- 08 Aug, 2017 1 commit
-
-
Michael Hernandez authored
This patch fixes system hang/crash while firmware dump is attempted with Block MQ enabled in qla2xxx driver. Fix is to remove check in fw dump template entries for existing request and response queues so that full buffer size is calculated during template size calculation. Following stack trace is seen during firmware dump capture process [ 694.390588] qla2xxx [0000:81:00.0]-5003:11: ISP System Error - mbx1=4b1fh mbx2=10h mbx3=2ah mbx7=0h. [ 694.402336] BUG: unable to handle kernel paging request at ffffc90008c7b000 [ 694.402372] IP: memcpy_erms+0x6/0x10 [ 694.402386] PGD 105f01a067 [ 694.402386] PUD 85f89c067 [ 694.402398] PMD 10490cb067 [ 694.402409] PTE 0 [ 694.402421] [ 694.402437] Oops: 0002 [#1] PREEMPT SMP [ 694.402452] Modules linked in: netconsole configfs qla2xxx scsi_transport_fc nvme_fc nvme_fabrics bnep bluetooth rfkill xt_tcpudp unix_diag xt_multiport ip6table_filter ip6_tables iptable_filter ip_tables x_tables af_packet iscsi_ibft iscsi_boot_sysfs xfs libcrc32c ipmi_ssif sb_edac edac_core x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass igb crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc aesni_intel iTCO_wdt aes_x86_64 crypto_simd ptp iTCO_vendor_support glue_helper cryptd lpc_ich joydev i2c_i801 pcspkr ioatdma mei_me pps_core tpm_tis mei mfd_core acpi_power_meter tpm_tis_core ipmi_si ipmi_devintf tpm ipmi_msghandler shpchp wmi dca button acpi_pad btrfs xor uas usb_storage hid_generic usbhid raid6_pq crc32c_intel ast i2c_algo_bit drm_kms_helper syscopyarea sysfillrect [ 694.402692] sysimgblt fb_sys_fops xhci_pci ttm ehci_pci sr_mod xhci_hcd cdrom ehci_hcd drm usbcore sg [ 694.402730] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.10.0-1-default+ #19 [ 694.402753] Hardware name: Supermicro X10DRi/X10DRi, BIOS 1.1a 10/16/2015 [ 694.402776] task: ffffffff81c0e4c0 task.stack: ffffffff81c00000 [ 694.402798] RIP: 0010:memcpy_erms+0x6/0x10 [ 694.402813] RSP: 0018:ffff88085fc03cd0 EFLAGS: 00210006 [ 694.402832] RAX: ffffc90008c7ae0c RBX: 0000000000000004 RCX: 000000000001fe0c [ 694.402856] RDX: 0000000000020000 RSI: ffff8810332c01f4 RDI: ffffc90008c7b000 [ 694.402879] RBP: ffff88085fc03d18 R08: 0000000000020000 R09: 0000000000279e0a [ 694.402903] R10: 0000000000000000 R11: f000000000000000 R12: ffff88085fc03d80 [ 694.402927] R13: ffffc90008a01000 R14: ffffc90008a056d4 R15: ffff881052ef17e0 [ 694.402951] FS: 0000000000000000(0000) GS:ffff88085fc00000(0000) knlGS:0000000000000000 [ 694.402977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 694.403012] CR2: ffffc90008c7b000 CR3: 0000000001c09000 CR4: 00000000001406f0 [ 694.403036] Call Trace: [ 694.403047] <IRQ> [ 694.403072] ? qla27xx_fwdt_entry_t263+0x18e/0x380 [qla2xxx] [ 694.403099] qla27xx_walk_template+0x9d/0x1a0 [qla2xxx] [ 694.403124] qla27xx_fwdump+0x1f3/0x272 [qla2xxx] [ 694.403149] qla2x00_async_event+0xb08/0x1a50 [qla2xxx] [ 694.403169] ? enqueue_task_fair+0xa2/0x9d0 Signed-off-by:
Mike Hernandez <michael.hernandez@cavium.com> Signed-off-by:
Joe Carnuccio <joe.carnuccio@cavium.com> Signed-off-by:
Himanshu Madhani <himanshu.madhani@cavium.com> Signed-off-by:
Martin K. Petersen <martin.petersen@oracle.com>
-
- 27 Jul, 2017 8 commits
-
-
Johannes Thumshirn authored
Don't make any assumptions on the sg_io_hdr_t::dxfer_direction or the sg_io_hdr_t::dxferp in order to determine if it is a valid request. The only way we can check for bad requests is by checking if the length exceeds 256M. Signed-off-by:
Johannes Thumshirn <jthumshirn@suse.de> Fixes: 28676d86 (scsi: sg: check for valid direction before starting the request) Reported-by:
Jason L Tibbitts III <tibbs@math.uh.edu> Tested-by:
Doug Gilbert <dgilbert@interlog.com> Cc: Doug Gilbert <dgilbert@interlog.com> Cc: <stable@vger.kernel.org> Reviewed-by:
Hannes Reinecke <hare@suse.com> Signed-off-by:
-
Dan Carpenter authored
"qd.id" comes directly from the copy_from_user() on the line before so we should verify that it's within bounds. Signed-off-by:
Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:
-
Thomas Bogendoerfer authored
FCOE offloading failed with: [qed_sp_fcoe_func_start:150(sp-0-3b:00.02)]Cannot satisfy CQ amount. CQs requested 8, CQs available 6. Aborting function start [qed_fcoe_start:821()]Failed to start fcoe [__qedf_probe:3041]:6: Cannot start FCoE function. The reason is a newly introduced check in the qed main part. This change also provides the information about how many CQs are available, so we simply limit the number of requested CQs.. Fixes: 3c5da942 ("qed: Share additional information with qedf") Signed-off-by:
Thomas Bogendoerfer <tbogendoerfer@suse.de> Reviewed-by:
Chad Dupuis <chad.dupuis@cavium.com> Signed-off-by:
-
Thomas Gleixner authored
The CPU hotplug related code of this driver can be simplified by: 1) Consolidating the callbacks into a single state. The CPU thread can be torn down on the CPU which goes offline. There is no point in delaying that to the CPU dead state 2) Let the core code invoke the online/offline callbacks and remove the extra for_each_online_cpu() loops. Signed-off-by:
Thomas Gleixner <tglx@linutronix.de> Acked-by:
-
Thomas Gleixner authored
The CPU hotplug related code of this driver can be simplified by: 1) Consolidating the callbacks into a single state. The CPU thread can be torn down on the CPU which goes offline. There is no point in delaying that to the CPU dead state 2) Let the core code invoke the online/offline callbacks and remove the extra for_each_online_cpu() loops. Signed-off-by:
-
Thomas Gleixner authored
The BNX2I module init/exit code installs/removes the hotplug callbacks with the cpu hotplug lock held. This worked with the old CPU locking implementation which allowed recursive locking, but with the new percpu rwsem based mechanism this is not longer allowed. Use the _cpuslocked() variants to fix this. Reported-by:
Steven Rostedt <rostedt@goodmis.org> Acked-by:
-
Thomas Gleixner authored
The BNX2FC module init/exit code installs/removes the hotplug callbacks with the cpu hotplug lock held. This worked with the old CPU locking implementation which allowed recursive locking, but with the new percpu rwsem based mechanism this is not longer allowed. Use the _cpuslocked() variants to fix this. Reported-by:
kernel test robot <fengguang.wu@intel.com> Acked-by:
-
Thomas Gleixner authored
bnx2fc_process_new_cqes() has protection against CPU hotplug, which relies on the per cpu thread pointer. This protection is racy because it happens only partially with the per cpu fp_work_lock held. If the CPU is unplugged after the lock is dropped, the wakeup code can dereference a NULL pointer or access freed and potentially reused memory. Restructure the code so the thread check and wakeup happens with the fp_work_lock held. Signed-off-by:
-
- 25 Jul, 2017 7 commits
-
-
Dan Carpenter authored
We shouldn't be writing over the "ret" variable. It means we return ERR_PTR(0) which is NULL and it results in a NULL dereference in the caller. Fixes: ace7f46b ("scsi: qedi: Add QLogic FastLinQ offload iSCSI driver framework.") Signed-off-by:
-
Arnd Bergmann authored
When LPFC is built-in but NVMe is a loadable module, we fail to link the kernel: drivers/scsi/built-in.o: In function `lpfc_nvme_create_localport': (.text+0x156a82): undefined reference to `nvme_fc_register_localport' drivers/scsi/built-in.o: In function `lpfc_nvme_destroy_localport': (.text+0x156eaa): undefined reference to `nvme_fc_unregister_remoteport' We can avoid this either by forcing lpfc to be a module, or by disabling NVMe support in this case. This implements the former. Fixes: 7d708033 ("scsi: lpfc: Finalize Kconfig options for nvme") Cc: stable@vger.kernel.org Link: https://patchwork.kernel.org/patch/9636569/Signed-off-by:
Arnd Bergmann <arnd@arndb.de> Signed-off-by:
-
Hannes Reinecke authored
When trying to delete a vport via 'vport_delete' sysfs attribute we should be checking if the port is already in state VPORT_DELETING; if so there's no need to do anything. Signed-off-by:
Hannes Reinecke <hare@suse.de> Signed-off-by:
-
Varun Prakash authored
In error case it is possible that ->cleanup_task() gets called without calling ->alloc_pdu() in this case cxgbi_task_data is not valid, so add a check for for valid cxgbi_task_data in cxgbi_cleanup_task(). Signed-off-by:
Varun Prakash <varun@chelsio.com> Signed-off-by:
-
Jakub Kicinski authored
Building firmware with O=path was apparently broken in aic7 for ever. Message of the previous commit to the Makefile (from 2008) mentions this unfortunate state of affairs already. Fix this, mostly to make randconfig builds more reliable. Signed-off-by:
Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by:
-
Shu Wang authored
Found this issue by kmemleak, a few kb mem was leaked in megasas_alloc_cmdlist_fusion when kzalloc failed for one megasas_cmd_fusion allocation. unreferenced object 0xffff88045dbd2000 (size 8192): comm "systemd-udevd", pid 323, jiffies 4294671759 (age 49.008s) backtrace: [<ffffffff8176166a>] kmemleak_alloc+0x4a/0xa0 [<ffffffff812186a8>] __kmalloc+0xe8/0x220 [<ffffffffc0060594>] megasas_alloc_cmdlist_fusion+0x34/0xe0 [megaraid_sas] (gdb) list *megasas_alloc_cmdlist_fusion+0x34 0xd5c4 is in megasas_alloc_cmdlist_fusion (drivers/scsi/megaraid/megaraid_sas_fusion.c:443). [<ffffffffc0060ca5>] megasas_alloc_cmds_fusion+0x25/0x410 [megaraid_sas] [<ffffffffc0061edf>] megasas_init_adapter_fusion+0x21f/0x640 [megaraid_sas] [<ffffffffc005df17>] megasas_init_fw+0x357/0xd30 [megaraid_sas] [<ffffffffc005ef26>] megasas_probe_one.part.33+0x636/0x1100 [megaraid_sas] [<ffffffffc005fa36>] megasas_probe_one+0x46/0xc0 [megaraid_sas] [<ffffffff813d2ca5>] local_pci_probe+0x45/0xa0 [<ffffffff813d4222>] pci_device_probe+0x192/0x1b0 [<ffffffff814e3658>] driver_probe_device+0x2a8/0x460 [<ffffffff814e38ed>] __driver_attach+0xdd/0xe0 [<ffffffff814e124c>] bus_for_each_dev+0x6c/0xc0 [<ffffffff814e2dde>] driver_attach+0x1e/0x20 [<ffffffff814e2775>] bus_add_driver+0x45/0x270 [<ffffffff814e4400>] driver_register+0x60/0xe0 unreferenced object 0xffff880454ce3600 (size 192): backtrace: [<ffffffff8176166a>] kmemleak_alloc+0x4a/0xa0 [<ffffffff8121801a>] kmem_cache_alloc_trace+0xca/0x1d0 [<ffffffffc00605d7>] megasas_alloc_cmdlist_fusion+0x77/0xe0 [megaraid_sas] (gdb) list *megasas_alloc_cmdlist_fusion+0x77 0xd607 is in megasas_alloc_cmdlist_fusion (drivers/scsi/megaraid/megaraid_sas_fusion.c:450). [<ffffffffc0060ca5>] megasas_alloc_cmds_fusion+0x25/0x410 [megaraid_sas] [<ffffffffc0061edf>] megasas_init_adapter_fusion+0x21f/0x640 [megaraid_sas] [<ffffffffc005df17>] megasas_init_fw+0x357/0xd30 [megaraid_sas] [<ffffffffc005ef26>] megasas_probe_one.part.33+0x636/0x1100 [megaraid_sas] [<ffffffffc005fa36>] megasas_probe_one+0x46/0xc0 [megaraid_sas] [<ffffffff813d2ca5>] local_pci_probe+0x45/0xa0 [<ffffffff813d4222>] pci_device_probe+0x192/0x1b0 [<ffffffff814e3658>] driver_probe_device+0x2a8/0x460 [<ffffffff814e38ed>] __driver_attach+0xdd/0xe0 [<ffffffff814e124c>] bus_for_each_dev+0x6c/0xc0 [<ffffffff814e2dde>] driver_attach+0x1e/0x20 [<ffffffff814e2775>] bus_add_driver+0x45/0x270 [<ffffffff814e4400>] driver_register+0x60/0xe0 Signed-off-by:Shu Wang <shuwang@redhat.com> Acked-by:
Sumit Saxena <sumit.saxena@broadcom.com> Signed-off-by:
-
Nilesh Javali authored
qedi uses iscsi_boot_sysfs to export the targets used for boot to sysfs. Select the config option to make sure the module is built. This addresses the compile time issue, drivers/scsi/qedi/qedi_main.o: In function `qedi_remove': qedi_main.c:(.text+0x3bbd): undefined reference to `iscsi_boot_destroy_kset' drivers/scsi/qedi/qedi_main.o: In function `__qedi_probe.constprop.0': qedi_main.c:(.text+0x577a): undefined reference to `iscsi_boot_create_target' qedi_main.c:(.text+0x5807): undefined reference to `iscsi_boot_create_target' qedi_main.c:(.text+0x587f): undefined reference to `iscsi_boot_create_initiator' qedi_main.c:(.text+0x58f3): undefined reference to `iscsi_boot_create_ethernet' qedi_main.c:(.text+0x5927): undefined reference to `iscsi_boot_destroy_kset' qedi_main.c:(.text+0x5d7b): undefined reference to `iscsi_boot_create_host_kset' [mkp: fixed whitespace] Signed-off-by:Nilesh Javali <nilesh.javali@cavium.com> Fixes: c57ec8fb ("scsi: qedi: Add support for Boot from SAN over iSCSI offload") Reported-by:
-
- 18 Jul, 2017 3 commits
-
-
Johannes Thumshirn authored
dxfer_len is an unsigned int and we always assign a value > 0 to it, so it doesn't make any sense to check if it is < 0. We can't really check dxferp as well as we have both NULL and not NULL cases in the possible call paths. So just return true for SG_DXFER_FROM_DEV transfer in sg_is_valid_dxfer(). Signed-off-by:
Colin Ian King <colin.king@canonical.com> Reported-by:
-
Yadan Fan authored
The smartpqi firmware will bypass the cache for any request larger than 1MB, so we should cap the request size to avoid any performance degradation in kernels later than v4.3 This degradation is caused from d2be537c, which changed max_sectors_kb to 1280k, but the hardware is able to work fine with it, so the true fix should be from smartpqi driver. Signed-off-by:
Yadan Fan <ydfan@suse.com> Reviewed-by:
Don Brace <don.brace@microsemi.com> Signed-off-by:
-
Yadan Fan authored
The hpsa firmware will bypass the cache for any request larger than 1MB, so we should cap the request size to avoid any performance degradation in kernels later than v4.3 This degradation is caused from d2be537c, which changed max_sectors_kb to 1280k, but the hardware is able to work fine with it, so the true fix should be from hpsa driver. Signed-off-by:
-
- 12 Jul, 2017 10 commits
-
-
Dan Carpenter authored
This patch is basically to silence a static checker warning. drivers/scsi/libfc/fc_disc.c:326 fc_disc_error() warn: passing a valid pointer to 'PTR_ERR' It doesn't affect runtime because it treats -ENOMEM and a valid pointer the same. But the documentation says we should be passing an error pointer. Signed-off-by:Johannes Thumshirn <jth@kernel.org> Signed-off-by:
-
Colin Ian King authored
Don't populate various tables on the stack but make them static const. Makes the object code smaller by over 280 bytes: Before: text data bss dec hex filename 39887 5080 64 45031 afe7 hisi_sas_v2_hw.o After: text data bss dec hex filename 39318 5368 64 44750 aece hisi_sas_v2_hw.o Signed-off-by:
John Garry <john.garry@huawei.com> Signed-off-by:
-
Dan Carpenter authored
There are "req->num_outstanding_cmds" elements in the req->outstanding_cmds[] array so the > here should be >=. Signed-off-by:
Nicholas Bellinger <nab@linux-iscsi.org> Signed-off-by:
-
Johannes Thumshirn authored
SG_DXFER_FROM_DEV transfers do not necessarily have a dxferp as we set it to NULL for the old sg_io read/write interface, but must have a length bigger than 0. This fixes a regression introduced by commit 28676d86 ("scsi: sg: check for valid direction before starting the request") Signed-off-by:
Chris Clayton <chris2553@googlemail.com> Tested-by:
-
Paolo Bonzini authored
Multi-queue virtio-scsi uses a different scsi_host_template struct. Add the .device_alloc field there, too. Fixes: 25d1d50e Cc: stable@vger.kernel.org Cc: David Gibson <david@gibson.dropbear.id.au> Signed-off-by:
Paolo Bonzini <pbonzini@redhat.com> Reviewed-by:
Fam Zheng <famz@redhat.com> Reviewed-by:
Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by:
-
Colin Ian King authored
Trivial fix to spelling mistake in QEDF_INFO message and remove duplicated "since" (thanks to Tyrel Datwyler for spotting the latter issue). Signed-off-by:
Tyrel Datwyler <tyreld@linux.vnet.ibm.com> Signed-off-by:
-
Colin Ian King authored
Trivial fix to spelling mistake in QEDF_ERR message. I should have also included this in a previous fix, but I only just spotted this one. Signed-off-by:
Manish Rangankar <Manish.Rangankar@cavium.com> Signed-off-by:
-
Colin Ian King authored
There are a couple of typos in function names and spelling of request where the letters u and e are swapped: scu_ssp_reqeust_construct_task_context scu_sata_reqeust_construct_task_context Fix the spelling of request. Signed-off-by:
-
Dan Carpenter authored
The copy_from/to_user() functions return the number of bytes remaining to be copied but we had intended to return -EFAULT here. Fixes: bc88ac47 ("scsi: cxlflash: Support AFU debug") Signed-off-by:
Matthew R. Ochs <mrochs@linux.vnet.ibm.com> Signed-off-by:
-
Nilesh Javali authored
This patch adds support for Boot from SAN over iSCSI offload. The iSCSI boot information in the NVRAM is populated under /sys/firmware/iscsi_bootX/ using qed NVM-image reading API and further exported to open-iscsi to perform iSCSI login enabling boot over offload iSCSI interface in a Boot from SAN environment. Signed-off-by:
Arun Easi <arun.easi@cavium.com> Signed-off-by:
Andrew Vasquez <andrew.vasquez@cavium.com> Signed-off-by:
-
- 11 Jul, 2017 6 commits
-
-
git://git.kernel.dk/linux-blockLinus Torvalds authored
Pull more block updates from Jens Axboe: "This is a followup for block changes, that didn't make the initial pull request. It's a bit of a mixed bag, this contains: - A followup pull request from Sagi for NVMe. Outside of fixups for NVMe, it also includes a series for ensuring that we properly quiesce hardware queues when browsing live tags. - Set of integrity fixes from Dmitry (mostly), fixing various issues for folks using DIF/DIX. - Fix for a bug introduced in cciss, with the req init changes. From Christoph. - Fix for a bug in BFQ, from Paolo. - Two followup fixes for lightnvm/pblk from Javier. - Depth fix from Ming for blk-mq-sched. - Also from Ming, performance fix for mtip32xx that was introduced with the dynamic initialization of commands" * 'for-linus' of git://git.kernel.dk/linux-block: (44 commits) block: call bio_uninit in bio_endio nvmet: avoid unneeded assignment of submit_bio return value nvme-pci: add module parameter for io queue depth nvme-pci: compile warnings in nvme_alloc_host_mem() nvmet_fc: Accept variable pad lengths on Create Association LS nvme_fc/nvmet_fc: revise Create Association descriptor length lightnvm: pblk: remove unnecessary checks lightnvm: pblk: control I/O flow also on tear down cciss: initialize struct scsi_req null_blk: fix error flow for shared tags during module_init block: Fix __blkdev_issue_zeroout loop nvme-rdma: unconditionally recycle the request mr nvme: split nvme_uninit_ctrl into stop and uninit virtio_blk: quiesce/unquiesce live IO when entering PM states mtip32xx: quiesce request queues to make sure no submissions are inflight nbd: quiesce request queues to make sure no submissions are inflight nvme: kick requeue list when requeueing a request instead of when starting the queues nvme-pci: quiesce/unquiesce admin_q instead of start/stop its hw queues nvme-loop: quiesce/unquiesce admin_q instead of start/stop its hw queues nvme-fc: quiesce/unquiesce admin_q instead of start/stop its hw queues ... -
git://git.samba.org/sfrench/cifs-2.6Linus Torvalds authored
Pull cifs fixes and sane default from Steve French: "Upgrade default dialect to more secure SMB3 from older cifs dialect" * tag 'smb3-security-fixes-for-4.13' of git://git.samba.org/sfrench/cifs-2.6: cifs: Clean up unused variables in smb2pdu.c [SMB3] Improve security, move default dialect to SMB3 from old CIFS [SMB3] Remove ifdef since SMB3 (and later) now STRONGLY preferred CIFS: Reconnect expired SMB sessions CIFS: Display SMB2 error codes in the hex format cifs: Use smb 2 - 3 and cifsacl mount options setacl function cifs: prototype declaration and definition to set acl for smb 2 - 3 and cifsacl mount options
-
git://github.com/ceph/ceph-clientLinus Torvalds authored
Pull ceph updates from Ilya Dryomov: "The main item here is support for v12.y.z ("Luminous") clusters: RESEND_ON_SPLIT, RADOS_BACKOFF, OSDMAP_PG_UPMAP and CRUSH_CHOOSE_ARGS feature bits, and various other changes in the RADOS client protocol. On top of that we have a new fsc mount option to allow supplying fscache uniquifier (similar to NFS) and the usual pile of filesystem fixes from Zheng" * tag 'ceph-for-4.13-rc1' of git://github.com/ceph/ceph-client: (44 commits) libceph: advertise support for NEW_OSDOP_ENCODING and SERVER_LUMINOUS libceph: osd_state is 32 bits wide in luminous crush: remove an obsolete comment crush: crush_init_workspace starts with struct crush_work libceph, crush: per-pool crush_choose_arg_map for crush_do_rule() crush: implement weight and id overrides for straw2 libceph: apply_upmap() libceph: compute actual pgid in ceph_pg_to_up_acting_osds() libceph: pg_upmap[_items] infrastructure libceph: ceph_decode_skip_* helpers libceph: kill __{insert,lookup,remove}_pg_mapping() libceph: introduce and switch to decode_pg_mapping() libceph: don't pass pgid by value libceph: respect RADOS_BACKOFF backoffs libceph: make DEFINE_RB_* helpers more general libceph: avoid unnecessary pi lookups in calc_target() libceph: use target pi for calc_target() calculations libceph: always populate t->target_{oid,oloc} in calc_target() libceph: make sure need_resend targets reflect latest map libceph: delete from need_resend_linger before check_linger_pool_dne() ... -
git://www.linux-watchdog.org/linux-watchdogLinus Torvalds authored
Pull watchdog updates from Wim Van Sebroeck: - Add Renesas RZ/A WDT Watchdog driver - STM32 Independent WatchDoG (IWDG) support - UniPhier watchdog support - Add F71868 support - Add support for NCT6793D and NCT6795D - dw_wdt: add reset lines support - core: add option to avoid early handling of watchdog - core: introduce watchdog_worker_should_ping helper - Cleanups and improvements for sama5d4, intel-mid_wdt, s3c2410_wdt, orion_wdt, gpio_wdt, it87_wdt, meson_wdt, davinci_wdt, bcm47xx_wdt, zx2967_wdt, cadence_wdt * git://www.linux-watchdog.org/linux-watchdog: (32 commits) watchdog: introduce watchdog_worker_should_ping helper watchdog: uniphier: add UniPhier watchdog driver dt-bindings: watchdog: add description for UniPhier WDT controller watchdog: cadence_wdt: make of_device_ids const. watchdog: zx2967: constify zx2967_wdt_ops. watchdog: bcm47xx_wdt: constify bcm47xx_wdt_hard_ops and bcm47xx_wdt_soft_ops watchdog: davinci: Add missing clk_disable_unprepare(). watchdog: davinci: Handle return value of clk_prepare_enable watchdog: meson: Handle return value of clk_prepare_enable watchdog: it87: Add support for various Super-IO chips watchdog: it87: Use infrastructure to stop watchdog on reboot watchdog: it87: Drop support for resetting watchdog though CIR and Game port watchdog: it87: Convert to use watchdog core infrastructure watchdog: it87: Drop FSF mailing address watchdog: dw_wdt: get reset lines from dt watchdog: bindings: dw_wdt: add reset lines watchdog: w83627hf: Add support for NCT6793D and NCT6795D watchdog: core: add option to avoid early handling of watchdog watchdog: f71808e_wdt: Add F71868 support watchdog: Add STM32 IWDG driver ...
-
Linus Torvalds authored
Merge tag 'chrome-platform-for-linus-4.13' of git://git.kernel.org/pub/scm/linux/kernel/git/bleung/chrome-platform Pull chrome platform updates from Benson Leung: "Changes in this pull request are around catching up cros_ec with the internal chromeos-kernel versions of cros_ec, cros_ec_lpc, and cros_ec_lightbar. Also, switching maintainership from olof to bleung" * tag 'chrome-platform-for-linus-4.13' of git://git.kernel.org/pub/scm/linux/kernel/git/bleung/chrome-platform: platform/chrome : Add myself as Maintainer platform/chrome: cros_ec_lightbar - hide unused PM functions cros_ec: Don't signal wake event for non-wake host events cros_ec: Fix deadlock when EC is not responsive at probe cros_ec: Don't return error when checking command version platform/chrome: cros_ec_lightbar - Avoid I2C xfer to EC during suspend platform/chrome: cros_ec_lightbar - Add userspace lightbar control bit to EC platform/chrome: cros_ec_lightbar - Control of suspend/resume lightbar sequence platform/chrome: cros_ec_lightbar - Add lightbar program feature to sysfs platform/chrome: cros_ec_lpc: Add MKBP events support over ACPI platform/chrome: cros_ec_lpc: Add power management ops platform/chrome: cros_ec_lpc: Add support for GOOG004 ACPI device platform/chrome: cros_ec_lpc: Add support for mec1322 EC platform/chrome: cros_ec_lpc: Add R/W helpers to LPC protocol variants mfd: cros_ec: Add support for dumping panic information cros_ec_debugfs: Pass proper struct sizes to cros_ec_cmd_xfer() mfd: cros_ec: add debugfs, console log file mfd: cros_ec: Add EC console read structures definitions mfd: cros_ec: Add helper for event notifier.
-
git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommuLinus Torvalds authored
Pull x86nommu update from Greg Ungerer: "Only a single change, to remove old Kconfig options from defconfigs" * 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gerg/m68knommu: m68k: defconfig: Cleanup from old Kconfig options
-
- 10 Jul, 2017 5 commits
-
-
Linus Torvalds authored
Merge more updates from Andrew Morton: - most of the rest of MM - KASAN updates - lib/ updates - checkpatch updates - some binfmt_elf changes - various misc bits * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (115 commits) kernel/exit.c: avoid undefined behaviour when calling wait4() kernel/signal.c: avoid undefined behaviour in kill_something_info binfmt_elf: safely increment argv pointers s390: reduce ELF_ET_DYN_BASE powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB arm64: move ELF_ET_DYN_BASE to 4GB / 4MB arm: move ELF_ET_DYN_BASE to 4MB binfmt_elf: use ELF_ET_DYN_BASE only for PIE fs, epoll: short circuit fetching events if thread has been killed checkpatch: improve multi-line alignment test checkpatch: improve macro reuse test checkpatch: change format of --color argument to --color[=WHEN] checkpatch: silence perl 5.26.0 unescaped left brace warnings checkpatch: improve tests for multiple line function definitions checkpatch: remove false warning for commit reference checkpatch: fix stepping through statements with $stat and ctx_statement_block checkpatch: [HLP]LIST_HEAD is also declaration checkpatch: warn when a MAINTAINERS entry isn't [A-Z]:\t checkpatch: improve the unnecessary OOM message test lib/bsearch.c: micro-optimize pivot position calculation ...
-
zhongjiang authored
wait4(-2147483648, 0x20, 0, 0xdd0000) triggers: UBSAN: Undefined behaviour in kernel/exit.c:1651:9 The related calltrace is as follows: negation of -2147483648 cannot be represented in type 'int': CPU: 9 PID: 16482 Comm: zj Tainted: G B ---- ------- 3.10.0-327.53.58.71.x86_64+ #66 Hardware name: Huawei Technologies Co., Ltd. Tecal RH2285 /BC11BTSA , BIOS CTSAV036 04/27/2011 Call Trace: dump_stack+0x19/0x1b ubsan_epilogue+0xd/0x50 __ubsan_handle_negate_overflow+0x109/0x14e SyS_wait4+0x1cb/0x1e0 system_call_fastpath+0x16/0x1b Exclude the overflow to avoid the UBSAN warning. Link: http://lkml.kernel.org/r/1497264618-20212-1-git-send-email-zhongjiang@huawei.comSigned-off-by:zhongjiang <zhongjiang@huawei.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Xishi Qiu <qiuxishi@huawei.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org>
-
zhongjiang authored
When running kill(72057458746458112, 0) in userspace I hit the following issue. UBSAN: Undefined behaviour in kernel/signal.c:1462:11 negation of -2147483648 cannot be represented in type 'int': CPU: 226 PID: 9849 Comm: test Tainted: G B ---- ------- 3.10.0-327.53.58.70.x86_64_ubsan+ #116 Hardware name: Huawei Technologies Co., Ltd. RH8100 V3/BC61PBIA, BIOS BLHSV028 11/11/2014 Call Trace: dump_stack+0x19/0x1b ubsan_epilogue+0xd/0x50 __ubsan_handle_negate_overflow+0x109/0x14e SYSC_kill+0x43e/0x4d0 SyS_kill+0xe/0x10 system_call_fastpath+0x16/0x1b Add code to avoid the UBSAN detection. [akpm@linux-foundation.org: tweak comment] Link: http://lkml.kernel.org/r/1496670008-59084-1-git-send-email-zhongjiang@huawei.comSigned-off-by: -
Kees Cook authored
When building the argv/envp pointers, the envp is needlessly pre-incremented instead of just continuing after the argv pointers are finished. In some (likely impossible) race where the strings could be changed from userspace between copy_strings() and here, it might be possible to confuse the envp position. Instead, just use sp like everything else. Link: http://lkml.kernel.org/r/20170622173838.GA43308@beastSigned-off-by:
Kees Cook <keescook@chromium.org> Cc: Rik van Riel <riel@redhat.com> Cc: Daniel Micay <danielmicay@gmail.com> Cc: Qualys Security Advisory <qsa@qualys.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Dmitry Safonov <dsafonov@virtuozzo.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Grzegorz Andrejczuk <grzegorz.andrejczuk@intel.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by:
-
Kees Cook authored
Now that explicitly executed loaders are loaded in the mmap region, we have more freedom to decide where we position PIE binaries in the address space to avoid possible collisions with mmap or stack regions. For 64-bit, align to 4GB to allow runtimes to use the entire 32-bit address space for 32-bit pointers. On 32-bit use 4MB, which is the traditional x86 minimum load location, likely to avoid historically requiring a 4MB page table entry when only a portion of the first 4MB would be used (since the NULL address is avoided). For s390 the position could be 0x10000, but that is needlessly close to the NULL address. Link: http://lkml.kernel.org/r/1498154792-49952-5-git-send-email-keescook@chromium.orgSigned-off-by:
-
