February 2020 - Linux-stable-mirror

FAILED: patch "[PATCH] dm: fix potential for q->make_request_fn NULL pointer" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 47ace7e012b9f7ad71d43ac9063d335ea3d6820b Mon Sep 17 00:00:00 2001 From: Mike Snitzer <snitzer(a)redhat.com> Date: Mon, 27 Jan 2020 14:07:23 -0500 Subject: [PATCH] dm: fix potential for q->make_request_fn NULL pointer Move blk_queue_make_request() to dm.c:alloc_dev() so that q->make_request_fn is never NULL during the lifetime of a DM device (even one that is created without a DM table). Otherwise generic_make_request() will crash simply by doing: dmsetup create -n test mount /dev/dm-N /mnt While at it, move ->congested_data initialization out of dm.c:alloc_dev() and into the bio-based specific init method. Reported-by: Stefan Bader <stefan.bader(a)canonical.com> BugLink: https://bugs.launchpad.net/bugs/1860231 Fixes: ff36ab34583a ("dm: remove request-based logic from make_request_fn wrapper") Depends-on: c12c9a3c3860c ("dm: various cleanups to md->queue initialization code") Cc: stable(a)vger.kernel.org Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> diff --git a/drivers/md/dm.c b/drivers/md/dm.c index e8f9661a10a1..b89f07ee2eff 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -1859,6 +1859,7 @@ static void dm_init_normal_md_queue(struct mapped_device *md) /* * Initialize aspects of queue that aren't relevant for blk-mq */ + md->queue->backing_dev_info->congested_data = md; md->queue->backing_dev_info->congested_fn = dm_any_congested; } @@ -1949,7 +1950,12 @@ static struct mapped_device *alloc_dev(int minor) if (!md->queue) goto bad; md->queue->queuedata = md; - md->queue->backing_dev_info->congested_data = md; + /* + * default to bio-based required ->make_request_fn until DM + * table is loaded and md->type established. If request-based + * table is loaded: blk-mq will override accordingly. + */ + blk_queue_make_request(md->queue, dm_make_request); md->disk = alloc_disk_node(1, md->numa_node_id); if (!md->disk) @@ -2264,7 +2270,6 @@ int dm_setup_md_queue(struct mapped_device *md, struct dm_table *t) case DM_TYPE_DAX_BIO_BASED: case DM_TYPE_NVME_BIO_BASED: dm_init_normal_md_queue(md); - blk_queue_make_request(md->queue, dm_make_request); break; case DM_TYPE_NONE: WARN_ON_ONCE(true);

4 years, 10 months

1
0
0 0

FAILED: patch "[PATCH] dm: fix potential for q->make_request_fn NULL pointer" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 47ace7e012b9f7ad71d43ac9063d335ea3d6820b Mon Sep 17 00:00:00 2001 From: Mike Snitzer <snitzer(a)redhat.com> Date: Mon, 27 Jan 2020 14:07:23 -0500 Subject: [PATCH] dm: fix potential for q->make_request_fn NULL pointer Move blk_queue_make_request() to dm.c:alloc_dev() so that q->make_request_fn is never NULL during the lifetime of a DM device (even one that is created without a DM table). Otherwise generic_make_request() will crash simply by doing: dmsetup create -n test mount /dev/dm-N /mnt While at it, move ->congested_data initialization out of dm.c:alloc_dev() and into the bio-based specific init method. Reported-by: Stefan Bader <stefan.bader(a)canonical.com> BugLink: https://bugs.launchpad.net/bugs/1860231 Fixes: ff36ab34583a ("dm: remove request-based logic from make_request_fn wrapper") Depends-on: c12c9a3c3860c ("dm: various cleanups to md->queue initialization code") Cc: stable(a)vger.kernel.org Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> diff --git a/drivers/md/dm.c b/drivers/md/dm.c index e8f9661a10a1..b89f07ee2eff 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -1859,6 +1859,7 @@ static void dm_init_normal_md_queue(struct mapped_device *md) /* * Initialize aspects of queue that aren't relevant for blk-mq */ + md->queue->backing_dev_info->congested_data = md; md->queue->backing_dev_info->congested_fn = dm_any_congested; } @@ -1949,7 +1950,12 @@ static struct mapped_device *alloc_dev(int minor) if (!md->queue) goto bad; md->queue->queuedata = md; - md->queue->backing_dev_info->congested_data = md; + /* + * default to bio-based required ->make_request_fn until DM + * table is loaded and md->type established. If request-based + * table is loaded: blk-mq will override accordingly. + */ + blk_queue_make_request(md->queue, dm_make_request); md->disk = alloc_disk_node(1, md->numa_node_id); if (!md->disk) @@ -2264,7 +2270,6 @@ int dm_setup_md_queue(struct mapped_device *md, struct dm_table *t) case DM_TYPE_DAX_BIO_BASED: case DM_TYPE_NVME_BIO_BASED: dm_init_normal_md_queue(md); - blk_queue_make_request(md->queue, dm_make_request); break; case DM_TYPE_NONE: WARN_ON_ONCE(true);

4 years, 10 months

1
0
0 0

[PATCH 4.19 000/114] 4.19.93-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.19.93 release. There are 114 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat, 04 Jan 2020 21:58:48 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.93-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.19.93-rc1 Hans de Goede <hdegoede(a)redhat.com> pinctrl: baytrail: Really serialize all register accesses David Engraf <david.engraf(a)sysgo.com> tty/serial: atmel: fix out of range clock divider handling Christophe Leroy <christophe.leroy(a)c-s.fr> spi: fsl: don't map irq during probe Taehee Yoo <ap420073(a)gmail.com> gtp: avoid zero size hashtable Taehee Yoo <ap420073(a)gmail.com> gtp: fix an use-after-free in ipv4_pdp_find() Taehee Yoo <ap420073(a)gmail.com> gtp: fix wrong condition in gtp_genl_dump_pdp() Eric Dumazet <edumazet(a)google.com> tcp: do not send empty skb from tcp_write_xmit() Eric Dumazet <edumazet(a)google.com> tcp/dccp: fix possible race __inet_lookup_established() Russell King <rmk+kernel(a)armlinux.org.uk> net: marvell: mvpp2: phylink requires the link interrupt Taehee Yoo <ap420073(a)gmail.com> gtp: do not allow adding duplicate tid and ms_addr pdp context Hangbin Liu <liuhangbin(a)gmail.com> net/dst: do not confirm neighbor for vxlan and geneve pmtu update Hangbin Liu <liuhangbin(a)gmail.com> sit: do not confirm neighbor when do pmtu update Hangbin Liu <liuhangbin(a)gmail.com> vti: do not confirm neighbor when do pmtu update Hangbin Liu <liuhangbin(a)gmail.com> tunnel: do not confirm neighbor when do pmtu update Hangbin Liu <liuhangbin(a)gmail.com> net/dst: add new function skb_dst_update_pmtu_no_confirm Hangbin Liu <liuhangbin(a)gmail.com> gtp: do not confirm neighbor when do pmtu update Hangbin Liu <liuhangbin(a)gmail.com> ip6_gre: do not confirm neighbor when do pmtu update Hangbin Liu <liuhangbin(a)gmail.com> net: add bool confirm_neigh parameter for dst_ops.update_pmtu Stefano Garzarella <sgarzare(a)redhat.com> vhost/vsock: accept only packets with the right dst_cid Antonio Messina <amessina(a)google.com> udp: fix integer overflow while computing available space in sk_rcvbuf Cambda Zhu <cambda(a)linux.alibaba.com> tcp: Fix highest_sack and highest_sack_seq Vladis Dronov <vdronov(a)redhat.com> ptp: fix the race between the release of ptp_clock and cdev Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs Vladyslav Tarasiuk <vladyslavt(a)mellanox.com> net/mlxfw: Fix out-of-memory error in mfa2 flash burning Netanel Belgazal <netanel(a)amazon.com> net: ena: fix napi handler misbehavior when the napi budget is zero Eric Dumazet <edumazet(a)google.com> hrtimer: Annotate lockless access to timer->state Eric Dumazet <edumazet(a)google.com> net: icmp: fix data-race in cmp_global_allow() Eric Dumazet <edumazet(a)google.com> net: add a READ_ONCE() in skb_peek_tail() Eric Dumazet <edumazet(a)google.com> inetpeer: fix data-race in inet_putpeer / inet_putpeer Eric Dumazet <edumazet(a)google.com> netfilter: bridge: make sure to pull arp header in br_nf_forward_arp() Eric Dumazet <edumazet(a)google.com> 6pack,mkiss: fix possible deadlock Florian Westphal <fw(a)strlen.de> netfilter: ebtables: compat: reject all padding in matches/watchers Logan Gunthorpe <logang(a)deltatee.com> PCI/switchtec: Read all 64 bits of part_event_bitmap Linus Torvalds <torvalds(a)linux-foundation.org> filldir[64]: remove WARN_ON_ONCE() for bad directory entries Linus Torvalds <torvalds(a)linux-foundation.org> Make filldir[64]() verify the directory entry filename is valid Mattias Jacobsson <2pi(a)mok.nu> perf strbuf: Remove redundant va_end() in strbuf_addv() Mahesh Bandewar <maheshb(a)google.com> bonding: fix active-backup transition after link failure Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Downgrade error message for single-cmd fallback Marco Oliverio <marco.oliverio(a)tanaza.com> netfilter: nf_queue: enqueue skbs with NULL dst Alexander Lobakin <alobakin(a)dlink.ru> net, sysctl: Fix compiler warning when only cBPF is present Jan H. Schönherr <jschoenh(a)amazon.de> x86/mce: Fix possibly incorrect severity calculation on AMD Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "powerpc/vcpu: Assume dedicated processors as non-preempt" Mike Rapoport <rppt(a)linux.ibm.com> userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK Johannes Weiner <hannes(a)cmpxchg.org> kernel: sysctl: make drop_caches write-only Daniel Baluta <daniel.baluta(a)nxp.com> mailbox: imx: Fix Tx doorbell shutdown path Ding Xiang <dingxiang(a)cmss.chinamobile.com> ocfs2: fix passing zero to 'PTR_ERR' warning Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Check for SDBT and SDB consistency Masahiro Yamada <yamada.masahiro(a)socionext.com> libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h Harald Freudenberger <freude(a)linux.ibm.com> s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR Arnaldo Carvalho de Melo <acme(a)redhat.com> perf regs: Make perf_reg_name() return "unknown" instead of NULL Adrian Hunter <adrian.hunter(a)intel.com> perf script: Fix brstackinsn for AUXTRACE Diego Elio Pettenò <flameeyes(a)flameeyes.com> cdrom: respect device capabilities during opening action Chengguang Xu <cgxu519(a)mykernel.net> f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() Nathan