Annotation of /trunk/kernel-alx/patches-5.4/0243-5.4.144-all-fixes.patch
Parent Directory
| 
Revision Log
Revision 3637 -
(hide annotations)
(download)
Mon Oct 24 12:40:44 2022 UTC (19 months, 2 weeks ago) by niro
File size: 55709 byte(s)
Mon Oct 24 12:40:44 2022 UTC (19 months, 2 weeks ago) by niro
File size: 55709 byte(s)
-add missing
| 1 | niro | 3637 | diff --git a/Makefile b/Makefile |
| 2 | index e99fabc4dfc8c..3c3804197b511 100644 | ||
| 3 | --- a/Makefile | ||
| 4 | +++ b/Makefile | ||
| 5 | @@ -1,7 +1,7 @@ | ||
| 6 | # SPDX-License-Identifier: GPL-2.0 | ||
| 7 | VERSION = 5 | ||
| 8 | PATCHLEVEL = 4 | ||
| 9 | -SUBLEVEL = 143 | ||
| 10 | +SUBLEVEL = 144 | ||
| 11 | EXTRAVERSION = | ||
| 12 | NAME = Kleptomaniac Octopus | ||
| 13 | |||
| 14 | diff --git a/arch/arc/kernel/vmlinux.lds.S b/arch/arc/kernel/vmlinux.lds.S | ||
| 15 | index 6c693a9d29b6d..0391b8293ad85 100644 | ||
| 16 | --- a/arch/arc/kernel/vmlinux.lds.S | ||
| 17 | +++ b/arch/arc/kernel/vmlinux.lds.S | ||
| 18 | @@ -88,6 +88,8 @@ SECTIONS | ||
| 19 | CPUIDLE_TEXT | ||
| 20 | LOCK_TEXT | ||
| 21 | KPROBES_TEXT | ||
| 22 | + IRQENTRY_TEXT | ||
| 23 | + SOFTIRQENTRY_TEXT | ||
| 24 | *(.fixup) | ||
| 25 | *(.gnu.warning) | ||
| 26 | } | ||
| 27 | diff --git a/arch/arm64/boot/dts/qcom/msm8994-angler-rev-101.dts b/arch/arm64/boot/dts/qcom/msm8994-angler-rev-101.dts | ||
| 28 | index a5f9a6ab512c4..9b989cc30edc8 100644 | ||
| 29 | --- a/arch/arm64/boot/dts/qcom/msm8994-angler-rev-101.dts | ||
| 30 | +++ b/arch/arm64/boot/dts/qcom/msm8994-angler-rev-101.dts | ||
| 31 | @@ -30,3 +30,7 @@ | ||
| 32 | }; | ||
| 33 | }; | ||
| 34 | }; | ||
| 35 | + | ||
| 36 | +&msmgpio { | ||
| 37 | + gpio-reserved-ranges = <85 4>; | ||
| 38 | +}; | ||
| 39 | diff --git a/arch/parisc/include/asm/string.h b/arch/parisc/include/asm/string.h | ||
| 40 | index 4a0c9dbd62fd0..f6e1132f4e352 100644 | ||
| 41 | --- a/arch/parisc/include/asm/string.h | ||
| 42 | +++ b/arch/parisc/include/asm/string.h | ||
| 43 | @@ -8,19 +8,4 @@ extern void * memset(void *, int, size_t); | ||
| 44 | #define __HAVE_ARCH_MEMCPY | ||
| 45 | void * memcpy(void * dest,const void *src,size_t count); | ||
| 46 | |||
| 47 | -#define __HAVE_ARCH_STRLEN | ||
| 48 | -extern size_t strlen(const char *s); | ||
| 49 | - | ||
| 50 | -#define __HAVE_ARCH_STRCPY | ||
| 51 | -extern char *strcpy(char *dest, const char *src); | ||
| 52 | - | ||
| 53 | -#define __HAVE_ARCH_STRNCPY | ||
| 54 | -extern char *strncpy(char *dest, const char *src, size_t count); | ||
| 55 | - | ||
| 56 | -#define __HAVE_ARCH_STRCAT | ||
| 57 | -extern char *strcat(char *dest, const char *src); | ||
| 58 | - | ||
| 59 | -#define __HAVE_ARCH_MEMSET | ||
| 60 | -extern void *memset(void *, int, size_t); | ||
| 61 | - | ||
| 62 | #endif | ||
| 63 | diff --git a/arch/parisc/kernel/parisc_ksyms.c b/arch/parisc/kernel/parisc_ksyms.c | ||
| 64 | index 8ed409ecec933..e8a6a751dfd8e 100644 | ||
| 65 | --- a/arch/parisc/kernel/parisc_ksyms.c | ||
| 66 | +++ b/arch/parisc/kernel/parisc_ksyms.c | ||
| 67 | @@ -17,10 +17,6 @@ | ||
| 68 | |||
| 69 | #include <linux/string.h> | ||
| 70 | EXPORT_SYMBOL(memset); | ||
| 71 | -EXPORT_SYMBOL(strlen); | ||
| 72 | -EXPORT_SYMBOL(strcpy); | ||
| 73 | -EXPORT_SYMBOL(strncpy); | ||
| 74 | -EXPORT_SYMBOL(strcat); | ||
| 75 | |||
| 76 | #include <linux/atomic.h> | ||
| 77 | EXPORT_SYMBOL(__xchg8); | ||
| 78 | diff --git a/arch/parisc/lib/Makefile b/arch/parisc/lib/Makefile | ||
| 79 | index 2d7a9974dbaef..7b197667faf6c 100644 | ||
| 80 | --- a/arch/parisc/lib/Makefile | ||
| 81 | +++ b/arch/parisc/lib/Makefile | ||
| 82 | @@ -3,7 +3,7 @@ | ||
| 83 | # Makefile for parisc-specific library files | ||
| 84 | # | ||
| 85 | |||
| 86 | -lib-y := lusercopy.o bitops.o checksum.o io.o memcpy.o \ | ||
| 87 | - ucmpdi2.o delay.o string.o | ||
| 88 | +lib-y := lusercopy.o bitops.o checksum.o io.o memset.o memcpy.o \ | ||
| 89 | + ucmpdi2.o delay.o | ||
| 90 | |||
| 91 | obj-y := iomap.o | ||
| 92 | diff --git a/arch/parisc/lib/memset.c b/arch/parisc/lib/memset.c | ||
| 93 | new file mode 100644 | ||
| 94 | index 0000000000000..133e4809859a3 | ||
| 95 | --- /dev/null | ||
| 96 | +++ b/arch/parisc/lib/memset.c | ||
| 97 | @@ -0,0 +1,72 @@ | ||
| 98 | +/* SPDX-License-Identifier: GPL-2.0-or-later */ | ||
| 99 | +#include <linux/types.h> | ||
| 100 | +#include <asm/string.h> | ||
| 101 | + | ||
| 102 | +#define OPSIZ (BITS_PER_LONG/8) | ||
| 103 | +typedef unsigned long op_t; | ||
| 104 | + | ||
| 105 | +void * | ||
| 106 | +memset (void *dstpp, int sc, size_t len) | ||
| 107 | +{ | ||
| 108 | + unsigned int c = sc; | ||
| 109 | + long int dstp = (long int) dstpp; | ||
| 110 | + | ||
| 111 | + if (len >= 8) | ||
| 112 | + { | ||
| 113 | + size_t xlen; | ||
| 114 | + op_t cccc; | ||
| 115 | + | ||
| 116 | + cccc = (unsigned char) c; | ||
| 117 | + cccc |= cccc << 8; | ||
| 118 | + cccc |= cccc << 16; | ||
| 119 | + if (OPSIZ > 4) | ||
| 120 | + /* Do the shift in two steps to avoid warning if long has 32 bits. */ | ||
| 121 | + cccc |= (cccc << 16) << 16; | ||
| 122 | + | ||
| 123 | + /* There are at least some bytes to set. | ||
| 124 | + No need to test for LEN == 0 in this alignment loop. */ | ||
| 125 | + while (dstp % OPSIZ != 0) | ||
| 126 | + { | ||
| 127 | + ((unsigned char *) dstp)[0] = c; | ||
| 128 | + dstp += 1; | ||
| 129 | + len -= 1; | ||
| 130 | + } | ||
| 131 | + | ||
| 132 | + /* Write 8 `op_t' per iteration until less than 8 `op_t' remain. */ | ||
| 133 | + xlen = len / (OPSIZ * 8); | ||
| 134 | + while (xlen > 0) | ||
| 135 | + { | ||
| 136 | + ((op_t *) dstp)[0] = cccc; | ||
| 137 | + ((op_t *) dstp)[1] = cccc; | ||
| 138 | + ((op_t *) dstp)[2] = cccc; | ||
| 139 | + ((op_t *) dstp)[3] = cccc; | ||
| 140 | + ((op_t *) dstp)[4] = cccc; | ||
| 141 | + ((op_t *) dstp)[5] = cccc; | ||
| 142 | + ((op_t *) dstp)[6] = cccc; | ||
| 143 | + ((op_t *) dstp)[7] = cccc; | ||
| 144 | + dstp += 8 * OPSIZ; | ||
| 145 | + xlen -= 1; | ||
| 146 | + } | ||
| 147 | + len %= OPSIZ * 8; | ||
| 148 | + | ||
| 149 | + /* Write 1 `op_t' per iteration until less than OPSIZ bytes remain. */ | ||
| 150 | + xlen = len / OPSIZ; | ||
| 151 | + while (xlen > 0) | ||
| 152 | + { | ||
| 153 | + ((op_t *) dstp)[0] = cccc; | ||
| 154 | + dstp += OPSIZ; | ||
| 155 | + xlen -= 1; | ||
| 156 | + } | ||
| 157 | + len %= OPSIZ; | ||
| 158 | + } | ||
| 159 | + | ||
| 160 | + /* Write the last few bytes. */ | ||
| 161 | + while (len > 0) | ||
| 162 | + { | ||
| 163 | + ((unsigned char *) dstp)[0] = c; | ||
| 164 | + dstp += 1; | ||
| 165 | + len -= 1; | ||
| 166 | + } | ||
| 167 | + | ||
| 168 | + return dstpp; | ||
| 169 | +} | ||
| 170 | diff --git a/arch/parisc/lib/string.S b/arch/parisc/lib/string.S | ||
| 171 | deleted file mode 100644 | ||
| 172 | index 4a64264427a63..0000000000000 | ||
| 173 | --- a/arch/parisc/lib/string.S | ||
| 174 | +++ /dev/null | ||
| 175 | @@ -1,136 +0,0 @@ | ||
| 176 | -// SPDX-License-Identifier: GPL-2.0 | ||
| 177 | -/* | ||
| 178 | - * PA-RISC assembly string functions | ||
| 179 | - * | ||
| 180 | - * Copyright (C) 2019 Helge Deller <deller@gmx.de> | ||
| 181 | - */ | ||
| 182 | - | ||
| 183 | -#include <asm/assembly.h> | ||
| 184 | -#include <linux/linkage.h> | ||
| 185 | - | ||
| 186 | - .section .text.hot | ||
| 187 | - .level PA_ASM_LEVEL | ||
| 188 | - | ||
| 189 | - t0 = r20 | ||
| 190 | - t1 = r21 | ||
| 191 | - t2 = r22 | ||
| 192 | - | ||
| 193 | -ENTRY_CFI(strlen, frame=0,no_calls) | ||
| 194 | - or,COND(<>) arg0,r0,ret0 | ||
| 195 | - b,l,n .Lstrlen_null_ptr,r0 | ||
| 196 | - depwi 0,31,2,ret0 | ||
| 197 | - cmpb,COND(<>) arg0,ret0,.Lstrlen_not_aligned | ||
| 198 | - ldw,ma 4(ret0),t0 | ||
| 199 | - cmpib,tr 0,r0,.Lstrlen_loop | ||
| 200 | - uxor,nbz r0,t0,r0 | ||
| 201 | -.Lstrlen_not_aligned: | ||
| 202 | - uaddcm arg0,ret0,t1 | ||
| 203 | - shladd t1,3,r0,t1 | ||
| 204 | - mtsar t1 | ||
| 205 | - depwi -1,%sar,32,t0 | ||
| 206 | - uxor,nbz r0,t0,r0 | ||
| 207 | -.Lstrlen_loop: | ||
| 208 | - b,l,n .Lstrlen_end_loop,r0 | ||
| 209 | - ldw,ma 4(ret0),t0 | ||
| 210 | - cmpib,tr 0,r0,.Lstrlen_loop | ||
| 211 | - uxor,nbz r0,t0,r0 | ||
| 212 | -.Lstrlen_end_loop: | ||
| 213 | - extrw,u,<> t0,7,8,r0 | ||
| 214 | - addib,tr,n -3,ret0,.Lstrlen_out | ||
| 215 | - extrw,u,<> t0,15,8,r0 | ||
| 216 | - addib,tr,n -2,ret0,.Lstrlen_out | ||
| 217 | - extrw,u,<> t0,23,8,r0 | ||
| 218 | - addi -1,ret0,ret0 | ||
| 219 | -.Lstrlen_out: | ||
| 220 | - bv r0(rp) | ||
| 221 | - uaddcm ret0,arg0,ret0 | ||
| 222 | -.Lstrlen_null_ptr: | ||
| 223 | - bv,n r0(rp) | ||
| 224 | -ENDPROC_CFI(strlen) | ||
| 225 | - | ||
| 226 | - | ||
| 227 | -ENTRY_CFI(strcpy, frame=0,no_calls) | ||
| 228 | - ldb 0(arg1),t0 | ||
| 229 | - stb t0,0(arg0) | ||
| 230 | - ldo 0(arg0),ret0 | ||
| 231 | - ldo 1(arg1),t1 | ||
| 232 | - cmpb,= r0,t0,2f | ||
| 233 | - ldo 1(arg0),t2 | ||
| 234 | -1: ldb 0(t1),arg1 | ||
| 235 | - stb arg1,0(t2) | ||
| 236 | - ldo 1(t1),t1 | ||
| 237 | - cmpb,<> r0,arg1,1b | ||
| 238 | - ldo 1(t2),t2 | ||
| 239 | -2: bv,n r0(rp) | ||
| 240 | -ENDPROC_CFI(strcpy) | ||
| 241 | - | ||
| 242 | - | ||
| 243 | -ENTRY_CFI(strncpy, frame=0,no_calls) | ||
| 244 | - ldb 0(arg1),t0 | ||
| 245 | - stb t0,0(arg0) | ||
| 246 | - ldo 1(arg1),t1 | ||
| 247 | - ldo 0(arg0),ret0 | ||
| 248 | - cmpb,= r0,t0,2f | ||
| 249 | - ldo 1(arg0),arg1 | ||
| 250 | -1: ldo -1(arg2),arg2 | ||
| 251 | - cmpb,COND(=),n r0,arg2,2f | ||
| 252 | - ldb 0(t1),arg0 | ||
| 253 | - stb arg0,0(arg1) | ||
| 254 | - ldo 1(t1),t1 | ||
| 255 | - cmpb,<> r0,arg0,1b | ||
| 256 | - ldo 1(arg1),arg1 | ||
| 257 | -2: bv,n r0(rp) | ||
| 258 | -ENDPROC_CFI(strncpy) | ||
| 259 | - | ||
| 260 | - | ||
| 261 | -ENTRY_CFI(strcat, frame=0,no_calls) | ||
| 262 | - ldb 0(arg0),t0 | ||
| 263 | - cmpb,= t0,r0,2f | ||
| 264 | - ldo 0(arg0),ret0 | ||
| 265 | - ldo 1(arg0),arg0 | ||
| 266 | -1: ldb 0(arg0),t1 | ||
| 267 | - cmpb,<>,n r0,t1,1b | ||
| 268 | - ldo 1(arg0),arg0 | ||
| 269 | -2: ldb 0(arg1),t2 | ||
| 270 | - stb t2,0(arg0) | ||
| 271 | - ldo 1(arg0),arg0 | ||
| 272 | - ldb 0(arg1),t0 | ||
| 273 | - cmpb,<> r0,t0,2b | ||
| 274 | - ldo 1(arg1),arg1 | ||
| 275 | - bv,n r0(rp) | ||
| 276 | -ENDPROC_CFI(strcat) | ||
| 277 | - | ||
| 278 | - | ||
| 279 | -ENTRY_CFI(memset, frame=0,no_calls) | ||
| 280 | - copy arg0,ret0 | ||
| 281 | - cmpb,COND(=) r0,arg0,4f | ||
| 282 | - copy arg0,t2 | ||
| 283 | - cmpb,COND(=) r0,arg2,4f | ||
| 284 | - ldo -1(arg2),arg3 | ||
| 285 | - subi -1,arg3,t0 | ||
| 286 | - subi 0,t0,t1 | ||
| 287 | - cmpiclr,COND(>=) 0,t1,arg2 | ||
| 288 | - ldo -1(t1),arg2 | ||
| 289 | - extru arg2,31,2,arg0 | ||
| 290 | -2: stb arg1,0(t2) | ||
| 291 | - ldo 1(t2),t2 | ||
| 292 | - addib,>= -1,arg0,2b | ||
| 293 | - ldo -1(arg3),arg3 | ||
| 294 | - cmpiclr,COND(<=) 4,arg2,r0 | ||
| 295 | - b,l,n 4f,r0 | ||
| 296 | -#ifdef CONFIG_64BIT | ||
| 297 | - depd,* r0,63,2,arg2 | ||
| 298 | -#else | ||
| 299 | - depw r0,31,2,arg2 | ||
| 300 | -#endif | ||
| 301 | - ldo 1(t2),t2 | ||
| 302 | -3: stb arg1,-1(t2) | ||
| 303 | - stb arg1,0(t2) | ||
| 304 | - stb arg1,1(t2) | ||
| 305 | - stb arg1,2(t2) | ||
| 306 | - addib,COND(>) -4,arg2,3b | ||
| 307 | - ldo 4(t2),t2 | ||
| 308 | -4: bv,n r0(rp) | ||
| 309 | -ENDPROC_CFI(memset) | ||
| 310 | - | ||
| 311 | - .end | ||
| 312 | diff --git a/arch/x86/events/intel/uncore_snbep.c b/arch/x86/events/intel/uncore_snbep.c | ||
| 313 | index 40751af62dd3d..9096a1693942d 100644 | ||
| 314 | --- a/arch/x86/events/intel/uncore_snbep.c | ||
| 315 | +++ b/arch/x86/events/intel/uncore_snbep.c | ||
| 316 | @@ -4382,7 +4382,7 @@ static void snr_uncore_mmio_init_box(struct intel_uncore_box *box) | ||
| 317 | return; | ||
| 318 | |||
| 319 | pci_read_config_dword(pdev, SNR_IMC_MMIO_BASE_OFFSET, &pci_dword); | ||
| 320 | - addr = (pci_dword & SNR_IMC_MMIO_BASE_MASK) << 23; | ||
| 321 | + addr = ((resource_size_t)pci_dword & SNR_IMC_MMIO_BASE_MASK) << 23; | ||
| 322 | |||
| 323 | pci_read_config_dword(pdev, SNR_IMC_MMIO_MEM0_OFFSET, &pci_dword); | ||
| 324 | addr |= (pci_dword & SNR_IMC_MMIO_MEM0_MASK) << 12; | ||
| 325 | diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c | ||
| 326 | index 260c64c205b8c..d3877dd713aef 100644 | ||
| 327 | --- a/arch/x86/kvm/mmu.c | ||
| 328 | +++ b/arch/x86/kvm/mmu.c | ||
| 329 | @@ -4666,7 +4666,15 @@ static void reset_rsvds_bits_mask_ept(struct kvm_vcpu *vcpu, | ||
| 330 | void | ||
| 331 | reset_shadow_zero_bits_mask(struct kvm_vcpu *vcpu, struct kvm_mmu *context) | ||
| 332 | { | ||
| 333 | - bool uses_nx = context->nx || | ||
| 334 | + /* | ||
| 335 | + * KVM uses NX when TDP is disabled to handle a variety of scenarios, | ||
| 336 | + * notably for huge SPTEs if iTLB multi-hit mitigation is enabled and | ||
| 337 | + * to generate correct permissions for CR0.WP=0/CR4.SMEP=1/EFER.NX=0. | ||
| 338 | + * The iTLB multi-hit workaround can be toggled at any time, so assume | ||
| 339 | + * NX can be used by any non-nested shadow MMU to avoid having to reset | ||
| 340 | + * MMU contexts. Note, KVM forces EFER.NX=1 when TDP is disabled. | ||
| 341 | + */ | ||
| 342 | + bool uses_nx = context->nx || !tdp_enabled || | ||
| 343 | context->mmu_role.base.smep_andnot_wp; | ||
| 344 | struct rsvd_bits_validate *shadow_zero_check; | ||
| 345 | int i; | ||
| 346 | diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c | ||
| 347 | index 40ea1a425c431..ac97a1e2e5ddc 100644 | ||
| 348 | --- a/drivers/block/floppy.c | ||
| 349 | +++ b/drivers/block/floppy.c | ||
| 350 | @@ -4063,22 +4063,21 @@ static int floppy_open(struct block_device *bdev, fmode_t mode) | ||
| 351 | if (UFDCS->rawcmd == 1) | ||
| 352 | UFDCS->rawcmd = 2; | ||
| 353 | |||
| 354 | - if (mode & (FMODE_READ|FMODE_WRITE)) { | ||
| 355 | - UDRS->last_checked = 0; | ||
| 356 | - clear_bit(FD_OPEN_SHOULD_FAIL_BIT, &UDRS->flags); | ||
| 357 | - check_disk_change(bdev); | ||
| 358 | - if (test_bit(FD_DISK_CHANGED_BIT, &UDRS->flags)) | ||
| 359 | - goto out; | ||
| 360 | - if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &UDRS->flags)) | ||
| 361 | + if (!(mode & FMODE_NDELAY)) { | ||
| 362 | + if (mode & (FMODE_READ|FMODE_WRITE)) { | ||
| 363 | + UDRS->last_checked = 0; | ||
| 364 | + clear_bit(FD_OPEN_SHOULD_FAIL_BIT, &UDRS->flags); | ||
| 365 | + check_disk_change(bdev); | ||
| 366 | + if (test_bit(FD_DISK_CHANGED_BIT, &UDRS->flags)) | ||
| 367 | + goto out; | ||
| 368 | + if (test_bit(FD_OPEN_SHOULD_FAIL_BIT, &UDRS->flags)) | ||
| 369 | + goto out; | ||
| 370 | + } | ||
| 371 | + res = -EROFS; | ||
| 372 | + if ((mode & FMODE_WRITE) && | ||
| 373 | + !test_bit(FD_DISK_WRITABLE_BIT, &UDRS->flags)) | ||
| 374 | goto out; | ||
| 375 | } | ||
| 376 | - | ||
| 377 | - res = -EROFS; | ||
| 378 | - | ||
| 379 | - if ((mode & FMODE_WRITE) && | ||
| 380 | - !test_bit(FD_DISK_WRITABLE_BIT, &UDRS->flags)) | ||
| 381 | - goto out; | ||
| 382 | - | ||
| 383 | mutex_unlock(&open_lock); | ||
| 384 | mutex_unlock(&floppy_mutex); | ||
| 385 | return 0; | ||
| 386 | diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c | ||
| 387 | index 2cf053fb8d54b..1c691bdb89141 100644 | ||
| 388 | --- a/drivers/gpu/drm/drm_ioc32.c | ||
| 389 | +++ b/drivers/gpu/drm/drm_ioc32.c | ||
| 390 | @@ -863,8 +863,6 @@ static int compat_drm_wait_vblank(struct file *file, unsigned int cmd, | ||
| 391 | req.request.sequence = req32.request.sequence; | ||
| 392 | req.request.signal = req32.request.signal; | ||
| 393 | err = drm_ioctl_kernel(file, drm_wait_vblank_ioctl, &req, DRM_UNLOCKED); | ||
| 394 | - if (err) | ||
| 395 | - return err; | ||
| 396 | |||
| 397 | req32.reply.type = req.reply.type; | ||
| 398 | req32.reply.sequence = req.reply.sequence; | ||
| 399 | @@ -873,7 +871,7 @@ static int compat_drm_wait_vblank(struct file *file, unsigned int cmd, | ||
| 400 | if (copy_to_user(argp, &req32, sizeof(req32))) | ||
| 401 | return -EFAULT; | ||
| 402 | |||
| 403 | - return 0; | ||
| 404 | + return err; | ||
| 405 | } | ||
| 406 | |||
| 407 | #if defined(CONFIG_X86) | ||
| 408 | diff --git a/drivers/gpu/drm/i915/gt/intel_timeline.c b/drivers/gpu/drm/i915/gt/intel_timeline.c | ||
| 409 | index 9cb01d9828f1d..c970e3deb0085 100644 | ||
| 410 | --- a/drivers/gpu/drm/i915/gt/intel_timeline.c | ||
| 411 | +++ b/drivers/gpu/drm/i915/gt/intel_timeline.c | ||
| 412 | @@ -289,6 +289,14 @@ void intel_timeline_fini(struct intel_timeline *timeline) | ||
| 413 | i915_gem_object_unpin_map(timeline->hwsp_ggtt->obj); | ||
| 414 | |||
| 415 | i915_vma_put(timeline->hwsp_ggtt); | ||
| 416 | + | ||
| 417 | + /* | ||
| 418 | + * A small race exists between intel_gt_retire_requests_timeout and | ||
| 419 | + * intel_timeline_exit which could result in the syncmap not getting | ||
| 420 | + * free'd. Rather than work to hard to seal this race, simply cleanup | ||
| 421 | + * the syncmap on fini. | ||
| 422 | + */ | ||
| 423 | + i915_syncmap_free(&timeline->sync); | ||
| 424 | } | ||
| 425 | |||
| 426 | struct intel_timeline * | ||
| 427 | diff --git a/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.c b/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.c | ||
| 428 | index 818d21bd28d31..1d2837c5a8f29 100644 | ||
| 429 | --- a/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.c | ||
| 430 | +++ b/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.c | ||
| 431 | @@ -419,7 +419,7 @@ nvkm_dp_train(struct nvkm_dp *dp, u32 dataKBps) | ||
| 432 | return ret; | ||
| 433 | } | ||
| 434 | |||
| 435 | -static void | ||
| 436 | +void | ||
| 437 | nvkm_dp_disable(struct nvkm_outp *outp, struct nvkm_ior *ior) | ||
| 438 | { | ||
| 439 | struct nvkm_dp *dp = nvkm_dp(outp); | ||
| 440 | diff --git a/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.h b/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.h | ||
| 441 | index 428b3f488f033..e484d0c3b0d42 100644 | ||
| 442 | --- a/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.h | ||
| 443 | +++ b/drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.h | ||
| 444 | @@ -32,6 +32,7 @@ struct nvkm_dp { | ||
| 445 | |||
| 446 | int nvkm_dp_new(struct nvkm_disp *, int index, struct dcb_output *, | ||
| 447 | struct nvkm_outp **); | ||
| 448 | +void nvkm_dp_disable(struct nvkm_outp *, struct nvkm_ior *); | ||
| 449 | |||
| 450 | /* DPCD Receiver Capabilities */ | ||
| 451 | #define DPCD_RC00_DPCD_REV 0x00000 | ||
| 452 | diff --git a/drivers/gpu/drm/nouveau/nvkm/engine/disp/outp.c b/drivers/gpu/drm/nouveau/nvkm/engine/disp/outp.c | ||
| 453 | index c62030c96fba0..4b1c72fd8f039 100644 | ||
| 454 | --- a/drivers/gpu/drm/nouveau/nvkm/engine/disp/outp.c | ||
| 455 | +++ b/drivers/gpu/drm/nouveau/nvkm/engine/disp/outp.c | ||
| 456 | @@ -22,6 +22,7 @@ | ||
| 457 | * Authors: Ben Skeggs | ||
| 458 | */ | ||
| 459 | #include "outp.h" | ||
| 460 | +#include "dp.h" | ||
| 461 | #include "ior.h" | ||
| 462 | |||
| 463 | #include <subdev/bios.h> | ||
| 464 | @@ -216,6 +217,14 @@ nvkm_outp_init_route(struct nvkm_outp *outp) | ||
| 465 | if (!ior->arm.head || ior->arm.proto != proto) { | ||
| 466 | OUTP_DBG(outp, "no heads (%x %d %d)", ior->arm.head, | ||
| 467 | ior->arm.proto, proto); | ||
| 468 | + | ||
| 469 | + /* The EFI GOP driver on Ampere can leave unused DP links routed, | ||
| 470 | + * which we don't expect. The DisableLT IED script *should* get | ||
| 471 | + * us back to where we need to be. | ||
| 472 | + */ | ||
| 473 | + if (ior->func->route.get && !ior->arm.head && outp->info.type == DCB_OUTPUT_DP) | ||
| 474 | + nvkm_dp_disable(outp, ior); | ||
| 475 | + | ||
| 476 | return; | ||
| 477 | } | ||
| 478 | |||
| 479 | diff --git a/drivers/infiniband/hw/bnxt_re/ib_verbs.c b/drivers/infiniband/hw/bnxt_re/ib_verbs.c | ||
| 480 | index 58c021648b7c8..a96f9142fe08e 100644 | ||
| 481 | --- a/drivers/infiniband/hw/bnxt_re/ib_verbs.c | ||
| 482 | +++ b/drivers/infiniband/hw/bnxt_re/ib_verbs.c | ||
| 483 | @@ -1404,6 +1404,7 @@ int bnxt_re_create_srq(struct ib_srq *ib_srq, | ||
| 484 | if (nq) | ||
| 485 | nq->budget++; | ||
| 486 | atomic_inc(&rdev->srq_count); | ||
| 487 | + spin_lock_init(&srq->lock); | ||
| 488 | |||
| 489 | return 0; | ||
| 490 | |||
| 491 | diff --git a/drivers/infiniband/hw/efa/efa_main.c b/drivers/infiniband/hw/efa/efa_main.c | ||
| 492 | index 83858f7e83d0f..75dfe9d1564c1 100644 | ||
| 493 | --- a/drivers/infiniband/hw/efa/efa_main.c | ||
| 494 | +++ b/drivers/infiniband/hw/efa/efa_main.c | ||
| 495 | @@ -340,6 +340,7 @@ static int efa_enable_msix(struct efa_dev *dev) | ||
| 496 | } | ||
| 497 | |||
| 498 | if (irq_num != msix_vecs) { | ||
| 499 | + efa_disable_msix(dev); | ||
| 500 | dev_err(&dev->pdev->dev, | ||
| 501 | "Allocated %d MSI-X (out of %d requested)\n", | ||
| 502 | irq_num, msix_vecs); | ||
| 503 | diff --git a/drivers/infiniband/hw/hfi1/sdma.c b/drivers/infiniband/hw/hfi1/sdma.c | ||
| 504 | index c61b6022575e1..248be21acdbed 100644 | ||
| 505 | --- a/drivers/infiniband/hw/hfi1/sdma.c | ||
| 506 | +++ b/drivers/infiniband/hw/hfi1/sdma.c | ||
| 507 | @@ -3056,6 +3056,7 @@ static void __sdma_process_event(struct sdma_engine *sde, | ||
| 508 | static int _extend_sdma_tx_descs(struct hfi1_devdata *dd, struct sdma_txreq *tx) | ||
| 509 | { | ||
| 510 | int i; | ||
| 511 | + struct sdma_desc *descp; | ||
| 512 | |||
| 513 | /* Handle last descriptor */ | ||
| 514 | if (unlikely((tx->num_desc == (MAX_DESC - 1)))) { | ||
| 515 | @@ -3076,12 +3077,10 @@ static int _extend_sdma_tx_descs(struct hfi1_devdata *dd, struct sdma_txreq *tx) | ||
| 516 | if (unlikely(tx->num_desc == MAX_DESC)) | ||
| 517 | goto enomem; | ||
| 518 | |||
| 519 | - tx->descp = kmalloc_array( | ||
| 520 | - MAX_DESC, | ||
| 521 | - sizeof(struct sdma_desc), | ||
| 522 | - GFP_ATOMIC); | ||
| 523 | - if (!tx->descp) | ||
| 524 | + descp = kmalloc_array(MAX_DESC, sizeof(struct sdma_desc), GFP_ATOMIC); | ||
| 525 | + if (!descp) | ||
| 526 | goto enomem; | ||
| 527 | + tx->descp = descp; | ||
| 528 | |||
| 529 | /* reserve last descriptor for coalescing */ | ||
| 530 | tx->desc_limit = MAX_DESC - 1; | ||
| 531 | diff --git a/drivers/mmc/host/sdhci-msm.c b/drivers/mmc/host/sdhci-msm.c | ||
| 532 | index 8bed81cf03adc..8ab963055238a 100644 | ||
| 533 | --- a/drivers/mmc/host/sdhci-msm.c | ||
| 534 | +++ b/drivers/mmc/host/sdhci-msm.c | ||
| 535 | @@ -1589,6 +1589,23 @@ out: | ||
| 536 | __sdhci_msm_set_clock(host, clock); | ||
| 537 | } | ||
| 538 | |||
| 539 | +static void sdhci_msm_set_timeout(struct sdhci_host *host, struct mmc_command *cmd) | ||
| 540 | +{ | ||
| 541 | + u32 count, start = 15; | ||
| 542 | + | ||
| 543 | + __sdhci_set_timeout(host, cmd); | ||
| 544 | + count = sdhci_readb(host, SDHCI_TIMEOUT_CONTROL); | ||
| 545 | + /* | ||
| 546 | + * Update software timeout value if its value is less than hardware data | ||
| 547 | + * timeout value. Qcom SoC hardware data timeout value was calculated | ||
| 548 | + * using 4 * MCLK * 2^(count + 13). where MCLK = 1 / host->clock. | ||
| 549 | + */ | ||
| 550 | + if (cmd && cmd->data && host->clock > 400000 && | ||
| 551 | + host->clock <= 50000000 && | ||
| 552 | + ((1 << (count + start)) > (10 * host->clock))) | ||
| 553 | + host->data_timeout = 22LL * NSEC_PER_SEC; | ||
| 554 | +} | ||
| 555 | + | ||
| 556 | /* | ||
| 557 | * Platform specific register write functions. This is so that, if any | ||
| 558 | * register write needs to be followed up by platform specific actions, | ||
| 559 | @@ -1753,6 +1770,7 @@ static const struct sdhci_ops sdhci_msm_ops = { | ||
| 560 | .set_uhs_signaling = sdhci_msm_set_uhs_signaling, | ||
| 561 | .write_w = sdhci_msm_writew, | ||
| 562 | .write_b = sdhci_msm_writeb, | ||
| 563 | + .set_timeout = sdhci_msm_set_timeout, | ||
| 564 | }; | ||
| 565 | |||
| 566 | static const struct sdhci_pltfm_data sdhci_msm_pdata = { | ||
| 567 | diff --git a/drivers/net/can/usb/esd_usb2.c b/drivers/net/can/usb/esd_usb2.c | ||
| 568 | index 485e20e0dec2c..8847942a8d97e 100644 | ||
| 569 | --- a/drivers/net/can/usb/esd_usb2.c | ||
| 570 | +++ b/drivers/net/can/usb/esd_usb2.c | ||
| 571 | @@ -224,8 +224,8 @@ static void esd_usb2_rx_event(struct esd_usb2_net_priv *priv, | ||
| 572 | if (id == ESD_EV_CAN_ERROR_EXT) { | ||
| 573 | u8 state = msg->msg.rx.data[0]; | ||
| 574 | u8 ecc = msg->msg.rx.data[1]; | ||
| 575 | - u8 txerr = msg->msg.rx.data[2]; | ||
| 576 | - u8 rxerr = msg->msg.rx.data[3]; | ||
| 577 | + u8 rxerr = msg->msg.rx.data[2]; | ||
| 578 | + u8 txerr = msg->msg.rx.data[3]; | ||
| 579 | |||
| 580 | skb = alloc_can_err_skb(priv->netdev, &cf); | ||
| 581 | if (skb == NULL) { | ||
| 582 | diff --git a/drivers/net/dsa/mt7530.c b/drivers/net/dsa/mt7530.c | ||
| 583 | index e1a3c33fdad90..2d8382eb9add3 100644 | ||
| 584 | --- a/drivers/net/dsa/mt7530.c | ||
| 585 | +++ b/drivers/net/dsa/mt7530.c | ||
| 586 | @@ -842,11 +842,8 @@ mt7530_port_bridge_leave(struct dsa_switch *ds, int port, | ||
| 587 | /* Remove this port from the port matrix of the other ports | ||
| 588 | * in the same bridge. If the port is disabled, port matrix | ||
| 589 | * is kept and not being setup until the port becomes enabled. | ||
| 590 | - * And the other port's port matrix cannot be broken when the | ||
| 591 | - * other port is still a VLAN-aware port. | ||
| 592 | */ | ||
| 593 | - if (dsa_is_user_port(ds, i) && i != port && | ||
| 594 | - !dsa_port_is_vlan_filtering(&ds->ports[i])) { | ||
| 595 | + if (dsa_is_user_port(ds, i) && i != port) { | ||
| 596 | if (dsa_to_port(ds, i)->bridge_dev != bridge) | ||
| 597 | continue; | ||
| 598 | if (priv->ports[i].enable) | ||
| 599 | diff --git a/drivers/net/ethernet/apm/xgene-v2/main.c b/drivers/net/ethernet/apm/xgene-v2/main.c | ||
| 600 | index 02b4f3af02b54..848be6bf2fd1f 100644 | ||
| 601 | --- a/drivers/net/ethernet/apm/xgene-v2/main.c | ||
| 602 | +++ b/drivers/net/ethernet/apm/xgene-v2/main.c | ||
| 603 | @@ -677,11 +677,13 @@ static int xge_probe(struct platform_device *pdev) | ||
| 604 | ret = register_netdev(ndev); | ||
| 605 | if (ret) { | ||
| 606 | netdev_err(ndev, "Failed to register netdev\n"); | ||
| 607 | - goto err; | ||
| 608 | + goto err_mdio_remove; | ||
| 609 | } | ||
| 610 | |||
| 611 | return 0; | ||
| 612 | |||
| 613 | +err_mdio_remove: | ||
| 614 | + xge_mdio_remove(ndev); | ||
| 615 | err: | ||
| 616 | free_netdev(ndev); | ||
| 617 | |||
| 618 | diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_cmd.h b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_cmd.h | ||
| 619 | index e34e0854635c3..d64cded30eeb4 100644 | ||
| 620 | --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_cmd.h | ||
| 621 | +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_cmd.h | ||
| 622 | @@ -257,6 +257,9 @@ enum hclge_opcode_type { | ||
| 623 | /* Led command */ | ||
| 624 | HCLGE_OPC_LED_STATUS_CFG = 0xB000, | ||
| 625 | |||
| 626 | + /* clear hardware resource command */ | ||
| 627 | + HCLGE_OPC_CLEAR_HW_RESOURCE = 0x700B, | ||
| 628 | + | ||
| 629 | /* NCL config command */ | ||
| 630 | HCLGE_OPC_QUERY_NCL_CONFIG = 0x7011, | ||
| 631 | /* M7 stats command */ | ||
| 632 | diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_dcb.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_dcb.c | ||
| 633 | index a1790af73096d..d16488bab86f5 100644 | ||
| 634 | --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_dcb.c | ||
| 635 | +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_dcb.c | ||
| 636 | @@ -281,21 +281,12 @@ static int hclge_ieee_getpfc(struct hnae3_handle *h, struct ieee_pfc *pfc) | ||
| 637 | u64 requests[HNAE3_MAX_TC], indications[HNAE3_MAX_TC]; | ||
| 638 | struct hclge_vport *vport = hclge_get_vport(h); | ||
| 639 | struct hclge_dev *hdev = vport->back; | ||
| 640 | - u8 i, j, pfc_map, *prio_tc; | ||
| 641 | int ret; | ||
| 642 | + u8 i; | ||
| 643 | |||
| 644 | memset(pfc, 0, sizeof(*pfc)); | ||
| 645 | pfc->pfc_cap = hdev->pfc_max; | ||
| 646 | - prio_tc = hdev->tm_info.prio_tc; | ||
| 647 | - pfc_map = hdev->tm_info.hw_pfc_map; | ||
| 648 | - | ||
| 649 | - /* Pfc setting is based on TC */ | ||
| 650 | - for (i = 0; i < hdev->tm_info.num_tc; i++) { | ||
| 651 | - for (j = 0; j < HNAE3_MAX_USER_PRIO; j++) { | ||
| 652 | - if ((prio_tc[j] == i) && (pfc_map & BIT(i))) | ||
| 653 | - pfc->pfc_en |= BIT(j); | ||
| 654 | - } | ||
| 655 | - } | ||
| 656 | + pfc->pfc_en = hdev->tm_info.pfc_en; | ||
| 657 | |||
| 658 | ret = hclge_pfc_tx_stats_get(hdev, requests); | ||
| 659 | if (ret) | ||
| 660 | diff --git a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | ||
| 661 | index 93f3865b679bf..aa402e2671212 100644 | ||
| 662 | --- a/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | ||
| 663 | +++ b/drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | ||
| 664 | @@ -8006,7 +8006,11 @@ static int hclge_init_vlan_config(struct hclge_dev *hdev) | ||
| 665 | static void hclge_add_vport_vlan_table(struct hclge_vport *vport, u16 vlan_id, | ||
| 666 | bool writen_to_tbl) | ||
| 667 | { | ||
| 668 | - struct hclge_vport_vlan_cfg *vlan; | ||
| 669 | + struct hclge_vport_vlan_cfg *vlan, *tmp; | ||
| 670 | + | ||
| 671 | + list_for_each_entry_safe(vlan, tmp, &vport->vlan_list, node) | ||
| 672 | + if (vlan->vlan_id == vlan_id) | ||
| 673 | + return; | ||
| 674 | |||
| 675 | vlan = kzalloc(sizeof(*vlan), GFP_KERNEL); | ||
| 676 | if (!vlan) | ||
| 677 | @@ -9165,6 +9169,28 @@ static void hclge_clear_resetting_state(struct hclge_dev *hdev) | ||
| 678 | } | ||
| 679 | } | ||
| 680 | |||
| 681 | +static int hclge_clear_hw_resource(struct hclge_dev *hdev) | ||
| 682 | +{ | ||
| 683 | + struct hclge_desc desc; | ||
| 684 | + int ret; | ||
| 685 | + | ||
| 686 | + hclge_cmd_setup_basic_desc(&desc, HCLGE_OPC_CLEAR_HW_RESOURCE, false); | ||
| 687 | + | ||
| 688 | + ret = hclge_cmd_send(&hdev->hw, &desc, 1); | ||
| 689 | + /* This new command is only supported by new firmware, it will | ||
| 690 | + * fail with older firmware. Error value -EOPNOSUPP can only be | ||
| 691 | + * returned by older firmware running this command, to keep code | ||
| 692 | + * backward compatible we will override this value and return | ||
| 693 | + * success. | ||
| 694 | + */ | ||
| 695 | + if (ret && ret != -EOPNOTSUPP) { | ||
| 696 | + dev_err(&hdev->pdev->dev, | ||
| 697 | + "failed to clear hw resource, ret = %d\n", ret); | ||
| 698 | + return ret; | ||
| 699 | + } | ||
| 700 | + return 0; | ||
| 701 | +} | ||
| 702 | + | ||
| 703 | static int hclge_init_ae_dev(struct hnae3_ae_dev *ae_dev) | ||
| 704 | { | ||
| 705 | struct pci_dev *pdev = ae_dev->pdev; | ||
| 706 | @@ -9206,6 +9232,10 @@ static int hclge_init_ae_dev(struct hnae3_ae_dev *ae_dev) | ||
| 707 | if (ret) | ||
| 708 | goto err_cmd_uninit; | ||
| 709 | |||
| 710 | + ret = hclge_clear_hw_resource(hdev); | ||
| 711 | + if (ret) | ||
| 712 | + goto err_cmd_uninit; | ||
| 713 | + | ||
| 714 | ret = hclge_get_cap(hdev); | ||
| 715 | if (ret) { | ||
| 716 | dev_err(&pdev->dev, "get hw capability error, ret = %d.\n", | ||
| 717 | diff --git a/drivers/net/ethernet/intel/e1000e/ich8lan.c b/drivers/net/ethernet/intel/e1000e/ich8lan.c | ||
| 718 | index a1fab77b2096a..58ff747a42ae6 100644 | ||
| 719 | --- a/drivers/net/ethernet/intel/e1000e/ich8lan.c | ||
| 720 | +++ b/drivers/net/ethernet/intel/e1000e/ich8lan.c | ||
| 721 | @@ -995,6 +995,8 @@ static s32 e1000_platform_pm_pch_lpt(struct e1000_hw *hw, bool link) | ||
| 722 | { | ||
| 723 | u32 reg = link << (E1000_LTRV_REQ_SHIFT + E1000_LTRV_NOSNOOP_SHIFT) | | ||
| 724 | link << E1000_LTRV_REQ_SHIFT | E1000_LTRV_SEND; | ||
| 725 | + u16 max_ltr_enc_d = 0; /* maximum LTR decoded by platform */ | ||
| 726 | + u16 lat_enc_d = 0; /* latency decoded */ | ||
| 727 | u16 lat_enc = 0; /* latency encoded */ | ||
| 728 | |||
| 729 | if (link) { | ||
| 730 | @@ -1048,7 +1050,17 @@ static s32 e1000_platform_pm_pch_lpt(struct e1000_hw *hw, bool link) | ||
| 731 | E1000_PCI_LTR_CAP_LPT + 2, &max_nosnoop); | ||
| 732 | max_ltr_enc = max_t(u16, max_snoop, max_nosnoop); | ||
| 733 | |||
| 734 | - if (lat_enc > max_ltr_enc) | ||
| 735 | + lat_enc_d = (lat_enc & E1000_LTRV_VALUE_MASK) * | ||
| 736 | + (1U << (E1000_LTRV_SCALE_FACTOR * | ||
| 737 | + ((lat_enc & E1000_LTRV_SCALE_MASK) | ||
| 738 | + >> E1000_LTRV_SCALE_SHIFT))); | ||
| 739 | + | ||
| 740 | + max_ltr_enc_d = (max_ltr_enc & E1000_LTRV_VALUE_MASK) * | ||
| 741 | + (1U << (E1000_LTRV_SCALE_FACTOR * | ||
| 742 | + ((max_ltr_enc & E1000_LTRV_SCALE_MASK) | ||
| 743 | + >> E1000_LTRV_SCALE_SHIFT))); | ||
| 744 | + | ||
| 745 | + if (lat_enc_d > max_ltr_enc_d) | ||
| 746 | lat_enc = max_ltr_enc; | ||
| 747 | } | ||
| 748 | |||
| 749 | diff --git a/drivers/net/ethernet/intel/e1000e/ich8lan.h b/drivers/net/ethernet/intel/e1000e/ich8lan.h | ||
| 750 | index 1502895eb45dd..e757896287eba 100644 | ||
| 751 | --- a/drivers/net/ethernet/intel/e1000e/ich8lan.h | ||
| 752 | +++ b/drivers/net/ethernet/intel/e1000e/ich8lan.h | ||
| 753 | @@ -274,8 +274,11 @@ | ||
| 754 | |||
| 755 | /* Latency Tolerance Reporting */ | ||
| 756 | #define E1000_LTRV 0x000F8 | ||
| 757 | +#define E1000_LTRV_VALUE_MASK 0x000003FF | ||
| 758 | #define E1000_LTRV_SCALE_MAX 5 | ||
| 759 | #define E1000_LTRV_SCALE_FACTOR 5 | ||
| 760 | +#define E1000_LTRV_SCALE_SHIFT 10 | ||
| 761 | +#define E1000_LTRV_SCALE_MASK 0x00001C00 | ||
| 762 | #define E1000_LTRV_REQ_SHIFT 15 | ||
| 763 | #define E1000_LTRV_NOSNOOP_SHIFT 16 | ||
| 764 | #define E1000_LTRV_SEND (1 << 30) | ||
| 765 | diff --git a/drivers/net/ethernet/marvell/mvneta.c b/drivers/net/ethernet/marvell/mvneta.c | ||
| 766 | index 7b0543056b101..64aa5510e61a6 100644 | ||
| 767 | --- a/drivers/net/ethernet/marvell/mvneta.c | ||
| 768 | +++ b/drivers/net/ethernet/marvell/mvneta.c | ||
| 769 | @@ -101,7 +101,7 @@ | ||
| 770 | #define MVNETA_DESC_SWAP BIT(6) | ||
| 771 | #define MVNETA_TX_BRST_SZ_MASK(burst) ((burst) << 22) | ||
| 772 | #define MVNETA_PORT_STATUS 0x2444 | ||
| 773 | -#define MVNETA_TX_IN_PRGRS BIT(1) | ||
| 774 | +#define MVNETA_TX_IN_PRGRS BIT(0) | ||
| 775 | #define MVNETA_TX_FIFO_EMPTY BIT(8) | ||
| 776 | #define MVNETA_RX_MIN_FRAME_SIZE 0x247c | ||
| 777 | /* Only exists on Armada XP and Armada 370 */ | ||
| 778 | diff --git a/drivers/net/ethernet/qlogic/qed/qed_ll2.c b/drivers/net/ethernet/qlogic/qed/qed_ll2.c | ||
| 779 | index 19a1a58d60f89..c449ecc0add23 100644 | ||
| 780 | --- a/drivers/net/ethernet/qlogic/qed/qed_ll2.c | ||
| 781 | +++ b/drivers/net/ethernet/qlogic/qed/qed_ll2.c | ||
| 782 | @@ -353,6 +353,9 @@ static int qed_ll2_txq_completion(struct qed_hwfn *p_hwfn, void *p_cookie) | ||
| 783 | unsigned long flags; | ||
| 784 | int rc = -EINVAL; | ||
| 785 | |||
| 786 | + if (!p_ll2_conn) | ||
| 787 | + return rc; | ||
| 788 | + | ||
| 789 | spin_lock_irqsave(&p_tx->lock, flags); | ||
| 790 | if (p_tx->b_completing_packet) { | ||
| 791 | rc = -EBUSY; | ||
| 792 | @@ -526,7 +529,16 @@ static int qed_ll2_rxq_completion(struct qed_hwfn *p_hwfn, void *cookie) | ||
| 793 | unsigned long flags = 0; | ||
| 794 | int rc = 0; | ||
| 795 | |||
| 796 | + if (!p_ll2_conn) | ||
| 797 | + return rc; | ||
| 798 | + | ||
| 799 | spin_lock_irqsave(&p_rx->lock, flags); | ||
| 800 | + | ||
| 801 | + if (!QED_LL2_RX_REGISTERED(p_ll2_conn)) { | ||
| 802 | + spin_unlock_irqrestore(&p_rx->lock, flags); | ||
| 803 | + return 0; | ||
| 804 | + } | ||
| 805 | + | ||
| 806 | cq_new_idx = le16_to_cpu(*p_rx->p_fw_cons); | ||
| 807 | cq_old_idx = qed_chain_get_cons_idx(&p_rx->rcq_chain); | ||
| 808 | |||
| 809 | @@ -847,6 +859,9 @@ static int qed_ll2_lb_rxq_completion(struct qed_hwfn *p_hwfn, void *p_cookie) | ||
| 810 | struct qed_ll2_info *p_ll2_conn = (struct qed_ll2_info *)p_cookie; | ||
| 811 | int rc; | ||
| 812 | |||
| 813 | + if (!p_ll2_conn) | ||
| 814 | + return 0; | ||
| 815 | + | ||
| 816 | if (!QED_LL2_RX_REGISTERED(p_ll2_conn)) | ||
| 817 | return 0; | ||
| 818 | |||
| 819 | @@ -870,6 +885,9 @@ static int qed_ll2_lb_txq_completion(struct qed_hwfn *p_hwfn, void *p_cookie) | ||
| 820 | u16 new_idx = 0, num_bds = 0; | ||
| 821 | int rc; | ||
| 822 | |||
| 823 | + if (!p_ll2_conn) | ||
| 824 | + return 0; | ||
| 825 | + | ||
| 826 | if (!QED_LL2_TX_REGISTERED(p_ll2_conn)) | ||
| 827 | return 0; | ||
| 828 | |||
| 829 | @@ -1642,6 +1660,8 @@ int qed_ll2_post_rx_buffer(void *cxt, | ||
| 830 | if (!p_ll2_conn) | ||
| 831 | return -EINVAL; | ||
| 832 | p_rx = &p_ll2_conn->rx_queue; | ||
| 833 | + if (!p_rx->set_prod_addr) | ||
| 834 | + return -EIO; | ||
| 835 | |||
| 836 | spin_lock_irqsave(&p_rx->lock, flags); | ||
| 837 | if (!list_empty(&p_rx->free_descq)) | ||
| 838 | diff --git a/drivers/net/ethernet/qlogic/qed/qed_rdma.c b/drivers/net/ethernet/qlogic/qed/qed_rdma.c | ||
| 839 | index 38b1f402f7ed2..b291971bcf926 100644 | ||
| 840 | --- a/drivers/net/ethernet/qlogic/qed/qed_rdma.c | ||
| 841 | +++ b/drivers/net/ethernet/qlogic/qed/qed_rdma.c | ||
| 842 | @@ -1245,8 +1245,7 @@ qed_rdma_create_qp(void *rdma_cxt, | ||
| 843 | |||
| 844 | if (!rdma_cxt || !in_params || !out_params || | ||
| 845 | !p_hwfn->p_rdma_info->active) { | ||
| 846 | - DP_ERR(p_hwfn->cdev, | ||
| 847 | - "qed roce create qp failed due to NULL entry (rdma_cxt=%p, in=%p, out=%p, roce_info=?\n", | ||
| 848 | + pr_err("qed roce create qp failed due to NULL entry (rdma_cxt=%p, in=%p, out=%p, roce_info=?\n", | ||
| 849 | rdma_cxt, in_params, out_params); | ||
| 850 | return NULL; | ||
| 851 | } | ||
| 852 | diff --git a/drivers/opp/of.c b/drivers/opp/of.c | ||
| 853 | index 249738e1e0b7a..603c688fe23dc 100644 | ||
| 854 | --- a/drivers/opp/of.c | ||
| 855 | +++ b/drivers/opp/of.c | ||
| 856 | @@ -682,8 +682,9 @@ static int _of_add_opp_table_v2(struct device *dev, struct opp_table *opp_table) | ||
| 857 | } | ||
| 858 | } | ||
| 859 | |||
| 860 | - /* There should be one of more OPP defined */ | ||
| 861 | - if (WARN_ON(!count)) { | ||
| 862 | + /* There should be one or more OPPs defined */ | ||
| 863 | + if (!count) { | ||
| 864 | + dev_err(dev, "%s: no supported OPPs", __func__); | ||
| 865 | ret = -ENOENT; | ||
| 866 | goto remove_static_opp; | ||
| 867 | } | ||
| 868 | diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c | ||
| 869 | index 11592ec7b23ea..6aeb79e744e0b 100644 | ||
| 870 | --- a/drivers/scsi/scsi_sysfs.c | ||
| 871 | +++ b/drivers/scsi/scsi_sysfs.c | ||
| 872 | @@ -788,12 +788,15 @@ store_state_field(struct device *dev, struct device_attribute *attr, | ||
| 873 | ret = scsi_device_set_state(sdev, state); | ||
| 874 | /* | ||
| 875 | * If the device state changes to SDEV_RUNNING, we need to | ||
| 876 | - * rescan the device to revalidate it, and run the queue to | ||
| 877 | - * avoid I/O hang. | ||
| 878 | + * run the queue to avoid I/O hang, and rescan the device | ||
| 879 | + * to revalidate it. Running the queue first is necessary | ||
| 880 | + * because another thread may be waiting inside | ||
| 881 | + * blk_mq_freeze_queue_wait() and because that call may be | ||
| 882 | + * waiting for pending I/O to finish. | ||
| 883 | */ | ||
| 884 | if (ret == 0 && state == SDEV_RUNNING) { | ||
| 885 | - scsi_rescan_device(dev); | ||
| 886 | blk_mq_run_hw_queues(sdev->request_queue, true); | ||
| 887 | + scsi_rescan_device(dev); | ||
| 888 | } | ||
| 889 | mutex_unlock(&sdev->state_mutex); | ||
| 890 | |||
| 891 | diff --git a/drivers/tty/vt/vt_ioctl.c b/drivers/tty/vt/vt_ioctl.c | ||
| 892 | index b5d2ad900ec09..167c72726c5a0 100644 | ||
| 893 | --- a/drivers/tty/vt/vt_ioctl.c | ||
| 894 | +++ b/drivers/tty/vt/vt_ioctl.c | ||
| 895 | @@ -484,16 +484,19 @@ int vt_ioctl(struct tty_struct *tty, | ||
| 896 | ret = -EINVAL; | ||
| 897 | goto out; | ||
| 898 | } | ||
| 899 | - /* FIXME: this needs the console lock extending */ | ||
| 900 | - if (vc->vc_mode == (unsigned char) arg) | ||
| 901 | + console_lock(); | ||
| 902 | + if (vc->vc_mode == (unsigned char) arg) { | ||
| 903 | + console_unlock(); | ||
| 904 | break; | ||
| 905 | + } | ||
| 906 | vc->vc_mode = (unsigned char) arg; | ||
| 907 | - if (console != fg_console) | ||
| 908 | + if (console != fg_console) { | ||
| 909 | + console_unlock(); | ||
| 910 | break; | ||
| 911 | + } | ||
| 912 | /* | ||
| 913 | * explicitly blank/unblank the screen if switching modes | ||
| 914 | */ | ||
| 915 | - console_lock(); | ||
| 916 | if (arg == KD_TEXT) | ||
| 917 | do_unblank_screen(1); | ||
| 918 | else | ||
| 919 | diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c | ||
| 920 | index 8a3752fcf7b46..39a9ad12cbbc8 100644 | ||
| 921 | --- a/drivers/usb/dwc3/gadget.c | ||
| 922 | +++ b/drivers/usb/dwc3/gadget.c | ||
| 923 | @@ -894,19 +894,19 @@ static struct dwc3_trb *dwc3_ep_prev_trb(struct dwc3_ep *dep, u8 index) | ||
| 924 | |||
| 925 | static u32 dwc3_calc_trbs_left(struct dwc3_ep *dep) | ||
| 926 | { | ||
| 927 | - struct dwc3_trb *tmp; | ||
| 928 | u8 trbs_left; | ||
| 929 | |||
| 930 | /* | ||
| 931 | - * If enqueue & dequeue are equal than it is either full or empty. | ||
| 932 | - * | ||
| 933 | - * One way to know for sure is if the TRB right before us has HWO bit | ||
| 934 | - * set or not. If it has, then we're definitely full and can't fit any | ||
| 935 | - * more transfers in our ring. | ||
| 936 | + * If the enqueue & dequeue are equal then the TRB ring is either full | ||
| 937 | + * or empty. It's considered full when there are DWC3_TRB_NUM-1 of TRBs | ||
| 938 | + * pending to be processed by the driver. | ||
| 939 | */ | ||
| 940 | if (dep->trb_enqueue == dep->trb_dequeue) { | ||
| 941 | - tmp = dwc3_ep_prev_trb(dep, dep->trb_enqueue); | ||
| 942 | - if (tmp->ctrl & DWC3_TRB_CTRL_HWO) | ||
| 943 | + /* | ||
| 944 | + * If there is any request remained in the started_list at | ||
| 945 | + * this point, that means there is no TRB available. | ||
| 946 | + */ | ||
| 947 | + if (!list_empty(&dep->started_list)) | ||
| 948 | return 0; | ||
| 949 | |||
| 950 | return DWC3_TRB_NUM - 1; | ||
| 951 | @@ -2012,10 +2012,8 @@ static int dwc3_gadget_pullup(struct usb_gadget *g, int is_on) | ||
| 952 | |||
| 953 | ret = wait_for_completion_timeout(&dwc->ep0_in_setup, | ||
| 954 | msecs_to_jiffies(DWC3_PULL_UP_TIMEOUT)); | ||
| 955 | - if (ret == 0) { | ||
| 956 | - dev_err(dwc->dev, "timed out waiting for SETUP phase\n"); | ||
| 957 | - return -ETIMEDOUT; | ||
| 958 | - } | ||
| 959 | + if (ret == 0) | ||
| 960 | + dev_warn(dwc->dev, "timed out waiting for SETUP phase\n"); | ||
| 961 | } | ||
| 962 | |||
| 963 | /* | ||
| 964 | @@ -2217,6 +2215,7 @@ static int __dwc3_gadget_start(struct dwc3 *dwc) | ||
| 965 | /* begin to receive SETUP packets */ | ||
| 966 | dwc->ep0state = EP0_SETUP_PHASE; | ||
| 967 | dwc->link_state = DWC3_LINK_STATE_SS_DIS; | ||
| 968 | + dwc->delayed_status = false; | ||
| 969 | dwc3_ep0_out_start(dwc); | ||
| 970 | |||
| 971 | dwc3_gadget_enable_irq(dwc); | ||
| 972 | diff --git a/drivers/usb/gadget/function/u_audio.c b/drivers/usb/gadget/function/u_audio.c | ||
| 973 | index 223029fa84459..4e01ba0ab8ecb 100644 | ||
| 974 | --- a/drivers/usb/gadget/function/u_audio.c | ||
| 975 | +++ b/drivers/usb/gadget/function/u_audio.c | ||
| 976 | @@ -349,8 +349,6 @@ static inline void free_ep(struct uac_rtd_params *prm, struct usb_ep *ep) | ||
| 977 | if (!prm->ep_enabled) | ||
| 978 | return; | ||
| 979 | |||
| 980 | - prm->ep_enabled = false; | ||
| 981 | - | ||
| 982 | audio_dev = uac->audio_dev; | ||
| 983 | params = &audio_dev->params; | ||
| 984 | |||
| 985 | @@ -368,11 +366,12 @@ static inline void free_ep(struct uac_rtd_params *prm, struct usb_ep *ep) | ||
| 986 | } | ||
| 987 | } | ||
| 988 | |||
| 989 | + prm->ep_enabled = false; | ||
| 990 | + | ||
| 991 | if (usb_ep_disable(ep)) | ||
| 992 | dev_err(uac->card->dev, "%s:%d Error!\n", __func__, __LINE__); | ||
| 993 | } | ||
| 994 | |||
| 995 | - | ||
| 996 | int u_audio_start_capture(struct g_audio *audio_dev) | ||
| 997 | { | ||
| 998 | struct snd_uac_chip *uac = audio_dev->uac; | ||
| 999 | diff --git a/drivers/usb/serial/ch341.c b/drivers/usb/serial/ch341.c | ||
| 1000 | index e9c39a41faae9..a82ba9cc0c724 100644 | ||
| 1001 | --- a/drivers/usb/serial/ch341.c | ||
| 1002 | +++ b/drivers/usb/serial/ch341.c | ||
| 1003 | @@ -678,7 +678,6 @@ static struct usb_serial_driver ch341_device = { | ||
| 1004 | .owner = THIS_MODULE, | ||
| 1005 | .name = "ch341-uart", | ||
| 1006 | }, | ||
| 1007 | - .bulk_in_size = 512, | ||
| 1008 | .id_table = id_table, | ||
| 1009 | .num_ports = 1, | ||
| 1010 | .open = ch341_open, | ||
| 1011 | diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c | ||
| 1012 | index 793530f241ceb..d42ca13569965 100644 | ||
| 1013 | --- a/drivers/usb/serial/option.c | ||
| 1014 | +++ b/drivers/usb/serial/option.c | ||
| 1015 | @@ -2074,6 +2074,8 @@ static const struct usb_device_id option_ids[] = { | ||
| 1016 | .driver_info = RSVD(4) | RSVD(5) }, | ||
| 1017 | { USB_DEVICE_INTERFACE_CLASS(0x2cb7, 0x0105, 0xff), /* Fibocom NL678 series */ | ||
| 1018 | .driver_info = RSVD(6) }, | ||
| 1019 | + { USB_DEVICE_AND_INTERFACE_INFO(0x2cb7, 0x010b, 0xff, 0xff, 0x30) }, /* Fibocom FG150 Diag */ | ||
| 1020 | + { USB_DEVICE_AND_INTERFACE_INFO(0x2cb7, 0x010b, 0xff, 0, 0) }, /* Fibocom FG150 AT */ | ||
| 1021 | { USB_DEVICE_INTERFACE_CLASS(0x2cb7, 0x01a0, 0xff) }, /* Fibocom NL668-AM/NL652-EU (laptop MBIM) */ | ||
| 1022 | { USB_DEVICE_INTERFACE_CLASS(0x2df3, 0x9d03, 0xff) }, /* LongSung M5710 */ | ||
| 1023 | { USB_DEVICE_INTERFACE_CLASS(0x305a, 0x1404, 0xff) }, /* GosunCn GM500 RNDIS */ | ||
| 1024 | diff --git a/drivers/vhost/vringh.c b/drivers/vhost/vringh.c | ||
| 1025 | index 026a37ee41777..4653de001e261 100644 | ||
| 1026 | --- a/drivers/vhost/vringh.c | ||
| 1027 | +++ b/drivers/vhost/vringh.c | ||
| 1028 | @@ -331,7 +331,7 @@ __vringh_iov(struct vringh *vrh, u16 i, | ||
| 1029 | iov = wiov; | ||
| 1030 | else { | ||
| 1031 | iov = riov; | ||
| 1032 | - if (unlikely(wiov && wiov->i)) { | ||
| 1033 | + if (unlikely(wiov && wiov->used)) { | ||
| 1034 | vringh_bad("Readable desc %p after writable", | ||
| 1035 | &descs[i]); | ||
| 1036 | err = -EINVAL; | ||
| 1037 | diff --git a/drivers/virtio/virtio_pci_common.c b/drivers/virtio/virtio_pci_common.c | ||
| 1038 | index 222d630c41fc9..b35bb2d57f62c 100644 | ||
| 1039 | --- a/drivers/virtio/virtio_pci_common.c | ||
| 1040 | +++ b/drivers/virtio/virtio_pci_common.c | ||
| 1041 | @@ -576,6 +576,13 @@ static void virtio_pci_remove(struct pci_dev *pci_dev) | ||
| 1042 | struct virtio_pci_device *vp_dev = pci_get_drvdata(pci_dev); | ||
| 1043 | struct device *dev = get_device(&vp_dev->vdev.dev); | ||
| 1044 | |||
| 1045 | + /* | ||
| 1046 | + * Device is marked broken on surprise removal so that virtio upper | ||
| 1047 | + * layers can abort any ongoing operation. | ||
| 1048 | + */ | ||
| 1049 | + if (!pci_device_is_present(pci_dev)) | ||
| 1050 | + virtio_break_device(&vp_dev->vdev); | ||
| 1051 | + | ||
| 1052 | pci_disable_sriov(pci_dev); | ||
| 1053 | |||
| 1054 | unregister_virtio_device(&vp_dev->vdev); | ||
| 1055 | diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c | ||
| 1056 | index f6011c9ed32f1..e442d400dbb2e 100644 | ||
| 1057 | --- a/drivers/virtio/virtio_ring.c | ||
| 1058 | +++ b/drivers/virtio/virtio_ring.c | ||
| 1059 | @@ -2268,7 +2268,7 @@ bool virtqueue_is_broken(struct virtqueue *_vq) | ||
| 1060 | { | ||
| 1061 | struct vring_virtqueue *vq = to_vvq(_vq); | ||
| 1062 | |||
| 1063 | - return vq->broken; | ||
| 1064 | + return READ_ONCE(vq->broken); | ||
| 1065 | } | ||
| 1066 | EXPORT_SYMBOL_GPL(virtqueue_is_broken); | ||
| 1067 | |||
| 1068 | @@ -2283,7 +2283,9 @@ void virtio_break_device(struct virtio_device *dev) | ||
| 1069 | spin_lock(&dev->vqs_list_lock); | ||
| 1070 | list_for_each_entry(_vq, &dev->vqs, list) { | ||
| 1071 | struct vring_virtqueue *vq = to_vvq(_vq); | ||
| 1072 | - vq->broken = true; | ||
| 1073 | + | ||
| 1074 | + /* Pairs with READ_ONCE() in virtqueue_is_broken(). */ | ||
| 1075 | + WRITE_ONCE(vq->broken, true); | ||
| 1076 | } | ||
| 1077 | spin_unlock(&dev->vqs_list_lock); | ||
| 1078 | } | ||
| 1079 | diff --git a/fs/btrfs/btrfs_inode.h b/fs/btrfs/btrfs_inode.h | ||
| 1080 | index f853835c409c1..f3ff57b931580 100644 | ||
| 1081 | --- a/fs/btrfs/btrfs_inode.h | ||
| 1082 | +++ b/fs/btrfs/btrfs_inode.h | ||
| 1083 | @@ -268,6 +268,21 @@ static inline void btrfs_mod_outstanding_extents(struct btrfs_inode *inode, | ||
| 1084 | mod); | ||
| 1085 | } | ||
| 1086 | |||
| 1087 | +/* | ||
| 1088 | + * Called every time after doing a buffered, direct IO or memory mapped write. | ||
| 1089 | + * | ||
| 1090 | + * This is to ensure that if we write to a file that was previously fsynced in | ||
| 1091 | + * the current transaction, then try to fsync it again in the same transaction, | ||
| 1092 | + * we will know that there were changes in the file and that it needs to be | ||
| 1093 | + * logged. | ||
| 1094 | + */ | ||
| 1095 | +static inline void btrfs_set_inode_last_sub_trans(struct btrfs_inode *inode) | ||
| 1096 | +{ | ||
| 1097 | + spin_lock(&inode->lock); | ||
| 1098 | + inode->last_sub_trans = inode->root->log_transid; | ||
| 1099 | + spin_unlock(&inode->lock); | ||
| 1100 | +} | ||
| 1101 | + | ||
| 1102 | static inline int btrfs_inode_in_log(struct btrfs_inode *inode, u64 generation) | ||
| 1103 | { | ||
| 1104 | int ret = 0; | ||
| 1105 | diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c | ||
| 1106 | index 400b0717b9d44..1279359ed172a 100644 | ||
| 1107 | --- a/fs/btrfs/file.c | ||
| 1108 | +++ b/fs/btrfs/file.c | ||
| 1109 | @@ -2004,14 +2004,8 @@ static ssize_t btrfs_file_write_iter(struct kiocb *iocb, | ||
| 1110 | |||
| 1111 | inode_unlock(inode); | ||
| 1112 | |||
| 1113 | - /* | ||
| 1114 | - * We also have to set last_sub_trans to the current log transid, | ||
| 1115 | - * otherwise subsequent syncs to a file that's been synced in this | ||
| 1116 | - * transaction will appear to have already occurred. | ||
| 1117 | - */ | ||
| 1118 | - spin_lock(&BTRFS_I(inode)->lock); | ||
| 1119 | - BTRFS_I(inode)->last_sub_trans = root->log_transid; | ||
| 1120 | - spin_unlock(&BTRFS_I(inode)->lock); | ||
| 1121 | + btrfs_set_inode_last_sub_trans(BTRFS_I(inode)); | ||
| 1122 | + | ||
| 1123 | if (num_written > 0) | ||
| 1124 | num_written = generic_write_sync(iocb, num_written); | ||
| 1125 | |||
| 1126 | diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c | ||
| 1127 | index 54b607a3cc3f2..29552d4f6845b 100644 | ||
| 1128 | --- a/fs/btrfs/inode.c | ||
| 1129 | +++ b/fs/btrfs/inode.c | ||
| 1130 | @@ -9250,9 +9250,7 @@ again: | ||
| 1131 | set_page_dirty(page); | ||
| 1132 | SetPageUptodate(page); | ||
| 1133 | |||
| 1134 | - BTRFS_I(inode)->last_trans = fs_info->generation; | ||
| 1135 | - BTRFS_I(inode)->last_sub_trans = BTRFS_I(inode)->root->log_transid; | ||
| 1136 | - BTRFS_I(inode)->last_log_commit = BTRFS_I(inode)->root->last_log_commit; | ||
| 1137 | + btrfs_set_inode_last_sub_trans(BTRFS_I(inode)); | ||
| 1138 | |||
| 1139 | unlock_extent_cached(io_tree, page_start, page_end, &cached_state); | ||
| 1140 | |||
| 1141 | diff --git a/fs/btrfs/transaction.h b/fs/btrfs/transaction.h | ||
| 1142 | index d8a7d460e436a..cbede328bda5b 100644 | ||
| 1143 | --- a/fs/btrfs/transaction.h | ||
| 1144 | +++ b/fs/btrfs/transaction.h | ||
| 1145 | @@ -160,7 +160,7 @@ static inline void btrfs_set_inode_last_trans(struct btrfs_trans_handle *trans, | ||
| 1146 | spin_lock(&BTRFS_I(inode)->lock); | ||
| 1147 | BTRFS_I(inode)->last_trans = trans->transaction->transid; | ||
| 1148 | BTRFS_I(inode)->last_sub_trans = BTRFS_I(inode)->root->log_transid; | ||
| 1149 | - BTRFS_I(inode)->last_log_commit = BTRFS_I(inode)->root->last_log_commit; | ||
| 1150 | + BTRFS_I(inode)->last_log_commit = BTRFS_I(inode)->last_sub_trans - 1; | ||
| 1151 | spin_unlock(&BTRFS_I(inode)->lock); | ||
| 1152 | } | ||
| 1153 | |||
| 1154 | diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c | ||
| 1155 | index 3e3529c600cb7..e882c790292f9 100644 | ||
| 1156 | --- a/fs/btrfs/volumes.c | ||
| 1157 | +++ b/fs/btrfs/volumes.c | ||
| 1158 | @@ -2168,7 +2168,7 @@ int btrfs_rm_device(struct btrfs_fs_info *fs_info, const char *device_path, | ||
| 1159 | |||
| 1160 | if (IS_ERR(device)) { | ||
| 1161 | if (PTR_ERR(device) == -ENOENT && | ||
| 1162 | - strcmp(device_path, "missing") == 0) | ||
| 1163 | + device_path && strcmp(device_path, "missing") == 0) | ||
| 1164 | ret = BTRFS_ERROR_DEV_MISSING_NOT_FOUND; | ||
| 1165 | else | ||
| 1166 | ret = PTR_ERR(device); | ||
| 1167 | diff --git a/fs/overlayfs/export.c b/fs/overlayfs/export.c | ||
| 1168 | index 11dd8177770df..19574ef174709 100644 | ||
| 1169 | --- a/fs/overlayfs/export.c | ||
| 1170 | +++ b/fs/overlayfs/export.c | ||
| 1171 | @@ -395,6 +395,7 @@ static struct dentry *ovl_lookup_real_one(struct dentry *connected, | ||
| 1172 | */ | ||
| 1173 | take_dentry_name_snapshot(&name, real); | ||
| 1174 | this = lookup_one_len(name.name.name, connected, name.name.len); | ||
| 1175 | + release_dentry_name_snapshot(&name); | ||
| 1176 | err = PTR_ERR(this); | ||
| 1177 | if (IS_ERR(this)) { | ||
| 1178 | goto fail; | ||
| 1179 | @@ -409,7 +410,6 @@ static struct dentry *ovl_lookup_real_one(struct dentry *connected, | ||
| 1180 | } | ||
| 1181 | |||
| 1182 | out: | ||
| 1183 | - release_dentry_name_snapshot(&name); | ||
| 1184 | dput(parent); | ||
| 1185 | inode_unlock(dir); | ||
| 1186 | return this; | ||
| 1187 | diff --git a/fs/proc/base.c b/fs/proc/base.c | ||
| 1188 | index 90d2f62a96723..5a187e9b72212 100644 | ||
| 1189 | --- a/fs/proc/base.c | ||
| 1190 | +++ b/fs/proc/base.c | ||
| 1191 | @@ -549,8 +549,17 @@ static int proc_oom_score(struct seq_file *m, struct pid_namespace *ns, | ||
| 1192 | { | ||
| 1193 | unsigned long totalpages = totalram_pages() + total_swap_pages; | ||
| 1194 | unsigned long points = 0; | ||
| 1195 | + long badness; | ||
| 1196 | + | ||
| 1197 | + badness = oom_badness(task, totalpages); | ||
| 1198 | + /* | ||
| 1199 | + * Special case OOM_SCORE_ADJ_MIN for all others scale the | ||
| 1200 | + * badness value into [0, 2000] range which we have been | ||
| 1201 | + * exporting for a long time so userspace might depend on it. | ||
| 1202 | + */ | ||
| 1203 | + if (badness != LONG_MIN) | ||
| 1204 | + points = (1000 + badness * 1000 / (long)totalpages) * 2 / 3; | ||
| 1205 | |||
| 1206 | - points = oom_badness(task, totalpages) * 1000 / totalpages; | ||
| 1207 | seq_printf(m, "%lu\n", points); | ||
| 1208 | |||
| 1209 | return 0; | ||
| 1210 | diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h | ||
| 1211 | index 11a52f2fa35de..ddc66ab8a1def 100644 | ||
| 1212 | --- a/include/linux/netdevice.h | ||
| 1213 | +++ b/include/linux/netdevice.h | ||
| 1214 | @@ -3684,6 +3684,10 @@ int netdev_rx_handler_register(struct net_device *dev, | ||
| 1215 | void netdev_rx_handler_unregister(struct net_device *dev); | ||
| 1216 | |||
| 1217 | bool dev_valid_name(const char *name); | ||
| 1218 | +static inline bool is_socket_ioctl_cmd(unsigned int cmd) | ||
| 1219 | +{ | ||
| 1220 | + return _IOC_TYPE(cmd) == SOCK_IOC_TYPE; | ||
| 1221 | +} | ||
| 1222 | int dev_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr, | ||
| 1223 | bool *need_copyout); | ||
| 1224 | int dev_ifconf(struct net *net, struct ifconf *, int); | ||
| 1225 | diff --git a/include/linux/once.h b/include/linux/once.h | ||
| 1226 | index 9225ee6d96c75..ae6f4eb41cbe7 100644 | ||
| 1227 | --- a/include/linux/once.h | ||
| 1228 | +++ b/include/linux/once.h | ||
| 1229 | @@ -7,7 +7,7 @@ | ||
| 1230 | |||
| 1231 | bool __do_once_start(bool *done, unsigned long *flags); | ||
| 1232 | void __do_once_done(bool *done, struct static_key_true *once_key, | ||
| 1233 | - unsigned long *flags); | ||
| 1234 | + unsigned long *flags, struct module *mod); | ||
| 1235 | |||
| 1236 | /* Call a function exactly once. The idea of DO_ONCE() is to perform | ||
| 1237 | * a function call such as initialization of random seeds, etc, only | ||
| 1238 | @@ -46,7 +46,7 @@ void __do_once_done(bool *done, struct static_key_true *once_key, | ||
| 1239 | if (unlikely(___ret)) { \ | ||
| 1240 | func(__VA_ARGS__); \ | ||
| 1241 | __do_once_done(&___done, &___once_key, \ | ||
| 1242 | - &___flags); \ | ||
| 1243 | + &___flags, THIS_MODULE); \ | ||
| 1244 | } \ | ||
| 1245 | } \ | ||
| 1246 | ___ret; \ | ||
| 1247 | diff --git a/include/linux/oom.h b/include/linux/oom.h | ||
| 1248 | index b9df34326772c..2db9a14325112 100644 | ||
| 1249 | --- a/include/linux/oom.h | ||
| 1250 | +++ b/include/linux/oom.h | ||
| 1251 | @@ -48,7 +48,7 @@ struct oom_control { | ||
| 1252 | /* Used by oom implementation, do not set */ | ||
| 1253 | unsigned long totalpages; | ||
| 1254 | struct task_struct *chosen; | ||
| 1255 | - unsigned long chosen_points; | ||
| 1256 | + long chosen_points; | ||
| 1257 | |||
| 1258 | /* Used to print the constraint info. */ | ||
| 1259 | enum oom_constraint constraint; | ||
| 1260 | @@ -108,7 +108,7 @@ static inline vm_fault_t check_stable_address_space(struct mm_struct *mm) | ||
| 1261 | |||
| 1262 | bool __oom_reap_task_mm(struct mm_struct *mm); | ||
| 1263 | |||
| 1264 | -extern unsigned long oom_badness(struct task_struct *p, | ||
| 1265 | +long oom_badness(struct task_struct *p, | ||
| 1266 | unsigned long totalpages); | ||
| 1267 | |||
| 1268 | extern bool out_of_memory(struct oom_control *oc); | ||
| 1269 | diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c | ||
| 1270 | index e49c912f862d0..9dec6314cd28a 100644 | ||
| 1271 | --- a/kernel/audit_tree.c | ||
| 1272 | +++ b/kernel/audit_tree.c | ||
| 1273 | @@ -595,7 +595,6 @@ static void prune_tree_chunks(struct audit_tree *victim, bool tagged) | ||
| 1274 | spin_lock(&hash_lock); | ||
| 1275 | } | ||
| 1276 | spin_unlock(&hash_lock); | ||
| 1277 | - put_tree(victim); | ||
| 1278 | } | ||
| 1279 | |||
| 1280 | /* | ||
| 1281 | @@ -604,6 +603,7 @@ static void prune_tree_chunks(struct audit_tree *victim, bool tagged) | ||
| 1282 | static void prune_one(struct audit_tree *victim) | ||
| 1283 | { | ||
| 1284 | prune_tree_chunks(victim, false); | ||
| 1285 | + put_tree(victim); | ||
| 1286 | } | ||
| 1287 | |||
| 1288 | /* trim the uncommitted chunks from tree */ | ||
| 1289 | diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c | ||
| 1290 | index 0b5a446ee59c9..4deaf15b7618b 100644 | ||
| 1291 | --- a/kernel/bpf/verifier.c | ||
| 1292 | +++ b/kernel/bpf/verifier.c | ||
| 1293 | @@ -2778,6 +2778,41 @@ static void coerce_reg_to_size(struct bpf_reg_state *reg, int size) | ||
| 1294 | reg->smax_value = reg->umax_value; | ||
| 1295 | } | ||
| 1296 | |||
| 1297 | +static bool bpf_map_is_rdonly(const struct bpf_map *map) | ||
| 1298 | +{ | ||
| 1299 | + return (map->map_flags & BPF_F_RDONLY_PROG) && map->frozen; | ||
| 1300 | +} | ||
| 1301 | + | ||
| 1302 | +static int bpf_map_direct_read(struct bpf_map *map, int off, int size, u64 *val) | ||
| 1303 | +{ | ||
| 1304 | + void *ptr; | ||
| 1305 | + u64 addr; | ||
| 1306 | + int err; | ||
| 1307 | + | ||
| 1308 | + err = map->ops->map_direct_value_addr(map, &addr, off); | ||
| 1309 | + if (err) | ||
| 1310 | + return err; | ||
| 1311 | + ptr = (void *)(long)addr + off; | ||
| 1312 | + | ||
| 1313 | + switch (size) { | ||
| 1314 | + case sizeof(u8): | ||
| 1315 | + *val = (u64)*(u8 *)ptr; | ||
| 1316 | + break; | ||
| 1317 | + case sizeof(u16): | ||
| 1318 | + *val = (u64)*(u16 *)ptr; | ||
| 1319 | + break; | ||
| 1320 | + case sizeof(u32): | ||
| 1321 | + *val = (u64)*(u32 *)ptr; | ||
| 1322 | + break; | ||
| 1323 | + case sizeof(u64): | ||
| 1324 | + *val = *(u64 *)ptr; | ||
| 1325 | + break; | ||
| 1326 | + default: | ||
| 1327 | + return -EINVAL; | ||
| 1328 | + } | ||
| 1329 | + return 0; | ||
| 1330 | +} | ||
| 1331 | + | ||
| 1332 | /* check whether memory at (regno + off) is accessible for t = (read | write) | ||
| 1333 | * if t==write, value_regno is a register which value is stored into memory | ||
| 1334 | * if t==read, value_regno is a register which will receive the value from memory | ||
| 1335 | @@ -2815,9 +2850,27 @@ static int check_mem_access(struct bpf_verifier_env *env, int insn_idx, u32 regn | ||
| 1336 | if (err) | ||
| 1337 | return err; | ||
| 1338 | err = check_map_access(env, regno, off, size, false); | ||
| 1339 | - if (!err && t == BPF_READ && value_regno >= 0) | ||
| 1340 | - mark_reg_unknown(env, regs, value_regno); | ||
| 1341 | + if (!err && t == BPF_READ && value_regno >= 0) { | ||
| 1342 | + struct bpf_map *map = reg->map_ptr; | ||
| 1343 | + | ||
| 1344 | + /* if map is read-only, track its contents as scalars */ | ||
| 1345 | + if (tnum_is_const(reg->var_off) && | ||
| 1346 | + bpf_map_is_rdonly(map) && | ||
| 1347 | + map->ops->map_direct_value_addr) { | ||
| 1348 | + int map_off = off + reg->var_off.value; | ||
| 1349 | + u64 val = 0; | ||
| 1350 | |||
| 1351 | + err = bpf_map_direct_read(map, map_off, size, | ||
| 1352 | + &val); | ||
| 1353 | + if (err) | ||
| 1354 | + return err; | ||
| 1355 | + | ||
| 1356 | + regs[value_regno].type = SCALAR_VALUE; | ||
| 1357 | + __mark_reg_known(®s[value_regno], val); | ||
| 1358 | + } else { | ||
| 1359 | + mark_reg_unknown(env, regs, value_regno); | ||
| 1360 | + } | ||
| 1361 | + } | ||
| 1362 | } else if (reg->type == PTR_TO_CTX) { | ||
| 1363 | enum bpf_reg_type reg_type = SCALAR_VALUE; | ||
| 1364 | |||
| 1365 | diff --git a/lib/once.c b/lib/once.c | ||
| 1366 | index 8b7d6235217ee..59149bf3bfb4a 100644 | ||
| 1367 | --- a/lib/once.c | ||
| 1368 | +++ b/lib/once.c | ||
| 1369 | @@ -3,10 +3,12 @@ | ||
| 1370 | #include <linux/spinlock.h> | ||
| 1371 | #include <linux/once.h> | ||
| 1372 | #include <linux/random.h> | ||
| 1373 | +#include <linux/module.h> | ||
| 1374 | |||
| 1375 | struct once_work { | ||
| 1376 | struct work_struct work; | ||
| 1377 | struct static_key_true *key; | ||
| 1378 | + struct module *module; | ||
| 1379 | }; | ||
| 1380 | |||
| 1381 | static void once_deferred(struct work_struct *w) | ||
| 1382 | @@ -16,10 +18,11 @@ static void once_deferred(struct work_struct *w) | ||
| 1383 | work = container_of(w, struct once_work, work); | ||
| 1384 | BUG_ON(!static_key_enabled(work->key)); | ||
| 1385 | static_branch_disable(work->key); | ||
| 1386 | + module_put(work->module); | ||
| 1387 | kfree(work); | ||
| 1388 | } | ||
| 1389 | |||
| 1390 | -static void once_disable_jump(struct static_key_true *key) | ||
| 1391 | +static void once_disable_jump(struct static_key_true *key, struct module *mod) | ||
| 1392 | { | ||
| 1393 | struct once_work *w; | ||
| 1394 | |||
| 1395 | @@ -29,6 +32,8 @@ static void once_disable_jump(struct static_key_true *key) | ||
| 1396 | |||
| 1397 | INIT_WORK(&w->work, once_deferred); | ||
| 1398 | w->key = key; | ||
| 1399 | + w->module = mod; | ||
| 1400 | + __module_get(mod); | ||
| 1401 | schedule_work(&w->work); | ||
| 1402 | } | ||
| 1403 | |||
| 1404 | @@ -53,11 +58,11 @@ bool __do_once_start(bool *done, unsigned long *flags) | ||
| 1405 | EXPORT_SYMBOL(__do_once_start); | ||
| 1406 | |||
| 1407 | void __do_once_done(bool *done, struct static_key_true *once_key, | ||
| 1408 | - unsigned long *flags) | ||
| 1409 | + unsigned long *flags, struct module *mod) | ||
| 1410 | __releases(once_lock) | ||
| 1411 | { | ||
| 1412 | *done = true; | ||
| 1413 | spin_unlock_irqrestore(&once_lock, *flags); | ||
| 1414 | - once_disable_jump(once_key); | ||
| 1415 | + once_disable_jump(once_key, mod); | ||
| 1416 | } | ||
| 1417 | EXPORT_SYMBOL(__do_once_done); | ||
| 1418 | diff --git a/mm/oom_kill.c b/mm/oom_kill.c | ||
| 1419 | index 212e718743018..f1b810ddf2327 100644 | ||
| 1420 | --- a/mm/oom_kill.c | ||
| 1421 | +++ b/mm/oom_kill.c | ||
| 1422 | @@ -197,17 +197,17 @@ static bool is_dump_unreclaim_slabs(void) | ||
| 1423 | * predictable as possible. The goal is to return the highest value for the | ||
| 1424 | * task consuming the most memory to avoid subsequent oom failures. | ||
| 1425 | */ | ||
| 1426 | -unsigned long oom_badness(struct task_struct *p, unsigned long totalpages) | ||
| 1427 | +long oom_badness(struct task_struct *p, unsigned long totalpages) | ||
| 1428 | { | ||
| 1429 | long points; | ||
| 1430 | long adj; | ||
| 1431 | |||
| 1432 | if (oom_unkillable_task(p)) | ||
| 1433 | - return 0; | ||
| 1434 | + return LONG_MIN; | ||
| 1435 | |||
| 1436 | p = find_lock_task_mm(p); | ||
| 1437 | if (!p) | ||
| 1438 | - return 0; | ||
| 1439 | + return LONG_MIN; | ||
| 1440 | |||
| 1441 | /* | ||
| 1442 | * Do not even consider tasks which are explicitly marked oom | ||
| 1443 | @@ -219,7 +219,7 @@ unsigned long oom_badness(struct task_struct *p, unsigned long totalpages) | ||
| 1444 | test_bit(MMF_OOM_SKIP, &p->mm->flags) || | ||
| 1445 | in_vfork(p)) { | ||
| 1446 | task_unlock(p); | ||
| 1447 | - return 0; | ||
| 1448 | + return LONG_MIN; | ||
| 1449 | } | ||
| 1450 | |||
| 1451 | /* | ||
| 1452 | @@ -234,11 +234,7 @@ unsigned long oom_badness(struct task_struct *p, unsigned long totalpages) | ||
| 1453 | adj *= totalpages / 1000; | ||
| 1454 | points += adj; | ||
| 1455 | |||
| 1456 | - /* | ||
| 1457 | - * Never return 0 for an eligible task regardless of the root bonus and | ||
| 1458 | - * oom_score_adj (oom_score_adj can't be OOM_SCORE_ADJ_MIN here). | ||
| 1459 | - */ | ||
| 1460 | - return points > 0 ? points : 1; | ||
| 1461 | + return points; | ||
| 1462 | } | ||
| 1463 | |||
| 1464 | static const char * const oom_constraint_text[] = { | ||
| 1465 | @@ -311,7 +307,7 @@ static enum oom_constraint constrained_alloc(struct oom_control *oc) | ||
| 1466 | static int oom_evaluate_task(struct task_struct *task, void *arg) | ||
| 1467 | { | ||
| 1468 | struct oom_control *oc = arg; | ||
| 1469 | - unsigned long points; | ||
| 1470 | + long points; | ||
| 1471 | |||
| 1472 | if (oom_unkillable_task(task)) | ||
| 1473 | goto next; | ||
| 1474 | @@ -337,12 +333,12 @@ static int oom_evaluate_task(struct task_struct *task, void *arg) | ||
| 1475 | * killed first if it triggers an oom, then select it. | ||
| 1476 | */ | ||
| 1477 | if (oom_task_origin(task)) { | ||
| 1478 | - points = ULONG_MAX; | ||
| 1479 | + points = LONG_MAX; | ||
| 1480 | goto select; | ||
| 1481 | } | ||
| 1482 | |||
| 1483 | points = oom_badness(task, oc->totalpages); | ||
| 1484 | - if (!points || points < oc->chosen_points) | ||
| 1485 | + if (points == LONG_MIN || points < oc->chosen_points) | ||
| 1486 | goto next; | ||
| 1487 | |||
| 1488 | select: | ||
| 1489 | @@ -366,6 +362,8 @@ abort: | ||
| 1490 | */ | ||
| 1491 | static void select_bad_process(struct oom_control *oc) | ||
| 1492 | { | ||
| 1493 | + oc->chosen_points = LONG_MIN; | ||
| 1494 | + | ||
| 1495 | if (is_memcg_oom(oc)) | ||
| 1496 | mem_cgroup_scan_tasks(oc->memcg, oom_evaluate_task, oc); | ||
| 1497 | else { | ||
| 1498 | diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c | ||
| 1499 | index 0bad5db23129a..6fbc9cb09dc0e 100644 | ||
| 1500 | --- a/net/core/rtnetlink.c | ||
| 1501 | +++ b/net/core/rtnetlink.c | ||
| 1502 | @@ -2414,6 +2414,7 @@ static int do_setlink(const struct sk_buff *skb, | ||
| 1503 | return err; | ||
| 1504 | |||
| 1505 | if (tb[IFLA_NET_NS_PID] || tb[IFLA_NET_NS_FD] || tb[IFLA_TARGET_NETNSID]) { | ||
| 1506 | + const char *pat = ifname && ifname[0] ? ifname : NULL; | ||
| 1507 | struct net *net = rtnl_link_get_net_capable(skb, dev_net(dev), | ||
| 1508 | tb, CAP_NET_ADMIN); | ||
| 1509 | if (IS_ERR(net)) { | ||
| 1510 | @@ -2421,7 +2422,7 @@ static int do_setlink(const struct sk_buff *skb, | ||
| 1511 | goto errout; | ||
| 1512 | } | ||
| 1513 | |||
| 1514 | - err = dev_change_net_namespace(dev, net, ifname); | ||
| 1515 | + err = dev_change_net_namespace(dev, net, pat); | ||
| 1516 | put_net(net); | ||
| 1517 | if (err) | ||
| 1518 | goto errout; | ||
| 1519 | diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c | ||
| 1520 | index fedad3a3e61b8..fd8298b8b1c52 100644 | ||
| 1521 | --- a/net/ipv4/ip_gre.c | ||
| 1522 | +++ b/net/ipv4/ip_gre.c | ||
| 1523 | @@ -446,6 +446,8 @@ static void __gre_xmit(struct sk_buff *skb, struct net_device *dev, | ||
| 1524 | |||
| 1525 | static int gre_handle_offloads(struct sk_buff *skb, bool csum) | ||
| 1526 | { | ||
| 1527 | + if (csum && skb_checksum_start(skb) < skb->data) | ||
| 1528 | + return -EINVAL; | ||
| 1529 | return iptunnel_handle_offloads(skb, csum ? SKB_GSO_GRE_CSUM : SKB_GSO_GRE); | ||
| 1530 | } | ||
| 1531 | |||
| 1532 | diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c | ||
| 1533 | index 4a988ce4264cb..4bcc36e4b2ef0 100644 | ||
| 1534 | --- a/net/netfilter/nf_conntrack_core.c | ||
| 1535 | +++ b/net/netfilter/nf_conntrack_core.c | ||
| 1536 | @@ -66,22 +66,17 @@ EXPORT_SYMBOL_GPL(nf_conntrack_hash); | ||
| 1537 | |||
| 1538 | struct conntrack_gc_work { | ||
| 1539 | struct delayed_work dwork; | ||
| 1540 | - u32 last_bucket; | ||
| 1541 | + u32 next_bucket; | ||
| 1542 | bool exiting; | ||
| 1543 | bool early_drop; | ||
| 1544 | - long next_gc_run; | ||
| 1545 | }; | ||
| 1546 | |||
| 1547 | static __read_mostly struct kmem_cache *nf_conntrack_cachep; | ||
| 1548 | static DEFINE_SPINLOCK(nf_conntrack_locks_all_lock); | ||
| 1549 | static __read_mostly bool nf_conntrack_locks_all; | ||
| 1550 | |||
| 1551 | -/* every gc cycle scans at most 1/GC_MAX_BUCKETS_DIV part of table */ | ||
| 1552 | -#define GC_MAX_BUCKETS_DIV 128u | ||
| 1553 | -/* upper bound of full table scan */ | ||
| 1554 | -#define GC_MAX_SCAN_JIFFIES (16u * HZ) | ||
| 1555 | -/* desired ratio of entries found to be expired */ | ||
| 1556 | -#define GC_EVICT_RATIO 50u | ||
| 1557 | +#define GC_SCAN_INTERVAL (120u * HZ) | ||
| 1558 | +#define GC_SCAN_MAX_DURATION msecs_to_jiffies(10) | ||
| 1559 | |||
| 1560 | static struct conntrack_gc_work conntrack_gc_work; | ||
| 1561 | |||
| 1562 | @@ -1226,17 +1221,13 @@ static void nf_ct_offload_timeout(struct nf_conn *ct) | ||
| 1563 | |||
| 1564 | static void gc_worker(struct work_struct *work) | ||
| 1565 | { | ||
| 1566 | - unsigned int min_interval = max(HZ / GC_MAX_BUCKETS_DIV, 1u); | ||
| 1567 | - unsigned int i, goal, buckets = 0, expired_count = 0; | ||
| 1568 | - unsigned int nf_conntrack_max95 = 0; | ||
| 1569 | + unsigned long end_time = jiffies + GC_SCAN_MAX_DURATION; | ||
| 1570 | + unsigned int i, hashsz, nf_conntrack_max95 = 0; | ||
| 1571 | + unsigned long next_run = GC_SCAN_INTERVAL; | ||
| 1572 | struct conntrack_gc_work *gc_work; | ||
| 1573 | - unsigned int ratio, scanned = 0; | ||
| 1574 | - unsigned long next_run; | ||
| 1575 | - | ||
| 1576 | gc_work = container_of(work, struct conntrack_gc_work, dwork.work); | ||
| 1577 | |||
| 1578 | - goal = nf_conntrack_htable_size / GC_MAX_BUCKETS_DIV; | ||
| 1579 | - i = gc_work->last_bucket; | ||
| 1580 | + i = gc_work->next_bucket; | ||
| 1581 | if (gc_work->early_drop) | ||
| 1582 | nf_conntrack_max95 = nf_conntrack_max / 100u * 95u; | ||
| 1583 | |||
| 1584 | @@ -1244,22 +1235,21 @@ static void gc_worker(struct work_struct *work) | ||
| 1585 | struct nf_conntrack_tuple_hash *h; | ||
| 1586 | struct hlist_nulls_head *ct_hash; | ||
| 1587 | struct hlist_nulls_node *n; | ||
| 1588 | - unsigned int hashsz; | ||
| 1589 | struct nf_conn *tmp; | ||
| 1590 | |||
| 1591 | - i++; | ||
| 1592 | rcu_read_lock(); | ||
| 1593 | |||
| 1594 | nf_conntrack_get_ht(&ct_hash, &hashsz); | ||
| 1595 | - if (i >= hashsz) | ||
| 1596 | - i = 0; | ||
| 1597 | + if (i >= hashsz) { | ||
| 1598 | + rcu_read_unlock(); | ||
| 1599 | + break; | ||
| 1600 | + } | ||
| 1601 | |||
| 1602 | hlist_nulls_for_each_entry_rcu(h, n, &ct_hash[i], hnnode) { | ||
| 1603 | struct net *net; | ||
| 1604 | |||
| 1605 | tmp = nf_ct_tuplehash_to_ctrack(h); | ||
| 1606 | |||
| 1607 | - scanned++; | ||
| 1608 | if (test_bit(IPS_OFFLOAD_BIT, &tmp->status)) { | ||
| 1609 | nf_ct_offload_timeout(tmp); | ||
| 1610 | continue; | ||
| 1611 | @@ -1267,7 +1257,6 @@ static void gc_worker(struct work_struct *work) | ||
| 1612 | |||
| 1613 | if (nf_ct_is_expired(tmp)) { | ||
| 1614 | nf_ct_gc_expired(tmp); | ||
| 1615 | - expired_count++; | ||
| 1616 | continue; | ||
| 1617 | } | ||
| 1618 | |||
| 1619 | @@ -1299,7 +1288,14 @@ static void gc_worker(struct work_struct *work) | ||
| 1620 | */ | ||
| 1621 | rcu_read_unlock(); | ||
| 1622 | cond_resched(); | ||
| 1623 | - } while (++buckets < goal); | ||
| 1624 | + i++; | ||
| 1625 | + | ||
| 1626 | + if (time_after(jiffies, end_time) && i < hashsz) { | ||
| 1627 | + gc_work->next_bucket = i; | ||
| 1628 | + next_run = 0; | ||
| 1629 | + break; | ||
| 1630 | + } | ||
| 1631 | + } while (i < hashsz); | ||
| 1632 | |||
| 1633 | if (gc_work->exiting) | ||
| 1634 | return; | ||
| 1635 | @@ -1310,40 +1306,17 @@ static void gc_worker(struct work_struct *work) | ||
| 1636 | * | ||
| 1637 | * This worker is only here to reap expired entries when system went | ||
| 1638 | * idle after a busy period. | ||
| 1639 | - * | ||
| 1640 | - * The heuristics below are supposed to balance conflicting goals: | ||
| 1641 | - * | ||
| 1642 | - * 1. Minimize time until we notice a stale entry | ||
| 1643 | - * 2. Maximize scan intervals to not waste cycles | ||
| 1644 | - * | ||
| 1645 | - * Normally, expire ratio will be close to 0. | ||
| 1646 | - * | ||
| 1647 | - * As soon as a sizeable fraction of the entries have expired | ||
| 1648 | - * increase scan frequency. | ||
| 1649 | */ | ||
| 1650 | - ratio = scanned ? expired_count * 100 / scanned : 0; | ||
| 1651 | - if (ratio > GC_EVICT_RATIO) { | ||
| 1652 | - gc_work->next_gc_run = min_interval; | ||
| 1653 | - } else { | ||
| 1654 | - unsigned int max = GC_MAX_SCAN_JIFFIES / GC_MAX_BUCKETS_DIV; | ||
| 1655 | - | ||
| 1656 | - BUILD_BUG_ON((GC_MAX_SCAN_JIFFIES / GC_MAX_BUCKETS_DIV) == 0); | ||
| 1657 | - | ||
| 1658 | - gc_work->next_gc_run += min_interval; | ||
| 1659 | - if (gc_work->next_gc_run > max) | ||
| 1660 | - gc_work->next_gc_run = max; | ||
| 1661 | + if (next_run) { | ||
| 1662 | + gc_work->early_drop = false; | ||
| 1663 | + gc_work->next_bucket = 0; | ||
| 1664 | } | ||
| 1665 | - | ||
| 1666 | - next_run = gc_work->next_gc_run; | ||
| 1667 | - gc_work->last_bucket = i; | ||
| 1668 | - gc_work->early_drop = false; | ||
| 1669 | queue_delayed_work(system_power_efficient_wq, &gc_work->dwork, next_run); | ||
| 1670 | } | ||
| 1671 | |||
| 1672 | static void conntrack_gc_work_init(struct conntrack_gc_work *gc_work) | ||
| 1673 | { | ||
| 1674 | INIT_DEFERRABLE_WORK(&gc_work->dwork, gc_worker); | ||
| 1675 | - gc_work->next_gc_run = HZ; | ||
| 1676 | gc_work->exiting = false; | ||
| 1677 | } | ||
| 1678 | |||
| 1679 | diff --git a/net/qrtr/qrtr.c b/net/qrtr/qrtr.c | ||
| 1680 | index faea2ce125110..b97a786d048cc 100644 | ||
| 1681 | --- a/net/qrtr/qrtr.c | ||
| 1682 | +++ b/net/qrtr/qrtr.c | ||
| 1683 | @@ -314,7 +314,7 @@ int qrtr_endpoint_post(struct qrtr_endpoint *ep, const void *data, size_t len) | ||
| 1684 | goto err; | ||
| 1685 | } | ||
| 1686 | |||
| 1687 | - if (len != ALIGN(size, 4) + hdrlen) | ||
| 1688 | + if (!size || len != ALIGN(size, 4) + hdrlen) | ||
| 1689 | goto err; | ||
| 1690 | |||
| 1691 | if (cb->dst_port != QRTR_PORT_CTRL && cb->type != QRTR_TYPE_DATA) | ||
| 1692 | diff --git a/net/rds/ib_frmr.c b/net/rds/ib_frmr.c | ||
| 1693 | index 06ecf9d2d4bf1..ef6acd7211180 100644 | ||
| 1694 | --- a/net/rds/ib_frmr.c | ||
| 1695 | +++ b/net/rds/ib_frmr.c | ||
| 1696 | @@ -131,9 +131,9 @@ static int rds_ib_post_reg_frmr(struct rds_ib_mr *ibmr) | ||
| 1697 | cpu_relax(); | ||
| 1698 | } | ||
| 1699 | |||
| 1700 | - ret = ib_map_mr_sg_zbva(frmr->mr, ibmr->sg, ibmr->sg_len, | ||
| 1701 | + ret = ib_map_mr_sg_zbva(frmr->mr, ibmr->sg, ibmr->sg_dma_len, | ||
| 1702 | &off, PAGE_SIZE); | ||
| 1703 | - if (unlikely(ret != ibmr->sg_len)) | ||
| 1704 | + if (unlikely(ret != ibmr->sg_dma_len)) | ||
| 1705 | return ret < 0 ? ret : -EINVAL; | ||
| 1706 | |||
| 1707 | if (cmpxchg(&frmr->fr_state, | ||
| 1708 | diff --git a/net/socket.c b/net/socket.c | ||
| 1709 | index b14917dd811ad..94358566c9d10 100644 | ||
| 1710 | --- a/net/socket.c | ||
| 1711 | +++ b/net/socket.c | ||
| 1712 | @@ -1053,7 +1053,7 @@ static long sock_do_ioctl(struct net *net, struct socket *sock, | ||
| 1713 | rtnl_unlock(); | ||
| 1714 | if (!err && copy_to_user(argp, &ifc, sizeof(struct ifconf))) | ||
| 1715 | err = -EFAULT; | ||
| 1716 | - } else { | ||
| 1717 | + } else if (is_socket_ioctl_cmd(cmd)) { | ||
| 1718 | struct ifreq ifr; | ||
| 1719 | bool need_copyout; | ||
| 1720 | if (copy_from_user(&ifr, argp, sizeof(struct ifreq))) | ||
| 1721 | @@ -1062,6 +1062,8 @@ static long sock_do_ioctl(struct net *net, struct socket *sock, | ||
| 1722 | if (!err && need_copyout) | ||
| 1723 | if (copy_to_user(argp, &ifr, sizeof(struct ifreq))) | ||
| 1724 | return -EFAULT; | ||
| 1725 | + } else { | ||
| 1726 | + err = -ENOTTY; | ||
| 1727 | } | ||
| 1728 | return err; | ||
| 1729 | } | ||
| 1730 | @@ -3228,6 +3230,8 @@ static int compat_ifr_data_ioctl(struct net *net, unsigned int cmd, | ||
| 1731 | struct ifreq ifreq; | ||
| 1732 | u32 data32; | ||
| 1733 | |||
| 1734 | + if (!is_socket_ioctl_cmd(cmd)) | ||
| 1735 | + return -ENOTTY; | ||
| 1736 | if (copy_from_user(ifreq.ifr_name, u_ifreq32->ifr_name, IFNAMSIZ)) | ||
| 1737 | return -EFAULT; | ||
| 1738 | if (get_user(data32, &u_ifreq32->ifr_data)) |