Sync up with Linus #53
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit 0e707ae ("UBI: do propagate positive error codes up") seems to have produced an unintended change in the control flow here. Completely untested, but it looks obvious. Caught by Coverity, which didn't like the indentation. CID 1271184. Signed-off-by: Brian Norris <[email protected]> Cc: Dan Carpenter <[email protected]> Signed-off-by: Richard Weinberger <[email protected]>
It was always intended that a read to an unprovisioned block will return zeroes regardless of whether the pool is in read-only or read-write mode. thin_bio_map() was inconsistent with its handling of such reads when the pool is in read-only mode, it now properly zero-fills the bios it returns in response to unprovisioned block reads. Eliminate thin_bio_map()'s special read-only mode handling of -ENODATA and just allow the IO to be deferred to the worker which will result in pool->process_bio() handling the IO (which already properly zero-fills reads to unprovisioned blocks). Reported-by: Eric Sandeen <[email protected]> Signed-off-by: Joe Thornber <[email protected]> Signed-off-by: Mike Snitzer <[email protected]> Cc: [email protected]
__dm_destroy() must take the suspend_lock so that its presuspend and postsuspend calls do not race with an internal suspend. Signed-off-by: Mikulas Patocka <[email protected]> Signed-off-by: Mike Snitzer <[email protected]> Cc: [email protected]
In the function snapshot_resume we perform exception store handover. If there is another active snapshot target, the exception store is moved from this target to the target that is being resumed. The problem is that if there is some pending exception, it will point to an incorrect exception store after that handover, causing a crash due to dm-snap-persistent.c:get_exception()'s BUG_ON. This bug can be triggered by repeatedly changing snapshot permissions with "lvchange -p r" and "lvchange -p rw" while there are writes on the associated origin device. To fix this bug, we must suspend the origin device when doing the exception store handover to make sure that there are no pending exceptions: - introduce _origin_hash that keeps track of dm_origin structures. - introduce functions __lookup_dm_origin, __insert_dm_origin and __remove_dm_origin that manipulate the origin hash. - modify snapshot_resume so that it calls dm_internal_suspend_fast() and dm_internal_resume_fast() on the origin device. NOTE to stable@ people: When backporting to kernels 3.12-3.18, use dm_internal_suspend and dm_internal_resume instead of dm_internal_suspend_fast and dm_internal_resume_fast. When backporting to kernels older than 3.12, you need to pick functions dm_internal_suspend and dm_internal_resume from the commit fd2ed4d. Signed-off-by: Mikulas Patocka <[email protected]> Signed-off-by: Mike Snitzer <[email protected]> Cc: [email protected]
The "dm snapshot: suspend origin when doing exception handover" commit fixed a exception store handover bug associated with pending exceptions to the "snapshot-origin" target. However, a similar problem exists in snapshot merging. When snapshot merging is in progress, we use the target "snapshot-merge" instead of "snapshot-origin". Consequently, during exception store handover, we must find the snapshot-merge target and suspend its associated mapped_device. To avoid lockdep warnings, the target must be suspended and resumed without holding _origins_lock. Introduce a dm_hold() function that grabs a reference on a mapped_device, but unlike dm_get(), it doesn't crash if the device has the DMF_FREEING flag set, it returns an error in this case. In snapshot_resume() we grab the reference to the origin device using dm_hold() while holding _origins_lock (_origins_lock guarantees that the device won't disappear). Then we release _origins_lock, suspend the device and grab _origins_lock again. NOTE to stable@ people: When backporting to kernels 3.18 and older, use dm_internal_suspend and dm_internal_resume instead of dm_internal_suspend_fast and dm_internal_resume_fast. Signed-off-by: Mikulas Patocka <[email protected]> Signed-off-by: Mike Snitzer <[email protected]> Cc: [email protected]
… REQ_WRITE_SAME Since it's possible for the discard and write same queue limits to change while the upper level command is being sliced and diced, fix up both of them (a) to reject IO if the special command is unsupported at the start of the function and (b) read the limits once and let the commands error out on their own if the status happens to change. Signed-off-by: Darrick J. Wong <[email protected]> Signed-off-by: Mikulas Patocka <[email protected]> Signed-off-by: Mike Snitzer <[email protected]> Cc: [email protected]
Currently, of_get_child_count() is called in each iteration of the for loop in miphy28lp_xlate(). This patch stores the return value of of_get_child_count() in miphy_dev->nphys and call of_get_child_count() once in miphy28lp_probe(). Signed-off-by: Axel Lin <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
Currently, of_get_child_count() is called in each iteration of the for loop in miphy365x_xlate(). This patch stores the return value of of_get_child_count() in miphy_dev->nphys and call of_get_child_count() once in miphy365x_probe(). Signed-off-by: Axel Lin <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
At the context we have pointer to struct phy, it's useful to call phy_get_drvdata() to get the address of cluster_phy. This has slightly better readability than calling dev_get_drvdata(phy->dev.parent). Signed-off-by: Axel Lin <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
Set it once is enough and it's done after devm_kzalloc(). Signed-off-by: Axel Lin <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
Add missing .owner field in miphy28lp_ops, which is used for refcounting. Signed-off-by: Axel Lin <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
syscon_regmap_lookup_by_phandle() returns ERR_PTR on error. Thus don't use null test against state->regmap. Signed-off-by: Axel Lin <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
There is still a problem that dma_idx is causing packets to go onto the wrong tx path. Protect dma_idx fully with the present first lock and use pTDInfo->byFlags TD_FLAGS_NETIF_SKB to set MACvTransmit. Signed-off-by: Malcolm Priestley <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
When the driver sets this rate a power of zero value is set causing data flow stoppage until another rate is tried. Signed-off-by: Malcolm Priestley <[email protected]> Cc: <[email protected]> # v3.17+ Signed-off-by: Greg Kroah-Hartman <[email protected]>
When the driver sets this rate a power of zero value is set causing data flow stoppage until another rate is tried. Signed-off-by: Malcolm Priestley <[email protected]> Cc: <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
byRFType is not set prior to registration of mac80211 causing unpredictable operation after channel scans. With byRFType unset all channels are enabled this causes tx power to be set to values not present its eeprom. Move setting of this variable to vt6655_probe. byRFType must have a mask set. byRevId not used by driver and is removed. Signed-off-by: Malcolm Priestley <[email protected]> Cc: <[email protected]> # v3.19+ Signed-off-by: Greg Kroah-Hartman <[email protected]>
Use spin_{un,}lock_irq{save,restore} in isp1760_udc_{start,stop} to
prevent following potentially deadlock scenario between
isp1760_udc_{start,stop} and isp1760_udc_irq :
=================================
[ INFO: inconsistent lock state ]
4.0.0-rc2-00004-gf7bb2ef60173 #51 Not tainted
---------------------------------
inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
in:imklog/2118 [HC1[1]:SC0[0]:HE0:SE1] takes:
(&(&udc->lock)->rlock){?.+...}, at: [<c0397a93>] isp1760_udc_irq+0x367/0x9dc
{HARDIRQ-ON-W} state was registered at:
[<c05135b3>] _raw_spin_lock+0x23/0x30
[<c0396b87>] isp1760_udc_start+0x23/0xf8
[<c039dc21>] udc_bind_to_driver+0x71/0xb0
[<c039de4f>] usb_gadget_probe_driver+0x53/0x9c
[<bf80d0df>] usb_composite_probe+0x8a/0xa4 [libcomposite]
[<bf8311a7>] 0xbf8311a7
[<c00088c5>] do_one_initcall+0x8d/0x17c
[<c050b92d>] do_init_module+0x49/0x148
[<c0087323>] load_module+0xb7f/0xbc4
[<c0087471>] SyS_finit_module+0x51/0x74
[<c000d8c1>] ret_fast_syscall+0x1/0x68
irq event stamp: 4966
hardirqs last enabled at (4965): [<c05137df>] _raw_spin_unlock_irq+0x1f/0x24
hardirqs last disabled at (4966): [<c00110b3>] __irq_svc+0x33/0x64
softirqs last enabled at (4458): [<c0023475>] __do_softirq+0x23d/0x2d0
softirqs last disabled at (4389): [<c002380b>] irq_exit+0xef/0x15c
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&(&udc->lock)->rlock);
<Interrupt>
lock(&(&udc->lock)->rlock);
*** DEADLOCK ***
1 lock held by in:imklog/2118:
#0: (&f->f_pos_lock){+.+.+.}, at: [<c010a101>] __fdget_pos+0x31/0x34
Signed-off-by: Sudeep Holla <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Acked-by: Laurent Pinchart <[email protected]>
Signed-off-by: Felipe Balbi <[email protected]>
A recent bug fix I did that was marked for stable backports introduced a slightly wrong dependency on CONFIG_OMAP_CONTROL_PHY. I was missing the fact that the PHY driver already stubs out the omap_control_usb_set_mode, and we only need to add a dependency to prevent the musb-omap2430 driver from being built-in when the phy driver is a loadable module, but we should not prevent it from being built altogether when the phy driver is disabled. Signed-off-by: Arnd Bergmann <[email protected]> Fixes: ca784be ("usb: start using the control module driver") Cc: <[email protected]> # v3.9+ Acked-by: Acked-by: Pavel Machek <[email protected]> Tested-by: Aaro Koskinen <[email protected]> Signed-off-by: Felipe Balbi <[email protected]>
The IRQF_DISABLED is a NOOP and scheduled to be removed. According to commit e58aa3d ("genirq: Run irq handlers with interrupts disabled") running IRQ handlers with interrupts enabled can cause stack overflows when the interrupt line of the issuing device is still active. This patch removes using this deprecated flag and additionally removes redundantly setting IRQF_SHARED for isp1760_udc_register(). Signed-off-by: Valentin Rothberg <[email protected]> Acked-by: Laurent Pinchart <[email protected]> Signed-off-by: Felipe Balbi <[email protected]>
As per the SAF1761 data sheet[0], the DcChipID register represents the hardware version number (0001h) and the chip ID (1582h) for the Peripheral Controller. However as per the ISP1761 data sheet[1], the DcChipID register represents the hardware version number (0015h) and the chip ID (8210h) for the Peripheral Controller. This patch adds support for both the chip ID values. [0] http://www.nxp.com/documents/data_sheet/SAF1761.pdf [1] http://pdf.datasheetcatalog.com/datasheets2/74/742102_1.pdf Acked-by: Laurent Pinchart <[email protected]> Signed-off-by: Sudeep Holla <[email protected]> Signed-off-by: Felipe Balbi <[email protected]>
When validating the mask against the amount of memory we have available
(so that we can trap 32-bit DMA addresses with >32-bits memory), we had
not taken account of the fact that max_pfn is the maximum PFN number
plus one that would be in the system.
There are several references in the code which bear this out:
mm/page_owner.c:
for (; pfn < max_pfn; pfn++) {
}
arch/x86/kernel/setup.c:
high_memory = (void *)__va(max_pfn * PAGE_SIZE - 1)
Signed-off-by: Russell King <[email protected]>
It can be useful to dump the page table entries when an unhandled data abort fault occurs. This can aid debugging of these situations, for example, a STREX instruction causing an external abort on non-linefetch fault, as has been reported recently. Signed-off-by: Russell King <[email protected]>
When dwc2 controller detects a disconnect interrupt, dwc2_hcd_disconnect() should be called immediately to do clean-up jobs and set port_connect_status_change flag to notify usb hub driver disconnect status. Tested-by: Vincent Palatin <[email protected]> Acked-by: John Youn <[email protected]> Signed-off-by: Yunzhi Li <[email protected]> Signed-off-by: Felipe Balbi <[email protected]>
This fixes a potential null pointer dereference. Cc: <[email protected]> # v3.16+ Fixes: d433201 ("driver core: dev_get_drvdata: Don't check for NULL dev") Acked-by: Sebastian Andrzej Siewior <[email protected]> Signed-off-by: David Dueck <[email protected]> Signed-off-by: Felipe Balbi <[email protected]>
…rations The state->regmap is initialized by devm_regmap_init_mmio(). So it's fine to use spin_lock rather than mutex to protct state->regmap rmw operations. Signed-off-by: Axel Lin <[email protected]> Acked-by: Sylwester Nawrocki <[email protected]> Tested-by: Sylwester Nawrocki <[email protected]> [[email protected]: Found an issue with the original patch w.r.t unbalanced spin_lock call] Signed-off-by: Julia Lawall <[email protected]> Signed-off-by: Kishon Vijay Abraham I <[email protected]>
…oft reset'" This reverts commit 27082e2 ("xhci: Clear the host side toggle manually") Turns out this fix to enable soft resetting endpoints wasn't mature enough. It caused regression with some usb DVB-T devices and needs some more tuning to get the endpiont ring pointers set correctly. The original commit was tagged for stable 3.18, and should be reverted from there as well. Cc: stable <[email protected]> # v3.18 Signed-off-by: Mathias Nyman <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
This reverts commit d885d4f as the patch that it fixes is about to be reverted. Reported-by: Alan Cox <[email protected]> Cc: Arnd Bergmann <[email protected]> Cc: Jim Davis <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
This reverts commit c3762b2. The file this fixes is about to be reverted. Reported-by: Alan Cox <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
This reverts commit 02b0384. Alan writes: it seems there is a regression in there for some configuration of I/O based devices. I'll take a look at it over the next couple of kernel releases and see what is up then resubmit it with fixes. Reported-by: Alan Cox <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
This reverts commit ef11982. That commit creates a problem for some UDCs (at least musb) where it allocates an endpoints with a 64-byte FIFO, but later tries to use that same FIFO for 1024-byte packets. Before implementing this, composite framework needs to be modified so we only allocate endpoints after we know negotiated speed, however that needs quite a bit of extra work. Cc: <[email protected]> # v3.18+ Signed-off-by: Felipe Balbi <[email protected]>
…git/arm64/linux Pull arm64 fixes from Catalin Marinas: - mm switching fix where the kernel pgd ends up in the user TTBR0 after returning from an EFI run-time services call - fix __GFP_ZERO handling for atomic pool and CMA DMA allocations (the generic code does get the gfp flags, so it's left with the arch code to memzero accordingly) * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: Honor __GFP_ZERO in dma allocations arm64: efi: don't restore TTBR0 if active_mm points at init_mm
Pull UBI fix from Artem Bityutskiy: "This fixes a bug introduced during the v4.0 merge window where we forgot to put braces where they should be" * tag 'upstream-4.0-rc5' of git://git.infradead.org/linux-ubifs: UBI: fix missing brace control flow
Pull nfsd bufix from Bruce Fields: "This is a fix for a crash easily triggered by 4.1 activity to a server built with CONFIG_NFSD_PNFS. There are some more bugfixes queued up that I intend to pass along next week, but this is the most critical" * 'for-4.0' of git://linux-nfs.org/~bfields/linux: Subject: nfsd: don't recursively call nfsd4_cb_layout_fail
…/git/mason/linux-btrfs Pull btrfs fixes from Chris Mason: "Most of these are fixing extent reservation accounting, or corners with tree writeback during commit. Josef's set does add a test, which isn't strictly a fix, but it'll keep us from making this same mistake again" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: Btrfs: fix outstanding_extents accounting in DIO Btrfs: add sanity test for outstanding_extents accounting Btrfs: just free dummy extent buffers Btrfs: account merges/splits properly Btrfs: prepare block group cache before writing Btrfs: fix ASSERT(list_empty(&cur_trans->dirty_bgs_list) Btrfs: account for the correct number of extents for delalloc reservations Btrfs: fix merge delalloc logic Btrfs: fix comp_oper to get right order Btrfs: catch transaction abortion after waiting for it btrfs: fix sizeof format specifier in btrfs_check_super_valid()
…/git/device-mapper/linux-dm
Pull devicemapper fixes from Mike Snitzer:
"A handful of stable fixes for DM:
- fix thin target to always zero-fill reads to unprovisioned blocks
- fix to interlock device destruction's suspend from internal
suspends
- fix 2 snapshot exception store handover bugs
- fix dm-io to cope with DISCARD and WRITE_SAME capabilities changing"
* tag 'dm-4.0-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
dm io: deal with wandering queue limits when handling REQ_DISCARD and REQ_WRITE_SAME
dm snapshot: suspend merging snapshot when doing exception handover
dm snapshot: suspend origin when doing exception handover
dm: hold suspend_lock while suspending device during device deletion
dm thin: fix to consistently zero-fill reads to unprovisioned blocks
Pull SCSI target fixes from Nicholas Bellinger:
"Here are current target-pending fixes for v4.0-rc5 code that have made
their way into the queue over the last weeks.
The fixes this round include:
- Fix long-standing iser-target logout bug related to early
conn_logout_comp completion, resulting in iscsi_conn use-after-tree
OOpsen. (Sagi + nab)
- Fix long-standing tcm_fc bug in ft_invl_hw_context() failure
handing for DDP hw offload. (DanC)
- Fix incorrect use of unprotected __transport_register_session() in
tcm_qla2xxx + other single local se_node_acl fabrics. (Bart)
- Fix reference leak in target_submit_cmd() -> target_get_sess_cmd()
for ack_kref=1 failure path. (Bart)
- Fix pSCSI backend ->get_device_type() statistics OOPs with
un-configured device. (Olaf + nab)
- Fix virtual LUN=0 target_configure_device failure OOPs at modprobe
time. (Claudio + nab)
- Fix FUA write false positive failure regression in v4.0-rc1 code.