Chancellor <natechancellor(a)gmail.com> powerpc: Don't add -mabi= flags when building with Clang Masahiro Yamada <yamada.masahiro(a)socionext.com> scripts/kallsyms: fix definitely-lost memory leak Colin Ian King <colin.king(a)canonical.com> apparmor: fix unsigned len comparison with less than zero Vladimir Oltean <vladimir.oltean(a)nxp.com> gpio: mpc8xxx: Don't overwrite default irq_set_type callback Bart Van Assche <bvanassche(a)acm.org> scsi: target: iscsi: Wait for all commands to finish before freeing a session Anatol Pomazau <anatol(a)google.com> scsi: iscsi: Don't send data to unbound connection Finn Thain <fthain(a)telegraphics.com.au> scsi: NCR5380: Add disconnect_mask module parameter Maurizio Lombardi <mlombard(a)redhat.com> scsi: scsi_debug: num_tgts must be >= 0 Subhash Jadavani <subhashj(a)codeaurora.org> scsi: ufs: Fix error handing during hibern8 enter peter chang <dpf(a)google.com> scsi: pm80xx: Fix for SATA device discovery Kevin Hao <haokexin(a)gmail.com> watchdog: Fix the race between the release of watchdog_core_data and cdev Andrew Duggan <aduggan(a)synaptics.com> HID: rmi: Check that the RMI_STARTED bit is set before unregistering the RMI transport device Blaž Hrastnik <blaz(a)mxxn.io> HID: Improve Windows Precision Touchpad detection. Qian Cai <cai(a)lca.pw> libnvdimm/btt: fix variable 'rc' set but not used Doug Berger <opendmb(a)gmail.com> ARM: 8937/1: spectre-v2: remove Brahma-B53 from hardening Hans de Goede <hdegoede(a)redhat.com> HID: logitech-hidpp: Silence intermittent get_battery_capacity errors Jinke Fan <fanjinke(a)hygon.cn> HID: quirks: Add quirk for HP MSU1465 PIXART OEM mouse Coly Li <colyli(a)suse.de> bcache: at least try to shrink 1 node in bch_mca_scan() Robert Jarzmik <robert.jarzmik(a)free.fr> clk: pxa: fix one of the pxa RTC clocks Finn Thain <fthain(a)telegraphics.com.au> scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE Gustavo L. F. Walbon <gwalbon(a)linux.ibm.com> powerpc/security: Fix wrong message when RFI Flush is disable Tyrel Datwyler <tyreld(a)linux.ibm.com> PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info Tyrel Datwyler <tyreld(a)linux.ibm.com> PCI: rpaphp: Annotate and correctly byte swap DRC properties Tyrel Datwyler <tyreld(a)linux.ibm.com> PCI: rpaphp: Don't rely on firmware feature to imply drc-info support David Hildenbrand <david(a)redhat.com> powerpc/pseries/cmm: Implement release() function for sysfs device Bean Huo <beanhuo(a)micron.com> scsi: ufs: fix potential bug which ends in system hang Tyrel Datwyler <tyreld(a)linux.ibm.com> PCI: rpaphp: Fix up pointer to first drc-info entry James Smart <jsmart2021(a)gmail.com> scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences Konstantin Khlebnikov <khlebnikov(a)yandex-team.ru> fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long Lee Jones <lee.jones(a)linaro.org> mfd: mfd-core: Honour Device Tree's request to disable a child-device Paul Cercueil <paul(a)crapouillou.net> irqchip: ingenic: Error out if IRQ domain creation failed Florian Fainelli <f.fainelli(a)gmail.com> irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary Michael Hennerich <michael.hennerich(a)analog.com> clk: clk-gpio: propagate rate change to parent Jeffrey Hugo <jeffrey.l.hugo(a)gmail.com> clk: qcom: Allow constant ratio freq tables for rcg Chao Yu <yuchao0(a)huawei.com> f2fs: fix to update dir's i_pino during cross_rename James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow Bart Van Assche <bvanassche(a)acm.org> scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) Jan Kara <jack(a)suse.cz> jbd2: Fix statistics for the number of logged blocks Matthew Bobrowski <mbobrowski(a)mbobrowski.org> ext4: iomap that extends beyond EOF should be marked dirty Matthew Bobrowski <mbobrowski(a)mbobrowski.org> ext4: update direct I/O read lock pattern for IOCB_NOWAIT Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning Anthony Steinhauser <asteinhauser(a)google.com> powerpc/security/book3s64: Report L1TF status in sysfs Geert Uytterhoeven <geert+renesas(a)glider.be> clocksource/drivers/timer-of: Use unique device name instead of timer Chuhong Yuan <hslester96(a)gmail.com> clocksource/drivers/asm9260: Add a check for of_clk_get Guido Günther <agx(a)sigxcpu.org> leds: lm3692x: Handle failure to probe the regulator Eric Dumazet <edumazet(a)google.com> dma-debug: add a schedule point in debug_dma_dump_mappings() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/tools: Don't quote $objdump in scripts Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/pseries: Don't fail hash page table insert for bolted mapping Michael Ellerman <mpe(a)ellerman.id.au> powerpc/pseries: Mark accumulate_stolen_time() as notrace Xiang Chen <chenxiang66(a)hisilicon.com> scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: csiostor: Don't enable IRQs too early James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices David Disseldorp <ddiss(a)suse.de> scsi: target: compare full CHAP_A Algorithm strings Nicholas Graumann <nick.graumann(a)gmail.com> dmaengine: xilinx_dma: Clear desc_pendingcount in xilinx_dma_reset Thierry Reding <treding(a)nvidia.com> iommu/tegra-smmu: Fix page tables in > 4 GiB memory Ezequiel Garcia <ezequiel(a)collabora.com> iommu: rockchip: Free domain on .domain_free Chao Yu <yuchao0(a)huawei.com> f2fs: fix to update time in lazytime mode Evan Green <evgreen(a)chromium.org> Input: atmel_mxt_ts - disable IRQ across suspend James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix locking on mailbox command completion Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: Fix clear pending bit in ioctl status James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix discovery failures when target device connectivity bounces ------------- Diffstat: Makefile | 4 +- arch/arm/boot/compressed/libfdt_env.h | 4 +- arch/arm/mm/proc-v7-bugs.c | 3 + arch/powerpc/Makefile | 4 + arch/powerpc/boot/libfdt_env.h | 2 + arch/powerpc/include/asm/spinlock.h | 4 +- arch/powerpc/kernel/security.c | 21 ++-- arch/powerpc/kernel/time.c | 2 +- arch/powerpc/mm/hash_utils_64.c | 10 +- arch/powerpc/platforms/pseries/cmm.c | 5 + arch/powerpc/platforms/pseries/setup.c | 7 -- arch/powerpc/tools/relocs_check.sh | 2 +- arch/powerpc/tools/unrel_branch_check.sh | 4 +- arch/s390/kernel/perf_cpum_sf.c | 17 +++- arch/x86/kernel/cpu/mcheck/mce.c | 2 +- drivers/cdrom/cdrom.c | 12 ++- drivers/clk/clk-gpio.c | 2 +- drivers/clk/pxa/clk-pxa27x.c | 1 + drivers/clk/qcom/clk-rcg2.c | 2 + drivers/clk/qcom/common.c | 3 + drivers/clocksource/asm9260_timer.c | 4 + drivers/clocksource/timer-of.c | 2 +- drivers/dma/xilinx/xilinx_dma.c | 1 + drivers/gpio/gpio-mpc8xxx.c | 3 +- drivers/hid/hid-core.c | 4 + drivers/hid/hid-ids.h | 1 + drivers/hid/hid-logitech-hidpp.c | 3 + drivers/hid/hid-quirks.c | 1 + drivers/hid/hid-rmi.c | 3 +- drivers/input/touchscreen/atmel_mxt_ts.c | 4 + drivers/iommu/rockchip-iommu.c | 7 +- drivers/iommu/tegra-smmu.c | 11 +- drivers/irqchip/irq-bcm7038-l1.c | 4 + drivers/irqchip/irq-ingenic.c | 15 ++- drivers/leds/leds-lm3692x.c | 13 ++- drivers/mailbox/imx-mailbox.c | 4 +- drivers/md/bcache/btree.c | 2 + drivers/mfd/mfd-core.c | 5 + drivers/net/bonding/bond_main.c | 3 - drivers/net/ethernet/amazon/ena/ena_netdev.c | 10 +- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 2 +- drivers/net/ethernet/mellanox/mlxfw/mlxfw_mfa2.c | 7 +- .../net/ethernet/stmicro/stmmac/dwmac-meson8b.c | 14 ++- drivers/net/gtp.c | 111 ++++++++++++--------- drivers/net/hamradio/6pack.c | 4 +- drivers/net/hamradio/mkiss.c | 4 +- drivers/nvdimm/btt.c | 8 +- drivers/pci/hotplug/rpaphp_core.c | 38 +++---- drivers/pci/switch/switchtec.c | 2 +- drivers/pinctrl/intel/pinctrl-baytrail.c | 81 ++++++++------- drivers/ptp/ptp_clock.c | 31 +++--- drivers/ptp/ptp_private.h | 2 +- drivers/s390/crypto/zcrypt_error.h | 2 + drivers/scsi/NCR5380.c | 6 +- drivers/scsi/atari_scsi.c | 6 +- drivers/scsi/csiostor/csio_lnode.c | 15 +-- drivers/scsi/hisi_sas/hisi_sas_main.c | 8 +- drivers/scsi/iscsi_tcp.c | 8 ++ drivers/scsi/lpfc/lpfc_els.c | 2 +- drivers/scsi/lpfc/lpfc_hbadisc.c | 7 +- drivers/scsi/lpfc/lpfc_nportdisc.c | 4 +- drivers/scsi/lpfc/lpfc_sli.c | 15 ++- drivers/scsi/mac_scsi.c | 2 +- drivers/scsi/mpt3sas/mpt3sas_ctl.c | 3 +- drivers/scsi/pm8001/pm80xx_hwi.c | 2 + drivers/scsi/scsi_debug.c | 5 + drivers/scsi/scsi_trace.c | 11 +- drivers/scsi/sun3_scsi.c | 4 +- drivers/scsi/ufs/ufshcd.c | 21 ++-- drivers/spi/spi-fsl-spi.c | 5 +- drivers/target/iscsi/iscsi_target.c | 10 +- drivers/target/iscsi/iscsi_target_auth.c | 2 +- drivers/tty/serial/atmel_serial.c | 43 ++++---- drivers/vhost/vsock.c | 4 +- drivers/watchdog/watchdog_dev.c | 70 ++++++------- fs/ext4/inode.c | 16 ++- fs/f2fs/f2fs.h | 23 +++-- fs/f2fs/inode.c | 6 +- fs/f2fs/namei.c | 15 ++- fs/f2fs/super.c | 20 ++-- fs/jbd2/commit.c | 4 +- fs/ocfs2/acl.c | 4 +- fs/quota/dquot.c | 29 +++--- fs/readdir.c | 40 ++++++++ fs/userfaultfd.c | 18 ++-- include/linux/hrtimer.h | 14 ++- include/linux/libfdt_env.h | 3 + include/linux/posix-clock.h | 19 ++-- include/linux/quota.h | 2 +- include/linux/rculist_nulls.h | 37 +++++++ include/linux/skbuff.h | 6 +- include/net/dst.h | 13 ++- include/net/dst_ops.h | 3 +- include/net/inet_hashtables.h | 12 ++- include/net/sock.h | 5 + include/scsi/iscsi_proto.h | 1 + kernel/dma/debug.c | 1 + kernel/sysctl.c | 2 +- kernel/time/hrtimer.c | 11 +- kernel/time/posix-clock.c | 31 +++--- net/bridge/br_netfilter_hooks.c | 3 + net/bridge/br_nf_core.c | 3 +- net/bridge/netfilter/ebtables.c | 33 +++--- net/core/sysctl_net_core.c | 2 + net/decnet/dn_route.c | 6 +- net/ipv4/icmp.c | 11 +- net/ipv4/inet_connection_sock.c | 2 +- net/ipv4/inet_diag.c | 3 +- net/ipv4/inet_hashtables.c | 19 ++-- net/ipv4/inetpeer.c | 12 ++- net/ipv4/ip_tunnel.c | 2 +- net/ipv4/ip_vti.c | 2 +- net/ipv4/route.c | 9 +- net/ipv4/tcp_ipv4.c | 7 +- net/ipv4/tcp_output.c | 11 ++ net/ipv4/udp.c | 2 +- net/ipv4/xfrm4_policy.c | 5 +- net/ipv6/inet6_connection_sock.c | 2 +- net/ipv6/inet6_hashtables.c | 3 +- net/ipv6/ip6_gre.c | 2 +- net/ipv6/ip6_tunnel.c | 4 +- net/ipv6/ip6_vti.c | 2 +- net/ipv6/route.c | 22 ++-- net/ipv6/sit.c | 2 +- net/ipv6/xfrm6_policy.c | 5 +- net/netfilter/ipvs/ip_vs_xmit.c | 2 +- net/netfilter/nf_queue.c | 2 +- net/sctp/transport.c | 2 +- scripts/kallsyms.c | 2 + security/apparmor/label.c | 12 ++- sound/pci/hda/hda_controller.c | 2 +- tools/perf/builtin-script.c | 2 +- tools/perf/util/perf_regs.h | 2 +- tools/perf/util/strbuf.c | 1 - 134 files changed, 856 insertions(+), 450 deletions(-)

4 years, 10 months

8
133
0 0

FAILED: patch "[PATCH] ftrace: Protect ftrace_graph_hash with ftrace_sync" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 54a16ff6f2e50775145b210bcd94d62c3c2af117 Mon Sep 17 00:00:00 2001 From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> Date: Wed, 5 Feb 2020 09:20:32 -0500 Subject: [PATCH] ftrace: Protect ftrace_graph_hash with ftrace_sync As function_graph tracer can run when RCU is not "watching", it can not be protected by synchronize_rcu() it requires running a task on each CPU before it can be freed. Calling schedule_on_each_cpu(ftrace_sync) needs to be used. Link: https://lore.kernel.org/r/20200205131110.GT2935@paulmck-ThinkPad-P72 Cc: stable(a)vger.kernel.org Fixes: b9b0c831bed26 ("ftrace: Convert graph filter to use hash tables") Reported-by: "Paul E. McKenney" <paulmck(a)kernel.org> Reviewed-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 481ede3eac13..3f7ee102868a 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -5867,8 +5867,15 @@ ftrace_graph_release(struct inode *inode, struct file *file) mutex_unlock(&graph_lock); - /* Wait till all users are no longer using the old hash */ - synchronize_rcu(); + /* + * We need to do a hard force of sched synchronization. + * This is because we use preempt_disable() to do RCU, but + * the function tracers can be called where RCU is not watching + * (like before user_exit()). We can not rely on the RCU + * infrastructure to do the synchronization, thus we must do it + * ourselves. + */ + schedule_on_each_cpu(ftrace_sync); free_ftrace_hash(old_hash); } diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h index 8c52f5de9384..3c75d29bd861 100644 --- a/kernel/trace/trace.h +++ b/kernel/trace/trace.h @@ -979,6 +979,7 @@ static inline int ftrace_graph_addr(struct ftrace_graph_ent *trace) * Have to open code "rcu_dereference_sched()" because the * function graph tracer can be called when RCU is not * "watching". + * Protected with schedule_on_each_cpu(ftrace_sync) */ hash = rcu_dereference_protected(ftrace_graph_hash, !preemptible()); @@ -1031,6 +1032,7 @@ static inline int ftrace_graph_notrace_addr(unsigned long addr) * Have to open code "rcu_dereference_sched()" because the * function graph tracer can be called when RCU is not * "watching". + * Protected with schedule_on_each_cpu(ftrace_sync) */ notrace_hash = rcu_dereference_protected(ftrace_graph_notrace_hash, !preemptible());

4 years, 10 months

1
0
0 0

FAILED: patch "[PATCH] ftrace: Protect ftrace_graph_hash with ftrace_sync" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 54a16ff6f2e50775145b210bcd94d62c3c2af117 Mon Sep 17 00:00:00 2001 From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> Date: Wed, 5 Feb 2020 09:20:32 -0500 Subject: [PATCH] ftrace: Protect ftrace_graph_hash with ftrace_sync As function_graph tracer can run when RCU is not "watching", it can not be protected by synchronize_rcu() it requires running a task on each CPU before it can be freed. Calling schedule_on_each_cpu(ftrace_sync) needs to be used. Link: https://lore.kernel.org/r/20200205131110.GT2935@paulmck-ThinkPad-P72 Cc: stable(a)vger.kernel.org Fixes: b9b0c831bed26 ("ftrace: Convert graph filter to use hash tables") Reported-by: "Paul E. McKenney" <paulmck(a)kernel.org> Reviewed-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 481ede3eac13..3f7ee102868a 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -5867,8 +5867,15 @@ ftrace_graph_release(struct inode *inode, struct file *file) mutex_unlock(&graph_lock); - /* Wait till all users are no longer using the old hash */ - synchronize_rcu(); + /* + * We need to do a hard force of sched synchronization. + * This is because we use preempt_disable() to do RCU, but + * the function tracers can be called where RCU is not watching + * (like before user_exit()). We can not rely on the RCU + * infrastructure to do the synchronization, thus we must do it + * ourselves. + */ + schedule_on_each_cpu(ftrace_sync); free_ftrace_hash(old_hash); } diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h index 8c52f5de9384..3c75d29bd861 100644 --- a/kernel/trace/trace.h +++ b/kernel/trace/trace.h @@ -979,6 +979,7 @@ static inline int ftrace_graph_addr(struct ftrace_graph_ent *trace) * Have to open code "rcu_dereference_sched()" because the * function graph tracer can be called when RCU is not * "watching". + * Protected with schedule_on_each_cpu(ftrace_sync) */ hash = rcu_dereference_protected(ftrace_graph_hash, !preemptible()); @@ -1031,6 +1032,7 @@ static inline int ftrace_graph_notrace_addr(unsigned long addr) * Have to open code "rcu_dereference_sched()" because the * function graph tracer can be called when RCU is not * "watching". + * Protected with schedule_on_each_cpu(ftrace_sync) */ notrace_hash = rcu_dereference_protected(ftrace_graph_notrace_hash, !preemptible());

4 years, 10 months

1
0
0 0

FAILED: patch "[PATCH] ftrace: Protect ftrace_graph_hash with ftrace_sync" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 54a16ff6f2e50775145b210bcd94d62c3c2af117 Mon Sep 17 00:00:00 2001 From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> Date: Wed, 5 Feb 2020 09:20:32 -0500 Subject: [PATCH] ftrace: Protect ftrace_graph_hash with ftrace_sync As function_graph tracer can run when RCU is not "watching", it can not be protected by synchronize_rcu() it requires running a task on each CPU before it can be freed. Calling schedule_on_each_cpu(ftrace_sync) needs to be used. Link: https://lore.kernel.org/r/20200205131110.GT2935@paulmck-ThinkPad-P72 Cc: stable(a)vger.kernel.org Fixes: b9b0c831bed26 ("ftrace: Convert graph filter to use hash tables") Reported-by: "Paul E. McKenney" <paulmck(a)kernel.org> Reviewed-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 481ede3eac13..3f7ee102868a 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -5867,8 +5867,15 @@ ftrace_graph_release(struct inode *inode, struct file *file) mutex_unlock(&graph_lock); - /* Wait till all users are no longer using the old hash */ - synchronize_rcu(); + /* + * We need to do a hard force of sched synchronization. + * This is because we use preempt_disable() to do RCU, but + * the function tracers can be called where RCU is not watching + * (like before user_exit()). We can not rely on the RCU + * infrastructure to do the synchronization, thus we must do it + * ourselves. + */ + schedule_on_each_cpu(ftrace_sync); free_ftrace_hash(old_hash); } diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h index 8c52f5de9384..3c75d29bd861 100644 --- a/kernel/trace/trace.h +++ b/kernel/trace/trace.h @@ -979,6 +979,7 @@ static inline int ftrace_graph_addr(struct ftrace_graph_ent *trace) * Have to open code "rcu_dereference_sched()" because the * function graph tracer can be called when RCU is not * "watching". + * Protected with schedule_on_each_cpu(ftrace_sync) */ hash = rcu_dereference_protected(ftrace_graph_hash, !preemptible()); @@ -1031,6 +1032,7 @@ static inline int ftrace_graph_notrace_addr(unsigned long addr) * Have to open code "rcu_dereference_sched()" because the * function graph tracer can be called when RCU is not * "watching". + * Protected with schedule_on_each_cpu(ftrace_sync) */ notrace_hash = rcu_dereference_protected(ftrace_graph_notrace_hash, !preemptible());

4 years, 10 months

1
0
0 0

[4.4.y PATCH] Revert "ovl: modify ovl_permission() to do checks on two inodes"

by Ioanna Alifieraki

This reverts commit b24be4acd17a8963a29b2a92e1d80b9ddf759c95. Commit b24be4acd17a ("ovl: modify ovl_permission() to do checks on two inodes") (stable kernel id) breaks r/w access in overlayfs when setting ACL to files, in 4.4 stable kernel. There is an available reproducer in [1]. To reproduce the issue : $./make-overlay.sh $./test.sh st_mode is 100644 open failed: -1 cat: /tmp/overlay/animal: Permission denied <---- Breaks access -rw-r--r-- 1 jo jo 0 Oct 11 09:57 /tmp/overlay/animal There are two options to fix this; (a) backport commit ce31513a9114 ("ovl: copyattr after setting POSIX ACL") to 4.4 or (b) revert offending commit b24be4acd17a ("ovl: modify ovl_permission() to do checks on two inodes"). Following option (a) entails high risk of regression since commit ce31513a9114 ("ovl: copyattr after setting POSIX ACL") has many dependencies on other commits that need to be backported too (~18 commits). This patch proceeds with reverting commit b24be4acd17a ("ovl: modify ovl_permission() to do checks on two inodes"). The reverted commit is associated with CVE-2018-16597, however the test-script provided in [3] shows that 4.4 kernel is NOT affected by this cve and therefore it's safe to revert it. The offending commit was introduced upstream in v4.8-rc1. At this point had nothing to do with any CVE. It was related with CVE-2018-16597 as it was the fix for bug [2]. Later on it was backported to stable 4.4. The test-script [3] tests whether 4.4 kernel is affected by CVE-2018-16597. It tests the reproducer found in [2] plus a few more cases. The correct output of the script is failure with "Permission denied" when a normal user tries to overwrite root owned files. For more details please refer to [4]. [1] https://gist.github.com/thomas-holmes/711bcdb28e2b8e6d1c39c1d99d292af7 [2] https://bugzilla.suse.com/show_bug.cgi?id=1106512#c0 [3] https://launchpadlibrarian.net/459694705/test_overlay_permission.sh [4] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1851243 Signed-off-by: Ioanna Alifieraki <ioanna-maria.alifieraki(a)canonical.com> --- fs/overlayfs/inode.c | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index 060482e349ef..013d27dc6f58 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -9,7 +9,6 @@ #include <linux/fs.h> #include <linux/slab.h> -#include <linux/cred.h> #include <linux/xattr.h> #include "overlayfs.h" @@ -92,7 +91,6 @@ int ovl_permission(struct inode *inode, int mask) struct ovl_entry *oe; struct dentry *alias = NULL; struct inode *realinode; - const struct cred *old_cred; struct dentry *realdentry; bool is_upper; int err; @@ -145,18 +143,7 @@ int ovl_permission(struct inode *inode, int mask) goto out_dput; } - /* - * Check overlay inode with the creds of task and underlying inode - * with creds of mounter - */ - err = generic_permission(inode, mask); - if (err) - goto out_dput; - - old_cred = ovl_override_creds(inode->i_sb); err = __inode_permission(realinode, mask); - revert_creds(old_cred); - out_dput: dput(alias); return err; -- 2.17.1

4 years, 10 months

2
1
0 0

FAILED: patch "[PATCH] ASoC: SOF: core: release resources on errors in" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 410e5e55c9c1c9c0d452ac5b9adb37b933a7747e Mon Sep 17 00:00:00 2001 From: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Date: Fri, 24 Jan 2020 15:36:21 -0600 Subject: [PATCH] ASoC: SOF: core: release resources on errors in probe_continue The initial intent of releasing resources in the .remove does not work well with HDaudio codecs. If the probe_continue() fails in a work queue, e.g. due to missing firmware or authentication issues, we don't release any resources, and as a result the kernel oopses during suspend operations. The suggested fix is to release all resources during errors in probe_continue(), and use fw_state to track resource allocation state, so that .remove does not attempt to release the same hardware resources twice. PM operations are also modified so that no action is done if DSP resources have been freed due to an error at probe. Reported-by: Takashi Iwai <tiwai(a)suse.de> Co-developed-by: Kai Vehmanen <kai.vehmanen(a)linux.intel.com> Signed-off-by: Kai Vehmanen <kai.vehmanen(a)linux.intel.com> Bugzilla: http://bugzilla.suse.com/show_bug.cgi?id=1161246 Signed-off-by: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Reviewed-by: Takashi Iwai <tiwai(a)suse.de> Link: https://lore.kernel.org/r/20200124213625.30186-4-pierre-louis.bossart@linux… Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org diff --git a/sound/soc/sof/core.c b/sound/soc/sof/core.c index f517ab448a1d..34cefbaf2d2a 100644 --- a/sound/soc/sof/core.c +++ b/sound/soc/sof/core.c @@ -244,7 +244,6 @@ static int sof_probe_continue(struct snd_sof_dev *sdev) return 0; -#if !IS_ENABLED(CONFIG_SND_SOC_SOF_PROBE_WORK_QUEUE) fw_trace_err: snd_sof_free_trace(sdev); fw_run_err: @@ -255,22 +254,10 @@ static int sof_probe_continue(struct snd_sof_dev *sdev) snd_sof_free_debug(sdev); dbg_err: snd_sof_remove(sdev); -#else - /* - * when the probe_continue is handled in a work queue, the - * probe does not fail so we don't release resources here. - * They will be released with an explicit call to - * snd_sof_device_remove() when the PCI/ACPI device is removed - */ - -fw_trace_err: -fw_run_err: -fw_load_err: -ipc_err: -dbg_err: - -#endif + /* all resources freed, update state to match */ + sdev->fw_state = SOF_FW_BOOT_NOT_STARTED; + sdev->first_boot = true; return ret; } @@ -353,10 +340,12 @@ int snd_sof_device_remove(struct device *dev) if (IS_ENABLED(CONFIG_SND_SOC_SOF_PROBE_WORK_QUEUE)) cancel_work_sync(&sdev->probe_work); - snd_sof_fw_unload(sdev); - snd_sof_ipc_free(sdev); - snd_sof_free_debug(sdev); - snd_sof_free_trace(sdev); + if (sdev->fw_state > SOF_FW_BOOT_NOT_STARTED) { + snd_sof_fw_unload(sdev); + snd_sof_ipc_free(sdev); + snd_sof_free_debug(sdev); + snd_sof_free_trace(sdev); + } /* * Unregister machine driver. This will unbind the snd_card which @@ -364,13 +353,15 @@ int snd_sof_device_remove(struct device *dev) * before freeing the snd_card. */ snd_sof_machine_unregister(sdev, pdata); + /* * Unregistering the machine driver results in unloading the topology. * Some widgets, ex: scheduler, attempt to power down the core they are * scheduled on, when they are unloaded. Therefore, the DSP must be * removed only after the topology has been unloaded. */ - snd_sof_remove(sdev); + if (sdev->fw_state > SOF_FW_BOOT_NOT_STARTED) + snd_sof_remove(sdev); /* release firmware */ release_firmware(pdata->fw); diff --git a/sound/soc/sof/pm.c b/sound/soc/sof/pm.c index 84290bbeebdd..a0cde053b61a 100644 --- a/sound/soc/sof/pm.c +++ b/sound/soc/sof/pm.c @@ -56,6 +56,10 @@ static int sof_resume(struct device *dev, bool runtime_resume) if (!sof_ops(sdev)->resume || !sof_ops(sdev)->runtime_resume) return 0; + /* DSP was never successfully started, nothing to resume */ + if (sdev->first_boot) + return 0; + /* * if the runtime_resume flag is set, call the runtime_resume routine * or else call the system resume routine

4 years, 10 months

1
0
0 0

[PATCH v1] power: supply: ltc2941-battery-gauge: fix use-after-free

by Sven Van Asbroeck

This driver's remove path calls cancel_delayed_work(). However, that function does not wait until the work function finishes. This could mean that the work function is still running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling cancel_delayed_work_sync(), which ensures that that the work is properly cancelled, no longer running, and unable to re-schedule itself. This issue was detected with the help of Coccinelle. Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Sven Van Asbroeck <TheSven73(a)gmail.com> --- drivers/power/supply/ltc2941-battery-gauge.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/power/supply/ltc2941-battery-gauge.c b/drivers/power/supply/ltc2941-battery-gauge.c index da49436176cd..30a9014b2f95 100644 --- a/drivers/power/supply/ltc2941-battery-gauge.c +++ b/drivers/power/supply/ltc2941-battery-gauge.c @@ -449,7 +449,7 @@ static int ltc294x_i2c_remove(struct i2c_client *client) { struct ltc294x_info *info = i2c_get_clientdata(client); - cancel_delayed_work(&info->work); + cancel_delayed_work_sync(&info->work); power_supply_unregister(info->supply); return 0; } -- 2.17.1

4 years, 10 months

3
5
0 0

FAILED: patch "[PATCH] padata: Remove broken queue flushing" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 07928d9bfc81640bab36f5190e8725894d93b659 Mon Sep 17 00:00:00 2001 From: Herbert Xu <herbert(a)gondor.apana.org.au> Date: Tue, 19 Nov 2019 13:17:31 +0800 Subject: [PATCH] padata: Remove broken queue flushing The function padata_flush_queues is fundamentally broken because it cannot force padata users to complete the request that is underway. IOW padata has to passively wait for the completion of any outstanding work. As it stands flushing is used in two places. Its use in padata_stop is simply unnecessary because nothing depends on the queues to be flushed afterwards. The other use in padata_replace is more substantial as we depend on it to free the old pd structure. This patch instead uses the pd->refcnt to dynamically free the pd structure once all requests are complete. Fixes: 2b73b07ab8a4 ("padata: Flush the padata queues actively") Cc: <stable(a)vger.kernel.org> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Reviewed-by: Daniel Jordan <daniel.m.jordan(a)oracle.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/kernel/padata.c b/kernel/padata.c index c3fec1413295..da56a235a255 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -35,6 +35,8 @@ #define MAX_OBJ_NUM 1000 +static void padata_free_pd(struct parallel_data *pd); + static int padata_index_to_cpu(struct parallel_data *pd, int cpu_index) { int cpu, target_cpu; @@ -283,6 +285,7 @@ static void padata_serial_worker(struct work_struct *serial_work) struct padata_serial_queue *squeue; struct parallel_data *pd; LIST_HEAD(local_list); + int cnt; local_bh_disable(); squeue = container_of(serial_work, struct padata_serial_queue, work); @@ -292,6 +295,8 @@ static void padata_serial_worker(struct work_struct *serial_work) list_replace_init(&squeue->serial.list, &local_list); spin_unlock(&squeue->serial.lock); + cnt = 0; + while (!list_empty(&local_list)) { struct padata_priv *padata; @@ -301,9 +306,12 @@ static void padata_serial_worker(struct work_struct *serial_work) list_del_init(&padata->list); padata->serial(padata); - atomic_dec(&pd->refcnt); + cnt++; } local_bh_enable(); + + if (atomic_sub_and_test(cnt, &pd->refcnt)) + padata_free_pd(pd); } /** @@ -440,7 +448,7 @@ static struct parallel_data *padata_alloc_pd(struct padata_instance *pinst, padata_init_squeues(pd); atomic_set(&pd->seq_nr, -1); atomic_set(&pd->reorder_objects, 0); - atomic_set(&pd->refcnt, 0); + atomic_set(&pd->refcnt, 1); spin_lock_init(&pd->lock); pd->cpu = cpumask_first(pd->cpumask.pcpu); INIT_WORK(&pd->reorder_work, invoke_padata_reorder); @@ -466,29 +474,6 @@ static void padata_free_pd(struct parallel_data *pd) kfree(pd); } -/* Flush all objects out of the padata queues. */ -static void padata_flush_queues(struct parallel_data *pd) -{ - int cpu; - struct padata_parallel_queue *pqueue; - struct padata_serial_queue *squeue; - - for_each_cpu(cpu, pd->cpumask.pcpu) { - pqueue = per_cpu_ptr(pd->pqueue, cpu); - flush_work(&pqueue->work); - } - - if (atomic_read(&pd->reorder_objects)) - padata_reorder(pd); - - for_each_cpu(cpu, pd->cpumask.cbcpu) { - squeue = per_cpu_ptr(pd->squeue, cpu); - flush_work(&squeue->work); - } - - BUG_ON(atomic_read(&pd->refcnt) != 0); -} - static void __padata_start(struct padata_instance *pinst) { pinst->flags |= PADATA_INIT; @@ -502,10 +487,6 @@ static void __padata_stop(struct padata_instance *pinst) pinst->flags &= ~PADATA_INIT; synchronize_rcu(); - - get_online_cpus(); - padata_flush_queues(pinst->pd); - put_online_cpus(); } /* Replace the internal control structure with a new one. */ @@ -526,8 +507,8 @@ static void padata_replace(struct padata_instance *pinst, if (!cpumask_equal(pd_old->cpumask.cbcpu, pd_new->cpumask.cbcpu)) notification_mask |= PADATA_CPU_SERIAL; - padata_flush_queues(pd_old); - padata_free_pd(pd_old); + if (atomic_dec_and_test(&pd_old->refcnt)) + padata_free_pd(pd_old); if (notification_mask) blocking_notifier_call_chain(&pinst->cpumask_change_notifier,

4 years, 10 months

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror February 2020