June 2022 - Linux-stable-mirror

[PATCH] assoc_array: Fix BUG_ON during garbage collect

by David Howells

From: Stephen Brennan <stephen.s.brennan(a)oracle.com> A rare BUG_ON triggered in assoc_array_gc: [3430308.818153] kernel BUG at lib/assoc_array.c:1609! Which corresponded to the statement currently at line 1593 upstream: BUG_ON(assoc_array_ptr_is_meta(p)); Using the data from the core dump, I was able to generate a userspace reproducer[1] and determine the cause of the bug. [1]: https://github.com/brenns10/kernel_stuff/tree/master/assoc_array_gc After running the iterator on the entire branch, an internal tree node looked like the following: NODE (nr_leaves_on_branch: 3) SLOT [0] NODE (2 leaves) SLOT [1] NODE (1 leaf) SLOT [2..f] NODE (empty) In the userspace reproducer, the pr_devel output when compressing this node was: -- compress node 0x5607cc089380 -- free=0, leaves=0 [0] retain node 2/1 [nx 0] [1] fold node 1/1 [nx 0] [2] fold node 0/1 [nx 2] [3] fold node 0/2 [nx 2] [4] fold node 0/3 [nx 2] [5] fold node 0/4 [nx 2] [6] fold node 0/5 [nx 2] [7] fold node 0/6 [nx 2] [8] fold node 0/7 [nx 2] [9] fold node 0/8 [nx 2] [10] fold node 0/9 [nx 2] [11] fold node 0/10 [nx 2] [12] fold node 0/11 [nx 2] [13] fold node 0/12 [nx 2] [14] fold node 0/13 [nx 2] [15] fold node 0/14 [nx 2] after: 3 At slot 0, an internal node with 2 leaves could not be folded into the node, because there was only one available slot (slot 0). Thus, the internal node was retained. At slot 1, the node had one leaf, and was able to be folded in successfully. The remaining nodes had no leaves, and so were removed. By the end of the compression stage, there were 14 free slots, and only 3 leaf nodes. The tree was ascended and then its parent node was compressed. When this node was seen, it could not be folded, due to the internal node it contained. The invariant for compression in this function is: whenever nr_leaves_on_branch < ASSOC_ARRAY_FAN_OUT, the node should contain all leaf nodes. The compression step currently cannot guarantee this, given the corner case shown above. To fix this issue, retry compression whenever we have retained a node, and yet nr_leaves_on_branch < ASSOC_ARRAY_FAN_OUT. This second compression will then allow the node in slot 1 to be folded in, satisfying the invariant. Below is the output of the reproducer once the fix is applied: -- compress node 0x560e9c562380 -- free=0, leaves=0 [0] retain node 2/1 [nx 0] [1] fold node 1/1 [nx 0] [2] fold node 0/1 [nx 2] [3] fold node 0/2 [nx 2] [4] fold node 0/3 [nx 2] [5] fold node 0/4 [nx 2] [6] fold node 0/5 [nx 2] [7] fold node 0/6 [nx 2] [8] fold node 0/7 [nx 2] [9] fold node 0/8 [nx 2] [10] fold node 0/9 [nx 2] [11] fold node 0/10 [nx 2] [12] fold node 0/11 [nx 2] [13] fold node 0/12 [nx 2] [14] fold node 0/13 [nx 2] [15] fold node 0/14 [nx 2] internal nodes remain despite enough space, retrying -- compress node 0x560e9c562380 -- free=14, leaves=1 [0] fold node 2/15 [nx 0] after: 3 Changes ======= DH: - Use false instead of 0. - Reorder the inserted lines in a couple of places to put retained before next_slot. ver #2) - Fix typo in pr_devel, correct comparison to "<=" Fixes: 3cb989501c26 ("Add a generic associative array implementation.") Cc: <stable(a)vger.kernel.org> Signed-off-by: Stephen Brennan <stephen.s.brennan(a)oracle.com> Signed-off-by: David Howells <dhowells(a)redhat.com> cc: Jarkko Sakkinen <jarkko(a)kernel.org> cc: Andrew Morton <akpm(a)linux-foundation.org> cc: keyrings(a)vger.kernel.org Link: https://lore.kernel.org/r/20220511225517.407935-1-stephen.s.brennan@oracle.… # v1 Link: https://lore.kernel.org/r/20220512215045.489140-1-stephen.s.brennan@oracle.… # v2 --- lib/assoc_array.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/lib/assoc_array.c b/lib/assoc_array.c index 079c72e26493..ca0b4f360c1a 100644 --- a/lib/assoc_array.c +++ b/lib/assoc_array.c @@ -1461,6 +1461,7 @@ int assoc_array_gc(struct assoc_array *array, struct assoc_array_ptr *cursor, *ptr; struct assoc_array_ptr *new_root, *new_parent, **new_ptr_pp; unsigned long nr_leaves_on_tree; + bool retained; int keylen, slot, nr_free, next_slot, i; pr_devel("-->%s()\n", __func__); @@ -1536,6 +1537,7 @@ int assoc_array_gc(struct assoc_array *array, goto descend; } +retry_compress: pr_devel("-- compress node %p --\n", new_n); /* Count up the number of empty slots in this node and work out the @@ -1553,6 +1555,7 @@ int assoc_array_gc(struct assoc_array *array, pr_devel("free=%d, leaves=%lu\n", nr_free, new_n->nr_leaves_on_branch); /* See what we can fold in */ + retained = false; next_slot = 0; for (slot = 0; slot < ASSOC_ARRAY_FAN_OUT; slot++) { struct assoc_array_shortcut *s; @@ -1602,9 +1605,14 @@ int assoc_array_gc(struct assoc_array *array, pr_devel("[%d] retain node %lu/%d [nx %d]\n", slot, child->nr_leaves_on_branch, nr_free + 1, next_slot); + retained = true; } } + if (retained && new_n->nr_leaves_on_branch <= ASSOC_ARRAY_FAN_OUT) { + pr_devel("internal nodes remain despite enough space, retrying\n"); + goto retry_compress; + } pr_devel("after: %lu\n", new_n->nr_leaves_on_branch); nr_leaves_on_tree = new_n->nr_leaves_on_branch;

3 years

5
7
0 0

[PATCH] bpf: Fix KASAN use-after-free Read in compute_effective_progs

by Tadeusz Struk

Syzbot found a Use After Free bug in compute_effective_progs(). The reproducer creates a number of BPF links, and causes a fault injected alloc to fail, while calling bpf_link_detach on them. Link detach triggers the link to be freed by bpf_link_free(), which calls __cgroup_bpf_detach() and update_effective_progs(). If the memory allocation in this function fails, the function restores the pointer to the bpf_cgroup_link on the cgroup list, but the memory gets freed just after it returns. After this, every subsequent call to update_effective_progs() causes this already deallocated pointer to be dereferenced in prog_list_length(), and triggers KASAN UAF error. To fix this don't preserve the pointer to the link on the cgroup list in __cgroup_bpf_detach(), but proceed with the cleanup and retry calling update_effective_progs() again afterwards. Cc: "Alexei Starovoitov" <ast(a)kernel.org> Cc: "Daniel Borkmann" <daniel(a)iogearbox.net> Cc: "Andrii Nakryiko" <andrii(a)kernel.org> Cc: "Martin KaFai Lau" <kafai(a)fb.com> Cc: "Song Liu" <songliubraving(a)fb.com> Cc: "Yonghong Song" <yhs(a)fb.com> Cc: "John Fastabend" <john.fastabend(a)gmail.com> Cc: "KP Singh" <kpsingh(a)kernel.org> Cc: <netdev(a)vger.kernel.org> Cc: <bpf(a)vger.kernel.org> Cc: <stable(a)vger.kernel.org> Cc: <linux-kernel(a)vger.kernel.org> Link: https://syzkaller.appspot.com/bug?id=8ebf179a95c2a2670f7cf1ba62429ec044369d… Fixes: af6eea57437a ("bpf: Implement bpf_link-based cgroup BPF program attachment") Reported-by: <syzbot+f264bffdfbd5614f3bb2(a)syzkaller.appspotmail.com> Signed-off-by: Tadeusz Struk <tadeusz.struk(a)linaro.org> --- kernel/bpf/cgroup.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c index 128028efda64..b6307337a3c7 100644 --- a/kernel/bpf/cgroup.c +++ b/kernel/bpf/cgroup.c @@ -723,10 +723,11 @@ static int __cgroup_bpf_detach(struct cgroup *cgrp, struct bpf_prog *prog, pl->link = NULL; err = update_effective_progs(cgrp, atype); - if (err) - goto cleanup; - - /* now can actually delete it from this cgroup list */ + /* + * Proceed regardless of error. The link and/or prog will be freed + * just after this function returns so just delete it from this + * cgroup list and retry calling update_effective_progs again later. + */ list_del(&pl->node); kfree(pl); if (list_empty(progs)) @@ -735,12 +736,11 @@ static int __cgroup_bpf_detach(struct cgroup *cgrp, struct bpf_prog *prog, if (old_prog) bpf_prog_put(old_prog); static_branch_dec(&cgroup_bpf_enabled_key[atype]); - return 0; -cleanup: - /* restore back prog or link */ - pl->prog = old_prog; - pl->link = link; + /* In case of error call update_effective_progs again */ + if (err) + err = update_effective_progs(cgrp, atype); + return err; } @@ -881,6 +881,7 @@ static void bpf_cgroup_link_release(struct bpf_link *link) struct bpf_cgroup_link *cg_link = container_of(link, struct bpf_cgroup_link, link); struct cgroup *cg; + int err; /* link might have been auto-detached by dying cgroup already, * in that case our work is done here @@ -896,8 +897,10 @@ static void bpf_cgroup_link_release(struct bpf_link *link) return; } - WARN_ON(__cgroup_bpf_detach(cg_link->cgroup, NULL, cg_link, - cg_link->type)); + err = __cgroup_bpf_detach(cg_link->cgroup, NULL, cg_link, + cg_link->type); + if (err) + pr_warn("cgroup_bpf_detach() failed, err %d\n", err); cg = cg_link->cgroup; cg_link->cgroup = NULL; -- 2.35.1

3 years

2
21
0 0

リクエスト

by Mr/ Mrs

あなたのEメールアドレスATMカード速達$6,500を案内する勝利の手紙を受け取りましたか？

3 years

1
0
0 0

[PATCH 4.19 0/1] block-map: backport fix for CVE-2022-0494

by Dragos-Marian Panait

The following commit is needed to fix CVE-2022-0494: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… Haimin Zhang (1): block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern block/bio.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) base-commit: 06d93c33da2cc9c3ca79f5ba757e08306455d9d6 -- 2.36.1

3 years

1
1
0 0

[PATCH 0/2] can: kvaser_usb: CAN clock frequency regression

by Jimmy Assarsson

When fixing the CAN clock frequency, fb12797ab1fe ("can: kvaser_usb: get CAN clock frequency from device"), I introduced a regression. For Leaf devices based on M32C, the firmware expects bittiming parameters calculated for 16MHz clock. Regardless of the actual clock frequency. This regression affects M32C based Leaf devices with non-16MHz clock. Also correct the bittiming constants in kvaser_usb_leaf.c, where the limits are different depending on which firmware/device being used. Once merged to mainline, I'll backport these fixes for the stable kernels. Jimmy Assarsson (2): can: kvaser_usb: kvaser_usb_leaf: Fix CAN clock frequency regression can: kvaser_usb: kvaser_usb_leaf: Fix bittiming limits drivers/net/can/usb/kvaser_usb/kvaser_usb.h | 17 ++++ .../net/can/usb/kvaser_usb/kvaser_usb_core.c | 20 +++- .../net/can/usb/kvaser_usb/kvaser_usb_hydra.c | 14 +-- .../net/can/usb/kvaser_usb/kvaser_usb_leaf.c | 95 +++++++++++-------- 4 files changed, 89 insertions(+), 57 deletions(-) -- 2.36.1

3 years

2
6
0 0

[PATCH v2] xen/gntdev: Avoid blocking in unmap_grant_pages()

by Demi Marie Obenour

unmap_grant_pages() currently waits for the pages to no longer be used. In https://github.com/QubesOS/qubes-issues/issues/7481, this lead to a deadlock against i915: i915 was waiting for gntdev's MMU notifier to finish, while gntdev was waiting for i915 to free its pages. I also believe this is responsible for various deadlocks I have experienced in the past. Avoid these problems by making unmap_grant_pages async. This requires making it return void, as any errors will not be available when the function returns. Fortunately, the only use of the return value is a WARN_ON(), which can be replaced by a WARN_ON when the error is detected. Additionally, a failed call will not prevent further calls from being made, but this is harmless. Because unmap_grant_pages is now async, the grant handle will be sent to INVALID_GRANT_HANDLE too late to prevent multiple unmaps of the same handle. Instead, a separate bool array is allocated for this purpose. This wastes memory, but stuffing this information in padding bytes is too fragile. Furthermore, it is necessary to grab a reference to the map before making the asynchronous call, and release the reference when the call returns. Fixes: 745282256c75 ("xen/gntdev: safely unmap grants in case they are still in use") Cc: stable(a)vger.kernel.org Signed-off-by: Demi Marie Obenour <demi(a)invisiblethingslab.com> --- drivers/xen/gntdev-common.h | 5 ++ drivers/xen/gntdev.c | 100 +++++++++++++++++++----------------- 2 files changed, 59 insertions(+), 46 deletions(-) diff --git a/drivers/xen/gntdev-common.h b/drivers/xen/gntdev-common.h index 20d7d059dadb..a268cdb1f7bf 100644 --- a/drivers/xen/gntdev-common.h +++ b/drivers/xen/gntdev-common.h @@ -16,6 +16,7 @@ #include <linux/mmu_notifier.h> #include <linux/types.h> #include <xen/interface/event_channel.h> +#include <xen/grant_table.h> struct gntdev_dmabuf_priv; @@ -56,6 +57,7 @@ struct gntdev_grant_map { struct gnttab_unmap_grant_ref *unmap_ops; struct gnttab_map_grant_ref *kmap_ops; struct gnttab_unmap_grant_ref *kunmap_ops; + bool *being_removed; struct page **pages; unsigned long pages_vm_start; @@ -73,6 +75,9 @@ struct gntdev_grant_map { /* Needed to avoid allocation in gnttab_dma_free_pages(). */ xen_pfn_t *frames; #endif + + /* Needed to avoid allocation in __unmap_grant_pages */ + struct gntab_unmap_queue_data unmap_data; }; struct gntdev_grant_map *gntdev_alloc_map(struct gntdev_priv *priv, int count, diff --git a/drivers/xen/gntdev.c b/drivers/xen/gntdev.c index 59ffea800079..90bd2b5ef7dd 100644 --- a/drivers/xen/gntdev.c +++ b/drivers/xen/gntdev.c @@ -35,6 +35,7 @@ #include <linux/slab.h> #include <linux/highmem.h> #include <linux/refcount.h> +#include <linux/workqueue.h> #include <xen/xen.h> #include <xen/grant_table.h> @@ -62,8 +63,8 @@ MODULE_PARM_DESC(limit, static int use_ptemod; -static int unmap_grant_pages(struct gntdev_grant_map *map, - int offset, int pages); +static void unmap_grant_pages(struct gntdev_grant_map *map, + int offset, int pages); static struct miscdevice gntdev_miscdev; @@ -120,6 +121,7 @@ static void gntdev_free_map(struct gntdev_grant_map *map) kvfree(map->unmap_ops); kvfree(map->kmap_ops); kvfree(map->kunmap_ops); + kvfree(map->being_removed); kfree(map); } @@ -140,10 +142,13 @@ struct gntdev_grant_map *gntdev_alloc_map(struct gntdev_priv *priv, int count, add->unmap_ops = kvmalloc_array(count, sizeof(add->unmap_ops[0]), GFP_KERNEL); add->pages = kvcalloc(count, sizeof(add->pages[0]), GFP_KERNEL); + add->being_removed = + kvcalloc(count, sizeof(add->being_removed[0]), GFP_KERNEL); if (NULL == add->grants || NULL == add->map_ops || NULL == add->unmap_ops || - NULL == add->pages) + NULL == add->pages || + NULL == add->being_removed) goto err; if (use_ptemod) { add->kmap_ops = kvmalloc_array(count, sizeof(add->kmap_ops[0]), @@ -349,79 +354,84 @@ int gntdev_map_grant_pages(struct gntdev_grant_map *map) return err; } -static int __unmap_grant_pages(struct gntdev_grant_map *map, int offset, - int pages) +static void __unmap_grant_pages_done(int result, + struct gntab_unmap_queue_data *data) { - int i, err = 0; - struct gntab_unmap_queue_data unmap_data; - - if (map->notify.flags & UNMAP_NOTIFY_CLEAR_BYTE) { - int pgno = (map->notify.addr >> PAGE_SHIFT); - if (pgno >= offset && pgno < offset + pages) { - /* No need for kmap, pages are in lowmem */ - uint8_t *tmp = pfn_to_kaddr(page_to_pfn(map->pages[pgno])); - tmp[map->notify.addr & (PAGE_SIZE-1)] = 0; - map->notify.flags &= ~UNMAP_NOTIFY_CLEAR_BYTE; - } - } - - unmap_data.unmap_ops = map->unmap_ops + offset; - unmap_data.kunmap_ops = use_ptemod ? map->kunmap_ops + offset : NULL; - unmap_data.pages = map->pages + offset; - unmap_data.count = pages; - - err = gnttab_unmap_refs_sync(&unmap_data); - if (err) - return err; + unsigned int i; + struct gntdev_grant_map *map = data->data; + unsigned int offset = data->unmap_ops - map->unmap_ops; - for (i = 0; i < pages; i++) { - if (map->unmap_ops[offset+i].status) - err = -EINVAL; + for (i = 0; i < data->count; i++) { + WARN_ON(map->unmap_ops[offset+i].status); pr_debug("unmap handle=%d st=%d\n", map->unmap_ops[offset+i].handle, map->unmap_ops[offset+i].status); map->unmap_ops[offset+i].handle = INVALID_GRANT_HANDLE; if (use_ptemod) { - if (map->kunmap_ops[offset+i].status) - err = -EINVAL; + WARN_ON(map->kunmap_ops[offset+i].status); pr_debug("kunmap handle=%u st=%d\n", map->kunmap_ops[offset+i].handle, map->kunmap_ops[offset+i].status); map->kunmap_ops[offset+i].handle = INVALID_GRANT_HANDLE; } } - return err; + + /* Release reference taken by __unmap_grant_pages */ + gntdev_put_map(NULL, map); } -static int unmap_grant_pages(struct gntdev_grant_map *map, int offset, - int pages) +static void __unmap_grant_pages(struct gntdev_grant_map *map, int offset, + int pages) +{ + if (map->notify.flags & UNMAP_NOTIFY_CLEAR_BYTE) { + int pgno = (map->notify.addr >> PAGE_SHIFT); + + if (pgno >= offset && pgno < offset + pages) { + /* No need for kmap, pages are in lowmem */ + uint8_t *tmp = pfn_to_kaddr(page_to_pfn(map->pages[pgno])); + + tmp[map->notify.addr & (PAGE_SIZE-1)] = 0; + map->notify.flags &= ~UNMAP_NOTIFY_CLEAR_BYTE; + } + } + + map->unmap_data.unmap_ops = map->unmap_ops + offset; + map->unmap_data.kunmap_ops = use_ptemod ? map->kunmap_ops + offset : NULL; + map->unmap_data.pages = map->pages + offset; + map->unmap_data.count = pages; + map->unmap_data.done = __unmap_grant_pages_done; + map->unmap_data.data = map; + refcount_inc(&map->users); /* to keep map alive during async call below */ + + gnttab_unmap_refs_async(&map->unmap_data); +} + +static void unmap_grant_pages(struct gntdev_grant_map *map, int offset, + int pages) { - int range, err = 0; + int range; pr_debug("unmap %d+%d [%d+%d]\n", map->index, map->count, offset, pages); /* It is possible the requested range will have a "hole" where we * already unmapped some of the grants. Only unmap valid ranges. */ - while (pages && !err) { - while (pages && - map->unmap_ops[offset].handle == INVALID_GRANT_HANDLE) { + while (pages) { + while (pages && map->being_removed[offset]) { offset++; pages--; } range = 0; while (range < pages) { - if (map->unmap_ops[offset + range].handle == - INVALID_GRANT_HANDLE) + if (map->being_removed[offset + range]) break; + map->being_removed[offset + range] = true; range++; } - err = __unmap_grant_pages(map, offset, range); + __unmap_grant_pages(map, offset, range); offset += range; pages -= range; } - - return err; } /* ------------------------------------------------------------------ */ @@ -473,7 +483,6 @@ static bool gntdev_invalidate(struct mmu_interval_notifier *mn, struct gntdev_grant_map *map = container_of(mn, struct gntdev_grant_map, notifier); unsigned long mstart, mend; - int err; if (!mmu_notifier_range_blockable(range)) return false; @@ -494,10 +503,9 @@ static bool gntdev_invalidate(struct mmu_interval_notifier *mn, map->index, map->count, map->vma->vm_start, map->vma->vm_end, range->start, range->end, mstart, mend); - err = unmap_grant_pages(map, + unmap_grant_pages(map, (mstart - map->vma->vm_start) >> PAGE_SHIFT, (mend - mstart) >> PAGE_SHIFT); - WARN_ON(err); return true; } -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab

3 years

2
3
0 0

[PATCH v3] HID: uclogic: properly format kernel-doc comment for hid_dbg() wrappers

by Bagas Sanjaya

Running kernel-doc script on drivers/hid/hid-uclogic-params.c, it found 6 warnings for hid_dbg() wrapper functions below: drivers/hid/hid-uclogic-params.c:48: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst * Dump tablet interface pen parameters with hid_dbg(), indented with one tab. drivers/hid/hid-uclogic-params.c:48: warning: missing initial short description on line: * Dump tablet interface pen parameters with hid_dbg(), indented with one tab. drivers/hid/hid-uclogic-params.c:48: info: Scanning doc for function Dump drivers/hid/hid-uclogic-params.c:80: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst * Dump tablet interface frame parameters with hid_dbg(), indented with two drivers/hid/hid-uclogic-params.c:80: warning: missing initial short description on line: * Dump tablet interface frame parameters with hid_dbg(), indented with two drivers/hid/hid-uclogic-params.c:80: info: Scanning doc for function Dump drivers/hid/hid-uclogic-params.c:105: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst * Dump tablet interface parameters with hid_dbg(). drivers/hid/hid-uclogic-params.c:105: warning: missing initial short description on line: * Dump tablet interface parameters with hid_dbg(). One of them is reported by kernel test robot. Fix these warnings by properly format kernel-doc comment for these functions. Link: https://lore.kernel.org/linux-doc/202205272033.XFYlYj8k-lkp@intel.com/ Fixes: a228809fa6f39c ("HID: uclogic: Move param printing to a function") Reported-by: kernel test robot <lkp(a)intel.com> Tested-by: Randy Dunlap <rdunlap(a)infradead.org> Tested-by: José Expósito <jose.exposito89(a)gmail.com> Acked-by: Randy Dunlap <rdunlap(a)infradead.org> Cc: Nikolai Kondrashov <spbnick(a)gmail.com> Cc: Jiri Kosina <jikos(a)kernel.org> Cc: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> Cc: llvm(a)lists.linux.dev Cc: stable(a)vger.kernel.org # v5.18 Cc: linux-input(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Bagas Sanjaya <bagasdotme(a)gmail.com> --- Changes since v2 [1]: - Format NULL as kernel-doc constant (suggested by Randy Dunlap) - Collect review tags: - Tested-by and Acked-by from Randy Dunlap - Tested-by from José Expósito [1]: https://lore.kernel.org/linux-doc/20220531092817.13894-1-bagasdotme@gmail.c… drivers/hid/hid-uclogic-params.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/drivers/hid/hid-uclogic-params.c b/drivers/hid/hid-uclogic-params.c index db838f16282d64..e5e65d849faa97 100644 --- a/drivers/hid/hid-uclogic-params.c +++ b/drivers/hid/hid-uclogic-params.c @@ -23,11 +23,11 @@ /** * uclogic_params_pen_inrange_to_str() - Convert a pen in-range reporting type * to a string. - * * @inrange: The in-range reporting type to convert. * - * Returns: - * The string representing the type, or NULL if the type is unknown. + * Return: + * * The string representing the type, or + * * %NULL if the type is unknown. */ static const char *uclogic_params_pen_inrange_to_str( enum uclogic_params_pen_inrange inrange) @@ -45,10 +45,12 @@ static const char *uclogic_params_pen_inrange_to_str( } /** - * Dump tablet interface pen parameters with hid_dbg(), indented with one tab. - * + * uclogic_params_pen_hid_dbg() - Dump tablet interface pen parameters * @hdev: The HID device the pen parameters describe. * @pen: The pen parameters to dump. + * + * Dump tablet interface pen parameters with hid_dbg(). The dump is indented + * with a tab. */ static void uclogic_params_pen_hid_dbg(const struct hid_device *hdev, const struct uclogic_params_pen *pen) @@ -77,11 +79,12 @@ static void uclogic_params_pen_hid_dbg(const struct hid_device *hdev, } /** - * Dump tablet interface frame parameters with hid_dbg(), indented with two - * tabs. - * + * uclogic_params_frame_hid_dbg() - Dump tablet interface frame parameters * @hdev: The HID device the pen parameters describe. * @frame: The frame parameters to dump. + * + * Dump tablet interface frame parameters with hid_dbg(). The dump is + * indented with two tabs. */ static void uclogic_params_frame_hid_dbg( const struct hid_device *hdev, @@ -102,10 +105,11 @@ static void uclogic_params_frame_hid_dbg( } /** - * Dump tablet interface parameters with hid_dbg(). - * + * uclogic_params_hid_dbg() - Dump tablet interface parameters * @hdev: The HID device the parameters describe. * @params: The parameters to dump. + * + * Dump tablet interface parameters with hid_dbg(). */ void uclogic_params_hid_dbg(const struct hid_device *hdev, const struct uclogic_params *params) base-commit: d1dc87763f406d4e67caf16dbe438a5647692395 -- An old man doll... just what I always wanted! - Clara

3 years

2
2
0 0

Guten Tag

by Francis Crespo

Guten Tag, Ich möchte Sie persönlich kontaktieren; Ich weiß, Sie werden überrascht sein, meine E-Mail zu lesen. Bitte seien Sie nicht skeptisch, wenn Sie mir antworten. Mein Name ist Rechtsanwalt Francis Perez Crespo. Es tut mir leid, Ihren Tag zu unterbrechen, mit gebührendem Respekt, Vertrauen und Demut. Ich schreibe Ihnen diese E-Mail, von der ich glaube, dass sie für Sie von großem Interesse wäre, und um zu sehen, ob Ihre E-Mail funktioniert. Ich habe etwas absolut Wichtiges mit Ihnen zu besprechen. Für weitere Einzelheiten senden Sie mir bitte eine E-Mail mit folgenden Angaben. Vollständiger Name: Heimatadresse: Telefonnummer: Handynummer: Geburtsdatum: Beruf: Mit freundlichen Grüßen. Francis Pérez Crespo RECHTSANWALT

3 years

1
0
0 0

[PATCH v2] HID: uclogic: properly format kernel-doc comment for hid_dbg() wrappers

by Bagas Sanjaya

Running kernel-doc script on drivers/hid/hid-uclogic-params.c, it found 6 warnings for hid_dbg() wrapper functions below: drivers/hid/hid-uclogic-params.c:48: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst * Dump tablet interface pen parameters with hid_dbg(), indented with one tab. drivers/hid/hid-uclogic-params.c:48: warning: missing initial short description on line: * Dump tablet interface pen parameters with hid_dbg(), indented with one tab. drivers/hid/hid-uclogic-params.c:48: info: Scanning doc for function Dump drivers/hid/hid-uclogic-params.c:80: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst * Dump tablet interface frame parameters with hid_dbg(), indented with two drivers/hid/hid-uclogic-params.c:80: warning: missing initial short description on line: * Dump tablet interface frame parameters with hid_dbg(), indented with two drivers/hid/hid-uclogic-params.c:80: info: Scanning doc for function Dump drivers/hid/hid-uclogic-params.c:105: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst * Dump tablet interface parameters with hid_dbg(). drivers/hid/hid-uclogic-params.c:105: warning: missing initial short description on line: * Dump tablet interface parameters with hid_dbg(). One of them is reported by kernel test robot. Fix these warnings by properly format kernel-doc comment for these functions. Link: https://lore.kernel.org/linux-doc/202205272033.XFYlYj8k-lkp@intel.com/ Fixes: a228809fa6f39c ("HID: uclogic: Move param printing to a function") Reported-by: kernel test robot <lkp(a)intel.com> Cc: Nikolai Kondrashov <spbnick(a)gmail.com> Cc: Jiri Kosina <jikos(a)kernel.org> Cc: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> Cc: "José Expósito" <jose.exposito89(a)gmail.com> Cc: llvm(a)lists.linux.dev Cc: stable(a)vger.kernel.org # v5.18 Cc: linux-input(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Bagas Sanjaya <bagasdotme(a)gmail.com> --- Changes since v1 [1]: - Approach the warning by fixing kernel-doc comments formatting (suggested by Jonathan Corbet) [1]: https://lore.kernel.org/linux-doc/20220528091403.160169-1-bagasdotme@gmail.… drivers/hid/hid-uclogic-params.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/drivers/hid/hid-uclogic-params.c b/drivers/hid/hid-uclogic-params.c index db838f16282d64..647bbd3e000e2f 100644 --- a/drivers/hid/hid-uclogic-params.c +++ b/drivers/hid/hid-uclogic-params.c @@ -23,11 +23,11 @@ /** * uclogic_params_pen_inrange_to_str() - Convert a pen in-range reporting type * to a string. - * * @inrange: The in-range reporting type to convert. * - * Returns: - * The string representing the type, or NULL if the type is unknown. + * Return: + * * The string representing the type, or + * * NULL if the type is unknown. */ static const char *uclogic_params_pen_inrange_to_str( enum uclogic_params_pen_inrange inrange) @@ -45,10 +45,12 @@ static const char *uclogic_params_pen_inrange_to_str( } /** - * Dump tablet interface pen parameters with hid_dbg(), indented with one tab. - * + * uclogic_params_pen_hid_dbg() - Dump tablet interface pen parameters * @hdev: The HID device the pen parameters describe. * @pen: The pen parameters to dump. + * + * Dump tablet interface pen parameters with hid_dbg(). The dump is indented + * with a tab. */ static void uclogic_params_pen_hid_dbg(const struct hid_device *hdev, const struct uclogic_params_pen *pen) @@ -77,11 +79,12 @@ static void uclogic_params_pen_hid_dbg(const struct hid_device *hdev, } /** - * Dump tablet interface frame parameters with hid_dbg(), indented with two - * tabs. - * + * uclogic_params_frame_hid_dbg() - Dump tablet interface frame parameters * @hdev: The HID device the pen parameters describe. * @frame: The frame parameters to dump. + * + * Dump tablet interface frame parameters with hid_dbg(). The dump is + * indented with two tabs. */ static void uclogic_params_frame_hid_dbg( const struct hid_device *hdev, @@ -102,10 +105,11 @@ static void uclogic_params_frame_hid_dbg( } /** - * Dump tablet interface parameters with hid_dbg(). - * + * uclogic_params_hid_dbg() - Dump tablet interface parameters * @hdev: The HID device the parameters describe. * @params: The parameters to dump. + * + * Dump tablet interface parameters with hid_dbg(). */ void uclogic_params_hid_dbg(const struct hid_device *hdev, const struct uclogic_params *params) base-commit: 8ab2afa23bd197df47819a87f0265c0ac95c5b6a -- An old man doll... just what I always wanted! - Clara

3 years

3
5
0 0

[PATCH v2] block: fix bio_clone_blkg_association() to associate with proper blkcg_gq

by Jan Kara

Commit d92c370a16cb ("block: really clone the block cgroup in bio_clone_blkg_association") changed bio_clone_blkg_association() to just clone bio->bi_blkg reference from source to destination bio. This is however wrong if the source and destination bios are against different block devices because struct blkcg_gq is different for each bdev-blkcg pair. This will result in IOs being accounted (and throttled as a result) multiple times against the same device (src bdev) while throttling of the other device (dst bdev) is ignored. In case of BFQ the inconsistency can even result in crashes in bfq_bic_update_cgroup(). Fix the problem by looking up correct blkcg_gq for the cloned bio. Reported-by: Logan Gunthorpe <logang(a)deltatee.com> Reported-and-tested-by: Donald Buczek <buczek(a)molgen.mpg.de> Fixes: d92c370a16cb ("block: really clone the block cgroup in bio_clone_blkg_association") CC: stable(a)vger.kernel.org Reviewed-by: Christoph Hellwig <hch(a)lst.de> Signed-off-by: Jan Kara <jack(a)suse.cz> --- block/blk-cgroup.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) Changes since v1: * Added tags * Removed unnecessary RCU protection diff --git a/block/blk-cgroup.c b/block/blk-cgroup.c index 40161a3f68d0..764e740b0c0f 100644 --- a/block/blk-cgroup.c +++ b/block/blk-cgroup.c @@ -1974,12 +1974,8 @@ EXPORT_SYMBOL_GPL(bio_associate_blkg); */ void bio_clone_blkg_association(struct bio *dst, struct bio *src) { - if (src->bi_blkg) { - if (dst->bi_blkg) - blkg_put(dst->bi_blkg); - blkg_get(src->bi_blkg); - dst->bi_blkg = src->bi_blkg; - } + if (src->bi_blkg) + bio_associate_blkg_from_css(dst, bio_blkcg_css(src)); } EXPORT_SYMBOL_GPL(bio_clone_blkg_association); -- 2.35.3

3 years

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror June 2022