July 2019 - Linux-stable-mirror

patch "USB: serial: option: add support for GosunCn ME3630 RNDIS mode" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: option: add support for GosunCn ME3630 RNDIS mode to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From aed2a26283528fb69c38e414f649411aa48fb391 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rgen=20Storvist?= <jorgen.storvist(a)gmail.com> Date: Wed, 19 Jun 2019 00:30:19 +0200 Subject: USB: serial: option: add support for GosunCn ME3630 RNDIS mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added USB IDs for GosunCn ME3630 cellular module in RNDIS mode. T: Bus=03 Lev=01 Prnt=01 Port=01 Cnt=03 Dev#= 18 Spd=480 MxCh= 0 D: Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1 P: Vendor=19d2 ProdID=0601 Rev=03.18 S: Manufacturer=Android S: Product=Android S: SerialNumber=b950269c C: #Ifs= 5 Cfg#= 1 Atr=a0 MxPwr=500mA I: If#=0x0 Alt= 0 #EPs= 1 Cls=e0(wlcon) Sub=01 Prot=03 Driver=rndis_host I: If#=0x1 Alt= 0 #EPs= 2 Cls=0a(data ) Sub=00 Prot=00 Driver=rndis_host I: If#=0x2 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=option I: If#=0x3 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option I: If#=0x4 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=00 Prot=00 Driver=option Signed-off-by: Jörgen Storvist <jorgen.storvist(a)gmail.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/option.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c index a0aaf0635359..c1582fbd1150 100644 --- a/drivers/usb/serial/option.c +++ b/drivers/usb/serial/option.c @@ -1343,6 +1343,7 @@ static const struct usb_device_id option_ids[] = { .driver_info = RSVD(4) }, { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0414, 0xff, 0xff, 0xff) }, { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x0417, 0xff, 0xff, 0xff) }, + { USB_DEVICE_INTERFACE_CLASS(ZTE_VENDOR_ID, 0x0601, 0xff) }, /* GosunCn ZTE WeLink ME3630 (RNDIS mode) */ { USB_DEVICE_INTERFACE_CLASS(ZTE_VENDOR_ID, 0x0602, 0xff) }, /* GosunCn ZTE WeLink ME3630 (MBIM mode) */ { USB_DEVICE_AND_INTERFACE_INFO(ZTE_VENDOR_ID, 0x1008, 0xff, 0xff, 0xff), .driver_info = RSVD(4) }, -- 2.22.0

5 years, 5 months

1
0
0 0

[STABLE 4.19] fixes for xfs memory and fs corruption

by Amir Goldstein

Darrick, Can I have your blessing on the choice of these upstream commits as stable candidates? I did not observe any xfstests regressions when testing v4.19.55 with these patches applied. Sasha, Can you run these patches though your xfstests setup? They fix nasty bugs. Make sure to update xfsprogs to very latest, because generic/530 used to blow up (OOM) my test machine... > > The first patch fixes a memory corruption that syzkaller found in the > attr listent code; 3b50086f0c0d xfs: don't overflow xattr listent buffer > see "generic: posix acl extended attribute memory > corruption test" for the relevant regression test. Fixed generic/529 > > Patches 2 fixes problems found in XFS's unlinked inode recovery code > that were unearthed by some new testcases. We're logging nlink==1 temp > files on the iunlinked list (and then the vfs sets nlink to 0 without > telling us) which means that we leak them in recovery if we crash > immediately after the committing the creation of the temp file. > > Patch 3 fixes the problem that ifree during recovery can expand the > finobt but we need to force the ifree code to reserve blocks for the > transaction because perag reservations aren't set up yet. e1f6ca113815 xfs: rename m_inotbt_nores to m_finobt_nores 15a268d9f263 xfs: reserve blocks for ifree transaction during log recovery c4a6bf7f6cc7 xfs: don't ever put nlink > 0 inodes on the unlinked list > > See "[PATCH v2 2/2] generic: check the behavior of programs opening a > lot of O_TMPFILE files" for the regression test. > Fixes generic/530 Thanks, Amir.

