{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":400253451,"defaultBranch":"msm-4.9","name":"msm-4.9","ownerLogin":"TogoFire","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2021-08-26T17:32:49.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/45384937?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1702919263.0","currentOid":""},"activityList":{"items":[{"before":"df7fde98fa82a1c4f18ae986e4259e89dbe2c7cc","after":"2aa81ab287e4d40e0fc061d379501bce66054aa2","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-25T07:07:01.000Z","pushType":"push","commitsCount":77,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"net: Don't reduce TTL/HL\n\nSome mobile carriers compare TTL/HL values to restrict\ntethering. Just skip the decrement to make it harder for them.\n\nSigned-off-by: Alexander Winkowski \nChange-Id: I5d6bbe76b810187c88cb9a160ade92ca81f94369\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"net: Don't reduce TTL/HL"}},{"before":"b83ea7b2e7877b8af67ddba0e822bc123b0d6e64","after":"df7fde98fa82a1c4f18ae986e4259e89dbe2c7cc","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-16T23:18:30.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"wireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer->device being\ndereferenced. It's actually easier and faster performance-wise to\ninstead get the device from ctx->wg. This semantically makes more sense\ntoo, since ctx->wg->peer_allowedips.seq is compared with\nctx->allowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.\n\nCc: stable@vger.kernel.org\nFixes: e7096c131e51 (\"net: WireGuard secure network tunnel\")\nSigned-off-by: Jason A. Donenfeld \nChange-Id: I0967a612571933f0f02aa9a98f5c595767f5d6a9\nReviewed-by: Jiri Pirko \nSigned-off-by: Paolo Abeni \n(cherry picked from commit 71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"wireguard: netlink: access device through ctx instead of peer"}},{"before":"e85ae79ac1f9de6ba1759ffec609c490a10364c1","after":"b83ea7b2e7877b8af67ddba0e822bc123b0d6e64","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-16T23:14:47.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"wireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer->device being\ndereferenced. It's actually easier and faster performance-wise to\ninstead get the device from ctx->wg. This semantically makes more sense\ntoo, since ctx->wg->peer_allowedips.seq is compared with\nctx->allowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.\n\nCc: stable@vger.kernel.org\nFixes: e7096c131e51 (\"net: WireGuard secure network tunnel\")\nSigned-off-by: Jason A. Donenfeld \nChange-Id: I0967a612571933f0f02aa9a98f5c595767f5d6a9\nReviewed-by: Jiri Pirko \nSigned-off-by: Paolo Abeni \n(cherry picked from commit 71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"wireguard: netlink: access device through ctx instead of peer"}},{"before":"a32543d9045b9a28749cf792db8d0ebc30ba4d84","after":"e85ae79ac1f9de6ba1759ffec609c490a10364c1","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-16T00:52:03.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"wireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer->device being\ndereferenced. It's actually easier and faster performance-wise to\ninstead get the device from ctx->wg. This semantically makes more sense\ntoo, since ctx->wg->peer_allowedips.seq is compared with\nctx->allowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.\n\nCc: stable@vger.kernel.org\nFixes: e7096c131e51 (\"net: WireGuard secure network tunnel\")\nSigned-off-by: Jason A. Donenfeld \nChange-Id: I0967a612571933f0f02aa9a98f5c595767f5d6a9\nReviewed-by: Jiri Pirko \nSigned-off-by: Paolo Abeni \n(cherry picked from commit 71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"wireguard: netlink: access device through ctx instead of peer"}},{"before":"97f07211a342da9373107075cb406ab414996166","after":"a32543d9045b9a28749cf792db8d0ebc30ba4d84","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-16T00:48:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"net: get stats64 if device if driver is configured\n\nIf the network driver is relying in the net core to do stats allocation,\nthen we want to dev_get_tstats64() instead of netdev_stats_to_stats64(),\nsince there are per-cpu stats that needs to be taken in consideration.\n\nThis will also simplify the drivers in regard to statistics. Once the\ndriver sets NETDEV_PCPU_STAT_TSTATS, it doesn't not need to allocate the\nstacks, neither it needs to set `.ndo_get_stats64 = dev_get_tstats64`\nfor the generic stats collection function anymore.\n\nSigned-off-by: Breno Leitao \nChange-Id: Icb70c320ff054712727c13eb13dd172d5dc9c3ea\nReviewed-by: Simon Horman \nSigned-off-by: Paolo Abeni \n(cherry picked from commit 3e2f544dd8a33b2f650b32920b9bef103da2a7cd)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"net: get stats64 if device if driver is configured"}},{"before":"19b46d23892f51aa63ed2970a8ce76150684e3f4","after":"97f07211a342da9373107075cb406ab414996166","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-16T00:46:39.000Z","pushType":"push","commitsCount":6,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"wireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer->device being\ndereferenced. It's actually easier and faster performance-wise to\ninstead get the device from ctx->wg. This semantically makes more sense\ntoo, since ctx->wg->peer_allowedips.seq is compared with\nctx->allowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.\n\nCc: stable@vger.kernel.org\nFixes: e7096c131e51 (\"net: WireGuard secure network tunnel\")\nSigned-off-by: Jason A. Donenfeld \nChange-Id: I0967a612571933f0f02aa9a98f5c595767f5d6a9\nReviewed-by: Jiri Pirko \nSigned-off-by: Paolo Abeni \n(cherry picked from commit 71cbd32e3db82ea4a74e3ef9aeeaa6971969c86f)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"wireguard: netlink: access device through ctx instead of peer"}},{"before":"6ae052e20fab83cbf6fc2414a2c8e5d7b7eb1fee","after":"19b46d23892f51aa63ed2970a8ce76150684e3f4","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-15T22:56:25.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"kernel/sys.c: implement custom uname override\n\nThe uname system-call will return CONFIG_UNAME_OVERRIDE_STRING on struct\nnew_utsname->release when a process with CONFIG_UNAME_OVERRIDE_TARGET\nincluded in its cmdline calls it.\n\nSigned-off-by: Juhyung Park \nChange-Id: I22cdd3fc9978fd6a5dbfca6aa32c3b967459f774\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"kernel/sys.c: implement custom uname override"}},{"before":"e39fe8784d19e6af27d70a9c285ec7994718adc8","after":"6ae052e20fab83cbf6fc2414a2c8e5d7b7eb1fee","ref":"refs/heads/msm-4.9","pushedAt":"2024-05-15T22:50:17.000Z","pushType":"push","commitsCount":63,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"block: Disable \"attempt to access beyond end of device\" message\n\n* Currently, This error message is flooding too much\n on dmesg when compressed APEX is enabled\n* We don't have any way to fix it yet, so just stop\n printing the message to have readable dmesg for now\n* Even QCOM had only decided to suppress printing the\n message [1] instead of actually fixing the issue,\n when they're enabling compressed APEX on sdm660 U\n (though it doesn't help really much)\n\n[1]: https://git.codelinaro.org/clo/la/kernel/msm-4.19/-/commit/22a5b9ed3babd4ad364e0236bdcda7eb69013d9b\n\nChange-Id: I0e3fb0db420320fd5df7e42824942dde01df685e\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"block: Disable \"attempt to access beyond end of device\" message"}},{"before":"6702ee86c2287daf81ccb64023d1b7fd347ae0bb","after":"e39fe8784d19e6af27d70a9c285ec7994718adc8","ref":"refs/heads/msm-4.9","pushedAt":"2024-02-20T12:36:13.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"coresight: Fix clang 14.x forbidden warnings/errors\n\nFix the sscanf overflow on the destination argument without\nthe specifier.\n\nSigned-off-by: Manjunatha Madana \nChange-Id: Ib4e29a04796a5dd99edab5fb227ccf34b6088977\n(cherry picked from commit 7d7f154f68c8429652017a95dc6e81053cbd3e90)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"coresight: Fix clang 14.x forbidden warnings/errors"}},{"before":"d57bc24e94107b249e50a24a062886b0b9a1c9bc","after":"6702ee86c2287daf81ccb64023d1b7fd347ae0bb","ref":"refs/heads/msm-4.9","pushedAt":"2024-02-20T12:35:15.000Z","pushType":"push","commitsCount":12,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"coresight: Fix clang 14.x forbidden warnings/errors\n\nFix the sscanf overflow on the destination argument without\nthe specifier.\n\nSigned-off-by: Manjunatha Madana \nChange-Id: I3d03c87cc90bf4c8eea13ca70574383e0bd5bf9b\n(cherry picked from commit 7d7f154f68c8429652017a95dc6e81053cbd3e90)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"coresight: Fix clang 14.x forbidden warnings/errors"}},{"before":"97a4721a51a483a21ae923b0216dfe3123708129","after":"d57bc24e94107b249e50a24a062886b0b9a1c9bc","ref":"refs/heads/msm-4.9","pushedAt":"2023-12-31T15:41:19.000Z","pushType":"push","commitsCount":20,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"ANDROID: Snapshot Mainline's version of checkpatch.pl\n\nNothing fancy here. Keeping full history is not required.\n\n `git checkout mainline/master -- scripts/checkpatch.pl`\n\nThis may need to be done periodically.\n\nBug: 316492624\nSigned-off-by: Lee Jones \nChange-Id: I3dccde0844da7bbdb9374b4e535f839fb7a9b629\n(cherry picked from commit 5f2ac0b23c7db34d25efe94dbe1a7f31bd081d13)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"ANDROID: Snapshot Mainline's version of checkpatch.pl"}},{"before":"f7dafbaa21abf4d285a9605776730d8361090c3f","after":"97a4721a51a483a21ae923b0216dfe3123708129","ref":"refs/heads/msm-4.9","pushedAt":"2023-12-19T23:45:06.000Z","pushType":"push","commitsCount":31,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"team: Fix use-after-free when an option instance allocation fails\n\ncommit c12296bbecc488623b7d1932080e394d08f3226b upstream.\n\nIn __team_options_register, team_options are allocated and appended to\nthe team's option_list.\nIf one option instance allocation fails, the \"inst_rollback\" cleanup\npath frees the previously allocated options but doesn't remove them from\nthe team's option_list.\nThis leaves dangling pointers that can be dereferenced later by other\nparts of the team driver that iterate over options.\n\nThis patch fixes the cleanup path to remove the dangling pointers from\nthe list.\n\nAs far as I can tell, this uaf doesn't have much security implications\nsince it would be fairly hard to exploit (an attacker would need to make\nthe allocation of that specific small object fail) but it's still nice\nto fix.\n\nCc: stable@vger.kernel.org\nFixes: 80f7c6683fe0 (\"team: add support for per-port options\")\nSigned-off-by: Florent Revest \nChange-Id: I01ebc47e58301b982d214731881caeed67c6fb6c\nReviewed-by: Jiri Pirko \nReviewed-by: Hangbin Liu \nLink: https://lore.kernel.org/r/20231206123719.1963153-1-revest@chromium.org\nSigned-off-by: Jakub Kicinski \nSigned-off-by: Greg Kroah-Hartman \nSigned-off-by: TogoFire ","shortMessageHtmlLink":"team: Fix use-after-free when an option instance allocation fails"}},{"before":"1582a5f8c2be97f9fe1994fefebcddd36d4b2d1c","after":"f7dafbaa21abf4d285a9605776730d8361090c3f","ref":"refs/heads/msm-4.9","pushedAt":"2023-12-19T01:35:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"msm: vidc: Fix possible NULL pointer dereference\n\nAdded NULL pointer check for platform_data structure to avoid NULL\npointer dereference error. platform_data is initialized with return\nvalue (driver_data) of vidc_get_drv_data() fucntion where driver_data is\ninitialized with NULL pointer at the beginning.\n\nSigned-off-by: Mahesh Voorugonda \nChange-Id: I2d5c869442d0c7670a5f89fc8fe30c6011d10032\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"msm: vidc: Fix possible NULL pointer dereference"}},{"before":"1582a5f8c2be97f9fe1994fefebcddd36d4b2d1c","after":null,"ref":"refs/heads/msm4.9","pushedAt":"2023-12-18T17:07:43.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"}},{"before":"46e58425576d44bae4cf2ce38deaf80c091b9a18","after":"1582a5f8c2be97f9fe1994fefebcddd36d4b2d1c","ref":"refs/heads/msm-4.9","pushedAt":"2023-12-18T17:07:33.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"Revert \"[media] rc: ir-sharp-decoder: Add encode capability\"\n\nThis reverts commit 609e640b74e964a19322f26e5fc097e5c432565a.\n\nLog:\n../drivers/media/rc/ir-sharp-decoder.c:178:39: error: variable has incomplete type 'const struct ir_raw_timings_pd'\n 178 | static const struct ir_raw_timings_pd ir_sharp_timings = {\n | ^\n../drivers/media/rc/ir-sharp-decoder.c:178:21: note: forward declaration of 'struct ir_raw_timings_pd'\n 178 | static const struct ir_raw_timings_pd ir_sharp_timings = {\n | ^\n../drivers/media/rc/ir-sharp-decoder.c:230:3: error: field designator 'encode' does not refer to any field in type 'struct ir_raw_handler'; did you mean 'decode'?\n 230 | .encode = ir_sharp_encode,\n | ^~~~~~\n | decode\n../drivers/media/rc/rc-core-priv.h:29:8: note: 'decode' declared here\n 29 | int (*decode)(struct rc_dev *dev, struct ir_raw_event event);\n | ^\n../drivers/media/rc/ir-sharp-decoder.c:230:13: error: incompatible function pointer types initializing 'int (*)(struct rc_dev *, struct ir_raw_event)' with an expression of type 'int (enum rc_type, u32, struct ir_raw_event *, unsigned int)' (aka 'int (enum rc_type, unsigned int, struct ir_raw_event *, unsigned int)') [-Wincompatible-function-pointer-types]\n 230 | .encode = ir_sharp_encode,\n | ^~~~~~~~~~~~~~~\n3 errors generated.\n\nSigned-off-by: TogoFire \nChange-Id: I6a255e878c8eddb352b2b0438165d9a98eb702f0","shortMessageHtmlLink":"Revert \"[media] rc: ir-sharp-decoder: Add encode capability\""}},{"before":null,"after":"1582a5f8c2be97f9fe1994fefebcddd36d4b2d1c","ref":"refs/heads/msm4.9","pushedAt":"2023-12-18T17:07:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"Revert \"[media] rc: ir-sharp-decoder: Add encode capability\"\n\nThis reverts commit 609e640b74e964a19322f26e5fc097e5c432565a.\n\nLog:\n../drivers/media/rc/ir-sharp-decoder.c:178:39: error: variable has incomplete type 'const struct ir_raw_timings_pd'\n 178 | static const struct ir_raw_timings_pd ir_sharp_timings = {\n | ^\n../drivers/media/rc/ir-sharp-decoder.c:178:21: note: forward declaration of 'struct ir_raw_timings_pd'\n 178 | static const struct ir_raw_timings_pd ir_sharp_timings = {\n | ^\n../drivers/media/rc/ir-sharp-decoder.c:230:3: error: field designator 'encode' does not refer to any field in type 'struct ir_raw_handler'; did you mean 'decode'?\n 230 | .encode = ir_sharp_encode,\n | ^~~~~~\n | decode\n../drivers/media/rc/rc-core-priv.h:29:8: note: 'decode' declared here\n 29 | int (*decode)(struct rc_dev *dev, struct ir_raw_event event);\n | ^\n../drivers/media/rc/ir-sharp-decoder.c:230:13: error: incompatible function pointer types initializing 'int (*)(struct rc_dev *, struct ir_raw_event)' with an expression of type 'int (enum rc_type, u32, struct ir_raw_event *, unsigned int)' (aka 'int (enum rc_type, unsigned int, struct ir_raw_event *, unsigned int)') [-Wincompatible-function-pointer-types]\n 230 | .encode = ir_sharp_encode,\n | ^~~~~~~~~~~~~~~\n3 errors generated.\n\nSigned-off-by: TogoFire \nChange-Id: I6a255e878c8eddb352b2b0438165d9a98eb702f0","shortMessageHtmlLink":"Revert \"[media] rc: ir-sharp-decoder: Add encode capability\""}},{"before":"28761fedcad9668decc4f86acc912a971ec07056","after":"46e58425576d44bae4cf2ce38deaf80c091b9a18","ref":"refs/heads/msm-4.9","pushedAt":"2023-12-18T14:15:39.000Z","pushType":"push","commitsCount":46,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"nilfs2: fix missing error check for sb_set_blocksize call\n\ncommit d61d0ab573649789bf9eb909c89a1a193b2e3d10 upstream.\n\nWhen mounting a filesystem image with a block size larger than the page\nsize, nilfs2 repeatedly outputs long error messages with stack traces to\nthe kernel log, such as the following:\n\n getblk(): invalid block size 8192 requested\n logical block size: 512\n ...\n Call Trace:\n dump_stack_lvl+0x92/0xd4\n dump_stack+0xd/0x10\n bdev_getblk+0x33a/0x354\n __breadahead+0x11/0x80\n nilfs_search_super_root+0xe2/0x704 [nilfs2]\n load_nilfs+0x72/0x504 [nilfs2]\n nilfs_mount+0x30f/0x518 [nilfs2]\n legacy_get_tree+0x1b/0x40\n vfs_get_tree+0x18/0xc4\n path_mount+0x786/0xa88\n __ia32_sys_mount+0x147/0x1a8\n __do_fast_syscall_32+0x56/0xc8\n do_fast_syscall_32+0x29/0x58\n do_SYSENTER_32+0x15/0x18\n entry_SYSENTER_32+0x98/0xf1\n ...\n\nThis overloads the system logger. And to make matters worse, it sometimes\ncrashes the kernel with a memory access violation.\n\nThis is because the return value of the sb_set_blocksize() call, which\nshould be checked for errors, is not checked.\n\nThe latter issue is due to out-of-buffer memory being accessed based on a\nlarge block size that caused sb_set_blocksize() to fail for buffers read\nwith the initial minimum block size that remained unupdated in the\nsuper_block structure.\n\nSince nilfs2 mkfs tool does not accept block sizes larger than the system\npage size, this has been overlooked. However, it is possible to create\nthis situation by intentionally modifying the tool or by passing a\nfilesystem image created on a system with a large page size to a system\nwith a smaller page size and mounting it.\n\nFix this issue by inserting the expected error handling for the call to\nsb_set_blocksize().\n\nLink: https://lkml.kernel.org/r/20231129141547.4726-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nChange-Id: I0bf1dbe62a26ae74bd5f182d488379a071a6ae1f\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Greg Kroah-Hartman \n(cherry picked from commit 4b8c4d1419302033366a49a8cf902a0dcc4dc790)\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"nilfs2: fix missing error check for sb_set_blocksize call"}},{"before":"859de00dd91f5d01817e54d3c2f526a1e0b497e2","after":"28761fedcad9668decc4f86acc912a971ec07056","ref":"refs/heads/msm-4.9","pushedAt":"2023-11-28T01:51:39.000Z","pushType":"push","commitsCount":88,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"net: sched: fix race condition in qdisc_graft()\n\ncommit ebda44da44f6f309d302522b049f43d6f829f7aa upstream.\n\nWe had one syzbot report [1] in syzbot queue for a while.\nI was waiting for more occurrences and/or a repro but\nDmitry Vyukov spotted the issue right away.\n\n\nqdisc_graft() drops reference to qdisc in notify_and_destroy\nwhile it's still assigned to dev->qdisc\n\n\nIndeed, RCU rules are clear when replacing a data structure.\nThe visible pointer (dev->qdisc in this case) must be updated\nto the new object _before_ RCU grace period is started\n(qdisc_put(old) in this case).\n\n[1]\nBUG: KASAN: use-after-free in __tcf_qdisc_find.part.0+0xa3a/0xac0 net/sched/cls_api.c:1066\nRead of size 4 at addr ffff88802065e038 by task syz-executor.4/21027\n\nCPU: 0 PID: 21027 Comm: syz-executor.4 Not tainted 6.0.0-rc3-syzkaller-00363-g7726d4c3e60b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022\nCall Trace:\n\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x719 mm/kasan/report.c:433\nkasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n__tcf_qdisc_find.part.0+0xa3a/0xac0 net/sched/cls_api.c:1066\n__tcf_qdisc_find net/sched/cls_api.c:1051 [inline]\ntc_new_tfilter+0x34f/0x2200 net/sched/cls_api.c:2018\nrtnetlink_rcv_msg+0x955/0xca0 net/core/rtnetlink.c:6081\nnetlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2501\nnetlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\nnetlink_unicast+0x543/0x7f0 net/netlink/af_netlink.c:1345\nnetlink_sendmsg+0x917/0xe10 net/netlink/af_netlink.c:1921\nsock_sendmsg_nosec net/socket.c:714 [inline]\nsock_sendmsg+0xcf/0x120 net/socket.c:734\n____sys_sendmsg+0x6eb/0x810 net/socket.c:2482\n___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n__sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f5efaa89279\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f5efbc31168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f5efab9bf80 RCX: 00007f5efaa89279\nRDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005\nRBP: 00007f5efaae32e9 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007f5efb0cfb1f R14: 00007f5efbc31300 R15: 0000000000022000\n\n\nAllocated by task 21027:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track mm/kasan/common.c:45 [inline]\nset_alloc_info mm/kasan/common.c:437 [inline]\n____kasan_kmalloc mm/kasan/common.c:516 [inline]\n____kasan_kmalloc mm/kasan/common.c:475 [inline]\n__kasan_kmalloc+0xa9/0xd0 mm/kasan/common.c:525\nkmalloc_node include/linux/slab.h:623 [inline]\nkzalloc_node include/linux/slab.h:744 [inline]\nqdisc_alloc+0xb0/0xc50 net/sched/sch_generic.c:938\nqdisc_create_dflt+0x71/0x4a0 net/sched/sch_generic.c:997\nattach_one_default_qdisc net/sched/sch_generic.c:1152 [inline]\nnetdev_for_each_tx_queue include/linux/netdevice.h:2437 [inline]\nattach_default_qdiscs net/sched/sch_generic.c:1170 [inline]\ndev_activate+0x760/0xcd0 net/sched/sch_generic.c:1229\n__dev_open+0x393/0x4d0 net/core/dev.c:1441\n__dev_change_flags+0x583/0x750 net/core/dev.c:8556\nrtnl_configure_link+0xee/0x240 net/core/rtnetlink.c:3189\nrtnl_newlink_create net/core/rtnetlink.c:3371 [inline]\n__rtnl_newlink+0x10b8/0x17e0 net/core/rtnetlink.c:3580\nrtnl_newlink+0x64/0xa0 net/core/rtnetlink.c:3593\nrtnetlink_rcv_msg+0x43a/0xca0 net/core/rtnetlink.c:6090\nnetlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2501\nnetlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\nnetlink_unicast+0x543/0x7f0 net/netlink/af_netlink.c:1345\nnetlink_sendmsg+0x917/0xe10 net/netlink/af_netlink.c:1921\nsock_sendmsg_nosec net/socket.c:714 [inline]\nsock_sendmsg+0xcf/0x120 net/socket.c:734\n____sys_sendmsg+0x6eb/0x810 net/socket.c:2482\n___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n__sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFreed by task 21020:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track+0x21/0x30 mm/kasan/common.c:45\nkasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370\n____kasan_slab_free mm/kasan/common.c:367 [inline]\n____kasan_slab_free+0x166/0x1c0 mm/kasan/common.c:329\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1754 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1780\nslab_free mm/slub.c:3534 [inline]\nkfree+0xe2/0x580 mm/slub.c:4562\nrcu_do_batch kernel/rcu/tree.c:2245 [inline]\nrcu_core+0x7b5/0x1890 kernel/rcu/tree.c:2505\n__do_softirq+0x1d3/0x9c6 kernel/softirq.c:571\n\nLast potentially related work creation:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n__kasan_record_aux_stack+0xbe/0xd0 mm/kasan/generic.c:348\ncall_rcu+0x99/0x790 kernel/rcu/tree.c:2793\nqdisc_put+0xcd/0xe0 net/sched/sch_generic.c:1083\nnotify_and_destroy net/sched/sch_api.c:1012 [inline]\nqdisc_graft+0xeb1/0x1270 net/sched/sch_api.c:1084\ntc_modify_qdisc+0xbb7/0x1a00 net/sched/sch_api.c:1671\nrtnetlink_rcv_msg+0x43a/0xca0 net/core/rtnetlink.c:6090\nnetlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2501\nnetlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\nnetlink_unicast+0x543/0x7f0 net/netlink/af_netlink.c:1345\nnetlink_sendmsg+0x917/0xe10 net/netlink/af_netlink.c:1921\nsock_sendmsg_nosec net/socket.c:714 [inline]\nsock_sendmsg+0xcf/0x120 net/socket.c:734\n____sys_sendmsg+0x6eb/0x810 net/socket.c:2482\n___sys_sendmsg+0x110/0x1b0 net/socket.c:2536\n__sys_sendmsg+0xf3/0x1c0 net/socket.c:2565\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nSecond to last potentially related work creation:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n__kasan_record_aux_stack+0xbe/0xd0 mm/kasan/generic.c:348\nkvfree_call_rcu+0x74/0x940 kernel/rcu/tree.c:3322\nneigh_destroy+0x431/0x630 net/core/neighbour.c:912\nneigh_release include/net/neighbour.h:454 [inline]\nneigh_cleanup_and_release+0x1f8/0x330 net/core/neighbour.c:103\nneigh_del net/core/neighbour.c:225 [inline]\nneigh_remove_one+0x37d/0x460 net/core/neighbour.c:246\nneigh_forced_gc net/core/neighbour.c:276 [inline]\nneigh_alloc net/core/neighbour.c:447 [inline]\n___neigh_create+0x18b5/0x29a0 net/core/neighbour.c:642\nip6_finish_output2+0xfb8/0x1520 net/ipv6/ip6_output.c:125\n__ip6_finish_output net/ipv6/ip6_output.c:195 [inline]\nip6_finish_output+0x690/0x1160 net/ipv6/ip6_output.c:206\nNF_HOOK_COND include/linux/netfilter.h:296 [inline]\nip6_output+0x1ed/0x540 net/ipv6/ip6_output.c:227\ndst_output include/net/dst.h:451 [inline]\nNF_HOOK include/linux/netfilter.h:307 [inline]\nNF_HOOK include/linux/netfilter.h:301 [inline]\nmld_sendpack+0xa09/0xe70 net/ipv6/mcast.c:1820\nmld_send_cr net/ipv6/mcast.c:2121 [inline]\nmld_ifc_work+0x71c/0xdc0 net/ipv6/mcast.c:2653\nprocess_one_work+0x991/0x1610 kernel/workqueue.c:2289\nworker_thread+0x665/0x1080 kernel/workqueue.c:2436\nkthread+0x2e4/0x3a0 kernel/kthread.c:376\nret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n\nThe buggy address belongs to the object at ffff88802065e000\nwhich belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 56 bytes inside of\n1024-byte region [ffff88802065e000, ffff88802065e400)\n\nThe buggy address belongs to the physical page:\npage:ffffea0000819600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20658\nhead:ffffea0000819600 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000010200 0000000000000000 dead000000000001 ffff888011841dc0\nraw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3523, tgid 3523 (sshd), ts 41495190986, free_ts 41417713212\nprep_new_page mm/page_alloc.c:2532 [inline]\nget_page_from_freelist+0x109b/0x2ce0 mm/page_alloc.c:4283\n__alloc_pages+0x1c7/0x510 mm/page_alloc.c:5515\nalloc_pages+0x1a6/0x270 mm/mempolicy.c:2270\nalloc_slab_page mm/slub.c:1824 [inline]\nallocate_slab+0x27e/0x3d0 mm/slub.c:1969\nnew_slab mm/slub.c:2029 [inline]\n___slab_alloc+0x7f1/0xe10 mm/slub.c:3031\n__slab_alloc.constprop.0+0x4d/0xa0 mm/slub.c:3118\nslab_alloc_node mm/slub.c:3209 [inline]\n__kmalloc_node_track_caller+0x2f2/0x380 mm/slub.c:4955\nkmalloc_reserve net/core/skbuff.c:358 [inline]\n__alloc_skb+0xd9/0x2f0 net/core/skbuff.c:430\nalloc_skb_fclone include/linux/skbuff.h:1307 [inline]\ntcp_stream_alloc_skb+0x38/0x580 net/ipv4/tcp.c:861\ntcp_sendmsg_locked+0xc36/0x2f80 net/ipv4/tcp.c:1325\ntcp_sendmsg+0x2b/0x40 net/ipv4/tcp.c:1483\ninet_sendmsg+0x99/0xe0 net/ipv4/af_inet.c:819\nsock_sendmsg_nosec net/socket.c:714 [inline]\nsock_sendmsg+0xcf/0x120 net/socket.c:734\nsock_write_iter+0x291/0x3d0 net/socket.c:1108\ncall_write_iter include/linux/fs.h:2187 [inline]\nnew_sync_write fs/read_write.c:491 [inline]\nvfs_write+0x9e9/0xdd0 fs/read_write.c:578\nksys_write+0x1e8/0x250 fs/read_write.c:631\npage last free stack trace:\nreset_page_owner include/linux/page_owner.h:24 [inline]\nfree_pages_prepare mm/page_alloc.c:1449 [inline]\nfree_pcp_prepare+0x5e4/0xd20 mm/page_alloc.c:1499\nfree_unref_page_prepare mm/page_alloc.c:3380 [inline]\nfree_unref_page+0x19/0x4d0 mm/page_alloc.c:3476\n__unfreeze_partials+0x17c/0x1a0 mm/slub.c:2548\nqlink_free mm/kasan/quarantine.c:168 [inline]\nqlist_free_all+0x6a/0x170 mm/kasan/quarantine.c:187\nkasan_quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:294\n__kasan_slab_alloc+0xa2/0xc0 mm/kasan/common.c:447\nkasan_slab_alloc include/linux/kasan.h:224 [inline]\nslab_post_alloc_hook mm/slab.h:727 [inline]\nslab_alloc_node mm/slub.c:3243 [inline]\nslab_alloc mm/slub.c:3251 [inline]\n__kmem_cache_alloc_lru mm/slub.c:3258 [inline]\nkmem_cache_alloc+0x267/0x3b0 mm/slub.c:3268\nkmem_cache_zalloc include/linux/slab.h:723 [inline]\nalloc_buffer_head+0x20/0x140 fs/buffer.c:2974\nalloc_page_buffers+0x280/0x790 fs/buffer.c:829\ncreate_empty_buffers+0x2c/0xee0 fs/buffer.c:1558\next4_block_write_begin+0x1004/0x1530 fs/ext4/inode.c:1074\next4_da_write_begin+0x422/0xae0 fs/ext4/inode.c:2996\ngeneric_perform_write+0x246/0x560 mm/filemap.c:3738\next4_buffered_write_iter+0x15b/0x460 fs/ext4/file.c:270\next4_file_write_iter+0x44a/0x1660 fs/ext4/file.c:679\ncall_write_iter include/linux/fs.h:2187 [inline]\nnew_sync_write fs/read_write.c:491 [inline]\nvfs_write+0x9e9/0xdd0 fs/read_write.c:578\n\nFixes: af356afa010f (\"net_sched: reintroduce dev->qdisc for use by sch_api\")\nReported-by: syzbot \nDiagnosed-by: Dmitry Vyukov \nSigned-off-by: Eric Dumazet \nLink: https://lore.kernel.org/r/20221018203258.2793282-1-edumazet@google.com\nSigned-off-by: Jakub Kicinski \n[ mheyne: removed rtnl_dereference due to missing commit 5891cd5ec46c\n (\"net_sched: add __rcu annotation to netdev->qdisc\") ]\nSigned-off-by: Maximilian Heyne \nSigned-off-by: Greg Kroah-Hartman \nSigned-off-by: TogoFire ","shortMessageHtmlLink":"net: sched: fix race condition in qdisc_graft()"}},{"before":"49d6f77d2e624f2cc5d582c55b4e4d0dde3ff0a3","after":"859de00dd91f5d01817e54d3c2f526a1e0b497e2","ref":"refs/heads/msm-4.9","pushedAt":"2023-11-14T13:34:46.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"Revert \"msm: vidc: modify allocation of hfi_cmd_sys_set_property_packet\"\n\nThis reverts commit 0e11a142912796dd7b07d675d47f23abab2cd45a.\n\n... unfortunately videos start to stutter ...\n\n(cherry picked from commit 5926e689a15e9abdfcd479653b4bfdd5b76cf9d0)\nSigned-off-by: TogoFire \nChange-Id: I65909173927d8f295d5a433dcb70303555b6b05e","shortMessageHtmlLink":"Revert \"msm: vidc: modify allocation of hfi_cmd_sys_set_property_packet\""}},{"before":"e2cd5229464c23e9f0a239c9d1a0d6f9c6957f51","after":"49d6f77d2e624f2cc5d582c55b4e4d0dde3ff0a3","ref":"refs/heads/msm-4.9","pushedAt":"2023-11-10T14:34:08.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"msm: vidc: Fix max value of base layer pid\n\nIncrease the max allowed value of base layer pid\nfrom 6 to 63 as per the spec.\n\nSigned-off-by: Mahesh Voorugonda \nChange-Id: I289414647585ea450e18817ec7417748de3c9d74\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"msm: vidc: Fix max value of base layer pid"}},{"before":"88663bfec914a65d642d4c5b5cc0b8ec252ea44d","after":"e2cd5229464c23e9f0a239c9d1a0d6f9c6957f51","ref":"refs/heads/msm-4.9","pushedAt":"2023-11-10T12:43:22.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"msm: vidc: modify allocation of hfi_cmd_sys_set_property_packet\n\nAllocating sufficient size for hfi_cmd_sys_set_property_packet.\n\nSigned-off-by: Agnimitra Sen \nChange-Id: I0c0bf5a7fed49ad2b239bb5f303d664313fa3966\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"msm: vidc: modify allocation of hfi_cmd_sys_set_property_packet"}},{"before":"6765b5b5d80d7ba1776b872375ba760f14b64ba0","after":"88663bfec914a65d642d4c5b5cc0b8ec252ea44d","ref":"refs/heads/msm-4.9","pushedAt":"2023-11-10T12:37:17.000Z","pushType":"push","commitsCount":47,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"msm: vidc: modify allocation of hfi_cmd_sys_set_property_packet\n\nAllocating sufficient size for hfi_cmd_sys_set_property_packet.\n\nSigned-off-by: Agnimitra Sen \nChange-Id: Ifd0ffb7f3e7cac2eb03c3c9668206680478e4bf9\nSigned-off-by: TogoFire ","shortMessageHtmlLink":"msm: vidc: modify allocation of hfi_cmd_sys_set_property_packet"}},{"before":"dc336131ab83b2d07f7252d96bcb0515ac4caf0d","after":"6765b5b5d80d7ba1776b872375ba760f14b64ba0","ref":"refs/heads/msm-4.9","pushedAt":"2023-11-01T13:41:23.000Z","pushType":"push","commitsCount":21,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"driver: platform: Add helper for safer setting of driver_override\n\ncommit 6c2f421174273de8f83cde4286d1c076d43a2d35 upstream.\n\nSeveral core drivers and buses expect that driver_override is a\ndynamically allocated memory thus later they can kfree() it.\n\nHowever such assumption is not documented, there were in the past and\nthere are already users setting it to a string literal. This leads to\nkfree() of static memory during device release (e.g. in error paths or\nduring unbind):\n\n kernel BUG at ../mm/slub.c:3960!\n Internal error: Oops - BUG: 0 [#1] PREEMPT SMP ARM\n ...\n (kfree) from [] (platform_device_release+0x88/0xb4)\n (platform_device_release) from [] (device_release+0x2c/0x90)\n (device_release) from [] (kobject_put+0xec/0x20c)\n (kobject_put) from [] (exynos5_clk_probe+0x154/0x18c)\n (exynos5_clk_probe) from [] (platform_drv_probe+0x6c/0xa4)\n (platform_drv_probe) from [] (really_probe+0x280/0x414)\n (really_probe) from [] (driver_probe_device+0x78/0x1c4)\n (driver_probe_device) from [] (bus_for_each_drv+0x74/0xb8)\n (bus_for_each_drv) from [] (__device_attach+0xd4/0x16c)\n (__device_attach) from [] (bus_probe_device+0x88/0x90)\n (bus_probe_device) from [] (device_add+0x3dc/0x62c)\n (device_add) from [] (of_platform_device_create_pdata+0x94/0xbc)\n (of_platform_device_create_pdata) from [] (of_platform_bus_create+0x1a8/0x4fc)\n (of_platform_bus_create) from [] (of_platform_bus_create+0x20c/0x4fc)\n (of_platform_bus_create) from [] (of_platform_populate+0x84/0x118)\n (of_platform_populate) from [] (of_platform_default_populate_init+0xa0/0xb8)\n (of_platform_default_populate_init) from [] (do_one_initcall+0x8c/0x404)\n\nProvide a helper which clearly documents the usage of driver_override.\nThis will allow later to reuse the helper and reduce the amount of\nduplicated code.\n\nConvert the platform driver to use a new helper and make the\ndriver_override field const char (it is not modified by the core).\n\nReviewed-by: Rafael J. Wysocki \nAcked-by: Rafael J. Wysocki \nSigned-off-by: Krzysztof Kozlowski \nChange-Id: I9355a819d368239058ede54c0814683d7102e1f1\nLink: https://lore.kernel.org/r/20220419113435.246203-2-krzysztof.kozlowski@linaro.org\nSigned-off-by: Greg Kroah-Hartman \nSigned-off-by: Lee Jones \nSigned-off-by: TogoFire ","shortMessageHtmlLink":"driver: platform: Add helper for safer setting of driver_override"}},{"before":"945868e787836fa36e24e674cecb519042af64c2","after":"dc336131ab83b2d07f7252d96bcb0515ac4caf0d","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-28T17:56:49.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"mm: Add le9ec to k4.9\n\nle9 : https://github.com/hakavlad/le9-patch\n\nSigned-off-by: TogoFire \nChange-Id: I2b59e32273d04eafeed22b40ffaa6062375d66d8","shortMessageHtmlLink":"mm: Add le9ec to k4.9"}},{"before":"5831071dba25e28cd65cd7949f4309b61c163417","after":"945868e787836fa36e24e674cecb519042af64c2","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-28T17:32:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"mm: Add le9ec to k4.9\n\nle9 : https://github.com/hakavlad/le9-patch\n\nSigned-off-by: TogoFire \nChange-Id: Ie7dc638d977a647514547bd2f79f890adbb091ea","shortMessageHtmlLink":"mm: Add le9ec to k4.9"}},{"before":"3b1b5826f8bd5d483c53518c0b0104c221d3cf9b","after":"5831071dba25e28cd65cd7949f4309b61c163417","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-28T17:03:08.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"perf: Disallow mis-matched inherited group reads\n\ncommit 32671e3799ca2e4590773fd0e63aaa4229e50c06 upstream.\n\nBecause group consistency is non-atomic between parent (filedesc) and children\n(inherited) events, it is possible for PERF_FORMAT_GROUP read() to try and sum\nnon-matching counter groups -- with non-sensical results.\n\nAdd group_generation to distinguish the case where a parent group removes and\nadds an event and thus has the same number, but a different configuration of\nevents as inherited groups.\n\nThis became a problem when commit fa8c269353d5 (\"perf/core: Invert\nperf_read_group() loops\") flipped the order of child_list and sibling_list.\nPreviously it would iterate the group (sibling_list) first, and for each\nsibling traverse the child_list. In this order, only the group composition of\nthe parent is relevant. By flipping the order the group composition of the\nchild (inherited) events becomes an issue and the mis-match in group\ncomposition becomes evident.\n\nThat said; even prior to this commit, while reading of a group that is not\nequally inherited was not broken, it still made no sense.\n\n(Ab)use ECHILD as error return to indicate issues with child process group\ncomposition.\n\nFixes: fa8c269353d5 (\"perf/core: Invert perf_read_group() loops\")\nReported-by: Budimir Markovic \nSigned-off-by: Peter Zijlstra (Intel) \nLink: https://lkml.kernel.org/r/20231018115654.GK33217@noisy.programming.kicks-ass.net\nSigned-off-by: Greg Kroah-Hartman \nSigned-off-by: TogoFire ","shortMessageHtmlLink":"perf: Disallow mis-matched inherited group reads"}},{"before":"6ad932086884f4f32b81c3aa1939318751012499","after":"3b1b5826f8bd5d483c53518c0b0104c221d3cf9b","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-26T18:36:38.000Z","pushType":"push","commitsCount":56,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"ext4: remove additional tracings added by CAF\n\nLog:\n:49:10: fatal error: 'trace/events/android_fs.h' file not found\n 49 | #include \n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~\n AR kernel/power/built-in.o\n1 error generated.\n\nSigned-off-by: Park Ju Hyung \nChange-Id: Ib951cab1e482408fc81a09fd346a3c49e76f3c78\nSigned-off-by: Yaroslav Furman ","shortMessageHtmlLink":"ext4: remove additional tracings added by CAF"}},{"before":"de27111ab40b4e93d0b2420c7b0c6849b4e80a2f","after":"6ad932086884f4f32b81c3aa1939318751012499","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-23T21:41:23.000Z","pushType":"push","commitsCount":261,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"selinux: Fix security labels for erofs, f2fs and sdcardfs\n\nSigned-off-by: TogoFire \nChange-Id: I5040d4285e04cf9afb40bba78c3f604703d3f9b9","shortMessageHtmlLink":"selinux: Fix security labels for erofs, f2fs and sdcardfs"}},{"before":"91b4e00b45b2197eccd389c7f591a1437a204a0e","after":"de27111ab40b4e93d0b2420c7b0c6849b4e80a2f","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-17T13:09:42.000Z","pushType":"push","commitsCount":21,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call\n\ncommit 427694cfaafa565a3db5c5ea71df6bc095dca92f upstream.\n\nWhen NCM is used with hosts like Windows PC, it is observed that there are\nmultiple NTB's contained in one usb request giveback. Since the driver\nunwraps the obtained request data assuming only one NTB is present, we\nloose the subsequent NTB's present resulting in data loss.\n\nFix this by checking the parsed block length with the obtained data\nlength in usb request and continue parsing after the last byte of current\nNTB.\n\nCc: stable@vger.kernel.org\nFixes: 9f6ce4240a2b (\"usb: gadget: f_ncm.c added\")\nSigned-off-by: Krishna Kurapati \nChange-Id: Ica834fdc15b3f84857a4563ac5717f83cbea4c9c\nReviewed-by: Maciej Żenczykowski \nLink: https://lore.kernel.org/r/20230927105858.12950-1-quic_kriskura@quicinc.com\nSigned-off-by: Greg Kroah-Hartman \nSigned-off-by: TogoFire ","shortMessageHtmlLink":"usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call"}},{"before":"94f764f912ada4e1cca840ebc844359d25be8ac8","after":"91b4e00b45b2197eccd389c7f591a1437a204a0e","ref":"refs/heads/msm-4.9","pushedAt":"2023-10-10T19:48:52.000Z","pushType":"push","commitsCount":33,"pusher":{"login":"TogoFire","name":"TogoFire","path":"/TogoFire","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/45384937?s=80&v=4"},"commit":{"message":"udf: merge bh free\n\ncommit 02d4ca49fa222021988b2791c8efefd70d3228ac upstream.\n\nMerge all bh free at one place.\n\nSigned-off-by: Fabian Frederick \nChange-Id: I227b27d8f5500b55a2dbc1439f4df383e3a54aa8\nSigned-off-by: Jan Kara \nSigned-off-by: Ulrich Hecht \nSigned-off-by: TogoFire ","shortMessageHtmlLink":"udf: merge bh free"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEU5mtrAA","startCursor":null,"endCursor":null}},"title":"Activity · TogoFire/msm-4.9"}