14
679 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
0780b1ab09 |
This is the 5.4.263 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmVyyWIACgkQONu9yGCS
aT6Y8A//QJPg7pguCawsJGrem3a5dvhi9scNMmfuhKZOKS73JEmt4yudB9IOUjIX
1c1aBcJo5yYMZq5L9mhXnlgkgqENxE9fI45FtMdwoKiriEQ0w9OBLlfZuKN9lwzC
tyIigaGE5DD3SqL8e/04LNmMPPdolM38lJ368fYaD3T4d7LfwK0qHJFL8dSg4OFQ
VaePViMFgbodjtSXoERNjVLaNtSlQDQytiWHMiQX2uf6CIIRbm+zFHn2Se1mUgh3
WGT9JfXZ+achPw6OLhSIjwL+7vowhn3eRETq4zGkkNSK+rmB6W7zjPhou4SYsmc+
FAYXvalmhQWWjlmIyZzO7GIVtgx19VuEYB8h5KLvp6DXQ0h0wCBOGgsfIT4icbgW
wO0R+toWYY3Y79OLRGiMjiL9b60njJYnrm7JrheRD+BIm2jva+Tb7UxhC6QDMfH6
a8fya8iJDNZWggwpx67JUANdMO8e+2rS4ttNxW0gTZSHhyEjo1HXctKBEmmtXk4s
HGNV5xUniPnzrP8rduNqePG5B6c3wqOHUwj45L4scGmeC0DzW7E8EBgkHfRcU6CG
ik9z5nQeDikREfK7cp8OSFtLaEBWSIX57XwHWDTMVPDGTN8EQ6eI7vTnQH3xOhA8
VWFfwcU6avROM/ih7eJ+X4JvuDKcAGTPeD6oF3II0MLPK2m7ZmE=
=p/ty
-----END PGP SIGNATURE-----
Merge 5.4.263 into android11-5.4-lts
Changes in 5.4.263
driver core: Release all resources during unbind before updating device links
RDMA/irdma: Prevent zero-length STAG registration
PCI: keystone: Drop __init from ks_pcie_add_pcie_{ep,port}()
afs: Make error on cell lookup failure consistent with OpenAFS
drm/panel: simple: Fix Innolux G101ICE-L01 bus flags
drm/panel: simple: Fix Innolux G101ICE-L01 timings
ata: pata_isapnp: Add missing error check for devm_ioport_map()
drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full
HID: core: store the unique system identifier in hid_device
HID: fix HID device resource race between HID core and debugging support
ipv4: Correct/silence an endian warning in __ip_do_redirect
net: usb: ax88179_178a: fix failed operations during ax88179_reset
arm/xen: fix xen_vcpu_info allocation alignment
amd-xgbe: handle corner-case during sfp hotplug
amd-xgbe: handle the corner-case during tx completion
amd-xgbe: propagate the correct speed and duplex status
net: axienet: Fix check for partial TX checksum
afs: Return ENOENT if no cell DNS record can be found
afs: Fix file locking on R/O volumes to operate in local mode
nvmet: remove unnecessary ctrl parameter
nvmet: nul-terminate the NQNs passed in the connect command
MIPS: KVM: Fix a build warning about variable set but not used
ext4: add a new helper to check if es must be kept
ext4: factor out __es_alloc_extent() and __es_free_extent()
ext4: use pre-allocated es in __es_insert_extent()
ext4: use pre-allocated es in __es_remove_extent()
ext4: using nofail preallocation in ext4_es_remove_extent()
ext4: using nofail preallocation in ext4_es_insert_delayed_block()
ext4: using nofail preallocation in ext4_es_insert_extent()
ext4: fix slab-use-after-free in ext4_es_insert_extent()
ext4: make sure allocate pending entry not fail
arm64: cpufeature: Extract capped perfmon fields
KVM: arm64: limit PMU version to PMUv3 for ARMv8.1
ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA
bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce()
s390/dasd: protect device queue against concurrent access
USB: serial: option: add Luat Air72*U series products
hv_netvsc: Fix race of register_netdevice_notifier and VF register
hv_netvsc: Mark VF as slave before exposing it to user-mode
dm-delay: fix a race between delay_presuspend and delay_bio
bcache: check return value from btree_node_alloc_replacement()
bcache: prevent potential division by zero error
USB: serial: option: add Fibocom L7xx modules
USB: serial: option: fix FM101R-GL defines
USB: serial: option: don't claim interface 4 for ZTE MF290
USB: dwc2: write HCINT with INTMASK applied
usb: dwc3: set the dma max_seg_size
USB: dwc3: qcom: fix resource leaks on probe deferral
USB: dwc3: qcom: fix wakeup after probe deferral
io_uring: fix off-by one bvec index
pinctrl: avoid reload of p state in list iteration
firewire: core: fix possible memory leak in create_units()
mmc: block: Do not lose cache flush during CQE error recovery
ALSA: hda: Disable power-save on KONTRON SinglePC
ALSA: hda/realtek: Headset Mic VREF to 100%
ALSA: hda/realtek: Add supported ALC257 for ChromeOS
dm-verity: align struct dm_verity_fec_io properly
dm verity: don't perform FEC for failed readahead IO
bcache: revert replacing IS_ERR_OR_NULL with IS_ERR
powerpc: Don't clobber f0/vs0 during fp|altivec register save
btrfs: add dmesg output for first mount and last unmount of a filesystem
btrfs: fix off-by-one when checking chunk map includes logical address
btrfs: send: ensure send_fd is writable
btrfs: make error messages more clear when getting a chunk map
Input: xpad - add HyperX Clutch Gladiate Support
ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet
net: stmmac: xgmac: Disable FPE MMC interrupts
ravb: Fix races between ravb_tx_timeout_work() and net related ops
net: ravb: Use pm_runtime_resume_and_get()
net: ravb: Start TX queues after HW initialization succeeded
smb3: fix touch -h of symlink
s390/mm: fix phys vs virt confusion in mark_kernel_pXd() functions family
s390/cmma: fix detection of DAT pages
mtd: cfi_cmdset_0001: Support the absence of protection registers
mtd: cfi_cmdset_0001: Byte swap OTP info
fbdev: stifb: Make the STI next font pointer a 32-bit signed offset
ima: annotate iint mutex to avoid lockdep false positive warnings
ovl: skip overlayfs superblocks at global sync
ima: detect changes to the backing overlay file
scsi: qla2xxx: Simplify the code for aborting SCSI commands
scsi: core: Introduce the scsi_cmd_to_rq() function
scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
scsi: qla2xxx: Fix system crash due to bad pointer access
cpufreq: imx6q: don't warn for disabling a non-existing frequency
cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily
mmc: cqhci: Increase recovery halt timeout
mmc: cqhci: Warn of halt or task clear failure
mmc: cqhci: Fix task clearing in CQE error recovery
mmc: core: convert comma to semicolon
mmc: block: Retry commands in CQE error recovery
Linux 5.4.263
Change-Id: I5187b50207d7ed37d7448664448409ed75106ea1
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Andrew Murray
|
78c1e3aa69 |
KVM: arm64: limit PMU version to PMUv3 for ARMv8.1
commit c854188ea01062f5a5fd7f05658feb1863774eaa upstream. We currently expose the PMU version of the host to the guest via emulation of the DFR0_EL1 and AA64DFR0_EL1 debug feature registers. However many of the features offered beyond PMUv3 for 8.1 are not supported in KVM. Examples of this include support for the PMMIR registers (added in PMUv3 for ARMv8.4) and 64-bit event counters added in (PMUv3 for ARMv8.5). Let's trap the Debug Feature Registers in order to limit PMUVer/PerfMon in the Debug Feature Registers to PMUv3 for ARMv8.1 to avoid unexpected behaviour. Both ID_AA64DFR0.PMUVer and ID_DFR0.PerfMon follow the "Alternative ID scheme used for the Performance Monitors Extension version" where 0xF means an IMPLEMENTATION DEFINED PMU is implemented, and values 0x0-0xE are treated as with an unsigned field (with 0x0 meaning no PMU is present). As we don't expect to expose an IMPLEMENTATION DEFINED PMU, and our cap is below 0xF, we can treat these fields as unsigned when applying the cap. Signed-off-by: Andrew Murray <andrew.murray@arm.com> Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com> [Mark: make field names consistent, use perfmon cap] Signed-off-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Will Deacon <will@kernel.org> Signed-off-by: Zenghui Yu <yuzenghui@huawei.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
James Morse
|
970a21404e |
arm64: Use the clearbhb instruction in mitigations
commit 228a26b912287934789023b4132ba76065d9491c upstream. Future CPUs may implement a clearbhb instruction that is sufficient to mitigate SpectreBHB. CPUs that implement this instruction, but not CSV2.3 must be affected by Spectre-BHB. Add support to use this instruction as the BHB mitigation on CPUs that support it. The instruction is in the hint space, so it will be treated by a NOP as older CPUs. Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> [ modified for stable: Use a KVM vector template instead of alternatives, removed bitmap of mitigations ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
James Morse
|
9013fd4bc9 |
arm64: Mitigate spectre style branch history side channels
commit 558c303c9734af5a813739cd284879227f7297d2 upstream. Speculation attacks against some high-performance processors can make use of branch history to influence future speculation. When taking an exception from user-space, a sequence of branches or a firmware call overwrites or invalidates the branch history. The sequence of branches is added to the vectors, and should appear before the first indirect branch. For systems using KPTI the sequence is added to the kpti trampoline where it has a free register as the exit from the trampoline is via a 'ret'. For systems not using KPTI, the same register tricks are used to free up a register in the vectors. For the firmware call, arch-workaround-3 clobbers 4 registers, so there is no choice but to save them to the EL1 stack. This only happens for entry from EL0, so if we take an exception due to the stack access, it will not become re-entrant. For KVM, the existing branch-predictor-hardening vectors are used. When a spectre version of these vectors is in use, the firmware call is sufficient to mitigate against Spectre-BHB. For the non-spectre versions, the sequence of branches is added to the indirect vector. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Cc: <stable@kernel.org> # <v5.17.x 72bb9dcb6c33c arm64: Add Cortex-X2 CPU part definition Cc: <stable@kernel.org> # <v5.16.x 2d0d656700d67 arm64: Add Neoverse-N2, Cortex-A710 CPU part definition Cc: <stable@kernel.org> # <v5.10.x 8a6b88e66233f arm64: Add part number for Arm Cortex-A77 [ modified for stable, moved code to cpu_errata.c removed bitmap of mitigations, use kvm template infrastructure ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
James Morse
|
26129ea295 |
KVM: arm64: Add templates for BHB mitigation sequences
KVM writes the Spectre-v2 mitigation template at the beginning of each vector when a CPU requires a specific sequence to run. Because the template is copied, it can not be modified by the alternatives at runtime. Add templates for calling ARCH_WORKAROUND_3 and one for each value of K in the brancy-loop. Instead of adding dummy functions for 'fn', which would disable the Spectre-v2 mitigation, add template_start to indicate that a template (and which one) is in use. Finally add a copy of install_bp_hardening_cb() that is able to install these. Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
James Morse
|
c45d885c5a |
arm64: Add percpu vectors for EL1
commit bd09128d16fac3c34b80bd6a29088ac632e8ce09 upstream. The Spectre-BHB workaround adds a firmware call to the vectors. This is needed on some CPUs, but not others. To avoid the unaffected CPU in a big/little pair from making the firmware call, create per cpu vectors. The per-cpu vectors only apply when returning from EL0. Systems using KPTI can use the canonical 'full-fat' vectors directly at EL1, the trampoline exit code will switch to this_cpu_vector on exit to EL0. Systems not using KPTI should always use this_cpu_vector. this_cpu_vector will point at a vector in tramp_vecs or __bp_harden_el1_vectors, depending on whether KPTI is in use. Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Joey Gouly
|
7103651c98 |
arm64: add ID_AA64ISAR2_EL1 sys register
commit 9e45365f1469ef2b934f9d035975dbc9ad352116 upstream. This is a new ID register, introduced in 8.7. Signed-off-by: Joey Gouly <joey.gouly@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Marc Zyngier <maz@kernel.org> Cc: James Morse <james.morse@arm.com> Cc: Alexandru Elisei <alexandru.elisei@arm.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: Reiji Watanabe <reijiw@google.com> Acked-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20211210165432.8106-3-joey.gouly@arm.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
James Morse
|
194240faf6 |
UPSTREAM: arm64: Use the clearbhb instruction in mitigations
commit 228a26b912287934789023b4132ba76065d9491c upstream. Future CPUs may implement a clearbhb instruction that is sufficient to mitigate SpectreBHB. CPUs that implement this instruction, but not CSV2.3 must be affected by Spectre-BHB. Add support to use this instruction as the BHB mitigation on CPUs that support it. The instruction is in the hint space, so it will be treated by a NOP as older CPUs. Bug: 215557547 Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> [ modified for stable: Use a KVM vector template instead of alternatives, removed bitmap of mitigations ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ic48741d6d4e7ad14bcf802ab58b082128c5f5a01 |
||
|
James Morse
|
18ee502110 |
UPSTREAM: arm64: Mitigate spectre style branch history side channels
commit 558c303c9734af5a813739cd284879227f7297d2 upstream. Speculation attacks against some high-performance processors can make use of branch history to influence future speculation. When taking an exception from user-space, a sequence of branches or a firmware call overwrites or invalidates the branch history. The sequence of branches is added to the vectors, and should appear before the first indirect branch. For systems using KPTI the sequence is added to the kpti trampoline where it has a free register as the exit from the trampoline is via a 'ret'. For systems not using KPTI, the same register tricks are used to free up a register in the vectors. For the firmware call, arch-workaround-3 clobbers 4 registers, so there is no choice but to save them to the EL1 stack. This only happens for entry from EL0, so if we take an exception due to the stack access, it will not become re-entrant. For KVM, the existing branch-predictor-hardening vectors are used. When a spectre version of these vectors is in use, the firmware call is sufficient to mitigate against Spectre-BHB. For the non-spectre versions, the sequence of branches is added to the indirect vector. Bug: 215557547 Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Cc: <stable@kernel.org> # <v5.17.x 72bb9dcb6c33c arm64: Add Cortex-X2 CPU part definition Cc: <stable@kernel.org> # <v5.16.x 2d0d656700d67 arm64: Add Neoverse-N2, Cortex-A710 CPU part definition Cc: <stable@kernel.org> # <v5.10.x 8a6b88e66233f arm64: Add part number for Arm Cortex-A77 [ modified for stable, moved code to cpu_errata.c removed bitmap of mitigations, use kvm template infrastructure ] Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Iec7c20a517027e59c83cce400d8bcb662536d3ad |
||
|
James Morse
|
f734ff58b6 |
UPSTREAM: KVM: arm64: Add templates for BHB mitigation sequences
KVM writes the Spectre-v2 mitigation template at the beginning of each vector when a CPU requires a specific sequence to run. Because the template is copied, it can not be modified by the alternatives at runtime. Add templates for calling ARCH_WORKAROUND_3 and one for each value of K in the brancy-loop. Instead of adding dummy functions for 'fn', which would disable the Spectre-v2 mitigation, add template_start to indicate that a template (and which one) is in use. Finally add a copy of install_bp_hardening_cb() that is able to install these. Bug: 215557547 Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I9c90d2191cfd1b5b3454404c782b127f63a305fe |
||
|
James Morse
|
36b454a8d4 |
UPSTREAM: arm64: Add percpu vectors for EL1
commit bd09128d16fac3c34b80bd6a29088ac632e8ce09 upstream. The Spectre-BHB workaround adds a firmware call to the vectors. This is needed on some CPUs, but not others. To avoid the unaffected CPU in a big/little pair from making the firmware call, create per cpu vectors. The per-cpu vectors only apply when returning from EL0. Systems using KPTI can use the canonical 'full-fat' vectors directly at EL1, the trampoline exit code will switch to this_cpu_vector on exit to EL0. Systems not using KPTI should always use this_cpu_vector. this_cpu_vector will point at a vector in tramp_vecs or __bp_harden_el1_vectors, depending on whether KPTI is in use. Bug: 215557547 Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: If8b6df2e834d4a1dde1976607c082319aebbfe99 |
||
|
Joey Gouly
|
a08470635c |
UPSTREAM: arm64: add ID_AA64ISAR2_EL1 sys register
commit 9e45365f1469ef2b934f9d035975dbc9ad352116 upstream. This is a new ID register, introduced in 8.7. Bug: 215557547 Signed-off-by: Joey Gouly <joey.gouly@arm.com> Cc: Will Deacon <will@kernel.org> Cc: Marc Zyngier <maz@kernel.org> Cc: James Morse <james.morse@arm.com> Cc: Alexandru Elisei <alexandru.elisei@arm.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: Reiji Watanabe <reijiw@google.com> Acked-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20211210165432.8106-3-joey.gouly@arm.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: James Morse <james.morse@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I62126d6a386355416b5ab1250277880af4a6da78 |
||
|
Greg Kroah-Hartman
|
e8365b472c |
This is the 5.4.125 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmDB+Z8ACgkQONu9yGCS aT5qig//WVut449WUeYQLKD8rAB5CUVm2Xl3509Ts8W6LSzYGHiYv1SRVeH2y1lS QnfCnBciopl2UyYxqXGQwoRYdY1T2E/MWUmwGUk0/qlZYOzg5xQ368Shm0lvohJI DsywZrYqJDUCoeyXoWJYrq/3RiAvMK30teKDcn1A2HhhWdo0nsGLp1GUX396ptcV 3xw2ZvCVwuikwxq5jlQKUEkH59TD/ZkCzvn9gfd86FY1R0ohApLJckhGIuT3wA1c Tfekgvfngx1HcEWIAzWFqZPoB8mOF5pn06yZhuPdMKa8UUq78ckN7kbchERj2wJD cDFSQQrMI3nL9sA8ryYV1YFl3fyGX5Epm4O465whzjKWoZ9HwN+iwl6Qv+kOmX41 YUmpUplhsPN+I7+cX1jF7Ohw583uDbFPw6XbyZ0ArZr03JVVv4Vjrv5QA9fVHR06 OP7+zEUlBtu/g3k0Bj5MU8UKem0shXavkPqukrtB+MhrXh2VngEXEVOvKMOFgA4b BnBEga4SrCR/wB+SucIV4fqzV0tq4HD/cPpy67OafrWoqhwlnBsMCQUd+puxkCnM y+eEoRwTzRSW+U9y8KdAERW8qSR/vCyKCUoaKxOV3Jj0v8xp0Y6VHKlKmb//w5Gn Lk7sNjD60Um3Au53A5pJvh8qNg+OsNc46sEmGGndE4Mrada93gE= =O2C+ -----END PGP SIGNATURE----- Merge 5.4.125 into android11-5.4-lts Changes in 5.4.125 btrfs: tree-checker: do not error out if extent ref hash doesn't match net: usb: cdc_ncm: don't spew notifications ALSA: usb: update old-style static const declaration nl80211: validate key indexes for cfg80211_registered_device hwmon: (dell-smm-hwmon) Fix index values netfilter: conntrack: unregister ipv4 sockopts on error unwind efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared efi: cper: fix snprintf() use in cper_dimm_err_location() vfio/pci: Fix error return code in vfio_ecap_init() vfio/pci: zap_vma_ptes() needs MMU samples: vfio-mdev: fix error handing in mdpy_fb_probe() vfio/platform: fix module_put call in error flow ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service HID: pidff: fix error return code in hid_pidff_init() HID: i2c-hid: fix format string mismatch net/sched: act_ct: Fix ct template allocation for zone 0 ACPICA: Clean up context mutex during object deletion netfilter: nft_ct: skip expectations for confirmed conntrack netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches ieee802154: fix error return code in ieee802154_add_iface() ieee802154: fix error return code in ieee802154_llsec_getparams() ixgbevf: add correct exception tracing for XDP ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions ice: write register with correct offset ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared ice: Allow all LLDP packets from PF to Tx i2c: qcom-geni: Add shutdown callback for i2c i40e: optimize for XDP_REDIRECT in xsk path i40e: add correct exception tracing for XDP arm64: dts: ls1028a: fix memory node arm64: dts: zii-ultra: fix 12V_MAIN voltage ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property ARM: dts: imx7d-pico: Fix the 'tuning-step' property ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act tipc: add extack messages for bearer/media failure tipc: fix unique bearer names sanity check Bluetooth: fix the erroneous flush_work() order Bluetooth: use correct lock to prevent UAF of hdev object net: caif: added cfserl_release function net: caif: add proper error handling net: caif: fix memory leak in caif_device_notify net: caif: fix memory leak in cfusbl_device_notify HID: i2c-hid: Skip ELAN power-on command after reset HID: magicmouse: fix NULL-deref on disconnect HID: multitouch: require Finger field to mark Win8 reports as MT ALSA: timer: Fix master timer notification ALSA: hda: Fix for mute key LED for HP Pavilion 15-CK0xx ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed usb: dwc2: Fix build in periphal-only mode pid: take a reference when initializing `cad_pid` ocfs2: fix data corruption by fallocate nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect drm/amdgpu: Don't query CE and UE errors drm/amdgpu: make sure we unpin the UVD BO x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing btrfs: mark ordered extent and inode with error if we fail to finish btrfs: fix error handling in btrfs_del_csums btrfs: return errors from btrfs_del_csums in cleanup_ref_head btrfs: fixup error handling in fixup_inode_link_counts mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY bnxt_en: Remove the setting of dev_port. mm: add thp_order XArray: add xa_get_order XArray: add xas_split mm/filemap: fix storing to a THP shadow entry btrfs: fix unmountable seed device after fstrim KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode KVM: arm64: Fix debug register indexing x86/kvm: Teardown PV features on boot CPU as well x86/kvm: Disable kvmclock on all CPUs on shutdown x86/kvm: Disable all PV features on crash lib/lz4: explicitly support in-place decompression xen-pciback: redo VF placement in the virtual topology i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops neighbour: allow NUD_NOARP entries to be forced GCed Linux 5.4.125 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7228d64dfff6856a9a277bf07acf84a87f947466 |
||
Marc Zyngier
|
f82030a586 |
KVM: arm64: Fix debug register indexing
commit cb853ded1d25e5b026ce115dbcde69e3d7e2e831 upstream. Commit |
||
|
Greg Kroah-Hartman
|
24769800ac |
This is the 5.4.121 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmCo0UgACgkQONu9yGCS
aT518BAAvnehTRdJsIaNTkHakC0RewR0DURUVovlLKyyoDro9AShGPztwEOrlUoc
HweLawothBcuEmNmOzYxVVz4Io7lsKZHStm1ZSMnCu4AwdnjWNgyGSM/hwWQ5o/0
BBEQVrp9WoRo+9o2uRQap52EBfDzNyYTiOeeNUD7XAh9NYp7UxzenACBjSzBnJpH
q7U5kuqgGsc0bxWd2plgqxaYBTScbe4OkVYpUOQ/odBjiJ5+USof6+a4MhZ7uCVj
wPxBK4ZzNv6cDiPxvAxALIhauAAx0XSyHQs/l7J3qux2yQ8o59fymvXTSn4cg/LE
66hZDEb7DBcEQkVoO+W1Vg4Ww3v+hY3Fz7bhr2xU82v/rD48D0tEd+YLEgM8unfJ
WeCgApiP8k4ikSNFthgkPXQ74WOll6DC1LW/NiVvC2SE+kVj9oA0VCFYJjDCHb5L
fbfJQ2CkTR+JWGezXDIO9BauvcA6A9nCJPmUPpYD1aSkZmaw0vLvyTSly5BH5yoM
BYWCO+hGMQeMh/p+VZgaXIfsI7YE7+tO3zpVRE3WVNPF+IesI6A1sqMcuLIlr8+j
Lqwk/YB1tzbd1EWVQ+lAIxEehMjvcxikhp3fr8jzkvE6cbkH/EETr1JvORTbAggw
csdm2q3OT8PY2fC88d0Uo/SEL3UtFwo4h0d9UOYGxDLR9wR6hQ4=
=q0ia
-----END PGP SIGNATURE-----
Merge 5.4.121 into android11-5.4-lts
Changes in 5.4.121
x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes
kgdb: fix gcc-11 warning on indentation
usb: sl811-hcd: improve misleading indentation
cxgb4: Fix the -Wmisleading-indentation warning
isdn: capi: fix mismatched prototypes
pinctrl: ingenic: Improve unreachable code generation
xsk: Simplify detection of empty and full rings
virtio_net: Do not pull payload in skb->head
PCI: thunder: Fix compile testing
dmaengine: dw-edma: Fix crash on loading/unloading driver
ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend()
ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices
Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state
um: Mark all kernel symbols as local
um: Disable CONFIG_GCOV with MODULES
ARM: 9075/1: kernel: Fix interrupted SMC calls
scripts/recordmcount.pl: Fix RISC-V regex for clang
riscv: Workaround mcount name prior to clang-13
scsi: lpfc: Fix illegal memory access on Abort IOCBs
ceph: fix fscache invalidation
scsi: target: tcmu: Return from tcmu_handle_completions() if cmd_id not found
bridge: Fix possible races between assigning rx_handler_data and setting IFF_BRIDGE_PORT bit
drm/amd/display: Fix two cursor duplication when using overlay
gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
block: reexpand iov_iter after read/write
lib: stackdepot: turn depot_lock spinlock to raw_spinlock
net: stmmac: Do not enable RX FIFO overflow interrupts
ip6_gre: proper dev_{hold|put} in ndo_[un]init methods
sit: proper dev_{hold|put} in ndo_[un]init methods
ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods
ipv6: remove extra dev_hold() for fallback tunnels
KVM: arm64: Initialize VCPU mdcr_el2 before loading it
tweewide: Fix most Shebang lines
scripts: switch explicitly to Python 3
Linux 5.4.121
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id68f6327cbc30835a108223919aae5873bb3f8c9
|
||
Alexandru Elisei
|
2524958069 |
KVM: arm64: Initialize VCPU mdcr_el2 before loading it
commit 263d6287da1433aba11c5b4046388f2cdf49675c upstream.
