May 2024 - Linux-stable-mirror

Re: Patch "ovl: add helper ovl_file_modified()" has been added to the 6.6-stable tree

by Amir Goldstein

On Thu, May 30, 2024 at 10:05 PM Sasha Levin <sashal(a)kernel.org> wrote: > > This is a note to let you know that I've just added the patch titled > > ovl: add helper ovl_file_modified() > > to the 6.6-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > ovl-add-helper-ovl_file_modified.patch > and it can be found in the queue-6.6 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit f87db32c0cdadc7eea4a37560867da0bd0bb87e8 > Author: Amir Goldstein <amir73il(a)gmail.com> > Date: Wed Sep 27 13:43:44 2023 +0300 > > ovl: add helper ovl_file_modified() > > [ Upstream commit c002728f608183449673818076380124935e6b9b ] > > A simple wrapper for updating ovl inode size/mtime, to conform > with ovl_file_accessed(). > > Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> > Stable-dep-of: 7c98f7cb8fda ("remove call_{read,write}_iter() functions") > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > No objection to this patch, except for the fact that I think it is not in the best interest of the stable tree to backport 7c98f7cb8fda as is. I suggest that you consider backporting only the parts of 7c98f7cb8fda that open code call_{read,write}_iter() in call sites (some or all), if you need those as dependencies but actually leave the wrappers in the stable tree. If the bots selected 7c98f7cb8fda to stable because of the Fixes: tag, then I think that Fixes: tag was misleading the stable bots in this case. Thanks, Amir. > diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c > index 8be4dc050d1ed..9fd88579bfbfb 100644 > --- a/fs/overlayfs/file.c > +++ b/fs/overlayfs/file.c > @@ -235,6 +235,12 @@ static loff_t ovl_llseek(struct file *file, loff_t offset, int whence) > return ret; > } > > +static void ovl_file_modified(struct file *file) > +{ > + /* Update size/mtime */ > + ovl_copyattr(file_inode(file)); > +} > + > static void ovl_file_accessed(struct file *file) > { > struct inode *inode, *upperinode; > @@ -290,10 +296,8 @@ static void ovl_aio_cleanup_handler(struct ovl_aio_req *aio_req) > struct kiocb *orig_iocb = aio_req->orig_iocb; > > if (iocb->ki_flags & IOCB_WRITE) { > - struct inode *inode = file_inode(orig_iocb->ki_filp); > - > kiocb_end_write(iocb); > - ovl_copyattr(inode); > + ovl_file_modified(orig_iocb->ki_filp); > } > > orig_iocb->ki_pos = iocb->ki_pos; > @@ -403,7 +407,7 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter) > ovl_iocb_to_rwf(ifl)); > file_end_write(real.file); > /* Update size */ > - ovl_copyattr(inode); > + ovl_file_modified(file); > } else { > struct ovl_aio_req *aio_req; > > @@ -489,7 +493,7 @@ static ssize_t ovl_splice_write(struct pipe_inode_info *pipe, struct file *out, > > file_end_write(real.file); > /* Update size */ > - ovl_copyattr(inode); > + ovl_file_modified(out); > revert_creds(old_cred); > fdput(real); > > @@ -570,7 +574,7 @@ static long ovl_fallocate(struct file *file, int mode, loff_t offset, loff_t len > revert_creds(old_cred); > > /* Update size */ > - ovl_copyattr(inode); > + ovl_file_modified(file); > > fdput(real); > > @@ -654,7 +658,7 @@ static loff_t ovl_copyfile(struct file *file_in, loff_t pos_in, > revert_creds(old_cred); > > /* Update size */ > - ovl_copyattr(inode_out); > + ovl_file_modified(file_out); > > fdput(real_in); > fdput(real_out);

7 months, 2 weeks

1
0
0 0

Re: Patch "fs: move kiocb_start_write() into vfs_iocb_iter_write()" has been added to the 6.6-stable tree

by Amir Goldstein

On Thu, May 30, 2024 at 10:05 PM Sasha Levin <sashal(a)kernel.org> wrote: > > This is a note to let you know that I've just added the patch titled > > fs: move kiocb_start_write() into vfs_iocb_iter_write() > > to the 6.6-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > fs-move-kiocb_start_write-into-vfs_iocb_iter_write.patch > and it can be found in the queue-6.6 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit 17f38d69e7960a2b346db04750b0e4ba867c0b83 > Author: Amir Goldstein <amir73il(a)gmail.com> > Date: Wed Nov 22 14:27:12 2023 +0200 > > fs: move kiocb_start_write() into vfs_iocb_iter_write() > > [ Upstream commit 6ae654392bb516a0baa47fed1f085d84e8cad739 ] > > In vfs code, sb_start_write() is usually called after the permission hook > in rw_verify_area(). vfs_iocb_iter_write() is an exception to this rule, > where kiocb_start_write() is called by its callers. > > Move kiocb_start_write() from the callers into vfs_iocb_iter_write() > after the rw_verify_area() checks, to make them "start-write-safe". > > The semantics of vfs_iocb_iter_write() is changed, so that the caller is > responsible for calling kiocb_end_write() on completion only if async > iocb was queued. The completion handlers of both callers were adapted > to this semantic change. > This comment about semantics change looks like a clue from my past self that backporting this commit as standalone is risky. This commit was part of a pretty big shuffle in splice and ovl code. I'd feel much more comfortable with backporting the entire ovl series 14ab6d425e8067..5b02bfc1e7e3 and splice series v6.7..6ae654392bb51 than just 3 individual commits in the middle. Thanks, Amir. > This is needed for fanotify "pre content" events. > > Suggested-by: Jan Kara <jack(a)suse.cz> > Suggested-by: Josef Bacik <josef(a)toxicpanda.com> > Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> > Link: https://lore.kernel.org/r/20231122122715.2561213-14-amir73il@gmail.com > Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> > Reviewed-by: Jan Kara <jack(a)suse.cz> > Signed-off-by: Christian Brauner <brauner(a)kernel.org> > Stable-dep-of: 7c98f7cb8fda ("remove call_{read,write}_iter() functions") > Signed-off-by: Sasha Levin <sashal(a)kernel.org> > > diff --git a/fs/cachefiles/io.c b/fs/cachefiles/io.c > index 009d23cd435b5..5857241c59181 100644 > --- a/fs/cachefiles/io.c > +++ b/fs/cachefiles/io.c > @@ -259,7 +259,8 @@ static void cachefiles_write_complete(struct kiocb *iocb, long ret) > > _enter("%ld", ret); > > - kiocb_end_write(iocb); > + if (ki->was_async) > + kiocb_end_write(iocb); > > if (ret < 0) > trace_cachefiles_io_error(object, inode, ret, > @@ -319,8 +320,6 @@ int __cachefiles_write(struct cachefiles_object *object, > ki->iocb.ki_complete = cachefiles_write_complete; > atomic_long_add(ki->b_writing, &cache->b_writing); > > - kiocb_start_write(&ki->iocb); > - > get_file(ki->iocb.ki_filp); > cachefiles_grab_object(object, cachefiles_obj_get_ioreq); > > diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c > index 9fd88579bfbfb..a1c64c2b8e204 100644 > --- a/fs/overlayfs/file.c > +++ b/fs/overlayfs/file.c > @@ -295,10 +295,8 @@ static void ovl_aio_cleanup_handler(struct ovl_aio_req *aio_req) > struct kiocb *iocb = &aio_req->iocb; > struct kiocb *orig_iocb = aio_req->orig_iocb; > > - if (iocb->ki_flags & IOCB_WRITE) { > - kiocb_end_write(iocb); > + if (iocb->ki_flags & IOCB_WRITE) > ovl_file_modified(orig_iocb->ki_filp); > - } > > orig_iocb->ki_pos = iocb->ki_pos; > ovl_aio_put(aio_req); > @@ -310,6 +308,9 @@ static void ovl_aio_rw_complete(struct kiocb *iocb, long res) > struct ovl_aio_req, iocb); > struct kiocb *orig_iocb = aio_req->orig_iocb; > > + if (iocb->ki_flags & IOCB_WRITE) > + kiocb_end_write(iocb); > + > ovl_aio_cleanup_handler(aio_req); > orig_iocb->ki_complete(orig_iocb, res); > } > @@ -421,7 +422,6 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter) > aio_req->iocb.ki_flags = ifl; > aio_req->iocb.ki_complete = ovl_aio_rw_complete; > refcount_set(&aio_req->ref, 2); > - kiocb_start_write(&aio_req->iocb); > ret = vfs_iocb_iter_write(real.file, &aio_req->iocb, iter); > ovl_aio_put(aio_req); > if (ret != -EIOCBQUEUED) > diff --git a/fs/read_write.c b/fs/read_write.c > index 4771701c896ba..9a56949f3b8d1 100644 > --- a/fs/read_write.c > +++ b/fs/read_write.c > @@ -865,6 +865,10 @@ static ssize_t do_iter_write(struct file *file, struct iov_iter *iter, > return ret; > } > > +/* > + * Caller is responsible for calling kiocb_end_write() on completion > + * if async iocb was queued. > + */ > ssize_t vfs_iocb_iter_write(struct file *file, struct kiocb *iocb, > struct iov_iter *iter) > { > @@ -885,7 +889,10 @@ ssize_t vfs_iocb_iter_write(struct file *file, struct kiocb *iocb, > if (ret < 0) > return ret; > > + kiocb_start_write(iocb); > ret = call_write_iter(file, iocb, iter); > + if (ret != -EIOCBQUEUED) > + kiocb_end_write(iocb); > if (ret > 0) > fsnotify_modify(file); >

7 months, 2 weeks

1
0
0 0

Re: Patch "splice: remove permission hook from iter_file_splice_write()" has been added to the 6.6-stable tree

by Amir Goldstein

On Thu, May 30, 2024 at 10:05 PM Sasha Levin <sashal(a)kernel.org> wrote: > > This is a note to let you know that I've just added the patch titled > > splice: remove permission hook from iter_file_splice_write() > > to the 6.6-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > splice-remove-permission-hook-from-iter_file_splice_.patch > and it can be found in the queue-6.6 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > > commit 9519e9d1e625d4f01b3c8a1c32042e3f5da53b0b > Author: Amir Goldstein <amir73il(a)gmail.com> > Date: Thu Nov 23 18:51:44 2023 +0100 > > splice: remove permission hook from iter_file_splice_write() > > [ Upstream commit d53471ba6f7ae97a4e223539029528108b705af1 ] > > All the callers of ->splice_write(), (e.g. do_splice_direct() and > do_splice()) already check rw_verify_area() for the entire range > and perform all the other checks that are in vfs_write_iter(). > Alas, that is incorrect for 6.6.y, because it depends on prior commit ca7ab482401c ("ovl: add permission hooks outside of do_splice_direct()") And in any case, this commit is part of a pretty hairy shuffle in splice code. I'd feel much more comfortable with backporting the entire series 0db1d53937fa..6ae654392bb51 than just 3 individual commits in the middle of the series. I looked into it and ca7ab482401c does not apply cleanly to 6.6.y - it depends on the ovl changes 14ab6d425e8067..5b02bfc1e7e3. Not only for conflict, but also for correct locking order. That amounts to quite a few non trivial ovl and splice patches, so maybe you need to reconsider, but on the up side, all those ovl and splice patches are actually very subtle bug fixes, so I cannot say that they are not stable tree worthy. There is also a coda commit that depends on this for conflict: 581a4d003001 coda: convert to new timestamp accessors I did not check if it all compiles or works, only that it applies cleanly. > Instead of creating another tiny helper for special caller, just > open-code it. > > This is needed for fanotify "pre content" events. > > Suggested-by: Jan Kara <jack(a)suse.cz> > Reviewed-by: Josef Bacik <josef(a)toxicpanda.com> > Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> > Link: https://lore.kernel.org/r/20231122122715.2561213-6-amir73il@gmail.com > Signed-off-by: Christian Brauner <brauner(a)kernel.org> > Stable-dep-of: 7c98f7cb8fda ("remove call_{read,write}_iter() functions") Why would you want to backport this commit? It hinders backporting work - it does not assist it. Any new code that open codes call_{read,write}_iter() is not affected by the existence of the helpers in stable kernels and any old code that does use these helpers works as well. Thanks, Amir.

7 months, 2 weeks

1
0
0 0

[PATCH] arch/powerpc/kvm: Fix doorbell emulation by adding DPDES support

by Gautam Menghani

Doorbell emulation is broken for KVM on PowerVM guests as support for DPDES was not added in the initial patch series. Due to this, a KVM on PowerVM guest cannot be booted with the XICS interrupt controller as doorbells are to be setup in the initial probe path when using XICS (pSeries_smp_probe()). Add DPDES support in the host KVM code to fix doorbell emulation. Fixes: 6ccbbc33f06a ("KVM: PPC: Add helper library for Guest State Buffers") Signed-off-by: Gautam Menghani <gautam(a)linux.ibm.com> --- Documentation/arch/powerpc/kvm-nested.rst | 4 +++- arch/powerpc/include/asm/guest-state-buffer.h | 3 ++- arch/powerpc/include/asm/kvm_book3s.h | 1 + arch/powerpc/kvm/book3s_hv.c | 14 +++++++++++++- arch/powerpc/kvm/book3s_hv_nestedv2.c | 7 +++++++ arch/powerpc/kvm/test-guest-state-buffer.c | 2 +- 6 files changed, 27 insertions(+), 4 deletions(-) diff --git a/Documentation/arch/powerpc/kvm-nested.rst b/Documentation/arch/powerpc/kvm-nested.rst index 630602a8aa00..5defd13cc6c1 100644 --- a/Documentation/arch/powerpc/kvm-nested.rst +++ b/Documentation/arch/powerpc/kvm-nested.rst @@ -546,7 +546,9 @@ table information. +--------+-------+----+--------+----------------------------------+ | 0x1052 | 0x08 | RW | T | CTRL | +--------+-------+----+--------+----------------------------------+ -| 0x1053-| | | | Reserved | +| 0x1053 | 0x08 | RW | T | DPDES | ++--------+-------+----+--------+----------------------------------+ +| 0x1054-| | | | Reserved | | 0x1FFF | | | | | +--------+-------+----+--------+----------------------------------+ | 0x2000 | 0x04 | RW | T | CR | diff --git a/arch/powerpc/include/asm/guest-state-buffer.h b/arch/powerpc/include/asm/guest-state-buffer.h index 808149f31576..d107abe1468f 100644 --- a/arch/powerpc/include/asm/guest-state-buffer.h +++ b/arch/powerpc/include/asm/guest-state-buffer.h @@ -81,6 +81,7 @@ #define KVMPPC_GSID_HASHKEYR 0x1050 #define KVMPPC_GSID_HASHPKEYR 0x1051 #define KVMPPC_GSID_CTRL 0x1052 +#define KVMPPC_GSID_DPDES 0x1053 #define KVMPPC_GSID_CR 0x2000 #define KVMPPC_GSID_PIDR 0x2001 @@ -110,7 +111,7 @@ #define KVMPPC_GSE_META_COUNT (KVMPPC_GSE_META_END - KVMPPC_GSE_META_START + 1) #define KVMPPC_GSE_DW_REGS_START KVMPPC_GSID_GPR(0) -#define KVMPPC_GSE_DW_REGS_END KVMPPC_GSID_CTRL +#define KVMPPC_GSE_DW_REGS_END KVMPPC_GSID_DPDES #define KVMPPC_GSE_DW_REGS_COUNT \ (KVMPPC_GSE_DW_REGS_END - KVMPPC_GSE_DW_REGS_START + 1) diff --git a/arch/powerpc/include/asm/kvm_book3s.h b/arch/powerpc/include/asm/kvm_book3s.h index 3e1e2a698c9e..10618622d7ef 100644 --- a/arch/powerpc/include/asm/kvm_book3s.h +++ b/arch/powerpc/include/asm/kvm_book3s.h @@ -594,6 +594,7 @@ static inline u##size kvmppc_get_##reg(struct kvm_vcpu *vcpu) \ KVMPPC_BOOK3S_VCORE_ACCESSOR(vtb, 64, KVMPPC_GSID_VTB) +KVMPPC_BOOK3S_VCORE_ACCESSOR(dpdes, 64, KVMPPC_GSID_DPDES) KVMPPC_BOOK3S_VCORE_ACCESSOR_GET(arch_compat, 32, KVMPPC_GSID_LOGICAL_PVR) KVMPPC_BOOK3S_VCORE_ACCESSOR_GET(lpcr, 64, KVMPPC_GSID_LPCR) KVMPPC_BOOK3S_VCORE_ACCESSOR_SET(tb_offset, 64, KVMPPC_GSID_TB_OFFSET) diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index 35cb014a0c51..cf285e5153ba 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -4116,6 +4116,11 @@ static int kvmhv_vcpu_entry_nestedv2(struct kvm_vcpu *vcpu, u64 time_limit, int trap; long rc; + if (vcpu->arch.doorbell_request) { + vcpu->arch.doorbell_request = 0; + kvmppc_set_dpdes(vcpu, 1); + } + io = &vcpu->arch.nestedv2_io; msr = mfmsr(); @@ -4278,9 +4283,16 @@ static int kvmhv_p9_guest_entry(struct kvm_vcpu *vcpu, u64 time_limit, if (kvmhv_on_pseries()) { if (kvmhv_is_nestedv1()) trap = kvmhv_vcpu_entry_p9_nested(vcpu, time_limit, lpcr, tb); - else + else { trap = kvmhv_vcpu_entry_nestedv2(vcpu, time_limit, lpcr, tb); + /* Remember doorbell if it is pending */ + if (kvmppc_get_dpdes(vcpu)) { + vcpu->arch.doorbell_request = 1; + kvmppc_set_dpdes(vcpu, 0); + } + } + /* H_CEDE has to be handled now, not later */ if (trap == BOOK3S_INTERRUPT_SYSCALL && !nested && kvmppc_get_gpr(vcpu, 3) == H_CEDE) { diff --git a/arch/powerpc/kvm/book3s_hv_nestedv2.c b/arch/powerpc/kvm/book3s_hv_nestedv2.c index 8e6f5355f08b..36863fff2a99 100644 --- a/arch/powerpc/kvm/book3s_hv_nestedv2.c +++ b/arch/powerpc/kvm/book3s_hv_nestedv2.c @@ -311,6 +311,10 @@ static int gs_msg_ops_vcpu_fill_info(struct kvmppc_gs_buff *gsb, rc = kvmppc_gse_put_u64(gsb, iden, vcpu->arch.vcore->vtb); break; + case KVMPPC_GSID_DPDES: + rc = kvmppc_gse_put_u64(gsb, iden, + vcpu->arch.vcore->dpdes); + break; case KVMPPC_GSID_LPCR: rc = kvmppc_gse_put_u64(gsb, iden, vcpu->arch.vcore->lpcr); @@ -543,6 +547,9 @@ static int gs_msg_ops_vcpu_refresh_info(struct kvmppc_gs_msg *gsm, case KVMPPC_GSID_VTB: vcpu->arch.vcore->vtb = kvmppc_gse_get_u64(gse); break; + case KVMPPC_GSID_DPDES: + vcpu->arch.vcore->dpdes = kvmppc_gse_get_u64(gse); + break; case KVMPPC_GSID_LPCR: vcpu->arch.vcore->lpcr = kvmppc_gse_get_u64(gse); break; diff --git a/arch/powerpc/kvm/test-guest-state-buffer.c b/arch/powerpc/kvm/test-guest-state-buffer.c index 4720b8dc8837..91ae660cfe21 100644 --- a/arch/powerpc/kvm/test-guest-state-buffer.c +++ b/arch/powerpc/kvm/test-guest-state-buffer.c @@ -151,7 +151,7 @@ static void test_gs_bitmap(struct kunit *test) i++; } - for (u16 iden = KVMPPC_GSID_GPR(0); iden <= KVMPPC_GSID_CTRL; iden++) { + for (u16 iden = KVMPPC_GSID_GPR(0); iden <= KVMPPC_GSID_DPDES; iden++) { kvmppc_gsbm_set(&gsbm, iden); kvmppc_gsbm_set(&gsbm1, iden); KUNIT_EXPECT_TRUE(test, kvmppc_gsbm_test(&gsbm, iden)); -- 2.45.0

7 months, 2 weeks

5
7
0 0

Fwd: Kernel 6.8.12

by phil995511 -

Hello, Kernel 6.8 which is the default kernel of Ubundu 24.04 and other distributions derived from it is at the end of its life for you !?! As it provides better support for the Raspberry Pi 5 graphics card, I hoped to be able to benefit from it under Raspberry Pi OS which still uses the latest LTS kernel available. But if you don't make kernel 6.8 an LTS kernel, for Ubuntu and its derivatives, I will never be able to benefit from it on my RPi5 ;-( In addition, I am afraid that OS derived from Ubuntu 24.04 LTS will end up in difficulties due to this situation. Best regards.

7 months, 2 weeks

2
1
0 0

[PATCH] riscv: fix overlap of allocated page and PTR_ERR

by Nam Cao

On riscv32, it is possible for the last page in virtual address space (0xfffff000) to be allocated. This page overlaps with PTR_ERR, so that shouldn't happen. There is already some code to ensure memblock won't allocate the last page. However, buddy allocator is left unchecked. Fix this by reserving physical memory that would be mapped at virtual addresses greater than 0xfffff000. Reported-by: Björn Töpel <bjorn(a)kernel.org> Closes: https://lore.kernel.org/linux-riscv/878r1ibpdn.fsf@all.your.base.are.belong… Fixes: 76d2a0493a17 ("RISC-V: Init and Halt Code") Signed-off-by: Nam Cao <namcao(a)linutronix.de> Cc: <stable(a)vger.kernel.org> --- arch/riscv/mm/init.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c index 968761843203..7c985435b3fc 100644 --- a/arch/riscv/mm/init.c +++ b/arch/riscv/mm/init.c @@ -235,18 +235,19 @@ static void __init setup_bootmem(void) kernel_map.va_pa_offset = PAGE_OFFSET - phys_ram_base; /* - * memblock allocator is not aware of the fact that last 4K bytes of - * the addressable memory can not be mapped because of IS_ERR_VALUE - * macro. Make sure that last 4k bytes are not usable by memblock - * if end of dram is equal to maximum addressable memory. For 64-bit - * kernel, this problem can't happen here as the end of the virtual - * address space is occupied by the kernel mapping then this check must - * be done as soon as the kernel mapping base address is determined. + * Reserve physical address space that would be mapped to virtual + * addresses greater than (void *)(-PAGE_SIZE) because: + * - This memory would overlap with ERR_PTR + * - This memory belongs to high memory, which is not supported + * + * This is not applicable to 64-bit kernel, because virtual addresses + * after (void *)(-PAGE_SIZE) are not linearly mapped: they are + * occupied by kernel mapping. Also it is unrealistic for high memory + * to exist on 64-bit platforms. */ if (!IS_ENABLED(CONFIG_64BIT)) { - max_mapped_addr = __pa(~(ulong)0); - if (max_mapped_addr == (phys_ram_end - 1)) - memblock_set_current_limit(max_mapped_addr - 4096); + max_mapped_addr = __va_to_pa_nodebug(-PAGE_SIZE); + memblock_reserve(max_mapped_addr, (phys_addr_t)-max_mapped_addr); } min_low_pfn = PFN_UP(phys_ram_base); -- 2.39.2

7 months, 2 weeks

4
3
0 0

[PATCH v3 7/8] drm/amdgpu: fix locking scope when flushing tlb

by Yunxiang Li

Which method is used to flush tlb does not depend on whether a reset is in progress or not. We should skip flush altogether if the GPU will get reset. So put both path under reset_domain read lock. Signed-off-by: Yunxiang Li <Yunxiang.Li(a)amd.com> Reviewed-by: Christian König <christian.koenig(a)amd.com> CC: stable(a)vger.kernel.org --- drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c | 66 +++++++++++++------------ 1 file changed, 34 insertions(+), 32 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c index 603c0738fd03..4edd10b10a92 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_gmc.c @@ -684,12 +684,17 @@ int amdgpu_gmc_flush_gpu_tlb_pasid(struct amdgpu_device *adev, uint16_t pasid, struct amdgpu_ring *ring = &adev->gfx.kiq[inst].ring; struct amdgpu_kiq *kiq = &adev->gfx.kiq[inst]; unsigned int ndw; - signed long r; + int r; uint32_t seq; - if (!adev->gmc.flush_pasid_uses_kiq || !ring->sched.ready || - !down_read_trylock(&adev->reset_domain->sem)) { + /* + * A GPU reset should flush all TLBs anyway, so no need to do + * this while one is ongoing. + */ + if (!down_read_trylock(&adev->reset_domain->sem)) + return 0; + if (!adev->gmc.flush_pasid_uses_kiq || !ring->sched.ready) { if (adev->gmc.flush_tlb_needs_extra_type_2) adev->gmc.gmc_funcs->flush_gpu_tlb_pasid(adev, pasid, 2, all_hub, @@ -703,43 +708,40 @@ int amdgpu_gmc_flush_gpu_tlb_pasid(struct amdgpu_device *adev, uint16_t pasid, adev->gmc.gmc_funcs->flush_gpu_tlb_pasid(adev, pasid, flush_type, all_hub, inst); - return 0; - } + r = 0; + } else { + /* 2 dwords flush + 8 dwords fence */ + ndw = kiq->pmf->invalidate_tlbs_size + 8; - /* 2 dwords flush + 8 dwords fence */ - ndw = kiq->pmf->invalidate_tlbs_size + 8; + if (adev->gmc.flush_tlb_needs_extra_type_2) + ndw += kiq->pmf->invalidate_tlbs_size; - if (adev->gmc.flush_tlb_needs_extra_type_2) - ndw += kiq->pmf->invalidate_tlbs_size; + if (adev->gmc.flush_tlb_needs_extra_type_0) + ndw += kiq->pmf->invalidate_tlbs_size; - if (adev->gmc.flush_tlb_needs_extra_type_0) - ndw += kiq->pmf->invalidate_tlbs_size; + spin_lock(&adev->gfx.kiq[inst].ring_lock); + amdgpu_ring_alloc(ring, ndw); + if (adev->gmc.flush_tlb_needs_extra_type_2) + kiq->pmf->kiq_invalidate_tlbs(ring, pasid, 2, all_hub); - spin_lock(&adev->gfx.kiq[inst].ring_lock); - amdgpu_ring_alloc(ring, ndw); - if (adev->gmc.flush_tlb_needs_extra_type_2) - kiq->pmf->kiq_invalidate_tlbs(ring, pasid, 2, all_hub); + if (flush_type == 2 && adev->gmc.flush_tlb_needs_extra_type_0) + kiq->pmf->kiq_invalidate_tlbs(ring, pasid, 0, all_hub); - if (flush_type == 2 && adev->gmc.flush_tlb_needs_extra_type_0) - kiq->pmf->kiq_invalidate_tlbs(ring, pasid, 0, all_hub); + kiq->pmf->kiq_invalidate_tlbs(ring, pasid, flush_type, all_hub); + r = amdgpu_fence_emit_polling(ring, &seq, MAX_KIQ_REG_WAIT); + if (r) { + amdgpu_ring_undo(ring); + spin_unlock(&adev->gfx.kiq[inst].ring_lock); + goto error_unlock_reset; + } - kiq->pmf->kiq_invalidate_tlbs(ring, pasid, flush_type, all_hub); - r = amdgpu_fence_emit_polling(ring, &seq, MAX_KIQ_REG_WAIT); - if (r) { - amdgpu_ring_undo(ring); + amdgpu_ring_commit(ring); spin_unlock(&adev->gfx.kiq[inst].ring_lock); - goto error_unlock_reset; - } - - amdgpu_ring_commit(ring); - spin_unlock(&adev->gfx.kiq[inst].ring_lock); - r = amdgpu_fence_wait_polling(ring, seq, usec_timeout); - if (r < 1) { - dev_err(adev->dev, "wait for kiq fence error: %ld.\n", r); - r = -ETIME; - goto error_unlock_reset; + if (amdgpu_fence_wait_polling(ring, seq, usec_timeout) < 1) { + dev_err(adev->dev, "timeout waiting for kiq fence\n"); + r = -ETIME; + } } - r = 0; error_unlock_reset: up_read(&adev->reset_domain->sem); -- 2.34.1

7 months, 2 weeks

1
0
0 0

[PATCH] riscv: enable HAVE_ARCH_HUGE_VMAP for XIP kernel

by Nam Cao

HAVE_ARCH_HUGE_VMAP also works on XIP kernel, so remove its dependency on !XIP_KERNEL. This also fixes a boot problem for XIP kernel introduced by the commit in "Fixes:". This commit used huge page mapping for vmemmap, but huge page vmap was not enabled for XIP kernel. Fixes: ff172d4818ad ("riscv: Use hugepage mappings for vmemmap") Signed-off-by: Nam Cao <namcao(a)linutronix.de> Cc: <stable(a)vger.kernel.org> --- This patch replaces: https://patchwork.kernel.org/project/linux-riscv/patch/20240508173116.28661… arch/riscv/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig index b94176e25be1..0525ee2d63c7 100644 --- a/arch/riscv/Kconfig +++ b/arch/riscv/Kconfig @@ -106,7 +106,7 @@ config RISCV select HAS_IOPORT if MMU select HAVE_ARCH_AUDITSYSCALL select HAVE_ARCH_HUGE_VMALLOC if HAVE_ARCH_HUGE_VMAP - select HAVE_ARCH_HUGE_VMAP if MMU && 64BIT && !XIP_KERNEL + select HAVE_ARCH_HUGE_VMAP if MMU && 64BIT select HAVE_ARCH_JUMP_LABEL if !XIP_KERNEL select HAVE_ARCH_JUMP_LABEL_RELATIVE if !XIP_KERNEL select HAVE_ARCH_KASAN if MMU && 64BIT -- 2.39.2

7 months, 2 weeks

3
2
0 0

[PATCH] drm/xe: Fix NULL ptr dereference in devcoredump

by Matthew Brost

Kernel VM do not have an Xe file. Include a check for Xe file in the VM before trying to get pid from VM's Xe file when taking a devcoredump. Fixes: b10d0c5e9df7 ("drm/xe: Add process name to devcoredump") Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: José Roberto de Souza <jose.souza(a)intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Matthew Brost <matthew.brost(a)intel.com> --- drivers/gpu/drm/xe/xe_devcoredump.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/xe/xe_devcoredump.c b/drivers/gpu/drm/xe/xe_devcoredump.c index 1643d44f8bc4..6f63b8e4e3b9 100644 --- a/drivers/gpu/drm/xe/xe_devcoredump.c +++ b/drivers/gpu/drm/xe/xe_devcoredump.c @@ -176,7 +176,7 @@ static void devcoredump_snapshot(struct xe_devcoredump *coredump, ss->snapshot_time = ktime_get_real(); ss->boot_time = ktime_get_boottime(); - if (q->vm) { + if (q->vm && q->vm->xef) { task = get_pid_task(q->vm->xef->drm->pid, PIDTYPE_PID); if (task) process_name = task->comm; -- 2.34.1

7 months, 2 weeks

2
1
0 0

+ ocfs2-fix-null-pointer-dereference-in-ocfs2_abort_trigger.patch added to mm-hotfixes-unstable branch

by Andrew Morton

The patch titled Subject: ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() has been added to the -mm mm-hotfixes-unstable branch. Its filename is ocfs2-fix-null-pointer-dereference-in-ocfs2_abort_trigger.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-hotfixes-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Joseph Qi <joseph.qi(a)linux.alibaba.com> Subject: ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() Date: Thu, 30 May 2024 19:06:30 +0800 bdev->bd_super has been removed and commit 8887b94d9322 change the usage from bdev->bd_super to b_assoc_map->host->i_sb. Since ocfs2 hasn't set bh->b_assoc_map, it will trigger NULL pointer dereference when calling into ocfs2_abort_trigger(). Actually this was pointed out in history, see commit 74e364ad1b13. But I've made a mistake when reviewing commit 8887b94d9322 and then reintroduce this regression. Since we cannot revive bdev in buffer head, we can get super block from ocfs2_caching_info first and then associate it with ocfs2_triggers to fix this issue. Link: https://lkml.kernel.org/r/20240530110630.3933832-2-joseph.qi@linux.alibaba.… Fixes: 8887b94d9322 ("ocfs2: stop using bdev->bd_super for journal error logging") Signed-off-by: Joseph Qi <joseph.qi(a)linux.alibaba.com> Cc: Mark Fasheh <mark(a)fasheh.com> Cc: Joel Becker <jlbec(a)evilplan.org> Cc: Junxiao Bi <junxiao.bi(a)oracle.com> Cc: Changwei Ge <gechangwei(a)live.cn> Cc: Gang He <ghe(a)suse.com> Cc: Jun Piao <piaojun(a)huawei.com> Cc: <stable(a)vger.kernel.org> [6.6+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/ocfs2/journal.c | 179 ++++++++++++++++++++++++++----------------- 1 file changed, 111 insertions(+), 68 deletions(-) --- a/fs/ocfs2/journal.c~ocfs2-fix-null-pointer-dereference-in-ocfs2_abort_trigger +++ a/fs/ocfs2/journal.c @@ -483,8 +483,24 @@ bail: struct ocfs2_triggers { struct jbd2_buffer_trigger_type ot_triggers; int ot_offset; + struct super_block *sb; }; +enum ocfs2_journal_trigger_type { + OCFS2_JTR_DI, + OCFS2_JTR_EB, + OCFS2_JTR_RB, + OCFS2_JTR_GD, + OCFS2_JTR_DB, + OCFS2_JTR_XB, + OCFS2_JTR_DQ, + OCFS2_JTR_DR, + OCFS2_JTR_DL, + OCFS2_JTR_NONE /* This must be the last entry */ +}; + +#define OCFS2_JOURNAL_TRIGGER_COUNT OCFS2_JTR_NONE + static inline struct ocfs2_triggers *to_ocfs2_trigger(struct jbd2_buffer_trigger_type *triggers) { return container_of(triggers, struct ocfs2_triggers, ot_triggers); @@ -548,85 +564,67 @@ static void ocfs2_db_frozen_trigger(stru static void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *triggers, struct buffer_head *bh) { + struct ocfs2_triggers *ot = to_ocfs2_trigger(triggers); + mlog(ML_ERROR, "ocfs2_abort_trigger called by JBD2. bh = 0x%lx, " "bh->b_blocknr = %llu\n", (unsigned long)bh, (unsigned long long)bh->b_blocknr); - ocfs2_error(bh->b_assoc_map->host->i_sb, + ocfs2_error(ot->sb, "JBD2 has aborted our journal, ocfs2 cannot continue\n"); } -static struct ocfs2_triggers di_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_dinode, i_check), -}; - -static struct ocfs2_triggers eb_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_extent_block, h_check), -}; - -static struct ocfs2_triggers rb_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_refcount_block, rf_check), -}; - -static struct ocfs2_triggers gd_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_group_desc, bg_check), -}; - -static struct ocfs2_triggers db_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_db_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, -}; - -static struct ocfs2_triggers xb_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_xattr_block, xb_check), -}; - -static struct ocfs2_triggers dq_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_dq_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, -}; +static void ocfs2_setup_csum_triggers(struct super_block *sb, + enum ocfs2_journal_trigger_type type, + struct ocfs2_triggers *ot) +{ + BUG_ON(type >= OCFS2_JOURNAL_TRIGGER_COUNT); -static struct ocfs2_triggers dr_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_dx_root_block, dr_check), -}; + switch (type) { + case OCFS2_JTR_DI: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_dinode, i_check); + break; + case OCFS2_JTR_EB: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_extent_block, h_check); + break; + case OCFS2_JTR_RB: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_refcount_block, rf_check); + break; + case OCFS2_JTR_GD: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_group_desc, bg_check); + break; + case OCFS2_JTR_DB: + ot->ot_triggers.t_frozen = ocfs2_db_frozen_trigger; + break; + case OCFS2_JTR_XB: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_xattr_block, xb_check); + break; + case OCFS2_JTR_DQ: + ot->ot_triggers.t_frozen = ocfs2_dq_frozen_trigger; + break; + case OCFS2_JTR_DR: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_dx_root_block, dr_check); + break; + case OCFS2_JTR_DL: + ot->ot_triggers.t_frozen = ocfs2_frozen_trigger; + ot->ot_offset = offsetof(struct ocfs2_dx_leaf, dl_check); + break; + case OCFS2_JTR_NONE: + /* To make compiler happy... */ + return; + } -static struct ocfs2_triggers dl_triggers = { - .ot_triggers = { - .t_frozen = ocfs2_frozen_trigger, - .t_abort = ocfs2_abort_trigger, - }, - .ot_offset = offsetof(struct ocfs2_dx_leaf, dl_check), -}; + ot->ot_triggers.t_abort = ocfs2_abort_trigger; + ot->sb = sb; +} static int __ocfs2_journal_access(handle_t *handle, struct ocfs2_caching_info *ci, @@ -708,18 +706,33 @@ static int __ocfs2_journal_access(handle int ocfs2_journal_access_di(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers di_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_DI, &di_triggers); + return __ocfs2_journal_access(handle, ci, bh, &di_triggers, type); } int ocfs2_journal_access_eb(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers eb_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_EB, &eb_triggers); + return __ocfs2_journal_access(handle, ci, bh, &eb_triggers, type); } int ocfs2_journal_access_rb(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers rb_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_RB, &rb_triggers); + return __ocfs2_journal_access(handle, ci, bh, &rb_triggers, type); } @@ -727,36 +740,66 @@ int ocfs2_journal_access_rb(handle_t *ha int ocfs2_journal_access_gd(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers gd_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_GD, &gd_triggers); + return __ocfs2_journal_access(handle, ci, bh, &gd_triggers, type); } int ocfs2_journal_access_db(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers db_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_DB, &db_triggers); + return __ocfs2_journal_access(handle, ci, bh, &db_triggers, type); } int ocfs2_journal_access_xb(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers xb_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_XB, &xb_triggers); + return __ocfs2_journal_access(handle, ci, bh, &xb_triggers, type); } int ocfs2_journal_access_dq(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers dq_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_DQ, &dq_triggers); + return __ocfs2_journal_access(handle, ci, bh, &dq_triggers, type); } int ocfs2_journal_access_dr(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers dr_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_DR, &dr_triggers); + return __ocfs2_journal_access(handle, ci, bh, &dr_triggers, type); } int ocfs2_journal_access_dl(handle_t *handle, struct ocfs2_caching_info *ci, struct buffer_head *bh, int type) { + struct ocfs2_triggers dl_triggers; + + ocfs2_setup_csum_triggers(ocfs2_metadata_cache_get_super(ci), + OCFS2_JTR_DL, &dl_triggers); + return __ocfs2_journal_access(handle, ci, bh, &dl_triggers, type); } _ Patches currently in -mm which might be from joseph.qi(a)linux.alibaba.com are ocfs2-fix-null-pointer-dereference-in-ocfs2_journal_dirty.patch ocfs2-fix-null-pointer-dereference-in-ocfs2_abort_trigger.patch

7 months, 2 weeks

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror May 2024