February 2024 - Linux-stable-mirror

FAILED: patch "[PATCH] selftests/mm: ksm_tests should only MADV_HUGEPAGE valid" failed to apply to 6.1-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x d021b442cf312664811783e92b3d5e4548e92a53 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021805-nuzzle-apricot-89e9@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From d021b442cf312664811783e92b3d5e4548e92a53 Mon Sep 17 00:00:00 2001 From: Ryan Roberts <ryan.roberts(a)arm.com> Date: Mon, 22 Jan 2024 12:05:54 +0000 Subject: [PATCH] selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory ksm_tests was previously mmapping a region of memory, aligning the returned pointer to a PMD boundary, then setting MADV_HUGEPAGE, but was setting it past the end of the mmapped area due to not taking the pointer alignment into consideration. Fix this behaviour. Up until commit efa7df3e3bb5 ("mm: align larger anonymous mappings on THP boundaries"), this buggy behavior was (usually) masked because the alignment difference was always less than PMD-size. But since the mentioned commit, `ksm_tests -H -s 100` started failing. Link: https://lkml.kernel.org/r/20240122120554.3108022-1-ryan.roberts@arm.com Fixes: 325254899684 ("selftests: vm: add KSM huge pages merging time test") Signed-off-by: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Pedro Demarchi Gomes <pedrodemargomes(a)gmail.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> diff --git a/tools/testing/selftests/mm/ksm_tests.c b/tools/testing/selftests/mm/ksm_tests.c index 380b691d3eb9..b748c48908d9 100644 --- a/tools/testing/selftests/mm/ksm_tests.c +++ b/tools/testing/selftests/mm/ksm_tests.c @@ -566,7 +566,7 @@ static int ksm_merge_hugepages_time(int merge_type, int mapping, int prot, if (map_ptr_orig == MAP_FAILED) err(2, "initial mmap"); - if (madvise(map_ptr, len + HPAGE_SIZE, MADV_HUGEPAGE)) + if (madvise(map_ptr, len, MADV_HUGEPAGE)) err(2, "MADV_HUGEPAGE"); pagemap_fd = open("/proc/self/pagemap", O_RDONLY);

1 year, 8 months

1
0
0 0

[PATCH -fixes v2 3/4] riscv: Add ISA extension parsing for Sm and Ss

by Samuel Holland

Previously, all extension version numbers were ignored. However, the version number is important for these two extensions. The simplest way to implement this is to use a separate bitmap bit for each supported version, with each successive version implying all of the previous ones. This allows alternatives and riscv_has_extension_[un]likely() to work naturally. To avoid duplicate extensions in /proc/cpuinfo, the new successor_id field allows hiding all but the newest implemented version of an extension. Cc: <stable(a)vger.kernel.org> # v6.7+ Signed-off-by: Samuel Holland <samuel.holland(a)sifive.com> --- Changes in v2: - New patch for v2 arch/riscv/include/asm/cpufeature.h | 1 + arch/riscv/include/asm/hwcap.h | 8 ++++++ arch/riscv/kernel/cpu.c | 5 ++++ arch/riscv/kernel/cpufeature.c | 42 +++++++++++++++++++++++++---- 4 files changed, 51 insertions(+), 5 deletions(-) diff --git a/arch/riscv/include/asm/cpufeature.h b/arch/riscv/include/asm/cpufeature.h index 0bd11862b760..ac71384e7bc4 100644 --- a/arch/riscv/include/asm/cpufeature.h +++ b/arch/riscv/include/asm/cpufeature.h @@ -61,6 +61,7 @@ struct riscv_isa_ext_data { const char *property; const unsigned int *subset_ext_ids; const unsigned int subset_ext_size; + const unsigned int successor_id; }; extern const struct riscv_isa_ext_data riscv_isa_ext[]; diff --git a/arch/riscv/include/asm/hwcap.h b/arch/riscv/include/asm/hwcap.h index 5340f818746b..5b51aa1db15b 100644 --- a/arch/riscv/include/asm/hwcap.h +++ b/arch/riscv/include/asm/hwcap.h @@ -80,13 +80,21 @@ #define RISCV_ISA_EXT_ZFA 71 #define RISCV_ISA_EXT_ZTSO 72 #define RISCV_ISA_EXT_ZACAS 73 +#define RISCV_ISA_EXT_SM1p11 74 +#define RISCV_ISA_EXT_SM1p12 75 +#define RISCV_ISA_EXT_SS1p11 76 +#define RISCV_ISA_EXT_SS1p12 77 #define RISCV_ISA_EXT_MAX 128 #define RISCV_ISA_EXT_INVALID U32_MAX #ifdef CONFIG_RISCV_M_MODE +#define RISCV_ISA_EXT_Sx1p11 RISCV_ISA_EXT_SM1p11 +#define RISCV_ISA_EXT_Sx1p12 RISCV_ISA_EXT_SM1p12 #define RISCV_ISA_EXT_SxAIA RISCV_ISA_EXT_SMAIA #else +#define RISCV_ISA_EXT_Sx1p11 RISCV_ISA_EXT_SS1p11 +#define RISCV_ISA_EXT_Sx1p12 RISCV_ISA_EXT_SS1p12 #define RISCV_ISA_EXT_SxAIA RISCV_ISA_EXT_SSAIA #endif diff --git a/arch/riscv/kernel/cpu.c b/arch/riscv/kernel/cpu.c index d11d6320fb0d..2e6b90ed0d51 100644 --- a/arch/riscv/kernel/cpu.c +++ b/arch/riscv/kernel/cpu.c @@ -215,6 +215,11 @@ static void print_isa(struct seq_file *f, const unsigned long *isa_bitmap) if (!__riscv_isa_extension_available(isa_bitmap, riscv_isa_ext[i].id)) continue; + /* Only show the newest implemented version of an extension */ + if (riscv_isa_ext[i].successor_id != RISCV_ISA_EXT_INVALID && + __riscv_isa_extension_available(isa_bitmap, riscv_isa_ext[i].successor_id)) + continue; + /* Only multi-letter extensions are split by underscores */ if (strnlen(riscv_isa_ext[i].name, 2) != 1) seq_puts(f, "_"); diff --git a/arch/riscv/kernel/cpufeature.c b/arch/riscv/kernel/cpufeature.c index c5b13f7dd482..8e10b50120e9 100644 --- a/arch/riscv/kernel/cpufeature.c +++ b/arch/riscv/kernel/cpufeature.c @@ -113,23 +113,29 @@ static bool riscv_isa_extension_check(int id) return true; } -#define _RISCV_ISA_EXT_DATA(_name, _id, _subset_exts, _subset_exts_size) { \ +#define _RISCV_ISA_EXT_DATA(_name, _id, _subset_exts, _subset_exts_size, _successor) { \ .name = #_name, \ .property = #_name, \ .id = _id, \ .subset_ext_ids = _subset_exts, \ - .subset_ext_size = _subset_exts_size \ + .subset_ext_size = _subset_exts_size, \ + .successor_id = _successor, \ } -#define __RISCV_ISA_EXT_DATA(_name, _id) _RISCV_ISA_EXT_DATA(_name, _id, NULL, 0) +#define __RISCV_ISA_EXT_DATA(_name, _id) \ + _RISCV_ISA_EXT_DATA(_name, _id, NULL, 0, RISCV_ISA_EXT_INVALID) /* Used to declare pure "lasso" extension (Zk for instance) */ #define __RISCV_ISA_EXT_BUNDLE(_name, _bundled_exts) \ - _RISCV_ISA_EXT_DATA(_name, RISCV_ISA_EXT_INVALID, _bundled_exts, ARRAY_SIZE(_bundled_exts)) + _RISCV_ISA_EXT_DATA(_name, RISCV_ISA_EXT_INVALID, \ + _bundled_exts, ARRAY_SIZE(_bundled_exts), RISCV_ISA_EXT_INVALID) /* Used to declare extensions that are a superset of other extensions (Zvbb for instance) */ #define __RISCV_ISA_EXT_SUPERSET(_name, _id, _sub_exts) \ - _RISCV_ISA_EXT_DATA(_name, _id, _sub_exts, ARRAY_SIZE(_sub_exts)) + _RISCV_ISA_EXT_DATA(_name, _id, _sub_exts, ARRAY_SIZE(_sub_exts), RISCV_ISA_EXT_INVALID) + +#define __RISCV_ISA_EXT_VERSION(_name, _id, _preds, _preds_size, _successor) \ + _RISCV_ISA_EXT_DATA(_name, _id, _preds, _preds_size, _successor) static const unsigned int riscv_zk_bundled_exts[] = { RISCV_ISA_EXT_ZBKB, @@ -201,6 +207,16 @@ static const unsigned int riscv_zvbb_exts[] = { RISCV_ISA_EXT_ZVKB }; +static const unsigned int riscv_sm_ext_versions[] = { + RISCV_ISA_EXT_SM1p11, + RISCV_ISA_EXT_SM1p12, +}; + +static const unsigned int riscv_ss_ext_versions[] = { + RISCV_ISA_EXT_SS1p11, + RISCV_ISA_EXT_SS1p12, +}; + /* * The canonical order of ISA extension names in the ISA string is defined in * chapter 27 of the unprivileged specification. @@ -299,8 +315,16 @@ const struct riscv_isa_ext_data riscv_isa_ext[] = { __RISCV_ISA_EXT_DATA(zvksh, RISCV_ISA_EXT_ZVKSH), __RISCV_ISA_EXT_BUNDLE(zvksg, riscv_zvksg_bundled_exts), __RISCV_ISA_EXT_DATA(zvkt, RISCV_ISA_EXT_ZVKT), + __RISCV_ISA_EXT_VERSION(sm1p11, RISCV_ISA_EXT_SM1p11, riscv_sm_ext_versions, 0, + RISCV_ISA_EXT_SM1p12), + __RISCV_ISA_EXT_VERSION(sm1p12, RISCV_ISA_EXT_SM1p12, riscv_sm_ext_versions, 1, + RISCV_ISA_EXT_INVALID), __RISCV_ISA_EXT_DATA(smaia, RISCV_ISA_EXT_SMAIA), __RISCV_ISA_EXT_DATA(smstateen, RISCV_ISA_EXT_SMSTATEEN), + __RISCV_ISA_EXT_VERSION(ss1p11, RISCV_ISA_EXT_SS1p11, riscv_ss_ext_versions, 0, + RISCV_ISA_EXT_SS1p12), + __RISCV_ISA_EXT_VERSION(ss1p12, RISCV_ISA_EXT_SS1p12, riscv_ss_ext_versions, 1, + RISCV_ISA_EXT_INVALID), __RISCV_ISA_EXT_DATA(ssaia, RISCV_ISA_EXT_SSAIA), __RISCV_ISA_EXT_DATA(sscofpmf, RISCV_ISA_EXT_SSCOFPMF), __RISCV_ISA_EXT_DATA(sstc, RISCV_ISA_EXT_SSTC), @@ -414,6 +438,14 @@ static void __init riscv_parse_isa_string(unsigned long *this_hwcap, struct risc ; ++ext_end; + + /* + * As a special case for the Sm and Ss extensions, where the version + * number is important, include it in the extension name. + */ + if (ext_end - ext == 2 && tolower(ext[0]) == 's' && + (tolower(ext[1]) == 'm' || tolower(ext[1]) == 's')) + ext_end = isa; break; default: /* -- 2.43.0

