1. 28 Mar, 2018 1 commit
  2. 23 Mar, 2018 3 commits
    • Sean Christopherson's avatar
      KVM: nVMX: sync vmcs02 segment regs prior to vmx_set_cr0 · 9d1887ef
      Sean Christopherson authored
      Segment registers must be synchronized prior to any code that may
      trigger a call to emulation_required()/guest_state_valid(), e.g.
      vmx_set_cr0().  Because preparing vmcs02 writes segmentation fields
      directly, i.e. doesn't use vmx_set_segment(), emulation_required
      will not be re-evaluated when synchronizing the segment registers,
      which can result in L0 incorrectly starting emulation of L2.
      
      Fixes: 8665c3f9 ("KVM: nVMX: initialize descriptor cache fields in prepare_vmcs02_full")
      Signed-off-by: default avatarSean Christopherson <sean.j.christopherson@intel.com>
      [Move all of prepare_vmcs02_full earlier, not just segment registers. - Paolo]
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      9d1887ef
    • Paolo Bonzini's avatar
      Merge tag 'kvm-ppc-fixes-4.16-3' of... · e13c2ac5
      Paolo Bonzini authored
      Merge tag 'kvm-ppc-fixes-4.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/paulus/powerpc into kvm-master
      
      PPC KVM fix -
      
      Fix a bug causing occasional machine check exceptions on POWER8 hosts,
      introduced in 4.16-rc1.
      e13c2ac5
    • Paul Mackerras's avatar
      KVM: PPC: Book3S HV: Fix duplication of host SLB entries · cda4a147
      Paul Mackerras authored
      Since commit 6964e6a4 ("KVM: PPC: Book3S HV: Do SLB load/unload
      with guest LPCR value loaded", 2018-01-11), we have been seeing
      occasional machine check interrupts on POWER8 systems when running
      KVM guests, due to SLB multihit errors.
      
      This turns out to be due to the guest exit code reloading the host
      SLB entries from the SLB shadow buffer when the SLB was not previously
      cleared in the guest entry path.  This can happen because the path
      which skips from the guest entry code to the guest exit code without
      entering the guest now does the skip before the SLB is cleared and
      loaded with guest values, but the host values are loaded after the
      point in the guest exit path that we skip to.
      
      To fix this, we move the code that reloads the host SLB values up
      so that it occurs just before the point in the guest exit code (the
      label guest_bypass:) where we skip to from the guest entry path.
      Reported-by: default avatarAlexey Kardashevskiy <aik@ozlabs.ru>
      Fixes: 6964e6a4 ("KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded")
      Tested-by: default avatarAlexey Kardashevskiy <aik@ozlabs.ru>
      Signed-off-by: default avatarPaul Mackerras <paulus@ozlabs.org>
      cda4a147
  3. 16 Mar, 2018 1 commit
  4. 15 Mar, 2018 5 commits
  5. 14 Mar, 2018 21 commits
    • Joern Engel's avatar
      btree: avoid variable-length allocations · 8df3aaaf
      Joern Engel authored
      geo->keylen cannot be larger than 4.  So we might as well make
      fixed-size allocations.
      
      Given the one remaining user, geo->keylen cannot even be larger than 1.
      Logfs used to have 64bit and 128bit keys, tcm_qla2xxx only has 32bit
      keys.  But let's not break the code if we don't have to.
      Signed-off-by: default avatarJoern Engel <joern@purestorage.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      8df3aaaf
    • Linus Torvalds's avatar
      Merge branch 'percpu_ref-rcu-audit-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/misc · fed8f509
      Linus Torvalds authored
      Pull percpu_ref rcu fixes from Tejun Heo:
       "Jann Horn found that aio was depending on the internal RCU grace
        periods of percpu-ref and that it's broken because aio uses regular
        RCU while percpu_ref uses sched-RCU.
      
        Depending on percpu_ref's internal grace periods isn't a good idea
        because
      
         - The RCU type might not match.
      
         - percpu_ref's grace periods are used to switch to atomic mode. They
           aren't between the last put and the invocation of the last release.
           This is easy to get confused about and can lead to subtle bugs.
      
         - percpu_ref might not have grace periods at all depending on its
           current operation mode.
      
