | ||
| 1360 | - PLL_36XX_RATE(180633600, 90, 3, 2, 20762), | ||
| 1361 | + PLL_36XX_RATE(180633605, 90, 3, 2, 20762), | ||
| 1362 | PLL_36XX_RATE(180000000, 90, 3, 2, 0), | ||
| 1363 | PLL_36XX_RATE(73728000, 98, 2, 4, 19923), | ||
| 1364 | - PLL_36XX_RATE(67737600, 90, 2, 4, 20762), | ||
| 1365 | + PLL_36XX_RATE(67737602, 90, 2, 4, 20762), | ||
| 1366 | PLL_36XX_RATE(49152000, 98, 3, 4, 19923), | ||
| 1367 | - PLL_36XX_RATE(45158400, 90, 3, 4, 20762), | ||
| 1368 | - PLL_36XX_RATE(32768000, 131, 3, 5, 4719), | ||
| 1369 | + PLL_36XX_RATE(45158401, 90, 3, 4, 20762), | ||
| 1370 | + PLL_36XX_RATE(32768001, 131, 3, 5, 4719), | ||
| 1371 | { }, | ||
| 1372 | }; | ||
| 1373 | |||
| 1374 | diff --git a/drivers/clk/samsung/clk-exynos5260.c b/drivers/clk/samsung/clk-exynos5260.c | ||
| 1375 | index fd1d9bfc151b..8eae1752d700 100644 | ||
| 1376 | --- a/drivers/clk/samsung/clk-exynos5260.c | ||
| 1377 | +++ b/drivers/clk/samsung/clk-exynos5260.c | ||
| 1378 | @@ -65,7 +65,7 @@ static const struct samsung_pll_rate_table pll2650_24mhz_tbl[] __initconst = { | ||
| 1379 | PLL_36XX_RATE(480000000, 160, 2, 2, 0), | ||
| 1380 | PLL_36XX_RATE(432000000, 144, 2, 2, 0), | ||
| 1381 | PLL_36XX_RATE(400000000, 200, 3, 2, 0), | ||
| 1382 | - PLL_36XX_RATE(394073130, 459, 7, 2, 49282), | ||
| 1383 | + PLL_36XX_RATE(394073128, 459, 7, 2, 49282), | ||
| 1384 | PLL_36XX_RATE(333000000, 111, 2, 2, 0), | ||
| 1385 | PLL_36XX_RATE(300000000, 100, 2, 2, 0), | ||
| 1386 | PLL_36XX_RATE(266000000, 266, 3, 3, 0), | ||
| 1387 | diff --git a/drivers/clk/samsung/clk-exynos5433.c b/drivers/clk/samsung/clk-exynos5433.c | ||
| 1388 | index 2fe057326552..09cdd35dc434 100644 | ||
| 1389 | --- a/drivers/clk/samsung/clk-exynos5433.c | ||
| 1390 | +++ b/drivers/clk/samsung/clk-exynos5433.c | ||
| 1391 | @@ -725,7 +725,7 @@ static const struct samsung_pll_rate_table exynos5443_pll_rates[] __initconst = | ||
| 1392 | PLL_35XX_RATE(800000000U, 400, 6, 1), | ||
| 1393 | PLL_35XX_RATE(733000000U, 733, 12, 1), | ||
| 1394 | PLL_35XX_RATE(700000000U, 175, 3, 1), | ||
| 1395 | - PLL_35XX_RATE(667000000U, 222, 4, 1), | ||
| 1396 | + PLL_35XX_RATE(666000000U, 222, 4, 1), | ||
| 1397 | PLL_35XX_RATE(633000000U, 211, 4, 1), | ||
| 1398 | PLL_35XX_RATE(600000000U, 500, 5, 2), | ||
| 1399 | PLL_35XX_RATE(552000000U, 460, 5, 2), | ||
| 1400 | @@ -751,12 +751,12 @@ static const struct samsung_pll_rate_table exynos5443_pll_rates[] __initconst = | ||
| 1401 | /* AUD_PLL */ | ||
| 1402 | static const struct samsung_pll_rate_table exynos5443_aud_pll_rates[] __initconst = { | ||
| 1403 | PLL_36XX_RATE(400000000U, 200, 3, 2, 0), | ||
| 1404 | - PLL_36XX_RATE(393216000U, 197, 3, 2, -25690), | ||
| 1405 | + PLL_36XX_RATE(393216003U, 197, 3, 2, -25690), | ||
| 1406 | PLL_36XX_RATE(384000000U, 128, 2, 2, 0), | ||
| 1407 | - PLL_36XX_RATE(368640000U, 246, 4, 2, -15729), | ||
| 1408 | - PLL_36XX_RATE(361507200U, 181, 3, 2, -16148), | ||
| 1409 | - PLL_36XX_RATE(338688000U, 113, 2, 2, -6816), | ||
| 1410 | - PLL_36XX_RATE(294912000U, 98, 1, 3, 19923), | ||
| 1411 | + PLL_36XX_RATE(368639991U, 246, 4, 2, -15729), | ||
| 1412 | + PLL_36XX_RATE(361507202U, 181, 3, 2, -16148), | ||
| 1413 | + PLL_36XX_RATE(338687988U, 113, 2, 2, -6816), | ||
| 1414 | + PLL_36XX_RATE(294912002U, 98, 1, 3, 19923), | ||
| 1415 | PLL_36XX_RATE(288000000U, 96, 1, 3, 0), | ||
| 1416 | PLL_36XX_RATE(252000000U, 84, 1, 3, 0), | ||
| 1417 | { /* sentinel */ } | ||
| 1418 | diff --git a/drivers/clk/samsung/clk-exynos7.c b/drivers/clk/samsung/clk-exynos7.c | ||
| 1419 | index 5931a4140c3d..bbfa57b4e017 100644 | ||
| 1420 | --- a/drivers/clk/samsung/clk-exynos7.c | ||
| 1421 | +++ b/drivers/clk/samsung/clk-exynos7.c | ||
| 1422 | @@ -140,7 +140,7 @@ static const struct samsung_div_clock topc_div_clks[] __initconst = { | ||
| 1423 | }; | ||
| 1424 | |||
| 1425 | static const struct samsung_pll_rate_table pll1460x_24mhz_tbl[] __initconst = { | ||
| 1426 | - PLL_36XX_RATE(491520000, 20, 1, 0, 31457), | ||
| 1427 | + PLL_36XX_RATE(491519897, 20, 1, 0, 31457), | ||
| 1428 | {}, | ||
| 1429 | }; | ||
| 1430 | |||
| 1431 | diff --git a/drivers/clk/samsung/clk-s3c2410.c b/drivers/clk/samsung/clk-s3c2410.c | ||
| 1432 | index d7a1e772d95a..5f50037586ea 100644 | ||
| 1433 | --- a/drivers/clk/samsung/clk-s3c2410.c | ||
| 1434 | +++ b/drivers/clk/samsung/clk-s3c2410.c | ||
| 1435 | @@ -168,7 +168,7 @@ static struct samsung_pll_rate_table pll_s3c2410_12mhz_tbl[] __initdata = { | ||
| 1436 | PLL_35XX_RATE(226000000, 105, 1, 1), | ||
| 1437 | PLL_35XX_RATE(210000000, 132, 2, 1), | ||
| 1438 | /* 2410 common */ | ||
| 1439 | - PLL_35XX_RATE(203000000, 161, 3, 1), | ||
| 1440 | + PLL_35XX_RATE(202800000, 161, 3, 1), | ||
| 1441 | PLL_35XX_RATE(192000000, 88, 1, 1), | ||
| 1442 | PLL_35XX_RATE(186000000, 85, 1, 1), | ||
| 1443 | PLL_35XX_RATE(180000000, 82, 1, 1), | ||
| 1444 | @@ -178,18 +178,18 @@ static struct samsung_pll_rate_table pll_s3c2410_12mhz_tbl[] __initdata = { | ||
| 1445 | PLL_35XX_RATE(147000000, 90, 2, 1), | ||
| 1446 | PLL_35XX_RATE(135000000, 82, 2, 1), | ||
| 1447 | PLL_35XX_RATE(124000000, 116, 1, 2), | ||
| 1448 | - PLL_35XX_RATE(118000000, 150, 2, 2), | ||
| 1449 | + PLL_35XX_RATE(118500000, 150, 2, 2), | ||
| 1450 | PLL_35XX_RATE(113000000, 105, 1, 2), | ||
| 1451 | - PLL_35XX_RATE(101000000, 127, 2, 2), | ||
| 1452 | + PLL_35XX_RATE(101250000, 127, 2, 2), | ||
| 1453 | PLL_35XX_RATE(90000000, 112, 2, 2), | ||
| 1454 | - PLL_35XX_RATE(85000000, 105, 2, 2), | ||
| 1455 | + PLL_35XX_RATE(84750000, 105, 2, 2), | ||
| 1456 | PLL_35XX_RATE(79000000, 71, 1, 2), | ||
| 1457 | - PLL_35XX_RATE(68000000, 82, 2, 2), | ||
| 1458 | - PLL_35XX_RATE(56000000, 142, 2, 3), | ||
| 1459 | + PLL_35XX_RATE(67500000, 82, 2, 2), | ||
| 1460 | + PLL_35XX_RATE(56250000, 142, 2, 3), | ||
| 1461 | PLL_35XX_RATE(48000000, 120, 2, 3), | ||
| 1462 | - PLL_35XX_RATE(51000000, 161, 3, 3), | ||
| 1463 | + PLL_35XX_RATE(50700000, 161, 3, 3), | ||
| 1464 | PLL_35XX_RATE(45000000, 82, 1, 3), | ||
| 1465 | - PLL_35XX_RATE(34000000, 82, 2, 3), | ||
| 1466 | + PLL_35XX_RATE(33750000, 82, 2, 3), | ||
| 1467 | { /* sentinel */ }, | ||
| 1468 | }; | ||
| 1469 | |||
| 1470 | diff --git a/drivers/clk/tegra/clk-pll.c b/drivers/clk/tegra/clk-pll.c | ||
| 1471 | index b3855360d6bc..66d1fc7dff58 100644 | ||
| 1472 | --- a/drivers/clk/tegra/clk-pll.c | ||
| 1473 | +++ b/drivers/clk/tegra/clk-pll.c | ||
| 1474 | @@ -1145,6 +1145,8 @@ static const struct clk_ops tegra_clk_pllu_ops = { | ||
| 1475 | .enable = clk_pllu_enable, | ||
| 1476 | .disable = clk_pll_disable, | ||
| 1477 | .recalc_rate = clk_pll_recalc_rate, | ||
| 1478 | + .round_rate = clk_pll_round_rate, | ||
| 1479 | + .set_rate = clk_pll_set_rate, | ||
| 1480 | }; | ||
| 1481 | |||
| 1482 | static int _pll_fixed_mdiv(struct tegra_clk_pll_params *pll_params, | ||
| 1483 | diff --git a/drivers/crypto/sunxi-ss/sun4i-ss-core.c b/drivers/crypto/sunxi-ss/sun4i-ss-core.c | ||
| 1484 | index 3ac6c6c4ad18..16bb66091cf0 100644 | ||
| 1485 | --- a/drivers/crypto/sunxi-ss/sun4i-ss-core.c | ||
| 1486 | +++ b/drivers/crypto/sunxi-ss/sun4i-ss-core.c | ||
| 1487 | @@ -422,6 +422,7 @@ static struct platform_driver sun4i_ss_driver = { | ||
| 1488 | |||
| 1489 | module_platform_driver(sun4i_ss_driver); | ||
| 1490 | |||
| 1491 | +MODULE_ALIAS("platform:sun4i-ss"); | ||
| 1492 | MODULE_DESCRIPTION("Allwinner Security System cryptographic accelerator"); | ||
| 1493 | MODULE_LICENSE("GPL"); | ||
| 1494 | MODULE_AUTHOR("Corentin LABBE <clabbe.montjoie@gmail.com>"); | ||
| 1495 | diff --git a/drivers/media/dvb-core/dmxdev.c b/drivers/media/dvb-core/dmxdev.c | ||
| 1496 | index 7b67e1dd97fd..0418b5a0fb64 100644 | ||
| 1497 | --- a/drivers/media/dvb-core/dmxdev.c | ||
| 1498 | +++ b/drivers/media/dvb-core/dmxdev.c | ||
| 1499 | @@ -1071,7 +1071,7 @@ static int dvb_demux_do_ioctl(struct file *file, | ||
| 1500 | break; | ||
| 1501 | |||
| 1502 | default: | ||
| 1503 | - ret = -EINVAL; | ||
| 1504 | + ret = -ENOTTY; | ||
| 1505 | break; | ||
| 1506 | } | ||
| 1507 | mutex_unlock(&dmxdev->mutex); | ||
| 1508 | diff --git a/drivers/media/pci/cx23885/cx23885-cards.c b/drivers/media/pci/cx23885/cx23885-cards.c | ||
| 1509 | index 99ba8d6328f0..427ece11340b 100644 | ||
| 1510 | --- a/drivers/media/pci/cx23885/cx23885-cards.c | ||
| 1511 | +++ b/drivers/media/pci/cx23885/cx23885-cards.c | ||
| 1512 | @@ -2282,6 +2282,10 @@ void cx23885_card_setup(struct cx23885_dev *dev) | ||
| 1513 | &dev->i2c_bus[2].i2c_adap, | ||
| 1514 | "cx25840", 0x88 >> 1, NULL); | ||
| 1515 | if (dev->sd_cx25840) { | ||
| 1516 | + /* set host data for clk_freq configuration */ | ||
| 1517 | + v4l2_set_subdev_hostdata(dev->sd_cx25840, | ||
| 1518 | + &dev->clk_freq); | ||
| 1519 | + | ||
| 1520 | dev->sd_cx25840->grp_id = CX23885_HW_AV_CORE; | ||
| 1521 | v4l2_subdev_call(dev->sd_cx25840, core, load_fw); | ||
| 1522 | } | ||
| 1523 | diff --git a/drivers/media/pci/cx23885/cx23885-core.c b/drivers/media/pci/cx23885/cx23885-core.c | ||
| 1524 | index c86b1093ab99..dcbb3a260b52 100644 | ||
| 1525 | --- a/drivers/media/pci/cx23885/cx23885-core.c | ||
| 1526 | +++ b/drivers/media/pci/cx23885/cx23885-core.c | ||
| 1527 | @@ -872,6 +872,16 @@ static int cx23885_dev_setup(struct cx23885_dev *dev) | ||
| 1528 | if (cx23885_boards[dev->board].clk_freq > 0) | ||
| 1529 | dev->clk_freq = cx23885_boards[dev->board].clk_freq; | ||
| 1530 | |||
| 1531 | + if (dev->board == CX23885_BOARD_HAUPPAUGE_IMPACTVCBE && | ||
| 1532 | + dev->pci->subsystem_device == 0x7137) { | ||
| 1533 | + /* Hauppauge ImpactVCBe device ID 0x7137 is populated | ||
| 1534 | + * with an 888, and a 25Mhz crystal, instead of the | ||
| 1535 | + * usual third overtone 50Mhz. The default clock rate must | ||
| 1536 | + * be overridden so the cx25840 is properly configured | ||
| 1537 | + */ | ||
| 1538 | + dev->clk_freq = 25000000; | ||
| 1539 | + } | ||
| 1540 | + | ||
| 1541 | dev->pci_bus = dev->pci->bus->number; | ||
| 1542 | dev->pci_slot = PCI_SLOT(dev->pci->devfn); | ||
| 1543 | cx23885_irq_add(dev, 0x001f00); | ||
| 1544 | diff --git a/drivers/media/pci/cx25821/cx25821-core.c b/drivers/media/pci/cx25821/cx25821-core.c | ||
| 1545 | index 9a5f912ca859..0d4cacb93664 100644 | ||
| 1546 | --- a/drivers/media/pci/cx25821/cx25821-core.c | ||
| 1547 | +++ b/drivers/media/pci/cx25821/cx25821-core.c | ||
| 1548 | @@ -871,6 +871,10 @@ static int cx25821_dev_setup(struct cx25821_dev *dev) | ||
| 1549 | dev->nr = ++cx25821_devcount; | ||
| 1550 | sprintf(dev->name, "cx25821[%d]", dev->nr); | ||
| 1551 | |||
| 1552 | + if (dev->nr >= ARRAY_SIZE(card)) { | ||
| 1553 | + CX25821_INFO("dev->nr >= %zd", ARRAY_SIZE(card)); | ||
| 1554 | + return -ENODEV; | ||
| 1555 | + } | ||
| 1556 | if (dev->pci->device != 0x8210) { | ||
| 1557 | pr_info("%s(): Exiting. Incorrect Hardware device = 0x%02x\n", | ||
| 1558 | __func__, dev->pci->device); | ||
| 1559 | @@ -886,9 +890,6 @@ static int cx25821_dev_setup(struct cx25821_dev *dev) | ||
| 1560 | dev->channels[i].sram_channels = &cx25821_sram_channels[i]; | ||
| 1561 | } | ||
| 1562 | |||
| 1563 | - if (dev->nr > 1) | ||
| 1564 | - CX25821_INFO("dev->nr > 1!"); | ||
| 1565 | - | ||
| 1566 | /* board config */ | ||
| 1567 | dev->board = 1; /* card[dev->nr]; */ | ||
| 1568 | dev->_max_num_decoders = MAX_DECODERS; | ||
| 1569 | diff --git a/drivers/media/platform/s3c-camif/camif-capture.c b/drivers/media/platform/s3c-camif/camif-capture.c | ||
| 1570 | index 0413a861a59a..5c9db0910a76 100644 | ||
| 1571 | --- a/drivers/media/platform/s3c-camif/camif-capture.c | ||
| 1572 | +++ b/drivers/media/platform/s3c-camif/camif-capture.c | ||
| 1573 | @@ -1256,16 +1256,17 @@ static void __camif_subdev_try_format(struct camif_dev *camif, | ||
| 1574 | { | ||
| 1575 | const struct s3c_camif_variant *variant = camif->variant; | ||
| 1576 | const struct vp_pix_limits *pix_lim; | ||
| 1577 | - int i = ARRAY_SIZE(camif_mbus_formats); | ||
| 1578 | + unsigned int i; | ||
| 1579 | |||
| 1580 | /* FIXME: constraints against codec or preview path ? */ | ||
| 1581 | pix_lim = &variant->vp_pix_limits[VP_CODEC]; | ||
| 1582 | |||
| 1583 | - while (i-- >= 0) | ||
| 1584 | + for (i = 0; i < ARRAY_SIZE(camif_mbus_formats); i++) | ||
| 1585 | if (camif_mbus_formats[i] == mf->code) | ||
| 1586 | break; | ||
| 1587 | |||
| 1588 | - mf->code = camif_mbus_formats[i]; | ||
| 1589 | + if (i == ARRAY_SIZE(camif_mbus_formats)) | ||
| 1590 | + mf->code = camif_mbus_formats[0]; | ||
| 1591 | |||
| 1592 | if (pad == CAMIF_SD_PAD_SINK) { | ||
| 1593 | v4l_bound_align_image(&mf->width, 8, CAMIF_MAX_PIX_WIDTH, | ||
| 1594 | diff --git a/drivers/media/platform/vivid/vivid-ctrls.c b/drivers/media/platform/vivid/vivid-ctrls.c | ||
| 1595 | index aceb38d9f7e7..b1c37252a6c7 100644 | ||
| 1596 | --- a/drivers/media/platform/vivid/vivid-ctrls.c | ||
| 1597 | +++ b/drivers/media/platform/vivid/vivid-ctrls.c | ||
| 1598 | @@ -1167,6 +1167,7 @@ static int vivid_radio_rx_s_ctrl(struct v4l2_ctrl *ctrl) | ||
| 1599 | v4l2_ctrl_activate(dev->radio_rx_rds_ta, dev->radio_rx_rds_controls); | ||
| 1600 | v4l2_ctrl_activate(dev->radio_rx_rds_tp, dev->radio_rx_rds_controls); | ||
| 1601 | v4l2_ctrl_activate(dev->radio_rx_rds_ms, dev->radio_rx_rds_controls); | ||
| 1602 | + dev->radio_rx_dev.device_caps = dev->radio_rx_caps; | ||
| 1603 | break; | ||
| 1604 | case V4L2_CID_RDS_RECEPTION: | ||
| 1605 | dev->radio_rx_rds_enabled = ctrl->val; | ||
| 1606 | @@ -1241,6 +1242,7 @@ static int vivid_radio_tx_s_ctrl(struct v4l2_ctrl *ctrl) | ||
| 1607 | dev->radio_tx_caps &= ~V4L2_CAP_READWRITE; | ||
| 1608 | if (!dev->radio_tx_rds_controls) | ||
| 1609 | dev->radio_tx_caps |= V4L2_CAP_READWRITE; | ||
| 1610 | + dev->radio_tx_dev.device_caps = dev->radio_tx_caps; | ||
| 1611 | break; | ||
| 1612 | case V4L2_CID_RDS_TX_PTY: | ||
| 1613 | if (dev->radio_rx_rds_controls) | ||
| 1614 | diff --git a/drivers/media/usb/em28xx/em28xx.h b/drivers/media/usb/em28xx/em28xx.h | ||
| 1615 | index d148463b22c1..6bf48a75688e 100644 | ||
| 1616 | --- a/drivers/media/usb/em28xx/em28xx.h | ||
| 1617 | +++ b/drivers/media/usb/em28xx/em28xx.h | ||
| 1618 | @@ -189,7 +189,7 @@ | ||
| 1619 | USB 2.0 spec says bulk packet size is always 512 bytes | ||
| 1620 | */ | ||
| 1621 | #define EM28XX_BULK_PACKET_MULTIPLIER 384 | ||
| 1622 | -#define EM28XX_DVB_BULK_PACKET_MULTIPLIER 384 | ||
| 1623 | +#define EM28XX_DVB_BULK_PACKET_MULTIPLIER 94 | ||
| 1624 | |||
| 1625 | #define EM28XX_INTERLACED_DEFAULT 1 | ||
| 1626 | |||
| 1627 | diff --git a/drivers/media/v4l2-core/videobuf2-vmalloc.c b/drivers/media/v4l2-core/videobuf2-vmalloc.c | ||
| 1628 | index ab3227b75c84..760cbf2ba01a 100644 | ||
| 1629 | --- a/drivers/media/v4l2-core/videobuf2-vmalloc.c | ||
| 1630 | +++ b/drivers/media/v4l2-core/videobuf2-vmalloc.c | ||
| 1631 | @@ -104,7 +104,7 @@ static void *vb2_vmalloc_get_userptr(struct device *dev, unsigned long vaddr, | ||
| 1632 | if (nums[i-1] + 1 != nums[i]) | ||
| 1633 | goto fail_map; | ||
| 1634 | buf->vaddr = (__force void *) | ||
| 1635 | - ioremap_nocache(nums[0] << PAGE_SHIFT, size); | ||
| 1636 | + ioremap_nocache(__pfn_to_phys(nums[0]), size + offset); | ||
| 1637 | } else { | ||
| 1638 | buf->vaddr = vm_map_ram(frame_vector_pages(vec), n_pages, -1, | ||
| 1639 | PAGE_KERNEL); | ||
| 1640 | diff --git a/drivers/message/fusion/mptctl.c b/drivers/message/fusion/mptctl.c | ||
| 1641 | index 02b5f69e1a42..14cf6dfc3b14 100644 | ||
| 1642 | --- a/drivers/message/fusion/mptctl.c | ||
| 1643 | +++ b/drivers/message/fusion/mptctl.c | ||
| 1644 | @@ -2698,6 +2698,8 @@ mptctl_hp_targetinfo(unsigned long arg) | ||
| 1645 | __FILE__, __LINE__, iocnum); | ||
| 1646 | return -ENODEV; | ||
| 1647 | } | ||
| 1648 | + if (karg.hdr.id >= MPT_MAX_FC_DEVICES) | ||
| 1649 | + return -EINVAL; | ||
| 1650 | dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_hp_targetinfo called.\n", | ||
| 1651 | ioc->name)); | ||
| 1652 | |||
| 1653 | diff --git a/drivers/net/ethernet/mellanox/mlx4/main.c b/drivers/net/ethernet/mellanox/mlx4/main.c | ||
| 1654 | index 5411ca48978a..cb7c3ef97134 100644 | ||
| 1655 | --- a/drivers/net/ethernet/mellanox/mlx4/main.c | ||
| 1656 | +++ b/drivers/net/ethernet/mellanox/mlx4/main.c | ||
| 1657 | @@ -2983,6 +2983,7 @@ static int mlx4_init_port_info(struct mlx4_dev *dev, int port) | ||
| 1658 | mlx4_err(dev, "Failed to create file for port %d\n", port); | ||
| 1659 | devlink_port_unregister(&info->devlink_port); | ||
| 1660 | info->port = -1; | ||
| 1661 | + return err; | ||
| 1662 | } | ||
| 1663 | |||
| 1664 | sprintf(info->dev_mtu_name, "mlx4_port%d_mtu", port); | ||
| 1665 | @@ -3004,9 +3005,10 @@ static int mlx4_init_port_info(struct mlx4_dev *dev, int port) | ||
| 1666 | &info->port_attr); | ||
| 1667 | devlink_port_unregister(&info->devlink_port); | ||
| 1668 | info->port = -1; | ||
| 1669 | + return err; | ||
| 1670 | } | ||
| 1671 | |||
| 1672 | - return err; | ||
| 1673 | + return 0; | ||
| 1674 | } | ||
| 1675 | |||
| 1676 | static void mlx4_cleanup_port_info(struct mlx4_port_info *info) | ||
| 1677 | diff --git a/drivers/net/usb/qmi_wwan.c b/drivers/net/usb/qmi_wwan.c | ||
| 1678 | index 3e893fe890a0..8daf5db3d922 100644 | ||
| 1679 | --- a/drivers/net/usb/qmi_wwan.c | ||
| 1680 | +++ b/drivers/net/usb/qmi_wwan.c | ||
| 1681 | @@ -810,6 +810,9 @@ static const struct usb_device_id products[] = { | ||
| 1682 | {QMI_FIXED_INTF(0x0846, 0x68a2, 8)}, | ||
| 1683 | {QMI_FIXED_INTF(0x12d1, 0x140c, 1)}, /* Huawei E173 */ | ||
| 1684 | {QMI_FIXED_INTF(0x12d1, 0x14ac, 1)}, /* Huawei E1820 */ | ||
| 1685 | + {QMI_FIXED_INTF(0x1435, 0xd181, 3)}, /* Wistron NeWeb D18Q1 */ | ||
| 1686 | + {QMI_FIXED_INTF(0x1435, 0xd181, 4)}, /* Wistron NeWeb D18Q1 */ | ||
| 1687 | + {QMI_FIXED_INTF(0x1435, 0xd181, 5)}, /* Wistron NeWeb D18Q1 */ | ||
| 1688 | {QMI_FIXED_INTF(0x16d8, 0x6003, 0)}, /* CMOTech 6003 */ | ||
| 1689 | {QMI_FIXED_INTF(0x16d8, 0x6007, 0)}, /* CMOTech CHE-628S */ | ||
| 1690 | {QMI_FIXED_INTF(0x16d8, 0x6008, 0)}, /* CMOTech CMU-301 */ | ||
| 1691 | @@ -942,6 +945,7 @@ static const struct usb_device_id products[] = { | ||
| 1692 | {QMI_FIXED_INTF(0x413c, 0x81b6, 8)}, /* Dell Wireless 5811e */ | ||
| 1693 | {QMI_FIXED_INTF(0x413c, 0x81b6, 10)}, /* Dell Wireless 5811e */ | ||
| 1694 | {QMI_FIXED_INTF(0x03f0, 0x4e1d, 8)}, /* HP lt4111 LTE/EV-DO/HSPA+ Gobi 4G Module */ | ||
| 1695 | + {QMI_FIXED_INTF(0x03f0, 0x9d1d, 1)}, /* HP lt4120 Snapdragon X5 LTE */ | ||
| 1696 | {QMI_FIXED_INTF(0x22de, 0x9061, 3)}, /* WeTelecom WPD-600N */ | ||
| 1697 | {QMI_FIXED_INTF(0x1e0e, 0x9001, 5)}, /* SIMCom 7230E */ | ||
| 1698 | {QMI_QUIRK_SET_DTR(0x2c7c, 0x0125, 4)}, /* Quectel EC25, EC20 R2.0 Mini PCIe */ | ||
| 1699 | diff --git a/drivers/net/vmxnet3/vmxnet3_drv.c b/drivers/net/vmxnet3/vmxnet3_drv.c | ||
| 1700 | index f809eed0343c..c999b10531c5 100644 | ||
| 1701 | --- a/drivers/net/vmxnet3/vmxnet3_drv.c | ||
| 1702 | +++ b/drivers/net/vmxnet3/vmxnet3_drv.c | ||
| 1703 | @@ -369,6 +369,11 @@ vmxnet3_tq_tx_complete(struct vmxnet3_tx_queue *tq, | ||
| 1704 | |||
| 1705 | gdesc = tq->comp_ring.base + tq->comp_ring.next2proc; | ||
| 1706 | while (VMXNET3_TCD_GET_GEN(&gdesc->tcd) == tq->comp_ring.gen) { | ||
| 1707 | + /* Prevent any &gdesc->tcd field from being (speculatively) | ||
| 1708 | + * read before (&gdesc->tcd)->gen is read. | ||
| 1709 | + */ | ||
| 1710 | + dma_rmb(); | ||
| 1711 | + | ||
| 1712 | completed += vmxnet3_unmap_pkt(VMXNET3_TCD_GET_TXIDX( | ||
| 1713 | &gdesc->tcd), tq, adapter->pdev, | ||
| 1714 | adapter); | ||
| 1715 | @@ -1099,6 +1104,11 @@ vmxnet3_tq_xmit(struct sk_buff *skb, struct vmxnet3_tx_queue *tq, | ||
| 1716 | gdesc->txd.tci = skb_vlan_tag_get(skb); | ||
| 1717 | } | ||
| 1718 | |||
| 1719 | + /* Ensure that the write to (&gdesc->txd)->gen will be observed after | ||
| 1720 | + * all other writes to &gdesc->txd. | ||
| 1721 | + */ | ||
| 1722 | + dma_wmb(); | ||
| 1723 | + | ||
| 1724 | /* finally flips the GEN bit of the SOP desc. */ | ||
| 1725 | gdesc->dword[2] = cpu_to_le32(le32_to_cpu(gdesc->dword[2]) ^ | ||
| 1726 | VMXNET3_TXD_GEN); | ||
| 1727 | @@ -1286,6 +1296,12 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, | ||
| 1728 | */ | ||
| 1729 | break; | ||
| 1730 | } | ||
| 1731 | + | ||
| 1732 | + /* Prevent any rcd field from being (speculatively) read before | ||
| 1733 | + * rcd->gen is read. | ||
| 1734 | + */ | ||
| 1735 | + dma_rmb(); | ||
| 1736 | + | ||
| 1737 | BUG_ON(rcd->rqID != rq->qid && rcd->rqID != rq->qid2 && | ||
| 1738 | rcd->rqID != rq->dataRingQid); | ||
| 1739 | idx = rcd->rxdIdx; | ||
| 1740 | @@ -1515,6 +1531,12 @@ vmxnet3_rq_rx_complete(struct vmxnet3_rx_queue *rq, | ||
| 1741 | ring->next2comp = idx; | ||
| 1742 | num_to_alloc = vmxnet3_cmd_ring_desc_avail(ring); | ||
| 1743 | ring = rq->rx_ring + ring_idx; | ||
| 1744 | + | ||
| 1745 | + /* Ensure that the writes to rxd->gen bits will be observed | ||
| 1746 | + * after all other writes to rxd objects. | ||
| 1747 | + */ | ||
| 1748 | + dma_wmb(); | ||
| 1749 | + | ||
| 1750 | while (num_to_alloc) { | ||
| 1751 | vmxnet3_getRxDesc(rxd, &ring->base[ring->next2fill].rxd, | ||
| 1752 | &rxCmdDesc); | ||
| 1753 | @@ -2675,7 +2697,7 @@ vmxnet3_set_mac_addr(struct net_device *netdev, void *p) | ||
| 1754 | /* ==================== initialization and cleanup routines ============ */ | ||
| 1755 | |||
| 1756 | static int | ||
| 1757 | -vmxnet3_alloc_pci_resources(struct vmxnet3_adapter *adapter, bool *dma64) | ||
| 1758 | +vmxnet3_alloc_pci_resources(struct vmxnet3_adapter *adapter) | ||
| 1759 | { | ||
| 1760 | int err; | ||
| 1761 | unsigned long mmio_start, mmio_len; | ||
| 1762 | @@ -2687,30 +2709,12 @@ vmxnet3_alloc_pci_resources(struct vmxnet3_adapter *adapter, bool *dma64) | ||
| 1763 | return err; | ||
| 1764 | } | ||
| 1765 | |||
| 1766 | - if (pci_set_dma_mask(pdev, DMA_BIT_MASK(64)) == 0) { | ||
| 1767 | - if (pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(64)) != 0) { | ||
| 1768 | - dev_err(&pdev->dev, | ||
| 1769 | - "pci_set_consistent_dma_mask failed\n"); | ||
| 1770 | - err = -EIO; | ||
| 1771 | - goto err_set_mask; | ||
| 1772 | - } | ||
| 1773 | - *dma64 = true; | ||
| 1774 | - } else { | ||
| 1775 | - if (pci_set_dma_mask(pdev, DMA_BIT_MASK(32)) != 0) { | ||
| 1776 | - dev_err(&pdev->dev, | ||
| 1777 | - "pci_set_dma_mask failed\n"); | ||
| 1778 | - err = -EIO; | ||
| 1779 | - goto err_set_mask; | ||
| 1780 | - } | ||
| 1781 | - *dma64 = false; | ||
| 1782 | - } | ||
| 1783 | - | ||
| 1784 | err = pci_request_selected_regions(pdev, (1 << 2) - 1, | ||
| 1785 | vmxnet3_driver_name); | ||
| 1786 | if (err) { | ||
| 1787 | dev_err(&pdev->dev, | ||
| 1788 | "Failed to request region for adapter: error %d\n", err); | ||
| 1789 | - goto err_set_mask; | ||
| 1790 | + goto err_enable_device; | ||
| 1791 | } | ||
| 1792 | |||
| 1793 | pci_set_master(pdev); | ||
| 1794 | @@ -2738,7 +2742,7 @@ vmxnet3_alloc_pci_resources(struct vmxnet3_adapter *adapter, bool *dma64) | ||
| 1795 | iounmap(adapter->hw_addr0); | ||
| 1796 | err_ioremap: | ||
| 1797 | pci_release_selected_regions(pdev, (1 << 2) - 1); | ||
| 1798 | -err_set_mask: | ||
| 1799 | +err_enable_device: | ||
| 1800 | pci_disable_device(pdev); | ||
| 1801 | return err; | ||
| 1802 | } | ||
| 1803 | @@ -3246,7 +3250,7 @@ vmxnet3_probe_device(struct pci_dev *pdev, | ||
| 1804 | #endif | ||
| 1805 | }; | ||
| 1806 | int err; | ||
| 1807 | - bool dma64 = false; /* stupid gcc */ | ||
| 1808 | + bool dma64; | ||
| 1809 | u32 ver; | ||
| 1810 | struct net_device *netdev; | ||
| 1811 | struct vmxnet3_adapter *adapter; | ||
| 1812 | @@ -3292,6 +3296,24 @@ vmxnet3_probe_device(struct pci_dev *pdev, | ||
| 1813 | adapter->rx_ring_size = VMXNET3_DEF_RX_RING_SIZE; | ||
| 1814 | adapter->rx_ring2_size = VMXNET3_DEF_RX_RING2_SIZE; | ||
| 1815 | |||
| 1816 | + if (pci_set_dma_mask(pdev, DMA_BIT_MASK(64)) == 0) { | ||
| 1817 | + if (pci_set_consistent_dma_mask(pdev, DMA_BIT_MASK(64)) != 0) { | ||
| 1818 | + dev_err(&pdev->dev, | ||
| 1819 | + "pci_set_consistent_dma_mask failed\n"); | ||
| 1820 | + err = -EIO; | ||
| 1821 | + goto err_set_mask; | ||
| 1822 | + } | ||
| 1823 | + dma64 = true; | ||
| 1824 | + } else { | ||
| 1825 | + if (pci_set_dma_mask(pdev, DMA_BIT_MASK(32)) != 0) { | ||
| 1826 | + dev_err(&pdev->dev, | ||
| 1827 | + "pci_set_dma_mask failed\n"); | ||
| 1828 | + err = -EIO; | ||
| 1829 | + goto err_set_mask; | ||
| 1830 | + } | ||
| 1831 | + dma64 = false; | ||
| 1832 | + } | ||
| 1833 | + | ||
| 1834 | spin_lock_init(&adapter->cmd_lock); | ||
| 1835 | adapter->adapter_pa = dma_map_single(&adapter->pdev->dev, adapter, | ||
| 1836 | sizeof(struct vmxnet3_adapter), | ||
| 1837 | @@ -3299,7 +3321,7 @@ vmxnet3_probe_device(struct pci_dev *pdev, | ||
| 1838 | if (dma_mapping_error(&adapter->pdev->dev, adapter->adapter_pa)) { | ||
| 1839 | dev_err(&pdev->dev, "Failed to map dma\n"); | ||
| 1840 | err = -EFAULT; | ||
| 1841 | - goto err_dma_map; | ||
| 1842 | + goto err_set_mask; | ||
| 1843 | } | ||
| 1844 | adapter->shared = dma_alloc_coherent( | ||
