This is the start of the stable review cycle for the 4.9.144 release. There are 101 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Dec 8 14:29:43 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.144-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Linux 4.9.144-rc1 Darrick J. Wong <darrick.wong@xxxxxxxxxx> xfs: don't fail when converting shortform attr to long form during ATTR_REPLACE Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx> f2fs: fix to do sanity check with cp_pack_start_sum Jaegeuk Kim <jaegeuk@xxxxxxxxxx> f2fs: free meta pages if sanity check for ckpt is failed Chao Yu <yuchao0@xxxxxxxxxx> f2fs: fix to do sanity check with block address in main area v2 Jaegeuk Kim <jaegeuk@xxxxxxxxxx> f2fs: fix missing up_read Chao Yu <yuchao0@xxxxxxxxxx> f2fs: fix to do sanity check with block address in main area Chao Yu <yuchao0@xxxxxxxxxx> f2fs: fix to do sanity check with node footer and iblocks Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx> f2fs: Add sanity_check_inode() function Chao Yu <yuchao0@xxxxxxxxxx> f2fs: fix to do sanity check with user_block_count Chao Yu <yuchao0@xxxxxxxxxx> f2fs: fix to do sanity check with secs_per_zone Chao Yu <yuchao0@xxxxxxxxxx> f2fs: introduce and spread verify_blkaddr Chao Yu <yuchao0@xxxxxxxxxx> f2fs: clean up with is_valid_blkaddr() Jaegeuk Kim <jaegeuk@xxxxxxxxxx> f2fs: enhance sanity_check_raw_super() to avoid potential overflow Jaegeuk Kim <jaegeuk@xxxxxxxxxx> f2fs: sanity check on sit entry Yunlei He <heyunlei@xxxxxxxxxx> f2fs: check blkaddr more accuratly before issue a bio Jaegeuk Kim <jaegeuk@xxxxxxxxxx> f2fs: return error during fill_super Jaegeuk Kim <jaegeuk@xxxxxxxxxx> f2fs: detect wrong layout Chao Yu <yuchao0@xxxxxxxxxx> f2fs: fix race condition in between free nid allocator/initializer Yunlei He <heyunlei@xxxxxxxxxx> f2fs: fix a panic caused by NULL flush_cmd_control Shaokun Zhang <zhangshaokun@xxxxxxxxxxxxx> btrfs: tree-checker: Fix misleading group system information Qu Wenruo <wqu@xxxxxxxx> btrfs: tree-checker: Check level for leaves and nodes Qu Wenruo <wqu@xxxxxxxx> btrfs: Check that each block group has corresponding chunk at mount time Qu Wenruo <wqu@xxxxxxxx> btrfs: tree-checker: Detect invalid and empty essential trees Qu Wenruo <wqu@xxxxxxxx> btrfs: tree-checker: Verify block_group_item David Sterba <dsterba@xxxxxxxx> btrfs: tree-check: reduce stack consumption in check_dir_item Arnd Bergmann <arnd@xxxxxxxx> btrfs: tree-checker: use %zu format string for size_t Qu Wenruo <wqu@xxxxxxxx> btrfs: tree-checker: Add checker for dir item Qu Wenruo <wqu@xxxxxxxx> btrfs: tree-checker: Fix false panic for sanity test Qu Wenruo <quwenruo.btrfs@xxxxxxx> btrfs: tree-checker: Enhance btrfs_check_node output Jeff Mahoney <jeffm@xxxxxxxx> btrfs: struct-funcs, constify readers Qu Wenruo <quwenruo.btrfs@xxxxxxx> btrfs: Move leaf and node validation checker to tree-checker.c Qu Wenruo <quwenruo.btrfs@xxxxxxx> btrfs: Add checker for EXTENT_CSUM Qu Wenruo <quwenruo.btrfs@xxxxxxx> btrfs: Add sanity check for EXTENT_DATA when reading out leaf Qu Wenruo <quwenruo.btrfs@xxxxxxx> btrfs: Check if item pointer overlaps with the item itself Qu Wenruo <quwenruo.btrfs@xxxxxxx> btrfs: Refactor check_leaf function for later expansion Qu Wenruo <wqu@xxxxxxxx> btrfs: Verify that every chunk has corresponding block group at mount time Gu Jinxiang <gujx@xxxxxxxxxxxxxx> btrfs: validate type when reading a chunk Mike Kravetz <mike.kravetz@xxxxxxxxxx> hugetlbfs: check for pgoff value overflow Mike Kravetz <mike.kravetz@xxxxxxxxxx> hugetlbfs: fix offset overflow in hugetlbfs mmap Mike Kravetz <mike.kravetz@xxxxxxxxxx> mm/hugetlb.c: don't call region_abort if region_chg fails Lior David <qca_liord@xxxxxxxxxxxxxxxx> wil6210: missing length check in wmi_set_ie Alexei Starovoitov <ast@xxxxxxxxxx> bpf: Prevent memory disambiguation attack Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx> bpf/verifier: Pass instruction index to check_mem_access() and check_xadd() Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx> bpf/verifier: Add spi variable to check_stack_write() Ilya Dryomov <idryomov@xxxxxxxxx> libceph: check authorizer reply/challenge length before reading Ilya Dryomov <idryomov@xxxxxxxxx> libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() Ilya Dryomov <idryomov@xxxxxxxxx> libceph: implement CEPHX_V2 calculation mode Ilya Dryomov <idryomov@xxxxxxxxx> libceph: add authorizer challenge Ilya Dryomov <idryomov@xxxxxxxxx> libceph: factor out encrypt_authorizer() Ilya Dryomov <idryomov@xxxxxxxxx> libceph: factor out __ceph_x_decrypt() Ilya Dryomov <idryomov@xxxxxxxxx> libceph: factor out __prepare_write_connect() Ilya Dryomov <idryomov@xxxxxxxxx> libceph: store ceph_auth_handshake pointer in ceph_connection Ilya Dryomov <idryomov@xxxxxxxxx> libceph: no need to drop con->mutex for ->get_authorizer() Ilya Dryomov <idryomov@xxxxxxxxx> libceph: drop len argument of *verify_authorizer_reply() Guoqing Jiang <gqjiang@xxxxxxxx> tipc: use destination length for copy string Arnd Bergmann <arnd@xxxxxxxx> net: qed: use correct strncpy() size Arnd Bergmann <arnd@xxxxxxxx> usb: gadget: dummy: fix nonsensical comparisons Pavel Tikhomirov <ptikhomirov@xxxxxxxxxxxxx> mm: cleancache: fix corruption on missed inode invalidation Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> reset: remove remaining WARN_ON() in <linux/reset.h> Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> reset: make device_reset_optional() really optional Philipp Zabel <p.zabel@xxxxxxxxxxxxxx> reset: add exported __reset_control_get, return NULL if optional Philipp Zabel <p.zabel@xxxxxxxxxxxxxx> reset: fix optional reset_control_get stubs to return NULL Heiner Kallweit <hkallweit1@xxxxxxxxx> reset: core: fix reset_control_put Ramiro Oliveira <Ramiro.Oliveira@xxxxxxxxxxxx> reset: make optional functions really optional Jan Kara <jack@xxxxxxx> udf: Allow mounting volumes with incorrect identification strings Alexey Brodkin <abrodkin@xxxxxxxxxxxx> arc: [devboards] Add support of NFSv3 ACL Kevin Hilman <khilman@xxxxxxxxxxxx> ARC: change defconfig defaults to ARCv2 Filipe Manana <fdmanana@xxxxxxxx> Btrfs: fix use-after-free when