1. 28 Nov, 2020 4 commits
    • Guillaume Nault's avatar
      ipv4: Fix tos mask in inet_rtm_getroute() · 1ebf1790
      Guillaume Nault authored
      When inet_rtm_getroute() was converted to use the RCU variants of
      ip_route_input() and ip_route_output_key(), the TOS parameters
      stopped being masked with IPTOS_RT_MASK before doing the route lookup.
      
      As a result, "ip route get" can return a different route than what
      would be used when sending real packets.
      
      For example:
      
          $ ip route add 192.0.2.11/32 dev eth0
          $ ip route add unreachable 192.0.2.11/32 tos 2
          $ ip route get 192.0.2.11 tos 2
          RTNETLINK answers: No route to host
      
      But, packets with TOS 2 (ECT(0) if interpreted as an ECN bit) would
      actually be routed using the first route:
      
          $ ping -c 1 -Q 2 192.0.2.11
          PING 192.0.2.11 (192.0.2.11) 56(84) bytes of data.
          64 bytes from 192.0.2.11: icmp_seq=1 ttl=64 time=0.173 ms
      
          --- 192.0.2.11 ping statistics ---
          1 packets transmitted, 1 received, 0% packet loss, time 0ms
          rtt min/avg/max/mdev = 0.173/0.173/0.173/0.000 ms
      
      This patch re-applies IPTOS_RT_MASK in inet_rtm_getroute(), to
      return results consistent with real route lookups.
      
      Fixes: 3765d35e ("net: ipv4: Convert inet_rtm_getroute to rcu versions of route lookup")
      Signed-off-by: default avatarGuillaume Nault <gnault@redhat.com>
      Reviewed-by: default avatarDavid Ahern <dsahern@kernel.org>
      Link: https://lore.kernel.org/r/b2d237d08317ca55926add9654a48409ac1b8f5b.1606412894.git.gnault@redhat.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      1ebf1790
    • Jakub Kicinski's avatar
      Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf · 3771b822
      Jakub Kicinski authored
      Daniel Borkmann says:
      
      ====================
      pull-request: bpf 2020-11-28
      
      1) Do not reference the skb for xsk's generic TX side since when looped
         back into RX it might crash in generic XDP, from Björn Töpel.
      
      2) Fix umem cleanup on a partially set up xsk socket when being destroyed,
         from Magnus Karlsson.
      
      3) Fix an incorrect netdev reference count when failing xsk_bind() operation,
         from Marek Majtyka.
      
      4) Fix bpftool to set an error code on failed calloc() in build_btf_type_table(),
         from Zhen Lei.
      
      * https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf:
        bpf: Add MAINTAINERS entry for BPF LSM
        bpftool: Fix error return value in build_btf_type_table
        net, xsk: Avoid taking multiple skbuff references
        xsk: Fix incorrect netdev reference count
        xsk: Fix umem cleanup bug at socket destruct
        MAINTAINERS: Update XDP and AF_XDP entries
      ====================
      
      Link: https://lore.kernel.org/r/20201128005104.1205-1-daniel@iogearbox.netSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      3771b822
    • Jakub Kicinski's avatar
      Merge tag 'batadv-net-pullrequest-20201127' of git://git.open-mesh.org/linux-merge · 28d35ad0
      Jakub Kicinski authored
      Simon Wunderlich says:
      
      ====================
      Here are some batman-adv bugfixes:
      
       - Fix head/tailroom issues for fragments, by Sven Eckelmann (3 patches)
      
      * tag 'batadv-net-pullrequest-20201127' of git://git.open-mesh.org/linux-merge:
        batman-adv: Don't always reallocate the fragmentation skb head
        batman-adv: Reserve needed_*room for fragments
        batman-adv: Consider fragmentation for needed_headroom
      ====================
      
      Link: https://lore.kernel.org/r/20201127173849.19208-1-sw@simonwunderlich.deSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      28d35ad0
    • Antoine Tenart's avatar
      netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal · 44f64f23
      Antoine Tenart authored
      Netfilter changes PACKET_OTHERHOST to PACKET_HOST before invoking the
      hooks as, while it's an expected value for a bridge, routing expects
      PACKET_HOST. The change is undone later on after hook traversal. This
      can be seen with pairs of functions updating skb>pkt_type and then
      reverting it to its original value:
      
      For hook NF_INET_PRE_ROUTING:
        setup_pre_routing / br_nf_pre_routing_finish
      
      For hook NF_INET_FORWARD:
        br_nf_forward_ip / br_nf_forward_finish
      
      But the third case where netfilter does this, for hook
      NF_INET_POST_ROUTING, the packet type is changed in br_nf_post_routing
      but never reverted. A comment says:
      
        /* We assume any code from br_dev_queue_push_xmit onwards doesn't care
         * about the value of skb->pkt_type. */
      
      But when having a tunnel (say vxlan) attached to a bridge we have the
      following call trace:
      
        br_nf_pre_routing
        br_nf_pre_routing_ipv6
           br_nf_pre_routing_finish
        br_nf_forward_ip
           br_nf_forward_finish
        br_nf_post_routing           <- pkt_type is updated to PACKET_HOST
           br_nf_dev_queue_xmit      <- but not reverted to its original value
        vxlan_xmit
           vxlan_xmit_one
              skb_tunnel_check_pmtu  <- a check on pkt_type is performed
      
      In this specific case, this creates issues such as when an ICMPv6 PTB
      should be sent back. When CONFIG_BRIDGE_NETFILTER is enabled, the PTB
      isn't sent (as skb_tunnel_check_pmtu checks if pkt_type is PACKET_HOST
      and returns early).
      
      If the comment is right and no one cares about the value of
      skb->pkt_type after br_dev_queue_push_xmit (which isn't true), resetting
      it to its original value should be safe.
      
      Fixes: 1da177e4 ("Linux-2.6.12-rc2")
      Signed-off-by: default avatarAntoine Tenart <atenart@kernel.org>
      Reviewed-by: default avatarFlorian Westphal <fw@strlen.de>
      Link: https://lore.kernel.org/r/20201123174902.622102-1-atenart@kernel.orgSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      44f64f23
  2. 27 Nov, 2020 36 commits
    • Linus Torvalds's avatar
      Merge tag 'asm-generic-fixes-5.10-2' of... · c84e1efa
      Linus Torvalds authored
      Merge tag 'asm-generic-fixes-5.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic
      
      Pull asm-generic fix from Arnd Bergmann:
       "Add correct MAX_POSSIBLE_PHYSMEM_BITS setting to asm-generic.
      
        This is a single bugfix for a bug that Stefan Agner found on 32-bit
        Arm, but that exists on several other architectures"
      
      * tag 'asm-generic-fixes-5.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic:
        arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
      c84e1efa
    • Linus Torvalds's avatar
      Merge tag 'arm-soc-fixes-v5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 303bc934
      Linus Torvalds authored
      Pull ARM SoC fixes from Arnd Bergmann:
       "Another set of patches for devicetree files and Arm SoC specific
        drivers:
      
         - A fix for OP-TEE shared memory on non-SMP systems
      
         - multiple code fixes for the OMAP platform, including one regression
           for the CPSW network driver and a few runtime warning fixes
      
         - Some DT patches for the Rockchip RK3399 platform, in particular
           fixing the MMC device ordering that recently became
           nondeterministic with async probe.
      
         - Multiple DT fixes for the Tegra platform, including a regression
           fix for suspend/resume on TX2
      
         - A regression fix for a user-triggered fault in the NXP dpio driver
      
         - A regression fix for a bug caused by an earlier bug fix in the
           xilinx firmware driver
      
         - Two more DTC warning fixes
      
         - Sylvain Lemieux steps down as maintainer for the NXP LPC32xx
           platform"
      
      * tag 'arm-soc-fixes-v5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (24 commits)
        arm64: tegra: Fix Tegra234 VDK node names
        arm64: tegra: Wrong AON HSP reg property size
        arm64: tegra: Fix USB_VBUS_EN0 regulator on Jetson TX1
        arm64: tegra: Correct the UART for Jetson Xavier NX
        arm64: tegra: Disable the ACONNECT for Jetson TX2
        optee: add writeback to valid memory type
        firmware: xilinx: Use hash-table for api feature check
        firmware: xilinx: Fix SD DLL node reset issue
        soc: fsl: dpio: Get the cpumask through cpumask_of(cpu)
        ARM: dts: dra76x: m_can: fix order of clocks
        bus: ti-sysc: suppress err msg for timers used as clockevent/source
        MAINTAINERS: Remove myself as LPC32xx maintainers
        arm64: dts: qcom: clear the warnings caused by empty dma-ranges
        arm64: dts: broadcom: clear the warnings caused by empty dma-ranges
        ARM: dts: am437x-l4: fix compatible for cpsw switch dt node
        arm64: dts: rockchip: Reorder LED triggers from mmc devices on rk3399-roc-pc.
        arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards.
        arm64: dts: rockchip: Remove system-power-controller from pmic on Odroid Go Advance
        arm64: dts: rockchip: fix NanoPi R2S GMAC clock name
        ARM: OMAP2+: Manage MPU state properly for omap_enter_idle_coupled()
        ...
      303bc934
    • Linus Torvalds's avatar
      Merge tag 'net-5.10-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 79c0c1f0
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Networking fixes for 5.10-rc6, including fixes from the WiFi driver,
        and CAN subtrees.
      
        Current release - regressions:
      
         - gro_cells: reduce number of synchronize_net() calls
      
         - ch_ktls: release a lock before jumping to an error path
      
        Current release - always broken:
      
         - tcp: Allow full IP tos/IPv6 tclass to be reflected in L3 header
      
        Previous release - regressions:
      
         - net/tls: fix missing received data after fast remote close
      
         - vsock/virtio: discard packets only when socket is really closed
      
         - sock: set sk_err to ee_errno on dequeue from errq
      
         - cxgb4: fix the panic caused by non smac rewrite
      
        Previous release - always broken:
      
         - tcp: fix corner cases around setting ECN with BPF selection of
           congestion control
      
         - tcp: fix race condition when creating child sockets from syncookies
           on loopback interface
      
         - usbnet: ipheth: fix connectivity with iOS 14
      
         - tun: honor IOCB_NOWAIT flag
      
         - net/packet: fix packet receive on L3 devices without visible hard
           header
      
         - devlink: Make sure devlink instance and port are in same net
           namespace
      
         - net: openvswitch: fix TTL decrement action netlink message format
      
         - bonding: wait for sysfs kobject destruction before freeing struct
           slave
      
         - net: stmmac: fix upstream patch applied to the wrong context
      
         - bnxt_en: fix return value and unwind in probe error paths
      
        Misc:
      
         - devlink: add extra layer of categorization to the reload stats uAPI
           before it's released"
      
      * tag 'net-5.10-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (68 commits)
        sock: set sk_err to ee_errno on dequeue from errq
        mptcp: fix NULL ptr dereference on bad MPJ
        net: openvswitch: fix TTL decrement action netlink message format
        can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check
        can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0
        can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
        can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from request_threaded_irq()'s flags
        can: mcp251xfd: mcp251xfd_probe(): bail out if no IRQ was given
        can: gs_usb: fix endianess problem with candleLight firmware
        ch_ktls: lock is not freed
        net/tls: Protect from calling tls_dev_del for TLS RX twice
        devlink: Make sure devlink instance and port are in same net namespace
        devlink: Hold rtnl lock while reading netdev attributes
        ptp: clockmatrix: bug fix for idtcm_strverscmp
        enetc: Let the hardware auto-advance the taprio base-time of 0
        gro_cells: reduce number of synchronize_net() calls
        net: stmmac: fix incorrect merge of patch upstream
        ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init
        Documentation: netdev-FAQ: suggest how to post co-dependent series
        ibmvnic: enhance resetting status check during module exit
        ...
      79c0c1f0
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 80e1e176
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "Three small fixes in the UFS driver: two are for power management
        issues and the third is to fix a slew of problem in the sysfs code"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: ufs: Fix race between shutdown and runtime resume flow
        scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE
        scsi: ufs: Fix unexpected values from ufshcd_read_desc_param()
      80e1e176
    • Linus Torvalds's avatar
      Merge tag 'io_uring-5.10-2020-11-27' of git://git.kernel.dk/linux-block · 9223e74f
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
      
       - Out of bounds fix for the cq size cap from earlier this release (Joseph)
      
       - iov_iter type check fix (Pavel)
      
       - Files grab + cancelation fix (Pavel)
      
      * tag 'io_uring-5.10-2020-11-27' of git://git.kernel.dk/linux-block:
        io_uring: fix files grab/cancel race
        io_uring: fix ITER_BVEC check
        io_uring: fix shift-out-of-bounds when round up cq size
      9223e74f
    • Linus Torvalds's avatar
      Merge tag 'block-5.10-2020-11-27' of git://git.kernel.dk/linux-block · d021c3e5
      Linus Torvalds authored
      Pull block fix from Jens Axboe:
       "Just a single fix, for a crash in the keyslot manager"
      
      * tag 'block-5.10-2020-11-27' of git://git.kernel.dk/linux-block:
        block/keyslot-manager: prevent crash when num_slots=1
      d021c3e5
    • Linus Torvalds's avatar
      Merge tag 'for-5.10-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux · a17a3ca5
      Linus Torvalds authored
      Pull btrfs fixes from David Sterba:
       "A few fixes for various warnings that accumulated over past two weeks:
      
         - tree-checker: add missing return values for some errors
      
         - lockdep fixes
            - when reading qgroup config and starting quota rescan
            - reverse order of quota ioctl lock and VFS freeze lock
      
         - avoid accessing potentially stale fs info during device scan,
           reported by syzbot
      
         - add scope NOFS protection around qgroup relation changes
      
         - check for running transaction before flushing qgroups
      
         - fix tracking of new delalloc ranges for some cases"
      
      * tag 'for-5.10-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
        btrfs: fix lockdep splat when enabling and disabling qgroups
        btrfs: do nofs allocations when adding and removing qgroup relations
        btrfs: fix lockdep splat when reading qgroup config on mount
        btrfs: tree-checker: add missing returns after data_ref alignment checks
        btrfs: don't access possibly stale fs_info data for printing duplicate device
        btrfs: tree-checker: add missing return after error in root_item
        btrfs: qgroup: don't commit transaction when we already hold the handle
        btrfs: fix missing delalloc new bit for new delalloc ranges
      a17a3ca5
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma · d41e9b22
      Linus Torvalds authored
      Pull rdma fixes from Jason Gunthorpe:
       "Two security issues and several small bug fixes. Things seem to have
        stabilized for this release here.
      
        Summary:
      
         - Significant out of bounds access security issue in i40iw
      
         - Fix misuse of mmu notifiers in hfi1
      
         - Several errors in the register map/usage in hns
      
         - Missing error returns in mthca"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
        RDMA/hns: Bugfix for memory window mtpt configuration
        RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP
        RDMA/hns: Fix wrong field of SRQ number the device supports
        IB/hfi1: Ensure correct mm is used at all times
        RDMA/i40iw: Address an mmap handler exploit in i40iw
        IB/mthca: fix return value of error branch in mthca_init_cq()
      d41e9b22
    • Linus Torvalds's avatar
      Merge tag 'mtd/fixes-for-5.10-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux · 76dc2bfc
      Linus Torvalds authored
      Pull mtd fixes from Miquel Raynal:
       "Because of a recent change in the core, NAND controller drivers
        initializing the ECC engine too early in the probe path are broken.
      
        Drivers should wait for the NAND device to be discovered and its
        memory layout known before doing any ECC related initialization, so
        instead of reverting the faulty change which is actually moving in the
        right direction, let's fix the drivers directly: socrates, sharpsl,
        r852, plat_nand, pasemi, tmio, txx9ndfmc, orion, mpc5121, lpc32xx_slc,
        lpc32xx_mlc, fsmc, diskonchip, davinci, cs553x, au1550, ams-delta,
        xway and gpio"
      
      * tag 'mtd/fixes-for-5.10-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux:
        mtd: rawnand: socrates: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: sharpsl: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: r852: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: plat_nand: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: pasemi: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: tmio: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: txx9ndfmc: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: orion: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: mpc5121: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: lpc32xx_slc: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: lpc32xx_mlc: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: fsmc: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: diskonchip: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: davinci: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: cs553x: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: au1550: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: ams-delta: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: xway: Move the ECC initialization to ->attach_chip()
        mtd: rawnand: gpio: Move the ECC initialization to ->attach_chip()
      76dc2bfc
    • Linus Torvalds's avatar
      Merge tag 'spi-fix-v5.10-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · 87c301ca
      Linus Torvalds authored
      Pull spi fixes from Mark Brown:
       "A few fixes for v5.10,  one for the core which fixes some potential
        races for controllers with multiple chip selects when configuration of
        the chip select for one client device races with the addition and
        initial setup of an additional client"
      
      * tag 'spi-fix-v5.10-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: dw: Fix spi registration for controllers overriding CS
        spi: imx: fix the unbalanced spi runtime pm management
        spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts
        spi: Take the SPI IO-mutex in the spi_setup() method
      87c301ca
    • Linus Torvalds's avatar
      Merge tag 'media/v5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media · f594139d
      Linus Torvalds authored
      Pull virtual digital TV driver fixes from Mauro Carvalho Chehab:
       "A series of fixes for the new virtual digital TV driver (vidtv), which
        is meant to help doing tests with the digital TV core and media
        userspace apps and libraries.
      
        They cover a series of issues I found on it, together with a few new
        things in order to make it easier to detect problems at the DVB core"
      
      * tag 'media/v5.10-3' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (36 commits)
        media: vidtv.rst: add kernel-doc markups
        media: vidtv.rst: update vidtv documentation
        media: vidtv: simplify EIT write function
        media: vidtv: simplify NIT write function
        media: vidtv: simplify SDT write function
        media: vidtv: cleanup PMT write table function
        media: vidtv: cleanup PAT write function
        media: vidtv: cleanup PSI table header function
        media: vidtv: cleanup PSI descriptor write function
        media: vidtv: simplify the crc writing logic
        media: vidtv: simplify PSI write function
        media: vidtv: add date to the current event
        media: vidtv: fix service_id at SDT table
        media: vidtv: fix service type
        media: vidtv: add a PID entry for the NIT table
        media: vidtv: properly fill EIT service_id
        media: vidtv: fix the network ID range
        media: vidtv: improve EIT data
        media: vidtv: cleanup null packet initialization logic
        media: vidtv: pre-initialize mux arrays
        ...
      f594139d
    • Linus Torvalds's avatar
      Merge tag 'drm-fixes-2020-11-27-1' of git://anongit.freedesktop.org/drm/drm · 6910b676
      Linus Torvalds authored
      Pull drm fixes from Dave Airlie:
       "Unfortunately this has a bit of thanksgiving stuffing in it, as it a
        bit larger (at least the vc4 patches) than I like at this point in
        time.
      
        The main thing is it has a bunch of regressions fixes for reports in
        the last couple of weeks, ast, nouveau and the amdgpu ttm init fix,
        along with the usual selection of amdgpu and i915 fixes.
      
        The vc4 fixes are a few but they are fixes and the nastiest one is a
        fix for when you have a 2.4Ghz Wifi and a HDMI signal with a clock in
        that range and there isn't enough shielding and interference happen
        between the two, the fix adjusts the mode clock to try and avoid the
        wifi channels in that case.
      
        Hopefully you can merge this between turkey slices, and next week
        should be quieter.
      
        ast:
         - LUT loading regression fix
      
        nouveau:
         - relocations regression fix
      
        amdgpu:
         - ttm init oops fix
         - Runtime pm fix
         - SI UVD suspend/resume fix
         - HDCP fix for headless cards
         - Sienna Cichlid golden register update
      
        i915:
         - Fix Perf/OA workaround register corruption (Lionel)
         - Correct a comment statement in GVT (Yan)
         - Fix GT enable/disable iterrupts, including a race condition that
           prevented GPU to go idle (Chris)
         - Free stale request on destroying the virtual engine (Chris)
      
        exynos:
         - config dependency fix
      
        mediatek:
         - unused var removal
         - horizonal front/back porch formula fix
      
        vc4:
         - wifi and hdmi interference fix
         - mode rejection fixes
         - use after free fix
         - cleanup some code"
      
      * tag 'drm-fixes-2020-11-27-1' of git://anongit.freedesktop.org/drm/drm: (28 commits)
        drm/nouveau: fix relocations applying logic and a double-free
        drm/ast: Reload gamma LUT after changing primary plane's color format
        drm/amdgpu: Fix size calculation when init onchip memory
        drm/amdgpu: update golden setting for sienna_cichlid
        drm/amd/display: Avoid HDCP initialization in devices without output
        drm/i915/gt: Free stale request on destroying the virtual engine
        drm/i915/gt: Don't cancel the interrupt shadow too early
        drm/i915/gt: Track signaled breadcrumbs outside of the breadcrumb spinlock
        drm/amdgpu: fix a page fault
        drm/amdgpu: fix SI UVD firmware validate resume fail
        drm/amd/amdgpu: fix null pointer in runtime pm
        drm/i915/gt: Defer enabling the breadcrumb interrupt to after submission
        drm/i915/gvt: correct a false comment of flag F_UNALIGN
        drm/i915/perf: workaround register corruption in OATAILPTR
        drm/vc4: kms: Don't disable the muxing of an active CRTC
        drm/vc4: kms: Store the unassigned channel list in the state
        drm/exynos: depend on COMMON_CLK to fix compile tests
        drm/mediatek: dsi: Modify horizontal front/back porch byte formula
        drm/vc4: hdmi: Disable Wifi Frequencies
        dt-bindings: display: Add a property to deal with WiFi coexistence
        ...
      6910b676
    • Jakub Kicinski's avatar
      Merge tag 'linux-can-fixes-for-5.10-20201127' of... · d0742c49
      Jakub Kicinski authored
      Merge tag 'linux-can-fixes-for-5.10-20201127' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can
      
      Marc Kleine-Budde says:
      
      ====================
      pull-request: can 2020-11-27
      
      The first patch is by me and target the gs_usb driver and fixes the endianess
      problem with candleLight firmware.
      
      Another patch by me for the mcp251xfd driver add sanity checking to bail out if
      no IRQ is configured.
      
      The next three patches target the m_can driver. A patch by me removes the
      hardcoded IRQF_TRIGGER_FALLING from the request_threaded_irq() as this clashes
      with the trigger level specified in the DT. Further a patch by me fixes the
      nominal bitiming tseg2 min value for modern m_can cores. Pankaj Sharma's patch
      add support for cores version 3.3.x.
      
      The last patch by Oliver Hartkopp is for af_can and converts a WARN() into a
      pr_warn(), which is triggered by the syzkaller. It was able to create a
      situation where the closing of a socket runs simultaneously to the notifier
      call chain for removing the CAN network device in use.
      
      * tag 'linux-can-fixes-for-5.10-20201127' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can:
        can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check
        can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0
        can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
        can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from request_threaded_irq()'s flags
        can: mcp251xfd: mcp251xfd_probe(): bail out if no IRQ was given
        can: gs_usb: fix endianess problem with candleLight firmware
      ====================
      
      Link: https://lore.kernel.org/r/20201127100301.512603-1-mkl@pengutronix.deSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      d0742c49
    • Linus Torvalds's avatar
      Merge tag 'platform-drivers-x86-v5.10-2' of... · 99c710c4
      Linus Torvalds authored
      Merge tag 'platform-drivers-x86-v5.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86
      
      Pull x86 platform driver fixes from Hans de Goede:
      
       - thinkpad_acpi fixes: two bug-fixes and three model specific quirks
      
       - fixes for misc other drivers: two bug-fixes and three model specific
         quirks
      
      * tag 'platform-drivers-x86-v5.10-2' of git://git.kernel.org/pub/scm/linux/kernel/git/pdx86/platform-drivers-x86:
        platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet
        platform/x86: touchscreen_dmi: Add info for the Predia Basic tablet
        platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC
        platform/x86: toshiba_acpi: Fix the wrong variable assignment
        platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE
        platform/x86: thinkpad_acpi: Whitelist P15 firmware for dual fan control
        platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time
        platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen
        platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e
        platform/x86: thinkpad_acpi: add P1 gen3 second fan support
      99c710c4
    • Willem de Bruijn's avatar
      sock: set sk_err to ee_errno on dequeue from errq · 985f7337
      Willem de Bruijn authored
      When setting sk_err, set it to ee_errno, not ee_origin.
      
      Commit f5f99309 ("sock: do not set sk_err in
      sock_dequeue_err_skb") disabled updating sk_err on errq dequeue,
      which is correct for most error types (origins):
      
        -       sk->sk_err = err;
      
      Commit 38b25793 ("sock: reset sk_err when the error queue is
      empty") reenabled the behavior for IMCP origins, which do require it:
      
        +       if (icmp_next)
        +               sk->sk_err = SKB_EXT_ERR(skb_next)->ee.ee_origin;
      
      But read from ee_errno.
      
      Fixes: 38b25793 ("sock: reset sk_err when the error queue is empty")
      Reported-by: default avatarAyush Ranjan <ayushranjan@google.com>
      Signed-off-by: default avatarWillem de Bruijn <willemb@google.com>
      Acked-by: default avatarSoheil Hassas Yeganeh <soheil@google.com>
      Link: https://lore.kernel.org/r/20201126151220.2819322-1-willemdebruijn.kernel@gmail.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      985f7337
    • Paolo Abeni's avatar
      mptcp: fix NULL ptr dereference on bad MPJ · d3ab7885
      Paolo Abeni authored
      If an msk listener receives an MPJ carrying an invalid token, it
      will zero the request socket msk entry. That should later
      cause fallback and subflow reset - as per RFC - at
      subflow_syn_recv_sock() time due to failing hmac validation.
      
      Since commit 4cf8b7e4 ("subflow: introduce and use
      mptcp_can_accept_new_subflow()"), we unconditionally dereference
      - in mptcp_can_accept_new_subflow - the subflow request msk
      before performing hmac validation. In the above scenario we
      hit a NULL ptr dereference.
      
      Address the issue doing the hmac validation earlier.
      
      Fixes: 4cf8b7e4 ("subflow: introduce and use mptcp_can_accept_new_subflow()")
      Tested-by: default avatarDavide Caratti <dcaratti@redhat.com>
      Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
      Reviewed-by: default avatarMatthieu Baerts <matthieu.baerts@tessares.net>
      Link: https://lore.kernel.org/r/03b2cfa3ac80d8fc18272edc6442a9ddf0b1e34e.1606400227.git.pabeni@redhat.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      d3ab7885
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 3913a2bc
      Linus Torvalds authored
      Pull kvm fixes from Paolo Bonzini:
       "ARM:
         - Fix alignment of the new HYP sections
         - Fix GICR_TYPER access from userspace
      
        S390:
         - do not reset the global diag318 data for per-cpu reset
         - do not mark memory as protected too early
         - fix for destroy page ultravisor call
      
        x86:
         - fix for SEV debugging
         - fix incorrect return code
         - fix for 'noapic' with PIC in userspace and LAPIC in kernel
         - fix for 5-level paging"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        kvm: x86/mmu: Fix get_mmio_spte() on CPUs supporting 5-level PT
        KVM: x86: Fix split-irqchip vs interrupt injection window request
        KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
        MAINTAINERS: Update email address for Sean Christopherson
        MAINTAINERS: add uv.c also to KVM/s390
        s390/uv: handle destroy page legacy interface
        KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last for userspace
        KVM: SVM: fix error return code in svm_create_vcpu()
        KVM: SVM: Fix offset computation bug in __sev_dbg_decrypt().
        KVM: arm64: Correctly align nVHE percpu data
        KVM: s390: remove diag318 reset code
        KVM: s390: pv: Mark mm as protected after the set secure parameters and improve cleanup
      3913a2bc
    • Eelco Chaudron's avatar
      net: openvswitch: fix TTL decrement action netlink message format · 69929d4c
      Eelco Chaudron authored
      Currently, the openvswitch module is not accepting the correctly formated
      netlink message for the TTL decrement action. For both setting and getting
      the dec_ttl action, the actions should be nested in the
      OVS_DEC_TTL_ATTR_ACTION attribute as mentioned in the openvswitch.h uapi.
      
      When the original patch was sent, it was tested with a private OVS userspace
      implementation. This implementation was unfortunately not upstreamed and
      reviewed, hence an erroneous version of this patch was sent out.
      
      Leaving the patch as-is would cause problems as the kernel module could
      interpret additional attributes as actions and vice-versa, due to the
      actions not being encapsulated/nested within the actual attribute, but
      being concatinated after it.
      
      Fixes: 744676e7 ("openvswitch: add TTL decrement action")
      Signed-off-by: default avatarEelco Chaudron <echaudro@redhat.com>
      Link: https://lore.kernel.org/r/160622121495.27296.888010441924340582.stgit@wsfd-netdev64.ntdv.lab.eng.bos.redhat.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
      69929d4c
    • Linus Torvalds's avatar
      Merge tag 'powerpc-5.10-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 95e1c7b1
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
       "Some more powerpc fixes for 5.10:
      
         - regression fix for a boot failure on some 32-bit machines.
      
         - fix for host crashes in the KVM system reset handling.
      
         - fix for a possible oops in the KVM XIVE interrupt handling on
           Power9.
      
         - fix for host crashes triggerable via the KVM emulated MMIO handling
           when running HPT guests.
      
         - a couple of small build fixes.
      
        Thanks to Andreas Schwab, Cédric Le Goater, Christophe Leroy, Erhard
        Furtner, Greg Kurz, Greg Kurz, Németh Márton, Nicholas Piggin, Nick
        Desaulniers, Serge Belyshev, and Stephen Rothwell"
      
      * tag 'powerpc-5.10-4' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/64s: Fix allnoconfig build since uaccess flush
        powerpc/64s/exception: KVM Fix for host DSI being taken in HPT guest MMU context
        powerpc: Drop -me200 addition to build flags
        KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing ESB page
        powerpc/64s: Fix KVM system reset handling when CONFIG_PPC_PSERIES=y
        powerpc/32s: Use relocation offset when setting early hash table
      95e1c7b1
    • Linus Torvalds's avatar
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · e4e94580
      Linus Torvalds authored
      Pull arm64 fixes from Will Deacon:
       "The main changes are relating to our handling of access/dirty bits,
        where our low-level page-table helpers could lead to stale young
        mappings and loss of the dirty bit in some cases (the latter has not
        been observed in practice, but could happen when clearing "soft-dirty"
        if we enabled that). These were posted as part of a larger series, but
        the rest of that is less urgent and needs a v2 which I'll get to
        shortly.
      
        In other news, we've now got a set of fixes to resolve the
        lockdep/tracing problems that have been plaguing us for a while, but
        they're still a bit "fresh" and I plan to send them to you next week
        after we've got some more confidence in them (although initial CI
        results look good).
      
        Summary:
      
         - Fix kerneldoc warnings generated by ACPI IORT code
      
         - Fix pte_accessible() so that access flag is ignored
      
         - Fix missing header #include
      
         - Fix loss of software dirty bit across pte_wrprotect() when HW DBM
           is enabled"
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect()
        arm64: pgtable: Fix pte_accessible()
        ACPI/IORT: Fix doc warnings in iort.c
        arm64/fpsimd: add <asm/insn.h> to <asm/kprobes.h> to fix fpsimd build
      e4e94580
    • Linus Torvalds's avatar
      Merge tag 'iommu-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · 6adf33a5
      Linus Torvalds authored
      Pull iommu fixes from Will Deacon:
       "Here's another round of IOMMU fixes for -rc6 consisting mainly of a
        bunch of independent driver fixes. Thomas agreed for me to take the
        x86 'tboot' fix here, as it fixes a regression introduced by a vt-d
        change.
      
         - Fix intel iommu driver when running on devices without VCCAP_REG
      
         - Fix swiotlb and "iommu=pt" interaction under TXT (tboot)
      
         - Fix missing return value check during device probe()
      
         - Fix probe ordering for Qualcomm SMMU implementation
      
         - Ensure page-sized mappings are used for AMD IOMMU buffers with SNP
           RMP"
      
      * tag 'iommu-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        iommu/vt-d: Don't read VCCAP register unless it exists
        x86/tboot: Don't disable swiotlb when iommu is forced on
        iommu: Check return of __iommu_attach_device()
        arm-smmu-qcom: Ensure the qcom_scm driver has finished probing
        iommu/amd: Enforce 4k mapping for certain IOMMU data structures
      6adf33a5
    • Linus Torvalds's avatar
      Merge tag 'printk-for-5.10-rc6-fixup' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux · 43d6ecd9
      Linus Torvalds authored
      Pull printk fixes from Petr Mladek:
      
       - do not lose trailing newline in pr_cont() calls
      
       - two trivial fixes for a dead store and a config description
      
      * tag 'printk-for-5.10-rc6-fixup' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux:
        printk: finalize records with trailing newlines
        printk: remove unneeded dead-store assignment
        init/Kconfig: Fix CPU number in LOG_CPU_MAX_BUF_SHIFT description
      43d6ecd9
    • Linus Torvalds's avatar
      Merge tag 'writeback_for_v5.10-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs · 5b4049d8
      Linus Torvalds authored
      Pull writeback fix from Jan Kara:
       "A fix of possible missing string termination in writeback tracepoints"
      
      * tag 'writeback_for_v5.10-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs:
        trace: fix potenial dangerous pointer
      5b4049d8
    • Arnd Bergmann's avatar
      Merge tag 'optee-valid-memory-type-for-v5.11' of... · ae597565
      Arnd Bergmann authored
      Merge tag 'optee-valid-memory-type-for-v5.11' of git://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes
      
      Add writeback to valid OP-TEE shared memory types
      
      Allows OP-TEE to work with ARMv7 based single CPU systems by allowing
      writeback cache policy for shared memory.
      
      * tag 'optee-valid-memory-type-for-v5.11' of git://git.linaro.org/people/jens.wiklander/linux-tee:
        optee: add writeback to valid memory type
      
      Link: https://lore.kernel.org/r/20201125120134.GA1642471@jadeSigned-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      ae597565
    • Vitaly Kuznetsov's avatar
      kvm: x86/mmu: Fix get_mmio_spte() on CPUs supporting 5-level PT · 9a2a0d3c
      Vitaly Kuznetsov authored
      Commit 95fb5b02 ("kvm: x86/mmu: Support MMIO in the TDP MMU") caused
      the following WARNING on an Intel Ice Lake CPU:
      
       get_mmio_spte: detect reserved bits on spte, addr 0xb80a0, dump hierarchy:
       ------ spte 0xb80a0 level 5.
       ------ spte 0xfcd210107 level 4.
       ------ spte 0x1004c40107 level 3.
       ------ spte 0x1004c41107 level 2.
       ------ spte 0x1db00000000b83b6 level 1.
       WARNING: CPU: 109 PID: 10254 at arch/x86/kvm/mmu/mmu.c:3569 kvm_mmu_page_fault.cold.150+0x54/0x22f [kvm]
      ...
       Call Trace:
        ? kvm_io_bus_get_first_dev+0x55/0x110 [kvm]
        vcpu_enter_guest+0xaa1/0x16a0 [kvm]
        ? vmx_get_cs_db_l_bits+0x17/0x30 [kvm_intel]
        ? skip_emulated_instruction+0xaa/0x150 [kvm_intel]
        kvm_arch_vcpu_ioctl_run+0xca/0x520 [kvm]
      
      The guest triggering this crashes. Note, this happens with the traditional
      MMU and EPT enabled, not with the newly introduced TDP MMU. Turns out,
      there was a subtle change in the above mentioned commit. Previously,
      walk_shadow_page_get_mmio_spte() was setting 'root' to 'iterator.level'
      which is returned by shadow_walk_init() and this equals to
      'vcpu->arch.mmu->shadow_root_level'. Now, get_mmio_spte() sets it to
      'int root = vcpu->arch.mmu->root_level'.
      
      The difference between 'root_level' and 'shadow_root_level' on CPUs
      supporting 5-level page tables is that in some case we don't want to
      use 5-level, in particular when 'cpuid_maxphyaddr(vcpu) <= 48'
      kvm_mmu_get_tdp_level() returns '4'. In case upper layer is not used,
      the corresponding SPTE will fail '__is_rsvd_bits_set()' check.
      
      Revert to using 'shadow_root_level'.
      
      Fixes: 95fb5b02 ("kvm: x86/mmu: Support MMIO in the TDP MMU")
      Signed-off-by: default avatarVitaly Kuznetsov <vkuznets@redhat.com>
      Message-Id: <20201126110206.2118959-1-vkuznets@redhat.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      9a2a0d3c
    • Paolo Bonzini's avatar
      KVM: x86: Fix split-irqchip vs interrupt injection window request · 71cc849b
      Paolo Bonzini authored
      kvm_cpu_accept_dm_intr and kvm_vcpu_ready_for_interrupt_injection are
      a hodge-podge of conditions, hacked together to get something that
      more or less works.  But what is actually needed is much simpler;
      in both cases the fundamental question is, do we have a place to stash
      an interrupt if userspace does KVM_INTERRUPT?
      
      In userspace irqchip mode, that is !vcpu->arch.interrupt.injected.
      Currently kvm_event_needs_reinjection(vcpu) covers it, but it is
      unnecessarily restrictive.
      
      In split irqchip mode it's a bit more complicated, we need to check
      kvm_apic_accept_pic_intr(vcpu) (the IRQ window exit is basically an INTACK
      cycle and thus requires ExtINTs not to be masked) as well as
      !pending_userspace_extint(vcpu).  However, there is no need to
      check kvm_event_needs_reinjection(vcpu), since split irqchip keeps
      pending ExtINT state separate from event injection state, and checking
      kvm_cpu_has_interrupt(vcpu) is wrong too since ExtINT has higher
      priority than APIC interrupts.  In fact the latter fixes a bug:
      when userspace requests an IRQ window vmexit, an interrupt in the
      local APIC can cause kvm_cpu_has_interrupt() to be true and thus
      kvm_vcpu_ready_for_interrupt_injection() to return false.  When this
      happens, vcpu_run does not exit to userspace but the interrupt window
      vmexits keep occurring.  The VM loops without any hope of making progress.
      
      Once we try to fix these with something like
      
           return kvm_arch_interrupt_allowed(vcpu) &&
      -        !kvm_cpu_has_interrupt(vcpu) &&
      -        !kvm_event_needs_reinjection(vcpu) &&
      -        kvm_cpu_accept_dm_intr(vcpu);
      +        (!lapic_in_kernel(vcpu)
      +         ? !vcpu->arch.interrupt.injected
      +         : (kvm_apic_accept_pic_intr(vcpu)
      +            && !pending_userspace_extint(v)));
      
      we realize two things.  First, thanks to the previous patch the complex
      conditional can reuse !kvm_cpu_has_extint(vcpu).  Second, the interrupt
      window request in vcpu_enter_guest()
      
              bool req_int_win =
                      dm_request_for_irq_injection(vcpu) &&
                      kvm_cpu_accept_dm_intr(vcpu);
      
      should be kept in sync with kvm_vcpu_ready_for_interrupt_injection():
      it is unnecessary to ask the processor for an interrupt window
      if we would not be able to return to userspace.  Therefore,
      kvm_cpu_accept_dm_intr(vcpu) is basically !kvm_cpu_has_extint(vcpu)
      ANDed with the existing check for masked ExtINT.  It all makes sense:
      
      - we can accept an interrupt from userspace if there is a place
        to stash it (and, for irqchip split, ExtINTs are not masked).
        Interrupts from userspace _can_ be accepted even if right now
        EFLAGS.IF=0.
      
      - in order to tell userspace we will inject its interrupt ("IRQ
        window open" i.e. kvm_vcpu_ready_for_interrupt_injection), both
        KVM and the vCPU need to be ready to accept the interrupt.
      
      ... and this is what the patch implements.
      Reported-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Analyzed-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      Reviewed-by: default avatarNikos Tsironis <ntsironis@arrikto.com>
      Reviewed-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Tested-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      71cc849b
    • Paolo Bonzini's avatar
      KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint · 72c3bcdc
      Paolo Bonzini authored
      Centralize handling of interrupts from the userspace APIC
      in kvm_cpu_has_extint and kvm_cpu_get_extint, since
      userspace APIC interrupts are handled more or less the
      same as ExtINTs are with split irqchip.  This removes
      duplicated code from kvm_cpu_has_injectable_intr and
      kvm_cpu_has_interrupt, and makes the code more similar
      between kvm_cpu_has_{extint,interrupt} on one side
      and kvm_cpu_get_{extint,interrupt} on the other.
      
      Cc: stable@vger.kernel.org
      Reviewed-by: default avatarFilippo Sironi <sironi@amazon.de>
      Reviewed-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Tested-by: default avatarDavid Woodhouse <dwmw@amazon.co.uk>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      72c3bcdc
    • Paolo Bonzini's avatar
      Merge tag 'kvmarm-fixes-5.10-4' of... · 545f6394
      Paolo Bonzini authored
      Merge tag 'kvmarm-fixes-5.10-4' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into kvm-master
      
      KVM/arm64 fixes for v5.10, take #4
      
      - Fix alignment of the new HYP sections
      - Fix GICR_TYPER access from userspace
      545f6394
    • Petr Mladek's avatar
      739e7116
    • Arnd Bergmann's avatar
      Merge tag 'omap-for-v5.10/fixes-rc5-signed' of... · 454a079b
      Arnd Bergmann authored
      Merge tag 'omap-for-v5.10/fixes-rc5-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into arm/fixes
      
      Fixes for omaps for various issues noticed during the -rc cycle:
      
      - Earlier omap4 cpuidle fix was incomplete and needs to use a
        configured idle state instead
      
      - Fix am4 cpsw driver compatible to avoid invalid resource error
        for the legacy driver
      
      - Two kconfig fixes for genpd support that we added for for v5.10
        for proper location of the option and adding missing option
      
      - Fix ti-sysc reset status checking on enabling modules to ignore
        quirky modules with reset status only usable when the quirk is
        activated during reset. Also fix bogus resetdone warning for
        cpsw and modules with no sysst register reset status bit
      
      - Suppress a ti-sysc warning for timers reserved as system timers
      
      - Fix the ordering of clocks for dra7 m_can
      
      * tag 'omap-for-v5.10/fixes-rc5-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
        ARM: dts: dra76x: m_can: fix order of clocks
        bus: ti-sysc: suppress err msg for timers used as clockevent/source
        ARM: dts: am437x-l4: fix compatible for cpsw switch dt node
        ARM: OMAP2+: Manage MPU state properly for omap_enter_idle_coupled()
        bus: ti-sysc: Fix bogus resetdone warning on enable for cpsw
        bus: ti-sysc: Fix reset status check for modules with quirks
        ARM: OMAP2+: Fix missing select PM_GENERIC_DOMAINS_OF
        ARM: OMAP2+: Fix location for select PM_GENERIC_DOMAINS
      
      Link: https://lore.kernel.org/r/pull-1606460270-864284@atomide.comSigned-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      454a079b
    • John Ogness's avatar
      printk: finalize records with trailing newlines · 4ad9921a
      John Ogness authored
      Any record with a trailing newline (LOG_NEWLINE flag) cannot
      be continued because the newline has been stripped and will
      not be visible if the message is appended. This was already
      handled correctly when committing in log_output() but was
      not handled correctly when committing in log_store().
      
      Fixes: f5f022e5 ("printk: reimplement log_cont using record extension")
      Link: https://lore.kernel.org/r/20201126114836.14750-1-john.ogness@linutronix.deReported-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
      Signed-off-by: default avatarJohn Ogness <john.ogness@linutronix.de>
      Tested-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
      Reviewed-by: default avatarPetr Mladek <pmladek@suse.com>
      Signed-off-by: default avatarPetr Mladek <pmladek@suse.com>
      4ad9921a
    • Oliver Hartkopp's avatar
      can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check · d73ff9b7
      Oliver Hartkopp authored
      To detect potential bugs in CAN protocol implementations (double removal of
      receiver entries) a WARN() statement has been used if no matching list item was
      found for removal.
      
      The fault injection issued by syzkaller was able to create a situation where
      the closing of a socket runs simultaneously to the notifier call chain for
      removing the CAN network device in use.
      
      This case is very unlikely in real life but it doesn't break anything.
      Therefore we just replace the WARN() statement with pr_warn() to preserve the
      notification for the CAN protocol development.
      
      Reported-by: syzbot+381d06e0c8eaacb8706f@syzkaller.appspotmail.com
      Reported-by: syzbot+d0ddd88c9a7432f041e6@syzkaller.appspotmail.com
      Reported-by: syzbot+76d62d3b8162883c7d11@syzkaller.appspotmail.com
      Signed-off-by: default avatarOliver Hartkopp <socketcan@hartkopp.net>
      Link: https://lore.kernel.org/r/20201126192140.14350-1-socketcan@hartkopp.netSigned-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      d73ff9b7
    • Pankaj Sharma's avatar
      can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0 · 5c7d55bd
      Pankaj Sharma authored
      Add support for mcan bit timing and control mode according to bosch mcan IP
      version 3.3.0. The mcan version read from the Core Release field of CREL
      register would be 33. Accordingly the properties are to be set for mcan v3.3.0
      Signed-off-by: default avatarPankaj Sharma <pankj.sharma@samsung.com>
      Link: https://lore.kernel.org/r/1606366302-5520-1-git-send-email-pankj.sharma@samsung.comSigned-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      5c7d55bd
    • Marc Kleine-Budde's avatar
      can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 · e3409e41
      Marc Kleine-Budde authored
      At lest the revision 3.3.0 of the bosch m_can IP core specifies that valid
      register values for "Nominal Time segment after sample point (NTSEG2)" are from
      1 to 127. As the hardware uses a value of one more than the programmed value,
      mean tseg2_min is 2.
      
      This patch fixes the tseg2_min value accordingly.
      
      Cc: Dan Murphy <dmurphy@ti.com>
      Cc: Mario Huettel <mario.huettel@gmx.net>
      Acked-by: default avatarSriram Dash <sriram.dash@samsung.com>
      Link: https://lore.kernel.org/r/20201124190751.3972238-1-mkl@pengutronix.de
      Fixes: b03cfc5b ("can: m_can: Enable M_CAN version dependent initialization")
      Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      e3409e41
    • Marc Kleine-Budde's avatar
      can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from request_threaded_irq()'s flags · 865f5b67
      Marc Kleine-Budde authored
      The threaded IRQ handler is used for the tcan4x5x driver only. The IRQ pin of
      the tcan4x5x controller is active low, so better not use IRQF_TRIGGER_FALLING
      when requesting the IRQ. As this can result in missing interrupts.
      
      Further, if the device tree specified the interrupt as "IRQ_TYPE_LEVEL_LOW",
      unloading and reloading of the driver results in the following error during
      ifup:
      
      | irq: type mismatch, failed to map hwirq-31 for gpio@20a8000!
      | tcan4x5x spi1.1: m_can device registered (irq=0, version=32)
      | tcan4x5x spi1.1 can2: TCAN4X5X successfully initialized.
      | tcan4x5x spi1.1 can2: failed to request interrupt
      
      This patch fixes the problem by removing the IRQF_TRIGGER_FALLING from the
      request_threaded_irq().
      
      Fixes: f524f829 ("can: m_can: Create a m_can platform framework")
      Cc: Dan Murphy <dmurphy@ti.com>
      Cc: Sriram Dash <sriram.dash@samsung.com>
      Cc: Pankaj Sharma <pankj.sharma@samsung.com>
      Link: https://lore.kernel.org/r/20201127093548.509253-1-mkl@pengutronix.deSigned-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      865f5b67
    • Sven Eckelmann's avatar
      batman-adv: Don't always reallocate the fragmentation skb head · 992b03b8
      Sven Eckelmann authored
      When a packet is fragmented by batman-adv, the original batman-adv header
      is not modified. Only a new fragmentation is inserted between the original
      one and the ethernet header. The code must therefore make sure that it has
      a writable region of this size in the skbuff head.
      
      But it is not useful to always reallocate the skbuff by this size even when
      there would be more than enough headroom still in the skb. The reallocation
      is just to costly during in this codepath.
      
      Fixes: ee75ed88 ("batman-adv: Fragment and send skbs larger than mtu")
      Signed-off-by: default avatarSven Eckelmann <sven@narfation.org>
      Signed-off-by: default avatarSimon Wunderlich <sw@simonwunderlich.de>
      992b03b8