Update to current CM commits #1
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The change is to compile on kernels where cpufreq stats are compiled as a module (CONFIG_CPU_FREQ_STAT=m), because total_cpus is not exported for module use. Reported-By: Emilio López <[email protected]> Signed-off-by: Ruchi Kandoi <[email protected]> Change-Id: I4f3c74f0fac5e8d9449655b26bf3b407b0fe4290
commit fdfa4c9 upstream. commit 809d290 in stable/3.4.y. arch/um/os-Linux/start_up.c: In function 'check_coredump_limit': arch/um/os-Linux/start_up.c:338:16: error: storage size of 'lim' isn't known arch/um/os-Linux/start_up.c:339:2: error: implicit declaration of function 'getrlimit' [-Werror=implicit-function-declaration] Bug: 15413527 Change-Id: I81d930d9636bfc95e0c2140f2901628dc609df79 Signed-off-by: Sergei Trofimovich <[email protected]> CC: Jeff Dike <[email protected]> CC: Richard Weinberger <[email protected]> CC: Al Viro <[email protected]> CC: [email protected] CC: [email protected] CC: [email protected] Signed-off-by: Richard Weinberger <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
Add a sysctl that causes an interface's optimistic addresses to be considered equivalent to other non-deprecated addresses for source address selection purposes. Preferred addresses will still take precedence over optimistic addresses, subject to other ranking in the source address selection algorithm. This is useful where different interfaces are connected to different networks from different ISPs (e.g., a cell network and a home wifi network). The current behaviour complies with RFC 3484/6724, and it makes sense if the host has only one interface, or has multiple interfaces on the same network (same or cooperating administrative domain(s), but not in the multiple distinct networks case. For example, if a mobile device has an IPv6 address on an LTE network and then connects to IPv6-enabled wifi, while the wifi IPv6 address is undergoing DAD, IPv6 connections will try use the wifi default route with the LTE IPv6 address, and will get stuck until they time out. Also, because optimistic nodes can receive frames, issue an RTM_NEWADDR as soon as DAD starts (with the IFA_F_OPTIMSTIC flag appropriately set). A second RTM_NEWADDR is sent if DAD completes (the address flags have changed), otherwise an RTM_DELADDR is sent. Also: add an entry in ip-sysctl.txt for optimistic_dad. [backport of net-next 7fd2561] Signed-off-by: Erik Kline <[email protected]> Acked-by: Lorenzo Colitti <[email protected]> Acked-by: Hannes Frederic Sowa <[email protected]> Signed-off-by: David S. Miller <[email protected]> Bug: 17769720 Change-Id: I440a9b8c788db6767d191bbebfd2dff481aa9e0d
ping_lookup() may return a wrong sock if sk_buff's and sock's protocols dont' match. For example, sk_buff's protocol is ETH_P_IPV6, but sock's sk_family is AF_INET, in that case, if sk->sk_bound_dev_if is zero, a wrong sock will be returned. the fix is to "continue" the searching, if no matching, return NULL. [cherry-pick of net 91a0b60] Bug: 18512516 Change-Id: I520223ce53c0d4e155c37d6b65a03489cc7fd494 Cc: "David S. Miller" <[email protected]> Cc: Alexey Kuznetsov <[email protected]> Cc: James Morris <[email protected]> Cc: Hideaki YOSHIFUJI <[email protected]> Cc: Patrick McHardy <[email protected]> Cc: [email protected] Cc: [email protected] Signed-off-by: Jane Zhou <[email protected]> Signed-off-by: Yiwei Zhao <[email protected]> Signed-off-by: David S. Miller <[email protected]> Signed-off-by: Lorenzo Colitti <[email protected]>
The use_optimistic sysctl makes optimistic IPv6 addresses equivalent to preferred addresses for source address selection (e.g., when calling connect()), but it does not allow an application to bind to optimistic addresses. This behaviour is inconsistent - for example, it doesn't make sense for bind() to an optimistic address fail with EADDRNOTAVAIL, but connect() to choose that address outgoing address on the same socket. Bug: 17769720 Bug: 18609055 Change-Id: I9de0d6c92ac45e29d28e318ac626c71806666f13 Signed-off-by: Erik Kline <[email protected]> Signed-off-by: Lorenzo Colitti <[email protected]>
"timer" was checked for null, but used later without being re-checked. Change-Id: Ib4d08cd49860c9f157d1cac556705ba85cd44f4e Reported-by: [email protected] Signed-off-by: JP Abgrall <[email protected]>
In order to meet requirments for all use cases from HAL, it is required to open q6 lsm session before prepare/start so that other ioctl's relating to LSM settings can be performed before prepare/start. Open q6 lsm session from ioctl to set session data. Change-Id: Ibbae086562854b07b1063839ef68aa4f97187569 Signed-off-by: Dhananjay Kumar <[email protected]>
Change-Id: I4ca4b8ae1763822f232c314c8aa20836ad4aae80
* Having all panel configurations in a single file is getting a bit unwieldy. Split it up into separate files. * Add RSP 1440p panel. * Various updates from Oppo. Change-Id: Ic5ec4cd219a640605cfd70d6d39227931769df93
* SRE was not being enabled when the threshold was crossed. Fix this logic. Also add a sysfs knob to set the threshold. Change-Id: Iac5cf22d127938c89c26f0b27341480e8430c8ee
* Enable partial updates and ultra-low-power modes, same as others. Change-Id: Ic6c784106900fa9609de778ea65a4c47e4ed50ef
Currently codec driver uses request_firmware to get calibration data but as this firmware file is also written by userspace process after bootup, it is not recommended to use request_firmware. ALSA core provides mechanism to get hardware dependant data using hwdep nodes. Tomtom codec will use aforementioned nodes to get calibration data from userspace. Changed ANC calibration data size Change-Id: Iace6e239029c7b0d93a5d61a0025ee551acf952f Signed-off-by: Anish Kumar <[email protected]> Signed-off-by: Pavan Chikkala <[email protected]>
Use hwdep node to use calibration and at the same time keep the code backward compatible. Codec driver can still use request_firmware to get the calibration if hwdep is not available. Change-Id: Ifb4c36632b890b61a0bc67d8af44a5a10233d7bd Signed-off-by: Pavan Chikkala <[email protected]>
Change-Id: Ica93435c5df8a1ca0bc40fff1e081607eb6ac18c
* We aren't supporting multi keyword. Revert "ASoC: msm: qdsp6v2: Fix event status issue for Sound Model V1" This reverts commit 5ece665. Revert "ASoC: msm-lsm-client: open q6 lsm session before client prepare" This reverts commit da28965. Revert "ASoC: msm: qdsp6v2: avoid null pointer dereference" This reverts commit ed1a73d. Revert "ASoC: core: Add compat ioctl support for listen driver" This reverts commit 3094e97. Revert "ASoC : msm: Add IOCTL for Listen LookAhead Buffering" This reverts commit 8c04f2e. Revert "ASoC: msm: Add MultiKeyword support for Listen" This reverts commit 9ad69f5. Change-Id: Ifbabb72d83d60380bc66496b56eb6642e8a04b66
Change-Id: Ia9d5f48d035adf8d3e323f3958495f7a224c06fa
The overflow check is required to ensure that user space data in kernel may not go beyond buffer boundary. CRs-Fixed: 563086 Signed-off-by: Asish Bhattacharya <[email protected]> Signed-off-by: Mohammad Johny Shaik <[email protected]> (cherry picked from commit 7e09949355b2dac9aac8bb414037ccaca3c68d86) Signed-off-by: Pavan Chikkala <[email protected]> Change-Id: I4da774740c71b97dc2e4fd16c78bf065ad457690 Signed-off-by: Pavan Chikkala <[email protected]> Signed-off-by: Divya Narayanan Poojary <[email protected]>
Previously known as sampling down factor, max_freq_hysteresis extends the period that interactive governor will stay at policy->max. This feature is to accomodate short idle periods in an otherwise very intensive workload. When the feature is enabled, it ensures that once a CPU goes to max frequency, it doesn't reduce the frequency for max_freq_hysteresis microseconds from the time it first goes to idle. Change-Id: Ia54985cb554f63f8c22d0b554a0a0f2ed2be038f Signed-off-by: Junjie Wu <[email protected]>
