| Age | Commit message (Collapse) | Author |
|---|
|
3788121, 3789993] into oc-m2-release
Change-Id: I37c9cd7932677faa96c9d1cd87a4ec7fdca99bf8
|
|
514a3ff91 Merge branch 'android-msm-marlin-3.18-oc-mr1-security-next' into android-msm-marlin-3.18-oc-mr1
89a5d5ff5 qcacld-2.0: Fix potential buffer overwrite in wma_vdev_start_rsp_ind
744280f66 qseecom: fix an app unloading issue when the app is blocked
6707da563 qcacld-2.0: Avoid possible stack overflow in hdd_ProcessGENIE API
3d8b040ba qcacld-2.0: Fix potential buffer overflow for TX_COMPL_IND
59dda3ccf qcacld-2.0: Fix Out-of-bound access in sapInterferenceRssiCount
2ad17edb1 qcacld-2.0: Dump the txrx stat req if the queue is not empty
5f4961679 qcacld-2.0: Fix memory leak for txrx_fw_stats cmd
9d26f2f8f qcacld-2.0: Avoid buffer overflow
554caeb91 wil6210: missing length check in wmi_set_ie
0332bfa56 drivers: qdsp6v2: Add mutex unlock to properly release lock
2298319f6 msm: msm_bus: Add mutex lock for floor vote data
d130d079b qcacld-2.0: Fix buffer overwrite due to ssid_len in WMA handlers
5332f0060 loop: fix concurrent lo_open/lo_release
b45b65539 msm: mdss: adjust mdss_mdp_get_plane_sizes parameters init order
1f11025e6 msm: ipa: Fix to unsigned integer underflow
c1024fa00 qcacld-2.0: Fix potential buffer overwrite
a374bae16 Input: gtco - fix potential out-of-bound access
d71355703 msm: sensor: actuator: fix out of bound read for region params
2eb4b77b8 msm: sensor: actuator: add null pointer check for i2c array
bba8b0f4d msm: sensor: actuator: avoid accessing out of bound memory
bfefdf062 msm: mdss: fix check for igc read
ca6df2654 qcacld-2.0: Add mutex lock for proc handlers
4ee28a472 qcacld-2.0: Race condition while using pkt log buffer
d06f00b04 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
Linux version 3.18.70-g514a3ff917ea (android-
build@wprn12.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Mar 15 22:25:14
UTC 2018
Bug: 35470735
Bug: 37282867
Bug: 65122765
Bug: 69916367
Bug: 70237689
Bug: 70242505
Bug: 71501679
Bug: 72867809
Bug: 72956801
Bug: 72956941
Bug: 72957040
Bug: 72957178
Bug: 72957234
Bug: 72957257
Bug: 72957337
Bug: 72957505
Bug: 72957507
Bug: 72957611
Bug: 72957725
Bug: 74402918
Bug: 74612426
Test: Built and flashed boot.img. Device booted up successfully.
Change-Id: Idb16b6feae6dd9e5dbe439456574a2bef9e1c5db
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Siyuan Zhou <siyuanzhou@google.com>
(cherry picked from commit 2ba1629551e16ddc704ad2f260f40197c499013a)
|
|
3744041, 3744042, 3744043, 3744023, 3744024, 3744025, 3744002, 3744003, 3744081, 3744082, 3744083, 3744084, 3744101] into oc-m2-release
Change-Id: Ic4087ce99ed57f3e7b88c64c025e94b23589a9b9
|
|
abd44345f Merge android-msm-marlin-3.18-oc-mr1-security-next into android-msm-marlin-3.18-oc-mr1
2642c1fd8 msm: ipa3: add lock for num_q6_rule
82870752a nl80211: Define policy for packet pattern attributes
2c8eb8657 msm: ipa: add null terminator
356c2a87c netlink: Add netns check on taps
ae6e9bb3b qcacld-2.0: Add sanity check for vdev_id in wma_wow_wakeup_host_event
7722ced8f qcacld-2.0: Add sanity check for vdev id to prevent OOB access
fbd5ba719 qcacld-2.0: Calculate buf_len properly for extscan hotlist event buffer
3516a8ac3 qcacld-2.0: Validate packet length, before processing PTT commands
f38a1dd23 BACKPORT: USB: core: harden cdc_parse_cdc_header
a2c467d4d PCI: Fix race condition with driver_override
5783091be UPSTREAM: KEYS: encrypted: fix buffer overread in valid_master_desc()
08dc08be1 BACKPORT:net: ipv4: fix for a race condition in raw_sendmsg
295e19dcd diag: dci: Add validity check for dci client's process descriptor
8c981c76b qcacld-2.0: Fix buffer overread in wma_extscan_hotlist_match_event_handler
150ceb50a qcacld-2.0: Fix Integer overflow in wma_tbttoffset_update_event_handler()
cc1c67e53 qcacld-2.0: Fix buffer overwrite in wma_extscan_rsp_handler
f5027a96e qcacld-2.0: Fix buffer overwrite in wma_sap_ofl_add_sta_handler
31d3768f4 qcacld-2.0: Check for valid vdev ID in SWBA event handler
0b63e938e ASoC: apr: Add validity check to APR port
295b7b706 msm: ipa: Fix the handling of default IPA header
29e6ab086 qcacld-2.0: Fix buffer overrun in function ProcSetReqInternal
c32e93629 qcacld-2.0: Fix potential buffer overflow in htt_t2h_lp_msg_handler
eccdffc2b qcacld-2.0: Fix potential buffer overflow in ol_rx_flush_handler
4fea5f5a9 qcacld-2.0: Fix potential buffer overflow in process_tx_info
Linux version 3.18.70-gabd44345f20f (android-
build@wpra10.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Mar 14 20:59:04
UTC 2018
Bug: 33967002
Bug: 64403015
Bug: 65853393
Bug: 68992477
Bug: 69052594
Bug: 69128924
Bug: 70526974
Bug: 70980949
Bug: 71500434
Bug: 71501666
Bug: 71501686
Bug: 71501687
Bug: 71501691
Bug: 71501692
Bug: 71501694
Bug: 71501695
Bug: 72956842
Bug: 72956920
Bug: 72956997
Bug: 72957136
Bug: 72957177
Bug: 72957235
Bug: 72957269
Bug: 73498666
Change-Id: Ia0e3a6251b25999f66b099c5a820187741f99b2e
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Siyuan Zhou <siyuanzhou@google.com>
(cherry picked from commit a29f9843f393bf7b422a7352701e576a83cee1c8)
|
|
Change-Id: I359013585b0b6bfcd858b7e6e20a81b25da1604c
|
|
3594035, 3592471] into oc-mr1-release
Change-Id: Id10da8ecc6f8db7c0ddf6f4e1e3e6bbbd40b1fc7
|
|
0b570a88eb70 msm: vidc: Increase minimum input buffer count for VP9 decode
Linux version 3.18.70-g0b570a8 (android-build@abfarm390) (gcc version
4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Feb
7 22:00:03 UTC 2018
Bug: 65175134
Test: Boot, validate VP9 video playback
Change-Id: Iab7adea2a38d5d1781aedf0568579c7ac782c07f
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Ed Tam <etam@google.com>
(cherry picked from commit c77dfb6305753dca205031aeb5414f3a8413bfde)
|
|
3478654, 3478655, 3478656, 3479494, 3479495, 3478933, 3478934, 3479496, 3479497, 3479498, 3478160, 3478161, 3478162, 3478876, 3478877, 3478878, 3478241, 3478163, 3478164, 3478165, 3478166, 3478167, 3478168, 3478169, 3479990, 3479991, 3479992, 3480010, 3480011, 3480012] into oc-m2-release
Change-Id: I101f009f4d7be5f76cca447bdcdaa946e300cd25
|
|
marlin: update kernel prebuilt [ DO NOT MERGE ]
0de871268 Merge branch 'android-msm-marlin-3.18-oc-mr1-security-next' into android-msm-marlin-3.18-oc-mr1
1d9eca18d arm64: mm: update uaccess_disable_no_uao hack in __dma_flush_range
0d5ff39d4 FROMLIST: arm64: kpti: Fix the interaction between ASID switching and software PAN
8a8720ef3 FROMLIST: arm64: Move post_ttbr_update_workaround to C code
290ebe326 Merge branch 'android-msm-marlin-3.18-oc-mr1-security-next' into android-msm-marlin-3.18-oc-mr1
e9ce9f4e8 arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
1fcc115d9 arm64: use RET instruction for exiting the trampoline
8be32643e arm64: kaslr: Put kernel vectors address in separate data page
e28406c3a arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
c140818af arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
b9bb63aae arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
d9bd1fec8 arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
a9e7f2197 arm64: entry: Hook up entry trampoline to exception vectors
602e3e426 arm64: entry: Explicitly pass exception level to kernel_ventry macro
59684a875 arm64: mm: Map entry trampoline into trampoline and kernel page tables
e58257fdc arm64: entry: Add exception trampoline page for exceptions from EL0
c24bcee0e arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
e88e2725e arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
b964be925 arm64: mm: Allocate ASIDs in pairs
3b97df6e1 arm64: mm: update uaccess_ttbr0_enable hack in __dma_flush_range
684c01f21 arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
7b12761b4 arm64: mm: Move ASID from TTBR0 to TTBR1
a43e3fa99 arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
3b55471bf arm64: mm: Use non-global mappings for kernel space
4bc9e7309 arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
531e13c2e UPSTREAM: arm64: introduce mov_q macro to move a constant into a 64-bit register
506850f49 UPSTREAM: arm64: tlbflush.h: add __tlbi() macro
76aa656e1 UPSTREAM: arm64: factor out entry stack manipulation
50f16b403 ANDROID: arm64: fix potential __cpu_suspend() bug in PAN backport
915435e64 UPSTREAM: arm64: mm: keep reserved ASIDs in sync with mm after multiple rollovers
3ad2381e5 UPSTREAM: arm64: Disable PAN on uaccess_enable()
b827adbb0 UPSTREAM: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN
601aa3159 UPSTREAM: arm64: xen: Enable user access before a privcmd hvc call
3f0fb6adb UPSTREAM: arm64: Handle faults caused by inadvertent user access with PAN enabled
dc6ff5517 BACKPORT: arm64: Disable TTBR0_EL1 during normal kernel execution
0e750b6d3 BACKPORT: arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1
528da019c BACKPORT: arm64: Factor out PAN enabling/disabling into separate uaccess_* macros
e36684ba2 UPSTREAM: arm64: alternative: add auto-nop infrastructure
995f2efbe BACKPORT: arm64: barriers: introduce nops and __nops macros for NOP sequences
d86025f05 Revert "FROMLIST: arm64: Factor out PAN enabling/disabling into separate uaccess_* macros"
0aada4f20 Revert "FROMLIST: arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1"
0eaaabd1c Revert "FROMLIST: arm64: Disable TTBR0_EL1 during normal kernel execution"
a6cd1cc67 Revert "FROMLIST: arm64: Handle faults caused by inadvertent user access with PAN enabled"
d5c2e393c Revert "FROMLIST: arm64: xen: Enable user access before a privcmd hvc call"
9bea83fbc Revert "FROMLIST: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN"
803b7e8e6 qcacld-2.0: Add sanity check to limit mgmt frames data len
4fbde1baa msm:ipa: Fix to incorrect structure access
a2de545c9 msm: sensor: flash: add conditional check for ioctl
91bd7d2c3 qcacld-2.0: Avoid OEM message overread
4ccea2ee5 ASoC: msm: qdsp6v2: Set freed pointers to NULL
5544e6d61 diag: Add protection while de-initializing clients
bc2b7c8ae qcacld-2.0: Fix out-of-bounds access in limProcessActionFrameNoSession
870fac6d4 qcacld-2.0: Check for upper bound in P2P NOA event
65ffdb283 qcacld-2.0: Check for the max number of P2P NOA descriptors
60889e1ee qcacld-2.0: Check for valid vdev ID in wma_nlo_match_evt_handler
0c35c1657 qcacld-2.0: Avoid possible buffer overwrite in wma_process_utf_event
f2f1e8dba UPSTREAM: ALSA: usb-audio: Kill stray URB at exiting
c1731f51c UPSTREAM: ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
e7ea56e84 USB: uas: fix bug in handling of alternate settings
fd727e05b UPSTREAM: USB: fix out-of-bounds in usb_set_configuration
36c682771 UPSTREAM: HID: usbhid: fix out-of-bounds bug
4eb3df594 power: qcom: msm-core: Add mutex lock for ioctl
4113d85a8 qcacld-2.0: Fix int overflow in wma_unified_link_peer_stats_event_handler
db1b40139 qcacld-2.0: Check vdev_id against wma->max_bssid
67ee561a4 diag: Add mutex protection while reading dci debug statistics
f95293354 qcacld-2.0: Fix Integer overflow with latest framesc_linux tool
c6cec8540 qcacld-2.0: Avoid integer overflow in lim_update_ibss_prop_add_ies
b8f30f1e5 qcacld-2.0: Fix the size of array ch_list in sme_set_plm_request
674349727 qcacld-2.0: Add sanity check to avoid overflow in WMI event data
8018564f6 qcacld-2.0: Fix potential buffer overwrite in wma_roam_synch_event_handler
ae7edb3ab qcacld-2.0: Add sanity check to avoid len overflow issue in WMI event data
923a9ebb4 BACKPORT: blk-mq: fix race between timeout and freeing request
58e76821a ANDROID: sound: rawmidi: Hold lock around realloc
b2e34211f rtac: add size check when reading cal data kvaddr buffer
6bc68c78e ANDROID: qtaguid: Fix the UAF probelm with tag_ref_tree
0fb1212e6 msm: camera: Return -NOTTY on invalid ioctl command.
86f666744 ALSA: seq: Fix use-after-free at creating a port
5df5d9376 qcacld-2.0: Change local variables to dynamic in limProcessAuthFrame
3b40e85a2 qcacld-2.0: Prevent buffer overflow
0521adf11 qcacld-2.0: Fix int overflow in wma_unified_link_radio_stats_event_handler
c92abcd8d msm: kgsl: Fixing an uninitialized variable in _gpuobj_map_useraddr()
067333dfe ASoC: msm: qdsp6v2: Fix dangling pointer access
4dd170c8e msm: mdss: Fix potential race condition in rotator
16415830a msm:ipa: Fix to kasan use-after-free issue
28c4d03a3 msm: ipa: Fix to use after free issue
d184e5bd9 FROMLIST: input: synaptics_dsx: remove unused synaptics touch screen driver files
4f40763da qcacld-2.0: Fix to propagate key-receiver-sequence-counter to WMA
17f03b877 qcacld-2.0: Propagate key sequence counter to SME
d142c65d7 iovec: make sure the caller actually wants anything in memcpy_fromiovecend
224720481 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
520f6ebe6 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-mr1
39ead04ae input: synaptics: restrict sysfs node write permissions
eb6d0d5a6 ASoC: wcd9xxx: restrict debugfs permission
36f7aa0ea staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
cb8b04b2c arm64/configs: marlin: remove unused configs for Bluetooth
7ddc1b72a msm: mdss: Fix possible memory overwrite in pgc config
b77553369 spcom: avoid race condition when handling commands
e24ac1599 BACKPORT: ANDROID: sched/fair: Select correct capacity state for energy_diff
68cd93c15 UPSTREAM: crypto: algif_skcipher - Load TX SG list after waiting
4a512c24d msm: ADSPRPC: validate user buffers after copying from user
bd6435bfe qcacld-2.0: Buffer overflow in setrmcenable, setrmcactionperiod
159081fea HACK: arm64: add CNTPCT_EL0 trap handler
2550356c6 clocksource: arch_timer: make virtual counter access configurable
2a2e615b9 arm64: issue isb when trapping CNTVCT_EL0 access
364545647 BACKPORT: arm64: Add CNTFRQ_EL0 trap handler
0eed5140c BACKPORT: arm64: Add CNTVCT_EL0 trap handler
daa63ac1c Revert "clocksource: arch_timer: Enable user access to the physical counter"
830600835 Revert "drivers: clocksource: arch_timer: enable user access to virt timers"
c229a9cc4 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
15b9c991f Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
ef8246b99 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
b2fe8f732 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
664f7e854 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
81852ab0c Merge android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
65dec89b3 Merge android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
4b6dc75b0 UPSTREAM: char: Drop bogus dependency of DEVPORT on !M68K
6e9db0bcf msm: camera: Fix kernel overwrite GET_BUF_BY_IDX ioctl
a3ddd2b2c qcacld-2.0: Add bounday check for multicastAddr array
3db9ce7b5 msm: rmnet_ipa: fix security issue
81d88a545 msm: isp: fix for potentitial array out of bound access
49ffea115 FROMLIST: msm: qdsp6v2: set pointer to NULL after free
fc479b893 Merge branch msm-google/android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
d986e63df Merge branch android-msm-marlin-3.18-nyc-mr2 into android-msm-marlin-3.18
95c2a398b UPSTREAM: ipv6 addrconf: implement RFC7559 router solicitation backoff
3c1d525ee ANDROID: checkpatch: special audit for revert commit line
ac5b69538 net: ipv6: Add sysctl for minimum prefix len acceptable in RIOs.
67aae9ba1 UPSTREAM: usb: gadget: f_fs: add "no_disconnect" mode
fcc7f7a1e cnss_prealloc: Remove WARN_ON
391055770 Revert "Revert "input: gpio_keys: Disable task dump on bugreport key combo""
f7ddef061 Revert "qcacld-2.0: Add support for 2.4G Vht Interop"
b8eb5b8d6 Revert "qcacld-2.0: Add support for 2.4G VHT Interop in SAP"
df4086958 Revert "qcacld-2.0: wlan host driver upgrade to 4.4.25.038"
a9d41df16 Revert "qcacld-2.0: Fill bss_description after leaving room for ap.ieData"
2d0d19897 Revert "qcacld-2.0: wlan host driver upgrade to 4.4.25.039"
b9141e9af Revert "Revert "BACKPORT: rcu: sysctl: Panic on RCU Stall""
0a6197c48 arm64/configs: marlin: Enable RNDIS_IPA
89ad88654 marlin: enable /proc/config.gz support in defconfig
42b6a7e4f Revert "sched: freq: Reevaluate throttle if frequency requested changes"
6e3633e76 arm64/configs: use default for CONFIG_ANDROID_BINDER_DEVICES.
6bf94e343 ANDROID: binder: add hwbinder,vndbinder to BINDER_DEVICES.
26e71f831 qcacld-2.0: wlan host driver upgrade to 4.4.25.039
314511a79 qcacld-2.0: Fill bss_description after leaving room for ap.ieData
c5a016e9d qcacld-2.0: wlan host driver upgrade to 4.4.25.038
c29d70fb4 qcacld-2.0: Add support for 2.4G VHT Interop in SAP
2fb9ea5e8 qcacld-2.0: Add support for 2.4G Vht Interop
8dfcb2bb5 Revert "sched/rt: rt cpu selection integration with EAS."
514201728 Revert "sched: rt: Fix broken sync wakeup logic"
f1189e577 BACKPORT: sched/rt: Add a missing rescheduling point
3ab18ce2e Revert "ANDROID: marlin_defconfig: Enable UDF support and savedefconfig"
317d87bc5 tracing: Have preempt(irqs)off trace preempt disabled functions
f672dbfa0 ANDROID: sdcardfs: Fix style issues in macros
f59e3081c ANDROID: sdcardfs: Use seq_puts over seq_printf
63b8b6c2a ANDROID: sdcardfs: Use to kstrout
b2e36700a ANDROID: sdcardfs: Use pr_[...] instead of printk
30a5c8d9e ANDROID: sdcardfs: remove unneeded null check
b3cce5208 ANDROID: sdcardfs: Fix style issues with comments
c6edb72e2 ANDROID: sdcardfs: Fix formatting
a7317773e ANDROID: sdcardfs: correct order of descriptors
c00ad5d08 ANDROID: fix the deadlock in xt_qtaguid when enable DDEBUG
87cc6f6a2 arm64/configs: marlin: enable CONFIG_IP_MULTICAST
ea98829cf xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
839f5e61c Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
ea438a7bd build: enable defconfig check
dc4fd17b5 arm64/configs: marlin make savedefconfig
3b4d6f483 binder: allow new refs to zombie nodes if other refs exist
01b9f96fb binder: add more info to failed transaction logs
868f6ee04 binder: make FIFO inheritance a per-context option
86e51203e binder: add log information for binder transaction failures
21c64694c binder: turn on same debug messages as in common kernel
484f2e5f0 binder_alloc: prevent possible OOO mutex acquisition
1915bd9b6 binder: fix false BUG_ON
fec18f137 cpufreq_sched: Fix race in governor exit path
a5a8d4168 binder: avoid using strong references on nodes for internal refs
6d323645b scsi: ufs: export revision info in health sysfs node
5565ae35e binder: make inc/ref user commands atomic with node state
b0129d3be BACKPORT: sched, rt: Convert switched_{from, to}_rt() / prio_changed_rt() to balance callbacks
5c36487c1 BACKPORT: sched,rt: Remove return value from pull_rt_task()
cb9142b5e UPSTREAM: sched: Allow balance callbacks for check_class_changed()
204f7dfcd BACKPORT: sched: Replace post_schedule with a balance callback list
67b6e7056 FROMLIST: ext4: inherit encryption xattr before other xattrs
73f9e46ac UPSTREAM: fscrypto: add authorization check for setting encryption policy
fea231045 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
65ba464ac qcacld-2.0: wlan host driver upgrade to 4.4.25.037
9e342ed46 qcacld-2.0: Add radio_id change
b5175930b qcacld-2.0: Update correct msg length in oemData_SendMBOemDataReq API
a1f679e82 qcacld-2.0: Dump vdev ll queue stats during hif_pci_suspend
01ccdbfdb qcacld-2.0: Change the log level in limProcessMlmDisassocReqNtf
18deb5364 qcacld-2.0: Print cmd in hostapd_ioctl
908a6171f qcacld-2.0: Remove BTC code to reduce driver size
68eb4e4df qcacld-2.0: Add support to use generic netlink sockets for userspace apps
48edef37e marlin/sailfish: Enable cnss_genl driver compilation
b360165ca Driver to create cld80211 nl family at bootup time
8ba489847 mmc: core: export device health info via sysfs
e26328074 binder: prevent long delays in zombie reaping
9d0ca1305 scsi: ufs: add sysfs node to export health info
d7909e169 ext4 crypto: fix crash when using software encryption
442e9c9fc binder: protect enqueuing of death notifications
ff4a5bc39 ANDROID: sdcardfs: Fix gid issue
475e2fb0f ANDROID: sdcardfs: Use tabs instead of spaces in multiuser.h
69d32c788 ANDROID: sdcardfs: Remove uninformative prints
177071061 ANDROID: sdcardfs: move path_put outside of spinlock
72d3761d8 ANDROID: sdcardfs: Use case insensitive hash function
0f67385d5 ANDROID: sdcardfs: declare MODULE_ALIAS_FS
5697d1ca5 ANDROID: sdcardfs: Get the blocksize from the lower fs
67de1968c ANDROID: sdcardfs: Use d_invalidate instead of drop_recurisve
10137dc5a ANDROID: sdcardfs: Switch to internal case insensitive compare
6635e9228 ANDROID: sdcardfs: Use spin_lock_nested
cdf7353e7 ANDROID: sdcardfs: Replace get/put with d_lock
2884a9cd7 ANDROID: sdcardfs: rate limit warning print
099e37105 ANDROID: sdcardfs: Fix case insensitive lookup
ae2098942 marlin: defconfig: enable CONFIG_MEMORY_STATE_TIME
75a26e267 Implement memory_state_time, used by qcom,cpubw
587667195 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
7f6fddb31 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
585a52fd3 ANDROID: binder: add more debug info when allocation fails.
2a94c9a25 qcacld-2.0: Don't send WoW indication twice to FW
cd776a859 binder: read thread sequence number on every iteration when reaping
35eb96979 binder: make active thread sequence counter 64-bit
442ec3e07 uid_sys_stats: change to use rt_mutex
d58402201 rcu: boost: avoid preemption before calling complete()
6e5a43739 usb: typec: fusb302: Report wakeup event
1f0891e43 binder: prevent new refs to zombie nodes
026f8ebbc KASAN: Panic on first invalid write
Linux version 3.18.70-g0de8712 (android-build@abfarm321) (gcc version
4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Jan
17 18:39:52 UTC 2018
Bug: 29311147
Bug: 31339528
Bug: 31364827
Bug: 31432001
Bug: 32775496
Bug: 33316285
Bug: 33333670
Bug: 33967002
Bug: 34193533
Bug: 34469211
Bug: 34723223
Bug: 34873000
Bug: 34984780
Bug: 34991231
Bug: 35139833
Bug: 35331000
Bug: 35630852
Bug: 35633782
Bug: 35643557
Bug: 35668243
Bug: 35720340
Bug: 35766959
Bug: 35803310
Bug: 35833695
Bug: 35848445
Bug: 35893040
Bug: 35993630
Bug: 36004503
Bug: 36007653
Bug: 36052864
Bug: 36072376
Bug: 36088202
Bug: 36093037
Bug: 36095019
Bug: 36105810
Bug: 36137719
Bug: 36138424
Bug: 36160015
Bug: 36215937
Bug: 36220321
Bug: 36228467
Bug: 36279469
Bug: 36358874
Bug: 36371104
Bug: 36372758
Bug: 36406078
Bug: 36427717
Bug: 36492583
Bug: 36509658
Bug: 36511858
Bug: 36516194
Bug: 36524239
Bug: 36559739
Bug: 36565222
Bug: 36587884
Bug: 36604779
Bug: 36725786
Bug: 36801389
Bug: 37156343
Bug: 37158168
Bug: 37210310
Bug: 37275839
Bug: 37279737
Bug: 38159576
Bug: 38177011
Bug: 38182308
Bug: 62464339
Bug: 62800865
Bug: 63083046
Bug: 63172865
Bug: 63527053
Bug: 63851638
Bug: 64315347
Bug: 64386293
Bug: 64836865
Bug: 65172622
Bug: 65853158
Bug: 66954097
Bug: 67582682
Bug: 67713083
Bug: 67713087
Bug: 67713103
Bug: 67713104
Bug: 67713113
Bug: 67900971
Bug: 68266545
Bug: 68664502
Bug: 68870904
Bug: 68992395
Bug: 68992421
Bug: 68992424
Bug: 68992426
Bug: 68992429
Bug: 68992432
Bug: 68992434
Bug: 68992438
Bug: 68992439
Bug: 68992442
Bug: 68992451
Bug: 68992453
Bug: 68992455
Bug: 68992471
Bug: 68992473
Bug: 68992479
Bug: 68996141
Bug: 69051382
Bug: 69051731
Bug: 69051940
Bug: 69052055
Bug: 69052348
Bug: 69848268
Bug: 69856074
Bug: 70235107
Bug: 70237686
Bug: 70237692
Bug: 70237704
Bug: 70237706
Bug: 70237715
Bug: 70237719
Bug: 72042274
Change-Id: I8ab9213059c661da12d7057626170138395eebfa
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Wei Wang <wvw@google.com>
(cherry picked from commit c2306e7eb9d184586f7b91c287576bf084ebff61)
|
|
3478393, 3478134, 3478135, 3478213, 3478214, 3478215, 3478233, 3478234, 3478235, 3478251, 3478252, 3478253, 3478254, 3478394, 3478395, 3478396, 3478397, 3478398, 3478399, 3478400, 3478401, 3478402, 3478403, 3478292, 3478293, 3478312, 3478136, 3477911] into oc-mr1-release
Change-Id: I59d28d22dcde5964aab5846de6fe5b92a4202cf0
|
|
marlin: update kernel prebuilt [ DO NOT MERGE ]
0de871268 Merge branch 'android-msm-marlin-3.18-oc-mr1-security-next' into android-msm-marlin-3.18-oc-mr1
1d9eca18d arm64: mm: update uaccess_disable_no_uao hack in __dma_flush_range
0d5ff39d4 FROMLIST: arm64: kpti: Fix the interaction between ASID switching and software PAN
8a8720ef3 FROMLIST: arm64: Move post_ttbr_update_workaround to C code
290ebe326 Merge branch 'android-msm-marlin-3.18-oc-mr1-security-next' into android-msm-marlin-3.18-oc-mr1
e9ce9f4e8 arm64: Kconfig: Reword UNMAP_KERNEL_AT_EL0 kconfig entry
1fcc115d9 arm64: use RET instruction for exiting the trampoline
8be32643e arm64: kaslr: Put kernel vectors address in separate data page
e28406c3a arm64: mm: Introduce TTBR_ASID_MASK for getting at the ASID in the TTBR
c140818af arm64: entry: Add fake CPU feature for unmapping the kernel at EL0
b9bb63aae arm64: tls: Avoid unconditional zeroing of tpidrro_el0 for native tasks
d9bd1fec8 arm64: erratum: Work around Falkor erratum #E1003 in trampoline code
a9e7f2197 arm64: entry: Hook up entry trampoline to exception vectors
602e3e426 arm64: entry: Explicitly pass exception level to kernel_ventry macro
59684a875 arm64: mm: Map entry trampoline into trampoline and kernel page tables
e58257fdc arm64: entry: Add exception trampoline page for exceptions from EL0
c24bcee0e arm64: mm: Invalidate both kernel and user ASIDs when performing TLBI
e88e2725e arm64: mm: Add arm64_kernel_unmapped_at_el0 helper
b964be925 arm64: mm: Allocate ASIDs in pairs
3b97df6e1 arm64: mm: update uaccess_ttbr0_enable hack in __dma_flush_range
684c01f21 arm64: mm: Fix and re-enable ARM64_SW_TTBR0_PAN
7b12761b4 arm64: mm: Move ASID from TTBR0 to TTBR1
a43e3fa99 arm64: mm: Temporarily disable ARM64_SW_TTBR0_PAN
3b55471bf arm64: mm: Use non-global mappings for kernel space
4bc9e7309 arm64: Kconfig: Add CONFIG_UNMAP_KERNEL_AT_EL0
531e13c2e UPSTREAM: arm64: introduce mov_q macro to move a constant into a 64-bit register
506850f49 UPSTREAM: arm64: tlbflush.h: add __tlbi() macro
76aa656e1 UPSTREAM: arm64: factor out entry stack manipulation
50f16b403 ANDROID: arm64: fix potential __cpu_suspend() bug in PAN backport
915435e64 UPSTREAM: arm64: mm: keep reserved ASIDs in sync with mm after multiple rollovers
3ad2381e5 UPSTREAM: arm64: Disable PAN on uaccess_enable()
b827adbb0 UPSTREAM: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN
601aa3159 UPSTREAM: arm64: xen: Enable user access before a privcmd hvc call
3f0fb6adb UPSTREAM: arm64: Handle faults caused by inadvertent user access with PAN enabled
dc6ff5517 BACKPORT: arm64: Disable TTBR0_EL1 during normal kernel execution
0e750b6d3 BACKPORT: arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1
528da019c BACKPORT: arm64: Factor out PAN enabling/disabling into separate uaccess_* macros
e36684ba2 UPSTREAM: arm64: alternative: add auto-nop infrastructure
995f2efbe BACKPORT: arm64: barriers: introduce nops and __nops macros for NOP sequences
d86025f05 Revert "FROMLIST: arm64: Factor out PAN enabling/disabling into separate uaccess_* macros"
0aada4f20 Revert "FROMLIST: arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1"
0eaaabd1c Revert "FROMLIST: arm64: Disable TTBR0_EL1 during normal kernel execution"
a6cd1cc67 Revert "FROMLIST: arm64: Handle faults caused by inadvertent user access with PAN enabled"
d5c2e393c Revert "FROMLIST: arm64: xen: Enable user access before a privcmd hvc call"
9bea83fbc Revert "FROMLIST: arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN"
803b7e8e6 qcacld-2.0: Add sanity check to limit mgmt frames data len
4fbde1baa msm:ipa: Fix to incorrect structure access
a2de545c9 msm: sensor: flash: add conditional check for ioctl
91bd7d2c3 qcacld-2.0: Avoid OEM message overread
4ccea2ee5 ASoC: msm: qdsp6v2: Set freed pointers to NULL
5544e6d61 diag: Add protection while de-initializing clients
bc2b7c8ae qcacld-2.0: Fix out-of-bounds access in limProcessActionFrameNoSession
870fac6d4 qcacld-2.0: Check for upper bound in P2P NOA event
65ffdb283 qcacld-2.0: Check for the max number of P2P NOA descriptors
60889e1ee qcacld-2.0: Check for valid vdev ID in wma_nlo_match_evt_handler
0c35c1657 qcacld-2.0: Avoid possible buffer overwrite in wma_process_utf_event
f2f1e8dba UPSTREAM: ALSA: usb-audio: Kill stray URB at exiting
c1731f51c UPSTREAM: ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor
e7ea56e84 USB: uas: fix bug in handling of alternate settings
fd727e05b UPSTREAM: USB: fix out-of-bounds in usb_set_configuration
36c682771 UPSTREAM: HID: usbhid: fix out-of-bounds bug
4eb3df594 power: qcom: msm-core: Add mutex lock for ioctl
4113d85a8 qcacld-2.0: Fix int overflow in wma_unified_link_peer_stats_event_handler
db1b40139 qcacld-2.0: Check vdev_id against wma->max_bssid
67ee561a4 diag: Add mutex protection while reading dci debug statistics
f95293354 qcacld-2.0: Fix Integer overflow with latest framesc_linux tool
c6cec8540 qcacld-2.0: Avoid integer overflow in lim_update_ibss_prop_add_ies
b8f30f1e5 qcacld-2.0: Fix the size of array ch_list in sme_set_plm_request
674349727 qcacld-2.0: Add sanity check to avoid overflow in WMI event data
8018564f6 qcacld-2.0: Fix potential buffer overwrite in wma_roam_synch_event_handler
ae7edb3ab qcacld-2.0: Add sanity check to avoid len overflow issue in WMI event data
923a9ebb4 BACKPORT: blk-mq: fix race between timeout and freeing request
58e76821a ANDROID: sound: rawmidi: Hold lock around realloc
b2e34211f rtac: add size check when reading cal data kvaddr buffer
6bc68c78e ANDROID: qtaguid: Fix the UAF probelm with tag_ref_tree
0fb1212e6 msm: camera: Return -NOTTY on invalid ioctl command.
86f666744 ALSA: seq: Fix use-after-free at creating a port
5df5d9376 qcacld-2.0: Change local variables to dynamic in limProcessAuthFrame
3b40e85a2 qcacld-2.0: Prevent buffer overflow
0521adf11 qcacld-2.0: Fix int overflow in wma_unified_link_radio_stats_event_handler
c92abcd8d msm: kgsl: Fixing an uninitialized variable in _gpuobj_map_useraddr()
067333dfe ASoC: msm: qdsp6v2: Fix dangling pointer access
4dd170c8e msm: mdss: Fix potential race condition in rotator
16415830a msm:ipa: Fix to kasan use-after-free issue
28c4d03a3 msm: ipa: Fix to use after free issue
d184e5bd9 FROMLIST: input: synaptics_dsx: remove unused synaptics touch screen driver files
4f40763da qcacld-2.0: Fix to propagate key-receiver-sequence-counter to WMA
17f03b877 qcacld-2.0: Propagate key sequence counter to SME
d142c65d7 iovec: make sure the caller actually wants anything in memcpy_fromiovecend
224720481 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
520f6ebe6 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-mr1
39ead04ae input: synaptics: restrict sysfs node write permissions
eb6d0d5a6 ASoC: wcd9xxx: restrict debugfs permission
36f7aa0ea staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
cb8b04b2c arm64/configs: marlin: remove unused configs for Bluetooth
7ddc1b72a msm: mdss: Fix possible memory overwrite in pgc config
b77553369 spcom: avoid race condition when handling commands
e24ac1599 BACKPORT: ANDROID: sched/fair: Select correct capacity state for energy_diff
68cd93c15 UPSTREAM: crypto: algif_skcipher - Load TX SG list after waiting
4a512c24d msm: ADSPRPC: validate user buffers after copying from user
bd6435bfe qcacld-2.0: Buffer overflow in setrmcenable, setrmcactionperiod
159081fea HACK: arm64: add CNTPCT_EL0 trap handler
2550356c6 clocksource: arch_timer: make virtual counter access configurable
2a2e615b9 arm64: issue isb when trapping CNTVCT_EL0 access
364545647 BACKPORT: arm64: Add CNTFRQ_EL0 trap handler
0eed5140c BACKPORT: arm64: Add CNTVCT_EL0 trap handler
daa63ac1c Revert "clocksource: arch_timer: Enable user access to the physical counter"
830600835 Revert "drivers: clocksource: arch_timer: enable user access to virt timers"
c229a9cc4 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
15b9c991f Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
ef8246b99 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
b2fe8f732 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
664f7e854 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
81852ab0c Merge android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
65dec89b3 Merge android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
4b6dc75b0 UPSTREAM: char: Drop bogus dependency of DEVPORT on !M68K
6e9db0bcf msm: camera: Fix kernel overwrite GET_BUF_BY_IDX ioctl
a3ddd2b2c qcacld-2.0: Add bounday check for multicastAddr array
3db9ce7b5 msm: rmnet_ipa: fix security issue
81d88a545 msm: isp: fix for potentitial array out of bound access
49ffea115 FROMLIST: msm: qdsp6v2: set pointer to NULL after free
fc479b893 Merge branch msm-google/android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
d986e63df Merge branch android-msm-marlin-3.18-nyc-mr2 into android-msm-marlin-3.18
95c2a398b UPSTREAM: ipv6 addrconf: implement RFC7559 router solicitation backoff
3c1d525ee ANDROID: checkpatch: special audit for revert commit line
ac5b69538 net: ipv6: Add sysctl for minimum prefix len acceptable in RIOs.
67aae9ba1 UPSTREAM: usb: gadget: f_fs: add "no_disconnect" mode
fcc7f7a1e cnss_prealloc: Remove WARN_ON
391055770 Revert "Revert "input: gpio_keys: Disable task dump on bugreport key combo""
f7ddef061 Revert "qcacld-2.0: Add support for 2.4G Vht Interop"
b8eb5b8d6 Revert "qcacld-2.0: Add support for 2.4G VHT Interop in SAP"
df4086958 Revert "qcacld-2.0: wlan host driver upgrade to 4.4.25.038"
a9d41df16 Revert "qcacld-2.0: Fill bss_description after leaving room for ap.ieData"
2d0d19897 Revert "qcacld-2.0: wlan host driver upgrade to 4.4.25.039"
b9141e9af Revert "Revert "BACKPORT: rcu: sysctl: Panic on RCU Stall""
0a6197c48 arm64/configs: marlin: Enable RNDIS_IPA
89ad88654 marlin: enable /proc/config.gz support in defconfig
42b6a7e4f Revert "sched: freq: Reevaluate throttle if frequency requested changes"
6e3633e76 arm64/configs: use default for CONFIG_ANDROID_BINDER_DEVICES.
6bf94e343 ANDROID: binder: add hwbinder,vndbinder to BINDER_DEVICES.
26e71f831 qcacld-2.0: wlan host driver upgrade to 4.4.25.039
314511a79 qcacld-2.0: Fill bss_description after leaving room for ap.ieData
c5a016e9d qcacld-2.0: wlan host driver upgrade to 4.4.25.038
c29d70fb4 qcacld-2.0: Add support for 2.4G VHT Interop in SAP
2fb9ea5e8 qcacld-2.0: Add support for 2.4G Vht Interop
8dfcb2bb5 Revert "sched/rt: rt cpu selection integration with EAS."
514201728 Revert "sched: rt: Fix broken sync wakeup logic"
f1189e577 BACKPORT: sched/rt: Add a missing rescheduling point
3ab18ce2e Revert "ANDROID: marlin_defconfig: Enable UDF support and savedefconfig"
317d87bc5 tracing: Have preempt(irqs)off trace preempt disabled functions
f672dbfa0 ANDROID: sdcardfs: Fix style issues in macros
f59e3081c ANDROID: sdcardfs: Use seq_puts over seq_printf
63b8b6c2a ANDROID: sdcardfs: Use to kstrout
b2e36700a ANDROID: sdcardfs: Use pr_[...] instead of printk
30a5c8d9e ANDROID: sdcardfs: remove unneeded null check
b3cce5208 ANDROID: sdcardfs: Fix style issues with comments
c6edb72e2 ANDROID: sdcardfs: Fix formatting
a7317773e ANDROID: sdcardfs: correct order of descriptors
c00ad5d08 ANDROID: fix the deadlock in xt_qtaguid when enable DDEBUG
87cc6f6a2 arm64/configs: marlin: enable CONFIG_IP_MULTICAST
ea98829cf xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
839f5e61c Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
ea438a7bd build: enable defconfig check
dc4fd17b5 arm64/configs: marlin make savedefconfig
3b4d6f483 binder: allow new refs to zombie nodes if other refs exist
01b9f96fb binder: add more info to failed transaction logs
868f6ee04 binder: make FIFO inheritance a per-context option
86e51203e binder: add log information for binder transaction failures
21c64694c binder: turn on same debug messages as in common kernel
484f2e5f0 binder_alloc: prevent possible OOO mutex acquisition
1915bd9b6 binder: fix false BUG_ON
fec18f137 cpufreq_sched: Fix race in governor exit path
a5a8d4168 binder: avoid using strong references on nodes for internal refs
6d323645b scsi: ufs: export revision info in health sysfs node
5565ae35e binder: make inc/ref user commands atomic with node state
b0129d3be BACKPORT: sched, rt: Convert switched_{from, to}_rt() / prio_changed_rt() to balance callbacks
5c36487c1 BACKPORT: sched,rt: Remove return value from pull_rt_task()
cb9142b5e UPSTREAM: sched: Allow balance callbacks for check_class_changed()
204f7dfcd BACKPORT: sched: Replace post_schedule with a balance callback list
67b6e7056 FROMLIST: ext4: inherit encryption xattr before other xattrs
73f9e46ac UPSTREAM: fscrypto: add authorization check for setting encryption policy
fea231045 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
65ba464ac qcacld-2.0: wlan host driver upgrade to 4.4.25.037
9e342ed46 qcacld-2.0: Add radio_id change
b5175930b qcacld-2.0: Update correct msg length in oemData_SendMBOemDataReq API
a1f679e82 qcacld-2.0: Dump vdev ll queue stats during hif_pci_suspend
01ccdbfdb qcacld-2.0: Change the log level in limProcessMlmDisassocReqNtf
18deb5364 qcacld-2.0: Print cmd in hostapd_ioctl
908a6171f qcacld-2.0: Remove BTC code to reduce driver size
68eb4e4df qcacld-2.0: Add support to use generic netlink sockets for userspace apps
48edef37e marlin/sailfish: Enable cnss_genl driver compilation
b360165ca Driver to create cld80211 nl family at bootup time
8ba489847 mmc: core: export device health info via sysfs
e26328074 binder: prevent long delays in zombie reaping
9d0ca1305 scsi: ufs: add sysfs node to export health info
d7909e169 ext4 crypto: fix crash when using software encryption
442e9c9fc binder: protect enqueuing of death notifications
ff4a5bc39 ANDROID: sdcardfs: Fix gid issue
475e2fb0f ANDROID: sdcardfs: Use tabs instead of spaces in multiuser.h
69d32c788 ANDROID: sdcardfs: Remove uninformative prints
177071061 ANDROID: sdcardfs: move path_put outside of spinlock
72d3761d8 ANDROID: sdcardfs: Use case insensitive hash function
0f67385d5 ANDROID: sdcardfs: declare MODULE_ALIAS_FS
5697d1ca5 ANDROID: sdcardfs: Get the blocksize from the lower fs
67de1968c ANDROID: sdcardfs: Use d_invalidate instead of drop_recurisve
10137dc5a ANDROID: sdcardfs: Switch to internal case insensitive compare
6635e9228 ANDROID: sdcardfs: Use spin_lock_nested
cdf7353e7 ANDROID: sdcardfs: Replace get/put with d_lock
2884a9cd7 ANDROID: sdcardfs: rate limit warning print
099e37105 ANDROID: sdcardfs: Fix case insensitive lookup
ae2098942 marlin: defconfig: enable CONFIG_MEMORY_STATE_TIME
75a26e267 Implement memory_state_time, used by qcom,cpubw
587667195 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
7f6fddb31 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18
585a52fd3 ANDROID: binder: add more debug info when allocation fails.
2a94c9a25 qcacld-2.0: Don't send WoW indication twice to FW
cd776a859 binder: read thread sequence number on every iteration when reaping
35eb96979 binder: make active thread sequence counter 64-bit
442ec3e07 uid_sys_stats: change to use rt_mutex
d58402201 rcu: boost: avoid preemption before calling complete()
6e5a43739 usb: typec: fusb302: Report wakeup event
1f0891e43 binder: prevent new refs to zombie nodes
026f8ebbc KASAN: Panic on first invalid write
Linux version 3.18.70-g0de8712 (android-build@abfarm321) (gcc version
4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Jan
17 18:39:52 UTC 2018
Bug: 29311147
Bug: 31339528
Bug: 31364827
Bug: 31432001
Bug: 32775496
Bug: 33316285
Bug: 33333670
Bug: 33967002
Bug: 34193533
Bug: 34469211
Bug: 34723223
Bug: 34873000
Bug: 34984780
Bug: 34991231
Bug: 35139833
Bug: 35331000
Bug: 35630852
Bug: 35633782
Bug: 35643557
Bug: 35668243
Bug: 35720340
Bug: 35766959
Bug: 35803310
Bug: 35833695
Bug: 35848445
Bug: 35893040
Bug: 35993630
Bug: 36004503
Bug: 36007653
Bug: 36052864
Bug: 36072376
Bug: 36088202
Bug: 36093037
Bug: 36095019
Bug: 36105810
Bug: 36137719
Bug: 36138424
Bug: 36160015
Bug: 36215937
Bug: 36220321
Bug: 36228467
Bug: 36279469
Bug: 36358874
Bug: 36371104
Bug: 36372758
Bug: 36406078
Bug: 36427717
Bug: 36492583
Bug: 36509658
Bug: 36511858
Bug: 36516194
Bug: 36524239
Bug: 36559739
Bug: 36565222
Bug: 36587884
Bug: 36604779
Bug: 36725786
Bug: 36801389
Bug: 37156343
Bug: 37158168
Bug: 37210310
Bug: 37275839
Bug: 37279737
Bug: 38159576
Bug: 38177011
Bug: 38182308
Bug: 62464339
Bug: 62800865
Bug: 63083046
Bug: 63172865
Bug: 63527053
Bug: 63851638
Bug: 64315347
Bug: 64386293
Bug: 64836865
Bug: 65172622
Bug: 65853158
Bug: 66954097
Bug: 67582682
Bug: 67713083
Bug: 67713087
Bug: 67713103
Bug: 67713104
Bug: 67713113
Bug: 67900971
Bug: 68266545
Bug: 68664502
Bug: 68870904
Bug: 68992395
Bug: 68992421
Bug: 68992424
Bug: 68992426
Bug: 68992429
Bug: 68992432
Bug: 68992434
Bug: 68992438
Bug: 68992439
Bug: 68992442
Bug: 68992451
Bug: 68992453
Bug: 68992455
Bug: 68992471
Bug: 68992473
Bug: 68992479
Bug: 68996141
Bug: 69051382
Bug: 69051731
Bug: 69051940
Bug: 69052055
Bug: 69052348
Bug: 69848268
Bug: 69856074
Bug: 70235107
Bug: 70237686
Bug: 70237692
Bug: 70237704
Bug: 70237706
Bug: 70237715
Bug: 70237719
Bug: 72042274
Change-Id: I8ab9213059c661da12d7057626170138395eebfa
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Wei Wang <wvw@google.com>
(cherry picked from commit c2306e7eb9d184586f7b91c287576bf084ebff61)
|
|
Change-Id: I98a1a22ce0a9146192ea9cd8e01206f80c750844
|
|
Change-Id: I554d46128110dd82e5551356088bd2cdfc9613ca
|
|
3366918, 3365573, 3365589, 3365590, 3366938, 3366902, 3365574, 3365575, 3365576, 3365577, 3366958, 3365824, 3365591, 3366959, 3366960, 3366961, 3366962, 3366963, 3366964, 3366965, 3366919, 3366966, 3366967, 3366968, 3366969, 3366970, 3367018, 3367019, 3365592, 3365593, 3366985, 3365825, 3366988, 3366989, 3366990, 3366991, 3366992, 3366993, 3366994, 3367004, 3367005, 3367006, 3367007, 3367008, 3367009, 3367010, 3367011, 3367012, 3367013, 3367014, 3367015, 3367016, 3367017, 3367038, 3367039, 3367040, 3367041, 3367042, 3367044, 3367045, 3367046, 3367049, 3367050, 3367052, 3367053, 3367054, 3367055, 3367056, 3366920, 3366921, 3366922, 3367079] into oc-mr1-release
Change-Id: If74e4d10276c50652ad341d59ba989ad5df4a3f2
|
|
674349727b4e qcacld-2.0: Add sanity check to avoid overflow in WMI event data
8018564f6100 qcacld-2.0: Fix potential buffer overwrite in wma_roam_synch_event_handler
ae7edb3ab19b qcacld-2.0: Add sanity check to avoid len overflow issue in WMI event data
923a9ebb4177 BACKPORT: blk-mq: fix race between timeout and freeing request
58e76821a6d4 ANDROID: sound: rawmidi: Hold lock around realloc
b2e34211f8fd rtac: add size check when reading cal data kvaddr buffer
6bc68c78e3d9 ANDROID: qtaguid: Fix the UAF probelm with tag_ref_tree
0fb1212e66d5 msm: camera: Return -NOTTY on invalid ioctl command.
86f666744919 ALSA: seq: Fix use-after-free at creating a port
5df5d9376f8f qcacld-2.0: Change local variables to dynamic in limProcessAuthFrame
3b40e85a2481 qcacld-2.0: Prevent buffer overflow
0521adf110d8 qcacld-2.0: Fix int overflow in wma_unified_link_radio_stats_event_handler
c92abcd8dccb msm: kgsl: Fixing an uninitialized variable in _gpuobj_map_useraddr()
067333dfe254 ASoC: msm: qdsp6v2: Fix dangling pointer access
4dd170c8ea4a msm: mdss: Fix potential race condition in rotator
16415830ae61 msm:ipa: Fix to kasan use-after-free issue
28c4d03a3920 msm: ipa: Fix to use after free issue
d184e5bd9f83 FROMLIST: input: synaptics_dsx: remove unused synaptics touch screen driver files
4f40763dae66 qcacld-2.0: Fix to propagate key-receiver-sequence-counter to WMA
17f03b877772 qcacld-2.0: Propagate key sequence counter to SME
d142c65d72d7 iovec: make sure the caller actually wants anything in memcpy_fromiovecend
224720481783 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
520f6ebe6bde Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-mr1
39ead04aeb9a input: synaptics: restrict sysfs node write permissions
eb6d0d5a60c7 ASoC: wcd9xxx: restrict debugfs permission
36f7aa0ea77f staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
cb8b04b2cb1f arm64/configs: marlin: remove unused configs for Bluetooth
7ddc1b72ac40 msm: mdss: Fix possible memory overwrite in pgc config
b77553369e38 spcom: avoid race condition when handling commands
e24ac1599faf BACKPORT: ANDROID: sched/fair: Select correct capacity state for energy_diff
68cd93c15835 UPSTREAM: crypto: algif_skcipher - Load TX SG list after waiting
4a512c24d5fb msm: ADSPRPC: validate user buffers after copying from user
bd6435bfe246 qcacld-2.0: Buffer overflow in setrmcenable, setrmcactionperiod
159081fea4cf HACK: arm64: add CNTPCT_EL0 trap handler
2550356c69fe clocksource: arch_timer: make virtual counter access configurable
2a2e615b9489 arm64: issue isb when trapping CNTVCT_EL0 access
364545647257 BACKPORT: arm64: Add CNTFRQ_EL0 trap handler
0eed5140c99f BACKPORT: arm64: Add CNTVCT_EL0 trap handler
daa63ac1c5d3 Revert "clocksource: arch_timer: Enable user access to the physical counter"
830600835d13 Revert "drivers: clocksource: arch_timer: enable user access to virt timers"
c229a9cc45f5 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
15b9c991f967 Merge branch 'android-msm-marlin-3.18-oc-mr1' into android-msm-marlin-3.18-oc-mr1-security-next
ef8246b99647 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
b2fe8f7326db Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
664f7e854224 Merge branch 'android-msm-marlin-3.18' into android-msm-marlin-3.18-security-next
81852ab0c436 Merge android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
65dec89b33b2 Merge android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
4b6dc75b07ab UPSTREAM: char: Drop bogus dependency of DEVPORT on !M68K
6e9db0bcf183 msm: camera: Fix kernel overwrite GET_BUF_BY_IDX ioctl
a3ddd2b2c621 qcacld-2.0: Add bounday check for multicastAddr array
3db9ce7b59be msm: rmnet_ipa: fix security issue
81d88a545aa9 msm: isp: fix for potentitial array out of bound access
49ffea11532e FROMLIST: msm: qdsp6v2: set pointer to NULL after free
fc479b8939df Merge branch msm-google/android-msm-marlin-3.18 into android-msm-marlin-3.18-security-next
ea98829cfcba xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window
Linux version 3.18.70-g674349727b4e (android-
build@wpef28.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Dec 6 22:50:21
UTC 2017
Bug: 33967002
Bug: 35139833
Bug: 36279469
Bug: 36565222
Bug: 36604779
Bug: 37156343
Bug: 37210310
Bug: 37275839
Bug: 37279737
Bug: 38159576
Bug: 38177011
Bug: 38182308
Bug: 62464339
Bug: 62800865
Bug: 63083046
Bug: 63172865
Bug: 63527053
Bug: 64315347
Bug: 64386293
Bug: 65172622
Bug: 65853158
Bug: 66954097
Bug: 67713083
Bug: 67713087
Bug: 67713103
Bug: 67713104
Bug: 67713113
Bug: 67900971
Bug: 68266545
Bug: 68992421
Bug: 68992426
Bug: 68992429
Bug: 68992434
Bug: 68992439
Bug: 68992453
Bug: 68992455
Bug: 68992471
Bug: 68992473
Bug: 68992479
Bug: 68996141
Bug: 69848268
Bug: 70285904
Change-Id: I8356181cb8a43a4a530760e8c69674c972f5de31
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Thierry Strudel <tstrudel@google.com>
(cherry picked from commit 8774df234a2970ed7099f6df7d0be54cdb32d2f8)
|
|
Change-Id: I2345b04cbc0ea9f9167263930cd18b1b507ce9b3
|
|
3278010, 3277767, 3277768, 3277769, 3277770, 3276509, 3276510, 3278011, 3278012, 3278013, 3278014, 3278099, 3278100, 3278101, 3278102, 3278103, 3278104, 3278105, 3278106, 3277800, 3276474, 3278015, 3278016, 3278017, 3278118, 3278119, 3278120, 3278121, 3278122, 3277946, 3277905, 3277947, 3277906, 3277751, 3278123, 3277752, 3278110, 3277771, 3277907, 3278095, 3277908, 3278111, 3277772, 3276475, 3276476] into oc-mr1-release
Change-Id: Ic5bdeb099583dd320c2769ed00900e8bd90b2d7d
|
|
520f6ebe6 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-mr1
39ead04ae input: synaptics: restrict sysfs node write permissions
eb6d0d5a6 ASoC: wcd9xxx: restrict debugfs permission
36f7aa0ea staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
cb8b04b2c arm64/configs: marlin: remove unused configs for Bluetooth
7ddc1b72a msm: mdss: Fix possible memory overwrite in pgc config
b77553369 spcom: avoid race condition when handling commands
e24ac1599 BACKPORT: ANDROID: sched/fair: Select correct capacity state for energy_diff
68cd93c15 UPSTREAM: crypto: algif_skcipher - Load TX SG list after waiting
4a512c24d msm: ADSPRPC: validate user buffers after copying from user
bd6435bfe qcacld-2.0: Buffer overflow in setrmcenable, setrmcactionperiod
159081fea HACK: arm64: add CNTPCT_EL0 trap handler
2550356c6 clocksource: arch_timer: make virtual counter access configurable
2a2e615b9 arm64: issue isb when trapping CNTVCT_EL0 access
364545647 BACKPORT: arm64: Add CNTFRQ_EL0 trap handler
0eed5140c BACKPORT: arm64: Add CNTVCT_EL0 trap handler
daa63ac1c Revert "clocksource: arch_timer: Enable user access to the physical counter"
830600835 Revert "drivers: clocksource: arch_timer: enable user access to virt timers"
Linux version 3.18.70-g520f6eb (android-build@abfarm195) (gcc version
4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Nov
20 18:52:55 UTC 2017
Bug: 38159576
Bug: 62464339
Bug: 62800865
Bug: 63527053
Bug: 64386293
Bug: 66954097
Bug: 67713083
Bug: 67713087
Bug: 67713104
Bug: 67713113
Bug: 68266545
Bug: 68996141
Change-Id: Iad111d4a2607d9e68bfec89e18291692df166fec
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Patrick Tjin <pattjin@google.com>
(cherry picked from commit 1436eda56a8d353feda7e97762b1f9198a5885fa)
|
|
Change-Id: I099a71320b55163a9f2bc9088b3c5f3bdac55208
|
|
12920568 qcacld-2.0: wlan host driver upgrade to 4.4.25.047
e02bc940 qcacld-2.0: Fix incorrect frame length of encrypted auth frame
Linux version 3.18.70-g1292056 (android-build@abfarm009) (gcc version
4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Fri Nov
10 16:36:21 UTC 2017
Bug: 67754642
Change-Id: I9467551dadc3b69cd7492efe64ff79ac444e26cd
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Ecco Park <eccopark@google.com>
(cherry picked from commit 1d1cc9860d8d4e33d46cece9f36d84ff35e5f5b3)
|
|
Change-Id: I225d77097f8d0681d1fb3a04d09498b58e56e103
|
|
Change-Id: Ie3a80d3f764f0475feccf011fbca62f689f71ec0
|
|
1b650d4a qcacld-2.0: wlan host driver upgrade to 4.4.25.046
3e23d465 qcacld-2.0: Set length of challenge text sent by SAP to 128
07182da9 qcacld-2.0: Fix incorrect length of encrypted auth frame
84a5511c qcacld-2.0: Fix incorrect processing of encrypted auth frame
Linux version 3.18.70-g1b650d4a5047 (android-
build@wphr7.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 20 04:29:40
UTC 2017
Bug: 67030205
Change-Id: Id4025fec826ef68fd1320fab8c74716909cd9148
Source-Branch: android-msm-marlin-3.18-oc-mr1
Signed-off-by: Ahmed ElArabawy <arabawy@google.com>
|
|
Change-Id: I456e9e4cb03d3bc851ed079ade5a715c051f09b7
|
|
344fe193770d Revert "qcacld-2.0: Fix incorrect processing of encrypted auth frame"
cb0cff8ee8e8 Revert "qcacld-2.0: Fix incorrect length of encrypted auth frame"
1f1527ce748e Revert "qcacld-2.0: Set length of challenge text sent by SAP to 128"
Linux version 3.18.70-g344fe193770d (android-
build@xpce8.ams.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Wed Oct 18 18:32:45 UTC 2017
Bug: 67775060
Change-Id: I777d18bce04d1f36bd438d34df05117eb8c02313
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Siqi Lin <siqilin@google.com>
|
|
Change-Id: I7fadda06697317392fb285d625332271e083ab61
|
|
Change-Id: I6ada37409697f879ae1841bfda6343dce9465fb5
|
|
cb942e1ef856 usb: gadget: composite: Handle OS descriptor request properly
Linux version 3.18.70-gcb942e1ef856 (android-
build@wprh8.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Tue Oct 17 18:15:33 UTC 2017
Bug: 66985760
Change-Id: I86584a3c8cf478a975f096304ffb70949f37aa3c
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Siqi Lin <siqilin@google.com>
|
|
Change-Id: I94ce0dd25e7b68b741a34e7ffb0996973d7dced8
|
|
am: 5a1641c97f -s ours
Change-Id: I0257fbe1bfb05e24541105b8233371f85f5bf5dc
|
|
am: 74abd557e7 -s ours
Change-Id: Id34c449e4c73ce4aca3e97734e089a24d347e0af
|
|
Change-Id: I7a52b0540671722949ed459dcd904533e051e6e8
|
|
Change-Id: I60d916cf4a6675a9f7b5c34bdd6e70fe831a61f0
|
|
121738aa4 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18
bec3b102a Merge branch 'android-msm-marlin-3.18-oc-security-next' into android-msm-marlin-3.18-oc
36b372ee3 msm: kgsl: Use vma_area_struct with proper locks
14b3f2e5b qseecom: Fix accessing userspace memory in kernel space
359b14af8 ANDROID: scsi: Add segment checking in sg_read
5b1139e8b qcacld-2.0: Add bound check for numap to avoid integer overflow
e535df239 msm: mdss: Avoid direct dereference user input in pp cache config
535d5fb4f msm: camera: Make use of mutex lock to avoid race condition
61850bbb7 msm: mdss: Add check for fence count
ce527b39c ASoC: msm: qdsp6v2: clear address on error
4d7090c18 coresight: tmc: Fix the unbalanced lock in tmc_read()
84c3472f4 coresight: tmc: Fix use after free issue with tmc read
3f46d83d2 coresight: tmc: Fix use after free issue with tmc read
e2c5d6ee7 msm: mdss: size check before writing to edid buffer
1b442f336 fbdev: msm: Allocate fd with O_CLOEXEC flag
288b86d3d msm: sde: Remove output fence object after user request completed
de20ca7d6 msm: mdss: validate page id before reading from edid buffer
e4d3cddf1 ANDROID: binder: fix OOB write in __binder_update_page_range
a924cd4ca msm: ipa: Add mutext protection when updating notify req cache
35855e455 ASoC: msm-cpe: Fix range checking in function fw_name_store
56eda148a drm/msm: Fix possible overflow issue in submit_cmd
0168c1d43 qcacld-2.0: Check on IE length to avoid buffer over-read
ae3643899 qbt1000: Validate FP app name before qseecom_start_app
b81dd3ebe qcacld-2.0: Fix invalid buffer access in send mgmt tx
35417932a angler: remove 'reboot edl' interface for security.
12e27fb72 msm: sensor: Add mutex lock during ois power down operations
07afef295 diag: dci: Add protection while querying event status
3c34a3a28 msm: vidc: Squash the below changes
b9c210ed2 v4l2: Refactor, fix security bug in compat ioctl32
c870bd22e msm: camera: Avoid deadlock for vb2 operations using separate lock
195f5e806 ANDROID: ion: Fix uninitialized variable
6bbe7b3e7 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-security-next
c31c63350 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-security-next
f28119118 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-security-next
0dfb2bea6 Fix KASAN compiler path
Linux version 3.18.70-g121738aa410e (android-
build@vpbs12.mtv.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 13 04:43:44 UTC 2017
Bug: 34276203
Bug: 34329758
Bug: 34624167
Bug: 35138888
Bug: 62378232
Bug: 62674846
Bug: 63100473
Bug: 63172865
Bug: 63522505
Bug: 63636412
Bug: 63868627
Bug: 63868629
Bug: 63868678
Bug: 63868780
Bug: 63868933
Bug: 64216036
Bug: 64431967
Bug: 64442463
Bug: 64453105
Bug: 64453224
Bug: 64453422
Bug: 64453423
Bug: 64728945
Bug: 64728948
Bug: 64728950
Bug: 64728953
Bug: 65023233
Bug: 65468973
Bug: 65468989
Bug: 65468993
Bug: 67749331
Change-Id: I2cdbf674fbc1313c29c2c79118980f92d498fed7
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Steve Pfetsch <spfetsch@google.com>
|
|
bec3b102 Merge branch 'android-msm-marlin-3.18-oc-security-next' into android-msm-marlin-3.18-oc
36b372ee msm: kgsl: Use vma_area_struct with proper locks
14b3f2e5 qseecom: Fix accessing userspace memory in kernel space
359b14af ANDROID: scsi: Add segment checking in sg_read
5b1139e8 qcacld-2.0: Add bound check for numap to avoid integer overflow
e535df23 msm: mdss: Avoid direct dereference user input in pp cache config
535d5fb4 msm: camera: Make use of mutex lock to avoid race condition
61850bbb msm: mdss: Add check for fence count
ce527b39 ASoC: msm: qdsp6v2: clear address on error
4d7090c1 coresight: tmc: Fix the unbalanced lock in tmc_read()
84c3472f coresight: tmc: Fix use after free issue with tmc read
3f46d83d coresight: tmc: Fix use after free issue with tmc read
e2c5d6ee msm: mdss: size check before writing to edid buffer
1b442f33 fbdev: msm: Allocate fd with O_CLOEXEC flag
288b86d3 msm: sde: Remove output fence object after user request completed
de20ca7d msm: mdss: validate page id before reading from edid buffer
e4d3cddf ANDROID: binder: fix OOB write in __binder_update_page_range
a924cd4c msm: ipa: Add mutext protection when updating notify req cache
35855e45 ASoC: msm-cpe: Fix range checking in function fw_name_store
56eda148 drm/msm: Fix possible overflow issue in submit_cmd
0168c1d4 qcacld-2.0: Check on IE length to avoid buffer over-read
ae364389 qbt1000: Validate FP app name before qseecom_start_app
b81dd3eb qcacld-2.0: Fix invalid buffer access in send mgmt tx
35417932 angler: remove 'reboot edl' interface for security.
12e27fb7 msm: sensor: Add mutex lock during ois power down operations
07afef29 diag: dci: Add protection while querying event status
3c34a3a2 msm: vidc: Squash the below changes
b9c210ed v4l2: Refactor, fix security bug in compat ioctl32
c870bd22 msm: camera: Avoid deadlock for vb2 operations using separate lock
195f5e80 ANDROID: ion: Fix uninitialized variable
6bbe7b3e Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-security-next
e98d60c5 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18-oc
46d3f3da Merge branch 'android-msm-marlin-3.18-nyc-mr2-security-next' into android-msm-marlin-3.18-nyc-mr2
9ad3e21d qcacld-2.0: Skip an IE if found more its max times in a frame
a96e06fa msm: camera: isp: Initialize stream info
dc1a89ba ASoC: msm: qdspv2: add mutex to prevent access same memory simultaneously
8105e52e qcacld-2.0: Update SIR_MAC_AUTH_CHALLENGE_LENGTH as per IEEE spec
2494afce qcacld-2.0: Update limComputeCrc32 to pass uint16_t
0001cca5 qcacld-2.0: Add bound check before writing to channel list
021dfec1 msm: mdss: hdmi: check up-bound of CEC frame size
17ef83c7 diag: Add protection while processing non-hdlc packets
6d5d4240 msm: camera2: cpp: Fix iommu_attach/detach compat_ioctl issue
d7accdfe qcacld-2.0: Add check for set_ft_ies buffer length
0c326157 UPSTREAM: brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
b0edd765 SoC: msm: audio-effects: return directly to avoid integer overflow
151a5c25 msm: kgsl: Protect the event->handle with spinlock
03eeee1f diag: Add proper synchronization checks to msg mask table
d246a8df qcacld-2.0: Remove code related to mmap functionality for pktlog
a117ca22 perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
072d53b2 msm: mdss: hdmi: validate HDMI EDID's max number of CEA blocks
10b0cb47 msm: mdss: fix the use after free problem in rotator ioctl
8172d060 cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
e1762cac cfg80211: Check if PMKID attribute is of expected size
01aa085e arm64/configs: disable QBT1000 driver
b59b67fb arm64: dts: marlin: remove QBT1000 from device tree
cb19b77b msm: sensor: Fix crash when ioctl VIDIOC_MSM_SENSOR_INIT_CFG
fef5d30b msm: camera: Bound check for num_of_stream.
c34d4d1b ALSA: pcm: prevent UAF in snd_pcm_info
1999f226 ANDROID: input: keychord: fix race condition bug
344beb4c BACKPORT: pids: make task_tgid_nr_ns() safe
c31c6335 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-security-next
6cec1fea Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18-nyc-mr2-security-next
99dda032 usb: typec: tcpm: Comply with TryWait.SNK State
6a728e8b usb: typec: tcpm: Follow Try.SRC exit requirements
745643d3 usb: type-c: tcpm: Check for Rp for tPDDebounce
56df2632 usb: typec: tcpm: Prevent TCPM from looping in SRC_TRYWAIT
60aa5432 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18-oc
d72ede87 Merge branch 'android-msm-marlin-3.18-nyc-mr2-security-next' into android-msm-marlin-3.18-nyc-mr2
10792bd1 qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID
18c4a958 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18-oc
90eac350 Merge branch 'android-msm-marlin-3.18-nyc-mr2-security-next' into android-msm-marlin-3.18-nyc-mr2
560c7989 qcacld-2.0: Avoid buffer overread when parsing PNO commands
f5976901 Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs""
57b285e9 UPSTREAM: fscrypt: remove broken support for detecting keyring key revocation
d3f653d2 ext4, pfk, block: stop putting keyring key directly in bio
a74e9805 Remove CONFIG_PFK dependency on CONFIG_ECRYPT_FS.
860eb69c sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
37e65757 msm: mdss: Buffer overflow while processing gamut table data
891a341a qcacld-2.0: Avoid extscan bucket spec overread
47b905c2 qcacld-2.0: Validate vendor set roaming params command
2832f536 qcacld-2.0: Add get valid channels entry to NLA policy
1eef0834 qcacld-2.0: Avoid buffer overread when parsing PNO commands
26db093d qcacld-2.0: Fix kernel memory corruption
f475854b msm: mdss: Increase fbmem buf ref count before use
b6081356 crypto: msm: Fix several race condition issues in crypto drivers
cd5d645f ASoC: msm: qdsp6v2: add size check to fix out of bounds issue
70e63082 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR
e7e70326 qcacld-2.0: Avoid overread when configuring MAC addresses
c1cd1c94 qcacld-2.0: Validate vendor command do_acs
e5a4fdef qcacld-2.0: Apply policy to fine time measurement
18cd55bf compat_qcedev: Fix accessing userspace memory in kernel space
67d94945 msm: camera: sensor:validating the flash initialization parameters
8f6f01ad qcacld-2.0: Check target address boundary before access
33e8d566 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool
db6e5584 qcacld-2.0: Fix Uninitialized memory issue
34cff2eb msm: ipa: fix IPC low priority logging
01f908d5 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail
4b788ca4 diag: Synchronize command registration table access
f2811911 Merge branch 'android-msm-marlin-3.18-oc' into android-msm-marlin-3.18-oc-security-next
721bdd42 Merge branch 'android-msm-marlin-3.18-nyc-mr2' into android-msm-marlin-3.18-nyc-mr2-security-next
0dfb2bea Fix KASAN compiler path
Linux version 3.18.52-gbec3b102a848 (android-
build@wprh4.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 13 04:41:53 UTC 2017
Bug: 30225438
Bug: 31025812
Bug: 31495866
Bug: 32669756
Bug: 34170483
Bug: 34276203
Bug: 34329758
Bug: 34624167
Bug: 35138888
Bug: 35988361
Bug: 36006779
Bug: 36006981
Bug: 36227548
Bug: 36232584
Bug: 36492827
Bug: 36575870
Bug: 36730104
Bug: 36815952
Bug: 36816726
Bug: 36817053
Bug: 36817548
Bug: 36818836
Bug: 36819059
Bug: 36895857
Bug: 37093119
Bug: 37284397
Bug: 37478866
Bug: 37623773
Bug: 37625232
Bug: 37687303
Bug: 37713609
Bug: 37720349
Bug: 37721426
Bug: 37866910
Bug: 37893116
Bug: 37901413
Bug: 37949660
Bug: 62058746
Bug: 62084791
Bug: 62085265
Bug: 62298712
Bug: 62378232
Bug: 62378962
Bug: 62456806
Bug: 62674846
Bug: 62827190
Bug: 62827928
Bug: 62949902
Bug: 62952032
Bug: 63100473
Bug: 63172865
Bug: 63522505
Bug: 63636412
Bug: 63868020
Bug: 63868627
Bug: 63868628
Bug: 63868629
Bug: 63868678
Bug: 63868780
Bug: 63868933
Bug: 64216036
Bug: 64258073
Bug: 64261058
Bug: 64431967
Bug: 64431968
Bug: 64433362
Bug: 64434485
Bug: 64438726
Bug: 64438727
Bug: 64438728
Bug: 64440043
Bug: 64442463
Bug: 64453105
Bug: 64453224
Bug: 64453422
Bug: 64453423
Bug: 64453533
Bug: 64453535
Bug: 64693719
Bug: 64728945
Bug: 64728948
Bug: 64728950
Bug: 64728953
Bug: 65023233
Bug: 65468973
Bug: 65468989
Bug: 65468993
Bug: 65558892
Bug: 67749331
Change-Id: I28cec2ee601bdf39d61eecea169e283cbaf15e04
Source-Branch: android-msm-marlin-3.18-oc
Signed-off-by: Steve Pfetsch <spfetsch@google.com>
|
|
95ca37211afb ANDROID: cpufreq: stats: Fix sleeping while atomic in cpufreq_task_stats_init
Linux version 3.18.70-g95ca37211afb (android-
build@wprg9.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Thu Oct 12 02:25:25 UTC 2017
Bug: 67715533
Change-Id: If81d646fcb430e7f68ad46aad97b01f34823141a
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Thierry Strudel <tstrudel@google.com>
|
|
Change-Id: I200333b1a6cba3bba022e1c4bfbd5868a5fd5ceb
|
|
ec11f381 qcacld-2.0: wlan host driver upgrade to 4.4.25.045
39867f3e qcacld-2.0: Fix roam start not being sent to firmware
Linux version 3.18.70-gec11f381abbb (android-
build@wpiw13.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Tue Oct 10 17:59:50 UTC 2017
Bug: 67034987
Change-Id: Ib76c7d45db8449bb809cc766ed4b3b059691dce4
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Kumar Anand <kumaranand@google.com>
|
|
Change-Id: I8992969a16891f02f9aca50103ecce0eea1e68fb
|
|
Change-Id: Id839d6fc63cb0b353d57239d53924d5b0820a419
|
|
0e867732e002 diag: Set in_busy only after initialization of read buffers
7b99b9b7e75f diag: Fix race condition while closing SMD
Linux version 3.18.70-g0e867732e002 (android-
build@xpcc6.ams.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 6 16:17:24 UTC 2017
Bug: 65555223
Change-Id: I24eb8d07e1e440b1828471beab6c16678be580a2
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Thierry Strudel <tstrudel@google.com>
|
|
Change-Id: I1aadd8520c25f529629bd2bc0e40a7b8c4d526b9
|
|
a82dfe79 qcacld-2.0: wlan host driver upgrade to 4.4.25.044
08dd28aa qcacld-2.0: Set length of challenge text sent by SAP to 128
14b0abbb qcacld-2.0: Fix incorrect length of encrypted auth frame
Linux version 3.18.70-ga82dfe796cb4 (android-
build@wprc11.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Wed Oct 4 16:35:41 UTC 2017
Bug: 67030205
Change-Id: Ib58b09a78553b5d5137e02444684b05e7141970d
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Kumar Anand <kumaranand@google.com>
|
|
Change-Id: Id33795ef8161e9af67db442ac4169c234753ae73
|
|
ee7019424 BACKPORT: Driver core: wakeup the parent device before trying probe
03b8103d6 Revert "Revert "BACKPORT: usb: host: plat: Enable xHCI plat runtime PM""
9c84b1c07 qcacld-2.0: Fix incorrect processing of encrypted auth frame
4aa8030e6 ANDROID: vfs/ext4: finish umount(2) in time and avoid errors=panic by filesystem
Linux version 3.18.70-gee7019424e44 (android-
build@vpee8.mtv.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Mon Oct 2 22:46:53 UTC 2017
Bug: 62492269
Bug: 63981945
Bug: 65481582
Bug: 67030205
Change-Id: Ie510913c03353814d5e5d3279c4be8e2e757fc0c
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
|
|
367109 snap-temp-L18300000107415568
Change-Id: I3e4aa9af8f6faaeb41a827b53f0338cc0e7a8048
|
|
2978352, 2977999, 2978127] into oc-mr1-release
Change-Id: I6fd02b30d60446333e3989fbe4eac6b66bed6ee6
|
|
32003c2d7 usb: dwc3-msm: Switch to freezable workqueue for sm_work
3fc65ca6d Revert "BACKPORT: usb: host: plat: Enable xHCI plat runtime PM"
2b15d2ecb qcacld-2.0: wlan host driver upgrade to 4.4.25.043
0771c1114 qcacld-2.0: Add proper check to avoid invoking tear down link multiple time
995d71dad BACKPORT: usb: host: plat: Enable xHCI plat runtime PM
Linux version 3.18.70-g32003c2d75e5 (android-
build@wphn10.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Thu Sep 28 21:15:17 UTC 2017
Bug: 62492269
Bug: 65640784
Change-Id: I885262b1ed2ca68fd2698586dd1d77320077d7e9
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
(cherry picked from commit f52a7f2089522f3070bca5926169f300b94a7719)
|
|
32003c2d7 usb: dwc3-msm: Switch to freezable workqueue for sm_work
3fc65ca6d Revert "BACKPORT: usb: host: plat: Enable xHCI plat runtime PM"
2b15d2ecb qcacld-2.0: wlan host driver upgrade to 4.4.25.043
0771c1114 qcacld-2.0: Add proper check to avoid invoking tear down link multiple time
995d71dad BACKPORT: usb: host: plat: Enable xHCI plat runtime PM
Linux version 3.18.70-g32003c2d75e5 (android-
build@wphn10.hot.corp.google.com) (gcc version 4.9.x 20150123
(prerelease) (GCC) ) #1 SMP PREEMPT Thu Sep 28 21:15:17 UTC 2017
Bug: 62492269
Bug: 65640784
Change-Id: I885262b1ed2ca68fd2698586dd1d77320077d7e9
Source-Branch: android-msm-marlin-3.18
Signed-off-by: Badhri Jagan Sridharan <Badhri@google.com>
|
|
352002 snap-temp-L88700000105039240
Change-Id: I838b46edc94e209fa28c3fd5df2f9473f3e85952
|
