summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-12-06DO NOT MERGE: Merge Oreo MR1 into masterHEADandroid-wear-p-preview-2android-wear-8.0.0_r1android-p-preview-5android-p-preview-4android-p-preview-3android-p-preview-2android-p-preview-1android-o-mr1-iot-release-smart-display-r9android-o-mr1-iot-release-smart-display-r8android-o-mr1-iot-release-smart-display-r5android-o-mr1-iot-release-smart-display-r40.1Jandroid-o-mr1-iot-release-smart-display-r4android-o-mr1-iot-release-smart-display-r39android-o-mr1-iot-release-smart-display-r30android-o-mr1-iot-release-smart-display-r3android-o-mr1-iot-release-smart-display-r22android-o-mr1-iot-release-smart-display-r14android-o-mr1-iot-release-smart-clock-r6android-o-mr1-iot-release-smart-clock-r2android-o-mr1-iot-release-smart-clock-fsiandroid-o-mr1-iot-release-smart-clock-fcsandroid-o-mr1-iot-release-cube_r2android-o-mr1-iot-release-cube-fsiandroid-o-mr1-iot-release-cube-fcsandroid-o-mr1-iot-release-1.0.8android-o-mr1-iot-release-1.0.7android-o-mr1-iot-release-1.0.5android-o-mr1-iot-release-1.0.4android-o-mr1-iot-release-1.0.3android-o-mr1-iot-release-1.0.2android-o-mr1-iot-release-1.0.14android-o-mr1-iot-release-1.0.13android-o-mr1-iot-release-1.0.12android-o-mr1-iot-release-1.0.10android-o-mr1-iot-release-1.0.1android-o-mr1-iot-release-1.0.0android-o-mr1-iot-preview-8android-o-mr1-iot-preview-7oreo-mr1-iot-releaseoreo-mr1-1.2-iot-releaseo-mr1-iot-preview-8o-mr1-iot-preview-7mastermainXin Li
Exempt-From-Owner-Approval: Changes already landed internally Change-Id: I2ed7bec5c14deb3ba3b01ff7223f41e9bfd917c4
2017-10-17bullhead: update kernel prebuilt [ DO NOT MERGE ANYWHERE ] am: 808ad0b2f1 ↵Steve Pfetsch
-s ours am: b7f0375a62 -s ours am: 0eb326f182 -s ours Change-Id: I1081fa2a5adb860c097857476c5270054b050dea
2017-10-17bullhead: update kernel prebuilt [ DO NOT MERGE ANYWHERE ] am: 808ad0b2f1 ↵Steve Pfetsch
-s ours am: b7f0375a62 -s ours Change-Id: I14e0dad7cf08f27493c8b75e71ef54edfe638221
2017-10-16bullhead: update kernel prebuilt [ DO NOT MERGE ANYWHERE ] am: 808ad0b2f1 ↵Steve Pfetsch
-s ours am: b7f0375a62 -s ours am: 31d64b119d -s ours Change-Id: Ic67c8e600523062de6805b462691d8617dd54bfb
2017-10-16bullhead: update kernel prebuilt [ DO NOT MERGE ANYWHERE ] am: 808ad0b2f1 ↵oreo-mr1-devSteve Pfetsch
-s ours am: b7f0375a62 -s ours Change-Id: I13ce6a9d2c26827df8b5ebb7ae5cbac8c7d5658b
2017-10-16bullhead: update kernel prebuilt [ DO NOT MERGE ANYWHERE ]Steve Pfetsch
am: 808ad0b2f1 -s ours Change-Id: Ieec1f8267057481778b9035742da00b1bc3ed4bd
2017-10-15bullhead: update kernel prebuiltSteve Pfetsch
am: 101beef979 Change-Id: I7bdb5430ee9c43212c9f1086be3114433d51b254
2017-10-13bullhead: update kernel prebuiltSteve Pfetsch
8afc8877 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10 476e010d Merge branch 'android-msm-bullhead-3.10-oc-security-next' into android-msm-bullhead-3.10-oc 510c22e9 msm: gud: Remove gud driver 0cee9126 qseecom: Fix accessing userspace memory in kernel space bee9a25f ANDROID: scsi: Add segment checking in sg_read d49505d2 qcacld-2.0: Add bound check for numap to avoid integer overflow 2b1b24b8 msm: camera: Make use of mutex lock to avoid race condition 377b6758 ASoC: msm: qdsp6v2: clear address on error c31ee5c0 coresight: tmc: Fix the unbalanced lock in tmc_read() b73156e5 coresight: tmc: Fix use after free issue with tmc read 427e3e15 fbdev: msm: Allocate fd with O_CLOEXEC flag 98bd4639 msm: mdss: validate page id before reading from edid buffer 1b1d3381 msm: ipa: Add mutext protection when updating notify req cache 28ef4d7f qcacld-2.0: Check on IE length to avoid buffer over-read 6b4554b8 qcacld-2.0: Fix invalid buffer access in send mgmt tx 21bab4fe BACKPORT: dentry name snapshots 68e5a3c7 angler: remove 'reboot edl' interface for security. 505b8327 msm: sensor: Add mutex lock during ois power down operations 1ede4694 diag: Fix for possible dci stale entries 96a3947b diag: dci: Add protection while querying event status ab177706 diag: dci: Add mutex protection while accessing client details 652f01eb diag: dci: Add protection while de-initializing clients ab1e30ef ANDROID: usb: gadget: f_mtp: Return error if count is negative a961645b UPSTREAM: ALSA: timer: Call notifier in the same spinlock 41455882 UPSTREAM: ALSA: timer: Fix race between stop and interrupt 7b2f2455 UPSTREAM: ALSA: timer: Fix link corruption due to double start or stop babbb1fc UPSTREAM: ALSA: timer: Code cleanup 874d3848 BACKPORT: ALSA: timer: Fix race at concurrent reads 3fa00095 BACKPORT: ALSA: timer: Handle disconnection more safely cbba392b UPSTREAM: ALSA: timer: Fix wrong instance passed to slave callbacks b757637f UPSTREAM: ALSA: timer: Harden slave timer list handling 4a997f92 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT 1c00f5b5 BACKPORT: ALSA: timer: Fix race between read and ioctl 0a2954f1 msm: vidc: Squash the below changes 163a9936 v4l2: Refactor, fix security bug in compat ioctl32 240cee8f msm: camera: Avoid deadlock for vb2 operations using separate lock e4e29ab1 ANDROID: ion: Fix uninitialized variable 3611c756 Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket d2a946f6 Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket 67862abd Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next 838c4d24 ANDROID: usb: gadget: f_mtp: Return error if count is negative 52557696 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next 3f786450 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next Linux version 3.10.73-g8afc887796f (android- build@wphp9.hot.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 13 04:02:24 UTC 2017 Bug: 33982955 Bug: 34276203 Bug: 34329758 Bug: 34624167 Bug: 35138888 Bug: 37240993 Bug: 37429972 Bug: 62201221 Bug: 62378232 Bug: 62674846 Bug: 63100473 Bug: 63173580 Bug: 63522505 Bug: 63689921 Bug: 63868629 Bug: 63868933 Bug: 64431967 Bug: 64453105 Bug: 64453422 Bug: 64453423 Bug: 64728950 Bug: 64728953 Bug: 65023233 Bug: 65468973 Bug: 65468975 Bug: 65468986 Bug: 65468993 Bug: 67749279 Change-Id: Ic1c425e8579e815e4cc5492798fcd96b225a30ea Source-Branch: android-msm-bullhead-3.10 Signed-off-by: Steve Pfetsch <spfetsch@google.com>
2017-10-13bullhead: update kernel prebuilt [ DO NOT MERGE ANYWHERE ]Steve Pfetsch
476e010d Merge branch 'android-msm-bullhead-3.10-oc-security-next' into android-msm-bullhead-3.10-oc 510c22e9 msm: gud: Remove gud driver 0cee9126 qseecom: Fix accessing userspace memory in kernel space bee9a25f ANDROID: scsi: Add segment checking in sg_read d49505d2 qcacld-2.0: Add bound check for numap to avoid integer overflow 2b1b24b8 msm: camera: Make use of mutex lock to avoid race condition 377b6758 ASoC: msm: qdsp6v2: clear address on error c31ee5c0 coresight: tmc: Fix the unbalanced lock in tmc_read() b73156e5 coresight: tmc: Fix use after free issue with tmc read 427e3e15 fbdev: msm: Allocate fd with O_CLOEXEC flag 98bd4639 msm: mdss: validate page id before reading from edid buffer 1b1d3381 msm: ipa: Add mutext protection when updating notify req cache 28ef4d7f qcacld-2.0: Check on IE length to avoid buffer over-read 6b4554b8 qcacld-2.0: Fix invalid buffer access in send mgmt tx 21bab4fe BACKPORT: dentry name snapshots 68e5a3c7 angler: remove 'reboot edl' interface for security. 505b8327 msm: sensor: Add mutex lock during ois power down operations 1ede4694 diag: Fix for possible dci stale entries 96a3947b diag: dci: Add protection while querying event status ab177706 diag: dci: Add mutex protection while accessing client details 652f01eb diag: dci: Add protection while de-initializing clients ab1e30ef ANDROID: usb: gadget: f_mtp: Return error if count is negative a961645b UPSTREAM: ALSA: timer: Call notifier in the same spinlock 41455882 UPSTREAM: ALSA: timer: Fix race between stop and interrupt 7b2f2455 UPSTREAM: ALSA: timer: Fix link corruption due to double start or stop babbb1fc UPSTREAM: ALSA: timer: Code cleanup 874d3848 BACKPORT: ALSA: timer: Fix race at concurrent reads 3fa00095 BACKPORT: ALSA: timer: Handle disconnection more safely cbba392b UPSTREAM: ALSA: timer: Fix wrong instance passed to slave callbacks b757637f UPSTREAM: ALSA: timer: Harden slave timer list handling 4a997f92 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT 1c00f5b5 BACKPORT: ALSA: timer: Fix race between read and ioctl 0a2954f1 msm: vidc: Squash the below changes 163a9936 v4l2: Refactor, fix security bug in compat ioctl32 240cee8f msm: camera: Avoid deadlock for vb2 operations using separate lock e4e29ab1 ANDROID: ion: Fix uninitialized variable 3611c756 Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket d2a946f6 Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket 67862abd Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next 2a6401ae Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 0406b382 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 bb3c16f2 qcacld-2.0: Skip an IE if found more its max times in a frame 1ed090bc net: usb: rmnet_usb_ctrl:Make sure list_head operate atomically 5ba94b6f ASoC: msm: qdspv2: add mutex to prevent access same memory simultaneously a50ca3ce qcacld-2.0: Update SIR_MAC_AUTH_CHALLENGE_LENGTH as per IEEE spec d7285900 qcacld-2.0: Update limComputeCrc32 to pass uint16_t adb96af5 qcacld-2.0: Add bound check before writing to channel list a37be93b msm: mdss: hdmi: check up-bound of CEC frame size 0a893142 msm: camera2: cpp: Fix iommu_attach/detach compat_ioctl issue 0d0fdf2b qcacld-2.0: Add check for set_ft_ies buffer length d9b19534 UPSTREAM: brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() 8f5bc497 SoC: msm: audio-effects: return directly to avoid integer overflow d78717de msm: kgsl: Protect the event->handle with spinlock 757f0b6b diag: Add proper synchronization checks to msg mask table 120d28ba qcacld-2.0: Remove code related to mmap functionality for pktlog e1e0e57c BACKPORT: perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race a30bdf22 cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE 98f7c17d cfg80211: Check if PMKID attribute is of expected size baebf455 msm: sensor: Fix crash when ioctl VIDIOC_MSM_SENSOR_INIT_CFG fb88a914 msm: camera: Bound check for num_of_stream. 3ee7145e ALSA: pcm: prevent UAF in snd_pcm_info 47166c8e ANDROID: input: keychord: fix race condition bug aca1f2ce BACKPORT: FROMLIST: pids: make task_tgid_nr_ns() safe 52557696 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next 42e7fb17 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next a51b1600 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 81f6559d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 856abd9a qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID a1589871 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc bc13965d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 49eec96a qcacld-2.0: Avoid buffer overread when parsing PNO commands a77634f8 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 11d1008c Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 c46874c8 msm: mdss: Buffer overflow while processing gamut table data ed6814c1 qcacld-2.0: Avoid extscan bucket spec overread 42a28a93 qcacld-2.0: Validate vendor set roaming params command 68898d36 qcacld-2.0: Add get valid channels entry to NLA policy 5204ea3c qcacld-2.0: Avoid buffer overread when parsing PNO commands 6a165676 qcacld-2.0: Fix kernel memory corruption d8669a00 msm: mdss: Increase fbmem buf ref count before use 8bb2e7a1 crypto: msm: Fix several race condition issues in crypto drivers 4d602a2d ASoC: msm: qdsp6v2: add size check to fix out of bounds issue c18c5935 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR 7dff4291 qcacld-2.0: Avoid overread when configuring MAC addresses 6d19d7d4 qcacld-2.0: Validate vendor command do_acs 9f5af495 qcacld-2.0: Apply policy to fine time measurement 0d355164 compat_qcedev: Fix accessing userspace memory in kernel space 181940e5 msm: camera: sensor:validating the flash initialization parameters 3fabdcba qcacld-2.0: Check target address boundary before access 4d723395 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool b4990c46 UPSTREAM: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent 9e08c4d3 qcacld-2.0: Fix Uninitialized memory issue e77c27b2 Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs"" 822958b5 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail 3f786450 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next 34a16271 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next Linux version 3.10.73-g476e010d8028 (android- build@wprf8.hot.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 13 03:22:04 UTC 2017 Bug: 31495866 Bug: 33982955 Bug: 34170483 Bug: 34276203 Bug: 34329758 Bug: 34624167 Bug: 35138888 Bug: 36006779 Bug: 36006981 Bug: 36232584 Bug: 36492827 Bug: 36730104 Bug: 36815952 Bug: 36816726 Bug: 36817053 Bug: 36817548 Bug: 36818836 Bug: 36819059 Bug: 36895857 Bug: 37093119 Bug: 37240993 Bug: 37284397 Bug: 37429972 Bug: 37623773 Bug: 37687303 Bug: 37713609 Bug: 37720349 Bug: 37721426 Bug: 37893116 Bug: 37901413 Bug: 37949660 Bug: 62058746 Bug: 62084791 Bug: 62085265 Bug: 62201221 Bug: 62298712 Bug: 62378232 Bug: 62378962 Bug: 62456806 Bug: 62674846 Bug: 62827928 Bug: 62949902 Bug: 62952032 Bug: 63100473 Bug: 63173580 Bug: 63522505 Bug: 63689921 Bug: 63868020 Bug: 63868629 Bug: 63868933 Bug: 64258073 Bug: 64431967 Bug: 64431968 Bug: 64433362 Bug: 64438726 Bug: 64438727 Bug: 64438728 Bug: 64440043 Bug: 64441352 Bug: 64453105 Bug: 64453422 Bug: 64453423 Bug: 64693798 Bug: 64728950 Bug: 64728953 Bug: 65023233 Bug: 65468973 Bug: 65468975 Bug: 65468986 Bug: 65468993 Bug: 65558923 Bug: 67749279 Change-Id: I08f40b2064a410fbce4f7fadbe6a0a26e8bdde48 Source-Branch: android-msm-bullhead-3.10-oc Signed-off-by: Steve Pfetsch <spfetsch@google.com>
2017-09-21bullhead: update kernel prebuiltJohn Dias
am: a83911bfb6 Change-Id: I4c125a1b1802dccc012ab6e3e6d2b0e3894fa114
2017-09-20bullhead: update kernel prebuiltJohn Dias
3df8baee android: binder: Move buffer out of area shared with user space c656a30c android: binder: Refactor prev and next buffer into a helper function 3c31c7b7 binder: always allocate/map first BINDER_MIN_ALLOC pages 9eb5d047 BACKPORT: staging: android: fix missing a blank line after declarations bf6a113e UPSTREAM: Staging: Android: removed an unnecessary else statement f4a1eae2 UPSTREAM: include/linux/mm.h: add PAGE_ALIGNED() helper Linux version 3.10.73-g3df8baeedccb (android- build@wpix8.hot.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Sep 20 19:12:30 UTC 2017 Bug: 36007193 Bug: 36727951 Change-Id: Iff3c8b9c379f3343f425d1f3b54d396bb7e8507d Source-Branch: android-msm-bullhead-3.10 Signed-off-by: John Dias <joaodias@google.com>
2017-09-15bullhead: update kernel prebuiltAndrew Lehmer
am: 25d95c6dbb Change-Id: Ib43ba37b4da33beb8c27fedeaa9a80200e5d47d1
2017-09-12bullhead: update kernel prebuiltAndrew Lehmer
935bb5c2 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10 2a6401ae Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 0406b382 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 8fb26b62 BACKPORT: ANDROID: Use sk_uid to replace uid get from socket file bb3c16f2 qcacld-2.0: Skip an IE if found more its max times in a frame 1ed090bc net: usb: rmnet_usb_ctrl:Make sure list_head operate atomically 5ba94b6f ASoC: msm: qdspv2: add mutex to prevent access same memory simultaneously a50ca3ce qcacld-2.0: Update SIR_MAC_AUTH_CHALLENGE_LENGTH as per IEEE spec d7285900 qcacld-2.0: Update limComputeCrc32 to pass uint16_t adb96af5 qcacld-2.0: Add bound check before writing to channel list a37be93b msm: mdss: hdmi: check up-bound of CEC frame size 0a893142 msm: camera2: cpp: Fix iommu_attach/detach compat_ioctl issue 0d0fdf2b qcacld-2.0: Add check for set_ft_ies buffer length d9b19534 UPSTREAM: brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() 8f5bc497 SoC: msm: audio-effects: return directly to avoid integer overflow d78717de msm: kgsl: Protect the event->handle with spinlock 757f0b6b diag: Add proper synchronization checks to msg mask table 120d28ba qcacld-2.0: Remove code related to mmap functionality for pktlog e1e0e57c BACKPORT: perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race a30bdf22 cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE 98f7c17d cfg80211: Check if PMKID attribute is of expected size baebf455 msm: sensor: Fix crash when ioctl VIDIOC_MSM_SENSOR_INIT_CFG fb88a914 msm: camera: Bound check for num_of_stream. 3ee7145e ALSA: pcm: prevent UAF in snd_pcm_info 47166c8e ANDROID: input: keychord: fix race condition bug c674dd6a ANDROID: Sdcardfs: Move gid derivation under flag 851220a0 ANDROID: mnt: Fix freeing of mount data 88741ba4 firmware_class: Tie exporting caching routines with CONFIG_CACHE_FW f50dbabc BACKPORT: arm64: cpuinfo: Missing NULL terminator in compat_hwcap_str aca1f2ce BACKPORT: FROMLIST: pids: make task_tgid_nr_ns() safe 42e7fb17 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next Linux version 3.10.73-g935bb5c2ec09 (android- build@xpce3.ams.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Tue Sep 12 19:28:56 UTC 2017 Bug: 31495866 Bug: 36006779 Bug: 36006981 Bug: 36232584 Bug: 36492827 Bug: 36818836 Bug: 36819059 Bug: 37430238 Bug: 37524657 Bug: 37901413 Bug: 38289596 Bug: 62084791 Bug: 62378962 Bug: 62949902 Bug: 62952032 Bug: 63245673 Bug: 64258073 Bug: 64431968 Bug: 64433362 Bug: 64438726 Bug: 64438727 Bug: 64438728 Bug: 64440043 Bug: 64441352 Bug: 64453535 Bug: 65386954 Bug: 65558923 Change-Id: I6229fda963f219f18a7aac8f51ac2f6b794f8420 Source-Branch: android-msm-bullhead-3.10 Signed-off-by: Andrew Lehmer <alehmer@google.com>
2017-09-08bullhead: update kernel prebuiltAjay Dudani
am: b5d01f3df2 Change-Id: Ie6213ef0c8b9d5588cc51cc0e6746f1d2da3db7d
2017-09-06bullhead: update kernel prebuiltAjay Dudani
5b0f1e32 firmware_class: make firmware caching configurable 6d6fb96d UPSTREAM: USB: iowarrior: fix oops with malicious USB descriptors 6159e7b9 UPSTREAM: USB: usb_driver_claim_interface: add sanity checking 7baaf8aa UPSTREAM: USB: mct_u232: add sanity checking in probe 4485e674 UPSTREAM: USB: cypress_m8: add endpoint sanity check 76e45df2 UPSTREAM: Input: powermate - fix oops with malicious USB descriptors 462b1596 BACKPORT: dm bufio: don't take the lock in dm_bufio_shrink_count 55d20f1e BACKPORT: dm bufio: avoid sleeping while holding the dm_bufio lock Linux version 3.10.73-g5b0f1e32d65 (android- build@vpba2.mtv.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Sep 6 14:59:11 UTC 2017 Bug: 28242610 Bug: 38289596 Bug: 64122284 Change-Id: I609dee39e61021f0353e044236e1493509db4931 Source-Branch: android-msm-bullhead-3.10 Signed-off-by: Ajay Dudani <adudani@google.com>
2017-08-25bullhead: update kernel prebuiltSteve Pfetsch
am: 632ebaf48b Change-Id: I711962d01d3c02d125cf02f81296f86fb0a214f6
2017-08-25bullhead: update kernel prebuilt [ DO NOT MERGE ] am: 602f878e67 -s ours ↵Siqi Lin
am: 1eb8ae1509 am: 3eecbd1387 am: 29df3b0b66 Change-Id: Ibac1dd42cd751495eef0bc6e09c1891668923acc
2017-08-25bullhead: update kernel prebuilt [ DO NOT MERGE ] am: 602f878e67 -s ours ↵Siqi Lin
am: 1eb8ae1509 am: 3eecbd1387 am: dbaec4f08f Change-Id: Ief1ecf6a58c3432ce80a59d6ab69e086e958cc2c
2017-08-24bullhead: update kernel prebuiltSteve Pfetsch
193c69e1 ANDROID: xt_qtaguid: Use sk_callback_lock read locks before reading sk->sk_socket b6043582 msm: kgsl: Add a trace event for the GPU clock 0401fc82 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10 a51b1600 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 81f6559d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 856abd9a qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID ac59c6dc Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10 a1589871 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc bc13965d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 49eec96a qcacld-2.0: Avoid buffer overread when parsing PNO commands 31ed5c40 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10 a77634f8 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 11d1008c Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 c46874c8 msm: mdss: Buffer overflow while processing gamut table data ed6814c1 qcacld-2.0: Avoid extscan bucket spec overread 42a28a93 qcacld-2.0: Validate vendor set roaming params command 68898d36 qcacld-2.0: Add get valid channels entry to NLA policy 5204ea3c qcacld-2.0: Avoid buffer overread when parsing PNO commands 6a165676 qcacld-2.0: Fix kernel memory corruption d8669a00 msm: mdss: Increase fbmem buf ref count before use 8bb2e7a1 crypto: msm: Fix several race condition issues in crypto drivers 4d602a2d ASoC: msm: qdsp6v2: add size check to fix out of bounds issue c18c5935 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR 7dff4291 qcacld-2.0: Avoid overread when configuring MAC addresses 6d19d7d4 qcacld-2.0: Validate vendor command do_acs 9f5af495 qcacld-2.0: Apply policy to fine time measurement 0d355164 compat_qcedev: Fix accessing userspace memory in kernel space 181940e5 msm: camera: sensor:validating the flash initialization parameters 3fabdcba qcacld-2.0: Check target address boundary before access 4d723395 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool b4990c46 UPSTREAM: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent 9e08c4d3 qcacld-2.0: Fix Uninitialized memory issue e77c27b2 Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs"" 822958b5 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail 7e4eab44 UPSTREAM: arm64: perf: Fix callchain parse error with kernel tracepoint events ad65c488 UPSTREAM: ARM: 8170/1: Add global named register current_stack_pointer for ARM 388212ef UPSTREAM: arm64: LLVMLinux: Add current_stack_pointer() for arm64 3c622aca UPSTREAM: arm: perf: Fix callchain parse error with kernel tracepoint events 34a16271 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next d5e5d516 ANDROID: lib: vsprintf: Add "%paP" option Linux version 3.10.73-g193c69e1c2fe (android- build@vpee10.mtv.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Aug 24 21:07:40 UTC 2017 Bug: 29520177 Bug: 30368199 Bug: 34170483 Bug: 36730104 Bug: 36815952 Bug: 36816726 Bug: 36817053 Bug: 36817548 Bug: 36895857 Bug: 37093119 Bug: 37284397 Bug: 37623773 Bug: 37687303 Bug: 37713609 Bug: 37720349 Bug: 37721426 Bug: 37723342 Bug: 37893116 Bug: 37949660 Bug: 62058746 Bug: 62085265 Bug: 62298712 Bug: 62456806 Bug: 62789671 Bug: 62827928 Bug: 63173580 Bug: 63868020 Bug: 64693798 Change-Id: I19f40bb6cdc7e35228b32c48a2d6db3da94859ec Source-Branch: android-msm-bullhead-3.10 Signed-off-by: Steve Pfetsch <spfetsch@google.com>
2017-08-25bullhead: update kernel prebuilt [ DO NOT MERGE ] am: 602f878e67 -s ours ↵Siqi Lin
am: 1eb8ae1509 am: 3eecbd1387 Change-Id: I098433fbf1cec434948a5f7c18f646c1fa2fdbde
2017-08-25bullhead: update kernel prebuilt [ DO NOT MERGE ] am: 602f878e67 -s ours ↵Siqi Lin
am: 1eb8ae1509 am: 3eecbd1387 Change-Id: I6bdc1fc343130e936704ad0e2b0b8dd75129570e
2017-08-25bullhead: update kernel prebuilt [ DO NOT MERGE ] am: 602f878e67 -s oursSiqi Lin
am: 1eb8ae1509 Change-Id: I835cb11b876af830c774649c442a549e4ccc56b0
2017-08-25bullhead: update kernel prebuilt [ DO NOT MERGE ]Siqi Lin
am: 602f878e67 -s ours Change-Id: I2480ad0da8f06986cea3ed2bbccd28c015e5a1ad
2017-08-18bullhead: update kernel prebuilt [ DO NOT MERGE ]Siqi Lin
81f6559df5e9 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 856abd9ad16d qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID bc13965d8a13 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 49eec96af944 qcacld-2.0: Avoid buffer overread when parsing PNO commands 11d1008c3798 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 c46874c8be20 msm: mdss: Buffer overflow while processing gamut table data ed6814c11abf qcacld-2.0: Avoid extscan bucket spec overread 42a28a93ef19 qcacld-2.0: Validate vendor set roaming params command 68898d364c0f qcacld-2.0: Add get valid channels entry to NLA policy 5204ea3cae1b qcacld-2.0: Avoid buffer overread when parsing PNO commands 6a16567622ff qcacld-2.0: Fix kernel memory corruption d8669a00f68a msm: mdss: Increase fbmem buf ref count before use 8bb2e7a13a5a crypto: msm: Fix several race condition issues in crypto drivers 4d602a2d14c3 ASoC: msm: qdsp6v2: add size check to fix out of bounds issue c18c5935d437 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR 7dff4291c6ae qcacld-2.0: Avoid overread when configuring MAC addresses 6d19d7d4e0ff qcacld-2.0: Validate vendor command do_acs 9f5af4954a04 qcacld-2.0: Apply policy to fine time measurement 0d355164233a compat_qcedev: Fix accessing userspace memory in kernel space 181940e5a70d msm: camera: sensor:validating the flash initialization parameters 3fabdcba3a09 qcacld-2.0: Check target address boundary before access 4d7233954031 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool b4990c468229 UPSTREAM: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent 9e08c4d35fc5 qcacld-2.0: Fix Uninitialized memory issue e77c27b2b3ca Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs"" 822958b55703 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail 34a1627153f7 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next Linux version 3.10.73-g81f6559df5e (android- build@vpee1.mtv.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Aug 17 22:04:34 UTC 2017 Bug: 34170483 Bug: 36730104 Bug: 36815952 Bug: 36816726 Bug: 36817053 Bug: 36817548 Bug: 36895857 Bug: 37093119 Bug: 37284397 Bug: 37623773 Bug: 37687303 Bug: 37713609 Bug: 37720349 Bug: 37721426 Bug: 37893116 Bug: 37949660 Bug: 62058746 Bug: 62085265 Bug: 62298712 Bug: 62456806 Bug: 62827928 Bug: 63868020 Bug: 64693798 Change-Id: I3ff50faa6f718ccb150bd634695cf49711fe7ed9 Source-Branch: android-msm-bullhead-3.10-nyc-mr2 Signed-off-by: Siqi Lin <siqilin@google.com>
2017-07-28bullhead: update kernel prebuiltJonathan Solnit
am: 2886b27a16 Change-Id: I77fdbcf4086daad0c66813a8ea153c4bcd80799b
2017-07-28bullhead: update kernel prebuiltJonathan Solnit
7c665d4f Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs"" f99fc6c8 Revert "Revert "dm ioctl: prevent stack leak in dm ioctl call"" 6a67fb64 Revert "Revert "UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT"" 8e2c2a71 Revert "Revert "BACKPORT: ALSA: timer: Fix race between read and ioctl"" e56ce2bc Revert "Revert "msm: sensor: Validationg function pointers before using them"" 75635320 Revert "Revert "BACKPORT: crypto: msm: Fix buffer overflow issue"" a13b9c4a Revert "Revert "msm: camera: isp: Avoid information leak in ISPIF"" c374e728 Revert "Revert "msm: camera: validate num_streams in stream_cfg_cmd before using it"" 66ca8c8e UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing 91ebeadf Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10 1c037db2 ANDROID: sdcardfs: Remove unnecessary lock 5d870cd6 Make the VTI code compile. Linux version 3.10.73-g7c665d4f611a (android- build@wphr12.hot.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Tue Jul 25 20:56:14 UTC 2017 Bug: 33548839 Bug: 35644370 Bug: 36232584 Bug: 37239119 Bug: 37438302 Bug: 38027632 Bug: 62201221 Bug: 63173580 Bug: 63785372 Bug: 63963140 Change-Id: I8865c60c5b7ad82e4cd31ac1413f8875da1c3da4 Source-Branch: android-msm-bullhead-3.10 Signed-off-by: Jonathan Solnit <jsolnit@google.com>
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ours am: ↵Jonathan Solnit
ae8a995f36 am: 68bcf3531d am: c682a6d043 Change-Id: I137651cc589276c58506e968c09131d226453c7a
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ours am: ↵android-o-mr1-iot-preview-6o-mr1-iot-preview-6Jonathan Solnit
ae8a995f36 am: 68bcf3531d Change-Id: Ided0530f675eea000a182f419d8df599225f0424
2017-07-27Merge "bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ↵Android Build Merger (Role)
ours am: ae8a995f36 am: b6d9785668 am: 18361348c1" into oc-mr1-dev-plus-aosp
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ours am: ↵Jonathan Solnit
ae8a995f36 am: b6d9785668 am: 18361348c1 Change-Id: I3a81dc30f4c7bec9cb12eb922490d98435f3f99b
2017-07-27Merge "Merge "bullhead: update kernel prebuilt am: 0ea1552cb8 am: ↵Android Build Merger (Role)
dbc7194ad2" into oc-dr1-dev-plus-aosp am: 5c2be3a320" into oc-mr1-dev-plus-aosp
2017-07-27Merge "bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ↵Android Build Merger (Role)
ours am: ae8a995f36 am: b6d9785668 am: 873e44a58b" into oc-mr1-dev-plus-aosp
2017-07-27Merge "bullhead: update kernel prebuilt am: 0ea1552cb8 am: dbc7194ad2" into ↵Jonathan Solnit
oc-dr1-dev-plus-aosp am: 5c2be3a320 Change-Id: I5cd132823eb1c16d280f392c25affbc2577c7e8b
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ours am: ↵Jonathan Solnit
ae8a995f36 am: b6d9785668 am: 873e44a58b Change-Id: Iea8859fffeb045a6e992a5f3ca74b3f3d4410464
2017-07-27Merge "bullhead: update kernel prebuilt am: 0ea1552cb8 am: 744bfe3d01 am: ↵Android Build Merger (Role)
96f78c8e56" into oc-mr1-dev-plus-aosp
2017-07-27bullhead: update kernel prebuilt am: 0ea1552cb8 am: 744bfe3d01Jonathan Solnit
am: 96f78c8e56 Change-Id: I27f3a402df48227a813cc64a777b0c3fe1d7f7e8
2017-07-27bullhead: update kernel prebuilt am: 0ea1552cb8 am: 744bfe3d01Jonathan Solnit
am: db2d918d9a Change-Id: I529bdf0cd9989bcb06bab44f73f86f3412a55f95
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ours am: ↵Jonathan Solnit
ae8a995f36 am: b6d9785668 Change-Id: I209f179d085fda5617471523c1ad154d15b7d9a2
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s ours am: ↵Jonathan Solnit
ae8a995f36 am: b6d9785668 Change-Id: I337b870e9658203c33a4667edc09efc8c0d9378b
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s oursJonathan Solnit
am: ae8a995f36 Change-Id: Ib8f0cf60663f7c1c2c31327f130b739bc99fb59e
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ] am: b6708ca998 -s oursoreo-dr1-devJonathan Solnit
am: ae8a995f36 Change-Id: I88ef7c1b74e78d75c2aa4ae3f3b9d6af3cd41eda
2017-07-27Merge "bullhead: update kernel prebuilt am: 0ea1552cb8 am: dbc7194ad2" into ↵Android Build Merger (Role)
oc-dr1-dev-plus-aosp
2017-07-27bullhead: update kernel prebuilt am: 0ea1552cb8Jonathan Solnit
am: 744bfe3d01 Change-Id: I08a0d03f4b916048a010339bdf2a26556b600636
2017-07-27bullhead: update kernel prebuilt am: 0ea1552cb8Jonathan Solnit
am: 744bfe3d01 Change-Id: I4de5638018b5b517d4b373ecb3417a3d77ab0a2c
2017-07-27bullhead: update kernel prebuilt am: 0ea1552cb8Jonathan Solnit
am: dbc7194ad2 Change-Id: I69555bd2173a3b7466ce317f1ddf10fa9cd62618
2017-07-27bullhead: update kernel prebuilt[ DO NOT MERGE ]Jonathan Solnit
am: b6708ca998 -s ours Change-Id: Ib81ac459324c3980b51fc20f5b47f911788d09d9
2017-07-27bullhead: update kernel prebuiltJonathan Solnit
am: 0ea1552cb8 Change-Id: I6147294a6c93bf0af76375e35923b976eb9fcf61
2017-07-27bullhead: update kernel prebuiltJonathan Solnit
am: 0ea1552cb8 Change-Id: Ia3899e31749b038bab977286707dc3176ea31995
2017-07-25bullhead: update kernel prebuilt[ DO NOT MERGE ]Jonathan Solnit
24ddad04 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 7d856b6c Revert "UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT" e44d5aa7 Revert "BACKPORT: ALSA: timer: Fix race between read and ioctl" e07d78c3 Revert "msm: sensor: Validationg function pointers before using them" 1023d214 Revert "BACKPORT: crypto: msm: Fix buffer overflow issue" d3968cec Revert "msm: camera: isp: Avoid information leak in ISPIF" 4b1c1817 Revert "msm: camera: validate num_streams in stream_cfg_cmd before using it" 375bc72c Revert "dm ioctl: prevent stack leak in dm ioctl call" 34347426 Revert "msm: sps: Fix race condition in SPS debugfs APIs" 563799c3 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 6fb7c5fa msm: sensor: Validationg function pointers before using them ccab1068 UPSTREAM: mm: fix new crash in unmapped_area_topdown() b62291ed ASoC: msm: remove unused msm-compr-q6-v2 115a8814 msm: camera: Allow driver file to be opend only once. c3907635 soc: qcom: msm_bus: add mutex lock for cllist data 6b58aa8f BACKPORT: ipv6/dccp: do not inherit ipv6_mc_list from parent 31aaef07 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT ceb09959 BACKPORT: ALSA: timer: Fix race between read and ioctl c4fbca81 BACKPORT: ext4: fix data exposure after a crash e8746255 BACKPORT: dccp/tcp: do not inherit mc_list from parent 067e855b msm: camera: isp: Handle array out of bounds 3905b093 UPSTREAM: tcp: avoid infinite loop in tcp_splice_read() 03d4c02c UPSTREAM: packet: fix races in fanout_add() 4c000367 BACKPORT: ip6_gre: fix ip6gre_err() invalid reads 443ed3de UPSTREAM: mm/mempolicy.c: fix error handling in set_mempolicy and mbind. f51a152a msm: ipa: fix security issues in ipa wan driver 9349ead0 msm: camera: isp: Avoid information leak in ISPIF 4d526dae BACKPORT: crypto: msm: Fix buffer overflow issue 83c470dc msm: camera: validate num_streams in stream_cfg_cmd before using it af787fde msm: camera: fix off-by-one overflow in msm_isp_get_bufq 47b3a105 Prevent potential double frees in sg driver 1d5b6ba1 dm ioctl: prevent stack leak in dm ioctl call 3968c7d5 msm: camera: Fix Use after free bug in msm_vb2.c. eee8b2ca msm: camera: Use mutex lock to avoid race condition 19d23397 msm: sps: Fix race condition in SPS debugfs APIs fae242db msm: pcie: add bounds check for debugfs register write 3a42f1b7 msm: camera: isp: fix for out of bound access array 5935a691 wcnss: fix the potential memory leak and heap overflow 25cd7841 BACKPORT: mm: larger stack guard gap, between vmas 56e2621b mm: Fix incorrect type conversion for size during dma allocation 9ffb3cdd ASoC: msm: qdsp6v2: extend validation of virtual address 825eeb85 qcacld-2.0: Avoid concurrent matrix max param overread d5d2c9ba qcacld-2.0: Fix out of bound read issue in get link properties 6a1d4a43 msm: camera: fix untrusted pointer for power down setting c74dbab5 msm:camera: correct stats query out of boundary 33191e11 Merge android-msm-bullhead-3.10-nyc-mr2 into android-msm-bullhead-3.10-nyc-mr2-security-next Linux version 3.10.73-g24ddad0417f6 (android- build@wphs5.hot.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jul 24 16:41:55 UTC 2017 Bug: 33039685 Bug: 33548839 Bug: 34329758 Bug: 35099636 Bug: 35644370 Bug: 35644812 Bug: 36136563 Bug: 36232584 Bug: 36264696 Bug: 36490777 Bug: 36492827 Bug: 36815555 Bug: 37239119 Bug: 37438302 Bug: 37712167 Bug: 37751399 Bug: 37871211 Bug: 37897645 Bug: 37901268 Bug: 38027632 Bug: 38195131 Bug: 38195738 Bug: 38196031 Bug: 38413813 Bug: 38413975 Bug: 62198330 Bug: 62201221 Bug: 62299478 Bug: 62377236 Bug: 62378596 Bug: 62378684 Bug: 62379475 Bug: 62379525 Bug: 63173580 Change-Id: Icb4346bf9492fb143aeb8fc45a65644f5f43263b Source-Branch: android-msm-bullhead-3.10-nyc-mr2 Signed-off-by: Jonathan Solnit <jsolnit@google.com>
2017-07-25bullhead: update kernel prebuiltJonathan Solnit
f712c050 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 24ddad04 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 7d856b6c Revert "UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT" e44d5aa7 Revert "BACKPORT: ALSA: timer: Fix race between read and ioctl" e07d78c3 Revert "msm: sensor: Validationg function pointers before using them" 1023d214 Revert "BACKPORT: crypto: msm: Fix buffer overflow issue" d3968cec Revert "msm: camera: isp: Avoid information leak in ISPIF" 4b1c1817 Revert "msm: camera: validate num_streams in stream_cfg_cmd before using it" 375bc72c Revert "dm ioctl: prevent stack leak in dm ioctl call" 34347426 Revert "msm: sps: Fix race condition in SPS debugfs APIs" 78ce025a Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc 563799c3 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2 6fb7c5fa msm: sensor: Validationg function pointers before using them ccab1068 UPSTREAM: mm: fix new crash in unmapped_area_topdown() b62291ed ASoC: msm: remove unused msm-compr-q6-v2 115a8814 msm: camera: Allow driver file to be opend only once. c3907635 soc: qcom: msm_bus: add mutex lock for cllist data 6b58aa8f BACKPORT: ipv6/dccp: do not inherit ipv6_mc_list from parent 31aaef07 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT ceb09959 BACKPORT: ALSA: timer: Fix race between read and ioctl c4fbca81 BACKPORT: ext4: fix data exposure after a crash e8746255 BACKPORT: dccp/tcp: do not inherit mc_list from parent 067e855b msm: camera: isp: Handle array out of bounds 3905b093 UPSTREAM: tcp: avoid infinite loop in tcp_splice_read() 03d4c02c UPSTREAM: packet: fix races in fanout_add() 4c000367 BACKPORT: ip6_gre: fix ip6gre_err() invalid reads 443ed3de UPSTREAM: mm/mempolicy.c: fix error handling in set_mempolicy and mbind. f51a152a msm: ipa: fix security issues in ipa wan driver 9349ead0 msm: camera: isp: Avoid information leak in ISPIF 4d526dae BACKPORT: crypto: msm: Fix buffer overflow issue 83c470dc msm: camera: validate num_streams in stream_cfg_cmd before using it af787fde msm: camera: fix off-by-one overflow in msm_isp_get_bufq 47b3a105 Prevent potential double frees in sg driver 1d5b6ba1 dm ioctl: prevent stack leak in dm ioctl call 3968c7d5 msm: camera: Fix Use after free bug in msm_vb2.c. eee8b2ca msm: camera: Use mutex lock to avoid race condition 19d23397 msm: sps: Fix race condition in SPS debugfs APIs fae242db msm: pcie: add bounds check for debugfs register write 3a42f1b7 msm: camera: isp: fix for out of bound access array 5935a691 wcnss: fix the potential memory leak and heap overflow 25cd7841 BACKPORT: mm: larger stack guard gap, between vmas 56e2621b mm: Fix incorrect type conversion for size during dma allocation 9ffb3cdd ASoC: msm: qdsp6v2: extend validation of virtual address 825eeb85 qcacld-2.0: Avoid concurrent matrix max param overread d5d2c9ba qcacld-2.0: Fix out of bound read issue in get link properties 6a1d4a43 msm: camera: fix untrusted pointer for power down setting c74dbab5 msm:camera: correct stats query out of boundary 33191e11 Merge android-msm-bullhead-3.10-nyc-mr2 into android-msm-bullhead-3.10-nyc-mr2-security-next Linux version 3.10.73-gf712c0503a8 (android- build@wphs7.hot.corp.google.com) (gcc version 4.9.x-google 20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jul 24 16:41:25 UTC 2017 Bug: 33039685 Bug: 33548839 Bug: 34329758 Bug: 35099636 Bug: 35644370 Bug: 35644812 Bug: 36136563 Bug: 36232584 Bug: 36264696 Bug: 36490777 Bug: 36492827 Bug: 36815555 Bug: 37239119 Bug: 37438302 Bug: 37712167 Bug: 37751399 Bug: 37871211 Bug: 37897645 Bug: 37901268 Bug: 38027632 Bug: 38195131 Bug: 38195738 Bug: 38196031 Bug: 38413813 Bug: 38413975 Bug: 62198330 Bug: 62201221 Bug: 62299478 Bug: 62377236 Bug: 62378596 Bug: 62378684 Bug: 62379475 Bug: 62379525 Bug: 63173580 Change-Id: I5a750e54f06dda6401bac2e2e44cd8950a904b73 Source-Branch: android-msm-bullhead-3.10-oc Signed-off-by: Jonathan Solnit <jsolnit@google.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 17:11:36 +0000