- Linux-stable-mirror - lists.linaro.org

patch "USB: serial: mos7840: fix status-register error handling" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: mos7840: fix status-register error handling to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 794744abfffef8b1f3c0c8a4896177d6d13d653d Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Wed, 4 Jul 2018 17:02:17 +0200 Subject: USB: serial: mos7840: fix status-register error handling Add missing transfer-length sanity check to the status-register completion handler to avoid leaking bits of uninitialised slab data to user space. Fixes: 3f5429746d91 ("USB: Moschip 7840 USB-Serial Driver") Cc: stable <stable(a)vger.kernel.org> # 2.6.19 Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/mos7840.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/serial/mos7840.c b/drivers/usb/serial/mos7840.c index fdceb46d9fc6..b580b4c7fa48 100644 --- a/drivers/usb/serial/mos7840.c +++ b/drivers/usb/serial/mos7840.c @@ -468,6 +468,9 @@ static void mos7840_control_callback(struct urb *urb) } dev_dbg(dev, "%s urb buffer size is %d\n", __func__, urb->actual_length); + if (urb->actual_length < 1) + goto out; + dev_dbg(dev, "%s mos7840_port->MsrLsr is %d port %d\n", __func__, mos7840_port->MsrLsr, mos7840_port->port_num); data = urb->transfer_buffer; -- 2.18.0

7 years, 5 months

1
0
0 0

patch "USB: serial: ch341: fix type promotion bug in ch341_control_in()" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: ch341: fix type promotion bug in ch341_control_in() to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From e33eab9ded328ccc14308afa51b5be7cbe78d30b Mon Sep 17 00:00:00 2001 From: Dan Carpenter <dan.carpenter(a)oracle.com> Date: Wed, 4 Jul 2018 12:29:38 +0300 Subject: USB: serial: ch341: fix type promotion bug in ch341_control_in() The "r" variable is an int and "bufsize" is an unsigned int so the comparison is type promoted to unsigned. If usb_control_msg() returns a negative that is treated as a high positive value and the error handling doesn't work. Fixes: 2d5a9c72d0c4 ("USB: serial: ch341: fix control-message error handling") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/ch341.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/serial/ch341.c b/drivers/usb/serial/ch341.c index bdd7a5ad3bf1..3bb1fff02bed 100644 --- a/drivers/usb/serial/ch341.c +++ b/drivers/usb/serial/ch341.c @@ -128,7 +128,7 @@ static int ch341_control_in(struct usb_device *dev, r = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), request, USB_TYPE_VENDOR | USB_RECIP_DEVICE | USB_DIR_IN, value, index, buf, bufsize, DEFAULT_TIMEOUT); - if (r < bufsize) { + if (r < (int)bufsize) { if (r >= 0) { dev_err(&dev->dev, "short control message received (%d < %u)\n", -- 2.18.0

7 years, 5 months

1
0
0 0

patch "USB: serial: keyspan_pda: fix modem-status error handling" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: keyspan_pda: fix modem-status error handling to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 01b3cdfca263a17554f7b249d20a247b2a751521 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Wed, 4 Jul 2018 17:02:16 +0200 Subject: USB: serial: keyspan_pda: fix modem-status error handling Fix broken modem-status error handling which could lead to bits of slab data leaking to user space. Fixes: 3b36a8fd6777 ("usb: fix uninitialized variable warning in keyspan_pda") Cc: stable <stable(a)vger.kernel.org> # 2.6.27 Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/keyspan_pda.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/usb/serial/keyspan_pda.c b/drivers/usb/serial/keyspan_pda.c index 5169624d8b11..38d43c4b7ce5 100644 --- a/drivers/usb/serial/keyspan_pda.c +++ b/drivers/usb/serial/keyspan_pda.c @@ -369,8 +369,10 @@ static int keyspan_pda_get_modem_info(struct usb_serial *serial, 3, /* get pins */ USB_TYPE_VENDOR|USB_RECIP_INTERFACE|USB_DIR_IN, 0, 0, data, 1, 2000); - if (rc >= 0) + if (rc == 1) *value = *data; + else if (rc >= 0) + rc = -EIO; kfree(data); return rc; -- 2.18.0

7 years, 5 months

1
0
0 0

patch "USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 367b160fe4717c14a2a978b6f9ffb75a7762d3ed Mon Sep 17 00:00:00 2001 From: Olli Salonen <olli.salonen(a)iki.fi> Date: Wed, 4 Jul 2018 14:07:42 +0300 Subject: USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick There are two versions of the Qivicon Zigbee stick in circulation. This adds the second USB ID to the cp210x driver. Signed-off-by: Olli Salonen <olli.salonen(a)iki.fi> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/cp210x.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c index ee0cc1d90b51..626a29d9aa58 100644 --- a/drivers/usb/serial/cp210x.c +++ b/drivers/usb/serial/cp210x.c @@ -149,6 +149,7 @@ static const struct usb_device_id id_table[] = { { USB_DEVICE(0x10C4, 0x8977) }, /* CEL MeshWorks DevKit Device */ { USB_DEVICE(0x10C4, 0x8998) }, /* KCF Technologies PRN */ { USB_DEVICE(0x10C4, 0x89A4) }, /* CESINEL FTBC Flexible Thyristor Bridge Controller */ + { USB_DEVICE(0x10C4, 0x89FB) }, /* Qivicon ZigBee USB Radio Stick */ { USB_DEVICE(0x10C4, 0x8A2A) }, /* HubZ dual ZigBee and Z-Wave dongle */ { USB_DEVICE(0x10C4, 0x8A5E) }, /* CEL EM3588 ZigBee USB Stick Long Range */ { USB_DEVICE(0x10C4, 0x8B34) }, /* Qivicon ZigBee USB Radio Stick */ -- 2.18.0

7 years, 5 months

1
0
0 0

Re: Patch "drm/amd/display: release spinlock before committing updates to stream" has been added to the 4.17-stable tree

by Andrey Grodzovsky

This patch is wrong as noted by MIchel a while ago - quote from his review of the patch. "Actually, pflip_status should really only be set to AMDGPU_FLIP_SUBMITTED after the flip has been programmed to the hardware, at least as far as the lock holder is concerned. That's why the code was previously holding the lock until after the dc_commit_updates_for_stream call. Otherwise, it's at least theoretically possible that either: * dm_pflip_high_irq is called before dc_commit_updates_for_stream, but sees flip_status == AMDGPU_FLIP_SUBMITTED and sends the event to userspace prematurely * dm_pflip_high_irq is called after dc_commit_updates_for_stream, but sees flip_status != AMDGPU_FLIP_SUBMITTED, so it incorrectly doesn't send the event to userspace " It shouldn't go in. Andrey On 07/05/2018 11:59 AM, gregkh(a)linuxfoundation.org wrote: > This is a note to let you know that I've just added the patch titled > > drm/amd/display: release spinlock before committing updates to stream > > to the 4.17-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > drm-amd-display-release-spinlock-before-committing-updates-to-stream.patch > and it can be found in the queue-4.17 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > From 4de9f38bb2cce3a4821ffb8a83d6b08f6e37d905 Mon Sep 17 00:00:00 2001 > From: Shirish S <shirish.s(a)amd.com> > Date: Tue, 26 Jun 2018 09:32:39 +0530 > Subject: drm/amd/display: release spinlock before committing updates to stream > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > From: Shirish S <shirish.s(a)amd.com> > > commit 4de9f38bb2cce3a4821ffb8a83d6b08f6e37d905 upstream. > > Currently, amdgpu_do_flip() spinlocks crtc->dev->event_lock and > releases it only after committing updates to the stream. > > dc_commit_updates_for_stream() should be moved out of > spinlock for the below reasons: > > 1. event_lock is supposed to protect access to acrct->pflip_status _only_ > 2. dc_commit_updates_for_stream() has potential sleep's > and also its not appropriate to be in an atomic state > for such long sequences of code. > > Signed-off-by: Shirish S <shirish.s(a)amd.com> > Suggested-by: Andrey Grodzovsky <andrey.grodzovsky(a)amd.com> > Reviewed-by: Michel Dänzer <michel.daenzer(a)amd.com> > Reviewed-by: Harry Wentland <harry.wentland(a)amd.com> > Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> > Cc: stable(a)vger.kernel.org > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > > --- > drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > @@ -3967,10 +3967,11 @@ static void amdgpu_dm_do_flip(struct drm > if (acrtc->base.state->event) > prepare_flip_isr(acrtc); > > + spin_unlock_irqrestore(&crtc->dev->event_lock, flags); > + > surface_updates->surface = dc_stream_get_status(acrtc_state->stream)->plane_states[0]; > surface_updates->flip_addr = &addr; > > - > dc_commit_updates_for_stream(adev->dm.dc, > surface_updates, > 1, > @@ -3983,9 +3984,6 @@ static void amdgpu_dm_do_flip(struct drm > __func__, > addr.address.grph.addr.high_part, > addr.address.grph.addr.low_part); > - > - > - spin_unlock_irqrestore(&crtc->dev->event_lock, flags); > } > > static void amdgpu_dm_commit_planes(struct drm_atomic_state *state, > > > Patches currently in stable-queue which might be from shirish.s(a)amd.com are > > queue-4.17/drm-amdgpu-add-apu-support-in-vi_set_vce_clocks.patch > queue-4.17/drm-amdgpu-add-apu-support-in-vi_set_uvd_clocks.patch > queue-4.17/drm-amd-display-release-spinlock-before-committing-updates-to-stream.patch

7 years, 5 months

4
5
0 0

[PATCH] soc: qcom: rmtfs-mem: fix memleak in probe error paths

by Johan Hovold

Make sure to set the mem device release callback before calling put_device() in a couple of probe error paths so that the containing object also gets freed. Fixes: d1de6d6c639b ("soc: qcom: Remote filesystem memory driver") Cc: stable <stable(a)vger.kernel.org> # 4.15 Cc: Bjorn Andersson <bjorn.andersson(a)linaro.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/soc/qcom/rmtfs_mem.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/soc/qcom/rmtfs_mem.c b/drivers/soc/qcom/rmtfs_mem.c index c8999e38b005..8a3678c2e83c 100644 --- a/drivers/soc/qcom/rmtfs_mem.c +++ b/drivers/soc/qcom/rmtfs_mem.c @@ -184,6 +184,7 @@ static int qcom_rmtfs_mem_probe(struct platform_device *pdev) device_initialize(&rmtfs_mem->dev); rmtfs_mem->dev.parent = &pdev->dev; rmtfs_mem->dev.groups = qcom_rmtfs_mem_groups; + rmtfs_mem->dev.release = qcom_rmtfs_mem_release_device; rmtfs_mem->base = devm_memremap(&rmtfs_mem->dev, rmtfs_mem->addr, rmtfs_mem->size, MEMREMAP_WC); @@ -206,8 +207,6 @@ static int qcom_rmtfs_mem_probe(struct platform_device *pdev) goto put_device; } - rmtfs_mem->dev.release = qcom_rmtfs_mem_release_device; - ret = of_property_read_u32(node, "qcom,vmid", &vmid); if (ret < 0 && ret != -EINVAL) { dev_err(&pdev->dev, "failed to parse qcom,vmid\n"); -- 2.17.1

7 years, 5 months

1
1
0 0

[PATCH] ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION

by Hui Wang

We have two new lenovo desktop models which need to apply the fixup of ALC294_FIXUP_LENOVO_MIC_LOCATION, and they have the same pin cfg as the machine with subsystem id:0x17aa3136, now use the pincfg table to apply the fixup for them. Cc: <stable(a)vger.kernel.org> Signed-off-by: Hui Wang <hui.wang(a)canonical.com> --- sound/pci/hda/patch_realtek.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 63154b9..666713e 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -6556,7 +6556,6 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x310c, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x312a, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x312f, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), - SND_PCI_QUIRK(0x17aa, 0x3136, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x313c, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x3902, "Lenovo E50-80", ALC269_FIXUP_DMIC_THINKPAD_ACPI), SND_PCI_QUIRK(0x17aa, 0x3977, "IdeaPad S210", ALC283_FIXUP_INT_MIC), @@ -6822,6 +6821,11 @@ static const struct snd_hda_pin_quirk alc269_pin_fixup_tbl[] = { {0x1a, 0x02a11040}, {0x1b, 0x01014020}, {0x21, 0x0221101f}), + SND_HDA_PIN_QUIRK(0x10ec0235, 0x17aa, "Lenovo", ALC294_FIXUP_LENOVO_MIC_LOCATION, + {0x14, 0x90170110}, + {0x19, 0x02a11020}, + {0x1a, 0x02a11030}, + {0x21, 0x0221101f}), SND_HDA_PIN_QUIRK(0x10ec0236, 0x1028, "Dell", ALC255_FIXUP_DELL1_MIC_NO_PRESENCE, {0x12, 0x90a60140}, {0x14, 0x90170110}, -- 2.7.4

7 years, 5 months

2
1
0 0

Sitio web

by David Carreras

Estimados/as señores/as: Tras realizar un análisis previo de tu página web hemos descubierto errores en el código que influyen de manera significativa en la baja posición de tu página en buscadores, incluido Googl Les proponemos la optimización de su página web sin necesidad de contrato, de pagos mensuales, sin costes ocultos y sin penalizaciones por rescisión de contrato. Se trata de una de las mejores ofertas que existe actualmente en el mercado. La optimización de la página de su empresa consiste en hacer que resulte más fácil de encontrar para los buscadores, mejorando así su posición en el ranking de Google y otros buscadores. Les invitamos a visitar nuestra página web: http://www.webanalytics-google.com David Carreras. WebAnalytics

7 years, 5 months

1
0
0 0

[stable-4.14 0/6] md fixes for 4.14

by Jack Wang

Hi Greg, We hit a panic in 4.14.43 with md raid1. It's easy to reproduce with a test case, running Fio, and doing mdadm --grow bitmap=none /dev/mdx && mdadm --grow bitmap=internal /dev/mdx in a loop. With following patches applied, we can no longer reproduce the problem. Please consider to apply the patches to 4.14, they can be applied cleanly on 4.14.52. Cheers, Jack NeilBrown (6): md: always hold reconfig_mutex when calling mddev_suspend() md: don't call bitmap_create() while array is quiesced. md: move suspend_hi/lo handling into core md code md: use mddev_suspend/resume instead of ->quiesce() md: allow metadata update while suspending. md: remove special meaning of ->quiesce(.., 2) drivers/md/dm-raid.c | 10 ++++-- drivers/md/md-cluster.c | 6 ++-- drivers/md/md.c | 90 ++++++++++++++++++++++++++++++------------------ drivers/md/md.h | 15 +++++--- drivers/md/raid0.c | 2 +- drivers/md/raid1.c | 27 +++++---------- drivers/md/raid10.c | 10 ++---- drivers/md/raid5-cache.c | 30 ++++++++++------ drivers/md/raid5-log.h | 2 +- drivers/md/raid5.c | 40 ++++----------------- 10 files changed, 116 insertions(+), 116 deletions(-) -- 2.7.4

7 years, 5 months

3
8
0 0

[PATCH 6/6] tracing: Fix missing return symbol in function_graph output

by Steven Rostedt

From: Changbin Du <changbin.du(a)intel.com> The function_graph tracer does not show the interrupt return marker for the leaf entry. On leaf entries, we see an unbalanced interrupt marker (the interrupt was entered, but nevern left). Before: 1) | SyS_write() { 1) | __fdget_pos() { 1) 0.061 us | __fget_light(); 1) 0.289 us | } 1) | vfs_write() { 1) 0.049 us | rw_verify_area(); 1) + 15.424 us | __vfs_write(); 1) ==========> | 1) 6.003 us | smp_apic_timer_interrupt(); 1) 0.055 us | __fsnotify_parent(); 1) 0.073 us | fsnotify(); 1) + 23.665 us | } 1) + 24.501 us | } After: 0) | SyS_write() { 0) | __fdget_pos() { 0) 0.052 us | __fget_light(); 0) 0.328 us | } 0) | vfs_write() { 0) 0.057 us | rw_verify_area(); 0) | __vfs_write() { 0) ==========> | 0) 8.548 us | smp_apic_timer_interrupt(); 0) <========== | 0) + 36.507 us | } /* __vfs_write */ 0) 0.049 us | __fsnotify_parent(); 0) 0.066 us | fsnotify(); 0) + 50.064 us | } 0) + 50.952 us | } Link: http://lkml.kernel.org/r/1517413729-20411-1-git-send-email-changbin.du@inte… Cc: stable(a)vger.kernel.org Fixes: f8b755ac8e0cc ("tracing/function-graph-tracer: Output arrows signal on hardirq call/return") Signed-off-by: Changbin Du <changbin.du(a)intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_functions_graph.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index 23c0b0cb5fb9..169b3c44ee97 100644 --- a/kernel/trace/trace_functions_graph.c +++ b/kernel/trace/trace_functions_graph.c @@ -831,6 +831,7 @@ print_graph_entry_leaf(struct trace_iterator *iter, struct ftrace_graph_ret *graph_ret; struct ftrace_graph_ent *call; unsigned long long duration; + int cpu = iter->cpu; int i; graph_ret = &ret_entry->ret; @@ -839,7 +840,6 @@ print_graph_entry_leaf(struct trace_iterator *iter, if (data) { struct fgraph_cpu_data *cpu_data; - int cpu = iter->cpu; cpu_data = per_cpu_ptr(data->cpu_data, cpu); @@ -869,6 +869,9 @@ print_graph_entry_leaf(struct trace_iterator *iter, trace_seq_printf(s, "%ps();\n", (void *)call->func); + print_graph_irq(iter, graph_ret->func, TRACE_GRAPH_RET, + cpu, iter->ent->pid, flags); + return trace_handle_return(s); } -- 2.17.1

7 years, 5 months

1
0
0 0

[PATCH 1/6] tracing: Avoid string overflow

by Steven Rostedt

From: Arnd Bergmann <arnd(a)arndb.de> 'err' is used as a NUL-terminated string, but using strncpy() with the length equal to the buffer size may result in lack of the termination: kernel/trace/trace_events_hist.c: In function 'hist_err_event': kernel/trace/trace_events_hist.c:396:3: error: 'strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation] strncpy(err, var, MAX_FILTER_STR_VAL); This changes it to use the safer strscpy() instead. Link: http://lkml.kernel.org/r/20180328140920.2842153-1-arnd@arndb.de Cc: stable(a)vger.kernel.org Fixes: f404da6e1d46 ("tracing: Add 'last error' error facility for hist triggers") Acked-by: Tom Zanussi <tom.zanussi(a)linux.intel.com> Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 046c716a6536..aae18af94c94 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -393,7 +393,7 @@ static void hist_err_event(char *str, char *system, char *event, char *var) else if (system) snprintf(err, MAX_FILTER_STR_VAL, "%s.%s", system, event); else - strncpy(err, var, MAX_FILTER_STR_VAL); + strscpy(err, var, MAX_FILTER_STR_VAL); hist_err(str, err); } -- 2.17.1

7 years, 5 months

1
0
0 0

[PATCH] arm64: dts: stratix10: Fix SPI nodes for Stratix10

by thor.thayer＠linux.intel.com

From: Thor Thayer <thor.thayer(a)linux.intel.com> Patch did not apply cleanly to 4.9 and 4.14 stable branches because of additional node properties added after 4.14. So backport patch and cleanup commit 4595299c5eae ("arm64: dts: stratix10: Fix SPI nodes for Stratix10") Remove the unused bus-num node and change num-chipselect to num-cs to match SPI bindings. Cc: stable(a)vger.kernel.org # 4.14.x Cc: stable(a)vger.kernel.org # 4.9.x Fixes: 78cd6a9d8e154 ("arm64: dts: Add base stratix 10 dtsi") Signed-off-by: Thor Thayer <thor.thayer(a)linux.intel.com> Signed-off-by: Dinh Nguyen <dinguyen(a)kernel.org> Signed-off-by: Olof Johansson <olof(a)lixom.net> --- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi index c2b9bcb0ef61..57f75453ee93 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi @@ -231,8 +231,7 @@ #size-cells = <0>; reg = <0xffda4000 0x1000>; interrupts = <0 101 4>; - num-chipselect = <4>; - bus-num = <0>; + num-cs = <4>; status = "disabled"; }; @@ -242,8 +241,7 @@ #size-cells = <0>; reg = <0xffda5000 0x1000>; interrupts = <0 102 4>; - num-chipselect = <4>; - bus-num = <0>; + num-cs = <4>; status = "disabled"; }; -- 2.7.4

7 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] dm: prevent DAX mounts if not supported" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From dbc626597c39b24cefce09fbd8e9dea85869a801 Mon Sep 17 00:00:00 2001 From: Ross Zwisler <ross.zwisler(a)linux.intel.com> Date: Tue, 26 Jun 2018 16:30:41 -0600 Subject: [PATCH] dm: prevent DAX mounts if not supported Currently device_supports_dax() just checks to see if the QUEUE_FLAG_DAX flag is set on the device's request queue to decide whether or not the device supports filesystem DAX. Really we should be using bdev_dax_supported() like filesystems do at mount time. This performs other tests like checking to make sure the dax_direct_access() path works. We also explicitly clear QUEUE_FLAG_DAX on the DM device's request queue if any of the underlying devices do not support DAX. This makes the handling of QUEUE_FLAG_DAX consistent with the setting/clearing of most other flags in dm_table_set_restrictions(). Now that bdev_dax_supported() explicitly checks for QUEUE_FLAG_DAX, this will ensure that filesystems built upon DM devices will only be able to mount with DAX if all underlying devices also support DAX. Signed-off-by: Ross Zwisler <ross.zwisler(a)linux.intel.com> Fixes: commit 545ed20e6df6 ("dm: add infrastructure for DAX support") Cc: stable(a)vger.kernel.org Acked-by: Dan Williams <dan.j.williams(a)intel.com> Reviewed-by: Toshi Kani <toshi.kani(a)hpe.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c index 938766794c2e..3d0e2c198f06 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c @@ -885,9 +885,7 @@ EXPORT_SYMBOL_GPL(dm_table_set_type); static int device_supports_dax(struct dm_target *ti, struct dm_dev *dev, sector_t start, sector_t len, void *data) { - struct request_queue *q = bdev_get_queue(dev->bdev); - - return q && blk_queue_dax(q); + return bdev_dax_supported(dev->bdev, PAGE_SIZE); } static bool dm_table_supports_dax(struct dm_table *t) @@ -1907,6 +1905,9 @@ void dm_table_set_restrictions(struct dm_table *t, struct request_queue *q, if (dm_table_supports_dax(t)) blk_queue_flag_set(QUEUE_FLAG_DAX, q); + else + blk_queue_flag_clear(QUEUE_FLAG_DAX, q); + if (dm_table_supports_dax_write_cache(t)) dax_write_cache(t->md->dax_dev, true); diff --git a/drivers/md/dm.c b/drivers/md/dm.c index a3b103e8e3ce..b0dd7027848b 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -1056,8 +1056,7 @@ static long dm_dax_direct_access(struct dax_device *dax_dev, pgoff_t pgoff, if (len < 1) goto out; nr_pages = min(len, nr_pages); - if (ti->type->direct_access) - ret = ti->type->direct_access(ti, pgoff, nr_pages, kaddr, pfn); + ret = ti->type->direct_access(ti, pgoff, nr_pages, kaddr, pfn); out: dm_put_live_table(md, srcu_idx);

7 years, 5 months

2
1
0 0

[PATCH] MIPS: Fix ioremap() RAM check

by Paul Burton

We currently attempt to check whether a physical address range provided to __ioremap() may be in use by the page allocator by examining the value of PageReserved for each page in the region - lowmem pages not marked reserved are presumed to be in use by the page allocator, and requests to ioremap them fail. The way we check this has been broken since commit 92923ca3aace ("mm: meminit: only set page reserved in the memblock region"), because memblock will typically not have any knowledge of non-RAM pages and therefore those pages will not have the PageReserved flag set. Thus when we attempt to ioremap a region outside of RAM we incorrectly fail believing that the region is RAM that may be in use. In most cases ioremap() on MIPS will take a fast-path to use the unmapped kseg1 or xkphys virtual address spaces and never hit this path, so the only way to hit it is for a MIPS32 system to attempt to ioremap() an address range in lowmem with flags other than _CACHE_UNCACHED. Perhaps the most straightforward way to do this is using ioremap_uncached_accelerated(), which is how the problem was discovered. Fix this by making use of walk_system_ram_range() to test the address range provided to __ioremap() against only RAM pages, rather than all lowmem pages. This means that if we have a lowmem I/O region, which is very common for MIPS systems, we're free to ioremap() address ranges within it. A nice bonus is that the test is no longer limited to lowmem. The approach here matches the way x86 performed the same test after commit c81c8a1eeede ("x86, ioremap: Speed up check for RAM pages") until x86 moved towards a slightly more complicated check using walk_mem_res() for unrelated reasons with commit 0e4c12b45aa8 ("x86/mm, resource: Use PAGE_KERNEL protection for ioremap of memory pages"). Signed-off-by: Paul Burton <paul.burton(a)mips.com> Reported-by: Serge Semin <fancer.lancer(a)gmail.com> Tested-by: Serge Semin <fancer.lancer(a)gmail.com> Fixes: 92923ca3aace ("mm: meminit: only set page reserved in the memblock region") Cc: James Hogan <jhogan(a)kernel.org> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: linux-mips(a)linux-mips.org Cc: stable(a)vger.kernel.org # v4.2+ --- arch/mips/mm/ioremap.c | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/arch/mips/mm/ioremap.c b/arch/mips/mm/ioremap.c index 1986e09fb457..1601d90b087b 100644 --- a/arch/mips/mm/ioremap.c +++ b/arch/mips/mm/ioremap.c @@ -9,6 +9,7 @@ #include <linux/export.h> #include <asm/addrspace.h> #include <asm/byteorder.h> +#include <linux/ioport.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/vmalloc.h> @@ -98,6 +99,20 @@ static int remap_area_pages(unsigned long address, phys_addr_t phys_addr, return error; } +static int __ioremap_check_ram(unsigned long start_pfn, unsigned long nr_pages, + void *arg) +{ + unsigned long i; + + for (i = 0; i < nr_pages; i++) { + if (pfn_valid(start_pfn + i) && + !PageReserved(pfn_to_page(start_pfn + i))) + return 1; + } + + return 0; +} + /* * Generic mapping function (not visible outside): */ @@ -116,8 +131,8 @@ static int remap_area_pages(unsigned long address, phys_addr_t phys_addr, void __iomem * __ioremap(phys_addr_t phys_addr, phys_addr_t size, unsigned long flags) { + unsigned long offset, pfn, last_pfn; struct vm_struct * area; - unsigned long offset; phys_addr_t last_addr; void * addr; @@ -137,18 +152,16 @@ void __iomem * __ioremap(phys_addr_t phys_addr, phys_addr_t size, unsigned long return (void __iomem *) CKSEG1ADDR(phys_addr); /* - * Don't allow anybody to remap normal RAM that we're using.. + * Don't allow anybody to remap RAM that may be allocated by the page + * allocator, since that could lead to races & data clobbering. */ - if (phys_addr < virt_to_phys(high_memory)) { - char *t_addr, *t_end; - struct page *page; - - t_addr = __va(phys_addr); - t_end = t_addr + (size - 1); - - for(page = virt_to_page(t_addr); page <= virt_to_page(t_end); page++) - if(!PageReserved(page)) - return NULL; + pfn = PFN_DOWN(phys_addr); + last_pfn = PFN_DOWN(last_addr); + if (walk_system_ram_range(pfn, last_pfn - pfn + 1, NULL, + __ioremap_check_ram) == 1) { + WARN_ONCE(1, "ioremap on RAM at %pa - %pa\n", + &phys_addr, &last_addr); + return NULL; } /* -- 2.18.0

7 years, 5 months

1
0
0 0

[PATCH v2] dm-zoned: Avoid triggering reclaim from inside dmz_map()

by Bart Van Assche

This patch avoids that lockdep reports the following: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc1 #62 Not tainted ------------------------------------------------------ kswapd0/84 is trying to acquire lock: 00000000c313516d (&xfs_nondir_ilock_class){++++}, at: xfs_free_eofblocks+0xa2/0x1e0 but task is already holding lock: 00000000591c83ae (fs_reclaim){+.+.}, at: __fs_reclaim_acquire+0x5/0x30 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (fs_reclaim){+.+.}: kmem_cache_alloc+0x2c/0x2b0 radix_tree_node_alloc.constprop.19+0x3d/0xc0 __radix_tree_create+0x161/0x1c0 __radix_tree_insert+0x45/0x210 dmz_map+0x245/0x2d0 [dm_zoned] __map_bio+0x40/0x260 __split_and_process_non_flush+0x116/0x220 __split_and_process_bio+0x81/0x180 __dm_make_request.isra.32+0x5a/0x100 generic_make_request+0x36e/0x690 submit_bio+0x6c/0x140 mpage_readpages+0x19e/0x1f0 read_pages+0x6d/0x1b0 __do_page_cache_readahead+0x21b/0x2d0 force_page_cache_readahead+0xc4/0x100 generic_file_read_iter+0x7c6/0xd20 __vfs_read+0x102/0x180 vfs_read+0x9b/0x140 ksys_read+0x55/0xc0 do_syscall_64+0x5a/0x1f0 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #1 (&dmz->chunk_lock){+.+.}: dmz_map+0x133/0x2d0 [dm_zoned] __map_bio+0x40/0x260 __split_and_process_non_flush+0x116/0x220 __split_and_process_bio+0x81/0x180 __dm_make_request.isra.32+0x5a/0x100 generic_make_request+0x36e/0x690 submit_bio+0x6c/0x140 _xfs_buf_ioapply+0x31c/0x590 xfs_buf_submit_wait+0x73/0x520 xfs_buf_read_map+0x134/0x2f0 xfs_trans_read_buf_map+0xc3/0x580 xfs_read_agf+0xa5/0x1e0 xfs_alloc_read_agf+0x59/0x2b0 xfs_alloc_pagf_init+0x27/0x60 xfs_bmap_longest_free_extent+0x43/0xb0 xfs_bmap_btalloc_nullfb+0x7f/0xf0 xfs_bmap_btalloc+0x428/0x7c0 xfs_bmapi_write+0x598/0xcc0 xfs_iomap_write_allocate+0x15a/0x330 xfs_map_blocks+0x1cf/0x3f0 xfs_do_writepage+0x15f/0x7b0 write_cache_pages+0x1ca/0x540 xfs_vm_writepages+0x65/0xa0 do_writepages+0x48/0xf0 __writeback_single_inode+0x58/0x730 writeback_sb_inodes+0x249/0x5c0 wb_writeback+0x11e/0x550 wb_workfn+0xa3/0x670 process_one_work+0x228/0x670 worker_thread+0x3c/0x390 kthread+0x11c/0x140 ret_from_fork+0x3a/0x50 -> #0 (&xfs_nondir_ilock_class){++++}: down_read_nested+0x43/0x70 xfs_free_eofblocks+0xa2/0x1e0 xfs_fs_destroy_inode+0xac/0x270 dispose_list+0x51/0x80 prune_icache_sb+0x52/0x70 super_cache_scan+0x127/0x1a0 shrink_slab.part.47+0x1bd/0x590 shrink_node+0x3b5/0x470 balance_pgdat+0x158/0x3b0 kswapd+0x1ba/0x600 kthread+0x11c/0x140 ret_from_fork+0x3a/0x50 other info that might help us debug this: Chain exists of: &xfs_nondir_ilock_class --> &dmz->chunk_lock --> fs_reclaim Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(fs_reclaim); lock(&dmz->chunk_lock); lock(fs_reclaim); lock(&xfs_nondir_ilock_class); *** DEADLOCK *** 3 locks held by kswapd0/84: #0: 00000000591c83ae (fs_reclaim){+.+.}, at: __fs_reclaim_acquire+0x5/0x30 #1: 000000000f8208f5 (shrinker_rwsem){++++}, at: shrink_slab.part.47+0x3f/0x590 #2: 00000000cacefa54 (&type->s_umount_key#43){.+.+}, at: trylock_super+0x16/0x50 stack backtrace: CPU: 7 PID: 84 Comm: kswapd0 Not tainted 4.18.0-rc1 #62 Hardware name: Supermicro Super Server/X10SRL-F, BIOS 2.0 12/17/2015 Call Trace: dump_stack+0x85/0xcb print_circular_bug.isra.36+0x1ce/0x1db __lock_acquire+0x124e/0x1310 lock_acquire+0x9f/0x1f0 down_read_nested+0x43/0x70 xfs_free_eofblocks+0xa2/0x1e0 xfs_fs_destroy_inode+0xac/0x270 dispose_list+0x51/0x80 prune_icache_sb+0x52/0x70 super_cache_scan+0x127/0x1a0 shrink_slab.part.47+0x1bd/0x590 shrink_node+0x3b5/0x470 balance_pgdat+0x158/0x3b0 kswapd+0x1ba/0x600 kthread+0x11c/0x140 ret_from_fork+0x3a/0x50 Reported-by: Masato Suzuki <masato.suzuki(a)wdc.com> Fixes: 4218a9554653 ("dm zoned: use GFP_NOIO in I/O path") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Damien Le Moal <Damien.LeMoal(a)wdc.com> Cc: Mikulas Patocka <mpatocka(a)redhat.com> Cc: <stable(a)vger.kernel.org> --- Changes compared to v1: added "Cc: stable" drivers/md/dm-zoned-target.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/md/dm-zoned-target.c b/drivers/md/dm-zoned-target.c index 3c0e45f4dcf5..a44183ff4be0 100644 --- a/drivers/md/dm-zoned-target.c +++ b/drivers/md/dm-zoned-target.c @@ -787,7 +787,7 @@ static int dmz_ctr(struct dm_target *ti, unsigned int argc, char **argv) /* Chunk BIO work */ mutex_init(&dmz->chunk_lock); - INIT_RADIX_TREE(&dmz->chunk_rxtree, GFP_KERNEL); + INIT_RADIX_TREE(&dmz->chunk_rxtree, GFP_NOIO); dmz->chunk_wq = alloc_workqueue("dmz_cwq_%s", WQ_MEM_RECLAIM | WQ_UNBOUND, 0, dev->name); if (!dmz->chunk_wq) { -- 2.17.1

7 years, 5 months

3
2
0 0

[merged] mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: teach dump_page() to correctly output poisoned struct pages has been removed from the -mm tree. Its filename was mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Pavel Tatashin <pasha.tatashin(a)oracle.com> Subject: mm: teach dump_page() to correctly output poisoned struct pages If struct page is poisoned, and uninitialized access is detected via PF_POISONED_CHECK(page) dump_page() is called to output the page. But, the dump_page() itself accesses struct page to determine how to print it, and therefore gets into a recursive loop. For example: dump_page() __dump_page() PageSlab(page) PF_POISONED_CHECK(page) VM_BUG_ON_PGFLAGS(PagePoisoned(page), page) dump_page() recursion loop. Link: http://lkml.kernel.org/r/20180702180536.2552-1-pasha.tatashin@oracle.com Fixes: f165b378bbdf ("mm: uninitialized struct page poisoning sanity checking") Signed-off-by: Pavel Tatashin <pasha.tatashin(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/debug.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff -puN mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages mm/debug.c --- a/mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages +++ a/mm/debug.c @@ -43,12 +43,25 @@ const struct trace_print_flags vmaflag_n void __dump_page(struct page *page, const char *reason) { + bool page_poisoned = PagePoisoned(page); + int mapcount; + + /* + * If struct page is poisoned don't access Page*() functions as that + * leads to recursive loop. Page*() check for poisoned pages, and calls + * dump_page() when detected. + */ + if (page_poisoned) { + pr_emerg("page:%px is uninitialized and poisoned", page); + goto hex_only; + } + /* * Avoid VM_BUG_ON() in page_mapcount(). * page->_mapcount space in struct page is used by sl[aou]b pages to * encode own info. */ - int mapcount = PageSlab(page) ? 0 : page_mapcount(page); + mapcount = PageSlab(page) ? 0 : page_mapcount(page); pr_emerg("page:%px count:%d mapcount:%d mapping:%px index:%#lx", page, page_ref_count(page), mapcount, @@ -60,6 +73,7 @@ void __dump_page(struct page *page, cons pr_emerg("flags: %#lx(%pGp)\n", page->flags, &page->flags); +hex_only: print_hex_dump(KERN_ALERT, "raw: ", DUMP_PREFIX_NONE, 32, sizeof(unsigned long), page, sizeof(struct page), false); @@ -68,7 +82,7 @@ void __dump_page(struct page *page, cons pr_alert("page dumped because: %s\n", reason); #ifdef CONFIG_MEMCG - if (page->mem_cgroup) + if (!page_poisoned && page->mem_cgroup) pr_alert("page->mem_cgroup:%px\n", page->mem_cgroup); #endif } _ Patches currently in -mm which might be from pasha.tatashin(a)oracle.com are mm-skip-invalid-pages-block-at-a-time-in-zero_resv_unresv.patch sparc64-ng4-memset-32-bits-overflow.patch

7 years, 5 months

1
0
0 0

[merged] mm-hugetlb-yield-when-prepping-struct-pages.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: hugetlb: yield when prepping struct pages has been removed from the -mm tree. Its filename was mm-hugetlb-yield-when-prepping-struct-pages.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Cannon Matthews <cannonmatthews(a)google.com> Subject: mm: hugetlb: yield when prepping struct pages When booting with very large numbers of gigantic (i.e. 1G) pages, the operations in the loop of gather_bootmem_prealloc, and specifically prep_compound_gigantic_page, takes a very long time, and can cause a softlockup if enough pages are requested at boot. For example booting with 3844 1G pages requires prepping (set_compound_head, init the count) over 1 billion 4K tail pages, which takes considerable time. Add a cond_resched() to the outer loop in gather_bootmem_prealloc() to prevent this lockup. Tested: Booted with softlockup_panic=1 hugepagesz=1G hugepages=3844 and no softlockup is reported, and the hugepages are reported as successfully setup. Link: http://lkml.kernel.org/r/20180627214447.260804-1-cannonmatthews@google.com Signed-off-by: Cannon Matthews <cannonmatthews(a)google.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Andres Lagar-Cavilla <andreslc(a)google.com> Cc: Peter Feiner <pfeiner(a)google.com> Cc: Greg Thelen <gthelen(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 1 + 1 file changed, 1 insertion(+) diff -puN mm/hugetlb.c~mm-hugetlb-yield-when-prepping-struct-pages mm/hugetlb.c --- a/mm/hugetlb.c~mm-hugetlb-yield-when-prepping-struct-pages +++ a/mm/hugetlb.c @@ -2163,6 +2163,7 @@ static void __init gather_bootmem_preall */ if (hstate_is_gigantic(h)) adjust_managed_page_count(page, 1 << h->order); + cond_resched(); } } _ Patches currently in -mm which might be from cannonmatthews(a)google.com are

7 years, 5 months

1
0
0 0

[merged] userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access has been removed from the -mm tree. Its filename was userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Janosch Frank <frankja(a)linux.ibm.com> Subject: userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access Use huge_ptep_get() to translate huge ptes to normal ptes so we can check them with the huge_pte_* functions. Otherwise some architectures will check the wrong values and will not wait for userspace to bring in the memory. Link: http://lkml.kernel.org/r/20180626132421.78084-1-frankja@linux.ibm.com Fixes: 369cd2121be4 ("userfaultfd: hugetlbfs: userfaultfd_huge_must_wait for hugepmd ranges") Signed-off-by: Janosch Frank <frankja(a)linux.ibm.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff -puN fs/userfaultfd.c~userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access fs/userfaultfd.c --- a/fs/userfaultfd.c~userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access +++ a/fs/userfaultfd.c @@ -222,24 +222,26 @@ static inline bool userfaultfd_huge_must unsigned long reason) { struct mm_struct *mm = ctx->mm; - pte_t *pte; + pte_t *ptep, pte; bool ret = true; VM_BUG_ON(!rwsem_is_locked(&mm->mmap_sem)); - pte = huge_pte_offset(mm, address, vma_mmu_pagesize(vma)); - if (!pte) + ptep = huge_pte_offset(mm, address, vma_mmu_pagesize(vma)); + + if (!ptep) goto out; ret = false; + pte = huge_ptep_get(ptep); /* * Lockless access: we're in a wait_event so it's ok if it * changes under us. */ - if (huge_pte_none(*pte)) + if (huge_pte_none(pte)) ret = true; - if (!huge_pte_write(*pte) && (reason & VM_UFFD_WP)) + if (!huge_pte_write(pte) && (reason & VM_UFFD_WP)) ret = true; out: return ret; _ Patches currently in -mm which might be from frankja(a)linux.ibm.com are

7 years, 5 months

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit dc45cafe612ec6960fe728f3260a0b751c73f4aa: Linux 4.4.136 (2018-06-06 16:46:24 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-20062018 for you to fetch changes up to 340dc6e834545e08109b42402fe692c097446c90: net/sonic: Use dma_mapping_error() (2018-06-07 15:40:15 -0400) - ---------------------------------------------------------------- for-greg-4.4-20062018 - ---------------------------------------------------------------- Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care drivers/atm/zatm.c | 4 ++-- drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + net/bridge/netfilter/ebtables.c | 3 ++- net/ipv6/xfrm6_policy.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 +++++++++++++++------ 6 files changed, 22 insertions(+), 11 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD2AACgkQ3qZv95d3 LNxa4hAAsH8GdIusq8gBegjlwklVZiCo2zvrWbwohM7Sc1TpuAjLWSVh9iuFRPKn fAAuQYlY3oTDpq/bnje4c+JTnNsjcikDETycZ3diWCiG28c9DjKatsJt/fH9yP/V vAzCboTy38kbizNpXBam6KniZ48qEvFZt2zsYpFL5HzlgHTlBOcOup7iL3P04i1S +v/QCS+OApv0VZR84Nq4mx5ofYILO7ty2xzLCTHHqzLWCEyaX3SbJXBKF5lf3Cu2 WU35HQsnTxKaM3fa7+nSsZu2xkqwNit/xAeAdf0e3ymgBc1G+DezZTJFk/+BbD1N /zWs7AN757Ae6p5HB4eV5KGM5hO8bhqtNuGv6T0eAbqi4MwNclY+J0VCTVbtDrjT bPyJHdfjNc175M2wZDw0HJWWYIHUroQ1Qcao6V9DchVPKtsLd3ICj9sXNNhp1VMo zNLfj9hRcOY/cZtj8tNC6QyoOZX1QBiTGKxDvQbQvmWsrKWQCDOCPHOJh/AycH9a jQYl4+DPMYMFh0ahrrDNBkbmI10Jcg170vQ4CEppRP1zkwbSNtHzfMlp8t2kXXTV uc2rxh/MY2DwBoXqGs6HrxH1Z/A2gcwcu8xqNAGJhaleWQEae2qFQx6eEUKekjhm +EfJIG7v2blVcMLpp06kaAwlIUK4hV2F/Tn9BoQajbBA5Lq9whI= =0hTA -----END PGP SIGNATURE-----

7 years, 5 months

2
2
0 0

[PATCH 4.9] mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers

by Ido Schimmel

commit 25cc72a33835ed8a6f53180a822cadab855852ac upstream. Jiri Slaby noticed that the backport of upstream commit 25cc72a33835 ("mlxsw: spectrum: Forbid linking to devices that have uppers") to kernel 4.9.y introduced the same check twice in the same function instead of in two different places. Fix this by relocating one of the checks to its intended place, thus preventing unsupported configurations as described in the original commit. Fixes: 73ee5a73e75f ("mlxsw: spectrum: Forbid linking to devices that have uppers") Signed-off-by: Ido Schimmel <idosch(a)mellanox.com> Reported-by: Jiri Slaby <jslaby(a)suse.cz> --- Greg, I read Documentation/stable_kernel_rules.txt, so I hope the patch is fine. Please let me know if v2 is required. Thanks --- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c index d50350c7adc4..22a5916e477e 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4187,10 +4187,6 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, if (netif_is_lag_port(dev) && is_vlan_dev(upper_dev) && !netif_is_lag_master(vlan_dev_real_dev(upper_dev))) return -EINVAL; - if (!info->linking) - break; - if (netdev_has_any_upper_dev(upper_dev)) - return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; @@ -4566,6 +4562,8 @@ static int mlxsw_sp_netdevice_vport_event(struct net_device *dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; /* We can't have multiple VLAN interfaces configured on * the same port and being members in the same bridge. */ -- 2.14.4

7 years, 5 months

2
4
0 0

FAILED: patch "[PATCH] x86/mce: Fix incorrect "Machine check from unknown source"" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 40c36e2741d7fe1e66d6ec55477ba5fd19c9c5d2 Mon Sep 17 00:00:00 2001 From: Tony Luck <tony.luck(a)intel.com> Date: Fri, 22 Jun 2018 11:54:23 +0200 Subject: [PATCH] x86/mce: Fix incorrect "Machine check from unknown source" message Some injection testing resulted in the following console log: mce: [Hardware Error]: CPU 22: Machine Check Exception: f Bank 1: bd80000000100134 mce: [Hardware Error]: RIP 10:<ffffffffc05292dd> {pmem_do_bvec+0x11d/0x330 [nd_pmem]} mce: [Hardware Error]: TSC c51a63035d52 ADDR 3234bc4000 MISC 88 mce: [Hardware Error]: PROCESSOR 0:50654 TIME 1526502199 SOCKET 0 APIC 38 microcode 2000043 mce: [Hardware Error]: Run the above through 'mcelog --ascii' Kernel panic - not syncing: Machine check from unknown source This confused everybody because the first line quite clearly shows that we found a logged error in "Bank 1", while the last line says "unknown source". The problem is that the Linux code doesn't do the right thing for a local machine check that results in a fatal error. It turns out that we know very early in the handler whether the machine check is fatal. The call to mce_no_way_out() has checked all the banks for the CPU that took the local machine check. If it says we must crash, we can do so right away with the right messages. We do scan all the banks again. This means that we might initially not see a problem, but during the second scan find something fatal. If this happens we print a slightly different message (so I can see if it actually every happens). [ bp: Remove unneeded severity assignment. ] Signed-off-by: Tony Luck <tony.luck(a)intel.com> Signed-off-by: Borislav Petkov <bp(a)suse.de> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ashok Raj <ashok.raj(a)intel.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> Cc: linux-edac <linux-edac(a)vger.kernel.org> Cc: stable(a)vger.kernel.org # 4.2 Link: http://lkml.kernel.org/r/52e049a497e86fd0b71c529651def8871c804df0.152728389… diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c index 7e6f51a9d917..e93670d736a6 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -1207,13 +1207,18 @@ void do_machine_check(struct pt_regs *regs, long error_code) lmce = m.mcgstatus & MCG_STATUS_LMCES; /* + * Local machine check may already know that we have to panic. + * Broadcast machine check begins rendezvous in mce_start() * Go through all banks in exclusion of the other CPUs. This way we * don't report duplicated events on shared banks because the first one - * to see it will clear it. If this is a Local MCE, then no need to - * perform rendezvous. + * to see it will clear it. */ - if (!lmce) + if (lmce) { + if (no_way_out) + mce_panic("Fatal local machine check", &m, msg); + } else { order = mce_start(&no_way_out); + } for (i = 0; i < cfg->banks; i++) { __clear_bit(i, toclear); @@ -1289,12 +1294,17 @@ void do_machine_check(struct pt_regs *regs, long error_code) no_way_out = worst >= MCE_PANIC_SEVERITY; } else { /* - * Local MCE skipped calling mce_reign() - * If we found a fatal error, we need to panic here. + * If there was a fatal machine check we should have + * already called mce_panic earlier in this function. + * Since we re-read the banks, we might have found + * something new. Check again to see if we found a + * fatal error. We call "mce_severity()" again to + * make sure we have the right "msg". */ - if (worst >= MCE_PANIC_SEVERITY && mca_cfg.tolerant < 3) - mce_panic("Machine check from unknown source", - NULL, NULL); + if (worst >= MCE_PANIC_SEVERITY && mca_cfg.tolerant < 3) { + mce_severity(&m, cfg->tolerant, &msg, true); + mce_panic("Local fatal machine check!", &m, msg); + } } /*

7 years, 5 months

3
4
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit b0b357c20ca6171b8ac698351f5202402b7ad7d5: Linux 3.18.112 (2018-05-30 22:08:04 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-20062018 for you to fetch changes up to b73b55ee0dd09bb24fa6a4fee94b21d97dbc51ba: net/sonic: Use dma_mapping_error() (2018-06-07 15:40:45 -0400) - ---------------------------------------------------------------- for-greg-3.18-20062018 - ---------------------------------------------------------------- Finn Thain (1): net/sonic: Use dma_mapping_error() Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care drivers/atm/zatm.c | 4 ++-- drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + net/bridge/netfilter/ebtables.c | 3 ++- 4 files changed, 6 insertions(+), 4 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD34ACgkQ3qZv95d3 LNxyQA//Td2TjwiNv4O7a5DTBTY11L1m/4aM/Sg9AR3yUtykiIfatVi5rAwdKzXl ZBhutqVj7eK7STEyNfvqT0p/qwzoXWQUMSq0BpaH+D6Vfcvo3WNfXSdwODVsYy7D d8N814Libu3zUHj4x+KXp2og8SCKqAYNgyBhd45bnrRUVbq/UQPcZsXqDSUIX6WK RHkGU96VogA/4VEdD8Tiv9wX86L4PTQwve+GpYdxRc6Cc5rAuu3tS1BQgl50nfSU MSgorHcL+RO9wWu/Ij6L1SDOgNfxrk9b9DPt9Jahm5NeF+et5t/vLuJ804osJRYE dbXk6NQ+8EMQmgCOdDKUZhiHjN6ztk2NMsqmQb1z9hsPB+5gmmPMP2vZVA0BUyjl UZVQcRwYC1+s/bOb/uqhvBD4DH5pj76hMMkz10rR8pAvVRCvoBGFU9uwtSlu3gZo 24xHREUUSrpecc61tUq3QyomzlUZUQgyvkU8GnqD+2vhiJfsuyZ33AfjVmwEl+Vn 37qgenBJLBKhXzDxOMqg+xg0mUGo63CQeIx2ERSp3DiTHOElOWJINu5MVZQYKC8w rxSBacxj+5w24IM/OxNpWZ3PAoUSlAAvmkPiQJ5Aavw0StpqvNHN+DElmLf6eVrl 2Q5ZnkFhUOB2xSRkCYpkRhq9GZWGLkWjn4ePToil4z1+X13T6Zs= =mpuV -----END PGP SIGNATURE-----

7 years, 5 months

2
1
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 2c6025ebc7fd8e0a8ca785d778dc6ae25225744b: Linux 4.14.48 (2018-06-05 11:42:00 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-20062018 for you to fetch changes up to 5cca1f6fec1180fca1be5bc6f5068b96832646db: net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (2018-06-06 23:16:01 -0400) - ---------------------------------------------------------------- for-greg-4.14-20062018 - ---------------------------------------------------------------- Alexander Duyck (1): net-sysfs: Fix memory leak in XPS configuration Damien ThÃ©bault (1): net: dsa: b53: Add BCM5389 support Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Darrick J. Wong (1): fs: clear writeback errors in inode_init_always David Howells (1): afs: Fix directory permissions check Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Hao Wei Tee (1): iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S JoÃ£o Paulo Rechi Vita (1): platform/x86: asus-wmi: Fix NULL pointer dereference Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Mathieu Xhonneux (1): ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Pablo Neira Ayuso (1): netfilter: nft_limit: fix packet ratelimiting Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care Paul Burton (1): sched/core: Require cpu_active() in select_task_rq(), for user tasks Peter Zijlstra (1): sched/core: Fix rules for running on online && !active CPUs Sebastian Ott (1): s390/dasd: use blk_mq_rq_from_pdu for per request data Suresh Reddy (1): be2net: Fix error detection logic for BE3 Taehee Yoo (3): netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval netfilter: nf_tables: increase nft_counters_enabled in nft_chain_stats_replace() Thomas Richter (1): perf test: "Session topology" dumps core on s390 YueHaibing (1): perf bpf: Fix NULL return handling in bpf__prepare_load() Documentation/devicetree/bindings/net/dsa/b53.txt | 1 + drivers/atm/zatm.c | 4 +- drivers/net/dsa/b53/b53_common.c | 13 +++++++ drivers/net/dsa/b53/b53_mdio.c | 5 ++- drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/ethernet/emulex/benet/be_main.c | 4 +- drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 10 ++--- drivers/platform/x86/asus-wmi.c | 23 +++++++----- drivers/s390/block/dasd.c | 7 +++- fs/afs/security.c | 10 ++--- fs/inode.c | 1 + kernel/sched/core.c | 45 ++++++++++++++++------- net/bridge/netfilter/ebtables.c | 3 +- net/core/net-sysfs.c | 6 +-- net/ipv6/seg6_iptunnel.c | 4 +- net/ipv6/xfrm6_policy.c | 2 +- net/kcm/kcmsock.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 ++++++++--- net/netfilter/nf_tables_api.c | 4 +- net/netfilter/nft_ct.c | 20 ++++++---- net/netfilter/nft_limit.c | 38 ++++++++++++------- net/netfilter/nft_meta.c | 14 ++++--- tools/perf/tests/topology.c | 30 ++++++++++++--- tools/perf/util/bpf-loader.c | 6 +-- 27 files changed, 183 insertions(+), 96 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD0EACgkQ3qZv95d3 LNykIRAAuOxrTFNkFNHbmF4ETHaQC1RA65ebzaxqTVO1HQUylrdU6XtGijfFfl2Q mLhFk1Om1AYOanQgOO3fPVohS+6lu4M/ld4/gfoVFOOE/Bjc2JsMO9I9OiZ5LCZQ AzToRfu7jjnvmdMhTgM+ek3/OJfDOtD4KskNZV1rjVTnYQbjblk/QonYibTgVsOm BFc5VQyKkUVrnDa+0Zcdbc2OfHSrGYoCsEIus7stBnbjGOR84qIDUTL9vMkDX0Vf 6o6QiwDkcY5sYGf5ob9BL7Bix3axAccA3Rp7Yq1GXglFFB4dwl6HBfAC6+liHTqF 2GvMDLktkZ1d4SGdabAdJahh04LFCQjgg1m7ZR61tzKzxBpu8D7eTiRQ/EPH0qrV Nob6oBoBIy4qk6KnAhPtY04TjDtK9/J6wUbG+rwYj9V5QAknrvT5zVdGsZTeVuEa R2pG6BJU7hAHv+Ndzey6c0ZxBH9fKdz7h/7ioeQGWPbmVGsebJoi+b4f5pOA31Wv 56Ne1IkhWGfCsBZMieBmWVrQrDVLoUk4DqjJW6TNXx5LvdxIDxP//oMy1plQUhS5 Mq7Ln3HKtNAnKSHgHd4RNWcE4kzvbviBxQHvVgdWTIpNTWEHrnz7L6Sh7HE6SWHJ qz2AtGJKCJL8KvmdQgbhtcYor5oOfZLDe1pZzetWLZ4yQnjJCdM= =Fakc -----END PGP SIGNATURE-----

7 years, 5 months

2
1
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 3c3d05fc6e6653bdf9f7fb3fb6922b199c7ba3ec: Linux 4.9.107 (2018-06-06 16:44:39 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-20062018 for you to fetch changes up to e957f7485f14affccc5f60f19dcce3a4f674cc0d: net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (2018-06-07 15:39:36 -0400) - ---------------------------------------------------------------- for-greg-4.9-20062018 - ---------------------------------------------------------------- Damien ThÃ©bault (1): net: dsa: b53: Add BCM5389 support Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Hao Wei Tee (1): iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S JoÃ£o Paulo Rechi Vita (1): platform/x86: asus-wmi: Fix NULL pointer dereference Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care Documentation/devicetree/bindings/net/dsa/b53.txt | 1 + drivers/atm/zatm.c | 4 ++-- drivers/net/dsa/b53/b53_common.c | 13 +++++++++++++ drivers/net/dsa/b53/b53_mdio.c | 5 ++++- drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 10 +++++----- drivers/platform/x86/asus-wmi.c | 23 +++++++++++++---------- net/bridge/netfilter/ebtables.c | 3 ++- net/ipv6/xfrm6_policy.c | 2 +- net/kcm/kcmsock.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 +++++++++++++++------ 14 files changed, 61 insertions(+), 29 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD08ACgkQ3qZv95d3 LNz7JhAAlyrbs4NT1tU0ZjZYQ78hQbojWTDyMBQSz1+SIKwey/6Mp7HFizAXghY/ 3f4KECTu8a/5P35Jo7euTy7C3RDKOnHtP2yQENuu4AGe/pivIfqqVsIANmdy+sAi BY2iXJllGYeV8777nE0lm3cQrXnAMWhTsMmwKbJk6gHHx9ueaSRns7tajiD4lXm0 Z+F07jReymaOEvi3bNAKZTSU0swprprXTG9GfKPDyfPdB7fu4J7t+HkWI071mTj+ L1gJdcW5XOPuB1Tmu0ES5rRrFsDYdeUEwFoJBq0TplmOEKSNZO+xLWgTLfRZZ3T2 W6YIM+jOs44MfI4Sy5PDmM1jHwnvyUplOxApfx570F7CiSwU8xyuDwpQZIsNrBPn FrsDIy8X7uLLCN0MG0HMO/0P8RhL2tHKwG9gN/xRPo0fOLhVprABj8fTi3FCQhTU /BYAdmj4s58BuEEPND9swFYx96UTNuVVb47HB0+3FasPmCnGdhiVXb+HSSY6tW1a GNQqpcsUUtVoe4sFgb4s2pqZjnXfepvd4EhsI8cGU4KoTQ/vbwK4OVJS+MrSehoB yi169EwX0jL6ILtLNDBm2SVVcw7ukAEq4aDJRjko+X6xWFZxhnGTnFsZldkOEjld DVDGFhcTyUiGE7wVsnZGANMhHhT2LjtyeGDKpQiFn6lMagp0IM4= =gZsz -----END PGP SIGNATURE-----

7 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] ubi: fastmap: Correctly handle interrupted erasures in EBA" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 781932375ffc6411713ee0926ccae8596ed0261c Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Mon, 28 May 2018 22:04:32 +0200 Subject: [PATCH] ubi: fastmap: Correctly handle interrupted erasures in EBA Fastmap cannot track the LEB unmap operation, therefore it can happen that after an interrupted erasure the mapping still looks good from Fastmap's point of view, while reading from the PEB will cause an ECC error and confuses the upper layer. Instead of teaching users of UBI how to deal with that, we read back the VID header and check for errors. If the PEB is empty or shows ECC errors we fixup the mapping and schedule the PEB for erasure. Fixes: dbb7d2a88d2a ("UBI: Add fastmap core") Cc: <stable(a)vger.kernel.org> Reported-by: martin bayern <Martinbayern(a)outlook.com> Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/drivers/mtd/ubi/eba.c b/drivers/mtd/ubi/eba.c index 250e30fac61b..593a4f9d97e3 100644 --- a/drivers/mtd/ubi/eba.c +++ b/drivers/mtd/ubi/eba.c @@ -490,6 +490,82 @@ int ubi_eba_unmap_leb(struct ubi_device *ubi, struct ubi_volume *vol, return err; } +#ifdef CONFIG_MTD_UBI_FASTMAP +/** + * check_mapping - check and fixup a mapping + * @ubi: UBI device description object + * @vol: volume description object + * @lnum: logical eraseblock number + * @pnum: physical eraseblock number + * + * Checks whether a given mapping is valid. Fastmap cannot track LEB unmap + * operations, if such an operation is interrupted the mapping still looks + * good, but upon first read an ECC is reported to the upper layer. + * Normaly during the full-scan at attach time this is fixed, for Fastmap + * we have to deal with it while reading. + * If the PEB behind a LEB shows this symthom we change the mapping to + * %UBI_LEB_UNMAPPED and schedule the PEB for erasure. + * + * Returns 0 on success, negative error code in case of failure. + */ +static int check_mapping(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, + int *pnum) +{ + int err; + struct ubi_vid_io_buf *vidb; + + if (!ubi->fast_attach) + return 0; + + vidb = ubi_alloc_vid_buf(ubi, GFP_NOFS); + if (!vidb) + return -ENOMEM; + + err = ubi_io_read_vid_hdr(ubi, *pnum, vidb, 0); + if (err > 0 && err != UBI_IO_BITFLIPS) { + int torture = 0; + + switch (err) { + case UBI_IO_FF: + case UBI_IO_FF_BITFLIPS: + case UBI_IO_BAD_HDR: + case UBI_IO_BAD_HDR_EBADMSG: + break; + default: + ubi_assert(0); + } + + if (err == UBI_IO_BAD_HDR_EBADMSG || err == UBI_IO_FF_BITFLIPS) + torture = 1; + + down_read(&ubi->fm_eba_sem); + vol->eba_tbl->entries[lnum].pnum = UBI_LEB_UNMAPPED; + up_read(&ubi->fm_eba_sem); + ubi_wl_put_peb(ubi, vol->vol_id, lnum, *pnum, torture); + + *pnum = UBI_LEB_UNMAPPED; + } else if (err < 0) { + ubi_err(ubi, "unable to read VID header back from PEB %i: %i", + *pnum, err); + + goto out_free; + } + + err = 0; + +out_free: + ubi_free_vid_buf(vidb); + + return err; +} +#else +static int check_mapping(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, + int *pnum) +{ + return 0; +} +#endif + /** * ubi_eba_read_leb - read data. * @ubi: UBI device description object @@ -522,7 +598,13 @@ int ubi_eba_read_leb(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, return err; pnum = vol->eba_tbl->entries[lnum].pnum; - if (pnum < 0) { + if (pnum >= 0) { + err = check_mapping(ubi, vol, lnum, &pnum); + if (err < 0) + goto out_unlock; + } + + if (pnum == UBI_LEB_UNMAPPED) { /* * The logical eraseblock is not mapped, fill the whole buffer * with 0xFF bytes. The exception is static volumes for which @@ -930,6 +1012,12 @@ int ubi_eba_write_leb(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, return err; pnum = vol->eba_tbl->entries[lnum].pnum; + if (pnum >= 0) { + err = check_mapping(ubi, vol, lnum, &pnum); + if (err < 0) + goto out; + } + if (pnum >= 0) { dbg_eba("write %d bytes at offset %d of LEB %d:%d, PEB %d", len, offset, vol_id, lnum, pnum);

7 years, 5 months

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror