[PATCH stable 4.14 v3 0/3] add fix patches for CVE-2021-33655

[PATCH stable 4.14 v3 0/3] add fix patches for CVE-2021-33655

[Chen Jun]

v3: modify git message.

v2: add patch d48de54a9dab ("printk: Export is_console_locked") to fix a build error
caused by v1 if CONFIG_FB = m.
        ERROR: "is_console_locked" [drivers/video/fbdev/core/fb.ko] undefined!

v1: https://lore.kernel.org/stable/20220729031140.21806-1-chenjun102@huawei.com/

Hans de Goede (1):
  printk: Export is_console_locked

Helge Deller (2):
  fbcon: Prevent that screen size is smaller than font size
  fbmem: Check virtual screen sizes in fb_set_var()

 drivers/video/fbdev/core/fbcon.c | 28 ++++++++++++++++++++++++++++
 drivers/video/fbdev/core/fbmem.c | 20 +++++++++++++++++---
 include/linux/fbcon.h            |  4 ++++
 kernel/printk/printk.c           |  1 +
 4 files changed, 50 insertions(+), 3 deletions(-)

-- 
2.17.1

[PATCH stable 4.14 v3 1/3] printk: Export is_console_locked

[Chen Jun]

From: Hans de Goede <hdegoede@redhat.com>

commit d48de54a9dab5370edd2e991f78cc7996cf5483e upstream

This is a preparation patch for adding a number of WARN_CONSOLE_UNLOCKED()
calls to the fbcon code, which may be built as a module (event though
usually it is not).

Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Acked-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Acked-by: Petr Mladek <pmladek@suse.com>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Signed-off-by: Chen Jun <chenjun102@huawei.com>
---
 kernel/printk/printk.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index 11173d0b51bc..ad4772869d48 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -2259,6 +2259,7 @@ int is_console_locked(void)
 {
 	return console_locked;
 }
+EXPORT_SYMBOL(is_console_locked);
 
 /*
  * Check if we have any console that is capable of printing while cpu is
-- 
2.17.1

[PATCH stable 4.14 v3 2/3] fbcon: Prevent that screen size is smaller than font size

[Chen Jun]

From: Helge Deller <deller@gmx.de>

commit e64242caef18b4a5840b0e7a9bff37abd4f4f933 upstream

We need to prevent that users configure a screen size which is smaller than the
currently selected font size. Otherwise rendering chars on the screen will
access memory outside the graphics memory region.

This patch adds a new function fbcon_modechange_possible() which
implements this check and which later may be extended with other checks
if necessary.  The new function is called from the FBIOPUT_VSCREENINFO
ioctl handler in fbmem.c, which will return -EINVAL if userspace asked
for a too small screen size.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
[Chen Jun: adjust context]
Signed-off-by: Chen Jun <chenjun102@huawei.com>
---
 drivers/video/fbdev/core/fbcon.c | 28 ++++++++++++++++++++++++++++
 drivers/video/fbdev/core/fbmem.c | 10 +++++++---
 include/linux/fbcon.h            |  4 ++++
 3 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
index a97e94b1c84f..b84264e98929 100644
--- a/drivers/video/fbdev/core/fbcon.c
+++ b/drivers/video/fbdev/core/fbcon.c
@@ -2706,6 +2706,34 @@ static void fbcon_set_all_vcs(struct fb_info *info)
 		fbcon_modechanged(info);
 }
 
+/* let fbcon check if it supports a new screen resolution */
+int fbcon_modechange_possible(struct fb_info *info, struct fb_var_screeninfo *var)
+{
+	struct fbcon_ops *ops = info->fbcon_par;
+	struct vc_data *vc;
+	unsigned int i;
+
+	WARN_CONSOLE_UNLOCKED();
+
+	if (!ops)
+		return 0;
+
+	/* prevent setting a screen size which is smaller than font size */
+	for (i = first_fb_vc; i <= last_fb_vc; i++) {
+		vc = vc_cons[i].d;
+		if (!vc || vc->vc_mode != KD_TEXT ||
+			   registered_fb[con2fb_map[i]] != info)
+			continue;
+
+		if (vc->vc_font.width  > FBCON_SWAP(var->rotate, var->xres, var->yres) ||
+		    vc->vc_font.height > FBCON_SWAP(var->rotate, var->yres, var->xres))
+			return -EINVAL;
+	}
+
+	return 0;
+}
+EXPORT_SYMBOL_GPL(fbcon_modechange_possible);
+
 static int fbcon_mode_deleted(struct fb_info *info,
 			      struct fb_videomode *mode)
 {
diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
index 9087d467cc46..264e8ca5efa7 100644
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1134,9 +1134,13 @@ static long do_fb_ioctl(struct fb_info *info, unsigned int cmd,
 			console_unlock();
 			return -ENODEV;
 		}
-		info->flags |= FBINFO_MISC_USEREVENT;
-		ret = fb_set_var(info, &var);
-		info->flags &= ~FBINFO_MISC_USEREVENT;
+		ret = fbcon_modechange_possible(info, &var);
+		if (!ret) {
+			info->flags |= FBINFO_MISC_USEREVENT;
+			ret = fb_set_var(info, &var);
+			info->flags &= ~FBINFO_MISC_USEREVENT;
+		}
+		lock_fb_info(info);
 		unlock_fb_info(info);
 		console_unlock();
 		if (!ret && copy_to_user(argp, &var, sizeof(var)))
diff --git a/include/linux/fbcon.h b/include/linux/fbcon.h
index f68a7db14165..39939d55c834 100644
--- a/include/linux/fbcon.h
+++ b/include/linux/fbcon.h
@@ -4,9 +4,13 @@
 #ifdef CONFIG_FRAMEBUFFER_CONSOLE
 void __init fb_console_init(void);
 void __exit fb_console_exit(void);
+int  fbcon_modechange_possible(struct fb_info *info,
+			       struct fb_var_screeninfo *var);
 #else
 static inline void fb_console_init(void) {}
 static inline void fb_console_exit(void) {}
+static inline int  fbcon_modechange_possible(struct fb_info *info,
+				struct fb_var_screeninfo *var) { return 0; }
 #endif
 
 #endif /* _LINUX_FBCON_H */
-- 
2.17.1

[PATCH stable 4.14 v3 3/3] fbmem: Check virtual screen sizes in fb_set_var()

[Chen Jun]

From: Helge Deller <deller@gmx.de>

commit 6c11df58fd1ac0aefcb3b227f72769272b939e56 upstream

Verify that the fbdev or drm driver correctly adjusted the virtual
screen sizes. On failure report the failing driver and reject the screen
size change.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
[Chen Jun: adjust context]
Signed-off-by: Chen Jun <chenjun102@huawei.com>
---
 drivers/video/fbdev/core/fbmem.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
index 264e8ca5efa7..1238cc9f42c0 100644
--- a/drivers/video/fbdev/core/fbmem.c
+++ b/drivers/video/fbdev/core/fbmem.c
@@ -1019,6 +1019,16 @@ fb_set_var(struct fb_info *info, struct fb_var_screeninfo *var)
 		if (ret)
 			goto done;
 
+		/* verify that virtual resolution >= physical resolution */
+		if (var->xres_virtual < var->xres ||
+		    var->yres_virtual < var->yres) {
+			pr_warn("WARNING: fbcon: Driver '%s' missed to adjust virtual screen size (%ux%u vs. %ux%u)\n",
+				info->fix.id,
+				var->xres_virtual, var->yres_virtual,
+				var->xres, var->yres);
+			return -EINVAL;
+		}
+
 		if ((var->activate & FB_ACTIVATE_MASK) == FB_ACTIVATE_NOW) {
 			struct fb_var_screeninfo old_var;
 			struct fb_videomode mode;
-- 
2.17.1

Re: [PATCH stable 4.14 v3 2/3] fbcon: Prevent that screen size is smaller than font size

[Cengiz Can]

On Thu, 2022-08-04 at 12:27 +0000, Chen Jun wrote:
> From: Helge Deller <deller@gmx.de>
> 
> commit e64242caef18b4a5840b0e7a9bff37abd4f4f933 upstream
> 
> We need to prevent that users configure a screen size which is smaller than the
> currently selected font size. Otherwise rendering chars on the screen will
> access memory outside the graphics memory region.
> 
> This patch adds a new function fbcon_modechange_possible() which
> implements this check and which later may be extended with other checks
> if necessary.  The new function is called from the FBIOPUT_VSCREENINFO
> ioctl handler in fbmem.c, which will return -EINVAL if userspace asked
> for a too small screen size.
> 
> Signed-off-by: Helge Deller <deller@gmx.de>
> Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
> [Chen Jun: adjust context]
> Signed-off-by: Chen Jun <chenjun102@huawei.com>
> ---
>  drivers/video/fbdev/core/fbcon.c | 28 ++++++++++++++++++++++++++++
>  drivers/video/fbdev/core/fbmem.c | 10 +++++++---
>  include/linux/fbcon.h            |  4 ++++
>  3 files changed, 39 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
> index a97e94b1c84f..b84264e98929 100644
> --- a/drivers/video/fbdev/core/fbcon.c
> +++ b/drivers/video/fbdev/core/fbcon.c
> @@ -2706,6 +2706,34 @@ static void fbcon_set_all_vcs(struct fb_info *info)
>  		fbcon_modechanged(info);
>  }
>  
> +/* let fbcon check if it supports a new screen resolution */
> +int fbcon_modechange_possible(struct fb_info *info, struct fb_var_screeninfo *var)
> +{
> +	struct fbcon_ops *ops = info->fbcon_par;
> +	struct vc_data *vc;
> +	unsigned int i;
> +
> +	WARN_CONSOLE_UNLOCKED();
> +
> +	if (!ops)
> +		return 0;
> +
> +	/* prevent setting a screen size which is smaller than font size */
> +	for (i = first_fb_vc; i <= last_fb_vc; i++) {
> +		vc = vc_cons[i].d;
> +		if (!vc || vc->vc_mode != KD_TEXT ||
> +			   registered_fb[con2fb_map[i]] != info)
> +			continue;
> +
> +		if (vc->vc_font.width  > FBCON_SWAP(var->rotate, var->xres, var->yres) ||
> +		    vc->vc_font.height > FBCON_SWAP(var->rotate, var->yres, var->xres))
> +			return -EINVAL;
> +	}
> +
> +	return 0;
> +}
> +EXPORT_SYMBOL_GPL(fbcon_modechange_possible);
> +
>  static int fbcon_mode_deleted(struct fb_info *info,
>  			      struct fb_videomode *mode)
>  {
> diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
> index 9087d467cc46..264e8ca5efa7 100644
> --- a/drivers/video/fbdev/core/fbmem.c
> +++ b/drivers/video/fbdev/core/fbmem.c
> @@ -1134,9 +1134,13 @@ static long do_fb_ioctl(struct fb_info *info, unsigned int cmd,
>  			console_unlock();
>  			return -ENODEV;
>  		}
> -		info->flags |= FBINFO_MISC_USEREVENT;
> -		ret = fb_set_var(info, &var);
> -		info->flags &= ~FBINFO_MISC_USEREVENT;
> +		ret = fbcon_modechange_possible(info, &var);
> +		if (!ret) {
> +			info->flags |= FBINFO_MISC_USEREVENT;
> +			ret = fb_set_var(info, &var);
> +			info->flags &= ~FBINFO_MISC_USEREVENT;
> +		}
> +		lock_fb_info(info);
>  		unlock_fb_info(info);

Why do we lock and unlock here consecutively?

Can it be a leftover?

Because in upstream commit, lock encapsulates `fb_set_var`,
`fbcon_modechange_possible` and `fbcon_update_vcs` calls, which makes
sense.

Here, it doesn't.

>  		console_unlock();
>  		if (!ret && copy_to_user(argp, &var, sizeof(var)))
> diff --git a/include/linux/fbcon.h b/include/linux/fbcon.h
> index f68a7db14165..39939d55c834 100644
> --- a/include/linux/fbcon.h
> +++ b/include/linux/fbcon.h
> @@ -4,9 +4,13 @@
>  #ifdef CONFIG_FRAMEBUFFER_CONSOLE
>  void __init fb_console_init(void);
>  void __exit fb_console_exit(void);
> +int  fbcon_modechange_possible(struct fb_info *info,
> +			       struct fb_var_screeninfo *var);
>  #else
>  static inline void fb_console_init(void) {}
>  static inline void fb_console_exit(void) {}
> +static inline int  fbcon_modechange_possible(struct fb_info *info,
> +				struct fb_var_screeninfo *var) { return 0; }
>  #endif
>  
>  #endif /* _LINUX_FBCON_H */

Re: [PATCH stable 4.14 v3 2/3] fbcon: Prevent that screen size is smaller than font size

[chenjun (AM)]

在 2022/8/5 14:09, Cengiz Can 写道:
> On Thu, 2022-08-04 at 12:27 +0000, Chen Jun wrote:
>> From: Helge Deller <deller@gmx.de>
>>
>> commit e64242caef18b4a5840b0e7a9bff37abd4f4f933 upstream
>>
>> We need to prevent that users configure a screen size which is smaller than the
>> currently selected font size. Otherwise rendering chars on the screen will
>> access memory outside the graphics memory region.
>>
>> This patch adds a new function fbcon_modechange_possible() which
>> implements this check and which later may be extended with other checks
>> if necessary.  The new function is called from the FBIOPUT_VSCREENINFO
>> ioctl handler in fbmem.c, which will return -EINVAL if userspace asked
>> for a too small screen size.
>>
>> Signed-off-by: Helge Deller <deller@gmx.de>
>> Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
>> [Chen Jun: adjust context]
>> Signed-off-by: Chen Jun <chenjun102@huawei.com>
>> ---
>>   drivers/video/fbdev/core/fbcon.c | 28 ++++++++++++++++++++++++++++
>>   drivers/video/fbdev/core/fbmem.c | 10 +++++++---
>>   include/linux/fbcon.h            |  4 ++++
>>   3 files changed, 39 insertions(+), 3 deletions(-)
>>
>> diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
>> index a97e94b1c84f..b84264e98929 100644
>> --- a/drivers/video/fbdev/core/fbcon.c
>> +++ b/drivers/video/fbdev/core/fbcon.c
>> @@ -2706,6 +2706,34 @@ static void fbcon_set_all_vcs(struct fb_info *info)
>>   		fbcon_modechanged(info);
>>   }
>>   
>> +/* let fbcon check if it supports a new screen resolution */
>> +int fbcon_modechange_possible(struct fb_info *info, struct fb_var_screeninfo *var)
>> +{
>> +	struct fbcon_ops *ops = info->fbcon_par;
>> +	struct vc_data *vc;
>> +	unsigned int i;
>> +
>> +	WARN_CONSOLE_UNLOCKED();
>> +
>> +	if (!ops)
>> +		return 0;
>> +
>> +	/* prevent setting a screen size which is smaller than font size */
>> +	for (i = first_fb_vc; i <= last_fb_vc; i++) {
>> +		vc = vc_cons[i].d;
>> +		if (!vc || vc->vc_mode != KD_TEXT ||
>> +			   registered_fb[con2fb_map[i]] != info)
>> +			continue;
>> +
>> +		if (vc->vc_font.width  > FBCON_SWAP(var->rotate, var->xres, var->yres) ||
>> +		    vc->vc_font.height > FBCON_SWAP(var->rotate, var->yres, var->xres))
>> +			return -EINVAL;
>> +	}
>> +
>> +	return 0;
>> +}
>> +EXPORT_SYMBOL_GPL(fbcon_modechange_possible);
>> +
>>   static int fbcon_mode_deleted(struct fb_info *info,
>>   			      struct fb_videomode *mode)
>>   {
>> diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
>> index 9087d467cc46..264e8ca5efa7 100644
>> --- a/drivers/video/fbdev/core/fbmem.c
>> +++ b/drivers/video/fbdev/core/fbmem.c
>> @@ -1134,9 +1134,13 @@ static long do_fb_ioctl(struct fb_info *info, unsigned int cmd,
>>   			console_unlock();
>>   			return -ENODEV;
>>   		}
>> -		info->flags |= FBINFO_MISC_USEREVENT;
>> -		ret = fb_set_var(info, &var);
>> -		info->flags &= ~FBINFO_MISC_USEREVENT;
>> +		ret = fbcon_modechange_possible(info, &var);
>> +		if (!ret) {
>> +			info->flags |= FBINFO_MISC_USEREVENT;
>> +			ret = fb_set_var(info, &var);
>> +			info->flags &= ~FBINFO_MISC_USEREVENT;
>> +		}
>> +		lock_fb_info(info);
>>   		unlock_fb_info(info);
> 
> Why do we lock and unlock here consecutively?
> 
> Can it be a leftover?
> 
> Because in upstream commit, lock encapsulates `fb_set_var`,
> `fbcon_modechange_possible` and `fbcon_update_vcs` calls, which makes
> sense.
> 
> Here, it doesn't.
> 

Thanks, lock_fb_info(info) is wrong here.

>>   		console_unlock();
>>   		if (!ret && copy_to_user(argp, &var, sizeof(var)))
>> diff --git a/include/linux/fbcon.h b/include/linux/fbcon.h
>> index f68a7db14165..39939d55c834 100644
>> --- a/include/linux/fbcon.h
>> +++ b/include/linux/fbcon.h
>> @@ -4,9 +4,13 @@
>>   #ifdef CONFIG_FRAMEBUFFER_CONSOLE
>>   void __init fb_console_init(void);
>>   void __exit fb_console_exit(void);
>> +int  fbcon_modechange_possible(struct fb_info *info,
>> +			       struct fb_var_screeninfo *var);
>>   #else
>>   static inline void fb_console_init(void) {}
>>   static inline void fb_console_exit(void) {}
>> +static inline int  fbcon_modechange_possible(struct fb_info *info,
>> +				struct fb_var_screeninfo *var) { return 0; }
>>   #endif
>>   
>>   #endif /* _LINUX_FBCON_H */
> 
> 


-- 
Regards
Chen Jun

Re: [PATCH stable 4.14 v3 2/3] fbcon: Prevent that screen size is smaller than font size

[gregkh]

On Fri, Aug 05, 2022 at 06:22:03AM +0000, chenjun (AM) wrote:
> 在 2022/8/5 14:09, Cengiz Can 写道:
> > On Thu, 2022-08-04 at 12:27 +0000, Chen Jun wrote:
> >> From: Helge Deller <deller@gmx.de>
> >>
> >> commit e64242caef18b4a5840b0e7a9bff37abd4f4f933 upstream
> >>
> >> We need to prevent that users configure a screen size which is smaller than the
> >> currently selected font size. Otherwise rendering chars on the screen will
> >> access memory outside the graphics memory region.
> >>
> >> This patch adds a new function fbcon_modechange_possible() which
> >> implements this check and which later may be extended with other checks
> >> if necessary.  The new function is called from the FBIOPUT_VSCREENINFO
> >> ioctl handler in fbmem.c, which will return -EINVAL if userspace asked
> >> for a too small screen size.
> >>
> >> Signed-off-by: Helge Deller <deller@gmx.de>
> >> Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
> >> [Chen Jun: adjust context]
> >> Signed-off-by: Chen Jun <chenjun102@huawei.com>
> >> ---
> >>   drivers/video/fbdev/core/fbcon.c | 28 ++++++++++++++++++++++++++++
> >>   drivers/video/fbdev/core/fbmem.c | 10 +++++++---
> >>   include/linux/fbcon.h            |  4 ++++
> >>   3 files changed, 39 insertions(+), 3 deletions(-)
> >>
> >> diff --git a/drivers/video/fbdev/core/fbcon.c b/drivers/video/fbdev/core/fbcon.c
> >> index a97e94b1c84f..b84264e98929 100644
> >> --- a/drivers/video/fbdev/core/fbcon.c
> >> +++ b/drivers/video/fbdev/core/fbcon.c
> >> @@ -2706,6 +2706,34 @@ static void fbcon_set_all_vcs(struct fb_info *info)
> >>   		fbcon_modechanged(info);
> >>   }
> >>   
> >> +/* let fbcon check if it supports a new screen resolution */
> >> +int fbcon_modechange_possible(struct fb_info *info, struct fb_var_screeninfo *var)
> >> +{
> >> +	struct fbcon_ops *ops = info->fbcon_par;
> >> +	struct vc_data *vc;
> >> +	unsigned int i;
> >> +
> >> +	WARN_CONSOLE_UNLOCKED();
> >> +
> >> +	if (!ops)
> >> +		return 0;
> >> +
> >> +	/* prevent setting a screen size which is smaller than font size */
> >> +	for (i = first_fb_vc; i <= last_fb_vc; i++) {
> >> +		vc = vc_cons[i].d;
> >> +		if (!vc || vc->vc_mode != KD_TEXT ||
> >> +			   registered_fb[con2fb_map[i]] != info)
> >> +			continue;
> >> +
> >> +		if (vc->vc_font.width  > FBCON_SWAP(var->rotate, var->xres, var->yres) ||
> >> +		    vc->vc_font.height > FBCON_SWAP(var->rotate, var->yres, var->xres))
> >> +			return -EINVAL;
> >> +	}
> >> +
> >> +	return 0;
> >> +}
> >> +EXPORT_SYMBOL_GPL(fbcon_modechange_possible);
> >> +
> >>   static int fbcon_mode_deleted(struct fb_info *info,
> >>   			      struct fb_videomode *mode)
> >>   {
> >> diff --git a/drivers/video/fbdev/core/fbmem.c b/drivers/video/fbdev/core/fbmem.c
> >> index 9087d467cc46..264e8ca5efa7 100644
> >> --- a/drivers/video/fbdev/core/fbmem.c
> >> +++ b/drivers/video/fbdev/core/fbmem.c
> >> @@ -1134,9 +1134,13 @@ static long do_fb_ioctl(struct fb_info *info, unsigned int cmd,
> >>   			console_unlock();
> >>   			return -ENODEV;
> >>   		}
> >> -		info->flags |= FBINFO_MISC_USEREVENT;
> >> -		ret = fb_set_var(info, &var);
> >> -		info->flags &= ~FBINFO_MISC_USEREVENT;
> >> +		ret = fbcon_modechange_possible(info, &var);
> >> +		if (!ret) {
> >> +			info->flags |= FBINFO_MISC_USEREVENT;
> >> +			ret = fb_set_var(info, &var);
> >> +			info->flags &= ~FBINFO_MISC_USEREVENT;
> >> +		}
> >> +		lock_fb_info(info);
> >>   		unlock_fb_info(info);
> > 
> > Why do we lock and unlock here consecutively?
> > 
> > Can it be a leftover?
> > 
> > Because in upstream commit, lock encapsulates `fb_set_var`,
> > `fbcon_modechange_possible` and `fbcon_update_vcs` calls, which makes
> > sense.
> > 
> > Here, it doesn't.
> > 
> 
> Thanks, lock_fb_info(info) is wrong here.

Ok, I'm totally confused now.

I'm dropping all of these series from my queue now.  Please fix them up
and resend them for all pending stable trees (4.9.y, 4.14.y, and
4.19.y).

thanks,

greg k-h