- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] Patch "can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: can-af_can-canfd_rcv-replace-warn_once-by-pr_warn_once.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From d4689846881d160a4d12a514e991a740bcb5d65a Mon Sep 17 00:00:00 2001 From: Marc Kleine-Budde <mkl(a)pengutronix.de> Date: Tue, 16 Jan 2018 19:30:14 +0100 Subject: can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once From: Marc Kleine-Budde <mkl(a)pengutronix.de> commit d4689846881d160a4d12a514e991a740bcb5d65a upstream. If an invalid CANFD frame is received, from a driver or from a tun interface, a Kernel warning is generated. This patch replaces the WARN_ONCE by a simple pr_warn_once, so that a kernel, bootet with panic_on_warn, does not panic. A printk seems to be more appropriate here. Reported-by: syzbot+e3b775f40babeff6e68b(a)syzkaller.appspotmail.com Suggested-by: Dmitry Vyukov <dvyukov(a)google.com> Acked-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Cc: linux-stable <stable(a)vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/can/af_can.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) --- a/net/can/af_can.c +++ b/net/can/af_can.c @@ -745,13 +745,12 @@ static int canfd_rcv(struct sk_buff *skb if (unlikely(!net_eq(dev_net(dev), &init_net))) goto drop; - if (WARN_ONCE(dev->type != ARPHRD_CAN || - skb->len != CANFD_MTU || - cfd->len > CANFD_MAX_DLEN, - "PF_CAN: dropped non conform CAN FD skbuf: " - "dev type %d, len %d, datalen %d\n", - dev->type, skb->len, cfd->len)) + if (unlikely(dev->type != ARPHRD_CAN || skb->len != CANFD_MTU || + cfd->len > CANFD_MAX_DLEN)) { + pr_warn_once("PF_CAN: dropped non conform CAN FD skbuf: dev type %d, len %d, datalen %d\n", + dev->type, skb->len, cfd->len); goto drop; + } can_receive(skb, dev); return NET_RX_SUCCESS; Patches currently in stable-queue which might be from mkl(a)pengutronix.de are queue-4.4/can-af_can-canfd_rcv-replace-warn_once-by-pr_warn_once.patch queue-4.4/can-af_can-can_rcv-replace-warn_once-by-pr_warn_once.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: can-af_can-can_rcv-replace-warn_once-by-pr_warn_once.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 8cb68751c115d176ec851ca56ecfbb411568c9e8 Mon Sep 17 00:00:00 2001 From: Marc Kleine-Budde <mkl(a)pengutronix.de> Date: Tue, 16 Jan 2018 19:30:14 +0100 Subject: can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once From: Marc Kleine-Budde <mkl(a)pengutronix.de> commit 8cb68751c115d176ec851ca56ecfbb411568c9e8 upstream. If an invalid CAN frame is received, from a driver or from a tun interface, a Kernel warning is generated. This patch replaces the WARN_ONCE by a simple pr_warn_once, so that a kernel, bootet with panic_on_warn, does not panic. A printk seems to be more appropriate here. Reported-by: syzbot+4386709c0c1284dca827(a)syzkaller.appspotmail.com Suggested-by: Dmitry Vyukov <dvyukov(a)google.com> Acked-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/can/af_can.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) --- a/net/can/af_can.c +++ b/net/can/af_can.c @@ -722,13 +722,12 @@ static int can_rcv(struct sk_buff *skb, if (unlikely(!net_eq(dev_net(dev), &init_net))) goto drop; - if (WARN_ONCE(dev->type != ARPHRD_CAN || - skb->len != CAN_MTU || - cfd->len > CAN_MAX_DLEN, - "PF_CAN: dropped non conform CAN skbuf: " - "dev type %d, len %d, datalen %d\n", - dev->type, skb->len, cfd->len)) + if (unlikely(dev->type != ARPHRD_CAN || skb->len != CAN_MTU || + cfd->len > CAN_MAX_DLEN)) { + pr_warn_once("PF_CAN: dropped non conform CAN skbuf: dev type %d, len %d, datalen %d\n", + dev->type, skb->len, cfd->len); goto drop; + } can_receive(skb, dev); return NET_RX_SUCCESS; Patches currently in stable-queue which might be from mkl(a)pengutronix.de are queue-4.4/can-af_can-canfd_rcv-replace-warn_once-by-pr_warn_once.patch queue-4.4/can-af_can-can_rcv-replace-warn_once-by-pr_warn_once.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: can-af_can-canfd_rcv-replace-warn_once-by-pr_warn_once.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From d4689846881d160a4d12a514e991a740bcb5d65a Mon Sep 17 00:00:00 2001 From: Marc Kleine-Budde <mkl(a)pengutronix.de> Date: Tue, 16 Jan 2018 19:30:14 +0100 Subject: can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once From: Marc Kleine-Budde <mkl(a)pengutronix.de> commit d4689846881d160a4d12a514e991a740bcb5d65a upstream. If an invalid CANFD frame is received, from a driver or from a tun interface, a Kernel warning is generated. This patch replaces the WARN_ONCE by a simple pr_warn_once, so that a kernel, bootet with panic_on_warn, does not panic. A printk seems to be more appropriate here. Reported-by: syzbot+e3b775f40babeff6e68b(a)syzkaller.appspotmail.com Suggested-by: Dmitry Vyukov <dvyukov(a)google.com> Acked-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Cc: linux-stable <stable(a)vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/can/af_can.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) --- a/net/can/af_can.c +++ b/net/can/af_can.c @@ -742,13 +742,12 @@ static int canfd_rcv(struct sk_buff *skb if (unlikely(!net_eq(dev_net(dev), &init_net))) goto drop; - if (WARN_ONCE(dev->type != ARPHRD_CAN || - skb->len != CANFD_MTU || - cfd->len > CANFD_MAX_DLEN, - "PF_CAN: dropped non conform CAN FD skbuf: " - "dev type %d, len %d, datalen %d\n", - dev->type, skb->len, cfd->len)) + if (unlikely(dev->type != ARPHRD_CAN || skb->len != CANFD_MTU || + cfd->len > CANFD_MAX_DLEN)) { + pr_warn_once("PF_CAN: dropped non conform CAN FD skbuf: dev type %d, len %d, datalen %d\n", + dev->type, skb->len, cfd->len); goto drop; + } can_receive(skb, dev); return NET_RX_SUCCESS; Patches currently in stable-queue which might be from mkl(a)pengutronix.de are queue-3.18/can-af_can-canfd_rcv-replace-warn_once-by-pr_warn_once.patch queue-3.18/can-af_can-can_rcv-replace-warn_once-by-pr_warn_once.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: can-af_can-can_rcv-replace-warn_once-by-pr_warn_once.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 8cb68751c115d176ec851ca56ecfbb411568c9e8 Mon Sep 17 00:00:00 2001 From: Marc Kleine-Budde <mkl(a)pengutronix.de> Date: Tue, 16 Jan 2018 19:30:14 +0100 Subject: can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once From: Marc Kleine-Budde <mkl(a)pengutronix.de> commit 8cb68751c115d176ec851ca56ecfbb411568c9e8 upstream. If an invalid CAN frame is received, from a driver or from a tun interface, a Kernel warning is generated. This patch replaces the WARN_ONCE by a simple pr_warn_once, so that a kernel, bootet with panic_on_warn, does not panic. A printk seems to be more appropriate here. Reported-by: syzbot+4386709c0c1284dca827(a)syzkaller.appspotmail.com Suggested-by: Dmitry Vyukov <dvyukov(a)google.com> Acked-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/can/af_can.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) --- a/net/can/af_can.c +++ b/net/can/af_can.c @@ -719,13 +719,12 @@ static int can_rcv(struct sk_buff *skb, if (unlikely(!net_eq(dev_net(dev), &init_net))) goto drop; - if (WARN_ONCE(dev->type != ARPHRD_CAN || - skb->len != CAN_MTU || - cfd->len > CAN_MAX_DLEN, - "PF_CAN: dropped non conform CAN skbuf: " - "dev type %d, len %d, datalen %d\n", - dev->type, skb->len, cfd->len)) + if (unlikely(dev->type != ARPHRD_CAN || skb->len != CAN_MTU || + cfd->len > CAN_MAX_DLEN)) { + pr_warn_once("PF_CAN: dropped non conform CAN skbuf: dev type %d, len %d, datalen %d\n", + dev->type, skb->len, cfd->len); goto drop; + } can_receive(skb, dev); return NET_RX_SUCCESS; Patches currently in stable-queue which might be from mkl(a)pengutronix.de are queue-3.18/can-af_can-canfd_rcv-replace-warn_once-by-pr_warn_once.patch queue-3.18/can-af_can-can_rcv-replace-warn_once-by-pr_warn_once.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] FAILED: patch "[PATCH] KVM: arm/arm64: Check pagesize when allocating a hugepage at" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From c507babf10ead4d5c8cca704539b170752a8ac84 Mon Sep 17 00:00:00 2001 From: Punit Agrawal <punit.agrawal(a)arm.com> Date: Thu, 4 Jan 2018 18:24:33 +0000 Subject: [PATCH] KVM: arm/arm64: Check pagesize when allocating a hugepage at Stage 2 KVM only supports PMD hugepages at stage 2 but doesn't actually check that the provided hugepage memory pagesize is PMD_SIZE before populating stage 2 entries. In cases where the backing hugepage size is smaller than PMD_SIZE (such as when using contiguous hugepages), KVM can end up creating stage 2 mappings that extend beyond the supplied memory. Fix this by checking for the pagesize of userspace vma before creating PMD hugepage at stage 2. Fixes: 66b3923a1a0f77a ("arm64: hugetlb: add support for PTE contiguous bit") Signed-off-by: Punit Agrawal <punit.agrawal(a)arm.com> Cc: Marc Zyngier <marc.zyngier(a)arm.com> Cc: <stable(a)vger.kernel.org> # v4.5+ Reviewed-by: Christoffer Dall <christoffer.dall(a)linaro.org> Signed-off-by: Christoffer Dall <christoffer.dall(a)linaro.org> diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c index b4b69c2d1012..9dea96380339 100644 --- a/virt/kvm/arm/mmu.c +++ b/virt/kvm/arm/mmu.c @@ -1310,7 +1310,7 @@ static int user_mem_abort(struct kvm_vcpu *vcpu, phys_addr_t fault_ipa, return -EFAULT; } - if (is_vm_hugetlb_page(vma) && !logging_active) { + if (vma_kernel_pagesize(vma) == PMD_SIZE && !logging_active) { hugetlb = true; gfn = (fault_ipa & PMD_MASK) >> PAGE_SHIFT; } else {

7 years, 1 month

3
3
0 0

[Linux-stable-mirror] [PATCH 1/2] [stable pre-4.12] can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once

by Oliver Hartkopp

In Linux 4.12 commit 8e8cda6d737d356054c ("can: initial support for network namespaces") removed a namespace check which affected this patch: upstream commit 8cb68751c115d176ec851ca56ecfbb411568c9e8 can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once If an invalid CAN frame is received, from a driver or from a tun interface, a Kernel warning is generated. This patch replaces the WARN_ONCE by a simple pr_warn_once, so that a kernel, bootet with panic_on_warn, does not panic. A printk seems to be more appropriate here. Reported-by: syzbot+4386709c0c1284dca827(a)syzkaller.appspotmail.com Suggested-by: Dmitry Vyukov <dvyukov(a)google.com> Acked-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Cc: linux-stable <stable(a)vger.kernel.org> [pre 4.12] Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Oliver Hartkopp <socketcan(a)hartkopp.net> --- net/can/af_can.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/net/can/af_can.c b/net/can/af_can.c index 928f58064098..924ad0513af9 100644 --- a/net/can/af_can.c +++ b/net/can/af_can.c @@ -722,13 +722,12 @@ static int can_rcv(struct sk_buff *skb, struct net_device *dev, if (unlikely(!net_eq(dev_net(dev), &init_net))) goto drop; - if (WARN_ONCE(dev->type != ARPHRD_CAN || - skb->len != CAN_MTU || - cfd->len > CAN_MAX_DLEN, - "PF_CAN: dropped non conform CAN skbuf: " - "dev type %d, len %d, datalen %d\n", - dev->type, skb->len, cfd->len)) + if (unlikely(dev->type != ARPHRD_CAN || skb->len != CAN_MTU || + cfd->len > CAN_MAX_DLEN)) { + pr_warn_once("PF_CAN: dropped non conform CAN skbuf: dev type %d, len %d, datalen %d\n", + dev->type, skb->len, cfd->len); goto drop; + } can_receive(skb, dev); return NET_RX_SUCCESS; -- 2.15.1

7 years, 1 month

2
2
0 0

[Linux-stable-mirror] [PATCH 4.4 000/115] 4.4.107-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.107 release. There are 115 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Dec 20 15:28:15 UTC 2017. Anything received after that time might be too late. The whole patch series can be found in one patch at: kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.107-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.107-rc1 Miaoqing Pan <miaoqing(a)codeaurora.org> ath9k: fix tx99 potential info leak Alex Vesker <valex(a)mellanox.com> IB/ipoib: Grab rtnl lock on heavy flush when calling ndo_open/stop Bart Van Assche <bart.vanassche(a)wdc.com> RDMA/cma: Avoid triggering undefined behavior Alexander Duyck <alexander.h.duyck(a)intel.com> macvlan: Only deliver one copy of the frame to the macvlan interface Jan Kara <jack(a)suse.cz> udf: Avoid overflow when session starts at large offset Dan Carpenter <dan.carpenter(a)oracle.com> scsi: bfa: integer overflow in debugfs weiping zhang <zhangweiping(a)didichuxing.com> scsi: sd: change allow_restart to bool in sysfs interface weiping zhang <zhangweiping(a)didichuxing.com> scsi: sd: change manage_start_stop to bool in sysfs interface Jia-Ju Bai <baijiaju1990(a)163.com> vt6655: Fix a possible sleep-in-atomic bug in vt6655_suspend Kurt Garloff <garloff(a)suse.de> scsi: scsi_devinfo: Add REPORTLUN2 to EMC SYMMETRIX blacklist entry NeilBrown <neilb(a)suse.com> raid5: Set R5_Expanded on parity devices as well as data. Linus Walleij <linus.walleij(a)linaro.org> pinctrl: adi2: Fix Kconfig build problem Bin Liu <b-liu(a)ti.com> usb: musb: da8xx: fix babble condition handling nixiaoming <nixiaoming(a)huawei.com> tty fix oops when rmmod 8250 Michael Ellerman <mpe(a)ellerman.id.au> powerpc/perf/hv-24x7: Fix incorrect comparison in memord Martin Wilck <mwilck(a)suse.de> scsi: hpsa: destroy sas transport properties before scsi_host Martin Wilck <mwilck(a)suse.de> scsi: hpsa: cleanup sas_phy structures in sysfs when unloading Alex Williamson <alex.williamson(a)redhat.com> PCI: Detach driver before procfs & sysfs teardown on device remove Christoph Hellwig <hch(a)lst.de> xfs: fix incorrect extent state in xfs_bmap_add_extent_unwritten_real Brian Foster <bfoster(a)redhat.com> xfs: fix log block underflow during recovery cycle verification Jiri Slaby <jslaby(a)suse.cz> l2tp: cleanup l2tp_tunnel_delete calls tang.junhui <tang.junhui(a)zte.com.cn> bcache: fix wrong cache_misses statistics Liang Chen <liangchen.linux(a)gmail.com> bcache: explicitly destroy mutex while exiting Bob Peterson <rpeterso(a)redhat.com> GFS2: Take inode off order_write list when setting jdata flag Daniel Lezcano <daniel.lezcano(a)linaro.org> thermal/drivers/step_wise: Fix temperature regulation misbehavior Gao Feng <gfree.wind(a)vip.163.com> ppp: Destroy the mutex when cleanup Michał Mirosław <mirq-linux(a)rere.qmqm.pl> clk: tegra: Fix cclk_lp divisor register Sébastien Szymanski <sebastien.szymanski(a)armadeus.com> clk: imx6: refine hdmi_isfr's parent to make HDMI work on i.MX6 SoCs w/o VPU Chen Zhong <chen.zhong(a)mediatek.com> clk: mediatek: add the option for determining PLL source clock Jan Kara <jack(a)suse.cz> mm: Handle 0 flags in _calc_vm_trans() macro Robert Baronescu <robert.baronescu(a)nxp.com> crypto: tcrypt - fix buffer lengths in test_aead_speed() Suzuki K Poulose <suzuki.poulose(a)arm.com> arm-ccn: perf: Prevent module unload while PMU is in use Jiang Yi <jiangyilism(a)gmail.com> target/file: Do not return error for UNMAP if length is zero tangwenji <tang.wenji(a)zte.com.cn> target:fix condition return in core_pr_dump_initiator_port() tangwenji <tang.wenji(a)zte.com.cn> iscsi-target: fix memory leak in lio_target_tiqn_addtpg() Bart Van Assche <bart.vanassche(a)wdc.com> target/iscsi: Fix a race condition in iscsit_add_reject_from_cmd() Markus Elfring <elfring(a)users.sourceforge.net> platform/x86: sony-laptop: Fix error handling in sony_nc_setup_rfkill() Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/ipic: Fix status get and status clear William A. Kennington III <wak(a)google.com> powerpc/opal: Fix EBUSY bug in acquiring tokens KUWAZAWA Takuya <albatross0(a)gmail.com> netfilter: ipvs: Fix inappropriate output of procfs Shriya <shriyak(a)linux.vnet.ibm.com> powerpc/powernv/cpufreq: Fix the frequency read by /proc/cpuinfo Qiang <zhengqiang10(a)huawei.com> PCI/PME: Handle invalid data when reading Root Status Peter Ujfalusi <peter.ujfalusi(a)ti.com> dmaengine: ti-dma-crossbar: Correct am335x/am43xx mux value type Philipp Zabel <p.zabel(a)pengutronix.de> rtc: pcf8563: fix output clock rate Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> video: fbdev: au1200fb: Return an error code if a memory allocation fails Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> video: fbdev: au1200fb: Release some resources if a memory allocation fails Ladislav Michl <ladis(a)linux-mips.org> video: udlfb: Fix read EDID timeout Geert Uytterhoeven <geert(a)linux-m68k.org> fbdev: controlfb: Add missing modes to fix out of bounds access Robert Stonehouse <rstonehouse(a)solarflare.com> sfc: don't warn on successful change of MAC Mike Christie <mchristi(a)redhat.com> target: fix race during implicit transition work flushes Mike Christie <mchristi(a)redhat.com> target: fix ALUA transition timeout handling Mike Christie <mchristi(a)redhat.com> target: Use system workqueue for ALUA transitions Zygo Blaxell <ce3g8jdj(a)umail.furryterror.org> btrfs: add missing memset while reading compressed inline extents Olga Kornievskaia <kolga(a)netapp.com> NFSv4.1 respect server's max size in CREATE_SESSION Daniel Drake <drake(a)endlessm.com> efi/esrt: Cleanup bad memory map log messages Daniel Borkmann <daniel(a)iogearbox.net> perf symbols: Fix symbols__fixup_end heuristic for corner cases Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx4_core: Avoid delays during VF driver device shutdown David Howells <dhowells(a)redhat.com> afs: Fix afs_kill_pages() David Howells <dhowells(a)redhat.com> afs: Fix page leak in afs_write_begin() Marc Dionne <marc.dionne(a)auristor.com> afs: Populate and use client modification time David Howells <dhowells(a)redhat.com> afs: Fix the maths in afs_fs_store_data() Tina Ruchandani <ruchandani.tina(a)gmail.com> afs: Prevent callback expiry timer overflow Tina Ruchandani <ruchandani.tina(a)gmail.com> afs: Migrate vlocation fields to 64-bit David Howells <dhowells(a)redhat.com> afs: Flush outstanding writes when an fd is closed Marc Dionne <marc.dionne(a)auristor.com> afs: Adjust mode bits processing Marc Dionne <marc.dionne(a)auristor.com> afs: Populate group ID from vnode status David Howells <dhowells(a)redhat.com> afs: Fix missing put_page() Alex Deucher <alexander.deucher(a)amd.com> drm/radeon: reinstate oland workaround for sclk yong mao <yong.mao(a)mediatek.com> mmc: mediatek: Fixed bug where clock frequency could be set wrong Steven Rostedt (VMware) <rostedt(a)goodmis.org> sched/deadline: Use deadline instead of period when calculating overflow Daniel Bristot de Oliveira <bristot(a)redhat.com> sched/deadline: Throttle a constrained deadline task activated after the deadline Daniel Bristot de Oliveira <bristot(a)redhat.com> sched/deadline: Make sure the replenishment timer fires in the next period Alex Deucher <alexander.deucher(a)amd.com> drm/radeon/si: add dpm quirk for Oland Taku Izumi <izumi.taku(a)jp.fujitsu.com> fjes: Fix wrong netdevice feature flags Don Brace <don.brace(a)microsemi.com> scsi: hpsa: limit outstanding rescans Don Brace <don.brace(a)microsemi.com> scsi: hpsa: update check for logical volume status Stafford Horne <shorne(a)gmail.com> openrisc: fix issue handling 8 byte get_user calls Alexander Shishkin <alexander.shishkin(a)linux.intel.com> intel_th: pci: Add Gemini Lake support Jiri Pirko <jiri(a)mellanox.com> mlxsw: reg: Fix SPVMLR max record count Jiri Pirko <jiri(a)mellanox.com> mlxsw: reg: Fix SPVM max record count Vlad Yasevich <vyasevich(a)gmail.com> net: Resend IGMP memberships upon peer notification. Matthias Kaehlcke <mka(a)chromium.org> dmaengine: Fix array index out of bounds warning in __get_unmap_pool() Johan Hovold <johan(a)kernel.org> net: wimax/i2400m: fix NULL-deref at probe Tahsin Erdogan <tahsin(a)google.com> writeback: fix memory leak in wb_queue_work() Florian Westphal <fw(a)strlen.de> netfilter: bridge: honor frag_max_size when refragmenting Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: fix dmabuf mmap for dma_alloc'ed buffers Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: i8042 - add TUXEDO BU1406 (N24_25BU) to the nomux list NeilBrown <neilb(a)suse.com> NFSD: fix nfsd_reset_versions for NFSv4. NeilBrown <neilb(a)suse.com> NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) Doug Berger <opendmb(a)gmail.com> net: bcmgenet: Power up the internal PHY before probing the MII Doug Berger <opendmb(a)gmail.com> net: bcmgenet: power down internal phy if open or resume fails Doug Berger <opendmb(a)gmail.com> net: bcmgenet: reserved phy revisions must be checked first Doug Berger <opendmb(a)gmail.com> net: bcmgenet: correct MIB access of UniMAC RUNT counters Doug Berger <opendmb(a)gmail.com> net: bcmgenet: correct the RBUF_OVFL_CNT and RBUF_ERR_CNT MIB values Alexander Potapenko <glider(a)google.com> net: initialize msg.msg_flags in recvfrom Andrea Arcangeli <aarcange(a)redhat.com> userfaultfd: selftest: vm: allow to build in vm/ directory Andrea Arcangeli <aarcange(a)redhat.com> userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE Guoqing Jiang <gqjiang(a)suse.com> md-cluster: free md_cluster_info if node leave cluster Javier Martinez Canillas <javier(a)osg.samsung.com> usb: phy: isp1301: Add OF device ID table Ilan peer <ilan.peer(a)intel.com> mac80211: Fix addition of mesh configuration element Eric Biggers <ebiggers(a)google.com> KEYS: add missing permission check for request_key() destination Chandan Rajendra <chandan(a)linux.vnet.ibm.com> ext4: fix crash when a directory's i_size is too small Eryu Guan <eguan(a)redhat.com> ext4: fix fdatasync(2) after fallocate(2) operation Adam Wallis <awallis(a)codeaurora.org> dmaengine: dmatest: move callback wait queue to thread context Steven Rostedt <rostedt(a)goodmis.org> sched/rt: Do not pull from current CPU if only one CPU to pull Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Don't add a virt_dev to the devs array before it's fully allocated Sukumar Ghorai <sukumar.ghorai(a)intel.com> Bluetooth: btusb: driver to enable the usb-wakeup feature Yan, Zheng <zyan(a)redhat.com> ceph: drop negative child dentries before try pruning inode's alias Shuah Khan <shuahkh(a)osg.samsung.com> usbip: fix stub_send_ret_submit() vulnerability to null transfer_buffer Alan Stern <stern(a)rowland.harvard.edu> USB: core: prevent malicious bNumInterfaces overflow David Kozub <zub(a)linux.fjfi.cvut.cz> USB: uas and storage: Add US_FL_BROKEN_FUA for another JMicron JMS567 ID Changbin Du <changbin.du(a)intel.com> tracing: Allocate mask_str buffer dynamically NeilBrown <neilb(a)suse.com> autofs: fix careless error in recent commit Eric Biggers <ebiggers(a)google.com> crypto: salsa20 - fix blkcipher_walk API usage Eric Biggers <ebiggers(a)google.com> crypto: hmac - require that the underlying hash algorithm is unkeyed ------------- Diffstat: Makefile | 4 +- arch/blackfin/Kconfig | 7 +- arch/blackfin/Kconfig.debug | 1 + arch/openrisc/include/asm/uaccess.h | 2 +- arch/powerpc/perf/hv-24x7.c | 2 +- arch/powerpc/platforms/powernv/opal-async.c | 6 +- arch/powerpc/platforms/powernv/setup.c | 2 +- arch/powerpc/sysdev/ipic.c | 4 +- arch/x86/crypto/salsa20_glue.c | 7 -- crypto/hmac.c | 6 +- crypto/salsa20_generic.c | 7 -- crypto/shash.c | 5 +- crypto/tcrypt.c | 6 +- drivers/bluetooth/btusb.c | 5 ++ drivers/bus/arm-ccn.c | 1 + drivers/clk/imx/clk-imx6q.c | 2 +- drivers/clk/mediatek/clk-mtk.h | 1 + drivers/clk/mediatek/clk-pll.c | 5 +- drivers/clk/tegra/clk-tegra30.c | 2 +- drivers/dma/dmaengine.c | 2 + drivers/dma/dmatest.c | 55 ++++++++------- drivers/dma/ti-dma-crossbar.c | 8 +-- drivers/firmware/efi/efi.c | 1 - drivers/firmware/efi/esrt.c | 2 +- drivers/gpu/drm/omapdrm/omap_gem_dmabuf.c | 3 - drivers/gpu/drm/radeon/si_dpm.c | 10 +++ drivers/hwtracing/intel_th/pci.c | 5 ++ drivers/infiniband/core/cma.c | 11 +-- drivers/infiniband/ulp/ipoib/ipoib_ib.c | 7 +- drivers/input/serio/i8042-x86ia64io.h | 7 ++ drivers/md/bcache/request.c | 6 +- drivers/md/bcache/super.c | 6 +- drivers/md/md-cluster.c | 1 + drivers/md/raid5.c | 5 +- drivers/mmc/host/mtk-sd.c | 4 +- drivers/net/ethernet/broadcom/genet/bcmgenet.c | 95 +++++++++++++++++++++----- drivers/net/ethernet/broadcom/genet/bcmgenet.h | 10 ++- drivers/net/ethernet/mellanox/mlx4/cmd.c | 11 +++ drivers/net/ethernet/mellanox/mlx4/main.c | 11 +++ drivers/net/ethernet/mellanox/mlxsw/reg.h | 4 +- drivers/net/ethernet/sfc/ef10.c | 2 +- drivers/net/fjes/fjes_main.c | 2 +- drivers/net/macvlan.c | 2 +- drivers/net/ppp/ppp_generic.c | 1 + drivers/net/wimax/i2400m/usb.c | 3 + drivers/net/wireless/ath/ath9k/tx99.c | 5 ++ drivers/pci/pcie/pme.c | 5 +- drivers/pci/remove.c | 2 +- drivers/pinctrl/Kconfig | 3 +- drivers/platform/x86/sony-laptop.c | 14 ++-- drivers/rtc/rtc-pcf8563.c | 2 +- drivers/scsi/bfa/bfad_debugfs.c | 5 +- drivers/scsi/hpsa.c | 57 +++++++++------- drivers/scsi/hpsa.h | 1 + drivers/scsi/hpsa_cmd.h | 2 + drivers/scsi/scsi_devinfo.c | 2 +- drivers/scsi/sd.c | 12 +++- drivers/staging/vt6655/device_main.c | 3 +- drivers/target/iscsi/iscsi_target.c | 3 +- drivers/target/iscsi/iscsi_target_configfs.c | 3 +- drivers/target/target_core_alua.c | 33 +++------ drivers/target/target_core_file.c | 4 ++ drivers/target/target_core_pr.c | 4 +- drivers/thermal/step_wise.c | 11 +-- drivers/usb/core/config.c | 4 +- drivers/usb/host/xhci-mem.c | 15 ++-- drivers/usb/musb/da8xx.c | 10 ++- drivers/usb/phy/phy-isp1301.c | 7 ++ drivers/usb/storage/unusual_devs.h | 7 ++ drivers/usb/storage/unusual_uas.h | 7 ++ drivers/usb/usbip/stub_tx.c | 7 ++ drivers/video/fbdev/au1200fb.c | 7 +- drivers/video/fbdev/controlfb.h | 2 + drivers/video/fbdev/udlfb.c | 10 +-- fs/afs/callback.c | 7 +- fs/afs/file.c | 1 + fs/afs/fsclient.c | 22 +++--- fs/afs/inode.c | 11 +-- fs/afs/internal.h | 12 ++-- fs/afs/security.c | 7 +- fs/afs/server.c | 6 +- fs/afs/vlocation.c | 16 +++-- fs/afs/write.c | 32 +++++++-- fs/autofs4/waitq.c | 1 - fs/btrfs/inode.c | 14 ++++ fs/ceph/mds_client.c | 42 ++++++++++-- fs/ext4/extents.c | 1 + fs/ext4/namei.c | 4 ++ fs/fs-writeback.c | 35 ++++++---- fs/gfs2/file.c | 4 +- fs/nfs/nfs4client.c | 4 +- fs/nfsd/nfssvc.c | 30 ++++---- fs/proc/proc_tty.c | 3 +- fs/udf/super.c | 2 +- fs/userfaultfd.c | 2 +- fs/xfs/libxfs/xfs_bmap.c | 2 +- fs/xfs/xfs_log_recover.c | 2 +- include/crypto/internal/hash.h | 8 +++ include/linux/mlx4/device.h | 1 + include/linux/mman.h | 3 +- include/target/target_core_base.h | 2 +- kernel/sched/deadline.c | 62 +++++++++++++++-- kernel/sched/rt.c | 8 ++- kernel/trace/trace.c | 29 +++----- net/bridge/br_netfilter_hooks.c | 12 ++-- net/core/dev.c | 1 + net/l2tp/l2tp_core.c | 2 +- net/l2tp/l2tp_netlink.c | 2 +- net/mac80211/mesh.c | 2 - net/netfilter/ipvs/ip_vs_ctl.c | 4 ++ net/socket.c | 1 + security/keys/request_key.c | 48 ++++++++++--- tools/perf/util/symbol.c | 2 +- tools/testing/selftests/vm/Makefile | 4 ++ 114 files changed, 727 insertions(+), 320 deletions(-)

7 years, 1 month

10
149
0 0

[Linux-stable-mirror] Patch "sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: sched-deadline-use-the-revised-wakeup-rule-for-suspending-constrained-dl-tasks.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 3effcb4247e74a51f5d8b775a1ee4abf87cc089a Mon Sep 17 00:00:00 2001 From: Daniel Bristot de Oliveira <bristot(a)redhat.com> Date: Mon, 29 May 2017 16:24:03 +0200 Subject: sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks From: Daniel Bristot de Oliveira <bristot(a)redhat.com> commit 3effcb4247e74a51f5d8b775a1ee4abf87cc089a upstream. We have been facing some problems with self-suspending constrained deadline tasks. The main reason is that the original CBS was not designed for such sort of tasks. One problem reported by Xunlei Pang takes place when a task suspends, and then is awakened before the deadline, but so close to the deadline that its remaining runtime can cause the task to have an absolute density higher than allowed. In such situation, the original CBS assumes that the task is facing an early activation, and so it replenishes the task and set another deadline, one deadline in the future. This rule works fine for implicit deadline tasks. Moreover, it allows the system to adapt the period of a task in which the external event source suffered from a clock drift. However, this opens the window for bandwidth leakage for constrained deadline tasks. For instance, a task with the following parameters: runtime = 5 ms deadline = 7 ms [density] = 5 / 7 = 0.71 period = 1000 ms If the task runs for 1 ms, and then suspends for another 1ms, it will be awakened with the following parameters: remaining runtime = 4 laxity = 5 presenting a absolute density of 4 / 5 = 0.80. In this case, the original CBS would assume the task had an early wakeup. Then, CBS will reset the runtime, and the absolute deadline will be postponed by one relative deadline, allowing the task to run. The problem is that, if the task runs this pattern forever, it will keep receiving bandwidth, being able to run 1ms every 2ms. Following this behavior, the task would be able to run 500 ms in 1 sec. Thus running more than the 5 ms / 1 sec the admission control allowed it to run. Trying to address the self-suspending case, Luca Abeni, Giuseppe Lipari, and Juri Lelli [1] revisited the CBS in order to deal with self-suspending tasks. In the new approach, rather than replenishing/postponing the absolute deadline, the revised wakeup rule adjusts the remaining runtime, reducing it to fit into the allowed density. A revised version of the idea is: At a given time t, the maximum absolute density of a task cannot be higher than its relative density, that is: runtime / (deadline - t) <= dl_runtime / dl_deadline Knowing the laxity of a task (deadline - t), it is possible to move it to the other side of the equality, thus enabling to define max remaining runtime a task can use within the absolute deadline, without over-running the allowed density: runtime = (dl_runtime / dl_deadline) * (deadline - t) For instance, in our previous example, the task could still run: runtime = ( 5 / 7 ) * 5 runtime = 3.57 ms Without causing damage for other deadline tasks. It is note worthy that the laxity cannot be negative because that would cause a negative runtime. Thus, this patch depends on the patch: df8eac8cafce ("sched/deadline: Throttle a constrained deadline task activated after the deadline") Which throttles a constrained deadline task activated after the deadline. Finally, it is also possible to use the revised wakeup rule for all other tasks, but that would require some more discussions about pros and cons. [The main difference from the original commit is that the BW_SHIFT define was not present yet. As BW_SHIFT was introduced in a new feature, I just used the value (20), likewise we used to use before the #define. Other changes were required because of comments. - bistrot] Reported-by: Xunlei Pang <xpang(a)redhat.com> Signed-off-by: Daniel Bristot de Oliveira <bristot(a)redhat.com> [peterz: replaced dl_is_constrained with dl_is_implicit] Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Cc: Juri Lelli <juri.lelli(a)arm.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Luca Abeni <luca.abeni(a)santannapisa.it> Cc: Mike Galbraith <efault(a)gmx.de> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Romulo Silva de Oliveira <romulo.deoliveira(a)ufsc.br> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Tommaso Cucinotta <tommaso.cucinotta(a)sssup.it> Link: http://lkml.kernel.org/r/5c800ab3a74a168a84ee5f3f84d12a02e11383be.149580380… Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Daniel Bristot de Oliveira <bristot(a)redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- include/linux/sched.h | 1 kernel/sched/core.c | 2 kernel/sched/deadline.c | 98 ++++++++++++++++++++++++++++++++++++++++++------ 3 files changed, 89 insertions(+), 12 deletions(-) --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -1313,6 +1313,7 @@ struct sched_dl_entity { u64 dl_deadline; /* relative deadline of each instance */ u64 dl_period; /* separation of two instances (period) */ u64 dl_bw; /* dl_runtime / dl_deadline */ + u64 dl_density; /* dl_runtime / dl_deadline */ /* * Actual scheduling parameters. Initialized with the values above, --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -2109,6 +2109,7 @@ void __dl_clear_params(struct task_struc dl_se->dl_period = 0; dl_se->flags = 0; dl_se->dl_bw = 0; + dl_se->dl_density = 0; dl_se->dl_throttled = 0; dl_se->dl_new = 1; @@ -3647,6 +3648,7 @@ __setparam_dl(struct task_struct *p, con dl_se->dl_period = attr->sched_period ?: dl_se->dl_deadline; dl_se->flags = attr->sched_flags; dl_se->dl_bw = to_ratio(dl_se->dl_period, dl_se->dl_runtime); + dl_se->dl_density = to_ratio(dl_se->dl_deadline, dl_se->dl_runtime); /* * Changing the parameters of a task is 'tricky' and we're not doing --- a/kernel/sched/deadline.c +++ b/kernel/sched/deadline.c @@ -480,13 +480,84 @@ static bool dl_entity_overflow(struct sc } /* - * When a -deadline entity is queued back on the runqueue, its runtime and - * deadline might need updating. + * Revised wakeup rule [1]: For self-suspending tasks, rather then + * re-initializing task's runtime and deadline, the revised wakeup + * rule adjusts the task's runtime to avoid the task to overrun its + * density. * - * The policy here is that we update the deadline of the entity only if: - * - the current deadline is in the past, - * - using the remaining runtime with the current deadline would make - * the entity exceed its bandwidth. + * Reasoning: a task may overrun the density if: + * runtime / (deadline - t) > dl_runtime / dl_deadline + * + * Therefore, runtime can be adjusted to: + * runtime = (dl_runtime / dl_deadline) * (deadline - t) + * + * In such way that runtime will be equal to the maximum density + * the task can use without breaking any rule. + * + * [1] Luca Abeni, Giuseppe Lipari, and Juri Lelli. 2015. Constant + * bandwidth server revisited. SIGBED Rev. 11, 4 (January 2015), 19-24. + */ +static void +update_dl_revised_wakeup(struct sched_dl_entity *dl_se, struct rq *rq) +{ + u64 laxity = dl_se->deadline - rq_clock(rq); + + /* + * If the task has deadline < period, and the deadline is in the past, + * it should already be throttled before this check. + * + * See update_dl_entity() comments for further details. + */ + WARN_ON(dl_time_before(dl_se->deadline, rq_clock(rq))); + + dl_se->runtime = (dl_se->dl_density * laxity) >> 20; +} + +/* + * Regarding the deadline, a task with implicit deadline has a relative + * deadline == relative period. A task with constrained deadline has a + * relative deadline <= relative period. + * + * We support constrained deadline tasks. However, there are some restrictions + * applied only for tasks which do not have an implicit deadline. See + * update_dl_entity() to know more about such restrictions. + * + * The dl_is_implicit() returns true if the task has an implicit deadline. + */ +static inline bool dl_is_implicit(struct sched_dl_entity *dl_se) +{ + return dl_se->dl_deadline == dl_se->dl_period; +} + +/* + * When a deadline entity is placed in the runqueue, its runtime and deadline + * might need to be updated. This is done by a CBS wake up rule. There are two + * different rules: 1) the original CBS; and 2) the Revisited CBS. + * + * When the task is starting a new period, the Original CBS is used. In this + * case, the runtime is replenished and a new absolute deadline is set. + * + * When a task is queued before the begin of the next period, using the + * remaining runtime and deadline could make the entity to overflow, see + * dl_entity_overflow() to find more about runtime overflow. When such case + * is detected, the runtime and deadline need to be updated. + * + * If the task has an implicit deadline, i.e., deadline == period, the Original + * CBS is applied. the runtime is replenished and a new absolute deadline is + * set, as in the previous cases. + * + * However, the Original CBS does not work properly for tasks with + * deadline < period, which are said to have a constrained deadline. By + * applying the Original CBS, a constrained deadline task would be able to run + * runtime/deadline in a period. With deadline < period, the task would + * overrun the runtime/period allowed bandwidth, breaking the admission test. + * + * In order to prevent this misbehave, the Revisited CBS is used for + * constrained deadline tasks when a runtime overflow is detected. In the + * Revisited CBS, rather than replenishing & setting a new absolute deadline, + * the remaining runtime of the task is reduced to avoid runtime overflow. + * Please refer to the comments update_dl_revised_wakeup() function to find + * more about the Revised CBS rule. */ static void update_dl_entity(struct sched_dl_entity *dl_se, struct sched_dl_entity *pi_se) @@ -505,6 +576,14 @@ static void update_dl_entity(struct sche if (dl_time_before(dl_se->deadline, rq_clock(rq)) || dl_entity_overflow(dl_se, pi_se, rq_clock(rq))) { + + if (unlikely(!dl_is_implicit(dl_se) && + !dl_time_before(dl_se->deadline, rq_clock(rq)) && + !dl_se->dl_boosted)){ + update_dl_revised_wakeup(dl_se, rq); + return; + } + dl_se->deadline = rq_clock(rq) + pi_se->dl_deadline; dl_se->runtime = pi_se->dl_runtime; } @@ -991,11 +1070,6 @@ static void dequeue_dl_entity(struct sch __dequeue_dl_entity(dl_se); } -static inline bool dl_is_constrained(struct sched_dl_entity *dl_se) -{ - return dl_se->dl_deadline < dl_se->dl_period; -} - static void enqueue_task_dl(struct rq *rq, struct task_struct *p, int flags) { struct task_struct *pi_task = rt_mutex_get_top_task(p); @@ -1027,7 +1101,7 @@ static void enqueue_task_dl(struct rq *r * If that is the case, the task will be throttled and * the replenishment timer will be set to the next period. */ - if (!p->dl.dl_throttled && dl_is_constrained(&p->dl)) + if (!p->dl.dl_throttled && !dl_is_implicit(&p->dl)) dl_check_constrained_dl(&p->dl); /* Patches currently in stable-queue which might be from bristot(a)redhat.com are queue-4.4/sched-deadline-use-the-revised-wakeup-rule-for-suspending-constrained-dl-tasks.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "x86/retpoline: Fill RSB on context switch for affected CPUs" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/retpoline: Fill RSB on context switch for affected CPUs to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-retpoline-fill-rsb-on-context-switch-for-affected-cpus.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From c995efd5a740d9cbafbf58bde4973e8b50b4d761 Mon Sep 17 00:00:00 2001 From: David Woodhouse <dwmw(a)amazon.co.uk> Date: Fri, 12 Jan 2018 17:49:25 +0000 Subject: x86/retpoline: Fill RSB on context switch for affected CPUs From: David Woodhouse <dwmw(a)amazon.co.uk> commit c995efd5a740d9cbafbf58bde4973e8b50b4d761 upstream. On context switch from a shallow call stack to a deeper one, as the CPU does 'ret' up the deeper side it may encounter RSB entries (predictions for where the 'ret' goes to) which were populated in userspace. This is problematic if neither SMEP nor KPTI (the latter of which marks userspace pages as NX for the kernel) are active, as malicious code in userspace may then be executed speculatively. Overwrite the CPU's return prediction stack with calls which are predicted to return to an infinite loop, to "capture" speculation if this happens. This is required both for retpoline, and also in conjunction with IBRS for !SMEP && !KPTI. On Skylake+ the problem is slightly different, and an *underflow* of the RSB may cause errant branch predictions to occur. So there it's not so much overwrite, as *filling* the RSB to attempt to prevent it getting empty. This is only a partial solution for Skylake+ since there are many other conditions which may result in the RSB becoming empty. The full solution on Skylake+ is to use IBRS, which will prevent the problem even when the RSB becomes empty. With IBRS, the RSB-stuffing will not be required on context switch. [ tglx: Added missing vendor check and slighty massaged comments and changelog ] [js] backport to 4.4 -- __switch_to_asm does not exist there, we have to patch the switch_to macros for both x86_32 and x86_64. Signed-off-by: David Woodhouse <dwmw(a)amazon.co.uk> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Arjan van de Ven <arjan(a)linux.intel.com> Cc: gnomes(a)lxorguk.ukuu.org.uk Cc: Rik van Riel <riel(a)redhat.com> Cc: Andi Kleen <ak(a)linux.intel.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: thomas.lendacky(a)amd.com Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Jiri Kosina <jikos(a)kernel.org> Cc: Andy Lutomirski <luto(a)amacapital.net> Cc: Dave Hansen <dave.hansen(a)intel.com> Cc: Kees Cook <keescook(a)google.com> Cc: Tim Chen <tim.c.chen(a)linux.intel.com> Cc: Greg Kroah-Hartman <gregkh(a)linux-foundation.org> Cc: Paul Turner <pjt(a)google.com> Link: https://lkml.kernel.org/r/1515779365-9032-1-git-send-email-dwmw@amazon.co.uk Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/cpufeature.h | 1 + arch/x86/include/asm/switch_to.h | 38 ++++++++++++++++++++++++++++++++++++++ arch/x86/kernel/cpu/bugs.c | 36 ++++++++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+) --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -199,6 +199,7 @@ #define X86_FEATURE_HWP_EPP ( 7*32+13) /* Intel HWP_EPP */ #define X86_FEATURE_HWP_PKG_REQ ( 7*32+14) /* Intel HWP_PKG_REQ */ #define X86_FEATURE_INTEL_PT ( 7*32+15) /* Intel Processor Trace */ +#define X86_FEATURE_RSB_CTXSW ( 7*32+19) /* Fill RSB on context switches */ #define X86_FEATURE_RETPOLINE ( 7*32+29) /* Generic Retpoline mitigation for Spectre variant 2 */ #define X86_FEATURE_RETPOLINE_AMD ( 7*32+30) /* AMD Retpoline mitigation for Spectre variant 2 */ --- a/arch/x86/include/asm/switch_to.h +++ b/arch/x86/include/asm/switch_to.h @@ -1,6 +1,8 @@ #ifndef _ASM_X86_SWITCH_TO_H #define _ASM_X86_SWITCH_TO_H +#include <asm/nospec-branch.h> + struct task_struct; /* one of the stranger aspects of C forward declarations */ __visible struct task_struct *__switch_to(struct task_struct *prev, struct task_struct *next); @@ -24,6 +26,23 @@ void __switch_to_xtra(struct task_struct #define __switch_canary_iparam #endif /* CC_STACKPROTECTOR */ +#ifdef CONFIG_RETPOLINE + /* + * When switching from a shallower to a deeper call stack + * the RSB may either underflow or use entries populated + * with userspace addresses. On CPUs where those concerns + * exist, overwrite the RSB with entries which capture + * speculative execution to prevent attack. + */ +#define __retpoline_fill_return_buffer \ + ALTERNATIVE("jmp 910f", \ + __stringify(__FILL_RETURN_BUFFER(%%ebx, RSB_CLEAR_LOOPS, %%esp)),\ + X86_FEATURE_RSB_CTXSW) \ + "910:\n\t" +#else +#define __retpoline_fill_return_buffer +#endif + /* * Saving eflags is important. It switches not only IOPL between tasks, * it also protects other tasks from NT leaking through sysenter etc. @@ -46,6 +65,7 @@ do { \ "movl $1f,%[prev_ip]\n\t" /* save EIP */ \ "pushl %[next_ip]\n\t" /* restore EIP */ \ __switch_canary \ + __retpoline_fill_return_buffer \ "jmp __switch_to\n" /* regparm call */ \ "1:\t" \ "popl %%ebp\n\t" /* restore EBP */ \ @@ -100,6 +120,23 @@ do { \ #define __switch_canary_iparam #endif /* CC_STACKPROTECTOR */ +#ifdef CONFIG_RETPOLINE + /* + * When switching from a shallower to a deeper call stack + * the RSB may either underflow or use entries populated + * with userspace addresses. On CPUs where those concerns + * exist, overwrite the RSB with entries which capture + * speculative execution to prevent attack. + */ +#define __retpoline_fill_return_buffer \ + ALTERNATIVE("jmp 910f", \ + __stringify(__FILL_RETURN_BUFFER(%%r12, RSB_CLEAR_LOOPS, %%rsp)),\ + X86_FEATURE_RSB_CTXSW) \ + "910:\n\t" +#else +#define __retpoline_fill_return_buffer +#endif + /* * There is no need to save or restore flags, because flags are always * clean in kernel mode, with the possible exception of IOPL. Kernel IOPL @@ -112,6 +149,7 @@ do { \ "call __switch_to\n\t" \ "movq "__percpu_arg([current_task])",%%rsi\n\t" \ __switch_canary \ + __retpoline_fill_return_buffer \ "movq %P[thread_info](%%rsi),%%r8\n\t" \ "movq %%rax,%%rdi\n\t" \ "testl %[_tif_fork],%P[ti_flags](%%r8)\n\t" \ --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -22,6 +22,7 @@ #include <asm/alternative.h> #include <asm/pgtable.h> #include <asm/cacheflush.h> +#include <asm/intel-family.h> static void __init spectre_v2_select_mitigation(void); @@ -154,6 +155,23 @@ disable: return SPECTRE_V2_CMD_NONE; } +/* Check for Skylake-like CPUs (for RSB handling) */ +static bool __init is_skylake_era(void) +{ + if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL && + boot_cpu_data.x86 == 6) { + switch (boot_cpu_data.x86_model) { + case INTEL_FAM6_SKYLAKE_MOBILE: + case INTEL_FAM6_SKYLAKE_DESKTOP: + case INTEL_FAM6_SKYLAKE_X: + case INTEL_FAM6_KABYLAKE_MOBILE: + case INTEL_FAM6_KABYLAKE_DESKTOP: + return true; + } + } + return false; +} + static void __init spectre_v2_select_mitigation(void) { enum spectre_v2_mitigation_cmd cmd = spectre_v2_parse_cmdline(); @@ -212,6 +230,24 @@ retpoline_auto: spectre_v2_enabled = mode; pr_info("%s\n", spectre_v2_strings[mode]); + + /* + * If neither SMEP or KPTI are available, there is a risk of + * hitting userspace addresses in the RSB after a context switch + * from a shallow call stack to a deeper one. To prevent this fill + * the entire RSB, even when using IBRS. + * + * Skylake era CPUs have a separate issue with *underflow* of the + * RSB, when they will predict 'ret' targets from the generic BTB. + * The proper mitigation for this is IBRS. If IBRS is not supported + * or deactivated in favour of retpolines the RSB fill on context + * switch is required. + */ + if ((!boot_cpu_has(X86_FEATURE_KAISER) && + !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) { + setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); + pr_info("Filling RSB on context switch\n"); + } } #undef pr_fmt Patches currently in stable-queue which might be from dwmw(a)amazon.co.uk are queue-4.4/x86-retpoline-fill-rsb-on-context-switch-for-affected-cpus.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "x86/cpu/intel: Introduce macros for Intel family numbers" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/cpu/intel: Introduce macros for Intel family numbers to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-cpu-intel-introduce-macros-for-intel-family-numbers.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 970442c599b22ccd644ebfe94d1d303bf6f87c05 Mon Sep 17 00:00:00 2001 From: Dave Hansen <dave(a)sr71.net> Date: Thu, 2 Jun 2016 17:19:27 -0700 Subject: x86/cpu/intel: Introduce macros for Intel family numbers From: Dave Hansen <dave(a)sr71.net> commit 970442c599b22ccd644ebfe94d1d303bf6f87c05 upstream. Problem: We have a boatload of open-coded family-6 model numbers. Half of them have these model numbers in hex and the other half in decimal. This makes grepping for them tons of fun, if you were to try. Solution: Consolidate all the magic numbers. Put all the definitions in one header. The names here are closely derived from the comments describing the models from arch/x86/events/intel/core.c. We could easily make them shorter by doing things like s/SANDYBRIDGE/SNB/, but they seemed fine even with the longer versions to me. Do not take any of these names too literally, like "DESKTOP" or "MOBILE". These are all colloquial names and not precise descriptions of everywhere a given model will show up. Signed-off-by: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Adrian Hunter <adrian.hunter(a)intel.com> Cc: Andy Lutomirski <luto(a)amacapital.net> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Darren Hart <dvhart(a)infradead.org> Cc: Dave Hansen <dave(a)sr71.net> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Doug Thompson <dougthompson(a)xmission.com> Cc: Eduardo Valentin <edubezval(a)gmail.com> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Jacob Pan <jacob.jun.pan(a)linux.intel.com> Cc: Kan Liang <kan.liang(a)intel.com> Cc: Len Brown <lenb(a)kernel.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Mauro Carvalho Chehab <mchehab(a)osg.samsung.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Cc: Rajneesh Bhardwaj <rajneesh.bhardwaj(a)intel.com> Cc: Souvik Kumar Chakravarty <souvik.k.chakravarty(a)intel.com> Cc: Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> Cc: Stephane Eranian <eranian(a)google.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Tony Luck <tony.luck(a)intel.com> Cc: Ulf Hansson <ulf.hansson(a)linaro.org> Cc: Viresh Kumar <viresh.kumar(a)linaro.org> Cc: Vishwanath Somayaji <vishwanath.somayaji(a)intel.com> Cc: Zhang Rui <rui.zhang(a)intel.com> Cc: jacob.jun.pan(a)intel.com Cc: linux-acpi(a)vger.kernel.org Cc: linux-edac(a)vger.kernel.org Cc: linux-mmc(a)vger.kernel.org Cc: linux-pm(a)vger.kernel.org Cc: platform-driver-x86(a)vger.kernel.org Link: http://lkml.kernel.org/r/20160603001927.F2A7D828@viggo.jf.intel.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Cc: Jiri Slaby <jslaby(a)suse.cz> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- arch/x86/include/asm/intel-family.h | 68 ++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) --- /dev/null +++ b/arch/x86/include/asm/intel-family.h @@ -0,0 +1,68 @@ +#ifndef _ASM_X86_INTEL_FAMILY_H +#define _ASM_X86_INTEL_FAMILY_H + +/* + * "Big Core" Processors (Branded as Core, Xeon, etc...) + * + * The "_X" parts are generally the EP and EX Xeons, or the + * "Extreme" ones, like Broadwell-E. + * + * Things ending in "2" are usually because we have no better + * name for them. There's no processor called "WESTMERE2". + */ + +#define INTEL_FAM6_CORE_YONAH 0x0E +#define INTEL_FAM6_CORE2_MEROM 0x0F +#define INTEL_FAM6_CORE2_MEROM_L 0x16 +#define INTEL_FAM6_CORE2_PENRYN 0x17 +#define INTEL_FAM6_CORE2_DUNNINGTON 0x1D + +#define INTEL_FAM6_NEHALEM 0x1E +#define INTEL_FAM6_NEHALEM_EP 0x1A +#define INTEL_FAM6_NEHALEM_EX 0x2E +#define INTEL_FAM6_WESTMERE 0x25 +#define INTEL_FAM6_WESTMERE2 0x1F +#define INTEL_FAM6_WESTMERE_EP 0x2C +#define INTEL_FAM6_WESTMERE_EX 0x2F + +#define INTEL_FAM6_SANDYBRIDGE 0x2A +#define INTEL_FAM6_SANDYBRIDGE_X 0x2D +#define INTEL_FAM6_IVYBRIDGE 0x3A +#define INTEL_FAM6_IVYBRIDGE_X 0x3E + +#define INTEL_FAM6_HASWELL_CORE 0x3C +#define INTEL_FAM6_HASWELL_X 0x3F +#define INTEL_FAM6_HASWELL_ULT 0x45 +#define INTEL_FAM6_HASWELL_GT3E 0x46 + +#define INTEL_FAM6_BROADWELL_CORE 0x3D +#define INTEL_FAM6_BROADWELL_XEON_D 0x56 +#define INTEL_FAM6_BROADWELL_GT3E 0x47 +#define INTEL_FAM6_BROADWELL_X 0x4F + +#define INTEL_FAM6_SKYLAKE_MOBILE 0x4E +#define INTEL_FAM6_SKYLAKE_DESKTOP 0x5E +#define INTEL_FAM6_SKYLAKE_X 0x55 +#define INTEL_FAM6_KABYLAKE_MOBILE 0x8E +#define INTEL_FAM6_KABYLAKE_DESKTOP 0x9E + +/* "Small Core" Processors (Atom) */ + +#define INTEL_FAM6_ATOM_PINEVIEW 0x1C +#define INTEL_FAM6_ATOM_LINCROFT 0x26 +#define INTEL_FAM6_ATOM_PENWELL 0x27 +#define INTEL_FAM6_ATOM_CLOVERVIEW 0x35 +#define INTEL_FAM6_ATOM_CEDARVIEW 0x36 +#define INTEL_FAM6_ATOM_SILVERMONT1 0x37 /* BayTrail/BYT / Valleyview */ +#define INTEL_FAM6_ATOM_SILVERMONT2 0x4D /* Avaton/Rangely */ +#define INTEL_FAM6_ATOM_AIRMONT 0x4C /* CherryTrail / Braswell */ +#define INTEL_FAM6_ATOM_MERRIFIELD1 0x4A /* Tangier */ +#define INTEL_FAM6_ATOM_MERRIFIELD2 0x5A /* Annidale */ +#define INTEL_FAM6_ATOM_GOLDMONT 0x5C +#define INTEL_FAM6_ATOM_DENVERTON 0x5F /* Goldmont Microserver */ + +/* Xeon Phi */ + +#define INTEL_FAM6_XEON_PHI_KNL 0x57 /* Knights Landing */ + +#endif /* _ASM_X86_INTEL_FAMILY_H */ Patches currently in stable-queue which might be from dave(a)sr71.net are queue-4.4/x86-cpu-intel-introduce-macros-for-intel-family-numbers.patch

7 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror