This is the start of the stable review cycle for the 4.4.241 release. There are 112 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu, 29 Oct 2020 13:48:36 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.241-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> Linux 4.4.241-rc1 Oliver Neukum <oneukum@xxxxxxxx> USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync(). Vincent Mailhol <mailhol.vincent@xxxxxxxxxx> usb: cdc-acm: add quirk to blacklist ETAS ES58X devices Valentin Vidic <vvidic@xxxxxxxxxxxxxxxxxxxxxx> net: korina: cast KSEG0 address to pointer in kfree Zekun Shen <bruceshenzk@xxxxxxxxx> ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() Eli Billauer <eli.billauer@xxxxxxxxx> usb: core: Solve race condition in anchor cleanup functions Wang Yufen <wangyufen@xxxxxxxxxx> brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach Jan Kara <jack@xxxxxxx> reiserfs: Fix memory leak in reiserfs_parse_options() Peilin Ye <yepeilin.cs@xxxxxxxxx> ipvs: Fix uninit-value in do_ip_vs_set_ctl() Tong Zhang <ztong0001@xxxxxxxxx> tty: ipwireless: fix error handling Doug Horn <doughorn@xxxxxxxxxx> Fix use after free in get_capset_info callback. Chris Chiu <chiu@xxxxxxxxxxxx> rtl8xxxu: prevent potential memory leak Keita Suzuki <keitasuzuki.park@xxxxxxxxxxxxxxxxxxxx> brcmsmac: fix memory leak in wlc_phy_attach_lcnphy Jing Xiangfeng <jingxiangfeng@xxxxxxxxxx> scsi: ibmvfc: Fix error return in ibmvfc_probe() Abhishek Pandit-Subedi <abhishekpandit@xxxxxxxxxxxx> Bluetooth: Only mark socket zapped after unlocking Hamish Martin <hamish.martin@xxxxxxxxxxxxxxxxxxx> usb: ohci: Default to per-port over-current protection Darrick J. Wong <darrick.wong@xxxxxxxxxx> xfs: make sure the rt allocator doesn't run off the end Eric Biggers <ebiggers@xxxxxxxxxx> reiserfs: only call unlock_new_inode() if I_NEW Keita Suzuki <keitasuzuki.park@xxxxxxxxxxxxxxxxxxxx> misc: rtsx: Fix memory leak in rtsx_pci_probe Brooke Basile <brookebasile@xxxxxxxxx> ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() Jan Kara <jack@xxxxxxx> udf: Avoid accessing uninitialized data on failed inode read Jan Kara <jack@xxxxxxx> udf: Limit sparing table size Zqiang <qiang.zhang@xxxxxxxxxxxxx> usb: gadget: function: printer: fix use-after-free in __lock_acquire Roman Bolshakov <r.bolshakov@xxxxxxxxx> scsi: target: core: Add CONTROL field for trace events Jing Xiangfeng <jingxiangfeng@xxxxxxxxxx> scsi: mvumi: Fix error return in mvumi_io_attach() Christoph Hellwig <hch@xxxxxx> PM: hibernate: remove the bogus call to get_gendisk() in software_resume() Rustam Kovhaev <rkovhaev@xxxxxxxxx> ntfs: add check for mft record size in superblock Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx> media: saa7134: avoid a shift overflow Pali Rohár <pali@xxxxxxxxxx> mmc: sdio: Check for CISTPL_VERS_1 buffer size Adam Goode <agoode@xxxxxxxxxx> media: uvcvideo: Ensure all probed info is returned to v4l2 Xiaolong Huang <butterflyhuangxx@xxxxxxxxx> media: media/pci: prevent memory leak in bttv_probe Dinghao Liu <dinghao.liu@xxxxxxxxxx> media: bdisp: Fix runtime PM imbalance on error Qiushi Wu <wu000273@xxxxxxx> media: exynos4-is: Fix a reference count leak Qiushi Wu <wu000273@xxxxxxx> media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync Qiushi Wu <wu000273@xxxxxxx> media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync Oliver Neukum <oneukum@xxxxxxxx> media: ati_remote: sanity check for both endpoints Pavel Machek <pavel@xxxxxx> media: firewire: fix memory leak Vasant Hegde <hegdevasant@xxxxxxxxxxxxxxxxxx> powerpc/powernv/dump: Fix race while processing OPAL dump Michal Simek <michal.simek@xxxxxxxxxx> arm64: dts: zynqmp: Remove additional compatible string for i2c IPs Krzysztof Kozlowski <krzk@xxxxxxxxxx> memory: fsl-corenet-cf: Fix handling of platform_get_irq() error Dan Carpenter <dan.carpenter@xxxxxxxxxx> memory: omap-gpmc: Fix a couple off by ones Robert Hoo <robert.hu@xxxxxxxxxxxxxxx> KVM: x86: emulating RDPID failure shall return #UD rather than #GP Krzysztof Kozlowski <krzk@xxxxxxxxxx> Input: sun4i-ps2 - fix handling of platform_get_irq() error Krzysztof Kozlowski <krzk@xxxxxxxxxx> Input: omap4-keypad - fix handling of platform_get_irq() error Krzysztof Kozlowski <krzk@xxxxxxxxxx> Input: ep93xx_keypad - fix handling of platform_get_irq() error Dan Carpenter <dan.carpenter@xxxxxxxxxx> Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() Alex Williamson <alex.williamson@xxxxxxxxxx> vfio/pci: Clear token on bypass registration failure Tobias Jordan <kernel@xxxxxxx> lib/crc32.c: fix trivial typo in preprocessor condition Srikar Dronamraju <srikar@xxxxxxxxxxxxxxxxxx> cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_reboot_notifier Kajol Jain <kjain@xxxxxxxxxxxxx> powerpc/perf/hv-gpci: Fix starting index value Daniel Thompson <daniel.thompson@xxxxxxxxxx> kdb: Fix pager search for multi-line strings Adrian Hunter <adrian.hunter@xxxxxxxxx> perf intel-pt: Fix "context_switch event has no tid" error Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx> powerpc/tau: Disable TAU between measurements Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx> powerpc/tau: Remove duplicated set_thresholds() call Finn Thain <fthain@xxxxxxxxxxxxxxxxxxx> powerpc/tau: Use appropriate temperature sample interval Guillaume Tucker <guillaume.tucker@xxxxxxxxxxxxx> ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT values Mark Tomlinson <mark.tomlinson@xxxxxxxxxxxxxxxxxxx> mtd: mtdoops: Don't write panic data twice Arnd Bergmann <arnd@xxxxxxxx> mtd: lpddr: fix excessive stack usage with clang Nicholas Mc Guire <hofrat@xxxxxxxxx> powerpc/icp-hv: Fix missing of_node_put() in success path Nicholas Mc Guire <hofrat@xxxxxxxxx> powerpc/pseries: Fix missing of_node_put() in rng_init() Håkon Bugge <haakon.bugge@xxxxxxxxxx> IB/mlx4: Adjust delayed work when a dup is observed Valentin Vidic <vvidic@xxxxxxxxxxxxxxxxxxxxxx> net: korina: fix kfree of rx/tx descriptor array Tom Rix <trix@xxxxxxxxxx> mwifiex: fix double free Johannes Berg <johannes.berg@xxxxxxxxx> nl80211: fix non-split wiphy information Lorenzo Colitti <lorenzo@xxxxxxxxxx> usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well Dan Carpenter <dan.carpenter@xxxxxxxxxx> mfd: sm501: Fix leaks in probe() Thomas Gleixner <tglx@xxxxxxxxxxxxx> net: enic: Cure the enic api locking trainwreck Eric Dumazet <edumazet@xxxxxxxxxx> quota: clear padding in v2r1_mem2diskdqb() Takashi Iwai <tiwai@xxxxxxx> ALSA: seq: oss: Avoid mutex lock for a long-time ioctl Souptick Joarder <jrdr.linux@xxxxxxxxx> misc: mic: scif: Fix error handling path Dan Carpenter <dan.carpenter@xxxxxxxxxx> ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() Dan Carpenter <dan.carpenter@xxxxxxxxxx> HID: roccat: add bounds checking in kone_sysfs_write_settings() Tom Rix <trix@xxxxxxxxxx> video: fbdev: sis: fix null ptr dereference Colin Ian King <colin.king@xxxxxxxxxxxxx> video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error Souptick Joarder <jrdr.linux@xxxxxxxxx> drivers/virt/fsl_hypervisor: Fix error handling path Artem Savkov <asavkov@xxxxxxxxxx> pty: do tty_flip_buffer_push without port->lock in pty_write Tyrel Datwyler <tyreld@xxxxxxxxxxxxx> tty: hvcs: Don't NULL tty->driver_data until hvcs_cleanup() Tong Zhang <ztong0001@xxxxxxxxx> tty: serial: earlycon dependency Alex Dewar <alex.dewar90@xxxxxxxxx> VMCI: check return value of get_user_pages_fast() for errors dinghao.liu@xxxxxxxxxx <dinghao.liu@xxxxxxxxxx> backlight: sky81452-backlight: Fix refcount imbalance on error Tianjia Zhang <tianjia.zhang@xxxxxxxxxxxxxxxxx> scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() Christophe JAILLET <christophe.jaillet@xxxxxxxxxx> scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' Tom Rix <trix@xxxxxxxxxx> drm/gma500: fix error check Christophe JAILLET <christophe.jaillet@xxxxxxxxxx> mwifiex: Do not use GFP_KERNEL in atomic context Bryan O'Donoghue <bryan.odonoghue@xxxxxxxxxx> wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 Dan Carpenter <dan.carpenter@xxxxxxxxxx> ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() Dan Carpenter <dan.carpenter@xxxxxxxxxx> ath6kl: prevent potential array overflow in ath6kl_add_new_sta() Qiushi Wu <wu000273@xxxxxxx> media: ti-vpe: Fix a missing check and reference count leak Tom Rix <trix@xxxxxxxxxx> media: tc358743: initialize variable Tero Kristo <t-kristo@xxxxxx> crypto: omap-sham - fix digcnt register handling with export/import Dinghao Liu <dinghao.liu@xxxxxxxxxx> media: omap3isp: Fix memleak in isp_probe Tom Rix <trix@xxxxxxxxxx> media: m5mols: Check function pointer in m5mols_sensor_power Sylwester Nawrocki <s.nawrocki@xxxxxxxxxxx> media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" Christophe JAILLET <christophe.jaillet@xxxxxxxxxx> crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call Dinghao Liu <dinghao.liu@xxxxxxxxxx> EDAC/i5100: Fix error handling order in i5100_init_one() Roberto Sassu <roberto.sassu@xxxxxxxxxx> ima: Don't ignore errors from crypto_shash_update() Dan Carpenter <dan.carpenter@xxxxxxxxxx> cifs: remove bogus debug code Eric Dumazet <edumazet@xxxxxxxxxx> icmp: randomize the global rate limiter Neal Cardwell <ncardwell@xxxxxxxxxx> tcp: fix to update snd_wl1 in bulk receiver fast path Defang Bo <bodefang@xxxxxxx> nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() Xie He <xie.he.0141@xxxxxxxxx> net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling ether_setup Xie He <xie.he.0141@xxxxxxxxx> net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> x86/mm/ptdump: Fix soft lockup in page table walker Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> lib/strscpy: Shut up KASAN false-positives in strscpy() Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> compiler.h: Add read_word_at_a_time() function. Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> compiler.h, kasan: Avoid duplicating __read_once_size_nocheck() Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> mm/kasan: add API to check memory regions Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx> mm/kasan: print name of mem[set,cpy,move]() caller in report Dan Carpenter <dan.carpenter@xxxxxxxxxx> ALSA: bebob: potential info leak in hwdep_read() Heiner Kallweit <hkallweit1@xxxxxxxxx> r8169: fix data corruption issue on RTL8402 Maciej Żenczykowski <maze@xxxxxxxxxx> net/ipv4: always honour route mtu during forwarding Cong Wang <xiyou.wangcong@xxxxxxxxx> tipc: fix the skb_unshare() in tipc_buf_append() David Wilder <dwilder@xxxxxxxxxx> ibmveth: Identify ingress large send packets. ------------- Diffstat: Documentation/networking/ip-sysctl.txt | 4 +- Makefile | 4 +- arch/arm/mm/cache-l2x0.c | 16 ++- arch/arm64/boot/dts/xilinx/zynqmp.dtsi | 4 +- arch/powerpc/include/asm/reg.h | 2 +- arch/powerpc/kernel/tau_6xx.c | 82 +++++---------- arch/powerpc/perf/hv-gpci-requests.h | 6 +- arch/powerpc/platforms/Kconfig | 9 +- arch/powerpc/platforms/powernv/opal-dump.c | 41 +++++--- arch/powerpc/platforms/pseries/rng.c | 1 + arch/powerpc/sysdev/xics/icp-hv.c | 1 + arch/x86/kvm/emulate.c | 2 +- arch/x86/mm/dump_pagetables.c | 2 + drivers/cpufreq/powernv-cpufreq.c | 9 +- drivers/crypto/ixp4xx_crypto.c | 2 +- drivers/crypto/omap-sham.c | 3 + drivers/edac/i5100_edac.c | 11 +- drivers/gpu/drm/gma500/cdv_intel_dp.c | 2 +- drivers/gpu/drm/virtio/virtgpu_kms.c | 2 + drivers/gpu/drm/virtio/virtgpu_vq.c | 10 +- drivers/hid/hid-roccat-kone.c | 23 ++-- drivers/infiniband/hw/mlx4/cm.c | 3 + drivers/input/keyboard/ep93xx_keypad.c | 4 +- drivers/input/keyboard/omap4-keypad.c | 6 +- drivers/input/serio/sun4i-ps2.c | 9 +- drivers/input/touchscreen/imx6ul_tsc.c | 27 +++-- drivers/media/firewire/firedtv-fw.c | 6 +- drivers/media/i2c/m5mols/m5mols_core.c | 3 +- drivers/media/i2c/tc358743.c | 2 +- drivers/media/pci/bt8xx/bttv-driver.c | 13 ++- drivers/media/pci/saa7134/saa7134-tvaudio.c | 3 +- drivers/media/platform/exynos4-is/fimc-isp.c | 4 +- drivers/media/platform/exynos4-is/fimc-lite.c | 2 +- drivers/media/platform/exynos4-is/media-dev.c | 8 +- drivers/media/platform/exynos4-is/mipi-csis.c | 4 +- drivers/media/platform/omap3isp/isp.c | 6 +- drivers/media/platform/sti/bdisp/bdisp-v4l2.c | 3 +- drivers/media/platform/ti-vpe/vpe.c | 2 + drivers/media/rc/ati_remote.c | 4 + drivers/media/usb/uvc/uvc_v4l2.c | 30 ++++++ drivers/memory/fsl-corenet-cf.c | 6 +- drivers/memory/omap-gpmc.c | 4 +- drivers/mfd/rtsx_pcr.c | 4 +- drivers/mfd/sm501.c | 8 +- drivers/misc/mic/scif/scif_rma.c | 4 +- drivers/misc/vmw_vmci/vmci_queue_pair.c | 10 +- drivers/mmc/core/sdio_cis.c | 3 + drivers/mtd/lpddr/lpddr2_nvm.c | 35 ++++--- drivers/mtd/mtdoops.c | 11 +- drivers/net/ethernet/cisco/enic/enic.h | 1 + drivers/net/ethernet/cisco/enic/enic_api.c | 6 ++ drivers/net/ethernet/cisco/enic/enic_main.c | 27 +++-- drivers/net/ethernet/ibm/ibmveth.c | 13 ++- drivers/net/ethernet/korina.c | 3 +- drivers/net/ethernet/realtek/r8169.c | 116 +++++++++++---------- drivers/net/wan/hdlc.c | 10 +- drivers/net/wan/hdlc_raw_eth.c | 1 + drivers/net/wireless/ath/ath10k/htt_rx.c | 8 ++ drivers/net/wireless/ath/ath6kl/main.c | 3 + drivers/net/wireless/ath/ath6kl/wmi.c | 5 + drivers/net/wireless/ath/ath9k/hif_usb.c | 19 ++++ drivers/net/wireless/ath/ath9k/htc_hst.c | 2 + drivers/net/wireless/ath/wcn36xx/main.c | 2 +- drivers/net/wireless/brcm80211/brcmfmac/msgbuf.c | 2 + .../net/wireless/brcm80211/brcmsmac/phy/phy_lcn.c | 4 +- drivers/net/wireless/mwifiex/scan.c | 2 +- drivers/net/wireless/mwifiex/sdio.c | 2 + drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu.c | 10 +- drivers/scsi/csiostor/csio_hw.c | 2 +- drivers/scsi/ibmvscsi/ibmvfc.c | 1 + drivers/scsi/mvumi.c | 1 + drivers/scsi/qla4xxx/ql4_os.c | 2 +- drivers/tty/hvc/hvcs.c | 14 +-- drivers/tty/ipwireless/network.c | 4 +- drivers/tty/ipwireless/tty.c | 2 +- drivers/tty/pty.c | 2 +- drivers/tty/serial/Kconfig | 1 + drivers/usb/class/cdc-acm.c | 11 ++ drivers/usb/class/cdc-wdm.c | 72 ++++++++++--- drivers/usb/core/urb.c | 89 +++++++++------- drivers/usb/gadget/function/f_printer.c | 16 ++- drivers/usb/gadget/function/u_ether.c | 2 +- drivers/usb/host/ohci-hcd.c | 16 +-- drivers/vfio/pci/vfio_pci_intrs.c | 4 +- drivers/video/backlight/sky81452-backlight.c | 1 + drivers/video/fbdev/sis/init.c | 11 +- drivers/video/fbdev/vga16fb.c | 14 +-- drivers/virt/fsl_hypervisor.c | 17 ++- fs/cifs/asn1.c | 16 +-- fs/ntfs/inode.c | 6 ++ fs/quota/quota_v2.c | 1 + fs/reiserfs/inode.c | 3 +- fs/reiserfs/super.c | 8 +- fs/udf/inode.c | 25 +++-- fs/udf/super.c | 6 ++ fs/xfs/xfs_rtalloc.c | 11 ++ include/linux/compiler.h | 22 ++-- include/linux/kasan-checks.h | 12 +++ include/net/ip.h | 6 ++ include/scsi/scsi_common.h | 7 ++ include/trace/events/target.h | 12 +-- kernel/debug/kdb/kdb_io.c | 8 +- kernel/power/hibernate.c | 11 -- lib/crc32.c | 2 +- lib/string.c | 2 +- mm/kasan/kasan.c | 76 ++++++++------ net/bluetooth/l2cap_sock.c | 7 +- net/ipv4/icmp.c | 7 +- net/ipv4/tcp_input.c | 2 + net/netfilter/ipvs/ip_vs_ctl.c | 7 +- net/nfc/netlink.c | 2 +- net/tipc/msg.c | 3 +- net/wireless/nl80211.c | 5 +- security/integrity/ima/ima_crypto.c | 2 + sound/core/seq/oss/seq_oss.c | 7 +- sound/firewire/bebob/bebob_hwdep.c | 3 +- tools/perf/util/intel-pt.c | 8 +- 117 files changed, 812 insertions(+), 453 deletions(-)
