The acquire ctx will typically be declared on the stack, which means we
could have garbage values for any uninitialized field. In this case, it
was triggering WARN_ON()s because 'contended' had garbage value.
Go ahead and use memset() to be more future-proof.
v2: now with extra brown paper bag
Reported-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Rob Clark <robdclark@gmail.com>
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Tested-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
mode validation, deep color and pageflipping fixes.
* 'drm-fixes-3.16' of git://people.freedesktop.org/~agd5f/linux:
drm/radeon: Fix radeon_irq_kms_pflip_irq_get/put() imbalance
Revert "drm/radeon: remove drm_vblank_get|put from pflip handling"
drm/radeon: improve dvi_mode_valid
drm/radeon: update mode_valid testing for DP
drm/radeon: Use dce5/6 hdmi deep color clock setup also on dce8+
With commit aed3f9d498 ("staging: comedi: addi_apci_1564:
absorb apci1564_reset()"), the apci 1564 driver has gained
a dependency on the addi watchdog module, which is not reflected
correctly in Kconfig, and that can lead to link errors
when the watchdog is disabled.
This adds an explicit 'select', like it is done in the other
addi apci drivers that need it.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Cc: H Hartley Sweeten <hsweeten@visionengravers.com>
Acked-by: Ian Abbott <abbotti@mev.co.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fixes a regression in 3.16-rc1 compared to 3.15.
The unbalanced calls would presumably result in the page flip interrupts
never getting disabled once they are enabled.
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
This reverts commit 75f36d8619.
drm_vblank_get() is necessary to ensure the DRM vblank counter value is
up to date in drm_send_vblank_event().
Seems to fix weston hangs waiting for page flips to complete.
Signed-off-by: Michel Dänzer <michel.daenzer@amd.com>
Reviewed-by: Christian König <christian.koenig@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Make sure we have an HDMI monitor before validating modes with
clocks >165 Mhz on single link connections.
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Need to use the adjusted clock on dce8 as well.
bug:
https://bugs.freedesktop.org/show_bug.cgi?id=80029
Signed-off-by: Mario Kleiner <mario.kleiner.de@gmail.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
The length name of the states 2 was too long to fit in the allocated
string (limited to 16 bytes). This lead to improper string displayed
through sysfs.
This patch shorten the name by removing the reference to Marvell and
to the CPU as both are implicit. For coherency the same change have
been done for the states 1.
Signed-off-by: Gregory CLEMENT <gregory.clement@free-electrons.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Commit bd0fa9bb45 introduced a failure path to cpufreq_update_policy() if
cpufreq_driver->get(cpu) returns NULL. However, it jumps to the 'no_policy'
label, which exits without unlocking any of the locks the function acquired
earlier. This causes later calls into cpufreq to hang.
Fix this by creating a new 'unlock' label and jumping to that instead.
Fixes: bd0fa9bb45 ("cpufreq: Return error if ->get() failed in cpufreq_update_policy()")
Link: https://devtalk.nvidia.com/default/topic/751903/kernel-3-15-and-nv-drivers-337-340-failed-to-initialize-the-nvidia-kernel-module-gtx-550-ti-/
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
Cc: 3.15+ <stable@vger.kernel.org> # 3.15+
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
The kernel headers package (linux-headers) doesn't include several
header files required to build out-of-tree modules.
It makes the package unusable on e.g. ARM architecture:
/usr/src/linux-headers-3.14.0/arch/arm/include/asm/memory.h:24:25:
fatal error: mach/memory.h: No such file or directory
#include <mach/memory.h>
^
compilation terminated.
Signed-off-by: Fathi Boudra <fathi.boudra@linaro.org>
Reviewed-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Michal Marek <mmarek@suse.cz>
A mixed bag of fixes, many of which feel just to late for 3.15.
* hid sensors - some devices need a feature report request in order to
change power state. This isn't part of the spec, but has been observed
on several devices and does no harm to others.
* mpl3115 has had two errors in the buffer description fixed. The presure is
signed, not unsigned and the temperature has 12 bits rather than 16.
These could lead to incorrect interpretation of the data in userspace.
* tsl2x7x - the high byte of the proximity thresholds should be written along
with the low byte (which was). This could lead to interesting results
with large thresholds.
* twl4030 - a flag to specify processed values were required was not set
when initializing a reading. As such values returned were in an unknown
state. Fixed by simply initializing it appropriately.
* IIO_SIMPLE_DUMMY_BUFFER did not select IIO_BUFFER leading to randconfig
build errors.
* ak8975 was applying an unwanted le16_to_cpu conversion as the i2c framework
already performs one. As such for big endian systems, the bytes would be
in the wrong order in the magnetic field measurements reported.
* mxs-lradc - the controllable voltage dividers were not enabled / disabled for
later channels than the first one during conversion.
* at91_adc error handling returned -ENOMEM in a u8. Return value of
at91_adc_get_trigger_value_by_name changed to int thus allowing -ENOMEM and
also original values to be returned.
* mcb - mcb_request_mem returns and ERR_PTR but the caller was checking for
NULL to detect an error.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJTnLYyAAoJEFSFNJnE9BaI6r4QAK22hjl1J3xoWwOPUJhfJ5Hh
VTjwO1OxwQ1XtUN5WneeJM73eu6moXD/avG2NbX4orAkNjSXKL6+/3WAds/rYMj2
0vPiJsKsGBBlhu2w2RU80xVOPT2/XXIH3bYWDiUlr/i6DLEh8mU3kKX/yZzF+cIn
hheYnOHZzLqGH8JircScEJv+B06svZtlfoDeLYaKY03HupTvEH95mvCSZk71PxZb
A+7Qb3nDlZrpLBFKj4L5x15MIoEgopID2pX0kHLNY2DE1sopr2Z+FgSa3u/wtSEx
k/ViyHPRk1mjTrQ92RMmTF5lMts6JFCmMgpPCNmcSyRKt6Fe6KcCMiWIlSs9I69i
6KAIes5XpP7Qti5Yd4gi70uiq7fL1hR18Yhzv6IdmNdS8iJhk53YiWDYiYBgXwWS
rcOva4NsaoeLYUdNJZRtap3RLsQRKAxg7HNhL+G88rr3wCsA0P7rb6BMdFK+3MiS
BDcYe8mHIzX9tJZa4EU8kOdr+aphQeDt1nH4aZDWT3J7fo6RWrWcPMWFAcx+1jp3
VVDL6Jn8WIuxYIDFznSQ6T6tvsvuqPgCqOA0ygfzvruo3m/oWvTT/+i2YFotGH3Y
7Mlw7TACAmcuZStBLg6R0R1fD39zpfp4/+GNRxFaaB8otMPyrbizb0HBcaksQCp0
0MTbFSjuAlXZ3NhVIm2O
=RuB2
-----END PGP SIGNATURE-----
Merge tag 'iio-fixes-for-3.16a' of git://git.kernel.org/pub/scm/linux/kernel/git/jic23/iio into staging-linus
Jonathan writes:
First set of IIO fixes for the 3.16 cycle.
A mixed bag of fixes, many of which feel just to late for 3.15.
* hid sensors - some devices need a feature report request in order to
change power state. This isn't part of the spec, but has been observed
on several devices and does no harm to others.
* mpl3115 has had two errors in the buffer description fixed. The presure is
signed, not unsigned and the temperature has 12 bits rather than 16.
These could lead to incorrect interpretation of the data in userspace.
* tsl2x7x - the high byte of the proximity thresholds should be written along
with the low byte (which was). This could lead to interesting results
with large thresholds.
* twl4030 - a flag to specify processed values were required was not set
when initializing a reading. As such values returned were in an unknown
state. Fixed by simply initializing it appropriately.
* IIO_SIMPLE_DUMMY_BUFFER did not select IIO_BUFFER leading to randconfig
build errors.
