May 2020 - Linux-stable-mirror

Re: [PATCH 1/4] Btrfs: fix corrupt log due to concurrent fsync of inodes with shared extents

by Sasha Levin

Hi [This is an automated email] This commit has been processed because it contains a -stable tag. The stable tag indicates that it's relevant for the following trees: 4.4+ The bot has tested the following trees: v5.6.13, v5.4.41, v4.19.123, v4.14.180, v4.9.223, v4.4.223. v5.6.13: Failed to apply! Possible dependencies: 0024652895e3 ("btrfs: rename btrfs_put_fs_root and btrfs_grab_fs_root") 02162a0265eb ("btrfs: hold a ref on the root in __btrfs_run_defrag_inode") 04734e844894 ("btrfs: hold a ref on the root in btrfs_ioctl_get_subvol_info") 0b530bc5e11f ("btrfs: hold a ref on the root in build_backref_tree") 0d4b0463011d ("btrfs: export and rename free_fs_info") 2a2b5d620266 ("btrfs: hold ref on root in btrfs_ioctl_default_subvol") 3ca35e839e94 ("btrfs: hold a ref on the root in search_ioctl") 3d7babdcf2cc ("btrfs: hold a ref on the root in find_data_references") 41a2ee75aab0 ("btrfs: introduce per-inode file extent tree") 442b1ac5244e ("btrfs: hold a ref on the root in record_reloc_root_in_trans") 4c78e9f59632 ("btrfs: hold a ref on the root in open_ctree") 76deacf02387 ("btrfs: hold a ref on the root in create_reloc_inode") 81f096edf047 ("btrfs: use btrfs_put_fs_root to free roots always") 8727002f7909 ("btrfs: hold a ref on the root in fixup_tree_root_location") 88234012beaa ("btrfs: hold a ref on the root in btrfs_search_path_in_tree") 9326f76f4bc4 ("btrfs: hold a ref on the root in resolve_indirect_ref") 9f583209f20a ("btrfs: push grab_fs_root into read_fs_root") ab9737bd7597 ("btrfs: hold a ref on the root in merge_reloc_roots") b8a49ae1913f ("btrfs: hold a ref on the root in btrfs_search_path_in_tree_user") bc44d7c4b2b1 ("btrfs: push btrfs_grab_fs_root into btrfs_get_fs_root") bdf70b9e75f5 ("btrfs: hold a root ref in btrfs_get_dentry") db2c2ca2db44 ("btrfs: hold a ref on the root in prepare_to_merge") fc92f79856aa ("btrfs: hold a ref on the root in create_subvol") v5.4.41: Failed to apply! Possible dependencies: 0024652895e3 ("btrfs: rename btrfs_put_fs_root and btrfs_grab_fs_root") 0d4b0463011d ("btrfs: export and rename free_fs_info") 33ca832fefa5 ("btrfs: separate out the extent leak code") 41a2ee75aab0 ("btrfs: introduce per-inode file extent tree") 6f0d04f8e72e ("btrfs: separate out the extent io init function") 81f096edf047 ("btrfs: use btrfs_put_fs_root to free roots always") 9326f76f4bc4 ("btrfs: hold a ref on the root in resolve_indirect_ref") 9c7d3a548331 ("btrfs: move extent_io_tree defs to their own header") v4.19.123: Failed to apply! Possible dependencies: 370a11b8114b ("btrfs: qgroup: Introduce per-root swapped blocks infrastructure") 43eb5f297584 ("btrfs: Introduce extent_io_tree::owner to distinguish different io_trees") 57ec5fb478a3 ("btrfs: tests: move testing members of struct btrfs_root to the end") 7b4397386fbd ("btrfs: switch extent_io_tree::track_uptodate to bool") c258d6e36442 ("btrfs: Introduce fs_info to extent_io_tree") e06a1fc99cc7 ("btrfs: Remove extent_io_ops::set_bit_hook extent_io callback") eede2bf34f4f ("Btrfs: prevent ioctls from interfering with a swap file") v4.14.180: Failed to apply! Possible dependencies: 370a11b8114b ("btrfs: qgroup: Introduce per-root swapped blocks infrastructure") 429d6275d501 ("btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification") 57ec5fb478a3 ("btrfs: tests: move testing members of struct btrfs_root to the end") 64cfaef6362f ("btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS") 64ee4e751a1c ("btrfs: qgroup: Update trace events to use new separate rsv types") 733e03a0b26a ("btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans") 8287475a2055 ("btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space") d4e5c92055d8 ("btrfs: qgroup: Skeleton to support separate qgroup reservation type") dba213242fbc ("btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type") e1211d0e896b ("btrfs: qgroup: Don't use root->qgroup_meta_rsv for qgroup") eede2bf34f4f ("Btrfs: prevent ioctls from interfering with a swap file") f59c0347d4be ("btrfs: qgroup: Introduce helpers to update and access new qgroup rsv") fd708b81d972 ("Btrfs: add a extent ref verify tool") v4.9.223: Failed to apply! Possible dependencies: 0c476a5d7f63 ("btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space") 370a11b8114b ("btrfs: qgroup: Introduce per-root swapped blocks infrastructure") 4989d277eb4b ("btrfs: refactor __btrfs_lookup_bio_sums to use bio_for_each_segment_all") 62d1f9fe97dd ("btrfs: remove trivial helper btrfs_find_tree_block") da17066c4047 ("btrfs: pull node/sector/stripe sizes out of root and into fs_info") eede2bf34f4f ("Btrfs: prevent ioctls from interfering with a swap file") fd708b81d972 ("Btrfs: add a extent ref verify tool") v4.4.223: Failed to apply! Possible dependencies: 2f3165ecf103 ("btrfs: don't force mounts to wait for cleaner_kthread to delete one or more subvolumes") 370a11b8114b ("btrfs: qgroup: Introduce per-root swapped blocks infrastructure") 511711af91f2 ("btrfs: don't run delayed references while we are creating the free space tree") 70f6d82ec73c ("Btrfs: add free space tree mount option") 87241c2e6845 ("Btrfs: use root when checking need_async_flush") 90c711ab380d ("btrfs: avoid blocking open_ctree from cleaner_kthread") 9e7cc91a6d18 ("btrfs: fix fsfreeze hang caused by delayed iputs deal") a5ed91828518 ("Btrfs: implement the free space B-tree") afcdd129e05a ("Btrfs: add a flags field to btrfs_fs_info") d38b349c39a9 ("Btrfs: don't bother kicking async if there's nothing to reclaim") eede2bf34f4f ("Btrfs: prevent ioctls from interfering with a swap file") f376df2b7da3 ("Btrfs: add tracepoints for flush events") NOTE: The patch will not be queued to stable trees until it is upstream. How should we proceed with this patch? -- Thanks Sasha

