xfs_attr3_leaf_create may have errored out before instantiating a buffer,
for example if the blkno is out of range. In that case there is no work
to do to remove it, and in fact xfs_da_shrink_inode will lead to an oops
if we try.
This also seems to fix a flaw where the original error from
xfs_attr3_leaf_create gets overwritten in the cleanup case, and it
removes a pointless assignment to bp which isn't used after this.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199969
Reported-by: Xu, Wen <email address hidden>
Tested-by: Xu, Wen <email address hidden>
Signed-off-by: Eric Sandeen <email address hidden>
Reviewed-by: Darrick J. Wong <email address hidden>
Signed-off-by: Darrick J. Wong <email address hidden>
(cherry picked from commit bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a)
Signed-off-by: Po-Hsu Lin <email address hidden>
Acked-by: Colin Ian King <email address hidden>
Acked-by: Aaron Ma <email address hidden>
Signed-off-by: Khalid Elmously <email address hidden>
ff94303...
by
Linus Torvalds <email address hidden>
sgid directories have special semantics, making newly created files in
the directory belong to the group of the directory, and newly created
subdirectories will also become sgid. This is historically used for
group-shared directories.
But group directories writable by non-group members should not imply
that such non-group members can magically join the group, so make sure
to clear the sgid bit on non-directories for non-members (but remember
that sgid without group execute means "mandatory locking", just to
confuse things even more).
The Ubuntu kernel source code depends on the presence of the
retpoline-extract-one file in the script directory during build (see
scripts/Makefile.build::cmd_ubuntu_retpoline) - such a file lives in the debian
directory and is copied to scripts during the 'debian/rules clean' phase.
Snapcraft is oblivious to the debian details, and the clean target is never
invoked, breaking the normal kernel build (make defconfig; make ...).
To workaround that, before starting the build, make snapcraft do the copy and
fix the build.
Signed-off-by: Paolo Pisati <email address hidden>
Acked-by: Kleber Souza <email address hidden>
Acked-by: Colin Ian King <email address hidden>
Signed-off-by: Khalid Elmously <email address hidden>
While running regressions, observed below kernel panic when sdio disconnect
called. The root cause of this issue is, kthread_stop() is taking care of
wait_for_completion() by default. Hence, removing wait_for_completion()
from rsi_disconnect().
In the vmx AES init routines we do a printk(KERN_INFO ...) to report
the fallback implementation we're using.
However with a slow console this can significantly affect the speed of
crypto operations. Using 'cryptsetup benchmark' the removal of the
printk() leads to a ~5x speedup for aes-cbc decryption.
The functions that were used in the emulation of fxrstor, fxsave, sgdt and
sidt were originally meant for task switching, and as such they did not
check privilege levels. This is very bad when the same functions are used
in the emulation of unprivileged instructions. This is CVE-2018-10853.
The obvious fix is to add a new argument to ops->read_std and ops->write_std,
which decides whether the access is a "system" access or should use the
processor's CPL.
The balloon.page field is used for two different purposes if batching is
on or off. If batching is on, the field point to the page which is used
to communicate with with the hypervisor. If it is off, balloon.page
points to the page that is about to be (un)locked.
Unfortunately, this dual-purpose of the field introduced a bug: when the
balloon is popped (e.g., when the machine is reset or the balloon driver
is explicitly removed), the balloon driver frees, unconditionally, the
page that is held in balloon.page. As a result, if batching is
disabled, this leads to double freeing the last page that is sent to the
hypervisor.
The following error occurs during rmmod when kernel checkers are on, and
the balloon is not empty:
The best granularity of residue that DMA engine can report is in the BURST
units, so the serial driver must use MAXBURST = 1 and DMA_SLAVE_BUSWIDTH_1_BYTE
if it relies on exact number of bytes transferred by DMA engine.
