- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] Patch "dma-buf/sw-sync: Reduce irqsave/irqrestore from known context" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled dma-buf/sw-sync: Reduce irqsave/irqrestore from known context to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: dma-buf-sw-sync-reduce-irqsave-irqrestore-from-known-context.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From a6aa8fca4d792c72947e341d7842d2f700534335 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 29 Jun 2017 13:59:27 +0100 Subject: dma-buf/sw-sync: Reduce irqsave/irqrestore from known context From: Chris Wilson <chris(a)chris-wilson.co.uk> commit a6aa8fca4d792c72947e341d7842d2f700534335 upstream. If we know the context under which we are called, then we can use the simpler form of spin_lock_irq (saving the save/restore). Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Sean Paul <seanpaul(a)chromium.org> Cc: Gustavo Padovan <gustavo(a)padovan.org> Reviewed-by: Sean Paul <seanpaul(a)chromium.org> Signed-off-by: Gustavo Padovan <gustavo.padovan(a)collabora.com> Link: http://patchwork.freedesktop.org/patch/msgid/20170629125930.821-4-chris@chr… [s/dma_fence/fence/g - gregkh] Cc: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/dma-buf/sw_sync.c | 15 +++++++++------ drivers/dma-buf/sync_debug.c | 14 ++++++-------- 2 files changed, 15 insertions(+), 14 deletions(-) --- a/drivers/dma-buf/sw_sync.c +++ b/drivers/dma-buf/sw_sync.c @@ -135,12 +135,11 @@ static void sync_timeline_put(struct syn */ static void sync_timeline_signal(struct sync_timeline *obj, unsigned int inc) { - unsigned long flags; struct sync_pt *pt, *next; trace_sync_timeline(obj); - spin_lock_irqsave(&obj->child_list_lock, flags); + spin_lock_irq(&obj->child_list_lock); obj->value += inc; @@ -150,7 +149,7 @@ static void sync_timeline_signal(struct list_del_init(&pt->active_list); } - spin_unlock_irqrestore(&obj->child_list_lock, flags); + spin_unlock_irq(&obj->child_list_lock); } /** @@ -167,7 +166,6 @@ static void sync_timeline_signal(struct static struct sync_pt *sync_pt_create(struct sync_timeline *obj, int size, unsigned int value) { - unsigned long flags; struct sync_pt *pt; if (size < sizeof(*pt)) @@ -177,13 +175,16 @@ static struct sync_pt *sync_pt_create(st if (!pt) return NULL; - spin_lock_irqsave(&obj->child_list_lock, flags); + spin_lock_irq(&obj->child_list_lock); + sync_timeline_get(obj); fence_init(&pt->base, &timeline_fence_ops, &obj->child_list_lock, obj->context, value); list_add_tail(&pt->child_list, &obj->child_list_head); INIT_LIST_HEAD(&pt->active_list); - spin_unlock_irqrestore(&obj->child_list_lock, flags); + + spin_unlock_irq(&obj->child_list_lock); + return pt; } @@ -206,9 +207,11 @@ static void timeline_fence_release(struc unsigned long flags; spin_lock_irqsave(fence->lock, flags); + list_del(&pt->child_list); if (!list_empty(&pt->active_list)) list_del(&pt->active_list); + spin_unlock_irqrestore(fence->lock, flags); sync_timeline_put(parent); --- a/drivers/dma-buf/sync_debug.c +++ b/drivers/dma-buf/sync_debug.c @@ -116,17 +116,16 @@ static void sync_print_fence(struct seq_ static void sync_print_obj(struct seq_file *s, struct sync_timeline *obj) { struct list_head *pos; - unsigned long flags; seq_printf(s, "%s: %d\n", obj->name, obj->value); - spin_lock_irqsave(&obj->child_list_lock, flags); + spin_lock_irq(&obj->child_list_lock); list_for_each(pos, &obj->child_list_head) { struct sync_pt *pt = container_of(pos, struct sync_pt, child_list); sync_print_fence(s, &pt->base, false); } - spin_unlock_irqrestore(&obj->child_list_lock, flags); + spin_unlock_irq(&obj->child_list_lock); } static void sync_print_sync_file(struct seq_file *s, @@ -149,12 +148,11 @@ static void sync_print_sync_file(struct static int sync_debugfs_show(struct seq_file *s, void *unused) { - unsigned long flags; struct list_head *pos; seq_puts(s, "objs:\n--------------\n"); - spin_lock_irqsave(&sync_timeline_list_lock, flags); + spin_lock_irq(&sync_timeline_list_lock); list_for_each(pos, &sync_timeline_list_head) { struct sync_timeline *obj = container_of(pos, struct sync_timeline, @@ -163,11 +161,11 @@ static int sync_debugfs_show(struct seq_ sync_print_obj(s, obj); seq_puts(s, "\n"); } - spin_unlock_irqrestore(&sync_timeline_list_lock, flags); + spin_unlock_irq(&sync_timeline_list_lock); seq_puts(s, "fences:\n--------------\n"); - spin_lock_irqsave(&sync_file_list_lock, flags); + spin_lock_irq(&sync_file_list_lock); list_for_each(pos, &sync_file_list_head) { struct sync_file *sync_file = container_of(pos, struct sync_file, sync_file_list); @@ -175,7 +173,7 @@ static int sync_debugfs_show(struct seq_ sync_print_sync_file(s, sync_file); seq_puts(s, "\n"); } - spin_unlock_irqrestore(&sync_file_list_lock, flags); + spin_unlock_irq(&sync_file_list_lock); return 0; } Patches currently in stable-queue which might be from chris(a)chris-wilson.co.uk are queue-4.9/dma-buf-sw-sync-fix-the-is-signaled-test-to-handle-u32-wraparound.patch queue-4.9/dma-fence-clear-fence-status-during-dma_fence_init.patch queue-4.9/dma-buf-sw-sync-fix-locking-around-sync_timeline-lists.patch queue-4.9/dma-fence-wrap-querying-the-fence-status.patch queue-4.9/dma-buf-sw_sync-clean-up-list-before-signaling-the-fence.patch queue-4.9/dma-buf-sw-sync-reduce-irqsave-irqrestore-from-known-context.patch queue-4.9/dma-buf-sw_sync-move-timeline_fence_ops-around.patch queue-4.9/dma-buf-sw-sync-prevent-user-overflow-on-timeline-advance.patch queue-4.9/dma-fence-introduce-drm_fence_set_error-helper.patch queue-4.9/dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch queue-4.9/dma-buf-sw-sync-use-an-rbtree-to-sort-fences-in-the-timeline.patch queue-4.9/dma-buf-sw-sync-sync_pt-is-private-and-of-fixed-size.patch queue-4.9/dma-buf-dma-fence-extract-__dma_fence_is_later.patch

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] Patch "dma-buf/sw-sync: Fix locking around sync_timeline lists" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled dma-buf/sw-sync: Fix locking around sync_timeline lists to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: dma-buf-sw-sync-fix-locking-around-sync_timeline-lists.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From d3862e44daa7a0c94d2f6193502a8c49379acfce Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 29 Jun 2017 22:05:32 +0100 Subject: dma-buf/sw-sync: Fix locking around sync_timeline lists From: Chris Wilson <chris(a)chris-wilson.co.uk> commit d3862e44daa7a0c94d2f6193502a8c49379acfce upstream. The sync_pt were not adding themselves atomically to the timeline lists, corruption imminent. Only a single list is required to track the unsignaled sync_pt, so reduce it and rename the lock more appropriately along with using idiomatic names to distinguish a list from links along it. v2: Prevent spinlock recursion on free during create (next patch) and fixup crossref in kerneldoc Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Sean Paul <seanpaul(a)chromium.org> Cc: Gustavo Padovan <gustavo(a)padovan.org> Reviewed-by: Sean Paul <seanpaul(a)chromium.org> Signed-off-by: Gustavo Padovan <gustavo.padovan(a)collabora.com> Link: http://patchwork.freedesktop.org/patch/msgid/20170629210532.5617-1-chris@ch… [s/dma_fence/fence/g - gregkh] Cc: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/dma-buf/sw_sync.c | 48 +++++++++++++++++-------------------------- drivers/dma-buf/sync_debug.c | 9 +++----- drivers/dma-buf/sync_debug.h | 22 +++++++------------ 3 files changed, 31 insertions(+), 48 deletions(-) --- a/drivers/dma-buf/sw_sync.c +++ b/drivers/dma-buf/sw_sync.c @@ -96,9 +96,8 @@ struct sync_timeline *sync_timeline_crea obj->context = fence_context_alloc(1); strlcpy(obj->name, name, sizeof(obj->name)); - INIT_LIST_HEAD(&obj->child_list_head); - INIT_LIST_HEAD(&obj->active_list_head); - spin_lock_init(&obj->child_list_lock); + INIT_LIST_HEAD(&obj->pt_list); + spin_lock_init(&obj->lock); sync_timeline_debug_add(obj); @@ -139,17 +138,15 @@ static void sync_timeline_signal(struct trace_sync_timeline(obj); - spin_lock_irq(&obj->child_list_lock); + spin_lock_irq(&obj->lock); obj->value += inc; - list_for_each_entry_safe(pt, next, &obj->active_list_head, - active_list) { + list_for_each_entry_safe(pt, next, &obj->pt_list, link) if (fence_is_signaled_locked(&pt->base)) - list_del_init(&pt->active_list); - } + list_del_init(&pt->link); - spin_unlock_irq(&obj->child_list_lock); + spin_unlock_irq(&obj->lock); } /** @@ -171,15 +168,15 @@ static struct sync_pt *sync_pt_create(st if (!pt) return NULL; - spin_lock_irq(&obj->child_list_lock); - sync_timeline_get(obj); - fence_init(&pt->base, &timeline_fence_ops, &obj->child_list_lock, + fence_init(&pt->base, &timeline_fence_ops, &obj->lock, obj->context, value); - list_add_tail(&pt->child_list, &obj->child_list_head); - INIT_LIST_HEAD(&pt->active_list); + INIT_LIST_HEAD(&pt->link); - spin_unlock_irq(&obj->child_list_lock); + spin_lock_irq(&obj->lock); + if (!fence_is_signaled_locked(&pt->base)) + list_add_tail(&pt->link, &obj->pt_list); + spin_unlock_irq(&obj->lock); return pt; } @@ -200,15 +197,15 @@ static void timeline_fence_release(struc { struct sync_pt *pt = fence_to_sync_pt(fence); struct sync_timeline *parent = fence_parent(fence); - unsigned long flags; - spin_lock_irqsave(fence->lock, flags); + if (!list_empty(&pt->link)) { + unsigned long flags; - list_del(&pt->child_list); - if (!list_empty(&pt->active_list)) - list_del(&pt->active_list); - - spin_unlock_irqrestore(fence->lock, flags); + spin_lock_irqsave(fence->lock, flags); + if (!list_empty(&pt->link)) + list_del(&pt->link); + spin_unlock_irqrestore(fence->lock, flags); + } sync_timeline_put(parent); fence_free(fence); @@ -223,13 +220,6 @@ static bool timeline_fence_signaled(stru static bool timeline_fence_enable_signaling(struct fence *fence) { - struct sync_pt *pt = fence_to_sync_pt(fence); - struct sync_timeline *parent = fence_parent(fence); - - if (timeline_fence_signaled(fence)) - return false; - - list_add_tail(&pt->active_list, &parent->active_list_head); return true; } --- a/drivers/dma-buf/sync_debug.c +++ b/drivers/dma-buf/sync_debug.c @@ -119,13 +119,12 @@ static void sync_print_obj(struct seq_fi seq_printf(s, "%s: %d\n", obj->name, obj->value); - spin_lock_irq(&obj->child_list_lock); - list_for_each(pos, &obj->child_list_head) { - struct sync_pt *pt = - container_of(pos, struct sync_pt, child_list); + spin_lock_irq(&obj->lock); + list_for_each(pos, &obj->pt_list) { + struct sync_pt *pt = container_of(pos, struct sync_pt, link); sync_print_fence(s, &pt->base, false); } - spin_unlock_irq(&obj->child_list_lock); + spin_unlock_irq(&obj->lock); } static void sync_print_sync_file(struct seq_file *s, --- a/drivers/dma-buf/sync_debug.h +++ b/drivers/dma-buf/sync_debug.h @@ -24,43 +24,37 @@ * struct sync_timeline - sync object * @kref: reference count on fence. * @name: name of the sync_timeline. Useful for debugging - * @child_list_head: list of children sync_pts for this sync_timeline - * @child_list_lock: lock protecting @child_list_head and fence.status - * @active_list_head: list of active (unsignaled/errored) sync_pts + * @lock: lock protecting @pt_list and @value + * @pt_list: list of active (unsignaled/errored) sync_pts * @sync_timeline_list: membership in global sync_timeline_list */ struct sync_timeline { struct kref kref; char name[32]; - /* protected by child_list_lock */ + /* protected by lock */ u64 context; int value; - struct list_head child_list_head; - spinlock_t child_list_lock; - - struct list_head active_list_head; + struct list_head pt_list; + spinlock_t lock; struct list_head sync_timeline_list; }; static inline struct sync_timeline *fence_parent(struct fence *fence) { - return container_of(fence->lock, struct sync_timeline, - child_list_lock); + return container_of(fence->lock, struct sync_timeline, lock); } /** * struct sync_pt - sync_pt object * @base: base fence object - * @child_list: sync timeline child's list - * @active_list: sync timeline active child's list + * @link: link on the sync timeline's list */ struct sync_pt { struct fence base; - struct list_head child_list; - struct list_head active_list; + struct list_head link; }; #ifdef CONFIG_SW_SYNC Patches currently in stable-queue which might be from chris(a)chris-wilson.co.uk are queue-4.9/dma-buf-sw-sync-fix-the-is-signaled-test-to-handle-u32-wraparound.patch queue-4.9/dma-fence-clear-fence-status-during-dma_fence_init.patch queue-4.9/dma-buf-sw-sync-fix-locking-around-sync_timeline-lists.patch queue-4.9/dma-fence-wrap-querying-the-fence-status.patch queue-4.9/dma-buf-sw_sync-clean-up-list-before-signaling-the-fence.patch queue-4.9/dma-buf-sw-sync-reduce-irqsave-irqrestore-from-known-context.patch queue-4.9/dma-buf-sw_sync-move-timeline_fence_ops-around.patch queue-4.9/dma-buf-sw-sync-prevent-user-overflow-on-timeline-advance.patch queue-4.9/dma-fence-introduce-drm_fence_set_error-helper.patch queue-4.9/dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch queue-4.9/dma-buf-sw-sync-use-an-rbtree-to-sort-fences-in-the-timeline.patch queue-4.9/dma-buf-sw-sync-sync_pt-is-private-and-of-fixed-size.patch queue-4.9/dma-buf-dma-fence-extract-__dma_fence_is_later.patch

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] Patch "dma-buf/sw-sync: Prevent user overflow on timeline advance" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled dma-buf/sw-sync: Prevent user overflow on timeline advance to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: dma-buf-sw-sync-prevent-user-overflow-on-timeline-advance.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 8f66d3aa1735bc95ae58d846a157357e8d41abb8 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 29 Jun 2017 13:59:26 +0100 Subject: dma-buf/sw-sync: Prevent user overflow on timeline advance From: Chris Wilson <chris(a)chris-wilson.co.uk> commit 8f66d3aa1735bc95ae58d846a157357e8d41abb8 upstream. The timeline is u32, which limits any single advance to INT_MAX so that we can detect all fences that need signaling. Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Sean Paul <seanpaul(a)chromium.org> Cc: Gustavo Padovan <gustavo(a)padovan.org> Reviewed-by: Sean Paul <seanpaul(a)chromium.org> Signed-off-by: Gustavo Padovan <gustavo.padovan(a)collabora.com> Link: http://patchwork.freedesktop.org/patch/msgid/20170629125930.821-3-chris@chr… [s/dma_fence/fence/g - gregkh] Cc: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/dma-buf/sw_sync.c | 5 +++++ 1 file changed, 5 insertions(+) --- a/drivers/dma-buf/sw_sync.c +++ b/drivers/dma-buf/sw_sync.c @@ -345,6 +345,11 @@ static long sw_sync_ioctl_inc(struct syn if (copy_from_user(&value, (void __user *)arg, sizeof(value))) return -EFAULT; + while (value > INT_MAX) { + sync_timeline_signal(obj, INT_MAX); + value -= INT_MAX; + } + sync_timeline_signal(obj, value); return 0; Patches currently in stable-queue which might be from chris(a)chris-wilson.co.uk are queue-4.9/dma-buf-sw-sync-fix-the-is-signaled-test-to-handle-u32-wraparound.patch queue-4.9/dma-fence-clear-fence-status-during-dma_fence_init.patch queue-4.9/dma-buf-sw-sync-fix-locking-around-sync_timeline-lists.patch queue-4.9/dma-fence-wrap-querying-the-fence-status.patch queue-4.9/dma-buf-sw_sync-clean-up-list-before-signaling-the-fence.patch queue-4.9/dma-buf-sw-sync-reduce-irqsave-irqrestore-from-known-context.patch queue-4.9/dma-buf-sw_sync-move-timeline_fence_ops-around.patch queue-4.9/dma-buf-sw-sync-prevent-user-overflow-on-timeline-advance.patch queue-4.9/dma-fence-introduce-drm_fence_set_error-helper.patch queue-4.9/dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch queue-4.9/dma-buf-sw-sync-use-an-rbtree-to-sort-fences-in-the-timeline.patch queue-4.9/dma-buf-sw-sync-sync_pt-is-private-and-of-fixed-size.patch queue-4.9/dma-buf-dma-fence-extract-__dma_fence_is_later.patch

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] Patch "dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: dma-buf-sw-sync-fix-the-is-signaled-test-to-handle-u32-wraparound.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 61894b02716f122dd7662d5d89f5b2245ca551e2 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 29 Jun 2017 13:59:25 +0100 Subject: dma-buf/sw-sync: Fix the is-signaled test to handle u32 wraparound From: Chris Wilson <chris(a)chris-wilson.co.uk> commit 61894b02716f122dd7662d5d89f5b2245ca551e2 upstream. Use the canonical __dma_fence_is_later() to compare the fence seqno against the timeline seqno to check if the fence is signaled. Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Sean Paul <seanpaul(a)chromium.org> Cc: Gustavo Padovan <gustavo(a)padovan.org> Reviewed-by: Sean Paul <seanpaul(a)chromium.org> Signed-off-by: Gustavo Padovan <gustavo.padovan(a)collabora.com> Link: http://patchwork.freedesktop.org/patch/msgid/20170629125930.821-2-chris@chr… [s/dma_fence/fence/g - gregkh] Cc: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/dma-buf/sw_sync.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/dma-buf/sw_sync.c +++ b/drivers/dma-buf/sw_sync.c @@ -219,7 +219,7 @@ static bool timeline_fence_signaled(stru { struct sync_timeline *parent = fence_parent(fence); - return (fence->seqno > parent->value) ? false : true; + return !__fence_is_later(fence->seqno, parent->value); } static bool timeline_fence_enable_signaling(struct fence *fence) Patches currently in stable-queue which might be from chris(a)chris-wilson.co.uk are queue-4.9/dma-buf-sw-sync-fix-the-is-signaled-test-to-handle-u32-wraparound.patch queue-4.9/dma-fence-clear-fence-status-during-dma_fence_init.patch queue-4.9/dma-buf-sw-sync-fix-locking-around-sync_timeline-lists.patch queue-4.9/dma-fence-wrap-querying-the-fence-status.patch queue-4.9/dma-buf-sw_sync-clean-up-list-before-signaling-the-fence.patch queue-4.9/dma-buf-sw-sync-reduce-irqsave-irqrestore-from-known-context.patch queue-4.9/dma-buf-sw_sync-move-timeline_fence_ops-around.patch queue-4.9/dma-buf-sw-sync-prevent-user-overflow-on-timeline-advance.patch queue-4.9/dma-fence-introduce-drm_fence_set_error-helper.patch queue-4.9/dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch queue-4.9/dma-buf-sw-sync-use-an-rbtree-to-sort-fences-in-the-timeline.patch queue-4.9/dma-buf-sw-sync-sync_pt-is-private-and-of-fixed-size.patch queue-4.9/dma-buf-dma-fence-extract-__dma_fence_is_later.patch

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] Patch "dma-buf/dma-fence: Extract __dma_fence_is_later()" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled dma-buf/dma-fence: Extract __dma_fence_is_later() to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: dma-buf-dma-fence-extract-__dma_fence_is_later.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 8111477663813caa1a4469cfe6afaae36cd04513 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 29 Jun 2017 13:59:24 +0100 Subject: dma-buf/dma-fence: Extract __dma_fence_is_later() From: Chris Wilson <chris(a)chris-wilson.co.uk> commit 8111477663813caa1a4469cfe6afaae36cd04513 upstream. Often we have the task of comparing two seqno known to be on the same context, so provide a common __dma_fence_is_later(). Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Sean Paul <seanpaul(a)chromium.org> Cc: Gustavo Padovan <gustavo(a)padovan.org> Reviewed-by: Sean Paul <seanpaul(a)chromium.org> Signed-off-by: Gustavo Padovan <gustavo.padovan(a)collabora.com> Link: http://patchwork.freedesktop.org/patch/msgid/20170629125930.821-1-chris@chr… [renamed to __fence_is_later() - gregkh] Cc: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- include/linux/fence.h | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) --- a/include/linux/fence.h +++ b/include/linux/fence.h @@ -281,6 +281,19 @@ fence_is_signaled(struct fence *fence) } /** + * __fence_is_later - return if f1 is chronologically later than f2 + * @f1: [in] the first fence's seqno + * @f2: [in] the second fence's seqno from the same context + * + * Returns true if f1 is chronologically later than f2. Both fences must be + * from the same context, since a seqno is not common across contexts. + */ +static inline bool __fence_is_later(u32 f1, u32 f2) +{ + return (int)(f1 - f2) > 0; +} + +/** * fence_is_later - return if f1 is chronologically later than f2 * @f1: [in] the first fence from the same context * @f2: [in] the second fence from the same context @@ -293,7 +306,7 @@ static inline bool fence_is_later(struct if (WARN_ON(f1->context != f2->context)) return false; - return (int)(f1->seqno - f2->seqno) > 0; + return __fence_is_later(f1->seqno, f2->seqno); } /** Patches currently in stable-queue which might be from chris(a)chris-wilson.co.uk are queue-4.9/dma-buf-sw-sync-fix-the-is-signaled-test-to-handle-u32-wraparound.patch queue-4.9/dma-fence-clear-fence-status-during-dma_fence_init.patch queue-4.9/dma-buf-sw-sync-fix-locking-around-sync_timeline-lists.patch queue-4.9/dma-fence-wrap-querying-the-fence-status.patch queue-4.9/dma-buf-sw_sync-clean-up-list-before-signaling-the-fence.patch queue-4.9/dma-buf-sw-sync-reduce-irqsave-irqrestore-from-known-context.patch queue-4.9/dma-buf-sw_sync-move-timeline_fence_ops-around.patch queue-4.9/dma-buf-sw-sync-prevent-user-overflow-on-timeline-advance.patch queue-4.9/dma-fence-introduce-drm_fence_set_error-helper.patch queue-4.9/dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch queue-4.9/dma-buf-sw-sync-use-an-rbtree-to-sort-fences-in-the-timeline.patch queue-4.9/dma-buf-sw-sync-sync_pt-is-private-and-of-fixed-size.patch queue-4.9/dma-buf-dma-fence-extract-__dma_fence_is_later.patch

