Commit Graph

677826 Commits

Author SHA1 Message Date
Dan Carpenter
293dffaad8 libceph: NULL deref on crush_decode() error path
If there is not enough space then ceph_decode_32_safe() does a goto bad.
We need to return an error code in that situation.  The current code
returns ERR_PTR(0) which is NULL.  The callers are not expecting that
and it results in a NULL dereference.

Fixes: f24e9980eb ("ceph: OSD client")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
2017-05-23 20:32:32 +02:00
Ilya Dryomov
b51456a609 libceph: fix error handling in process_one_ticket()
Don't leak key internals after new_session_key is populated.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2017-05-23 20:32:28 +02:00
Ilya Dryomov
d18a1247c4 libceph: validate blob_struct_v in process_one_ticket()
None of these are validated in userspace, but since we do validate
reply_struct_v in ceph_x_proc_ticket_reply(), tkt_struct_v (first) and
CephXServiceTicket struct_v (second) in process_one_ticket(), validate
CephXTicketBlob struct_v as well.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2017-05-23 20:32:25 +02:00
Ilya Dryomov
f3b4e55ded libceph: drop version variable from ceph_monmap_decode()
It's set but not used: CEPH_FEATURE_MONNAMES feature bit isn't
advertised, which guarantees a v1 MonMap.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2017-05-23 20:32:22 +02:00
Ilya Dryomov
1759f7b0e3 libceph: make ceph_msg_data_advance() return void
Both callers ignore the returned bool.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2017-05-23 20:32:20 +02:00
Ilya Dryomov
6f4dbd149d libceph: use kbasename() and kill ceph_file_part()
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Alex Elder <elder@linaro.org>
2017-05-23 20:32:10 +02:00
Linus Torvalds
08332893e3 Linux 4.12-rc2 2017-05-21 19:30:23 -07:00
Linus Torvalds
33c9e97290 x86: fix 32-bit case of __get_user_asm_u64()
The code to fetch a 64-bit value from user space was entirely buggered,
and has been since the code was merged in early 2016 in commit
b2f680380d ("x86/mm/32: Add support for 64-bit __get_user() on 32-bit
kernels").

Happily the buggered routine is almost certainly entirely unused, since
the normal way to access user space memory is just with the non-inlined
"get_user()", and the inlined version didn't even historically exist.

The normal "get_user()" case is handled by external hand-written asm in
arch/x86/lib/getuser.S that doesn't have either of these issues.

There were two independent bugs in __get_user_asm_u64():

 - it still did the STAC/CLAC user space access marking, even though
   that is now done by the wrapper macros, see commit 11f1a4b975
   ("x86: reorganize SMAP handling in user space accesses").

   This didn't result in a semantic error, it just means that the
   inlined optimized version was hugely less efficient than the
   allegedly slower standard version, since the CLAC/STAC overhead is
   quite high on modern Intel CPU's.

 - the double register %eax/%edx was marked as an output, but the %eax
   part of it was touched early in the asm, and could thus clobber other
   inputs to the asm that gcc didn't expect it to touch.

   In particular, that meant that the generated code could look like
   this:

        mov    (%eax),%eax
        mov    0x4(%eax),%edx

   where the load of %edx obviously was _supposed_ to be from the 32-bit
   word that followed the source of %eax, but because %eax was
   overwritten by the first instruction, the source of %edx was
   basically random garbage.

The fixes are trivial: remove the extraneous STAC/CLAC entries, and mark
the 64-bit output as early-clobber to let gcc know that no inputs should
alias with the output register.

Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Benjamin LaHaise <bcrl@kvack.org>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: stable@kernel.org   # v4.8+
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-05-21 18:26:54 -07:00
Linus Torvalds
334a023ee5 Clean up x86 unsafe_get/put_user() type handling
Al noticed that unsafe_put_user() had type problems, and fixed them in
commit a7cc722fff ("fix unsafe_put_user()"), which made me look more
at those functions.

It turns out that unsafe_get_user() had a type issue too: it limited the
largest size of the type it could handle to "unsigned long".  Which is
fine with the current users, but doesn't match our existing normal
get_user() semantics, which can also handle "u64" even when that does
not fit in a long.

While at it, also clean up the type cast in unsafe_put_user().  We
actually want to just make it an assignment to the expected type of the
pointer, because we actually do want warnings from types that don't
convert silently.  And it makes the code more readable by not having
that one very long and complex line.

[ This patch might become stable material if we ever end up back-porting
  any new users of the unsafe uaccess code, but as things stand now this
  doesn't matter for any current existing uses. ]

Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-05-21 15:25:46 -07:00
Linus Torvalds
f3926e4c2a Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull misc uaccess fixes from Al Viro:
 "Fix for unsafe_put_user() (no callers currently in mainline, but
  anyone starting to use it will step into that) + alpha osf_wait4()
  infoleak fix"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  osf_wait4(): fix infoleak
  fix unsafe_put_user()
2017-05-21 12:06:44 -07:00
Linus Torvalds
970c305aa8 Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull scheduler fix from Thomas Gleixner:
 "A single scheduler fix:

  Prevent idle task from ever being preempted. That makes sure that
  synchronize_rcu_tasks() which is ignoring idle task does not pretend
  that no task is stuck in preempted state. If that happens and idle was
  preempted on a ftrace trampoline the machine crashes due to
  inconsistent state"

* 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  sched/core: Call __schedule() from do_idle() without enabling preemption
2017-05-21 11:52:00 -07:00
Linus Torvalds
e7a3d62749 Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull irq fixes from Thomas Gleixner:
 "A set of small fixes for the irq subsystem:

   - Cure a data ordering problem with chained interrupts

   - Three small fixlets for the mbigen irq chip"

* 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  genirq: Fix chained interrupt data ordering
  irqchip/mbigen: Fix the clear register offset calculation
  irqchip/mbigen: Fix potential NULL dereferencing
  irqchip/mbigen: Fix memory mapping code
2017-05-21 11:45:26 -07:00
Al Viro
a8c39544a6 osf_wait4(): fix infoleak
failing sys_wait4() won't fill struct rusage...

Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2017-05-21 13:10:07 -04:00
Al Viro
a7cc722fff fix unsafe_put_user()
__put_user_size() relies upon its first argument having the same type as what
the second one points to; the only other user makes sure of that and
unsafe_put_user() should do the same.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2017-05-21 13:09:57 -04:00
Linus Torvalds
56f410cf45 This fixes a bug caused by not cleaning up the new instance unique triggers
when deleting an instance. It also creates a selftest that triggers that bug.
 
 Fix the delayed optimization happening after kprobes boot up self tests
 being removed by freeing of init memory.
 
 Comment kprobes on why the delay optimization is not a problem for removal
 of modules, to keep other developers from searching that riddle.
 
 Fix another rcu isn't watching in stack trace tracing.
 
 Naveen N. Rao (4):
       ftrace: Simplify glob handling in unregister_ftrace_function_probe_func()
       ftrace/instances: Clear function triggers when removing instances
       selftests/ftrace: Fix bashisms
       selftests/ftrace: Add test to remove instance with active event triggers
 
 Steven Rostedt (1):
       tracing: Move postpone selftests to core from early_initcall
 
 Steven Rostedt (VMware) (3):
       ftrace: Remove #ifdef from code and add clear_ftrace_function_probes() stub
       kprobes: Document how optimized kprobes are removed from module unload
       tracing: Make sure RCU is watching before calling a stack trace
 
 Thomas Gleixner (1):
       tracing/kprobes: Enforce kprobes teardown after testing
 -----BEGIN PGP SIGNATURE-----
 
 iQExBAABCAAbBQJZIQapFBxyb3N0ZWR0QGdvb2RtaXMub3JnAAoJEMm5BfJq2Y3L
 A6MIAKFLb6mQ4flRBXpWd2tD2B4DQpQ0H7SovseZnlH6Q7grU6POY/qbNl9xXiBA
 3NavxqbIYokH8cxEqGAusL7ASUFPXJj6erMM1uc1WRuAzMpIjvgNacOtW5R+c5S9
 ofR1xtKlBo/854J/IP6M3J0WqrK+B7TsS1WYKohe/tFMBpolbnFloHVfMMZlaL58
 CQhCoAhkjJRsta6dJhbo+HoQy03VGyWsfFHtutBpIwsf81Naq4Stpxp7jdZLWhB8
 Di5QdOji9lDayK6Uk7DDZqHxbjC9z6cCS9nVWIGHkE4AMpR3peYtsyCaAOBjVMLV
 2OuhuREfZgKaYVMjUfdeYCayDAY=
 =1gek
 -----END PGP SIGNATURE-----

Merge tag 'trace-v4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull tracing fixes from Steven Rostedt:

 - Fix a bug caused by not cleaning up the new instance unique triggers
   when deleting an instance. It also creates a selftest that triggers
   that bug.

 - Fix the delayed optimization happening after kprobes boot up self
   tests being removed by freeing of init memory.

 - Comment kprobes on why the delay optimization is not a problem for
   removal of modules, to keep other developers from searching that
   riddle.

 - Fix another case of rcu not watching in stack trace tracing.

* tag 'trace-v4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  tracing: Make sure RCU is watching before calling a stack trace
  kprobes: Document how optimized kprobes are removed from module unload
  selftests/ftrace: Add test to remove instance with active event triggers
  selftests/ftrace: Fix bashisms
  ftrace: Remove #ifdef from code and add clear_ftrace_function_probes() stub
  ftrace/instances: Clear function triggers when removing instances
  ftrace: Simplify glob handling in unregister_ftrace_function_probe_func()
  tracing/kprobes: Enforce kprobes teardown after testing
  tracing: Move postpone selftests to core from early_initcall
2017-05-20 23:39:03 -07:00
Linus Torvalds
894e21642d Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull block fixes from Jens Axboe:
 "A small collection of fixes that should go into this cycle.

   - a pull request from Christoph for NVMe, which ended up being
     manually applied to avoid pulling in newer bits in master. Mostly
     fibre channel fixes from James, but also a few fixes from Jon and
     Vijay

   - a pull request from Konrad, with just a single fix for xen-blkback
     from Gustavo.

   - a fuseblk bdi fix from Jan, fixing a regression in this series with
     the dynamic backing devices.

   - a blktrace fix from Shaohua, replacing sscanf() with kstrtoull().

   - a request leak fix for drbd from Lars, fixing a regression in the
     last series with the kref changes. This will go to stable as well"

* 'for-linus' of git://git.kernel.dk/linux-block:
  nvmet: release the sq ref on rdma read errors
  nvmet-fc: remove target cpu scheduling flag
  nvme-fc: stop queues on error detection
  nvme-fc: require target or discovery role for fc-nvme targets
  nvme-fc: correct port role bits
  nvme: unmap CMB and remove sysfs file in reset path
  blktrace: fix integer parse
  fuseblk: Fix warning in super_setup_bdi_name()
  block: xen-blkback: add null check to avoid null pointer dereference
  drbd: fix request leak introduced by locking/atomic, kref: Kill kref_sub()
2017-05-20 16:12:30 -07:00
Vijay Immanuel
549f01ae7b nvmet: release the sq ref on rdma read errors
On rdma read errors, release the sq ref that was taken
when the req was initialized. This avoids a hang in
nvmet_sq_destroy() when the queue is being freed.

Signed-off-by: Vijay Immanuel <vijayi@attalasystems.com>
Reviewed-by: Sagi Grimberg <sagi@grimberg.me>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-20 10:11:34 -06:00
James Smart
4b8ba5fa52 nvmet-fc: remove target cpu scheduling flag
Remove NVMET_FCTGTFEAT_NEEDS_CMD_CPUSCHED. It's unnecessary.

Signed-off-by: James Smart <james.smart@broadcom.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-20 10:11:34 -06:00
James Smart
2952a879ba nvme-fc: stop queues on error detection
Per the recommendation by Sagi on:
http://lists.infradead.org/pipermail/linux-nvme/2017-April/009261.html

Rather than waiting for reset work thread to stop queues and abort the ios,
immediately stop the queues on error detection. Reset thread will restop
the queues (as it's called on other paths), but it does not appear to have
a side effect.

Signed-off-by: James Smart <james.smart@broadcom.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-20 10:11:34 -06:00
James Smart
85e6a6adf8 nvme-fc: require target or discovery role for fc-nvme targets
In order to create an association, the remoteport must be
serving either a target role or a discovery role.

Signed-off-by: James Smart <james.smart@broadcom.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-20 10:11:34 -06:00
James Smart
4123109050 nvme-fc: correct port role bits
FC Port roles is a bit mask, not individual values.
Correct nvme definitions to unique bits.

Signed-off-by: James Smart <james.smart@broadcom.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-20 10:11:34 -06:00
Jon Derrick
f63572dff1 nvme: unmap CMB and remove sysfs file in reset path
CMB doesn't get unmapped until removal while getting remapped on every
reset. Add the unmapping and sysfs file removal to the reset path in
nvme_pci_disable to match the mapping path in nvme_pci_enable.

Fixes: 202021c1a ("nvme : Add sysfs entry for NVMe CMBs when appropriate")

Signed-off-by: Jon Derrick <jonathan.derrick@intel.com>
Acked-by: Keith Busch <keith.busch@intel.com>
Reviewed-By: Stephen Bates <sbates@raithlin.com>
Cc: <stable@vger.kernel.org> # 4.9+
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-20 10:11:34 -06:00
Linus Torvalds
ef82f1ad2e Staging driver fixes for 4.12-rc2
Here are a number of staging driver fixes for 4.12-rc2
 
 Most of them are typec driver fixes found by reviewers and users of the
 code.  There are also some removals of files no longer needed in the
 tree due to the ion driver rewrite in 4.12-rc1, as well as some wifi
 driver fixes.  And to round it out, a MAINTAINERS file update.
 
 All have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCWSBHOg8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ylDFACdGF2LnZiSfD4H708tz+o2557r0aUAoNAG4q/c
 8syw0G7T1oMIr/gPss1k
 =M0sb
 -----END PGP SIGNATURE-----

Merge tag 'staging-4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging

Pull staging driver fixes from Greg KH:
 "Here are a number of staging driver fixes for 4.12-rc2

  Most of them are typec driver fixes found by reviewers and users of
  the code. There are also some removals of files no longer needed in
  the tree due to the ion driver rewrite in 4.12-rc1, as well as some
  wifi driver fixes. And to round it out, a MAINTAINERS file update.

  All have been in linux-next with no reported issues"

* tag 'staging-4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (22 commits)
  MAINTAINERS: greybus-dev list is members-only
  staging: fsl-dpaa2/eth: add ETHERNET dependency
  staging: typec: fusb302: refactor resume retry mechanism
  staging: typec: fusb302: reset i2c_busy state in error
  staging: rtl8723bs: remove re-positioned call to kfree in os_dep/ioctl_cfg80211.c
  staging: rtl8192e: GetTs Fix invalid TID 7 warning.
  staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of EPROM_CMD.
  staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
  staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out memory.
  staging: vc04_services: Fix bulk cache maintenance
  staging: ccree: remove extraneous spin_unlock_bh() in error handler
  staging: typec: Fix sparse warnings about incorrect types
  staging: typec: fusb302: do not free gpio from managed resource
  staging: typec: tcpm: Fix Port Power Role field in PS_RDY messages
  staging: typec: tcpm: Respond to Discover Identity commands
  staging: typec: tcpm: Set correct flags in PD request messages
  staging: typec: tcpm: Drop duplicate PD messages
  staging: typec: fusb302: Fix chip->vbus_present init value
  staging: typec: fusb302: Fix module autoload
  staging: typec: tcpci: declare private structure as static
  ...
2017-05-20 09:02:27 -07:00
Linus Torvalds
3202629345 USB fixes for 4.12-rc2
Here are a number of small USB fixes for 4.12-rc2
 
 Most of them come from Johan, in his valiant quest to fix up all drivers
 that could be affected by "malicious" USB devices.  There's also some
 fixes for more "obscure" drivers to handle some of the vmalloc stack
 fallout (which for USB drivers, was always the case, but very few people
 actually ran those systems...)
 
 Other than that, the normal set of xhci and gadget and musb driver fixes
 as well.
 
 All have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCWSBFyw8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ynwXQCfUS3wnmibc98aJK/lr1Cc6a1eyWwAoIOhXmCh
 kJXFARSJOiHl5SdtNrdm
 =/5EP
 -----END PGP SIGNATURE-----

Merge tag 'usb-4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

Pull USB fixes from Greg KH:
 "Here are a number of small USB fixes for 4.12-rc2

  Most of them come from Johan, in his valiant quest to fix up all
  drivers that could be affected by "malicious" USB devices. There's
  also some fixes for more "obscure" drivers to handle some of the
  vmalloc stack fallout (which for USB drivers, was always the case, but
  very few people actually ran those systems...)

  Other than that, the normal set of xhci and gadget and musb driver
  fixes as well.

  All have been in linux-next with no reported issues"

* tag 'usb-4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (42 commits)
  usb: musb: tusb6010_omap: Do not reset the other direction's packet size
  usb: musb: Fix trying to suspend while active for OTG configurations
  usb: host: xhci-plat: propagate return value of platform_get_irq()
  xhci: Fix command ring stop regression in 4.11
  xhci: remove GFP_DMA flag from allocation
  USB: xhci: fix lock-inversion problem
  usb: host: xhci-ring: don't need to clear interrupt pending for MSI enabled hcd
  usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
  xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
  usb: xhci: trace URB before giving it back instead of after
  USB: serial: qcserial: add more Lenovo EM74xx device IDs
  USB: host: xhci: use max-port define
  USB: hub: fix SS max number of ports
  USB: hub: fix non-SS hub-descriptor handling
  USB: hub: fix SS hub-descriptor handling
  USB: usbip: fix nonconforming hub descriptor
  USB: gadget: dummy_hcd: fix hub-descriptor removable fields
  doc-rst: fixed kernel-doc directives in usb/typec.rst
  USB: core: of: document reference taken by companion helper
  USB: ehci-platform: fix companion-device leak
  ...
2017-05-20 08:52:34 -07:00
Linus Torvalds
331da109ec Char/Misc driver fixes for 4.12-rc2
Here are 5 small bugfixes for reported issues with 4.12-rc1 and earlier
 kernels.  Nothing huge here, just a lp, mem, vpd, and uio driver fix,
 along with a Kconfig fixup for one of the misc drivers.
 
 All of these have been in linux-next with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCWSBGrQ8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ymMiACfQHMYFPwiqIBoSQ7kiKIQH4H4XDEAoNFaIf3k
 71unU902U/jRm5AcMmNr
 =zbuX
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char/misc driver fixes from Greg KH:
 "Here are five small bugfixes for reported issues with 4.12-rc1 and
  earlier kernels. Nothing huge here, just a lp, mem, vpd, and uio
  driver fix, along with a Kconfig fixup for one of the misc drivers.

  All of these have been in linux-next with no reported issues"

* tag 'char-misc-4.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
  firmware: Google VPD: Fix memory allocation error handling
  drivers: char: mem: Check for address space wraparound with mmap()
  uio: fix incorrect memory leak cleanup
  misc: pci_endpoint_test: select CRC32
  char: lp: fix possible integer overflow in lp_setup()
2017-05-20 08:44:22 -07:00
Linus Torvalds
ec53c027f3 Merge git://www.linux-watchdog.org/linux-watchdog
Pull watchdog fixes from Wim Van Sebroeck:
 - orion_wdt compile-test dependencies
 - sama5d4_wdt: WDDIS handling and a race confition
 - pcwd_usb: fix NULL-deref at probe
 - cadence_wdt: fix timeout setting
 - wdt_pci: fix build error if SOFTWARE_REBOOT is defined
 - iTCO_wdt: all versions count down twice
 - zx2967: remove redundant dev_err call in zx2967_wdt_probe()
 - bcm281xx: Fix use of uninitialized spinlock

* git://www.linux-watchdog.org/linux-watchdog:
  watchdog: bcm281xx: Fix use of uninitialized spinlock.
  watchdog: zx2967: remove redundant dev_err call in zx2967_wdt_probe()
  iTCO_wdt: all versions count down twice
  watchdog: wdt_pci: fix build error if define SOFTWARE_REBOOT
  watchdog: cadence_wdt: fix timeout setting
  watchdog: pcwd_usb: fix NULL-deref at probe
  watchdog: sama5d4: fix race condition
  watchdog: sama5d4: fix WDDIS handling
  watchdog: orion: fix compile-test dependencies
2017-05-20 08:35:27 -07:00
Linus Torvalds
cf80a6fbca i915, nouveau, hdlcd and misc fixes.
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJZH09kAAoJEAx081l5xIa+J/wP/ikgMkHYzBsw22aAa7jlu/iK
 NaNi7qp4CtN2e5CjNX6GjEtOOEUuDhQ23EsA8qUwctypPQDKXYKW477ZQcEkPI3T
 Y86OptyVZMdVQQO8BYVTydN5cvfhiTDnYu03AAApHa+1AQ1CPkQ79jbVfL1CR6/0
 8B43rgNG2vK/rbB5IPvhWu5bX8sCiHvYummuS9Vi3imdRkik0O7/0mepzu7KF4hs
 lPmqfid+DhZwXM7sk1hw9hRVjYNxaXZ14VqFZFJbXsO/ayujmG+utLiMFUZP87ij
 vSEhNhQCOQt/RHSsGATv4DSpxbK3in6ESPsaiPEs1tyyKFsmwo91qmaTAFHtTKjT
 yUrctlVrLjcNLJtlfRqJGs1zNHthOAll67oGVZNTDWgvHwdhD3VMdJ5qAgJD9biG
 8xsWYNxmF2n1qLHynP/jNU2K8NukDjpZSAzpsIPI0N8Qv2nzamfUUhsQzWWk3tW1
 GH0EIeK5fCpsTnpb2KVjlbxQR7mAkAkGi6uKOtISOcqGmVdi7i0sssQV5g8nuLO6
 GOC2k3jdlhlXjs9HmvKaYQKS24/bdVtXZbOzbdsS75/fJzGQwx8XOM85n2htXm4c
 woc0l5PChcSmRF/idHuS+iLK/etxZowA6GkD3ed/stqvKILt0CZl1cOnPzKKqOkx
 LBCzaaS/23HSmY5H5SFG
 =Eg8t
 -----END PGP SIGNATURE-----

Merge tag 'drm-fixes-for-v4.12-rc2' of git://people.freedesktop.org/~airlied/linux

Pull drm fixes from Dave Airlie:
 "Mostly nouveau and i915, fairly quiet as usual for rc2"

* tag 'drm-fixes-for-v4.12-rc2' of git://people.freedesktop.org/~airlied/linux:
  drm/atmel-hlcdc: Fix output initialization
  gpu: host1x: select IOMMU_IOVA
  drm/nouveau/fifo/gk104-: Silence a locking warning
  drm/nouveau/secboot: plug memory leak in ls_ucode_img_load_gr() error path
  drm/nouveau: Fix drm poll_helper handling
  drm/i915: don't do allocate_va_range again on PIN_UPDATE
  drm/i915: Fix rawclk readout for g4x
  drm/i915: Fix runtime PM for LPE audio
  drm/i915/glk: Fix DSI "*ERROR* ULPS is still active" messages
  drm/i915/gvt: avoid unnecessary vgpu switch
  drm/i915/gvt: not to restore in-context mmio
  drm/etnaviv: don't put fence in case of submit failure
  drm/i915/gvt: fix typo: "supporte" -> "support"
  drm: hdlcd: Fix the calculation of the scanout start address
2017-05-20 08:29:30 -07:00
Linus Torvalds
6fe1de43c5 SCSI fixes on 20170519
This is the first sweep of mostly minor fixes.  There's one security
 one: the read past the end of a buffer in qedf, and a panic fix for
 lpfc SLI-3 adapters, but the rest are a set of include and build
 dependency tidy ups and assorted other small fixes and updates.
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJZH24IAAoJEAVr7HOZEZN49ToP/1UHEJrhlj2AsOx24/JCMMSn
 MGw0Epha7QQ6d1uiXqB7ZTmpcRykzK4xFLrneP9BYSekTIWPWmKhAcy7Uza0EJiJ
 FYvuSDDEQd+T2anqlxw3N/EevkH9nzVp/uYxpU2IAVtvvnyUgnhZpPNrrRC+d6kM
 MJJjsid9SFmEQK20PYKw3LpLMqKYMQnaHVWdMPo8lXd1VqdqJB98fxjJ6mpo1yZP
 3VcCT4KJeQkX8PW8pOR+yto5oCw0pHK3oTiICLwLr8tTMdO5/XIhq004pV2mI6p4
 fWlD7chFZYjfuAT+qUmjQfglG8S8M5iLpygNUxkCtATWHeOJ+E4GtpIpUGVzn1Xv
 NTtXtOn93Glb7Em3XAemqxnh1/iHxk+mcWMcLa2YyTTiFUE5YJRm4oV/WBOssyAP
 9jXhaJwKn3AFdb5cXPSD083+jtxDFB/5PRfCKHVFKD86SxQR5nEpJj8XsjnaY5Bf
 uAh7EPiledKa6YaXlVk9Bx14G0mMyk3qAwqqOBRl3uakMYUfDVhhWM11GqG/DqVG
 H5CMcCcS1WleilhmuS3tidooUFejkwaImVIEBnjpyoDrjI5BGpRL/Cl2iLyeFQm8
 6ifDHhbfeHNAmgXCkGcXaSKeDKSbuxvRV7Q2xbX5lyTMSTXs3ek1KO5N7gaWYlAA
 RgkFBeuY8O1dk0qJrFtH
 =FJ21
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "This is the first sweep of mostly minor fixes. There's one security
  one: the read past the end of a buffer in qedf, and a panic fix for
  lpfc SLI-3 adapters, but the rest are a set of include and build
  dependency tidy ups and assorted other small fixes and updates"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
  scsi: pmcraid: remove redundant check to see if request_size is less than zero
  scsi: lpfc: ensure els_wq is being checked before destroying it
  scsi: cxlflash: Select IRQ_POLL
  scsi: qedf: Avoid reading past end of buffer
  scsi: qedf: Cleanup the type of io_log->op
  scsi: lpfc: double lock typo in lpfc_ns_rsp()
  scsi: qedf: properly update arguments position in function call
  scsi: scsi_lib: Add #include <scsi/scsi_transport.h>
  scsi: MAINTAINERS: update OSD entries
  scsi: Skip deleted devices in __scsi_device_lookup
  scsi: lpfc: Fix panic on BFS configuration
  scsi: libfc: do not flood console with messages 'libfc: queue full ...'
2017-05-19 17:46:51 -07:00
Linus Torvalds
8c3fc1643d Merge branch 'libnvdimm-for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
Pull libnvdimm fixes from Dan Williams:
 "A couple of compile fixes.

  With the removal of the ->direct_access() method from
  block_device_operations in favor of a new dax_device + dax_operations
  we broke two configurations.

  The CONFIG_BLOCK=n case is fixed by compiling out the block+dax
  helpers in the dax core. Configurations with FS_DAX=n EXT4=y / XFS=y
  and DAX=m fail due to the helpers the builtin filesystem needs being
  in a module, so we stub out the helpers in the FS_DAX=n case."

* 'libnvdimm-for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
  dax, xfs, ext4: compile out iomap-dax paths in the FS_DAX=n case
  dax: fix false CONFIG_BLOCK dependency
2017-05-19 17:35:34 -07:00
Linus Torvalds
0bdc6fd232 Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux
Pull i2c fix from Wolfram Sang:
 "A regression fix for I2C that would be great to have in rc2"

* 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
  i2c: designware: don't infer timings described by ACPI from clock rate
2017-05-19 17:33:08 -07:00
Linus Torvalds
d4c6cd157a IOMMU Fixes for Linux v4.12-rc1
Including:
 
 	* Another compile-fix as a fallout of the recent header-file
 	  cleanup
 
 	* Add a missing IO/TLB flush to the Intel VT-d kdump code path
 
 	* A fix for ARM64 dma code to only access initialized
 	  iova_domain members
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQIcBAABAgAGBQJZHrr1AAoJECvwRC2XARrjR9gQAMaVmFpTl35KqJKam9bKb7p7
 uXbFvZmA7BSWknLYCdRChUe/wTY7o++Quf/XIUBYOZ4/pnPUZO0dChIUX3iGa3H7
 gcxdS+myfX8OvhIteXMQPDgGiVQ39KDq2uwFVYS8rfAo1KN8Azm6JtaNrDIXMD0h
 fuMCRmfhukyT2BpEDD2VIsWQc6sP/SnvezRdT4zscLpnRrdh2NbAtQgNAPUXQkXI
 XpfAF1WRAGFw9VQXLMul5agD5ebPnZWQ4sh3KMs9iMTMhKRzX/kJ8hZql+ZcBhzx
 CxWUJbYPhTrU2Y88xJwwGb0CnjzBcVaeu0Wgy8cPfE5tTP6bqIoiG0VVEnduvYbB
 H8OG8KwbEKnBeA1hlNSqzsEmSehv1GK280eWB6lQUMq+GpqZLaB9xwh3159t0Sw+
 IJO+8ph72mkFuXfvoH7Ms/D+I0vjvWzjElNeYS5bOKaiLczeu5BsUhE+3BtP8SmB
 TucEDKKhefITo1192OA8U9IB2EFsPUonxYxYQNs31c7uMzP96VTcM36dc95MncpH
 Esu8+JcqrVx2KVZmqoLOH3brsedsVFVmoKfwE18nmMUerL1nkIl2lor6gTl2yjiV
 FJPOXNylF7naRoUHo9TIvwl3Q0uXbiiwVyRosgfNySSN1ecw9Qx4ByOxlYnS4cut
 uDSvkYH/fDtXlWbz/tPM
 =ok9C
 -----END PGP SIGNATURE-----

Merge tag 'iommu-fixes-v4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu

Pull IOMMU fixes from Joerg Roedel:

 - another compile-fix as a fallout of the recent header-file cleanup

 - add a missing IO/TLB flush to the Intel VT-d kdump code path

 - a fix for ARM64 dma code to only access initialized iova_domain
   members

* tag 'iommu-fixes-v4.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
  iommu/mediatek: Include linux/dma-mapping.h
  iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
  iommu/dma: Don't touch invalid iova_domain members
2017-05-19 17:27:28 -07:00
Linus Torvalds
4217fdde34 KVM fixes for v4.12-rc2
ARM:
  - A fix for a build failure introduced in -rc1 when tracepoints are
    enabled on 32-bit ARM.
  - Disabling use of stack pointer protection in the hyp code which can
    cause panics.
  - A handful of VGIC fixes.
  - A fix to the init of the redistributors on GICv3 systems that
    prevented boot with kvmtool on GICv3 systems introduced in -rc1.
  - A number of race conditions fixed in our MMU handling code.
  - A fix for the guest being able to program the debug extensions for
    the host on the 32-bit side.
 
 PPC:
  - Fixes for build failures with PR KVM configurations.
  - A fix for a host crash that can occur on POWER9 with radix guests.
 
 x86:
  - Fixes for nested PML and nested EPT.
  - A fix for crashes caused by reserved bits in SSE MXCSR that could
    have been set by userspace.
  - An optimization of halt polling that fixes high CPU overhead.
  - Fixes for four reports from Dan Carpenter's static checker.
  - A protection around code that shouldn't have been preemptible.
  - A fix for port IO emulation.
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJZHzY3AAoJEED/6hsPKofocI8H/AiOHXi6AC/3s9Ok3IbN/Wp6
 +xSm1yqgxitGhpmKIJQyKMUTV0t8SblRV2nxvW7/MEyfl7vztiyWENaVFc6pO6N7
 GbnLvdImZ9aypoBaxVOY8WG/CHw2XZ7oUYyBIGrWECH3k+fptBNdISFK3D76+4G2
 +tAuWSpKSQFwjGxtreUSlnvQBp6Tjh/PqTyxslPs4zYCL6UPKSSVAoxy4yOKj3AX
 G03tx/1U1n/hSJHub9RFqho4dhVGT/p3V6oppZmS1g/ZqGPQwK1wxlYquHOtORFR
 Iq8LdkNQwTdkLlTTOG+tamYSfzn0+KhczfWjIh6ZEb79ARrUSnBU4Awpvom1C2A=
 =B6Rl
 -----END PGP SIGNATURE-----

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

Pull KVM fixes from Radim Krčmář:
 "ARM:
   - a fix for a build failure introduced in -rc1 when tracepoints are
     enabled on 32-bit ARM.

   - disable use of stack pointer protection in the hyp code which can
     cause panics.

   - a handful of VGIC fixes.

   - a fix to the init of the redistributors on GICv3 systems that
     prevented boot with kvmtool on GICv3 systems introduced in -rc1.

   - a number of race conditions fixed in our MMU handling code.

   - a fix for the guest being able to program the debug extensions for
     the host on the 32-bit side.

  PPC:
   - fixes for build failures with PR KVM configurations.

   - a fix for a host crash that can occur on POWER9 with radix guests.

  x86:
   - fixes for nested PML and nested EPT.

   - a fix for crashes caused by reserved bits in SSE MXCSR that could
     have been set by userspace.

   - an optimization of halt polling that fixes high CPU overhead.

   - fixes for four reports from Dan Carpenter's static checker.

   - a protection around code that shouldn't have been preemptible.

   - a fix for port IO emulation"

* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (27 commits)
  KVM: x86: prevent uninitialized variable warning in check_svme()
  KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh()
  KVM: x86: zero base3 of unusable segments
  KVM: X86: Fix read out-of-bounds vulnerability in kvm pio emulation
  KVM: x86: Fix potential preemption when get the current kvmclock timestamp
  KVM: Silence underflow warning in avic_get_physical_id_entry()
  KVM: arm/arm64: Hold slots_lock when unregistering kvm io bus devices
  KVM: arm/arm64: Fix bug when registering redist iodevs
  KVM: x86: lower default for halt_poll_ns
  kvm: arm/arm64: Fix use after free of stage2 page table
  kvm: arm/arm64: Force reading uncached stage2 PGD
  KVM: nVMX: fix EPT permissions as reported in exit qualification
  KVM: VMX: Don't enable EPT A/D feature if EPT feature is disabled
  KVM: x86: Fix load damaged SSEx MXCSR register
  kvm: nVMX: off by one in vmx_write_pml_buffer()
  KVM: arm: rename pm_fake handler to trap_raz_wi
  KVM: arm: plug potential guest hardware debug leakage
  kvm: arm/arm64: Fix race in resetting stage2 PGD
  KVM: arm/arm64: vgic-v3: Use PREbits to infer the number of ICH_APxRn_EL2 registers
  KVM: arm/arm64: vgic-v3: Do not use Active+Pending state for a HW interrupt
  ...
2017-05-19 15:13:13 -07:00
Linus Torvalds
9e856e4b47 xen: fixes for 4.12 rc2
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2
 
 iQEcBAABAgAGBQJZHx/IAAoJELDendYovxMvzegIAIOyDATZsyLnbDnTunOmYqLJ
 n06v50N3KwQ+pegJyz4lHdTryI10/TEUzvuT4v/V9B0sHimNRJcE7ClvRVPEaFrs
 4y459kKGXRpXXAvS2r0WIY3NhwP/Num9+duVY5lInJ6caq+/JDm3S1tL2HeQ9gl1
 SDuI6IMV3q12Agk6jgbvwd1XBh3wbj8Z6SOx3DAchqY/kbdy6tS4y5CR93mKpjs3
 LsVyPvY2IOLWCSrPsdloM4l7lMoVmd/1tt6NfzymepIxQbIS3KWo5AwBsoM0cVfs
 KGb4T3+H8uwmpyWjgibsayr31cC7LIulEqLtqZNyycpIZGR5TlZ01KEPSMKn78s=
 =Boz3
 -----END PGP SIGNATURE-----

Merge tag 'for-linus-4.12b-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip

Pull xen fixes from Juergen Gross:
 "Some fixes for the new Xen 9pfs frontend and some minor cleanups"

* tag 'for-linus-4.12b-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen: make xen_flush_tlb_all() static
  xen: cleanup pvh leftovers from pv-only sources
  xen/9pfs: p9_trans_xen_init and p9_trans_xen_exit can be static
  xen/9pfs: fix return value check in xen_9pfs_front_probe()
2017-05-19 15:06:48 -07:00
Linus Torvalds
1fbbed4137 DeviceTree fixes for 4.12-rc:
- Fix missing allocation failure handling in fdt code
 
 - Fix dtc compile error on 32-bit hosts
 
 - Revert bad sparse changes causing GCC7 warnings
 -----BEGIN PGP SIGNATURE-----
 
 iQItBAABCAAXBQJZHlHSEBxyb2JoQGtlcm5lbC5vcmcACgkQ+vtdtY28YcODVg//
 VKaZS1fHHaFyUvtKATqeukm7tQsX1a9l1XMBZVmFgN/elT9UeFRKimRLCoPY6x7Y
 VwDq/upxmasROm9/HJGx6AyCE4jzHfeOKhi8I82LT06+ZMbj5Z6Ip1uFQ7cLpSRi
 a+RN2EXIBYi64g8vS/KGlLNdQ+lWEZCKL4WqfnqrEHgEA30Hur8LNq7ugtZ8As0t
 QlgQOy6KrNxS2JGv/R5dwud0bK8YX2x5VeLKlvWTot7GFVevIWrMjd4/rmB9pCNs
 a17tSw8DMR/Z0HicVCg40QIWEaDw9rZLxt0m692D/53y7zDH1KwDov62b9BSjMQl
 u3D1qC0gWjn+8pArU9P+AoLAL8Jy5wLd7CzFSVqCQmWJWqgkkgCAX67fsnsNHmHF
 DDXJyA+Fw/ZLOFMBHNBUTiLHoPhxa4D/2K2WcBdVJQpvnoy/11rjH17BUwOloGWy
 Q9qKWQ1q5zYSrk7jjMae9akv3Q61ZEbnE0VNXPeh2ZkRBqBl/0c5yhscg+dR9KIf
 5RkbqfYcSMfqMvSCEZGmDDSAVraqjrURyWtcRHHbQM6GSdEn+szBxOTllGOHoiFc
 BoIRP0YSm+pRReWPgpv3aWl9eXTFDijbTkzursgHrdMf5H9ar4ndCLh9ZdVR5qyx
 JzYY008v1G2VaSupvhbqVcyEhJNJEHLcGrixg+CobCQ=
 =HlJN
 -----END PGP SIGNATURE-----

Merge tag 'devicetree-fixes-for-4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux

Pull DeviceTree fixes from Rob Herring:

 - fix missing allocation failure handling in fdt code

 - fix dtc compile error on 32-bit hosts

 - revert bad sparse changes causing GCC7 warnings

* tag 'devicetree-fixes-for-4.12' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux:
  of: fdt: add missing allocation-failure check
  dtc: check.c fix compile error
  Partially Revert "of: fix sparse warnings in fdt, irq, reserved mem, and resolver code"
2017-05-19 15:03:24 -07:00
Linus Torvalds
f538a82c07 ARM: SoC fixes (and a cross-arch dt-include fix)
We had a small batch of fixes before -rc1, but here is a larger one. It
 contains a backmerge of 4.12-rc1 since some of the downstream branches we
 merge had that as base; at the same time we already had merged contents
 before -rc1 and rebase wasn't the right solution.
 
 A mix of random smaller fixes and a few things worth pointing out:
 
  - We've started telling people to avoid cross-tree shared branches if all
    they're doing is picking up one or two DT-used constants from a
    shared include file, and instead to use the numeric values on first
    submission. Follow-up moving over to symbolic names are sent in right
    after -rc1, i.e. here. It's only a few minor patches of this type.
 
  - Linus Walleij and others are resurrecting the 'Gemini' platform, and
    wanted a cut-down platform-specific defconfig for it. So I picked that
    up for them.
 
  - Rob Herring ran 'savedefconfig' on arm64, it's a bit churny but it helps
    people to prepare patches since it's a pain when defconfig and current
    savedefconfig contents differs too much.
 
  - Devicetree additions for some pinctrl drivers for Armada that were
    merged this window. I'd have preferred to see those earlier but it's not
    a huge deail.
 
 The biggest change worth pointing out though since it's touching other
 parts of the tree: We added prefixes to be used when cross-including
 DT contents between arm64 and arm, allowing someone to #include
 <arm/foo.dtsi> from arm64, and likewise. As part of that, we needed
 arm/foo.dtsi to work on arm as well. The way I suggested this to Heiko
 resulted in a recursive symlink.
 
 Instead, I've now moved it out of arch/*/boot/dts/include, into a shared
 location under scripts/dtc. While I was at it, I consolidated so all
 architectures now behave the same way in this manner.
 
 Rob Herring (DT maintainer) has acked it. I cc:d most other arch
 maintainers but nobody seems to care much; it doesn't really affect them
 since functionality is unchanged for them by default.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJZH0gEAAoJEIwa5zzehBx3eCcQAJX55nWjTV/ankFWyaQiXZx1
 JhcThxugqPYviYFFTpI3LZnZ0snWbZBNfkoju8ukmzIiqoO/eDlB+LVz6PVWfCIl
 4egZZZF1tgxEFoQQ71WKpF1hj0pKccCugHX+5uBDID3s9vjxgQS1Gf1G5ZeFrqbd
 m9brxbouGsZMscuWb59K7ayIXO6D4C2hqQqJtGrOZc2jfLs9rZBchDVSQ28sRNQy
 qXIcAgH+D1QWfbAi0+cI6opnWmEdcofO5Uge8KzK1wO0HYzO5GQJw1KbM/AAJ7+Y
 JtPEWhuUKl8aou6515rFPD7yjFaMtfbL0+0UeKS2TRGz+dSCoSs1kTyJ4cpNAUCT
 E3hOLYKzq8rbxcGwEqfp4JjktpWSPGGhEbp4lvNV1gk9A0MLHPnidLCKSoLyCkN0
 3qmmlrt4hSCpF07IvY7hWUALHIOsRPtIdbaOMzAyzcWkzu/DMmQ3lFdt7Bgi3AbB
 j0Phtz0TR7X6A/1gAxZDGjHaYaEG6KR9ufJMyCNtgGUaKeMZakthbYSz8MdXIq5X
 zKqL2ZyPKNq6zHZbvc3yIiYmVKubT9t+8Wc4AjXPNdWgR455V0GSlmf3XCA8rAp7
 hISzE4CD4N/YIKNPukt4kcJY7TBpcOZxfquMfBxLEqke+GxJL80CGaOf8iZb3ipM
 R697L88FstLhSNhEl/gu
 =2EGB
 -----END PGP SIGNATURE-----

Merge tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc

Pull ARM SoC fixes from Olof Johansson:
 "We had a small batch of fixes before -rc1, but here is a larger one.
  It contains a backmerge of 4.12-rc1 since some of the downstream
  branches we merge had that as base; at the same time we already had
  merged contents before -rc1 and rebase wasn't the right solution.

  A mix of random smaller fixes and a few things worth pointing out:

   - We've started telling people to avoid cross-tree shared branches if
     all they're doing is picking up one or two DT-used constants from a
     shared include file, and instead to use the numeric values on first
     submission. Follow-up moving over to symbolic names are sent in
     right after -rc1, i.e. here. It's only a few minor patches of this
     type.

   - Linus Walleij and others are resurrecting the 'Gemini' platform,
     and wanted a cut-down platform-specific defconfig for it. So I
     picked that up for them.

   - Rob Herring ran 'savedefconfig' on arm64, it's a bit churny but it
     helps people to prepare patches since it's a pain when defconfig
     and current savedefconfig contents differs too much.

   - Devicetree additions for some pinctrl drivers for Armada that were
     merged this window. I'd have preferred to see those earlier but
     it's not a huge deail.

  The biggest change worth pointing out though since it's touching other
  parts of the tree: We added prefixes to be used when cross-including
  DT contents between arm64 and arm, allowing someone to #include
  <arm/foo.dtsi> from arm64, and likewise. As part of that, we needed
  arm/foo.dtsi to work on arm as well. The way I suggested this to Heiko
  resulted in a recursive symlink.

  Instead, I've now moved it out of arch/*/boot/dts/include, into a
  shared location under scripts/dtc. While I was at it, I consolidated
  so all architectures now behave the same way in this manner.

  Rob Herring (DT maintainer) has acked it. I cc:d most other arch
  maintainers but nobody seems to care much; it doesn't really affect
  them since functionality is unchanged for them by default"

* tag 'armsoc-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: (29 commits)
  arm64: dts: rockchip: fix include reference
  firmware: ti_sci: fix strncat length check
  ARM: remove duplicate 'const' annotations'
  arm64: defconfig: enable options needed for QCom DB410c board
  arm64: defconfig: sync with savedefconfig
  ARM: configs: add a gemini defconfig
  devicetree: Move include prefixes from arch to separate directory
  ARM: dts: dra7: Reduce cpu thermal shutdown temperature
  memory: omap-gpmc: Fix debug output for access width
  ARM: dts: LogicPD Torpedo: Fix camera pin mux
  ARM: dts: omap4: enable CEC pin for Pandaboard A4 and ES
  ARM: dts: gta04: fix polarity of clocks for mcbsp4
  ARM: dts: dra7: Add power hold and power controller properties to palmas
  soc: imx: add PM dependency for IMX7_PM_DOMAINS
  ARM: dts: imx6sx-sdb: Remove OPP override
  ARM: dts: imx53-qsrb: Pulldown PMIC IRQ pin
  soc: bcm: brcmstb: Correctly match 7435 SoC
  tee: add ARM_SMCCC dependency
  ARM: omap2+: make omap4_get_cpu1_ns_pa_addr declaration usable
  ARM64: dts: mediatek: configure some fixed mmc parameters
  ...
2017-05-19 13:36:56 -07:00
Linus Torvalds
2fe296a61a arm64 fixes/cleanups:
- Avoid taking a mutex in the secondary CPU bring-up path when
   interrupts are disabled
 
 - Ignore perf exclude_hv when the kernel is running in Hyp mode
 
 - Remove redundant instruction in cmpxchg
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJZHva5AAoJEGvWsS0AyF7xjGQP/ibkFaPSSe1PfpM3pC3mdyv1
 2o1oChoKKh4u4VR5gZs2nAXZiOoZjPByvnzrJiF9k5KThkTJechr6PS0srUHtxVt
 hpReVgsnuqZ4iX68EsiMY+ayoMmBpHGBY9ErlbWPHpgttMHqq7xiMcb/+lSxHoxX
 GXrsz5J2KaHv7zNQY3nx+Ear592n7WdrBvUpBYh9jyGQWlC2cxKV/1RbcCa76MGx
 33xKExL/NTsTy3cnP8gjVL95RmJCm4qfDGJky/UC8tDWnS92fXt5HHbkgWNCFIgD
 eL6hNyZtl4Sxmfcn1QwzBiTL2+VIsQhuqRW9gH0PiBP15TFh0nfzegrlylJ2gw6A
 qmq+fos1zyYdyzA43IDfrmbYJb7MD2pwuhgg8yDkIEguUUgMhdnd7V8nmgzAT8g2
 nX1FwqZxz9+wBZHfP5gEEiIhCdOkbU6zFKWXlhxVluUkPDUdUKIWt80V6jGljJXj
 Np15Ld7joVcH06g1bwiUziNH8q/qpIE2YKxXKPHs9LfrEPtpUwK372rSeQFa28XE
 vxqbXyhfPujXNukCyVEMWYzzR3qE2hb3nh/dU6Oom+W6ZSE3f6s26iOM0Jo34nIN
 hZGws5onbIWOHhO34/KtRoyDtJDNM6I6Yjzn5QZntFf3HKBSI7s7VVntoZSSa1Gm
 oG0Fuy13XSqyBuxw70nL
 =eZ2l
 -----END PGP SIGNATURE-----

Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux

Pull arm64 fixes/cleanups from Catalin Marinas:

 - Avoid taking a mutex in the secondary CPU bring-up path when
   interrupts are disabled

 - Ignore perf exclude_hv when the kernel is running in Hyp mode

 - Remove redundant instruction in cmpxchg

* tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
  arm64/cpufeature: don't use mutex in bringup path
  arm64: perf: Ignore exclude_hv when kernel is running in HYP
  arm64: Remove redundant mov from LL/SC cmpxchg
2017-05-19 13:34:34 -07:00
Dave Airlie
d51aff16e8 Merge branch 'for-upstream/hdlcd' of git://linux-arm.org/linux-ld into drm-fixes
single hdlcd fix
* 'for-upstream/hdlcd' of git://linux-arm.org/linux-ld:
  drm: hdlcd: Fix the calculation of the scanout start address
2017-05-20 06:00:49 +10:00
Linus Torvalds
e5a489abcf powerpc fixes for 4.12 #3
The headline is a fix for FP/VMX register corruption when using transactional
 memory, and a new selftest to go with it.
 
 Then there's the virt_addr_valid() fix, currently HARDENDED_USERCOPY is tripping
 on that causing some machines to crash.
 
 A few other fairly minor fixes for long tail things, and a couple of fixes for
 code we just merged.
 
 Thanks to:
   Breno Leitao, Gautham R. Shenoy, Michael Neuling, Naveen N. Rao. Nicholas
   Piggin, Paul Mackerras.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJZHrn+AAoJEFHr6jzI4aWAgAIQAKv7pthWNkQV+prW9rJqgADN
 11V/2Ldjy6oZ0871GDn1bElzkaKMTNLlTYsm2+RAHS1p53+SVlLHig5FdoxqBptj
 X6N5kUONgYA+jBBXriT/UC91tAJNR+xHmB8QEoFUtUpUBaZ66NVGYeGwlgnP1/Qm
 rRmViKuLgXPzvJ2Is6R/SbDypyU5W6Rb7n3fAd1pPQN7DlJoF6WDgALblvz2akwg
 mQaW8PtIbUQGrXqQqQJ2R3o8D+n9M4xh58NEmHjTYiEHBKBOz8G2RCOrnb1PtSyh
 kDLBZqAaQF7OW089wwzB2fq6kC+z8iENk3iWFk+X64lH0KOnZxZPY2NGcFqEUjLs
 3BoO07fksw9waysDFRRDIcj7ECYNET+Zt3kOZoZcWXdIJc+8aNo7CHXSC1DRC/ar
 GU0zRoH9dvBFfWyvjJnuOspbgHi/R+ODDgxFwqTMmCKUSGpBMkQAxSJqPh6qnyH6
 HoLEVjFrsT7qfvSi6OWuENfKMb8j3kPuBVeZammCWu2V8DIL+l+WPusOwmOXkCo7
 i/2i3lNuo8k5uuUqRUNMJk8t1+kUIKt7HJHwFGROv1H7173C2HxLTohxl0ZhSlf8
 Xe2epWAI4eL0/SPvB8Pi8FwAzb2+FP+DiC6a+cI8YoIz2+UjwiZBUQgEeQR6ETXc
 aI5uk3lnSFd62839Cezs
 =KtM/
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-4.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:
 "The headliner is a fix for FP/VMX register corruption when using
  transactional memory, and a new selftest to go with it.

  Then there's the virt_addr_valid() fix, currently HARDENDED_USERCOPY
  is tripping on that causing some machines to crash.

  A few other fairly minor fixes for long tail things, and a couple of
  fixes for code we just merged.

  Thanks to: Breno Leitao, Gautham Shenoy, Michael Neuling, Naveen Rao.
  Nicholas Piggin, Paul Mackerras"

* tag 'powerpc-4.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/mm: Fix virt_addr_valid() etc. on 64-bit hash
  powerpc/mm: Fix crash in page table dump with huge pages
  powerpc/kprobes: Fix handling of instruction emulation on probe re-entry
  powerpc/powernv: Set NAPSTATELOST after recovering paca on P9 DD1
  selftests/powerpc: Test TM and VMX register state
  powerpc/tm: Fix FP and VMX register corruption
  powerpc/modules: If mprofile-kernel is enabled add it to vermagic
2017-05-19 11:31:38 -07:00
Radim Krčmář
92ceb7679a KVM: x86: prevent uninitialized variable warning in check_svme()
get_msr() of MSR_EFER is currently always going to succeed, but static
checker doesn't see that far.

Don't complicate stuff and just use 0 for the fallback -- it means that
the feature is not present.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-05-19 19:59:28 +02:00
Radim Krčmář
34b0dadbdf KVM: x86/vPMU: fix undefined shift in intel_pmu_refresh()
Static analysis noticed that pmu->nr_arch_gp_counters can be 32
(INTEL_PMC_MAX_GENERIC) and therefore cannot be used to shift 'int'.

I didn't add BUILD_BUG_ON for it as we have a better checker.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 25462f7f52 ("KVM: x86/vPMU: Define kvm_pmu_ops to support vPMU function dispatch")
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-05-19 19:59:27 +02:00
Radim Krčmář
f0367ee1d6 KVM: x86: zero base3 of unusable segments
Static checker noticed that base3 could be used uninitialized if the
segment was not present (useable).  Random stack values probably would
not pass VMCS entry checks.

Reported-by:  Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 1aa366163b ("KVM: x86 emulator: consolidate segment accessors")
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-05-19 19:59:27 +02:00
Wanpeng Li
cbfc6c9184 KVM: X86: Fix read out-of-bounds vulnerability in kvm pio emulation
Huawei folks reported a read out-of-bounds vulnerability in kvm pio emulation.

- "inb" instruction to access PIT Mod/Command register (ioport 0x43, write only,
  a read should be ignored) in guest can get a random number.
- "rep insb" instruction to access PIT register port 0x43 can control memcpy()
  in emulator_pio_in_emulated() to copy max 0x400 bytes but only read 1 bytes,
  which will disclose the unimportant kernel memory in host but no crash.

The similar test program below can reproduce the read out-of-bounds vulnerability:

void hexdump(void *mem, unsigned int len)
{
        unsigned int i, j;

        for(i = 0; i < len + ((len % HEXDUMP_COLS) ? (HEXDUMP_COLS - len % HEXDUMP_COLS) : 0); i++)
        {
                /* print offset */
                if(i % HEXDUMP_COLS == 0)
                {
                        printf("0x%06x: ", i);
                }

                /* print hex data */
                if(i < len)
                {
                        printf("%02x ", 0xFF & ((char*)mem)[i]);
                }
                else /* end of block, just aligning for ASCII dump */
                {
                        printf("   ");
                }

                /* print ASCII dump */
                if(i % HEXDUMP_COLS == (HEXDUMP_COLS - 1))
                {
                        for(j = i - (HEXDUMP_COLS - 1); j <= i; j++)
                        {
                                if(j >= len) /* end of block, not really printing */
                                {
                                        putchar(' ');
                                }
                                else if(isprint(((char*)mem)[j])) /* printable char */
                                {
                                        putchar(0xFF & ((char*)mem)[j]);
                                }
                                else /* other char */
                                {
                                        putchar('.');
                                }
                        }
                        putchar('\n');
                }
        }
}

int main(void)
{
	int i;
	if (iopl(3))
	{
		err(1, "set iopl unsuccessfully\n");
		return -1;
	}
	static char buf[0x40];

	/* test ioport 0x40,0x41,0x42,0x43,0x44,0x45 */

	memset(buf, 0xab, sizeof(buf));

	asm volatile("push %rdi;");
	asm volatile("mov %0, %%rdi;"::"q"(buf));

	asm volatile ("mov $0x40, %rdx;");
	asm volatile ("in %dx,%al;");
	asm volatile ("stosb;");

	asm volatile ("mov $0x41, %rdx;");
	asm volatile ("in %dx,%al;");
	asm volatile ("stosb;");

	asm volatile ("mov $0x42, %rdx;");
	asm volatile ("in %dx,%al;");
	asm volatile ("stosb;");

	asm volatile ("mov $0x43, %rdx;");
	asm volatile ("in %dx,%al;");
	asm volatile ("stosb;");

	asm volatile ("mov $0x44, %rdx;");
	asm volatile ("in %dx,%al;");
	asm volatile ("stosb;");

	asm volatile ("mov $0x45, %rdx;");
	asm volatile ("in %dx,%al;");
	asm volatile ("stosb;");

	asm volatile ("pop %rdi;");
	hexdump(buf, 0x40);

	printf("\n");

	/* ins port 0x40 */

	memset(buf, 0xab, sizeof(buf));

	asm volatile("push %rdi;");
	asm volatile("mov %0, %%rdi;"::"q"(buf));

	asm volatile ("mov $0x20, %rcx;");
	asm volatile ("mov $0x40, %rdx;");
	asm volatile ("rep insb;");

	asm volatile ("pop %rdi;");
	hexdump(buf, 0x40);

	printf("\n");

	/* ins port 0x43 */

	memset(buf, 0xab, sizeof(buf));

	asm volatile("push %rdi;");
	asm volatile("mov %0, %%rdi;"::"q"(buf));

	asm volatile ("mov $0x20, %rcx;");
	asm volatile ("mov $0x43, %rdx;");
	asm volatile ("rep insb;");

	asm volatile ("pop %rdi;");
	hexdump(buf, 0x40);

	printf("\n");
	return 0;
}

The vcpu->arch.pio_data buffer is used by both in/out instrutions emulation
w/o clear after using which results in some random datas are left over in
the buffer. Guest reads port 0x43 will be ignored since it is write only,
however, the function kernel_pio() can't distigush this ignore from successfully
reads data from device's ioport. There is no new data fill the buffer from
port 0x43, however, emulator_pio_in_emulated() will copy the stale data in
the buffer to the guest unconditionally. This patch fixes it by clearing the
buffer before in instruction emulation to avoid to grant guest the stale data
in the buffer.

In addition, string I/O is not supported for in kernel device. So there is no
iteration to read ioport %RCX times for string I/O. The function kernel_pio()
just reads one round, and then copy the io size * %RCX to the guest unconditionally,
actually it copies the one round ioport data w/ other random datas which are left
over in the vcpu->arch.pio_data buffer to the guest. This patch fixes it by
introducing the string I/O support for in kernel device in order to grant the right
ioport datas to the guest.

Before the patch:

0x000000: fe 38 93 93 ff ff ab ab .8......
0x000008: ab ab ab ab ab ab ab ab ........
0x000010: ab ab ab ab ab ab ab ab ........
0x000018: ab ab ab ab ab ab ab ab ........
0x000020: ab ab ab ab ab ab ab ab ........
0x000028: ab ab ab ab ab ab ab ab ........
0x000030: ab ab ab ab ab ab ab ab ........
0x000038: ab ab ab ab ab ab ab ab ........

0x000000: f6 00 00 00 00 00 00 00 ........
0x000008: 00 00 00 00 00 00 00 00 ........
0x000010: 00 00 00 00 4d 51 30 30 ....MQ00
0x000018: 30 30 20 33 20 20 20 20 00 3
0x000020: ab ab ab ab ab ab ab ab ........
0x000028: ab ab ab ab ab ab ab ab ........
0x000030: ab ab ab ab ab ab ab ab ........
0x000038: ab ab ab ab ab ab ab ab ........

0x000000: f6 00 00 00 00 00 00 00 ........
0x000008: 00 00 00 00 00 00 00 00 ........
0x000010: 00 00 00 00 4d 51 30 30 ....MQ00
0x000018: 30 30 20 33 20 20 20 20 00 3
0x000020: ab ab ab ab ab ab ab ab ........
0x000028: ab ab ab ab ab ab ab ab ........
0x000030: ab ab ab ab ab ab ab ab ........
0x000038: ab ab ab ab ab ab ab ab ........

After the patch:

0x000000: 1e 02 f8 00 ff ff ab ab ........
0x000008: ab ab ab ab ab ab ab ab ........
0x000010: ab ab ab ab ab ab ab ab ........
0x000018: ab ab ab ab ab ab ab ab ........
0x000020: ab ab ab ab ab ab ab ab ........
0x000028: ab ab ab ab ab ab ab ab ........
0x000030: ab ab ab ab ab ab ab ab ........
0x000038: ab ab ab ab ab ab ab ab ........

0x000000: d2 e2 d2 df d2 db d2 d7 ........
0x000008: d2 d3 d2 cf d2 cb d2 c7 ........
0x000010: d2 c4 d2 c0 d2 bc d2 b8 ........
0x000018: d2 b4 d2 b0 d2 ac d2 a8 ........
0x000020: ab ab ab ab ab ab ab ab ........
0x000028: ab ab ab ab ab ab ab ab ........
0x000030: ab ab ab ab ab ab ab ab ........
0x000038: ab ab ab ab ab ab ab ab ........

0x000000: 00 00 00 00 00 00 00 00 ........
0x000008: 00 00 00 00 00 00 00 00 ........
0x000010: 00 00 00 00 00 00 00 00 ........
0x000018: 00 00 00 00 00 00 00 00 ........
0x000020: ab ab ab ab ab ab ab ab ........
0x000028: ab ab ab ab ab ab ab ab ........
0x000030: ab ab ab ab ab ab ab ab ........
0x000038: ab ab ab ab ab ab ab ab ........

Reported-by: Moguofang <moguofang@huawei.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Cc: Moguofang <moguofang@huawei.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-05-19 19:59:26 +02:00
Wanpeng Li
e2c2206a18 KVM: x86: Fix potential preemption when get the current kvmclock timestamp
BUG: using __this_cpu_read() in preemptible [00000000] code: qemu-system-x86/2809
 caller is __this_cpu_preempt_check+0x13/0x20
 CPU: 2 PID: 2809 Comm: qemu-system-x86 Not tainted 4.11.0+ #13
 Call Trace:
  dump_stack+0x99/0xce
  check_preemption_disabled+0xf5/0x100
  __this_cpu_preempt_check+0x13/0x20
  get_kvmclock_ns+0x6f/0x110 [kvm]
  get_time_ref_counter+0x5d/0x80 [kvm]
  kvm_hv_process_stimers+0x2a1/0x8a0 [kvm]
  ? kvm_hv_process_stimers+0x2a1/0x8a0 [kvm]
  ? kvm_arch_vcpu_ioctl_run+0xac9/0x1ce0 [kvm]
  kvm_arch_vcpu_ioctl_run+0x5bf/0x1ce0 [kvm]
  kvm_vcpu_ioctl+0x384/0x7b0 [kvm]
  ? kvm_vcpu_ioctl+0x384/0x7b0 [kvm]
  ? __fget+0xf3/0x210
  do_vfs_ioctl+0xa4/0x700
  ? __fget+0x114/0x210
  SyS_ioctl+0x79/0x90
  entry_SYSCALL_64_fastpath+0x23/0xc2
 RIP: 0033:0x7f9d164ed357
  ? __this_cpu_preempt_check+0x13/0x20

This can be reproduced by run kvm-unit-tests/hyperv_stimer.flat w/
CONFIG_PREEMPT and CONFIG_DEBUG_PREEMPT enabled.

Safe access to per-CPU data requires a couple of constraints, though: the
thread working with the data cannot be preempted and it cannot be migrated
while it manipulates per-CPU variables. If the thread is preempted, the
thread that replaces it could try to work with the same variables; migration
to another CPU could also cause confusion. However there is no preemption
disable when reads host per-CPU tsc rate to calculate the current kvmclock
timestamp.

This patch fixes it by utilizing get_cpu/put_cpu pair to guarantee both
__this_cpu_read() and rdtsc() are not preempted.

Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Wanpeng Li <wanpeng.li@hotmail.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
2017-05-19 19:59:25 +02:00
Shaohua Li
5f3394530f blktrace: fix integer parse
sscanf is a very poor way to parse integer. For example, I input
"discard" for act_mask, it gets 0xd and completely messes up. Using
correct API to do integer parse.

This patch also makes attributes accept any base of integer.

Signed-off-by: Shaohua Li <shli@fb.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
2017-05-19 09:21:15 -06:00
Ard Biesheuvel
9d64084330 i2c: designware: don't infer timings described by ACPI from clock rate
Commit bd698d24b1 ("i2c: designware: Get selected speed mode
sda-hold-time via ACPI") updated the logic that reads the timing
parameters for various I2C bus rates from the DSDT, to only read
the timing parameters for the currently selected mode.

This causes a WARN_ON() splat on platforms that legally omit the clock
frequency from the ACPI description, because in the new situation, the
core I2C designware driver still accesses the fields in the driver
struct that we no longer populate, and proceeds to calculate them from
the clock frequency. Since the clock frequency is unspecified, the
driver complains loudly using a WARN_ON().

So revert back to the old situation, where the struct fields for all
timings are populated, but retain the new logic which chooses the SDA
hold time from the timing mode that is currently in use.

Fixes: bd698d24b1 ("i2c: designware: Get selected speed mode ...")
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reported-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Acked-by: Jarkko Nikula <jarkko.nikula@linux.intel.com>
Signed-off-by: Wolfram Sang <wsa@the-dreams.de>
2017-05-19 14:36:24 +02:00
Arnd Bergmann
6bf1c2d267 arm64: dts: rockchip: fix include reference
The way we handle include paths for DT has changed a bit, which
broke a file that had an unconventional way to reference a common
header file:

arch/arm64/boot/dts/rockchip/rk3399-gru-kevin.dts:47:10: fatal error: include/dt-bindings/input/linux-event-codes.h: No such file or directory

This removes the leading "include/" from the path name, which fixes it.

Fixes: d5d332d3f7 ("devicetree: Move include prefixes from arch to separate directory")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2017-05-19 14:12:00 +02:00
Eric Anholt
fedf266f99 watchdog: bcm281xx: Fix use of uninitialized spinlock.
The bcm_kona_wdt_set_resolution_reg() call takes the spinlock, so
initialize it earlier.  Fixes a warning at boot with lock debugging
enabled.

Fixes: 6adb730dc2 ("watchdog: bcm281xx: Watchdog Driver")
Signed-off-by: Eric Anholt <eric@anholt.net>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
2017-05-19 10:42:25 +02:00
Wei Yongjun
07441a7dd1 watchdog: zx2967: remove redundant dev_err call in zx2967_wdt_probe()
There is a error message within devm_ioremap_resource
already, so remove the dev_err call to avoid redundant
error message.

Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
2017-05-19 10:42:18 +02:00
Paolo Bonzini
1fccb73011 iTCO_wdt: all versions count down twice
The ICH9 is listed as having TCO v2, and indeed the behavior in the
datasheet corresponds to v2 (for example the NO_REBOOT flag is
accessible via the 16KiB-aligned Root Complex Base Address).

However, the TCO counts twice just like in v1; the documentation
of the SECOND_TO_STS bit says: "ICH9 sets this bit to 1 to indicate
that the TIMEOUT bit had been (or is currently) set and a second
timeout occurred before the TCO_RLD register was written. If this
bit is set and the NO_REBOOT config bit is 0, then the ICH9 will
reboot the system after the second timeout.  The same can be found
in the BayTrail (Atom E3800) datasheet, and even HOWTOs around
the Internet say that it will reboot after _twice_ the specified
heartbeat.

I did not find the Apollo Lake datasheet, but because v4/v5 has
a SECOND_TO_STS bit just like the previous version I'm enabling
this for Apollo Lake as well.

Cc: linux-watchdog@vger.kernel.org
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Wim Van Sebroeck <wim@iguana.be>
2017-05-19 10:42:11 +02:00
Arnd Bergmann
76cefef8e8 firmware: ti_sci: fix strncat length check
gcc-7 notices that the length we pass to strncat is wrong:

drivers/firmware/ti_sci.c: In function 'ti_sci_probe':
drivers/firmware/ti_sci.c:204:32: error: specified bound 50 equals the size of the destination [-Werror=stringop-overflow=]

Instead of the total length, we must pass the length of the
remaining space here.

Fixes: aa276781a6 ("firmware: Add basic support for TI System Control Interface (TI-SCI) protocol")
Cc: stable@vger.kernel.org
Acked-by: Nishanth Menon <nm@ti.com>
Acked-by: Santosh Shilimkar <ssantosh@kernel.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2017-05-19 10:31:36 +02:00