This is the start of the stable review cycle for the 4.9.138 release. There are 83 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Nov 21 16:25:13 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.138-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Linux 4.9.138-rc1 Mark Rutland <mark.rutland@xxxxxxx> KVM: arm64: Fix caching of host MDCR_EL2 value Chris Wilson <chris@xxxxxxxxxxxxxxxxxx> drm/i915/execlists: Force write serialisation into context image vs execution Clint Taylor <clinton.a.taylor@xxxxxxxxx> drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values Stanislav Lisovskiy <stanislav.lisovskiy@xxxxxxxxx> drm/dp_mst: Check if primary mstb is null Marc Zyngier <marc.zyngier@xxxxxxx> drm/rockchip: Allow driver to be shutdown on reboot/kexec Mike Kravetz <mike.kravetz@xxxxxxxxxx> mm: migration: fix migration of huge PMD shared pages Mike Kravetz <mike.kravetz@xxxxxxxxxx> hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! Arnd Bergmann <arnd@xxxxxxxx> lib/ubsan.c: don't mark __ubsan_handle_builtin_unreachable as noreturn Guenter Roeck <linux@xxxxxxxxxxxx> configfs: replace strncpy with memcpy Miklos Szeredi <mszeredi@xxxxxxxxxx> fuse: fix leaked notify reply Lukas Czerner <lczerner@xxxxxxxxxx> fuse: fix use-after-free in fuse_direct_IO() Maciej W. Rozycki <macro@xxxxxxxxxxxxxx> rtc: hctosys: Add missing range error reporting Scott Mayhew <smayhew@xxxxxxxxxx> nfsd: COPY and CLONE operations require the saved filehandle to be set Frank Sorenson <sorenson@xxxxxxxxxx> sunrpc: correct the computation for page_ptr when truncating Eric W. Biederman <ebiederm@xxxxxxxxxxxx> mount: Prevent MNT_DETACH from disconnecting locked mounts Eric W. Biederman <ebiederm@xxxxxxxxxxxx> mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts Eric W. Biederman <ebiederm@xxxxxxxxxxxx> mount: Retest MNT_LOCKED in do_umount Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: fix buffer leak in __ext4_read_dirblock() on error path Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: fix buffer leak in ext4_xattr_move_to_block() on error path Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: release bs.bh before re-using in ext4_xattr_block_find() Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: fix possible leak of s_journal_flag_rwsem in error path Theodore Ts'o <tytso@xxxxxxx> ext4: fix possible leak of sbi->s_group_desc_leak in error path Theodore Ts'o <tytso@xxxxxxx> ext4: avoid possible double brelse() in add_new_gdb() on error path Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: avoid buffer leak in ext4_orphan_add() after prior errors Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: fix possible inode leak in the retry loop of ext4_resize_fs() Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: avoid potential extra brelse in setup_new_flex_group_blocks() Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: add missing brelse() add_new_gdb_meta_bg()'s error path Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path Vasily Averin <vvs@xxxxxxxxxxxxx> ext4: add missing brelse() update_backups()'s error path Michael Kelley <mikelley@xxxxxxxxxxxxx> clockevents/drivers/i8253: Add support for PIT shutdown quirk Filipe Manana <fdmanana@xxxxxxxx> Btrfs: fix data corruption due to cloning of eof block Robbie Ko <robbieko@xxxxxxxxxxxx> Btrfs: fix cur_offset in the error case for nocow H. Peter Anvin (Intel) <hpa@xxxxxxxxx> arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 H. Peter Anvin <hpa@xxxxxxxxx> termios, tty/tty_baudrate.c: fix buffer overrun John Garry <john.garry@xxxxxxxxxx> of, numa: Validate some distance map rules Arnd Bergmann <arnd@xxxxxxxx> mtd: docg3: don't set conflicting BCH_CONST_PARAMS option Vasily Khoruzhick <vasilykh@xxxxxxxxxx> netfilter: conntrack: fix calculation of next bucket number in early_drop Andrea Arcangeli <aarcange@xxxxxxxxxx> mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings Changwei Ge <ge.changwei@xxxxxxx> ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry Greg Edwards <gedwards@xxxxxxx> vhost/scsi: truncate T10 PI iov_iter to prot_bytes Gustavo A. R. Silva <gustavo@xxxxxxxxxxxxxx> reset: hisilicon: fix potential NULL pointer dereference Mikulas Patocka <mpatocka@xxxxxxxxxx> mach64: fix image corruption due to reading accelerator registers Mikulas Patocka <mpatocka@xxxxxxxxxx> mach64: fix display corruption on big endian machines Yan, Zheng <zyan@xxxxxxxxxx> Revert "ceph: fix dentry leak in splice_dentry()" Ilya Dryomov <idryomov@xxxxxxxxx> libceph: bump CEPH_MSG_MAX_DATA_LEN Enric Balletbo i Serra <enric.balletbo@xxxxxxxxxxxxx> clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call Ronald Wahl <rwahl@xxxxxx> clk: at91: Fix division by zero in PLL recalc_rate() Krzysztof Kozlowski <krzk@xxxxxxxxxx> clk: s2mps11: Fix matching when built as module and DT node contains compatible Max Filippov <jcmvbkbc@xxxxxxxxx> xtensa: fix boot parameters address translation Max Filippov <jcmvbkbc@xxxxxxxxx> xtensa: make sure bFLT stack is 16 byte aligned Max Filippov <jcmvbkbc@xxxxxxxxx> xtensa: add NOTES section to the linker script Huacai Chen <chenhc@xxxxxxxxxx> MIPS: Loongson-3: Fix BRIDGE irq delivery problem Huacai Chen <chenhc@xxxxxxxxxx> MIPS: Loongson-3: Fix CPU UART irq delivery problem Helge Deller <deller@xxxxxx> parisc: Fix exported address of os_hpmc handler Helge Deller <deller@xxxxxx> parisc: Fix HPMC handler by increasing size to multiple of 16 bytes Helge Deller <deller@xxxxxx> parisc: Align os_hpmc_size on word boundary Kees Cook <keescook@xxxxxxxxxxxx> bna: ethtool: Avoid reading past end of buffer Vincenzo Maffione <v.maffione@xxxxxxxxx> e1000: fix race condition between e1000_down() and e1000_watchdog Colin Ian King <colin.king@xxxxxxxxxxxxx> e1000: avoid null pointer dereference on invalid stat type Michal Hocko <mhocko@xxxxxxxx> mm: do not bug_on on incorrect length in __mm_populate() Miklos Szeredi <mszeredi@xxxxxxxxxx> fuse: set FR_SENT while locked Miklos Szeredi <mszeredi@xxxxxxxxxx> fuse: fix blocked_waitq wakeup Kirill Tkhai <ktkhai@xxxxxxxxxxxxx> fuse: Fix use-after-free in fuse_dev_do_write() Kirill Tkhai <ktkhai@xxxxxxxxxxxxx> fuse: Fix use-after-free in fuse_dev_do_read() Quinn Tran <quinn.tran@xxxxxxxxxx> scsi: qla2xxx: shutdown chip if reset fail Himanshu Madhani <himanshu.madhani@xxxxxxxxxx> scsi: qla2xxx: Fix incorrect port speed being set for FC adapters Young_X <YangX92@xxxxxxxxxxx> cdrom: fix improper type cast, which can leat to information leak. Dominique Martinet <dominique.martinet@xxxxxx> 9p: clear dangling pointers in p9stat_free Dominique Martinet <dominique.martinet@xxxxxx> 9p locks: fix glock.client_id leak in do_lock Breno Leitao <leitao@xxxxxxxxxx> powerpc/selftests: Wait all threads to join Marco Felsch <m.felsch@xxxxxxxxxxxxxx> media: tvp5150: fix width alignment during set_selection() Phil Elwell <phil@xxxxxxxxxxxxxxx> sc16is7xx: Fix for multi-channel stall Huacai Chen <chenhc@xxxxxxxxxx> MIPS/PCI: Call pcie_bus_configure_settings() to set MPS/MRRS Joel Stanley <joel@xxxxxxxxx> powerpc/boot: Ensure _zimage_start is a weak symbol Dengcheng Zhu <dzhu@xxxxxxxxxxxx> MIPS: kexec: Mark CPU offline before disabling local IRQ Nicholas Mc Guire <hofrat@xxxxxxxxx> media: pci: cx23885: handle adding to list failure Tomi Valkeinen <tomi.valkeinen@xxxxxx> drm/omap: fix memory barrier bug in DMM driver Daniel Axtens <dja@xxxxxxxxxx> powerpc/nohash: fix undefined behaviour when testing page size support Fabio Estevam <fabio.estevam@xxxxxxx> ARM: imx_v6_v7_defconfig: Select CONFIG_TMPFS_POSIX_ACL Miles Chen <miles.chen@xxxxxxxxxxxx> tty: check name length in tty_find_polling_driver() Sam Bobroff <sbobroff@xxxxxxxxxxxxx> powerpc/eeh: Fix possible null deref in eeh_dump_dev_log() ------------- Diffstat: Makefile | 4 +- arch/alpha/include/asm/termios.h | 8 +++- arch/alpha/include/uapi/asm/ioctls.h | 5 ++ arch/alpha/include/uapi/asm/termbits.h | 17 +++++++ arch/arm/configs/imx_v6_v7_defconfig | 1 + arch/arm/kvm/arm.c | 4 +- arch/mips/include/asm/mach-loongson64/irq.h | 2 +- arch/mips/kernel/crash.c | 3 ++ arch/mips/kernel/machine_kexec.c | 3 ++ arch/mips/loongson64/loongson-3/irq.c | 56 +++------------------- arch/mips/pci/pci-legacy.c | 4 ++ arch/parisc/kernel/hpmc.S | 10 ++-- arch/powerpc/boot/crt0.S | 4 +- arch/powerpc/kernel/eeh.c | 5 ++ arch/powerpc/mm/tlb_nohash.c | 3 ++ arch/xtensa/boot/Makefile | 2 +- arch/xtensa/include/asm/processor.h | 6 ++- arch/xtensa/kernel/head.S | 7 ++- arch/xtensa/kernel/vmlinux.lds.S | 1 + drivers/cdrom/cdrom.c | 2 +- drivers/clk/at91/clk-pll.c | 3 ++ drivers/clk/clk-s2mps11.c | 30 ++++++++++++ drivers/clk/hisilicon/reset.c | 5 +- drivers/clk/rockchip/clk-ddr.c | 4 -- drivers/clocksource/i8253.c | 14 +++++- drivers/gpu/drm/drm_dp_mst_topology.c | 3 ++ drivers/gpu/drm/i915/intel_audio.c | 17 +++++++ drivers/gpu/drm/i915/intel_lrc.c | 14 +++++- drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 11 +++++ drivers/gpu/drm/rockchip/rockchip_drm_drv.c | 6 +++ drivers/media/i2c/tvp5150.c | 14 ++++-- drivers/media/pci/cx23885/altera-ci.c | 10 ++++ drivers/mtd/devices/Kconfig | 2 +- drivers/net/ethernet/brocade/bna/bnad_ethtool.c | 4 +- drivers/net/ethernet/intel/e1000/e1000_ethtool.c | 9 ++-- drivers/net/ethernet/intel/e1000/e1000_main.c | 11 ++++- drivers/of/of_numa.c | 9 +++- drivers/rtc/hctosys.c | 4 +- drivers/scsi/qla2xxx/qla_init.c | 2 +- drivers/scsi/qla2xxx/qla_mbx.c | 5 +- drivers/tty/serial/sc16is7xx.c | 19 +++++--- drivers/tty/tty_io.c | 2 +- drivers/tty/tty_ioctl.c | 4 +- drivers/vhost/scsi.c | 4 +- drivers/video/fbdev/aty/mach64_accel.c | 28 +++++------ fs/9p/vfs_file.c | 16 ++++++- fs/btrfs/inode.c | 5 +- fs/btrfs/ioctl.c | 12 ++++- fs/ceph/inode.c | 8 +++- fs/configfs/symlink.c | 2 +- fs/ext4/namei.c | 5 +- fs/ext4/resize.c | 28 ++++++----- fs/ext4/super.c | 17 +++---- fs/ext4/xattr.c | 4 ++ fs/fuse/dev.c | 29 +++++++++--- fs/fuse/file.c | 4 +- fs/namespace.c | 22 +++++++-- fs/nfsd/nfs4proc.c | 3 ++ fs/ocfs2/dir.c | 3 +- include/linux/ceph/libceph.h | 8 +++- include/linux/hugetlb.h | 14 ++++++ include/linux/i8253.h | 1 + include/linux/mm.h | 6 +++ lib/ubsan.c | 3 +- mm/gup.c | 2 - mm/hugetlb.c | 60 +++++++++++++++++++++--- mm/mempolicy.c | 32 ++++++++++++- mm/mmap.c | 19 ++++---- mm/rmap.c | 56 ++++++++++++++++++++++ net/9p/protocol.c | 5 ++ net/netfilter/nf_conntrack_core.c | 13 +++-- net/sunrpc/xdr.c | 5 +- tools/testing/selftests/powerpc/tm/tm-tmspr.c | 27 +++++++---- 73 files changed, 580 insertions(+), 210 deletions(-)
