* [PATCH AUTOSEL 4.14 02/14] Revert "dm bufio: fix deadlock with loop device"
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 03/14] kprobes: Fix potential deadlock in kprobe_optimizer() Sasha Levin
` (11 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Mikulas Patocka, Mike Snitzer, Sasha Levin, linux-raid
From: Mikulas Patocka <mpatocka@redhat.com>
[ Upstream commit cf3591ef832915892f2499b7e54b51d4c578b28c ]
Revert the commit bd293d071ffe65e645b4d8104f9d8fe15ea13862. The proper
fix has been made available with commit d0a255e795ab ("loop: set
PF_MEMALLOC_NOIO for the worker thread").
Note that the fix offered by commit bd293d071ffe doesn't really prevent
the deadlock from occuring - if we look at the stacktrace reported by
Junxiao Bi, we see that it hangs in bit_wait_io and not on the mutex -
i.e. it has already successfully taken the mutex. Changing the mutex
from mutex_lock to mutex_trylock won't help with deadlocks that happen
afterwards.
PID: 474 TASK: ffff8813e11f4600 CPU: 10 COMMAND: "kswapd0"
#0 [ffff8813dedfb938] __schedule at ffffffff8173f405
#1 [ffff8813dedfb990] schedule at ffffffff8173fa27
#2 [ffff8813dedfb9b0] schedule_timeout at ffffffff81742fec
#3 [ffff8813dedfba60] io_schedule_timeout at ffffffff8173f186
#4 [ffff8813dedfbaa0] bit_wait_io at ffffffff8174034f
#5 [ffff8813dedfbac0] __wait_on_bit at ffffffff8173fec8
#6 [ffff8813dedfbb10] out_of_line_wait_on_bit at ffffffff8173ff81
#7 [ffff8813dedfbb90] __make_buffer_clean at ffffffffa038736f [dm_bufio]
#8 [ffff8813dedfbbb0] __try_evict_buffer at ffffffffa0387bb8 [dm_bufio]
#9 [ffff8813dedfbbd0] dm_bufio_shrink_scan at ffffffffa0387cc3 [dm_bufio]
#10 [ffff8813dedfbc40] shrink_slab at ffffffff811a87ce
#11 [ffff8813dedfbd30] shrink_zone at ffffffff811ad778
#12 [ffff8813dedfbdc0] kswapd at ffffffff811ae92f
#13 [ffff8813dedfbec0] kthread at ffffffff810a8428
#14 [ffff8813dedfbf50] ret_from_fork at ffffffff81745242
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Cc: stable@vger.kernel.org
Fixes: bd293d071ffe ("dm bufio: fix deadlock with loop device")
Depends-on: d0a255e795ab ("loop: set PF_MEMALLOC_NOIO for the worker thread")
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/md/dm-bufio.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/md/dm-bufio.c b/drivers/md/dm-bufio.c
index b7d3b62dae7f9..1e17e6421da32 100644
--- a/drivers/md/dm-bufio.c
+++ b/drivers/md/dm-bufio.c
@@ -1630,7 +1630,9 @@ dm_bufio_shrink_scan(struct shrinker *shrink, struct shrink_control *sc)
unsigned long freed;
c = container_of(shrink, struct dm_bufio_client, shrinker);
- if (!dm_bufio_trylock(c))
+ if (sc->gfp_mask & __GFP_FS)
+ dm_bufio_lock(c);
+ else if (!dm_bufio_trylock(c))
return SHRINK_STOP;
freed = __scan(c, sc->nr_to_scan, sc->gfp_mask);
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 03/14] kprobes: Fix potential deadlock in kprobe_optimizer()
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 02/14] Revert "dm bufio: fix deadlock with loop device" Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 04/14] ALSA: line6: Fix memory leak at line6_init_pcm() error path Sasha Levin
` (10 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Andrea Righi, Masami Hiramatsu, Anil S Keshavamurthy,
David S . Miller, Linus Torvalds, Naveen N . Rao, Peter Zijlstra,
Thomas Gleixner, Ingo Molnar, Sasha Levin
From: Andrea Righi <andrea.righi@canonical.com>
[ Upstream commit f1c6ece23729257fb46562ff9224cf5f61b818da ]
lockdep reports the following deadlock scenario:
WARNING: possible circular locking dependency detected
kworker/1:1/48 is trying to acquire lock:
000000008d7a62b2 (text_mutex){+.+.}, at: kprobe_optimizer+0x163/0x290
but task is already holding lock:
00000000850b5e2d (module_mutex){+.+.}, at: kprobe_optimizer+0x31/0x290
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #1 (module_mutex){+.+.}:
__mutex_lock+0xac/0x9f0
mutex_lock_nested+0x1b/0x20
set_all_modules_text_rw+0x22/0x90
ftrace_arch_code_modify_prepare+0x1c/0x20
ftrace_run_update_code+0xe/0x30
ftrace_startup_enable+0x2e/0x50
ftrace_startup+0xa7/0x100
register_ftrace_function+0x27/0x70
arm_kprobe+0xb3/0x130
enable_kprobe+0x83/0xa0
enable_trace_kprobe.part.0+0x2e/0x80
kprobe_register+0x6f/0xc0
perf_trace_event_init+0x16b/0x270
perf_kprobe_init+0xa7/0xe0
perf_kprobe_event_init+0x3e/0x70
perf_try_init_event+0x4a/0x140
perf_event_alloc+0x93a/0xde0
__do_sys_perf_event_open+0x19f/0xf30
__x64_sys_perf_event_open+0x20/0x30
do_syscall_64+0x65/0x1d0
entry_SYSCALL_64_after_hwframe+0x49/0xbe
-> #0 (text_mutex){+.+.}:
__lock_acquire+0xfcb/0x1b60
lock_acquire+0xca/0x1d0
__mutex_lock+0xac/0x9f0
mutex_lock_nested+0x1b/0x20
kprobe_optimizer+0x163/0x290
process_one_work+0x22b/0x560
worker_thread+0x50/0x3c0
kthread+0x112/0x150
ret_from_fork+0x3a/0x50
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(module_mutex);
lock(text_mutex);
lock(module_mutex);
lock(text_mutex);
*** DEADLOCK ***
As a reproducer I've been using bcc's funccount.py
(https://github.com/iovisor/bcc/blob/master/tools/funccount.py),
for example:
# ./funccount.py '*interrupt*'
That immediately triggers the lockdep splat.
Fix by acquiring text_mutex before module_mutex in kprobe_optimizer().
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Fixes: d5b844a2cf50 ("ftrace/x86: Remove possible deadlock between register_kprobe() and ftrace_run_update_code()")
Link: http://lkml.kernel.org/r/20190812184302.GA7010@xps-13
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
kernel/kprobes.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/kernel/kprobes.c b/kernel/kprobes.c
index ec11bb986a8b4..c43bc2bc5b2ca 100644
--- a/kernel/kprobes.c
+++ b/kernel/kprobes.c
@@ -483,6 +483,7 @@ static DECLARE_DELAYED_WORK(optimizing_work, kprobe_optimizer);
*/
static void do_optimize_kprobes(void)
{
+ lockdep_assert_held(&text_mutex);
/*
* The optimization/unoptimization refers online_cpus via
* stop_machine() and cpu-hotplug modifies online_cpus.
@@ -500,9 +501,7 @@ static void do_optimize_kprobes(void)
list_empty(&optimizing_list))
return;
- mutex_lock(&text_mutex);
arch_optimize_kprobes(&optimizing_list);
- mutex_unlock(&text_mutex);
}
/*
@@ -513,6 +512,7 @@ static void do_unoptimize_kprobes(void)
{
struct optimized_kprobe *op, *tmp;
+ lockdep_assert_held(&text_mutex);
/* See comment in do_optimize_kprobes() */
lockdep_assert_cpus_held();
@@ -520,7 +520,6 @@ static void do_unoptimize_kprobes(void)
if (list_empty(&unoptimizing_list))
return;
- mutex_lock(&text_mutex);
arch_unoptimize_kprobes(&unoptimizing_list, &freeing_list);
/* Loop free_list for disarming */
list_for_each_entry_safe(op, tmp, &freeing_list, list) {
@@ -537,7 +536,6 @@ static void do_unoptimize_kprobes(void)
} else
list_del_init(&op->list);
}
- mutex_unlock(&text_mutex);
}
/* Reclaim all kprobes on the free_list */
@@ -563,6 +561,7 @@ static void kprobe_optimizer(struct work_struct *work)
{
mutex_lock(&kprobe_mutex);
cpus_read_lock();
+ mutex_lock(&text_mutex);
/* Lock modules while optimizing kprobes */
mutex_lock(&module_mutex);
@@ -590,6 +589,7 @@ static void kprobe_optimizer(struct work_struct *work)
do_free_cleaned_kprobes();
mutex_unlock(&module_mutex);
+ mutex_unlock(&text_mutex);
cpus_read_unlock();
mutex_unlock(&kprobe_mutex);
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 04/14] ALSA: line6: Fix memory leak at line6_init_pcm() error path
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 02/14] Revert "dm bufio: fix deadlock with loop device" Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 03/14] kprobes: Fix potential deadlock in kprobe_optimizer() Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page() Sasha Levin
` (9 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable; +Cc: Takashi Iwai, Sasha Levin
From: Takashi Iwai <tiwai@suse.de>
[ Upstream commit 1bc8d18c75fef3b478dbdfef722aae09e2a9fde7 ]
I forgot to release the allocated object at the early error path in
line6_init_pcm(). For addressing it, slightly shuffle the code so
that the PCM destructor (pcm->private_free) is assigned properly
before all error paths.
Fixes: 3450121997ce ("ALSA: line6: Fix write on zero-sized buffer")
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
sound/usb/line6/pcm.c | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/sound/usb/line6/pcm.c b/sound/usb/line6/pcm.c
index f5614507a81c4..896add5ffee38 100644
--- a/sound/usb/line6/pcm.c
+++ b/sound/usb/line6/pcm.c
@@ -552,6 +552,15 @@ int line6_init_pcm(struct usb_line6 *line6,
line6pcm->volume_monitor = 255;
line6pcm->line6 = line6;
+ spin_lock_init(&line6pcm->out.lock);
+ spin_lock_init(&line6pcm->in.lock);
+ line6pcm->impulse_period = LINE6_IMPULSE_DEFAULT_PERIOD;
+
+ line6->line6pcm = line6pcm;
+
+ pcm->private_data = line6pcm;
+ pcm->private_free = line6_cleanup_pcm;
+
line6pcm->max_packet_size_in =
usb_maxpacket(line6->usbdev,
usb_rcvisocpipe(line6->usbdev, ep_read), 0);
@@ -564,15 +573,6 @@ int line6_init_pcm(struct usb_line6 *line6,
return -EINVAL;
}
- spin_lock_init(&line6pcm->out.lock);
- spin_lock_init(&line6pcm->in.lock);
- line6pcm->impulse_period = LINE6_IMPULSE_DEFAULT_PERIOD;
-
- line6->line6pcm = line6pcm;
-
- pcm->private_data = line6pcm;
- pcm->private_free = line6_cleanup_pcm;
-
err = line6_create_audio_out_urbs(line6pcm);
if (err < 0)
return err;
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page()
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (2 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 04/14] ALSA: line6: Fix memory leak at line6_init_pcm() error path Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 15:10 ` Tyler Hicks
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 06/14] powerpc/64: mark start_here_multiplatform as __ref Sasha Levin
` (8 subsequent siblings)
12 siblings, 1 reply; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Tyler Hicks, Todd Kjos, Greg Kroah-Hartman, Sasha Levin, devel
From: Tyler Hicks <tyhicks@canonical.com>
[ Upstream commit 60d4885710836595192c42d3e04b27551d30ec91 ]
Restore the behavior of locking mmap_sem for reading in
binder_alloc_free_page(), as was first done in commit 3013bf62b67a
("binder: reduce mmap_sem write-side lock"). That change was
inadvertently reverted by commit 5cec2d2e5839 ("binder: fix race between
munmap() and direct reclaim").
In addition, change the name of the label for the error path to
accurately reflect that we're taking the lock for reading.
Backporting note: This fix is only needed when *both* of the commits
mentioned above are applied. That's an unlikely situation since they
both landed during the development of v5.1 but only one of them is
targeted for stable.
Fixes: 5cec2d2e5839 ("binder: fix race between munmap() and direct reclaim")
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Acked-by: Todd Kjos <tkjos@android.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/android/binder_alloc.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
index e0b0399ff7ec8..81c67459259ec 100644
--- a/drivers/android/binder_alloc.c
+++ b/drivers/android/binder_alloc.c
@@ -949,8 +949,8 @@ enum lru_status binder_alloc_free_page(struct list_head *item,
mm = alloc->vma_vm_mm;
if (!mmget_not_zero(mm))
goto err_mmget;
- if (!down_write_trylock(&mm->mmap_sem))
- goto err_down_write_mmap_sem_failed;
+ if (!down_read_trylock(&mm->mmap_sem))
+ goto err_down_read_mmap_sem_failed;
vma = binder_alloc_get_vma(alloc);
list_lru_isolate(lru, item);
@@ -965,7 +965,7 @@ enum lru_status binder_alloc_free_page(struct list_head *item,
trace_binder_unmap_user_end(alloc, index);
}
- up_write(&mm->mmap_sem);
+ up_read(&mm->mmap_sem);
mmput(mm);
trace_binder_unmap_kernel_start(alloc, index);
@@ -980,7 +980,7 @@ enum lru_status binder_alloc_free_page(struct list_head *item,
mutex_unlock(&alloc->mutex);
return LRU_REMOVED_RETRY;
-err_down_write_mmap_sem_failed:
+err_down_read_mmap_sem_failed:
mmput_async(mm);
err_mmget:
err_page_already_freed:
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* Re: [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page()
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page() Sasha Levin
@ 2019-08-29 15:10 ` Tyler Hicks
2019-08-29 16:42 ` Sasha Levin
2019-08-30 6:23 ` Greg Kroah-Hartman
0 siblings, 2 replies; 18+ messages in thread
From: Tyler Hicks @ 2019-08-29 15:10 UTC (permalink / raw)
To: Sasha Levin; +Cc: linux-kernel, stable, Todd Kjos, Greg Kroah-Hartman, devel
Hello, Sasha!
On 2019-08-29 06:50:34, Sasha Levin wrote:
> From: Tyler Hicks <tyhicks@canonical.com>
>
> [ Upstream commit 60d4885710836595192c42d3e04b27551d30ec91 ]
>
> Restore the behavior of locking mmap_sem for reading in
> binder_alloc_free_page(), as was first done in commit 3013bf62b67a
> ("binder: reduce mmap_sem write-side lock"). That change was
> inadvertently reverted by commit 5cec2d2e5839 ("binder: fix race between
> munmap() and direct reclaim").
>
> In addition, change the name of the label for the error path to
> accurately reflect that we're taking the lock for reading.
>
> Backporting note: This fix is only needed when *both* of the commits
> mentioned above are applied. That's an unlikely situation since they
> both landed during the development of v5.1 but only one of them is
> targeted for stable.
This patch isn't meant to be applied to 4.14 since commit 3013bf62b67a
("binder: reduce mmap_sem write-side lock") was never brought back to
4.14.
My backporting note above isn't helpful for AUTOSEL purposes. Do you
have a suggestion for what I could have done in the patch tags to convey
that guidance to AUTOSEL?
Tyler
>
> Fixes: 5cec2d2e5839 ("binder: fix race between munmap() and direct reclaim")
> Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
> Acked-by: Todd Kjos <tkjos@android.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Signed-off-by: Sasha Levin <sashal@kernel.org>
> ---
> drivers/android/binder_alloc.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
> index e0b0399ff7ec8..81c67459259ec 100644
> --- a/drivers/android/binder_alloc.c
> +++ b/drivers/android/binder_alloc.c
> @@ -949,8 +949,8 @@ enum lru_status binder_alloc_free_page(struct list_head *item,
> mm = alloc->vma_vm_mm;
> if (!mmget_not_zero(mm))
> goto err_mmget;
> - if (!down_write_trylock(&mm->mmap_sem))
> - goto err_down_write_mmap_sem_failed;
> + if (!down_read_trylock(&mm->mmap_sem))
> + goto err_down_read_mmap_sem_failed;
> vma = binder_alloc_get_vma(alloc);
>
> list_lru_isolate(lru, item);
> @@ -965,7 +965,7 @@ enum lru_status binder_alloc_free_page(struct list_head *item,
>
> trace_binder_unmap_user_end(alloc, index);
> }
> - up_write(&mm->mmap_sem);
> + up_read(&mm->mmap_sem);
> mmput(mm);
>
> trace_binder_unmap_kernel_start(alloc, index);
> @@ -980,7 +980,7 @@ enum lru_status binder_alloc_free_page(struct list_head *item,
> mutex_unlock(&alloc->mutex);
> return LRU_REMOVED_RETRY;
>
> -err_down_write_mmap_sem_failed:
> +err_down_read_mmap_sem_failed:
> mmput_async(mm);
> err_mmget:
> err_page_already_freed:
> --
> 2.20.1
>
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page()
2019-08-29 15:10 ` Tyler Hicks
@ 2019-08-29 16:42 ` Sasha Levin
2019-08-30 6:23 ` Greg Kroah-Hartman
1 sibling, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 16:42 UTC (permalink / raw)
To: Tyler Hicks; +Cc: linux-kernel, stable, Todd Kjos, Greg Kroah-Hartman, devel
On Thu, Aug 29, 2019 at 10:10:52AM -0500, Tyler Hicks wrote:
>Hello, Sasha!
