- Linux-stable-mirror - lists.linaro.org

by Greg KH

I'm announcing the release of the 4.9.106 kernel. Not everyone who uses 4.9 needs to upgrade here, it's a big sync of the objtool codebase to make future maintenance of 4.9.y easier over time, that's all. But of course, updating and verifying that nothing broke is always appreciated :) The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/crypto/Makefile | 2 arch/x86/crypto/sha1-mb/Makefile | 2 arch/x86/crypto/sha256-mb/Makefile | 2 arch/x86/include/asm/orc_types.h | 107 + arch/x86/include/asm/unwind_hints.h | 103 arch/x86/kernel/Makefile | 1 arch/x86/kernel/acpi/Makefile | 2 arch/x86/kernel/kprobes/opt.c | 9 arch/x86/kernel/reboot.c | 2 arch/x86/kernel/vmlinux.lds.S | 1 arch/x86/kvm/svm.c | 2 arch/x86/kvm/vmx.c | 3 arch/x86/lib/msr-reg.S | 8 arch/x86/net/Makefile | 2 arch/x86/platform/efi/Makefile | 1 arch/x86/power/Makefile | 2 arch/x86/xen/Makefile | 3 arch/x86/xen/enlighten.c | 5 include/linux/compiler-gcc.h | 14 kernel/kexec_core.c | 4 tools/arch/arm/include/uapi/asm/kvm.h | 13 tools/arch/arm64/include/uapi/asm/kvm.h | 6 tools/arch/powerpc/include/uapi/asm/kvm.h | 1 tools/arch/s390/include/uapi/asm/kvm.h | 5 tools/arch/x86/include/asm/cpufeatures.h | 44 tools/arch/x86/include/asm/disabled-features.h | 7 tools/arch/x86/include/asm/required-features.h | 3 tools/include/asm-generic/bitops.h | 1 tools/include/asm-generic/bitops/__ffz.h | 12 tools/include/asm-generic/bitops/find.h | 28 tools/include/linux/atomic.h | 6 tools/include/linux/bitmap.h | 26 tools/include/linux/bitops.h | 5 tools/include/linux/bug.h | 10 tools/include/linux/compiler-gcc.h | 21 tools/include/linux/compiler.h | 23 tools/include/linux/hashtable.h | 4 tools/include/linux/kernel.h | 7 tools/include/linux/log2.h | 3 tools/include/linux/refcount.h | 151 + tools/include/linux/spinlock.h | 5 tools/include/linux/types.h | 5 tools/include/uapi/asm-generic/mman-common.h | 5 tools/include/uapi/linux/bpf.h | 51 tools/include/uapi/linux/fcntl.h | 67 tools/include/uapi/linux/stat.h | 45 tools/lib/find_bit.c | 25 tools/objtool/Build | 4 tools/objtool/Documentation/stack-validation.txt | 195 - tools/objtool/Makefile | 35 tools/objtool/arch.h | 66 tools/objtool/arch/x86/Build | 10 tools/objtool/arch/x86/decode.c | 407 +++ tools/objtool/arch/x86/include/asm/inat.h | 234 ++ tools/objtool/arch/x86/include/asm/inat_types.h | 29 tools/objtool/arch/x86/include/asm/insn.h | 211 ++ tools/objtool/arch/x86/include/asm/orc_types.h | 107 + tools/objtool/arch/x86/insn/gen-insn-attr-x86.awk | 392 --- tools/objtool/arch/x86/insn/inat.c | 97 tools/objtool/arch/x86/insn/inat.h | 234 -- tools/objtool/arch/x86/insn/inat_types.h | 29 tools/objtool/arch/x86/insn/insn.c | 606 ----- tools/objtool/arch/x86/insn/insn.h | 211 -- tools/objtool/arch/x86/insn/x86-opcode-map.txt | 1063 ---------- tools/objtool/arch/x86/lib/inat.c | 97 tools/objtool/arch/x86/lib/insn.c | 606 +++++ tools/objtool/arch/x86/lib/x86-opcode-map.txt | 1063 ++++++++++ tools/objtool/arch/x86/tools/gen-insn-attr-x86.awk | 392 +++ tools/objtool/builtin-check.c | 1297 ------------ tools/objtool/builtin-orc.c | 68 tools/objtool/builtin.h | 6 tools/objtool/cfi.h | 55 tools/objtool/check.c | 2209 +++++++++++++++++++++ tools/objtool/check.h | 82 tools/objtool/elf.c | 326 ++- tools/objtool/elf.h | 23 tools/objtool/objtool.c | 12 tools/objtool/orc.h | 30 tools/objtool/orc_dump.c | 213 ++ tools/objtool/orc_gen.c | 221 ++ tools/objtool/special.c | 6 tools/objtool/sync-check.sh | 29 tools/objtool/warn.h | 10 tools/perf/MANIFEST | 6 tools/perf/Makefile.perf | 144 - tools/perf/arch/x86/entry/syscalls/syscall_64.tbl | 7 tools/perf/check-headers.sh | 61 tools/perf/util/util.h | 2 89 files changed, 7431 insertions(+), 4320 deletions(-) Arnaldo Carvalho de Melo (11): tools include: Introduce linux/compiler-gcc.h tools include: Adopt __compiletime_error tools include: Introduce atomic_cmpxchg_{relaxed,release}() tools include: Add UINT_MAX def to kernel.h tools include: Adopt kernel's refcount.h tools include uapi: Grab copies of stat.h and fcntl.h tools include: Introduce linux/bug.h, from the kernel sources tools include: Adopt __same_type() and __must_be_array() from the kernel tools include: Move ARRAY_SIZE() to linux/kernel.h tools include: Drop ARRAY_SIZE() definition from linux/hashtable.h tools include: Include missing headers for fls() and types in linux/log2.h Greg Kroah-Hartman (5): objtool: sync up with the 4.14.47 version of objtool perf/tools: header file sync up objtool: header file sync-up x86/xen: Add unwind hint annotations to xen_setup_gdt Linux 4.9.106 Jiri Olsa (3): tools lib: Add for_each_clear_bit macro perf tools: Force fixdep compilation at the start of the build perf tools: Move headers check into bash script Josh Poimboeuf (9): objtool: Improve detection of BUG() and other dead ends objtool: Move checking code to check.c objtool: Support GCC 8's cold subfunctions objtool: Support GCC 8 switch tables objtool: Detect RIP-relative switch table references objtool: Detect RIP-relative switch table references, part 2 objtool: Fix "noreturn" detection for recursive sibling calls objtool, x86: Add several functions and files to the objtool whitelist objtool: Enclose contents of unreachable() macro in a block Matthew Wilcox (2): tools: add more bitmap functions radix tree test suite: Remove types.h Michael S. Tsirkin (1): tools: enable endian checks for all sparse builds

7 years, 6 months

1
1
0 0

[PATCH 4.16 00/47] 4.16.14-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.16.14 release. There are 47 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Jun 6 06:55:34 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.14-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.16.14-rc1 Hugh Dickins <hughd(a)google.com> mm: fix the NULL mapping case in __isolate_lru_page() Al Viro <viro(a)zeniv.linux.org.uk> fix io_destroy()/aio_complete() race Ondrej Zary <linux(a)rainbow-software.org> drm/i915: Disable LVDS on Radiant P845 Chris Wilson <chris(a)chris-wilson.co.uk> drm/i915/lvds: Move acpi lid notification registration to registration phase Dhinakaran Pandiyan <dhinakaran.pandiyan(a)intel.com> drm/psr: Fix missed entry in PSR setup time table. Alexander Shishkin <alexander.shishkin(a)linux.intel.com> intel_th: Use correct device when freeing buffers Stanislaw Gruszka <sgruszka(a)redhat.com> Revert "rt2800: use TXOP_BACKOFF for probe frames" Hugh Dickins <hughd(a)google.com> mm/huge_memory.c: __split_huge_page() use atomic ClearPageDirty() Parav Pandit <parav(a)mellanox.com> IB/core: Fix error code for invalid GID entry Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> hwtracing: stm: fix build error on some arches Alexander Shishkin <alexander.shishkin(a)linux.intel.com> stm class: Use vmalloc for the master map Bart Van Assche <bart.vanassche(a)wdc.com> scsi: scsi_transport_srp: Fix shost to rport translation Maciej W. Rozycki <macro(a)mips.com> MIPS: prctl: Disallow FRE without FR with PR_SET_FP_MODE requests Maciej W. Rozycki <macro(a)mips.com> MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs Mathias Kresin <dev(a)kresin.me> MIPS: lantiq: gphy: Drop reboot/remove reset asserts Eugen Hristev <eugen.hristev(a)microchip.com> iio: adc: select buffer for at91-sama5d2_adc Eugen Hristev <eugen.hristev(a)microchip.com> iio: adc: at91-sama5d2_adc: fix channel configuration for differential channels Fabrice Gasnier <fabrice.gasnier(a)st.com> iio: adc: stm32-dfsdm: fix sample rate for div2 spi clock Fabrice Gasnier <fabrice.gasnier(a)st.com> iio: adc: stm32-dfsdm: fix successive oversampling settings Martin Kelly <mkelly(a)xevo.com> iio:kfifo_buf: check for uint overflow Martin Kelly <mkelly(a)xevo.com> iio:buffer: make length types match kfifo types Hans de Goede <hdegoede(a)redhat.com> iio: hid-sensor-trigger: Fix sometimes not powering up the sensor after resume Michael Nosthoff <committed(a)heine.so> iio: ad7793: implement IIO_CHAN_INFO_SAMP_FREQ Matthias Kaehlcke <mka(a)chromium.org> rtlwifi: rtl8192cu: Remove variable self-assignment in rf.c Matthias Kaehlcke <mka(a)chromium.org> drm/amd/powerplay: Fix enum mismatch Eric Biggers <ebiggers(a)google.com> cfg80211: further limit wiphy names to 64 bytes Sachin Grover <sgrover(a)codeaurora.org> selinux: KASAN: slab-out-of-bounds in xattr_getsecurity Max Gurtovoy <maxg(a)mellanox.com> nvme: fix extended data LBA supported setting Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Make the snapshot trigger work with instances Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix crash when freeing instances with event triggers Benjamin Tissoires <benjamin.tissoires(a)redhat.com> Input: elan_i2c_smbus - fix corrupted stack Benjamin Tissoires <benjamin.tissoires(a)redhat.com> Input: synaptics - add Lenovo 80 series ids to SMBus Aaron Ma <aaron.ma(a)canonical.com> Input: synaptics - add Intertouch support on X1 Carbon 6th and X280 Edvard Holst <edvard.holst(a)gmail.com> Input: synaptics - Lenovo Thinkpad X1 Carbon G5 (2017) with Elantech trackpoints should use RMI Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: synaptics - Lenovo Carbon X1 Gen5 (2017) devices should use RMI Brian Foster <bfoster(a)redhat.com> xfs: detect agfl count corruption and reset agfl Dave Chinner <dchinner(a)redhat.com> xfs: convert XFS_AGFL_SIZE to a helper function Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "pinctrl: msm: Use dynamic GPIO numbering" Thomas Hellstrom <thellstrom(a)vmware.com> drm/vmwgfx: Fix host logging / guestinfo reading error paths Himanshu Jha <himanshujha199640(a)gmail.com> drm/vmwgfx: Use kasprintf Borislav Petkov <bp(a)suse.de> x86/MCE/AMD: Cache SMCA MISC block addresses Yazen Ghannam <yazen.ghannam(a)amd.com> x86/mce/AMD: Carve out SMCA get_block_address() code Josh Poimboeuf <jpoimboe(a)redhat.com> objtool: Fix "noreturn" detection for recursive sibling calls Josh Poimboeuf <jpoimboe(a)redhat.com> objtool: Detect RIP-relative switch table references, part 2 Josh Poimboeuf <jpoimboe(a)redhat.com> objtool: Detect RIP-relative switch table references Josh Poimboeuf <jpoimboe(a)redhat.com> objtool: Support GCC 8 switch tables Josh Poimboeuf <jpoimboe(a)redhat.com> objtool: Support GCC 8's cold subfunctions ------------- Diffstat: Makefile | 4 +- arch/mips/kernel/process.c | 4 + arch/mips/kernel/ptrace.c | 2 +- arch/mips/kernel/ptrace32.c | 2 +- arch/x86/kernel/cpu/mcheck/mce_amd.c | 72 ++++----- .../drm/amd/powerplay/hwmgr/cz_clockpowergating.c | 8 +- .../amd/powerplay/hwmgr/smu7_clockpowergating.c | 2 +- drivers/gpu/drm/drm_dp_helper.c | 1 + drivers/gpu/drm/i915/intel_lvds.c | 51 +++++-- drivers/gpu/drm/vmwgfx/vmwgfx_msg.c | 59 ++++---- drivers/hwtracing/intel_th/msu.c | 6 +- drivers/hwtracing/stm/core.c | 7 +- drivers/iio/adc/Kconfig | 1 + drivers/iio/adc/ad7793.c | 75 +++------ drivers/iio/adc/at91-sama5d2_adc.c | 41 ++++- drivers/iio/adc/stm32-dfsdm-adc.c | 17 ++- drivers/iio/buffer/industrialio-buffer-dma.c | 2 +- drivers/iio/buffer/kfifo_buf.c | 11 +- .../iio/common/hid-sensors/hid-sensor-trigger.c | 8 +- drivers/infiniband/core/cache.c | 2 +- drivers/input/mouse/elan_i2c_smbus.c | 22 +-- drivers/input/mouse/synaptics.c | 6 + drivers/net/wireless/ralink/rt2x00/rt2x00queue.c | 7 +- .../net/wireless/realtek/rtlwifi/rtl8192cu/rf.c | 3 - drivers/nvme/host/core.c | 2 +- drivers/pinctrl/qcom/pinctrl-msm.c | 2 +- drivers/scsi/scsi_transport_srp.c | 22 ++- drivers/soc/lantiq/gphy.c | 36 ----- fs/aio.c | 3 +- fs/xfs/libxfs/xfs_alloc.c | 125 ++++++++++++++- fs/xfs/libxfs/xfs_alloc.h | 2 + fs/xfs/libxfs/xfs_format.h | 13 +- fs/xfs/scrub/agheader.c | 6 +- fs/xfs/xfs_fsops.c | 2 +- fs/xfs/xfs_mount.h | 1 + fs/xfs/xfs_trace.h | 9 +- include/linux/iio/buffer_impl.h | 6 +- include/uapi/linux/nl80211.h | 2 +- kernel/trace/trace.c | 12 +- kernel/trace/trace.h | 11 ++ kernel/trace/trace_events_trigger.c | 15 +- mm/huge_memory.c | 2 +- mm/vmscan.c | 2 +- security/selinux/ss/services.c | 2 +- tools/objtool/check.c | 167 ++++++++++++--------- tools/objtool/elf.c | 42 +++++- tools/objtool/elf.h | 2 + 47 files changed, 572 insertions(+), 327 deletions(-)

7 years, 6 months

4
50
0 0

Re: [PATCH 4.14 00/52] 4.14.48-stable review

by Greg Kroah-Hartman

On Mon, Jun 04, 2018 at 04:11:03PM -0700, Kevin Hilman wrote: > kernelci.org bot <bot(a)kernelci.org> writes: > > > Full Boot Summary: https://kernelci.org/boot/all/job/stable-rc/branch/linux-4.14.y/kernel/v4.1… > > Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-4.14.y/kernel/v4.14.47-53… > > > > Tree: stable-rc > > Branch: linux-4.14.y > > Git Describe: v4.14.47-53-g721adf61fde2 > > Git Commit: 721adf61fde28b9a87a95e45ecf3f5a325e7c76f > > Git URL: http://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git > > Tested: 56 unique boards, 23 SoC families, 14 builds out of 185 > > > > Boot Regressions Detected: > > > > arm64: > > > > defconfig: > > meson-gxl-s905x-khadas-vim: > > lab-baylibre: failing since 39 days (last pass: v4.14.26-140-g2a1700a4929f - first fail: v4.14.36-184-g3cd53e436ee2) > > > > Conflicting Boot Failure Detected: (These likely are not failures as other labs are reporting PASS. Needs review.) > > TL;DR; All is well. > > The failing board is having a power supply issue and has been taken > offline for repair. Since the same board is passing fine in another > lab, it can be ignored. Thanks for the updates on this, and the 4.9 board breakage. greg k-h

7 years, 6 months

1
0
0 0

Re: [patch 7/8] genirq/affinity: Defer affinity setting if irq chip is busy

by Song Liu

On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: > The case that interrupt affinity setting fails with -EBUSY can be handled > in the kernel completely by using the already available generic pending > infrastructure. > > If a irq_chip::set_affinity() fails with -EBUSY, handle it like the > interrupts for which irq_chip::set_affinity() can only be invoked from > interrupt context. Copy the new affinity mask to irq_desc::pending_mask and > set the affinity pending bit. The next raised interrupt for the affected > irq will check the pending bit and try to set the new affinity from the > handler. This avoids that -EBUSY is returned when an affinity change is > requested from user space and the previous change has not been cleaned > up. The new affinity will take effect when the next interrupt is raised > from the device. > > Fixes: dccfe3147b42 ("x86/vector: Simplify vector move cleanup") > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > Cc: stable(a)vger.kernel.org Tested-by: Song Liu <songliubraving(a)fb.com> > --- > kernel/irq/manage.c | 37 +++++++++++++++++++++++++++++++++++-- > 1 file changed, 35 insertions(+), 2 deletions(-) > > --- a/kernel/irq/manage.c > +++ b/kernel/irq/manage.c > @@ -204,6 +204,39 @@ int irq_do_set_affinity(struct irq_data > return ret; > } > > +#ifdef CONFIG_GENERIC_PENDING_IRQ > +static inline int irq_set_affinity_pending(struct irq_data *data, > + const struct cpumask *dest) > +{ > + struct irq_desc *desc = irq_data_to_desc(data); > + > + irqd_set_move_pending(data); > + irq_copy_pending(desc, dest); > + return 0; > +} > +#else > +static inline int irq_set_affinity_pending(struct irq_data *data, > + const struct cpumask *dest) > +{ > + return -EBUSY; > +} > +#endif > + > +static int irq_try_set_affinity(struct irq_data *data, > + const struct cpumask *dest, bool force) > +{ > + int ret = irq_do_set_affinity(data, dest, force); > + > + /* > + * In case that the underlying vector management is busy and the > + * architecture supports the generic pending mechanism then utilize > + * this to avoid returning an error to user space. > + */ > + if (ret == -EBUSY && !force) > + ret = irq_set_affinity_pending(data, dest); > + return ret; > +} > + > int irq_set_affinity_locked(struct irq_data *data, const struct cpumask *mask, > bool force) > { > @@ -214,8 +247,8 @@ int irq_set_affinity_locked(struct irq_d > if (!chip || !chip->irq_set_affinity) > return -EINVAL; > > - if (irq_can_move_pcntxt(data)) { > - ret = irq_do_set_affinity(data, mask, force); > + if (irq_can_move_pcntxt(data) && !irqd_is_setaffinity_pending(data)) { > + ret = irq_try_set_affinity(data, mask, force); > } else { > irqd_set_move_pending(data); > irq_copy_pending(desc, mask); > >

7 years, 6 months

1
0
0 0

Re: [patch 6/8] x86/platform/uv: Use apic_ack_irq()

by Song Liu

Tested-by: Song Liu <songliubraving(a)fb.com> On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: >

7 years, 6 months

1
0
0 0

Re: [patch 5/8] x86/ioapic: Use apic_ack_irq()

by Song Liu

Tested-by: Song Liu <songliubraving(a)fb.com> On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: >

7 years, 6 months

1
0
0 0

Re: [patch 4/8] irq_remapping: Use apic_ack_irq()

by Song Liu

Tested-by: Song Liu <songliubraving(a)fb.com> On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: >

7 years, 6 months

1
0
0 0

Re: [patch 3/8] x86/apic: Provide apic_ack_irq()

by Song Liu

On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: > apic_ack_edge() is explicitely for handling interrupt affinity cleanup when > interrupt remapping is not available or disable. > > Remapped interrupts and also some of the platform specific special > interrupts, e.g. UV, invoke ack_APIC_irq() directly. > > To address the issue of failing an affinity update with -EBUSY the delayed > affinity mechanism can be reused, but ack_APIC_irq() does not handle > that. Adding this to ack_APIC_irq() is not possible, because that function > is also used for exceptions and directly handled interrupts like IPIs. > > Create a new function, which just contains the conditional invocation of > irq_move_irq() and the final ack_APIC_irq(). Making the invocation of > irq_move_irq() conditional avoids the out of line call if the pending bit > is not set. > > Reuse the new function in apic_ack_edge(). > > Preparatory change for the real fix > > Fixes: dccfe3147b42 ("x86/vector: Simplify vector move cleanup") > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > Cc: stable(a)vger.kernel.org Tested-by: Song Liu <songliubraving(a)fb.com> > --- > arch/x86/include/asm/apic.h | 2 ++ > arch/x86/kernel/apic/vector.c | 10 ++++++++-- > 2 files changed, 10 insertions(+), 2 deletions(-) > > --- a/arch/x86/include/asm/apic.h > +++ b/arch/x86/include/asm/apic.h > @@ -436,6 +436,8 @@ static inline void apic_set_eoi_write(vo > > #endif /* CONFIG_X86_LOCAL_APIC */ > > +extern void apic_ack_irq(struct irq_data *data); > + > static inline void ack_APIC_irq(void) > { > /* > --- a/arch/x86/kernel/apic/vector.c > +++ b/arch/x86/kernel/apic/vector.c > @@ -809,11 +809,17 @@ static int apic_retrigger_irq(struct irq > return 1; > } > > +void apic_ack_irq(struct irq_data *irqd) > +{ > + if (unlikely(irqd_is_setaffinity_pending(irqd))) > + irq_move_irq(irqd); > + ack_APIC_irq(); > +} > + > void apic_ack_edge(struct irq_data *irqd) > { > irq_complete_move(irqd_cfg(irqd)); > - irq_move_irq(irqd); > - ack_APIC_irq(); > + apic_ack_irq(irqd); > } > > static struct irq_chip lapic_controller = { > >

7 years, 6 months

1
0
0 0

Re: [patch 2/8] genirq/generic_pending: Do not lose pending affinity update

by Song Liu

On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: > The generic pending interrupt mechanism moves interrupts from the interrupt > handler on the original target CPU to the new destination CPU. This is > required for x86 and ia64 due to the way the interrupt delivery and > acknowledge works if the interrupts are not remapped. > > However that update can fail for various reasons. Some of them are valid > reasons to discard the pending update, but the case, when the previous move > has not been fully cleaned up is not a legit reason to fail. > > Check the return value of irq_do_set_affinity() for -EBUSY, which indicates > a pending cleanup, and rearm the pending move in the irq dexcriptor so it's > tried again when the next interrupt arrives. > > Fixes: 996c591227d9 ("x86/irq: Plug vector cleanup race") > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > Cc: stable(a)vger.kernel.org Tested-by: Song Liu <songliubraving(a)fb.com> > --- > kernel/irq/migration.c | 24 ++++++++++++++++++------ > 1 file changed, 18 insertions(+), 6 deletions(-) > > --- a/kernel/irq/migration.c > +++ b/kernel/irq/migration.c > @@ -38,17 +38,18 @@ bool irq_fixup_move_pending(struct irq_d > void irq_move_masked_irq(struct irq_data *idata) > { > struct irq_desc *desc = irq_data_to_desc(idata); > - struct irq_chip *chip = desc->irq_data.chip; > + struct irq_data *data = &desc->irq_data; > + struct irq_chip *chip = data->chip; > > - if (likely(!irqd_is_setaffinity_pending(&desc->irq_data))) > + if (likely(!irqd_is_setaffinity_pending(data))) > return; > > - irqd_clr_move_pending(&desc->irq_data); > + irqd_clr_move_pending(data); > > /* > * Paranoia: cpu-local interrupts shouldn't be calling in here anyway. > */ > - if (irqd_is_per_cpu(&desc->irq_data)) { > + if (irqd_is_per_cpu(data)) { > WARN_ON(1); > return; > } > @@ -73,9 +74,20 @@ void irq_move_masked_irq(struct irq_data > * For correct operation this depends on the caller > * masking the irqs. > */ > - if (cpumask_any_and(desc->pending_mask, cpu_online_mask) < nr_cpu_ids) > - irq_do_set_affinity(&desc->irq_data, desc->pending_mask, false); > + if (cpumask_any_and(desc->pending_mask, cpu_online_mask) < nr_cpu_ids) { > + int ret; > > + ret = irq_do_set_affinity(data, desc->pending_mask, false); > + /* > + * If the there is a cleanup pending in the underlying > + * vector management, reschedule the move for the next > + * interrupt. Leave desc->pending_mask intact. > + */ > + if (ret == -EBUSY) { > + irqd_set_move_pending(data); > + return; > + } > + } > cpumask_clear(desc->pending_mask); > } > > >

7 years, 6 months

1
0
0 0

Re: [patch 1/8] x86/apic/vector: Prevent hlist corruption and leaks

by Song Liu

On Mon, Jun 4, 2018 at 8:33 AM, Thomas Gleixner <tglx(a)linutronix.de> wrote: > Several people observed the WARN_ON() in irq_matrix_free() which triggers > when the caller tries to free an vector which is not in the allocation > range. Song provided the trace information which allowed to decode the root > cause. > > The rework of the vector allocation mechanism failed to preserve a sanity > check, which prevents setting a new target vector/CPU when the previous > affinity change has not fully completed. > > As a result a half finished affinity change can be overwritten, which can > cause the leak of a irq descriptor pointer on the previous target CPU and > double enqueue of the hlist head into the cleanup lists of two or more > CPUs. After one CPU cleaned up its vector the next CPU will invoke the > cleanup handler with vector 0, which triggers the out of range warning in > the matrix allocator. > > Prevent this by checking the apic_data of the interrupt whether the > move_in_progress flag is false and the hlist node is not hashed. Return > -EBUSY if not. > > This prevents the damage and restores the behaviour before the vector > allocation rework, but due to other changes in that area it also widens the > chance that user space can observe -EBUSY. In theory this should be fine, > but actually not all user space tools handle -EBUSY correctly. Addressing > that is not part of this fix, but will be addressed in follow up patches. > > Fixes: 69cde0004a4b ("x86/vector: Use matrix allocator for vector assignment") > Reported-by: Dmitry Safonov <0x7f454c46(a)gmail.com> > Reported-by: Tariq Toukan <tariqt(a)mellanox.com> > Reported-by: Song Liu <liu.song.a23(a)gmail.com> > Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> > Cc: stable(a)vger.kernel.org Thanks Thomas! This patch alone fixes my test: ethtool -L in a loop. I also run the same test for the full set, and it works well. Tested-by: Song Liu <songliubraving(a)fb.com> > --- > arch/x86/kernel/apic/vector.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > --- a/arch/x86/kernel/apic/vector.c > +++ b/arch/x86/kernel/apic/vector.c > @@ -235,6 +235,15 @@ static int allocate_vector(struct irq_da > if (vector && cpu_online(cpu) && cpumask_test_cpu(cpu, dest)) > return 0; > > + /* > + * Careful here. @apicd might either have move_in_progress set or > + * be enqueued for cleanup. Assigning a new vector would either > + * leave a stale vector on some CPU around or in case of a pending > + * cleanup corrupt the hlist. > + */ > + if (apicd->move_in_progress || !hlist_unhashed(&apicd->clist)) > + return -EBUSY; > + > vector = irq_matrix_alloc(vector_matrix, dest, resvd, &cpu); > if (vector > 0) > apic_update_vector(irqd, vector, cpu); > >

7 years, 6 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror