| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 93faccbbfa958a9668d3ab4e30f38dd205cee8d8 upstream.
To support unprivileged users mounting filesystems two permission
checks have to be performed: a test to see if the user allowed to
create a mount in the mount namespace, and a test to see if
the user is allowed to access the specified filesystem.
The automount case is special in that mounting the original filesystem
grants permission to mount the sub-filesystems, to any user who
happens to stumble across the their mountpoint and satisfies the
ordinary filesystem permission checks.
Attempting to handle the automount case by using override_creds
almost works. It preserves the idea that permission to mount
the original filesystem is permission to mount the sub-filesystem.
Unfortunately using override_creds messes up the filesystems
ordinary permission checks.
Solve this by being explicit that a mount is a submount by introducing
vfs_submount, and using it where appropriate.
vfs_submount uses a new mount internal mount flags MS_SUBMOUNT, to let
sget and friends know that a mount is a submount so they can take appropriate
action.
sget and sget_userns are modified to not perform any permission checks
on submounts.
follow_automount is modified to stop using override_creds as that
has proven problemantic.
do_mount is modified to always remove the new MS_SUBMOUNT flag so
that we know userspace will never by able to specify it.
autofs4 is modified to stop using current_real_cred that was put in
there to handle the previous version of submount permission checking.
cifs is modified to pass the mountpoint all of the way down to vfs_submount.
debugfs is modified to pass the mountpoint all of the way down to
trace_automount by adding a new parameter. To make this change easier
a new typedef debugfs_automount_t is introduced to capture the type of
the debugfs automount function.
Fixes: 069d5ac9ae0d ("autofs: Fix automounts by using current_real_cred()->uid")
Fixes: aeaa4a79ff6a ("fs: Call d_automount with the filesystems creds")
Reviewed-by: Trond Myklebust <trond.myklebust@primarydata.com>
Reviewed-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Change-Id: I09cb1f35368fb8dc4a64b5ac5a35c9d2843ef95b
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
lineage-18.1-caf-msm8998
# By Sergey Shtylyov (9) and others
# Via Greg Kroah-Hartman
* common/android-4.4-p:
Linux 4.4.288
libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD.
usb: testusb: Fix for showing the connection speed
scsi: sd: Free scsi_disk device via put_device()
ext2: fix sleeping in atomic bugs on error
sparc64: fix pci_iounmap() when CONFIG_PCI is not set
xen-netback: correct success/error reporting for the SKB-with-fraglist case
af_unix: fix races in sk_peer_pid and sk_peer_cred accesses
Linux 4.4.287
Revert "arm64: Mark __stack_chk_guard as __ro_after_init"
Linux 4.4.286
cred: allow get_cred() and put_cred() to be given NULL.
HID: usbhid: free raw_report buffers in usbhid_stop
netfilter: ipset: Fix oversized kvmalloc() calls
HID: betop: fix slab-out-of-bounds Write in betop_probe
arm64: Extend workaround for erratum 1024718 to all versions of Cortex-A55
EDAC/synopsys: Fix wrong value type assignment for edac_mode
ext4: fix potential infinite loop in ext4_dx_readdir()
ipack: ipoctal: fix module reference leak
ipack: ipoctal: fix missing allocation-failure check
ipack: ipoctal: fix tty-registration error handling
ipack: ipoctal: fix tty registration race
ipack: ipoctal: fix stack information leak
e100: fix buffer overrun in e100_get_regs
e100: fix length calculation in e100_get_regs_len
ipvs: check that ip_vs_conn_tab_bits is between 8 and 20
mac80211: fix use-after-free in CCMP/GCMP RX
tty: Fix out-of-bound vmalloc access in imageblit
qnx4: work around gcc false positive warning bug
spi: Fix tegra20 build with CONFIG_PM=n
net: 6pack: Fix tx timeout and slot time
alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile
arm64: Mark __stack_chk_guard as __ro_after_init
parisc: Use absolute_pointer() to define PAGE0
qnx4: avoid stringop-overread errors
sparc: avoid stringop-overread errors
net: i825xx: Use absolute_pointer for memcpy from fixed memory location
compiler.h: Introduce absolute_pointer macro
m68k: Double cast io functions to unsigned long
blktrace: Fix uaf in blk_trace access after removing by sysfs
scsi: iscsi: Adjust iface sysfs attr detection
net/mlx4_en: Don't allow aRFS for encapsulated packets
net: hso: fix muxed tty registration
USB: serial: option: add device id for Foxconn T99W265
USB: serial: option: remove duplicate USB device ID
USB: serial: option: add Telit LN920 compositions
USB: serial: mos7840: remove duplicated 0xac24 device ID
USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter
xen/x86: fix PV trap handling on secondary processors
cifs: fix incorrect check for null pointer in header_assemble
usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned()
usb: gadget: r8a66597: fix a loop in set_feature()
Linux 4.4.285
sctp: validate from_addr_param return
drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
nilfs2: fix NULL pointer in nilfs_##name##_attr_release
nilfs2: fix memory leak in nilfs_sysfs_create_device_group
ceph: lockdep annotations for try_nonblocking_invalidate
dmaengine: ioat: depends on !UML
parisc: Move pci_dev_is_behind_card_dino to where it is used
dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
dmaengine: acpi-dma: check for 64-bit MMIO address
profiling: fix shift-out-of-bounds bugs
prctl: allow to setup brk for et_dyn executables
9p/trans_virtio: Remove sysfs file on probe failure
thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
sctp: validate chunk size in __rcv_asconf_lookup
PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
s390/bpf: Fix optimizing out zero-extensions
Linux 4.4.284
s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant
net: renesas: sh_eth: Fix freeing wrong tx descriptor
qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
ARC: export clear_user_page() for modules
mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()'
PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n
ethtool: Fix an error code in cxgb2.c
dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
x86/mm: Fix kern_addr_valid() to cope with existing but not present entries
net/af_unix: fix a data-race in unix_dgram_poll
tipc: increase timeout in tipc_sk_enqueue()
r6040: Restore MDIO clock frequency after MAC reset
net/l2tp: Fix reference count leak in l2tp_udp_recv_core
dccp: don't duplicate ccid when cloning dccp sock
ptp: dp83640: don't define PAGE0
net-caif: avoid user-triggerable WARN_ON(1)
bnx2x: Fix enabling network interfaces without VFs
platform/chrome: cros_ec_proto: Send command again when timeout occurs
parisc: fix crash with signals and alloca
net: fix NULL pointer reference in cipso_v4_doi_free
ath9k: fix OOB read ar9300_eeprom_restore_internal
parport: remove non-zero check on count
Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set"
cifs: fix wrong release in sess_alloc_buffer() failed path
mmc: rtsx_pci: Fix long reads when clock is prescaled
gfs2: Don't call dlm after protocol is unmounted
rpc: fix gss_svc_init cleanup on failure
ARM: tegra: tamonten: Fix UART pad setting
gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port()
Bluetooth: skip invalid hci_sync_conn_complete_evt
serial: 8250_pci: make setup_port() parameters explicitly unsigned
hvsi: don't panic on tty_register_driver failure
xtensa: ISS: don't panic in rs_init
serial: 8250: Define RX trigger levels for OxSemi 950 devices
s390/jump_label: print real address in a case of a jump label bug
ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
video: fbdev: riva: Error out if 'pixclock' equals zero
video: fbdev: kyro: Error out if 'pixclock' equals zero
video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
bpf/tests: Do not PASS tests without actually testing the result
bpf/tests: Fix copy-and-paste error in double word test
tty: serial: jsm: hold port lock when reporting modem line changes
usb: gadget: u_ether: fix a potential null pointer dereference
usb: host: fotg210: fix the actual_length of an iso packet
Smack: Fix wrong semantics in smk_access_entry()
netlink: Deal with ESRCH error in nlmsg_notify()
video: fbdev: kyro: fix a DoS bug by restricting user input
iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
PCI: Use pci_update_current_state() in pci_enable_device_flags()
crypto: mxs-dcp - Use sg_mapping_iter to copy data
pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry()
openrisc: don't printk() unconditionally
PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
ARM: 9105/1: atags_to_fdt: don't warn about stack size
libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
media: rc-loopback: return number of emitters rather than error
media: uvc: don't do DMA on stack
VMCI: fix NULL pointer dereference when unmapping queue pair
power: supply: max17042: handle fails of reading status register
xen: fix setting of max_pfn in shared_info
PCI/MSI: Skip masking MSI-X on Xen PV
rtc: tps65910: Correct driver module alias
fbmem: don't allow too huge resolutions
clk: kirkwood: Fix a clocking boot regression
KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted
tty: Fix data race between tiocsti() and flush_to_ldisc()
ipv4: make exception cache less predictible
bcma: Fix memory leak for internally-handled cores
ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
i2c: mt65xx: fix IRQ check
CIFS: Fix a potencially linear read overflow
mmc: moxart: Fix issue with uninitialized dma_slave_config
mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
i2c: s3c2410: fix IRQ check
i2c: iop3xx: fix deferred probing
Bluetooth: add timeout sanity check to hci_inquiry
usb: gadget: mv_u3d: request_irq() after initializing UDC
usb: phy: tahvo: add IRQ check
usb: host: ohci-tmio: add IRQ check
Bluetooth: Move shutdown callback before flushing tx and rx queue
usb: phy: twl6030: add IRQ checks
usb: phy: fsl-usb: add IRQ check
usb: gadget: udc: at91: add IRQ check
drm/msm/dsi: Fix some reference counted resource leaks
Bluetooth: fix repeated calls to sco_sock_kill
arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7
Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
PCI: PM: Enable PME if it can be signaled from D3cold
i2c: highlander: add IRQ check
net: cipso: fix warnings in netlbl_cipsov4_add_std
tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
media: go7007: remove redundant initialization
media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
certs: Trigger creation of RSA module signing key if it's not an RSA key
m68k: emu: Fix invalid free in nfeth_cleanup()
udf_get_extendedattr() had no boundary checks.
crypto: qat - fix reuse of completion variable
crypto: qat - do not ignore errors from enable_vf2pf_comms()
libata: fix ata_host_start()
power: supply: max17042_battery: fix typo in MAx17042_TOFF
crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop()
crypto: mxs-dcp - Check for DMA mapping errors
PCI: Call Max Payload Size-related fixup quirks early
x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
Revert "btrfs: compression: don't try to compress if we don't have enough pages"
mm/page_alloc: speed up the iteration of max_order
net: ll_temac: Remove left-over debug message
powerpc/boot: Delete unneeded .globl _zimage_start
powerpc/module64: Fix comment in R_PPC64_ENTRY handling
mm/kmemleak.c: make cond_resched() rate-limiting more efficient
s390/disassembler: correct disassembly lines alignment
ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2)
tc358743: fix register i2c_rd/wr function fix
PM / wakeirq: Enable dedicated wakeirq for suspend
USB: serial: mos7720: improve OOM-handling in read_mos_reg()
usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled
igmp: Add ip_mc_list lock in ip_check_mc_rcu
media: stkwebcam: fix memory leak in stk_camera_probe
ath9k: Postpone key cache entry deletion for TXQ frames reference it
ath: Modify ath_key_delete() to not need full key entry
ath: Export ath_hw_keysetmac()
ath9k: Clear key cache explicitly on disabling hardware
ath: Use safer key clearing with key cache entries
ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
ARM: 8918/2: only build return_address() if needed
cryptoloop: add a deprecation warning
qede: Fix memset corruption
ARC: fix allnoconfig build warning
xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
ext4: fix race writing to an inline_data file while its xattrs are changing
Change-Id: I0d3200388e095f977c784cba314b9cc061848c7a
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 9ed38fd4a15417cac83967360cf20b853bfab9b6 upstream.
Although very unlikely that the tlink pointer would be null in this case,
get_next_mid function can in theory return null (but not an error)
so need to check for null (not for IS_ERR, which can not be returned
here).
Address warning:
fs/smbfs_client/connect.c:2392 cifs_match_super()
warn: 'tlink' isn't an ERR_PTR
Pointed out by Dan Carpenter via smatch code analysis tool
CC: stable@vger.kernel.org
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit d72c74197b70bc3c95152f351a568007bffa3e11 ]
smb_buf is allocated by small_smb_init_no_tc(), and buf type is
CIFS_SMALL_BUFFER, so we should use cifs_small_buf_release() to
release it in failed path.
Signed-off-by: Ding Hui <dinghui@sangfor.com.cn>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit f980d055a0f858d73d9467bb0b570721bbfcdfb8 ]
strlcpy() reads the entire source buffer first. This read may exceed the
destination size limit. This is both inefficient and can lead to linear
read overflows if a source string is not NUL-terminated.
Also, the strnlen() call does not avoid the read overflow in the strlcpy
function when a not NUL-terminated string is passed.
So, replace this block by a call to kstrndup() that avoids this type of
overflow and does the same.