dumping free space Nikolay Borisov <nborisov@xxxxxxxx> btrfs: Always try all copies when reading extent buffers Adam Wong <adam@xxxxxxxxxxx> Input: elan_i2c - add support for ELAN0621 touchpad Noah Westervelt <nwestervelt@xxxxxxxxxxx> Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15ARR Patrick Gaskin <patrick@xxxxxxxxxxx> Input: elan_i2c - add ELAN0620 to the ACPI table Christian Hoff <christian_hoff@xxxxxxx> Input: matrix_keypad - check for errors from of_get_named_gpio() Cameron Gutman <aicommander@xxxxxxxxx> Input: xpad - quirk all PDP Xbox One gamepads Johan Hovold <johan@xxxxxxxxxx> drm/mediatek: fix OF sibling-node lookup Wei Wang <wawei@xxxxxxxxx> svm: Add mutex_lock to protect apic_access_page_done on AMD systems Todd Kjos <tkjos@xxxxxxxxxxx> binder: fix proc->files use-after-free Laura Abbott <labbott@xxxxxxxxxx> kgdboc: Fix warning with module build Laura Abbott <labbott@xxxxxxxxxx> kgdboc: Fix restrict error Kees Cook <keescook@xxxxxxxxxxxx> scsi: csiostor: Avoid content leaks and casts Takashi Iwai <tiwai@xxxxxxx> ALSA: trident: Suppress gcc string warning Martin Wilck <mwilck@xxxxxxxx> scsi: scsi_devinfo: cleanly zero-pad devinfo strings Sergio Correia <sergio@xxxxxxxxxx> drm: set is_master to 0 upon drm_new_set_master() failure Sam Bobroff <sbobroff@xxxxxxxxxxxxx> drm/ast: Fix incorrect free on ioregs Michael Guralnik <michaelgur@xxxxxxxxxxxx> IB/mlx5: Avoid load failure due to unknown link width Dmitry V. Levin <ldv@xxxxxxxxxxxx> mips: fix mips_get_syscall_arg o32 check Mathias Kresin <dev@xxxxxxxxx> MIPS: ralink: Fix mt7620 nd_sd pinmux Andrea Parri <andrea.parri@xxxxxxxxxxxxxxxxxxxx> uprobes: Fix handle_swbp() vs. unregister() + register() race once more Sagi Grimberg <sagi@xxxxxxxxxxx> iser: set sector for ambiguous mr status errors Kees Cook <keescook@xxxxxxxxxxxx> x86/power/64: Use char arrays for asm function names Arnd Bergmann <arnd@xxxxxxxx> kdb: use memmove instead of overlapping memcpy Arnd Bergmann <arnd@xxxxxxxx> staging: rts5208: fix gcc-8 logic error warning Arnd Bergmann <arnd@xxxxxxxx> scsi: bfa: convert to strlcpy/strlcat Arnd Bergmann <arnd@xxxxxxxx> drm: gma500: fix logic error Sultan Alsawaf <sultanxda@xxxxxxxxx> ip_tunnel: Fix name string concatenate in __ip_tunnel_create() Guenter Roeck <linux@xxxxxxxxxxxx> kernfs: Replace strncpy with memcpy Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> unifdef: use memcpy instead of strncpy Guenter Roeck <linux@xxxxxxxxxxxx> kobject: Replace strncpy with memcpy Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> test_hexdump: use memcpy instead of strncpy Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> disable stringop truncation warnings for now Xiongfeng Wang <xiongfeng.wang@xxxxxxxxxx> Kbuild: suppress packed-not-aligned warning for default setting only ------------- Diffstat: Makefile | 7 +- arch/arc/Kconfig | 2 +- arch/arc/Makefile | 2 +- arch/arc/configs/axs101_defconfig | 2 + arch/arc/configs/axs103_defconfig | 1 + arch/arc/configs/axs103_smp_defconfig | 1 + arch/arc/configs/nps_defconfig | 2 + arch/arc/configs/nsim_700_defconfig | 1 + arch/arc/configs/nsimosci_defconfig | 2 + arch/arc/configs/nsimosci_hs_defconfig | 1 + arch/arc/configs/nsimosci_hs_smp_defconfig | 1 + arch/arc/configs/tb10x_defconfig | 1 + arch/arc/configs/vdk_hs38_defconfig | 1 + arch/arc/configs/vdk_hs38_smp_defconfig | 1 + arch/mips/include/asm/syscall.h | 2 +- arch/mips/ralink/mt7620.c | 2 +- arch/x86/include/asm/suspend_64.h | 5 +- arch/x86/kvm/svm.c | 19 +- arch/x86/power/hibernate_64.c | 6 +- drivers/android/binder.c | 41 +- drivers/gpu/drm/ast/ast_main.c | 3 +- drivers/gpu/drm/drm_auth.c | 2 + drivers/gpu/drm/gma500/mdfld_intel_display.c | 2 +- drivers/gpu/drm/mediatek/mtk_hdmi.c | 5 +- drivers/infiniband/hw/mlx5/main.c | 29 +- drivers/infiniband/ulp/iser/iser_verbs.c | 7 +- drivers/input/joystick/xpad.c | 16 +- drivers/input/keyboard/matrix_keypad.c | 23 +- drivers/input/mouse/elan_i2c_core.c | 3 + drivers/net/ethernet/qlogic/qed/qed_debug.c | 8 +- drivers/net/wireless/ath/wil6210/wmi.c | 8 +- drivers/reset/core.c | 79 +++- drivers/scsi/bfa/bfa_fcbuild.c | 8 +- drivers/scsi/bfa/bfa_fcs.c | 78 ++-- drivers/scsi/bfa/bfa_fcs_lport.c | 62 +-- drivers/scsi/bfa/bfa_ioc.c | 2 +- drivers/scsi/bfa/bfa_svc.c | 4 +- drivers/scsi/bfa/bfad.c | 20 +- drivers/scsi/bfa/bfad_attr.c | 2 +- drivers/scsi/bfa/bfad_bsg.c | 6 +- drivers/scsi/csiostor/csio_lnode.c | 43 +- drivers/scsi/scsi_devinfo.c | 22 +- drivers/staging/rts5208/sd.c | 6 - drivers/tty/serial/kgdboc.c | 43 +- drivers/usb/gadget/udc/dummy_hcd.c | 9 +- fs/btrfs/Makefile | 2 +- fs/btrfs/ctree.h | 128 +++--- fs/btrfs/disk-io.c | 162 +------ fs/btrfs/extent-tree.c | 86 +++- fs/btrfs/extent_io.c | 24 +- fs/btrfs/extent_io.h | 19 +- fs/btrfs/free-space-cache.c | 2 + fs/btrfs/struct-funcs.c | 9 +- fs/btrfs/tree-checker.c | 649 +++++++++++++++++++++++++++ fs/btrfs/tree-checker.h | 38 ++ fs/btrfs/volumes.c | 30 +- fs/btrfs/volumes.h | 2 + fs/ceph/mds_client.c | 15 +- fs/f2fs/checkpoint.c | 46 +- fs/f2fs/data.c | 33 +- fs/f2fs/f2fs.h | 41 +- fs/f2fs/file.c | 21 +- fs/f2fs/inode.c | 68 ++- fs/f2fs/node.c | 73 ++- fs/f2fs/recovery.c | 6 +- fs/f2fs/segment.c | 34 +- fs/f2fs/segment.h | 48 +- fs/f2fs/super.c | 107 ++++- fs/hugetlbfs/inode.c | 26 +- fs/kernfs/symlink.c | 2 +- fs/udf/super.c | 16 +- fs/udf/unicode.c | 14 +- fs/xfs/libxfs/xfs_attr.c | 9 +- include/linux/bpf_verifier.h | 1 + include/linux/ceph/auth.h | 13 +- include/linux/ceph/ceph_features.h | 4 +- include/linux/ceph/messenger.h | 8 +- include/linux/ceph/msgr.h | 2 +- include/linux/reset.h | 92 ++-- include/uapi/linux/btrfs_tree.h | 1 + kernel/bpf/verifier.c | 90 +++- kernel/debug/kdb/kdb_support.c | 4 +- kernel/events/uprobes.c | 12 +- lib/kobject.c | 2 +- lib/test_hexdump.c | 2 +- mm/hugetlb.c | 10 +- mm/truncate.c | 8 +- net/ceph/auth.c | 20 +- net/ceph/auth_x.c | 225 ++++++++-- net/ceph/auth_x_protocol.h | 7 + net/ceph/messenger.c | 101 +++-- net/ceph/osd_client.c | 15 +- net/ipv4/ip_tunnel.c | 4 +- net/tipc/subscr.c | 2 +- scripts/Makefile.extrawarn | 3 + scripts/unifdef.c | 4 +- sound/pci/trident/trident.c | 2 +- 97 files changed, 2154 insertions(+), 778 deletions(-)