        This patchset audits and fixes percpu_ref users for their RCU usages"
      
      [ There's a continuation of this series that clarifies percpu_ref
        documentation that the internal grace periods must not be depended
        upon, and introduces rcu_work to simplify bouncing to a workqueue
        after an RCU grace period.
      
        That will go in for 4.17 - this is just the minimal set with the fixes
        that are tagged for -stable ]
      
      * 'percpu_ref-rcu-audit-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/misc:
        RDMAVT: Fix synchronization around percpu_ref
        fs/aio: Use RCU accessors for kioctx_table->table[]
        fs/aio: Add explicit RCU grace period when freeing kioctx
      fed8f509
    • Ard Biesheuvel's avatar
      Revert "mm/page_alloc: fix memmap_init_zone pageblock alignment" · 3e04040d
      Ard Biesheuvel authored
      This reverts commit 864b75f9.
      
      Commit 864b75f9 ("mm/page_alloc: fix memmap_init_zone pageblock
      alignment") modified the logic in memmap_init_zone() to initialize
      struct pages associated with invalid PFNs, to appease a VM_BUG_ON()
      in move_freepages(), which is redundant by its own admission, and
      dereferences struct page fields to obtain the zone without checking
      whether the struct pages in question are valid to begin with.
      
      Commit 864b75f9 only makes it worse, since the rounding it does
      may cause pfn assume the same value it had in a prior iteration of
      the loop, resulting in an infinite loop and a hang very early in the
      boot. Also, since it doesn't perform the same rounding on start_pfn
      itself but only on intermediate values following an invalid PFN, we
      may still hit the same VM_BUG_ON() as before.
      
      So instead, let's fix this at the core, and ensure that the BUG
      check doesn't dereference struct page fields of invalid pages.
      
      Fixes: 864b75f9 ("mm/page_alloc: fix memmap_init_zone pageblock alignment")
      Tested-by: default avatarJan Glauber <jglauber@cavium.com>
      Tested-by: default avatarShanker Donthineni <shankerd@codeaurora.org>
      Cc: Daniel Vacek <neelx@redhat.com>
      Cc: Mel Gorman <mgorman@techsingularity.net>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: Paul Burton <paul.burton@imgtec.com>
      Cc: Pavel Tatashin <pasha.tatashin@oracle.com>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      3e04040d
    • Linus Torvalds's avatar
      Merge tag 'platform-drivers-x86-v4.16-7' of git://git.infradead.org/linux-platform-drivers-x86 · 274a1ff0
      Linus Torvalds authored
      Pull x86 platform drives fixes from Darren Hart:
      
       - DELL_SMBIOS conditionally depends on ACPI_WMI in the same way it
         depends on DCDBAS, update the Kconfig accordingly.
      
       - fix the dell driver init order to ensure that the driver dependencies
         are met, avoiding race conditions resulting in boot failure on
         certain systems when the drivers are built-in.
      
      * tag 'platform-drivers-x86-v4.16-7' of git://git.infradead.org/linux-platform-drivers-x86:
        platform/x86: Fix dell driver init order
        platform/x86: dell-smbios: Resolve dependency error on ACPI_WMI
      274a1ff0
    • Steffen Maier's avatar
      dm mpath: fix passing integrity data · 8c5c1473
      Steffen Maier authored
      After v4.12 commit e2460f2a ("dm: mark targets that pass integrity
      data"), dm-multipath, e.g. on DIF+DIX SCSI disk paths, does not support
      block integrity any more. So add it to the whitelist.
      
      This is also a pre-requisite to use block integrity with other dm layer(s)
      on top of multipath, such as kpartx partitions (dm-linear) or LVM.
      
      Also, bump target version to reflect this fix.
      
      Fixes: e2460f2a ("dm: mark targets that pass integrity data")
      Cc: <stable@vger.kernel.org> #4.12+
      Bisected-by: default avatarFedor Loshakov <loshakov@linux.vnet.ibm.com>
      Signed-off-by: default avatarSteffen Maier <maier@linux.vnet.ibm.com>
      Reviewed-by: default avatarHannes Reinecke <hare@suse.com>
      Reviewed-by: default avatarMartin K. Petersen <martin.petersen@oracle.com>
      Signed-off-by: default avatarMike Snitzer <snitzer@redhat.com>
      8c5c1473
    • Tejun Heo's avatar
      RDMAVT: Fix synchronization around percpu_ref · 74b44bbe
      Tejun Heo authored
      rvt_mregion uses percpu_ref for reference counting and RCU to protect
      accesses from lkey_table.  When a rvt_mregion needs to be freed, it
      first gets unregistered from lkey_table and then rvt_check_refs() is
      called to wait for in-flight usages before the rvt_mregion is freed.
      
      rvt_check_refs() seems to have a couple issues.
      
      * It has a fast exit path which tests percpu_ref_is_zero().  However,
        a percpu_ref reading zero doesn't mean that the object can be
        released.  In fact, the ->release() callback might not even have
        started executing yet.  Proceeding with freeing can lead to
        use-after-free.
      
      * lkey_table is RCU protected but there is no RCU grace period in the
        free path.  percpu_ref uses RCU internally but it's sched-RCU whose
        grace periods are different from regular RCU.  Also, it generally
        isn't a good idea to depend on internal behaviors like this.
      
      To address the above issues, this patch removes the fast exit and adds
      an explicit synchronize_rcu().
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Acked-by: default avatarDennis Dalessandro <dennis.dalessandro@intel.com>
      Cc: Mike Marciniszyn <mike.marciniszyn@intel.com>
      Cc: linux-rdma@vger.kernel.org
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      74b44bbe
    • Tejun Heo's avatar
      fs/aio: Use RCU accessors for kioctx_table->table[] · d0264c01
      Tejun Heo authored
      While converting ioctx index from a list to a table, db446a08
      ("aio: convert the ioctx list to table lookup v3") missed tagging
      kioctx_table->table[] as an array of RCU pointers and using the
      appropriate RCU accessors.  This introduces a small window in the
      lookup path where init and access may race.
      
      Mark kioctx_table->table[] with __rcu and use the approriate RCU
      accessors when using the field.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Reported-by: default avatarJann Horn <jannh@google.com>
      Fixes: db446a08 ("aio: convert the ioctx list to table lookup v3")
      Cc: Benjamin LaHaise <bcrl@kvack.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: stable@vger.kernel.org # v3.12+
      d0264c01
    • Tejun Heo's avatar
      fs/aio: Add explicit RCU grace period when freeing kioctx · a6d7cff4
      Tejun Heo authored
      While fixing refcounting, e34ecee2 ("aio: Fix a trinity splat")
      incorrectly removed explicit RCU grace period before freeing kioctx.
      The intention seems to be depending on the internal RCU grace periods
      of percpu_ref; however, percpu_ref uses a different flavor of RCU,
      sched-RCU.  This can lead to kioctx being freed while RCU read
      protected dereferences are still in progress.
      
      Fix it by updating free_ioctx() to go through call_rcu() explicitly.
      
      v2: Comment added to explain double bouncing.
      Signed-off-by: default avatarTejun Heo <tj@kernel.org>
      Reported-by: default avatarJann Horn <jannh@google.com>
      Fixes: e34ecee2 ("aio: Fix a trinity splat")
      Cc: Kent Overstreet <kent.overstreet@gmail.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: stable@vger.kernel.org # v3.13+
      a6d7cff4
    • Marc Zyngier's avatar
      kvm: arm/arm64: vgic-v3: Tighten synchronization for guests using v2 on v3 · 27e91ad1
      Marc Zyngier authored
      On guest exit, and when using GICv2 on GICv3, we use a dsb(st) to
      force synchronization between the memory-mapped guest view and
      the system-register view that the hypervisor uses.
      
      This is incorrect, as the spec calls out the need for "a DSB whose
      required access type is both loads and stores with any Shareability
      attribute", while we're only synchronizing stores.
      
      We also lack an isb after the dsb to ensure that the latter has
      actually been executed before we start reading stuff from the sysregs.
      
      The fix is pretty easy: turn dsb(st) into dsb(sy), and slap an isb()
      just after.
      
      Cc: stable@vger.kernel.org
      Fixes: f68d2b1b ("arm64: KVM: Implement vgic-v3 save/restore")
      Acked-by: default avatarChristoffer Dall <cdall@kernel.org>
      Reviewed-by: default avatarAndre Przywara <andre.przywara@arm.com>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      27e91ad1
    • Marc Zyngier's avatar
      KVM: arm/arm64: vgic: Don't populate multiple LRs with the same vintid · 16ca6a60
      Marc Zyngier authored
      The vgic code is trying to be clever when injecting GICv2 SGIs,
      and will happily populate LRs with the same interrupt number if
      they come from multiple vcpus (after all, they are distinct
      interrupt sources).
      
      Unfortunately, this is against the letter of the architecture,
      and the GICv2 architecture spec says "Each valid interrupt stored
      in the List registers must have a unique VirtualID for that
      virtual CPU interface.". GICv3 has similar (although slightly
      ambiguous) restrictions.
      
      This results in guests locking up when using GICv2-on-GICv3, for
      example. The obvious fix is to stop trying so hard, and inject
      a single vcpu per SGI per guest entry. After all, pending SGIs
      with multiple source vcpus are pretty rare, and are mostly seen
      in scenario where the physical CPUs are severely overcomitted.
      
      But as we now only inject a single instance of a multi-source SGI per
      vcpu entry, we may delay those interrupts for longer than strictly
      necessary, and run the risk of injecting lower priority interrupts
      in the meantime.
      
      In order to address this, we adopt a three stage strategy:
      - If we encounter a multi-source SGI in the AP list while computing
        its depth, we force the list to be sorted
      - When populating the LRs, we prevent the injection of any interrupt
        of lower priority than that of the first multi-source SGI we've
        injected.
      - Finally, the injection of a multi-source SGI triggers the request
        of a maintenance interrupt when there will be no pending interrupt
        in the LRs (HCR_NPIE).
      
      At the point where the last pending interrupt in the LRs switches
      from Pending to Active, the maintenance interrupt will be delivered,
      allowing us to add the remaining SGIs using the same process.
      
      Cc: stable@vger.kernel.org
      Fixes: 0919e84c ("KVM: arm/arm64: vgic-new: Add IRQ sync/flush framework")
      Acked-by: default avatarChristoffer Dall <cdall@kernel.org>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      16ca6a60
    • Ard Biesheuvel's avatar
      KVM: arm/arm64: Reduce verbosity of KVM init log · 76600428
      Ard Biesheuvel authored
      On my GICv3 system, the following is printed to the kernel log at boot:
      
         kvm [1]: 8-bit VMID
         kvm [1]: IDMAP page: d20e35000
         kvm [1]: HYP VA range: 800000000000:ffffffffffff
         kvm [1]: vgic-v2@2c020000
         kvm [1]: GIC system register CPU interface enabled
         kvm [1]: vgic interrupt IRQ1
         kvm [1]: virtual timer IRQ4
         kvm [1]: Hyp mode initialized successfully
      
      The KVM IDMAP is a mapping of a statically allocated kernel structure,
      and so printing its physical address leaks the physical placement of
      the kernel when physical KASLR in effect. So change the kvm_info() to
      kvm_debug() to remove it from the log output.
      
      While at it, trim the output a bit more: IRQ numbers can be found in
      /proc/interrupts, and the HYP VA and vgic-v2 lines are not highly
      informational either.
      
      Cc: <stable@vger.kernel.org>
      Acked-by: default avatarWill Deacon <will.deacon@arm.com>
      Acked-by: default avatarChristoffer Dall <cdall@kernel.org>
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      76600428
    • Christoffer Dall's avatar
      KVM: arm/arm64: Reset mapped IRQs on VM reset · 413aa807
      Christoffer Dall authored
      We currently don't allow resetting mapped IRQs from userspace, because
      their state is controlled by the hardware.  But we do need to reset the
      state when the VM is reset, so we provide a function for the 'owner' of
      the mapped interrupt to reset the interrupt state.
      
      Currently only the timer uses mapped interrupts, so we call this
      function from the timer reset logic.
      
      Cc: stable@vger.kernel.org
      Fixes: 4c60e360 ("KVM: arm/arm64: Provide a get_input_level for the arch timer")
      Signed-off-by: default avatarChristoffer Dall <cdall@kernel.org>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      413aa807
    • Christoffer Dall's avatar
      KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN · e21a4f3a
      Christoffer Dall authored
      Calling vcpu_load() registers preempt notifiers for this vcpu and calls
      kvm_arch_vcpu_load().  The latter will soon be doing a lot of heavy
      lifting on arm/arm64 and will try to do things such as enabling the
      virtual timer and setting us up to handle interrupts from the timer
      hardware.
      