>
>On 2019-08-29 06:50:34, Sasha Levin wrote:
>> From: Tyler Hicks <tyhicks@canonical.com>
>>
>> [ Upstream commit 60d4885710836595192c42d3e04b27551d30ec91 ]
>>
>> Restore the behavior of locking mmap_sem for reading in
>> binder_alloc_free_page(), as was first done in commit 3013bf62b67a
>> ("binder: reduce mmap_sem write-side lock"). That change was
>> inadvertently reverted by commit 5cec2d2e5839 ("binder: fix race between
>> munmap() and direct reclaim").
>>
>> In addition, change the name of the label for the error path to
>> accurately reflect that we're taking the lock for reading.
>>
>> Backporting note: This fix is only needed when *both* of the commits
>> mentioned above are applied. That's an unlikely situation since they
>> both landed during the development of v5.1 but only one of them is
>> targeted for stable.
>
>This patch isn't meant to be applied to 4.14 since commit 3013bf62b67a
>("binder: reduce mmap_sem write-side lock") was never brought back to
>4.14.
>
>My backporting note above isn't helpful for AUTOSEL purposes. Do you
>have a suggestion for what I could have done in the patch tags to convey
>that guidance to AUTOSEL?
Hey Tyler,
No, this is just me messing up. AUTOSEL actually handled this well.
What happened here you ask? This series is basically a set of patches
that fix a different fix that went into stable. It didn't go through the
regular AUTOSEL flow and I goofed up manually. Sorry for the noise, I've
dropped the patch.
--
Thanks,
Sasha
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page()
2019-08-29 15:10 ` Tyler Hicks
2019-08-29 16:42 ` Sasha Levin
@ 2019-08-30 6:23 ` Greg Kroah-Hartman
2019-08-30 7:34 ` Tyler Hicks
1 sibling, 1 reply; 18+ messages in thread
From: Greg Kroah-Hartman @ 2019-08-30 6:23 UTC (permalink / raw)
To: Tyler Hicks; +Cc: Sasha Levin, linux-kernel, stable, Todd Kjos, devel
On Thu, Aug 29, 2019 at 10:10:52AM -0500, Tyler Hicks wrote:
> Hello, Sasha!
>
> On 2019-08-29 06:50:34, Sasha Levin wrote:
> > From: Tyler Hicks <tyhicks@canonical.com>
> >
> > [ Upstream commit 60d4885710836595192c42d3e04b27551d30ec91 ]
> >
> > Restore the behavior of locking mmap_sem for reading in
> > binder_alloc_free_page(), as was first done in commit 3013bf62b67a
> > ("binder: reduce mmap_sem write-side lock"). That change was
> > inadvertently reverted by commit 5cec2d2e5839 ("binder: fix race between
> > munmap() and direct reclaim").
> >
> > In addition, change the name of the label for the error path to
> > accurately reflect that we're taking the lock for reading.
> >
> > Backporting note: This fix is only needed when *both* of the commits
> > mentioned above are applied. That's an unlikely situation since they
> > both landed during the development of v5.1 but only one of them is
> > targeted for stable.
>
> This patch isn't meant to be applied to 4.14 since commit 3013bf62b67a
> ("binder: reduce mmap_sem write-side lock") was never brought back to
> 4.14.
But the patch says:
Fixes: 5cec2d2e5839 ("binder: fix race between munmap() and direct reclaim")
and that commit is in 4.14.124.
thanks,
greg k-h
^ permalink raw reply [flat|nested] 18+ messages in thread
* Re: [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page()
2019-08-30 6:23 ` Greg Kroah-Hartman
@ 2019-08-30 7:34 ` Tyler Hicks
0 siblings, 0 replies; 18+ messages in thread
From: Tyler Hicks @ 2019-08-30 7:34 UTC (permalink / raw)
To: Greg Kroah-Hartman; +Cc: Sasha Levin, linux-kernel, stable, Todd Kjos, devel
On 2019-08-30 08:23:49, Greg Kroah-Hartman wrote:
> On Thu, Aug 29, 2019 at 10:10:52AM -0500, Tyler Hicks wrote:
> > Hello, Sasha!
> >
> > On 2019-08-29 06:50:34, Sasha Levin wrote:
> > > From: Tyler Hicks <tyhicks@canonical.com>
> > >
> > > [ Upstream commit 60d4885710836595192c42d3e04b27551d30ec91 ]
> > >
> > > Restore the behavior of locking mmap_sem for reading in
> > > binder_alloc_free_page(), as was first done in commit 3013bf62b67a
> > > ("binder: reduce mmap_sem write-side lock"). That change was
> > > inadvertently reverted by commit 5cec2d2e5839 ("binder: fix race between
> > > munmap() and direct reclaim").
> > >
> > > In addition, change the name of the label for the error path to
> > > accurately reflect that we're taking the lock for reading.
> > >
> > > Backporting note: This fix is only needed when *both* of the commits
> > > mentioned above are applied. That's an unlikely situation since they
> > > both landed during the development of v5.1 but only one of them is
> > > targeted for stable.
> >
> > This patch isn't meant to be applied to 4.14 since commit 3013bf62b67a
> > ("binder: reduce mmap_sem write-side lock") was never brought back to
> > 4.14.
>
> But the patch says:
> Fixes: 5cec2d2e5839 ("binder: fix race between munmap() and direct reclaim")
> and that commit is in 4.14.124.
This patch fixes 5cec2d2e5839 but only when 3013bf62b67a is also
applied. If 3013bf62b67a isn't present, this patch shouldn't be
backported. 3013bf62b67a isn't in 4.14.y.
Tyler
>
> thanks,
>
> greg k-h
^ permalink raw reply [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 06/14] powerpc/64: mark start_here_multiplatform as __ref
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (3 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 05/14] binder: take read mode of mmap_sem in binder_alloc_free_page() Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 07/14] HID: input: fix a4tech horizontal wheel custom usage Sasha Levin
` (7 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Christophe Leroy, Russell Currey, Michael Ellerman, Sasha Levin,
linuxppc-dev
From: Christophe Leroy <christophe.leroy@c-s.fr>
[ Upstream commit 9c4e4c90ec24652921e31e9551fcaedc26eec86d ]
Otherwise, the following warning is encountered:
WARNING: vmlinux.o(.text+0x3dc6): Section mismatch in reference from the variable start_here_multiplatform to the function .init.text:.early_setup()
The function start_here_multiplatform() references
the function __init .early_setup().
This is often because start_here_multiplatform lacks a __init
annotation or the annotation of .early_setup is wrong.
Fixes: 56c46bba9bbf ("powerpc/64: Fix booting large kernels with STRICT_KERNEL_RWX")
Cc: Russell Currey <ruscur@russell.cc>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/powerpc/kernel/head_64.S | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/powerpc/kernel/head_64.S b/arch/powerpc/kernel/head_64.S
index 4f2e18266e34a..8c04c51a6e148 100644
--- a/arch/powerpc/kernel/head_64.S
+++ b/arch/powerpc/kernel/head_64.S
@@ -897,6 +897,7 @@ p_toc: .8byte __toc_start + 0x8000 - 0b
/*
* This is where the main kernel code starts.
*/
+__REF
start_here_multiplatform:
/* set up the TOC */
bl relative_toc
@@ -972,6 +973,7 @@ start_here_multiplatform:
RFI
b . /* prevent speculative execution */
+ .previous
/* This is where all platforms converge execution */
start_here_common:
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 07/14] HID: input: fix a4tech horizontal wheel custom usage
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (4 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 06/14] powerpc/64: mark start_here_multiplatform as __ref Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 08/14] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx Sasha Levin
` (6 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Nicolas Saenz Julienne, Jiri Kosina, Sasha Levin, linux-input
From: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
[ Upstream commit 1c703b53e5bfb5c2205c30f0fb157ce271fd42fb ]
Some a4tech mice use the 'GenericDesktop.00b8' usage to inform whether
the previous wheel report was horizontal or vertical. Before
c01908a14bf73 ("HID: input: add mapping for "Toggle Display" key") this
usage was being mapped to 'Relative.Misc'. After the patch it's simply
ignored (usage->type == 0 & usage->code == 0). Which ultimately makes
hid-a4tech ignore the WHEEL/HWHEEL selection event, as it has no
usage->type.
We shouldn't rely on a mapping for that usage as it's nonstandard and
doesn't really map to an input event. So we bypass the mapping and make
sure the custom event handling properly handles both reports.
Fixes: c01908a14bf73 ("HID: input: add mapping for "Toggle Display" key")
Signed-off-by: Nicolas Saenz Julienne <nsaenzjulienne@suse.de>
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/hid/hid-a4tech.c | 30 +++++++++++++++++++++++++++---
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/drivers/hid/hid-a4tech.c b/drivers/hid/hid-a4tech.c
index 9428ea7cdf8a0..c52bd163abb3e 100644
--- a/drivers/hid/hid-a4tech.c
+++ b/drivers/hid/hid-a4tech.c
@@ -26,12 +26,36 @@
#define A4_2WHEEL_MOUSE_HACK_7 0x01
#define A4_2WHEEL_MOUSE_HACK_B8 0x02
+#define A4_WHEEL_ORIENTATION (HID_UP_GENDESK | 0x000000b8)
+
struct a4tech_sc {
unsigned long quirks;
unsigned int hw_wheel;
__s32 delayed_value;
};
+static int a4_input_mapping(struct hid_device *hdev, struct hid_input *hi,
+ struct hid_field *field, struct hid_usage *usage,
+ unsigned long **bit, int *max)
+{
+ struct a4tech_sc *a4 = hid_get_drvdata(hdev);
+
+ if (a4->quirks & A4_2WHEEL_MOUSE_HACK_B8 &&
+ usage->hid == A4_WHEEL_ORIENTATION) {
+ /*
+ * We do not want to have this usage mapped to anything as it's
+ * nonstandard and doesn't really behave like an HID report.
+ * It's only selecting the orientation (vertical/horizontal) of
+ * the previous mouse wheel report. The input_events will be
+ * generated once both reports are recorded in a4_event().
+ */
+ return -1;
+ }
+
+ return 0;
+
+}
+
static int a4_input_mapped(struct hid_device *hdev, struct hid_input *hi,
struct hid_field *field, struct hid_usage *usage,
unsigned long **bit, int *max)
@@ -53,8 +77,7 @@ static int a4_event(struct hid_device *hdev, struct hid_field *field,
struct a4tech_sc *a4 = hid_get_drvdata(hdev);
struct input_dev *input;
- if (!(hdev->claimed & HID_CLAIMED_INPUT) || !field->hidinput ||
- !usage->type)
+ if (!(hdev->claimed & HID_CLAIMED_INPUT) || !field->hidinput)
return 0;
input = field->hidinput->input;
@@ -65,7 +88,7 @@ static int a4_event(struct hid_device *hdev, struct hid_field *field,
return 1;
}
- if (usage->hid == 0x000100b8) {
+ if (usage->hid == A4_WHEEL_ORIENTATION) {
input_event(input, EV_REL, value ? REL_HWHEEL :
REL_WHEEL, a4->delayed_value);
return 1;
@@ -129,6 +152,7 @@ MODULE_DEVICE_TABLE(hid, a4_devices);
static struct hid_driver a4_driver = {
.name = "a4tech",
.id_table = a4_devices,
+ .input_mapping = a4_input_mapping,
.input_mapped = a4_input_mapped,
.event = a4_event,
.probe = a4_probe,
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 08/14] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (5 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 07/14] HID: input: fix a4tech horizontal wheel custom usage Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 09/14] arm64: dts: rockchip: enable usb-host regulators at boot on rk3328-rock64 Sasha Levin
` (5 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Oleg Nesterov, Kefeng Wang, Andrea Arcangeli, Peter Xu,
Mike Rapoport, Jann Horn, Jason Gunthorpe, Michal Hocko,
Tetsuo Handa, Andrew Morton, Linus Torvalds, Sasha Levin,
linux-fsdevel
From: Oleg Nesterov <oleg@redhat.com>
[ Upstream commit 46d0b24c5ee10a15dfb25e20642f5a5ed59c5003 ]
userfaultfd_release() should clear vm_flags/vm_userfaultfd_ctx even if
mm->core_state != NULL.
Otherwise a page fault can see userfaultfd_missing() == T and use an
already freed userfaultfd_ctx.
Link: http://lkml.kernel.org/r/20190820160237.GB4983@redhat.com
Fixes: 04f5866e41fb ("coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping")
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reported-by: Kefeng Wang <wangkefeng.wang@huawei.com>
Reviewed-by: Andrea Arcangeli <aarcange@redhat.com>
Tested-by: Kefeng Wang <wangkefeng.wang@huawei.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Mike Rapoport <rppt@linux.ibm.com>
Cc: Jann Horn <jannh@google.com>
Cc: Jason Gunthorpe <jgg@mellanox.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/userfaultfd.c | 25 +++++++++++++------------
1 file changed, 13 insertions(+), 12 deletions(-)
diff --git a/fs/userfaultfd.c b/fs/userfaultfd.c
index 7a908d6832582..a609d480606da 100644
--- a/fs/userfaultfd.c
+++ b/fs/userfaultfd.c
@@ -854,6 +854,7 @@ static int userfaultfd_release(struct inode *inode, struct file *file)
/* len == 0 means wake all */
struct userfaultfd_wake_range range = { .len = 0, };
unsigned long new_flags;
+ bool still_valid;
ACCESS_ONCE(ctx->released) = true;
@@ -869,8 +870,7 @@ static int userfaultfd_release(struct inode *inode, struct file *file)
* taking the mmap_sem for writing.
*/
down_write(&mm->mmap_sem);
- if (!mmget_still_valid(mm))
- goto skip_mm;
+ still_valid = mmget_still_valid(mm);
prev = NULL;
for (vma = mm->mmap; vma; vma = vma->vm_next) {
cond_resched();
@@ -881,19 +881,20 @@ static int userfaultfd_release(struct inode *inode, struct file *file)
continue;
}
new_flags = vma->vm_flags & ~(VM_UFFD_MISSING | VM_UFFD_WP);
- prev = vma_merge(mm, prev, vma->vm_start, vma->vm_end,
- new_flags, vma->anon_vma,
- vma->vm_file, vma->vm_pgoff,
- vma_policy(vma),
- NULL_VM_UFFD_CTX);
- if (prev)
- vma = prev;
- else
- prev = vma;
+ if (still_valid) {
+ prev = vma_merge(mm, prev, vma->vm_start, vma->vm_end,
+ new_flags, vma->anon_vma,
+ vma->vm_file, vma->vm_pgoff,
+ vma_policy(vma),
+ NULL_VM_UFFD_CTX);
+ if (prev)
+ vma = prev;
+ else
+ prev = vma;
+ }
vma->vm_flags = new_flags;
vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX;
}
-skip_mm:
up_write(&mm->mmap_sem);
mmput(mm);
wakeup:
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 09/14] arm64: dts: rockchip: enable usb-host regulators at boot on rk3328-rock64
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (6 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 08/14] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 10/14] mac80211: fix possible sta leak Sasha Levin
` (4 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Dmitry Voytik, Heiko Stuebner, Sasha Levin, devicetree, linux-rockchip
From: Dmitry Voytik <voytikd@gmail.com>
[ Upstream commit 26e2d7b03ea7ff254bf78305aa44dda62e70b78e ]
After commit ef05bcb60c1a, boot from USB drives is broken.
Fix this problem by enabling usb-host regulators during boot time.
Fixes: ef05bcb60c1a ("arm64: dts: rockchip: fix vcc_host1_5v pin assign on rk3328-rock64")
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Voytik <voytikd@gmail.com>
Signed-off-by: Heiko Stuebner <heiko@sntech.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/arm64/boot/dts/rockchip/rk3328-rock64.dts | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/arm64/boot/dts/rockchip/rk3328-rock64.dts b/arch/arm64/boot/dts/rockchip/rk3328-rock64.dts
index e720f40bbd5d7..3f8f528099a80 100644
--- a/arch/arm64/boot/dts/rockchip/rk3328-rock64.dts
+++ b/arch/arm64/boot/dts/rockchip/rk3328-rock64.dts
@@ -77,6 +77,7 @@
pinctrl-0 = <&usb30_host_drv>;
regulator-name = "vcc_host_5v";
regulator-always-on;
+ regulator-boot-on;
vin-supply = <&vcc_sys>;
};
@@ -87,6 +88,7 @@
pinctrl-0 = <&usb20_host_drv>;
regulator-name = "vcc_host1_5v";
regulator-always-on;
+ regulator-boot-on;
vin-supply = <&vcc_sys>;
};
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 10/14] mac80211: fix possible sta leak
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (7 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 09/14] arm64: dts: rockchip: enable usb-host regulators at boot on rk3328-rock64 Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 11/14] scripts/decode_stacktrace: match basepath using shell prefix operator, not regex Sasha Levin
` (3 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable; +Cc: Johannes Berg, Sasha Levin, linux-wireless, netdev
From: Johannes Berg <johannes.berg@intel.com>
[ Upstream commit 5fd2f91ad483baffdbe798f8a08f1b41442d1e24 ]
If TDLS station addition is rejected, the sta memory is leaked.
Avoid this by moving the check before the allocation.
Cc: stable@vger.kernel.org
Fixes: 7ed5285396c2 ("mac80211: don't initiate TDLS connection if station is not associated to AP")
Link: https://lore.kernel.org/r/20190801073033.7892-1-johannes@sipsolutions.net
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/mac80211/cfg.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
index 150dd2160cefb..8168c667d91d9 100644
--- a/net/mac80211/cfg.c
+++ b/net/mac80211/cfg.c
@@ -1459,6 +1459,11 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
if (is_multicast_ether_addr(mac))
return -EINVAL;
+ if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER) &&
+ sdata->vif.type == NL80211_IFTYPE_STATION &&
+ !sdata->u.mgd.associated)
+ return -EINVAL;
+
sta = sta_info_alloc(sdata, mac, GFP_KERNEL);
if (!sta)
return -ENOMEM;
@@ -1466,10 +1471,6 @@ static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
sta->sta.tdls = true;
- if (sta->sta.tdls && sdata->vif.type == NL80211_IFTYPE_STATION &&
- !sdata->u.mgd.associated)
- return -EINVAL;
-
err = sta_apply_parameters(local, sta, params);
if (err) {
sta_info_free(local, sta);
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 11/14] scripts/decode_stacktrace: match basepath using shell prefix operator, not regex
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (8 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 10/14] mac80211: fix possible sta leak Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 12/14] KVM: arm/arm64: Only skip MMIO insn once Sasha Levin
` (2 subsequent siblings)
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Nicolas Boichat, Stephen Boyd, Andrew Morton, Linus Torvalds,
Sasha Levin
From: Nicolas Boichat <drinkcat@chromium.org>
[ Upstream commit 31013836a71e07751a6827f9d2ad41ef502ddaff ]
The basepath may contain special characters, which would confuse the regex
matcher. ${var#prefix} does the right thing.
Link: http://lkml.kernel.org/r/20190518055946.181563-1-drinkcat@chromium.org
Fixes: 67a28de47faa8358 ("scripts/decode_stacktrace: only strip base path when a prefix of the path")
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Stephen Boyd <swboyd@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
scripts/decode_stacktrace.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/decode_stacktrace.sh b/scripts/decode_stacktrace.sh
index c4a9ddb174bc5..5aa75a0a1cede 100755
--- a/scripts/decode_stacktrace.sh
+++ b/scripts/decode_stacktrace.sh
@@ -78,7 +78,7 @@ parse_symbol() {
fi
# Strip out the base of the path
- code=${code//^$basepath/""}
+ code=${code#$basepath/}
# In the case of inlines, move everything to same line
code=${code//$'\n'/' '}
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 12/14] KVM: arm/arm64: Only skip MMIO insn once
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (9 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 11/14] scripts/decode_stacktrace: match basepath using shell prefix operator, not regex Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 13/14] clk: s2mps11: Add used attribute to s2mps11_dt_match Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 14/14] kernel/module: Fix mem leak in module_add_modinfo_attrs Sasha Levin
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Andrew Jones, Mark Rutland, Marc Zyngier, Sasha Levin, kvmarm, kvm
From: Andrew Jones <drjones@redhat.com>
[ Upstream commit 2113c5f62b7423e4a72b890bd479704aa85c81ba ]
If after an MMIO exit to userspace a VCPU is immediately run with an
immediate_exit request, such as when a signal is delivered or an MMIO
emulation completion is needed, then the VCPU completes the MMIO
emulation and immediately returns to userspace. As the exit_reason
does not get changed from KVM_EXIT_MMIO in these cases we have to
be careful not to complete the MMIO emulation again, when the VCPU is
eventually run again, because the emulation does an instruction skip
(and doing too many skips would be a waste of guest code :-) We need
to use additional VCPU state to track if the emulation is complete.
As luck would have it, we already have 'mmio_needed', which even
appears to be used in this way by other architectures already.
Fixes: 0d640732dbeb ("arm64: KVM: Skip MMIO insn after emulation")
Acked-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Andrew Jones <drjones@redhat.com>
Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
virt/kvm/arm/mmio.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/virt/kvm/arm/mmio.c b/virt/kvm/arm/mmio.c
index 08443a15e6be8..3caee91bca089 100644
--- a/virt/kvm/arm/mmio.c
+++ b/virt/kvm/arm/mmio.c
@@ -98,6 +98,12 @@ int kvm_handle_mmio_return(struct kvm_vcpu *vcpu, struct kvm_run *run)
unsigned int len;
int mask;
+ /* Detect an already handled MMIO return */
+ if (unlikely(!vcpu->mmio_needed))
+ return 0;
+
+ vcpu->mmio_needed = 0;
+
if (!run->mmio.is_write) {
len = run->mmio.len;
if (len > sizeof(unsigned long))
@@ -200,6 +206,7 @@ int io_mem_abort(struct kvm_vcpu *vcpu, struct kvm_run *run,
run->mmio.is_write = is_write;
run->mmio.phys_addr = fault_ipa;
run->mmio.len = len;
+ vcpu->mmio_needed = 1;
if (!ret) {
/* We handled the access successfully in the kernel. */
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 13/14] clk: s2mps11: Add used attribute to s2mps11_dt_match
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (10 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 12/14] KVM: arm/arm64: Only skip MMIO insn once Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 14/14] kernel/module: Fix mem leak in module_add_modinfo_attrs Sasha Levin
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable
Cc: Nathan Chancellor, Stephen Boyd, Sasha Levin, linux-samsung-soc,
linux-clk
From: Nathan Chancellor <natechancellor@gmail.com>
[ Upstream commit 9c940bbe2bb47e03ca5e937d30b6a50bf9c0e671 ]
Clang warns after commit 8985167ecf57 ("clk: s2mps11: Fix matching when
built as module and DT node contains compatible"):
drivers/clk/clk-s2mps11.c:242:34: warning: variable 's2mps11_dt_match'
is not needed and will not be emitted [-Wunneeded-internal-declaration]
static const struct of_device_id s2mps11_dt_match[] = {
^
1 warning generated.
This warning happens when a variable is used in some construct that
doesn't require a reference to that variable to be emitted in the symbol
table; in this case, it's MODULE_DEVICE_TABLE, which only needs to hold
the data of the variable, not the variable itself.
$ nm -S drivers/clk/clk-s2mps11.o | rg s2mps11_dt_match
00000078 000003d4 R __mod_of__s2mps11_dt_match_device_table
Normally, with device ID table variables, it means that the variable
just needs to be tied to the device declaration at the bottom of the
file, like s2mps11_clk_id:
$ nm -S drivers/clk/clk-s2mps11.o | rg s2mps11_clk_id
00000000 00000078 R __mod_platform__s2mps11_clk_id_device_table
00000000 00000078 r s2mps11_clk_id
However, because the comment above this deliberately doesn't want this
variable added to .of_match_table, we need to mark s2mps11_dt_match as
__used to silence this warning. This makes it clear to Clang that the
variable is used for something, even if a reference to it isn't being
emitted.
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Fixes: 8985167ecf57 ("clk: s2mps11: Fix matching when built as module and DT node contains compatible")
Signed-off-by: Stephen Boyd <sboyd@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/clk/clk-s2mps11.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/clk/clk-s2mps11.c b/drivers/clk/clk-s2mps11.c
index 14071a57c9262..f5d74e8db4327 100644
--- a/drivers/clk/clk-s2mps11.c
+++ b/drivers/clk/clk-s2mps11.c
@@ -255,7 +255,7 @@ MODULE_DEVICE_TABLE(platform, s2mps11_clk_id);
* This requires of_device_id table. In the same time this will not change the
* actual *device* matching so do not add .of_match_table.
*/
-static const struct of_device_id s2mps11_dt_match[] = {
+static const struct of_device_id s2mps11_dt_match[] __used = {
{
.compatible = "samsung,s2mps11-clk",
.data = (void *)S2MPS11X,
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread
* [PATCH AUTOSEL 4.14 14/14] kernel/module: Fix mem leak in module_add_modinfo_attrs
2019-08-29 10:50 [PATCH AUTOSEL 4.14 01/14] hv_sock: Fix hang when a connection is closed Sasha Levin
` (11 preceding siblings ...)
2019-08-29 10:50 ` [PATCH AUTOSEL 4.14 13/14] clk: s2mps11: Add used attribute to s2mps11_dt_match Sasha Levin
@ 2019-08-29 10:50 ` Sasha Levin
12 siblings, 0 replies; 18+ messages in thread
From: Sasha Levin @ 2019-08-29 10:50 UTC (permalink / raw)
To: linux-kernel, stable; +Cc: YueHaibing, Miroslav Benes, Jessica Yu, Sasha Levin
From: YueHaibing <yuehaibing@huawei.com>
[ Upstream commit bc6f2a757d525e001268c3658bd88822e768f8db ]
In module_add_modinfo_attrs if sysfs_create_file
fails, we forget to free allocated modinfo_attrs
and roll back the sysfs files.
Fixes: 03e88ae1b13d ("[PATCH] fix module sysfs files reference counting")
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
kernel/module.c | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c
index 4b372c14d9a1f..4685675912414 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1695,6 +1695,8 @@ static int add_usage_links(struct module *mod)
return ret;
}
+static void module_remove_modinfo_attrs(struct module *mod, int end);
+
static int module_add_modinfo_attrs(struct module *mod)
{
struct module_attribute *attr;
@@ -1709,24 +1711,34 @@ static int module_add_modinfo_attrs(struct module *mod)
return -ENOMEM;
temp_attr = mod->modinfo_attrs;
- for (i = 0; (attr = modinfo_attrs[i]) && !error; i++) {
+ for (i = 0; (attr = modinfo_attrs[i]); i++) {
if (!attr->test || attr->test(mod)) {
memcpy(temp_attr, attr, sizeof(*temp_attr));
sysfs_attr_init(&temp_attr->attr);
error = sysfs_create_file(&mod->mkobj.kobj,
&temp_attr->attr);
+ if (error)
+ goto error_out;
++temp_attr;
}
}
+
+ return 0;
+
+error_out:
+ if (i > 0)
+ module_remove_modinfo_attrs(mod, --i);
return error;
}
-static void module_remove_modinfo_attrs(struct module *mod)
+static void module_remove_modinfo_attrs(struct module *mod, int end)
{
struct module_attribute *attr;
int i;
for (i = 0; (attr = &mod->modinfo_attrs[i]); i++) {
+ if (end >= 0 && i > end)
+ break;
/* pick a field to test for end of list */
if (!attr->attr.name)
break;
@@ -1814,7 +1826,7 @@ static int mod_sysfs_setup(struct module *mod,
return 0;
out_unreg_modinfo_attrs:
- module_remove_modinfo_attrs(mod);
+ module_remove_modinfo_attrs(mod, -1);
out_unreg_param:
module_param_sysfs_remove(mod);
out_unreg_holders:
@@ -1850,7 +1862,7 @@ static void mod_sysfs_fini(struct module *mod)
{
}
-static void module_remove_modinfo_attrs(struct module *mod)
+static void module_remove_modinfo_attrs(struct module *mod, int end)
{
}
@@ -1866,7 +1878,7 @@ static void init_param_lock(struct module *mod)
static void mod_sysfs_teardown(struct module *mod)
{
del_usage_links(mod);
- module_remove_modinfo_attrs(mod);
+ module_remove_modinfo_attrs(mod, -1);
module_param_sysfs_remove(mod);
kobject_put(mod->mkobj.drivers_dir);
kobject_put(mod->holders_dir);
--
2.20.1
^ permalink raw reply related [flat|nested] 18+ messages in thread