- Linux-stable-mirror - lists.linaro.org

[PATCH] exfat: check if filename entries exceeds max filename length

by Namjae Jeon

exfat_extract_uni_name copies characters from a given file name entry into the 'uniname' variable. This variable is actually defined on the stack of the exfat_readdir() function. According to the definition of the 'exfat_uni_name' type, the file name should be limited 255 characters (+ null teminator space), but the exfat_get_uniname_from_ext_entry() function can write more characters because there is no check if filename entries exceeds max filename length. This patch add the check not to copy filename characters when exceeding max filename length. Cc: stable(a)vger.kernel.org Cc: Yuezhang Mo <Yuezhang.Mo(a)sony.com> Reported-by: Maxim Suhanov <dfirblog(a)gmail.com> Reviewed-by: Sungjong Seo <sj1557.seo(a)samsung.com> Signed-off-by: Namjae Jeon <linkinjeon(a)kernel.org> --- fs/exfat/dir.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c index 957574180a5e..bc48f3329921 100644 --- a/fs/exfat/dir.c +++ b/fs/exfat/dir.c @@ -34,6 +34,7 @@ static int exfat_get_uniname_from_ext_entry(struct super_block *sb, { int i, err; struct exfat_entry_set_cache es; + unsigned int uni_len = 0, len; err = exfat_get_dentry_set(&es, sb, p_dir, entry, ES_ALL_ENTRIES); if (err) @@ -52,7 +53,10 @@ static int exfat_get_uniname_from_ext_entry(struct super_block *sb, if (exfat_get_entry_type(ep) != TYPE_EXTEND) break; - exfat_extract_uni_name(ep, uniname); + len = exfat_extract_uni_name(ep, uniname); + uni_len += len; + if (len != EXFAT_FILE_NAME_LEN || uni_len >= MAX_NAME_LENGTH) + break; uniname += EXFAT_FILE_NAME_LEN; } @@ -1079,7 +1083,8 @@ int exfat_find_dir_entry(struct super_block *sb, struct exfat_inode_info *ei, if (entry_type == TYPE_EXTEND) { unsigned short entry_uniname[16], unichar; - if (step != DIRENT_STEP_NAME) { + if (step != DIRENT_STEP_NAME || + name_len >= MAX_NAME_LENGTH) { step = DIRENT_STEP_FILE; continue; } -- 2.25.1

2 years, 5 months

2
1
0 0

[PATCH 5.15] ovl: fix null pointer dereference in ovl_get_acl_rcu()

by Zhihao Cheng

[ Upstream commit f4e19e595cc2e76a8a58413eb19d3d9c51328b53 ] Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_permission_check check_acl get_cached_acl_rcu ovl_get_inode_acl realinode = ovl_inode_real(ovl_inode) drop_cache __dentry_kill(ovl_dentry) iput(ovl_inode) ovl_destroy_inode(ovl_inode) dput(oi->__upperdentry) dentry_kill(upperdentry) dentry_unlink_inode upperdentry->d_inode = NULL ovl_inode_upper upperdentry = ovl_i_dentry_upper(ovl_inode) d_inode(upperdentry) // returns NULL IS_POSIXACL(realinode) // NULL pointer dereference , will trigger an null pointer dereference at realinode: [ 205.472797] BUG: kernel NULL pointer dereference, address: 0000000000000028 [ 205.476701] CPU: 2 PID: 2713 Comm: ls Not tainted 6.3.0-12064-g2edfa098e750-dirty #1216 [ 205.478754] RIP: 0010:do_ovl_get_acl+0x5d/0x300 [ 205.489584] Call Trace: [ 205.489812] <TASK> [ 205.490014] ovl_get_inode_acl+0x26/0x30 [ 205.490466] get_cached_acl_rcu+0x61/0xa0 [ 205.490908] generic_permission+0x1bf/0x4e0 [ 205.491447] ovl_permission+0x79/0x1b0 [ 205.491917] inode_permission+0x15e/0x2c0 [ 205.492425] link_path_walk+0x115/0x550 [ 205.493311] path_lookupat.isra.0+0xb2/0x200 [ 205.493803] filename_lookup+0xda/0x240 [ 205.495747] vfs_fstatat+0x7b/0xb0 Fetch a reproducer in [Link]. Use the helper ovl_i_path_realinode() to get realinode and then do non-nullptr checking. There are some changes from upstream commit: 1. Corrusponds to do_ovl_get_acl() in 5.15 is ovl_get_acl() 2. ovl_i_path_real is not imported in 5.15, we can get realinode by ovl_inode_real 3. CONFIG_FS_POSIX_ACL checking is dropped in commit ded536561a3674327dfa4bb389085705cae22b8a ("ovl: improve ovl_get_acl() if POSIX ACL support is off"), we still keep it in 5.15. Link: https://bugzilla.kernel.org/show_bug.cgi?id=217404 Fixes: 332f606b32b6 ("ovl: enable RCU'd ->get_acl()") Cc: <stable(a)vger.kernel.org> # v5.15 Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com> Suggested-by: Christian Brauner <brauner(a)kernel.org> Suggested-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> --- fs/overlayfs/inode.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index d41f0c8e0e2a..65e5e6eb761a 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -453,7 +453,15 @@ struct posix_acl *ovl_get_acl(struct inode *inode, int type, bool rcu) const struct cred *old_cred; struct posix_acl *acl; - if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !IS_POSIXACL(realinode)) + if (!IS_ENABLED(CONFIG_FS_POSIX_ACL)) + return NULL; + + if (!realinode) { + WARN_ON(!rcu); + return ERR_PTR(-ECHILD); + } + + if (!IS_POSIXACL(realinode)) return NULL; if (rcu) -- 2.39.2

2 years, 5 months

3
3
0 0

Re: [PATCH 6.4 000/800] 6.4.4-rc1 review

by Ronald Warsow

Hi Greg 6.4.4-rc1 compiles, boots and runs here on x86_64 (Intel Rocket Lake, i5-11400) Thanks Tested-by: Ronald Warsow <rwarsow(a)gmx.de>

2 years, 5 months

1
0
0 0

[PATCH -stable v5.10 0/3] Fixes for rcutorture TRACE02 warning

by Joel Fernandes (Google)

These patches required to prevent the following TRACE02 warning when running rcutorture. I confirmed the patch fixes the following splat: [ 765.941351] WARNING: CPU: 0 PID: 80 at kernel/rcu/tasks.h:895 trc_read_check_handler+0x61/0xe0 [ 765.949880] Modules linked in: [ 765.953006] CPU: 0 PID: 80 Comm: rcu_torture_rea Not tainted 5.15.86-rc1+ #25 [ 765.959982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 765.967964] RIP: 0010:trc_read_check_handler+0x61/0xe0 [ 765.973050] Code: 01 00 89 c0 48 03 2c c5 80 f8 a5 ae c6 45 00 00 [..] [ 765.991768] RSP: 0000:ffffa64ac0003fb0 EFLAGS: 00010047 [ 765.997042] RAX: ffffffffad4f8610 RBX: ffffa26b41bd3000 RCX: ffffa26b5f4ac8c0 [ 766.004418] RDX: 0000000000000000 RSI: ffffffffae978121 RDI: ffffa26b41bd3000 [ 766.011502] RBP: ffffa26b41bd6000 R08: ffffa26b41bd3000 R09: 0000000000000000 [ 766.018778] R10: 0000000000000000 R11: ffffa64ac0003ff8 R12: 0000000000000000 [ 766.025943] R13: ffffa26b5f4ac8c0 R14: 0000000000000000 R15: 0000000000000000 [ 766.034383] FS: 0000000000000000(0000) GS:ffffa26b5f400000(0000) knlGS:0000000000000000 [ 766.042925] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 766.048775] CR2: 0000000000000000 CR3: 0000000001924000 CR4: 00000000000006f0 [ 766.055991] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 766.063135] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 766.070711] Call Trace: [ 766.073515] <IRQ> [ 766.075807] flush_smp_call_function_queue+0xec/0x1a0 [ 766.081087] __sysvec_call_function_single+0x3e/0x1d0 [ 766.086466] sysvec_call_function_single+0x89/0xc0 [ 766.091431] </IRQ> [ 766.093713] <TASK> [ 766.095930] asm_sysvec_call_function_single+0x16/0x20

2 years, 5 months

2
4
0 0

FAILED: patch "[PATCH] block: add overflow checks for Amiga partition support" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x b6f3f28f604ba3de4724ad82bea6adb1300c0b5f # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071116-umbrella-fog-a65f@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b6f3f28f604ba3de4724ad82bea6adb1300c0b5f Mon Sep 17 00:00:00 2001 From: Michael Schmitz <schmitzmic(a)gmail.com> Date: Wed, 21 Jun 2023 08:17:25 +1200 Subject: [PATCH] block: add overflow checks for Amiga partition support The Amiga partition parser module uses signed int for partition sector address and count, which will overflow for disks larger than 1 TB. Use u64 as type for sector address and size to allow using disks up to 2 TB without LBD support, and disks larger than 2 TB with LBD. The RBD format allows to specify disk sizes up to 2^128 bytes (though native OS limitations reduce this somewhat, to max 2^68 bytes), so check for u64 overflow carefully to protect against overflowing sector_t. Bail out if sector addresses overflow 32 bits on kernels without LBD support. This bug was reported originally in 2012, and the fix was created by the RDB author, Joanne Dow <jdow(a)earthlink.net>. A patch had been discussed and reviewed on linux-m68k at that time but never officially submitted (now resubmitted as patch 1 in this series). This patch adds additional error checking and warning messages. Reported-by: Martin Steigerwald <Martin(a)lichtvoll.de> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=43511 Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Message-ID: <201206192146.09327.Martin(a)lichtvoll.de> Cc: <stable(a)vger.kernel.org> # 5.2 Signed-off-by: Michael Schmitz <schmitzmic(a)gmail.com> Reviewed-by: Geert Uytterhoeven <geert(a)linux-m68k.org> Reviewed-by: Christoph Hellwig <hch(a)infradead.org> Link: https://lore.kernel.org/r/20230620201725.7020-4-schmitzmic@gmail.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/partitions/amiga.c b/block/partitions/amiga.c index 85c5c79aae48..ed222b9c901b 100644 --- a/block/partitions/amiga.c +++ b/block/partitions/amiga.c @@ -11,10 +11,18 @@ #define pr_fmt(fmt) fmt #include <linux/types.h> +#include <linux/mm_types.h> +#include <linux/overflow.h> #include <linux/affs_hardblocks.h> #include "check.h" +/* magic offsets in partition DosEnvVec */ +#define NR_HD 3 +#define NR_SECT 5 +#define LO_CYL 9 +#define HI_CYL 10 + static __inline__ u32 checksum_block(__be32 *m, int size) { @@ -31,9 +39,12 @@ int amiga_partition(struct parsed_partitions *state) unsigned char *data; struct RigidDiskBlock *rdb; struct PartitionBlock *pb; - sector_t start_sect, nr_sects; - int blk, part, res = 0; - int blksize = 1; /* Multiplier for disk block size */ + u64 start_sect, nr_sects; + sector_t blk, end_sect; + u32 cylblk; /* rdb_CylBlocks = nr_heads*sect_per_track */ + u32 nr_hd, nr_sect, lo_cyl, hi_cyl; + int part, res = 0; + unsigned int blksize = 1; /* Multiplier for disk block size */ int slot = 1; for (blk = 0; ; blk++, put_dev_sector(sect)) { @@ -41,7 +52,7 @@ int amiga_partition(struct parsed_partitions *state) goto rdb_done; data = read_part_sector(state, blk, &sect); if (!data) { - pr_err("Dev %s: unable to read RDB block %d\n", + pr_err("Dev %s: unable to read RDB block %llu\n", state->disk->disk_name, blk); res = -1; goto rdb_done; @@ -58,12 +69,12 @@ int amiga_partition(struct parsed_partitions *state) *(__be32 *)(data+0xdc) = 0; if (checksum_block((__be32 *)data, be32_to_cpu(rdb->rdb_SummedLongs) & 0x7F)==0) { - pr_err("Trashed word at 0xd0 in block %d ignored in checksum calculation\n", + pr_err("Trashed word at 0xd0 in block %llu ignored in checksum calculation\n", blk); break; } - pr_err("Dev %s: RDB in block %d has bad checksum\n", + pr_err("Dev %s: RDB in block %llu has bad checksum\n", state->disk->disk_name, blk); } @@ -80,10 +91,15 @@ int amiga_partition(struct parsed_partitions *state) blk = be32_to_cpu(rdb->rdb_PartitionList); put_dev_sector(sect); for (part = 1; blk>0 && part<=16; part++, put_dev_sector(sect)) { - blk *= blksize; /* Read in terms partition table understands */ + /* Read in terms partition table understands */ + if (check_mul_overflow(blk, (sector_t) blksize, &blk)) { + pr_err("Dev %s: overflow calculating partition block %llu! Skipping partitions %u and beyond\n", + state->disk->disk_name, blk, part); + break; + } data = read_part_sector(state, blk, &sect); if (!data) { - pr_err("Dev %s: unable to read partition block %d\n", + pr_err("Dev %s: unable to read partition block %llu\n", state->disk->disk_name, blk); res = -1; goto rdb_done; @@ -95,19 +111,70 @@ int amiga_partition(struct parsed_partitions *state) if (checksum_block((__be32 *)pb, be32_to_cpu(pb->pb_SummedLongs) & 0x7F) != 0 ) continue; - /* Tell Kernel about it */ + /* RDB gives us more than enough rope to hang ourselves with, + * many times over (2^128 bytes if all fields max out). + * Some careful checks are in order, so check for potential + * overflows. + * We are multiplying four 32 bit numbers to one sector_t! + */ + + nr_hd = be32_to_cpu(pb->pb_Environment[NR_HD]); + nr_sect = be32_to_cpu(pb->pb_Environment[NR_SECT]); + + /* CylBlocks is total number of blocks per cylinder */ + if (check_mul_overflow(nr_hd, nr_sect, &cylblk)) { + pr_err("Dev %s: heads*sects %u overflows u32, skipping partition!\n", + state->disk->disk_name, cylblk); + continue; + } + + /* check for consistency with RDB defined CylBlocks */ + if (cylblk > be32_to_cpu(rdb->rdb_CylBlocks)) { + pr_warn("Dev %s: cylblk %u > rdb_CylBlocks %u!\n", + state->disk->disk_name, cylblk, + be32_to_cpu(rdb->rdb_CylBlocks)); + } + + /* RDB allows for variable logical block size - + * normalize to 512 byte blocks and check result. + */ + + if (check_mul_overflow(cylblk, blksize, &cylblk)) { + pr_err("Dev %s: partition %u bytes per cyl. overflows u32, skipping partition!\n", + state->disk->disk_name, part); + continue; + } + + /* Calculate partition start and end. Limit of 32 bit on cylblk + * guarantees no overflow occurs if LBD support is enabled. + */ + + lo_cyl = be32_to_cpu(pb->pb_Environment[LO_CYL]); + start_sect = ((u64) lo_cyl * cylblk); + + hi_cyl = be32_to_cpu(pb->pb_Environment[HI_CYL]); + nr_sects = (((u64) hi_cyl - lo_cyl + 1) * cylblk); - nr_sects = ((sector_t)be32_to_cpu(pb->pb_Environment[10]) + 1 - - be32_to_cpu(pb->pb_Environment[9])) * - be32_to_cpu(pb->pb_Environment[3]) * - be32_to_cpu(pb->pb_Environment[5]) * - blksize; if (!nr_sects) continue; - start_sect = (sector_t)be32_to_cpu(pb->pb_Environment[9]) * - be32_to_cpu(pb->pb_Environment[3]) * - be32_to_cpu(pb->pb_Environment[5]) * - blksize; + + /* Warn user if partition end overflows u32 (AmigaDOS limit) */ + + if ((start_sect + nr_sects) > UINT_MAX) { + pr_warn("Dev %s: partition %u (%llu-%llu) needs 64 bit device support!\n", + state->disk->disk_name, part, + start_sect, start_sect + nr_sects); + } + + if (check_add_overflow(start_sect, nr_sects, &end_sect)) { + pr_err("Dev %s: partition %u (%llu-%llu) needs LBD device support, skipping partition!\n", + state->disk->disk_name, part, + start_sect, end_sect); + continue; + } + + /* Tell Kernel about it */ + put_partition(state,slot++,start_sect,nr_sects); { /* Be even more informative to aid mounting */

2 years, 5 months

3
5
0 0

[PATCH 1/9] drm/amdgpu: make sure BOs are locked in amdgpu_vm_get_memory

by Alex Deucher

From: Christian König <christian.koenig(a)amd.com> We need to grab the lock of the BO or otherwise can run into a crash when we try to inspect the current location. Signed-off-by: Christian König <christian.koenig(a)amd.com> Reviewed-by: Alex Deucher <alexander.deucher(a)amd.com> Acked-by: Guchun Chen <guchun.chen(a)amd.com> Tested-by: Mikhail Gavrilov <mikhail.v.gavrilov(a)gmail.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> (cherry picked from commit e2ad8e2df432498b1cee2af04df605723f4d75e6) Cc: stable(a)vger.kernel.org # 6.3.x --- drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 69 +++++++++++++++----------- 1 file changed, 39 insertions(+), 30 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c index 5b3a70becbdf..a252a206f37b 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c @@ -920,42 +920,51 @@ int amdgpu_vm_update_range(struct amdgpu_device *adev, struct amdgpu_vm *vm, return r; } +static void amdgpu_vm_bo_get_memory(struct amdgpu_bo_va *bo_va, + struct amdgpu_mem_stats *stats) +{ + struct amdgpu_vm *vm = bo_va->base.vm; + struct amdgpu_bo *bo = bo_va->base.bo; + + if (!bo) + return; + + /* + * For now ignore BOs which are currently locked and potentially + * changing their location. + */ + if (bo->tbo.base.resv != vm->root.bo->tbo.base.resv && + !dma_resv_trylock(bo->tbo.base.resv)) + return; + + amdgpu_bo_get_memory(bo, stats); + if (bo->tbo.base.resv != vm->root.bo->tbo.base.resv) + dma_resv_unlock(bo->tbo.base.resv); +} + void amdgpu_vm_get_memory(struct amdgpu_vm *vm, struct amdgpu_mem_stats *stats) { struct amdgpu_bo_va *bo_va, *tmp; spin_lock(&vm->status_lock); - list_for_each_entry_safe(bo_va, tmp, &vm->idle, base.vm_status) { - if (!bo_va->base.bo) - continue; - amdgpu_bo_get_memory(bo_va->base.bo, stats); - } - list_for_each_entry_safe(bo_va, tmp, &vm->evicted, base.vm_status) { - if (!bo_va->base.bo) - continue; - amdgpu_bo_get_memory(bo_va->base.bo, stats); - } - list_for_each_entry_safe(bo_va, tmp, &vm->relocated, base.vm_status) { - if (!bo_va->base.bo) - continue; - amdgpu_bo_get_memory(bo_va->base.bo, stats); - } - list_for_each_entry_safe(bo_va, tmp, &vm->moved, base.vm_status) { - if (!bo_va->base.bo) - continue; - amdgpu_bo_get_memory(bo_va->base.bo, stats); - } - list_for_each_entry_safe(bo_va, tmp, &vm->invalidated, base.vm_status) { - if (!bo_va->base.bo) - continue; - amdgpu_bo_get_memory(bo_va->base.bo, stats); - } - list_for_each_entry_safe(bo_va, tmp, &vm->done, base.vm_status) { - if (!bo_va->base.bo) - continue; - amdgpu_bo_get_memory(bo_va->base.bo, stats); - } + list_for_each_entry_safe(bo_va, tmp, &vm->idle, base.vm_status) + amdgpu_vm_bo_get_memory(bo_va, stats); + + list_for_each_entry_safe(bo_va, tmp, &vm->evicted, base.vm_status) + amdgpu_vm_bo_get_memory(bo_va, stats); + + list_for_each_entry_safe(bo_va, tmp, &vm->relocated, base.vm_status) + amdgpu_vm_bo_get_memory(bo_va, stats); + + list_for_each_entry_safe(bo_va, tmp, &vm->moved, base.vm_status) + amdgpu_vm_bo_get_memory(bo_va, stats); + + list_for_each_entry_safe(bo_va, tmp, &vm->invalidated, base.vm_status) + amdgpu_vm_bo_get_memory(bo_va, stats); + + list_for_each_entry_safe(bo_va, tmp, &vm->done, base.vm_status) + amdgpu_vm_bo_get_memory(bo_va, stats); spin_unlock(&vm->status_lock); } -- 2.41.0

2 years, 5 months

4
13
0 0

[PATCH -stable,4.14 0/3] stable fixes for 4.14

by Pablo Neira Ayuso

Hi Greg, Sasha, The following list shows the backported patches, I am using original commit IDs for reference: 1) 1240eb93f061 ("netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE") 2) 26b5a5712eb8 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain") 3) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") Please, apply, Thanks. Pablo Neira Ayuso (3): netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/net/netfilter/nf_tables.h | 1 + net/netfilter/nf_tables_api.c | 29 +++++++++++++++++++++++++---- 2 files changed, 26 insertions(+), 4 deletions(-) -- 2.30.2

2 years, 5 months

2
4
0 0

[PATCH -stable,4.19 00/10] stable fixes for 4.19

by Pablo Neira Ayuso

Hi Greg, Sasha, The following list shows the backported patches, I am using original commit IDs for reference: 1) 1e9451cbda45 ("netfilter: nf_tables: fix nat hook table deletion") 2) 81ea01066741 ("netfilter: nf_tables: add rescheduling points during loop detection walks") 3) 802b805162a1 ("netfilter: nftables: add helper function to set the base sequence number") 4) 19c28b1374fb ("netfilter: add helper function to set up the nfnetlink header and use it") 5) 0854db2aaef3 ("netfilter: nf_tables: use net_generic infra for transaction data") 6) 1240eb93f061 ("netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE") 7) 26b5a5712eb8 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain") 8) 938154b93be8 ("netfilter: nf_tables: reject unbound anonymous set before commit phase") 9) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") 10) 2024439bd5ce ("netfilter: nf_tables: fix scheduling-while-atomic splat") Please, apply, Thanks. Florian Westphal (3): netfilter: nf_tables: fix nat hook table deletion netfilter: nf_tables: add rescheduling points during loop detection walks netfilter: nf_tables: fix scheduling-while-atomic splat Pablo Neira Ayuso (7): netfilter: nftables: add helper function to set the base sequence number netfilter: add helper function to set up the nfnetlink header and use it netfilter: nf_tables: use net_generic infra for transaction data netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain netfilter: nf_tables: reject unbound anonymous set before commit phase netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/linux/netfilter/nfnetlink.h | 27 ++ include/net/netfilter/nf_tables.h | 14 + include/net/netns/nftables.h | 5 - net/netfilter/ipset/ip_set_core.c | 17 +- net/netfilter/nf_conntrack_netlink.c | 77 ++--- net/netfilter/nf_tables_api.c | 483 ++++++++++++++++----------- net/netfilter/nf_tables_trace.c | 9 +- net/netfilter/nfnetlink_acct.c | 11 +- net/netfilter/nfnetlink_cthelper.c | 11 +- net/netfilter/nfnetlink_cttimeout.c | 22 +- net/netfilter/nfnetlink_log.c | 11 +- net/netfilter/nfnetlink_queue.c | 12 +- net/netfilter/nft_chain_filter.c | 11 +- net/netfilter/nft_compat.c | 11 +- net/netfilter/nft_dynset.c | 6 +- 15 files changed, 383 insertions(+), 344 deletions(-) -- 2.30.2

2 years, 5 months

2
11
0 0

[PATCH -stable,5.4 00/10] stable fixes for 5.4

by Pablo Neira Ayuso

Hi Greg, Sasha, The following list shows the backported patches, I am using original commit IDs for reference: 1) 1e9451cbda45 ("netfilter: nf_tables: fix nat hook table deletion") 2) 802b805162a1 ("netfilter: nftables: add helper function to set the base sequence number") 3) 19c28b1374fb ("netfilter: add helper function to set up the nfnetlink header and use it") 4) 0854db2aaef3 ("netfilter: nf_tables: use net_generic infra for transaction data") 5) 81ea01066741 ("netfilter: nf_tables: add rescheduling points during loop detection walks") 6) 1240eb93f061 ("netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE") 7) 26b5a5712eb8 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain") 8) 938154b93be8 ("netfilter: nf_tables: reject unbound anonymous set before commit phase") 9) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") 10) 2024439bd5ce ("netfilter: nf_tables: fix scheduling-while-atomic splat") Please, apply, Thanks Florian Westphal (4): netfilter: nf_tables: fix nat hook table deletion netfilter: nf_tables: use net_generic infra for transaction data netfilter: nf_tables: add rescheduling points during loop detection walks netfilter: nf_tables: fix scheduling-while-atomic splat Pablo Neira Ayuso (6): netfilter: nftables: add helper function to set the base sequence number netfilter: add helper function to set up the nfnetlink header and use it netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain netfilter: nf_tables: reject unbound anonymous set before commit phase netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/linux/netfilter/nfnetlink.h | 27 ++ include/net/netfilter/nf_tables.h | 14 + include/net/netns/nftables.h | 6 - net/netfilter/ipset/ip_set_core.c | 17 +- net/netfilter/nf_conntrack_netlink.c | 77 ++-- net/netfilter/nf_tables_api.c | 510 ++++++++++++++++----------- net/netfilter/nf_tables_offload.c | 29 +- net/netfilter/nf_tables_trace.c | 9 +- net/netfilter/nfnetlink_acct.c | 11 +- net/netfilter/nfnetlink_cthelper.c | 11 +- net/netfilter/nfnetlink_cttimeout.c | 22 +- net/netfilter/nfnetlink_log.c | 11 +- net/netfilter/nfnetlink_queue.c | 12 +- net/netfilter/nft_chain_filter.c | 11 +- net/netfilter/nft_compat.c | 11 +- net/netfilter/nft_dynset.c | 6 +- 16 files changed, 418 insertions(+), 366 deletions(-) -- 2.30.2

2 years, 5 months

2
11
0 0

[PATCH -stable,5.10 v3 00/11] Netfilter stable fixes for 5.10

by Pablo Neira Ayuso

Hi Greg, Sasha, [ This is v3: - remove backported function that is useless in patch 09/11 - use: Upstream commit XYZ tag as suggested by Salvatore Bonaccorso. ] The following list shows the backported patches. I am using original commit IDs for reference: 1) 0854db2aaef3 ("netfilter: nf_tables: use net_generic infra for transaction data") 2) 81ea01066741 ("netfilter: nf_tables: add rescheduling points during loop detection walks") 3) 1240eb93f061 ("netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE") 4) 4bedf9eee016 ("netfilter: nf_tables: fix chain binding transaction logic") 5) 26b5a5712eb8 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain") 6) 938154b93be8 ("netfilter: nf_tables: reject unbound anonymous set before commit phase") 7) 62e1e94b246e ("netfilter: nf_tables: reject unbound chain set before commit phase") 8) f8bb7889af58 ("netfilter: nftables: rename set element data activation/deactivation functions") 9) 628bd3e49cba ("netfilter: nf_tables: drop map element references from preparation phase") 10) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") 11) f838e0906dd3 ("netfilter: nf_tables: fix scheduling-while-atomic splat") Notes: - Patch #1 is a backported dependency patch required by these fixes. - Patch #3 needs an incremental follow up fix coming in Patch #11. Florian Westphal (3): netfilter: nf_tables: use net_generic infra for transaction data netfilter: nf_tables: add rescheduling points during loop detection walks netfilter: nf_tables: fix scheduling-while-atomic splat Pablo Neira Ayuso (8): netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE netfilter: nf_tables: fix chain binding transaction logic netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain netfilter: nf_tables: reject unbound anonymous set before commit phase netfilter: nf_tables: reject unbound chain set before commit phase netfilter: nftables: rename set element data activation/deactivation functions netfilter: nf_tables: drop map element references from preparation phase netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/net/netfilter/nf_tables.h | 41 +- include/net/netns/nftables.h | 7 - net/netfilter/nf_tables_api.c | 662 +++++++++++++++++++++--------- net/netfilter/nf_tables_offload.c | 30 +- net/netfilter/nft_chain_filter.c | 11 +- net/netfilter/nft_dynset.c | 6 +- net/netfilter/nft_immediate.c | 90 +++- net/netfilter/nft_set_bitmap.c | 5 +- net/netfilter/nft_set_hash.c | 23 +- net/netfilter/nft_set_pipapo.c | 14 +- net/netfilter/nft_set_rbtree.c | 5 +- 11 files changed, 648 insertions(+), 246 deletions(-) -- 2.30.2

2 years, 5 months

2
13
0 0

Backport to 4.14 and 4.19 commits 24c363623361 and 17ecffa28948 and a798a7086c38

by Christophe Leroy

Hi, Could you please backport the three following commits to 4.14 and 4.19: 24c363623361 ("spi: spi-fsl-spi: remove always-true conditional in fsl_spi_do_one_msg") 17ecffa28948 ("spi: spi-fsl-spi: relax message sanity checking a little") a798a7086c38 ("spi: spi-fsl-spi: allow changing bits_per_word while CS is still active") Those three commits (the last one indeed) are needed to overcome a problem introduced in 4.14.230 by commit 42c04316d927 ("spi: fsl-cpm: Use 16 bit mode for large transfers with even size"), which leads to the following error in certain cases: [ 174.900526] at25 spi0.3: bits_per_word/speed_hz should be same for the same SPI transfer [ 174.911844] spi_master spi0: failed to transfer one message from queue [ 366.639467] INFO: task od:406 blocked for more than 120 seconds. [ 366.645155] Not tainted 4.14.320-s3k-dev-dirty #342 [ 366.652996] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 489.519450] INFO: task od:406 blocked for more than 120 seconds. [ 489.525156] Not tainted 4.14.320-s3k-dev-dirty #342 [ 489.532915] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. ... Thanks Christophe

2 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] io_uring: Use io_schedule* in cqring wait" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 8a796565cec3601071cbbd27d6304e202019d014 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071623-deafness-gargle-5297@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 8a796565cec3 ("io_uring: Use io_schedule* in cqring wait") d33a39e57768 ("io_uring: keep timeout in io_wait_queue") 46ae7eef44f6 ("io_uring: optimise non-timeout waiting") 846072f16eed ("io_uring: mimimise io_cqring_wait_schedule") 3fcf19d592d5 ("io_uring: parse check_cq out of wq waiting") 12521a5d5cb7 ("io_uring: fix CQ waiting timeout handling") 52ea806ad983 ("io_uring: finish waiting before flushing overflow entries") 35d90f95cfa7 ("io_uring: include task_work run after scheduling in wait for events") 1b346e4aa8e7 ("io_uring: don't check overflow flush failures") a85381d8326d ("io_uring: skip overflow CQE posting for dying ring") c0e0d6ba25f1 ("io_uring: add IORING_SETUP_DEFER_TASKRUN") b4c98d59a787 ("io_uring: introduce io_has_work") 78a861b94959 ("io_uring: add sync cancelation API through io_uring_register()") c34398a8c018 ("io_uring: remove __io_req_task_work_add") ed5ccb3beeba ("io_uring: remove priority tw list optimisation") 4a0fef62788b ("io_uring: optimize io_uring_task layout") 253993210bd8 ("io_uring: introduce locking helpers for CQE posting") 305bef988708 ("io_uring: hide eventfd assumptions in eventfd paths") affa87db9010 ("io_uring: fix multi ctx cancellation") d9dee4302a7c ("io_uring: remove ->flush_cqes optimisation") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a796565cec3601071cbbd27d6304e202019d014 Mon Sep 17 00:00:00 2001 From: Andres Freund <andres(a)anarazel.de> Date: Fri, 7 Jul 2023 09:20:07 -0700 Subject: [PATCH] io_uring: Use io_schedule* in cqring wait I observed poor performance of io_uring compared to synchronous IO. That turns out to be caused by deeper CPU idle states entered with io_uring, due to io_uring using plain schedule(), whereas synchronous IO uses io_schedule(). The losses due to this are substantial. On my cascade lake workstation, t/io_uring from the fio repository e.g. yields regressions between 20% and 40% with the following command: ./t/io_uring -r 5 -X0 -d 1 -s 1 -c 1 -p 0 -S$use_sync -R 0 /mnt/t2/fio/write.0.0 This is repeatable with different filesystems, using raw block devices and using different block devices. Use io_schedule_prepare() / io_schedule_finish() in io_cqring_wait_schedule() to address the difference. After that using io_uring is on par or surpassing synchronous IO (using registered files etc makes it reliably win, but arguably is a less fair comparison). There are other calls to schedule() in io_uring/, but none immediately jump out to be similarly situated, so I did not touch them. Similarly, it's possible that mutex_lock_io() should be used, but it's not clear if there are cases where that matters. Cc: stable(a)vger.kernel.org # 5.10+ Cc: Pavel Begunkov <asml.silence(a)gmail.com> Cc: io-uring(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Andres Freund <andres(a)anarazel.de> Link: https://lore.kernel.org/r/20230707162007.194068-1-andres@anarazel.de [axboe: minor style fixup] Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c index e8096d502a7c..7505de2428e0 100644 --- a/io_uring/io_uring.c +++ b/io_uring/io_uring.c @@ -2489,6 +2489,8 @@ int io_run_task_work_sig(struct io_ring_ctx *ctx) static inline int io_cqring_wait_schedule(struct io_ring_ctx *ctx, struct io_wait_queue *iowq) { + int token, ret; + if (unlikely(READ_ONCE(ctx->check_cq))) return 1; if (unlikely(!llist_empty(&ctx->work_llist))) @@ -2499,11 +2501,20 @@ static inline int io_cqring_wait_schedule(struct io_ring_ctx *ctx, return -EINTR; if (unlikely(io_should_wake(iowq))) return 0; + + /* + * Use io_schedule_prepare/finish, so cpufreq can take into account + * that the task is waiting for IO - turns out to be important for low + * QD IO. + */ + token = io_schedule_prepare(); + ret = 0; if (iowq->timeout == KTIME_MAX) schedule(); else if (!schedule_hrtimeout(&iowq->timeout, HRTIMER_MODE_ABS)) - return -ETIME; - return 0; + ret = -ETIME; + io_schedule_finish(token); + return ret; } /*

2 years, 5 months

3
2
0 0

[PATCH 5.15 000/371] 5.15.111-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.15.111 release. There are 371 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 10 May 2023 09:47:07 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.15.111-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.15.111-rc1 Vincent Guittot <vincent.guittot(a)linaro.org> arm64: dts: qcom: sdm845: correct dynamic power coefficients - again Miles Chen <miles.chen(a)mediatek.com> sound/oss/dmasound: fix 'dmasound_setup' defined but not used Thomas Gleixner <tglx(a)linutronix.de> debugobject: Ensure pool refill (again) Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix CYC timestamps after standalone CBR Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix address filter entire kernel size Li Lingfeng <lilingfeng3(a)huawei.com> dm: don't lock fs when the map is NULL in process of resume Mike Snitzer <snitzer(a)kernel.org> dm ioctl: fix nested locking in table_clear() to remove deadlock concern Mikulas Patocka <mpatocka(a)redhat.com> dm flakey: fix a crash with invalid table line Mike Snitzer <snitzer(a)kernel.org> dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Mike Snitzer <snitzer(a)kernel.org> dm clone: call kmem_cache_destroy() in dm_clone_init() error path Yeongjin Gil <youngjin.gil(a)samsung.com> dm verity: fix error handling for check_at_most_once on FEC Hugh Dickins <hughd(a)google.com> ia64: fix an addr to taddr in huge_pte_offset() Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix hanging blockdevice after request requeue Qu Wenruo <wqu(a)suse.com> btrfs: scrub: reject unsupported scrub flags Peng Liu <liupeng17(a)lenovo.com> scripts/gdb: fix lx-timerlist for Python3 Quentin Schulz <quentin.schulz(a)theobroma-systems.com> clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent Bitterblue Smith <rtl8821cerfe2(a)gmail.com> wifi: rtl8xxxu: RTL8192EU always needs full init Tanmay Shah <tanmay.shah(a)amd.com> mailbox: zynqmp: Fix typo in IPI documentation Tanmay Shah <tanmay.shah(a)amd.com> mailbox: zynqmp: Fix IPI isr handling Michael Walle <michael(a)walle.cc> mtd: core: fix error path for nvmem provider Michael Walle <michael(a)walle.cc> mtd: core: fix nvmem error reporting Michael Walle <michael(a)walle.cc> mtd: core: provide unique name for nvmem device, take two Li Nan <linan122(a)huawei.com> md/raid10: fix null-ptr-deref in raid10_sync_request Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix infinite loop in nilfs_mdt_get_block() Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: do not write dirty data after degenerating to read-only Geraldo Nascimento <geraldogabriel(a)gmail.com> ALSA: usb-audio: Add quirk for Pioneer DDJ-800 Helge Deller <deller(a)gmx.de> parisc: Fix argument pointer in real64_call_asm() Marc Dionne <marc.dionne(a)auristor.com> afs: Fix updating of i_size with dv jump from server Matthias Schiffer <matthias.schiffer(a)ew.tq-group.com> mfd: tqmx86: Correct board names for TQMxE39x Matthias Schiffer <matthias.schiffer(a)ew.tq-group.com> mfd: tqmx86: Specify IO port register range more precisely Matthias Schiffer <matthias.schiffer(a)ew.tq-group.com> mfd: tqmx86: Do not access I2C_DETECT register through io_base Kang Chen <void0red(a)hust.edu.cn> thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe Claudiu Beznea <claudiu.beznea(a)microchip.com> dmaengine: at_xdmac: do not enable all cyclic channels Tudor Ambarus <tudor.ambarus(a)microchip.com> dmaengine: at_xdmac: Fix race for the tx desc callback Tudor Ambarus <tudor.ambarus(a)microchip.com> dmaengine: at_xdmac: Fix concurrency over chan's completed_cookie Shunsuke Mie <mie(a)igel.co.jp> dmaengine: dw-edma: Fix to enable to issue dma request on DMA processing Shunsuke Mie <mie(a)igel.co.jp> dmaengine: dw-edma: Fix to change for continuous transfer Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> dma: gpi: remove spurious unlock in gpi_ch_init Gaosheng Cui <cuigaosheng1(a)huawei.com> phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> pwm: mtk-disp: Configure double buffering before reading in .get_state() AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> pwm: mtk-disp: Disable shadow registers before setting backlight values H. Nikolaus Schaller <hns(a)goldelico.com> leds: tca6507: Fix error handling of using fwnode_property_read_string Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> dmaengine: mv_xor_v2: Fix an error code. Randy Dunlap <rdunlap(a)infradead.org> leds: TI_LMU_COMMON: select REGMAP instead of depending on it Hai Pham <hai.pham.ud(a)renesas.com> pinctrl: renesas: r8a779a0: Remove incorrect AVB[01] pinmux configuration Ye Bin <yebin10(a)huawei.com> ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Zhihao Cheng <chengzhihao1(a)huawei.com> ext4: fix i_disksize exceeding i_size problem in paritally written case Bharath SM <bharathsm(a)microsoft.com> SMB3: Close deferred file handles in case of handle lease break Bharath SM <bharathsm(a)microsoft.com> SMB3: Add missing locks to protect deferred close file list Geert Uytterhoeven <geert+renesas(a)glider.be> timekeeping: Fix references to nonexistent ktime_get_fast_ns() Stafford Horne <shorne(a)gmail.com> openrisc: Properly store r31 to pt_regs on unhandled exceptions Qinrun Dai <flno(a)hust.edu.cn> clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails Mark Zhang <markzhang(a)nvidia.com> RDMA/mlx5: Use correct device num_ports when modify DC Dai Ngo <dai.ngo(a)oracle.com> SUNRPC: remove the maximum number of retries in call_bind_status Mark Bloch <mbloch(a)nvidia.com> RDMA/mlx5: Fix flow counter query via DEVX Miaoqian Lin <linmq006(a)gmail.com> Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: gcc-sm8350: fix PCIe PIPE clocks handling Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: regmap: add PHY clock source implementation Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease Patrick Kelsey <pat.kelsey(a)cornelisnetworks.com> IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests Patrick Kelsey <pat.kelsey(a)cornelisnetworks.com> IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order Saravanan Vajravel <saravanan.vajravel(a)broadcom.com> RDMA/srpt: Add a check for valid 'mad_agent' pointer Mark Zhang <markzhang(a)nvidia.com> RDMA/cm: Trace icm_send_rej event before the cm state is reset Konrad Dybcio <konrad.dybcio(a)linaro.org> clk: qcom: gcc-sm6115: Mark RCGs shared where applicable Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> RDMA/siw: Remove namespace check from siw_netdev_event() Clément Léger <clement.leger(a)bootlin.com> clk: add missing of_node_put() in "assigned-clocks" property parsing Sebastian Reichel <sre(a)kernel.org> power: supply: generic-adc-battery: fix unit scaling Zeng Heng <zengheng4(a)huawei.com> fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de() ZhangPeng <zhangpeng362(a)huawei.com> fs/ntfs3: Fix OOB read in indx_insert_into_buffer ZhangPeng <zhangpeng362(a)huawei.com> fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> fs/ntfs3: Add check for kmemdup Chen Zhongjin <chenzhongjin(a)huawei.com> fs/ntfs3: Fix memory leak if ntfs_read_mft failed Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> rtc: meson-vrtc: Use ktime_get_real_ts64() to get the current time Dan Carpenter <error27(a)gmail.com> RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> rtc: omap: include header for omap_rtc_power_off_program prototype Petr Mladek <pmladek(a)suse.com> workqueue: Fix hung time report of worker pools Imran Khan <imran.f.khan(a)oracle.com> workqueue: Introduce show_one_worker_pool and show_one_workqueue. Natalia Petrova <n.petrova(a)fintech.ru> RDMA/rdmavt: Delete unnecessary NULL check Daniil Dulov <d.dulov(a)aladdin.ru> RDMA/siw: Fix potential page_array out of range access Claudiu Beznea <claudiu.beznea(a)microchip.com> clk: at91: clk-sam9x60-pll: fix return value check Schspa Shi <schspa(a)gmail.com> sched/rt: Fix bad task migration for rt tasks Josh Poimboeuf <jpoimboe(a)kernel.org> Revert "objtool: Support addition to set CFA base" Yang Jihong <yangjihong1(a)huawei.com> perf/core: Fix hardlockup failure caused by perf throttle Libo Chen <libo.chen(a)oracle.com> sched/fair: Fix inaccurate tally of ttwu_move_affine Yafang Shao <laoar.shao(a)gmail.com> sched: Make struct sched_statistics independent of fair sched class Yafang Shao <laoar.shao(a)gmail.com> sched/fair: Use __schedstat_set() in set_next_entity() Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/rtas: use memmove for potentially overlapping buffer copy Randy Dunlap <rdunlap(a)infradead.org> macintosh: via-pmu-led: requires ATA to be set Randy Dunlap <rdunlap(a)infradead.org> powerpc/sysdev/tsi108: fix resource printk format warnings Randy Dunlap <rdunlap(a)infradead.org> powerpc/wii: fix resource printk format warnings Randy Dunlap <rdunlap(a)infradead.org> powerpc/mpc512x: fix resource printk format warning Liang He <windhl(a)126.com> macintosh/windfarm_smu_sat: Add missing of_node_put() Dhruva Gole <d-gole(a)ti.com> spi: bcm63xx: remove PM_SLEEP based conditional compilation Albert Huang <huangjie.albert(a)bytedance.com> virtio_ring: don't update event idx on get_buf Jishnu Prakash <quic_jprakash(a)quicinc.com> spmi: Add a check for remove callback when removing a SPMI driver Philipp Hortmann <philipp.g.hortmann(a)gmail.com> staging: rtl8192e: Fix W_DISABLE# does not work after stop/start Florian Fainelli <f.fainelli(a)gmail.com> serial: 8250: Add missing wakeup event reporting Shenwei Wang <shenwei.wang(a)nxp.com> tty: serial: fsl_lpuart: adjust buffer length to the intended size Dan Carpenter <dan.carpenter(a)linaro.org> firmware: stratix10-svc: Fix an NULL vs IS_ERR() bug in probe Chunfeng Yun <chunfeng.yun(a)mediatek.com> usb: mtu3: fix kernel panic at qmu transfer done irq handler Yinhao Hu <dddddd(a)hust.edu.cn> usb: chipidea: fix missing goto in `ci_hdrc_probe` Jon Hunter <jonathanh(a)nvidia.com> usb: gadget: tegra-xudc: Fix crash in vbus_draw John Paul Adrian Glaubitz <glaubitz(a)physik.fu-berlin.de> sh: sq: Fix incorrect element size for allocating bitmap buffer Kevin Brodsky <kevin.brodsky(a)arm.com> uapi/linux/const.h: prefer ISO-friendly __typeof__ Florian Fainelli <f.fainelli(a)gmail.com> scripts/gdb: raise error with reduced debugging information Lars-Peter Clausen <lars(a)metafoo.de> i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path Dhruva Gole <d-gole(a)ti.com> spi: cadence-quadspi: fix suspend-resume implementations Liliang Ye <yll(a)hust.edu.cn> ASoC: fsl_mqs: move of_node_put() to the correct location Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: etm_pmu: Set the module field Basavaraj Natikar <Basavaraj.Natikar(a)amd.com> HID: amd_sfh: Add support for shutdown operation Florian Fainelli <f.fainelli(a)gmail.com> scripts/gdb: bail early if there are no generic PD Florian Fainelli <f.fainelli(a)gmail.com> scripts/gdb: bail early if there are no clocks Randy Dunlap <rdunlap(a)infradead.org> ia64: salinfo: placate defined-but-not-used warning Randy Dunlap <rdunlap(a)infradead.org> ia64: mm/contig: fix section mismatch warning/error Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy(a)linux.intel.com> PCI/EDR: Clear Device Status after EDR error recovery Miquel Raynal <miquel.raynal(a)bootlin.com> of: Fix modalias string generation Dae R. Jeong <threeearcat(a)gmail.com> vmci_host: fix a race condition in vmci_host_poll() causing GPF Christophe Leroy <christophe.leroy(a)csgroup.eu> spi: fsl-spi: Fix CPM/QE mode Litte Endian Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> spi: qup: Don't skip cleanup in remove's error path Randy Dunlap <rdunlap(a)infradead.org> linux/vt_buffer.h: allow either builtin or modular for macros Cristian Ciocaltea <cristian.ciocaltea(a)collabora.com> ASoC: es8316: Handle optional IRQ assignment H. Nikolaus Schaller <hns(a)goldelico.com> PCI: imx6: Install the fault handler only on compatible match Zheng Wang <zyytlz.wz(a)163.com> usb: gadget: udc: renesas_usb3: Fix use after free bug in renesas_usb3_remove due to race condition Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> spi: imx: Don't skip cleanup in remove's error path Minghao Chi <chi.minghao(a)zte.com.cn> spi: spi-imx: using pm_runtime_resume_and_get instead of pm_runtime_get_sync Doug Berger <opendmb(a)gmail.com> serial: 8250_bcm7271: Fix arbitration handling Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> iio: light: max44009: add missing OF device matching Marco Pagani <marpagan(a)redhat.com> fpga: bridge: fix kernel-doc parameter description Marek Vasut <marex(a)denx.de> serial: stm32: Re-assert RTS/DE GPIO in RS485 mode only if more data are transmitted Erwan Le Ray <erwan.leray(a)foss.st.com> serial: stm32: re-introduce an irq flag condition in usart_receive_chars Prashanth K <quic_prashk(a)quicinc.com> usb: dwc3: gadget: Change condition for processing suspend event Wolfram Sang <wsa+renesas(a)sang-engineering.com> usb: host: xhci-rcar: remove leftover quirk handling John Stultz <jstultz(a)google.com> pstore: Revert pmsg_lock back to a normal mutex Hans de Goede <hdegoede(a)redhat.com> drivers: staging: rtl8723bs: Fix locking in rtw_scan_timeout_handler() Hans de Goede <hdegoede(a)redhat.com> drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Randy Dunlap <rdunlap(a)infradead.org> ipmi: ASPEED_BT_IPMI_BMC: select REGMAP_MMIO instead of depending on it Kuniyuki Iwashima <kuniyu(a)amazon.com> tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. Gencen Gan <gangecen(a)hust.edu.cn> net: amd: Fix link leak when verifying config failed Kuniyuki Iwashima <kuniyu(a)amazon.com> netlink: Use copy_to_user() for optval in netlink_getsockopt(). Liu Jian <liujian56(a)huawei.com> Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work" Ziyang Xuan <william.xuanziyang(a)huawei.com> ipv4: Fix potential uninit variable access bug in __ip_make_skb() Davide Caratti <dcaratti(a)redhat.com> net/sched: sch_fq: fix integer overflow of "credit" Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: don't write table validation state without mutex Stanislav Fomichev <sdf(a)google.com> bpf: Don't EFAULT for getsockopt with optval=NULL Yan Wang <rk.code(a)outlook.com> net: stmmac:fix system hang when setting up tag_8021q VLAN for DSA ports Chris Mi <cmi(a)nvidia.com> net/mlx5: E-switch, Don't destroy indirect table in split rule Joe Damato <jdamato(a)fastly.com> ixgbe: Enable setting RSS table to default values Joe Damato <jdamato(a)fastly.com> ixgbe: Allow flow hash to be set via ethtool Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: fw: fix memory leak in debugfs Johannes Berg <johannes.berg(a)intel.com> wifi: iwlwifi: mvm: check firmware response size Quan Zhou <quan.zhou(a)mediatek.com> wifi: mt76: mt7921e: improve reliability of dma reset Ming Yen Hsieh <mingyen.hsieh(a)mediatek.com> wifi: mt76: fix 6GHz high channel not be scanned Quan Zhou <quan.zhou(a)mediatek.com> wifi: mt76: mt7921e: fix probe timeout after reboot Deren Wu <deren.wu(a)mediatek.com> wifi: mt76: add flexible polling wait-interval support Kang Chen <void0red(a)gmail.com> wifi: mt76: handle failure of vzalloc in mt7615_coredump_work Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> wifi: iwlwifi: make the loop for card preparation effective Jan Kara <jack(a)suse.cz> jdb2: Don't refuse invalidation of already invalidated buffers Tom Rix <trix(a)redhat.com> wifi: iwlwifi: fw: move memset before early return Tom Rix <trix(a)redhat.com> wifi: iwlwifi: mvm: initialize seq variable Daniel Gabay <daniel.gabay(a)intel.com> wifi: iwlwifi: yoyo: Fix possible division by zero Daniel Gabay <daniel.gabay(a)intel.com> wifi: iwlwifi: yoyo: skip dump correctly on hw error Yu Kuai <yukuai3(a)huawei.com> md/raid10: don't call bio_start_io_acct twice for bio which experienced read error Yu Kuai <yukuai3(a)huawei.com> md/raid10: fix memleak of md thread Yu Kuai <yukuai3(a)huawei.com> md/raid10: fix memleak for 'conf->bio_split' Yu Kuai <yukuai3(a)huawei.com> md/raid10: fix leak of 'r10bio->remaining' for recovery Li Nan <linan122(a)huawei.com> md/raid10: fix task hung in raid10d Yu Kuai <yukuai3(a)huawei.com> md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() Vishal Verma <vverma(a)digitalocean.com> md: raid10 add nowait support Mariusz Tkaczyk <mariusz.tkaczyk(a)linux.intel.com> md: drop queue limitation for RAID1 and RAID10 Daniel Borkmann <daniel(a)iogearbox.net> bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap Song Liu <song(a)kernel.org> selftests/bpf: Fix leaked bpf_link in get_stackid_cannot_attach Ming Lei <ming.lei(a)redhat.com> nvme-fcloop: fix "inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage" Keith Busch <kbusch(a)kernel.org> nvme: fix async event trace event Michael Kelley <mikelley(a)microsoft.com> nvme: handle the persistent internal error AER Damien Le Moal <damien.lemoal(a)opensource.wdc.com> nvmet: fix I/O Command Set specific Identify Controller Damien Le Moal <damien.lemoal(a)opensource.wdc.com> nvmet: fix Identify Active Namespace ID list handling Damien Le Moal <damien.lemoal(a)opensource.wdc.com> nvmet: fix Identify Controller handling Damien Le Moal <damien.lemoal(a)opensource.wdc.com> nvmet: fix Identify Namespace handling Damien Le Moal <damien.lemoal(a)opensource.wdc.com> nvmet: fix error handling in nvmet_execute_identify_cns_cs_ns() Christoph Hellwig <hch(a)lst.de> nvmet: move the call to nvmet_ns_changed out of nvmet_ns_revalidate Chaitanya Kulkarni <kch(a)nvidia.com> nvmet: use i_size_read() to set size for file-ns Xin Liu <liuxin350(a)huawei.com> bpf, sockmap: fix deadlocks in the sockhash and sockmap Sebastian Reichel <sebastian.reichel(a)collabora.com> net: ethernet: stmmac: dwmac-rk: fix optional phy regulator handling Shuchang Li <lishuchang(a)hust.edu.cn> scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup() Chao Yu <chao(a)kernel.org> f2fs: fix to avoid use-after-free for cached IPU bio Kal Conley <kal.conley(a)dectris.com> xsk: Fix unaligned descriptor validation Herbert Xu <herbert(a)gondor.apana.org.au> crypto: drbg - Only fail when jent is unavailable in FIPS mode Nicolai Stange <nstange(a)suse.de> crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors Quentin Monnet <quentin(a)isovalent.com> bpftool: Fix bug for long instructions in program CFG dumps YiFei Zhu <zhuyifei(a)google.com> selftests/bpf: Wait for receive in cg_storage_multi test Kal Conley <kal.conley(a)dectris.com> selftests: xsk: Disable IPv6 on VETH1 Simon Horman <horms(a)kernel.org> net: qrtr: correct types of trace event parameters Armin Wolf <W_Armin(a)gmx.de> wifi: rt2x00: Fix memory leak when handling surveys Wei Chen <harperchen1110(a)gmail.com> wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_reg() Wei Chen <harperchen1110(a)gmail.com> wifi: rtlwifi: fix incorrect error codes in rtl_debugfs_set_write_rfreg() Suman Anna <s-anna(a)ti.com> crypto: sa2ul - Select CRYPTO_DES Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> crypto: caam - Clear some memory in instantiate_rng Yangtao Li <frank.li(a)vivo.com> f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages() Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: apply zone capacity to all zone type Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: enforce single zone capacity Yangtao Li <frank.li(a)vivo.com> f2fs: handle dqget error in f2fs_transfer_project_quota() Danila Chernetsov <listdansp(a)mail.ru> scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS Mike Christie <michael.christie(a)oracle.com> scsi: target: iscsit: Fix TAS handling during conn cleanup Mike Christie <michael.christie(a)oracle.com> scsi: target: Fix multiple LUN_RESET handling Eric Dumazet <edumazet(a)google.com> net/packet: convert po->auxdata to an atomic flag Eric Dumazet <edumazet(a)google.com> net/packet: convert po->origdev to an atomic flag Eric Dumazet <edumazet(a)google.com> net/packet: annotate accesses to po->xmit Vadim Fedorenko <vadim.fedorenko(a)linux.dev> vlan: partially enable SIOCSHWTSTAMP in container Russell King (Oracle) <rmk+kernel(a)armlinux.org.uk> net: pcs: xpcs: remove double-read of link state when using AN Luis Gerhorst <gerhorst(a)cs.fau.de> bpf: Remove misleading spec_v1 check on var-offset stack read Martin KaFai Lau <martin.lau(a)kernel.org> selftests/bpf: Fix a fd leak in an error path in network_helpers.c Alexander Mikhalitsyn <aleksandr.mikhalitsyn(a)canonical.com> scm: fix MSG_CTRUNC setting condition for SO_PASSSEC Andrii Nakryiko <andrii(a)kernel.org> bpf: fix precision propagation verbose logging Andrii Nakryiko <andrii(a)kernel.org> bpf: take into account liveness when propagating precision Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> wifi: rtw88: mac: Return the original error from rtw_mac_power_switch() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> wifi: rtw88: mac: Return the original error from rtw_pwr_seq_parser() Luis Gerhorst <gerhorst(a)cs.fau.de> tools: bpftool: Remove invalid \' json escape Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath6kl: reduce WARN to dev_dbg() in callback John Keeping <john(a)metanate.com> wifi: brcmfmac: support CQM RSSI notification with older firmware Dan Carpenter <error27(a)gmail.com> wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list() Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: hif_usb: fix memory leak of remain_skbs Alexey V. Vissarionov <gremlin(a)altlinux.org> wifi: ath6kl: minor fix for allocation size Tomáš Pecka <tomas.pecka(a)cesnet.cz> hwmon: (pmbus/fsp-3y) Fix functionality bitmask in FSP-3Y YM-2151E Sanjay Chandrashekara <sanjayc(a)nvidia.com> cpufreq: use correct unit when verify cur freq Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tick/common: Align tick period with the HZ tick. Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Make intel_get_crtc_new_encoder() less oopsy Thomas Gleixner <tglx(a)linutronix.de> debugobject: Prevent init race with static objects Sumit Garg <sumit.garg(a)linaro.org> arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step Saurabh Sengar <ssengar(a)linux.microsoft.com> x86/ioapic: Don't return 0 from arch_dynirq_lower_bound() YAN SHI <m202071378(a)hust.edu.cn> regulator: stm32-pwr: fix of_iomap leak Michał Krawczyk <mk(a)semihalf.com> media: venus: dec: Fix handling of the start cmd Florian Fainelli <f.fainelli(a)gmail.com> media: rc: gpio-ir-recv: Fix support for wake-up Igor Artemiev <Igor.A.Artemiev(a)mcst.ru> drm/amd/display: Fix potential null dereference Miaoqian Lin <linmq006(a)gmail.com> media: rcar_fdp1: Fix refcount leak in probe and remove function Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> media: rcar_fdp1: Convert to platform remove callback returning void Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> platform: Provide a remove callback that returns no value Tang Bin <tangbin(a)cmss.chinamobile.com> media: rcar_fdp1: Fix the correct variable assignments Cai Huoqing <caihuoqing(a)baidu.com> media: rcar_fdp1: Make use of the helper function devm_platform_ioremap_resource() Zheng Wang <zyytlz.wz(a)163.com> media: saa7134: fix use after free bug in saa7134_finidev due to race condition Zheng Wang <zyytlz.wz(a)163.com> media: dm1105: Fix use after free bug in dm1105_remove due to race condition Zheng Wang <zyytlz.wz(a)163.com> media: rkvdec: fix use after free bug in rkvdec_remove Uros Bizjak <ubizjak(a)gmail.com> x86/apic: Fix atomic update of offset in reserve_eilvt_offset() Douglas Anderson <dianders(a)chromium.org> regulator: core: Avoid lockdep reports when resolving supplies Douglas Anderson <dianders(a)chromium.org> regulator: core: Consistently set mutex_owner when using ww_mutex_lock_slow() Thomas Hellström <thomas.hellstrom(a)linux.intel.com> drm/ttm/pool: Fix ttm_pool_alloc error path Christian König <christian.koenig(a)amd.com> drm/ttm: optimize pool allocations a bit v2 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8994-msft-lumia-octagon: drop unit address from PMI8994 regulator Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: msm8994-kitakami: drop unit address from PMI8994 regulator Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sc7180-trogdor-lazor: correct trackpad supply Conor Dooley <conor.dooley(a)microchip.com> mailbox: mpfs: switch to txdone_poll Harshit Mogalapalli <harshit.m.mogalapalli(a)oracle.com> drm/lima/lima_drv: Add missing unwind goto in lima_pdev_probe() Jean-Philippe Brucker <jean-philippe(a)linaro.org> ACPI: VIOT: Initialize the correct IOMMU fwspec Cristian Marussi <cristian.marussi(a)arm.com> firmware: arm_scmi: Fix xfers allocation on Rx channel H. Nikolaus Schaller <hns(a)goldelico.com> ARM: dts: gta04: fix excess dma channel usage Dan Carpenter <error27(a)gmail.com> drm: rcar-du: Fix a NULL vs IS_ERR() bug Georgii Kruglov <georgy.kruglov(a)yandex.ru> mmc: sdhci-of-esdhc: fix quirk to ignore command inhibit for data Roger Pau Monne <roger.pau(a)citrix.com> ACPI: processor: Fix evaluating _PDC method when running as Xen dom0 Lee Jones <lee(a)kernel.org> drm/amd/display/dc/dce60/Makefile: Fix previous attempt to silence known override-init warnings Adam Skladowski <a39.skl(a)gmail.com> drm: msm: adreno: Disable preemption on Adreno 510 Johan Hovold <johan+linaro(a)kernel.org> drm/msm/adreno: drop bogus pm_runtime_set_active() Rob Clark <robdclark(a)chromium.org> drm/msm/adreno: Defer enabling runpm until hw_init() Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> media: max9286: Free control handler Adam Ford <aford173(a)gmail.com> drm/bridge: adv7533: Fix adv7533_mode_valid for adv7533 and adv7535 Mukesh Ojha <quic_mojha(a)quicinc.com> firmware: qcom_scm: Clear download bit during reboot Dan Carpenter <error27(a)gmail.com> media: av7110: prevent underflow in write_ts_to_decoder() Jiasheng Jiang <jiasheng(a)iscas.ac.cn> media: bdisp: Add missing check for create_workqueue Muralidhara M K <muralimk(a)amd.com> x86/MCE/AMD: Use an u64 for bank_map Manivannan Sadhasivam <mani(a)kernel.org> ARM: dts: qcom: ipq8064: Fix the PCI I/O port range Christian Marangi <ansuelsmth(a)gmail.com> ARM: dts: qcom: ipq8064: reduce pci IO size to 64K Manivannan Sadhasivam <mani(a)kernel.org> ARM: dts: qcom: ipq4019: Fix the PCI I/O port range Manivannan Sadhasivam <mani(a)kernel.org> arm64: dts: qcom: sm8250: Fix the PCI I/O port range Manivannan Sadhasivam <mani(a)kernel.org> arm64: dts: qcom: msm8996: Fix the PCI I/O port range Manivannan Sadhasivam <mani(a)kernel.org> arm64: dts: qcom: ipq6018: Fix the PCI I/O port range Manivannan Sadhasivam <mani(a)kernel.org> arm64: dts: qcom: ipq8074: Fix the PCI I/O port range Manivannan Sadhasivam <mani(a)kernel.org> arm64: dts: qcom: msm8998: Fix the PCI I/O port range Manivannan Sadhasivam <mani(a)kernel.org> arm64: dts: qcom: sdm845: Fix the PCI I/O port range Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> arm64: dts: qcom: sdm845: correct dynamic power coefficients Konrad Dybcio <konrad.dybcio(a)linaro.org> arm64: dts: qcom: msm8998: Fix stm-stimulus-base reg name Rafał Miłecki <rafal(a)milecki.pl> arm64: dts: broadcom: bcmbca: bcm4908: fix procmon nodename Rafał Miłecki <rafal(a)milecki.pl> arm64: dts: broadcom: bcmbca: bcm4908: fix NAND interrupt name William Zhang <william.zhang(a)broadcom.com> arm64: dts: Move BCM4908 dts to bcmbca folder Rafał Miłecki <rafal(a)milecki.pl> arm64: dts: Add base DTS file for bcmbca device Asus GT-AX6000 Anand Gore <anand.gore(a)broadcom.com> ARM64: dts: Add DTS files for bcmbca SoC BCM6858 William Zhang <william.zhang(a)broadcom.com> arm64: dts: Add DTS files for bcmbca SoC BCM4912 William Zhang <william.zhang(a)broadcom.com> arm64: dts: Add DTS files for bcmbca SoC BCM63158 Rafał Miłecki <rafal(a)milecki.pl> arm64: dts: broadcom: bcm4908: add DT for Netgear RAXE500 Bhavya Kapoor <b-kapoor(a)ti.com> arm64: dts: ti: k3-j721e-main: Remove ti,strobe-sel property Douglas Anderson <dianders(a)chromium.org> regulator: core: Shorten off-on-delay-us for always-on/boot-on by time since booted Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> EDAC/skx: Fix overflows on the DRAM row address mapping arrays Vinod Polimera <quic_vpolimer(a)quicinc.com> drm/msm/disp/dpu: check for crtc enable rather than crtc active to release shared resources Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: renesas: r8a774c0: Remove bogus voltages from OPP table Geert Uytterhoeven <geert+renesas(a)glider.be> arm64: dts: renesas: r8a77990: Remove bogus voltages from OPP table Miaoqian Lin <linmq006(a)gmail.com> soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe Terry Bowman <terry.bowman(a)amd.com> tools/x86/kcpuid: Fix avx512bw and avx512lvl fields in Fn00000007 Dom Cobley <popcornmix(a)gmail.com> drm/probe-helper: Cancel previous job before starting new one Maíra Canal <mcanal(a)igalia.com> drm/vgem: add missing mutex_destroy Rob Clark <robdclark(a)chromium.org> drm/rockchip: Drop unbalanced obj unref Jingbo Xu <jefflexu(a)linux.alibaba.com> erofs: fix potential overflow calculating xattr_isize Gao Xiang <hsiangkao(a)linux.alibaba.com> erofs: stop parsing non-compact HEAD index if clusterofs is invalid Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm_tis: Claim locality when interrupts are reenabled on resume Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm: Implement usage counter for locality Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm_tis: Claim locality before writing interrupt registers Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register Lino Sanfilippo <l.sanfilippo(a)kunbus.com> tpm, tpm_tis: Do not skip reset of original interrupt vector Paul Moore <paul(a)paul-moore.com> selinux: ensure av_permissions.h is built when needed Ondrej Mosnacek <omosnace(a)redhat.com> selinux: fix Makefile dependencies of flask.h Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> selftests/resctrl: Check for return value after write_schemata() Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> selftests/resctrl: Allow ->setup() to return errors Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> selftests/resctrl: Move ->setup() call outside of test specific branches Shaopeng Tan <tan.shaopeng(a)jp.fujitsu.com> selftests/resctrl: Extend CPU vendor detection Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> selftests/resctrl: Return NULL if malloc_and_init_memory() did not alloc mem Zqiang <qiang1.zhang(a)intel.com> rcu: Fix missing TICK_DEP_MASK_RCU_EXP dependency check Randy Dunlap <rdunlap(a)infradead.org> sound/oss/dmasound: fix build when drivers are mixed =y/=m Dave Chinner <dchinner(a)redhat.com> xfs: don't consider future format versions valid Mårten Lindahl <marten.lindahl(a)axis.com> ubifs: Free memory for tmpfile name Wang YanQing <udknight(a)gmail.com> ubi: Fix return value overwrite issue in try_write_vid_and_data() Zhihao Cheng <chengzhihao1(a)huawei.com> ubifs: Fix memleak when insert_old_idx() failed Zhihao Cheng <chengzhihao1(a)huawei.com> Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path" Kishon Vijay Abraham I <kvijayab(a)amd.com> iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE Ondrej Mosnacek <omosnace(a)redhat.com> tracing: Fix permissions for the buffer_percent file Song Shuai <suagrfillet(a)gmail.com> riscv: mm: remove redundant parameter of create_fdt_early_page_table Reid Tonking <reidt(a)ti.com> i2c: omap: Fix standard mode false ACK readings Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix memleak in session setup Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem() Namjae Jeon <linkinjeon(a)kernel.org> ksmbd: call rcu_barrier() in ksmbd_server_exit() Baokun Li <libaokun1(a)huawei.com> writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs Zhang Zhengming <zhang.zhengming(a)h3c.com> relayfs: fix out-of-bounds access in relay_file_read Sean Christopherson <seanjc(a)google.com> KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted Roberto Sassu <roberto.sassu(a)huawei.com> reiserfs: Add security prefix to xattr name in reiserfs_security_write() Zheng Yejian <zhengyejian1(a)huawei.com> rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed Jonathan McDowell <noodles(a)earth.li> crypto: safexcel - Cleanup ring IRQ workqueues on load failure Toke Høiland-Jørgensen <toke(a)redhat.com> crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON() Johannes Berg <johannes.berg(a)intel.com> ring-buffer: Sync IRQ works before buffer destruction Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> pinctrl: qcom: lpass-lpi: set output value before enabling output Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> soundwire: qcom: correct setting ignore bit on v1.5.1 Heiner Kallweit <hkallweit1(a)gmail.com> pwm: meson: Fix g12a ao clk81 name Heiner Kallweit <hkallweit1(a)gmail.com> pwm: meson: Fix axg ao mux parents Felix Fietkau <nbd(a)nbd.name> wifi: mt76: add missing locking to protect against concurrent rx/status calls Kees Cook <keescook(a)chromium.org> kheaders: Use array declaration instead of char Zhang Yuchen <zhangyuchen.lcr(a)bytedance.com> ipmi: fix SSIF not responding under certain cond. Corey Minyard <minyard(a)acm.org> ipmi:ssif: Add send_retries increment Jiaxun Yang <jiaxun.yang(a)flygoat.com> MIPS: fw: Allow firmware to pass a empty env Joel Fernandes (Google) <joel(a)joelfernandes.org> tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem Johan Hovold <johan+linaro(a)kernel.org> xhci: fix debugfs register accesses while suspended Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH Nuno Sá <nuno.sa(a)analog.com> staging: iio: resolver: ads1210: fix config mode Harshad Shirwadkar <harshadshirwadkar(a)gmail.com> ext4: use ext4_journal_start/stop for fast commit transactions Eric Biggers <ebiggers(a)google.com> blk-crypto: make blk_crypto_evict_key() more robust Eric Biggers <ebiggers(a)google.com> blk-crypto: make blk_crypto_evict_key() return void Eric Biggers <ebiggers(a)google.com> blk-mq: release crypto keyslot before reporting I/O complete Thomas Gleixner <tglx(a)linutronix.de> posix-cpu-timers: Implement the missing timer_wait_running callback Chris Packham <chris.packham(a)alliedtelesis.co.nz> hwmon: (adt7475) Use device_property APIs when configuring polarity Babu Moger <Babu.Moger(a)amd.com> hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write Johan Hovold <johan+linaro(a)kernel.org> USB: dwc3: fix runtime pm imbalance on unbind Johan Hovold <johan+linaro(a)kernel.org> USB: dwc3: fix runtime pm imbalance on probe errors Randy Dunlap <rdunlap(a)infradead.org> IMA: allow/fix UML builds Manivannan Sadhasivam <mani(a)kernel.org> PCI: qcom: Fix the incorrect register usage in v2.7.0 config Lukas Wunner <lukas(a)wunner.de> PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock Ard Biesheuvel <ardb(a)kernel.org> arm64: Stash shadow stack pointer in the task struct on interrupt Ard Biesheuvel <ardb(a)kernel.org> arm64: Always load shadow stack pointer directly from the task struct Mario Limonciello <mario.limonciello(a)amd.com> wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset Jiri Slaby (SUSE) <jirislaby(a)kernel.org> wireguard: timers: cast enum limits members to int in prints Tony Luck <tony.luck(a)intel.com> x86/cpu: Add model number for Intel Arrow Lake processor Vladimir Oltean <vladimir.oltean(a)nxp.com> asm-generic/io.h: suppress endianness warnings for readq() and writeq() Anh Tuan Phan <tuananhlfc(a)gmail.com> selftests mount: Fix mount_setattr_test builds failed Hans de Goede <hdegoede(a)redhat.com> ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750 Patrik Dahlström <risca(a)dalakolonin.se> iio: adc: palmas_gpadc: fix NULL dereference on rmmod Michael Kelley <mikelley(a)microsoft.com> x86/hyperv: Block root partition functionality in a Confidential VM Shengjiu Wang <shengjiu.wang(a)nxp.com> ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm Eugene Huang <eugene.huang99(a)gmail.com> ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15 ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/omap3-gta04.dtsi | 16 + arch/arm/boot/dts/qcom-ipq4019.dtsi | 4 +- arch/arm/boot/dts/qcom-ipq8064.dtsi | 12 +- arch/arm64/boot/dts/broadcom/Makefile | 2 +- arch/arm64/boot/dts/broadcom/bcm4908/Makefile | 4 - arch/arm64/boot/dts/broadcom/bcmbca/Makefile | 10 + .../{bcm4908 => bcmbca}/bcm4906-netgear-r8000p.dts | 0 .../bcm4906-tplink-archer-c2300-v1.dts | 0 .../dts/broadcom/{bcm4908 => bcmbca}/bcm4906.dtsi | 0 .../{bcm4908 => bcmbca}/bcm4908-asus-gt-ac5300.dts | 0 .../broadcom/bcmbca/bcm4908-netgear-raxe500.dts | 50 ++ .../dts/broadcom/{bcm4908 => bcmbca}/bcm4908.dtsi | 4 +- .../dts/broadcom/bcmbca/bcm4912-asus-gt-ax6000.dts | 19 + arch/arm64/boot/dts/broadcom/bcmbca/bcm4912.dtsi | 128 +++++ arch/arm64/boot/dts/broadcom/bcmbca/bcm63158.dtsi | 128 +++++ arch/arm64/boot/dts/broadcom/bcmbca/bcm6858.dtsi | 121 +++++ arch/arm64/boot/dts/broadcom/bcmbca/bcm94912.dts | 30 ++ arch/arm64/boot/dts/broadcom/bcmbca/bcm963158.dts | 30 ++ arch/arm64/boot/dts/broadcom/bcmbca/bcm96858.dts | 30 ++ arch/arm64/boot/dts/qcom/ipq6018.dtsi | 6 +- arch/arm64/boot/dts/qcom/ipq8074.dtsi | 12 +- .../boot/dts/qcom/msm8994-msft-lumia-octagon.dtsi | 3 +- .../dts/qcom/msm8994-sony-xperia-kitakami.dtsi | 3 +- arch/arm64/boot/dts/qcom/msm8996.dtsi | 12 +- arch/arm64/boot/dts/qcom/msm8998.dtsi | 4 +- .../qcom/sc7180-trogdor-lazor-limozeen-nots-r4.dts | 2 +- arch/arm64/boot/dts/qcom/sdm845.dtsi | 30 +- arch/arm64/boot/dts/qcom/sm8250.dtsi | 8 +- arch/arm64/boot/dts/renesas/r8a774c0.dtsi | 3 - arch/arm64/boot/dts/renesas/r8a77990.dtsi | 3 - arch/arm64/boot/dts/ti/k3-j721e-main.dtsi | 1 - arch/arm64/include/asm/debug-monitors.h | 1 + arch/arm64/include/asm/scs.h | 7 +- arch/arm64/kernel/debug-monitors.c | 5 + arch/arm64/kernel/entry.S | 16 +- arch/arm64/kernel/head.S | 2 +- arch/arm64/kernel/kgdb.c | 2 + arch/ia64/kernel/salinfo.c | 2 +- arch/ia64/mm/contig.c | 2 +- arch/ia64/mm/hugetlbpage.c | 2 +- arch/mips/fw/lib/cmdline.c | 2 +- arch/openrisc/kernel/entry.S | 6 +- arch/parisc/kernel/real2.S | 5 +- arch/powerpc/kernel/rtas.c | 2 +- arch/powerpc/platforms/512x/clock-commonclk.c | 2 +- arch/powerpc/platforms/embedded6xx/flipper-pic.c | 2 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 2 +- arch/powerpc/platforms/embedded6xx/wii.c | 4 +- arch/powerpc/sysdev/tsi108_pci.c | 5 +- arch/riscv/mm/init.c | 6 +- arch/sh/kernel/cpu/sh4/sq.c | 2 +- arch/x86/include/asm/intel-family.h | 2 + arch/x86/kernel/apic/apic.c | 5 +- arch/x86/kernel/apic/io_apic.c | 14 +- arch/x86/kernel/cpu/mce/amd.c | 14 +- arch/x86/kernel/cpu/mshyperv.c | 12 +- arch/x86/kvm/vmx/vmx.c | 15 + block/blk-core.c | 7 + block/blk-crypto-internal.h | 25 +- block/blk-crypto.c | 69 ++- block/blk-merge.c | 2 + block/blk-mq.c | 2 +- block/keyslot-manager.c | 43 +- crypto/algapi.c | 4 +- crypto/drbg.c | 16 +- drivers/acpi/processor_pdc.c | 11 + drivers/acpi/viot.c | 5 +- drivers/base/cpu.c | 3 +- drivers/base/platform.c | 4 +- drivers/bluetooth/btsdio.c | 1 - drivers/char/ipmi/Kconfig | 3 +- drivers/char/ipmi/ipmi_ssif.c | 8 +- drivers/char/tpm/tpm_tis_core.c | 131 +++-- drivers/char/tpm/tpm_tis_core.h | 2 + drivers/clk/at91/clk-sam9x60-pll.c | 2 +- drivers/clk/clk-conf.c | 12 +- drivers/clk/qcom/Makefile | 1 + drivers/clk/qcom/clk-regmap-phy-mux.c | 62 +++ drivers/clk/qcom/clk-regmap-phy-mux.h | 33 ++ drivers/clk/qcom/gcc-sm6115.c | 50 +- drivers/clk/qcom/gcc-sm8350.c | 47 +- drivers/clk/rockchip/clk-rk3399.c | 2 +- drivers/clocksource/timer-davinci.c | 30 +- drivers/cpufreq/cpufreq.c | 2 +- drivers/crypto/Kconfig | 1 + drivers/crypto/caam/ctrl.c | 6 +- drivers/crypto/inside-secure/safexcel.c | 37 +- drivers/dma/at_xdmac.c | 33 +- drivers/dma/dw-edma/dw-edma-core.c | 27 +- drivers/dma/mv_xor_v2.c | 2 +- drivers/dma/qcom/gpi.c | 1 - drivers/edac/skx_base.c | 4 +- drivers/firmware/arm_scmi/driver.c | 2 +- drivers/firmware/qcom_scm.c | 3 +- drivers/firmware/stratix10-svc.c | 4 +- drivers/fpga/fpga-bridge.c | 2 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 3 +- drivers/gpu/drm/amd/display/dc/dce60/Makefile | 2 +- drivers/gpu/drm/bridge/adv7511/adv7533.c | 25 +- drivers/gpu/drm/drm_probe_helper.c | 5 +- drivers/gpu/drm/i915/display/intel_display.c | 2 +- drivers/gpu/drm/lima/lima_drv.c | 6 +- drivers/gpu/drm/msm/adreno/a5xx_gpu.c | 8 +- drivers/gpu/drm/msm/adreno/adreno_device.c | 7 +- drivers/gpu/drm/msm/adreno/adreno_gpu.c | 1 - drivers/gpu/drm/msm/disp/dpu1/dpu_encoder.c | 2 +- drivers/gpu/drm/rcar-du/rcar_du_encoder.c | 4 +- drivers/gpu/drm/rockchip/rockchip_drm_gem.c | 3 - drivers/gpu/drm/ttm/ttm_pool.c | 161 ++++-- drivers/gpu/drm/vgem/vgem_fence.c | 1 + drivers/hid/amd-sfh-hid/amd_sfh_pcie.c | 9 + drivers/hwmon/adt7475.c | 6 +- drivers/hwmon/k10temp.c | 4 +- drivers/hwmon/pmbus/fsp-3y.c | 1 - drivers/hwtracing/coresight/coresight-etm-perf.c | 1 + drivers/i2c/busses/i2c-cadence.c | 6 +- drivers/i2c/busses/i2c-omap.c | 2 +- drivers/iio/adc/palmas_gpadc.c | 2 +- drivers/iio/light/max44009.c | 13 +- drivers/infiniband/core/cm.c | 3 +- drivers/infiniband/hw/hfi1/ipoib_tx.c | 1 + drivers/infiniband/hw/hfi1/mmu_rb.c | 73 +-- drivers/infiniband/hw/hfi1/mmu_rb.h | 8 +- drivers/infiniband/hw/hfi1/sdma.c | 21 +- drivers/infiniband/hw/hfi1/sdma.h | 16 +- drivers/infiniband/hw/hfi1/sdma_txreq.h | 1 + drivers/infiniband/hw/hfi1/trace_mmu.h | 4 - drivers/infiniband/hw/hfi1/user_sdma.c | 600 +++++++++++++-------- drivers/infiniband/hw/hfi1/user_sdma.h | 5 - drivers/infiniband/hw/hfi1/verbs.c | 4 +- drivers/infiniband/hw/hfi1/vnic_sdma.c | 1 + drivers/infiniband/hw/mlx4/qp.c | 8 +- drivers/infiniband/hw/mlx5/devx.c | 31 +- drivers/infiniband/hw/mlx5/qp.c | 2 +- drivers/infiniband/sw/rdmavt/qp.c | 2 - drivers/infiniband/sw/siw/siw_main.c | 3 - drivers/infiniband/sw/siw/siw_qp_tx.c | 2 +- drivers/infiniband/ulp/srpt/ib_srpt.c | 23 +- drivers/input/touchscreen/raspberrypi-ts.c | 3 +- drivers/iommu/amd/amd_iommu_types.h | 4 +- drivers/leds/Kconfig | 2 +- drivers/leds/leds-tca6507.c | 5 +- drivers/macintosh/Kconfig | 1 + drivers/macintosh/windfarm_smu_sat.c | 1 + drivers/mailbox/mailbox-mpfs.c | 12 +- drivers/mailbox/zynqmp-ipi-mailbox.c | 6 +- drivers/md/dm-clone-target.c | 1 + drivers/md/dm-flakey.c | 4 +- drivers/md/dm-integrity.c | 8 +- drivers/md/dm-ioctl.c | 12 +- drivers/md/dm-table.c | 19 +- drivers/md/dm-verity-target.c | 2 +- drivers/md/raid1-10.c | 6 - drivers/md/raid1.c | 7 - drivers/md/raid10.c | 221 +++++--- drivers/media/i2c/max9286.c | 1 + drivers/media/pci/dm1105/dm1105.c | 1 + drivers/media/pci/saa7134/saa7134-ts.c | 1 + drivers/media/pci/saa7134/saa7134-vbi.c | 1 + drivers/media/pci/saa7134/saa7134-video.c | 1 + drivers/media/platform/qcom/venus/vdec.c | 8 + drivers/media/platform/rcar_fdp1.c | 28 +- drivers/media/platform/sti/bdisp/bdisp-v4l2.c | 2 + drivers/media/rc/gpio-ir-recv.c | 2 + drivers/mfd/tqmx86.c | 52 +- drivers/misc/vmw_vmci/vmci_host.c | 8 +- drivers/mmc/host/sdhci-of-esdhc.c | 24 +- drivers/mtd/mtdcore.c | 23 +- drivers/mtd/ubi/eba.c | 19 +- drivers/net/ethernet/amd/nmclan_cs.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c | 23 +- .../ethernet/mellanox/mlx5/core/eswitch_offloads.c | 2 - drivers/net/ethernet/stmicro/stmmac/dwmac-rk.c | 14 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 12 +- drivers/net/pcs/pcs-xpcs.c | 13 +- drivers/net/wireguard/timers.c | 8 +- drivers/net/wireless/ath/ath5k/eeprom.c | 2 +- drivers/net/wireless/ath/ath6kl/bmi.c | 2 +- drivers/net/wireless/ath/ath6kl/htc_pipe.c | 4 +- drivers/net/wireless/ath/ath9k/hif_usb.c | 19 + .../broadcom/brcm80211/brcmfmac/cfg80211.c | 14 +- drivers/net/wireless/intel/iwlwifi/fw/dbg.c | 8 +- drivers/net/wireless/intel/iwlwifi/fw/debugfs.c | 4 +- drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c | 6 + drivers/net/wireless/intel/iwlwifi/mvm/d3.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/debugfs.c | 10 + drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 3 +- drivers/net/wireless/mediatek/mt76/dma.c | 2 + drivers/net/wireless/mediatek/mt76/mt76.h | 9 +- drivers/net/wireless/mediatek/mt76/mt7603/mac.c | 5 +- drivers/net/wireless/mediatek/mt76/mt7615/mac.c | 13 +- .../net/wireless/mediatek/mt76/mt76_connac_mcu.c | 13 +- drivers/net/wireless/mediatek/mt76/mt76x02_mac.c | 5 +- drivers/net/wireless/mediatek/mt76/mt7921/dma.c | 40 +- drivers/net/wireless/mediatek/mt76/mt7921/pci.c | 6 + drivers/net/wireless/mediatek/mt76/tx.c | 4 + drivers/net/wireless/mediatek/mt76/util.c | 10 +- drivers/net/wireless/ralink/rt2x00/rt2x00dev.c | 1 + .../net/wireless/realtek/rtl8xxxu/rtl8xxxu_8192e.c | 1 + drivers/net/wireless/realtek/rtlwifi/debug.c | 12 +- drivers/net/wireless/realtek/rtw88/mac.c | 8 +- drivers/nvme/host/core.c | 34 +- drivers/nvme/host/trace.h | 15 +- drivers/nvme/target/admin-cmd.c | 51 +- drivers/nvme/target/configfs.c | 3 +- drivers/nvme/target/core.c | 5 +- drivers/nvme/target/fcloop.c | 48 +- drivers/nvme/target/io-cmd-file.c | 17 +- drivers/nvme/target/nvmet.h | 6 +- drivers/nvme/target/zns.c | 16 +- drivers/of/device.c | 7 +- drivers/pci/controller/dwc/pci-imx6.c | 7 + drivers/pci/controller/dwc/pcie-qcom.c | 8 +- drivers/pci/hotplug/pciehp_pci.c | 15 + drivers/pci/pcie/edr.c | 1 + drivers/phy/tegra/xusb.c | 2 + drivers/pinctrl/qcom/pinctrl-lpass-lpi.c | 14 +- drivers/pinctrl/renesas/pfc-r8a779a0.c | 8 - drivers/power/supply/generic-adc-battery.c | 3 + drivers/pwm/pwm-meson.c | 6 +- drivers/pwm/pwm-mtk-disp.c | 34 +- drivers/regulator/core.c | 100 +++- drivers/regulator/stm32-pwr.c | 7 +- drivers/rtc/rtc-meson-vrtc.c | 4 +- drivers/rtc/rtc-omap.c | 1 + drivers/s390/block/dasd.c | 2 +- drivers/scsi/lpfc/lpfc_init.c | 10 +- drivers/scsi/megaraid.c | 1 + drivers/soc/ti/pm33xx.c | 5 +- drivers/soundwire/qcom.c | 2 +- drivers/spi/spi-bcm63xx.c | 2 - drivers/spi/spi-cadence-quadspi.c | 19 +- drivers/spi/spi-fsl-spi.c | 12 +- drivers/spi/spi-imx.c | 14 +- drivers/spi/spi-qup.c | 22 +- drivers/spmi/spmi.c | 3 +- drivers/staging/iio/resolver/ad2s1210.c | 2 +- drivers/staging/media/av7110/av7110_av.c | 4 +- drivers/staging/media/rkvdec/rkvdec.c | 2 + drivers/staging/rtl8192e/rtl8192e/rtl_core.c | 1 + drivers/staging/rtl8723bs/core/rtw_mlme.c | 8 +- drivers/target/iscsi/iscsi_target.c | 16 +- drivers/target/target_core_device.c | 1 + drivers/target/target_core_tmr.c | 26 +- drivers/thermal/mtk_thermal.c | 14 +- drivers/tty/serial/8250/8250_bcm7271.c | 18 +- drivers/tty/serial/8250/8250_port.c | 4 + drivers/tty/serial/fsl_lpuart.c | 2 +- drivers/tty/serial/stm32-usart.c | 26 +- drivers/tty/sysrq.c | 2 +- drivers/tty/tty.h | 2 + drivers/tty/tty_io.c | 4 +- drivers/tty/tty_ioctl.c | 45 +- drivers/usb/chipidea/core.c | 2 +- drivers/usb/dwc3/core.c | 15 +- drivers/usb/dwc3/gadget.c | 11 +- drivers/usb/gadget/udc/renesas_usb3.c | 1 + drivers/usb/gadget/udc/tegra-xudc.c | 2 +- drivers/usb/host/xhci-debugfs.c | 1 + drivers/usb/host/xhci-rcar.c | 3 - drivers/usb/mtu3/mtu3_qmu.c | 5 +- drivers/virtio/virtio_ring.c | 22 +- drivers/xen/pcpu.c | 20 + fs/afs/inode.c | 1 + fs/btrfs/ioctl.c | 5 + fs/cifs/file.c | 16 + fs/cifs/misc.c | 8 +- fs/erofs/internal.h | 2 +- fs/erofs/zmap.c | 4 + fs/ext4/acl.c | 2 - fs/ext4/extents.c | 6 +- fs/ext4/file.c | 4 - fs/ext4/inode.c | 10 +- fs/ext4/ioctl.c | 10 +- fs/f2fs/compress.c | 6 + fs/f2fs/data.c | 5 +- fs/f2fs/f2fs.h | 2 +- fs/f2fs/file.c | 15 +- fs/f2fs/segment.c | 76 +-- fs/f2fs/segment.h | 6 + fs/f2fs/super.c | 33 +- fs/fs-writeback.c | 17 +- fs/jbd2/journal.c | 2 + fs/jbd2/transaction.c | 3 + fs/ksmbd/server.c | 1 + fs/ksmbd/smb2pdu.c | 7 + fs/nfs/nfs4state.c | 4 + fs/nilfs2/bmap.c | 16 +- fs/nilfs2/segment.c | 5 +- fs/ntfs3/fslog.c | 6 +- fs/ntfs3/index.c | 8 + fs/ntfs3/inode.c | 2 +- fs/ntfs3/namei.c | 10 + fs/ntfs3/ntfs_fs.h | 1 + fs/pstore/pmsg.c | 7 +- fs/reiserfs/xattr_security.c | 8 +- fs/ubifs/dir.c | 1 + fs/ubifs/tnc.c | 142 +++-- fs/xfs/libxfs/xfs_sb.c | 11 +- include/asm-generic/io.h | 4 +- include/linux/blk-crypto.h | 4 +- include/linux/mailbox/zynqmp-ipi-message.h | 2 +- include/linux/mlx5/mlx5_ifc.h | 3 +- include/linux/netfilter/nfnetlink.h | 1 - include/linux/nvme.h | 4 + include/linux/platform_device.h | 11 + include/linux/posix-timers.h | 17 +- include/linux/sched.h | 6 +- include/linux/sunrpc/sched.h | 3 +- include/linux/tick.h | 2 + include/linux/vt_buffer.h | 2 +- include/linux/workqueue.h | 3 +- include/net/scm.h | 13 +- include/net/xsk_buff_pool.h | 9 +- include/target/target_core_base.h | 1 + include/trace/events/qrtr.h | 33 +- include/trace/events/timer.h | 3 +- include/uapi/linux/btrfs.h | 1 + include/uapi/linux/const.h | 2 +- include/xen/xen.h | 11 + kernel/bpf/cgroup.c | 9 +- kernel/bpf/verifier.c | 26 +- kernel/events/core.c | 4 +- kernel/kheaders.c | 10 +- kernel/power/process.c | 2 +- kernel/rcu/tree.c | 1 + kernel/relay.c | 3 +- kernel/sched/core.c | 25 +- kernel/sched/deadline.c | 5 +- kernel/sched/debug.c | 92 ++-- kernel/sched/fair.c | 93 ++-- kernel/sched/rt.c | 8 +- kernel/sched/stats.h | 19 + kernel/sched/stop_task.c | 4 +- kernel/time/posix-cpu-timers.c | 81 ++- kernel/time/posix-timers.c | 4 + kernel/time/tick-common.c | 12 +- kernel/time/tick-sched.c | 16 +- kernel/time/timekeeping.c | 4 +- kernel/trace/ring_buffer.c | 4 + kernel/trace/trace.c | 2 +- kernel/workqueue.c | 176 +++--- lib/debugobjects.c | 146 ++--- mm/backing-dev.c | 12 +- net/8021q/vlan_dev.c | 2 +- net/core/skbuff.c | 3 + net/ipv4/ip_output.c | 16 +- net/netfilter/nf_tables_api.c | 8 +- net/netfilter/nfnetlink.c | 2 - net/netlink/af_netlink.c | 75 +-- net/packet/af_packet.c | 30 +- net/packet/diag.c | 4 +- net/packet/internal.h | 26 +- net/sched/sch_fq.c | 6 +- net/sunrpc/clnt.c | 3 - net/sunrpc/sched.c | 1 - net/xdp/xsk_queue.h | 1 + scripts/gdb/linux/clk.py | 2 + scripts/gdb/linux/constants.py.in | 2 + scripts/gdb/linux/genpd.py | 4 +- scripts/gdb/linux/timerlist.py | 4 +- scripts/gdb/linux/utils.py | 5 +- scripts/gdb/vmlinux-gdb.py | 5 +- security/integrity/ima/Kconfig | 2 +- security/selinux/Makefile | 4 +- sound/oss/dmasound/dmasound.h | 6 - sound/oss/dmasound/dmasound_core.c | 26 +- sound/soc/codecs/es8316.c | 14 +- sound/soc/fsl/fsl_mqs.c | 15 +- sound/soc/intel/boards/bytcr_rt5640.c | 12 + sound/soc/intel/boards/sof_sdw.c | 11 + sound/soc/soc-pcm.c | 4 + sound/usb/quirks-table.h | 58 ++ tools/arch/x86/kcpuid/cpuid.csv | 4 +- tools/bpf/bpftool/json_writer.c | 3 - tools/bpf/bpftool/xlated_dumper.c | 7 + tools/objtool/check.c | 11 - tools/perf/util/auxtrace.c | 5 +- .../perf/util/intel-pt-decoder/intel-pt-decoder.c | 2 + tools/testing/selftests/bpf/network_helpers.c | 2 +- .../selftests/bpf/prog_tests/cg_storage_multi.c | 8 +- .../bpf/prog_tests/get_stackid_cannot_attach.c | 1 + tools/testing/selftests/bpf/test_xsk.sh | 1 + .../selftests/mount_setattr/mount_setattr_test.c | 1 + tools/testing/selftests/resctrl/cache.c | 4 +- tools/testing/selftests/resctrl/cat_test.c | 4 +- tools/testing/selftests/resctrl/cmt_test.c | 2 +- tools/testing/selftests/resctrl/fill_buf.c | 2 + tools/testing/selftests/resctrl/mba_test.c | 9 +- tools/testing/selftests/resctrl/mbm_test.c | 2 +- tools/testing/selftests/resctrl/resctrl.h | 7 +- tools/testing/selftests/resctrl/resctrl_tests.c | 41 +- tools/testing/selftests/resctrl/resctrl_val.c | 21 +- tools/testing/selftests/resctrl/resctrlfs.c | 2 +- 395 files changed, 3860 insertions(+), 2108 deletions(-)

2 years, 5 months

9
384
0 0

FAILED: patch "[PATCH] blk-cgroup: Flush stats before releasing blkcg_gq" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 20cb1c2fb7568a6054c55defe044311397e01ddb # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071635-handsaw-enclosure-0363@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 20cb1c2fb756 ("blk-cgroup: Flush stats before releasing blkcg_gq") 2c275afeb61d ("block: make blkcg_punt_bio_submit optional") 12be09fe18f2 ("block: async_bio_lock does not need to be bh-safe") 3480373ebdf7 ("btrfs, block: move REQ_CGROUP_PUNT to btrfs") 0a0596fbbe5b ("btrfs, mm: remove the punt_to_cgroup field in struct writeback_control") 05d06a5c9d9c ("btrfs: move kthread_associate_blkcg out of btrfs_submit_compressed_write") ae42a154ca89 ("btrfs: pass a btrfs_bio to btrfs_submit_bio") 34f888ce3a35 ("btrfs: cleanup main loop in btrfs_encoded_read_regular_fill_pages") 72b505dc5757 ("btrfs: add a wbc pointer to struct btrfs_bio_ctrl") 794c26e214ab ("btrfs: remove the sync_io flag in struct btrfs_bio_ctrl") c000bc04bad4 ("btrfs: store the bio opf in struct btrfs_bio_ctrl") eb8d0c6d042f ("btrfs: remove the force_bio_submit to submit_extent_page") 67998cf438e2 ("btrfs: don't set force_bio_submit in read_extent_buffer_subpage") 10e924bc320a ("btrfs: factor out a btrfs_add_compressed_bio_pages helper") e7aff33e3161 ("btrfs: use the bbio file offset in btrfs_submit_compressed_read") 798c9fc74d03 ("btrfs: remove redundant free_extent_map in btrfs_submit_compressed_read") 544fe4a903ce ("btrfs: embed a btrfs_bio into struct compressed_bio") 3822a7c40997 ("Merge tag 'mm-stable-2023-02-20-13-37' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 20cb1c2fb7568a6054c55defe044311397e01ddb Mon Sep 17 00:00:00 2001 From: Ming Lei <ming.lei(a)redhat.com> Date: Sat, 10 Jun 2023 07:42:49 +0800 Subject: [PATCH] blk-cgroup: Flush stats before releasing blkcg_gq As noted by Michal, the blkg_iostat_set's in the lockless list hold reference to blkg's to protect against their removal. Those blkg's hold reference to blkcg. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn() which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. It is less a problem if the cgroup to be destroyed also has other controllers like memory that will call cgroup_rstat_flush() which will clean up the reference count. If block is the only controller that uses rstat, these offline blkcg and blkgs may never be freed leaking more and more memory over time. To prevent this potential memory leak: - flush blkcg per-cpu stats list in __blkg_release(), when no new stat can be added - add global blkg_stat_lock for covering concurrent parent blkg stat update - don't grab bio->bi_blkg reference when adding the stats into blkcg's per-cpu stat list since all stats are guaranteed to be consumed before releasing blkg instance, and grabbing blkg reference for stats was the most fragile part of original patch Based on Waiman's patch: https://lore.kernel.org/linux-block/20221215033132.230023-3-longman@redhat.… Fixes: 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()") Cc: stable(a)vger.kernel.org Reported-by: Jay Shin <jaeshin(a)redhat.com> Acked-by: Tejun Heo <tj(a)kernel.org> Cc: Waiman Long <longman(a)redhat.com> Cc: mkoutny(a)suse.com Cc: Yosry Ahmed <yosryahmed(a)google.com> Signed-off-by: Ming Lei <ming.lei(a)redhat.com> Link: https://lore.kernel.org/r/20230609234249.1412858-1-ming.lei@redhat.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-cgroup.c b/block/blk-cgroup.c index 0ce64dd73cfe..f0b5c9c41cde 100644 --- a/block/blk-cgroup.c +++ b/block/blk-cgroup.c @@ -34,6 +34,8 @@ #include "blk-ioprio.h" #include "blk-throttle.h" +static void __blkcg_rstat_flush(struct blkcg *blkcg, int cpu); + /* * blkcg_pol_mutex protects blkcg_policy[] and policy [de]activation. * blkcg_pol_register_mutex nests outside of it and synchronizes entire @@ -56,6 +58,8 @@ static LIST_HEAD(all_blkcgs); /* protected by blkcg_pol_mutex */ bool blkcg_debug_stats = false; +static DEFINE_RAW_SPINLOCK(blkg_stat_lock); + #define BLKG_DESTROY_BATCH_SIZE 64 /* @@ -163,10 +167,20 @@ static void blkg_free(struct blkcg_gq *blkg) static void __blkg_release(struct rcu_head *rcu) { struct blkcg_gq *blkg = container_of(rcu, struct blkcg_gq, rcu_head); + struct blkcg *blkcg = blkg->blkcg; + int cpu; #ifdef CONFIG_BLK_CGROUP_PUNT_BIO WARN_ON(!bio_list_empty(&blkg->async_bios)); #endif + /* + * Flush all the non-empty percpu lockless lists before releasing + * us, given these stat belongs to us. + * + * blkg_stat_lock is for serializing blkg stat update + */ + for_each_possible_cpu(cpu) + __blkcg_rstat_flush(blkcg, cpu); /* release the blkcg and parent blkg refs this blkg has been holding */ css_put(&blkg->blkcg->css); @@ -951,23 +965,26 @@ static void blkcg_iostat_update(struct blkcg_gq *blkg, struct blkg_iostat *cur, u64_stats_update_end_irqrestore(&blkg->iostat.sync, flags); } -static void blkcg_rstat_flush(struct cgroup_subsys_state *css, int cpu) +static void __blkcg_rstat_flush(struct blkcg *blkcg, int cpu) { - struct blkcg *blkcg = css_to_blkcg(css); struct llist_head *lhead = per_cpu_ptr(blkcg->lhead, cpu); struct llist_node *lnode; struct blkg_iostat_set *bisc, *next_bisc; - /* Root-level stats are sourced from system-wide IO stats */ - if (!cgroup_parent(css->cgroup)) - return; - rcu_read_lock(); lnode = llist_del_all(lhead); if (!lnode) goto out; + /* + * For covering concurrent parent blkg update from blkg_release(). + * + * When flushing from cgroup, cgroup_rstat_lock is always held, so + * this lock won't cause contention most of time. + */ + raw_spin_lock(&blkg_stat_lock); + /* * Iterate only the iostat_cpu's queued in the lockless list. */ @@ -991,13 +1008,19 @@ static void blkcg_rstat_flush(struct cgroup_subsys_state *css, int cpu) if (parent && parent->parent) blkcg_iostat_update(parent, &blkg->iostat.cur, &blkg->iostat.last); - percpu_ref_put(&blkg->refcnt); } - + raw_spin_unlock(&blkg_stat_lock); out: rcu_read_unlock(); } +static void blkcg_rstat_flush(struct cgroup_subsys_state *css, int cpu) +{ + /* Root-level stats are sourced from system-wide IO stats */ + if (cgroup_parent(css->cgroup)) + __blkcg_rstat_flush(css_to_blkcg(css), cpu); +} + /* * We source root cgroup stats from the system-wide stats to avoid * tracking the same information twice and incurring overhead when no @@ -2075,7 +2098,6 @@ void blk_cgroup_bio_start(struct bio *bio) llist_add(&bis->lnode, lhead); WRITE_ONCE(bis->lqueued, true); - percpu_ref_get(&bis->blkg->refcnt); } u64_stats_update_end_irqrestore(&bis->sync, flags);

2 years, 5 months

1
0
0 0

linux-5.10.y: please backport to fix BPF selftest breakage

by Lorenz Bauer

Hi stable team, Building BPF selftests on 5.10.186 currently causes the following compile error: $ make -C tools/testing/selftests/bpf ... BINARY test_verifier In file included from /usr/src/linux-5.10.186/tools/testing/selftests/bpf/verifier/tests.h:59, from test_verifier.c:355: /usr/src/linux-5.10.186/tools/testing/selftests/bpf/verifier/ref_tracking.c:935:10: error: 'struct bpf_test' has no member named 'fixup_map_ringbuf'; did you mean 'fixup_map_in_map'? 935 | .fixup_map_ringbuf = { 11 }, | ^~~~~~~~~~~~~~~~~ | fixup_map_in_map The problem was introduced by commit f4b8c0710ab6 ("selftests/bpf: Add verifier test for release_reference()") in your tree. Seems like at least commit 4237e9f4a962 ("selftests/bpf: Add verifier test for PTR_TO_MEM spill") is required for the build to succeed. I previously reported this but things probably fell through the cracks: https://lore.kernel.org/stable/CAN+4W8iMcwwVjmSekZ9txzZNxOZ0x98nBXo4cEoTU9G… Thanks! Lorenz

2 years, 5 months

2
1
0 0

[PATCH -stable,5.15 0/2] stable fixes for 5.15

by Pablo Neira Ayuso

Hi Greg, Sasha, The following list shows the backported patches, I am using original commit IDs for reference: 1) 628bd3e49cba ("netfilter: nf_tables: drop map element references from preparation phase") 2) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") Please, apply. Thanks. Pablo Neira Ayuso (2): netfilter: nf_tables: drop map element references from preparation phase netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/net/netfilter/nf_tables.h | 5 +- net/netfilter/nf_tables_api.c | 147 ++++++++++++++++++++++++++---- net/netfilter/nft_set_bitmap.c | 5 +- net/netfilter/nft_set_hash.c | 23 ++++- net/netfilter/nft_set_pipapo.c | 14 ++- net/netfilter/nft_set_rbtree.c | 5 +- 6 files changed, 168 insertions(+), 31 deletions(-) -- 2.30.2

2 years, 5 months

3
6
0 0

[PATCH 5.15] fanotify: disallow mount/sb marks on kernel internal pseudo fs

by Amir Goldstein

commit 69562eb0bd3e6bb8e522a7b254334e0fb30dff0c upstream. Hopefully, nobody is trying to abuse mount/sb marks for watching all anonymous pipes/inodes. I cannot think of a good reason to allow this - it looks like an oversight that dated back to the original fanotify API. Link: https://lore.kernel.org/linux-fsdevel/20230628101132.kvchg544mczxv2pm@quack… Fixes: 0ff21db9fcc3 ("fanotify: hooks the fanotify_mark syscall to the vfsmount code") Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Reviewed-by: Christian Brauner <brauner(a)kernel.org> Signed-off-by: Jan Kara <jack(a)suse.cz> Message-Id: <20230629042044.25723-1-amir73il(a)gmail.com> [backport to 5.x.y] Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> --- Greg, This 5.15 backport should cleanly apply to all 5.x.y LTS kernels. It will NOT apply to 4.x.y kernels. The original upstream commit should apply cleanly to 6.x.y stable kernels. Thanks, Amir. fs/notify/fanotify/fanotify_user.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c index 84ec851211d9..0e2a0eb7cb9e 100644 --- a/fs/notify/fanotify/fanotify_user.c +++ b/fs/notify/fanotify/fanotify_user.c @@ -1337,8 +1337,11 @@ static int fanotify_test_fid(struct path *path, __kernel_fsid_t *fsid) return 0; } -static int fanotify_events_supported(struct path *path, __u64 mask) +static int fanotify_events_supported(struct path *path, __u64 mask, + unsigned int flags) { + unsigned int mark_type = flags & FANOTIFY_MARK_TYPE_BITS; + /* * Some filesystems such as 'proc' acquire unusual locks when opening * files. For them fanotify permission events have high chances of @@ -1350,6 +1353,21 @@ static int fanotify_events_supported(struct path *path, __u64 mask) if (mask & FANOTIFY_PERM_EVENTS && path->mnt->mnt_sb->s_type->fs_flags & FS_DISALLOW_NOTIFY_PERM) return -EINVAL; + + /* + * mount and sb marks are not allowed on kernel internal pseudo fs, + * like pipe_mnt, because that would subscribe to events on all the + * anonynous pipes in the system. + * + * SB_NOUSER covers all of the internal pseudo fs whose objects are not + * exposed to user's mount namespace, but there are other SB_KERNMOUNT + * fs, like nsfs, debugfs, for which the value of allowing sb and mount + * mark is questionable. For now we leave them alone. + */ + if (mark_type != FAN_MARK_INODE && + path->mnt->mnt_sb->s_flags & SB_NOUSER) + return -EINVAL; + return 0; } @@ -1476,7 +1494,7 @@ static int do_fanotify_mark(int fanotify_fd, unsigned int flags, __u64 mask, goto fput_and_out; if (flags & FAN_MARK_ADD) { - ret = fanotify_events_supported(&path, mask); + ret = fanotify_events_supported(&path, mask, flags); if (ret) goto path_put_and_out; } -- 2.16.5

2 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] ovl: fix null pointer dereference in ovl_get_acl_rcu()" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x f4e19e595cc2e76a8a58413eb19d3d9c51328b53 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071624-existing-recoup-f59b@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: f4e19e595cc2 ("ovl: fix null pointer dereference in ovl_get_acl_rcu()") 6c0a8bfb84af ("ovl: implement get acl method") cac2f8b8d8b5 ("fs: rename current get acl method") 6b70fe0601ad ("acl: add vfs_set_acl_prepare()") abfcf55d8b07 ("acl: handle idmapped mounts for idmapped filesystems") 65512eb0e9e6 ("Merge tag 'ovl-update-6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f4e19e595cc2e76a8a58413eb19d3d9c51328b53 Mon Sep 17 00:00:00 2001 From: Zhihao Cheng <chengzhihao1(a)huawei.com> Date: Tue, 16 May 2023 22:16:19 +0800 Subject: [PATCH] ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_permission_check check_acl get_cached_acl_rcu ovl_get_inode_acl realinode = ovl_inode_real(ovl_inode) drop_cache __dentry_kill(ovl_dentry) iput(ovl_inode) ovl_destroy_inode(ovl_inode) dput(oi->__upperdentry) dentry_kill(upperdentry) dentry_unlink_inode upperdentry->d_inode = NULL ovl_inode_upper upperdentry = ovl_i_dentry_upper(ovl_inode) d_inode(upperdentry) // returns NULL IS_POSIXACL(realinode) // NULL pointer dereference , will trigger an null pointer dereference at realinode: [ 205.472797] BUG: kernel NULL pointer dereference, address: 0000000000000028 [ 205.476701] CPU: 2 PID: 2713 Comm: ls Not tainted 6.3.0-12064-g2edfa098e750-dirty #1216 [ 205.478754] RIP: 0010:do_ovl_get_acl+0x5d/0x300 [ 205.489584] Call Trace: [ 205.489812] <TASK> [ 205.490014] ovl_get_inode_acl+0x26/0x30 [ 205.490466] get_cached_acl_rcu+0x61/0xa0 [ 205.490908] generic_permission+0x1bf/0x4e0 [ 205.491447] ovl_permission+0x79/0x1b0 [ 205.491917] inode_permission+0x15e/0x2c0 [ 205.492425] link_path_walk+0x115/0x550 [ 205.493311] path_lookupat.isra.0+0xb2/0x200 [ 205.493803] filename_lookup+0xda/0x240 [ 205.495747] vfs_fstatat+0x7b/0xb0 Fetch a reproducer in [Link]. Use the helper ovl_i_path_realinode() to get realinode and then do non-nullptr checking. Link: https://bugzilla.kernel.org/show_bug.cgi?id=217404 Fixes: 332f606b32b6 ("ovl: enable RCU'd ->get_acl()") Cc: <stable(a)vger.kernel.org> # v5.15 Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com> Suggested-by: Christian Brauner <brauner(a)kernel.org> Suggested-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index ca56b1328a2c..e7e888dea634 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -558,20 +558,20 @@ struct posix_acl *do_ovl_get_acl(struct mnt_idmap *idmap, struct inode *inode, int type, bool rcu, bool noperm) { - struct inode *realinode = ovl_inode_real(inode); + struct inode *realinode; struct posix_acl *acl; struct path realpath; - if (!IS_POSIXACL(realinode)) - return NULL; - /* Careful in RCU walk mode */ - ovl_i_path_real(inode, &realpath); - if (!realpath.dentry) { + realinode = ovl_i_path_real(inode, &realpath); + if (!realinode) { WARN_ON(!rcu); return ERR_PTR(-ECHILD); } + if (!IS_POSIXACL(realinode)) + return NULL; + if (rcu) { /* * If the layer is idmapped drop out of RCU path walk

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ovl: fix null pointer dereference in ovl_get_acl_rcu()" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x f4e19e595cc2e76a8a58413eb19d3d9c51328b53 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071621-charcoal-prewashed-932b@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: f4e19e595cc2 ("ovl: fix null pointer dereference in ovl_get_acl_rcu()") 6c0a8bfb84af ("ovl: implement get acl method") cac2f8b8d8b5 ("fs: rename current get acl method") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f4e19e595cc2e76a8a58413eb19d3d9c51328b53 Mon Sep 17 00:00:00 2001 From: Zhihao Cheng <chengzhihao1(a)huawei.com> Date: Tue, 16 May 2023 22:16:19 +0800 Subject: [PATCH] ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_permission_check check_acl get_cached_acl_rcu ovl_get_inode_acl realinode = ovl_inode_real(ovl_inode) drop_cache __dentry_kill(ovl_dentry) iput(ovl_inode) ovl_destroy_inode(ovl_inode) dput(oi->__upperdentry) dentry_kill(upperdentry) dentry_unlink_inode upperdentry->d_inode = NULL ovl_inode_upper upperdentry = ovl_i_dentry_upper(ovl_inode) d_inode(upperdentry) // returns NULL IS_POSIXACL(realinode) // NULL pointer dereference , will trigger an null pointer dereference at realinode: [ 205.472797] BUG: kernel NULL pointer dereference, address: 0000000000000028 [ 205.476701] CPU: 2 PID: 2713 Comm: ls Not tainted 6.3.0-12064-g2edfa098e750-dirty #1216 [ 205.478754] RIP: 0010:do_ovl_get_acl+0x5d/0x300 [ 205.489584] Call Trace: [ 205.489812] <TASK> [ 205.490014] ovl_get_inode_acl+0x26/0x30 [ 205.490466] get_cached_acl_rcu+0x61/0xa0 [ 205.490908] generic_permission+0x1bf/0x4e0 [ 205.491447] ovl_permission+0x79/0x1b0 [ 205.491917] inode_permission+0x15e/0x2c0 [ 205.492425] link_path_walk+0x115/0x550 [ 205.493311] path_lookupat.isra.0+0xb2/0x200 [ 205.493803] filename_lookup+0xda/0x240 [ 205.495747] vfs_fstatat+0x7b/0xb0 Fetch a reproducer in [Link]. Use the helper ovl_i_path_realinode() to get realinode and then do non-nullptr checking. Link: https://bugzilla.kernel.org/show_bug.cgi?id=217404 Fixes: 332f606b32b6 ("ovl: enable RCU'd ->get_acl()") Cc: <stable(a)vger.kernel.org> # v5.15 Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com> Suggested-by: Christian Brauner <brauner(a)kernel.org> Suggested-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index ca56b1328a2c..e7e888dea634 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -558,20 +558,20 @@ struct posix_acl *do_ovl_get_acl(struct mnt_idmap *idmap, struct inode *inode, int type, bool rcu, bool noperm) { - struct inode *realinode = ovl_inode_real(inode); + struct inode *realinode; struct posix_acl *acl; struct path realpath; - if (!IS_POSIXACL(realinode)) - return NULL; - /* Careful in RCU walk mode */ - ovl_i_path_real(inode, &realpath); - if (!realpath.dentry) { + realinode = ovl_i_path_real(inode, &realpath); + if (!realinode) { WARN_ON(!rcu); return ERR_PTR(-ECHILD); } + if (!IS_POSIXACL(realinode)) + return NULL; + if (rcu) { /* * If the layer is idmapped drop out of RCU path walk

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ovl: let helper ovl_i_path_real() return the realinode" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x b2dd05f107b11966e26fe52a313b418364cf497b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071608-regain-untapped-0931@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: b2dd05f107b1 ("ovl: let helper ovl_i_path_real() return the realinode") e67fe63341b8 ("fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap") 9452e93e6dae ("fs: port privilege checking helpers to mnt_idmap") f2d40141d5d9 ("fs: port inode_init_owner() to mnt_idmap") 4609e1f18e19 ("fs: port ->permission() to pass mnt_idmap") 13e83a4923be ("fs: port ->set_acl() to pass mnt_idmap") 77435322777d ("fs: port ->get_acl() to pass mnt_idmap") 011e2b717b1b ("fs: port ->tmpfile() to pass mnt_idmap") 5ebb29bee8d5 ("fs: port ->mknod() to pass mnt_idmap") c54bd91e9eab ("fs: port ->mkdir() to pass mnt_idmap") 7a77db95511c ("fs: port ->symlink() to pass mnt_idmap") 6c960e68aaed ("fs: port ->create() to pass mnt_idmap") b74d24f7a74f ("fs: port ->getattr() to pass mnt_idmap") c1632a0f1120 ("fs: port ->setattr() to pass mnt_idmap") abf08576afe3 ("fs: port vfs_*() helpers to struct mnt_idmap") 6022ec6ee2c3 ("Merge tag 'ntfs3_for_6.2' of https://github.com/Paragon-Software-Group/linux-ntfs3") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b2dd05f107b11966e26fe52a313b418364cf497b Mon Sep 17 00:00:00 2001 From: Zhihao Cheng <chengzhihao1(a)huawei.com> Date: Tue, 16 May 2023 22:16:17 +0800 Subject: [PATCH] ovl: let helper ovl_i_path_real() return the realinode Let helper ovl_i_path_real() return the realinode to prepare for checking non-null realinode in RCU walking path. [msz] Use d_inode_rcu() since we are depending on the consitency between dentry and inode being non-NULL in an RCU setting. Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com> Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Fixes: ffa5723c6d25 ("ovl: store lower path in ovl_inode") Cc: <stable(a)vger.kernel.org> # v5.19 Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h index 4d0b278f5630..7398de332527 100644 --- a/fs/overlayfs/overlayfs.h +++ b/fs/overlayfs/overlayfs.h @@ -382,7 +382,7 @@ enum ovl_path_type ovl_path_type(struct dentry *dentry); void ovl_path_upper(struct dentry *dentry, struct path *path); void ovl_path_lower(struct dentry *dentry, struct path *path); void ovl_path_lowerdata(struct dentry *dentry, struct path *path); -void ovl_i_path_real(struct inode *inode, struct path *path); +struct inode *ovl_i_path_real(struct inode *inode, struct path *path); enum ovl_path_type ovl_path_real(struct dentry *dentry, struct path *path); enum ovl_path_type ovl_path_realdata(struct dentry *dentry, struct path *path); struct dentry *ovl_dentry_upper(struct dentry *dentry); diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c index 923d66d131c1..5a6f34c7ed03 100644 --- a/fs/overlayfs/util.c +++ b/fs/overlayfs/util.c @@ -250,7 +250,7 @@ struct dentry *ovl_i_dentry_upper(struct inode *inode) return ovl_upperdentry_dereference(OVL_I(inode)); } -void ovl_i_path_real(struct inode *inode, struct path *path) +struct inode *ovl_i_path_real(struct inode *inode, struct path *path) { path->dentry = ovl_i_dentry_upper(inode); if (!path->dentry) { @@ -259,6 +259,8 @@ void ovl_i_path_real(struct inode *inode, struct path *path) } else { path->mnt = ovl_upper_mnt(OVL_FS(inode->i_sb)); } + + return path->dentry ? d_inode_rcu(path->dentry) : NULL; } struct inode *ovl_inode_upper(struct inode *inode) @@ -1105,8 +1107,7 @@ void ovl_copyattr(struct inode *inode) vfsuid_t vfsuid; vfsgid_t vfsgid; - ovl_i_path_real(inode, &realpath); - realinode = d_inode(realpath.dentry); + realinode = ovl_i_path_real(inode, &realpath); real_idmap = mnt_idmap(realpath.mnt); vfsuid = i_uid_into_vfsuid(real_idmap, realinode);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ovl: let helper ovl_i_path_real() return the realinode" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x b2dd05f107b11966e26fe52a313b418364cf497b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071606-snowdrop-strife-2a13@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: b2dd05f107b1 ("ovl: let helper ovl_i_path_real() return the realinode") e67fe63341b8 ("fs: port i_{g,u}id_into_vfs{g,u}id() to mnt_idmap") 9452e93e6dae ("fs: port privilege checking helpers to mnt_idmap") f2d40141d5d9 ("fs: port inode_init_owner() to mnt_idmap") 4609e1f18e19 ("fs: port ->permission() to pass mnt_idmap") 13e83a4923be ("fs: port ->set_acl() to pass mnt_idmap") 77435322777d ("fs: port ->get_acl() to pass mnt_idmap") 011e2b717b1b ("fs: port ->tmpfile() to pass mnt_idmap") 5ebb29bee8d5 ("fs: port ->mknod() to pass mnt_idmap") c54bd91e9eab ("fs: port ->mkdir() to pass mnt_idmap") 7a77db95511c ("fs: port ->symlink() to pass mnt_idmap") 6c960e68aaed ("fs: port ->create() to pass mnt_idmap") b74d24f7a74f ("fs: port ->getattr() to pass mnt_idmap") c1632a0f1120 ("fs: port ->setattr() to pass mnt_idmap") abf08576afe3 ("fs: port vfs_*() helpers to struct mnt_idmap") 6022ec6ee2c3 ("Merge tag 'ntfs3_for_6.2' of https://github.com/Paragon-Software-Group/linux-ntfs3") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b2dd05f107b11966e26fe52a313b418364cf497b Mon Sep 17 00:00:00 2001 From: Zhihao Cheng <chengzhihao1(a)huawei.com> Date: Tue, 16 May 2023 22:16:17 +0800 Subject: [PATCH] ovl: let helper ovl_i_path_real() return the realinode Let helper ovl_i_path_real() return the realinode to prepare for checking non-null realinode in RCU walking path. [msz] Use d_inode_rcu() since we are depending on the consitency between dentry and inode being non-NULL in an RCU setting. Signed-off-by: Zhihao Cheng <chengzhihao1(a)huawei.com> Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Fixes: ffa5723c6d25 ("ovl: store lower path in ovl_inode") Cc: <stable(a)vger.kernel.org> # v5.19 Signed-off-by: Miklos Szeredi <mszeredi(a)redhat.com> diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h index 4d0b278f5630..7398de332527 100644 --- a/fs/overlayfs/overlayfs.h +++ b/fs/overlayfs/overlayfs.h @@ -382,7 +382,7 @@ enum ovl_path_type ovl_path_type(struct dentry *dentry); void ovl_path_upper(struct dentry *dentry, struct path *path); void ovl_path_lower(struct dentry *dentry, struct path *path); void ovl_path_lowerdata(struct dentry *dentry, struct path *path); -void ovl_i_path_real(struct inode *inode, struct path *path); +struct inode *ovl_i_path_real(struct inode *inode, struct path *path); enum ovl_path_type ovl_path_real(struct dentry *dentry, struct path *path); enum ovl_path_type ovl_path_realdata(struct dentry *dentry, struct path *path); struct dentry *ovl_dentry_upper(struct dentry *dentry); diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c index 923d66d131c1..5a6f34c7ed03 100644 --- a/fs/overlayfs/util.c +++ b/fs/overlayfs/util.c @@ -250,7 +250,7 @@ struct dentry *ovl_i_dentry_upper(struct inode *inode) return ovl_upperdentry_dereference(OVL_I(inode)); } -void ovl_i_path_real(struct inode *inode, struct path *path) +struct inode *ovl_i_path_real(struct inode *inode, struct path *path) { path->dentry = ovl_i_dentry_upper(inode); if (!path->dentry) { @@ -259,6 +259,8 @@ void ovl_i_path_real(struct inode *inode, struct path *path) } else { path->mnt = ovl_upper_mnt(OVL_FS(inode->i_sb)); } + + return path->dentry ? d_inode_rcu(path->dentry) : NULL; } struct inode *ovl_inode_upper(struct inode *inode) @@ -1105,8 +1107,7 @@ void ovl_copyattr(struct inode *inode) vfsuid_t vfsuid; vfsgid_t vfsgid; - ovl_i_path_real(inode, &realpath); - realinode = d_inode(realpath.dentry); + realinode = ovl_i_path_real(inode, &realpath); real_idmap = mnt_idmap(realpath.mnt); vfsuid = i_uid_into_vfsuid(real_idmap, realinode);

2 years, 5 months

1
0
0 0

one 'BUG_ON(ret < 0);' is still left in queue-6.1/btrfs-do-not-bug_on-on-tree-mod-log-failure-at-balan.patch

by Wang Yugui

Hi, one 'BUG_ON(ret < 0);' is still left in queue-6.1/btrfs-do-not-bug_on-on-tree-mod-log-failure-at-balan.patch so we need to rebase this patch. Best Regards Wang Yugui (wangyugui(a)e16-tech.com) 2023/07/15

2 years, 5 months

2
3
0 0

linux-6.1.y: request for picking 085679b15b5a ("mtd: parsers: refer to ARCH_BCMBCA instead of ARCH_BCM4908")

by Rafał Miłecki

Hi, In linux-6.1.y we don't have ARCH_BCM4908 symbol anymore (see commit dd5c672d7ca9 ("arm64: bcmbca: Merge ARCH_BCM4908 to ARCH_BCMBCA") but drivers/mtd/parsers/Kconfig still references it. Please kindly cherry-pick a fix for that: commit 085679b15b5a ("mtd: parsers: refer to ARCH_BCMBCA instead of ARCH_BCM4908") - it's part of v6.2. -- Rafał

2 years, 5 months

2
1
0 0

[PATCH 0/1] v6.1 stable backport request

by Imre Deak

Stable team, please apply patch 1/1 in this patchset along with its dependencies to the v6.1 stable tree. The patch required a trivial rebase adding a header include, hence resending it, while its 2 dependencies listed at Cc: stable lines in the commit message can be cherry-picked as-is. Thanks, Imre Imre Deak (1): drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks .../drm/i915/display/intel_display_types.h | 1 + drivers/gpu/drm/i915/display/intel_tc.c | 51 +++++++++++++++++-- 2 files changed, 48 insertions(+), 4 deletions(-) -- 2.37.2

2 years, 5 months

2
2
0 0

[PATCH stable v6.1] mm/mmap: Fix extra maple tree write

by Liam R. Howlett

commit 0503ea8f5ba73eb3ab13a81c1eefbaf51405385a upstream. This was inadvertently fixed during the removal of __vma_adjust(). When __vma_adjust() is adjusting next with a negative value (pushing vma->vm_end lower), there would be two writes to the maple tree. The first write is unnecessary and uses all allocated nodes in the maple state. The second write is necessary but will need to allocate nodes since the first write has used the allocated nodes. This may be a problem as it may not be safe to allocate at this time, such as a low memory situation. Fix the issue by avoiding the first write and only write the adjusted "next" VMA. Reported-by: John Hsu <John.Hsu(a)mediatek.com> Link: https://lore.kernel.org/lkml/9cb8c599b1d7f9c1c300d1a334d5eb70ec4d7357.camel… Cc: stable(a)vger.kernel.org Cc: linux-mm(a)kvack.org Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> --- mm/mmap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/mmap.c b/mm/mmap.c index b8af52db3bbe..bb2e0ff0ef61 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -767,7 +767,8 @@ int __vma_adjust(struct vm_area_struct *vma, unsigned long start, } if (end != vma->vm_end) { if (vma->vm_end > end) { - if (!insert || (insert->vm_start != end)) { + if ((vma->vm_end + adjust_next != end) && + (!insert || (insert->vm_start != end))) { vma_mas_szero(&mas, end, vma->vm_end); mas_reset(&mas); VM_WARN_ON(insert && -- 2.39.2

2 years, 5 months

4
6
0 0

Apply clang '--target=' KBUILD_CPPFLAGS shuffle to linux-6.4.y and linux-6.3.y

by Nathan Chancellor

Hi Greg and Sasha, Please consider applying the following patches to 6.4 and 6.3, they should apply cleanly. 08f6554ff90e ("mips: Include KBUILD_CPPFLAGS in CHECKFLAGS invocation") a7e5eb53bf9b ("powerpc/vdso: Include CLANG_FLAGS explicitly in ldflags-y") cff6e7f50bd3 ("kbuild: Add CLANG_FLAGS to as-instr") 43fc0a99906e ("kbuild: Add KBUILD_CPPFLAGS to as-option invocation") feb843a469fb ("kbuild: add $(CLANG_FLAGS) to KBUILD_CPPFLAGS") They resolve and help avoid build breakage with tip of tree clang, which has become a little stricter in the flags that it will accept for a particular target, which requires '--target=' to be passed along to all invocations of $(CC). Our continuous integration does not currently show any breakage with 6.1 and earlier; should these patches be needed there, I will send them at a later time. Cheers, Nathan

2 years, 5 months

2
1
0 0

[PATCH 6.1 0/4] xfs inodegc fixes for 6.1.y (from v6.4)

by Amir Goldstein

Greg, This is a fine selected set of backports from 6.4. Patch 4 fixes a fix that was already backported to 5.15.y. Patch 1 fixes a fix that is wanted in 5.15.y and this was the trigger for creating this 6.1 backport series. Leah will take care for the 5.15.y backports, but it may take some time. None of these are relevant before 5.15. These backpors have gone through the usual xfs review and testing. Thanks, Amir. Darrick J. Wong (4): xfs: explicitly specify cpu when forcing inodegc delayed work to run immediately xfs: check that per-cpu inodegc workers actually run on that cpu xfs: disable reaping in fscounters scrub xfs: fix xfs_inodegc_stop racing with mod_delayed_work fs/xfs/scrub/common.c | 26 ------------------------- fs/xfs/scrub/common.h | 2 -- fs/xfs/scrub/fscounters.c | 13 ++++++------- fs/xfs/scrub/scrub.c | 2 -- fs/xfs/scrub/scrub.h | 1 - fs/xfs/xfs_icache.c | 40 ++++++++++++++++++++++++++++++++------- fs/xfs/xfs_mount.h | 3 +++ fs/xfs/xfs_super.c | 3 +++ 8 files changed, 45 insertions(+), 45 deletions(-) -- 2.34.1

2 years, 5 months

2
5
0 0

4.14.321-rc1 build error

by Chris Paterson

Hello Greg, I know you haven't formally released 4.14.321-rc1 for review yet, but our CI picked up a build issue so I thought I may as well report it in case it's useful information for you. SHA: Linux 4.14.321-rc1 (bc1094b21392) Failed build log: https://gitlab.com/cip-project/cip-testing/linux-stable-rc-ci/-/jobs/463572… defconfig used: https://gitlab.com/cip-project/cip-kernel/cip-kernel-config/-/blob/master/4… Error log: /builds/cip-project/cip-testing/linux-stable-rc-ci/gcc/gcc-11.1.0-nolibc/arm-linux-gnueabi/bin/arm-linux-gnueabi-ld: arch/arm/probes/kprobes/core.o: in function `jprobe_return': /builds/cip-project/cip-testing/linux-stable-rc-ci/arch/arm/probes/kprobes/core.c:555: undefined reference to `kprobe_handler' Makefile:1049: recipe for target 'vmlinux' failed make: *** [vmlinux] Error 1 Problem patch: Reverting 1c18f6ba04d8 ("ARM: 9303/1: kprobes: avoid missing-declaration warnings") makes the problem go away. Kind regards, Chris

2 years, 5 months

2
1
0 0

Fwd: Framebuffer-Display issue. (Intel® Iris® Xe)

by Bagas Sanjaya

Hi, I notice a regression report on Bugzilla [1]. Quoting from it: > Hello I have been having problems for some time now with displaying any linux distribution with the new kernal. The only thing that can fix it are older kernals. > > I can't describe it very well, so I'm attaching some pictures, but it's like whenever anything happens on the screen, it pushes the upper left half up from the bottom. But it only goes to a certain extent, after that it just shakes around and jumps back a bit. Also, for example, the firefox icon is not where it is displayed, but where it should be (I tried it with touch). > > I think it has something to do with the framebuffer, because an usb stick with just the arch iso show the same issue in the tty. > > The hardware is a Huawei Matebook E 2022. > Cpu: Intel® Core™ i5-1130G7 > Graphics: Intel® Iris® Xe > > Example under Manjaro that worked was with the > linux-lqx-6.1.0.lqx2-1-x86_64.pkg.tar.zst kernal > 22-Dec-2022 14:44 154507169 > from https://repo.blacksky3.com/x86_64/linux-lqx/old/ > > Kernals above that Version dosent work, Example with 6.1.1-lqx1-linux-lqx: > ` > $inxi -F > System: > Host: Johannes Kernel: 6.1.1-lqx1-linux-lqx arch: x86_64 bits: 64 > Desktop: GNOME v: 43.5 Distro: Manjaro Linux > Machine: > Type: Detachable System: HUAWEI product: DRC-WXX v: M1010 > serial: > Mobo: HUAWEI model: DRC-WXX-PCB v: M1010 serial: > UEFI: HUAWEI v: 1.30 date: 06/29/2022 > Battery: > ID-1: BAT1 charge: 27.8 Wh (66.0%) condition: 42.1/42.1 Wh (100.0%) > volts: 11.9 min: 11.5 > CPU: > Info: quad core model: 11th Gen Intel Core i5-1130G7 bits: 64 type: MT MCP > cache: L2: 5 MiB > Speed (MHz): avg: 1395 min/max: 400/1801 cores: 1: 897 2: 1046 3: 962 > 4: 1801 5: 1801 6: 1801 7: 1801 8: 1052 > Graphics: > Device-1: Intel Tiger Lake-UP4 GT2 [Iris Xe Graphics] driver: i915 v: kernel > Display: wayland server: X.org v: 1.21.1.8 with: Xwayland v: 23.1.1 > compositor: gnome-shell driver: gpu: i915 resolution: 2560x1600~60Hz > API: OpenGL v: 4.6 Mesa 23.0.3 renderer: Mesa Intel Xe Graphics (TGL GT2) > Audio: > Device-1: Intel driver: N/A > Device-2: Intel Tiger Lake-LP Smart Sound Audio > driver: sof-audio-pci-intel-tgl > API: ALSA v: k6.1.1-lqx1-linux-lqx status: kernel-api > Server-1: PulseAudio v: 16.1 status: active > Network: > Device-1: Intel Wi-Fi 6 AX201 driver: iwlwifi > IF: wlp0s20f3 state: up mac: f4:b3:01:b7:c6:6d > Bluetooth: > Device-1: Intel AX201 Bluetooth driver: btusb type: USB > Report: rfkill ID: hci0 state: up address: see --recommends > Drives: > Local Storage: total: 476.94 GiB used: 9.65 GiB (2.0%) > ID-1: /dev/nvme0n1 model: PCIe-8 SSD 512GB size: 476.94 GiB > Partition: > ID-1: / size: 468.09 GiB used: 9.65 GiB (2.1%) fs: ext4 dev: /dev/nvme0n1p2 > ID-2: /boot/efi size: 299.4 MiB used: 288 KiB (0.1%) fs: vfat > dev: /dev/nvme0n1p1 > Swap: > Alert: No swap data was found. > Sensors: > System Temperatures: cpu: 35.0 C mobo: N/A > Fan Speeds (RPM): N/A > Info: > Processes: 241 Uptime: 0m Memory: available: 15.42 GiB used: 1.18 GiB (7.6%) > Shell: Zsh inxi: 3.3.27 > > ` > > Distros I testet: > Ubuntu 20.04.2 results in Blackscreen/poweroff > Fedora 38 (Bug as I mentiond) > Manjaro (Bug as I mentiond) > It all works fine when you start from grub2 in Rescue mode. > > That all is very new to me, so I am sorry if I did something wrong. > I mean, I reported that bug first at the wrong place.. Anyway > > Best regreds Johannes See Bugzilla for the full thread and attached pictures that demonstrate this regression. Anyway, I'm adding it to regzbot: #regzbot introduced: v6.1..v6.4 https://bugzilla.kernel.org/show_bug.cgi?id=217666 #regzbot title: screen shakes on Intel® Iris® Xe (also Cc'ing stable list because it also occurs on v6.1.y, but not in v6.1 mainline). Thanks. -- An old man doll... just what I always wanted! - Clara

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix extent buffer leak after tree mod log failure at" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x ede600e497b1461d06d22a7d17703d9096868bc3 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071617-easeful-catlike-d302@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: ede600e497b1 ("btrfs: fix extent buffer leak after tree mod log failure at split_node()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From ede600e497b1461d06d22a7d17703d9096868bc3 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:38 +0100 Subject: [PATCH] btrfs: fix extent buffer leak after tree mod log failure at split_node() At split_node(), if we fail to log the tree mod log copy operation, we return without unlocking the split extent buffer we just allocated and without decrementing the reference we own on it. Fix this by unlocking it and decrementing the ref count before returning. Fixes: 5de865eebb83 ("Btrfs: fix tree mod logging") CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 7f7f13965fe9..8496535828de 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -3053,6 +3053,8 @@ static noinline int split_node(struct btrfs_trans_handle *trans, ret = btrfs_tree_mod_log_eb_copy(split, c, 0, mid, c_nritems - mid); if (ret) { + btrfs_tree_unlock(split); + free_extent_buffer(split); btrfs_abort_transaction(trans, ret); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix extent buffer leak after tree mod log failure at" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x ede600e497b1461d06d22a7d17703d9096868bc3 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071616-ragweed-flyer-3ff6@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: ede600e497b1 ("btrfs: fix extent buffer leak after tree mod log failure at split_node()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From ede600e497b1461d06d22a7d17703d9096868bc3 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:38 +0100 Subject: [PATCH] btrfs: fix extent buffer leak after tree mod log failure at split_node() At split_node(), if we fail to log the tree mod log copy operation, we return without unlocking the split extent buffer we just allocated and without decrementing the reference we own on it. Fix this by unlocking it and decrementing the ref count before returning. Fixes: 5de865eebb83 ("Btrfs: fix tree mod logging") CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 7f7f13965fe9..8496535828de 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -3053,6 +3053,8 @@ static noinline int split_node(struct btrfs_trans_handle *trans, ret = btrfs_tree_mod_log_eb_copy(split, c, 0, mid, c_nritems - mid); if (ret) { + btrfs_tree_unlock(split); + free_extent_buffer(split); btrfs_abort_transaction(trans, ret); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ASoC: mediatek: mt8173: Fix snd_soc_component_initialize" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x a46d37012a5be1737393b8f82fd35665e4556eee # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071637-hankering-crop-89ef@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: a46d37012a5b ("ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path") 8c32984bc7da ("ASoC: mediatek: mt8173: Fix debugfs registration for components") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a46d37012a5be1737393b8f82fd35665e4556eee Mon Sep 17 00:00:00 2001 From: Ricardo Ribalda Delgado <ribalda(a)chromium.org> Date: Mon, 12 Jun 2023 11:05:31 +0200 Subject: [PATCH] ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path If the second component fails to initialize, cleanup the first on. Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Cc: stable(a)kernel.org Fixes: f1b5bf07365d ("ASoC: mt2701/mt8173: replace platform to component") Signed-off-by: Ricardo Ribalda Delgado <ribalda(a)chromium.org> Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> Link: https://lore.kernel.org/r/20230612-mt8173-fixup-v2-1-432aa99ce24d@chromium.… Signed-off-by: Mark Brown <broonie(a)kernel.org> diff --git a/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c b/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c index f93c2ec8beb7..ff25c44070a3 100644 --- a/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c +++ b/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c @@ -1156,14 +1156,14 @@ static int mt8173_afe_pcm_dev_probe(struct platform_device *pdev) comp_hdmi = devm_kzalloc(&pdev->dev, sizeof(*comp_hdmi), GFP_KERNEL); if (!comp_hdmi) { ret = -ENOMEM; - goto err_pm_disable; + goto err_cleanup_components; } ret = snd_soc_component_initialize(comp_hdmi, &mt8173_afe_hdmi_dai_component, &pdev->dev); if (ret) - goto err_pm_disable; + goto err_cleanup_components; #ifdef CONFIG_DEBUG_FS comp_hdmi->debugfs_prefix = "hdmi";

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ASoC: mediatek: mt8173: Fix snd_soc_component_initialize" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x a46d37012a5be1737393b8f82fd35665e4556eee # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071638-uplifting-pentagram-4572@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: a46d37012a5b ("ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path") 8c32984bc7da ("ASoC: mediatek: mt8173: Fix debugfs registration for components") fceef72b68d6 ("ASoC: mt8173: use devm_platform_ioremap_resource() to simplify code") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a46d37012a5be1737393b8f82fd35665e4556eee Mon Sep 17 00:00:00 2001 From: Ricardo Ribalda Delgado <ribalda(a)chromium.org> Date: Mon, 12 Jun 2023 11:05:31 +0200 Subject: [PATCH] ASoC: mediatek: mt8173: Fix snd_soc_component_initialize error path If the second component fails to initialize, cleanup the first on. Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Cc: stable(a)kernel.org Fixes: f1b5bf07365d ("ASoC: mt2701/mt8173: replace platform to component") Signed-off-by: Ricardo Ribalda Delgado <ribalda(a)chromium.org> Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno(a)collabora.com> Link: https://lore.kernel.org/r/20230612-mt8173-fixup-v2-1-432aa99ce24d@chromium.… Signed-off-by: Mark Brown <broonie(a)kernel.org> diff --git a/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c b/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c index f93c2ec8beb7..ff25c44070a3 100644 --- a/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c +++ b/sound/soc/mediatek/mt8173/mt8173-afe-pcm.c @@ -1156,14 +1156,14 @@ static int mt8173_afe_pcm_dev_probe(struct platform_device *pdev) comp_hdmi = devm_kzalloc(&pdev->dev, sizeof(*comp_hdmi), GFP_KERNEL); if (!comp_hdmi) { ret = -ENOMEM; - goto err_pm_disable; + goto err_cleanup_components; } ret = snd_soc_component_initialize(comp_hdmi, &mt8173_afe_hdmi_dai_component, &pdev->dev); if (ret) - goto err_pm_disable; + goto err_cleanup_components; #ifdef CONFIG_DEBUG_FS comp_hdmi->debugfs_prefix = "hdmi";

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071641-umpire-kilogram-716d@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: 8a4a0b2a3eaf ("btrfs: fix race between quota disable and relocation") e804861bd4e6 ("btrfs: fix deadlock between quota disable and qgroup rescan worker") a855fbe69229 ("btrfs: fix lockdep splat when enabling and disabling qgroups") 49e5fb46211d ("btrfs: qgroup: export qgroups in sysfs") 5958253cf65d ("btrfs: qgroup: catch reserved space leaks at unmount time") 81f7eb00ff5b ("btrfs: destroy qgroup extent records on transaction abort") aac0023c2106 ("btrfs: move basic block_group definitions to their own header") d7cd4dd907c1 ("Btrfs: fix sysfs warning and missing raid sysfs directories") 867363429d70 ("btrfs: migrate the delalloc space stuff to it's own home") fb6dea26601b ("btrfs: migrate btrfs_trans_release_chunk_metadata") 6ef03debdb3d ("btrfs: migrate the delayed refs rsv code") 67f9c2209e88 ("btrfs: migrate the global_block_rsv helpers to block-rsv.c") 550fa228ee7e ("btrfs: migrate the block-rsv code to block-rsv.c") 424a47805a81 ("btrfs: stop using block_rsv_release_bytes everywhere") fcec36224fc6 ("btrfs: cleanup the target logic in __btrfs_block_rsv_release") fed14b323db8 ("btrfs: export __btrfs_block_rsv_release") 0b50174ad5e9 ("btrfs: export btrfs_block_rsv_add_bytes") d12ffdd1aa4c ("btrfs: move btrfs_block_rsv definitions into it's own header") 0d9764f6d0fb ("btrfs: move reserve_metadata_bytes and supporting code to space-info.c") 5da6afeb32e9 ("btrfs: move dump_space_info to space-info.c") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071640-corset-tripping-baa8@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 8a4a0b2a3eaf ("btrfs: fix race between quota disable and relocation") e804861bd4e6 ("btrfs: fix deadlock between quota disable and qgroup rescan worker") a855fbe69229 ("btrfs: fix lockdep splat when enabling and disabling qgroups") 49e5fb46211d ("btrfs: qgroup: export qgroups in sysfs") 5958253cf65d ("btrfs: qgroup: catch reserved space leaks at unmount time") 81f7eb00ff5b ("btrfs: destroy qgroup extent records on transaction abort") aac0023c2106 ("btrfs: move basic block_group definitions to their own header") d7cd4dd907c1 ("Btrfs: fix sysfs warning and missing raid sysfs directories") 867363429d70 ("btrfs: migrate the delalloc space stuff to it's own home") fb6dea26601b ("btrfs: migrate btrfs_trans_release_chunk_metadata") 6ef03debdb3d ("btrfs: migrate the delayed refs rsv code") 67f9c2209e88 ("btrfs: migrate the global_block_rsv helpers to block-rsv.c") 550fa228ee7e ("btrfs: migrate the block-rsv code to block-rsv.c") 424a47805a81 ("btrfs: stop using block_rsv_release_bytes everywhere") fcec36224fc6 ("btrfs: cleanup the target logic in __btrfs_block_rsv_release") fed14b323db8 ("btrfs: export __btrfs_block_rsv_release") 0b50174ad5e9 ("btrfs: export btrfs_block_rsv_add_bytes") d12ffdd1aa4c ("btrfs: move btrfs_block_rsv definitions into it's own header") 0d9764f6d0fb ("btrfs: move reserve_metadata_bytes and supporting code to space-info.c") 5da6afeb32e9 ("btrfs: move dump_space_info to space-info.c") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071636-neatness-trapping-fe89@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 8a4a0b2a3eaf ("btrfs: fix race between quota disable and relocation") e804861bd4e6 ("btrfs: fix deadlock between quota disable and qgroup rescan worker") a855fbe69229 ("btrfs: fix lockdep splat when enabling and disabling qgroups") 49e5fb46211d ("btrfs: qgroup: export qgroups in sysfs") 5958253cf65d ("btrfs: qgroup: catch reserved space leaks at unmount time") 81f7eb00ff5b ("btrfs: destroy qgroup extent records on transaction abort") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071629-nag-gravel-c2b8@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 8a4a0b2a3eaf ("btrfs: fix race between quota disable and relocation") e804861bd4e6 ("btrfs: fix deadlock between quota disable and qgroup rescan worker") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071628-seclusion-applied-22c4@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 8a4a0b2a3eaf ("btrfs: fix race between quota disable and relocation") e804861bd4e6 ("btrfs: fix deadlock between quota disable and qgroup rescan worker") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071627-serotonin-shorts-8ca4@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 8a4a0b2a3eaf ("btrfs: fix race between quota disable and relocation") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race between quota disable and relocation" failed to apply to 6.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.4.y git checkout FETCH_HEAD git cherry-pick -x 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071626-darkness-agony-ce5d@gregkh' --subject-prefix 'PATCH 6.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a4a0b2a3eaf75ca8854f856ef29690c12b2f531 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:50 +0100 Subject: [PATCH] btrfs: fix race between quota disable and relocation If we disable quotas while we have a relocation of a metadata block group that has extents belonging to the quota root, we can cause the relocation to fail with -ENOENT. This is because relocation builds backref nodes for extents of the quota root and later needs to walk the backrefs and access the quota root - however if in between a task disables quotas, it results in deleting the quota root from the root tree (with btrfs_del_root(), called from btrfs_quota_disable(). This can be sporadically triggered by test case btrfs/255 from fstests: $ ./check btrfs/255 FSTYP -- btrfs PLATFORM -- Linux/x86_64 debian0 6.4.0-rc6-btrfs-next-134+ #1 SMP PREEMPT_DYNAMIC Thu Jun 15 11:59:28 WEST 2023 MKFS_OPTIONS -- /dev/sdc MOUNT_OPTIONS -- /dev/sdc /home/fdmanana/btrfs-tests/scratch_1 btrfs/255 6s ... _check_dmesg: something found in dmesg (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.dmesg) - output mismatch (see /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad) --- tests/btrfs/255.out 2023-03-02 21:47:53.876609426 +0000 +++ /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad 2023-06-16 10:20:39.267563212 +0100 @@ -1,2 +1,4 @@ QA output created by 255 +ERROR: error during balancing '/home/fdmanana/btrfs-tests/scratch_1': No such file or directory +There may be more info in syslog - try dmesg | tail Silence is golden ... (Run 'diff -u /home/fdmanana/git/hub/xfstests/tests/btrfs/255.out /home/fdmanana/git/hub/xfstests/results//btrfs/255.out.bad' to see the entire diff) Ran: btrfs/255 Failures: btrfs/255 Failed 1 of 1 tests To fix this make the quota disable operation take the cleaner mutex, as relocation of a block group also takes this mutex. This is also what we do when deleting a subvolume/snapshot, we take the cleaner mutex in the cleaner kthread (at cleaner_kthread()) and then we call btrfs_del_root() at btrfs_drop_snapshot() while under the protection of the cleaner mutex. Fixes: bed92eae26cc ("Btrfs: qgroup implementation and prototypes") CC: stable(a)vger.kernel.org # 5.4+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index f8735b31da16..da1f84a0eb29 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1232,12 +1232,23 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) int ret = 0; /* - * We need to have subvol_sem write locked, to prevent races between - * concurrent tasks trying to disable quotas, because we will unlock - * and relock qgroup_ioctl_lock across BTRFS_FS_QUOTA_ENABLED changes. + * We need to have subvol_sem write locked to prevent races with + * snapshot creation. */ lockdep_assert_held_write(&fs_info->subvol_sem); + /* + * Lock the cleaner mutex to prevent races with concurrent relocation, + * because relocation may be building backrefs for blocks of the quota + * root while we are deleting the root. This is like dropping fs roots + * of deleted snapshots/subvolumes, we need the same protection. + * + * This also prevents races between concurrent tasks trying to disable + * quotas, because we will unlock and relock qgroup_ioctl_lock across + * BTRFS_FS_QUOTA_ENABLED changes. + */ + mutex_lock(&fs_info->cleaner_mutex); + mutex_lock(&fs_info->qgroup_ioctl_lock); if (!fs_info->quota_root) goto out; @@ -1319,6 +1330,7 @@ int btrfs_quota_disable(struct btrfs_fs_info *fs_info) btrfs_end_transaction(trans); else if (trans) ret = btrfs_end_transaction(trans); + mutex_unlock(&fs_info->cleaner_mutex); return ret; }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: do not BUG_ON() on tree mod log failure at" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 40b0a749388517de244643c09bdbb98f7dcb6ef1 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071602-oxford-etching-4c52@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 40b0a7493885 ("btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block()") 406808ab2f0b ("btrfs: use booleans where appropriate for the tree mod log functions") f3a84ccd28d0 ("btrfs: move the tree mod log code into its own file") dbcc7d57bffc ("btrfs: fix race when cloning extent buffer during rewind of an old root") cac06d843f25 ("btrfs: introduce the skeleton of btrfs_subpage structure") 1b7ec85ef490 ("btrfs: pass root owner to read_tree_block") bfb484d922a3 ("btrfs: cleanup extent buffer readahead") ac5887c8e013 ("btrfs: locking: remove all the blocking helpers") 196d59ab9ccc ("btrfs: switch extent buffer tree lock to rw_semaphore") bf77467a93bd ("btrfs: introduce BTRFS_NESTING_LEFT/BTRFS_NESTING_RIGHT") 9631e4cc1a03 ("btrfs: introduce BTRFS_NESTING_COW for cow'ing blocks") fd7ba1c1202d ("btrfs: add nesting tags to the locking helpers") 51899412dd95 ("btrfs: introduce btrfs_path::recurse") 329ced799be8 ("btrfs: rename extent_buffer::lock_nested to extent_buffer::lock_recursed") d16c702fe4f2 ("btrfs: ctree: check key order before merging tree blocks") d3beaa253fd6 ("btrfs: set the lockdep class for log tree extent buffers") ad24466588ab ("btrfs: set the correct lockdep class for new nodes") d85327b1d8b7 ("btrfs: prefetch chunk tree leaves at mount") 49e5fb46211d ("btrfs: qgroup: export qgroups in sysfs") 5958253cf65d ("btrfs: qgroup: catch reserved space leaks at unmount time") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 40b0a749388517de244643c09bdbb98f7dcb6ef1 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:40 +0100 Subject: [PATCH] btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block() At __btrfs_cow_block(), instead of doing a BUG_ON() in case we fail to record a tree mod log root insertion operation, do a transaction abort instead. There's really no need for the BUG_ON(), we can properly release all resources in this context and turn the filesystem to RO mode and in an error state instead. CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 8496535828de..d6c29564ce49 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -584,9 +584,14 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, btrfs_header_backref_rev(buf) < BTRFS_MIXED_BACKREF_REV) parent_start = buf->start; - atomic_inc(&cow->refs); ret = btrfs_tree_mod_log_insert_root(root->node, cow, true); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_tree_unlock(cow); + free_extent_buffer(cow); + btrfs_abort_transaction(trans, ret); + return ret; + } + atomic_inc(&cow->refs); rcu_assign_pointer(root->node, cow); btrfs_free_tree_block(trans, btrfs_root_id(root), buf,

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: do not BUG_ON() on tree mod log failure at" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 40b0a749388517de244643c09bdbb98f7dcb6ef1 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071601-gristle-construct-2916@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 40b0a7493885 ("btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block()") 406808ab2f0b ("btrfs: use booleans where appropriate for the tree mod log functions") f3a84ccd28d0 ("btrfs: move the tree mod log code into its own file") dbcc7d57bffc ("btrfs: fix race when cloning extent buffer during rewind of an old root") cac06d843f25 ("btrfs: introduce the skeleton of btrfs_subpage structure") 1b7ec85ef490 ("btrfs: pass root owner to read_tree_block") bfb484d922a3 ("btrfs: cleanup extent buffer readahead") ac5887c8e013 ("btrfs: locking: remove all the blocking helpers") 196d59ab9ccc ("btrfs: switch extent buffer tree lock to rw_semaphore") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 40b0a749388517de244643c09bdbb98f7dcb6ef1 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:40 +0100 Subject: [PATCH] btrfs: do not BUG_ON() on tree mod log failure at __btrfs_cow_block() At __btrfs_cow_block(), instead of doing a BUG_ON() in case we fail to record a tree mod log root insertion operation, do a transaction abort instead. There's really no need for the BUG_ON(), we can properly release all resources in this context and turn the filesystem to RO mode and in an error state instead. CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 8496535828de..d6c29564ce49 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -584,9 +584,14 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, btrfs_header_backref_rev(buf) < BTRFS_MIXED_BACKREF_REV) parent_start = buf->start; - atomic_inc(&cow->refs); ret = btrfs_tree_mod_log_insert_root(root->node, cow, true); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_tree_unlock(cow); + free_extent_buffer(cow); + btrfs_abort_transaction(trans, ret); + return ret; + } + atomic_inc(&cow->refs); rcu_assign_pointer(root->node, cow); btrfs_free_tree_block(trans, btrfs_root_id(root), buf,

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: add missing error handling when logging operation" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x d09c51521f22f9cbdfb1cf63e5c456077c622c84 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071633-bless-cola-21d7@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: d09c51521f22 ("btrfs: add missing error handling when logging operation while COWing extent buffer") 33cff222faff ("btrfs: remove gfp_t flag from btrfs_tree_mod_log_insert_key()") 879b22219831 ("btrfs: switch GFP_ATOMIC to GFP_NOFS when fixing up low keys") f3a84ccd28d0 ("btrfs: move the tree mod log code into its own file") dbcc7d57bffc ("btrfs: fix race when cloning extent buffer during rewind of an old root") cac06d843f25 ("btrfs: introduce the skeleton of btrfs_subpage structure") 1b7ec85ef490 ("btrfs: pass root owner to read_tree_block") bfb484d922a3 ("btrfs: cleanup extent buffer readahead") ac5887c8e013 ("btrfs: locking: remove all the blocking helpers") 196d59ab9ccc ("btrfs: switch extent buffer tree lock to rw_semaphore") bf77467a93bd ("btrfs: introduce BTRFS_NESTING_LEFT/BTRFS_NESTING_RIGHT") 9631e4cc1a03 ("btrfs: introduce BTRFS_NESTING_COW for cow'ing blocks") fd7ba1c1202d ("btrfs: add nesting tags to the locking helpers") 51899412dd95 ("btrfs: introduce btrfs_path::recurse") 329ced799be8 ("btrfs: rename extent_buffer::lock_nested to extent_buffer::lock_recursed") d16c702fe4f2 ("btrfs: ctree: check key order before merging tree blocks") d3beaa253fd6 ("btrfs: set the lockdep class for log tree extent buffers") ad24466588ab ("btrfs: set the correct lockdep class for new nodes") d85327b1d8b7 ("btrfs: prefetch chunk tree leaves at mount") 49e5fb46211d ("btrfs: qgroup: export qgroups in sysfs") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d09c51521f22f9cbdfb1cf63e5c456077c622c84 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:37 +0100 Subject: [PATCH] btrfs: add missing error handling when logging operation while COWing extent buffer When COWing an extent buffer that is not the root node, we need to log in the tree mod log that we replaced a pointer in the parent node, otherwise a tree mod log user doing a search on the b+tree can return incorrect results (that miss something). We are doing the call to btrfs_tree_mod_log_insert_key() but we totally ignore its return value. So fix this by adding the missing error handling, resulting in a transaction abort and freeing the COWed extent buffer. Fixes: f230475e62f7 ("Btrfs: put all block modifications into the tree mod log") CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 385524224037..7f7f13965fe9 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -595,8 +595,14 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, add_root_to_dirty_list(root); } else { WARN_ON(trans->transid != btrfs_header_generation(parent)); - btrfs_tree_mod_log_insert_key(parent, parent_slot, - BTRFS_MOD_LOG_KEY_REPLACE); + ret = btrfs_tree_mod_log_insert_key(parent, parent_slot, + BTRFS_MOD_LOG_KEY_REPLACE); + if (ret) { + btrfs_tree_unlock(cow); + free_extent_buffer(cow); + btrfs_abort_transaction(trans, ret); + return ret; + } btrfs_set_node_blockptr(parent, parent_slot, cow->start); btrfs_set_node_ptr_generation(parent, parent_slot,

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: add missing error handling when logging operation" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x d09c51521f22f9cbdfb1cf63e5c456077c622c84 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071632-modified-gauze-0d86@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: d09c51521f22 ("btrfs: add missing error handling when logging operation while COWing extent buffer") 33cff222faff ("btrfs: remove gfp_t flag from btrfs_tree_mod_log_insert_key()") 879b22219831 ("btrfs: switch GFP_ATOMIC to GFP_NOFS when fixing up low keys") f3a84ccd28d0 ("btrfs: move the tree mod log code into its own file") dbcc7d57bffc ("btrfs: fix race when cloning extent buffer during rewind of an old root") cac06d843f25 ("btrfs: introduce the skeleton of btrfs_subpage structure") 1b7ec85ef490 ("btrfs: pass root owner to read_tree_block") bfb484d922a3 ("btrfs: cleanup extent buffer readahead") ac5887c8e013 ("btrfs: locking: remove all the blocking helpers") 196d59ab9ccc ("btrfs: switch extent buffer tree lock to rw_semaphore") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d09c51521f22f9cbdfb1cf63e5c456077c622c84 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:37 +0100 Subject: [PATCH] btrfs: add missing error handling when logging operation while COWing extent buffer When COWing an extent buffer that is not the root node, we need to log in the tree mod log that we replaced a pointer in the parent node, otherwise a tree mod log user doing a search on the b+tree can return incorrect results (that miss something). We are doing the call to btrfs_tree_mod_log_insert_key() but we totally ignore its return value. So fix this by adding the missing error handling, resulting in a transaction abort and freeing the COWed extent buffer. Fixes: f230475e62f7 ("Btrfs: put all block modifications into the tree mod log") CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 385524224037..7f7f13965fe9 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -595,8 +595,14 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, add_root_to_dirty_list(root); } else { WARN_ON(trans->transid != btrfs_header_generation(parent)); - btrfs_tree_mod_log_insert_key(parent, parent_slot, - BTRFS_MOD_LOG_KEY_REPLACE); + ret = btrfs_tree_mod_log_insert_key(parent, parent_slot, + BTRFS_MOD_LOG_KEY_REPLACE); + if (ret) { + btrfs_tree_unlock(cow); + free_extent_buffer(cow); + btrfs_abort_transaction(trans, ret); + return ret; + } btrfs_set_node_blockptr(parent, parent_slot, cow->start); btrfs_set_node_ptr_generation(parent, parent_slot,

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: add missing error handling when logging operation" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x d09c51521f22f9cbdfb1cf63e5c456077c622c84 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071631-retake-dollar-89ea@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: d09c51521f22 ("btrfs: add missing error handling when logging operation while COWing extent buffer") 33cff222faff ("btrfs: remove gfp_t flag from btrfs_tree_mod_log_insert_key()") 879b22219831 ("btrfs: switch GFP_ATOMIC to GFP_NOFS when fixing up low keys") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d09c51521f22f9cbdfb1cf63e5c456077c622c84 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:37 +0100 Subject: [PATCH] btrfs: add missing error handling when logging operation while COWing extent buffer When COWing an extent buffer that is not the root node, we need to log in the tree mod log that we replaced a pointer in the parent node, otherwise a tree mod log user doing a search on the b+tree can return incorrect results (that miss something). We are doing the call to btrfs_tree_mod_log_insert_key() but we totally ignore its return value. So fix this by adding the missing error handling, resulting in a transaction abort and freeing the COWed extent buffer. Fixes: f230475e62f7 ("Btrfs: put all block modifications into the tree mod log") CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 385524224037..7f7f13965fe9 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -595,8 +595,14 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, add_root_to_dirty_list(root); } else { WARN_ON(trans->transid != btrfs_header_generation(parent)); - btrfs_tree_mod_log_insert_key(parent, parent_slot, - BTRFS_MOD_LOG_KEY_REPLACE); + ret = btrfs_tree_mod_log_insert_key(parent, parent_slot, + BTRFS_MOD_LOG_KEY_REPLACE); + if (ret) { + btrfs_tree_unlock(cow); + free_extent_buffer(cow); + btrfs_abort_transaction(trans, ret); + return ret; + } btrfs_set_node_blockptr(parent, parent_slot, cow->start); btrfs_set_node_ptr_generation(parent, parent_slot,

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: add missing error handling when logging operation" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x d09c51521f22f9cbdfb1cf63e5c456077c622c84 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071630-arrange-duchess-1bb1@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: d09c51521f22 ("btrfs: add missing error handling when logging operation while COWing extent buffer") 33cff222faff ("btrfs: remove gfp_t flag from btrfs_tree_mod_log_insert_key()") 879b22219831 ("btrfs: switch GFP_ATOMIC to GFP_NOFS when fixing up low keys") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d09c51521f22f9cbdfb1cf63e5c456077c622c84 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:37 +0100 Subject: [PATCH] btrfs: add missing error handling when logging operation while COWing extent buffer When COWing an extent buffer that is not the root node, we need to log in the tree mod log that we replaced a pointer in the parent node, otherwise a tree mod log user doing a search on the b+tree can return incorrect results (that miss something). We are doing the call to btrfs_tree_mod_log_insert_key() but we totally ignore its return value. So fix this by adding the missing error handling, resulting in a transaction abort and freeing the COWed extent buffer. Fixes: f230475e62f7 ("Btrfs: put all block modifications into the tree mod log") CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 385524224037..7f7f13965fe9 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -595,8 +595,14 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, add_root_to_dirty_list(root); } else { WARN_ON(trans->transid != btrfs_header_generation(parent)); - btrfs_tree_mod_log_insert_key(parent, parent_slot, - BTRFS_MOD_LOG_KEY_REPLACE); + ret = btrfs_tree_mod_log_insert_key(parent, parent_slot, + BTRFS_MOD_LOG_KEY_REPLACE); + if (ret) { + btrfs_tree_unlock(cow); + free_extent_buffer(cow); + btrfs_abort_transaction(trans, ret); + return ret; + } btrfs_set_node_blockptr(parent, parent_slot, cow->start); btrfs_set_node_ptr_generation(parent, parent_slot,

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: warn on invalid slot in tree mod log rewind" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 95c8e349d8e8f190e28854e7ca96de866d2dc5a4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071646-upheaval-antiquity-8775@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 95c8e349d8e8 ("btrfs: warn on invalid slot in tree mod log rewind") e23efd8e8767 ("btrfs: add eb to btrfs_node_key_ptr_offset") 07e81dc94474 ("btrfs: move accessor helpers into accessors.h") ad1ac5012c2b ("btrfs: move btrfs_map_token to accessors") 55e5cfd36da5 ("btrfs: remove fs_info::pending_changes and related code") 7966a6b5959b ("btrfs: move fs_info::flags enum to fs.h") fc97a410bd78 ("btrfs: move mount option definitions to fs.h") 0d3a9cf8c306 ("btrfs: convert incompat and compat flag test helpers to macros") ec8eb376e271 ("btrfs: move BTRFS_FS_STATE* definitions and helpers to fs.h") 9b569ea0be6f ("btrfs: move the printk helpers out of ctree.h") e118578a8df7 ("btrfs: move assert helpers out of ctree.h") c7f13d428ea1 ("btrfs: move fs wide helpers out of ctree.h") 63a7cb130718 ("btrfs: auto enable discard=async when possible") 7a66eda351ba ("btrfs: move the btrfs_verity_descriptor_item defs up in ctree.h") 956504a331a6 ("btrfs: move trans_handle_cachep out of ctree.h") f1e5c6185ca1 ("btrfs: move flush related definitions to space-info.h") ed4c491a3db2 ("btrfs: move BTRFS_MAX_MIRRORS into scrub.c") 4300c58f8090 ("btrfs: move btrfs on-disk definitions out of ctree.h") d60d956eb41f ("btrfs: remove unused set/clear_pending_info helpers") 8bb808c6ad91 ("btrfs: don't print stack trace when transaction is aborted due to ENOMEM") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 95c8e349d8e8f190e28854e7ca96de866d2dc5a4 Mon Sep 17 00:00:00 2001 From: Boris Burkov <boris(a)bur.io> Date: Thu, 1 Jun 2023 11:55:13 -0700 Subject: [PATCH] btrfs: warn on invalid slot in tree mod log rewind The way that tree mod log tracks the ultimate length of the eb, the variable 'n', eventually turns up the correct value, but at intermediate steps during the rewind, n can be inaccurate as a representation of the end of the eb. For example, it doesn't get updated on move rewinds, and it does get updated for add/remove in the middle of the eb. To detect cases with invalid moves, introduce a separate variable called max_slot which tries to track the maximum valid slot in the rewind eb. We can then warn if we do a move whose src range goes beyond the max valid slot. There is a commented caveat that it is possible to have this value be an overestimate due to the challenge of properly handling 'add' operations in the middle of the eb, but in practice it doesn't cause enough of a problem to throw out the max idea in favor of tracking every valid slot. CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Boris Burkov <boris(a)bur.io> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/tree-mod-log.c b/fs/btrfs/tree-mod-log.c index a555baa0143a..39545d1d2e9a 100644 --- a/fs/btrfs/tree-mod-log.c +++ b/fs/btrfs/tree-mod-log.c @@ -664,10 +664,27 @@ static void tree_mod_log_rewind(struct btrfs_fs_info *fs_info, unsigned long o_dst; unsigned long o_src; unsigned long p_size = sizeof(struct btrfs_key_ptr); + /* + * max_slot tracks the maximum valid slot of the rewind eb at every + * step of the rewind. This is in contrast with 'n' which eventually + * matches the number of items, but can be wrong during moves or if + * removes overlap on already valid slots (which is probably separately + * a bug). We do this to validate the offsets of memmoves for rewinding + * moves and detect invalid memmoves. + * + * Since a rewind eb can start empty, max_slot is a signed integer with + * a special meaning for -1, which is that no slot is valid to move out + * of. Any other negative value is invalid. + */ + int max_slot; + int move_src_end_slot; + int move_dst_end_slot; n = btrfs_header_nritems(eb); + max_slot = n - 1; read_lock(&fs_info->tree_mod_log_lock); while (tm && tm->seq >= time_seq) { + ASSERT(max_slot >= -1); /* * All the operations are recorded with the operator used for * the modification. As we're going backwards, we do the @@ -684,6 +701,8 @@ static void tree_mod_log_rewind(struct btrfs_fs_info *fs_info, btrfs_set_node_ptr_generation(eb, tm->slot, tm->generation); n++; + if (tm->slot > max_slot) + max_slot = tm->slot; break; case BTRFS_MOD_LOG_KEY_REPLACE: BUG_ON(tm->slot >= n); @@ -693,14 +712,37 @@ static void tree_mod_log_rewind(struct btrfs_fs_info *fs_info, tm->generation); break; case BTRFS_MOD_LOG_KEY_ADD: + /* + * It is possible we could have already removed keys + * behind the known max slot, so this will be an + * overestimate. In practice, the copy operation + * inserts them in increasing order, and overestimating + * just means we miss some warnings, so it's OK. It + * isn't worth carefully tracking the full array of + * valid slots to check against when moving. + */ + if (tm->slot == max_slot) + max_slot--; /* if a move operation is needed it's in the log */ n--; break; case BTRFS_MOD_LOG_MOVE_KEYS: + ASSERT(tm->move.nr_items > 0); + move_src_end_slot = tm->move.dst_slot + tm->move.nr_items - 1; + move_dst_end_slot = tm->slot + tm->move.nr_items - 1; o_dst = btrfs_node_key_ptr_offset(eb, tm->slot); o_src = btrfs_node_key_ptr_offset(eb, tm->move.dst_slot); + if (WARN_ON(move_src_end_slot > max_slot || + tm->move.nr_items <= 0)) { + btrfs_warn(fs_info, +"move from invalid tree mod log slot eb %llu slot %d dst_slot %d nr_items %d seq %llu n %u max_slot %d", + eb->start, tm->slot, + tm->move.dst_slot, tm->move.nr_items, + tm->seq, n, max_slot); + } memmove_extent_buffer(eb, o_dst, o_src, tm->move.nr_items * p_size); + max_slot = move_dst_end_slot; break; case BTRFS_MOD_LOG_ROOT_REPLACE: /*

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: warn on invalid slot in tree mod log rewind" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 95c8e349d8e8f190e28854e7ca96de866d2dc5a4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071644-boxer-satchel-5beb@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 95c8e349d8e8 ("btrfs: warn on invalid slot in tree mod log rewind") e23efd8e8767 ("btrfs: add eb to btrfs_node_key_ptr_offset") 07e81dc94474 ("btrfs: move accessor helpers into accessors.h") ad1ac5012c2b ("btrfs: move btrfs_map_token to accessors") 55e5cfd36da5 ("btrfs: remove fs_info::pending_changes and related code") 7966a6b5959b ("btrfs: move fs_info::flags enum to fs.h") fc97a410bd78 ("btrfs: move mount option definitions to fs.h") 0d3a9cf8c306 ("btrfs: convert incompat and compat flag test helpers to macros") ec8eb376e271 ("btrfs: move BTRFS_FS_STATE* definitions and helpers to fs.h") 9b569ea0be6f ("btrfs: move the printk helpers out of ctree.h") e118578a8df7 ("btrfs: move assert helpers out of ctree.h") c7f13d428ea1 ("btrfs: move fs wide helpers out of ctree.h") 63a7cb130718 ("btrfs: auto enable discard=async when possible") 7a66eda351ba ("btrfs: move the btrfs_verity_descriptor_item defs up in ctree.h") 956504a331a6 ("btrfs: move trans_handle_cachep out of ctree.h") f1e5c6185ca1 ("btrfs: move flush related definitions to space-info.h") ed4c491a3db2 ("btrfs: move BTRFS_MAX_MIRRORS into scrub.c") 4300c58f8090 ("btrfs: move btrfs on-disk definitions out of ctree.h") d60d956eb41f ("btrfs: remove unused set/clear_pending_info helpers") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 95c8e349d8e8f190e28854e7ca96de866d2dc5a4 Mon Sep 17 00:00:00 2001 From: Boris Burkov <boris(a)bur.io> Date: Thu, 1 Jun 2023 11:55:13 -0700 Subject: [PATCH] btrfs: warn on invalid slot in tree mod log rewind The way that tree mod log tracks the ultimate length of the eb, the variable 'n', eventually turns up the correct value, but at intermediate steps during the rewind, n can be inaccurate as a representation of the end of the eb. For example, it doesn't get updated on move rewinds, and it does get updated for add/remove in the middle of the eb. To detect cases with invalid moves, introduce a separate variable called max_slot which tries to track the maximum valid slot in the rewind eb. We can then warn if we do a move whose src range goes beyond the max valid slot. There is a commented caveat that it is possible to have this value be an overestimate due to the challenge of properly handling 'add' operations in the middle of the eb, but in practice it doesn't cause enough of a problem to throw out the max idea in favor of tracking every valid slot. CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Boris Burkov <boris(a)bur.io> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/tree-mod-log.c b/fs/btrfs/tree-mod-log.c index a555baa0143a..39545d1d2e9a 100644 --- a/fs/btrfs/tree-mod-log.c +++ b/fs/btrfs/tree-mod-log.c @@ -664,10 +664,27 @@ static void tree_mod_log_rewind(struct btrfs_fs_info *fs_info, unsigned long o_dst; unsigned long o_src; unsigned long p_size = sizeof(struct btrfs_key_ptr); + /* + * max_slot tracks the maximum valid slot of the rewind eb at every + * step of the rewind. This is in contrast with 'n' which eventually + * matches the number of items, but can be wrong during moves or if + * removes overlap on already valid slots (which is probably separately + * a bug). We do this to validate the offsets of memmoves for rewinding + * moves and detect invalid memmoves. + * + * Since a rewind eb can start empty, max_slot is a signed integer with + * a special meaning for -1, which is that no slot is valid to move out + * of. Any other negative value is invalid. + */ + int max_slot; + int move_src_end_slot; + int move_dst_end_slot; n = btrfs_header_nritems(eb); + max_slot = n - 1; read_lock(&fs_info->tree_mod_log_lock); while (tm && tm->seq >= time_seq) { + ASSERT(max_slot >= -1); /* * All the operations are recorded with the operator used for * the modification. As we're going backwards, we do the @@ -684,6 +701,8 @@ static void tree_mod_log_rewind(struct btrfs_fs_info *fs_info, btrfs_set_node_ptr_generation(eb, tm->slot, tm->generation); n++; + if (tm->slot > max_slot) + max_slot = tm->slot; break; case BTRFS_MOD_LOG_KEY_REPLACE: BUG_ON(tm->slot >= n); @@ -693,14 +712,37 @@ static void tree_mod_log_rewind(struct btrfs_fs_info *fs_info, tm->generation); break; case BTRFS_MOD_LOG_KEY_ADD: + /* + * It is possible we could have already removed keys + * behind the known max slot, so this will be an + * overestimate. In practice, the copy operation + * inserts them in increasing order, and overestimating + * just means we miss some warnings, so it's OK. It + * isn't worth carefully tracking the full array of + * valid slots to check against when moving. + */ + if (tm->slot == max_slot) + max_slot--; /* if a move operation is needed it's in the log */ n--; break; case BTRFS_MOD_LOG_MOVE_KEYS: + ASSERT(tm->move.nr_items > 0); + move_src_end_slot = tm->move.dst_slot + tm->move.nr_items - 1; + move_dst_end_slot = tm->slot + tm->move.nr_items - 1; o_dst = btrfs_node_key_ptr_offset(eb, tm->slot); o_src = btrfs_node_key_ptr_offset(eb, tm->move.dst_slot); + if (WARN_ON(move_src_end_slot > max_slot || + tm->move.nr_items <= 0)) { + btrfs_warn(fs_info, +"move from invalid tree mod log slot eb %llu slot %d dst_slot %d nr_items %d seq %llu n %u max_slot %d", + eb->start, tm->slot, + tm->move.dst_slot, tm->move.nr_items, + tm->seq, n, max_slot); + } memmove_extent_buffer(eb, o_dst, o_src, tm->move.nr_items * p_size); + max_slot = move_dst_end_slot; break; case BTRFS_MOD_LOG_ROOT_REPLACE: /*

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: insert tree mod log move in push_node_left" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 5cead5422a0e3d13b0bcee986c0f5c4ebb94100b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071638-ultimatum-humbly-ca99@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 5cead5422a0e ("btrfs: insert tree mod log move in push_node_left") e23efd8e8767 ("btrfs: add eb to btrfs_node_key_ptr_offset") 07e81dc94474 ("btrfs: move accessor helpers into accessors.h") ad1ac5012c2b ("btrfs: move btrfs_map_token to accessors") 55e5cfd36da5 ("btrfs: remove fs_info::pending_changes and related code") 7966a6b5959b ("btrfs: move fs_info::flags enum to fs.h") fc97a410bd78 ("btrfs: move mount option definitions to fs.h") 0d3a9cf8c306 ("btrfs: convert incompat and compat flag test helpers to macros") ec8eb376e271 ("btrfs: move BTRFS_FS_STATE* definitions and helpers to fs.h") 9b569ea0be6f ("btrfs: move the printk helpers out of ctree.h") e118578a8df7 ("btrfs: move assert helpers out of ctree.h") c7f13d428ea1 ("btrfs: move fs wide helpers out of ctree.h") 63a7cb130718 ("btrfs: auto enable discard=async when possible") 7a66eda351ba ("btrfs: move the btrfs_verity_descriptor_item defs up in ctree.h") 956504a331a6 ("btrfs: move trans_handle_cachep out of ctree.h") f1e5c6185ca1 ("btrfs: move flush related definitions to space-info.h") ed4c491a3db2 ("btrfs: move BTRFS_MAX_MIRRORS into scrub.c") 4300c58f8090 ("btrfs: move btrfs on-disk definitions out of ctree.h") d60d956eb41f ("btrfs: remove unused set/clear_pending_info helpers") 8bb808c6ad91 ("btrfs: don't print stack trace when transaction is aborted due to ENOMEM") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5cead5422a0e3d13b0bcee986c0f5c4ebb94100b Mon Sep 17 00:00:00 2001 From: Boris Burkov <boris(a)bur.io> Date: Thu, 1 Jun 2023 11:55:14 -0700 Subject: [PATCH] btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following trace: [530.569] BTRFS critical (device sda3): unable to find logical 0 length 4096 [530.585] BTRFS critical (device sda3): unable to find logical 0 length 4096 [530.602] BUG: kernel NULL pointer dereference, address: 0000000000000002 [530.618] #PF: supervisor read access in kernel mode [530.629] #PF: error_code(0x0000) - not-present page [530.641] PGD 0 P4D 0 [530.647] Oops: 0000 [#1] SMP [530.654] CPU: 30 PID: 398973 Comm: below Kdump: loaded Tainted: G S O K 5.12.0-0_fbk13_clang_7455_gb24de3bdb045 #1 [530.680] Hardware name: Quanta Mono Lake-M.2 SATA 1HY9U9Z001G/Mono Lake-M.2 SATA, BIOS F20_3A15 08/16/2017 [530.703] RIP: 0010:__btrfs_map_block+0xaa/0xd00 [530.755] RSP: 0018:ffffc9002c2f7600 EFLAGS: 00010246 [530.767] RAX: ffffffffffffffea RBX: ffff888292e41000 RCX: f2702d8b8be15100 [530.784] RDX: ffff88885fda6fb8 RSI: ffff88885fd973c8 RDI: ffff88885fd973c8 [530.800] RBP: ffff888292e410d0 R08: ffffffff82fd7fd0 R09: 00000000fffeffff [530.816] R10: ffffffff82e57fd0 R11: ffffffff82e57d70 R12: 0000000000000000 [530.832] R13: 0000000000001000 R14: 0000000000001000 R15: ffffc9002c2f76f0 [530.848] FS: 00007f38d64af000(0000) GS:ffff88885fd80000(0000) knlGS:0000000000000000 [530.866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [530.880] CR2: 0000000000000002 CR3: 00000002b6770004 CR4: 00000000003706e0 [530.896] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [530.912] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [530.928] Call Trace: [530.934] ? btrfs_printk+0x13b/0x18c [530.943] ? btrfs_bio_counter_inc_blocked+0x3d/0x130 [530.955] btrfs_map_bio+0x75/0x330 [530.963] ? kmem_cache_alloc+0x12a/0x2d0 [530.973] ? btrfs_submit_metadata_bio+0x63/0x100 [530.984] btrfs_submit_metadata_bio+0xa4/0x100 [530.995] submit_extent_page+0x30f/0x360 [531.004] read_extent_buffer_pages+0x49e/0x6d0 [531.015] ? submit_extent_page+0x360/0x360 [531.025] btree_read_extent_buffer_pages+0x5f/0x150 [531.037] read_tree_block+0x37/0x60 [531.046] read_block_for_search+0x18b/0x410 [531.056] btrfs_search_old_slot+0x198/0x2f0 [531.066] resolve_indirect_ref+0xfe/0x6f0 [531.076] ? ulist_alloc+0x31/0x60 [531.084] ? kmem_cache_alloc_trace+0x12e/0x2b0 [531.095] find_parent_nodes+0x720/0x1830 [531.105] ? ulist_alloc+0x10/0x60 [531.113] iterate_extent_inodes+0xea/0x370 [531.123] ? btrfs_previous_extent_item+0x8f/0x110 [531.134] ? btrfs_search_path_in_tree+0x240/0x240 [531.146] iterate_inodes_from_logical+0x98/0xd0 [531.157] ? btrfs_search_path_in_tree+0x240/0x240 [531.168] btrfs_ioctl_logical_to_ino+0xd9/0x180 [531.179] btrfs_ioctl+0xe2/0x2eb0 This occurs when logical inode resolution takes a tree mod log sequence number, and then while backref walking hits a rewind on a busy node which has the following sequence of tree mod log operations (numbers filled in from a specific example, but they are somewhat arbitrary) REMOVE_WHILE_FREEING slot 532 REMOVE_WHILE_FREEING slot 531 REMOVE_WHILE_FREEING slot 530 ... REMOVE_WHILE_FREEING slot 0 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 ADD slot 455 ADD slot 454 ADD slot 453 ... ADD slot 0 MOVE src slot 0 -> dst slot 456 nritems 533 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 When this sequence gets applied via btrfs_tree_mod_log_rewind, it allocates a fresh rewind eb, and first inserts the correct key info for the 533 elements, then overwrites the first 456 of them, then decrements the count by 456 via the add ops, then rewinds the move by doing a memmove from 456:988->0:532. We have never written anything past 532, so that memmove writes garbage into the 0:532 range. In practice, this results in a lot of fully 0 keys. The rewind then puts valid keys into slots 0:455 with the last removes, but 456:532 are still invalid. When search_old_slot uses this eb, if it uses one of those invalid slots, it can then read the extent buffer and issue a bio for offset 0 which ultimately panics looking up extent mappings. This bad tree mod log sequence gets generated when the node balancing code happens to do a balance_node_right followed by a push_node_left while logging in the tree mod log. Illustrated for ebs L and R (left and right): L R start: [XXX|YYY|...] [ZZZ|...|...] balance_node_right: [XXX|YYY|...] [...|ZZZ|...] move Z to make room for Y [XXX|...|...] [YYY|ZZZ|...] copy Y from L to R push_node_left: [XXX|YYY|...] [...|ZZZ|...] copy Y from R to L [XXX|YYY|...] [ZZZ|...|...] move Z into emptied space (NOT LOGGED!) This is because balance_node_right logs a move, but push_node_left explicitly doesn't. That is because logging the move would remove the overwritten src < dst range in the right eb, which was already logged when we called btrfs_tree_mod_log_eb_copy. The correct sequence would include a move from 456:988 to 0:532 after remove 0:455 and before removing 0:532. Reversing that sequence would entail creating keys for 0:532, then moving those keys out to 456:988, then creating more keys for 0:455. i.e., REMOVE_WHILE_FREEING slot 532 REMOVE_WHILE_FREEING slot 531 REMOVE_WHILE_FREEING slot 530 ... REMOVE_WHILE_FREEING slot 0 MOVE src slot 456 -> dst slot 0 nritems 533 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 ADD slot 455 ADD slot 454 ADD slot 453 ... ADD slot 0 MOVE src slot 0 -> dst slot 456 nritems 533 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 Fix this to log the move but avoid the double remove by putting all the logging logic in btrfs_tree_mod_log_eb_copy which has enough information to detect these cases and properly log moves, removes, and adds. Leave btrfs_tree_mod_log_insert_move to handle insert_ptr and delete_ptr's tree mod logging. (Un)fortunately, this is quite difficult to reproduce, and I was only able to reproduce it by adding sleeps in btrfs_search_old_slot that would encourage more log rewinding during ino_to_logical ioctls. I was able to hit the warning in the previous patch in the series without the fix quite quickly, but not after this patch. CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Boris Burkov <boris(a)bur.io> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 2f2071d64c52..385524224037 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -2785,8 +2785,8 @@ static int push_node_left(struct btrfs_trans_handle *trans, if (push_items < src_nritems) { /* - * Don't call btrfs_tree_mod_log_insert_move() here, key removal - * was already fully logged by btrfs_tree_mod_log_eb_copy() above. + * btrfs_tree_mod_log_eb_copy handles logging the move, so we + * don't need to do an explicit tree mod log operation for it. */ memmove_extent_buffer(src, btrfs_node_key_ptr_offset(src, 0), btrfs_node_key_ptr_offset(src, push_items), @@ -2847,8 +2847,11 @@ static int balance_node_right(struct btrfs_trans_handle *trans, btrfs_abort_transaction(trans, ret); return ret; } - ret = btrfs_tree_mod_log_insert_move(dst, push_items, 0, dst_nritems); - BUG_ON(ret < 0); + + /* + * btrfs_tree_mod_log_eb_copy handles logging the move, so we don't + * need to do an explicit tree mod log operation for it. + */ memmove_extent_buffer(dst, btrfs_node_key_ptr_offset(dst, push_items), btrfs_node_key_ptr_offset(dst, 0), (dst_nritems) * diff --git a/fs/btrfs/tree-mod-log.c b/fs/btrfs/tree-mod-log.c index 39545d1d2e9a..07c086f9e35e 100644 --- a/fs/btrfs/tree-mod-log.c +++ b/fs/btrfs/tree-mod-log.c @@ -248,6 +248,26 @@ int btrfs_tree_mod_log_insert_key(struct extent_buffer *eb, int slot, return ret; } +static struct tree_mod_elem *tree_mod_log_alloc_move(struct extent_buffer *eb, + int dst_slot, int src_slot, + int nr_items) +{ + struct tree_mod_elem *tm; + + tm = kzalloc(sizeof(*tm), GFP_NOFS); + if (!tm) + return ERR_PTR(-ENOMEM); + + tm->logical = eb->start; + tm->slot = src_slot; + tm->move.dst_slot = dst_slot; + tm->move.nr_items = nr_items; + tm->op = BTRFS_MOD_LOG_MOVE_KEYS; + RB_CLEAR_NODE(&tm->node); + + return tm; +} + int btrfs_tree_mod_log_insert_move(struct extent_buffer *eb, int dst_slot, int src_slot, int nr_items) @@ -265,18 +285,13 @@ int btrfs_tree_mod_log_insert_move(struct extent_buffer *eb, if (!tm_list) return -ENOMEM; - tm = kzalloc(sizeof(*tm), GFP_NOFS); - if (!tm) { - ret = -ENOMEM; + tm = tree_mod_log_alloc_move(eb, dst_slot, src_slot, nr_items); + if (IS_ERR(tm)) { + ret = PTR_ERR(tm); + tm = NULL; goto free_tms; } - tm->logical = eb->start; - tm->slot = src_slot; - tm->move.dst_slot = dst_slot; - tm->move.nr_items = nr_items; - tm->op = BTRFS_MOD_LOG_MOVE_KEYS; - for (i = 0; i + dst_slot < src_slot && i < nr_items; i++) { tm_list[i] = alloc_tree_mod_elem(eb, i + dst_slot, BTRFS_MOD_LOG_KEY_REMOVE_WHILE_MOVING); @@ -489,6 +504,10 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, struct tree_mod_elem **tm_list_add, **tm_list_rem; int i; bool locked = false; + struct tree_mod_elem *dst_move_tm = NULL; + struct tree_mod_elem *src_move_tm = NULL; + u32 dst_move_nr_items = btrfs_header_nritems(dst) - dst_offset; + u32 src_move_nr_items = btrfs_header_nritems(src) - (src_offset + nr_items); if (!tree_mod_need_log(fs_info, NULL)) return 0; @@ -501,6 +520,26 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, if (!tm_list) return -ENOMEM; + if (dst_move_nr_items) { + dst_move_tm = tree_mod_log_alloc_move(dst, dst_offset + nr_items, + dst_offset, dst_move_nr_items); + if (IS_ERR(dst_move_tm)) { + ret = PTR_ERR(dst_move_tm); + dst_move_tm = NULL; + goto free_tms; + } + } + if (src_move_nr_items) { + src_move_tm = tree_mod_log_alloc_move(src, src_offset, + src_offset + nr_items, + src_move_nr_items); + if (IS_ERR(src_move_tm)) { + ret = PTR_ERR(src_move_tm); + src_move_tm = NULL; + goto free_tms; + } + } + tm_list_add = tm_list; tm_list_rem = tm_list + nr_items; for (i = 0; i < nr_items; i++) { @@ -523,6 +562,11 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, goto free_tms; locked = true; + if (dst_move_tm) { + ret = tree_mod_log_insert(fs_info, dst_move_tm); + if (ret) + goto free_tms; + } for (i = 0; i < nr_items; i++) { ret = tree_mod_log_insert(fs_info, tm_list_rem[i]); if (ret) @@ -531,6 +575,11 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, if (ret) goto free_tms; } + if (src_move_tm) { + ret = tree_mod_log_insert(fs_info, src_move_tm); + if (ret) + goto free_tms; + } write_unlock(&fs_info->tree_mod_log_lock); kfree(tm_list); @@ -538,6 +587,12 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, return 0; free_tms: + if (dst_move_tm && !RB_EMPTY_NODE(&dst_move_tm->node)) + rb_erase(&dst_move_tm->node, &fs_info->tree_mod_log); + kfree(dst_move_tm); + if (src_move_tm && !RB_EMPTY_NODE(&src_move_tm->node)) + rb_erase(&src_move_tm->node, &fs_info->tree_mod_log); + kfree(src_move_tm); for (i = 0; i < nr_items * 2; i++) { if (tm_list[i] && !RB_EMPTY_NODE(&tm_list[i]->node)) rb_erase(&tm_list[i]->node, &fs_info->tree_mod_log);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: insert tree mod log move in push_node_left" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 5cead5422a0e3d13b0bcee986c0f5c4ebb94100b # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071633-shell-happily-3a92@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 5cead5422a0e ("btrfs: insert tree mod log move in push_node_left") e23efd8e8767 ("btrfs: add eb to btrfs_node_key_ptr_offset") 07e81dc94474 ("btrfs: move accessor helpers into accessors.h") ad1ac5012c2b ("btrfs: move btrfs_map_token to accessors") 55e5cfd36da5 ("btrfs: remove fs_info::pending_changes and related code") 7966a6b5959b ("btrfs: move fs_info::flags enum to fs.h") fc97a410bd78 ("btrfs: move mount option definitions to fs.h") 0d3a9cf8c306 ("btrfs: convert incompat and compat flag test helpers to macros") ec8eb376e271 ("btrfs: move BTRFS_FS_STATE* definitions and helpers to fs.h") 9b569ea0be6f ("btrfs: move the printk helpers out of ctree.h") e118578a8df7 ("btrfs: move assert helpers out of ctree.h") c7f13d428ea1 ("btrfs: move fs wide helpers out of ctree.h") 63a7cb130718 ("btrfs: auto enable discard=async when possible") 7a66eda351ba ("btrfs: move the btrfs_verity_descriptor_item defs up in ctree.h") 956504a331a6 ("btrfs: move trans_handle_cachep out of ctree.h") f1e5c6185ca1 ("btrfs: move flush related definitions to space-info.h") ed4c491a3db2 ("btrfs: move BTRFS_MAX_MIRRORS into scrub.c") 4300c58f8090 ("btrfs: move btrfs on-disk definitions out of ctree.h") d60d956eb41f ("btrfs: remove unused set/clear_pending_info helpers") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5cead5422a0e3d13b0bcee986c0f5c4ebb94100b Mon Sep 17 00:00:00 2001 From: Boris Burkov <boris(a)bur.io> Date: Thu, 1 Jun 2023 11:55:14 -0700 Subject: [PATCH] btrfs: insert tree mod log move in push_node_left There is a fairly unlikely race condition in tree mod log rewind that can result in a kernel panic which has the following trace: [530.569] BTRFS critical (device sda3): unable to find logical 0 length 4096 [530.585] BTRFS critical (device sda3): unable to find logical 0 length 4096 [530.602] BUG: kernel NULL pointer dereference, address: 0000000000000002 [530.618] #PF: supervisor read access in kernel mode [530.629] #PF: error_code(0x0000) - not-present page [530.641] PGD 0 P4D 0 [530.647] Oops: 0000 [#1] SMP [530.654] CPU: 30 PID: 398973 Comm: below Kdump: loaded Tainted: G S O K 5.12.0-0_fbk13_clang_7455_gb24de3bdb045 #1 [530.680] Hardware name: Quanta Mono Lake-M.2 SATA 1HY9U9Z001G/Mono Lake-M.2 SATA, BIOS F20_3A15 08/16/2017 [530.703] RIP: 0010:__btrfs_map_block+0xaa/0xd00 [530.755] RSP: 0018:ffffc9002c2f7600 EFLAGS: 00010246 [530.767] RAX: ffffffffffffffea RBX: ffff888292e41000 RCX: f2702d8b8be15100 [530.784] RDX: ffff88885fda6fb8 RSI: ffff88885fd973c8 RDI: ffff88885fd973c8 [530.800] RBP: ffff888292e410d0 R08: ffffffff82fd7fd0 R09: 00000000fffeffff [530.816] R10: ffffffff82e57fd0 R11: ffffffff82e57d70 R12: 0000000000000000 [530.832] R13: 0000000000001000 R14: 0000000000001000 R15: ffffc9002c2f76f0 [530.848] FS: 00007f38d64af000(0000) GS:ffff88885fd80000(0000) knlGS:0000000000000000 [530.866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [530.880] CR2: 0000000000000002 CR3: 00000002b6770004 CR4: 00000000003706e0 [530.896] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [530.912] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [530.928] Call Trace: [530.934] ? btrfs_printk+0x13b/0x18c [530.943] ? btrfs_bio_counter_inc_blocked+0x3d/0x130 [530.955] btrfs_map_bio+0x75/0x330 [530.963] ? kmem_cache_alloc+0x12a/0x2d0 [530.973] ? btrfs_submit_metadata_bio+0x63/0x100 [530.984] btrfs_submit_metadata_bio+0xa4/0x100 [530.995] submit_extent_page+0x30f/0x360 [531.004] read_extent_buffer_pages+0x49e/0x6d0 [531.015] ? submit_extent_page+0x360/0x360 [531.025] btree_read_extent_buffer_pages+0x5f/0x150 [531.037] read_tree_block+0x37/0x60 [531.046] read_block_for_search+0x18b/0x410 [531.056] btrfs_search_old_slot+0x198/0x2f0 [531.066] resolve_indirect_ref+0xfe/0x6f0 [531.076] ? ulist_alloc+0x31/0x60 [531.084] ? kmem_cache_alloc_trace+0x12e/0x2b0 [531.095] find_parent_nodes+0x720/0x1830 [531.105] ? ulist_alloc+0x10/0x60 [531.113] iterate_extent_inodes+0xea/0x370 [531.123] ? btrfs_previous_extent_item+0x8f/0x110 [531.134] ? btrfs_search_path_in_tree+0x240/0x240 [531.146] iterate_inodes_from_logical+0x98/0xd0 [531.157] ? btrfs_search_path_in_tree+0x240/0x240 [531.168] btrfs_ioctl_logical_to_ino+0xd9/0x180 [531.179] btrfs_ioctl+0xe2/0x2eb0 This occurs when logical inode resolution takes a tree mod log sequence number, and then while backref walking hits a rewind on a busy node which has the following sequence of tree mod log operations (numbers filled in from a specific example, but they are somewhat arbitrary) REMOVE_WHILE_FREEING slot 532 REMOVE_WHILE_FREEING slot 531 REMOVE_WHILE_FREEING slot 530 ... REMOVE_WHILE_FREEING slot 0 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 ADD slot 455 ADD slot 454 ADD slot 453 ... ADD slot 0 MOVE src slot 0 -> dst slot 456 nritems 533 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 When this sequence gets applied via btrfs_tree_mod_log_rewind, it allocates a fresh rewind eb, and first inserts the correct key info for the 533 elements, then overwrites the first 456 of them, then decrements the count by 456 via the add ops, then rewinds the move by doing a memmove from 456:988->0:532. We have never written anything past 532, so that memmove writes garbage into the 0:532 range. In practice, this results in a lot of fully 0 keys. The rewind then puts valid keys into slots 0:455 with the last removes, but 456:532 are still invalid. When search_old_slot uses this eb, if it uses one of those invalid slots, it can then read the extent buffer and issue a bio for offset 0 which ultimately panics looking up extent mappings. This bad tree mod log sequence gets generated when the node balancing code happens to do a balance_node_right followed by a push_node_left while logging in the tree mod log. Illustrated for ebs L and R (left and right): L R start: [XXX|YYY|...] [ZZZ|...|...] balance_node_right: [XXX|YYY|...] [...|ZZZ|...] move Z to make room for Y [XXX|...|...] [YYY|ZZZ|...] copy Y from L to R push_node_left: [XXX|YYY|...] [...|ZZZ|...] copy Y from R to L [XXX|YYY|...] [ZZZ|...|...] move Z into emptied space (NOT LOGGED!) This is because balance_node_right logs a move, but push_node_left explicitly doesn't. That is because logging the move would remove the overwritten src < dst range in the right eb, which was already logged when we called btrfs_tree_mod_log_eb_copy. The correct sequence would include a move from 456:988 to 0:532 after remove 0:455 and before removing 0:532. Reversing that sequence would entail creating keys for 0:532, then moving those keys out to 456:988, then creating more keys for 0:455. i.e., REMOVE_WHILE_FREEING slot 532 REMOVE_WHILE_FREEING slot 531 REMOVE_WHILE_FREEING slot 530 ... REMOVE_WHILE_FREEING slot 0 MOVE src slot 456 -> dst slot 0 nritems 533 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 ADD slot 455 ADD slot 454 ADD slot 453 ... ADD slot 0 MOVE src slot 0 -> dst slot 456 nritems 533 REMOVE slot 455 REMOVE slot 454 REMOVE slot 453 ... REMOVE slot 0 Fix this to log the move but avoid the double remove by putting all the logging logic in btrfs_tree_mod_log_eb_copy which has enough information to detect these cases and properly log moves, removes, and adds. Leave btrfs_tree_mod_log_insert_move to handle insert_ptr and delete_ptr's tree mod logging. (Un)fortunately, this is quite difficult to reproduce, and I was only able to reproduce it by adding sleeps in btrfs_search_old_slot that would encourage more log rewinding during ino_to_logical ioctls. I was able to hit the warning in the previous patch in the series without the fix quite quickly, but not after this patch. CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Boris Burkov <boris(a)bur.io> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 2f2071d64c52..385524224037 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -2785,8 +2785,8 @@ static int push_node_left(struct btrfs_trans_handle *trans, if (push_items < src_nritems) { /* - * Don't call btrfs_tree_mod_log_insert_move() here, key removal - * was already fully logged by btrfs_tree_mod_log_eb_copy() above. + * btrfs_tree_mod_log_eb_copy handles logging the move, so we + * don't need to do an explicit tree mod log operation for it. */ memmove_extent_buffer(src, btrfs_node_key_ptr_offset(src, 0), btrfs_node_key_ptr_offset(src, push_items), @@ -2847,8 +2847,11 @@ static int balance_node_right(struct btrfs_trans_handle *trans, btrfs_abort_transaction(trans, ret); return ret; } - ret = btrfs_tree_mod_log_insert_move(dst, push_items, 0, dst_nritems); - BUG_ON(ret < 0); + + /* + * btrfs_tree_mod_log_eb_copy handles logging the move, so we don't + * need to do an explicit tree mod log operation for it. + */ memmove_extent_buffer(dst, btrfs_node_key_ptr_offset(dst, push_items), btrfs_node_key_ptr_offset(dst, 0), (dst_nritems) * diff --git a/fs/btrfs/tree-mod-log.c b/fs/btrfs/tree-mod-log.c index 39545d1d2e9a..07c086f9e35e 100644 --- a/fs/btrfs/tree-mod-log.c +++ b/fs/btrfs/tree-mod-log.c @@ -248,6 +248,26 @@ int btrfs_tree_mod_log_insert_key(struct extent_buffer *eb, int slot, return ret; } +static struct tree_mod_elem *tree_mod_log_alloc_move(struct extent_buffer *eb, + int dst_slot, int src_slot, + int nr_items) +{ + struct tree_mod_elem *tm; + + tm = kzalloc(sizeof(*tm), GFP_NOFS); + if (!tm) + return ERR_PTR(-ENOMEM); + + tm->logical = eb->start; + tm->slot = src_slot; + tm->move.dst_slot = dst_slot; + tm->move.nr_items = nr_items; + tm->op = BTRFS_MOD_LOG_MOVE_KEYS; + RB_CLEAR_NODE(&tm->node); + + return tm; +} + int btrfs_tree_mod_log_insert_move(struct extent_buffer *eb, int dst_slot, int src_slot, int nr_items) @@ -265,18 +285,13 @@ int btrfs_tree_mod_log_insert_move(struct extent_buffer *eb, if (!tm_list) return -ENOMEM; - tm = kzalloc(sizeof(*tm), GFP_NOFS); - if (!tm) { - ret = -ENOMEM; + tm = tree_mod_log_alloc_move(eb, dst_slot, src_slot, nr_items); + if (IS_ERR(tm)) { + ret = PTR_ERR(tm); + tm = NULL; goto free_tms; } - tm->logical = eb->start; - tm->slot = src_slot; - tm->move.dst_slot = dst_slot; - tm->move.nr_items = nr_items; - tm->op = BTRFS_MOD_LOG_MOVE_KEYS; - for (i = 0; i + dst_slot < src_slot && i < nr_items; i++) { tm_list[i] = alloc_tree_mod_elem(eb, i + dst_slot, BTRFS_MOD_LOG_KEY_REMOVE_WHILE_MOVING); @@ -489,6 +504,10 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, struct tree_mod_elem **tm_list_add, **tm_list_rem; int i; bool locked = false; + struct tree_mod_elem *dst_move_tm = NULL; + struct tree_mod_elem *src_move_tm = NULL; + u32 dst_move_nr_items = btrfs_header_nritems(dst) - dst_offset; + u32 src_move_nr_items = btrfs_header_nritems(src) - (src_offset + nr_items); if (!tree_mod_need_log(fs_info, NULL)) return 0; @@ -501,6 +520,26 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, if (!tm_list) return -ENOMEM; + if (dst_move_nr_items) { + dst_move_tm = tree_mod_log_alloc_move(dst, dst_offset + nr_items, + dst_offset, dst_move_nr_items); + if (IS_ERR(dst_move_tm)) { + ret = PTR_ERR(dst_move_tm); + dst_move_tm = NULL; + goto free_tms; + } + } + if (src_move_nr_items) { + src_move_tm = tree_mod_log_alloc_move(src, src_offset, + src_offset + nr_items, + src_move_nr_items); + if (IS_ERR(src_move_tm)) { + ret = PTR_ERR(src_move_tm); + src_move_tm = NULL; + goto free_tms; + } + } + tm_list_add = tm_list; tm_list_rem = tm_list + nr_items; for (i = 0; i < nr_items; i++) { @@ -523,6 +562,11 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, goto free_tms; locked = true; + if (dst_move_tm) { + ret = tree_mod_log_insert(fs_info, dst_move_tm); + if (ret) + goto free_tms; + } for (i = 0; i < nr_items; i++) { ret = tree_mod_log_insert(fs_info, tm_list_rem[i]); if (ret) @@ -531,6 +575,11 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, if (ret) goto free_tms; } + if (src_move_tm) { + ret = tree_mod_log_insert(fs_info, src_move_tm); + if (ret) + goto free_tms; + } write_unlock(&fs_info->tree_mod_log_lock); kfree(tm_list); @@ -538,6 +587,12 @@ int btrfs_tree_mod_log_eb_copy(struct extent_buffer *dst, return 0; free_tms: + if (dst_move_tm && !RB_EMPTY_NODE(&dst_move_tm->node)) + rb_erase(&dst_move_tm->node, &fs_info->tree_mod_log); + kfree(dst_move_tm); + if (src_move_tm && !RB_EMPTY_NODE(&src_move_tm->node)) + rb_erase(&src_move_tm->node, &fs_info->tree_mod_log); + kfree(src_move_tm); for (i = 0; i < nr_items * 2; i++) { if (tm_list[i] && !RB_EMPTY_NODE(&tm_list[i]->node)) rb_erase(&tm_list[i]->node, &fs_info->tree_mod_log);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix range_end calculation in extent_write_locked_range" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071607-crunchy-washbowl-2fd3@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01f Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:50 +0200 Subject: [PATCH] btrfs: fix range_end calculation in extent_write_locked_range The range_end field in struct writeback_control is inclusive, just like the end parameter passed to extent_write_locked_range. Not doing this could cause extra writeout, which is harmless but suboptimal. Fixes: 771ed689d2cd ("Btrfs: Optimize compressed writeback and reads") CC: stable(a)vger.kernel.org # 5.9+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index d5b3b15f7ab2..0726c82db309 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2310,7 +2310,7 @@ int extent_write_locked_range(struct inode *inode, u64 start, u64 end) struct writeback_control wbc_writepages = { .sync_mode = WB_SYNC_ALL, .range_start = start, - .range_end = end + 1, + .range_end = end, .no_cgroup_owner = 1, }; struct btrfs_bio_ctrl bio_ctrl = {

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix range_end calculation in extent_write_locked_range" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071603-hangup-pegboard-8db1@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01f Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:50 +0200 Subject: [PATCH] btrfs: fix range_end calculation in extent_write_locked_range The range_end field in struct writeback_control is inclusive, just like the end parameter passed to extent_write_locked_range. Not doing this could cause extra writeout, which is harmless but suboptimal. Fixes: 771ed689d2cd ("Btrfs: Optimize compressed writeback and reads") CC: stable(a)vger.kernel.org # 5.9+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index d5b3b15f7ab2..0726c82db309 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2310,7 +2310,7 @@ int extent_write_locked_range(struct inode *inode, u64 start, u64 end) struct writeback_control wbc_writepages = { .sync_mode = WB_SYNC_ALL, .range_start = start, - .range_end = end + 1, + .range_end = end, .no_cgroup_owner = 1, }; struct btrfs_bio_ctrl bio_ctrl = {

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix range_end calculation in extent_write_locked_range" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071602-swinger-darn-2b82@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01f Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:50 +0200 Subject: [PATCH] btrfs: fix range_end calculation in extent_write_locked_range The range_end field in struct writeback_control is inclusive, just like the end parameter passed to extent_write_locked_range. Not doing this could cause extra writeout, which is harmless but suboptimal. Fixes: 771ed689d2cd ("Btrfs: Optimize compressed writeback and reads") CC: stable(a)vger.kernel.org # 5.9+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index d5b3b15f7ab2..0726c82db309 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2310,7 +2310,7 @@ int extent_write_locked_range(struct inode *inode, u64 start, u64 end) struct writeback_control wbc_writepages = { .sync_mode = WB_SYNC_ALL, .range_start = start, - .range_end = end + 1, + .range_end = end, .no_cgroup_owner = 1, }; struct btrfs_bio_ctrl bio_ctrl = {

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix range_end calculation in extent_write_locked_range" failed to apply to 6.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.4.y git checkout FETCH_HEAD git cherry-pick -x 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071601-bagged-chunk-6945@gregkh' --subject-prefix 'PATCH 6.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36614a3beba33a05ad78d4dcb9aa1d00e8a7d01f Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:50 +0200 Subject: [PATCH] btrfs: fix range_end calculation in extent_write_locked_range The range_end field in struct writeback_control is inclusive, just like the end parameter passed to extent_write_locked_range. Not doing this could cause extra writeout, which is harmless but suboptimal. Fixes: 771ed689d2cd ("Btrfs: Optimize compressed writeback and reads") CC: stable(a)vger.kernel.org # 5.9+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index d5b3b15f7ab2..0726c82db309 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -2310,7 +2310,7 @@ int extent_write_locked_range(struct inode *inode, u64 start, u64 end) struct writeback_control wbc_writepages = { .sync_mode = WB_SYNC_ALL, .range_start = start, - .range_end = end + 1, + .range_end = end, .no_cgroup_owner = 1, }; struct btrfs_bio_ctrl bio_ctrl = {

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix fsverify read error handling in end_page_read" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 2c14f0ffdd30bd3d321ad5fe76fcf701746e1df6 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071649-pushcart-bobtail-27e7@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 2c14f0ffdd30 ("btrfs: fix fsverify read error handling in end_page_read") ed9ee98ecb4f ("btrfs: factor out a btrfs_verify_page helper") 0571b6357c5e ("btrfs: remove the io_failure_record infrastructure") 7609afac6775 ("btrfs: handle checksum validation and repair at the storage layer") 7276aa7d3825 ("btrfs: save the bio iter for checksum validation in common code") d0e5cb2be770 ("btrfs: add a btrfs_inode pointer to struct btrfs_bio") e0cfbb2ccabb ("btrfs: better document struct btrfs_bio") bacf60e51586 ("btrfs: move repair_io_failure to bio.c") 103c19723c80 ("btrfs: split the bio submission path into a separate file") cb3e217bdb39 ("btrfs: use btrfs_dev_name() helper to handle missing devices better") 2c8f5e8cdf0f ("btrfs: remove leftover setting of EXTENT_UPTODATE state in an inode's io_tree") 947a629988f1 ("btrfs: move tree block parentness check into validate_extent_buffer()") 789d6a3a876e ("btrfs: concentrate all tree block parentness check parameters into one structure") 35da5a7edec3 ("btrfs: drop private_data parameter from extent_io_tree_init") 621af94af334 ("btrfs: pass btrfs_inode to btrfs_check_data_csum") bb41632ea7d2 ("btrfs: pass btrfs_inode to btrfs_submit_dio_bio") e2884c3d4456 ("btrfs: switch btrfs_dio_private::inode to btrfs_inode") d8f9268ece91 ("btrfs: pass btrfs_inode to btrfs_repair_one_sector") d781c1c315ce ("btrfs: pass btrfs_inode to btrfs_submit_dio_repair_bio") b762041629e7 ("btrfs: pass btrfs_inode to btrfs_submit_data_read_bio") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2c14f0ffdd30bd3d321ad5fe76fcf701746e1df6 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:52 +0200 Subject: [PATCH] btrfs: fix fsverify read error handling in end_page_read Also clear the uptodate bit to make sure the page isn't seen as uptodate in the page cache if fsverity verification fails. Fixes: 146054090b08 ("btrfs: initial fsverity support") CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index 8e42ce48b52e..a943a6622489 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -497,12 +497,8 @@ static void end_page_read(struct page *page, bool uptodate, u64 start, u32 len) ASSERT(page_offset(page) <= start && start + len <= page_offset(page) + PAGE_SIZE); - if (uptodate) { - if (!btrfs_verify_page(page, start)) { - btrfs_page_set_error(fs_info, page, start, len); - } else { - btrfs_page_set_uptodate(fs_info, page, start, len); - } + if (uptodate && btrfs_verify_page(page, start)) { + btrfs_page_set_uptodate(fs_info, page, start, len); } else { btrfs_page_clear_uptodate(fs_info, page, start, len); btrfs_page_set_error(fs_info, page, start, len);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix fsverify read error handling in end_page_read" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 2c14f0ffdd30bd3d321ad5fe76fcf701746e1df6 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071648-certainly-sculpture-22e3@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: 2c14f0ffdd30 ("btrfs: fix fsverify read error handling in end_page_read") ed9ee98ecb4f ("btrfs: factor out a btrfs_verify_page helper") 0571b6357c5e ("btrfs: remove the io_failure_record infrastructure") 7609afac6775 ("btrfs: handle checksum validation and repair at the storage layer") 7276aa7d3825 ("btrfs: save the bio iter for checksum validation in common code") d0e5cb2be770 ("btrfs: add a btrfs_inode pointer to struct btrfs_bio") e0cfbb2ccabb ("btrfs: better document struct btrfs_bio") bacf60e51586 ("btrfs: move repair_io_failure to bio.c") 103c19723c80 ("btrfs: split the bio submission path into a separate file") cb3e217bdb39 ("btrfs: use btrfs_dev_name() helper to handle missing devices better") 2c8f5e8cdf0f ("btrfs: remove leftover setting of EXTENT_UPTODATE state in an inode's io_tree") 947a629988f1 ("btrfs: move tree block parentness check into validate_extent_buffer()") 789d6a3a876e ("btrfs: concentrate all tree block parentness check parameters into one structure") 35da5a7edec3 ("btrfs: drop private_data parameter from extent_io_tree_init") 621af94af334 ("btrfs: pass btrfs_inode to btrfs_check_data_csum") bb41632ea7d2 ("btrfs: pass btrfs_inode to btrfs_submit_dio_bio") e2884c3d4456 ("btrfs: switch btrfs_dio_private::inode to btrfs_inode") d8f9268ece91 ("btrfs: pass btrfs_inode to btrfs_repair_one_sector") d781c1c315ce ("btrfs: pass btrfs_inode to btrfs_submit_dio_repair_bio") b762041629e7 ("btrfs: pass btrfs_inode to btrfs_submit_data_read_bio") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2c14f0ffdd30bd3d321ad5fe76fcf701746e1df6 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:52 +0200 Subject: [PATCH] btrfs: fix fsverify read error handling in end_page_read Also clear the uptodate bit to make sure the page isn't seen as uptodate in the page cache if fsverity verification fails. Fixes: 146054090b08 ("btrfs: initial fsverity support") CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index 8e42ce48b52e..a943a6622489 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -497,12 +497,8 @@ static void end_page_read(struct page *page, bool uptodate, u64 start, u32 len) ASSERT(page_offset(page) <= start && start + len <= page_offset(page) + PAGE_SIZE); - if (uptodate) { - if (!btrfs_verify_page(page, start)) { - btrfs_page_set_error(fs_info, page, start, len); - } else { - btrfs_page_set_uptodate(fs_info, page, start, len); - } + if (uptodate && btrfs_verify_page(page, start)) { + btrfs_page_set_uptodate(fs_info, page, start, len); } else { btrfs_page_clear_uptodate(fs_info, page, start, len); btrfs_page_set_error(fs_info, page, start, len);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix fsverify read error handling in end_page_read" failed to apply to 6.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.4.y git checkout FETCH_HEAD git cherry-pick -x 2c14f0ffdd30bd3d321ad5fe76fcf701746e1df6 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071642-refinish-raking-4c3a@gregkh' --subject-prefix 'PATCH 6.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2c14f0ffdd30bd3d321ad5fe76fcf701746e1df6 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Wed, 31 May 2023 08:04:52 +0200 Subject: [PATCH] btrfs: fix fsverify read error handling in end_page_read Also clear the uptodate bit to make sure the page isn't seen as uptodate in the page cache if fsverity verification fails. Fixes: 146054090b08 ("btrfs: initial fsverity support") CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index 8e42ce48b52e..a943a6622489 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -497,12 +497,8 @@ static void end_page_read(struct page *page, bool uptodate, u64 start, u32 len) ASSERT(page_offset(page) <= start && start + len <= page_offset(page) + PAGE_SIZE); - if (uptodate) { - if (!btrfs_verify_page(page, start)) { - btrfs_page_set_error(fs_info, page, start, len); - } else { - btrfs_page_set_uptodate(fs_info, page, start, len); - } + if (uptodate && btrfs_verify_page(page, start)) { + btrfs_page_set_uptodate(fs_info, page, start, len); } else { btrfs_page_clear_uptodate(fs_info, page, start, len); btrfs_page_set_error(fs_info, page, start, len);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix dirty_metadata_bytes for redirtied buffers" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x f18cc97845aa4ae0e795c088c979fe1642b3b8e5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071617-same-snowbird-770b@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: f18cc97845aa ("btrfs: fix dirty_metadata_bytes for redirtied buffers") 98c8d683c291 ("btrfs: combine btrfs_clear_buffer_dirty and clear_extent_buffer_dirty") 190a83391bc4 ("btrfs: rename btrfs_clean_tree_block to btrfs_clear_buffer_dirty") c4e54a657116 ("btrfs: replace clearing extent buffer dirty bit with btrfs_clean_block") ed25dab3a0d1 ("btrfs: add trans argument to btrfs_clean_tree_block") d3fb66150c05 ("btrfs: always lock the block before calling btrfs_clean_tree_block") 7f0add250f82 ("btrfs: move super_block specific helpers into super.h") c03b22076bd2 ("btrfs: move super prototypes into super.h") 5c11adcc383a ("btrfs: move verity prototypes into verity.h") 77407dc032e2 ("btrfs: move dev-replace prototypes into dev-replace.h") 2fc6822c99d7 ("btrfs: move scrub prototypes into scrub.h") 677074792a1d ("btrfs: move relocation prototypes into relocation.h") 33cf97a7b658 ("btrfs: move acl prototypes into acl.h") b538a271ae9b ("btrfs: move the 32bit warn defines into messages.h") af142b6f44d3 ("btrfs: move file prototypes to file.h") 7572dec8f522 ("btrfs: move ioctl prototypes into ioctl.h") c7a03b524d30 ("btrfs: move uuid tree prototypes to uuid-tree.h") 7c8ede162805 ("btrfs: move file-item prototypes into their own header") f2b39277b87d ("btrfs: move dir-item prototypes into dir-item.h") 59b818e064ab ("btrfs: move defrag related prototypes to their own header") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f18cc97845aa4ae0e795c088c979fe1642b3b8e5 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Mon, 8 May 2023 07:58:38 -0700 Subject: [PATCH] btrfs: fix dirty_metadata_bytes for redirtied buffers dirty_metadata_bytes is decremented in both places that clear the dirty bit in a buffer, but only incremented in btrfs_mark_buffer_dirty, which means that a buffer that is redirtied using btrfs_redirty_list_add won't be added to dirty_metadata_bytes, but it will be subtracted when written out, leading an inconsistency in the counter. Move the dirty_metadata_bytes from btrfs_mark_buffer_dirty into set_extent_buffer_dirty to also account for the redirty case, and remove the now unused set_extent_buffer_dirty return value. Fixes: d3575156f662 ("btrfs: zoned: redirty released extent buffers") CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Naohiro Aota <naohiro.aota(a)wdc.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c index 83518ed71bfd..112c99dde57f 100644 --- a/fs/btrfs/disk-io.c +++ b/fs/btrfs/disk-io.c @@ -4621,7 +4621,6 @@ void btrfs_mark_buffer_dirty(struct extent_buffer *buf) { struct btrfs_fs_info *fs_info = buf->fs_info; u64 transid = btrfs_header_generation(buf); - int was_dirty; #ifdef CONFIG_BTRFS_FS_RUN_SANITY_TESTS /* @@ -4636,11 +4635,7 @@ void btrfs_mark_buffer_dirty(struct extent_buffer *buf) if (transid != fs_info->generation) WARN(1, KERN_CRIT "btrfs transid mismatch buffer %llu, found %llu running %llu\n", buf->start, transid, fs_info->generation); - was_dirty = set_extent_buffer_dirty(buf); - if (!was_dirty) - percpu_counter_add_batch(&fs_info->dirty_metadata_bytes, - buf->len, - fs_info->dirty_metadata_batch); + set_extent_buffer_dirty(buf); #ifdef CONFIG_BTRFS_FS_CHECK_INTEGRITY /* * btrfs_check_leaf() won't check item data if we don't have WRITTEN diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index a1adadd5d25d..a829390632a5 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -4148,7 +4148,7 @@ void btrfs_clear_buffer_dirty(struct btrfs_trans_handle *trans, WARN_ON(atomic_read(&eb->refs) == 0); } -bool set_extent_buffer_dirty(struct extent_buffer *eb) +void set_extent_buffer_dirty(struct extent_buffer *eb) { int i; int num_pages; @@ -4183,13 +4183,14 @@ bool set_extent_buffer_dirty(struct extent_buffer *eb) eb->start, eb->len); if (subpage) unlock_page(eb->pages[0]); + percpu_counter_add_batch(&eb->fs_info->dirty_metadata_bytes, + eb->len, + eb->fs_info->dirty_metadata_batch); } #ifdef CONFIG_BTRFS_DEBUG for (i = 0; i < num_pages; i++) ASSERT(PageDirty(eb->pages[i])); #endif - - return was_dirty; } void clear_extent_buffer_uptodate(struct extent_buffer *eb) diff --git a/fs/btrfs/extent_io.h b/fs/btrfs/extent_io.h index 4341ad978fb8..f937654230d3 100644 --- a/fs/btrfs/extent_io.h +++ b/fs/btrfs/extent_io.h @@ -262,7 +262,7 @@ void extent_buffer_bitmap_set(const struct extent_buffer *eb, unsigned long star void extent_buffer_bitmap_clear(const struct extent_buffer *eb, unsigned long start, unsigned long pos, unsigned long len); -bool set_extent_buffer_dirty(struct extent_buffer *eb); +void set_extent_buffer_dirty(struct extent_buffer *eb); void set_extent_buffer_uptodate(struct extent_buffer *eb); void clear_extent_buffer_uptodate(struct extent_buffer *eb); int extent_buffer_under_io(const struct extent_buffer *eb);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix dirty_metadata_bytes for redirtied buffers" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x f18cc97845aa4ae0e795c088c979fe1642b3b8e5 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071616-exact-egotistic-c92e@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: f18cc97845aa ("btrfs: fix dirty_metadata_bytes for redirtied buffers") 98c8d683c291 ("btrfs: combine btrfs_clear_buffer_dirty and clear_extent_buffer_dirty") 190a83391bc4 ("btrfs: rename btrfs_clean_tree_block to btrfs_clear_buffer_dirty") c4e54a657116 ("btrfs: replace clearing extent buffer dirty bit with btrfs_clean_block") ed25dab3a0d1 ("btrfs: add trans argument to btrfs_clean_tree_block") d3fb66150c05 ("btrfs: always lock the block before calling btrfs_clean_tree_block") 7f0add250f82 ("btrfs: move super_block specific helpers into super.h") c03b22076bd2 ("btrfs: move super prototypes into super.h") 5c11adcc383a ("btrfs: move verity prototypes into verity.h") 77407dc032e2 ("btrfs: move dev-replace prototypes into dev-replace.h") 2fc6822c99d7 ("btrfs: move scrub prototypes into scrub.h") 677074792a1d ("btrfs: move relocation prototypes into relocation.h") 33cf97a7b658 ("btrfs: move acl prototypes into acl.h") b538a271ae9b ("btrfs: move the 32bit warn defines into messages.h") af142b6f44d3 ("btrfs: move file prototypes to file.h") 7572dec8f522 ("btrfs: move ioctl prototypes into ioctl.h") c7a03b524d30 ("btrfs: move uuid tree prototypes to uuid-tree.h") 7c8ede162805 ("btrfs: move file-item prototypes into their own header") f2b39277b87d ("btrfs: move dir-item prototypes into dir-item.h") 59b818e064ab ("btrfs: move defrag related prototypes to their own header") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From f18cc97845aa4ae0e795c088c979fe1642b3b8e5 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig <hch(a)lst.de> Date: Mon, 8 May 2023 07:58:38 -0700 Subject: [PATCH] btrfs: fix dirty_metadata_bytes for redirtied buffers dirty_metadata_bytes is decremented in both places that clear the dirty bit in a buffer, but only incremented in btrfs_mark_buffer_dirty, which means that a buffer that is redirtied using btrfs_redirty_list_add won't be added to dirty_metadata_bytes, but it will be subtracted when written out, leading an inconsistency in the counter. Move the dirty_metadata_bytes from btrfs_mark_buffer_dirty into set_extent_buffer_dirty to also account for the redirty case, and remove the now unused set_extent_buffer_dirty return value. Fixes: d3575156f662 ("btrfs: zoned: redirty released extent buffers") CC: stable(a)vger.kernel.org # 5.15+ Reviewed-by: Naohiro Aota <naohiro.aota(a)wdc.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c index 83518ed71bfd..112c99dde57f 100644 --- a/fs/btrfs/disk-io.c +++ b/fs/btrfs/disk-io.c @@ -4621,7 +4621,6 @@ void btrfs_mark_buffer_dirty(struct extent_buffer *buf) { struct btrfs_fs_info *fs_info = buf->fs_info; u64 transid = btrfs_header_generation(buf); - int was_dirty; #ifdef CONFIG_BTRFS_FS_RUN_SANITY_TESTS /* @@ -4636,11 +4635,7 @@ void btrfs_mark_buffer_dirty(struct extent_buffer *buf) if (transid != fs_info->generation) WARN(1, KERN_CRIT "btrfs transid mismatch buffer %llu, found %llu running %llu\n", buf->start, transid, fs_info->generation); - was_dirty = set_extent_buffer_dirty(buf); - if (!was_dirty) - percpu_counter_add_batch(&fs_info->dirty_metadata_bytes, - buf->len, - fs_info->dirty_metadata_batch); + set_extent_buffer_dirty(buf); #ifdef CONFIG_BTRFS_FS_CHECK_INTEGRITY /* * btrfs_check_leaf() won't check item data if we don't have WRITTEN diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index a1adadd5d25d..a829390632a5 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -4148,7 +4148,7 @@ void btrfs_clear_buffer_dirty(struct btrfs_trans_handle *trans, WARN_ON(atomic_read(&eb->refs) == 0); } -bool set_extent_buffer_dirty(struct extent_buffer *eb) +void set_extent_buffer_dirty(struct extent_buffer *eb) { int i; int num_pages; @@ -4183,13 +4183,14 @@ bool set_extent_buffer_dirty(struct extent_buffer *eb) eb->start, eb->len); if (subpage) unlock_page(eb->pages[0]); + percpu_counter_add_batch(&eb->fs_info->dirty_metadata_bytes, + eb->len, + eb->fs_info->dirty_metadata_batch); } #ifdef CONFIG_BTRFS_DEBUG for (i = 0; i < num_pages; i++) ASSERT(PageDirty(eb->pages[i])); #endif - - return was_dirty; } void clear_extent_buffer_uptodate(struct extent_buffer *eb) diff --git a/fs/btrfs/extent_io.h b/fs/btrfs/extent_io.h index 4341ad978fb8..f937654230d3 100644 --- a/fs/btrfs/extent_io.h +++ b/fs/btrfs/extent_io.h @@ -262,7 +262,7 @@ void extent_buffer_bitmap_set(const struct extent_buffer *eb, unsigned long star void extent_buffer_bitmap_clear(const struct extent_buffer *eb, unsigned long start, unsigned long pos, unsigned long len); -bool set_extent_buffer_dirty(struct extent_buffer *eb); +void set_extent_buffer_dirty(struct extent_buffer *eb); void set_extent_buffer_uptodate(struct extent_buffer *eb); void clear_extent_buffer_uptodate(struct extent_buffer *eb); int extent_buffer_under_io(const struct extent_buffer *eb);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] nfsd: use vfs setgid helper" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 2d8ae8c417db284f598dffb178cc01e7db0f1821 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071623-graceful-breeder-217d@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 2d8ae8c417db ("nfsd: use vfs setgid helper") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 2d8ae8c417db284f598dffb178cc01e7db0f1821 Mon Sep 17 00:00:00 2001 From: Christian Brauner <brauner(a)kernel.org> Date: Tue, 2 May 2023 15:36:02 +0200 Subject: [PATCH] nfsd: use vfs setgid helper We've aligned setgid behavior over multiple kernel releases. The details can be found in commit cf619f891971 ("Merge tag 'fs.ovl.setgid.v6.2' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping") and commit 426b4ca2d6a5 ("Merge tag 'fs.setgid.v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux"). Consistent setgid stripping behavior is now encapsulated in the setattr_should_drop_sgid() helper which is used by all filesystems that strip setgid bits outside of vfs proper. Usually ATTR_KILL_SGID is raised in e.g., chown_common() and is subject to the setattr_should_drop_sgid() check to determine whether the setgid bit can be retained. Since nfsd is raising ATTR_KILL_SGID unconditionally it will cause notify_change() to strip it even if the caller had the necessary privileges to retain it. Ensure that nfsd only raises ATR_KILL_SGID if the caller lacks the necessary privileges to retain the setgid bit. Without this patch the setgid stripping tests in LTP will fail: > As you can see, the problem is S_ISGID (0002000) was dropped on a > non-group-executable file while chown was invoked by super-user, while [...] > fchown02.c:66: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700 [...] > chown02.c:57: TFAIL: testfile2: wrong mode permissions 0100700, expected 0102700 With this patch all tests pass. Reported-by: Sherry Yang <sherry.yang(a)oracle.com> Signed-off-by: Christian Brauner <brauner(a)kernel.org> Reviewed-by: Jeff Layton <jlayton(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c index db67f8e19344..0016bcc04a59 100644 --- a/fs/nfsd/vfs.c +++ b/fs/nfsd/vfs.c @@ -388,7 +388,9 @@ nfsd_sanitize_attrs(struct inode *inode, struct iattr *iap) iap->ia_mode &= ~S_ISGID; } else { /* set ATTR_KILL_* bits and let VFS handle it */ - iap->ia_valid |= (ATTR_KILL_SUID | ATTR_KILL_SGID); + iap->ia_valid |= ATTR_KILL_SUID; + iap->ia_valid |= + setattr_should_drop_sgid(&nop_mnt_idmap, inode); } } }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] wifi: ath10k: Serialize wake_tx_queue ops" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x b719ebc37a1eacd4fd4f1264f731b016e5ec0c6e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071615-caddy-transport-24a5@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: b719ebc37a1e ("wifi: ath10k: Serialize wake_tx_queue ops") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b719ebc37a1eacd4fd4f1264f731b016e5ec0c6e Mon Sep 17 00:00:00 2001 From: Alexander Wetzel <alexander(a)wetzel-home.de> Date: Thu, 23 Mar 2023 17:55:27 +0100 Subject: [PATCH] wifi: ath10k: Serialize wake_tx_queue ops Serialize the ath10k implementation of the wake_tx_queue ops. ath10k_mac_op_wake_tx_queue() must not run concurrent since it's using ieee80211_txq_schedule_start(). The intend of this patch is to sort out an issue discovered in the discussion referred to by the Link tag. I can't test it with real hardware and thus just implemented the per-ac queue lock Felix suggested. One obvious alternative to the per-ac lock would be to bring back the txqs_lock commit bb2edb733586 ("ath10k: migrate to mac80211 txq scheduling") dropped. Fixes: bb2edb733586 ("ath10k: migrate to mac80211 txq scheduling") Reported-by: Felix Fietkau <nbd(a)nbd.name> Link: https://lore.kernel.org/r/519b5bb9-8899-ae7c-4eff-f3116cdfdb56@nbd.name CC: <stable(a)vger.kernel.org> Signed-off-by: Alexander Wetzel <alexander(a)wetzel-home.de> Signed-off-by: Kalle Valo <quic_kvalo(a)quicinc.com> Link: https://lore.kernel.org/r/20230323165527.156414-1-alexander@wetzel-home.de diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c index 5eb131ab916f..533ed7169e11 100644 --- a/drivers/net/wireless/ath/ath10k/core.c +++ b/drivers/net/wireless/ath/ath10k/core.c @@ -3643,6 +3643,9 @@ struct ath10k *ath10k_core_create(size_t priv_size, struct device *dev, mutex_init(&ar->dump_mutex); spin_lock_init(&ar->data_lock); + for (int ac = 0; ac < IEEE80211_NUM_ACS; ac++) + spin_lock_init(&ar->queue_lock[ac]); + INIT_LIST_HEAD(&ar->peers); init_waitqueue_head(&ar->peer_mapping_wq); init_waitqueue_head(&ar->htt.empty_tx_wq); diff --git a/drivers/net/wireless/ath/ath10k/core.h b/drivers/net/wireless/ath/ath10k/core.h index f5de8ce8fb45..4b5239de4018 100644 --- a/drivers/net/wireless/ath/ath10k/core.h +++ b/drivers/net/wireless/ath/ath10k/core.h @@ -1170,6 +1170,9 @@ struct ath10k { /* protects shared structure data */ spinlock_t data_lock; + /* serialize wake_tx_queue calls per ac */ + spinlock_t queue_lock[IEEE80211_NUM_ACS]; + struct list_head arvifs; struct list_head peers; struct ath10k_peer *peer_map[ATH10K_MAX_NUM_PEER_IDS]; diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c index 7675858f069b..9c4bf2fdbc0f 100644 --- a/drivers/net/wireless/ath/ath10k/mac.c +++ b/drivers/net/wireless/ath/ath10k/mac.c @@ -4732,13 +4732,14 @@ static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw, { struct ath10k *ar = hw->priv; int ret; - u8 ac; + u8 ac = txq->ac; ath10k_htt_tx_txq_update(hw, txq); if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH) return; - ac = txq->ac; + spin_lock_bh(&ar->queue_lock[ac]); + ieee80211_txq_schedule_start(hw, ac); txq = ieee80211_next_txq(hw, ac); if (!txq) @@ -4753,6 +4754,7 @@ static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw, ath10k_htt_tx_txq_update(hw, txq); out: ieee80211_txq_schedule_end(hw, ac); + spin_unlock_bh(&ar->queue_lock[ac]); } /* Must not be called with conf_mutex held as workers can use that also. */

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] wifi: ath10k: Serialize wake_tx_queue ops" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x b719ebc37a1eacd4fd4f1264f731b016e5ec0c6e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071651-chill-scary-2f9f@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: b719ebc37a1e ("wifi: ath10k: Serialize wake_tx_queue ops") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b719ebc37a1eacd4fd4f1264f731b016e5ec0c6e Mon Sep 17 00:00:00 2001 From: Alexander Wetzel <alexander(a)wetzel-home.de> Date: Thu, 23 Mar 2023 17:55:27 +0100 Subject: [PATCH] wifi: ath10k: Serialize wake_tx_queue ops Serialize the ath10k implementation of the wake_tx_queue ops. ath10k_mac_op_wake_tx_queue() must not run concurrent since it's using ieee80211_txq_schedule_start(). The intend of this patch is to sort out an issue discovered in the discussion referred to by the Link tag. I can't test it with real hardware and thus just implemented the per-ac queue lock Felix suggested. One obvious alternative to the per-ac lock would be to bring back the txqs_lock commit bb2edb733586 ("ath10k: migrate to mac80211 txq scheduling") dropped. Fixes: bb2edb733586 ("ath10k: migrate to mac80211 txq scheduling") Reported-by: Felix Fietkau <nbd(a)nbd.name> Link: https://lore.kernel.org/r/519b5bb9-8899-ae7c-4eff-f3116cdfdb56@nbd.name CC: <stable(a)vger.kernel.org> Signed-off-by: Alexander Wetzel <alexander(a)wetzel-home.de> Signed-off-by: Kalle Valo <quic_kvalo(a)quicinc.com> Link: https://lore.kernel.org/r/20230323165527.156414-1-alexander@wetzel-home.de diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c index 5eb131ab916f..533ed7169e11 100644 --- a/drivers/net/wireless/ath/ath10k/core.c +++ b/drivers/net/wireless/ath/ath10k/core.c @@ -3643,6 +3643,9 @@ struct ath10k *ath10k_core_create(size_t priv_size, struct device *dev, mutex_init(&ar->dump_mutex); spin_lock_init(&ar->data_lock); + for (int ac = 0; ac < IEEE80211_NUM_ACS; ac++) + spin_lock_init(&ar->queue_lock[ac]); + INIT_LIST_HEAD(&ar->peers); init_waitqueue_head(&ar->peer_mapping_wq); init_waitqueue_head(&ar->htt.empty_tx_wq); diff --git a/drivers/net/wireless/ath/ath10k/core.h b/drivers/net/wireless/ath/ath10k/core.h index f5de8ce8fb45..4b5239de4018 100644 --- a/drivers/net/wireless/ath/ath10k/core.h +++ b/drivers/net/wireless/ath/ath10k/core.h @@ -1170,6 +1170,9 @@ struct ath10k { /* protects shared structure data */ spinlock_t data_lock; + /* serialize wake_tx_queue calls per ac */ + spinlock_t queue_lock[IEEE80211_NUM_ACS]; + struct list_head arvifs; struct list_head peers; struct ath10k_peer *peer_map[ATH10K_MAX_NUM_PEER_IDS]; diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c index 7675858f069b..9c4bf2fdbc0f 100644 --- a/drivers/net/wireless/ath/ath10k/mac.c +++ b/drivers/net/wireless/ath/ath10k/mac.c @@ -4732,13 +4732,14 @@ static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw, { struct ath10k *ar = hw->priv; int ret; - u8 ac; + u8 ac = txq->ac; ath10k_htt_tx_txq_update(hw, txq); if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH) return; - ac = txq->ac; + spin_lock_bh(&ar->queue_lock[ac]); + ieee80211_txq_schedule_start(hw, ac); txq = ieee80211_next_txq(hw, ac); if (!txq) @@ -4753,6 +4754,7 @@ static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw, ath10k_htt_tx_txq_update(hw, txq); out: ieee80211_txq_schedule_end(hw, ac); + spin_unlock_bh(&ar->queue_lock[ac]); } /* Must not be called with conf_mutex held as workers can use that also. */

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] wifi: ath10k: Serialize wake_tx_queue ops" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x b719ebc37a1eacd4fd4f1264f731b016e5ec0c6e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071638-cancel-excluding-0e69@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: b719ebc37a1e ("wifi: ath10k: Serialize wake_tx_queue ops") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From b719ebc37a1eacd4fd4f1264f731b016e5ec0c6e Mon Sep 17 00:00:00 2001 From: Alexander Wetzel <alexander(a)wetzel-home.de> Date: Thu, 23 Mar 2023 17:55:27 +0100 Subject: [PATCH] wifi: ath10k: Serialize wake_tx_queue ops Serialize the ath10k implementation of the wake_tx_queue ops. ath10k_mac_op_wake_tx_queue() must not run concurrent since it's using ieee80211_txq_schedule_start(). The intend of this patch is to sort out an issue discovered in the discussion referred to by the Link tag. I can't test it with real hardware and thus just implemented the per-ac queue lock Felix suggested. One obvious alternative to the per-ac lock would be to bring back the txqs_lock commit bb2edb733586 ("ath10k: migrate to mac80211 txq scheduling") dropped. Fixes: bb2edb733586 ("ath10k: migrate to mac80211 txq scheduling") Reported-by: Felix Fietkau <nbd(a)nbd.name> Link: https://lore.kernel.org/r/519b5bb9-8899-ae7c-4eff-f3116cdfdb56@nbd.name CC: <stable(a)vger.kernel.org> Signed-off-by: Alexander Wetzel <alexander(a)wetzel-home.de> Signed-off-by: Kalle Valo <quic_kvalo(a)quicinc.com> Link: https://lore.kernel.org/r/20230323165527.156414-1-alexander@wetzel-home.de diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c index 5eb131ab916f..533ed7169e11 100644 --- a/drivers/net/wireless/ath/ath10k/core.c +++ b/drivers/net/wireless/ath/ath10k/core.c @@ -3643,6 +3643,9 @@ struct ath10k *ath10k_core_create(size_t priv_size, struct device *dev, mutex_init(&ar->dump_mutex); spin_lock_init(&ar->data_lock); + for (int ac = 0; ac < IEEE80211_NUM_ACS; ac++) + spin_lock_init(&ar->queue_lock[ac]); + INIT_LIST_HEAD(&ar->peers); init_waitqueue_head(&ar->peer_mapping_wq); init_waitqueue_head(&ar->htt.empty_tx_wq); diff --git a/drivers/net/wireless/ath/ath10k/core.h b/drivers/net/wireless/ath/ath10k/core.h index f5de8ce8fb45..4b5239de4018 100644 --- a/drivers/net/wireless/ath/ath10k/core.h +++ b/drivers/net/wireless/ath/ath10k/core.h @@ -1170,6 +1170,9 @@ struct ath10k { /* protects shared structure data */ spinlock_t data_lock; + /* serialize wake_tx_queue calls per ac */ + spinlock_t queue_lock[IEEE80211_NUM_ACS]; + struct list_head arvifs; struct list_head peers; struct ath10k_peer *peer_map[ATH10K_MAX_NUM_PEER_IDS]; diff --git a/drivers/net/wireless/ath/ath10k/mac.c b/drivers/net/wireless/ath/ath10k/mac.c index 7675858f069b..9c4bf2fdbc0f 100644 --- a/drivers/net/wireless/ath/ath10k/mac.c +++ b/drivers/net/wireless/ath/ath10k/mac.c @@ -4732,13 +4732,14 @@ static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw, { struct ath10k *ar = hw->priv; int ret; - u8 ac; + u8 ac = txq->ac; ath10k_htt_tx_txq_update(hw, txq); if (ar->htt.tx_q_state.mode != HTT_TX_MODE_SWITCH_PUSH) return; - ac = txq->ac; + spin_lock_bh(&ar->queue_lock[ac]); + ieee80211_txq_schedule_start(hw, ac); txq = ieee80211_next_txq(hw, ac); if (!txq) @@ -4753,6 +4754,7 @@ static void ath10k_mac_op_wake_tx_queue(struct ieee80211_hw *hw, ath10k_htt_tx_txq_update(hw, txq); out: ieee80211_txq_schedule_end(hw, ac); + spin_unlock_bh(&ar->queue_lock[ac]); } /* Must not be called with conf_mutex held as workers can use that also. */

2 years, 5 months

1
0
0 0

Backport Request: ipvs: increase ip_vs_conn_tab_bits range for 64BIT

by Allen Pais

Hi Greg, Could you please pick the below commit for v6.3, v6.1 and v5.15 Upstream Commit: 04292c695f82 2023-05-16ipvs: increase ip_vs_conn_tab_bits range for 64BIT [Pablo Neira Ayuso] Thanks, Allen

2 years, 5 months

2
1
0 0

Mark dGPUs as devices

by Limonciello, Mario

Hi, A problem exists where dGPUs with type-C ports are considered power supplies that power the system. This leads to poor performance of the dGPU because graphics drivers like amdgpu use power_supply_is_system_supplied() to decide how to configure the dGPU. This has been fixed in 6.5-rc1 by marking dGPUs as "DEVICE". The logic to fix what to do when DEVICE is encountered was fixed in 6.4-rc4 and already backported to stable: 95339f40a8b6 ("power: supply: Fix logic checking if system is running from battery") So to wrap up the fix in stable kernels can you please backport: 6.4.y: a7fbfd44c020 ("usb: typec: ucsi: Mark dGPUs as DEVICE scope") 6.1.y: f510b0a3565b ("i2c: nvidia-gpu: Add ACPI property to align with device-tree") 430b38764fbb ("i2c: nvidia-gpu: Remove ccgx,firmware-build property") a7fbfd44c020 ("usb: typec: ucsi: Mark dGPUs as DEVICE scope") Thanks!

2 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x 36ce9d76b0a93bae799e27e4f5ac35478c676592 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071640-facedown-shrine-ada1@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: 36ce9d76b0a9 ("shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs") d7167b149943 ("fs_parse: fold fs_parameter_desc/fs_parameter_spec") 96cafb9ccb15 ("fs_parser: remove fs_parameter_description name field") cc3c0b533ab9 ("add prefix to fs_context->log") c80c98f0dc5d ("ceph_parse_param(), ceph_parse_mon_ips(): switch to passing fc_log") 7f5d38141e30 ("new primitive: __fs_parse()") 2c3f3dc31556 ("switch rbd and libceph to p_log-based primitives") 3fbb8d5554a1 ("struct p_log, variants of warnf() et.al. taking that one instead") 9f09f649ca33 ("teach logfc() to handle prefices, give it saner calling conventions") 5eede625297f ("fold struct fs_parameter_enum into struct constant_table") 2710c957a8ef ("fs_parse: get rid of ->enums") 0f89589a8c6f ("Pass consistent param->type to fs_parse()") f2aedb713c28 ("NFS: Add fs_context support.") e38bb238ed8c ("NFS: Convert mount option parsing to use functionality from fs_parser.h") e558100fda7e ("NFS: Do some tidying of the parsing code") 48be8a66cf98 ("NFS: Add a small buffer in nfs_fs_context to avoid string dup") cbd071b5daa0 ("NFS: Deindent nfs_fs_context_parse_option()") f8ee01e3e2c8 ("NFS: Split nfs_parse_mount_options()") 5eb005caf538 ("NFS: Rename struct nfs_parsed_mount_data to struct nfs_fs_context") e0a626b12474 ("NFS: Constify mount argument match tables") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36ce9d76b0a93bae799e27e4f5ac35478c676592 Mon Sep 17 00:00:00 2001 From: Roberto Sassu <roberto.sassu(a)huawei.com> Date: Wed, 7 Jun 2023 18:15:23 +0200 Subject: [PATCH] shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfs_init_fs_context() for the init_fs_context method, which allocates fc->s_fs_info, use ramfs_kill_sb() to free it and avoid a memory leak. Link: https://lkml.kernel.org/r/20230607161523.2876433-1-roberto.sassu@huaweiclou… Fixes: c3b1b1cbf002 ("ramfs: add support for "mode=" mount option") Signed-off-by: Roberto Sassu <roberto.sassu(a)huawei.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: David Howells <dhowells(a)redhat.com> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index 5ba580c78835..fef477c78107 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -278,7 +278,7 @@ int ramfs_init_fs_context(struct fs_context *fc) return 0; } -static void ramfs_kill_sb(struct super_block *sb) +void ramfs_kill_sb(struct super_block *sb) { kfree(sb->s_fs_info); kill_litter_super(sb); diff --git a/include/linux/ramfs.h b/include/linux/ramfs.h index 917528d102c4..d506dc63dd47 100644 --- a/include/linux/ramfs.h +++ b/include/linux/ramfs.h @@ -7,6 +7,7 @@ struct inode *ramfs_get_inode(struct super_block *sb, const struct inode *dir, umode_t mode, dev_t dev); extern int ramfs_init_fs_context(struct fs_context *fc); +extern void ramfs_kill_sb(struct super_block *sb); #ifdef CONFIG_MMU static inline int diff --git a/mm/shmem.c b/mm/shmem.c index 5e54ab5f61f2..c606ab89693a 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -4199,7 +4199,7 @@ static struct file_system_type shmem_fs_type = { .name = "tmpfs", .init_fs_context = ramfs_init_fs_context, .parameters = ramfs_fs_parameters, - .kill_sb = kill_litter_super, + .kill_sb = ramfs_kill_sb, .fs_flags = FS_USERNS_MOUNT, };

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 36ce9d76b0a93bae799e27e4f5ac35478c676592 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071639-deeply-cuddly-0824@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 36ce9d76b0a9 ("shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs") d7167b149943 ("fs_parse: fold fs_parameter_desc/fs_parameter_spec") 96cafb9ccb15 ("fs_parser: remove fs_parameter_description name field") cc3c0b533ab9 ("add prefix to fs_context->log") c80c98f0dc5d ("ceph_parse_param(), ceph_parse_mon_ips(): switch to passing fc_log") 7f5d38141e30 ("new primitive: __fs_parse()") 2c3f3dc31556 ("switch rbd and libceph to p_log-based primitives") 3fbb8d5554a1 ("struct p_log, variants of warnf() et.al. taking that one instead") 9f09f649ca33 ("teach logfc() to handle prefices, give it saner calling conventions") 5eede625297f ("fold struct fs_parameter_enum into struct constant_table") 2710c957a8ef ("fs_parse: get rid of ->enums") 0f89589a8c6f ("Pass consistent param->type to fs_parse()") f2aedb713c28 ("NFS: Add fs_context support.") e38bb238ed8c ("NFS: Convert mount option parsing to use functionality from fs_parser.h") e558100fda7e ("NFS: Do some tidying of the parsing code") 48be8a66cf98 ("NFS: Add a small buffer in nfs_fs_context to avoid string dup") cbd071b5daa0 ("NFS: Deindent nfs_fs_context_parse_option()") f8ee01e3e2c8 ("NFS: Split nfs_parse_mount_options()") 5eb005caf538 ("NFS: Rename struct nfs_parsed_mount_data to struct nfs_fs_context") e0a626b12474 ("NFS: Constify mount argument match tables") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36ce9d76b0a93bae799e27e4f5ac35478c676592 Mon Sep 17 00:00:00 2001 From: Roberto Sassu <roberto.sassu(a)huawei.com> Date: Wed, 7 Jun 2023 18:15:23 +0200 Subject: [PATCH] shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfs_init_fs_context() for the init_fs_context method, which allocates fc->s_fs_info, use ramfs_kill_sb() to free it and avoid a memory leak. Link: https://lkml.kernel.org/r/20230607161523.2876433-1-roberto.sassu@huaweiclou… Fixes: c3b1b1cbf002 ("ramfs: add support for "mode=" mount option") Signed-off-by: Roberto Sassu <roberto.sassu(a)huawei.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: David Howells <dhowells(a)redhat.com> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index 5ba580c78835..fef477c78107 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -278,7 +278,7 @@ int ramfs_init_fs_context(struct fs_context *fc) return 0; } -static void ramfs_kill_sb(struct super_block *sb) +void ramfs_kill_sb(struct super_block *sb) { kfree(sb->s_fs_info); kill_litter_super(sb); diff --git a/include/linux/ramfs.h b/include/linux/ramfs.h index 917528d102c4..d506dc63dd47 100644 --- a/include/linux/ramfs.h +++ b/include/linux/ramfs.h @@ -7,6 +7,7 @@ struct inode *ramfs_get_inode(struct super_block *sb, const struct inode *dir, umode_t mode, dev_t dev); extern int ramfs_init_fs_context(struct fs_context *fc); +extern void ramfs_kill_sb(struct super_block *sb); #ifdef CONFIG_MMU static inline int diff --git a/mm/shmem.c b/mm/shmem.c index 5e54ab5f61f2..c606ab89693a 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -4199,7 +4199,7 @@ static struct file_system_type shmem_fs_type = { .name = "tmpfs", .init_fs_context = ramfs_init_fs_context, .parameters = ramfs_fs_parameters, - .kill_sb = kill_litter_super, + .kill_sb = ramfs_kill_sb, .fs_flags = FS_USERNS_MOUNT, };

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 36ce9d76b0a93bae799e27e4f5ac35478c676592 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071638-barbecue-imaginary-c2c3@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 36ce9d76b0a9 ("shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs") d7167b149943 ("fs_parse: fold fs_parameter_desc/fs_parameter_spec") 96cafb9ccb15 ("fs_parser: remove fs_parameter_description name field") cc3c0b533ab9 ("add prefix to fs_context->log") c80c98f0dc5d ("ceph_parse_param(), ceph_parse_mon_ips(): switch to passing fc_log") 7f5d38141e30 ("new primitive: __fs_parse()") 2c3f3dc31556 ("switch rbd and libceph to p_log-based primitives") 3fbb8d5554a1 ("struct p_log, variants of warnf() et.al. taking that one instead") 9f09f649ca33 ("teach logfc() to handle prefices, give it saner calling conventions") 5eede625297f ("fold struct fs_parameter_enum into struct constant_table") 2710c957a8ef ("fs_parse: get rid of ->enums") 0f89589a8c6f ("Pass consistent param->type to fs_parse()") f2aedb713c28 ("NFS: Add fs_context support.") e38bb238ed8c ("NFS: Convert mount option parsing to use functionality from fs_parser.h") e558100fda7e ("NFS: Do some tidying of the parsing code") 48be8a66cf98 ("NFS: Add a small buffer in nfs_fs_context to avoid string dup") cbd071b5daa0 ("NFS: Deindent nfs_fs_context_parse_option()") f8ee01e3e2c8 ("NFS: Split nfs_parse_mount_options()") 5eb005caf538 ("NFS: Rename struct nfs_parsed_mount_data to struct nfs_fs_context") e0a626b12474 ("NFS: Constify mount argument match tables") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 36ce9d76b0a93bae799e27e4f5ac35478c676592 Mon Sep 17 00:00:00 2001 From: Roberto Sassu <roberto.sassu(a)huawei.com> Date: Wed, 7 Jun 2023 18:15:23 +0200 Subject: [PATCH] shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfs_init_fs_context() for the init_fs_context method, which allocates fc->s_fs_info, use ramfs_kill_sb() to free it and avoid a memory leak. Link: https://lkml.kernel.org/r/20230607161523.2876433-1-roberto.sassu@huaweiclou… Fixes: c3b1b1cbf002 ("ramfs: add support for "mode=" mount option") Signed-off-by: Roberto Sassu <roberto.sassu(a)huawei.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: David Howells <dhowells(a)redhat.com> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/fs/ramfs/inode.c b/fs/ramfs/inode.c index 5ba580c78835..fef477c78107 100644 --- a/fs/ramfs/inode.c +++ b/fs/ramfs/inode.c @@ -278,7 +278,7 @@ int ramfs_init_fs_context(struct fs_context *fc) return 0; } -static void ramfs_kill_sb(struct super_block *sb) +void ramfs_kill_sb(struct super_block *sb) { kfree(sb->s_fs_info); kill_litter_super(sb); diff --git a/include/linux/ramfs.h b/include/linux/ramfs.h index 917528d102c4..d506dc63dd47 100644 --- a/include/linux/ramfs.h +++ b/include/linux/ramfs.h @@ -7,6 +7,7 @@ struct inode *ramfs_get_inode(struct super_block *sb, const struct inode *dir, umode_t mode, dev_t dev); extern int ramfs_init_fs_context(struct fs_context *fc); +extern void ramfs_kill_sb(struct super_block *sb); #ifdef CONFIG_MMU static inline int diff --git a/mm/shmem.c b/mm/shmem.c index 5e54ab5f61f2..c606ab89693a 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -4199,7 +4199,7 @@ static struct file_system_type shmem_fs_type = { .name = "tmpfs", .init_fs_context = ramfs_init_fs_context, .parameters = ramfs_fs_parameters, - .kill_sb = kill_litter_super, + .kill_sb = ramfs_kill_sb, .fs_flags = FS_USERNS_MOUNT, };

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] um: Use HOST_DIR for mrproper" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x a5a319ec2c2236bb96d147c16196d2f1f3799301 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071628-dazzling-pretense-8a8d@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: a5a319ec2c22 ("um: Use HOST_DIR for mrproper") 0663c68c4d2d ("kbuild: remove {CLEAN,MRPROPER,DISTCLEAN}_DIRS") 610134b750bb ("kbuild: remove misleading stale FIXME comment") 63ec90f18204 ("um: ensure `make ARCH=um mrproper` removes arch/$(SUBARCH)/include/generated/") 8b41fc4454e3 ("kbuild: create modules.builtin without Makefile.modbuiltin or tristate.conf") b1fbfcb4a209 ("kbuild: make single target builds even faster") bbc55bded4aa ("modpost: dump missing namespaces into a single modules.nsdeps file") 0241ea8cae19 ("modpost: free ns_deps_buf.p after writing ns_deps files") bff9c62b5d20 ("modpost: do not invoke extra modpost for nsdeps") 35e046a203ee ("kbuild: remove unneeded variable, single-all") 39808e451fdf ("kbuild: do not read $(KBUILD_EXTMOD)/Module.symvers") 1747269ab016 ("modpost: do not parse vmlinux for external module builds") fab546e6cd7a ("kbuild: update comments in scripts/Makefile.modpost") 57baec7b1b04 ("scripts/nsdeps: make sure to pass all module source files to spatch") 09684950050b ("scripts/nsdeps: use alternative sed delimiter") e0703556644a ("Merge tag 'modules-for-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a5a319ec2c2236bb96d147c16196d2f1f3799301 Mon Sep 17 00:00:00 2001 From: Kees Cook <keescook(a)chromium.org> Date: Tue, 6 Jun 2023 15:24:45 -0700 Subject: [PATCH] um: Use HOST_DIR for mrproper When HEADER_ARCH was introduced, the MRPROPER_FILES (then MRPROPER_DIRS) list wasn't adjusted, leaving SUBARCH as part of the path argument. This resulted in the "mrproper" target not cleaning up arch/x86/... when SUBARCH was specified. Since HOST_DIR is arch/$(HEADER_ARCH), use it instead to get the correct path. Cc: Richard Weinberger <richard(a)nod.at> Cc: Anton Ivanov <anton.ivanov(a)cambridgegreys.com> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: Azeem Shaikh <azeemshaikh38(a)gmail.com> Cc: linux-um(a)lists.infradead.org Fixes: 7bbe7204e937 ("um: merge Makefile-{i386,x86_64}") Cc: stable(a)vger.kernel.org Signed-off-by: Kees Cook <keescook(a)chromium.org> Link: https://lore.kernel.org/r/20230606222442.never.807-kees@kernel.org diff --git a/arch/um/Makefile b/arch/um/Makefile index 8186d4761bda..da4d5256af2f 100644 --- a/arch/um/Makefile +++ b/arch/um/Makefile @@ -149,7 +149,7 @@ export CFLAGS_vmlinux := $(LINK-y) $(LINK_WRAPS) $(LD_FLAGS_CMDLINE) $(CC_FLAGS_ # When cleaning we don't include .config, so we don't include # TT or skas makefiles and don't clean skas_ptregs.h. CLEAN_FILES += linux x.i gmon.out -MRPROPER_FILES += arch/$(SUBARCH)/include/generated +MRPROPER_FILES += $(HOST_DIR)/include/generated archclean: @find . \( -name '*.bb' -o -name '*.bbg' -o -name '*.da' \

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] um: Use HOST_DIR for mrproper" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x a5a319ec2c2236bb96d147c16196d2f1f3799301 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071622-improving-scrambler-114b@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: a5a319ec2c22 ("um: Use HOST_DIR for mrproper") 0663c68c4d2d ("kbuild: remove {CLEAN,MRPROPER,DISTCLEAN}_DIRS") 610134b750bb ("kbuild: remove misleading stale FIXME comment") 63ec90f18204 ("um: ensure `make ARCH=um mrproper` removes arch/$(SUBARCH)/include/generated/") 8b41fc4454e3 ("kbuild: create modules.builtin without Makefile.modbuiltin or tristate.conf") b1fbfcb4a209 ("kbuild: make single target builds even faster") bbc55bded4aa ("modpost: dump missing namespaces into a single modules.nsdeps file") 0241ea8cae19 ("modpost: free ns_deps_buf.p after writing ns_deps files") bff9c62b5d20 ("modpost: do not invoke extra modpost for nsdeps") 35e046a203ee ("kbuild: remove unneeded variable, single-all") 39808e451fdf ("kbuild: do not read $(KBUILD_EXTMOD)/Module.symvers") 1747269ab016 ("modpost: do not parse vmlinux for external module builds") fab546e6cd7a ("kbuild: update comments in scripts/Makefile.modpost") 57baec7b1b04 ("scripts/nsdeps: make sure to pass all module source files to spatch") 09684950050b ("scripts/nsdeps: use alternative sed delimiter") e0703556644a ("Merge tag 'modules-for-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/jeyu/linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a5a319ec2c2236bb96d147c16196d2f1f3799301 Mon Sep 17 00:00:00 2001 From: Kees Cook <keescook(a)chromium.org> Date: Tue, 6 Jun 2023 15:24:45 -0700 Subject: [PATCH] um: Use HOST_DIR for mrproper When HEADER_ARCH was introduced, the MRPROPER_FILES (then MRPROPER_DIRS) list wasn't adjusted, leaving SUBARCH as part of the path argument. This resulted in the "mrproper" target not cleaning up arch/x86/... when SUBARCH was specified. Since HOST_DIR is arch/$(HEADER_ARCH), use it instead to get the correct path. Cc: Richard Weinberger <richard(a)nod.at> Cc: Anton Ivanov <anton.ivanov(a)cambridgegreys.com> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: Azeem Shaikh <azeemshaikh38(a)gmail.com> Cc: linux-um(a)lists.infradead.org Fixes: 7bbe7204e937 ("um: merge Makefile-{i386,x86_64}") Cc: stable(a)vger.kernel.org Signed-off-by: Kees Cook <keescook(a)chromium.org> Link: https://lore.kernel.org/r/20230606222442.never.807-kees@kernel.org diff --git a/arch/um/Makefile b/arch/um/Makefile index 8186d4761bda..da4d5256af2f 100644 --- a/arch/um/Makefile +++ b/arch/um/Makefile @@ -149,7 +149,7 @@ export CFLAGS_vmlinux := $(LINK-y) $(LINK_WRAPS) $(LD_FLAGS_CMDLINE) $(CC_FLAGS_ # When cleaning we don't include .config, so we don't include # TT or skas makefiles and don't clean skas_ptregs.h. CLEAN_FILES += linux x.i gmon.out -MRPROPER_FILES += arch/$(SUBARCH)/include/generated +MRPROPER_FILES += $(HOST_DIR)/include/generated archclean: @find . \( -name '*.bb' -o -name '*.bbg' -o -name '*.da' \

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] um: Use HOST_DIR for mrproper" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x a5a319ec2c2236bb96d147c16196d2f1f3799301 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071621-diary-henchman-76a2@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: a5a319ec2c22 ("um: Use HOST_DIR for mrproper") 0663c68c4d2d ("kbuild: remove {CLEAN,MRPROPER,DISTCLEAN}_DIRS") 610134b750bb ("kbuild: remove misleading stale FIXME comment") 63ec90f18204 ("um: ensure `make ARCH=um mrproper` removes arch/$(SUBARCH)/include/generated/") 8b41fc4454e3 ("kbuild: create modules.builtin without Makefile.modbuiltin or tristate.conf") b1fbfcb4a209 ("kbuild: make single target builds even faster") bbc55bded4aa ("modpost: dump missing namespaces into a single modules.nsdeps file") 0241ea8cae19 ("modpost: free ns_deps_buf.p after writing ns_deps files") bff9c62b5d20 ("modpost: do not invoke extra modpost for nsdeps") 35e046a203ee ("kbuild: remove unneeded variable, single-all") 39808e451fdf ("kbuild: do not read $(KBUILD_EXTMOD)/Module.symvers") 1747269ab016 ("modpost: do not parse vmlinux for external module builds") fab546e6cd7a ("kbuild: update comments in scripts/Makefile.modpost") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From a5a319ec2c2236bb96d147c16196d2f1f3799301 Mon Sep 17 00:00:00 2001 From: Kees Cook <keescook(a)chromium.org> Date: Tue, 6 Jun 2023 15:24:45 -0700 Subject: [PATCH] um: Use HOST_DIR for mrproper When HEADER_ARCH was introduced, the MRPROPER_FILES (then MRPROPER_DIRS) list wasn't adjusted, leaving SUBARCH as part of the path argument. This resulted in the "mrproper" target not cleaning up arch/x86/... when SUBARCH was specified. Since HOST_DIR is arch/$(HEADER_ARCH), use it instead to get the correct path. Cc: Richard Weinberger <richard(a)nod.at> Cc: Anton Ivanov <anton.ivanov(a)cambridgegreys.com> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: Azeem Shaikh <azeemshaikh38(a)gmail.com> Cc: linux-um(a)lists.infradead.org Fixes: 7bbe7204e937 ("um: merge Makefile-{i386,x86_64}") Cc: stable(a)vger.kernel.org Signed-off-by: Kees Cook <keescook(a)chromium.org> Link: https://lore.kernel.org/r/20230606222442.never.807-kees@kernel.org diff --git a/arch/um/Makefile b/arch/um/Makefile index 8186d4761bda..da4d5256af2f 100644 --- a/arch/um/Makefile +++ b/arch/um/Makefile @@ -149,7 +149,7 @@ export CFLAGS_vmlinux := $(LINK-y) $(LINK_WRAPS) $(LD_FLAGS_CMDLINE) $(CC_FLAGS_ # When cleaning we don't include .config, so we don't include # TT or skas makefiles and don't clean skas_ptregs.h. CLEAN_FILES += linux x.i gmon.out -MRPROPER_FILES += arch/$(SUBARCH)/include/generated +MRPROPER_FILES += $(HOST_DIR)/include/generated archclean: @find . \( -name '*.bb' -o -name '*.bbg' -o -name '*.da' \

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] bcache: Fix __bch_btree_node_alloc to make the failure" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x 80fca8a10b604afad6c14213fdfd816c4eda3ee4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071622-crablike-glaucoma-f28c@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: 80fca8a10b60 ("bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent") 17e4aed8309f ("bcache: remove 'int n' from parameter list of bch_bucket_alloc_set()") 8792099f9ad4 ("bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set") fc2d5988b597 ("bcache: add identifier names to arguments of function definitions") 6f10f7d1b02b ("bcache: style fix to replace 'unsigned' by 'unsigned int'") ea8c5356d390 ("bcache: set max writeback rate when I/O request is idle") b467a6ac0b4b ("bcache: add code comments for bset.c") b4cb6efc1af7 ("bcache: display rate debug parameters to 0 when writeback is not running") 94f71c16062e ("bcache: fix I/O significant decline while backend devices registering") 99a27d59bd7b ("bcache: simplify the calculation of the total amount of flash dirty data") ddcf35d39797 ("block: Add and use op_stat_group() for indexing disk_stat fields.") 3f289dcb4b26 ("block: make bdev_ops->rw_page() take a REQ_OP instead of bool") 0f0709e6bfc3 ("bcache: stop bcache device when backing device is offline") 522a777566f5 ("block: consolidate struct request timestamp fields") 4bc6339a583c ("block: move blk_stat_add() to __blk_mq_end_request()") 84c7afcebed9 ("block: use ktime_get_ns() instead of sched_clock() for cfq and bfq") 544ccc8dc904 ("block: get rid of struct blk_issue_stat") a8a45941706b ("block: pass struct request instead of struct blk_issue_stat to wbt") 934031a12980 ("block: move some wbt helpers to blk-wbt.c") 782f569774d7 ("blk-wbt: throttle discards like background writes") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 80fca8a10b604afad6c14213fdfd816c4eda3ee4 Mon Sep 17 00:00:00 2001 From: Zheng Wang <zyytlz.wz(a)163.com> Date: Thu, 15 Jun 2023 20:12:22 +0800 Subject: [PATCH] bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer dereference in caller function like a calling chain : btree_split->bch_btree_node_alloc->__bch_btree_node_alloc. Fix it by initializing the return value in __bch_btree_node_alloc. Fixes: cafe56359144 ("bcache: A block layer cache") Cc: stable(a)vger.kernel.org Signed-off-by: Zheng Wang <zyytlz.wz(a)163.com> Signed-off-by: Coly Li <colyli(a)suse.de> Link: https://lore.kernel.org/r/20230615121223.22502-6-colyli@suse.de Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c index 7c21e54468bf..0ddf91204782 100644 --- a/drivers/md/bcache/btree.c +++ b/drivers/md/bcache/btree.c @@ -1090,10 +1090,12 @@ struct btree *__bch_btree_node_alloc(struct cache_set *c, struct btree_op *op, struct btree *parent) { BKEY_PADDED(key) k; - struct btree *b = ERR_PTR(-EAGAIN); + struct btree *b; mutex_lock(&c->bucket_lock); retry: + /* return ERR_PTR(-EAGAIN) when it fails */ + b = ERR_PTR(-EAGAIN); if (__bch_bucket_alloc_set(c, RESERVE_BTREE, &k.key, wait)) goto err;

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] bcache: Fix __bch_btree_node_alloc to make the failure" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 80fca8a10b604afad6c14213fdfd816c4eda3ee4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071621-lubricate-dragging-07c6@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 80fca8a10b60 ("bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent") 17e4aed8309f ("bcache: remove 'int n' from parameter list of bch_bucket_alloc_set()") 8792099f9ad4 ("bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 80fca8a10b604afad6c14213fdfd816c4eda3ee4 Mon Sep 17 00:00:00 2001 From: Zheng Wang <zyytlz.wz(a)163.com> Date: Thu, 15 Jun 2023 20:12:22 +0800 Subject: [PATCH] bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer dereference in caller function like a calling chain : btree_split->bch_btree_node_alloc->__bch_btree_node_alloc. Fix it by initializing the return value in __bch_btree_node_alloc. Fixes: cafe56359144 ("bcache: A block layer cache") Cc: stable(a)vger.kernel.org Signed-off-by: Zheng Wang <zyytlz.wz(a)163.com> Signed-off-by: Coly Li <colyli(a)suse.de> Link: https://lore.kernel.org/r/20230615121223.22502-6-colyli@suse.de Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c index 7c21e54468bf..0ddf91204782 100644 --- a/drivers/md/bcache/btree.c +++ b/drivers/md/bcache/btree.c @@ -1090,10 +1090,12 @@ struct btree *__bch_btree_node_alloc(struct cache_set *c, struct btree_op *op, struct btree *parent) { BKEY_PADDED(key) k; - struct btree *b = ERR_PTR(-EAGAIN); + struct btree *b; mutex_lock(&c->bucket_lock); retry: + /* return ERR_PTR(-EAGAIN) when it fails */ + b = ERR_PTR(-EAGAIN); if (__bch_bucket_alloc_set(c, RESERVE_BTREE, &k.key, wait)) goto err;

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] bcache: Fix __bch_btree_node_alloc to make the failure" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 80fca8a10b604afad6c14213fdfd816c4eda3ee4 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071620-dangling-strike-bfaa@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 80fca8a10b60 ("bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent") 17e4aed8309f ("bcache: remove 'int n' from parameter list of bch_bucket_alloc_set()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 80fca8a10b604afad6c14213fdfd816c4eda3ee4 Mon Sep 17 00:00:00 2001 From: Zheng Wang <zyytlz.wz(a)163.com> Date: Thu, 15 Jun 2023 20:12:22 +0800 Subject: [PATCH] bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent In some specific situations, the return value of __bch_btree_node_alloc may be NULL. This may lead to a potential NULL pointer dereference in caller function like a calling chain : btree_split->bch_btree_node_alloc->__bch_btree_node_alloc. Fix it by initializing the return value in __bch_btree_node_alloc. Fixes: cafe56359144 ("bcache: A block layer cache") Cc: stable(a)vger.kernel.org Signed-off-by: Zheng Wang <zyytlz.wz(a)163.com> Signed-off-by: Coly Li <colyli(a)suse.de> Link: https://lore.kernel.org/r/20230615121223.22502-6-colyli@suse.de Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c index 7c21e54468bf..0ddf91204782 100644 --- a/drivers/md/bcache/btree.c +++ b/drivers/md/bcache/btree.c @@ -1090,10 +1090,12 @@ struct btree *__bch_btree_node_alloc(struct cache_set *c, struct btree_op *op, struct btree *parent) { BKEY_PADDED(key) k; - struct btree *b = ERR_PTR(-EAGAIN); + struct btree *b; mutex_lock(&c->bucket_lock); retry: + /* return ERR_PTR(-EAGAIN) when it fails */ + b = ERR_PTR(-EAGAIN); if (__bch_bucket_alloc_set(c, RESERVE_BTREE, &k.key, wait)) goto err;

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] bcache: Remove unnecessary NULL point check in node" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x 028ddcac477b691dd9205c92f991cc15259d033e # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071604-panning-specimen-6e1a@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: 028ddcac477b ("bcache: Remove unnecessary NULL point check in node allocations") 1fae7cf05293 ("bcache: style fix to add a blank line after declarations") 6f10f7d1b02b ("bcache: style fix to replace 'unsigned' by 'unsigned int'") ea8c5356d390 ("bcache: set max writeback rate when I/O request is idle") b467a6ac0b4b ("bcache: add code comments for bset.c") b4cb6efc1af7 ("bcache: display rate debug parameters to 0 when writeback is not running") 94f71c16062e ("bcache: fix I/O significant decline while backend devices registering") 99a27d59bd7b ("bcache: simplify the calculation of the total amount of flash dirty data") ddcf35d39797 ("block: Add and use op_stat_group() for indexing disk_stat fields.") 3f289dcb4b26 ("block: make bdev_ops->rw_page() take a REQ_OP instead of bool") d19936a26658 ("bcache: convert to bioset_init()/mempool_init()") 0f0709e6bfc3 ("bcache: stop bcache device when backing device is offline") 522a777566f5 ("block: consolidate struct request timestamp fields") 4bc6339a583c ("block: move blk_stat_add() to __blk_mq_end_request()") 84c7afcebed9 ("block: use ktime_get_ns() instead of sched_clock() for cfq and bfq") 544ccc8dc904 ("block: get rid of struct blk_issue_stat") a8a45941706b ("block: pass struct request instead of struct blk_issue_stat to wbt") 934031a12980 ("block: move some wbt helpers to blk-wbt.c") 782f569774d7 ("blk-wbt: throttle discards like background writes") 8bea60901974 ("blk-wbt: pass in enum wbt_flags to get_rq_wait()") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 028ddcac477b691dd9205c92f991cc15259d033e Mon Sep 17 00:00:00 2001 From: Zheng Wang <zyytlz.wz(a)163.com> Date: Thu, 15 Jun 2023 20:12:21 +0800 Subject: [PATCH] bcache: Remove unnecessary NULL point check in node allocations Due to the previous fix of __bch_btree_node_alloc, the return value will never be a NULL pointer. So IS_ERR is enough to handle the failure situation. Fix it by replacing IS_ERR_OR_NULL check by an IS_ERR check. Fixes: cafe56359144 ("bcache: A block layer cache") Cc: stable(a)vger.kernel.org Signed-off-by: Zheng Wang <zyytlz.wz(a)163.com> Signed-off-by: Coly Li <colyli(a)suse.de> Link: https://lore.kernel.org/r/20230615121223.22502-5-colyli@suse.de Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/drivers/md/bcache/btree.c b/drivers/md/bcache/btree.c index 147c493a989a..7c21e54468bf 100644 --- a/drivers/md/bcache/btree.c +++ b/drivers/md/bcache/btree.c @@ -1138,7 +1138,7 @@ static struct btree *btree_node_alloc_replacement(struct btree *b, { struct btree *n = bch_btree_node_alloc(b->c, op, b->level, b->parent); - if (!IS_ERR_OR_NULL(n)) { + if (!IS_ERR(n)) { mutex_lock(&n->write_lock); bch_btree_sort_into(&b->keys, &n->keys, &b->c->sort); bkey_copy_key(&n->key, &b->key); @@ -1340,7 +1340,7 @@ static int btree_gc_coalesce(struct btree *b, struct btree_op *op, memset(new_nodes, 0, sizeof(new_nodes)); closure_init_stack(&cl); - while (nodes < GC_MERGE_NODES && !IS_ERR_OR_NULL(r[nodes].b)) + while (nodes < GC_MERGE_NODES && !IS_ERR(r[nodes].b)) keys += r[nodes++].keys; blocks = btree_default_blocks(b->c) * 2 / 3; @@ -1352,7 +1352,7 @@ static int btree_gc_coalesce(struct btree *b, struct btree_op *op, for (i = 0; i < nodes; i++) { new_nodes[i] = btree_node_alloc_replacement(r[i].b, NULL); - if (IS_ERR_OR_NULL(new_nodes[i])) + if (IS_ERR(new_nodes[i])) goto out_nocoalesce; } @@ -1487,7 +1487,7 @@ out_nocoalesce: bch_keylist_free(&keylist); for (i = 0; i < nodes; i++) - if (!IS_ERR_OR_NULL(new_nodes[i])) { + if (!IS_ERR(new_nodes[i])) { btree_node_free(new_nodes[i]); rw_unlock(true, new_nodes[i]); } @@ -1669,7 +1669,7 @@ static int bch_btree_gc_root(struct btree *b, struct btree_op *op, if (should_rewrite) { n = btree_node_alloc_replacement(b, NULL); - if (!IS_ERR_OR_NULL(n)) { + if (!IS_ERR(n)) { bch_btree_node_write_sync(n); bch_btree_set_root(n); diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c index 1f829e74db0a..e2a803683105 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -1723,7 +1723,7 @@ static void cache_set_flush(struct closure *cl) if (!IS_ERR_OR_NULL(c->gc_thread)) kthread_stop(c->gc_thread); - if (!IS_ERR_OR_NULL(c->root)) + if (!IS_ERR(c->root)) list_add(&c->root->list, &c->btree_cache); /* @@ -2087,7 +2087,7 @@ static int run_cache_set(struct cache_set *c) err = "cannot allocate new btree root"; c->root = __bch_btree_node_alloc(c, NULL, 0, true, NULL); - if (IS_ERR_OR_NULL(c->root)) + if (IS_ERR(c->root)) goto err; mutex_lock(&c->root->write_lock);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] wifi: mt76: mt7921e: fix init command fail with enabled" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 525c469e5de9bf7e53574396196e80fc716ac9eb # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071604-urgency-jiffy-cbcf@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 525c469e5de9 ("wifi: mt76: mt7921e: fix init command fail with enabled device") 28fec923d240 ("mt76: connac: move mt76_connac2_load_patch in connac module") b9ec27102ac0 ("mt76: connac: move mt76_connac2_load_ram in connac module") c132fc7d83bb ("mt76: mt7921: move fw toggle in mt7921_load_firmware") 3d8c636c3e9e ("mt76: connac: move shared fw structures in connac module") a55a0c701c12 ("mt76: mt7921s: fix firmware download random fail") 99ad32a4ca3a ("mt76: mt7915: add support for MT7986") ade25ca7950b ("mt76: mt7915: fix mcs_map in mt7915_mcu_set_sta_he_mcs()") 11005b18f453 ("mt76: mt7921s: fix a possible memory leak in mt7921_load_patch") 4a74ecc8f0f6 ("mt76: connac: move mt76_connac_lmac_mapping in mt76-connac module") 602cc0c9618a ("mt76: mt7921e: fix possible probe failure after reboot") 97cef84d1043 ("mt76: connac: move mt76_connac_mcu_rdd_cmd in mt76-connac module") 9e90c3511041 ("mt76: connac: move mt76_connac_mcu_gen_dl_mode in mt76-connac module") a6ef46fcccf2 ("mt76: mt7915: rely on mt76_connac_mcu_init_download") ad1a2333350f ("mt76: mt7915: rely on mt76_connac_mcu_patch_sem_ctrl/mt76_connac_mcu_start_patch") ae90bdd6ad54 ("mt76: connac: move mt76_connac_mcu_restart in common module") 3dc531b92b69 ("mt76: mt7915: rely on mt76_connac_mcu_start_firmware") 48d743d185a5 ("mt76: connac: move mt76_connac_mcu_set_pm in connac module") 2fec2ea644c5 ("mt76: connac: introduce is_connac_v1 utility routine") 187169de13d1 ("mt76: mt7915: rely on mt76_connac_mcu_wtbl_ht_tlv") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 525c469e5de9bf7e53574396196e80fc716ac9eb Mon Sep 17 00:00:00 2001 From: Quan Zhou <quan.zhou(a)mediatek.com> Date: Wed, 5 Jul 2023 23:26:38 +0800 Subject: [PATCH] wifi: mt76: mt7921e: fix init command fail with enabled device For some cases as below, we may encounter the unpreditable chip stats in driver probe() * The system reboot flow do not work properly, such as kernel oops while rebooting, and then the driver do not go back to default status at this moment. * Similar to the flow above. If the device was enabled in BIOS or UEFI, the system may switch to Linux without driver fully shutdown. To avoid the problem, force push the device back to default in probe() * mt7921e_mcu_fw_pmctrl() : return control privilege to chip side. * mt7921_wfsys_reset() : cleanup chip config before resource init. Error log [59007.600714] mt7921e 0000:02:00.0: ASIC revision: 79220010 [59010.889773] mt7921e 0000:02:00.0: Message 00000010 (seq 1) timeout [59010.889786] mt7921e 0000:02:00.0: Failed to get patch semaphore [59014.217839] mt7921e 0000:02:00.0: Message 00000010 (seq 2) timeout [59014.217852] mt7921e 0000:02:00.0: Failed to get patch semaphore [59017.545880] mt7921e 0000:02:00.0: Message 00000010 (seq 3) timeout [59017.545893] mt7921e 0000:02:00.0: Failed to get patch semaphore [59020.874086] mt7921e 0000:02:00.0: Message 00000010 (seq 4) timeout [59020.874099] mt7921e 0000:02:00.0: Failed to get patch semaphore [59024.202019] mt7921e 0000:02:00.0: Message 00000010 (seq 5) timeout [59024.202033] mt7921e 0000:02:00.0: Failed to get patch semaphore [59027.530082] mt7921e 0000:02:00.0: Message 00000010 (seq 6) timeout [59027.530096] mt7921e 0000:02:00.0: Failed to get patch semaphore [59030.857888] mt7921e 0000:02:00.0: Message 00000010 (seq 7) timeout [59030.857904] mt7921e 0000:02:00.0: Failed to get patch semaphore [59034.185946] mt7921e 0000:02:00.0: Message 00000010 (seq 8) timeout [59034.185961] mt7921e 0000:02:00.0: Failed to get patch semaphore [59037.514249] mt7921e 0000:02:00.0: Message 00000010 (seq 9) timeout [59037.514262] mt7921e 0000:02:00.0: Failed to get patch semaphore [59040.842362] mt7921e 0000:02:00.0: Message 00000010 (seq 10) timeout [59040.842375] mt7921e 0000:02:00.0: Failed to get patch semaphore [59040.923845] mt7921e 0000:02:00.0: hardware init failed Cc: stable(a)vger.kernel.org Fixes: 5c14a5f944b9 ("mt76: mt7921: introduce mt7921e support") Tested-by: Kai-Heng Feng <kai.heng.feng(a)canonical.com> Tested-by: Juan Martinez <juan.martinez(a)amd.com> Co-developed-by: Leon Yen <leon.yen(a)mediatek.com> Signed-off-by: Leon Yen <leon.yen(a)mediatek.com> Signed-off-by: Quan Zhou <quan.zhou(a)mediatek.com> Signed-off-by: Deren Wu <deren.wu(a)mediatek.com> Message-ID: <39fcb7cee08d4ab940d38d82f21897483212483f.1688569385.git.deren.wu(a)mediatek.com> Signed-off-by: Jakub Kicinski <kuba(a)kernel.org> diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/dma.c b/drivers/net/wireless/mediatek/mt76/mt7921/dma.c index f0a80c2b476a..4153cd6c2a01 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/dma.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/dma.c @@ -231,10 +231,6 @@ int mt7921_dma_init(struct mt7921_dev *dev) if (ret) return ret; - ret = mt7921_wfsys_reset(dev); - if (ret) - return ret; - /* init tx queue */ ret = mt76_connac_init_tx_queues(dev->phy.mt76, MT7921_TXQ_BAND0, MT7921_TX_RING_SIZE, diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/mcu.c b/drivers/net/wireless/mediatek/mt76/mt7921/mcu.c index c69ce6df4956..f55caa00ac69 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/mcu.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/mcu.c @@ -476,12 +476,6 @@ static int mt7921_load_firmware(struct mt7921_dev *dev) { int ret; - ret = mt76_get_field(dev, MT_CONN_ON_MISC, MT_TOP_MISC2_FW_N9_RDY); - if (ret && mt76_is_mmio(&dev->mt76)) { - dev_dbg(dev->mt76.dev, "Firmware is already download\n"); - goto fw_loaded; - } - ret = mt76_connac2_load_patch(&dev->mt76, mt7921_patch_name(dev)); if (ret) return ret; @@ -504,8 +498,6 @@ static int mt7921_load_firmware(struct mt7921_dev *dev) return -EIO; } -fw_loaded: - #ifdef CONFIG_PM dev->mt76.hw->wiphy->wowlan = &mt76_connac_wowlan_support; #endif /* CONFIG_PM */ diff --git a/drivers/net/wireless/mediatek/mt76/mt7921/pci.c b/drivers/net/wireless/mediatek/mt76/mt7921/pci.c index ddb1fa4ee01d..95610a117d2f 100644 --- a/drivers/net/wireless/mediatek/mt76/mt7921/pci.c +++ b/drivers/net/wireless/mediatek/mt76/mt7921/pci.c @@ -325,6 +325,10 @@ static int mt7921_pci_probe(struct pci_dev *pdev, bus_ops->rmw = mt7921_rmw; dev->mt76.bus = bus_ops; + ret = mt7921e_mcu_fw_pmctrl(dev); + if (ret) + goto err_free_dev; + ret = __mt7921e_mcu_drv_pmctrl(dev); if (ret) goto err_free_dev; @@ -333,6 +337,10 @@ static int mt7921_pci_probe(struct pci_dev *pdev, (mt7921_l1_rr(dev, MT_HW_REV) & 0xff); dev_info(mdev->dev, "ASIC revision: %04x\n", mdev->rev); + ret = mt7921_wfsys_reset(dev); + if (ret) + goto err_free_dev; + mt76_wr(dev, MT_WFDMA0_HOST_INT_ENA, 0); mt76_wr(dev, MT_PCIE_MAC_INT_ENABLE, 0xff);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] i2c: qup: Add missing unwind goto in qup_i2c_probe()" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x cd9489623c29aa2f8cc07088168afb6e0d5ef06d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071643-deputize-alias-9624@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: cd9489623c29 ("i2c: qup: Add missing unwind goto in qup_i2c_probe()") e42688ed5cf5 ("i2c: busses: remove duplicate dev_err()") e0442d762139 ("i2c: busses: convert to devm_platform_ioremap_resource") 90224e6468e1 ("i2c: drivers: Use generic definitions for bus frequencies") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From cd9489623c29aa2f8cc07088168afb6e0d5ef06d Mon Sep 17 00:00:00 2001 From: Shuai Jiang <d202180596(a)hust.edu.cn> Date: Tue, 18 Apr 2023 21:56:12 +0800 Subject: [PATCH] i2c: qup: Add missing unwind goto in qup_i2c_probe() Smatch Warns: drivers/i2c/busses/i2c-qup.c:1784 qup_i2c_probe() warn: missing unwind goto? The goto label "fail_runtime" and "fail" will disable qup->pclk, but here qup->pclk failed to obtain, in order to be consistent, change the direct return to goto label "fail_dma". Fixes: 9cedf3b2f099 ("i2c: qup: Add bam dma capabilities") Signed-off-by: Shuai Jiang <d202180596(a)hust.edu.cn> Reviewed-by: Dongliang Mu <dzm91(a)hust.edu.cn> Reviewed-by: Andi Shyti <andi.shyti(a)kernel.org> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Cc: <stable(a)vger.kernel.org> # v4.6+ diff --git a/drivers/i2c/busses/i2c-qup.c b/drivers/i2c/busses/i2c-qup.c index 2e153f2f71b6..78682388e02e 100644 --- a/drivers/i2c/busses/i2c-qup.c +++ b/drivers/i2c/busses/i2c-qup.c @@ -1752,16 +1752,21 @@ static int qup_i2c_probe(struct platform_device *pdev) if (!clk_freq || clk_freq > I2C_MAX_FAST_MODE_PLUS_FREQ) { dev_err(qup->dev, "clock frequency not supported %d\n", clk_freq); - return -EINVAL; + ret = -EINVAL; + goto fail_dma; } qup->base = devm_platform_ioremap_resource(pdev, 0); - if (IS_ERR(qup->base)) - return PTR_ERR(qup->base); + if (IS_ERR(qup->base)) { + ret = PTR_ERR(qup->base); + goto fail_dma; + } qup->irq = platform_get_irq(pdev, 0); - if (qup->irq < 0) - return qup->irq; + if (qup->irq < 0) { + ret = qup->irq; + goto fail_dma; + } if (has_acpi_companion(qup->dev)) { ret = device_property_read_u32(qup->dev, @@ -1775,13 +1780,15 @@ static int qup_i2c_probe(struct platform_device *pdev) qup->clk = devm_clk_get(qup->dev, "core"); if (IS_ERR(qup->clk)) { dev_err(qup->dev, "Could not get core clock\n"); - return PTR_ERR(qup->clk); + ret = PTR_ERR(qup->clk); + goto fail_dma; } qup->pclk = devm_clk_get(qup->dev, "iface"); if (IS_ERR(qup->pclk)) { dev_err(qup->dev, "Could not get iface clock\n"); - return PTR_ERR(qup->pclk); + ret = PTR_ERR(qup->pclk); + goto fail_dma; } qup_i2c_enable_clocks(qup); src_clk_freq = clk_get_rate(qup->clk);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] i2c: qup: Add missing unwind goto in qup_i2c_probe()" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x cd9489623c29aa2f8cc07088168afb6e0d5ef06d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071625-mulch-item-f645@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: cd9489623c29 ("i2c: qup: Add missing unwind goto in qup_i2c_probe()") e42688ed5cf5 ("i2c: busses: remove duplicate dev_err()") e0442d762139 ("i2c: busses: convert to devm_platform_ioremap_resource") 90224e6468e1 ("i2c: drivers: Use generic definitions for bus frequencies") 351c8a09b00b ("Merge branch 'i2c/for-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From cd9489623c29aa2f8cc07088168afb6e0d5ef06d Mon Sep 17 00:00:00 2001 From: Shuai Jiang <d202180596(a)hust.edu.cn> Date: Tue, 18 Apr 2023 21:56:12 +0800 Subject: [PATCH] i2c: qup: Add missing unwind goto in qup_i2c_probe() Smatch Warns: drivers/i2c/busses/i2c-qup.c:1784 qup_i2c_probe() warn: missing unwind goto? The goto label "fail_runtime" and "fail" will disable qup->pclk, but here qup->pclk failed to obtain, in order to be consistent, change the direct return to goto label "fail_dma". Fixes: 9cedf3b2f099 ("i2c: qup: Add bam dma capabilities") Signed-off-by: Shuai Jiang <d202180596(a)hust.edu.cn> Reviewed-by: Dongliang Mu <dzm91(a)hust.edu.cn> Reviewed-by: Andi Shyti <andi.shyti(a)kernel.org> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Cc: <stable(a)vger.kernel.org> # v4.6+ diff --git a/drivers/i2c/busses/i2c-qup.c b/drivers/i2c/busses/i2c-qup.c index 2e153f2f71b6..78682388e02e 100644 --- a/drivers/i2c/busses/i2c-qup.c +++ b/drivers/i2c/busses/i2c-qup.c @@ -1752,16 +1752,21 @@ static int qup_i2c_probe(struct platform_device *pdev) if (!clk_freq || clk_freq > I2C_MAX_FAST_MODE_PLUS_FREQ) { dev_err(qup->dev, "clock frequency not supported %d\n", clk_freq); - return -EINVAL; + ret = -EINVAL; + goto fail_dma; } qup->base = devm_platform_ioremap_resource(pdev, 0); - if (IS_ERR(qup->base)) - return PTR_ERR(qup->base); + if (IS_ERR(qup->base)) { + ret = PTR_ERR(qup->base); + goto fail_dma; + } qup->irq = platform_get_irq(pdev, 0); - if (qup->irq < 0) - return qup->irq; + if (qup->irq < 0) { + ret = qup->irq; + goto fail_dma; + } if (has_acpi_companion(qup->dev)) { ret = device_property_read_u32(qup->dev, @@ -1775,13 +1780,15 @@ static int qup_i2c_probe(struct platform_device *pdev) qup->clk = devm_clk_get(qup->dev, "core"); if (IS_ERR(qup->clk)) { dev_err(qup->dev, "Could not get core clock\n"); - return PTR_ERR(qup->clk); + ret = PTR_ERR(qup->clk); + goto fail_dma; } qup->pclk = devm_clk_get(qup->dev, "iface"); if (IS_ERR(qup->pclk)) { dev_err(qup->dev, "Could not get iface clock\n"); - return PTR_ERR(qup->pclk); + ret = PTR_ERR(qup->pclk); + goto fail_dma; } qup_i2c_enable_clocks(qup); src_clk_freq = clk_get_rate(qup->clk);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] i2c: qup: Add missing unwind goto in qup_i2c_probe()" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x cd9489623c29aa2f8cc07088168afb6e0d5ef06d # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071624-swimwear-finisher-6443@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: cd9489623c29 ("i2c: qup: Add missing unwind goto in qup_i2c_probe()") e42688ed5cf5 ("i2c: busses: remove duplicate dev_err()") e0442d762139 ("i2c: busses: convert to devm_platform_ioremap_resource") 90224e6468e1 ("i2c: drivers: Use generic definitions for bus frequencies") 351c8a09b00b ("Merge branch 'i2c/for-5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From cd9489623c29aa2f8cc07088168afb6e0d5ef06d Mon Sep 17 00:00:00 2001 From: Shuai Jiang <d202180596(a)hust.edu.cn> Date: Tue, 18 Apr 2023 21:56:12 +0800 Subject: [PATCH] i2c: qup: Add missing unwind goto in qup_i2c_probe() Smatch Warns: drivers/i2c/busses/i2c-qup.c:1784 qup_i2c_probe() warn: missing unwind goto? The goto label "fail_runtime" and "fail" will disable qup->pclk, but here qup->pclk failed to obtain, in order to be consistent, change the direct return to goto label "fail_dma". Fixes: 9cedf3b2f099 ("i2c: qup: Add bam dma capabilities") Signed-off-by: Shuai Jiang <d202180596(a)hust.edu.cn> Reviewed-by: Dongliang Mu <dzm91(a)hust.edu.cn> Reviewed-by: Andi Shyti <andi.shyti(a)kernel.org> Signed-off-by: Wolfram Sang <wsa(a)kernel.org> Cc: <stable(a)vger.kernel.org> # v4.6+ diff --git a/drivers/i2c/busses/i2c-qup.c b/drivers/i2c/busses/i2c-qup.c index 2e153f2f71b6..78682388e02e 100644 --- a/drivers/i2c/busses/i2c-qup.c +++ b/drivers/i2c/busses/i2c-qup.c @@ -1752,16 +1752,21 @@ static int qup_i2c_probe(struct platform_device *pdev) if (!clk_freq || clk_freq > I2C_MAX_FAST_MODE_PLUS_FREQ) { dev_err(qup->dev, "clock frequency not supported %d\n", clk_freq); - return -EINVAL; + ret = -EINVAL; + goto fail_dma; } qup->base = devm_platform_ioremap_resource(pdev, 0); - if (IS_ERR(qup->base)) - return PTR_ERR(qup->base); + if (IS_ERR(qup->base)) { + ret = PTR_ERR(qup->base); + goto fail_dma; + } qup->irq = platform_get_irq(pdev, 0); - if (qup->irq < 0) - return qup->irq; + if (qup->irq < 0) { + ret = qup->irq; + goto fail_dma; + } if (has_acpi_companion(qup->dev)) { ret = device_property_read_u32(qup->dev, @@ -1775,13 +1780,15 @@ static int qup_i2c_probe(struct platform_device *pdev) qup->clk = devm_clk_get(qup->dev, "core"); if (IS_ERR(qup->clk)) { dev_err(qup->dev, "Could not get core clock\n"); - return PTR_ERR(qup->clk); + ret = PTR_ERR(qup->clk); + goto fail_dma; } qup->pclk = devm_clk_get(qup->dev, "iface"); if (IS_ERR(qup->pclk)) { dev_err(qup->dev, "Could not get iface clock\n"); - return PTR_ERR(qup->pclk); + ret = PTR_ERR(qup->pclk); + goto fail_dma; } qup_i2c_enable_clocks(qup); src_clk_freq = clk_get_rate(qup->clk);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] io_uring: Use io_schedule* in cqring wait" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 8a796565cec3601071cbbd27d6304e202019d014 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071622-exhale-throwing-6c38@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 8a796565cec3 ("io_uring: Use io_schedule* in cqring wait") d33a39e57768 ("io_uring: keep timeout in io_wait_queue") 46ae7eef44f6 ("io_uring: optimise non-timeout waiting") 846072f16eed ("io_uring: mimimise io_cqring_wait_schedule") 3fcf19d592d5 ("io_uring: parse check_cq out of wq waiting") 12521a5d5cb7 ("io_uring: fix CQ waiting timeout handling") 52ea806ad983 ("io_uring: finish waiting before flushing overflow entries") 35d90f95cfa7 ("io_uring: include task_work run after scheduling in wait for events") 1b346e4aa8e7 ("io_uring: don't check overflow flush failures") a85381d8326d ("io_uring: skip overflow CQE posting for dying ring") c0e0d6ba25f1 ("io_uring: add IORING_SETUP_DEFER_TASKRUN") b4c98d59a787 ("io_uring: introduce io_has_work") 78a861b94959 ("io_uring: add sync cancelation API through io_uring_register()") c34398a8c018 ("io_uring: remove __io_req_task_work_add") ed5ccb3beeba ("io_uring: remove priority tw list optimisation") 4a0fef62788b ("io_uring: optimize io_uring_task layout") 253993210bd8 ("io_uring: introduce locking helpers for CQE posting") 305bef988708 ("io_uring: hide eventfd assumptions in eventfd paths") affa87db9010 ("io_uring: fix multi ctx cancellation") d9dee4302a7c ("io_uring: remove ->flush_cqes optimisation") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 8a796565cec3601071cbbd27d6304e202019d014 Mon Sep 17 00:00:00 2001 From: Andres Freund <andres(a)anarazel.de> Date: Fri, 7 Jul 2023 09:20:07 -0700 Subject: [PATCH] io_uring: Use io_schedule* in cqring wait I observed poor performance of io_uring compared to synchronous IO. That turns out to be caused by deeper CPU idle states entered with io_uring, due to io_uring using plain schedule(), whereas synchronous IO uses io_schedule(). The losses due to this are substantial. On my cascade lake workstation, t/io_uring from the fio repository e.g. yields regressions between 20% and 40% with the following command: ./t/io_uring -r 5 -X0 -d 1 -s 1 -c 1 -p 0 -S$use_sync -R 0 /mnt/t2/fio/write.0.0 This is repeatable with different filesystems, using raw block devices and using different block devices. Use io_schedule_prepare() / io_schedule_finish() in io_cqring_wait_schedule() to address the difference. After that using io_uring is on par or surpassing synchronous IO (using registered files etc makes it reliably win, but arguably is a less fair comparison). There are other calls to schedule() in io_uring/, but none immediately jump out to be similarly situated, so I did not touch them. Similarly, it's possible that mutex_lock_io() should be used, but it's not clear if there are cases where that matters. Cc: stable(a)vger.kernel.org # 5.10+ Cc: Pavel Begunkov <asml.silence(a)gmail.com> Cc: io-uring(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Andres Freund <andres(a)anarazel.de> Link: https://lore.kernel.org/r/20230707162007.194068-1-andres@anarazel.de [axboe: minor style fixup] Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c index e8096d502a7c..7505de2428e0 100644 --- a/io_uring/io_uring.c +++ b/io_uring/io_uring.c @@ -2489,6 +2489,8 @@ int io_run_task_work_sig(struct io_ring_ctx *ctx) static inline int io_cqring_wait_schedule(struct io_ring_ctx *ctx, struct io_wait_queue *iowq) { + int token, ret; + if (unlikely(READ_ONCE(ctx->check_cq))) return 1; if (unlikely(!llist_empty(&ctx->work_llist))) @@ -2499,11 +2501,20 @@ static inline int io_cqring_wait_schedule(struct io_ring_ctx *ctx, return -EINTR; if (unlikely(io_should_wake(iowq))) return 0; + + /* + * Use io_schedule_prepare/finish, so cpufreq can take into account + * that the task is waiting for IO - turns out to be important for low + * QD IO. + */ + token = io_schedule_prepare(); + ret = 0; if (iowq->timeout == KTIME_MAX) schedule(); else if (!schedule_hrtimeout(&iowq->timeout, HRTIMER_MODE_ABS)) - return -ETIME; - return 0; + ret = -ETIME; + io_schedule_finish(token); + return ret; } /*

2 years, 5 months

1
0
0 0

[PATCH 0/2] riscv: stack: Fixup independent softirq/irq stack for CONFIG_FRAME_POINTER=n

by guoren＠kernel.org

From: Guo Ren <guoren(a)linux.alibaba.com> The independent softirq/irq stack uses s0 to save & restore sp, but s0 would be corrupted when CONFIG_FRAME_POINTER=n. So add s0 in the clobber list to fix the problem. <+0>: addi sp,sp,-32 <+2>: sd s0,16(sp) <+4>: sd s1,8(sp) <+6>: sd ra,24(sp) <+8>: sd s2,0(sp) <+10>: mv s0,a0 --> compiler allocate s0 for a0 when CONFIG_FRAME_POINTER=n <+12>: jal ra,0xffffffff800bc0ce <irqentry_enter> <+16>: ld a5,56(tp) # 0x38 <+20>: lui a4,0x4 <+22>: mv s1,a0 <+24>: xor a5,a5,sp <+28>: bgeu a5,a4,0xffffffff800bc092 <do_irq+88> <+32>: auipc s2,0x5d <+36>: ld s2,1118(s2) # 0xffffffff801194b8 <irq_stack_ptr> <+40>: add s2,s2,a4 <+42>: addi sp,sp,-8 <+44>: sd ra,0(sp) <+46>: addi sp,sp,-8 <+48>: sd s0,0(sp) <+50>: addi s0,sp,16 --> our code clobber the s0 <+52>: mv sp,s2 <+54>: mv a0,s0 --> a0 got wrong value for handle_riscv_irq <+56>: jal ra,0xffffffff800bbb3a <handle_riscv_irq> Guo Ren (2): riscv: stack: Fixup independent irq stack for CONFIG_FRAME_POINTER=n riscv: stack: Fixup independent softirq stack for CONFIG_FRAME_POINTER=n arch/riscv/kernel/irq.c | 2 +- arch/riscv/kernel/traps.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) -- 2.36.1

2 years, 5 months

4
5
0 0

I NEEDS YOUR URGENT RESPONSE

by Dr. Thomsom Jack.

Greetings to You, I have a good news for you.Please contact me for more details. Sorry if you received this letter in your spam, Due to recent connection error here in my country.a Looking forward for your immediate response to me through my private e- mail id: (jackthomsom7(a)gmail.com) Best Regards, Regards, Dr. Thomsom Jack. My Telephone number

2 years, 5 months

1
0
0 0

[PATCH 1/2] serial: qcom-geni: fix opp vote on shutdown

by Johan Hovold

The operating-performance-point vote needs to be dropped when shutting down the port to avoid wasting power by keeping resources like power domains in an unnecessarily high performance state (e.g. when a UART connected Bluetooth controller is not in use). Fixes: a5819b548af0 ("tty: serial: qcom_geni_serial: Use OPP API to set clk/perf state") Cc: stable(a)vger.kernel.org # 5.9 Cc: Rajendra Nayak <quic_rjendra(a)quicinc.com> Cc: Matthias Kaehlcke <mka(a)chromium.org> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/tty/serial/qcom_geni_serial.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/tty/serial/qcom_geni_serial.c b/drivers/tty/serial/qcom_geni_serial.c index b825b05e6137..8be896dbaa88 100644 --- a/drivers/tty/serial/qcom_geni_serial.c +++ b/drivers/tty/serial/qcom_geni_serial.c @@ -126,6 +126,7 @@ struct qcom_geni_serial_port { dma_addr_t rx_dma_addr; bool setup; unsigned int baud; + unsigned long clk_rate; void *rx_buf; u32 loopback; bool brk; @@ -1249,6 +1250,7 @@ static void qcom_geni_serial_set_termios(struct uart_port *uport, baud * sampling_rate, clk_rate, clk_div); uport->uartclk = clk_rate; + port->clk_rate = clk_rate; dev_pm_opp_set_rate(uport->dev, clk_rate); ser_clk_cfg = SER_CLK_EN; ser_clk_cfg |= clk_div << CLK_DIV_SHFT; @@ -1513,10 +1515,13 @@ static void qcom_geni_serial_pm(struct uart_port *uport, if (new_state == UART_PM_STATE_ON && old_state == UART_PM_STATE_OFF) { geni_icc_enable(&port->se); + if (port->clk_rate) + dev_pm_opp_set_rate(uport->dev, port->clk_rate); geni_se_resources_on(&port->se); } else if (new_state == UART_PM_STATE_OFF && old_state == UART_PM_STATE_ON) { geni_se_resources_off(&port->se); + dev_pm_opp_set_rate(uport->dev, 0); geni_icc_disable(&port->se); } } -- 2.41.0

2 years, 5 months

3
3
0 0

Fw:Re: tools,Harnesses,belts,straps ,clips ,rings ,buckles, bars ,carabiners ,supply ?

by qualityfactory＠vip.163.com

Dear Sir : Nice day! This is lucy from metal & Harnesses factory ,we make metal & Harnesses,belt and buckles,BELT & STRAP，LEATHER Harnesses,tags ,belts,straps ,clips ,rings ,buckles, bars ,d rings stainless steel,d rings steel,d rings zinc ,o rings steel,o rings zinc ,steel d ring,steel d buckle ,hooks ,clasps ,clips , an array of fastening like rivets , grommets,rivets ,eyelets ,tools , metal gear , metal hardware , metal products, metal Components,S hooks ,d rings ,o rings ,snaps ,webbings , buckles, HOOK,brass buckles, clips , hooks ,straps , accessories ,brass snaps ,brass gear , stainless steel hardware,steel harness ,steel wires, wire rings , wire buckles ,brass gears ,brass products ,iron metal hardware ,Fasteners,safety buckles,brass buckles, brass rings ,belts,buckles ,Split Ring ,straps ,sliders,snaps ,Bars Rings,textile accessories , magnent buttons,carabiners,zipper ,zipper pull， buckles,snap fasteners ,trigger ,buttons ,snaps ,Bars Rings, Fasteners as required for our golbal clients , We are manufactory, we are the source, our price is very competitive ,you will get the best price , We have profuse designs with series quality grade, and expressly. Our factory always produce customer designs and drawing , if you have any products looking please let me know we could surely make for you Sincerely hope could work with you ! Best regards lucy

2 years, 5 months

1
0
0 0

[PATCHv2 v6.5-rc1 0/3] fs: dlm: workarounds and cancellation

by Alexander Aring

Hi, This patch-series trying to avoid issues when plock ops with DLM_PLOCK_FL_CLOSE flag is set sends a reply back which should never be the case. This problem getting more serious when introducing a new plock op and an answer was not expected as I changed in v2 to check on DLM_PLOCK_FL_CLOSE flag for stable as this can also being used to fix the potential issue for older kernels and it does not change the UAPI. For newer user space applications the new flag DLM_PLOCK_FL_NO_REPLY will tell the user space application to never send an result back, it will handle this filter earlier in user space. For older user space software we will filter the result in ther kernel. This requires the behaviour that the flags are the same for the request and the reply which is the case for dlm_controld. Also fix the wrapped string and don't spam the user ignoring replies. - Alex Alexander Aring (3): fs: dlm: ignore DLM_PLOCK_FL_CLOSE flag results fs: dlm: introduce DLM_PLOCK_FL_NO_REPLY flag fs: dlm: allow to F_SETLKW getting interrupted fs/dlm/plock.c | 107 ++++++++++++++++++++++++--------- include/uapi/linux/dlm_plock.h | 2 + 2 files changed, 81 insertions(+), 28 deletions(-) -- 2.31.1

2 years, 5 months

1
4
0 0

[PATCH] exfat: release s_lock before calling dir_emit()

by Sungjong Seo

There is a potential deadlock reported by syzbot as below: ====================================================== WARNING: possible circular locking dependency detected 6.4.0-next-20230707-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor330/5073 is trying to acquire lock: ffff8880218527a0 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable include/linux/mmap_lock.h:151 [inline] ffff8880218527a0 (&mm->mmap_lock){++++}-{3:3}, at: get_mmap_lock_carefully mm/memory.c:5293 [inline] ffff8880218527a0 (&mm->mmap_lock){++++}-{3:3}, at: lock_mm_and_find_vma+0x369/0x510 mm/memory.c:5344 but task is already holding lock: ffff888019f760e0 (&sbi->s_lock){+.+.}-{3:3}, at: exfat_iterate+0x117/0xb50 fs/exfat/dir.c:232 which lock already depends on the new lock. Chain exists of: &mm->mmap_lock --> mapping.invalidate_lock#3 --> &sbi->s_lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&sbi->s_lock); lock(mapping.invalidate_lock#3); lock(&sbi->s_lock); rlock(&mm->mmap_lock); Let's try to avoid above potential deadlock condition by moving dir_emit*() out of sbi->s_lock coverage. Fixes: ca06197382bd ("exfat: add directory operations") Cc: stable(a)vger.kernel.org #v5.7+ Reported-by: syzbot+1741a5d9b79989c10bdc(a)syzkaller.appspotmail.com Link: https://lore.kernel.org/lkml/00000000000078ee7e060066270b@google.com/T/#u Signed-off-by: Sungjong Seo <sj1557.seo(a)samsung.com> --- fs/exfat/dir.c | 27 ++++++++++++--------------- 1 file changed, 12 insertions(+), 15 deletions(-) diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c index 957574180a5e..4e3743341ce7 100644 --- a/fs/exfat/dir.c +++ b/fs/exfat/dir.c @@ -214,7 +214,10 @@ static void exfat_free_namebuf(struct exfat_dentry_namebuf *nb) exfat_init_namebuf(nb); } -/* skip iterating emit_dots when dir is empty */ +/* + * Before calling dir_emit*(), sbi->s_lock should be released + * because page fault can occur in dir_emit*(). + */ #define ITER_POS_FILLED_DOTS (2) static int exfat_iterate(struct file *file, struct dir_context *ctx) { @@ -229,11 +232,10 @@ static int exfat_iterate(struct file *file, struct dir_context *ctx) int err = 0, fake_offset = 0; exfat_init_namebuf(nb); - mutex_lock(&EXFAT_SB(sb)->s_lock); cpos = ctx->pos; if (!dir_emit_dots(file, ctx)) - goto unlock; + goto out; if (ctx->pos == ITER_POS_FILLED_DOTS) { cpos = 0; @@ -245,16 +247,18 @@ static int exfat_iterate(struct file *file, struct dir_context *ctx) /* name buffer should be allocated before use */ err = exfat_alloc_namebuf(nb); if (err) - goto unlock; + goto out; get_new: + mutex_lock(&EXFAT_SB(sb)->s_lock); + if (ei->flags == ALLOC_NO_FAT_CHAIN && cpos >= i_size_read(inode)) goto end_of_dir; err = exfat_readdir(inode, &cpos, &de); if (err) { /* - * At least we tried to read a sector. Move cpos to next sector - * position (should be aligned). + * At least we tried to read a sector. + * Move cpos to next sector position (should be aligned). */ if (err == -EIO) { cpos += 1 << (sb->s_blocksize_bits); @@ -277,16 +281,10 @@ static int exfat_iterate(struct file *file, struct dir_context *ctx) inum = iunique(sb, EXFAT_ROOT_INO); } - /* - * Before calling dir_emit(), sb_lock should be released. - * Because page fault can occur in dir_emit() when the size - * of buffer given from user is larger than one page size. - */ mutex_unlock(&EXFAT_SB(sb)->s_lock); if (!dir_emit(ctx, nb->lfn, strlen(nb->lfn), inum, (de.attr & ATTR_SUBDIR) ? DT_DIR : DT_REG)) - goto out_unlocked; - mutex_lock(&EXFAT_SB(sb)->s_lock); + goto out; ctx->pos = cpos; goto get_new; @@ -294,9 +292,8 @@ static int exfat_iterate(struct file *file, struct dir_context *ctx) if (!cpos && fake_offset) cpos = ITER_POS_FILLED_DOTS; ctx->pos = cpos; -unlock: mutex_unlock(&EXFAT_SB(sb)->s_lock); -out_unlocked: +out: /* * To improve performance, free namebuf after unlock sb_lock. * If namebuf is not allocated, this function do nothing -- 2.25.1

2 years, 5 months

2
1
0 0

[PATCH v6.5-rc1 1/2] fs: dlm: introduce DLM_PLOCK_FL_NO_REPLY flag

by Alexander Aring

This patch introduces a new flag DLM_PLOCK_FL_NO_REPLY in case an dlm plock operation should not send a reply back. Currently this is kind of being handled in DLM_PLOCK_FL_CLOSE, but DLM_PLOCK_FL_CLOSE has more meanings that it will remove all waiters for a specific nodeid/owner values in by doing a unlock operation. In case of an error in dlm user space software e.g. dlm_controld we get an reply with an error back. This cannot be matched because there is no op to match in recv_list. We filter now on DLM_PLOCK_FL_NO_REPLY in case we had an error back as reply. In newer dlm_controld version it will never send a result back when DLM_PLOCK_FL_NO_REPLY is set. This filter is a workaround to handle older dlm_controld versions. Fixes: 901025d2f319 ("dlm: make plock operation killable") Cc: stable(a)vger.kernel.org Signed-off-by: Alexander Aring <aahringo(a)redhat.com> --- fs/dlm/plock.c | 23 +++++++++++++++++++---- include/uapi/linux/dlm_plock.h | 1 + 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/fs/dlm/plock.c b/fs/dlm/plock.c index 70a4752ed913..7fe9f4b922d3 100644 --- a/fs/dlm/plock.c +++ b/fs/dlm/plock.c @@ -96,7 +96,7 @@ static void do_unlock_close(const struct dlm_plock_info *info) op->info.end = OFFSET_MAX; op->info.owner = info->owner; - op->info.flags |= DLM_PLOCK_FL_CLOSE; + op->info.flags |= (DLM_PLOCK_FL_CLOSE | DLM_PLOCK_FL_NO_REPLY); send_op(op); } @@ -293,7 +293,7 @@ int dlm_posix_unlock(dlm_lockspace_t *lockspace, u64 number, struct file *file, op->info.owner = (__u64)(long) fl->fl_owner; if (fl->fl_flags & FL_CLOSE) { - op->info.flags |= DLM_PLOCK_FL_CLOSE; + op->info.flags |= (DLM_PLOCK_FL_CLOSE | DLM_PLOCK_FL_NO_REPLY); send_op(op); rv = 0; goto out; @@ -392,7 +392,7 @@ static ssize_t dev_read(struct file *file, char __user *u, size_t count, spin_lock(&ops_lock); if (!list_empty(&send_list)) { op = list_first_entry(&send_list, struct plock_op, list); - if (op->info.flags & DLM_PLOCK_FL_CLOSE) + if (op->info.flags & DLM_PLOCK_FL_NO_REPLY) list_del(&op->list); else list_move_tail(&op->list, &recv_list); @@ -407,7 +407,7 @@ static ssize_t dev_read(struct file *file, char __user *u, size_t count, that were generated by the vfs cleaning up for a close (the process did not make an unlock call). */ - if (op->info.flags & DLM_PLOCK_FL_CLOSE) + if (op->info.flags & DLM_PLOCK_FL_NO_REPLY) dlm_release_plock_op(op); if (copy_to_user(u, &info, sizeof(info))) @@ -433,6 +433,21 @@ static ssize_t dev_write(struct file *file, const char __user *u, size_t count, if (check_version(&info)) return -EINVAL; + /* Some old dlm user space software will send replies back, + * even if DLM_PLOCK_FL_NO_REPLY is set (because the flag is + * new) e.g. if a error occur. We can't match them in recv_list + * because they were never be part of it. We filter it here, + * new dlm user space software will filter it in user space. + * + * In future this handling can be removed. + */ + if (info.flags & DLM_PLOCK_FL_NO_REPLY) { + pr_info("Received unexpected reply from op %d, " + "please update DLM user space software!\n", + info.optype); + return count; + } + /* * The results for waiting ops (SETLKW) can be returned in any * order, so match all fields to find the op. The results for diff --git a/include/uapi/linux/dlm_plock.h b/include/uapi/linux/dlm_plock.h index 63b6c1fd9169..8dfa272c929a 100644 --- a/include/uapi/linux/dlm_plock.h +++ b/include/uapi/linux/dlm_plock.h @@ -25,6 +25,7 @@ enum { }; #define DLM_PLOCK_FL_CLOSE 1 +#define DLM_PLOCK_FL_NO_REPLY 2 struct dlm_plock_info { __u32 version[3]; -- 2.31.1

2 years, 5 months

3
6
0 0

[PATCH] tracing/histograms: Return an error if we fail to add histogram to hist_vars list

by Mohamed Khalfella

If the code fails to add histogram to hist_vars list, then ret should contain error code before jumping to unregister histogram. Cc: stable(a)vger.kernel.org Fixes: 6018b585e8c6 ("tracing/histograms: Add histograms to hist_vars if they have referenced variables") Signed-off-by: Mohamed Khalfella <mkhalfella(a)purestorage.com> --- kernel/trace/trace_events_hist.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index c8c61381eba4..d06938ae0717 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -6668,7 +6668,8 @@ static int event_hist_trigger_parse(struct event_command *cmd_ops, goto out_unreg; if (has_hist_vars(hist_data) || hist_data->n_var_refs) { - if (save_hist_vars(hist_data)) + ret = save_hist_vars(hist_data); + if (ret) goto out_unreg; } -- 2.34.1

2 years, 5 months

2
1
0 0

[PATCH v2] tracing/histograms: Return an error if we fail to add histogram to hist_vars list

by Mohamed Khalfella

Commit 6018b585e8c6 ("tracing/histograms: Add histograms to hist_vars if they have referenced variables") added a check to fail histogram creation if save_hist_vars() failed to add histogram to hist_vars list. But the commit failed to set ret to failed return code before jumping to unregister histogram, fix it. Cc: stable(a)vger.kernel.org Fixes: 6018b585e8c6 ("tracing/histograms: Add histograms to hist_vars if they have referenced variables") Signed-off-by: Mohamed Khalfella <mkhalfella(a)purestorage.com> --- kernel/trace/trace_events_hist.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index c8c61381eba4..d06938ae0717 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -6668,7 +6668,8 @@ static int event_hist_trigger_parse(struct event_command *cmd_ops, goto out_unreg; if (has_hist_vars(hist_data) || hist_data->n_var_refs) { - if (save_hist_vars(hist_data)) + ret = save_hist_vars(hist_data); + if (ret) goto out_unreg; } -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH v4] mtd: spi-nor: Correct flags for Winbond w25q128

by Linus Walleij

The Winbond "w25q128" (actual vendor name W25Q128JV) has exactly the same flags as the sibling device "w25q128jv". The devices both require unlocking to enable write access. The actual product naming between devices vs the Linux strings in winbond.c: 0xef4018: "w25q128" W25Q128JV-IN/IQ/JQ 0xef7018: "w25q128jv" W25Q128JV-IM/JM The latter device, "w25q128jv" supports features named DTQ and QPI, otherwise it is the same. Not having the right flags has the annoying side effect that write access does not work. After this patch I can write to the flash on the Inteno XG6846 router. The flash memory also supports dual and quad SPI modes. This does not currently manifest, but by turning on SFDP parsing, the right SPI modes are emitted in /sys/kernel/debug/spi-nor/spi1.0/capabilities for this chip, so we also turn on this. Since we suspect that older chips may be using the same device ID, we need to keep NO_SFDP_FLAGS(SECT_4K) as these older chips may not support SFDP. cat jedec_id ef4018 cat manufacturer winbond cat partname w25q128 hexdump -v -C sfdp 00000000 53 46 44 50 05 01 00 ff 00 05 01 10 80 00 00 ff 00000010 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000020 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000030 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000040 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000050 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000060 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000070 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000080 e5 20 f9 ff ff ff ff 07 44 eb 08 6b 08 3b 42 bb 00000090 fe ff ff ff ff ff 00 00 ff ff 40 eb 0c 20 0f 52 000000a0 10 d8 00 00 36 02 a6 00 82 ea 14 c9 e9 63 76 33 000000b0 7a 75 7a 75 f7 a2 d5 5c 19 f7 4d ff e9 30 f8 80 Cc: stable(a)vger.kernel.org Suggested-by: Michael Walle <michael(a)walle.cc> Reviewed-by: Michael Walle <michael(a)walle.cc> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- Changes in v4: - Fix up error in commit message. - Pick up Michael's ACK. - Link to v3: https://lore.kernel.org/r/20230714-spi-nor-winbond-w25q128-v3-1-bdb2192f079… Changes in v3: - Keep NO_SFDP_FLAGS(SECT_4K) around. - Update commit message - Link to v2: https://lore.kernel.org/r/20230712-spi-nor-winbond-w25q128-v2-1-50c9f1d58d6… Changes in v2: - Only add the write access flags. - Use SFDP parsing to properly detect the various available SPI modes. - Link to v1: https://lore.kernel.org/r/20230712-spi-nor-winbond-w25q128-v1-1-f78f3bb42a1… --- drivers/mtd/spi-nor/winbond.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/mtd/spi-nor/winbond.c b/drivers/mtd/spi-nor/winbond.c index 834d6ba5ce70..8f30a67cd27a 100644 --- a/drivers/mtd/spi-nor/winbond.c +++ b/drivers/mtd/spi-nor/winbond.c @@ -121,6 +121,8 @@ static const struct flash_info winbond_nor_parts[] = { { "w25q80bl", INFO(0xef4014, 0, 64 * 1024, 16) NO_SFDP_FLAGS(SECT_4K) }, { "w25q128", INFO(0xef4018, 0, 64 * 1024, 256) + PARSE_SFDP + FLAGS(SPI_NOR_HAS_LOCK | SPI_NOR_HAS_TB) NO_SFDP_FLAGS(SECT_4K) }, { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512) NO_SFDP_FLAGS(SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230711-spi-nor-winbond-w25q128-321a602ee267 Best regards, -- Linus Walleij <linus.walleij(a)linaro.org>

2 years, 5 months

1
0
0 0

[PATCH v3] mtd: spi-nor: Correct flags for Winbond w25q128

by Linus Walleij

The Winbond "w25q128" (actual vendor name W25Q128JV) has exactly the same flags as the sibling device "w25q128jv". The devices both require unlocking to enable write access. The actual product naming between devices vs the Linux strings in winbond.c: 0xef4018: "w25q128" W25Q128JV-IM/JM 0xef7018: "w25q128jv" W25Q128JV-IN/IQ/JQ The latter device, "w25q128jv" supports features named DTQ and QPI, otherwise it is the same. Not having the right flags has the annoying side effect that write access does not work. After this patch I can write to the flash on the Inteno XG6846 router. The flash memory also supports dual and quad SPI modes. This does not currently manifest, but by turning on SFDP parsing, the right SPI modes are emitted in /sys/kernel/debug/spi-nor/spi1.0/capabilities for this chip, so we also turn on this. Since we suspect that older chips may be using the same device ID, we need to keep NO_SFDP_FLAGS(SECT_4K) as these older chips may not support SFDP. cat jedec_id ef4018 cat manufacturer winbond cat partname w25q128 hexdump -v -C sfdp 00000000 53 46 44 50 05 01 00 ff 00 05 01 10 80 00 00 ff 00000010 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000020 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000030 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000040 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000050 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000060 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000070 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 00000080 e5 20 f9 ff ff ff ff 07 44 eb 08 6b 08 3b 42 bb 00000090 fe ff ff ff ff ff 00 00 ff ff 40 eb 0c 20 0f 52 000000a0 10 d8 00 00 36 02 a6 00 82 ea 14 c9 e9 63 76 33 000000b0 7a 75 7a 75 f7 a2 d5 5c 19 f7 4d ff e9 30 f8 80 Cc: stable(a)vger.kernel.org Suggested-by: Michael Walle <michael(a)walle.cc> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- Changes in v3: - Keep NO_SFDP_FLAGS(SECT_4K) around. - Update commit message - Link to v2: https://lore.kernel.org/r/20230712-spi-nor-winbond-w25q128-v2-1-50c9f1d58d6… Changes in v2: - Only add the write access flags. - Use SFDP parsing to properly detect the various available SPI modes. - Link to v1: https://lore.kernel.org/r/20230712-spi-nor-winbond-w25q128-v1-1-f78f3bb42a1… --- drivers/mtd/spi-nor/winbond.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/mtd/spi-nor/winbond.c b/drivers/mtd/spi-nor/winbond.c index 834d6ba5ce70..8f30a67cd27a 100644 --- a/drivers/mtd/spi-nor/winbond.c +++ b/drivers/mtd/spi-nor/winbond.c @@ -121,6 +121,8 @@ static const struct flash_info winbond_nor_parts[] = { { "w25q80bl", INFO(0xef4014, 0, 64 * 1024, 16) NO_SFDP_FLAGS(SECT_4K) }, { "w25q128", INFO(0xef4018, 0, 64 * 1024, 256) + PARSE_SFDP + FLAGS(SPI_NOR_HAS_LOCK | SPI_NOR_HAS_TB) NO_SFDP_FLAGS(SECT_4K) }, { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512) NO_SFDP_FLAGS(SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230711-spi-nor-winbond-w25q128-321a602ee267 Best regards, -- Linus Walleij <linus.walleij(a)linaro.org>

2 years, 5 months

2
2
0 0

+ lib-test_meminit-allocate-pages-up-to-order-max_order.patch added to mm-unstable branch

by Andrew Morton

The patch titled Subject: lib/test_meminit: allocate pages up to order MAX_ORDER has been added to the -mm mm-unstable branch. Its filename is lib-test_meminit-allocate-pages-up-to-order-max_order.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Andrew Donnellan <ajd(a)linux.ibm.com> Subject: lib/test_meminit: allocate pages up to order MAX_ORDER Date: Fri, 14 Jul 2023 11:52:38 +1000 test_pages() tests the page allocator by calling alloc_pages() with different orders up to order 10. However, different architectures and platforms support different maximum contiguous allocation sizes. The default maximum allocation order (MAX_ORDER) is 10, but architectures can use CONFIG_ARCH_FORCE_MAX_ORDER to override this. On platforms where this is less than 10, test_meminit() will blow up with a WARN(). This is expected, so let's not do that. Replace the hardcoded "10" with the MAX_ORDER macro so that we test allocations up to the expected platform limit. Link: https://lkml.kernel.org/r/20230714015238.47931-1-ajd@linux.ibm.com Fixes: 5015a300a522 ("lib: introduce test_meminit module") Signed-off-by: Andrew Donnellan <ajd(a)linux.ibm.com> Reviewed-by: Alexander Potapenko <glider(a)google.com> Cc: Xiaoke Wang <xkernel.wang(a)foxmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- lib/test_meminit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/lib/test_meminit.c~lib-test_meminit-allocate-pages-up-to-order-max_order +++ a/lib/test_meminit.c @@ -93,7 +93,7 @@ static int __init test_pages(int *total_ int failures = 0, num_tests = 0; int i; - for (i = 0; i < 10; i++) + for (i = 0; i <= MAX_ORDER; i++) num_tests += do_alloc_pages_order(i, &failures); REPORT_FAILURES_IN_FN(); _ Patches currently in -mm which might be from ajd(a)linux.ibm.com are lib-test_meminit-allocate-pages-up-to-order-max_order.patch

2 years, 5 months

1
0
0 0

I wish for a prompt response

by Taras Volodymyr

D e a r Sir, I am M r. Taras Volodymyr from U k r a i n e but lived in Russia for many years, I am a successful business?m a n here in Russia as I have been involved oil serving business. Based on what is going here I found you very capable of handling this h u g e business magnitude, there is a genuine need for an investment of a substantial amount in your country. If you are willing to p a r t n e r with me I will advise you to get back to me for proceedings-details on the way forward. I wish for a prompt response from you regarding my letter. Warm regards, Mr. Taras Volodymyr

2 years, 5 months

1
0
0 0

[PATCH] KVM: arm64: vgic-v4: Make the doorbell request robust w.r.t preemption

by Marc Zyngier

Xiang reports that VMs occasionally fail to boot on GICv4.1 systems when running a preemptible kernel, as it is possible that a vCPU is blocked without requesting a doorbell interrupt. The issue is that any preemption that occurs between vgic_v4_put() and schedule() on the block path will mark the vPE as nonresident and *not* request a doorbell irq. This occurs because when the vcpu thread is resumed on its way to block, vcpu_load() will make the vPE resident again. Once the vcpu actually blocks, we don't request a doorbell anymore, and the vcpu won't be woken up on interrupt delivery. Fix it by tracking that we're entering WFI, and key the doorbell request on that flag. This allows us not to make the vPE resident when going through a preempt/schedule cycle, meaning we don't lose any state. Cc: stable(a)vger.kernel.org Fixes: 8e01d9a396e6 ("KVM: arm64: vgic-v4: Move the GICv4 residency flow to be driven by vcpu_load/put") Reported-by: Xiang Chen <chenxiang66(a)hisilicon.com> Suggested-by: Zenghui Yu <yuzenghui(a)huawei.com> Tested-by: Xiang Chen <chenxiang66(a)hisilicon.com> Co-developed-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> Signed-off-by: Marc Zyngier <maz(a)kernel.org> --- arch/arm64/include/asm/kvm_host.h | 2 ++ arch/arm64/kvm/arm.c | 6 ++++-- arch/arm64/kvm/vgic/vgic-v3.c | 2 +- arch/arm64/kvm/vgic/vgic-v4.c | 7 +++++-- include/kvm/arm_vgic.h | 2 +- 5 files changed, 13 insertions(+), 6 deletions(-) diff --git a/arch/arm64/include/asm/kvm_host.h b/arch/arm64/include/asm/kvm_host.h index 1e768481f62f..914fc9c26e40 100644 --- a/arch/arm64/include/asm/kvm_host.h +++ b/arch/arm64/include/asm/kvm_host.h @@ -817,6 +817,8 @@ struct kvm_vcpu_arch { #define DBG_SS_ACTIVE_PENDING __vcpu_single_flag(sflags, BIT(5)) /* PMUSERENR for the guest EL0 is on physical CPU */ #define PMUSERENR_ON_CPU __vcpu_single_flag(sflags, BIT(6)) +/* WFI instruction trapped */ +#define IN_WFI __vcpu_single_flag(sflags, BIT(7)) /* vcpu entered with HCR_EL2.E2H set */ #define VCPU_HCR_E2H __vcpu_single_flag(oflags, BIT(0)) diff --git a/arch/arm64/kvm/arm.c b/arch/arm64/kvm/arm.c index 236c5f1c9090..cf208d30a9ea 100644 --- a/arch/arm64/kvm/arm.c +++ b/arch/arm64/kvm/arm.c @@ -725,13 +725,15 @@ void kvm_vcpu_wfi(struct kvm_vcpu *vcpu) */ preempt_disable(); kvm_vgic_vmcr_sync(vcpu); - vgic_v4_put(vcpu, true); + vcpu_set_flag(vcpu, IN_WFI); + vgic_v4_put(vcpu); preempt_enable(); kvm_vcpu_halt(vcpu); vcpu_clear_flag(vcpu, IN_WFIT); preempt_disable(); + vcpu_clear_flag(vcpu, IN_WFI); vgic_v4_load(vcpu); preempt_enable(); } @@ -799,7 +801,7 @@ static int check_vcpu_requests(struct kvm_vcpu *vcpu) if (kvm_check_request(KVM_REQ_RELOAD_GICv4, vcpu)) { /* The distributor enable bits were changed */ preempt_disable(); - vgic_v4_put(vcpu, false); + vgic_v4_put(vcpu); vgic_v4_load(vcpu); preempt_enable(); } diff --git a/arch/arm64/kvm/vgic/vgic-v3.c b/arch/arm64/kvm/vgic/vgic-v3.c index 49d35618d576..df61ead7c757 100644 --- a/arch/arm64/kvm/vgic/vgic-v3.c +++ b/arch/arm64/kvm/vgic/vgic-v3.c @@ -780,7 +780,7 @@ void vgic_v3_put(struct kvm_vcpu *vcpu) * done a vgic_v4_put) and when running a nested guest (the * vPE was never resident in order to generate a doorbell). */ - WARN_ON(vgic_v4_put(vcpu, false)); + WARN_ON(vgic_v4_put(vcpu)); vgic_v3_vmcr_sync(vcpu); diff --git a/arch/arm64/kvm/vgic/vgic-v4.c b/arch/arm64/kvm/vgic/vgic-v4.c index c1c28fe680ba..339a55194b2c 100644 --- a/arch/arm64/kvm/vgic/vgic-v4.c +++ b/arch/arm64/kvm/vgic/vgic-v4.c @@ -336,14 +336,14 @@ void vgic_v4_teardown(struct kvm *kvm) its_vm->vpes = NULL; } -int vgic_v4_put(struct kvm_vcpu *vcpu, bool need_db) +int vgic_v4_put(struct kvm_vcpu *vcpu) { struct its_vpe *vpe = &vcpu->arch.vgic_cpu.vgic_v3.its_vpe; if (!vgic_supports_direct_msis(vcpu->kvm) || !vpe->resident) return 0; - return its_make_vpe_non_resident(vpe, need_db); + return its_make_vpe_non_resident(vpe, !!vcpu_get_flag(vcpu, IN_WFI)); } int vgic_v4_load(struct kvm_vcpu *vcpu) @@ -354,6 +354,9 @@ int vgic_v4_load(struct kvm_vcpu *vcpu) if (!vgic_supports_direct_msis(vcpu->kvm) || vpe->resident) return 0; + if (vcpu_get_flag(vcpu, IN_WFI)) + return 0; + /* * Before making the VPE resident, make sure the redistributor * corresponding to our current CPU expects us here. See the diff --git a/include/kvm/arm_vgic.h b/include/kvm/arm_vgic.h index 9b91a8135dac..765d801d1ddc 100644 --- a/include/kvm/arm_vgic.h +++ b/include/kvm/arm_vgic.h @@ -446,7 +446,7 @@ int kvm_vgic_v4_unset_forwarding(struct kvm *kvm, int irq, int vgic_v4_load(struct kvm_vcpu *vcpu); void vgic_v4_commit(struct kvm_vcpu *vcpu); -int vgic_v4_put(struct kvm_vcpu *vcpu, bool need_db); +int vgic_v4_put(struct kvm_vcpu *vcpu); bool vgic_state_is_nested(struct kvm_vcpu *vcpu); -- 2.34.1

2 years, 5 months

3
2
0 0

[PATCH v2] Revert "usb: dwc3: core: Enable AutoRetry feature in the controller"

by Jakub Vanek

This reverts commit b138e23d3dff90c0494925b4c1874227b81bddf7. AutoRetry has been found to cause some issues. This feature allows the controller in host mode (further referred to as the xHC) to send non-terminating/burst retry ACKs (Retry=1 and Nump!=0) instead of terminating retry ACKs (Retry=1 and Nump=0) to devices when a transaction error occurs. Unfortunately, some USB devices fail to retry transactions when the xHC sends them a burst retry ACK. When this happens, the xHC enters a strange state. After the affected transfer times out, the xHCI driver tries to resume normal operation of the xHC by sending it a Stop Endpoint command. However, the xHC fails to respond to it, and the xHCI driver gives up. [1] This fact is reported via dmesg: [sda] tag#29 uas_eh_abort_handler 0 uas-tag 1 inflight: CMD IN [sda] tag#29 CDB: opcode=0x28 28 00 00 69 42 80 00 00 48 00 xhci-hcd: xHCI host not responding to stop endpoint command xhci-hcd: xHCI host controller not responding, assume dead xhci-hcd: HC died; cleaning up Some users observed this problem on an Odroid HC2 with the JMS578 USB3-to-SATA bridge. The issue can be triggered by starting a read-heavy workload on an attached SSD. After a while, the host controller would die and the SSD would disappear from the system. [1] Further analysis by Synopsys determined that controller revisions other than the one in Odroid HC2 are also affected by this. The recommended solution was to disable AutoRetry altogether. This change does not have a noticeable performance impact. [2] Fixes: b138e23d3dff ("usb: dwc3: core: Enable AutoRetry feature in the controller") Link: https://lore.kernel.org/r/a21f34c04632d250cd0a78c7c6f4a1c9c7a43142.camel@gm… [1] Link: https://lore.kernel.org/r/20230711214834.kyr6ulync32d4ktk@synopsys.com/ [2] Cc: stable(a)vger.kernel.org Cc: Mauro Ribeiro <mauro.ribeiro(a)hardkernel.com> Cc: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Suggested-by: Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> Signed-off-by: Jakub Vanek <linuxtardis(a)gmail.com> --- V1 -> V2: Updated to disable AutoRetry everywhere based on Synopsys feedback Reworded the changelog a bit to make it clearer drivers/usb/dwc3/core.c | 16 ---------------- drivers/usb/dwc3/core.h | 3 --- 2 files changed, 19 deletions(-) diff --git a/drivers/usb/dwc3/core.c b/drivers/usb/dwc3/core.c index f6689b731718..a4e079d37566 100644 --- a/drivers/usb/dwc3/core.c +++ b/drivers/usb/dwc3/core.c @@ -1209,22 +1209,6 @@ static int dwc3_core_init(struct dwc3 *dwc) dwc3_writel(dwc->regs, DWC3_GUCTL1, reg); } - if (dwc->dr_mode == USB_DR_MODE_HOST || - dwc->dr_mode == USB_DR_MODE_OTG) { - reg = dwc3_readl(dwc->regs, DWC3_GUCTL); - - /* - * Enable Auto retry Feature to make the controller operating in - * Host mode on seeing transaction errors(CRC errors or internal - * overrun scenerios) on IN transfers to reply to the device - * with a non-terminating retry ACK (i.e, an ACK transcation - * packet with Retry=1 & Nump != 0) - */ - reg |= DWC3_GUCTL_HSTINAUTORETRY; - - dwc3_writel(dwc->regs, DWC3_GUCTL, reg); - } - /* * Must config both number of packets and max burst settings to enable * RX and/or TX threshold. diff --git a/drivers/usb/dwc3/core.h b/drivers/usb/dwc3/core.h index 8b1295e4dcdd..a69ac67d89fe 100644 --- a/drivers/usb/dwc3/core.h +++ b/drivers/usb/dwc3/core.h @@ -256,9 +256,6 @@ #define DWC3_GCTL_GBLHIBERNATIONEN BIT(1) #define DWC3_GCTL_DSBLCLKGTNG BIT(0) -/* Global User Control Register */ -#define DWC3_GUCTL_HSTINAUTORETRY BIT(14) - /* Global User Control 1 Register */ #define DWC3_GUCTL1_DEV_DECOUPLE_L1L2_EVT BIT(31) #define DWC3_GUCTL1_TX_IPGAP_LINECHECK_DIS BIT(28) -- 2.25.1

2 years, 5 months

3
4
0 0

[PATCH] hwmon: (aquacomputer_d5next) Fix incorrect PWM value readout

by Aleksa Savic

Commit 662d20b3a5af ("hwmon: (aquacomputer_d5next) Add support for temperature sensor offsets") changed aqc_get_ctrl_val() to return the value through a parameter instead of through the return value, but didn't fix up a case that relied on the old behavior. Fix it to use the proper received value and not the return code. Fixes: 662d20b3a5af ("hwmon: (aquacomputer_d5next) Add support for temperature sensor offsets") Cc: stable(a)vger.kernel.org Signed-off-by: Aleksa Savic <savicaleksa83(a)gmail.com> --- drivers/hwmon/aquacomputer_d5next.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/hwmon/aquacomputer_d5next.c b/drivers/hwmon/aquacomputer_d5next.c index a981f7086114..a997dbcb563f 100644 --- a/drivers/hwmon/aquacomputer_d5next.c +++ b/drivers/hwmon/aquacomputer_d5next.c @@ -1027,7 +1027,7 @@ static int aqc_read(struct device *dev, enum hwmon_sensor_types type, u32 attr, if (ret < 0) return ret; - *val = aqc_percent_to_pwm(ret); + *val = aqc_percent_to_pwm(*val); break; } break; -- 2.35.0

2 years, 5 months

1
0
0 0

[PATCH v4 04/11] PCI/ASPM: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that the device is fully under the control of ASPM and use RMW capability accessors which do proper locking to avoid losing concurrent updates to the register values. If configuration fails in pcie_aspm_configure_common_clock(), the function attempts to restore the old PCI_EXP_LNKCTL_CCC settings. Store only the old PCI_EXP_LNKCTL_CCC bit for the relevant devices rather than the content of the whole LNKCTL registers. It aligns better with how pcie_lnkctl_clear_and_set() expects its parameter and makes the code more obvious to understand. Fixes: 2a42d9dba784 ("PCIe: ASPM: Break out of endless loop waiting for PCI config bits to switch") Fixes: 7d715a6c1ae5 ("PCI: add PCI Express ASPM support") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/pci/pcie/aspm.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/drivers/pci/pcie/aspm.c b/drivers/pci/pcie/aspm.c index 3dafba0b5f41..207c247cba02 100644 --- a/drivers/pci/pcie/aspm.c +++ b/drivers/pci/pcie/aspm.c @@ -199,7 +199,7 @@ static void pcie_clkpm_cap_init(struct pcie_link_state *link, int blacklist) static void pcie_aspm_configure_common_clock(struct pcie_link_state *link) { int same_clock = 1; - u16 reg16, parent_reg, child_reg[8]; + u16 reg16, parent_old_ccc, child_old_ccc[8]; struct pci_dev *child, *parent = link->pdev; struct pci_bus *linkbus = parent->subordinate; /* @@ -221,6 +221,7 @@ static void pcie_aspm_configure_common_clock(struct pcie_link_state *link) /* Port might be already in common clock mode */ pcie_capability_read_word(parent, PCI_EXP_LNKCTL, &reg16); + parent_old_ccc = reg16 & PCI_EXP_LNKCTL_CCC; if (same_clock && (reg16 & PCI_EXP_LNKCTL_CCC)) { bool consistent = true; @@ -240,31 +241,27 @@ static void pcie_aspm_configure_common_clock(struct pcie_link_state *link) /* Configure downstream component, all functions */ list_for_each_entry(child, &linkbus->devices, bus_list) { pcie_capability_read_word(child, PCI_EXP_LNKCTL, &reg16); - child_reg[PCI_FUNC(child->devfn)] = reg16; - if (same_clock) - reg16 |= PCI_EXP_LNKCTL_CCC; - else - reg16 &= ~PCI_EXP_LNKCTL_CCC; - pcie_capability_write_word(child, PCI_EXP_LNKCTL, reg16); + child_old_ccc[PCI_FUNC(child->devfn)] = reg16 & PCI_EXP_LNKCTL_CCC; + pcie_capability_clear_and_set_word(child, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_CCC, + same_clock ? PCI_EXP_LNKCTL_CCC : 0); } /* Configure upstream component */ - pcie_capability_read_word(parent, PCI_EXP_LNKCTL, &reg16); - parent_reg = reg16; - if (same_clock) - reg16 |= PCI_EXP_LNKCTL_CCC; - else - reg16 &= ~PCI_EXP_LNKCTL_CCC; - pcie_capability_write_word(parent, PCI_EXP_LNKCTL, reg16); + pcie_capability_clear_and_set_word(parent, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_CCC, + same_clock ? PCI_EXP_LNKCTL_CCC : 0); if (pcie_retrain_link(link->pdev, true)) { /* Training failed. Restore common clock configurations */ pci_err(parent, "ASPM: Could not configure common clock\n"); list_for_each_entry(child, &linkbus->devices, bus_list) - pcie_capability_write_word(child, PCI_EXP_LNKCTL, - child_reg[PCI_FUNC(child->devfn)]); - pcie_capability_write_word(parent, PCI_EXP_LNKCTL, parent_reg); + pcie_capability_clear_and_set_word(child, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_CCC, + child_old_ccc[PCI_FUNC(child->devfn)]); + pcie_capability_clear_and_set_word(parent, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_CCC, parent_old_ccc); } } -- 2.30.2

2 years, 5 months

2
1
0 0

[PATCH v4 03/11] PCI: pciehp: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

As hotplug is not the only driver touching LNKCTL, use the RMW capability accessor which handles concurrent changes correctly. Fixes: 7f822999e12a ("PCI: pciehp: Add Disable/enable link functions") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/pci/hotplug/pciehp_hpc.c | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/drivers/pci/hotplug/pciehp_hpc.c b/drivers/pci/hotplug/pciehp_hpc.c index 8711325605f0..e9ec77d8d44a 100644 --- a/drivers/pci/hotplug/pciehp_hpc.c +++ b/drivers/pci/hotplug/pciehp_hpc.c @@ -332,17 +332,11 @@ int pciehp_check_link_status(struct controller *ctrl) static int __pciehp_link_set(struct controller *ctrl, bool enable) { struct pci_dev *pdev = ctrl_dev(ctrl); - u16 lnk_ctrl; - pcie_capability_read_word(pdev, PCI_EXP_LNKCTL, &lnk_ctrl); + pcie_capability_clear_and_set_word(pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_LD, + !enable ? PCI_EXP_LNKCTL_LD : 0); - if (enable) - lnk_ctrl &= ~PCI_EXP_LNKCTL_LD; - else - lnk_ctrl |= PCI_EXP_LNKCTL_LD; - - pcie_capability_write_word(pdev, PCI_EXP_LNKCTL, lnk_ctrl); - ctrl_dbg(ctrl, "%s: lnk_ctrl = %x\n", __func__, lnk_ctrl); return 0; } -- 2.30.2

2 years, 5 months

2
1
0 0

[PATCH 1/3] PM / wakeirq: fix wake irq arming

by Johan Hovold

The decision whether to enable a wake irq during suspend can not be done based on the runtime PM state directly as a driver may use wake irqs without implementing runtime PM. Such drivers specifically leave the state set to the default 'suspended' and the wake irq is thus never enabled at suspend. Add a new wake irq flag to track whether a dedicated wake irq has been enabled at runtime suspend and therefore must not be enabled at system suspend. Note that pm_runtime_enabled() can not be used as runtime PM is always disabled during late suspend. Fixes: 69728051f5bf ("PM / wakeirq: Fix unbalanced IRQ enable for wakeirq") Cc: stable(a)vger.kernel.org # 4.16 Cc: Tony Lindgren <tony(a)atomide.com> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/base/power/power.h | 1 + drivers/base/power/wakeirq.c | 12 ++++++++---- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/drivers/base/power/power.h b/drivers/base/power/power.h index 0eb7f02b3ad5..922ed457db19 100644 --- a/drivers/base/power/power.h +++ b/drivers/base/power/power.h @@ -29,6 +29,7 @@ extern u64 pm_runtime_active_time(struct device *dev); #define WAKE_IRQ_DEDICATED_MASK (WAKE_IRQ_DEDICATED_ALLOCATED | \ WAKE_IRQ_DEDICATED_MANAGED | \ WAKE_IRQ_DEDICATED_REVERSE) +#define WAKE_IRQ_DEDICATED_ENABLED BIT(3) struct wake_irq { struct device *dev; diff --git a/drivers/base/power/wakeirq.c b/drivers/base/power/wakeirq.c index d487a6bac630..afd094dec5ca 100644 --- a/drivers/base/power/wakeirq.c +++ b/drivers/base/power/wakeirq.c @@ -314,8 +314,10 @@ void dev_pm_enable_wake_irq_check(struct device *dev, return; enable: - if (!can_change_status || !(wirq->status & WAKE_IRQ_DEDICATED_REVERSE)) + if (!can_change_status || !(wirq->status & WAKE_IRQ_DEDICATED_REVERSE)) { enable_irq(wirq->irq); + wirq->status |= WAKE_IRQ_DEDICATED_ENABLED; + } } /** @@ -336,8 +338,10 @@ void dev_pm_disable_wake_irq_check(struct device *dev, bool cond_disable) if (cond_disable && (wirq->status & WAKE_IRQ_DEDICATED_REVERSE)) return; - if (wirq->status & WAKE_IRQ_DEDICATED_MANAGED) + if (wirq->status & WAKE_IRQ_DEDICATED_MANAGED) { + wirq->status &= ~WAKE_IRQ_DEDICATED_ENABLED; disable_irq_nosync(wirq->irq); + } } /** @@ -376,7 +380,7 @@ void dev_pm_arm_wake_irq(struct wake_irq *wirq) if (device_may_wakeup(wirq->dev)) { if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED && - !pm_runtime_status_suspended(wirq->dev)) + !(wirq->status & WAKE_IRQ_DEDICATED_ENABLED)) enable_irq(wirq->irq); enable_irq_wake(wirq->irq); @@ -399,7 +403,7 @@ void dev_pm_disarm_wake_irq(struct wake_irq *wirq) disable_irq_wake(wirq->irq); if (wirq->status & WAKE_IRQ_DEDICATED_ALLOCATED && - !pm_runtime_status_suspended(wirq->dev)) + !(wirq->status & WAKE_IRQ_DEDICATED_ENABLED)) disable_irq_nosync(wirq->irq); } } -- 2.41.0

2 years, 5 months

2
1
0 0

[PATCH 3/3] serial: qcom-geni: drop bogus runtime pm state update

by Johan Hovold

The runtime PM state should not be changed by drivers that do not implement runtime PM even if it happens to work around a bug in PM core. With the wake irq arming now fixed, drop the bogus runtime PM state update which left the device in active state (and could potentially prevent a parent device from suspending). Fixes: f3974413cf02 ("tty: serial: qcom_geni_serial: Wakeup IRQ cleanup") Cc: stable(a)vger.kernel.org # 5.6 Cc: Matthias Kaehlcke <mka(a)chromium.org> Cc: Stephen Boyd <swboyd(a)chromium.org> Signed-off-by: Johan Hovold <johan+linaro(a)kernel.org> --- drivers/tty/serial/qcom_geni_serial.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/drivers/tty/serial/qcom_geni_serial.c b/drivers/tty/serial/qcom_geni_serial.c index 88ed5bbe25a8..b825b05e6137 100644 --- a/drivers/tty/serial/qcom_geni_serial.c +++ b/drivers/tty/serial/qcom_geni_serial.c @@ -1681,13 +1681,6 @@ static int qcom_geni_serial_probe(struct platform_device *pdev) if (ret) return ret; - /* - * Set pm_runtime status as ACTIVE so that wakeup_irq gets - * enabled/disabled from dev_pm_arm_wake_irq during system - * suspend/resume respectively. - */ - pm_runtime_set_active(&pdev->dev); - if (port->wakeup_irq > 0) { device_init_wakeup(&pdev->dev, true); ret = dev_pm_set_dedicated_wake_irq(&pdev->dev, -- 2.41.0

2 years, 5 months

2
1
0 0

[PATCH 1/2] KVM: Avoid illegal stage2 mapping on invalid memory slot

by tien.sung.ang＠intel.com

From: Gavin Shan <gshan(a)redhat.com> We run into guest hang in edk2 firmware when KSM is kept as running on the host. The edk2 firmware is waiting for status 0x80 from QEMU's pflash device (TYPE_PFLASH_CFI01) during the operation of sector erasing or buffered write. The status is returned by reading the memory region of the pflash device and the read request should have been forwarded to QEMU and emulated by it. Unfortunately, the read request is covered by an illegal stage2 mapping when the guest hang issue occurs. The read request is completed with QEMU bypassed and wrong status is fetched. The edk2 firmware runs into an infinite loop with the wrong status. The illegal stage2 mapping is populated due to same page sharing by KSM at (C) even the associated memory slot has been marked as invalid at (B) when the memory slot is requested to be deleted. It's notable that the active and inactive memory slots can't be swapped when we're in the middle of kvm_mmu_notifier_change_pte() because kvm->mn_active_invalidate_count is elevated, and kvm_swap_active_memslots() will busy loop until it reaches to zero again. Besides, the swapping from the active to the inactive memory slots is also avoided by holding &kvm->srcu in __kvm_handle_hva_range(), corresponding to synchronize_srcu_expedited() in kvm_swap_active_memslots(). CPU-A CPU-B ----- ----- ioctl(kvm_fd, KVM_SET_USER_MEMORY_REGION) kvm_vm_ioctl_set_memory_region kvm_set_memory_region __kvm_set_memory_region kvm_set_memslot(kvm, old, NULL, KVM_MR_DELETE) kvm_invalidate_memslot kvm_copy_memslot kvm_replace_memslot kvm_swap_active_memslots (A) kvm_arch_flush_shadow_memslot (B) same page sharing by KSM kvm_mmu_notifier_invalidate_range_start : kvm_mmu_notifier_change_pte kvm_handle_hva_range __kvm_handle_hva_range kvm_set_spte_gfn (C) : kvm_mmu_notifier_invalidate_range_end Fix the issue by skipping the invalid memory slot at (C) to avoid the illegal stage2 mapping so that the read request for the pflash's status is forwarded to QEMU and emulated by it. In this way, the correct pflash's status can be returned from QEMU to break the infinite loop in the edk2 firmware. We tried a git-bisect and the first problematic commit is cd4c71835228 (" KVM: arm64: Convert to the gfn-based MMU notifier callbacks"). With this, clean_dcache_guest_page() is called after the memory slots are iterated in kvm_mmu_notifier_change_pte(). clean_dcache_guest_page() is called before the iteration on the memory slots before this commit. This change literally enlarges the racy window between kvm_mmu_notifier_change_pte() and memory slot removal so that we're able to reproduce the issue in a practical test case. However, the issue exists since commit d5d8184d35c9 ("KVM: ARM: Memory virtualization setup"). Cc: stable(a)vger.kernel.org # v3.9+ Fixes: d5d8184d35c9 ("KVM: ARM: Memory virtualization setup") Reported-by: Shuai Hu <hshuai(a)redhat.com> Reported-by: Zhenyu Zhang <zhenyzha(a)redhat.com> Signed-off-by: Gavin Shan <gshan(a)redhat.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Oliver Upton <oliver.upton(a)linux.dev> Reviewed-by: Peter Xu <peterx(a)redhat.com> Reviewed-by: Sean Christopherson <seanjc(a)google.com> Reviewed-by: Shaoqin Huang <shahuang(a)redhat.com> Message-Id: <20230615054259.14911-1-gshan(a)redhat.com> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> --- virt/kvm/kvm_main.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 479802a892d4..65f94f592ff8 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -686,6 +686,24 @@ static __always_inline int kvm_handle_hva_range_no_flush(struct mmu_notifier *mn return __kvm_handle_hva_range(kvm, &range); } + +static bool kvm_change_spte_gfn(struct kvm *kvm, struct kvm_gfn_range *range) +{ + /* + * Skipping invalid memslots is correct if and only change_pte() is + * surrounded by invalidate_range_{start,end}(), which is currently + * guaranteed by the primary MMU. If that ever changes, KVM needs to + * unmap the memslot instead of skipping the memslot to ensure that KVM + * doesn't hold references to the old PFN. + */ + WARN_ON_ONCE(!READ_ONCE(kvm->mn_active_invalidate_count)); + + if (range->slot->flags & KVM_MEMSLOT_INVALID) + return false; + + return kvm_set_spte_gfn(kvm, range); +} + static void kvm_mmu_notifier_change_pte(struct mmu_notifier *mn, struct mm_struct *mm, unsigned long address, @@ -707,7 +725,7 @@ static void kvm_mmu_notifier_change_pte(struct mmu_notifier *mn, if (!READ_ONCE(kvm->mmu_invalidate_in_progress)) return; - kvm_handle_hva_range(mn, address, address + 1, pte, kvm_set_spte_gfn); + kvm_handle_hva_range(mn, address, address + 1, pte, kvm_change_spte_gfn); } void kvm_mmu_invalidate_begin(struct kvm *kvm, unsigned long start, -- 2.25.1

2 years, 5 months

2
1
0 0

[PATCH 1/2] KVM: Avoid illegal stage2 mapping on invalid memory slot

by tien.sung.ang＠intel.com

From: Gavin Shan <gshan(a)redhat.com> We run into guest hang in edk2 firmware when KSM is kept as running on the host. The edk2 firmware is waiting for status 0x80 from QEMU's pflash device (TYPE_PFLASH_CFI01) during the operation of sector erasing or buffered write. The status is returned by reading the memory region of the pflash device and the read request should have been forwarded to QEMU and emulated by it. Unfortunately, the read request is covered by an illegal stage2 mapping when the guest hang issue occurs. The read request is completed with QEMU bypassed and wrong status is fetched. The edk2 firmware runs into an infinite loop with the wrong status. The illegal stage2 mapping is populated due to same page sharing by KSM at (C) even the associated memory slot has been marked as invalid at (B) when the memory slot is requested to be deleted. It's notable that the active and inactive memory slots can't be swapped when we're in the middle of kvm_mmu_notifier_change_pte() because kvm->mn_active_invalidate_count is elevated, and kvm_swap_active_memslots() will busy loop until it reaches to zero again. Besides, the swapping from the active to the inactive memory slots is also avoided by holding &kvm->srcu in __kvm_handle_hva_range(), corresponding to synchronize_srcu_expedited() in kvm_swap_active_memslots(). CPU-A CPU-B ----- ----- ioctl(kvm_fd, KVM_SET_USER_MEMORY_REGION) kvm_vm_ioctl_set_memory_region kvm_set_memory_region __kvm_set_memory_region kvm_set_memslot(kvm, old, NULL, KVM_MR_DELETE) kvm_invalidate_memslot kvm_copy_memslot kvm_replace_memslot kvm_swap_active_memslots (A) kvm_arch_flush_shadow_memslot (B) same page sharing by KSM kvm_mmu_notifier_invalidate_range_start : kvm_mmu_notifier_change_pte kvm_handle_hva_range __kvm_handle_hva_range kvm_set_spte_gfn (C) : kvm_mmu_notifier_invalidate_range_end Fix the issue by skipping the invalid memory slot at (C) to avoid the illegal stage2 mapping so that the read request for the pflash's status is forwarded to QEMU and emulated by it. In this way, the correct pflash's status can be returned from QEMU to break the infinite loop in the edk2 firmware. We tried a git-bisect and the first problematic commit is cd4c71835228 (" KVM: arm64: Convert to the gfn-based MMU notifier callbacks"). With this, clean_dcache_guest_page() is called after the memory slots are iterated in kvm_mmu_notifier_change_pte(). clean_dcache_guest_page() is called before the iteration on the memory slots before this commit. This change literally enlarges the racy window between kvm_mmu_notifier_change_pte() and memory slot removal so that we're able to reproduce the issue in a practical test case. However, the issue exists since commit d5d8184d35c9 ("KVM: ARM: Memory virtualization setup"). Cc: stable(a)vger.kernel.org # v3.9+ Fixes: d5d8184d35c9 ("KVM: ARM: Memory virtualization setup") Reported-by: Shuai Hu <hshuai(a)redhat.com> Reported-by: Zhenyu Zhang <zhenyzha(a)redhat.com> Signed-off-by: Gavin Shan <gshan(a)redhat.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Oliver Upton <oliver.upton(a)linux.dev> Reviewed-by: Peter Xu <peterx(a)redhat.com> Reviewed-by: Sean Christopherson <seanjc(a)google.com> Reviewed-by: Shaoqin Huang <shahuang(a)redhat.com> Message-Id: <20230615054259.14911-1-gshan(a)redhat.com> Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> --- virt/kvm/kvm_main.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 479802a892d4..65f94f592ff8 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -686,6 +686,24 @@ static __always_inline int kvm_handle_hva_range_no_flush(struct mmu_notifier *mn return __kvm_handle_hva_range(kvm, &range); } + +static bool kvm_change_spte_gfn(struct kvm *kvm, struct kvm_gfn_range *range) +{ + /* + * Skipping invalid memslots is correct if and only change_pte() is + * surrounded by invalidate_range_{start,end}(), which is currently + * guaranteed by the primary MMU. If that ever changes, KVM needs to + * unmap the memslot instead of skipping the memslot to ensure that KVM + * doesn't hold references to the old PFN. + */ + WARN_ON_ONCE(!READ_ONCE(kvm->mn_active_invalidate_count)); + + if (range->slot->flags & KVM_MEMSLOT_INVALID) + return false; + + return kvm_set_spte_gfn(kvm, range); +} + static void kvm_mmu_notifier_change_pte(struct mmu_notifier *mn, struct mm_struct *mm, unsigned long address, @@ -707,7 +725,7 @@ static void kvm_mmu_notifier_change_pte(struct mmu_notifier *mn, if (!READ_ONCE(kvm->mmu_invalidate_in_progress)) return; - kvm_handle_hva_range(mn, address, address + 1, pte, kvm_set_spte_gfn); + kvm_handle_hva_range(mn, address, address + 1, pte, kvm_change_spte_gfn); } void kvm_mmu_invalidate_begin(struct kvm *kvm, unsigned long start, -- 2.25.1

2 years, 5 months

2
1
0 0

[RFC PATCH 2/3] memfd: remove racheting feature from vm.memfd_noexec

by Aleksa Sarai

This sysctl has the very unusal behaviour of not allowing any user (even CAP_SYS_ADMIN) to reduce the restriction setting, meaning that if you were to set this sysctl to a more restrictive option in the host pidns you would need to reboot your machine in order to reset it. The justification given in [1] is that this is a security feature and thus it should not be possible to disable. Aside from the fact that we have plenty of security-related sysctls that can be disabled after being enabled (fs.protected_symlinks for instance), the protection provided by the sysctl is to stop users from being able to create a binary and then execute it. A user with CAP_SYS_ADMIN can trivially do this without memfd_create(2): % cat mount-memfd.c #include <fcntl.h> #include <string.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <linux/mount.h> #define SHELLCODE "#!/bin/echo this file was executed from this totally private tmpfs:" int main(void) { int fsfd = fsopen("tmpfs", FSOPEN_CLOEXEC); assert(fsfd >= 0); assert(!fsconfig(fsfd, FSCONFIG_CMD_CREATE, NULL, NULL, 2)); int dfd = fsmount(fsfd, FSMOUNT_CLOEXEC, 0); assert(dfd >= 0); int execfd = openat(dfd, "exe", O_CREAT | O_RDWR | O_CLOEXEC, 0782); assert(execfd >= 0); assert(write(execfd, SHELLCODE, strlen(SHELLCODE)) == strlen(SHELLCODE)); assert(!close(execfd)); char *execpath = NULL; char *argv[] = { "bad-exe", NULL }, *envp[] = { NULL }; execfd = openat(dfd, "exe", O_PATH | O_CLOEXEC); assert(execfd >= 0); assert(asprintf(&execpath, "/proc/self/fd/%d", execfd) > 0); assert(!execve(execpath, argv, envp)); } % ./mount-memfd this file was executed from this totally private tmpfs: /proc/self/fd/5 % Given that it is possible for CAP_SYS_ADMIN users to create executable binaries without memfd_create(2) and without touching the host filesystem (not to mention the many other things a CAP_SYS_ADMIN process would be able to do that would be equivalent or worse), it seems strange to cause a fair amount of headache to admins when there doesn't appear to be an actual security benefit to blocking this. It should be noted that with this change, programs that can do an unprivileged unshare(CLONE_NEWUSER) would be able to create an executable memfd even if their current pidns didn't allow it. However, the same sample program above can also be used in this scenario, meaning that even with this consideration, blocking CAP_SYS_ADMIN makes little sense: % unshare -rm ./mount-memfd this file was executed from this totally private tmpfs: /proc/self/fd/5 This simply further reinforces that locked-down environments need to disallow CLONE_NEWUSER for unprivileged users (as is already the case in most container environments). [1]: https://lore.kernel.org/all/CABi2SkWnAgHK1i6iqSqPMYuNEhtHBkO8jUuCvmG3RmUB5T… Cc: Dominique Martinet <asmadeus(a)codewreck.org> Cc: Christian Brauner <brauner(a)kernel.org> Cc: stable(a)vger.kernel.org # v6.3+ Fixes: 105ff5339f49 ("mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC") Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- kernel/pid_sysctl.h | 7 ------- 1 file changed, 7 deletions(-) diff --git a/kernel/pid_sysctl.h b/kernel/pid_sysctl.h index b26e027fc9cd..8a22bc29ebb4 100644 --- a/kernel/pid_sysctl.h +++ b/kernel/pid_sysctl.h @@ -24,13 +24,6 @@ static int pid_mfd_noexec_dointvec_minmax(struct ctl_table *table, if (ns != &init_pid_ns) table_copy.data = &ns->memfd_noexec_scope; - /* - * set minimum to current value, the effect is only bigger - * value is accepted. - */ - if (*(int *)table_copy.data > *(int *)table_copy.extra1) - table_copy.extra1 = table_copy.data; - return proc_dointvec_minmax(&table_copy, write, buf, lenp, ppos); } -- 2.41.0

2 years, 5 months

1
1
0 0

[to-be-updated] hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: hugetlb: optimize update_and_free_pages_bulk to avoid lock cycles has been removed from the -mm tree. Its filename was hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles.patch This patch was dropped because an updated version will be merged ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlb: optimize update_and_free_pages_bulk to avoid lock cycles Date: Tue, 11 Jul 2023 15:09:42 -0700 update_and_free_pages_bulk is designed to free a list of hugetlb pages back to their associated lower level allocators. This may require allocating vmemmap pages associated with each hugetlb page. The hugetlb page destructor must be changed before pages are freed to lower level allocators. However, the destructor must be changed under the hugetlb lock. This means there is potentially one lock cycle per page. Minimize the number of lock cycles in update_and_free_pages_bulk by: 1) allocating necessary vmemmap for all hugetlb pages on the list 2) take hugetlb lock and clear destructor for all pages on the list 3) free all pages on list back to low level allocators Link: https://lkml.kernel.org/r/20230711220942.43706-3-mike.kravetz@oracle.com Fixes: ad2fa3717b74 ("mm: hugetlb: alloc the vmemmap pages associated with each HugeTLB page") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Axel Rasmussen <axelrasmussen(a)google.com> Cc: James Houghton <jthoughton(a)google.com> Cc: Jiaqi Yan <jiaqiyan(a)google.com> Cc: Miaohe Lin <linmiaohe(a)huawei.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Muchun Song <songmuchun(a)bytedance.com> Cc: Naoya Horiguchi <naoya.horiguchi(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) --- a/mm/hugetlb.c~hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles +++ a/mm/hugetlb.c @@ -1855,11 +1855,44 @@ static void update_and_free_pages_bulk(s { struct page *page, *t_page; struct folio *folio; + bool clear_dtor = false; + /* + * First allocate required vmemmmap for all pages on list. If vmemmap + * can not be allocated, we can not free page to lower level allocator, + * so add back as hugetlb surplus page. + */ + list_for_each_entry_safe(page, t_page, list, lru) { + if (HPageVmemmapOptimized(page)) { + clear_dtor = true; + if (hugetlb_vmemmap_restore(h, page)) { + spin_lock_irq(&hugetlb_lock); + add_hugetlb_folio(h, folio, true); + spin_unlock_irq(&hugetlb_lock); + } + cond_resched(); + } + } + + /* + * If vmemmmap allocation performed above, then take lock * to clear + * destructor of all pages on list. + */ + if (clear_dtor) { + spin_lock_irq(&hugetlb_lock); + list_for_each_entry(page, list, lru) + __clear_hugetlb_destructor(h, page_folio(page)); + spin_unlock_irq(&hugetlb_lock); + } + + /* + * Free pages back to low level allocators. vmemmap and destructors + * were taken care of above, so update_and_free_hugetlb_folio will + * not need to take hugetlb lock. + */ list_for_each_entry_safe(page, t_page, list, lru) { folio = page_folio(page); update_and_free_hugetlb_folio(h, folio, false); - cond_resched(); } } _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlb-do-not-clear-hugetlb-dtor-until-allocating-vmemmap.patch

2 years, 5 months

1
0
0 0

[PATCH] staging: 7811: Fix memory leak in _r8712_init_xmit_priv

by Larry Finger

In the above mentioned routine, memory is allocated in several places. If the first succeeds and a later one fails, the routine will leak memory. Fixes commit 2865d42c78a9 ("staging: r8712u: Add the new driver to the mainline kernel"). Fixes: 2865d42c78a9 ("staging: r8712u: Add the new driver to the mainline kernel") Reported-by: syzbot+cf71097ffb6755df8251(a)syzkaller.appspotmail.com Cc: stable(a)vger.kernel.org Signed-off-by: Larry Finger <Larry.Finger(a)lwfinger.net> --- drivers/staging/rtl8712/rtl871x_xmit.c | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/drivers/staging/rtl8712/rtl871x_xmit.c b/drivers/staging/rtl8712/rtl871x_xmit.c index 090345bad223..16b815588b97 100644 --- a/drivers/staging/rtl8712/rtl871x_xmit.c +++ b/drivers/staging/rtl8712/rtl871x_xmit.c @@ -117,11 +117,8 @@ int _r8712_init_xmit_priv(struct xmit_priv *pxmitpriv, _init_queue(&pxmitpriv->pending_xmitbuf_queue); pxmitpriv->pallocated_xmitbuf = kmalloc(NR_XMITBUFF * sizeof(struct xmit_buf) + 4, GFP_ATOMIC); - if (!pxmitpriv->pallocated_xmitbuf) { - kfree(pxmitpriv->pallocated_frame_buf); - pxmitpriv->pallocated_frame_buf = NULL; - return -ENOMEM; - } + if (!pxmitpriv->pallocated_xmitbuf) + goto clean_up_frame_buf; pxmitpriv->pxmitbuf = pxmitpriv->pallocated_xmitbuf + 4 - ((addr_t)(pxmitpriv->pallocated_xmitbuf) & 3); pxmitbuf = (struct xmit_buf *)pxmitpriv->pxmitbuf; @@ -130,12 +127,12 @@ int _r8712_init_xmit_priv(struct xmit_priv *pxmitpriv, pxmitbuf->pallocated_buf = kmalloc(MAX_XMITBUF_SZ + XMITBUF_ALIGN_SZ, GFP_ATOMIC); if (!pxmitbuf->pallocated_buf) - return -ENOMEM; + goto clean_up_xmit_buf; pxmitbuf->pbuf = pxmitbuf->pallocated_buf + XMITBUF_ALIGN_SZ - ((addr_t) (pxmitbuf->pallocated_buf) & (XMITBUF_ALIGN_SZ - 1)); if (r8712_xmit_resource_alloc(padapter, pxmitbuf)) - return -ENOMEM; + goto clean_up_xmit_buf; list_add_tail(&pxmitbuf->list, &(pxmitpriv->free_xmitbuf_queue.queue)); pxmitbuf++; @@ -146,6 +143,14 @@ int _r8712_init_xmit_priv(struct xmit_priv *pxmitpriv, init_hwxmits(pxmitpriv->hwxmits, pxmitpriv->hwxmit_entry); tasklet_setup(&pxmitpriv->xmit_tasklet, r8712_xmit_bh); return 0; + +clean_up_xmit_buf: + kfree(pxmitbuf->pallocated_xmitbuf); + pxmitbuf->pallocated_buf = NULL; +clean_up_frame_buf: + kfree(pxmitpriv->pallocated_frame_buf); + pxmitpriv->pallocated_frame_buf = NULL; + return -ENOMEM; } void _free_xmit_priv(struct xmit_priv *pxmitpriv) -- 2.41.0

2 years, 5 months

3
3
0 0

+ hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: hugetlb: optimize update_and_free_pages_bulk to avoid lock cycles has been added to the -mm mm-hotfixes-unstable branch. Its filename is hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlb: optimize update_and_free_pages_bulk to avoid lock cycles Date: Tue, 11 Jul 2023 15:09:42 -0700 update_and_free_pages_bulk is designed to free a list of hugetlb pages back to their associated lower level allocators. This may require allocating vmemmap pages associated with each hugetlb page. The hugetlb page destructor must be changed before pages are freed to lower level allocators. However, the destructor must be changed under the hugetlb lock. This means there is potentially one lock cycle per page. Minimize the number of lock cycles in update_and_free_pages_bulk by: 1) allocating necessary vmemmap for all hugetlb pages on the list 2) take hugetlb lock and clear destructor for all pages on the list 3) free all pages on list back to low level allocators Link: https://lkml.kernel.org/r/20230711220942.43706-3-mike.kravetz@oracle.com Fixes: ad2fa3717b74 ("mm: hugetlb: alloc the vmemmap pages associated with each HugeTLB page") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Axel Rasmussen <axelrasmussen(a)google.com> Cc: James Houghton <jthoughton(a)google.com> Cc: Jiaqi Yan <jiaqiyan(a)google.com> Cc: Miaohe Lin <linmiaohe(a)huawei.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Muchun Song <songmuchun(a)bytedance.com> Cc: Naoya Horiguchi <naoya.horiguchi(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) --- a/mm/hugetlb.c~hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles +++ a/mm/hugetlb.c @@ -1855,11 +1855,44 @@ static void update_and_free_pages_bulk(s { struct page *page, *t_page; struct folio *folio; + bool clear_dtor = false; + /* + * First allocate required vmemmmap for all pages on list. If vmemmap + * can not be allocated, we can not free page to lower level allocator, + * so add back as hugetlb surplus page. + */ + list_for_each_entry_safe(page, t_page, list, lru) { + if (HPageVmemmapOptimized(page)) { + clear_dtor = true; + if (hugetlb_vmemmap_restore(h, page)) { + spin_lock_irq(&hugetlb_lock); + add_hugetlb_folio(h, folio, true); + spin_unlock_irq(&hugetlb_lock); + } + cond_resched(); + } + } + + /* + * If vmemmmap allocation performed above, then take lock * to clear + * destructor of all pages on list. + */ + if (clear_dtor) { + spin_lock_irq(&hugetlb_lock); + list_for_each_entry(page, list, lru) + __clear_hugetlb_destructor(h, page_folio(page)); + spin_unlock_irq(&hugetlb_lock); + } + + /* + * Free pages back to low level allocators. vmemmap and destructors + * were taken care of above, so update_and_free_hugetlb_folio will + * not need to take hugetlb lock. + */ list_for_each_entry_safe(page, t_page, list, lru) { folio = page_folio(page); update_and_free_hugetlb_folio(h, folio, false); - cond_resched(); } } _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlb-do-not-clear-hugetlb-dtor-until-allocating-vmemmap.patch hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles.patch

2 years, 5 months

2
1
0 0

+ hugetlb-do-not-clear-hugetlb-dtor-until-allocating-vmemmap.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: hugetlb: do not clear hugetlb dtor until allocating vmemmap has been added to the -mm mm-hotfixes-unstable branch. Its filename is hugetlb-do-not-clear-hugetlb-dtor-until-allocating-vmemmap.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlb: do not clear hugetlb dtor until allocating vmemmap Date: Tue, 11 Jul 2023 15:09:41 -0700 Patch series "Fix hugetlb free path race with memory errors". In the discussion of Jiaqi Yan's series "Improve hugetlbfs read on HWPOISON hugepages" the race window was discovered. https://lore.kernel.org/linux-mm/20230616233447.GB7371@monkey/ Freeing a hugetlb page back to low level memory allocators is performed in two steps. 1) Under hugetlb lock, remove page from hugetlb lists and clear destructor 2) Outside lock, allocate vmemmap if necessary and call low level free Between these two steps, the hugetlb page will appear as a normal compound page. However, vmemmap for tail pages could be missing. If a memory error occurs at this time, we could try to update page flags non-existant page structs. A much more detailed description is in the first patch. The first patch addresses the race window. However, it adds a hugetlb_lock lock/unlock cycle to every vmemmap optimized hugetlb page free operation. This could lead to slowdowns if one is freeing a large number of hugetlb pages. The second path optimizes the update_and_free_pages_bulk routine to only take the lock once in bulk operations. The second patch is technically not a bug fix, but includes a Fixes tag and Cc stable to avoid a performance regression. It can be combined with the first, but was done separately make reviewing easier. This patch (of 2): Freeing a hugetlb page and releasing base pages back to the underlying allocator such as buddy or cma is performed in two steps: - remove_hugetlb_folio() is called to remove the folio from hugetlb lists, get a ref on the page and remove hugetlb destructor. This all must be done under the hugetlb lock. After this call, the page can be treated as a normal compound page or a collection of base size pages. - update_and_free_hugetlb_folio() is called to allocate vmemmap if needed and the free routine of the underlying allocator is called on the resulting page. We can not hold the hugetlb lock here. One issue with this scheme is that a memory error could occur between these two steps. In this case, the memory error handling code treats the old hugetlb page as a normal compound page or collection of base pages. It will then try to SetPageHWPoison(page) on the page with an error. If the page with error is a tail page without vmemmap, a write error will occur when trying to set the flag. Address this issue by modifying remove_hugetlb_folio() and update_and_free_hugetlb_folio() such that the hugetlb destructor is not cleared until after allocating vmemmap. Since clearing the destructor requires holding the hugetlb lock, the clearing is done in remove_hugetlb_folio() if the vmemmap is present. This saves a lock/unlock cycle. Otherwise, destructor is cleared in update_and_free_hugetlb_folio() after allocating vmemmap. Note that this will leave hugetlb pages in a state where they are marked free (by hugetlb specific page flag) and have a ref count. This is not a normal state. The only code that would notice is the memory error code, and it is set up to retry in such a case. A subsequent patch will create a routine to do bulk processing of vmemmap allocation. This will eliminate a lock/unlock cycle for each hugetlb page in the case where we are freeing a large number of pages. Link: https://lkml.kernel.org/r/20230711220942.43706-2-mike.kravetz@oracle.com Fixes: ad2fa3717b74 ("mm: hugetlb: alloc the vmemmap pages associated with each HugeTLB page") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Axel Rasmussen <axelrasmussen(a)google.com> Cc: James Houghton <jthoughton(a)google.com> Cc: Jiaqi Yan <jiaqiyan(a)google.com> Cc: Miaohe Lin <linmiaohe(a)huawei.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Muchun Song <songmuchun(a)bytedance.com> Cc: Naoya Horiguchi <naoya.horiguchi(a)linux.dev> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 75 +++++++++++++++++++++++++++++++++---------------- 1 file changed, 51 insertions(+), 24 deletions(-) --- a/mm/hugetlb.c~hugetlb-do-not-clear-hugetlb-dtor-until-allocating-vmemmap +++ a/mm/hugetlb.c @@ -1579,9 +1579,37 @@ static inline void destroy_compound_giga unsigned int order) { } #endif +static inline void __clear_hugetlb_destructor(struct hstate *h, + struct folio *folio) +{ + lockdep_assert_held(&hugetlb_lock); + + /* + * Very subtle + * + * For non-gigantic pages set the destructor to the normal compound + * page dtor. This is needed in case someone takes an additional + * temporary ref to the page, and freeing is delayed until they drop + * their reference. + * + * For gigantic pages set the destructor to the null dtor. This + * destructor will never be called. Before freeing the gigantic + * page destroy_compound_gigantic_folio will turn the folio into a + * simple group of pages. After this the destructor does not + * apply. + * + */ + if (hstate_is_gigantic(h)) + folio_set_compound_dtor(folio, NULL_COMPOUND_DTOR); + else + folio_set_compound_dtor(folio, COMPOUND_PAGE_DTOR); +} + /* - * Remove hugetlb folio from lists, and update dtor so that the folio appears - * as just a compound page. + * Remove hugetlb folio from lists. + * If vmemmap exists for the folio, update dtor so that the folio appears + * as just a compound page. Otherwise, wait until after allocating vmemmap + * to update dtor. * * A reference is held on the folio, except in the case of demote. * @@ -1612,31 +1640,19 @@ static void __remove_hugetlb_folio(struc } /* - * Very subtle - * - * For non-gigantic pages set the destructor to the normal compound - * page dtor. This is needed in case someone takes an additional - * temporary ref to the page, and freeing is delayed until they drop - * their reference. - * - * For gigantic pages set the destructor to the null dtor. This - * destructor will never be called. Before freeing the gigantic - * page destroy_compound_gigantic_folio will turn the folio into a - * simple group of pages. After this the destructor does not - * apply. - * - * This handles the case where more than one ref is held when and - * after update_and_free_hugetlb_folio is called. - * - * In the case of demote we do not ref count the page as it will soon - * be turned into a page of smaller size. + * We can only clear the hugetlb destructor after allocating vmemmap + * pages. Otherwise, someone (memory error handling) may try to write + * to tail struct pages. + */ + if (!folio_test_hugetlb_vmemmap_optimized(folio)) + __clear_hugetlb_destructor(h, folio); + + /* + * In the case of demote we do not ref count the page as it will soon + * be turned into a page of smaller size. */ if (!demote) folio_ref_unfreeze(folio, 1); - if (hstate_is_gigantic(h)) - folio_set_compound_dtor(folio, NULL_COMPOUND_DTOR); - else - folio_set_compound_dtor(folio, COMPOUND_PAGE_DTOR); h->nr_huge_pages--; h->nr_huge_pages_node[nid]--; @@ -1705,6 +1721,7 @@ static void __update_and_free_hugetlb_fo { int i; struct page *subpage; + bool clear_dtor = folio_test_hugetlb_vmemmap_optimized(folio); if (hstate_is_gigantic(h) && !gigantic_page_runtime_supported()) return; @@ -1735,6 +1752,16 @@ static void __update_and_free_hugetlb_fo if (unlikely(folio_test_hwpoison(folio))) folio_clear_hugetlb_hwpoison(folio); + /* + * If vmemmap pages were allocated above, then we need to clear the + * hugetlb destructor under the hugetlb lock. + */ + if (clear_dtor) { + spin_lock_irq(&hugetlb_lock); + __clear_hugetlb_destructor(h, folio); + spin_unlock_irq(&hugetlb_lock); + } + for (i = 0; i < pages_per_huge_page(h); i++) { subpage = folio_page(folio, i); subpage->flags &= ~(1 << PG_locked | 1 << PG_error | _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlb-do-not-clear-hugetlb-dtor-until-allocating-vmemmap.patch hugetlb-optimize-update_and_free_pages_bulk-to-avoid-lock-cycles.patch

2 years, 5 months

1
0
0 0

[RFC PATCH v1 0/3] docs: stable-kernel-rules: add delayed backporting option and a few tweaks

by Thorsten Leemhuis

This is a RFC and a bit rough for now. I only set down to create the first of the three patches. But while doing so I noticed a few things that seemed odd for me with my background on writing and editing texts. So I just quickly performed a few additional changes to fix those to see if the stable team would appreciate them, as this document is clearly their domain. If those changes or even the initial patch are not welcomed, I'll simply drop them. I'd totally understand this, as texts like these are delicate and it's easy to accidentlly change the intent or the meaning while adjusting things in good faith. At the same time I might be willing to do a few more changes, if people like the direction this takes and want a bit more fine tuning. CC: Greg KH <gregkh(a)linuxfoundation.org> CC: Sasha Levin <sashal(a)kernel.org> CC: Jonathan Corbet <corbet(a)lwn.net> Thorsten Leemhuis (3): docs: stable-kernel-rules: mention other usages for stable tag comments docs: stable-kernel-rules: make rule section more straight forward docs: stable-kernel-rules: improve structure to optimize reading flow Documentation/process/stable-kernel-rules.rst | 189 ++++++++++-------- 1 file changed, 105 insertions(+), 84 deletions(-) base-commit: 016571b6d52deb473676fb4d24baf8ed3667ae21 -- 2.40.1

2 years, 5 months

5
23
0 0

[PATCH v2] procfs: block chmod on /proc/thread-self/comm

by Aleksa Sarai

Due to an oversight in commit 1b3044e39a89 ("procfs: fix pthread cross-thread naming if !PR_DUMPABLE") in switching from REG to NOD, chmod operations on /proc/thread-self/comm were no longer blocked as they are on almost all other procfs files. A very similar situation with /proc/self/environ was used to as a root exploit a long time ago, but procfs has SB_I_NOEXEC so this is simply a correctness issue. Ref: https://lwn.net/Articles/191954/ Ref: 6d76fa58b050 ("Don't allow chmod() on the /proc/<pid>/ files") Fixes: 1b3044e39a89 ("procfs: fix pthread cross-thread naming if !PR_DUMPABLE") Cc: stable(a)vger.kernel.org # v4.7+ Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- v2: removed nolibc selftests as per review v1: <https://lore.kernel.org/linux-fsdevel/20230713121907.9693-1-cyphar@cyphar.c…> --- fs/proc/base.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 05452c3b9872..7394229816f3 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -3583,7 +3583,8 @@ static int proc_tid_comm_permission(struct mnt_idmap *idmap, } static const struct inode_operations proc_tid_comm_inode_operations = { - .permission = proc_tid_comm_permission, + .setattr = proc_setattr, + .permission = proc_tid_comm_permission, }; /* -- 2.41.0

2 years, 5 months

2
1
0 0

[PATCH v2 6/7] crypto: stm32 - fix MDMAT condition

by Thomas BOURGOIN

From: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> If IP has MDMAT support, set or reset the bit MDMAT in Control Register. Fixes: b56403a25af7 ("crypto: stm32/hash - Support Ux500 hash") Cc: stable(a)vger.kernel.org Reviewed-by: Linus Walleij <linus.walleij(a)linaro.org> Signed-off-by: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> --- Changes in v2: - add Cc: stable(a)vger.kernel.org in commit message - add Reviewed-by: Linus Walleij <linus.walleij(a)linaro.org> drivers/crypto/stm32/stm32-hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/stm32/stm32-hash.c b/drivers/crypto/stm32/stm32-hash.c index 701995a72e57..a48e6a14da2e 100644 --- a/drivers/crypto/stm32/stm32-hash.c +++ b/drivers/crypto/stm32/stm32-hash.c @@ -544,7 +544,7 @@ static int stm32_hash_xmit_dma(struct stm32_hash_dev *hdev, reg = stm32_hash_read(hdev, HASH_CR); - if (!hdev->pdata->has_mdmat) { + if (hdev->pdata->has_mdmat) { if (mdma) reg |= HASH_CR_MDMAT; else -- 2.25.1

2 years, 5 months

1
0
0 0

[PATCH v2 4/7] crypto: stm32 - fix loop iterating through scatterlist for DMA

by Thomas BOURGOIN

From: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> We were reading the length of the scatterlist sg after copying value of tsg inside. So we are using the size of the previous scatterlist and for the first one we are using an unitialised value. Fix this by copying tsg in sg[0] before reading the size. Fixes : 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module") Cc: stable(a)vger.kernel.org Signed-off-by: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> --- Changes in v2: - Add Fixes 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module") - Add Cc: stable(a)vger.kernel.org drivers/crypto/stm32/stm32-hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/stm32/stm32-hash.c b/drivers/crypto/stm32/stm32-hash.c index c179a6c1a457..519fb716acee 100644 --- a/drivers/crypto/stm32/stm32-hash.c +++ b/drivers/crypto/stm32/stm32-hash.c @@ -678,9 +678,9 @@ static int stm32_hash_dma_send(struct stm32_hash_dev *hdev) } for_each_sg(rctx->sg, tsg, rctx->nents, i) { + sg[0] = *tsg; len = sg->length; - sg[0] = *tsg; if (sg_is_last(sg)) { if (hdev->dma_mode == 1) { len = (ALIGN(sg->length, 16) - 16); -- 2.25.1

2 years, 5 months

1
0
0 0

[PATCH v2 6/7] crypto: stm32 - fix MDMAT condition

by Thomas BOURGOIN

From: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> If IP has MDMAT support, set or reset the bit MDMAT in Control Register. Fixes: b56403a25af7 ("crypto: stm32/hash - Support Ux500 hash") Cc: stable(a)vger.kernel.org Reviewed-by: Linus Walleij <linus.walleij(a)linaro.org> Signed-off-by: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> --- Changes in v2: - add Cc: stable(a)vger.kernel.org in commit message - add Reviewed-by: Linus Walleij <linus.walleij(a)linaro.org> drivers/crypto/stm32/stm32-hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/stm32/stm32-hash.c b/drivers/crypto/stm32/stm32-hash.c index 701995a72e57..a48e6a14da2e 100644 --- a/drivers/crypto/stm32/stm32-hash.c +++ b/drivers/crypto/stm32/stm32-hash.c @@ -544,7 +544,7 @@ static int stm32_hash_xmit_dma(struct stm32_hash_dev *hdev, reg = stm32_hash_read(hdev, HASH_CR); - if (!hdev->pdata->has_mdmat) { + if (hdev->pdata->has_mdmat) { if (mdma) reg |= HASH_CR_MDMAT; else -- 2.25.1

2 years, 5 months

1
0
0 0

[PATCH v2 4/7] crypto: stm32 - fix loop iterating through scatterlist for DMA

by Thomas BOURGOIN

From: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> We were reading the length of the scatterlist sg after copying value of tsg inside. So we are using the size of the previous scatterlist and for the first one we are using an unitialised value. Fix this by copying tsg in sg[0] before reading the size. Fixes : 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module") Cc: stable(a)vger.kernel.org Signed-off-by: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> --- Changes in v2: - Add Fixes 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module") - Add Cc: stable(a)vger.kernel.org drivers/crypto/stm32/stm32-hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/stm32/stm32-hash.c b/drivers/crypto/stm32/stm32-hash.c index c179a6c1a457..519fb716acee 100644 --- a/drivers/crypto/stm32/stm32-hash.c +++ b/drivers/crypto/stm32/stm32-hash.c @@ -678,9 +678,9 @@ static int stm32_hash_dma_send(struct stm32_hash_dev *hdev) } for_each_sg(rctx->sg, tsg, rctx->nents, i) { + sg[0] = *tsg; len = sg->length; - sg[0] = *tsg; if (sg_is_last(sg)) { if (hdev->dma_mode == 1) { len = (ALIGN(sg->length, 16) - 16); -- 2.25.1

2 years, 5 months

1
0
0 0

[PATCH v2 4/7] crypto: stm32 - fix loop iterating through scatterlist for DMA

by Thomas BOURGOIN

From: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> We were reading the length of the scatterlist sg after copying value of tsg inside. So we are using the size of the previous scatterlist and for the first one we are using an unitialised value. Fix this by copying tsg in sg[0] before reading the size. Fixes : 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module") Cc: stable(a)vger.kernel.org Signed-off-by: Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> --- Changes since V1: - Add Fixes 8a1012d3f2ab ("crypto: stm32 - Support for STM32 HASH module") - Add Cc: stable(a)vger.kernel.org --- drivers/crypto/stm32/stm32-hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/crypto/stm32/stm32-hash.c b/drivers/crypto/stm32/stm32-hash.c index c179a6c1a457..519fb716acee 100644 --- a/drivers/crypto/stm32/stm32-hash.c +++ b/drivers/crypto/stm32/stm32-hash.c @@ -678,9 +678,9 @@ static int stm32_hash_dma_send(struct stm32_hash_dev *hdev) } for_each_sg(rctx->sg, tsg, rctx->nents, i) { + sg[0] = *tsg; len = sg->length; - sg[0] = *tsg; if (sg_is_last(sg)) { if (hdev->dma_mode == 1) { len = (ALIGN(sg->length, 16) - 16); -- 2.25.1

2 years, 5 months

1
0
0 0

[RFC PATCH 1/3] memfd: cleanups for vm.memfd_noexec handling

by Aleksa Sarai

The previous implementation of vm.memfd_noexec=2 did not actually enforce the usage of MFD_NOEXEC_SEAL, as any program that set MFD_EXEC would not be affected by the "enforcement" mechanism. This was fixed in in Andrew's tree recently, but there were still some things that could be cleaned up. On the topic of older programs, it seems far less disruptive to have vm.memfd_noexec=2 have the same behaviour as vm.memfd_noexec=1 (default to MFD_NOEXEC_SEAL if unspecified) to avoid breaking older programs that didn't actually care about the exec bits -- which includes the vast majority of programs that use memfd_create(2), thus allowing users to be able to enable this sysctl without all older programs needlessly breaking. Otherwise vm.memfd_noexec=2 would be unusable on most general-purpose systems as it would require an audit of all of userspace. While we're at it, fix the warnings emitted by memfd_create() to use pr_warn_ratelimited(). If the intention of the warning is to get developers to switch to explicitly specifying if they want exec bits or not, you need to warn them whenever they use it. The systemd version on my box doesn't pass MFD_EXEC, making the warning useless for most userspace developers because it was already emitted during boot. Commit 105ff5339f49 ("mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC") mentions that this was switched to pr_warn_once "as per review" but I couldn't find the discussion anywhere, and the obvious issue (the ability for unprivileged userspace to spam the kernel log) should be handled by pr_warn_ratelimited. If the issue is that this is too spammy, we could tie it to using vm.memfd_noexec=1 or higher. This is a user-visible API change, but as it allows programs to do something that would be blocked before, and the sysctl itself was broken and recently released, it seems unlikely this will cause any issues. Cc: Dominique Martinet <asmadeus(a)codewreck.org> Cc: Christian Brauner <brauner(a)kernel.org> Cc: stable(a)vger.kernel.org # v6.3+ Fixes: 105ff5339f49 ("mm/memfd: add MFD_NOEXEC_SEAL and MFD_EXEC") Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- include/linux/pid_namespace.h | 16 +++-------- mm/memfd.c | 32 ++++++++-------------- tools/testing/selftests/memfd/memfd_test.c | 22 +++++++++++---- 3 files changed, 33 insertions(+), 37 deletions(-) diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h index c758809d5bcf..53974d79d98e 100644 --- a/include/linux/pid_namespace.h +++ b/include/linux/pid_namespace.h @@ -17,18 +17,10 @@ struct fs_pin; #if defined(CONFIG_SYSCTL) && defined(CONFIG_MEMFD_CREATE) -/* - * sysctl for vm.memfd_noexec - * 0: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL - * acts like MFD_EXEC was set. - * 1: memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL - * acts like MFD_NOEXEC_SEAL was set. - * 2: memfd_create() without MFD_NOEXEC_SEAL will be - * rejected. - */ -#define MEMFD_NOEXEC_SCOPE_EXEC 0 -#define MEMFD_NOEXEC_SCOPE_NOEXEC_SEAL 1 -#define MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED 2 +/* modes for vm.memfd_noexec sysctl */ +#define MEMFD_NOEXEC_SCOPE_EXEC 0 /* MFD_EXEC implied if unset */ +#define MEMFD_NOEXEC_SCOPE_NOEXEC_SEAL 1 /* MFD_NOEXEC_SEAL implied if unset */ +#define MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED 2 /* same as 1, except MFD_EXEC rejected */ #endif struct pid_namespace { diff --git a/mm/memfd.c b/mm/memfd.c index 0bdbd2335af7..4f1f841ae39d 100644 --- a/mm/memfd.c +++ b/mm/memfd.c @@ -271,30 +271,22 @@ long memfd_fcntl(struct file *file, unsigned int cmd, unsigned int arg) static int check_sysctl_memfd_noexec(unsigned int *flags) { #ifdef CONFIG_SYSCTL - char comm[TASK_COMM_LEN]; - int sysctl = MEMFD_NOEXEC_SCOPE_EXEC; - struct pid_namespace *ns; - - ns = task_active_pid_ns(current); - if (ns) - sysctl = ns->memfd_noexec_scope; + int sysctl = task_active_pid_ns(current)->memfd_noexec_scope; if (!(*flags & (MFD_EXEC | MFD_NOEXEC_SEAL))) { - if (sysctl == MEMFD_NOEXEC_SCOPE_NOEXEC_SEAL) + if (sysctl >= MEMFD_NOEXEC_SCOPE_NOEXEC_SEAL) *flags |= MFD_NOEXEC_SEAL; else *flags |= MFD_EXEC; } - if (*flags & MFD_EXEC && sysctl >= MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED) { - pr_warn_once( - "memfd_create(): MFD_NOEXEC_SEAL is enforced, pid=%d '%s'\n", - task_pid_nr(current), get_task_comm(comm, current)); - + if (!(*flags & MFD_NOEXEC_SEAL) && sysctl >= MEMFD_NOEXEC_SCOPE_NOEXEC_ENFORCED) { + pr_warn_ratelimited( + "%s[%d]: memfd_create() requires MFD_NOEXEC_SEAL with vm.memfd_noexec=%d\n", + current->comm, task_pid_nr(current), sysctl); return -EACCES; } #endif - return 0; } @@ -302,7 +294,6 @@ SYSCALL_DEFINE2(memfd_create, const char __user *, uname, unsigned int, flags) { - char comm[TASK_COMM_LEN]; unsigned int *file_seals; struct file *file; int fd, error; @@ -324,13 +315,14 @@ SYSCALL_DEFINE2(memfd_create, return -EINVAL; if (!(flags & (MFD_EXEC | MFD_NOEXEC_SEAL))) { - pr_warn_once( - "memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=%d '%s'\n", - task_pid_nr(current), get_task_comm(comm, current)); + pr_warn_ratelimited( + "%s[%d]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set\n", + current->comm, task_pid_nr(current)); } - if (check_sysctl_memfd_noexec(&flags) < 0) - return -EACCES; + error = check_sysctl_memfd_noexec(&flags); + if (error < 0) + return error; /* length includes terminating zero */ len = strnlen_user(uname, MFD_NAME_MAX_LEN + 1); diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index dbdd9ec5e397..d8342989c547 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -1145,11 +1145,23 @@ static void test_sysctl_child(void) printf("%s sysctl 2\n", memfd_str); sysctl_assert_write("2"); - mfd_fail_new("kern_memfd_sysctl_2", - MFD_CLOEXEC | MFD_ALLOW_SEALING); - mfd_fail_new("kern_memfd_sysctl_2_MFD_EXEC", - MFD_CLOEXEC | MFD_EXEC); - fd = mfd_assert_new("", 0, MFD_NOEXEC_SEAL); + mfd_fail_new("kern_memfd_sysctl_2_exec", + MFD_EXEC | MFD_CLOEXEC | MFD_ALLOW_SEALING); + + fd = mfd_assert_new("kern_memfd_sysctl_2_dfl", + mfd_def_size, + MFD_CLOEXEC | MFD_ALLOW_SEALING); + mfd_assert_mode(fd, 0666); + mfd_assert_has_seals(fd, F_SEAL_EXEC); + mfd_fail_chmod(fd, 0777); + close(fd); + + fd = mfd_assert_new("kern_memfd_sysctl_2_noexec_seal", + mfd_def_size, + MFD_NOEXEC_SEAL | MFD_CLOEXEC | MFD_ALLOW_SEALING); + mfd_assert_mode(fd, 0666); + mfd_assert_has_seals(fd, F_SEAL_EXEC); + mfd_fail_chmod(fd, 0777); close(fd); sysctl_fail_write("0"); -- 2.41.0

2 years, 5 months

1
0
0 0

Re: [PATCH] procfs: block chmod on /proc/thread-self/comm

by Christian Brauner

> > diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c > > index 486334981e60..08f0969208eb 100644 > > --- a/tools/testing/selftests/nolibc/nolibc-test.c > > +++ b/tools/testing/selftests/nolibc/nolibc-test.c > > @@ -580,6 +580,10 @@ int run_syscall(int min, int max) > > CASE_TEST(chmod_net); EXPECT_SYSZR(proc, chmod("/proc/self/net", 0555)); break; > > CASE_TEST(chmod_self); EXPECT_SYSER(proc, chmod("/proc/self", 0555), -1, EPERM); break; > > CASE_TEST(chown_self); EXPECT_SYSER(proc, chown("/proc/self", 0, 0), -1, EPERM); break; > > + CASE_TEST(chmod_self_comm); EXPECT_SYSER(proc, chmod("/proc/self/comm", 0777), -1, EPERM); break; > > + CASE_TEST(chmod_tid_comm); EXPECT_SYSER(proc, chmod("/proc/thread-self/comm", 0777), -1, EPERM); break; > > + CASE_TEST(chmod_self_environ);EXPECT_SYSER(proc, chmod("/proc/self/environ", 0777), -1, EPERM); break; > > + CASE_TEST(chmod_tid_environ); EXPECT_SYSER(proc, chmod("/proc/thread-self/environ", 0777), -1, EPERM); break; > > I'm not a big fan of this, it abuses the nolibc testsuite to test core > kernel functionality. Yes, this should be dropped. We need a minimal patch to fix this. This just makes backporting harder and any test doesn't need to be backported.

2 years, 5 months

4
4
0 0

[PATCH] procfs: block chmod on /proc/thread-self/comm

by Aleksa Sarai

Due to an oversight in commit 1b3044e39a89 ("procfs: fix pthread cross-thread naming if !PR_DUMPABLE") in switching from REG to NOD, chmod operations on /proc/thread-self/comm were no longer blocked as they are on almost all other procfs files. A very similar situation with /proc/self/environ was used to as a root exploit a long time ago, but procfs has SB_I_NOEXEC so this is simply a correctness issue. Ref: https://lwn.net/Articles/191954/ Ref: 6d76fa58b050 ("Don't allow chmod() on the /proc/<pid>/ files") Fixes: 1b3044e39a89 ("procfs: fix pthread cross-thread naming if !PR_DUMPABLE") Cc: stable(a)vger.kernel.org # v4.7+ Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- fs/proc/base.c | 3 ++- tools/testing/selftests/nolibc/nolibc-test.c | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 05452c3b9872..7394229816f3 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -3583,7 +3583,8 @@ static int proc_tid_comm_permission(struct mnt_idmap *idmap, } static const struct inode_operations proc_tid_comm_inode_operations = { - .permission = proc_tid_comm_permission, + .setattr = proc_setattr, + .permission = proc_tid_comm_permission, }; /* diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index 486334981e60..08f0969208eb 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -580,6 +580,10 @@ int run_syscall(int min, int max) CASE_TEST(chmod_net); EXPECT_SYSZR(proc, chmod("/proc/self/net", 0555)); break; CASE_TEST(chmod_self); EXPECT_SYSER(proc, chmod("/proc/self", 0555), -1, EPERM); break; CASE_TEST(chown_self); EXPECT_SYSER(proc, chown("/proc/self", 0, 0), -1, EPERM); break; + CASE_TEST(chmod_self_comm); EXPECT_SYSER(proc, chmod("/proc/self/comm", 0777), -1, EPERM); break; + CASE_TEST(chmod_tid_comm); EXPECT_SYSER(proc, chmod("/proc/thread-self/comm", 0777), -1, EPERM); break; + CASE_TEST(chmod_self_environ);EXPECT_SYSER(proc, chmod("/proc/self/environ", 0777), -1, EPERM); break; + CASE_TEST(chmod_tid_environ); EXPECT_SYSER(proc, chmod("/proc/thread-self/environ", 0777), -1, EPERM); break; CASE_TEST(chroot_root); EXPECT_SYSZR(euid0, chroot("/")); break; CASE_TEST(chroot_blah); EXPECT_SYSER(1, chroot("/proc/self/blah"), -1, ENOENT); break; CASE_TEST(chroot_exe); EXPECT_SYSER(proc, chroot("/proc/self/exe"), -1, ENOTDIR); break; -- 2.41.0

2 years, 5 months

4
4
0 0

[PATCH v4 10/11] wifi: ath10k: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that only the driver would be accessing LNKCTL. ASPM policy changes can trigger write to LNKCTL outside of driver's control. Use RMW capability accessors which does proper locking to avoid losing concurrent updates to the register value. On restore, clear the ASPMC field properly. Fixes: 76d870ed09ab ("ath10k: enable ASPM") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Reviewed-by: Simon Horman <simon.horman(a)corigine.com> Acked-by: Kalle Valo <kvalo(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/net/wireless/ath/ath10k/pci.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/drivers/net/wireless/ath/ath10k/pci.c b/drivers/net/wireless/ath/ath10k/pci.c index a7f44f6335fb..9275a672f90c 100644 --- a/drivers/net/wireless/ath/ath10k/pci.c +++ b/drivers/net/wireless/ath/ath10k/pci.c @@ -1963,8 +1963,9 @@ static int ath10k_pci_hif_start(struct ath10k *ar) ath10k_pci_irq_enable(ar); ath10k_pci_rx_post(ar); - pcie_capability_write_word(ar_pci->pdev, PCI_EXP_LNKCTL, - ar_pci->link_ctl); + pcie_capability_clear_and_set_word(ar_pci->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_ASPMC, + ar_pci->link_ctl & PCI_EXP_LNKCTL_ASPMC); return 0; } @@ -2821,8 +2822,8 @@ static int ath10k_pci_hif_power_up(struct ath10k *ar, pcie_capability_read_word(ar_pci->pdev, PCI_EXP_LNKCTL, &ar_pci->link_ctl); - pcie_capability_write_word(ar_pci->pdev, PCI_EXP_LNKCTL, - ar_pci->link_ctl & ~PCI_EXP_LNKCTL_ASPMC); + pcie_capability_clear_word(ar_pci->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_ASPMC); /* * Bring the target up cleanly. -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 09/11] wifi: ath12k: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that only the driver would be accessing LNKCTL. ASPM policy changes can trigger write to LNKCTL outside of driver's control. Use RMW capability accessors which do proper locking to avoid losing concurrent updates to the register value. On restore, clear the ASPMC field properly. Fixes: d889913205cf ("wifi: ath12k: driver for Qualcomm Wi-Fi 7 devices") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Reviewed-by: Simon Horman <simon.horman(a)corigine.com> Acked-by: Kalle Valo <kvalo(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/net/wireless/ath/ath12k/pci.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/net/wireless/ath/ath12k/pci.c b/drivers/net/wireless/ath/ath12k/pci.c index 5990a55801f0..e4f08a066ca1 100644 --- a/drivers/net/wireless/ath/ath12k/pci.c +++ b/drivers/net/wireless/ath/ath12k/pci.c @@ -794,8 +794,8 @@ static void ath12k_pci_aspm_disable(struct ath12k_pci *ab_pci) u16_get_bits(ab_pci->link_ctl, PCI_EXP_LNKCTL_ASPM_L1)); /* disable L0s and L1 */ - pcie_capability_write_word(ab_pci->pdev, PCI_EXP_LNKCTL, - ab_pci->link_ctl & ~PCI_EXP_LNKCTL_ASPMC); + pcie_capability_clear_word(ab_pci->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_ASPMC); set_bit(ATH12K_PCI_ASPM_RESTORE, &ab_pci->flags); } @@ -803,8 +803,10 @@ static void ath12k_pci_aspm_disable(struct ath12k_pci *ab_pci) static void ath12k_pci_aspm_restore(struct ath12k_pci *ab_pci) { if (test_and_clear_bit(ATH12K_PCI_ASPM_RESTORE, &ab_pci->flags)) - pcie_capability_write_word(ab_pci->pdev, PCI_EXP_LNKCTL, - ab_pci->link_ctl); + pcie_capability_clear_and_set_word(ab_pci->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_ASPMC, + ab_pci->link_ctl & + PCI_EXP_LNKCTL_ASPMC); } static void ath12k_pci_kill_tasklets(struct ath12k_base *ab) -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 08/11] wifi: ath11k: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that only the driver would be accessing LNKCTL. ASPM policy changes can trigger write to LNKCTL outside of driver's control. Use RMW capability accessors which do proper locking to avoid losing concurrent updates to the register value. On restore, clear the ASPMC field properly. Fixes: e9603f4bdcc0 ("ath11k: pci: disable ASPM L0sLs before downloading firmware") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Reviewed-by: Simon Horman <simon.horman(a)corigine.com> Acked-by: Kalle Valo <kvalo(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/net/wireless/ath/ath11k/pci.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/net/wireless/ath/ath11k/pci.c b/drivers/net/wireless/ath/ath11k/pci.c index 79e2cbe82638..ec40adc1cb23 100644 --- a/drivers/net/wireless/ath/ath11k/pci.c +++ b/drivers/net/wireless/ath/ath11k/pci.c @@ -581,8 +581,8 @@ static void ath11k_pci_aspm_disable(struct ath11k_pci *ab_pci) u16_get_bits(ab_pci->link_ctl, PCI_EXP_LNKCTL_ASPM_L1)); /* disable L0s and L1 */ - pcie_capability_write_word(ab_pci->pdev, PCI_EXP_LNKCTL, - ab_pci->link_ctl & ~PCI_EXP_LNKCTL_ASPMC); + pcie_capability_clear_word(ab_pci->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_ASPMC); set_bit(ATH11K_PCI_ASPM_RESTORE, &ab_pci->flags); } @@ -590,8 +590,10 @@ static void ath11k_pci_aspm_disable(struct ath11k_pci *ab_pci) static void ath11k_pci_aspm_restore(struct ath11k_pci *ab_pci) { if (test_and_clear_bit(ATH11K_PCI_ASPM_RESTORE, &ab_pci->flags)) - pcie_capability_write_word(ab_pci->pdev, PCI_EXP_LNKCTL, - ab_pci->link_ctl); + pcie_capability_clear_and_set_word(ab_pci->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_ASPMC, + ab_pci->link_ctl & + PCI_EXP_LNKCTL_ASPMC); } static int ath11k_pci_power_up(struct ath11k_base *ab) -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 07/11] net/mlx5: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that only the driver would be accessing LNKCTL of the upstream bridge. ASPM policy changes can trigger write to LNKCTL outside of driver's control. Use RMW capability accessors which do proper locking to avoid losing concurrent updates to the register value. Fixes: eabe8e5e88f5 ("net/mlx5: Handle sync reset now event") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Reviewed-by: Moshe Shemesh <moshe(a)nvidia.com> Reviewed-by: Simon Horman <simon.horman(a)corigine.com> Cc: stable(a)vger.kernel.org --- drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c b/drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c index 4804990b7f22..99dcbd006357 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/fw_reset.c @@ -384,16 +384,11 @@ static int mlx5_pci_link_toggle(struct mlx5_core_dev *dev) pci_cfg_access_lock(sdev); } /* PCI link toggle */ - err = pci_read_config_word(bridge, cap + PCI_EXP_LNKCTL, &reg16); - if (err) - return err; - reg16 |= PCI_EXP_LNKCTL_LD; - err = pci_write_config_word(bridge, cap + PCI_EXP_LNKCTL, reg16); + err = pcie_capability_set_word(bridge, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_LD); if (err) return err; msleep(500); - reg16 &= ~PCI_EXP_LNKCTL_LD; - err = pci_write_config_word(bridge, cap + PCI_EXP_LNKCTL, reg16); + err = pcie_capability_clear_word(bridge, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_LD); if (err) return err; -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 06/11] drm/radeon: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that only the driver would be accessing LNKCTL. ASPM policy changes can trigger write to LNKCTL outside of driver's control. And in the case of upstream bridge, the driver does not even own the device it's changing the registers for. Use RMW capability accessors which do proper locking to avoid losing concurrent updates to the register value. Fixes: 8a7cd27679d0 ("drm/radeon/cik: add support for pcie gen1/2/3 switching") Fixes: b9d305dfb66c ("drm/radeon: implement pcie gen2/3 support for SI") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/radeon/cik.c | 36 ++++++++++------------------------- drivers/gpu/drm/radeon/si.c | 37 ++++++++++-------------------------- 2 files changed, 20 insertions(+), 53 deletions(-) diff --git a/drivers/gpu/drm/radeon/cik.c b/drivers/gpu/drm/radeon/cik.c index 5819737c21c6..a6f3c811ceb8 100644 --- a/drivers/gpu/drm/radeon/cik.c +++ b/drivers/gpu/drm/radeon/cik.c @@ -9534,17 +9534,8 @@ static void cik_pcie_gen3_enable(struct radeon_device *rdev) u16 bridge_cfg2, gpu_cfg2; u32 max_lw, current_lw, tmp; - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &bridge_cfg); - pcie_capability_read_word(rdev->pdev, PCI_EXP_LNKCTL, - &gpu_cfg); - - tmp16 = bridge_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(root, PCI_EXP_LNKCTL, tmp16); - - tmp16 = gpu_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(rdev->pdev, PCI_EXP_LNKCTL, - tmp16); + pcie_capability_set_word(root, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); + pcie_capability_set_word(rdev->pdev, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); tmp = RREG32_PCIE_PORT(PCIE_LC_STATUS1); max_lw = (tmp & LC_DETECTED_LINK_WIDTH_MASK) >> LC_DETECTED_LINK_WIDTH_SHIFT; @@ -9591,21 +9582,14 @@ static void cik_pcie_gen3_enable(struct radeon_device *rdev) msleep(100); /* linkctl */ - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (bridge_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(root, PCI_EXP_LNKCTL, - tmp16); - - pcie_capability_read_word(rdev->pdev, - PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (gpu_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(rdev->pdev, - PCI_EXP_LNKCTL, - tmp16); + pcie_capability_clear_and_set_word(root, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + bridge_cfg & + PCI_EXP_LNKCTL_HAWD); + pcie_capability_clear_and_set_word(rdev->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + gpu_cfg & + PCI_EXP_LNKCTL_HAWD); /* linkctl2 */ pcie_capability_read_word(root, PCI_EXP_LNKCTL2, diff --git a/drivers/gpu/drm/radeon/si.c b/drivers/gpu/drm/radeon/si.c index 8d5e4b25609d..a91012447b56 100644 --- a/drivers/gpu/drm/radeon/si.c +++ b/drivers/gpu/drm/radeon/si.c @@ -7131,17 +7131,8 @@ static void si_pcie_gen3_enable(struct radeon_device *rdev) u16 bridge_cfg2, gpu_cfg2; u32 max_lw, current_lw, tmp; - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &bridge_cfg); - pcie_capability_read_word(rdev->pdev, PCI_EXP_LNKCTL, - &gpu_cfg); - - tmp16 = bridge_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(root, PCI_EXP_LNKCTL, tmp16); - - tmp16 = gpu_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(rdev->pdev, PCI_EXP_LNKCTL, - tmp16); + pcie_capability_set_word(root, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); + pcie_capability_set_word(rdev->pdev, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); tmp = RREG32_PCIE(PCIE_LC_STATUS1); max_lw = (tmp & LC_DETECTED_LINK_WIDTH_MASK) >> LC_DETECTED_LINK_WIDTH_SHIFT; @@ -7188,22 +7179,14 @@ static void si_pcie_gen3_enable(struct radeon_device *rdev) msleep(100); /* linkctl */ - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (bridge_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(root, - PCI_EXP_LNKCTL, - tmp16); - - pcie_capability_read_word(rdev->pdev, - PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (gpu_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(rdev->pdev, - PCI_EXP_LNKCTL, - tmp16); + pcie_capability_clear_and_set_word(root, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + bridge_cfg & + PCI_EXP_LNKCTL_HAWD); + pcie_capability_clear_and_set_word(rdev->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + gpu_cfg & + PCI_EXP_LNKCTL_HAWD); /* linkctl2 */ pcie_capability_read_word(root, PCI_EXP_LNKCTL2, -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 05/11] drm/amdgpu: Use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that only the driver would be accessing LNKCTL. ASPM policy changes can trigger write to LNKCTL outside of driver's control. And in the case of upstream bridge, the driver does not even own the device it's changing the registers for. Use RMW capability accessors which do proper locking to avoid losing concurrent updates to the register value. Fixes: a2e73f56fa62 ("drm/amdgpu: Add support for CIK parts") Fixes: 62a37553414a ("drm/amdgpu: add si implementation v10") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/amd/amdgpu/cik.c | 36 +++++++++----------------------- drivers/gpu/drm/amd/amdgpu/si.c | 36 +++++++++----------------------- 2 files changed, 20 insertions(+), 52 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/cik.c b/drivers/gpu/drm/amd/amdgpu/cik.c index 5641cf05d856..e63abdf52b6c 100644 --- a/drivers/gpu/drm/amd/amdgpu/cik.c +++ b/drivers/gpu/drm/amd/amdgpu/cik.c @@ -1574,17 +1574,8 @@ static void cik_pcie_gen3_enable(struct amdgpu_device *adev) u16 bridge_cfg2, gpu_cfg2; u32 max_lw, current_lw, tmp; - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &bridge_cfg); - pcie_capability_read_word(adev->pdev, PCI_EXP_LNKCTL, - &gpu_cfg); - - tmp16 = bridge_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(root, PCI_EXP_LNKCTL, tmp16); - - tmp16 = gpu_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(adev->pdev, PCI_EXP_LNKCTL, - tmp16); + pcie_capability_set_word(root, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); + pcie_capability_set_word(adev->pdev, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); tmp = RREG32_PCIE(ixPCIE_LC_STATUS1); max_lw = (tmp & PCIE_LC_STATUS1__LC_DETECTED_LINK_WIDTH_MASK) >> @@ -1637,21 +1628,14 @@ static void cik_pcie_gen3_enable(struct amdgpu_device *adev) msleep(100); /* linkctl */ - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (bridge_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(root, PCI_EXP_LNKCTL, - tmp16); - - pcie_capability_read_word(adev->pdev, - PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (gpu_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(adev->pdev, - PCI_EXP_LNKCTL, - tmp16); + pcie_capability_clear_and_set_word(root, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + bridge_cfg & + PCI_EXP_LNKCTL_HAWD); + pcie_capability_clear_and_set_word(adev->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + gpu_cfg & + PCI_EXP_LNKCTL_HAWD); /* linkctl2 */ pcie_capability_read_word(root, PCI_EXP_LNKCTL2, diff --git a/drivers/gpu/drm/amd/amdgpu/si.c b/drivers/gpu/drm/amd/amdgpu/si.c index f64b87b11b1b..4b81f29e5fd5 100644 --- a/drivers/gpu/drm/amd/amdgpu/si.c +++ b/drivers/gpu/drm/amd/amdgpu/si.c @@ -2276,17 +2276,8 @@ static void si_pcie_gen3_enable(struct amdgpu_device *adev) u16 bridge_cfg2, gpu_cfg2; u32 max_lw, current_lw, tmp; - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &bridge_cfg); - pcie_capability_read_word(adev->pdev, PCI_EXP_LNKCTL, - &gpu_cfg); - - tmp16 = bridge_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(root, PCI_EXP_LNKCTL, tmp16); - - tmp16 = gpu_cfg | PCI_EXP_LNKCTL_HAWD; - pcie_capability_write_word(adev->pdev, PCI_EXP_LNKCTL, - tmp16); + pcie_capability_set_word(root, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); + pcie_capability_set_word(adev->pdev, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_HAWD); tmp = RREG32_PCIE(PCIE_LC_STATUS1); max_lw = (tmp & LC_DETECTED_LINK_WIDTH_MASK) >> LC_DETECTED_LINK_WIDTH_SHIFT; @@ -2331,21 +2322,14 @@ static void si_pcie_gen3_enable(struct amdgpu_device *adev) mdelay(100); - pcie_capability_read_word(root, PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (bridge_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(root, PCI_EXP_LNKCTL, - tmp16); - - pcie_capability_read_word(adev->pdev, - PCI_EXP_LNKCTL, - &tmp16); - tmp16 &= ~PCI_EXP_LNKCTL_HAWD; - tmp16 |= (gpu_cfg & PCI_EXP_LNKCTL_HAWD); - pcie_capability_write_word(adev->pdev, - PCI_EXP_LNKCTL, - tmp16); + pcie_capability_clear_and_set_word(root, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + bridge_cfg & + PCI_EXP_LNKCTL_HAWD); + pcie_capability_clear_and_set_word(adev->pdev, PCI_EXP_LNKCTL, + PCI_EXP_LNKCTL_HAWD, + gpu_cfg & + PCI_EXP_LNKCTL_HAWD); pcie_capability_read_word(root, PCI_EXP_LNKCTL2, &tmp16); -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 02/11] PCI: Make link retraining use RMW accessors for changing LNKCTL

by Ilpo Järvinen

Don't assume that the device is fully under the control of PCI core. Use RMW capability accessors in link retraining which do proper locking to avoid losing concurrent updates to the register values. Fixes: 4ec73791a64b ("PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum") Fixes: 7d715a6c1ae5 ("PCI: add PCI Express ASPM support") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Acked-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org --- pci/enumeration branch moves the link retraining code into PCI core and also conflicts with a link retraining fix in pci/aspm. The changelog (and patch splitting) takes the move into account by not referring to ASPM while the change itself is not based on pci/enumeration (as per Bjorn's preference). --- drivers/pci/pci.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index 60230da957e0..f7315b13bb82 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -4927,7 +4927,6 @@ static int pcie_wait_for_link_status(struct pci_dev *pdev, int pcie_retrain_link(struct pci_dev *pdev, bool use_lt) { int rc; - u16 lnkctl; /* * Ensure the updated LNKCTL parameters are used during link @@ -4939,17 +4938,14 @@ int pcie_retrain_link(struct pci_dev *pdev, bool use_lt) if (rc) return rc; - pcie_capability_read_word(pdev, PCI_EXP_LNKCTL, &lnkctl); - lnkctl |= PCI_EXP_LNKCTL_RL; - pcie_capability_write_word(pdev, PCI_EXP_LNKCTL, lnkctl); + pcie_capability_set_word(pdev, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_RL); if (pdev->clear_retrain_link) { /* * Due to an erratum in some devices the Retrain Link bit * needs to be cleared again manually to allow the link * training to succeed. */ - lnkctl &= ~PCI_EXP_LNKCTL_RL; - pcie_capability_write_word(pdev, PCI_EXP_LNKCTL, lnkctl); + pcie_capability_clear_word(pdev, PCI_EXP_LNKCTL, PCI_EXP_LNKCTL_RL); } return pcie_wait_for_link_status(pdev, use_lt, !use_lt); -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH v4 01/11] PCI: Add locking to RMW PCI Express Capability Register accessors

by Ilpo Järvinen

Many places in the kernel write the Link Control and Root Control PCI Express Capability Registers without proper concurrency control and this could result in losing the changes one of the writers intended to make. Add pcie_cap_lock spinlock into the struct pci_dev and use it to protect bit changes made in the RMW capability accessors. Protect only a selected set of registers by differentiating the RMW accessor internally to locked/unlocked variants using a wrapper which has the same signature as pcie_capability_clear_and_set_word(). As the Capability Register (pos) given to the wrapper is always a constant, the compiler should be able to simplify all the dead-code away. So far only the Link Control Register (ASPM, hotplug, link retraining, various drivers) and the Root Control Register (AER & PME) seem to require RMW locking. Fixes: c7f486567c1d ("PCI PM: PCIe PME root port service driver") Fixes: f12eb72a268b ("PCI/ASPM: Use PCI Express Capability accessors") Fixes: 7d715a6c1ae5 ("PCI: add PCI Express ASPM support") Fixes: affa48de8417 ("staging/rdma/hfi1: Add support for enabling/disabling PCIe ASPM") Fixes: 849a9366cba9 ("misc: rtsx: Add support new chip rts5228 mmc: rtsx: Add support MMC_CAP2_NO_MMC") Fixes: 3d1e7aa80d1c ("misc: rtsx: Use pcie_capability_clear_and_set_word() for PCI_EXP_LNKCTL") Fixes: c0e5f4e73a71 ("misc: rtsx: Add support for RTS5261") Fixes: 3df4fce739e2 ("misc: rtsx: separate aspm mode into MODE_REG and MODE_CFG") Fixes: 121e9c6b5c4c ("misc: rtsx: modify and fix init_hw function") Fixes: 19f3bd548f27 ("mfd: rtsx: Remove LCTLR defination") Fixes: 773ccdfd9cc6 ("mfd: rtsx: Read vendor setting from config space") Fixes: 8275b77a1513 ("mfd: rts5249: Add support for RTS5250S power saving") Fixes: 5da4e04ae480 ("misc: rtsx: Add support for RTS5260") Fixes: 0f49bfbd0f2e ("tg3: Use PCI Express Capability accessors") Fixes: 5e7dfd0fb94a ("tg3: Prevent corruption at 10 / 100Mbps w CLKREQ") Fixes: b726e493e8dc ("r8169: sync existing 8168 device hardware start sequences with vendor driver") Fixes: e6de30d63eb1 ("r8169: more 8168dp support.") Fixes: 8a06127602de ("Bluetooth: hci_bcm4377: Add new driver for BCM4377 PCIe boards") Fixes: 6f461f6c7c96 ("e1000e: enable/disable ASPM L0s and L1 and ERT according to hardware errata") Fixes: 1eae4eb2a1c7 ("e1000e: Disable L1 ASPM power savings for 82573 mobile variants") Fixes: 8060e169e02f ("ath9k: Enable extended synch for AR9485 to fix L0s recovery issue") Fixes: 69ce674bfa69 ("ath9k: do btcoex ASPM disabling at initialization time") Fixes: f37f05503575 ("mt76: mt76x2e: disable pcie_aspm by default") Suggested-by: Lukas Wunner <lukas(a)wunner.de> Signed-off-by: Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> Reviewed-by: Rafael J. Wysocki <rafael(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/pci/access.c | 20 +++++++++++++++++--- drivers/pci/probe.c | 1 + include/linux/pci.h | 34 ++++++++++++++++++++++++++++++++-- 3 files changed, 50 insertions(+), 5 deletions(-) diff --git a/drivers/pci/access.c b/drivers/pci/access.c index 3c230ca3de58..0b2e90d2f04f 100644 --- a/drivers/pci/access.c +++ b/drivers/pci/access.c @@ -497,8 +497,8 @@ int pcie_capability_write_dword(struct pci_dev *dev, int pos, u32 val) } EXPORT_SYMBOL(pcie_capability_write_dword); -int pcie_capability_clear_and_set_word(struct pci_dev *dev, int pos, - u16 clear, u16 set) +int pcie_capability_clear_and_set_word_unlocked(struct pci_dev *dev, int pos, + u16 clear, u16 set) { int ret; u16 val; @@ -512,7 +512,21 @@ int pcie_capability_clear_and_set_word(struct pci_dev *dev, int pos, return ret; } -EXPORT_SYMBOL(pcie_capability_clear_and_set_word); +EXPORT_SYMBOL(pcie_capability_clear_and_set_word_unlocked); + +int pcie_capability_clear_and_set_word_locked(struct pci_dev *dev, int pos, + u16 clear, u16 set) +{ + unsigned long flags; + int ret; + + spin_lock_irqsave(&dev->pcie_cap_lock, flags); + ret = pcie_capability_clear_and_set_word_unlocked(dev, pos, clear, set); + spin_unlock_irqrestore(&dev->pcie_cap_lock, flags); + + return ret; +} +EXPORT_SYMBOL(pcie_capability_clear_and_set_word_locked); int pcie_capability_clear_and_set_dword(struct pci_dev *dev, int pos, u32 clear, u32 set) diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 8bac3ce02609..f1587fb0ba71 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -2324,6 +2324,7 @@ struct pci_dev *pci_alloc_dev(struct pci_bus *bus) .end = -1, }; + spin_lock_init(&dev->pcie_cap_lock); #ifdef CONFIG_PCI_MSI raw_spin_lock_init(&dev->msi_lock); #endif diff --git a/include/linux/pci.h b/include/linux/pci.h index c69a2cc1f412..7ee498cd1f37 100644 --- a/include/linux/pci.h +++ b/include/linux/pci.h @@ -467,6 +467,7 @@ struct pci_dev { pci_dev_flags_t dev_flags; atomic_t enable_cnt; /* pci_enable_device has been called */ + spinlock_t pcie_cap_lock; /* Protects RMW ops in capability accessors */ u32 saved_config_space[16]; /* Config space saved at suspend time */ struct hlist_head saved_cap_space; int rom_attr_enabled; /* Display of ROM attribute enabled? */ @@ -1217,11 +1218,40 @@ int pcie_capability_read_word(struct pci_dev *dev, int pos, u16 *val); int pcie_capability_read_dword(struct pci_dev *dev, int pos, u32 *val); int pcie_capability_write_word(struct pci_dev *dev, int pos, u16 val); int pcie_capability_write_dword(struct pci_dev *dev, int pos, u32 val); -int pcie_capability_clear_and_set_word(struct pci_dev *dev, int pos, - u16 clear, u16 set); +int pcie_capability_clear_and_set_word_unlocked(struct pci_dev *dev, int pos, + u16 clear, u16 set); +int pcie_capability_clear_and_set_word_locked(struct pci_dev *dev, int pos, + u16 clear, u16 set); int pcie_capability_clear_and_set_dword(struct pci_dev *dev, int pos, u32 clear, u32 set); +/** + * pcie_capability_clear_and_set_word - RMW accessor for PCI Express Capability Registers + * @dev: PCI device structure of the PCI Express device + * @pos: PCI Express Capability Register + * @clear: Clear bitmask + * @set: Set bitmask + * + * Perform a Read-Modify-Write (RMW) operation using @clear and @set + * bitmasks on PCI Express Capability Register at @pos. Certain PCI Express + * Capability Registers are accessed concurrently in RMW fashion, hence + * require locking which is handled transparently to the caller. + */ +static inline int pcie_capability_clear_and_set_word(struct pci_dev *dev, + int pos, + u16 clear, u16 set) +{ + switch (pos) { + case PCI_EXP_LNKCTL: + case PCI_EXP_RTCTL: + return pcie_capability_clear_and_set_word_locked(dev, pos, + clear, set); + default: + return pcie_capability_clear_and_set_word_unlocked(dev, pos, + clear, set); + } +} + static inline int pcie_capability_set_word(struct pci_dev *dev, int pos, u16 set) { -- 2.30.2

2 years, 5 months

1
0
0 0

[PATCH] procfs: block chmod on /proc/thread-self/comm

by Aleksa Sarai

Due to an oversight in commit 1b3044e39a89 ("procfs: fix pthread cross-thread naming if !PR_DUMPABLE") in switching from REG to NOD, chmod operations on /proc/thread-self/comm were no longer blocked as they are on almost all other procfs files. A very similar situation with /proc/self/environ was used to as a root exploit a long time ago, but procfs has SB_I_NOEXEC so this is simply a correctness issue. Ref: https://lwn.net/Articles/191954/ Ref: 6d76fa58b050 ("Don't allow chmod() on the /proc/<pid>/ files") Fixes: 1b3044e39a89 ("procfs: fix pthread cross-thread naming if !PR_DUMPABLE") Cc: stable(a)vger.kernel.org # v4.7+ Signed-off-by: Aleksa Sarai <cyphar(a)cyphar.com> --- fs/proc/base.c | 3 ++- tools/testing/selftests/nolibc/nolibc-test.c | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 05452c3b9872..7394229816f3 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -3583,7 +3583,8 @@ static int proc_tid_comm_permission(struct mnt_idmap *idmap, } static const struct inode_operations proc_tid_comm_inode_operations = { - .permission = proc_tid_comm_permission, + .setattr = proc_setattr, + .permission = proc_tid_comm_permission, }; /* diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index 486334981e60..08f0969208eb 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -580,6 +580,10 @@ int run_syscall(int min, int max) CASE_TEST(chmod_net); EXPECT_SYSZR(proc, chmod("/proc/self/net", 0555)); break; CASE_TEST(chmod_self); EXPECT_SYSER(proc, chmod("/proc/self", 0555), -1, EPERM); break; CASE_TEST(chown_self); EXPECT_SYSER(proc, chown("/proc/self", 0, 0), -1, EPERM); break; + CASE_TEST(chmod_self_comm); EXPECT_SYSER(proc, chmod("/proc/self/comm", 0777), -1, EPERM); break; + CASE_TEST(chmod_tid_comm); EXPECT_SYSER(proc, chmod("/proc/thread-self/comm", 0777), -1, EPERM); break; + CASE_TEST(chmod_self_environ);EXPECT_SYSER(proc, chmod("/proc/self/environ", 0777), -1, EPERM); break; + CASE_TEST(chmod_tid_environ); EXPECT_SYSER(proc, chmod("/proc/thread-self/environ", 0777), -1, EPERM); break; CASE_TEST(chroot_root); EXPECT_SYSZR(euid0, chroot("/")); break; CASE_TEST(chroot_blah); EXPECT_SYSER(1, chroot("/proc/self/blah"), -1, ENOENT); break; CASE_TEST(chroot_exe); EXPECT_SYSER(proc, chroot("/proc/self/exe"), -1, ENOTDIR); break; -- 2.41.0

2 years, 5 months

1
0
0 0

[PATCH v2] attr: block mode changes of symlinks

by Christian Brauner

Changing the mode of symlinks is meaningless as the vfs doesn't take the mode of a symlink into account during path lookup permission checking. However, the vfs doesn't block mode changes on symlinks. This however, has lead to an untenable mess roughly classifiable into the following two categories: (1) Filesystems that don't implement a i_op->setattr() for symlinks. Such filesystems may or may not know that without i_op->setattr() defined, notify_change() falls back to simple_setattr() causing the inode's mode in the inode cache to be changed. That's a generic issue as this will affect all non-size changing inode attributes including ownership changes. Example: afs (2) Filesystems that fail with EOPNOTSUPP but change the mode of the symlink nonetheless. Some filesystems will happily update the mode of a symlink but still return EOPNOTSUPP. This is the biggest source of confusion for userspace. The EOPNOTSUPP in this case comes from POSIX ACLs. Specifically it comes from filesystems that call posix_acl_chmod(), e.g., btrfs via if (!err && attr->ia_valid & ATTR_MODE) err = posix_acl_chmod(idmap, dentry, inode->i_mode); Filesystems including btrfs don't implement i_op->set_acl() so posix_acl_chmod() will report EOPNOTSUPP. When posix_acl_chmod() is called, most filesystems will have finished updating the inode. Perversely, this has the consequences that this behavior may depend on two kconfig options and mount options: * CONFIG_POSIX_ACL={y,n} * CONFIG_${FSTYPE}_POSIX_ACL={y,n} * Opt_acl, Opt_noacl Example: btrfs, ext4, xfs The only way to change the mode on a symlink currently involves abusing an O_PATH file descriptor in the following manner: fd = openat(-1, "/path/to/link", O_CLOEXEC | O_PATH | O_NOFOLLOW); char path[PATH_MAX]; snprintf(path, sizeof(path), "/proc/self/fd/%d", fd); chmod(path, 0000); But for most major filesystems with POSIX ACL support such as btrfs, ext4, ceph, tmpfs, xfs and others this will fail with EOPNOTSUPP with the mode still updated due to the aforementioned posix_acl_chmod() nonsense. So, given that for all major filesystems this would fail with EOPNOTSUPP and that both glibc (cf. [1]) and musl (cf. [2]) outright block mode changes on symlinks we should just try and block mode changes on symlinks directly in the vfs and have a clean break with this nonsense. If this causes any regressions, we do the next best thing and fix up all filesystems that do return EOPNOTSUPP with the mode updated to not call posix_acl_chmod() on symlinks. But as usual, let's try the clean cut solution first. It's a simple patch that can be easily reverted. Not marking this for backport as I'll do that manually if we're reasonably sure that this works and there are no strong objections. We could block this in chmod_common() but it's more appropriate to do it notify_change() as it will also mean that we catch filesystems that change symlink permissions explicitly or accidently. Similar proposals were floated in the past as in [3] and [4] and again recently in [5]. There's also a couple of bugs about this inconsistency as in [6] and [7]. Link: https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/fc… [1] Link: https://git.musl-libc.org/cgit/musl/tree/src/stat/fchmodat.c [2] Link: https://lore.kernel.org/all/20200911065733.GA31579@infradead.org [3] Link: https://sourceware.org/legacy-ml/libc-alpha/2020-02/msg00518.html [4] Link: https://lore.kernel.org/lkml/87lefmbppo.fsf@oldenburg.str.redhat.com [5] Link: https://sourceware.org/legacy-ml/libc-alpha/2020-02/msg00467.html [6] Link: https://sourceware.org/bugzilla/show_bug.cgi?id=14578#c17 [7] Cc: stable(a)vger.kernel.org # please backport to all LTSes but not before v6.6-rc2 is tagged Suggested-by: Christoph Hellwig <hch(a)lst.de> Suggested-by: Florian Weimer <fweimer(a)redhat.com> Reviewed-by: Aleksa Sarai <cyphar(a)cyphar.com> Signed-off-by: Christian Brauner <brauner(a)kernel.org> --- Changes in v2: - declarations first... - Link to v1: https://lore.kernel.org/r/20230712-vfs-chmod-symlinks-v1-1-27921df6011f@ker… --- --- fs/attr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/attr.c b/fs/attr.c index d60dc1edb526..775bf77ce16f 100644 --- a/fs/attr.c +++ b/fs/attr.c @@ -394,9 +394,11 @@ int notify_change(struct mnt_idmap *idmap, struct dentry *dentry, return error; if ((ia_valid & ATTR_MODE)) { - umode_t amode = attr->ia_mode; + if (S_ISLNK(inode->i_mode)) + return -EOPNOTSUPP; + /* Flag setting protected by i_mutex */ - if (is_sxid(amode)) + if (is_sxid(attr->ia_mode)) inode->i_flags &= ~S_NOSEC; } --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230712-vfs-chmod-symlinks-a3ad1923a992

2 years, 5 months

2
5
0 0

[PATCH] mmc: moxart: read scr register without changing byte order

by Sergei Antonov

Conversion from big-endian to native is done in a common function mmc_app_send_scr(). Converting in moxart_transfer_pio() is extra. Double conversion on a LE system returns an incorrect SCR value, leads to errors: mmc0: unrecognised SCR structure version 8 Fixes: 1b66e94e6b99 ("mmc: moxart: Add MOXA ART SD/MMC driver") Signed-off-by: Sergei Antonov <saproj(a)gmail.com> Cc: Jonas Jensen <jonas.jensen(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/mmc/host/moxart-mmc.c | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/drivers/mmc/host/moxart-mmc.c b/drivers/mmc/host/moxart-mmc.c index 2d002c81dcf3..d0d6ffcf78d4 100644 --- a/drivers/mmc/host/moxart-mmc.c +++ b/drivers/mmc/host/moxart-mmc.c @@ -338,13 +338,7 @@ static void moxart_transfer_pio(struct moxart_host *host) return; } for (len = 0; len < remain && len < host->fifo_width;) { - /* SCR data must be read in big endian. */ - if (data->mrq->cmd->opcode == SD_APP_SEND_SCR) - *sgp = ioread32be(host->base + - REG_DATA_WINDOW); - else - *sgp = ioread32(host->base + - REG_DATA_WINDOW); + *sgp = ioread32(host->base + REG_DATA_WINDOW); sgp++; len += 4; } -- 2.37.2

2 years, 5 months

3
3
0 0

[PATCH v3] i2c: busses: fix parameter check in i2c_gpio_fault_injector_init()

by Minjie Du

Make IS_ERR() judge the debugfs_create_dir() function return. Fixes: 14911c6f48ec ("i2c: gpio: add fault injector") Cc: Wolfram Sang <wsa+renesas(a)sang-engineering.com> Cc: <stable(a)vger.kernel.org> # v4.16+ Signed-off-by: Minjie Du <duminjie(a)vivo.com> Reviewed-by: Andi Shyti <andi.shyti(a)kernel.org> --- v1-v2: Fix judge typo. --- drivers/i2c/busses/i2c-gpio.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/i2c/busses/i2c-gpio.c b/drivers/i2c/busses/i2c-gpio.c index e5a5b9e8b..545927b96 100644 --- a/drivers/i2c/busses/i2c-gpio.c +++ b/drivers/i2c/busses/i2c-gpio.c @@ -265,7 +265,7 @@ static void i2c_gpio_fault_injector_init(struct platform_device *pdev) */ if (!i2c_gpio_debug_dir) { i2c_gpio_debug_dir = debugfs_create_dir("i2c-fault-injector", NULL); - if (!i2c_gpio_debug_dir) + if (IS_ERR(i2c_gpio_debug_dir)) return; } -- 2.39.0

2 years, 5 months

2
1
0 0

[PATCH -stable,5.15 v2 0/2] netfilter stable fixes for 5.15

by Pablo Neira Ayuso

Hi Greg, Sasha, [ this is v2, using "Upstream commit tag XYZ" as suggested by Salvatore Bonaccorso, only this comestic change in this batch. ] The following list shows the backported patches, I am using original commit IDs for reference: 1) 628bd3e49cba ("netfilter: nf_tables: drop map element references from preparation phase") 2) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") Please, apply. Thanks. Pablo Neira Ayuso (2): netfilter: nf_tables: drop map element references from preparation phase netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/net/netfilter/nf_tables.h | 5 +- net/netfilter/nf_tables_api.c | 147 ++++++++++++++++++++++++++---- net/netfilter/nft_set_bitmap.c | 5 +- net/netfilter/nft_set_hash.c | 23 ++++- net/netfilter/nft_set_pipapo.c | 14 ++- net/netfilter/nft_set_rbtree.c | 5 +- 6 files changed, 168 insertions(+), 31 deletions(-) -- 2.30.2

2 years, 5 months

1
2
0 0

[PATCH v4 1/5] mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller

by William Zhang

v7.2 controller has different ECC level field size and shift in the acc control register than its predecessor and successor controller. It needs to be set specifically. Fixes: decba6d47869 ("mtd: brcmnand: Add v7.2 controller support") Signed-off-by: William Zhang <william.zhang(a)broadcom.com> Reviewed-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Cc: stable(a)vger.kernel.org --- Changes in v4: - Move ACC_CONTROL_ECC*_SHIFT definitions out of the enum definition - Add cc stable tag Changes in v3: None Changes in v2: - Use driver static data for ECC level shift drivers/mtd/nand/raw/brcmnand/brcmnand.c | 74 +++++++++++++----------- 1 file changed, 41 insertions(+), 33 deletions(-) diff --git a/drivers/mtd/nand/raw/brcmnand/brcmnand.c b/drivers/mtd/nand/raw/brcmnand/brcmnand.c index 2e9c2e2d9c9f..9ea96911d16b 100644 --- a/drivers/mtd/nand/raw/brcmnand/brcmnand.c +++ b/drivers/mtd/nand/raw/brcmnand/brcmnand.c @@ -272,6 +272,7 @@ struct brcmnand_controller { const unsigned int *page_sizes; unsigned int page_size_shift; unsigned int max_oob; + u32 ecc_level_shift; u32 features; /* for low-power standby/resume only */ @@ -596,6 +597,34 @@ enum { INTFC_CTLR_READY = BIT(31), }; +/*********************************************************************** + * NAND ACC CONTROL bitfield + * + * Some bits have remained constant throughout hardware revision, while + * others have shifted around. + ***********************************************************************/ + +/* Constant for all versions (where supported) */ +enum { + /* See BRCMNAND_HAS_CACHE_MODE */ + ACC_CONTROL_CACHE_MODE = BIT(22), + + /* See BRCMNAND_HAS_PREFETCH */ + ACC_CONTROL_PREFETCH = BIT(23), + + ACC_CONTROL_PAGE_HIT = BIT(24), + ACC_CONTROL_WR_PREEMPT = BIT(25), + ACC_CONTROL_PARTIAL_PAGE = BIT(26), + ACC_CONTROL_RD_ERASED = BIT(27), + ACC_CONTROL_FAST_PGM_RDIN = BIT(28), + ACC_CONTROL_WR_ECC = BIT(30), + ACC_CONTROL_RD_ECC = BIT(31), +}; + +#define ACC_CONTROL_ECC_SHIFT 16 +/* Only for v7.2 */ +#define ACC_CONTROL_ECC_EXT_SHIFT 13 + static inline bool brcmnand_non_mmio_ops(struct brcmnand_controller *ctrl) { #if IS_ENABLED(CONFIG_MTD_NAND_BRCMNAND_BCMA) @@ -737,6 +766,12 @@ static int brcmnand_revision_init(struct brcmnand_controller *ctrl) else if (of_property_read_bool(ctrl->dev->of_node, "brcm,nand-has-wp")) ctrl->features |= BRCMNAND_HAS_WP; + /* v7.2 has different ecc level shift in the acc register */ + if (ctrl->nand_version == 0x0702) + ctrl->ecc_level_shift = ACC_CONTROL_ECC_EXT_SHIFT; + else + ctrl->ecc_level_shift = ACC_CONTROL_ECC_SHIFT; + return 0; } @@ -931,30 +966,6 @@ static inline int brcmnand_cmd_shift(struct brcmnand_controller *ctrl) return 0; } -/*********************************************************************** - * NAND ACC CONTROL bitfield - * - * Some bits have remained constant throughout hardware revision, while - * others have shifted around. - ***********************************************************************/ - -/* Constant for all versions (where supported) */ -enum { - /* See BRCMNAND_HAS_CACHE_MODE */ - ACC_CONTROL_CACHE_MODE = BIT(22), - - /* See BRCMNAND_HAS_PREFETCH */ - ACC_CONTROL_PREFETCH = BIT(23), - - ACC_CONTROL_PAGE_HIT = BIT(24), - ACC_CONTROL_WR_PREEMPT = BIT(25), - ACC_CONTROL_PARTIAL_PAGE = BIT(26), - ACC_CONTROL_RD_ERASED = BIT(27), - ACC_CONTROL_FAST_PGM_RDIN = BIT(28), - ACC_CONTROL_WR_ECC = BIT(30), - ACC_CONTROL_RD_ECC = BIT(31), -}; - static inline u32 brcmnand_spare_area_mask(struct brcmnand_controller *ctrl) { if (ctrl->nand_version == 0x0702) @@ -967,18 +978,15 @@ static inline u32 brcmnand_spare_area_mask(struct brcmnand_controller *ctrl) return GENMASK(4, 0); } -#define NAND_ACC_CONTROL_ECC_SHIFT 16 -#define NAND_ACC_CONTROL_ECC_EXT_SHIFT 13 - static inline u32 brcmnand_ecc_level_mask(struct brcmnand_controller *ctrl) { u32 mask = (ctrl->nand_version >= 0x0600) ? 0x1f : 0x0f; - mask <<= NAND_ACC_CONTROL_ECC_SHIFT; + mask <<= ACC_CONTROL_ECC_SHIFT; /* v7.2 includes additional ECC levels */ - if (ctrl->nand_version >= 0x0702) - mask |= 0x7 << NAND_ACC_CONTROL_ECC_EXT_SHIFT; + if (ctrl->nand_version == 0x0702) + mask |= 0x7 << ACC_CONTROL_ECC_EXT_SHIFT; return mask; } @@ -992,8 +1000,8 @@ static void brcmnand_set_ecc_enabled(struct brcmnand_host *host, int en) if (en) { acc_control |= ecc_flags; /* enable RD/WR ECC */ - acc_control |= host->hwcfg.ecc_level - << NAND_ACC_CONTROL_ECC_SHIFT; + acc_control &= ~brcmnand_ecc_level_mask(ctrl); + acc_control |= host->hwcfg.ecc_level << ctrl->ecc_level_shift; } else { acc_control &= ~ecc_flags; /* disable RD/WR ECC */ acc_control &= ~brcmnand_ecc_level_mask(ctrl); @@ -2561,7 +2569,7 @@ static int brcmnand_set_cfg(struct brcmnand_host *host, tmp &= ~brcmnand_ecc_level_mask(ctrl); tmp &= ~brcmnand_spare_area_mask(ctrl); if (ctrl->nand_version >= 0x0302) { - tmp |= cfg->ecc_level << NAND_ACC_CONTROL_ECC_SHIFT; + tmp |= cfg->ecc_level << ctrl->ecc_level_shift; tmp |= cfg->spare_area_size; } nand_writereg(ctrl, acc_control_offs, tmp); -- 2.37.3

2 years, 5 months

2
1
0 0

[PATCH v4 2/5] mtd: rawnand: brcmnand: Fix potential false time out warning

by William Zhang

If system is busy during the command status polling function, the driver may not get the chance to poll the status register till the end of time out and return the premature status. Do a final check after time out happens to ensure reading the correct status. Fixes: 9d2ee0a60b8b ("mtd: nand: brcmnand: Check flash #WP pin status before nand erase/program") Signed-off-by: William Zhang <william.zhang(a)broadcom.com> Reviewed-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Cc: stable(a)vger.kernel.org --- Changes in v4: - Update comment in the polling status function - Add cc stable tag Changes in v3: None Changes in v2: None drivers/mtd/nand/raw/brcmnand/brcmnand.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/mtd/nand/raw/brcmnand/brcmnand.c b/drivers/mtd/nand/raw/brcmnand/brcmnand.c index 9ea96911d16b..9a373a10304d 100644 --- a/drivers/mtd/nand/raw/brcmnand/brcmnand.c +++ b/drivers/mtd/nand/raw/brcmnand/brcmnand.c @@ -1080,6 +1080,14 @@ static int bcmnand_ctrl_poll_status(struct brcmnand_controller *ctrl, cpu_relax(); } while (time_after(limit, jiffies)); + /* + * do a final check after time out in case the CPU was busy and the driver + * did not get enough time to perform the polling to avoid false alarms + */ + val = brcmnand_read_reg(ctrl, BRCMNAND_INTFC_STATUS); + if ((val & mask) == expected_val) + return 0; + dev_warn(ctrl->dev, "timeout on status poll (expected %x got %x)\n", expected_val, val & mask); -- 2.37.3

2 years, 5 months

2
1
0 0

[PATCH v4 3/5] mtd: rawnand: brcmnand: Fix crash during the panic_write

by William Zhang

When executing a NAND command within the panic write path, wait for any pending command instead of calling BUG_ON to avoid crashing while already crashing. Fixes: 27c5b17cd1b1 ("mtd: nand: add NAND driver "library" for Broadcom STB NAND controller") Signed-off-by: William Zhang <william.zhang(a)broadcom.com> Reviewed-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Reviewed-by: Kursad Oney <kursad.oney(a)broadcom.com> Reviewed-by: Kamal Dasu <kamal.dasu(a)broadcom.com> Cc: stable(a)vger.kernel.org --- Changes in v4: - Update commit message - Add cc stable tag Changes in v3: None Changes in v2: None drivers/mtd/nand/raw/brcmnand/brcmnand.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/brcmnand/brcmnand.c b/drivers/mtd/nand/raw/brcmnand/brcmnand.c index 9a373a10304d..b2c6396060db 100644 --- a/drivers/mtd/nand/raw/brcmnand/brcmnand.c +++ b/drivers/mtd/nand/raw/brcmnand/brcmnand.c @@ -1608,7 +1608,17 @@ static void brcmnand_send_cmd(struct brcmnand_host *host, int cmd) dev_dbg(ctrl->dev, "send native cmd %d addr 0x%llx\n", cmd, cmd_addr); - BUG_ON(ctrl->cmd_pending != 0); + /* + * If we came here through _panic_write and there is a pending + * command, try to wait for it. If it times out, rather than + * hitting BUG_ON, just return so we don't crash while crashing. + */ + if (oops_in_progress) { + if (ctrl->cmd_pending && + bcmnand_ctrl_poll_status(ctrl, NAND_CTRL_RDY, NAND_CTRL_RDY, 0)) + return; + } else + BUG_ON(ctrl->cmd_pending != 0); ctrl->cmd_pending = cmd; ret = bcmnand_ctrl_poll_status(ctrl, NAND_CTRL_RDY, NAND_CTRL_RDY, 0); -- 2.37.3

2 years, 5 months

2
1
0 0

[PATCH v4 4/5] mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write

by William Zhang

When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on the oob source buffer at the last iteration. Fix that by always checking length limit on the oob buffer read and fill with 0xff when reaching the end of the buffer to the oob registers. Fixes: 27c5b17cd1b1 ("mtd: nand: add NAND driver "library" for Broadcom STB NAND controller") Signed-off-by: William Zhang <william.zhang(a)broadcom.com> Reviewed-by: Florian Fainelli <florian.fainelli(a)broadcom.com> Cc: stable(a)vger.kernel.org --- Changes in v4: - Add comments in the write_oob_to_regs function - Add cc stable tag Changes in v3: - Fix kernel test robot sparse warning: drivers/mtd/nand/raw/brcmnand/brcmnand.c:1500:54: sparse: expected unsigned int [usertype] data drivers/mtd/nand/raw/brcmnand/brcmnand.c:1500:54: sparse: got restricted __be32 [usertype] Changes in v2: - Handle the remaining unaligned oob data after the oob data write loop drivers/mtd/nand/raw/brcmnand/brcmnand.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/drivers/mtd/nand/raw/brcmnand/brcmnand.c b/drivers/mtd/nand/raw/brcmnand/brcmnand.c index b2c6396060db..71d0ba652bee 100644 --- a/drivers/mtd/nand/raw/brcmnand/brcmnand.c +++ b/drivers/mtd/nand/raw/brcmnand/brcmnand.c @@ -1477,19 +1477,33 @@ static int write_oob_to_regs(struct brcmnand_controller *ctrl, int i, const u8 *oob, int sas, int sector_1k) { int tbytes = sas << sector_1k; - int j; + int j, k = 0; + u32 last = 0xffffffff; + u8 *plast = (u8 *)&last; /* Adjust OOB values for 1K sector size */ if (sector_1k && (i & 0x01)) tbytes = max(0, tbytes - (int)ctrl->max_oob); tbytes = min_t(int, tbytes, ctrl->max_oob); - for (j = 0; j < tbytes; j += 4) + /* + * tbytes may not be multiple of words. Make sure we don't read out of + * the boundary and stop at last word. + */ + for (j = 0; (j + 3) < tbytes; j += 4) oob_reg_write(ctrl, j, (oob[j + 0] << 24) | (oob[j + 1] << 16) | (oob[j + 2] << 8) | (oob[j + 3] << 0)); + + /* handle the remaing bytes */ + while (j < tbytes) + plast[k++] = oob[j++]; + + if (tbytes & 0x3) + oob_reg_write(ctrl, (tbytes & ~0x3), (__force u32)cpu_to_be32(last)); + return tbytes; } -- 2.37.3

2 years, 5 months

2
1
0 0

[PATCH v1 1/2] Perform additional retries if Doorbell read returns 0

by Ranjan Kumar

Doorbell and Host diagnostic registers could return 0 even after 3 retries and that leads to occasional resets of the controllers, hence increased the retry count to thirty. Fixes: b899202901a8 ("mpt3sas: Add separate function for aero doorbell reads") Cc: stable(a)vger.kernel.org Signed-off-by: Ranjan Kumar <ranjan.kumar(a)broadcom.com> --- drivers/scsi/mpt3sas/mpt3sas_base.c | 53 ++++++++++++++++------------- drivers/scsi/mpt3sas/mpt3sas_base.h | 11 +++++- 2 files changed, 39 insertions(+), 25 deletions(-) diff --git a/drivers/scsi/mpt3sas/mpt3sas_base.c b/drivers/scsi/mpt3sas/mpt3sas_base.c index 53f5492579cb..efc9bc48db6f 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_base.c +++ b/drivers/scsi/mpt3sas/mpt3sas_base.c @@ -196,25 +196,27 @@ module_param_call(mpt3sas_fwfault_debug, _scsih_set_fwfault_debug, /** * _base_readl_aero - retry readl for max three times. * @addr: MPT Fusion system interface register address - * - * Retry the readl() for max three times if it gets zero value + *@retry_count: max no of retry + + * Retry the readl() for max thirty times if it gets zero value * while reading the system interface register. */ + static inline u32 -_base_readl_aero(const volatile void __iomem *addr) +_base_readl_aero(const volatile void __iomem *addr, u8 retry_count) { u32 i = 0, ret_val; do { ret_val = readl(addr); i++; - } while (ret_val == 0 && i < 3); + } while (ret_val == 0 && i < retry_count); return ret_val; } static inline u32 -_base_readl(const volatile void __iomem *addr) +_base_readl(const volatile void __iomem *addr, u8 retry_count) { return readl(addr); } @@ -940,7 +942,7 @@ mpt3sas_halt_firmware(struct MPT3SAS_ADAPTER *ioc) dump_stack(); - doorbell = ioc->base_readl(&ioc->chip->Doorbell); + doorbell = ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT); if ((doorbell & MPI2_IOC_STATE_MASK) == MPI2_IOC_STATE_FAULT) { mpt3sas_print_fault_code(ioc, doorbell & MPI2_DOORBELL_DATA_MASK); @@ -1617,10 +1619,10 @@ mpt3sas_base_mask_interrupts(struct MPT3SAS_ADAPTER *ioc) u32 him_register; ioc->mask_interrupts = 1; - him_register = ioc->base_readl(&ioc->chip->HostInterruptMask); + him_register = ioc->base_readl(&ioc->chip->HostInterruptMask, READL_RETRY_SHORT_COUNT); him_register |= MPI2_HIM_DIM + MPI2_HIM_RIM + MPI2_HIM_RESET_IRQ_MASK; writel(him_register, &ioc->chip->HostInterruptMask); - ioc->base_readl(&ioc->chip->HostInterruptMask); + ioc->base_readl(&ioc->chip->HostInterruptMask, READL_RETRY_SHORT_COUNT); } /** @@ -1634,7 +1636,7 @@ mpt3sas_base_unmask_interrupts(struct MPT3SAS_ADAPTER *ioc) { u32 him_register; - him_register = ioc->base_readl(&ioc->chip->HostInterruptMask); + him_register = ioc->base_readl(&ioc->chip->HostInterruptMask, READL_RETRY_SHORT_COUNT); him_register &= ~MPI2_HIM_RIM; writel(him_register, &ioc->chip->HostInterruptMask); ioc->mask_interrupts = 0; @@ -6686,7 +6688,7 @@ mpt3sas_base_get_iocstate(struct MPT3SAS_ADAPTER *ioc, int cooked) { u32 s, sc; - s = ioc->base_readl(&ioc->chip->Doorbell); + s = ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT); sc = s & MPI2_IOC_STATE_MASK; return cooked ? sc : s; } @@ -6760,7 +6762,8 @@ _base_wait_for_doorbell_int(struct MPT3SAS_ADAPTER *ioc, int timeout) count = 0; cntdn = 1000 * timeout; do { - int_status = ioc->base_readl(&ioc->chip->HostInterruptStatus); + int_status = ioc->base_readl(&ioc->chip->HostInterruptStatus, + READL_RETRY_SHORT_COUNT); if (int_status & MPI2_HIS_IOC2SYS_DB_STATUS) { dhsprintk(ioc, ioc_info(ioc, "%s: successful count(%d), timeout(%d)\n", @@ -6786,7 +6789,8 @@ _base_spin_on_doorbell_int(struct MPT3SAS_ADAPTER *ioc, int timeout) count = 0; cntdn = 2000 * timeout; do { - int_status = ioc->base_readl(&ioc->chip->HostInterruptStatus); + int_status = ioc->base_readl(&ioc->chip->HostInterruptStatus, + READL_RETRY_SHORT_COUNT); if (int_status & MPI2_HIS_IOC2SYS_DB_STATUS) { dhsprintk(ioc, ioc_info(ioc, "%s: successful count(%d), timeout(%d)\n", @@ -6824,14 +6828,15 @@ _base_wait_for_doorbell_ack(struct MPT3SAS_ADAPTER *ioc, int timeout) count = 0; cntdn = 1000 * timeout; do { - int_status = ioc->base_readl(&ioc->chip->HostInterruptStatus); + int_status = ioc->base_readl(&ioc->chip->HostInterruptStatus, + READL_RETRY_SHORT_COUNT); if (!(int_status & MPI2_HIS_SYS2IOC_DB_STATUS)) { dhsprintk(ioc, ioc_info(ioc, "%s: successful count(%d), timeout(%d)\n", __func__, count, timeout)); return 0; } else if (int_status & MPI2_HIS_IOC2SYS_DB_STATUS) { - doorbell = ioc->base_readl(&ioc->chip->Doorbell); + doorbell = ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT); if ((doorbell & MPI2_IOC_STATE_MASK) == MPI2_IOC_STATE_FAULT) { mpt3sas_print_fault_code(ioc, doorbell); @@ -6871,7 +6876,7 @@ _base_wait_for_doorbell_not_used(struct MPT3SAS_ADAPTER *ioc, int timeout) count = 0; cntdn = 1000 * timeout; do { - doorbell_reg = ioc->base_readl(&ioc->chip->Doorbell); + doorbell_reg = ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT); if (!(doorbell_reg & MPI2_DOORBELL_USED)) { dhsprintk(ioc, ioc_info(ioc, "%s: successful count(%d), timeout(%d)\n", @@ -7019,13 +7024,13 @@ _base_handshake_req_reply_wait(struct MPT3SAS_ADAPTER *ioc, int request_bytes, __le32 *mfp; /* make sure doorbell is not in use */ - if ((ioc->base_readl(&ioc->chip->Doorbell) & MPI2_DOORBELL_USED)) { + if ((ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT) & MPI2_DOORBELL_USED)) { ioc_err(ioc, "doorbell is in use (line=%d)\n", __LINE__); return -EFAULT; } /* clear pending doorbell interrupts from previous state changes */ - if (ioc->base_readl(&ioc->chip->HostInterruptStatus) & + if (ioc->base_readl(&ioc->chip->HostInterruptStatus, READL_RETRY_SHORT_COUNT) & MPI2_HIS_IOC2SYS_DB_STATUS) writel(0, &ioc->chip->HostInterruptStatus); @@ -7068,7 +7073,7 @@ _base_handshake_req_reply_wait(struct MPT3SAS_ADAPTER *ioc, int request_bytes, } /* read the first two 16-bits, it gives the total length of the reply */ - reply[0] = le16_to_cpu(ioc->base_readl(&ioc->chip->Doorbell) + reply[0] = le16_to_cpu(ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT) & MPI2_DOORBELL_DATA_MASK); writel(0, &ioc->chip->HostInterruptStatus); if ((_base_wait_for_doorbell_int(ioc, 5))) { @@ -7076,7 +7081,7 @@ _base_handshake_req_reply_wait(struct MPT3SAS_ADAPTER *ioc, int request_bytes, __LINE__); return -EFAULT; } - reply[1] = le16_to_cpu(ioc->base_readl(&ioc->chip->Doorbell) + reply[1] = le16_to_cpu(ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT) & MPI2_DOORBELL_DATA_MASK); writel(0, &ioc->chip->HostInterruptStatus); @@ -7087,10 +7092,10 @@ _base_handshake_req_reply_wait(struct MPT3SAS_ADAPTER *ioc, int request_bytes, return -EFAULT; } if (i >= reply_bytes/2) /* overflow case */ - ioc->base_readl(&ioc->chip->Doorbell); + ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT); else reply[i] = le16_to_cpu( - ioc->base_readl(&ioc->chip->Doorbell) + ioc->base_readl(&ioc->chip->Doorbell, READL_RETRY_COUNT) & MPI2_DOORBELL_DATA_MASK); writel(0, &ioc->chip->HostInterruptStatus); } @@ -7949,14 +7954,14 @@ _base_diag_reset(struct MPT3SAS_ADAPTER *ioc) goto out; } - host_diagnostic = ioc->base_readl(&ioc->chip->HostDiagnostic); + host_diagnostic = ioc->base_readl(&ioc->chip->HostDiagnostic, READL_RETRY_COUNT); drsprintk(ioc, ioc_info(ioc, "wrote magic sequence: count(%d), host_diagnostic(0x%08x)\n", count, host_diagnostic)); } while ((host_diagnostic & MPI2_DIAG_DIAG_WRITE_ENABLE) == 0); - hcb_size = ioc->base_readl(&ioc->chip->HCBSize); + hcb_size = ioc->base_readl(&ioc->chip->HCBSize, READL_RETRY_SHORT_COUNT); drsprintk(ioc, ioc_info(ioc, "diag reset: issued\n")); writel(host_diagnostic | MPI2_DIAG_RESET_ADAPTER, @@ -7969,7 +7974,7 @@ _base_diag_reset(struct MPT3SAS_ADAPTER *ioc) for (count = 0; count < (300000000 / MPI2_HARD_RESET_PCIE_SECOND_READ_DELAY_MICRO_SEC); count++) { - host_diagnostic = ioc->base_readl(&ioc->chip->HostDiagnostic); + host_diagnostic = ioc->base_readl(&ioc->chip->HostDiagnostic, READL_RETRY_COUNT); if (host_diagnostic == 0xFFFFFFFF) { ioc_info(ioc, diff --git a/drivers/scsi/mpt3sas/mpt3sas_base.h b/drivers/scsi/mpt3sas/mpt3sas_base.h index 05364aa15ecd..b4e57b89915d 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_base.h +++ b/drivers/scsi/mpt3sas/mpt3sas_base.h @@ -160,6 +160,15 @@ #define IOC_OPERATIONAL_WAIT_COUNT 10 +/* + *Due to hardware specific behaviour + *retry count is increased from 3 to 30. + *Delay is not needed as retry count fulfill + *the desired requirement + */ +#define READL_RETRY_COUNT 30 +#define READL_RETRY_SHORT_COUNT 3 + /* * NVMe defines */ @@ -994,7 +1003,7 @@ typedef void (*NVME_BUILD_PRP)(struct MPT3SAS_ADAPTER *ioc, u16 smid, typedef void (*PUT_SMID_IO_FP_HIP) (struct MPT3SAS_ADAPTER *ioc, u16 smid, u16 funcdep); typedef void (*PUT_SMID_DEFAULT) (struct MPT3SAS_ADAPTER *ioc, u16 smid); -typedef u32 (*BASE_READ_REG) (const volatile void __iomem *addr); +typedef u32 (*BASE_READ_REG) (const volatile void __iomem *addr, u8 retry_count); /* * To get high iops reply queue's msix index when high iops mode is enabled * else get the msix index of general reply queues. -- 2.31.1

2 years, 5 months

1
0
0 0

[PATCH] KVM: arm64: vgic-v4: Consistently request doorbell irq for blocking vCPU

by Oliver Upton

Xiang reports that VMs occasionally fail to boot on GICv4.1 systems when running a preemptible kernel, as it is possible that a vCPU is blocked without requesting a doorbell interrupt. The issue is that any preemption that occurs between vgic_v4_put() and schedule() on the block path will mark the vPE as nonresident and *not* request a doorbell irq. Fix it by consistently requesting a doorbell irq in the vcpu put path if the vCPU is blocking. While this technically means we could drop the early doorbell irq request in kvm_vcpu_wfi(), deliberately leave it intact such that vCPU halt polling can properly detect the wakeup condition before actually scheduling out a vCPU. Cc: stable(a)vger.kernel.org Fixes: 8e01d9a396e6 ("KVM: arm64: vgic-v4: Move the GICv4 residency flow to be driven by vcpu_load/put") Reported-by: Xiang Chen <chenxiang66(a)hisilicon.com> Tested-by: Xiang Chen <chenxiang66(a)hisilicon.com> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> --- arch/arm64/kvm/vgic/vgic-v3.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kvm/vgic/vgic-v3.c b/arch/arm64/kvm/vgic/vgic-v3.c index c3b8e132d599..8c467e9f4f11 100644 --- a/arch/arm64/kvm/vgic/vgic-v3.c +++ b/arch/arm64/kvm/vgic/vgic-v3.c @@ -749,7 +749,7 @@ void vgic_v3_put(struct kvm_vcpu *vcpu) { struct vgic_v3_cpu_if *cpu_if = &vcpu->arch.vgic_cpu.vgic_v3; - WARN_ON(vgic_v4_put(vcpu, false)); + WARN_ON(vgic_v4_put(vcpu, kvm_vcpu_is_blocking(vcpu))); vgic_v3_vmcr_sync(vcpu); -- 2.41.0.255.g8b1d071c50-goog

2 years, 5 months

5
12
0 0

[PATCH 6.4 0/6] 6.4.3-rc2 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 6.4.3 release. There are 6 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue, 11 Jul 2023 20:38:10 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v6.x/stable-review/patch-6.4.3-rc2.… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-6.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 6.4.3-rc2 Suren Baghdasaryan <surenb(a)google.com> fork: lock VMAs of the parent process when forking Liu Shixin <liushixin2(a)huawei.com> bootmem: remove the vmemmap pages from kmemleak in free_bootmem_page Peter Collingbourne <pcc(a)google.com> mm: call arch_swap_restore() from do_swap_page() Hugh Dickins <hughd(a)google.com> mm: lock newly mapped VMA with corrected ordering Suren Baghdasaryan <surenb(a)google.com> mm: lock newly mapped VMA which can be modified after it becomes visible Suren Baghdasaryan <surenb(a)google.com> mm: lock a vma before stack expansion ------------- Diffstat: Makefile | 4 ++-- include/linux/bootmem_info.h | 2 ++ kernel/fork.c | 1 + mm/memory.c | 7 +++++++ mm/mmap.c | 6 ++++++ 5 files changed, 18 insertions(+), 2 deletions(-)

2 years, 5 months

10
11
0 0

[PATCH] LoongArch: Fix return value underflow in exception path

by WANG Rui

This patch fixes an underflow issue in the return value within the exception path, specifically at .Llt8 when the remaining length is less than 8 bytes. Cc: stable(a)vger.kernel.org Fixes: 8941e93ca590 ("LoongArch: Optimize memory ops (memset/memcpy/memmove)") Reported-by: Weihao Li <liweihao(a)loongson.cn> Signed-off-by: WANG Rui <wangrui(a)loongson.cn> --- arch/loongarch/lib/clear_user.S | 3 ++- arch/loongarch/lib/copy_user.S | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/loongarch/lib/clear_user.S b/arch/loongarch/lib/clear_user.S index fd1d62b244f2..9dcf71719387 100644 --- a/arch/loongarch/lib/clear_user.S +++ b/arch/loongarch/lib/clear_user.S @@ -108,6 +108,7 @@ SYM_FUNC_START(__clear_user_fast) addi.d a3, a2, -8 bgeu a0, a3, .Llt8 15: st.d zero, a0, 0 + addi.d a0, a0, 8 .Llt8: 16: st.d zero, a2, -8 @@ -188,7 +189,7 @@ SYM_FUNC_START(__clear_user_fast) _asm_extable 13b, .L_fixup_handle_0 _asm_extable 14b, .L_fixup_handle_1 _asm_extable 15b, .L_fixup_handle_0 - _asm_extable 16b, .L_fixup_handle_1 + _asm_extable 16b, .L_fixup_handle_0 _asm_extable 17b, .L_fixup_handle_s0 _asm_extable 18b, .L_fixup_handle_s0 _asm_extable 19b, .L_fixup_handle_s0 diff --git a/arch/loongarch/lib/copy_user.S b/arch/loongarch/lib/copy_user.S index b21f6d5d38f5..fecd08cad702 100644 --- a/arch/loongarch/lib/copy_user.S +++ b/arch/loongarch/lib/copy_user.S @@ -136,6 +136,7 @@ SYM_FUNC_START(__copy_user_fast) bgeu a1, a4, .Llt8 30: ld.d t0, a1, 0 31: st.d t0, a0, 0 + addi.d a0, a0, 8 .Llt8: 32: ld.d t0, a3, -8 @@ -246,7 +247,7 @@ SYM_FUNC_START(__copy_user_fast) _asm_extable 30b, .L_fixup_handle_0 _asm_extable 31b, .L_fixup_handle_0 _asm_extable 32b, .L_fixup_handle_0 - _asm_extable 33b, .L_fixup_handle_1 + _asm_extable 33b, .L_fixup_handle_0 _asm_extable 34b, .L_fixup_handle_s0 _asm_extable 35b, .L_fixup_handle_s0 _asm_extable 36b, .L_fixup_handle_s0 -- 2.41.0

2 years, 5 months

1
0
0 0

[PATCH 1/2] hugetlb: Do not clear hugetlb dtor until allocating vmemmap

by Mike Kravetz

Freeing a hugetlb page and releasing base pages back to the underlying allocator such as buddy or cma is performed in two steps: - remove_hugetlb_folio() is called to remove the folio from hugetlb lists, get a ref on the page and remove hugetlb destructor. This all must be done under the hugetlb lock. After this call, the page can be treated as a normal compound page or a collection of base size pages. - update_and_free_hugetlb_folio() is called to allocate vmemmap if needed and the free routine of the underlying allocator is called on the resulting page. We can not hold the hugetlb lock here. One issue with this scheme is that a memory error could occur between these two steps. In this case, the memory error handling code treats the old hugetlb page as a normal compound page or collection of base pages. It will then try to SetPageHWPoison(page) on the page with an error. If the page with error is a tail page without vmemmap, a write error will occur when trying to set the flag. Address this issue by modifying remove_hugetlb_folio() and update_and_free_hugetlb_folio() such that the hugetlb destructor is not cleared until after allocating vmemmap. Since clearing the destructor requires holding the hugetlb lock, the clearing is done in remove_hugetlb_folio() if the vmemmap is present. This saves a lock/unlock cycle. Otherwise, destructor is cleared in update_and_free_hugetlb_folio() after allocating vmemmap. Note that this will leave hugetlb pages in a state where they are marked free (by hugetlb specific page flag) and have a ref count. This is not a normal state. The only code that would notice is the memory error code, and it is set up to retry in such a case. A subsequent patch will create a routine to do bulk processing of vmemmap allocation. This will eliminate a lock/unlock cycle for each hugetlb page in the case where we are freeing a large number of pages. Fixes: ad2fa3717b74 ("mm: hugetlb: alloc the vmemmap pages associated with each HugeTLB page") Cc: <stable(a)vger.kernel.org> Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> --- mm/hugetlb.c | 75 +++++++++++++++++++++++++++++++++++----------------- 1 file changed, 51 insertions(+), 24 deletions(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index e4a28ce0667f..1b67bf341c32 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -1580,9 +1580,37 @@ static inline void destroy_compound_gigantic_folio(struct folio *folio, unsigned int order) { } #endif +static inline void __clear_hugetlb_destructor(struct hstate *h, + struct folio *folio) +{ + lockdep_assert_held(&hugetlb_lock); + + /* + * Very subtle + * + * For non-gigantic pages set the destructor to the normal compound + * page dtor. This is needed in case someone takes an additional + * temporary ref to the page, and freeing is delayed until they drop + * their reference. + * + * For gigantic pages set the destructor to the null dtor. This + * destructor will never be called. Before freeing the gigantic + * page destroy_compound_gigantic_folio will turn the folio into a + * simple group of pages. After this the destructor does not + * apply. + * + */ + if (hstate_is_gigantic(h)) + folio_set_compound_dtor(folio, NULL_COMPOUND_DTOR); + else + folio_set_compound_dtor(folio, COMPOUND_PAGE_DTOR); +} + /* - * Remove hugetlb folio from lists, and update dtor so that the folio appears - * as just a compound page. + * Remove hugetlb folio from lists. + * If vmemmap exists for the folio, update dtor so that the folio appears + * as just a compound page. Otherwise, wait until after allocating vmemmap + * to update dtor. * * A reference is held on the folio, except in the case of demote. * @@ -1613,31 +1641,19 @@ static void __remove_hugetlb_folio(struct hstate *h, struct folio *folio, } /* - * Very subtle - * - * For non-gigantic pages set the destructor to the normal compound - * page dtor. This is needed in case someone takes an additional - * temporary ref to the page, and freeing is delayed until they drop - * their reference. - * - * For gigantic pages set the destructor to the null dtor. This - * destructor will never be called. Before freeing the gigantic - * page destroy_compound_gigantic_folio will turn the folio into a - * simple group of pages. After this the destructor does not - * apply. - * - * This handles the case where more than one ref is held when and - * after update_and_free_hugetlb_folio is called. - * - * In the case of demote we do not ref count the page as it will soon - * be turned into a page of smaller size. + * We can only clear the hugetlb destructor after allocating vmemmap + * pages. Otherwise, someone (memory error handling) may try to write + * to tail struct pages. + */ + if (!folio_test_hugetlb_vmemmap_optimized(folio)) + __clear_hugetlb_destructor(h, folio); + + /* + * In the case of demote we do not ref count the page as it will soon + * be turned into a page of smaller size. */ if (!demote) folio_ref_unfreeze(folio, 1); - if (hstate_is_gigantic(h)) - folio_set_compound_dtor(folio, NULL_COMPOUND_DTOR); - else - folio_set_compound_dtor(folio, COMPOUND_PAGE_DTOR); h->nr_huge_pages--; h->nr_huge_pages_node[nid]--; @@ -1706,6 +1722,7 @@ static void __update_and_free_hugetlb_folio(struct hstate *h, { int i; struct page *subpage; + bool clear_dtor = folio_test_hugetlb_vmemmap_optimized(folio); if (hstate_is_gigantic(h) && !gigantic_page_runtime_supported()) return; @@ -1736,6 +1753,16 @@ static void __update_and_free_hugetlb_folio(struct hstate *h, if (unlikely(folio_test_hwpoison(folio))) folio_clear_hugetlb_hwpoison(folio); + /* + * If vmemmap pages were allocated above, then we need to clear the + * hugetlb destructor under the hugetlb lock. + */ + if (clear_dtor) { + spin_lock_irq(&hugetlb_lock); + __clear_hugetlb_destructor(h, folio); + spin_unlock_irq(&hugetlb_lock); + } + for (i = 0; i < pages_per_huge_page(h); i++) { subpage = folio_page(folio, i); subpage->flags &= ~(1 << PG_locked | 1 << PG_error | -- 2.41.0

2 years, 5 months

2
3
0 0

[PATCH] tracing/histograms: Add histograms to hist_vars if they have referenced variables

by Mohamed Khalfella

Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigger actions. In this case the newly added references will not have field variables. Not taking such referenced variables into consideration can result in a bug where it would be possible to remove hist trigger with variables being refenced. This will result in a bug that is easily reproducable like so $ cd /sys/kernel/tracing $ echo 'synthetic_sys_enter char[] comm; long id' >> synthetic_events $ echo 'hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname' >> events/raw_syscalls/sys_enter/trigger $ echo 'hist:keys=common_pid.execname,id.syscall:onmatch(raw_syscalls.sys_enter).synthetic_sys_enter($comm, id)' >> events/raw_syscalls/sys_enter/trigger $ echo '!hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname' >> events/raw_syscalls/sys_enter/trigger [ 100.263533] ================================================================== [ 100.264634] BUG: KASAN: slab-use-after-free in resolve_var_refs+0xc7/0x180 [ 100.265520] Read of size 8 at addr ffff88810375d0f0 by task bash/439 [ 100.266320] [ 100.266533] CPU: 2 PID: 439 Comm: bash Not tainted 6.5.0-rc1 #4 [ 100.267277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-20220807_005459-localhost 04/01/2014 [ 100.268561] Call Trace: [ 100.268902] <TASK> [ 100.269189] dump_stack_lvl+0x4c/0x70 [ 100.269680] print_report+0xc5/0x600 [ 100.270165] ? resolve_var_refs+0xc7/0x180 [ 100.270697] ? kasan_complete_mode_report_info+0x80/0x1f0 [ 100.271389] ? resolve_var_refs+0xc7/0x180 [ 100.271913] kasan_report+0xbd/0x100 [ 100.272380] ? resolve_var_refs+0xc7/0x180 [ 100.272920] __asan_load8+0x71/0xa0 [ 100.273377] resolve_var_refs+0xc7/0x180 [ 100.273888] event_hist_trigger+0x749/0x860 [ 100.274505] ? kasan_save_stack+0x2a/0x50 [ 100.275024] ? kasan_set_track+0x29/0x40 [ 100.275536] ? __pfx_event_hist_trigger+0x10/0x10 [ 100.276138] ? ksys_write+0xd1/0x170 [ 100.276607] ? do_syscall_64+0x3c/0x90 [ 100.277099] ? entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 100.277771] ? destroy_hist_data+0x446/0x470 [ 100.278324] ? event_hist_trigger_parse+0xa6c/0x3860 [ 100.278962] ? __pfx_event_hist_trigger_parse+0x10/0x10 [ 100.279627] ? __kasan_check_write+0x18/0x20 [ 100.280177] ? mutex_unlock+0x85/0xd0 [ 100.280660] ? __pfx_mutex_unlock+0x10/0x10 [ 100.281200] ? kfree+0x7b/0x120 [ 100.281619] ? ____kasan_slab_free+0x15d/0x1d0 [ 100.282197] ? event_trigger_write+0xac/0x100 [ 100.282764] ? __kasan_slab_free+0x16/0x20 [ 100.283293] ? __kmem_cache_free+0x153/0x2f0 [ 100.283844] ? sched_mm_cid_remote_clear+0xb1/0x250 [ 100.284550] ? __pfx_sched_mm_cid_remote_clear+0x10/0x10 [ 100.285221] ? event_trigger_write+0xbc/0x100 [ 100.285781] ? __kasan_check_read+0x15/0x20 [ 100.286321] ? __bitmap_weight+0x66/0xa0 [ 100.286833] ? _find_next_bit+0x46/0xe0 [ 100.287334] ? task_mm_cid_work+0x37f/0x450 [ 100.287872] event_triggers_call+0x84/0x150 [ 100.288408] trace_event_buffer_commit+0x339/0x430 [ 100.289073] ? ring_buffer_event_data+0x3f/0x60 [ 100.292189] trace_event_raw_event_sys_enter+0x8b/0xe0 [ 100.295434] syscall_trace_enter.constprop.0+0x18f/0x1b0 [ 100.298653] syscall_enter_from_user_mode+0x32/0x40 [ 100.301808] do_syscall_64+0x1a/0x90 [ 100.304748] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 100.307775] RIP: 0033:0x7f686c75c1cb [ 100.310617] Code: 73 01 c3 48 8b 0d 65 3c 10 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 21 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 35 3c 10 00 f7 d8 64 89 01 48 [ 100.317847] RSP: 002b:00007ffc60137a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000021 [ 100.321200] RAX: ffffffffffffffda RBX: 000055f566469ea0 RCX: 00007f686c75c1cb [ 100.324631] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000000a [ 100.328104] RBP: 00007ffc60137ac0 R08: 00007f686c818460 R09: 000000000000000a [ 100.331509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 100.334992] R13: 0000000000000007 R14: 000000000000000a R15: 0000000000000007 [ 100.338381] </TASK> We hit the bug because when second hist trigger has was created has_hist_vars() returned false because hist trigger did not have variables. As a result of that save_hist_vars() was not called to add the trigger to trace_array->hist_vars. Later on when we attempted to remove the first histogram find_any_var_ref() failed to detect it is being used because it did not find the second trigger in hist_vars list. With this change we wait until trigger actions are created so we can take into consideration if hist trigger has variable references. Also, now we check the return value of save_hist_vars() and fail trigger creation if save_hist_vars() fails. Signed-off-by: Mohamed Khalfella <mkhalfella(a)purestorage.com> Cc: stable(a)vger.kernel.org --- kernel/trace/trace_events_hist.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index b97d3ad832f1..c8c61381eba4 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -6663,13 +6663,15 @@ static int event_hist_trigger_parse(struct event_command *cmd_ops, if (get_named_trigger_data(trigger_data)) goto enable; - if (has_hist_vars(hist_data)) - save_hist_vars(hist_data); - ret = create_actions(hist_data); if (ret) goto out_unreg; + if (has_hist_vars(hist_data) || hist_data->n_var_refs) { + if (save_hist_vars(hist_data)) + goto out_unreg; + } + ret = tracing_map_init(hist_data->map); if (ret) goto out_unreg; -- 2.34.1

2 years, 5 months

3
3
0 0

[PATCH] usb: dwc3: Disable AutoRetry controller feature for dwc_usb3 v2.00a

by Jakub Vanek

AutoRetry has been found to cause issues in this controller revision. This feature allows the controller to send non-terminating/burst retry ACKs (Retry=1 and Nump!=0) as opposed to terminating retry ACKs (Retry=1 and Nump=0) to devices when a transaction error occurs. Unfortunately, some USB devices do not retry transfers when the controller sends them a non-terminating retry ACK. After the transfer times out, the xHCI driver tries to resume normal operation of the controller by sending a Stop Endpoint command to it. However, this revision of the controller fails to respond to that command in this state and the xHCI driver therefore gives up. This is reported via dmesg: [sda] tag#29 uas_eh_abort_handler 0 uas-tag 1 inflight: CMD IN [sda] tag#29 CDB: opcode=0x28 28 00 00 69 42 80 00 00 48 00 xhci-hcd: xHCI host not responding to stop endpoint command xhci-hcd: xHCI host controller not responding, assume dead xhci-hcd: HC died; cleaning up This problem has been observed on Odroid HC2. This board has an integrated JMS578 USB3-to-SATA bridge. The above problem could be triggered by starting a read-heavy workload on an attached SSD. After a while, the host controller would die and the SSD would disappear from the system. Reverting b138e23d3dff ("usb: dwc3: core: Enable AutoRetry feature in the controller") stopped the issue from occurring on Odroid HC2. As this problem hasn't been reported on other devices, disable AutoRetry just for the dwc_usb3 revision v2.00a that the board SoC (Exynos 5422) uses. Fixes: b138e23d3dff ("usb: dwc3: core: Enable AutoRetry feature in the controller") Link: https://lore.kernel.org/r/a21f34c04632d250cd0a78c7c6f4a1c9c7a43142.camel@gm… Link: https://forum.odroid.com/viewtopic.php?t=42630 Cc: stable(a)vger.kernel.org Cc: Mauro Ribeiro <mauro.ribeiro(a)hardkernel.com> Cc: Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> Suggested-by: Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> Signed-off-by: Jakub Vanek <linuxtardis(a)gmail.com> --- drivers/usb/dwc3/core.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/usb/dwc3/core.c b/drivers/usb/dwc3/core.c index d68958e151a7..d742fc882d7e 100644 --- a/drivers/usb/dwc3/core.c +++ b/drivers/usb/dwc3/core.c @@ -1218,9 +1218,15 @@ static int dwc3_core_init(struct dwc3 *dwc) * Host mode on seeing transaction errors(CRC errors or internal * overrun scenerios) on IN transfers to reply to the device * with a non-terminating retry ACK (i.e, an ACK transcation - * packet with Retry=1 & Nump != 0) + * packet with Retry=1 & Nump != 0). + * + * Do not enable this for DWC_usb3 v2.00a. This controller + * revision stops responding to Stop Endpoint commands if + * a USB device does not retry after a non-terminating retry + * ACK is sent to it. */ - reg |= DWC3_GUCTL_HSTINAUTORETRY; + if (!DWC3_VER_IS(DWC3, 200A)) + reg |= DWC3_GUCTL_HSTINAUTORETRY; dwc3_writel(dwc->regs, DWC3_GUCTL, reg); } -- 2.25.1

2 years, 5 months

3
5
0 0

[PATCH v1] regmap-irq: Fix out-of-bounds access when allocating config buffers

by Isaac J. Manjarres

When allocating the 2D array for handling IRQ type registers in regmap_add_irq_chip_fwnode(), the intent is to allocate a matrix with num_config_bases rows and num_config_regs columns. This is currently handled by allocating a buffer to hold a pointer for each row (i.e. num_config_bases). After that, the logic attempts to allocate the memory required to hold the register configuration for each row. However, instead of doing this allocation for each row (i.e. num_config_bases allocations), the logic erroneously does this allocation num_config_regs number of times. This scenario can lead to out-of-bounds accesses when num_config_regs is greater than num_config_bases. Fix this by updating the terminating condition of the loop that allocates the memory for holding the register configuration to allocate memory only for each row in the matrix. Amit Pundir reported a crash that was occurring on his db845c device due to memory corruption (see "Closes" tag for Amit's report). The KASAN report below helped narrow it down to this issue: [ 14.033877][ T1] ================================================================== [ 14.042507][ T1] BUG: KASAN: invalid-access in regmap_add_irq_chip_fwnode+0x594/0x1364 [ 14.050796][ T1] Write of size 8 at addr 06ffff8081021850 by task init/1 [ 14.057841][ T1] Pointer tag: [06], memory tag: [fe] [ 14.063124][ T1] [ 14.065349][ T1] CPU: 2 PID: 1 Comm: init Tainted: G W E 6.4.0-mainline-g6a4b67fef3e2 #1 [ 14.075014][ T1] Hardware name: Thundercomm Dragonboard 845c (DT) [ 14.081432][ T1] Call trace: [ 14.084618][ T1] dump_backtrace+0xe8/0x108 [ 14.089144][ T1] show_stack+0x18/0x30 [ 14.093215][ T1] dump_stack_lvl+0x50/0x6c [ 14.097642][ T1] print_report+0x178/0x4c0 [ 14.102070][ T1] kasan_report+0xd4/0x12c [ 14.106407][ T1] kasan_tag_mismatch+0x28/0x40 [ 14.111178][ T1] __hwasan_tag_mismatch+0x2c/0x5c [ 14.116222][ T1] regmap_add_irq_chip_fwnode+0x594/0x1364 [ 14.121961][ T1] devm_regmap_add_irq_chip+0xb8/0x144 [ 14.127346][ T1] wcd934x_slim_status+0x210/0x28c [wcd934x] [ 14.133307][ T1] slim_device_alloc_laddr+0x1ac/0x1ec [slimbus] [ 14.139669][ T1] slim_device_probe+0x80/0x124 [slimbus] [ 14.145394][ T1] really_probe+0x250/0x4d8 [ 14.149826][ T1] __driver_probe_device+0x104/0x1ac [ 14.155041][ T1] driver_probe_device+0x80/0x218 [ 14.159990][ T1] __driver_attach+0x19c/0x2e4 [ 14.164678][ T1] bus_for_each_dev+0x158/0x1b4 [ 14.169454][ T1] driver_attach+0x34/0x44 [ 14.173790][ T1] bus_add_driver+0x1fc/0x328 [ 14.178390][ T1] driver_register+0xdc/0x1b4 [ 14.182995][ T1] __slim_driver_register+0x6c/0x84 [slimbus] [ 14.189068][ T1] init_module+0x20/0xfe4 [wcd934x] [ 14.194219][ T1] do_one_initcall+0x110/0x418 [ 14.198916][ T1] do_init_module+0x124/0x30c [ 14.203521][ T1] load_module+0x1938/0x1ab0 [ 14.208034][ T1] __arm64_sys_finit_module+0x110/0x138 [ 14.213509][ T1] invoke_syscall+0x70/0x170 [ 14.218015][ T1] el0_svc_common+0xf0/0x138 [ 14.222523][ T1] do_el0_svc+0x40/0xb8 [ 14.226596][ T1] el0_svc+0x2c/0x78 [ 14.230405][ T1] el0t_64_sync_handler+0x68/0xb4 [ 14.235354][ T1] el0t_64_sync+0x19c/0x1a0 [ 14.239778][ T1] [ 14.242004][ T1] The buggy address belongs to the object at ffffff8081021850 [ 14.242004][ T1] which belongs to the cache kmalloc-8 of size 8 [ 14.255669][ T1] The buggy address is located 0 bytes inside of [ 14.255669][ T1] 8-byte region [ffffff8081021850, ffffff8081021858) [ 14.255685][ T1] [ 14.255689][ T1] The buggy address belongs to the physical page: [ 14.255699][ T1] page:0000000080887a30 refcount:1 mapcount:0 mapping:0000000000000000 index:0x85ffff8081021ee0 pfn:0x101021 [ 14.275062][ T1] flags: 0x4000000000000200(slab|zone=1|kasantag=0x0) [ 14.275078][ T1] page_type: 0xffffffff() [ 14.275091][ T1] raw: 4000000000000200 49ffff8080002200 dead000000000122 0000000000000000 [ 14.275103][ T1] raw: 85ffff8081021ee0 00000000810000ea 00000001ffffffff 0000000000000000 [ 14.275110][ T1] page dumped because: kasan: bad access detected [ 14.275116][ T1] [ 14.275119][ T1] Memory state around the buggy address: [ 14.275125][ T1] ffffff8081021600: fe fe fe 9a fe fe 5b 3c fe fe c9 fe b4 3f fe 54 [ 14.275133][ T1] ffffff8081021700: fe fe ad 6b fe fe fe 87 fe fe 39 c9 fe 03 fe ea [ 14.275143][ T1] >ffffff8081021800: fe fe e1 fe 06 fe fe 21 fe fe e7 fe de fe fe 70 [ 14.275149][ T1] ^ [ 14.371674][ T1] ffffff8081021900: d7 fe fe 87 fe a0 fe fe fe 80 e0 f0 05 fe fe fe [ 14.379667][ T1] ffffff8081021a00: 94 fe 31 fe fe e5 c8 00 d0 fe a1 fe fe e2 e5 fe [ 14.387664][ T1] ================================================================== Fixes: faa87ce9196d ("regmap-irq: Introduce config registers for irq types") Reported-by: Amit Pundir <amit.pundir(a)linaro.org> Closes: https://lore.kernel.org/all/CAMi1Hd04mu6JojT3y6wyN2YeVkPR5R3qnkKJ8iR8if_YBy… Tested-by: John Stultz <jstultz(a)google.com> Cc: stable(a)vger.kernel.org # v6.0+ Cc: Aidan MacDonald <aidanmacdonald.0x0(a)gmail.com> Cc: Saravana Kannan <saravanak(a)google.com> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Signed-off-by: Isaac J. Manjarres <isaacmanjarres(a)google.com> --- drivers/base/regmap/regmap-irq.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/base/regmap/regmap-irq.c b/drivers/base/regmap/regmap-irq.c index ced0dcf86e0b..45fd13ef13fc 100644 --- a/drivers/base/regmap/regmap-irq.c +++ b/drivers/base/regmap/regmap-irq.c @@ -717,7 +717,7 @@ int regmap_add_irq_chip_fwnode(struct fwnode_handle *fwnode, if (!d->config_buf) goto err_alloc; - for (i = 0; i < chip->num_config_regs; i++) { + for (i = 0; i < chip->num_config_bases; i++) { d->config_buf[i] = kcalloc(chip->num_config_regs, sizeof(**d->config_buf), GFP_KERNEL); -- 2.41.0.255.g8b1d071c50-goog

2 years, 5 months

4
6
0 0

[for-linus][PATCH 4/5] ftrace: Fix possible warning on checking all pages used in ftrace_process_locs()

by Steven Rostedt

From: Zheng Yejian <zhengyejian1(a)huawei.com> As comments in ftrace_process_locs(), there may be NULL pointers in mcount_loc section: > Some architecture linkers will pad between > the different mcount_loc sections of different > object files to satisfy alignments. > Skip any NULL pointers. After commit 20e5227e9f55 ("ftrace: allow NULL pointers in mcount_loc"), NULL pointers will be accounted when allocating ftrace pages but skipped before adding into ftrace pages, this may result in some pages not being used. Then after commit 706c81f87f84 ("ftrace: Remove extra helper functions"), warning may occur at: WARN_ON(pg->next); To fix it, only warn for case that no pointers skipped but pages not used up, then free those unused pages after releasing ftrace_lock. Link: https://lore.kernel.org/linux-trace-kernel/20230712060452.3175675-1-zhengye… Cc: stable(a)vger.kernel.org Fixes: 706c81f87f84 ("ftrace: Remove extra helper functions") Suggested-by: Steven Rostedt <rostedt(a)goodmis.org> Signed-off-by: Zheng Yejian <zhengyejian1(a)huawei.com> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/ftrace.c | 45 +++++++++++++++++++++++++++++-------------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 3740aca79fe7..05c0024815bf 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -3305,6 +3305,22 @@ static int ftrace_allocate_records(struct ftrace_page *pg, int count) return cnt; } +static void ftrace_free_pages(struct ftrace_page *pages) +{ + struct ftrace_page *pg = pages; + + while (pg) { + if (pg->records) { + free_pages((unsigned long)pg->records, pg->order); + ftrace_number_of_pages -= 1 << pg->order; + } + pages = pg->next; + kfree(pg); + pg = pages; + ftrace_number_of_groups--; + } +} + static struct ftrace_page * ftrace_allocate_pages(unsigned long num_to_init) { @@ -3343,17 +3359,7 @@ ftrace_allocate_pages(unsigned long num_to_init) return start_pg; free_pages: - pg = start_pg; - while (pg) { - if (pg->records) { - free_pages((unsigned long)pg->records, pg->order); - ftrace_number_of_pages -= 1 << pg->order; - } - start_pg = pg->next; - kfree(pg); - pg = start_pg; - ftrace_number_of_groups--; - } + ftrace_free_pages(start_pg); pr_info("ftrace: FAILED to allocate memory for functions\n"); return NULL; } @@ -6471,9 +6477,11 @@ static int ftrace_process_locs(struct module *mod, unsigned long *start, unsigned long *end) { + struct ftrace_page *pg_unuse = NULL; struct ftrace_page *start_pg; struct ftrace_page *pg; struct dyn_ftrace *rec; + unsigned long skipped = 0; unsigned long count; unsigned long *p; unsigned long addr; @@ -6536,8 +6544,10 @@ static int ftrace_process_locs(struct module *mod, * object files to satisfy alignments. * Skip any NULL pointers. */ - if (!addr) + if (!addr) { + skipped++; continue; + } end_offset = (pg->index+1) * sizeof(pg->records[0]); if (end_offset > PAGE_SIZE << pg->order) { @@ -6551,8 +6561,10 @@ static int ftrace_process_locs(struct module *mod, rec->ip = addr; } - /* We should have used all pages */ - WARN_ON(pg->next); + if (pg->next) { + pg_unuse = pg->next; + pg->next = NULL; + } /* Assign the last page to ftrace_pages */ ftrace_pages = pg; @@ -6574,6 +6586,11 @@ static int ftrace_process_locs(struct module *mod, out: mutex_unlock(&ftrace_lock); + /* We should have used all pages unless we skipped some */ + if (pg_unuse) { + WARN_ON(!skipped); + ftrace_free_pages(pg_unuse); + } return ret; } -- 2.40.1

2 years, 5 months

1
0
0 0

[for-linus][PATCH 3/5] ring-buffer: Fix deadloop issue on reading trace_pipe

by Steven Rostedt

From: Zheng Yejian <zhengyejian1(a)huawei.com> Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488] [...] RIP: 0010:ring_buffer_empty_cpu+0xed/0x170 RSP: 0018:ffff88810dd6fc48 EFLAGS: 00000246 RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff93d1aaeb RDX: ffff88810a280040 RSI: 0000000000000008 RDI: ffff88811164b218 RBP: ffff88811164b218 R08: 0000000000000000 R09: ffff88815156600f R10: ffffed102a2acc01 R11: 0000000000000001 R12: 0000000051651901 R13: 0000000000000000 R14: ffff888115e49500 R15: 0000000000000000 [...] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8d853c2000 CR3: 000000010dcd8000 CR4: 00000000000006e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __find_next_entry+0x1a8/0x4b0 ? peek_next_entry+0x250/0x250 ? down_write+0xa5/0x120 ? down_write_killable+0x130/0x130 trace_find_next_entry_inc+0x3b/0x1d0 tracing_read_pipe+0x423/0xae0 ? tracing_splice_read_pipe+0xcb0/0xcb0 vfs_read+0x16b/0x490 ksys_read+0x105/0x210 ? __ia32_sys_pwrite64+0x200/0x200 ? switch_fpu_return+0x108/0x220 do_syscall_64+0x33/0x40 entry_SYSCALL_64_after_hwframe+0x61/0xc6 Through the vmcore, I found it's because in tracing_read_pipe(), ring_buffer_empty_cpu() found some buffer is not empty but then it cannot read anything due to "rb_num_of_entries() == 0" always true, Then it infinitely loop the procedure due to user buffer not been filled, see following code path: tracing_read_pipe() { ... ... waitagain: tracing_wait_pipe() // 1. find non-empty buffer here trace_find_next_entry_inc() // 2. loop here try to find an entry __find_next_entry() ring_buffer_empty_cpu(); // 3. find non-empty buffer peek_next_entry() // 4. but peek always return NULL ring_buffer_peek() rb_buffer_peek() rb_get_reader_page() // 5. because rb_num_of_entries() == 0 always true here // then return NULL // 6. user buffer not been filled so goto 'waitgain' // and eventually leads to an deadloop in kernel!!! } By some analyzing, I found that when resetting ringbuffer, the 'entries' of its pages are not all cleared (see rb_reset_cpu()). Then when reducing the ringbuffer, and if some reduced pages exist dirty 'entries' data, they will be added into 'cpu_buffer->overrun' (see rb_remove_pages()), which cause wrong 'overrun' count and eventually cause the deadloop issue. To fix it, we need to clear every pages in rb_reset_cpu(). Link: https://lore.kernel.org/linux-trace-kernel/20230708225144.3785600-1-zhengye… Cc: stable(a)vger.kernel.org Fixes: a5fb833172eca ("ring-buffer: Fix uninitialized read_stamp") Signed-off-by: Zheng Yejian <zhengyejian1(a)huawei.com> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/ring_buffer.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 834b361a4a66..14d8001140c8 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -5242,28 +5242,34 @@ unsigned long ring_buffer_size(struct trace_buffer *buffer, int cpu) } EXPORT_SYMBOL_GPL(ring_buffer_size); +static void rb_clear_buffer_page(struct buffer_page *page) +{ + local_set(&page->write, 0); + local_set(&page->entries, 0); + rb_init_page(page->page); + page->read = 0; +} + static void rb_reset_cpu(struct ring_buffer_per_cpu *cpu_buffer) { + struct buffer_page *page; + rb_head_page_deactivate(cpu_buffer); cpu_buffer->head_page = list_entry(cpu_buffer->pages, struct buffer_page, list); - local_set(&cpu_buffer->head_page->write, 0); - local_set(&cpu_buffer->head_page->entries, 0); - local_set(&cpu_buffer->head_page->page->commit, 0); - - cpu_buffer->head_page->read = 0; + rb_clear_buffer_page(cpu_buffer->head_page); + list_for_each_entry(page, cpu_buffer->pages, list) { + rb_clear_buffer_page(page); + } cpu_buffer->tail_page = cpu_buffer->head_page; cpu_buffer->commit_page = cpu_buffer->head_page; INIT_LIST_HEAD(&cpu_buffer->reader_page->list); INIT_LIST_HEAD(&cpu_buffer->new_pages); - local_set(&cpu_buffer->reader_page->write, 0); - local_set(&cpu_buffer->reader_page->entries, 0); - local_set(&cpu_buffer->reader_page->page->commit, 0); - cpu_buffer->reader_page->read = 0; + rb_clear_buffer_page(cpu_buffer->reader_page); local_set(&cpu_buffer->entries_bytes, 0); local_set(&cpu_buffer->overrun, 0); -- 2.40.1

2 years, 5 months

1
0
0 0

[PATCH] mtd: spi-nor: Correct flags for Winbond w25q128

by Linus Walleij

The Winbond W25Q128 (actual vendor name W25Q128JV) has exactly the same flags as the sibling device w25q128fw. The devices both require unlocking and support dual and quad SPI transport. The actual product naming between devices: 0xef4018: "w25q128" W25Q128JV-IM/JM 0xef7018: "w25q128fw" W25Q128JV-IN/IQ/JQ The latter device, "w25q128fw" supports features named DTQ and QPI, otherwise it is the same. Not having the right flags has the annoying side effect that write access does not work. After this patch I can write to the flash on the Inteno XG6846 router. Cc: stable(a)vger.kernel.org Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- drivers/mtd/spi-nor/winbond.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/spi-nor/winbond.c b/drivers/mtd/spi-nor/winbond.c index 834d6ba5ce70..a67e1d4206f3 100644 --- a/drivers/mtd/spi-nor/winbond.c +++ b/drivers/mtd/spi-nor/winbond.c @@ -121,7 +121,9 @@ static const struct flash_info winbond_nor_parts[] = { { "w25q80bl", INFO(0xef4014, 0, 64 * 1024, 16) NO_SFDP_FLAGS(SECT_4K) }, { "w25q128", INFO(0xef4018, 0, 64 * 1024, 256) - NO_SFDP_FLAGS(SECT_4K) }, + FLAGS(SPI_NOR_HAS_LOCK | SPI_NOR_HAS_TB) + NO_SFDP_FLAGS(SECT_4K | SPI_NOR_DUAL_READ | + SPI_NOR_QUAD_READ) }, { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512) NO_SFDP_FLAGS(SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) .fixups = &w25q256_fixups }, --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230711-spi-nor-winbond-w25q128-321a602ee267 Best regards, -- Linus Walleij <linus.walleij(a)linaro.org>

2 years, 5 months

2
2
0 0

[PATCH v2] KVM: arm64: Correctly handle page aging notifiers for unaligned memslot

by Oliver Upton

Userspace is allowed to select any PAGE_SIZE aligned hva to back guest memory. This is even the case with hugepages, although it is a rather suboptimal configuration as PTE level mappings are used at stage-2. The arm64 page aging handlers have an assumption that the specified range is exactly one page/block of memory, which in the aforementioned case is not necessarily true. All together this leads to the WARN() in kvm_age_gfn() firing. However, the WARN is only part of the issue as the table walkers visit at most a single leaf PTE. For hugepage-backed memory in a memslot that isn't hugepage-aligned, page aging entirely misses accesses to the hugepage beyond the first page in the memslot. Add a new walker dedicated to handling page aging MMU notifiers capable of walking a range of PTEs. Convert kvm(_test)_age_gfn() over to the new walker and drop the WARN that caught the issue in the first place. The implementation of this walker was inspired by the test_clear_young() implementation by Yu Zhao [*], but repurposed to address a bug in the existing aging implementation. Cc: stable(a)vger.kernel.org # v5.15 Fixes: 056aad67f836 ("kvm: arm/arm64: Rework gpa callback handlers") Link: https://lore.kernel.org/kvmarm/20230526234435.662652-6-yuzhao@google.com/ Co-developed-by: Yu Zhao <yuzhao(a)google.com> Signed-off-by: Yu Zhao <yuzhao(a)google.com> Reported-by: Reiji Watanabe <reijiw(a)google.com> Signed-off-by: Oliver Upton <oliver.upton(a)linux.dev> --- arch/arm64/include/asm/kvm_pgtable.h | 26 ++++++------------ arch/arm64/kvm/hyp/pgtable.c | 41 ++++++++++++++++++++++------ arch/arm64/kvm/mmu.c | 18 ++++++------ 3 files changed, 49 insertions(+), 36 deletions(-) diff --git a/arch/arm64/include/asm/kvm_pgtable.h b/arch/arm64/include/asm/kvm_pgtable.h index dc3c072e862f..75f437e8cd15 100644 --- a/arch/arm64/include/asm/kvm_pgtable.h +++ b/arch/arm64/include/asm/kvm_pgtable.h @@ -556,22 +556,26 @@ int kvm_pgtable_stage2_wrprotect(struct kvm_pgtable *pgt, u64 addr, u64 size); kvm_pte_t kvm_pgtable_stage2_mkyoung(struct kvm_pgtable *pgt, u64 addr); /** - * kvm_pgtable_stage2_mkold() - Clear the access flag in a page-table entry. + * kvm_pgtable_stage2_test_clear_young() - Test and optionally clear the access + * flag in a page-table entry. * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*(). * @addr: Intermediate physical address to identify the page-table entry. + * @size: Size of the address range to visit. + * @mkold: True if the access flag should be cleared. * * The offset of @addr within a page is ignored. * - * If there is a valid, leaf page-table entry used to translate @addr, then - * clear the access flag in that entry. + * Tests and conditionally clears the access flag for every valid, leaf + * page-table entry used to translate the range [@addr, @addr + @size). * * Note that it is the caller's responsibility to invalidate the TLB after * calling this function to ensure that the updated permissions are visible * to the CPUs. * - * Return: The old page-table entry prior to clearing the flag, 0 on failure. + * Return: True if any of the visited PTEs had the access flag set. */ -kvm_pte_t kvm_pgtable_stage2_mkold(struct kvm_pgtable *pgt, u64 addr); +bool kvm_pgtable_stage2_test_clear_young(struct kvm_pgtable *pgt, u64 addr, + u64 size, bool mkold); /** * kvm_pgtable_stage2_relax_perms() - Relax the permissions enforced by a @@ -593,18 +597,6 @@ kvm_pte_t kvm_pgtable_stage2_mkold(struct kvm_pgtable *pgt, u64 addr); int kvm_pgtable_stage2_relax_perms(struct kvm_pgtable *pgt, u64 addr, enum kvm_pgtable_prot prot); -/** - * kvm_pgtable_stage2_is_young() - Test whether a page-table entry has the - * access flag set. - * @pgt: Page-table structure initialised by kvm_pgtable_stage2_init*(). - * @addr: Intermediate physical address to identify the page-table entry. - * - * The offset of @addr within a page is ignored. - * - * Return: True if the page-table entry has the access flag set, false otherwise. - */ -bool kvm_pgtable_stage2_is_young(struct kvm_pgtable *pgt, u64 addr); - /** * kvm_pgtable_stage2_flush_range() - Clean and invalidate data cache to Point * of Coherency for guest stage-2 address diff --git a/arch/arm64/kvm/hyp/pgtable.c b/arch/arm64/kvm/hyp/pgtable.c index 5282cb9ca4cf..5d701e9adf5c 100644 --- a/arch/arm64/kvm/hyp/pgtable.c +++ b/arch/arm64/kvm/hyp/pgtable.c @@ -1153,25 +1153,48 @@ kvm_pte_t kvm_pgtable_stage2_mkyoung(struct kvm_pgtable *pgt, u64 addr) return pte; } -kvm_pte_t kvm_pgtable_stage2_mkold(struct kvm_pgtable *pgt, u64 addr) +struct stage2_age_data { + bool mkold; + bool young; +}; + +static int stage2_age_walker(const struct kvm_pgtable_visit_ctx *ctx, + enum kvm_pgtable_walk_flags visit) { - kvm_pte_t pte = 0; - stage2_update_leaf_attrs(pgt, addr, 1, 0, KVM_PTE_LEAF_ATTR_LO_S2_AF, - &pte, NULL, 0); + kvm_pte_t new = ctx->old & ~KVM_PTE_LEAF_ATTR_LO_S2_AF; + struct stage2_age_data *data = ctx->arg; + + if (!kvm_pte_valid(ctx->old) || new == ctx->old) + return 0; + + data->young = true; + + if (data->mkold && !stage2_try_set_pte(ctx, new)) + return -EAGAIN; + /* * "But where's the TLBI?!", you scream. * "Over in the core code", I sigh. * * See the '->clear_flush_young()' callback on the KVM mmu notifier. */ - return pte; + return 0; } -bool kvm_pgtable_stage2_is_young(struct kvm_pgtable *pgt, u64 addr) +bool kvm_pgtable_stage2_test_clear_young(struct kvm_pgtable *pgt, u64 addr, + u64 size, bool mkold) { - kvm_pte_t pte = 0; - stage2_update_leaf_attrs(pgt, addr, 1, 0, 0, &pte, NULL, 0); - return pte & KVM_PTE_LEAF_ATTR_LO_S2_AF; + struct stage2_age_data data = { + .mkold = mkold, + }; + struct kvm_pgtable_walker walker = { + .cb = stage2_age_walker, + .arg = &data, + .flags = KVM_PGTABLE_WALK_LEAF, + }; + + WARN_ON(kvm_pgtable_walk(pgt, addr, size, &walker)); + return data.young; } int kvm_pgtable_stage2_relax_perms(struct kvm_pgtable *pgt, u64 addr, diff --git a/arch/arm64/kvm/mmu.c b/arch/arm64/kvm/mmu.c index 3b9d4d24c361..8a7e9381710e 100644 --- a/arch/arm64/kvm/mmu.c +++ b/arch/arm64/kvm/mmu.c @@ -1639,27 +1639,25 @@ bool kvm_set_spte_gfn(struct kvm *kvm, struct kvm_gfn_range *range) bool kvm_age_gfn(struct kvm *kvm, struct kvm_gfn_range *range) { u64 size = (range->end - range->start) << PAGE_SHIFT; - kvm_pte_t kpte; - pte_t pte; if (!kvm->arch.mmu.pgt) return false; - WARN_ON(size != PAGE_SIZE && size != PMD_SIZE && size != PUD_SIZE); - - kpte = kvm_pgtable_stage2_mkold(kvm->arch.mmu.pgt, - range->start << PAGE_SHIFT); - pte = __pte(kpte); - return pte_valid(pte) && pte_young(pte); + return kvm_pgtable_stage2_test_clear_young(kvm->arch.mmu.pgt, + range->start << PAGE_SHIFT, + size, true); } bool kvm_test_age_gfn(struct kvm *kvm, struct kvm_gfn_range *range) { + u64 size = (range->end - range->start) << PAGE_SHIFT; + if (!kvm->arch.mmu.pgt) return false; - return kvm_pgtable_stage2_is_young(kvm->arch.mmu.pgt, - range->start << PAGE_SHIFT); + return kvm_pgtable_stage2_test_clear_young(kvm->arch.mmu.pgt, + range->start << PAGE_SHIFT, + size, false); } phys_addr_t kvm_mmu_get_httbr(void) base-commit: 44c026a73be8038f03dbdeef028b642880cf1511 -- 2.41.0.178.g377b9f9a00-goog

2 years, 5 months

3
6
0 0

+ maple_tree-fix-node-allocation-testing-on-32-bit.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: maple_tree: fix node allocation testing on 32 bit has been added to the -mm mm-hotfixes-unstable branch. Its filename is maple_tree-fix-node-allocation-testing-on-32-bit.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Subject: maple_tree: fix node allocation testing on 32 bit Date: Wed, 12 Jul 2023 13:39:16 -0400 Internal node counting was altered and the 64 bit test was updated, however the 32bit test was missed. Restore the 32bit test to a functional state. Link: https://lore.kernel.org/linux-mm/CAMuHMdV4T53fOw7VPoBgPR7fP6RYqf=CBhD_y_vOg… Link: https://lkml.kernel.org/r/20230712173916.168805-2-Liam.Howlett@oracle.com Fixes: 541e06b772c1 ("maple_tree: remove GFP_ZERO from kmem_cache_alloc() and kmem_cache_alloc_bulk()") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- tools/testing/radix-tree/maple.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) --- a/tools/testing/radix-tree/maple.c~maple_tree-fix-node-allocation-testing-on-32-bit +++ a/tools/testing/radix-tree/maple.c @@ -206,9 +206,9 @@ static noinline void __init check_new_no e = i - 1; } else { if (i >= 4) - e = i - 4; - else if (i == 3) - e = i - 2; + e = i - 3; + else if (i >= 1) + e = i - 1; else e = 0; } _ Patches currently in -mm which might be from Liam.Howlett(a)oracle.com are mm-mlock-fix-vma-iterator-conversion-of-apply_vma_lock_flags.patch maple_tree-fix-32-bit-mas_next-testing.patch maple_tree-fix-node-allocation-testing-on-32-bit.patch

2 years, 5 months

1
0
0 0

+ maple_tree-fix-32-bit-mas_next-testing.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: maple_tree: fix 32 bit mas_next testing has been added to the -mm mm-hotfixes-unstable branch. Its filename is maple_tree-fix-32-bit-mas_next-testing.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Liam R. Howlett" <Liam.Howlett(a)oracle.com> Subject: maple_tree: fix 32 bit mas_next testing Date: Wed, 12 Jul 2023 13:39:15 -0400 The test setup of mas_next is dependent on node entry size to create a 2 level tree, but the tests did not account for this in the expected value when shifting beyond the scope of the tree. Fix this by setting up the test to succeed depending on the node entries which is dependent on the 32/64 bit setup. Link: https://lkml.kernel.org/r/20230712173916.168805-1-Liam.Howlett@oracle.com Fixes: 120b116208a0 ("maple_tree: reorganize testing to restore module testing") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Reported-by: Geert Uytterhoeven <geert(a)linux-m68k.org> Link: https://lore.kernel.org/linux-mm/CAMuHMdV4T53fOw7VPoBgPR7fP6RYqf=CBhD_y_vOg… Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- lib/test_maple_tree.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- a/lib/test_maple_tree.c~maple_tree-fix-32-bit-mas_next-testing +++ a/lib/test_maple_tree.c @@ -1898,13 +1898,16 @@ static noinline void __init next_prev_te 725}; static const unsigned long level2_32[] = { 1747, 2000, 1750, 1755, 1760, 1765}; + unsigned long last_index; if (MAPLE_32BIT) { nr_entries = 500; level2 = level2_32; + last_index = 0x138e; } else { nr_entries = 200; level2 = level2_64; + last_index = 0x7d6; } for (i = 0; i <= nr_entries; i++) @@ -2011,7 +2014,7 @@ static noinline void __init next_prev_te val = mas_next(&mas, ULONG_MAX); MT_BUG_ON(mt, val != NULL); - MT_BUG_ON(mt, mas.index != 0x7d6); + MT_BUG_ON(mt, mas.index != last_index); MT_BUG_ON(mt, mas.last != ULONG_MAX); val = mas_prev(&mas, 0); _ Patches currently in -mm which might be from Liam.Howlett(a)oracle.com are mm-mlock-fix-vma-iterator-conversion-of-apply_vma_lock_flags.patch maple_tree-fix-32-bit-mas_next-testing.patch maple_tree-fix-node-allocation-testing-on-32-bit.patch

2 years, 5 months

1
0
0 0

+ selftests-mm-mkdirty-fix-incorrect-position-of-endif.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: selftests/mm: mkdirty: Fix incorrect position of #endif has been added to the -mm mm-hotfixes-unstable branch. Its filename is selftests-mm-mkdirty-fix-incorrect-position-of-endif.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Colin Ian King <colin.i.king(a)gmail.com> Subject: selftests/mm: mkdirty: Fix incorrect position of #endif Date: Wed, 12 Jul 2023 14:46:48 +0100 The #endif is the wrong side of a } causing a build failure when __NR_userfaultfd is not defined. Fix this by moving the #end to enclose the } Link: https://lkml.kernel.org/r/20230712134648.456349-1-colin.i.king@gmail.com Fixes: 9eac40fc0cc7 ("selftests/mm: mkdirty: test behavior of (pte|pmd)_mkdirty on VMAs without write permissions") Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- tools/testing/selftests/mm/mkdirty.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/tools/testing/selftests/mm/mkdirty.c~selftests-mm-mkdirty-fix-incorrect-position-of-endif +++ a/tools/testing/selftests/mm/mkdirty.c @@ -321,8 +321,8 @@ close_uffd: munmap: munmap(dst, pagesize); free(src); -#endif /* __NR_userfaultfd */ } +#endif /* __NR_userfaultfd */ int main(void) { _ Patches currently in -mm which might be from colin.i.king(a)gmail.com are selftests-mm-mkdirty-fix-incorrect-position-of-endif.patch

2 years, 5 months

1
0
0 0

[PATCH] attr: block mode changes of symlinks

by Christian Brauner

Changing the mode of symlinks is meaningless as the vfs doesn't take the mode of a symlink into account during path lookup permission checking. However, the vfs doesn't block mode changes on symlinks. This however, has lead to an untenable mess roughly classifiable into the following two categories: (1) Filesystems that don't implement a i_op->setattr() for symlinks. Such filesystems may or may not know that without i_op->setattr() defined, notify_change() falls back to simple_setattr() causing the inode's mode in the inode cache to be changed. That's a generic issue as this will affect all non-size changing inode attributes including ownership changes. Example: afs (2) Filesystems that fail with EOPNOTSUPP but change the mode of the symlink nonetheless. Some filesystems will happily update the mode of a symlink but still return EOPNOTSUPP. This is the biggest source of confusion for userspace. The EOPNOTSUPP in this case comes from POSIX ACLs. Specifically it comes from filesystems that call posix_acl_chmod(), e.g., btrfs via if (!err && attr->ia_valid & ATTR_MODE) err = posix_acl_chmod(idmap, dentry, inode->i_mode); Filesystems including btrfs don't implement i_op->set_acl() so posix_acl_chmod() will report EOPNOTSUPP. When posix_acl_chmod() is called, most filesystems will have finished updating the inode. Perversely, this has the consequences that this behavior may depend on two kconfig options and mount options: * CONFIG_POSIX_ACL={y,n} * CONFIG_${FSTYPE}_POSIX_ACL={y,n} * Opt_acl, Opt_noacl Example: btrfs, ext4, xfs The only way to change the mode on a symlink currently involves abusing an O_PATH file descriptor in the following manner: fd = openat(-1, "/path/to/link", O_CLOEXEC | O_PATH | O_NOFOLLOW); char path[PATH_MAX]; snprintf(path, sizeof(path), "/proc/self/fd/%d", fd); chmod(path, 0000); But for most major filesystems with POSIX ACL support such as btrfs, ext4, ceph, tmpfs, xfs and others this will fail with EOPNOTSUPP with the mode still updated due to the aforementioned posix_acl_chmod() nonsense. So, given that for all major filesystems this would fail with EOPNOTSUPP and that both glibc (cf. [1]) and musl (cf. [2]) outright block mode changes on symlinks we should just try and block mode changes on symlinks directly in the vfs and have a clean break with this nonsense. If this causes any regressions, we do the next best thing and fix up all filesystems that do return EOPNOTSUPP with the mode updated to not call posix_acl_chmod() on symlinks. But as usual, let's try the clean cut solution first. It's a simple patch that can be easily reverted. Not marking this for backport as I'll do that manually if we're reasonably sure that this works and there are no strong objections. We could block this in chmod_common() but it's more appropriate to do it notify_change() as it will also mean that we catch filesystems that change symlink permissions explicitly or accidently. Similar proposals were floated in the past as in [3] and [4] and again recently in [5]. There's also a couple of bugs about this inconsistency as in [6] and [7]. Link: https://sourceware.org/git/?p=glibc.git;a=blob;f=sysdeps/unix/sysv/linux/fc… [1] Link: https://git.musl-libc.org/cgit/musl/tree/src/stat/fchmodat.c [2] Link: https://lore.kernel.org/all/20200911065733.GA31579@infradead.org [3] Link: https://sourceware.org/legacy-ml/libc-alpha/2020-02/msg00518.html [4] Link: https://lore.kernel.org/lkml/87lefmbppo.fsf@oldenburg.str.redhat.com [5] Link: https://sourceware.org/legacy-ml/libc-alpha/2020-02/msg00467.html [6] Link: https://sourceware.org/bugzilla/show_bug.cgi?id=14578#c17 [7] Cc: stable(a)vger.kernel.org # no backport before v6.6-rc2 is tagged Suggested-by: Christoph Hellwig <hch(a)lst.de> Suggested-by: Florian Weimer <fweimer(a)redhat.com> Reviewed-by: Aleksa Sarai <cyphar(a)cyphar.com> Signed-off-by: Christian Brauner <brauner(a)kernel.org> --- --- fs/attr.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/attr.c b/fs/attr.c index d60dc1edb526..529153ecde25 100644 --- a/fs/attr.c +++ b/fs/attr.c @@ -394,6 +394,9 @@ int notify_change(struct mnt_idmap *idmap, struct dentry *dentry, return error; if ((ia_valid & ATTR_MODE)) { + if (S_ISLNK(inode->i_mode)) + return -EOPNOTSUPP; + umode_t amode = attr->ia_mode; /* Flag setting protected by i_mutex */ if (is_sxid(amode)) --- base-commit: 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5 change-id: 20230712-vfs-chmod-symlinks-a3ad1923a992

2 years, 5 months

3
4
0 0

[PATCH] ARM: dts: BCM5301X: Extend RAM to full 256MB for Linksys EA6500 V2

by Christian Marangi

From: Aleksey Nasibulin <alealexpro100(a)ya.ru> Linksys ea6500-v2 have 256MB of ram. Currently we only use 128MB. Expand the definition to use all the available RAM. Fixes: 03e96644d7a8 ("ARM: dts: BCM5301X: Add basic DT for Linksys EA6500 V2") Signed-off-by: Aleksey Nasibulin <alealexpro100(a)ya.ru> Signed-off-by: Christian Marangi <ansuelsmth(a)gmail.com> Cc: stable(a)vger.kernel.org --- arch/arm/boot/dts/broadcom/bcm4708-linksys-ea6500-v2.dts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/arm/boot/dts/broadcom/bcm4708-linksys-ea6500-v2.dts b/arch/arm/boot/dts/broadcom/bcm4708-linksys-ea6500-v2.dts index f1412ba83def..0454423fe166 100644 --- a/arch/arm/boot/dts/broadcom/bcm4708-linksys-ea6500-v2.dts +++ b/arch/arm/boot/dts/broadcom/bcm4708-linksys-ea6500-v2.dts @@ -19,7 +19,8 @@ chosen { memory@0 { device_type = "memory"; - reg = <0x00000000 0x08000000>; + reg = <0x00000000 0x08000000>, + <0x88000000 0x08000000>; }; gpio-keys { -- 2.40.1

2 years, 5 months

4
4
0 0

[PATCH 26/33] drm/amd/display: Disable MPC split by default on special asic

by Alan Liu

From: Zhikai Zhai <zhikai.zhai(a)amd.com> [WHY] All of pipes will be used when the MPC split enable on the dcn which just has 2 pipes. Then MPO enter will trigger the minimal transition which need programe dcn from 2 pipes MPC split to 2 pipes MPO. This action will cause lag if happen frequently. [HOW] Disable the MPC split for the platform which dcn resource is limited Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Alvin Lee <alvin.lee2(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Zhikai Zhai <zhikai.zhai(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c b/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c index 45956ef6f3f9..131b8b82afc0 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c +++ b/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c @@ -65,7 +65,7 @@ static const struct dc_debug_options debug_defaults_drv = { .timing_trace = false, .clock_trace = true, .disable_pplib_clock_request = true, - .pipe_split_policy = MPC_SPLIT_DYNAMIC, + .pipe_split_policy = MPC_SPLIT_AVOID, .force_single_disp_pipe_split = false, .disable_dcc = DCC_ENABLE, .vsr_support = true, -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 22/33] drm/amd/display: Keep PHY active for DP displays on DCN31

by Alan Liu

From: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> [Why & How] Port of a change that went into DCN314 to keep the PHY enabled when we have a connected and active DP display. The PHY can hang if PHY refclk is disabled inadvertently. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Josip Pavic <josip.pavic(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> --- drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c index 7ccd96959256..3db4ef564b99 100644 --- a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c +++ b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c @@ -87,6 +87,11 @@ static int dcn31_get_active_display_cnt_wa( stream->signal == SIGNAL_TYPE_DVI_SINGLE_LINK || stream->signal == SIGNAL_TYPE_DVI_DUAL_LINK) tmds_present = true; + + /* Checking stream / link detection ensuring that PHY is active*/ + if (dc_is_dp_signal(stream->signal) && !stream->dpms_off) + display_count++; + } for (i = 0; i < dc->link_count; i++) { -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 20/33] drm/amd/display: Prevent vtotal from being set to 0

by Alan Liu

From: Daniel Miess <daniel.miess(a)amd.com> [Why] In dcn314 DML the destination pipe vtotal was being set to the crtc adjustment vtotal_min value even in cases where that value is 0. [How] Only set vtotal to the crtc adjustment vtotal_min value in cases where the value is non-zero. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Daniel Miess <daniel.miess(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c b/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c index d9e049e7ff0a..ed8ddb75b333 100644 --- a/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c +++ b/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c @@ -295,7 +295,11 @@ int dcn314_populate_dml_pipes_from_context_fpu(struct dc *dc, struct dc_state *c pipe = &res_ctx->pipe_ctx[i]; timing = &pipe->stream->timing; - pipes[pipe_cnt].pipe.dest.vtotal = pipe->stream->adjust.v_total_min; + if (pipe->stream->adjust.v_total_min != 0) + pipes[pipe_cnt].pipe.dest.vtotal = pipe->stream->adjust.v_total_min; + else + pipes[pipe_cnt].pipe.dest.vtotal = timing->v_total; + pipes[pipe_cnt].pipe.dest.vblank_nom = timing->v_total - pipes[pipe_cnt].pipe.dest.vactive; pipes[pipe_cnt].pipe.dest.vblank_nom = min(pipes[pipe_cnt].pipe.dest.vblank_nom, dcn3_14_ip.VBlankNomDefaultUS); pipes[pipe_cnt].pipe.dest.vblank_nom = max(pipes[pipe_cnt].pipe.dest.vblank_nom, timing->v_sync_width); -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 11/33] drm/amd/display: check TG is non-null before checking if enabled

by Alan Liu

From: Taimur Hassan <syed.hassan(a)amd.com> [Why & How] If there is no TG allocation we can dereference a NULL pointer when checking if the TG is enabled. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Taimur Hassan <syed.hassan(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c b/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c index a50309039d08..9834b75f1837 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c +++ b/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c @@ -3278,7 +3278,8 @@ void dcn10_wait_for_mpcc_disconnect( if (pipe_ctx->stream_res.opp->mpcc_disconnect_pending[mpcc_inst]) { struct hubp *hubp = get_hubp_by_inst(res_pool, mpcc_inst); - if (pipe_ctx->stream_res.tg->funcs->is_tg_enabled(pipe_ctx->stream_res.tg)) + if (pipe_ctx->stream_res.tg && + pipe_ctx->stream_res.tg->funcs->is_tg_enabled(pipe_ctx->stream_res.tg)) res_pool->mpc->funcs->wait_for_idle(res_pool->mpc, mpcc_inst); pipe_ctx->stream_res.opp->mpcc_disconnect_pending[mpcc_inst] = false; hubp->funcs->set_blank(hubp, true); -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 04/33] drm/amd/display: Add polling method to handle MST reply packet

by Alan Liu

From: Wayne Lin <wayne.lin(a)amd.com> [Why] Specific TBT4 dock doesn't send out short HPD to notify source that IRQ event DOWN_REP_MSG_RDY is set. Which violates the spec and cause source can't send out streams to mst sinks. [How] To cover this misbehavior, add an additional polling method to detect DOWN_REP_MSG_RDY is set. HPD driven handling method is still kept. Just hook up our handler to drm mgr->cbs->poll_hpd_irq(). Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Jerry Zuo <jerry.zuo(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Wayne Lin <wayne.lin(a)amd.com> --- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 117 +++++------------- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 7 ++ .../display/amdgpu_dm/amdgpu_dm_mst_types.c | 110 ++++++++++++++++ .../display/amdgpu_dm/amdgpu_dm_mst_types.h | 11 ++ 4 files changed, 159 insertions(+), 86 deletions(-) diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c index 28f8ac6007fb..42fa632523a2 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c @@ -1347,6 +1347,15 @@ static void dm_handle_hpd_rx_offload_work(struct work_struct *work) if (amdgpu_in_reset(adev)) goto skip; + if (offload_work->data.bytes.device_service_irq.bits.UP_REQ_MSG_RDY || + offload_work->data.bytes.device_service_irq.bits.DOWN_REP_MSG_RDY) { + dm_handle_mst_sideband_msg_ready_event(&aconnector->mst_mgr, DOWN_OR_UP_MSG_RDY_EVENT); + spin_lock_irqsave(&offload_work->offload_wq->offload_lock, flags); + offload_work->offload_wq->is_handling_mst_msg_rdy_event = false; + spin_unlock_irqrestore(&offload_work->offload_wq->offload_lock, flags); + goto skip; + } + mutex_lock(&adev->dm.dc_lock); if (offload_work->data.bytes.device_service_irq.bits.AUTOMATED_TEST) { dc_link_dp_handle_automated_test(dc_link); @@ -3232,87 +3241,6 @@ static void handle_hpd_irq(void *param) } -static void dm_handle_mst_sideband_msg(struct amdgpu_dm_connector *aconnector) -{ - u8 esi[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = { 0 }; - u8 dret; - bool new_irq_handled = false; - int dpcd_addr; - int dpcd_bytes_to_read; - - const int max_process_count = 30; - int process_count = 0; - - const struct dc_link_status *link_status = dc_link_get_status(aconnector->dc_link); - - if (link_status->dpcd_caps->dpcd_rev.raw < 0x12) { - dpcd_bytes_to_read = DP_LANE0_1_STATUS - DP_SINK_COUNT; - /* DPCD 0x200 - 0x201 for downstream IRQ */ - dpcd_addr = DP_SINK_COUNT; - } else { - dpcd_bytes_to_read = DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI; - /* DPCD 0x2002 - 0x2005 for downstream IRQ */ - dpcd_addr = DP_SINK_COUNT_ESI; - } - - dret = drm_dp_dpcd_read( - &aconnector->dm_dp_aux.aux, - dpcd_addr, - esi, - dpcd_bytes_to_read); - - while (dret == dpcd_bytes_to_read && - process_count < max_process_count) { - u8 ack[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = {}; - u8 retry; - - dret = 0; - - process_count++; - - DRM_DEBUG_DRIVER("ESI %02x %02x %02x\n", esi[0], esi[1], esi[2]); - /* handle HPD short pulse irq */ - if (aconnector->mst_mgr.mst_state) - drm_dp_mst_hpd_irq_handle_event(&aconnector->mst_mgr, - esi, - ack, - &new_irq_handled); - - if (new_irq_handled) { - /* ACK at DPCD to notify down stream */ - for (retry = 0; retry < 3; retry++) { - ssize_t wret; - - wret = drm_dp_dpcd_writeb(&aconnector->dm_dp_aux.aux, - dpcd_addr + 1, - ack[1]); - if (wret == 1) - break; - } - - if (retry == 3) { - DRM_ERROR("Failed to ack MST event.\n"); - return; - } - - drm_dp_mst_hpd_irq_send_new_request(&aconnector->mst_mgr); - /* check if there is new irq to be handled */ - dret = drm_dp_dpcd_read( - &aconnector->dm_dp_aux.aux, - dpcd_addr, - esi, - dpcd_bytes_to_read); - - new_irq_handled = false; - } else { - break; - } - } - - if (process_count == max_process_count) - DRM_DEBUG_DRIVER("Loop exceeded max iterations\n"); -} - static void schedule_hpd_rx_offload_work(struct hpd_rx_irq_offload_work_queue *offload_wq, union hpd_irq_data hpd_irq_data) { @@ -3374,7 +3302,23 @@ static void handle_hpd_rx_irq(void *param) if (dc_link_dp_allow_hpd_rx_irq(dc_link)) { if (hpd_irq_data.bytes.device_service_irq.bits.UP_REQ_MSG_RDY || hpd_irq_data.bytes.device_service_irq.bits.DOWN_REP_MSG_RDY) { - dm_handle_mst_sideband_msg(aconnector); + bool skip = false; + + /* + * DOWN_REP_MSG_RDY is also handled by polling method + * mgr->cbs->poll_hpd_irq() + */ + spin_lock(&offload_wq->offload_lock); + skip = offload_wq->is_handling_mst_msg_rdy_event; + + if (!skip) + offload_wq->is_handling_mst_msg_rdy_event = true; + + spin_unlock(&offload_wq->offload_lock); + + if (!skip) + schedule_hpd_rx_offload_work(offload_wq, hpd_irq_data); + goto out; } @@ -3483,11 +3427,11 @@ static void register_hpd_handlers(struct amdgpu_device *adev) amdgpu_dm_irq_register_interrupt(adev, &int_params, handle_hpd_rx_irq, (void *) aconnector); - - if (adev->dm.hpd_rx_offload_wq) - adev->dm.hpd_rx_offload_wq[dc_link->link_index].aconnector = - aconnector; } + + if (adev->dm.hpd_rx_offload_wq) + adev->dm.hpd_rx_offload_wq[connector->index].aconnector = + aconnector; } } @@ -7300,6 +7244,7 @@ void amdgpu_dm_connector_init_helper(struct amdgpu_display_manager *dm, aconnector->as_type = ADAPTIVE_SYNC_TYPE_NONE; memset(&aconnector->vsdb_info, 0, sizeof(aconnector->vsdb_info)); mutex_init(&aconnector->hpd_lock); + mutex_init(&aconnector->handle_mst_msg_ready); /* * configure support HPD hot plug connector_>polled default value is 0 diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h index 4561f55afa99..9fb5bb3a75a7 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h @@ -194,6 +194,11 @@ struct hpd_rx_irq_offload_work_queue { * we're handling link loss */ bool is_handling_link_loss; + /** + * @is_handling_mst_msg_rdy_event: Used to prevent inserting mst message + * ready event when we're already handling mst message ready event + */ + bool is_handling_mst_msg_rdy_event; /** * @aconnector: The aconnector that this work queue is attached to */ @@ -638,6 +643,8 @@ struct amdgpu_dm_connector { struct drm_dp_mst_port *mst_output_port; struct amdgpu_dm_connector *mst_root; struct drm_dp_aux *dsc_aux; + struct mutex handle_mst_msg_ready; + /* TODO see if we can merge with ddc_bus or make a dm_connector */ struct amdgpu_i2c_adapter *i2c; diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c index 95eefa6b4f2f..1d343f16e5b8 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c @@ -620,8 +620,118 @@ dm_dp_add_mst_connector(struct drm_dp_mst_topology_mgr *mgr, return connector; } +void dm_handle_mst_sideband_msg_ready_event( + struct drm_dp_mst_topology_mgr *mgr, + enum mst_msg_ready_type msg_rdy_type) +{ + uint8_t esi[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = { 0 }; + uint8_t dret; + bool new_irq_handled = false; + int dpcd_addr; + uint8_t dpcd_bytes_to_read; + const uint8_t max_process_count = 30; + uint8_t process_count = 0; + u8 retry; + struct amdgpu_dm_connector *aconnector = + container_of(mgr, struct amdgpu_dm_connector, mst_mgr); + + + const struct dc_link_status *link_status = dc_link_get_status(aconnector->dc_link); + + if (link_status->dpcd_caps->dpcd_rev.raw < 0x12) { + dpcd_bytes_to_read = DP_LANE0_1_STATUS - DP_SINK_COUNT; + /* DPCD 0x200 - 0x201 for downstream IRQ */ + dpcd_addr = DP_SINK_COUNT; + } else { + dpcd_bytes_to_read = DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI; + /* DPCD 0x2002 - 0x2005 for downstream IRQ */ + dpcd_addr = DP_SINK_COUNT_ESI; + } + + mutex_lock(&aconnector->handle_mst_msg_ready); + + while (process_count < max_process_count) { + u8 ack[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = {}; + + process_count++; + + dret = drm_dp_dpcd_read( + &aconnector->dm_dp_aux.aux, + dpcd_addr, + esi, + dpcd_bytes_to_read); + + if (dret != dpcd_bytes_to_read) { + DRM_DEBUG_KMS("DPCD read and acked number is not as expected!"); + break; + } + + DRM_DEBUG_DRIVER("ESI %02x %02x %02x\n", esi[0], esi[1], esi[2]); + + switch (msg_rdy_type) { + case DOWN_REP_MSG_RDY_EVENT: + /* Only handle DOWN_REP_MSG_RDY case*/ + esi[1] &= DP_DOWN_REP_MSG_RDY; + break; + case UP_REQ_MSG_RDY_EVENT: + /* Only handle UP_REQ_MSG_RDY case*/ + esi[1] &= DP_UP_REQ_MSG_RDY; + break; + default: + /* Handle both cases*/ + esi[1] &= (DP_DOWN_REP_MSG_RDY | DP_UP_REQ_MSG_RDY); + break; + } + + if (!esi[1]) + break; + + /* handle MST irq */ + if (aconnector->mst_mgr.mst_state) + drm_dp_mst_hpd_irq_handle_event(&aconnector->mst_mgr, + esi, + ack, + &new_irq_handled); + + if (new_irq_handled) { + /* ACK at DPCD to notify down stream */ + for (retry = 0; retry < 3; retry++) { + ssize_t wret; + + wret = drm_dp_dpcd_writeb(&aconnector->dm_dp_aux.aux, + dpcd_addr + 1, + ack[1]); + if (wret == 1) + break; + } + + if (retry == 3) { + DRM_ERROR("Failed to ack MST event.\n"); + return; + } + + drm_dp_mst_hpd_irq_send_new_request(&aconnector->mst_mgr); + + new_irq_handled = false; + } else { + break; + } + } + + mutex_unlock(&aconnector->handle_mst_msg_ready); + + if (process_count == max_process_count) + DRM_DEBUG_DRIVER("Loop exceeded max iterations\n"); +} + +static void dm_handle_mst_down_rep_msg_ready(struct drm_dp_mst_topology_mgr *mgr) +{ + dm_handle_mst_sideband_msg_ready_event(mgr, DOWN_REP_MSG_RDY_EVENT); +} + static const struct drm_dp_mst_topology_cbs dm_mst_cbs = { .add_connector = dm_dp_add_mst_connector, + .poll_hpd_irq = dm_handle_mst_down_rep_msg_ready, }; void amdgpu_dm_initialize_dp_connector(struct amdgpu_display_manager *dm, diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h index 1e4ede1e57ab..37c820ab0fdb 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h @@ -49,6 +49,13 @@ #define PBN_FEC_OVERHEAD_MULTIPLIER_8B_10B 1031 #define PBN_FEC_OVERHEAD_MULTIPLIER_128B_132B 1000 +enum mst_msg_ready_type { + NONE_MSG_RDY_EVENT = 0, + DOWN_REP_MSG_RDY_EVENT = 1, + UP_REQ_MSG_RDY_EVENT = 2, + DOWN_OR_UP_MSG_RDY_EVENT = 3 +}; + struct amdgpu_display_manager; struct amdgpu_dm_connector; @@ -61,6 +68,10 @@ void amdgpu_dm_initialize_dp_connector(struct amdgpu_display_manager *dm, void dm_dp_create_fake_mst_encoders(struct amdgpu_device *adev); +void dm_handle_mst_sideband_msg_ready_event( + struct drm_dp_mst_topology_mgr *mgr, + enum mst_msg_ready_type msg_rdy_type); + struct dsc_mst_fairness_vars { int pbn; bool dsc_enabled; -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 26/33] drm/amd/display: Disable MPC split by default on special asic

by Alan Liu

From: Zhikai Zhai <zhikai.zhai(a)amd.com> [WHY] All of pipes will be used when the MPC split enable on the dcn which just has 2 pipes. Then MPO enter will trigger the minimal transition which need programe dcn from 2 pipes MPC split to 2 pipes MPO. This action will cause lag if happen frequently. [HOW] Disable the MPC split for the platform which dcn resource is limited Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Alvin Lee <alvin.lee2(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Zhikai Zhai <zhikai.zhai(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c b/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c index 45956ef6f3f9..131b8b82afc0 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c +++ b/drivers/gpu/drm/amd/display/dc/dcn303/dcn303_resource.c @@ -65,7 +65,7 @@ static const struct dc_debug_options debug_defaults_drv = { .timing_trace = false, .clock_trace = true, .disable_pplib_clock_request = true, - .pipe_split_policy = MPC_SPLIT_DYNAMIC, + .pipe_split_policy = MPC_SPLIT_AVOID, .force_single_disp_pipe_split = false, .disable_dcc = DCC_ENABLE, .vsr_support = true, -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 22/33] drm/amd/display: Keep PHY active for DP displays on DCN31

by Alan Liu

From: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> [Why & How] Port of a change that went into DCN314 to keep the PHY enabled when we have a connected and active DP display. The PHY can hang if PHY refclk is disabled inadvertently. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Josip Pavic <josip.pavic(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> --- drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c index 7ccd96959256..3db4ef564b99 100644 --- a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c +++ b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c @@ -87,6 +87,11 @@ static int dcn31_get_active_display_cnt_wa( stream->signal == SIGNAL_TYPE_DVI_SINGLE_LINK || stream->signal == SIGNAL_TYPE_DVI_DUAL_LINK) tmds_present = true; + + /* Checking stream / link detection ensuring that PHY is active*/ + if (dc_is_dp_signal(stream->signal) && !stream->dpms_off) + display_count++; + } for (i = 0; i < dc->link_count; i++) { -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 20/33] drm/amd/display: Prevent vtotal from being set to 0

by Alan Liu

From: Daniel Miess <daniel.miess(a)amd.com> [Why] In dcn314 DML the destination pipe vtotal was being set to the crtc adjustment vtotal_min value even in cases where that value is 0. [How] Only set vtotal to the crtc adjustment vtotal_min value in cases where the value is non-zero. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Daniel Miess <daniel.miess(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c b/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c index d9e049e7ff0a..ed8ddb75b333 100644 --- a/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c +++ b/drivers/gpu/drm/amd/display/dc/dml/dcn314/dcn314_fpu.c @@ -295,7 +295,11 @@ int dcn314_populate_dml_pipes_from_context_fpu(struct dc *dc, struct dc_state *c pipe = &res_ctx->pipe_ctx[i]; timing = &pipe->stream->timing; - pipes[pipe_cnt].pipe.dest.vtotal = pipe->stream->adjust.v_total_min; + if (pipe->stream->adjust.v_total_min != 0) + pipes[pipe_cnt].pipe.dest.vtotal = pipe->stream->adjust.v_total_min; + else + pipes[pipe_cnt].pipe.dest.vtotal = timing->v_total; + pipes[pipe_cnt].pipe.dest.vblank_nom = timing->v_total - pipes[pipe_cnt].pipe.dest.vactive; pipes[pipe_cnt].pipe.dest.vblank_nom = min(pipes[pipe_cnt].pipe.dest.vblank_nom, dcn3_14_ip.VBlankNomDefaultUS); pipes[pipe_cnt].pipe.dest.vblank_nom = max(pipes[pipe_cnt].pipe.dest.vblank_nom, timing->v_sync_width); -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 11/33] drm/amd/display: check TG is non-null before checking if enabled

by Alan Liu

From: Taimur Hassan <syed.hassan(a)amd.com> [Why & How] If there is no TG allocation we can dereference a NULL pointer when checking if the TG is enabled. Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Taimur Hassan <syed.hassan(a)amd.com> --- drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c b/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c index a50309039d08..9834b75f1837 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c +++ b/drivers/gpu/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c @@ -3278,7 +3278,8 @@ void dcn10_wait_for_mpcc_disconnect( if (pipe_ctx->stream_res.opp->mpcc_disconnect_pending[mpcc_inst]) { struct hubp *hubp = get_hubp_by_inst(res_pool, mpcc_inst); - if (pipe_ctx->stream_res.tg->funcs->is_tg_enabled(pipe_ctx->stream_res.tg)) + if (pipe_ctx->stream_res.tg && + pipe_ctx->stream_res.tg->funcs->is_tg_enabled(pipe_ctx->stream_res.tg)) res_pool->mpc->funcs->wait_for_idle(res_pool->mpc, mpcc_inst); pipe_ctx->stream_res.opp->mpcc_disconnect_pending[mpcc_inst] = false; hubp->funcs->set_blank(hubp, true); -- 2.34.1

2 years, 5 months

1
0
0 0

[PATCH 04/33] drm/amd/display: Add polling method to handle MST reply packet

by Alan Liu

From: Wayne Lin <wayne.lin(a)amd.com> [Why] Specific TBT4 dock doesn't send out short HPD to notify source that IRQ event DOWN_REP_MSG_RDY is set. Which violates the spec and cause source can't send out streams to mst sinks. [How] To cover this misbehavior, add an additional polling method to detect DOWN_REP_MSG_RDY is set. HPD driven handling method is still kept. Just hook up our handler to drm mgr->cbs->poll_hpd_irq(). Cc: Mario Limonciello <mario.limonciello(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Jerry Zuo <jerry.zuo(a)amd.com> Acked-by: Alan Liu <haoping.liu(a)amd.com> Signed-off-by: Wayne Lin <wayne.lin(a)amd.com> --- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 117 +++++------------- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h | 7 ++ .../display/amdgpu_dm/amdgpu_dm_mst_types.c | 110 ++++++++++++++++ .../display/amdgpu_dm/amdgpu_dm_mst_types.h | 11 ++ 4 files changed, 159 insertions(+), 86 deletions(-) diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c index 28f8ac6007fb..42fa632523a2 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c @@ -1347,6 +1347,15 @@ static void dm_handle_hpd_rx_offload_work(struct work_struct *work) if (amdgpu_in_reset(adev)) goto skip; + if (offload_work->data.bytes.device_service_irq.bits.UP_REQ_MSG_RDY || + offload_work->data.bytes.device_service_irq.bits.DOWN_REP_MSG_RDY) { + dm_handle_mst_sideband_msg_ready_event(&aconnector->mst_mgr, DOWN_OR_UP_MSG_RDY_EVENT); + spin_lock_irqsave(&offload_work->offload_wq->offload_lock, flags); + offload_work->offload_wq->is_handling_mst_msg_rdy_event = false; + spin_unlock_irqrestore(&offload_work->offload_wq->offload_lock, flags); + goto skip; + } + mutex_lock(&adev->dm.dc_lock); if (offload_work->data.bytes.device_service_irq.bits.AUTOMATED_TEST) { dc_link_dp_handle_automated_test(dc_link); @@ -3232,87 +3241,6 @@ static void handle_hpd_irq(void *param) } -static void dm_handle_mst_sideband_msg(struct amdgpu_dm_connector *aconnector) -{ - u8 esi[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = { 0 }; - u8 dret; - bool new_irq_handled = false; - int dpcd_addr; - int dpcd_bytes_to_read; - - const int max_process_count = 30; - int process_count = 0; - - const struct dc_link_status *link_status = dc_link_get_status(aconnector->dc_link); - - if (link_status->dpcd_caps->dpcd_rev.raw < 0x12) { - dpcd_bytes_to_read = DP_LANE0_1_STATUS - DP_SINK_COUNT; - /* DPCD 0x200 - 0x201 for downstream IRQ */ - dpcd_addr = DP_SINK_COUNT; - } else { - dpcd_bytes_to_read = DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI; - /* DPCD 0x2002 - 0x2005 for downstream IRQ */ - dpcd_addr = DP_SINK_COUNT_ESI; - } - - dret = drm_dp_dpcd_read( - &aconnector->dm_dp_aux.aux, - dpcd_addr, - esi, - dpcd_bytes_to_read); - - while (dret == dpcd_bytes_to_read && - process_count < max_process_count) { - u8 ack[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = {}; - u8 retry; - - dret = 0; - - process_count++; - - DRM_DEBUG_DRIVER("ESI %02x %02x %02x\n", esi[0], esi[1], esi[2]); - /* handle HPD short pulse irq */ - if (aconnector->mst_mgr.mst_state) - drm_dp_mst_hpd_irq_handle_event(&aconnector->mst_mgr, - esi, - ack, - &new_irq_handled); - - if (new_irq_handled) { - /* ACK at DPCD to notify down stream */ - for (retry = 0; retry < 3; retry++) { - ssize_t wret; - - wret = drm_dp_dpcd_writeb(&aconnector->dm_dp_aux.aux, - dpcd_addr + 1, - ack[1]); - if (wret == 1) - break; - } - - if (retry == 3) { - DRM_ERROR("Failed to ack MST event.\n"); - return; - } - - drm_dp_mst_hpd_irq_send_new_request(&aconnector->mst_mgr); - /* check if there is new irq to be handled */ - dret = drm_dp_dpcd_read( - &aconnector->dm_dp_aux.aux, - dpcd_addr, - esi, - dpcd_bytes_to_read); - - new_irq_handled = false; - } else { - break; - } - } - - if (process_count == max_process_count) - DRM_DEBUG_DRIVER("Loop exceeded max iterations\n"); -} - static void schedule_hpd_rx_offload_work(struct hpd_rx_irq_offload_work_queue *offload_wq, union hpd_irq_data hpd_irq_data) { @@ -3374,7 +3302,23 @@ static void handle_hpd_rx_irq(void *param) if (dc_link_dp_allow_hpd_rx_irq(dc_link)) { if (hpd_irq_data.bytes.device_service_irq.bits.UP_REQ_MSG_RDY || hpd_irq_data.bytes.device_service_irq.bits.DOWN_REP_MSG_RDY) { - dm_handle_mst_sideband_msg(aconnector); + bool skip = false; + + /* + * DOWN_REP_MSG_RDY is also handled by polling method + * mgr->cbs->poll_hpd_irq() + */ + spin_lock(&offload_wq->offload_lock); + skip = offload_wq->is_handling_mst_msg_rdy_event; + + if (!skip) + offload_wq->is_handling_mst_msg_rdy_event = true; + + spin_unlock(&offload_wq->offload_lock); + + if (!skip) + schedule_hpd_rx_offload_work(offload_wq, hpd_irq_data); + goto out; } @@ -3483,11 +3427,11 @@ static void register_hpd_handlers(struct amdgpu_device *adev) amdgpu_dm_irq_register_interrupt(adev, &int_params, handle_hpd_rx_irq, (void *) aconnector); - - if (adev->dm.hpd_rx_offload_wq) - adev->dm.hpd_rx_offload_wq[dc_link->link_index].aconnector = - aconnector; } + + if (adev->dm.hpd_rx_offload_wq) + adev->dm.hpd_rx_offload_wq[connector->index].aconnector = + aconnector; } } @@ -7300,6 +7244,7 @@ void amdgpu_dm_connector_init_helper(struct amdgpu_display_manager *dm, aconnector->as_type = ADAPTIVE_SYNC_TYPE_NONE; memset(&aconnector->vsdb_info, 0, sizeof(aconnector->vsdb_info)); mutex_init(&aconnector->hpd_lock); + mutex_init(&aconnector->handle_mst_msg_ready); /* * configure support HPD hot plug connector_>polled default value is 0 diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h index 4561f55afa99..9fb5bb3a75a7 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.h @@ -194,6 +194,11 @@ struct hpd_rx_irq_offload_work_queue { * we're handling link loss */ bool is_handling_link_loss; + /** + * @is_handling_mst_msg_rdy_event: Used to prevent inserting mst message + * ready event when we're already handling mst message ready event + */ + bool is_handling_mst_msg_rdy_event; /** * @aconnector: The aconnector that this work queue is attached to */ @@ -638,6 +643,8 @@ struct amdgpu_dm_connector { struct drm_dp_mst_port *mst_output_port; struct amdgpu_dm_connector *mst_root; struct drm_dp_aux *dsc_aux; + struct mutex handle_mst_msg_ready; + /* TODO see if we can merge with ddc_bus or make a dm_connector */ struct amdgpu_i2c_adapter *i2c; diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c index 95eefa6b4f2f..1d343f16e5b8 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c @@ -620,8 +620,118 @@ dm_dp_add_mst_connector(struct drm_dp_mst_topology_mgr *mgr, return connector; } +void dm_handle_mst_sideband_msg_ready_event( + struct drm_dp_mst_topology_mgr *mgr, + enum mst_msg_ready_type msg_rdy_type) +{ + uint8_t esi[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = { 0 }; + uint8_t dret; + bool new_irq_handled = false; + int dpcd_addr; + uint8_t dpcd_bytes_to_read; + const uint8_t max_process_count = 30; + uint8_t process_count = 0; + u8 retry; + struct amdgpu_dm_connector *aconnector = + container_of(mgr, struct amdgpu_dm_connector, mst_mgr); + + + const struct dc_link_status *link_status = dc_link_get_status(aconnector->dc_link); + + if (link_status->dpcd_caps->dpcd_rev.raw < 0x12) { + dpcd_bytes_to_read = DP_LANE0_1_STATUS - DP_SINK_COUNT; + /* DPCD 0x200 - 0x201 for downstream IRQ */ + dpcd_addr = DP_SINK_COUNT; + } else { + dpcd_bytes_to_read = DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI; + /* DPCD 0x2002 - 0x2005 for downstream IRQ */ + dpcd_addr = DP_SINK_COUNT_ESI; + } + + mutex_lock(&aconnector->handle_mst_msg_ready); + + while (process_count < max_process_count) { + u8 ack[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = {}; + + process_count++; + + dret = drm_dp_dpcd_read( + &aconnector->dm_dp_aux.aux, + dpcd_addr, + esi, + dpcd_bytes_to_read); + + if (dret != dpcd_bytes_to_read) { + DRM_DEBUG_KMS("DPCD read and acked number is not as expected!"); + break; + } + + DRM_DEBUG_DRIVER("ESI %02x %02x %02x\n", esi[0], esi[1], esi[2]); + + switch (msg_rdy_type) { + case DOWN_REP_MSG_RDY_EVENT: + /* Only handle DOWN_REP_MSG_RDY case*/ + esi[1] &= DP_DOWN_REP_MSG_RDY; + break; + case UP_REQ_MSG_RDY_EVENT: + /* Only handle UP_REQ_MSG_RDY case*/ + esi[1] &= DP_UP_REQ_MSG_RDY; + break; + default: + /* Handle both cases*/ + esi[1] &= (DP_DOWN_REP_MSG_RDY | DP_UP_REQ_MSG_RDY); + break; + } + + if (!esi[1]) + break; + + /* handle MST irq */ + if (aconnector->mst_mgr.mst_state) + drm_dp_mst_hpd_irq_handle_event(&aconnector->mst_mgr, + esi, + ack, + &new_irq_handled); + + if (new_irq_handled) { + /* ACK at DPCD to notify down stream */ + for (retry = 0; retry < 3; retry++) { + ssize_t wret; + + wret = drm_dp_dpcd_writeb(&aconnector->dm_dp_aux.aux, + dpcd_addr + 1, + ack[1]); + if (wret == 1) + break; + } + + if (retry == 3) { + DRM_ERROR("Failed to ack MST event.\n"); + return; + } + + drm_dp_mst_hpd_irq_send_new_request(&aconnector->mst_mgr); + + new_irq_handled = false; + } else { + break; + } + } + + mutex_unlock(&aconnector->handle_mst_msg_ready); + + if (process_count == max_process_count) + DRM_DEBUG_DRIVER("Loop exceeded max iterations\n"); +} + +static void dm_handle_mst_down_rep_msg_ready(struct drm_dp_mst_topology_mgr *mgr) +{ + dm_handle_mst_sideband_msg_ready_event(mgr, DOWN_REP_MSG_RDY_EVENT); +} + static const struct drm_dp_mst_topology_cbs dm_mst_cbs = { .add_connector = dm_dp_add_mst_connector, + .poll_hpd_irq = dm_handle_mst_down_rep_msg_ready, }; void amdgpu_dm_initialize_dp_connector(struct amdgpu_display_manager *dm, diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h index 1e4ede1e57ab..37c820ab0fdb 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h @@ -49,6 +49,13 @@ #define PBN_FEC_OVERHEAD_MULTIPLIER_8B_10B 1031 #define PBN_FEC_OVERHEAD_MULTIPLIER_128B_132B 1000 +enum mst_msg_ready_type { + NONE_MSG_RDY_EVENT = 0, + DOWN_REP_MSG_RDY_EVENT = 1, + UP_REQ_MSG_RDY_EVENT = 2, + DOWN_OR_UP_MSG_RDY_EVENT = 3 +}; + struct amdgpu_display_manager; struct amdgpu_dm_connector; @@ -61,6 +68,10 @@ void amdgpu_dm_initialize_dp_connector(struct amdgpu_display_manager *dm, void dm_dp_create_fake_mst_encoders(struct amdgpu_device *adev); +void dm_handle_mst_sideband_msg_ready_event( + struct drm_dp_mst_topology_mgr *mgr, + enum mst_msg_ready_type msg_rdy_type); + struct dsc_mst_fairness_vars { int pbn; bool dsc_enabled; -- 2.34.1

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] perf intel-pt: Fix CYC timestamps after standalone CBR" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x 430635a0ef1ce958b7b4311f172694ece2c692b8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023050813-twiddling-olive-0fd5@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: 430635a0ef1c ("perf intel-pt: Fix CYC timestamps after standalone CBR") 3f05516758be ("perf intel-pt: Accumulate cycle count from TSC/TMA/MTC packets") f3c98c4b5ac8 ("perf intel-pt: Re-factor TIP cases in intel_pt_walk_to_ip") 7b4b4f83881e ("perf intel-pt: Accumulate cycle count from CYC packets") 948e9dc8bb26 ("perf intel-pt: Factor out intel_pt_update_sample_time") 1b6599a9d8e6 ("perf intel-pt: Fix sample timestamp wrt non-taken branches") bea6385789b8 ("perf intel-pt: Implement decoder flags for trace begin / end") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 430635a0ef1ce958b7b4311f172694ece2c692b8 Mon Sep 17 00:00:00 2001 From: Adrian Hunter <adrian.hunter(a)intel.com> Date: Mon, 3 Apr 2023 18:48:31 +0300 Subject: [PATCH] perf intel-pt: Fix CYC timestamps after standalone CBR After a standalone CBR (not associated with TSC), update the cycles reference timestamp and reset the cycle count, so that CYC timestamps are calculated relative to that point with the new frequency. Fixes: cc33618619cefc6d ("perf tools: Add Intel PT support for decoding CYC packets") Signed-off-by: Adrian Hunter <adrian.hunter(a)intel.com> Cc: Adrian Hunter <adrian.hunter(a)intel.com> Cc: Ian Rogers <irogers(a)google.com> Cc: Jiri Olsa <jolsa(a)kernel.org> Cc: Namhyung Kim <namhyung(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20230403154831.8651-2-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> diff --git a/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c b/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c index 0ac860c8dd2b..7145c5890de0 100644 --- a/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c +++ b/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c @@ -1998,6 +1998,8 @@ static void intel_pt_calc_cbr(struct intel_pt_decoder *decoder) decoder->cbr = cbr; decoder->cbr_cyc_to_tsc = decoder->max_non_turbo_ratio_fp / cbr; + decoder->cyc_ref_timestamp = decoder->timestamp; + decoder->cycle_cnt = 0; intel_pt_mtc_cyc_cnt_cbr(decoder); }

2 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] perf intel-pt: Fix CYC timestamps after standalone CBR" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 430635a0ef1ce958b7b4311f172694ece2c692b8 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023050812-swaddling-stardust-e90d@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 430635a0ef1c ("perf intel-pt: Fix CYC timestamps after standalone CBR") 3f05516758be ("perf intel-pt: Accumulate cycle count from TSC/TMA/MTC packets") f3c98c4b5ac8 ("perf intel-pt: Re-factor TIP cases in intel_pt_walk_to_ip") 7b4b4f83881e ("perf intel-pt: Accumulate cycle count from CYC packets") 948e9dc8bb26 ("perf intel-pt: Factor out intel_pt_update_sample_time") 1b6599a9d8e6 ("perf intel-pt: Fix sample timestamp wrt non-taken branches") bea6385789b8 ("perf intel-pt: Implement decoder flags for trace begin / end") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 430635a0ef1ce958b7b4311f172694ece2c692b8 Mon Sep 17 00:00:00 2001 From: Adrian Hunter <adrian.hunter(a)intel.com> Date: Mon, 3 Apr 2023 18:48:31 +0300 Subject: [PATCH] perf intel-pt: Fix CYC timestamps after standalone CBR After a standalone CBR (not associated with TSC), update the cycles reference timestamp and reset the cycle count, so that CYC timestamps are calculated relative to that point with the new frequency. Fixes: cc33618619cefc6d ("perf tools: Add Intel PT support for decoding CYC packets") Signed-off-by: Adrian Hunter <adrian.hunter(a)intel.com> Cc: Adrian Hunter <adrian.hunter(a)intel.com> Cc: Ian Rogers <irogers(a)google.com> Cc: Jiri Olsa <jolsa(a)kernel.org> Cc: Namhyung Kim <namhyung(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/r/20230403154831.8651-2-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> diff --git a/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c b/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c index 0ac860c8dd2b..7145c5890de0 100644 --- a/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c +++ b/tools/perf/util/intel-pt-decoder/intel-pt-decoder.c @@ -1998,6 +1998,8 @@ static void intel_pt_calc_cbr(struct intel_pt_decoder *decoder) decoder->cbr = cbr; decoder->cbr_cyc_to_tsc = decoder->max_non_turbo_ratio_fp / cbr; + decoder->cyc_ref_timestamp = decoder->timestamp; + decoder->cycle_cnt = 0; intel_pt_mtc_cyc_cnt_cbr(decoder); }

2 years, 5 months

2
1
0 0

[v2, 1/2] mtd: spinand: toshiba: Fix ecc_get_status

by Olivier Maignial

Reading ECC status is failing. tx58cxgxsxraix_ecc_get_status() is using on-stack buffer for SPINAND_GET_FEATURE_OP() output. It is not suitable for DMA needs of spi-mem. Fix this by using the spi-mem operations dedicated buffer spinand->scratchbuf. See spinand->scratchbuf: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/inc… spi_mem_check_op(): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/dri… Fixes: 10949af1681d ("mtd: spinand: Add initial support for Toshiba TC58CVG2S0H") Cc: stable(a)vger.kernel.org Signed-off-by: Olivier Maignial <olivier.maignial(a)hotmail.fr> --- drivers/mtd/nand/spi/toshiba.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/mtd/nand/spi/toshiba.c b/drivers/mtd/nand/spi/toshiba.c index 7380b1ebaccd..a80427c13121 100644 --- a/drivers/mtd/nand/spi/toshiba.c +++ b/drivers/mtd/nand/spi/toshiba.c @@ -73,7 +73,7 @@ static int tx58cxgxsxraix_ecc_get_status(struct spinand_device *spinand, { struct nand_device *nand = spinand_to_nand(spinand); u8 mbf = 0; - struct spi_mem_op op = SPINAND_GET_FEATURE_OP(0x30, &mbf); + struct spi_mem_op op = SPINAND_GET_FEATURE_OP(0x30, spinand->scratchbuf); switch (status & STATUS_ECC_MASK) { case STATUS_ECC_NO_BITFLIPS: @@ -92,7 +92,7 @@ static int tx58cxgxsxraix_ecc_get_status(struct spinand_device *spinand, if (spi_mem_exec_op(spinand->spimem, &op)) return nanddev_get_ecc_conf(nand)->strength; - mbf >>= 4; + mbf = *(spinand->scratchbuf) >> 4; if (WARN_ON(mbf > nanddev_get_ecc_conf(nand)->strength || !mbf)) return nanddev_get_ecc_conf(nand)->strength; -- 2.34.1

2 years, 5 months

2
1
0 0

[v2, 2/2] mtd: spinand: winbond: Fix ecc_get_status

by Olivier Maignial

Reading ECC status is failing. w25n02kv_ecc_get_status() is using on-stack buffer for SPINAND_GET_FEATURE_OP() output. It is not suitable for DMA needs of spi-mem. Fix this by using the spi-mem operations dedicated buffer spinand->scratchbuf. See spinand->scratchbuf: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/inc… spi_mem_check_op(): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/dri… Fixes: 6154c7a58348 ("mtd: spinand: winbond: add Winbond W25N02KV flash support") Cc: stable(a)vger.kernel.org Signed-off-by: Olivier Maignial <olivier.maignial(a)hotmail.fr> --- drivers/mtd/nand/spi/winbond.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/mtd/nand/spi/winbond.c b/drivers/mtd/nand/spi/winbond.c index 3ad58cd284d8..f507e3759301 100644 --- a/drivers/mtd/nand/spi/winbond.c +++ b/drivers/mtd/nand/spi/winbond.c @@ -108,7 +108,7 @@ static int w25n02kv_ecc_get_status(struct spinand_device *spinand, { struct nand_device *nand = spinand_to_nand(spinand); u8 mbf = 0; - struct spi_mem_op op = SPINAND_GET_FEATURE_OP(0x30, &mbf); + struct spi_mem_op op = SPINAND_GET_FEATURE_OP(0x30, spinand->scratchbuf); switch (status & STATUS_ECC_MASK) { case STATUS_ECC_NO_BITFLIPS: @@ -126,7 +126,7 @@ static int w25n02kv_ecc_get_status(struct spinand_device *spinand, if (spi_mem_exec_op(spinand->spimem, &op)) return nanddev_get_ecc_conf(nand)->strength; - mbf >>= 4; + mbf = *(spinand->scratchbuf) >> 4; if (WARN_ON(mbf > nanddev_get_ecc_conf(nand)->strength || !mbf)) return nanddev_get_ecc_conf(nand)->strength; -- 2.34.1

2 years, 5 months

2
1
0 0

[PATCH v1] mtd: rawnand: meson: fix OOB available bytes for ECC

by Arseniy Krasnov

It is incorrect to calculate number of OOB bytes for ECC engine using some "already known" ECC step size (1024 bytes here). Number of such bytes for ECC engine must be whole OOB except 2 bytes for bad block marker, while proper ECC step size and strength will be selected by ECC logic. Fixes: 8fae856c5350 ("mtd: rawnand: meson: add support for Amlogic NAND flash controller") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Arseniy Krasnov <AVKrasnov(a)sberdevices.ru> --- drivers/mtd/nand/raw/meson_nand.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/mtd/nand/raw/meson_nand.c b/drivers/mtd/nand/raw/meson_nand.c index 369e81356240..c7213f03a773 100644 --- a/drivers/mtd/nand/raw/meson_nand.c +++ b/drivers/mtd/nand/raw/meson_nand.c @@ -1301,7 +1301,6 @@ static int meson_nand_attach_chip(struct nand_chip *nand) struct meson_nfc *nfc = nand_get_controller_data(nand); struct meson_nfc_nand_chip *meson_chip = to_meson_nand(nand); struct mtd_info *mtd = nand_to_mtd(nand); - int nsectors = mtd->writesize / 1024; int raw_writesize; int ret; @@ -1327,7 +1326,7 @@ static int meson_nand_attach_chip(struct nand_chip *nand) nand->options |= NAND_NO_SUBPAGE_WRITE; ret = nand_ecc_choose_conf(nand, nfc->data->ecc_caps, - mtd->oobsize - 2 * nsectors); + mtd->oobsize - 2); if (ret) { dev_err(nfc->dev, "failed to ECC init\n"); return -EINVAL; -- 2.35.0

2 years, 5 months

2
1
0 0

[PATCH] wifi: nl80211: fix mbssid nesting

by Koen Vandeputte

Executing command NL80211_CMD_GET_WIPHY and parsing it's output natively without libnl shows following attributes as part of the nl80211 generated netlink message (part 16): GetWiphy: Type: 1 GetWiphy: Type: 2 GetWiphy: Type: 46 GetWiphy: Type: 33074 <-- wrong enum value, above MAX also .. GetWiphy: Type: 316 Switching to nla_nest_start_noflag() which ommits the NLA_F_NESTED flag (like most other similar functions do) fixes this: GetWiphy: Type: 1 GetWiphy: Type: 2 GetWiphy: Type: 46 GetWiphy: Type: 306 <-- correct enum value GetWiphy: Type: 316 Fixes: dc1e3cb8da8b ("nl80211: MBSSID and EMA support in AP mode") Signed-off-by: Koen Vandeputte <koen.vandeputte(a)citymesh.com> Cc: Johannes Berg <johannes(a)sipsolutions.net> Cc: John Crispin <john(a)phrozen.org> Cc: Aloka Dixit <alokad(a)codeaurora.org> Cc: stable(a)vger.kernel.org # 5.16 --- net/wireless/nl80211.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index 0da2e6a2a7ea..4d4860f9428d 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -2359,7 +2359,7 @@ static int nl80211_put_mbssid_support(struct wiphy *wiphy, struct sk_buff *msg) if (!wiphy->mbssid_max_interfaces) return 0; - config = nla_nest_start(msg, NL80211_ATTR_MBSSID_CONFIG); + config = nla_nest_start_noflag(msg, NL80211_ATTR_MBSSID_CONFIG); if (!config) return -ENOBUFS; -- 2.34.1

2 years, 5 months

2
4
0 0

[PATCH AUTOSEL 5.10] rcu: Mark rcu_cpu_kthread() accesses to ->rcu_cpu_has_work

by Sasha Levin

From: "Paul E. McKenney" <paulmck(a)kernel.org> [ Upstream commit a24c1aab652ebacf9ea62470a166514174c96fe1 ] The rcu_data structure's ->rcu_cpu_has_work field can be modified by any CPU attempting to wake up the rcuc kthread. Therefore, this commit marks accesses to this field from the rcu_cpu_kthread() function. This data race was reported by KCSAN. Not appropriate for backporting due to failure being unlikely. Signed-off-by: Paul E. McKenney <paulmck(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/rcu/tree.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c index eec8e2f7537eb..b2c1ab260ed56 100644 --- a/kernel/rcu/tree.c +++ b/kernel/rcu/tree.c @@ -2810,12 +2810,12 @@ static void rcu_cpu_kthread(unsigned int cpu) *statusp = RCU_KTHREAD_RUNNING; local_irq_disable(); work = *workp; - *workp = 0; + WRITE_ONCE(*workp, 0); local_irq_enable(); if (work) rcu_core(); local_bh_enable(); - if (*workp == 0) { + if (!READ_ONCE(*workp)) { trace_rcu_utilization(TPS("End CPU kthread@rcu_wait")); *statusp = RCU_KTHREAD_WAITING; return; -- 2.39.2

2 years, 5 months

2
1
0 0

[PATCH] mm/mlock: Fix vma iterator conversion of apply_vma_lock_flags()

by Liam R. Howlett

apply_vma_lock_flags() calls mlock_fixup(), which could merge the VMA after where the vma iterator is located. Although this is not an issue, the next iteration of the loop will check the start of the vma to be equal to the locally saved 'tmp' variable and cause an incorrect failure scenario. Fix the error by setting tmp to the end of the vma iterator value before restarting the loop. There is also a potential of the error code being overwritten when the loop terminates early. Fix the return issue by directly returning when an error is encountered since there is nothing to undo after the loop. Reported-by: Ryan Roberts <ryan.roberts(a)arm.com> Link: https://lore.kernel.org/linux-mm/50341ca1-d582-b33a-e3d0-acb08a65166f@arm.c… Cc: <stable(a)vger.kernel.org> Fixes: 37598f5a9d8b ("mlock: convert mlock to vma iterator") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> --- mm/mlock.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/mm/mlock.c b/mm/mlock.c index d7db94519884..0a0c996c5c21 100644 --- a/mm/mlock.c +++ b/mm/mlock.c @@ -477,7 +477,6 @@ static int apply_vma_lock_flags(unsigned long start, size_t len, { unsigned long nstart, end, tmp; struct vm_area_struct *vma, *prev; - int error; VMA_ITERATOR(vmi, current->mm, start); VM_BUG_ON(offset_in_page(start)); @@ -498,6 +497,7 @@ static int apply_vma_lock_flags(unsigned long start, size_t len, nstart = start; tmp = vma->vm_start; for_each_vma_range(vmi, vma, end) { + int error; vm_flags_t newflags; if (vma->vm_start != tmp) @@ -511,14 +511,15 @@ static int apply_vma_lock_flags(unsigned long start, size_t len, tmp = end; error = mlock_fixup(&vmi, vma, &prev, nstart, tmp, newflags); if (error) - break; + return error; + tmp = vma_iter_end(&vmi); nstart = tmp; } - if (vma_iter_end(&vmi) < end) + if (tmp < end) return -ENOMEM; - return error; + return 0; } /* -- 2.39.2

2 years, 5 months

2
1
0 0

[PATCH v4] drm/amdgpu/vkms: relax timer deactivation by hrtimer_try_to_cancel

by Guchun Chen

In below thousands of screen rotation loop tests with virtual display enabled, a CPU hard lockup issue may happen, leading system to unresponsive and crash. do { xrandr --output Virtual --rotate inverted xrandr --output Virtual --rotate right xrandr --output Virtual --rotate left xrandr --output Virtual --rotate normal } while (1); NMI watchdog: Watchdog detected hard LOCKUP on cpu 1 ? hrtimer_run_softirq+0x140/0x140 ? store_vblank+0xe0/0xe0 [drm] hrtimer_cancel+0x15/0x30 amdgpu_vkms_disable_vblank+0x15/0x30 [amdgpu] drm_vblank_disable_and_save+0x185/0x1f0 [drm] drm_crtc_vblank_off+0x159/0x4c0 [drm] ? record_print_text.cold+0x11/0x11 ? wait_for_completion_timeout+0x232/0x280 ? drm_crtc_wait_one_vblank+0x40/0x40 [drm] ? bit_wait_io_timeout+0xe0/0xe0 ? wait_for_completion_interruptible+0x1d7/0x320 ? mutex_unlock+0x81/0xd0 amdgpu_vkms_crtc_atomic_disable It's caused by a stuck in lock dependency in such scenario on different CPUs. CPU1 CPU2 drm_crtc_vblank_off hrtimer_interrupt grab event_lock (irq disabled) __hrtimer_run_queues grab vbl_lock/vblank_time_block amdgpu_vkms_vblank_simulate amdgpu_vkms_disable_vblank drm_handle_vblank hrtimer_cancel grab dev->event_lock So CPU1 stucks in hrtimer_cancel as timer callback is running endless on current clock base, as that timer queue on CPU2 has no chance to finish it because of failing to hold the lock. So NMI watchdog will throw the errors after its threshold, and all later CPUs are impacted/blocked. So use hrtimer_try_to_cancel to fix this, as disable_vblank callback does not need to wait the handler to finish. And also it's not necessary to check the return value of hrtimer_try_to_cancel, because even if it's -1 which means current timer callback is running, it will be reprogrammed in hrtimer_start with calling enable_vblank to make it works. v2: only re-arm timer when vblank is enabled (Christian) and add a Fixes tag as well v3: drop warn printing (Christian) v4: drop superfluous check of blank->enabled in timer function, as it's guaranteed in drm_handle_vblank (Christian) Fixes: 84ec374bd580("drm/amdgpu: create amdgpu_vkms (v4)") Cc: stable(a)vger.kernel.org Suggested-by: Christian König <christian.koenig(a)amd.com> Signed-off-by: Guchun Chen <guchun.chen(a)amd.com> --- drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c index 53ff91fc6cf6..d0748bcfad16 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_vkms.c @@ -55,8 +55,9 @@ static enum hrtimer_restart amdgpu_vkms_vblank_simulate(struct hrtimer *timer) DRM_WARN("%s: vblank timer overrun\n", __func__); ret = drm_crtc_handle_vblank(crtc); + /* Don't queue timer again when vblank is disabled. */ if (!ret) - DRM_ERROR("amdgpu_vkms failure on handling vblank"); + return HRTIMER_NORESTART; return HRTIMER_RESTART; } @@ -81,7 +82,7 @@ static void amdgpu_vkms_disable_vblank(struct drm_crtc *crtc) { struct amdgpu_crtc *amdgpu_crtc = to_amdgpu_crtc(crtc); - hrtimer_cancel(&amdgpu_crtc->vblank_timer); + hrtimer_try_to_cancel(&amdgpu_crtc->vblank_timer); } static bool amdgpu_vkms_get_vblank_timestamp(struct drm_crtc *crtc, -- 2.25.1

2 years, 5 months

2
1
0 0

[PATCH -stable,5.10,v2 00/11] stable fixes for 5.10

by Pablo Neira Ayuso

Hi Greg, Sasha, [ This is v2 appends patch #11 f838e0906dd3 as Florian suggested. ] The following list shows the backported patches, I am using original commit IDs for reference: 1) 0854db2aaef3 ("netfilter: nf_tables: use net_generic infra for transaction data") 2) 81ea01066741 ("netfilter: nf_tables: add rescheduling points during loop detection walks") 3) 1240eb93f061 ("netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE") 4) 4bedf9eee016 ("netfilter: nf_tables: fix chain binding transaction logic") 5) 26b5a5712eb8 ("netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain") 6) 938154b93be8 ("netfilter: nf_tables: reject unbound anonymous set before commit phase") 7) 62e1e94b246e ("netfilter: nf_tables: reject unbound chain set before commit phase") 8) f8bb7889af58 ("netfilter: nftables: rename set element data activation/deactivation functions") 9) 628bd3e49cba ("netfilter: nf_tables: drop map element references from preparation phase") 10) 3e70489721b6 ("netfilter: nf_tables: unbind non-anonymous set if rule construction fails") 11) f838e0906dd3 ("netfilter: nf_tables: fix scheduling-while-atomic splat") Note: - Patch #1 is a backported dependency patch required by these fixes. - Patch #2 needs a follow up fix coming in this series as patch #11. Please, apply, Thanks. Florian Westphal (3): netfilter: nf_tables: use net_generic infra for transaction data netfilter: nf_tables: add rescheduling points during loop detection walks netfilter: nf_tables: fix scheduling-while-atomic splat Pablo Neira Ayuso (8): netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE netfilter: nf_tables: fix chain binding transaction logic netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain netfilter: nf_tables: reject unbound anonymous set before commit phase netfilter: nf_tables: reject unbound chain set before commit phase netfilter: nftables: rename set element data activation/deactivation functions netfilter: nf_tables: drop map element references from preparation phase netfilter: nf_tables: unbind non-anonymous set if rule construction fails include/net/netfilter/nf_tables.h | 41 +- include/net/netns/nftables.h | 7 - net/netfilter/nf_tables_api.c | 692 +++++++++++++++++++++--------- net/netfilter/nf_tables_offload.c | 30 +- net/netfilter/nft_chain_filter.c | 11 +- net/netfilter/nft_dynset.c | 6 +- net/netfilter/nft_immediate.c | 90 +++- net/netfilter/nft_set_bitmap.c | 5 +- net/netfilter/nft_set_hash.c | 23 +- net/netfilter/nft_set_pipapo.c | 14 +- net/netfilter/nft_set_rbtree.c | 5 +- 11 files changed, 678 insertions(+), 246 deletions(-) -- 2.30.2

2 years, 5 months

2
14
0 0

Pozycjonowanie- informacja

by Dominik Perkowski

Dzień dobry, jakiś czas temu zgłosiła się do nas firma, której strona internetowa nie pozycjonowała się wysoko w wyszukiwarce Google. Na podstawie wykonanego przez nas audytu SEO zoptymalizowaliśmy treści na stronie pod kątem wcześniej opracowanych słów kluczowych. Nasz wewnętrzny system codziennie analizuje prawidłowe działanie witryny. Dzięki indywidualnej strategii, firma zdobywa coraz więcej Klientów. Czy chcieliby Państwo zwiększyć liczbę osób odwiedzających stronę internetową firmy? Mógłbym przedstawić ofertę? Pozdrawiam serdecznie, Dominik Perkowski

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] SUNRPC: Fix UAF in svc_tcp_listen_data_ready()" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x fc80fc2d4e39137869da3150ee169b40bf879287 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071117-anyplace-zipfile-8701@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From fc80fc2d4e39137869da3150ee169b40bf879287 Mon Sep 17 00:00:00 2001 From: Ding Hui <dinghui(a)sangfor.com.cn> Date: Mon, 15 May 2023 10:13:07 +0800 Subject: [PATCH] SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed listener svc_sock in sk_user_data which cloning from parent. In the race window, if data is received on the newsock, we will observe use-after-free report in svc_tcp_listen_data_ready(). Reproduce by two tasks: 1. while :; do rpc.nfsd 0 ; rpc.nfsd; done 2. while :; do echo "" | ncat -4 127.0.0.1 2049 ; done KASAN report: ================================================================== BUG: KASAN: slab-use-after-free in svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] Read of size 8 at addr ffff888139d96228 by task nc/102553 CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: <IRQ> dump_stack_lvl+0x33/0x50 print_address_description.constprop.0+0x27/0x310 print_report+0x3e/0x70 kasan_report+0xae/0xe0 svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] tcp_data_queue+0x9f4/0x20e0 tcp_rcv_established+0x666/0x1f60 tcp_v4_do_rcv+0x51c/0x850 tcp_v4_rcv+0x23fc/0x2e80 ip_protocol_deliver_rcu+0x62/0x300 ip_local_deliver_finish+0x267/0x350 ip_local_deliver+0x18b/0x2d0 ip_rcv+0x2fb/0x370 __netif_receive_skb_one_core+0x166/0x1b0 process_backlog+0x24c/0x5e0 __napi_poll+0xa2/0x500 net_rx_action+0x854/0xc90 __do_softirq+0x1bb/0x5de do_softirq+0xcb/0x100 </IRQ> <TASK> ... </TASK> Allocated by task 102371: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_kmalloc+0x7b/0x90 svc_setup_socket+0x52/0x4f0 [sunrpc] svc_addsock+0x20d/0x400 [sunrpc] __write_ports_addfd+0x209/0x390 [nfsd] write_ports+0x239/0x2c0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Freed by task 102551: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x2a/0x50 __kasan_slab_free+0x106/0x190 __kmem_cache_free+0x133/0x270 svc_xprt_free+0x1e2/0x350 [sunrpc] svc_xprt_destroy_all+0x25a/0x440 [sunrpc] nfsd_put+0x125/0x240 [nfsd] nfsd_svc+0x2cb/0x3c0 [nfsd] write_threads+0x1ac/0x2a0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Fix the UAF by simply doing nothing in svc_tcp_listen_data_ready() if state != TCP_LISTEN, that will avoid dereferencing svsk for all child socket. Link: https://lore.kernel.org/lkml/20230507091131.23540-1-dinghui@sangfor.com.cn/ Fixes: fa9251afc33c ("SUNRPC: Call the default socket callbacks instead of open coding") Signed-off-by: Ding Hui <dinghui(a)sangfor.com.cn> Cc: <stable(a)vger.kernel.org> Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c index f77cebe2c071..15f4d0d40bdd 100644 --- a/net/sunrpc/svcsock.c +++ b/net/sunrpc/svcsock.c @@ -826,12 +826,6 @@ static void svc_tcp_listen_data_ready(struct sock *sk) trace_sk_data_ready(sk); - if (svsk) { - /* Refer to svc_setup_socket() for details. */ - rmb(); - svsk->sk_odata(sk); - } - /* * This callback may called twice when a new connection * is established as a child socket inherits everything @@ -840,13 +834,18 @@ static void svc_tcp_listen_data_ready(struct sock *sk) * when one of child sockets become ESTABLISHED. * 2) data_ready method of the child socket may be called * when it receives data before the socket is accepted. - * In case of 2, we should ignore it silently. + * In case of 2, we should ignore it silently and DO NOT + * dereference svsk. */ - if (sk->sk_state == TCP_LISTEN) { - if (svsk) { - set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags); - svc_xprt_enqueue(&svsk->sk_xprt); - } + if (sk->sk_state != TCP_LISTEN) + return; + + if (svsk) { + /* Refer to svc_setup_socket() for details. */ + rmb(); + svsk->sk_odata(sk); + set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags); + svc_xprt_enqueue(&svsk->sk_xprt); } }

2 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] SUNRPC: Fix UAF in svc_tcp_listen_data_ready()" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x fc80fc2d4e39137869da3150ee169b40bf879287 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071119-underdone-monotype-f516@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From fc80fc2d4e39137869da3150ee169b40bf879287 Mon Sep 17 00:00:00 2001 From: Ding Hui <dinghui(a)sangfor.com.cn> Date: Mon, 15 May 2023 10:13:07 +0800 Subject: [PATCH] SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed listener svc_sock in sk_user_data which cloning from parent. In the race window, if data is received on the newsock, we will observe use-after-free report in svc_tcp_listen_data_ready(). Reproduce by two tasks: 1. while :; do rpc.nfsd 0 ; rpc.nfsd; done 2. while :; do echo "" | ncat -4 127.0.0.1 2049 ; done KASAN report: ================================================================== BUG: KASAN: slab-use-after-free in svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] Read of size 8 at addr ffff888139d96228 by task nc/102553 CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: <IRQ> dump_stack_lvl+0x33/0x50 print_address_description.constprop.0+0x27/0x310 print_report+0x3e/0x70 kasan_report+0xae/0xe0 svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] tcp_data_queue+0x9f4/0x20e0 tcp_rcv_established+0x666/0x1f60 tcp_v4_do_rcv+0x51c/0x850 tcp_v4_rcv+0x23fc/0x2e80 ip_protocol_deliver_rcu+0x62/0x300 ip_local_deliver_finish+0x267/0x350 ip_local_deliver+0x18b/0x2d0 ip_rcv+0x2fb/0x370 __netif_receive_skb_one_core+0x166/0x1b0 process_backlog+0x24c/0x5e0 __napi_poll+0xa2/0x500 net_rx_action+0x854/0xc90 __do_softirq+0x1bb/0x5de do_softirq+0xcb/0x100 </IRQ> <TASK> ... </TASK> Allocated by task 102371: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_kmalloc+0x7b/0x90 svc_setup_socket+0x52/0x4f0 [sunrpc] svc_addsock+0x20d/0x400 [sunrpc] __write_ports_addfd+0x209/0x390 [nfsd] write_ports+0x239/0x2c0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Freed by task 102551: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x2a/0x50 __kasan_slab_free+0x106/0x190 __kmem_cache_free+0x133/0x270 svc_xprt_free+0x1e2/0x350 [sunrpc] svc_xprt_destroy_all+0x25a/0x440 [sunrpc] nfsd_put+0x125/0x240 [nfsd] nfsd_svc+0x2cb/0x3c0 [nfsd] write_threads+0x1ac/0x2a0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Fix the UAF by simply doing nothing in svc_tcp_listen_data_ready() if state != TCP_LISTEN, that will avoid dereferencing svsk for all child socket. Link: https://lore.kernel.org/lkml/20230507091131.23540-1-dinghui@sangfor.com.cn/ Fixes: fa9251afc33c ("SUNRPC: Call the default socket callbacks instead of open coding") Signed-off-by: Ding Hui <dinghui(a)sangfor.com.cn> Cc: <stable(a)vger.kernel.org> Signed-off-by: Chuck Lever <chuck.lever(a)oracle.com> diff --git a/net/sunrpc/svcsock.c b/net/sunrpc/svcsock.c index f77cebe2c071..15f4d0d40bdd 100644 --- a/net/sunrpc/svcsock.c +++ b/net/sunrpc/svcsock.c @@ -826,12 +826,6 @@ static void svc_tcp_listen_data_ready(struct sock *sk) trace_sk_data_ready(sk); - if (svsk) { - /* Refer to svc_setup_socket() for details. */ - rmb(); - svsk->sk_odata(sk); - } - /* * This callback may called twice when a new connection * is established as a child socket inherits everything @@ -840,13 +834,18 @@ static void svc_tcp_listen_data_ready(struct sock *sk) * when one of child sockets become ESTABLISHED. * 2) data_ready method of the child socket may be called * when it receives data before the socket is accepted. - * In case of 2, we should ignore it silently. + * In case of 2, we should ignore it silently and DO NOT + * dereference svsk. */ - if (sk->sk_state == TCP_LISTEN) { - if (svsk) { - set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags); - svc_xprt_enqueue(&svsk->sk_xprt); - } + if (sk->sk_state != TCP_LISTEN) + return; + + if (svsk) { + /* Refer to svc_setup_socket() for details. */ + rmb(); + svsk->sk_odata(sk); + set_bit(XPT_CONN, &svsk->sk_xprt.xpt_flags); + svc_xprt_enqueue(&svsk->sk_xprt); } }

2 years, 5 months

2
1
0 0

stable-rc/linux-5.15.y baseline: 152 runs, 15 regressions (v5.15.120-274-g478387c57e172)

by kernelci.org bot

stable-rc/linux-5.15.y baseline: 152 runs, 15 regressions (v5.15.120-274-g478387c57e172) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ asus-C436FA-Flip-hatch | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 asus-CM1400CXA-dalboz | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 asus-cx9400-volteer | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 hp-x360-14a-cb0001xx-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 imx53-qsrb | arm | lab-pengutronix | gcc-10 | multi_v7_defconfig | 1 imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | imx_v6_v7_defconfig | 1 imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 lenovo-TPad-C13-Yoga-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-5.15.y/kernel/v5.15.12… Test: baseline Tree: stable-rc Branch: linux-5.15.y Describe: v5.15.120-274-g478387c57e172 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 478387c57e172d08b97a3998979210735a56ba69 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ asus-C436FA-Flip-hatch | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addcaf1b59c20603bb2a7e Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addcaf1b59c20603bb2a83 failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:50:09.258854 <8>[ 10.332069] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064515_1.4.2.3.1> 2023-07-11T22:50:09.261849 + set +x 2023-07-11T22:50:09.369853 / # # 2023-07-11T22:50:09.472376 export SHELL=/bin/sh 2023-07-11T22:50:09.473179 # 2023-07-11T22:50:09.574728 / # export SHELL=/bin/sh. /lava-11064515/environment 2023-07-11T22:50:09.575570 2023-07-11T22:50:09.677255 / # . /lava-11064515/environment/lava-11064515/bin/lava-test-runner /lava-11064515/1 2023-07-11T22:50:09.678501 2023-07-11T22:50:09.685344 / # /lava-11064515/bin/lava-test-runner /lava-11064515/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ asus-CM1400CXA-dalboz | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addcb1cb3e0ab6a1bb2c2f Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addcb1cb3e0ab6a1bb2c34 failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:50:08.447979 + set<8>[ 11.478071] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064539_1.4.2.3.1> 2023-07-11T22:50:08.448561 +x 2023-07-11T22:50:08.556430 / # # 2023-07-11T22:50:08.659082 export SHELL=/bin/sh 2023-07-11T22:50:08.659923 # 2023-07-11T22:50:08.761724 / # export SHELL=/bin/sh. /lava-11064539/environment 2023-07-11T22:50:08.762513 2023-07-11T22:50:08.864121 / # . /lava-11064539/environment/lava-11064539/bin/lava-test-runner /lava-11064539/1 2023-07-11T22:50:08.865370 2023-07-11T22:50:08.871031 / # /lava-11064539/bin/lava-test-runner /lava-11064539/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ asus-cx9400-volteer | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addc9ccb3e0ab6a1bb2a83 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addc9ccb3e0ab6a1bb2a88 failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:50:05.816571 <8>[ 10.351427] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064519_1.4.2.3.1> 2023-07-11T22:50:05.819737 + set +x 2023-07-11T22:50:05.920846 # 2023-07-11T22:50:06.021575 / # #export SHELL=/bin/sh 2023-07-11T22:50:06.021758 2023-07-11T22:50:06.122313 / # export SHELL=/bin/sh. /lava-11064519/environment 2023-07-11T22:50:06.122513 2023-07-11T22:50:06.222985 / # . /lava-11064519/environment/lava-11064519/bin/lava-test-runner /lava-11064519/1 2023-07-11T22:50:06.223426 2023-07-11T22:50:06.228060 / # /lava-11064519/bin/lava-test-runner /lava-11064519/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/64adddb579dc031f46bb2a81 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adddb579dc031f46bb2a82 failing since 425 days (last pass: v5.15.37-259-gab77581473a3, first fail: v5.15.39) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64addb8f37af70605abb2a77 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addb8f37af70605abb2a7c failing since 175 days (last pass: v5.15.82-124-gd731c63c25d1, first fail: v5.15.87-101-g5bcc318cb4cd) 2023-07-11T22:45:18.077013 <8>[ 10.036427] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719468_1.5.2.4.1> 2023-07-11T22:45:18.188551 / # # 2023-07-11T22:45:18.291774 export SHELL=/bin/sh 2023-07-11T22:45:18.292946 # 2023-07-11T22:45:18.394999 / # export SHELL=/bin/sh. /lava-3719468/environment 2023-07-11T22:45:18.396033 2023-07-11T22:45:18.498139 / # . /lava-3719468/environment/lava-3719468/bin/lava-test-runner /lava-3719468/1 2023-07-11T22:45:18.499738 2023-07-11T22:45:18.504447 / # /lava-3719468/bin/lava-test-runner /lava-3719468/1 2023-07-11T22:45:18.586998 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addc9cd80834dea6bb2b27 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addc9cd80834dea6bb2b2c failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:50:03.202510 + <8>[ 10.758159] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064530_1.4.2.3.1> 2023-07-11T22:50:03.202604 set +x 2023-07-11T22:50:03.303812 # 2023-07-11T22:50:03.404605 / # #export SHELL=/bin/sh 2023-07-11T22:50:03.404775 2023-07-11T22:50:03.505315 / # export SHELL=/bin/sh. /lava-11064530/environment 2023-07-11T22:50:03.505506 2023-07-11T22:50:03.606157 / # . /lava-11064530/environment/lava-11064530/bin/lava-test-runner /lava-11064530/1 2023-07-11T22:50:03.606458 2023-07-11T22:50:03.610769 / # /lava-11064530/bin/lava-test-runner /lava-11064530/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addc8e4fdda849b5bb2ace Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addc8e4fdda849b5bb2ad3 failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:49:34.669247 + set +x 2023-07-11T22:49:34.676488 <8>[ 10.293852] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064503_1.4.2.3.1> 2023-07-11T22:49:34.778319 2023-07-11T22:49:34.878884 / # #export SHELL=/bin/sh 2023-07-11T22:49:34.879097 2023-07-11T22:49:34.979633 / # export SHELL=/bin/sh. /lava-11064503/environment 2023-07-11T22:49:34.979844 2023-07-11T22:49:35.080374 / # . /lava-11064503/environment/lava-11064503/bin/lava-test-runner /lava-11064503/1 2023-07-11T22:49:35.080766 2023-07-11T22:49:35.085763 / # /lava-11064503/bin/lava-test-runner /lava-11064503/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ hp-x360-14a-cb0001xx-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addc9dd80834dea6bb2b3f Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addc9dd80834dea6bb2b44 failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:50:05.267583 + <8>[ 10.992996] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064527_1.4.2.3.1> 2023-07-11T22:50:05.267678 set +x 2023-07-11T22:50:05.371710 / # # 2023-07-11T22:50:05.472323 export SHELL=/bin/sh 2023-07-11T22:50:05.472553 # 2023-07-11T22:50:05.573131 / # export SHELL=/bin/sh. /lava-11064527/environment 2023-07-11T22:50:05.573331 2023-07-11T22:50:05.673852 / # . /lava-11064527/environment/lava-11064527/bin/lava-test-runner /lava-11064527/1 2023-07-11T22:50:05.674108 2023-07-11T22:50:05.678935 / # /lava-11064527/bin/lava-test-runner /lava-11064527/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ imx53-qsrb | arm | lab-pengutronix | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64addb14561ffc2d47bb2a76 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addb14561ffc2d47bb2a7b failing since 162 days (last pass: v5.15.81-122-gc5f8d4a5d3c8, first fail: v5.15.90-205-g5605d15db022) 2023-07-11T22:43:22.781229 + set +x 2023-07-11T22:43:22.781395 [ 9.420586] <LAVA_SIGNAL_ENDRUN 0_dmesg 994925_1.5.2.3.1> 2023-07-11T22:43:22.888212 / # # 2023-07-11T22:43:22.990174 export SHELL=/bin/sh 2023-07-11T22:43:22.990794 # 2023-07-11T22:43:23.092298 / # export SHELL=/bin/sh. /lava-994925/environment 2023-07-11T22:43:23.093239 2023-07-11T22:43:23.194776 / # . /lava-994925/environment/lava-994925/bin/lava-test-runner /lava-994925/1 2023-07-11T22:43:23.195606 2023-07-11T22:43:23.198310 / # /lava-994925/bin/lava-test-runner /lava-994925/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | imx_v6_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64addd02d8c691173ebb2ac0 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: imx_v6_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addd02d8c691173ebb2ac5 new failure (last pass: v5.15.55-168-g91c6070d5ced) 2023-07-11T22:51:22.461309 / # # 2023-07-11T22:51:22.562963 export SHELL=/bin/sh 2023-07-11T22:51:22.563318 # 2023-07-11T22:51:22.664615 / # export SHELL=/bin/sh. /lava-3719512/environment 2023-07-11T22:51:22.664958 2023-07-11T22:51:22.766276 / # . /lava-3719512/environment/lava-3719512/bin/lava-test-runner /lava-3719512/1 2023-07-11T22:51:22.766868 2023-07-11T22:51:22.807439 / # /lava-3719512/bin/lava-test-runner /lava-3719512/1 2023-07-11T22:51:22.972679 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:51:22.972934 + cd /lava-3719512/1/tests/1_bootrr ... (10 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64addb2704f78df281bb2a90 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addb2704f78df281bb2a95 new failure (last pass: v5.15.59) 2023-07-11T22:43:30.126199 / # # 2023-07-11T22:43:30.228108 export SHELL=/bin/sh 2023-07-11T22:43:30.228605 # 2023-07-11T22:43:30.329956 / # export SHELL=/bin/sh. /lava-3719476/environment 2023-07-11T22:43:30.330476 2023-07-11T22:43:30.431884 / # . /lava-3719476/environment/lava-3719476/bin/lava-test-runner /lava-3719476/1 2023-07-11T22:43:30.432657 2023-07-11T22:43:30.437121 / # /lava-3719476/bin/lava-test-runner /lava-3719476/1 2023-07-11T22:43:30.529034 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:43:30.529311 + cd /lava-3719476/1/tests/1_bootrr ... (18 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ lenovo-TPad-C13-Yoga-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addc9ed80834dea6bb2b4c Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addc9ed80834dea6bb2b51 failing since 105 days (last pass: v5.15.104, first fail: v5.15.104-147-gea115396267e) 2023-07-11T22:49:52.491970 <8>[ 12.512838] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064526_1.4.2.3.1> 2023-07-11T22:49:52.596969 / # # 2023-07-11T22:49:52.697532 export SHELL=/bin/sh 2023-07-11T22:49:52.697728 # 2023-07-11T22:49:52.798228 / # export SHELL=/bin/sh. /lava-11064526/environment 2023-07-11T22:49:52.798421 2023-07-11T22:49:52.898913 / # . /lava-11064526/environment/lava-11064526/bin/lava-test-runner /lava-11064526/1 2023-07-11T22:49:52.899209 2023-07-11T22:49:52.903726 / # /lava-11064526/bin/lava-test-runner /lava-11064526/1 2023-07-11T22:49:52.909278 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64addef84991dd91e4bb2a78 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addef84991dd91e4bb2a7d failing since 34 days (last pass: v5.15.72-38-gebe70cd7f5413, first fail: v5.15.114-196-g00621f2608ac) 2023-07-11T22:59:53.316427 [ 16.058193] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719551_1.5.2.4.1> 2023-07-11T22:59:53.421368 2023-07-11T22:59:53.421806 / # [ 16.096078] rockchip-drm display-subsystem: [drm] Cannot find any crtc or sizes 2023-07-11T22:59:53.523927 #export SHELL=/bin/sh 2023-07-11T22:59:53.524621 2023-07-11T22:59:53.626403 / # export SHELL=/bin/sh. /lava-3719551/environment 2023-07-11T22:59:53.627187 2023-07-11T22:59:53.729136 / # . /lava-3719551/environment/lava-3719551/bin/lava-test-runner /lava-3719551/1 2023-07-11T22:59:53.730112 2023-07-11T22:59:53.733570 / # /lava-3719551/bin/lava-test-runner /lava-3719551/1 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64addf91bd7a240d48bb2ad8 Results: 38 PASS, 8 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64addf91bd7a240d48bb2b05 failing since 175 days (last pass: v5.15.82-124-gd731c63c25d1, first fail: v5.15.87-101-g5bcc318cb4cd) 2023-07-11T23:02:13.456674 + set +x 2023-07-11T23:02:13.460125 <8>[ 16.077271] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719534_1.5.2.4.1> 2023-07-11T23:02:13.581315 / # # 2023-07-11T23:02:13.692818 export SHELL=/bin/sh 2023-07-11T23:02:13.696397 # 2023-07-11T23:02:13.803229 / # export SHELL=/bin/sh. /lava-3719534/environment 2023-07-11T23:02:13.806719 2023-07-11T23:02:13.913674 / # . /lava-3719534/environment/lava-3719534/bin/lava-test-runner /lava-3719534/1 2023-07-11T23:02:13.919534 2023-07-11T23:02:13.922193 / # /lava-3719534/bin/lava-test-runner /lava-3719534/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+-----------------+----------+------------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64ade2a82d511bdc22bb2ab1 Results: 38 PASS, 8 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… HTML log: https://storage.kernelci.org//stable-rc/linux-5.15.y/v5.15.120-274-g478387c… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64ade2a82d511bdc22bb2ade failing since 175 days (last pass: v5.15.82-124-gd731c63c25d1, first fail: v5.15.87-101-g5bcc318cb4cd) 2023-07-11T23:15:34.077322 + set +x 2023-07-11T23:15:34.081230 <8>[ 16.045224] <LAVA_SIGNAL_ENDRUN 0_dmesg 715182_1.5.2.4.1> 2023-07-11T23:15:34.191698 / # # 2023-07-11T23:15:34.294462 export SHELL=/bin/sh 2023-07-11T23:15:34.295182 # 2023-07-11T23:15:34.397223 / # export SHELL=/bin/sh. /lava-715182/environment 2023-07-11T23:15:34.397834 2023-07-11T23:15:34.499688 / # . /lava-715182/environment/lava-715182/bin/lava-test-runner /lava-715182/1 2023-07-11T23:15:34.500976 2023-07-11T23:15:34.505043 / # /lava-715182/bin/lava-test-runner /lava-715182/1 ... (12 line(s) more)

2 years, 5 months

1
0
0 0

stable-rc/linux-5.4.y baseline: 141 runs, 37 regressions (v5.4.249-126-g6582ccd8f339)

by kernelci.org bot

stable-rc/linux-5.4.y baseline: 141 runs, 37 regressions (v5.4.249-126-g6582ccd8f339) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 da850-lcdk | arm | lab-baylibre | gcc-10 | multi_v5_defconfig | 1 hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 r8a7795-salvator-x | arm64 | lab-baylibre | gcc-10 | defconfig | 1 rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 2 sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 sun8i-h3-libretech-all-h3-cc | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-5.4.y/kernel/v5.4.249-… Test: baseline Tree: stable-rc Branch: linux-5.4.y Describe: v5.4.249-126-g6582ccd8f339 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 6582ccd8f3392481047905744b4ac01384c0a725 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add7bb05bbbb6889bb2a80 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add7bb05bbbb6889bb2a81 new failure (last pass: v5.4.249-9-gc736379684d1) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add71ced94d2ecf2bb2a7a Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add71ced94d2ecf2bb2a7f failing since 175 days (last pass: v5.4.226-68-g8c05f5e0777d, first fail: v5.4.228-659-gb3b34c474ec7) 2023-07-11T22:26:21.891368 + set +x 2023-07-11T22:26:21.900253 <8>[ 9.851698] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719399_1.5.2.4.1> 2023-07-11T22:26:22.009720 / # # 2023-07-11T22:26:22.113303 export SHELL=/bin/sh 2023-07-11T22:26:22.114386 # 2023-07-11T22:26:22.216634 / # export SHELL=/bin/sh. /lava-3719399/environment 2023-07-11T22:26:22.217724 2023-07-11T22:26:22.320047 / # . /lava-3719399/environment/lava-3719399/bin/lava-test-runner /lava-3719399/1 2023-07-11T22:26:22.321786 2023-07-11T22:26:22.326727 / # /lava-3719399/bin/lava-test-runner /lava-3719399/1 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ da850-lcdk | arm | lab-baylibre | gcc-10 | multi_v5_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add5e8b00005ff12bb2a75 Results: 4 PASS, 2 FAIL, 1 SKIP Full config: multi_v5_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add5e8b00005ff12bb2a7a failing since 175 days (last pass: v5.4.227, first fail: v5.4.228-659-gb3b34c474ec7) 2023-07-11T22:20:31.756089 / # 2023-07-11T22:20:31.860241 # #export SHELL=/bin/sh 2023-07-11T22:20:31.861430 2023-07-11T22:20:31.963767 / # export SHELL=/bin/sh. /lava-3719387/environment 2023-07-11T22:20:31.964773 2023-07-11T22:20:32.067040 / # . /lava-3719387/environment/lava-3719387/bin/lava-test-runner /lava-3719387/1 2023-07-11T22:20:32.069090 2023-07-11T22:20:32.109123 / # /lava-3719387/bin/lava-test-runner /lava-3719387/1 2023-07-11T22:20:32.326482 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:20:32.329973 + cd /lava-3719387/1/tests/1_bootrr ... (10 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add63457bd20f300bb2ac3 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add63457bd20f300bb2ac8 failing since 103 days (last pass: v5.4.238, first fail: v5.4.238) 2023-07-11T22:22:31.579002 + set +x<8>[ 10.086679] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064180_1.4.2.3.1> 2023-07-11T22:22:31.579087 2023-07-11T22:22:31.680860 2023-07-11T22:22:31.781442 / # #export SHELL=/bin/sh 2023-07-11T22:22:31.781614 2023-07-11T22:22:31.882180 / # export SHELL=/bin/sh. /lava-11064180/environment 2023-07-11T22:22:31.882359 2023-07-11T22:22:31.982933 / # . /lava-11064180/environment/lava-11064180/bin/lava-test-runner /lava-11064180/1 2023-07-11T22:22:31.983239 2023-07-11T22:22:31.987828 / # /lava-11064180/bin/lava-test-runner /lava-11064180/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add63957bd20f300bb2ae7 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add63957bd20f300bb2aec failing since 103 days (last pass: v5.4.238, first fail: v5.4.238) 2023-07-11T22:22:32.277081 <8>[ 11.454526] <LAVA_SIGNAL_ENDRUN 0_dmesg 11064187_1.4.2.3.1> 2023-07-11T22:22:32.280322 + set +x 2023-07-11T22:22:32.381647 # 2023-07-11T22:22:32.381931 2023-07-11T22:22:32.482528 / # #export SHELL=/bin/sh 2023-07-11T22:22:32.482719 2023-07-11T22:22:32.583226 / # export SHELL=/bin/sh. /lava-11064187/environment 2023-07-11T22:22:32.583480 2023-07-11T22:22:32.683987 / # . /lava-11064187/environment/lava-11064187/bin/lava-test-runner /lava-11064187/1 2023-07-11T22:22:32.684226 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add6f087c4ad0f94bb2aa3 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add6f087c4ad0f94bb2aa8 new failure (last pass: v5.4.214) 2023-07-11T22:25:27.542867 / # # 2023-07-11T22:25:27.644743 export SHELL=/bin/sh 2023-07-11T22:25:27.645208 # 2023-07-11T22:25:27.746556 / # export SHELL=/bin/sh. /lava-3719408/environment 2023-07-11T22:25:27.747031 2023-07-11T22:25:27.848422 / # . /lava-3719408/environment/lava-3719408/bin/lava-test-runner /lava-3719408/1 2023-07-11T22:25:27.849185 2023-07-11T22:25:27.855271 / # /lava-3719408/bin/lava-test-runner /lava-3719408/1 2023-07-11T22:25:27.943240 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:25:27.943568 + cd /lava-3719408/1/tests/1_bootrr ... (16 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda5c903b98c1b7bb2a89 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda5c903b98c1b7bb2a8a failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addb124756fde45fbb2a88 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb124756fde45fbb2a89 failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda9a4689c702b5bb2aa4 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda9a4689c702b5bb2aa5 failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addb9eb3fca08f5abb2a7c Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb9eb3fca08f5abb2a7d failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64addb1272ceba6e43bb2a76 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb1272ceba6e43bb2a77 failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addbb6e02429cac5bb2a8b Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addbb6e02429cac5bb2a8c failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda5c37c996772fbb2a88 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda5c37c996772fbb2a89 failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addb1225d301e881bb2a80 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb1225d301e881bb2a81 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda9b85afa11b56bb2a77 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda9b85afa11b56bb2a78 failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addbeeca824c61a9bb2a75 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addbeeca824c61a9bb2a76 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64addb3c5dae96c452bb2a86 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb3c5dae96c452bb2a87 failing since 428 days (last pass: v5.4.191-85-ga4a4cbb41380, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addbddc04d234369bb2ac1 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addbddc04d234369bb2ac2 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda5a37c996772fbb2a80 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda5a37c996772fbb2a81 failing since 342 days (last pass: v5.4.180-59-g4f62141869c8, first fail: v5.4.209) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addb1201c7203ba1bb2a79 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb1201c7203ba1bb2a7a failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda72e14236768abb2b0a Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda72e14236768abb2b0b failing since 342 days (last pass: v5.4.180-59-g4f62141869c8, first fail: v5.4.209) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addb9f37af70605abb2a84 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb9f37af70605abb2a85 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda38a379ad53ffbb2a85 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda38a379ad53ffbb2a86 failing since 342 days (last pass: v5.4.180-59-g4f62141869c8, first fail: v5.4.209) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addbb737af70605abb2aab Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addbb737af70605abb2aac failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda5be14236768abb2ad7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda5be14236768abb2ad8 failing since 322 days (last pass: v5.4.180-59-g4f62141869c8, first fail: v5.4.210-390-g1cece69eaa88) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addb12ffc6fdd0c6bb2a85 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addb12ffc6fdd0c6bb2a86 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda864689c702b5bb2a83 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda864689c702b5bb2a84 failing since 322 days (last pass: v5.4.180-59-g4f62141869c8, first fail: v5.4.210-390-g1cece69eaa88) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addc02ca824c61a9bb2aa3 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addc02ca824c61a9bb2aa4 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda4d37c996772fbb2a7d Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adda4d37c996772fbb2a7e failing since 322 days (last pass: v5.4.180-59-g4f62141869c8, first fail: v5.4.210-390-g1cece69eaa88) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64addbddccf286aa7bbb2a85 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64addbddccf286aa7bbb2a86 failing since 428 days (last pass: v5.4.191-84-gbea55d0a1d975, first fail: v5.4.191-118-g7dae5fe9ddc0) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ r8a7795-salvator-x | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add993d04ebfe53cbb2af0 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add993d04ebfe53cbb2af5 failing since 74 days (last pass: v5.4.217, first fail: v5.4.238-245-g14f076931beb) 2023-07-11T22:36:49.471667 + set +x 2023-07-11T22:36:49.474790 <8>[ 73.082162] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719445_1.5.2.4.1> 2023-07-11T22:36:49.580859 / # # 2023-07-11T22:36:49.683009 export SHELL=/bin/sh 2023-07-11T22:36:49.683732 # 2023-07-11T22:36:49.785618 / # export SHELL=/bin/sh. /lava-3719445/environment 2023-07-11T22:36:49.786377 2023-07-11T22:36:49.888293 / # . /lava-3719445/environment/lava-3719445/bin/lava-test-runner /lava-3719445/1 2023-07-11T22:36:49.889036 2023-07-11T22:36:49.892839 / # /lava-3719445/bin/lava-test-runner /lava-3719445/1 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add97f5caea0bfc1bb2a9b Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add97f5caea0bfc1bb2a9c failing since 74 days (last pass: v5.4.224-157-g3e1fbfce73e5, first fail: v5.4.238-245-g14f076931beb) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 2 Details: https://kernelci.org/test/plan/id/64adda3096152e9762bb2a7a Results: 82 PASS, 2 FAIL, 1 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.rockchip-usb2phy1-probed: https://kernelci.org/test/case/id/64adda3096152e9762bb2a80 failing since 119 days (last pass: v5.4.235, first fail: v5.4.235-4-gb829e8b6e1a7) 2023-07-11T22:39:38.596962 /lava-11064419/1/../bin/lava-test-case * baseline.bootrr.rockchip-usb2phy0-probed: https://kernelci.org/test/case/id/64adda3096152e9762bb2a81 failing since 119 days (last pass: v5.4.235, first fail: v5.4.235-4-gb829e8b6e1a7) 2023-07-11T22:39:37.574754 /lava-11064419/1/../bin/lava-test-case 2023-07-11T22:39:37.583578 <8>[ 32.820795] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=rockchip-usb2phy0-probed RESULT=fail> platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add9dc4345c50f6bbb2a83 Results: 32 PASS, 11 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add9dc4345c50f6bbb2aab failing since 174 days (last pass: v5.4.226-68-g97ed976894df, first fail: v5.4.228-659-gb3b34c474ec7) 2023-07-11T22:37:49.791034 <8>[ 16.712348] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719436_1.5.2.4.1> 2023-07-11T22:37:49.910728 / # # 2023-07-11T22:37:50.016231 export SHELL=/bin/sh 2023-07-11T22:37:50.017738 # 2023-07-11T22:37:50.121123 / # export SHELL=/bin/sh. /lava-3719436/environment 2023-07-11T22:37:50.122640 2023-07-11T22:37:50.226083 / # . /lava-3719436/environment/lava-3719436/bin/lava-test-runner /lava-3719436/1 2023-07-11T22:37:50.228787 2023-07-11T22:37:50.232039 / # /lava-3719436/bin/lava-test-runner /lava-3719436/1 2023-07-11T22:37:50.264435 + export 'TESTRUN_ID=1_bootrr' ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adda0d7e46b1d51fbb2a80 Results: 32 PASS, 11 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adda0d7e46b1d51fbb2aaa failing since 174 days (last pass: v5.4.226-68-g97ed976894df, first fail: v5.4.228-659-gb3b34c474ec7) 2023-07-11T22:38:33.624081 <8>[ 16.691269] <LAVA_SIGNAL_ENDRUN 0_dmesg 715018_1.5.2.4.1> 2023-07-11T22:38:33.731622 / # # 2023-07-11T22:38:33.834391 export SHELL=/bin/sh 2023-07-11T22:38:33.835045 # 2023-07-11T22:38:33.936905 / # export SHELL=/bin/sh. /lava-715018/environment 2023-07-11T22:38:33.937414 2023-07-11T22:38:34.038936 / # . /lava-715018/environment/lava-715018/bin/lava-test-runner /lava-715018/1 2023-07-11T22:38:34.040833 2023-07-11T22:38:34.044040 / # /lava-715018/bin/lava-test-runner /lava-715018/1 2023-07-11T22:38:34.077238 + export 'TESTRUN_ID=1_bootrr' ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ sun8i-h3-libretech-all-h3-cc | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add6ea142ee725bebb2a78 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… HTML log: https://storage.kernelci.org//stable-rc/linux-5.4.y/v5.4.249-126-g6582ccd8f… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add6ea142ee725bebb2a7d failing since 175 days (last pass: v5.4.227, first fail: v5.4.228-659-gb3b34c474ec7) 2023-07-11T22:25:24.880689 / # # 2023-07-11T22:25:24.982366 export SHELL=/bin/sh 2023-07-11T22:25:24.982716 # 2023-07-11T22:25:25.084038 / # export SHELL=/bin/sh. /lava-3719395/environment 2023-07-11T22:25:25.084390 2023-07-11T22:25:25.185713 / # . /lava-3719395/environment/lava-3719395/bin/lava-test-runner /lava-3719395/1 2023-07-11T22:25:25.186319 2023-07-11T22:25:25.191950 / # /lava-3719395/bin/lava-test-runner /lava-3719395/1 2023-07-11T22:25:25.256069 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:25:25.295851 + cd /lava-3719395/1/tests/1_bootrr ... (10 line(s) more)

2 years, 5 months

1
0
0 0

stable-rc/linux-4.19.y baseline: 134 runs, 37 regressions (v4.19.288-88-g86b58f64d958)

by kernelci.org bot

stable-rc/linux-4.19.y baseline: 134 runs, 37 regressions (v4.19.288-88-g86b58f64d958) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ at91sam9g20ek | arm | lab-broonie | gcc-10 | multi_v5_defconfig | 1 beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 beaglebone-black | arm | lab-cip | gcc-10 | omap2plus_defconfig | 1 cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 r8a7795-salvator-x | arm64 | lab-baylibre | gcc-10 | defconfig | 1 rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 2 sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 sun50i-h6-pine-h64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-h6-pine-h64 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-4.19.y/kernel/v4.19.28… Test: baseline Tree: stable-rc Branch: linux-4.19.y Describe: v4.19.288-88-g86b58f64d958 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 86b58f64d958edd3b0ee1c2be6e0d231178b56c9 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ at91sam9g20ek | arm | lab-broonie | gcc-10 | multi_v5_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add30c068cda493cbb2b9b Results: 42 PASS, 9 FAIL, 1 SKIP Full config: multi_v5_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add30c068cda493cbb2bcd new failure (last pass: v4.19.288-8-gcce880c1647e) 2023-07-11T22:08:36.599907 + set +x 2023-07-11T22:08:36.605081 <8><LAVA_SIGNAL_ENDRUN 0_dmesg 714875_1.5.2.4.1> 2023-07-11T22:08:36.718963 / # # 2023-07-11T22:08:36.822062 export SHELL=/bin/sh 2023-07-11T22:08:36.822844 # 2023-07-11T22:08:36.924834 / # export SHELL=/bin/sh. /lava-714875/environment 2023-07-11T22:08:36.925673 2023-07-11T22:08:37.027699 / # . /lava-714875/environment/lava-714875/bin/lava-test-runner /lava-714875/1 2023-07-11T22:08:37.029250 2023-07-11T22:08:37.035457 / # /lava-714875/bin/lava-test-runner /lava-714875/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add40fedf1aed77cbb2aa5 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add40fedf1aed77cbb2aa6 new failure (last pass: v4.19.288-8-gcce880c1647e) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ beaglebone-black | arm | lab-cip | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add3e49b1126bbd4bb2ac2 Results: 41 PASS, 10 FAIL, 1 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add3e49b1126bbd4bb2ac5 failing since 7 days (last pass: v4.19.288-8-g4d52374bfbe40, first fail: v4.19.288-8-gcce880c1647e) 2023-07-11T22:12:16.209573 + set +x<8>[ 10.469791] <LAVA_SIGNAL_ENDRUN 0_dmesg 985218_1.5.2.4.1> 2023-07-11T22:12:16.209977 2023-07-11T22:12:16.320485 / # # 2023-07-11T22:12:16.422541 export SHELL=/bin/sh 2023-07-11T22:12:16.423376 # 2023-07-11T22:12:16.524826 / # export SHELL=/bin/sh. /lava-985218/environment 2023-07-11T22:12:16.525485 2023-07-11T22:12:16.627004 / # . /lava-985218/environment/lava-985218/bin/lava-test-runner /lava-985218/1 2023-07-11T22:12:16.627927 2023-07-11T22:12:16.634223 / # /lava-985218/bin/lava-test-runner /lava-985218/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add2b583db993d2fbb2aaf Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add2b583db993d2fbb2ab4 failing since 175 days (last pass: v4.19.268-50-gbf741d1d7e6d, first fail: v4.19.269-522-gc75d2b5524ab) 2023-07-11T22:07:31.079081 + set +x<8>[ 7.362969] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719302_1.5.2.4.1> 2023-07-11T22:07:31.079820 2023-07-11T22:07:31.190542 / # # 2023-07-11T22:07:31.294329 export SHELL=/bin/sh 2023-07-11T22:07:31.295343 # 2023-07-11T22:07:31.397568 / # export SHELL=/bin/sh. /lava-3719302/environment 2023-07-11T22:07:31.398910 2023-07-11T22:07:31.501854 / # . /lava-3719302/environment/lava-3719302/bin/lava-test-runner /lava-3719302/1 2023-07-11T22:07:31.503566 2023-07-11T22:07:31.508369 / # /lava-3719302/bin/lava-test-runner /lava-3719302/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add289e75c4413a9bb2a75 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add289e75c4413a9bb2a7a new failure (last pass: v4.19.254) 2023-07-11T22:06:46.659817 / # # 2023-07-11T22:06:46.761753 export SHELL=/bin/sh 2023-07-11T22:06:46.762300 # 2023-07-11T22:06:46.863687 / # export SHELL=/bin/sh. /lava-3719292/environment 2023-07-11T22:06:46.864211 2023-07-11T22:06:46.965660 / # . /lava-3719292/environment/lava-3719292/bin/lava-test-runner /lava-3719292/1 2023-07-11T22:06:46.966483 2023-07-11T22:06:46.972023 / # /lava-3719292/bin/lava-test-runner /lava-3719292/1 2023-07-11T22:06:47.079858 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:06:47.080207 + cd /lava-3719292/1/tests/1_bootrr ... (16 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add407bf9bd7fdcdbb2a83 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add407bf9bd7fdcdbb2a84 failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add4f532cb576fcebb2a82 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add4f532cb576fcebb2a83 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add535117057ce60bb2aea Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add535117057ce60bb2aeb failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add6894b7c8726e6bb2aaa Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add6894b7c8726e6bb2aab failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add436ca740f55f5bb2ad2 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add436ca740f55f5bb2ad3 failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add50faa62697356bb2a82 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add50faa62697356bb2a83 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add404bf9bd7fdcdbb2a77 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add404bf9bd7fdcdbb2a78 failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add4f55540c46cecbb2af2 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add4f55540c46cecbb2af3 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add4f95540c46cecbb2b00 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add4f95540c46cecbb2b01 failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add67503a55f5202bb2ad1 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add67503a55f5202bb2ad2 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add434ca740f55f5bb2acc Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add434ca740f55f5bb2acd failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add4fb32cb576fcebb2a8e Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add4fb32cb576fcebb2a8f failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add406bf9bd7fdcdbb2a7d Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add406bf9bd7fdcdbb2a7e failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add4f65540c46cecbb2afa Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add4f65540c46cecbb2afb failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add50eaa62697356bb2a7f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add50eaa62697356bb2a80 failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add68a4888cab146bb2aa2 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add68a4888cab146bb2aa3 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add433ca740f55f5bb2ac9 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add433ca740f55f5bb2aca failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add524370a475543bb2a80 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add524370a475543bb2a81 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add405bf9bd7fdcdbb2a7a Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add405bf9bd7fdcdbb2a7b failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add4f732cb576fcebb2a88 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add4f732cb576fcebb2a89 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add50daa62697356bb2a79 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add50daa62697356bb2a7a failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add68c4b7c8726e6bb2ab0 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add68c4b7c8726e6bb2ab1 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add435ca740f55f5bb2acf Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add435ca740f55f5bb2ad0 failing since 428 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-79-ge28b1117a7ab) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add53719f7820ba9bb2af6 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add53719f7820ba9bb2af7 failing since 427 days (last pass: v4.19.241-59-g7070c1b6eeed, first fail: v4.19.241-89-g71a9ee8b0cfd) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ r8a7795-salvator-x | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add3f29ccb5c359bbb2aa8 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add3f29ccb5c359bbb2aad failing since 33 days (last pass: v4.19.261-20-g5644b22533b36, first fail: v4.19.284-89-ga1cebe658474) 2023-07-11T22:12:57.740854 + set +x 2023-07-11T22:12:57.743973 <8>[ 9.083227] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719372_1.5.2.4.1> 2023-07-11T22:12:57.849403 / # # 2023-07-11T22:12:57.950739 export SHELL=/bin/sh 2023-07-11T22:12:57.951088 # 2023-07-11T22:12:58.052203 / # export SHELL=/bin/sh. /lava-3719372/environment 2023-07-11T22:12:58.052531 2023-07-11T22:12:58.153688 / # . /lava-3719372/environment/lava-3719372/bin/lava-test-runner /lava-3719372/1 2023-07-11T22:12:58.154197 2023-07-11T22:12:58.157951 / # /lava-3719372/bin/lava-test-runner /lava-3719372/1 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add41abf9bd7fdcdbb2ab7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add41abf9bd7fdcdbb2ab8 failing since 33 days (last pass: v4.19.266-115-gf65c47c3f336, first fail: v4.19.284-89-ga1cebe658474) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 2 Details: https://kernelci.org/test/plan/id/64add376e122939260bb2ad8 Results: 77 PASS, 5 FAIL, 1 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.rockchip-usb2phy1-probed: https://kernelci.org/test/case/id/64add376e122939260bb2ade failing since 119 days (last pass: v4.19.276, first fail: v4.19.276-4-g4f95ee925a2b) 2023-07-11T22:10:46.974579 <8>[ 35.490147] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=rockchip-usb2phy0-probed RESULT=fail> 2023-07-11T22:10:47.988862 /lava-11064090/1/../bin/lava-test-case 2023-07-11T22:10:47.997377 <8>[ 36.514737] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=rockchip-usb2phy1-probed RESULT=fail> * baseline.bootrr.rockchip-usb2phy0-probed: https://kernelci.org/test/case/id/64add376e122939260bb2adf failing since 119 days (last pass: v4.19.276, first fail: v4.19.276-4-g4f95ee925a2b) 2023-07-11T22:10:45.948811 <8>[ 34.464051] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=rockchip-usb2phy-driver-present RESULT=pass> 2023-07-11T22:10:46.964344 /lava-11064090/1/../bin/lava-test-case platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add4778cd399b4d9bb2a77 Results: 23 PASS, 16 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add4778cd399b4d9bb2a9d failing since 175 days (last pass: v4.19.265-42-ga2d8c749b30c, first fail: v4.19.269-522-gc75d2b5524ab) 2023-07-11T22:14:43.812181 <8>[ 15.901178] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719369_1.5.2.4.1> 2023-07-11T22:14:43.933373 / # # 2023-07-11T22:14:44.039310 export SHELL=/bin/sh 2023-07-11T22:14:44.040965 # 2023-07-11T22:14:44.144466 / # export SHELL=/bin/sh. /lava-3719369/environment 2023-07-11T22:14:44.146014 2023-07-11T22:14:44.249699 / # . /lava-3719369/environment/lava-3719369/bin/lava-test-runner /lava-3719369/1 2023-07-11T22:14:44.252514 2023-07-11T22:14:44.254659 / # /lava-3719369/bin/lava-test-runner /lava-3719369/1 2023-07-11T22:14:44.286836 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add66103a55f5202bb2a93 Results: 23 PASS, 16 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add66103a55f5202bb2ab9 failing since 175 days (last pass: v4.19.265-42-ga2d8c749b30c, first fail: v4.19.269-522-gc75d2b5524ab) 2023-07-11T22:22:51.325047 <8>[ 15.999283] <LAVA_SIGNAL_ENDRUN 0_dmesg 714914_1.5.2.4.1> 2023-07-11T22:22:51.432140 / # # 2023-07-11T22:22:51.535025 export SHELL=/bin/sh 2023-07-11T22:22:51.535811 # 2023-07-11T22:22:51.638124 / # export SHELL=/bin/sh. /lava-714914/environment 2023-07-11T22:22:51.638847 2023-07-11T22:22:51.741008 / # . /lava-714914/environment/lava-714914/bin/lava-test-runner /lava-714914/1 2023-07-11T22:22:51.742162 2023-07-11T22:22:51.746736 / # /lava-714914/bin/lava-test-runner /lava-714914/1 2023-07-11T22:22:51.778305 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ sun50i-h6-pine-h64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add409bf9bd7fdcdbb2a9c Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add409bf9bd7fdcdbb2aa1 failing since 175 days (last pass: v4.19.261-20-g5644b22533b36, first fail: v4.19.269-522-gc75d2b5524ab) 2023-07-11T22:12:59.826205 / # # 2023-07-11T22:12:59.928309 export SHELL=/bin/sh 2023-07-11T22:12:59.928928 # 2023-07-11T22:13:00.030369 / # export SHELL=/bin/sh. /lava-3719367/environment 2023-07-11T22:13:00.030956 2023-07-11T22:13:00.132406 / # . /lava-3719367/environment/lava-3719367/bin/lava-test-runner /lava-3719367/1 2023-07-11T22:13:00.133241 2023-07-11T22:13:00.153135 / # /lava-3719367/bin/lava-test-runner /lava-3719367/1 2023-07-11T22:13:00.209041 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:13:00.209708 + cd /lava-3719367<8>[ 15.633389] <LAVA_SIGNAL_STARTRUN 1_bootrr 3719367_1.5.2.4.5> ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ sun50i-h6-pine-h64 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add41b8ca0b1502cbb2a75 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… HTML log: https://storage.kernelci.org//stable-rc/linux-4.19.y/v4.19.288-88-g86b58f64… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add41b8ca0b1502cbb2a7a failing since 175 days (last pass: v4.19.261-20-g5644b22533b36, first fail: v4.19.269-522-gc75d2b5524ab) 2023-07-11T22:15:06.102928 / # # 2023-07-11T22:15:06.205056 export SHELL=/bin/sh 2023-07-11T22:15:06.205776 # 2023-07-11T22:15:06.307232 / # export SHELL=/bin/sh. /lava-11064121/environment 2023-07-11T22:15:06.307955 2023-07-11T22:15:06.409443 / # . /lava-11064121/environment/lava-11064121/bin/lava-test-runner /lava-11064121/1 2023-07-11T22:15:06.410553 2023-07-11T22:15:06.426977 / # /lava-11064121/bin/lava-test-runner /lava-11064121/1 2023-07-11T22:15:06.484918 + export 'TESTRUN_ID=1_bootrr' 2023-07-11T22:15:06.485436 + cd /lava-1106412<8>[ 15.632270] <LAVA_SIGNAL_STARTRUN 1_bootrr 11064121_1.5.2.4.5> ... (11 line(s) more)

2 years, 5 months

1
0
0 0

stable-rc/linux-6.1.y baseline: 164 runs, 9 regressions (v6.1.38-393-gb6386e7314b4)

by kernelci.org bot

stable-rc/linux-6.1.y baseline: 164 runs, 9 regressions (v6.1.38-393-gb6386e7314b4) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ acer-chromebox-cxi4-puff | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 asus-C436FA-Flip-hatch | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 asus-CM1400CXA-dalboz | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 asus-cx9400-volteer | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 hp-x360-14a-cb0001xx-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 lenovo-TPad-C13-Yoga-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-6.1.y/kernel/v6.1.38-3… Test: baseline Tree: stable-rc Branch: linux-6.1.y Describe: v6.1.38-393-gb6386e7314b4 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: b6386e7314b41a0e90dc9c4b9f6db439c2a9a73d Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ acer-chromebox-cxi4-puff | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add006bec195a264bb2ac0 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add006bec195a264bb2ac1 failing since 8 days (last pass: v6.1.37, first fail: v6.1.37-12-g86236a041c0f) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ asus-C436FA-Flip-hatch | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcff3bec195a264bb2a8b Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcff3bec195a264bb2a90 failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:44.901497 + set +x 2023-07-11T21:55:44.908309 <8>[ 10.303440] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063905_1.4.2.3.1> 2023-07-11T21:55:45.012367 / # # 2023-07-11T21:55:45.112918 export SHELL=/bin/sh 2023-07-11T21:55:45.113109 # 2023-07-11T21:55:45.213647 / # export SHELL=/bin/sh. /lava-11063905/environment 2023-07-11T21:55:45.213826 2023-07-11T21:55:45.314320 / # . /lava-11063905/environment/lava-11063905/bin/lava-test-runner /lava-11063905/1 2023-07-11T21:55:45.314598 2023-07-11T21:55:45.320131 / # /lava-11063905/bin/lava-test-runner /lava-11063905/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ asus-CM1400CXA-dalboz | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcff1312f545d70bb2ae2 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcff1312f545d70bb2ae7 failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:40.355578 + set<8>[ 11.511709] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063874_1.4.2.3.1> 2023-07-11T21:55:40.356005 +x 2023-07-11T21:55:40.463959 / # # 2023-07-11T21:55:40.565909 export SHELL=/bin/sh 2023-07-11T21:55:40.566576 # 2023-07-11T21:55:40.667971 / # export SHELL=/bin/sh. /lava-11063874/environment 2023-07-11T21:55:40.668714 2023-07-11T21:55:40.770220 / # . /lava-11063874/environment/lava-11063874/bin/lava-test-runner /lava-11063874/1 2023-07-11T21:55:40.771443 2023-07-11T21:55:40.776275 / # /lava-11063874/bin/lava-test-runner /lava-11063874/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ asus-cx9400-volteer | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfdfd4df6821adbb2adb Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcfdfd4df6821adbb2ae0 failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:44.414854 <8>[ 10.127970] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063906_1.4.2.3.1> 2023-07-11T21:55:44.418318 + set +x 2023-07-11T21:55:44.519591 /# 2023-07-11T21:55:44.620442 # #export SHELL=/bin/sh 2023-07-11T21:55:44.620601 2023-07-11T21:55:44.721052 / # export SHELL=/bin/sh. /lava-11063906/environment 2023-07-11T21:55:44.721225 2023-07-11T21:55:44.821807 / # . /lava-11063906/environment/lava-11063906/bin/lava-test-runner /lava-11063906/1 2023-07-11T21:55:44.822029 2023-07-11T21:55:44.826715 / # /lava-11063906/bin/lava-test-runner /lava-11063906/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ beagle-xm | arm | lab-baylibre | gcc-10 | omap2plus_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add01925b4b78c0ebb2a7f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: omap2plus_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add01925b4b78c0ebb2a80 failing since 33 days (last pass: v6.1.31-40-g7d0a9678d276, first fail: v6.1.31-266-g8f4f686e321c) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcff21ddeae8500bb2ad3 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcff21ddeae8500bb2ad8 failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:53.877941 + set +x 2023-07-11T21:55:53.884100 <8>[ 10.946908] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063871_1.4.2.3.1> 2023-07-11T21:55:53.991871 / # # 2023-07-11T21:55:54.094208 export SHELL=/bin/sh 2023-07-11T21:55:54.094912 # 2023-07-11T21:55:54.196357 / # export SHELL=/bin/sh. /lava-11063871/environment 2023-07-11T21:55:54.197099 2023-07-11T21:55:54.298632 / # . /lava-11063871/environment/lava-11063871/bin/lava-test-runner /lava-11063871/1 2023-07-11T21:55:54.299749 2023-07-11T21:55:54.304739 / # /lava-11063871/bin/lava-test-runner /lava-11063871/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfcfd4df6821adbb2ab0 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcfcfd4df6821adbb2ab5 failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:07.990170 + set +x 2023-07-11T21:55:07.996524 <8>[ 10.548786] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063892_1.4.2.3.1> 2023-07-11T21:55:08.103317 # 2023-07-11T21:55:08.104545 2023-07-11T21:55:08.206408 / # #export SHELL=/bin/sh 2023-07-11T21:55:08.207128 2023-07-11T21:55:08.308536 / # export SHELL=/bin/sh. /lava-11063892/environment 2023-07-11T21:55:08.309170 2023-07-11T21:55:08.410603 / # . /lava-11063892/environment/lava-11063892/bin/lava-test-runner /lava-11063892/1 2023-07-11T21:55:08.411820 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-14a-cb0001xx-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfde312f545d70bb2ab4 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcfde312f545d70bb2ab9 failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:31.628625 + set<8>[ 10.841811] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063883_1.4.2.3.1> 2023-07-11T21:55:31.629186 +x 2023-07-11T21:55:31.737513 / # # 2023-07-11T21:55:31.840079 export SHELL=/bin/sh 2023-07-11T21:55:31.840851 # 2023-07-11T21:55:31.942555 / # export SHELL=/bin/sh. /lava-11063883/environment 2023-07-11T21:55:31.943365 2023-07-11T21:55:32.045102 / # . /lava-11063883/environment/lava-11063883/bin/lava-test-runner /lava-11063883/1 2023-07-11T21:55:32.046382 2023-07-11T21:55:32.051270 / # /lava-11063883/bin/lava-test-runner /lava-11063883/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ lenovo-TPad-C13-Yoga-zork | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfd0956a83bb7fbb2ab7 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… HTML log: https://storage.kernelci.org//stable-rc/linux-6.1.y/v6.1.38-393-gb6386e7314… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcfd0956a83bb7fbb2abc failing since 103 days (last pass: v6.1.21, first fail: v6.1.22) 2023-07-11T21:55:14.623063 + set<8>[ 11.588140] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063880_1.4.2.3.1> 2023-07-11T21:55:14.623169 +x 2023-07-11T21:55:14.727883 / # # 2023-07-11T21:55:14.828488 export SHELL=/bin/sh 2023-07-11T21:55:14.828693 # 2023-07-11T21:55:14.929157 / # export SHELL=/bin/sh. /lava-11063880/environment 2023-07-11T21:55:14.929350 2023-07-11T21:55:15.029873 / # . /lava-11063880/environment/lava-11063880/bin/lava-test-runner /lava-11063880/1 2023-07-11T21:55:15.030178 2023-07-11T21:55:15.035158 / # /lava-11063880/bin/lava-test-runner /lava-11063880/1 ... (12 line(s) more)

2 years, 5 months

1
0
0 0

stable-rc/linux-5.10.y baseline: 165 runs, 11 regressions (v5.10.186-221-gf178eace6e074)

by kernelci.org bot

stable-rc/linux-5.10.y baseline: 165 runs, 11 regressions (v5.10.186-221-gf178eace6e074) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 3 r8a77950-salvator-x | arm64 | lab-baylibre | gcc-10 | defconfig | 1 rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 stm32mp157c-dk2 | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/linux-5.10.y/kernel/v5.10.18… Test: baseline Tree: stable-rc Branch: linux-5.10.y Describe: v5.10.186-221-gf178eace6e074 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: f178eace6e0740ae5eab86eb3d05df94e91e8192 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ cubietruck | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64add05456a4baed0ebb2a89 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add05456a4baed0ebb2a8e failing since 174 days (last pass: v5.10.158-107-gd2432186ff47, first fail: v5.10.162-852-geeaac3cf2eb3) 2023-07-11T21:57:25.550499 + set +x<8>[ 11.044795] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719201_1.5.2.4.1> 2023-07-11T21:57:25.551210 2023-07-11T21:57:25.662281 / # # 2023-07-11T21:57:25.766121 export SHELL=/bin/sh 2023-07-11T21:57:25.767297 # 2023-07-11T21:57:25.870054 / # export SHELL=/bin/sh. /lava-3719201/environment 2023-07-11T21:57:25.871149 2023-07-11T21:57:25.973780 / # . /lava-3719201/environment/lava-3719201/bin/lava-test-runner /lava-3719201/1 2023-07-11T21:57:25.975297 2023-07-11T21:57:25.975718 / # /lava-3719201/bin/lava-test-runner /lava-3719201/1<3>[ 11.453586] Bluetooth: hci0: command 0x0c03 tx timeout ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-12b-c...4020-octopus | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfa2715548a92dbb2a75 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcfa2715548a92dbb2a7a failing since 105 days (last pass: v5.10.176, first fail: v5.10.176-105-g18265b240021) 2023-07-11T21:54:39.024382 + set +x 2023-07-11T21:54:39.030618 <8>[ 10.834505] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063819_1.4.2.3.1> 2023-07-11T21:54:39.135347 / # # 2023-07-11T21:54:39.236068 export SHELL=/bin/sh 2023-07-11T21:54:39.236247 # 2023-07-11T21:54:39.336799 / # export SHELL=/bin/sh. /lava-11063819/environment 2023-07-11T21:54:39.336973 2023-07-11T21:54:39.437537 / # . /lava-11063819/environment/lava-11063819/bin/lava-test-runner /lava-11063819/1 2023-07-11T21:54:39.437820 2023-07-11T21:54:39.442365 / # /lava-11063819/bin/lava-test-runner /lava-11063819/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ hp-x360-14-G1-sona | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfa1ea31e32225bb2ae1 Results: 6 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcfa1ea31e32225bb2ae6 failing since 105 days (last pass: v5.10.176, first fail: v5.10.176-105-g18265b240021) 2023-07-11T21:54:28.031879 <8>[ 11.823319] <LAVA_SIGNAL_ENDRUN 0_dmesg 11063848_1.4.2.3.1> 2023-07-11T21:54:28.032245 + set +x 2023-07-11T21:54:28.140863 / # # 2023-07-11T21:54:28.243195 export SHELL=/bin/sh 2023-07-11T21:54:28.243938 # 2023-07-11T21:54:28.345447 / # export SHELL=/bin/sh. /lava-11063848/environment 2023-07-11T21:54:28.346167 2023-07-11T21:54:28.447846 / # . /lava-11063848/environment/lava-11063848/bin/lava-test-runner /lava-11063848/1 2023-07-11T21:54:28.449082 2023-07-11T21:54:28.454540 / # /lava-11063848/bin/lava-test-runner /lava-11063848/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ imx6q-var-dt6customboard | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 3 Details: https://kernelci.org/test/plan/id/64adcf7cd394f157bfbb2afd Results: 3 PASS, 3 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcf7cd394f157bfbb2b02 new failure (last pass: v5.10.131-113-g024476cf51e8) 2023-07-11T21:53:46.175657 kern :emerg : 7ec0: 00000000 00000000 00000003 00000000 00000000 9fdefb86 c3a8e400 c399e840 2023-07-11T21:53:46.176011 kern :emerg : 7ee0: cec6008f cec6020f c399e894 c09e4c0c fffffc84 c399e840 c3a8e400 c3a8e580 2023-07-11T21:53:46.176237 kern :emerg : 7f00: 00000000 c1b209c0 00000000 c09e4f00 c3a8e5a0 c226b280 ef796380 ef799600 2023-07-11T21:53:46.176452 kern :emerg : 7f20: 00000000 c03625b8 c23f6000 ef796380 ef796398 c226b280 ef796380 c226b294 2023-07-11T21:53:46.176895 kern :emerg : 7f40: ef796398 c1903d00 00000008 c23f6000 ef796380 c0362b4c ffffe000 c1b20087 2023-07-11T21:53:46.218687 kern :emerg : 7f60: c226b280 c22f23c0 c225c8c0 00000000 c23f6000 c0362914 c226b280 c210feb4 2023-07-11T21:53:46.218989 kern :emerg : 7f80: c22f23e4 c0368400 00000003 c225c8c0 c03682b4 00000000 00000000 00000000 2023-07-11T21:53:46.219215 kern :emerg : 7fa0: 00000000 00000000 00000000 c03001a8 00000000 00000000 00000000 00000000 2023-07-11T21:53:46.219447 kern :emerg : 7fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 2023-07-11T21:53:46.219657 kern :emerg : 7fe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000 ... (39 line(s) more) * baseline.dmesg.emerg: https://kernelci.org/test/case/id/64adcf7cd394f157bfbb2b04 new failure (last pass: v5.10.131-113-g024476cf51e8) 26 lines 2023-07-11T21:53:46.132472 kern :emerg : Internal error: : 1 [#1] SMP ARM 2023-07-11T21:53:46.132968 kern :emerg : Process kworker/0:2 (pid: 51, stack limit = 0x(ptrval)) 2023-07-11T21:53:46.133203 kern :emerg : Stack: (0xc23f7eb0 to<8>[ 42.949642] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=emerg RESULT=fail UNITS=lines MEASUREMENT=26> 2023-07-11T21:53:46.133422 0xc23f8000) 2023-07-11T21:53:46.133633 kern :emerg : 7ea0<8>[ 42.960943] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719205_1.5.2.4.1> 2023-07-11T21:53:46.133842 : 00000000 c23f6000 00000000 cec60217 * baseline.dmesg.alert: https://kernelci.org/test/case/id/64adcf7cd394f157bfbb2b05 new failure (last pass: v5.10.131-113-g024476cf51e8) 4 lines 2023-07-11T21:53:46.051409 kern :alert : 8<--- cut here --- 2023-07-11T21:53:46.080332 kern :alert : Unhandled fault: alignment exception (0x001) at 0xcec60217 2023-07-11T21:53:46.080860 kern :alert : pgd = (ptrval) 2023-07-11T21:53:46.083447 kern :alert : [<8>[ 42.903371] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=alert RESULT=fail UNITS=lines MEASUREMENT=4> 2023-07-11T21:53:46.083718 cec60217] *pgd=1ec1141e(bad) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ r8a77950-salvator-x | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcf2d4eef6cbd55bb2a80 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcf2d4eef6cbd55bb2a81 new failure (last pass: v5.10.186-12-g95b8dd2315eef) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ rk3328-rock64 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce293c9c87acaabb2a99 Results: 5 PASS, 1 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adce293c9c87acaabb2a9e failing since 74 days (last pass: v5.10.147, first fail: v5.10.176-373-g8415c0f9308b) 2023-07-11T21:48:20.275445 [ 15.975428] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719169_1.5.2.4.1> 2023-07-11T21:48:20.379609 2023-07-11T21:48:20.379803 / # #[ 16.061961] rockchip-drm display-subsystem: [drm] Cannot find any crtc or sizes 2023-07-11T21:48:20.481258 export SHELL=/bin/sh 2023-07-11T21:48:20.481746 2023-07-11T21:48:20.583294 / # export SHELL=/bin/sh. /lava-3719169/environment 2023-07-11T21:48:20.583734 2023-07-11T21:48:20.685098 / # . /lava-3719169/environment/lava-3719169/bin/lava-test-runner /lava-3719169/1 2023-07-11T21:48:20.685820 2023-07-11T21:48:20.689312 / # /lava-3719169/bin/lava-test-runner /lava-3719169/1 ... (13 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ stm32mp157c-dk2 | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcf55b2e979b9d4bb2aca Results: 5 PASS, 1 FAIL, 1 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adcf55b2e979b9d4bb2acf failing since 158 days (last pass: v5.10.147, first fail: v5.10.166-10-g6278b8c9832e) 2023-07-11T21:53:06.979573 <8>[ 12.700887] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719214_1.5.2.4.1> 2023-07-11T21:53:07.086418 / # # 2023-07-11T21:53:07.189268 export SHELL=/bin/sh 2023-07-11T21:53:07.189861 # 2023-07-11T21:53:07.291556 / # export SHELL=/bin/sh. /lava-3719214/environment 2023-07-11T21:53:07.292167 2023-07-11T21:53:07.393966 / # . /lava-3719214/environment/lava-3719214/bin/lava-test-runner /lava-3719214/1 2023-07-11T21:53:07.395069 2023-07-11T21:53:07.399646 / # /lava-3719214/bin/lava-test-runner /lava-3719214/1 2023-07-11T21:53:07.465677 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adceb0db58f55d2abb2abd Results: 36 PASS, 9 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64adceb0db58f55d2abb2ae9 failing since 162 days (last pass: v5.10.158-107-g6b6a42c25ed4, first fail: v5.10.165-144-g930bc29c79c4) 2023-07-11T21:50:11.184856 + set +x 2023-07-11T21:50:11.188972 <8>[ 17.067154] <LAVA_SIGNAL_ENDRUN 0_dmesg 3719171_1.5.2.4.1> 2023-07-11T21:50:11.309237 / # # 2023-07-11T21:50:11.414869 export SHELL=/bin/sh 2023-07-11T21:50:11.416434 # 2023-07-11T21:50:11.519753 / # export SHELL=/bin/sh. /lava-3719171/environment 2023-07-11T21:50:11.521344 2023-07-11T21:50:11.624720 / # . /lava-3719171/environment/lava-3719171/bin/lava-test-runner /lava-3719171/1 2023-07-11T21:50:11.627365 2023-07-11T21:50:11.630666 / # /lava-3719171/bin/lava-test-runner /lava-3719171/1 ... (12 line(s) more) platform | arch | lab | compiler | defconfig | regressions -----------------------------+--------+---------------+----------+------------------------------+------------ sun50i-a64-pine64-plus | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64add41c1f2276807dbb2ac1 Results: 36 PASS, 9 FAIL, 1 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… HTML log: https://storage.kernelci.org//stable-rc/linux-5.10.y/v5.10.186-221-gf178eac… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.deferred-probe-empty: https://kernelci.org/test/case/id/64add41c1f2276807dbb2aed failing since 162 days (last pass: v5.10.158-107-g6b6a42c25ed4, first fail: v5.10.165-144-g930bc29c79c4) 2023-07-11T22:13:16.137948 <8>[ 17.147933] <LAVA_SIGNAL_ENDRUN 0_dmesg 714716_1.5.2.4.1> 2023-07-11T22:13:16.247136 / # # 2023-07-11T22:13:16.348803 export SHELL=/bin/sh 2023-07-11T22:13:16.349190 # 2023-07-11T22:13:16.450458 / # export SHELL=/bin/sh. /lava-714716/environment 2023-07-11T22:13:16.450850 2023-07-11T22:13:16.552168 / # . /lava-714716/environment/lava-714716/bin/lava-test-runner /lava-714716/1 2023-07-11T22:13:16.552929 2023-07-11T22:13:16.555822 / # /lava-714716/bin/lava-test-runner /lava-714716/1 2023-07-11T22:13:16.599612 + export 'TESTRUN_ID=1_bootrr' ... (11 line(s) more)

2 years, 5 months

1
0
0 0

stable-rc/linux-4.14.y baseline: 120 runs, 28 regressions (v4.14.320-57-gbc1094b21392)

by kernelci.org bot

stable-rc/linux-4.14.y baseline: 120 runs, 28 regressions (v4.14.320-57-gbc1094b21392) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ meson-gxl-s905x-khadas-vim | arm64 | lab-baylibre | gcc-10 | defconfig | 1 meson8b-odroidc1 | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 2 Details: https://kernelci.org/test/job/stable-rc/branch/linux-4.14.y/kernel/v4.14.32… Test: baseline Tree: stable-rc Branch: linux-4.14.y Describe: v4.14.320-57-gbc1094b21392 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: bc1094b213929360a2dd73e3ff406b6e1504e0da Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ meson-gxl-s905x-khadas-vim | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce8cbe9f6a90acbb2ac6 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce8cbe9f6a90acbb2ac7 failing since 371 days (last pass: v4.14.285, first fail: v4.14.286) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ meson8b-odroidc1 | arm | lab-baylibre | gcc-10 | multi_v7_defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcf2c029ded3f4bbb2af3 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: multi_v7_defconfig Compiler: gcc-10 (arm-linux-gnueabihf-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcf2c029ded3f4bbb2af4 failing since 512 days (last pass: v4.14.266, first fail: v4.14.266-45-gce409501ca5f) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce7a40e3dada1cbb2ad7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce7a40e3dada1cbb2ad8 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcf91cc340f0e29bb2a75 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcf91cc340f0e29bb2a76 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcef4c25f6bc805bb2b55 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcef4c25f6bc805bb2b56 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add14c8977524108bb2a92 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add14c8977524108bb2a93 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce80a02efcd0e5bb2a7f Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce80a02efcd0e5bb2a80 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfd4d4df6821adbb2abd Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcfd4d4df6821adbb2abe failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce7bbe9f6a90acbb2a75 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce7bbe9f6a90acbb2a76 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcf92b98530cd30bb2a87 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcf92b98530cd30bb2a88 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcf1c029ded3f4bbb2ae7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcf1c029ded3f4bbb2ae8 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add14d007d41ec3ebb2a7b Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add14d007d41ec3ebb2a7c failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce81a02efcd0e5bb2a8d Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce81a02efcd0e5bb2a8e failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv2-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfe6312f545d70bb2adc Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcfe6312f545d70bb2add failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce7840e3dada1cbb2ad1 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce7840e3dada1cbb2ad2 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfa5715548a92dbb2a8d Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcfa5715548a92dbb2a8e failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcee0868fd34c3cbb2ae2 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcee0868fd34c3cbb2ae3 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add17504ca3eeff6bb2a8d Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add17504ca3eeff6bb2a8e failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce7fbe9f6a90acbb2aaa Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce7fbe9f6a90acbb2aab failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3 | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcffd7653537e3ebb2af2 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcffd7653537e3ebb2af3 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce7940e3dada1cbb2ad4 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce7940e3dada1cbb2ad5 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-baylibre | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfa426aa842124bb2ad8 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcfa426aa842124bb2ad9 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adcee17f8d4c744bbb2aad Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcee17f8d4c744bbb2aae failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-broonie | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64add161d98fc08698bb2a75 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64add161d98fc08698bb2a76 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64adce7ebe9f6a90acbb2aa7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adce7ebe9f6a90acbb2aa8 failing since 427 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-79-ga6b67a30bbcc) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ qemu_arm64-virt-gicv3-uefi | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 1 Details: https://kernelci.org/test/plan/id/64adcfe77653537e3ebb2ab0 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64adcfe77653537e3ebb2ab1 failing since 428 days (last pass: v4.14.277-55-gfb8b8dfe0168, first fail: v4.14.277-71-geacdf1a71409) platform | arch | lab | compiler | defconfig | regressions ---------------------------+-------+---------------+----------+----------------------------+------------ rk3399-gru-kevin | arm64 | lab-collabora | gcc-10 | defconfig+arm64-chromebook | 2 Details: https://kernelci.org/test/plan/id/64adceda868fd34c3cbb2a90 Results: 49 PASS, 23 FAIL, 2 SKIP Full config: defconfig+arm64-chromebook Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… HTML log: https://storage.kernelci.org//stable-rc/linux-4.14.y/v4.14.320-57-gbc1094b2… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.bootrr.rockchip-usb2phy1-probed: https://kernelci.org/test/case/id/64adceda868fd34c3cbb2a96 failing since 119 days (last pass: v4.14.308, first fail: v4.14.308-4-ge7a701196c571) 2023-07-11T21:51:10.998473 [ 49.451069] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=rockchip-usb2phy0-probed RESULT=fail> 2023-07-11T21:51:12.011379 /lava-11063775/1/../bin/lava-test-case 2023-07-11T21:51:12.021279 [ 50.474942] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=rockchip-usb2phy1-probed RESULT=fail> * baseline.bootrr.rockchip-usb2phy0-probed: https://kernelci.org/test/case/id/64adceda868fd34c3cbb2a97 failing since 119 days (last pass: v4.14.308, first fail: v4.14.308-4-ge7a701196c571) 2023-07-11T21:51:10.987636 /lava-11063775/1/../bin/lava-test-case

2 years, 5 months

1
0
0 0

Hello sunshine, how are you?

by M.K.

I am sorry to bother you and intrude your privacy. I am single, lonely and in need of a caring, loving and romantic companion. I am a secret admirer and would like to explore the opportunity to learn more about each other. I know it is strange to contact you this way and I hope you can forgive me. I am a shy person and this is the only way I know I could get your attention. I just want to know what you think and my intention is not to offend you. I hope we can be friends if that is what you want, although I wish to be more than just a friend. I know you have a few questions to ask and I hope I can satisfy some of your curiosity with a few answers. I believe in the saying that 'to the world you are just one person, but to someone special you are the world'. All I want is love, romantic care and attention from a special companion which I am hoping would be you. I hope this message will be the beginning of a long term communication between us, simply send a reply to this message, it will make me happy. Hugs and kisses, Secret Admirer.

2 years, 5 months

1
0
0 0

stable-rc/linux-5.15.y build: 18 builds: 0 failed, 18 passed, 1 warning (v5.15.120-274-g478387c57e172)

by kernelci.org bot

stable-rc/linux-5.15.y build: 18 builds: 0 failed, 18 passed, 1 warning (v5.15.120-274-g478387c57e172) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-5.15.y/kernel/v5.15.120-2… Tree: stable-rc Branch: linux-5.15.y Git Describe: v5.15.120-274-g478387c57e172 Git Commit: 478387c57e172d08b97a3998979210735a56ba69 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 6 unique architectures Warnings Detected: arc: arm64: arm: i386: riscv: x86_64: x86_64_defconfig+x86-chromebook (gcc-10): 1 warning Warnings summary: 1 arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_sdcard_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/x86/kernel/smp.o: warning: objtool: sysvec_reboot()+0x45: unreachable instruction --- For more info write to <info(a)kernelci.org>

2 years, 5 months

1
0
0 0

stable/linux-6.3.y baseline: 164 runs, 3 regressions (v6.3.13)

by kernelci.org bot

stable/linux-6.3.y baseline: 164 runs, 3 regressions (v6.3.13) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ acer-chromebox-cxi4-puff | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 meson-gxbb-p200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/job/stable/branch/linux-6.3.y/kernel/v6.3.13/plan… Test: baseline Tree: stable Branch: linux-6.3.y Describe: v6.3.13 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git SHA: d1047d75f77afefd19b19ae33cde7ad67f3628c9 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ acer-chromebox-cxi4-puff | x86_64 | lab-collabora | gcc-10 | x86_64_defcon...6-chromebook | 1 Details: https://kernelci.org/test/plan/id/64ada51c896f785d4abb2ab0 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: x86_64_defconfig+x86-chromebook Compiler: gcc-10 (gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-6.3.y/v6.3.13/x86_64/x86_64_defc… HTML log: https://storage.kernelci.org//stable/linux-6.3.y/v6.3.13/x86_64/x86_64_defc… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64ada51c896f785d4abb2ab1 failing since 5 days (last pass: v6.3.11, first fail: v6.3.12) platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ meson-gxbb-p200 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64ada950295172457abb2cf5 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-6.3.y/v6.3.13/arm64/defconfig/gc… HTML log: https://storage.kernelci.org//stable/linux-6.3.y/v6.3.13/arm64/defconfig/gc… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64ada950295172457abb2cf6 new failure (last pass: v6.3.7) platform | arch | lab | compiler | defconfig | regressions -------------------------+--------+---------------+----------+------------------------------+------------ meson-gxl-s905d-p230 | arm64 | lab-baylibre | gcc-10 | defconfig | 1 Details: https://kernelci.org/test/plan/id/64ada9dc7cea34a668bb2a84 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: defconfig Compiler: gcc-10 (aarch64-linux-gnu-gcc (Debian 10.2.1-6) 10.2.1 20210110) Plain log: https://storage.kernelci.org//stable/linux-6.3.y/v6.3.13/arm64/defconfig/gc… HTML log: https://storage.kernelci.org//stable/linux-6.3.y/v6.3.13/arm64/defconfig/gc… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/buildroot-baseline/2023… * baseline.login: https://kernelci.org/test/case/id/64ada9dc7cea34a668bb2a85 new failure (last pass: v6.3.7)

2 years, 5 months

1
0
0 0

stable-rc/linux-5.4.y build: 14 builds: 0 failed, 14 passed, 22 warnings (v5.4.249-126-g6582ccd8f339)

by kernelci.org bot

stable-rc/linux-5.4.y build: 14 builds: 0 failed, 14 passed, 22 warnings (v5.4.249-126-g6582ccd8f339) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-5.4.y/kernel/v5.4.249-126… Tree: stable-rc Branch: linux-5.4.y Git Describe: v5.4.249-126-g6582ccd8f339 Git Commit: 6582ccd8f3392481047905744b4ac01384c0a725 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 6 unique architectures Warnings Detected: arc: arm64: defconfig (gcc-10): 2 warnings defconfig+arm64-chromebook (gcc-10): 2 warnings arm: i386: tinyconfig (gcc-10): 2 warnings mips: x86_64: allnoconfig (gcc-10): 4 warnings tinyconfig (gcc-10): 4 warnings x86_64_defconfig (gcc-10): 4 warnings x86_64_defconfig+x86-chromebook (gcc-10): 4 warnings Warnings summary: 5 ld: warning: creating DT_TEXTREL in a PIE 4 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 4 arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] 2 arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. 2 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call 2 arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call 2 arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' 1 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' Section mismatches summary: 1 WARNING: vmlinux.o(___ksymtab_gpl+vic_init_cascaded+0x0): Section mismatch in reference from the variable __ksymtab_vic_init_cascaded to the function .init.text:vic_init_cascaded() ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] arch/arm64/include/asm/memory.h:238:15: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: vmlinux.o(___ksymtab_gpl+vic_init_cascaded+0x0): Section mismatch in reference from the variable __ksymtab_vic_init_cascaded to the function .init.text:vic_init_cascaded() -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.S:1756: Warning: no instruction mnemonic suffix given and no register operands; using default for `sysret' arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x151: unsupported intra-function call ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_64.o: warning: objtool: .entry.text+0x1c1: unsupported intra-function call arch/x86/entry/entry_64.o: warning: objtool: If this is a retpoline, please patch it in with alternatives and annotate it with ANNOTATE_NOSPEC_ALTERNATIVE. ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE --- For more info write to <info(a)kernelci.org>

2 years, 5 months

1
0
0 0

stable-rc/linux-4.19.y build: 17 builds: 2 failed, 15 passed, 24 warnings (v4.19.288-88-g86b58f64d958)

by kernelci.org bot

stable-rc/linux-4.19.y build: 17 builds: 2 failed, 15 passed, 24 warnings (v4.19.288-88-g86b58f64d958) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.19.y/kernel/v4.19.288-8… Tree: stable-rc Branch: linux-4.19.y Git Describe: v4.19.288-88-g86b58f64d958 Git Commit: 86b58f64d958edd3b0ee1c2be6e0d231178b56c9 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 6 unique architectures Build Failures Detected: riscv: allnoconfig: (gcc-10) FAIL defconfig: (gcc-10) FAIL Warnings Detected: arm64: defconfig (gcc-10): 3 warnings defconfig+arm64-chromebook (gcc-10): 3 warnings arm: i386: allnoconfig (gcc-10): 2 warnings i386_defconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings mips: riscv: x86_64: allnoconfig (gcc-10): 2 warnings tinyconfig (gcc-10): 2 warnings x86_64_defconfig (gcc-10): 4 warnings x86_64_defconfig+x86-chromebook (gcc-10): 4 warnings Warnings summary: 7 ld: warning: creating DT_TEXTREL in a PIE 6 aarch64-linux-gnu-ld: warning: -z norelro ignored 4 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 2 drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x6a: return with modified stack frame 2 drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x0: stack state mismatch: cfa1=7+112 cfa2=7+8 Section mismatches summary: 3 WARNING: modpost: Found 1 section mismatch(es). ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — FAIL, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored aarch64-linux-gnu-ld: warning: -z norelro ignored Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x6a: return with modified stack frame drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x0: stack state mismatch: cfa1=7+112 cfa2=7+8 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x6a: return with modified stack frame drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x0: stack state mismatch: cfa1=7+112 cfa2=7+8 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE --- For more info write to <info(a)kernelci.org>

2 years, 5 months

1
0
0 0

stable-rc/linux-6.1.y build: 18 builds: 0 failed, 18 passed, 14 warnings (v6.1.38-393-gb6386e7314b4)

by kernelci.org bot

stable-rc/linux-6.1.y build: 18 builds: 0 failed, 18 passed, 14 warnings (v6.1.38-393-gb6386e7314b4) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-6.1.y/kernel/v6.1.38-393-… Tree: stable-rc Branch: linux-6.1.y Git Describe: v6.1.38-393-gb6386e7314b4 Git Commit: b6386e7314b41a0e90dc9c4b9f6db439c2a9a73d Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Warnings Detected: arc: haps_hs_smp_defconfig (gcc-10): 1 warning arm64: defconfig (gcc-10): 1 warning defconfig+arm64-chromebook (gcc-10): 1 warning arm: imx_v6_v7_defconfig (gcc-10): 1 warning multi_v5_defconfig (gcc-10): 1 warning multi_v7_defconfig (gcc-10): 1 warning omap2plus_defconfig (gcc-10): 1 warning vexpress_defconfig (gcc-10): 1 warning i386: allnoconfig (gcc-10): 1 warning mips: 32r2el_defconfig (gcc-10): 2 warnings riscv: defconfig (gcc-10): 1 warning rv32_defconfig (gcc-10): 1 warning x86_64: allnoconfig (gcc-10): 1 warning Warnings summary: 13 include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] 1 arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/mips/boot/dts/img/boston.dts:128.19-178.5: Warning (pci_device_reg): /pci@14000000/pci2_root@0,0,0: PCI unit address format error, expected "0,0" include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/blktrace_api.h:88:33: warning: statement with no effect [-Wunused-value] -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

2 years, 5 months

1
0
0 0

[PATCH 2/2] hugetlb: optimize update_and_free_pages_bulk to avoid lock cycles

by Mike Kravetz

update_and_free_pages_bulk is designed to free a list of hugetlb pages back to their associated lower level allocators. This may require allocating vmemmmap pages associated with each hugetlb page. The hugetlb page destructor must be changed before pages are freed to lower level allocators. However, the destructor must be changed under the hugetlb lock. This means there is potentially one lock cycle per page. Minimize the number of lock cycles in update_and_free_pages_bulk by: 1) allocating necessary vmemmap for all hugetlb pages on the list 2) take hugetlb lock and clear destructor for all pages on the list 3) free all pages on list back to low level allocators Fixes: ad2fa3717b74 ("mm: hugetlb: alloc the vmemmap pages associated with each HugeTLB page") Cc: <stable(a)vger.kernel.org> Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> --- mm/hugetlb.c | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 1b67bf341c32..e751fced870a 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -1856,11 +1856,44 @@ static void update_and_free_pages_bulk(struct hstate *h, struct list_head *list) { struct page *page, *t_page; struct folio *folio; + bool clear_dtor = false; + /* + * First allocate required vmemmmap for all pages on list. If vmemmap + * can not be allocated, we can not free page to lower level allocator, + * so add back as hugetlb surplus page. + */ + list_for_each_entry_safe(page, t_page, list, lru) { + if (HPageVmemmapOptimized(page)) { + clear_dtor = true; + if (hugetlb_vmemmap_restore(h, page)) { + spin_lock_irq(&hugetlb_lock); + add_hugetlb_folio(h, folio, true); + spin_unlock_irq(&hugetlb_lock); + } + cond_resched(); + } + } + + /* + * If vmemmmap allocation performed above, then take lock * to clear + * destructor of all pages on list. + */ + if (clear_dtor) { + spin_lock_irq(&hugetlb_lock); + list_for_each_entry(page, list, lru) + __clear_hugetlb_destructor(h, page_folio(page)); + spin_unlock_irq(&hugetlb_lock); + } + + /* + * Free pages back to low level allocators. vmemmap and destructors + * were taken care of above, so update_and_free_hugetlb_folio will + * not need to take hugetlb lock. + */ list_for_each_entry_safe(page, t_page, list, lru) { folio = page_folio(page); update_and_free_hugetlb_folio(h, folio, false); - cond_resched(); } } -- 2.41.0

2 years, 5 months

1
0
0 0

stable-rc/linux-5.10.y build: 18 builds: 0 failed, 18 passed, 5 warnings (v5.10.186-221-gf178eace6e074)

by kernelci.org bot

stable-rc/linux-5.10.y build: 18 builds: 0 failed, 18 passed, 5 warnings (v5.10.186-221-gf178eace6e074) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-5.10.y/kernel/v5.10.186-2… Tree: stable-rc Branch: linux-5.10.y Git Describe: v5.10.186-221-gf178eace6e074 Git Commit: f178eace6e0740ae5eab86eb3d05df94e91e8192 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 7 unique architectures Warnings Detected: arc: arm64: arm: i386: mips: 32r2el_defconfig (gcc-10): 1 warning riscv: rv32_defconfig (gcc-10): 4 warnings x86_64: Warnings summary: 2 <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] 2 <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] 1 WARNING: modpost: Symbol info of vmlinux is missing. Unresolved symbol check will be entirely skipped. ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: WARNING: modpost: Symbol info of vmlinux is missing. Unresolved symbol check will be entirely skipped. -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- haps_hs_smp_defconfig (arc, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nommu_k210_defconfig (riscv, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rv32_defconfig (riscv, gcc-10) — PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] <stdin>:830:2: warning: #warning syscall fstat64 not implemented [-Wcpp] <stdin>:1127:2: warning: #warning syscall fstatat64 not implemented [-Wcpp] -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

2 years, 5 months

1
0
0 0

stable-rc/linux-4.14.y build: 14 builds: 1 failed, 13 passed, 1 error, 25 warnings (v4.14.320-57-gbc1094b21392)

by kernelci.org bot

stable-rc/linux-4.14.y build: 14 builds: 1 failed, 13 passed, 1 error, 25 warnings (v4.14.320-57-gbc1094b21392) Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.14.y/kernel/v4.14.320-5… Tree: stable-rc Branch: linux-4.14.y Git Describe: v4.14.320-57-gbc1094b21392 Git Commit: bc1094b213929360a2dd73e3ff406b6e1504e0da Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Built: 5 unique architectures Build Failure Detected: arm: multi_v5_defconfig: (gcc-10) FAIL Errors and Warnings Detected: arm64: arm: multi_v5_defconfig (gcc-10): 1 error i386: allnoconfig (gcc-10): 3 warnings i386_defconfig (gcc-10): 3 warnings tinyconfig (gcc-10): 3 warnings mips: x86_64: allnoconfig (gcc-10): 3 warnings tinyconfig (gcc-10): 3 warnings x86_64_defconfig (gcc-10): 5 warnings x86_64_defconfig+x86-chromebook (gcc-10): 5 warnings Errors summary: 1 /tmp/kci/linux/build/../arch/arm/probes/kprobes/core.c:555: undefined reference to `kprobe_handler' Warnings summary: 7 ld: warning: creating DT_TEXTREL in a PIE 4 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' 4 Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' 3 ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' 3 arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' 2 drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x73: return with modified stack frame 2 drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x0: stack state mismatch: cfa1=7+104 cfa2=7+8 Section mismatches summary: 3 WARNING: modpost: Found 1 section mismatch(es). ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- 32r2el_defconfig (mips, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- allnoconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- defconfig (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- defconfig+arm64-chromebook (arm64, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- i386_defconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm, gcc-10) — FAIL, 1 error, 0 warnings, 0 section mismatches Errors: /tmp/kci/linux/build/../arch/arm/probes/kprobes/core.c:555: undefined reference to `kprobe_handler' Section mismatches: WARNING: modpost: Found 1 section mismatch(es). -------------------------------------------------------------------------------- multi_v7_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86_64, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- tinyconfig (i386, gcc-10) — PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: arch/x86/entry/entry_32.S:480: Warning: no instruction mnemonic suffix given and no register operands; using default for `btr' ld: arch/x86/boot/compressed/head_32.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- vexpress_defconfig (arm, gcc-10) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86_64, gcc-10) — PASS, 0 errors, 5 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x73: return with modified stack frame drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x0: stack state mismatch: cfa1=7+104 cfa2=7+8 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE -------------------------------------------------------------------------------- x86_64_defconfig+x86-chromebook (x86_64, gcc-10) — PASS, 0 errors, 5 warnings, 0 section mismatches Warnings: Warning: synced file at 'tools/objtool/arch/x86/include/asm/insn.h' differs from latest kernel version at 'arch/x86/include/asm/insn.h' drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x73: return with modified stack frame drivers/gpu/drm/drm_edid.o: warning: objtool: validate_displayid.constprop.0()+0x0: stack state mismatch: cfa1=7+104 cfa2=7+8 ld: arch/x86/boot/compressed/head_64.o: warning: relocation in read-only section `.head.text' ld: warning: creating DT_TEXTREL in a PIE --- For more info write to <info(a)kernelci.org>

2 years, 5 months

1
0
0 0

[PATCH] ASoC: fsl_sai: Revert "ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master mode"

by Fabio Estevam

From: Fabio Estevam <festevam(a)denx.de> This reverts commit ff87d619ac180444db297f043962a5c325ded47b. Andreas reports that on an i.MX8MP-based system where MCLK needs to be used as an input, the MCLK pin is actually an output, despite not having the 'fsl,sai-mclk-direction-output' property present in the devicetree. This is caused by commit ff87d619ac18 ("ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master mode") that sets FSL_SAI_MCTL_MCLK_EN unconditionally for imx8mm/8mn/8mp/93, causing the MCLK to always be configured as output. FSL_SAI_MCTL_MCLK_EN corresponds to the MOE (MCLK Output Enable) bit of register MCR and the drivers sets it when the 'fsl,sai-mclk-direction-output' devicetree property is present. Revert the commit to allow SAI to use MCLK as input as well. Cc: stable(a)vger.kernel.org Fixes: ff87d619ac18 ("ASoC: fsl_sai: Enable MCTL_MCLK_EN bit for master mode") Reported-by: Andreas Henriksson <andreas(a)fatal.se> Signed-off-by: Fabio Estevam <festevam(a)denx.de> --- sound/soc/fsl/fsl_sai.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/sound/soc/fsl/fsl_sai.c b/sound/soc/fsl/fsl_sai.c index 5e09f634c61b..54b4bf3744c6 100644 --- a/sound/soc/fsl/fsl_sai.c +++ b/sound/soc/fsl/fsl_sai.c @@ -507,12 +507,6 @@ static int fsl_sai_set_bclk(struct snd_soc_dai *dai, bool tx, u32 freq) savediv / 2 - 1); } - if (sai->soc_data->max_register >= FSL_SAI_MCTL) { - /* SAI is in master mode at this point, so enable MCLK */ - regmap_update_bits(sai->regmap, FSL_SAI_MCTL, - FSL_SAI_MCTL_MCLK_EN, FSL_SAI_MCTL_MCLK_EN); - } - return 0; } -- 2.34.1

2 years, 5 months

2
1
0 0

Re: Patch "mmc: core: Support zeroout using TRIM for eMMC" has been added to the 5.15-stable tree

by Vincent Whitchurch

On Sun, 2023-07-09 at 02:12 -0400, Sasha Levin wrote: > This is a note to let you know that I've just added the patch titled > > mmc: core: Support zeroout using TRIM for eMMC > > to the 5.15-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > mmc-core-support-zeroout-using-trim-for-emmc.patch > and it can be found in the queue-5.15 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit e71c90bcc65727d323b9a3cb40b263db7be5ee4c > Author: Vincent Whitchurch <vincent.whitchurch(a)axis.com> > Date: Fri Apr 29 17:21:18 2022 +0200 > > mmc: core: Support zeroout using TRIM for eMMC > > > [ Upstream commit f7b6fc327327698924ef3afa0c3e87a5b7466af3 ] > > > If an eMMC card supports TRIM and indicates that it erases to zeros, we can > use it to support hardware offloading of REQ_OP_WRITE_ZEROES, so let's add > support for this. > > > Signed-off-by: Vincent Whitchurch <vincent.whitchurch(a)axis.com> > Reviewed-by: Avri Altman <Avri.Altman(a)wdc.com> > Link: https://lore.kernel.org/r/20220429152118.3617303-1-vincent.whitchurch@axis.… > Signed-off-by: Ulf Hansson <ulf.hansson(a)linaro.org> > Stable-dep-of: c467c8f08185 ("mmc: Add MMC_QUIRK_BROKEN_SD_CACHE for Kingston Canvas Go Plus from 11/2019") > Signed-off-by: Sasha Levin <sashal(a)kernel.org> I still[0] prefer that this not be backported to stable. [0] https://lore.kernel.org/all/Y1owQYlr+vfxEmS8@axis.com/

2 years, 5 months

2
1
0 0

[RESEND] gpio: ws16c48: Fix off-by-one error in WS16C48 resource region extent

by William Breathitt Gray

The WinSystems WS16C48 I/O address region spans offsets 0x0 through 0xA, which is a total of 11 bytes. Fix the WS16C48_EXTENT define to the correct value of 11 so that access to necessary device registers is properly requested in the ws16c48_probe() callback by the devm_request_region() function call. Fixes: 2c05a0f29f41 ("gpio: ws16c48: Implement and utilize register structures") Cc: stable(a)vger.kernel.org Cc: Paul Demetrotion <pdemetrotion(a)winsystems.com> Signed-off-by: William Breathitt Gray <william.gray(a)linaro.org> --- drivers/gpio/gpio-ws16c48.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpio/gpio-ws16c48.c b/drivers/gpio/gpio-ws16c48.c index e73885a4dc32..afb42a8e916f 100644 --- a/drivers/gpio/gpio-ws16c48.c +++ b/drivers/gpio/gpio-ws16c48.c @@ -18,7 +18,7 @@ #include <linux/spinlock.h> #include <linux/types.h> -#define WS16C48_EXTENT 10 +#define WS16C48_EXTENT 11 #define MAX_NUM_WS16C48 max_num_isa_dev(WS16C48_EXTENT) static unsigned int base[MAX_NUM_WS16C48]; base-commit: 4827aae061337251bb91801b316157a78b845ec7 -- 2.39.2

2 years, 5 months

2
5
0 0

[PATCH] arm64: dts: stratix10: fix incorrect I2C property for SCL signal

by Dinh Nguyen

The correct dts property for the SCL falling time is "i2c-scl-falling-time-ns". Fixes: c8da1d15b8a4 ("arm64: dts: stratix10: i2c clock running out of spec") Cc: stable(a)vger.kernel.org Signed-off-by: Dinh Nguyen <dinguyen(a)kernel.org> --- arch/arm64/boot/dts/altera/socfpga_stratix10_socdk.dts | 2 +- arch/arm64/boot/dts/altera/socfpga_stratix10_socdk_nand.dts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk.dts b/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk.dts index 38ae674f2f02..3037f58057c9 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk.dts +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk.dts @@ -145,7 +145,7 @@ &i2c1 { status = "okay"; clock-frequency = <100000>; i2c-sda-falling-time-ns = <890>; /* hcnt */ - i2c-sdl-falling-time-ns = <890>; /* lcnt */ + i2c-scl-falling-time-ns = <890>; /* lcnt */ pinctrl-names = "default", "gpio"; pinctrl-0 = <&i2c1_pmx_func>; diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk_nand.dts b/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk_nand.dts index ede99dcc0558..f4cf30bac557 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk_nand.dts +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10_socdk_nand.dts @@ -141,7 +141,7 @@ &i2c2 { status = "okay"; clock-frequency = <100000>; i2c-sda-falling-time-ns = <890>; /* hcnt */ - i2c-sdl-falling-time-ns = <890>; /* lcnt */ + i2c-scl-falling-time-ns = <890>; /* lcnt */ adc@14 { compatible = "lltc,ltc2497"; -- 2.25.1

2 years, 5 months

1
0
0 0

[PATCH AUTOSEL 6.1 01/15] wifi: cfg80211: remove links only on AP

by Sasha Levin

From: Johannes Berg <johannes.berg(a)intel.com> [ Upstream commit 34d4e3eb67fed9c19719bedb748e5a8b6ccc97a5 ] Since links are only controlled by userspace via cfg80211 in AP mode, also only remove them from the driver in that case. Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Gregory Greenman <gregory.greenman(a)intel.com> Link: https://lore.kernel.org/r/20230608163202.ed65b94916fa.I2458c46888284cc5ce30… Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/wireless/util.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/net/wireless/util.c b/net/wireless/util.c index 39680e7bad45a..f433f3fdd9e94 100644 --- a/net/wireless/util.c +++ b/net/wireless/util.c @@ -5,7 +5,7 @@ * Copyright 2007-2009 Johannes Berg <johannes(a)sipsolutions.net> * Copyright 2013-2014 Intel Mobile Communications GmbH * Copyright 2017 Intel Deutschland GmbH - * Copyright (C) 2018-2022 Intel Corporation + * Copyright (C) 2018-2023 Intel Corporation */ #include <linux/export.h> #include <linux/bitops.h> @@ -2479,6 +2479,13 @@ void cfg80211_remove_links(struct wireless_dev *wdev) { unsigned int link_id; + /* + * links are controlled by upper layers (userspace/cfg) + * only for AP mode, so only remove them here for AP + */ + if (wdev->iftype != NL80211_IFTYPE_AP) + return; + wdev_lock(wdev); if (wdev->valid_links) { for_each_valid_link(wdev, link_id) -- 2.39.2

2 years, 5 months

2
15
0 0

FAILED: patch "[PATCH] btrfs: do not BUG_ON() on tree mod log failure at" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071152-quaintly-ventricle-7673@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:41 +0100 Subject: [PATCH] btrfs: do not BUG_ON() on tree mod log failure at balance_level() At balance_level(), instead of doing a BUG_ON() in case we fail to record tree mod log operations, do a transaction abort and return the error to the callers. There's really no need for the BUG_ON() as we can release all resources in this context, and we have to abort because other future tree searches that use the tree mod log (btrfs_search_old_slot()) may get inconsistent results if other operations modify the tree after that failure and before the tree mod log based search. CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index d6c29564ce49..d60b28c6bd1b 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1054,7 +1054,12 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, } ret = btrfs_tree_mod_log_insert_root(root->node, child, true); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_tree_unlock(child); + free_extent_buffer(child); + btrfs_abort_transaction(trans, ret); + goto enospc; + } rcu_assign_pointer(root->node, child); add_root_to_dirty_list(root); @@ -1142,7 +1147,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(right, &right_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot + 1, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &right_key, pslot + 1); btrfs_mark_buffer_dirty(parent); } @@ -1188,7 +1196,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(mid, &mid_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &mid_key, pslot); btrfs_mark_buffer_dirty(parent); }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: do not BUG_ON() on tree mod log failure at" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071151-caddy-carded-8f7a@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:41 +0100 Subject: [PATCH] btrfs: do not BUG_ON() on tree mod log failure at balance_level() At balance_level(), instead of doing a BUG_ON() in case we fail to record tree mod log operations, do a transaction abort and return the error to the callers. There's really no need for the BUG_ON() as we can release all resources in this context, and we have to abort because other future tree searches that use the tree mod log (btrfs_search_old_slot()) may get inconsistent results if other operations modify the tree after that failure and before the tree mod log based search. CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index d6c29564ce49..d60b28c6bd1b 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1054,7 +1054,12 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, } ret = btrfs_tree_mod_log_insert_root(root->node, child, true); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_tree_unlock(child); + free_extent_buffer(child); + btrfs_abort_transaction(trans, ret); + goto enospc; + } rcu_assign_pointer(root->node, child); add_root_to_dirty_list(root); @@ -1142,7 +1147,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(right, &right_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot + 1, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &right_key, pslot + 1); btrfs_mark_buffer_dirty(parent); } @@ -1188,7 +1196,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(mid, &mid_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &mid_key, pslot); btrfs_mark_buffer_dirty(parent); }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: do not BUG_ON() on tree mod log failure at" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071150-unlisted-vest-1c92@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:41 +0100 Subject: [PATCH] btrfs: do not BUG_ON() on tree mod log failure at balance_level() At balance_level(), instead of doing a BUG_ON() in case we fail to record tree mod log operations, do a transaction abort and return the error to the callers. There's really no need for the BUG_ON() as we can release all resources in this context, and we have to abort because other future tree searches that use the tree mod log (btrfs_search_old_slot()) may get inconsistent results if other operations modify the tree after that failure and before the tree mod log based search. CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index d6c29564ce49..d60b28c6bd1b 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1054,7 +1054,12 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, } ret = btrfs_tree_mod_log_insert_root(root->node, child, true); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_tree_unlock(child); + free_extent_buffer(child); + btrfs_abort_transaction(trans, ret); + goto enospc; + } rcu_assign_pointer(root->node, child); add_root_to_dirty_list(root); @@ -1142,7 +1147,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(right, &right_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot + 1, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &right_key, pslot + 1); btrfs_mark_buffer_dirty(parent); } @@ -1188,7 +1196,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(mid, &mid_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &mid_key, pslot); btrfs_mark_buffer_dirty(parent); }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: do not BUG_ON() on tree mod log failure at" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071150-kung-earthen-c1c4@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 39020d8abc7ec62c4de9b260e3d10d4a1c2478ce Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 8 Jun 2023 11:27:41 +0100 Subject: [PATCH] btrfs: do not BUG_ON() on tree mod log failure at balance_level() At balance_level(), instead of doing a BUG_ON() in case we fail to record tree mod log operations, do a transaction abort and return the error to the callers. There's really no need for the BUG_ON() as we can release all resources in this context, and we have to abort because other future tree searches that use the tree mod log (btrfs_search_old_slot()) may get inconsistent results if other operations modify the tree after that failure and before the tree mod log based search. CC: stable(a)vger.kernel.org # 5.4+ Reviewed-by: Qu Wenruo <wqu(a)suse.com> Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index d6c29564ce49..d60b28c6bd1b 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1054,7 +1054,12 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, } ret = btrfs_tree_mod_log_insert_root(root->node, child, true); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_tree_unlock(child); + free_extent_buffer(child); + btrfs_abort_transaction(trans, ret); + goto enospc; + } rcu_assign_pointer(root->node, child); add_root_to_dirty_list(root); @@ -1142,7 +1147,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(right, &right_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot + 1, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &right_key, pslot + 1); btrfs_mark_buffer_dirty(parent); } @@ -1188,7 +1196,10 @@ static noinline int balance_level(struct btrfs_trans_handle *trans, btrfs_node_key(mid, &mid_key, 0); ret = btrfs_tree_mod_log_insert_key(parent, pslot, BTRFS_MOD_LOG_KEY_REPLACE); - BUG_ON(ret < 0); + if (ret < 0) { + btrfs_abort_transaction(trans, ret); + goto enospc; + } btrfs_set_node_key(parent, &mid_key, pslot); btrfs_mark_buffer_dirty(parent); }

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race when deleting free space root from the dirty" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.14.y git checkout FETCH_HEAD git cherry-pick -x babebf023e661b90b1c78b2baa384fb03a226879 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071143-scared-ocean-7463@gregkh' --subject-prefix 'PATCH 4.14.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From babebf023e661b90b1c78b2baa384fb03a226879 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:48 +0100 Subject: [PATCH] btrfs: fix race when deleting free space root from the dirty cow roots list When deleting the free space tree we are deleting the free space root from the list fs_info->dirty_cowonly_roots without taking the lock that protects it, which is struct btrfs_fs_info::trans_lock. This unsynchronized list manipulation may cause chaos if there's another concurrent manipulation of this list, such as when adding a root to it with ctree.c:add_root_to_dirty_list(). This can result in all sorts of weird failures caused by a race, such as the following crash: [337571.278245] general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] PREEMPT SMP PTI [337571.278933] CPU: 1 PID: 115447 Comm: btrfs Tainted: G W 6.4.0-rc6-btrfs-next-134+ #1 [337571.279153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [337571.279572] RIP: 0010:commit_cowonly_roots+0x11f/0x250 [btrfs] [337571.279928] Code: 85 38 06 00 (...) [337571.280363] RSP: 0018:ffff9f63446efba0 EFLAGS: 00010206 [337571.280582] RAX: ffff942d98ec2638 RBX: ffff9430b82b4c30 RCX: 0000000449e1c000 [337571.280798] RDX: dead000000000100 RSI: ffff9430021e4900 RDI: 0000000000036070 [337571.281015] RBP: ffff942d98ec2000 R08: ffff942d98ec2000 R09: 000000000000015b [337571.281254] R10: 0000000000000009 R11: 0000000000000001 R12: ffff942fe8fbf600 [337571.281476] R13: ffff942dabe23040 R14: ffff942dabe20800 R15: ffff942d92cf3b48 [337571.281723] FS: 00007f478adb7340(0000) GS:ffff94349fa40000(0000) knlGS:0000000000000000 [337571.281950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [337571.282184] CR2: 00007f478ab9a3d5 CR3: 000000001e02c001 CR4: 0000000000370ee0 [337571.282416] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [337571.282647] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [337571.282874] Call Trace: [337571.283101] <TASK> [337571.283327] ? __die_body+0x1b/0x60 [337571.283570] ? die_addr+0x39/0x60 [337571.283796] ? exc_general_protection+0x22e/0x430 [337571.284022] ? asm_exc_general_protection+0x22/0x30 [337571.284251] ? commit_cowonly_roots+0x11f/0x250 [btrfs] [337571.284531] btrfs_commit_transaction+0x42e/0xf90 [btrfs] [337571.284803] ? _raw_spin_unlock+0x15/0x30 [337571.285031] ? release_extent_buffer+0x103/0x130 [btrfs] [337571.285305] reset_balance_state+0x152/0x1b0 [btrfs] [337571.285578] btrfs_balance+0xa50/0x11e0 [btrfs] [337571.285864] ? __kmem_cache_alloc_node+0x14a/0x410 [337571.286086] btrfs_ioctl+0x249a/0x3320 [btrfs] [337571.286358] ? mod_objcg_state+0xd2/0x360 [337571.286577] ? refill_obj_stock+0xb0/0x160 [337571.286798] ? seq_release+0x25/0x30 [337571.287016] ? __rseq_handle_notify_resume+0x3ba/0x4b0 [337571.287235] ? percpu_counter_add_batch+0x2e/0xa0 [337571.287455] ? __x64_sys_ioctl+0x88/0xc0 [337571.287675] __x64_sys_ioctl+0x88/0xc0 [337571.287901] do_syscall_64+0x38/0x90 [337571.288126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [337571.288352] RIP: 0033:0x7f478aaffe9b So fix this by locking struct btrfs_fs_info::trans_lock before deleting the free space root from that list. Fixes: a5ed91828518 ("Btrfs: implement the free space B-tree") CC: stable(a)vger.kernel.org # 4.14+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/free-space-tree.c b/fs/btrfs/free-space-tree.c index b21da1446f2a..045ddce32eca 100644 --- a/fs/btrfs/free-space-tree.c +++ b/fs/btrfs/free-space-tree.c @@ -1280,7 +1280,10 @@ int btrfs_delete_free_space_tree(struct btrfs_fs_info *fs_info) goto abort; btrfs_global_root_delete(free_space_root); + + spin_lock(&fs_info->trans_lock); list_del(&free_space_root->dirty_list); + spin_unlock(&fs_info->trans_lock); btrfs_tree_lock(free_space_root->node); btrfs_clear_buffer_dirty(trans, free_space_root->node);

2 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: fix race when deleting free space root from the dirty" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x babebf023e661b90b1c78b2baa384fb03a226879 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2023071142-legislate-unlearned-6778@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From babebf023e661b90b1c78b2baa384fb03a226879 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Mon, 19 Jun 2023 17:21:48 +0100 Subject: [PATCH] btrfs: fix race when deleting free space root from the dirty cow roots list When deleting the free space tree we are deleting the free space root from the list fs_info->dirty_cowonly_roots without taking the lock that protects it, which is struct btrfs_fs_info::trans_lock. This unsynchronized list manipulation may cause chaos if there's another concurrent manipulation of this list, such as when adding a root to it with ctree.c:add_root_to_dirty_list(). This can result in all sorts of weird failures caused by a race, such as the following crash: [337571.278245] general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] PREEMPT SMP PTI [337571.278933] CPU: 1 PID: 115447 Comm: btrfs Tainted: G W 6.4.0-rc6-btrfs-next-134+ #1 [337571.279153] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [337571.279572] RIP: 0010:commit_cowonly_roots+0x11f/0x250 [btrfs] [337571.279928] Code: 85 38 06 00 (...) [337571.280363] RSP: 0018:ffff9f63446efba0 EFLAGS: 00010206 [337571.280582] RAX: ffff942d98ec2638 RBX: ffff9430b82b4c30 RCX: 0000000449e1c000 [337571.280798] RDX: dead000000000100 RSI: ffff9430021e4900 RDI: 0000000000036070 [337571.281015] RBP: ffff942d98ec2000 R08: ffff942d98ec2000 R09: 000000000000015b [337571.281254] R10: 0000000000000009 R11: 0000000000000001 R12: ffff942fe8fbf600 [337571.281476] R13: ffff942dabe23040 R14: ffff942dabe20800 R15: ffff942d92cf3b48 [337571.281723] FS: 00007f478adb7340(0000) GS:ffff94349fa40000(0000) knlGS:0000000000000000 [337571.281950] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [337571.282184] CR2: 00007f478ab9a3d5 CR3: 000000001e02c001 CR4: 0000000000370ee0 [337571.282416] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [337571.282647] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [337571.282874] Call Trace: [337571.283101] <TASK> [337571.283327] ? __die_body+0x1b/0x60 [337571.283570] ? die_addr+0x39/0x60 [337571.283796] ? exc_general_protection+0x22e/0x430 [337571.284022] ? asm_exc_general_protection+0x22/0x30 [337571.284251] ? commit_cowonly_roots+0x11f/0x250 [btrfs] [337571.284531] btrfs_commit_transaction+0x42e/0xf90 [btrfs] [337571.284803] ? _raw_spin_unlock+0x15/0x30 [337571.285031] ? release_extent_buffer+0x103/0x130 [btrfs] [337571.285305] reset_balance_state+0x152/0x1b0 [btrfs] [337571.285578] btrfs_balance+0xa50/0x11e0 [btrfs] [337571.285864] ? __kmem_cache_alloc_node+0x14a/0x410 [337571.286086] btrfs_ioctl+0x249a/0x3320 [btrfs] [337571.286358] ? mod_objcg_state+0xd2/0x360 [337571.286577] ? refill_obj_stock+0xb0/0x160 [337571.286798] ? seq_release+0x25/0x30 [337571.287016] ? __rseq_handle_notify_resume+0x3ba/0x4b0 [337571.287235] ? percpu_counter_add_batch+0x2e/0xa0 [337571.287455] ? __x64_sys_ioctl+0x88/0xc0 [337571.287675] __x64_sys_ioctl+0x88/0xc0 [337571.287901] do_syscall_64+0x38/0x90 [337571.288126] entry_SYSCALL_64_after_hwframe+0x72/0xdc [337571.288352] RIP: 0033:0x7f478aaffe9b So fix this by locking struct btrfs_fs_info::trans_lock before deleting the free space root from that list. Fixes: a5ed91828518 ("Btrfs: implement the free space B-tree") CC: stable(a)vger.kernel.org # 4.14+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/free-space-tree.c b/fs/btrfs/free-space-tree.c index b21da1446f2a..045ddce32eca 100644 --- a/fs/btrfs/free-space-tree.c +++ b/fs/btrfs/free-space-tree.c @@ -1280,7 +1280,10 @@ int btrfs_delete_free_space_tree(struct btrfs_fs_info *fs_info) goto abort; btrfs_global_root_delete(free_space_root); + + spin_lock(&fs_info->trans_lock); list_del(&free_space_root->dirty_list); + spin_unlock(&fs_info->trans_lock); btrfs_tree_lock(free_space_root->node); btrfs_clear_buffer_dirty(trans, free_space_root->node);

2 years, 5 months

1
0
0 0