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] [PATCH 3/3] mm: drop unused pmdp_huge_get_and_clear_notify()

by Jack Wang

From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> commit c0c379e2931b05facef538e53bf3b21f283d9a0b upstream Dave noticed that after fixing MADV_DONTNEED vs numa balancing race the last pmdp_huge_get_and_clear_notify() user is gone. Let's drop the helper. Link: http://lkml.kernel.org/r/20170306112047.24809-1-kirill.shutemov@linux.intel… Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> [jwang: adjust context for 4.4] Signed-off-by: Jack Wang <jinpu.wang(a)profitbricks.com> --- include/linux/mmu_notifier.h | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/include/linux/mmu_notifier.h b/include/linux/mmu_notifier.h index a1a210d..38c5eb2 100644 --- a/include/linux/mmu_notifier.h +++ b/include/linux/mmu_notifier.h @@ -381,18 +381,6 @@ static inline void mmu_notifier_mm_destroy(struct mm_struct *mm) ___pmd; \ }) -#define pmdp_huge_get_and_clear_notify(__mm, __haddr, __pmd) \ -({ \ - unsigned long ___haddr = __haddr & HPAGE_PMD_MASK; \ - pmd_t ___pmd; \ - \ - ___pmd = pmdp_huge_get_and_clear(__mm, __haddr, __pmd); \ - mmu_notifier_invalidate_range(__mm, ___haddr, \ - ___haddr + HPAGE_PMD_SIZE); \ - \ - ___pmd; \ -}) - /* * set_pte_at_notify() sets the pte _after_ running the notifier. * This is safe to start by updating the secondary MMUs, because the primary MMU @@ -475,7 +463,6 @@ static inline void mmu_notifier_mm_destroy(struct mm_struct *mm) #define pmdp_clear_young_notify pmdp_test_and_clear_young #define ptep_clear_flush_notify ptep_clear_flush #define pmdp_huge_clear_flush_notify pmdp_huge_clear_flush -#define pmdp_huge_get_and_clear_notify pmdp_huge_get_and_clear #define set_pte_at_notify set_pte_at #endif /* CONFIG_MMU_NOTIFIER */ -- 2.7.4

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] [PATCH 2/3] thp: fix MADV_DONTNEED vs. numa balancing race

by Jack Wang

From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> commit ced108037c2aa542b3ed8b7afd1576064ad1362a upstream In case prot_numa, we are under down_read(mmap_sem). It's critical to not clear pmd intermittently to avoid race with MADV_DONTNEED which is also under down_read(mmap_sem): CPU0: CPU1: change_huge_pmd(prot_numa=1) pmdp_huge_get_and_clear_notify() madvise_dontneed() zap_pmd_range() pmd_trans_huge(*pmd) == 0 (without ptl) // skip the pmd set_pmd_at(); // pmd is re-established The race makes MADV_DONTNEED miss the huge pmd and don't clear it which may break userspace. Found by code analysis, never saw triggered. Link: http://lkml.kernel.org/r/20170302151034.27829-3-kirill.shutemov@linux.intel… Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Hillf Danton <hillf.zj(a)alibaba-inc.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> [jwang: adjust context for 4.4] Signed-off-by: Jack Wang <jinpu.wang(a)profitbricks.com> --- mm/huge_memory.c | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) diff --git a/mm/huge_memory.c b/mm/huge_memory.c index ea013cb..0127b78 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -1588,7 +1588,39 @@ int change_huge_pmd(struct vm_area_struct *vma, pmd_t *pmd, if (prot_numa && pmd_protnone(*pmd)) goto unlock; - entry = pmdp_huge_get_and_clear_notify(mm, addr, pmd); + /* + * In case prot_numa, we are under down_read(mmap_sem). It's critical + * to not clear pmd intermittently to avoid race with MADV_DONTNEED + * which is also under down_read(mmap_sem): + * + * CPU0: CPU1: + * change_huge_pmd(prot_numa=1) + * pmdp_huge_get_and_clear_notify() + * madvise_dontneed() + * zap_pmd_range() + * pmd_trans_huge(*pmd) == 0 (without ptl) + * // skip the pmd + * set_pmd_at(); + * // pmd is re-established + * + * The race makes MADV_DONTNEED miss the huge pmd and don't clear it + * which may break userspace. + * + * pmdp_invalidate() is required to make sure we don't miss + * dirty/young flags set by hardware. + */ + entry = *pmd; + pmdp_invalidate(vma, addr, pmd); + + /* + * Recover dirty/young flags. It relies on pmdp_invalidate to not + * corrupt them. + */ + if (pmd_dirty(*pmd)) + entry = pmd_mkdirty(entry); + if (pmd_young(*pmd)) + entry = pmd_mkyoung(entry); + entry = pmd_modify(entry, newprot); if (preserve_write) entry = pmd_mkwrite(entry); -- 2.7.4

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] Patch "dma-buf/sw_sync: force signal all unsignaled fences on dying timeline" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled dma-buf/sw_sync: force signal all unsignaled fences on dying timeline to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From ea4d5a270b57fa8d4871f372ca9b97b7697fdfda Mon Sep 17 00:00:00 2001 From: Dominik Behr <dbehr(a)chromium.org> Date: Thu, 7 Sep 2017 16:02:46 -0300 Subject: dma-buf/sw_sync: force signal all unsignaled fences on dying timeline From: Dominik Behr <dbehr(a)chromium.org> commit ea4d5a270b57fa8d4871f372ca9b97b7697fdfda upstream. To avoid hanging userspace components that might have been waiting on the active fences of the destroyed timeline we need to signal with error all remaining fences on such timeline. This restore the default behaviour of the Android sw_sync framework, which Android still relies on. It was broken on the dma fence conversion a few years ago and never fixed. v2: Do not bother with cleanup do the list (Chris Wilson) Reviewed-by: Chris Wilson <chris(a)chris-wilson.co.uk> Signed-off-by: Dominik Behr <dbehr(a)chromium.org> Signed-off-by: Gustavo Padovan <gustavo.padovan(a)collabora.com> Link: https://patchwork.freedesktop.org/patch/msgid/20170907190246.16425-2-gustav… Cc: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/dma-buf/sw_sync.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) --- a/drivers/dma-buf/sw_sync.c +++ b/drivers/dma-buf/sw_sync.c @@ -321,8 +321,16 @@ static int sw_sync_debugfs_open(struct i static int sw_sync_debugfs_release(struct inode *inode, struct file *file) { struct sync_timeline *obj = file->private_data; + struct sync_pt *pt, *next; - smp_wmb(); + spin_lock_irq(&obj->lock); + + list_for_each_entry_safe(pt, next, &obj->pt_list, link) { + dma_fence_set_error(&pt->base, -ENOENT); + dma_fence_signal_locked(&pt->base); + } + + spin_unlock_irq(&obj->lock); sync_timeline_put(obj); return 0; Patches currently in stable-queue which might be from dbehr(a)chromium.org are queue-4.14/dma-buf-sw_sync-force-signal-all-unsignaled-fences-on-dying-timeline.patch

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] [PATCH V2] cpufreq: longhaul: Revert transition_delay_us to 200 ms

by Viresh Kumar

The commit e948bc8fbee0 ("cpufreq: Cap the default transition delay value to 10 ms") caused a regression on EPIA-M min-ITX computer where shutdown or reboot hangs occasionally with a print message like: longhaul: Warning: Timeout while waiting for idle PCI bus cpufreq: __target_index: Failed to change cpu frequency: -16 This probably happens because the cpufreq governor tries to change the frequency of the CPU faster than allowed by the hardware. Before the above commit, the default transition delay was set to 200 ms for a transition_latency of 200000 ns. Lets revert back to that transition delay value to fix it. Note that several other transition delay values were tested like 20 ms and 30 ms and none of them have resolved system hang issue completely. Fixes: e948bc8fbee0 ("cpufreq: Cap the default transition delay value to 10 ms") Cc: 4.14+ <stable(a)vger.kernel.org> # 4.14+ Reported-by: Meelis Roos <mroos(a)linux.ee> Suggested-by: Rafael J. Wysocki <rjw(a)rjwysocki.net> Signed-off-by: Viresh Kumar <viresh.kumar(a)linaro.org> --- V1->V2: - s/20 ms/200 ms. drivers/cpufreq/longhaul.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/cpufreq/longhaul.c b/drivers/cpufreq/longhaul.c index c46a12df40dd..5faa37c5b091 100644 --- a/drivers/cpufreq/longhaul.c +++ b/drivers/cpufreq/longhaul.c @@ -894,7 +894,7 @@ static int longhaul_cpu_init(struct cpufreq_policy *policy) if ((longhaul_version != TYPE_LONGHAUL_V1) && (scale_voltage != 0)) longhaul_setup_voltagescaling(); - policy->cpuinfo.transition_latency = 200000; /* nsec */ + policy->transition_delay_us = 200000; /* usec */ return cpufreq_table_validate_and_show(policy, longhaul_table); } -- 2.14.1

7 years, 7 months

1
0
0 0

[Linux-stable-mirror] [PATCH] arm64: kvm: Prevent restoring stale PMSCR_EL1 for vcpu

by Julien Thierry

When VHE is not present, KVM needs to save and restores PMSCR_EL1 when possible. If SPE is used by the host, value of PMSCR_EL1 cannot be saved for the guest. If the host starts using SPE between two save+restore on the same vcpu, restore will write the value of PMSCR_EL1 read during the first save. Make sure __debug_save_spe_nvhe clears the value of the saved PMSCR_EL1 when the guest cannot use SPE. Signed-off-by: Julien Thierry <julien.thierry(a)arm.com> Cc: Christoffer Dall <christoffer.dall(a)linaro.org> Cc: Marc Zyngier <marc.zyngier(a)arm.com> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: <stable(a)vger.kernel.org> --- arch/arm64/kvm/hyp/debug-sr.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/arm64/kvm/hyp/debug-sr.c b/arch/arm64/kvm/hyp/debug-sr.c index 321c9c0..f4363d4 100644 --- a/arch/arm64/kvm/hyp/debug-sr.c +++ b/arch/arm64/kvm/hyp/debug-sr.c @@ -74,6 +74,9 @@ static void __hyp_text __debug_save_spe_nvhe(u64 *pmscr_el1) { u64 reg; + /* Clear pmscr in case of early return */ + *pmscr_el1 = 0; + /* SPE present on this CPU? */ if (!cpuid_feature_extract_unsigned_field(read_sysreg(id_aa64dfr0_el1), ID_AA64DFR0_PMSVER_SHIFT)) -- 1.9.1

7 years, 7 months

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror