- Linux-stable-mirror - lists.linaro.org

FAILED: patch "[PATCH] binder: fix race between munmap() and direct reclaim" failed to apply to 5.0-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.0-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 5cec2d2e5839f9c0fec319c523a911e0a7fd299f Mon Sep 17 00:00:00 2001 From: Todd Kjos <tkjos(a)android.com> Date: Fri, 1 Mar 2019 15:06:06 -0800 Subject: [PATCH] binder: fix race between munmap() and direct reclaim An munmap() on a binder device causes binder_vma_close() to be called which clears the alloc->vma pointer. If direct reclaim causes binder_alloc_free_page() to be called, there is a race where alloc->vma is read into a local vma pointer and then used later after the mm->mmap_sem is acquired. This can result in calling zap_page_range() with an invalid vma which manifests as a use-after-free in zap_page_range(). The fix is to check alloc->vma after acquiring the mmap_sem (which we were acquiring anyway) and skip zap_page_range() if it has changed to NULL. Signed-off-by: Todd Kjos <tkjos(a)google.com> Reviewed-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c index 6389467670a0..195f120c4e8c 100644 --- a/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c @@ -927,14 +927,13 @@ enum lru_status binder_alloc_free_page(struct list_head *item, index = page - alloc->pages; page_addr = (uintptr_t)alloc->buffer + index * PAGE_SIZE; + + mm = alloc->vma_vm_mm; + if (!mmget_not_zero(mm)) + goto err_mmget; + if (!down_write_trylock(&mm->mmap_sem)) + goto err_down_write_mmap_sem_failed; vma = binder_alloc_get_vma(alloc); - if (vma) { - if (!mmget_not_zero(alloc->vma_vm_mm)) - goto err_mmget; - mm = alloc->vma_vm_mm; - if (!down_read_trylock(&mm->mmap_sem)) - goto err_down_write_mmap_sem_failed; - } list_lru_isolate(lru, item); spin_unlock(lock); @@ -945,10 +944,9 @@ enum lru_status binder_alloc_free_page(struct list_head *item, zap_page_range(vma, page_addr, PAGE_SIZE); trace_binder_unmap_user_end(alloc, index); - - up_read(&mm->mmap_sem); - mmput(mm); } + up_write(&mm->mmap_sem); + mmput(mm); trace_binder_unmap_kernel_start(alloc, index);

6 years, 7 months

1
0
0 0

[BACKPORT 4.4.y 00/25] candidates from spreadtrum 4.4 product kernel

by Arnd Bergmann

I took a scripted approach to look at some product kernels for patches backported into vendor kernels. This is a set of (mostly) bugfixes I found in Spreadtrum's linux-4.4 kernel that are missing in 4.4.176: ffedbd2210f2 mmc: pwrseq: constify mmc_pwrseq_ops structures c10368897e10 ALSA: compress: add support for 32bit calls in a 64bit kernel 64a67d4762ce mmc: pwrseq_simple: Make reset-gpios optional to match doc 4ec0ef3a8212 USB: iowarrior: fix oops with malicious USB descriptors e5905ff1281f mmc: debugfs: Add a restriction to mmc debugfs clock setting 4ec96b4cbde8 mmc: make MAN_BKOPS_EN message a debug ed9feec72fc1 mmc: sanitize 'bus width' in debug output 10a16a01d8f7 mmc: core: shut up "voltage-ranges unspecified" pr_info() 9772b47a4c29 usb: dwc3: gadget: Fix suspend/resume during device mode 6afedcd23cfd arm64: mm: Add trace_irqflags annotations to do_debug_exception() 437db4c6e798 mmc: mmc: Attempt to flush cache before reset e51534c80660 mmc: core: fix using wrong io voltage if mmc_select_hs200 fails e4c5800a3991 mm/rmap: replace BUG_ON(anon_vma->degree) with VM_WARN_ON 04c080080855 extcon: usb-gpio: Don't miss event during suspend/resume 78283edf2c01 kbuild: setlocalversion: print error to STDERR c526c62d565e usb: gadget: composite: fix dereference after null check coverify warning 511a36d2f357 usb: gadget: Add the gserial port checking in gs_start_tx() 1712c9373f98 mmc: core: don't try to switch block size for dual rate mode 5ea8ea2cb7f1 tcp/dccp: drop SYN packets if accept queue is full e1dc9b08051a serial: sprd: adjust TIMEOUT to a big value 81be24d263db Hang/soft lockup in d_invalidate with simultaneous calls 6f44a0bacb79 arm64: traps: disable irq in die() b7d44c36a6f6 usb: renesas_usbhs: gadget: fix unused-but-set-variable warning 4350782570b9 serial: sprd: clear timeout interrupt only rather than all interrupts 3f3295709ede lib/int_sqrt: optimize small argument 32fd87b3bbf5 USB: core: only clean up what we allocated Al Viro (1): Hang/soft lockup in d_invalidate with simultaneous calls Andrey Konovalov (1): USB: core: only clean up what we allocated Baolin Wang (1): usb: gadget: Add the gserial port checking in gs_start_tx() Chuanxiao Dong (1): mmc: debugfs: Add a restriction to mmc debugfs clock setting Dong Aisheng (1): mmc: core: fix using wrong io voltage if mmc_select_hs200 fails Eric Dumazet (1): tcp/dccp: drop SYN packets if accept queue is full James Morse (1): arm64: mm: Add trace_irqflags annotations to do_debug_exception() Josh Boyer (1): USB: iowarrior: fix oops with malicious USB descriptors Julia Lawall (1): mmc: pwrseq: constify mmc_pwrseq_ops structures Konstantin Khlebnikov (1): mm/rmap: replace BUG_ON(anon_vma->degree) with VM_WARN_ON Lanqing Liu (1): serial: sprd: clear timeout interrupt only rather than all interrupts Martin Fuzzey (1): mmc: pwrseq_simple: Make reset-gpios optional to match doc Peter Chen (1): usb: gadget: composite: fix dereference after null check coverify warning Peter Zijlstra (1): lib/int_sqrt: optimize small argument Qiao Zhou (1): arm64: traps: disable irq in die() Ravindra Lokhande (1): ALSA: compress: add support for 32bit calls in a 64bit kernel Roger Quadros (2): usb: dwc3: gadget: Fix suspend/resume during device mode extcon: usb-gpio: Don't miss event during suspend/resume Russell King (1): mmc: core: shut up "voltage-ranges unspecified" pr_info() Wei Qiao (1): serial: sprd: adjust TIMEOUT to a big value Wolfram Sang (3): mmc: make MAN_BKOPS_EN message a debug mmc: sanitize 'bus width' in debug output kbuild: setlocalversion: print error to STDERR Yoshihiro Shimoda (1): usb: renesas_usbhs: gadget: fix unused-but-set-variable warning Ziyuan Xu (1): mmc: core: don't try to switch block size for dual rate mode arch/arm64/kernel/traps.c | 8 +++++-- arch/arm64/mm/fault.c | 33 ++++++++++++++++++-------- drivers/extcon/extcon-usb-gpio.c | 3 +++ drivers/mmc/core/core.c | 13 ++++++---- drivers/mmc/core/debugfs.c | 2 +- drivers/mmc/core/mmc.c | 16 +++++++++---- drivers/mmc/core/pwrseq.h | 2 +- drivers/mmc/core/pwrseq_emmc.c | 2 +- drivers/mmc/core/pwrseq_simple.c | 24 ++++++++++++------- drivers/tty/serial/sprd_serial.c | 6 +++-- drivers/usb/core/config.c | 9 ++++--- drivers/usb/dwc3/gadget.c | 6 +++++ drivers/usb/gadget/composite.c | 2 ++ drivers/usb/gadget/function/u_serial.c | 7 +++++- drivers/usb/misc/iowarrior.c | 6 +++++ drivers/usb/renesas_usbhs/mod_gadget.c | 5 +--- fs/dcache.c | 10 ++++---- include/net/inet_connection_sock.h | 5 ---- lib/int_sqrt.c | 3 +++ mm/rmap.c | 2 +- net/dccp/ipv4.c | 8 +------ net/dccp/ipv6.c | 2 +- net/ipv4/tcp_input.c | 8 +------ scripts/setlocalversion | 2 +- sound/core/compress_offload.c | 13 ++++++++++ 25 files changed, 126 insertions(+), 71 deletions(-) -- 2.20.0 This is the full list of patches that were backported and are not in 4.4.y, but as usual most of them did not appear to make sense for stable kernels. 100 33 da5ce874f8ca f2fs: release locks before return in f2fs_ioc_gc_range() 100 100 1dc0f8991d4d f2fs: fix to avoid race in between atomic write and background GC 100 27 b27bc8091ccf f2fs: do gc in greedy mode for whole range if gc_urgent mode is set 100 100 782911f491e7 f2fs: set readdir_ra by default 33 33 81286d3e31b7 staging: android: ion: Remove check of idev->debug_root 100 80 ae6650163c66 loop: fix concurrent lo_open/lo_release 100 100 466a2b42d676 cpufreq: schedutil: Use idle_calls counter of the remote CPU 100 100 32fd87b3bbf5 USB: core: only clean up what we allocated 100 100 3f3295709ede lib/int_sqrt: optimize small argument 50 30 e22cdc3fc599 sched/isolcpus: Fix "isolcpus=" boot parameter handling when !CONFIG_CPUMASK_OFFSTACK 100 85 0abd8e70d24b f2fs: clear radix tree dirty tag of pages whose dirty flag is cleared 100 100 84a23fbe96b4 f2fs: clear FI_HOT_DATA correctly 91 91 12ac1d0f6c3e genirq: Make sparse_irq_lock protect what it should protect 100 55 c49cbc19b31e cpufreq: schedutil: Always process remote callback with slow switching 100 100 e2cabe48c20e cpufreq: schedutil: Don't restrict kthread to related_cpus unnecessarily 78 78 99d14d0e16fa cpufreq: Process remote callbacks from any CPU if the platform permits 31 61 674e75411fc2 sched: cpufreq: Allow remote cpufreq callbacks 50 100 4350782570b9 serial: sprd: clear timeout interrupt only rather than all interrupts 100 100 b7d44c36a6f6 usb: renesas_usbhs: gadget: fix unused-but-set-variable warning 100 100 6f44a0bacb79 arm64: traps: disable irq in die() 100 33 04dfc23006a2 f2fs: show more info if fail to issue discard 71 28 e41e6d75e501 f2fs: split wio_mutex 100 100 773a9ef85f02 mmc: pwrseq: Add reset callback to the struct mmc_pwrseq_ops 100 100 81be24d263db Hang/soft lockup in d_invalidate with simultaneous calls 100 100 e9256e142f59 mmc: pwrseq_simple: Parse DTS for the power-off-delay-us property 100 100 e1dc9b08051a serial: sprd: adjust TIMEOUT to a big value 100 100 6c3acd97572b f2fs: allocate hot_data for atomic writes 75 100 bdd154436077 USB: serial: spcp8x5: simplify endpoint check 45 100 590298b22325 USB: serial: pl2303: simplify endpoint check 68 100 32814c87f446 USB: serial: oti6858: simplify endpoint check 85 100 8ee1592d125a USB: serial: omninet: simplify endpoint check 42 100 206ff831bebb USB: serial: mos7720: simplify endpoint check 84 100 35194572b4ed USB: serial: kobil_sct: simplify endpoint check 75 100 b714d5dc0631 USB: serial: keyspan_pda: simplify endpoint check 69 100 fb527736ebcc USB: serial: iuu_phoenix: simplify endpoint check 65 100 e7d6507e5ba7 USB: serial: digi_acceleport: simplify endpoint check 81 100 d183b9b43390 USB: serial: cyberjack: simplify endpoint check 60 100 fe190ed0d602 xhci: Do not halt the host until both HCD have disconnected their devices. 100 100 f759741d9d91 block: Fix oops in locked_inode_to_wb_and_lock_list() 100 100 773dc118756b mmc: core: Fix access to HS400-ES devices 64 64 e93b9865251a f2fs: add ovp valid_blocks check for bg gc victim to fg_gc 30 49 942fd3192f83 f2fs: check last page index in cached bio to decide submission 71 100 bcb7440e76a9 extcon: usb-gpio: Add pinctrl operation during system PM 66 100 5278204c9818 xhci: use the trb_to_noop() helper for command trbs 100 100 bc88c10d7e69 locking/spinlock/debug: Remove spinlock lockup detection code 100 100 d40a43af0a57 f2fs: fix an infinite loop when flush nodes in cp 89 86 541332a13b1d extcon: usb-gpio: Add VBUS detection support 100 50 65aca3205046 usb: dwc3: gadget: clear events in top-half handler 77 100 ebbb2d59398f usb: dwc3: gadget: use evt->cache for processing events 66 100 d9fa4c63f766 usb: dwc3: core: add a event buffer cache 100 100 9ad587710a2f usb: gadget: composite: remove unnecessary & operation 100 76 ef3d232245ab mmc: mmc: Relax checking for switch errors after HS200 switch 100 100 e173f8911f09 mmc: core: Update CMD13 polling policy when switch to HS DDR mode 68 63 aa33ce3c411a mmc: core: Enable __mmc_switch() to change bus speed timing for the host 100 33 5ec32f84111a mmc: core: Check SWITCH_ERROR bit from each CMD13 response when polling 50 50 625228fa3e01 mmc: core: Rename ignore_crc to retry_crc_err to reflect its purpose 100 100 89e57aedda33 mmc: core: Remove redundant __mmc_send_status() 33 33 437590a123b6 mmc: core: Retry instead of ignore at CRC errors when polling for busy 100 100 c2c24819b280 mmc: core: Don't power off the card when starting the host 55 50 716bdb8953c7 mmc: core: Factor out code related to polling in __mmc_switch() 23 89 cb26ce069ffa mmc: core: Clarify code which deals with polling in __mmc_switch() 100 100 5ea8ea2cb7f1 tcp/dccp: drop SYN packets if accept queue is full 72 100 8e5bfa8c1f84 sched/autogroup: Do not use autogroup->tg in zombie threads 100 100 8fdd136f2200 cfg80211: add bitrate for 20MHz MCS 9 75 100 fd9afd3cbe40 usb: gadget: u_ether: remove interrupt throttling 100 100 fe1b5700c70f mmc: mmc: Use 500ms as the default generic CMD6 timeout 100 100 1720d3545b77 mmc: core: switch to 1V8 or 1V2 for hs400es mode 100 100 e932835377f9 f2fs: check return value of write_checkpoint during fstrim 100 100 1712c9373f98 mmc: core: don't try to switch block size for dual rate mode 63 81 721e0497172f mmc: pwrseq-simple: Add an optional post-power-on-delay 100 100 00af62330c39 usb: dwc3: core: Move the mode setting to the right place 100 75 b1149ad917b7 coresight: always use stashed trace id value in etm4_trace_id 80 80 a399d233078e sched/core: Fix incorrect utilization accounting when switching to fair class 100 60 9d7aba7786b6 Revert "usb: dwc3: gadget: always decrement by 1" 100 100 511a36d2f357 usb: gadget: Add the gserial port checking in gs_start_tx() 100 100 c526c62d565e usb: gadget: composite: fix dereference after null check coverify warning 100 100 78283edf2c01 kbuild: setlocalversion: print error to STDERR 100 100 bb4eecf23be2 mmc: Change the max discard sectors and erase response when HW busy detect 100 100 6ae3e537eab9 mmc: core: expose MMC_CAP2_NO_* to dt 100 100 5f1d1434b7a0 Documentation: mmc: add description for new no-sd* and no-mmc 100 100 a0c3b68c72a3 mmc: core: Allow hosts to specify non-support for MMC commands 100 100 1b8d79c54944 mmc: core: Allow hosts to specify non-support for SD commands 100 100 649c6059d237 mmc: mmc: Fix HS switch failure in mmc_select_hs400() 61 100 08573eaf1a70 mmc: mmc: do not use CMD13 to get status after speed mode switch 33 100 bc26235bbd79 mmc: debugfs: add HS400 enhanced strobe description 74 100 81ac2af65793 mmc: core: implement enhanced strobe support 100 100 ef29c0e273b8 mmc: core: add mmc-hs400-enhanced-strobe support 100 100 a60119ce9434 Documentation: mmc: add mmc-hs400-enhanced-strobe 99 78 48b4800a1c6a zsmalloc: page migration support 88 79 bfd093f5e7f0 zsmalloc: use freeobj for index 48 62 4aa409cab7c3 zsmalloc: separate free_zspage from putback_zspage 66 66 3783689a1aa8 zsmalloc: introduce zspage structure 62 86 bdb0af7ca8f0 zsmalloc: factor page chain functionality out 100 100 1b8320b620d6 zsmalloc: use bit_spin_lock 50 68 1fc6e27d7b86 zsmalloc: keep max_object in size_class 100 85 b1123ea6d3b3 mm: balloon: use general non-lru movable page feature 88 93 bda807d44454 mm: migrate: support non-lru movable page migration 90 90 c6c919eb90e0 mm: use put_page() to free page instead of putback_lru_page() 92 100 72704f876f50 dwc3: gadget: Implement the suspend entry event handler 100 100 da1410be21bf usb: dwc3: gadget: Add the suspend state checking when stopping gadget 33 100 13fa2e69b1dd usb: dwc3: gadget: disable XFER_NOT_READY 92 35 361572b5f7a9 usb: dwc3: gadget: Handle TRB index 0 when full or empty 100 100 7d0a038b130c usb: dwc3: gadget: Account for link TRB in TRBs left 100 100 89bc856e5a74 usb: dwc3: gadget: Don't prepare TRBs if no space 75 100 0d25744ad107 usb: dwc3: gadget: Initialize the TRB ring 79 86 fc8bb91bc83e usb: dwc3: implement runtime PM 77 100 4cb4221764ef usb: dwc3: gadget: fix for possible endpoint disable race 45 29 51f5d49ad6f0 usb: dwc3: core: simplify suspend/resume operations 79 91 c499ff71ff2a usb: dwc3: core: re-factor init and exit paths 55 100 bcdb3272e889 usb: dwc3: core: move fladj to dwc3 structure 68 80 c4233573f6ee usb: dwc3: gadget: prepare TRBs on update transfers too 100 100 7f370ed0cfe9 usb: dwc3: core: get rid of DWC3_PM_OPS macro 73 91 9f8a67b65a49 usb: dwc3: gadget: fix gadget suspend/resume 68 93 d7be295243bb usb: dwc3: gadget: re-factor ->udc_start and ->udc_stop 100 100 058b6659e98f extcon: usb-gpio: add device binding for platform device 100 100 04c080080855 extcon: usb-gpio: Don't miss event during suspend/resume 100 100 5fc363232ae7 uas: remove can_queue set in host template 100 100 975756c41332 f2fs: avoid ENOSPC fault in the recovery process 80 40 c41f3cc3ae34 f2fs: inject page allocation failures 43 26 da011cc0da8c f2fs: move node pages only in victim section during GC 100 100 1ee4716585ed zsmalloc: remove unused pool param in obj_free 33 66 830e4bc5baa9 zsmalloc: clean up many BUG_ON 67 71 36b68aae8e39 usb: dwc3: gadget: use link TRB for all endpoint types 62 62 c28f82595dde usb: dwc3: switch trb enqueue/dequeue and first_trb_index to u8 100 100 e4c5800a3991 mm/rmap: replace BUG_ON(anon_vma->degree) with VM_WARN_ON 100 100 e51534c80660 mmc: core: fix using wrong io voltage if mmc_select_hs200 fails 100 100 437db4c6e798 mmc: mmc: Attempt to flush cache before reset 100 100 87e88659afd1 mmc: core: drop unnecessary bit checking 97 96 d97a1e5d7cd2 mmc: pwrseq: convert to proper platform device 75 100 f01b72d0fd53 mmc: pwrseq_emmc: add to_pwrseq_emmc() macro 85 100 5b96fea730ab mmc: pwrseq_simple: add to_pwrseq_simple() macro 100 100 4e6c71788d6b mmc: core: Do regular power cycle when lacking eMMC HW reset support 100 100 6afedcd23cfd arm64: mm: Add trace_irqflags annotations to do_debug_exception() 33 100 9772b47a4c29 usb: dwc3: gadget: Fix suspend/resume during device mode 100 100 a0747eb81c1d mmc: core: remove redundant memset of sdio_read_cccr 100 100 0076c71e37cc mmc: core: remove redundant memset of mmc_decode_cid 100 100 07d97d872359 mmc: core: report tuning command execution failure reason 100 77 cf925747d20b mmc: core: improve mmc_of_parse_voltage() to return better status 75 100 10a16a01d8f7 mmc: core: shut up "voltage-ranges unspecified" pr_info() 100 100 ed9feec72fc1 mmc: sanitize 'bus width' in debug output 100 77 6067bafe44d7 mmc: core: use the defined function to check whether card is removable 100 100 4ec96b4cbde8 mmc: make MAN_BKOPS_EN message a debug 100 100 e5905ff1281f mmc: debugfs: Add a restriction to mmc debugfs clock setting 100 100 0899e7419387 mmc: remove unnecessary assignment statements before return 100 100 62c03ca3ffa1 mmc: core: pwrseq_simple: remove unused header file 33 33 85ead8185a76 f2fs: delete unnecessary wait for page writeback 100 100 4ec0ef3a8212 USB: iowarrior: fix oops with malicious USB descriptors 100 100 5821a33b9bbd Staging: Android: align code with open parenthesis in ion_carveout_heap.c 100 100 9f93a8a0ba91 crypto: api - Introduce crypto_queue_len() helper function 100 92 06b241f32c71 mm: __delete_from_page_cache show Bad page if mapped 100 100 c0992d0f5484 USB: serial: option: add support for Quectel UC20 71 42 3158a8d416f4 USB: option: add support for SIM7100E 87 50 ff4e2494dc17 USB: serial: option: Adding support for Telit LE922 90 100 64a67d4762ce mmc: pwrseq_simple: Make reset-gpios optional to match doc 100 100 c10368897e10 ALSA: compress: add support for 32bit calls in a 64bit kernel 99 100 a5beaaf39455 usb: gadget: Add the console support for usb-to-serial port 100 100 100a606d54a0 mmc: core: Introduce MMC_CAP2_NO_SDIO cap 66 100 ffedbd2210f2 mmc: pwrseq: constify mmc_pwrseq_ops structures 66 100 1ff2575bcf42 mmc: core: Check for non-removable cards earlier in the error path 100 100 c29536e85b5f mmc: core: Make runtime resume default behavior for MMC/SD 100 100 d234d2123fa7 mmc: core: Keep host claimed in mmc_rescan() while calling host ops 100 100 86236813ff23 mmc: core: Invoke ->card_event() callback only when needed Cc: linux-arm-kernel(a)lists.infradead.org Cc: linux-kernel(a)vger.kernel.org Cc: linux-mmc(a)vger.kernel.org Cc: linux-serial(a)vger.kernel.org Cc: linux-usb(a)vger.kernel.org Cc: linux-fsdevel(a)vger.kernel.org Cc: netdev(a)vger.kernel.org Cc: linux-mm(a)kvack.org Cc: dccp(a)vger.kernel.org Cc: alsa-devel(a)alsa-project.org

6 years, 7 months

7
45
0 0

patch "Revert "tty: pty: Fix race condition between release_one_tty and" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Revert "tty: pty: Fix race condition between release_one_tty and to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 0eae4686a128d87503863a261e84887750c8bc68 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Date: Fri, 29 Mar 2019 15:47:40 +0100 Subject: Revert "tty: pty: Fix race condition between release_one_tty and pty_write" This reverts commit b9ca5f8560af244489b4a1bc1ae88b341f24bc95 as 0-day shows it has a circular locking dependency. Fixes: b9ca5f8560af ("tty: pty: Fix race condition between release_one_tty and pty_write") Reported-by: kernel test robot <lkp(a)intel.com> Cc: Sahara <keun-o.park(a)darkmatter.ae> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/pty.c | 7 ------- drivers/tty/tty_io.c | 3 --- 2 files changed, 10 deletions(-) diff --git a/drivers/tty/pty.c b/drivers/tty/pty.c index ef72031ab5b9..00099a8439d2 100644 --- a/drivers/tty/pty.c +++ b/drivers/tty/pty.c @@ -116,12 +116,6 @@ static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c) if (tty->stopped) return 0; - mutex_lock(&tty_mutex); - if (to->magic != TTY_MAGIC) { - mutex_unlock(&tty_mutex); - return -EIO; - } - if (c > 0) { spin_lock_irqsave(&to->port->lock, flags); /* Stuff the data into the input queue of the other end */ @@ -131,7 +125,6 @@ static int pty_write(struct tty_struct *tty, const unsigned char *buf, int c) tty_flip_buffer_push(to->port); spin_unlock_irqrestore(&to->port->lock, flags); } - mutex_unlock(&tty_mutex); return c; } diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c index c27777f3b8c4..5fa250157025 100644 --- a/drivers/tty/tty_io.c +++ b/drivers/tty/tty_io.c @@ -1448,13 +1448,10 @@ static void release_one_tty(struct work_struct *work) struct tty_driver *driver = tty->driver; struct module *owner = driver->owner; - mutex_lock(&tty_mutex); if (tty->ops->cleanup) tty->ops->cleanup(tty); tty->magic = 0; - mutex_unlock(&tty_mutex); - tty_driver_kref_put(driver); module_put(owner); -- 2.21.0