5 years, 5 months

3
3
0 0

[PATCH AUTOSEL 4.4 1/6] perf/core: Fix perf_sample_regs_user() mm check

by Sasha Levin

From: Peter Zijlstra <peterz(a)infradead.org> [ Upstream commit 085ebfe937d7a7a5df1729f35a12d6d655fea68c ] perf_sample_regs_user() uses 'current->mm' to test for the presence of userspace, but this is insufficient, consider use_mm(). A better test is: '!(current->flags & PF_KTHREAD)', exec() clears PF_KTHREAD after it sets the new ->mm but before it drops to userspace for the first time. Possibly obsoletes: bf05fc25f268 ("powerpc/perf: Fix oops when kthread execs user process") Reported-by: Ravi Bangoria <ravi.bangoria(a)linux.vnet.ibm.com> Reported-by: Young Xiao <92siuyang(a)gmail.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Acked-by: Will Deacon <will.deacon(a)arm.com> Cc: Arnaldo Carvalho de Melo <acme(a)redhat.com> Cc: Frederic Weisbecker <fweisbec(a)gmail.com> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Michael Ellerman <mpe(a)ellerman.id.au> Cc: Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Stephane Eranian <eranian(a)google.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Fixes: 4018994f3d87 ("perf: Add ability to attach user level registers dump to sample") Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/events/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index 17230ca00bd4..41fe80e3380f 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -5078,7 +5078,7 @@ static void perf_sample_regs_user(struct perf_regs *regs_user, if (user_mode(regs)) { regs_user->abi = perf_reg_abi(current); regs_user->regs = regs; - } else if (current->mm) { + } else if (!(current->flags & PF_KTHREAD)) { perf_get_regs_user(regs_user, regs, regs_user_copy); } else { regs_user->abi = PERF_SAMPLE_REGS_ABI_NONE; -- 2.20.1

5 years, 5 months

1
5
0 0

[PATCH AUTOSEL 4.9 1/8] perf/core: Fix perf_sample_regs_user() mm check

by Sasha Levin

From: Peter Zijlstra <peterz(a)infradead.org> [ Upstream commit 085ebfe937d7a7a5df1729f35a12d6d655fea68c ] perf_sample_regs_user() uses 'current->mm' to test for the presence of userspace, but this is insufficient, consider use_mm(). A better test is: '!(current->flags & PF_KTHREAD)', exec() clears PF_KTHREAD after it sets the new ->mm but before it drops to userspace for the first time. Possibly obsoletes: bf05fc25f268 ("powerpc/perf: Fix oops when kthread execs user process") Reported-by: Ravi Bangoria <ravi.bangoria(a)linux.vnet.ibm.com> Reported-by: Young Xiao <92siuyang(a)gmail.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Acked-by: Will Deacon <will.deacon(a)arm.com> Cc: Arnaldo Carvalho de Melo <acme(a)redhat.com> Cc: Frederic Weisbecker <fweisbec(a)gmail.com> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Michael Ellerman <mpe(a)ellerman.id.au> Cc: Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Stephane Eranian <eranian(a)google.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Fixes: 4018994f3d87 ("perf: Add ability to attach user level registers dump to sample") Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- kernel/events/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index 7929526e96e2..93d7333c64d8 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -5492,7 +5492,7 @@ static void perf_sample_regs_user(struct perf_regs *regs_user, if (user_mode(regs)) { regs_user->abi = perf_reg_abi(current); regs_user->regs = regs; - } else if (current->mm) { + } else if (!(current->flags & PF_KTHREAD)) { perf_get_regs_user(regs_user, regs, regs_user_copy); } else { regs_user->abi = PERF_SAMPLE_REGS_ABI_NONE; -- 2.20.1

5 years, 5 months

1
7
0 0

[PATCH AUTOSEL 4.14 01/13] clk: ti: clkctrl: Fix returning uninitialized data

by Sasha Levin

From: Tony Lindgren <tony(a)atomide.com> [ Upstream commit 41b3588dba6ef4b7995735a97e47ff0aeea6c276 ] If we do a clk_get() for a clock that does not exists, we have _ti_omap4_clkctrl_xlate() return uninitialized data if no match is found. This can be seen in some cases with SLAB_DEBUG enabled: Unable to handle kernel paging request at virtual address 5a5a5a5a ... clk_hw_create_clk.part.33 sysc_notifier_call notifier_call_chain blocking_notifier_call_chain device_add Let's fix this by setting a found flag only when we find a match. Reported-by: Tomi Valkeinen <tomi.valkeinen(a)ti.com> Fixes: 88a172526c32 ("clk: ti: add support for clkctrl clocks") Signed-off-by: Tony Lindgren <tony(a)atomide.com> Tested-by: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Tested-by: Tomi Valkeinen <tomi.valkeinen(a)ti.com> Signed-off-by: Stephen Boyd <sboyd(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/clk/ti/clkctrl.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/clk/ti/clkctrl.c b/drivers/clk/ti/clkctrl.c index 82e4d5cccf84..2df8564f08a0 100644 --- a/drivers/clk/ti/clkctrl.c +++ b/drivers/clk/ti/clkctrl.c @@ -215,6 +215,7 @@ static struct clk_hw *_ti_omap4_clkctrl_xlate(struct of_phandle_args *clkspec, { struct omap_clkctrl_provider *provider = data; struct omap_clkctrl_clk *entry; + bool found = false; if (clkspec->args_count != 2) return ERR_PTR(-EINVAL); @@ -224,11 +225,13 @@ static struct clk_hw *_ti_omap4_clkctrl_xlate(struct of_phandle_args *clkspec, list_for_each_entry(entry, &provider->clocks, node) { if (entry->reg_offset == clkspec->args[0] && - entry->bit_offset == clkspec->args[1]) + entry->bit_offset == clkspec->args[1]) { + found = true; break; + } } - if (!entry) + if (!found) return ERR_PTR(-EINVAL); return entry->clk; -- 2.20.1

5 years, 5 months

1
12
0 0

[PATCH AUTOSEL 4.19 01/26] irqchip/gic-v3-its: Fix command queue pointer comparison bug

