Firstly by applying the following with coccinelle's spatch:
@@ expression SB; @@
-SB->s_flags & MS_RDONLY
+sb_rdonly(SB)
to effect the conversion to sb_rdonly(sb), then by applying:
@@ expression A, SB; @@
(
-(!sb_rdonly(SB)) && A
+!sb_rdonly(SB) && A
|
-A != (sb_rdonly(SB))
+A != sb_rdonly(SB)
|
-A == (sb_rdonly(SB))
+A == sb_rdonly(SB)
|
-!(sb_rdonly(SB))
+!sb_rdonly(SB)
|
-A && (sb_rdonly(SB))
+A && sb_rdonly(SB)
|
-A || (sb_rdonly(SB))
+A || sb_rdonly(SB)
|
-(sb_rdonly(SB)) != A
+sb_rdonly(SB) != A
|
-(sb_rdonly(SB)) == A
+sb_rdonly(SB) == A
|
-(sb_rdonly(SB)) && A
+sb_rdonly(SB) && A
|
-(sb_rdonly(SB)) || A
+sb_rdonly(SB) || A
)
@@ expression A, B, SB; @@
(
-(sb_rdonly(SB)) ? 1 : 0
+sb_rdonly(SB)
|
-(sb_rdonly(SB)) ? A : B
+sb_rdonly(SB) ? A : B
)
to remove left over excess bracketage and finally by applying:
@@ expression A, SB; @@
(
-(A & MS_RDONLY) != sb_rdonly(SB)
+(bool)(A & MS_RDONLY) != sb_rdonly(SB)
|
-(A & MS_RDONLY) == sb_rdonly(SB)
+(bool)(A & MS_RDONLY) == sb_rdonly(SB)
)
to make comparisons against the result of sb_rdonly() (which is a bool)
work correctly.
Signed-off-by: David Howells <dhowells@redhat.com>
Conflicts:
drivers/scsi/ufs/ufshcd.c Checked out ' 39f4ec1ef6 ', similar fix was found in source
drivers/staging/android/ashmem.c
drivers/usb/gadget/function/u_serial.c
fs/ext4/ext4.h
security/selinux/avc.c
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5oitoACgkQONu9yGCS
aT617Q/8Dk8BDWkAeGzyxkdSmSwHbF/fRsF14iCXZdH4896J4Lpti6ku5XvTfzqq
8gQqjo36FP5/8gohuc5vwZCPnUzEw6MAzF5jR/T6uNny5wsS1I/TP9SsggEhUF5Z
e6qg6OyRKOyfT0Q46bZMslJRQzqyZikVIr0IflP20emIBo2okAg1N+fHdhhpeqKk
3+dagpksRwCtaWGROO9jV9rcuvFR9WbR3UuuJr+MLRbF2Hp2MBK6VWq3qhbLEhd9
E23rlpZ/qJGiTtUbMzw5DqRCnqYlz2Gf02mltjKPOhnzEl1NmLCP29qygkluUI/Q
a7a3lw+XLlhd1adXS+xg3jv9Nkl3gjCgS7VPqVJEdzaTFh/TvEaC4jJxLXlyATEr
t6C3y6pa2eHK/Qj5jfDzV/nIJI5z0AcRgMW/0Hkyb8effxad4DaxSdQ8SQmpLaDd
wNwKAEhxFeAjJXoQOdrKiSGrPe8/h4pq3UNFajA9YvB8hxjN2TS/5X4Fh//uLtB9
VEzKw8d2XlutIDqpF6QRrQZZZ88dDHPALpcAEIVDbBWT1gjSGPOWCVZtybIlbgw5
9shE/kQRUMChEf4LAuWtjhx3TOHUa3faaRIIvCGW2TPPdXfkHgto8G79M7IOfxAf
tygDixkP2tDPJju0VRbcOp+Z+f7yOZbxXgV63aXQPj8h0nWJJpA=
=KwBy
-----END PGP SIGNATURE-----
Merge 4.9.216 into android-4.9-q
Changes in 4.9.216
iwlwifi: pcie: fix rb_allocator workqueue allocation
ext4: fix potential race between online resizing and write operations
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between s_group_info online resizing and access
ipmi:ssif: Handle a possible NULL pointer reference
drm/msm: Set dma maximum segment size for mdss
mac80211: consider more elements in parsing CRC
cfg80211: check wiphy driver existence for drvinfo report
qmi_wwan: re-add DW5821e pre-production variant
net: ena: fix potential crash when rxfh key is NULL
net: ena: add missing ethtool TX timestamping indication
net: ena: fix incorrect default RSS key
net: ena: rss: fix failure to get indirection table
net: ena: rss: store hash function as values and not bits
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: ena-com.c: prevent NULL pointer dereference
cifs: Fix mode output in debugging statements
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
sysrq: Restore original console_loglevel when sysrq disabled
sysrq: Remove duplicated sysrq message
net: fib_rules: Correctly set table field when table number exceeds 8 bits
net: phy: restore mdio regs in the iproc mdio driver
ipv6: Fix nlmsg_flags when splitting a multipath route
ipv6: Fix route replacement with dev-only route
sctp: move the format error check out of __sctp_sf_do_9_1_abort
nfc: pn544: Fix occasional HW initialization failure
net: sched: correct flower port blocking
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
audit: fix error handling in audit_data_to_entry()
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
ACPI: watchdog: Fix gas->access_width usage
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: core: increase HID report buffer size to 8KiB
HID: hiddev: Fix race in in hiddev_disconnect()
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
i2c: jz4780: silence log flood on txabrt
ecryptfs: Fix up bad backport of fe2e082f5da5b4a0a92ae32978f81507ef37ec66
serial: 8250: Check UPF_IRQ_SHARED in advance
include/linux/bitops.h: introduce BITS_PER_TYPE
net: netlink: cap max groups which will be considered in netlink_bind()
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
namei: only return -ECHILD from follow_dotdot_rcu()
KVM: Check for a bad hva before dropping into the ghc slow path
slip: stop double free sl->dev in slip_open
tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
mm/huge_memory.c: use head to check huge zero page
audit: always check the netlink payload length in audit_receive_msg()
vhost: Check docket sk_family instead of call getname
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
usb: gadget: composite: Support more than 500mA MaxPower
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: serial: fix Tx stall after buffer overflow
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/dsi: save pll state before dsi host is powered off
net: ks8851-ml: Remove 8-bit bus accessors
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Fix 16-bit IO operation
watchdog: da9062: do not ping the hw during stop()
s390/cio: cio_ignore_proc_seq_next should increase position index
cifs: don't leak -EAGAIN for stat() during reconnect
usb: storage: Add quirk for Samsung Fit flash
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: port: do error out if usb_autopm_get_interface() fails
vgacon: Fix a UAF in vgacon_invert_region
fat: fix uninit-memory access for partial initialized inode
tty:serial:mvebu-uart:fix a wrong return
vt: selection, close sel_buffer race
vt: selection, push console lock down
vt: selection, push sel_lock up
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
dmaengine: tegra-apb: Fix use-after-free
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
RDMA/iwcm: Fix iwcm work deallocation
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
ARM: imx: build v7_cpu_resume() unconditionally
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
dm cache: fix a crash due to incorrect work item cancelling
crypto: algif_skcipher - use ZERO_OR_NULL_PTR in skcipher_recvmsg_async
Linux 4.9.216
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id92ae78607b020bf7f2af83481404628e694c230
commit 7c990728b99ed6fbe9c75fc202fce1172d9916da upstream.
During an online resize an array of s_flex_groups structures gets replaced
so it can get enlarged. If there is a concurrent access to the array and
this memory has been reused then this can lead to an invalid memory access.
The s_flex_group array has been converted into an array of pointers rather
than an array of structures. This is to ensure that the information
contained in the structures cannot get out of sync during a resize due to
an accessor updating the value in the old structure after it has been
copied but before the array pointer is updated. Since the structures them-
selves are no longer copied but only the pointers to them this case is
mitigated.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206443
Link: https://lore.kernel.org/r/20200221053458.730016-4-tytso@mit.edu
Signed-off-by: Suraj Jitindar Singh <surajjs@amazon.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org # 4.4.x
Cc: stable@kernel.org # 4.9.x
Signed-off-by: Sasha Levin <sashal@kernel.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlt0UY8ACgkQONu9yGCS
aT7S6hAAlsHMdJgnhCQ06Ec1ld1b3Q7tehn+xVFgWAPyHm/L3koM/78IMjo7ZYCV
IxiIQyQ+JCn9DXQb2nqeEFgo8DYo83KvBkIgI+GQZHuVp+Dp9AvQLV8Bm3CQwiCY
LPlP1sWs0xRZxovazMJ5MLsAOf9hZVkpwWoQHrEQMlUHpKYwf6GRBteZ6C3evZ4G
lPo5N986h2YDYA3FLA2h5EeFS2H39bgbnepJ6/4/cYBpDy443X3TrV6UZjDDhHST
6XYPuqoApz+QIk2x2FfhVbZUb8WtPJNg/6IunOhlaUH/WCEN05lQ2x0jXAA4jOV/
Z2QyGnqsD8hMleDeakzo+yggaECkK2n+b6SicmomXWj7ILmBCrAIG0dOtPksmAaw
JP9mOKz5b87N2GOShSvj9LXuFOIO7TVvwFZCo4oYxkaW6ROxSO7Ffkiv8I6imMn5
zPGSBG4Pr9eQfeO+IK2JAxrULICcFbh57XXEP5x7MH78yRw4hG++BtWg62pI7TQl
l3zZ/eY8wKjTlNQbFkSAPenMypPic6w5NRA9tHST5XrwZkF0nzMWDz/1mAgOH5jx
XVTK3kZabKAf3YQ2/2nAnUvDM4BsM1SwUxTfc1CNQHIl24G7Y3Z4Vxlfj5orNEQ+
Y5OPKDatNi8gWBecDLNITih7h+WlRn1UKR/v4f8TPV0gyGhn2Vc=
=peDG
-----END PGP SIGNATURE-----
Merge 4.9.120 into android-4.9
Changes in 4.9.120
ext4: fix check to prevent initializing reserved inodes
tpm: fix race condition in tpm_common_write()
parisc: Enable CONFIG_MLONGCALLS by default
parisc: Define mb() and add memory barriers to assembler unlock sequences
kasan: add no_sanitize attribute for clang builds
Mark HI and TASKLET softirq synchronous
xen/netfront: don't cache skb_shinfo()
ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled
init: rename and re-order boot_cpu_state_init()
root dentries need RCU-delayed freeing
make sure that __dentry_kill() always invalidates d_seq, unhashed or not
fix mntput/mntput race
fix __legitimize_mnt()/mntput() race
proc/sysctl: prune stale dentries during unregistering
proc/sysctl: Don't grab i_lock under sysctl_lock.
proc: Fix proc_sys_prune_dcache to hold a sb reference
IB/core: Make testing MR flags for writability a static inline function
IB/mlx4: Mark user MR as writable if actual virtual memory is writable
mtd: nand: qcom: Add a NULL check for devm_kasprintf()
IB/ocrdma: fix out of bounds access to local buffer
ARM: dts: imx6sx: fix irq for pcie bridge
x86/paravirt: Fix spectre-v2 mitigations for paravirt guests
x86/speculation: Protect against userspace-userspace spectreRSB
kprobes/x86: Fix %p uses in error messages
x86/irqflags: Provide a declaration for native_save_fl
x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT
mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1
x86/speculation/l1tf: Change order of offset/type in swap entry
x86/speculation/l1tf: Protect swap entries against L1TF
x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation
x86/speculation/l1tf: Make sure the first page is always reserved
x86/speculation/l1tf: Add sysfs reporting for l1tf
x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings
x86/speculation/l1tf: Limit swap file size to MAX_PA/2
x86/bugs: Move the l1tf function and define pr_fmt properly
x86/smp: Provide topology_is_primary_thread()
x86/topology: Provide topology_smt_supported()
cpu/hotplug: Make bringup/teardown of smp threads symmetric
cpu/hotplug: Split do_cpu_down()
cpu/hotplug: Provide knobs to control SMT
x86/cpu: Remove the pointless CPU printout
x86/cpu/AMD: Remove the pointless detect_ht() call
x86/cpu/common: Provide detect_ht_early()
x86/cpu/topology: Provide detect_extended_topology_early()
x86/cpu/intel: Evaluate smp_num_siblings early
x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info
x86/cpu/AMD: Evaluate smp_num_siblings early
x86/apic: Ignore secondary threads if nosmt=force
x86/speculation/l1tf: Extend 64bit swap file size limit
x86/cpufeatures: Add detection of L1D cache flush support.
x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings
x86/speculation/l1tf: Protect PAE swap entries against L1TF
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
Revert "x86/apic: Ignore secondary threads if nosmt=force"
cpu/hotplug: Boot HT siblings at least once
x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present
x86/KVM/VMX: Add module argument for L1TF mitigation
x86/KVM/VMX: Add L1D flush algorithm
x86/KVM/VMX: Add L1D MSR based flush
x86/KVM/VMX: Add L1D flush logic
kvm: nVMX: Update MSR load counts on a VMCS switch
x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers
x86/KVM/VMX: Add find_msr() helper function
x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting
x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs
x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required
cpu/hotplug: Online siblings when SMT control is turned on
x86/litf: Introduce vmx status variable
x86/kvm: Drop L1TF MSR list approach
x86/l1tf: Handle EPT disabled state proper
x86/kvm: Move l1tf setup function
x86/kvm: Add static key for flush always
x86/kvm: Serialize L1D flush parameter setter
x86/kvm: Allow runtime control of L1D flush
cpu/hotplug: Expose SMT control init function
cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early
x86/bugs, kvm: Introduce boot-time control of L1TF mitigations
Documentation: Add section about CPU vulnerabilities
x86/KVM/VMX: Initialize the vmx_l1d_flush_pages' content
Documentation/l1tf: Fix typos
cpu/hotplug: detect SMT disabled by BIOS
x86/KVM/VMX: Don't set l1tf_flush_l1d to true from vmx_l1d_flush()
x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
x86/irq: Demote irq_cpustat_t::__softirq_pending to u16
x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d
x86: Don't include linux/irq.h from asm/hardirq.h
x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d
x86/KVM/VMX: Don't set l1tf_flush_l1d from vmx_handle_external_intr()
Documentation/l1tf: Remove Yonah processors from not vulnerable list
KVM: x86: Add a framework for supporting MSR-based features
KVM: SVM: Add MSR-based feature support for serializing LFENCE
KVM: X86: Introduce kvm_get_msr_feature()
KVM: X86: Allow userspace to define the microcode version
KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry
KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry
cpu/hotplug: Fix SMT supported evaluation
x86/speculation/l1tf: Invert all not present mappings
x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert
x86/mm/pat: Make set_memory_np() L1TF safe
x86/mm/kmmio: Make the tracer robust against L1TF
tools headers: Synchronise x86 cpufeatures.h for L1TF additions
x86/microcode: Do not upload microcode if CPUs are offline
x86/microcode: Allow late microcode loading with SMT disabled
x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread
cpu/hotplug: Non-SMP machines do not make use of booted_once
x86/init: fix build with CONFIG_SWAP=n
x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures
x86/cpu/amd: Limit cpu_core_id fixup to families older than F17h
x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
Linux 4.9.120
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 5012284700775a4e6e3fbe7eac4c543c4874b559 upstream.
Commit 8844618d8aa7: "ext4: only look at the bg_flags field if it is
valid" will complain if block group zero does not have the
EXT4_BG_INODE_ZEROED flag set. Unfortunately, this is not correct,
since a freshly created file system has this flag cleared. It gets
almost immediately after the file system is mounted read-write --- but
the following somewhat unlikely sequence will end up triggering a
false positive report of a corrupted file system:
mkfs.ext4 /dev/vdc
mount -o ro /dev/vdc /vdc
mount -o remount,rw /dev/vdc
Instead, when initializing the inode table for block group zero, test
to make sure that itable_unused count is not too large, since that is
the case that will result in some or all of the reserved inodes
getting cleared.
This fixes the failures reported by Eric Whiteney when running
generic/230 and generic/231 in the the nojournal test case.
Fixes: 8844618d8aa7 ("ext4: only look at the bg_flags field if it is valid")
Reported-by: Eric Whitney <enwlinux@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltj7k8ACgkQONu9yGCS
aT54oRAAxn5rT7Mp5coJqSYFgkzVPOSzuVy8BKq+cwJYe50Ut5nkmWr11jJEkEi6
GZw8xahCuHECM6yl4NjvKqlM8PyvswZEnsIw5V4A1tjLWBPbatz5pZ3qEOIYt1iE
2EB8Bq/kxW8kLHWxFJqV2mH0w8/6o8IcejdPhN3IEiPouB0aRtzbcF9X3GjVh8Ec
6lX9iDn4lodC/EmGJqBbuWj8DjHyTuMZOd/WUkLlFGCLK2KlF+/AIy3rYlkPf2R2
HQOLXy2ZSeyG3EI+hNHilEr1OVBkddX04QtNzUWDCHaK+OSRl0jamX/J3qymA0WT
OgfwQ67SLqG9QRtM2SpozPq1MjE8SW40pyNePtj6zbndJMEEGRhPYFyyJeL9MtLw
0j63qaQ7A3BygTvj/N194aNyoLZeZ0qMzL9hqP9yGcsh+sW6WkYRdwy6bNGHSzcy
B81XrmObYPVT4tlEFv4wftUFBWQKM6Gv4+VNCEpDVkZCCqnxFN3el1zqMmDjcrPn
rJOsDMwnFS5kj7kDjvQUQc+rRVUi3Xmc4z3D/OYGEQcRHhI0ztcdmqzdGRR54LfO
TL4WnpbIVchKP40RsbcoqgwD/MSThjPbPyXe0Y8cYWae2yigoPe74wvALOHuJ1sv
VXWVBIFQOQmH7Iw8hc20Uwm9wd4DxoVbax8urGON6FJlYviBwlI=
=tLp7
-----END PGP SIGNATURE-----
Merge 4.9.117 into android-4.9
Changes in 4.9.117
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
kvm, mm: account shadow page tables to kmemcg
tracing: Fix double free of event_trigger_data
tracing: Fix possible double free in event_enable_trigger_func()
kthread, tracing: Don't expose half-written comm when creating kthreads
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
tracing: Quiet gcc warning about maybe unused link variable
arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups
usb: dwc2: Fix DMA alignment to start at allocated boundary
kcov: ensure irq code sees a valid area
xen/netfront: raise max number of slots in xennet_get_responses()
ALSA: emu10k1: add error handling for snd_ctl_add
ALSA: fm801: add error handling for snd_ctl_add
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
vfio: platform: Fix reset module leak in error path
mm: vmalloc: avoid racy handling of debugobjects in vunmap
mm/slub.c: add __printf verification to slab_err()
rtc: ensure rtc_set_alarm fails when alarms are not supported
perf tools: Fix pmu events parsing rule
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
infiniband: fix a possible use-after-free bug
powerpc/eeh: Fix use-after-release of EEH driver
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
powerpc/64s: Fix compiler store ordering to SLB shadow area
RDMA/mad: Convert BUG_ONs to error flows
netfilter: nf_tables: check msg_type before nft_trans_set(trans)
pnfs: Don't release the sequence slot until we've processed layoutget on open
disable loading f2fs module on PAGE_SIZE > 4KB
f2fs: fix error path of move_data_page
f2fs: fix to don't trigger writeback during recovery
f2fs: fix to wait page writeback during revoking atomic write
f2fs: Fix deadlock in shutdown ioctl
f2fs: fix race in between GC and atomic open
usbip: usbip_detach: Fix memory, udev context and udev leak
perf/x86/intel/uncore: Correct fixed counter index check in generic code
perf/x86/intel/uncore: Correct fixed counter index check for NHM
selftests/intel_pstate: Improve test, minor fixes
iwlwifi: pcie: fix race in Rx buffer allocator
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
ASoC: dpcm: fix BE dai not hw_free and shutdown
mfd: cros_ec: Fail early if we cannot identify the EC
mwifiex: handle race during mwifiex_usb_disconnect
wlcore: sdio: check for valid platform device data before suspend
media: tw686x: Fix incorrect vb2_mem_ops GFP flags
media: videobuf2-core: don't call memop 'finish' when queueing
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
PCI: Prevent sysfs disable of device while driver is attached
ath: Add regulatory mapping for FCC3_ETSIC
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Bahamas
powerpc/32: Add a missing include header
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/powermac: Mark variable x as unused
powerpc/8xx: fix invalid register expression in head_8xx.S
pinctrl: at91-pio4: add missing of_node_put
bpf: powerpc64: pad function address loads with NOPs
PCI: pciehp: Request control of native hotplug only if supported
net: dsa: qca8k: Add support for QCA8334 switch
mwifiex: correct histogram data with appropriate index
ima: based on policy verify firmware signatures (pre-allocated buffer)
drivers/perf: arm-ccn: don't log to dmesg in event_init
fscrypt: use unbound workqueue for decryption
scsi: ufs: fix exception event handling
ALSA: emu10k1: Rate-limit error messages about page errors
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
ixgbevf: fix MAC address changes through ixgbevf_set_mac()
media: smiapp: fix timeout checking in smiapp_read_nvm
net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
arm64: cmpwait: Clear event register before arming exclusive monitor
HID: hid-plantronics: Re-resend Update to map button for PTT products
drm/radeon: fix mode_valid's return type
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
HID: i2c-hid: check if device is there before really probing
EDAC, altera: Fix ARM64 build warning
ARM: dts: emev2: Add missing interrupt-affinity to PMU node
ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node
nvmem: properly handle returned value nvmem_reg_read
tty: Fix data race in tty_insert_flip_string_fixed_flag
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
libata: Fix command retry decision
media: media-device: fix ioctl function types
media: saa7164: Fix driver name in debug output
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
brcmfmac: Add support for bcm43364 wireless chipset
s390/cpum_sf: Add data entry sizes to sampling trailer entry
perf: fix invalid bit in diagnostic entry
bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only.
scsi: 3w-9xxx: fix a missing-check bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: megaraid: silence a static checker bug
staging: lustre: o2iblnd: fix race at kiblnd_connect_peer
thermal: exynos: fix setting rising_threshold for Exynos5433
bpf: fix references to free_bpf_prog_info() in comments
media: siano: get rid of __le32/__le16 cast warnings
drm/atomic: Handling the case when setting old crtc for plane
ALSA: hda/ca0132: fix build failure when a local macro is defined
mmc: dw_mmc: update actual clock for mmc debugfs
mmc: pwrseq: Use kmalloc_array instead of stack VLA
dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC
dt-bindings: net: meson-dwmac: new compatible name for AXG SoC
stop_machine: Use raw spinlocks
memory: tegra: Do not handle spurious interrupts
memory: tegra: Apply interrupts mask per SoC
arm64: defconfig: Enable Rockchip io-domain driver
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
ipconfig: Correctly initialise ic_nameservers
rsi: Fix 'invalid vdd' warning in mmc
audit: allow not equal op for audit by executable
staging: lustre: llite: correct removexattr detection
staging: lustre: ldlm: free resource when ldlm_lock_create() fails.
serial: core: Make sure compiler barfs for 16-byte earlycon names
microblaze: Fix simpleImage format generation
usb: hub: Don't wait for connect state at resume for powered-off ports
crypto: authencesn - don't leak pointers to authenc keys
crypto: authenc - don't leak pointers to authenc keys
media: omap3isp: fix unbalanced dma_iommu_mapping
scsi: scsi_dh: replace too broad "TP9" string with the exact models
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
media: si470x: fix __be16 annotations
drm: Add DP PSR2 sink enable bit
random: mix rdrand with entropy sent in from userspace
squashfs: be more careful about metadata corruption
ext4: fix inline data updates with checksums enabled
ext4: check for allocation block validity with block group locked
RDMA/uverbs: Protect from attempts to create flows on unsupported QP
net: dsa: qca8k: Force CPU port to its highest bandwidth
net: dsa: qca8k: Enable RXMAC when bringing up a port
net: dsa: qca8k: Add QCA8334 binding documentation
net: dsa: qca8k: Allow overwriting CPU port setting
Linux 4.9.117
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 8d5a803c6a6ce4ec258e31f76059ea5153ba46ef upstream.
With commit 044e6e3d74a3: "ext4: don't update checksum of new
initialized bitmaps" the buffer valid bit will get set without
actually setting up the checksum for the allocation bitmap, since the
checksum will get calculated once we actually allocate an inode or
block.
If we are doing this, then we need to (re-)check the verified bit
after we take the block group lock. Otherwise, we could race with
another process reading and verifying the bitmap, which would then
complain about the checksum being invalid.
1780137
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAltGE6YACgkQONu9yGCS
aT4a9A//ap2CPrG5XxpkUc49TOmaVqE8XS044kX90BCiqwd4u5tKdT/cQZpkoGXo
+BkU43oRCf6Net2bfGDrdQBFV5VH+2ekuhyOaCXo5SXbLw3t4QqiVq4LWh/biwwP
5bfiJvb/8eyRBQfyQJosNMS5z9oNLkN+vZ9Y7W49BV6PV92/RMq2bgTshDaztMIA
fMCOONJX5nZgbRja+WeXOA01NFK2w6wSc+hz3pSVYAwdCYK0ypQllwswYk67+m9P
4BrUJnX+3wlSteJc3etTcm0qk/g+ed+bqsIuhDc9bzIiWvhCa7hIaWcqtJuoExra
jFWu37QGH8D82pvwN9cpJV8JQogiFJqqVmmZ1V9aBym8iKMU73/pAWFdKcp5NQWH
916JRe/b4+Ge0oZ1d1p69IDb92H49XaID9BqxRxvy2GjBDjFsLY6XfeBug/uB0xU
llU9k8e0fCm7Wvr4JZMkMNlQyzDIpFTav0mTHam4AkjMp2ujbuHP6j3amTRplAVf
RIDos296gZvqHq9A2KpTbpLYtZKVk5uFyYI+zaLD2xf8RIOvoa8a0ua8bNv+nBDA
YMtTYrHbGkGG8zhoYBG5ko5paYjWjKZq447VxfOHRgmQRmFzGunY25ONXPmFvLWw
mXdSFkMvqstxbVgak7Fvu0jS4vK4GzUVVJXO38cOXZQqJ/F1B20=
=mDnR
-----END PGP SIGNATURE-----
Merge 4.9.112 into android-4.9
Changes in 4.9.112
usb: cdc_acm: Add quirk for Uniden UBC125 scanner
USB: serial: cp210x: add CESINEL device ids
USB: serial: cp210x: add Silicon Labs IDs for Windows Update
usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub
n_tty: Fix stall at n_tty_receive_char_special().
n_tty: Access echo_* variables carefully.
staging: android: ion: Return an ERR_PTR in ion_map_kernel
vt: prevent leaking uninitialized data to userspace via /dev/vcs*
i2c: rcar: fix resume by always initializing registers before transfer
ipv4: Fix error return value in fib_convert_metrics()
kprobes/x86: Do not modify singlestep buffer while resuming
netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
Revert "sit: reload iphdr in ipip6_rcv"
net: phy: micrel: fix crash when statistic requested for KSZ9031 phy
ARM: dts: imx6q: Use correct SDMA script for SPI5 core
IB/hfi1: Fix user context tail allocation for DMA_RTAIL
x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
x86/cpu: Re-apply forced caps every time CPU caps are re-read
mm: hugetlb: yield when prepping struct pages
tracing: Fix missing return symbol in function_graph output
scsi: sg: mitigate read/write abuse
s390: Correct register corruption in critical section cleanup
drbd: fix access after free
cifs: Fix infinite loop when using hard mount option
drm/udl: fix display corruption of the last line
jbd2: don't mark block as modified if the handle is out of credits
ext4: make sure bitmaps and the inode table don't overlap with bg descriptors
ext4: always check block group bounds in ext4_init_block_bitmap()
ext4: only look at the bg_flags field if it is valid
ext4: verify the depth of extent tree in ext4_find_extent()
ext4: include the illegal physical block in the bad map ext4_error msg
ext4: clear i_data in ext4_inode_info when removing inline data
ext4: add more inode number paranoia checks
ext4: add more mount time checks of the superblock
ext4: check superblock mapped prior to committing
mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers
HID: i2c-hid: Fix "incomplete report" noise
HID: hiddev: fix potential Spectre v1
HID: debug: check length before copy_to_user()
PM / OPP: Update voltage in case freq == old_freq
Kbuild: fix # escaping in .cmd files for future Make
media: cx25840: Use subdev host data for PLL override
mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
dm bufio: avoid sleeping while holding the dm_bufio lock
dm bufio: drop the lock when doing GFP_NOIO allocation
mtd: rawnand: mxc: set spare area size register explicitly
dm bufio: don't take the lock in dm_bufio_shrink_count
mtd: cfi_cmdset_0002: Change definition naming to retry write operation
mtd: cfi_cmdset_0002: Change erase functions to retry for error
mtd: cfi_cmdset_0002: Change erase functions to check chip good only
netfilter: nf_log: don't hold nf_log_mutex during user access
staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()
Linux 4.9.112
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 8844618d8aa7a9973e7b527d038a2a589665002c upstream.
The bg_flags field in the block group descripts is only valid if the
uninit_bg or metadata_csum feature is enabled. We were not
consistently looking at this field; fix this.
Also block group #0 must never have uninitialized allocation bitmaps,
or need to be zeroed, since that's where the root inode, and other
special inodes are set up. Check for these conditions and mark the
file system as corrupted if they are detected.
This addresses CVE-2018-10876.
https://bugzilla.kernel.org/show_bug.cgi?id=199403
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlro5ncACgkQONu9yGCS
aT4mDQ//U/INSIotnD9nahF/bYu4Ga4gWN3Wy8KsZKt3hH3ZeXi3iDx8dZyY5Cce
cjTWkx0ydpBX6l+hSl+5QRg+JsuYwbceR8CyftgluTz6/TdyfJVxzEQ+hLzHNAVh
ogazH9UVmjEMCXyvz75PWdYts0azVF6htym2XPSA46/JjH9n/Y6jXLS647QyDFf+
SnqN8bAmFd87AOPAhCVm59Es6FLX6SI/eDd6HCw/2V5nA4TtV70m/dUkLi6ZHtC5
8539CWnlrjBNj5ZLKIHutMqJQ+pXr//ZXLTI0cSiNO5dDyWhLaohNAezKU8GrN6C
phM86GkeBfDCeyZnDwygEVLXAcPbvN/tZCcQRuo7d9sI378w2/T+HHLqj5v7fi2E
fcmPlqlAq8DWYj2zWML+gYJwBfSdi+AzA/+67F3+nao7ckLyC1mUDZ+LPl4eoC5s
Ci1qwczB3C8STEhssbNh7YYzuhVqdBW/WiOIupE5fq5IehD1oGlHX3MnWt81v1Ro
zseeWewgnkkGlxIT0u5bTAVby3rFseAje8p4sszqwh5oTh0e57d/ptYoW9gIiEdX
DjVojcy3+lGGxJZKF7knE3ftqXQgrFd8SLo9zxE4W3/rM9fjBxgjPzdcix/GaPr2
lDKUu4R/ykD8JR9nLTRkGDbmFKh88eDehU7zzTFr3JsoIrLtcVU=
=adH3
-----END PGP SIGNATURE-----
Merge 4.9.98 into android-4.9
Changes in 4.9.98
ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
ext4: set h_journal if there is a failure starting a reserved handle
ext4: add validity checks for bitmap block numbers
ext4: fix bitmap position validation
random: set up the NUMA crng instances after the CRNG is fully initialized
random: fix possible sleeping allocation from irq context
random: rate limit unseeded randomness warnings
usbip: usbip_event: fix to not print kernel pointer address
usbip: usbip_host: fix to hold parent lock for device_attach() calls
usbip: vhci_hcd: Fix usb device and sockfd leaks
USB: serial: simple: add libtransistor console
USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
USB: serial: cp210x: add ID for NI USB serial console
usb: core: Add quirk for HP v222w 16GB Mini
USB: Increment wakeup count on remote wakeup.
ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
virtio: add ability to iterate over vqs
virtio_console: free buffers after reset
drm/virtio: fix vq wait_event condition
tty: Don't call panic() at tty_ldisc_init()
tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
tty: Use __GFP_NOFAIL for tty_ldisc_get()
ALSA: dice: fix OUI for TC group
ALSA: dice: fix error path to destroy initialized stream data
ALSA: opl3: Hardening for potential Spectre v1
ALSA: asihpi: Hardening for potential Spectre v1
ALSA: hdspm: Hardening for potential Spectre v1
ALSA: rme9652: Hardening for potential Spectre v1
ALSA: control: Hardening for potential Spectre v1
ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
ALSA: seq: oss: Hardening for potential Spectre v1
ALSA: hda: Hardening for potential Spectre v1
ALSA: hda/realtek - Add some fixes for ALC233
mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
kobject: don't use WARN for registration failures
scsi: sd: Defer spinning up drive while SANITIZE is in progress
PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
PCI: aardvark: Fix PCIe Max Read Request Size setting
ARM: amba: Make driver_override output consistent with other buses
ARM: amba: Fix race condition with driver_override
ARM: amba: Don't read past the end of sysfs "driver_override" buffer
crypto: drbg - set freed buffers to NULL
ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
libceph: un-backoff on tick when we have a authenticated session
libceph: reschedule a tick in finish_hunting()
libceph: validate con->state at the top of try_write()
earlycon: Use a pointer table to fix __earlycon_table stride
cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer interrupt
rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
objtool, perf: Fix GCC 8 -Wrestrict error
tools/lib/subcmd/pager.c: do not alias select() params
x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
x86/smpboot: Don't use mwait_play_dead() on AMD systems
x86/microcode/intel: Save microcode patch unconditionally
powerpc/eeh: Fix race with driver un/bind
Linux 4.9.98
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 7dac4a1726a9c64a517d595c40e95e2d0d135f6f upstream.
An privileged attacker can cause a crash by mounting a crafted ext4
image which triggers a out-of-bounds read in the function
ext4_valid_block_bitmap() in fs/ext4/balloc.c.
This issue has been assigned CVE-2018-1093.
BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=199181
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1560782
Reported-by: Wen Xu <wen.xu@gatech.edu>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlre3foACgkQONu9yGCS
aT4ygw/7BxK85/7my26TCcF3NlNfw8x9B1AuEHcjQdUFmSFip9fbolC1VVFQyzWV
1Z6sK5LKrFU/234A4LVW+6oFVnUi8VvX5RnWNqRLj/xpPyv/L5PsG4A7VwQLZDCj
yn6OrIkQ2czv3oio9R8bz1DFxrPsxoCdrMzV1xR/tbWQJscSRSomBSNstZ63lGQP
FleS//hG21092lM0EDPQRfc9/xnwJFMKJoCwBrf6SUR7CK2ZdYp+w+HoeP5BSA49
BCDdMU6wi63gTdfGFJa76VcKuFxRRic3F9VVJwOuYPCfCpgNz7GiUaGXirNCRSxD
F0VveFMx9lOrxMCyDDEoj3lRaZ4FrhwFOF+Q0RK4/p8XH8Pr9emvt4beOeYNk3ev
dFvCI/zA3zmDj8ppB+ZnKq9GTRSuNZ5sw4q7AyFu6fm0mSMV84ZRHgCrVbJkis3i
VDnu6V+Nd9ZYP6rR6AegtQwFM3OReVVJG4ZpB17PZOebLdM+n4DsmqDCgvhFboVP
WowtlR13GIn6ER7hiHfOlwv3CtTUspRrAZi73F8aEA7gdoYzGc8/9Q1fA738WiI4
46utL18qyfjzwbwmI9dtFx1SLkrobSJ+X88PLquLYNUleoxbLx/2u4+v+gm0P4xo
yQGPjIv+kms+rbwPR3ogMKqC2GrYYJs4uHBEPJboJWzYVoPAaEs=
=yoJG
-----END PGP SIGNATURE-----
Merge 4.9.96 into android-4.9
Changes in 4.9.96
tty: make n_tty_read() always abort if hangup is in progress
ubifs: Check ubifs_wbuf_sync() return code
ubi: fastmap: Don't flush fastmap work on detach
ubi: Fix error for write access
ubi: Reject MLC NAND
fs/reiserfs/journal.c: add missing resierfs_warning() arg
resource: fix integer overflow at reallocation
ipc/shm: fix use-after-free of shm file via remap_file_pages()
mm, slab: reschedule cache_reap() on the same CPU
usb: musb: gadget: misplaced out of bounds check
usb: gadget: udc: core: update usb_ep_queue() documentation
ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property
ARM: dts: exynos: Fix IOMMU support for GScaler devices on Exynos5250
ARM: dts: at91: sama5d4: fix pinctrl compatible string
spi: Fix scatterlist elements size in spi_map_buf
xen-netfront: Fix hang on device removal
regmap: Fix reversed bounds check in regmap_raw_write()
ACPI / video: Add quirk to force acpi-video backlight on Samsung 670Z5E
ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status()
USB: gadget: f_midi: fixing a possible double-free in f_midi
USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw
usb: dwc3: pci: Properly cleanup resource
smb3: Fix root directory when server returns inode number of zero
HID: i2c-hid: fix size check and type usage
powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write()
powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently
powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops
powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops
HID: Fix hid_report_len usage
HID: core: Fix size as type u32
ASoC: ssm2602: Replace reg_default_raw with reg_default
thunderbolt: Resume control channel after hibernation image is created
irqchip/gic: Take lock when updating irq type
random: use a tighter cap in credit_entropy_bits_safe()
jbd2: if the journal is aborted then don't allow update of the log tail
ext4: don't update checksum of new initialized bitmaps
ext4: protect i_disksize update by i_data_sem in direct write path
ext4: fail ext4_iget for root directory if unallocated
RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
RDMA/rxe: Fix an out-of-bounds read
ALSA: pcm: Fix UAF at PCM release via PCM timer access
IB/srp: Fix srp_abort()
IB/srp: Fix completion vector assignment algorithm
dmaengine: at_xdmac: fix rare residue corruption
libnvdimm, namespace: use a safe lookup for dimm device name
nfit, address-range-scrub: fix scrub in-progress reporting
um: Compile with modern headers
um: Use POSIX ucontext_t instead of struct ucontext
iommu/vt-d: Fix a potential memory leak
mmc: jz4740: Fix race condition in IRQ mask update
clk: mvebu: armada-38x: add support for 1866MHz variants
clk: mvebu: armada-38x: add support for missing clocks
clk: fix false-positive Wmaybe-uninitialized warning
clk: bcm2835: De-assert/assert PLL reset signal when appropriate
pwm: rcar: Fix a condition to prevent mismatch value setting to duty
thermal: imx: Fix race condition in imx_thermal_probe()
dt-bindings: clock: mediatek: add binding for fixed-factor clock axisel_d4
watchdog: f71808e_wdt: Fix WD_EN register read
vfio/pci: Virtualize Maximum Read Request Size
ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation
ALSA: pcm: Avoid potential races between OSS ioctls and read/write
ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams
ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls
ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
ext4: don't allow r/w mounts if metadata blocks overlap the superblock
drm/amdgpu: Add an ATPX quirk for hybrid laptop
drm/amdgpu: Fix always_valid bos multiple LRU insertions.
drm/amdgpu: Fix PCIe lane width calculation
drm/rockchip: Clear all interrupts before requesting the IRQ
drm/radeon: Fix PCIe lane width calculation
ALSA: line6: Use correct endpoint type for midi output
ALSA: rawmidi: Fix missing input substream checks in compat ioctls
ALSA: hda - New VIA controller suppor no-snoop path
random: fix crng_ready() test
random: crng_reseed() should lock the crng instance that it is modifying
random: add new ioctl RNDRESEEDCRNG
HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device
MIPS: uaccess: Add micromips clobbers to bzero invocation
MIPS: memset.S: EVA & fault support for small_memset
MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup
MIPS: memset.S: Fix clobber of v1 in last_fixup
powerpc/eeh: Fix enabling bridge MMIO windows
powerpc/lib: Fix off-by-one in alternate feature patching
udf: Fix leak of UTF-16 surrogates into encoded strings
jffs2_kill_sb(): deal with failed allocations
hypfs_kill_super(): deal with failed allocations
orangefs_kill_sb(): deal with allocation failures
rpc_pipefs: fix double-dput()
Don't leak MNT_INTERNAL away from internal mounts
autofs: mount point create should honour passed in mode
mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
fanotify: fix logic of events on child
writeback: safer lock nesting
block/mq: fix potential deadlock during cpu hotplug
Linux 4.9.96
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
commit 044e6e3d74a3d7103a0c8a9305dfd94d64000660 upstream.
When reading the inode or block allocation bitmap, if the bitmap needs
to be initialized, do not update the checksum in the block group
descriptor. That's because we're not set up to journal those changes.
Instead, just set the verified bit on the bitmap block, so that it's
not necessary to validate the checksum.
When a block or inode allocation actually happens, at that point the
checksum will be calculated, and update of the bg descriptor block
will be properly journalled.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 54475f531bb8d7078f63c159e5e0615d486c498c ]
As part of an effort to clean up fscrypt-related error codes, make
attempting to create a file in an encrypted directory that hasn't been
"unlocked" fail with ENOKEY. Previously, several error codes were used
for this case, including ENOENT, EACCES, and EPERM, and they were not
consistent between and within filesystems. ENOKEY is a better choice
because it expresses that the failure is due to lacking the encryption
key. It also matches the error code returned when trying to open an
encrypted regular file without the key.
I am not aware of any users who might be relying on the previous
inconsistent error codes, which were never documented anywhere.
This failure case will be exercised by an xfstest.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cherry-picked from upstream-f2fs-stable-linux-4.9.y
Changes include:
commit 30da3a4de9 ("f2fs: hurry up to issue discard after io interruption")
commit d1c363b483 ("f2fs: fix to show correct discard_granularity in sysfs")
...
commit e6b120d4d0 ("f2fs/fscrypt: catch up to v4.12")
commit 4d7931d727 ("KEYS: Differentiate uses of rcu_dereference_key() and user_key_payload()")
Signed-off-by: Hyojun Kim <hyojun@google.com>
Use the ext4_{has,set,clear}_feature_* helpers to replace the old
feature helpers.
Signed-off-by: Kaho Ng <ngkaho1234@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Jan Kara <jack@suse.cz>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
encryption code and switching things over to using the copies in
fs/crypto. I've updated the MAINTAINERS file to add an entry for
fs/crypto listing Jaeguk Kim and myself as the maintainers.
There are also a number of bug fixes, most notably for some problems
found by American Fuzzy Lop (AFL) courtesy of Vegard Nossum. Also
fixed is a writeback deadlock detected by generic/130, and some
potential races in the metadata checksum code.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABCAAGBQJXlbP9AAoJEPL5WVaVDYGjGxgIAJ9YIqme//yix63oHYLhDNea
lY/TLqZrb9/TdDRvGyZa3jYaKaIejL53eEQS9nhEB/JI0sEiDpHmOrDOxdj8Hlsw
fm7nJyh1u4vFKPyklCbIvLAje1vl8X/6OvqQiwh45gIxbbsFftaBWtccW+UtEkIP
Fx65Vk7RehJ/sNrM0cRrwB79YAmDS8P6BPyzdMRk+vO/uFqyq7Auc+pkd+bTlw/m
TDAEIunlk0Ovjx75ru1zaemL1JJx5ffehrJmGCcSUPHVbMObOEKIrlV50gAAKVhO
qbZAri3mhDvyspSLuS/73L9skeCiWFLhvojCBGu4t2aa3JJolmItO7IpKi4HdRU=
=bxGK
-----END PGP SIGNATURE-----
Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 updates from Ted Ts'o:
"The major change this cycle is deleting ext4's copy of the file system
encryption code and switching things over to using the copies in
fs/crypto. I've updated the MAINTAINERS file to add an entry for
fs/crypto listing Jaeguk Kim and myself as the maintainers.
There are also a number of bug fixes, most notably for some problems
found by American Fuzzy Lop (AFL) courtesy of Vegard Nossum. Also
fixed is a writeback deadlock detected by generic/130, and some
potential races in the metadata checksum code"
* tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: (21 commits)
ext4: verify extent header depth
ext4: short-cut orphan cleanup on error
ext4: fix reference counting bug on block allocation error
MAINTAINRES: fs-crypto maintainers update
ext4 crypto: migrate into vfs's crypto engine
ext2: fix filesystem deadlock while reading corrupted xattr block
ext4: fix project quota accounting without quota limits enabled
ext4: validate s_reserved_gdt_blocks on mount
ext4: remove unused page_idx
ext4: don't call ext4_should_journal_data() on the journal inode
ext4: Fix WARN_ON_ONCE in ext4_commit_super()
ext4: fix deadlock during page writeback
ext4: correct error value of function verifying dx checksum
ext4: avoid modifying checksum fields directly during checksum verification
ext4: check for extents that wrap around
jbd2: make journal y2038 safe
jbd2: track more dependencies on transaction commit
jbd2: move lockdep tracking to journal_s
jbd2: move lockdep instrumentation for jbd2 handles
ext4: respect the nobarrier mount option in nojournal mode
...
This patch removes the most parts of internal crypto codes.
And then, it modifies and adds some ext4-specific crypt codes to use the generic
facility.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
This has submit_bh users pass in the operation and flags separately,
so submit_bh_wbc can setup the bio op and bi_rw flags on the bio that
is submitted.
Signed-off-by: Mike Christie <mchristi@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Hannes Reinecke <hare@suse.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
Instead of just printing warning messages, if the orphan list is
corrupted, declare the file system is corrupted. If there are any
reserved inodes in the orphaned inode list, declare the file system
corrupted and stop right away to avoid doing more potential damage to
the file system.
Cc: stable@vger.kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
If the orphaned inode list contains inode #5, ext4_iget() returns a
bad inode (since the bootloader inode should never be referenced
directly). Because of the bad inode, we end up processing the inode
repeatedly and this hangs the machine.
This can be reproduced via:
mke2fs -t ext4 /tmp/foo.img 100
debugfs -w -R "ssv last_orphan 5" /tmp/foo.img
mount -o loop /tmp/foo.img /mnt
(But don't do this if you are using an unpatched kernel if you care
about the system staying functional. :-)
This bug was found by the port of American Fuzzy Lop into the kernel
to find file system problems[1]. (Since it *only* happens if inode #5
shows up on the orphan list --- 3, 7, 8, etc. won't do it, it's not
surprising that AFL needed two hours before it found it.)
[1] http://events.linuxfoundation.org/sites/events/files/slides/AFL%20filesystem%20fuzzing%2C%20Vault%202016_0.pdf
Cc: stable@vger.kernel.org
Reported by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
When block group checksum is wrong, we call ext4_error() while holding
group spinlock from ext4_init_block_bitmap() or
ext4_init_inode_bitmap() which results in scheduling while in atomic.
Fix the issue by calling ext4_error() later after dropping the spinlock.
CC: stable@vger.kernel.org
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Li Xi <lixi@ddn.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Reviewed-by: Jan Kara <jack@suse.cz>
Make the bitmap reaading routines return real error codes (EIO,
EFSCORRUPTED, EFSBADCRC) which can then be reflected back to
userspace for more precise diagnosis work.
In particular, this means that mballoc no longer claims that we're out
of memory if the block bitmaps become corrupt.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Create separate predicate functions to test/set/clear feature flags,
thereby replacing the wordy old macros. Furthermore, clean out the
places where we open-coded feature tests.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Instead of overloading EIO for CRC errors and corrupt structures,
return the same error codes that XFS returns for the same issues.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Factor out calls to ext4_inherit_context() and move them to
__ext4_new_inode(); this fixes a problem where ext4_tmpfile() wasn't
calling calling ext4_inherit_context(), so the temporary file wasn't
getting protected. Since the blocks for the tmpfile could end up on
disk, they really should be protected if the tmpfile is created within
the context of an encrypted directory.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
The superblock fields s_file_encryption_mode and s_dir_encryption_mode
are vestigal, so remove them as a cleanup. While we're at it, allow
file systems with both encryption and inline_data enabled at the same
time to work correctly. We can't have encrypted inodes with inline
data, but there's no reason to prohibit unencrypted inodes from using
the inline data feature.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Pull fourth vfs update from Al Viro:
"d_inode() annotations from David Howells (sat in for-next since before
the beginning of merge window) + four assorted fixes"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
RCU pathwalk breakage when running into a symlink overmounting something
fix I_DIO_WAKEUP definition
direct-io: only inc/dec inode->i_dio_count for file systems
fs/9p: fix readdir()
VFS: assorted d_backing_inode() annotations
VFS: fs/inode.c helpers: d_inode() annotations
VFS: fs/cachefiles: d_backing_inode() annotations
VFS: fs library helpers: d_inode() annotations
VFS: assorted weird filesystems: d_inode() annotations
VFS: normal filesystems (and lustre): d_inode() annotations
VFS: security/: d_inode() annotations
VFS: security/: d_backing_inode() annotations
VFS: net/: d_inode() annotations
VFS: net/unix: d_backing_inode() annotations
VFS: kernel/: d_inode() annotations
VFS: audit: d_backing_inode() annotations
VFS: Fix up some ->d_inode accesses in the chelsio driver
VFS: Cachefiles should perform fs modifications on the top layer only
VFS: AF_UNIX sockets should call mknod on the top layer only
Also add the test dummy encryption mode flag so we can more easily
test the encryption patches using xfstests.
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
that's the bulk of filesystem drivers dealing with inodes of their own
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Pulls block_write_begin() into fs/ext4/inode.c because it might need
to do a low-level read of the existing data, in which case we need to
decrypt it.
Signed-off-by: Michael Halcrow <mhalcrow@google.com>
Signed-off-by: Ildar Muslukhov <ildarm@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Remove unused header files and header files which are included in
ext4.h.
Signed-off-by: Sheng Yong <shengyong1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
When we fail to load block bitmap in __ext4_new_inode() we will
dereference NULL pointer in ext4_journal_get_write_access(). So check
for error from ext4_read_block_bitmap().
Coverity-id: 989065
Cc: stable@vger.kernel.org
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Besides the fact that this replacement improves code readability
it also protects from errors caused direct EXT4_S(sb)->s_es manipulation
which may result attempt to use uninitialized csum machinery.
#Testcase_BEGIN
IMG=/dev/ram0
MNT=/mnt
mkfs.ext4 $IMG
mount $IMG $MNT
#Enable feature directly on disk, on mounted fs
tune2fs -O metadata_csum $IMG
# Provoke metadata update, likey result in OOPS
touch $MNT/test
umount $MNT
#Testcase_END
# Replacement script
@@
expression E;
@@
- EXT4_HAS_RO_COMPAT_FEATURE(E, EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)
+ ext4_has_metadata_csum(E)
https://bugzilla.kernel.org/show_bug.cgi?id=82201
Signed-off-by: Dmitry Monakhov <dmonakhov@openvz.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
The first time that we allocate from an uninitialized inode allocation
bitmap, if the block allocation bitmap is also uninitalized, we need
to get write access to the block group descriptor before we start
modifying the block group descriptor flags and updating the free block
count, etc. Otherwise, there is the potential of a bad journal
checksum (if journal checksums are enabled), and of the file system
becoming inconsistent if we crash at exactly the wrong time.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
We should decrement free clusters counter when block bitmap is marked
as corrupt and free inodes counter when the allocation bitmap is
marked as corrupt to avoid misunderstanding due to incorrect available
size in statfs result. User can get immediately ENOSPC error from
write begin without reaching for the writepages.
Cc: Darrick J. Wong<darrick.wong@oracle.com>
Reported-by: Amit Sahrawat <amit.sahrawat83@gmail.com>
Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: Ashish Sangwan <a.sangwan@samsung.com>
Many of the uses of get_random_bytes() do not actually need
cryptographically secure random numbers. Replace those uses with a
call to prandom_u32(), which is faster and which doesn't consume
entropy from the /dev/random driver.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If the group descriptor fails validation, mark the whole blockgroup
corrupt so that the inode/block allocators skip this group. The
previous approach takes the risk of writing to a damaged group
descriptor; hopefully it was never the case that the [ib]bitmap fields
pointed to another valid block and got dirtied, since the memset would
fill the page with 1s.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If we detect either a discrepancy between the inode bitmap and the
inode counts or the inode bitmap fails to pass validation checks, mark
the block group corrupt and refuse to allocate or deallocate inodes
from the group.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
In no journal mode, if an inode has recently been deleted, we
shouldn't reuse it right away. Otherwise it's possible, after an
unclean shutdown, to hit a situation where a recently deleted inode
gets reused for some other purpose before the inode table block has
been written to disk. However, if the directory entry has been
updated, then the directory entry will be pointing at the old inode
contents.
E2fsck will make sure the file system is consistent after the
unclean shutdown. However, if the recently deleted inode is a
character mode device, or an inode with the immutable bit set, even
after the file system has been fixed up by e2fsck, it can be
possible for a *.pyc file to be pointing at a character mode
device, and when python tries to open the *.pyc file, Hilarity
Ensues. We could change all of userspace to be very suspicious
about stat'ing files before opening them, and clearing the
immutable flag if necessary --- or we can just avoid reusing an
inode number if it has been recently deleted.
Google-Bug-Id: 10017573
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
When we try to allocate an inode, and there is a race between two
CPU's trying to grab the same inode, _and_ this inode is the last free
inode in the block group, make sure the group number is bumped before
we continue searching the rest of the block groups. Otherwise, we end
up searching the current block group twice, and we end up skipping
searching the last block group. So in the unlikely situation where
almost all of the inodes are allocated, it's possible that we will
return ENOSPC even though there might be free inodes in that last
block group.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@vger.kernel.org
