January 2023 - Linux-stable-mirror

+ mm-cmac-make-kmemleak-aware-of-all-cma-regions.patch added to mm-unstable branch

by Andrew Morton

The patch titled Subject: mm/cma.c: make kmemleak aware of all CMA regions has been added to the -mm mm-unstable branch. Its filename is mm-cmac-make-kmemleak-aware-of-all-cma-regions.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: "Isaac J. Manjarres" <isaacmanjarres(a)google.com> Subject: mm/cma.c: make kmemleak aware of all CMA regions Date: Mon, 9 Jan 2023 14:16:22 -0800 Patch series "Fixes for kmemleak tracking with CMA regions". When trying to boot a device with an ARM64 kernel with the following config options enabled: CONFIG_DEBUG_PAGEALLOC=y CONFIG_DEBUG_PAGEALLOC_ENABLE_DEFAULT=y CONFIG_DEBUG_KMEMLEAK=y a page-fault is encountered when kmemleak starts to scan the list of gray or allocated objects that it maintains. Upon closer inspection, it was observed that these page-faults always occurred when kmemleak attempted to scan a CMA region. At the moment, kmemleak is made aware of CMA regions that are specified through the devicetree to be created at specific memory addresses or dynamically allocated within a range of addresses. However, if the CMA region is constrained to a certain range of addresses through the command line, the region is reserved through the memblock_reserve() function, but kmemleak_alloc_phys() is not invoked. Furthermore, kmemleak is never informed about CMA regions being freed to buddy at boot, which is problematic when CONFIG_DEBUG_PAGEALLOC is enabled, as all CMA regions are unmapped from the kernel's address space, and subsequently causes a page-fault when kmemleak attempts to scan any of them. This series makes it so that kmemleak is aware of every CMA region before they are freed to the buddy allocator, so that at that time, kmemleak can be informed that each region is about to be freed, and thus it should not attempt to scan those regions. This patch (of 2): Currently, kmemleak tracks CMA regions that are specified through the devicetree. However, if the global CMA region is specified through the commandline, kmemleak will be unaware of the CMA region because kmemleak_alloc_phys() is not invoked after memblock_reserve(). Add the missing call to kmemleak_alloc_phys() so that all CMA regions are tracked by kmemleak before they are freed to the page allocator in cma_activate_area(). Link: https://lkml.kernel.org/r/20230109221624.592315-1-isaacmanjarres@google.com Link: https://lkml.kernel.org/r/20230109221624.592315-2-isaacmanjarres@google.com Signed-off-by: Isaac J. Manjarres <isaacmanjarres(a)google.com> Cc: <stable(a)vger.kernel.org> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Cc: Saravana Kannan <saravanak(a)google.com> Cc: Suren Baghdasaryan <surenb(a)google.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/cma.c | 2 ++ 1 file changed, 2 insertions(+) --- a/mm/cma.c~mm-cmac-make-kmemleak-aware-of-all-cma-regions +++ a/mm/cma.c @@ -318,6 +318,8 @@ int __init cma_declare_contiguous_nid(ph ret = -EBUSY; goto err; } + + kmemleak_alloc_phys(base, size, 0); } else { phys_addr_t addr = 0; _ Patches currently in -mm which might be from isaacmanjarres(a)google.com are mm-cmac-make-kmemleak-aware-of-all-cma-regions.patch mm-cmac-delete-kmemleak-objects-when-freeing-cma-areas-to-buddy-at-boot.patch