6 years, 7 months

1
0
0 0

✅ PASS: Test report for kernel 5.0.6-1676445.cki+ (stable)

by CKI Project

Hello, We ran automated tests on a recent commit from this kernel tree: Kernel repo: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Commit: 1676445dc71d - Linux 5.0.6-rc1 The results of these automated tests are provided below. Overall result: PASSED Compile: OK Tests: OK Please reply to this email if you have any questions about the tests that we ran or if you have any suggestions on how to make future tests more effective. ,-. ,-. ( C ) ( K ) Continuous `-',-.`-' Kernel ( I ) Integration `-' ______________________________________________________________________________ Compile testing --------------- We compiled the kernel for 3 architectures: aarch64: make options: make INSTALL_MOD_STRIP=1 -j64 targz-pkg -j64 configuration: https://artifacts.cki-project.org/builds/aarch64/1676445dc71de8ad2e6efe583e… kernel build: https://artifacts.cki-project.org/builds/aarch64/1676445dc71de8ad2e6efe583e… ppc64le: make options: make INSTALL_MOD_STRIP=1 -j64 targz-pkg -j64 configuration: https://artifacts.cki-project.org/builds/ppc64le/1676445dc71de8ad2e6efe583e… kernel build: https://artifacts.cki-project.org/builds/ppc64le/1676445dc71de8ad2e6efe583e… x86_64: make options: make INSTALL_MOD_STRIP=1 -j64 targz-pkg -j64 configuration: https://artifacts.cki-project.org/builds/x86_64/1676445dc71de8ad2e6efe583ec… kernel build: https://artifacts.cki-project.org/builds/x86_64/1676445dc71de8ad2e6efe583ec… Hardware testing ---------------- We booted each kernel and ran the following tests: aarch64: ✅ Boot test [0] ✅ LTP lite - release 20190115 [1] ✅ Loopdev Sanity [2] ✅ xfstests: ext4 [3] ✅ xfstests: xfs [3] ✅ Memory function: memfd_create [4] ✅ AMTU (Abstract Machine Test Utility) [5] ✅ Ethernet drivers sanity [6] 🚧 ✅ Networking route: pmtu [7] 🚧 ❎ audit: audit testsuite test [8] ✅ httpd: mod_ssl smoke sanity [9] ✅ httpd: php sanity [10] 🚧 ✅ iotop: sanity [11] 🚧 ✅ /CoreOS/net-snmp/Regression/bz251332-tcp-transport ✅ redhat-rpm-config: detect-kabi-provides sanity [12] ✅ redhat-rpm-config: kabi-whitelist-not-found sanity [13] 🚧 ✅ tuned: tune-processes-through-perf [14] ✅ Usex - version 1.9-29 [15] 🚧 ❎ Storage blktests [16] ✅ lvm thinp sanity [17] ppc64le: ✅ Boot test [0] ✅ LTP lite - release 20190115 [1] ✅ Loopdev Sanity [2] ✅ xfstests: ext4 [3] ✅ xfstests: xfs [3] ✅ Memory function: memfd_create [4] ✅ AMTU (Abstract Machine Test Utility) [5] ✅ Ethernet drivers sanity [6] 🚧 ✅ Networking route: pmtu [7] 🚧 ❎ audit: audit testsuite test [8] ✅ httpd: mod_ssl smoke sanity [9] ✅ httpd: php sanity [10] 🚧 ✅ iotop: sanity [11] 🚧 ✅ /CoreOS/net-snmp/Regression/bz251332-tcp-transport ✅ redhat-rpm-config: detect-kabi-provides sanity [12] ✅ redhat-rpm-config: kabi-whitelist-not-found sanity [13] 🚧 ✅ selinux-policy: serge-testsuite [18] 🚧 ✅ tuned: tune-processes-through-perf [14] ✅ Usex - version 1.9-29 [15] 🚧 ❎ Storage blktests [16] ✅ lvm thinp sanity [17] x86_64: ✅ Boot test [0] ✅ LTP lite - release 20190115 [1] ✅ Loopdev Sanity [2] ✅ xfstests: ext4 [3] ✅ xfstests: xfs [3] ✅ Memory function: memfd_create [4] ✅ AMTU (Abstract Machine Test Utility) [5] ✅ Ethernet drivers sanity [6] 🚧 ✅ Networking route: pmtu [7] 🚧 ❎ audit: audit testsuite test [8] ✅ httpd: mod_ssl smoke sanity [9] ✅ httpd: php sanity [10] 🚧 ✅ iotop: sanity [11] 🚧 ✅ /CoreOS/net-snmp/Regression/bz251332-tcp-transport ✅ redhat-rpm-config: detect-kabi-provides sanity [12] ✅ redhat-rpm-config: kabi-whitelist-not-found sanity [13] 🚧 ✅ selinux-policy: serge-testsuite [18] 🚧 ✅ tuned: tune-processes-through-perf [14] ✅ Usex - version 1.9-29 [15] 🚧 ❎ Storage blktests [16] ✅ lvm thinp sanity [17] Test source: [0]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [1]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [2]: https://github.com/CKI-project/tests-beaker/archive/master.zip#filesystems/… [3]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/filesystems… [4]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/memory/func… [5]: https://github.com/CKI-project/tests-beaker/archive/master.zip#misc/amtu [6]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [7]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [8]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/aud… [9]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/htt… [10]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/htt… [11]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/iot… [12]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/red… [13]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/red… [14]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/tun… [15]: https://github.com/CKI-project/tests-beaker/archive/master.zip#standards/us… [16]: https://github.com/CKI-project/tests-beaker/archive/master.zip#storage/blk [17]: https://github.com/CKI-project/tests-beaker/archive/master.zip#storage/lvm/… [18]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/packages/se… Waived tests (marked with 🚧) ----------------------------- This test run included waived tests. Such tests are executed but their results are not taken into account. Tests are waived when their results are not reliable enough, e.g. when they're just introduced or are being fixed.

