After a successful VM-entry with the "VMCS shadowing" VM-execution
control set, the shadow VMCS referenced by the VMCS link pointer field
in the current VMCS becomes active on the logical processor.
A VMCS that is made active on more than one logical processor may become
corrupted. Therefore, before an active VMCS can be migrated to another
logical processor, the first logical processor must execute a VMCLEAR
for the active VMCS. VMCLEAR both ensures that all VMCS data are written
to memory and makes the VMCS inactive.
Signed-off-by: Jim Mattson <jmattson@google.com>
Reviewed-By: David Matlack <dmatlack@google.com>
Message-Id: <1477668579-22555-1-git-send-email-jmattson@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Since commit a545ab6a00 ("kvm: x86: add tsc_offset field to struct
kvm_vcpu_arch", 2016-09-07) the offset between host and L1 TSC is
cached and need not be fished out of the VMCS or VMCB. This means
that we can implement adjust_tsc_offset_guest and read_l1_tsc
entirely in generic code. The simplification is particularly
significant for VMX code, where vmx->nested.vmcs01_tsc_offset
was duplicating what is now in vcpu->arch.tsc_offset. Therefore
the vmcs01_tsc_offset can be dropped completely.
More importantly, this fixes KVM_GET_CLOCK/KVM_SET_CLOCK
which, after commit 108b249c45 ("KVM: x86: introduce get_kvmclock_ns",
2016-09-01) called read_l1_tsc while the VMCS was not loaded.
It thus returned bogus values on Intel CPUs.
Fixes: 108b249c45
Reported-by: Roman Kagan <rkagan@virtuozzo.com>
Reviewed-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
According to the datasheet of the panel, both data, DEN and sync signals
are expected to be driven on the falling edge of the DOTCLK.
The DE is active low according to the documentation.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
According to the datasheet of the panel, both data, DEN and sync signals
are expected to be driven on the falling edge of the DOTCLK.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
According to the datasheet of the panel, both data, DEN and sync signals
are expected to be driven on the falling edge of the DOTCLK.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
According to the datasheet of the panel, both data, DEN and sync signals
are expected to be driven on the falling edge of the DOTCLK.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Use 'vm' to refer to a struct videomode instead of 'p', 't', 'timings' or
something else.
The code will be easier to follow if we use consistent names.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
omap_video_timings can be replaced with the generic videomode in omapdrm
and the omap_video_timings can be removed.
This patch will replace the omap_video_timings with videomode.
With the change we no longer need the functions to convert to/from
videomode and drm_display_mode to omap_video_timings, these can be removed
as well.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
omap_video_timings struct have the same members as struct videomode, but
their types are different. As first step change the types of the
omap_video_timings struct members to match their counterpart in
struct videomode to catch any type cast related issues.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information use display_flags for sync edge.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information use display_flags for pixel data edge.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information use display_flags for double_pixel mode.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information use display_flags for DE level.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information use display_flags for h/vsync level.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Instead of passing the omap_video_timings structure's members individually,
use the pointer to the struct.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Remove the interlace member and add display_flags to omap_video_timings to
configure the interlace mode.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
By using a pointer to the omap_mode_timings struct we can unwrap lines to
make the code easier to follow.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the vbp member to vback_porch.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the vfp member to vfront_porch.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the vsw member to vsync_len.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the hbp member to hback_porch.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the hfp member to hfront_porch.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the hsw member to hsync_len.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the y_res member to vactive.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
In preparation to move the stack to use the generic videmode struct for
display timing information rename the x_res member to hactive.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Configure the DISPLAY_FLAGS_SYNC_POSEDGE/NEGEDGE flags according to the
binding document.
If the syncclk-active is present in DT, configure the flags accordingly, if
it is omitted it means that the SYNC edge is following the pixdata
configuration.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
CC: Rob Herring <robh+dt@kernel.org>
CC: Mark Rutland <mark.rutland@arm.com>
CC: devicetree@vger.kernel.org
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
The sync can be - and for some panels it must be - driven on different edge
then the data.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
CC: Rob Herring <robh+dt@kernel.org>
CC: Mark Rutland <mark.rutland@arm.com>
CC: devicetree@vger.kernel.org
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
There are display panels which demands that the sync signal is driven on
different edge than the pixel data.
With the syncclk-active property we can specify the clk edge to be used to
drive the sync signal. When the property is missing it indicates that the
sync is driven on the same edge as the pixel data.
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
CC: Rob Herring <robh+dt@kernel.org>
CC: Mark Rutland <mark.rutland@arm.com>
CC: devicetree@vger.kernel.org
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Fix the retrn value check which testing the wrong variable
in dsi_bind().
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Reviewed-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
It might be possible that the page has been unmapped already in
omap_gem_cpu_sync() so check before calling dma_unmap_page().
Signed-off-by: Peter Ujfalusi <peter.ujfalusi@ti.com>
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
omap_plane_atomic_update() does WARN_ON() if dispc rejects the given
plane config. Change that to dev_err() to lessen the possible spam.
To fix this correctly, the plane setup needs much more work by creating
a check function for dispc setup, so that we could reliably check the
config in atomic_check, instead of only noticing the problem when
programming dispc.
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Clean up omap_plane_atomic_check() with:
- Check state->fb first. If no fb, return 0.
- use drm_atomic_get_existing_crtc_state() instead of
drm_atomic_get_crtc_state()
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
I sometimes see:
[drm:drm_framebuffer_remove [drm]] *ERROR* failed to reset crtc ed2a6c00
when fb was deleted: -22
which comes from drm_framebuffer_remove() when it's disabling the crtc
with zeroed drm_mode_set.
The problem in omap_plane_atomic_check() is that it will use those
zeroed fields to verify if the setup is correct.
This patch makes omap_plane_atomic_check() return 0 if the crtc is
disabled.
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ti.com>
Just minor tweaks, there's nothing major in this cycle.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAABAgAGBQJYFnb+AAoJECgfDbjSjVRpBD4IAKjmFLG6rcswWwYVSNwxMcEX
6gxStyojtx9jTdQhjYUeC4KJmPozGn9mxEyHuWHNAqWWP/nASbViXYDwVm9xv/14
TxuApiOJ9tFB0DYlduGDQbS5D6m3WSk7U2s71pwC0g2YPx1EQc8jHbeT09Jn5qVw
6A099BILekts/lN6s9ST+6CAHBLTkZGB6iyAb+zAh+KN+VRX3ikpOjebgUjzO1+P
hLJc+lgfls+cwuhwO5A+Pg1PMrJ455A/gdEVUfMbbj8BAkihueUHPUzkc702Y5h2
j3AfCLJdCBIR/k3+R9Du0IcK0mXioZtiBPfREGQ+kI0ukauFDhtKgjaOd0bmU4s=
=ASeM
-----END PGP SIGNATURE-----
Merge tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost
Pull virtio updates from Michael Tsirkin:
"Tests, fixes and cleanups.
Just minor tweaks, there's nothing major in this cycle"
* tag 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost:
virtio_ring: mark vring_dma_dev inline
virtio/vhost: add Jason to list of maintainers
virtio_blk: Delete an unnecessary initialisation in init_vq()
virtio_blk: Use kmalloc_array() in init_vq()
virtio: remove config.c
virtio: console: Unlock vqs while freeing buffers
ringtest: poll for new buffers once before updating event index
ringtest: commonize implementation of poll_avail/poll_used
ringtest: use link-time optimization
virtio: update balloon size in balloon "probe"
virtio_ring: Make interrupt suppression spec compliant
virtio_pci: Limit DMA mask to 44 bits for legacy virtio devices
The underlying transport releases the page pointed to by rq_buffer
during xprt_rdma_bc_send_request. When the backchannel reply arrives,
rq_rbuffer then points to freed memory.
Fixes: 68778945e4 ('SUNRPC: Separate buffer pointers for RPC ...')
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Cc: Jeff Layton <jlayton@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
This fixes the irq allocation in this driver to not print:
irq: Cannot allocate irq_descs @ IRQ34, assuming pre-allocated
irq: Cannot allocate irq_descs @ IRQ66, assuming pre-allocated
Which happens because the driver already called irq_alloc_descs()
and so the change to use irq_domain_add_simple resulted in calling
irq_alloc_descs() twice.
Modernize the irq allocation in this driver to use the
irq_domain_add_linear flow directly and eliminate the use of
irq_domain_add_simple/legacy
Fixes: ce931f571b ("gpio/mvebu: convert to use irq_domain_add_simple()")
Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
If something goes wrong with task stack refcounting and a stack
refcount hits zero too early, warn and leak it rather than
potentially freeing it early (and silently).
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/f29119c783a9680a4b4656e751b6123917ace94b.1477926663.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Check whether the kernel really supports power resources for a device,
otherwise the power might not be removed when the device is runtime
suspended (DSM should still work in these cases where PR does not).
This is a workaround for a problem where ACPICA and Windows 10 differ in
behavior. ACPICA does not correctly enumerate power resources within a
conditional block (due to delayed execution of such blocks) and as a
result power_resources is set to false even if _PR3 exists.
Fixes: 692a17dcc2 ("drm/nouveau/acpi: fix lockup with PCIe runtime PM")
Link: https://bugs.freedesktop.org/show_bug.cgi?id=98398
Reported-and-tested-by: Rick Kerkhof <rick.2889@gmail.com>
Reviewed-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Cc: stable@vger.kernel.org # v4.8+
Signed-off-by: Peter Wu <peter@lekensteyn.nl>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Sylvain Lemieux reports the LPC32xx GPIO driver is broken since
commit 762c2e46c0 ("gpio: of: remove of_gpiochip_and_xlate() and
struct gg_data"). Probably, gpio-etraxfs.c and gpio-davinci.c are
broken too.
Those drivers register multiple gpio_chip that are associated to a
single OF node, and their own .of_xlate() checks if the passed
gpio_chip is valid.
Now, the problem is of_find_gpiochip_by_node() returns the first
gpio_chip found to match the given node. So, .of_xlate() fails,
except for the first GPIO bank.
Reverting the commit could be a solution, but I do not want to go
back to the mess of struct gg_data. Another solution here is to
take the match by a node pointer and the success of .of_xlate().
It is a bit clumsy to call .of_xlate twice; for gpio_chip matching
and for really getting the gpio_desc index. Perhaps, our long-term
goal might be to convert the drivers to single chip registration,
but this commit will solve the problem until then.
Fixes: 762c2e46c0 ("gpio: of: remove of_gpiochip_and_xlate() and struct gg_data")
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reported-by: Sylvain Lemieux <slemieux.tyco@gmail.com>
Tested-by: David Lechner <david@lechnology.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
When allocating a new line handle or event a file is allocated that it is
associated to. The file is attached to a file descriptor of the current
process and the file descriptor is returned to userspace using
copy_to_user(). If this copy operation fails the line handle or event
allocation is aborted, all acquired resources are freed and an error is
returned.
But the file struct is not freed and left attached to the userspace
application and even though the file descriptor number was not copied it is
trivial to guess. If a userspace application performs a IOCTL on such a
left over file descriptor it will trigger a use-after-free and if the file
descriptor is closed (latest when the application exits) a double-free is
triggered.
anon_inode_getfd() performs 3 tasks, allocate a file struct, allocate a
file descriptor for the current process and install the file struct in the
file descriptor. As soon as the file struct is installed in the file
descriptor it is accessible by userspace (even if the IOCTL itself hasn't
completed yet), this means uninstalling the fd on the error path is not an
option, since userspace might already got a reference to the file.
Instead anon_inode_getfd() needs to be broken into its individual steps.
The allocation of the file struct and file descriptor is done first, then
the copy_to_user() is executed and only if it succeeds the file is
installed.
Since the file struct is reference counted it can not be just freed, but
its reference needs to be dropped, which will also call the release()
callback, which will free the state attached to the file. So in this case
the normal error cleanup path should not be taken.
Cc: stable@vger.kernel.org
Fixes: d932cd4918 ("gpio: free handles in fringe cases")
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
A few small fixes for SPI, one core fix that only applies in cases where
we're handling DT overlays and a couple of driver specific fixes:
- Fix handling of error cases when instantiating DT overlays so we
don't end up just ignoring devices that encountered an error during
instantiation.
- Avoid reading uninitialized data when handing spurious interrupts
in the espi driver.
- A driver specific fix for the dspi driver to fix a bad interaction
with u-boot.
-----BEGIN PGP SIGNATURE-----
iQEwBAABCAAaBQJYF4M5Exxicm9vbmllQGtlcm5lbC5vcmcACgkQJNaLcl1Uh9BF
yAf+KC6vYTX8ySbfie5vAjCezUoujdHhjy8uO5dKX4OLGz3UhFZ0bpCgBlGx5XGw
KBllfiA+fkKrxBvJCPIvRW33UDXLTRDAiCTw4nT9FoYEsSotApJ62kElRulz850c
3l1n8/+WuAw2khq89r+MYDVLZZ1ssUNkj4hug+EKipibBHNV/z1P0GPRthGzRzmV
VcQ/JBPhKhqF1+N2gGS099N5+vic7pPQUGxVpjdrFColyuRtwmXJfynZYxHM7GjD
UcmgzOwN7EuKZZgkBG2bZAyDZSNFTkNljOxiDeVCkJVyK4Oj1YPkQ6NWjGtIVNAW
AtmptgxAcqqhA+tAPyhpFeHG+Q==
=zMqg
-----END PGP SIGNATURE-----
Merge tag 'spi-fix-v4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi
Pull spi fixes from Mark Brown: "A few small fixes for SPI, one core fix
that only applies in cases where we're handling DT overlays and a
couple of driver specific fixes:
- Fix handling of error cases when instantiating DT overlays so we
don't end up just ignoring devices that encountered an error during
instantiation.
- Avoid reading uninitialized data when handing spurious interrupts
in the espi driver.
- A driver specific fix for the dspi driver to fix a bad interaction
with u-boot"
* tag 'spi-fix-v4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
spi: dspi: clear SPI_SR before enable interrupt
spi: fsl-espi: avoid processing uninitalized data on error
spi: mark device nodes only in case of successful instantiation
The stack frame size could grow too large when the plugin used long long
on 32-bit architectures when the given function had too many basic blocks.
The gcc warning was:
drivers/pci/hotplug/ibmphp_ebda.c: In function 'ibmphp_access_ebda':
drivers/pci/hotplug/ibmphp_ebda.c:409:1: warning: the frame size of 1108 bytes is larger than 1024 bytes [-Wframe-larger-than=]
This switches latent_entropy from u64 to unsigned long.
Thanks to PaX Team and Emese Revfy for the patch.
Signed-off-by: Kees Cook <keescook@chromium.org>
A new warning was introduced for missing information about the time that
regulators take to power on in v4.9. This is in theory a real issue but
for most practical regulators the communication overhead of talking to
the device is greater than the ramp time so a lot of drivers don't set
it and the warning is far too noisy without identifying practical
issues. Just remove the warning for now.
-----BEGIN PGP SIGNATURE-----
iQEwBAABCAAaBQJYF3a0Exxicm9vbmllQGtlcm5lbC5vcmcACgkQJNaLcl1Uh9DF
Jwf/dnH06enDvPjUvoqX+V6eT++FUI7DeIoMVNGCEYiJtqUmpLWSvbJ2IT68AEks
4IroBUEA57JE7sQ+gd0H6ZiXCq7Pk2QPD+bpnH5aJIdRpLGn9ew4o0p/3DGjS43q
V0A6N83BeWHeDAeyu6NSo9aAdTwD5ENCuy1XqhEVMFSPpUqutyfDgqSzFtCO4Cl9
MnoTv7be37YNFb+JsFlTdOmThfmtLoJJGd8E4/bUqBb36FoYLyGVNvEE0Xwagc8Q
dcUZXYqfw8qMWipCxBM2wdv/lXJQAFpAbuftACnaz+jmpAbOsWRZ2QmcBPQOxDhn
oif0/hccYoIcW0knMbhEx6yERQ==
=7KoE
-----END PGP SIGNATURE-----
Merge tag 'regulator-fix-v4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator
Pull regulator fix from Mark Brown:
"Fix ramp_delay warnings for v4.9
A new warning was introduced for missing information about the time
that regulators take to power on in v4.9. This is in theory a real
issue but for most practical regulators the communication overhead of
talking to the device is greater than the ramp time so a lot of
drivers don't set it and the warning is far too noisy without
identifying practical issues.
Just remove the warning for now"
* tag 'regulator-fix-v4.9-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:
regulator: core: silence warning: "VDD1: ramp_delay not set"