When a VCPU is created, the kvm_vcpu struct is initialized to zero in
kvm_vm_ioctl_create_vcpu(). On VHE systems, the first time
vcpu.arch.mdcr_el2 is loaded on hardware is in vcpu_load(), before it is
set to a sensible value in kvm_arm_setup_debug() later in the run loop. The
result is that KVM executes for a short time with MDCR_EL2 set to zero.
This has several unintended consequences:
* Setting MDCR_EL2.HPMN to 0 is constrained unpredictable according to ARM
DDI 0487G.a, page D13-3820. The behavior specified by the architecture
in this case is for the PE to behave as if MDCR_EL2.HPMN is set to a
value less than or equal to PMCR_EL0.N, which means that an unknown
number of counters are now disabled by MDCR_EL2.HPME, which is zero.
* The host configuration for the other debug features controlled by
MDCR_EL2 is temporarily lost. This has been harmless so far, as Linux
doesn't use the other fields, but that might change in the future.
Let's avoid both issues by initializing the VCPU's mdcr_el2 field in
kvm_vcpu_vcpu_first_run_init(), thus making sure that the MDCR_EL2 register
has a consistent value after each vcpu_load().
Fixes:
|
||
|
Greg Kroah-Hartman
|
926c4200b8 |
This is the 5.4.113 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmB5XRYACgkQONu9yGCS aT6tkw//cUijsvzw8t+Yn1ZF7uyqtgDpYxKwFYekQTtTA3+QoGOAg7YAvkDncUq5 F/9OBbbEwvIeKM13yw1sxU4l73/hgbpcz5FXsKZvpNei6GbZtXOMFrn6kVVII0iy 2hADzZGs3k37VTR5/2HtznRPhmncBamotqx3Anhu9B3XCvNwRsBejhCNwDJv7bgz m8xH0CmrW6s2Y3XnELCTODNRquYMh8guWeyCtIhi0evRl9UrPU39MDPWHN0GmxwX tWMQMlvo/h7vT+gNaMUpJB50yy8SuKLNdM8jBU7RMH34+NZ3jX4DYS4FGtclq0E9 O77+JJFw1VmrBLmOZPu/Dh5WGf3RE5opKIoAX+4GcLKGRqFGK8g3A/JqQtM1N7fJ 6iqKgArLdPRu0K10dPIEsEGKfWnDXLg45bfOJ2Q3Uo39Q18k94b0czVn02M0EUw3 buYv5QzDMkY4c4bLPevutLAJGbdGsh9cIF4kXb1Iv3BGmcdFcFL+R7oCi77v2irY Sh5+1imsAsZok/22yr4WObj/9CVNmS8W/nT6ez1fGupiMugJECdh7bQgIzWJ0Mh9 tNmQXVCtv9swtv8aU2nI5eSyFX4U/ecS0AauIsROgVQmnaudm60gml2PvngMTNku cOEUEnVHLLyaJUezfYMuJiXxOuAHlHPIw3Z1ZO/WDzaV1lpFZig= =SMsQ -----END PGP SIGNATURE----- Merge 5.4.113 into android11-5.4-lts Changes in 5.4.113 interconnect: core: fix error return code of icc_link_destroy() KVM: arm64: Hide system instruction access to Trace registers KVM: arm64: Disable guest access to trace filter controls drm/imx: imx-ldb: fix out of bounds array access warning gfs2: report "already frozen/thawed" errors drm/tegra: dc: Don't set PLL clock to 0Hz block: only update parent bi_status when bio fail radix tree test suite: Register the main thread with the RCU library idr test suite: Take RCU read lock in idr_find_test_1 idr test suite: Create anchor before launching throbber riscv,entry: fix misaligned base for excp_vect_table block: don't ignore REQ_NOWAIT for direct IO netfilter: x_tables: fix compat match/target pad out-of-bound write driver core: Fix locking bug in deferred_probe_timeout_work_func() perf tools: Use %define api.pure full instead of %pure-parser perf tools: Use %zd for size_t printf formats on 32-bit perf map: Tighten snprintf() string precision to pass gcc check on some 32-bit arches xen/events: fix setting irq affinity Linux 5.4.113 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1bd71a185bc8cb13e61f776772f813fce839d321 |
||
Suzuki K Poulose
|
e1ff1c6bbe |
KVM: arm64: Disable guest access to trace filter controls
[ Upstream commit a354a64d91eec3e0f8ef0eed575b480fd75b999c ] Disable guest access to the Trace Filter control registers. We do not advertise the Trace filter feature to the guest (ID_AA64DFR0_EL1: TRACE_FILT is cleared) already, but the guest can still access the TRFCR_EL1 unless we trap it. This will also make sure that the guest cannot fiddle with the filtering controls set by a nvhe host. Cc: Marc Zyngier <maz@kernel.org> Cc: Will Deacon <will@kernel.org> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20210323120647.454211-3-suzuki.poulose@arm.com Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
8963cb8881 |
This is the 5.4.107 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBVwvYACgkQONu9yGCS aT7ODBAAwMd9UQ1u5imfCkgmbkVPpF+dW5NSR1stpVrKPzAU+Yspf4YNXMyMrBMa OhDAqKWhlsZAFm5FJFw4mMK35LclFJAAktksGzBrrE9nkL0+il88/GO1mGUHRP5G 0PK4WKkS33svG8cZq7yCWP07eS1lHhLcHb4MN19kqQvErjVD0jIp8qrB7VXp45Ef eFRVtejkCa4ycjp+oxx+jUqOq5rPws7szYKKXLcvyP3/XmetOlAb2+Qh/iHhwUTT XI3u6lv5lGHeoy6PkVXE+TdYT0/53Gcp8fDJMjVLW0Z3DV5EQfPZZSQE+16fO5q3 QA4cbPTdjy39eW6GHK8Yc9Mocl/I6b87Nhw3FvocyfDx6s4/xugGW8rDshnOHZmp Pjt5UfS4RdFQT0jfztSR06yNgXdsCORo0YE4CuBO7609MXlF9TMSqMKSIWU2yhMn Sq0Dk/6rt22sCJbEgcNfDH97QNP2S+2F7OzQXVZxb0biG0kcwZ70IFfJHxWJID07 KNgWEkOg2AZhplak94ORORWSQBkHRCvAnSw/Qq4f4JgtB6yTJPLC76v8rNI2tVDt PpyvoYLb5seBt3OOkPF5lBB3WYPqpTUTmxA2aPF2CoNL9z0miZPPnJ2Vfh8NG+P9 kPNSColpTAnwFFZOCrHN3sPGkNWsA/fGqISxq+crKlAEmTQc9Z4= =dH0a -----END PGP SIGNATURE----- Merge 5.4.107 into android11-5.4-lts Changes in 5.4.107 KVM: arm64: nvhe: Save the SPE context early bpf: Prohibit alu ops for pointer types not defining ptr_limit bpf: Fix off-by-one for area size in creating mask to left bpf: Simplify alu_limit masking for pointer arithmetic bpf: Add sanity check for upper ptr_limit bpf, selftests: Fix up some test_verifier cases for unprivileged btrfs: scrub: Don't check free space before marking a block group RO drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang drm/i915/gvt: Fix mmio handler break on BXT/APL. drm/i915/gvt: Fix virtual display setup for BXT/APL drm/i915/gvt: Fix port number for BDW on EDID region setup drm/i915/gvt: Fix vfio_edid issue for BXT/APL fuse: fix live lock in fuse_iget() crypto: x86 - Regularize glue function prototypes crypto: aesni - Use TEST %reg,%reg instead of CMP $0,%reg crypto: x86/aes-ni-xts - use direct calls to and 4-way stride net: dsa: tag_mtk: fix 802.1ad VLAN egress net: dsa: b53: Support setting learning on port Linux 5.4.107 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3da7020a7d39d72ffbcb0baf4267b7dbc0fc0891 |
||
|
Suzuki K Poulose
|
010c5bee66 |
KVM: arm64: nvhe: Save the SPE context early
commit b96b0c5de685df82019e16826a282d53d86d112c upstream The nVHE KVM hyp drains and disables the SPE buffer, before entering the guest, as the EL1&0 translation regime is going to be loaded with that of the guest. But this operation is performed way too late, because : - The owning translation regime of the SPE buffer is transferred to EL2. (MDCR_EL2_E2PB == 0) - The guest Stage1 is loaded. Thus the flush could use the host EL1 virtual address, but use the EL2 translations instead of host EL1, for writing out any cached data. Fix this by moving the SPE buffer handling early enough. The restore path is doing the right thing. Cc: stable@vger.kernel.org # v5.4- Cc: Christoffer Dall <christoffer.dall@arm.com> Cc: Marc Zyngier <maz@kernel.org> Cc: Will Deacon <will@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Alexandru Elisei <alexandru.elisei@arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> Acked-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
25491b4ff3 |
This is the 5.4.106 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmBSKIcACgkQONu9yGCS
aT6nww//RYwO4quTQO9h/SnVtYta3C0bkgSjLCuLjM6LY20L5sHiPxMXKn3LTb67
SSFtW7vyR4gOmIduQ783yoDxzSGuKZvQ48zh5OZYXD4GlhP9JZ5y4IkEf5r0SGIA
k4pYYX8rPLNaeOu8TprjdGdaDFC4XplFfZEN19sympvv2q20qD+JzvcjjhyCFmvk
4A9NibAStU4jUK8AvY4STJb9XmaYo337Btv3Y2j+qUBVj6fMsNCfUif1SdGHA4de
TPzaPVOIm5p4USOy/m+hsc0e/q+nzz+VYYk+T7X9NDU+kAiEOjdyMqwNOtfAUl9A
k7aca4oQMjO+MNVGrvER7xF0Se+wlTomTINzLYf0YTfkCMh9+Me+pFr8Fivdvhv9
/mBFOJ0qqYXpezUETh7F5tgzMUHkzEcOiOpEG/sINxnsZXJaa09VJrS2GYIjILFN
Epe83Z4ekbZtIzfUY+RWYVEP44fvV1lmLqKIs7z4xoz/IgF2NR++ABwyScCY1E2X
GstK4fJ7wHA/usbmQofyfLMEF9hvawOu/GwWP2IVQRbK3E5Miux+tTkLXvVhqlr+
CrLXHb8OZSb4+bzZb3fFLg/B6mR+MiNKXYp2WW1/7pqhTfJHHg8P7Ui72nAcM5Jw
+W0Gezv/DtPqbhK6rGGTUxOTYOvWqJEuh6QAI4mDx1kIeevw13o=
=MKFy
-----END PGP SIGNATURE-----
Merge 5.4.106 into android11-5.4-lts
Changes in 5.4.106
uapi: nfnetlink_cthelper.h: fix userspace compilation error
powerpc/pseries: Don't enforce MSI affinity with kdump
ethernet: alx: fix order of calls on resume
ath9k: fix transmitting to stations in dynamic SMPS mode
net: Fix gro aggregation for udp encaps with zero csum
net: check if protocol extracted by virtio_net_hdr_set_proto is correct
net: avoid infinite loop in mpls_gso_segment when mpls_hlen == 0
sh_eth: fix TRSCER mask for SH771x
can: skb: can_skb_set_owner(): fix ref counting if socket was closed before setting skb ownership
can: flexcan: assert FRZ bit in flexcan_chip_freeze()
can: flexcan: enable RX FIFO after FRZ/HALT valid
can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode
can: tcan4x5x: tcan4x5x_init(): fix initialization - clear MRAM before entering Normal Mode
tcp: add sanity tests to TCP_QUEUE_SEQ
netfilter: nf_nat: undo erroneous tcp edemux lookup
netfilter: x_tables: gpf inside xt_find_revision()
selftests/bpf: No need to drop the packet when there is no geneve opt
selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in test_verifier
samples, bpf: Add missing munmap in xdpsock
ibmvnic: always store valid MAC address
mt76: dma: do not report truncated frames to mac80211
powerpc/603: Fix protection of user pages mapped with PROT_NONE
mount: fix mounting of detached mounts onto targets that reside on shared mounts
cifs: return proper error code in statfs(2)
Revert "mm, slub: consider rest of partial list if acquire_slab() fails"
net: enetc: don't overwrite the RSS indirection table when initializing
net/mlx4_en: update moderation when config reset
net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10
nexthop: Do not flush blackhole nexthops when loopback goes down
net: sched: avoid duplicates in classes dump
net: usb: qmi_wwan: allow qmimux add/del with master up
netdevsim: init u64 stats for 32bit hardware
cipso,calipso: resolve a number of problems with the DOI refcounts
net: lapbether: Remove netif_start_queue / netif_stop_queue
net: davicom: Fix regulator not turned off on failed probe
net: davicom: Fix regulator not turned off on driver removal
net: qrtr: fix error return code of qrtr_sendmsg()
ixgbe: fail to create xfrm offload of IPsec tunnel mode SA
net: stmmac: stop each tx channel independently
net: stmmac: fix watchdog timeout during suspend/resume stress test
selftests: forwarding: Fix race condition in mirror installation
perf traceevent: Ensure read cmdlines are null terminated.
net: hns3: fix query vlan mask value error for flow director
net: hns3: fix bug when calculating the TCAM table info
s390/cio: return -EFAULT if copy_to_user() fails again
bnxt_en: reliably allocate IRQ table on reset to avoid crash
drm/compat: Clear bounce structures
drm/shmem-helper: Check for purged buffers in fault handler
drm/shmem-helper: Don't remove the offset in vm_area_struct pgoff
drm: meson_drv add shutdown function
s390/cio: return -EFAULT if copy_to_user() fails
s390/crypto: return -EFAULT if copy_to_user() fails
qxl: Fix uninitialised struct field head.surface_id
sh_eth: fix TRSCER mask for R7S9210
media: usbtv: Fix deadlock on suspend
media: v4l: vsp1: Fix uif null pointer access
media: v4l: vsp1: Fix bru null pointer access
media: rc: compile rc-cec.c into rc-core
net: hns3: fix error mask definition of flow director
net: enetc: initialize RFS/RSS memories for unused ports too
net: phy: fix save wrong speed and duplex problem if autoneg is on
i2c: rcar: faster irq code to minimize HW race condition
i2c: rcar: optimize cacheline to minimize HW race condition
udf: fix silent AED tagLocation corruption
mmc: mxs-mmc: Fix a resource leak in an error handling path in 'mxs_mmc_probe()'
mmc: mediatek: fix race condition between msdc_request_timeout and irq
Platform: OLPC: Fix probe error handling
powerpc/pci: Add ppc_md.discover_phbs()
spi: stm32: make spurious and overrun interrupts visible
powerpc: improve handling of unrecoverable system reset
powerpc/perf: Record counter overflow always if SAMPLE_IP is unset
HID: logitech-dj: add support for the new lightspeed connection iteration
powerpc/64: Fix stack trace not displaying final frame
iommu/amd: Fix performance counter initialization
sparc32: Limit memblock allocation to low memory
sparc64: Use arch_validate_flags() to validate ADI flag
Input: applespi - don't wait for responses to commands indefinitely.
PCI: xgene-msi: Fix race in installing chained irq handler
PCI: mediatek: Add missing of_node_put() to fix reference leak
kbuild: clamp SUBLEVEL to 255
PCI: Fix pci_register_io_range() memory leak
i40e: Fix memory leak in i40e_probe
s390/smp: __smp_rescan_cpus() - move cpumask away from stack
sysctl.c: fix underflow value setting risk in vm_table
scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling
scsi: target: core: Add cmd length set before cmd complete
scsi: target: core: Prevent underflow for service actions
ALSA: usb: Add Plantronics C320-M USB ctrl msg delay quirk
ALSA: hda/hdmi: Cancel pending works before suspend
ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support
ALSA: hda: Drop the BATCH workaround for AMD controllers
ALSA: hda: Flush pending unsolicited events before suspend
ALSA: hda: Avoid spurious unsol event handling during S3/S4
ALSA: usb-audio: Fix "cannot get freq eq" errors on Dell AE515 sound bar
ALSA: usb-audio: Apply the control quirk to Plantronics headsets
Revert 95ebabde382c ("capabilities: Don't allow writing ambiguous v3 file capabilities")
arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL
s390/dasd: fix hanging DASD driver unbind
s390/dasd: fix hanging IO request during DASD driver unbind
software node: Fix node registration
mmc: core: Fix partition switch time for eMMC
mmc: cqhci: Fix random crash when remove mmc module/card
Goodix Fingerprint device is not a modem
USB: gadget: u_ether: Fix a configfs return code
usb: gadget: f_uac2: always increase endpoint max_packet_size by one audio slot
usb: gadget: f_uac1: stop playback on function disable
usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement
usb: dwc3: qcom: Honor wakeup enabled/disabled state
USB: usblp: fix a hang in poll() if disconnected
usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
usb: xhci: do not perform Soft Retry for some xHCI hosts
xhci: Improve detection of device initiated wake signal.
usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing
xhci: Fix repeated xhci wake after suspend due to uncleared internal wake state
USB: serial: io_edgeport: fix memory leak in edge_startup
USB: serial: ch341: add new Product ID
USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
USB: serial: cp210x: add some more GE USB IDs
usbip: fix stub_dev to check for stream socket
usbip: fix vhci_hcd to check for stream socket
usbip: fix vudc to check for stream socket
usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
usbip: fix vhci_hcd attach_store() races leading to gpf
usbip: fix vudc usbip_sockfd_store races leading to gpf
misc/pvpanic: Export module FDT device table
misc: fastrpc: restrict user apps from sending kernel RPC messages
staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
staging: rtl8712: unterminated string leads to read overflow
staging: rtl8188eu: fix potential memory corruption in rtw_check_beacon_data()
staging: ks7010: prevent buffer overflow in ks_wlan_set_scan()
staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
staging: comedi: addi_apci_1032: Fix endian problem for COS sample
staging: comedi: addi_apci_1500: Fix endian problem for command sample
staging: comedi: adv_pci1710: Fix endian problem for AI command data
staging: comedi: das6402: Fix endian problem for AI command data
staging: comedi: das800: Fix endian problem for AI command data
staging: comedi: dmm32at: Fix endian problem for AI command data
staging: comedi: me4000: Fix endian problem for AI command data
staging: comedi: pcl711: Fix endian problem for AI command data
staging: comedi: pcl818: Fix endian problem for AI command data
sh_eth: fix TRSCER mask for R7S72100
arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory
SUNRPC: Set memalloc_nofs_save() for sync tasks
NFS: Don't revalidate the directory permissions on a lookup failure
NFS: Don't gratuitously clear the inode cache when lookup failed
NFSv4.2: fix return value of _nfs4_get_security_label()
block: rsxx: fix error return code of rsxx_pci_probe()
configfs: fix a use-after-free in __configfs_open_file
arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds
hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event()
stop_machine: mark helpers __always_inline
include/linux/sched/mm.h: use rcu_dereference in in_vfork()
zram: fix return value on writeback_store
sched/membarrier: fix missing local execution of ipi_sync_rq_state()
powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
binfmt_misc: fix possible deadlock in bm_register_write
x86/unwind/orc: Disable KASAN checking in the ORC unwinder, part 2
KVM: arm64: Fix exclusive limit for IPA size
nvme: unlink head after removing last namespace
nvme: release namespace head reference on error
KVM: arm64: Ensure I-cache isolation between vcpus of a same VM
KVM: arm64: Reject VM creation when the default IPA size is unsupported
xen/events: reset affinity of 2-level event when tearing it down
xen/events: don't unmask an event channel when an eoi is pending
xen/events: avoid handling the same event on two cpus at the same time
Linux 5.4.106
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I14a7c69a857d6b64e7cf72003120c99610279bae
|
||
|
Marc Zyngier
|
38563c1ff0 |
KVM: arm64: Reject VM creation when the default IPA size is unsupported
Commit 7d717558dd5ef10d28866750d5c24ff892ea3778 upstream.
KVM/arm64 has forever used a 40bit default IPA space, partially
due to its 32bit heritage (where the only choice is 40bit).
However, there are implementations in the wild that have a *cough*
much smaller *cough* IPA space, which leads to a misprogramming of
VTCR_EL2, and a guest that is stuck on its first memory access
if userspace dares to ask for the default IPA setting (which most
VMMs do).
Instead, blundly reject the creation of such VM, as we can't
satisfy the requirements from userspace (with a one-off warning).
Also clarify the boot warning, and document that the VM creation
will fail when an unsupported IPA size is provided.
Although this is an ABI change, it doesn't really change much
for userspace:
- the guest couldn't run before this change, but no error was
returned. At least userspace knows what is happening.
- a memory slot that was accepted because it did fit the default
IPA space now doesn't even get a chance to be registered.
The other thing that is left doing is to convince userspace to
actually use the IPA space setting instead of relying on the
antiquated default.
Fixes:
|
||
|
Marc Zyngier
|
da2e37b55d |
KVM: arm64: Ensure I-cache isolation between vcpus of a same VM
Commit 01dc9262ff5797b675c32c0c6bc682777d23de05 upstream. It recently became apparent that the ARMv8 architecture has interesting rules regarding attributes being used when fetching instructions if the MMU is off at Stage-1. In this situation, the CPU is allowed to fetch from the PoC and allocate into the I-cache (unless the memory is mapped with the XN attribute at Stage-2). If we transpose this to vcpus sharing a single physical CPU, it is possible for a vcpu running with its MMU off to influence another vcpu running with its MMU on, as the latter is expected to fetch from the PoU (and self-patching code doesn't flush below that level). In order to solve this, reuse the vcpu-private TLB invalidation code to apply the same policy to the I-cache, nuking it every time the vcpu runs on a physical CPU that ran another vcpu of the same VM in the past. This involve renaming __kvm_tlb_flush_local_vmid() to __kvm_flush_cpu_context(), and inserting a local i-cache invalidation there. Cc: stable@vger.kernel.org Signed-off-by: Marc Zyngier <maz@kernel.org> Acked-by: Will Deacon <will@kernel.org> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Link: https://lore.kernel.org/r/20210303164505.68492-1-maz@kernel.org [maz: added 32bit ARM support] Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
b19ff965a7 |
This is the 5.4.90 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmAENzgACgkQONu9yGCS aT7khA//eTBSPP1vAJIqph0YgQbgCCzvzQTj5enM6F1cCZqVha8s0ZjY4fl9Mkky MTVmQdGEem4MoqypzFgAQPQn8KpoM//sQue+b9evny3wU/cmgry5Hs7H3F1/Y7Yv q27Q5jzRTmvcy4Up21FhpFE58FXCXiO5H58FrtKEuJtoCxk+akyGuF8Z0UH3Rvp/ FTKjAKnfzQ9b3MjBJY16W3EqZnpLB+sFMhimS+QyHAr4biTXgIhM/ZebyKxYOGDw fq9MX5XCSM5Aka9RfWIGl8FF5y1IICkBQ0Il+xI7zsQwONFD9UIMhAcTE2LxybQT YsV/GJ7r/nZWSTcup+vD+tTNceXQoBY2EDGIKeX3rNme8cLWWJeDbTc7KbIkIi35 ctRFeEcUiFMoQEhIXyi7c8DcOU4xjmTUXtigjhcLLzAODuOBriWbIsM81RuLwNGC i/jLYEWhQ+tXozLsmb1/7fL8mvAlZfD3Vwkm4aTSSPul1i52tqBnRZBSut0+KRMa +SOpxytl+H5tFV6Z3bI0lrtJ0xnKdr0oJj367JsxIG1yeOpkqe8CEFWW+14TsjqV R1ETqDTtqi8YTGfIgp4Q3EUe9LdoJwUQFKh1lv0SMKYac6vtz/C+MxziJXHPValE dNK3MocE1zpfMgnZpHP/IwbLOeiWfNl+ZL/wpD73EUr1PvUiRvQ= =4Noe -----END PGP SIGNATURE----- Merge 5.4.90 into android11-5.4-lts Changes in 5.4.90 x86/asm/32: Add ENDs to some functions and relabel with SYM_CODE_* vfio iommu: Add dma available capability net: cdc_ncm: correct overhead in delayed_ndp_size net: hns3: fix the number of queues actually used by ARQ net: hns3: fix a phy loopback fail issue net: stmmac: dwmac-sun8i: Balance internal PHY resource references net: stmmac: dwmac-sun8i: Balance internal PHY power net: vlan: avoid leaks on register_vlan_dev() failures net/sonic: Fix some resource leaks in error handling paths net: ipv6: fib: flush exceptions when purging route tools: selftests: add test for changing routes with PTMU exceptions net: fix pmtu check in nopmtudisc mode net: ip: always refragment ip defragmented packets octeontx2-af: fix memory leak of lmac and lmac->name nexthop: Fix off-by-one error in error path nexthop: Unlink nexthop group entry in error path s390/qeth: fix L2 header access in qeth_l3_osa_features_check() net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE net/mlx5: Use port_num 1 instead of 0 when delete a RoCE address net/mlx5e: ethtool, Fix restriction of autoneg with 56G chtls: Fix hardware tid leak chtls: Remove invalid set_tcb call chtls: Fix panic when route to peer not configured chtls: Replace skb_dequeue with skb_peek chtls: Added a check to avoid NULL pointer dereference chtls: Fix chtls resources release sequence x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR x86/resctrl: Don't move a task to the same resource group exfat: Month timestamp metadata accidentally incremented vmlinux.lds.h: Add PGO and AutoFDO input sections iio: imu: st_lsm6dsx: fix edge-trigger interrupts HID: wacom: Fix memory leakage caused by kfifo_alloc ARM: OMAP2+: omap_device: fix idling of devices during probe i2c: sprd: use a specific timeout to avoid system hang up issue dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk() can: tcan4x5x: fix bittiming const, use common bittiming from m_can driver can: m_can: m_can_class_unregister(): remove erroneous m_can_clk_stop() can: kvaser_pciefd: select CONFIG_CRC32 cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() spi: stm32: FIFO threshold level - fix align packet size i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function dmaengine: xilinx_dma: check dma_async_device_register return value dmaengine: xilinx_dma: fix incompatible param warning in _child_probe() dmaengine: xilinx_dma: fix mixed_enum_type coverity warning qed: select CONFIG_CRC32 wil6210: select CONFIG_CRC32 block: rsxx: select CONFIG_CRC32 lightnvm: select CONFIG_CRC32 iommu/intel: Fix memleak in intel_irq_remapping_alloc bpftool: Fix compilation failure for net.o with older glibc net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups net/mlx5e: Fix two double free cases regmap: debugfs: Fix a memory leak when calling regmap_attach_dev wan: ds26522: select CONFIG_BITREVERSE regulator: qcom-rpmh-regulator: correct hfsmps515 definition net: mvpp2: disable force link UP during port init procedure KVM: arm64: Don't access PMCR_EL0 when no PMU is available block: fix use-after-free in disk_part_iter_next net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() Linux 5.4.90 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I36d497eb94180397ab6ef2e370842e1ff6daefaf |
||
|
Marc Zyngier
|
c5fe50e18f |
KVM: arm64: Don't access PMCR_EL0 when no PMU is available
commit 2a5f1b67ec577fb1544b563086e0377f095f88e2 upstream.
We reset the guest's view of PMCR_EL0 unconditionally, based on
the host's view of this register. It is however legal for an
implementation not to provide any PMU, resulting in an UNDEF.
The obvious fix is to skip the reset of this shadow register
when no PMU is available, sidestepping the issue entirely.
If no PMU is available, the guest is not able to request
a virtual PMU anyway, so not doing nothing is the right thing
to do!
It is unlikely that this bug can hit any HW implementation
though, as they all provide a PMU. It has been found using nested
virt with the host KVM not implementing the PMU itself.
Fixes:
|
||
|
Greg Kroah-Hartman
|
d45416b62b |
This is the 5.4.86 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl/sW9MACgkQONu9yGCS
aT5SwBAAo6dgHqwmPfuf98/8oVeVqTxcmE7GpzpVRH2+yI7Zwk2ez29tAflcM7lT
LKtR2WFGAxoCL4DUKXeO7Ubwpue5NoBIsJ8/dAYBesojps3WDaFGL55PvJLWwFJ7
5gPtPzynITaqIC1JCFcrJ7OTp7REiCUZRc1CJXJINWAYL1VbEbH8pH904xfFcivy
XnNyL9UiWp1lSB8oF3CRJOaK5M5gY1+wdCFaLVqQn306XDEM8PvZK4G3at/jXWgH
jQjArdtC8M8NwjyTwtqW9JAMV+6CD0/HXk0QboTZg6yiaRrtUsfzMqJ1cvhKcQgO
kLE3rwdnr3/MxuzSnGWbswflG2WCutoah58g0uN8H0nCiui5mKN6x5K+emgDZIoO
ndDnh+/5OE247EK+3CGn/0N8i/fOymrLAnLL4wCXVdlQLMCalnL37ibdfGbAptXi
N3GOGZ2iEglvTsEr5w0r86+AzNskm5EqA7mFGFiAyf9viR2xwYk3RrWf2ZyMRos2
2S7mKcZmw7voDu2TIDIhqydToBKxmYI/mUn3mFFme1h3lwzM3zYG1aovVLfd5NkY
Gx5E/CA/ut/3n0u/dXJ8SxEitBWkqImp5UdYcElQNxQoXnVU4yKmjf6dDL9Wqh+1
ujCiaCUJd3PY0uXXIb6RWWGs2VaL4xiEnk+ZBm0VI9WEUWksSx0=
=jnmv
-----END PGP SIGNATURE-----
Merge 5.4.86 into android11-5.4-lts
Changes in 5.4.86
ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY
ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator
ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node
pinctrl: merrifield: Set default bias in case no particular value given
pinctrl: baytrail: Avoid clearing debounce value when turning it off
ARM: dts: sun8i: v3s: fix GIC node memory range
ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY
ARM: dts: imx6qdl-wandboard-revd1: Remove PAD_GPIO_6 from enetgrp
ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin
PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter
gpio: zynq: fix reference leak in zynq_gpio functions
gpio: mvebu: fix potential user-after-free on probe
scsi: bnx2i: Requires MMU
xsk: Fix xsk_poll()'s return type
xsk: Replace datagram_poll by sock_poll_wait
can: softing: softing_netdev_open(): fix error handling
clk: renesas: r9a06g032: Drop __packed for portability
block: Simplify REQ_OP_ZONE_RESET_ALL handling
block: factor out requeue handling from dispatch code
blk-mq: In blk_mq_dispatch_rq_list() "no budget" is a reason to kick
pinctrl: aspeed: Fix GPIO requests on pass-through banks
netfilter: x_tables: Switch synchronization to RCU
netfilter: nft_compat: make sure xtables destructors have run
netfilter: nft_dynset: fix timeouts later than 23 days
afs: Fix memory leak when mounting with multiple source parameters
Revert "gpio: eic-sprd: Use devm_platform_ioremap_resource()"
gpio: eic-sprd: break loop when getting NULL device resource
netfilter: nft_ct: Remove confirmation check for NFT_CT_ID
selftests/bpf/test_offload.py: Reset ethtool features after failed setting
RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait
i40e: Refactor rx_bi accesses
i40e: optimise prefetch page refcount
i40e: avoid premature Rx buffer reuse
ixgbe: avoid premature Rx buffer reuse
selftests: fix poll error in udpgro.sh
net: mvpp2: add mvpp2_phylink_to_port() helper
drm/tegra: replace idr_init() by idr_init_base()
kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling
drm/tegra: sor: Disable clocks on error in tegra_sor_init()
habanalabs: put devices before driver removal
arm64: syscall: exit userspace before unmasking exceptions
vxlan: Add needed_headroom for lower device
vxlan: Copy needed_tailroom from lowerdev
scsi: mpt3sas: Increase IOCInit request timeout to 30s
dm table: Remove BUG_ON(in_interrupt())
iwlwifi: pcie: add one missing entry for AX210
drm/amd/display: Init clock value by current vbios CLKs
perf/x86/intel: Check PEBS status correctly
kbuild: avoid split lines in .mod files
soc/tegra: fuse: Fix index bug in get_process_id
usb: mtu3: fix memory corruption in mtu3_debugfs_regset()
USB: serial: option: add interface-number sanity check to flag handling
USB: gadget: f_acm: add support for SuperSpeed Plus
USB: gadget: f_midi: setup SuperSpeed Plus descriptors
usb: gadget: f_fs: Re-use SS descriptors for SuperSpeedPlus
USB: gadget: f_rndis: fix bitrate for SuperSpeed and above
usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul
ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU
ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on Exynos5410
ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid XU
coresight: tmc-etf: Fix NULL ptr dereference in tmc_enable_etf_sink_perf()
coresight: tmc-etr: Check if page is valid before dma_map_page()
coresight: tmc-etr: Fix barrier packet insertion for perf buffer
coresight: etb10: Fix possible NULL ptr dereference in etb_enable_perf()
scsi: megaraid_sas: Check user-provided offsets
HID: i2c-hid: add Vero K147 to descriptor override
serial_core: Check for port state when tty is in error state
Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
quota: Sanity-check quota file headers on load
media: msi2500: assign SPI bus number dynamically
crypto: af_alg - avoid undefined behavior accessing salg_name
md: fix a warning caused by a race between concurrent md_ioctl()s
drm/gma500: fix double free of gma_connector
drm/aspeed: Fix Kconfig warning & subsequent build errors
drm/mcde: Fix handling of platform_get_irq() error
drm/tve200: Fix handling of platform_get_irq() error
arm64: dts: renesas: hihope-rzg2-ex: Drop rxc-skew-ps from ethernet-phy node
arm64: dts: renesas: cat875: Remove rxc-skew-ps from ethernet-phy node
soc: renesas: rmobile-sysc: Fix some leaks in rmobile_init_pm_domains()
soc: mediatek: Check if power domains can be powered on at boot time
soc: qcom: geni: More properly switch to DMA mode
Revert "i2c: i2c-qcom-geni: Fix DMA transfer race"
RDMA/bnxt_re: Set queue pair state when being queried
rtc: pcf2127: fix pcf2127_nvmem_read/write() returns
selinux: fix error initialization in inode_doinit_with_dentry()
ARM: dts: aspeed: s2600wf: Fix VGA memory region location
RDMA/rxe: Compute PSN windows correctly
x86/mm/ident_map: Check for errors from ident_pud_init()
ARM: p2v: fix handling of LPAE translation in BE mode
x86/apic: Fix x2apic enablement without interrupt remapping
sched/deadline: Fix sched_dl_global_validate()
sched: Reenable interrupts in do_sched_yield()
drm/amdgpu: fix incorrect enum type
crypto: talitos - Endianess in current_desc_hdr()
crypto: talitos - Fix return type of current_desc_hdr()
crypto: inside-secure - Fix sizeof() mismatch
ASoC: sun4i-i2s: Fix lrck_period computation for I2S justified mode
ARM: dts: aspeed: tiogapass: Remove vuart
drm/amdgpu: fix build_coefficients() argument
powerpc/64: Set up a kernel stack for secondaries before cpu_restore()
spi: img-spfi: fix reference leak in img_spfi_resume
f2fs: call f2fs_get_meta_page_retry for nat page
drm/msm/dsi_pll_10nm: restore VCO rate during restore_state
spi: spi-mem: fix reference leak in spi_mem_access_start
ASoC: pcm: DRAIN support reactivation
selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
spi: stm32: fix reference leak in stm32_spi_resume
brcmfmac: Fix memory leak for unpaired brcmf_{alloc/free}
arm64: dts: exynos: Include common syscon restart/poweroff for Exynos7
arm64: dts: exynos: Correct psci compatible used on Exynos7
Bluetooth: Fix null pointer dereference in hci_event_packet()
Bluetooth: hci_h5: fix memory leak in h5_close
spi: spi-ti-qspi: fix reference leak in ti_qspi_setup
spi: mt7621: fix missing clk_disable_unprepare() on error in mt7621_spi_probe
spi: tegra20-slink: fix reference leak in slink ops of tegra20
spi: tegra20-sflash: fix reference leak in tegra_sflash_resume
spi: tegra114: fix reference leak in tegra spi ops
spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume
mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure
selftest/bpf: Add missed ip6ip6 test back
ASoC: wm8998: Fix PM disable depth imbalance on error
spi: sprd: fix reference leak in sprd_spi_remove
ASoC: arizona: Fix a wrong free in wm8997_probe
RDMa/mthca: Work around -Wenum-conversion warning
MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA
crypto: qat - fix status check in qat_hal_put_rel_rd_xfer()
staging: greybus: codecs: Fix reference counter leak in error handling
staging: gasket: interrupt: fix the missed eventfd_ctx_put() in gasket_interrupt.c
media: tm6000: Fix sizeof() mismatches
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm()
media: mtk-vcodec: add missing put_device() call in mtk_vcodec_init_enc_pm()
media: v4l2-fwnode: Return -EINVAL for invalid bus-type
ASoC: meson: fix COMPILE_TEST error
scsi: core: Fix VPD LUN ID designator priorities
media: solo6x10: fix missing snd_card_free in error handling case
video: fbdev: atmel_lcdfb: fix return error code in atmel_lcdfb_of_init()
drm/omap: dmm_tiler: fix return error code in omap_dmm_probe()
Input: ads7846 - fix race that causes missing releases
Input: ads7846 - fix integer overflow on Rt calculation
Input: ads7846 - fix unaligned access on 7845
usb/max3421: fix return error code in max3421_probe()
spi: mxs: fix reference leak in mxs_spi_probe
selftests/bpf: Fix broken riscv build
powerpc: Avoid broken GCC __attribute__((optimize))
powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32
EDAC/mce_amd: Use struct cpuinfo_x86.cpu_die_id for AMD NodeId
crypto: crypto4xx - Replace bitwise OR with logical OR in crypto4xx_build_pd
crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe
spi: fix resource leak for drivers without .remove callback
soc: ti: knav_qmss: fix reference leak in knav_queue_probe
soc: ti: Fix reference imbalance in knav_dma_probe
drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe
Input: omap4-keypad - fix runtime PM error handling
clk: meson: Kconfig: fix dependency for G12A
RDMA/cxgb4: Validate the number of CQEs
memstick: fix a double-free bug in memstick_check
ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host
ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host
mmc: pxamci: Fix error return code in pxamci_probe
orinoco: Move context allocation after processing the skb
qtnfmac: fix error return code in qtnf_pcie_probe()
rsi: fix error return code in rsi_reset_card()
cw1200: fix missing destroy_workqueue() on error in cw1200_init_common
dmaengine: mv_xor_v2: Fix error return code in mv_xor_v2_probe()
arm64: tegra: Fix DT binding for IO High Voltage entry
media: siano: fix memory leak of debugfs members in smsdvb_hotplug
platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration
platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration
samples: bpf: Fix lwt_len_hist reusing previous BPF map
media: imx214: Fix stop streaming
mips: cdmm: fix use-after-free in mips_cdmm_bus_discover
media: max2175: fix max2175_set_csm_mode() error code
slimbus: qcom-ngd-ctrl: Avoid sending power requests without QMI
HSI: omap_ssi: Don't jump to free ID in ssi_add_controller()
ARM: dts: Remove non-existent i2c1 from 98dx3236
arm64: dts: armada-3720-turris-mox: update ethernet-phy handle name
arm64: dts: rockchip: Set dr_mode to "host" for OTG on rk3328-roc-cc
power: supply: axp288_charger: Fix HP Pavilion x2 10 DMI matching
power: supply: bq24190_charger: fix reference leak
genirq/irqdomain: Don't try to free an interrupt that has no mapping
arm64: dts: ls1028a: fix ENETC PTP clock input
arm64: dts: qcom: c630: Polish i2c-hid devices
PCI: Bounds-check command-line resource alignment requests
PCI: Fix overflow in command-line resource alignment requests
PCI: iproc: Fix out-of-bound array accesses
arm64: dts: meson: fix spi-max-frequency on Khadas VIM2
arm64: dts: meson-sm1: fix typo in opp table
soc: amlogic: canvas: add missing put_device() call in meson_canvas_get()
ARM: dts: at91: at91sam9rl: fix ADC triggers
platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init
ath10k: Fix the parsing error in service available event
ath10k: Fix an error handling path
ath10k: Release some resources in an error handling path
SUNRPC: rpc_wake_up() should wake up tasks in the correct order
NFSv4.2: condition READDIR's mask for security label based on LSM state
SUNRPC: xprt_load_transport() needs to support the netid "rdma6"
NFSv4: Fix the alignment of page data in the getdeviceinfo reply
net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs'
lockd: don't use interval-based rebinding over TCP
NFS: switch nfsiod to be an UNBOUND workqueue.
selftests/seccomp: Update kernel config
vfio-pci: Use io_remap_pfn_range() for PCI IO memory
hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable
media: saa7146: fix array overflow in vidioc_s_audio()
powerpc/perf: Fix crash with is_sier_available when pmu is not set
powerpc/64: Fix an EMIT_BUG_ENTRY in head_64.S
clocksource/drivers/orion: Add missing clk_disable_unprepare() on error path
clocksource/drivers/cadence_ttc: Fix memory leak in ttc_setup_clockevent()
iio: hrtimer-trigger: Mark hrtimer to expire in hard interrupt context
ARM: dts: at91: sama5d2: map securam as device
bpf: Fix bpf_put_raw_tracepoint()'s use of __module_address()
pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe()
arm64: dts: rockchip: Fix UART pull-ups on rk3328
memstick: r592: Fix error return in r592_probe()
MIPS: Don't round up kernel sections size for memblock_add()
net/mlx5: Properly convey driver version to firmware
ASoC: jz4740-i2s: add missed checks for clk_get()
dm ioctl: fix error return code in target_message
phy: renesas: rcar-gen3-usb2: disable runtime pm in case of failure
clocksource/drivers/arm_arch_timer: Use stable count reader in erratum sne
clocksource/drivers/arm_arch_timer: Correct fault programming of CNTKCTL_EL1.EVNTI
cpufreq: ap806: Add missing MODULE_DEVICE_TABLE
cpufreq: highbank: Add missing MODULE_DEVICE_TABLE
cpufreq: mediatek: Add missing MODULE_DEVICE_TABLE
cpufreq: qcom: Add missing MODULE_DEVICE_TABLE
cpufreq: st: Add missing MODULE_DEVICE_TABLE
cpufreq: sun50i: Add missing MODULE_DEVICE_TABLE
cpufreq: loongson1: Add missing MODULE_ALIAS
cpufreq: scpi: Add missing MODULE_ALIAS
Bluetooth: btusb: Add the missed release_firmware() in btusb_mtk_setup_firmware()
Bluetooth: btmtksdio: Add the missed release_firmware() in mtk_setup_firmware()
arm64: dts: meson: fix PHY deassert timing requirements
ARM: dts: meson: fix PHY deassert timing requirements
arm64: dts: meson: g12a: x96-max: fix PHY deassert timing requirements
scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe
scsi: pm80xx: Fix error return in pm8001_pci_probe()
seq_buf: Avoid type mismatch for seq_buf_init
scsi: fnic: Fix error return code in fnic_probe()
platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems
powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend ops
powerpc/pseries/hibernation: remove redundant cacheinfo update
drm/mediatek: avoid dereferencing a null hdmi_phy on an error message
ASoC: amd: change clk_get() to devm_clk_get() and add missed checks
powerpc/mm: sanity_check_fault() should work for all, not only BOOK3S
usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe
usb: oxu210hp-hcd: Fix memory leak in oxu_create
speakup: fix uninitialized flush_lock
nfsd: Fix message level for normal termination
nfs_common: need lock during iterate through the list
x86/kprobes: Restore BTF if the single-stepping is cancelled
platform/chrome: cros_ec_spi: Don't overwrite spi::mode
bus: fsl-mc: fix error return code in fsl_mc_object_allocate()
s390/cio: fix use-after-free in ccw_device_destroy_console
iwlwifi: mvm: hook up missing RX handlers
erofs: avoid using generic_block_bmap
can: m_can: m_can_config_endisable(): remove double clearing of clock stop request bit
RDMA/core: Do not indicate device ready when device enablement fails
remoteproc: q6v5-mss: fix error handling in q6v5_pds_enable
remoteproc: qcom: fix reference leak in adsp_start
remoteproc: qcom: Fix potential NULL dereference in adsp_init_mmio()
clk: tegra: Fix duplicated SE clock entry
mtd: rawnand: gpmi: fix reference count leak in gpmi ops
mtd: rawnand: meson: Fix a resource leak in init
mtd: rawnand: gpmi: Fix the random DMA timeout issue
extcon: max77693: Fix modalias string
crypto: atmel-i2c - select CONFIG_BITREVERSE
mac80211: don't set set TDLS STA bandwidth wider than possible
ASoC: wm_adsp: remove "ctl" from list on error in wm_adsp_create_control()
irqchip/alpine-msi: Fix freeing of interrupts on allocation error path
watchdog: armada_37xx: Add missing dependency on HAS_IOMEM
watchdog: sirfsoc: Add missing dependency on HAS_IOMEM
watchdog: sprd: remove watchdog disable from resume fail path
watchdog: sprd: check busy bit before new loading rather than after that
watchdog: Fix potential dereferencing of null pointer
ubifs: Fix error return code in ubifs_init_authentication()
um: Monitor error events in IRQ controller
um: tty: Fix handling of close in tty lines
um: chan_xterm: Fix fd leak
sunrpc: fix xs_read_xdr_buf for partial pages receive
RDMA/cma: Don't overwrite sgid_attr after device is released
nfc: s3fwrn5: Release the nfc firmware
powerpc/ps3: use dma_mapping_error()
sparc: fix handling of page table constructor failure
mm: don't wake kswapd prematurely when watermark boosting is disabled
checkpatch: fix unescaped left brace
lan743x: fix rx_napi_poll/interrupt ping-pong
net: bcmgenet: Fix a resource leak in an error handling path in the probe functin
net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function
net: korina: fix return value
libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
watchdog: qcom: Avoid context switch in restart handler
watchdog: coh901327: add COMMON_CLK dependency
clk: ti: Fix memleak in ti_fapll_synth_setup
pwm: zx: Add missing cleanup in error path
pwm: lp3943: Dynamically allocate PWM chip base
perf record: Fix memory leak when using '--user-regs=?' to list registers
qlcnic: Fix error code in probe
virtio_ring: Cut and paste bugs in vring_create_virtqueue_packed()
virtio_net: Fix error code in probe()
virtio_ring: Fix two use after free bugs
clk: at91: sam9x60: remove atmel,osc-bypass support
clk: s2mps11: Fix a resource leak in error handling paths in the probe function
clk: sunxi-ng: Make sure divider tables have sentinel
kconfig: fix return value of do_error_if()
perf probe: Fix memory leak when synthesizing SDT probes
ARM: sunxi: Add machine match for the Allwinner V3 SoC
cfg80211: initialize rekey_data
fix namespaced fscaps when !CONFIG_SECURITY
lwt: Disable BH too in run_lwt_bpf()
drm/amd/display: Prevent bandwidth overflow
drm/amdkfd: Fix leak in dmabuf import
Input: cros_ec_keyb - send 'scancodes' in addition to key events
initramfs: fix clang build failure
Input: goodix - add upside-down quirk for Teclast X98 Pro tablet
vfio/pci/nvlink2: Do not attempt NPU2 setup on POWER8NVL NPU
media: gspca: Fix memory leak in probe
media: sunxi-cir: ensure IR is handled when it is continuous
media: netup_unidvb: Don't leak SPI master in probe error path
media: ipu3-cio2: Remove traces of returned buffers
media: ipu3-cio2: Return actual subdev format
media: ipu3-cio2: Serialise access to pad format
media: ipu3-cio2: Validate mbus format in setting subdev format
media: ipu3-cio2: Make the field on subdev format V4L2_FIELD_NONE
Input: cyapa_gen6 - fix out-of-bounds stack access
ALSA: hda/ca0132 - Change Input Source enum strings.
PM: ACPI: PCI: Drop acpi_pm_set_bridge_wakeup()
Revert "ACPI / resources: Use AE_CTRL_TERMINATE to terminate resources walks"
ACPI: PNP: compare the string length in the matching_id()
ALSA: hda: Fix regressions on clear and reconfig sysfs
ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg.
ALSA: hda/realtek: make bass spk volume adjustable on a yoga laptop
ALSA: hda/realtek - Enable headset mic of ASUS X430UN with ALC256
ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255
ALSA: hda/realtek - Add supported for more Lenovo ALC285 Headset Button
ALSA: pcm: oss: Fix a few more UBSAN fixes
ALSA/hda: apply jack fixup for the Acer Veriton N4640G/N6640G/N2510G
ALSA: hda/realtek: Add quirk for MSI-GP73
ALSA: hda/realtek: Apply jack fixup for Quanta NL3
ALSA: usb-audio: Add VID to support native DSD reproduction on FiiO devices
ALSA: usb-audio: Disable sample read check if firmware doesn't give back
ALSA: core: memalloc: add page alignment for iram
s390/smp: perform initial CPU reset also for SMT siblings
s390/kexec_file: fix diag308 subcode when loading crash kernel
s390/dasd: fix hanging device offline processing
s390/dasd: prevent inconsistent LCU device data
s390/dasd: fix list corruption of pavgroup group list
s390/dasd: fix list corruption of lcu list
binder: add flag to clear buffer on txn complete
ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams
staging: comedi: mf6x4: Fix AI end-of-conversion detection
perf/x86/intel: Add event constraint for CYCLE_ACTIVITY.STALLS_MEM_ANY
perf/x86/intel: Fix rtm_abort_event encoding on Ice Lake
powerpc/perf: Exclude kernel samples while counting events in user space.
crypto: ecdh - avoid unaligned accesses in ecdh_set_secret()
crypto: arm/aes-ce - work around Cortex-A57/A72 silion errata
EDAC/i10nm: Use readl() to access MMIO registers
EDAC/amd64: Fix PCI component registration
cpuset: fix race between hotplug work and later CPU offline
USB: serial: mos7720: fix parallel-port state restore
USB: serial: digi_acceleport: fix write-wakeup deadlocks
USB: serial: keyspan_pda: fix dropped unthrottle interrupts
USB: serial: keyspan_pda: fix write deadlock
USB: serial: keyspan_pda: fix stalled writes
USB: serial: keyspan_pda: fix write-wakeup use-after-free
USB: serial: keyspan_pda: fix tx-unthrottle use-after-free
USB: serial: keyspan_pda: fix write unthrottling
btrfs: do not shorten unpin len for caching block groups
btrfs: trim: fix underflow in trim length to prevent access beyond device boundary
ext4: fix a memory leak of ext4_free_data
ext4: fix deadlock with fs freezing and EA inodes
KVM: arm64: Introduce handling of AArch32 TTBCR2 traps
ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard ES
ARM: dts: at91: sama5d2: fix CAN message ram offset and size
xprtrdma: Fix XDRBUF_SPARSE_PAGES support
powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at
powerpc/rtas: Fix typo of ibm,open-errinjct in RTAS filter
powerpc/feature: Add CPU_FTR_NOEXECUTE to G2_LE
powerpc/xmon: Change printk() to pr_cont()
powerpc/8xx: Fix early debug when SMC1 is relocated
powerpc/mm: Fix verification of MMU_FTR_TYPE_44x
powerpc/powernv/npu: Do not attempt NPU2 setup on POWER8NVL NPU
powerpc/powernv/memtrace: Don't leak kernel memory to user space
powerpc/powernv/memtrace: Fix crashing the kernel when enabling concurrently
ima: Don't modify file descriptor mode on the fly
um: Remove use of asprinf in umid.c
ceph: fix race in concurrent __ceph_remove_cap invocations
SMB3: avoid confusing warning message on mount to Azure
ubifs: wbuf: Don't leak kernel memory to flash
jffs2: Fix GC exit abnormally
jffs2: Fix ignoring mounting options problem during remounting
jfs: Fix array index bounds check in dbAdjTree
platform/x86: mlx-platform: remove an unused variable
drm/amd/display: Fix memory leaks in S3 resume
drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor()
drm/i915: Fix mismatch between misplaced vma check and vma insert
spi: pxa2xx: Fix use-after-free on unbind
spi: spi-sh: Fix use-after-free on unbind
spi: atmel-quadspi: Fix use-after-free on unbind
spi: davinci: Fix use-after-free on unbind
spi: fsl: fix use of spisel_boot signal on MPC8309
spi: gpio: Don't leak SPI master in probe error path
spi: mxic: Don't leak SPI master in probe error path
spi: pic32: Don't leak DMA channels in probe error path
spi: rb4xx: Don't leak SPI master in probe error path
spi: sc18is602: Don't leak SPI master in probe error path
spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path
spi: synquacer: Disable clock in probe error path
spi: mt7621: Disable clock in probe error path
spi: mt7621: Don't leak SPI master in probe error path
spi: atmel-quadspi: Disable clock in probe error path
spi: atmel-quadspi: Fix AHB memory accesses
soc: qcom: smp2p: Safely acquire spinlock without IRQs
mtd: spinand: Fix OOB read
mtd: parser: cmdline: Fix parsing of part-names with colons
mtd: rawnand: qcom: Fix DMA sync on FLASH_STATUS register read
mtd: rawnand: meson: fix meson_nfc_dma_buffer_release() arguments
scsi: qla2xxx: Fix crash during driver load on big endian machines
scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc()
scsi: lpfc: Re-fix use after free in lpfc_rq_buf_free()
iio: buffer: Fix demux update
iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume
iio:light:rpr0521: Fix timestamp alignment and prevent data leak.
iio:light:st_uvis25: Fix timestamp alignment and prevent data leak.
iio:magnetometer:mag3110: Fix alignment and data leak issues.
iio:pressure:mpl3115: Force alignment of buffer
iio:imu:bmi160: Fix too large a buffer.
iio:adc:ti-ads124s08: Fix buffer being too long.
iio:adc:ti-ads124s08: Fix alignment and data leak issues.
md/cluster: block reshape with remote resync job
md/cluster: fix deadlock when node is doing resync job
pinctrl: sunxi: Always call chained_irq_{enter, exit} in sunxi_pinctrl_irq_handler
clk: ingenic: Fix divider calculation with div tables
clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9
clk: tegra: Do not return 0 on failure
device-dax/core: Fix memory leak when rmmod dax.ko
dma-buf/dma-resv: Respect num_fences when initializing the shared fence list.
xen-blkback: set ring->xenblkd to NULL after kthread_stop()
xen/xenbus: Allow watches discard events before queueing
xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path()
xen/xenbus/xen_bus_type: Support will_handle watch callback
xen/xenbus: Count pending messages for each watch
xenbus/xenbus_backend: Disallow pending watch messages
libnvdimm/namespace: Fix reaping of invalidated block-window-namespace labels
platform/x86: intel-vbtn: Allow switch events on Acer Switch Alpha 12
PCI: Fix pci_slot_release() NULL pointer dereference
regulator: axp20x: Fix DLDO2 voltage control register mask for AXP22x
rtc: ep93xx: Fix NULL pointer dereference in ep93xx_rtc_read_time
Revert: "ring-buffer: Remove HAVE_64BIT_ALIGNED_ACCESS"
x86/CPU/AMD: Save AMD NodeId as cpu_die_id
Linux 5.4.86
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: If271639b9a7c833718f8cfdfbacce5affe7f4189
|
||
|
Marc Zyngier
|
6ee6e4e5a4 |
KVM: arm64: Introduce handling of AArch32 TTBCR2 traps
commit ca4e514774930f30b66375a974b5edcbebaf0e7e upstream. ARMv8.2 introduced TTBCR2, which shares TCR_EL1 with TTBCR. Gracefully handle traps to this register when HCR_EL2.TVM is set. Cc: stable@vger.kernel.org Reported-by: James Morse <james.morse@arm.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
338e86c0f7 |
Merge branch 'android11-5.4' into 'android11-5.4-lts'
Sync up with android11-5.4 for the following commits: |
||
|
Greg Kroah-Hartman
|
118da4b0e4 |
This is the 5.4.78 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+1Zg0ACgkQONu9yGCS
aT75KBAAqvo33a5xoTM+FQQRsRSKaRNOhCQooXEB1bJcas3y+yQ6ehmwCJ8/K1tC
JilD+NQt6uuwH2f2cLrH0e4EQcvno390qF/wOCF377bUnKklsxydyaLSLhGYTqR9
5u/vZVf/QoWZc6BvDwPWNo/NwuRPgJ+sVjuFvtt08l0pGQou26WGujl6ElJKBiLV
SbbRDlx/f8cJa/oqN8TL/V/VDqJfVLcv6hFRvf44newSUJK05LgCVoM76WEcSQLj
GYrtCNwffJtnCUzUr/SctNymsgmjj65df6tKmS0vntWH5kTBnCKK/Mnly38gQbeB
nvci1siOUjnnrkBhydKixO4Q6OZmrbuM0g3vXmW5/Az7HjRcX84BRu+yE7aArE3/
GMAIO/D1Wj9Dhxs59cu12IWxRaljkT+5FsZYV55TgcRMmWHq/YzBYFSW15fZ9xEw
ehel9m5ou+HqVtz+bR+ar3v6M2bhedJ0fFvXnbN2OhMwHsEUTuYqfTb7k/21dUwE
P5k8qGGcYKE1q1gb/Dp3p/hDBjr5h4Mg7z7S8diGsVv3klgrtttgqkOo79JfTESz
BS5vsF9yS0k23xemCl3jZ41X9uReXnE3lvEeuDBDdYvHPwnjyzPeUN5jgN6abQm7
CTxp0oPIFW+O8MV+vgF1joK6ykbK8rJRjIUcfzHeI6oKt+HQBJY=
=gimO
-----END PGP SIGNATURE-----
Merge 5.4.78 into android11-5.4-lts
Changes in 5.4.78
drm/i915/gem: Flush coherency domains on first set-domain-ioctl
time: Prevent undefined behaviour in timespec64_to_ns()
nbd: don't update block size after device is started
KVM: arm64: Force PTE mapping on fault resulting in a device mapping
PCI: qcom: Make sure PCIe is reset before init for rev 2.1.0
usb: dwc3: gadget: Continue to process pending requests
usb: dwc3: gadget: Reclaim extra TRBs after request completion
btrfs: tracepoints: output proper root owner for trace_find_free_extent()
btrfs: sysfs: init devices outside of the chunk_mutex
btrfs: reschedule when cloning lots of extents
ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function
genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
hv_balloon: disable warning when floor reached
net: xfrm: fix a race condition during allocing spi
ASoC: codecs: wcd9335: Set digital gain range correctly
xfs: set xefi_discard when creating a deferred agfl free log intent item
netfilter: use actual socket sk rather than skb sk when routing harder
netfilter: nf_tables: missing validation from the abort path
netfilter: ipset: Update byte and packet counters regardless of whether they match
powerpc/eeh_cache: Fix a possible debugfs deadlock
perf trace: Fix segfault when trying to trace events by cgroup
perf tools: Add missing swap for ino_generation
ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
iommu/vt-d: Fix a bug for PDP check in prq_event_thread
afs: Fix warning due to unadvanced marshalling pointer
can: rx-offload: don't call kfree_skb() from IRQ context
can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames
can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
can: j1939: swap addr and pgn in the send example
can: j1939: j1939_sk_bind(): return failure if netdev is down
can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path
can: xilinx_can: handle failure cases of pm_runtime_get_sync
can: peak_usb: add range checking in decode operations
can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on
can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A
can: flexcan: flexcan_remove(): disable wakeup completely
xfs: flush new eof page on truncate to avoid post-eof corruption
xfs: fix scrub flagging rtinherit even if there is no rt device
tpm: efi: Don't create binary_bios_measurements file for an empty log
random32: make prandom_u32() output unpredictable
KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 doesn't return SMCCC_RET_NOT_REQUIRED
KVM: x86: don't expose MSR_IA32_UMWAIT_CONTROL unconditionally
ath9k_htc: Use appropriate rs_datalen type
ASoC: qcom: sdm845: set driver name correctly
ASoC: cs42l51: manage mclk shutdown delay
usb: dwc3: pci: add support for the Intel Alder Lake-S
opp: Reduce the size of critical section in _opp_table_kref_release()
usb: gadget: goku_udc: fix potential crashes in probe
selftests/ftrace: check for do_sys_openat2 in user-memory test
selftests: pidfd: fix compilation errors due to wait.h
ALSA: hda: Separate runtime and system suspend
ALSA: hda: Reinstate runtime_allow() for all hda controllers
gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
gfs2: Add missing truncate_inode_pages_final for sd_aspace
gfs2: check for live vs. read-only file system in gfs2_fitrim
scsi: hpsa: Fix memory leak in hpsa_init_one()
drm/amdgpu: perform srbm soft reset always on SDMA resume
drm/amd/pm: perform SMC reset on suspend/hibernation
drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running
mac80211: fix use of skb payload instead of header
cfg80211: initialize wdev data earlier
cfg80211: regulatory: Fix inconsistent format argument
tracing: Fix the checking of stackidx in __ftrace_trace_stack
scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
scsi: mpt3sas: Fix timeouts observed while reenabling IRQ
nvme: introduce nvme_sync_io_queues
nvme-rdma: avoid race between time out and tear down
nvme-tcp: avoid race between time out and tear down
nvme-rdma: avoid repeated request completion
nvme-tcp: avoid repeated request completion
iommu/amd: Increase interrupt remapping table limit to 512 entries
s390/smp: move rcu_cpu_starting() earlier
vfio: platform: fix reference leak in vfio_platform_open
vfio/pci: Bypass IGD init in case of -ENODEV
i2c: mediatek: move dma reset before i2c reset
amd/amdgpu: Disable VCN DPG mode for Picasso
selftests: proc: fix warning: _GNU_SOURCE redefined
riscv: Set text_offset correctly for M-Mode
i2c: sh_mobile: implement atomic transfers
tpm_tis: Disable interrupts on ThinkPad T490s
spi: bcm2835: remove use of uninitialized gpio flags variable
tick/common: Touch watchdog in tick_unfreeze() on all CPUs
mfd: sprd: Add wakeup capability for PMIC IRQ
pinctrl: intel: Set default bias in case no particular value given
ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template
bpf: Don't rely on GCC __attribute__((optimize)) to disable GCSE
pinctrl: aspeed: Fix GPI only function problem.
net/mlx5: Fix deletion of duplicate rules
SUNRPC: Fix general protection fault in trace_rpc_xdr_overflow()
bpf: Zero-fill re-used per-cpu map element
nbd: fix a block_device refcount leak in nbd_release
igc: Fix returning wrong statistics
xfs: fix flags argument to rmap lookup when converting shared file rmaps
xfs: set the unwritten bit in rmap lookup flags in xchk_bmap_get_rmapextents
xfs: fix rmap key and record comparison functions
xfs: fix brainos in the refcount scrubber's rmap fragment processor
lan743x: fix "BUG: invalid wait context" when setting rx mode
xfs: fix a missing unlock on error in xfs_fs_map_blocks
of/address: Fix of_node memory leak in of_dma_is_coherent
cosa: Add missing kfree in error path of cosa_write
vrf: Fix fast path output packet handling with async Netfilter rules
perf: Fix get_recursion_context()
erofs: derive atime instead of leaving it empty
ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA
ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod
btrfs: fix min reserved size calculation in merge_reloc_root
btrfs: dev-replace: fail mount if we don't have replace item with target device
KVM: arm64: Don't hide ID registers from userspace
thunderbolt: Fix memory leak if ida_simple_get() fails in enumerate_services()
thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
uio: Fix use-after-free in uio_unregister_device()
usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
xhci: hisilicon: fix refercence leak in xhci_histb_probe
virtio: virtio_console: fix DMA memory allocation for rproc serial
mei: protect mei_cl_mtu from null dereference
futex: Don't enable IRQs unconditionally in put_pi_state()
jbd2: fix up sparse warnings in checkpoint code
mm/slub: fix panic in slab_alloc_node()
Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
reboot: fix overflow parsing reboot cpu number
ocfs2: initialize ip_next_orphan
btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch
selinux: Fix error return code in sel_ib_pkey_sid_slow()
gpio: pcie-idio-24: Fix irq mask when masking
gpio: pcie-idio-24: Fix IRQ Enable Register value
gpio: pcie-idio-24: Enable PEX8311 interrupts
mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs
mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove
don't dump the threads that had been already exiting when zapped.
drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
pinctrl: amd: use higher precision for 512 RtcClk
pinctrl: amd: fix incorrect way to disable debounce filter
swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
IPv6: Set SIT tunnel hard_header_len to zero
net/af_iucv: fix null pointer dereference on shutdown
net: udp: fix UDP header access on Fast/frag0 UDP GRO
net: Update window_clamp if SOCK_RCVBUF is set
net/x25: Fix null-ptr-deref in x25_connect
tipc: fix memory leak in tipc_topsrv_start()
r8169: fix potential skb double free in an error path
drm/i915: Correctly set SFC capability for video engines
powerpc/603: Always fault when _PAGE_ACCESSED is not set
x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP
perf scripting python: Avoid declaring function pointers with a visibility attribute
perf/core: Fix race in the perf_mmap_close() function
net: sch_generic: fix the missing new qdisc assignment bug
Convert trailing spaces and periods in path components
Linux 5.4.78
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iac77690a370f99dc3518ab5bd4660fc31d0832c0
|
||
Andrew Jones
|
11c14da8d0 |
KVM: arm64: Don't hide ID registers from userspace
commit f81cb2c3ad41ac6d8cb2650e3d72d5f67db1aa28 upstream.
ID registers are RAZ until they've been allocated a purpose, but
that doesn't mean they should be removed from the KVM_GET_REG_LIST
list. So far we only have one register, SYS_ID_AA64ZFR0_EL1, that
is hidden from userspace when its function, SVE, is not present.
Expose SYS_ID_AA64ZFR0_EL1 to userspace as RAZ when SVE is not
implemented. Removing the userspace visibility checks is enough
to reexpose it, as it will already return zero to userspace when
SVE is not present. The register already behaves as RAZ for the
guest when SVE is not present.
Fixes:
|
||
Ionela Voinescu
|
57ab64893e |
UPSTREAM: arm64/kvm: disable access to AMU registers from kvm guests
Access to the AMU counters should be disabled by default in kvm guests, as information from the counters might reveal activity in other guests or activity on the host. Therefore, disable access to AMU registers from EL0 and EL1 in kvm guests by: - Hiding the presence of the extension in the feature register (SYS_ID_AA64PFR0_EL1) on the VCPU. - Disabling access to the AMU registers before switching to the guest. - Trapping accesses and injecting an undefined instruction into the guest. Bug: 172781912 Change-Id: Ie8048574431dfe00e9d8f59ecbcf51b4c1167000 Signed-off-by: Ionela Voinescu <ionela.voinescu@arm.com> Reviewed-by: Suzuki K Poulose <suzuki.poulose@arm.com> Reviewed-by: Valentin Schneider <valentin.schneider@arm.com> Acked-by: Marc Zyngier <maz@kernel.org> Cc: Will Deacon <will@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Suzuki K Poulose <suzuki.poulose@arm.com> Cc: Julien Thierry <julien.thierry.kdev@gmail.com> Cc: James Morse <james.morse@arm.com> Cc: Marc Zyngier <maz@kernel.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> (cherry picked from commit 4fcdf106a4330bb5c2306a1efbb3af3b7c0db537) Signed-off-by: Neeraj Upadhyay <neeraju@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
eb78bdd479 |
This is the 5.4.75 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+j2NoACgkQONu9yGCS
aT5J8RAAnGBQDsYW32cIwCnEMAAzderx88BD1LWUh3VUzYkUkR/BZVzfR9oBCNNo
3JnCXiJGAmxQqNmM4U4oll1qtDKSnkEL0d3x0dzoPU0jAK2DneZZeUceGXrCsACD
07UmEJ+pg8YwHIDWjPl/XzsOFNDZGIri2ioW5sw0UMg5oSgei+pJsnr999198KoI
3xae/qnkBgWhD2pghHQKHHXJnQTe9+JD+g+cMEWFK36Uxgpc2bpPeZtEaQBRaZZY
CdPPwWuzWY6fBPOYCvrYHG86oPGuR3n03AM0nXWwRPkK2fAxsodr6UpZhQ+tjxJD
gHGsQH1PrgH+wmiAgyaASdl+kvP0B2sRykeLcGLHT1t9Z3OGU3Jo0hxW6pGb85Da
loF+OzhrI7Jlpk9XBJq81GdDGyNvco43gLGID2gTrNpLQ/WMW0slrCYE1WvLQ0ZQ
3u9iUXd3X330W7cZTQgap03MNFrvruwdHnQL6uO73TKCofX15QWX86Vn16GLLlna
etA2le4GSm0yTC9G4Z5YnAIUZdvcrT6iYbmsQ/NoGhu4aJSiQe5O9j+Tb9LoCZYs
V2fYpUYUCsWoq+6KsPHKM0wOAHQkxkCPWDjIrqzWwrRBLfjytVEnc6JQS/ZIdap6
GejH8CeiAnvOpD5MyVGCCih+7slQadG//+z3h7WNugZkVGqFDWc=
=2fiZ
-----END PGP SIGNATURE-----
Merge 5.4.75 into android11-5.4-lts
Changes in 5.4.75
xen/events: avoid removing an event channel while handling it
xen/events: add a proper barrier to 2-level uevent unmasking
xen/events: fix race in evtchn_fifo_unmask()
xen/events: add a new "late EOI" evtchn framework
xen/blkback: use lateeoi irq binding
xen/netback: use lateeoi irq binding
xen/scsiback: use lateeoi irq binding
xen/pvcallsback: use lateeoi irq binding
xen/pciback: use lateeoi irq binding
xen/events: switch user event channels to lateeoi model
xen/events: use a common cpu hotplug hook for event channels
xen/events: defer eoi in case of excessive number of events
xen/events: block rogue events for some time
firmware: arm_scmi: Fix ARCH_COLD_RESET
firmware: arm_scmi: Add missing Rx size re-initialisation
x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels
mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
RDMA/qedr: Fix memory leak in iWARP CM
ata: sata_nv: Fix retrieving of active qcs
futex: Fix incorrect should_fail_futex() handling
powerpc/powernv/smp: Fix spurious DBG() warning
mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race
powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM
sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
f2fs: add trace exit in exception path
f2fs: fix uninit-value in f2fs_lookup
f2fs: fix to check segment boundary during SIT page readahead
s390/startup: avoid save_area_sync overflow
um: change sigio_spinlock to a mutex
f2fs: handle errors of f2fs_get_meta_page_nofail
ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses
NFS4: Fix oops when copy_file_range is attempted with NFS4.0 source
power: supply: bq27xxx: report "not charging" on all types
xfs: fix realtime bitmap/summary file truncation when growing rt volume
video: fbdev: pvr2fb: initialize variables
ath10k: start recovery process when payload length exceeds max htc length for sdio
ath10k: fix VHT NSS calculation when STBC is enabled
drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly
selftests/x86/fsgsbase: Reap a forgotten child
media: videodev2.h: RGB BT2020 and HSV are always full range
media: platform: Improve queue set up flow for bug fixing
usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart
media: tw5864: check status of tw5864_frameinterval_get
media: imx274: fix frame interval handling
mmc: via-sdmmc: Fix data race bug
drm/bridge/synopsys: dsi: add support for non-continuous HS clock
arm64: topology: Stop using MPIDR for topology information
printk: reduce LOG_BUF_SHIFT range for H8300
ia64: kprobes: Use generic kretprobe trampoline handler
kgdb: Make "kgdbcon" work properly with "kgdb_earlycon"
bpf: Permit map_ptr arithmetic with opcode add and offset 0
media: uvcvideo: Fix dereference of out-of-bound list iterator
selftests/bpf: Define string const as global for test_sysctl_prog.c
samples/bpf: Fix possible deadlock in xdpsock
riscv: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO
cpufreq: sti-cpufreq: add stih418 support
USB: adutux: fix debugging
uio: free uio id after uio file node is freed
coresight: Make sysfs functional on topologies with per core sink
usb: xhci: omit duplicate actions when suspending a runtime suspended host.
SUNRPC: Mitigate cond_resched() in xprt_transmit()
arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE
can: flexcan: disable clocks during stop mode
xfs: don't free rt blocks when we're doing a REMAP bunmapi call
ACPI: Add out of bounds and numa_off protections to pxm_to_node()
brcmfmac: Fix warning message after dongle setup failed
drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values
bus/fsl_mc: Do not rely on caller to provide non NULL mc_io
ACPI: HMAT: Fix handling of changes from ACPI 6.2 to ACPI 6.3
power: supply: test_power: add missing newlines when printing parameters by sysfs
drm/amd/display: HDMI remote sink need mode validation for Linux
ARC: [dts] fix the errors detected by dtbs_check
btrfs: fix replace of seed device
md/bitmap: md_bitmap_get_counter returns wrong blocks
bnxt_en: Log unknown link speed appropriately.
rpmsg: glink: Use complete_all for open states
clk: ti: clockdomain: fix static checker warning
net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid
drivers: watchdog: rdc321x_wdt: Fix race condition bugs
ext4: Detect already used quota file early
KVM: PPC: Book3S HV: Do not allocate HPT for a nested guest
gfs2: use-after-free in sysfs deregistration
gfs2: add validation checks for size of superblock
cifs: handle -EINTR in cifs_setattr
arm64: dts: renesas: ulcb: add full-pwr-cycle-in-suspend into eMMC nodes
ARM: dts: omap4: Fix sgx clock rate for 4430
memory: emif: Remove bogus debugfs error handling
ARM: dts: s5pv210: remove DMA controller bus node name to fix dtschema warnings
ARM: dts: s5pv210: move fixed clocks under root node
ARM: dts: s5pv210: move PMU node out of clock controller
ARM: dts: s5pv210: remove dedicated 'audio-subsystem' node
nbd: make the config put is called before the notifying the waiter
sgl_alloc_order: fix memory leak
nvme-rdma: fix crash when connect rejected
md/raid5: fix oops during stripe resizing
mmc: sdhci: Add LTR support for some Intel BYT based controllers
mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN
seccomp: Make duplicate listener detection non-racy
selftests/x86/fsgsbase: Test PTRACE_PEEKUSER for GSBASE with invalid LDT GS
perf/x86/intel: Fix Ice Lake event constraint table
perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count()
perf/x86/amd/ibs: Fix raw sample data accumulation
spi: sprd: Release DMA channel also on probe deferral
extcon: ptn5150: Fix usage of atomic GPIO with sleeping GPIO chips
leds: bcm6328, bcm6358: use devres LED registering function
media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect
fs: Don't invalidate page buffers in block_write_full_page()
NFS: fix nfs_path in case of a rename retry
ACPI: button: fix handling lid state changes when input device closed
ACPI / extlog: Check for RDMSR failure
ACPI: video: use ACPI backlight for HP 635 Notebook
ACPI: debug: don't allow debugging when ACPI is disabled
PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI
ACPI: EC: PM: Flush EC work unconditionally after wakeup
ACPI: EC: PM: Drop ec_no_wakeup check from acpi_ec_dispatch_gpe()
acpi-cpufreq: Honor _PSD table setting on new AMD CPUs
w1: mxc_w1: Fix timeout resolution problem leading to bus error
scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove()
scsi: qla2xxx: Fix crash on session cleanup with unload
PM: runtime: Remove link state checks in rpm_get/put_supplier()
btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode
btrfs: improve device scanning messages
btrfs: reschedule if necessary when logging directory items
btrfs: send, orphanize first all conflicting inodes when processing references
btrfs: send, recompute reference path after orphanization of a directory
btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send()
btrfs: tree-checker: fix false alert caused by legacy btrfs root item
btrfs: cleanup cow block on error
btrfs: tree-checker: validate number of chunk stripes and parity
btrfs: fix use-after-free on readahead extent after failure to create it
btrfs: fix readahead hang and use-after-free after removing a device
usb: xhci: Workaround for S3 issue on AMD SNPS 3.0 xHC
usb: dwc3: pci: Allow Elkhart Lake to utilize DSM method for PM functionality
usb: dwc3: ep0: Fix ZLP for OUT ep0 requests
usb: dwc3: gadget: Check MPS of the request length
usb: dwc3: core: add phy cleanup for probe error handling
usb: dwc3: core: don't trigger runtime pm when remove driver
usb: dwc3: gadget: Resume pending requests after CLEAR_STALL
usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command
usb: cdc-acm: fix cooldown mechanism
usb: typec: tcpm: reset hard_reset_count for any disconnect
usb: host: fsl-mph-dr-of: check return of dma_set_mask()
drm/i915: Force VT'd workarounds when running as a guest OS
vt: keyboard, simplify vt_kdgkbsent
vt: keyboard, extend func_buf_lock to readers
HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery
udf: Fix memory leak when mounting
dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status
iio:light:si1145: Fix timestamp alignment and prevent data leak.
iio: adc: gyroadc: fix leak of device node iterator
iio:adc:ti-adc0832 Fix alignment issue with timestamp
iio:adc:ti-adc12138 Fix alignment issue with timestamp
iio:gyro:itg3200: Fix timestamp alignment and prevent data leak.
powerpc/drmem: Make lmb_size 64 bit
MIPS: DEC: Restore bootmem reservation for firmware working memory area
s390/stp: add locking to sysfs functions
powerpc/rtas: Restrict RTAS requests from userspace
powerpc: Warn about use of smt_snooze_delay
powerpc/memhotplug: Make lmb size 64bit
powerpc/powernv/elog: Fix race while processing OPAL error log event.
powerpc/powermac: Fix low_sleep_handler with KUAP and KUEP
powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation
NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE
NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag
NFSD: Add missing NFSv2 .pc_func methods
ubifs: dent: Fix some potential memory leaks while iterating entries
ubifs: xattr: Fix some potential memory leaks while iterating entries
ubifs: journal: Make sure to not dirty twice for auth nodes
ubifs: Fix a memleak after dumping authentication mount options
ubifs: Don't parse authentication mount options in remount process
ubifs: mount_ubifs: Release authentication resource in error handling path
perf python scripting: Fix printable strings in python3 scripts
ARC: perf: redo the pct irq missing in device-tree handling
ubi: check kthread_should_stop() after the setting of task state
ia64: fix build error with !COREDUMP
rtc: rx8010: don't modify the global rtc ops
i2c: imx: Fix external abort on interrupt in exit paths
drm/amdgpu: don't map BO in reserved region
drm/amd/display: Increase timeout for DP Disable
drm/amdgpu: correct the gpu reset handling for job != NULL case
drm/amdkfd: Use same SQ prefetch setting as amdgpu
drm/amd/display: Avoid MST manager resource leak.
drm/amdgpu: increase the reserved VM size to 2MB
drm/amd/display: Don't invoke kgdb_breakpoint() unconditionally
drm/amd/display: Fix kernel panic by dal_gpio_open() error
ceph: promote to unsigned long long before shifting
libceph: clear con->out_msg on Policy::stateful_server faults
9P: Cast to loff_t before multiplying
ring-buffer: Return 0 on success from ring_buffer_resize()
vringh: fix __vringh_iov() when riov and wiov are different
ext4: fix leaking sysfs kobject after failed mount
ext4: fix error handling code in add_new_gdb
ext4: fix invalid inode checksum
drm/ttm: fix eviction valuable range check.
mmc: sdhci-of-esdhc: set timeout to max before tuning
mmc: sdhci: Use Auto CMD Auto Select only when v4_mode is true
drm/amd/pm: increase mclk switch threshold to 200 us
tty: make FONTX ioctl use the tty pointer they were actually passed
arm64: berlin: Select DW_APB_TIMER_OF
cachefiles: Handle readpage error correctly
hil/parisc: Disable HIL driver when it gets stuck
arm: dts: mt7623: add missing pause for switchport
ARM: samsung: fix PM debug build with DEBUG_LL but !MMU
ARM: s3c24xx: fix missing system reset
device property: Keep secondary firmware node secondary by type
device property: Don't clear secondary pointer for shared primary firmware node
KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR
staging: fieldbus: anybuss: jump to correct label in an error path
staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
staging: octeon: repair "fixed-link" support
staging: octeon: Drop on uncorrectable alignment or FCS error
Linux 5.4.75
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3c571dc0389df541b6abc5c4eb1add78b2b1d1a6
|
||
|
Marc Zyngier
|
8fd792948e |
KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR
commit 4a1c2c7f63c52ccb11770b5ae25920a6b79d3548 upstream.
The DBGD{CCINT,SCRext} and DBGVCR register entries in the cp14 array
are missing their target register, resulting in all accesses being
targetted at the guard sysreg (indexed by __INVALID_SYSREG__).
Point the emulation code at the actual register entries.
