1. 13 Sep, 2016 3 commits
    • James Hogan's avatar
      MIPS: Fix memory regions reaching top of physical · 58cae9b0
      James Hogan authored
      Memory regions added with add_memory_region() at the top of the physical
      address space will have their end address overflow to 0. This causes
      them to be rejected as invalid, and would cause various other issues
      later on.
      This causes issues on Malta and Boston platforms when wanting to use all
      2GB of RAM on a 32-bit kernel, either via highmem (using physical
      addresses 0x90000000..0xFFFFFFFF), or with the Malta Enhanced Virtual
      Addressing (EVA) layout which exposes the whole 0x80000000..0xFFFFFFFF
      physical address range to kernel mode at 0x00000000..0x7FFFFFFF.
      Due to the abundance of these non-overflow assumptions and the fact that
      memblock already avoids the arithmetic overflow by limiting the size of
      new memory regions without the arch code knowing it (in particular
      mem_init_free_highmem() will trigger a page dump due to nonzero mapcount
      on the last page), it is simpler and safer to just limit the size of the
      region in a similar way to memblock but at the arch level to allow most
      of the RAM to be used without arithmetic overflows.
      Therefore we detect this case specifically and reduce the size of the
      region slightly to avoid the arithmetic overflows and cause the last
      page to be ignored.
      Signed-off-by: default avatarJames Hogan <james.hogan@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/13857/
      Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
    • Marcin Nowakowski's avatar
      MIPS: uprobes: fix incorrect uprobe brk handling · 2809328f
      Marcin Nowakowski authored
      When a uprobe-replacement breakpoint instruction is handled, a notifier
      is called with DIE_UPROBE argument, but a corresponding exception notify
      handler for MIPS attempts to handle DIE_BREAK instead. As a result
      the breakpoint instruction isn't handled by the uprobe code and the probed
      application terminates with SIGTRAP.
      Fix this by changing arch_uprobe_exception_notify code to handle
      DIE_UPROBE as a pre-singlestep condition instead of DIE_BREAK.
      Signed-off-by: default avatarMarcin Nowakowski <marcin.nowakowski@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/13884/
      Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
    • Amitoj Kaur Chawla's avatar
      MIPS: ath79: Fix test for error return of clk_register_fixed_factor(). · e3b23148
      Amitoj Kaur Chawla authored
      clk_register_fixed_factor returns an ERR_PTR in case of an error and
      should have an IS_ERR check instead of a null check.
      The Coccinelle semantic patch used to find this issue is as follows:
      expression e;
      statement S;
      *e = clk_register_fixed_factor(...);
      if (!e) S
      Signed-off-by: default avatarAmitoj Kaur Chawla <amitoj1606@gmail.com>
      Cc: julia.lawall@lip6.fr
      Cc: linux-mips@linux-mips.org
      Cc: linux-kernel@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/13894/
      Signed-off-by: default avatarRalf Baechle <ralf@linux-mips.org>
  2. 12 Sep, 2016 1 commit
  3. 11 Sep, 2016 3 commits
    • Linus Torvalds's avatar
      nvme: make NVME_RDMA depend on BLOCK · bd0b841f
      Linus Torvalds authored
      Commit aa719874
       ("nvme: fabrics drivers don't need the nvme-pci
      driver") removed the dependency on BLK_DEV_NVME, but the cdoe does
      depend on the block layer (which used to be an implicit dependency
      through BLK_DEV_NVME).
      Otherwise you get various errors from the kbuild test robot random
      config testing when that happens to hit a configuration with BLOCK
      device support disabled.
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Jay Freyensee <james_p_freyensee@linux.intel.com>
      Cc: Sagi Grimberg <sagi@grimberg.me>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    • Linus Torvalds's avatar
      Merge tag 'staging-4.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 2afe669a
      Linus Torvalds authored
      Pull IIO fixes from Greg KH:
       "Here are a few small IIO fixes for 4.8-rc6.
        Nothing major, full details are in the shortlog, all of these have
        been in linux-next with no reported issues"
      * tag 'staging-4.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        iio:core: fix IIO_VAL_FRACTIONAL sign handling
        iio: ensure ret is initialized to zero before entering do loop
        iio: accel: kxsd9: Fix scaling bug
        iio: accel: bmc150: reset chip at init time
        iio: fix pressure data output unit in hid-sensor-attributes
        tools:iio:iio_generic_buffer: fix trigger-less mode
    • Linus Torvalds's avatar
      Merge tag 'usb-4.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · 61c3dae6
      Linus Torvalds authored
      Pull USB fixes from Greg KH:
       "Here are some small USB gadget, phy, and xhci fixes for 4.8-rc6.
        All of these resolve minor issues that have been reported, and all
        have been in linux-next with no reported issues"
      * tag 'usb-4.8-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        usb: chipidea: udc: fix NULL ptr dereference in isr_setup_status_phase
        xhci: fix null pointer dereference in stop command timeout function
        usb: dwc3: pci: fix build warning on !PM_SLEEP
        usb: gadget: prevent potenial null pointer dereference on skb->len
        usb: renesas_usbhs: fix clearing the {BRDY,BEMP}STS condition
        usb: phy: phy-generic: Check clk_prepare_enable() error
        usb: gadget: udc: renesas-usb3: clear VBOUT bit in DRD_CON
        Revert "usb: dwc3: gadget: always decrement by 1"
  4. 10 Sep, 2016 10 commits
    • Linus Torvalds's avatar
      Merge branch 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm · 98ac9a60
      Linus Torvalds authored
      Pull libnvdimm fixes from Dan Williams:
       "nvdimm fixes for v4.8, two of them are tagged for -stable:
         - Fix devm_memremap_pages() to use track_pfn_insert().  Otherwise,
           DAX pmd mappings end up with an uncached pgprot, and unusable
           performance for the device-dax interface.  The device-dax interface
           appeared in 4.7 so this is tagged for -stable.
         - Fix a couple VM_BUG_ON() checks in the show_smaps() path to
           understand DAX pmd entries.  This fix is tagged for -stable.
         - Fix a mis-merge of the nfit machine-check handler to flip the
           polarity of an if() to match the final version of the patch that
           Vishal sent for 4.8-rc1.  Without this the nfit machine check
           handler never detects / inserts new 'badblocks' entries which
           applications use to identify lost portions of files.
         - For test purposes, fix the nvdimm_clear_poison() path to operate on
           legacy / simulated nvdimm memory ranges.  Without this fix a test
           can set badblocks, but never clear them on these ranges.
         - Fix the range checking done by dax_dev_pmd_fault().  This is not
           tagged for -stable since this problem is mitigated by specifying
           aligned resources at device-dax setup time.
        These patches have appeared in a next release over the past week.  The
        recent rebase you can see in the timestamps was to drop an invalid fix
        as identified by the updated device-dax unit tests [1].  The -mm
        touches have an ack from Andrew"
      [1]: "[ndctl PATCH 0/3] device-dax test for recent kernel bugs"
      * 'libnvdimm-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm:
        libnvdimm: allow legacy (e820) pmem region to clear bad blocks
        nfit, mce: Fix SPA matching logic in MCE handler
        mm: fix cache mode of dax pmd mappings
        mm: fix show_smap() for zone_device-pmd ranges
        dax: fix mapping size check
    • Linus Torvalds's avatar
      Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · b8db3714
      Linus Torvalds authored
      Pull i2c fixes from Wolfram Sang:
       "Mostly driver bugfixes, but also a few cleanups which are nice to have
        out of the way"
      * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: rk3x: Restore clock settings at resume time
        i2c: Spelling s/acknowedge/acknowledge/
        i2c: designware: save the preset value of DW_IC_SDA_HOLD
        Documentation: i2c: slave-interface: add note for driver development
        i2c: mux: demux-pinctrl: run properly with multiple instances
        i2c: bcm-kona: fix inconsistent indenting
        i2c: rcar: use proper device with dma_mapping_error
        i2c: sh_mobile: use proper device with dma_mapping_error
        i2c: mux: demux-pinctrl: invalidate properly when switching fails
    • Linus Torvalds's avatar
      Merge tag 'for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · 6905732c
      Linus Torvalds authored
      Pull fscrypto fixes fromTed Ts'o:
       "Fix some brown-paper-bag bugs for fscrypto, including one one which
        allows a malicious user to set an encryption policy on an empty
        directory which they do not own"
      * tag 'for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        fscrypto: require write access to mount to set encryption policy
        fscrypto: only allow setting encryption policy on directories
        fscrypto: add authorization check for setting encryption policy
    • Eric Biggers's avatar
      fscrypto: require write access to mount to set encryption policy · ba63f23d
      Eric Biggers authored
      Since setting an encryption policy requires writing metadata to the
      filesystem, it should be guarded by mnt_want_write/mnt_drop_write.
      Otherwise, a user could cause a write to a frozen or readonly
      filesystem.  This was handled correctly by f2fs but not by ext4.  Make
      fscrypt_process_policy() handle it rather than relying on the filesystem
      to get it right.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: stable@vger.kernel.org # 4.1+; check fs/{ext4,f2fs}
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
      Acked-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
    • Eric Biggers's avatar
      fscrypto: only allow setting encryption policy on directories · 002ced4b
      Eric Biggers authored
      The FS_IOC_SET_ENCRYPTION_POLICY ioctl allowed setting an encryption
      policy on nondirectory files.  This was unintentional, and in the case
      of nonempty regular files did not behave as expected because existing
      data was not actually encrypted by the ioctl.
      In the case of ext4, the user could also trigger filesystem errors in
      ->empty_dir(), e.g. due to mismatched "directory" checksums when the
      kernel incorrectly tried to interpret a regular file as a directory.
      This bug affected ext4 with kernels v4.8-rc1 or later and f2fs with
      kernels v4.6 and later.  It appears that older kernels only permitted
      directories and that the check was accidentally lost during the
      refactoring to share the file encryption code between ext4 and f2fs.
      This patch restores the !S_ISDIR() check that was present in older
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    • Eric Biggers's avatar
      fscrypto: add authorization check for setting encryption policy · 163ae1c6
      Eric Biggers authored
      On an ext4 or f2fs filesystem with file encryption supported, a user
      could set an encryption policy on any empty directory(*) to which they
      had readonly access.  This is obviously problematic, since such a
      directory might be owned by another user and the new encryption policy
      would prevent that other user from creating files in their own directory
      (for example).
      Fix this by requiring inode_owner_or_capable() permission to set an
      encryption policy.  This means that either the caller must own the file,
      or the caller must have the capability CAP_FOWNER.
      (*) Or also on any regular file, for f2fs v4.6 and later and ext4
          v4.8-rc1 and later; a separate bug fix is coming for that.
      Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
      Cc: stable@vger.kernel.org # 4.1+; check fs/{ext4,f2fs}
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
    • Dave Jiang's avatar
      libnvdimm: allow legacy (e820) pmem region to clear bad blocks · 1e8b8d96
      Dave Jiang authored
      Bad blocks can be injected via /sys/block/pmemN/badblocks. In a situation
      where legacy pmem is being used or a pmem region created by using memmap
      kernel parameter, the injected bad blocks are not cleared due to
      nvdimm_clear_poison() failing from lack of ndctl function pointer. In
      this case we need to just return as handled and allow the bad blocks to
      be cleared rather than fail.
      Reviewed-by: default avatarVishal Verma <vishal.l.verma@intel.com>
      Signed-off-by: default avatarDave Jiang <dave.jiang@intel.com>
      Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>
    • Vishal Verma's avatar
      nfit, mce: Fix SPA matching logic in MCE handler · 2e21807d
      Vishal Verma authored
      The check for a 'pmem' type SPA in the MCE handler was inverted due to a
      merge/rebase error.
      Fixes: 6839a6d9
       nfit: do an ARS scrub on hitting a latent media error
      Cc: linux-acpi@vger.kernel.org
      Cc: Dan Williams <dan.j.williams@intel.com>
      Signed-off-by: default avatarVishal Verma <vishal.l.verma@intel.com>
      Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>
    • Dan Williams's avatar
      mm: fix cache mode of dax pmd mappings · 9049771f
      Dan Williams authored
      track_pfn_insert() in vmf_insert_pfn_pmd() is marking dax mappings as
      uncacheable rendering them impractical for application usage.  DAX-pte
      mappings are cached and the goal of establishing DAX-pmd mappings is to
      attain more performance, not dramatically less (3 orders of magnitude).
      track_pfn_insert() relies on a previous call to reserve_memtype() to
      establish the expected page_cache_mode for the range.  While memremap()
      arranges for reserve_memtype() to be called, devm_memremap_pages() does
      not.  So, teach track_pfn_insert() and untrack_pfn() how to handle
      tracking without a vma, and arrange for devm_memremap_pages() to
      establish the write-back-cache reservation in the memtype tree.
      Cc: <stable@vger.kernel.org>
      Cc: Matthew Wilcox <mawilcox@microsoft.com>
      Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
      Cc: Nilesh Choudhury <nilesh.choudhury@oracle.com>
      Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Reported-by: default avatarToshi Kani <toshi.kani@hpe.com>
      Reported-by: default avatarKai Zhang <kai.ka.zhang@oracle.com>
      Acked-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>
    • Dan Williams's avatar
      mm: fix show_smap() for zone_device-pmd ranges · ca120cf6
      Dan Williams authored
      Attempting to dump /proc/<pid>/smaps for a process with pmd dax mappings
      currently results in the following VM_BUG_ONs:
       kernel BUG at mm/huge_memory.c:1105!
       task: ffff88045f16b140 task.stack: ffff88045be14000
       RIP: 0010:[<ffffffff81268f9b>]  [<ffffffff81268f9b>] follow_trans_huge_pmd+0x2cb/0x340
       Call Trace:
        [<ffffffff81306030>] smaps_pte_range+0xa0/0x4b0
        [<ffffffff814c2755>] ? vsnprintf+0x255/0x4c0
        [<ffffffff8123c46e>] __walk_page_range+0x1fe/0x4d0
        [<ffffffff8123c8a2>] walk_page_vma+0x62/0x80
        [<ffffffff81307656>] show_smap+0xa6/0x2b0
       kernel BUG at fs/proc/task_mmu.c:585!
       RIP: 0010:[<ffffffff81306469>]  [<ffffffff81306469>] smaps_pte_range+0x499/0x4b0
       Call Trace:
        [<ffffffff814c2795>] ? vsnprintf+0x255/0x4c0
        [<ffffffff8123c46e>] __walk_page_range+0x1fe/0x4d0
        [<ffffffff8123c8a2>] walk_page_vma+0x62/0x80
        [<ffffffff81307696>] show_smap+0xa6/0x2b0
      These locations are sanity checking page flags that must be set for an
      anonymous transparent huge page, but are not set for the zone_device
      pages associated with dax mappings.
      Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
      Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
      Acked-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarDan Williams <dan.j.williams@intel.com>
  5. 09 Sep, 2016 19 commits
  6. 08 Sep, 2016 4 commits