by Sasha Levin

From: Heyi Guo <guoheyi(a)huawei.com> [ Upstream commit a050fa5476d418fc16b25abe168b3d38ba11e13c ] When we run several VMs with PCI passthrough and GICv4 enabled, not pinning vCPUs, we will occasionally see below warnings in dmesg: ITS queue timeout (65440 65504 480) ITS cmd its_build_vmovp_cmd failed The reason for the above issue is that in BUILD_SINGLE_CMD_FUNC: 1. Post the write command. 2. Release the lock. 3. Start to read GITS_CREADR to get the reader pointer. 4. Compare the reader pointer to the target pointer. 5. If reader pointer does not reach the target, sleep 1us and continue to try. If we have several processors running the above concurrently, other CPUs will post write commands while the 1st CPU is waiting the completion. So we may have below issue: phase 1: ---rd_idx-----from_idx-----to_idx--0--------- wait 1us: phase 2: --------------from_idx-----to_idx--0-rd_idx-- That is the rd_idx may fly ahead of to_idx, and if in case to_idx is near the wrap point, rd_idx will wrap around. So the below condition will not be met even after 1s: if (from_idx < to_idx && rd_idx >= to_idx) There is another theoretical issue. For a slow and busy ITS, the initial rd_idx may fall behind from_idx a lot, just as below: ---rd_idx---0--from_idx-----to_idx----------- This will cause the wait function exit too early. Actually, it does not make much sense to use from_idx to judge if to_idx is wrapped, but we need a initial rd_idx when lock is still acquired, and it can be used to judge whether to_idx is wrapped and the current rd_idx is wrapped. We switch to a method of calculating the delta of two adjacent reads and accumulating it to get the sum, so that we can get the real rd_idx from the wrapped value even when the queue is almost full. Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Jason Cooper <jason(a)lakedaemon.net> Signed-off-by: Heyi Guo <guoheyi(a)huawei.com> Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/irqchip/irq-gic-v3-its.c | 35 ++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/drivers/irqchip/irq-gic-v3-its.c b/drivers/irqchip/irq-gic-v3-its.c index 65ab2c80529c..ee30e8965d1b 100644 --- a/drivers/irqchip/irq-gic-v3-its.c +++ b/drivers/irqchip/irq-gic-v3-its.c @@ -740,32 +740,43 @@ static void its_flush_cmd(struct its_node *its, struct its_cmd_block *cmd) } static int its_wait_for_range_completion(struct its_node *its, - struct its_cmd_block *from, + u64 prev_idx, struct its_cmd_block *to) { - u64 rd_idx, from_idx, to_idx; + u64 rd_idx, to_idx, linear_idx; u32 count = 1000000; /* 1s! */ - from_idx = its_cmd_ptr_to_offset(its, from); + /* Linearize to_idx if the command set has wrapped around */ to_idx = its_cmd_ptr_to_offset(its, to); + if (to_idx < prev_idx) + to_idx += ITS_CMD_QUEUE_SZ; + + linear_idx = prev_idx; while (1) { + s64 delta; + rd_idx = readl_relaxed(its->base + GITS_CREADR); - /* Direct case */ - if (from_idx < to_idx && rd_idx >= to_idx) - break; + /* + * Compute the read pointer progress, taking the + * potential wrap-around into account. + */ + delta = rd_idx - prev_idx; + if (rd_idx < prev_idx) + delta += ITS_CMD_QUEUE_SZ; - /* Wrapped case */ - if (from_idx >= to_idx && rd_idx >= to_idx && rd_idx < from_idx) + linear_idx += delta; + if (linear_idx >= to_idx) break; count--; if (!count) { - pr_err_ratelimited("ITS queue timeout (%llu %llu %llu)\n", - from_idx, to_idx, rd_idx); + pr_err_ratelimited("ITS queue timeout (%llu %llu)\n", + to_idx, linear_idx); return -1; } + prev_idx = rd_idx; cpu_relax(); udelay(1); } @@ -782,6 +793,7 @@ void name(struct its_node *its, \ struct its_cmd_block *cmd, *sync_cmd, *next_cmd; \ synctype *sync_obj; \ unsigned long flags; \ + u64 rd_idx; \ \ raw_spin_lock_irqsave(&its->lock, flags); \ \ @@ -803,10 +815,11 @@ void name(struct its_node *its, \ } \ \ post: \ + rd_idx = readl_relaxed(its->base + GITS_CREADR); \ next_cmd = its_post_commands(its); \ raw_spin_unlock_irqrestore(&its->lock, flags); \ \ - if (its_wait_for_range_completion(its, cmd, next_cmd)) \ + if (its_wait_for_range_completion(its, rd_idx, next_cmd)) \ pr_err_ratelimited("ITS cmd %ps failed\n", builder); \ } -- 2.20.1

5 years, 5 months

1
25
0 0

✅ PASS: Test report for kernel 4.19.57-rc1-4d057df.cki (stable)

by CKI Project

Hello, We ran automated tests on a recent commit from this kernel tree: Kernel repo: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git Commit: 4d057dfd72c6 - Linux 4.19.57-rc1 The results of these automated tests are provided below. Overall result: PASSED Merge: OK Compile: OK Tests: OK Please reply to this email if you have any questions about the tests that we ran or if you have any suggestions on how to make future tests more effective. ,-. ,-. ( C ) ( K ) Continuous `-',-.`-' Kernel ( I ) Integration `-' ______________________________________________________________________________ Compile testing --------------- We compiled the kernel for 4 architectures: aarch64: build options: -j20 INSTALL_MOD_STRIP=1 targz-pkg configuration: https://artifacts.cki-project.org/builds/aarch64/kernel-stable-aarch64-4d05… kernel build: https://artifacts.cki-project.org/builds/aarch64/kernel-stable-aarch64-4d05… ppc64le: build options: -j20 INSTALL_MOD_STRIP=1 targz-pkg configuration: https://artifacts.cki-project.org/builds/ppc64le/kernel-stable-ppc64le-4d05… kernel build: https://artifacts.cki-project.org/builds/ppc64le/kernel-stable-ppc64le-4d05… s390x: build options: -j20 INSTALL_MOD_STRIP=1 targz-pkg configuration: https://artifacts.cki-project.org/builds/s390x/kernel-stable-s390x-4d057dfd… kernel build: https://artifacts.cki-project.org/builds/s390x/kernel-stable-s390x-4d057dfd… x86_64: build options: -j20 INSTALL_MOD_STRIP=1 targz-pkg configuration: https://artifacts.cki-project.org/builds/x86_64/kernel-stable-x86_64-4d057d… kernel build: https://artifacts.cki-project.org/builds/x86_64/kernel-stable-x86_64-4d057d… Hardware testing ---------------- We booted each kernel and ran the following tests: aarch64: ⚡ Internal infrastructure issues prevented one or more tests from running on this architecture. This is not the fault of the kernel that was tested. ppc64le: ⚡ Internal infrastructure issues prevented one or more tests from running on this architecture. This is not the fault of the kernel that was tested. s390x: Host 1: ✅ Boot test [0] ✅ selinux-policy: serge-testsuite [1] Host 2: ✅ Boot test [0] ✅ LTP lite [2] ✅ Loopdev Sanity [3] ✅ Memory function: memfd_create [4] ✅ LTP: openposix test suite [5] ✅ Ethernet drivers sanity [6] ✅ audit: audit testsuite test [7] ✅ httpd: mod_ssl smoke sanity [8] ✅ iotop: sanity [9] ✅ redhat-rpm-config: detect-kabi-provides sanity [10] ✅ lvm thinp sanity [12] 🚧 ✅ Networking socket: fuzz [13] 🚧 ✅ Networking sctp-auth: sockopts test [14] 🚧 ✅ Networking: igmp conformance test [15] 🚧 ✅ Networking route: pmtu [16] 🚧 ✅ Networking route_func: local [17] 🚧 ✅ Networking route_func: forward [17] 🚧 ✅ Networking TCP: keepalive test [18] 🚧 ✅ Networking UDP: socket [19] 🚧 ✅ Networking tunnel: gre basic [20] 🚧 ✅ Networking tunnel: vxlan basic [21] 🚧 ✅ Networking tunnel: geneve basic test [22] 🚧 ✅ Networking ipsec: basic netns transport [23] 🚧 ✅ Networking ipsec: basic netns tunnel [23] 🚧 ✅ tuned: tune-processes-through-perf [24] 🚧 ❌ storage: software RAID testing [25] Host 3: ✅ Boot test [0] ✅ kdump: sysrq-c [26] x86_64: Host 1: ✅ Boot test [0] ✅ kdump: sysrq-c [26] Host 2: ✅ Boot test [0] ✅ xfstests: ext4 [27] ✅ xfstests: xfs [27] ✅ selinux-policy: serge-testsuite [1] Host 3: ✅ Boot test [0] ✅ LTP lite [2] ✅ Loopdev Sanity [3] ✅ Memory function: memfd_create [4] ✅ AMTU (Abstract Machine Test Utility) [28] ✅ LTP: openposix test suite [5] ✅ Ethernet drivers sanity [6] ✅ audit: audit testsuite test [7] ✅ httpd: mod_ssl smoke sanity [8] ✅ iotop: sanity [9] ✅ redhat-rpm-config: detect-kabi-provides sanity [10] ✅ Usex - version 1.9-29 [11] ✅ lvm thinp sanity [12] 🚧 ✅ Networking socket: fuzz [13] 🚧 ✅ Networking sctp-auth: sockopts test [14] 🚧 ✅ Networking: igmp conformance test [15] 🚧 ✅ Networking route: pmtu [16] 🚧 ✅ Networking route_func: local [17] 🚧 ✅ Networking route_func: forward [17] 🚧 ✅ Networking TCP: keepalive test [18] 🚧 ✅ Networking UDP: socket [19] 🚧 ✅ Networking tunnel: gre basic [20] 🚧 ✅ Networking tunnel: vxlan basic [21] 🚧 ✅ Networking tunnel: geneve basic test [22] 🚧 ✅ Networking ipsec: basic netns transport [23] 🚧 ✅ Networking ipsec: basic netns tunnel [23] 🚧 ✅ tuned: tune-processes-through-perf [24] 🚧 ✅ storage: SCSI VPD [29] 🚧 ✅ storage: software RAID testing [25] 🚧 ✅ Libhugetlbfs - version 2.2.1 [30] Test source: 💚 Pull requests are welcome for new tests or improvements to existing tests! [0]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [1]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/packages/se… [2]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [3]: https://github.com/CKI-project/tests-beaker/archive/master.zip#filesystems/… [4]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/memory/func… [5]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [6]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [7]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/aud… [8]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/htt… [9]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/iot… [10]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/red… [11]: https://github.com/CKI-project/tests-beaker/archive/master.zip#standards/us… [12]: https://github.com/CKI-project/tests-beaker/archive/master.zip#storage/lvm/… [13]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [14]: https://github.com/CKI-project/tests-beaker/archive/master.zip#networking/s… [15]: https://github.com/CKI-project/tests-beaker/archive/master.zip#networking/i… [16]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [17]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [18]: https://github.com/CKI-project/tests-beaker/archive/master.zip#networking/t… [19]: https://github.com/CKI-project/tests-beaker/archive/master.zip#networking/u… [20]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [21]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [22]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [23]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [24]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/tun… [25]: https://github.com/CKI-project/tests-beaker/archive/master.zip#storage/swra… [26]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/kdump/kdump… [27]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/filesystems… [28]: https://github.com/CKI-project/tests-beaker/archive/master.zip#misc/amtu [29]: https://github.com/CKI-project/tests-beaker/archive/master.zip#storage/scsi… [30]: https://github.com/CKI-project/tests-beaker/archive/master.zip#vm/hugepage/… Waived tests (marked with 🚧) ----------------------------- This test run included waived tests. Such tests are executed but their results are not taken into account. Tests are waived when their results are not reliable enough, e.g. when they're just introduced or are being fixed.

5 years, 5 months

1
0
0 0

[PATCH v3] mm/z3fold.c: Lock z3fold page before __SetPageMovable()

by Henry Burns

Following zsmalloc.c's example we call trylock_page() and unlock_page(). Also make z3fold_page_migrate() assert that newpage is passed in locked, as per the documentation. Link: http://lkml.kernel.org/r/20190702005122.41036-1-henryburns@google.com Signed-off-by: Henry Burns <henryburns(a)google.com> Suggested-by: Vitaly Wool <vitalywool(a)gmail.com> Acked-by: Vitaly Wool <vitalywool(a)gmail.com> Acked-by: David Rientjes <rientjes(a)google.com> Cc: Shakeel Butt <shakeelb(a)google.com> Cc: Vitaly Vul <vitaly.vul(a)sony.com> Cc: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Cc: Xidong Wang <wangxidong_97(a)163.com> Cc: Jonathan Adams <jwadams(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- Changelog since v2: - Removed the WARN_ON entirely, as it is an expected code path. Changelog since v1: - Added an if statement around WARN_ON(trylock_page(page)) to avoid unlocking a page locked by a someone else. mm/z3fold.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/mm/z3fold.c b/mm/z3fold.c index e174d1549734..eeb3fe7f5ca3 100644 --- a/mm/z3fold.c +++ b/mm/z3fold.c @@ -918,7 +918,16 @@ static int z3fold_alloc(struct z3fold_pool *pool, size_t size, gfp_t gfp, set_bit(PAGE_HEADLESS, &page->private); goto headless; } - __SetPageMovable(page, pool->inode->i_mapping); + if (can_sleep) { + lock_page(page); + __SetPageMovable(page, pool->inode->i_mapping); + unlock_page(page); + } else { + if (!trylock_page(page)) { + __SetPageMovable(page, pool->inode->i_mapping); + unlock_page(page); + } + } z3fold_page_lock(zhdr); found: @@ -1325,6 +1334,7 @@ static int z3fold_page_migrate(struct address_space *mapping, struct page *newpa VM_BUG_ON_PAGE(!PageMovable(page), page); VM_BUG_ON_PAGE(!PageIsolated(page), page); + VM_BUG_ON_PAGE(!PageLocked(newpage), newpage); zhdr = page_address(page); pool = zhdr_to_pool(zhdr); -- 2.22.0.410.gd8fdbe21b5-goog

5 years, 5 months

2
1
0 0

+ mm-z3foldc-lock-z3fold-page-before-__setpagemovable.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/z3fold.c: lock z3fold page before __SetPageMovable() has been added to the -mm tree. Its filename is mm-z3foldc-lock-z3fold-page-before-__setpagemovable.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-z3foldc-lock-z3fold-page-before… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-z3foldc-lock-z3fold-page-before… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Henry Burns <henryburns(a)google.com> Subject: mm/z3fold.c: lock z3fold page before __SetPageMovable() __SetPageMovable() expects its page to be locked, but z3fold.c doesn't lock the page. This triggers the VM_BUG_ON_PAGE(!PageLocked(page), page) in __SetPageMovable(). Following zsmalloc.c's example we call trylock_page() and unlock_page(). Also make z3fold_page_migrate() assert that newpage is passed in locked, as per the documentation. Link: http://lkml.kernel.org/r/20190702005122.41036-1-henryburns@google.com Signed-off-by: Henry Burns <henryburns(a)google.com> Suggested-by: Vitaly Wool <vitalywool(a)gmail.com> Acked-by: Vitaly Wool <vitalywool(a)gmail.com> Acked-by: David Rientjes <rientjes(a)google.com> Cc: Shakeel Butt <shakeelb(a)google.com> Cc: Vitaly Vul <vitaly.vul(a)sony.com> Cc: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Cc: Xidong Wang <wangxidong_97(a)163.com> Cc: Jonathan Adams <jwadams(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/z3fold.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/mm/z3fold.c~mm-z3foldc-lock-z3fold-page-before-__setpagemovable +++ a/mm/z3fold.c @@ -919,7 +919,10 @@ retry: set_bit(PAGE_HEADLESS, &page->private); goto headless; } - __SetPageMovable(page, pool->inode->i_mapping); + if (!WARN_ON(!trylock_page(page))) { + __SetPageMovable(page, pool->inode->i_mapping); + unlock_page(page); + } z3fold_page_lock(zhdr); found: @@ -1326,6 +1329,7 @@ static int z3fold_page_migrate(struct ad VM_BUG_ON_PAGE(!PageMovable(page), page); VM_BUG_ON_PAGE(!PageIsolated(page), page); + VM_BUG_ON_PAGE(!PageLocked(newpage), newpage); zhdr = page_address(page); pool = zhdr_to_pool(zhdr); _ Patches currently in -mm which might be from henryburns(a)google.com are mm-z3fold-fix-z3fold_buddy_slots-use-after-free.patch mm-z3foldc-lock-z3fold-page-before-__setpagemovable.patch

5 years, 5 months

1
0
0 0

[PATCH 2/3] zfcp: fix request object use-after-free in send path causing wrong traces

by Benjamin Block

When tracing instances where we open and close WKA ports, we also pass the request-ID of the respective FSF command. But after successfully sending the FSF command we must not use the request-object anymore, as this might result in an use-after-free (see "zfcp: fix request object use-after-free in send path causing seqno errors" ). To fix this add a new variable that caches the request-ID before sending the request. This won't change during the hand-off to the FCP channel, and so it's safe to trace this cached request-ID later, instead of using the request object. Signed-off-by: Benjamin Block <bblock(a)linux.ibm.com> Fixes: d27a7cb91960 ("zfcp: trace on request for open and close of WKA port") Cc: <stable(a)vger.kernel.org> #2.6.38+ Reviewed-by: Steffen Maier <maier(a)linux.ibm.com> Reviewed-by: Jens Remus <jremus(a)linux.ibm.com> --- drivers/s390/scsi/zfcp_fsf.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/drivers/s390/scsi/zfcp_fsf.c b/drivers/s390/scsi/zfcp_fsf.c index c5b2615b49ef..296bbc3c4606 100644 --- a/drivers/s390/scsi/zfcp_fsf.c +++ b/drivers/s390/scsi/zfcp_fsf.c @@ -1627,6 +1627,7 @@ int zfcp_fsf_open_wka_port(struct zfcp_fc_wka_port *wka_port) { struct zfcp_qdio *qdio = wka_port->adapter->qdio; struct zfcp_fsf_req *req; + unsigned long req_id = 0; int retval = -EIO; spin_lock_irq(&qdio->req_q_lock); @@ -1649,6 +1650,8 @@ int zfcp_fsf_open_wka_port(struct zfcp_fc_wka_port *wka_port) hton24(req->qtcb->bottom.support.d_id, wka_port->d_id); req->data = wka_port; + req_id = req->req_id; + zfcp_fsf_start_timer(req, ZFCP_FSF_REQUEST_TIMEOUT); retval = zfcp_fsf_req_send(req); if (retval) @@ -1657,7 +1660,7 @@ int zfcp_fsf_open_wka_port(struct zfcp_fc_wka_port *wka_port) out: spin_unlock_irq(&qdio->req_q_lock); if (!retval) - zfcp_dbf_rec_run_wka("fsowp_1", wka_port, req->req_id); + zfcp_dbf_rec_run_wka("fsowp_1", wka_port, req_id); return retval; } @@ -1683,6 +1686,7 @@ int zfcp_fsf_close_wka_port(struct zfcp_fc_wka_port *wka_port) { struct zfcp_qdio *qdio = wka_port->adapter->qdio; struct zfcp_fsf_req *req; + unsigned long req_id = 0; int retval = -EIO; spin_lock_irq(&qdio->req_q_lock); @@ -1705,6 +1709,8 @@ int zfcp_fsf_close_wka_port(struct zfcp_fc_wka_port *wka_port) req->data = wka_port; req->qtcb->header.port_handle = wka_port->handle; + req_id = req->req_id; + zfcp_fsf_start_timer(req, ZFCP_FSF_REQUEST_TIMEOUT); retval = zfcp_fsf_req_send(req); if (retval) @@ -1713,7 +1719,7 @@ int zfcp_fsf_close_wka_port(struct zfcp_fc_wka_port *wka_port) out: spin_unlock_irq(&qdio->req_q_lock); if (!retval) - zfcp_dbf_rec_run_wka("fscwp_1", wka_port, req->req_id); + zfcp_dbf_rec_run_wka("fscwp_1", wka_port, req_id); return retval; } -- 2.17.1

5 years, 5 months

1
0
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror July 2019