      Loading state onto hardware registers and enabling hardware to signal
      interrupts can be problematic when we're not actually about to run the
      VCPU, because it makes it difficult to establish the right context when
      handling interrupts from the timer, and it makes the register access
      code difficult to reason about.
      
      Luckily, now when we call vcpu_load in each ioctl implementation, we can
      simply remove the call from the non-KVM_RUN vcpu ioctls, and our
      kvm_arch_vcpu_load() is only used for loading vcpu content to the
      physical CPU when we're actually going to run the vcpu.
      
      Cc: stable@vger.kernel.org
      Fixes: 9b062471 ("KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl")
      Reviewed-by: default avatarJulien Grall <julien.grall@arm.com>
      Reviewed-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      Reviewed-by: default avatarAndrew Jones <drjones@redhat.com>
      Signed-off-by: default avatarChristoffer Dall <christoffer.dall@linaro.org>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      e21a4f3a
    • Andre Przywara's avatar
      KVM: arm/arm64: vgic: Add missing irq_lock to vgic_mmio_read_pending · 62b06f8f
      Andre Przywara authored
      Our irq_is_pending() helper function accesses multiple members of the
      vgic_irq struct, so we need to hold the lock when calling it.
      Add that requirement as a comment to the definition and take the lock
      around the call in vgic_mmio_read_pending(), where we were missing it
      before.
      
      Fixes: 96b29800 ("KVM: arm/arm64: vgic-new: Add PENDING registers handlers")
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      Signed-off-by: default avatarMarc Zyngier <marc.zyngier@arm.com>
      62b06f8f
    • Darren Hart (VMware)'s avatar
      platform/x86: Fix dell driver init order · 49368c13
      Darren Hart (VMware) authored
      Update the initcall ordering to satisfy the following dependency
      ordering:
      
      1. DCDBAS, ACPI_WMI
      2. DELL_SMBIOS, DELL_RBTN
      3. DELL_LAPTOP, DELL_WMI
      
      By assigning them to the following initcall levels:
      
      subsys_initcall: DCDBAS, ACPI_WMI
      module_init: DELL_SMBIOS, DELL_RBTN
      late_initcall: DELL_LAPTOP, DELL_WMI
      
      Cc: Dominik Brodowski <linux@dominikbrodowski.net>
      Cc: Mario.Limonciello@dell.com
      Signed-off-by: default avatarDarren Hart (VMware) <dvhart@infradead.org>
      49368c13
    • Darren Hart's avatar
      platform/x86: dell-smbios: Resolve dependency error on ACPI_WMI · 75073a64
      Darren Hart authored
      Similarly to DCDBAS for DELL_SMBIOS_SMM, if DELL_SMBIOS_WMI is enabled,
      DELL_SMBIOS becomes dependent on ACPI_WMI. Update the depends lines to
      prevent a configuration where DELL_SMBIOS=y and either backend
      dependency =m. Update the comment accordingly.
      
      Cc: Mario Limonciello <mario.limonciello@dell.com>
      Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
      Cc: Dominik Brodowski <linux@dominikbrodowski.net>
      Signed-off-by: default avatarDarren Hart (VMware) <dvhart@infradead.org>
      75073a64
    • Linus Torvalds's avatar
      Merge tag 'usb-4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · 3032f8c5
      Linus Torvalds authored
      Pull USB fixes from Greg KH:
       "Here are a small clump of USB fixes for 4.16-rc6.
      
        Nothing major, just a number of fixes in lots of different drivers, as
        well as a PHY driver fix that snuck into this tree. Full details are
        in the shortlog.
      
        All of these have been in linux-next with no reported issues"
      
