1. 27 10月, 2016 2 次提交
  2. 26 10月, 2016 4 次提交
    • P
      KVM: fix OOPS on flush_work · 36343f6e
      Paolo Bonzini 提交于
      The conversion done by commit 3706feac ("KVM: Remove deprecated
      create_singlethread_workqueue") is broken.  It flushes a single work
      item &irqfd->shutdown instead of all of them, and even worse if there
      is no irqfd on the list then you get a NULL pointer dereference.
      Revert the virt/kvm/eventfd.c part of that patch; to avoid the
      deprecated function, just allocate our own workqueue---it does
      not even have to be unbound---with alloc_workqueue.
      
      Fixes: 3706feacReviewed-by: NCornelia Huck <cornelia.huck@de.ibm.com>
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      36343f6e
    • J
      KVM: MIPS: Precalculate MMIO load resume PC · e1e575f6
      James Hogan 提交于
      The advancing of the PC when completing an MMIO load is done before
      re-entering the guest, i.e. before restoring the guest ASID. However if
      the load is in a branch delay slot it may need to access guest code to
      read the prior branch instruction. This isn't safe in TLB mapped code at
      the moment, nor in the future when we'll access unmapped guest segments
      using direct user accessors too, as it could read the branch from host
      user memory instead.
      
      Therefore calculate the resume PC in advance while we're still in the
      right context and save it in the new vcpu->arch.io_pc (replacing the no
      longer needed vcpu->arch.pending_load_cause), and restore it on MMIO
      completion.
      
      Fixes: e685c689 ("KVM/MIPS32: Privileged instruction/target branch emulation.")
      Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: "Radim Krčmář <rkrcmar@redhat.com>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: linux-mips@linux-mips.org
      Cc: kvm@vger.kernel.org
      Cc: <stable@vger.kernel.org> # 3.10.x-
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      e1e575f6
    • J
      KVM: MIPS: Make ERET handle ERL before EXL · ede5f3e7
      James Hogan 提交于
      The ERET instruction to return from exception is used for returning from
      exception level (Status.EXL) and error level (Status.ERL). If both bits
      are set however we should be returning from ERL first, as ERL can
      interrupt EXL, for example when an NMI is taken. KVM however checks EXL
      first.
      
      Fix the order of the checks to match the pseudocode in the instruction
      set manual.
      
      Fixes: e685c689 ("KVM/MIPS32: Privileged instruction/target branch emulation.")
      Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: "Radim Krčmář <rkrcmar@redhat.com>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: linux-mips@linux-mips.org
      Cc: kvm@vger.kernel.org
      Cc: <stable@vger.kernel.org> # 3.10.x-
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      ede5f3e7
    • J
      KVM: MIPS: Fix lazy user ASID regenerate for SMP · 9078210e
      James Hogan 提交于
      kvm_mips_check_asids() runs before entering the guest and performs lazy
      regeneration of host ASID for guest usermode, using last_user_gasid to
      track the last guest ASID in the VCPU that was used by guest usermode on
      any host CPU.
      
      last_user_gasid is reset after performing the lazy ASID regeneration on
      the current CPU, and by kvm_arch_vcpu_load() if the host ASID for guest
      usermode is regenerated due to staleness (to cancel outstanding lazy
      ASID regenerations). Unfortunately neither case handles SMP hosts
      correctly:
      
       - When the lazy ASID regeneration is performed it should apply to all
         CPUs (as last_user_gasid does), so reset the ASID on other CPUs to
         zero to trigger regeneration when the VCPU is next loaded on those
         CPUs.
      
       - When the ASID is found to be stale on the current CPU, we should not
         cancel lazy ASID regenerations globally, so drop the reset of
         last_user_gasid altogether here.
      
      Both cases would require a guest ASID change and two host CPU migrations
      (and in the latter case one of the CPUs to start a new ASID cycle)
      before guest usermode could potentially access stale user pages from a
      previously running ASID in the same VCPU.
      
      Fixes: 25b08c7f ("KVM: MIPS: Invalidate TLB by regenerating ASIDs")
      Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
      Cc: Paolo Bonzini <pbonzini@redhat.com>
      Cc: "Radim Krčmář <rkrcmar@redhat.com>
      Cc: Ralf Baechle <ralf@linux-mips.org>
      Cc: linux-mips@linux-mips.org
      Cc: kvm@vger.kernel.org
      Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
      9078210e
  3. 24 10月, 2016 6 次提交
    • L
      Linux 4.9-rc2 · 07d9a380
      Linus Torvalds 提交于
      07d9a380
    • L
      Merge tag 'upstream-4.9-rc2' of git://git.infradead.org/linux-ubifs · 5ff93abc
      Linus Torvalds 提交于
      Pull UBI[FS] fixes from Richard Weinberger:
       "This contains fixes for issues in both UBI and UBIFS:
      
         - Fallout from the merge window, refactoring UBI code introduced some
           issues.
      
         - Fixes for an UBIFS readdir bug which can cause getdents() to busy
           loop for ever and a bug in the UBIFS xattr code"
      
      * tag 'upstream-4.9-rc2' of git://git.infradead.org/linux-ubifs:
        ubifs: Abort readdir upon error
        UBI: Fix crash in try_recover_peb()
        ubi: fix swapped arguments to call to ubi_alloc_aeb
        ubifs: Fix xattr_names length in exit paths
        ubifs: Rename ubifs_rename2
      5ff93abc
    • L
      Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 · c761923c
      Linus Torvalds 提交于
      Pull ext4 fixes from Ted Ts'o:
       "A few bug fixes and add some missing KERN_CONT annotations"
      
      * tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
        ext4: add missing KERN_CONT to a few more debugging uses
        fscrypto: lock inode while setting encryption policy
        ext4: correct endianness conversion in __xattr_check_inode()
        fscrypto: make XTS tweak initialization endian-independent
        ext4: do not advertise encryption support when disabled
        jbd2: fix incorrect unlock on j_list_lock
        ext4: super.c: Update logging style using KERN_CONT
      c761923c
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending · a55da8a0
      Linus Torvalds 提交于
      Pull SCSI target fixes from Nicholas Bellinger:
       "Here are the outstanding target-pending fixes for v4.9-rc2.
      
        This includes:
      
         - Fix v4.1.y+ reference leak regression with concurrent TMR
           ABORT_TASK + session shutdown. (Vaibhav Tandon)
      
         - Enable tcm_fc w/ SCF_USE_CPUID to avoid host exchange timeouts
           (Hannes)
      
         - target/user error sense handling fixes. (Andy + MNC + HCH)
      
         - Fix iscsi-target NOP_OUT error path iscsi_cmd descriptor leak
           (Varun)
      
         - Two EXTENDED_COPY SCSI status fixes for ESX VAAI (Dinesh Israni +
           Nixon Vincent)
      
         - Revert a v4.8 residual overflow change, that breaks sg_inq with
           small allocation lengths.
      
        There are a number of folks stress testing the v4.1.y regression fix
        in their environments, and more folks doing iser-target I/O stress
        testing atop recent v4.x.y code.
      
        There is also one v4.2.y+ RCU conversion regression related to
        explicit NodeACL configfs changes, that is still being tracked down"
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
        target/tcm_fc: use CPU affinity for responses
        target/tcm_fc: Update debugging statements to match libfc usage
        target/tcm_fc: return detailed error in ft_sess_create()
        target/tcm_fc: print command pointer in debug message
        target: fix potential race window in target_sess_cmd_list_waiting()
        Revert "target: Fix residual overflow handling in target_complete_cmd_with_length"
        target: Don't override EXTENDED_COPY xcopy_pt_cmd SCSI status code
        target: Make EXTENDED_COPY 0xe4 failure return COPY TARGET DEVICE NOT REACHABLE
        target: Re-add missing SCF_ACK_KREF assignment in v4.1.y
        iscsi-target: fix iscsi cmd leak
        iscsi-target: fix spelling mistake "Unsolicitied" -> "Unsolicited"
        target/user: Fix comments to not refer to data ring
        target/user: Return an error if cmd data size is too large
        target/user: Use sense_reason_t in tcmu_queue_cmd_ring
      a55da8a0
    • L
      Merge tag 'hwmon-for-linus-v4.9-rc2' of... · e6995f22
      Linus Torvalds 提交于
      Merge tag 'hwmon-for-linus-v4.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
      
      Pull hwmon fixes from Guenter Roeck:
       "Couple of hwmon fixes:
      
        Fix a potential ERR_PTR dereference in max31790 driver, and handle
        temperature readings below 0 in adm9240 driver"
      
      * tag 'hwmon-for-linus-v4.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
        hwmon: (max31790) potential ERR_PTR dereference
        hwmon: (adm9240) handle temperature readings below 0
      e6995f22
    • L
      Merge tag 'for-linus-4.9-2' of git://git.code.sf.net/p/openipmi/linux-ipmi · 5766e9d2
      Linus Torvalds 提交于
      Pull IPMI updates from Corey Minyard:
       "A small bug fix and a new driver for acting as an IPMI device.
      
        I was on vacation during the merge window (a long vacation) but this
        is a bug fix that should go in and a new driver that shouldn't hurt
        anything.
      
        This has been in linux-next for a month or so"
      
      * tag 'for-linus-4.9-2' of git://git.code.sf.net/p/openipmi/linux-ipmi:
        ipmi: fix crash on reading version from proc after unregisted bmc
        ipmi/bt-bmc: remove redundant return value check of platform_get_resource()
        ipmi/bt-bmc: add a dependency on ARCH_ASPEED
        ipmi: Fix ioremap error handling in bt-bmc
        ipmi: add an Aspeed BT IPMI BMC driver
      5766e9d2
  4. 23 10月, 2016 5 次提交
  5. 22 10月, 2016 14 次提交
    • V
      x86/boot/smp: Don't try to poke disabled/non-existent APIC · ff856051
      Ville Syrjälä 提交于
      Apparently trying to poke a disabled or non-existent APIC
      leads to a box that doesn't even boot. Let's not do that.
      
      No real clue if this is the right fix, but at least my
      P3 machine boots again.
      Signed-off-by: NVille Syrjälä <ville.syrjala@linux.intel.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Brian Gerst <brgerst@gmail.com>
      Cc: Denys Vlasenko <dvlasenk@redhat.com>
      Cc: Eric Biederman <ebiederm@xmission.com>
      Cc: H. Peter Anvin <hpa@zytor.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: Juergen Gross <jgross@suse.com>
      Cc: Len Brown <len.brown@intel.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Prarit Bhargava <prarit@redhat.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Yinghai Lu <yinghai@kernel.org>
      Cc: dyoung@redhat.com
      Cc: kexec@lists.infradead.org
      Cc: stable@vger.kernel.org
      Fixes: 2a51fe08 ("arch/x86: Handle non enumerated CPU after physical hotplug")
      Link: http://lkml.kernel.org/r/1477102684-5092-1-git-send-email-ville.syrjala@linux.intel.comSigned-off-by: NIngo Molnar <mingo@kernel.org>
      ff856051
    • L
      Merge tag 'powerpc-4.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · dcd4693c
      Linus Torvalds 提交于
      Pull powerpc fixes from Michael Ellerman:
       "Fixes marked for stable:
         - Prevent unlikely crash in copro_calculate_slb() (Frederic Barrat)
         - cxl: Prevent adapter reset if an active context exists (Vaibhav Jain)
      
        Fixes for code merged this cycle:
         - Fix boot on systems with uncompressed kernel image (Heiner Kallweit)
         - Drop dump_numa_memory_topology() (Michael Ellerman)
         - Fix numa topology console print (Aneesh Kumar K.V)
         - Ignore the pkey system calls for now (Stephen Rothwell)"
      
      * tag 'powerpc-4.9-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc: Ignore the pkey system calls for now
        powerpc: Fix numa topology console print
        powerpc/mm: Drop dump_numa_memory_topology()
        cxl: Prevent adapter reset if an active context exists
        powerpc/boot: Fix boot on systems with uncompressed kernel image
        powerpc/mm: Prevent unlikely crash in copro_calculate_slb()
      dcd4693c
    • L
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · a23b27ae
      Linus Torvalds 提交于
      Pull KVM fixes from Radim Krčmář:
       "ARM:
         - avoid livelock when walking guest page tables
         - fix HYP mode static keys without CC_HAVE_ASM_GOTO
      
        MIPS:
         - fix a build error without TRACEPOINTS_ENABLED
      
        s390:
         - reject a malformed userspace configuration
      
        x86:
         - suppress a warning without CONFIG_CPU_FREQ
         - initialize whole irq_eoi array"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        arm/arm64: KVM: Map the BSS at HYP
        arm64: KVM: Take S1 walks into account when determining S2 write faults
        KVM: s390: reject invalid modes for runtime instrumentation
        kvm: x86: memset whole irq_eoi
        kvm/x86: Fix unused variable warning in kvm_timer_init()
        KVM: MIPS: Add missing uaccess.h include
      a23b27ae
    • L
      Merge tag 'nfs-for-4.9-2' of git://git.linux-nfs.org/projects/anna/linux-nfs · 02593ac6
      Linus Torvalds 提交于
      Pull NFS client bugfixes from Anna Schumaker:
       "Just two bugfixes this time:
      
        Stable bugfix:
         - Fix last_write_offset incorrectly set to page boundary
      
        Other bugfix:
         - Fix missing-braces warning"
      
      * tag 'nfs-for-4.9-2' of git://git.linux-nfs.org/projects/anna/linux-nfs:
        nfs4: fix missing-braces warning
        pnfs/blocklayout: fix last_write_offset incorrectly set to page boundary
      02593ac6
    • L
      Merge tag 'acpi-4.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · 43ef55da
      Linus Torvalds 提交于
      Pull ACPI fixes from Rafael Wysocki:
       "These fix an issue related to system resume in the new WDAT-based
        watchdog driver and a return value of a stub function in the ACPI CPPC
        framework.
      
        Specifics:
      
         - Update the ACPI WDAT-based watchdog driver to ping the hardware
           during system resume to prevent a reset from occurring after the
           resume is complete (Mika Westerberg).
      
         - Fix the return value of the pcc_mbox_request_channel() stub for
           CONFIG_PCC unset (Hoan Tran)"
      
      * tag 'acpi-4.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        watchdog: wdat_wdt: Ping the watchdog on resume
        mailbox: PCC: Fix return value of pcc_mbox_request_channel()
      43ef55da
    • R
      Merge branches 'acpi-wdat' and 'acpi-cppc' · 956c8974
      Rafael J. Wysocki 提交于
      * acpi-wdat:
        watchdog: wdat_wdt: Ping the watchdog on resume
      
      * acpi-cppc:
        mailbox: PCC: Fix return value of pcc_mbox_request_channel()
      956c8974
    • T
      Merge tag 'gic-fixes-for-4.9-rc2' of... · a442950d
      Thomas Gleixner 提交于
      Merge tag 'gic-fixes-for-4.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/maz/arm-platforms into irq/urgent
      
      Pull GIC updates from Marc Zyngier:
      
       - Fix for 32bit accesses that should be 64bit on 64bit machines
       - Fix for a field decoding macro
       - Beautify a warning message
      a442950d
    • L
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · 6edc51a8
      Linus Torvalds 提交于
      Pull SCSI fixes from James Bottomley:
       "Five small fixes.
      
        Some of these, like the nested spinlock overwriting saved flags and
        the Kasan use after free look serious, but they seem not to have been
        picked up in testing or seen in the field.
      
        The biggest user visible issue is probably the wrong device handler
        for Clariion, which means that alua doesn't bind to the array like it
        should"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: ipr: Fix async error WARN_ON
        scsi: zfcp: spin_lock_irqsave() is not nestable
        scsi: Remove one useless stack variable
        scsi: Fix use-after-free
        scsi: Replace wrong device handler name for CLARiiON arrays
      6edc51a8
    • L
      Merge branch 'for-linus' of git://git.kernel.dk/linux-block · ecd06f28
      Linus Torvalds 提交于
      Pull block fixes from Jens Axboe:
       "A set of fixes that missed the merge window, mostly due to me being
        away around that time.
      
        Nothing major here, a mix of nvme cleanups and fixes, and one fix for
        the badblocks handling"
      
      * 'for-linus' of git://git.kernel.dk/linux-block:
        nvmet: use symbolic constants for CNS values
        nvme: use symbolic constants for CNS values
        nvme.h: add an enum for cns values
        nvme.h: don't use uuid_be
        nvme.h: resync with nvme-cli
        nvme: Add tertiary number to NVME_VS
        nvme : Add sysfs entry for NVMe CMBs when appropriate
        nvme: don't schedule multiple resets
        nvme: Delete created IO queues on reset
        nvme: Stop probing a removed device
        badblocks: fix overlapping check for clearing
      ecd06f28
    • L
      Merge tag 'pci-v4.9-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci · e59f30b4
      Linus Torvalds 提交于
      Pull PCI fixes from Bjorn Helgaas:
       "This includes:
      
         - Fix for a Layerscape driver issue that causes a use-before-set
           crash
      
         - Maintainer update for the Synopsis prototyping device driver"
      
      * tag 'pci-v4.9-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
        PCI: designware-plat: Update author email address
        PCI: layerscape: Fix drvdata usage before assignment
        PCI: designware-plat: Change maintainer to Jose Abreu
      e59f30b4
    • R
      Merge tag 'kvm-arm-for-4.9-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm · 658f7c4b
      Radim Krčmář 提交于
      KVM/ARM updates for 4.9-rc2
      
      - Handle faults generated by the page table walker as being writes
      - Map the BSS at EL2
      658f7c4b
    • M
      arm/arm64: KVM: Map the BSS at HYP · c8ea0395
      Marc Zyngier 提交于
      When used with a compiler that doesn't implement "asm goto"
      (such as the AArch64 port of GCC 4.8), jump labels generate a
      memory access to find out about the value of the key (instead
      of just patching the code). The key itself is likely to be
      stored in the BSS.
      
      This is perfectly fine, except that we don't map the BSS at HYP,
      leading to an exploding kernel at the first access. The obvious
      fix is simply to map the BSS there (which should have been done
      a long while ago, but hey...).
      Reported-by: NEric Auger <eric.auger@redhat.com>
      Tested-by: NEric Auger <eric.auger@redhat.com>
      Signed-off-by: NMarc Zyngier <marc.zyngier@arm.com>
      c8ea0395
    • W
      arm64: KVM: Take S1 walks into account when determining S2 write faults · 60e21a0e
      Will Deacon 提交于
      The WnR bit in the HSR/ESR_EL2 indicates whether a data abort was
      generated by a read or a write instruction. For stage 2 data aborts
      generated by a stage 1 translation table walk (i.e. the actual page
      table access faults at EL2), the WnR bit therefore reports whether the
      instruction generating the walk was a load or a store, *not* whether the
      page table walker was reading or writing the entry.
      
      For page tables marked as read-only at stage 2 (e.g. due to KSM merging
      them with the tables from another guest), this could result in livelock,
      where a page table walk generated by a load instruction attempts to
      set the access flag in the stage 1 descriptor, but fails to trigger
      CoW in the host since only a read fault is reported.
      
      This patch modifies the arm64 kvm_vcpu_dabt_iswrite function to
      take into account stage 2 faults in stage 1 walks. Since DBM cannot be
      disabled at EL2 for CPUs that implement it, we assume that these faults
      are always causes by writes, avoiding the livelock situation at the
      expense of occasional, spurious CoWs.
      
      We could, in theory, do a bit better by checking the guest TCR
      configuration and inspecting the page table to see why the PTE faulted.
      However, I doubt this is measurable in practice, and the threat of
      livelock is real.
      
      Cc: <stable@vger.kernel.org>
      Cc: Julien Grall <julien.grall@arm.com>
      Reviewed-by: NMarc Zyngier <marc.zyngier@arm.com>
      Reviewed-by: NChristoffer Dall <christoffer.dall@linaro.org>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      60e21a0e
    • L
      Merge tag 'drm-fixes-for-v4.9-rc2-part2' of git://people.freedesktop.org/~airlied/linux · ec366cd1
      Linus Torvalds 提交于
      Pull more drm fixes from Dave Airlie:
       "Mainly some vmwgfx fixes, but also some fixes for armada, etnaviv and
        fsl-dcu"
      
      * tag 'drm-fixes-for-v4.9-rc2-part2' of git://people.freedesktop.org/~airlied/linux:
        drm/fsl-dcu: enable pixel clock when enabling CRTC
        drm/fsl-dcu: do not transfer registers in mode_set_nofb
        drm/fsl-dcu: do not transfer registers on plane init
        drm/fsl-dcu: enable TCON bypass mode by default
        drm/vmwgfx: Adjust checks for null pointers in 13 functions
        drm/vmwgfx: Use memdup_user() rather than duplicating its implementation
        drm/vmwgfx: Use kmalloc_array() in vmw_surface_define_ioctl()
        drm/vmwgfx: Avoid validating views on view destruction
        drm/vmwgfx: Limit the user-space command buffer size
        drm/vmwgfx: Remove a leftover debug printout
        drm/vmwgfx: Allow resource relocations on byte boundaries
        drm/vmwgfx: Enable SVGA_3D_CMD_DX_TRANSFER_FROM_BUFFER command
        drm/vmwgfx: Remove call to reservation_object_test_signaled_rcu before wait
        drm/vmwgfx: Replace numeric parameter like 0444 with macro
        drm/etnaviv: block 64K of address space behind each cmdstream
        drm/etnaviv: ensure write caches are flushed at end of user cmdstream
        drm/armada: fix clock counts
      ec366cd1
  6. 21 10月, 2016 9 次提交