diff options
author | Patrick Tjin <pattjin@google.com> | 2017-11-07 12:13:34 -0800 |
---|---|---|
committer | Patrick Tjin <pattjin@google.com> | 2017-11-07 12:13:34 -0800 |
commit | 5a720136d4aaaf95d3e583f60c7c436ed5319d7a (patch) | |
tree | 8fbe36d8671917e6503564c72811c921945e16ff | |
parent | 33ace82f84ba203ceb58b2c28a0f2e3389870030 (diff) | |
parent | 78384f0f797e161358e7ac841bd234ff2a90c3fe (diff) |
Merge branch 'android-msm-angler-3.10-oc' into android-msm-angler-3.10android-8.1.0_r0.20android-8.1.0_r0.16
January 2017.1
Bug: 68996174
Change-Id: Iccdc88be6cea832954e016a5d0b805bf107bd699
Signed-off-by: Patrick Tjin <pattjin@google.com>
-rw-r--r-- | arch/arm64/configs/angler_defconfig | 6 | ||||
-rw-r--r-- | arch/arm64/include/asm/esr.h | 40 | ||||
-rw-r--r-- | arch/arm64/kernel/entry.S | 11 | ||||
-rw-r--r-- | arch/arm64/kernel/traps.c | 35 | ||||
-rw-r--r-- | crypto/algif_skcipher.c | 14 | ||||
-rw-r--r-- | drivers/char/adsprpc.c | 3 | ||||
-rw-r--r-- | drivers/clocksource/Kconfig | 8 | ||||
-rw-r--r-- | drivers/clocksource/arm_arch_timer.c | 5 | ||||
-rw-r--r-- | drivers/input/touchscreen/synaptics_dsx25/synaptics_dsx_rmi_dev.c | 10 | ||||
-rw-r--r-- | drivers/mfd/wcd9xxx-core.c | 8 | ||||
-rw-r--r-- | drivers/soc/qcom/msm_glink_pkt.c | 61 | ||||
-rw-r--r-- | drivers/staging/android/ashmem.c | 2 | ||||
-rw-r--r-- | mm/migrate.c | 11 |
13 files changed, 166 insertions, 48 deletions
diff --git a/arch/arm64/configs/angler_defconfig b/arch/arm64/configs/angler_defconfig index 53e109304867..bb5afa3bd58c 100644 --- a/arch/arm64/configs/angler_defconfig +++ b/arch/arm64/configs/angler_defconfig @@ -197,12 +197,6 @@ CONFIG_RMNET_DATA=y CONFIG_RMNET_DATA_FC=y CONFIG_SOCKEV_NLMCAST=y CONFIG_BT=y -CONFIG_BT_RFCOMM=y -CONFIG_BT_RFCOMM_TTY=y -CONFIG_BT_BNEP=y -CONFIG_BT_BNEP_MC_FILTER=y -CONFIG_BT_BNEP_PROTO_FILTER=y -CONFIG_BT_HIDP=y CONFIG_MSM_BT_BLUESLEEP=y CONFIG_CFG80211=y CONFIG_RFKILL=y diff --git a/arch/arm64/include/asm/esr.h b/arch/arm64/include/asm/esr.h index 72674f4c3871..59aae93ab823 100644 --- a/arch/arm64/include/asm/esr.h +++ b/arch/arm64/include/asm/esr.h @@ -54,4 +54,44 @@ #define ESR_EL1_EC_BKPT32 (0x38) #define ESR_EL1_EC_BRK64 (0x3C) +/* ISS field definitions for System instruction traps */ +#define ESR_ELx_SYS64_ISS_RES0_SHIFT 22 +#define ESR_ELx_SYS64_ISS_RES0_MASK (UL(0x7) << ESR_ELx_SYS64_ISS_RES0_SHIFT) +#define ESR_ELx_SYS64_ISS_DIR_MASK 0x1 +#define ESR_ELx_SYS64_ISS_DIR_READ 0x1 +#define ESR_ELx_SYS64_ISS_DIR_WRITE 0x0 + +#define ESR_ELx_SYS64_ISS_RT_SHIFT 5 +#define ESR_ELx_SYS64_ISS_RT_MASK (UL(0x1f) << ESR_ELx_SYS64_ISS_RT_SHIFT) +#define ESR_ELx_SYS64_ISS_CRM_SHIFT 1 +#define ESR_ELx_SYS64_ISS_CRM_MASK (UL(0xf) << ESR_ELx_SYS64_ISS_CRM_SHIFT) +#define ESR_ELx_SYS64_ISS_CRN_SHIFT 10 +#define ESR_ELx_SYS64_ISS_CRN_MASK (UL(0xf) << ESR_ELx_SYS64_ISS_CRN_SHIFT) +#define ESR_ELx_SYS64_ISS_OP1_SHIFT 14 +#define ESR_ELx_SYS64_ISS_OP1_MASK (UL(0x7) << ESR_ELx_SYS64_ISS_OP1_SHIFT) +#define ESR_ELx_SYS64_ISS_OP2_SHIFT 17 +#define ESR_ELx_SYS64_ISS_OP2_MASK (UL(0x7) << ESR_ELx_SYS64_ISS_OP2_SHIFT) +#define ESR_ELx_SYS64_ISS_OP0_SHIFT 20 +#define ESR_ELx_SYS64_ISS_OP0_MASK (UL(0x3) << ESR_ELx_SYS64_ISS_OP0_SHIFT) +#define ESR_ELx_SYS64_ISS_SYS_MASK (ESR_ELx_SYS64_ISS_OP0_MASK | \ + ESR_ELx_SYS64_ISS_OP1_MASK | \ + ESR_ELx_SYS64_ISS_OP2_MASK | \ + ESR_ELx_SYS64_ISS_CRN_MASK | \ + ESR_ELx_SYS64_ISS_CRM_MASK) +#define ESR_ELx_SYS64_ISS_SYS_VAL(op0, op1, op2, crn, crm) \ + (((op0) << ESR_ELx_SYS64_ISS_OP0_SHIFT) | \ + ((op1) << ESR_ELx_SYS64_ISS_OP1_SHIFT) | \ + ((op2) << ESR_ELx_SYS64_ISS_OP2_SHIFT) | \ + ((crn) << ESR_ELx_SYS64_ISS_CRN_SHIFT) | \ + ((crm) << ESR_ELx_SYS64_ISS_CRM_SHIFT)) + +#define ESR_ELx_SYS64_ISS_SYS_OP_MASK (ESR_ELx_SYS64_ISS_SYS_MASK | \ + ESR_ELx_SYS64_ISS_DIR_MASK) + +#define ESR_ELx_SYS64_ISS_SYS_CNTVCT (ESR_ELx_SYS64_ISS_SYS_VAL(3, 3, 2, 14, 0) | \ + ESR_ELx_SYS64_ISS_DIR_READ) + +#define ESR_ELx_SYS64_ISS_SYS_CNTFRQ (ESR_ELx_SYS64_ISS_SYS_VAL(3, 3, 0, 14, 0) | \ + ESR_ELx_SYS64_ISS_DIR_READ) + #endif /* __ASM_ESR_H */ diff --git a/arch/arm64/kernel/entry.S b/arch/arm64/kernel/entry.S index 1580951fb3c2..2e32bb0a17cf 100644 --- a/arch/arm64/kernel/entry.S +++ b/arch/arm64/kernel/entry.S @@ -377,7 +377,7 @@ el0_sync: cmp x24, #ESR_EL1_EC_FP_EXC64 // FP/ASIMD exception b.eq el0_fpsimd_exc cmp x24, #ESR_EL1_EC_SYS64 // configurable trap - b.eq el0_undef + b.eq el0_sys cmp x24, #ESR_EL1_EC_SP_ALIGN // stack alignment exception b.eq el0_sp_pc cmp x24, #ESR_EL1_EC_PC_ALIGN // pc alignment exception @@ -490,6 +490,15 @@ el0_undef: enable_dbg_and_irq mov x0, sp b do_undefinstr +el0_sys: + /* + * System instructions, for trapped cache maintenance instructions + */ + enable_dbg + enable_irq + mov x0, x25 + mov x1, sp + b do_sysinstr el0_dbg: /* * Debug exception handling diff --git a/arch/arm64/kernel/traps.c b/arch/arm64/kernel/traps.c index 619344d6f2bd..8c2cdcc1e53b 100644 --- a/arch/arm64/kernel/traps.c +++ b/arch/arm64/kernel/traps.c @@ -32,8 +32,11 @@ #include <linux/sched.h> #include <linux/syscalls.h> +#include <asm/arch_timer.h> #include <asm/atomic.h> +#include <asm/barrier.h> #include <asm/debug-monitors.h> +#include <asm/esr.h> #include <asm/traps.h> #include <asm/stacktrace.h> #include <asm/exception.h> @@ -381,6 +384,38 @@ die_sig: arm64_notify_die("Oops - undefined instruction", regs, &info, 0); } +static void cntvct_read_handler(unsigned int esr, struct pt_regs *regs) +{ + int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; + + isb(); + if (rt != 31) + regs->regs[rt] = arch_counter_get_cntvct(); + regs->pc += 4; +} + +static void cntfrq_read_handler(unsigned int esr, struct pt_regs *regs) +{ + int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; + + if (rt != 31) + asm volatile("mrs %0, cntfrq_el0" : "=r" (regs->regs[rt])); + regs->pc += 4; +} + +asmlinkage void __exception do_sysinstr(unsigned int esr, struct pt_regs *regs) +{ + if ((esr & ESR_ELx_SYS64_ISS_SYS_OP_MASK) == ESR_ELx_SYS64_ISS_SYS_CNTVCT) { + cntvct_read_handler(esr, regs); + return; + } else if ((esr & ESR_ELx_SYS64_ISS_SYS_OP_MASK) == ESR_ELx_SYS64_ISS_SYS_CNTFRQ) { + cntfrq_read_handler(esr, regs); + return; + } + + do_undefinstr(regs); +} + long compat_arm_syscall(struct pt_regs *regs); asmlinkage long do_ni_syscall(struct pt_regs *regs) diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c index 83187f497c7c..bb68c92e68c6 100644 --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c @@ -441,13 +441,6 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock, char __user *from = iov->iov_base; while (seglen) { - sgl = list_first_entry(&ctx->tsgl, - struct skcipher_sg_list, list); - sg = sgl->sg; - - while (!sg->length) - sg++; - used = ctx->used; if (!used) { err = skcipher_wait_for_data(sk, flags); @@ -469,6 +462,13 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock, if (!used) goto free; + sgl = list_first_entry(&ctx->tsgl, + struct skcipher_sg_list, list); + sg = sgl->sg; + + while (!sg->length) + sg++; + ablkcipher_request_set_crypt(&ctx->req, sg, ctx->rsgl.sg, used, ctx->iv); diff --git a/drivers/char/adsprpc.c b/drivers/char/adsprpc.c index 44f318011ad0..f5ed8007247b 100644 --- a/drivers/char/adsprpc.c +++ b/drivers/char/adsprpc.c @@ -1894,6 +1894,9 @@ static long fastrpc_device_ioctl(struct file *file, unsigned int ioctl_num, sizeof(init))); if (err) goto bail; + VERIFY(err, init.filelen >= 0 && init.memlen >= 0); + if (err) + goto bail; VERIFY(err, 0 == fastrpc_init_process(fdata, &init)); if (err) goto bail; diff --git a/drivers/clocksource/Kconfig b/drivers/clocksource/Kconfig index 593485b02ee5..b1de73fde72a 100644 --- a/drivers/clocksource/Kconfig +++ b/drivers/clocksource/Kconfig @@ -82,6 +82,14 @@ config ARM_ARCH_TIMER_EVTSTREAM This must be disabled for hardware validation purposes to detect any hardware anomalies of missing events. +config ARM_ARCH_TIMER_VCT_ACCESS + bool "Support for ARM architected timer virtual counter access in userspace" + default n + depends on ARM_ARCH_TIMER + help + This option enables support for reading the ARM architected timer's + virtual counter in userspace. + config CLKSRC_METAG_GENERIC def_bool y if METAG help diff --git a/drivers/clocksource/arm_arch_timer.c b/drivers/clocksource/arm_arch_timer.c index 1bdf38aab486..66797216f58f 100644 --- a/drivers/clocksource/arm_arch_timer.c +++ b/drivers/clocksource/arm_arch_timer.c @@ -320,7 +320,10 @@ static void arch_counter_set_user_access(void) | ARCH_TIMER_USR_PCT_ACCESS_EN); /* Enable user access to the virtual counter */ - cntkctl |= ARCH_TIMER_USR_VCT_ACCESS_EN; + if (IS_ENABLED(CONFIG_ARM_ARCH_TIMER_VCT_ACCESS)) + cntkctl |= ARCH_TIMER_USR_VCT_ACCESS_EN; + else + cntkctl &= ~ARCH_TIMER_USR_VCT_ACCESS_EN; arch_timer_set_cntkctl(cntkctl); } diff --git a/drivers/input/touchscreen/synaptics_dsx25/synaptics_dsx_rmi_dev.c b/drivers/input/touchscreen/synaptics_dsx25/synaptics_dsx_rmi_dev.c index 018c621c0cfe..7b05bc8fea84 100644 --- a/drivers/input/touchscreen/synaptics_dsx25/synaptics_dsx_rmi_dev.c +++ b/drivers/input/touchscreen/synaptics_dsx25/synaptics_dsx_rmi_dev.c @@ -104,22 +104,22 @@ static struct bin_attribute attr_data = { }; static struct device_attribute attrs[] = { - __ATTR(open, S_IWUSR | S_IWGRP, + __ATTR(open, S_IWUSR, synaptics_rmi4_show_error, rmidev_sysfs_open_store), - __ATTR(release, S_IWUSR | S_IWGRP, + __ATTR(release, S_IWUSR, synaptics_rmi4_show_error, rmidev_sysfs_release_store), __ATTR(attn_state, S_IRUGO, rmidev_sysfs_attn_state_show, synaptics_rmi4_store_error), - __ATTR(pid, S_IRUGO | S_IWUSR | S_IWGRP, + __ATTR(pid, S_IRUGO | S_IWUSR, rmidev_sysfs_pid_show, rmidev_sysfs_pid_store), - __ATTR(term, S_IWUSR | S_IWGRP, + __ATTR(term, S_IWUSR, synaptics_rmi4_show_error, rmidev_sysfs_term_store), - __ATTR(intr_mask, S_IRUGO | S_IWUSR | S_IWGRP, + __ATTR(intr_mask, S_IRUGO | S_IWUSR, rmidev_sysfs_intr_mask_show, rmidev_sysfs_intr_mask_store), }; diff --git a/drivers/mfd/wcd9xxx-core.c b/drivers/mfd/wcd9xxx-core.c index 2f31f24ca496..7c2054b2c048 100644 --- a/drivers/mfd/wcd9xxx-core.c +++ b/drivers/mfd/wcd9xxx-core.c @@ -2101,19 +2101,19 @@ static int wcd9xxx_slim_probe(struct slim_device *slim) ("wcd9xxx_core", 0); if (!IS_ERR(debugfs_wcd9xxx_dent)) { debugfs_peek = debugfs_create_file("slimslave_peek", - S_IFREG | S_IRUGO, debugfs_wcd9xxx_dent, + S_IFREG | S_IRUSR, debugfs_wcd9xxx_dent, (void *) "slimslave_peek", &codec_debug_ops); debugfs_poke = debugfs_create_file("slimslave_poke", - S_IFREG | S_IRUGO, debugfs_wcd9xxx_dent, + S_IFREG | S_IRUSR, debugfs_wcd9xxx_dent, (void *) "slimslave_poke", &codec_debug_ops); debugfs_power_state = debugfs_create_file("power_state", - S_IFREG | S_IRUGO, debugfs_wcd9xxx_dent, + S_IFREG | S_IRUSR, debugfs_wcd9xxx_dent, (void *) "power_state", &codec_debug_ops); debugfs_reg_dump = debugfs_create_file("slimslave_reg_dump", - S_IFREG | S_IRUGO, debugfs_wcd9xxx_dent, + S_IFREG | S_IRUSR, debugfs_wcd9xxx_dent, (void *) "slimslave_reg_dump", &codec_debug_ops); } #endif diff --git a/drivers/soc/qcom/msm_glink_pkt.c b/drivers/soc/qcom/msm_glink_pkt.c index 946c82e0d2b1..d29b4c0812e3 100644 --- a/drivers/soc/qcom/msm_glink_pkt.c +++ b/drivers/soc/qcom/msm_glink_pkt.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2014, The Linux Foundation. All rights reserved. +/* Copyright (c) 2014-2015, 2017 The Linux Foundation. All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 and @@ -78,7 +78,7 @@ struct glink_pkt_dev { wait_queue_head_t ch_read_wait_queue; struct list_head pkt_list; - struct mutex pkt_list_lock; + spinlock_t pkt_list_lock; struct wakeup_source pa_ws; /* Packet Arrival Wakeup Source */ struct work_struct packet_arrival_work; @@ -147,7 +147,7 @@ module_param_named(debug_mask, msm_glink_pkt_debug_mask, int, S_IRUGO | S_IWUSR | S_IWGRP); static void glink_pkt_queue_rx_intent_worker(struct work_struct *work); - +static bool glink_pkt_read_avail(struct glink_pkt_dev *devp); #define DEBUG @@ -228,7 +228,7 @@ void glink_pkt_notify_rx(void *handle, const void *priv, GLINK_PKT_INFO("%s(): priv[%p] data[%p] size[%zu]\n", __func__, pkt_priv, (char *)ptr, size); - pkt = kzalloc(sizeof(struct glink_rx_pkt), GFP_KERNEL); + pkt = kzalloc(sizeof(*pkt), GFP_ATOMIC); if (!pkt) { GLINK_PKT_ERR("%s: memory allocation failed\n", __func__); return; @@ -237,9 +237,9 @@ void glink_pkt_notify_rx(void *handle, const void *priv, pkt->data = ptr; pkt->pkt_priv = pkt_priv; pkt->size = size; - mutex_lock(&devp->pkt_list_lock); + spin_lock_irqsave(&devp->pkt_list_lock, flags); list_add_tail(&pkt->list, &devp->pkt_list); - mutex_unlock(&devp->pkt_list_lock); + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); spin_lock_irqsave(&devp->pa_spinlock, flags); __pm_stay_awake(&devp->pa_ws); @@ -348,6 +348,24 @@ static void glink_pkt_queue_rx_intent_worker(struct work_struct *work) } /** + * glink_pkt_read_avail() - check any pending packets to read + * devp: pointer to G-Link packet device. + * + * This function is used to check any pending data packets are + * available to read or not. + */ +static bool glink_pkt_read_avail(struct glink_pkt_dev *devp) +{ + bool list_is_empty; + unsigned long flags; + + spin_lock_irqsave(&devp->pkt_list_lock, flags); + list_is_empty = list_empty(&devp->pkt_list); + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); + return !list_is_empty; +} + +/** * glink_pkt_read() - read() syscall for the glink_pkt device * file: Pointer to the file structure. * buf: Pointer to the userspace buffer. @@ -384,8 +402,13 @@ ssize_t glink_pkt_read(struct file *file, __func__, devp->i, count); ret = wait_event_interruptible(devp->ch_read_wait_queue, - !devp->handle || - !list_empty(&devp->pkt_list)); + !devp->handle || devp->in_reset || + glink_pkt_read_avail(devp)); + if (devp->in_reset) { + GLINK_PKT_ERR("%s: notifying reset for glink_pkt_dev id:%d\n", + __func__, devp->i); + return -ENETRESET; + } if (!devp->handle) { GLINK_PKT_ERR("%s on a closed glink_pkt_dev id:%d\n", __func__, devp->i); @@ -401,15 +424,16 @@ ssize_t glink_pkt_read(struct file *file, return ret; } + spin_lock_irqsave(&devp->pkt_list_lock, flags); pkt = list_first_entry(&devp->pkt_list, struct glink_rx_pkt, list); - if (pkt->size > count) { GLINK_PKT_ERR("%s: Small Buff on dev Id:%d-[%zu > %zu]\n", __func__, devp->i, pkt->size, count); + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); return -ETOOSMALL; } - list_del(&pkt->list); + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); ret = copy_to_user(buf, pkt->data, pkt->size); BUG_ON(ret != 0); @@ -420,7 +444,7 @@ ssize_t glink_pkt_read(struct file *file, mutex_lock(&devp->ch_lock); spin_lock_irqsave(&devp->pa_spinlock, flags); - if (devp->poll_mode && list_empty(&devp->pkt_list)) { + if (devp->poll_mode && !glink_pkt_read_avail(devp)) { __pm_relax(&devp->pa_ws); devp->ws_locked = 0; devp->poll_mode = 0; @@ -516,7 +540,7 @@ static unsigned int glink_pkt_poll(struct file *file, poll_table *wait) return POLLERR; } - if (!list_empty(&devp->pkt_list)) { + if (glink_pkt_read_avail(devp)) { mask |= POLLIN | POLLRDNORM; GLINK_PKT_INFO("%s sets POLLIN for glink_pkt_dev id: %d\n", __func__, devp->i); @@ -565,6 +589,7 @@ static int glink_pkt_mmap(struct file *file, struct vm_area_struct *vma) struct glink_rx_pkt *pkt = NULL; unsigned long pfn; unsigned long size; + unsigned long flags; void *data = NULL; devp = file->private_data; @@ -579,7 +604,7 @@ static int glink_pkt_mmap(struct file *file, struct vm_area_struct *vma) GLINK_PKT_INFO("%s: on glink_pkt_dev id[%d]\n", __func__, devp->i); - if (list_empty(&devp->pkt_list)) { + if (!glink_pkt_read_avail(devp)) { GLINK_PKT_ERR("%s: No Rx data on id[%d]\n", __func__, devp->i); return -EAGAIN; /* No DATA */ } @@ -591,6 +616,7 @@ static int glink_pkt_mmap(struct file *file, struct vm_area_struct *vma) } info->handle = devp->handle; + spin_lock_irqsave(&devp->pkt_list_lock, flags); pkt = list_first_entry(&devp->pkt_list, struct glink_rx_pkt, list); data = (void *)pkt->data; info->buf = (void *)pkt->data; @@ -598,6 +624,7 @@ static int glink_pkt_mmap(struct file *file, struct vm_area_struct *vma) if ((pkt->size < PAGE_SIZE) && ((unsigned long)data & ~PAGE_MASK)) { data = kzalloc(PAGE_SIZE, GFP_KERNEL); if (!data) { + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); GLINK_PKT_ERR("%s: data Memory allocation failed\n", __func__); return -ENOMEM; @@ -614,11 +641,13 @@ static int glink_pkt_mmap(struct file *file, struct vm_area_struct *vma) vma->vm_ops = &glink_pkt_vm_ops; if (remap_pfn_range(vma, vma->vm_start, pfn, size, vma->vm_page_prot)) { + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); GLINK_PKT_ERR("%s: Remap failed\n", __func__); return -EAGAIN; } list_del(&pkt->list); + spin_unlock_irqrestore(&devp->pkt_list_lock, flags); kfree(pkt); return 0; } @@ -711,8 +740,7 @@ int glink_pkt_open(struct inode *inode, struct file *file) devp->open_cfg.edge, devp->open_cfg.name); ret = -ENODEV; } - wakeup_source_init(&devp->pa_ws, devp->open_cfg.name); - INIT_WORK(&devp->packet_arrival_work, packet_arrival_worker); + wakeup_source_init(&devp->pa_ws, devp->dev_name); } devp->ref_cnt++; mutex_unlock(&devp->ch_lock); @@ -792,7 +820,8 @@ static int glink_pkt_init_add_device(struct glink_pkt_dev *devp, int i) init_waitqueue_head(&devp->ch_read_wait_queue); spin_lock_init(&devp->pa_spinlock); INIT_LIST_HEAD(&devp->pkt_list); - mutex_init(&devp->pkt_list_lock); + spin_lock_init(&devp->pkt_list_lock); + INIT_WORK(&devp->packet_arrival_work, packet_arrival_worker); cdev_init(&devp->cdev, &glink_pkt_fops); devp->cdev.owner = THIS_MODULE; diff --git a/drivers/staging/android/ashmem.c b/drivers/staging/android/ashmem.c index f13aab21da4a..f39983c87c29 100644 --- a/drivers/staging/android/ashmem.c +++ b/drivers/staging/android/ashmem.c @@ -672,10 +672,12 @@ static long ashmem_ioctl(struct file *file, unsigned int cmd, unsigned long arg) break; case ASHMEM_SET_SIZE: ret = -EINVAL; + mutex_lock(&ashmem_mutex); if (!asma->file) { ret = 0; asma->size = (size_t) arg; } + mutex_unlock(&ashmem_mutex); break; case ASHMEM_GET_SIZE: ret = asma->size; diff --git a/mm/migrate.c b/mm/migrate.c index 9fe247a6df4a..f9c473c263ad 100644 --- a/mm/migrate.c +++ b/mm/migrate.c @@ -37,6 +37,7 @@ #include <linux/gfp.h> #include <linux/balloon_compaction.h> #include <trace/events/kmem.h> +#include <linux/ptrace.h> #include <asm/tlbflush.h> @@ -1383,7 +1384,6 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, const int __user *, nodes, int __user *, status, int, flags) { - const struct cred *cred = current_cred(), *tcred; struct task_struct *task; struct mm_struct *mm; int err; @@ -1407,14 +1407,9 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, /* * Check if this process has the right to modify the specified - * process. The right exists if the process has administrative - * capabilities, superuser privileges or the same - * userid as the target process. + * process. Use the regular "ptrace_may_access()" checks. */ - tcred = __task_cred(task); - if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && - !uid_eq(cred->uid, tcred->suid) && !uid_eq(cred->uid, tcred->uid) && - !capable(CAP_SYS_NICE)) { + if (!ptrace_may_access(task, PTRACE_MODE_READ)) { rcu_read_unlock(); err = -EPERM; goto out; |