| 1845 | &adapter->pdev->dev, | ||
| 1846 | @@ -3350,7 +3372,7 @@ vmxnet3_probe_device(struct pci_dev *pdev, | ||
| 1847 | } | ||
| 1848 | #endif /* VMXNET3_RSS */ | ||
| 1849 | |||
| 1850 | - err = vmxnet3_alloc_pci_resources(adapter, &dma64); | ||
| 1851 | + err = vmxnet3_alloc_pci_resources(adapter); | ||
| 1852 | if (err < 0) | ||
| 1853 | goto err_alloc_pci; | ||
| 1854 | |||
| 1855 | @@ -3492,7 +3514,7 @@ vmxnet3_probe_device(struct pci_dev *pdev, | ||
| 1856 | err_alloc_shared: | ||
| 1857 | dma_unmap_single(&adapter->pdev->dev, adapter->adapter_pa, | ||
| 1858 | sizeof(struct vmxnet3_adapter), PCI_DMA_TODEVICE); | ||
| 1859 | -err_dma_map: | ||
| 1860 | +err_set_mask: | ||
| 1861 | free_netdev(netdev); | ||
| 1862 | return err; | ||
| 1863 | } | ||
| 1864 | diff --git a/drivers/rtc/hctosys.c b/drivers/rtc/hctosys.c | ||
| 1865 | index e1cfa06810ef..e79f2a181ad2 100644 | ||
| 1866 | --- a/drivers/rtc/hctosys.c | ||
| 1867 | +++ b/drivers/rtc/hctosys.c | ||
| 1868 | @@ -49,6 +49,11 @@ static int __init rtc_hctosys(void) | ||
| 1869 | |||
| 1870 | tv64.tv_sec = rtc_tm_to_time64(&tm); | ||
| 1871 | |||
| 1872 | +#if BITS_PER_LONG == 32 | ||
| 1873 | + if (tv64.tv_sec > INT_MAX) | ||
| 1874 | + goto err_read; | ||
| 1875 | +#endif | ||
| 1876 | + | ||
| 1877 | err = do_settimeofday64(&tv64); | ||
| 1878 | |||
| 1879 | dev_info(rtc->dev.parent, | ||
| 1880 | diff --git a/drivers/rtc/rtc-snvs.c b/drivers/rtc/rtc-snvs.c | ||
| 1881 | index a753ef9c1459..3e8fd33c2576 100644 | ||
| 1882 | --- a/drivers/rtc/rtc-snvs.c | ||
| 1883 | +++ b/drivers/rtc/rtc-snvs.c | ||
| 1884 | @@ -132,20 +132,23 @@ static int snvs_rtc_set_time(struct device *dev, struct rtc_time *tm) | ||
| 1885 | { | ||
| 1886 | struct snvs_rtc_data *data = dev_get_drvdata(dev); | ||
| 1887 | unsigned long time; | ||
| 1888 | + int ret; | ||
| 1889 | |||
| 1890 | rtc_tm_to_time(tm, &time); | ||
| 1891 | |||
| 1892 | /* Disable RTC first */ | ||
| 1893 | - snvs_rtc_enable(data, false); | ||
| 1894 | + ret = snvs_rtc_enable(data, false); | ||
| 1895 | + if (ret) | ||
| 1896 | + return ret; | ||
| 1897 | |||
| 1898 | /* Write 32-bit time to 47-bit timer, leaving 15 LSBs blank */ | ||
| 1899 | regmap_write(data->regmap, data->offset + SNVS_LPSRTCLR, time << CNTR_TO_SECS_SH); | ||
| 1900 | regmap_write(data->regmap, data->offset + SNVS_LPSRTCMR, time >> (32 - CNTR_TO_SECS_SH)); | ||
| 1901 | |||
| 1902 | /* Enable RTC again */ | ||
| 1903 | - snvs_rtc_enable(data, true); | ||
| 1904 | + ret = snvs_rtc_enable(data, true); | ||
| 1905 | |||
| 1906 | - return 0; | ||
| 1907 | + return ret; | ||
| 1908 | } | ||
| 1909 | |||
| 1910 | static int snvs_rtc_read_alarm(struct device *dev, struct rtc_wkalrm *alrm) | ||
| 1911 | @@ -287,7 +290,11 @@ static int snvs_rtc_probe(struct platform_device *pdev) | ||
| 1912 | regmap_write(data->regmap, data->offset + SNVS_LPSR, 0xffffffff); | ||
| 1913 | |||
| 1914 | /* Enable RTC */ | ||
| 1915 | - snvs_rtc_enable(data, true); | ||
| 1916 | + ret = snvs_rtc_enable(data, true); | ||
| 1917 | + if (ret) { | ||
| 1918 | + dev_err(&pdev->dev, "failed to enable rtc %d\n", ret); | ||
| 1919 | + goto error_rtc_device_register; | ||
| 1920 | + } | ||
| 1921 | |||
| 1922 | device_init_wakeup(&pdev->dev, true); | ||
| 1923 | |||
| 1924 | diff --git a/drivers/rtc/rtc-tx4939.c b/drivers/rtc/rtc-tx4939.c | ||
| 1925 | index 560d9a5e0225..a9528083061d 100644 | ||
| 1926 | --- a/drivers/rtc/rtc-tx4939.c | ||
| 1927 | +++ b/drivers/rtc/rtc-tx4939.c | ||
| 1928 | @@ -86,7 +86,8 @@ static int tx4939_rtc_read_time(struct device *dev, struct rtc_time *tm) | ||
| 1929 | for (i = 2; i < 6; i++) | ||
| 1930 | buf[i] = __raw_readl(&rtcreg->dat); | ||
| 1931 | spin_unlock_irq(&pdata->lock); | ||
| 1932 | - sec = (buf[5] << 24) | (buf[4] << 16) | (buf[3] << 8) | buf[2]; | ||
| 1933 | + sec = ((unsigned long)buf[5] << 24) | (buf[4] << 16) | | ||
| 1934 | + (buf[3] << 8) | buf[2]; | ||
| 1935 | rtc_time_to_tm(sec, tm); | ||
| 1936 | return rtc_valid_tm(tm); | ||
| 1937 | } | ||
| 1938 | @@ -147,7 +148,8 @@ static int tx4939_rtc_read_alarm(struct device *dev, struct rtc_wkalrm *alrm) | ||
| 1939 | alrm->enabled = (ctl & TX4939_RTCCTL_ALME) ? 1 : 0; | ||
| 1940 | alrm->pending = (ctl & TX4939_RTCCTL_ALMD) ? 1 : 0; | ||
| 1941 | spin_unlock_irq(&pdata->lock); | ||
| 1942 | - sec = (buf[5] << 24) | (buf[4] << 16) | (buf[3] << 8) | buf[2]; | ||
| 1943 | + sec = ((unsigned long)buf[5] << 24) | (buf[4] << 16) | | ||
| 1944 | + (buf[3] << 8) | buf[2]; | ||
| 1945 | rtc_time_to_tm(sec, &alrm->time); | ||
| 1946 | return rtc_valid_tm(&alrm->time); | ||
| 1947 | } | ||
| 1948 | diff --git a/drivers/s390/scsi/zfcp_dbf.c b/drivers/s390/scsi/zfcp_dbf.c | ||
| 1949 | index 34367d172961..4534a7ce77b8 100644 | ||
| 1950 | --- a/drivers/s390/scsi/zfcp_dbf.c | ||
| 1951 | +++ b/drivers/s390/scsi/zfcp_dbf.c | ||
| 1952 | @@ -3,7 +3,7 @@ | ||
| 1953 | * | ||
| 1954 | * Debug traces for zfcp. | ||
| 1955 | * | ||
| 1956 | - * Copyright IBM Corp. 2002, 2017 | ||
| 1957 | + * Copyright IBM Corp. 2002, 2018 | ||
| 1958 | */ | ||
| 1959 | |||
| 1960 | #define KMSG_COMPONENT "zfcp" | ||
| 1961 | @@ -287,6 +287,27 @@ void zfcp_dbf_rec_trig(char *tag, struct zfcp_adapter *adapter, | ||
| 1962 | spin_unlock_irqrestore(&dbf->rec_lock, flags); | ||
| 1963 | } | ||
| 1964 | |||
| 1965 | +/** | ||
| 1966 | + * zfcp_dbf_rec_trig_lock - trace event related to triggered recovery with lock | ||
| 1967 | + * @tag: identifier for event | ||
| 1968 | + * @adapter: adapter on which the erp_action should run | ||
| 1969 | + * @port: remote port involved in the erp_action | ||
| 1970 | + * @sdev: scsi device involved in the erp_action | ||
| 1971 | + * @want: wanted erp_action | ||
| 1972 | + * @need: required erp_action | ||
| 1973 | + * | ||
| 1974 | + * The adapter->erp_lock must not be held. | ||
| 1975 | + */ | ||
| 1976 | +void zfcp_dbf_rec_trig_lock(char *tag, struct zfcp_adapter *adapter, | ||
| 1977 | + struct zfcp_port *port, struct scsi_device *sdev, | ||
| 1978 | + u8 want, u8 need) | ||
| 1979 | +{ | ||
| 1980 | + unsigned long flags; | ||
| 1981 | + | ||
| 1982 | + read_lock_irqsave(&adapter->erp_lock, flags); | ||
| 1983 | + zfcp_dbf_rec_trig(tag, adapter, port, sdev, want, need); | ||
| 1984 | + read_unlock_irqrestore(&adapter->erp_lock, flags); | ||
| 1985 | +} | ||
| 1986 | |||
| 1987 | /** | ||
| 1988 | * zfcp_dbf_rec_run_lvl - trace event related to running recovery | ||
| 1989 | diff --git a/drivers/s390/scsi/zfcp_ext.h b/drivers/s390/scsi/zfcp_ext.h | ||
| 1990 | index 21c8c689b02b..7a7984a50683 100644 | ||
| 1991 | --- a/drivers/s390/scsi/zfcp_ext.h | ||
| 1992 | +++ b/drivers/s390/scsi/zfcp_ext.h | ||
| 1993 | @@ -3,7 +3,7 @@ | ||
| 1994 | * | ||
| 1995 | * External function declarations. | ||
| 1996 | * | ||
| 1997 | - * Copyright IBM Corp. 2002, 2016 | ||
| 1998 | + * Copyright IBM Corp. 2002, 2018 | ||
| 1999 | */ | ||
| 2000 | |||
| 2001 | #ifndef ZFCP_EXT_H | ||
| 2002 | @@ -34,6 +34,9 @@ extern int zfcp_dbf_adapter_register(struct zfcp_adapter *); | ||
| 2003 | extern void zfcp_dbf_adapter_unregister(struct zfcp_adapter *); | ||
| 2004 | extern void zfcp_dbf_rec_trig(char *, struct zfcp_adapter *, | ||
| 2005 | struct zfcp_port *, struct scsi_device *, u8, u8); | ||
| 2006 | +extern void zfcp_dbf_rec_trig_lock(char *tag, struct zfcp_adapter *adapter, | ||
| 2007 | + struct zfcp_port *port, | ||
| 2008 | + struct scsi_device *sdev, u8 want, u8 need); | ||
| 2009 | extern void zfcp_dbf_rec_run(char *, struct zfcp_erp_action *); | ||
| 2010 | extern void zfcp_dbf_rec_run_lvl(int level, char *tag, | ||
| 2011 | struct zfcp_erp_action *erp); | ||
| 2012 | diff --git a/drivers/s390/scsi/zfcp_scsi.c b/drivers/s390/scsi/zfcp_scsi.c | ||
| 2013 | index a9b8104b982e..bb99db2948ab 100644 | ||
| 2014 | --- a/drivers/s390/scsi/zfcp_scsi.c | ||
| 2015 | +++ b/drivers/s390/scsi/zfcp_scsi.c | ||
| 2016 | @@ -3,7 +3,7 @@ | ||
| 2017 | * | ||
| 2018 | * Interface to Linux SCSI midlayer. | ||
| 2019 | * | ||
| 2020 | - * Copyright IBM Corp. 2002, 2017 | ||
| 2021 | + * Copyright IBM Corp. 2002, 2018 | ||
| 2022 | */ | ||
| 2023 | |||
| 2024 | #define KMSG_COMPONENT "zfcp" | ||
| 2025 | @@ -616,9 +616,9 @@ static void zfcp_scsi_rport_register(struct zfcp_port *port) | ||
| 2026 | ids.port_id = port->d_id; | ||
| 2027 | ids.roles = FC_RPORT_ROLE_FCP_TARGET; | ||
| 2028 | |||
| 2029 | - zfcp_dbf_rec_trig("scpaddy", port->adapter, port, NULL, | ||
| 2030 | - ZFCP_PSEUDO_ERP_ACTION_RPORT_ADD, | ||
| 2031 | - ZFCP_PSEUDO_ERP_ACTION_RPORT_ADD); | ||
| 2032 | + zfcp_dbf_rec_trig_lock("scpaddy", port->adapter, port, NULL, | ||
| 2033 | + ZFCP_PSEUDO_ERP_ACTION_RPORT_ADD, | ||
| 2034 | + ZFCP_PSEUDO_ERP_ACTION_RPORT_ADD); | ||
| 2035 | rport = fc_remote_port_add(port->adapter->scsi_host, 0, &ids); | ||
| 2036 | if (!rport) { | ||
| 2037 | dev_err(&port->adapter->ccw_device->dev, | ||
| 2038 | @@ -640,9 +640,9 @@ static void zfcp_scsi_rport_block(struct zfcp_port *port) | ||
| 2039 | struct fc_rport *rport = port->rport; | ||
| 2040 | |||
| 2041 | if (rport) { | ||
| 2042 | - zfcp_dbf_rec_trig("scpdely", port->adapter, port, NULL, | ||
| 2043 | - ZFCP_PSEUDO_ERP_ACTION_RPORT_DEL, | ||
| 2044 | - ZFCP_PSEUDO_ERP_ACTION_RPORT_DEL); | ||
| 2045 | + zfcp_dbf_rec_trig_lock("scpdely", port->adapter, port, NULL, | ||
| 2046 | + ZFCP_PSEUDO_ERP_ACTION_RPORT_DEL, | ||
| 2047 | + ZFCP_PSEUDO_ERP_ACTION_RPORT_DEL); | ||
| 2048 | fc_remote_port_delete(rport); | ||
| 2049 | port->rport = NULL; | ||
| 2050 | } | ||
| 2051 | diff --git a/drivers/scsi/aacraid/commsup.c b/drivers/scsi/aacraid/commsup.c | ||
| 2052 | index e2962f15c189..fe670b696251 100644 | ||
| 2053 | --- a/drivers/scsi/aacraid/commsup.c | ||
| 2054 | +++ b/drivers/scsi/aacraid/commsup.c | ||
| 2055 | @@ -1374,9 +1374,10 @@ static int _aac_reset_adapter(struct aac_dev *aac, int forced) | ||
| 2056 | host = aac->scsi_host_ptr; | ||
| 2057 | scsi_block_requests(host); | ||
| 2058 | aac_adapter_disable_int(aac); | ||
| 2059 | - if (aac->thread->pid != current->pid) { | ||
| 2060 | + if (aac->thread && aac->thread->pid != current->pid) { | ||
| 2061 | spin_unlock_irq(host->host_lock); | ||
| 2062 | kthread_stop(aac->thread); | ||
| 2063 | + aac->thread = NULL; | ||
| 2064 | jafo = 1; | ||
| 2065 | } | ||
| 2066 | |||
| 2067 | @@ -1445,6 +1446,7 @@ static int _aac_reset_adapter(struct aac_dev *aac, int forced) | ||
| 2068 | aac->name); | ||
| 2069 | if (IS_ERR(aac->thread)) { | ||
| 2070 | retval = PTR_ERR(aac->thread); | ||
| 2071 | + aac->thread = NULL; | ||
| 2072 | goto out; | ||
| 2073 | } | ||
| 2074 | } | ||
| 2075 | diff --git a/drivers/scsi/aacraid/linit.c b/drivers/scsi/aacraid/linit.c | ||
| 2076 | index d5b26fa541d3..ad902a6e7c12 100644 | ||
| 2077 | --- a/drivers/scsi/aacraid/linit.c | ||
| 2078 | +++ b/drivers/scsi/aacraid/linit.c | ||
| 2079 | @@ -1083,6 +1083,7 @@ static void __aac_shutdown(struct aac_dev * aac) | ||
| 2080 | up(&fib->event_wait); | ||
| 2081 | } | ||
| 2082 | kthread_stop(aac->thread); | ||
| 2083 | + aac->thread = NULL; | ||
| 2084 | } | ||
| 2085 | aac_adapter_disable_int(aac); | ||
| 2086 | cpu = cpumask_first(cpu_online_mask); | ||
| 2087 | @@ -1203,8 +1204,10 @@ static int aac_probe_one(struct pci_dev *pdev, const struct pci_device_id *id) | ||
| 2088 | * Map in the registers from the adapter. | ||
| 2089 | */ | ||
| 2090 | aac->base_size = AAC_MIN_FOOTPRINT_SIZE; | ||
| 2091 | - if ((*aac_drivers[index].init)(aac)) | ||
| 2092 | + if ((*aac_drivers[index].init)(aac)) { | ||
| 2093 | + error = -ENODEV; | ||
| 2094 | goto out_unmap; | ||
| 2095 | + } | ||
| 2096 | |||
| 2097 | if (aac->sync_mode) { | ||
| 2098 | if (aac_sync_mode) | ||
| 2099 | diff --git a/drivers/scsi/arm/fas216.c b/drivers/scsi/arm/fas216.c | ||
| 2100 | index 24388795ee9a..936e8c735656 100644 | ||
| 2101 | --- a/drivers/scsi/arm/fas216.c | ||
| 2102 | +++ b/drivers/scsi/arm/fas216.c | ||
| 2103 | @@ -2011,7 +2011,7 @@ static void fas216_rq_sns_done(FAS216_Info *info, struct scsi_cmnd *SCpnt, | ||
| 2104 | * have valid data in the sense buffer that could | ||
| 2105 | * confuse the higher levels. | ||
| 2106 | */ | ||
| 2107 | - memset(SCpnt->sense_buffer, 0, sizeof(SCpnt->sense_buffer)); | ||
| 2108 | + memset(SCpnt->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE); | ||
| 2109 | //printk("scsi%d.%c: sense buffer: ", info->host->host_no, '0' + SCpnt->device->id); | ||
| 2110 | //{ int i; for (i = 0; i < 32; i++) printk("%02x ", SCpnt->sense_buffer[i]); printk("\n"); } | ||
| 2111 | /* | ||
| 2112 | diff --git a/drivers/scsi/bnx2fc/bnx2fc_io.c b/drivers/scsi/bnx2fc/bnx2fc_io.c | ||
| 2113 | index f501095f91ac..bd39590d81c4 100644 | ||
| 2114 | --- a/drivers/scsi/bnx2fc/bnx2fc_io.c | ||
| 2115 | +++ b/drivers/scsi/bnx2fc/bnx2fc_io.c | ||
| 2116 | @@ -1869,6 +1869,7 @@ void bnx2fc_process_scsi_cmd_compl(struct bnx2fc_cmd *io_req, | ||
| 2117 | /* we will not receive ABTS response for this IO */ | ||
| 2118 | BNX2FC_IO_DBG(io_req, "Timer context finished processing " | ||
| 2119 | "this scsi cmd\n"); | ||
| 2120 | + return; | ||
| 2121 | } | ||
| 2122 | |||
| 2123 | /* Cancel the timeout_work, as we received IO completion */ | ||
| 2124 | diff --git a/drivers/scsi/libsas/sas_scsi_host.c b/drivers/scsi/libsas/sas_scsi_host.c | ||
| 2125 | index 519dac4e341e..9a8c2f97ed70 100644 | ||
| 2126 | --- a/drivers/scsi/libsas/sas_scsi_host.c | ||
| 2127 | +++ b/drivers/scsi/libsas/sas_scsi_host.c | ||
| 2128 | @@ -222,6 +222,7 @@ int sas_queuecommand(struct Scsi_Host *host, struct scsi_cmnd *cmd) | ||
| 2129 | static void sas_eh_finish_cmd(struct scsi_cmnd *cmd) | ||
| 2130 | { | ||
| 2131 | struct sas_ha_struct *sas_ha = SHOST_TO_SAS_HA(cmd->device->host); | ||
| 2132 | + struct domain_device *dev = cmd_to_domain_dev(cmd); | ||
| 2133 | struct sas_task *task = TO_SAS_TASK(cmd); | ||
| 2134 | |||
| 2135 | /* At this point, we only get called following an actual abort | ||
| 2136 | @@ -230,6 +231,14 @@ static void sas_eh_finish_cmd(struct scsi_cmnd *cmd) | ||
| 2137 | */ | ||
| 2138 | sas_end_task(cmd, task); | ||
| 2139 | |||
| 2140 | + if (dev_is_sata(dev)) { | ||
| 2141 | + /* defer commands to libata so that libata EH can | ||
| 2142 | + * handle ata qcs correctly | ||
| 2143 | + */ | ||
| 2144 | + list_move_tail(&cmd->eh_entry, &sas_ha->eh_ata_q); | ||
| 2145 | + return; | ||
| 2146 | + } | ||
| 2147 | + | ||
| 2148 | /* now finish the command and move it on to the error | ||
| 2149 | * handler done list, this also takes it off the | ||
| 2150 | * error handler pending list. | ||
| 2151 | @@ -237,22 +246,6 @@ static void sas_eh_finish_cmd(struct scsi_cmnd *cmd) | ||
| 2152 | scsi_eh_finish_cmd(cmd, &sas_ha->eh_done_q); | ||
| 2153 | } | ||
| 2154 | |||
| 2155 | -static void sas_eh_defer_cmd(struct scsi_cmnd *cmd) | ||
| 2156 | -{ | ||
| 2157 | - struct domain_device *dev = cmd_to_domain_dev(cmd); | ||
| 2158 | - struct sas_ha_struct *ha = dev->port->ha; | ||
| 2159 | - struct sas_task *task = TO_SAS_TASK(cmd); | ||
| 2160 | - | ||
| 2161 | - if (!dev_is_sata(dev)) { | ||
| 2162 | - sas_eh_finish_cmd(cmd); | ||
| 2163 | - return; | ||
| 2164 | - } | ||
| 2165 | - | ||
| 2166 | - /* report the timeout to libata */ | ||
| 2167 | - sas_end_task(cmd, task); | ||
| 2168 | - list_move_tail(&cmd->eh_entry, &ha->eh_ata_q); | ||
| 2169 | -} | ||
| 2170 | - | ||
| 2171 | static void sas_scsi_clear_queue_lu(struct list_head *error_q, struct scsi_cmnd *my_cmd) | ||
| 2172 | { | ||
| 2173 | struct scsi_cmnd *cmd, *n; | ||
| 2174 | @@ -260,7 +253,7 @@ static void sas_scsi_clear_queue_lu(struct list_head *error_q, struct scsi_cmnd | ||
| 2175 | list_for_each_entry_safe(cmd, n, error_q, eh_entry) { | ||
| 2176 | if (cmd->device->sdev_target == my_cmd->device->sdev_target && | ||
| 2177 | cmd->device->lun == my_cmd->device->lun) | ||
| 2178 | - sas_eh_defer_cmd(cmd); | ||
| 2179 | + sas_eh_finish_cmd(cmd); | ||
| 2180 | } | ||
| 2181 | } | ||
| 2182 | |||
| 2183 | @@ -622,12 +615,12 @@ static void sas_eh_handle_sas_errors(struct Scsi_Host *shost, struct list_head * | ||
| 2184 | case TASK_IS_DONE: | ||
| 2185 | SAS_DPRINTK("%s: task 0x%p is done\n", __func__, | ||
| 2186 | task); | ||
| 2187 | - sas_eh_defer_cmd(cmd); | ||
| 2188 | + sas_eh_finish_cmd(cmd); | ||
| 2189 | continue; | ||
| 2190 | case TASK_IS_ABORTED: | ||
| 2191 | SAS_DPRINTK("%s: task 0x%p is aborted\n", | ||
| 2192 | __func__, task); | ||
| 2193 | - sas_eh_defer_cmd(cmd); | ||
| 2194 | + sas_eh_finish_cmd(cmd); | ||
| 2195 | continue; | ||
| 2196 | case TASK_IS_AT_LU: | ||
| 2197 | SAS_DPRINTK("task 0x%p is at LU: lu recover\n", task); | ||
| 2198 | @@ -638,7 +631,7 @@ static void sas_eh_handle_sas_errors(struct Scsi_Host *shost, struct list_head * | ||
| 2199 | "recovered\n", | ||
| 2200 | SAS_ADDR(task->dev), | ||
| 2201 | cmd->device->lun); | ||
| 2202 | - sas_eh_defer_cmd(cmd); | ||
| 2203 | + sas_eh_finish_cmd(cmd); | ||
| 2204 | sas_scsi_clear_queue_lu(work_q, cmd); | ||
| 2205 | goto Again; | ||
| 2206 | } | ||
| 2207 | diff --git a/drivers/scsi/lpfc/lpfc_attr.c b/drivers/scsi/lpfc/lpfc_attr.c | ||
| 2208 | index 453299095847..cf15b9754402 100644 | ||
| 2209 | --- a/drivers/scsi/lpfc/lpfc_attr.c | ||
| 2210 | +++ b/drivers/scsi/lpfc/lpfc_attr.c | ||
| 2211 | @@ -635,7 +635,12 @@ lpfc_issue_lip(struct Scsi_Host *shost) | ||
| 2212 | LPFC_MBOXQ_t *pmboxq; | ||
| 2213 | int mbxstatus = MBXERR_ERROR; | ||
| 2214 | |||
| 2215 | + /* | ||
| 2216 | + * If the link is offline, disabled or BLOCK_MGMT_IO | ||
| 2217 | + * it doesn't make any sense to allow issue_lip | ||
| 2218 | + */ | ||
| 2219 | if ((vport->fc_flag & FC_OFFLINE_MODE) || | ||
| 2220 | + (phba->hba_flag & LINK_DISABLED) || | ||
| 2221 | (phba->sli.sli_flag & LPFC_BLOCK_MGMT_IO)) | ||
| 2222 | return -EPERM; | ||
| 2223 | |||
| 2224 | diff --git a/drivers/scsi/lpfc/lpfc_hbadisc.c b/drivers/scsi/lpfc/lpfc_hbadisc.c | ||
| 2225 | index 7d2ad633b6bc..81736457328a 100644 | ||
| 2226 | --- a/drivers/scsi/lpfc/lpfc_hbadisc.c | ||
| 2227 | +++ b/drivers/scsi/lpfc/lpfc_hbadisc.c | ||
| 2228 | @@ -690,8 +690,9 @@ lpfc_work_done(struct lpfc_hba *phba) | ||
| 2229 | (phba->hba_flag & HBA_SP_QUEUE_EVT)) { | ||
| 2230 | if (pring->flag & LPFC_STOP_IOCB_EVENT) { | ||
| 2231 | pring->flag |= LPFC_DEFERRED_RING_EVENT; | ||
| 2232 | - /* Set the lpfc data pending flag */ | ||
| 2233 | - set_bit(LPFC_DATA_READY, &phba->data_flags); | ||
| 2234 | + /* Preserve legacy behavior. */ | ||
| 2235 | + if (!(phba->hba_flag & HBA_SP_QUEUE_EVT)) | ||
| 2236 | + set_bit(LPFC_DATA_READY, &phba->data_flags); | ||
| 2237 | } else { | ||
| 2238 | if (phba->link_state >= LPFC_LINK_UP) { | ||
| 2239 | pring->flag &= ~LPFC_DEFERRED_RING_EVENT; | ||
| 2240 | diff --git a/drivers/scsi/lpfc/lpfc_sli.c b/drivers/scsi/lpfc/lpfc_sli.c | ||
| 2241 | index 0902ed204ba8..6df06e716da1 100644 | ||
| 2242 | --- a/drivers/scsi/lpfc/lpfc_sli.c | ||
| 2243 | +++ b/drivers/scsi/lpfc/lpfc_sli.c | ||
| 2244 | @@ -116,6 +116,8 @@ lpfc_sli4_wq_put(struct lpfc_queue *q, union lpfc_wqe *wqe) | ||
| 2245 | /* set consumption flag every once in a while */ | ||
| 2246 | if (!((q->host_index + 1) % q->entry_repost)) | ||
| 2247 | bf_set(wqe_wqec, &wqe->generic.wqe_com, 1); | ||
| 2248 | + else | ||
| 2249 | + bf_set(wqe_wqec, &wqe->generic.wqe_com, 0); | ||
| 2250 | if (q->phba->sli3_options & LPFC_SLI4_PHWQ_ENABLED) | ||
| 2251 | bf_set(wqe_wqid, &wqe->generic.wqe_com, q->queue_id); | ||
| 2252 | lpfc_sli_pcimem_bcopy(wqe, temp_wqe, q->entry_size); | ||
| 2253 | diff --git a/drivers/scsi/mpt3sas/mpt3sas_scsih.c b/drivers/scsi/mpt3sas/mpt3sas_scsih.c | ||
| 2254 | index b8589068d175..ec48c010a3ba 100644 | ||
| 2255 | --- a/drivers/scsi/mpt3sas/mpt3sas_scsih.c | ||
| 2256 | +++ b/drivers/scsi/mpt3sas/mpt3sas_scsih.c | ||
| 2257 | @@ -8853,7 +8853,7 @@ _scsih_probe(struct pci_dev *pdev, const struct pci_device_id *id) | ||
| 2258 | snprintf(ioc->firmware_event_name, sizeof(ioc->firmware_event_name), | ||
| 2259 | "fw_event_%s%d", ioc->driver_name, ioc->id); | ||
| 2260 | ioc->firmware_event_thread = alloc_ordered_workqueue( | ||
| 2261 | - ioc->firmware_event_name, WQ_MEM_RECLAIM); | ||
| 2262 | + ioc->firmware_event_name, 0); | ||
| 2263 | if (!ioc->firmware_event_thread) { | ||
| 2264 | pr_err(MPT3SAS_FMT "failure at %s:%d/%s()!\n", | ||
| 2265 | ioc->name, __FILE__, __LINE__, __func__); | ||
| 2266 | diff --git a/drivers/scsi/mvsas/mv_94xx.c b/drivers/scsi/mvsas/mv_94xx.c | ||
| 2267 | index 7de5d8d75480..eb5471bc7263 100644 | ||
| 2268 | --- a/drivers/scsi/mvsas/mv_94xx.c | ||
| 2269 | +++ b/drivers/scsi/mvsas/mv_94xx.c | ||
| 2270 | @@ -1080,16 +1080,16 @@ static int mvs_94xx_gpio_write(struct mvs_prv_info *mvs_prv, | ||
| 2271 | void __iomem *regs = mvi->regs_ex - 0x10200; | ||
| 2272 | |||
| 2273 | int drive = (i/3) & (4-1); /* drive number on host */ | ||
| 2274 | - u32 block = mr32(MVS_SGPIO_DCTRL + | ||
| 2275 | + int driveshift = drive * 8; /* bit offset of drive */ | ||
| 2276 | + u32 block = ioread32be(regs + MVS_SGPIO_DCTRL + | ||
| 2277 | MVS_SGPIO_HOST_OFFSET * mvi->id); | ||
| 2278 | |||
| 2279 | - | ||
| 2280 | /* | ||
| 2281 | * if bit is set then create a mask with the first | ||
| 2282 | * bit of the drive set in the mask ... | ||
| 2283 | */ | ||
| 2284 | - u32 bit = (write_data[i/8] & (1 << (i&(8-1)))) ? | ||
| 2285 | - 1<<(24-drive*8) : 0; | ||
| 2286 | + u32 bit = get_unaligned_be32(write_data) & (1 << i) ? | ||
| 2287 | + 1 << driveshift : 0; | ||
| 2288 | |||
| 2289 | /* | ||
| 2290 | * ... and then shift it to the right position based | ||
| 2291 | @@ -1098,26 +1098,27 @@ static int mvs_94xx_gpio_write(struct mvs_prv_info *mvs_prv, | ||
| 2292 | switch (i%3) { | ||
| 2293 | case 0: /* activity */ | ||
| 2294 | block &= ~((0x7 << MVS_SGPIO_DCTRL_ACT_SHIFT) | ||
| 2295 | - << (24-drive*8)); | ||
| 2296 | + << driveshift); | ||
| 2297 | /* hardwire activity bit to SOF */ | ||
| 2298 | block |= LED_BLINKA_SOF << ( | ||
| 2299 | MVS_SGPIO_DCTRL_ACT_SHIFT + | ||
| 2300 | - (24-drive*8)); | ||
| 2301 | + driveshift); | ||
| 2302 | break; | ||
| 2303 | case 1: /* id */ | ||
| 2304 | block &= ~((0x3 << MVS_SGPIO_DCTRL_LOC_SHIFT) | ||
| 2305 | - << (24-drive*8)); | ||
| 2306 | + << driveshift); | ||
| 2307 | block |= bit << MVS_SGPIO_DCTRL_LOC_SHIFT; | ||
| 2308 | break; | ||
| 2309 | case 2: /* fail */ | ||
| 2310 | block &= ~((0x7 << MVS_SGPIO_DCTRL_ERR_SHIFT) | ||
| 2311 | - << (24-drive*8)); | ||
| 2312 | + << driveshift); | ||
| 2313 | block |= bit << MVS_SGPIO_DCTRL_ERR_SHIFT; | ||
| 2314 | break; | ||
| 2315 | } | ||
| 2316 | |||
| 2317 | - mw32(MVS_SGPIO_DCTRL + MVS_SGPIO_HOST_OFFSET * mvi->id, | ||
| 2318 | - block); | ||
| 2319 | + iowrite32be(block, | ||
| 2320 | + regs + MVS_SGPIO_DCTRL + | ||
| 2321 | + MVS_SGPIO_HOST_OFFSET * mvi->id); | ||
| 2322 | |||
| 2323 | } | ||
| 2324 | |||
| 2325 | @@ -1132,7 +1133,7 @@ static int mvs_94xx_gpio_write(struct mvs_prv_info *mvs_prv, | ||
| 2326 | void __iomem *regs = mvi->regs_ex - 0x10200; | ||
| 2327 | |||
| 2328 | mw32(MVS_SGPIO_DCTRL + MVS_SGPIO_HOST_OFFSET * mvi->id, | ||
| 2329 | - be32_to_cpu(((u32 *) write_data)[i])); | ||
| 2330 | + ((u32 *) write_data)[i]); | ||
| 2331 | } | ||
| 2332 | return reg_count; | ||
| 2333 | } | ||
| 2334 | diff --git a/drivers/scsi/qla2xxx/qla_isr.c b/drivers/scsi/qla2xxx/qla_isr.c | ||
| 2335 | index bddaabb288d4..73c99f237b10 100644 | ||
| 2336 | --- a/drivers/scsi/qla2xxx/qla_isr.c | ||
| 2337 | +++ b/drivers/scsi/qla2xxx/qla_isr.c | ||
| 2338 | @@ -272,7 +272,8 @@ qla2x00_mbx_completion(scsi_qla_host_t *vha, uint16_t mb0) | ||
| 2339 | struct device_reg_2xxx __iomem *reg = &ha->iobase->isp; | ||
| 2340 | |||
| 2341 | /* Read all mbox registers? */ | ||
| 2342 | - mboxes = (1 << ha->mbx_count) - 1; | ||
| 2343 | + WARN_ON_ONCE(ha->mbx_count > 32); | ||
| 2344 | + mboxes = (1ULL << ha->mbx_count) - 1; | ||
| 2345 | if (!ha->mcp) | ||
| 2346 | ql_dbg(ql_dbg_async, vha, 0x5001, "MBX pointer ERROR.\n"); | ||
| 2347 | else | ||
| 2348 | @@ -2516,7 +2517,8 @@ qla24xx_mbx_completion(scsi_qla_host_t *vha, uint16_t mb0) | ||
| 2349 | struct device_reg_24xx __iomem *reg = &ha->iobase->isp24; | ||
| 2350 | |||
| 2351 | /* Read all mbox registers? */ | ||
| 2352 | - mboxes = (1 << ha->mbx_count) - 1; | ||
| 2353 | + WARN_ON_ONCE(ha->mbx_count > 32); | ||
| 2354 | + mboxes = (1ULL << ha->mbx_count) - 1; | ||
| 2355 | if (!ha->mcp) | ||
| 2356 | ql_dbg(ql_dbg_async, vha, 0x504e, "MBX pointer ERROR.\n"); | ||
| 2357 | else | ||
| 2358 | diff --git a/drivers/scsi/qla4xxx/ql4_def.h b/drivers/scsi/qla4xxx/ql4_def.h | ||
| 2359 | index a7cfc270bd08..ce1d063f3e83 100644 | ||
| 2360 | --- a/drivers/scsi/qla4xxx/ql4_def.h | ||
| 2361 | +++ b/drivers/scsi/qla4xxx/ql4_def.h | ||
| 2362 | @@ -168,6 +168,8 @@ | ||
| 2363 | #define DEV_DB_NON_PERSISTENT 0 | ||
| 2364 | #define DEV_DB_PERSISTENT 1 | ||
| 2365 | |||
| 2366 | +#define QL4_ISP_REG_DISCONNECT 0xffffffffU | ||
| 2367 | + | ||
| 2368 | #define COPY_ISID(dst_isid, src_isid) { \ | ||
| 2369 | int i, j; \ | ||