Bound check and validate userspace parameters direction, number of steps and direction sign. Also fix possible memory leak in certain error cases. CRs-Fixed: 511349 Change-Id: Icaa324468574494fb40f2de78e522090806744cb Signed-off-by: Hariram Purushothaman <[email protected]> Signed-off-by: Ankit Premrajka <[email protected]> Signed-off-by: Yiduo Wang <[email protected]>
V4L2 only allow 32 buffers. Check the num_buf to make sure that user space passed value is not out of bound. CRs-Fixed: 514698 Change-Id: I662ec1eb998ed8bfb2a7f188e645410aa78c83b0 Signed-off-by: Hariram Purushothaman <[email protected]> Signed-off-by: Ankit Premrajka <[email protected]> Signed-off-by: Raghu DP <[email protected]>
msm_camera_qup_i2c_txdata() is not returning proper value. Due to which session tear down is not happening properly in case of i2c failure. CRs-Fixed: 640328 Change-Id: Iac8be9d4755f807b45a6ede4f660b52cb88aedd4 Signed-off-by: Vivek Veenam <[email protected]>
Remove improper drv_priv free in failure case and add NULL pointer check to avoid kernel panic Change-Id: If074eba245e93bf8fead505993a2611582e4398d Signed-off-by: Yiduo Wang <[email protected]>
Using unsigned long to avoid overflow because pix clk frequencies might cause long overflow. Fix this by using unsigned long instead of long. Change-Id: Iaf184de26d8ae689efa297096be9f01db84faded Signed-off-by: Peter Liu <[email protected]>
If video telephony app uses camera, timestamp need to be more accurate. Use hardware registers to read time in nano seconds and fill it in buffer. Change-Id: I25c321ec83fb952f09a57b1b0ad46b0458a990a1 Signed-off-by: Abhishek kondaveeti <[email protected]>
Pointers should be checked for NULL before they are dereferenced. If it is not done segmentation fault can appear. Change-Id: I8b36f3553292b41386e231f12867ff78f8e2379d Signed-off-by: Iliya Varadzhakov <[email protected]>
* Unsuspend while dozing so we can interact with ambient display. Change-Id: I0e7d942aa00693518f41653efec28435e7783d46
* Required for CTS 5.0. Change-Id: Ifac09c31316556da99361fa92dcecc2edffb5919
* Enable required options Change-Id: Iee8fdeb43044205c15a734448ff08704804e4fa6
* Required for CTS 5.0. Change-Id: Ia66096cc63ecea8e5c86c25c857ff367652eb9f1
When a key is being garbage collected, it's key->user would get put before the ->destroy() callback is called, where the key is removed from it's respective tracking structures. This leaves a key hanging in a semi-invalid state which leaves a window open for a different task to try an access key->user. An example is find_keyring_by_name() which would dereference key->user for a key that is in the process of being garbage collected (where key->user was freed but ->destroy() wasn't called yet - so it's still present in the linked list). This would cause either a panic, or corrupt memory. Change-Id: Ic74246dc2dcc593f04f71063e3301e7356d588b7 Signed-off-by: Sasha Levin <[email protected]>
Current implementation waits for infinte time to read APR responses in voice SVC driver. Add timeout for the read to allow caller thread to exit after certain time. CRs-fixed: 796847 Change-Id: Iaed7f1d8688dba0ca83a454f80472b01de141226 Signed-off-by: Karthik Reddy Katta <[email protected]>
Change WCN PA rail LDO number in power manager entry for wcnss. Change-Id: I06e12dda41c463aa7a842683f47bc7bbf244b2ad CRs-Fixed: 796283 Signed-off-by: Hardik Kantilal Patel <[email protected]>
Diag driver holds on to the socket process task structure even after signaling the process to exit. This patch clears the internal handle after signaling. Change-Id: I642fb595fc2caebc6f2f5419efed4fb560e4e4db Signed-off-by: Ravi Aravamudhan <[email protected]>
When power collapse is canceled due to venus being active, Driver no need clear PC_READY bit. Venus HW uses this value internally to maintain its own state. When driver clears it can cause HW to become non-responsive. Venus HW is self sufficient to come out of power collapse at any stage. Change-Id: I5645a9e061fe3fa98ee03027c015cfac0ca81dfc Signed-off-by: Praneeth Paladugu <[email protected]> Signed-off-by: Balamurugan Alagarsamy <[email protected]>
DPSE/DMSE HV interrupt helps detect cable connection event during TCXO shutdown and/or VDDMIN. Device working in host mode also can enter LPM with PHY retention and these interrupts can wake up the device when there is external device(eg. mouse) connecting. As per HW specification, enable USB2_PHY_DMSE_INTEN/USB2_PHY_DPSE_INTEN bits of USB_OTG_HS_PHY_CTRL register when USB module enters LPM with retention mode, and disable these two bits when USB module exits LPM with retention mode. CRs-Fixed: 780259 Change-Id: I7b139547246cd64396c69f71da658f91d5f63812 Signed-off-by: Guoping Yu <[email protected]>
Events may get generated for Link Power Management L1 Suspend and Resume. The suspend case currently ignores L1 and only proceeds to call the gadget driver suspend routines if it is for L2/U3 entry. However, the resume callback doesn't make this distinction, which will result in the gadget layer resume getting called for which there had not been a previous suspend. Change-Id: I9c0e866d9c834a8ea7b3f52e65fa702efbee2b38 CRs-Fixed: 739812 Signed-off-by: Vijayavardhan Vennapusa <[email protected]>
Marker commands may not be submitted to RB but create room in context queue on expiry which is left uncounted. If there are too many markers commands from a specific context then context queue eventually gets full but wakeup is never called for sleeping threads. Wake up the snoozing threads when there is room in the context queue rather than based on the condition of real submissions from the context. CRs-fixed: 783187 Change-Id: I0cb0002d7b641071a45d46ae50ce9f23f37b0fab Signed-off-by: Sunil Khatri <[email protected]> Signed-off-by: Anupam Sakargayan <[email protected]>
* Clean up dead code which was moved to the framework * Fix issue with SRE at max brightness Change-Id: Ibec05238cc3dc3ad048e96917d70705d64648ecc
Change-Id: I1316a16e692dc7c09accee929e0e3acbee9978f3
Change-Id: Iaba8bc116edb3f794f6b1dbe6f679adef0af6bb4
We used to read file_handle twice. Once to get the amount of extra bytes, and once to fetch the entire structure. This may be problematic since we do size verifications only after the first read, so if the number of extra bytes changes in userspace between the first and second calls, we'll have an incoherent view of file_handle. Instead, read the constant size once, and copy that over to the final structure without having to re-read it again. Change-Id: Ib05e5129629e27d5a05953098c5bc470fae40d2a Signed-off-by: Sasha Levin <[email protected]>
Sasha Levin found a NULL pointer dereference that is due to a missing page table lock, which in turn is due to the pmd entry in question being a transparent huge-table entry. The code - introduced in commit 1998cc0 ("mm: make madvise(MADV_WILLNEED) support swap file prefetch") - correctly checks for this situation using pmd_none_or_trans_huge_or_clear_bad(), but it turns out that that function doesn't work correctly. pmd_none_or_trans_huge_or_clear_bad() expected that pmd_bad() would trigger if the transparent hugepage bit was set, but it doesn't do that if pmd_numa() is also set. Note that the NUMA bit only gets set on real NUMA machines, so people trying to reproduce this on most normal development systems would never actually trigger this. Fix it by removing the very subtle (and subtly incorrect) expectation, and instead just checking pmd_trans_huge() explicitly. Reported-by: Sasha Levin <[email protected]> Acked-by: Andrea Arcangeli <[email protected]> [ Additionally remove the now stale test for pmd_trans_huge() inside the pmd_bad() case - Linus ] Signed-off-by: Linus Torvalds <[email protected]> Change-Id: I3f3763f236ef102de735297cd175cf514d40d28f
Change-Id: Ia9ed9e6b5e013fa0cf42b206642ca255156a9b52
A local route may have a lower hop_limit set than global routes do. RFC 3756, Section 4.2.7, "Parameter Spoofing" > 1. The attacker includes a Current Hop Limit of one or another small > number which the attacker knows will cause legitimate packets to > be dropped before they reach their destination. > As an example, one possible approach to mitigate this threat is to > ignore very small hop limits. The nodes could implement a > configurable minimum hop limit, and ignore attempts to set it below > said limit. Change-Id: I51ee1778e3d2d5fa1aefbdf1ad8869e4e8dc28b2 Signed-off-by: D.S. Ljungmark <[email protected]> Acked-by: Hannes Frederic Sowa <[email protected]> Signed-off-by: David S. Miller <[email protected]>
"len" contains sizeof(nf_ct_ext) and size of extensions. In a worst case it can contain all extensions. Bellow you can find sizes for all types of extensions. Their sum is definitely bigger than 256. nf_ct_ext_types[0]->len = 24 nf_ct_ext_types[1]->len = 32 nf_ct_ext_types[2]->len = 24 nf_ct_ext_types[3]->len = 32 nf_ct_ext_types[4]->len = 152 nf_ct_ext_types[5]->len = 2 nf_ct_ext_types[6]->len = 16 nf_ct_ext_types[7]->len = 8 I have seen "len" up to 280 and my host has crashes w/o this patch. The right way to fix this problem is reducing the size of the ecache extension (4) and Florian is going to do this, but these changes will be quite large to be appropriate for a stable tree. Change-Id: If9efaf2b103cf304bbfa583e354cfad3faa77ac2 Fixes: 5b423f6 (netfilter: nf_conntrack: fix racy timer handling with reliable) Cc: Pablo Neira Ayuso <[email protected]> Cc: Patrick McHardy <[email protected]> Cc: Jozsef Kadlecsik <[email protected]> Cc: "David S. Miller" <[email protected]> Signed-off-by: Andrey Vagin <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
Change-Id: Id8098117f801a9db8b63b67a05925783b6c1c6bb
The timeout entries are sizeof(int) rather than sizeof(long), which means that when they were getting read we'd also leak kernel memory to userspace along with the timeout values. Change-Id: I328d1186720a6f70f555eeeb62c83ee69814868d Signed-off-by: Sasha Levin <[email protected]> Signed-off-by: David S. Miller <[email protected]>
Change-Id: I365bcbaa3e3ef94ac0da44b66e14932a82f6fafe
Change-Id: I76d6db382f1cbe08cc5303f4629e0ed3122102e1
Change-Id: Ia00d6340d8bb10a5222c40f2aa9215a5b1159e21
Change-Id: Idd8ba849af43191ce9433dfe06efe68ed8f0aadd (cherry picked from commit 8dc0602)
If we don't do that, then the poison value is left in the ->pprev backlink. This can cause crashes if we do a disconnect, followed by a connect(). Tested-by: Linus Torvalds <[email protected]> Reported-by: Wen Xu <[email protected]> Signed-off-by: David S. Miller <[email protected]> Change-Id: I4c98bb7c93f170c14def22b4becc7e99e40a6462 (cherry picked from commit dab5862)
Change-Id: Ie95343f1a685332e81c2b1c17e539e16d1fad1bb
Change-Id: I53c1ae259f7a33809e0811f3c0e92d14f7535f78 (cherry picked from commit f893c50)
Change-Id: I3b9b109045a58c5de3e928ce8e7969e129ec9fd5
Change-Id: I80ea016d98c87ae4517b812b0b9127b4ce06b3a3 (cherry picked from commit 75064c3)
This is the minimal change I was able to make that resolved the Mura issue without introducing the flicker. Based on dtsi files from the vendor. Change-Id: I122d3969de3e7d64f043b04ab8f6e67fc9e58106
Change-Id: I193379d0592a318341a47ade17593bbc9b400a1f
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.