1 year, 8 months

4
9
0 0

[PATCH -fixes v2 4/4] riscv: Save/restore envcfg CSR during CPU suspend

by Samuel Holland

The value of the [ms]envcfg CSR is lost when entering a nonretentive idle state, so the CSR must be rewritten when resuming the CPU. Cc: <stable(a)vger.kernel.org> # v6.7+ Fixes: 43c16d51a19b ("RISC-V: Enable cbo.zero in usermode") Signed-off-by: Samuel Holland <samuel.holland(a)sifive.com> --- Changes in v2: - Check for privileged ISA v1.12 instead of the specific CSR - Use riscv_has_extension_likely() instead of new ALTERNATIVE()s arch/riscv/include/asm/suspend.h | 1 + arch/riscv/kernel/suspend.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/arch/riscv/include/asm/suspend.h b/arch/riscv/include/asm/suspend.h index 02f87867389a..491296a335d0 100644 --- a/arch/riscv/include/asm/suspend.h +++ b/arch/riscv/include/asm/suspend.h @@ -14,6 +14,7 @@ struct suspend_context { struct pt_regs regs; /* Saved and restored by high-level functions */ unsigned long scratch; + unsigned long envcfg; unsigned long tvec; unsigned long ie; #ifdef CONFIG_MMU diff --git a/arch/riscv/kernel/suspend.c b/arch/riscv/kernel/suspend.c index 239509367e42..be03615486ed 100644 --- a/arch/riscv/kernel/suspend.c +++ b/arch/riscv/kernel/suspend.c @@ -15,6 +15,8 @@ void suspend_save_csrs(struct suspend_context *context) { context->scratch = csr_read(CSR_SCRATCH); + if (riscv_has_extension_likely(RISCV_ISA_EXT_Sx1p12)) + context->envcfg = csr_read(CSR_ENVCFG); context->tvec = csr_read(CSR_TVEC); context->ie = csr_read(CSR_IE); @@ -36,6 +38,8 @@ void suspend_save_csrs(struct suspend_context *context) void suspend_restore_csrs(struct suspend_context *context) { csr_write(CSR_SCRATCH, context->scratch); + if (riscv_has_extension_likely(RISCV_ISA_EXT_Sx1p12)) + csr_write(CSR_ENVCFG, context->envcfg); csr_write(CSR_TVEC, context->tvec); csr_write(CSR_IE, context->ie); -- 2.43.0

1 year, 8 months

3
3
0 0

[PATCH 5.4 000/194] 5.4.268-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.4.268 release. There are 194 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 24 Jan 2024 23:56:49 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.4.268-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.4.268-rc1 Tiezhu Yang <yangtiezhu(a)loongson.cn> perf top: Skip side-band event setup if HAVE_LIBBPF_SUPPORT is not set Marek Szyprowski <m.szyprowski(a)samsung.com> i2c: s3c24xx: fix transferring more than one message in polling mode Marek Szyprowski <m.szyprowski(a)samsung.com> i2c: s3c24xx: fix read transfers in polling mode Amit Cohen <amcohen(a)nvidia.com> mlxsw: spectrum_acl_erp: Fix error flow of pool allocation failure Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> kdb: Fix a potential buffer overflow in kdb_local() Daniel Thompson <daniel.thompson(a)linaro.org> kdb: Censor attempts to set PROMPT without ENABLE_MEM_READ Fedor Pchelkin <pchelkin(a)ispras.ru> ipvs: avoid stat macros calls from preemptible context Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: skip dead set elements in netlink dump Kunwu Chan <chentao(a)kylinos.cn> net: dsa: vsc73xx: Add null pointer check to vsc73xx_gpio_probe Nikita Yushchenko <nikita.yoush(a)cogentembedded.com> net: ravb: Fix dma_addr_t truncation in error case Claudiu Beznea <claudiu.beznea.uj(a)bp.renesas.com> net: phy: micrel: populate .soft_reset for KSZ9131 Lin Ma <linma(a)zju.edu.cn> net: qualcomm: rmnet: fix global oob in rmnet_policy Niklas Schnelle <schnelle(a)linux.ibm.com> s390/pci: fix max size calculation in zpci_memcpy_toio() Siddharth Vadapalli <s-vadapalli(a)ti.com> PCI: keystone: Fix race condition when initializing PHYs Maurizio Lombardi <mlombard(a)redhat.com> nvmet-tcp: Fix the H2C expected PDU len calculation Christoph Niedermaier <cniedermaier(a)dh-electronics.com> serial: imx: Correct clock error message in function probe() Fedor Pchelkin <pchelkin(a)ispras.ru> apparmor: avoid crash when parsed profile name is empty Ian Rogers <irogers(a)google.com> perf env: Avoid recursively taking env->bpf_progs.lock Arnaldo Carvalho de Melo <acme(a)redhat.com> perf bpf: Decouple creating the evlist from adding the SB event Arnaldo Carvalho de Melo <acme(a)redhat.com> perf top: Move sb_evlist to 'struct perf_top' Arnaldo Carvalho de Melo <acme(a)redhat.com> perf record: Move sb_evlist to 'struct record' Jiri Olsa <jolsa(a)kernel.org> perf env: Add perf_env__numa_node() Maurizio Lombardi <mlombard(a)redhat.com> nvmet-tcp: fix a crash in nvmet_req_complete() Maurizio Lombardi <mlombard(a)redhat.com> nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length Namhyung Kim <namhyung(a)kernel.org> perf genelf: Set ELF program header addresses properly Sakari Ailus <sakari.ailus(a)linux.intel.com> software node: Let args be NULL in software_node_get_reference_args Sakari Ailus <sakari.ailus(a)linux.intel.com> acpi: property: Let args be NULL in __acpi_node_get_property_reference Martijn Coenen <maco(a)android.com> binder: print warnings when detecting oneway spamming. Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> MIPS: Alchemy: Fix an out-of-bound access in db1550_dev_setup() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> MIPS: Alchemy: Fix an out-of-bound access in db1200_dev_setup() Serge Semin <fancer.lancer(a)gmail.com> mips: Fix incorrect max_low_pfn adjustment Jason Gerecke <jason.gerecke(a)wacom.com> HID: wacom: Correct behavior when processing some confidence == false touches Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/kvm: Do not try to disable kvmclock if it was not enabled David Lin <yu-hao.lin(a)nxp.com> wifi: mwifiex: configure BSSID consistently when starting AP Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code Stefan Berger <stefanb(a)linux.ibm.com> rootfs: Fix support for rootfstype= when root= is given Nam Cao <namcao(a)linutronix.de> fbdev: flush deferred work in fb_deferred_io_fsync() Takashi Iwai <tiwai(a)suse.de> ALSA: oxygen: Fix right channel of capture volume mixer Gui-Dong Han <2045gemini(a)gmail.com> usb: mon: Fix atomicity violation in mon_bin_vma_fault RD Babiera <rdbabiera(a)google.com> usb: typec: class: fix typec_altmode_put_partner to put plugs Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Revert "usb: typec: class: fix typec_altmode_put_partner to put plugs" Xu Yang <xu.yang_2(a)nxp.com> usb: chipidea: wait controller resume finished for wakeup irq Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> Revert "usb: dwc3: don't reset device side if dwc3 was configured as host-only" Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> Revert "usb: dwc3: Soft reset phy on probe for host" Uttkarsh Aggarwal <quic_uaggarwa(a)quicinc.com> usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart Xu Yang <xu.yang_2(a)nxp.com> usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() Heiko Carstens <hca(a)linux.ibm.com> tick-sched: Fix idle and iowait sleeptime accounting vs CPU hotplug Carlos Llamas <cmllamas(a)google.com> binder: fix unused alloc->free_async_space Carlos Llamas <cmllamas(a)google.com> binder: fix race between mmput() and do_exit() Jan Beulich <jbeulich(a)suse.com> xen-netback: don't produce zero-size SKB frags Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek" Hans de Goede <hdegoede(a)redhat.com> Input: atkbd - use ab83 as id when skipping the getid command Carlos Llamas <cmllamas(a)google.com> binder: fix use-after-free in shinker's callback Carlos Llamas <cmllamas(a)google.com> binder: fix async space check for 0-sized buffers Geert Uytterhoeven <geert+renesas(a)glider.be> of: unittest: Fix of_count_phandle_with_args() expected value message Christian A. Ehrhardt <lk(a)c--e.de> of: Fix double free in of_parse_phandle_with_args_map Peter Robinson <pbrobinson(a)gmail.com> mmc: sdhci_omap: Fix TI SoC dependencies Su Hui <suhui(a)nfschina.com> clk: si5341: fix an error code problem in si5341_output_clk_set_rate Stefan Wahren <wahrenst(a)gmx.net> watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling Jerry Hoemann <jerry.hoemann(a)hpe.com> watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO Curtis Klein <curtis.klein(a)hpe.com> watchdog: set cdev owner before adding Jay Buddhabhatti <jay.buddhabhatti(a)amd.com> drivers: clk: zynqmp: calculate closest mux rate Zhipeng Lu <alexious(a)zju.edu.cn> gpu/drm/radeon: fix two memleaks in radeon_vm_init Zhipeng Lu <alexious(a)zju.edu.cn> drivers/amd/pm: fix a use-after-free in kv_parse_power_table Zhipeng Lu <alexious(a)zju.edu.cn> drm/amd/pm: fix a double-free in si_dpm_init Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu/debugfs: fix error code when smc register accessors are NULL Dan Carpenter <dan.carpenter(a)linaro.org> media: dvbdev: drop refcount on error path in dvb_device_open() Zhipeng Lu <alexious(a)zju.edu.cn> media: cx231xx: fix a memleak in cx231xx_init_isoc Tomi Valkeinen <tomi.valkeinen(a)ideasonboard.com> drm/bridge: tc358767: Fix return value on error case Zhipeng Lu <alexious(a)zju.edu.cn> drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table Zhipeng Lu <alexious(a)zju.edu.cn> drm/radeon/dpm: fix a memleak in sumo_parse_power_table Yang Yingliang <yangyingliang(a)huawei.com> drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/drv: propagate errors from drm_modeset_register_all() Konrad Dybcio <konrad.dybcio(a)linaro.org> drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> drm/msm/mdp4: flush vblank event on disable Linus Walleij <linus.walleij(a)linaro.org> ASoC: cs35l34: Fix GPIO name and drop legacy include Linus Walleij <linus.walleij(a)linaro.org> ASoC: cs35l33: Fix GPIO name and drop legacy include Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon: check return value of radeon_ring_lock() Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() Nikita Zhandarovich <n.zhandarovich(a)fintech.ru> drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() Chao Yu <chao(a)kernel.org> f2fs: fix to avoid dirent corruption Dario Binacchi <dario.binacchi(a)amarulasolutions.com> drm/bridge: Fix typo in post_disable() description Ricardo B. Marliere <ricardo(a)marliere.net> media: pvrusb2: fix use after free on context disconnection Leon Romanovsky <leonro(a)nvidia.com> RDMA/usnic: Silence uninitialized symbol smatch warnings Arnd Bergmann <arnd(a)arndb.de> ARM: davinci: always select CONFIG_CPU_ARM926T Eric Dumazet <edumazet(a)google.com> ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() Francesco Dolcini <francesco.dolcini(a)toradex.com> Bluetooth: btmtkuart: fix recv_buf() return value Luiz Augusto von Dentz <luiz.von.dentz(a)intel.com> Bluetooth: Fix bogus check for re-auth no supported with non-ssp Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: mark newset as dead on transaction abort Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192se: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192de: using calculate_bit_shift() Colin Ian King <colin.king(a)canonical.com> rtlwifi: rtl8192de: make arrays static const, makes object smaller Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8192c: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: add calculate_bit_shift() Joakim Zhang <joakim.zhang(a)cixtech.com> dma-mapping: clear dev->dma_mem to NULL after freeing it Arseniy Krasnov <avkrasnov(a)salutedevices.com> virtio/vsock: fix logic which reduces credit update messages Hangbin Liu <liuhangbin(a)gmail.com> selftests/net: fix grep checking for fib_nexthop_multiprefix Yihang Li <liyihang9(a)huawei.com> scsi: hisi_sas: Replace with standard error code return value Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> arm64: dts: qcom: sdm845-db845c: correct LED panic indicator Artem Chernyshev <artem.chernyshev(a)red-soft.ru> scsi: fnic: Return error if vmalloc() failed Su Hui <suhui(a)nfschina.com> wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior Joe Perches <joe(a)perches.com> rtlwifi: Use ffs in <foo>_phy_calculate_bit_shift Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() Peter Delevoryas <peter(a)pjd.dev> net/ncsi: Fix netlink major/minor version numbers Bhaskar Chowdhury <unixbhaskar(a)gmail.com> ncsi: internal.h: Fix a spello Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> ARM: dts: qcom: apq8064: correct XOADC register address Arnd Bergmann <arnd(a)arndb.de> wifi: libertas: stop selecting wext Florian Lehner <dev(a)der-flo.net> bpf, lpm: Fix check prefixlen before walking trie Chih-Kang Chang <gary.chang(a)realtek.com> wifi: rtw88: fix RX filter in FIF_ALLMULTI flag Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT Benjamin Coddington <bcodding(a)redhat.com> blocklayoutdriver: Fix reference leak of pnfs_device_node Chengming Zhou <zhouchengming(a)bytedance.com> crypto: scomp - fix req->dst buffer overflow Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - do not resize req->src when doing hash operations Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix processing hash requests with req->nbytes < sg->length Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - improve error handling in sahara_sha_process() Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix wait_for_completion_timeout() error handling Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix ahash reqsize wangyangxin <wangyangxin1(a)huawei.com> crypto: virtio - Wait for tasklet to complete on device remove Osama Muhammad <osmtendev(a)gmail.com> gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Sergey Shtylyov <s.shtylyov(a)omp.ru> pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix error handling in sahara_hw_descriptor_create() Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix processing requests with cryptlen < sg->length Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - fix ahash selftest failure Ovidiu Panait <ovidiu.panait(a)windriver.com> crypto: sahara - remove FLAGS_NEW_KEY logic Herbert Xu <herbert(a)gondor.apana.org.au> crypto: af_alg - Disallow multiple in-flight AIO requests Dinghao Liu <dinghao.liu(a)zju.edu.cn> crypto: ccp - fix memleak in ccp_init_dm_workarea zhenwei pi <pizhenwei(a)bytedance.com> virtio_crypto: Introduce VIRTIO_CRYPTO_NOSPC Ram Muthiah <rammuthiah(a)google.com> crypto: virtio - don't use 'default m' Gonglei (Arei) <arei.gonglei(a)huawei.com> crypto: virtio - Handle dataq logic with tasklet Mickaël Salaün <mic(a)digikod.net> selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket ZhaoLong Wang <wangzhaolong1(a)huawei.com> mtd: Fix gluebi NULL pointer dereference caused by ftl notifier Wolfram Sang <wsa+renesas(a)sang-engineering.com> spi: sh-msiof: Enforce fixed DTDL for R-Car H3 Gavrilov Ilia <Ilia.Gavrilov(a)infotecs.ru> calipso: fix memory leak in netlbl_calipso_add_pass() Zheng Yejian <zhengyejian1(a)huawei.com> netlabel: remove unused parameter in netlbl_netlink_auditinfo() Andrew Lunn <andrew(a)lunn.ch> net: netlabel: Fix kerneldoc warnings Nikita Kiryushin <kiryushin(a)ancud.ru> ACPI: LPIT: Avoid u32 multiplication overflow Nikita Kiryushin <kiryushin(a)ancud.ru> ACPI: video: check for error while searching for backlight device parent Ronald Monthero <debug.penguin32(a)gmail.com> mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response Kunwu Chan <chentao(a)kylinos.cn> powerpc/imc-pmu: Add a null pointer check in update_events_in_group() Kunwu Chan <chentao(a)kylinos.cn> powerpc/powernv: Add a null pointer check in opal_powercap_init() Kunwu Chan <chentao(a)kylinos.cn> powerpc/powernv: Add a null pointer check in opal_event_init() Kunwu Chan <chentao(a)kylinos.cn> powerpc/powernv: Add a null pointer check to scom_debug_init_one() Michael Ellerman <mpe(a)ellerman.id.au> selftests/powerpc: Fix error handling in FPU/VMX preemption tests Nathan Lynch <nathanl(a)linux.ibm.com> powerpc/pseries/memhp: Fix access beyond end of drmem array Laurent Dufour <ldufour(a)linux.ibm.com> powerpc/pseries/memhotplug: Quieten some DLPAR operations Randy Dunlap <rdunlap(a)infradead.org> powerpc/44x: select I2C for CURRITUCK Masahiro Yamada <masahiroy(a)kernel.org> powerpc: add crtsavres.o to always-y instead of extra-y Arnd Bergmann <arnd(a)arndb.de> EDAC/thunderx: Fix possible out-of-bounds string access Colin Ian King <colin.i.king(a)gmail.com> x86/lib: Fix overflow when counting digits James Clark <james.clark(a)arm.com> coresight: etm4x: Fix width of CCITMIN field Cameron Williams <cang1(a)live.co.uk> parport: parport_serial: Add Brainboxes device IDs and geometry Cameron Williams <cang1(a)live.co.uk> parport: parport_serial: Add Brainboxes BAR details Guanghui Feng <guanghuifeng(a)linux.alibaba.com> uio: Fix use-after-free in uio_open Carlos Llamas <cmllamas(a)google.com> binder: fix comment on binder_alloc_new_buf() return value Carlos Llamas <cmllamas(a)google.com> binder: fix trivial typo of binder_free_buf_locked() Carlos Llamas <cmllamas(a)google.com> binder: use EPOLLERR from eventpoll.h Hans de Goede <hdegoede(a)redhat.com> ACPI: resource: Add another DMI match for the TongFang GMxXGxx Jani Nikula <jani.nikula(a)intel.com> drm/crtc: fix uninitialized variable use Stefan Wahren <wahrenst(a)gmx.net> ARM: sun9i: smp: fix return code check of of_property_match_string Matthew Wilcox (Oracle) <willy(a)infradead.org> ida: Fix crash in ida_free when the bitmap is empty Luca Weiss <luca(a)z3ntu.xyz> Input: xpad - add Razer Wolverine V2 support Vineet Gupta <vgupta(a)kernel.org> ARC: fix spare error Vineeth Vijayan <vneethv(a)linux.ibm.com> s390/scm: fix virtual vs physical address confusion Esther Shimanovich <eshimanovich(a)chromium.org> Input: i8042 - add nomux quirk for Acer P459-G2-M Hans de Goede <hdegoede(a)redhat.com> Input: atkbd - skip ATKBD_CMD_GETID in translated mode Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning Steven Rostedt (Google) <rostedt(a)goodmis.org> ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Add size check when printing trace_marker output Steven Rostedt (Google) <rostedt(a)goodmis.org> tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing Judy Hsiao <judyhsiao(a)chromium.org> neighbour: Don't let neigh_forced_gc() disable preemption for long Ziqi Zhao <astrajoan(a)yahoo.com> drm/crtc: Fix uninit-value bug in drm_mode_setcrtc Zhang Yi <yi.zhang(a)huawei.com> jbd2: correct the printing of write_flags in jbd2_write_superblock() Weihao Li <cn.liweihao(a)gmail.com> clk: rockchip: rk3128: Fix HCLK_OTG gate register Inki Dae <inki.dae(a)samsung.com> drm/exynos: fix a wrong error checking Xiang Yang <xiangyang3(a)huawei.com> drm/exynos: fix a potential error pointer dereference Keith Busch <kbusch(a)kernel.org> nvme: introduce helper function to get ctrl state David Rau <David.Rau.opensource(a)dm.renesas.com> ASoC: da7219: Support low DC impedance headset Thinh Tran <thinhtr(a)linux.vnet.ibm.com> net/tg3: fix race condition in tg3_reset_task() Dave Airlie <airlied(a)redhat.com> nouveau/tu102: flush all pdbs on vmm flush Shuming Fan <shumingf(a)realtek.com> ASoC: rt5650: add mutex to avoid the jack detection failure Maciej Strozek <mstrozek(a)opensource.cirrus.com> ASoC: cs43130: Fix incorrect frame delay configuration Maciej Strozek <mstrozek(a)opensource.cirrus.com> ASoC: cs43130: Fix the position of const qualifier Kamil Duljas <kamil.duljas(a)gmail.com> ASoC: Intel: Skylake: mem leak in skl register function David Lin <CTLIN0(a)nuvoton.com> ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 Kamil Duljas <kamil.duljas(a)gmail.com> ASoC: Intel: Skylake: Fix mem leak in few functions Vasiliy Kovalev <kovalev(a)altlinux.org> ALSA: hda - Fix speaker and headset mic pin config for CHUWI CoreBook XPro Charles Keepax <ckeepax(a)opensource.cirrus.com> pinctrl: lochnagar: Don't build on MIPS Eric Biggers <ebiggers(a)google.com> f2fs: explicitly null-terminate the xattr list ------------- Diffstat: Makefile | 4 +- arch/arc/kernel/signal.c | 6 +- arch/arm/boot/dts/qcom-apq8064.dtsi | 2 +- arch/arm/mach-davinci/Kconfig | 1 + arch/arm/mach-sunxi/mc_smp.c | 4 +- arch/arm64/boot/dts/qcom/sdm845-db845c.dts | 2 +- arch/mips/alchemy/devboards/db1200.c | 2 +- arch/mips/alchemy/devboards/db1550.c | 2 +- arch/mips/kernel/setup.c | 4 +- arch/powerpc/lib/Makefile | 2 +- arch/powerpc/perf/imc-pmu.c | 6 + arch/powerpc/platforms/44x/Kconfig | 1 + arch/powerpc/platforms/powernv/opal-irqchip.c | 2 + arch/powerpc/platforms/powernv/opal-powercap.c | 6 + arch/powerpc/platforms/powernv/opal-xscom.c | 5 + arch/powerpc/platforms/pseries/hotplug-memory.c | 21 ++-- arch/s390/include/asm/pci_io.h | 32 +++--- arch/s390/pci/pci_mmio.c | 12 +- arch/x86/kernel/kvmclock.c | 12 +- arch/x86/lib/misc.c | 2 +- crypto/af_alg.c | 14 ++- crypto/scompress.c | 6 + drivers/acpi/acpi_lpit.c | 2 +- drivers/acpi/acpi_video.c | 12 +- drivers/acpi/property.c | 4 + drivers/acpi/resource.c | 7 ++ drivers/android/binder.c | 4 +- drivers/android/binder_alloc.c | 84 +++++++++++--- drivers/android/binder_alloc.h | 5 +- drivers/android/binder_alloc_selftest.c | 2 +- drivers/base/swnode.c | 3 + drivers/bluetooth/btmtkuart.c | 11 +- drivers/clk/clk-si5341.c | 4 +- drivers/clk/rockchip/clk-rk3128.c | 2 +- drivers/clk/zynqmp/clk-mux-zynqmp.c | 2 +- drivers/crypto/ccp/ccp-ops.c | 5 +- drivers/crypto/sahara.c | 127 ++++++++------------- drivers/crypto/virtio/Kconfig | 1 - drivers/crypto/virtio/virtio_crypto_common.h | 2 + drivers/crypto/virtio/virtio_crypto_core.c | 26 +++-- drivers/edac/thunderx_edac.c | 10 +- drivers/firmware/ti_sci.c | 10 +- drivers/gpu/drm/amd/amdgpu/amdgpu_debugfs.c | 4 +- drivers/gpu/drm/amd/amdgpu/kv_dpm.c | 4 +- drivers/gpu/drm/amd/amdgpu/si_dpm.c | 5 +- drivers/gpu/drm/bridge/tc358767.c | 2 +- drivers/gpu/drm/drm_crtc.c | 8 +- drivers/gpu/drm/drm_drv.c | 10 +- drivers/gpu/drm/exynos/exynos_drm_dma.c | 8 +- drivers/gpu/drm/exynos/exynos_hdmi.c | 2 + drivers/gpu/drm/msm/disp/mdp4/mdp4_crtc.c | 9 ++ drivers/gpu/drm/msm/dsi/phy/dsi_phy.c | 4 +- drivers/gpu/drm/nouveau/nvkm/subdev/mmu/vmmtu102.c | 2 +- drivers/gpu/drm/radeon/r100.c | 4 +- drivers/gpu/drm/radeon/r600_cs.c | 4 +- drivers/gpu/drm/radeon/radeon_display.c | 7 +- drivers/gpu/drm/radeon/radeon_vm.c | 8 +- drivers/gpu/drm/radeon/si.c | 4 + drivers/gpu/drm/radeon/sumo_dpm.c | 4 +- drivers/gpu/drm/radeon/trinity_dpm.c | 4 +- drivers/hid/wacom_wac.c | 32 +----- drivers/hwtracing/coresight/coresight-etm4x.h | 2 +- drivers/i2c/busses/i2c-s3c2410.c | 40 ++++--- drivers/infiniband/hw/mthca/mthca_cmd.c | 4 +- drivers/infiniband/hw/mthca/mthca_main.c | 2 +- drivers/input/joystick/xpad.c | 1 + drivers/input/keyboard/atkbd.c | 50 +++++++- drivers/input/serio/i8042-x86ia64io.h | 8 ++ drivers/media/dvb-core/dvbdev.c | 2 + drivers/media/usb/cx231xx/cx231xx-core.c | 2 + drivers/media/usb/pvrusb2/pvrusb2-context.c | 3 +- drivers/mmc/host/Kconfig | 5 +- drivers/mtd/mtd_blkdevs.c | 4 +- drivers/mtd/nand/raw/fsl_ifc_nand.c | 2 +- drivers/net/dsa/vitesse-vsc73xx-core.c | 2 + drivers/net/ethernet/broadcom/tg3.c | 11 +- .../net/ethernet/mellanox/mlxsw/spectrum_acl_erp.c | 8 +- drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c | 2 +- drivers/net/ethernet/renesas/ravb_main.c | 2 +- drivers/net/phy/micrel.c | 1 + drivers/net/wireless/marvell/libertas/Kconfig | 2 - drivers/net/wireless/marvell/mwifiex/cfg80211.c | 2 + drivers/net/wireless/marvell/mwifiex/fw.h | 1 + drivers/net/wireless/marvell/mwifiex/ioctl.h | 1 + drivers/net/wireless/marvell/mwifiex/uap_cmd.c | 8 ++ drivers/net/wireless/realtek/rtlwifi/pci.c | 79 +++---------- drivers/net/wireless/realtek/rtlwifi/pci.h | 5 - .../net/wireless/realtek/rtlwifi/rtl8188ee/phy.c | 20 +--- .../wireless/realtek/rtlwifi/rtl8192c/phy_common.c | 16 +-- .../wireless/realtek/rtlwifi/rtl8192c/phy_common.h | 1 - .../net/wireless/realtek/rtlwifi/rtl8192ce/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8192ce/phy.h | 1 - .../net/wireless/realtek/rtlwifi/rtl8192cu/phy.c | 6 +- .../net/wireless/realtek/rtlwifi/rtl8192de/phy.c | 66 ++++------- .../net/wireless/realtek/rtlwifi/rtl8192ee/phy.c | 20 +--- .../net/wireless/realtek/rtlwifi/rtl8192se/phy.c | 20 +--- .../realtek/rtlwifi/rtl8723com/phy_common.c | 8 +- .../net/wireless/realtek/rtlwifi/rtl8821ae/phy.c | 19 ++- drivers/net/wireless/realtek/rtlwifi/wifi.h | 7 ++ drivers/net/wireless/realtek/rtw88/mac80211.c | 4 +- drivers/net/xen-netback/netback.c | 44 ++++++- drivers/nvme/host/nvme.h | 5 + drivers/nvme/target/tcp.c | 20 +++- drivers/of/base.c | 1 + drivers/of/unittest-data/tests-phandle.dtsi | 10 +- drivers/of/unittest.c | 74 +++++++----- drivers/parport/parport_serial.c | 64 +++++++++++ drivers/pci/controller/dwc/pci-keystone.c | 9 ++ drivers/pinctrl/cirrus/Kconfig | 3 +- drivers/reset/hisilicon/hi6220_reset.c | 2 +- drivers/s390/block/scm_blk.c | 7 +- drivers/scsi/fnic/fnic_debugfs.c | 3 +- drivers/scsi/hisi_sas/hisi_sas_main.c | 4 +- drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 2 +- drivers/spi/spi-sh-msiof.c | 17 +++ drivers/tty/serial/8250/8250_omap.c | 2 +- drivers/tty/serial/imx.c | 2 +- drivers/uio/uio.c | 7 +- drivers/usb/chipidea/core.c | 7 ++ drivers/usb/dwc3/core.c | 39 +------ drivers/usb/dwc3/ep0.c | 5 +- drivers/usb/mon/mon_bin.c | 7 +- drivers/usb/phy/phy-mxs-usb.c | 3 +- drivers/usb/typec/class.c | 4 +- drivers/video/fbdev/core/fb_defio.c | 6 +- drivers/watchdog/bcm2835_wdt.c | 3 +- drivers/watchdog/hpwdt.c | 2 +- drivers/watchdog/watchdog_dev.c | 3 +- fs/f2fs/namei.c | 2 +- fs/f2fs/xattr.c | 6 + fs/gfs2/rgrp.c | 2 +- fs/jbd2/journal.c | 4 +- fs/nfs/blocklayout/blocklayout.c | 2 + fs/nfs/nfs4proc.c | 3 + fs/pstore/ram_core.c | 2 +- include/crypto/if_alg.h | 3 + include/drm/drm_bridge.h | 2 +- include/net/bluetooth/hci_core.h | 1 - include/uapi/linux/virtio_crypto.h | 1 + init/do_mounts.c | 9 +- kernel/bpf/lpm_trie.c | 3 + kernel/debug/kdb/kdb_main.c | 14 ++- kernel/dma/coherent.c | 4 +- kernel/time/tick-sched.c | 5 + kernel/trace/ring_buffer.c | 6 + kernel/trace/trace.c | 6 +- kernel/trace/trace_output.c | 6 +- lib/idr.c | 2 +- lib/test_ida.c | 40 +++++++ net/bluetooth/hci_conn.c | 8 +- net/bluetooth/hci_event.c | 11 +- net/core/neighbour.c | 9 +- net/ipv6/ip6_tunnel.c | 26 ++--- net/ncsi/internal.h | 9 +- net/ncsi/ncsi-netlink.c | 4 +- net/ncsi/ncsi-pkt.h | 7 +- net/ncsi/ncsi-rsp.c | 26 ++++- net/netfilter/ipvs/ip_vs_xmit.c | 4 +- net/netfilter/nf_tables_api.c | 3 +- net/netlabel/netlabel_calipso.c | 52 +++++---- net/netlabel/netlabel_cipso_v4.c | 4 +- net/netlabel/netlabel_mgmt.c | 8 +- net/netlabel/netlabel_unlabeled.c | 10 +- net/netlabel/netlabel_user.h | 4 +- net/vmw_vsock/virtio_transport_common.c | 13 ++- security/apparmor/policy_unpack.c | 4 + security/selinux/hooks.c | 7 ++ sound/pci/hda/patch_realtek.c | 10 ++ sound/pci/oxygen/oxygen_mixer.c | 2 +- sound/soc/atmel/sam9g20_wm8731.c | 61 ++++++++++ sound/soc/codecs/cs35l33.c | 4 +- sound/soc/codecs/cs35l34.c | 4 +- sound/soc/codecs/cs43130.c | 6 +- sound/soc/codecs/da7219-aad.c | 2 +- sound/soc/codecs/nau8822.c | 9 +- sound/soc/codecs/rt5645.c | 10 +- sound/soc/intel/skylake/skl-pcm.c | 9 +- sound/soc/intel/skylake/skl-sst-ipc.c | 4 +- tools/perf/builtin-record.c | 23 +++- tools/perf/builtin-top.c | 22 +++- tools/perf/util/bpf-event.c | 11 +- tools/perf/util/bpf-event.h | 19 ++- tools/perf/util/env.c | 90 ++++++++++++--- tools/perf/util/env.h | 10 ++ tools/perf/util/evlist.c | 21 +--- tools/perf/util/evlist.h | 2 +- tools/perf/util/genelf.c | 6 +- tools/perf/util/header.c | 8 +- tools/perf/util/top.h | 2 +- .../drivers/net/mlxsw/spectrum-2/tc_flower.sh | 52 ++++++++- .../selftests/net/fib_nexthop_multiprefix.sh | 4 +- tools/testing/selftests/powerpc/math/fpu_preempt.c | 9 +- tools/testing/selftests/powerpc/math/vmx_preempt.c | 10 +- 193 files changed, 1335 insertions(+), 801 deletions(-)

1 year, 8 months

7
202
0 0

[PATCH 6.1.y] cifs: Convert struct fealist away from 1-element array

by Vitaly Chikunov

From: Kees Cook <keescook(a)chromium.org> commit 398d5843c03261a2b68730f2f00643826bcec6ba upstream. The kernel is globally removing the ambiguous 0-length and 1-element arrays in favor of flexible arrays, so that we can gain both compile-time and run-time array bounds checking[1]. While struct fealist is defined as a "fake" flexible array (via a 1-element array), it is only used for examination of the first array element. Walking the list is performed separately, so there is no reason to treat the "list" member of struct fealist as anything other than a single entry. Adjust the struct and code to match. Additionally, struct fea uses the "name" member either as a dynamic string, or is manually calculated from the start of the struct. Redefine the member as a flexible array. No machine code output differences are produced after these changes. [1] For lots of details, see both: https://docs.kernel.org/process/deprecated.html#zero-length-and-one-element… https://people.kernel.org/kees/bounded-flexible-arrays-in-c Cc: Steve French <sfrench(a)samba.org> Cc: Paulo Alcantara <pc(a)cjr.nz> Cc: Ronnie Sahlberg <lsahlber(a)redhat.com> Cc: Shyam Prasad N <sprasad(a)microsoft.com> Cc: Tom Talpey <tom(a)talpey.com> Cc: linux-cifs(a)vger.kernel.org Cc: samba-technical(a)lists.samba.org Signed-off-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Steve French <stfrench(a)microsoft.com> [ vt: Tested to not break build on x86_64 over v6.1.78. Bug report at [1]. ] Link: https://lore.kernel.org/all/qjyfz2xftsbch6aozgplxyjfyqnuhn7j44udrucls4pqa5e… Cc: stable(a)vger.kernel.org # 6.1 Signed-off-by: Vitaly Chikunov <vt(a)altlinux.org> --- fs/smb/client/cifspdu.h | 4 ++-- fs/smb/client/cifssmb.c | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/fs/smb/client/cifspdu.h b/fs/smb/client/cifspdu.h index 97bb1838555b..96ed0a4a2ce2 100644 --- a/fs/smb/client/cifspdu.h +++ b/fs/smb/client/cifspdu.h @@ -2593,7 +2593,7 @@ struct fea { unsigned char EA_flags; __u8 name_len; __le16 value_len; - char name[1]; + char name[]; /* optionally followed by value */ } __attribute__((packed)); /* flags for _FEA.fEA */ @@ -2601,7 +2601,7 @@ struct fea { struct fealist { __le32 list_len; - struct fea list[1]; + struct fea list; } __attribute__((packed)); /* used to hold an arbitrary blob of data */ diff --git a/fs/smb/client/cifssmb.c b/fs/smb/client/cifssmb.c index 67c5fc2b2db9..784fc5ba2c44 100644 --- a/fs/smb/client/cifssmb.c +++ b/fs/smb/client/cifssmb.c @@ -5697,7 +5697,7 @@ CIFSSMBQAllEAs(const unsigned int xid, struct cifs_tcon *tcon, /* account for ea list len */ list_len -= 4; - temp_fea = ea_response_data->list; + temp_fea = &ea_response_data->list; temp_ptr = (char *)temp_fea; while (list_len > 0) { unsigned int name_len; @@ -5812,7 +5812,7 @@ CIFSSMBSetEA(const unsigned int xid, struct cifs_tcon *tcon, else name_len = strnlen(ea_name, 255); - count = sizeof(*parm_data) + ea_value_len + name_len; + count = sizeof(*parm_data) + 1 + ea_value_len + name_len; pSMB->MaxParameterCount = cpu_to_le16(2); /* BB find max SMB PDU from sess */ pSMB->MaxDataCount = cpu_to_le16(1000); @@ -5836,14 +5836,14 @@ CIFSSMBSetEA(const unsigned int xid, struct cifs_tcon *tcon, byte_count = 3 /* pad */ + params + count; pSMB->DataCount = cpu_to_le16(count); parm_data->list_len = cpu_to_le32(count); - parm_data->list[0].EA_flags = 0; + parm_data->list.EA_flags = 0; /* we checked above that name len is less than 255 */ - parm_data->list[0].name_len = (__u8)name_len; + parm_data->list.name_len = (__u8)name_len; /* EA names are always ASCII */ if (ea_name) - strncpy(parm_data->list[0].name, ea_name, name_len); - parm_data->list[0].name[name_len] = 0; - parm_data->list[0].value_len = cpu_to_le16(ea_value_len); + strncpy(parm_data->list.name, ea_name, name_len); + parm_data->list.name[name_len] = '\0'; + parm_data->list.value_len = cpu_to_le16(ea_value_len); /* caller ensures that ea_value_len is less than 64K but we need to ensure that it fits within the smb */ @@ -5851,7 +5851,7 @@ CIFSSMBSetEA(const unsigned int xid, struct cifs_tcon *tcon, negotiated SMB buffer size BB */ /* if (ea_value_len > buffer_size - 512 (enough for header)) */ if (ea_value_len) - memcpy(parm_data->list[0].name+name_len+1, + memcpy(parm_data->list.name + name_len + 1, ea_value, ea_value_len); pSMB->TotalDataCount = pSMB->DataCount; -- 2.42.1

1 year, 8 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: don't drop extent_map for free space inode on write" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-4.19.y git checkout FETCH_HEAD git cherry-pick -x 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021802-crunchy-presoak-d1f4@gregkh' --subject-prefix 'PATCH 4.19.y' HEAD^.. Possible dependencies: 5571e41ec6e5 ("btrfs: don't drop extent_map for free space inode on write error") 4c0c8cfc8433 ("btrfs: move btrfs_drop_extent_cache() to extent_map.c") cef7820d6abf ("btrfs: fix missed extent on fsync after dropping extent maps") 570eb97bace8 ("btrfs: unify the lock/unlock extent variants") dbbf49928f2e ("btrfs: remove the wake argument from clear_extent_bits") e3974c669472 ("btrfs: move core extent_io_tree functions to extent-io-tree.c") 38830018387e ("btrfs: move a few exported extent_io_tree helpers to extent-io-tree.c") 04eba8932392 ("btrfs: temporarily export and then move extent state helpers") 91af24e48474 ("btrfs: temporarily export and move core extent_io_tree tree functions") 6962541e964f ("btrfs: move btrfs_debug_check_extent_io_range into extent-io-tree.c") ec39e39bbf97 ("btrfs: export wait_extent_bit") a66318872c41 ("btrfs: move simple extent bit helpers out of extent_io.c") ad795329574c ("btrfs: convert BUG_ON(EXTENT_BIT_LOCKED) checks to ASSERT's") 83cf709a89fb ("btrfs: move extent state init and alloc functions to their own file") c45379a20fbc ("btrfs: temporarily export alloc_extent_state helpers") a40246e8afc0 ("btrfs: separate out the eb and extent state leak helpers") a62a3bd9546b ("btrfs: separate out the extent state and extent buffer init code") 87c11705cc94 ("btrfs: convert the io_failure_tree to a plain rb_tree") a2061748052c ("btrfs: unexport internal failrec functions") 0d0a762c419a ("btrfs: rename clean_io_failure and remove extraneous args") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade Mon Sep 17 00:00:00 2001 From: Josef Bacik <josef(a)toxicpanda.com> Date: Wed, 31 Jan 2024 14:27:25 -0500 Subject: [PATCH] btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385 ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:1385! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1 RIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0 Call Trace: <TASK> extent_write_cache_pages+0x2ac/0x8f0 extent_writepages+0x87/0x110 do_writepages+0xd5/0x1f0 filemap_fdatawrite_wbc+0x63/0x90 __filemap_fdatawrite_range+0x5c/0x80 btrfs_fdatawrite_range+0x1f/0x50 btrfs_write_out_cache+0x507/0x560 btrfs_write_dirty_block_groups+0x32a/0x420 commit_cowonly_roots+0x21b/0x290 btrfs_commit_transaction+0x813/0x1360 btrfs_sync_file+0x51a/0x640 __x64_sys_fdatasync+0x52/0x90 do_syscall_64+0x9c/0x190 entry_SYSCALL_64_after_hwframe+0x6e/0x76 This happens because we fail to write out the free space cache in one instance, come back around and attempt to write it again. However on the second pass through we go to call btrfs_get_extent() on the inode to get the extent mapping. Because this is a new block group, and with the free space inode we always search the commit root to avoid deadlocking with the tree, we find nothing and return a EXTENT_MAP_HOLE for the requested range. This happens because the first time we try to write the space cache out we hit an error, and on an error we drop the extent mapping. This is normal for normal files, but the free space cache inode is special. We always expect the extent map to be correct. Thus the second time through we end up with a bogus extent map. Since we're deprecating this feature, the most straightforward way to fix this is to simply skip dropping the extent map range for this failed range. I shortened the test by using error injection to stress the area to make it easier to reproduce. With this patch in place we no longer panic with my error injection test. CC: stable(a)vger.kernel.org # 4.14+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 7bcc1c03437a..d232eca1bbee 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -3184,8 +3184,23 @@ int btrfs_finish_one_ordered(struct btrfs_ordered_extent *ordered_extent) unwritten_start += logical_len; clear_extent_uptodate(io_tree, unwritten_start, end, NULL); - /* Drop extent maps for the part of the extent we didn't write. */ - btrfs_drop_extent_map_range(inode, unwritten_start, end, false); + /* + * Drop extent maps for the part of the extent we didn't write. + * + * We have an exception here for the free_space_inode, this is + * because when we do btrfs_get_extent() on the free space inode + * we will search the commit root. If this is a new block group + * we won't find anything, and we will trip over the assert in + * writepage where we do ASSERT(em->block_start != + * EXTENT_MAP_HOLE). + * + * Theoretically we could also skip this for any NOCOW extent as + * we don't mess with the extent map tree in the NOCOW case, but + * for now simply skip this if we are the free space inode. + */ + if (!btrfs_is_free_space_inode(inode)) + btrfs_drop_extent_map_range(inode, unwritten_start, + end, false); /* * If the ordered extent had an IOERR or something else went

1 year, 8 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: don't drop extent_map for free space inode on write" failed to apply to 5.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.4.y git checkout FETCH_HEAD git cherry-pick -x 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021800-willed-chug-3616@gregkh' --subject-prefix 'PATCH 5.4.y' HEAD^.. Possible dependencies: 5571e41ec6e5 ("btrfs: don't drop extent_map for free space inode on write error") 4c0c8cfc8433 ("btrfs: move btrfs_drop_extent_cache() to extent_map.c") cef7820d6abf ("btrfs: fix missed extent on fsync after dropping extent maps") 570eb97bace8 ("btrfs: unify the lock/unlock extent variants") dbbf49928f2e ("btrfs: remove the wake argument from clear_extent_bits") e3974c669472 ("btrfs: move core extent_io_tree functions to extent-io-tree.c") 38830018387e ("btrfs: move a few exported extent_io_tree helpers to extent-io-tree.c") 04eba8932392 ("btrfs: temporarily export and then move extent state helpers") 91af24e48474 ("btrfs: temporarily export and move core extent_io_tree tree functions") 6962541e964f ("btrfs: move btrfs_debug_check_extent_io_range into extent-io-tree.c") ec39e39bbf97 ("btrfs: export wait_extent_bit") a66318872c41 ("btrfs: move simple extent bit helpers out of extent_io.c") ad795329574c ("btrfs: convert BUG_ON(EXTENT_BIT_LOCKED) checks to ASSERT's") 83cf709a89fb ("btrfs: move extent state init and alloc functions to their own file") c45379a20fbc ("btrfs: temporarily export alloc_extent_state helpers") a40246e8afc0 ("btrfs: separate out the eb and extent state leak helpers") a62a3bd9546b ("btrfs: separate out the extent state and extent buffer init code") 87c11705cc94 ("btrfs: convert the io_failure_tree to a plain rb_tree") a2061748052c ("btrfs: unexport internal failrec functions") 0d0a762c419a ("btrfs: rename clean_io_failure and remove extraneous args") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade Mon Sep 17 00:00:00 2001 From: Josef Bacik <josef(a)toxicpanda.com> Date: Wed, 31 Jan 2024 14:27:25 -0500 Subject: [PATCH] btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385 ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:1385! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1 RIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0 Call Trace: <TASK> extent_write_cache_pages+0x2ac/0x8f0 extent_writepages+0x87/0x110 do_writepages+0xd5/0x1f0 filemap_fdatawrite_wbc+0x63/0x90 __filemap_fdatawrite_range+0x5c/0x80 btrfs_fdatawrite_range+0x1f/0x50 btrfs_write_out_cache+0x507/0x560 btrfs_write_dirty_block_groups+0x32a/0x420 commit_cowonly_roots+0x21b/0x290 btrfs_commit_transaction+0x813/0x1360 btrfs_sync_file+0x51a/0x640 __x64_sys_fdatasync+0x52/0x90 do_syscall_64+0x9c/0x190 entry_SYSCALL_64_after_hwframe+0x6e/0x76 This happens because we fail to write out the free space cache in one instance, come back around and attempt to write it again. However on the second pass through we go to call btrfs_get_extent() on the inode to get the extent mapping. Because this is a new block group, and with the free space inode we always search the commit root to avoid deadlocking with the tree, we find nothing and return a EXTENT_MAP_HOLE for the requested range. This happens because the first time we try to write the space cache out we hit an error, and on an error we drop the extent mapping. This is normal for normal files, but the free space cache inode is special. We always expect the extent map to be correct. Thus the second time through we end up with a bogus extent map. Since we're deprecating this feature, the most straightforward way to fix this is to simply skip dropping the extent map range for this failed range. I shortened the test by using error injection to stress the area to make it easier to reproduce. With this patch in place we no longer panic with my error injection test. CC: stable(a)vger.kernel.org # 4.14+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 7bcc1c03437a..d232eca1bbee 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -3184,8 +3184,23 @@ int btrfs_finish_one_ordered(struct btrfs_ordered_extent *ordered_extent) unwritten_start += logical_len; clear_extent_uptodate(io_tree, unwritten_start, end, NULL); - /* Drop extent maps for the part of the extent we didn't write. */ - btrfs_drop_extent_map_range(inode, unwritten_start, end, false); + /* + * Drop extent maps for the part of the extent we didn't write. + * + * We have an exception here for the free_space_inode, this is + * because when we do btrfs_get_extent() on the free space inode + * we will search the commit root. If this is a new block group + * we won't find anything, and we will trip over the assert in + * writepage where we do ASSERT(em->block_start != + * EXTENT_MAP_HOLE). + * + * Theoretically we could also skip this for any NOCOW extent as + * we don't mess with the extent map tree in the NOCOW case, but + * for now simply skip this if we are the free space inode. + */ + if (!btrfs_is_free_space_inode(inode)) + btrfs_drop_extent_map_range(inode, unwritten_start, + end, false); /* * If the ordered extent had an IOERR or something else went

1 year, 8 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: don't drop extent_map for free space inode on write" failed to apply to 5.10-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.10-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.10.y git checkout FETCH_HEAD git cherry-pick -x 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021858-sharpie-diffusive-52e1@gregkh' --subject-prefix 'PATCH 5.10.y' HEAD^.. Possible dependencies: 5571e41ec6e5 ("btrfs: don't drop extent_map for free space inode on write error") 4c0c8cfc8433 ("btrfs: move btrfs_drop_extent_cache() to extent_map.c") cef7820d6abf ("btrfs: fix missed extent on fsync after dropping extent maps") 570eb97bace8 ("btrfs: unify the lock/unlock extent variants") dbbf49928f2e ("btrfs: remove the wake argument from clear_extent_bits") e3974c669472 ("btrfs: move core extent_io_tree functions to extent-io-tree.c") 38830018387e ("btrfs: move a few exported extent_io_tree helpers to extent-io-tree.c") 04eba8932392 ("btrfs: temporarily export and then move extent state helpers") 91af24e48474 ("btrfs: temporarily export and move core extent_io_tree tree functions") 6962541e964f ("btrfs: move btrfs_debug_check_extent_io_range into extent-io-tree.c") ec39e39bbf97 ("btrfs: export wait_extent_bit") a66318872c41 ("btrfs: move simple extent bit helpers out of extent_io.c") ad795329574c ("btrfs: convert BUG_ON(EXTENT_BIT_LOCKED) checks to ASSERT's") 83cf709a89fb ("btrfs: move extent state init and alloc functions to their own file") c45379a20fbc ("btrfs: temporarily export alloc_extent_state helpers") a40246e8afc0 ("btrfs: separate out the eb and extent state leak helpers") a62a3bd9546b ("btrfs: separate out the extent state and extent buffer init code") 87c11705cc94 ("btrfs: convert the io_failure_tree to a plain rb_tree") a2061748052c ("btrfs: unexport internal failrec functions") 0d0a762c419a ("btrfs: rename clean_io_failure and remove extraneous args") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade Mon Sep 17 00:00:00 2001 From: Josef Bacik <josef(a)toxicpanda.com> Date: Wed, 31 Jan 2024 14:27:25 -0500 Subject: [PATCH] btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385 ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:1385! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1 RIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0 Call Trace: <TASK> extent_write_cache_pages+0x2ac/0x8f0 extent_writepages+0x87/0x110 do_writepages+0xd5/0x1f0 filemap_fdatawrite_wbc+0x63/0x90 __filemap_fdatawrite_range+0x5c/0x80 btrfs_fdatawrite_range+0x1f/0x50 btrfs_write_out_cache+0x507/0x560 btrfs_write_dirty_block_groups+0x32a/0x420 commit_cowonly_roots+0x21b/0x290 btrfs_commit_transaction+0x813/0x1360 btrfs_sync_file+0x51a/0x640 __x64_sys_fdatasync+0x52/0x90 do_syscall_64+0x9c/0x190 entry_SYSCALL_64_after_hwframe+0x6e/0x76 This happens because we fail to write out the free space cache in one instance, come back around and attempt to write it again. However on the second pass through we go to call btrfs_get_extent() on the inode to get the extent mapping. Because this is a new block group, and with the free space inode we always search the commit root to avoid deadlocking with the tree, we find nothing and return a EXTENT_MAP_HOLE for the requested range. This happens because the first time we try to write the space cache out we hit an error, and on an error we drop the extent mapping. This is normal for normal files, but the free space cache inode is special. We always expect the extent map to be correct. Thus the second time through we end up with a bogus extent map. Since we're deprecating this feature, the most straightforward way to fix this is to simply skip dropping the extent map range for this failed range. I shortened the test by using error injection to stress the area to make it easier to reproduce. With this patch in place we no longer panic with my error injection test. CC: stable(a)vger.kernel.org # 4.14+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 7bcc1c03437a..d232eca1bbee 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -3184,8 +3184,23 @@ int btrfs_finish_one_ordered(struct btrfs_ordered_extent *ordered_extent) unwritten_start += logical_len; clear_extent_uptodate(io_tree, unwritten_start, end, NULL); - /* Drop extent maps for the part of the extent we didn't write. */ - btrfs_drop_extent_map_range(inode, unwritten_start, end, false); + /* + * Drop extent maps for the part of the extent we didn't write. + * + * We have an exception here for the free_space_inode, this is + * because when we do btrfs_get_extent() on the free space inode + * we will search the commit root. If this is a new block group + * we won't find anything, and we will trip over the assert in + * writepage where we do ASSERT(em->block_start != + * EXTENT_MAP_HOLE). + * + * Theoretically we could also skip this for any NOCOW extent as + * we don't mess with the extent map tree in the NOCOW case, but + * for now simply skip this if we are the free space inode. + */ + if (!btrfs_is_free_space_inode(inode)) + btrfs_drop_extent_map_range(inode, unwritten_start, + end, false); /* * If the ordered extent had an IOERR or something else went

1 year, 8 months

1
0
0 0

FAILED: patch "[PATCH] btrfs: don't drop extent_map for free space inode on write" failed to apply to 5.15-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade # <resolve conflicts, build, test, etc.> git commit -s git send-email --to '<stable(a)vger.kernel.org>' --in-reply-to '2024021856-vigorous-supper-1ca1@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^.. Possible dependencies: 5571e41ec6e5 ("btrfs: don't drop extent_map for free space inode on write error") 4c0c8cfc8433 ("btrfs: move btrfs_drop_extent_cache() to extent_map.c") cef7820d6abf ("btrfs: fix missed extent on fsync after dropping extent maps") 570eb97bace8 ("btrfs: unify the lock/unlock extent variants") dbbf49928f2e ("btrfs: remove the wake argument from clear_extent_bits") e3974c669472 ("btrfs: move core extent_io_tree functions to extent-io-tree.c") 38830018387e ("btrfs: move a few exported extent_io_tree helpers to extent-io-tree.c") 04eba8932392 ("btrfs: temporarily export and then move extent state helpers") 91af24e48474 ("btrfs: temporarily export and move core extent_io_tree tree functions") 6962541e964f ("btrfs: move btrfs_debug_check_extent_io_range into extent-io-tree.c") ec39e39bbf97 ("btrfs: export wait_extent_bit") a66318872c41 ("btrfs: move simple extent bit helpers out of extent_io.c") ad795329574c ("btrfs: convert BUG_ON(EXTENT_BIT_LOCKED) checks to ASSERT's") 83cf709a89fb ("btrfs: move extent state init and alloc functions to their own file") c45379a20fbc ("btrfs: temporarily export alloc_extent_state helpers") a40246e8afc0 ("btrfs: separate out the eb and extent state leak helpers") a62a3bd9546b ("btrfs: separate out the extent state and extent buffer init code") 87c11705cc94 ("btrfs: convert the io_failure_tree to a plain rb_tree") a2061748052c ("btrfs: unexport internal failrec functions") 0d0a762c419a ("btrfs: rename clean_io_failure and remove extraneous args") thanks, greg k-h ------------------ original commit in Linus's tree ------------------ From 5571e41ec6e56e35f34ae9f5b3a335ef510e0ade Mon Sep 17 00:00:00 2001 From: Josef Bacik <josef(a)toxicpanda.com> Date: Wed, 31 Jan 2024 14:27:25 -0500 Subject: [PATCH] btrfs: don't drop extent_map for free space inode on write error While running the CI for an unrelated change I hit the following panic with generic/648 on btrfs_holes_spacecache. assertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385 ------------[ cut here ]------------ kernel BUG at fs/btrfs/extent_io.c:1385! invalid opcode: 0000 [#1] PREEMPT SMP NOPTI CPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1 RIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0 Call Trace: <TASK> extent_write_cache_pages+0x2ac/0x8f0 extent_writepages+0x87/0x110 do_writepages+0xd5/0x1f0 filemap_fdatawrite_wbc+0x63/0x90 __filemap_fdatawrite_range+0x5c/0x80 btrfs_fdatawrite_range+0x1f/0x50 btrfs_write_out_cache+0x507/0x560 btrfs_write_dirty_block_groups+0x32a/0x420 commit_cowonly_roots+0x21b/0x290 btrfs_commit_transaction+0x813/0x1360 btrfs_sync_file+0x51a/0x640 __x64_sys_fdatasync+0x52/0x90 do_syscall_64+0x9c/0x190 entry_SYSCALL_64_after_hwframe+0x6e/0x76 This happens because we fail to write out the free space cache in one instance, come back around and attempt to write it again. However on the second pass through we go to call btrfs_get_extent() on the inode to get the extent mapping. Because this is a new block group, and with the free space inode we always search the commit root to avoid deadlocking with the tree, we find nothing and return a EXTENT_MAP_HOLE for the requested range. This happens because the first time we try to write the space cache out we hit an error, and on an error we drop the extent mapping. This is normal for normal files, but the free space cache inode is special. We always expect the extent map to be correct. Thus the second time through we end up with a bogus extent map. Since we're deprecating this feature, the most straightforward way to fix this is to simply skip dropping the extent map range for this failed range. I shortened the test by using error injection to stress the area to make it easier to reproduce. With this patch in place we no longer panic with my error injection test. CC: stable(a)vger.kernel.org # 4.14+ Reviewed-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: Josef Bacik <josef(a)toxicpanda.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c index 7bcc1c03437a..d232eca1bbee 100644 --- a/fs/btrfs/inode.c +++ b/fs/btrfs/inode.c @@ -3184,8 +3184,23 @@ int btrfs_finish_one_ordered(struct btrfs_ordered_extent *ordered_extent) unwritten_start += logical_len; clear_extent_uptodate(io_tree, unwritten_start, end, NULL); - /* Drop extent maps for the part of the extent we didn't write. */ - btrfs_drop_extent_map_range(inode, unwritten_start, end, false); + /* + * Drop extent maps for the part of the extent we didn't write. + * + * We have an exception here for the free_space_inode, this is + * because when we do btrfs_get_extent() on the free space inode + * we will search the commit root. If this is a new block group + * we won't find anything, and we will trip over the assert in + * writepage where we do ASSERT(em->block_start != + * EXTENT_MAP_HOLE). + * + * Theoretically we could also skip this for any NOCOW extent as + * we don't mess with the extent map tree in the NOCOW case, but + * for now simply skip this if we are the free space inode. + */ + if (!btrfs_is_free_space_inode(inode)) + btrfs_drop_extent_map_range(inode, unwritten_start, + end, false); /* * If the ordered extent had an IOERR or something else went

1 year, 8 months

1
0
0 0

Btrfs fixes for 6.7.x

by David Sterba

Hi, there's been a bug in btrfs space reservation since 6.7 that is now affecting quite some users. I'd like to ask to add the fix right after it got merged to Linus' tree so it can possibly be released in 6.7.5. All apply cleanly on top of current 6.7.x tree. Thanks. 1693d5442c458ae8d5b0d58463b873cd879569ed f4a9f219411f318ae60d6ff7f129082a75686c6c 12c5128f101bfa47a08e4c0e1a75cfa2d0872bcd 2f6397e448e689adf57e6788c90f913abd7e1af8 Short ids with subjects: 1693d5442c45 btrfs: add and use helper to check if block group is used f4a9f219411f btrfs: do not delete unused block group if it may be used soon 12c5128f101b btrfs: add new unused block groups to the list of unused block groups 2f6397e448e6 btrfs: don't refill whole delayed refs block reserve when starting transaction

1 year, 8 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror February 2024