1. 26 Sep, 2017 1 commit
  2. 25 Sep, 2017 2 commits
    • Hannes Reinecke's avatar
      scsi: scsi_transport_fc: set scsi_target_id upon rescan · 675195d0
      Hannes Reinecke authored
      When an rport is found in the bindings array there is no guarantee that
      it had been a target port, so we need to call fc_remote_port_rolechg()
      here to ensure the scsi_target_id is set correctly.  Otherwise the port
      will never be scanned.
      Signed-off-by: default avatarHannes Reinecke <hare@suse.com>
      Reviewed-by: default avatarJohannes Thumshirn <jthumshirn@suse.de>
      Tested-by: default avatarChad Dupuis <chad.dupuis@cavium.com>
      Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
      675195d0
    • Xin Long's avatar
      scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly · c88f0e6b
      Xin Long authored
      ChunYu found a kernel crash by syzkaller:
      
      [  651.617875] kasan: CONFIG_KASAN_INLINE enabled
      [  651.618217] kasan: GPF could be caused by NULL-ptr deref or user memory access
      [  651.618731] general protection fault: 0000 [#1] SMP KASAN
      [  651.621543] CPU: 1 PID: 9539 Comm: scsi Not tainted 4.11.0.cov #32
      [  651.621938] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
      [  651.622309] task: ffff880117780000 task.stack: ffff8800a3188000
      [  651.622762] RIP: 0010:skb_release_data+0x26c/0x590
      [...]
      [  651.627260] Call Trace:
      [  651.629156]  skb_release_all+0x4f/0x60
      [  651.629450]  consume_skb+0x1a5/0x600
      [  651.630705]  netlink_unicast+0x505/0x720
      [  651.632345]  netlink_sendmsg+0xab2/0xe70
      [  651.633704]  sock_sendmsg+0xcf/0x110
      [  651.633942]  ___sys_sendmsg+0x833/0x980
      [  651.637117]  __sys_sendmsg+0xf3/0x240
      [  651.638820]  SyS_sendmsg+0x32/0x50
      [  651.639048]  entry_SYSCALL_64_fastpath+0x1f/0xc2
      
      It's caused by skb_shared_info at the end of sk_buff was overwritten by
      ISCSI_KEVENT_IF_ERROR when parsing nlmsg info from skb in iscsi_if_rx.
      
      During the loop if skb->len == nlh->nlmsg_len and both are sizeof(*nlh),
      ev = nlmsg_data(nlh) will acutally get skb_shinfo(SKB) instead and set a
      new value to skb_shinfo(SKB)->nr_frags by ev->type.
      
      This patch is to fix it by checking nlh->nlmsg_len properly there to
      avoid over accessing sk_buff.
      Reported-by: default avatarChunYu Wang <chunwang@redhat.com>
      Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
      Acked-by: default avatarChris Leech <cleech@redhat.com>
      Signed-off-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
      c88f0e6b
  3. 16 Sep, 2017 2 commits
  4. 15 Sep, 2017 6 commits
  5. 13 Sep, 2017 12 commits
    • Linus Torvalds's avatar
      Fix up MAINTAINERS file sorting · 3882a734
      Linus Torvalds authored
      Another merge window, another MAINTAINERS file disaster.
      
      People have serious problems with the alphabet and sorting, and poor
      Jérôme Glisse and Radim Krčmář get their names mangled by locale issues,
      turning them into some mangled mess (probably others do too, but those
      two stood out when sorting things again).
      
      And we now have two copies of the same 'AS3645A LED FLASH CONTROLLER
      DRIVER' in the tree and in the MAINTAINERS file, but that's a separate
      issue - the duplication is real, and I left them as two entries for the
      same name.
      
      This does not try to sort the actual section pattern entries, although I
      may end up doing that later.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3882a734
    • Linus Torvalds's avatar
      Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux · f60a2abf
      Linus Torvalds authored
      Pull clk updates from Stephen Boyd:
       "The diff is dominated by the Allwinner A10/A20 SoCs getting converted
        to the sunxi-ng framework. Otherwise, the heavy hitters are various
        drivers for SoCs like AT91, Amlogic, Renesas, and Rockchip. There are
        some other new clk drivers in here too but overall this is just a
        bunch of clk drivers for various different pieces of hardware and a
        collection of non-critical fixes for clk drivers.
      
        New Drivers:
         - Allwinner R40 SoCs
         - Renesas R-Car Gen3 USB 2.0 clock selector PHY
         - Atmel AT91 audio PLL
         - Uniphier PXs3 SoCs
         - ARC HSDK Board PLLs
         - AXS10X Board PLLs
         - STMicroelectronics STM32H743 SoCs
      
        Removed Drivers:
         - Non-compiling mb86s7x support
      
        Updates:
         - Allwinner A10/A20 SoCs converted to sunxi-ng framework
         - Allwinner H3 CPU clk fixes
         - Renesas R-Car D3 SoC
         - Renesas V2H and M3-W modules
         - Samsung Exynos5420/5422/5800 audio fixes
         - Rockchip fractional clk approximation fixes
         - Rockchip rk3126 SoC support within the rk3128 driver
         - Amlogic gxbb CEC32 and sd_emmc clks
         - Amlogic meson8b reset controller support
         - IDT VersaClock 5P49V5925/5P49V6901 support
         - Qualcomm MSM8996 SMMU clks
         - Various 'const' applications for struct clk_ops
         - si5351 PLL reset bugfix
         - Uniphier audio on LD11/LD20 and ethernet support on LD11/LD20/Pro4/PXs2
         - Assorted Tegra clk driver fixes"
      
      * tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux: (120 commits)
        clk: si5351: fix PLL reset
        ASoC: atmel-classd: remove aclk clock
        ASoC: atmel-classd: remove aclk clock from DT binding
        clk: at91: clk-generated: make gclk determine audio_pll rate
        clk: at91: clk-generated: create function to find best_diff
        clk: at91: add audio pll clock drivers
        dt-bindings: clk: at91: add audio plls to the compatible list
        clk: at91: clk-generated: remove useless divisor loop
        clk: mb86s7x: Drop non-building driver
        clk: ti: check for null return in strrchr to avoid null dereferencing
        clk: Don't write error code into divider register
        clk: uniphier: add video input subsystem clock
        clk: uniphier: add audio system clock
        clk: stm32h7: Add stm32h743 clock driver
        clk: gate: expose clk_gate_ops::is_enabled
        clk: nxp: clk-lpc32xx: rename clk_gate_is_enabled()
        clk: uniphier: add PXs3 clock data
        clk: hi6220: change watchdog clock source
        clk: Kconfig: Name RK805 in Kconfig for COMMON_CLK_RK808
        clk: cs2000: Add cs2000_set_saved_rate
        ...
      f60a2abf
    • Linus Torvalds's avatar
      Merge tag 'rtc-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux · 561a8eb3
      Linus Torvalds authored
      Pull RTC updates from Alexandre Belloni:
       "Subsystem:
         - remove .open() and .release() RTC ops
         - constify i2c_device_id
      
        New driver:
         - Realtek RTD1295
         - Android emulator (goldfish) RTC
      
        Drivers:
         - ds1307: Beginning of a huge cleanup
         - s35390a: handle invalid RTC time
         - sun6i: external oscillator gate support"
      
      * tag 'rtc-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux: (40 commits)
        rtc: ds1307: use octal permissions
        rtc: ds1307: fix braces
        rtc: ds1307: fix alignments and blank lines
        rtc: ds1307: use BIT
        rtc: ds1307: use u32
        rtc: ds1307: use sizeof
        rtc: ds1307: remove regs member
        rtc: Add Realtek RTD1295
        dt-bindings: rtc: Add Realtek RTD1295
        rtc: sun6i: Add support for the external oscillator gate
        rtc: goldfish: Add RTC driver for Android emulator
        dt-bindings: Add device tree binding for Goldfish RTC driver
        rtc: ds1307: add basic support for ds1341 chip
        rtc: ds1307: remove member nvram_offset from struct ds1307
        rtc: ds1307: factor out offset to struct chip_desc
        rtc: ds1307: factor out rtc_ops to struct chip_desc
        rtc: ds1307: factor out irq_handler to struct chip_desc
        rtc: ds1307: improve irq setup
        rtc: ds1307: constify struct chip_desc variables
        rtc: ds1307: improve trickle charger initialization
        ...
      561a8eb3
    • Linus Torvalds's avatar
      Merge tag 'sound-fix-4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 2818d0d7
      Linus Torvalds authored
      Pull sound fixes from Takashi Iwai:
       "Most of the commits are trivial cleanup patches, while one commit is a
        significant fix for the race at ALSA sequencer that was spotted by
        syzkaller"
      
      * tag 'sound-fix-4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: seq: Cancel pending autoload work at unbinding device
        ALSA: firewire: Use common error handling code in snd_motu_stream_start_duplex()
        ALSA: asihpi: Kill BUG_ON() usages
        ALSA: core: Use %pS printk format for direct addresses
        ALSA: ymfpci: Use common error handling code in snd_ymfpci_create()
        ALSA: ymfpci: Use common error handling code in snd_card_ymfpci_probe()
        ALSA: 6fire: Use common error handling code in usb6fire_chip_probe()
        ALSA: usx2y: Use common error handling code in submit_urbs()
        ALSA: us122l: Use common error handling code in us122l_create_card()
        ALSA: hdspm: Use common error handling code in snd_hdspm_probe()
        ALSA: rme9652: Use common code in hdsp_get_iobox_version()
        ALSA: maestro3: Use common error handling code in two functions
      2818d0d7
    • Linus Torvalds's avatar
      Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · cc4238bd
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "A tiny update: one patch corrects a Kconfig problem with the shift of
        the SAS SMP code to BSG and the other removes a vestige of user space
        target mode"
      
      * tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: scsi_transport_sas: select BLK_DEV_BSGLIB
        scsi: Remove Scsi_Host.uspace_req_q
      cc4238bd
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.dk/linux-block · 80a0d644
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
       "Small collection of fixes that would be nice to have in -rc1. This
        contains:
      
         - NVMe pull request form Christoph, mostly with fixes for nvme-pci,
           host memory buffer in particular.
      
         - Error handling fixup for cgwb_create(), in case allocation of 'wb'
           fails. From Christophe Jaillet.
      
         - Ensure that trace_block_getrq() gets the 'dev' in an appropriate
           fashion, to avoid a potential NULL deref. From Greg Thelen.
      
         - Regression fix for dm-mq with blk-mq, fixing a problem with
           stacking IO schedulers. From me.
      
         - string.h fixup, fixing an issue with memcpy_and_pad(). This
           original change came in through an NVMe dependency, which is why
           I'm including it here. From Martin Wilck.
      
         - Fix potential int overflow in __blkdev_sectors_to_bio_pages(), from
           Mikulas.
      
         - MBR enable fix for sed-opal, from Scott"
      
      * 'for-linus' of git://git.kernel.dk/linux-block:
        block: directly insert blk-mq request from blk_insert_cloned_request()
        mm/backing-dev.c: fix an error handling path in 'cgwb_create()'
        string.h: un-fortify memcpy_and_pad
        nvme-pci: implement the HMB entry number and size limitations
        nvme-pci: propagate (some) errors from host memory buffer setup
        nvme-pci: use appropriate initial chunk size for HMB allocation
        nvme-pci: fix host memory buffer allocation fallback
        nvme: fix lightnvm check
        block: fix integer overflow in __blkdev_sectors_to_bio_pages()
        block: sed-opal: Set MBRDone on S3 resume path if TPER is MBREnabled
        block: tolerate tracing of NULL bio
      80a0d644
    • Linus Torvalds's avatar
      Merge tag 'docs-4.14' of git://git.lwn.net/linux · 20e52ee5
      Linus Torvalds authored
      Pull documentation fixes from Jonathan Corbet:
       "A cleanup from Mauro that needed to wait for the media pull, plus a
        handful of other fixes that wandered in"
      
      * tag 'docs-4.14' of git://git.lwn.net/linux:
        kokr/memory-barriers.txt: Apply atomic_t.txt change
        kokr/doc: Update memory-barriers.txt for read-to-write dependencies
        docs-rst: don't require adjustbox anymore
        docs-rst: conf.py: only setup notice box colors if Sphinx < 1.6
        docs-rst: conf.py: remove lscape from LaTeX preamble
      20e52ee5
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse · e7989f97
      Linus Torvalds authored
      Pull fuse updates from Miklos Szeredi:
       "This fixes a regression (spotted by the Sandstorm.io folks) in the pid
        namespace handling introduced in 4.12.
      
        There's also a fix for honoring sync/dsync flags for pwritev2()"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
        fuse: getattr cleanup
        fuse: honor iocb sync flags on write
        fuse: allow server to run in different pid_ns
      e7989f97
    • Linus Torvalds's avatar
      Merge branch 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs · c353f88f
      Linus Torvalds authored
      Pull overlayfs updates from Miklos Szeredi:
       "This fixes d_ino correctness in readdir, which brings overlayfs on par
        with normal filesystems regarding inode number semantics, as long as
        all layers are on the same filesystem.
      
        There are also some bug fixes, one in particular (random ioctl's
        shouldn't be able to modify lower layers) that touches some vfs code,
        but of course no-op for non-overlay fs"
      
      * 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
        ovl: fix false positive ESTALE on lookup
        ovl: don't allow writing ioctl on lower layer
        ovl: fix relatime for directories
        vfs: add flags to d_real()
        ovl: cleanup d_real for negative
        ovl: constant d_ino for non-merge dirs
        ovl: constant d_ino across copy up
        ovl: fix readdir error value
        ovl: check snprintf return
      c353f88f
    • Linus Torvalds's avatar
      Merge tag 'f2fs-for-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs · 6d8ef53e
      Linus Torvalds authored
      Pull f2fs updates from Jaegeuk Kim:
       "In this round, we've mostly tuned f2fs to provide better user
        experience for Android. Especially, we've worked on atomic write
        feature again with SQLite community in order to support it officially.
        And we added or modified several facilities to analyze and enhance IO
        behaviors.
      
        Major changes include:
         - add app/fs io stat
         - add inode checksum feature
         - support project/journalled quota
         - enhance atomic write with new ioctl() which exposes feature set
         - enhance background gc/discard/fstrim flows with new gc_urgent mode
         - add F2FS_IOC_FS{GET,SET}XATTR
         - fix some quota flows"
      
      * tag 'f2fs-for-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: (63 commits)
        f2fs: hurry up to issue discard after io interruption
        f2fs: fix to show correct discard_granularity in sysfs
        f2fs: detect dirty inode in evict_inode
        f2fs: clear radix tree dirty tag of pages whose dirty flag is cleared
        f2fs: speed up gc_urgent mode with SSR
        f2fs: better to wait for fstrim completion
        f2fs: avoid race in between read xattr & write xattr
        f2fs: make get_lock_data_page to handle encrypted inode
        f2fs: use generic terms used for encrypted block management
        f2fs: introduce f2fs_encrypted_file for clean-up
        Revert "f2fs: add a new function get_ssr_cost"
        f2fs: constify super_operations
        f2fs: fix to wake up all sleeping flusher
        f2fs: avoid race in between atomic_read & atomic_inc
        f2fs: remove unneeded parameter of change_curseg
        f2fs: update i_flags correctly
        f2fs: don't check inode's checksum if it was dirtied or writebacked
        f2fs: don't need to update inode checksum for recovery
        f2fs: trigger fdatasync for non-atomic_write file
        f2fs: fix to avoid race in between aio and gc
        ...
      6d8ef53e
    • Linus Torvalds's avatar
      Merge tag 'ceph-for-4.14-rc1' of git://github.com/ceph/ceph-client · cdb897e3
      Linus Torvalds authored
      Pull ceph updates from Ilya Dryomov:
       "The highlights include:
      
         - a large series of fixes and improvements to the snapshot-handling
           code (Zheng Yan)
      
         - individual read/write OSD requests passed down to libceph are now
           limited to 16M in size to avoid hitting OSD-side limits (Zheng Yan)
      
         - encode MStatfs v2 message to allow for more accurate space usage
           reporting (Douglas Fuller)
      
         - switch to the new writeback error tracking infrastructure (Jeff
           Layton)"
      
      * tag 'ceph-for-4.14-rc1' of git://github.com/ceph/ceph-client: (35 commits)
        ceph: stop on-going cached readdir if mds revokes FILE_SHARED cap
        ceph: wait on writeback after writing snapshot data
        ceph: fix capsnap dirty pages accounting
        ceph: ignore wbc->range_{start,end} when write back snapshot data
        ceph: fix "range cyclic" mode writepages
        ceph: cleanup local variables in ceph_writepages_start()
        ceph: optimize pagevec iterating in ceph_writepages_start()
        ceph: make writepage_nounlock() invalidate page that beyonds EOF
        ceph: properly get capsnap's size in get_oldest_context()
        ceph: remove stale check in ceph_invalidatepage()
        ceph: queue cap snap only when snap realm's context changes
        ceph: handle race between vmtruncate and queuing cap snap
        ceph: fix message order check in handle_cap_export()
        ceph: fix NULL pointer dereference in ceph_flush_snaps()
        ceph: adjust 36 checks for NULL pointers
        ceph: delete an unnecessary return statement in update_dentry_lease()
        ceph: ENOMEM pr_err in __get_or_create_frag() is redundant
        ceph: check negative offsets in ceph_llseek()
        ceph: more accurate statfs
        ceph: properly set snap follows for cap reconnect
        ...
      cdb897e3
    • Richard Wareing's avatar
      xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present · b31ff3cd
      Richard Wareing authored
      If using a kernel with CONFIG_XFS_RT=y and we set the RHINHERIT flag on
      a directory in a filesystem that does not have a realtime device and
      create a new file in that directory, it gets marked as a real time file.
      When data is written and a fsync is issued, the filesystem attempts to
      flush a non-existent rt device during the fsync process.
      
      This results in a crash dereferencing a null buftarg pointer in
      xfs_blkdev_issue_flush():
      
        BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
        IP: xfs_blkdev_issue_flush+0xd/0x20
        .....
        Call Trace:
          xfs_file_fsync+0x188/0x1c0
          vfs_fsync_range+0x3b/0xa0
          do_fsync+0x3d/0x70
          SyS_fsync+0x10/0x20
          do_syscall_64+0x4d/0xb0
          entry_SYSCALL64_slow_path+0x25/0x25
      
      Setting RT inode flags does not require special privileges so any
      unprivileged user can cause this oops to occur.  To reproduce, confirm
      kernel is compiled with CONFIG_XFS_RT=y and run:
      
        # mkfs.xfs -f /dev/pmem0
        # mount /dev/pmem0 /mnt/test
        # mkdir /mnt/test/foo
        # xfs_io -c 'chattr +t' /mnt/test/foo
        # xfs_io -f -c 'pwrite 0 5m' -c fsync /mnt/test/foo/bar
      
      Or just run xfstests with MKFS_OPTIONS="-d rtinherit=1" and wait.
      
      Kernels built with CONFIG_XFS_RT=n are not exposed to this bug.
      
      Fixes: f538d4da ("[XFS] write barrier support")
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarRichard Wareing <rwareing@fb.com>
      Signed-off-by: default avatarDave Chinner <david@fromorbit.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b31ff3cd
  6. 12 Sep, 2017 17 commits
    • Linus Torvalds's avatar
      Merge tag 'dma-mapping-4.14' of git://git.infradead.org/users/hch/dma-mapping · 52269718
      Linus Torvalds authored
      Pull dma-mapping updates from Christoph Hellwig:
      
       - removal of the old dma_alloc_noncoherent interface
      
       - remove unused flags to dma_declare_coherent_memory
      
       - restrict OF DMA configuration to specific physical busses
      
       - use the iommu mailing list for dma-mapping questions and patches
      
      * tag 'dma-mapping-4.14' of git://git.infradead.org/users/hch/dma-mapping:
        dma-coherent: fix dma_declare_coherent_memory() logic error
        ARM: imx: mx31moboard: Remove unused 'dma' variable
        dma-coherent: remove an unused variable
        MAINTAINERS: use the iommu list for the dma-mapping subsystem
        dma-coherent: remove the DMA_MEMORY_MAP and DMA_MEMORY_IO flags
        dma-coherent: remove the DMA_MEMORY_INCLUDES_CHILDREN flag
        of: restrict DMA configuration
        dma-mapping: remove dma_alloc_noncoherent and dma_free_noncoherent
        i825xx: switch to switch to dma_alloc_attrs
        au1000_eth: switch to dma_alloc_attrs
        sgiseeq: switch to dma_alloc_attrs
        dma-mapping: reduce dma_mapping_error inline bloat
      52269718
    • Linus Torvalds's avatar
      Merge tag 'uuid-for-4.14' of git://git.infradead.org/users/hch/uuid · ae71948f
      Linus Torvalds authored
      Pull uuid updates from Christoph Hellwig:
       "Just a single conversion to the new UUID API for this merge window"
      
      * tag 'uuid-for-4.14' of git://git.infradead.org/users/hch/uuid:
        efi: switch to use new generic UUID API
      ae71948f
    • Linus Torvalds's avatar
      Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux · 7f85565a
      Linus Torvalds authored
      Pull selinux updates from Paul Moore:
       "A relatively quiet period for SELinux, 11 patches with only two/three
        having any substantive changes.
      
        These noteworthy changes include another tweak to the NNP/nosuid
        handling, per-file labeling for cgroups, and an object class fix for
        AF_UNIX/SOCK_RAW sockets; the rest of the changes are minor tweaks or
        administrative updates (Stephen's email update explains the file
        explosion in the diffstat).
      
        Everything passes the selinux-testsuite"
      
      [ Also a couple of small patches from the security tree from Tetsuo
        Handa for Tomoyo and LSM cleanup. The separation of security policy
        updates wasn't all that clean - Linus ]
      
      * tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
        selinux: constify nf_hook_ops
        selinux: allow per-file labeling for cgroupfs
        lsm_audit: update my email address
        selinux: update my email address
        MAINTAINERS: update the NetLabel and Labeled Networking information
        selinux: use GFP_NOWAIT in the AVC kmem_caches
        selinux: Generalize support for NNP/nosuid SELinux domain transitions
        selinux: genheaders should fail if too many permissions are defined
        selinux: update the selinux info in MAINTAINERS
        credits: update Paul Moore's info
        selinux: Assign proper class to PF_UNIX/SOCK_RAW sockets
        tomoyo: Update URLs in Documentation/admin-guide/LSM/tomoyo.rst
        LSM: Remove security_task_create() hook.
      7f85565a
    • Linus Torvalds's avatar
      Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 680352bd
      Linus Torvalds authored
      Pull x86 fixes from Ingo Molnar:
       "Two fixes: dead code removal, plus a SME memory encryption fix on
        32-bit kernels that crashed Xen guests"
      
      * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/cpu: Remove unused and undefined __generic_processor_info() declaration
        x86/mm: Make the SME mask a u64
      680352bd
    • Linus Torvalds's avatar
      Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 040b9d7c
      Linus Torvalds authored
      Pull scheduler fixes from Ingo Molnar:
       "Three fixes:
      
         - fix a suspend/resume cpusets bug
      
         - fix a !CONFIG_NUMA_BALANCING bug
      
         - fix a kerneldoc warning"
      
      * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        sched/fair: Fix nuisance kernel-doc warning
        sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs
        sched/fair: Fix wake_affine_llc() balancing rules
      040b9d7c
    • Linus Torvalds's avatar
      Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · e6328a7a
      Linus Torvalds authored
      Pull perf tooling updates from Ingo Molnar:
       "Perf tooling updates and fixes"
      
      * 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf annotate browser: Help for cycling thru hottest instructions with TAB/shift+TAB
        perf stat: Only auto-merge events that are PMU aliases
        perf test: Add test case for PERF_SAMPLE_PHYS_ADDR
        perf script: Support physical address
        perf mem: Support physical address
        perf sort: Add sort option for physical address
        perf tools: Support new sample type for physical address
        perf vendor events powerpc: Remove duplicate events
        perf intel-pt: Fix syntax in documentation of config option
        perf test powerpc: Fix 'Object code reading' test
        perf trace: Support syscall name globbing
        perf syscalltbl: Support glob matching on syscall names
        perf report: Calculate the average cycles of iterations
      e6328a7a
    • Linus Torvalds's avatar
      Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 33f82bda
      Linus Torvalds authored
      Pull irq fixes from Ingo Molnar:
       "A sparse irq race/locking fix, and a MSI irq domains population fix"
      
      * 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        genirq: Make sparse_irq_lock protect what it should protect
        genirq/msi: Fix populating multiple interrupts
      33f82bda
    • Chao Yu's avatar
      f2fs: hurry up to issue discard after io interruption · e6c6de18
      Chao Yu authored
      Once we encounter I/O interruption during issuing discards, we will delay
      long time before next round, but if system status is I/O idle during the
      time, it may loses opportunity to issue discards. So this patch changes
      to hurry up to issue discard after io interruption.
      
      Besides, this patch also fixes to issue discards accurately with assigned
      rate.
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      e6c6de18
    • Chao Yu's avatar
      f2fs: fix to show correct discard_granularity in sysfs · 80647e5f
      Chao Yu authored
      Fix below incorrect display when reading discard_granularity sysfs node.
      
      $ cat /sys/fs/f2fs/<device>/discard_granularity
      $ 16
      $ echo 32 > /sys/fs/f2fs/<device>/discard_granularity
      $ cat /sys/fs/f2fs/<device>/discard_granularity
      $ 16
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      80647e5f
    • Chao Yu's avatar
      f2fs: detect dirty inode in evict_inode · ca7d802a
      Chao Yu authored
      Add a bugon in f2fs_evict_inode to detect inconsistent status between
      inode cache and related node page cache.
      Signed-off-by: default avatarChao Yu <yuchao0@huawei.com>
      Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
      ca7d802a
    • Amir Goldstein's avatar
      ovl: fix false positive ESTALE on lookup · 939ae4ef
      Amir Goldstein authored
      Commit b9ac5c27 ("ovl: hash overlay non-dir inodes by copy up origin")
      verifies that the origin lower inode stored in the overlayfs inode matched
      the inode of a copy up origin dentry found by lookup.
      
      There is a false positive result in that check when lower fs does not
      support file handles and copy up origin cannot be followed by file handle
      at lookup time.
      
      The false negative happens when finding an overlay inode in cache on a
      copied up overlay dentry lookup. The overlay inode still 'remembers' the
      copy up origin inode, but the copy up origin dentry is not available for
      verification.
      
      Relax the check in case copy up origin dentry is not available.
      
      Fixes: b9ac5c27 ("ovl: hash overlay non-dir inodes by copy up...")
      Cc: <stable@vger.kernel.org> # v4.13
      Reported-by: default avatarJordi Pujol <jordipujolp@gmail.com>
      Signed-off-by: default avatarAmir Goldstein <amir73il@gmail.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      939ae4ef
    • Miklos Szeredi's avatar
      fuse: getattr cleanup · 5b97eeac
      Miklos Szeredi authored
      The refreshed argument isn't used by any caller, get rid of it.
      
      Use a helper for just updating the inode (no need to fill in a kstat).
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      5b97eeac
    • Miklos Szeredi's avatar
      fuse: honor iocb sync flags on write · e1c0eecb
      Miklos Szeredi authored
      If the IOCB_DSYNC flag is set a sync is not being performed by
      fuse_file_write_iter.
      
      Honor IOCB_DSYNC/IOCB_SYNC by setting O_DYSNC/O_SYNC respectively in the
      flags filed of the write request.
      
      We don't need to sync data or metadata, since fuse_perform_write() does
      write-through and the filesystem is responsible for updating file times.
      
      Original patch by Vitaly Zolotusky.
      Reported-by: default avatarNate Clark <nate@neworld.us>
      Cc: Vitaly Zolotusky <vitaly@unitc.com>.
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      e1c0eecb
    • Miklos Szeredi's avatar
      fuse: allow server to run in different pid_ns · 5d6d3a30
      Miklos Szeredi authored
      Commit 0b6e9ea0 ("fuse: Add support for pid namespaces") broke
      Sandstorm.io development tools, which have been sending FUSE file
      descriptors across PID namespace boundaries since early 2014.
      
      The above patch added a check that prevented I/O on the fuse device file
      descriptor if the pid namespace of the reader/writer was different from the
      pid namespace of the mounter.  With this change passing the device file
      descriptor to a different pid namespace simply doesn't work.  The check was
      added because pids are transferred to/from the fuse userspace server in the
      namespace registered at mount time.
      
      To fix this regression, remove the checks and do the following:
      
      1) the pid in the request header (the pid of the task that initiated the
      filesystem operation) is translated to the reader's pid namespace.  If a
      mapping doesn't exist for this pid, then a zero pid is used.  Note: even if
      a mapping would exist between the initiator task's pid namespace and the
      reader's pid namespace the pid will be zero if either mapping from
      initator's to mounter's namespace or mapping from mounter's to reader's
      namespace doesn't exist.
      
      2) The lk.pid value in setlk/setlkw requests and getlk reply is left alone.
      Userspace should not interpret this value anyway.  Also allow the
      setlk/setlkw operations if the pid of the task cannot be represented in the
      mounter's namespace (pid being zero in that case).
      Reported-by: default avatarKenton Varda <kenton@sandstorm.io>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@redhat.com>
      Fixes: 0b6e9ea0 ("fuse: Add support for pid namespaces")
      Cc: <stable@vger.kernel.org> # v4.12+
      Cc: Eric W. Biederman <ebiederm@xmission.com>
      Cc: Seth Forshee <seth.forshee@canonical.com>
      5d6d3a30
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm · 8fac2f96
      Linus Torvalds authored
      Pull ARM updates from Russell King:
       "Low priority fixes and updates for ARM:
      
         - add some missing includes
      
         - efficiency improvements in system call entry code when tracing is
           enabled
      
         - ensure ARMv6+ is always built as EABI
      
         - export save_stack_trace_tsk()
      
         - fix fatal signal handling during mm fault
      
         - build translation table base address register from scratch
      
         - appropriately align the .data section to a word boundary where we
           rely on that data being word aligned"
      
      * 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
        ARM: 8691/1: Export save_stack_trace_tsk()
        ARM: 8692/1: mm: abort uaccess retries upon fatal signal
        ARM: 8690/1: lpae: build TTB control register value from scratch in v7_ttb_setup
        ARM: align .data section
        ARM: always enable AEABI for ARMv6+
        ARM: avoid saving and restoring registers unnecessarily
        ARM: move PC value into r9
        ARM: obtain thread info structure later
        ARM: use aliases for registers in entry-common
        ARM: 8689/1: scu: add missing errno include
        ARM: 8688/1: pm: add missing types include
      8fac2f96
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · 260d1658
      Linus Torvalds authored
      Pull more s390 updates from Martin Schwidefsky:
       "The second patch set for the 4.14 merge window:
      
         - Convert the dasd device driver to the blk-mq interface.
      
         - Provide three zcrypt interfaces for vfio_ap. These will be required
           for KVM guest access to the crypto cards attached via the AP bus.
      
         - A couple of memory management bug fixes."
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/dasd: blk-mq conversion
        s390/mm: use a single lock for the fields in mm_context_t
        s390/mm: fix race on mm->context.flush_mm
        s390/mm: fix local TLB flushing vs. detach of an mm address space
        s390/zcrypt: externalize AP queue interrupt control
        s390/zcrypt: externalize AP config info query
        s390/zcrypt: externalize test AP queue
        s390/mm: use VM_BUG_ON in crst_table_[upgrade|downgrade]
      260d1658
    • Takashi Iwai's avatar
      ALSA: seq: Cancel pending autoload work at unbinding device · fc27fe7e
      Takashi Iwai authored
      ALSA sequencer core has a mechanism to load the enumerated devices
      automatically, and it's performed in an off-load work.  This seems
      causing some race when a sequencer is removed while the pending
      autoload work is running.  As syzkaller spotted, it may lead to some
      use-after-free:
        BUG: KASAN: use-after-free in snd_rawmidi_dev_seq_free+0x69/0x70
        sound/core/rawmidi.c:1617
        Write of size 8 at addr ffff88006c611d90 by task kworker/2:1/567
      
        CPU: 2 PID: 567 Comm: kworker/2:1 Not tainted 4.13.0+ #29
        Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
        Workqueue: events autoload_drivers
        Call Trace:
         __dump_stack lib/dump_stack.c:16 [inline]
         dump_stack+0x192/0x22c lib/dump_stack.c:52
         print_address_description+0x78/0x280 mm/kasan/report.c:252
         kasan_report_error mm/kasan/report.c:351 [inline]
         kasan_report+0x230/0x340 mm/kasan/report.c:409
         __asan_report_store8_noabort+0x1c/0x20 mm/kasan/report.c:435
         snd_rawmidi_dev_seq_free+0x69/0x70 sound/core/rawmidi.c:1617
         snd_seq_dev_release+0x4f/0x70 sound/core/seq_device.c:192
         device_release+0x13f/0x210 drivers/base/core.c:814
         kobject_cleanup lib/kobject.c:648 [inline]
         kobject_release lib/kobject.c:677 [inline]
         kref_put include/linux/kref.h:70 [inline]
         kobject_put+0x145/0x240 lib/kobject.c:694
         put_device+0x25/0x30 drivers/base/core.c:1799
         klist_devices_put+0x36/0x40 drivers/base/bus.c:827
         klist_next+0x264/0x4a0 lib/klist.c:403
         next_device drivers/base/bus.c:270 [inline]
         bus_for_each_dev+0x17e/0x210 drivers/base/bus.c:312
         autoload_drivers+0x3b/0x50 sound/core/seq_device.c:117
         process_one_work+0x9fb/0x1570 kernel/workqueue.c:2097
         worker_thread+0x1e4/0x1350 kernel/workqueue.c:2231
         kthread+0x324/0x3f0 kernel/kthread.c:231
         ret_from_fork+0x25/0x30 arch/x86/entry/entry_64.S:425
      
      The fix is simply to assure canceling the autoload work at removing
      the device.
      Reported-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Tested-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarTakashi Iwai <tiwai@suse.de>
      fc27fe7e