* ak8975 was applying an unwanted le16_to_cpu conversion as the i2c framework
already performs one. As such for big endian systems, the bytes would be
in the wrong order in the magnetic field measurements reported.
* mxs-lradc - the controllable voltage dividers were not enabled / disabled for
later channels than the first one during conversion.
* at91_adc error handling returned -ENOMEM in a u8. Return value of
at91_adc_get_trigger_value_by_name changed to int thus allowing -ENOMEM and
also original values to be returned.
* mcb - mcb_request_mem returns and ERR_PTR but the caller was checking for
NULL to detect an error.
After commits 890676c6 (kbuild: Use relative path when building in the source
tree) and 9da0763b (kbuild: Use relative path when building in a subdir
of the source tree), the $(srctree) variable can be a relative path.
This breaks Documentation/DocBook/media/Makefile, because it tries to
create symlinks from a subdirectory of the object tree to the source
tree. Fix this by using a full path in this case.
Reported-by: Randy Dunlap <rdunlap@infradead.org>
Acked-by: Randy Dunlap <rdunlap@infradead.org>
Tested-by: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Transition to using the new generic PERF_PMU_CAP_NO_INTERRUPT method for
failing a sampling event when no PMU interrupt is available.
Signed-off-by: Vince Weaver <vincent.weaver@maine.edu>
Acked-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: linux-metag@vger.kernel.org
Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1406150202050.16738@vincent-weaver-1.umelst.maine.edu
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Transition to using the new generic PERF_PMU_CAP_NO_INTERRUPT method for
failing a sampling event when no PMU interrupt is available.
Signed-off-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Steven Miao <realmz6@gmail.com>
Cc: adi-buildroot-devel@lists.sourceforge.net
Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1406150200360.16738@vincent-weaver-1.umelst.maine.edu
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Transition to using the new generic PERF_PMU_CAP_NO_INTERRUPT method for
failing a sampling event when no PMU interrupt is available.
Signed-off-by: Vince Weaver <vincent.weaver@maine.edu>
Acked-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
Cc: Grant Likely <grant.likely@linaro.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Rob Herring <robh+dt@kernel.org>
Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1406150159280.16738@vincent-weaver-1.umelst.maine.edu
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Commit 7e1c0477 (kbuild: Use relative path for $(objtree)) assumes that
the build process does not change its working directory. make tar-pkg
was a couterexample, fix this by changing directory only for the tar
command and not for the whole script, which at one point references the
now relative $(objtree).
Reported-and-tested-by: "J. Bruce Fields" <bfields@fieldses.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
This should be a plain old '&' and could easily lead to undefined
behaviour if the target of a pmd_mknotpresent invocation was the same
as the parameter.
Fixes: 9c7e535fcc (arm64: mm: Route pmd thp functions through pte equivalents)
Signed-off-by: Will Deacon <will.deacon@arm.com>
Cc: <stable@vger.kernel.org> # v3.15
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Quite a few build coverage fixes in here among the usual small driver
fixes includling the sigmadsp change from Lars - moving the driver to
separate modules per bus (which is basically just code motion) avoids
issues with some combinations of buses being enabled.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJToCEOAAoJELSic+t+oim9hS8P/jtMAdaR3JO5R1qtg8qj1tO8
ati7DEhkKHn+9rSv4rBtfjqFk0Tdy4r9ulQAS88D9k3WGWpZgUf8wdfMWdL94s5I
WRJbvtcss7VGarfOAEreaqd3/PJ0buVLeUm+JNap794WW74BqPlfw6+JveWCAL1V
UfRlkQ+PwbU4f7ieXKrtpinOpffFY6hB6N19l+nPqyy0aCn5S/rv4SXUkcJ77slG
jOjM1yxg2/RR25LDRqm6uyi2032KwhQZEyP3OccxcRWIROzltqNa+biPJwjdpUlo
aVHQ2vICFovOC1WsWSEwjntkLvgYOJGP/50ecC2SqgL6QmvR03isUqSKzkIxigog
2+fMEeXEn7gtjQNpZFDk2Ku9DDbDR22SaRlrjaMOa/YMCc8ylSY1IXuL51IkEfip
tSWGOGvg7veYhVQtnxu7wSxtnK/Gb53ugRxFYba1f44bxOKl5KByPfSY22e65e2X
hVFqVDbikEszcU7AJxMVKvGb1bPF+RGTmlfL20IXnxs/OtGVx0FURZGKLAMagVXr
3Um0W4HzAipmCBW5NmbQu+gAWoOa17c9rILOc4IaIW5zCvv+V8AURaiwT5sHtUhU
JAeNIPIVadO7Lps+bgGT/Auisa8loFiYXFGOJecgcXPiMnZ+2jp7Gb3EgG5Gl8YQ
boxQMUoCp3d+I2+uAqpm
=oF1h
-----END PGP SIGNATURE-----
Merge tag 'asoc-v3.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v3.16
Quite a few build coverage fixes in here among the usual small driver
fixes includling the sigmadsp change from Lars - moving the driver to
separate modules per bus (which is basically just code motion) avoids
issues with some combinations of buses being enabled.
