!355 [sync] PR-347: Backport CVEs and fs bugfixes (83934cde) · Commits · EulixOS / Software / Kernel

drivers/usb/core/hub.c

+10 −0

Original line number	Diff line number	Diff line
		@@ -5967,6 +5967,11 @@ static int usb_reset_and_verify_device(struct usb_device *udev)
		* the reset is over (using their post_reset method).
		*
		* Return: The same as for usb_reset_and_verify_device().
		* However, if a reset is already in progress (for instance, if a
		* driver doesn't have pre_reset() or post_reset() callbacks, and while
		* being unbound or re-bound during the ongoing reset its disconnect()
		* or probe() routine tries to perform a second, nested reset), the
		* routine returns -EINPROGRESS.
		*
		* Note:
		* The caller must own the device lock. For example, it's safe to use
		@@ -6000,6 +6005,10 @@ int usb_reset_device(struct usb_device *udev)
		return -EISDIR;
		}

		if (udev->reset_in_progress)
		return -EINPROGRESS;
		udev->reset_in_progress = 1;

		port_dev = hub->ports[udev->portnum - 1];

		/*
		@@ -6064,6 +6073,7 @@ int usb_reset_device(struct usb_device *udev)

		usb_autosuspend_device(udev);
		memalloc_noio_restore(noio_flag);
		udev->reset_in_progress = 0;
		return ret;
		}
		EXPORT_SYMBOL_GPL(usb_reset_device);

+2 −2

Original line number	Diff line number	Diff line
		@@ -1440,8 +1440,6 @@ static void ext4_update_super(struct super_block *sb,
		* active. */
		ext4_r_blocks_count_set(es, ext4_r_blocks_count(es) +
		reserved_blocks);
		ext4_superblock_csum_set(sb);
		unlock_buffer(sbi->s_sbh);

		/* Update the free space counts */
		percpu_counter_add(&sbi->s_freeclusters_counter,
		@@ -1469,6 +1467,8 @@ static void ext4_update_super(struct super_block *sb,
		ext4_calculate_overhead(sb);
		es->s_overhead_clusters = cpu_to_le32(sbi->s_overhead);

		ext4_superblock_csum_set(sb);
		unlock_buffer(sbi->s_sbh);
		if (test_opt(sb, DEBUG))
		printk(KERN_DEBUG "EXT4-fs: added group %u:"
		"%llu blocks(%llu free %llu reserved)\n", flex_gd->count,

+1 −2

Original line number	Diff line number	Diff line
		@@ -9076,7 +9076,7 @@ static int io_sqpoll_wait_sq(struct io_ring_ctx *ctx)

		if (unlikely(ctx->sqo_dead)) {
		ret = -EOWNERDEAD;
		goto out;
		break;
		}

		if (!io_sqring_full(ctx))
		@@ -9086,7 +9086,6 @@ static int io_sqpoll_wait_sq(struct io_ring_ctx *ctx)
		} while (!signal_pending(current));

		finish_wait(&ctx->sqo_sq_wait, &wait);
		out:
		return ret;
		}

+3 −5

Original line number	Diff line number	Diff line
		@@ -158,6 +158,7 @@ xfs_attr3_node_inactive(
		}
		child_fsb = be32_to_cpu(ichdr.btree[0].before);
		xfs_trans_brelse(trans, bp); / no locks for later trans */
		bp = NULL;

		/*
		* If this is the node level just above the leaves, simply loop
		@@ -211,12 +212,8 @@ xfs_attr3_node_inactive(
		&child_bp);
		if (error)
		return error;
		error = bp->b_error;
		if (error) {
		xfs_trans_brelse(*trans, child_bp);
		return error;
		}
		xfs_trans_binval(*trans, child_bp);
		child_bp = NULL;

		/*
		* If we're not done, re-read the parent to get the next
		@@ -233,6 +230,7 @@ xfs_attr3_node_inactive(
		bp->b_addr);
		child_fsb = be32_to_cpu(phdr.btree[i + 1].before);
		xfs_trans_brelse(*trans, bp);
		bp = NULL;
		}
		/*
		* Atomically commit the whole invalidate stuff.

+2 −0

Original line number	Diff line number	Diff line
		@@ -580,6 +580,7 @@ struct usb3_lpm_parameters {
		* @devaddr: device address, XHCI: assigned by HW, others: same as devnum
		* @can_submit: URBs may be submitted
		* @persist_enabled: USB_PERSIST enabled for this device
		* @reset_in_progress: the device is being reset
		* @have_langid: whether string_langid is valid
		* @authorized: policy has said we can use it;
		* (user space) policy determines if we authorize this device to be
		@@ -665,6 +666,7 @@ struct usb_device {

		unsigned can_submit:1;
		unsigned persist_enabled:1;
		unsigned reset_in_progress:1;
		unsigned have_langid:1;
		unsigned authorized:1;
		unsigned authenticated:1;