| 2370 | for (i = 0, j = ISID_SIZE - 1; i < ISID_SIZE;) \ | ||
| 2371 | diff --git a/drivers/scsi/qla4xxx/ql4_os.c b/drivers/scsi/qla4xxx/ql4_os.c | ||
| 2372 | index 01c3610a60cf..d8c03431d0aa 100644 | ||
| 2373 | --- a/drivers/scsi/qla4xxx/ql4_os.c | ||
| 2374 | +++ b/drivers/scsi/qla4xxx/ql4_os.c | ||
| 2375 | @@ -262,6 +262,24 @@ static struct iscsi_transport qla4xxx_iscsi_transport = { | ||
| 2376 | |||
| 2377 | static struct scsi_transport_template *qla4xxx_scsi_transport; | ||
| 2378 | |||
| 2379 | +static int qla4xxx_isp_check_reg(struct scsi_qla_host *ha) | ||
| 2380 | +{ | ||
| 2381 | + u32 reg_val = 0; | ||
| 2382 | + int rval = QLA_SUCCESS; | ||
| 2383 | + | ||
| 2384 | + if (is_qla8022(ha)) | ||
| 2385 | + reg_val = readl(&ha->qla4_82xx_reg->host_status); | ||
| 2386 | + else if (is_qla8032(ha) || is_qla8042(ha)) | ||
| 2387 | + reg_val = qla4_8xxx_rd_direct(ha, QLA8XXX_PEG_ALIVE_COUNTER); | ||
| 2388 | + else | ||
| 2389 | + reg_val = readw(&ha->reg->ctrl_status); | ||
| 2390 | + | ||
| 2391 | + if (reg_val == QL4_ISP_REG_DISCONNECT) | ||
| 2392 | + rval = QLA_ERROR; | ||
| 2393 | + | ||
| 2394 | + return rval; | ||
| 2395 | +} | ||
| 2396 | + | ||
| 2397 | static int qla4xxx_send_ping(struct Scsi_Host *shost, uint32_t iface_num, | ||
| 2398 | uint32_t iface_type, uint32_t payload_size, | ||
| 2399 | uint32_t pid, struct sockaddr *dst_addr) | ||
| 2400 | @@ -9196,10 +9214,17 @@ static int qla4xxx_eh_abort(struct scsi_cmnd *cmd) | ||
| 2401 | struct srb *srb = NULL; | ||
| 2402 | int ret = SUCCESS; | ||
| 2403 | int wait = 0; | ||
| 2404 | + int rval; | ||
| 2405 | |||
| 2406 | ql4_printk(KERN_INFO, ha, "scsi%ld:%d:%llu: Abort command issued cmd=%p, cdb=0x%x\n", | ||
| 2407 | ha->host_no, id, lun, cmd, cmd->cmnd[0]); | ||
| 2408 | |||
| 2409 | + rval = qla4xxx_isp_check_reg(ha); | ||
| 2410 | + if (rval != QLA_SUCCESS) { | ||
| 2411 | + ql4_printk(KERN_INFO, ha, "PCI/Register disconnect, exiting.\n"); | ||
| 2412 | + return FAILED; | ||
| 2413 | + } | ||
| 2414 | + | ||
| 2415 | spin_lock_irqsave(&ha->hardware_lock, flags); | ||
| 2416 | srb = (struct srb *) CMD_SP(cmd); | ||
| 2417 | if (!srb) { | ||
| 2418 | @@ -9251,6 +9276,7 @@ static int qla4xxx_eh_device_reset(struct scsi_cmnd *cmd) | ||
| 2419 | struct scsi_qla_host *ha = to_qla_host(cmd->device->host); | ||
| 2420 | struct ddb_entry *ddb_entry = cmd->device->hostdata; | ||
| 2421 | int ret = FAILED, stat; | ||
| 2422 | + int rval; | ||
| 2423 | |||
| 2424 | if (!ddb_entry) | ||
| 2425 | return ret; | ||
| 2426 | @@ -9270,6 +9296,12 @@ static int qla4xxx_eh_device_reset(struct scsi_cmnd *cmd) | ||
| 2427 | cmd, jiffies, cmd->request->timeout / HZ, | ||
| 2428 | ha->dpc_flags, cmd->result, cmd->allowed)); | ||
| 2429 | |||
| 2430 | + rval = qla4xxx_isp_check_reg(ha); | ||
| 2431 | + if (rval != QLA_SUCCESS) { | ||
| 2432 | + ql4_printk(KERN_INFO, ha, "PCI/Register disconnect, exiting.\n"); | ||
| 2433 | + return FAILED; | ||
| 2434 | + } | ||
| 2435 | + | ||
| 2436 | /* FIXME: wait for hba to go online */ | ||
| 2437 | stat = qla4xxx_reset_lun(ha, ddb_entry, cmd->device->lun); | ||
| 2438 | if (stat != QLA_SUCCESS) { | ||
| 2439 | @@ -9313,6 +9345,7 @@ static int qla4xxx_eh_target_reset(struct scsi_cmnd *cmd) | ||
| 2440 | struct scsi_qla_host *ha = to_qla_host(cmd->device->host); | ||
| 2441 | struct ddb_entry *ddb_entry = cmd->device->hostdata; | ||
| 2442 | int stat, ret; | ||
| 2443 | + int rval; | ||
| 2444 | |||
| 2445 | if (!ddb_entry) | ||
| 2446 | return FAILED; | ||
| 2447 | @@ -9330,6 +9363,12 @@ static int qla4xxx_eh_target_reset(struct scsi_cmnd *cmd) | ||
| 2448 | ha->host_no, cmd, jiffies, cmd->request->timeout / HZ, | ||
| 2449 | ha->dpc_flags, cmd->result, cmd->allowed)); | ||
| 2450 | |||
| 2451 | + rval = qla4xxx_isp_check_reg(ha); | ||
| 2452 | + if (rval != QLA_SUCCESS) { | ||
| 2453 | + ql4_printk(KERN_INFO, ha, "PCI/Register disconnect, exiting.\n"); | ||
| 2454 | + return FAILED; | ||
| 2455 | + } | ||
| 2456 | + | ||
| 2457 | stat = qla4xxx_reset_target(ha, ddb_entry); | ||
| 2458 | if (stat != QLA_SUCCESS) { | ||
| 2459 | starget_printk(KERN_INFO, scsi_target(cmd->device), | ||
| 2460 | @@ -9384,9 +9423,16 @@ static int qla4xxx_eh_host_reset(struct scsi_cmnd *cmd) | ||
| 2461 | { | ||
| 2462 | int return_status = FAILED; | ||
| 2463 | struct scsi_qla_host *ha; | ||
| 2464 | + int rval; | ||
| 2465 | |||
| 2466 | ha = to_qla_host(cmd->device->host); | ||
| 2467 | |||
| 2468 | + rval = qla4xxx_isp_check_reg(ha); | ||
| 2469 | + if (rval != QLA_SUCCESS) { | ||
| 2470 | + ql4_printk(KERN_INFO, ha, "PCI/Register disconnect, exiting.\n"); | ||
| 2471 | + return FAILED; | ||
| 2472 | + } | ||
| 2473 | + | ||
| 2474 | if ((is_qla8032(ha) || is_qla8042(ha)) && ql4xdontresethba) | ||
| 2475 | qla4_83xx_set_idc_dontreset(ha); | ||
| 2476 | |||
| 2477 | diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c | ||
| 2478 | index 14ba1a2c0b7c..f8b6bf56c48e 100644 | ||
| 2479 | --- a/drivers/scsi/sd.c | ||
| 2480 | +++ b/drivers/scsi/sd.c | ||
| 2481 | @@ -2401,6 +2401,7 @@ sd_read_write_protect_flag(struct scsi_disk *sdkp, unsigned char *buffer) | ||
| 2482 | int res; | ||
| 2483 | struct scsi_device *sdp = sdkp->device; | ||
| 2484 | struct scsi_mode_data data; | ||
| 2485 | + int disk_ro = get_disk_ro(sdkp->disk); | ||
| 2486 | int old_wp = sdkp->write_prot; | ||
| 2487 | |||
| 2488 | set_disk_ro(sdkp->disk, 0); | ||
| 2489 | @@ -2441,7 +2442,7 @@ sd_read_write_protect_flag(struct scsi_disk *sdkp, unsigned char *buffer) | ||
| 2490 | "Test WP failed, assume Write Enabled\n"); | ||
| 2491 | } else { | ||
| 2492 | sdkp->write_prot = ((data.device_specific & 0x80) != 0); | ||
| 2493 | - set_disk_ro(sdkp->disk, sdkp->write_prot); | ||
| 2494 | + set_disk_ro(sdkp->disk, sdkp->write_prot || disk_ro); | ||
| 2495 | if (sdkp->first_scan || old_wp != sdkp->write_prot) { | ||
| 2496 | sd_printk(KERN_NOTICE, sdkp, "Write Protect is %s\n", | ||
| 2497 | sdkp->write_prot ? "on" : "off"); | ||
| 2498 | diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c | ||
| 2499 | index f61b37109e5c..0f81d739f9e9 100644 | ||
| 2500 | --- a/drivers/scsi/sg.c | ||
| 2501 | +++ b/drivers/scsi/sg.c | ||
| 2502 | @@ -1893,7 +1893,7 @@ sg_build_indirect(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size) | ||
| 2503 | num = (rem_sz > scatter_elem_sz_prev) ? | ||
| 2504 | scatter_elem_sz_prev : rem_sz; | ||
| 2505 | |||
| 2506 | - schp->pages[k] = alloc_pages(gfp_mask, order); | ||
| 2507 | + schp->pages[k] = alloc_pages(gfp_mask | __GFP_ZERO, order); | ||
| 2508 | if (!schp->pages[k]) | ||
| 2509 | goto out; | ||
| 2510 | |||
| 2511 | diff --git a/drivers/scsi/storvsc_drv.c b/drivers/scsi/storvsc_drv.c | ||
| 2512 | index 0dd1984e381e..d92b2808d191 100644 | ||
| 2513 | --- a/drivers/scsi/storvsc_drv.c | ||
| 2514 | +++ b/drivers/scsi/storvsc_drv.c | ||
| 2515 | @@ -1580,7 +1580,7 @@ static struct scsi_host_template scsi_driver = { | ||
| 2516 | .eh_timed_out = storvsc_eh_timed_out, | ||
| 2517 | .slave_alloc = storvsc_device_alloc, | ||
| 2518 | .slave_configure = storvsc_device_configure, | ||
| 2519 | - .cmd_per_lun = 255, | ||
| 2520 | + .cmd_per_lun = 2048, | ||
| 2521 | .this_id = -1, | ||
| 2522 | .use_clustering = ENABLE_CLUSTERING, | ||
| 2523 | /* Make sure we dont get a sg segment crosses a page boundary */ | ||
| 2524 | diff --git a/drivers/scsi/sym53c8xx_2/sym_hipd.c b/drivers/scsi/sym53c8xx_2/sym_hipd.c | ||
| 2525 | index 6b349e301869..c6425e3df5a0 100644 | ||
| 2526 | --- a/drivers/scsi/sym53c8xx_2/sym_hipd.c | ||
| 2527 | +++ b/drivers/scsi/sym53c8xx_2/sym_hipd.c | ||
| 2528 | @@ -536,7 +536,7 @@ sym_getsync(struct sym_hcb *np, u_char dt, u_char sfac, u_char *divp, u_char *fa | ||
| 2529 | * Look for the greatest clock divisor that allows an | ||
| 2530 | * input speed faster than the period. | ||
| 2531 | */ | ||
| 2532 | - while (div-- > 0) | ||
| 2533 | + while (--div > 0) | ||
| 2534 | if (kpc >= (div_10M[div] << 2)) break; | ||
| 2535 | |||
| 2536 | /* | ||
| 2537 | diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c | ||
| 2538 | index 2e9341233f66..98a7111dd53f 100644 | ||
| 2539 | --- a/drivers/scsi/ufs/ufshcd.c | ||
| 2540 | +++ b/drivers/scsi/ufs/ufshcd.c | ||
| 2541 | @@ -3338,6 +3338,8 @@ static int ufshcd_slave_alloc(struct scsi_device *sdev) | ||
| 2542 | /* REPORT SUPPORTED OPERATION CODES is not supported */ | ||
| 2543 | sdev->no_report_opcodes = 1; | ||
| 2544 | |||
| 2545 | + /* WRITE_SAME command is not supported */ | ||
| 2546 | + sdev->no_write_same = 1; | ||
| 2547 | |||
| 2548 | ufshcd_set_queue_depth(sdev); | ||
| 2549 | |||
| 2550 | diff --git a/drivers/staging/lustre/lustre/include/obd.h b/drivers/staging/lustre/lustre/include/obd.h | ||
| 2551 | index f6fc4dd05bd6..722c33f7eecc 100644 | ||
| 2552 | --- a/drivers/staging/lustre/lustre/include/obd.h | ||
| 2553 | +++ b/drivers/staging/lustre/lustre/include/obd.h | ||
| 2554 | @@ -253,7 +253,7 @@ struct client_obd { | ||
| 2555 | struct sptlrpc_flavor cl_flvr_mgc; /* fixed flavor of mgc->mgs */ | ||
| 2556 | |||
| 2557 | /* the grant values are protected by loi_list_lock below */ | ||
| 2558 | - unsigned long cl_dirty_pages; /* all _dirty_ in pahges */ | ||
| 2559 | + unsigned long cl_dirty_pages; /* all _dirty_ in pages */ | ||
| 2560 | unsigned long cl_dirty_max_pages; /* allowed w/o rpc */ | ||
| 2561 | unsigned long cl_dirty_transit; /* dirty synchronous */ | ||
| 2562 | unsigned long cl_avail_grant; /* bytes of credit for ost */ | ||
| 2563 | diff --git a/drivers/staging/lustre/lustre/lmv/lmv_obd.c b/drivers/staging/lustre/lustre/lmv/lmv_obd.c | ||
| 2564 | index cd19ce811e62..9e63171c1ec3 100644 | ||
| 2565 | --- a/drivers/staging/lustre/lustre/lmv/lmv_obd.c | ||
| 2566 | +++ b/drivers/staging/lustre/lustre/lmv/lmv_obd.c | ||
| 2567 | @@ -2928,7 +2928,7 @@ int lmv_unpack_md(struct obd_export *exp, struct lmv_stripe_md **lsmp, | ||
| 2568 | if (lsm && !lmm) { | ||
| 2569 | int i; | ||
| 2570 | |||
| 2571 | - for (i = 1; i < lsm->lsm_md_stripe_count; i++) { | ||
| 2572 | + for (i = 0; i < lsm->lsm_md_stripe_count; i++) { | ||
| 2573 | /* | ||
| 2574 | * For migrating inode, the master stripe and master | ||
| 2575 | * object will be the same, so do not need iput, see | ||
| 2576 | diff --git a/drivers/staging/lustre/lustre/osc/osc_cache.c b/drivers/staging/lustre/lustre/osc/osc_cache.c | ||
| 2577 | index 4bbe219add98..1a8c9f535200 100644 | ||
| 2578 | --- a/drivers/staging/lustre/lustre/osc/osc_cache.c | ||
| 2579 | +++ b/drivers/staging/lustre/lustre/osc/osc_cache.c | ||
| 2580 | @@ -1542,7 +1542,7 @@ static int osc_enter_cache_try(struct client_obd *cli, | ||
| 2581 | if (rc < 0) | ||
| 2582 | return 0; | ||
| 2583 | |||
| 2584 | - if (cli->cl_dirty_pages <= cli->cl_dirty_max_pages && | ||
| 2585 | + if (cli->cl_dirty_pages < cli->cl_dirty_max_pages && | ||
| 2586 | atomic_long_read(&obd_dirty_pages) + 1 <= obd_max_dirty_pages) { | ||
| 2587 | osc_consume_write_grant(cli, &oap->oap_brw_page); | ||
| 2588 | if (transient) { | ||
| 2589 | diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c | ||
| 2590 | index 457eeb5f5239..5fe95937d811 100644 | ||
| 2591 | --- a/drivers/staging/rtl8192u/r8192U_core.c | ||
| 2592 | +++ b/drivers/staging/rtl8192u/r8192U_core.c | ||
| 2593 | @@ -1705,6 +1705,8 @@ static short rtl8192_usb_initendpoints(struct net_device *dev) | ||
| 2594 | |||
| 2595 | priv->rx_urb[16] = usb_alloc_urb(0, GFP_KERNEL); | ||
| 2596 | priv->oldaddr = kmalloc(16, GFP_KERNEL); | ||
| 2597 | + if (!priv->oldaddr) | ||
| 2598 | + return -ENOMEM; | ||
| 2599 | oldaddr = priv->oldaddr; | ||
| 2600 | align = ((long)oldaddr) & 3; | ||
| 2601 | if (align) { | ||
| 2602 | diff --git a/drivers/tty/serial/8250/8250_port.c b/drivers/tty/serial/8250/8250_port.c | ||
| 2603 | index f6e4373a8850..5d9038a5bbc4 100644 | ||
| 2604 | --- a/drivers/tty/serial/8250/8250_port.c | ||
| 2605 | +++ b/drivers/tty/serial/8250/8250_port.c | ||
| 2606 | @@ -1815,7 +1815,8 @@ int serial8250_handle_irq(struct uart_port *port, unsigned int iir) | ||
| 2607 | |||
| 2608 | status = serial_port_in(port, UART_LSR); | ||
| 2609 | |||
| 2610 | - if (status & (UART_LSR_DR | UART_LSR_BI)) { | ||
| 2611 | + if (status & (UART_LSR_DR | UART_LSR_BI) && | ||
| 2612 | + iir & UART_IIR_RDI) { | ||
| 2613 | if (!up->dma || handle_rx_dma(up, iir)) | ||
| 2614 | status = serial8250_rx_chars(up, status); | ||
| 2615 | } | ||
| 2616 | diff --git a/drivers/tty/serial/arc_uart.c b/drivers/tty/serial/arc_uart.c | ||
| 2617 | index 5ac06fcaa9c6..fec48deb074c 100644 | ||
| 2618 | --- a/drivers/tty/serial/arc_uart.c | ||
| 2619 | +++ b/drivers/tty/serial/arc_uart.c | ||
| 2620 | @@ -596,6 +596,11 @@ static int arc_serial_probe(struct platform_device *pdev) | ||
| 2621 | if (dev_id < 0) | ||
| 2622 | dev_id = 0; | ||
| 2623 | |||
| 2624 | + if (dev_id >= ARRAY_SIZE(arc_uart_ports)) { | ||
| 2625 | + dev_err(&pdev->dev, "serial%d out of range\n", dev_id); | ||
| 2626 | + return -EINVAL; | ||
| 2627 | + } | ||
| 2628 | + | ||
| 2629 | uart = &arc_uart_ports[dev_id]; | ||
| 2630 | port = &uart->port; | ||
| 2631 | |||
| 2632 | diff --git a/drivers/tty/serial/fsl_lpuart.c b/drivers/tty/serial/fsl_lpuart.c | ||
| 2633 | index 76103f2c4a80..937f5e10f165 100644 | ||
| 2634 | --- a/drivers/tty/serial/fsl_lpuart.c | ||
| 2635 | +++ b/drivers/tty/serial/fsl_lpuart.c | ||
| 2636 | @@ -1902,6 +1902,10 @@ static int lpuart_probe(struct platform_device *pdev) | ||
| 2637 | dev_err(&pdev->dev, "failed to get alias id, errno %d\n", ret); | ||
| 2638 | return ret; | ||
| 2639 | } | ||
| 2640 | + if (ret >= ARRAY_SIZE(lpuart_ports)) { | ||
| 2641 | + dev_err(&pdev->dev, "serial%d out of range\n", ret); | ||
| 2642 | + return -EINVAL; | ||
| 2643 | + } | ||
| 2644 | sport->port.line = ret; | ||
| 2645 | sport->lpuart32 = of_device_is_compatible(np, "fsl,ls1021a-lpuart"); | ||
| 2646 | |||
| 2647 | diff --git a/drivers/tty/serial/imx.c b/drivers/tty/serial/imx.c | ||
| 2648 | index ecadc27eea48..b24edf634985 100644 | ||
| 2649 | --- a/drivers/tty/serial/imx.c | ||
| 2650 | +++ b/drivers/tty/serial/imx.c | ||
| 2651 | @@ -2080,6 +2080,12 @@ static int serial_imx_probe(struct platform_device *pdev) | ||
| 2652 | else if (ret < 0) | ||
| 2653 | return ret; | ||
| 2654 | |||
| 2655 | + if (sport->port.line >= ARRAY_SIZE(imx_ports)) { | ||
| 2656 | + dev_err(&pdev->dev, "serial%d out of range\n", | ||
| 2657 | + sport->port.line); | ||
| 2658 | + return -EINVAL; | ||
| 2659 | + } | ||
| 2660 | + | ||
| 2661 | res = platform_get_resource(pdev, IORESOURCE_MEM, 0); | ||
| 2662 | base = devm_ioremap_resource(&pdev->dev, res); | ||
| 2663 | if (IS_ERR(base)) | ||
| 2664 | diff --git a/drivers/tty/serial/mxs-auart.c b/drivers/tty/serial/mxs-auart.c | ||
| 2665 | index 07390f8c3681..1d9d778828ba 100644 | ||
| 2666 | --- a/drivers/tty/serial/mxs-auart.c | ||
| 2667 | +++ b/drivers/tty/serial/mxs-auart.c | ||
| 2668 | @@ -1664,6 +1664,10 @@ static int mxs_auart_probe(struct platform_device *pdev) | ||
| 2669 | s->port.line = pdev->id < 0 ? 0 : pdev->id; | ||
| 2670 | else if (ret < 0) | ||
| 2671 | return ret; | ||
| 2672 | + if (s->port.line >= ARRAY_SIZE(auart_port)) { | ||
| 2673 | + dev_err(&pdev->dev, "serial%d out of range\n", s->port.line); | ||
| 2674 | + return -EINVAL; | ||
| 2675 | + } | ||
| 2676 | |||
| 2677 | if (of_id) { | ||
| 2678 | pdev->id_entry = of_id->data; | ||
| 2679 | diff --git a/drivers/tty/serial/samsung.c b/drivers/tty/serial/samsung.c | ||
| 2680 | index d65f92bcd0f1..f2ab6d8aab41 100644 | ||
| 2681 | --- a/drivers/tty/serial/samsung.c | ||
| 2682 | +++ b/drivers/tty/serial/samsung.c | ||
| 2683 | @@ -1813,6 +1813,10 @@ static int s3c24xx_serial_probe(struct platform_device *pdev) | ||
| 2684 | |||
| 2685 | dbg("s3c24xx_serial_probe(%p) %d\n", pdev, index); | ||
| 2686 | |||
| 2687 | + if (index >= ARRAY_SIZE(s3c24xx_serial_ports)) { | ||
| 2688 | + dev_err(&pdev->dev, "serial%d out of range\n", index); | ||
| 2689 | + return -EINVAL; | ||
| 2690 | + } | ||
| 2691 | ourport = &s3c24xx_serial_ports[index]; | ||
| 2692 | |||
| 2693 | ourport->drv_data = s3c24xx_get_driver_data(pdev); | ||
| 2694 | diff --git a/drivers/tty/serial/xilinx_uartps.c b/drivers/tty/serial/xilinx_uartps.c | ||
| 2695 | index dd4c02fa4820..7497f1d4a818 100644 | ||
| 2696 | --- a/drivers/tty/serial/xilinx_uartps.c | ||
| 2697 | +++ b/drivers/tty/serial/xilinx_uartps.c | ||
| 2698 | @@ -1106,7 +1106,7 @@ static struct uart_port *cdns_uart_get_port(int id) | ||
| 2699 | struct uart_port *port; | ||
| 2700 | |||
| 2701 | /* Try the given port id if failed use default method */ | ||
| 2702 | - if (cdns_uart_port[id].mapbase != 0) { | ||
| 2703 | + if (id < CDNS_UART_NR_PORTS && cdns_uart_port[id].mapbase != 0) { | ||
| 2704 | /* Find the next unused port */ | ||
| 2705 | for (id = 0; id < CDNS_UART_NR_PORTS; id++) | ||
| 2706 | if (cdns_uart_port[id].mapbase == 0) | ||
| 2707 | diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c | ||
| 2708 | index 34d23cc99fbd..fe22ac7c760a 100644 | ||
| 2709 | --- a/drivers/usb/class/cdc-acm.c | ||
| 2710 | +++ b/drivers/usb/class/cdc-acm.c | ||
| 2711 | @@ -174,6 +174,7 @@ static int acm_wb_alloc(struct acm *acm) | ||
| 2712 | wb = &acm->wb[wbn]; | ||
| 2713 | if (!wb->use) { | ||
| 2714 | wb->use = 1; | ||
| 2715 | + wb->len = 0; | ||
| 2716 | return wbn; | ||
| 2717 | } | ||
| 2718 | wbn = (wbn + 1) % ACM_NW; | ||
| 2719 | @@ -731,16 +732,18 @@ static int acm_tty_write(struct tty_struct *tty, | ||
| 2720 | static void acm_tty_flush_chars(struct tty_struct *tty) | ||
| 2721 | { | ||
| 2722 | struct acm *acm = tty->driver_data; | ||
| 2723 | - struct acm_wb *cur = acm->putbuffer; | ||
| 2724 | + struct acm_wb *cur; | ||
| 2725 | int err; | ||
| 2726 | unsigned long flags; | ||
| 2727 | |||
| 2728 | + spin_lock_irqsave(&acm->write_lock, flags); | ||
| 2729 | + | ||
| 2730 | + cur = acm->putbuffer; | ||
| 2731 | if (!cur) /* nothing to do */ | ||
| 2732 | - return; | ||
| 2733 | + goto out; | ||
| 2734 | |||
| 2735 | acm->putbuffer = NULL; | ||
| 2736 | err = usb_autopm_get_interface_async(acm->control); | ||
| 2737 | - spin_lock_irqsave(&acm->write_lock, flags); | ||
| 2738 | if (err < 0) { | ||
| 2739 | cur->use = 0; | ||
| 2740 | acm->putbuffer = cur; | ||
| 2741 | diff --git a/drivers/usb/dwc2/core.h b/drivers/usb/dwc2/core.h | ||
| 2742 | index 2a21a0414b1d..0f45a2f165e5 100644 | ||
| 2743 | --- a/drivers/usb/dwc2/core.h | ||
| 2744 | +++ b/drivers/usb/dwc2/core.h | ||
| 2745 | @@ -209,7 +209,7 @@ struct dwc2_hsotg_ep { | ||
| 2746 | unsigned char dir_in; | ||
| 2747 | unsigned char index; | ||
| 2748 | unsigned char mc; | ||
| 2749 | - unsigned char interval; | ||
| 2750 | + u16 interval; | ||
| 2751 | |||
| 2752 | unsigned int halted:1; | ||
| 2753 | unsigned int periodic:1; | ||
| 2754 | diff --git a/drivers/usb/dwc2/gadget.c b/drivers/usb/dwc2/gadget.c | ||
| 2755 | index cfdd5c3da236..09921ef07ac5 100644 | ||
| 2756 | --- a/drivers/usb/dwc2/gadget.c | ||
| 2757 | +++ b/drivers/usb/dwc2/gadget.c | ||
| 2758 | @@ -2642,12 +2642,6 @@ void dwc2_hsotg_core_init_disconnected(struct dwc2_hsotg *hsotg, | ||
| 2759 | dwc2_writel(dwc2_hsotg_ep0_mps(hsotg->eps_out[0]->ep.maxpacket) | | ||
| 2760 | DXEPCTL_USBACTEP, hsotg->regs + DIEPCTL0); | ||
| 2761 | |||
| 2762 | - dwc2_hsotg_enqueue_setup(hsotg); | ||
| 2763 | - | ||
| 2764 | - dev_dbg(hsotg->dev, "EP0: DIEPCTL0=0x%08x, DOEPCTL0=0x%08x\n", | ||
| 2765 | - dwc2_readl(hsotg->regs + DIEPCTL0), | ||
| 2766 | - dwc2_readl(hsotg->regs + DOEPCTL0)); | ||
| 2767 | - | ||
| 2768 | /* clear global NAKs */ | ||
| 2769 | val = DCTL_CGOUTNAK | DCTL_CGNPINNAK; | ||
| 2770 | if (!is_usb_reset) | ||
| 2771 | @@ -2658,6 +2652,12 @@ void dwc2_hsotg_core_init_disconnected(struct dwc2_hsotg *hsotg, | ||
| 2772 | mdelay(3); | ||
| 2773 | |||
| 2774 | hsotg->lx_state = DWC2_L0; | ||
| 2775 | + | ||
| 2776 | + dwc2_hsotg_enqueue_setup(hsotg); | ||
| 2777 | + | ||
| 2778 | + dev_dbg(hsotg->dev, "EP0: DIEPCTL0=0x%08x, DOEPCTL0=0x%08x\n", | ||
| 2779 | + dwc2_readl(hsotg->regs + DIEPCTL0), | ||
| 2780 | + dwc2_readl(hsotg->regs + DOEPCTL0)); | ||
| 2781 | } | ||
| 2782 | |||
| 2783 | static void dwc2_hsotg_core_disconnect(struct dwc2_hsotg *hsotg) | ||
| 2784 | diff --git a/drivers/usb/dwc2/hcd.c b/drivers/usb/dwc2/hcd.c | ||
| 2785 | index 919a32153060..0a0cf154814b 100644 | ||
| 2786 | --- a/drivers/usb/dwc2/hcd.c | ||
| 2787 | +++ b/drivers/usb/dwc2/hcd.c | ||
| 2788 | @@ -2268,10 +2268,22 @@ static int dwc2_core_init(struct dwc2_hsotg *hsotg, bool initial_setup) | ||
| 2789 | */ | ||
| 2790 | static void dwc2_core_host_init(struct dwc2_hsotg *hsotg) | ||
| 2791 | { | ||
| 2792 | - u32 hcfg, hfir, otgctl; | ||
| 2793 | + u32 hcfg, hfir, otgctl, usbcfg; | ||
| 2794 | |||
| 2795 | dev_dbg(hsotg->dev, "%s(%p)\n", __func__, hsotg); | ||
| 2796 | |||
| 2797 | + /* Set HS/FS Timeout Calibration to 7 (max available value). | ||
| 2798 | + * The number of PHY clocks that the application programs in | ||
| 2799 | + * this field is added to the high/full speed interpacket timeout | ||
| 2800 | + * duration in the core to account for any additional delays | ||
| 2801 | + * introduced by the PHY. This can be required, because the delay | ||
| 2802 | + * introduced by the PHY in generating the linestate condition | ||
| 2803 | + * can vary from one PHY to another. | ||
| 2804 | + */ | ||
| 2805 | + usbcfg = dwc2_readl(hsotg->regs + GUSBCFG); | ||
| 2806 | + usbcfg |= GUSBCFG_TOUTCAL(7); | ||
| 2807 | + dwc2_writel(usbcfg, hsotg->regs + GUSBCFG); | ||
| 2808 | + | ||
| 2809 | /* Restart the Phy Clock */ | ||
| 2810 | dwc2_writel(0, hsotg->regs + PCGCTL); | ||
| 2811 | |||
| 2812 | diff --git a/drivers/usb/dwc3/core.c b/drivers/usb/dwc3/core.c | ||
| 2813 | index a0c2b8b6edd0..53b26e978d90 100644 | ||
| 2814 | --- a/drivers/usb/dwc3/core.c | ||
| 2815 | +++ b/drivers/usb/dwc3/core.c | ||
| 2816 | @@ -161,12 +161,26 @@ static int dwc3_core_soft_reset(struct dwc3 *dwc) | ||
| 2817 | do { | ||
| 2818 | reg = dwc3_readl(dwc->regs, DWC3_DCTL); | ||
| 2819 | if (!(reg & DWC3_DCTL_CSFTRST)) | ||
| 2820 | - return 0; | ||
| 2821 | + goto done; | ||
| 2822 | |||
| 2823 | udelay(1); | ||
| 2824 | } while (--retries); | ||
| 2825 | |||
| 2826 | + phy_exit(dwc->usb3_generic_phy); | ||
| 2827 | + phy_exit(dwc->usb2_generic_phy); | ||
| 2828 | + | ||
| 2829 | return -ETIMEDOUT; | ||
| 2830 | + | ||
| 2831 | +done: | ||
| 2832 | + /* | ||
| 2833 | + * For DWC_usb31 controller, once DWC3_DCTL_CSFTRST bit is cleared, | ||
| 2834 | + * we must wait at least 50ms before accessing the PHY domain | ||
| 2835 | + * (synchronization delay). DWC_usb31 programming guide section 1.3.2. | ||
| 2836 | + */ | ||
| 2837 | + if (dwc3_is_usb31(dwc)) | ||
| 2838 | + msleep(50); | ||
| 2839 | + | ||
| 2840 | + return 0; | ||
| 2841 | } | ||
| 2842 | |||
| 2843 | /** | ||
| 2844 | diff --git a/drivers/usb/dwc3/core.h b/drivers/usb/dwc3/core.h | ||
| 2845 | index 94d6a3e2ad97..affb3d757310 100644 | ||
| 2846 | --- a/drivers/usb/dwc3/core.h | ||
| 2847 | +++ b/drivers/usb/dwc3/core.h | ||
| 2848 | @@ -238,6 +238,8 @@ | ||
| 2849 | #define DWC3_GUSB3PIPECTL_TX_DEEPH(n) ((n) << 1) | ||
| 2850 | |||
| 2851 | /* Global TX Fifo Size Register */ | ||
| 2852 | +#define DWC31_GTXFIFOSIZ_TXFRAMNUM BIT(15) /* DWC_usb31 only */ | ||
| 2853 | +#define DWC31_GTXFIFOSIZ_TXFDEF(n) ((n) & 0x7fff) /* DWC_usb31 only */ | ||
| 2854 | #define DWC3_GTXFIFOSIZ_TXFDEF(n) ((n) & 0xffff) | ||
| 2855 | #define DWC3_GTXFIFOSIZ_TXFSTADDR(n) ((n) & 0xffff0000) | ||
| 2856 | |||
| 2857 | diff --git a/drivers/usb/dwc3/dwc3-omap.c b/drivers/usb/dwc3/dwc3-omap.c | ||
| 2858 | index 35b63518baf6..f221cb479e14 100644 | ||
| 2859 | --- a/drivers/usb/dwc3/dwc3-omap.c | ||
| 2860 | +++ b/drivers/usb/dwc3/dwc3-omap.c | ||
| 2861 | @@ -598,9 +598,25 @@ static int dwc3_omap_resume(struct device *dev) | ||
| 2862 | return 0; | ||
| 2863 | } | ||
| 2864 | |||
| 2865 | +static void dwc3_omap_complete(struct device *dev) | ||
| 2866 | +{ | ||
| 2867 | + struct dwc3_omap *omap = dev_get_drvdata(dev); | ||
| 2868 | + | ||
| 2869 | + if (extcon_get_state(omap->edev, EXTCON_USB)) | ||
| 2870 | + dwc3_omap_set_mailbox(omap, OMAP_DWC3_VBUS_VALID); | ||
| 2871 | + else | ||
| 2872 | + dwc3_omap_set_mailbox(omap, OMAP_DWC3_VBUS_OFF); | ||
| 2873 | + | ||
| 2874 | + if (extcon_get_state(omap->edev, EXTCON_USB_HOST)) | ||
| 2875 | + dwc3_omap_set_mailbox(omap, OMAP_DWC3_ID_GROUND); | ||
| 2876 | + else | ||
| 2877 | + dwc3_omap_set_mailbox(omap, OMAP_DWC3_ID_FLOAT); | ||
| 2878 | +} | ||
| 2879 | + | ||
| 2880 | static const struct dev_pm_ops dwc3_omap_dev_pm_ops = { | ||
| 2881 | |||
| 2882 | SET_SYSTEM_SLEEP_PM_OPS(dwc3_omap_suspend, dwc3_omap_resume) | ||
| 2883 | + .complete = dwc3_omap_complete, | ||
| 2884 | }; | ||
| 2885 | |||
| 2886 | #define DEV_PM_OPS (&dwc3_omap_dev_pm_ops) | ||
| 2887 | diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c | ||
| 2888 | index 406758ed0b23..ca97f5b36e1b 100644 | ||
| 2889 | --- a/drivers/usb/gadget/composite.c | ||
| 2890 | +++ b/drivers/usb/gadget/composite.c | ||
| 2891 | @@ -1421,7 +1421,7 @@ static int count_ext_compat(struct usb_configuration *c) | ||
| 2892 | return res; | ||
| 2893 | } | ||
| 2894 | |||
| 2895 | -static void fill_ext_compat(struct usb_configuration *c, u8 *buf) | ||
| 2896 | +static int fill_ext_compat(struct usb_configuration *c, u8 *buf) | ||
| 2897 | { | ||
| 2898 | int i, count; | ||
| 2899 | |||
| 2900 | @@ -1448,10 +1448,12 @@ static void fill_ext_compat(struct usb_configuration *c, u8 *buf) | ||
| 2901 | buf += 23; | ||
| 2902 | } | ||
| 2903 | count += 24; | ||
| 2904 | - if (count >= 4096) | ||
| 2905 | - return; | ||
| 2906 | + if (count + 24 >= USB_COMP_EP0_OS_DESC_BUFSIZ) | ||
| 2907 | + return count; | ||
| 2908 | } | ||
| 2909 | } | ||
| 2910 | + | ||
| 2911 | + return count; | ||
| 2912 | } | ||
| 2913 | |||
| 2914 | static int count_ext_prop(struct usb_configuration *c, int interface) | ||
| 2915 | @@ -1496,25 +1498,20 @@ static int fill_ext_prop(struct usb_configuration *c, int interface, u8 *buf) | ||
| 2916 | struct usb_os_desc *d; | ||
| 2917 | struct usb_os_desc_ext_prop *ext_prop; | ||
| 2918 | int j, count, n, ret; | ||
| 2919 | - u8 *start = buf; | ||
| 2920 | |||
| 2921 | f = c->interface[interface]; | ||
| 2922 | + count = 10; /* header length */ | ||
| 2923 | for (j = 0; j < f->os_desc_n; ++j) { | ||
| 2924 | if (interface != f->os_desc_table[j].if_id) | ||
| 2925 | continue; | ||
| 2926 | d = f->os_desc_table[j].os_desc; | ||
| 2927 | if (d) | ||
| 2928 | list_for_each_entry(ext_prop, &d->ext_prop, entry) { | ||
| 2929 | - /* 4kB minus header length */ | ||
| 2930 | - n = buf - start; | ||
| 2931 | - if (n >= 4086) | ||
| 2932 | - return 0; | ||
| 2933 | - | ||
| 2934 | - count = ext_prop->data_len + | ||
| 2935 | + n = ext_prop->data_len + | ||
| 2936 | ext_prop->name_len + 14; | ||
| 2937 | - if (count > 4086 - n) | ||
| 2938 | - return -EINVAL; | ||
| 2939 | - usb_ext_prop_put_size(buf, count); | ||
| 2940 | + if (count + n >= USB_COMP_EP0_OS_DESC_BUFSIZ) | ||
| 2941 | + return count; | ||
| 2942 | + usb_ext_prop_put_size(buf, n); | ||
| 2943 | usb_ext_prop_put_type(buf, ext_prop->type); | ||
| 2944 | ret = usb_ext_prop_put_name(buf, ext_prop->name, | ||
| 2945 | ext_prop->name_len); | ||
| 2946 | @@ -1540,11 +1537,12 @@ static int fill_ext_prop(struct usb_configuration *c, int interface, u8 *buf) | ||
| 2947 | default: | ||
| 2948 | return -EINVAL; | ||
| 2949 | } | ||
| 2950 | - buf += count; | ||
| 2951 | + buf += n; | ||
| 2952 | + count += n; | ||
| 2953 | } | ||
| 2954 | } | ||
| 2955 | |||
| 2956 | - return 0; | ||
| 2957 | + return count; | ||
| 2958 | } | ||
| 2959 | |||
| 2960 | /* | ||
| 2961 | @@ -1822,6 +1820,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl) | ||
| 2962 | req->complete = composite_setup_complete; | ||
| 2963 | buf = req->buf; | ||
| 2964 | os_desc_cfg = cdev->os_desc_config; | ||
| 2965 | + w_length = min_t(u16, w_length, USB_COMP_EP0_OS_DESC_BUFSIZ); | ||
| 2966 | memset(buf, 0, w_length); | ||
| 2967 | buf[5] = 0x01; | ||
| 2968 | switch (ctrl->bRequestType & USB_RECIP_MASK) { | ||
| 2969 | @@ -1845,8 +1844,8 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl) | ||
| 2970 | count += 16; /* header */ | ||
| 2971 | put_unaligned_le32(count, buf); | ||
| 2972 | buf += 16; | ||
| 2973 | - fill_ext_compat(os_desc_cfg, buf); | ||
| 2974 | - value = w_length; | ||
| 2975 | + value = fill_ext_compat(os_desc_cfg, buf); | ||
| 2976 | + value = min_t(u16, w_length, value); | ||
| 2977 | } | ||
| 2978 | break; | ||
| 2979 | case USB_RECIP_INTERFACE: | ||
| 2980 | @@ -1875,8 +1874,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl) | ||
| 2981 | interface, buf); | ||
| 2982 | if (value < 0) | ||
| 2983 | return value; | ||
| 2984 | - | ||
| 2985 | - value = w_length; | ||
| 2986 | + value = min_t(u16, w_length, value); | ||
| 2987 | } | ||
| 2988 | break; | ||
| 2989 | } | ||
| 2990 | @@ -2151,8 +2149,8 @@ int composite_os_desc_req_prepare(struct usb_composite_dev *cdev, | ||
| 2991 | goto end; | ||
| 2992 | } | ||
| 2993 | |||
| 2994 | - /* OS feature descriptor length <= 4kB */ | ||
| 2995 | - cdev->os_desc_req->buf = kmalloc(4096, GFP_KERNEL); | ||
| 2996 | + cdev->os_desc_req->buf = kmalloc(USB_COMP_EP0_OS_DESC_BUFSIZ, | ||
| 2997 | + GFP_KERNEL); | ||
| 2998 | if (!cdev->os_desc_req->buf) { | ||
| 2999 | ret = -ENOMEM; | ||
| 3000 | usb_ep_free_request(ep0, cdev->os_desc_req); | ||
| 3001 | diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c | ||
| 3002 | index 071346973dd6..af72224f8ba2 100644 | ||
| 3003 | --- a/drivers/usb/gadget/function/f_fs.c | ||
| 3004 | +++ b/drivers/usb/gadget/function/f_fs.c | ||
| 3005 | @@ -759,9 +759,13 @@ static void ffs_user_copy_worker(struct work_struct *work) | ||
| 3006 | bool kiocb_has_eventfd = io_data->kiocb->ki_flags & IOCB_EVENTFD; | ||
| 3007 | |||
| 3008 | if (io_data->read && ret > 0) { | ||
| 3009 | + mm_segment_t oldfs = get_fs(); | ||
| 3010 | + | ||
| 3011 | + set_fs(USER_DS); | ||
| 3012 | use_mm(io_data->mm); | ||
| 3013 | ret = ffs_copy_to_iter(io_data->buf, ret, &io_data->data); | ||
| 3014 | unuse_mm(io_data->mm); | ||
| 3015 | + set_fs(oldfs); | ||
| 3016 | } | ||
| 3017 | |||
| 3018 | io_data->kiocb->ki_complete(io_data->kiocb, ret, ret); | ||
| 3019 | @@ -3239,7 +3243,7 @@ static int ffs_func_setup(struct usb_function *f, | ||
| 3020 | __ffs_event_add(ffs, FUNCTIONFS_SETUP); | ||
| 3021 | spin_unlock_irqrestore(&ffs->ev.waitq.lock, flags); | ||
| 3022 | |||
| 3023 | - return 0; | ||
| 3024 | + return USB_GADGET_DELAYED_STATUS; | ||
| 3025 | } | ||
| 3026 | |||
| 3027 | static bool ffs_func_req_match(struct usb_function *f, | ||
| 3028 | diff --git a/drivers/usb/gadget/function/f_uac2.c b/drivers/usb/gadget/function/f_uac2.c | ||
| 3029 | index 969cfe741380..5474b5187be0 100644 | ||
| 3030 | --- a/drivers/usb/gadget/function/f_uac2.c | ||
| 3031 | +++ b/drivers/usb/gadget/function/f_uac2.c | ||
| 3032 | @@ -1040,6 +1040,8 @@ afunc_bind(struct usb_configuration *cfg, struct usb_function *fn) | ||
| 3033 | dev_err(dev, "%s:%d Error!\n", __func__, __LINE__); | ||
| 3034 | return ret; | ||
| 3035 | } | ||
| 3036 | + iad_desc.bFirstInterface = ret; | ||
| 3037 | + | ||
| 3038 | std_ac_if_desc.bInterfaceNumber = ret; | ||
| 3039 | agdev->ac_intf = ret; | ||
| 3040 | agdev->ac_alt = 0; | ||
| 3041 | diff --git a/drivers/usb/gadget/udc/core.c b/drivers/usb/gadget/udc/core.c | ||
| 3042 | index 188961780b8a..139f6cce30b1 100644 | ||
| 3043 | --- a/drivers/usb/gadget/udc/core.c | ||
| 3044 | +++ b/drivers/usb/gadget/udc/core.c | ||
| 3045 | @@ -190,8 +190,8 @@ EXPORT_SYMBOL_GPL(usb_ep_alloc_request); | ||
| 3046 | void usb_ep_free_request(struct usb_ep *ep, | ||
| 3047 | struct usb_request *req) | ||
| 3048 | { | ||
| 3049 | - ep->ops->free_request(ep, req); | ||
| 3050 | trace_usb_ep_free_request(ep, req, 0); | ||
| 3051 | + ep->ops->free_request(ep, req); | ||
| 3052 | } | ||
| 3053 | EXPORT_SYMBOL_GPL(usb_ep_free_request); | ||
| 3054 | |||
| 3055 | diff --git a/drivers/usb/gadget/udc/fsl_udc_core.c b/drivers/usb/gadget/udc/fsl_udc_core.c | ||
| 3056 | index aac0ce8aeb0b..8991a4070792 100644 | ||
| 3057 | --- a/drivers/usb/gadget/udc/fsl_udc_core.c | ||
| 3058 | +++ b/drivers/usb/gadget/udc/fsl_udc_core.c | ||
| 3059 | @@ -1310,7 +1310,7 @@ static void udc_reset_ep_queue(struct fsl_udc *udc, u8 pipe) | ||
| 3060 | { | ||
| 3061 | struct fsl_ep *ep = get_ep_by_pipe(udc, pipe); | ||
| 3062 | |||
| 3063 | - if (ep->name) | ||
| 3064 | + if (ep->ep.name) | ||
| 3065 | nuke(ep, -ESHUTDOWN); | ||
| 3066 | } | ||
| 3067 | |||
| 3068 | @@ -1698,7 +1698,7 @@ static void dtd_complete_irq(struct fsl_udc *udc) | ||
| 3069 | curr_ep = get_ep_by_pipe(udc, i); | ||
| 3070 | |||
| 3071 | /* If the ep is configured */ | ||
| 3072 | - if (curr_ep->name == NULL) { | ||
| 3073 | + if (!curr_ep->ep.name) { | ||
| 3074 | WARNING("Invalid EP?"); | ||
| 3075 | continue; | ||
| 3076 | } | ||
| 3077 | diff --git a/drivers/usb/gadget/udc/goku_udc.h b/drivers/usb/gadget/udc/goku_udc.h | ||
| 3078 | index 86d2adafe149..64eb0f2b5ea0 100644 | ||
| 3079 | --- a/drivers/usb/gadget/udc/goku_udc.h | ||
| 3080 | +++ b/drivers/usb/gadget/udc/goku_udc.h | ||
| 3081 | @@ -28,7 +28,7 @@ struct goku_udc_regs { | ||
| 3082 | # define INT_EP1DATASET 0x00040 | ||
| 3083 | # define INT_EP2DATASET 0x00080 | ||
| 3084 | # define INT_EP3DATASET 0x00100 | ||
| 3085 | -#define INT_EPnNAK(n) (0x00100 < (n)) /* 0 < n < 4 */ | ||
| 3086 | +#define INT_EPnNAK(n) (0x00100 << (n)) /* 0 < n < 4 */ | ||
| 3087 | # define INT_EP1NAK 0x00200 | ||
| 3088 | # define INT_EP2NAK 0x00400 | ||
| 3089 | # define INT_EP3NAK 0x00800 | ||
| 3090 | diff --git a/drivers/usb/host/ohci-hcd.c b/drivers/usb/host/ohci-hcd.c | ||
| 3091 | index a646ca3b0d00..1afb76e8b1a5 100644 | ||
| 3092 | --- a/drivers/usb/host/ohci-hcd.c | ||
| 3093 | +++ b/drivers/usb/host/ohci-hcd.c | ||
| 3094 | @@ -446,7 +446,8 @@ static int ohci_init (struct ohci_hcd *ohci) | ||
| 3095 | struct usb_hcd *hcd = ohci_to_hcd(ohci); | ||
| 3096 | |||
| 3097 | /* Accept arbitrarily long scatter-gather lists */ | ||
| 3098 | - hcd->self.sg_tablesize = ~0; | ||
| 3099 | + if (!(hcd->driver->flags & HCD_LOCAL_MEM)) | ||
| 3100 | + hcd->self.sg_tablesize = ~0; | ||
| 3101 | |||
| 3102 | if (distrust_firmware) | ||
| 3103 | ohci->flags |= OHCI_QUIRK_HUB_POWER; | ||
| 3104 | diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c | ||
| 3105 | index 3b7d69ca83be..48bdab4fdc8f 100644 | ||
| 3106 | --- a/drivers/usb/host/xhci-mem.c | ||
| 3107 | +++ b/drivers/usb/host/xhci-mem.c | ||
| 3108 | @@ -975,6 +975,8 @@ void xhci_free_virt_device(struct xhci_hcd *xhci, int slot_id) | ||
| 3109 | if (dev->out_ctx) | ||
| 3110 | xhci_free_container_ctx(xhci, dev->out_ctx); | ||
| 3111 | |||
| 3112 | + if (dev->udev && dev->udev->slot_id) | ||
| 3113 | + dev->udev->slot_id = 0; | ||
| 3114 | kfree(xhci->devs[slot_id]); | ||
| 3115 | xhci->devs[slot_id] = NULL; | ||
| 3116 | } | ||
| 3117 | diff --git a/fs/ext2/inode.c b/fs/ext2/inode.c | ||
| 3118 | index 41b8b44a391c..85449a6ddc56 100644 | ||
| 3119 | --- a/fs/ext2/inode.c | ||
| 3120 | +++ b/fs/ext2/inode.c | ||
| 3121 | @@ -1258,21 +1258,11 @@ static void __ext2_truncate_blocks(struct inode *inode, loff_t offset) | ||
| 3122 | |||
| 3123 | static void ext2_truncate_blocks(struct inode *inode, loff_t offset) | ||
| 3124 | { | ||
| 3125 | - /* | ||
| 3126 | - * XXX: it seems like a bug here that we don't allow | ||
| 3127 | - * IS_APPEND inode to have blocks-past-i_size trimmed off. | ||
| 3128 | - * review and fix this. | ||
| 3129 | - * | ||
| 3130 | - * Also would be nice to be able to handle IO errors and such, | ||
| 3131 | - * but that's probably too much to ask. | ||
| 3132 | - */ | ||
| 3133 | if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode) || | ||
| 3134 | S_ISLNK(inode->i_mode))) | ||
| 3135 | return; | ||
| 3136 | if (ext2_inode_is_fast_symlink(inode)) | ||
| 3137 | return; | ||
| 3138 | - if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) | ||
| 3139 | - return; | ||
| 3140 | |||
| 3141 | dax_sem_down_write(EXT2_I(inode)); | ||
| 3142 | __ext2_truncate_blocks(inode, offset); | ||
| 3143 | diff --git a/fs/hfsplus/super.c b/fs/hfsplus/super.c | ||
| 3144 | index 11854dd84572..b9563cdcfe28 100644 | ||
| 3145 | --- a/fs/hfsplus/super.c | ||
| 3146 | +++ b/fs/hfsplus/super.c | ||
| 3147 | @@ -588,6 +588,7 @@ static int hfsplus_fill_super(struct super_block *sb, void *data, int silent) | ||
| 3148 | return 0; | ||
| 3149 | |||
| 3150 | out_put_hidden_dir: | ||
| 3151 | + cancel_delayed_work_sync(&sbi->sync_work); | ||
| 3152 | iput(sbi->hidden_dir); | ||
| 3153 | out_put_root: | ||
| 3154 | dput(sb->s_root); | ||
| 3155 | diff --git a/include/linux/usb/composite.h b/include/linux/usb/composite.h | ||
| 3156 | index 4616a49a1c2e..667d20454a21 100644 | ||
| 3157 | --- a/include/linux/usb/composite.h | ||
| 3158 | +++ b/include/linux/usb/composite.h | ||
| 3159 | @@ -53,6 +53,9 @@ | ||
| 3160 | /* big enough to hold our biggest descriptor */ | ||
| 3161 | #define USB_COMP_EP0_BUFSIZ 1024 | ||
| 3162 | |||
| 3163 | +/* OS feature descriptor length <= 4kB */ | ||
| 3164 | +#define USB_COMP_EP0_OS_DESC_BUFSIZ 4096 | ||
| 3165 | + | ||
| 3166 | #define USB_MS_TO_HS_INTERVAL(x) (ilog2((x * 1000 / 125)) + 1) | ||
| 3167 | struct usb_configuration; | ||
| 3168 | |||
| 3169 | diff --git a/include/uapi/linux/nl80211.h b/include/uapi/linux/nl80211.h | ||