5 years, 1 month

1
0
0 0

[PATCH 4.14] arm64: fix the flush_icache_range arguments in machine_kexec

by Catalin Marinas

From: Christoph Hellwig <hch(a)lst.de> Commit d51c214541c5154dda3037289ee895ea3ded5ebd upstream. The second argument is the end "pointer", not the length. Fixes: d28f6df1305a ("arm64/kexec: Add core kexec support") Cc: <stable(a)vger.kernel.org> # 4.8.x- Signed-off-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: Catalin Marinas <catalin.marinas(a)arm.com> --- arch/arm64/kernel/machine_kexec.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/arm64/kernel/machine_kexec.c b/arch/arm64/kernel/machine_kexec.c index 11121f608eb5..f7e593965c1d 100644 --- a/arch/arm64/kernel/machine_kexec.c +++ b/arch/arm64/kernel/machine_kexec.c @@ -184,7 +184,8 @@ void machine_kexec(struct kimage *kimage) /* Flush the reboot_code_buffer in preparation for its execution. */ __flush_dcache_area(reboot_code_buffer, arm64_relocate_new_kernel_size); flush_icache_range((uintptr_t)reboot_code_buffer, - arm64_relocate_new_kernel_size); + (uintptr_t)reboot_code_buffer + + arm64_relocate_new_kernel_size); /* Flush the kimage list and its buffers. */ kexec_list_flush(kimage);

5 years, 1 month

2
1
0 0

[PATCH 3.16 00/99] 3.16.84-rc1 review

by Ben Hutchings

This is the start of the stable review cycle for the 3.16.84 release. There are 99 patches in this series, which will be posted as responses to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri May 22 20:00:00 UTC 2020. Anything received after that time might be too late. All the patches have also been committed to the linux-3.16.y-rc branch of https://git.kernel.org/pub/scm/linux/kernel/git/bwh/linux-stable-rc.git . A shortlog and diffstat can be found below. Ben. ------------- Al Viro (1): propagate_one(): mnt_set_mountpoint() needs mount_lock [b0d3869ce9eeacbb1bbd541909beeef4126426d5] Alexandre Belloni (2): ARM: dts: at91: sama5d3: define clock rate range for tcb1 [a7e0f3fc01df4b1b7077df777c37feae8c9e8b6d] ARM: dts: at91: sama5d3: fix maximum peripheral clock rates [ee0aa926ddb0bd8ba59e33e3803b3b5804e3f5da] Ard Biesheuvel (1): efi/x86: Map the entire EFI vendor string before copying it [ffc2760bcf2dba0dbef74013ed73eea8310cc52c] Arnd Bergmann (2): sparc32: fix struct ipc64_perm type definition [34ca70ef7d3a9fa7e89151597db5e37ae1d429b4] x86: kvm: avoid unused variable warning [7288bde1f9df6c1475675419bdd7725ce84dec56] Bin Liu (1): usb: dwc3: turn off VBUS when leaving host mode [09ed259fac621634d51cd986aa8d65f035662658] Bryan O'Donoghue (2): usb: gadget: f_ecm: Use atomic_t to track in-flight request [d710562e01c48d59be3f60d58b7a85958b39aeda] usb: gadget: f_ncm: Use atomic_t to track in-flight request [5b24c28cfe136597dc3913e1c00b119307a20c7e] Chen Yucong (1): kvm: x86: use macros to compute bank MSRs [81760dccf8d1fe5b128b58736fe3f56a566133cb] Christoffer Dall (1): KVM: arm64: Only sign-extend MMIO up to register width [b6ae256afd32f96bec0117175b329d0dd617655e] Christophe JAILLET (1): pxa168fb: Fix the function used to release some memory in an error handling path [3c911fe799d1c338d94b78e7182ad452c37af897] Chuhong Yuan (1): crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill [7f8c36fe9be46862c4f3c5302f769378028a34fa] Colin Ian King (2): iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop [c2f9a4e4a5abfc84c01b738496b3fd2d471e0b18] staging: wlan-ng: ensure error return is actually returned [4cc41cbce536876678b35e03c4a8a7bb72c78fa9] Dan Carpenter (3): brcmfmac: Fix use after free in brcmf_sdio_readframes() [216b44000ada87a63891a8214c347e05a4aea8fe] mm/mempolicy.c: fix out of bounds write in mpol_parse_str() [c7a91bc7c2e17e0a9c8b9745a2cb118891218fd1] power: supply: sbs-battery: Fix a signedness bug in sbs_get_battery_capacity() [eb368de6de32925c65a97c1e929a31cae2155aee] Daniel Jordan (3): padata: always acquire cpu_hotplug_lock before pinst->lock [38228e8848cd7dd86ccb90406af32de0cad24be3] padata: initialize pd->cpu with effective cpumask [ec9c7d19336ee98ecba8de80128aa405c45feebb] padata: purge get_cpu and reorder_via_wq from padata_do_serial [065cf577135a4977931c7a1e1edf442bfd9773dd] Daniel Kiper (1): efi: Use early_mem*() instead of early_io*() [abc93f8eb6e46a480485f19256bdbda36ec78a84] Eric Dumazet (4): bonding/alb: properly access headers in bond_alb_xmit() [38f88c45404293bbc027b956def6c10cbd45c616] cls_rsvp: fix rsvp_policy [cb3c0e6bdf64d0d124e94ce43cbe4ccbb9b37f51] net_sched: ematch: reject invalid TCF_EM_SIMPLE [55cd9f67f1e45de8517cdaab985fb8e56c0bc1d8] tcp: clear tp->total_retrans in tcp_disconnect() [c13c48c00a6bc1febc73902505bdec0967bd7095] Fabian Frederick (1): nfs: use kmap/kunmap directly [0795bf8357c1887e2a95e6e4f5b89d0896a0d929] Filipe Manana (1): Btrfs: fix race between adding and putting tree mod seq elements and nodes [7227ff4de55d931bbdc156c8ef0ce4f100c78a5b] Geert Uytterhoeven (1): nfs: NFS_SWAP should depend on SWAP [474c4f306eefbb21b67ebd1de802d005c7d7ecdc] Guenter Roeck (1): brcmfmac: abort and release host after error [863844ee3bd38219c88e82966d1df36a77716f3e] Herbert Xu (7): crypto: af_alg - Use bh_lock_sock in sk_destruct [37f96694cf73ba116993a9d2d99ad6a75fa7fdb0] crypto: api - Check spawn->alg under lock in crypto_drop_spawn [7db3b61b6bba4310f454588c2ca6faf2958ad79f] crypto: api - Fix race condition in crypto_spawn_alg [73669cc556462f4e50376538d77ee312142e8a8a] crypto: pcrypt - Do not clear MAY_SLEEP flag in original request [e8d998264bffade3cfe0536559f712ab9058d654] crypto: pcrypt - Fix user-after-free on module unload [07bfd9bdf568a38d9440c607b72342036011f727] padata: Remove broken queue flushing [07928d9bfc81640bab36f5190e8725894d93b659] padata: Replace delayed timer with immediate workqueue in padata_reorder [6fc4dbcf0276279d488c5fbbfabe94734134f4fa] Jan Kara (2): reiserfs: Fix memory leak of journal device string [5474ca7da6f34fa95e82edc747d5faa19cbdfb5c] reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling [4d5c1adaf893b8aa52525d2b81995e949bcb3239] Jason A. Donenfeld (2): padata: avoid race in reordering [de5540d088fe97ad583cc7d396586437b32149a5] padata: get_next is never NULL [69b348449bda0f9588737539cfe135774c9939a7] Joe Thornber (1): dm space map common: fix to ensure new block isn't already in use [4feaef830de7ffdd8352e1fe14ad3bf13c9688f8] Johan Hovold (10): USB: serial: ir-usb: add missing endpoint sanity check [2988a8ae7476fe9535ab620320790d1714bdad1d] USB: serial: ir-usb: fix IrLAP framing [38c0d5bdf4973f9f5a888166e9d3e9ed0d32057a] USB: serial: ir-usb: fix link-speed handling [17a0184ca17e288decdca8b2841531e34d49285f] ath9k: fix storage endpoint lookup [0ef332951e856efa89507cdd13ba8f4fb8d4db12] brcmfmac: fix interface sanity check [3428fbcd6e6c0850b1a8b2a12082b7b2aabb3da3] media: iguanair: fix endpoint sanity check [1b257870a78b0a9ce98fdfb052c58542022ffb5b] orinoco_usb: fix interface sanity check [b73e05aa543cf8db4f4927e36952360d71291d41] rsi: fix use-after-free on failed probe and unbind [e93cd35101b61e4c79149be2cfc927c4b28dc60c] rsi_91x_usb: fix interface sanity check [3139b180906af43bc09bd3373fc2338a8271d9d9] zd1211rw: fix storage endpoint lookup [2d68bb2687abb747558b933e80845ff31570a49c] John Hubbard (1): media/v4l2-core: set pages dirty upon releasing DMA buffers [3c7470b6f68434acae459482ab920d1e3fabd1c7] Kai Li (1): jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal [a09decff5c32060639a685581c380f51b14e1fc2] Konstantin Khlebnikov (1): clocksource: Prevent double add_timer_on() for watchdog_timer [febac332a819f0e764aa4da62757ba21d18c182b] Linus Walleij (1): mmc: spi: Toggle SPI polarity, do not hardcode it [af3ed119329cf9690598c5a562d95dfd128e91d6] Logan Gunthorpe (1): PCI: Don't disable bridge BARs when assigning bus resources [9db8dc6d0785225c42a37be7b44d1b07b31b8957] Luis Henriques (1): tracing: Fix tracing_stat return values in error handling paths [afccc00f75bbbee4e4ae833a96c2d29a7259c693] Marios Pomonis (7): KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks [ea740059ecb37807ba47b84b33d1447435a8d868] KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c [6ec4c5eee1750d5d17951c4e1960d953376a0dda] KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks [8c86405f606ca8508b8d9280680166ca26723695] KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks [670564559ca35b439c8d8861fc399451ddf95137] KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks [4bf79cb089f6b1c6c632492c0271054ce52ad766] KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks [3c9053a2cae7ba2ba73766a34cea41baa70f57f7] KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks [14e32321f3606e4b0970200b6e5e47ee6f1e6410] Masahiro Yamada (1): kconfig: fix broken dependency in randconfig-generated .config [c8fb7d7e48d11520ad24808cfce7afb7b9c9f798] Mathias Krause (2): padata: ensure padata_do_serial() runs on the correct CPU [350ef88e7e922354f82a931897ad4a4ce6c686ff] padata: ensure the reorder timer callback runs on the correct CPU [cf5868c8a22dc2854b96e9569064bb92365549ca] Miaohe Lin (1): KVM: nVMX: vmread should not set rflags to specify success in case of #PF [a4d956b9390418623ae5d07933e2679c68b6f83c] Michael Ellerman (1): of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc [dabf6b36b83a18d57e3d4b9d50544ed040d86255] Navid Emamdoost (1): brcmfmac: Fix memory leak in brcmf_usbdev_qinit [4282dc057d750c6a7dd92953564b15c26b54c22c] Oliver Neukum (1): media: iguanair: add sanity checks [ab1cbdf159beba7395a13ab70bc71180929ca064] Paul Kocialkowski (1): rtc: hym8563: Return -EINVAL if the time is known to be invalid [f236a2a2ebabad0848ad0995af7ad1dc7029e895] Pawan Gupta (1): x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR [5efc6fa9044c3356d6046c6e1da6d02572dbed6b] Piotr Krysiuk (1): fs/namespace.c: fix mountpoint reference counter race [2763d11912317a12318135ca03e592bb6df65624] Quinn Tran (1): scsi: qla2xxx: Fix mtcp dump collection failure [641e0efddcbde52461e017136acd3ce7f2ef0c14] Roberto Bergantinos Corpas (1): sunrpc: expiry_time should be seconds not timeval [3d96208c30f84d6edf9ab4fac813306ac0d20c10] Ronnie Sahlberg (1): cifs: fail i/o on soft mounts if sessionsetup errors out [b0dd940e582b6a60296b9847a54012a4b080dc72] Sean Christopherson (6): KVM: Check for a bad hva before dropping into the ghc slow path [fcfbc617547fc6d9552cb6c1c563b6a90ee98085] KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails [1a978d9d3e72ddfa40ac60d26301b154247ee0bc] KVM: PPC: Book3S PR: Free shared page if mmu initialization fails [cb10bf9194f4d2c5d830eddca861f7ca0fecdbb4] KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM [e30a7d623dccdb3f880fbcad980b0cb589a1da45] KVM: x86: Don't let userspace set host-reserved cr4 bits [b11306b53b2540c6ba068c4deddb6a17d9f8d95b] KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails [16be9ddea268ad841457a59109963fff8c9de38d] Stephen Warren (2): ARM: tegra: Enable PLLP bypass during Tegra124 LP1 [1a3388d506bf5b45bb283e6a4c4706cfb4897333] clk: tegra: Mark fuse clock as critical [bf83b96f87ae2abb1e535306ea53608e8de5dfbb] Steven Rostedt (1): tracing: Fix very unlikely race of registering two stat tracers [dfb6cd1e654315168e36d947471bd2a0ccd834ae] Takashi Iwai (2): ALSA: dummy: Fix PCM format loop in proc output [2acf25f13ebe8beb40e97a1bbe76f36277c64f1e] ALSA: sh: Fix compile warning wrt const [f1dd4795b1523fbca7ab4344dd5a8bb439cc770d] Tobias Klauser (1): padata: Remove unused but set variables [119a0798dc42ed4c4f96d39b8b676efcea73aec6] Trond Myklebust (2): NFS: Directory page cache pages need to be locked when read [114de38225d9b300f027e2aec9afbb6e0def154b] NFS: Fix memory leaks and corruption in readdir [4b310319c6a8ce708f1033d57145e2aa027a883c] Vincent Whitchurch (1): CIFS: Fix task struct use-after-free on reconnect [f1f27ad74557e39f67a8331a808b860f89254f2d] Vladimir Oltean (1): gianfar: Fix TX timestamping with a stacked DSA driver [c26a2c2ddc0115eb088873f5c309cf46b982f522] Will Deacon (1): media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors [68035c80e129c4cfec659aac4180354530b26527] Wuxu.Wu (1): spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls [19b61392c5a852b4e8a0bf35aecb969983c5932d] Zhangyi (2): ext4, jbd2: ensure panic when aborting with zero errno [51f57b01e4a3c7d7bdceffd84de35144e8c538e7] jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record [d0a186e0d3e7ac05cc77da7c157dae5aa59f95d9] Zhihao Cheng (1): ubifs: Fix deadlock in concurrent bulk-read and writepage [f5de5b83303e61b1f3fb09bd77ce3ac2d7a475f2] Makefile | 4 +- arch/arm/boot/dts/sama5d3.dtsi | 26 ++-- arch/arm/boot/dts/sama5d3_can.dtsi | 4 +- arch/arm/boot/dts/sama5d3_tcb1.dtsi | 1 + arch/arm/boot/dts/sama5d3_uart.dtsi | 4 +- arch/arm/include/asm/kvm_emulate.h | 5 + arch/arm/include/asm/kvm_mmio.h | 2 + arch/arm/kvm/mmio.c | 6 + arch/arm/mach-tegra/sleep-tegra30.S | 11 ++ arch/arm64/include/asm/kvm_emulate.h | 5 + arch/arm64/include/asm/kvm_mmio.h | 6 +- arch/powerpc/Kconfig | 1 + arch/powerpc/kvm/book3s_hv.c | 4 +- arch/powerpc/kvm/book3s_pr.c | 4 +- arch/sparc/include/uapi/asm/ipcbuf.h | 22 ++-- arch/x86/kernel/cpu/tsx.c | 13 +- arch/x86/kvm/emulate.c | 12 +- arch/x86/kvm/i8259.c | 4 +- arch/x86/kvm/lapic.c | 14 ++- arch/x86/kvm/vmx.c | 4 +- arch/x86/kvm/x86.c | 57 +++++++-- arch/x86/platform/efi/efi.c | 37 +++--- crypto/af_alg.c | 6 +- crypto/algapi.c | 22 ++-- crypto/api.c | 3 +- crypto/internal.h | 1 - crypto/pcrypt.c | 4 +- drivers/clk/tegra/clk-tegra-periph.c | 6 +- drivers/crypto/picoxcell_crypto.c | 15 ++- drivers/firmware/efi/efi.c | 4 +- drivers/md/persistent-data/dm-space-map-common.c | 27 ++++ drivers/md/persistent-data/dm-space-map-common.h | 2 + drivers/md/persistent-data/dm-space-map-disk.c | 6 +- drivers/md/persistent-data/dm-space-map-metadata.c | 5 +- drivers/media/rc/iguanair.c | 15 ++- drivers/media/usb/uvc/uvc_driver.c | 12 ++ drivers/media/v4l2-core/videobuf-dma-sg.c | 5 +- drivers/mmc/host/mmc_spi.c | 11 +- drivers/net/bonding/bond_alb.c | 44 +++++-- drivers/net/ethernet/freescale/gianfar.c | 10 +- drivers/net/wireless/ath/ath9k/hif_usb.c | 2 +- drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c | 3 + drivers/net/wireless/brcm80211/brcmfmac/usb.c | 3 +- drivers/net/wireless/iwlegacy/common.c | 2 +- drivers/net/wireless/orinoco/orinoco_usb.c | 4 +- drivers/net/wireless/rsi/rsi_91x_usb.c | 12 +- drivers/net/wireless/zd1211rw/zd_usb.c | 2 +- drivers/of/Kconfig | 4 + drivers/of/address.c | 6 +- drivers/pci/setup-bus.c | 20 ++- drivers/power/sbs-battery.c | 2 +- drivers/rtc/rtc-hym8563.c | 2 +- drivers/scsi/qla2xxx/qla_mbx.c | 3 +- drivers/spi/spi-dw.c | 14 ++- drivers/spi/spi-dw.h | 1 + drivers/staging/wlan-ng/prism2mgmt.c | 2 +- drivers/usb/dwc3/core.c | 3 + drivers/usb/gadget/f_ecm.c | 16 ++- drivers/usb/gadget/f_ncm.c | 17 ++- drivers/usb/serial/ir-usb.c | 136 ++++++++++++++++----- drivers/video/fbdev/pxa168fb.c | 6 +- fs/btrfs/ctree.c | 8 +- fs/btrfs/ctree.h | 6 +- fs/btrfs/delayed-ref.c | 8 +- fs/btrfs/disk-io.c | 1 - fs/btrfs/tests/btrfs-tests.c | 1 - fs/cifs/cifsglob.h | 1 + fs/cifs/smb2pdu.c | 10 +- fs/cifs/smb2transport.c | 2 + fs/cifs/transport.c | 4 + fs/jbd2/checkpoint.c | 2 +- fs/jbd2/commit.c | 4 +- fs/jbd2/journal.c | 21 ++-- fs/namespace.c | 2 +- fs/nfs/Kconfig | 2 +- fs/nfs/dir.c | 104 +++++++--------- fs/pnode.c | 9 +- fs/reiserfs/super.c | 4 +- fs/ubifs/file.c | 5 +- include/linux/padata.h | 13 +- include/linux/usb/irda.h | 13 +- kernel/padata.c | 134 +++++++------------- kernel/time/clocksource.c | 11 +- kernel/trace/trace_stat.c | 31 ++--- mm/mempolicy.c | 6 +- net/ipv4/tcp.c | 1 + net/sched/cls_rsvp.h | 6 +- net/sched/ematch.c | 3 + net/sunrpc/auth_gss/svcauth_gss.c | 4 + scripts/kconfig/confdata.c | 2 +- sound/drivers/dummy.c | 2 +- sound/sh/aica.c | 4 +- virt/kvm/ioapic.c | 15 ++- virt/kvm/kvm_main.c | 12 +- 94 files changed, 711 insertions(+), 444 deletions(-) -- Ben Hutchings All the simple programs have been written, and all the good names taken

5 years, 1 month

4
111
0 0

[stable-4.19 1/3] padata: Replace delayed timer with immediate workqueue in padata_reorder

by Daniel Jordan

From: Herbert Xu <herbert(a)gondor.apana.org.au> [ Upstream commit 6fc4dbcf0276279d488c5fbbfabe94734134f4fa ] The function padata_reorder will use a timer when it cannot progress while completed jobs are outstanding (pd->reorder_objects > 0). This is suboptimal as if we do end up using the timer then it would have introduced a gratuitous delay of one second. In fact we can easily distinguish between whether completed jobs are outstanding and whether we can make progress. All we have to do is look at the next pqueue list. This patch does that by replacing pd->processed with pd->cpu so that the next pqueue is more accessible. A work queue is used instead of the original try_again to avoid hogging the CPU. Note that we don't bother removing the work queue in padata_flush_queues because the whole premise is broken. You cannot flush async crypto requests so it makes no sense to even try. A subsequent patch will fix it by replacing it with a ref counting scheme. Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> [dj: - adjust context - corrected setup_timer -> timer_setup to delete hunk - skip padata_flush_queues() hunk, function already removed in 4.19] Signed-off-by: Daniel Jordan <daniel.m.jordan(a)oracle.com> --- include/linux/padata.h | 13 ++---- kernel/padata.c | 95 ++++++++---------------------------------- 2 files changed, 22 insertions(+), 86 deletions(-) diff --git a/include/linux/padata.h b/include/linux/padata.h index 5d13d25da2c8..d803397a28f7 100644 --- a/include/linux/padata.h +++ b/include/linux/padata.h @@ -24,7 +24,6 @@ #include <linux/workqueue.h> #include <linux/spinlock.h> #include <linux/list.h> -#include <linux/timer.h> #include <linux/notifier.h> #include <linux/kobject.h> @@ -85,18 +84,14 @@ struct padata_serial_queue { * @serial: List to wait for serialization after reordering. * @pwork: work struct for parallelization. * @swork: work struct for serialization. - * @pd: Backpointer to the internal control structure. * @work: work struct for parallelization. - * @reorder_work: work struct for reordering. * @num_obj: Number of objects that are processed by this cpu. * @cpu_index: Index of the cpu. */ struct padata_parallel_queue { struct padata_list parallel; struct padata_list reorder; - struct parallel_data *pd; struct work_struct work; - struct work_struct reorder_work; atomic_t num_obj; int cpu_index; }; @@ -122,10 +117,10 @@ struct padata_cpumask { * @reorder_objects: Number of objects waiting in the reorder queues. * @refcnt: Number of objects holding a reference on this parallel_data. * @max_seq_nr: Maximal used sequence number. + * @cpu: Next CPU to be processed. * @cpumask: The cpumasks in use for parallel and serial workers. + * @reorder_work: work struct for reordering. * @lock: Reorder lock. - * @processed: Number of already processed objects. - * @timer: Reorder timer. */ struct parallel_data { struct padata_instance *pinst; @@ -134,10 +129,10 @@ struct parallel_data { atomic_t reorder_objects; atomic_t refcnt; atomic_t seq_nr; + int cpu; struct padata_cpumask cpumask; + struct work_struct reorder_work; spinlock_t lock ____cacheline_aligned; - unsigned int processed; - struct timer_list timer; }; /** diff --git a/kernel/padata.c b/kernel/padata.c index c280cb153915..47dc31ce15ac 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -167,23 +167,12 @@ EXPORT_SYMBOL(padata_do_parallel); */ static struct padata_priv *padata_get_next(struct parallel_data *pd) { - int cpu, num_cpus; - unsigned int next_nr, next_index; struct padata_parallel_queue *next_queue; struct padata_priv *padata; struct padata_list *reorder; + int cpu = pd->cpu; - num_cpus = cpumask_weight(pd->cpumask.pcpu); - - /* - * Calculate the percpu reorder queue and the sequence - * number of the next object. - */ - next_nr = pd->processed; - next_index = next_nr % num_cpus; - cpu = padata_index_to_cpu(pd, next_index); next_queue = per_cpu_ptr(pd->pqueue, cpu); - reorder = &next_queue->reorder; spin_lock(&reorder->lock); @@ -194,7 +183,8 @@ static struct padata_priv *padata_get_next(struct parallel_data *pd) list_del_init(&padata->list); atomic_dec(&pd->reorder_objects); - pd->processed++; + pd->cpu = cpumask_next_wrap(cpu, pd->cpumask.pcpu, -1, + false); spin_unlock(&reorder->lock); goto out; @@ -217,6 +207,7 @@ static void padata_reorder(struct parallel_data *pd) struct padata_priv *padata; struct padata_serial_queue *squeue; struct padata_instance *pinst = pd->pinst; + struct padata_parallel_queue *next_queue; /* * We need to ensure that only one cpu can work on dequeueing of @@ -248,7 +239,6 @@ static void padata_reorder(struct parallel_data *pd) * so exit immediately. */ if (PTR_ERR(padata) == -ENODATA) { - del_timer(&pd->timer); spin_unlock_bh(&pd->lock); return; } @@ -267,70 +257,29 @@ static void padata_reorder(struct parallel_data *pd) /* * The next object that needs serialization might have arrived to - * the reorder queues in the meantime, we will be called again - * from the timer function if no one else cares for it. + * the reorder queues in the meantime. * - * Ensure reorder_objects is read after pd->lock is dropped so we see - * an increment from another task in padata_do_serial. Pairs with + * Ensure reorder queue is read after pd->lock is dropped so we see + * new objects from another task in padata_do_serial. Pairs with * smp_mb__after_atomic in padata_do_serial. */ smp_mb(); - if (atomic_read(&pd->reorder_objects) - && !(pinst->flags & PADATA_RESET)) - mod_timer(&pd->timer, jiffies + HZ); - else - del_timer(&pd->timer); - return; + next_queue = per_cpu_ptr(pd->pqueue, pd->cpu); + if (!list_empty(&next_queue->reorder.list)) + queue_work(pinst->wq, &pd->reorder_work); } static void invoke_padata_reorder(struct work_struct *work) { - struct padata_parallel_queue *pqueue; struct parallel_data *pd; local_bh_disable(); - pqueue = container_of(work, struct padata_parallel_queue, reorder_work); - pd = pqueue->pd; + pd = container_of(work, struct parallel_data, reorder_work); padata_reorder(pd); local_bh_enable(); } -static void padata_reorder_timer(struct timer_list *t) -{ - struct parallel_data *pd = from_timer(pd, t, timer); - unsigned int weight; - int target_cpu, cpu; - - cpu = get_cpu(); - - /* We don't lock pd here to not interfere with parallel processing - * padata_reorder() calls on other CPUs. We just need any CPU out of - * the cpumask.pcpu set. It would be nice if it's the right one but - * it doesn't matter if we're off to the next one by using an outdated - * pd->processed value. - */ - weight = cpumask_weight(pd->cpumask.pcpu); - target_cpu = padata_index_to_cpu(pd, pd->processed % weight); - - /* ensure to call the reorder callback on the correct CPU */ - if (cpu != target_cpu) { - struct padata_parallel_queue *pqueue; - struct padata_instance *pinst; - - /* The timer function is serialized wrt itself -- no locking - * needed. - */ - pinst = pd->pinst; - pqueue = per_cpu_ptr(pd->pqueue, target_cpu); - queue_work_on(target_cpu, pinst->wq, &pqueue->reorder_work); - } else { - padata_reorder(pd); - } - - put_cpu(); -} - static void padata_serial_worker(struct work_struct *serial_work) { struct padata_serial_queue *squeue; @@ -384,9 +333,8 @@ void padata_do_serial(struct padata_priv *padata) cpu = get_cpu(); - /* We need to run on the same CPU padata_do_parallel(.., padata, ..) - * was called on -- or, at least, enqueue the padata object into the - * correct per-cpu queue. + /* We need to enqueue the padata object into the correct + * per-cpu queue. */ if (cpu != padata->cpu) { reorder_via_wq = 1; @@ -396,12 +344,12 @@ void padata_do_serial(struct padata_priv *padata) pqueue = per_cpu_ptr(pd->pqueue, cpu); spin_lock(&pqueue->reorder.lock); - atomic_inc(&pd->reorder_objects); list_add_tail(&padata->list, &pqueue->reorder.list); + atomic_inc(&pd->reorder_objects); spin_unlock(&pqueue->reorder.lock); /* - * Ensure the atomic_inc of reorder_objects above is ordered correctly + * Ensure the addition to the reorder list is ordered correctly * with the trylock of pd->lock in padata_reorder. Pairs with smp_mb * in padata_reorder. */ @@ -409,13 +357,7 @@ void padata_do_serial(struct padata_priv *padata) put_cpu(); - /* If we're running on the wrong CPU, call padata_reorder() via a - * kernel worker. - */ - if (reorder_via_wq) - queue_work_on(cpu, pd->pinst->wq, &pqueue->reorder_work); - else - padata_reorder(pd); + padata_reorder(pd); } EXPORT_SYMBOL(padata_do_serial); @@ -471,14 +413,12 @@ static void padata_init_pqueues(struct parallel_data *pd) continue; } - pqueue->pd = pd; pqueue->cpu_index = cpu_index; cpu_index++; __padata_list_init(&pqueue->reorder); __padata_list_init(&pqueue->parallel); INIT_WORK(&pqueue->work, padata_parallel_worker); - INIT_WORK(&pqueue->reorder_work, invoke_padata_reorder); atomic_set(&pqueue->num_obj, 0); } } @@ -506,12 +446,13 @@ static struct parallel_data *padata_alloc_pd(struct padata_instance *pinst, padata_init_pqueues(pd); padata_init_squeues(pd); - timer_setup(&pd->timer, padata_reorder_timer, 0); atomic_set(&pd->seq_nr, -1); atomic_set(&pd->reorder_objects, 0); atomic_set(&pd->refcnt, 1); pd->pinst = pinst; spin_lock_init(&pd->lock); + pd->cpu = cpumask_first(pcpumask); + INIT_WORK(&pd->reorder_work, invoke_padata_reorder); return pd; -- 2.26.2

5 years, 1 month

2
3
0 0

[4.4] Security fixes

by Ben Hutchings

I've backported fixes for I²C and media controller devices, dealing with the lifetime of related cdev and struct device instances and some similar race conditions. Fixing the lifetime issue for watchdog devices looks impractical for 4.4, as it depends on a big refactoring in 4.5. All but one of these are already included in or queued for the later stable branches. You dropped the I²C lifetime fix for 4.9, but I hope my previous replies persuaded you that it is valid. Ben. -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

5 years, 1 month

2
1
0 0

[stable-4.9 1/4] padata: set cpu_index of unused CPUs to -1

by Daniel Jordan

From: Mathias Krause <minipli(a)googlemail.com> [ Upstream commit 1bd845bcb41d5b7f83745e0cb99273eb376f2ec5 ] The parallel queue per-cpu data structure gets initialized only for CPUs in the 'pcpu' CPU mask set. This is not sufficient as the reorder timer may run on a different CPU and might wrongly decide it's the target CPU for the next reorder item as per-cpu memory gets memset(0) and we might be waiting for the first CPU in cpumask.pcpu, i.e. cpu_index 0. Make the '__this_cpu_read(pd->pqueue->cpu_index) == next_queue->cpu_index' compare in padata_get_next() fail in this case by initializing the cpu_index member of all per-cpu parallel queues. Use -1 for unused ones. Signed-off-by: Mathias Krause <minipli(a)googlemail.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Daniel Jordan <daniel.m.jordan(a)oracle.com> --- kernel/padata.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/kernel/padata.c b/kernel/padata.c index 693536efccf9..52a1d3fd13b5 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -462,8 +462,14 @@ static void padata_init_pqueues(struct parallel_data *pd) struct padata_parallel_queue *pqueue; cpu_index = 0; - for_each_cpu(cpu, pd->cpumask.pcpu) { + for_each_possible_cpu(cpu) { pqueue = per_cpu_ptr(pd->pqueue, cpu); + + if (!cpumask_test_cpu(cpu, pd->cpumask.pcpu)) { + pqueue->cpu_index = -1; + continue; + } + pqueue->pd = pd; pqueue->cpu_index = cpu_index; cpu_index++; -- 2.26.2

5 years, 1 month

1
3
0 0

[stable-4.14 1/4] padata: set cpu_index of unused CPUs to -1

by Daniel Jordan

From: Mathias Krause <minipli(a)googlemail.com> [ Upstream commit 1bd845bcb41d5b7f83745e0cb99273eb376f2ec5 ] The parallel queue per-cpu data structure gets initialized only for CPUs in the 'pcpu' CPU mask set. This is not sufficient as the reorder timer may run on a different CPU and might wrongly decide it's the target CPU for the next reorder item as per-cpu memory gets memset(0) and we might be waiting for the first CPU in cpumask.pcpu, i.e. cpu_index 0. Make the '__this_cpu_read(pd->pqueue->cpu_index) == next_queue->cpu_index' compare in padata_get_next() fail in this case by initializing the cpu_index member of all per-cpu parallel queues. Use -1 for unused ones. Signed-off-by: Mathias Krause <minipli(a)googlemail.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Daniel Jordan <daniel.m.jordan(a)oracle.com> --- kernel/padata.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/kernel/padata.c b/kernel/padata.c index 40a0ebb8ea51..858e82179744 100644 --- a/kernel/padata.c +++ b/kernel/padata.c @@ -462,8 +462,14 @@ static void padata_init_pqueues(struct parallel_data *pd) struct padata_parallel_queue *pqueue; cpu_index = 0; - for_each_cpu(cpu, pd->cpumask.pcpu) { + for_each_possible_cpu(cpu) { pqueue = per_cpu_ptr(pd->pqueue, cpu); + + if (!cpumask_test_cpu(cpu, pd->cpumask.pcpu)) { + pqueue->cpu_index = -1; + continue; + } + pqueue->pd = pd; pqueue->cpu_index = cpu_index; cpu_index++; -- 2.26.2

5 years, 1 month

1
3
0 0

+ mm-ptdump-expand-type-of-val-in-note_page.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: ptdump: expand type of 'val' in note_page() has been added to the -mm tree. Its filename is mm-ptdump-expand-type-of-val-in-note_page.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-ptdump-expand-type-of-val-in-no… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-ptdump-expand-type-of-val-in-no… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Steven Price <steven.price(a)arm.com> Subject: mm: ptdump: expand type of 'val' in note_page() The page table entry is passed in the 'val' argument to note_page(), however this was previously an "unsigned long" which is fine on 64-bit platforms. But for 32 bit x86 it is not always big enough to contain a page table entry which may be 64 bits. Change the type to u64 to ensure that it is always big enough. Link: http://lkml.kernel.org/r/20200521152308.33096-3-steven.price@arm.com Signed-off-by: Steven Price <steven.price(a)arm.com> Reported-by: Jan Beulich <jbeulich(a)suse.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/arm64/mm/dump.c | 2 +- arch/x86/mm/dump_pagetables.c | 2 +- include/linux/ptdump.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) --- a/arch/arm64/mm/dump.c~mm-ptdump-expand-type-of-val-in-note_page +++ a/arch/arm64/mm/dump.c @@ -247,7 +247,7 @@ static void note_prot_wx(struct pg_state } static void note_page(struct ptdump_state *pt_st, unsigned long addr, int level, - unsigned long val) + u64 val) { struct pg_state *st = container_of(pt_st, struct pg_state, ptdump); static const char units[] = "KMGTPE"; --- a/arch/x86/mm/dump_pagetables.c~mm-ptdump-expand-type-of-val-in-note_page +++ a/arch/x86/mm/dump_pagetables.c @@ -273,7 +273,7 @@ static void effective_prot(struct ptdump * print what we collected so far. */ static void note_page(struct ptdump_state *pt_st, unsigned long addr, int level, - unsigned long val) + u64 val) { struct pg_state *st = container_of(pt_st, struct pg_state, ptdump); pgprotval_t new_prot, new_eff; --- a/include/linux/ptdump.h~mm-ptdump-expand-type-of-val-in-note_page +++ a/include/linux/ptdump.h @@ -13,7 +13,7 @@ struct ptdump_range { struct ptdump_state { /* level is 0:PGD to 4:PTE, or -1 if unknown */ void (*note_page)(struct ptdump_state *st, unsigned long addr, - int level, unsigned long val); + int level, u64 val); void (*effective_prot)(struct ptdump_state *st, int level, u64 val); const struct ptdump_range *range; }; _ Patches currently in -mm which might be from steven.price(a)arm.com are x86-mm-ptdump-calculate-effective-permissions-correctly.patch mm-ptdump-expand-type-of-val-in-note_page.patch

5 years, 1 month

1
0
0 0

+ x86-mm-ptdump-calculate-effective-permissions-correctly.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: x86: mm: ptdump: calculate effective permissions correctly has been added to the -mm tree. Its filename is x86-mm-ptdump-calculate-effective-permissions-correctly.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/x86-mm-ptdump-calculate-effective-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/x86-mm-ptdump-calculate-effective-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Steven Price <steven.price(a)arm.com> Subject: x86: mm: ptdump: calculate effective permissions correctly Patch series "Fix W+X debug feature on x86" Jan alerted me[1] that the W+X detection debug feature was broken in x86 by my change[2] to switch x86 to use the generic ptdump infrastructure. Fundamentally the approach of trying to move the calculation of effective permissions into note_page() was broken because note_page() is only called for 'leaf' entries and the effective permissions are passed down via the internal nodes of the page tree. The solution I've taken here is to create a new (optional) callback which is called for all nodes of the page tree and therefore can calculate the effective permissions. Secondly on some configurations (32 bit with PAE) "unsigned long" is not large enough to store the table entries. The fix here is simple - let's just use a u64. [1] https://lore.kernel.org/lkml/d573dc7e-e742-84de-473d-f971142fa319@suse.com/ [2] 2ae27137b2db ("x86: mm: convert dump_pagetables to use walk_page_range") This patch (of 2): By switching the x86 page table dump code to use the generic code the effective permissions are no longer calculated correctly because the note_page() function is only called for *leaf* entries. To calculate the actual effective permissions it is necessary to observe the full hierarchy of the page tree. Introduce a new callback for ptdump which is called for every entry and can therefore update the prot_levels array correctly. note_page() can then simply access the appropriate element in the array. Link: http://lkml.kernel.org/r/20200521152308.33096-1-steven.price@arm.com Link: http://lkml.kernel.org/r/20200521152308.33096-2-steven.price@arm.com Fixes: 2ae27137b2db ("x86: mm: convert dump_pagetables to use walk_page_range") Signed-off-by: Steven Price <steven.price(a)arm.com> Reported-by: Jan Beulich <jbeulich(a)suse.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/x86/mm/dump_pagetables.c | 31 +++++++++++++++++++------------ include/linux/ptdump.h | 1 + mm/ptdump.c | 17 ++++++++++++++++- 3 files changed, 36 insertions(+), 13 deletions(-) --- a/arch/x86/mm/dump_pagetables.c~x86-mm-ptdump-calculate-effective-permissions-correctly +++ a/arch/x86/mm/dump_pagetables.c @@ -249,10 +249,22 @@ static void note_wx(struct pg_state *st, (void *)st->start_address); } -static inline pgprotval_t effective_prot(pgprotval_t prot1, pgprotval_t prot2) +static void effective_prot(struct ptdump_state *pt_st, int level, u64 val) { - return (prot1 & prot2 & (_PAGE_USER | _PAGE_RW)) | - ((prot1 | prot2) & _PAGE_NX); + struct pg_state *st = container_of(pt_st, struct pg_state, ptdump); + pgprotval_t prot = val & PTE_FLAGS_MASK; + pgprotval_t effective; + + if (level > 0) { + pgprotval_t higher_prot = st->prot_levels[level - 1]; + + effective = (higher_prot & prot & (_PAGE_USER | _PAGE_RW)) | + ((higher_prot | prot) & _PAGE_NX); + } else { + effective = prot; + } + + st->prot_levels[level] = effective; } /* @@ -270,16 +282,10 @@ static void note_page(struct ptdump_stat struct seq_file *m = st->seq; new_prot = val & PTE_FLAGS_MASK; + new_eff = st->prot_levels[level]; - if (level > 0) { - new_eff = effective_prot(st->prot_levels[level - 1], - new_prot); - } else { - new_eff = new_prot; - } - - if (level >= 0) - st->prot_levels[level] = new_eff; + if (!val) + new_eff = 0; /* * If we have a "break" in the series, we need to flush the state that @@ -374,6 +380,7 @@ static void ptdump_walk_pgd_level_core(s struct pg_state st = { .ptdump = { .note_page = note_page, + .effective_prot = effective_prot, .range = ptdump_ranges }, .level = -1, --- a/include/linux/ptdump.h~x86-mm-ptdump-calculate-effective-permissions-correctly +++ a/include/linux/ptdump.h @@ -14,6 +14,7 @@ struct ptdump_state { /* level is 0:PGD to 4:PTE, or -1 if unknown */ void (*note_page)(struct ptdump_state *st, unsigned long addr, int level, unsigned long val); + void (*effective_prot)(struct ptdump_state *st, int level, u64 val); const struct ptdump_range *range; }; --- a/mm/ptdump.c~x86-mm-ptdump-calculate-effective-permissions-correctly +++ a/mm/ptdump.c @@ -36,6 +36,9 @@ static int ptdump_pgd_entry(pgd_t *pgd, return note_kasan_page_table(walk, addr); #endif + if (st->effective_prot) + st->effective_prot(st, 0, pgd_val(val)); + if (pgd_leaf(val)) st->note_page(st, addr, 0, pgd_val(val)); @@ -53,6 +56,9 @@ static int ptdump_p4d_entry(p4d_t *p4d, return note_kasan_page_table(walk, addr); #endif + if (st->effective_prot) + st->effective_prot(st, 1, p4d_val(val)); + if (p4d_leaf(val)) st->note_page(st, addr, 1, p4d_val(val)); @@ -70,6 +76,9 @@ static int ptdump_pud_entry(pud_t *pud, return note_kasan_page_table(walk, addr); #endif + if (st->effective_prot) + st->effective_prot(st, 2, pud_val(val)); + if (pud_leaf(val)) st->note_page(st, addr, 2, pud_val(val)); @@ -87,6 +96,8 @@ static int ptdump_pmd_entry(pmd_t *pmd, return note_kasan_page_table(walk, addr); #endif + if (st->effective_prot) + st->effective_prot(st, 3, pmd_val(val)); if (pmd_leaf(val)) st->note_page(st, addr, 3, pmd_val(val)); @@ -97,8 +108,12 @@ static int ptdump_pte_entry(pte_t *pte, unsigned long next, struct mm_walk *walk) { struct ptdump_state *st = walk->private; + pte_t val = READ_ONCE(*pte); + + if (st->effective_prot) + st->effective_prot(st, 4, pte_val(val)); - st->note_page(st, addr, 4, pte_val(READ_ONCE(*pte))); + st->note_page(st, addr, 4, pte_val(val)); return 0; } _ Patches currently in -mm which might be from steven.price(a)arm.com are x86-mm-ptdump-calculate-effective-permissions-correctly.patch mm-ptdump-expand-type-of-val-in-note_page.patch

5 years, 1 month

1
0
0 0

Offer

by Mazer

I hope you are doing great? This is Felix from Toronto-Canada. I have a lucrative business offer that will benefit us both immensely within a very short period of time. However, I need your initial approval of interest prior to further and complete details regarding the deal. Thanks, Felix.

5 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror May 2020