From: Bartosz Golaszewski <bgolaszewski(a)baylibre.com>
This patch reverts commit 3243ff2a05ec ("net: ethernet: davinci_emac:
Deduplicate bus_find_device() by name matching") and adds a comment
which should stop anyone from reintroducing the same "fix" in the future.
We can't use bus_find_device_by_name() here because the device name is
not guaranteed to be 'davinci_mdio'. On some systems it can be
'davinci_mdio.0' so we need to use strncmp() against the first part of
the string to correctly match it.
Fixes: 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching")
Cc: stable(a)vger.kernel.org
Signed-off-by: Bartosz Golaszewski <bgolaszewski(a)baylibre.com>
---
drivers/net/ethernet/ti/davinci_emac.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/ti/davinci_emac.c b/drivers/net/ethernet/ti/davinci_emac.c
index 06d7c9e4dcda..a1a6445b5a7e 100644
--- a/drivers/net/ethernet/ti/davinci_emac.c
+++ b/drivers/net/ethernet/ti/davinci_emac.c
@@ -1385,6 +1385,11 @@ static int emac_devioctl(struct net_device *ndev, struct ifreq *ifrq, int cmd)
return -EOPNOTSUPP;
}
+static int match_first_device(struct device *dev, void *data)
+{
+ return !strncmp(dev_name(dev), "davinci_mdio", 12);
+}
+
/**
* emac_dev_open - EMAC device open
* @ndev: The DaVinci EMAC network adapter
@@ -1484,8 +1489,14 @@ static int emac_dev_open(struct net_device *ndev)
/* use the first phy on the bus if pdata did not give us a phy id */
if (!phydev && !priv->phy_id) {
- phy = bus_find_device_by_name(&mdio_bus_type, NULL,
- "davinci_mdio");
+ /* NOTE: we can't use bus_find_device_by_name() here because
+ * the device name is not guaranteed to be 'davinci_mdio'. On
+ * some systems it can be 'davinci_mdio.0' so we need to use
+ * strncmp() against the first part of the string to correctly
+ * match it.
+ */
+ phy = bus_find_device(&mdio_bus_type, NULL, NULL,
+ match_first_device);
if (phy) {
priv->phy_id = dev_name(phy);
if (!priv->phy_id || !*priv->phy_id)
--
2.17.1
The BAM has 3 channels - tx, rx and command. command channel
is used for register read/writes, tx channel for data writes
and rx channel for data reads. Currently, the driver assumes the
transfer completion once it gets all the command descriptors
completed. Sometimes, there is race condition between data channel
(tx/rx) and command channel completion. In these cases,
the data present in buffer is not valid during small window
between command descriptor completion and data descriptor
completion.
This patch generates NAND transfer completion when both
(Data and Command) DMA channels have completed all its DMA
descriptors. It assigns completion callback in last
DMA descriptors of that channel and wait for completion.
Fixes: 8d6b6d7e135e ("mtd: nand: qcom: support for command descriptor formation")
Cc: stable(a)vger.kernel.org
Acked-by: Miquel Raynal <miquel.raynal(a)bootlin.com>
Signed-off-by: Abhishek Sahu <absahu(a)codeaurora.org>
---
* Changes from v3:
1. NONE
* Changes from v2:
1. Changed commit message and comments slightly
2. Renamed wait_second_completion from first_chan_done and set
it before submit desc
3. Mark for stable tree
* Changes from v1:
NONE
drivers/mtd/nand/raw/qcom_nandc.c | 53 ++++++++++++++++++++++++++++++++++++++-
1 file changed, 52 insertions(+), 1 deletion(-)
diff --git a/drivers/mtd/nand/raw/qcom_nandc.c b/drivers/mtd/nand/raw/qcom_nandc.c
index 2375780..fc20149 100644
--- a/drivers/mtd/nand/raw/qcom_nandc.c
+++ b/drivers/mtd/nand/raw/qcom_nandc.c
@@ -213,6 +213,8 @@
#define QPIC_PER_CW_CMD_SGL 32
#define QPIC_PER_CW_DATA_SGL 8
+#define QPIC_NAND_COMPLETION_TIMEOUT msecs_to_jiffies(2000)
+
/*
* Flags used in DMA descriptor preparation helper functions
* (i.e. read_reg_dma/write_reg_dma/read_data_dma/write_data_dma)
@@ -245,6 +247,11 @@
* @tx_sgl_start - start index in data sgl for tx.
* @rx_sgl_pos - current index in data sgl for rx.
* @rx_sgl_start - start index in data sgl for rx.
+ * @wait_second_completion - wait for second DMA desc completion before making
+ * the NAND transfer completion.
+ * @txn_done - completion for NAND transfer.
+ * @last_data_desc - last DMA desc in data channel (tx/rx).
+ * @last_cmd_desc - last DMA desc in command channel.
*/
struct bam_transaction {
struct bam_cmd_element *bam_ce;
@@ -258,6 +265,10 @@ struct bam_transaction {
u32 tx_sgl_start;
u32 rx_sgl_pos;
u32 rx_sgl_start;
+ bool wait_second_completion;
+ struct completion txn_done;
+ struct dma_async_tx_descriptor *last_data_desc;
+ struct dma_async_tx_descriptor *last_cmd_desc;
};
/*
@@ -504,6 +515,8 @@ static void free_bam_transaction(struct qcom_nand_controller *nandc)
bam_txn->data_sgl = bam_txn_buf;
+ init_completion(&bam_txn->txn_done);
+
return bam_txn;
}
@@ -523,11 +536,33 @@ static void clear_bam_transaction(struct qcom_nand_controller *nandc)
bam_txn->tx_sgl_start = 0;
bam_txn->rx_sgl_pos = 0;
bam_txn->rx_sgl_start = 0;
+ bam_txn->last_data_desc = NULL;
+ bam_txn->wait_second_completion = false;
sg_init_table(bam_txn->cmd_sgl, nandc->max_cwperpage *
QPIC_PER_CW_CMD_SGL);
sg_init_table(bam_txn->data_sgl, nandc->max_cwperpage *
QPIC_PER_CW_DATA_SGL);
+
+ reinit_completion(&bam_txn->txn_done);
+}
+
+/* Callback for DMA descriptor completion */
+static void qpic_bam_dma_done(void *data)
+{
+ struct bam_transaction *bam_txn = data;
+
+ /*
+ * In case of data transfer with NAND, 2 callbacks will be generated.
+ * One for command channel and another one for data channel.
+ * If current transaction has data descriptors
+ * (i.e. wait_second_completion is true), then set this to false
+ * and wait for second DMA descriptor completion.
+ */
+ if (bam_txn->wait_second_completion)
+ bam_txn->wait_second_completion = false;
+ else
+ complete(&bam_txn->txn_done);
}
static inline struct qcom_nand_host *to_qcom_nand_host(struct nand_chip *chip)
@@ -756,6 +791,12 @@ static int prepare_bam_async_desc(struct qcom_nand_controller *nandc,
desc->dma_desc = dma_desc;
+ /* update last data/command descriptor */
+ if (chan == nandc->cmd_chan)
+ bam_txn->last_cmd_desc = dma_desc;
+ else
+ bam_txn->last_data_desc = dma_desc;
+
list_add_tail(&desc->node, &nandc->desc_list);
return 0;
@@ -1273,10 +1314,20 @@ static int submit_descs(struct qcom_nand_controller *nandc)
cookie = dmaengine_submit(desc->dma_desc);
if (nandc->props->is_bam) {
+ bam_txn->last_cmd_desc->callback = qpic_bam_dma_done;
+ bam_txn->last_cmd_desc->callback_param = bam_txn;
+ if (bam_txn->last_data_desc) {
+ bam_txn->last_data_desc->callback = qpic_bam_dma_done;
+ bam_txn->last_data_desc->callback_param = bam_txn;
+ bam_txn->wait_second_completion = true;
+ }
+
dma_async_issue_pending(nandc->tx_chan);
dma_async_issue_pending(nandc->rx_chan);
+ dma_async_issue_pending(nandc->cmd_chan);
- if (dma_sync_wait(nandc->cmd_chan, cookie) != DMA_COMPLETE)
+ if (!wait_for_completion_timeout(&bam_txn->txn_done,
+ QPIC_NAND_COMPLETION_TIMEOUT))
return -ETIMEDOUT;
} else {
if (dma_sync_wait(nandc->chan, cookie) != DMA_COMPLETE)
--
QUALCOMM INDIA, on behalf of Qualcomm Innovation Center, Inc.
is a member of Code Aurora Forum, hosted by The Linux Foundation
The commit 719f6a7040f1bdaf96fcc ("printk: Use the main logbuf in NMI when
logbuf_lock is available") tried to detect when logbuf_lock was taken
on another CPU. Then it looked safe to wait for the lock even in NMI.
It would be safe if other locks were not involved. Ironically the same
commit introduced an ABBA deadlock scenario. It added a spin lock into
nmi_cpu_backtrace() to serialize logs from different CPUs. The effect
is that also the NMI handlers are serialized. As a result, logbuf_lock
might be blocked by NMI on another CPU:
CPU0 CPU1 CPU2
printk()
vprintk_emit()
spin_lock(&logbuf_lock)
trigger_all_cpu_backtrace()
raise()
nmi_enter()
printk_nmi_enter()
if (this_cpu_read(printk_context)
& PRINTK_SAFE_CONTEXT_MASK)
// false
else
// looks safe to use printk_deferred()
this_cpu_or(printk_context,
PRINTK_NMI_DEFERRED_CONTEXT_MASK);
nmi_cpu_backtrace()
arch_spin_lock(&lock);
show_regs()
nmi_enter()
nmi_cpu_backtrace()
arch_spin_lock(&lock);
printk()
vprintk_func()
vprintk_deferred()
vprintk_emit()
spin_lock(&logbuf_lock)
DEADLOCK: between &logbuf_lock from vprintk_emit() and
&lock from nmi_cpu_backtrace().
CPU0 CPU1
lock(logbuf_lock) lock(lock)
lock(lock) lock(logbuf_lock)
I have found this problem when stress testing trigger_all_cpu_backtrace()
and the system frozen.
Note that lockdep is not able to detect these dependencies because
there is no support for NMI context. Let's stay on the safe side
and always use printk_safe buffers when logbuf_lock is taken
when entering NMI.
Fixes: 719f6a7040f1bdaf96fcc ("printk: Use the main logbuf in NMI when logbuf_lock is available")
Cc: 4.13+ <stable(a)vger.kernel.org> # v4.13+
Signed-off-by: Petr Mladek <pmladek(a)suse.com>
---
kernel/printk/printk_safe.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/kernel/printk/printk_safe.c b/kernel/printk/printk_safe.c
index 449d67edfa4b..a2ebd749c053 100644
--- a/kernel/printk/printk_safe.c
+++ b/kernel/printk/printk_safe.c
@@ -310,15 +310,12 @@ void printk_nmi_enter(void)
{
/*
* The size of the extra per-CPU buffer is limited. Use it only when
- * the main one is locked. If this CPU is not in the safe context,
- * the lock must be taken on another CPU and we could wait for it.
+ * the main one is locked.
*/
- if ((this_cpu_read(printk_context) & PRINTK_SAFE_CONTEXT_MASK) &&
- raw_spin_is_locked(&logbuf_lock)) {
+ if (raw_spin_is_locked(&logbuf_lock))
this_cpu_or(printk_context, PRINTK_NMI_CONTEXT_MASK);
- } else {
+ else
this_cpu_or(printk_context, PRINTK_NMI_DEFERRED_CONTEXT_MASK);
- }
}
void printk_nmi_exit(void)
--
2.13.6
SPC5r17 states that the contents of the ADDITIONAL LENGTH field are not
altered based on the allocation length, so always calculate and pack the
full key list length even if the list itself is truncated.
According to Maged:
Yes it fixes the "Storage Spaces Persistent Reservation" test in the
Windows 2016 Server Failover Cluster validation suites when having
many connections that result in more than 8 registrations. I tested
your patch on 4.17 with iblock.
This behaviour can be tested using the libiscsi PrinReadKeys.Truncate
test.
Cc: stable(a)vger.kernel.org
Signed-off-by: David Disseldorp <ddiss(a)suse.de>
Reviewed-by: Mike Christie <mchristi(a)redhat.com>
Tested-by: Maged Mokhtar <mmokhtar(a)petasan.org>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
---
Changes since v2:
* drop unnecessary braces
* add Christoph's Reviewed-by
Changes since v1:
* CC stable
* mention Maged's Windows PR test fix comment in commit message
* add Reviewed-by and Tested-by tags
drivers/target/target_core_pr.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/drivers/target/target_core_pr.c b/drivers/target/target_core_pr.c
index 01ac306131c1..10db5656fd5d 100644
--- a/drivers/target/target_core_pr.c
+++ b/drivers/target/target_core_pr.c
@@ -3727,11 +3727,16 @@ core_scsi3_pri_read_keys(struct se_cmd *cmd)
* Check for overflow of 8byte PRI READ_KEYS payload and
* next reservation key list descriptor.
*/
- if ((add_len + 8) > (cmd->data_length - 8))
- break;
-
- put_unaligned_be64(pr_reg->pr_res_key, &buf[off]);
- off += 8;
+ if (off + 8 <= cmd->data_length) {
+ put_unaligned_be64(pr_reg->pr_res_key, &buf[off]);
+ off += 8;
+ }
+ /*
+ * SPC5r17: 6.16.2 READ KEYS service action
+ * The ADDITIONAL LENGTH field indicates the number of bytes in
+ * the Reservation key list. The contents of the ADDITIONAL
+ * LENGTH field are not altered based on the allocation length
+ */
add_len += 8;
}
spin_unlock(&dev->t10_pr.registration_lock);
--
2.13.7
Currently, when all modules, including VMCI and VMware balloon are built
into the kernel, the initialization of the balloon happens before the
VMCI is probed. As a result, the balloon fails to initialize the VMCI
doorbell, which it uses to get asynchronous requests for balloon size
changes.
The problem can be seen in the logs, in the form of the following
message:
"vmw_balloon: failed to initialize vmci doorbell"
The driver would work correctly but slightly less efficiently, probing
for requests periodically. This patch changes the balloon to be
initialized using late_initcall() instead of module_init() to address
this issue. It does not address a situation in which VMCI is built as a
module and the balloon is built into the kernel.
Fixes: 48e3d668b790 ("VMware balloon: Enable notification via VMCI")
Cc: stable(a)vger.kernel.org
Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com>
Signed-off-by: Nadav Amit <namit(a)vmware.com>
---
drivers/misc/vmw_balloon.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c
index a7df4c24a28d..e7cfc85f6961 100644
--- a/drivers/misc/vmw_balloon.c
+++ b/drivers/misc/vmw_balloon.c
@@ -1297,7 +1297,14 @@ static int __init vmballoon_init(void)
return 0;
}
-module_init(vmballoon_init);
+
+/*
+ * Using late_initcall() instead of module_init() allows the balloon to use the
+ * VMCI doorbell even when the balloon is built into the kernel. Otherwise the
+ * VMCI is probed only after the balloon is initialized. If the balloon is used
+ * as a module, late_initcall() is equivalent to module_init().
+ */
+late_initcall(vmballoon_init);
static void __exit vmballoon_exit(void)
{
--
2.17.0
If the hypervisor sets 2MB batching is on, while batching is cleared,
the balloon code breaks. In this case the legacy mechanism is used with
2MB page. The VM would report a 2MB page is ballooned, and the
hypervisor would only take the first 4KB.
While the hypervisor should not report such settings, make the code more
robust by not enabling 2MB support without batching.
Fixes: 365bd7ef7ec8e ("VMware balloon: Support 2m page ballooning.")
Cc: stable(a)vger.kernel.org
Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com>
Signed-off-by: Nadav Amit <nadav.amit(a)gmail.com>
---
drivers/misc/vmw_balloon.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c
index 28e77ab1e136..60ab83d3d0ef 100644
--- a/drivers/misc/vmw_balloon.c
+++ b/drivers/misc/vmw_balloon.c
@@ -341,7 +341,13 @@ static bool vmballoon_send_start(struct vmballoon *b, unsigned long req_caps)
success = false;
}
- if (b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS)
+ /*
+ * 2MB pages are only supported with batching. If batching is for some
+ * reason disabled, do not use 2MB pages, since otherwise the legacy
+ * mechanism is used with 2MB pages, causing a failure.
+ */
+ if ((b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) &&
+ (b->capabilities & VMW_BALLOON_BATCHED_CMDS))
b->supported_page_sizes = 2;
else
b->supported_page_sizes = 1;
--
2.17.0
The patch titled
Subject: slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG
has been added to the -mm tree. Its filename is
slub-fix-__kmem_cache_empty-for-config_slub_debug.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/slub-fix-__kmem_cache_empty-for-co…
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/slub-fix-__kmem_cache_empty-for-co…
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Shakeel Butt <shakeelb(a)google.com>
Subject: slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG
f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()")
causes crashes when using slub, as described at
http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ…
For !CONFIG_SLUB_DEBUG, SLUB does not maintain the number of slabs
allocated per node for a kmem_cache. Thus, slabs_node() in
__kmem_cache_empty() will always return 0. So, in such situation, it is
required to check per-cpu slabs to make sure if a kmem_cache is empty or
not.
Please note that __kmem_cache_shutdown() and __kmem_cache_shrink() are not
affected by !CONFIG_SLUB_DEBUG as they call flush_all() to clear per-cpu
slabs.
Link: http://lkml.kernel.org/r/20180619213352.71740-1-shakeelb@google.com
Link: http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ…
Fixes: f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()")
Signed-off-by: Shakeel Butt <shakeelb(a)google.com>
Reported-by: Jason A. Donenfeld <Jason(a)zx2c4.com>
Tested-by: Jason A. Donenfeld <Jason(a)zx2c4.com>
Cc: Christoph Lameter <cl(a)linux.com>
Cc: Pekka Enberg <penberg(a)kernel.org>
Cc: David Rientjes <rientjes(a)google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/slub.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff -puN mm/slub.c~slub-fix-__kmem_cache_empty-for-config_slub_debug mm/slub.c
--- a/mm/slub.c~slub-fix-__kmem_cache_empty-for-config_slub_debug
+++ a/mm/slub.c
@@ -3673,9 +3673,23 @@ static void free_partial(struct kmem_cac
bool __kmem_cache_empty(struct kmem_cache *s)
{
- int node;
+ int cpu, node;
struct kmem_cache_node *n;
+ /*
+ * slabs_node will always be 0 for !CONFIG_SLUB_DEBUG. So, manually
+ * check slabs for all cpus.
+ */
+ if (!IS_ENABLED(CONFIG_SLUB_DEBUG)) {
+ for_each_online_cpu(cpu) {
+ struct kmem_cache_cpu *c;
+
+ c = per_cpu_ptr(s->cpu_slab, cpu);
+ if (c->page || slub_percpu_partial(c))
+ return false;
+ }
+ }
+
for_each_kmem_cache_node(s, node, n)
if (n->nr_partial || slabs_node(s, node))
return false;
_
Patches currently in -mm which might be from shakeelb(a)google.com are
slub-fix-__kmem_cache_empty-for-config_slub_debug.patch
The patch titled
Subject: mm, devm_memremap_pages: handle errors allocating final devres action
has been removed from the -mm tree. Its filename was
mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch
This patch was dropped because an updated version will be merged
------------------------------------------------------
From: Dan Williams <dan.j.williams(a)intel.com>
Subject: mm, devm_memremap_pages: handle errors allocating final devres action
The last step before devm_memremap_pages() returns success is to
allocate a release action to tear the entire setup down. However, the
result from devm_add_action() is not checked.
Checking the error also means that we need to handle the fact that the
percpu_ref may not be killed by the time devm_memremap_pages_release()
runs. Add a new state flag for this case.
Without this change we could fail to register the teardown of
devm_memremap_pages(). The likelihood of hitting this failure is tiny
as small memory allocations almost always succeed. However, the impact
of the failure is large given any future reconfiguration, or
disable/enable, of an nvdimm namespace will fail forever as subsequent
calls to devm_memremap_pages() will fail to setup the pgmap_radix since
there will be stale entries for the physical address range.
Link: http://lkml.kernel.org/r/152694212460.5484.13180030631810166467.stgit@dwill…
Fixes: e8d513483300 ("memremap: change devm_memremap_pages interface...")
Signed-off-by: Dan Williams <dan.j.williams(a)intel.com>
Reviewed-by: Christoph Hellwig <hch(a)lst.de>
Cc: "Jérôme Glisse" <jglisse(a)redhat.com>
Cc: Logan Gunthorpe <logang(a)deltatee.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/memremap.h | 1 +
kernel/memremap.c | 8 ++++++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff -puN include/linux/memremap.h~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action include/linux/memremap.h
--- a/include/linux/memremap.h~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action
+++ a/include/linux/memremap.h
@@ -115,6 +115,7 @@ struct dev_pagemap {
dev_page_free_t page_free;
struct vmem_altmap altmap;
bool altmap_valid;
+ bool registered;
struct resource res;
struct percpu_ref *ref;
struct device *dev;
diff -puN kernel/memremap.c~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action kernel/memremap.c
--- a/kernel/memremap.c~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action
+++ a/kernel/memremap.c
@@ -124,7 +124,7 @@ static void devm_memremap_pages_release(
for_each_device_pfn(pfn, pgmap)
put_page(pfn_to_page(pfn));
- if (percpu_ref_tryget_live(pgmap->ref)) {
+ if (pgmap->registered && percpu_ref_tryget_live(pgmap->ref)) {
dev_WARN(dev, "%s: page mapping is still live!\n", __func__);
percpu_ref_put(pgmap->ref);
}
@@ -246,7 +246,11 @@ void *devm_memremap_pages(struct device
percpu_ref_get(pgmap->ref);
}
- devm_add_action(dev, devm_memremap_pages_release, pgmap);
+ error = devm_add_action_or_reset(dev, devm_memremap_pages_release,
+ pgmap);
+ if (error)
+ return ERR_PTR(error);
+ pgmap->registered = true;
return __va(res->start);
_
Patches currently in -mm which might be from dan.j.williams(a)intel.com are
mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch
mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch
mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch
This reverts commit 95b286daf7ba784191023ad110122703eb2ebabc.
This commit used an incorrect log message.
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
fs/btrfs/raid56.c | 18 ++++--------------
fs/btrfs/volumes.c | 9 +--------
2 files changed, 5 insertions(+), 22 deletions(-)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index b9fa99577bf7..1a33d3eb36de 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -2160,21 +2160,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio,
}
/*
- * Loop retry:
- * for 'mirror == 2', reconstruct from all other stripes.
- * for 'mirror_num > 2', select a stripe to fail on every retry.
+ * reconstruct from the q stripe if they are
+ * asking for mirror 3
*/
- if (mirror_num > 2) {
- /*
- * 'mirror == 3' is to fail the p stripe and
- * reconstruct from the q stripe. 'mirror > 3' is to
- * fail a data stripe and reconstruct from p+q stripe.
- */
- rbio->failb = rbio->real_stripes - (mirror_num - 1);
- ASSERT(rbio->failb > 0);
- if (rbio->failb <= rbio->faila)
- rbio->failb--;
- }
+ if (mirror_num == 3)
+ rbio->failb = rbio->real_stripes - 2;
ret = lock_stripe_add(rbio);
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index b4d63a9842fa..ed75d70b4bc2 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -5056,14 +5056,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len)
else if (map->type & BTRFS_BLOCK_GROUP_RAID5)
ret = 2;
else if (map->type & BTRFS_BLOCK_GROUP_RAID6)
- /*
- * There could be two corrupted data stripes, we need
- * to loop retry in order to rebuild the correct data.
- *
- * Fail a stripe at a time on every retry except the
- * stripe under reconstruction.
- */
- ret = map->num_stripes;
+ ret = 3;
else
ret = 1;
free_extent_map(em);
--
2.17.1
This reverts commit 95b286daf7ba784191023ad110122703eb2ebabc.
This commit used an incorrect log message.
Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk>
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
fs/btrfs/raid56.c | 18 ++++--------------
fs/btrfs/volumes.c | 9 +--------
2 files changed, 5 insertions(+), 22 deletions(-)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index b9fa99577bf7..1a33d3eb36de 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -2160,21 +2160,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio,
}
/*
- * Loop retry:
- * for 'mirror == 2', reconstruct from all other stripes.
- * for 'mirror_num > 2', select a stripe to fail on every retry.
+ * reconstruct from the q stripe if they are
+ * asking for mirror 3
*/
- if (mirror_num > 2) {
- /*
- * 'mirror == 3' is to fail the p stripe and
- * reconstruct from the q stripe. 'mirror > 3' is to
- * fail a data stripe and reconstruct from p+q stripe.
- */
- rbio->failb = rbio->real_stripes - (mirror_num - 1);
- ASSERT(rbio->failb > 0);
- if (rbio->failb <= rbio->faila)
- rbio->failb--;
- }
+ if (mirror_num == 3)
+ rbio->failb = rbio->real_stripes - 2;
ret = lock_stripe_add(rbio);
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index b4d63a9842fa..ed75d70b4bc2 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -5056,14 +5056,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len)
else if (map->type & BTRFS_BLOCK_GROUP_RAID5)
ret = 2;
else if (map->type & BTRFS_BLOCK_GROUP_RAID6)
- /*
- * There could be two corrupted data stripes, we need
- * to loop retry in order to rebuild the correct data.
- *
- * Fail a stripe at a time on every retry except the
- * stripe under reconstruction.
- */
- ret = map->num_stripes;
+ ret = 3;
else
ret = 1;
free_extent_map(em);
--
2.17.1
This reverts commit 186a6519dc94964a4c5c68fca482f20f71551f26.
This commit used an incorrect log message.
Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk>
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
fs/btrfs/raid56.c | 18 ++++--------------
fs/btrfs/volumes.c | 9 +--------
2 files changed, 5 insertions(+), 22 deletions(-)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index af6a776fa18c..d016d4a79864 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -2161,21 +2161,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio,
}
/*
- * Loop retry:
- * for 'mirror == 2', reconstruct from all other stripes.
- * for 'mirror_num > 2', select a stripe to fail on every retry.
+ * reconstruct from the q stripe if they are
+ * asking for mirror 3
*/
- if (mirror_num > 2) {
- /*
- * 'mirror == 3' is to fail the p stripe and
- * reconstruct from the q stripe. 'mirror > 3' is to
- * fail a data stripe and reconstruct from p+q stripe.
- */
- rbio->failb = rbio->real_stripes - (mirror_num - 1);
- ASSERT(rbio->failb > 0);
- if (rbio->failb <= rbio->faila)
- rbio->failb--;
- }
+ if (mirror_num == 3)
+ rbio->failb = rbio->real_stripes - 2;
ret = lock_stripe_add(rbio);
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 76017e1b3c0f..c2495cde26f6 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -5186,14 +5186,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len)
else if (map->type & BTRFS_BLOCK_GROUP_RAID5)
ret = 2;
else if (map->type & BTRFS_BLOCK_GROUP_RAID6)
- /*
- * There could be two corrupted data stripes, we need
- * to loop retry in order to rebuild the correct data.
- *
- * Fail a stripe at a time on every retry except the
- * stripe under reconstruction.
- */
- ret = map->num_stripes;
+ ret = 3;
else
ret = 1;
free_extent_map(em);
--
2.17.1
This reverts commit d91bb7c6988bd6450284c762b33f2e1ea3fe7c97.
This commit used an incorrect log message.
Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk>
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
fs/btrfs/raid56.c | 18 ++++--------------
fs/btrfs/volumes.c | 9 +--------
2 files changed, 5 insertions(+), 22 deletions(-)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index 2e995e565633..d1bda68a3386 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -2172,21 +2172,11 @@ int raid56_parity_recover(struct btrfs_fs_info *fs_info, struct bio *bio,
}
/*
- * Loop retry:
- * for 'mirror == 2', reconstruct from all other stripes.
- * for 'mirror_num > 2', select a stripe to fail on every retry.
+ * reconstruct from the q stripe if they are
+ * asking for mirror 3
*/
- if (mirror_num > 2) {
- /*
- * 'mirror == 3' is to fail the p stripe and
- * reconstruct from the q stripe. 'mirror > 3' is to
- * fail a data stripe and reconstruct from p+q stripe.
- */
- rbio->failb = rbio->real_stripes - (mirror_num - 1);
- ASSERT(rbio->failb > 0);
- if (rbio->failb <= rbio->faila)
- rbio->failb--;
- }
+ if (mirror_num == 3)
+ rbio->failb = rbio->real_stripes - 2;
ret = lock_stripe_add(rbio);
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 08afafb6ecf7..69bc37a87c5a 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -5110,14 +5110,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len)
else if (map->type & BTRFS_BLOCK_GROUP_RAID5)
ret = 2;
else if (map->type & BTRFS_BLOCK_GROUP_RAID6)
- /*
- * There could be two corrupted data stripes, we need
- * to loop retry in order to rebuild the correct data.
- *
- * Fail a stripe at a time on every retry except the
- * stripe under reconstruction.
- */
- ret = map->num_stripes;
+ ret = 3;
else
ret = 1;
free_extent_map(em);
--
2.17.1
From: Bartosz Golaszewski <bgolaszewski(a)baylibre.com>
This patch reverts commit 3243ff2a05ec ("net: ethernet: davinci_emac:
Deduplicate bus_find_device() by name matching") and adds a comment
which should stop anyone from reintroducing the same "fix" in the future.
We can't use bus_find_device_by_name() here because the device name is
not guaranteed to be 'davinci_mdio'. On some systems it can be
'davinci_mdio.0' so we need to use strncmp() against the first part of
the string to correctly match it.
Fixes: 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching")
Cc: stable(a)vger.kernel.org
Signed-off-by: Bartosz Golaszewski <bgolaszewski(a)baylibre.com>
---
drivers/net/ethernet/ti/davinci_emac.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/ti/davinci_emac.c b/drivers/net/ethernet/ti/davinci_emac.c
index 06d7c9e4dcda..a1a6445b5a7e 100644
--- a/drivers/net/ethernet/ti/davinci_emac.c
+++ b/drivers/net/ethernet/ti/davinci_emac.c
@@ -1385,6 +1385,11 @@ static int emac_devioctl(struct net_device *ndev, struct ifreq *ifrq, int cmd)
return -EOPNOTSUPP;
}
+static int match_first_device(struct device *dev, void *data)
+{
+ return !strncmp(dev_name(dev), "davinci_mdio", 12);
+}
+
/**
* emac_dev_open - EMAC device open
* @ndev: The DaVinci EMAC network adapter
@@ -1484,8 +1489,14 @@ static int emac_dev_open(struct net_device *ndev)
/* use the first phy on the bus if pdata did not give us a phy id */
if (!phydev && !priv->phy_id) {
- phy = bus_find_device_by_name(&mdio_bus_type, NULL,
- "davinci_mdio");
+ /* NOTE: we can't use bus_find_device_by_name() here because
+ * the device name is not guaranteed to be 'davinci_mdio'. On
+ * some systems it can be 'davinci_mdio.0' so we need to use
+ * strncmp() against the first part of the string to correctly
+ * match it.
+ */
+ phy = bus_find_device(&mdio_bus_type, NULL, NULL,
+ match_first_device);
if (phy) {
priv->phy_id = dev_name(phy);
if (!priv->phy_id || !*priv->phy_id)
--
2.17.1
Changes since v2 [1]:
* Rebased on v4.18-rc1
* Collect Logan's reviewed-by for "mm, devm_memremap_pages: Add
MEMORY_DEVICE_PRIVATE support"
* Convert __put_devmap_managed_page and devmap_managed_key to
EXPORT_SYMBOL otherwise put_page() becomes limited to GPL-only
modules.
* Clarify some of the changelogs.
[1]: https://lkml.org/lkml/2018/5/23/24
---
Hi Andrew, here's v3 to replace these 5 currently in mm:
mm-devm_memremap_pages-mark-devm_memremap_pages-export_symbol_gpl.patch
mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch
mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch
mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch
mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch
For maintainability, as ZONE_DEVICE continues to attract new users,
it is useful to keep all users consolidated on devm_memremap_pages() as
the interface for create "device pages".
The devm_memremap_pages() implementation was recently reworked to make
it more generic for arbitrary users, like the proposed peer-to-peer
PCI-E enabling. HMM pre-dated this rework and opted to duplicate
devm_memremap_pages() as hmm_devmem_pages_create().
Rework HMM to be a consumer of devm_memremap_pages() directly and fix up
the licensing on the exports given the deep dependencies on the mm.
Patches based on v4.18-rc1 where there are no upstream consumers of the
HMM functionality.
---
Dan Williams (8):
mm, devm_memremap_pages: Mark devm_memremap_pages() EXPORT_SYMBOL_GPL
mm, devm_memremap_pages: Kill mapping "System RAM" support
mm, devm_memremap_pages: Fix shutdown handling
mm, devm_memremap_pages: Add MEMORY_DEVICE_PRIVATE support
mm, hmm: Use devm semantics for hmm_devmem_{add,remove}
mm, hmm: Replace hmm_devmem_pages_create() with devm_memremap_pages()
mm, hmm: Mark hmm_devmem_{add,add_resource} EXPORT_SYMBOL_GPL
mm: Fix exports that inadvertently make put_page() EXPORT_SYMBOL_GPL
drivers/dax/pmem.c | 10 -
drivers/nvdimm/pmem.c | 18 +-
include/linux/hmm.h | 4
include/linux/memremap.h | 7 +
kernel/memremap.c | 89 +++++++----
mm/hmm.c | 307 +++++--------------------------------
tools/testing/nvdimm/test/iomap.c | 21 ++-
7 files changed, 132 insertions(+), 324 deletions(-)
SPC5r17 states that the contents of the ADDITIONAL LENGTH field are not
altered based on the allocation length, so always calculate and pack the
full key list length even if the list itself is truncated.
According to Maged:
Yes it fixes the "Storage Spaces Persistent Reservation" test in the
Windows 2016 Server Failover Cluster validation suites when having
many connections that result in more than 8 registrations. I tested
your patch on 4.17 with iblock.
This behaviour can be tested using the libiscsi PrinReadKeys.Truncate
test.
Cc: stable(a)vger.kernel.org
Signed-off-by: David Disseldorp <ddiss(a)suse.de>
Reviewed-by: Mike Christie <mchristi(a)redhat.com>
Tested-by: Maged Mokhtar <mmokhtar(a)petasan.org>
---
drivers/target/target_core_pr.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
Changes since v1:
* CC stable
* mention Maged's Windows PR test fix comment in commit message
* add Reviewed-by and Tested-by tags
diff --git a/drivers/target/target_core_pr.c b/drivers/target/target_core_pr.c
index 01ac306131c1..2e865fdaa362 100644
--- a/drivers/target/target_core_pr.c
+++ b/drivers/target/target_core_pr.c
@@ -3727,11 +3727,16 @@ core_scsi3_pri_read_keys(struct se_cmd *cmd)
* Check for overflow of 8byte PRI READ_KEYS payload and
* next reservation key list descriptor.
*/
- if ((add_len + 8) > (cmd->data_length - 8))
- break;
-
- put_unaligned_be64(pr_reg->pr_res_key, &buf[off]);
- off += 8;
+ if ((off + 8) <= cmd->data_length) {
+ put_unaligned_be64(pr_reg->pr_res_key, &buf[off]);
+ off += 8;
+ }
+ /*
+ * SPC5r17: 6.16.2 READ KEYS service action
+ * The ADDITIONAL LENGTH field indicates the number of bytes in
+ * the Reservation key list. The contents of the ADDITIONAL
+ * LENGTH field are not altered based on the allocation length
+ */
add_len += 8;
}
spin_unlock(&dev->t10_pr.registration_lock);
--
2.13.6
This is the start of the stable review cycle for the 4.4.137 release.
There are 24 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu Jun 14 16:48:07 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.137-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.4.137-rc1
Eric Dumazet <edumazet(a)google.com>
net: metrics: add proper netlink validation
Florian Fainelli <f.fainelli(a)gmail.com>
net: phy: broadcom: Fix bcm_write_exp()
Eric Dumazet <edumazet(a)google.com>
rtnetlink: validate attributes in do_setlink()
Dan Carpenter <dan.carpenter(a)oracle.com>
team: use netdev_features_t instead of u32
Jack Morgenstein <jackm(a)dev.mellanox.co.il>
net/mlx4: Fix irq-unsafe spinlock usage
Shahed Shaikh <shahed.shaikh(a)cavium.com>
qed: Fix mask for physical address in ILT entry
Willem de Bruijn <willemb(a)google.com>
packet: fix reserve calculation
Daniele Palmas <dnlplm(a)gmail.com>
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
Eric Dumazet <edumazet(a)google.com>
net/packet: refine check for priv area size
Cong Wang <xiyou.wangcong(a)gmail.com>
netdev-FAQ: clarify DaveM's position for stable backports
Wenwen Wang <wang6495(a)umn.edu>
isdn: eicon: fix a missing-check bug
Willem de Bruijn <willemb(a)google.com>
ipv4: remove warning in ip_recv_error
Sabrina Dubroca <sd(a)queasysnail.net>
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
Govindarajulu Varadarajan <gvaradar(a)cisco.com>
enic: set DMA mask to 47 bit
Alexey Kodanev <alexey.kodanev(a)oracle.com>
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
Julia Lawall <Julia.Lawall(a)lip6.fr>
bnx2x: use the right constant
Stefan Wahren <stefan.wahren(a)i2se.com>
brcmfmac: Fix check for ISO3166 code
Dave Airlie <airlied(a)redhat.com>
drm: set FMODE_UNSIGNED_OFFSET for drm files
Amir Goldstein <amir73il(a)gmail.com>
xfs: fix incorrect log_flushed on fsync
Nathan Chancellor <natechancellor(a)gmail.com>
kconfig: Avoid format overflow warning from GCC 8.1
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: relax file size limit for regular files
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: introduce sane default mmap limits
Chris Chiu <chiu(a)endlessm.com>
tpm: self test failure should not cause suspend to fail
Enric Balletbo i Serra <enric.balletbo(a)collabora.com>
tpm: do not suspend/resume if power stays on
-------------
Diffstat:
Documentation/networking/netdev-FAQ.txt | 9 ++++++
Makefile | 4 +--
drivers/char/tpm/tpm-chip.c | 13 +++++++++
drivers/char/tpm/tpm-interface.c | 7 +++++
drivers/char/tpm/tpm.h | 1 +
drivers/gpu/drm/drm_fops.c | 1 +
drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++-----
drivers/isdn/hardware/eicon/diva.h | 5 ++--
drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++-----
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +-
drivers/net/ethernet/cisco/enic/enic_main.c | 8 +++---
drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +--
drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +-
drivers/net/phy/bcm-cygnus.c | 6 ++--
drivers/net/phy/bcm-phy-lib.h | 7 +++++
drivers/net/phy/bcm7xxx.c | 4 +--
drivers/net/team/team.c | 3 +-
drivers/net/usb/cdc_mbim.c | 2 +-
drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 2 +-
fs/xfs/xfs_log.c | 7 -----
mm/mmap.c | 32 ++++++++++++++++++++++
net/core/rtnetlink.c | 8 +++---
net/dccp/proto.c | 2 --
net/ipv4/fib_semantics.c | 2 ++
net/ipv4/ip_sockglue.c | 2 --
net/ipv6/ip6mr.c | 3 +-
net/packet/af_packet.c | 4 +--
scripts/kconfig/confdata.c | 2 +-
28 files changed, 129 insertions(+), 53 deletions(-)
From: Sandy Huang <hjc(a)rock-chips.com>
The vop irq is shared between vop and iommu and irq probing in the
iommu driver moved to the probe function recently. This can in some
cases lead to a stall if the irq is triggered while the vop driver
still has it disabled, but the vop irq handler gets called.
But there is no real need to disable the irq, as the vop can simply
also track its enabled state and ignore irqs in that case.
For this we can simply check the power-domain state of the vop,
similar to how the iommu driver does it.
So remove the enable/disable handling and add appropriate condition
to the irq handler.
changes in v2:
- move to just check the power-domain state
- add clock handling
changes in v3:
- clarify comment to speak of runtime-pm not power-domain
changes in v4:
- address Marc's comments (clk-enable WARN_ON and style improvement)
Fixes: d0b912bd4c23 ("iommu/rockchip: Request irqs in rk_iommu_probe()")
Cc: stable(a)vger.kernel.org
Signed-off-by: Sandy Huang <hjc(a)rock-chips.com>
Signed-off-by: Heiko Stuebner <heiko(a)sntech.de>
Tested-by: Ezequiel Garcia <ezequiel(a)collabora.com>
---
drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 25 ++++++++++++++-------
1 file changed, 17 insertions(+), 8 deletions(-)
diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c
index 9a1f272e41c7..d105e984cf09 100644
--- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c
+++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c
@@ -573,8 +573,6 @@ static int vop_enable(struct drm_crtc *crtc)
spin_unlock(&vop->reg_lock);
- enable_irq(vop->irq);
-
drm_crtc_vblank_on(crtc);
return 0;
@@ -618,8 +616,6 @@ static void vop_crtc_atomic_disable(struct drm_crtc *crtc,
vop_dsp_hold_valid_irq_disable(vop);
- disable_irq(vop->irq);
-
vop->is_enabled = false;
/*
@@ -1195,6 +1191,18 @@ static irqreturn_t vop_isr(int irq, void *data)
uint32_t active_irqs;
int ret = IRQ_NONE;
+ /*
+ * The irq is shared with the iommu. If the runtime-pm state of the
+ * vop-device is disabled the irq has to be targetted at the iommu.
+ */
+ if (!pm_runtime_get_if_in_use(vop->dev))
+ return IRQ_NONE;
+
+ if (vop_core_clks_enable(vop)) {
+ DRM_DEV_ERROR_RATELIMITED(vop->dev, "couldn't enable clocks\n");
+ goto out;
+ }
+
/*
* interrupt register has interrupt status, enable and clear bits, we
* must hold irq_lock to avoid a race with enable/disable_vblank().
@@ -1210,7 +1218,7 @@ static irqreturn_t vop_isr(int irq, void *data)
/* This is expected for vop iommu irqs, since the irq is shared */
if (!active_irqs)
- return IRQ_NONE;
+ goto out_disable;
if (active_irqs & DSP_HOLD_VALID_INTR) {
complete(&vop->dsp_hold_completion);
@@ -1236,6 +1244,10 @@ static irqreturn_t vop_isr(int irq, void *data)
DRM_DEV_ERROR(vop->dev, "Unknown VOP IRQs: %#02x\n",
active_irqs);
+out_disable:
+ vop_core_clks_disable(vop);
+out:
+ pm_runtime_put(vop->dev);
return ret;
}
@@ -1614,9 +1626,6 @@ static int vop_bind(struct device *dev, struct device *master, void *data)
if (ret)
goto err_disable_pm_runtime;
- /* IRQ is initially disabled; it gets enabled in power_on */
- disable_irq(vop->irq);
-
return 0;
err_disable_pm_runtime:
--
2.17.0
From: Mike Snitzer <snitzer(a)redhat.com>
Use of bio_clone_bioset() is inefficient if there is no need to clone
the original bio's bio_vec array. Best to use the bio_clone_fast()
variant. Also, just using bio_advance() is only part of what is needed
to properly setup the clone -- it doesn't account for the various
bio_integrity() related work that also needs to be performed (see
bio_split).
Address both of these issues by switching from bio_clone_bioset() to
bio_split().
Fixes: 18a25da8 ("dm: ensure bio submission follows a depth-first tree walk")
Cc: stable(a)vger.kernel.org # 4.15+, requires removal of '&' before md->queue->bio_split
Reported-by: Christoph Hellwig <hch(a)lst.de>
Reviewed-by: NeilBrown <neilb(a)suse.com>
Signed-off-by: Mike Snitzer <snitzer(a)redhat.com>
---
drivers/md/dm.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/md/dm.c b/drivers/md/dm.c
index e65429a29c06..a3b103e8e3ce 100644
--- a/drivers/md/dm.c
+++ b/drivers/md/dm.c
@@ -1606,10 +1606,9 @@ static blk_qc_t __split_and_process_bio(struct mapped_device *md,
* the usage of io->orig_bio in dm_remap_zone_report()
* won't be affected by this reassignment.
*/
- struct bio *b = bio_clone_bioset(bio, GFP_NOIO,
- &md->queue->bio_split);
+ struct bio *b = bio_split(bio, bio_sectors(bio) - ci.sector_count,
+ GFP_NOIO, &md->queue->bio_split);
ci.io->orig_bio = b;
- bio_advance(bio, (bio_sectors(bio) - ci.sector_count) << 9);
bio_chain(b, bio);
ret = generic_make_request(bio);
break;
--
2.17.1
gregkh(a)linuxfoundation.org wrote:
>
> This is a note to let you know that I've just added the patch titled
>
> powerpc/trace/syscalls: Update syscall name matching logic
>
> to the 3.18-stable tree which can be found at:
> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum…
>
> The filename of the patch is:
> powerpc-trace-syscalls-update-syscall-name-matching-logic.patch
> and it can be found in the queue-3.18 subdirectory.
>
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable(a)vger.kernel.org> know about it.
Please drop this patch from v3.18 as this depends on commit
e145242ea0df6, which I don't see backported to v3.18.
Thanks,
Naveen
>
>
> From foo@baz Sun Jun 17 13:19:44 CEST 2018
> From: "Naveen N. Rao" <naveen.n.rao(a)linux.vnet.ibm.com>
> Date: Fri, 4 May 2018 18:44:24 +0530
> Subject: powerpc/trace/syscalls: Update syscall name matching logic
>
> From: "Naveen N. Rao" <naveen.n.rao(a)linux.vnet.ibm.com>
>
> [ Upstream commit 0b7758aaf6543b9a10c8671db559e9d374a3fd95 ]
>
> On powerpc64 ABIv1, we are enabling syscall tracing for only ~20
> syscalls. This is due to commit e145242ea0df6 ("syscalls/core,
> syscalls/x86: Clean up syscall stub naming convention") which has
> changed the syscall entry wrapper prefix from "SyS" to "__se_sys".
>
> Update the logic for ABIv1 to not just skip the initial dot, but also
> the "__se_sys" prefix.
>
> Fixes: commit e145242ea0df6 ("syscalls/core, syscalls/x86: Clean up
> syscall stub naming convention")
> Reported-by: Michael Ellerman <mpe(a)ellerman.id.au>
> Signed-off-by: Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com>
> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au>
> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
> ---
> arch/powerpc/include/asm/ftrace.h | 10 +++-------
> 1 file changed, 3 insertions(+), 7 deletions(-)
>
> --- a/arch/powerpc/include/asm/ftrace.h
> +++ b/arch/powerpc/include/asm/ftrace.h
> @@ -65,13 +65,9 @@ struct dyn_arch_ftrace {
> #define ARCH_HAS_SYSCALL_MATCH_SYM_NAME
> static inline bool arch_syscall_match_sym_name(const char *sym, const char *name)
> {
> - /*
> - * Compare the symbol name with the system call name. Skip the .sys or .SyS
> - * prefix from the symbol name and the sys prefix from the system call name and
> - * just match the rest. This is only needed on ppc64 since symbol names on
> - * 32bit do not start with a period so the generic function will work.
> - */
> - return !strcmp(sym + 4, name + 3);
> + /* We need to skip past the initial dot, and the __se_sys alias */
> + return !strcmp(sym + 1, name) ||
> + (!strncmp(sym, ".__se_sys", 9) && !strcmp(sym + 6, name));
> }
> #endif
> #endif /* CONFIG_FTRACE_SYSCALLS && CONFIG_PPC64 && !__ASSEMBLY__ */
>
>
> Patches currently in stable-queue which might be from naveen.n.rao(a)linux.vnet.ibm.com are
>
> queue-3.18/powerpc-trace-syscalls-update-syscall-name-matching-logic.patch
>
>
The patch titled
Subject: x86/e820: put !E820_TYPE_RAM regions into memblock.reserved
has been added to the -mm tree. Its filename is
x86-e820-put-e820_type_ram-regions-into-memblockreserved.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/x86-e820-put-e820_type_ram-regions…
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/x86-e820-put-e820_type_ram-regions…
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com>
Subject: x86/e820: put !E820_TYPE_RAM regions into memblock.reserved
There is a kernel panic that is triggered when reading /proc/kpageflags on
the kernel booted with kernel parameter 'memmap=nn[KMG]!ss[KMG]':
BUG: unable to handle kernel paging request at fffffffffffffffe
PGD 9b20e067 P4D 9b20e067 PUD 9b210067 PMD 0
Oops: 0000 [#1] SMP PTI
CPU: 2 PID: 1728 Comm: page-types Not tainted 4.17.0-rc6-mm1-v4.17-rc6-180605-0816-00236-g2dfb086ef02c+ #160
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.fc28 04/01/2014
RIP: 0010:stable_page_flags+0x27/0x3c0
Code: 00 00 00 0f 1f 44 00 00 48 85 ff 0f 84 a0 03 00 00 41 54 55 49 89 fc 53 48 8b 57 08 48 8b 2f 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 8b 00 f6 c4 01 0f 84 10 03 00 00 31 db 49 8b 54 24 08 4c 89 e7
RSP: 0018:ffffbbd44111fde0 EFLAGS: 00010202
RAX: fffffffffffffffe RBX: 00007fffffffeff9 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000202 RDI: ffffed1182fff5c0
RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000001
R10: ffffbbd44111fed8 R11: 0000000000000000 R12: ffffed1182fff5c0
R13: 00000000000bffd7 R14: 0000000002fff5c0 R15: ffffbbd44111ff10
FS: 00007efc4335a500(0000) GS:ffff93a5bfc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffffffffffffe CR3: 00000000b2a58000 CR4: 00000000001406e0
Call Trace:
kpageflags_read+0xc7/0x120
proc_reg_read+0x3c/0x60
__vfs_read+0x36/0x170
vfs_read+0x89/0x130
ksys_pread64+0x71/0x90
do_syscall_64+0x5b/0x160
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7efc42e75e23
Code: 09 00 ba 9f 01 00 00 e8 ab 81 f4 ff 66 2e 0f 1f 84 00 00 00 00 00 90 83 3d 29 0a 2d 00 00 75 13 49 89 ca b8 11 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 db d3 01 00 48 89 04 24
According to kernel bisection, this problem became visible due to commit
f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap")
which changes how struct pages are initialized.
Memblock layout affects the pfn ranges covered by node/zone. Consider
that we have a VM with 2 NUMA nodes and each node has 4GB memory, and the
default (no memmap= given) memblock layout is like below:
MEMBLOCK configuration:
memory size = 0x00000001fff75c00 reserved size = 0x000000000300c000
memory.cnt = 0x4
memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0
memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0
memory[0x2] [0x0000000100000000-0x000000013fffffff], 0x0000000040000000 bytes on node 0 flags: 0x0
memory[0x3] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0
...
If you give memmap=1G!4G (so it just covers memory[0x2]),
the range [0x100000000-0x13fffffff] is gone:
MEMBLOCK configuration:
memory size = 0x00000001bff75c00 reserved size = 0x000000000300c000
memory.cnt = 0x3
memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0
memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0
memory[0x2] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0
...
This causes shrinking node 0's pfn range because it is calculated by the
address range of memblock.memory. So some of struct pages in the gap
range are left uninitialized.
We have a function zero_resv_unavail() which does zeroing the struct pages
within the reserved unavailable range (i.e. memblock.memory &&
!memblock.reserved). This patch utilizes it to cover all unavailable
ranges by putting them into memblock.reserved.
Link: http://lkml.kernel.org/r/20180615072947.GB23273@hori1.linux.bs1.fc.nec.co.jp
Fixes: f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap")
Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com>
Tested-by: Oscar Salvador <osalvador(a)suse.de>
Acked-by: Michal Hocko <mhocko(a)suse.com>
Reviewed-by: Pavel Tatashin <pasha.tatashin(a)oracle.com>
Cc: Steven Sistare <steven.sistare(a)oracle.com>
Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com>
Cc: Matthew Wilcox <willy(a)infradead.org>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/x86/kernel/e820.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff -puN arch/x86/kernel/e820.c~x86-e820-put-e820_type_ram-regions-into-memblockreserved arch/x86/kernel/e820.c
--- a/arch/x86/kernel/e820.c~x86-e820-put-e820_type_ram-regions-into-memblockreserved
+++ a/arch/x86/kernel/e820.c
@@ -1248,6 +1248,7 @@ void __init e820__memblock_setup(void)
{
int i;
u64 end;
+ u64 addr = 0;
/*
* The bootstrap memblock region count maximum is 128 entries
@@ -1264,13 +1265,21 @@ void __init e820__memblock_setup(void)
struct e820_entry *entry = &e820_table->entries[i];
end = entry->addr + entry->size;
+ if (addr < entry->addr)
+ memblock_reserve(addr, entry->addr - addr);
+ addr = end;
if (end != (resource_size_t)end)
continue;
+ /*
+ * all !E820_TYPE_RAM ranges (including gap ranges) are put
+ * into memblock.reserved to make sure that struct pages in
+ * such regions are not left uninitialized after bootup.
+ */
if (entry->type != E820_TYPE_RAM && entry->type != E820_TYPE_RESERVED_KERN)
- continue;
-
- memblock_add(entry->addr, entry->size);
+ memblock_reserve(entry->addr, entry->size);
+ else
+ memblock_add(entry->addr, entry->size);
}
/* Throw away partial pages: */
_
Patches currently in -mm which might be from n-horiguchi(a)ah.jp.nec.com are
x86-e820-put-e820_type_ram-regions-into-memblockreserved.patch
The patch titled
Subject: mm: zero remaining unavailable struct pages
has been removed from the -mm tree. Its filename was
mm-zero-remaining-unavailable-struct-pages.patch
This patch was dropped because an updated version will be merged
------------------------------------------------------
From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com>
Subject: mm: zero remaining unavailable struct pages
There is a kernel panic that is triggered when reading /proc/kpageflags on
the kernel booted with kernel parameter 'memmap=nn[KMG]!ss[KMG]':
BUG: unable to handle kernel paging request at fffffffffffffffe
PGD 9b20e067 P4D 9b20e067 PUD 9b210067 PMD 0
Oops: 0000 [#1] SMP PTI
CPU: 2 PID: 1728 Comm: page-types Not tainted 4.17.0-rc6-mm1-v4.17-rc6-180605-0816-00236-g2dfb086ef02c+ #160
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.fc28 04/01/2014
RIP: 0010:stable_page_flags+0x27/0x3c0
Code: 00 00 00 0f 1f 44 00 00 48 85 ff 0f 84 a0 03 00 00 41 54 55 49 89 fc 53 48 8b 57 08 48 8b 2f 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 8b 00 f6 c4 01 0f 84 10 03 00 00 31 db 49 8b 54 24 08 4c 89 e7
RSP: 0018:ffffbbd44111fde0 EFLAGS: 00010202
RAX: fffffffffffffffe RBX: 00007fffffffeff9 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000202 RDI: ffffed1182fff5c0
RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000001
R10: ffffbbd44111fed8 R11: 0000000000000000 R12: ffffed1182fff5c0
R13: 00000000000bffd7 R14: 0000000002fff5c0 R15: ffffbbd44111ff10
FS: 00007efc4335a500(0000) GS:ffff93a5bfc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffffffffffffe CR3: 00000000b2a58000 CR4: 00000000001406e0
Call Trace:
kpageflags_read+0xc7/0x120
proc_reg_read+0x3c/0x60
__vfs_read+0x36/0x170
vfs_read+0x89/0x130
ksys_pread64+0x71/0x90
do_syscall_64+0x5b/0x160
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7efc42e75e23
Code: 09 00 ba 9f 01 00 00 e8 ab 81 f4 ff 66 2e 0f 1f 84 00 00 00 00 00 90 83 3d 29 0a 2d 00 00 75 13 49 89 ca b8 11 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 db d3 01 00 48 89 04 24
According to kernel bisection, this problem became visible due to commit
f7f99100d8d9 which changes how struct pages are initialized.
Memblock layout affects the pfn ranges covered by node/zone. Consider
that we have a VM with 2 NUMA nodes and each node has 4GB memory, and
the default (no memmap= given) memblock layout is like below:
MEMBLOCK configuration:
memory size = 0x00000001fff75c00 reserved size = 0x000000000300c000
memory.cnt = 0x4
memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0
memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0
memory[0x2] [0x0000000100000000-0x000000013fffffff], 0x0000000040000000 bytes on node 0 flags: 0x0
memory[0x3] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0
...
If you give memmap=1G!4G (so it just covers memory[0x2]),
the range [0x100000000-0x13fffffff] is gone:
MEMBLOCK configuration:
memory size = 0x00000001bff75c00 reserved size = 0x000000000300c000
memory.cnt = 0x3
memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0
memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0
memory[0x2] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0
...
This causes shrinking node 0's pfn range because it is calculated by
the address range of memblock.memory. So some of struct pages in the
gap range are left uninitialized.
We have a function zero_resv_unavail() which does zeroing the struct
pages outside memblock.memory, but currently it covers only the reserved
unavailable range (i.e. memblock.memory && !memblock.reserved).
This patch extends it to cover all unavailable range, which fixes
the reported issue.
Link: http://lkml.kernel.org/r/20180613054107.GA5329@hori1.linux.bs1.fc.nec.co.jp
Fixes: f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap")
Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com>
Tested-by: Oscar Salvador <osalvador(a)suse.de>
Cc: Pavel Tatashin <pasha.tatashin(a)oracle.com>
Cc: Steven Sistare <steven.sistare(a)oracle.com>
Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com>
Cc: Matthew Wilcox <willy(a)infradead.org>
Cc: Michal Hocko <mhocko(a)kernel.org>
Cc: Huang Ying <ying.huang(a)intel.com>
Cc: Ingo Molnar <mingo(a)kernel.org>
Cc: Dan Williams <dan.j.williams(a)intel.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/memblock.h | 16 ----------------
mm/page_alloc.c | 33 ++++++++++++++++++++++++---------
2 files changed, 24 insertions(+), 25 deletions(-)
diff -puN include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages include/linux/memblock.h
--- a/include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages
+++ a/include/linux/memblock.h
@@ -236,22 +236,6 @@ void __next_mem_pfn_range(int *idx, int
for_each_mem_range_rev(i, &memblock.memory, &memblock.reserved, \
nid, flags, p_start, p_end, p_nid)
-/**
- * for_each_resv_unavail_range - iterate through reserved and unavailable memory
- * @i: u64 used as loop variable
- * @flags: pick from blocks based on memory attributes
- * @p_start: ptr to phys_addr_t for start address of the range, can be %NULL
- * @p_end: ptr to phys_addr_t for end address of the range, can be %NULL
- *
- * Walks over unavailable but reserved (reserved && !memory) areas of memblock.
- * Available as soon as memblock is initialized.
- * Note: because this memory does not belong to any physical node, flags and
- * nid arguments do not make sense and thus not exported as arguments.
- */
-#define for_each_resv_unavail_range(i, p_start, p_end) \
- for_each_mem_range(i, &memblock.reserved, &memblock.memory, \
- NUMA_NO_NODE, MEMBLOCK_NONE, p_start, p_end, NULL)
-
static inline void memblock_set_region_flags(struct memblock_region *r,
unsigned long flags)
{
diff -puN mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages mm/page_alloc.c
--- a/mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages
+++ a/mm/page_alloc.c
@@ -6390,25 +6390,40 @@ void __paginginit free_area_init_node(in
* struct pages which are reserved in memblock allocator and their fields
* may be accessed (for example page_to_pfn() on some configuration accesses
* flags). We must explicitly zero those struct pages.
+ *
+ * This function also addresses a similar issue where struct pages are left
+ * uninitialized because the physical address range is not covered by
+ * memblock.memory or memblock.reserved. That could happen when memblock
+ * layout is manually configured via memmap=.
*/
void __paginginit zero_resv_unavail(void)
{
phys_addr_t start, end;
unsigned long pfn;
u64 i, pgcnt;
+ phys_addr_t next = 0;
/*
- * Loop through ranges that are reserved, but do not have reported
- * physical memory backing.
+ * Loop through unavailable ranges not covered by memblock.memory.
*/
pgcnt = 0;
- for_each_resv_unavail_range(i, &start, &end) {
- for (pfn = PFN_DOWN(start); pfn < PFN_UP(end); pfn++) {
- if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages)))
- continue;
- mm_zero_struct_page(pfn_to_page(pfn));
- pgcnt++;
+ for_each_mem_range(i, &memblock.memory, NULL,
+ NUMA_NO_NODE, MEMBLOCK_NONE, &start, &end, NULL) {
+ if (next < start) {
+ for (pfn = PFN_DOWN(next); pfn < PFN_UP(start); pfn++) {
+ if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages)))
+ continue;
+ mm_zero_struct_page(pfn_to_page(pfn));
+ pgcnt++;
+ }
}
+ next = end;
+ }
+ for (pfn = PFN_DOWN(next); pfn < max_pfn; pfn++) {
+ if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages)))
+ continue;
+ mm_zero_struct_page(pfn_to_page(pfn));
+ pgcnt++;
}
/*
@@ -6419,7 +6434,7 @@ void __paginginit zero_resv_unavail(void
* this code can be removed.
*/
if (pgcnt)
- pr_info("Reserved but unavailable: %lld pages", pgcnt);
+ pr_info("Zeroed struct page in unavailable ranges: %lld pages", pgcnt);
}
#endif /* CONFIG_HAVE_MEMBLOCK */
_
Patches currently in -mm which might be from n-horiguchi(a)ah.jp.nec.com are
Hi,
The patch has been in the mainline, and I have verified the commit can be cherry-picked
cleanly to these 3 stable branches mentioned in the subject.
When the patch was originally submitted, I did add a " Cc: stable(a)vger.kernel.org" tag:
https://lkml.org/lkml/2018/6/6/766 .
It looks somehow the tag was left out.
Thanks,
-- Dexuan
From: Martin Kelly <mkelly(a)xevo.com>
commit c043ec1ca5baae63726aae32abbe003192bc6eec upstream.
Currently, we use int for buffer length and bytes_per_datum. However,
kfifo uses unsigned int for length and size_t for element size. We need
to make sure these matches or we will have bugs related to overflow (in
the range between INT_MAX and UINT_MAX for length, for example).
In addition, set_bytes_per_datum uses size_t while bytes_per_datum is an
int, which would cause bugs for large values of bytes_per_datum.
Change buffer length to use unsigned int and bytes_per_datum to use
size_t.
Signed-off-by: Martin Kelly <mkelly(a)xevo.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
[bwh: Backported to 4.4:
- Drop change to iio_dma_buffer_set_length()
- Adjust filename, context]
Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk>
---
drivers/iio/buffer/kfifo_buf.c | 4 ++--
include/linux/iio/buffer.h | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/iio/buffer/kfifo_buf.c b/drivers/iio/buffer/kfifo_buf.c
index 7ef9b13262a8..e44181f9eb36 100644
--- a/drivers/iio/buffer/kfifo_buf.c
+++ b/drivers/iio/buffer/kfifo_buf.c
@@ -19,7 +19,7 @@ struct iio_kfifo {
#define iio_to_kfifo(r) container_of(r, struct iio_kfifo, buffer)
static inline int __iio_allocate_kfifo(struct iio_kfifo *buf,
- int bytes_per_datum, int length)
+ size_t bytes_per_datum, unsigned int length)
{
if ((length == 0) || (bytes_per_datum == 0))
return -EINVAL;
@@ -71,7 +71,7 @@ static int iio_set_bytes_per_datum_kfifo(struct iio_buffer *r, size_t bpd)
return 0;
}
-static int iio_set_length_kfifo(struct iio_buffer *r, int length)
+static int iio_set_length_kfifo(struct iio_buffer *r, unsigned int length)
{
/* Avoid an invalid state */
if (length < 2)
diff --git a/include/linux/iio/buffer.h b/include/linux/iio/buffer.h
index 1600c55828e0..93a774ce4922 100644
--- a/include/linux/iio/buffer.h
+++ b/include/linux/iio/buffer.h
@@ -49,7 +49,7 @@ struct iio_buffer_access_funcs {
int (*request_update)(struct iio_buffer *buffer);
int (*set_bytes_per_datum)(struct iio_buffer *buffer, size_t bpd);
- int (*set_length)(struct iio_buffer *buffer, int length);
+ int (*set_length)(struct iio_buffer *buffer, unsigned int length);
void (*release)(struct iio_buffer *buffer);
@@ -78,8 +78,8 @@ struct iio_buffer_access_funcs {
* @watermark: [INTERN] number of datums to wait for poll/read.
*/
struct iio_buffer {
- int length;
- int bytes_per_datum;
+ unsigned int length;
+ size_t bytes_per_datum;
struct attribute_group *scan_el_attrs;
long *scan_mask;
bool scan_timestamp;
--
Ben Hutchings, Software Developer Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom
The patch
spi: cadence: Change usleep_range() to udelay(), for atomic context
has been applied to the spi tree at
https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git
All being well this means that it will be integrated into the linux-next
tree (usually sometime in the next 24 hours) and sent to Linus during
the next merge window (or sooner if it is a bug fix), however if
problems are discovered then the patch may be dropped or reverted.
You may get further e-mails resulting from automated or manual testing
and review of the tree, please engage with people reporting problems and
send followup patches addressing any issues that are reported if needed.
If any updates are required or you are submitting further changes they
should be sent as incremental updates against current git, existing
patches will not be replaced.
Please add any relevant lists and maintainers to the CCs when replying
to this mail.
Thanks,
Mark
>From 931c4e9a72ae91d59c5332ffb6812911a749da8e Mon Sep 17 00:00:00 2001
From: Janek Kotas <jank(a)cadence.com>
Date: Mon, 4 Jun 2018 11:24:44 +0000
Subject: [PATCH] spi: cadence: Change usleep_range() to udelay(), for atomic
context
The path "spi: cadence: Add usleep_range() for
cdns_spi_fill_tx_fifo()" added a usleep_range() function call,
which cannot be used in atomic context.
However the cdns_spi_fill_tx_fifo() function can be called during
an interrupt which may result in a kernel panic:
BUG: scheduling while atomic: grep/561/0x00010002
Modules linked in:
Preemption disabled at:
[<ffffff800858ea28>] wait_for_common+0x48/0x178
CPU: 0 PID: 561 Comm: grep Not tainted 4.17.0 #1
Hardware name: Cadence CSP (DT)
Call trace:
dump_backtrace+0x0/0x198
show_stack+0x14/0x20
dump_stack+0x8c/0xac
__schedule_bug+0x6c/0xb8
__schedule+0x570/0x5d8
schedule+0x34/0x98
schedule_hrtimeout_range_clock+0x98/0x110
schedule_hrtimeout_range+0x10/0x18
usleep_range+0x64/0x98
cdns_spi_fill_tx_fifo+0x70/0xb0
cdns_spi_irq+0xd0/0xe0
__handle_irq_event_percpu+0x9c/0x128
handle_irq_event_percpu+0x34/0x88
handle_irq_event+0x48/0x78
handle_fasteoi_irq+0xbc/0x1b0
generic_handle_irq+0x24/0x38
__handle_domain_irq+0x84/0xf8
gic_handle_irq+0xc4/0x180
This patch replaces the function call with udelay() which can be
used in an atomic context, like an interrupt.
Signed-off-by: Jan Kotas <jank(a)cadence.com>
Signed-off-by: Mark Brown <broonie(a)kernel.org>
Cc: stable(a)vger.kernel.org
---
drivers/spi/spi-cadence.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/spi/spi-cadence.c b/drivers/spi/spi-cadence.c
index f3dad6fcdc35..a568f35522f9 100644
--- a/drivers/spi/spi-cadence.c
+++ b/drivers/spi/spi-cadence.c
@@ -319,7 +319,7 @@ static void cdns_spi_fill_tx_fifo(struct cdns_spi *xspi)
*/
if (cdns_spi_read(xspi, CDNS_SPI_ISR) &
CDNS_SPI_IXR_TXFULL)
- usleep_range(10, 20);
+ udelay(10);
if (xspi->txbuf)
cdns_spi_write(xspi, CDNS_SPI_TXD, *xspi->txbuf++);
--
2.17.1
From: Sandy Huang <hjc(a)rock-chips.com>
The vop irq is shared between vop and iommu and irq probing in the
iommu driver moved to the probe function recently. This can in some
cases lead to a stall if the irq is triggered while the vop driver
still has it disabled, but the vop irq handler gets called.
But there is no real need to disable the irq, as the vop can simply
also track its enabled state and ignore irqs in that case.
For this we can simply check the power-domain state of the vop,
similar to how the iommu driver does it.
So remove the enable/disable handling and add appropriate condition
to the irq handler.
changes in v2:
- move to just check the power-domain state
- add clock handling
changes in v3:
- clarify comment to speak of runtime-pm not power-domain
Fixes: d0b912bd4c23 ("iommu/rockchip: Request irqs in rk_iommu_probe()")
Cc: stable(a)vger.kernel.org
Signed-off-by: Sandy Huang <hjc(a)rock-chips.com>
Signed-off-by: Heiko Stuebner <heiko(a)sntech.de>
Tested-by: Ezequiel Garcia <ezequiel(a)collabora.com>
---
drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 28 ++++++++++++++-------
1 file changed, 19 insertions(+), 9 deletions(-)
diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c
index 9a1f272e41c7..ae8a69793aed 100644
--- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c
+++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c
@@ -573,8 +573,6 @@ static int vop_enable(struct drm_crtc *crtc)
spin_unlock(&vop->reg_lock);
- enable_irq(vop->irq);
-
drm_crtc_vblank_on(crtc);
return 0;
@@ -618,8 +616,6 @@ static void vop_crtc_atomic_disable(struct drm_crtc *crtc,
vop_dsp_hold_valid_irq_disable(vop);
- disable_irq(vop->irq);
-
vop->is_enabled = false;
/*
@@ -1195,6 +1191,16 @@ static irqreturn_t vop_isr(int irq, void *data)
uint32_t active_irqs;
int ret = IRQ_NONE;
+ /*
+ * The irq is shared with the iommu. If the runtime-pm state of the
+ * vop-device is disabled the irq has to be targetted at the iommu.
+ */
+ if (!pm_runtime_get_if_in_use(vop->dev))
+ return IRQ_NONE;
+
+ if (WARN_ON(vop_core_clks_enable(vop)))
+ goto out;
+
/*
* interrupt register has interrupt status, enable and clear bits, we
* must hold irq_lock to avoid a race with enable/disable_vblank().
@@ -1209,8 +1215,11 @@ static irqreturn_t vop_isr(int irq, void *data)
spin_unlock(&vop->irq_lock);
/* This is expected for vop iommu irqs, since the irq is shared */
- if (!active_irqs)
- return IRQ_NONE;
+ if (!active_irqs) {
+ ret = IRQ_NONE;
+ vop_core_clks_disable(vop);
+ goto out;
+ }
if (active_irqs & DSP_HOLD_VALID_INTR) {
complete(&vop->dsp_hold_completion);
@@ -1236,6 +1245,10 @@ static irqreturn_t vop_isr(int irq, void *data)
DRM_DEV_ERROR(vop->dev, "Unknown VOP IRQs: %#02x\n",
active_irqs);
+ vop_core_clks_disable(vop);
+
+out:
+ pm_runtime_put(vop->dev);
return ret;
}
@@ -1614,9 +1627,6 @@ static int vop_bind(struct device *dev, struct device *master, void *data)
if (ret)
goto err_disable_pm_runtime;
- /* IRQ is initially disabled; it gets enabled in power_on */
- disable_irq(vop->irq);
-
return 0;
err_disable_pm_runtime:
--
2.17.0
This reverts commit 2c17a4368aad2b88b68e4390c819e226cf320f70.
The offending commit triggers a run-time fault when accessing the panel
element of the sun4i_tcon structure when no such panel is attached.
It was apparently assumed in said commit that a panel is always used with
the TCON. Although it is often the case, this is not always true.
For instance a bridge might be used instead of a panel.
This issue was discovered using an A13-OLinuXino, that uses the TCON
in RGB mode for a simple DAC-based VGA bridge.
Cc: stable(a)vger.kernel.org
Signed-off-by: Paul Kocialkowski <paul.kocialkowski(a)bootlin.com>
---
drivers/gpu/drm/sun4i/sun4i_tcon.c | 25 -------------------------
1 file changed, 25 deletions(-)
diff --git a/drivers/gpu/drm/sun4i/sun4i_tcon.c b/drivers/gpu/drm/sun4i/sun4i_tcon.c
index c3d92d537240..8045871335b5 100644
--- a/drivers/gpu/drm/sun4i/sun4i_tcon.c
+++ b/drivers/gpu/drm/sun4i/sun4i_tcon.c
@@ -17,7 +17,6 @@
#include <drm/drm_encoder.h>
#include <drm/drm_modes.h>
#include <drm/drm_of.h>
-#include <drm/drm_panel.h>
#include <uapi/drm/drm_mode.h>
@@ -350,9 +349,6 @@ static void sun4i_tcon0_mode_set_lvds(struct sun4i_tcon *tcon,
static void sun4i_tcon0_mode_set_rgb(struct sun4i_tcon *tcon,
const struct drm_display_mode *mode)
{
- struct drm_panel *panel = tcon->panel;
- struct drm_connector *connector = panel->connector;
- struct drm_display_info display_info = connector->display_info;
unsigned int bp, hsync, vsync;
u8 clk_delay;
u32 val = 0;
@@ -410,27 +406,6 @@ static void sun4i_tcon0_mode_set_rgb(struct sun4i_tcon *tcon,
if (mode->flags & DRM_MODE_FLAG_PVSYNC)
val |= SUN4I_TCON0_IO_POL_VSYNC_POSITIVE;
- /*
- * On A20 and similar SoCs, the only way to achieve Positive Edge
- * (Rising Edge), is setting dclk clock phase to 2/3(240°).
- * By default TCON works in Negative Edge(Falling Edge),
- * this is why phase is set to 0 in that case.
- * Unfortunately there's no way to logically invert dclk through
- * IO_POL register.
- * The only acceptable way to work, triple checked with scope,
- * is using clock phase set to 0° for Negative Edge and set to 240°
- * for Positive Edge.
- * On A33 and similar SoCs there would be a 90° phase option,
- * but it divides also dclk by 2.
- * Following code is a way to avoid quirks all around TCON
- * and DOTCLOCK drivers.
- */
- if (display_info.bus_flags & DRM_BUS_FLAG_PIXDATA_POSEDGE)
- clk_set_phase(tcon->dclk, 240);
-
- if (display_info.bus_flags & DRM_BUS_FLAG_PIXDATA_NEGEDGE)
- clk_set_phase(tcon->dclk, 0);
-
regmap_update_bits(tcon->regs, SUN4I_TCON0_IO_POL_REG,
SUN4I_TCON0_IO_POL_HSYNC_POSITIVE | SUN4I_TCON0_IO_POL_VSYNC_POSITIVE,
val);
--
2.17.0
From: Eric Dumazet <edumazet(a)google.com>
commit 02db55718d53f9d426cee504c27fb768e9ed4ffe upstream.
While rcvbuf is properly clamped by tcp_rmem[2], rcvwin
is left to a potentially too big value.
It has no serious effect, since :
1) tcp_grow_window() has very strict checks.
2) window_clamp can be mangled by user space to any value anyway.
tcp_init_buffer_space() and companions use tcp_full_space(),
we use tcp_win_from_space() to avoid reloading sk->sk_rcvbuf
Signed-off-by: Eric Dumazet <edumazet(a)google.com>
Acked-by: Soheil Hassas Yeganeh <soheil(a)google.com>
Acked-by: Wei Wang <weiwan(a)google.com>
Acked-by: Neal Cardwell <ncardwell(a)google.com>
Signed-off-by: David S. Miller <davem(a)davemloft.net>
Signed-off-by: Guenter Roeck <linux(a)roeck-us.net>
---
net/ipv4/tcp_input.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 125b49c166a4..f0caff3139ed 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -647,7 +647,7 @@ void tcp_rcv_space_adjust(struct sock *sk)
sk->sk_rcvbuf = rcvbuf;
/* Make the window clamp follow along. */
- tp->window_clamp = rcvwin;
+ tp->window_clamp = tcp_win_from_space(rcvbuf);
}
}
tp->rcvq_space.space = copied;
--
2.7.4
Hi,
4.14.48 can cause abnormally small TCP receive windows when the sender is
faster than the receiver; see https://github.com/coreos/bugs/issues/2457 for
details. Reverting "tcp: avoid integer overflows in tcp_rcv_space_adjust()"
fixes it. Backporting 02db55718d53 ("tcp: do not overshoot window_clamp in
tcp_rcv_space_adjust()"), which is its parent commit upstream, also fixes
it.
--Benjamin Gilbert
Tree/Branch: v3.16.57
Git describe: v3.16.57
Commit: e472f29ebd Linux 3.16.57
Build Time: 31 min 15 sec
Passed: 10 / 10 (100.00 %)
Failed: 0 / 10 ( 0.00 %)
Errors: 0
Warnings: 16
Section Mismatches: 0
-------------------------------------------------------------------------------
defconfigs with issues (other than build errors):
1 warnings 0 mismatches : arm64-allmodconfig
1 warnings 0 mismatches : x86_64-defconfig
4 warnings 0 mismatches : arm-allmodconfig
1 warnings 0 mismatches : x86_64-allnoconfig
9 warnings 0 mismatches : x86_64-allmodconfig
2 warnings 0 mismatches : arm64-defconfig
-------------------------------------------------------------------------------
Warnings Summary: 16
2 ../ipc/sem.c:377:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized]
2 ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1346:17: warning: unused variable 'kdev' [-Wunused-variable]
1 ../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:529:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:524:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/staging/rtl8192ee/btcoexist/halbtc8821a2ant.c:2338:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/scsi/fnic/fnic_fcs.c:104:6: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/platform/x86/eeepc-laptop.c:279:10: warning: 'value' may be used uninitialized in this function [-Wmaybe-uninitialized]
1 ../drivers/net/wireless/rtlwifi/rtl8723be/hw.c:1132:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/mtd/nand/omap2.c:1318:12: warning: 'omap_calculate_ecc_bch_multi' defined but not used [-Wunused-function]
1 ../drivers/media/platform/davinci/vpfe_capture.c:291:12: warning: 'vpfe_get_ccdc_image_format' defined but not used [-Wunused-function]
1 ../drivers/media/platform/davinci/vpfe_capture.c:1718:1: warning: label 'unlock_out' defined but not used [-Wunused-label]
1 ../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../arch/x86/kernel/cpu/common.c:1095:13: warning: 'syscall32_cpu_init' defined but not used [-Wunused-function]
===============================================================================
Detailed per-defconfig build reports below:
-------------------------------------------------------------------------------
arm64-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches
Warnings:
../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1346:17: warning: unused variable 'kdev' [-Wunused-variable]
-------------------------------------------------------------------------------
x86_64-defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches
Warnings:
../drivers/platform/x86/eeepc-laptop.c:279:10: warning: 'value' may be used uninitialized in this function [-Wmaybe-uninitialized]
-------------------------------------------------------------------------------
arm-allmodconfig : PASS, 0 errors, 4 warnings, 0 section mismatches
Warnings:
../drivers/mtd/nand/omap2.c:1318:12: warning: 'omap_calculate_ecc_bch_multi' defined but not used [-Wunused-function]
../drivers/media/platform/davinci/vpfe_capture.c:1718:1: warning: label 'unlock_out' defined but not used [-Wunused-label]
../drivers/media/platform/davinci/vpfe_capture.c:291:12: warning: 'vpfe_get_ccdc_image_format' defined but not used [-Wunused-function]
../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1346:17: warning: unused variable 'kdev' [-Wunused-variable]
-------------------------------------------------------------------------------
x86_64-allnoconfig : PASS, 0 errors, 1 warnings, 0 section mismatches
Warnings:
../arch/x86/kernel/cpu/common.c:1095:13: warning: 'syscall32_cpu_init' defined but not used [-Wunused-function]
-------------------------------------------------------------------------------
x86_64-allmodconfig : PASS, 0 errors, 9 warnings, 0 section mismatches
Warnings:
../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/scsi/fnic/fnic_fcs.c:104:6: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/net/wireless/rtlwifi/rtl8723be/hw.c:1132:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/rtl8192ee/rtl8192ee/hw.c:524:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/rtl8192ee/rtl8192ee/hw.c:529:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/rtl8192ee/btcoexist/halbtc8821a2ant.c:2338:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
-------------------------------------------------------------------------------
arm64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches
Warnings:
../ipc/sem.c:377:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized]
../ipc/sem.c:377:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized]
-------------------------------------------------------------------------------
Passed with no errors, warnings or mismatches:
arm64-allnoconfig
arm-multi_v7_defconfig
arm-allnoconfig
arm-multi_v5_defconfig
Previously, extcon used the spinlock before calling the notifier_call_chain
to prevent the scheduled out of task and to prevent the notification delay.
When spinlock is locked for sending the notification, deadlock issue
occured on the side of extcon consumer device. To fix this issue,
extcon consumer device should always use the work. it is always not
reasonable to use work.
To fix this issue on extcon consumer device, release locking when sending
the notification of connector state.
Fixes: ab11af049f88 ("extcon: Add the synchronization extcon APIs to support the notification")
Cc: stable(a)vger.kernel.org
Cc: Roger Quadros <rogerq(a)ti.com>
Cc: Kishon Vijay Abraham I <kishon(a)ti.com>
Signed-off-by: Chanwoo Choi <cw00.choi(a)samsung.com>
---
drivers/extcon/extcon.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/extcon/extcon.c b/drivers/extcon/extcon.c
index 8bff5fd18185..f75b08a45d4e 100644
--- a/drivers/extcon/extcon.c
+++ b/drivers/extcon/extcon.c
@@ -433,8 +433,8 @@ int extcon_sync(struct extcon_dev *edev, unsigned int id)
return index;
spin_lock_irqsave(&edev->lock, flags);
-
state = !!(edev->state & BIT(index));
+ spin_unlock_irqrestore(&edev->lock, flags);
/*
* Call functions in a raw notifier chain for the specific one
@@ -448,6 +448,7 @@ int extcon_sync(struct extcon_dev *edev, unsigned int id)
*/
raw_notifier_call_chain(&edev->nh_all, state, edev);
+ spin_lock_irqsave(&edev->lock, flags);
/* This could be in interrupt handler */
prop_buf = (char *)get_zeroed_page(GFP_ATOMIC);
if (!prop_buf) {
--
1.9.1
On 2018/6/8 2:18, Ben Hutchings wrote:
> On Thu, 2018-06-07 at 17:32 +0100, John Garry wrote:
>> On 07/06/2018 15:05, Ben Hutchings wrote:
>>> 3.16.57-rc1 review patch. If anyone has any objections, please let me know.
>>>
>>> ------------------
>>>
>>
>> Hi Ben,
>>
>> I noticed that you are looking to backport this patch to 3.16
>>
>> I am wondering why you are taking this libsas patch (and a couple other
>> libsas patches) in isolation, when these patches were part of a series
>> to fix libsas hotplug issues? I'm not sure if cherry-picking certain
>> patches is ok.
>>
>> Maybe Jason (cc'ed) can comment further.
>
> This one apparently fixed a security issue (CVE-2017-18232), though I'm
> certainly not convinced it's a particularly serious one.
>
> But please send objections to the list, not just privately.
>
Hi Ben,
This patch is in the series below. I recommend to backport them
together. If you really want to do this, I'm happy to help you to
backport them.
1689c9367bfa scsi: libsas: notify event PORTE_BROADCAST_RCVD in
sas_enable_revalidation()
0558f33c06bb scsi: libsas: direct call probe and destruct
517e5153d242 scsi: libsas: use flush_workqueue to process disco events
synchronously
93bdbd06b164 scsi: libsas: Use new workqueue to run sas event and disco
event
8eea9dd84e45 scsi: libsas: make the event threshold configurable
f12486e06ae8 scsi: libsas: shut down the PHY if events reached the threshold
1c393b970e0f scsi: libsas: Use dynamic alloced work to avoid sas event lost
> Ben.
>
>> Thanks,
>> John
>>
>>> From: Jason Yan <yanaijie(a)huawei.com>
>>>
>>> commit 0558f33c06bb910e2879e355192227a8e8f0219d upstream.
>>>
>>> In commit 87c8331fcf72 ("[SCSI] libsas: prevent domain rediscovery
>>> competing with ata error handling") introduced disco mutex to prevent
>>> rediscovery competing with ata error handling and put the whole
>>> revalidation in the mutex. But the rphy add/remove needs to wait for the
>>> error handling which also grabs the disco mutex. This may leads to dead
>>> lock.So the probe and destruct event were introduce to do the rphy
>>> add/remove asynchronously and out of the lock.
>>>
>>> The asynchronously processed workers makes the whole discovery process
>>> not atomic, the other events may interrupt the process. For example,
>>> if a loss of signal event inserted before the probe event, the
>>> sas_deform_port() is called and the port will be deleted.
>>>
>>> And sas_port_delete() may run before the destruct event, but the
>>> port-x:x is the top parent of end device or expander. This leads to
>>> a kernel WARNING such as:
>>>
>>> [ 82.042979] sysfs group 'power' not found for kobject 'phy-1:0:22'
>>> [ 82.042983] ------------[ cut here ]------------
>>> [ 82.042986] WARNING: CPU: 54 PID: 1714 at fs/sysfs/group.c:237
>>> sysfs_remove_group+0x94/0xa0
>>> [ 82.043059] Call trace:
>>> [ 82.043082] [<ffff0000082e7624>] sysfs_remove_group+0x94/0xa0
>>> [ 82.043085] [<ffff00000864e320>] dpm_sysfs_remove+0x60/0x70
>>> [ 82.043086] [<ffff00000863ee10>] device_del+0x138/0x308
>>> [ 82.043089] [<ffff00000869a2d0>] sas_phy_delete+0x38/0x60
>>> [ 82.043091] [<ffff00000869a86c>] do_sas_phy_delete+0x6c/0x80
>>> [ 82.043093] [<ffff00000863dc20>] device_for_each_child+0x58/0xa0
>>> [ 82.043095] [<ffff000008696f80>] sas_remove_children+0x40/0x50
>>> [ 82.043100] [<ffff00000869d1bc>] sas_destruct_devices+0x64/0xa0
>>> [ 82.043102] [<ffff0000080e93bc>] process_one_work+0x1fc/0x4b0
>>> [ 82.043104] [<ffff0000080e96c0>] worker_thread+0x50/0x490
>>> [ 82.043105] [<ffff0000080f0364>] kthread+0xfc/0x128
>>> [ 82.043107] [<ffff0000080836c0>] ret_from_fork+0x10/0x50
>>>
>>> Make probe and destruct a direct call in the disco and revalidate function,
>>> but put them outside the lock. The whole discovery or revalidate won't
>>> be interrupted by other events. And the DISCE_PROBE and DISCE_DESTRUCT
>>> event are deleted as a result of the direct call.
>>>
>>> Introduce a new list to destruct the sas_port and put the port delete after
>>> the destruct. This makes sure the right order of destroying the sysfs
>>> kobject and fix the warning above.
>>>
>>> In sas_ex_revalidate_domain() have a loop to find all broadcasted
>>> device, and sometimes we have a chance to find the same expander twice.
>>> Because the sas_port will be deleted at the end of the whole revalidate
>>> process, sas_port with the same name cannot be added before this.
>>> Otherwise the sysfs will complain of creating duplicate filename. Since
>>> the LLDD will send broadcast for every device change, we can only
>>> process one expander's revalidation.
>>>
>>> [mkp: kbuild test robot warning]
>>>
>>> Signed-off-by: Jason Yan <yanaijie(a)huawei.com>
>>> CC: John Garry <john.garry(a)huawei.com>
>>> CC: Johannes Thumshirn <jthumshirn(a)suse.de>
>>> CC: Ewan Milne <emilne(a)redhat.com>
>>> CC: Christoph Hellwig <hch(a)lst.de>
>>> CC: Tomas Henzl <thenzl(a)redhat.com>
>>> CC: Dan Williams <dan.j.williams(a)intel.com>
>>> Reviewed-by: Hannes Reinecke <hare(a)suse.com>
>>> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com>
>>> [bwh: Backported to 4.9: adjust context]
>>> Signed-off-by: Ben Hutchings <ben(a)decadent.org.uk>
>>> ---
>>> drivers/scsi/libsas/sas_ata.c | 1 -
>>> drivers/scsi/libsas/sas_discover.c | 32 +++++++++++++++++-------------
>>> drivers/scsi/libsas/sas_expander.c | 8 +++-----
>>> drivers/scsi/libsas/sas_internal.h | 1 +
>>> drivers/scsi/libsas/sas_port.c | 3 +++
>>> include/scsi/libsas.h | 3 +--
>>> include/scsi/scsi_transport_sas.h | 1 +
>>> 7 files changed, 27 insertions(+), 22 deletions(-)
>>>
>>> --- a/drivers/scsi/libsas/sas_ata.c
>>> +++ b/drivers/scsi/libsas/sas_ata.c
>>> @@ -782,7 +782,6 @@ int sas_discover_sata(struct domain_devi
>>> if (res)
>>> return res;
>>>
>>> - sas_discover_event(dev->port, DISCE_PROBE);
>>> return 0;
>>> }
>>>
>>> --- a/drivers/scsi/libsas/sas_discover.c
>>> +++ b/drivers/scsi/libsas/sas_discover.c
>>> @@ -212,13 +212,9 @@ void sas_notify_lldd_dev_gone(struct dom
>>> }
>>> }
>>>
>>> -static void sas_probe_devices(struct work_struct *work)
>>> +static void sas_probe_devices(struct asd_sas_port *port)
>>> {
>>> struct domain_device *dev, *n;
>>> - struct sas_discovery_event *ev = to_sas_discovery_event(work);
>>> - struct asd_sas_port *port = ev->port;
>>> -
>>> - clear_bit(DISCE_PROBE, &port->disc.pending);
>>>
>>> /* devices must be domain members before link recovery and probe */
>>> list_for_each_entry(dev, &port->disco_list, disco_list_node) {
>>> @@ -294,7 +290,6 @@ int sas_discover_end_dev(struct domain_d
>>> res = sas_notify_lldd_dev_found(dev);
>>> if (res)
>>> return res;
>>> - sas_discover_event(dev->port, DISCE_PROBE);
>>>
>>> return 0;
>>> }
>>> @@ -353,13 +348,9 @@ static void sas_unregister_common_dev(st
>>> sas_put_device(dev);
>>> }
>>>
>>> -static void sas_destruct_devices(struct work_struct *work)
>>> +void sas_destruct_devices(struct asd_sas_port *port)
>>> {
>>> struct domain_device *dev, *n;
>>> - struct sas_discovery_event *ev = to_sas_discovery_event(work);
>>> - struct asd_sas_port *port = ev->port;
>>> -
>>> - clear_bit(DISCE_DESTRUCT, &port->disc.pending);
>>>
>>> list_for_each_entry_safe(dev, n, &port->destroy_list, disco_list_node) {
>>> list_del_init(&dev->disco_list_node);
>>> @@ -370,6 +361,16 @@ static void sas_destruct_devices(struct
>>> }
>>> }
>>>
>>> +static void sas_destruct_ports(struct asd_sas_port *port)
>>> +{
>>> + struct sas_port *sas_port, *p;
>>> +
>>> + list_for_each_entry_safe(sas_port, p, &port->sas_port_del_list, del_list) {
>>> + list_del_init(&sas_port->del_list);
>>> + sas_port_delete(sas_port);
>>> + }
>>> +}
>>> +
>>> void sas_unregister_dev(struct asd_sas_port *port, struct domain_device *dev)
>>> {
>>> if (!test_bit(SAS_DEV_DESTROY, &dev->state) &&
>>> @@ -384,7 +385,6 @@ void sas_unregister_dev(struct asd_sas_p
>>> if (!test_and_set_bit(SAS_DEV_DESTROY, &dev->state)) {
>>> sas_rphy_unlink(dev->rphy);
>>> list_move_tail(&dev->disco_list_node, &port->destroy_list);
>>> - sas_discover_event(dev->port, DISCE_DESTRUCT);
>>> }
>>> }
>>>
>>> @@ -490,6 +490,8 @@ static void sas_discover_domain(struct w
>>> port->port_dev = NULL;
>>> }
>>>
>>> + sas_probe_devices(port);
>>> +
>>> SAS_DPRINTK("DONE DISCOVERY on port %d, pid:%d, result:%d\n", port->id,
>>> task_pid_nr(current), error);
>>> }
>>> @@ -523,6 +525,10 @@ static void sas_revalidate_domain(struct
>>> port->id, task_pid_nr(current), res);
>>> out:
>>> mutex_unlock(&ha->disco_mutex);
>>> +
>>> + sas_destruct_devices(port);
>>> + sas_destruct_ports(port);
>>> + sas_probe_devices(port);
>>> }
>>>
>>> /* ---------- Events ---------- */
>>> @@ -578,10 +584,8 @@ void sas_init_disc(struct sas_discovery
>>> static const work_func_t sas_event_fns[DISC_NUM_EVENTS] = {
>>> [DISCE_DISCOVER_DOMAIN] = sas_discover_domain,
>>> [DISCE_REVALIDATE_DOMAIN] = sas_revalidate_domain,
>>> - [DISCE_PROBE] = sas_probe_devices,
>>> [DISCE_SUSPEND] = sas_suspend_devices,
>>> [DISCE_RESUME] = sas_resume_devices,
>>> - [DISCE_DESTRUCT] = sas_destruct_devices,
>>> };
>>>
>>> disc->pending = 0;
>>> --- a/drivers/scsi/libsas/sas_expander.c
>>> +++ b/drivers/scsi/libsas/sas_expander.c
>>> @@ -1903,7 +1903,8 @@ static void sas_unregister_devs_sas_addr
>>> sas_port_delete_phy(phy->port, phy->phy);
>>> sas_device_set_phy(found, phy->port);
>>> if (phy->port->num_phys == 0)
>>> - sas_port_delete(phy->port);
>>> + list_add_tail(&phy->port->del_list,
>>> + &parent->port->sas_port_del_list);
>>> phy->port = NULL;
>>> }
>>> }
>>> @@ -2111,7 +2112,7 @@ int sas_ex_revalidate_domain(struct doma
>>> struct domain_device *dev = NULL;
>>>
>>> res = sas_find_bcast_dev(port_dev, &dev);
>>> - while (res == 0 && dev) {
>>> + if (res == 0 && dev) {
>>> struct expander_device *ex = &dev->ex_dev;
>>> int i = 0, phy_id;
>>>
>>> @@ -2123,9 +2124,6 @@ int sas_ex_revalidate_domain(struct doma
>>> res = sas_rediscover(dev, phy_id);
>>> i = phy_id + 1;
>>> } while (i < ex->num_phys);
>>> -
>>> - dev = NULL;
>>> - res = sas_find_bcast_dev(port_dev, &dev);
>>> }
>>> return res;
>>> }
>>> --- a/drivers/scsi/libsas/sas_internal.h
>>> +++ b/drivers/scsi/libsas/sas_internal.h
>>> @@ -100,6 +100,7 @@ int sas_try_ata_reset(struct asd_sas_phy
>>> void sas_hae_reset(struct work_struct *work);
>>>
>>> void sas_free_device(struct kref *kref);
>>> +void sas_destruct_devices(struct asd_sas_port *port);
>>>
>>> #ifdef CONFIG_SCSI_SAS_HOST_SMP
>>> extern int sas_smp_host_handler(struct Scsi_Host *shost, struct request *req,
>>> --- a/drivers/scsi/libsas/sas_port.c
>>> +++ b/drivers/scsi/libsas/sas_port.c
>>> @@ -66,6 +66,7 @@ static void sas_resume_port(struct asd_s
>>> rc = sas_notify_lldd_dev_found(dev);
>>> if (rc) {
>>> sas_unregister_dev(port, dev);
>>> + sas_destruct_devices(port);
>>> continue;
>>> }
>>>
>>> @@ -219,6 +220,7 @@ void sas_deform_port(struct asd_sas_phy
>>>
>>> if (port->num_phys == 1) {
>>> sas_unregister_domain_devices(port, gone);
>>> + sas_destruct_devices(port);
>>> sas_port_delete(port->port);
>>> port->port = NULL;
>>> } else {
>>> @@ -323,6 +325,7 @@ static void sas_init_port(struct asd_sas
>>> INIT_LIST_HEAD(&port->dev_list);
>>> INIT_LIST_HEAD(&port->disco_list);
>>> INIT_LIST_HEAD(&port->destroy_list);
>>> + INIT_LIST_HEAD(&port->sas_port_del_list);
>>> spin_lock_init(&port->phy_list_lock);
>>> INIT_LIST_HEAD(&port->phy_list);
>>> port->ha = sas_ha;
>>> --- a/include/scsi/libsas.h
>>> +++ b/include/scsi/libsas.h
>>> @@ -87,10 +87,8 @@ enum discover_event {
>>> DISCE_DISCOVER_DOMAIN = 0U,
>>> DISCE_REVALIDATE_DOMAIN,
>>> DISCE_PORT_GONE,
>>> - DISCE_PROBE,
>>> DISCE_SUSPEND,
>>> DISCE_RESUME,
>>> - DISCE_DESTRUCT,
>>> DISC_NUM_EVENTS,
>>> };
>>>
>>> @@ -274,6 +272,7 @@ struct asd_sas_port {
>>> struct list_head dev_list;
>>> struct list_head disco_list;
>>> struct list_head destroy_list;
>>> + struct list_head sas_port_del_list;
>>> enum sas_linkrate linkrate;
>>>
>>> struct sas_work work;
>>> --- a/include/scsi/scsi_transport_sas.h
>>> +++ b/include/scsi/scsi_transport_sas.h
>>> @@ -145,6 +145,7 @@ struct sas_port {
>>>
>>> struct mutex phy_list_mutex;
>>> struct list_head phy_list;
>>> + struct list_head del_list; /* libsas only */
>>> };
>>>
>>> #define dev_to_sas_port(d) \
>>>
>>>
>>> .
>>>
>>
>>
Tree/Branch: v4.4.138
Git describe: v4.4.138
Commit: 0bd2bedb35 Linux 4.4.138
Build Time: 63 min 6 sec
Passed: 10 / 10 (100.00 %)
Failed: 0 / 10 ( 0.00 %)
Errors: 0
Warnings: 31
Section Mismatches: 0
-------------------------------------------------------------------------------
defconfigs with issues (other than build errors):
19 warnings 0 mismatches : arm64-allmodconfig
17 warnings 0 mismatches : x86_64-allmodconfig
-------------------------------------------------------------------------------
Warnings Summary: 31
3 warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
2 ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=]
2 ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
2 ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=]
===============================================================================
Detailed per-defconfig build reports below:
-------------------------------------------------------------------------------
arm64-allmodconfig : PASS, 0 errors, 19 warnings, 0 section mismatches
Warnings:
warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=]
-------------------------------------------------------------------------------
x86_64-allmodconfig : PASS, 0 errors, 17 warnings, 0 section mismatches
Warnings:
../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=]
-------------------------------------------------------------------------------
Passed with no errors, warnings or mismatches:
arm64-allnoconfig
arm-multi_v5_defconfig
arm-multi_v7_defconfig
x86_64-defconfig
arm-allmodconfig
arm-allnoconfig
x86_64-allnoconfig
arm64-defconfig
Detect when a directory entry is (possibly partially) beyond directory
size and return EIO in that case since it means the filesystem is
corrupted. Otherwise directory operations can further corrupt the
directory and possibly also oops the kernel.
CC: Anatoly Trosinenko <anatoly.trosinenko(a)gmail.com>
CC: stable(a)vger.kernel.org
Reported-by: Anatoly Trosinenko <anatoly.trosinenko(a)gmail.com>
Signed-off-by: Jan Kara <jack(a)suse.cz>
---
fs/udf/directory.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/udf/directory.c b/fs/udf/directory.c
index 0a98a2369738..3835f983cc99 100644
--- a/fs/udf/directory.c
+++ b/fs/udf/directory.c
@@ -152,6 +152,9 @@ struct fileIdentDesc *udf_fileident_read(struct inode *dir, loff_t *nf_pos,
sizeof(struct fileIdentDesc));
}
}
+ /* Got last entry outside of dir size - fs is corrupted! */
+ if (*nf_pos > dir->i_size)
+ return NULL;
return fi;
}
--
2.16.4
SysRq-L and RCU stall detector call arch_trigger_cpumask_backtrace() to
trigger other CPU's backtrace, but its behavior is totally broken. The
root cause is arch_trigger_cpumask_backtrace() use call-function IPI in
irq context, which trigger deadlocks in smp_call_function_single() and
smp_call_function_many().
This patch fix arch_trigger_cpumask_backtrace() by:
1, Use a dedecated IPI (SMP_CPU_BACKTRACE) to trigger backtraces;
2, If myself is in target cpumask, do backtrace and clear myself;
3, Use a spinlock to avoid parallel backtrace output;
4, Handle SMP_CPU_BACKTRACE IPI for Loongson-3.
I have attempted to implement SMP_CPU_BACKTRACE for all MIPS CPUs, but I
failed because some of their IPIs are not extensible. :(
Cc: stable(a)vger.kernel.org
Signed-off-by: Huacai Chen <chenhc(a)lemote.com>
---
arch/mips/include/asm/smp.h | 3 +++
arch/mips/kernel/process.c | 23 ++++++++++++++++++-----
arch/mips/loongson64/loongson-3/smp.c | 6 ++++++
3 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/arch/mips/include/asm/smp.h b/arch/mips/include/asm/smp.h
index 88ebd83..b0521f4 100644
--- a/arch/mips/include/asm/smp.h
+++ b/arch/mips/include/asm/smp.h
@@ -43,6 +43,7 @@ extern int __cpu_logical_map[NR_CPUS];
/* Octeon - Tell another core to flush its icache */
#define SMP_ICACHE_FLUSH 0x4
#define SMP_ASK_C0COUNT 0x8
+#define SMP_CPU_BACKTRACE 0x10
/* Mask of CPUs which are currently definitely operating coherently */
extern cpumask_t cpu_coherent_mask;
@@ -81,6 +82,8 @@ static inline void __cpu_die(unsigned int cpu)
extern void play_dead(void);
#endif
+void arch_dump_stack(void);
+
/*
* This function will set up the necessary IPIs for Linux to communicate
* with the CPUs in mask.
diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c
index 57028d4..647e15d 100644
--- a/arch/mips/kernel/process.c
+++ b/arch/mips/kernel/process.c
@@ -655,26 +655,39 @@ unsigned long arch_align_stack(unsigned long sp)
return sp & ALMASK;
}
-static void arch_dump_stack(void *info)
+void arch_dump_stack(void)
{
struct pt_regs *regs;
+ static arch_spinlock_t lock = __ARCH_SPIN_LOCK_UNLOCKED;
+ arch_spin_lock(&lock);
regs = get_irq_regs();
if (regs)
show_regs(regs);
dump_stack();
+ arch_spin_unlock(&lock);
}
void arch_trigger_cpumask_backtrace(const cpumask_t *mask, bool exclude_self)
{
long this_cpu = get_cpu();
+ struct cpumask backtrace_mask;
+ extern const struct plat_smp_ops *mp_ops;
+
+ cpumask_copy(&backtrace_mask, mask);
+ if (cpumask_test_cpu(this_cpu, mask)) {
+ if (!exclude_self) {
+ struct pt_regs *regs = get_irq_regs();
+ if (regs)
+ show_regs(regs);
+ dump_stack();
+ }
+ cpumask_clear_cpu(this_cpu, &backtrace_mask);
+ }
- if (cpumask_test_cpu(this_cpu, mask) && !exclude_self)
- dump_stack();
-
- smp_call_function_many(mask, arch_dump_stack, NULL, 1);
+ mp_ops->send_ipi_mask(&backtrace_mask, SMP_CPU_BACKTRACE);
put_cpu();
}
diff --git a/arch/mips/loongson64/loongson-3/smp.c b/arch/mips/loongson64/loongson-3/smp.c
index 8501109..0655114 100644
--- a/arch/mips/loongson64/loongson-3/smp.c
+++ b/arch/mips/loongson64/loongson-3/smp.c
@@ -291,6 +291,12 @@ void loongson3_ipi_interrupt(struct pt_regs *regs)
__wbflush(); /* Let others see the result ASAP */
}
+ if (action & SMP_CPU_BACKTRACE) {
+ irq_enter();
+ arch_dump_stack();
+ irq_exit();
+ }
+
if (irqs) {
int irq;
while ((irq = ffs(irqs))) {
--
2.7.0
The patch titled
Subject: slub: fix failure when we delete and create a slab cache
has been added to the -mm tree. Its filename is
slub-fix-failure-when-we-delete-and-create-a-slab-cache.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/slub-fix-failure-when-we-delete-an…
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/slub-fix-failure-when-we-delete-an…
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Mikulas Patocka <mpatocka(a)redhat.com>
Subject: slub: fix failure when we delete and create a slab cache
In kernel 4.17 I removed some code from dm-bufio that did slab cache
merging (21bb13276768) - both slab and slub support merging caches with
identical attributes, so dm-bufio now just calls kmem_cache_create and
relies on implicit merging.
This uncovered a bug in the slub subsystem - if we delete a cache and
immediatelly create another cache with the same attributes, it fails
because of duplicate filename in /sys/kernel/slab/. The slub subsystem
offloads freeing the cache to a workqueue - and if we create the new cache
before the workqueue runs, it complains because of duplicate filename in
sysfs.
This patch fixes the bug by moving the call of kobject_del from
sysfs_slab_remove_workfn to shutdown_cache. kobject_del must be called
while we hold slab_mutex - so that the sysfs entry is deleted before a
cache with the same attributes could be created.
Running device-mapper-test-suite with:
dmtest run --suite thin-provisioning -n /commit_failure_causes_fallback/
triggers:
[ 119.618958] Buffer I/O error on dev dm-0, logical block 1572848, async page read
[ 119.686224] device-mapper: thin: 253:1: metadata operation 'dm_pool_alloc_data_block' failed: error = -5
[ 119.695821] device-mapper: thin: 253:1: aborting current metadata transaction
[ 119.703255] sysfs: cannot create duplicate filename '/kernel/slab/:a-0000144'
[ 119.710394] CPU: 2 PID: 1037 Comm: kworker/u48:1 Not tainted 4.17.0.snitm+ #25
[ 119.717608] Hardware name: Supermicro SYS-1029P-WTR/X11DDW-L, BIOS 2.0a 12/06/2017
[ 119.725177] Workqueue: dm-thin do_worker [dm_thin_pool]
[ 119.730401] Call Trace:
[ 119.732856] dump_stack+0x5a/0x73
[ 119.736173] sysfs_warn_dup+0x58/0x70
[ 119.739839] sysfs_create_dir_ns+0x77/0x80
[ 119.743939] kobject_add_internal+0xba/0x2e0
[ 119.748210] kobject_init_and_add+0x70/0xb0
[ 119.752399] ? sysfs_slab_add+0x101/0x250
[ 119.756409] sysfs_slab_add+0xb1/0x250
[ 119.760161] __kmem_cache_create+0x116/0x150
[ 119.764436] ? number+0x2fb/0x340
[ 119.767755] ? _cond_resched+0x15/0x30
[ 119.771508] create_cache+0xd9/0x1f0
[ 119.775085] kmem_cache_create_usercopy+0x1c1/0x250
[ 119.779965] kmem_cache_create+0x18/0x20
[ 119.783894] dm_bufio_client_create+0x1ae/0x410 [dm_bufio]
[ 119.789380] ? dm_block_manager_alloc_callback+0x20/0x20 [dm_persistent_data]
[ 119.796509] ? kmem_cache_alloc_trace+0xae/0x1d0
[ 119.801131] dm_block_manager_create+0x5e/0x90 [dm_persistent_data]
[ 119.807397] __create_persistent_data_objects+0x38/0x940 [dm_thin_pool]
[ 119.814008] dm_pool_abort_metadata+0x64/0x90 [dm_thin_pool]
[ 119.819669] metadata_operation_failed+0x59/0x100 [dm_thin_pool]
[ 119.825673] alloc_data_block.isra.53+0x86/0x180 [dm_thin_pool]
[ 119.831592] process_cell+0x2a3/0x550 [dm_thin_pool]
[ 119.836558] ? mempool_alloc+0x6f/0x180
[ 119.840400] ? u32_swap+0x10/0x10
[ 119.843717] ? sort+0x17b/0x270
[ 119.846863] ? u32_swap+0x10/0x10
[ 119.850181] do_worker+0x28d/0x8f0 [dm_thin_pool]
[ 119.854890] ? move_linked_works+0x6f/0xa0
[ 119.858989] process_one_work+0x171/0x370
[ 119.862999] worker_thread+0x49/0x3f0
[ 119.866669] kthread+0xf8/0x130
[ 119.869813] ? max_active_store+0x80/0x80
[ 119.873827] ? kthread_bind+0x10/0x10
[ 119.877493] ret_from_fork+0x35/0x40
[ 119.881076] kobject_add_internal failed for :a-0000144 with -EEXIST, don't try to register things with the same name in the same directory.
[ 119.893580] kmem_cache_create(dm_bufio_buffer-16) failed with error -17
Link: http://lkml.kernel.org/r/alpine.LRH.2.02.1806151817130.6333@file01.intranet…
Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com>
Reported-by: Mike Snitzer <snitzer(a)redhat.com>
Tested-by: Mike Snitzer <snitzer(a)redhat.com>
Cc: Christoph Lameter <cl(a)linux.com>
Cc: Pekka Enberg <penberg(a)kernel.org>
Cc: David Rientjes <rientjes(a)google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/slub_def.h | 4 ++++
mm/slab_common.c | 4 ++++
mm/slub.c | 7 ++++++-
3 files changed, 14 insertions(+), 1 deletion(-)
diff -puN include/linux/slub_def.h~slub-fix-failure-when-we-delete-and-create-a-slab-cache include/linux/slub_def.h
--- a/include/linux/slub_def.h~slub-fix-failure-when-we-delete-and-create-a-slab-cache
+++ a/include/linux/slub_def.h
@@ -155,8 +155,12 @@ struct kmem_cache {
#ifdef CONFIG_SYSFS
#define SLAB_SUPPORTS_SYSFS
+void sysfs_slab_unlink(struct kmem_cache *);
void sysfs_slab_release(struct kmem_cache *);
#else
+static inline void sysfs_slab_unlink(struct kmem_cache *s)
+{
+}
static inline void sysfs_slab_release(struct kmem_cache *s)
{
}
diff -puN mm/slab_common.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache mm/slab_common.c
--- a/mm/slab_common.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache
+++ a/mm/slab_common.c
@@ -567,10 +567,14 @@ static int shutdown_cache(struct kmem_ca
list_del(&s->list);
if (s->flags & SLAB_TYPESAFE_BY_RCU) {
+#ifdef SLAB_SUPPORTS_SYSFS
+ sysfs_slab_unlink(s);
+#endif
list_add_tail(&s->list, &slab_caches_to_rcu_destroy);
schedule_work(&slab_caches_to_rcu_destroy_work);
} else {
#ifdef SLAB_SUPPORTS_SYSFS
+ sysfs_slab_unlink(s);
sysfs_slab_release(s);
#else
slab_kmem_cache_release(s);
diff -puN mm/slub.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache mm/slub.c
--- a/mm/slub.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache
+++ a/mm/slub.c
@@ -5667,7 +5667,6 @@ static void sysfs_slab_remove_workfn(str
kset_unregister(s->memcg_kset);
#endif
kobject_uevent(&s->kobj, KOBJ_REMOVE);
- kobject_del(&s->kobj);
out:
kobject_put(&s->kobj);
}
@@ -5752,6 +5751,12 @@ static void sysfs_slab_remove(struct kme
schedule_work(&s->kobj_remove_work);
}
+void sysfs_slab_unlink(struct kmem_cache *s)
+{
+ if (slab_state >= FULL)
+ kobject_del(&s->kobj);
+}
+
void sysfs_slab_release(struct kmem_cache *s)
{
if (slab_state >= FULL)
_
Patches currently in -mm which might be from mpatocka(a)redhat.com are
slub-fix-failure-when-we-delete-and-create-a-slab-cache.patch
The patch titled
Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections
has been removed from the -mm tree. Its filename was
mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch
This patch was dropped because it was merged into mainline or a subsystem tree
------------------------------------------------------
From: Dan Williams <dan.j.williams(a)intel.com>
Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections
Hussam reports:
I was poking around and for no real reason, I did cat /dev/mem and
strings /dev/mem. Then I saw the following warning in dmesg. I saved it
and rebooted immediately.
memremap attempted on mixed range 0x000000000009c000 size: 0x1000
------------[ cut here ]------------
WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170
[..]
Call Trace:
xlate_dev_mem_ptr+0x25/0x40
read_mem+0x89/0x1a0
__vfs_read+0x36/0x170
The memremap() implementation checks for attempts to remap System RAM with
MEMREMAP_WB and instead redirects those mapping attempts to the linear
map. However, that only works if the physical address range being
remapped is page aligned. In low memory we have situations like the
following:
00000000-00000fff : Reserved
00001000-0009fbff : System RAM
0009fc00-0009ffff : Reserved
...where System RAM intersects Reserved ranges on a sub-page page
granularity.
Given that devmem_is_allowed() special cases any attempt to map System RAM
in the first 1MB of memory, replace page_is_ram() with the more precise
region_intersects() to trap attempts to map disallowed ranges.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999
Link: http://lkml.kernel.org/r/152856436164.18127.2847888121707136898.stgit@dwill…
Fixes: 92281dee825f ("arch: introduce memremap()")
Signed-off-by: Dan Williams <dan.j.williams(a)intel.com>
Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Tested-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Cc: Christoph Hellwig <hch(a)lst.de>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/x86/mm/init.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff -puN arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections arch/x86/mm/init.c
--- a/arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections
+++ a/arch/x86/mm/init.c
@@ -706,7 +706,9 @@ void __init init_mem_mapping(void)
*/
int devmem_is_allowed(unsigned long pagenr)
{
- if (page_is_ram(pagenr)) {
+ if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE,
+ IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE)
+ != REGION_DISJOINT) {
/*
* For disallowed memory regions in the low 1MB range,
* request that the page be shown as all zeros.
_
Patches currently in -mm which might be from dan.j.williams(a)intel.com are
mm-devm_memremap_pages-mark-devm_memremap_pages-export_symbol_gpl.patch
mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch
mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch
mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch
mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch
The patch titled
Subject: mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm()
has been removed from the -mm tree. Its filename was
mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm.patch
This patch was dropped because it was merged into mainline or a subsystem tree
------------------------------------------------------
From: Jia He <jia.he(a)hxt-semitech.com>
Subject: mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm()
In our armv8a server(QDF2400), I noticed lots of WARN_ON caused by
PAGE_SIZE unaligned for rmap_item->address under memory pressure
tests(start 20 guests and run memhog in the host).
--------------------------begin--------------------------------------
[ 410.853828] WARNING: CPU: 4 PID: 4641 at
arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1826
kvm_age_hva_handler+0xc0/0xc8
[ 410.864518] Modules linked in: vhost_net vhost tap xt_CHECKSUM
ipt_MASQUERADE nf_nat_masquerade_ipv4 ip6t_rpfilter ipt_REJECT
nf_reject_ipv4 ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink
ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6
nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security
ip6table_raw iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4
nf_nat nf_conntrack iptable_mangle iptable_security iptable_raw
ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter
rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi
ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib rdma_ucm
ib_ucm ib_umad rdma_cm ib_cm iw_cm mlx5_ib vfat fat ib_uverbs dm_mirror
dm_region_hash ib_core dm_log dm_mod crc32_ce ipmi_ssif sg nfsd
[ 410.935101] auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs
libcrc32c mlx5_core ixgbe mlxfw devlink mdio ahci_platform
libahci_platform qcom_emac libahci hdma hdma_mgmt i2c_qup
[ 410.951369] CPU: 4 PID: 4641 Comm: memhog Tainted: G W
4.17.0-rc3+ #8
[ 410.959104] Hardware name: <snip for confidential issues>
[ 410.969791] pstate: 80400005 (Nzcv daif +PAN -UAO)
[ 410.974575] pc : kvm_age_hva_handler+0xc0/0xc8
[ 410.979012] lr : handle_hva_to_gpa+0xa8/0xe0
[ 410.983274] sp : ffff801761553290
[ 410.986581] x29: ffff801761553290 x28: 0000000000000000
[ 410.991888] x27: 0000000000000002 x26: 0000000000000000
[ 410.997195] x25: ffff801765430058 x24: ffff0000080b5608
[ 411.002501] x23: 0000000000000000 x22: ffff8017ccb84000
[ 411.007807] x21: 0000000003ff0000 x20: ffff8017ccb84000
[ 411.013113] x19: 000000000000fe00 x18: ffff000008fb3c08
[ 411.018419] x17: 0000000000000000 x16: 0060001645820bd3
[ 411.023725] x15: ffff80176aacbc08 x14: 0000000000000000
[ 411.029031] x13: 0000000000000040 x12: 0000000000000228
[ 411.034337] x11: 0000000000000000 x10: 0000000000000000
[ 411.039643] x9 : 0000000000000010 x8 : 0000000000000004
[ 411.044949] x7 : 0000000000000000 x6 : 00008017f0770000
[ 411.050255] x5 : 0000fffda59f0200 x4 : 0000000000000000
[ 411.055561] x3 : 0000000000000000 x2 : 000000000000fe00
[ 411.060867] x1 : 0000000003ff0000 x0 : 0000000020000000
[ 411.066173] Call trace:
[ 411.068614] kvm_age_hva_handler+0xc0/0xc8
[ 411.072703] handle_hva_to_gpa+0xa8/0xe0
[ 411.076619] kvm_age_hva+0x4c/0xe8
[ 411.080014] kvm_mmu_notifier_clear_flush_young+0x54/0x98
[ 411.085408] __mmu_notifier_clear_flush_young+0x6c/0xa0
[ 411.090627] page_referenced_one+0x154/0x1d8
[ 411.094890] rmap_walk_ksm+0x12c/0x1d0
[ 411.098632] rmap_walk+0x94/0xa0
[ 411.101854] page_referenced+0x194/0x1b0
[ 411.105770] shrink_page_list+0x674/0xc28
[ 411.109772] shrink_inactive_list+0x26c/0x5b8
[ 411.114122] shrink_node_memcg+0x35c/0x620
[ 411.118211] shrink_node+0x100/0x430
[ 411.121778] do_try_to_free_pages+0xe0/0x3a8
[ 411.126041] try_to_free_pages+0xe4/0x230
[ 411.130045] __alloc_pages_nodemask+0x564/0xdc0
[ 411.134569] alloc_pages_vma+0x90/0x228
[ 411.138398] do_anonymous_page+0xc8/0x4d0
[ 411.142400] __handle_mm_fault+0x4a0/0x508
[ 411.146489] handle_mm_fault+0xf8/0x1b0
[ 411.150321] do_page_fault+0x218/0x4b8
[ 411.154064] do_translation_fault+0x90/0xa0
[ 411.158239] do_mem_abort+0x68/0xf0
[ 411.161721] el0_da+0x24/0x28
---------------------------end---------------------------------------
In rmap_walk_ksm, the rmap_item->address might still have the STABLE_FLAG,
then the start and end in handle_hva_to_gpa might not be PAGE_SIZE
aligned. Thus it will cause exceptions in handle_hva_to_gpa on arm64.
This patch fixes it by ignoring (not removing) the low bits of address
when doing rmap_walk_ksm.
IMO, it should be backported to stable tree. the stom of WARN_ONs is
very easy for me to reproduce. More than that, I watched a panic (not
reproducible) as follows:
[35380.805825] page:ffff7fe003742d80 count:-4871 mapcount:-2126053375
mapping: (null) index:0x0
[35380.815024] flags: 0x1fffc00000000000()
[35380.818845] raw: 1fffc00000000000 0000000000000000 0000000000000000
ffffecf981470000
[35380.826569] raw: dead000000000100 dead000000000200 ffff8017c001c000
0000000000000000
[35380.834294] page dumped because: nonzero _refcount
[35380.839069] Modules linked in: vhost_net vhost tap ebtable_filter ebtables
ip6table_filter ip6_tables iptable_filter fcoe libfcoe libfc 8021q garp mrp stp
llc scsi_transport_fc openvswitch nf_conntrack_ipv6 nf_nat_ipv6
nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_defrag_ipv6 nf_nat nf_conntrack
vfat fat rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi
ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib rdma_ucm ib_ucm
ib_uverbs ib_umad rdma_cm ib_cm iw_cm mlx5_ib ib_core crc32_ce ipmi_ssif tpm_tis
tpm_tis_core sg nfsd auth_rpcgss nfs_acl lockd grace sunrpc dm_multipath
ip_tables xfs libcrc32c mlx5_core mlxfw devlink ahci_platform libahci_platform
libahci qcom_emac sdhci_acpi sdhci hdma mmc_core hdma_mgmt i2c_qup dm_mirror
dm_region_hash dm_log dm_mod
[35380.908341] CPU: 29 PID: 18323 Comm: qemu-kvm Tainted: G W
4.14.15-5.hxt.aarch64 #1
[35380.917107] Hardware name: <snip for confidential issues>
[35380.930909] Call trace:
[35380.933345] [<ffff000008088f00>] dump_backtrace+0x0/0x22c
[35380.938723] [<ffff000008089150>] show_stack+0x24/0x2c
[35380.943759] [<ffff00000893c078>] dump_stack+0x8c/0xb0
[35380.948794] [<ffff00000820ab50>] bad_page+0xf4/0x154
[35380.953740] [<ffff000008211ce8>] free_pages_check_bad+0x90/0x9c
[35380.959642] [<ffff00000820c430>] free_pcppages_bulk+0x464/0x518
[35380.965545] [<ffff00000820db98>] free_hot_cold_page+0x22c/0x300
[35380.971448] [<ffff0000082176fc>] __put_page+0x54/0x60
[35380.976484] [<ffff0000080b1164>] unmap_stage2_range+0x170/0x2b4
[35380.982385] [<ffff0000080b12d8>] kvm_unmap_hva_handler+0x30/0x40
[35380.988375] [<ffff0000080b0104>] handle_hva_to_gpa+0xb0/0xec
[35380.994016] [<ffff0000080b2644>] kvm_unmap_hva_range+0x5c/0xd0
[35380.999833] [<ffff0000080a8054>]
I even injected a fault on purpose in kvm_unmap_hva_range by seting
size=size-0x200, the call trace is similar as above. So I thought the
panic is similarly caused by the root cause of WARN_ON.
Andrea said:
: It looks a straightforward safe fix, on x86 hva_to_gfn_memslot would
: zap those bits and hide the misalignment caused by the low metadata
: bits being erroneously left set in the address, but the arm code
: notices when that's the last page in the memslot and the hva_end is
: getting aligned and the size is below one page.
:
: I think the problem triggers in the addr += PAGE_SIZE of
: unmap_stage2_ptes that never matches end because end is aligned but
: addr is not.
:
: } while (pte++, addr += PAGE_SIZE, addr != end);
:
: x86 again only works on hva_start/hva_end after converting it to
: gfn_start/end and that being in pfn units the bits are zapped before
: they risk to cause trouble.
Jia He said:
: I've tested by myself in arm64 server (QDF2400,46 cpus,96G mem) Without
: this patch, the WARN_ON is very easy for reproducing. After this patch, I
: have run the same benchmarch for a whole day without any WARN_ONs
Link: http://lkml.kernel.org/r/1525403506-6750-1-git-send-email-hejianet@gmail.com
Signed-off-by: Jia He <jia.he(a)hxt-semitech.com>
Reviewed-by: Andrea Arcangeli <aarcange(a)redhat.com>
Tested-by: Jia He <hejianet(a)gmail.com>
Cc: Suzuki K Poulose <Suzuki.Poulose(a)arm.com>
Cc: Minchan Kim <minchan(a)kernel.org>
Cc: Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com>
Cc: Arvind Yadav <arvind.yadav.cs(a)gmail.com>
Cc: Mike Rapoport <rppt(a)linux.vnet.ibm.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/ksm.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff -puN mm/ksm.c~mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm mm/ksm.c
--- a/mm/ksm.c~mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm
+++ a/mm/ksm.c
@@ -216,6 +216,8 @@ struct rmap_item {
#define SEQNR_MASK 0x0ff /* low bits of unstable tree seqnr */
#define UNSTABLE_FLAG 0x100 /* is a node of the unstable tree */
#define STABLE_FLAG 0x200 /* is listed from the stable tree */
+#define KSM_FLAG_MASK (SEQNR_MASK|UNSTABLE_FLAG|STABLE_FLAG)
+ /* to mask all the flags */
/* The stable and unstable tree heads */
static struct rb_root one_stable_tree[1] = { RB_ROOT };
@@ -2598,10 +2600,15 @@ again:
anon_vma_lock_read(anon_vma);
anon_vma_interval_tree_foreach(vmac, &anon_vma->rb_root,
0, ULONG_MAX) {
+ unsigned long addr;
+
cond_resched();
vma = vmac->vma;
- if (rmap_item->address < vma->vm_start ||
- rmap_item->address >= vma->vm_end)
+
+ /* Ignore the stable/unstable/sqnr flags */
+ addr = rmap_item->address & ~KSM_FLAG_MASK;
+
+ if (addr < vma->vm_start || addr >= vma->vm_end)
continue;
/*
* Initially we examine only the vma which covers this
@@ -2615,8 +2622,7 @@ again:
if (rwc->invalid_vma && rwc->invalid_vma(vma, rwc->arg))
continue;
- if (!rwc->rmap_one(page, vma,
- rmap_item->address, rwc->arg)) {
+ if (!rwc->rmap_one(page, vma, addr, rwc->arg)) {
anon_vma_unlock_read(anon_vma);
return;
}
_
Patches currently in -mm which might be from jia.he(a)hxt-semitech.com are
Tree/Branch: v4.4.137
Git describe: v4.4.137
Commit: ed90fd0cfe Linux 4.4.137
Build Time: 63 min 2 sec
Passed: 10 / 10 (100.00 %)
Failed: 0 / 10 ( 0.00 %)
Errors: 0
Warnings: 31
Section Mismatches: 0
-------------------------------------------------------------------------------
defconfigs with issues (other than build errors):
19 warnings 0 mismatches : arm64-allmodconfig
17 warnings 0 mismatches : x86_64-allmodconfig
-------------------------------------------------------------------------------
Warnings Summary: 31
3 warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
2 ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=]
2 ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
2 ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=]
===============================================================================
Detailed per-defconfig build reports below:
-------------------------------------------------------------------------------
arm64-allmodconfig : PASS, 0 errors, 19 warnings, 0 section mismatches
Warnings:
warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI)
../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=]
-------------------------------------------------------------------------------
x86_64-allmodconfig : PASS, 0 errors, 17 warnings, 0 section mismatches
Warnings:
../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=]
-------------------------------------------------------------------------------
Passed with no errors, warnings or mismatches:
arm64-allnoconfig
arm-multi_v5_defconfig
arm-multi_v7_defconfig
x86_64-defconfig
arm-allmodconfig
arm-allnoconfig
x86_64-allnoconfig
arm64-defconfig
This is the start of the stable review cycle for the 4.17.2 release.
There are 45 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat Jun 16 13:21:05 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.2-rc1…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.17.2-rc1
Bin Liu <b-liu(a)ti.com>
crypto: omap-sham - fix memleak
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES XTS init
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES init routines
Jan Glauber <jglauber(a)cavium.com>
crypto: cavium - Limit result reading attempts
Jan Glauber <jglauber(a)cavium.com>
crypto: cavium - Fix fallout from CONFIG_VMAP_STACK
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix size of RSA prime factor q
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam/qi - fix IV DMA mapping and updating
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix IV DMA mapping and updating
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix DMA mapping dir for generated IV
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - strip input zeros from RSA input buffer
Johannes Wienke <languitar(a)semipol.de>
Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID
Ethan Lee <flibitijibibo(a)gmail.com>
Input: goodix - add new ACPI id for GPD Win 2 touch screen
Gilad Ben-Yossef <gilad(a)benyossef.com>
crypto: ccree - correct host regs offset
Dave Martin <Dave.Martin(a)arm.com>
tty: pl011: Avoid spuriously stuck-off interrupts
Sean Wang <sean.wang(a)mediatek.com>
arm64: defconfig: Enable CONFIG_PINCTRL_MT7622 by default
Stephen Hemminger <stephen(a)networkplumber.org>
doc: fix sysfs ABI documentation
Gil Kupfer <gilkup(a)gmail.com>
vmw_balloon: fixing double free when batching mode is off
Tony Lindgren <tony(a)atomide.com>
serial: 8250: omap: Fix idling of clocks for unused uarts
Marek Szyprowski <m.szyprowski(a)samsung.com>
serial: samsung: fix maxburst parameter for DMA transactions
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
tty/serial: atmel: use port->name as name in request_irq()
Geert Uytterhoeven <geert+renesas(a)glider.be>
serial: sh-sci: Stop using printk format %pCr
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should remove debugfs
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: fix double phy_put()
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: function: printer: avoid wrong list handling in printer_write()
Heikki Krogerus <heikki.krogerus(a)linux.intel.com>
usb: typec: wcove: Remove dependency on HW FSM
Ruslan Bilovol <ruslan.bilovol(a)gmail.com>
usb: core: message: remove extra endianness conversion in usb_set_isoch_delay
Manu Gautam <mgautam(a)codeaurora.org>
phy: qcom-qusb2: Fix crash if nvmem cell not specified
Ethan Lee <flibitijibibo(a)gmail.com>
Input: xpad - add GPD Win 2 Controller USB IDs
Alexander Kappner <agk(a)godking.net>
usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
Alexander Kappner <agk(a)godking.net>
usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
Gustavo A. R. Silva <gustavo(a)embeddedor.com>
usbip: vhci_sysfs: fix potential Spectre v1
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
NFC: pn533: don't send USB data off of the stack
Laura Abbott <labbott(a)redhat.com>
staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
Paolo Bonzini <pbonzini(a)redhat.com>
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system
Felix Wilhelm <fwilhelm(a)google.com>
kvm: nVMX: Enforce cpl=0 for VMX instructions
Michael S. Tsirkin <mst(a)redhat.com>
kvm: fix typo in flag name
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: introduce linear_{read,write}_system
Wanpeng Li <wanpengli(a)tencent.com>
KVM: X86: Fix reserved bits check for MOV to CR3
Bart Van Assche <bart.vanassche(a)wdc.com>
blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
Atul Gupta <atul.gupta(a)chelsio.com>
crypto: chelsio - request to HW should wrap
-------------
Diffstat:
Documentation/ABI/stable/sysfs-bus-vmbus | 40 +++---
Makefile | 4 +-
arch/arm64/configs/defconfig | 1 +
arch/x86/include/asm/kvm_emulate.h | 6 +-
arch/x86/kvm/emulate.c | 76 +++++-----
arch/x86/kvm/vmx.c | 38 +++--
arch/x86/kvm/x86.c | 61 +++++---
arch/x86/kvm/x86.h | 4 +-
block/blk-zoned.c | 8 +-
drivers/crypto/caam/caamalg.c | 231 ++++++++++++++-----------------
drivers/crypto/caam/caamalg_qi.c | 227 +++++++++++++++---------------
drivers/crypto/caam/caampkc.c | 62 ++++++++-
drivers/crypto/caam/caampkc.h | 8 ++
drivers/crypto/cavium/zip/common.h | 21 +++
drivers/crypto/cavium/zip/zip_crypto.c | 22 +--
drivers/crypto/cavium/zip/zip_deflate.c | 4 +-
drivers/crypto/cavium/zip/zip_inflate.c | 4 +-
drivers/crypto/ccree/cc_debugfs.c | 7 +-
drivers/crypto/ccree/cc_driver.c | 8 +-
drivers/crypto/ccree/cc_driver.h | 2 +
drivers/crypto/ccree/cc_host_regs.h | 6 +-
drivers/crypto/chelsio/chcr_ipsec.c | 35 +++--
drivers/crypto/omap-sham.c | 2 +-
drivers/crypto/vmx/aes.c | 2 -
drivers/crypto/vmx/aes_cbc.c | 3 -
drivers/crypto/vmx/aes_ctr.c | 2 -
drivers/crypto/vmx/aes_xts.c | 2 -
drivers/crypto/vmx/ghash.c | 2 -
drivers/input/joystick/xpad.c | 2 +
drivers/input/mouse/elan_i2c_core.c | 1 +
drivers/input/touchscreen/goodix.c | 1 +
drivers/misc/vmw_balloon.c | 23 +--
drivers/nfc/pn533/usb.c | 42 ++++--
drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 +
drivers/staging/android/ion/ion.c | 5 +-
drivers/tty/serial/8250/8250_omap.c | 16 ++-
drivers/tty/serial/amba-pl011.c | 16 +++
drivers/tty/serial/atmel_serial.c | 5 +-
drivers/tty/serial/samsung.c | 7 +-
drivers/tty/serial/sh-sci.c | 4 +-
drivers/usb/core/message.c | 2 +-
drivers/usb/gadget/function/f_printer.c | 6 +-
drivers/usb/gadget/udc/renesas_usb3.c | 37 +++--
drivers/usb/storage/uas.c | 6 +
drivers/usb/storage/unusual_devs.h | 9 ++
drivers/usb/storage/unusual_uas.h | 9 ++
drivers/usb/typec/typec_wcove.c | 30 +++-
drivers/usb/usbip/vhci_sysfs.c | 24 ++--
include/uapi/linux/kvm.h | 4 +-
tools/include/uapi/linux/kvm.h | 4 +-
50 files changed, 685 insertions(+), 460 deletions(-)
This is the start of the stable review cycle for the 4.16.16 release.
There are 43 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat Jun 16 13:21:17 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.16-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.16.16-rc1
Bin Liu <b-liu(a)ti.com>
crypto: omap-sham - fix memleak
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES XTS init
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES init routines
Jan Glauber <jglauber(a)cavium.com>
crypto: cavium - Limit result reading attempts
Jan Glauber <jglauber(a)cavium.com>
crypto: cavium - Fix fallout from CONFIG_VMAP_STACK
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix size of RSA prime factor q
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam/qi - fix IV DMA mapping and updating
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix IV DMA mapping and updating
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix DMA mapping dir for generated IV
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - strip input zeros from RSA input buffer
Johannes Wienke <languitar(a)semipol.de>
Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID
Ethan Lee <flibitijibibo(a)gmail.com>
Input: goodix - add new ACPI id for GPD Win 2 touch screen
Paolo Bonzini <pbonzini(a)redhat.com>
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
Dave Martin <Dave.Martin(a)arm.com>
tty: pl011: Avoid spuriously stuck-off interrupts
Gil Kupfer <gilkup(a)gmail.com>
vmw_balloon: fixing double free when batching mode is off
Tony Lindgren <tony(a)atomide.com>
serial: 8250: omap: Fix idling of clocks for unused uarts
Marek Szyprowski <m.szyprowski(a)samsung.com>
serial: samsung: fix maxburst parameter for DMA transactions
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
tty/serial: atmel: use port->name as name in request_irq()
Geert Uytterhoeven <geert+renesas(a)glider.be>
serial: sh-sci: Stop using printk format %pCr
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: should remove debugfs
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: fix double phy_put()
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: function: printer: avoid wrong list handling in printer_write()
Heikki Krogerus <heikki.krogerus(a)linux.intel.com>
usb: typec: wcove: Remove dependency on HW FSM
Ruslan Bilovol <ruslan.bilovol(a)gmail.com>
usb: core: message: remove extra endianness conversion in usb_set_isoch_delay
Manu Gautam <mgautam(a)codeaurora.org>
phy: qcom-qusb2: Fix crash if nvmem cell not specified
Ethan Lee <flibitijibibo(a)gmail.com>
Input: xpad - add GPD Win 2 Controller USB IDs
Alexander Kappner <agk(a)godking.net>
usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
Alexander Kappner <agk(a)godking.net>
usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
Gustavo A. R. Silva <gustavo(a)embeddedor.com>
usbip: vhci_sysfs: fix potential Spectre v1
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
NFC: pn533: don't send USB data off of the stack
Laura Abbott <labbott(a)redhat.com>
staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system
Felix Wilhelm <fwilhelm(a)google.com>
kvm: nVMX: Enforce cpl=0 for VMX instructions
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: introduce linear_{read,write}_system
Wanpeng Li <wanpengli(a)tencent.com>
KVM: X86: Fix reserved bits check for MOV to CR3
Kevin Easton <kevin(a)guarana.org>
af_key: Always verify length of provided sadb_key
Bart Van Assche <bart.vanassche(a)wdc.com>
blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
Atul Gupta <atul.gupta(a)chelsio.com>
crypto: chelsio - request to HW should wrap
Taehee Yoo <ap420073(a)gmail.com>
netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump()
-------------
Diffstat:
Makefile | 4 +-
arch/x86/include/asm/kvm_emulate.h | 6 +-
arch/x86/kvm/emulate.c | 76 ++++++-----
arch/x86/kvm/vmx.c | 38 +++---
arch/x86/kvm/x86.c | 53 +++++---
arch/x86/kvm/x86.h | 4 +-
block/blk-zoned.c | 8 +-
drivers/crypto/caam/caamalg.c | 231 ++++++++++++++------------------
drivers/crypto/caam/caamalg_qi.c | 227 ++++++++++++++++---------------
drivers/crypto/caam/caampkc.c | 62 ++++++++-
drivers/crypto/caam/caampkc.h | 8 ++
drivers/crypto/cavium/zip/common.h | 21 +++
drivers/crypto/cavium/zip/zip_crypto.c | 22 +--
drivers/crypto/cavium/zip/zip_deflate.c | 4 +-
drivers/crypto/cavium/zip/zip_inflate.c | 4 +-
drivers/crypto/chelsio/chcr_ipsec.c | 35 +++--
drivers/crypto/omap-sham.c | 2 +-
drivers/crypto/vmx/aes.c | 2 -
drivers/crypto/vmx/aes_cbc.c | 3 -
drivers/crypto/vmx/aes_ctr.c | 2 -
drivers/crypto/vmx/aes_xts.c | 2 -
drivers/crypto/vmx/ghash.c | 2 -
drivers/input/joystick/xpad.c | 2 +
drivers/input/mouse/elan_i2c_core.c | 1 +
drivers/input/touchscreen/goodix.c | 1 +
drivers/misc/vmw_balloon.c | 23 +---
drivers/nfc/pn533/usb.c | 42 ++++--
drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 +
drivers/staging/android/ion/ion.c | 5 +-
drivers/tty/serial/8250/8250_omap.c | 16 ++-
drivers/tty/serial/amba-pl011.c | 16 +++
drivers/tty/serial/atmel_serial.c | 5 +-
drivers/tty/serial/samsung.c | 7 +-
drivers/tty/serial/sh-sci.c | 4 +-
drivers/usb/core/message.c | 2 +-
drivers/usb/gadget/function/f_printer.c | 6 +-
drivers/usb/gadget/udc/renesas_usb3.c | 37 +++--
drivers/usb/storage/uas.c | 6 +
drivers/usb/storage/unusual_devs.h | 9 ++
drivers/usb/storage/unusual_uas.h | 9 ++
drivers/usb/typec/typec_wcove.c | 30 ++++-
drivers/usb/usbip/vhci_sysfs.c | 24 ++--
net/key/af_key.c | 45 +++++--
net/netfilter/nft_ct.c | 20 +--
44 files changed, 686 insertions(+), 444 deletions(-)
This is the start of the stable review cycle for the 4.14.50 release.
There are 36 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat Jun 16 13:21:44 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.50-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.14.50-rc1
Bin Liu <b-liu(a)ti.com>
crypto: omap-sham - fix memleak
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES XTS init
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES init routines
Jan Glauber <jglauber(a)cavium.com>
crypto: cavium - Limit result reading attempts
Jan Glauber <jglauber(a)cavium.com>
crypto: cavium - Fix fallout from CONFIG_VMAP_STACK
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix size of RSA prime factor q
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam/qi - fix IV DMA mapping and updating
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix IV DMA mapping and updating
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - fix DMA mapping dir for generated IV
Horia Geantă <horia.geanta(a)nxp.com>
crypto: caam - strip input zeros from RSA input buffer
Johannes Wienke <languitar(a)semipol.de>
Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID
Ethan Lee <flibitijibibo(a)gmail.com>
Input: goodix - add new ACPI id for GPD Win 2 touch screen
Paolo Bonzini <pbonzini(a)redhat.com>
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
Dave Martin <Dave.Martin(a)arm.com>
tty: pl011: Avoid spuriously stuck-off interrupts
Gil Kupfer <gilkup(a)gmail.com>
vmw_balloon: fixing double free when batching mode is off
Tony Lindgren <tony(a)atomide.com>
serial: 8250: omap: Fix idling of clocks for unused uarts
Marek Szyprowski <m.szyprowski(a)samsung.com>
serial: samsung: fix maxburst parameter for DMA transactions
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
tty/serial: atmel: use port->name as name in request_irq()
Geert Uytterhoeven <geert+renesas(a)glider.be>
serial: sh-sci: Stop using printk format %pCr
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: function: printer: avoid wrong list handling in printer_write()
Manu Gautam <mgautam(a)codeaurora.org>
phy: qcom-qusb2: Fix crash if nvmem cell not specified
Ethan Lee <flibitijibibo(a)gmail.com>
Input: xpad - add GPD Win 2 Controller USB IDs
Alexander Kappner <agk(a)godking.net>
usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
Alexander Kappner <agk(a)godking.net>
usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
Gustavo A. R. Silva <gustavo(a)embeddedor.com>
usbip: vhci_sysfs: fix potential Spectre v1
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
NFC: pn533: don't send USB data off of the stack
Laura Abbott <labbott(a)redhat.com>
staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system
Felix Wilhelm <fwilhelm(a)google.com>
kvm: nVMX: Enforce cpl=0 for VMX instructions
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: introduce linear_{read,write}_system
Wanpeng Li <wanpengli(a)tencent.com>
KVM: X86: Fix reserved bits check for MOV to CR3
Linus Walleij <linus.walleij(a)linaro.org>
gpio: No NULL owner
Kevin Easton <kevin(a)guarana.org>
af_key: Always verify length of provided sadb_key
Bart Van Assche <bart.vanassche(a)wdc.com>
blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
Taehee Yoo <ap420073(a)gmail.com>
netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump()
-------------
Diffstat:
Makefile | 4 +-
arch/x86/include/asm/kvm_emulate.h | 6 +-
arch/x86/kvm/emulate.c | 76 ++++++-----
arch/x86/kvm/vmx.c | 38 +++---
arch/x86/kvm/x86.c | 53 +++++---
arch/x86/kvm/x86.h | 4 +-
block/blk-zoned.c | 8 +-
drivers/crypto/caam/caamalg.c | 231 ++++++++++++++------------------
drivers/crypto/caam/caamalg_qi.c | 227 ++++++++++++++++---------------
drivers/crypto/caam/caampkc.c | 62 ++++++++-
drivers/crypto/caam/caampkc.h | 8 ++
drivers/crypto/cavium/zip/common.h | 21 +++
drivers/crypto/cavium/zip/zip_crypto.c | 22 +--
drivers/crypto/cavium/zip/zip_deflate.c | 4 +-
drivers/crypto/cavium/zip/zip_inflate.c | 4 +-
drivers/crypto/omap-sham.c | 2 +-
drivers/crypto/vmx/aes.c | 2 -
drivers/crypto/vmx/aes_cbc.c | 3 -
drivers/crypto/vmx/aes_ctr.c | 2 -
drivers/crypto/vmx/aes_xts.c | 2 -
drivers/crypto/vmx/ghash.c | 2 -
drivers/gpio/gpiolib.c | 9 +-
drivers/input/joystick/xpad.c | 2 +
drivers/input/mouse/elan_i2c_core.c | 1 +
drivers/input/touchscreen/goodix.c | 1 +
drivers/misc/vmw_balloon.c | 23 +---
drivers/nfc/pn533/usb.c | 42 ++++--
drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 +
drivers/staging/android/ion/ion.c | 5 +-
drivers/tty/serial/8250/8250_omap.c | 16 ++-
drivers/tty/serial/amba-pl011.c | 16 +++
drivers/tty/serial/atmel_serial.c | 5 +-
drivers/tty/serial/samsung.c | 7 +-
drivers/tty/serial/sh-sci.c | 4 +-
drivers/usb/gadget/function/f_printer.c | 6 +-
drivers/usb/gadget/udc/renesas_usb3.c | 7 +
drivers/usb/storage/uas.c | 6 +
drivers/usb/storage/unusual_devs.h | 9 ++
drivers/usb/storage/unusual_uas.h | 9 ++
drivers/usb/usbip/vhci_sysfs.c | 24 ++--
net/key/af_key.c | 45 +++++--
net/netfilter/nft_ct.c | 20 +--
42 files changed, 629 insertions(+), 413 deletions(-)
This is the start of the stable review cycle for the 4.9.109 release.
There are 30 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sat Jun 16 13:25:48 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.109-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.9.109-rc1
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
perf: sync up x86/.../cpufeatures.h
Bin Liu <b-liu(a)ti.com>
crypto: omap-sham - fix memleak
Michael Ellerman <mpe(a)ellerman.id.au>
crypto: vmx - Remove overly verbose printk from AES init routines
Johannes Wienke <languitar(a)semipol.de>
Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID
Ethan Lee <flibitijibibo(a)gmail.com>
Input: goodix - add new ACPI id for GPD Win 2 touch screen
Paolo Bonzini <pbonzini(a)redhat.com>
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access
Dave Martin <Dave.Martin(a)arm.com>
tty: pl011: Avoid spuriously stuck-off interrupts
Gil Kupfer <gilkup(a)gmail.com>
vmw_balloon: fixing double free when batching mode is off
Tony Lindgren <tony(a)atomide.com>
serial: 8250: omap: Fix idling of clocks for unused uarts
Marek Szyprowski <m.szyprowski(a)samsung.com>
serial: samsung: fix maxburst parameter for DMA transactions
Sebastian Andrzej Siewior <bigeasy(a)linutronix.de>
tty/serial: atmel: use port->name as name in request_irq()
Geert Uytterhoeven <geert+renesas(a)glider.be>
serial: sh-sci: Stop using printk format %pCr
Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting
Alexander Kappner <agk(a)godking.net>
usb-storage: Add compatibility quirk flags for G-Technologies G-Drive
Alexander Kappner <agk(a)godking.net>
usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver
Gustavo A. R. Silva <gustavo(a)embeddedor.com>
usbip: vhci_sysfs: fix potential Spectre v1
Laura Abbott <labbott(a)redhat.com>
staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system
Paolo Bonzini <pbonzini(a)redhat.com>
KVM: x86: introduce linear_{read,write}_system
Linus Walleij <linus.walleij(a)linaro.org>
gpio: No NULL owner
Martin Wilck <mwilck(a)suse.com>
nvmet: don't overwrite identify sn/fr with 0-bytes
Martin Wilck <mwilck(a)suse.com>
nvmet: don't report 0-bytes in serial number
Johannes Thumshirn <jthumshirn(a)suse.de>
nvmet: Move serial number from controller to subsystem
Andy Lutomirski <luto(a)kernel.org>
x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code
Kevin Easton <kevin(a)guarana.org>
af_key: Always verify length of provided sadb_key
Keith Busch <keith.busch(a)intel.com>
nvme-pci: initialize queue memory before interrupts
Andreas Born <futur.andy(a)googlemail.com>
bonding: require speed/duplex only for 802.3ad, alb and tlb
Mahesh Bandewar <maheshb(a)google.com>
bonding: fix active-backup transition
Mahesh Bandewar <maheshb(a)google.com>
bonding: correctly update link status during mii-commit phase
Andy Lutomirski <luto(a)kernel.org>
x86/fpu: Hard-disable lazy FPU mode
-------------
Diffstat:
Makefile | 4 +-
arch/x86/crypto/crc32c-intel_glue.c | 5 --
arch/x86/include/asm/cpufeatures.h | 2 +-
arch/x86/include/asm/fpu/internal.h | 2 +-
arch/x86/include/asm/kvm_emulate.h | 6 ++-
arch/x86/kernel/fpu/init.c | 91 ++------------------------------
arch/x86/kvm/emulate.c | 72 ++++++++++++-------------
arch/x86/kvm/vmx.c | 23 ++++----
arch/x86/kvm/x86.c | 51 +++++++++++++-----
arch/x86/kvm/x86.h | 4 +-
drivers/crypto/omap-sham.c | 2 +-
drivers/crypto/vmx/aes.c | 2 -
drivers/crypto/vmx/aes_cbc.c | 2 -
drivers/crypto/vmx/aes_ctr.c | 2 -
drivers/crypto/vmx/ghash.c | 2 -
drivers/gpio/gpiolib.c | 9 +++-
drivers/input/mouse/elan_i2c_core.c | 1 +
drivers/input/touchscreen/goodix.c | 1 +
drivers/misc/vmw_balloon.c | 23 +++-----
drivers/net/bonding/bond_main.c | 22 ++++----
drivers/nvme/host/pci.c | 4 +-
drivers/nvme/target/admin-cmd.c | 22 +++++---
drivers/nvme/target/core.c | 5 +-
drivers/nvme/target/nvmet.h | 2 +-
drivers/staging/android/ion/ion.c | 5 +-
drivers/tty/serial/8250/8250_omap.c | 16 +++++-
drivers/tty/serial/amba-pl011.c | 16 ++++++
drivers/tty/serial/atmel_serial.c | 5 +-
drivers/tty/serial/samsung.c | 7 +--
drivers/tty/serial/sh-sci.c | 4 +-
drivers/usb/gadget/udc/renesas_usb3.c | 7 +++
drivers/usb/storage/uas.c | 6 +++
drivers/usb/storage/unusual_devs.h | 9 ++++
drivers/usb/storage/unusual_uas.h | 9 ++++
drivers/usb/usbip/vhci_sysfs.c | 24 ++++++---
include/net/bonding.h | 5 ++
net/key/af_key.c | 45 ++++++++++++----
tools/arch/x86/include/asm/cpufeatures.h | 2 +-
38 files changed, 274 insertions(+), 245 deletions(-)
32bit UML used to define PTRACE_SYSEMU and PTRACE_SYSEMU_SINGLESTEP
own its own because many years ago not all libcs had these request codes
in their UAPI.
These days PTRACE_SYSEMU/_SINGLESTEP is well known and part of glibc
and our own define becomes problematic.
With change c48831d0eebf ("linux/x86: sync sys/ptrace.h with Linux 4.14
[BZ #22433]") glibc turned PTRACE_SYSEMU/_SINGLESTEP into a enum and
UML failed to build.
Let's drop our define and rely on the fact that every libc has
PTRACE_SYSEMU/_SINGLESTEP.
Cc: <stable(a)vger.kernel.org>
Cc: Ritesh Raj Sarraf <rrs(a)researchut.com>
Reported-and-tested-by: Ritesh Raj Sarraf <rrs(a)researchut.com>
Signed-off-by: Richard Weinberger <richard(a)nod.at>
---
arch/x86/um/shared/sysdep/ptrace_32.h | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/arch/x86/um/shared/sysdep/ptrace_32.h b/arch/x86/um/shared/sysdep/ptrace_32.h
index b94a108de1dc..ae00d22bce02 100644
--- a/arch/x86/um/shared/sysdep/ptrace_32.h
+++ b/arch/x86/um/shared/sysdep/ptrace_32.h
@@ -10,20 +10,10 @@
static inline void update_debugregs(int seq) {}
-/* syscall emulation path in ptrace */
-
-#ifndef PTRACE_SYSEMU
-#define PTRACE_SYSEMU 31
-#endif
-
void set_using_sysemu(int value);
int get_using_sysemu(void);
extern int sysemu_supported;
-#ifndef PTRACE_SYSEMU_SINGLESTEP
-#define PTRACE_SYSEMU_SINGLESTEP 32
-#endif
-
#define UPT_SYSCALL_ARG1(r) UPT_BX(r)
#define UPT_SYSCALL_ARG2(r) UPT_CX(r)
#define UPT_SYSCALL_ARG3(r) UPT_DX(r)
--
2.13.6
Yu,
Regarding your patch to disable AVX with eager fpu disabled in the 4.4
stable queue:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tre…
Why would this be necessary? In the Intel SDM Vol 2, Chapter 2.4,
FPU/SIMD instructions are grouped into different classes and for all of
them CR0.TS triggers a #NM exception in all modes but real mode and
virtual 8086 mode.
It seems to me lazy context switching of AVX is perfectly functional
(disregarding the recently disclosed security issue). Am I missing
something?
Julian
Tree/Branch: v4.1.52
Git describe: v4.1.52
Commit: c4ff7514e7 Linux 4.1.52
Build Time: 50 min 6 sec
Passed: 10 / 10 (100.00 %)
Failed: 0 / 10 ( 0.00 %)
Errors: 0
Warnings: 61
Section Mismatches: 1
-------------------------------------------------------------------------------
defconfigs with issues (other than build errors):
30 warnings 3 mismatches : arm64-allmodconfig
2 warnings 0 mismatches : arm-multi_v5_defconfig
6 warnings 0 mismatches : arm-multi_v7_defconfig
8 warnings 0 mismatches : x86_64-defconfig
32 warnings 0 mismatches : arm-allmodconfig
46 warnings 0 mismatches : x86_64-allmodconfig
1 warnings 0 mismatches : arm64-defconfig
-------------------------------------------------------------------------------
Warnings Summary: 61
8 ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
5 ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
5 ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
5 ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
5 ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
5 ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool]
4 ../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
3 ../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
3 ../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
3 ../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
3 ../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
3 ../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
3 ../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=]
3 ../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable]
3 ../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
3 ../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
3 ../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
3 ../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
3 ../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
3 ../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
2 ../drivers/usb/renesas_usbhs/common.c:492:25: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
2 ../drivers/scsi/ips.c:210:2: warning: #warning "This driver has only been tested on the x86/ia64/x86_64 platforms" [-Wcpp]
2 ../drivers/mmc/host/sh_mmcif.c:402:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
2 ../drivers/mmc/host/sh_mmcif.c:401:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
2 ../drivers/iommu/intel-iommu.c:3800:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
2 ../drivers/iommu/dmar.c:1849:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
2 ../drivers/hid/hid-input.c:1171:67: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
2 ../arch/x86/include/asm/msr.h:209:23: warning: right shift count >= width of type [-Wshift-count-overflow]
1 ../net/caif/cfpkt_skbuff.c:282:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../include/trace/ftrace.h:28:0: warning: "TRACE_SYSTEM_STRING" redefined
1 ../drivers/xen/swiotlb-xen.c:704:27: warning: passing argument 6 of '__generic_dma_ops(dev)->mmap' makes pointer from integer without a cast [-Wint-conversion]
1 ../drivers/staging/unisys/visorutil/periodic_work.c:91:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare]
1 ../drivers/staging/unisys/visorutil/periodic_work.c:122:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare]
1 ../drivers/staging/rtl8723au/core/rtw_wlan_util.c:525:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/staging/iio/adc/ad7192.c:236:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/staging/i2o/i2o_config.c:952:10: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
1 ../drivers/staging/i2o/i2o_config.c:892:19: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
1 ../drivers/scsi/storvsc_drv.c:1676:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/scsi/megaraid/megaraid_sas_fusion.c:1723:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/scsi/bfa/bfa_ioc.c:3673:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/scsi/bfa/bfa_ioc.c:3665:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/scsi/advansys.c:71:2: warning: #warning this driver is still not properly converted to the DMA API [-Wcpp]
1 ../drivers/rtc/rtc-pcf8563.c:444:5: warning: 'alm_pending' may be used uninitialized in this function [-Wmaybe-uninitialized]
1 ../drivers/rtc/rtc-armada38x.c:91:22: warning: unused variable 'flags' [-Wunused-variable]
1 ../drivers/net/wireless/iwlegacy/3945.c:1022:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
1 ../drivers/net/wireless/brcm80211/brcmfmac/fwsignal.c:1478:8: warning: 'skb' may be used uninitialized in this function [-Wmaybe-uninitialized]
1 ../drivers/net/ethernet/dec/tulip/uli526x.c:1086:4: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
1 ../drivers/mtd/mtd_blkdevs.c:100:2: warning: switch condition has boolean value [-Wswitch-bool]
1 ../drivers/media/usb/cx231xx/cx231xx-cards.c:1110:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=]
1 ../drivers/media/platform/coda/./trace.h:12:0: warning: "TRACE_SYSTEM_STRING" redefined
1 ../drivers/media/platform/am437x/am437x-vpfe.c:1723:27: warning: self-comparison always evaluates to true [-Wtautological-compare]
1 ../drivers/infiniband/hw/qib/qib_qp.c:44:0: warning: "BITS_PER_PAGE" redefined
1 ../drivers/infiniband/hw/cxgb4/mem.c:147:20: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
1 ../drivers/gpu/drm/nouveau/nvkm/engine/gr/ctxgm204.c:975:1: warning: the frame size of 1192 bytes is larger than 1024 bytes [-Wframe-larger-than=]
1 ../drivers/gpu/drm/gma500/cdv_intel_dp.c:869:2: warning: 'i2c_dp_aux_add_bus' is deprecated [-Wdeprecated-declarations]
1 ../drivers/block/hd.c:630:3: warning: switch condition has boolean value [-Wswitch-bool]
1 ../drivers/atm/iphase.c:1176:12: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
1 ../arch/x86/xen/mmu.c:1105:57: warning: array subscript is above array bounds [-Warray-bounds]
1 ../arch/arm64/xen/../../arm/xen/mm.c:183:10: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
1 ../arch/arm/mach-cns3xxx/pcie.c:266:1: warning: the frame size of 1080 bytes is larger than 1024 bytes [-Wframe-larger-than=]
1 ../arch/arm/include/asm/cmpxchg.h:205:3: warning: value computed is not used [-Wunused-value]
Section Mismatch Summary: 1
3 WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit()
===============================================================================
Detailed per-defconfig build reports below:
-------------------------------------------------------------------------------
arm64-allmodconfig : PASS, 0 errors, 30 warnings, 3 section mismatches
Warnings:
../arch/arm64/xen/../../arm/xen/mm.c:183:10: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../drivers/infiniband/hw/qib/qib_qp.c:44:0: warning: "BITS_PER_PAGE" redefined
../drivers/mmc/host/sh_mmcif.c:401:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../drivers/mmc/host/sh_mmcif.c:402:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool]
../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=]
../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable]
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../drivers/usb/renesas_usbhs/common.c:492:25: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
../drivers/scsi/ips.c:210:2: warning: #warning "This driver has only been tested on the x86/ia64/x86_64 platforms" [-Wcpp]
../drivers/xen/swiotlb-xen.c:704:27: warning: passing argument 6 of '__generic_dma_ops(dev)->mmap' makes pointer from integer without a cast [-Wint-conversion]
Section Mismatches:
WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit()
WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit()
WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit()
-------------------------------------------------------------------------------
arm-multi_v5_defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches
Warnings:
../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool]
../drivers/rtc/rtc-pcf8563.c:444:5: warning: 'alm_pending' may be used uninitialized in this function [-Wmaybe-uninitialized]
-------------------------------------------------------------------------------
arm-multi_v7_defconfig : PASS, 0 errors, 6 warnings, 0 section mismatches
Warnings:
../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool]
../drivers/net/wireless/brcm80211/brcmfmac/fwsignal.c:1478:8: warning: 'skb' may be used uninitialized in this function [-Wmaybe-uninitialized]
-------------------------------------------------------------------------------
x86_64-defconfig : PASS, 0 errors, 8 warnings, 0 section mismatches
Warnings:
../arch/x86/include/asm/msr.h:209:23: warning: right shift count >= width of type [-Wshift-count-overflow]
../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../drivers/hid/hid-input.c:1171:67: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/iommu/dmar.c:1849:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
../drivers/iommu/intel-iommu.c:3800:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
-------------------------------------------------------------------------------
arm-allmodconfig : PASS, 0 errors, 32 warnings, 0 section mismatches
Warnings:
../arch/arm/mach-cns3xxx/pcie.c:266:1: warning: the frame size of 1080 bytes is larger than 1024 bytes [-Wframe-larger-than=]
../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../arch/arm/include/asm/cmpxchg.h:205:3: warning: value computed is not used [-Wunused-value]
../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool]
../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../drivers/gpu/drm/nouveau/nvkm/engine/gr/ctxgm204.c:975:1: warning: the frame size of 1192 bytes is larger than 1024 bytes [-Wframe-larger-than=]
../drivers/infiniband/hw/cxgb4/mem.c:147:20: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool]
../include/trace/ftrace.h:28:0: warning: "TRACE_SYSTEM_STRING" redefined
../drivers/media/platform/coda/./trace.h:12:0: warning: "TRACE_SYSTEM_STRING" redefined
../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/rtc/rtc-armada38x.c:91:22: warning: unused variable 'flags' [-Wunused-variable]
../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=]
../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable]
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast
../drivers/scsi/ips.c:210:2: warning: #warning "This driver has only been tested on the x86/ia64/x86_64 platforms" [-Wcpp]
../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
-------------------------------------------------------------------------------
x86_64-allmodconfig : PASS, 0 errors, 46 warnings, 0 section mismatches
Warnings:
../arch/x86/include/asm/msr.h:209:23: warning: right shift count >= width of type [-Wshift-count-overflow]
../arch/x86/xen/mmu.c:1105:57: warning: array subscript is above array bounds [-Warray-bounds]
../drivers/atm/iphase.c:1176:12: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../net/caif/cfpkt_skbuff.c:282:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers]
../drivers/block/hd.c:630:3: warning: switch condition has boolean value [-Wswitch-bool]
../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
../drivers/gpu/drm/gma500/cdv_intel_dp.c:869:2: warning: 'i2c_dp_aux_add_bus' is deprecated [-Wdeprecated-declarations]
../drivers/hid/hid-input.c:1171:67: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/iommu/dmar.c:1849:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
../drivers/iommu/intel-iommu.c:3800:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
../drivers/mmc/host/sh_mmcif.c:401:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../drivers/mmc/host/sh_mmcif.c:402:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../drivers/mtd/mtd_blkdevs.c:100:2: warning: switch condition has boolean value [-Wswitch-bool]
../drivers/media/platform/am437x/am437x-vpfe.c:1723:27: warning: self-comparison always evaluates to true [-Wtautological-compare]
../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/net/ethernet/dec/tulip/uli526x.c:1086:4: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/media/usb/cx231xx/cx231xx-cards.c:1110:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=]
../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
../drivers/scsi/bfa/bfa_ioc.c:3665:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/scsi/bfa/bfa_ioc.c:3673:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/i2o/i2o_config.c:892:19: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../drivers/staging/i2o/i2o_config.c:952:10: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast]
../drivers/scsi/megaraid/megaraid_sas_fusion.c:1723:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/iio/adc/ad7192.c:236:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=]
../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable]
../drivers/scsi/advansys.c:71:2: warning: #warning this driver is still not properly converted to the DMA API [-Wcpp]
../drivers/scsi/storvsc_drv.c:1676:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation]
../drivers/net/wireless/iwlegacy/3945.c:1022:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses]
../drivers/usb/renesas_usbhs/common.c:492:25: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast]
../drivers/staging/rtl8723au/core/rtw_wlan_util.c:525:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation]
../drivers/staging/unisys/visorutil/periodic_work.c:91:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare]
../drivers/staging/unisys/visorutil/periodic_work.c:122:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare]
../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
-------------------------------------------------------------------------------
arm64-defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches
Warnings:
../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result]
-------------------------------------------------------------------------------
Passed with no errors, warnings or mismatches:
x86_64-allnoconfig
arm64-allnoconfig
arm-allnoconfig
From: Alan Jenkins <alan.christopher.jenkins(a)gmail.com>
BugLink: http://bugs.launchpad.net/bugs/1776887
When blk_queue_enter() waits for a queue to unfreeze, or unset the
PREEMPT_ONLY flag, do not allow it to be interrupted by a signal.
The PREEMPT_ONLY flag was introduced later in commit 3a0a529971ec
("block, scsi: Make SCSI quiesce and resume work reliably"). Note the SCSI
device is resumed asynchronously, i.e. after un-freezing userspace tasks.
So that commit exposed the bug as a regression in v4.15. A mysterious
SIGBUS (or -EIO) sometimes happened during the time the device was being
resumed. Most frequently, there was no kernel log message, and we saw Xorg
or Xwayland killed by SIGBUS.[1]
[1] E.g. https://bugzilla.redhat.com/show_bug.cgi?id=1553979
Without this fix, I get an IO error in this test:
# dd if=/dev/sda of=/dev/null iflag=direct & \
while killall -SIGUSR1 dd; do sleep 0.1; done & \
echo mem > /sys/power/state ; \
sleep 5; killall dd # stop after 5 seconds
The interruptible wait was added to blk_queue_enter in
commit 3ef28e83ab15 ("block: generic request_queue reference counting").
Before then, the interruptible wait was only in blk-mq, but I don't think
it could ever have been correct.
Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Alan Jenkins <alan.christopher.jenkins(a)gmail.com>
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
(cherry-picked from 1dc3039bc87ae7d19a990c3ee71cfd8a9068f428)
Signed-off-by: Khalid Elmously <khalid.elmously(a)canonical.com>
---
block/blk-core.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/block/blk-core.c b/block/blk-core.c
index fc0666354af3..59c91e345eea 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -821,7 +821,6 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags)
while (true) {
bool success = false;
- int ret;
rcu_read_lock();
if (percpu_ref_tryget_live(&q->q_usage_counter)) {
@@ -853,14 +852,12 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags)
*/
smp_rmb();
- ret = wait_event_interruptible(q->mq_freeze_wq,
- (atomic_read(&q->mq_freeze_depth) == 0 &&
- (preempt || !blk_queue_preempt_only(q))) ||
- blk_queue_dying(q));
+ wait_event(q->mq_freeze_wq,
+ (atomic_read(&q->mq_freeze_depth) == 0 &&
+ (preempt || !blk_queue_preempt_only(q))) ||
+ blk_queue_dying(q));
if (blk_queue_dying(q))
return -ENODEV;
- if (ret)
- return ret;
}
}
--
2.17.1
Tree/Branch: v3.2.102
Git describe: v3.2.102
Commit: f63b2b3204 Linux 3.2.102
Build Time: 0 min 3 sec
Passed: 0 / 5 ( 0.00 %)
Failed: 5 / 5 (100.00 %)
Errors: 6
Warnings: 20
Section Mismatches: 0
Failed defconfigs:
x86_64-allnoconfig
arm-allmodconfig
arm-allnoconfig
x86_64-allmodconfig
x86_64-defconfig
Errors:
x86_64-allnoconfig
/home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
/home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
arm-allnoconfig
/home/broonie/build/linux-stable/arch/arm/include/asm/div64.h:77:7: error: '__LINUX_ARM_ARCH__' undeclared (first use in this function)
/home/broonie/build/linux-stable/arch/arm/include/asm/glue-cache.h:129:2: error: #error Unknown cache maintenance model
/home/broonie/build/linux-stable/arch/arm/include/asm/glue-df.h:107:2: error: #error Unknown data abort handler type
/home/broonie/build/linux-stable/arch/arm/include/asm/glue-pf.h:54:2: error: #error Unknown prefetch abort handler type
x86_64-allmodconfig
/home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
/home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
x86_64-defconfig
/home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
/home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
-------------------------------------------------------------------------------
defconfigs with issues (other than build errors):
2 warnings 0 mismatches : arm-allmodconfig
19 warnings 0 mismatches : arm-allnoconfig
-------------------------------------------------------------------------------
Errors summary: 6
3 /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
3 /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
1 /home/broonie/build/linux-stable/arch/arm/include/asm/glue-pf.h:54:2: error: #error Unknown prefetch abort handler type
1 /home/broonie/build/linux-stable/arch/arm/include/asm/glue-df.h:107:2: error: #error Unknown data abort handler type
1 /home/broonie/build/linux-stable/arch/arm/include/asm/glue-cache.h:129:2: error: #error Unknown cache maintenance model
1 /home/broonie/build/linux-stable/arch/arm/include/asm/div64.h:77:7: error: '__LINUX_ARM_ARCH__' undeclared (first use in this function)
Warnings Summary: 20
2 .config:27:warning: symbol value '' invalid for PHYS_OFFSET
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:342:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:272:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:265:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:131:35: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:127:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:121:3: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:120:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:114:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/swab.h:25:28: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:82:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:102:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/irqflags.h:11:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/fpstate.h:32:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:33:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:28:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:196:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:194:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/bitops.h:217:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
1 /home/broonie/build/linux-stable/arch/arm/include/asm/atomic.h:30:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
===============================================================================
Detailed per-defconfig build reports below:
-------------------------------------------------------------------------------
x86_64-allnoconfig : FAIL, 2 errors, 0 warnings, 0 section mismatches
Errors:
/home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
/home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
-------------------------------------------------------------------------------
arm-allmodconfig : FAIL, 0 errors, 2 warnings, 0 section mismatches
Warnings:
.config:27:warning: symbol value '' invalid for PHYS_OFFSET
.config:27:warning: symbol value '' invalid for PHYS_OFFSET
-------------------------------------------------------------------------------
arm-allnoconfig : FAIL, 4 errors, 19 warnings, 0 section mismatches
Errors:
/home/broonie/build/linux-stable/arch/arm/include/asm/div64.h:77:7: error: '__LINUX_ARM_ARCH__' undeclared (first use in this function)
/home/broonie/build/linux-stable/arch/arm/include/asm/glue-cache.h:129:2: error: #error Unknown cache maintenance model
/home/broonie/build/linux-stable/arch/arm/include/asm/glue-df.h:107:2: error: #error Unknown data abort handler type
/home/broonie/build/linux-stable/arch/arm/include/asm/glue-pf.h:54:2: error: #error Unknown prefetch abort handler type
Warnings:
/home/broonie/build/linux-stable/arch/arm/include/asm/irqflags.h:11:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:114:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:120:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:121:3: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:127:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:131:35: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:265:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:272:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/system.h:342:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/bitops.h:217:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/swab.h:25:28: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/fpstate.h:32:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:82:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:102:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/atomic.h:30:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:28:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:33:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:194:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
/home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:196:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef]
-------------------------------------------------------------------------------
x86_64-allmodconfig : FAIL, 2 errors, 0 warnings, 0 section mismatches
Errors:
/home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
/home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
-------------------------------------------------------------------------------
x86_64-defconfig : FAIL, 2 errors, 0 warnings, 0 section mismatches
Errors:
/home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode
/home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode
-------------------------------------------------------------------------------
Passed with no errors, warnings or mismatches:
This reverts commit 186a6519dc94964a4c5c68fca482f20f71551f26.
This commit used an incorrect log message.
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
fs/btrfs/raid56.c | 18 ++++--------------
fs/btrfs/volumes.c | 9 +--------
2 files changed, 5 insertions(+), 22 deletions(-)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index af6a776fa18c..d016d4a79864 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -2161,21 +2161,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio,
}
/*
- * Loop retry:
- * for 'mirror == 2', reconstruct from all other stripes.
- * for 'mirror_num > 2', select a stripe to fail on every retry.
+ * reconstruct from the q stripe if they are
+ * asking for mirror 3
*/
- if (mirror_num > 2) {
- /*
- * 'mirror == 3' is to fail the p stripe and
- * reconstruct from the q stripe. 'mirror > 3' is to
- * fail a data stripe and reconstruct from p+q stripe.
- */
- rbio->failb = rbio->real_stripes - (mirror_num - 1);
- ASSERT(rbio->failb > 0);
- if (rbio->failb <= rbio->faila)
- rbio->failb--;
- }
+ if (mirror_num == 3)
+ rbio->failb = rbio->real_stripes - 2;
ret = lock_stripe_add(rbio);
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 76017e1b3c0f..c2495cde26f6 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -5186,14 +5186,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len)
else if (map->type & BTRFS_BLOCK_GROUP_RAID5)
ret = 2;
else if (map->type & BTRFS_BLOCK_GROUP_RAID6)
- /*
- * There could be two corrupted data stripes, we need
- * to loop retry in order to rebuild the correct data.
- *
- * Fail a stripe at a time on every retry except the
- * stripe under reconstruction.
- */
- ret = map->num_stripes;
+ ret = 3;
else
ret = 1;
free_extent_map(em);
--
2.17.1
This reverts commit d91bb7c6988bd6450284c762b33f2e1ea3fe7c97.
This commit used an incorrect log message.
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
fs/btrfs/raid56.c | 18 ++++--------------
fs/btrfs/volumes.c | 9 +--------
2 files changed, 5 insertions(+), 22 deletions(-)
diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c
index 2e995e565633..d1bda68a3386 100644
--- a/fs/btrfs/raid56.c
+++ b/fs/btrfs/raid56.c
@@ -2172,21 +2172,11 @@ int raid56_parity_recover(struct btrfs_fs_info *fs_info, struct bio *bio,
}
/*
- * Loop retry:
- * for 'mirror == 2', reconstruct from all other stripes.
- * for 'mirror_num > 2', select a stripe to fail on every retry.
+ * reconstruct from the q stripe if they are
+ * asking for mirror 3
*/
- if (mirror_num > 2) {
- /*
- * 'mirror == 3' is to fail the p stripe and
- * reconstruct from the q stripe. 'mirror > 3' is to
- * fail a data stripe and reconstruct from p+q stripe.
- */
- rbio->failb = rbio->real_stripes - (mirror_num - 1);
- ASSERT(rbio->failb > 0);
- if (rbio->failb <= rbio->faila)
- rbio->failb--;
- }
+ if (mirror_num == 3)
+ rbio->failb = rbio->real_stripes - 2;
ret = lock_stripe_add(rbio);
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 08afafb6ecf7..69bc37a87c5a 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -5110,14 +5110,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len)
else if (map->type & BTRFS_BLOCK_GROUP_RAID5)
ret = 2;
else if (map->type & BTRFS_BLOCK_GROUP_RAID6)
- /*
- * There could be two corrupted data stripes, we need
- * to loop retry in order to rebuild the correct data.
- *
- * Fail a stripe at a time on every retry except the
- * stripe under reconstruction.
- */
- ret = map->num_stripes;
+ ret = 3;
else
ret = 1;
free_extent_map(em);
--
2.17.1
From: Dan Williams <dan.j.williams(a)intel.com>
Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections
Hussam reports:
I was poking around and for no real reason, I did cat /dev/mem and
strings /dev/mem. Then I saw the following warning in dmesg. I saved it
and rebooted immediately.
memremap attempted on mixed range 0x000000000009c000 size: 0x1000
------------[ cut here ]------------
WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170
[..]
Call Trace:
xlate_dev_mem_ptr+0x25/0x40
read_mem+0x89/0x1a0
__vfs_read+0x36/0x170
The memremap() implementation checks for attempts to remap System RAM with
MEMREMAP_WB and instead redirects those mapping attempts to the linear
map. However, that only works if the physical address range being
remapped is page aligned. In low memory we have situations like the
following:
00000000-00000fff : Reserved
00001000-0009fbff : System RAM
0009fc00-0009ffff : Reserved
...where System RAM intersects Reserved ranges on a sub-page page
granularity.
Given that devmem_is_allowed() special cases any attempt to map System RAM
in the first 1MB of memory, replace page_is_ram() with the more precise
region_intersects() to trap attempts to map disallowed ranges.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999
Link: http://lkml.kernel.org/r/152856436164.18127.2847888121707136898.stgit@dwill…
Fixes: 92281dee825f ("arch: introduce memremap()")
Signed-off-by: Dan Williams <dan.j.williams(a)intel.com>
Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Tested-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Cc: Christoph Hellwig <hch(a)lst.de>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/x86/mm/init.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff -puN arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections arch/x86/mm/init.c
--- a/arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections
+++ a/arch/x86/mm/init.c
@@ -706,7 +706,9 @@ void __init init_mem_mapping(void)
*/
int devmem_is_allowed(unsigned long pagenr)
{
- if (page_is_ram(pagenr)) {
+ if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE,
+ IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE)
+ != REGION_DISJOINT) {
/*
* For disallowed memory regions in the low 1MB range,
* request that the page be shown as all zeros.
_
In binutils 2.26 a new opcode for the "wait" instruction was added for the
POWER9 and has precedence over the one specific to the e500mc. Commit
ebf714ff3756 ("powerpc/e500mc: Add support for the wait instruction in
e500_idle") uses this instruction specifically on the e500mc to work around
an erratum.
This results in an invalid instruction in idle_e500 when we build for the
e500mc on bintutils >= 2.26 with the default assembler machine type.
Since multiplatform between e500 and non-e500 is not supported, set the
assembler machine type globaly when CONFIG_PPC_E500MC=y.
Signed-off-by: Michael Jeanson <mjeanson(a)efficios.com>
Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com>
CC: Benjamin Herrenschmidt <benh(a)kernel.crashing.org>
CC: Paul Mackerras <paulus(a)samba.org>
CC: Michael Ellerman <mpe(a)ellerman.id.au>
CC: Kumar Gala <galak(a)kernel.crashing.org>
CC: Vakul Garg <vakul.garg(a)nxp.com>
CC: Scott Wood <swood(a)redhat.com>
CC: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com>
CC: linuxppc-dev(a)lists.ozlabs.org
CC: linux-kernel(a)vger.kernel.org
CC: stable(a)vger.kernel.org
---
arch/powerpc/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/powerpc/Makefile b/arch/powerpc/Makefile
index 95813df90801..bb2523b4bd8f 100644
--- a/arch/powerpc/Makefile
+++ b/arch/powerpc/Makefile
@@ -251,6 +251,7 @@ cpu-as-$(CONFIG_4xx) += -Wa,-m405
cpu-as-$(CONFIG_ALTIVEC) += $(call as-option,-Wa$(comma)-maltivec)
cpu-as-$(CONFIG_E200) += -Wa,-me200
cpu-as-$(CONFIG_PPC_BOOK3S_64) += -Wa,-mpower4
+cpu-as-$(CONFIG_PPC_E500MC) += $(call as-option,-Wa$(comma)-me500mc)
KBUILD_AFLAGS += $(cpu-as-y)
KBUILD_CFLAGS += $(cpu-as-y)
--
2.17.1
From: Alan Jenkins <alan.christopher.jenkins(a)gmail.com>
BugLink: http://bugs.launchpad.net/bugs/1776887
When blk_queue_enter() waits for a queue to unfreeze, or unset the
PREEMPT_ONLY flag, do not allow it to be interrupted by a signal.
The PREEMPT_ONLY flag was introduced later in commit 3a0a529971ec
("block, scsi: Make SCSI quiesce and resume work reliably"). Note the SCSI
device is resumed asynchronously, i.e. after un-freezing userspace tasks.
So that commit exposed the bug as a regression in v4.15. A mysterious
SIGBUS (or -EIO) sometimes happened during the time the device was being
resumed. Most frequently, there was no kernel log message, and we saw Xorg
or Xwayland killed by SIGBUS.[1]
[1] E.g. https://bugzilla.redhat.com/show_bug.cgi?id=1553979
Without this fix, I get an IO error in this test:
# dd if=/dev/sda of=/dev/null iflag=direct & \
while killall -SIGUSR1 dd; do sleep 0.1; done & \
echo mem > /sys/power/state ; \
sleep 5; killall dd # stop after 5 seconds
The interruptible wait was added to blk_queue_enter in
commit 3ef28e83ab15 ("block: generic request_queue reference counting").
Before then, the interruptible wait was only in blk-mq, but I don't think
it could ever have been correct.
Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Alan Jenkins <alan.christopher.jenkins(a)gmail.com>
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
(cherry-picked from 1dc3039bc87ae7d19a990c3ee71cfd8a9068f428)
Signed-off-by: Khalid Elmously <khalid.elmously(a)canonical.com>
---
block/blk-core.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/block/blk-core.c b/block/blk-core.c
index fc0666354af3..59c91e345eea 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -821,7 +821,6 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags)
while (true) {
bool success = false;
- int ret;
rcu_read_lock();
if (percpu_ref_tryget_live(&q->q_usage_counter)) {
@@ -853,14 +852,12 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags)
*/
smp_rmb();
- ret = wait_event_interruptible(q->mq_freeze_wq,
- (atomic_read(&q->mq_freeze_depth) == 0 &&
- (preempt || !blk_queue_preempt_only(q))) ||
- blk_queue_dying(q));
+ wait_event(q->mq_freeze_wq,
+ (atomic_read(&q->mq_freeze_depth) == 0 &&
+ (preempt || !blk_queue_preempt_only(q))) ||
+ blk_queue_dying(q));
if (blk_queue_dying(q))
return -ENODEV;
- if (ret)
- return ret;
}
}
--
2.17.1
From: Alan Jenkins <alan.christopher.jenkins(a)gmail.com>
BugLink: http://bugs.launchpad.net/bugs/1776887
When blk_queue_enter() waits for a queue to unfreeze, or unset the
PREEMPT_ONLY flag, do not allow it to be interrupted by a signal.
The PREEMPT_ONLY flag was introduced later in commit 3a0a529971ec
("block, scsi: Make SCSI quiesce and resume work reliably"). Note the SCSI
device is resumed asynchronously, i.e. after un-freezing userspace tasks.
So that commit exposed the bug as a regression in v4.15. A mysterious
SIGBUS (or -EIO) sometimes happened during the time the device was being
resumed. Most frequently, there was no kernel log message, and we saw Xorg
or Xwayland killed by SIGBUS.[1]
[1] E.g. https://bugzilla.redhat.com/show_bug.cgi?id=1553979
Without this fix, I get an IO error in this test:
# dd if=/dev/sda of=/dev/null iflag=direct & \
while killall -SIGUSR1 dd; do sleep 0.1; done & \
echo mem > /sys/power/state ; \
sleep 5; killall dd # stop after 5 seconds
The interruptible wait was added to blk_queue_enter in
commit 3ef28e83ab15 ("block: generic request_queue reference counting").
Before then, the interruptible wait was only in blk-mq, but I don't think
it could ever have been correct.
Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Alan Jenkins <alan.christopher.jenkins(a)gmail.com>
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
(cherry-picked from 1dc3039bc87ae7d19a990c3ee71cfd8a9068f428)
Signed-off-by: Khalid Elmously <khalid.elmously(a)canonical.com>
---
block/blk-core.c | 11 ++++-------
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/block/blk-core.c b/block/blk-core.c
index fc0666354af3..59c91e345eea 100644
--- a/block/blk-core.c
+++ b/block/blk-core.c
@@ -821,7 +821,6 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags)
while (true) {
bool success = false;
- int ret;
rcu_read_lock();
if (percpu_ref_tryget_live(&q->q_usage_counter)) {
@@ -853,14 +852,12 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags)
*/
smp_rmb();
- ret = wait_event_interruptible(q->mq_freeze_wq,
- (atomic_read(&q->mq_freeze_depth) == 0 &&
- (preempt || !blk_queue_preempt_only(q))) ||
- blk_queue_dying(q));
+ wait_event(q->mq_freeze_wq,
+ (atomic_read(&q->mq_freeze_depth) == 0 &&
+ (preempt || !blk_queue_preempt_only(q))) ||
+ blk_queue_dying(q));
if (blk_queue_dying(q))
return -ENODEV;
- if (ret)
- return ret;
}
}
--
2.17.1
On Wed, 2018-02-28 at 09:19 +0000, Roger Pau Monne wrote:
> From: Roger Pau Monne <roger.pau(a)citrix.com>
>
> [ Upstream commit 910f8befdf5bccf25287d9f1743e3e546bcb7ce0 ]
>
> Current cleanup in the error path of xen_bind_pirq_msi_to_irq is
> wrong. First of all there's an off-by-one in the cleanup loop, which
> can lead to unbinding wrong IRQs.
>
> Secondly IRQs not bound won't be freed, thus leaking IRQ numbers.
>
> Note that there's no need to differentiate between bound and unbound
> IRQs when freeing them, __unbind_from_irq will deal with both of them
> correctly.
It appears to me that it is safe to call __unbind_from_irq() after
xen_irq_info_common_setup() fails, but *not* if the latter hasn't been
called at all. In that case the IRQ type will still be set to
IRQT_UNBOUND and this will trigger the BUG_ON() in __unbind_from_irq().
[...]
> --- a/drivers/xen/events/events_base.c
> +++ b/drivers/xen/events/events_base.c
> @@ -764,8 +764,8 @@ out:
> mutex_unlock(&irq_mapping_update_lock);
> return irq;
> error_irq:
> - for (; i >= 0; i--)
> - __unbind_from_irq(irq + i);
> + while (nvec--)
> + __unbind_from_irq(irq + nvec);
If nvec > 1, and xen_irq_info_pirq_setup() fails for i != nvec - 1,
then we reach here without having called xen_irq_info_common_setup()
for all these IRQs.
In that case, I think we will still want to call xen_free_irq() for all
IRQs. So maybe the fix would be to remove the BUG_ON() in
__unbind_from_irq()?
Ben.
> mutex_unlock(&irq_mapping_update_lock);
> return ret;
> }
--
Ben Hutchings, Software Developer Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom
The patch below does not apply to the 3.18-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From 4a7e625ce50412a7711efa0f2ef0b96ce3826759 Mon Sep 17 00:00:00 2001
From: Dave Martin <Dave.Martin(a)arm.com>
Date: Thu, 10 May 2018 18:08:23 +0100
Subject: [PATCH] tty: pl011: Avoid spuriously stuck-off interrupts
Commit 9b96fbacda34 ("serial: PL011: clear pending interrupts")
clears the RX and receive timeout interrupts on pl011 startup, to
avoid a screaming-interrupt scenario that can occur when the
firmware or bootloader leaves these interrupts asserted.
This has been noted as an issue when running Linux on qemu [1].
Unfortunately, the above fix seems to lead to potential
misbehaviour if the RX FIFO interrupt is asserted _non_ spuriously
on driver startup, if the RX FIFO is also already full to the
trigger level.
Clearing the RX FIFO interrupt does not change the FIFO fill level.
In this scenario, because the interrupt is now clear and because
the FIFO is already full to the trigger level, no new assertion of
the RX FIFO interrupt can occur unless the FIFO is drained back
below the trigger level. This never occurs because the pl011
driver is waiting for an RX FIFO interrupt to tell it that there is
something to read, and does not read the FIFO at all until that
interrupt occurs.
Thus, simply clearing "spurious" interrupts on startup may be
misguided, since there is no way to be sure that the interrupts are
truly spurious, and things can go wrong if they are not.
This patch instead clears the interrupt condition by draining the
RX FIFO during UART startup, after clearing any potentially
spurious interrupt. This should ensure that an interrupt will
definitely be asserted if the RX FIFO subsequently becomes
sufficiently full.
The drain is done at the point of enabling interrupts only. This
means that it will occur any time the UART is newly opened through
the tty layer. It will not apply to polled-mode use of the UART by
kgdboc: since that scenario cannot use interrupts by design, this
should not matter. kgdboc will interact badly with "normal" use of
the UART in any case: this patch makes no attempt to paper over
such issues.
This patch does not attempt to address the case where the RX FIFO
fills faster than it can be drained: that is a pathological
hardware design problem that is beyond the scope of the driver to
work around. As a failsafe, the number of poll iterations for
draining the FIFO is limited to twice the FIFO size. This will
ensure that the kernel at least boots even if it is impossible to
drain the FIFO for some reason.
[1] [Qemu-devel] [Qemu-arm] [PATCH] pl011: do not put into fifo
before enabled the interruption
https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg06446.html
Reported-by: Wei Xu <xuwei5(a)hisilicon.com>
Cc: Russell King <linux(a)armlinux.org.uk>
Cc: Linus Walleij <linus.walleij(a)linaro.org>
Cc: Peter Maydell <peter.maydell(a)linaro.org>
Fixes: 9b96fbacda34 ("serial: PL011: clear pending interrupts")
Signed-off-by: Dave Martin <Dave.Martin(a)arm.com>
Cc: stable <stable(a)vger.kernel.org>
Tested-by: Wei Xu <xuwei5(a)hisilicon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c
index 4b40a5b449ee..ebd33c0232e6 100644
--- a/drivers/tty/serial/amba-pl011.c
+++ b/drivers/tty/serial/amba-pl011.c
@@ -1727,10 +1727,26 @@ static int pl011_allocate_irq(struct uart_amba_port *uap)
*/
static void pl011_enable_interrupts(struct uart_amba_port *uap)
{
+ unsigned int i;
+
spin_lock_irq(&uap->port.lock);
/* Clear out any spuriously appearing RX interrupts */
pl011_write(UART011_RTIS | UART011_RXIS, uap, REG_ICR);
+
+ /*
+ * RXIS is asserted only when the RX FIFO transitions from below
+ * to above the trigger threshold. If the RX FIFO is already
+ * full to the threshold this can't happen and RXIS will now be
+ * stuck off. Drain the RX FIFO explicitly to fix this:
+ */
+ for (i = 0; i < uap->fifosize * 2; ++i) {
+ if (pl011_read(uap, REG_FR) & UART01x_FR_RXFE)
+ break;
+
+ pl011_read(uap, REG_DR);
+ }
+
uap->im = UART011_RTIM;
if (!pl011_dma_rx_running(uap))
uap->im |= UART011_RXIM;
The patch below does not apply to the 4.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From 4a7e625ce50412a7711efa0f2ef0b96ce3826759 Mon Sep 17 00:00:00 2001
From: Dave Martin <Dave.Martin(a)arm.com>
Date: Thu, 10 May 2018 18:08:23 +0100
Subject: [PATCH] tty: pl011: Avoid spuriously stuck-off interrupts
Commit 9b96fbacda34 ("serial: PL011: clear pending interrupts")
clears the RX and receive timeout interrupts on pl011 startup, to
avoid a screaming-interrupt scenario that can occur when the
firmware or bootloader leaves these interrupts asserted.
This has been noted as an issue when running Linux on qemu [1].
Unfortunately, the above fix seems to lead to potential
misbehaviour if the RX FIFO interrupt is asserted _non_ spuriously
on driver startup, if the RX FIFO is also already full to the
trigger level.
Clearing the RX FIFO interrupt does not change the FIFO fill level.
In this scenario, because the interrupt is now clear and because
the FIFO is already full to the trigger level, no new assertion of
the RX FIFO interrupt can occur unless the FIFO is drained back
below the trigger level. This never occurs because the pl011
driver is waiting for an RX FIFO interrupt to tell it that there is
something to read, and does not read the FIFO at all until that
interrupt occurs.
Thus, simply clearing "spurious" interrupts on startup may be
misguided, since there is no way to be sure that the interrupts are
truly spurious, and things can go wrong if they are not.
This patch instead clears the interrupt condition by draining the
RX FIFO during UART startup, after clearing any potentially
spurious interrupt. This should ensure that an interrupt will
definitely be asserted if the RX FIFO subsequently becomes
sufficiently full.
The drain is done at the point of enabling interrupts only. This
means that it will occur any time the UART is newly opened through
the tty layer. It will not apply to polled-mode use of the UART by
kgdboc: since that scenario cannot use interrupts by design, this
should not matter. kgdboc will interact badly with "normal" use of
the UART in any case: this patch makes no attempt to paper over
such issues.
This patch does not attempt to address the case where the RX FIFO
fills faster than it can be drained: that is a pathological
hardware design problem that is beyond the scope of the driver to
work around. As a failsafe, the number of poll iterations for
draining the FIFO is limited to twice the FIFO size. This will
ensure that the kernel at least boots even if it is impossible to
drain the FIFO for some reason.
[1] [Qemu-devel] [Qemu-arm] [PATCH] pl011: do not put into fifo
before enabled the interruption
https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg06446.html
Reported-by: Wei Xu <xuwei5(a)hisilicon.com>
Cc: Russell King <linux(a)armlinux.org.uk>
Cc: Linus Walleij <linus.walleij(a)linaro.org>
Cc: Peter Maydell <peter.maydell(a)linaro.org>
Fixes: 9b96fbacda34 ("serial: PL011: clear pending interrupts")
Signed-off-by: Dave Martin <Dave.Martin(a)arm.com>
Cc: stable <stable(a)vger.kernel.org>
Tested-by: Wei Xu <xuwei5(a)hisilicon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c
index 4b40a5b449ee..ebd33c0232e6 100644
--- a/drivers/tty/serial/amba-pl011.c
+++ b/drivers/tty/serial/amba-pl011.c
@@ -1727,10 +1727,26 @@ static int pl011_allocate_irq(struct uart_amba_port *uap)
*/
static void pl011_enable_interrupts(struct uart_amba_port *uap)
{
+ unsigned int i;
+
spin_lock_irq(&uap->port.lock);
/* Clear out any spuriously appearing RX interrupts */
pl011_write(UART011_RTIS | UART011_RXIS, uap, REG_ICR);
+
+ /*
+ * RXIS is asserted only when the RX FIFO transitions from below
+ * to above the trigger threshold. If the RX FIFO is already
+ * full to the threshold this can't happen and RXIS will now be
+ * stuck off. Drain the RX FIFO explicitly to fix this:
+ */
+ for (i = 0; i < uap->fifosize * 2; ++i) {
+ if (pl011_read(uap, REG_FR) & UART01x_FR_RXFE)
+ break;
+
+ pl011_read(uap, REG_DR);
+ }
+
uap->im = UART011_RTIM;
if (!pl011_dma_rx_running(uap))
uap->im |= UART011_RXIM;
The patch below does not apply to the 4.4-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From 13dc04d0e5fdc25c8f713ad23fdce51cf2bf96ba Mon Sep 17 00:00:00 2001
From: Tony Lindgren <tony(a)atomide.com>
Date: Fri, 4 May 2018 10:44:09 -0700
Subject: [PATCH] serial: 8250: omap: Fix idling of clocks for unused uarts
I noticed that unused UARTs won't necessarily idle properly always
unless at least one byte tx transfer is done first.
After some debugging I narrowed down the problem to the scr register
dma configuration bits that need to be set before softreset for the
clocks to idle. Unless we do this, the module clkctrl idlest bits
may be set to 1 instead of 3 meaning the clock will never idle and
is blocking deeper idle states for the whole domain.
This might be related to the configuration done by the bootloader
or kexec booting where certain configurations cause the 8250 or
the clkctrl clock to jam in a way where setting of the scr bits
and reset is needed to clear it. I've tried diffing the 8250
registers for the various modes, but did not see anything specific.
So far I've only seen this on omap4 but I'm suspecting this might
also happen on the other clkctrl using SoCs considering they
already have a quirk enabled for UART_ERRATA_CLOCK_DISABLE.
Let's fix the issue by configuring scr before reset for basic dma
even if we don't use it. The scr register will be reset when we do
softreset few lines after, and we restore scr on resume. We should
do this for all the SoCs with UART_ERRATA_CLOCK_DISABLE quirk flag
set since the ones with UART_ERRATA_CLOCK_DISABLE are all based
using clkctrl similar to omap4.
Looks like both OMAP_UART_SCR_DMAMODE_1 | OMAP_UART_SCR_DMAMODE_CTL
bits are needed for the clkctrl to idle after a softreset.
And we need to add omap4 to also use the UART_ERRATA_CLOCK_DISABLE
for the related workaround to be enabled. This same compatible
value will also be used for omap5.
Fixes: cdb929e4452a ("serial: 8250_omap: workaround errata around idling UART after using DMA")
Cc: Keerthy <j-keerthy(a)ti.com>
Cc: Matthijs van Duin <matthijsvanduin(a)gmail.com>
Cc: Sekhar Nori <nsekhar(a)ti.com>
Cc: Tero Kristo <t-kristo(a)ti.com>
Signed-off-by: Tony Lindgren <tony(a)atomide.com>
Cc: stable <stable(a)vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
diff --git a/drivers/tty/serial/8250/8250_omap.c b/drivers/tty/serial/8250/8250_omap.c
index 6aaa84355fd1..1b337fee07ed 100644
--- a/drivers/tty/serial/8250/8250_omap.c
+++ b/drivers/tty/serial/8250/8250_omap.c
@@ -1110,13 +1110,14 @@ static int omap8250_no_handle_irq(struct uart_port *port)
return 0;
}
+static const u8 omap4_habit = UART_ERRATA_CLOCK_DISABLE;
static const u8 am3352_habit = OMAP_DMA_TX_KICK | UART_ERRATA_CLOCK_DISABLE;
static const u8 dra742_habit = UART_ERRATA_CLOCK_DISABLE;
static const struct of_device_id omap8250_dt_ids[] = {
{ .compatible = "ti,omap2-uart" },
{ .compatible = "ti,omap3-uart" },
- { .compatible = "ti,omap4-uart" },
+ { .compatible = "ti,omap4-uart", .data = &omap4_habit, },
{ .compatible = "ti,am3352-uart", .data = &am3352_habit, },
{ .compatible = "ti,am4372-uart", .data = &am3352_habit, },
{ .compatible = "ti,dra742-uart", .data = &dra742_habit, },
@@ -1362,6 +1363,19 @@ static int omap8250_soft_reset(struct device *dev)
int sysc;
int syss;
+ /*
+ * At least on omap4, unused uarts may not idle after reset without
+ * a basic scr dma configuration even with no dma in use. The
+ * module clkctrl status bits will be 1 instead of 3 blocking idle
+ * for the whole clockdomain. The softreset below will clear scr,
+ * and we restore it on resume so this is safe to do on all SoCs
+ * needing omap8250_soft_reset() quirk. Do it in two writes as
+ * recommended in the comment for omap8250_update_scr().
+ */
+ serial_out(up, UART_OMAP_SCR, OMAP_UART_SCR_DMAMODE_1);
+ serial_out(up, UART_OMAP_SCR,
+ OMAP_UART_SCR_DMAMODE_1 | OMAP_UART_SCR_DMAMODE_CTL);
+
sysc = serial_in(up, UART_OMAP_SYSC);
/* softreset the UART */
The patch below does not apply to the 4.14-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From 05645366f3893c160bd39ca49f3fe2f2f026f58b Mon Sep 17 00:00:00 2001
From: Mayank Rana <mrana(a)codeaurora.org>
Date: Fri, 23 Mar 2018 10:05:33 -0700
Subject: [PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
dwc3_ep_dequeue() waits for completion of End Transfer command using
wait_event_lock_irq(), which will release the dwc3->lock while waiting
and reacquire after completion. This allows a potential race condition
with ep_disable() which also removes all requests from started_list
and pending_list.
The check for NULL r->trb should catch this but currently it exits to
the wrong 'out1' label which calls dwc3_gadget_giveback(). Since its
list entry was already removed, if CONFIG_DEBUG_LIST is enabled a
'list_del corruption' bug is thrown since its next/prev pointers are
already LIST_POISON1/2. If r->trb is NULL it should simply exit to
'out0'.
Fixes: cf3113d893d4 ("usb: dwc3: gadget: properly increment dequeue pointer on ep_dequeue")
Cc: stable(a)vger.kernel.org # v4.12+
Signed-off-by: Mayank Rana <mrana(a)codeaurora.org>
Signed-off-by: Jack Pham <jackp(a)codeaurora.org>
Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com>
diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c
index eeb30133878e..69bf137aab37 100644
--- a/drivers/usb/dwc3/gadget.c
+++ b/drivers/usb/dwc3/gadget.c
@@ -1395,7 +1395,7 @@ static int dwc3_gadget_ep_dequeue(struct usb_ep *ep,
dwc->lock);
if (!r->trb)
- goto out1;
+ goto out0;
if (r->num_pending_sgs) {
struct dwc3_trb *trb;
The patch below does not apply to the 4.16-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From 05645366f3893c160bd39ca49f3fe2f2f026f58b Mon Sep 17 00:00:00 2001
From: Mayank Rana <mrana(a)codeaurora.org>
Date: Fri, 23 Mar 2018 10:05:33 -0700
Subject: [PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
dwc3_ep_dequeue() waits for completion of End Transfer command using
wait_event_lock_irq(), which will release the dwc3->lock while waiting
and reacquire after completion. This allows a potential race condition
with ep_disable() which also removes all requests from started_list
and pending_list.
The check for NULL r->trb should catch this but currently it exits to
the wrong 'out1' label which calls dwc3_gadget_giveback(). Since its
list entry was already removed, if CONFIG_DEBUG_LIST is enabled a
'list_del corruption' bug is thrown since its next/prev pointers are
already LIST_POISON1/2. If r->trb is NULL it should simply exit to
'out0'.
Fixes: cf3113d893d4 ("usb: dwc3: gadget: properly increment dequeue pointer on ep_dequeue")
Cc: stable(a)vger.kernel.org # v4.12+
Signed-off-by: Mayank Rana <mrana(a)codeaurora.org>
Signed-off-by: Jack Pham <jackp(a)codeaurora.org>
Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com>
diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c
index eeb30133878e..69bf137aab37 100644
--- a/drivers/usb/dwc3/gadget.c
+++ b/drivers/usb/dwc3/gadget.c
@@ -1395,7 +1395,7 @@ static int dwc3_gadget_ep_dequeue(struct usb_ep *ep,
dwc->lock);
if (!r->trb)
- goto out1;
+ goto out0;
if (r->num_pending_sgs) {
struct dwc3_trb *trb;
The patch below does not apply to the 4.17-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable(a)vger.kernel.org>.
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
>From 05645366f3893c160bd39ca49f3fe2f2f026f58b Mon Sep 17 00:00:00 2001
From: Mayank Rana <mrana(a)codeaurora.org>
Date: Fri, 23 Mar 2018 10:05:33 -0700
Subject: [PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue
dwc3_ep_dequeue() waits for completion of End Transfer command using
wait_event_lock_irq(), which will release the dwc3->lock while waiting
and reacquire after completion. This allows a potential race condition
with ep_disable() which also removes all requests from started_list
and pending_list.
The check for NULL r->trb should catch this but currently it exits to
the wrong 'out1' label which calls dwc3_gadget_giveback(). Since its
list entry was already removed, if CONFIG_DEBUG_LIST is enabled a
'list_del corruption' bug is thrown since its next/prev pointers are
already LIST_POISON1/2. If r->trb is NULL it should simply exit to
'out0'.
Fixes: cf3113d893d4 ("usb: dwc3: gadget: properly increment dequeue pointer on ep_dequeue")
Cc: stable(a)vger.kernel.org # v4.12+
Signed-off-by: Mayank Rana <mrana(a)codeaurora.org>
Signed-off-by: Jack Pham <jackp(a)codeaurora.org>
Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com>
diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c
index eeb30133878e..69bf137aab37 100644
--- a/drivers/usb/dwc3/gadget.c
+++ b/drivers/usb/dwc3/gadget.c
@@ -1395,7 +1395,7 @@ static int dwc3_gadget_ep_dequeue(struct usb_ep *ep,
dwc->lock);
if (!r->trb)
- goto out1;
+ goto out0;
if (r->num_pending_sgs) {
struct dwc3_trb *trb;
7d18f0a14aa6a0d6bad39111c1fb655f07f71d59 ("gpio: No NULL owner") fixes
an issue from 24e78079bf2250874e33da2e7cfbb6db72d3caf4 ("gpio: label
descriptors using the device name") which has been included in stable
branches. It handles the case where GPIOs are fetched with a NULL parent
device.
The patch originally went in in 4.15, so more recent branches shouldn't
have that issue.
-Daniel Rosenberg
Page hints are reworked - I dropped them for now.
The following changes since commit 29dcea88779c856c7dc92040a0c01233263101d4:
Linux 4.17 (2018-06-03 14:15:21 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus
for you to fetch changes up to 2eb98105f8c7f4b867f7f714a998f5b8c1bb009b:
virtio: update the comments for transport features (2018-06-12 04:59:29 +0300)
----------------------------------------------------------------
virtio, vhost: features, fixes
VF support for virtio.
DMA barriers for virtio strong barriers.
Bugfixes.
Signed-off-by: Michael S. Tsirkin <mst(a)redhat.com>
----------------------------------------------------------------
Michael S. Tsirkin (2):
virtio_ring: switch to dma_XX barriers for rpmsg
vhost: fix info leak due to uninitialized memory
Tiwei Bie (2):
virtio_pci: support enabling VFs
virtio: update the comments for transport features
drivers/vhost/vhost.c | 3 +++
drivers/virtio/virtio_pci_common.c | 30 ++++++++++++++++++++++++++++++
drivers/virtio/virtio_pci_modern.c | 14 ++++++++++++++
include/linux/virtio_ring.h | 4 ++--
include/uapi/linux/virtio_config.h | 16 ++++++++++++----
5 files changed, 61 insertions(+), 6 deletions(-)
The patch titled
Subject: mm: zero remaining unavailable struct pages
has been added to the -mm tree. Its filename is
mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/mm-zero-remaining-unavailable-stru…
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/mm-zero-remaining-unavailable-stru…
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com>
Subject: mm: zero remaining unavailable struct pages
There is a kernel panic that is triggered when reading /proc/kpageflags on
the kernel booted with kernel parameter 'memmap=nn[KMG]!ss[KMG]':
BUG: unable to handle kernel paging request at fffffffffffffffe
PGD 9b20e067 P4D 9b20e067 PUD 9b210067 PMD 0
Oops: 0000 [#1] SMP PTI
CPU: 2 PID: 1728 Comm: page-types Not tainted 4.17.0-rc6-mm1-v4.17-rc6-180605-0816-00236-g2dfb086ef02c+ #160
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.fc28 04/01/2014
RIP: 0010:stable_page_flags+0x27/0x3c0
Code: 00 00 00 0f 1f 44 00 00 48 85 ff 0f 84 a0 03 00 00 41 54 55 49 89 fc 53 48 8b 57 08 48 8b 2f 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 8b 00 f6 c4 01 0f 84 10 03 00 00 31 db 49 8b 54 24 08 4c 89 e7
RSP: 0018:ffffbbd44111fde0 EFLAGS: 00010202
RAX: fffffffffffffffe RBX: 00007fffffffeff9 RCX: 0000000000000000
RDX: 0000000000000001 RSI: 0000000000000202 RDI: ffffed1182fff5c0
RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000001
R10: ffffbbd44111fed8 R11: 0000000000000000 R12: ffffed1182fff5c0
R13: 00000000000bffd7 R14: 0000000002fff5c0 R15: ffffbbd44111ff10
FS: 00007efc4335a500(0000) GS:ffff93a5bfc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: fffffffffffffffe CR3: 00000000b2a58000 CR4: 00000000001406e0
Call Trace:
kpageflags_read+0xc7/0x120
proc_reg_read+0x3c/0x60
__vfs_read+0x36/0x170
vfs_read+0x89/0x130
ksys_pread64+0x71/0x90
do_syscall_64+0x5b/0x160
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7efc42e75e23
Code: 09 00 ba 9f 01 00 00 e8 ab 81 f4 ff 66 2e 0f 1f 84 00 00 00 00 00 90 83 3d 29 0a 2d 00 00 75 13 49 89 ca b8 11 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 db d3 01 00 48 89 04 24
According to kernel bisection, this problem became visible due to commit
f7f99100d8d9 which changes how struct pages are initialized.
Memblock layout affects the pfn ranges covered by node/zone. Consider
that we have a VM with 2 NUMA nodes and each node has 4GB memory, and
the default (no memmap= given) memblock layout is like below:
MEMBLOCK configuration:
memory size = 0x00000001fff75c00 reserved size = 0x000000000300c000
memory.cnt = 0x4
memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0
memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0
memory[0x2] [0x0000000100000000-0x000000013fffffff], 0x0000000040000000 bytes on node 0 flags: 0x0
memory[0x3] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0
...
If you give memmap=1G!4G (so it just covers memory[0x2]),
the range [0x100000000-0x13fffffff] is gone:
MEMBLOCK configuration:
memory size = 0x00000001bff75c00 reserved size = 0x000000000300c000
memory.cnt = 0x3
memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0
memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0
memory[0x2] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0
...
This causes shrinking node 0's pfn range because it is calculated by
the address range of memblock.memory. So some of struct pages in the
gap range are left uninitialized.
We have a function zero_resv_unavail() which does zeroing the struct
pages outside memblock.memory, but currently it covers only the reserved
unavailable range (i.e. memblock.memory && !memblock.reserved).
This patch extends it to cover all unavailable range, which fixes
the reported issue.
Link: http://lkml.kernel.org/r/20180613054107.GA5329@hori1.linux.bs1.fc.nec.co.jp
Fixes: f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap")
Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com>
Tested-by: Oscar Salvador <osalvador(a)suse.de>
Cc: Pavel Tatashin <pasha.tatashin(a)oracle.com>
Cc: Steven Sistare <steven.sistare(a)oracle.com>
Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com>
Cc: "Bob Picco" <bob.picco(a)oracle.com>
Cc: Matthew Wilcox <willy(a)infradead.org>
Cc: Michal Hocko <mhocko(a)kernel.org>
Cc: Huang Ying <ying.huang(a)intel.com>
Cc: Ingo Molnar <mingo(a)kernel.org>
Cc: Dan Williams <dan.j.williams(a)intel.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
diff -puN include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem include/linux/memblock.h
--- a/include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem
+++ a/include/linux/memblock.h
@@ -236,22 +236,6 @@ void __next_mem_pfn_range(int *idx, int
for_each_mem_range_rev(i, &memblock.memory, &memblock.reserved, \
nid, flags, p_start, p_end, p_nid)
-/**
- * for_each_resv_unavail_range - iterate through reserved and unavailable memory
- * @i: u64 used as loop variable
- * @flags: pick from blocks based on memory attributes
- * @p_start: ptr to phys_addr_t for start address of the range, can be %NULL
- * @p_end: ptr to phys_addr_t for end address of the range, can be %NULL
- *
- * Walks over unavailable but reserved (reserved && !memory) areas of memblock.
- * Available as soon as memblock is initialized.
- * Note: because this memory does not belong to any physical node, flags and
- * nid arguments do not make sense and thus not exported as arguments.
- */
-#define for_each_resv_unavail_range(i, p_start, p_end) \
- for_each_mem_range(i, &memblock.reserved, &memblock.memory, \
- NUMA_NO_NODE, MEMBLOCK_NONE, p_start, p_end, NULL)
-
static inline void memblock_set_region_flags(struct memblock_region *r,
unsigned long flags)
{
diff -puN mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem mm/page_alloc.c
--- a/mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem
+++ a/mm/page_alloc.c
@@ -6390,25 +6390,40 @@ void __paginginit free_area_init_node(in
* struct pages which are reserved in memblock allocator and their fields
* may be accessed (for example page_to_pfn() on some configuration accesses
* flags). We must explicitly zero those struct pages.
+ *
+ * This function also addresses a similar issue where struct pages are left
+ * uninitialized because the physical address range is not covered by
+ * memblock.memory or memblock.reserved. That could happen when memblock
+ * layout is manually configured via memmap=.
*/
void __paginginit zero_resv_unavail(void)
{
phys_addr_t start, end;
unsigned long pfn;
u64 i, pgcnt;
+ phys_addr_t next = 0;
/*
- * Loop through ranges that are reserved, but do not have reported
- * physical memory backing.
+ * Loop through unavailable ranges not covered by memblock.memory.
*/
pgcnt = 0;
- for_each_resv_unavail_range(i, &start, &end) {
- for (pfn = PFN_DOWN(start); pfn < PFN_UP(end); pfn++) {
- if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages)))
- continue;
- mm_zero_struct_page(pfn_to_page(pfn));
- pgcnt++;
+ for_each_mem_range(i, &memblock.memory, NULL,
+ NUMA_NO_NODE, MEMBLOCK_NONE, &start, &end, NULL) {
+ if (next < start) {
+ for (pfn = PFN_DOWN(next); pfn < PFN_UP(start); pfn++) {
+ if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages)))
+ continue;
+ mm_zero_struct_page(pfn_to_page(pfn));
+ pgcnt++;
+ }
}
+ next = end;
+ }
+ for (pfn = PFN_DOWN(next); pfn < max_pfn; pfn++) {
+ if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages)))
+ continue;
+ mm_zero_struct_page(pfn_to_page(pfn));
+ pgcnt++;
}
/*
@@ -6419,7 +6434,7 @@ void __paginginit zero_resv_unavail(void
* this code can be removed.
*/
if (pgcnt)
- pr_info("Reserved but unavailable: %lld pages", pgcnt);
+ pr_info("Zeroed struct page in unavailable ranges: %lld pages", pgcnt);
}
#endif /* CONFIG_HAVE_MEMBLOCK */
_
Patches currently in -mm which might be from n-horiguchi(a)ah.jp.nec.com are
mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem.patch
Hello,
Syzkaller has reported a crash here[1] for a slab OOB read in pfkey_add.
Could the following patch be applied to stable kernels for 4.14, 4.4, 3.18, 3.14, 3.10 and 3.8?
4b66af2d("af_key: Always verify length of provided sadb_key")
[1] https://syzkaller.appspot.com/bug?id=26cb120b31cd24d984fc16da67f50fb375c432…
Thanks,
- Zubin
This is the start of the stable review cycle for the 3.18.113 release.
There are 21 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu Jun 14 16:48:15 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.113-r…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 3.18.113-rc1
Eric Dumazet <edumazet(a)google.com>
rtnetlink: validate attributes in do_setlink()
Dan Carpenter <dan.carpenter(a)oracle.com>
team: use netdev_features_t instead of u32
Jack Morgenstein <jackm(a)dev.mellanox.co.il>
net/mlx4: Fix irq-unsafe spinlock usage
Daniele Palmas <dnlplm(a)gmail.com>
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
Eric Dumazet <edumazet(a)google.com>
net/packet: refine check for priv area size
Wenwen Wang <wang6495(a)umn.edu>
isdn: eicon: fix a missing-check bug
Sabrina Dubroca <sd(a)queasysnail.net>
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
Govindarajulu Varadarajan <gvaradar(a)cisco.com>
enic: set DMA mask to 47 bit
Alexey Kodanev <alexey.kodanev(a)oracle.com>
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
Julia Lawall <Julia.Lawall(a)lip6.fr>
bnx2x: use the right constant
Dave Airlie <airlied(a)redhat.com>
drm: set FMODE_UNSIGNED_OFFSET for drm files
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: relax file size limit for regular files
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: introduce sane default mmap limits
Hugh Dickins <hughd(a)google.com>
mm: fix the NULL mapping case in __isolate_lru_page()
Al Viro <viro(a)zeniv.linux.org.uk>
fix io_destroy()/aio_complete() race
Ondrej Zary <linux(a)rainbow-software.org>
drm/i915: Disable LVDS on Radiant P845
Maciej W. Rozycki <macro(a)mips.com>
MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
Eric Dumazet <edumazet(a)google.com>
tcp: avoid integer overflows in tcp_rcv_space_adjust()
Eric Biggers <ebiggers(a)google.com>
cfg80211: further limit wiphy names to 64 bytes
Sachin Grover <sgrover(a)codeaurora.org>
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
Steven Rostedt (VMware) <rostedt(a)goodmis.org>
tracing: Fix crash when freeing instances with event triggers
-------------
Diffstat:
Makefile | 4 +--
arch/mips/kernel/ptrace.c | 2 +-
arch/mips/kernel/ptrace32.c | 2 +-
drivers/gpu/drm/drm_fops.c | 1 +
drivers/gpu/drm/i915/intel_lvds.c | 8 ++++++
drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++------
drivers/isdn/hardware/eicon/diva.h | 5 ++--
drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++------
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +-
drivers/net/ethernet/cisco/enic/enic_main.c | 8 +++---
drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +--
drivers/net/team/team.c | 3 ++-
drivers/net/usb/cdc_mbim.c | 2 +-
fs/aio.c | 3 +--
include/linux/tcp.h | 2 +-
include/uapi/linux/nl80211.h | 2 +-
kernel/trace/trace_events_trigger.c | 5 ++--
mm/mmap.c | 32 ++++++++++++++++++++++++
mm/vmscan.c | 2 +-
net/core/rtnetlink.c | 8 +++---
net/dccp/proto.c | 2 --
net/ipv4/tcp_input.c | 10 +++++---
net/ipv6/ip6mr.c | 3 ++-
net/packet/af_packet.c | 2 +-
security/selinux/ss/services.c | 2 +-
25 files changed, 105 insertions(+), 49 deletions(-)
Hello stable kernel maintainers,
Please backport patch 327ea4adcfa3 ("blkdev_report_zones_ioctl():
Use vmalloc() to allocate large buffers") to at least the v4.17.x and
v4.14.y stable kernel series. That patch fixes a bug introduced in
kernel v4.10. The entire patch is shown below.
Thanks,
Bart.
commit cf0110698846fc5a93df89eb20ac7cc70a860c17
Author: Bart Van Assche <bart.vanassche(a)wdc.com>
Date: Tue May 22 08:27:22 2018 -0700
blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
Avoid that complaints similar to the following appear in the kernel log
if the number of zones is sufficiently large:
fio: page allocation failure: order:9, mode:0x140c0c0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null)
Call Trace:
dump_stack+0x63/0x88
warn_alloc+0xf5/0x190
__alloc_pages_slowpath+0x8f0/0xb0d
__alloc_pages_nodemask+0x242/0x260
alloc_pages_current+0x6a/0xb0
kmalloc_order+0x18/0x50
kmalloc_order_trace+0x26/0xb0
__kmalloc+0x20e/0x220
blkdev_report_zones_ioctl+0xa5/0x1a0
blkdev_ioctl+0x1ba/0x930
block_ioctl+0x41/0x50
do_vfs_ioctl+0xaa/0x610
SyS_ioctl+0x79/0x90
do_syscall_64+0x79/0x1b0
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls")
Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com>
Cc: Shaun Tancheff <shaun.tancheff(a)seagate.com>
Cc: Damien Le Moal <damien.lemoal(a)hgst.com>
Cc: Christoph Hellwig <hch(a)lst.de>
Cc: Martin K. Petersen <martin.petersen(a)oracle.com>
Cc: Hannes Reinecke <hare(a)suse.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Jens Axboe <axboe(a)kernel.dk>
diff --git a/block/blk-zoned.c b/block/blk-zoned.c
index 08e84ef2bc05..3d08dc84db16 100644
--- a/block/blk-zoned.c
+++ b/block/blk-zoned.c
@@ -328,7 +328,11 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode,
if (!rep.nr_zones)
return -EINVAL;
- zones = kcalloc(rep.nr_zones, sizeof(struct blk_zone), GFP_KERNEL);
+ if (rep.nr_zones > INT_MAX / sizeof(struct blk_zone))
+ return -ERANGE;
+
+ zones = kvmalloc(rep.nr_zones * sizeof(struct blk_zone),
+ GFP_KERNEL | __GFP_ZERO);
if (!zones)
return -ENOMEM;
@@ -350,7 +354,7 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode,
}
out:
- kfree(zones);
+ kvfree(zones);
return ret;
}
Hi,
On the latest 4.9 stable active-passive bonding does not always
failover to the passive slave when carrier is lost on the active
slave. It seems that the issue stems from the backport of
c4adfc822bf5d8e97660b6114b5a8892530ce8cb, bonding: make speed, duplex
setting consistent with link state. There were subsequent patches
which resolved issues with the change to bond_update_speed_duplex
which were not backported. The three commits which seem to resolve the
issue are b5bf0f5b16b9c316c34df9f31d4be8729eb86845,
3f3c278c94dd994fe0d9f21679ae19b9c0a55292 and
ad729bc9acfb7c47112964b4877ef5404578ed13. There are other commits in
mainline which also revolve around
c4adfc822bf5d8e97660b6114b5a8892530ce8cb but are not necessary to
resolving the active-passive failover problems.
Would it be possible to queue up the three commits for backporting to
4.9 stable:
b5bf0f5b16b9c316c34df9f31d4be8729eb86845 bonding: correctly update
link status during mii-commit
3f3c278c94dd994fe0d9f21679ae19b9c0a55292 bonding: fix active-backup transition
ad729bc9acfb7c47112964b4877ef5404578ed13 bonding: require speed/duplex
only for 802.3ad, alb and tlb
All of those commits apply cleanly to 4.9.107.
Thanks,
-nate
This is the start of the stable review cycle for the 4.9.108 release.
There are 31 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu Jun 14 16:46:09 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.108-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.9.108-rc1
Philip Müller <philm(a)manjaro.org>
complete e390f9a port for v4.9.106
Josh Poimboeuf <jpoimboe(a)redhat.com>
objtool: Fix gcov check for older versions of GCC
Arnd Bergmann <arnd(a)arndb.de>
dm bufio: avoid false-positive Wmaybe-uninitialized warning
Ben Hutchings <ben(a)decadent.org.uk>
KVM: VMX: Expose SSBD properly to guests, 4.9 supplement
Eric Dumazet <edumazet(a)google.com>
net: metrics: add proper netlink validation
Florian Fainelli <f.fainelli(a)gmail.com>
net: phy: broadcom: Fix bcm_write_exp()
Eric Dumazet <edumazet(a)google.com>
rtnetlink: validate attributes in do_setlink()
Jack Morgenstein <jackm(a)dev.mellanox.co.il>
net/mlx4: Fix irq-unsafe spinlock usage
Stephen Suryaputra <ssuryaextr(a)gmail.com>
vrf: check the original netdevice for generating redirect
Jason Wang <jasowang(a)redhat.com>
vhost: synchronize IOTLB message with dev cleanup
Dan Carpenter <dan.carpenter(a)oracle.com>
team: use netdev_features_t instead of u32
Xin Long <lucien.xin(a)gmail.com>
sctp: not allow transport timeout value less than HZ/5 for hb_timer
Shahed Shaikh <shahed.shaikh(a)cavium.com>
qed: Fix mask for physical address in ILT entry
Willem de Bruijn <willemb(a)google.com>
packet: fix reserve calculation
Daniele Palmas <dnlplm(a)gmail.com>
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
Eric Dumazet <edumazet(a)google.com>
net/packet: refine check for priv area size
Cong Wang <xiyou.wangcong(a)gmail.com>
netdev-FAQ: clarify DaveM's position for stable backports
Kirill Tkhai <ktkhai(a)virtuozzo.com>
kcm: Fix use-after-free caused by clonned sockets
Wenwen Wang <wang6495(a)umn.edu>
isdn: eicon: fix a missing-check bug
Willem de Bruijn <willemb(a)google.com>
ipv4: remove warning in ip_recv_error
Sabrina Dubroca <sd(a)queasysnail.net>
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
Govindarajulu Varadarajan <gvaradar(a)cisco.com>
enic: set DMA mask to 47 bit
Alexey Kodanev <alexey.kodanev(a)oracle.com>
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
Julia Lawall <Julia.Lawall(a)lip6.fr>
bnx2x: use the right constant
Dave Airlie <airlied(a)redhat.com>
drm: set FMODE_UNSIGNED_OFFSET for drm files
Nathan Chancellor <natechancellor(a)gmail.com>
kconfig: Avoid format overflow warning from GCC 8.1
Anand Jain <Anand.Jain(a)oracle.com>
btrfs: define SUPER_FLAG_METADUMP_V2
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: relax file size limit for regular files
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: introduce sane default mmap limits
Chris Chiu <chiu(a)endlessm.com>
tpm: self test failure should not cause suspend to fail
Enric Balletbo i Serra <enric.balletbo(a)collabora.com>
tpm: do not suspend/resume if power stays on
-------------
Diffstat:
Documentation/networking/netdev-FAQ.txt | 9 +++++++
Makefile | 4 +--
arch/x86/kernel/vmlinux.lds.S | 2 --
arch/x86/kvm/cpuid.h | 2 +-
drivers/char/tpm/tpm-chip.c | 13 ++++++++++
drivers/char/tpm/tpm-interface.c | 7 ++++++
drivers/char/tpm/tpm.h | 1 +
drivers/gpu/drm/drm_fops.c | 1 +
drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++------
drivers/isdn/hardware/eicon/diva.h | 5 ++--
drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++------
drivers/md/dm-bufio.c | 17 ++++++-------
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +-
drivers/net/ethernet/cisco/enic/enic_main.c | 8 +++---
drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +--
drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +-
drivers/net/phy/bcm-cygnus.c | 6 ++---
drivers/net/phy/bcm-phy-lib.h | 7 ++++++
drivers/net/phy/bcm7xxx.c | 4 +--
drivers/net/team/team.c | 3 ++-
drivers/net/usb/cdc_mbim.c | 2 +-
drivers/vhost/vhost.c | 3 +++
fs/btrfs/disk-io.c | 3 ++-
include/linux/compiler-gcc.h | 2 +-
include/uapi/linux/btrfs_tree.h | 1 +
mm/mmap.c | 32 ++++++++++++++++++++++++
net/core/rtnetlink.c | 8 +++---
net/dccp/proto.c | 2 --
net/ipv4/fib_semantics.c | 2 ++
net/ipv4/ip_sockglue.c | 2 --
net/ipv6/ip6_output.c | 3 ++-
net/ipv6/ip6mr.c | 3 ++-
net/ipv6/ndisc.c | 6 +++++
net/kcm/kcmsock.c | 2 +-
net/packet/af_packet.c | 4 +--
net/sctp/transport.c | 2 +-
scripts/Makefile.build | 3 +++
scripts/kconfig/confdata.c | 2 +-
38 files changed, 156 insertions(+), 63 deletions(-)
Currently, when all modules, including VMCI and VMware balloon are built
into the kernel, the initialization of the balloon happens before the
VMCI is probed. As a result, the balloon fails to initialize the VMCI
doorbell, which it uses to get asynchronous requests for balloon size
changes.
The problem can be seen in the logs, in the form of the following
message:
"vmw_balloon: failed to initialize vmci doorbell"
The driver would work correctly but slightly less efficiently, probing
for requests periodically. This patch changes the balloon to be
initialized using late_initcall() instead of module_init() to address
this issue. It does not address a situation in which VMCI is built as a
module and the balloon is built into the kernel.
Fixes: 48e3d668b790 ("VMware balloon: Enable notification via VMCI")
Cc: stable(a)vger.kernel.org
Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com>
Signed-off-by: Nadav Amit <namit(a)vmware.com>
---
drivers/misc/vmw_balloon.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c
index a7df4c24a28d..e7cfc85f6961 100644
--- a/drivers/misc/vmw_balloon.c
+++ b/drivers/misc/vmw_balloon.c
@@ -1297,7 +1297,14 @@ static int __init vmballoon_init(void)
return 0;
}
-module_init(vmballoon_init);
+
+/*
+ * Using late_initcall() instead of module_init() allows the balloon to use the
+ * VMCI doorbell even when the balloon is built into the kernel. Otherwise the
+ * VMCI is probed only after the balloon is initialized. If the balloon is used
+ * as a module, late_initcall() is equivalent to module_init().
+ */
+late_initcall(vmballoon_init);
static void __exit vmballoon_exit(void)
{
--
2.17.0
If the hypervisor sets 2MB batching is on, while batching is cleared,
the balloon code breaks. In this case the legacy mechanism is used with
2MB page. The VM would report a 2MB page is ballooned, and the
hypervisor would only take the first 4KB.
While the hypervisor should not report such settings, make the code more
robust by not enabling 2MB support without batching.
Fixes: 365bd7ef7ec8e ("VMware balloon: Support 2m page ballooning.")
Cc: stable(a)vger.kernel.org
Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com>
Signed-off-by: Nadav Amit <nadav.amit(a)gmail.com>
---
drivers/misc/vmw_balloon.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c
index 28e77ab1e136..60ab83d3d0ef 100644
--- a/drivers/misc/vmw_balloon.c
+++ b/drivers/misc/vmw_balloon.c
@@ -341,7 +341,13 @@ static bool vmballoon_send_start(struct vmballoon *b, unsigned long req_caps)
success = false;
}
- if (b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS)
+ /*
+ * 2MB pages are only supported with batching. If batching is for some
+ * reason disabled, do not use 2MB pages, since otherwise the legacy
+ * mechanism is used with 2MB pages, causing a failure.
+ */
+ if ((b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) &&
+ (b->capabilities & VMW_BALLOON_BATCHED_CMDS))
b->supported_page_sizes = 2;
else
b->supported_page_sizes = 1;
--
2.17.0
The HID descriptor for the 2nd-gen Intuos Pro large (PTH-860) contains
a typo which defines an incorrect logical maximum Y value. This causes
a small portion of the bottom of the tablet to become unusable (both
because the area is below the "bottom" of the tablet and because
'wacom_wac_event' ignores out-of-range values). It also results in a
skewed aspect ratio.
To fix this, we add a quirk to 'wacom_usage_mapping' which overwrites
the data with the correct value.
Signed-off-by: Jason Gerecke <jason.gerecke(a)wacom.com>
CC: stable(a)vger.kernel.org # v4.10+
---
drivers/hid/wacom_sys.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/drivers/hid/wacom_sys.c b/drivers/hid/wacom_sys.c
index ee7a37eb159a..545986cfb978 100644
--- a/drivers/hid/wacom_sys.c
+++ b/drivers/hid/wacom_sys.c
@@ -395,6 +395,14 @@ static void wacom_usage_mapping(struct hid_device *hdev,
}
}
+ /* 2nd-generation Intuos Pro Large has incorrect Y maximum */
+ if (hdev->vendor == USB_VENDOR_ID_WACOM &&
+ hdev->product == 0x0358 &&
+ WACOM_PEN_FIELD(field) &&
+ wacom_equivalent_usage(usage->hid) == HID_GD_Y) {
+ field->logical_maximum = 43200;
+ }
+
switch (usage->hid) {
case HID_GD_X:
features->x_max = field->logical_maximum;
--
2.17.1
Current ISH driver only registers suspend/resume PM callbacks which don't
support hibernation (suspend to disk). Basically after hiberation, the ISH
can't resume properly and user may not see sensor events
(for example: screen rotation may not work).
User will not see a crash or panic or anything except the following message
in log:
hid-sensor-hub 001F:8086:22D8.0001: timeout waiting for response from ISHTP device
So this patch adds support for S4/hiberbation to ISH by using the
SIMPLE_DEV_PM_OPS() MACRO instead of struct dev_pm_ops directly. The suspend
and resume functions will now be used for both suspend to RAM and hibernation.
If power management is disabled, SIMPLE_DEV_PM_OPS will do nothing, the suspend
and resume related functions won't be used, so mark them as __maybe_unused to
clarify that this is the intended behavior, and remove #ifdefs for power
management.
Cc: stable(a)vger.kernel.org
Signed-off-by: Even Xu <even.xu(a)intel.com>
Acked-by: Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com>
---
drivers/hid/intel-ish-hid/ipc/pci-ish.c | 22 +++++++---------------
1 file changed, 7 insertions(+), 15 deletions(-)
diff --git a/drivers/hid/intel-ish-hid/ipc/pci-ish.c b/drivers/hid/intel-ish-hid/ipc/pci-ish.c
index 582e449..a2c53ea 100644
--- a/drivers/hid/intel-ish-hid/ipc/pci-ish.c
+++ b/drivers/hid/intel-ish-hid/ipc/pci-ish.c
@@ -205,8 +205,7 @@ static void ish_remove(struct pci_dev *pdev)
kfree(ishtp_dev);
}
-#ifdef CONFIG_PM
-static struct device *ish_resume_device;
+static struct device __maybe_unused *ish_resume_device;
/* 50ms to get resume response */
#define WAIT_FOR_RESUME_ACK_MS 50
@@ -220,7 +219,7 @@ static struct device *ish_resume_device;
* in that case a simple resume message is enough, others we need
* a reset sequence.
*/
-static void ish_resume_handler(struct work_struct *work)
+static void __maybe_unused ish_resume_handler(struct work_struct *work)
{
struct pci_dev *pdev = to_pci_dev(ish_resume_device);
struct ishtp_device *dev = pci_get_drvdata(pdev);
@@ -262,7 +261,7 @@ static void ish_resume_handler(struct work_struct *work)
*
* Return: 0 to the pm core
*/
-static int ish_suspend(struct device *device)
+static int __maybe_unused ish_suspend(struct device *device)
{
struct pci_dev *pdev = to_pci_dev(device);
struct ishtp_device *dev = pci_get_drvdata(pdev);
@@ -288,7 +287,7 @@ static int ish_suspend(struct device *device)
return 0;
}
-static DECLARE_WORK(resume_work, ish_resume_handler);
+static __maybe_unused DECLARE_WORK(resume_work, ish_resume_handler);
/**
* ish_resume() - ISH resume callback
* @device: device pointer
@@ -297,7 +296,7 @@ static DECLARE_WORK(resume_work, ish_resume_handler);
*
* Return: 0 to the pm core
*/
-static int ish_resume(struct device *device)
+static int __maybe_unused ish_resume(struct device *device)
{
struct pci_dev *pdev = to_pci_dev(device);
struct ishtp_device *dev = pci_get_drvdata(pdev);
@@ -311,21 +310,14 @@ static int ish_resume(struct device *device)
return 0;
}
-static const struct dev_pm_ops ish_pm_ops = {
- .suspend = ish_suspend,
- .resume = ish_resume,
-};
-#define ISHTP_ISH_PM_OPS (&ish_pm_ops)
-#else
-#define ISHTP_ISH_PM_OPS NULL
-#endif /* CONFIG_PM */
+static SIMPLE_DEV_PM_OPS(ish_pm_ops, ish_suspend, ish_resume);
static struct pci_driver ish_driver = {
.name = KBUILD_MODNAME,
.id_table = ish_pci_tbl,
.probe = ish_probe,
.remove = ish_remove,
- .driver.pm = ISHTP_ISH_PM_OPS,
+ .driver.pm = &ish_pm_ops,
};
module_pci_driver(ish_driver);
--
2.7.4
From: Fabio Estevam <fabio.estevam(a)nxp.com>
Commit b89405b6102f ("pinctrl: devicetree: Fix dt_to_map_one_config
handling of hogs") causes the pinctrl hog pins to not get initialized
on i.MX platforms leaving them with the IOMUX settings untouched.
This causes several regressions on i.MX such as:
- OV5640 camera driver can not be probed anymore on imx6qdl-sabresd
because the camera clock pin is in a pinctrl_hog group and since
its pinctrl initialization is skipped, the camera clock is kept
in GPIO functionality instead of CLK_CKO function.
- Audio stopped working on imx6qdl-wandboard and imx53-qsb for
the same reason.
Richard Fitzgerald explains the problem:
"I see the bug. If the hog node isn't a 1st level child of the pinctrl
parent node it will go around the for(;;) loop again but on the first
pass I overwrite pctldev with the result of
get_pinctrl_dev_from_of_node() so it doesn't point to the pinctrl driver
any more."
Fix the issue by stashing the original pctldev so it doesn't
get overwritten.
Fixes: b89405b6102f ("pinctrl: devicetree: Fix dt_to_map_one_config handling of hogs")
Cc: <stable(a)vger.kernel.org>
Reported-by: Mika Penttilä <mika.penttila(a)nextfour.com>
Reported-by: Steve Longerbeam <slongerbeam(a)gmail.com>
Suggested-by: Richard Fitzgerald <rf(a)opensource.cirrus.com>
Signed-off-by: Fabio Estevam <fabio.estevam(a)nxp.com>
---
drivers/pinctrl/devicetree.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/pinctrl/devicetree.c b/drivers/pinctrl/devicetree.c
index b601039..c4aa411 100644
--- a/drivers/pinctrl/devicetree.c
+++ b/drivers/pinctrl/devicetree.c
@@ -101,10 +101,11 @@ struct pinctrl_dev *of_pinctrl_get(struct device_node *np)
}
static int dt_to_map_one_config(struct pinctrl *p,
- struct pinctrl_dev *pctldev,
+ struct pinctrl_dev *hog_pctldev,
const char *statename,
struct device_node *np_config)
{
+ struct pinctrl_dev *pctldev = NULL;
struct device_node *np_pctldev;
const struct pinctrl_ops *ops;
int ret;
@@ -123,8 +124,10 @@ static int dt_to_map_one_config(struct pinctrl *p,
return -EPROBE_DEFER;
}
/* If we're creating a hog we can use the passed pctldev */
- if (pctldev && (np_pctldev == p->dev->of_node))
+ if (hog_pctldev && (np_pctldev == p->dev->of_node)) {
+ pctldev = hog_pctldev;
break;
+ }
pctldev = get_pinctrl_dev_from_of_node(np_pctldev);
if (pctldev)
break;
--
2.7.4
We are copying our last cipher block into the request for use as IV as
required by the Crypto API but we failed to handle correctly the case the
buffer we are working on is smaller than a block. Fix it by calculating
how much we need to copy based on buffer size.
CC: stable(a)vger.kernel.org
Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support")
Reported by: Hadar Gat <hadar.gat(a)arm.com>
Signed-off-by: Gilad Ben-Yossef <gilad(a)benyossef.com>
---
drivers/crypto/ccree/cc_cipher.c | 30 ++++++++++++++++++++++++------
1 file changed, 24 insertions(+), 6 deletions(-)
diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c
index d2810c1..a07547f 100644
--- a/drivers/crypto/ccree/cc_cipher.c
+++ b/drivers/crypto/ccree/cc_cipher.c
@@ -616,9 +616,18 @@ static void cc_cipher_complete(struct device *dev, void *cc_req, int err)
memcpy(req->iv, req_ctx->backup_info, ivsize);
kzfree(req_ctx->backup_info);
} else if (!err) {
- scatterwalk_map_and_copy(req->iv, req->dst,
- (req->cryptlen - ivsize),
- ivsize, 0);
+ unsigned int len;
+
+ if (req->cryptlen > ivsize) {
+ len = req->cryptlen - ivsize;
+ } else {
+ memset(req->iv, 0, ivsize);
+ len = 0;
+ ivsize = req->cryptlen;
+
+ }
+
+ scatterwalk_map_and_copy(req->iv, req->dst, len, ivsize, 0);
}
skcipher_request_complete(req, err);
@@ -755,17 +764,26 @@ static int cc_cipher_decrypt(struct skcipher_request *req)
struct cipher_req_ctx *req_ctx = skcipher_request_ctx(req);
unsigned int ivsize = crypto_skcipher_ivsize(sk_tfm);
gfp_t flags = cc_gfp_flags(&req->base);
+ unsigned int len;
/*
* Allocate and save the last IV sized bytes of the source, which will
* be lost in case of in-place decryption and might be needed for CTS.
*/
- req_ctx->backup_info = kmalloc(ivsize, flags);
+ req_ctx->backup_info = kzalloc(ivsize, flags);
if (!req_ctx->backup_info)
return -ENOMEM;
- scatterwalk_map_and_copy(req_ctx->backup_info, req->src,
- (req->cryptlen - ivsize), ivsize, 0);
+
+ if (req->cryptlen > ivsize) {
+ len = req->cryptlen - ivsize;
+ } else {
+ len = 0;
+ ivsize = req->cryptlen;
+ }
+
+ scatterwalk_map_and_copy(req_ctx->backup_info, req->src, len, ivsize,
+ 0);
req_ctx->is_giv = false;
return cc_cipher_process(req, DRV_CRYPTO_DIRECTION_DECRYPT);
--
2.7.4
From: Arnd Bergmann <arnd(a)arndb.de>
commit 590347e4000356f55eb10b03ced2686bd74dab40 upstream.
gcc-6.3 and earlier show a new warning after a seemingly unrelated
change to the arm64 PAGE_KERNEL definition:
In file included from drivers/md/dm-bufio.c:14:0:
drivers/md/dm-bufio.c: In function 'alloc_buffer':
include/linux/sched/mm.h:182:56: warning: 'noio_flag' may be used uninitialized in this function [-Wmaybe-uninitialized]
current->flags = (current->flags & ~PF_MEMALLOC_NOIO) | flags;
^
The same warning happened earlier on linux-3.18 for MIPS and I did a
workaround for that, but now it's come back.
gcc-7 and newer are apparently smart enough to figure this out, and
other architectures don't show it, so the best I could come up with is
to rework the caller slightly in a way that makes it obvious enough to
all arm64 compilers what is happening here.
Fixes: 41acec624087 ("arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()")
Link: https://patchwork.kernel.org/patch/9692829/
Cc: stable(a)vger.kernel.org
Signed-off-by: Arnd Bergmann <arnd(a)arndb.de>
[snitzer: moved declarations inside conditional, altered vmalloc return]
Signed-off-by: Mike Snitzer <snitzer(a)redhat.com>
[nc: Backport to 4.9, adjust context for lack of 19809c2da28a]
Signed-off-by: Nathan Chancellor <natechancellor(a)gmail.com>
---
Hi Greg,
Resending this with a proper prefix and message, in case the other one
fell through the cracks. I came across this warning when building with
Google's stock GCC 4.9 toolchain on the OnePlus 6. Context was adjusted
around lack of commit 19809c2da28a ("mm, vmalloc: use __GFP_HIGHMEM
implicitly") in 4.9. Please apply when you get a chance.
Thanks!
Nathan
drivers/md/dm-bufio.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/drivers/md/dm-bufio.c b/drivers/md/dm-bufio.c
index 3ec647e8b9c6..35fd57fdeba9 100644
--- a/drivers/md/dm-bufio.c
+++ b/drivers/md/dm-bufio.c
@@ -373,9 +373,6 @@ static void __cache_size_refresh(void)
static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask,
enum data_mode *data_mode)
{
- unsigned noio_flag;
- void *ptr;
-
if (c->block_size <= DM_BUFIO_BLOCK_SIZE_SLAB_LIMIT) {
*data_mode = DATA_MODE_SLAB;
return kmem_cache_alloc(DM_BUFIO_CACHE(c), gfp_mask);
@@ -399,16 +396,16 @@ static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask,
* all allocations done by this process (including pagetables) are done
* as if GFP_NOIO was specified.
*/
+ if (gfp_mask & __GFP_NORETRY) {
+ unsigned noio_flag = memalloc_noio_save();
+ void *ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM,
+ PAGE_KERNEL);
- if (gfp_mask & __GFP_NORETRY)
- noio_flag = memalloc_noio_save();
-
- ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL);
-
- if (gfp_mask & __GFP_NORETRY)
memalloc_noio_restore(noio_flag);
+ return ptr;
+ }
- return ptr;
+ return __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL);
}
/*
--
2.17.1
objtool ports introduced in v4.9.106 were not totally complete. Therefore
they resulted in issues like:
module: overflow in relocation type 10 val XXXXXXXXXXX
‘usbcore’ likely not compiled with -mcmodel=kernel
module: overflow in relocation type 10 val XXXXXXXXXXX
‘scsi_mod’ likely not compiled with -mcmodel=kernel
Missing part was the complete backport of commit e390f9a.
Original notes by Josh Poimboeuf:
The '__unreachable' and '__func_stack_frame_non_standard' sections are
only used at compile time. They're discarded for vmlinux but they
should also be discarded for modules.
Since this is a recurring pattern, prefix the section names with
".discard.". It's a nice convention and vmlinux.lds.h already discards
such sections.
Also remove the 'a' (allocatable) flag from the __unreachable section
since it doesn't make sense for a discarded section.
Signed-off-by: Philip Müller <philm(a)manjaro.org>
Fixes: d1091c7fa3d5 ("objtool: Improve detection of BUG() and other dead
ends")
Link: https://gitlab.manjaro.org/packages/core/linux49/issues/2
While a barrier is present in the outX() functions before the register
write, a similar barrier is missing in the inX() functions after the
register read. This could allow memory accesses following inX() to
observe stale data.
This patch is very similar to commit a1cc7034e33d12dc1 ("MIPS: io: Add
barrier after register read in readX()"). Because war_io_reorder_wmb()
is both used by writeX() and outX(), if readX() need a barrier then so
does inX().
Cc: stable(a)vger.kernel.org
Signed-off-by: Huacai Chen <chenhc(a)lemote.com>
---
arch/mips/include/asm/io.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/mips/include/asm/io.h b/arch/mips/include/asm/io.h
index a7d0b83..cea8ad8 100644
--- a/arch/mips/include/asm/io.h
+++ b/arch/mips/include/asm/io.h
@@ -414,6 +414,8 @@ static inline type pfx##in##bwlq##p(unsigned long port) \
__val = *__addr; \
slow; \
\
+ /* prevent prefetching of coherent DMA data prematurely */ \
+ rmb(); \
return pfx##ioswab##bwlq(__addr, __val); \
}
--
2.7.0
Ale <mystic(a)tin.it> wrote:
[ cc stable, could you please queue below fix? ]
> When I try to use CT HELPER for the ipv6, nft it dies and I have to
> restart the pc. But it works well for ip and inet.
>
> nft add ct helper ip6 filter ftp-std { type \"ftp\" protocol tcp\; }
> nft add rule ip6 filter WAN-IN iifname $IF_WAN_1 tcp sport $UP_PORTS
> tcp dport $UP_PORTS ct helper set \"ftp-std\" counter accept
>
> Kernel: RIP: strlen+0x0/0x20 RSP: ffffae1b4c67f980
> kernel: Code: f8 48 89 f9 74 09 48 83 c1 01 80 39 00 75 f7 31 d2 44 0f
> b6 04 16 44 88 04 11 48 83 c2 01 45 84 c0 75 ee c3 0f 1f 80 00 00 00 00
> <80> 3f 00 74 10 48 89 f8 48 >
This is most likely fixed in 4.17 by
commit b71534583f22d08c3e3563bf5100aeb5f5c9fbe5
netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump
The bug was added in Linux 4.12.
I'm announcing the release of the 4.17.1 kernel.
All users of the 4.17 kernel series must upgrade.
The updated 4.17.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y
and can be browsed at the normal kernel.org git web browser:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Documentation/networking/netdev-FAQ.txt | 9 ++++
Makefile | 2 -
drivers/net/dsa/b53/b53_common.c | 15 +++++++
drivers/net/dsa/b53/b53_priv.h | 2 +
drivers/net/dsa/b53/b53_srab.c | 4 +-
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 -
drivers/net/team/team.c | 3 +
drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++------
include/linux/mroute_base.h | 10 -----
include/net/ipv6.h | 5 ++
net/core/flow_dissector.c | 2 -
net/core/rtnetlink.c | 8 ++--
net/ipv4/fib_semantics.c | 4 ++
net/ipv4/ipmr_base.c | 8 ++--
net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +-
net/ipv6/ip6_output.c | 3 +
net/ipv6/ip6mr.c | 21 +++++++---
net/ipv6/ndisc.c | 6 +++
net/ipv6/netfilter/nf_flow_table_ipv6.c | 1
net/ipv6/route.c | 4 +-
net/l2tp/l2tp_ppp.c | 35 ++++++++---------
net/packet/af_packet.c | 2 -
net/sctp/transport.c | 2 -
23 files changed, 131 insertions(+), 68 deletions(-)
Arun Parameswaran (1):
net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
Cong Wang (1):
netdev-FAQ: clarify DaveM's position for stable backports
Dan Carpenter (1):
team: use netdev_features_t instead of u32
Dexuan Cui (1):
PCI: hv: Do not wait forever on a device that has disappeared
Eric Dumazet (3):
net: metrics: add proper netlink validation
net/packet: refine check for priv area size
rtnetlink: validate attributes in do_setlink()
Greg Kroah-Hartman (1):
Linux 4.17.1
Guillaume Nault (1):
l2tp: fix refcount leakage on PPPoL2TP sockets
Jason A. Donenfeld (1):
netfilter: nf_flow_table: attach dst to skbs
Julia Lawall (1):
bnx2x: use the right constant
Michal Kubecek (1):
ipv6: omit traffic class when calculating flow hash
Sabrina Dubroca (2):
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
ipmr: fix error path when ipmr_new_table fails
Stephen Suryaputra (1):
vrf: check the original netdevice for generating redirect
Xin Long (1):
sctp: not allow transport timeout value less than HZ/5 for hb_timer
Fix an additional misuse of X86_FEATURE_SSBD in
guest_cpuid_has_spec_ctrl(). This function was introduced in the
backport of SSBD support to 4.9 and is not present upstream, so it was
not fixed by commit 43462d908821 "KVM: VMX: Expose SSBD properly to
guests."
Fixes: 52817587e706 ("x86/cpufeatures: Disentangle SSBD enumeration")
Signed-off-by: Ben Hutchings <ben(a)decadent.org.uk>
Cc: Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com>
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: David Woodhouse <dwmw(a)amazon.co.uk>
Cc: kvm(a)vger.kernel.org
---
arch/x86/kvm/cpuid.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h
index c38369781239..8a841b9d8f84 100644
--- a/arch/x86/kvm/cpuid.h
+++ b/arch/x86/kvm/cpuid.h
@@ -179,7 +179,7 @@ static inline bool guest_cpuid_has_spec_ctrl(struct kvm_vcpu *vcpu)
if (best && (best->ebx & bit(X86_FEATURE_AMD_IBRS)))
return true;
best = kvm_find_cpuid_entry(vcpu, 7, 0);
- return best && (best->edx & (bit(X86_FEATURE_SPEC_CTRL) | bit(X86_FEATURE_SSBD)));
+ return best && (best->edx & (bit(X86_FEATURE_SPEC_CTRL) | bit(X86_FEATURE_SPEC_CTRL_SSBD)));
}
static inline bool guest_cpuid_has_arch_capabilities(struct kvm_vcpu *vcpu)
From: Stefan Wahren <stefan.wahren(a)i2se.com>
commit 9b9322db5c5a1917a66c71fe47c3848a9a31227e upstream.
The commit "regulatory: add NUL to request alpha2" increases the length of
alpha2 to 3. This causes a regression on brcmfmac, because
brcmf_cfg80211_reg_notifier() expect valid ISO3166 codes in the complete
array. So fix this accordingly.
Fixes: 657308f73e67 ("regulatory: add NUL to request alpha2")
Signed-off-by: Stefan Wahren <stefan.wahren(a)i2se.com>
Acked-by: Franky Lin <franky.lin(a)broadcom.com>
Signed-off-by: Kalle Valo <kvalo(a)codeaurora.org>
[bwh: Backported to 4.4: adjust filename]
Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk>
---
drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c
index 83e5aa6a9f28..ad35e760ed3f 100644
--- a/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c
+++ b/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c
@@ -6167,7 +6167,7 @@ static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy,
req->alpha2[0], req->alpha2[1]);
/* ignore non-ISO3166 country codes */
- for (i = 0; i < sizeof(req->alpha2); i++)
+ for (i = 0; i < 2; i++)
if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') {
brcmf_err("not a ISO3166 code\n");
return;
--
Ben Hutchings, Software Developer Codethink Ltd
https://www.codethink.co.uk/ Dale House, 35 Dale Street
Manchester, M1 2HF, United Kingdom
Changes since v9 [1] and v10 [2]
* Resend the full series with the reworked "mm: introduce
MEMORY_DEVICE_FS_DAX and CONFIG_DEV_PAGEMAP_OPS" (Christoph)
* Move generic_dax_pagefree() into the pmem driver (Christoph)
* Cleanup __bdev_dax_supported() (Christoph)
* Cleanup some stale SRCU bits leftover from other iterations (Jan)
* Cleanup xfs_break_layouts() (Jan)
[1]: https://lists.01.org/pipermail/linux-nvdimm/2018-April/015457.html
[2]: https://lists.01.org/pipermail/linux-nvdimm/2018-May/015885.html
---
Background:
get_user_pages() in the filesystem pins file backed memory pages for
access by devices performing dma. However, it only pins the memory pages
not the page-to-file offset association. If a file is truncated the
pages are mapped out of the file and dma may continue indefinitely into
a page that is owned by a device driver. This breaks coherency of the
file vs dma, but the assumption is that if userspace wants the
file-space truncated it does not matter what data is inbound from the
device, it is not relevant anymore. The only expectation is that dma can
safely continue while the filesystem reallocates the block(s).
Problem:
This expectation that dma can safely continue while the filesystem
changes the block map is broken by dax. With dax the target dma page
*is* the filesystem block. The model of leaving the page pinned for dma,
but truncating the file block out of the file, means that the filesytem
is free to reallocate a block under active dma to another file and now
the expected data-incoherency situation has turned into active
data-corruption.
Solution:
Defer all filesystem operations (fallocate(), truncate()) on a dax mode
file while any page/block in the file is under active dma. This solution
assumes that dma is transient. Cases where dma operations are known to
not be transient, like RDMA, have been explicitly disabled via
commits like 5f1d43de5416 "IB/core: disable memory registration of
filesystem-dax vmas".
The dax_layout_busy_page() routine is called by filesystems with a lock
held against mm faults (i_mmap_lock) to find pinned / busy dax pages.
The process of looking up a busy page invalidates all mappings
to trigger any subsequent get_user_pages() to block on i_mmap_lock.
The filesystem continues to call dax_layout_busy_page() until it finally
returns no more active pages. This approach assumes that the page
pinning is transient, if that assumption is violated the system would
have likely hung from the uncompleted I/O.
---
Dan Williams (7):
memremap: split devm_memremap_pages() and memremap() infrastructure
mm: introduce MEMORY_DEVICE_FS_DAX and CONFIG_DEV_PAGEMAP_OPS
mm: fix __gup_device_huge vs unmap
mm, fs, dax: handle layout changes to pinned dax mappings
xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL
xfs: prepare xfs_break_layouts() for another layout type
xfs, dax: introduce xfs_break_dax_layouts()
drivers/dax/super.c | 14 ++-
drivers/nvdimm/pfn_devs.c | 2
drivers/nvdimm/pmem.c | 25 +++++
fs/Kconfig | 1
fs/dax.c | 97 +++++++++++++++++++++
fs/xfs/xfs_file.c | 72 ++++++++++++++--
fs/xfs/xfs_inode.h | 16 +++
fs/xfs/xfs_ioctl.c | 8 --
fs/xfs/xfs_iops.c | 16 ++-
fs/xfs/xfs_pnfs.c | 15 ++-
fs/xfs/xfs_pnfs.h | 5 +
include/linux/dax.h | 7 ++
include/linux/memremap.h | 36 ++------
include/linux/mm.h | 71 +++++++++++----
kernel/Makefile | 3 -
kernel/iomem.c | 167 ++++++++++++++++++++++++++++++++++++
kernel/memremap.c | 209 ++++++---------------------------------------
mm/Kconfig | 5 +
mm/gup.c | 36 ++++++--
mm/hmm.c | 13 ---
mm/swap.c | 3 -
21 files changed, 542 insertions(+), 279 deletions(-)
create mode 100644 kernel/iomem.c
The patch titled
Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections
has been added to the -mm tree. Its filename is
mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/mm-fix-devmem_is_allowed-for-sub-p…
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/mm-fix-devmem_is_allowed-for-sub-p…
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Dan Williams <dan.j.williams(a)intel.com>
Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections
Hussam reports:
I was poking around and for no real reason, I did cat /dev/mem and
strings /dev/mem. Then I saw the following warning in dmesg. I saved it
and rebooted immediately.
memremap attempted on mixed range 0x000000000009c000 size: 0x1000
------------[ cut here ]------------
WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170
[..]
Call Trace:
xlate_dev_mem_ptr+0x25/0x40
read_mem+0x89/0x1a0
__vfs_read+0x36/0x170
The memremap() implementation checks for attempts to remap System RAM with
MEMREMAP_WB and instead redirects those mapping attempts to the linear
map. However, that only works if the physical address range being
remapped is page aligned. In low memory we have situations like the
following:
00000000-00000fff : Reserved
00001000-0009fbff : System RAM
0009fc00-0009ffff : Reserved
...where System RAM intersects Reserved ranges on a sub-page page
granularity.
Given that devmem_is_allowed() special cases any attempt to map System RAM
in the first 1MB of memory, replace page_is_ram() with the more precise
region_intersects() to trap attempts to map disallowed ranges.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999
Link: http://lkml.kernel.org/r/152856436164.18127.2847888121707136898.stgit@dwill…
Fixes: 92281dee825f ("arch: introduce memremap()")
Signed-off-by: Dan Williams <dan.j.williams(a)intel.com>
Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Tested-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Cc: <stable(a)vger.kernel.org>
Cc: Christoph Hellwig <hch(a)lst.de>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
arch/x86/mm/init.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff -puN arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections arch/x86/mm/init.c
--- a/arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections
+++ a/arch/x86/mm/init.c
@@ -706,7 +706,9 @@ void __init init_mem_mapping(void)
*/
int devmem_is_allowed(unsigned long pagenr)
{
- if (page_is_ram(pagenr)) {
+ if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE,
+ IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE)
+ != REGION_DISJOINT) {
/*
* For disallowed memory regions in the low 1MB range,
* request that the page be shown as all zeros.
_
Patches currently in -mm which might be from dan.j.williams(a)intel.com are
mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch
mm-devm_memremap_pages-mark-devm_memremap_pages-export_symbol_gpl.patch
mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch
mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch
mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch
mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch
In ubifs_jnl_update() we sync parent and child inodes to the flash,
in case of xattrs, the parent inode (AKA host inode) has a non-zero
data_len. Therefore we need to adjust synced_i_size too.
This issue was reported by ubifs self tests unter a xattr related work
load.
UBIFS error (ubi0:0 pid 1896): dbg_check_synced_i_size: ui_size is 4, synced_i_size is 0, but inode is clean
UBIFS error (ubi0:0 pid 1896): dbg_check_synced_i_size: i_ino 65, i_mode 0x81a4, i_size 4
Cc: <stable(a)vger.kernel.org>
Fixes: 1e51764a3c2a ("UBIFS: add new flash file system")
Signed-off-by: Richard Weinberger <richard(a)nod.at>
---
fs/ubifs/journal.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c
index 04c4ec6483e5..1fb123279bb5 100644
--- a/fs/ubifs/journal.c
+++ b/fs/ubifs/journal.c
@@ -665,6 +665,11 @@ int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir,
spin_lock(&ui->ui_lock);
ui->synced_i_size = ui->ui_size;
spin_unlock(&ui->ui_lock);
+ if (xent) {
+ spin_lock(&host_ui->ui_lock);
+ host_ui->synced_i_size = host_ui->ui_size;
+ spin_unlock(&host_ui->ui_lock);
+ }
mark_inode_clean(c, ui);
mark_inode_clean(c, host_ui);
return 0;
--
2.13.6
Hi folks,
A few Fedora users have reported[0] a regression starting in v4.16.8
where the boot will hang ~1/3 of the time with the following RCU stall
warning:
INFO: rcu_sched detected stalls on CPUs/tasks:
o1-...!: (0 ticks this GP) idle=688/0/0 softirq=171/171 fqs=0
o(detected by 0, t=60002 jiffies, g=-142, c=-143, q=9)
Sending NMI from CPU 0 to CPU 1:
NMI backtrace for cpu 1 skipped: idling at
acpi_processor_ffh_cstate_enter+0x65/0xb0
rcu_sched kthread starved for 60002 jiffies! g18446744073709551474
c1844674407370955143 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 -> cpu=1
RCU grace-period kthread stack dump:
rcu_sched I 0 9 2 0x80000000
Call Trace:
? __schedule+0x234/0x850
schedule+0x28/0x80
schedule_timeout+0x166/0x380
? __next_timer_interrupt+0xc0/0xc0
rcu_gp_kthread+0x368/0x830
? rcu_process_callbacks+0x4f0/0x4f0
kthread+0x112/0x130
? kthread_create_worker_on_cpu+0x70/0x70
ret_from_fork+0x35/0x40
A user has bisected the problem to the v4.16 commit 1ab4ca7c59d4
("x86/tsc: Fix mark_tsc_unstable()"). According to the reporter,
explicitly setting "tsc=" on the kernel command line causes the boot to
always succeed. All the users have Thinkpad T500s or T400s (Core 2 Duos)
[0] https://bugzilla.redhat.com/show_bug.cgi?id=1579925
Thanks,
Jeremy
This is the start of the stable review cycle for the 4.17.1 release.
There are 15 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Mon Jun 11 14:59:48 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.1-rc1…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.17.1-rc1
Dexuan Cui <decui(a)microsoft.com>
PCI: hv: Do not wait forever on a device that has disappeared
Sabrina Dubroca <sd(a)queasysnail.net>
ipmr: fix error path when ipmr_new_table fails
Arun Parameswaran <arun.parameswaran(a)broadcom.com>
net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
Stephen Suryaputra <ssuryaextr(a)gmail.com>
vrf: check the original netdevice for generating redirect
Dan Carpenter <dan.carpenter(a)oracle.com>
team: use netdev_features_t instead of u32
Xin Long <lucien.xin(a)gmail.com>
sctp: not allow transport timeout value less than HZ/5 for hb_timer
Eric Dumazet <edumazet(a)google.com>
rtnetlink: validate attributes in do_setlink()
Eric Dumazet <edumazet(a)google.com>
net/packet: refine check for priv area size
Eric Dumazet <edumazet(a)google.com>
net: metrics: add proper netlink validation
Cong Wang <xiyou.wangcong(a)gmail.com>
netdev-FAQ: clarify DaveM's position for stable backports
Guillaume Nault <g.nault(a)alphalink.fr>
l2tp: fix refcount leakage on PPPoL2TP sockets
Michal Kubecek <mkubecek(a)suse.cz>
ipv6: omit traffic class when calculating flow hash
Sabrina Dubroca <sd(a)queasysnail.net>
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
Julia Lawall <Julia.Lawall(a)lip6.fr>
bnx2x: use the right constant
Jason A. Donenfeld <Jason(a)zx2c4.com>
netfilter: nf_flow_table: attach dst to skbs
-------------
Diffstat:
Documentation/networking/netdev-FAQ.txt | 9 +++++
Makefile | 4 +--
drivers/net/dsa/b53/b53_common.c | 15 +++++++-
drivers/net/dsa/b53/b53_priv.h | 2 ++
drivers/net/dsa/b53/b53_srab.c | 4 +--
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +-
drivers/net/team/team.c | 3 +-
drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++-------
include/linux/mroute_base.h | 10 ------
include/net/ipv6.h | 5 +++
net/core/flow_dissector.c | 2 +-
net/core/rtnetlink.c | 8 ++---
net/ipv4/fib_semantics.c | 4 +++
net/ipv4/ipmr_base.c | 8 +++--
net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +--
net/ipv6/ip6_output.c | 3 +-
net/ipv6/ip6mr.c | 21 +++++++----
net/ipv6/ndisc.c | 6 ++++
net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 +
net/ipv6/route.c | 4 +--
net/l2tp/l2tp_ppp.c | 35 +++++++++---------
net/packet/af_packet.c | 2 +-
net/sctp/transport.c | 2 +-
23 files changed, 132 insertions(+), 69 deletions(-)
This is the start of the stable review cycle for the 4.14.49 release.
There are 41 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Mon Jun 11 15:29:07 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.49-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.14.49-rc1
Dexuan Cui <decui(a)microsoft.com>
PCI: hv: Do not wait forever on a device that has disappeared
Paul Blakey <paulb(a)mellanox.com>
cls_flower: Fix incorrect idr release when failing to modify rule
Eric Dumazet <edumazet(a)google.com>
rtnetlink: validate attributes in do_setlink()
Jason Wang <jasowang(a)redhat.com>
virtio-net: fix leaking page for gso packet during mergeable XDP
Eran Ben Elisha <eranbe(a)mellanox.com>
net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
Jason Wang <jasowang(a)redhat.com>
virtio-net: correctly check num_buf during err path
Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp>
tun: Fix NULL pointer dereference in XDP redirect
Jack Morgenstein <jackm(a)dev.mellanox.co.il>
net/mlx4: Fix irq-unsafe spinlock usage
Jason Wang <jasowang(a)redhat.com>
virtio-net: correctly transmit XDP buff after linearizing
Alexander Duyck <alexander.h.duyck(a)intel.com>
net-sysfs: Fix memory leak in XPS configuration
Florian Fainelli <f.fainelli(a)gmail.com>
net: phy: broadcom: Fix auxiliary control register reads
Mathieu Xhonneux <m.xhonneux(a)gmail.com>
ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
Stephen Suryaputra <ssuryaextr(a)gmail.com>
vrf: check the original netdevice for generating redirect
Jason Wang <jasowang(a)redhat.com>
vhost: synchronize IOTLB message with dev cleanup
Dan Carpenter <dan.carpenter(a)oracle.com>
team: use netdev_features_t instead of u32
Xin Long <lucien.xin(a)gmail.com>
sctp: not allow transport timeout value less than HZ/5 for hb_timer
Shahed Shaikh <shahed.shaikh(a)cavium.com>
qed: Fix mask for physical address in ILT entry
Willem de Bruijn <willemb(a)google.com>
packet: fix reserve calculation
Daniele Palmas <dnlplm(a)gmail.com>
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
Florian Fainelli <f.fainelli(a)gmail.com>
net: phy: broadcom: Fix bcm_write_exp()
Eric Dumazet <edumazet(a)google.com>
net/packet: refine check for priv area size
Eric Dumazet <edumazet(a)google.com>
net: metrics: add proper netlink validation
Roopa Prabhu <roopa(a)cumulusnetworks.com>
net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
Cong Wang <xiyou.wangcong(a)gmail.com>
netdev-FAQ: clarify DaveM's position for stable backports
Kirill Tkhai <ktkhai(a)virtuozzo.com>
kcm: Fix use-after-free caused by clonned sockets
Wenwen Wang <wang6495(a)umn.edu>
isdn: eicon: fix a missing-check bug
Michal Kubecek <mkubecek(a)suse.cz>
ipv6: omit traffic class when calculating flow hash
Willem de Bruijn <willemb(a)google.com>
ipv4: remove warning in ip_recv_error
Eric Dumazet <edumazet(a)google.com>
ipmr: properly check rhltable_init() return value
Nicolas Dichtel <nicolas.dichtel(a)6wind.com>
ip6_tunnel: remove magic mtu value 0xFFF8
Sabrina Dubroca <sd(a)queasysnail.net>
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
Govindarajulu Varadarajan <gvaradar(a)cisco.com>
enic: set DMA mask to 47 bit
Alexey Kodanev <alexey.kodanev(a)oracle.com>
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
Julia Lawall <Julia.Lawall(a)lip6.fr>
bnx2x: use the right constant
Suresh Reddy <suresh.reddy(a)broadcom.com>
be2net: Fix error detection logic for BE3
Nathan Chancellor <natechancellor(a)gmail.com>
kconfig: Avoid format overflow warning from GCC 8.1
Anand Jain <Anand.Jain(a)oracle.com>
btrfs: define SUPER_FLAG_METADUMP_V2
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: relax file size limit for regular files
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: introduce sane default mmap limits
Bart Van Assche <bart.vanassche(a)wdc.com>
scsi: sd_zbc: Avoid that resetting a zone fails sporadically
Damien Le Moal <damien.lemoal(a)wdc.com>
scsi: sd_zbc: Fix potential memory leak
-------------
Diffstat:
Documentation/networking/netdev-FAQ.txt | 9 ++
Makefile | 4 +-
drivers/isdn/hardware/eicon/diva.c | 22 ++--
drivers/isdn/hardware/eicon/diva.h | 5 +-
drivers/isdn/hardware/eicon/divasmain.c | 18 ++--
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +-
drivers/net/ethernet/cisco/enic/enic_main.c | 8 +-
drivers/net/ethernet/emulex/benet/be_main.c | 4 +-
drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +-
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 42 ++++++++
drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +-
drivers/net/phy/bcm-cygnus.c | 6 +-
drivers/net/phy/bcm-phy-lib.c | 2 +-
drivers/net/phy/bcm-phy-lib.h | 7 ++
drivers/net/phy/bcm7xxx.c | 4 +-
drivers/net/team/team.c | 3 +-
drivers/net/tun.c | 15 +--
drivers/net/usb/cdc_mbim.c | 2 +-
drivers/net/virtio_net.c | 19 ++--
drivers/pci/host/pci-hyperv.c | 46 +++++---
drivers/scsi/sd_zbc.c | 128 ++++++++++++++---------
drivers/vhost/vhost.c | 3 +
fs/btrfs/disk-io.c | 3 +-
include/net/ipv6.h | 5 +
include/uapi/linux/btrfs_tree.h | 1 +
mm/mmap.c | 32 ++++++
net/core/flow_dissector.c | 2 +-
net/core/net-sysfs.c | 6 +-
net/core/rtnetlink.c | 8 +-
net/dccp/proto.c | 2 -
net/ipv4/fib_frontend.c | 1 +
net/ipv4/fib_semantics.c | 4 +
net/ipv4/ip_sockglue.c | 2 -
net/ipv4/ipmr.c | 7 +-
net/ipv6/ip6_output.c | 3 +-
net/ipv6/ip6_tunnel.c | 11 +-
net/ipv6/ip6mr.c | 3 +-
net/ipv6/ndisc.c | 6 ++
net/ipv6/route.c | 2 +-
net/ipv6/seg6_iptunnel.c | 4 +-
net/ipv6/sit.c | 5 +-
net/kcm/kcmsock.c | 2 +-
net/packet/af_packet.c | 4 +-
net/sched/cls_flower.c | 2 +-
net/sctp/transport.c | 2 +-
scripts/kconfig/confdata.c | 2 +-
46 files changed, 329 insertions(+), 145 deletions(-)
This is the start of the stable review cycle for the 4.16.15 release.
There are 48 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Mon Jun 11 14:59:28 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.15-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.16.15-rc1
Dexuan Cui <decui(a)microsoft.com>
PCI: hv: Do not wait forever on a device that has disappeared
Jason Wang <jasowang(a)redhat.com>
vhost_net: flush batched heads before trying to busy polling
Ard Biesheuvel <ard.biesheuvel(a)linaro.org>
net: netsec: reduce DMA mask to 40 bits
Nicolas Dichtel <nicolas.dichtel(a)6wind.com>
ip_tunnel: restore binding to ifaces with a large mtu
Jason Wang <jasowang(a)redhat.com>
virtio-net: correctly redirect linearized packet
Or Gerlitz <ogerlitz(a)mellanox.com>
net : sched: cls_api: deal with egdev path only if needed
Arun Parameswaran <arun.parameswaran(a)broadcom.com>
net: dsa: b53: Fix for brcm tag issue in Cygnus SoC
Jason Wang <jasowang(a)redhat.com>
virtio-net: correctly check num_buf during err path
Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp>
tun: Fix NULL pointer dereference in XDP redirect
Eran Ben Elisha <eranbe(a)mellanox.com>
net/mlx5e: When RXFCS is set, add FCS data into checksum calculation
Jack Morgenstein <jackm(a)dev.mellanox.co.il>
net/mlx4: Fix irq-unsafe spinlock usage
Jason Wang <jasowang(a)redhat.com>
virtio-net: fix leaking page for gso packet during mergeable XDP
Jason Wang <jasowang(a)redhat.com>
virtio-net: correctly transmit XDP buff after linearizing
Alexander Duyck <alexander.h.duyck(a)intel.com>
net-sysfs: Fix memory leak in XPS configuration
Florian Fainelli <f.fainelli(a)gmail.com>
net: phy: broadcom: Fix auxiliary control register reads
Mathieu Xhonneux <m.xhonneux(a)gmail.com>
ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline
Stephen Suryaputra <ssuryaextr(a)gmail.com>
vrf: check the original netdevice for generating redirect
Jason Wang <jasowang(a)redhat.com>
vhost: synchronize IOTLB message with dev cleanup
Dan Carpenter <dan.carpenter(a)oracle.com>
team: use netdev_features_t instead of u32
Xin Long <lucien.xin(a)gmail.com>
sctp: not allow transport timeout value less than HZ/5 for hb_timer
Eric Dumazet <edumazet(a)google.com>
rtnetlink: validate attributes in do_setlink()
Shahed Shaikh <shahed.shaikh(a)cavium.com>
qed: Fix mask for physical address in ILT entry
Willem de Bruijn <willemb(a)google.com>
packet: fix reserve calculation
Daniele Palmas <dnlplm(a)gmail.com>
net: usb: cdc_mbim: add flag FLAG_SEND_ZLP
Florian Fainelli <f.fainelli(a)gmail.com>
net: phy: broadcom: Fix bcm_write_exp()
Eric Dumazet <edumazet(a)google.com>
net/packet: refine check for priv area size
Eric Dumazet <edumazet(a)google.com>
net: metrics: add proper netlink validation
Roopa Prabhu <roopa(a)cumulusnetworks.com>
net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy
Dan Carpenter <dan.carpenter(a)oracle.com>
net: ethernet: davinci_emac: fix error handling in probe()
Cong Wang <xiyou.wangcong(a)gmail.com>
netdev-FAQ: clarify DaveM's position for stable backports
Petr Machata <petrm(a)mellanox.com>
mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG
Guillaume Nault <g.nault(a)alphalink.fr>
l2tp: fix refcount leakage on PPPoL2TP sockets
Kirill Tkhai <ktkhai(a)virtuozzo.com>
kcm: Fix use-after-free caused by clonned sockets
Wenwen Wang <wang6495(a)umn.edu>
isdn: eicon: fix a missing-check bug
Michal Kubecek <mkubecek(a)suse.cz>
ipv6: omit traffic class when calculating flow hash
Willem de Bruijn <willemb(a)google.com>
ipv4: remove warning in ip_recv_error
Eric Dumazet <edumazet(a)google.com>
ipmr: properly check rhltable_init() return value
Nicolas Dichtel <nicolas.dichtel(a)6wind.com>
ip6_tunnel: remove magic mtu value 0xFFF8
Sabrina Dubroca <sd(a)queasysnail.net>
ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds
Govindarajulu Varadarajan <gvaradar(a)cisco.com>
enic: set DMA mask to 47 bit
Alexey Kodanev <alexey.kodanev(a)oracle.com>
dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
Paul Blakey <paulb(a)mellanox.com>
cls_flower: Fix incorrect idr release when failing to modify rule
Julia Lawall <Julia.Lawall(a)lip6.fr>
bnx2x: use the right constant
Suresh Reddy <suresh.reddy(a)broadcom.com>
be2net: Fix error detection logic for BE3
Nathan Chancellor <natechancellor(a)gmail.com>
kconfig: Avoid format overflow warning from GCC 8.1
Jason A. Donenfeld <Jason(a)zx2c4.com>
netfilter: nf_flow_table: attach dst to skbs
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: relax file size limit for regular files
Linus Torvalds <torvalds(a)linux-foundation.org>
mmap: introduce sane default mmap limits
-------------
Diffstat:
Documentation/networking/netdev-FAQ.txt | 9 +++++
Makefile | 4 +--
drivers/isdn/hardware/eicon/diva.c | 22 ++++++++----
drivers/isdn/hardware/eicon/diva.h | 5 +--
drivers/isdn/hardware/eicon/divasmain.c | 18 ++++++----
drivers/net/dsa/b53/b53_common.c | 15 +++++++-
drivers/net/dsa/b53/b53_priv.h | 2 ++
drivers/net/dsa/b53/b53_srab.c | 4 +--
drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +-
drivers/net/ethernet/cisco/enic/enic_main.c | 8 ++---
drivers/net/ethernet/emulex/benet/be_main.c | 4 ++-
drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +--
drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 42 ++++++++++++++++++++++
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 5 +++
drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +-
drivers/net/ethernet/socionext/netsec.c | 4 +--
drivers/net/ethernet/ti/davinci_emac.c | 22 ++++++------
drivers/net/phy/bcm-cygnus.c | 6 ++--
drivers/net/phy/bcm-phy-lib.c | 2 +-
drivers/net/phy/bcm-phy-lib.h | 7 ++++
drivers/net/phy/bcm7xxx.c | 4 +--
drivers/net/team/team.c | 3 +-
drivers/net/tun.c | 15 ++++----
drivers/net/usb/cdc_mbim.c | 2 +-
drivers/net/virtio_net.c | 21 ++++++-----
drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++-------
drivers/vhost/net.c | 37 ++++++++++++-------
drivers/vhost/vhost.c | 3 ++
include/net/ipv6.h | 5 +++
mm/mmap.c | 32 +++++++++++++++++
net/core/flow_dissector.c | 2 +-
net/core/net-sysfs.c | 6 ++--
net/core/rtnetlink.c | 8 ++---
net/dccp/proto.c | 2 --
net/ipv4/fib_frontend.c | 1 +
net/ipv4/fib_semantics.c | 4 +++
net/ipv4/ip_sockglue.c | 2 --
net/ipv4/ip_tunnel.c | 8 ++---
net/ipv4/ipmr.c | 7 +++-
net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +--
net/ipv6/ip6_output.c | 3 +-
net/ipv6/ip6_tunnel.c | 11 ++++--
net/ipv6/ip6mr.c | 3 +-
net/ipv6/ndisc.c | 6 ++++
net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 +
net/ipv6/route.c | 2 +-
net/ipv6/seg6_iptunnel.c | 4 +--
net/ipv6/sit.c | 5 +--
net/kcm/kcmsock.c | 2 +-
net/l2tp/l2tp_ppp.c | 35 +++++++++---------
net/packet/af_packet.c | 4 +--
net/sched/cls_api.c | 2 +-
net/sched/cls_flower.c | 2 +-
net/sctp/transport.c | 2 +-
scripts/kconfig/confdata.c | 2 +-
55 files changed, 338 insertions(+), 146 deletions(-)
From: Alexander Duyck <alexander.h.duyck(a)intel.com>
This patch addresses two issues. First it adds the correct bit definitions
for the SECTXSTAT and SECRXSTAT registers. Then it makes use of those
definitions to test for if IPsec has been disabled on the part and if so we
do not enable it.
CC: stable <stable(a)vger.kernel.org>
Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com>
Reported-by: Andre Tomt <andre(a)tomt.net>
Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com>
Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 14 +++++++++++++-
drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 6 ++++--
2 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
index 7b23fb0c2d07..c116f459945d 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
@@ -975,10 +975,22 @@ void ixgbe_ipsec_rx(struct ixgbe_ring *rx_ring,
**/
void ixgbe_init_ipsec_offload(struct ixgbe_adapter *adapter)
{
+ struct ixgbe_hw *hw = &adapter->hw;
struct ixgbe_ipsec *ipsec;
+ u32 t_dis, r_dis;
size_t size;
- if (adapter->hw.mac.type == ixgbe_mac_82598EB)
+ if (hw->mac.type == ixgbe_mac_82598EB)
+ return;
+
+ /* If there is no support for either Tx or Rx offload
+ * we should not be advertising support for IPsec.
+ */
+ t_dis = IXGBE_READ_REG(hw, IXGBE_SECTXSTAT) &
+ IXGBE_SECTXSTAT_SECTX_OFF_DIS;
+ r_dis = IXGBE_READ_REG(hw, IXGBE_SECRXSTAT) &
+ IXGBE_SECRXSTAT_SECRX_OFF_DIS;
+ if (t_dis || r_dis)
return;
ipsec = kzalloc(sizeof(*ipsec), GFP_KERNEL);
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h b/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h
index e8ed37749ab1..44cfb2021145 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h
@@ -599,13 +599,15 @@ struct ixgbe_nvm_version {
#define IXGBE_SECTXCTRL_STORE_FORWARD 0x00000004
#define IXGBE_SECTXSTAT_SECTX_RDY 0x00000001
-#define IXGBE_SECTXSTAT_ECC_TXERR 0x00000002
+#define IXGBE_SECTXSTAT_SECTX_OFF_DIS 0x00000002
+#define IXGBE_SECTXSTAT_ECC_TXERR 0x00000004
#define IXGBE_SECRXCTRL_SECRX_DIS 0x00000001
#define IXGBE_SECRXCTRL_RX_DIS 0x00000002
#define IXGBE_SECRXSTAT_SECRX_RDY 0x00000001
-#define IXGBE_SECRXSTAT_ECC_RXERR 0x00000002
+#define IXGBE_SECRXSTAT_SECRX_OFF_DIS 0x00000002
+#define IXGBE_SECRXSTAT_ECC_RXERR 0x00000004
/* LinkSec (MacSec) Registers */
#define IXGBE_LSECTXCAP 0x08A00
--
2.17.1
From: Alexander Duyck <alexander.h.duyck(a)intel.com>
This patch fixes two issues. First we add an early test for the Tx and Rx
security block ready bits. By doing this we can avoid the need for waits or
loopback in the event that the security block is already flushed out.
Secondly we fix the boolean logic that was testing for the Tx OR Rx ready
bits being set and change it so that we only exit if the Tx AND Rx ready
bits are both set.
CC: stable <stable(a)vger.kernel.org>
Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com>
Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com>
Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
index 38d8cf75e9ad..7b23fb0c2d07 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
@@ -158,7 +158,16 @@ static void ixgbe_ipsec_stop_data(struct ixgbe_adapter *adapter)
reg |= IXGBE_SECRXCTRL_RX_DIS;
IXGBE_WRITE_REG(hw, IXGBE_SECRXCTRL, reg);
- IXGBE_WRITE_FLUSH(hw);
+ /* If both Tx and Rx are ready there are no packets
+ * that we need to flush so the loopback configuration
+ * below is not necessary.
+ */
+ t_rdy = IXGBE_READ_REG(hw, IXGBE_SECTXSTAT) &
+ IXGBE_SECTXSTAT_SECTX_RDY;
+ r_rdy = IXGBE_READ_REG(hw, IXGBE_SECRXSTAT) &
+ IXGBE_SECRXSTAT_SECRX_RDY;
+ if (t_rdy && r_rdy)
+ return;
/* If the tx fifo doesn't have link, but still has data,
* we can't clear the tx sec block. Set the MAC loopback
@@ -185,7 +194,7 @@ static void ixgbe_ipsec_stop_data(struct ixgbe_adapter *adapter)
IXGBE_SECTXSTAT_SECTX_RDY;
r_rdy = IXGBE_READ_REG(hw, IXGBE_SECRXSTAT) &
IXGBE_SECRXSTAT_SECRX_RDY;
- } while (!t_rdy && !r_rdy && limit--);
+ } while (!(t_rdy && r_rdy) && limit--);
/* undo loopback if we played with it earlier */
if (!link) {
--
2.17.1
From: Alexander Duyck <alexander.h.duyck(a)intel.com>
This patch moves the IPsec init function in ixgbe_sw_init. This way it is a
bit more consistent with the placement of similar initialization functions
and is placed before the reset_hw call which should allow us to clean up
any link issues that may be introduced by the fact that we force the link
up if somehow the device had IPsec still enabled before the driver was
loaded.
In addition to the function move it is necessary to change the assignment
of netdev->features. The easiest way to do this is to just test for the
existence of adapter->ipsec and if it is present we set the feature bits.
CC: stable <stable(a)vger.kernel.org>
Fixes: 49a94d74d948 ("ixgbe: add ipsec engine start and stop routines")
Reported-by: Andre Tomt <andre(a)tomt.net>
Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com>
Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com>
Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 7 -------
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 11 +++++++++--
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
index 344a1f213a5f..38d8cf75e9ad 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c
@@ -1001,13 +1001,6 @@ void ixgbe_init_ipsec_offload(struct ixgbe_adapter *adapter)
adapter->netdev->xfrmdev_ops = &ixgbe_xfrmdev_ops;
-#define IXGBE_ESP_FEATURES (NETIF_F_HW_ESP | \
- NETIF_F_HW_ESP_TX_CSUM | \
- NETIF_F_GSO_ESP)
-
- adapter->netdev->features |= IXGBE_ESP_FEATURES;
- adapter->netdev->hw_enc_features |= IXGBE_ESP_FEATURES;
-
return;
err2:
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
index a925f05ec342..8d061af276d3 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
@@ -6117,6 +6117,7 @@ static int ixgbe_sw_init(struct ixgbe_adapter *adapter,
#ifdef CONFIG_IXGBE_DCB
ixgbe_init_dcb(adapter);
#endif
+ ixgbe_init_ipsec_offload(adapter);
/* default flow control settings */
hw->fc.requested_mode = ixgbe_fc_full;
@@ -10429,6 +10430,14 @@ static int ixgbe_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
if (hw->mac.type >= ixgbe_mac_82599EB)
netdev->features |= NETIF_F_SCTP_CRC;
+#ifdef CONFIG_XFRM_OFFLOAD
+#define IXGBE_ESP_FEATURES (NETIF_F_HW_ESP | \
+ NETIF_F_HW_ESP_TX_CSUM | \
+ NETIF_F_GSO_ESP)
+
+ if (adapter->ipsec)
+ netdev->features |= IXGBE_ESP_FEATURES;
+#endif
/* copy netdev features into list of user selectable features */
netdev->hw_features |= netdev->features |
NETIF_F_HW_VLAN_CTAG_FILTER |
@@ -10491,8 +10500,6 @@ static int ixgbe_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
NETIF_F_FCOE_MTU;
}
#endif /* IXGBE_FCOE */
- ixgbe_init_ipsec_offload(adapter);
-
if (adapter->flags2 & IXGBE_FLAG2_RSC_CAPABLE)
netdev->hw_features |= NETIF_F_LRO;
if (adapter->flags2 & IXGBE_FLAG2_RSC_ENABLED)
--
2.17.1
From: Alexander Duyck <alexander.h.duyck(a)intel.com>
There is no point in adding code if CONFIG_XFRM is defined that we won't
use unless CONFIG_XFRM_OFFLOAD is defined. So instead of leaving this code
floating around I am replacing the ifdef with what I believe is the correct
one so that we only include the code and variables if they will actually be
used.
CC: stable <stable(a)vger.kernel.org>
Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com>
Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com>
Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 4 ++--
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe.h b/drivers/net/ethernet/intel/ixgbe/ixgbe.h
index fc534e91c6b2..144d5fe6b944 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe.h
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe.h
@@ -760,9 +760,9 @@ struct ixgbe_adapter {
#define IXGBE_RSS_KEY_SIZE 40 /* size of RSS Hash Key in bytes */
u32 *rss_key;
-#ifdef CONFIG_XFRM
+#ifdef CONFIG_XFRM_OFFLOAD
struct ixgbe_ipsec *ipsec;
-#endif /* CONFIG_XFRM */
+#endif /* CONFIG_XFRM_OFFLOAD */
};
static inline u8 ixgbe_max_rss_indices(struct ixgbe_adapter *adapter)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
index f9e0dc041cfb..a925f05ec342 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
@@ -9896,7 +9896,7 @@ ixgbe_features_check(struct sk_buff *skb, struct net_device *dev,
* the TSO, so it's the exception.
*/
if (skb->encapsulation && !(features & NETIF_F_TSO_MANGLEID)) {
-#ifdef CONFIG_XFRM
+#ifdef CONFIG_XFRM_OFFLOAD
if (!skb->sp)
#endif
features &= ~NETIF_F_TSO;
--
2.17.1
From: Alexander Duyck <alexander.h.duyck(a)intel.com>
When we were enabling macvlan interfaces we weren't correctly configuring
things until ixgbe_setup_tc was called a second time either by tweaking the
number of queues or increasing the macvlan count past 15.
The issue came down to the fact that num_rx_pools is not populated until
after the queues and interrupts are reinitialized.
Instead of trying to set it sooner we can just move the call to setup at
least 1 traffic class to the SR-IOV/VMDq setup function so that we just set
it for this one case. We already had a spot that was configuring the queues
for TC 0 in the code here anyway so it makes sense to also set the number
of TCs here as well.
CC: stable <stable(a)vger.kernel.org>
Fixes: 49cfbeb7a95c ("ixgbe: Fix handling of macvlan Tx offload")
Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com>
Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com>
---
drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c | 8 ++++++++
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 8 --------
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c
index 893a9206e718..d361f570ca37 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c
@@ -593,6 +593,14 @@ static bool ixgbe_set_sriov_queues(struct ixgbe_adapter *adapter)
}
#endif
+ /* To support macvlan offload we have to use num_tc to
+ * restrict the queues that can be used by the device.
+ * By doing this we can avoid reporting a false number of
+ * queues.
+ */
+ if (vmdq_i > 1)
+ netdev_set_num_tc(adapter->netdev, 1);
+
/* populate TC0 for use by pool 0 */
netdev_set_tc_queue(adapter->netdev, 0,
adapter->num_rx_queues_per_pool, 0);
diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
index 4929f7265598..f9e0dc041cfb 100644
--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
+++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
@@ -8822,14 +8822,6 @@ int ixgbe_setup_tc(struct net_device *dev, u8 tc)
} else {
netdev_reset_tc(dev);
- /* To support macvlan offload we have to use num_tc to
- * restrict the queues that can be used by the device.
- * By doing this we can avoid reporting a false number of
- * queues.
- */
- if (!tc && adapter->num_rx_pools > 1)
- netdev_set_num_tc(dev, 1);
-
if (adapter->hw.mac.type == ixgbe_mac_82598EB)
adapter->hw.fc.requested_mode = adapter->last_lfc_mode;
--
2.17.1
On Mon, Jun 11, 2018 at 08:12:45AM +1000, David Airlie wrote:
> Can you make sure you pull in
>
> 76ef6b28ea4f81c3d511866a9b31392caa833126 (tag:
> drm-fixes-for-v4.17-rc6-urgent)
> Author: Dave Airlie <airlied(a)redhat.com>
> Date: Tue May 15 13:38:15 2018 +1000
>
> drm: set FMODE_UNSIGNED_OFFSET for drm files
>
> Into anywhere this first patch goes?
Thanks for pointing this out, now queued up.
greg k-h
Hussam reports:
I was poking around and for no real reason, I did cat /dev/mem and
strings /dev/mem. Then I saw the following warning in dmesg. I saved it
and rebooted immediately.
memremap attempted on mixed range 0x000000000009c000 size: 0x1000
------------[ cut here ]------------
WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170
[..]
Call Trace:
xlate_dev_mem_ptr+0x25/0x40
read_mem+0x89/0x1a0
__vfs_read+0x36/0x170
The memremap() implementation checks for attempts to remap System RAM
with MEMREMAP_WB and instead redirects those mapping attempts to the
linear map. However, that only works if the physical address range being
remapped is page aligned. In low memory we have situations like the
following:
00000000-00000fff : Reserved
00001000-0009fbff : System RAM
0009fc00-0009ffff : Reserved
...where System RAM intersects Reserved ranges on a sub-page page
granularity.
Given that devmem_is_allowed() special cases any attempt to map System
RAM in the first 1MB of memory, replace page_is_ram() with the more
precise region_intersects() to trap attempts to map disallowed ranges.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999
Fixes: 92281dee825f ("arch: introduce memremap()")
Cc: <stable(a)vger.kernel.org>
Cc: Christoph Hellwig <hch(a)lst.de>
Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org>
Signed-off-by: Dan Williams <dan.j.williams(a)intel.com>
---
arch/x86/mm/init.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c
index fec82b577c18..cee58a972cb2 100644
--- a/arch/x86/mm/init.c
+++ b/arch/x86/mm/init.c
@@ -706,7 +706,9 @@ void __init init_mem_mapping(void)
*/
int devmem_is_allowed(unsigned long pagenr)
{
- if (page_is_ram(pagenr)) {
+ if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE,
+ IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE)
+ != REGION_DISJOINT) {
/*
* For disallowed memory regions in the low 1MB range,
* request that the page be shown as all zeros.
Hi,
The patch has been in the mainline, and I have verified the commit can be cherry-picked
cleanly to these 3 stable branches.
The issue fixed by the patch also exists in 4.14, 4.16 and 4.17.
It looks I forgot to add a "Cc: stable(a)vger.kernel.org" tag. Sorry.
Thanks,
-- Dexuan
On Tue, Sep 19, 2017 at 9:32 AM, Greg KH <greg(a)kroah.com> wrote:
> On Mon, Sep 18, 2017 at 10:29:25PM +0300, Amir Goldstein wrote:
>> On Mon, Sep 18, 2017 at 9:35 PM, Greg KH <greg(a)kroah.com> wrote:
>> > On Mon, Sep 18, 2017 at 09:00:30PM +0300, Amir Goldstein wrote:
>> >> On Mon, Sep 18, 2017 at 8:11 PM, Darrick J. Wong
>> >> <darrick.wong(a)oracle.com> wrote:
>> >> > On Fri, Sep 15, 2017 at 03:40:24PM +0300, Amir Goldstein wrote:
>> >> >> On Wed, Aug 30, 2017 at 4:38 PM, Amir Goldstein <amir73il(a)gmail.com> wrote:
>> >> >> > When calling into _xfs_log_force{,_lsn}() with a pointer
>> >> >> > to log_flushed variable, log_flushed will be set to 1 if:
>> >> >> > 1. xlog_sync() is called to flush the active log buffer
>> >> >> > AND/OR
>> >> >> > 2. xlog_wait() is called to wait on a syncing log buffers
>> >> >> >
>> >> >> > xfs_file_fsync() checks the value of log_flushed after
>> >> >> > _xfs_log_force_lsn() call to optimize away an explicit
>> >> >> > PREFLUSH request to the data block device after writing
>> >> >> > out all the file's pages to disk.
>> >> >> >
>> >> >> > This optimization is incorrect in the following sequence of events:
>> >> >> >
>> >> >> > Task A Task B
>> >> >> > -------------------------------------------------------
>> >> >> > xfs_file_fsync()
>> >> >> > _xfs_log_force_lsn()
>> >> >> > xlog_sync()
>> >> >> > [submit PREFLUSH]
>> >> >> > xfs_file_fsync()
>> >> >> > file_write_and_wait_range()
>> >> >> > [submit WRITE X]
>> >> >> > [endio WRITE X]
>> >> >> > _xfs_log_force_lsn()
>> >> >> > xlog_wait()
>> >> >> > [endio PREFLUSH]
>> >> >> >
>> >> >> > The write X is not guarantied to be on persistent storage
>> >> >> > when PREFLUSH request in completed, because write A was submitted
>> >> >> > after the PREFLUSH request, but xfs_file_fsync() of task A will
>> >> >> > be notified of log_flushed=1 and will skip explicit flush.
>> >> >> >
>> >> >> > If the system crashes after fsync of task A, write X may not be
>> >> >> > present on disk after reboot.
>> >> >> >
>> >> >> > This bug was discovered and demonstrated using Josef Bacik's
>> >> >> > dm-log-writes target, which can be used to record block io operations
>> >> >> > and then replay a subset of these operations onto the target device.
>> >> >> > The test goes something like this:
>> >> >> > - Use fsx to execute ops of a file and record ops on log device
>> >> >> > - Every now and then fsync the file, store md5 of file and mark
>> >> >> > the location in the log
>> >> >> > - Then replay log onto device for each mark, mount fs and compare
>> >> >> > md5 of file to stored value
>> >> >> >
>> >> >> > Cc: Christoph Hellwig <hch(a)lst.de>
>> >> >> > Cc: Josef Bacik <jbacik(a)fb.com>
>> >> >> > Cc: <stable(a)vger.kernel.org>
>> >> >> > Signed-off-by: Amir Goldstein <amir73il(a)gmail.com>
>> >> >> > ---
>> >> >> >
>> >> >> > Christoph, Dave,
>> >> >> >
>> >> >> > It's hard to believe, but I think the reported bug has been around
>> >> >> > since 2005 f538d4da8d52 ("[XFS] write barrier support"), but I did
>> >> >> > not try to test old kernels.
>> >> >>
>> >> >> Forgot to tag commit message with:
>> >> >> Fixes: f538d4da8d52 ("[XFS] write barrier support")
>> >> >>
>> >> >> Maybe the tag could be added when applying to recent stables,
>> >> >> so distros and older downstream stables can see the tag.
>> >> >>
>> >> >> The disclosure of the security bug fix (commit b31ff3cdf5) made me wonder
>> >> >> if possible data loss bug should also be disclosed in some distros forum?
>> >> >> I bet some users would care more about the latter than the former.
>> >> >> Coincidentally, both data loss and security bugs fix the same commit..
>> >> >
>> >> > Yes the the patch ought to get sent on to stable w/ fixes tag. One
>> >> > would hope that the distros will pick up the stable fixes from there.
>> >>
>> >>
>> >> Greg, for your consideration, please add
>> >> Fixes: f538d4da8d52 ("[XFS] write barrier support")
>> >> If not pushed yet.
>> >
>> > Add it to what?
>>
>> Sorry, add that tag when applying commit 47c7d0b1950258312
>> to stable trees, since I missed adding the tag before it was merged
>> to master.
>
> Nah, as the tag is just needed to let me know where to backport stuff
> to, I don't think it matters when I add it to the stable tree itself, so
> I'll leave it as-is.
>
Greg,
Related or not to above Fixes discussion, I now noticed that you never picked
the patch for kernel 4.4.
Ben did take it to 3.2 and 3.16 BTW.
This is a very critical bug fix IMO.
Were you waiting for an ACK from xfs maintainers or just an oversight?
Or was it me who had to check up on that?
Thanks,
Amir.
Hi,
Linux 4.9.107 was released on Jun 7th and www.kernel.org still points to 4.9.106 as latest version
for 4.9 tree. I have seen delays before, but not for more than an hour.
Is something broken?
Cheers,
Pavlos
The patch titled
Subject: fs/binfmt_misc.c: do not allow offset overflow
has been removed from the -mm tree. Its filename was
fs-binfmt_miscc-do-not-allow-offset-overflow.patch
This patch was dropped because it was merged into mainline or a subsystem tree
------------------------------------------------------
From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com>
Subject: fs/binfmt_misc.c: do not allow offset overflow
WHen registering a new binfmt_misc handler, it is possible to overflow the
offset to get a negative value, which might crash the system, or possibly
leak kernel data.
Here is a crash log when 2500000000 was used as an offset:
[ 6050.251552] BUG: unable to handle kernel paging request at ffff989cfd6edca0
[ 6050.252053] IP: load_misc_binary+0x22b/0x470 [binfmt_misc]
[ 6050.252053] PGD 1ef3e067 P4D 1ef3e067 PUD 0
[ 6050.252053] Oops: 0000 [#1] SMP NOPTI
[ 6050.252053] Modules linked in: binfmt_misc kvm_intel ppdev kvm irqbypass joydev input_leds serio_raw mac_hid parport_pc qemu_fw_cfg parpy
[ 6050.252053] CPU: 0 PID: 2499 Comm: bash Not tainted 4.15.0-22-generic #24-Ubuntu
[ 6050.252053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.1-1 04/01/2014
[ 6050.252053] RIP: 0010:load_misc_binary+0x22b/0x470 [binfmt_misc]
[ 6050.252053] RSP: 0018:ffffb6e383017e18 EFLAGS: 00010202
[ 6050.252053] RAX: 0000000000000003 RBX: ffff989d74a47100 RCX: ffff989cfd6edca0
[ 6050.252053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff989d7d2e95e5
[ 6050.252053] RBP: ffffb6e383017e48 R08: 0000000000000001 R09: 0000000000000000
[ 6050.252053] R10: 0000000000000000 R11: fefefefefefefeff R12: 0000000000000001
[ 6050.252053] R13: ffff989d7d2e9580 R14: 0000000000000000 R15: ffffffffc0592160
[ 6050.252053] FS: 00007fa424c89740(0000) GS:ffff989d7fc00000(0000) knlGS:0000000000000000
[ 6050.252053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 6050.252053] CR2: ffff989cfd6edca0 CR3: 000000003db08000 CR4: 00000000000006f0
[ 6050.252053] Call Trace:
[ 6050.252053] search_binary_handler+0x97/0x1d0
[ 6050.252053] do_execveat_common.isra.34+0x667/0x810
[ 6050.252053] SyS_execve+0x31/0x40
[ 6050.252053] do_syscall_64+0x73/0x130
[ 6050.252053] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Use kstrtoint instead of simple_strtoul. It will work as the code already
set the delimiter byte to '\0' and we only do it when the field is not
empty.
Tested with offsets -1, 2500000000, UINT_MAX and INT_MAX. Also tested
with examples documented at Documentation/admin-guide/binfmt-misc.rst and
other registrations from packages on Ubuntu.
Link: http://lkml.kernel.org/r/20180529135648.14254-1-cascardo@canonical.com
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com>
Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org>
Cc: Alexander Viro <viro(a)zeniv.linux.org.uk>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
fs/binfmt_misc.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff -puN fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow fs/binfmt_misc.c
--- a/fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow
+++ a/fs/binfmt_misc.c
@@ -387,8 +387,13 @@ static Node *create_entry(const char __u
s = strchr(p, del);
if (!s)
goto einval;
- *s++ = '\0';
- e->offset = simple_strtoul(p, &p, 10);
+ *s = '\0';
+ if (p != s) {
+ int r = kstrtoint(p, 10, &e->offset);
+ if (r != 0 || e->offset < 0)
+ goto einval;
+ }
+ p = s;
if (*p++)
goto einval;
pr_debug("register: offset: %#x\n", e->offset);
@@ -428,7 +433,8 @@ static Node *create_entry(const char __u
if (e->mask &&
string_unescape_inplace(e->mask, UNESCAPE_HEX) != e->size)
goto einval;
- if (e->size + e->offset > BINPRM_BUF_SIZE)
+ if (e->size > BINPRM_BUF_SIZE ||
+ BINPRM_BUF_SIZE - e->size < e->offset)
goto einval;
pr_debug("register: magic/mask length: %i\n", e->size);
if (USE_DEBUG) {
_
Patches currently in -mm which might be from cascardo(a)canonical.com are
The patch titled
Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
has been removed from the -mm tree. Its filename was
mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset.patch
This patch was dropped because it was merged into mainline or a subsystem tree
------------------------------------------------------
From: Vlastimil Babka <vbabka(a)suse.cz>
Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for
allocations that can ignore memory policies. The zonelist is obtained
from current CPU's node. This is a problem for __GFP_THISNODE allocations
that want to allocate on a different node, e.g. because the allocating
thread has been migrated to a different CPU.
This has been observed to break SLAB in our 4.4-based kernel, because
there it relies on __GFP_THISNODE working as intended. If a slab page is
put on wrong node's list, then further list manipulations may corrupt the
list because page_to_nid() is used to determine which node's list_lock
should be locked and thus we may take a wrong lock and race.
Current SLAB implementation seems to be immune by luck thanks to commit
511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on
arbitrary node") but there may be others assuming that __GFP_THISNODE
works as promised.
We can fix it by simply removing the zonelist reset completely. There is
actually no reason to reset it, because memory policies and cpusets don't
affect the zonelist choice in the first place. This was different when
commit 183f6371aac2 ("mm: ignore mempolicies when using
ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their
own restricted zonelists.
We might consider this for 4.17 although I don't know if there's anything
currently broken.
SLAB is currently not affected, but in kernels older than 4.7 that
don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the
page allocated on arbitrary node") it is. That's at least 4.4 LTS.
Older ones I'll have to check.
So stable backports should be more important, but will have to be
reviewed carefully, as the code went through many changes. BTW I think
that also the ac->preferred_zoneref reset is currently useless if we
don't also reset ac->nodemask from a mempolicy to NULL first (which we
probably should for the OOM victims etc?), but I would leave that for a
separate patch.
Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz
Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz>
Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK")
Acked-by: Mel Gorman <mgorman(a)techsingularity.net>
Cc: Michal Hocko <mhocko(a)kernel.org>
Cc: David Rientjes <rientjes(a)google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/page_alloc.c | 1 -
1 file changed, 1 deletion(-)
diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c
--- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset
+++ a/mm/page_alloc.c
@@ -4169,7 +4169,6 @@ retry:
* orientated.
*/
if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) {
- ac->zonelist = node_zonelist(numa_node_id(), gfp_mask);
ac->preferred_zoneref = first_zones_zonelist(ac->zonelist,
ac->high_zoneidx, ac->nodemask);
}
_
Patches currently in -mm which might be from vbabka(a)suse.cz are
Commit 17c2895 ("arm64: Abstract syscallno manipulation") abstracts
out the pt_regs.syscallno value for a syscall cancelled by a tracer
as NO_SYSCALL, and provides helpers to set and check for this
condition. However, the way this was implemented has the
unintended side-effect of disabling part of the syscall restart
logic.
This comes about because the second in_syscall() check in
do_signal() re-evaluates the "in a syscall" condition based on the
updated pt_regs instead of the original pt_regs. forget_syscall()
is explicitly called prior to the second check in order to prevent
restart logic in the ret_to_user path being spuriously triggered,
which means that the second in_syscall() check always yields false.
This triggers a failure in
tools/testing/selftests/seccomp/seccomp_bpf.c, when using ptrace to
suppress a signal that interrups a nanosleep() syscall.
Misbehaviour of this type is only expected in the case where a
tracer suppresses a signal and the target process is either being
single-stepped or the interrupted syscall attempts to restart via
-ERESTARTBLOCK.
This patch restores the old behaviour by performing the
in_syscall() check only once at the start of the function.
Fixes: 17c289586009 ("arm64: Abstract syscallno manipulation")
Signed-off-by: Dave Martin <Dave.Martin(a)arm.com>
Reported-by: Sumit Semwal <sumit.semwal(a)linaro.org>
Cc: Will Deacon <will.deacon(a)arm.com>
Cc: Catalin Marinas <catalin.marinas(a)arm.com>
Cc: <stable(a)vger.kernel.org> # 4.14.x-
---
arch/arm64/kernel/signal.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c
index 154b7d3..f212090 100644
--- a/arch/arm64/kernel/signal.c
+++ b/arch/arm64/kernel/signal.c
@@ -830,11 +830,12 @@ static void do_signal(struct pt_regs *regs)
unsigned long continue_addr = 0, restart_addr = 0;
int retval = 0;
struct ksignal ksig;
+ bool syscall = in_syscall(regs);
/*
* If we were from a system call, check for system call restarting...
*/
- if (in_syscall(regs)) {
+ if (syscall) {
continue_addr = regs->pc;
restart_addr = continue_addr - (compat_thumb_mode(regs) ? 2 : 4);
retval = regs->regs[0];
@@ -886,7 +887,7 @@ static void do_signal(struct pt_regs *regs)
* Handle restarting a different system call. As above, if a debugger
* has chosen to restart at a different PC, ignore the restart.
*/
- if (in_syscall(regs) && regs->pc == restart_addr) {
+ if (syscall && regs->pc == restart_addr) {
if (retval == -ERESTART_RESTARTBLOCK)
setup_restart_syscall(regs);
user_rewind_single_step(current);
--
2.1.4
This patch series includes some improvement to Machine check handler
for pseries. Patch 1 fixes an issue where machine check handler crashes
kernel while accessing vmalloc-ed buffer while in nmi context.
Patch 2 fixes endain bug while restoring of r3 in MCE handler.
Patch 4 dumps the SLB contents on SLB MCE errors to improve the debugability.
Patch 5 display's the MCE error details on console.
CHange in V3:
- Moved patch 5 to patch 2
Change in V2:
- patch 3: Display additional info (NIP and task info) in MCE error details.
- patch 5: Fix endain bug while restoring of r3 in MCE handler.
---
Mahesh Salgaonkar (5):
powerpc/pseries: convert rtas_log_buf to linear allocation.
powerpc/pseries: Fix endainness while restoring of r3 in MCE handler.
powerpc/pseries: Define MCE error event section.
powerpc/pseries: Dump and flush SLB contents on SLB MCE errors.
powerpc/pseries: Display machine check error details.
arch/powerpc/include/asm/book3s/64/mmu-hash.h | 1
arch/powerpc/include/asm/rtas.h | 109 ++++++++++++++++++
arch/powerpc/kernel/rtasd.c | 2
arch/powerpc/mm/slb.c | 35 ++++++
arch/powerpc/platforms/pseries/ras.c | 155 +++++++++++++++++++++++++
5 files changed, 299 insertions(+), 3 deletions(-)
--
Signature
From: Arnd Bergmann <arnd(a)arndb.de>
commit 590347e4000356f55eb10b03ced2686bd74dab40 upstream.
gcc-6.3 and earlier show a new warning after a seemingly unrelated
change to the arm64 PAGE_KERNEL definition:
In file included from drivers/md/dm-bufio.c:14:0:
drivers/md/dm-bufio.c: In function 'alloc_buffer':
include/linux/sched/mm.h:182:56: warning: 'noio_flag' may be used uninitialized in this function [-Wmaybe-uninitialized]
current->flags = (current->flags & ~PF_MEMALLOC_NOIO) | flags;
^
The same warning happened earlier on linux-3.18 for MIPS and I did a
workaround for that, but now it's come back.
gcc-7 and newer are apparently smart enough to figure this out, and
other architectures don't show it, so the best I could come up with is
to rework the caller slightly in a way that makes it obvious enough to
all arm64 compilers what is happening here.
Fixes: 41acec624087 ("arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()")
Link: https://patchwork.kernel.org/patch/9692829/
Cc: stable(a)vger.kernel.org
Signed-off-by: Arnd Bergmann <arnd(a)arndb.de>
[snitzer: moved declarations inside conditional, altered vmalloc return]
Signed-off-by: Mike Snitzer <snitzer(a)redhat.com>
[nc: Backport to 4.9, adjust context for lack of 19809c2da28a]
Signed-off-by: Nathan Chancellor <natechancellor(a)gmail.com>
---
drivers/md/dm-bufio.c | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/drivers/md/dm-bufio.c b/drivers/md/dm-bufio.c
index 3ec647e8b9c6..35fd57fdeba9 100644
--- a/drivers/md/dm-bufio.c
+++ b/drivers/md/dm-bufio.c
@@ -373,9 +373,6 @@ static void __cache_size_refresh(void)
static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask,
enum data_mode *data_mode)
{
- unsigned noio_flag;
- void *ptr;
-
if (c->block_size <= DM_BUFIO_BLOCK_SIZE_SLAB_LIMIT) {
*data_mode = DATA_MODE_SLAB;
return kmem_cache_alloc(DM_BUFIO_CACHE(c), gfp_mask);
@@ -399,16 +396,16 @@ static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask,
* all allocations done by this process (including pagetables) are done
* as if GFP_NOIO was specified.
*/
+ if (gfp_mask & __GFP_NORETRY) {
+ unsigned noio_flag = memalloc_noio_save();
+ void *ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM,
+ PAGE_KERNEL);
- if (gfp_mask & __GFP_NORETRY)
- noio_flag = memalloc_noio_save();
-
- ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL);
-
- if (gfp_mask & __GFP_NORETRY)
memalloc_noio_restore(noio_flag);
+ return ptr;
+ }
- return ptr;
+ return __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL);
}
/*
--
2.17.1
From: Vlastimil Babka <vbabka(a)suse.cz>
Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for
allocations that can ignore memory policies. The zonelist is obtained
from current CPU's node. This is a problem for __GFP_THISNODE allocations
that want to allocate on a different node, e.g. because the allocating
thread has been migrated to a different CPU.
This has been observed to break SLAB in our 4.4-based kernel, because
there it relies on __GFP_THISNODE working as intended. If a slab page is
put on wrong node's list, then further list manipulations may corrupt the
list because page_to_nid() is used to determine which node's list_lock
should be locked and thus we may take a wrong lock and race.
Current SLAB implementation seems to be immune by luck thanks to commit
511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on
arbitrary node") but there may be others assuming that __GFP_THISNODE
works as promised.
We can fix it by simply removing the zonelist reset completely. There is
actually no reason to reset it, because memory policies and cpusets don't
affect the zonelist choice in the first place. This was different when
commit 183f6371aac2 ("mm: ignore mempolicies when using
ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their
own restricted zonelists.
We might consider this for 4.17 although I don't know if there's anything
currently broken.
SLAB is currently not affected, but in kernels older than 4.7 that
don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the
page allocated on arbitrary node") it is. That's at least 4.4 LTS.
Older ones I'll have to check.
So stable backports should be more important, but will have to be
reviewed carefully, as the code went through many changes. BTW I think
that also the ac->preferred_zoneref reset is currently useless if we
don't also reset ac->nodemask from a mempolicy to NULL first (which we
probably should for the OOM victims etc?), but I would leave that for a
separate patch.
Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz
Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz>
Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK")
Acked-by: Mel Gorman <mgorman(a)techsingularity.net>
Cc: Michal Hocko <mhocko(a)kernel.org>
Cc: David Rientjes <rientjes(a)google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/page_alloc.c | 1 -
1 file changed, 1 deletion(-)
diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c
--- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset
+++ a/mm/page_alloc.c
@@ -4169,7 +4169,6 @@ retry:
* orientated.
*/
if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) {
- ac->zonelist = node_zonelist(numa_node_id(), gfp_mask);
ac->preferred_zoneref = first_zones_zonelist(ac->zonelist,
ac->high_zoneidx, ac->nodemask);
}
_
From: Vlastimil Babka <vbabka(a)suse.cz>
Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for
allocations that can ignore memory policies. The zonelist is obtained
from current CPU's node. This is a problem for __GFP_THISNODE allocations
that want to allocate on a different node, e.g. because the allocating
thread has been migrated to a different CPU.
This has been observed to break SLAB in our 4.4-based kernel, because
there it relies on __GFP_THISNODE working as intended. If a slab page is
put on wrong node's list, then further list manipulations may corrupt the
list because page_to_nid() is used to determine which node's list_lock
should be locked and thus we may take a wrong lock and race.
Current SLAB implementation seems to be immune by luck thanks to commit
511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on
arbitrary node") but there may be others assuming that __GFP_THISNODE
works as promised.
We can fix it by simply removing the zonelist reset completely. There is
actually no reason to reset it, because memory policies and cpusets don't
affect the zonelist choice in the first place. This was different when
commit 183f6371aac2 ("mm: ignore mempolicies when using
ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their
own restricted zonelists.
We might consider this for 4.17 although I don't know if there's anything
currently broken.
SLAB is currently not affected, but in kernels older than 4.7 that
don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the
page allocated on arbitrary node") it is. That's at least 4.4 LTS.
Older ones I'll have to check.
So stable backports should be more important, but will have to be
reviewed carefully, as the code went through many changes. BTW I think
that also the ac->preferred_zoneref reset is currently useless if we
don't also reset ac->nodemask from a mempolicy to NULL first (which we
probably should for the OOM victims etc?), but I would leave that for a
separate patch.
Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz
Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz>
Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK")
Acked-by: Mel Gorman <mgorman(a)techsingularity.net>
Cc: Michal Hocko <mhocko(a)kernel.org>
Cc: David Rientjes <rientjes(a)google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com>
Cc: Vlastimil Babka <vbabka(a)suse.cz>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
mm/page_alloc.c | 1 -
1 file changed, 1 deletion(-)
diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c
--- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset
+++ a/mm/page_alloc.c
@@ -4169,7 +4169,6 @@ retry:
* orientated.
*/
if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) {
- ac->zonelist = node_zonelist(numa_node_id(), gfp_mask);
ac->preferred_zoneref = first_zones_zonelist(ac->zonelist,
ac->high_zoneidx, ac->nodemask);
}
_
Hi Greg,
Please apply 2ae89c7a82ea ("kconfig: Avoid format overflow warning from
GCC 8.1") to all active branches. I am rather tired of seeing these
warnings every time I need to compile. It will apply cleanly.
Thanks!
Nathan
Mark notes that gcc optimization passes have the potential to elide
necessary invocations of this instruction sequence, so include an
optimization barrier.
> I think that either way, we have a potential problem if the compiler
> generates a branch dependent on the result of validate_index_nospec().
>
> In that case, we could end up with codegen approximating:
>
> bool safe = false;
>
> if (idx < bound) {
> idx = array_index_nospec(idx, bound);
> safe = true;
> }
>
> // this branch can be mispredicted
> if (safe) {
> foo = array[idx];
> }
>
> ... and thus we lose the nospec protection.
I see GCC do this at -O0, but so far I haven't tricked it into doing
this at -O1 or above.
Regardless, I worry this is fragile -- GCC *can* generate code as per
the above, even if it's unlikely to.
Cc: <stable(a)vger.kernel.org>
Fixes: babdde2698d4 ("x86: Implement array_index_mask_nospec")
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Ingo Molnar <mingo(a)kernel.org>
Reported-by: Mark Rutland <mark.rutland(a)arm.com>
Signed-off-by: Dan Williams <dan.j.williams(a)intel.com>
---
arch/x86/include/asm/barrier.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/barrier.h b/arch/x86/include/asm/barrier.h
index 042b5e892ed1..41f7435c84a7 100644
--- a/arch/x86/include/asm/barrier.h
+++ b/arch/x86/include/asm/barrier.h
@@ -38,10 +38,11 @@ static inline unsigned long array_index_mask_nospec(unsigned long index,
{
unsigned long mask;
- asm ("cmp %1,%2; sbb %0,%0;"
+ asm volatile ("cmp %1,%2; sbb %0,%0;"
:"=r" (mask)
:"g"(size),"r" (index)
:"cc");
+ barrier();
return mask;
}
Chris Chiu (1):
tpm: self test failure should not cause suspend to fail
Enric Balletbo i Serra (1):
tpm: do not suspend/resume if power stays on
drivers/char/tpm/tpm-chip.c | 12 ++++++++++++
drivers/char/tpm/tpm-interface.c | 7 +++++++
drivers/char/tpm/tpm.h | 1 +
3 files changed, 20 insertions(+)
--
v3: use CONFIG_OF flag
v2: moved the check from tpm_of.c to tpm-chip.c as in v4.4 chip is
unreachable otherwise. I did compilation test now with BuildRoot
for power arch.
2.17.0
Hi,
please add the commit e2731e55884f2138a252b0a3d7b24d57e49c3c59 ("btrfs:
define SUPER_FLAG_METADUMP_V2") to the 4.14.x and 4.9.x stable trees.
The patch allows to mount an image dump of v2 format on < 4.15 kernels
that are still in use for the btrfs-progs testsuite. The image mount is
part of some tests that fail but otherwise are ok.
The patch can be cleanly applied on top of current 4.14 and 4.9
branches, fails on 4.4 and older but I'm interested namely in 4.14.
Thanks.
The X86_FEATURE_SSBD is an synthetic CPU feature - that is
it bit location has no relevance to the real CPUID 0x7.EBX[31]
bit position. For that we need the new CPU feature name.
Fixes: 52817587e706 ("x86/cpufeatures: Disentangle SSBD enumeration")
CC: Paolo Bonzini <pbonzini(a)redhat.com>
Cc: "Radim Krčmář" <rkrcmar(a)redhat.com>
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Ingo Molnar <mingo(a)redhat.com>
Cc: "H. Peter Anvin" <hpa(a)zytor.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com>
---
arch/x86/kvm/cpuid.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c
index ced851169730..598461e24be3 100644
--- a/arch/x86/kvm/cpuid.c
+++ b/arch/x86/kvm/cpuid.c
@@ -407,8 +407,8 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function,
/* cpuid 7.0.edx*/
const u32 kvm_cpuid_7_0_edx_x86_features =
- F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) | F(SSBD) |
- F(ARCH_CAPABILITIES);
+ F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) |
+ F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES);
/* all calls to cpuid_count() should be made on the same cpu */
get_cpu();
--
2.13.4
Some newer devices with a goodix touchscreen use GDIX1002 as ACPI HID
rather then GDIX1001. These devices work fine with the goodix driver
as is.
This commit adds the new "GDIX1002" ACPI HID to make the touchscreen
work on these devices.
Buglink: https://www.reddit.com/r/gpdwin/comments/8lwy8n/gpd_win_2_linux_touchscreen…
Cc: stable(a)vger.kernel.org
Signed-off-by: Hans de Goede <hdegoede(a)redhat.com>
---
drivers/input/touchscreen/goodix.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/input/touchscreen/goodix.c b/drivers/input/touchscreen/goodix.c
index 9736c83dd418..f2d9c2c41885 100644
--- a/drivers/input/touchscreen/goodix.c
+++ b/drivers/input/touchscreen/goodix.c
@@ -933,6 +933,7 @@ MODULE_DEVICE_TABLE(i2c, goodix_ts_id);
#ifdef CONFIG_ACPI
static const struct acpi_device_id goodix_acpi_match[] = {
{ "GDIX1001", 0 },
+ { "GDIX1002", 0 },
{ }
};
MODULE_DEVICE_TABLE(acpi, goodix_acpi_match);
--
2.17.1
Chris Chiu (1):
tpm: self test failure should not cause suspend to fail
Enric Balletbo i Serra (1):
tpm: do not suspend/resume if power stays on
drivers/char/tpm/tpm-chip.c | 12 ++++++++++++
drivers/char/tpm/tpm-interface.c | 7 +++++++
drivers/char/tpm/tpm.h | 1 +
3 files changed, 20 insertions(+)
--
v3: use CONFIG_OF flag
v2: moved the check from tpm_of.c to tpm-chip.c as in v4.4 chip is
unreachable otherwise. I did compilation test now with BuildRoot
for power arch.
2.17.0
From: Arnaldo Carvalho de Melo <acme(a)redhat.com>
Hi Ingo,
Please consider pulling,
- Arnaldo
Test results at the end of this message, as usual.
The following changes since commit 7869e5889477e4e32e4024d665431b35e8b7b693:
Merge remote-tracking branch 'tip/perf/urgent' into perf/core (2018-06-04 10:28:20 -0300)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux.git tags/perf-core-for-mingo-4.18-20180605
for you to fetch changes up to 03ac4e71cd120d2c3411d106d00d266114575f74:
perf intel-pt: Fix "Unexpected indirect branch" error (2018-06-05 12:28:52 -0300)
----------------------------------------------------------------
perf/core improvements and fixes:
perf stat:
. Display user and system time for workload targets (Jiri Olsa)
perf record:
. Enable arbitrary event names thru name= modifier (Alexey Budankov)
PowerPC:
. Add a python script for hypervisor call statistics (Ravi Bangoria)
Intel PT: (Adrian Hunter)
. Fix sync_switch INTEL_PT_SS_NOT_TRACING
. Fix decoding to accept CBR between FUP and corresponding TIP
. Fix MTC timing after overflow
. Fix "Unexpected indirect branch" error
perf test:
. record+probe_libc_inet_pton:
. To get the symbol table for dynamic
shared objects on ubuntu we need to pass the -D/--dynamic command line
option, unlike with the fedora distros (Arnaldo Carvalho de Melo)
. code-reading:
. Fix perf_env setup for PTI entry trampolines (Adrian Hunter)
. kmod-path:
. Add tests for vdso32 and vdsox32 (Adrian Hunter)
. Use header file util/debug.h (Thomas Richter)
perf annotate:
. Make the various UI backends (stdio, TUI, gtk) use more consistently
structs with annotation options as specified by the user (Arnaldo Carvalho de Melo)
. Move annotation specific knobs from the symbol_conf global kitchen
sink to the annotation option structs (Arnaldo Carvalho de Melo)
Core:
. Fix misleading error for some unparsable events mentioning PMUs when
those are not involved in the problem (Jiri Olsa)
- Fix symbol and object code resolution for vdso32 and vdsox32 (Adrian Hunter)
. No need to check for null when passing pointers to foo__get() style
refcount grabbing helpers, just like in the kernel and with free(),
its safe to pass a NULL pointer to avoid having to check it before
each and every foo__get() call (Arnaldo Carvalho de Melo)
. Remove some dead code (quote.[ch]) (Arnaldo Carvalho de Melo)
. Remove some needless globals, making them local (Arnaldo Carvalho de Melo)
. Reduce usage of symbol_conf.use_callchain, using other means of
finding out if callchains are in use or available for specific events,
as we evolved this codebase to allow requesting callchains for just
a subset of the monitored events. In time it will help polish
recording and showing mixed sets accross the various tools:
perf record -e cycles/call-graph=fp/,cache-misses/call-graph=dwarf/,instructions
(Arnaldo Carvalho de Melo)
. Consider PTI entry trampolines in map__rip_2objdump() (Adrian Hunter)
Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com>
----------------------------------------------------------------
Adrian Hunter (8):
perf tests kmod-path: Add tests for vdso32 and vdsox32
perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
perf test code-reading: Fix perf_env setup for PTI entry trampolines
perf map: Consider PTI entry trampolines in rip_2objdump()
perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
perf intel-pt: Fix MTC timing after overflow
perf intel-pt: Fix "Unexpected indirect branch" error
Alexey Budankov (1):
perf record: Enable arbitrary event names thru name= modifier
Arnaldo Carvalho de Melo (33):
perf tools: Remove dead quote.[ch] code
perf probe: Use return of map__get() to make code more compact
perf cgroup: Make evlist__find_cgroup() more compact
perf tools: No need to check if the argument to __get() function is NULL
perf annotate: Pass perf_evsel instead of just evsel->idx
perf annotate: __symbol__acount_cycles doesn't need notes
perf annotate: Split allocation of annotated_source struct
perf annotate: Introduce constructor/destructor for annotated_source
perf annotate: Introduce annotated_source__alloc_histograms
perf annotate: __symbol__inc_addr_samples() needs just annotated_source
perf annotate: Introduce symbol__hists()
perf annotate: Introduce symbol__cycle_hists()
perf annotate: Stop using symbol_conf.nr_events global in symbol__hists()
perf annotate: Replace symbol__alloc_hists() with symbol__hists()
perf tools: Ditch the symbol_conf.nr_events global
perf annotate: Add comment about annotated_src->nr_histograms
perf annotate stdio: Use annotation_options consistently
perf srcline: Introduce map__srcline() to make code more compact
perf sort: Introduce addr_map_symbol__srcline() to make code more compact
perf srcline: Make hist_entry srcline helper consistent with map's
perf annotate: Pass annotation_options to symbol__annotate()
perf annotate: Adopt anotation options from symbol_conf
perf annotate: Move disassembler_style global to annotation_options
perf hists browser: Pass annotation_options from tool to browser
perf annotate: Move objdump_path to struct annotation_options
perf report: No need to have report_callchain_help as a global
perf evsel: Add has_callchain() helper to make code more compact/clear
perf script: Check if evsel has callchains before trying to use it
perf sched: Use sched->show_callchain where appropriate
perf hists: Do not allocate space for callchains for evsels without them
perf hists: Introduce hist_entry__has_callchain() method
perf hists: Check if a hist_entry has callchains before using them
perf test record+probe_libc_inet_pton: Ask 'nm' for dynamic symbols
Jiri Olsa (2):
perf stat: Display user and system time
perf tools: Fix pmu events parsing rule
Ravi Bangoria (1):
perf script powerpc: Python script for hypervisor call statistics
Thomas Richter (1):
perf test: Use header file util/debug.h
tools/perf/Documentation/perf-list.txt | 6 +-
tools/perf/Documentation/perf-record.txt | 3 +
tools/perf/Documentation/perf-stat.txt | 40 +++--
tools/perf/arch/common.c | 4 +-
tools/perf/arch/common.h | 4 +-
tools/perf/builtin-annotate.c | 36 ++--
tools/perf/builtin-c2c.c | 2 +-
tools/perf/builtin-kvm.c | 2 -
tools/perf/builtin-probe.c | 3 +-
tools/perf/builtin-report.c | 39 ++--
tools/perf/builtin-sched.c | 14 +-
tools/perf/builtin-script.c | 12 +-
tools/perf/builtin-stat.c | 28 ++-
tools/perf/builtin-top.c | 48 +++--
tools/perf/builtin-trace.c | 2 +-
tools/perf/perf.c | 1 -
.../perf/scripts/python/bin/powerpc-hcalls-record | 2 +
.../perf/scripts/python/bin/powerpc-hcalls-report | 2 +
tools/perf/scripts/python/powerpc-hcalls.py | 200 +++++++++++++++++++++
tools/perf/tests/code-reading.c | 1 +
tools/perf/tests/kmod-path.c | 16 ++
tools/perf/tests/parse-events.c | 4 +-
tools/perf/tests/python-use.c | 3 +-
.../tests/shell/record+probe_libc_inet_pton.sh | 2 +-
tools/perf/ui/browsers/annotate.c | 21 ++-
tools/perf/ui/browsers/hists.c | 43 +++--
tools/perf/ui/browsers/hists.h | 3 +
tools/perf/ui/gtk/annotate.c | 2 +-
tools/perf/ui/gtk/hists.c | 5 +-
tools/perf/ui/hist.c | 2 +-
tools/perf/ui/stdio/hist.c | 4 +-
tools/perf/util/Build | 1 -
tools/perf/util/annotate.c | 160 ++++++++++-------
tools/perf/util/annotate.h | 53 ++++--
tools/perf/util/cgroup.c | 9 +-
tools/perf/util/dso.c | 2 +
tools/perf/util/evsel.c | 4 +-
tools/perf/util/evsel.h | 5 +
tools/perf/util/header.c | 24 ++-
tools/perf/util/hist.c | 23 ++-
tools/perf/util/hist.h | 26 ++-
.../perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 ++-
.../perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 +
tools/perf/util/intel-pt.c | 5 +
tools/perf/util/map.c | 26 ++-
tools/perf/util/map.h | 1 +
tools/perf/util/parse-events.l | 18 +-
tools/perf/util/parse-events.y | 14 +-
tools/perf/util/probe-event.c | 3 +-
tools/perf/util/quote.c | 62 -------
tools/perf/util/quote.h | 31 ----
tools/perf/util/session.c | 2 +-
tools/perf/util/sort.c | 81 +++------
tools/perf/util/sort.h | 7 +-
tools/perf/util/symbol.c | 1 -
tools/perf/util/symbol.h | 3 -
tools/perf/util/top.h | 3 +-
57 files changed, 731 insertions(+), 419 deletions(-)
create mode 100644 tools/perf/scripts/python/bin/powerpc-hcalls-record
create mode 100644 tools/perf/scripts/python/bin/powerpc-hcalls-report
create mode 100644 tools/perf/scripts/python/powerpc-hcalls.py
delete mode 100644 tools/perf/util/quote.c
delete mode 100644 tools/perf/util/quote.h
Test results:
The first ones are container (docker) based builds of tools/perf with
and without libelf support. Where clang is available, it is also used
to build perf with/without libelf, and building with LIBCLANGLLVM=1
(built-in clang) with gcc and clang when clang and its devel libraries
are installed.
The objtool and samples/bpf/ builds are disabled now that I'm switching from
using the sources in a local volume to fetching them from a http server to
build it inside the container, to make it easier to build in a container cluster.
Those will come back later.
Several are cross builds, the ones with -x-ARCH and the android one, and those
may not have all the features built, due to lack of multi-arch devel packages,
available and being used so far on just a few, like
debian:experimental-x-{arm64,mipsel}.
The 'perf test' one will perform a variety of tests exercising
tools/perf/util/, tools/lib/{bpf,traceevent,etc}, as well as run perf commands
with a variety of command line event specifications to then intercept the
sys_perf_event syscall to check that the perf_event_attr fields are set up as
expected, among a variety of other unit tests.
Then there is the 'make -C tools/perf build-test' ones, that build tools/perf/
with a variety of feature sets, exercising the build with an incomplete set of
features as well as with a complete one. It is planned to have it run on each
of the containers mentioned above, using some container orchestration
infrastructure. Get in contact if interested in helping having this in place.
# dm
1 alpine:3.4 : Ok gcc (Alpine 5.3.0) 5.3.0
2 alpine:3.5 : Ok gcc (Alpine 6.2.1) 6.2.1 20160822
3 alpine:3.6 : Ok gcc (Alpine 6.3.0) 6.3.0
4 alpine:3.7 : Ok gcc (Alpine 6.4.0) 6.4.0
5 alpine:edge : Ok gcc (Alpine 6.4.0) 6.4.0
6 amazonlinux:1 : Ok gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-28)
7 amazonlinux:2 : Ok gcc (GCC) 7.3.1 20180303 (Red Hat 7.3.1-5)
8 android-ndk:r12b-arm : Ok arm-linux-androideabi-gcc (GCC) 4.9.x 20150123 (prerelease)
9 android-ndk:r15c-arm : Ok arm-linux-androideabi-gcc (GCC) 4.9.x 20150123 (prerelease)
10 centos:5 : Ok gcc (GCC) 4.1.2 20080704 (Red Hat 4.1.2-55)
11 centos:6 : Ok gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-18)
12 centos:7 : Ok gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-28)
13 debian:7 : Ok gcc (Debian 4.7.2-5) 4.7.2
14 debian:8 : Ok gcc (Debian 4.9.2-10+deb8u1) 4.9.2
15 debian:9 : Ok gcc (Debian 6.3.0-18+deb9u1) 6.3.0 20170516
16 debian:experimental : Ok gcc (Debian 7.3.0-19) 7.3.0
17 debian:experimental-x-arm64 : Ok aarch64-linux-gnu-gcc (Debian 7.3.0-19) 7.3.0
18 debian:experimental-x-mips : Ok mips-linux-gnu-gcc (Debian 7.3.0-19) 7.3.0
19 debian:experimental-x-mips64 : Ok mips64-linux-gnuabi64-gcc (Debian 7.3.0-18) 7.3.0
20 debian:experimental-x-mipsel : Ok mipsel-linux-gnu-gcc (Debian 7.3.0-19) 7.3.0
21 fedora:20 : Ok gcc (GCC) 4.8.3 20140911 (Red Hat 4.8.3-7)
22 fedora:21 : Ok gcc (GCC) 4.9.2 20150212 (Red Hat 4.9.2-6)
23 fedora:22 : Ok gcc (GCC) 5.3.1 20160406 (Red Hat 5.3.1-6)
24 fedora:23 : Ok gcc (GCC) 5.3.1 20160406 (Red Hat 5.3.1-6)
25 fedora:24 : Ok gcc (GCC) 6.3.1 20161221 (Red Hat 6.3.1-1)
26 fedora:24-x-ARC-uClibc : Ok arc-linux-gcc (ARCompact ISA Linux uClibc toolchain 2017.09-rc2) 7.1.1 20170710
27 fedora:25 : Ok gcc (GCC) 6.4.1 20170727 (Red Hat 6.4.1-1)
28 fedora:26 : Ok gcc (GCC) 7.3.1 20180130 (Red Hat 7.3.1-2)
29 fedora:27 : Ok gcc (GCC) 7.3.1 20180303 (Red Hat 7.3.1-5)
30 fedora:28 : Ok gcc (GCC) 8.1.1 20180502 (Red Hat 8.1.1-1)
31 fedora:rawhide : Ok gcc (GCC) 8.0.1 20180324 (Red Hat 8.0.1-0.20)
32 gentoo-stage3-amd64:latest : Ok gcc (Gentoo 6.4.0-r1 p1.3) 6.4.0
33 mageia:5 : Ok gcc (GCC) 4.9.2
34 mageia:6 : Ok gcc (Mageia 5.5.0-1.mga6) 5.5.0
35 opensuse:42.1 : Ok gcc (SUSE Linux) 4.8.5
36 opensuse:42.2 : Ok gcc (SUSE Linux) 4.8.5
37 opensuse:42.3 : Ok gcc (SUSE Linux) 4.8.5
38 opensuse:tumbleweed : Ok gcc (SUSE Linux) 7.3.1 20180323 [gcc-7-branch revision 258812]
39 oraclelinux:6 : Ok gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-18.0.7)
40 oraclelinux:7 : Ok gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-28.0.1)
41 ubuntu:12.04.5 : Ok gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3
42 ubuntu:14.04.4 : Ok gcc (Ubuntu 4.8.4-2ubuntu1~14.04.3) 4.8.4
43 ubuntu:14.04.4-x-linaro-arm64 : Ok aarch64-linux-gnu-gcc (Linaro GCC 5.5-2017.10) 5.5.0
44 ubuntu:16.04 : Ok gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
45 ubuntu:16.04-x-arm : Ok arm-linux-gnueabihf-gcc (Ubuntu/Linaro 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
46 ubuntu:16.04-x-arm64 : Ok aarch64-linux-gnu-gcc (Ubuntu/Linaro 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
47 ubuntu:16.04-x-powerpc : Ok powerpc-linux-gnu-gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
48 ubuntu:16.04-x-powerpc64 : Ok powerpc64-linux-gnu-gcc (Ubuntu/IBM 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
49 ubuntu:16.04-x-powerpc64el : Ok powerpc64le-linux-gnu-gcc (Ubuntu/IBM 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
50 ubuntu:16.04-x-s390 : Ok s390x-linux-gnu-gcc (Ubuntu 5.4.0-6ubuntu1~16.04.9) 5.4.0 20160609
51 ubuntu:16.10 : Ok gcc (Ubuntu 6.2.0-5ubuntu12) 6.2.0 20161005
52 ubuntu:17.04 : Ok gcc (Ubuntu 6.3.0-12ubuntu2) 6.3.0 20170406
53 ubuntu:17.10 : Ok gcc (Ubuntu 7.2.0-8ubuntu3.2) 7.2.0
54 ubuntu:18.04 : Ok gcc (Ubuntu 7.3.0-16ubuntu3) 7.3.0
#
# perf version
perf version 4.17.rc7.g03ac4e
# git log -1 --oneline
03ac4e71cd12 (HEAD -> perf/core, seventh/perf/core) perf intel-pt: Fix "Unexpected indirect branch" error
# uname -a
Linux jouet 4.17.0-rc5 #21 SMP Mon May 14 15:35:35 -03 2018 x86_64 x86_64 x86_64 GNU/Linux
# perf test
1: vmlinux symtab matches kallsyms : Ok
2: Detect openat syscall event : Ok
3: Detect openat syscall event on all cpus : Ok
4: Read samples using the mmap interface : Ok
5: Test data source output : Ok
6: Parse event definition strings : Ok
7: Simple expression parser : Ok
8: PERF_RECORD_* events & perf_sample fields : Ok
9: Parse perf pmu format : Ok
10: DSO data read : Ok
11: DSO data cache : Ok
12: DSO data reopen : Ok
13: Roundtrip evsel->name : Ok
14: Parse sched tracepoints fields : Ok
15: syscalls:sys_enter_openat event fields : Ok
16: Setup struct perf_event_attr : Ok
17: Match and link multiple hists : Ok
18: 'import perf' in python : Ok
19: Breakpoint overflow signal handler : Ok
20: Breakpoint overflow sampling : Ok
21: Breakpoint accounting : Ok
22: Number of exit events of a simple workload : Ok
23: Software clock events period values : Ok
24: Object code reading : Ok
25: Sample parsing : Ok
26: Use a dummy software event to keep tracking : Ok
27: Parse with no sample_id_all bit set : Ok
28: Filter hist entries : Ok
29: Lookup mmap thread : Ok
30: Share thread mg : Ok
31: Sort output of hist entries : Ok
32: Cumulate child hist entries : Ok
33: Track with sched_switch : Ok
34: Filter fds with revents mask in a fdarray : Ok
35: Add fd to a fdarray, making it autogrow : Ok
36: kmod_path__parse : Ok
37: Thread map : Ok
38: LLVM search and compile :
38.1: Basic BPF llvm compile : Ok
38.2: kbuild searching : Ok
38.3: Compile source for BPF prologue generation : Ok
38.4: Compile source for BPF relocation : Ok
39: Session topology : Ok
40: BPF filter :
40.1: Basic BPF filtering : Ok
40.2: BPF pinning : Ok
40.3: BPF prologue generation : Ok
40.4: BPF relocation checker : Ok
41: Synthesize thread map : Ok
42: Remove thread map : Ok
43: Synthesize cpu map : Ok
44: Synthesize stat config : Ok
45: Synthesize stat : Ok
46: Synthesize stat round : Ok
47: Synthesize attr update : Ok
48: Event times : Ok
49: Read backward ring buffer : Ok
50: Print cpu map : Ok
51: Probe SDT events : Ok
52: is_printable_array : Ok
53: Print bitmap : Ok
54: perf hooks : Ok
55: builtin clang support : Skip (not compiled in)
56: unit_number__scnprintf : Ok
57: mem2node : Ok
58: x86 rdpmc : Ok
59: Convert perf time to TSC : Ok
60: DWARF unwind : Ok
61: x86 instruction decoder - new instructions : Ok
62: Use vfs_getname probe to get syscall args filenames : Ok
63: Check open filename arg using perf trace + vfs_getname: Ok
64: probe libc's inet_pton & backtrace it with ping : Ok
65: Add vfs_getname probe to get syscall args filenames : Ok
#
$ make -C tools/perf build-test
make: Entering directory '/home/acme/git/perf/tools/perf'
- tarpkg: ./tests/perf-targz-src-pkg .
make_minimal_O: make NO_LIBPERL=1 NO_LIBPYTHON=1 NO_NEWT=1 NO_GTK2=1 NO_DEMANGLE=1 NO_LIBELF=1 NO_LIBUNWIND=1 NO_BACKTRACE=1 NO_LIBNUMA=1 NO_LIBAUDIT=1 NO_LIBBIONIC=1 NO_LIBDW_DWARF_UNWIND=1 NO_AUXTRACE=1 NO_LIBBPF=1 NO_LIBCRYPTO=1 NO_SDT=1 NO_JVMTI=1
make_no_ui_O: make NO_NEWT=1 NO_SLANG=1 NO_GTK2=1
make_no_scripts_O: make NO_LIBPYTHON=1 NO_LIBPERL=1
make_no_libnuma_O: make NO_LIBNUMA=1
make_help_O: make help
make_pure_O: make
make_no_auxtrace_O: make NO_AUXTRACE=1
make_debug_O: make DEBUG=1
make_clean_all_O: make clean all
make_util_map_o_O: make util/map.o
make_no_libelf_O: make NO_LIBELF=1
make_no_libperl_O: make NO_LIBPERL=1
make_no_newt_O: make NO_NEWT=1
make_tags_O: make tags
make_no_libbionic_O: make NO_LIBBIONIC=1
make_install_prefix_O: make install prefix=/tmp/krava
make_no_libpython_O: make NO_LIBPYTHON=1
make_with_babeltrace_O: make LIBBABELTRACE=1
make_install_prefix_slash_O: make install prefix=/tmp/krava/
make_util_pmu_bison_o_O: make util/pmu-bison.o
make_doc_O: make doc
make_no_libaudit_O: make NO_LIBAUDIT=1
make_perf_o_O: make perf.o
make_install_O: make install
make_static_O: make LDFLAGS=-static
make_no_libunwind_O: make NO_LIBUNWIND=1
make_no_demangle_O: make NO_DEMANGLE=1
make_with_clangllvm_O: make LIBCLANGLLVM=1
make_install_bin_O: make install-bin
make_no_slang_O: make NO_SLANG=1
make_no_libdw_dwarf_unwind_O: make NO_LIBDW_DWARF_UNWIND=1
make_no_gtk2_O: make NO_GTK2=1
make_no_libbpf_O: make NO_LIBBPF=1
make_no_backtrace_O: make NO_BACKTRACE=1
OK
make: Leaving directory '/home/acme/git/perf/tools/perf'
$
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi Greg,
Pleae pull commits for Linux 4.4 .
I've sent a review request for all commits over a week ago and all
comments were addressed.
Thanks,
Sasha
=====
The following changes since commit 50eb02ed89920f753202d703541bebbd9d8c3dd8:
Linux 4.4.135 (2018-05-30 22:11:35 +0200)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-05062018
for you to fetch changes up to e7c56bba4428180a4aba6975ba6517e8efabe3ba:
mm: fix the NULL mapping case in __isolate_lru_page() (2018-06-05 16:43:17 -0400)
- ----------------------------------------------------------------
for-greg-4.4-05062018
- ----------------------------------------------------------------
Al Viro (1):
fix io_destroy()/aio_complete() race
Eric Dumazet (1):
xfrm6: avoid potential infinite loop in _decode_session6()
Finn Thain (1):
net/sonic: Use dma_mapping_error()
Hugh Dickins (1):
mm: fix the NULL mapping case in __isolate_lru_page()
Ivan Bornyakov (1):
atm: zatm: fix memcmp casting
Josh Hill (1):
net: qmi_wwan: Add Netgear Aircard 779S
Julian Anastasov (1):
ipvs: fix buffer overflow with sync daemon and service
Martin Kelly (1):
iio:kfifo_buf: check for uint overflow
Paolo Abeni (1):
netfilter: ebtables: handle string from userspace with care
drivers/atm/zatm.c | 4 ++--
drivers/iio/buffer/kfifo_buf.c | 7 +++++++
drivers/net/ethernet/natsemi/sonic.c | 2 +-
drivers/net/usb/qmi_wwan.c | 1 +
fs/aio.c | 3 +--
mm/vmscan.c | 2 +-
net/bridge/netfilter/ebtables.c | 3 ++-
net/ipv6/xfrm6_policy.c | 2 +-
net/netfilter/ipvs/ip_vs_ctl.c | 21 +++++++++++++++------
9 files changed, 31 insertions(+), 14 deletions(-)
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsYhVkACgkQ3qZv95d3
LNwHKw/7BLOacz1x66DV2+Xv8YrfZ0+6vGBSYJDPyaUHZU0ZwND1SVGcrz3QrnS6
G4FVoaGAOiZ78JekhQJ9EBnwulwIpbDf5qtTIAFp1/i441ah4kM+XA5McwMZQdSl
dJnoV90pHiXz8r2Vhjx0CZeTUawXayUv6Od4/FIor8kSj63vUGEj0QHoXRX+DPZX
DkJgYYNa5PswwCYewwU4cjFqLZI40sMZXjMiD0afUhP5id961DNbMU6uZJtCR+qI
uNRXV7ZBU+BkRqv/jF5yeGxXu2DIim9qWZ9XCL5ybYtoeJEmpwFCMoQFxF9NGBV4
cL/M+PRwVufY+yL3baXWDUPOYOd+wP+PZCKSlzFYFbBKOh3ykzXvvWh7GIpMZXTD
O8V2bNMHobjWvfYvbqpXeRY00Xtf1EELy27Nol0TprZ4K7iyLqbSX8IwsXjAd36A
blrCXnNuayYcd7EOQb7uYhVz4q/JsKeBB/K80Ja9CKxAgHxPTa6RmBR7xL7O71ND
GoQLFIgKGc1iwOfjoGjibL7nSANlZeaS+rGfFi6hGwI/av3nlbaUrWuaHWZzFkOl
SRg+6CEEJ99AG9pu/kTOMzTVy+do8sxCopIFDENoISFPHjn1tg/YGqIqycjXYqPL
FFv/JPnLj1xrXXs4nAMd+Xxow/dcM0wySgc8gc/l42TqrC2w0Do=
=81a/
-----END PGP SIGNATURE-----
From: Alexander Usyskin <alexander.usyskin(a)intel.com>
This fixes regression introduced by
commit 8d52af6795c0 ("mei: speed up the power down flow")
In power down or suspend flow a message can still be received
from the FW because the clients fake disconnection.
In normal case we interpret messages w/o destination as corrupted
and link reset is performed in order to clean the channel,
but during power down link reset is already in progress resulting
in endless loop. To resolve the issue under power down flow we
discard messages silently.
Cc: <stable(a)vger.kernel.org> 4.16+
Fixes: 8d52af6795c0 ("mei: speed up the power down flow")
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199541
Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com>
Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com>
---
drivers/misc/mei/interrupt.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/mei/interrupt.c b/drivers/misc/mei/interrupt.c
index b0b8f18a85e3..6649f0d56d2f 100644
--- a/drivers/misc/mei/interrupt.c
+++ b/drivers/misc/mei/interrupt.c
@@ -310,8 +310,11 @@ int mei_irq_read_handler(struct mei_device *dev,
if (&cl->link == &dev->file_list) {
/* A message for not connected fixed address clients
* should be silently discarded
+ * On power down client may be force cleaned,
+ * silently discard such messages
*/
- if (hdr_is_fixed(mei_hdr)) {
+ if (hdr_is_fixed(mei_hdr) ||
+ dev->dev_state == MEI_DEV_POWER_DOWN) {
mei_irq_discard_msg(dev, mei_hdr);
ret = 0;
goto reset_slots;
--
2.14.4
We used to have pre-set CONFIG_INITRAMFS_SOURCE with local path
to intramfs in ARC defconfigs. This was quite convenient for
in-house development but not that convenient for newcomers
who obviusly don't have folders like "arc_initramfs" next to
the Linux source tree. Which leads to quite surprising failure
of defconfig building:
------------------------------->8-----------------------------
../scripts/gen_initramfs_list.sh: Cannot open '../../arc_initramfs_hs/'
../usr/Makefile:57: recipe for target 'usr/initramfs_data.cpio.gz' failed
make[2]: *** [usr/initramfs_data.cpio.gz] Error 1
------------------------------->8-----------------------------
So now when more and more people start to deal with our defconfigs
let's make their life easier with removal of CONFIG_INITRAMFS_SOURCE.
Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com>
Cc: Kevin Hilman <khilman(a)baylibre.com>
Cc: stable(a)vger.kernel.org
Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com>
---
arch/arc/configs/axs101_defconfig | 1 -
arch/arc/configs/axs103_defconfig | 1 -
arch/arc/configs/axs103_smp_defconfig | 1 -
arch/arc/configs/haps_hs_defconfig | 1 -
arch/arc/configs/haps_hs_smp_defconfig | 1 -
arch/arc/configs/hsdk_defconfig | 1 -
arch/arc/configs/nsim_700_defconfig | 1 -
arch/arc/configs/nsim_hs_defconfig | 1 -
arch/arc/configs/nsim_hs_smp_defconfig | 1 -
arch/arc/configs/nsimosci_defconfig | 1 -
arch/arc/configs/nsimosci_hs_defconfig | 1 -
arch/arc/configs/nsimosci_hs_smp_defconfig | 1 -
12 files changed, 12 deletions(-)
diff --git a/arch/arc/configs/axs101_defconfig b/arch/arc/configs/axs101_defconfig
index 09f85154c5a4..a635ea972304 100644
--- a/arch/arc/configs/axs101_defconfig
+++ b/arch/arc/configs/axs101_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../arc_initramfs/"
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set
diff --git a/arch/arc/configs/axs103_defconfig b/arch/arc/configs/axs103_defconfig
index 09fed3ef22b6..aa507e423075 100644
--- a/arch/arc/configs/axs103_defconfig
+++ b/arch/arc/configs/axs103_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set
diff --git a/arch/arc/configs/axs103_smp_defconfig b/arch/arc/configs/axs103_smp_defconfig
index ea2f6d817d1a..eba07f468654 100644
--- a/arch/arc/configs/axs103_smp_defconfig
+++ b/arch/arc/configs/axs103_smp_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set
diff --git a/arch/arc/configs/haps_hs_defconfig b/arch/arc/configs/haps_hs_defconfig
index ab231c040efe..098b19fbaa51 100644
--- a/arch/arc/configs/haps_hs_defconfig
+++ b/arch/arc/configs/haps_hs_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EXPERT=y
CONFIG_PERF_EVENTS=y
# CONFIG_COMPAT_BRK is not set
diff --git a/arch/arc/configs/haps_hs_smp_defconfig b/arch/arc/configs/haps_hs_smp_defconfig
index cf449cbf440d..0104c404d897 100644
--- a/arch/arc/configs/haps_hs_smp_defconfig
+++ b/arch/arc/configs/haps_hs_smp_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set
diff --git a/arch/arc/configs/hsdk_defconfig b/arch/arc/configs/hsdk_defconfig
index 1b54c72f4296..6491be0ddbc9 100644
--- a/arch/arc/configs/hsdk_defconfig
+++ b/arch/arc/configs/hsdk_defconfig
@@ -9,7 +9,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
# CONFIG_VM_EVENT_COUNTERS is not set
diff --git a/arch/arc/configs/nsim_700_defconfig b/arch/arc/configs/nsim_700_defconfig
index 31c2c70b34a1..99e05cf63fca 100644
--- a/arch/arc/configs/nsim_700_defconfig
+++ b/arch/arc/configs/nsim_700_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../arc_initramfs/"
CONFIG_KALLSYMS_ALL=y
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
diff --git a/arch/arc/configs/nsim_hs_defconfig b/arch/arc/configs/nsim_hs_defconfig
index a578c721d50f..0dc4f9b737e7 100644
--- a/arch/arc/configs/nsim_hs_defconfig
+++ b/arch/arc/configs/nsim_hs_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../../arc_initramfs_hs/"
CONFIG_KALLSYMS_ALL=y
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
diff --git a/arch/arc/configs/nsim_hs_smp_defconfig b/arch/arc/configs/nsim_hs_smp_defconfig
index 37d7395f3272..be3c30a15e54 100644
--- a/arch/arc/configs/nsim_hs_smp_defconfig
+++ b/arch/arc/configs/nsim_hs_smp_defconfig
@@ -9,7 +9,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../arc_initramfs_hs/"
CONFIG_KALLSYMS_ALL=y
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
diff --git a/arch/arc/configs/nsimosci_defconfig b/arch/arc/configs/nsimosci_defconfig
index 1e1470e2a7f0..3a74b9b21772 100644
--- a/arch/arc/configs/nsimosci_defconfig
+++ b/arch/arc/configs/nsimosci_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../arc_initramfs/"
CONFIG_KALLSYMS_ALL=y
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
diff --git a/arch/arc/configs/nsimosci_hs_defconfig b/arch/arc/configs/nsimosci_hs_defconfig
index 084a6e42685b..ea2834b4dc1d 100644
--- a/arch/arc/configs/nsimosci_hs_defconfig
+++ b/arch/arc/configs/nsimosci_hs_defconfig
@@ -11,7 +11,6 @@ CONFIG_NAMESPACES=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../arc_initramfs_hs/"
CONFIG_KALLSYMS_ALL=y
CONFIG_EMBEDDED=y
CONFIG_PERF_EVENTS=y
diff --git a/arch/arc/configs/nsimosci_hs_smp_defconfig b/arch/arc/configs/nsimosci_hs_smp_defconfig
index f36d47990415..80a5a1b4924b 100644
--- a/arch/arc/configs/nsimosci_hs_smp_defconfig
+++ b/arch/arc/configs/nsimosci_hs_smp_defconfig
@@ -9,7 +9,6 @@ CONFIG_IKCONFIG_PROC=y
# CONFIG_UTS_NS is not set
# CONFIG_PID_NS is not set
CONFIG_BLK_DEV_INITRD=y
-CONFIG_INITRAMFS_SOURCE="../arc_initramfs_hs/"
CONFIG_PERF_EVENTS=y
# CONFIG_COMPAT_BRK is not set
CONFIG_KPROBES=y
--
2.16.2
From: Chintan Pandya <cpandya(a)codeaurora.org>
The following kernel panic was observed on ARM64 platform due to a stale
TLB entry.
1. ioremap with 4K size, a valid pte page table is set.
2. iounmap it, its pte entry is set to 0.
3. ioremap the same address with 2M size, update its pmd entry with
a new value.
4. CPU may hit an exception because the old pmd entry is still in TLB,
which leads to a kernel panic.
Commit b6bdb7517c3d ("mm/vmalloc: add interfaces to free unmapped page
table") has addressed this panic by falling to pte mappings in the above
case on ARM64.
To support pmd mappings in all cases, TLB purge needs to be performed
in this case on ARM64.
Add a new arg, 'addr', to pud_free_pmd_page() and pmd_free_pte_page()
so that TLB purge can be added later in seprate patches.
[toshi(a)hpe.com: merge changes, rewrite patch description]
Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces")
Signed-off-by: Chintan Pandya <cpandya(a)codeaurora.org>
Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com>
Cc: Andrew Morton <akpm(a)linux-foundation.org>
Cc: Michal Hocko <mhocko(a)suse.com>
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Ingo Molnar <mingo(a)redhat.com>
Cc: "H. Peter Anvin" <hpa(a)zytor.com>
Cc: Will Deacon <will.deacon(a)arm.com>
Cc: Joerg Roedel <joro(a)8bytes.org>
Cc: <stable(a)vger.kernel.org>
---
arch/arm64/mm/mmu.c | 4 ++--
arch/x86/mm/pgtable.c | 8 +++++---
include/asm-generic/pgtable.h | 8 ++++----
lib/ioremap.c | 4 ++--
4 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
index 493ff75..8ae5d7a 100644
--- a/arch/arm64/mm/mmu.c
+++ b/arch/arm64/mm/mmu.c
@@ -977,12 +977,12 @@ int pmd_clear_huge(pmd_t *pmdp)
return 1;
}
-int pud_free_pmd_page(pud_t *pud)
+int pud_free_pmd_page(pud_t *pud, unsigned long addr)
{
return pud_none(*pud);
}
-int pmd_free_pte_page(pmd_t *pmd)
+int pmd_free_pte_page(pmd_t *pmd, unsigned long addr)
{
return pmd_none(*pmd);
}
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
index ffc8c13..37e3cba 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
@@ -718,11 +718,12 @@ int pmd_clear_huge(pmd_t *pmd)
/**
* pud_free_pmd_page - Clear pud entry and free pmd page.
* @pud: Pointer to a PUD.
+ * @addr: Virtual address associated with pud.
*
* Context: The pud range has been unmaped and TLB purged.
* Return: 1 if clearing the entry succeeded. 0 otherwise.
*/
-int pud_free_pmd_page(pud_t *pud)
+int pud_free_pmd_page(pud_t *pud, unsigned long addr)
{
pmd_t *pmd;
int i;
@@ -733,7 +734,7 @@ int pud_free_pmd_page(pud_t *pud)
pmd = (pmd_t *)pud_page_vaddr(*pud);
for (i = 0; i < PTRS_PER_PMD; i++)
- if (!pmd_free_pte_page(&pmd[i]))
+ if (!pmd_free_pte_page(&pmd[i], addr + (i * PMD_SIZE)))
return 0;
pud_clear(pud);
@@ -745,11 +746,12 @@ int pud_free_pmd_page(pud_t *pud)
/**
* pmd_free_pte_page - Clear pmd entry and free pte page.
* @pmd: Pointer to a PMD.
+ * @addr: Virtual address associated with pmd.
*
* Context: The pmd range has been unmaped and TLB purged.
* Return: 1 if clearing the entry succeeded. 0 otherwise.
*/
-int pmd_free_pte_page(pmd_t *pmd)
+int pmd_free_pte_page(pmd_t *pmd, unsigned long addr)
{
pte_t *pte;
diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h
index f59639a..b081794 100644
--- a/include/asm-generic/pgtable.h
+++ b/include/asm-generic/pgtable.h
@@ -1019,8 +1019,8 @@ static inline int p4d_clear_huge(p4d_t *p4d)
int pmd_set_huge(pmd_t *pmd, phys_addr_t addr, pgprot_t prot);
int pud_clear_huge(pud_t *pud);
int pmd_clear_huge(pmd_t *pmd);
-int pud_free_pmd_page(pud_t *pud);
-int pmd_free_pte_page(pmd_t *pmd);
+int pud_free_pmd_page(pud_t *pud, unsigned long addr);
+int pmd_free_pte_page(pmd_t *pmd, unsigned long addr);
#else /* !CONFIG_HAVE_ARCH_HUGE_VMAP */
static inline int p4d_set_huge(p4d_t *p4d, phys_addr_t addr, pgprot_t prot)
{
@@ -1046,11 +1046,11 @@ static inline int pmd_clear_huge(pmd_t *pmd)
{
return 0;
}
-static inline int pud_free_pmd_page(pud_t *pud)
+static inline int pud_free_pmd_page(pud_t *pud, unsigned long addr)
{
return 0;
}
-static inline int pmd_free_pte_page(pmd_t *pmd)
+static inline int pmd_free_pte_page(pmd_t *pmd, unsigned long addr)
{
return 0;
}
diff --git a/lib/ioremap.c b/lib/ioremap.c
index 54e5bba..517f585 100644
--- a/lib/ioremap.c
+++ b/lib/ioremap.c
@@ -92,7 +92,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr,
if (ioremap_pmd_enabled() &&
((next - addr) == PMD_SIZE) &&
IS_ALIGNED(phys_addr + addr, PMD_SIZE) &&
- pmd_free_pte_page(pmd)) {
+ pmd_free_pte_page(pmd, addr)) {
if (pmd_set_huge(pmd, phys_addr + addr, prot))
continue;
}
@@ -119,7 +119,7 @@ static inline int ioremap_pud_range(p4d_t *p4d, unsigned long addr,
if (ioremap_pud_enabled() &&
((next - addr) == PUD_SIZE) &&
IS_ALIGNED(phys_addr + addr, PUD_SIZE) &&
- pud_free_pmd_page(pud)) {
+ pud_free_pmd_page(pud, addr)) {
if (pud_set_huge(pud, phys_addr + addr, prot))
continue;
}
--
Qualcomm India Private Limited, on behalf of Qualcomm Innovation
Center, Inc., is a member of Code Aurora Forum, a Linux Foundation
Collaborative Project
This is the start of the stable review cycle for the 4.9.107 release.
There are 61 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu Jun 7 17:00:59 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.107-rc…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.9.107-rc1
Aleksey Makarov <aleksey.makarov(a)linaro.org>
serial: pl011: add console matching function
David S. Miller <davem(a)davemloft.net>
sparc64: Don't clibber fixed registers in __multi4.
Hugh Dickins <hughd(a)google.com>
mm: fix the NULL mapping case in __isolate_lru_page()
Al Viro <viro(a)zeniv.linux.org.uk>
fix io_destroy()/aio_complete() race
David S. Miller <davem(a)davemloft.net>
sparc64: Fix build warnings with gcc 7.
Ondrej Zary <linux(a)rainbow-software.org>
drm/i915: Disable LVDS on Radiant P845
Dhinakaran Pandiyan <dhinakaran.pandiyan(a)intel.com>
drm/psr: Fix missed entry in PSR setup time table.
Parav Pandit <parav(a)mellanox.com>
IB/core: Fix error code for invalid GID entry
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
hwtracing: stm: fix build error on some arches
Alexander Shishkin <alexander.shishkin(a)linux.intel.com>
stm class: Use vmalloc for the master map
Bart Van Assche <bart.vanassche(a)wdc.com>
scsi: scsi_transport_srp: Fix shost to rport translation
Maciej W. Rozycki <macro(a)mips.com>
MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests
Maciej W. Rozycki <macro(a)mips.com>
MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs
Martin Kelly <mkelly(a)xevo.com>
iio:kfifo_buf: check for uint overflow
Sarah Newman <srn(a)prgmr.com>
net/mlx4_en: fix potential use-after-free with dma_unmap_page
Nicholas Piggin <npiggin(a)gmail.com>
powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/64s: Fix section mismatch warnings from setup_rfi_flush()
Mauricio Faria de Oliveira <mauricfo(a)linux.vnet.ibm.com>
powerpc/pseries: Restore default security feature flags on setup
Mauricio Faria de Oliveira <mauricfo(a)linux.vnet.ibm.com>
powerpc: Move default security feature flags
Mauricio Faria de Oliveira <mauricfo(a)linux.vnet.ibm.com>
powerpc/pseries: Fix clearing of security feature flags
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/64s: Wire up cpu_show_spectre_v2()
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/64s: Wire up cpu_show_spectre_v1()
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/64s: Enhance the information in cpu_show_meltdown()
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/64s: Move cpu_show_meltdown()
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/powernv: Set or clear security feature flags
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/pseries: Set or clear security feature flags
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc: Add security feature flags for Spectre/Meltdown
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration
Mauricio Faria de Oliveira <mauricfo(a)linux.vnet.ibm.com>
powerpc/rfi-flush: Differentiate enabled and patched flush types
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/rfi-flush: Always enable fallback flush on pseries
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/powernv: Support firmware disable of RFI flush
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/pseries: Support firmware disable of RFI flush
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/rfi-flush: Move out of HARDLOCKUP_DETECTOR #ifdef
Mark Rutland <mark.rutland(a)arm.com>
arm64/cpufeature: don't use mutex in bringup path
Suzuki K Poulose <suzuki.poulose(a)arm.com>
arm64: Add hypervisor safe helper for checking constant capabilities
Potomski, MichalX <michalx.potomski(a)intel.com>
scsi: ufs: Factor out ufshcd_read_desc_param
Tomas Winkler <tomas.winkler(a)intel.com>
scsi: ufs: refactor device descriptor reading
Subhash Jadavani <subhashj(a)codeaurora.org>
scsi: ufs: fix failure to read the string descriptor
Eric Dumazet <edumazet(a)google.com>
tcp: avoid integer overflows in tcp_rcv_space_adjust()
Juergen Gross <jgross(a)suse.com>
x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen
Juergen Gross <jgross(a)suse.com>
xen: set cpu capabilities from xen_start_kernel()
Juergen Gross <jgross(a)suse.com>
x86/amd: revert commit 944e0fc51a89c9827b9
Colin Ian King <colin.king(a)canonical.com>
platform/chrome: cros_ec_lpc: remove redundant pointer request
Colin Ian King <colin.king(a)canonical.com>
ASoC: Intel: sst: remove redundant variable dma_dev_name
Matthias Kaehlcke <mka(a)chromium.org>
rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c
Colin Ian King <colin.king(a)canonical.com>
dma-buf: remove redundant initialization of sg_table
Eric Biggers <ebiggers(a)google.com>
cfg80211: further limit wiphy names to 64 bytes
Sachin Grover <sgrover(a)codeaurora.org>
selinux: KASAN: slab-out-of-bounds in xattr_getsecurity
Steven Rostedt (VMware) <rostedt(a)goodmis.org>
tracing: Fix crash when freeing instances with event triggers
Benjamin Tissoires <benjamin.tissoires(a)redhat.com>
Input: elan_i2c_smbus - fix corrupted stack
Mimi Zohar <zohar(a)linux.vnet.ibm.com>
Revert "ima: limit file hash setting by user to fix and log modes"
Brian Foster <bfoster(a)redhat.com>
xfs: detect agfl count corruption and reset agfl
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Revert "pinctrl: msm: Use dynamic GPIO numbering"
Geert Uytterhoeven <geert(a)linux-m68k.org>
USB: serial: cp210x: use tcflag_t to fix incompatible pointer type
Michael Neuling <mikey(a)neuling.org>
powerpc/64s: Clear PCR on boot
Will Deacon <will.deacon(a)arm.com>
arm64: lse: Add early clobbers to some input/output asm operands
-------------
Diffstat:
Makefile | 4 +-
arch/arm64/include/asm/atomic_lse.h | 22 +-
arch/arm64/include/asm/cpufeature.h | 27 +-
arch/arm64/include/asm/kvm_host.h | 10 +-
arch/arm64/include/asm/kvm_mmu.h | 2 +-
arch/arm64/include/asm/mmu.h | 2 +-
arch/arm64/kernel/cpufeature.c | 28 ++-
arch/arm64/kernel/process.c | 2 +-
arch/mips/kernel/process.c | 4 +
arch/mips/kernel/ptrace.c | 2 +-
arch/mips/kernel/ptrace32.c | 2 +-
arch/powerpc/include/asm/exception-64s.h | 29 +++
arch/powerpc/include/asm/feature-fixups.h | 19 ++
arch/powerpc/include/asm/hvcall.h | 3 +
arch/powerpc/include/asm/security_features.h | 85 +++++++
arch/powerpc/include/asm/setup.h | 2 +-
arch/powerpc/kernel/Makefile | 2 +-
arch/powerpc/kernel/cpu_setup_power.S | 6 +
arch/powerpc/kernel/exceptions-64s.S | 16 +-
arch/powerpc/kernel/security.c | 237 ++++++++++++++++++
arch/powerpc/kernel/setup_64.c | 37 ++-
arch/powerpc/kernel/vmlinux.lds.S | 14 ++
arch/powerpc/lib/feature-fixups.c | 124 +++++++++-
arch/powerpc/platforms/powernv/setup.c | 92 +++++--
arch/powerpc/platforms/pseries/mobility.c | 3 +
arch/powerpc/platforms/pseries/pseries.h | 2 +
arch/powerpc/platforms/pseries/setup.c | 81 ++++--
arch/sparc/kernel/ds.c | 2 +-
arch/sparc/lib/multi3.S | 24 +-
arch/x86/xen/enlighten.c | 14 +-
drivers/dma-buf/dma-buf.c | 2 +-
drivers/gpu/drm/drm_dp_helper.c | 1 +
drivers/gpu/drm/i915/intel_lvds.c | 8 +
drivers/hwtracing/stm/core.c | 7 +-
drivers/iio/buffer/kfifo_buf.c | 7 +
drivers/infiniband/core/cache.c | 2 +-
drivers/input/mouse/elan_i2c_smbus.c | 22 +-
drivers/irqchip/irq-gic-v3.c | 13 +-
drivers/net/ethernet/mellanox/mlx4/en_rx.c | 32 ++-
.../net/wireless/realtek/rtlwifi/rtl8192cu/rf.c | 3 -
drivers/pinctrl/qcom/pinctrl-msm.c | 2 +-
drivers/platform/chrome/cros_ec_lpc.c | 3 -
drivers/scsi/scsi_transport_srp.c | 22 +-
drivers/scsi/ufs/ufs.h | 34 +--
drivers/scsi/ufs/ufs_quirks.h | 28 +--
drivers/scsi/ufs/ufshcd.c | 272 +++++++++++++++------
drivers/scsi/ufs/ufshcd.h | 16 ++
drivers/tty/serial/amba-pl011.c | 55 +++++
drivers/usb/serial/cp210x.c | 8 +-
fs/aio.c | 3 +-
fs/xfs/libxfs/xfs_alloc.c | 94 +++++++
fs/xfs/xfs_mount.h | 1 +
fs/xfs/xfs_trace.h | 9 +-
include/linux/tcp.h | 2 +-
include/uapi/linux/nl80211.h | 2 +-
kernel/trace/trace_events_trigger.c | 5 +-
mm/vmscan.c | 2 +-
net/ipv4/tcp_input.c | 10 +-
security/integrity/ima/ima_appraise.c | 8 +-
security/selinux/ss/services.c | 2 +-
sound/soc/intel/common/sst-firmware.c | 2 -
61 files changed, 1277 insertions(+), 297 deletions(-)
Hi Thomas,
At 06/04/2018 11:33 PM, Thomas Gleixner wrote:
> apic_ack_edge() is explicitely for handling interrupt affinity cleanup when
> interrupt remapping is not available or disable.
>
> Remapped interrupts and also some of the platform specific special
> interrupts, e.g. UV, invoke ack_APIC_irq() directly.
>
> To address the issue of failing an affinity update with -EBUSY the delayed
> affinity mechanism can be reused, but ack_APIC_irq() does not handle
> that. Adding this to ack_APIC_irq() is not possible, because that function
> is also used for exceptions and directly handled interrupts like IPIs.
>
> Create a new function, which just contains the conditional invocation of
> irq_move_irq() and the final ack_APIC_irq(). Making the invocation of
> irq_move_irq() conditional avoids the out of line call if the pending bit
> is not set.
>
> Reuse the new function in apic_ack_edge().
>
> Preparatory change for the real fix
>
> Fixes: dccfe3147b42 ("x86/vector: Simplify vector move cleanup")
> Signed-off-by: Thomas Gleixner<tglx(a)linutronix.de>
> Cc:stable@vger.kernel.org
> ---
> arch/x86/include/asm/apic.h | 2 ++
> arch/x86/kernel/apic/vector.c | 10 ++++++++--
> 2 files changed, 10 insertions(+), 2 deletions(-)
>
> --- a/arch/x86/include/asm/apic.h
> +++ b/arch/x86/include/asm/apic.h
> @@ -436,6 +436,8 @@ static inline void apic_set_eoi_write(vo
>
> #endif /* CONFIG_X86_LOCAL_APIC */
>
> +extern void apic_ack_irq(struct irq_data *data);
> +
> static inline void ack_APIC_irq(void)
> {
> /*
> --- a/arch/x86/kernel/apic/vector.c
> +++ b/arch/x86/kernel/apic/vector.c
> @@ -809,11 +809,17 @@ static int apic_retrigger_irq(struct irq
> return 1;
> }
>
> +void apic_ack_irq(struct irq_data *irqd)
> +{
> + if (unlikely(irqd_is_setaffinity_pending(irqd)))
Affinity pending is also judged in
> + irq_move_irq(irqd);
If we can remove the if(...) statement here
Thanks,
dou
> + ack_APIC_irq();
> +}
> +
> void apic_ack_edge(struct irq_data *irqd)
> {
> irq_complete_move(irqd_cfg(irqd));
> - irq_move_irq(irqd);
> - ack_APIC_irq();
> + apic_ack_irq(irqd);
> }
>
> static struct irq_chip lapic_controller = {
On some devices the contents of the ctrl register get lost over a
suspend/resume and the PWM comes back up disabled after the resume.
This is seen on some Bay Trail devices with the PWM in ACPI enumerated
mode, so it shows up as a platform device instead of a PCI device.
If we still think it is enabled and then try to change the duty-cycle
after this, we end up with a "PWM_SW_UPDATE was not cleared" error and
the PWM is stuck in that state from then on.
This commit adds suspend and resume pm callbacks to the pwm-lpss-platform
code, which save/restore the ctrl register over a suspend/resume, fixing
this.
Note that:
1) There is no need to do this over a runtime suspend, since we
only runtime suspend when disabled and then we properly set the enable
bit and reprogram the timings when we re-enable the PWM.
2) This may be happening on more systems then we realize, but has been
covered up sofar by a bug in the acpi-lpss.c code which was save/restoring
the regular device registers instead of the lpss private registers due to
lpss_device_desc.prv_offset not being set. This is fixed by a later patch
in this series.
Cc: stable(a)vger.kernel.org
Signed-off-by: Hans de Goede <hdegoede(a)redhat.com>
---
Changes in v2:
-Add Cc: stable(a)vger.kernel.org to make sure this goes into stable
together with "ACPI / LPSS: Add missing prv_offset setting for byt/cht
PWM devices" which depends on this
---
drivers/pwm/pwm-lpss-platform.c | 5 +++++
drivers/pwm/pwm-lpss.c | 30 ++++++++++++++++++++++++++++++
drivers/pwm/pwm-lpss.h | 2 ++
3 files changed, 37 insertions(+)
diff --git a/drivers/pwm/pwm-lpss-platform.c b/drivers/pwm/pwm-lpss-platform.c
index 5d6ed1507d29..5561b9e190f8 100644
--- a/drivers/pwm/pwm-lpss-platform.c
+++ b/drivers/pwm/pwm-lpss-platform.c
@@ -74,6 +74,10 @@ static int pwm_lpss_remove_platform(struct platform_device *pdev)
return pwm_lpss_remove(lpwm);
}
+static SIMPLE_DEV_PM_OPS(pwm_lpss_platform_pm_ops,
+ pwm_lpss_suspend,
+ pwm_lpss_resume);
+
static const struct acpi_device_id pwm_lpss_acpi_match[] = {
{ "80860F09", (unsigned long)&pwm_lpss_byt_info },
{ "80862288", (unsigned long)&pwm_lpss_bsw_info },
@@ -86,6 +90,7 @@ static struct platform_driver pwm_lpss_driver_platform = {
.driver = {
.name = "pwm-lpss",
.acpi_match_table = pwm_lpss_acpi_match,
+ .pm = &pwm_lpss_platform_pm_ops,
},
.probe = pwm_lpss_probe_platform,
.remove = pwm_lpss_remove_platform,
diff --git a/drivers/pwm/pwm-lpss.c b/drivers/pwm/pwm-lpss.c
index 8db0d40ccacd..4721a264bac2 100644
--- a/drivers/pwm/pwm-lpss.c
+++ b/drivers/pwm/pwm-lpss.c
@@ -32,10 +32,13 @@
/* Size of each PWM register space if multiple */
#define PWM_SIZE 0x400
+#define MAX_PWMS 4
+
struct pwm_lpss_chip {
struct pwm_chip chip;
void __iomem *regs;
const struct pwm_lpss_boardinfo *info;
+ u32 saved_ctrl[MAX_PWMS];
};
static inline struct pwm_lpss_chip *to_lpwm(struct pwm_chip *chip)
@@ -177,6 +180,9 @@ struct pwm_lpss_chip *pwm_lpss_probe(struct device *dev, struct resource *r,
unsigned long c;
int ret;
+ if (WARN_ON(info->npwm > MAX_PWMS))
+ return ERR_PTR(-ENODEV);
+
lpwm = devm_kzalloc(dev, sizeof(*lpwm), GFP_KERNEL);
if (!lpwm)
return ERR_PTR(-ENOMEM);
@@ -212,6 +218,30 @@ int pwm_lpss_remove(struct pwm_lpss_chip *lpwm)
}
EXPORT_SYMBOL_GPL(pwm_lpss_remove);
+int pwm_lpss_suspend(struct device *dev)
+{
+ struct pwm_lpss_chip *lpwm = dev_get_drvdata(dev);
+ int i;
+
+ for (i = 0; i < lpwm->info->npwm; i++)
+ lpwm->saved_ctrl[i] = readl(lpwm->regs + i * PWM_SIZE + PWM);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(pwm_lpss_suspend);
+
+int pwm_lpss_resume(struct device *dev)
+{
+ struct pwm_lpss_chip *lpwm = dev_get_drvdata(dev);
+ int i;
+
+ for (i = 0; i < lpwm->info->npwm; i++)
+ writel(lpwm->saved_ctrl[i], lpwm->regs + i * PWM_SIZE + PWM);
+
+ return 0;
+}
+EXPORT_SYMBOL_GPL(pwm_lpss_resume);
+
MODULE_DESCRIPTION("PWM driver for Intel LPSS");
MODULE_AUTHOR("Mika Westerberg <mika.westerberg(a)linux.intel.com>");
MODULE_LICENSE("GPL v2");
diff --git a/drivers/pwm/pwm-lpss.h b/drivers/pwm/pwm-lpss.h
index 98306bb02cfe..7a4238ad1fcb 100644
--- a/drivers/pwm/pwm-lpss.h
+++ b/drivers/pwm/pwm-lpss.h
@@ -28,5 +28,7 @@ struct pwm_lpss_boardinfo {
struct pwm_lpss_chip *pwm_lpss_probe(struct device *dev, struct resource *r,
const struct pwm_lpss_boardinfo *info);
int pwm_lpss_remove(struct pwm_lpss_chip *lpwm);
+int pwm_lpss_suspend(struct device *dev);
+int pwm_lpss_resume(struct device *dev);
#endif /* __PWM_LPSS_H */
--
2.17.0
Hi Arnd,
when using the ppc64 compiler from kernel.org, I see the following problems
when trying to compile ppc:allnoconfig in v4.14.y or v4.16.y.
gcc 7.3.0: Compilation of kernel.cpu.o hangs
The problem goes away if I apply the following two patches (tested with 4.16.y)
17a2f1ced028 cpu/hotplug: Merge cpuhp_bp_states and cpuhp_ap_states
fcb3029a8d89 cpu/hotplug: Fix unused function warning
gcc 8.1.0: Compilation of kernel/cpu.o results in the following error
powerpc64-linux-gcc: error: unrecognized command line option '-mno-spe'; did you mean '-fno-see'?
powerpc64-linux-gcc: error: unrecognized command line option '-mspe=no'; did you mean '-misel=no'?
This problem is also seen with mainline.
With ppc:defconfig, kernel/cpu.o builds fine with both compiler versions.
Have you seen similar problems ? Any idea what to do about it, other than sticking
with older compilers ?
Thanks,
Guenter
[BUG]
Btrfs can easily create compressed extent without checksum (even
though it shouldn't), and if we then try to replace device containing
such extent, the result device will contain all the uncompressed data
instead of the compressed one.
Test case already submitted to fstests:
https://patchwork.kernel.org/patch/10442353/
[CAUSE]
When handling compressed extent without checksum, device replace will
goes into copy_nocow_pages() function.
In that function, btrfs will get all inodes referring to this data
extents and then use find_or_create_page() to get pages direct from that
inode.
The problem here is, pages directly from inode are always uncompressed.
And for compressed data extent, they mismatch with on-disk data.
Thus this leads to corrupted data extent written to replace device.
[FIX]
In this patch, we could just avoid the "optimization" branch, and let
unified scrub_pages() to handle it.
Although scrub_pages() won't bother reusing page cache, thus it will be a
little slower, but it does the correct csum checking (skipped in this case)
and won't cause such data corruption cause by "optimization".
Please note that, this patch will just avoid the copy_nocow_pages(),
while still leave related functions here, to make it small enough for a
late merge window.
Full functions removal will happen later.
Fixes: Fixes: ff023aac3119 ("Btrfs: add code to scrub to copy read data to another disk")
Cc: stable(a)vger.kernel.org
Reported-by: James Harvey <jamespharvey20(a)gmail.com>
Signed-off-by: Qu Wenruo <wqu(a)suse.com>
---
changlog:
v1:
Split the RFC ver.B patch into 2 patches, the smaller fix will be
easier to get merged for late merge window.
---
fs/btrfs/scrub.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/fs/btrfs/scrub.c b/fs/btrfs/scrub.c
index 52b39a0924e9..79e154575366 100644
--- a/fs/btrfs/scrub.c
+++ b/fs/btrfs/scrub.c
@@ -2799,7 +2799,16 @@ static int scrub_extent(struct scrub_ctx *sctx, struct map_lookup *map,
have_csum = scrub_find_csum(sctx, logical, csum);
if (have_csum == 0)
++sctx->stat.no_csum;
- if (sctx->is_dev_replace && !have_csum) {
+
+ /*
+ * For replace on nodatasum extent, don't use
+ * copy_nocow_pages() routine which will copy pages
+ * from inode to disk. It could cause deadly corruption
+ * for compressed extent.
+ * NOTE: copy_nocow_pages() and all its children will
+ * be removed later.
+ */
+ if (0 && sctx->is_dev_replace && !have_csum) {
ret = copy_nocow_pages(sctx, logical, l,
mirror_num,
physical_for_dev_replace);
--
2.17.1
'Commit cc27b735ad3a ("PCI/portdrv: Turn off PCIe services during
shutdown")' has been added to kernel to shutdown pending PCIe port
service interrupts during reboot so that a newly started kexec kernel
wouldn't observe pending interrupts.
pcie_port_device_remove() is disabling the root port and switches by
calling pci_disable_device() after all PCIe service drivers are shutdown.
This has been found to cause crashes on HP DL360 Gen9 machines during
reboot due to hpsa driver not clearing the bus master bit during the
shutdown procedure by calling pci_disable_device().
Disable device as part of the shutdown sequence.
Signed-off-by: Sinan Kaya <okaya(a)codeaurora.org>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=199779
Fixes: cc27b735ad3a ("PCI/portdrv: Turn off PCIe services during shutdown")
Cc: stable(a)vger.kernel.org
Reported-by: Ryan Finnie <ryan(a)finnie.org>
Tested-by: Don Brace <don.brace(a)microsemi.com>
Acked-by: Don Brace <don.brace(a)microsemi.com>
---
drivers/scsi/hpsa.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
index 3a9eca1..b92f86a 100644
--- a/drivers/scsi/hpsa.c
+++ b/drivers/scsi/hpsa.c
@@ -8869,7 +8869,7 @@ static void hpsa_disable_rld_caching(struct ctlr_info *h)
kfree(options);
}
-static void hpsa_shutdown(struct pci_dev *pdev)
+static void __hpsa_shutdown(struct pci_dev *pdev)
{
struct ctlr_info *h;
@@ -8884,6 +8884,12 @@ static void hpsa_shutdown(struct pci_dev *pdev)
hpsa_disable_interrupt_mode(h); /* pci_init 2 */
}
+static void hpsa_shutdown(struct pci_dev *pdev)
+{
+ __hpsa_shutdown(pdev);
+ pci_disable_device(pdev);
+}
+
static void hpsa_free_device_info(struct ctlr_info *h)
{
int i;
@@ -8927,7 +8933,7 @@ static void hpsa_remove_one(struct pci_dev *pdev)
scsi_remove_host(h->scsi_host); /* init_one 8 */
/* includes hpsa_free_irqs - init_one 4 */
/* includes hpsa_disable_interrupt_mode - pci_init 2 */
- hpsa_shutdown(pdev);
+ __hpsa_shutdown(pdev);
hpsa_free_device_info(h); /* scan */
--
2.7.4
From: Dexuan Cui <decui(a)microsoft.com>
I didn't really hit a real bug, but just happened to spot the bug:
we have decreased the counter at the beginning of vmbus_process_offer(),
so we mustn't decrease it again.
Fixes: 6f3d791f3006 ("Drivers: hv: vmbus: Fix rescind handling issues")
Signed-off-by: Dexuan Cui <decui(a)microsoft.com>
Cc: stable(a)vger.kernel.org
Cc: Stephen Hemminger <sthemmin(a)microsoft.com>
Cc: K. Y. Srinivasan <kys(a)microsoft.com>
Cc: Stable <stable(a)vger.kernel.org> # 4.14 and above
Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com>
---
drivers/hv/channel_mgmt.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c
index ecc2bd275a73..f3b551a50653 100644
--- a/drivers/hv/channel_mgmt.c
+++ b/drivers/hv/channel_mgmt.c
@@ -527,10 +527,8 @@ static void vmbus_process_offer(struct vmbus_channel *newchannel)
struct hv_device *dev
= newchannel->primary_channel->device_obj;
- if (vmbus_add_channel_kobj(dev, newchannel)) {
- atomic_dec(&vmbus_connection.offer_in_progress);
+ if (vmbus_add_channel_kobj(dev, newchannel))
goto err_free_chan;
- }
if (channel->sc_creation_callback != NULL)
channel->sc_creation_callback(newchannel);
--
2.17.1
Per discussion with David at netconf 2018, let's clarify
DaveM's position of handling stable backports in netdev-FAQ.
This is important for people relying on upstream -stable
releases.
Cc: stable(a)vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Cong Wang <xiyou.wangcong(a)gmail.com>
---
Documentation/networking/netdev-FAQ.txt | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/Documentation/networking/netdev-FAQ.txt b/Documentation/networking/netdev-FAQ.txt
index 2a3278d5cf35..fa951b820b25 100644
--- a/Documentation/networking/netdev-FAQ.txt
+++ b/Documentation/networking/netdev-FAQ.txt
@@ -179,6 +179,15 @@ A: No. See above answer. In short, if you think it really belongs in
dash marker line as described in Documentation/process/submitting-patches.rst to
temporarily embed that information into the patch that you send.
+Q: Are all networking bug fixes backported to all stable releases?
+
+A: Due to capacity, Dave could only take care of the backports for the last
+ 2 stable releases. For earlier stable releases, each stable branch maintainer
+ is supposed to take care of them. If you find any patch is missing from an
+ earlier stable branch, please notify stable(a)vger.kernel.org with either a
+ commit ID or a formal patch backported, and CC Dave and other relevant
+ networking developers.
+
Q: Someone said that the comment style and coding convention is different
for the networking content. Is this true?
--
2.13.0
From: Chris Chiu <chiu(a)endlessm.com>
commit 0803d7befa15cab5717d667a97a66214d2a4c083 upstream
The Acer Acer Veriton X4110G has a TPM device detected as:
tpm_tis 00:0b: 1.2 TPM (device-id 0xFE, rev-id 71)
After the first S3 suspend, the following error appears during resume:
tpm tpm0: A TPM error(38) occurred continue selftest
Any following S3 suspend attempts will now fail with this error:
tpm tpm0: Error (38) sending savestate before suspend
PM: Device 00:0b failed to suspend: error 38
Error 38 is TPM_ERR_INVALID_POSTINIT which means the TPM is
not in the correct state. This indicates that the platform BIOS
is not sending the usual TPM_Startup command during S3 resume.
>From this point onwards, all TPM commands will fail.
The same issue was previously reported on Foxconn 6150BK8MC and
Sony Vaio TX3.
The platform behaviour seems broken here, but we should not break
suspend/resume because of this.
When the unexpected TPM state is encountered, set a flag to skip the
affected TPM_SaveState command on later suspends.
Cc: stable(a)vger.kernel.org
Signed-off-by: Chris Chiu <chiu(a)endlessm.com>
Signed-off-by: Daniel Drake <drake(a)endlessm.com>
Link: http://lkml.kernel.org/r/CAB4CAwfSCvj1cudi+MWaB5g2Z67d9DwY1o475YOZD64ma23Ui…
Link: https://lkml.org/lkml/2011/3/28/192
Link: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591031
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com>
---
drivers/char/tpm/tpm-interface.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 247dd2b6504a..be0547115d34 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -787,6 +787,10 @@ int tpm_do_selftest(struct tpm_chip *chip)
loops = jiffies_to_msecs(duration) / delay_msec;
rc = tpm_continue_selftest(chip);
+ if (rc == TPM_ERR_INVALID_POSTINIT) {
+ chip->flags |= TPM_CHIP_FLAG_ALWAYS_POWERED;
+ dev_info(&chip->dev, "TPM not ready (%d)\n", rc);
+ }
/* This may fail if there was no TPM driver during a suspend/resume
* cycle; some may return 10 (BAD_ORDINAL), others 28 (FAILEDSELFTEST)
*/
--
2.17.0
Per discussion with David at netconf 2018, let's clarify
DaveM's position of handling stable backports in netdev-FAQ.
This is important for people relying on upstream -stable
releases.
Cc: stable(a)vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Cong Wang <xiyou.wangcong(a)gmail.com>
---
Documentation/networking/netdev-FAQ.txt | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/Documentation/networking/netdev-FAQ.txt b/Documentation/networking/netdev-FAQ.txt
index 2a3278d5cf35..6dde6686c870 100644
--- a/Documentation/networking/netdev-FAQ.txt
+++ b/Documentation/networking/netdev-FAQ.txt
@@ -179,6 +179,15 @@ A: No. See above answer. In short, if you think it really belongs in
dash marker line as described in Documentation/process/submitting-patches.rst to
temporarily embed that information into the patch that you send.
+Q: Are all networking bug fixes backported to all stable releases?
+
+A: Due to capacity, Dave could only take care of the backports for the last
+ 3 stable releases. For earlier stable releases, each stable branch maintainer
+ is supposed to take care of them. If you find any patch is missing from an
+ earlier stable branch, please notify stable(a)vger.kernel.org with either a
+ commit ID or a formal patch backported, and CC Dave and other relevant
+ networking developers.
+
Q: Someone said that the comment style and coding convention is different
for the networking content. Is this true?
--
2.13.0
This is an automatic generated email to let you know that the following patch were queued:
Subject: media: uvcvideo: Prevent setting unavailable flags
Author: Kieran Bingham <kieran.bingham(a)ideasonboard.com>
Date: Wed Mar 21 11:43:08 2018 -0400
The addition of an extra operation to use the GET_INFO command
overwrites all existing flags from the uvc_ctrls table. This includes
setting all controls as supporting GET_MIN, GET_MAX, GET_RES, and
GET_DEF regardless of whether they do or not.
Move the initialisation of these control capabilities directly to the
uvc_ctrl_fill_xu_info() call where they were originally located in that
use case, and ensure that the new functionality in uvc_ctrl_get_flags()
will only set flags based on their reported capability from the GET_INFO
call.
Fixes: 859086ae3636 ("media: uvcvideo: Apply flags from device to actual properties")
Cc: stable(a)vger.kernel.org
Signed-off-by: Kieran Bingham <kieran.bingham(a)ideasonboard.com>
Tested-by: Guennadi Liakhovetski <guennadi.liakhovetski(a)intel.com>
Signed-off-by: Laurent Pinchart <laurent.pinchart(a)ideasonboard.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org>
drivers/media/usb/uvc/uvc_ctrl.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
---
diff --git a/drivers/media/usb/uvc/uvc_ctrl.c b/drivers/media/usb/uvc/uvc_ctrl.c
index 102594ec3e97..a36b4fb949fa 100644
--- a/drivers/media/usb/uvc/uvc_ctrl.c
+++ b/drivers/media/usb/uvc/uvc_ctrl.c
@@ -1607,14 +1607,12 @@ static int uvc_ctrl_get_flags(struct uvc_device *dev,
ret = uvc_query_ctrl(dev, UVC_GET_INFO, ctrl->entity->id, dev->intfnum,
info->selector, data, 1);
if (!ret)
- info->flags = UVC_CTRL_FLAG_GET_MIN | UVC_CTRL_FLAG_GET_MAX
- | UVC_CTRL_FLAG_GET_RES | UVC_CTRL_FLAG_GET_DEF
- | (data[0] & UVC_CONTROL_CAP_GET ?
- UVC_CTRL_FLAG_GET_CUR : 0)
- | (data[0] & UVC_CONTROL_CAP_SET ?
- UVC_CTRL_FLAG_SET_CUR : 0)
- | (data[0] & UVC_CONTROL_CAP_AUTOUPDATE ?
- UVC_CTRL_FLAG_AUTO_UPDATE : 0);
+ info->flags |= (data[0] & UVC_CONTROL_CAP_GET ?
+ UVC_CTRL_FLAG_GET_CUR : 0)
+ | (data[0] & UVC_CONTROL_CAP_SET ?
+ UVC_CTRL_FLAG_SET_CUR : 0)
+ | (data[0] & UVC_CONTROL_CAP_AUTOUPDATE ?
+ UVC_CTRL_FLAG_AUTO_UPDATE : 0);
kfree(data);
return ret;
@@ -1689,6 +1687,9 @@ static int uvc_ctrl_fill_xu_info(struct uvc_device *dev,
info->size = le16_to_cpup((__le16 *)data);
+ info->flags = UVC_CTRL_FLAG_GET_MIN | UVC_CTRL_FLAG_GET_MAX
+ | UVC_CTRL_FLAG_GET_RES | UVC_CTRL_FLAG_GET_DEF;
+
ret = uvc_ctrl_get_flags(dev, ctrl, info);
if (ret < 0) {
uvc_trace(UVC_TRACE_CONTROL,
In file included from scripts/kconfig/zconf.tab.c:2485:
scripts/kconfig/confdata.c: In function ‘conf_write’:
scripts/kconfig/confdata.c:773:22: warning: ‘%s’ directive writing likely 7 or more bytes into a region of size between 1 and 4097 [-Wformat-overflow=]
sprintf(newname, "%s%s", dirname, basename);
^~
scripts/kconfig/confdata.c:773:19: note: assuming directive output of 7 bytes
sprintf(newname, "%s%s", dirname, basename);
^~~~~~
scripts/kconfig/confdata.c:773:2: note: ‘sprintf’ output 1 or more bytes (assuming 4104) into a destination of size 4097
sprintf(newname, "%s%s", dirname, basename);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
scripts/kconfig/confdata.c:776:23: warning: ‘.tmpconfig.’ directive writing 11 bytes into a region of size between 1 and 4097 [-Wformat-overflow=]
sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
^~~~~~~~~~~
scripts/kconfig/confdata.c:776:3: note: ‘sprintf’ output between 13 and 4119 bytes into a destination of size 4097
sprintf(tmpname, "%s.tmpconfig.%d", dirname, (int)getpid());
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Increase the size of tmpname and newname to make GCC happy.
Cc: stable(a)vger.kernel.org
Signed-off-by: Nathan Chancellor <natechancellor(a)gmail.com>
---
scripts/kconfig/confdata.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/kconfig/confdata.c b/scripts/kconfig/confdata.c
index 5f87ad561b08..39e20974f4a3 100644
--- a/scripts/kconfig/confdata.c
+++ b/scripts/kconfig/confdata.c
@@ -720,7 +720,7 @@ int conf_write(const char *name)
struct menu *menu;
const char *basename;
const char *str;
- char dirname[PATH_MAX+1], tmpname[PATH_MAX+1], newname[PATH_MAX+1];
+ char dirname[PATH_MAX+1], tmpname[PATH_MAX+22], newname[PATH_MAX+8];
char *env;
dirname[0] = 0;
--
2.17.1
Hi Thomas,
At 06/04/2018 11:33 PM, Thomas Gleixner wrote:
> The generic pending interrupt mechanism moves interrupts from the interrupt
> handler on the original target CPU to the new destination CPU. This is
> required for x86 and ia64 due to the way the interrupt delivery and
> acknowledge works if the interrupts are not remapped.
>
> However that update can fail for various reasons. Some of them are valid
> reasons to discard the pending update, but the case, when the previous move
> has not been fully cleaned up is not a legit reason to fail.
>
> Check the return value of irq_do_set_affinity() for -EBUSY, which indicates
> a pending cleanup, and rearm the pending move in the irq dexcriptor so it's
s/dexcriptor/descriptor
> tried again when the next interrupt arrives.
>
> Fixes: 996c591227d9 ("x86/irq: Plug vector cleanup race")
> Signed-off-by: Thomas Gleixner<tglx(a)linutronix.de>
> Cc:stable@vger.kernel.org
> ---
> kernel/irq/migration.c | 24 ++++++++++++++++++------
> 1 file changed, 18 insertions(+), 6 deletions(-)
>
> --- a/kernel/irq/migration.c
> +++ b/kernel/irq/migration.c
> @@ -38,17 +38,18 @@ bool irq_fixup_move_pending(struct irq_d
> void irq_move_masked_irq(struct irq_data *idata)
> {
> struct irq_desc *desc = irq_data_to_desc(idata);
> - struct irq_chip *chip = desc->irq_data.chip;
> + struct irq_data *data = &desc->irq_data;
> + struct irq_chip *chip = data->chip;
>
> - if (likely(!irqd_is_setaffinity_pending(&desc->irq_data)))
> + if (likely(!irqd_is_setaffinity_pending(data)))
> return;
>
> - irqd_clr_move_pending(&desc->irq_data);
> + irqd_clr_move_pending(data);
>
> /*
> * Paranoia: cpu-local interrupts shouldn't be calling in here anyway.
> */
> - if (irqd_is_per_cpu(&desc->irq_data)) {
> + if (irqd_is_per_cpu(data)) {
> WARN_ON(1);
> return;
> }
> @@ -73,9 +74,20 @@ void irq_move_masked_irq(struct irq_data
> * For correct operation this depends on the caller
> * masking the irqs.
> */
> - if (cpumask_any_and(desc->pending_mask, cpu_online_mask) < nr_cpu_ids)
> - irq_do_set_affinity(&desc->irq_data, desc->pending_mask, false);
> + if (cpumask_any_and(desc->pending_mask, cpu_online_mask) < nr_cpu_ids) {
> + int ret;
>
> + ret = irq_do_set_affinity(data, desc->pending_mask, false);
> + /*
> + * If the there is a cleanup pending in the underlying
s/If the there is/If there is/
Thanks,
dou
On Mon, Jun 04, 2018 at 04:13:06PM -0700, Kevin Hilman wrote:
> > defconfig
> > synquacer-acpi: 1 failed lab
> This is a newly added board, and hasn't ever passed on v4.9 yet.
> @Matt Hart: Is this board expected to work as far bask as v4.9? or
> should we blacklist it?
Should be blacklisted.
From: Aleksey Makarov <aleksey.makarov(a)linaro.org>
Commit 10879ae5f12e9cab3c4e8e9504c1aaa8a033bde7 upstream.
This patch adds function pl011_console_match() that implements
method match of struct console. It allows to match consoles against
data specified in a string, for example taken from command line or
compiled by ACPI SPCR table handler.
This patch was merged to tty-next but then reverted because of
conflict with
commit 46e36683f433 ("serial: earlycon: Extend earlycon command line option to support 64-bit addresses")
Now it is fixed.
Signed-off-by: Aleksey Makarov <aleksey.makarov(a)linaro.org>
Reviewed-by: Peter Hurley <peter(a)hurleysoftware.com>
Acked-by: Russell King <rmk+kernel(a)armlinux.org.uk>
Tested-by: Christopher Covington <cov(a)codeaurora.org>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org>
---
Please consider for v4.9-stable. It is the missing puzzle piece for SPCR
support on arm64 ACPI systems, which got merged for v4.9 [0]. Now that more
systems are becoming available to people working in the kernel community, it
turns out that v4.9 distro installers (e.g., Debian Stretch) won't work
unless you pass a 'console=' parameter explicitly, which is annoying.
Given that it was clearly the intent to include this code at the time,
I hope it will be considered for backporting.
[0] To quote the tty maintainer:
Also in here is the long-suffering ACPI SPCR patchset, which was
passed around from maintainer to maintainer like a hot-potato. Seems I
was the sucker^Wlucky one. All of those patches have been acked by the
various subsystem maintainers as well.
drivers/tty/serial/amba-pl011.c | 55 ++++++++++++++++++++
1 file changed, 55 insertions(+)
diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c
index b42d7f1c9089..6b1863293fe1 100644
--- a/drivers/tty/serial/amba-pl011.c
+++ b/drivers/tty/serial/amba-pl011.c
@@ -2320,12 +2320,67 @@ static int __init pl011_console_setup(struct console *co, char *options)
return uart_set_options(&uap->port, co, baud, parity, bits, flow);
}
+/**
+ * pl011_console_match - non-standard console matching
+ * @co: registering console
+ * @name: name from console command line
+ * @idx: index from console command line
+ * @options: ptr to option string from console command line
+ *
+ * Only attempts to match console command lines of the form:
+ * console=pl011,mmio|mmio32,<addr>[,<options>]
+ * console=pl011,0x<addr>[,<options>]
+ * This form is used to register an initial earlycon boot console and
+ * replace it with the amba_console at pl011 driver init.
+ *
+ * Performs console setup for a match (as required by interface)
+ * If no <options> are specified, then assume the h/w is already setup.
+ *
+ * Returns 0 if console matches; otherwise non-zero to use default matching
+ */
+static int __init pl011_console_match(struct console *co, char *name, int idx,
+ char *options)
+{
+ unsigned char iotype;
+ resource_size_t addr;
+ int i;
+
+ if (strcmp(name, "pl011") != 0)
+ return -ENODEV;
+
+ if (uart_parse_earlycon(options, &iotype, &addr, &options))
+ return -ENODEV;
+
+ if (iotype != UPIO_MEM && iotype != UPIO_MEM32)
+ return -ENODEV;
+
+ /* try to match the port specified on the command line */
+ for (i = 0; i < ARRAY_SIZE(amba_ports); i++) {
+ struct uart_port *port;
+
+ if (!amba_ports[i])
+ continue;
+
+ port = &amba_ports[i]->port;
+
+ if (port->mapbase != addr)
+ continue;
+
+ co->index = i;
+ port->cons = co;
+ return pl011_console_setup(co, options);
+ }
+
+ return -ENODEV;
+}
+
static struct uart_driver amba_reg;
static struct console amba_console = {
.name = "ttyAMA",
.write = pl011_console_write,
.device = uart_console_device,
.setup = pl011_console_setup,
+ .match = pl011_console_match,
.flags = CON_PRINTBUFFER,
.index = -1,
.data = &amba_reg,
--
2.17.0
Patch 4b433924b275 ("scsi: sd_zbc: Fix potential memory leak") was added in
4.16 and 4.15 stable but did not make it to long term stable 4.14 (as far as I
can tell).
Patch ccce20fc7968 ("scsi: sd_zbc: Avoid that resetting a zone fails
sporadically") is included in 4.16 but does not apply to 4.15 stable nor to
4.14 long term stable and requires extensive modifications.
This small series provides a backport of both patches against 4.14. Please
consider these patches for inclusion in this long term stable kernel.
Bart Van Assche (1):
scsi: sd_zbc: Avoid that resetting a zone fails sporadically
Damien Le Moal (1):
scsi: sd_zbc: Fix potential memory leak
drivers/scsi/sd_zbc.c | 128 +++++++++++++++++++++++++-----------------
1 file changed, 76 insertions(+), 52 deletions(-)
Changes from v1:
* Fixed upstream commit reference in the first patch commit message
--
2.17.0