33b88b6e30
Changes in 4.9.238 af_key: pfkey_dump needs parameter validation KVM: fix memory leak in kvm_io_bus_unregister_dev() kprobes: fix kill kprobe which has been marked as gone RDMA/ucma: ucma_context reference leak in error path mtd: Fix comparison in map_word_andequal() hdlc_ppp: add range checks in ppp_cp_parse_cr() ip: fix tos reflection in ack and reset packets tipc: use skb_unshare() instead in tipc_buf_append() bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. net: phy: Avoid NPD upon phy_detach() when driver is unbound net/hsr: Check skb_put_padto() return value net: add __must_check to skb_put_padto() serial: 8250: Avoid error message on reprobe scsi: aacraid: fix illegal IO beyond last LBA m68k: q40: Fix info-leak in rtc_ioctl gma/gma500: fix a memory disclosure bug due to uninitialized bytes ASoC: kirkwood: fix IRQ error handling ALSA: usb-audio: Add delay quirk for H570e USB headsets PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out clk/ti/adpll: allocate room for terminating null mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() mfd: mfd-core: Protect against NULL call-back function pointer tracing: Adding NULL checks for trace_array descriptor pointer bcache: fix a lost wake-up problem caused by mca_cannibalize_lock RDMA/i40iw: Fix potential use after free xfs: fix attr leaf header freemap.size underflow RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' debugfs: Fix !DEBUG_FS debugfs_create_automount CIFS: Properly process SMB3 lease breaks kernel/sys.c: avoid copying possible padding bytes in copy_to_user neigh_stat_seq_next() should increase position index rt_cpu_seq_next should increase position index seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier media: ti-vpe: cal: Restrict DMA to avoid memory corruption ACPI: EC: Reference count query handlers under lock dmaengine: zynqmp_dma: fix burst length configuration tracing: Set kernel_stack's caller size properly ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter Bluetooth: Fix refcount use-after-free issue mm: pagewalk: fix termination condition in walk_pte_range() Bluetooth: prefetch channel before killing sock KVM: fix overflow of zero page refcount with ksm running ALSA: hda: Clear RIRB status before reading WP skbuff: fix a data race in skb_queue_len() audit: CONFIG_CHANGE don't log internal bookkeeping as an event selinux: sel_avc_get_stat_idx should increase position index scsi: lpfc: Fix RQ buffer leakage when no IOCBs available scsi: lpfc: Fix coverity errors in fmdi attribute handling drm/omap: fix possible object reference leak RDMA/rxe: Fix configuration of atomic queue pair attributes KVM: x86: fix incorrect comparison in trace event x86/pkeys: Add check for pkey "overflow" bpf: Remove recursion prevention from rcu free callback dmaengine: tegra-apb: Prevent race conditions on channel's freeing media: go7007: Fix URB type for interrupt handling Bluetooth: guard against controllers sending zero'd events timekeeping: Prevent 32bit truncation in scale64_check_overflow() drm/amdgpu: increase atombios cmd timeout Bluetooth: L2CAP: handle l2cap config request during open state media: tda10071: fix unsigned sign extension overflow xfs: don't ever return a stale pointer from __xfs_dir3_free_read tpm: ibmvtpm: Wait for buffer to be set before proceeding tracing: Use address-of operator on section symbols serial: 8250_port: Don't service RX FIFO if throttled serial: 8250_omap: Fix sleeping function called from invalid context during probe serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn tools: gpio-hammer: Avoid potential overflow in main SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' svcrdma: Fix leak of transport addresses ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor mm/filemap.c: clear page error before actual read mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area KVM: Remove CREATE_IRQCHIP/SET_PIT2 race bdev: Reduce time holding bd_mutex in sync in blkdev_close() drivers: char: tlclk.c: Avoid data race between init and interrupt handler dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion atm: fix a memory leak of vcc->user_back phy: samsung: s5pv210-usb2: Add delay after reset Bluetooth: Handle Inquiry Cancel error after Inquiry Complete USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() tty: serial: samsung: Correct clock selection logic ALSA: hda: Fix potential race in unsol event handler fuse: don't check refcount after stealing page USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int e1000: Do not perform reset in reset_task if we are already down printk: handle blank console arguments passed in. btrfs: don't force read-only after error in drop snapshot vfio/pci: fix memory leaks of eventfd ctx perf util: Fix memory leak of prefix_if_not_in perf kcore_copy: Fix module map when there are no modules loaded mtd: rawnand: omap_elm: Fix runtime PM imbalance on error ceph: fix potential race in ceph_check_caps mtd: parser: cmdline: Support MTD names containing one or more colons x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline vfio/pci: Clear error and request eventfd ctx after releasing cifs: Fix double add page to memcg when cifs_readpages selftests/x86/syscall_nt: Clear weird flags after each test vfio/pci: fix racy on error and request eventfd ctx s390/init: add missing __init annotations i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() objtool: Fix noreturn detection for ignored functions ieee802154/adf7242: check status of adf7242_read_reg clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() mwifiex: Increase AES key storage size to 256 bits batman-adv: bla: fix type misuse for backbone_gw hash indexing atm: eni: fix the missed pci_disable_device() for eni_init_one() batman-adv: mcast/TT: fix wrongly dropped or rerouted packets mac802154: tx: fix use-after-free batman-adv: Add missing include for in_interrupt() batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh ALSA: asihpi: fix iounmap in error handler MIPS: Add the missing 'CPU_1074K' into __get_cpu_type() kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() lib/string.c: implement stpcpy ata: define AC_ERR_OK ata: make qc_prep return ata_completion_errors ata: sata_mv, avoid trigerrable BUG_ON Linux 4.9.238 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I799877db3bc49e473bbc023ab948cd241755beff
Linux for the Q40 ================= You may try http://www.geocities.com/SiliconValley/Bay/2602/ for some up to date information. Booter and other tools will be also available from this place or http://ftp.uni-erlangen.de/pub/unix/Linux/680x0/q40/ and mirrors. Hints to documentation usually refer to the linux source tree in /usr/src/linux/Documentation unless URL given. It seems IRQ unmasking can't be safely done on a Q40. IRQ probing is not implemented - do not try it! (See below) For a list of kernel command-line options read the documentation for the particular device drivers. The floppy imposes a very high interrupt load on the CPU, approx 30K/s. When something blocks interrupts (HD) it will lose some of them, so far this is not known to have caused any data loss. On highly loaded systems it can make the floppy very slow or practically stop. Other Q40 OS' simply poll the floppy for this reason - something that can't be done in Linux. Only possible cure is getting a 82072 controller with fifo instead of the 8272A. drivers used by the Q40, apart from the very obvious (console etc.): drivers/char/q40_keyb.c # use PC keymaps for national keyboards serial.c # normal PC driver - any speed lp.c # printer driver genrtc.c # RTC char/joystick/* # most of this should work, not # in default config.in block/q40ide.c # startup for ide ide* # see Documentation/ide/ide.txt floppy.c # normal PC driver, DMA emu in asm/floppy.h # and arch/m68k/kernel/entry.S # see drivers/block/README.fd net/ne.c video/q40fb.c parport/* sound/dmasound_core.c dmasound_q40.c Various other PC drivers can be enabled simply by adding them to arch/m68k/config.in, especially 8 bit devices should be without any problems. For cards using 16bit io/mem more care is required, like checking byte order issues, hacking memcpy_*_io etc. Debugging ========= Upon startup the kernel will usually output "ABCQGHIJ" into the SRAM, preceded by the booter signature. This is a trace just in case something went wrong during earliest setup stages of head.S. **Changed** to preserve SRAM contents by default, this is only done when requested - SRAM must start with '%LX$' signature to do this. '-d' option to 'lxx' loader enables this. SRAM can also be used as additional console device, use debug=mem. This will save kernel startup msgs into SRAM, the screen will display only the penguin - and shell prompt if it gets that far.. Unfortunately only 2000 bytes are available. Serial console works and can also be used for debugging, see loader_txt Most problems seem to be caused by fawlty or badly configured io-cards or hard drives anyway. Make sure to configure the parallel port as SPP and remove IRQ/DMA jumpers for first testing. The Q40 does not support DMA and may have trouble with parallel ports version of interrupts. Q40 Hardware Description ======================== This is just an overview, see asm-m68k/* for details ask if you have any questions. The Q40 consists of a 68040@40 MHz, 1MB video RAM, up to 32MB RAM, AT-style keyboard interface, 1 Programmable LED, 2x8bit DACs and up to 1MB ROM, 1MB shadow ROM. The Q60 has any of 68060 or 68LC060 and up to 128 MB RAM. Most interfacing like floppy, IDE, serial and parallel ports is done via ISA slots. The ISA io and mem range is mapped (sparse&byteswapped!) into separate regions of the memory. The main interrupt register IIRQ_REG will indicate whether an IRQ was internal or from some ISA devices, EIRQ_REG can distinguish up to 8 ISA IRQs. The Q40 custom chip is programmable to provide 2 periodic timers: - 50 or 200 Hz - level 2, !!THIS CAN'T BE DISABLED!! - 10 or 20 KHz - level 4, used for dma-sound Linux uses the 200 Hz interrupt for timer and beep by default. Interrupts ========== q40 master chip handles only a subset of level triggered interrupts. Linux has some requirements wrt interrupt architecture, these are to my knowledge: (a) interrupt handler must not be reentered even when sti() is called from within handler (b) working enable/disable_irq Luckily these requirements are only important for drivers shared with other architectures - ide,serial,parallel, ethernet. q40ints.c now contains a trivial hack for (a), (b) is more difficult because only irq's 4-15 can be disabled - and only all of them at once. Thus disable_irq() can effectively block the machine if the driver goes asleep. One thing to keep in mind when hacking around the interrupt code is that there is no way to find out which IRQ caused a request, [EI]IRQ_REG displays current state of the various IRQ lines. Keyboard ======== q40 receives AT make/break codes from the keyboard, these are translated to the PC scancodes x86 Linux uses. So by theory every national keyboard should work just by loading the appropriate x86 keytable - see any national-HOWTO. Unfortunately the AT->PC translation isn't quite trivial and even worse, my documentation of it is absolutely minimal - thus some exotic keys may not behave exactly as expected. There is still hope that it can be fixed completely though. If you encounter problems, email me ideally this: - exact keypress/release sequence - 'showkey -s' run on q40, non-X session - 'showkey -s' run on a PC, non-X session - AT codes as displayed by the q40 debugging ROM btw if the showkey output from PC and Q40 doesn't differ then you have some classic configuration problem - don't send me anything in this case