      * tag 'usb-4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (22 commits)
        usb: musb: Fix external abort in musb_remove on omap2430
        phy: qcom-ufs: add MODULE_LICENSE tag
        usb: typec: tcpm: fusb302: Do not log an error on -EPROBE_DEFER
        USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM
        usbip: vudc: fix null pointer dereference on udc->lock
        xhci: Fix front USB ports on ASUS PRIME B350M-A
        usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume timing"
        usb: usbmon: Read text within supplied buffer size
        usb: host: xhci-rcar: add support for r8a77965
        USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
        usb: xhci: dbc: Fix lockdep warning
        xhci: fix endpoint context tracer output
        Revert "typec: tcpm: Only request matching pdos"
        usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
        usb: quirks: add control message delay for 1b1c:1b20
        uas: fix comparison for error code
        usb: gadget: udc: renesas_usb3: add binging for r8a77965
        usb: renesas_usbhs: add binding for r8a77965
        usb: dwc2: fix STM32F7 USB OTG HS compatible
        dt-bindings: usb: fix the STM32F7 DWC2 OTG HS core binding
        ...
      3032f8c5
    • Linus Torvalds's avatar
      Merge tag 'tty-4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty · 6560ca4a
      Linus Torvalds authored
      Pull tty/serial driver fixes from Greg KH:
       "Here are some small tty core and serial driver fixes for 4.16-rc6.
      
        They resolve some newly reported bugs, as well as some very old ones,
        which is always nice to see. There is also a new device id added in
        here for good measure.
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'tty-4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
        serial: imx: fix bogus dev_err
        serial: sh-sci: prevent lockup on full TTY buffers
        serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
        earlycon: add reg-offset to physical address before mapping
        serial: core: mark port as initialized in autoconfig
        serial: 8250_pci: Don't fail on multiport card class
        tty/serial: atmel: add new version check for usart
        tty: make n_tty_read() always abort if hangup is in progress
      6560ca4a
    • Linus Torvalds's avatar
      Merge tag 'staging-4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging · 5e15d39f
      Linus Torvalds authored
      Pull staging fixes from Greg KH:
       "Here are three staging driver fixes for 4.16-rc6
      
        Two of them are lockdep fixes for the ashmem driver that have been
        reported by a number of people recently. The last one is a fix for the
        comedi driver core.
      
        All of these have been in linux-next for a while with no reported
        issues"
      
      * tag 'staging-4.16-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging:
        staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
        staging: comedi: fix comedi_nsamples_left.
        staging: android: ashmem: Fix lockdep issue during llseek
      5e15d39f
    • Linus Torvalds's avatar
      Merge tag 'auxdisplay-for-linus-v4.16-rc6' of git://github.com/ojeda/linux · 1a7f7496
      Linus Torvalds authored
      Pull auxdisplay fixes from Miguel Ojeda:
       "Silence a few warnings in auxdisplay.
      
         - a couple of uninitialized warnings reported by the build service
      
         - a doc comment warning under W=1
      
         - three fall-through comments not recognized under W=1"
      
      * tag 'auxdisplay-for-linus-v4.16-rc6' of git://github.com/ojeda/linux:
        auxdisplay: img-ascii-lcd: Silence 2 uninitialized warnings
        auxdisplay: img-ascii-lcd: Fix doc comment to silence warnings
        auxdisplay: panel: Change comments to silence fallthrough warnings
      1a7f7496
    • Paul Mackerras's avatar
      KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry · a8b48a4d
      Paul Mackerras authored
      This fixes a bug where the trap number that is returned by
      __kvmppc_vcore_entry gets corrupted.  The effect of the corruption
      is that IPIs get ignored on POWER9 systems when the IPI is sent via
      a doorbell interrupt to a CPU which is executing in a KVM guest.
      The effect of the IPI being ignored is often that another CPU locks
      up inside smp_call_function_many() (and if that CPU is holding a
      spinlock, other CPUs then lock up inside raw_spin_lock()).
      
      The trap number is currently held in register r12 for most of the
      assembly-language part of the guest exit path.  In that path, we
      call kvmppc_subcore_exit_guest(), which is a C function, without
      restoring r12 afterwards.  Depending on the kernel config and the
      compiler, it may modify r12 or it may not, so some config/compiler
      combinations see the bug and others don't.
      
      To fix this, we arrange for the trap number to be stored on the
      stack from the 'guest_bypass:' label until the end of the function,
      then the trap number is loaded and returned in r12 as before.
      
      Cc: stable@vger.kernel.org # v4.8+
      Fixes: fd7bacbc ("KVM: PPC: Book3S HV: Fix TB corruption in guest exit path on HMI interrupt")
      Signed-off-by: default avatarPaul Mackerras <paulus@ozlabs.org>
      a8b48a4d
  6. 13 Mar, 2018 6 commits
  7. 12 Mar, 2018 3 commits