Fixes:
|
||
|
Greg Kroah-Hartman
|
e772bef401 |
This is the 5.4.69 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl91u0cACgkQONu9yGCS aT7KmhAAvuW3edfAfzD/F5h4vHaa9rMRmtvp2/FwefBoE4LEi3F6p2gBrUZMA3ds DNQ8Nheafeqd63wFkfE//TXYR0rYTxTxa0jTrhtuJCUZ4+anRyG00fEbHPOxvMnJ aPwQQVNOfCaUAvRbFdQ4RbuIm5chhX8Bml0ZtqvsAAFJ9XkCh1UPF0VHtSrS7PRL lRMBlamLgZqU72naaJaFY2nMp+pvMFPZrzkR7tpv0Z1bqxuJp6L2n/EmcHpmTOJy Ze+Wvt1wKk8Ep5Vql5ekXt5lEiInjacwsJZXbb5HfHO++Y+1b+ABt1kSjJx+R3/q 2Qdztq+9Eoj0N1A4gXdVFoZHqKihhbD49k8YqX4qO5ujTzqgnNyHGSEXyIKvaU6z b3b12IvjbcMhM1zm3qvFfrVbbQI3kJf66zSi9NAwsZHlsvxRzslALR8I7mila4r5 fVOyfGoZxFs44FNW9JG7I85/isAxgg0ogYraMZbk8gmhTtb1ZaN+r7kJeXuTpzOg UBAIDYPclMyZeny6tn1/qFuzNGYQQ0R9kxFcTC21Cf2zNLWHNfwCL1vE3Ob+ROIS IHcsce6IqWQKGlD8UPjkZiXTLfqCAVi51PsGTVrnidXfa1IBOuvDsVqlghPsjHSD 30N4VB++9Gbw7LFEP4e33cOZLBLjDEdYd4VuoQFYywDZ3cy6xXo= =OoZD -----END PGP SIGNATURE----- Merge 5.4.69 into android11-5.4-lts Changes in 5.4.69 kernel/sysctl-test: Add null pointer test for sysctl.c:proc_dointvec() scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs scsi: mpt3sas: Free diag buffer without any status check selinux: allow labeling before policy is loaded media: mc-device.c: fix memleak in media_device_register_entity drm/amd/display: Do not double-buffer DTO adjustments drm/amdkfd: Fix race in gfx10 context restore handler dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) scsi: qla2xxx: Add error handling for PLOGI ELS passthrough ath10k: fix array out-of-bounds access ath10k: fix memory leak for tpc_stats_final PCI/IOV: Serialize sysfs sriov_numvfs reads vs writes mm: fix double page fault on arm64 if PTE_AF is cleared scsi: aacraid: fix illegal IO beyond last LBA m68k: q40: Fix info-leak in rtc_ioctl xfs: fix inode fork extent count overflow gma/gma500: fix a memory disclosure bug due to uninitialized bytes ASoC: kirkwood: fix IRQ error handling soundwire: intel/cadence: fix startup sequence media: smiapp: Fix error handling at NVM reading drm/amd/display: Free gamma after calculating legacy transfer function xfs: properly serialise fallocate against AIO+DIO leds: mlxreg: Fix possible buffer overflow dm table: do not allow request-based DM to stack on partitions PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out scsi: fnic: fix use after free scsi: lpfc: Fix kernel crash at lpfc_nvme_info_show during remote port bounce powerpc/64s: Always disable branch profiling for prom_init.o net: silence data-races on sk_backlog.tail dax: Fix alloc_dax_region() compile warning iomap: Fix overflow in iomap_page_mkwrite f2fs: avoid kernel panic on corruption test clk/ti/adpll: allocate room for terminating null drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table ice: Fix to change Rx/Tx ring descriptor size via ethtool with DCBx mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() mfd: mfd-core: Protect against NULL call-back function pointer drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table tpm_crb: fix fTPM on AMD Zen+ CPUs tracing: Verify if trace array exists before destroying it. tracing: Adding NULL checks for trace_array descriptor pointer bcache: fix a lost wake-up problem caused by mca_cannibalize_lock dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails x86/kdump: Always reserve the low 1M when the crashkernel option is specified RDMA/qedr: Fix potential use after free RDMA/i40iw: Fix potential use after free PCI: Avoid double hpmemsize MMIO window assignment fix dget_parent() fastpath race xfs: fix attr leaf header freemap.size underflow RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' ubi: Fix producing anchor PEBs mmc: core: Fix size overflow for mmc partitions gfs2: clean up iopen glock mess in gfs2_create_inode scsi: pm80xx: Cleanup command when a reset times out mt76: do not use devm API for led classdev mt76: add missing locking around ampdu action debugfs: Fix !DEBUG_FS debugfs_create_automount SUNRPC: Capture completion of all RPC tasks CIFS: Use common error handling code in smb2_ioctl_query_info() CIFS: Properly process SMB3 lease breaks f2fs: stop GC when the victim becomes fully valid ASoC: max98090: remove msleep in PLL unlocked workaround xtensa: fix system_call interaction with ptrace s390: avoid misusing CALL_ON_STACK for task stack setup xfs: fix realtime file data space leak drm/amdgpu: fix calltrace during kmd unload(v3) arm64: insn: consistently handle exit text selftests/bpf: De-flake test_tcpbpf kernel/notifier.c: intercept duplicate registrations to avoid infinite loops kernel/sys.c: avoid copying possible padding bytes in copy_to_user KVM: arm/arm64: vgic: Fix potential double free dist->spis in __kvm_vgic_destroy() module: Remove accidental change of module_enable_x() xfs: fix log reservation overflows when allocating large rt extents ALSA: hda: enable regmap internal locking tipc: fix link overflow issue at socket shutdown vcc_seq_next should increase position index neigh_stat_seq_next() should increase position index rt_cpu_seq_next should increase position index ipv6_route_seq_next should increase position index drm/mcde: Handle pending vblank while disabling display seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier drm/scheduler: Avoid accessing freed bad job. media: ti-vpe: cal: Restrict DMA to avoid memory corruption opp: Replace list_kref with a local counter scsi: qla2xxx: Fix stuck session in GNL scsi: lpfc: Fix incomplete NVME discovery when target sctp: move trace_sctp_probe_path into sctp_outq_sack ACPI: EC: Reference count query handlers under lock scsi: ufs: Make ufshcd_add_command_trace() easier to read scsi: ufs: Fix a race condition in the tracing code drm/amd/display: Initialize DSC PPS variables to 0 i2c: tegra: Prevent interrupt triggering after transfer timeout btrfs: tree-checker: Check leaf chunk item size dmaengine: zynqmp_dma: fix burst length configuration s390/cpum_sf: Use kzalloc and minor changes nfsd: Fix a soft lockup race in nfsd_file_mark_find_or_create() powerpc/eeh: Only dump stack once if an MMIO loop is detected Bluetooth: btrtl: Use kvmalloc for FW allocations tracing: Set kernel_stack's caller size properly ARM: 8948/1: Prevent OOB access in stacktrace ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter ceph: ensure we have a new cap before continuing in fill_inode selftests/ftrace: fix glob selftest tools/power/x86/intel_pstate_tracer: changes for python 3 compatibility Bluetooth: Fix refcount use-after-free issue mm/swapfile.c: swap_next should increase position index mm: pagewalk: fix termination condition in walk_pte_range() Bluetooth: prefetch channel before killing sock KVM: fix overflow of zero page refcount with ksm running ALSA: hda: Clear RIRB status before reading WP skbuff: fix a data race in skb_queue_len() nfsd: Fix a perf warning drm/amd/display: fix workaround for incorrect double buffer register for DLG ADL and TTU audit: CONFIG_CHANGE don't log internal bookkeeping as an event selinux: sel_avc_get_stat_idx should increase position index scsi: lpfc: Fix RQ buffer leakage when no IOCBs available scsi: lpfc: Fix release of hwq to clear the eq relationship scsi: lpfc: Fix coverity errors in fmdi attribute handling drm/omap: fix possible object reference leak locking/lockdep: Decrement IRQ context counters when removing lock chain clk: stratix10: use do_div() for 64-bit calculation crypto: chelsio - This fixes the kernel panic which occurs during a libkcapi test mt76: clear skb pointers from rx aggregation reorder buffer during cleanup mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw ALSA: usb-audio: Don't create a mixer element with bogus volume range perf test: Fix test trace+probe_vfs_getname.sh on s390 RDMA/rxe: Fix configuration of atomic queue pair attributes KVM: x86: fix incorrect comparison in trace event KVM: nVMX: Hold KVM's srcu lock when syncing vmcs12->shadow dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all media: staging/imx: Missing assignment in imx_media_capture_device_register() x86/pkeys: Add check for pkey "overflow" bpf: Remove recursion prevention from rcu free callback dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all dmaengine: tegra-apb: Prevent race conditions on channel's freeing soundwire: bus: disable pm_runtime in sdw_slave_delete drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic drm/omap: dss: Cleanup DSS ports on initialisation failure iavf: use tc_cls_can_offload_and_chain0() instead of chain check firmware: arm_sdei: Use cpus_read_lock() to avoid races with cpuhp random: fix data races at timer_rand_state bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal ASoC: SOF: ipc: check ipc return value before data copy media: go7007: Fix URB type for interrupt handling Bluetooth: guard against controllers sending zero'd events timekeeping: Prevent 32bit truncation in scale64_check_overflow() powerpc/book3s64: Fix error handling in mm_iommu_do_alloc() drm/amd/display: fix image corruption with ODM 2:1 DSC 2 slice ext4: fix a data race at inode->i_disksize perf jevents: Fix leak of mapfile memory mm: avoid data corruption on CoW fault into PFN-mapped VMA drm/amdgpu: increase atombios cmd timeout ARM: OMAP2+: Handle errors for cpu_pm drm/amd/display: Stop if retimer is not available clk: imx: Fix division by zero warning on pfdv2 cpu-topology: Fix the potential data corruption s390/irq: replace setup_irq() by request_irq() perf cs-etm: Swap packets for instruction samples perf cs-etm: Correct synthesizing instruction samples ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read scsi: aacraid: Disabling TM path and only processing IOP reset Bluetooth: L2CAP: handle l2cap config request during open state media: tda10071: fix unsigned sign extension overflow tty: sifive: Finish transmission before changing the clock xfs: don't ever return a stale pointer from __xfs_dir3_free_read xfs: mark dir corrupt when lookup-by-hash fails ext4: mark block bitmap corrupted when found instead of BUGON tpm: ibmvtpm: Wait for buffer to be set before proceeding rtc: sa1100: fix possible race condition rtc: ds1374: fix possible race condition nfsd: Don't add locks to closed or closing open stateids RDMA/cm: Remove a race freeing timewait_info intel_th: Disallow multi mode on devices where it's broken KVM: PPC: Book3S HV: Treat TM-related invalid form instructions on P9 like the valid ones drm/msm: fix leaks if initialization fails drm/msm/a5xx: Always set an OPP supported hardware value tracing: Use address-of operator on section symbols thermal: rcar_thermal: Handle probe error gracefully KVM: LAPIC: Mark hrtimer for period or oneshot mode to expire in hard interrupt context perf parse-events: Fix 3 use after frees found with clang ASAN btrfs: do not init a reloc root if we aren't relocating btrfs: free the reloc_control in a consistent way r8169: improve RTL8168b FIFO overflow workaround serial: 8250_port: Don't service RX FIFO if throttled serial: 8250_omap: Fix sleeping function called from invalid context during probe serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout perf cpumap: Fix snprintf overflow check net: axienet: Convert DMA error handler to a work queue net: axienet: Propagate failure of DMA descriptor setup cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn tools: gpio-hammer: Avoid potential overflow in main exec: Add exec_update_mutex to replace cred_guard_mutex exec: Fix a deadlock in strace selftests/ptrace: add test cases for dead-locks kernel/kcmp.c: Use new infrastructure to fix deadlocks in execve proc: Use new infrastructure to fix deadlocks in execve proc: io_accounting: Use new infrastructure to fix deadlocks in execve perf: Use new infrastructure to fix deadlocks in execve nvme-multipath: do not reset on unknown status nvme: Fix ctrl use-after-free during sysfs deletion nvme: Fix controller creation races with teardown flow brcmfmac: Fix double freeing in the fmac usb data path xfs: prohibit fs freezing when using empty transactions RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices IB/iser: Always check sig MR before putting it to the free pool scsi: hpsa: correct race condition in offload enabled SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' svcrdma: Fix leak of transport addresses netfilter: nf_tables: silence a RCU-list warning in nft_table_lookup() PCI: Use ioremap(), not phys_to_virt() for platform ROM ubifs: ubifs_jnl_write_inode: Fix a memory leak bug ubifs: ubifs_add_orphan: Fix a memory leak bug ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor PCI: pciehp: Fix MSI interrupt race NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() drm/amdgpu/vcn2.0: stall DPG when WPTR/RPTR reset powerpc/perf: Implement a global lock to avoid races between trace, core and thread imc events. mm/kmemleak.c: use address-of operator on section symbols mm/filemap.c: clear page error before actual read mm/swapfile: fix data races in try_to_unuse() mm/vmscan.c: fix data races using kswapd_classzone_idx SUNRPC: Don't start a timer on an already queued rpc task nvmet-rdma: fix double free of rdma queue workqueue: Remove the warning in wq_worker_sleeping() drm/amdgpu/sriov add amdgpu_amdkfd_pre_reset in gpu reset mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area ALSA: hda: Skip controller resume if not needed scsi: qedi: Fix termination timeouts in session logout serial: uartps: Wait for tx_empty in console setup btrfs: fix setting last_trans for reloc roots KVM: Remove CREATE_IRQCHIP/SET_PIT2 race perf stat: Force error in fallback on :k events bdev: Reduce time holding bd_mutex in sync in blkdev_close() drivers: char: tlclk.c: Avoid data race between init and interrupt handler KVM: arm64: vgic-v3: Retire all pending LPIs on vcpu destroy KVM: arm64: vgic-its: Fix memory leak on the error path of vgic_add_lpi() net: openvswitch: use u64 for meter bucket scsi: aacraid: Fix error handling paths in aac_probe_one() staging:r8188eu: avoid skb_clone for amsdu to msdu conversion sparc64: vcc: Fix error return code in vcc_probe() arm64: cpufeature: Relax checks for AArch32 support at EL[0-2] sched/fair: Eliminate bandwidth race between throttling and distribution dpaa2-eth: fix error return code in setup_dpni() dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion devlink: Fix reporter's recovery condition atm: fix a memory leak of vcc->user_back media: venus: vdec: Init registered list unconditionally perf mem2node: Avoid double free related to realloc mm/slub: fix incorrect interpretation of s->offset i2c: tegra: Restore pinmux on system resume power: supply: max17040: Correct voltage reading phy: samsung: s5pv210-usb2: Add delay after reset Bluetooth: Handle Inquiry Cancel error after Inquiry Complete USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() KVM: x86: handle wrap around 32-bit address space tipc: fix memory leak in service subscripting tty: serial: samsung: Correct clock selection logic ALSA: hda: Fix potential race in unsol event handler drm/exynos: dsi: Remove bridge node reference in error handling path in probe function ipmi:bt-bmc: Fix error handling and status check powerpc/traps: Make unrecoverable NMIs die instead of panic svcrdma: Fix backchannel return code fuse: don't check refcount after stealing page fuse: update attr_version counter on fuse_notify_inval_inode() USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int coresight: etm4x: Fix use-after-free of per-cpu etm drvdata arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work scsi: cxlflash: Fix error return code in cxlflash_probe() arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register drm/amdkfd: fix restore worker race condition e1000: Do not perform reset in reset_task if we are already down drm/nouveau/debugfs: fix runtime pm imbalance on error drm/nouveau: fix runtime pm imbalance on error drm/nouveau/dispnv50: fix runtime pm imbalance on error printk: handle blank console arguments passed in. usb: dwc3: Increase timeout for CmdAct cleared by device controller btrfs: don't force read-only after error in drop snapshot btrfs: fix double __endio_write_update_ordered in direct I/O gpio: rcar: Fix runtime PM imbalance on error vfio/pci: fix memory leaks of eventfd ctx KVM: PPC: Book3S HV: Close race with page faults around memslot flushes perf evsel: Fix 2 memory leaks perf trace: Fix the selection for architectures to generate the errno name tables perf stat: Fix duration_time value for higher intervals perf util: Fix memory leak of prefix_if_not_in perf metricgroup: Free metric_events on error perf kcore_copy: Fix module map when there are no modules loaded PCI: tegra194: Fix runtime PM imbalance on error ASoC: img-i2s-out: Fix runtime PM imbalance on error wlcore: fix runtime pm imbalance in wl1271_tx_work wlcore: fix runtime pm imbalance in wlcore_regdomain_config mtd: rawnand: gpmi: Fix runtime PM imbalance on error mtd: rawnand: omap_elm: Fix runtime PM imbalance on error PCI: tegra: Fix runtime PM imbalance on error ceph: fix potential race in ceph_check_caps mm/swap_state: fix a data race in swapin_nr_pages mm: memcontrol: fix stat-corrupting race in charge moving rapidio: avoid data race between file operation callbacks and mport_cdev_add(). mtd: parser: cmdline: Support MTD names containing one or more colons x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline NFS: nfs_xdr_status should record the procedure name vfio/pci: Clear error and request eventfd ctx after releasing cifs: Fix double add page to memcg when cifs_readpages nvme: fix possible deadlock when I/O is blocked mac80211: skip mpath lookup also for control port tx scsi: libfc: Handling of extra kref scsi: libfc: Skip additional kref updating work event selftests/x86/syscall_nt: Clear weird flags after each test vfio/pci: fix racy on error and request eventfd ctx btrfs: qgroup: fix data leak caused by race between writeback and truncate perf tests: Fix test 68 zstd compression for s390 scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure ubi: fastmap: Free unused fastmap anchor peb during detach mt76: fix LED link time failure opp: Increase parsed_static_opps in _of_add_opp_table_v1() perf parse-events: Use strcmp() to compare the PMU name ALSA: hda: Always use jackpoll helper for jack update after resume ALSA: hda: Workaround for spurious wakeups on some Intel platforms net: openvswitch: use div_u64() for 64-by-32 divisions nvme: explicitly update mpath disk capacity on revalidation device_cgroup: Fix RCU list debugging warning ASoC: pcm3168a: ignore 0 Hz settings ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 RISC-V: Take text_mutex in ftrace_init_nop() i2c: aspeed: Mask IRQ status to relevant bits s390/init: add missing __init annotations lockdep: fix order in trace_hardirqs_off_caller() EDAC/ghes: Check whether the driver is on the safe list correctly drm/amdkfd: fix a memory leak issue drm/amd/display: update nv1x stutter latencies drm/amdgpu/dc: Require primary plane to be enabled whenever the CRTC is i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() objtool: Fix noreturn detection for ignored functions ieee802154: fix one possible memleak in ca8210_dev_com_init ieee802154/adf7242: check status of adf7242_read_reg clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() mwifiex: Increase AES key storage size to 256 bits batman-adv: bla: fix type misuse for backbone_gw hash indexing atm: eni: fix the missed pci_disable_device() for eni_init_one() batman-adv: mcast/TT: fix wrongly dropped or rerouted packets netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled mac802154: tx: fix use-after-free bpf: Fix clobbering of r2 in bpf_gen_ld_abs drm/vc4/vc4_hdmi: fill ASoC card owner net: qed: Disable aRFS for NPAR and 100G net: qede: Disable aRFS for NPAR and 100G net: qed: RDMA personality shouldn't fail VF load drm/sun4i: sun8i-csc: Secondary CSC register correction batman-adv: Add missing include for in_interrupt() nvme-tcp: fix kconfig dependency warning when !CRYPTO batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh bpf: Fix a rcu warning for bpffs map pretty-print lib80211: fix unmet direct dependendices config warning when !CRYPTO ALSA: asihpi: fix iounmap in error handler regmap: fix page selection for noinc reads regmap: fix page selection for noinc writes MIPS: Add the missing 'CPU_1074K' into __get_cpu_type() regulator: axp20x: fix LDO2/4 description KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE KVM: SVM: Add a dedicated INVD intercept routine mm: validate pmd after splitting arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback x86/ioapic: Unbreak check_timer() scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported ALSA: usb-audio: Add delay quirk for H570e USB headsets ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 lib/string.c: implement stpcpy tracing: fix double free s390/dasd: Fix zero write for FBA devices kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() kprobes: tracing/kprobes: Fix to kill kprobes on initmem after boot btrfs: fix overflow when copying corrupt csums for a message dmabuf: fix NULL pointer dereference in dma_buf_release() mm, THP, swap: fix allocating cluster for swapfile by mistake mm/gup: fix gup_fast with dynamic page table folding s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch dm: fix bio splitting and its bio completion order for regular IO kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE ata: define AC_ERR_OK ata: make qc_prep return ata_completion_errors ata: sata_mv, avoid trigerrable BUG_ON Linux 5.4.69 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I2a26b4f6fd89b641fa80e339ee72089da51a1415 |
||
|
Marc Zyngier
|
c9bfb7b4d9 |
KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch
commit c4ad98e4b72cb5be30ea282fce935248f2300e62 upstream.
KVM currently assumes that an instruction abort can never be a write.
This is in general true, except when the abort is triggered by
a S1PTW on instruction fetch that tries to update the S1 page tables
(to set AF, for example).
This can happen if the page tables have been paged out and brought
back in without seeing a direct write to them (they are thus marked
read only), and the fault handling code will make the PT executable(!)
instead of writable. The guest gets stuck forever.
In these conditions, the permission fault must be considered as
a write so that the Stage-1 update can take place. This is essentially
the I-side equivalent of the problem fixed by
|
||
|
Greg Kroah-Hartman
|
ffcfdcc24e |
This is the 5.4.63 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl9TWQYACgkQONu9yGCS aT6DJhAAyDsKzxQrxAnWSRkhbKb1pRJe+a6gz9B41iYo1aPzgW07feZixyKWHHBb qDF+Ws8LC1WiJNM5jmYLvJidNWzm6BX2EUL+0IFnR6txdGgscaSGdXt4Crs3FBku uo47dcy70sDGa7lEfe5kgqGnPGVCZGt6GOWg+ktb5jw7zUxgXQLRPG+ea5Pcxw+6 uXEcfWYNOwu2+ggbOE+DRAoA06tZp3SbPLPjB9bcCcs7TxhvJnCieOSA+w52tc1/ 4e38JTcH1BM3Dbe29Z8gXazzoMvlUXgVWtGhAybivVxMW2OEta2mrDjIkfvv/zI8 2miaOZY93iXozk82qPkQL9/tSjN0Nuii90VnK4TIvP5ohLDGfPVMiQH7MCWXnr4J Nm45jcKrK2MQo5ECI495A1682gueY0oYm2bWUwUsQ0voSRe3HR66YEJZj/Ae1Ry5 AYDNvSvcaavtYPOm6iTDaOhydN6WOvja4dllQFPeW+y9PJYlDYuHzpqbnIuiej0u qkXO1+9DHXZjyOeO0Y9Te2XlKmOLqzKPG2UiJJHKHn7mpGnZqUaxbUewyzcMKSe7 ifyroeEFuzKEQ1IqSjaEkY2cJ31Q25OmInI2Oze9DEqJSY3JIdTM6G9UdB8RodVl pR/ET8bToVAVDGiixouzo/7cDZpPO0lM24dRzg+ORZLe/HZYI94= =kTUr -----END PGP SIGNATURE----- Merge 5.4.63 into android11-5.4-lts Changes in 5.4.63 HID: core: Correctly handle ReportSize being zero HID: core: Sanitize event code and type when mapping input perf record/stat: Explicitly call out event modifiers in the documentation drm/sched: Fix passing zero to 'PTR_ERR' warning v2 drm/etnaviv: fix TS cache flushing on GPUs with BLT engine KVM: arm64: Add kvm_extable for vaxorcism code KVM: arm64: Survive synchronous exceptions caused by AT instructions KVM: arm64: Set HCR_EL2.PTW to prevent AT taking synchronous exception dt-bindings: mmc: tegra: Add tmclk for Tegra210 and later arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes arm64: tegra: Add missing timeout clock to Tegra210 SDMMC sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210 sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186 scsi: target: tcmu: Fix size in calls to tcmu_flush_dcache_range scsi: target: tcmu: Optimize use of flush_dcache_page Linux 5.4.63 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I703abbc41e97cd1732a1fb3cf3f7d8e4b2a33766 |
||
|
Greg Kroah-Hartman
|
7ea7cc9f8b |
This is the 5.4.62 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl9Qtz8ACgkQONu9yGCS
aT7xMw/9H2aAnbYRKpq4NX95OcfujmE1S4zv99TGOus2SPO+C6JiAo4WE40OYfWj
H4q2XKa2jAKAvxLwf5zfUKdWNTqTpz+9NiCeF7QUEbGZ+fj7d39s1Quo6KNhCfUX
pyQX7oa9nsaIbwzCz5RB0AqRGVzTMwh4lGdhtxTQfl/LMYWtub9UOkUvWimxlO5i
bWqiqIOZWOzIoPj9KHEOg4KsE6L5D69PjfT2M/qfuOd4TWUw5i1Dv2ckRG1A5r3H
q8oGrNwgMcco1mpC7lG0IZteNfNZHZqVeOGVdF54HsY+tpLBE9G6HbvfDQknyOPy
BP3zBcPovWz3S2wRwHyZHjJdQdIprWW+zwikVoqMbTXt8VkNh0qXDgrfScEn6Fah
hi6oOYvKOCb9YlD6IH7zfvZJzwRdmhIV26dztk1vI51dyvWUh+lmeWuFeGWCYUy6
PYc9O1RjpzZqNezdHz4ZoueX+4G63fXJ1pTwYhReS4Wj7AYTqUgwIV+ZYKcTmmuD
bXiWzQXt+4sbR2Mhah5E9wdJlIOc46i+ui6VEUxqZBq8UH0t5C8xxTjO61EAtd4F
vlfs57jI8/VwWMxUPI4Qni933h1B4zBUlhvTqK7W0QQgEUsO6mIQQB5bDy0A0HOT
3lImaFt4f+HI7vEltqE1qds1IXK7c0HvFbGC1fRI1ZdS0VdUiY8=
=F1JD
-----END PGP SIGNATURE-----
Merge 5.4.62 into android11-5.4-lts
Changes in 5.4.62
powerpc/64s: Don't init FSCR_DSCR in __init_FSCR()
binfmt_flat: revert "binfmt_flat: don't offset the data start"
gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
net: Fix potential wrong skb->protocol in skb_vlan_untag()
net: nexthop: don't allow empty NHA_GROUP
net: qrtr: fix usage of idr in port assignment to socket
net: sctp: Fix negotiation of the number of data streams.
net/smc: Prevent kernel-infoleak in __smc_diag_dump()
tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
net: ena: Make missed_tx stat incremental
net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow
ipvlan: fix device features
ALSA: hda/hdmi: Add quirk to force connectivity
ALSA: pci: delete repeated words in comments
ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged
ALSA: hda/hdmi: Use force connectivity quirk on another HP desktop
ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt
ASoC: img-parallel-out: Fix a reference count leak
ASoC: tegra: Fix reference count leaks.
mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs
arm64: dts: qcom: msm8916: Pull down PDM GPIOs during sleep
powerpc/xive: Ignore kmemleak false positives
media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq()
blktrace: ensure our debugfs dir exists
scsi: target: tcmu: Fix crash on ARM during cmd completion
mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs
iommu/iova: Don't BUG on invalid PFNs
drm/amdkfd: Fix reference count leaks.
drm/radeon: fix multiple reference count leak
drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms
drm/amd/display: fix ref count leak in amdgpu_drm_ioctl
drm/amdgpu: fix ref count leak in amdgpu_display_crtc_set_config
drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails
scsi: lpfc: Fix shost refcount mismatch when deleting vport
xfs: Don't allow logging of XFS_ISTALE inodes
scsi: target: Fix xcopy sess release leak
selftests/powerpc: Purge extra count_pmc() calls of ebb selftests
f2fs: fix error path in do_recover_data()
omapfb: fix multiple reference count leaks due to pm_runtime_get_sync
PCI: Fix pci_create_slot() reference count leak
ARM: dts: ls1021a: output PPS signal on FIPER2
rtlwifi: rtl8192cu: Prevent leaking urb
mips/vdso: Fix resource leaks in genvdso.c
ALSA: hda: Add support for Loongson 7A1000 controller
cec-api: prevent leaking memory through hole in structure
HID: quirks: add NOGET quirk for Logitech GROUP
f2fs: fix use-after-free issue
drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open
drm/nouveau: fix reference count leak in nv50_disp_atomic_commit
drm/nouveau: Fix reference count leak in nouveau_connector_detect
locking/lockdep: Fix overflow in presentation of average lock-time
btrfs: file: reserve qgroup space after the hole punch range is locked
btrfs: make btrfs_qgroup_check_reserved_leak take btrfs_inode
scsi: iscsi: Do not put host in iscsi_set_flashnode_param()
ceph: fix potential mdsc use-after-free crash
ceph: do not access the kiocb after aio requests
scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del()
EDAC/ie31200: Fallback if host bridge device is already initialized
hugetlbfs: prevent filesystem stacking of hugetlbfs
media: davinci: vpif_capture: fix potential double free
KVM: arm64: Fix symbol dependency in __hyp_call_panic_nvhe
powerpc/spufs: add CONFIG_COREDUMP dependency
USB: sisusbvga: Fix a potential UB casued by left shifting a negative value
brcmfmac: Set timeout value when configuring power save
efi: provide empty efi_enter_virtual_mode implementation
arm64: Fix __cpu_logical_map undefined issue
Revert "ath10k: fix DMA related firmware crashes on multiple devices"
sched/uclamp: Protect uclamp fast path code with static key
sched/uclamp: Fix a deadlock when enabling uclamp static key
usb: cdns3: gadget: always zeroed TRB buffer when enable endpoint
PM / devfreq: rk3399_dmc: Add missing of_node_put()
PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails
PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent
drm/xen: fix passing zero to 'PTR_ERR' warning
drm/xen-front: Fix misused IS_ERR_OR_NULL checks
s390/numa: set node distance to LOCAL_DISTANCE
btrfs: factor out inode items copy loop from btrfs_log_inode()
btrfs: only commit the delayed inode when doing a full fsync
btrfs: only commit delayed items at fsync if we are logging a directory
mm/shuffle: don't move pages between zones and don't read garbage memmaps
mm: fix kthread_use_mm() vs TLB invalidate
mm/cma.c: switch to bitmap_zalloc() for cma bitmap allocation
cma: don't quit at first error when activating reserved areas
gpu/drm: ingenic: Use the plane's src_[x,y] to configure DMA length
drm/ingenic: Fix incorrect assumption about plane->index
drm/amd/display: Trigger modesets on MST DSC connectors
drm/amd/display: Add additional config guards for DCN
drm/amd/display: Fix dmesg warning from setting abm level
mm/vunmap: add cond_resched() in vunmap_pmd_range
EDAC: sb_edac: get rid of unused vars
EDAC: skx_common: get rid of unused type var
EDAC/{i7core,sb,pnd2,skx}: Fix error event severity
PCI: qcom: Add missing ipq806x clocks in PCIe driver
PCI: qcom: Change duplicate PCI reset to phy reset
PCI: qcom: Add missing reset for ipq806x
cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode
ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1)
media: gpio-ir-tx: improve precision of transmitted signal due to scheduling
block: respect queue limit of max discard segment
block: virtio_blk: fix handling single range discard request
drm/msm/adreno: fix updating ring fence
block: Fix page_is_mergeable() for compound pages
bfq: fix blkio cgroup leakage v4
hwmon: (nct7904) Correct divide by 0
blk-mq: insert request not through ->queue_rq into sw/scheduler queue
blkcg: fix memleak for iolatency
nvme-fc: Fix wrong return value in __nvme_fc_init_request()
nvme: multipath: round-robin: fix single non-optimized path case
null_blk: fix passing of REQ_FUA flag in null_handle_rq
i2c: core: Don't fail PRP0001 enumeration when no ID table exist
i2c: rcar: in slave mode, clear NACK earlier
usb: gadget: f_tcm: Fix some resource leaks in some error paths
spi: stm32: clear only asserted irq flags on interrupt
jbd2: make sure jh have b_transaction set in refile/unfile_buffer
ext4: don't BUG on inconsistent journal feature
ext4: handle read only external journal device
jbd2: abort journal if free a async write error metadata buffer
ext4: handle option set by mount flags correctly
ext4: handle error of ext4_setup_system_zone() on remount
ext4: correctly restore system zone info when remount fails
fs: prevent BUG_ON in submit_bh_wbc()
spi: stm32h7: fix race condition at end of transfer
spi: stm32: fix fifo threshold level in case of short transfer
spi: stm32: fix stm32_spi_prepare_mbr in case of odd clk_rate
spi: stm32: always perform registers configuration prior to transfer
drm/amd/powerplay: correct Vega20 cached smu feature state
drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading
drm/amd/display: Switch to immediate mode for updating infopackets
netfilter: avoid ipv6 -> nf_defrag_ipv6 module dependency
can: j1939: transport: j1939_xtp_rx_dat_one(): compare own packets to detect corruptions
ALSA: hda/realtek: Add model alc298-samsung-headphone
s390/cio: add cond_resched() in the slow_eval_known_fn() loop
ASoC: wm8994: Avoid attempts to read unreadable registers
selftests: disable rp_filter for icmp_redirect.sh
scsi: fcoe: Fix I/O path allocation
scsi: ufs: Fix possible infinite loop in ufshcd_hold
scsi: ufs: Improve interrupt handling for shared interrupts
scsi: ufs: Clean up completed request without interrupt notification
scsi: qla2xxx: Fix login timeout
scsi: qla2xxx: Check if FW supports MQ before enabling
scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
macvlan: validate setting of multiple remote source MAC addresses
net: gianfar: Add of_node_put() before goto statement
powerpc/perf: Fix soft lockups due to missed interrupt accounting
arm64: Move handling of erratum
|
||
|
James Morse
|
ffad02f9e3 |
KVM: arm64: Survive synchronous exceptions caused by AT instructions
commit 88a84ccccb3966bcc3f309cdb76092a9892c0260 upstream. KVM doesn't expect any synchronous exceptions when executing, any such exception leads to a panic(). AT instructions access the guest page tables, and can cause a synchronous external abort to be taken. The arm-arm is unclear on what should happen if the guest has configured the hardware update of the access-flag, and a memory type in TCR_EL1 that does not support atomic operations. B2.2.6 "Possible implementation restrictions on using atomic instructions" from DDI0487F.a lists synchronous external abort as a possible behaviour of atomic instructions that target memory that isn't writeback cacheable, but the page table walker may behave differently. Make KVM robust to synchronous exceptions caused by AT instructions. Add a get_user() style helper for AT instructions that returns -EFAULT if an exception was generated. While KVM's version of the exception table mixes synchronous and asynchronous exceptions, only one of these can occur at each location. Re-enter the guest when the AT instructions take an exception on the assumption the guest will take the same exception. This isn't guaranteed to make forward progress, as the AT instructions may always walk the page tables, but guest execution may use the translation cached in the TLB. This isn't a problem, as since commit |
||
|
James Morse
|
1744237ca0 |
KVM: arm64: Add kvm_extable for vaxorcism code
commit e9ee186bb735bfc17fa81dbc9aebf268aee5b41e upstream. KVM has a one instruction window where it will allow an SError exception to be consumed by the hypervisor without treating it as a hypervisor bug. This is used to consume asynchronous external abort that were caused by the guest. As we are about to add another location that survives unexpected exceptions, generalise this code to make it behave like the host's extable. KVM's version has to be mapped to EL2 to be accessible on nVHE systems. The SError vaxorcism code is a one instruction window, so has two entries in the extable. Because the KVM code is copied for VHE and nVHE, we end up with four entries, half of which correspond with code that isn't mapped. Cc: <stable@vger.kernel.org> # 5.4.x Signed-off-by: James Morse <james.morse@arm.com> Reviewed-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Andre Przywara <andre.przywara@arm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
David Brazdil
|
653ae33b03 |
KVM: arm64: Fix symbol dependency in __hyp_call_panic_nvhe
[ Upstream commit b38b298aa4397e2dc74a89b4dd3eac9e59b64c96 ] __hyp_call_panic_nvhe contains inline assembly which did not declare its dependency on the __hyp_panic_string symbol. The static-declared string has previously been kept alive because of a use in __hyp_call_panic_vhe. Fix this in preparation for separating the source files between VHE and nVHE when the two users land in two different compilation units. The static variable otherwise gets dropped when compiling the nVHE source file, causing an undefined symbol linker error later. Signed-off-by: David Brazdil <dbrazdil@google.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Link: https://lore.kernel.org/r/20200625131420.71444-2-dbrazdil@google.com Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
c7725aece3 |
Merge 5.4.52 into android11-5.4
Changes in 5.4.52 KVM: s390: reduce number of IO pins to 1 spi: spi-fsl-dspi: Adding shutdown hook spi: spi-fsl-dspi: Fix lockup if device is removed during SPI transfer regmap: fix alignment issue perf/x86/rapl: Move RAPL support to common x86 code perf/x86/rapl: Fix RAPL config variable bug ARM: dts: omap4-droid4: Fix spi configuration and increase rate drm/ttm: Fix dma_fence refcnt leak when adding move fence drm/tegra: hub: Do not enable orphaned window group gpu: host1x: Detach driver on unregister drm: mcde: Fix display initialization problem ASoC: SOF: Intel: add PCI ID for CometLake-S ALSA: hda: Intel: add missing PCI IDs for ICL-H, TGL-H and EKL spi: spidev: fix a race between spidev_release and spidev_remove spi: spidev: fix a potential use-after-free in spidev_release() net: ethernet: mvneta: Fix Serdes configuration for SoCs without comphy net: ethernet: mvneta: Add 2500BaseX support for SoCs without comphy ixgbe: protect ring accesses with READ- and WRITE_ONCE i40e: protect ring accesses with READ- and WRITE_ONCE ibmvnic: continue to init in CRQ reset returns H_CLOSED powerpc/kvm/book3s64: Fix kernel crash with nested kvm & DEBUG_VIRTUAL iommu/vt-d: Don't apply gfx quirks to untrusted devices drm: panel-orientation-quirks: Add quirk for Asus T101HA panel drm: panel-orientation-quirks: Use generic orientation-data for Acer S1003 s390/kasan: fix early pgm check handler execution cifs: update ctime and mtime during truncate ARM: imx6: add missing put_device() call in imx6q_suspend_init() scsi: mptscsih: Fix read sense data size usb: dwc3: pci: Fix reference count leak in dwc3_pci_resume_work block: release bip in a right way in error path nvme-rdma: assign completion vector correctly x86/entry: Increase entry_stack size to a full page sched/core: Check cpus_mask, not cpus_ptr in __set_cpus_allowed_ptr(), to fix mask corruption net: qrtr: Fix an out of bounds read qrtr_endpoint_post() gpio: pca953x: Override IRQ for one of the expanders on Galileo Gen 2 gpio: pca953x: Fix GPIO resource leak on Intel Galileo Gen 2 nl80211: don't return err unconditionally in nl80211_start_ap() drm/mediatek: Check plane visibility in atomic_update bpf, sockmap: RCU splat with redirect and strparser error or TLS bpf, sockmap: RCU dereferenced psock may be used outside RCU block netfilter: ipset: call ip_set_free() instead of kfree() net: mvneta: fix use of state->speed net: cxgb4: fix return error value in t4_prep_fw IB/sa: Resolv use-after-free in ib_nl_make_request() net: dsa: microchip: set the correct number of ports netfilter: conntrack: refetch conntrack after nf_conntrack_update() perf report TUI: Fix segmentation fault in perf_evsel__hists_browse() perf intel-pt: Fix recording PEBS-via-PT with registers perf intel-pt: Fix PEBS sample for XMM registers smsc95xx: check return value of smsc95xx_reset smsc95xx: avoid memory leak in smsc95xx_bind net: hns3: add a missing uninit debugfs when unload driver net: hns3: fix use-after-free when doing self test ALSA: compress: fix partial_drain completion state RDMA/siw: Fix reporting vendor_part_id arm64: kgdb: Fix single-step exception handling oops nbd: Fix memory leak in nbd_add_socket cxgb4: fix all-mask IP address comparison IB/mlx5: Fix 50G per lane indication qed: Populate nvm-file attributes while reading nvm config partition. net/mlx5: Fix eeprom support for SFP module net/mlx5e: Fix 50G per lane indication bnxt_en: fix NULL dereference in case SR-IOV configuration fails net: macb: fix wakeup test in runtime suspend/resume routines net: macb: mark device wake capable when "magic-packet" property present net: macb: fix call to pm_runtime in the suspend/resume functions mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON() mlxsw: pci: Fix use-after-free in case of failed devlink reload IB/hfi1: Do not destroy hfi1_wq when the device is shut down IB/hfi1: Do not destroy link_wq when the device is shut down ALSA: opl3: fix infoleak in opl3 ALSA: hda - let hs_mic be picked ahead of hp_mic ALSA: usb-audio: add quirk for MacroSilicon MS2109 ALSA: usb-audio: Add implicit feedback quirk for RTX6001 ALSA: hda/realtek - Fix Lenovo Thinkpad X1 Carbon 7th quirk subdevice id ALSA: hda/realtek - Enable audio jacks of Acer vCopperbox with ALC269VC ALSA: hda/realtek: Enable headset mic of Acer C20-820 with ALC269VC ALSA: hda/realtek: Enable headset mic of Acer Veriton N4660G with ALC269VC KVM: arm64: Fix definition of PAGE_HYP_DEVICE KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART KVM: arm64: Annotate hyp NMI-related functions as __always_inline KVM: x86: bit 8 of non-leaf PDPEs is not reserved KVM: x86: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode KVM: x86: Mark CR4.TSD as being possibly owned by the guest KVM: arm64: Fix kvm_reset_vcpu() return code being incorrect with SVE kallsyms: Refactor kallsyms_show_value() to take cred module: Refactor section attr into bin attribute module: Do not expose section addresses to non-CAP_SYSLOG kprobes: Do not expose probe addresses to non-CAP_SYSLOG bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() Revert "ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb" btrfs: fix fatal extent_buffer readahead vs releasepage race btrfs: fix double put of block group with nocow drm/radeon: fix double free drm/amdgpu: don't do soft recovery if gpu_recovery=0 dm: use noio when sending kobject event mmc: meson-gx: limit segments to 1 when dram-access-quirk is needed ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE ARC: elf: use right ELF_ARCH s390/setup: init jump labels before command line parsing s390/mm: fix huge pte soft dirty copying blk-mq: consider non-idle request as "inflight" in blk_mq_rq_inflight() dm writecache: reject asynchronous pmem devices perf scripts python: export-to-postgresql.py: Fix struct.pack() int argument perf scripts python: exported-sql-viewer.py: Fix zero id in call graph 'Find' result perf scripts python: exported-sql-viewer.py: Fix zero id in call tree 'Find' result perf scripts python: exported-sql-viewer.py: Fix unexpanded 'Find' result pwm: jz4740: Fix build failure s390: Change s390_kernel_write() return type to match memcpy() s390/maccess: add no DAT mode to kernel_write Linux 5.4.52 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ib10c465a3556b5c55d6d6c2ec37b6061b32ca75f |
||
Steven Price
|
79aaeec712 |
KVM: arm64: Fix kvm_reset_vcpu() return code being incorrect with SVE
If SVE is enabled then 'ret' can be assigned the return value of
kvm_vcpu_enable_sve() which may be 0 causing future "goto out" sites to
erroneously return 0 on failure rather than -EINVAL as expected.
Remove the initialisation of 'ret' and make setting the return value
explicit to avoid this situation in the future.
Fixes:
|
||
Andrew Scull
|
b956ec9afc |
KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART
commit b9e10d4a6c9f5cbe6369ce2c17ebc67d2e5a4be5 upstream.
HVC_SOFT_RESTART is given values for x0-2 that it should installed
before exiting to the new address so should not set x0 to stub HVC
success or failure code.
Fixes:
|
||
|
Greg Kroah-Hartman
|
eaaa29ec5a |
This is the 5.4.47 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7qK2gACgkQONu9yGCS aT4kaw/8Cknc9G64S1SWchxFj4LnSYzrpeFGXOZBlHBtcCyD12JNGjA6SG6DoGLY /s/1fjBwJWrWpkI36CGNZowNPYtzRMOhyBGj7QHTpEj0vjMTKYXhVieMquQSHwRP zcrYl8f/xWJKo6XNjR1YLh5PWeD6B9dWD1RcvBZ0jCez84jyVT1EyWMWGiodkLMx gmJITO2DBaekelU0yyZJIFePO5DJpcXspf5lrPgkPG9u/U4hZf94AAGMYbXJZ5Rn BDcqGEGQe+mtcG6lq6DGRDH5VVMG4k13MrZJBfrVAhkGU+g6nKQbOXCcdcRjoM6N 9NL8RbcpL0NhphNmrKwjNcYd4kZxYgTQb87FZi+qDxwGQIWIxcET6gL5t/vqAev1 v/uKFLlt5x/2tNtpC8aY8EwdyGcXfeBXEl9AjP7HUWC/KzB8I9vLnokcMvOMYDIg 3wNIsKMYLcLzuLL8oJ7FvDkBO+H/RjSvF4UvQyLOPOJtWSV5uKbLfKIU9sw90G3i t8qo3lNC/J4saJ+jx+O7XoHjFw6biJFATvs0+HtpCkwi0aJm2SGW+OvXuZCGZPnz TW2YsGFCCwL/RPtceJVkGfV3kr7SUB5AGXjueXdC+4QWfmi3POWojjgheQrleS+3 OLxRsUVbQ6hOqEgLAaV6HhzvykkTjDj2Gq8P3I+1Y/eiRHjlpdU= =WYnW -----END PGP SIGNATURE----- Merge 5.4.47 into android-5.4-stable Changes in 5.4.47 ipv6: fix IPV6_ADDRFORM operation logic mlxsw: core: Use different get_trend() callbacks for different thermal zones net_failover: fixed rollback in net_failover_open() tun: correct header offsets in napi frags mode bridge: Avoid infinite loop when suppressing NS messages with invalid options vxlan: Avoid infinite loop when suppressing NS messages with invalid options bpf: Support llvm-objcopy for vmlinux BTF elfnote: mark all .note sections SHF_ALLOC Input: mms114 - fix handling of mms345l ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook sched/fair: Don't NUMA balance for kthreads Input: synaptics - add a second working PNP_ID for Lenovo T470s csky: Fixup abiv2 syscall_trace break a4 & a5 gfs2: Even more gfs2_find_jhead fixes drivers/net/ibmvnic: Update VNIC protocol version reporting powerpc/xive: Clear the page tables for the ESB IO mapping spi: dw: Fix native CS being unset ath9k_htc: Silence undersized packet warnings smack: avoid unused 'sip' variable warning RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated padata: add separate cpuhp node for CPUHP_PADATA_DEAD s390/pci: Log new handle in clp_disable_fh() x86/cpu/amd: Make erratum #1054 a legacy erratum KVM: x86: only do L1TF workaround on affected processors PCI/PM: Adjust pcie_wait_for_link_delay() for caller delay perf probe: Accept the instance number of kretprobe event mm: add kvfree_sensitive() for freeing sensitive data objects selftests: fix flower parent qdisc fanotify: fix ignore mask logic for events on child and on dir aio: fix async fsync creds ipv4: fix a RCU-list lock in fib_triestat_seq_show iwlwifi: mvm: fix NVM check for 3168 devices sctp: fix possibly using a bad saddr with a given dst sctp: fix refcount bug in sctp_wfree x86_64: Fix jiffies ODR violation x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs x86/speculation: Prevent rogue cross-process SSBD shutdown x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. x86/reboot/quirks: Add MacBook6,1 reboot quirk perf/x86/intel: Add more available bits for OFFCORE_RESPONSE of Intel Tremont KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated KVM: x86: respect singlestep when emulating instruction KVM: x86: Fix APIC page invalidation race powerpc/ptdump: Properly handle non standard page size ASoC: max9867: fix volume controls io_uring: use kvfree() in io_sqe_buffer_register() efi/efivars: Add missing kobject_put() in sysfs entry creation error path smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K smb3: add indatalen that can be a non-zero value to calculation of credit charge in smb2 ioctl watchdog: imx_sc_wdt: Fix reboot on crash ALSA: es1688: Add the missed snd_card_free() ALSA: fireface: fix configuration error for nominal sampling transfer frequency ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines ALSA: pcm: disallow linking stream to itself ALSA: pcm: fix snd_pcm_link() lockdep splat ALSA: usb-audio: Fix inconsistent card PM state after resume ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe() ACPI: GED: add support for _Exx / _Lxx handler methods ACPI: PM: Avoid using power resources if there are none for D0 arm64: acpi: fix UBSAN warning lib/lzo: fix ambiguous encoding bug in lzo-rle nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() spi: dw: Fix controller unregister order spi: Fix controller unregister order spi: pxa2xx: Fix controller unregister order spi: pxa2xx: Fix runtime PM ref imbalance on probe error spi: bcm2835: Fix controller unregister order spi: bcm2835aux: Fix controller unregister order spi: bcm-qspi: Handle clock probe deferral spi: bcm-qspi: when tx/rx buffer is NULL set to 0 PM: runtime: clk: Fix clk_pm_runtime_get() error path gup: document and work around "COW can break either way" issue crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated crypto: algapi - Avoid spurious modprobe on LOADED crypto: drbg - fix error return code in drbg_alloc_state() x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned firmware: imx: warn on unexpected RX firmware: imx-scu: Support one TX and one RX firmware: imx: scu: Fix corruption of header crypto: virtio: Fix use-after-free in virtio_crypto_skcipher_finalize_req() crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() dccp: Fix possible memleak in dccp_init and dccp_fini selftests/net: in rxtimestamp getopt_long needs terminating null entry net/mlx5: drain health workqueue in case of driver load error net/mlx5: Fix fatal error handling during device load net/mlx5e: Fix repeated XSK usage on one channel ovl: initialize error in ovl_copy_xattr proc: Use new_inode not new_inode_pseudo remoteproc: Fall back to using parent memory pool if no dedicated available remoteproc: Fix and restore the parenting hierarchy for vdev cpufreq: Fix up cpufreq_boost_set_sw() EDAC/skx: Use the mcmtr register to retrieve close_pg/bank_xor_enable video: vt8500lcdfb: fix fallthrough warning video: fbdev: w100fb: Fix a potential double free. KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 KVM: nSVM: fix condition for filtering async PF KVM: nSVM: leave ASID aside in copy_vmcb_control_area KVM: nVMX: Consult only the "basic" exit reason when routing nested exit KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(&boot_cpu_data) KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits KVM: arm64: Stop writing aarch32's CSSELR into ACTLR KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts scsi: megaraid_sas: TM command refire leads to controller firmware crash scsi: lpfc: Fix negation of else clause in lpfc_prep_node_fc4type selftests/ftrace: Return unsupported if no error_log file ath9k: Fix use-after-free Read in htc_connect_service ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx ath9k: Fix use-after-free Write in ath9k_htc_rx_msg ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb Smack: slab-out-of-bounds in vsscanf drm/vkms: Hold gem object while still in-use mm/slub: fix a memory leak in sysfs_slab_add() fat: don't allow to mount if the FAT length == 0 perf: Add cond_resched() to task_function_call() agp/intel: Reinforce the barrier after GTT updates mmc: sdhci-msm: Clear tuning done flag while hs400 tuning mmc: mmci_sdmmc: fix DMA API warning overlapping mappings mmc: tmio: Further fixup runtime PM management at remove mmc: uniphier-sd: call devm_request_irq() after tmio_mmc_host_probe() ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description mmc: sdio: Fix potential NULL pointer error in mmc_sdio_init_card() mmc: sdio: Fix several potential memory leaks in mmc_sdio_init_card() block/floppy: fix contended case in floppy_queue_rq() xen/pvcalls-back: test for errors when calling backend_connect() KVM: arm64: Synchronize sysreg state on injecting an AArch32 exception KVM: arm64: Save the host's PtrAuth keys in non-preemptible context Linux 5.4.47 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3fb3216abdbc080b4ac7b827b35ff6a813e28eb8 |
||
|
Marc Zyngier
|
d96ef8fa95 |
KVM: arm64: Save the host's PtrAuth keys in non-preemptible context
commit ef3e40a7ea8dbe2abd0a345032cd7d5023b9684f upstream. When using the PtrAuth feature in a guest, we need to save the host's keys before allowing the guest to program them. For that, we dump them in a per-CPU data structure (the so called host context). But both call sites that do this are in preemptible context, which may end up in disaster should the vcpu thread get preempted before reentering the guest. Instead, save the keys eagerly on each vcpu_load(). This has an increased overhead, but is at least safe. Cc: stable@vger.kernel.org Reviewed-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
James Morse
|
f9551b7371 |
KVM: arm64: Stop writing aarch32's CSSELR into ACTLR
commit 7c582bf4ed84f3eb58bdd1f63024a14c17551e7d upstream.
aarch32 has pairs of registers to access the high and low parts of 64bit
registers. KVM has a union of 64bit sys_regs[] and 32bit copro[]. The
32bit accessors read the high or low part of the 64bit sys_reg[] value
through the union.
Both sys_reg_descs[] and cp15_regs[] list access_csselr() as the accessor
for CSSELR{,_EL1}. access_csselr() is only aware of the 64bit sys_regs[],
and expects r->reg to be 'CSSELR_EL1' in the enum, index 2 of the 64bit
array.
cp15_regs[] uses the 32bit copro[] alias of sys_regs[]. Here CSSELR is
c0_CSSELR which is the same location in sys_reg[]. r->reg is 'c0_CSSELR',
index 4 in the 32bit array.
access_csselr() uses the 32bit r->reg value to access the 64bit array,
so reads and write the wrong value. sys_regs[4], is ACTLR_EL1, which
is subsequently save/restored when we enter the guest.
ACTLR_EL1 is supposed to be read-only for the guest. This register
only affects execution at EL1, and the host's value is restored before
we return to host EL1.
Convert the 32bit register index back to the 64bit version.
Suggested-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: James Morse <james.morse@arm.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20200529150656.7339-2-james.morse@arm.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
5e169f689f |
This is the 5.4.41 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl683gYACgkQONu9yGCS aT4UrQ/+OWH+sgNXQW2TtBAtDt+b6WCPCwsAe74YdsbqzVf/mxVGVpHKvFJCEXxA KDRrBqdICgrjZ+L8Y2MPzNhyD2/nLHwB8M99ARx4B6mvOu4pT0+/xATViGmotqDN tzpQ3HvnFLlR/z74/xDanXgXrTAv591hpSQlpUmf6NCiBZNlhndId4qnh/z8Eumn wVLseK1r2CY3s3mMZTw6BXmHmj6zGA70Ckuvhp9JmxiKs9fg+pmDlUaRPHex91Xh LtSJd7CdpVr5YrMIC9DcQ2TN46KsZZkoo+l/W8jVNVG3ggqWUrHn7wGamwTHafd1 TkoU7eQt9ps15p7Sj4Z19de30Y1m/g+Qq7L4NrgGcX8bhnCHdgfdbAj40GINOaB2 WLHRVu3PgEUCbLCSixE5BRLmBTECjWapIiW50fp/jogGmeRiBbJFFnWbVtiEwyme KU7ZJRw/sfKNzIN0QioJ/EadK7ZkvIfr/ajinpXdxIA+4gteyKRrNb0323FRG3Ev JoStdR2g+dv+yEJYLmsCl3N0eEETzHK8fRJbp0lkSKjEaxW/yDRpIdhREXmWGd2V Hprcoiyknae0MEIFFnTvA4Oj7wOYezxP0tQg14nOdtXZX5afry5qP/lryE0kYxiV JcI4BrwfWI8hOwdaFd413qp+JG7eKV3RhanhaPimroQJn0WKB9Q= =Ipyc -----END PGP SIGNATURE----- Merge 5.4.41 into android-5.4-stable Changes in 5.4.41 USB: serial: qcserial: Add DW5816e support nvme: refactor nvme_identify_ns_descs error handling nvme: fix possible hang when ns scanning fails during error recovery tracing/kprobes: Fix a double initialization typo net: macb: Fix runtime PM refcounting drm/amdgpu: move kfd suspend after ip_suspend_phase1 drm/amdgpu: drop redundant cg/pg ungate on runpm enter vt: fix unicode console freeing with a common interface tty: xilinx_uartps: Fix missing id assignment to the console devlink: fix return value after hitting end in region read dp83640: reverse arguments to list_add_tail fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks ipv6: Use global sernum for dst validation with nexthop objects mlxsw: spectrum_acl_tcam: Position vchunk in a vregion list properly neigh: send protocol value in neighbor create notification net: dsa: Do not leave DSA master with NULL netdev_ops net: macb: fix an issue about leak related system resources net: macsec: preserve ingress frame ordering net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() net_sched: sch_skbprio: add message validation to skbprio_change() net: stricter validation of untrusted gso packets net: tc35815: Fix phydev supported/advertising mask net/tls: Fix sk_psock refcnt leak in bpf_exec_tx_verdict() net/tls: Fix sk_psock refcnt leak when in tls_data_ready() net: usb: qmi_wwan: add support for DW5816e nfp: abm: fix a memory leak bug sch_choke: avoid potential panic in choke_reset() sch_sfq: validate silly quantum values tipc: fix partial topology connection closure tunnel: Propagate ECT(1) when decapsulating as recommended by RFC6040 bnxt_en: Fix VF anti-spoof filter setup. bnxt_en: Reduce BNXT_MSIX_VEC_MAX value to supported CQs per PF. bnxt_en: Improve AER slot reset. bnxt_en: Return error when allocating zero size context memory. bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). net/mlx5: DR, On creation set CQ's arm_db member to right value net/mlx5: Fix forced completion access non initialized command entry net/mlx5: Fix command entry leak in Internal Error State net: mvpp2: prevent buffer overflow in mvpp22_rss_ctx() net: mvpp2: cls: Prevent buffer overflow in mvpp2_ethtool_cls_rule_del() HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices sctp: Fix bundling of SHUTDOWN with COOKIE-ACK Revert "HID: wacom: generic: read the number of expected touches on a per collection basis" HID: usbhid: Fix race between usbhid_close() and usbhid_stop() HID: wacom: Report 2nd-gen Intuos Pro S center button status over BT USB: uas: add quirk for LaCie 2Big Quadra usb: chipidea: msm: Ensure proper controller reset using role switch API USB: serial: garmin_gps: add sanity checking for data length tracing: Add a vmalloc_sync_mappings() for safe measure crypto: arch/nhpoly1305 - process in explicit 4k chunks KVM: s390: Remove false WARN_ON_ONCE for the PQAP instruction KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path KVM: arm: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER KVM: arm64: Fix 32bit PC wrap-around arm64: hugetlb: avoid potential NULL dereference drm: ingenic-drm: add MODULE_DEVICE_TABLE ipc/mqueue.c: change __do_notify() to bypass check_kill_permission() epoll: atomically remove wait entry on wake up eventpoll: fix missing wakeup for ovflist in ep_poll_callback mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() mm: limit boost_watermark on small zones ceph: fix endianness bug when handling MDS session feature bits ceph: demote quotarealm lookup warning to a debug message staging: gasket: Check the return value of gasket_get_bar_index() coredump: fix crash when umh is disabled riscv: set max_pfn to the PFN of the last page iocost: protect iocg->abs_vdebt with iocg->waitq.lock batman-adv: fix batadv_nc_random_weight_tq batman-adv: Fix refcnt leak in batadv_show_throughput_override batman-adv: Fix refcnt leak in batadv_store_throughput_override batman-adv: Fix refcnt leak in batadv_v_ogm_process x86/entry/64: Fix unwind hints in register clearing code x86/entry/64: Fix unwind hints in kernel exit path x86/entry/64: Fix unwind hints in rewind_stack_do_exit() x86/unwind/orc: Don't skip the first frame for inactive tasks x86/unwind/orc: Prevent unwinding before ORC initialization x86/unwind/orc: Fix error path for bad ORC entry type x86/unwind/orc: Fix premature unwind stoppage due to IRET frames KVM: x86: Fixes posted interrupt check for IRQs delivery modes arch/x86/kvm/svm/sev.c: change flag passed to GUP fast in sev_pin_memory() netfilter: nat: never update the UDP checksum when it's 0 netfilter: nf_osf: avoid passing pointer to local var objtool: Fix stack offset tracking for indirect CFAs iommu/virtio: Reverse arguments to list_add scripts/decodecode: fix trapping instruction formatting mm, memcg: fix error return value of mem_cgroup_css_alloc() bdi: move bdi_dev_name out of line bdi: add a ->dev_name field to struct backing_dev_info fsnotify: replace inode pointer with an object id fanotify: merge duplicate events on parent and child Linux 5.4.41 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie6695b1dace8ca62579a57084608e9268e52fde9 |
||
|
Marc Zyngier
|
e983c6064a |
KVM: arm64: Fix 32bit PC wrap-around
commit 0225fd5e0a6a32af7af0aefac45c8ebf19dc5183 upstream. In the unlikely event that a 32bit vcpu traps into the hypervisor on an instruction that is located right at the end of the 32bit range, the emulation of that instruction is going to increment PC past the 32bit range. This isn't great, as userspace can then observe this value and get a bit confused. Conversly, userspace can do things like (in the context of a 64bit guest that is capable of 32bit EL0) setting PSTATE to AArch64-EL0, set PC to a 64bit value, change PSTATE to AArch32-USR, and observe that PC hasn't been truncated. More confusion. Fix both by: - truncating PC increments for 32bit guests - sanitizing all 32bit regs every time a core reg is changed by userspace, and that PSTATE indicates a 32bit mode. Cc: stable@vger.kernel.org Acked-by: Will Deacon <will@kernel.org> Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
e736cc6873 |
This is the 5.4.20 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5HElwACgkQONu9yGCS aT6GQBAAxBLl+L518k3/Jm7Fv5VGFtfk7QIJmLKSdI58Gj7aLib2CulB5dJpHu0Z uOJXEUKQoUC739MjS6IgrAUoee/GTgyeOS1gyI49IBVvrBgjQop/3FJ4Oe4EF6Wj aEy7xA1k1MRUM4XWy3PiMvIuaxWNWoEn22DS703adOKPEx2yS0sPtAf6RRRpzxW+ oWR9aJv5y+wKRi7frRvTJ8juQoeo67XHNQWBybv7v+th7KqF33EYk/faLJqTbqNd caJAG+DuGsu/oLcwlWEE5CZ8rP5OAOh12505J9XG5uXoqA2BrQFCTLW6okG1PUNI I+GugtMKWwOSP8dHkfq/jPKInG3H+mCwVW3wWzKfWBJwIi4NWokYK31SQty1BNBe if9ytUT97ykgkovVjVbu+X+wMnEes2JMrVyBAzY2cOK01KD2PUR/cLdZZXTil4A0 rEKXd+tJRN7+ko+z4EJRdstzNtB030tDeEUmwJSIlJoWPRROk69it8d4/OFXe+/u Le4T4V6w22tcP0H/2CtDSwTntDbjNoXWpTGzqp2HO0urObqZyX99leyCI8Ee9sRz 00B6ykAOnOMPdLmAGmpBXnhKRK89VlnfG5A/d609km4EPJuKZyX9KS6tZSwpJIAd 3W9FWaNyr8Z79BDJyeK0ftS5BD/WNGDLux7lylLzMsPAmF7YNsI= =Zp/p -----END PGP SIGNATURE----- Merge 5.4.20 into android-5.4 Changes in 5.4.20 ASoC: pcm: update FE/BE trigger order based on the command hv_sock: Remove the accept port restriction IB/mlx4: Fix memory leak in add_gid error flow IB/srp: Never use immediate data if it is disabled by a user IB/mlx4: Fix leak in id_map_find_del RDMA/netlink: Do not always generate an ACK for some netlink operations RDMA/i40iw: fix a potential NULL pointer dereference RDMA/core: Fix locking in ib_uverbs_event_read RDMA/uverbs: Verify MR access flags RDMA/cma: Fix unbalanced cm_id reference count during address resolve RDMA/umem: Fix ib_umem_find_best_pgsz() scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails PCI/IOV: Fix memory leak in pci_iov_add_virtfn() ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe PCI/switchtec: Use dma_set_mask_and_coherent() PCI/switchtec: Fix vep_vector_number ioread width PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30 PCI: Don't disable bridge BARs when assigning bus resources PCI/AER: Initialize aer_fifo iwlwifi: mvm: avoid use after free for pmsr request bpftool: Don't crash on missing xlated program instructions bpf, sockmap: Don't sleep while holding RCU lock on tear-down bpf, sockhash: Synchronize_rcu before free'ing map selftests/bpf: Test freeing sockmap/sockhash with a socket in it bpf: Improve bucket_log calculation logic bpf, sockmap: Check update requirements after locking nfs: NFS_SWAP should depend on SWAP NFS: Revalidate the file size on a fatal write error NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes() NFS: Fix fix of show_nfs_errors NFSv4: pnfs_roc() must use cred_fscmp() to compare creds NFSv4: try lease recovery on NFS4ERR_EXPIRED NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals x86/boot: Handle malformed SRAT tables during early ACPI parsing rtc: hym8563: Return -EINVAL if the time is known to be invalid rtc: cmos: Stop using shared IRQ watchdog: qcom: Use platform_get_irq_optional() for bark irq ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node platform/x86: intel_mid_powerbtn: Take a copy of ddata arm64: dts: qcom: msm8998: Fix tcsr syscon size arm64: dts: uDPU: fix broken ethernet ARM: dts: at91: Reenable UART TX pull-ups ARM: dts: am43xx: add support for clkout1 clock arm64: dts: renesas: r8a77990: ebisu: Remove clkout-lr-synchronous from sound arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node ARM: dts: meson8: use the actual frequency for the GPU's 182.1MHz OPP ARM: dts: meson8b: use the actual frequency for the GPU's 364MHz OPP ARM: dts: at91: sama5d3: fix maximum peripheral clock rates ARM: dts: at91: sama5d3: define clock rate range for tcb1 tools/power/acpi: fix compilation error soc: qcom: rpmhpd: Set 'active_only' for active only power domains Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests" powerpc/ptdump: Fix W+X verification call in mark_rodata_ro() powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA ARM: at91: pm: use SAM9X60 PMC's compatible ARM: at91: pm: use of_device_id array to find the proper shdwc node KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections ARM: 8949/1: mm: mark free_memmap as __init sched/uclamp: Fix a bug in propagating uclamp value in new cgroups arm64: cpufeature: Fix the type of no FP/SIMD capability arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations KVM: arm/arm64: Fix young bit from mmu notifier KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests KVM: arm: Make inject_abt32() inject an external abort instead KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset KVM: arm64: pmu: Fix chained SW_INCR counters KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit integer arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock mtd: sharpslpart: Fix unsigned comparison to zero crypto: testmgr - don't try to decrypt uninitialized buffers crypto: artpec6 - return correct error code for failed setkey() crypto: atmel-sha - fix error handling when setting hmac key crypto: caam/qi2 - fix typo in algorithm's driver name drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe media: i2c: adv748x: Fix unsafe macros dt-bindings: iio: adc: ad7606: Fix wrong maxItems value bcache: avoid unnecessary btree nodes flushing in btree_flush_write() selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" selinux: fix regression introduced by move_mount(2) syscall pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B regmap: fix writes to non incrementing registers mfd: max77650: Select REGMAP_IRQ in Kconfig clk: meson: g12a: fix missing uart2 in regmap table dmaengine: axi-dmac: add a check for devm_regmap_init_mmio mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held libertas: make lbs_ibss_join_existing() return error code on rates overflow selinux: fall back to ref-walk if audit is required Linux 5.4.20 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I68c0ac72422e279b38324afc91dc52df3eadc0f7 |
||
|
Suzuki K Poulose
|
7df80a021f |
arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
commit 52f73c383b2418f2d31b798e765ae7d596c35021 upstream.
We detect the absence of FP/SIMD after an incapable CPU is brought up,
and by then we have kernel threads running already with TIF_FOREIGN_FPSTATE set
which could be set for early userspace applications (e.g, modprobe triggered
from initramfs) and init. This could cause the applications to loop forever in
do_nofity_resume() as we never clear the TIF flag, once we now know that
we don't support FP.
Fix this by making sure that we clear the TIF_FOREIGN_FPSTATE flag
for tasks which may have them set, as we would have done in the normal
case, but avoiding touching the hardware state (since we don't support any).
Also to make sure we handle the cases seemlessly we categorise the
helper functions to two :
1) Helpers for common core code, which calls into take appropriate
actions without knowing the current FPSIMD state of the CPU/task.
e.g fpsimd_restore_current_state(), fpsimd_flush_task_state(),
fpsimd_save_and_flush_cpu_state().
We bail out early for these functions, taking any appropriate actions
(e.g, clearing the TIF flag) where necessary to hide the handling
from core code.
2) Helpers used when the presence of FP/SIMD is apparent.
i.e, save/restore the FP/SIMD register state, modify the CPU/task
FP/SIMD state.
e.g,
fpsimd_save(), task_fpsimd_load() - save/restore task FP/SIMD registers
fpsimd_bind_task_to_cpu() \
- Update the "state" metadata for CPU/task.
fpsimd_bind_state_to_cpu() /
fpsimd_update_current_state() - Update the fp/simd state for the current
task from memory.
These must not be called in the absence of FP/SIMD. Put in a WARNING
to make sure they are not invoked in the absence of FP/SIMD.
KVM also uses the TIF_FOREIGN_FPSTATE flag to manage the FP/SIMD state
on the CPU. However, without FP/SIMD support we trap all accesses and
inject undefined instruction. Thus we should never "load" guest state.
Add a sanity check to make sure this is valid.
Fixes:
|