From 06c1ff6141c23b7e9550fc2b448552d1364dc811 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Wed, 18 Dec 2019 17:37:59 +1100 Subject: drivers/block/null_blk_main.c: fix layout Each line here overflows 80 cols by exactly one character. Delete one tab per line to fix. Cc: Shaohua Li Cc: Jens Axboe Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell --- drivers/block/null_blk_main.c | 56 +++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/drivers/block/null_blk_main.c b/drivers/block/null_blk_main.c index ae8d4bc532b0..9ce75f171f8b 100644 --- a/drivers/block/null_blk_main.c +++ b/drivers/block/null_blk_main.c @@ -263,34 +263,34 @@ static ssize_t nullb_device_bool_attr_store(bool *val, const char *page, } /* The following macro should only be used with TYPE = {uint, ulong, bool}. */ -#define NULLB_DEVICE_ATTR(NAME, TYPE, APPLY) \ -static ssize_t \ -nullb_device_##NAME##_show(struct config_item *item, char *page) \ -{ \ - return nullb_device_##TYPE##_attr_show( \ - to_nullb_device(item)->NAME, page); \ -} \ -static ssize_t \ -nullb_device_##NAME##_store(struct config_item *item, const char *page, \ - size_t count) \ -{ \ - int (*apply_fn)(struct nullb_device *dev, TYPE new_value) = APPLY; \ - struct nullb_device *dev = to_nullb_device(item); \ - TYPE new_value; \ - int ret; \ - \ - ret = nullb_device_##TYPE##_attr_store(&new_value, page, count); \ - if (ret < 0) \ - return ret; \ - if (apply_fn) \ - ret = apply_fn(dev, new_value); \ - else if (test_bit(NULLB_DEV_FL_CONFIGURED, &dev->flags)) \ - ret = -EBUSY; \ - if (ret < 0) \ - return ret; \ - dev->NAME = new_value; \ - return count; \ -} \ +#define NULLB_DEVICE_ATTR(NAME, TYPE, APPLY) \ +static ssize_t \ +nullb_device_##NAME##_show(struct config_item *item, char *page) \ +{ \ + return nullb_device_##TYPE##_attr_show( \ + to_nullb_device(item)->NAME, page); \ +} \ +static ssize_t \ +nullb_device_##NAME##_store(struct config_item *item, const char *page, \ + size_t count) \ +{ \ + int (*apply_fn)(struct nullb_device *dev, TYPE new_value) = APPLY;\ + struct nullb_device *dev = to_nullb_device(item); \ + TYPE new_value; \ + int ret; \ + \ + ret = nullb_device_##TYPE##_attr_store(&new_value, page, count);\ + if (ret < 0) \ + return ret; \ + if (apply_fn) \ + ret = apply_fn(dev, new_value); \ + else if (test_bit(NULLB_DEV_FL_CONFIGURED, &dev->flags)) \ + ret = -EBUSY; \ + if (ret < 0) \ + return ret; \ + dev->NAME = new_value; \ + return count; \ +} \ CONFIGFS_ATTR(nullb_device_, NAME); static int nullb_apply_submit_queues(struct nullb_device *dev, -- cgit v1.2.3 From ecf250f339cd397b69d367f51d1d9b3487ba481f Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Wed, 18 Dec 2019 17:37:59 +1100 Subject: drivers/block/null_blk_main.c: fix uninitialized var warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit With gcc-7.2, many instances of drivers/block/null_blk_main.c: In function ‘nullb_device_zone_nr_conv_store’: drivers/block/null_blk_main.c:291:12: warning: ‘new_value’ may be used uninitialized in this function [-Wmaybe-uninitialized] dev->NAME = new_value; \ ^ drivers/block/null_blk_main.c:279:7: note: ‘new_value’ was declared here TYPE new_value; \ ^ Presumably notabug, so use uninitialized_var() to suppress them. Cc: Shaohua Li Cc: Jens Axboe Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell --- drivers/block/null_blk_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/block/null_blk_main.c b/drivers/block/null_blk_main.c index 9ce75f171f8b..16510795e377 100644 --- a/drivers/block/null_blk_main.c +++ b/drivers/block/null_blk_main.c @@ -276,7 +276,7 @@ nullb_device_##NAME##_store(struct config_item *item, const char *page, \ { \ int (*apply_fn)(struct nullb_device *dev, TYPE new_value) = APPLY;\ struct nullb_device *dev = to_nullb_device(item); \ - TYPE new_value; \ + TYPE uninitialized_var(new_value); \ int ret; \ \ ret = nullb_device_##TYPE##_attr_store(&new_value, page, count);\ -- cgit v1.2.3 From 5f2e2476ea5219fc97194294687191258c4b6771 Mon Sep 17 00:00:00 2001 From: Randy Dunlap Date: Wed, 18 Dec 2019 17:38:00 +1100 Subject: pinctrl: fix pxa2xx.c build warnings Add #include of to fix build warnings in pinctrl-pxa2xx.c. Fixes these warnings: In file included from ../drivers/pinctrl/pxa/pinctrl-pxa2xx.c:24:0: ../drivers/pinctrl/pxa/../pinctrl-utils.h:36:8: warning: `enum pinctrl_map_type' declared inside parameter list [enabled by default] enum pinctrl_map_type type); ^ ../drivers/pinctrl/pxa/../pinctrl-utils.h:36:8: warning: its scope is only this definition or declaration, which is probably not what you want [enabled by default] Link: http://lkml.kernel.org/r/0024542e-cba9-8f13-6c18-32d0050a6007@infradead.org Signed-off-by: Randy Dunlap Cc: Robert Jarzmik Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell --- drivers/pinctrl/pxa/pinctrl-pxa2xx.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/pinctrl/pxa/pinctrl-pxa2xx.c b/drivers/pinctrl/pxa/pinctrl-pxa2xx.c index 21c370dbbfba..bddf2c5dd3bf 100644 --- a/drivers/pinctrl/pxa/pinctrl-pxa2xx.c +++ b/drivers/pinctrl/pxa/pinctrl-pxa2xx.c @@ -10,6 +10,7 @@ #include #include #include +#include #include #include #include -- cgit v1.2.3 From 0353f9a87970703388293bf3b982a6bd604ce876 Mon Sep 17 00:00:00 2001 From: Florian Westphal Date: Wed, 18 Dec 2019 17:38:00 +1100 Subject: mm: remove __krealloc Since 5.5-rc1 the last user of this function is gone, so remove the functionality. See commit 2ad9d7747c10 ("netfilter: conntrack: free extension area immediately") for details. Link: http://lkml.kernel.org/r/20191212223442.22141-1-fw@strlen.de Signed-off-by: Florian Westphal Acked-by: Andrew Morton Cc: Christoph Lameter Cc: Pekka Enberg Cc: David Rientjes Cc: Joonsoo Kim Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell --- include/linux/slab.h | 1 - mm/slab_common.c | 22 ---------------------- scripts/coccinelle/free/devm_free.cocci | 4 ---- 3 files changed, 27 deletions(-) diff --git a/include/linux/slab.h b/include/linux/slab.h index 877a95c6a2d2..03a389358562 100644 --- a/include/linux/slab.h +++ b/include/linux/slab.h @@ -184,7 +184,6 @@ void memcg_deactivate_kmem_caches(struct mem_cgroup *, struct mem_cgroup *); /* * Common kmalloc functions provided by all allocators */ -void * __must_check __krealloc(const void *, size_t, gfp_t); void * __must_check krealloc(const void *, size_t, gfp_t); void kfree(const void *); void kzfree(const void *); diff --git a/mm/slab_common.c b/mm/slab_common.c index f0ab6d4ceb4c..87e8923cf0b6 100644 --- a/mm/slab_common.c +++ b/mm/slab_common.c @@ -1675,28 +1675,6 @@ static __always_inline void *__do_krealloc(const void *p, size_t new_size, return ret; } -/** - * __krealloc - like krealloc() but don't free @p. - * @p: object to reallocate memory for. - * @new_size: how many bytes of memory are required. - * @flags: the type of memory to allocate. - * - * This function is like krealloc() except it never frees the originally - * allocated buffer. Use this if you don't want to free the buffer immediately - * like, for example, with RCU. - * - * Return: pointer to the allocated memory or %NULL in case of error - */ -void *__krealloc(const void *p, size_t new_size, gfp_t flags) -{ - if (unlikely(!new_size)) - return ZERO_SIZE_PTR; - - return __do_krealloc(p, new_size, flags); - -} -EXPORT_SYMBOL(__krealloc); - /** * krealloc - reallocate memory. The contents will remain unchanged. * @p: object to reallocate memory for. diff --git a/scripts/coccinelle/free/devm_free.cocci b/scripts/coccinelle/free/devm_free.cocci index 9330d4294b74..3357bf4dbd7c 100644 --- a/scripts/coccinelle/free/devm_free.cocci +++ b/scripts/coccinelle/free/devm_free.cocci @@ -90,8 +90,6 @@ position p; kfree@p(x) | kzfree@p(x) -| - __krealloc@p(x, ...) | krealloc@p(x, ...) | @@ -116,8 +114,6 @@ position p != safe.p; | * kzfree@p(x) | -* __krealloc@p(x, ...) -| * krealloc@p(x, ...) | * free_pages@p(x, ...) -- cgit v1.2.3 From 8e534322a759cd7a6f590defccac34665b782400 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Wed, 18 Dec 2019 17:38:00 +1100 Subject: drivers/tty/serial/sh-sci.c: suppress warning drivers/tty/serial/sh-sci.c: In function sci_dma_rx_submit: ./include/linux/spinlock.h:288:3: warning: flags may be used uninitialized in this function [-Wmaybe-uninitialized] _raw_spin_unlock_irqrestore(lock, flags); \ ^~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/tty/serial/sh-sci.c:1353:16: note: flags was declared here unsigned long flags; Cc: Greg Kroah-Hartman Cc: Jiri Slaby Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell --- drivers/tty/serial/sh-sci.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tty/serial/sh-sci.c b/drivers/tty/serial/sh-sci.c index 87ca6294de0e..c0147dc8a18b 100644 --- a/drivers/tty/serial/sh-sci.c +++ b/drivers/tty/serial/sh-sci.c @@ -1349,7 +1349,7 @@ static int sci_dma_rx_submit(struct sci_port *s, bool port_lock_held) { struct dma_chan *chan = s->chan_rx; struct uart_port *port = &s->port; - unsigned long flags; + unsigned long uninitialized_var(flags); int i; for (i = 0; i < 2; i++) { -- cgit v1.2.3 From b2debeec902e9cd02a2ad9de1d6e000d5853cc39 Mon Sep 17 00:00:00 2001 From: Andi Kleen Date: Wed, 18 Dec 2019 17:38:00 +1100 Subject: drivers/media/platform/sti/delta/delta-ipc.c: fix read buffer overflow The single caller passes a string to delta_ipc_open, which copies with a fixed size larger than the string. So it copies some random data after the original string the ro segment. If the string was at the end of a page it may fault. Just copy the string with a normal strcpy after clearing the field. Found by a LTO build (which errors out) because the compiler inlines the functions and can resolve the string sizes and triggers the compile time checks in memcpy. In function `memcpy', inlined from `delta_ipc_open.constprop' at linux/drivers/media/platform/sti/delta/delta-ipc.c:178:0, inlined from `delta_mjpeg_ipc_open' at linux/drivers/media/platform/sti/delta/delta-mjpeg-dec.c:227:0, inlined from `delta_mjpeg_decode' at linux/drivers/media/platform/sti/delta/delta-mjpeg-dec.c:403:0: /home/andi/lsrc/linux/include/linux/string.h:337:0: error: call to `__read_overflow2' declared with attribute error: detected read beyond size of object passed as 2nd parameter __read_overflow2(); Link: http://lkml.kernel.org/r/20171222001212.1850-1-andi@firstfloor.org Signed-off-by: Andi Kleen Cc: Hugues FRUCHET Signed-off-by: Andrew Morton Signed-off-by: Stephen Rothwell --- drivers/media/platform/sti/delta/delta-ipc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/media/platform/sti/delta/delta-ipc.c b/drivers/media/platform/sti/delta/delta-ipc.c index 186d88f02ecd..371429d81ea1 100644 --- a/drivers/media/platform/sti/delta/delta-ipc.c +++ b/drivers/media/platform/sti/delta/delta-ipc.c @@ -175,8 +175,8 @@ int delta_ipc_open(struct delta_ctx *pctx, const char *name, msg.ipc_buf_size = ipc_buf_size; msg.ipc_buf_paddr = ctx->ipc_buf->paddr; - memcpy(msg.name, name, sizeof(msg.name)); - msg.name[sizeof(msg.name) - 1] = 0; + memset(msg.name, 0, sizeof(msg.name)); + strcpy(msg.name, name); msg.param_size = param->size; memcpy(ctx->ipc_buf->vaddr, param->data, msg.param_size); -- cgit v1.2.3