Fixes: 066ce6899484d ("cifs: rename cifs_strlcpy_to_host and make it use new functions")
Signed-off-by: Len Baker <len.baker@gmx.com>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-18.1-caf-msm8998
This brings LA.UM.9.2.r1-03300-SDMxx0.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
3628cdd31199d Merge 4.4.270 into android-4.4-p
Conflicts:
drivers/mmc/core/core.c
drivers/usb/core/hub.c
kernel/trace/trace.c
Change-Id: I6b81471122341f9769ce9c65cbd0fedd5e908b38
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit d201d7631ca170b038e7f8921120d05eec70d7c5 upstream.
When using smb2_copychunk_range() for large ranges we will
run through several iterations of a loop calling SMB2_ioctl()
but never actually free the returned buffer except for the final
iteration.
This leads to memory leaks everytime a large copychunk is requested.
Fixes: 9bf0c9cd4314 ("CIFS: Fix SMB2/SMB3 Copy offload support (refcopy) for large files")
Cc: <stable@vger.kernel.org>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-18.1-caf-msm8998
This brings LA.UM.9.2.r1-02700-SDMxx0.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
f5978a07daf67 Merge 4.4.267 into android-4.4-p
Conflicts:
arch/alpha/include/asm/Kbuild
drivers/mmc/core/mmc.c
drivers/usb/gadget/configfs.c
Change-Id: I978d923e97c18f284edbd32c0c19ac70002f7d83
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 219481a8f90ec3a5eed9638fb35609e4b1aeece7 ]
Make SMB2 not print out an error when an oplock break is received for an
unknown handle, similar to SMB1. The debug message which is printed for
these unknown handles may also be misleading, so fix that too.
The SMB2 lease break path is not affected by this patch.
Without this, a program which writes to a file from one thread, and
opens, reads, and writes the same file from another thread triggers the
below errors several times a minute when run against a Samba server
configured with "smb2 leases = no".
CIFS: VFS: \\192.168.0.1 No task to wake, unknown frame received! NumMids 2
00000000: 424d53fe 00000040 00000000 00000012 .SMB@...........
00000010: 00000001 00000000 ffffffff ffffffff ................
00000020: 00000000 00000000 00000000 00000000 ................
00000030: 00000000 00000000 00000000 00000000 ................
Signed-off-by: Vincent Whitchurch <vincent.whitchurch@axis.com>
Reviewed-by: Tom Talpey <tom@talpey.com>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit cee8f4f6fcabfdf229542926128e9874d19016d5 ]
RHBZ: 1933527
Under SMB1 + POSIX, if an inode is reused on a server after we have read and
cached a part of a file, when we then open the new file with the
re-cycled inode there is a chance that we may serve the old data out of cache
to the application.
This only happens for SMB1 (deprecated) and when posix are used.
The simplest solution to avoid this race is to force a revalidate
on smb1-posix open.
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 14302ee3301b3a77b331cc14efb95bf7184c73cc upstream.
In cifs_statfs(), if server->ops->queryfs is not NULL, then we should
use its return value rather than always returning 0. Instead, use rc
variable as it is properly set to 0 in case there is no
server->ops->queryfs.
Signed-off-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: <stable@vger.kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-18.1-caf-msm8998
This brings LA.UM.9.2.r1-02500-SDMxx0.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
4fd124d1546d8 Merge 4.4.258 into android-4.4-p
Change-Id: Idbae7489bc1d831a378dd60993f46139e5e28c4c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 21b200d091826a83aafc95d847139b2b0582f6d1 upstream.
Assuming
- //HOST/a is mounted on /mnt
- //HOST/b is mounted on /mnt/b
On a slow connection, running 'df' and killing it while it's
processing /mnt/b can make cifs_get_inode_info() returns -ERESTARTSYS.
This triggers the following chain of events:
=> the dentry revalidation fail
=> dentry is put and released
=> superblock associated with the dentry is put
=> /mnt/b is unmounted
This patch makes cifs_d_revalidate() return the error instead of 0
(invalid) when cifs_revalidate_dentry() fails, except for ENOENT (file
deleted) and ESTALE (file recreated).
Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Suggested-by: Shyam Prasad N <nspmangalore@gmail.com>
Reviewed-by: Shyam Prasad N <nspmangalore@gmail.com>
CC: stable@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-18.1-caf-msm8998
This brings LA.UM.9.2.r1-01800-SDMxx0.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
300d539b8e6e2 ANDROID: usb: f_accessory: Wrap '_acc_dev' in get()/put() accessors
Conflicts:
drivers/usb/gadget/function/f_accessory.c
include/linux/spi/spi.h
Change-Id: Ifef5bfcb9d92b6d560126f0216369c567476f55d
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 212253367dc7b49ed3fc194ce71b0992eacaecf2 upstream.
This patch fixes a potential use-after-free bug in
cifs_echo_request().
For instance,
thread 1
--------
cifs_demultiplex_thread()
clean_demultiplex_info()
kfree(server)
thread 2 (workqueue)
--------
apic_timer_interrupt()
smp_apic_timer_interrupt()
irq_exit()
__do_softirq()
run_timer_softirq()
call_timer_fn()
cifs_echo_request() <- use-after-free in server ptr
Signed-off-by: Paulo Alcantara (SUSE) <pc@cjr.nz>
CC: Stable <stable@vger.kernel.org>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.4.r1-06200-8x98.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
4cb652f2d058e ANDROID: cuttlefish_defconfig: Disable CONFIG_KSM
Conflicts:
arch/arm64/include/asm/mmu_context.h
arch/powerpc/include/asm/uaccess.h
drivers/scsi/ufs/ufshcd.c
Change-Id: I25e090fc1a5a7d379aa8f681371e9918b3adeda6
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 57c176074057531b249cf522d90c22313fa74b0b upstream.
When converting trailing spaces and periods in paths, do so
for every component of the path, not just the last component.
If the conversion is not done for every path component, then
subsequent operations in directories with trailing spaces or
periods (e.g. create(), mkdir()) will fail with ENOENT. This
is because on the server, the directory will have a special
symbol in its name, and the client needs to provide the same.
Signed-off-by: Boris Protopopov <pboris@amazon.com>
Acked-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.2.r1-07400-sdm660.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
34b1d1174c2c7 UPSTREAM: arm64: kaslr: Fix up the kernel image alignment
Conflicts:
scripts/setlocalversion
Change-Id: Id2981587a6e92eb10cfdc9b6d13cd4bd2abb5670
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit d367cb960ce88914898cbfa43645c2e43ede9465 upstream.
The "end" pointer is either NULL or it points to the next byte to parse.
If there isn't a next byte then dereferencing "end" is an off-by-one out
of bounds error. And, of course, if it's NULL that leads to an Oops.
Printing "*end" doesn't seem very useful so let's delete this code.
Also for the last debug statement, I noticed that it should be printing
"sequence_end" instead of "end" so fix that as well.
Reported-by: Dominik Maier <dmaier@sect.tu-berlin.de>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.4.r1-05900-8x98.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
59f04f292e871 ANDROID: fix a bug in quota2
Conflicts:
Makefile
fs/ext4/inode.c
fs/f2fs/dir.c
Change-Id: Ic71b44a02908cf633d96114f0ff745cf1e1186de
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 0e6705182d4e1b77248a93470d6d7b3013d59b30 upstream.
This reverts commit 9ffad9263b467efd8f8dc7ae1941a0a655a2bab2.
Upon additional testing with older servers, it was found that
the original commit introduced a regression when using the old SMB1
dialect and rsyncing over an existing file.
The patch will need to be respun to address this, likely including
a larger refactoring of the SMB1 and SMB3 rename code paths to make
it less confusing and also to address some additional rename error
cases that SMB3 may be able to workaround.
Signed-off-by: Steve French <stfrench@microsoft.com>
Reported-by: Patrick Fernie <patrick.fernie@gmail.com>
CC: Stable <stable@vger.kernel.org>
Acked-by: Ronnie Sahlberg <lsahlber@redhat.com>
Acked-by: Pavel Shilovsky <pshilov@microsoft.com>
Acked-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.4.r1-05700-8x98.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
8476df741c780 BACKPORT: xtables: extend matches and targets with .usersize
Conflicts:
drivers/usb/gadget/function/f_uac1.c
net/netlink/genetlink.c
sound/core/compress_offload.c
Change-Id: Id7b2fdf3942f1986edec869dcd965df632cc1c5f
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 9ffad9263b467efd8f8dc7ae1941a0a655a2bab2 upstream.
When xfstest generic/035, we found the target file was deleted
if the rename return -EACESS.
In cifs_rename2, we unlink the positive target dentry if rename
failed with EACESS or EEXIST, even if the target dentry is positived
before rename. Then the existing file was deleted.
We should just delete the target file which created during the
rename.
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 00dfbc2f9c61185a2e662f27c45a0bb29b2a134f upstream.
Without this:
- persistent handles will only be enabled for per-user tcons if the
server advertises the 'Continuous Availabity' capability
- resilient handles would never be enabled for per-user tcons
Signed-off-by: Paul Aurich <paul@darkrain42.org>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit cc15461c73d7d044d56c47e869a215e49bd429c8 upstream.
Ensure multiuser SMB3 mounts use encryption for all users' tcons if the
mount options are configured to require encryption. Without this, only
the primary tcon and IPC tcons are guaranteed to be encrypted. Per-user
tcons would only be encrypted if the server was configured to require
encryption.
Signed-off-by: Paul Aurich <paul@darkrain42.org>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 6b69040247e14b43419a520f841f2b3052833df9 ]
CIFS implements the fallocate(FALLOC_FL_ZERO_RANGE) with send SMB
ioctl(FSCTL_SET_ZERO_DATA) to server. It just set the range of the
remote file to zero, but local page cache not update, then the data
inconsistent with server, which leads the xfstest generic/008 failed.
So we need to remove the local page caches before send SMB
ioctl(FSCTL_SET_ZERO_DATA) to server. After next read, it will
re-cache it.
Fixes: 30175628bf7f5 ("[SMB3] Enable fallocate -z support for SMB3 mounts")
Reported-by: Hulk Robot <hulkci@huawei.com>
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Cc: stable@vger.kernel.org # v3.17
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit acc91c2d8de4ef46ed751c5f9df99ed9a109b100 ]
When punch hole success, we also can read old data from file:
# strace -e trace=pread64,fallocate xfs_io -f -c "pread 20 40" \
-c "fpunch 20 40" -c"pread 20 40" file
pread64(3, " version 5.8.0-rc1+"..., 40, 20) = 40
fallocate(3, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 20, 40) = 0
pread64(3, " version 5.8.0-rc1+"..., 40, 20) = 40
CIFS implements the fallocate(FALLOCATE_FL_PUNCH_HOLE) with send SMB
ioctl(FSCTL_SET_ZERO_DATA) to server. It just set the range of the
remote file to zero, but local page caches not updated, then the
local page caches inconsistent with server.
Also can be found by xfstests generic/316.
So, we need to remove the page caches before send the SMB
ioctl(FSCTL_SET_ZERO_DATA) to server.
Fixes: 31742c5a33176 ("enable fallocate punch hole ("fallocate -p") for SMB3")
Suggested-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Zhang Xiaoxu <zhangxiaoxu5@huawei.com>
Cc: stable@vger.kernel.org # v3.17
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.4.r1-05500-8x98.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
60fca75727065 Merge 4.4.226 into android-4.4-p
Conflicts:
drivers/base/firmware_class.c
drivers/gpu/drm/msm/msm_gem.c
drivers/mmc/host/sdhci.c
drivers/net/wireless/ath/ath10k/core.c
kernel/trace/blktrace.c
net/socket.c
sound/core/rawmidi.c
sound/usb/mixer.c
Change-Id: Ic8599e865656da72a9405c45f27091ec1ddc168c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 9bd21d4b1a767c3abebec203342f3820dcb84662 ]
Coverity scan noted a redundant null check
Coverity-id: 728517
Reported-by: Coverity <scan-admin@coverity.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Shyam Prasad N <nspmangalore@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit f2caf901c1b7ce65f9e6aef4217e3241039db768 ]
There is a race condition with how we send (or supress and don't send)
smb echos that will cause the client to incorrectly think the
server is unresponsive and thus needs to be reconnected.
Summary of the race condition:
1) Daisy chaining scheduling creates a gap.
2) If traffic comes unfortunate shortly after
the last echo, the planned echo is suppressed.
3) Due to the gap, the next echo transmission is delayed
until after the timeout, which is set hard to twice
the echo interval.
This is fixed by changing the timeouts from 2 to three times the echo interval.
Detailed description of the bug: https://lutz.donnerhacke.de/eng/Blog/Groundhog-Day-with-SMB-remount
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 76e752701a8af4404bbd9c45723f7cbd6e4a251e ]
Some servers seem to accept connections while booting but never send
the SMBNegotiate response neither close the connection, causing all
processes accessing the share hang on uninterruptible sleep state.
This happens when the cifs_demultiplex_thread detects the server is
unresponsive so releases the socket and start trying to reconnect.
At some point, the faulty server will accept the socket and the TCP
status will be set to NeedNegotiate. The first issued command accessing
the share will start the negotiation (pid 5828 below), but the response
will never arrive so other commands will be blocked waiting on the mutex
(pid 55352).
This patch checks for unresponsive servers also on the negotiate stage
releasing the socket and reconnecting if the response is not received
and checking again the tcp state when the mutex is acquired.
PID: 55352 TASK: ffff880fd6cc02c0 CPU: 0 COMMAND: "ls"
#0 [ffff880fd9add9f0] schedule at ffffffff81467eb9
#1 [ffff880fd9addb38] __mutex_lock_slowpath at ffffffff81468fe0
#2 [ffff880fd9addba8] mutex_lock at ffffffff81468b1a
#3 [ffff880fd9addbc0] cifs_reconnect_tcon at ffffffffa042f905 [cifs]
#4 [ffff880fd9addc60] smb_init at ffffffffa042faeb [cifs]
#5 [ffff880fd9addca0] CIFSSMBQPathInfo at ffffffffa04360b5 [cifs]
....
Which is waiting a mutex owned by:
PID: 5828 TASK: ffff880fcc55e400 CPU: 0 COMMAND: "xxxx"
#0 [ffff880fbfdc19b8] schedule at ffffffff81467eb9
#1 [ffff880fbfdc1b00] wait_for_response at ffffffffa044f96d [cifs]
#2 [ffff880fbfdc1b60] SendReceive at ffffffffa04505ce [cifs]
#3 [ffff880fbfdc1bb0] CIFSSMBNegotiate at ffffffffa0438d79 [cifs]
#4 [ffff880fbfdc1c50] cifs_negotiate_protocol at ffffffffa043b383 [cifs]
#5 [ffff880fbfdc1c80] cifs_reconnect_tcon at ffffffffa042f911 [cifs]
#6 [ffff880fbfdc1d20] smb_init at ffffffffa042faeb [cifs]
#7 [ffff880fbfdc1d60] CIFSSMBQFSInfo at ffffffffa0434eb0 [cifs]
....
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Aurélien Aptel <aaptel@suse.de>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit fada37f6f62995cc449b36ebba1220594bfe55fe ]
We use a spinlock while we are reading and accessing the destination address for a server.
We need to also use this spinlock to protect when we are modifying this address from
reconn_set_ipaddr().
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.4.r1-05300-8x98.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
f9991115f0793 Merge 4.4.219 into android-4.4-p
Conflicts:
drivers/clk/qcom/clk-rcg2.c
drivers/scsi/sd.c
drivers/usb/gadget/function/f_fs.c
drivers/usb/gadget/function/u_serial.c
Change-Id: Ifed3db0ddda828c1697e57e9f73c1b73354bebf7
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit fc513fac56e1b626ae48a74d7551d9c35c50129e upstream.
If from cifs_revalidate_dentry_attr() the SMB2/QUERY_INFO call fails with an
error, such as STATUS_SESSION_EXPIRED, causing the session to be reconnected
it is possible we will leak -EAGAIN back to the application even for
system calls such as stat() where this is not a valid error.
Fix this by re-trying the operation from within cifs_revalidate_dentry_attr()
if cifs_get_inode_info*() returns -EAGAIN.
This fixes stat() and possibly also other system calls that uses
cifs_revalidate_dentry*().
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit f52aa79df43c4509146140de0241bc21a4a3b4c7 ]
A number of the debug statements output file or directory mode
in hex. Change these to print using octal.
Signed-off-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://android.googlesource.com/kernel/common into lineage-17.1-caf-msm8998
This brings LA.UM.8.4.r1-05200-8x98.0 up to date with
https://android.googlesource.com/kernel/common/ android-4.4-p at commit:
4db1ebdd40ec0 FROMLIST: HID: nintendo: add nintendo switch controller driver
Conflicts:
arch/arm64/boot/Makefile
arch/arm64/kernel/psci.c
arch/x86/configs/x86_64_cuttlefish_defconfig
drivers/md/dm.c
drivers/of/Kconfig
drivers/thermal/thermal_core.c
fs/proc/meminfo.c
kernel/locking/spinlock_debug.c
kernel/time/hrtimer.c
net/wireless/util.c
Change-Id: I5b5163497b7c6ab8487ffbb2d036e4cda01ed670
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit b0dd940e582b6a60296b9847a54012a4b080dc72 upstream.
RHBZ: 1579050
If we have a soft mount we should fail commands for session-setup
failures (such as the password having changed/ account being deleted/ ...)
and return an error back to the application.
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 33da8e7c814f77310250bb54a9db36a44c5de784 ]
My recent to change to only use force_sig for a synchronous events
wound up breaking signal reception cifs and drbd. I had overlooked
the fact that by default kthreads start out with all signals set to
SIG_IGN. So a change I thought was safe turned out to have made it
impossible for those kernel thread to catch their signals.
Reverting the work on force_sig is a bad idea because what the code
was doing was very much a misuse of force_sig. As the way force_sig
ultimately allowed the signal to happen was to change the signal
handler to SIG_DFL. Which after the first signal will allow userspace
to send signals to these kernel threads. At least for
wake_ack_receiver in drbd that does not appear actively wrong.
So correct this problem by adding allow_kernel_signal that will allow
signals whose siginfo reports they were sent by the kernel through,
but will not allow userspace generated signals, and update cifs and
drbd to call allow_kernel_signal in an appropriate place so that their
thread can receive this signal.
Fixing things this way ensures that userspace won't be able to send
signals and cause problems, that it is clear which signals the
threads are expecting to receive, and it guarantees that nothing
else in the system will be affected.
This change was partly inspired by similar cifs and drbd patches that
added allow_signal.
Reported-by: ronnie sahlberg <ronniesahlberg@gmail.com>
Reported-by: Christoph Böhmwalder <christoph.boehmwalder@linbit.com>
Tested-by: Christoph Böhmwalder <christoph.boehmwalder@linbit.com>
Cc: Steve French <smfrench@gmail.com>
Cc: Philipp Reisner <philipp.reisner@linbit.com>
Cc: David Laight <David.Laight@ACULAB.COM>
Fixes: 247bc9470b1e ("cifs: fix rmmod regression in cifs.ko caused by force_sig changes")
Fixes: 72abe3bcf091 ("signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig")
Fixes: fee109901f39 ("signal/drbd: Use send_sig not force_sig")
Fixes: 3cf5d076fb4d ("signal: Remove task parameter from force_sig")
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 247bc9470b1eeefc7b58cdf2c39f2866ba651509 ]
Fixes: 72abe3bcf091 ("signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig")
The global change from force_sig caused module unloading of cifs.ko
to fail (since the cifsd process could not be killed, "rmmod cifs"
now would always fail)
Signed-off-by: Steve French <stfrench@microsoft.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
CC: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit 72abe3bcf0911d69b46c1e8bdb5612675e0ac42c ]
The locking in force_sig_info is not prepared to deal with a task that
exits or execs (as sighand may change). The is not a locking problem
in force_sig as force_sig is only built to handle synchronous
exceptions.
Further the function force_sig_info changes the signal state if the
signal is ignored, or blocked or if SIGNAL_UNKILLABLE will prevent the
delivery of the signal. The signal SIGKILL can not be ignored and can
not be blocked and SIGNAL_UNKILLABLE won't prevent it from being
delivered.
So using force_sig rather than send_sig for SIGKILL is confusing
and pointless.
Because it won't impact the sending of the signal and and because
using force_sig is wrong, replace force_sig with send_sig.
Cc: Namjae Jeon <namjae.jeon@samsung.com>
Cc: Jeff Layton <jlayton@primarydata.com>
Cc: Steve French <smfrench@gmail.com>
Fixes: a5c3e1c725af ("Revert "cifs: No need to send SIGKILL to demux_thread during umount"")
Fixes: e7ddee9037e7 ("cifs: disable sharing session and tcon and add new TCP sharing code")
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 7935799e041ae10d380d04ea23868240f082bd11 upstream.
Clang warns:
../fs/cifs/smb2file.c:70:3: warning: misleading indentation; statement
is not part of the previous 'if' [-Wmisleading-indentation]
if (oparms->tcon->use_resilient) {
^
../fs/cifs/smb2file.c:66:2: note: previous statement is here
if (rc)
^
1 warning generated.
This warning occurs because there is a space after the tab on this line.
Remove it so that the indentation is consistent with the Linux kernel
coding style and clang no longer warns.
Fixes: 592fafe644bf ("Add resilienthandles mount parm")
Link: https://github.com/ClangBuiltLinux/linux/issues/826
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 44805b0e62f15e90d233485420e1847133716bdc upstream.
Currently the client translates O_SYNC and O_DIRECT flags
into corresponding SMB create options when openning a file.
The problem is that on reconnect when the file is being
re-opened the client doesn't set those flags and it causes
a server to reject re-open requests because create options
don't match. The latter means that any subsequent system
call against that open file fail until a share is re-mounted.
Fix this by properly setting SMB create options when
re-openning files after reconnects.
Fixes: 1013e760d10e6: ("SMB3: Don't ignore O_SYNC/O_DSYNC and O_DIRECT flags")
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit fa9c2362497fbd64788063288dc4e74daf977ebb upstream.
Even when mounting modern protocol version the server may be
configured without supporting SMB2.1 leases and the client
uses SMB2 oplock to optimize IO performance through local caching.
However there is a problem in oplock break handling that leads
to missing a break notification on the client who has a file
opened. It latter causes big latencies to other clients that
are trying to open the same file.
The problem reproduces when there are multiple shares from the
same server mounted on the client. The processing code tries to
match persistent and volatile file ids from the break notification
with an open file but it skips all share besides the first one.
Fix this by looking up in all shares belonging to the server that
issued the oplock break.
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 6f582b273ec23332074d970a7fb25bef835df71f upstream.
Currently when the client creates a cifsFileInfo structure for
a newly opened file, it allocates a list of byte-range locks
with a pointer to the new cfile and attaches this list to the
inode's lock list. The latter happens before initializing all
other fields, e.g. cfile->tlink. Thus a partially initialized
cifsFileInfo structure becomes available to other threads that
walk through the inode's lock list. One example of such a thread
may be an oplock break worker thread that tries to push all
cached byte-range locks. This causes NULL-pointer dereference
in smb2_push_mandatory_locks() when accessing cfile->tlink:
[598428.945633] BUG: kernel NULL pointer dereference, address: 0000000000000038
...
[598428.945749] Workqueue: cifsoplockd cifs_oplock_break [cifs]
[598428.945793] RIP: 0010:smb2_push_mandatory_locks+0xd6/0x5a0 [cifs]
...
[598428.945834] Call Trace:
[598428.945870] ? cifs_revalidate_mapping+0x45/0x90 [cifs]
[598428.945901] cifs_oplock_break+0x13d/0x450 [cifs]
[598428.945909] process_one_work+0x1db/0x380
[598428.945914] worker_thread+0x4d/0x400
[598428.945921] kthread+0x104/0x140
[598428.945925] ? process_one_work+0x380/0x380
[598428.945931] ? kthread_park+0x80/0x80
[598428.945937] ret_from_fork+0x35/0x40
Fix this by reordering initialization steps of the cifsFileInfo
structure: initialize all the fields first and then add the new
byte-range lock list to the inode's lock list.
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* refs/heads/tmp-903fbe7
Linux 4.4.200
alarmtimer: Change remaining ENOTSUPP to EOPNOTSUPP
ARM: fix the cockup in the previous patch
ARM: ensure that processor vtables is not lost after boot
ARM: spectre-v2: per-CPU vtables to work around big.Little systems
ARM: add PROC_VTABLE and PROC_TABLE macros
ARM: clean up per-processor check_bugs method call
ARM: split out processor lookup
ARM: make lookup_processor_type() non-__init
ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc
ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization
ARM: 8795/1: spectre-v1.1: use put_user() for __put_user()
ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
ARM: 8793/1: signal: replace __put_user_error with __put_user
ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user()
ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state
ARM: 8789/1: signal: copy registers using __copy_to_user()
ARM: spectre-v1: mitigate user accesses
ARM: spectre-v1: use get_user() for __get_user()
ARM: use __inttype() in get_user()
ARM: oabi-compat: copy semops using __copy_from_user()
ARM: vfp: use __copy_from_user() when restoring VFP state
ARM: signal: copy registers using __copy_from_user()
ARM: spectre-v1: fix syscall entry
ARM: spectre-v1: add array_index_mask_nospec() implementation
ARM: spectre-v1: add speculation barrier (csdb) macros
ARM: spectre-v2: warn about incorrect context switching functions
ARM: spectre-v2: add firmware based hardening
ARM: spectre-v2: harden user aborts in kernel space
ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit
ARM: spectre-v2: harden branch predictor on context switches
ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre
ARM: bugs: add support for per-processor bug checking
ARM: bugs: hook processor bug checking into SMP and suspend paths
ARM: bugs: prepare processor bug infrastructure
ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs
arm/arm64: smccc-1.1: Handle function result as parameters
arm/arm64: smccc-1.1: Make return values unsigned long
arm/arm64: smccc: Add SMCCC-specific return codes
arm/arm64: smccc: Implement SMCCC v1.1 inline primitive
arm/arm64: smccc: Make function identifiers an unsigned quantity
firmware/psci: Expose SMCCC version through psci_ops
firmware/psci: Expose PSCI conduit
arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support
arm/arm64: KVM: Advertise SMCCC v1.1
ARM: Move system register accessors to asm/cp15.h
ARM: uaccess: remove put_user() code duplication
ARM: 8481/2: drivers: psci: replace psci firmware calls
ARM: 8480/2: arm64: add implementation for arm-smccc
ARM: 8479/2: add implementation for arm-smccc
ARM: 8478/2: arm/arm64: add arm-smccc
ARM: 8051/1: put_user: fix possible data corruption in put_user
dmaengine: qcom: bam_dma: Fix resource leak
net/flow_dissector: switch to siphash
inet: stop leaking jiffies on the wire
net/mlx4_core: Dynamically set guaranteed amount of counters per VF
vxlan: check tun_info options_len properly
net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
net: hisilicon: Fix ping latency when deal with high throughput
net: fix sk_page_frag() recursion from memory reclaim
dccp: do not leak jiffies on the wire
cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
MIPS: bmips: mark exception vectors as char arrays
of: unittest: fix memory leak in unittest_data_add
scsi: target: core: Do not overwrite CDB byte 1
perf kmem: Fix memory leak in compact_gfp_flags()
scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
scsi: sni_53c710: fix compilation error
ARM: mm: fix alignment handler faults under memory pressure
ARM: dts: logicpd-torpedo-som: Remove twl_keypad
ASoc: rockchip: i2s: Fix RPM imbalance
regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized
regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
kbuild: add -fcf-protection=none when using retpoline flags
UPSTREAM: HID: steam: fix deadlock with input devices.
UPSTREAM: HID: steam: fix boot loop with bluetooth firmware
UPSTREAM: HID: steam: remove input device when a hid client is running.
UPSTREAM: HID: steam: use hid_device.driver_data instead of hid_set_drvdata()
UPSTREAM: HID: steam: add missing fields in client initialization
UPSTREAM: HID: steam: add battery device.
UPSTREAM: HID: add driver for Valve Steam Controller
UPSTREAM: HID: sony: Fix memory corruption issue on cleanup.
UPSTREAM: HID: sony: Fix race condition between rumble and device remove.
UPSTREAM: HID: sony: remove redundant check for -ve err
UPSTREAM: HID: sony: Make sure to unregister sensors on failure
UPSTREAM: HID: sony: Make DS4 bt poll interval adjustable
UPSTREAM: HID: sony: Set proper bit flags on DS4 output report
UPSTREAM: HID: sony: DS4 use brighter LED colors
UPSTREAM: HID: sony: Improve navigation controller axis/button mapping
UPSTREAM: HID: sony: Use DS3 MAC address as unique identifier on USB
UPSTREAM: HID: sony: Perform duplicate device check earlier on
UPSTREAM: HID: sony: Expose DS3 motion sensors through separate device
UPSTREAM: HID: sony: Print error on failure to active DS3 / Navigation controllers
UPSTREAM: HID: sony: DS3 comply to Linux gamepad spec
UPSTREAM: HID: sony: Mark DS4 touchpad device as a pointer
UPSTREAM: HID: sony: Support motion sensor calibration on dongle
UPSTREAM: HID: sony: Make work handling more generic
UPSTREAM: HID: sony: Treat the ds4 dongle as a separate device
UPSTREAM: HID: sony: Remove report descriptor fixup for DS4
UPSTREAM: HID: sony: Report hardware timestamp for DS4 sensor values
UPSTREAM: HID: sony: Calibrate DS4 motion sensors
UPSTREAM: HID: sony: Report DS4 motion sensors through a separate device
UPSTREAM: HID: sony: Fix input device leak when connecting a DS4 twice using USB/BT
UPSTREAM: HID: sony: Use LED_CORE_SUSPENDRESUME
UPSTREAM: HID: sony: Ignore DS4 dongle reports when no device is connected
UPSTREAM: HID: sony: Use DS4 MAC address as unique identifier on USB
UPSTREAM: HID: sony: Fix error handling bug when touchpad registration fails
UPSTREAM: HID: sony: Comply to Linux gamepad spec for DS4
UPSTREAM: HID: sony: Make the DS4 touchpad a separate device
UPSTREAM: HID: sony: Fix memory issue when connecting device using both Bluetooth and USB
UPSTREAM: HID: sony: Adjust value range for motion sensors
UPSTREAM: HID: sony: Handle multiple touch events input record
UPSTREAM: HID: sony: Send ds4 output reports on output end-point
UPSTREAM: HID: sony: Perform CRC check on bluetooth input packets
UPSTREAM: HID: sony: Adjust HID report size name definitions
UPSTREAM: HID: sony: Fix race condition in sony_probe
UPSTREAM: HID: sony: Update copyright and add Dualshock 4 rate control note
UPSTREAM: HID: sony: Defer the initial USB Sixaxis output report
UPSTREAM: HID: sony: Relax duplicate checking for USB-only devices
UPSTREAM: HID: sony: underscores are unnecessary for u8, u16, s32
UPSTREAM: HID: sony: fix some warnings from scripts/checkpatch.pl
UPSTREAM: HID: sony: fix errors from scripts/checkpatch.pl
UPSTREAM: HID: sony: fix a typo in descriptors comments s/Joystik/Joystick/
UPSTREAM: HID: sony: Fixup output reports for the nyko core controller
UPSTREAM: HID: sony: Remove the size check for the Dualshock 4 HID Descriptor
UPSTREAM: HID: sony: Save and restore the controller state on suspend and resume
UPSTREAM: HID: sony: Refactor the output report sending functions
After resolving conflicts there is no effective change from this patch
fs/dcache: move security_d_instantiate() behind attaching dentry to inode
Conflicts:
fs/dcache.c
include/linux/arm-smccc.h
include/linux/psci.h
Change-Id: I092fea3b6c69f56639fdb9e511e011cbb326e2c7
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit d46b0da7a33dd8c99d969834f682267a45444ab3 ]
There's a deadlock that is possible and can easily be seen with
a test where multiple readers open/read/close of the same file
and a disruption occurs causing reconnect. The deadlock is due
a reader thread inside cifs_strict_readv calling down_read and
obtaining lock_sem, and then after reconnect inside
cifs_reopen_file calling down_read a second time. If in
between the two down_read calls, a down_write comes from
another process, deadlock occurs.
CPU0 CPU1
---- ----
cifs_strict_readv()
down_read(&cifsi->lock_sem);
_cifsFileInfo_put
OR
cifs_new_fileinfo
down_write(&cifsi->lock_sem);
cifs_reopen_file()
down_read(&cifsi->lock_sem);
Fix the above by changing all down_write(lock_sem) calls to
down_write_trylock(lock_sem)/msleep() loop, which in turn
makes the second down_read call benign since it will never
block behind the writer while holding lock_sem.
Signed-off-by: Dave Wysochanski <dwysocha@redhat.com>
Suggested-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed--by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* refs/heads/tmp-3f5703c
Linux 4.4.199
Revert "ALSA: hda: Flush interrupts on disabling"
xfs: Correctly invert xfs_buftarg LRU isolation logic
sctp: not bind the socket in sctp_connect
sctp: fix the issue that flags are ignored when using kernel_connect
sch_netem: fix rcu splat in netem_enqueue()
net: usb: sr9800: fix uninitialized local variable
bonding: fix potential NULL deref in bond_update_slave_arr
llc: fix sk_buff leak in llc_conn_service()
llc: fix sk_buff leak in llc_sap_state_process()
rtlwifi: Fix potential overflow on P2P code
s390/cmm: fix information leak in cmm_timeout_handler()
nl80211: fix validation of mesh path nexthop
HID: fix error message in hid_open_report()
HID: Fix assumption that devices have inputs
USB: serial: whiteheat: fix line-speed endianness
USB: serial: whiteheat: fix potential slab corruption
USB: ldusb: fix control-message timeout
USB: ldusb: fix ring-buffer locking
USB: gadget: Reject endpoints with 0 maxpacket value
UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments")
ALSA: bebob: Fix prototype of helper function to return negative value
fuse: truncate pending writes on O_TRUNC
fuse: flush dirty data/metadata before non-truncate setattr
ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
thunderbolt: Use 32-bit writes when writing ring producer/consumer
USB: legousbtower: fix a signedness bug in tower_probe()
tracing: Initialize iter->seq after zeroing in tracing_read_pipe()
NFSv4: Fix leak of clp->cl_acceptor string
MIPS: fw: sni: Fix out of bounds init of o32 stack
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc()
fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()
efi/x86: Do not clean dummy variable in kexec path
efi/cper: Fix endianness of PCIe class code
serial: mctrl_gpio: Check for NULL pointer
fs: cifs: mute -Wunused-const-variable message
RDMA/iwcm: Fix a lock inversion issue
perf map: Fix overlapped map handling
iio: fix center temperature of bmc150-accel-core
exec: load_script: Do not exec truncated interpreter path
usb: handle warm-reset port requests on hub resume
scripts/setlocalversion: Improve -dirty check with git-status --no-optional-locks
x86/cpu: Add Atom Tremont (Jacobsville)
sc16is7xx: Fix for "Unexpected interrupt: 8"
dm: Use kzalloc for all structs with embedded biosets/mempools
dm snapshot: rework COW throttling to fix deadlock
dm snapshot: introduce account_start_copy() and account_end_copy()
dm snapshot: use mutex instead of rw_semaphore
ANDROID: cpufreq: times: add /proc/uid_concurrent_{active,policy}_time
Conflicts:
drivers/cpufreq/cpufreq_times.c
Change-Id: I2c27599db8577afa4853222b11d9aec20071e752
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[ Upstream commit dd19c106a36690b47bb1acc68372f2b472b495b8 ]
After 'Initial git repository build' commit,
'mapping_table_ERRHRD' variable has not been used.
So 'mapping_table_ERRHRD' const variable could be removed
to mute below warning message:
fs/cifs/netmisc.c:120:40: warning: unused variable 'mapping_table_ERRHRD' [-Wunused-const-variable]
static const struct smb_to_posix_error mapping_table_ERRHRD[] = {
^
Signed-off-by: Austin Kim <austindh.kim@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* refs/heads/tmp-dbd0162
Linux 4.4.198
RDMA/cxgb4: Do not dma memory off of the stack
net: sched: Fix memory exposure from short TCA_U32_SEL
PCI: PM: Fix pci_power_up()
xen/netback: fix error path of xenvif_connect_data()
cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown
memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()'
btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()
CIFS: avoid using MID 0xFFFF
parisc: Fix vmap memory leak in ioremap()/iounmap()
xtensa: drop EXPORT_SYMBOL for outs*/ins*
mm/slub: fix a deadlock in show_slab_objects()
scsi: zfcp: fix reaction on bit error threshold notification
drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50
mac80211: Reject malformed SSID elements
cfg80211: wext: avoid copying malformed SSIDs
ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
scsi: core: try to get module before removing device
USB: ldusb: fix read info leaks
USB: usblp: fix use-after-free on disconnect
USB: ldusb: fix memleak on disconnect
USB: serial: ti_usb_3410_5052: fix port-close races
usb: udc: lpc32xx: fix bad bit shift operation
USB: legousbtower: fix memleak on disconnect
memfd: Fix locking when tagging pins
ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
net: avoid potential infinite loop in tc_ctl_action()
sctp: change sctp_prot .no_autobind with true
net: bcmgenet: Set phydev->dev_flags only for internal PHYs
net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
loop: Add LOOP_SET_DIRECT_IO to compat ioctl
namespace: fix namespace.pl script to support relative paths
net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write()
mips: Loongson: Fix the link time qualifier of 'serial_exit()'
nl80211: fix null pointer dereference
ARM: dts: am4372: Set memory bandwidth limit for DISPC
ARM: OMAP2+: Fix missing reset done flag for am3 and am43
scsi: qla2xxx: Fix unbound sleep in fcport delete path.
scsi: megaraid: disable device when probe failed after enabled device
scsi: ufs: skip shutdown if hba is not powered
rtlwifi: Fix potential overflow on P2P code
ANDROID: clang: update to 9.0.8 based on r365631c
ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
ANDROID: refactor build.config files to remove duplication
Conflicts:
drivers/block/loop.c
Change-Id: I68d2106c6480b9a2573f31302b0c75922f427732
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
commit 03d9a9fe3f3aec508e485dd3dcfa1e99933b4bdb upstream.
According to MS-CIFS specification MID 0xFFFF should not be used by the
CIFS client, but we actually do. Besides, this has proven to cause races
leading to oops between SendReceive2/cifs_demultiplex_thread. On SMB1,
MID is a 2 byte value easy to reach in CurrentMid which may conflict with
an oplock break notification request coming from server
Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com>
Reviewed-by: Ronnie Sahlberg <lsahlber@redhat.com>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
