This is the start of the stable review cycle for the 4.20.4 release. There are 111 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Jan 23 12:23:56 UTC 2019. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.20.4-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.20.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Linux 4.20.4-rc1 Ivan Mironov <mironov.ivan@xxxxxxxxx> drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock Jaegeuk Kim <jaegeuk@xxxxxxxxxx> loop: drop caches if offset or block_size are changed Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl() Jan Kara <jack@xxxxxxx> loop: Get rid of 'nested' acquisition of loop_ctl_mutex Jan Kara <jack@xxxxxxx> loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex Jan Kara <jack@xxxxxxx> loop: Fix deadlock when calling blkdev_reread_part() Jan Kara <jack@xxxxxxx> loop: Move loop_reread_partitions() out of loop_ctl_mutex Jan Kara <jack@xxxxxxx> loop: Move special partition reread handling in loop_clr_fd() Jan Kara <jack@xxxxxxx> loop: Push loop_ctl_mutex down to loop_change_fd() Jan Kara <jack@xxxxxxx> loop: Push loop_ctl_mutex down to loop_set_fd() Jan Kara <jack@xxxxxxx> loop: Push loop_ctl_mutex down to loop_set_status() Jan Kara <jack@xxxxxxx> loop: Push loop_ctl_mutex down to loop_get_status() Jan Kara <jack@xxxxxxx> loop: Push loop_ctl_mutex down into loop_clr_fd() Jan Kara <jack@xxxxxxx> loop: Split setting of lo_state from loop_clr_fd Jan Kara <jack@xxxxxxx> loop: Push lo_ctl_mutex down into individual ioctls Jan Kara <jack@xxxxxxx> loop: Get rid of loop_index_mutex Jan Kara <jack@xxxxxxx> loop: Fold __loop_release into loop_release Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> block/loop: Use global lock for ioctl() operation. Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> block/loop: Don't grab "struct file" for vfs_getattr() operation. Ying Xue <ying.xue@xxxxxxxxxxxxx> tipc: fix uninit-value in tipc_nl_compat_doit Ying Xue <ying.xue@xxxxxxxxxxxxx> tipc: fix uninit-value in tipc_nl_compat_name_table_dump Ying Xue <ying.xue@xxxxxxxxxxxxx> tipc: fix uninit-value in tipc_nl_compat_link_set Ying Xue <ying.xue@xxxxxxxxxxxxx> tipc: fix uninit-value in tipc_nl_compat_bearer_enable Ying Xue <ying.xue@xxxxxxxxxxxxx> tipc: fix uninit-value in tipc_nl_compat_link_reset_stats Ying Xue <ying.xue@xxxxxxxxxxxxx> tipc: fix uninit-value in in tipc_conn_rcv_sub Xin Long <lucien.xin@xxxxxxxxx> sctp: allocate sctp_sockaddr_entry with kzalloc Jan Kara <jack@xxxxxxx> blockdev: Fix livelocks on loop device Stephen Smalley <sds@xxxxxxxxxxxxx> selinux: fix GPF on invalid policy Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> gpu/drm: Fix lock held when returning to user space. Daniel Vetter <daniel.vetter@xxxxxxxx> drm/vkms: Fix plane duplicate_state Yufen Yu <yuyufen@xxxxxxxxxx> block: use rcu_work instead of call_rcu to avoid sleep in softirq Shakeel Butt <shakeelb@xxxxxxxxxx> netfilter: ebtables: account ebt_table_info to kmemcg J. Bruce Fields <bfields@xxxxxxxxxx> sunrpc: handle ENOMEM in rpcb_getport_async Hans Verkuil <hverkuil@xxxxxxxxx> media: vb2: vb2_mmap: move lock up James Morris <james.morris@xxxxxxxxxxxxx> LSM: Check for NULL cred-security on free Eric Dumazet <edumazet@xxxxxxxxxx> ipv6: make icmp6_send() robust against null skb->dev Willem de Bruijn <willemb@xxxxxxxxxx> bpf: in __bpf_redirect_no_mac pull mac only if present Hans Verkuil <hverkuil-cisco@xxxxxxxxx> media: vivid: set min width/height to a value > 0 Hans Verkuil <hverkuil-cisco@xxxxxxxxx> media: vivid: fix error handling of kthread_run Vlad Tsyrklevich <vlad@xxxxxxxxxxxxxxx> omap2fb: Fix stack memory disclosure Florian La Roche <florian.laroche@xxxxxxxxxxxxxx> fix int_sqrt64() for very large numbers YunQiang Su <ysu@xxxxxxxxxxxx> Disable MSI also when pcie-octeon.pcie_disable on Rob Herring <robh@xxxxxxxxxx> fbdev: offb: Fix OF node name handling Heinrich Schuchardt <xypron.glpk@xxxxxx> arm64: dts: marvell: armada-ap806: reserve PSCI area Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> arm64: kaslr: ensure randomized quantities are clean to the PoC Breno Leitao <leitao@xxxxxxxxxx> powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM Trond Myklebust <trondmy@xxxxxxxxx> SUNRPC: Fix TCP receive code on archs with flush_dcache_page() Kees Cook <keescook@xxxxxxxxxxxx> pstore/ram: Avoid allocation and leak of platform data Johan Hovold <johan@xxxxxxxxxx> net: dsa: realtek-smi: fix OF child-node lookup Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> kbuild: mark prepare0 as PHONY to fix external module build Masahiro Yamada <yamada.masahiro@xxxxxxxxxxxxx> kbuild: fix single target build for external module Paul Burton <paul.burton@xxxxxxxx> kbuild: Disable LD_DEAD_CODE_DATA_ELIMINATION with ftrace & GCC <= 4.7 Adit Ranadive <aditr@xxxxxxxxxx> RDMA/vmw_pvrdma: Return the correct opcode when creating WR Leon Romanovsky <leon@xxxxxxxxxx> RDMA/nldev: Don't expose unsafe global rkey to regular user Hans Verkuil <hverkuil@xxxxxxxxx> media: vim2m: only cancel work if it is for right context Sakari Ailus <sakari.ailus@xxxxxxxxxxxxxxx> media: v4l: ioctl: Validate num_planes for debug messages Jonathan Hunter <jonathanh@xxxxxxxxxx> mfd: tps6586x: Handle interrupts on suspend Julia Lawall <Julia.Lawall@xxxxxxx> OF: properties: add missing of_node_put Julia Lawall <Julia.Lawall@xxxxxxx> drm/rockchip: add missing of_node_put Zhenyu Wang <zhenyuw@xxxxxxxxxxxxxxx> drm/i915/gvt: Fix mmap range check Aurelien Jarno <aurelien@xxxxxxxxxxx> MIPS: OCTEON: fix kexec support Hauke Mehrtens <hauke@xxxxxxxxxx> MIPS: lantiq: Fix IPI interrupt handling Rafał Miłecki <rafal@xxxxxxxxxx> MIPS: BCM47XX: Setup struct device for the SoC Arnd Bergmann <arnd@xxxxxxxx> mips: fix n32 compat_ipc_parse_version Wei Wang <wei.w.wang@xxxxxxxxx> virtio-balloon: tweak config_changed implementation Wei Wang <wei.w.wang@xxxxxxxxx> virtio: don't allocate vqs when names[i] = NULL Ivan Mironov <mironov.ivan@xxxxxxxxx> scsi: sd: Fix cache_type_store() Stanley Chu <stanley.chu@xxxxxxxxxxxx> scsi: core: Synchronize request queue PM status only on successful resume Kees Cook <keescook@xxxxxxxxxxxx> Yama: Check for pid death before checking ancestry Josef Bacik <josef@xxxxxxxxxxxxxx> btrfs: wait on ordered extents on abort cleanup David Sterba <dsterba@xxxxxxxx> Revert "btrfs: balance dirty metadata pages in btrfs_finish_ordered_io" Juergen Gross <jgross@xxxxxxxx> xen: Fix x86 sched_clock() interface for xen Christophe Leroy <christophe.leroy@xxxxxx> crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK Christophe Leroy <christophe.leroy@xxxxxx> crypto: talitos - reorder code in talitos_edesc_alloc() Eric Biggers <ebiggers@xxxxxxxxxx> crypto: authenc - fix parsing key with misaligned rta_len Eric Biggers <ebiggers@xxxxxxxxxx> crypto: bcm - convert to use crypto_authenc_extractkeys() Eric Biggers <ebiggers@xxxxxxxxxx> crypto: ccree - convert to use crypto_authenc_extractkeys() Harsh Jain <harsh@xxxxxxxxxxx> crypto: authencesn - Avoid twice completion call in decrypt path Aymen Sghaier <aymen.sghaier@xxxxxxx> crypto: caam - fix zero-length buffer DMA mapping Eric Biggers <ebiggers@xxxxxxxxxx> crypto: sm3 - fix undefined shift by >= width of value Cong Wang <xiyou.wangcong@xxxxxxxxx> smc: move unhash as early as possible in smc_release() Heiner Kallweit <hkallweit1@xxxxxxxxx> r8169: don't try to read counters if chip is in a PCI power-save state Willem de Bruijn <willemb@xxxxxxxxxx> ip: on queued skb use skb_header_pointer instead of pskb_may_pull Willem de Bruijn <willemb@xxxxxxxxxx> bonding: update nest level on unlink Heiner Kallweit <hkallweit1@xxxxxxxxx> r8169: load Realtek PHY driver module before r8169 Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> IN_BADCLASS: fix macro to actually work Bryan Whitehead <Bryan.Whitehead@xxxxxxxxxxxxx> lan743x: Remove phy_read from link status change function Timotej Lazar <timotej.lazar@xxxxxxxxx> net: phy: meson-gxl: Use the genphy_soft_reset callback Andrew Lunn <andrew@xxxxxxx> net: phy: Add missing features to PHY drivers Camelia Groza <camelia.groza@xxxxxxx> net: phy: add missing phy driver features Stanislav Fomichev <sdf@xxxxxxxxxx> tun: publish tfile after it's fully initialized Yuchung Cheng <ycheng@xxxxxxxxxx> tcp: change txhash on SYN-data timeout Jason Gunthorpe <jgg@xxxxxxxx> packet: Do not leak dev refcounts on error exit JianJhen Chen <kchen@xxxxxxxxxxxx> net: bridge: fix a bug on using a neighbour cache entry without checking its state Eric Dumazet <edumazet@xxxxxxxxxx> ipv6: fix kernel-infoleak in ipv6_local_error() Mark Rutland <mark.rutland@xxxxxxx> arm64: Don't trap host pointer auth use to EL2 Mark Rutland <mark.rutland@xxxxxxx> arm64/kvm: consistently handle host HCR_EL2 flags Loic Poulain <loic.poulain@xxxxxxxxxx> mmc: sdhci-msm: Disable CDR function on TX Florian Westphal <fw@xxxxxxxxx> netfilter: nf_conncount: fix argument order to find_next_bit Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> netfilter: nf_conncount: speculative garbage collection on empty lists Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> netfilter: nf_conncount: move all list iterations under spinlock Florian Westphal <fw@xxxxxxxxx> netfilter: nf_conncount: merge lookup and add functions Florian Westphal <fw@xxxxxxxxx> netfilter: nf_conncount: restart search when nodes have been erased Florian Westphal <fw@xxxxxxxxx> netfilter: nf_conncount: split gc in two phases Florian Westphal <fw@xxxxxxxxx> netfilter: nf_conncount: don't skip eviction when age is negative Shawn Bohrer <sbohrer@xxxxxxxxxxxxxx> netfilter: nf_conncount: replace CONNCOUNT_LOCK_SLOTS with CONNCOUNT_SLOTS Oliver Hartkopp <socketcan@xxxxxxxxxxxx> can: gw: ensure DLC boundaries after CAN frame modification Dmitry Safonov <dima@xxxxxxxxxx> tty: Don't hold ldisc lock in tty_reopen() if ldisc present Dmitry Safonov <dima@xxxxxxxxxx> tty: Simplify tty->count math in tty_reopen() Dmitry Safonov <dima@xxxxxxxxxx> tty: Hold tty_ldisc_lock() during tty_reopen() Dmitry Safonov <dima@xxxxxxxxxx> tty/ldsem: Wake up readers after timed out down_write() ------------- Diffstat: Makefile | 19 +- arch/arm64/boot/dts/marvell/armada-ap806.dtsi | 17 + arch/arm64/include/asm/kvm_arm.h | 3 + arch/arm64/kernel/head.S | 5 +- arch/arm64/kernel/kaslr.c | 8 +- arch/arm64/kvm/hyp/switch.c | 2 +- arch/mips/Kconfig | 1 + arch/mips/bcm47xx/setup.c | 31 ++ arch/mips/cavium-octeon/setup.c | 2 +- arch/mips/lantiq/irq.c | 68 +--- arch/mips/pci/msi-octeon.c | 4 +- arch/powerpc/kernel/signal_64.c | 7 +- arch/x86/xen/time.c | 12 +- block/partition-generic.c | 8 +- crypto/authenc.c | 14 +- crypto/authencesn.c | 2 +- crypto/sm3_generic.c | 2 +- drivers/block/loop.c | 443 ++++++++++++++--------- drivers/block/loop.h | 1 - drivers/crypto/Kconfig | 1 + drivers/crypto/bcm/cipher.c | 44 +-- drivers/crypto/caam/caamhash.c | 15 +- drivers/crypto/ccree/cc_aead.c | 40 +- drivers/crypto/talitos.c | 26 +- drivers/gpu/drm/drm_atomic_uapi.c | 3 +- drivers/gpu/drm/drm_fb_helper.c | 7 +- drivers/gpu/drm/drm_mode_object.c | 4 +- drivers/gpu/drm/i915/gvt/kvmgt.c | 14 +- drivers/gpu/drm/rockchip/rockchip_rgb.c | 4 +- drivers/gpu/drm/vkms/vkms_plane.c | 7 +- drivers/infiniband/core/nldev.c | 4 - drivers/infiniband/hw/vmw_pvrdma/pvrdma.h | 35 +- drivers/infiniband/hw/vmw_pvrdma/pvrdma_qp.c | 6 + drivers/media/common/videobuf2/videobuf2-core.c | 11 +- drivers/media/platform/vim2m.c | 4 +- drivers/media/platform/vivid/vivid-kthread-cap.c | 5 +- drivers/media/platform/vivid/vivid-kthread-out.c | 5 +- drivers/media/platform/vivid/vivid-vid-common.c | 2 +- drivers/media/v4l2-core/v4l2-ioctl.c | 4 +- drivers/mfd/tps6586x.c | 24 ++ drivers/misc/mic/vop/vop_main.c | 9 +- drivers/mmc/host/sdhci-msm.c | 43 ++- drivers/net/bonding/bond_main.c | 3 + drivers/net/dsa/realtek-smi.c | 18 +- drivers/net/ethernet/microchip/lan743x_main.c | 11 +- drivers/net/ethernet/realtek/r8169.c | 7 +- drivers/net/phy/bcm87xx.c | 2 + drivers/net/phy/cortina.c | 1 + drivers/net/phy/meson-gxl.c | 1 + drivers/net/phy/micrel.c | 1 + drivers/net/phy/phy_device.c | 12 + drivers/net/phy/teranetics.c | 1 + drivers/net/tun.c | 11 +- drivers/of/property.c | 1 + drivers/remoteproc/remoteproc_virtio.c | 9 +- drivers/s390/virtio/virtio_ccw.c | 12 +- drivers/scsi/scsi_pm.c | 26 +- drivers/scsi/sd.c | 6 + drivers/tty/tty_io.c | 22 +- drivers/tty/tty_ldsem.c | 10 + drivers/video/fbdev/offb.c | 18 +- drivers/video/fbdev/omap2/omapfb/omapfb-ioctl.c | 2 + drivers/virtio/virtio_balloon.c | 98 +++-- drivers/virtio/virtio_mmio.c | 9 +- drivers/xen/events/events_base.c | 2 +- fs/block_dev.c | 28 +- fs/btrfs/disk-io.c | 8 + fs/btrfs/inode.c | 3 - fs/pstore/ram.c | 9 +- include/linux/bcma/bcma_soc.h | 1 + include/linux/genhd.h | 2 +- include/linux/phy.h | 2 + include/net/netfilter/nf_conntrack_count.h | 19 +- include/uapi/linux/in.h | 2 +- include/uapi/rdma/vmw_pvrdma-abi.h | 1 + init/Kconfig | 1 + lib/int_sqrt.c | 2 +- net/bridge/br_netfilter_hooks.c | 2 +- net/bridge/netfilter/ebtables.c | 6 +- net/can/gw.c | 30 +- net/core/filter.c | 21 +- net/core/lwt_bpf.c | 1 + net/ipv4/ip_sockglue.c | 12 +- net/ipv4/tcp_timer.c | 2 +- net/ipv6/datagram.c | 11 +- net/ipv6/icmp.c | 8 +- net/netfilter/nf_conncount.c | 290 +++++++-------- net/netfilter/nft_connlimit.c | 14 +- net/packet/af_packet.c | 4 +- net/sctp/ipv6.c | 5 +- net/sctp/protocol.c | 4 +- net/smc/af_smc.c | 4 +- net/sunrpc/rpcb_clnt.c | 8 + net/sunrpc/xprtsock.c | 22 ++ net/tipc/netlink_compat.c | 50 ++- net/tipc/topsrv.c | 2 +- security/security.c | 7 + security/selinux/ss/policydb.c | 3 +- security/yama/yama_lsm.c | 4 +- 99 files changed, 1118 insertions(+), 719 deletions(-)