| 3170 | index d3cbe48b286d..7290eacc8cee 100644 | ||
| 3171 | --- a/include/uapi/linux/nl80211.h | ||
| 3172 | +++ b/include/uapi/linux/nl80211.h | ||
| 3173 | @@ -2379,6 +2379,8 @@ enum nl80211_attrs { | ||
| 3174 | #define NL80211_ATTR_KEYS NL80211_ATTR_KEYS | ||
| 3175 | #define NL80211_ATTR_FEATURE_FLAGS NL80211_ATTR_FEATURE_FLAGS | ||
| 3176 | |||
| 3177 | +#define NL80211_WIPHY_NAME_MAXLEN 128 | ||
| 3178 | + | ||
| 3179 | #define NL80211_MAX_SUPP_RATES 32 | ||
| 3180 | #define NL80211_MAX_SUPP_HT_RATES 77 | ||
| 3181 | #define NL80211_MAX_SUPP_REG_RULES 64 | ||
| 3182 | diff --git a/net/core/sock.c b/net/core/sock.c | ||
| 3183 | index e3b60460dc9c..1c4c43483b54 100644 | ||
| 3184 | --- a/net/core/sock.c | ||
| 3185 | +++ b/net/core/sock.c | ||
| 3186 | @@ -1457,7 +1457,7 @@ void sk_destruct(struct sock *sk) | ||
| 3187 | |||
| 3188 | static void __sk_free(struct sock *sk) | ||
| 3189 | { | ||
| 3190 | - if (unlikely(sock_diag_has_destroy_listeners(sk) && sk->sk_net_refcnt)) | ||
| 3191 | + if (unlikely(sk->sk_net_refcnt && sock_diag_has_destroy_listeners(sk))) | ||
| 3192 | sock_diag_broadcast_destroy(sk); | ||
| 3193 | else | ||
| 3194 | sk_destruct(sk); | ||
| 3195 | diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c | ||
| 3196 | index 2c3c1a223df4..3b1f3bc8becb 100644 | ||
| 3197 | --- a/net/ipv4/ip_output.c | ||
| 3198 | +++ b/net/ipv4/ip_output.c | ||
| 3199 | @@ -1076,7 +1076,8 @@ static int __ip_append_data(struct sock *sk, | ||
| 3200 | if (copy > length) | ||
| 3201 | copy = length; | ||
| 3202 | |||
| 3203 | - if (!(rt->dst.dev->features&NETIF_F_SG)) { | ||
| 3204 | + if (!(rt->dst.dev->features&NETIF_F_SG) && | ||
| 3205 | + skb_tailroom(skb) >= copy) { | ||
| 3206 | unsigned int off; | ||
| 3207 | |||
| 3208 | off = skb->len; | ||
| 3209 | diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c | ||
| 3210 | index a69606031e5f..f07a0a1c98ff 100644 | ||
| 3211 | --- a/net/ipv4/tcp_output.c | ||
| 3212 | +++ b/net/ipv4/tcp_output.c | ||
| 3213 | @@ -2691,8 +2691,10 @@ int __tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb, int segs) | ||
| 3214 | return -EBUSY; | ||
| 3215 | |||
| 3216 | if (before(TCP_SKB_CB(skb)->seq, tp->snd_una)) { | ||
| 3217 | - if (before(TCP_SKB_CB(skb)->end_seq, tp->snd_una)) | ||
| 3218 | - BUG(); | ||
| 3219 | + if (unlikely(before(TCP_SKB_CB(skb)->end_seq, tp->snd_una))) { | ||
| 3220 | + WARN_ON_ONCE(1); | ||
| 3221 | + return -EINVAL; | ||
| 3222 | + } | ||
| 3223 | if (tcp_trim_head(sk, skb, tp->snd_una - TCP_SKB_CB(skb)->seq)) | ||
| 3224 | return -ENOMEM; | ||
| 3225 | } | ||
| 3226 | @@ -3236,6 +3238,7 @@ static void tcp_connect_init(struct sock *sk) | ||
| 3227 | sock_reset_flag(sk, SOCK_DONE); | ||
| 3228 | tp->snd_wnd = 0; | ||
| 3229 | tcp_init_wl(tp, 0); | ||
| 3230 | + tcp_write_queue_purge(sk); | ||
| 3231 | tp->snd_una = tp->write_seq; | ||
| 3232 | tp->snd_sml = tp->write_seq; | ||
| 3233 | tp->snd_up = tp->write_seq; | ||
| 3234 | diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c | ||
| 3235 | index 58a6eeeacbf7..e8560031a0be 100644 | ||
| 3236 | --- a/net/ipv6/ip6_output.c | ||
| 3237 | +++ b/net/ipv6/ip6_output.c | ||
| 3238 | @@ -1545,7 +1545,8 @@ static int __ip6_append_data(struct sock *sk, | ||
| 3239 | if (copy > length) | ||
| 3240 | copy = length; | ||
| 3241 | |||
| 3242 | - if (!(rt->dst.dev->features&NETIF_F_SG)) { | ||
| 3243 | + if (!(rt->dst.dev->features&NETIF_F_SG) && | ||
| 3244 | + skb_tailroom(skb) >= copy) { | ||
| 3245 | unsigned int off; | ||
| 3246 | |||
| 3247 | off = skb->len; | ||
| 3248 | diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c | ||
| 3249 | index a027f8c00944..b2b50756263b 100644 | ||
| 3250 | --- a/net/packet/af_packet.c | ||
| 3251 | +++ b/net/packet/af_packet.c | ||
| 3252 | @@ -2910,13 +2910,15 @@ static int packet_snd(struct socket *sock, struct msghdr *msg, size_t len) | ||
| 3253 | if (skb == NULL) | ||
| 3254 | goto out_unlock; | ||
| 3255 | |||
| 3256 | - skb_set_network_header(skb, reserve); | ||
| 3257 | + skb_reset_network_header(skb); | ||
| 3258 | |||
| 3259 | err = -EINVAL; | ||
| 3260 | if (sock->type == SOCK_DGRAM) { | ||
| 3261 | offset = dev_hard_header(skb, dev, ntohs(proto), addr, NULL, len); | ||
| 3262 | if (unlikely(offset < 0)) | ||
| 3263 | goto out_free; | ||
| 3264 | + } else if (reserve) { | ||
| 3265 | + skb_push(skb, reserve); | ||
| 3266 | } | ||
| 3267 | |||
| 3268 | /* Returns -EFAULT on error */ | ||
| 3269 | diff --git a/net/wireless/core.c b/net/wireless/core.c | ||
| 3270 | index ce16da2905dc..7fbf4dd07277 100644 | ||
| 3271 | --- a/net/wireless/core.c | ||
| 3272 | +++ b/net/wireless/core.c | ||
| 3273 | @@ -95,6 +95,9 @@ static int cfg80211_dev_check_name(struct cfg80211_registered_device *rdev, | ||
| 3274 | |||
| 3275 | ASSERT_RTNL(); | ||
| 3276 | |||
| 3277 | + if (strlen(newname) > NL80211_WIPHY_NAME_MAXLEN) | ||
| 3278 | + return -EINVAL; | ||
| 3279 | + | ||
| 3280 | /* prohibit calling the thing phy%d when %d is not its number */ | ||
| 3281 | sscanf(newname, PHY_NAME "%d%n", &wiphy_idx, &taken); | ||
| 3282 | if (taken == strlen(newname) && wiphy_idx != rdev->wiphy_idx) { | ||
| 3283 | diff --git a/sound/soc/au1x/ac97c.c b/sound/soc/au1x/ac97c.c | ||
| 3284 | index 29a97d52e8ad..66d6c52e7761 100644 | ||
| 3285 | --- a/sound/soc/au1x/ac97c.c | ||
| 3286 | +++ b/sound/soc/au1x/ac97c.c | ||
| 3287 | @@ -91,8 +91,8 @@ static unsigned short au1xac97c_ac97_read(struct snd_ac97 *ac97, | ||
| 3288 | do { | ||
| 3289 | mutex_lock(&ctx->lock); | ||
| 3290 | |||
| 3291 | - tmo = 5; | ||
| 3292 | - while ((RD(ctx, AC97_STATUS) & STAT_CP) && tmo--) | ||
| 3293 | + tmo = 6; | ||
| 3294 | + while ((RD(ctx, AC97_STATUS) & STAT_CP) && --tmo) | ||
| 3295 | udelay(21); /* wait an ac97 frame time */ | ||
| 3296 | if (!tmo) { | ||
| 3297 | pr_debug("ac97rd timeout #1\n"); | ||
| 3298 | @@ -105,7 +105,7 @@ static unsigned short au1xac97c_ac97_read(struct snd_ac97 *ac97, | ||
| 3299 | * poll, Forrest, poll... | ||
| 3300 | */ | ||
| 3301 | tmo = 0x10000; | ||
| 3302 | - while ((RD(ctx, AC97_STATUS) & STAT_CP) && tmo--) | ||
| 3303 | + while ((RD(ctx, AC97_STATUS) & STAT_CP) && --tmo) | ||
| 3304 | asm volatile ("nop"); | ||
| 3305 | data = RD(ctx, AC97_CMDRESP); | ||
| 3306 | |||
| 3307 | diff --git a/sound/soc/samsung/i2s.c b/sound/soc/samsung/i2s.c | ||
| 3308 | index 85324e61cbd5..2d14e37ddc3f 100644 | ||
| 3309 | --- a/sound/soc/samsung/i2s.c | ||
| 3310 | +++ b/sound/soc/samsung/i2s.c | ||
| 3311 | @@ -642,8 +642,12 @@ static int i2s_set_fmt(struct snd_soc_dai *dai, | ||
| 3312 | tmp |= mod_slave; | ||
| 3313 | break; | ||
| 3314 | case SND_SOC_DAIFMT_CBS_CFS: | ||
| 3315 | - /* Set default source clock in Master mode */ | ||
| 3316 | - if (i2s->rclk_srcrate == 0) | ||
| 3317 | + /* | ||
| 3318 | + * Set default source clock in Master mode, only when the | ||
| 3319 | + * CLK_I2S_RCLK_SRC clock is not exposed so we ensure any | ||
| 3320 | + * clock configuration assigned in DT is not overwritten. | ||
| 3321 | + */ | ||
| 3322 | + if (i2s->rclk_srcrate == 0 && i2s->clk_data.clks == NULL) | ||
| 3323 | i2s_set_sysclk(dai, SAMSUNG_I2S_RCLKSRC_0, | ||
| 3324 | 0, SND_SOC_CLOCK_IN); | ||
| 3325 | break; | ||
| 3326 | @@ -858,6 +862,11 @@ static int config_setup(struct i2s_dai *i2s) | ||
| 3327 | return 0; | ||
| 3328 | |||
| 3329 | if (!(i2s->quirks & QUIRK_NO_MUXPSR)) { | ||
| 3330 | + struct clk *rclksrc = i2s->clk_table[CLK_I2S_RCLK_SRC]; | ||
| 3331 | + | ||
| 3332 | + if (i2s->rclk_srcrate == 0 && rclksrc && !IS_ERR(rclksrc)) | ||
| 3333 | + i2s->rclk_srcrate = clk_get_rate(rclksrc); | ||
| 3334 | + | ||
| 3335 | psr = i2s->rclk_srcrate / i2s->frmclk / rfs; | ||
| 3336 | writel(((psr - 1) << 8) | PSR_PSREN, i2s->addr + I2SPSR); | ||
| 3337 | dev_dbg(&i2s->pdev->dev, | ||
| 3338 | diff --git a/sound/soc/soc-topology.c b/sound/soc/soc-topology.c | ||
| 3339 | index 8a758c994506..d6b48c796bfc 100644 | ||
| 3340 | --- a/sound/soc/soc-topology.c | ||
| 3341 | +++ b/sound/soc/soc-topology.c | ||
| 3342 | @@ -1180,6 +1180,9 @@ static struct snd_kcontrol_new *soc_tplg_dapm_widget_dmixer_create( | ||
| 3343 | kfree(sm); | ||
| 3344 | continue; | ||
| 3345 | } | ||
| 3346 | + | ||
| 3347 | + /* create any TLV data */ | ||
| 3348 | + soc_tplg_create_tlv(tplg, &kc[i], &mc->hdr); | ||
| 3349 | } | ||
| 3350 | return kc; | ||
| 3351 | |||
| 3352 | diff --git a/sound/usb/quirks.c b/sound/usb/quirks.c | ||
| 3353 | index 45655b9108e8..da9fc08b20bb 100644 | ||
| 3354 | --- a/sound/usb/quirks.c | ||
| 3355 | +++ b/sound/usb/quirks.c | ||
| 3356 | @@ -1153,24 +1153,27 @@ bool snd_usb_get_sample_rate_quirk(struct snd_usb_audio *chip) | ||
| 3357 | return false; | ||
| 3358 | } | ||
| 3359 | |||
| 3360 | -/* Marantz/Denon USB DACs need a vendor cmd to switch | ||
| 3361 | +/* ITF-USB DSD based DACs need a vendor cmd to switch | ||
| 3362 | * between PCM and native DSD mode | ||
| 3363 | + * (2 altsets version) | ||
| 3364 | */ | ||
| 3365 | -static bool is_marantz_denon_dac(unsigned int id) | ||
| 3366 | +static bool is_itf_usb_dsd_2alts_dac(unsigned int id) | ||
| 3367 | { | ||
| 3368 | switch (id) { | ||
| 3369 | case USB_ID(0x154e, 0x1003): /* Denon DA-300USB */ | ||
| 3370 | case USB_ID(0x154e, 0x3005): /* Marantz HD-DAC1 */ | ||
| 3371 | case USB_ID(0x154e, 0x3006): /* Marantz SA-14S1 */ | ||
| 3372 | + case USB_ID(0x1852, 0x5065): /* Luxman DA-06 */ | ||
| 3373 | return true; | ||
| 3374 | } | ||
| 3375 | return false; | ||
| 3376 | } | ||
| 3377 | |||
| 3378 | -/* TEAC UD-501/UD-503/NT-503 USB DACs need a vendor cmd to switch | ||
| 3379 | - * between PCM/DOP and native DSD mode | ||
| 3380 | +/* ITF-USB DSD based DACs need a vendor cmd to switch | ||
| 3381 | + * between PCM and native DSD mode | ||
| 3382 | + * (3 altsets version) | ||
| 3383 | */ | ||
| 3384 | -static bool is_teac_dsd_dac(unsigned int id) | ||
| 3385 | +static bool is_itf_usb_dsd_3alts_dac(unsigned int id) | ||
| 3386 | { | ||
| 3387 | switch (id) { | ||
| 3388 | case USB_ID(0x0644, 0x8043): /* TEAC UD-501/UD-503/NT-503 */ | ||
| 3389 | @@ -1187,7 +1190,7 @@ int snd_usb_select_mode_quirk(struct snd_usb_substream *subs, | ||
| 3390 | struct usb_device *dev = subs->dev; | ||
| 3391 | int err; | ||
| 3392 | |||
| 3393 | - if (is_marantz_denon_dac(subs->stream->chip->usb_id)) { | ||
| 3394 | + if (is_itf_usb_dsd_2alts_dac(subs->stream->chip->usb_id)) { | ||
| 3395 | /* First switch to alt set 0, otherwise the mode switch cmd | ||
| 3396 | * will not be accepted by the DAC | ||
| 3397 | */ | ||
| 3398 | @@ -1208,7 +1211,7 @@ int snd_usb_select_mode_quirk(struct snd_usb_substream *subs, | ||
| 3399 | break; | ||
| 3400 | } | ||
| 3401 | mdelay(20); | ||
| 3402 | - } else if (is_teac_dsd_dac(subs->stream->chip->usb_id)) { | ||
| 3403 | + } else if (is_itf_usb_dsd_3alts_dac(subs->stream->chip->usb_id)) { | ||
| 3404 | /* Vendor mode switch cmd is required. */ | ||
| 3405 | switch (fmt->altsetting) { | ||
| 3406 | case 3: /* DSD mode (DSD_U32) requested */ | ||
| 3407 | @@ -1304,10 +1307,10 @@ void snd_usb_ctl_msg_quirk(struct usb_device *dev, unsigned int pipe, | ||
| 3408 | (requesttype & USB_TYPE_MASK) == USB_TYPE_CLASS) | ||
| 3409 | mdelay(20); | ||
| 3410 | |||
| 3411 | - /* Marantz/Denon devices with USB DAC functionality need a delay | ||
| 3412 | + /* ITF-USB DSD based DACs functionality need a delay | ||
| 3413 | * after each class compliant request | ||
| 3414 | */ | ||
| 3415 | - if (is_marantz_denon_dac(chip->usb_id) | ||
| 3416 | + if (is_itf_usb_dsd_2alts_dac(chip->usb_id) | ||
| 3417 | && (requesttype & USB_TYPE_MASK) == USB_TYPE_CLASS) | ||
| 3418 | mdelay(20); | ||
| 3419 | |||
| 3420 | @@ -1371,14 +1374,14 @@ u64 snd_usb_interface_dsd_format_quirks(struct snd_usb_audio *chip, | ||
| 3421 | break; | ||
| 3422 | } | ||
| 3423 | |||
| 3424 | - /* Denon/Marantz devices with USB DAC functionality */ | ||
| 3425 | - if (is_marantz_denon_dac(chip->usb_id)) { | ||
| 3426 | + /* ITF-USB DSD based DACs (2 altsets version) */ | ||
| 3427 | + if (is_itf_usb_dsd_2alts_dac(chip->usb_id)) { | ||
| 3428 | if (fp->altsetting == 2) | ||
| 3429 | return SNDRV_PCM_FMTBIT_DSD_U32_BE; | ||
| 3430 | } | ||
| 3431 | |||
| 3432 | - /* TEAC devices with USB DAC functionality */ | ||
| 3433 | - if (is_teac_dsd_dac(chip->usb_id)) { | ||
| 3434 | + /* ITF-USB DSD based DACs (3 altsets version) */ | ||
| 3435 | + if (is_itf_usb_dsd_3alts_dac(chip->usb_id)) { | ||
| 3436 | if (fp->altsetting == 3) | ||
| 3437 | return SNDRV_PCM_FMTBIT_DSD_U32_BE; | ||
| 3438 | } |