When $srctree or $objtree are relative paths, we cannot change directory
and refer to them in the same subshell. Do the redirection outside of
the subshell to fix this.
Reported-and-tested-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
The ALSA control code expects that the range of assigned indices to a control is
continuous and does not overflow. Currently there are no checks to enforce this.
If a control with a overflowing index range is created that control becomes
effectively inaccessible and unremovable since snd_ctl_find_id() will not be
able to find it. This patch adds a check that makes sure that controls with a
overflowing index range can not be created.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Each control gets automatically assigned its numids when the control is created.
The allocation is done by incrementing the numid by the amount of allocated
numids per allocation. This means that excessive creation and destruction of
controls (e.g. via SNDRV_CTL_IOCTL_ELEM_ADD/REMOVE) can cause the id to
eventually overflow. Currently when this happens for the control that caused the
overflow kctl->id.numid + kctl->count will also over flow causing it to be
smaller than kctl->id.numid. Most of the code assumes that this is something
that can not happen, so we need to make sure that it won't happen
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
A control that is visible on the card->controls list can be freed at any time.
This means we must not access any of its memory while not holding the
controls_rw_lock. Otherwise we risk a use after free access.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
There are two issues with the current implementation for replacing user
controls. The first is that the code does not check if the control is actually a
user control and neither does it check if the control is owned by the process
that tries to remove it. That allows userspace applications to remove arbitrary
controls, which can cause a user after free if a for example a driver does not
expect a control to be removed from under its feed.
The second issue is that on one hand when a control is replaced the
user_ctl_count limit is not checked and on the other hand the user_ctl_count is
increased (even though the number of user controls does not change). This allows
userspace, once the user_ctl_count limit as been reached, to repeatedly replace
a control until user_ctl_count overflows. Once that happens new controls can be
added effectively bypassing the user_ctl_count limit.
Both issues can be fixed by instead of open-coding the removal of the control
that is to be replaced to use snd_ctl_remove_user_ctl(). This function does
proper permission checks as well as decrements user_ctl_count after the control
has been removed.
Note that by using snd_ctl_remove_user_ctl() the check which returns -EBUSY at
beginning of the function if the control already exists is removed. This is not
a problem though since the check is quite useless, because the lock that is
protecting the control list is released between the check and before adding the
new control to the list, which means that it is possible that a different
control with the same settings is added to the list after the check. Luckily
there is another check that is done while holding the lock in snd_ctl_add(), so
we'll rely on that to make sure that the same control is not added twice.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
The user-control put and get handlers as well as the tlv do not protect against
concurrent access from multiple threads. Since the state of the control is not
updated atomically it is possible that either two write operations or a write
and a read operation race against each other. Both can lead to arbitrary memory
disclosure. This patch introduces a new lock that protects user-controls from
concurrent access. Since applications typically access controls sequentially
than in parallel a single lock per card should be fine.
Signed-off-by: Lars-Peter Clausen <lars@metafoo.de>
Acked-by: Jaroslav Kysela <perex@perex.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
I'm seeing this build failure for arm64:
CC [M] Documentation/filesystems/configfs/configfs_example_macros.o
In file included from /usr/include/bits/sigcontext.h:27:0,
from /usr/include/signal.h:340,
from /usr/include/sys/wait.h:30,
from Documentation/accounting/getdelays.c:24:
.../linux/usr/include/asm/sigcontext.h:61:2: error: unknown type name ‘u64’
u64 esr;
^
make[2]: *** [Documentation/accounting/getdelays] Error 1
This was introduced by commit 15af1942dd:
arm64: Expose ESR_EL1 information to user when SIGSEGV/SIGBUS
Using __u64 instead of u64 fixes the problem.
Signed-off-by: Mark Salter <msalter@redhat.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
APM X-Gene Storm SoC supports 4 serial ports. This patch adds device nodes
for serial ports 1 to 3 (a device node for serial port 0 is already present
in the dts file).
This patch also sets the compatible property of serial nodes to "ns16550a".
Signed-off-by: Vinayak Kale <vkale@apm.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Arm64 does not define dma_get_required_mask() function.
Therefore, it should not define the ARCH_HAS_DMA_GET_REQUIRED_MASK.
This causes build errors in some device drivers (e.g. mpt2sas)
Signed-off-by: Suravee Suthikulpanit <Suravee.Suthikulpanit@amd.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: <stable@vger.kernel.org>
Currently core file of aarch32 process prstatus note has empty
registers set. As result aarch32 core files create by V8 kernel are
not very useful.
It happens because compat_gpr_get and compat_gpr_set functions can
copy registers values to/from either kbuf or ubuf. ELF core file
collection function fill_thread_core_info calls compat_gpr_get
with kbuf set and ubuf set to 0. But current compat_gpr_get and
compat_gpr_set function handle copy to/from only ubuf case.
Fix is to handle kbuf and ubuf as two separate cases in similar
way as other functions like user_regset_copyout, user_regset_copyin do.
Signed-off-by: Victor Kamensky <victor.kamensky@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Whilst native arm64 applications don't have the 16-bit UID/GID syscalls
wired up, compat tasks can still access them. The 16-bit wrappers for
these syscalls use __kernel_old_uid_t and __kernel_old_gid_t, which must
be 16-bit data types to maintain compatibility with the 16-bit UIDs used
by compat applications.
This patch defines 16-bit __kernel_old_{gid,uid}_t types for arm64
instead of using the 32-bit types provided by asm-generic.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Cc: <stable@vger.kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Our compat PTRACE_POKEUSR implementation simply passes the user data to
regset_copy_from_user after some simple range checking. Unfortunately,
the data in question has already been copied to the kernel stack by this
point, so the subsequent access_ok check fails and the ptrace request
returns -EFAULT. This causes problems tracing fork() with older versions
of strace.
This patch briefly changes the fs to KERNEL_DS, so that the access_ok
check passes even with a kernel address.
Signed-off-by: Will Deacon <will.deacon@arm.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
When the CMA buffer is allocated, it is too early to know whether
devices will require ZONE_DMA memory. This patch limits the CMA buffer
to (DMA_BIT_MASK(32) + 1) if CONFIG_ZONE_DMA is enabled.
In addition, it computes the dma_to_phys(DMA_BIT_MASK(32)) before the
increment (no current functional change).
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
The clean up of CALLER_ADDR*() functions required the archs to either
use the default __builtin_return_address(X) (where X > 0) or override
it with something the arch can use. To override it, the arch would
define ftrace_return_address(x).
The arm architecture requires this to be redefined but instead of
defining ftrace_return_address(x) it defined ftrace_return_addr(x).
Fixes: eed542d696 (ftrace: Make CALLER_ADDRx macros more generic)
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
This patches modifies the GHASH secure hash implementation to switch to a
faster, polynomial multiplication based reduction instead of one that uses
shifts and rotates.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
This fixes a bug in the GHASH algorithm resulting in the calculated hash to be
incorrect if the input is presented in chunks whose size is not a multiple of
16 bytes.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Fixes: fdd2389457 ("arm64/crypto: GHASH secure hash using ARMv8 Crypto Extensions")
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
The Operating Performance Point (OPP) Layer library is a generic
library used by CPUFREQ and DEVFREQ. It can be enabled only on the
platforms that specify ARCH_HAS_OPP option.
This patch selects that option in order to allow ARM64 based platforms
to use OPP library.
Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
The value of ESR has been stored into x1, and should be directly pass to
do_sp_pc_abort function, "MOV x1, x25" is an extra operation and do_sp_pc_abort
will get the wrong value of ESR.
Signed-off-by: ChiaHao <andy.jhshiu@gmail.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Cc: <stable@vger.kernel.org>
Commit aa8532c322 (xen: refactor suspend
pre/post hooks) broke resuming PVHVM (auto-translated physmap) guests.
The gnttab_suspend() would clear the mapping for the grant table
frames, but the ->unmap_frames() call is only applicable to PV guests.
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reported-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Remove xen_enable_nmi() to fix a 64-bit guest crash when registering
the NMI callback on Xen 3.1 and earlier.
It's not needed since the NMI callback is set by a set_trap_table
hypercall (in xen_load_idt() or xen_write_idt_entry()).
It's also broken since it only set the current VCPU's callback.
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reported-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Tested-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Add Serge E. Hallyn <serge@hallyn.com> as a co-maintainer of the
security subsystem, to avoid having a single point of failure
in the development process.
Signed-off-by: James Morris <james.l.morris@oracle.com>
couple more DP regression fixes.
* 'drm-nouveau-next' of git://anongit.freedesktop.org/git/nouveau/linux-2.6:
drm/nouveau/disp: fix oops in destructor with headless cards
drm/gf117/i2c: no aux channels on this chipset
If init doesn't run then disp->outp might not be initialized, resulting
in an oops.
Signed-off-by: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
This update fixes few issues in bt_get() function:
- list_empty(&wait.task_list) check is not protected;
- was_empty check is always true which results in *every* thread
entering the loop resets bt_wait_state::wait_cnt counter rather
than every bt->wake_cnt'th thread;
- 'bt_wait_state::wait_cnt' counter update is redundant, since
it also gets reset in bt_clear_tag() function;
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Ming Lei <tom.leiming@gmail.com>
Cc: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Alexander Gordeev <agordeev@redhat.com>
Signed-off-by: Jens Axboe <axboe@fb.com>
This piece of code in bt_clear_tag() function is racy:
bs = bt_wake_ptr(bt);
if (bs && atomic_dec_and_test(&bs->wait_cnt)) {
atomic_set(&bs->wait_cnt, bt->wake_cnt);
wake_up(&bs->wait);
}
Since nothing prevents bt_wake_ptr() from returning the very
same 'bs' address on multiple CPUs, the following scenario is
possible:
CPU1 CPU2
---- ----
0. bs = bt_wake_ptr(bt); bs = bt_wake_ptr(bt);
1. atomic_dec_and_test(&bs->wait_cnt)
2. atomic_dec_and_test(&bs->wait_cnt)
3. atomic_set(&bs->wait_cnt, bt->wake_cnt);
If the decrement in [1] yields zero then for some amount of time
the decrement in [2] results in a negative/overflow value, which
is not expected. The follow-up assignment in [3] overwrites the
invalid value with the batch value (and likely prevents the issue
from being severe) which is still incorrect and should be a lesser.
Cc: Ming Lei <tom.leiming@gmail.com>
Cc: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Alexander Gordeev <agordeev@redhat.com>
Signed-off-by: Jens Axboe <axboe@fb.com>