(Christophe Vu-Brugier + HCH)"
* git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
target: do not reject FUA CDBs when write cache is enabled but emulate_write_cache is 0
target: Fix virtual LUN=0 target_configure_device failure OOPs
target/pscsi: Fix NULL pointer dereference in get_device_type
tcm_fc: missing curly braces in ft_invl_hw_context()
target: Fix reference leak in target_get_sess_cmd() error path
loop/usb/vhost-scsi/xen-scsiback: Fix use of __transport_register_session
tcm_qla2xxx: Fix incorrect use of __transport_register_session
iscsi-target: Avoid early conn_logout_comp for iser connections
Revert "iscsi-target: Avoid IN_LOGOUT failure case for iser-target"
target: Disallow changing of WRITE cache/FUA attrs after export
…b/scm/linux/kernel/git/robh/linux Pull more DeviceTree fixes vfom Rob Herring: - revert setting stdout-path as preferred console. This caused regressions in PowerMACs and other systems. - yet another fix for stdout-path option parsing. - fix error path handling in of_irq_parse_one * tag 'devicetree-fixes-for-4.0-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux: Revert "of: Fix premature bootconsole disable with 'stdout-path'" of: handle both '/' and ':' in path strings of: unittest: Add option string test case with longer path of/irq: Fix of_irq_parse_one() returned error codes
Pull drm updates from Dave Airlie:
"A bunch of fixes across drivers:
radeon:
disable two ended allocation for now, it breaks some stuff
amdkfd:
misc fixes
nouveau:
fix irq loop problem, add basic support for GM206 (new hw)
i915:
fix some WARNs people were seeing
exynos:
fix some iommu interactions causing boot failures"
* git://people.freedesktop.org/~airlied/linux:
drm/radeon: drop ttm two ended allocation
drm/exynos: fix the initialization order in FIMD
drm/exynos: fix typo config name correctly.
drm/exynos: Check for NULL dereference of crtc
drm/exynos: IS_ERR() vs NULL bug
drm/exynos: remove unused files
drm/i915: Make sure the primary plane is enabled before reading out the fb state
drm/nouveau/bios: fix i2c table parsing for dcb 4.1
drm/nouveau/device/gm100: Basic GM206 bring up (as copy of GM204)
drm/nouveau/device: post write to NV_PMC_BOOT_1 when flipping endian switch
drm/nouveau/gr/gf100: fix some accidental or'ing of buffer addresses
drm/nouveau/fifo/nv04: remove the loop from the interrupt handler
drm/radeon: Changing number of compute pipe lines
drm/amdkfd: Fix SDMA queue init. in non-HWS mode
drm/amdkfd: destroy mqd when destroying kernel queue
drm/i915: Ensure plane->state->fb stays in sync with plane->fb
…nel/git/rafael/linux-pm
Pull power management and ACPI fixes from Rafael Wysocki:
"These are fixes for recent regressions (PCI/ACPI resources and at91
RTC locking), a stable-candidate powercap RAPL driver fix and two ARM
cpuidle fixes (one stable-candidate too).
Specifics:
- Revert a recent PCI commit related to IRQ resources management that
introduced a regression for drivers attempting to bind to devices
whose previous drivers did not balance pci_enable_device() and
pci_disable_device() as expected (Rafael J Wysocki).
- Fix a deadlock in at91_rtc_interrupt() introduced by a typo in a
recent commit related to wakeup interrupt handling (Dan Carpenter).
- Allow the power capping RAPL (Running-Average Power Limit) driver
to use different energy units for domains within one CPU package
which is necessary to handle Intel Haswell EP processors correctly
(Jacob Pan).
- Improve the cpuidle mvebu driver's handling of Armada XP SoCs by
updating the target residency and exit latency numbers for those
chips (Sebastien Rannou).
- Prevent the cpuidle mvebu driver from calling cpu_pm_enter() twice
in a row before cpu_pm_exit() is called on the same CPU which
breaks the core's assumptions regarding the usage of those
functions (Gregory Clement)"
* tag 'pm+acpi-4.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
Revert "x86/PCI: Refine the way to release PCI IRQ resources"
rtc: at91rm9200: double locking bug in at91_rtc_interrupt()
powercap / RAPL: handle domains with different energy units
cpuidle: mvebu: Update cpuidle thresholds for Armada XP SOCs
cpuidle: mvebu: Fix the CPU PM notifier usage
Pull slave dmaengine fixes from Vinod Koul: "Four fixes for dw, pl08x, imx-sdma and at_hdmac driver. Nothing unusual here, simple fixes to these drivers" * 'fixes' of git://git.infradead.org/users/vkoul/slave-dma: dmaengine: pl08x: Define capabilities for generic capabilities reporting dmaengine: dw: append MODULE_ALIAS for platform driver dmaengine: imx-sdma: switch to dynamic context mode after script loaded dmaengine: at_hdmac: Fix calculation of the residual bytes
When the device is powered up, some (older) firmware versions fail to work properly if we send commands before the boot is complete (everything is OK when the device is hot-plugged). The firmware indicates its ready status by putting the link up. Newer firmwares delay the first command so they don't suffer from this problem. They also report the link being always up. Wait for firmware to become ready (link up) before sending any commands and/or data. This also allows lowering CMD_TIMEOUT value to a reasonable time. Tested with 4.1.0.9 (old) and 4.1.0.30 (new) firmware versions. Signed-off-by: Ondrej Zary <[email protected]> Signed-off-by: David S. Miller <[email protected]>
ip6tables extensions check for this flag to restrict match/target to a given protocol. Without this flag set, SYNPROXY6 returns an error. Signed-off-by: Pablo Neira Ayuso <[email protected]> Acked-by: Patrick McHardy <[email protected]>
…git/gregkh/usb Pull USB / PHY driver fixes from Greg KH: "Here's a number of USB and PHY driver fixes for 4.0-rc5. The largest thing here is a revert of a gadget function driver patch that removes 500 lines of code. Other than that, it's a number of reported bugs fixes and new quirk/id entries. All have been in linux-next for a while" * tag 'usb-4.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (33 commits) usb: common: otg-fsm: only signal connect after switching to peripheral uas: Add US_FL_NO_ATA_1X for Initio Corporation controllers / devices USB: ehci-atmel: rework clk handling MAINTAINERS: add entry for USB OTG FSM usb: chipidea: otg: add a_alt_hnp_support response for B device phy: omap-usb2: Fix missing clk_prepare call when using old dt name phy: ti/omap: Fix modalias phy: core: Fixup return value of phy_exit when !pm_runtime_enabled phy: miphy28lp: Convert to devm_kcalloc and fix wrong sizof phy: miphy365x: Convert to devm_kcalloc and fix wrong sizeof phy: twl4030-usb: Remove redundant assignment for twl->linkstat phy: exynos5-usbdrd: Fix off-by-one valid value checking for args->args[0] phy: Find the right match in devm_phy_destroy() phy: rockchip-usb: Fixup rockchip_usb_phy_power_on failure path phy: ti-pipe3: Simplify ti_pipe3_dpll_wait_lock implementation phy: samsung-usb2: Remove NULL terminating entry from phys array phy: hix5hd2-sata: Check return value of platform_get_resource phy: exynos-dp-video: Kill exynos_dp_video_phy_pwr_isol function Revert "usb: gadget: zero: Add support for interrupt EP" Revert "xhci: Clear the host side toggle manually when endpoint is 'soft reset'" ...
…git/gregkh/tty Pull tty/serial driver fix from Greg KH: "Here's a single 8250 serial driver that fixes a reported deadlock with the serial console and the tty driver. It's been in linux-next for a while now" * tag 'tty-4.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: serial: 8250_dw: Fix deadlock in LCR workaround
…nel/git/gregkh/staging Pull staging driver fixes from Greg KH: "Here are four small staging driver fixes, all for the vt6656 and vt6655 drivers, that resolve some reported issues with them. All of these patches have been in linux next for a while" * tag 'staging-4.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: vt6655: Fix late setting of byRFType. vt6655: RFbSetPower fix missing rate RATE_12M staging: vt6656: vnt_rf_setpower: fix missing rate RATE_12M staging: vt6655: vnt_tx_packet fix dma_idx selection.
…ernel/git/gregkh/char-misc Pull char/misc fixes from Greg KH: "Here are three fixes for 4.0-rc5 that revert 3 PCMCIA patches that were merged in 4.0-rc1 that cause regressions. So let's revert them for now and they will be reworked and resent sometime in the future. All have been tested in linux-next for a while" * tag 'char-misc-4.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: Revert "pcmcia: add a new resource manager for non ISA systems" Revert "pcmcia: fix incorrect bracketing on a test" Revert "pcmcia: add missing include for new pci resource handler"
…/kernel/git/gregkh/driver-core Pull driver core fixes from Greg KH: "Here are two bugfixes for things reported. One regression in kernfs, and another issue fixed in the LZ4 code that was fixed in the "upstream" codebase that solves a reported kernel crash Both have been in linux-next for a while" * tag 'driver-core-4.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: LZ4 : fix the data abort issue kernfs: handle poll correctly on 'direct_read' files.
Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for your net tree, they are: 1) Fix missing initialization of tuple structure in nfnetlink_cthelper to avoid mismatches when looking up to attach userspace helpers to flows, from Ian Wilson. 2) Fix potential crash in nft_hash when we hit -EAGAIN in nft_hash_walk(), from Herbert Xu. 3) We don't need to indicate the hook information to update the basechain default policy in nf_tables. 4) Restore tracing over nfnetlink_log due to recent rework to accomodate logging infrastructure into nf_tables. 5) Fix wrong IP6T_INV_PROTO check in xt_TPROXY. 6) Set IP6T_F_PROTO flag in nft_compat so we can use SYNPROXY6 and REJECT6 from xt over nftables. ==================== Signed-off-by: David S. Miller <[email protected]>
Pull bugfix for md from Neil Brown: "One fix for md in 4.0-rc4 Regression in recent patch causes crash on error path" * tag 'md/4.0-rc4-fix' of git://neil.brown.name/md: md: fix problems with freeing private data after ->run failure.
Firstly, handle zero length calls properly. Believe it or not there
are a few of these happening during early boot.
Next, we can't just drop to a memcpy() call in the forward copy case
where dst <= src. The reason is that the cache initializing stores
used in the Niagara memcpy() implementations can end up clearing out
cache lines before we've sourced their original contents completely.
For example, considering NG4memcpy, the main unrolled loop begins like
this:
load src + 0x00
load src + 0x08
load src + 0x10
load src + 0x18
load src + 0x20
store dst + 0x00
Assume dst is 64 byte aligned and let's say that dst is src - 8 for
this memcpy() call. That store at the end there is the one to the
first line in the cache line, thus clearing the whole line, which thus
clobbers "src + 0x28" before it even gets loaded.
To avoid this, just fall through to a simple copy only mildly
optimized for the case where src and dst are 8 byte aligned and the
length is a multiple of 8 as well. We could get fancy and call
GENmemcpy() but this is good enough for how this thing is actually
used.
Reported-by: David Ahern <[email protected]>
Reported-by: Bob Picco <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Pull sparc fixes from David Miller:
"Some perf bug fixes from David Ahern, and the fix for that nasty
memmove() bug"
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc:
sparc64: Fix several bugs in memmove().
sparc: Touch NMI watchdog when walking cpus and calling printk
sparc: perf: Add support M7 processor
sparc: perf: Make counting mode actually work
sparc: perf: Remove redundant perf_pmu_{en|dis}able calls
Pull networking fixes from David Miller:
1) Validate iov ranges before feeding them into iov_iter_init(), from
Al Viro.
2) We changed copy_from_msghdr_from_user() to zero out the msg_namelen
is a NULL pointer is given for the msg_name. Do the same in the
compat code too. From Catalin Marinas.
3) Fix partially initialized tuples in netfilter conntrack helper, from
Ian Wilson.
4) Missing continue; statement in nft_hash walker can lead to crashes,
from Herbert Xu.
5) tproxy_tg6_check looks for IP6T_INV_PROTO in ->flags instead of
->invflags, fix from Pablo Neira Ayuso.
6) Incorrect memory account of TCP FINs can result in negative socket
memory accounting values. Fix from Josh Hunt.
7) Don't allow virtual functions to enable VLAN promiscuous mode in
be2net driver, from Vasundhara Volam.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net:
netfilter: nft_compat: set IP6T_F_PROTO flag if protocol is set
cx82310_eth: wait for firmware to become ready
net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom
net: compat: Update get_compat_msghdr() to match copy_msghdr_from_user() behaviour
be2net: use PCI MMIO read instead of config read for errors
be2net: restrict MODIFY_EQ_DELAY cmd to a max of 8 EQs
be2net: Prevent VFs from enabling VLAN promiscuous mode
tcp: fix tcp fin memory accounting
ipv6: fix backtracking for throw routes
net: ethernet: pcnet32: Setup the SRAM and NOUFLO on Am79C97{3, 5}
ipv6: call ipv6_proxy_select_ident instead of ipv6_select_ident in udp6_ufo_fragment
netfilter: xt_TPROXY: fix invflags check in tproxy_tg6_check()
netfilter: restore rule tracing via nfnetlink_log
netfilter: nf_tables: allow to change chain policy without hook if it exists
netfilter: Fix potential crash in nft_hash walker
netfilter: Zero the tuple in nfnl_cthelper_parse_tuple()
dabrace
pushed a commit
that referenced
this pull request
Jul 7, 2016
If mvneta_mdio_probe() fails, a kernel warning is triggered due to missing cleanup in the error path. Add the necessary cleanup. ------------[ cut here ]------------ WARNING: CPU: 1 PID: 281 at kernel/irq/manage.c:1814 __free_percpu_irq+0xfc/0x130 percpu IRQ 38 still enabled on CPU0! Modules linked in: bnep bluetooth xhci_plat_hcd xhci_hcd marvell_cesa armada_thermal des_generic ehci_orion mcp3021 spi_orion sfp mdio_i2c evbug fuse CPU: 1 PID: 281 Comm: connmand Not tainted 4.7.0-rc2+ #53 Hardware name: Marvell Armada 380/385 (Device Tree) Backtrace: [<c0013488>] (dump_backtrace) from [<c00137d0>] (show_stack+0x18/0x1c) r6:60010093 r5:ffffffff r4:00000000 r3:dc8ba500 [<c00137b8>] (show_stack) from [<c02c6fe0>] (dump_stack+0xa4/0xdc) [<c02c6f3c>] (dump_stack) from [<c002d4ec>] (__warn+0xd8/0x104) r6:c081e6a0 r5:00000000 r4:edfe5d50 r3:dc8ba500 [<c002d414>] (__warn) from [<c002d5d0>] (warn_slowpath_fmt+0x40/0x48) r10:a0010013 r8:c09356f8 r7:00000026 r6:ef11a260 r5:edd7b980 r4:ef11a200 [<c002d594>] (warn_slowpath_fmt) from [<c008c8e0>] (__free_percpu_irq+0xfc/0x130) r3:00000026 r2:c081e7ac [<c008c7e4>] (__free_percpu_irq) from [<c008c95c>] (free_percpu_irq+0x48/0x74) r10:00008914 r8:00000000 r7:ffffffed r6:c09356f8 r5:00000026 r4:ef11a200 [<c008c914>] (free_percpu_irq) from [<c043dd70>] (mvneta_open+0x118/0x134) r6:ffffffed r5:ef01e640 r4:ef01e000 r3:ef01e000 [<c043dc58>] (mvneta_open) from [<c055f5b4>] (__dev_open+0xa4/0x108) r7:ef01e030 r6:c06ff3d8 r5:ffff9003 r4:ef01e000 [<c055f510>] (__dev_open) from [<c055f844>] (__dev_change_flags+0x94/0x150) r7:00001002 r6:00000001 r5:ffff9003 r4:ef01e000 [<c055f7b0>] (__dev_change_flags) from [<c055f938>] (dev_change_flags+0x20/0x50) r8:00000000 r7:c09334c8 r6:00001002 r5:00000148 r4:ef01e000 r3:00008914 [<c055f918>] (dev_change_flags) from [<c05de044>] (devinet_ioctl+0x6f4/0x7e0) r8:00000000 r7:c09334c8 r6:00000000 r5:ee87200c r4:00000000 r3:00008914 [<c05dd950>] (devinet_ioctl) from [<c05e0168>] (inet_ioctl+0x1b8/0x1c8) r10:beb4499c r9:edfe4000 r8:ecf13280 r7:c096cf00 r6:beb4499c r5:eef7c240 r4:00008914 [<c05dffb0>] (inet_ioctl) from [<c053c898>] (sock_ioctl+0x78/0x300) [<c053c820>] (sock_ioctl) from [<c0155ecc>] (do_vfs_ioctl+0x98/0xa60) r7:00000011 r6:00008914 r5:00000011 r4:c01568d0 [<c0155e34>] (do_vfs_ioctl) from [<c01568d0>] (SyS_ioctl+0x3c/0x60) r10:00000000 r9:edfe4000 r8:beb4499c r7:00000011 r6:00008914 r5:ecf13280 r4:ecf13280 [<c0156894>] (SyS_ioctl) from [<c000fe60>] (ret_fast_syscall+0x0/0x1c) r8:c0010004 r7:00000036 r6:00000011 r5:000a2978 r4:00000000 r3:00009003 ---[ end trace 711f625d5b04b3a7 ]--- Signed-off-by: Russell King <[email protected]> Tested-by: Jon Nettleton <[email protected]> Signed-off-by: David S. Miller <[email protected]>
dabrace
pushed a commit
that referenced
this pull request
Apr 17, 2017
Reserving a runtime region results in splitting the EFI memory descriptors for the runtime region. This results in runtime region descriptors with bogus memory mappings, leading to interesting crashes like the following during a kexec: general protection fault: 0000 [#1] SMP Modules linked in: CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.11.0-rc1 #53 Hardware name: Wiwynn Leopard-Orv2/Leopard-DDR BW, BIOS LBM05 09/30/2016 RIP: 0010:virt_efi_set_variable() ... Call Trace: efi_delete_dummy_variable() efi_enter_virtual_mode() start_kernel() ? set_init_arg() x86_64_start_reservations() x86_64_start_kernel() start_cpu() ... Kernel panic - not syncing: Fatal exception Runtime regions will not be freed and do not need to be reserved, so skip the memmap modification in this case. Signed-off-by: Omar Sandoval <[email protected]> Signed-off-by: Matt Fleming <[email protected]> Cc: <[email protected]> # v4.9+ Cc: Ard Biesheuvel <[email protected]> Cc: Dave Young <[email protected]> Cc: Linus Torvalds <[email protected]> Cc: Peter Jones <[email protected]> Cc: Peter Zijlstra <[email protected]> Cc: Thomas Gleixner <[email protected]> Cc: [email protected] Fixes: 8e80632 ("efi/esrt: Use efi_mem_reserve() and avoid a kmalloc()") Link: http://lkml.kernel.org/r/[email protected] Signed-off-by: Ingo Molnar <[email protected]>
dabrace
pushed a commit
that referenced
this pull request
Feb 8, 2019
syzbot was able to catch a bug in rds [1] The issue here is that the socket might be found in a hash table but that its refcount has already be set to 0 by another cpu. We need to use refcount_inc_not_zero() to be safe here. [1] refcount_t: increment on 0; use-after-free. WARNING: CPU: 1 PID: 23129 at lib/refcount.c:153 refcount_inc_checked lib/refcount.c:153 [inline] WARNING: CPU: 1 PID: 23129 at lib/refcount.c:153 refcount_inc_checked+0x61/0x70 lib/refcount.c:151 Kernel panic - not syncing: panic_on_warn set ... CPU: 1 PID: 23129 Comm: syz-executor3 Not tainted 5.0.0-rc4+ #53 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1db/0x2d0 lib/dump_stack.c:113 panic+0x2cb/0x65c kernel/panic.c:214 __warn.cold+0x20/0x48 kernel/panic.c:571 report_bug+0x263/0x2b0 lib/bug.c:186 fixup_bug arch/x86/kernel/traps.c:178 [inline] fixup_bug arch/x86/kernel/traps.c:173 [inline] do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:271 do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:290 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:973 RIP: 0010:refcount_inc_checked lib/refcount.c:153 [inline] RIP: 0010:refcount_inc_checked+0x61/0x70 lib/refcount.c:151 Code: 1d 51 63 c8 06 31 ff 89 de e8 eb 1b f2 fd 84 db 75 dd e8 a2 1a f2 fd 48 c7 c7 60 9f 81 88 c6 05 31 63 c8 06 01 e8 af 65 bb fd <0f> 0b eb c1 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 54 49 RSP: 0018:ffff8880a0cbf1e8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90006113000 RDX: 000000000001047d RSI: ffffffff81685776 RDI: 0000000000000005 RBP: ffff8880a0cbf1f8 R08: ffff888097c9e100 R09: ffffed1015ce5021 R10: ffffed1015ce5020 R11: ffff8880ae728107 R12: ffff8880723c20c0 R13: ffff8880723c24b0 R14: dffffc0000000000 R15: ffffed1014197e64 sock_hold include/net/sock.h:647 [inline] rds_sock_addref+0x19/0x20 net/rds/af_rds.c:675 rds_find_bound+0x97c/0x1080 net/rds/bind.c:82 rds_recv_incoming+0x3be/0x1430 net/rds/recv.c:362 rds_loop_xmit+0xf3/0x2a0 net/rds/loop.c:96 rds_send_xmit+0x1355/0x2a10 net/rds/send.c:355 rds_sendmsg+0x323c/0x44e0 net/rds/send.c:1368 sock_sendmsg_nosec net/socket.c:621 [inline] sock_sendmsg+0xdd/0x130 net/socket.c:631 __sys_sendto+0x387/0x5f0 net/socket.c:1788 __do_sys_sendto net/socket.c:1800 [inline] __se_sys_sendto net/socket.c:1796 [inline] __x64_sys_sendto+0xe1/0x1a0 net/socket.c:1796 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458089 Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fc266df8c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000458089 RDX: 0000000000000000 RSI: 00000000204b3fff RDI: 0000000000000005 RBP: 000000000073bf00 R08: 00000000202b4000 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc266df96d4 R13: 00000000004c56e4 R14: 00000000004d94a8 R15: 00000000ffffffff Fixes: cc4dfb7 ("rds: fix two RCU related problems") Signed-off-by: Eric Dumazet <[email protected]> Reported-by: syzbot <[email protected]> Cc: Sowmini Varadhan <[email protected]> Cc: Santosh Shilimkar <[email protected]> Cc: [email protected] Cc: Cong Wang <[email protected]> Acked-by: Santosh Shilimkar <[email protected]> Signed-off-by: David S. Miller <[email protected]>
dabrace
pushed a commit
that referenced
this pull request
Feb 8, 2019
KASAN detects a use-after-free when vop devices are removed. This problem was introduced by commit 0063e8b ("virtio_vop: don't kfree device on register failure"). That patch moved the freeing of the struct _vop_vdev to the release function, but failed to ensure that vop holds a reference to the device when it doesn't want it to go away. A kfree() was replaced with a put_device() in the unregistration path, but the last reference to the device is already dropped in unregister_virtio_device() so the struct is freed before vop is done with it. Fix it by holding a reference until cleanup is done. This is similar to the fix in virtio_pci in commit 2989be0 ("virtio_pci: fix use after free on release"). ================================================================== BUG: KASAN: use-after-free in vop_scan_devices+0xc6c/0xe50 [vop] Read of size 8 at addr ffff88800da18580 by task kworker/0:1/12 CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 5.0.0-rc4+ #53 Workqueue: events vop_hotplug_devices [vop] Call Trace: dump_stack+0x74/0xbb print_address_description+0x5d/0x2b0 ? vop_scan_devices+0xc6c/0xe50 [vop] kasan_report+0x152/0x1aa ? vop_scan_devices+0xc6c/0xe50 [vop] ? vop_scan_devices+0xc6c/0xe50 [vop] vop_scan_devices+0xc6c/0xe50 [vop] ? vop_loopback_free_irq+0x160/0x160 [vop_loopback] process_one_work+0x7c0/0x14b0 ? pwq_dec_nr_in_flight+0x2d0/0x2d0 ? do_raw_spin_lock+0x120/0x280 worker_thread+0x8f/0xbf0 ? __kthread_parkme+0x78/0xf0 ? process_one_work+0x14b0/0x14b0 kthread+0x2ae/0x3a0 ? kthread_park+0x120/0x120 ret_from_fork+0x3a/0x50 Allocated by task 12: kmem_cache_alloc_trace+0x13a/0x2a0 vop_scan_devices+0x473/0xe50 [vop] process_one_work+0x7c0/0x14b0 worker_thread+0x8f/0xbf0 kthread+0x2ae/0x3a0 ret_from_fork+0x3a/0x50 Freed by task 12: kfree+0x104/0x310 device_release+0x73/0x1d0 kobject_put+0x14f/0x420 unregister_virtio_device+0x32/0x50 vop_scan_devices+0x19d/0xe50 [vop] process_one_work+0x7c0/0x14b0 worker_thread+0x8f/0xbf0 kthread+0x2ae/0x3a0 ret_from_fork+0x3a/0x50 The buggy address belongs to the object at ffff88800da18008 which belongs to the cache kmalloc-2k of size 2048 The buggy address is located 1400 bytes inside of 2048-byte region [ffff88800da18008, ffff88800da18808) The buggy address belongs to the page: page:ffffea0000368600 count:1 mapcount:0 mapping:ffff88801440dbc0 index:0x0 compound_mapcount: 0 flags: 0x4000000000010200(slab|head) raw: 4000000000010200 ffffea0000378608 ffffea000037a008 ffff88801440dbc0 raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88800da18480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff88800da18500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff88800da18580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff88800da18600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff88800da18680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Fixes: 0063e8b ("virtio_vop: don't kfree device on register failure") Signed-off-by: Vincent Whitchurch <[email protected]> Cc: stable <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
dabrace
pushed a commit
that referenced
this pull request
Feb 26, 2020
For the duration of mapping eVMCS, it derefences ->memslots without holding ->srcu or ->slots_lock when accessing hv assist page. This patch fixes it by moving nested_sync_vmcs12_to_shadow to prepare_guest_switch, where the SRCU is already taken. It can be reproduced by running kvm's evmcs_test selftest. ============================= warning: suspicious rcu usage 5.6.0-rc1+ #53 tainted: g w ioe ----------------------------- ./include/linux/kvm_host.h:623 suspicious rcu_dereference_check() usage! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by evmcs_test/8507: #0: ffff9ddd156d00d0 (&vcpu->mutex){+.+.}, at: kvm_vcpu_ioctl+0x85/0x680 [kvm] stack backtrace: cpu: 6 pid: 8507 comm: evmcs_test tainted: g w ioe 5.6.0-rc1+ #53 hardware name: dell inc. optiplex 7040/0jctf8, bios 1.4.9 09/12/2016 call trace: dump_stack+0x68/0x9b kvm_read_guest_cached+0x11d/0x150 [kvm] kvm_hv_get_assist_page+0x33/0x40 [kvm] nested_enlightened_vmentry+0x2c/0x60 [kvm_intel] nested_vmx_handle_enlightened_vmptrld.part.52+0x32/0x1c0 [kvm_intel] nested_sync_vmcs12_to_shadow+0x439/0x680 [kvm_intel] vmx_vcpu_run+0x67a/0xe60 [kvm_intel] vcpu_enter_guest+0x35e/0x1bc0 [kvm] kvm_arch_vcpu_ioctl_run+0x40b/0x670 [kvm] kvm_vcpu_ioctl+0x370/0x680 [kvm] ksys_ioctl+0x235/0x850 __x64_sys_ioctl+0x16/0x20 do_syscall_64+0x77/0x780 entry_syscall_64_after_hwframe+0x49/0xbe Signed-off-by: Wanpeng Li <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.