From: Hauke Mehrtens Date: Mon, 4 Nov 2024 21:12:03 +0000 (+0100) Subject: kernel: bump 5.15 to 5.15.169 X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=e3b120f6826343807eedc39173e5ed1ab2866319;p=openwrt%2Fopenwrt.git kernel: bump 5.15 to 5.15.169 Added patch: generic/backport-5.15/430-v6.3-udf-Allocate-name-buffer-in-directory-iterator-on-he.patch This patch fixes the following compile warning: ``` CC [M] fs/udf/namei.o fs/udf/namei.c: In function 'udf_rename': fs/udf/namei.c:878:1: error: the frame size of 1144 bytes is larger than 1024 bytes [-Werror=frame-larger-than=] 878 | } | ^ cc1: all warnings being treated as errors make[7]: *** [scripts/Makefile.build:289: fs/udf/namei.o] Error 1 ``` Link: https://github.com/openwrt/openwrt/pull/16882 Signed-off-by: Hauke Mehrtens --- diff --git a/include/kernel-5.15 b/include/kernel-5.15 index 6844295833..0812481de6 100644 --- a/include/kernel-5.15 +++ b/include/kernel-5.15 @@ -1,2 +1,2 @@ -LINUX_VERSION-5.15 = .168 -LINUX_KERNEL_HASH-5.15.168 = cfbebbd57456827013b97689aa3cad1fbfbe864dd80b0ecf16bb29990b38e17a +LINUX_VERSION-5.15 = .169 +LINUX_KERNEL_HASH-5.15.169 = e618c6d845fd1bc89477508e8d084bbe791fc88bf7623adee2deb6ecb2275370 diff --git a/target/linux/generic/backport-5.15/430-v6.3-udf-Allocate-name-buffer-in-directory-iterator-on-he.patch b/target/linux/generic/backport-5.15/430-v6.3-udf-Allocate-name-buffer-in-directory-iterator-on-he.patch new file mode 100644 index 0000000000..53b8d85320 --- /dev/null +++ b/target/linux/generic/backport-5.15/430-v6.3-udf-Allocate-name-buffer-in-directory-iterator-on-he.patch @@ -0,0 +1,95 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Tue, 20 Dec 2022 12:38:45 +0100 +Subject: udf: Allocate name buffer in directory iterator on heap + +commit 0aba4860b0d0216a1a300484ff536171894d49d8 upstream. + +Currently we allocate name buffer in directory iterators (struct +udf_fileident_iter) on stack. These structures are relatively large +(some 360 bytes on 64-bit architectures). For udf_rename() which needs +to keep three of these structures in parallel the stack usage becomes +rather heavy - 1536 bytes in total. Allocate the name buffer in the +iterator from heap to avoid excessive stack usage. + +Link: https://lore.kernel.org/all/202212200558.lK9x1KW0-lkp@intel.com +Reported-by: kernel test robot +Signed-off-by: Jan Kara +[Add extra include linux/slab.h] +Signed-off-by: Hauke Mehrtens +--- + fs/udf/directory.c | 24 ++++++++++++++++-------- + fs/udf/udfdecl.h | 2 +- + 2 files changed, 17 insertions(+), 9 deletions(-) + +--- a/fs/udf/directory.c ++++ b/fs/udf/directory.c +@@ -19,6 +19,7 @@ + #include + #include + #include ++#include + + static int udf_verify_fi(struct udf_fileident_iter *iter) + { +@@ -248,9 +249,14 @@ int udf_fiiter_init(struct udf_fileident + iter->elen = 0; + iter->epos.bh = NULL; + iter->name = NULL; ++ iter->namebuf = kmalloc(UDF_NAME_LEN_CS0, GFP_KERNEL); ++ if (!iter->namebuf) ++ return -ENOMEM; + +- if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) +- return udf_copy_fi(iter); ++ if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) { ++ err = udf_copy_fi(iter); ++ goto out; ++ } + + if (inode_bmap(dir, iter->pos >> dir->i_blkbits, &iter->epos, + &iter->eloc, &iter->elen, &iter->loffset) != +@@ -260,17 +266,17 @@ int udf_fiiter_init(struct udf_fileident + udf_err(dir->i_sb, + "position %llu not allocated in directory (ino %lu)\n", + (unsigned long long)pos, dir->i_ino); +- return -EFSCORRUPTED; ++ err = -EFSCORRUPTED; ++ goto out; + } + err = udf_fiiter_load_bhs(iter); + if (err < 0) +- return err; ++ goto out; + err = udf_copy_fi(iter); +- if (err < 0) { ++out: ++ if (err < 0) + udf_fiiter_release(iter); +- return err; +- } +- return 0; ++ return err; + } + + int udf_fiiter_advance(struct udf_fileident_iter *iter) +@@ -307,6 +313,8 @@ void udf_fiiter_release(struct udf_filei + brelse(iter->bh[0]); + brelse(iter->bh[1]); + iter->bh[0] = iter->bh[1] = NULL; ++ kfree(iter->namebuf); ++ iter->namebuf = NULL; + } + + static void udf_copy_to_bufs(void *buf1, int len1, void *buf2, int len2, +--- a/fs/udf/udfdecl.h ++++ b/fs/udf/udfdecl.h +@@ -99,7 +99,7 @@ struct udf_fileident_iter { + struct extent_position epos; /* Position after the above extent */ + struct fileIdentDesc fi; /* Copied directory entry */ + uint8_t *name; /* Pointer to entry name */ +- uint8_t namebuf[UDF_NAME_LEN_CS0]; /* Storage for entry name in case ++ uint8_t *namebuf; /* Storage for entry name in case + * the name is split between two blocks + */ + }; diff --git a/target/linux/generic/backport-5.15/431-v6.3-udf-Avoid-directory-type-conversion-failure-due-to-E.patch b/target/linux/generic/backport-5.15/431-v6.3-udf-Avoid-directory-type-conversion-failure-due-to-E.patch new file mode 100644 index 0000000000..fa360a7ed2 --- /dev/null +++ b/target/linux/generic/backport-5.15/431-v6.3-udf-Avoid-directory-type-conversion-failure-due-to-E.patch @@ -0,0 +1,40 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 9 Feb 2023 10:33:09 +0100 +Subject: udf: Avoid directory type conversion failure due to ENOMEM + +commit df97f64dfa317a5485daf247b6c043a584ef95f9 upstream. + +When converting directory from in-ICB to normal format, the last +iteration through the directory fixing up directory enteries can fail +due to ENOMEM. We do not expect this iteration to fail since the +directory is already verified to be correct and it is difficult to undo +the conversion at this point. So just use GFP_NOFAIL to make sure the +small allocation cannot fail. + +Reported-by: syzbot+111eaa994ff74f8d440f@syzkaller.appspotmail.com +Fixes: 0aba4860b0d0 ("udf: Allocate name buffer in directory iterator on heap") +Signed-off-by: Jan Kara +Signed-off-by: Greg Kroah-Hartman +--- + fs/udf/directory.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +--- a/fs/udf/directory.c ++++ b/fs/udf/directory.c +@@ -249,9 +249,12 @@ int udf_fiiter_init(struct udf_fileident + iter->elen = 0; + iter->epos.bh = NULL; + iter->name = NULL; +- iter->namebuf = kmalloc(UDF_NAME_LEN_CS0, GFP_KERNEL); +- if (!iter->namebuf) +- return -ENOMEM; ++ /* ++ * When directory is verified, we don't expect directory iteration to ++ * fail and it can be difficult to undo without corrupting filesystem. ++ * So just do not allow memory allocation failures here. ++ */ ++ iter->namebuf = kmalloc(UDF_NAME_LEN_CS0, GFP_KERNEL | __GFP_NOFAIL); + + if (iinfo->i_alloc_type == ICBTAG_FLAG_AD_IN_ICB) { + err = udf_copy_fi(iter); diff --git a/target/linux/generic/backport-5.15/821-v5.16-Bluetooth-btusb-Support-public-address-configuration.patch b/target/linux/generic/backport-5.15/821-v5.16-Bluetooth-btusb-Support-public-address-configuration.patch index 7e02c18875..b3574541bf 100644 --- a/target/linux/generic/backport-5.15/821-v5.16-Bluetooth-btusb-Support-public-address-configuration.patch +++ b/target/linux/generic/backport-5.15/821-v5.16-Bluetooth-btusb-Support-public-address-configuration.patch @@ -17,7 +17,7 @@ Signed-off-by: Marcel Holtmann --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c -@@ -2296,6 +2296,23 @@ struct btmtk_section_map { +@@ -2301,6 +2301,23 @@ struct btmtk_section_map { }; } __packed; @@ -41,7 +41,7 @@ Signed-off-by: Marcel Holtmann static void btusb_mtk_wmt_recv(struct urb *urb) { struct hci_dev *hdev = urb->context; -@@ -3950,6 +3967,7 @@ static int btusb_probe(struct usb_interf +@@ -3955,6 +3972,7 @@ static int btusb_probe(struct usb_interf hdev->shutdown = btusb_mtk_shutdown; hdev->manufacturer = 70; hdev->cmd_timeout = btusb_mtk_cmd_timeout; diff --git a/target/linux/generic/backport-5.15/822-v5.17-Bluetooth-btusb-Fix-application-of-sizeof-to-pointer.patch b/target/linux/generic/backport-5.15/822-v5.17-Bluetooth-btusb-Fix-application-of-sizeof-to-pointer.patch index c043e88535..64d9c030f7 100644 --- a/target/linux/generic/backport-5.15/822-v5.17-Bluetooth-btusb-Fix-application-of-sizeof-to-pointer.patch +++ b/target/linux/generic/backport-5.15/822-v5.17-Bluetooth-btusb-Fix-application-of-sizeof-to-pointer.patch @@ -18,7 +18,7 @@ Signed-off-by: Marcel Holtmann --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c -@@ -2301,7 +2301,7 @@ static int btusb_set_bdaddr_mtk(struct h +@@ -2306,7 +2306,7 @@ static int btusb_set_bdaddr_mtk(struct h struct sk_buff *skb; long ret; diff --git a/target/linux/generic/hack-5.15/780-usb-net-MeigLink_modem_support.patch b/target/linux/generic/hack-5.15/780-usb-net-MeigLink_modem_support.patch index e185750911..7a439ce221 100644 --- a/target/linux/generic/hack-5.15/780-usb-net-MeigLink_modem_support.patch +++ b/target/linux/generic/hack-5.15/780-usb-net-MeigLink_modem_support.patch @@ -43,7 +43,7 @@ Subject: [PATCH] net/usb/qmi_wwan: add MeigLink modem support #define QUECTEL_VENDOR_ID 0x2c7c /* These Quectel products use Quectel's vendor ID */ -@@ -1158,6 +1163,11 @@ static const struct usb_device_id option +@@ -1159,6 +1164,11 @@ static const struct usb_device_id option { USB_DEVICE(QUALCOMM_VENDOR_ID, 0x0023)}, /* ONYX 3G device */ { USB_DEVICE(QUALCOMM_VENDOR_ID, 0x9000), /* SIMCom SIM5218 */ .driver_info = NCTRL(0) | NCTRL(1) | NCTRL(2) | NCTRL(3) | RSVD(4) }, @@ -55,7 +55,7 @@ Subject: [PATCH] net/usb/qmi_wwan: add MeigLink modem support /* Quectel products using Qualcomm vendor ID */ { USB_DEVICE(QUALCOMM_VENDOR_ID, QUECTEL_PRODUCT_UC15)}, { USB_DEVICE(QUALCOMM_VENDOR_ID, QUECTEL_PRODUCT_UC20), -@@ -1199,6 +1209,11 @@ static const struct usb_device_id option +@@ -1200,6 +1210,11 @@ static const struct usb_device_id option .driver_info = ZLP }, { USB_DEVICE(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_BG96), .driver_info = RSVD(4) },