6 years, 7 months

1
0
0 0

✅ PASS: Stable queue: queue-5.0

by CKI Project

Hello, We ran automated tests on a patchset that was proposed for merging into this kernel tree. The patches were applied to: Kernel repo: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git Commit: 1f6f316a537d - Linux 5.0.5 The results of these automated tests are provided below. Overall result: PASSED Merge: OK Compile: OK Tests: OK Please reply to this email if you have any questions about the tests that we ran or if you have any suggestions on how to make future tests more effective. ,-. ,-. ( C ) ( K ) Continuous `-',-.`-' Kernel ( I ) Integration `-' ______________________________________________________________________________ Merge testing ------------- We cloned this repository and checked out a ref: Repo: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git Ref: 1f6f316a537d - Linux 5.0.5 We then merged the patchset with `git am`: bluetooth-check-l2cap-option-sizes-returned-from-l2cap_get_conf_opt.patch bluetooth-verify-that-l2cap_get_conf_opt-provides-large-enough-buffer.patch netfilter-nf_tables-fix-set-double-free-in-abort-pat.patch dccp-do-not-use-ipv6-header-for-ipv4-flow.patch genetlink-fix-a-memory-leak-on-error-path.patch gtp-change-net_udp_tunnel-dependency-to-select.patch ipv6-make-ip6_create_rt_rcu-return-ip6_null_entry-instead-of-null.patch mac8390-fix-mmio-access-size-probe.patch misdn-hfcpci-test-both-vendor-device-id-for-digium-hfc4s.patch net-aquantia-fix-rx-checksum-offload-for-udp-tcp-over-ipv6.patch net-datagram-fix-unbounded-loop-in-__skb_try_recv_datagram.patch net-packet-set-__gfp_nowarn-upon-allocation-in-alloc_pg_vec.patch net-phy-meson-gxl-fix-interrupt-support.patch net-rose-fix-a-possible-stack-overflow.patch net-stmmac-fix-memory-corruption-with-large-mtus.patch net-sysfs-call-dev_hold-if-kobject_init_and_add-success.patch net-usb-aqc111-extend-hwid-table-by-qnap-device.patch packets-always-register-packet-sk-in-the-same-order.patch rhashtable-still-do-rehash-when-we-get-eexist.patch sctp-get-sctphdr-by-offset-in-sctp_compute_cksum.patch sctp-use-memdup_user-instead-of-vmemdup_user.patch tcp-do-not-use-ipv6-header-for-ipv4-flow.patch tipc-allow-service-ranges-to-be-connect-ed-on-rdm-dgram.patch tipc-change-to-check-tipc_own_id-to-return-in-tipc_net_stop.patch tipc-fix-cancellation-of-topology-subscriptions.patch tun-properly-test-for-iff_up.patch vrf-prevent-adding-upper-devices.patch vxlan-don-t-call-gro_cells_destroy-before-device-is-unregistered.patch thunderx-enable-page-recycling-for-non-xdp-case.patch thunderx-eliminate-extra-calls-to-put_page-for-pages-held-for-recycling.patch net-dsa-mv88e6xxx-fix-few-issues-in-mv88e6390x_port_set_cmode.patch net-mii-fix-pause-cap-advertisement-from-linkmode_adv_to_lcl_adv_t-helper.patch net-phy-don-t-clear-bmcr-in-genphy_soft_reset.patch r8169-fix-cable-re-plugging-issue.patch ila-fix-rhashtable-walker-list-corruption.patch tun-add-a-missing-rcu_read_unlock-in-error-path.patch powerpc-fsl-fix-the-flush-of-branch-predictor.patch btrfs-fix-incorrect-file-size-after-shrinking-truncate-and-fsync.patch btrfs-remove-warn_on-in-log_dir_items.patch btrfs-don-t-report-readahead-errors-and-don-t-update-statistics.patch btrfs-raid56-properly-unmap-parity-page-in-finish_parity_scrub.patch btrfs-fix-bound-checking-in-qgroup_trace_new_subtree_blocks.patch btrfs-avoid-possible-qgroup_rsv_size-overflow-in-btrfs_calculate_inode_block_rsv_size.patch btrfs-fix-assertion-failure-on-fsync-with-no_holes-enabled.patch locks-wake-any-locks-blocked-on-request-before-deadlock-check.patch tracing-initialize-variable-in-create_dyn_event.patch arm-imx6q-cpuidle-fix-bug-that-cpu-might-not-wake-up-at-expected-time.patch powerpc-bpf-fix-generation-of-load-store-dw-instructions.patch vfio-ccw-only-free-cp-on-final-interrupt.patch nfs-fix-nfs4_lock_state-refcounting-in-nfs4_alloc_-lock-unlock-data.patch nfs-fix-mount-umount-race-in-nlmclnt.patch nfsv4.1-don-t-free-interrupted-slot-on-open.patch net-dsa-qca8k-remove-leftover-phy-accessors.patch Compile testing --------------- We compiled the kernel for 3 architectures: aarch64: make options: make INSTALL_MOD_STRIP=1 -j64 targz-pkg -j64 configuration: https://artifacts.cki-project.org/builds/aarch64/b8766c0c99352d958c320bd68c… kernel build: https://artifacts.cki-project.org/builds/aarch64/b8766c0c99352d958c320bd68c… ppc64le: make options: make INSTALL_MOD_STRIP=1 -j64 targz-pkg -j64 configuration: https://artifacts.cki-project.org/builds/ppc64le/766f91ea7654ddc047f58cf70e… kernel build: https://artifacts.cki-project.org/builds/ppc64le/766f91ea7654ddc047f58cf70e… x86_64: make options: make INSTALL_MOD_STRIP=1 -j64 targz-pkg -j64 configuration: https://artifacts.cki-project.org/builds/x86_64/fe13fc3ed745531769b18d22725… kernel build: https://artifacts.cki-project.org/builds/x86_64/fe13fc3ed745531769b18d22725… Hardware testing ---------------- We booted each kernel and ran the following tests: aarch64: ✅ Boot test [0] ✅ LTP lite - release 20190115 [1] ✅ Loopdev Sanity [2] ✅ xfstests: xfs [3] ✅ AMTU (Abstract Machine Test Utility) [4] 🚧 ✅ Networking route: pmtu [5] 🚧 ❎ audit: audit testsuite test [6] ✅ httpd: mod_ssl smoke sanity [7] ✅ httpd: php sanity [8] 🚧 ✅ iotop: sanity [9] 🚧 ✅ /CoreOS/net-snmp/Regression/bz251332-tcp-transport 🚧 ✅ tuned: tune-processes-through-perf [10] ✅ Usex - version 1.9-29 [11] ppc64le: ✅ Boot test [0] ✅ LTP lite - release 20190115 [1] ✅ Loopdev Sanity [2] ✅ xfstests: xfs [3] ✅ AMTU (Abstract Machine Test Utility) [4] 🚧 ✅ Networking route: pmtu [5] 🚧 ❎ audit: audit testsuite test [6] ✅ httpd: mod_ssl smoke sanity [7] ✅ httpd: php sanity [8] 🚧 ✅ iotop: sanity [9] 🚧 ✅ /CoreOS/net-snmp/Regression/bz251332-tcp-transport 🚧 ✅ selinux-policy: serge-testsuite [12] 🚧 ✅ tuned: tune-processes-through-perf [10] ✅ Usex - version 1.9-29 [11] x86_64: ✅ Boot test [0] ✅ LTP lite - release 20190115 [1] ✅ Loopdev Sanity [2] ✅ xfstests: xfs [3] ✅ AMTU (Abstract Machine Test Utility) [4] 🚧 ✅ Networking route: pmtu [5] 🚧 ❎ audit: audit testsuite test [6] ✅ httpd: mod_ssl smoke sanity [7] ✅ httpd: php sanity [8] 🚧 ✅ iotop: sanity [9] 🚧 ✅ /CoreOS/net-snmp/Regression/bz251332-tcp-transport 🚧 ✅ selinux-policy: serge-testsuite [12] 🚧 ✅ tuned: tune-processes-through-perf [10] ✅ Usex - version 1.9-29 [11] Test source: [0]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [1]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [2]: https://github.com/CKI-project/tests-beaker/archive/master.zip#filesystems/… [3]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/filesystems… [4]: https://github.com/CKI-project/tests-beaker/archive/master.zip#misc/amtu [5]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [6]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/aud… [7]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/htt… [8]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/htt… [9]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/iot… [10]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/tun… [11]: https://github.com/CKI-project/tests-beaker/archive/master.zip#standards/us… [12]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/packages/se… Waived tests (marked with 🚧) ----------------------------- This test run included waived tests. Such tests are executed but their results are not taken into account. Tests are waived when their results are not reliable enough, e.g. when they're just introduced or are being fixed.

6 years, 7 months

1
0
0 0

stable-rc/linux-4.4.y boot: 93 boots: 2 failed, 82 passed with 9 offline (v4.4.177-103-g5eb43b55cb6b)

by kernelci.org bot

stable-rc/linux-4.4.y boot: 93 boots: 2 failed, 82 passed with 9 offline (v4.4.177-103-g5eb43b55cb6b) Full Boot Summary: https://kernelci.org/boot/all/job/stable-rc/branch/linux-4.4.y/kernel/v4.4.… Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.4.y/kernel/v4.4.177-103… Tree: stable-rc Branch: linux-4.4.y Git Describe: v4.4.177-103-g5eb43b55cb6b Git Commit: 5eb43b55cb6ba6d9dc90d2b139ab55ad3d93316b Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Tested: 44 unique boards, 21 SoC families, 14 builds out of 190 Boot Failures Detected: arm: multi_v7_defconfig: gcc-7: stih410-b2120: 1 failed lab arm64: defconfig: gcc-7: qcom-qdf2400: 1 failed lab Offline Platforms: arm: qcom_defconfig: gcc-7 qcom-apq8064-cm-qs600: 1 offline lab qcom-apq8064-ifc6410: 1 offline lab tegra_defconfig: gcc-7 tegra20-iris-512: 1 offline lab multi_v7_defconfig: gcc-7 qcom-apq8064-cm-qs600: 1 offline lab qcom-apq8064-ifc6410: 1 offline lab sun5i-r8-chip: 1 offline lab tegra20-iris-512: 1 offline lab sunxi_defconfig: gcc-7 sun5i-r8-chip: 1 offline lab arm64: defconfig: gcc-7 apq8016-sbc: 1 offline lab --- For more info write to <info(a)kernelci.org>

6 years, 7 months

1
0
0 0

stable-rc/linux-4.9.y boot: 104 boots: 0 failed, 95 passed with 9 offline (v4.9.166-23-gb9d8945d3deb)

by kernelci.org bot

stable-rc/linux-4.9.y boot: 104 boots: 0 failed, 95 passed with 9 offline (v4.9.166-23-gb9d8945d3deb) Full Boot Summary: https://kernelci.org/boot/all/job/stable-rc/branch/linux-4.9.y/kernel/v4.9.… Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.9.y/kernel/v4.9.166-23-… Tree: stable-rc Branch: linux-4.9.y Git Describe: v4.9.166-23-gb9d8945d3deb Git Commit: b9d8945d3debd370099f1040065e8de81742e703 Git URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Tested: 51 unique boards, 22 SoC families, 15 builds out of 196 Offline Platforms: arm: qcom_defconfig: gcc-7 qcom-apq8064-cm-qs600: 1 offline lab qcom-apq8064-ifc6410: 1 offline lab tegra_defconfig: gcc-7 tegra20-iris-512: 1 offline lab multi_v7_defconfig: gcc-7 qcom-apq8064-cm-qs600: 1 offline lab qcom-apq8064-ifc6410: 1 offline lab sun5i-r8-chip: 1 offline lab tegra20-iris-512: 1 offline lab sunxi_defconfig: gcc-7 sun5i-r8-chip: 1 offline lab arm64: defconfig: gcc-7 apq8016-sbc: 1 offline lab --- For more info write to <info(a)kernelci.org>

6 years, 7 months

1
0
0 0

[PATCH AUTOSEL 3.18 01/10] rsi: improve kernel thread handling to fix kernel panic

by Sasha Levin

From: Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> [ Upstream commit 4c62764d0fc21a34ffc44eec1210038c3a2e4473 ] While running regressions, observed below kernel panic when sdio disconnect called. This is because of, kthread_stop() is taking care of wait_for_completion() by default. When wait_for_completion triggered in kthread_stop and as it was done already, giving kernel panic. Hence, removing redundant wait_for_completion() from rsi_kill_thread(). ... skipping ... BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff810a63df>] exit_creds+0x1f/0x50 PGD 0 Oops: 0002 [#1] SMP CPU: 0 PID: 6502 Comm: rmmod Tainted: G OE 4.15.9-Generic #154-Ubuntu Hardware name: Dell Inc. Edge Gateway 3003/ , BIOS 01.00.00 04/17/2017 Stack: ffff88007392e600 ffff880075847dc0 ffffffff8108160a 0000000000000000 ffff88007392e600 ffff880075847de8 ffffffff810a484b ffff880076127000 ffff88003cd3a800 ffff880074f12a00 ffff880075847e28 ffffffffc09bed15 Call Trace: [<ffffffff8108160a>] __put_task_struct+0x5a/0x140 [<ffffffff810a484b>] kthread_stop+0x10b/0x110 [<ffffffffc09bed15>] rsi_disconnect+0x2f5/0x300 [ven_rsi_sdio] [<ffffffff81578bcb>] ? __pm_runtime_resume+0x5b/0x80 [<ffffffff816f0918>] sdio_bus_remove+0x38/0x100 [<ffffffff8156cc64>] __device_release_driver+0xa4/0x150 [<ffffffff8156d7a5>] driver_detach+0xb5/0xc0 [<ffffffff8156c6c5>] bus_remove_driver+0x55/0xd0 [<ffffffff8156dfbc>] driver_unregister+0x2c/0x50 [<ffffffff816f0b8a>] sdio_unregister_driver+0x1a/0x20 [<ffffffffc09bf0f5>] rsi_module_exit+0x15/0x30 [ven_rsi_sdio] [<ffffffff8110cad8>] SyS_delete_module+0x1b8/0x210 [<ffffffff81851dc8>] entry_SYSCALL_64_fastpath+0x1c/0xbb Signed-off-by: Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> Signed-off-by: Kalle Valo <kvalo(a)codeaurora.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/rsi/rsi_common.h | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/net/wireless/rsi/rsi_common.h b/drivers/net/wireless/rsi/rsi_common.h index d3fbe33d2324..a13f08fd8690 100644 --- a/drivers/net/wireless/rsi/rsi_common.h +++ b/drivers/net/wireless/rsi/rsi_common.h @@ -75,7 +75,6 @@ static inline int rsi_kill_thread(struct rsi_thread *handle) atomic_inc(&handle->thread_done); rsi_set_event(&handle->event); - wait_for_completion(&handle->completion); return kthread_stop(handle->task); } -- 2.19.1

6 years, 7 months

1
9
0 0

[PATCH AUTOSEL 4.4 01/16] rsi: improve kernel thread handling to fix kernel panic

by Sasha Levin

From: Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> [ Upstream commit 4c62764d0fc21a34ffc44eec1210038c3a2e4473 ] While running regressions, observed below kernel panic when sdio disconnect called. This is because of, kthread_stop() is taking care of wait_for_completion() by default. When wait_for_completion triggered in kthread_stop and as it was done already, giving kernel panic. Hence, removing redundant wait_for_completion() from rsi_kill_thread(). ... skipping ... BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff810a63df>] exit_creds+0x1f/0x50 PGD 0 Oops: 0002 [#1] SMP CPU: 0 PID: 6502 Comm: rmmod Tainted: G OE 4.15.9-Generic #154-Ubuntu Hardware name: Dell Inc. Edge Gateway 3003/ , BIOS 01.00.00 04/17/2017 Stack: ffff88007392e600 ffff880075847dc0 ffffffff8108160a 0000000000000000 ffff88007392e600 ffff880075847de8 ffffffff810a484b ffff880076127000 ffff88003cd3a800 ffff880074f12a00 ffff880075847e28 ffffffffc09bed15 Call Trace: [<ffffffff8108160a>] __put_task_struct+0x5a/0x140 [<ffffffff810a484b>] kthread_stop+0x10b/0x110 [<ffffffffc09bed15>] rsi_disconnect+0x2f5/0x300 [ven_rsi_sdio] [<ffffffff81578bcb>] ? __pm_runtime_resume+0x5b/0x80 [<ffffffff816f0918>] sdio_bus_remove+0x38/0x100 [<ffffffff8156cc64>] __device_release_driver+0xa4/0x150 [<ffffffff8156d7a5>] driver_detach+0xb5/0xc0 [<ffffffff8156c6c5>] bus_remove_driver+0x55/0xd0 [<ffffffff8156dfbc>] driver_unregister+0x2c/0x50 [<ffffffff816f0b8a>] sdio_unregister_driver+0x1a/0x20 [<ffffffffc09bf0f5>] rsi_module_exit+0x15/0x30 [ven_rsi_sdio] [<ffffffff8110cad8>] SyS_delete_module+0x1b8/0x210 [<ffffffff81851dc8>] entry_SYSCALL_64_fastpath+0x1c/0xbb Signed-off-by: Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> Signed-off-by: Kalle Valo <kvalo(a)codeaurora.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/rsi/rsi_common.h | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/net/wireless/rsi/rsi_common.h b/drivers/net/wireless/rsi/rsi_common.h index d3fbe33d2324..a13f08fd8690 100644 --- a/drivers/net/wireless/rsi/rsi_common.h +++ b/drivers/net/wireless/rsi/rsi_common.h @@ -75,7 +75,6 @@ static inline int rsi_kill_thread(struct rsi_thread *handle) atomic_inc(&handle->thread_done); rsi_set_event(&handle->event); - wait_for_completion(&handle->completion); return kthread_stop(handle->task); } -- 2.19.1

6 years, 7 months

1
15
0 0

[PATCH AUTOSEL 4.9 01/21] gpio: pxa: handle corner case of unprobed device

by Sasha Levin

From: Robert Jarzmik <robert.jarzmik(a)free.fr> [ Upstream commit 9ce3ebe973bf4073426f35f282c6b955ed802765 ] In the corner case where the gpio driver probe fails, for whatever reason, the suspend and resume handlers will still be called as they have to be registered as syscore operations. This applies as well when no probe was called while the driver has been built in the kernel. Nicolas tracked this in : https://bugzilla.kernel.org/show_bug.cgi?id=200905 Therefore, add a failsafe in these function, and test if a proper probe succeeded and the driver is functional. Signed-off-by: Robert Jarzmik <robert.jarzmik(a)free.fr> Reported-by: Nicolas Chauvet <kwizart(a)gmail.com> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/gpio/gpio-pxa.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/gpio/gpio-pxa.c b/drivers/gpio/gpio-pxa.c index 7a6305884f97..32d22bdf7164 100644 --- a/drivers/gpio/gpio-pxa.c +++ b/drivers/gpio/gpio-pxa.c @@ -774,6 +774,9 @@ static int pxa_gpio_suspend(void) struct pxa_gpio_bank *c; int gpio; + if (!pchip) + return 0; + for_each_gpio_bank(gpio, c, pchip) { c->saved_gplr = readl_relaxed(c->regbase + GPLR_OFFSET); c->saved_gpdr = readl_relaxed(c->regbase + GPDR_OFFSET); @@ -792,6 +795,9 @@ static void pxa_gpio_resume(void) struct pxa_gpio_bank *c; int gpio; + if (!pchip) + return; + for_each_gpio_bank(gpio, c, pchip) { /* restore level with set/clear */ writel_relaxed(c->saved_gplr, c->regbase + GPSR_OFFSET); -- 2.19.1

6 years, 7 months

1
20
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror