mirror of https://gitee.com/openkylin/linux.git
811849 Commits
| Author | SHA1 | Message | Date |
|---|---|---|---|
Linus Torvalds
|
cd984a5be2 |
xtensa fixes for v5.0-rc5
- fix ccount_timer_shutdown for secondary CPUs; - fix secondary CPU initialization; - fix secondary CPU reset vector clash with double exception vector; - fix present CPUs when booting with 'maxcpus' parameter; - limit possible CPUs by configured NR_CPUS; - issue a warning if xtensa PIC is asked to retrigger anything other than software IRQ; - fix masking/unmasking of the first two IRQs on xtensa MX PIC; - fix typo in Kconfig description for user space unaligned access feature; - fix Kconfig warning for selecting BUILTIN_DTB. -----BEGIN PGP SIGNATURE----- iQJHBAABCAAxFiEEK2eFS5jlMn3N6xfYUfnMkfg/oEQFAlxUn8MTHGpjbXZia2Jj QGdtYWlsLmNvbQAKCRBR+cyR+D+gRAX6D/4oOJd7TghbVdSC82rIQXRBxmlWB1YV tPtb/W3qrkkM8c693FbAoLFNoikYFftzn4EomTz1KtkBxq7HjZmmphiTU5E23Zg5 nonnBkcFnm4Yfr4gLaTJl3rMqJNbDTMg6EyCPRHVI43Ux1jA9j/T2MN/dMZox+5a PU2q8k/HHDAlumOPj93MIKBb8XA9Sq9Jfpw2Jnlc0r8b4fR/9pKfVPOcsqs/jv3x BFIIH/vPvl2/j+DShpFcYnK8VgRo6zj2ny343J4zYqXspky43ZMMIaE/ZpkT592b uheDQYHAHvpZT+FD8waE5P5quBS5P+CmZIbuz7YTxB1VTcoV+OGGCpAvpj5CqmNr Mj2f3Yar+4q/QczHP+/42zGVDoJ/3dLBIu9IqSjWkY90qgncd9TD+dMWzI2ejJU7 LPMIAw//Y/L4m3TAg84GFfGkOjzGQUXGQGl+9sqIr3eOWgoouXatq6L4F2CxCnz2 zMKT0HFzdxs1gt13oRngugyfK1xRF0H5DW2eNt4dsFURIeIUP5cqou0v+b+CA3Li sbvI6yJ0g9tRf1f0yDnSRlvm0nB56zsXKGz5uuD6MiMOleUM3N41+IqCPHwuH0F1 wNyYSWZEkt1t88rQxnter1+sDpi4brW0BZMVUSHsf+USqcwMrwu9ZmFKj08nihMP dCEHHlVGizOEsQ== =Pim9 -----END PGP SIGNATURE----- Merge tag 'xtensa-20190201' of git://github.com/jcmvbkbc/linux-xtensa Pull xtensa fixes from Max Filippov: - fix ccount_timer_shutdown for secondary CPUs - fix secondary CPU initialization - fix secondary CPU reset vector clash with double exception vector - fix present CPUs when booting with 'maxcpus' parameter - limit possible CPUs by configured NR_CPUS - issue a warning if xtensa PIC is asked to retrigger anything other than software IRQ - fix masking/unmasking of the first two IRQs on xtensa MX PIC - fix typo in Kconfig description for user space unaligned access feature - fix Kconfig warning for selecting BUILTIN_DTB * tag 'xtensa-20190201' of git://github.com/jcmvbkbc/linux-xtensa: xtensa: SMP: limit number of possible CPUs by NR_CPUS xtensa: rename BUILTIN_DTB to BUILTIN_DTB_SOURCE xtensa: Fix typo use space=>user space drivers/irqchip: xtensa-mx: fix mask and unmask drivers/irqchip: xtensa: add warning to irq_retrigger xtensa: SMP: mark each possible CPU as present xtensa: smp_lx200_defconfig: fix vectors clash xtensa: SMP: fix secondary CPU initialization xtensa: SMP: fix ccount_timer_shutdown |
|
|
Linus Torvalds
|
8b050fe42d |
arm64 fixes for -rc5
- Fix module loading when KASLR is configured but disabled at runtime - Fix accidental IPI when mapping user executable pages - Ensure hyp-stub and KVM world switch code cannot be kprobed -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEPxTL6PPUbjXGY88ct6xw3ITBYzQFAlxUWvEACgkQt6xw3ITB YzTNGwgAgAk1D4xfe01rasMK8dnogIMNbpxeeAuiwwFuXq/lBqo2UDX8UMt6qW9k b0rLpzyVelhPRJ3lQ90XvIv279cFBjHQT42YyVLlAnzkYz89kPKZweE7cWetO3sV kB7uJIaCfstGAp13p2ztN1KzHeIFKxk14gUa9jgmVdbHdJt+L5WdNUExs4+0jgnq lxBPWwvluzEc6mmpniIpF7em+svIci5M4al2gjxKVO7DI5slphOEZ4+VSGeSDxTI jOzTilS8UfldEnwjndl/hKes9r65afeLSDXvkJTTpfXB9jnKS54FJzy1QCibSRLT SHY9xkA3VEgJBifmpCEuJoNs2XaBFQ== =Eh1r -----END PGP SIGNATURE----- Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux Pull arm64 fixes from Will Deacon: "Although we're still debugging a few minor arm64-specific issues in mainline, I didn't want to hold this lot up in the meantime. We've got an additional KASLR fix after the previous one wasn't quite complete, a fix for a performance regression when mapping executable pages into userspace and some fixes for kprobe blacklisting. All candidates for stable. Summary: - Fix module loading when KASLR is configured but disabled at runtime - Fix accidental IPI when mapping user executable pages - Ensure hyp-stub and KVM world switch code cannot be kprobed" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: hibernate: Clean the __hyp_text to PoC after resume arm64: hyp-stub: Forbid kprobing of the hyp-stub arm64: kprobe: Always blacklist the KVM world-switch code arm64: kaslr: ensure randomized quantities are clean also when kaslr is off arm64: Do not issue IPIs for user executable ptes |
|
|
Linus Torvalds
|
33640d718c |
SMB3 fixes, some from this week's SMB3 test evemt, 5 for stable and a particularly important one for queryxattr (see xfstests 70 and 117)
-----BEGIN PGP SIGNATURE----- iQGyBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAlxUf8kACgkQiiy9cAdy T1Fy8Qv4rlgVRBPcSJpvZKhFjMd5KskVIDnP0tOc5od+Mg+547eAg7UKKnJVDgKS OUtiP8uC/UErWvQ214hoXF1sMwoG+rDdTRdIOVDLD2a2gIIJzaIPADhYt4w5kiAX nO9NwPwk03KTzNUQmpdFPofbLK4csmJUR4kBNE+XhZTulmw9BkplGXnNkQGjsEdf nY6YdfqofE//DmR/KB1BylD0lxDtnfuB5zoELPmM6X4iWtD9W6pKVg23huEv+Dmh 80LdYt77vI4RKEzOAmsYEpROdAmlCksVQC1nlh5EHOuMN/9TCdpdWRahJWWhbbKr /b8TuD+0QUUKEQdGvwM8DM/OCjnwoJphzI8CK1VzRpM4XkZxpQTzng2zVFPNzs4Y wwKCsxxTO7ePGg6hE/DTnRn9XJtKbR1nQsIjHcw6rE0ydl+P6YRZDUEehqyRU+jd Z09XCPS1+zeUPE6PRE9wlrIt7QdxOynufhaWRKf18b2b4cfKbNGcd+rMMZPagUQe x2CMkEU= =qX/z -----END PGP SIGNATURE----- Merge tag '5.0-rc4-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6 Pull smb3 fixes from Steve French: "SMB3 fixes, some from this week's SMB3 test evemt, 5 for stable and a particularly important one for queryxattr (see xfstests 70 and 117)" * tag '5.0-rc4-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6: cifs: update internal module version number CIFS: fix use-after-free of the lease keys CIFS: Do not consider -ENODATA as stat failure for reads CIFS: Do not count -ENODATA as failure for query directory CIFS: Fix trace command logging for SMB2 reads and writes CIFS: Fix possible oops and memory leaks in async IO cifs: limit amount of data we request for xattrs to CIFSMaxBufSize cifs: fix computation for MAX_SMB2_HDR_SIZE |
|
|
Linus Torvalds
|
b7bd29b530 |
Bug Fixes
- Fix aa_label_build() error handling for failed merges - Fix warning about unused function apparmor_ipv6_postroute -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE7cSDD705q2rFEEf7BS82cBjVw9gFAlxUbasACgkQBS82cBjV w9hEyA//XLzkJ6mdreIWLSO0KO8dwCwpWyJ5EFIx3R+2Nrz3BVN2/Ysg+GZ2oEdD iF8OEVW/RBjapHbtZeruu8tqfU9i3WYyc/cIpsdZTZ2yIfRikyV/bT21/XggAe4g cGhcNVvTpVxwDFHT1YdQFHeDrcJ4nHeGVcErQ0oDV3KJRIUII8uKUmJzxiFqFQjq iPZHcaU3b65RrPIaxfEIk6anBW9UwInnXBdOQqjxLCg1efLBfmpT3HpUbfQrTmIq zh2xSgTFVS8jRbg8N7HIQDR8GZTew1x6yWx6v84fE+8NfqXEuOwo3+EPGcJWfB4i 9W+nLlmyrJ5wyFJ4dpWzj7ZMAwuZYKSOSgXIVh2ew9bI13KUthymQ+pWJ6S91Rxf Z3zPzjHG3RuyeHuZqiNknM6iXgmfR+PaVk2aq22No40BsXiNjTO8l0kSH36HQKCh vpOC1VVXq7B0+Xe6FVQd5R1KydXwO2DrYkO4ygyrYqWXD0F6bFhQyZJlbf2las7B DtGjC6+nhh9eQPaYDQ5IIJEhFmNSqE+q+yRqNgcN1vj+gPEayw2KqG67Nt50UjmW 6Lz3tTZJIw8NRSgUYqRzsJfocCADRamHgysWD+etd3mPnQbFXU5Nx6qwztcpzISP fHZY75etD+fkg7pR4FvzqO7EpACtZnk/Yx2BTEjUOnTuUY9hjc0= =dMPT -----END PGP SIGNATURE----- Merge tag 'apparmor-pr-2019-02-01' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor Pull apparmor bug fixes from John Johansen: "Two bug fixes for apparmor: - Fix aa_label_build() error handling for failed merges - Fix warning about unused function apparmor_ipv6_postroute" * tag 'apparmor-pr-2019-02-01' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor: apparmor: Fix aa_label_build() error handling for failed merges apparmor: Fix warning about unused function apparmor_ipv6_postroute |
|
|
Ian Kent
|
f585b283e3 |
autofs: fix error return in autofs_fill_super()
In autofs_fill_super() on error of get inode/make root dentry the return should be ENOMEM as this is the only failure case of the called functions. Link: http://lkml.kernel.org/r/154725123240.11260.796773942606871359.stgit@pluto-themaw-net Signed-off-by: Ian Kent <raven@themaw.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Pan Bian
|
63ce5f552b |
autofs: drop dentry reference only when it is never used
autofs_expire_run() calls dput(dentry) to drop the reference count of dentry. However, dentry is read via autofs_dentry_ino(dentry) after that. This may result in a use-free-bug. The patch drops the reference count of dentry only when it is never used. Link: http://lkml.kernel.org/r/154725122396.11260.16053424107144453867.stgit@pluto-themaw-net Signed-off-by: Pan Bian <bianpan2016@163.com> Signed-off-by: Ian Kent <raven@themaw.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Jan Kara
|
c27d82f52f |
fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()
When superblock has lots of inodes without any pagecache (like is the case for /proc), drop_pagecache_sb() will iterate through all of them without dropping sb->s_inode_list_lock which can lead to softlockups (one of our customers hit this). Fix the problem by going to the slow path and doing cond_resched() in case the process needs rescheduling. Link: http://lkml.kernel.org/r/20190114085343.15011-1-jack@suse.cz Signed-off-by: Jan Kara <jack@suse.cz> Acked-by: Michal Hocko <mhocko@suse.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
David Hildenbrand
|
e0a352fabc |
mm: migrate: don't rely on __PageMovable() of newpage after unlocking it
We had a race in the old balloon compaction code before |
|
|
Johannes Weiner
|
7b2489d37e |
psi: clarify the Kconfig text for the default-disable option
The current help text caused some confusion in online forums about whether or not to default-enable or default-disable psi in vendor kernels. This is because it doesn't communicate the reason for why we made this setting configurable in the first place: that the overhead is non-zero in an artificial scheduler stress test. Since this isn't representative of real workloads, and the effect was not measurable in scheduler-heavy real world applications such as the webservers and memcache installations at Facebook, it's fair to point out that this is a pretty cautious option to select. Link: http://lkml.kernel.org/r/20190129233617.16767-1-hannes@cmpxchg.org Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Mel Gorman <mgorman@techsingularity.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Michal Hocko
|
e3df4c6e48 |
mm, memory_hotplug: __offline_pages fix wrong locking
Jan has noticed that we do double unlock on some failure paths when
offlining a page range. This is indeed the case when
test_pages_in_a_zone respp. start_isolate_page_range fail. This was an
omission when forward porting the debugging patch from an older kernel.
Fix the issue by dropping mem_hotplug_done from the failure condition
and keeping the single unlock in the catch all failure path.
Link: http://lkml.kernel.org/r/20190115120307.22768-1-mhocko@kernel.org
Fixes:
|
|
|
Naoya Horiguchi
|
6376360ecb |
mm: hwpoison: use do_send_sig_info() instead of force_sig()
Currently memory_failure() is racy against process's exiting, which
results in kernel crash by null pointer dereference.
The root cause is that memory_failure() uses force_sig() to forcibly
kill asynchronous (meaning not in the current context) processes. As
discussed in thread https://lkml.org/lkml/2010/6/8/236 years ago for OOM
fixes, this is not a right thing to do. OOM solves this issue by using
do_send_sig_info() as done in commit
|
|
|
Anders Roxell
|
0d0c8de878 |
kasan: mark file common so ftrace doesn't trace it
When option CONFIG_KASAN is enabled toghether with ftrace, function ftrace_graph_caller() gets in to a recursion, via functions kasan_check_read() and kasan_check_write(). Breakpoint 2, ftrace_graph_caller () at ../arch/arm64/kernel/entry-ftrace.S:179 179 mcount_get_pc x0 // function's pc (gdb) bt #0 ftrace_graph_caller () at ../arch/arm64/kernel/entry-ftrace.S:179 #1 0xffffff90101406c8 in ftrace_caller () at ../arch/arm64/kernel/entry-ftrace.S:151 #2 0xffffff90106fd084 in kasan_check_write (p=0xffffffc06c170878, size=4) at ../mm/kasan/common.c:105 #3 0xffffff90104a2464 in atomic_add_return (v=<optimized out>, i=<optimized out>) at ./include/generated/atomic-instrumented.h:71 #4 atomic_inc_return (v=<optimized out>) at ./include/generated/atomic-fallback.h:284 #5 trace_graph_entry (trace=0xffffffc03f5ff380) at ../kernel/trace/trace_functions_graph.c:441 #6 0xffffff9010481774 in trace_graph_entry_watchdog (trace=<optimized out>) at ../kernel/trace/trace_selftest.c:741 #7 0xffffff90104a185c in function_graph_enter (ret=<optimized out>, func=<optimized out>, frame_pointer=18446743799894897728, retp=<optimized out>) at ../kernel/trace/trace_functions_graph.c:196 #8 0xffffff9010140628 in prepare_ftrace_return (self_addr=18446743592948977792, parent=0xffffffc03f5ff418, frame_pointer=18446743799894897728) at ../arch/arm64/kernel/ftrace.c:231 #9 0xffffff90101406f4 in ftrace_graph_caller () at ../arch/arm64/kernel/entry-ftrace.S:182 Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb) Rework so that the kasan implementation isn't traced. Link: http://lkml.kernel.org/r/20181212183447.15890-1-anders.roxell@linaro.org Signed-off-by: Anders Roxell <anders.roxell@linaro.org> Acked-by: Dmitry Vyukov <dvyukov@google.com> Tested-by: Dmitry Vyukov <dvyukov@google.com> Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Jonathan Neuschäfer
|
9807683384 |
init/Kconfig: fix grammar by moving a closing parenthesis
Link: http://lkml.kernel.org/r/20190129150813.15785-1-j.neuschaefer@gmx.net Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Dan Carpenter
|
db7ddeab3c |
lib/test_kmod.c: potential double free in error handling
There is a copy and paste bug so we set "config->test_driver" to NULL
twice instead of setting "config->test_fs". Smatch complains that it
leads to a double free:
lib/test_kmod.c:840 __kmod_config_init() warn: 'config->test_fs' double freed
Link: http://lkml.kernel.org/r/20190121140011.GA14283@kadam
Fixes:
|
|
|
Shakeel Butt
|
cefc7ef3c8 |
mm, oom: fix use-after-free in oom_kill_process
Syzbot instance running on upstream kernel found a use-after-free bug in
oom_kill_process. On further inspection it seems like the process
selected to be oom-killed has exited even before reaching
read_lock(&tasklist_lock) in oom_kill_process(). More specifically the
tsk->usage is 1 which is due to get_task_struct() in oom_evaluate_task()
and the put_task_struct within for_each_thread() frees the tsk and
for_each_thread() tries to access the tsk. The easiest fix is to do
get/put across the for_each_thread() on the selected task.
Now the next question is should we continue with the oom-kill as the
previously selected task has exited? However before adding more
complexity and heuristics, let's answer why we even look at the children
of oom-kill selected task? The select_bad_process() has already selected
the worst process in the system/memcg. Due to race, the selected
process might not be the worst at the kill time but does that matter?
The userspace can use the oom_score_adj interface to prefer children to
be killed before the parent. I looked at the history but it seems like
this is there before git history.
Link: http://lkml.kernel.org/r/20190121215850.221745-1-shakeelb@google.com
Reported-by: syzbot+7fbbfa368521945f0e3d@syzkaller.appspotmail.com
Fixes:
|
|
|
Qian Cai
|
b13bc35193 |
mm/hotplug: invalid PFNs from pfn_to_online_page()
On an arm64 ThunderX2 server, the first kmemleak scan would crash [1] with CONFIG_DEBUG_VM_PGFLAGS=y due to page_to_nid() found a pfn that is not directly mapped (MEMBLOCK_NOMAP). Hence, the page->flags is uninitialized. This is due to the commit |
|
|
Oscar Salvador
|
eeb0efd071 |
mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages
This is the same sort of error we saw in commit
|
|
|
Johannes Weiner
|
1b69ac6b40 |
psi: fix aggregation idle shut-off
psi has provisions to shut off the periodic aggregation worker when
there is a period of no task activity - and thus no data that needs
aggregating. However, while developing psi monitoring, Suren noticed
that the aggregation clock currently won't stay shut off for good.
Debugging this revealed a flaw in the idle design: an aggregation run
will see no task activity and decide to go to sleep; shortly thereafter,
the kworker thread that executed the aggregation will go idle and cause
a scheduling change, during which the psi callback will kick the
!pending worker again. This will ping-pong forever, and is equivalent
to having no shut-off logic at all (but with more code!)
Fix this by exempting aggregation workers from psi's clock waking logic
when the state change is them going to sleep. To do this, tag workers
with the last work function they executed, and if in psi we see a worker
going to sleep after aggregating psi data, we will not reschedule the
aggregation work item.
What if the worker is also executing other items before or after?
Any psi state times that were incurred by work items preceding the
aggregation work will have been collected from the per-cpu buckets
during the aggregation itself. If there are work items following the
aggregation work, the worker's last_func tag will be overwritten and the
aggregator will be kept alive to process this genuine new activity.
If the aggregation work is the last thing the worker does, and we decide
to go idle, the brief period of non-idle time incurred between the
aggregation run and the kworker's dequeue will be stranded in the
per-cpu buckets until the clock is woken by later activity. But that
should not be a problem. The buckets can hold 4s worth of time, and
future activity will wake the clock with a 2s delay, giving us 2s worth
of data we can leave behind when disabling aggregation. If it takes a
worker more than two seconds to go idle after it finishes its last work
item, we likely have bigger problems in the system, and won't notice one
sample that was averaged with a bogus per-CPU weight.
Link: http://lkml.kernel.org/r/20190116193501.1910-1-hannes@cmpxchg.org
Fixes:
|
|
|
Mikhail Zaslonko
|
24feb47c5f |
mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone
If memory end is not aligned with the sparse memory section boundary, the mapping of such a section is only partly initialized. This may lead to VM_BUG_ON due to uninitialized struct pages access from test_pages_in_a_zone() function triggered by memory_hotplug sysfs handlers. Here are the the panic examples: CONFIG_DEBUG_VM_PGFLAGS=y kernel parameter mem=2050M -------------------------- page:000003d082008000 is uninitialized and poisoned page dumped because: VM_BUG_ON_PAGE(PagePoisoned(p)) Call Trace: test_pages_in_a_zone+0xde/0x160 show_valid_zones+0x5c/0x190 dev_attr_show+0x34/0x70 sysfs_kf_seq_show+0xc8/0x148 seq_read+0x204/0x480 __vfs_read+0x32/0x178 vfs_read+0x82/0x138 ksys_read+0x5a/0xb0 system_call+0xdc/0x2d8 Last Breaking-Event-Address: test_pages_in_a_zone+0xde/0x160 Kernel panic - not syncing: Fatal exception: panic_on_oops Fix this by checking whether the pfn to check is within the zone. [mhocko@suse.com: separated this change from http://lkml.kernel.org/r/20181105150401.97287-2-zaslonko@linux.ibm.com] Link: http://lkml.kernel.org/r/20190128144506.15603-3-mhocko@kernel.org [mhocko@suse.com: separated this change from http://lkml.kernel.org/r/20181105150401.97287-2-zaslonko@linux.ibm.com] Signed-off-by: Michal Hocko <mhocko@suse.com> Signed-off-by: Mikhail Zaslonko <zaslonko@linux.ibm.com> Tested-by: Mikhail Gavrilov <mikhail.v.gavrilov@gmail.com> Reviewed-by: Oscar Salvador <osalvador@suse.de> Tested-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> Cc: Heiko Carstens <heiko.carstens@de.ibm.com> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Mikhail Gavrilov <mikhail.v.gavrilov@gmail.com> Cc: Pavel Tatashin <pasha.tatashin@soleen.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Michal Hocko
|
efad4e475c |
mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone
Patch series "mm, memory_hotplug: fix uninitialized pages fallouts", v2.
Mikhail Zaslonko has posted fixes for the two bugs quite some time ago
[1]. I have pushed back on those fixes because I believed that it is
much better to plug the problem at the initialization time rather than
play whack-a-mole all over the hotplug code and find all the places
which expect the full memory section to be initialized.
We have ended up with commit
|
|
|
Tetsuo Handa
|
9bcdeb51bd |
oom, oom_reaper: do not enqueue same task twice
Arkadiusz reported that enabling memcg's group oom killing causes
strange memcg statistics where there is no task in a memcg despite the
number of tasks in that memcg is not 0. It turned out that there is a
bug in wake_oom_reaper() which allows enqueuing same task twice which
makes impossible to decrease the number of tasks in that memcg due to a
refcount leak.
This bug existed since the OOM reaper became invokable from
task_will_free_mem(current) path in out_of_memory() in Linux 4.7,
T1@P1 |T2@P1 |T3@P1 |OOM reaper
----------+----------+----------+------------
# Processing an OOM victim in a different memcg domain.
try_charge()
mem_cgroup_out_of_memory()
mutex_lock(&oom_lock)
try_charge()
mem_cgroup_out_of_memory()
mutex_lock(&oom_lock)
try_charge()
mem_cgroup_out_of_memory()
mutex_lock(&oom_lock)
out_of_memory()
oom_kill_process(P1)
do_send_sig_info(SIGKILL, @P1)
mark_oom_victim(T1@P1)
wake_oom_reaper(T1@P1) # T1@P1 is enqueued.
mutex_unlock(&oom_lock)
out_of_memory()
mark_oom_victim(T2@P1)
wake_oom_reaper(T2@P1) # T2@P1 is enqueued.
mutex_unlock(&oom_lock)
out_of_memory()
mark_oom_victim(T1@P1)
wake_oom_reaper(T1@P1) # T1@P1 is enqueued again due to oom_reaper_list == T2@P1 && T1@P1->oom_reaper_list == NULL.
mutex_unlock(&oom_lock)
# Completed processing an OOM victim in a different memcg domain.
spin_lock(&oom_reaper_lock)
# T1P1 is dequeued.
spin_unlock(&oom_reaper_lock)
but memcg's group oom killing made it easier to trigger this bug by
calling wake_oom_reaper() on the same task from one out_of_memory()
request.
Fix this bug using an approach used by commit
|
|
|
Jan Kara
|
80409c65e2 |
mm: migrate: make buffer_migrate_page_norefs() actually succeed
Currently, buffer_migrate_page_norefs() was constantly failing because
buffer_migrate_lock_buffers() grabbed reference on each buffer. In
fact, there's no reason for buffer_migrate_lock_buffers() to grab any
buffer references as the page is locked during all our operation and
thus nobody can reclaim buffers from the page.
So remove grabbing of buffer references which also makes
buffer_migrate_page_norefs() succeed.
Link: http://lkml.kernel.org/r/20190116131217.7226-1-jack@suse.cz
Fixes:
|
|
|
Andrei Vagin
|
8fb335e078 |
kernel/exit.c: release ptraced tasks before zap_pid_ns_processes
Currently, exit_ptrace() adds all ptraced tasks in a dead list, then
zap_pid_ns_processes() waits on all tasks in a current pidns, and only
then are tasks from the dead list released.
zap_pid_ns_processes() can get stuck on waiting tasks from the dead
list. In this case, we will have one unkillable process with one or
more dead children.
Thanks to Oleg for the advice to release tasks in find_child_reaper().
Link: http://lkml.kernel.org/r/20190110175200.12442-1-avagin@gmail.com
Fixes:
|
|
|
Qian Cai
|
a8e911d135 |
x86_64: increase stack size for KASAN_EXTRA
If the kernel is configured with KASAN_EXTRA, the stack size is
increasted significantly because this option sets "-fstack-reuse" to
"none" in GCC [1]. As a result, it triggers stack overrun quite often
with 32k stack size compiled using GCC 8. For example, this reproducer
https://github.com/linux-test-project/ltp/blob/master/testcases/kernel/syscalls/madvise/madvise06.c
triggers a "corrupted stack end detected inside scheduler" very reliably
with CONFIG_SCHED_STACK_END_CHECK enabled.
There are just too many functions that could have a large stack with
KASAN_EXTRA due to large local variables that have been called over and
over again without being able to reuse the stacks. Some noticiable ones
are
size
7648 shrink_page_list
3584 xfs_rmap_convert
3312 migrate_page_move_mapping
3312 dev_ethtool
3200 migrate_misplaced_transhuge_page
3168 copy_process
There are other 49 functions are over 2k in size while compiling kernel
with "-Wframe-larger-than=" even with a related minimal config on this
machine. Hence, it is too much work to change Makefiles for each object
to compile without "-fsanitize-address-use-after-scope" individually.
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715#c23
Although there is a patch in GCC 9 to help the situation, GCC 9 probably
won't be released in a few months and then it probably take another
6-month to 1-year for all major distros to include it as a default.
Hence, the stack usage with KASAN_EXTRA can be revisited again in 2020
when GCC 9 is everywhere. Until then, this patch will help users avoid
stack overrun.
This has already been fixed for arm64 for the same reason via
|
|
|
Andrea Arcangeli
|
1ac25013fb |
mm/hugetlb.c: teach follow_hugetlb_page() to handle FOLL_NOWAIT
hugetlb needs the same fix as faultin_nopage (which was applied in commit |
|
|
Masahiro Yamada
|
36c0f7f0f8 |
arch: unexport asm/shmparam.h for all architectures
Most architectures do not export shmparam.h to user-space. $ find arch -name shmparam.h | sort arch/alpha/include/asm/shmparam.h arch/arc/include/asm/shmparam.h arch/arm64/include/asm/shmparam.h arch/arm/include/asm/shmparam.h arch/csky/include/asm/shmparam.h arch/ia64/include/asm/shmparam.h arch/mips/include/asm/shmparam.h arch/nds32/include/asm/shmparam.h arch/nios2/include/asm/shmparam.h arch/parisc/include/asm/shmparam.h arch/powerpc/include/asm/shmparam.h arch/s390/include/asm/shmparam.h arch/sh/include/asm/shmparam.h arch/sparc/include/asm/shmparam.h arch/x86/include/asm/shmparam.h arch/xtensa/include/asm/shmparam.h Strangely, some users of the asm-generic wrapper export shmparam.h $ git grep 'generic-y += shmparam.h' arch/c6x/include/uapi/asm/Kbuild:generic-y += shmparam.h arch/h8300/include/uapi/asm/Kbuild:generic-y += shmparam.h arch/hexagon/include/uapi/asm/Kbuild:generic-y += shmparam.h arch/m68k/include/uapi/asm/Kbuild:generic-y += shmparam.h arch/microblaze/include/uapi/asm/Kbuild:generic-y += shmparam.h arch/openrisc/include/uapi/asm/Kbuild:generic-y += shmparam.h arch/riscv/include/asm/Kbuild:generic-y += shmparam.h arch/unicore32/include/uapi/asm/Kbuild:generic-y += shmparam.h The newly added riscv correctly creates the asm-generic wrapper in the kernel space, but the others (c6x, h8300, hexagon, m68k, microblaze, openrisc, unicore32) create the one in the uapi directory. Digging into the git history, now I guess |
|
|
Alexey Dobriyan
|
1fde6f21d9 |
proc: fix /proc/net/* after setns(2)
/proc entries under /proc/net/* can't be cached into dcache because
setns(2) can change current net namespace.
[akpm@linux-foundation.org: coding-style fixes]
[akpm@linux-foundation.org: avoid vim miscolorization]
[adobriyan@gmail.com: write test, add dummy ->d_revalidate hook: necessary if /proc/net/* is pinned at setns time]
Link: http://lkml.kernel.org/r/20190108192350.GA12034@avx2
Link: http://lkml.kernel.org/r/20190107162336.GA9239@avx2
Fixes:
|
|
|
Oscar Salvador
|
1723058eab |
mm, memory_hotplug: don't bail out in do_migrate_range() prematurely
do_migrate_range() takes a memory range and tries to isolate the pages to put them into a list. This list will be later on used in migrate_pages() to know the pages we need to migrate. Currently, if we fail to isolate a single page, we put all already isolated pages back to their LRU and we bail out from the function. This is quite suboptimal, as this will force us to start over again because scan_movable_pages will give us the same range. If there is no chance that we can isolate that page, we will loop here forever. Issue debugged in [1] has proved that. During the debugging of that issue, it was noticed that if do_migrate_ranges() fails to isolate a single page, we will just discard the work we have done so far and bail out, which means that scan_movable_pages() will find again the same set of pages. Instead, we can just skip the error, keep isolating as much pages as possible and then proceed with the call to migrate_pages(). This will allow us to do as much work as possible at once. [1] https://lkml.org/lkml/2018/12/6/324 Michal said: : I still think that this doesn't give us a whole picture. Looping for : ever is a bug. Failing the isolation is quite possible and it should : be a ephemeral condition (e.g. a race with freeing the page or : somebody else isolating the page for whatever reason). And here comes : the disadvantage of the current implementation. We simply throw : everything on the floor just because of a ephemeral condition. The : racy page_count check is quite dubious to prevent from that. Link: http://lkml.kernel.org/r/20181211135312.27034-1-osalvador@suse.de Signed-off-by: Oscar Salvador <osalvador@suse.de> Acked-by: Michal Hocko <mhocko@suse.com> Cc: David Hildenbrand <david@redhat.com> Cc: Dan Williams <dan.j.williams@gmail.com> Cc: Jan Kara <jack@suse.cz> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: William Kucharski <william.kucharski@oracle.com> Cc: Pavel Tatashin <pasha.tatashin@soleen.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
|
Linus Torvalds
|
5eeb63359b |
Second 5.0 rc pull request
Still not much going on, the usual set of OOP's and driver updates this time.
- Fix two uapi breakage regressions in mlx5 drivers
- Various oops fixes in hfi1, mlx4, umem, uverbs, and ipoib
- A protocol bug fix for hfi1 preventing it from implementing the verbs
API properly, and a compatability fix for EXEC STACK user programs
- Fix missed refcounting in the 'advise_mr' patches merged this
cycle.
- Fix wrong use of the uABI in the hns SRQ patches merged this cycle.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEfB7FMLh+8QxL+6i3OG33FX4gmxoFAlxUguAACgkQOG33FX4g
mxq93Q/+N7SyMjClN2/4Wz+vY1dAAOneshVdg+vsoe+S3sZG77xTAps1NX9nJ89o
VXc4RyTCQXIirN1tiqXtjvbcrrPvxpDhX9OOo1qE/a1LfnUAtNM2om9IrxOQLxjN
suYCk9WihilePS6WEtbZNeR3cP496Npm5N/uxVibPNCZghdxIZCa+PXAhosf0vCH
aslOgQnQXG1hRc4XjyxMa9ltT3R967wYHnhIpuPe9psH3HcB+wrLzusyBYUMYu4N
B2v9dyBNsuHlwTldF4b2ELD7mAJUMSk8X+x54a7RGQe5kgxD1BRjyOol67WwpNnl
JZTwTwluiVSEZ5V63dj2AkXKMo1695Q1tuMftGoEipaHopUXOTb70MOH9TDR1jbX
/jUjMUNJtafHhNBAVtTd04nX1fOsKp4GYVImoKPPRXPaQFoF5jXvqyGUuKZ9DAYb
zbnLKMaJOCu2JcB8sHHUfjgiGtJqtf73V0a4O3fq+rTSkY6UDnEgYF7j7GY1X+5N
E478aWw1JYVTIyUgiRFguJcBgJsY7hjhIS9fJaRD9aXuwo9Lg7bdpDUogfpcERA3
iNZFEyx8h2fBAb8DojYIBzRgbEtZkIYxe18jILK3SMjGQ0PfB9GGAl3JAWDOQIGx
uphV0WM/MKf31SeY+zD9dh9Z6ew4oTUNv3upRAzLDmkRe3J07j8=
=LxVe
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma
Pull rdma fixes from Jason Gunthorpe:
"Still not much going on, the usual set of oops and driver fixes this
time:
- Fix two uapi breakage regressions in mlx5 drivers
- Various oops fixes in hfi1, mlx4, umem, uverbs, and ipoib
- A protocol bug fix for hfi1 preventing it from implementing the
verbs API properly, and a compatability fix for EXEC STACK user
programs
- Fix missed refcounting in the 'advise_mr' patches merged this
cycle.
- Fix wrong use of the uABI in the hns SRQ patches merged this cycle"
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
IB/uverbs: Fix OOPs in uverbs_user_mmap_disassociate
IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start
IB/uverbs: Fix ioctl query port to consider device disassociation
RDMA/mlx5: Fix flow creation on representors
IB/uverbs: Fix OOPs upon device disassociation
RDMA/umem: Add missing initialization of owning_mm
RDMA/hns: Update the kernel header file of hns
IB/mlx5: Fix how advise_mr() launches async work
RDMA/device: Expose ib_device_try_get(()
IB/hfi1: Add limit test for RC/UC send via loopback
IB/hfi1: Remove overly conservative VM_EXEC flag check
IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
IB/mlx4: Fix using wrong function to destroy sqp AHs under SRIOV
RDMA/mlx5: Fix check for supported user flags when creating a QP
|
|
|
Linus Torvalds
|
9ace868a17 |
Changes since last update:
- fix page migration when using iomap for pagecache management - fix a use-after-free bug in the directio code -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEUzaAxoMeQq6m2jMV+H93GTRKtOsFAlxPK1IACgkQ+H93GTRK tOvzeA/+I4bWVmovfV+EGFzHSV6zRsy17v6c4ncMrdia41rhmvxl+sAJgj2+uFCb J37cCMpPrmAOz+JGIW7PbCt8uzmwaXOfB9p9N58wM+hSSxtlN+wZFsIaoepOUTDK t3e2L7QQxQjN9HXZU0RNUi/zgS3poDfzap7cZ71spBxX5hVd1zVQa0q/o5OXr7OI sBlZLsIOhmS8WU2TmfkwzUVi+/FR4dCgyP8eDAGho/KbwvO9sfWzLNxf0U/ORWfA JG+2LX42eKKjX6wo39zW1mAXwOBhnLnCqOOgKrDy8XRXPARiNAzLNn0AwhxJSAqD z3qE298Oag6gZo0lNJjDXIko5D9y2koWjQe7z4fJ2JYpV5mSyq8/F4XDNO2FKIap 07p0OBGa1yfwQYmS5TrhJvYwvsHqTNs122jpowqeD3o0Xh64y2TZLEMdhhIsRjga +S9OSVQ15JDf/QeI5LPGK6Oc6B3JnRYgrYf7g7DYu4eqEsJ3V3pqtbXzjxGkzUjx 5xf85ujuRUQoKCPZQ00ewmsfZMfOcaYqfhosx6LvR6ZPvPH3Ex3nLHks5ZV/eXfR Auusq6XMiHb5ljukfVCa0WStntUl5gMaRha5QJy1Vg5Zd1ikvTkB5CkJFlODJ8hS GaEIa58Gf75dkHOvm4bFEOoy2EcE3I+qdwR+0xgg+6gDlNeZZNQ= =KYgc -----END PGP SIGNATURE----- Merge tag 'iomap-5.0-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux Pull iomap fixes from Darrick Wong: "A couple of iomap fixes to eliminate some memory corruption and hang problems that were reported: - fix page migration when using iomap for pagecache management - fix a use-after-free bug in the directio code" * tag 'iomap-5.0-fixes-1' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: iomap: fix a use after free in iomap_dio_rw iomap: get/put the page in iomap_page_create/release() |
|
|
Linus Torvalds
|
3325254ca1 |
Power management fixes for 5.0-rc5
- Since ktime_get() turns out to be problematic for device
autosuspend in the PM-runtime framework, make it use
ktime_get_mono_fast_ns() instead (Vincent Guittot).
- Fix an initial value of a local variable in the "poll idle state"
code that makes it behave not exactly as expected when all idle
states except for the "polling" one are disabled (Doug Smythies).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJcVB7NAAoJEILEb/54YlRxJNsP+gM+tCQ4oUTj5Q1sZnYDF3Ti
VZCBCaN4JfRdNj+grYNAi/MHRNG2jox+Epn7EFHahtRAtbck9TEmnqfP8uJrV5fY
mJ0mNgkt09O2PI0U+8IhSjC71Nba7zq5IPkhMr9+Gha3f3UsTGD0HCJz3fHm/50W
coilIUTH5usdnbGZjiLhbVb9d9koJjBCWOgYZsQp+flAoj4aasw4xVuu7AoQ6ZOy
hqjhyUPSPlE35ZVi3NaXUYeDmPgx6IJ+Bs/SQvMEcH9fyCKfEIL82S0yBZxys7j2
ZqE2qBsEPl8elZFFNS7hwwezL0ny2BpzzrODlSrVafSr0kuS6r+sRDgkpn8whwZw
cMmf/E7HXrgwpdnvjMywJ3vOVNsXu1QwDI21c8E3lBG08wlk1yWzpMB6BK+zusmC
TvOjfPEEosA6RUC9rOeFU6h3OhWr3AJjCfBzkK0gkTLC3jWlPWwqor0vWR4EaSo5
5atl8hfZPEVBkPvIix6i1luP1Kvew2Ud7LR60MTAfVJAag6/AfxYAF4IuRCdj4uO
BLdFdN6PBsT416BJ0w6qBWxsHX0qiNMH9O1B8jNWyrAIMjgKz2cRexdwBWmxVBnn
lijnyiH7owGi3qbjnOQ86mU7XvnApnyf/+E8tFuj4VveLqxvItLvb7rT/Zn6xDTn
ZbQXI+5nYrmLbI6AB58u
=3UG4
-----END PGP SIGNATURE-----
Merge tag 'pm-5.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull power management fixes from Rafael Wysocki:
"These fix a PM-runtime framework regression introduced by the recent
switch-over of device autosuspend to hrtimers and a mistake in the
"poll idle state" code introduced by a recent change in it.
Specifics:
- Since ktime_get() turns out to be problematic for device
autosuspend in the PM-runtime framework, make it use
ktime_get_mono_fast_ns() instead (Vincent Guittot).
- Fix an initial value of a local variable in the "poll idle state"
code that makes it behave not exactly as expected when all idle
states except for the "polling" one are disabled (Doug Smythies)"
* tag 'pm-5.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpuidle: poll_state: Fix default time limit
PM-runtime: Fix deadlock with ktime_get()
|
|
|
Linus Torvalds
|
4771eec1d0 |
ACPI-related Kconfig fixes for 5.0-rc5
Prevent invalid configurations from being created (e.g. by randconfig) due to some ACPI-related Kconfig options' dependencies that are not specified directly (Sinan Kaya). -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAABCAAGBQJcVB5hAAoJEILEb/54YlRxMpoP/iREan4jVTEAtF9XUbjzv2Yk KufRdIiDr6XMLjES8rIb1pQ7CkLybJ0YQ9PccG6zJ9X7mCCUHMCikzwEStppdcnO dB6cP8mwUSWTSrj30t4uDyN1DscCeLpm4YqVaF4lBPerYtFlkVTEVpvPncWZC5/d ST/Lcn/iaNmDnAcxGI4So5EOkxZxP1/tlYDSgaE2k2Qajn5TeGmgKYF5t2PXuHlc R/unZYJhxXUy89Dfhn4zXEpBRoaL+5xzvYpzHRkfLe9oLG5uWJW0fV/RBrazk/Z6 lYXQdn3r/i/BGeRyup/BrKrtufsNpZTM5kxFZ43NAm/9EDov5mBS0k+OVA0Eg6qk ZG3D60ihxciY6TxU3Opfa8OuOPB2ERILCRFiXgWQXlTP7O/jXN0sxdcW9YXkgua2 RDbESwP1miQi1+3mzrliAXSN+0nbrsapBv9XSk8CujUzypP0Os8+GzpAgVhnIDgF VO9U5wRdx3EaH1u2oh0dtLnZkZQxgiI+GU3/zzuymrVDAb4XMlAHrX4i4T/zFQKY vvTJzxr0BoaXkeU22546yDZE8NEPecUSYHhrYkxrEwW3awN+JoNO4OACIq2EVixJ M+qHSDtxVqm7YpUykukkzg4v8UTS8kdY3pPVTOXN8JhIn4lvx12piVPTP3Wn4+Qa 2CF07SL8OzqqmrV0Css/ =yW1p -----END PGP SIGNATURE----- Merge tag 'acpi-5.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm Pull ACPI Kconfig fixes from Rafael Wysocki: "Prevent invalid configurations from being created (e.g. by randconfig) due to some ACPI-related Kconfig options' dependencies that are not specified directly (Sinan Kaya)" * tag 'acpi-5.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: platform/x86: Fix unmet dependency warning for SAMSUNG_Q10 platform/x86: Fix unmet dependency warning for ACPI_CMPC mfd: Fix unmet dependency warning for MFD_TPS68470 |
|
|
Linus Torvalds
|
cca2e06ae8 |
MMC host:
- mediatek: Fix incorrect register write for tunings - bcm2835: Fixup leakage of DMA channel on probe errors -----BEGIN PGP SIGNATURE----- iQJLBAABCgA1FiEEugLDXPmKSktSkQsV/iaEJXNYjCkFAlxUBucXHHVsZi5oYW5z c29uQGxpbmFyby5vcmcACgkQ/iaEJXNYjCmfxBAAmPUasE3SZQGyNIkf2P3xYflp ycJa/0l/b3GaL84omtAzwLc9F03DrDm0h3piQfWXvlU8PO1uxx3Hz/dTSlUWxruy jGSI7i9m30vfRfmnrXUnuEHWhxrR10hTzBp1sI2uyfbM9qiTvHxoiwQHw7H+eCEG uQ0VP41jENq60ositoOYbO2xntoaCnnqKLEotc116ekBrO28aUs6McXg+AtKtjSG ssY9FTBsXo3Dc/1uj0vRJPZlDQBfl0H7eCnHaobdgtqNeLGw441EChWR0xQAUNNd zrMI4mv00wjljLiFVSOaqH/+B52JXJrdYJrmjLTKrhJIv/hkEt6C0nQk8vd7V1Pw F5VrpNTzTW54i1FvArwaX72VCWL/mWwOyVcUYDLoh5tkLgV7PuXtQfjjzwt97Hsn qRVjX3mR0bueaLriKxNEh5tuMeHt5NMEhmWDzsyBHZ7PRCemVnJPcHgqw/JxoTri FN14cjU7FH8YSNIv+5xZ3ADbKI8C0Z1CHLuQsB6p0J2LJiWi6Tc3RuWXwO5VC3Xx QupcRVw6MviHH5379dr9Yb7cvbR9eWeI33z2eepamM1PFc+54FJKv7tZpd0MO4tZ RS5Vi8qgWieL9Flx3EvCxsodrV9Sgd1qwD4vW0o/jdOqQhuT+UtOyyxFY7sB3TnO LEMu/BUFayH2+6Kq4vY= =kWI8 -----END PGP SIGNATURE----- Merge tag 'mmc-v5.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc Pull MMC host fixes from Ulf Hansson: - mediatek: Fix incorrect register write for tunings - bcm2835: Fixup leakage of DMA channel on probe errors * tag 'mmc-v5.0-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: mmc: mediatek: fix incorrect register setting of hs400_cmd_int_delay mmc: bcm2835: Fix DMA channel leak on probe error |
|
|
Linus Torvalds
|
520fac05b6 |
- Fix a deadlock in the designware driver
- Fix the error path in i3c_master_add_i3c_dev_locked() -----BEGIN PGP SIGNATURE----- iQJKBAABCgA0FiEEKmCqpbOU668PNA69Ze02AX4ItwAFAlxUBSMWHGJicmV6aWxs b25Aa2VybmVsLm9yZwAKCRBl7TYBfgi3AEB+D/9fN3ErQqlgmRjZuVF0gqAWSekn Jnpz5fGpWVn/f9NAVRfZkk7czIJasvlE36pb4L/CeV9RI9Ad2YIljKjGJHduzlFC 12pRuY65ilwW4wO2dYkaUZSCozhaJ9Jm+kwrm/YMZbs9anWBKFUgFXtX3E5iqeH7 uVlS2toLhcWcqbQnO1QYIkScAnqrkyo74olbWo6PsxD1wCFL3DAXkxXbZRF2SHZm Icjp56QnLbot+5V5ING1azaXmi3k80hY4L/oaN08t1WFE4frSYOcLRgA8+kHAofb 7wthK4JwyW8GUriIqLIfhk+migcjUyrFkPsLRLyGrx16DvF/tDnfbhU/JHfPr6dy 8vTnglVunPAY3orZdMovZQhYzpm5vXgECF3aEExZe/KlJm+zccYirZngJLmAJL6z JQcBwvOdpnHa35Fyy+8ENJCGSgHbxaNJ9NjdD8rBmDrQijv5caPHgpfgt4+b+U6b Ndc5WKVqtia4x1A4HTEq3NWtkEkBTqsgaZcDC7ErvKh+8Uwelz4jpCT5E82WbyYK +LAHqNGxjMBFZnfQsJ+UHdYyoeafj5LgoJPilAEr/IwwAJqFNOUSLBizraQoKs6V Yz+1tndmGOP6vXa32Oykwf+mST0g6lpl05bLcmj0QE5uIic1062DEU8cCRUx8qZc zpTW3004/kEVv8NRqA== =cU2G -----END PGP SIGNATURE----- Merge tag 'i3c/fixes-for-5.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux Pull i3c fixes from Boris Brezillon: - Fix a deadlock in the designware driver - Fix the error path in i3c_master_add_i3c_dev_locked() * tag 'i3c/fixes-for-5.0-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux: i3c: master: dw: fix deadlock i3c: fix missing detach if failed to retrieve i3c dev |
|
|
Kairui Song
|
2aa958c99c |
x86/kexec: Don't setup EFI info if EFI runtime is not enabled
Kexec-ing a kernel with "efi=noruntime" on the first kernel's command line causes the following null pointer dereference: BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 #PF error: [normal kernel read fault] Call Trace: efi_runtime_map_copy+0x28/0x30 bzImage64_load+0x688/0x872 arch_kexec_kernel_image_load+0x6d/0x70 kimage_file_alloc_init+0x13e/0x220 __x64_sys_kexec_file_load+0x144/0x290 do_syscall_64+0x55/0x1a0 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Just skip the EFI info setup if EFI runtime services are not enabled. [ bp: Massage commit message. ] Suggested-by: Dave Young <dyoung@redhat.com> Signed-off-by: Kairui Song <kasong@redhat.com> Signed-off-by: Borislav Petkov <bp@suse.de> Acked-by: Dave Young <dyoung@redhat.com> Cc: AKASHI Takahiro <takahiro.akashi@linaro.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: bhe@redhat.com Cc: David Howells <dhowells@redhat.com> Cc: erik.schmauss@intel.com Cc: fanc.fnst@cn.fujitsu.com Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: kexec@lists.infradead.org Cc: lenb@kernel.org Cc: linux-acpi@vger.kernel.org Cc: Philipp Rudo <prudo@linux.vnet.ibm.com> Cc: rafael.j.wysocki@intel.com Cc: robert.moore@intel.com Cc: Thomas Gleixner <tglx@linutronix.de> Cc: x86-ml <x86@kernel.org> Cc: Yannik Sembritzki <yannik@sembritzki.me> Link: https://lkml.kernel.org/r/20190118111310.29589-2-kasong@redhat.com |
|
|
Linus Torvalds
|
c228d294f2 |
x86: explicitly align IO accesses in memcpy_{to,from}io
In commit |
|
|
John Johansen
|
d6d478aee0 |
apparmor: Fix aa_label_build() error handling for failed merges
aa_label_merge() can return NULL for memory allocations failures make sure to handle and set the correct error in this case. Reported-by: Peng Hao <peng.hao2@zte.com.cn> Signed-off-by: John Johansen <john.johansen@canonical.com> |
|
|
James Morse
|
f7daa9c8fd |
arm64: hibernate: Clean the __hyp_text to PoC after resume
During resume hibernate restores all physical memory. Any memory that is accessed with the MMU disabled needs to be cleaned to the PoC. KVMs __hyp_text was previously ommitted as it runs with the MMU enabled, but now that the hyp-stub is located in this section, we must clean __hyp_text too. This ensures secondary CPUs that come online after hibernate has finished resuming, and load KVM via the freshly written hyp-stub see the correct instructions. Signed-off-by: James Morse <james.morse@arm.com> Cc: stable@vger.kernel.org Signed-off-by: Will Deacon <will.deacon@arm.com> |
|
|
James Morse
|
8fac5cbdfe |
arm64: hyp-stub: Forbid kprobing of the hyp-stub
The hyp-stub is loaded by the kernel's early startup code at EL2 during boot, before KVM takes ownership later. The hyp-stub's text is part of the regular kernel text, meaning it can be kprobed. A breakpoint in the hyp-stub causes the CPU to spin in el2_sync_invalid. Add it to the __hyp_text. Signed-off-by: James Morse <james.morse@arm.com> Cc: stable@vger.kernel.org Signed-off-by: Will Deacon <will.deacon@arm.com> |
|
|
James Morse
|
f2b3d8566d |
arm64: kprobe: Always blacklist the KVM world-switch code
On systems with VHE the kernel and KVM's world-switch code run at the
same exception level. Code that is only used on a VHE system does not
need to be annotated as __hyp_text as it can reside anywhere in the
kernel text.
__hyp_text was also used to prevent kprobes from patching breakpoint
instructions into this region, as this code runs at a different
exception level. While this is no longer true with VHE, KVM still
switches VBAR_EL1, meaning a kprobe's breakpoint executed in the
world-switch code will cause a hyp-panic.
Move the __hyp_text check in the kprobes blacklist so it applies on
VHE systems too, to cover the common code and guest enter/exit
assembly.
Fixes:
|
|
|
Ard Biesheuvel
|
8ea2359323 |
arm64: kaslr: ensure randomized quantities are clean also when kaslr is off
Commit |
|
|
Catalin Marinas
|
132fdc379e |
arm64: Do not issue IPIs for user executable ptes
Commit |
|
|
Petr Vorel
|
a1a02062ad |
apparmor: Fix warning about unused function apparmor_ipv6_postroute
when compiled without CONFIG_IPV6:
security/apparmor/lsm.c:1601:21: warning: ‘apparmor_ipv6_postroute’ defined but not used [-Wunused-function]
static unsigned int apparmor_ipv6_postroute(void *priv,
^~~~~~~~~~~~~~~~~~~~~~~
Reported-by: Jordan Glover <Golden_Miller83@protonmail.ch>
Tested-by: Jordan Glover <Golden_Miller83@protonmail.ch>
Signed-off-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: John Johansen <john.johansen@canonical.com>
|
|
|
Rafael J. Wysocki
|
b473406a06 |
Merge branch 'acpi-misc'
* acpi-misc: platform/x86: Fix unmet dependency warning for SAMSUNG_Q10 platform/x86: Fix unmet dependency warning for ACPI_CMPC |
|
|
Rafael J. Wysocki
|
cbffab6825 |
Merge branch 'pm-cpuidle-fixes'
* pm-cpuidle-fixes: cpuidle: poll_state: Fix default time limit |
|
|
Linus Torvalds
|
5b4746a031 |
Mostly driver fixes, but there's a core framework fix in here too.
- Revert the commits that introduce clk management for the SP
clk on MMP2 SoCs (used for OLPC). Turns out it wasn't a good
idea and there isn't any need to manage this clk, it just causes
more headaches.
- A performance regression that went unnoticed for many years where
we would traverse the entire clk tree looking for a clk by name
when we already have the pointer to said clk that we're looking
for
- A parent linkage fix for the qcom SDM845 clk driver
- An i.MX clk driver rate miscalculation fix where order of operations
were messed up
- One error handling fix from the static checkers
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEE9L57QeeUxqYDyoaDrQKIl8bklSUFAlxTiOIRHHNib3lkQGtl
cm5lbC5vcmcACgkQrQKIl8bklSU+3Q/6Au7lVXMD2V/TTKFoj1f/lMSfqBTAFJWD
MV8obDsBglYFQVOLvMEDPauzK9JJx4diBmWNhAjPalonSsRIXS+UBhtEseknJ79u
G48aGSZbtJYcfc7JYaQbZShyulJ6361waKQrMPMnOvGdXy/9osQYawtq7KdHxDRN
Ac0Fq0O+vXcRuA3F4Xb/HEih6RtuArPA6HYAelU5luiKK9kVkn6DzPyGq6/MsDaf
W83HdWMllSTA8w5Pgq/n9S9pvuiJNikpZA9dRZhr59tdnQBI5RKQq7UrBh0ts/XU
XmDthCAk4omss+QjsrYIdX/8vCGqhSM7zkdY7pZvia/n6Kd/nnF65Wpq22KAqSmw
FXfzncpVxXBuTLy67dD/dxxRiiR9nbvmcxXJiNIaqepyZZojqgwQ6YzuD/oy5DKy
efQ+YuVYbTz8qmpMldhIOcjrmQ7rQ3+dpXJxxSgcfv5lOpMRr+erg6L+d2BnS064
/EzLwqW6kpuEtnDlc3Pue29u/REbawQ2k37LXcEUuEyVpctiw4y+3+pcKZAt9Uh3
eq3UoDl+aSFuyBD/UNgB3JFGcHM4ipbCj6PcQ4FHban0b+rMxCM7spMunc1Ec2jZ
cf/BeN0YE0Y1kYy5ArfSp1B1iuNLvfGnwV5dUKKoXDD5Fkryt9Nz8dUaYfqEWrGN
uvTJXtU1E/Q=
=G4M9
-----END PGP SIGNATURE-----
Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
Pull clk fixes from Stephen Boyd:
"Mostly driver fixes, but there's a core framework fix in here too:
- Revert the commits that introduce clk management for the SP clk on
MMP2 SoCs (used for OLPC). Turns out it wasn't a good idea and
there isn't any need to manage this clk, it just causes more
headaches.
- A performance regression that went unnoticed for many years where
we would traverse the entire clk tree looking for a clk by name
when we already have the pointer to said clk that we're looking for
- A parent linkage fix for the qcom SDM845 clk driver
- An i.MX clk driver rate miscalculation fix where order of
operations were messed up
- One error handling fix from the static checkers"
* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
clk: qcom: gcc: Use active only source for CPUSS clocks
clk: ti: Fix error handling in ti_clk_parse_divider_data()
clk: imx: Fix fractional clock set rate computation
clk: Remove global clk traversal on fetch parent index
Revert "dt-bindings: marvell,mmp2: Add clock id for the SP clock"
Revert "clk: mmp2: add SP clock"
Revert "Input: olpc_apsp - enable the SP clock"
|
|
|
Linus Torvalds
|
52107c545d |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fix from Herbert Xu: "This fixes a bug in cavium/nitrox where the callback is invoked prior to the DMA unmap" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: cavium/nitrox - Invoke callback after DMA unmap |
|
|
Linus Torvalds
|
44e56f325b |
pci-v5.0-fixes-3
-----BEGIN PGP SIGNATURE----- iQJIBAABCgAyFiEEgMe7l+5h9hnxdsnuWYigwDrT+vwFAlxTZr4UHGJoZWxnYWFz QGdvb2dsZS5jb20ACgkQWYigwDrT+vxBCQ/9E34gckeMBFr6/gFMtG+E0d4eP6/j VET74JyTSZRuY76TC5JT8hRrkKJCbNmBUIBV8Qm6YegeWm/UAfWwnArXJRrVq2OJ sbEvDzLlctkXMqSFVKyOPA3FCPW61W3CHcEwoSrBUkEDnyRxkT0cIVU/T+G+7QJy F80rgKxxrtGBj2eX/ibWr61Q4sTup00nqa4q8EJ+Nl1RV3jQAv3AbdP8CC95wTbD pziJwQviMOkiXiI85P3QWdKTtDDIlzoqauRD/YVkxxNZ1MBuaksVoDFLdVLrHiic nMTQTSdnf9tEAzrMrZayaSHo2Qsr8z66Euo8Ra7aarYwDsEEw+eIgevXoaSktc04 7BqPFvhB0iz8urbmt5fROXkCaTqPo2tm0wZf96xnyfaMDwBaIB3WfJjMlTMvIv+Y iOajRZCIJPzejauJDQa042Qo6eHfeFOKPSgAwM+lNgBks+mL/yp2XQ93/VFGAemU AmvgsAemBREnyGWK1+vY5eRwsOwmoxufugs94Uo3n46/fIEvVYEjyPx0PkHKzjI+ IjS/Zh1PAfy4fSfuA4sGOSR9cRutvsE3ovJzRgps6DFf8/ALJjDGRcXar+eJBK0a g6U8rl+Qd6DJpbSw5bIqjYt1AjNiAu4npFczun++X/thcxD2SoGkiJpgNJdNaBJK AQrMWubjYQGUvAg= =5CJF -----END PGP SIGNATURE----- Merge tag 'pci-v5.0-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci Pull PCI fixes from Bjorn Helgaas: - Revert armada8k GPIO reset change that broke Macchiatobin booting (Baruch Siach) - Use actual size config reads on ARM cns3xxx (Koen Vandeputte) - Fix ARM cns3xxx config write alignment issue (Koen Vandeputte) - Fix imx6 PHY device link error checking (Leonard Crestez) - Fix imx6 probe failure on chips without separate PCI power domain (Leonard Crestez) * tag 'pci-v5.0-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: Revert "PCI: armada8k: Add support for gpio controlled reset signal" ARM: cns3xxx: Use actual size reads for PCIe ARM: cns3xxx: Fix writing to wrong PCI config registers after alignment PCI: imx: Fix checking pd_pcie_phy device link addition PCI: imx: Fix probe failure without power domain |
|
|
Baruch Siach
|
f14bcc0add |
Revert "PCI: armada8k: Add support for gpio controlled reset signal"
Revert commit |
|
|
Koen Vandeputte
|
432dd7064a |
ARM: cns3xxx: Use actual size reads for PCIe
commit |