2 years, 1 month

1
0
0 0

+ nommu-fix-split_vma-map_count-error.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: nommu: fix split_vma() map_count error has been added to the -mm mm-hotfixes-unstable branch. Its filename is nommu-fix-split_vma-map_count-error.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Liam Howlett <liam.howlett(a)oracle.com> Subject: nommu: fix split_vma() map_count error Date: Mon, 9 Jan 2023 20:58:20 +0000 During the maple tree conversion of nommu, an error in counting the VMAs was introduced by counting the existing VMA again. The counting used to be decremented by one and incremented by two, but now it only increments by two. Fix the counting error by moving the increment outside the setup_vma_to_mm() function to the callers. Link: https://lkml.kernel.org/r/20230109205809.956325-1-Liam.Howlett@oracle.com Fixes: 8220543df148 ("nommu: remove uses of VMA linked list") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/nommu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/mm/nommu.c~nommu-fix-split_vma-map_count-error +++ a/mm/nommu.c @@ -559,7 +559,6 @@ void vma_mas_remove(struct vm_area_struc static void setup_vma_to_mm(struct vm_area_struct *vma, struct mm_struct *mm) { - mm->map_count++; vma->vm_mm = mm; /* add the VMA to the mapping */ @@ -587,6 +586,7 @@ static void mas_add_vma_to_mm(struct ma_ BUG_ON(!vma->vm_region); setup_vma_to_mm(vma, mm); + mm->map_count++; /* add the VMA to the tree */ vma_mas_store(vma, mas); @@ -1347,6 +1347,7 @@ int split_vma(struct mm_struct *mm, stru if (vma->vm_file) return -ENOMEM; + mm = vma->vm_mm; if (mm->map_count >= sysctl_max_map_count) return -ENOMEM; @@ -1398,6 +1399,7 @@ int split_vma(struct mm_struct *mm, stru mas_set_range(&mas, vma->vm_start, vma->vm_end - 1); mas_store(&mas, vma); vma_mas_store(new, &mas); + mm->map_count++; return 0; err_mas_preallocate: _ Patches currently in -mm which might be from liam.howlett(a)oracle.com are nommu-fix-memory-leak-in-do_mmap-error-path.patch nommu-fix-do_munmap-error-path.patch nommu-fix-split_vma-map_count-error.patch maple_tree-remove-gfp_zero-from-kmem_cache_alloc-and-kmem_cache_alloc_bulk.patch

2 years, 1 month

1
0
0 0

+ nommu-fix-do_munmap-error-path.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: nommu: fix do_munmap() error path has been added to the -mm mm-hotfixes-unstable branch. Its filename is nommu-fix-do_munmap-error-path.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Liam Howlett <liam.howlett(a)oracle.com> Subject: nommu: fix do_munmap() error path Date: Mon, 9 Jan 2023 20:57:21 +0000 When removing a VMA from the tree fails due to no memory, do not free the VMA since a reference still exists. Link: https://lkml.kernel.org/r/20230109205708.956103-1-Liam.Howlett@oracle.com Fixes: 8220543df148 ("nommu: remove uses of VMA linked list") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/nommu.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) --- a/mm/nommu.c~nommu-fix-do_munmap-error-path +++ a/mm/nommu.c @@ -1509,7 +1509,8 @@ int do_munmap(struct mm_struct *mm, unsi erase_whole_vma: if (delete_vma_from_mm(vma)) ret = -ENOMEM; - delete_vma(mm, vma); + else + delete_vma(mm, vma); return ret; } _ Patches currently in -mm which might be from liam.howlett(a)oracle.com are nommu-fix-memory-leak-in-do_mmap-error-path.patch nommu-fix-do_munmap-error-path.patch nommu-fix-split_vma-map_count-error.patch maple_tree-remove-gfp_zero-from-kmem_cache_alloc-and-kmem_cache_alloc_bulk.patch

2 years, 1 month

1
0
0 0

+ nommu-fix-memory-leak-in-do_mmap-error-path.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: nommu: fix memory leak in do_mmap() error path has been added to the -mm mm-hotfixes-unstable branch. Its filename is nommu-fix-memory-leak-in-do_mmap-error-path.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Liam Howlett <liam.howlett(a)oracle.com> Subject: nommu: fix memory leak in do_mmap() error path Date: Mon, 9 Jan 2023 20:55:21 +0000 The preallocation of the maple tree nodes may leak if the error path to "error_just_free" is taken. Fix this by moving the freeing of the maple tree nodes to a shared location for all error paths. Link: https://lkml.kernel.org/r/20230109205507.955577-1-Liam.Howlett@oracle.com Fixes: 8220543df148 ("nommu: remove uses of VMA linked list") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> Cc: Matthew Wilcox (Oracle) <willy(a)infradead.org> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Yu Zhao <yuzhao(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/nommu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/mm/nommu.c~nommu-fix-memory-leak-in-do_mmap-error-path +++ a/mm/nommu.c @@ -1240,6 +1240,7 @@ share: error_just_free: up_write(&nommu_region_sem); error: + mas_destroy(&mas); if (region->vm_file) fput(region->vm_file); kmem_cache_free(vm_region_jar, region); @@ -1250,7 +1251,6 @@ error: sharing_violation: up_write(&nommu_region_sem); - mas_destroy(&mas); pr_warn("Attempt to share mismatched mappings\n"); ret = -EINVAL; goto error; _ Patches currently in -mm which might be from liam.howlett(a)oracle.com are nommu-fix-memory-leak-in-do_mmap-error-path.patch nommu-fix-do_munmap-error-path.patch nommu-fix-split_vma-map_count-error.patch maple_tree-remove-gfp_zero-from-kmem_cache_alloc-and-kmem_cache_alloc_bulk.patch

2 years, 1 month

1
0
0 0

[PATCH v1 2/2] mm/cma.c: Delete kmemleak objects when freeing CMA areas to buddy at boot

by Isaac J. Manjarres

Since every CMA region is now tracked by kmemleak at the time cma_activate_area() is invoked, and cma_activate_area() is called for each CMA region, invoke kmemleak_free_part_phys() during cma_activate_area() to inform kmemleak that the CMA region will be freed. Doing so also removes the need to invoke kmemleak_ignore_phys() when the global CMA region is being created, as the kmemleak object for it will be deleted. This helps resolve a crash when kmemleak and CONFIG_DEBUG_PAGEALLOC are both enabled, since CONFIG_DEBUG_PAGEALLOC causes the CMA region to be unmapped from the kernel's address space when the pages are freed to buddy. Without this patch, kmemleak will attempt to scan the CMA regions, even though they are unmapped, which leads to a page-fault. Cc: stable(a)vger.kernel.org Signed-off-by: Isaac J. Manjarres <isaacmanjarres(a)google.com> --- mm/cma.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/mm/cma.c b/mm/cma.c index 674b7fdd563e..dd25b095d9ca 100644 --- a/mm/cma.c +++ b/mm/cma.c @@ -102,6 +102,13 @@ static void __init cma_activate_area(struct cma *cma) if (!cma->bitmap) goto out_error; + /* + * The CMA region was marked as allocated by kmemleak when it was either + * dynamically allocated or statically reserved. In any case, + * inform kmemleak that the region is about to be freed to the page allocator. + */ + kmemleak_free_part_phys(cma_get_base(cma), cma_get_size(cma)); + /* * alloc_contig_range() requires the pfn range specified to be in the * same zone. Simplify by forcing the entire CMA resv range to be in the @@ -361,11 +368,6 @@ int __init cma_declare_contiguous_nid(phys_addr_t base, } } - /* - * kmemleak scans/reads tracked objects for pointers to other - * objects but this address isn't mapped and accessible - */ - kmemleak_ignore_phys(addr); base = addr; } -- 2.39.0.314.g84b9a713c41-goog

2 years, 1 month

1
0
0 0

[PATCH v1 1/2] mm/cma.c: Make kmemleak aware of all CMA regions

by Isaac J. Manjarres

Currently, kmemleak tracks CMA regions that are specified through the devicetree. However, if the global CMA region is specified through the commandline, kmemleak will be unaware of the CMA region because kmemleak_alloc_phys() is not invoked after memblock_reserve(). Add the missing call to kmemleak_alloc_phys() so that all CMA regions are tracked by kmemleak before they are freed to the page allocator in cma_activate_area(). Cc: stable(a)vger.kernel.org Signed-off-by: Isaac J. Manjarres <isaacmanjarres(a)google.com> --- mm/cma.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mm/cma.c b/mm/cma.c index 4a978e09547a..674b7fdd563e 100644 --- a/mm/cma.c +++ b/mm/cma.c @@ -318,6 +318,8 @@ int __init cma_declare_contiguous_nid(phys_addr_t base, ret = -EBUSY; goto err; } + + kmemleak_alloc_phys(base, size, 0); } else { phys_addr_t addr = 0; -- 2.39.0.314.g84b9a713c41-goog

2 years, 1 month

1
0
0 0

[PATCH 5.15 0/6] Backport x86/fpu: Allow PKRU to be (once again) written by ptrace

by Kyle Huey

Hi Greg, What follows is backports of the upstream commits 6a877d2450ac x86/fpu: Take task_struct* in copy_sigframe_from_user_to_xstate() 1c813ce03055 x86/fpu: Add a pkru argument to copy_uabi_from_kernel_to_xstate(). 2c87767c35ee x86/fpu: Add a pkru argument to copy_uabi_to_xstate() 4a804c4f8356 x86/fpu: Allow PKRU to be (once again) written by ptrace. d7e5aceace51 x86/fpu: Emulate XRSTOR's behavior if the xfeatures PKRU bit is not set 6ea25770b043 selftests/vm/pkeys: Add a regression test for setting PKRU through ptrace Those commits fix a regression introduced in 5.14 (by e84ba47e313d) related to handling of PKRU through ptrace(2). The only substantive difference between this patch series and the upstream patch series is that, because on upstream kernels KVM also calls into copy_uabi_to_xstate(), while on 5.15 KVM has its own separate code path, this patch series copies (five lines of) previously KVM-specific code into copy_uabi_to_xstate() whereas the upstream patch series moves previously KVM-specific code into copy_uabi_to_xstate(). All other changes are adjustments for context that varies or refactorings that are newer than 5.15.

2 years, 1 month

1
6
0 0

[PATCH] nommu: Fix split_vma() map_count error

by Liam Howlett

During the maple tree conversion of nommu, an error in counting the VMAs was introduced by counting the existing VMA again. The counting used to be decremented by one and incremented by two, but now it only increments by two. Fix the counting error by moving the increment outside the setup_vma_to_mm() function to the callers. Fixes: 8220543df148 ("nommu: remove uses of VMA linked list") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> --- mm/nommu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mm/nommu.c b/mm/nommu.c index 844af5be7640..5b83938ecb67 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -559,7 +559,6 @@ void vma_mas_remove(struct vm_area_struct *vma, struct ma_state *mas) static void setup_vma_to_mm(struct vm_area_struct *vma, struct mm_struct *mm) { - mm->map_count++; vma->vm_mm = mm; /* add the VMA to the mapping */ @@ -587,6 +586,7 @@ static void mas_add_vma_to_mm(struct ma_state *mas, struct mm_struct *mm, BUG_ON(!vma->vm_region); setup_vma_to_mm(vma, mm); + mm->map_count++; /* add the VMA to the tree */ vma_mas_store(vma, mas); @@ -1347,6 +1347,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, if (vma->vm_file) return -ENOMEM; + mm = vma->vm_mm; if (mm->map_count >= sysctl_max_map_count) return -ENOMEM; @@ -1398,6 +1399,7 @@ int split_vma(struct mm_struct *mm, struct vm_area_struct *vma, mas_set_range(&mas, vma->vm_start, vma->vm_end - 1); mas_store(&mas, vma); vma_mas_store(new, &mas); + mm->map_count++; return 0; err_mas_preallocate: -- 2.35.1

2 years, 1 month

2
1
0 0

[PATCH] nommu: Fix do_munmap() error path

by Liam Howlett

When removing a VMA from the tree fails due to no memory, do not free the VMA since a reference still exists. Fixes: 8220543df148 ("nommu: remove uses of VMA linked list") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> --- mm/nommu.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mm/nommu.c b/mm/nommu.c index c8252f01d5db..844af5be7640 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -1509,7 +1509,8 @@ int do_munmap(struct mm_struct *mm, unsigned long start, size_t len, struct list erase_whole_vma: if (delete_vma_from_mm(vma)) ret = -ENOMEM; - delete_vma(mm, vma); + else + delete_vma(mm, vma); return ret; } -- 2.35.1

2 years, 1 month

2
1
0 0

[PATCH] nommu: Fix memory leak in do_mmap() error path

by Liam Howlett

The preallocation of the maple tree nodes may leak if the error path to "error_just_free" is taken. Fix this by moving the freeing of the maple tree nodes to a shared location for all error paths. Fixes: 8220543df148 ("nommu: remove uses of VMA linked list") Signed-off-by: Liam R. Howlett <Liam.Howlett(a)oracle.com> --- mm/nommu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/nommu.c b/mm/nommu.c index 214c70e1d059..c8252f01d5db 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -1240,6 +1240,7 @@ unsigned long do_mmap(struct file *file, error_just_free: up_write(&nommu_region_sem); error: + mas_destroy(&mas); if (region->vm_file) fput(region->vm_file); kmem_cache_free(vm_region_jar, region); @@ -1250,7 +1251,6 @@ unsigned long do_mmap(struct file *file, sharing_violation: up_write(&nommu_region_sem); - mas_destroy(&mas); pr_warn("Attempt to share mismatched mappings\n"); ret = -EINVAL; goto error; -- 2.35.1

2 years, 1 month

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror January 2023