1. 28 6月, 2017 12 次提交
    • J
      MIPS: Save static registers before sysmips · 49955d84
      James Hogan 提交于
      The MIPS sysmips system call handler may return directly from the
      MIPS_ATOMIC_SET case (mips_atomic_set()) to syscall_exit. This path
      restores the static (callee saved) registers, however they won't have
      been saved on entry to the system call.
      
      Use the save_static_function() macro to create a __sys_sysmips wrapper
      function which saves the static registers before calling sys_sysmips, so
      that the correct static register state is restored by syscall_exit.
      
      Fixes: f1e39a4a ("MIPS: Rewrite sysmips(MIPS_ATOMIC_SET, ...) in C with inline assembler")
      Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Cc: stable@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/16149/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      49955d84
    • J
      MIPS: Fix mips_atomic_set() retry condition · 2ec420b2
      James Hogan 提交于
      The inline asm retry check in the MIPS_ATOMIC_SET operation of the
      sysmips system call has been backwards since commit f1e39a4a ("MIPS:
      Rewrite sysmips(MIPS_ATOMIC_SET, ...) in C with inline assembler")
      merged in v2.6.32, resulting in the non R10000_LLSC_WAR case retrying
      until the operation was inatomic, before returning the new value that
      was probably just written multiple times instead of the old value.
      
      Invert the branch condition to fix that particular issue.
      
      Fixes: f1e39a4a ("MIPS: Rewrite sysmips(MIPS_ATOMIC_SET, ...) in C with inline assembler")
      Signed-off-by: NJames Hogan <james.hogan@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Cc: stable@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/16148/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      2ec420b2
    • M
      MIPS: perf: add I6500 handling · 736add24
      Marcin Nowakowski 提交于
      Add a definition of the perf registers for the new I6500 core.
      
      Since I6500 has the same event definitions as I6400, re-use the existing
      i6400 map structures by renaming them to a slightly more generic
      'i6x00_***_map'.
      Signed-off-by: NMarcin Nowakowski <marcin.nowakowski@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16362/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      736add24
    • P
      MIPS: Probe the I6500 CPU · 859aeb1b
      Paul Burton 提交于
      Introduce the I6500 PRID & probe it just the same way as I6400. The MIPS
      I6500 is the latest in Imagination Technologies' I-Class range of CPUs,
      with a focus on scalability & heterogeneity. It introduces the notion of
      multiple clusters to the MIPS Coherent Processing System, allowing for a
      far higher total number of cores & threads in a system when compared
      with its predecessors. Clusters don't need to be identical, and may
      contain differing numbers of cores & IOCUs, or cores with differing
      properties.
      
      This patch alone adds the basic support for booting Linux on an I6500
      CPU without support for any of its new functionality, for which support
      will be introduced in further patches.
      Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16190/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      859aeb1b
    • P
      MIPS: Perform post-DMA cache flushes on systems with MAARs · 498e9ade
      Paul Burton 提交于
      Recent CPUs from Imagination Technologies such as the I6400 or P6600 are
      able to speculatively fetch data from memory into caches. This means
      that if used in a system with non-coherent DMA they require that caches
      be invalidated after a device performs DMA, and before the CPU reads the
      DMA'd data, in order to ensure that stale values weren't speculatively
      prefetched.
      
      Such CPUs also introduced Memory Accessibility Attribute Registers
      (MAARs) in order to control the regions in which they are allowed to
      speculate. Thus we can use the presence of MAARs as a good indication
      that the CPU requires the above cache maintenance. Use the presence of
      MAARs to determine the result of cpu_needs_post_dma_flush() in the
      default case, in order to handle these recent CPUs correctly.
      
      Note that the return type of cpu_needs_post_dma_flush() is changed to
      bool, such that it's clearer what's happening when cpu_has_maar is cast
      to bool for the return value. If this patch were backported to a
      pre-v4.7 kernel then MIPS_CPU_MAAR was 1ull<<34, so when cast to an int
      we would incorrectly return 0. It so happens that MIPS_CPU_MAAR is
      currently 1ull<<30, so when truncated to an int gives a non-zero value
      anyway, but even so the implicit conversion from long long int to bool
      makes it clearer to understand what will happen than the implicit
      conversion from long long int to int would. The bool return type also
      fits this usage better semantically, so seems like an all-round win.
      
      Thanks to Ed for spotting the issue for pre-v4.7 kernels & suggesting
      the return type change.
      Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
      Reviewed-by: NBryan O'Donoghue <pure.logic@nexus-software.ie>
      Tested-by: NBryan O'Donoghue <pure.logic@nexus-software.ie>
      Cc: Ed Blake <ed.blake@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16363/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      498e9ade
    • D
      MIPS: Give __secure_computing() access to syscall arguments. · 669c4092
      David Daney 提交于
      KProbes of __seccomp_filter() are not very useful without access to
      the syscall arguments.
      
      Do what x86 does, and populate a struct seccomp_data to be passed to
      __secure_computing().  This allows samples/bpf/tracex5 to extract a
      sensible trace.
      Signed-off-by: NDavid Daney <david.daney@cavium.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: netdev@vger.kernel.org
      Cc: linux-kernel@vger.kernel.org
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16368/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      669c4092
    • D
      MIPS: Add support for eBPF JIT. · f381bf6d
      David Daney 提交于
      Since the eBPF machine has 64-bit registers, we only support this in
      64-bit kernels.  As of the writing of this commit log test-bpf is showing:
      
        test_bpf: Summary: 316 PASSED, 0 FAILED, [308/308 JIT'ed]
      
      All current test cases are successfully compiled.
      
      Many examples in samples/bpf are usable, specifically tracex5 which
      uses tail calls works.
      Signed-off-by: NDavid Daney <david.daney@cavium.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Markos Chandras <markos.chandras@imgtec.com>
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: netdev@vger.kernel.org
      Cc: linux-kernel@vger.kernel.org
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16369/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      f381bf6d
    • D
      MIPS: Add some instructions to uasm. · dc190129
      David Daney 提交于
      Follow on patches for eBPF JIT require these additional instructions:
      
         insn_bgtz, insn_blez, insn_break, insn_ddivu, insn_dmultu,
         insn_dsbh, insn_dshd, insn_dsllv, insn_dsra32, insn_dsrav,
         insn_dsrlv, insn_lbu, insn_movn, insn_movz, insn_multu, insn_nor,
         insn_sb, insn_sh, insn_slti, insn_dinsu, insn_lwu
      
      ... so, add them.
      
      Sort the insn_* enumeration values alphabetically.
      Signed-off-by: NDavid Daney <david.daney@cavium.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: netdev@vger.kernel.org
      Cc: linux-kernel@vger.kernel.org
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16367/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      dc190129
    • D
      MIPS: Correctly define DBSHFL type instruction opcodes. · 1f22d599
      David Daney 提交于
      DSHD was incorrectly classified as being BSHFL, and DSHD was missing
      altogether.
      Signed-off-by: NDavid Daney <david.daney@cavium.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: netdev@vger.kernel.org
      Cc: linux-kernel@vger.kernel.org
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16366/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      1f22d599
    • D
      MIPS: Optimize uasm insn lookup. · ce807d5f
      David Daney 提交于
      Instead of doing a linear search through the insn_table for each
      instruction, use the opcode as direct index into the table.  This will
      give constant time lookup performance as the number of supported
      opcodes increases.  Make the tables const as they are only ever read.
      For uasm-mips.c sort the table alphabetically, and remove duplicate
      entries, uasm-micromips.c was already sorted and duplicate free.
      There is a small savings in object size as struct insn loses a field:
      
      $ size arch/mips/mm/uasm-mips.o arch/mips/mm/uasm-mips.o.save
         text	   data	    bss	    dec	    hex	filename
        10040	      0	      0	  10040	   2738	arch/mips/mm/uasm-mips.o
         9240	   1120	      0	  10360	   2878	arch/mips/mm/uasm-mips.o.save
      Signed-off-by: NDavid Daney <david.daney@cavium.com>
      Cc: Alexei Starovoitov <ast@kernel.org>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Matt Redfearn <matt.redfearn@imgtec.com>
      Cc: netdev@vger.kernel.org
      Cc: linux-kernel@vger.kernel.org
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/16365/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      ce807d5f
    • P
      MIPS: module: Unify rel & rela reloc handling · 430d0b88
      Paul Burton 提交于
      The module load code has previously had entirely separate
      implementations for rel & rela style relocs, which unnecessarily
      duplicates a whole lot of code. Unify the implementations of both types
      of reloc, sharing the bulk of the code.
      Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/15832/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      430d0b88
    • P
      MIPS: module: Ensure we always clean up r_mips_hi16_list · 351b0940
      Paul Burton 提交于
      If we hit an error whilst processing a reloc then we would return early
      from apply_relocate & potentially not free entries in r_mips_hi16_list,
      thereby leaking memory. Fix this by ensuring that we always run the code
      to free r_mipps_hi16_list when errors occur.
      Signed-off-by: NPaul Burton <paul.burton@imgtec.com>
      Fixes: 861667dc ("MIPS: Fix race condition in module relocation code.")
      Fixes: 04211a57 ("MIPS: Bail on unsupported module relocs")
      Cc: linux-mips@linux-mips.org
      Patchwork: https://patchwork.linux-mips.org/patch/15831/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      351b0940
  2. 27 6月, 2017 2 次提交
    • K
      MIPS: defconfig: Cleanup from old Kconfig options · 59baa24d
      Krzysztof Kozlowski 提交于
      Remove old, dead Kconfig options (in order appearing in this commit):
       - EXPERIMENTAL is gone since v3.9;
       - INET_LRO: commit 7bbf3cae ("ipv4: Remove inet_lro library");
       - MTD_CONCAT: commit f53fdebc ("mtd: drop MTD_CONCAT from Kconfig
         entirely");
       - MTD_CHAR: commit 660685d9 ("mtd: merge mtdchar module with
         mtdcore");
       - NETDEV_1000 and NETDEV_10000: commit f860b052 ("drivers/net:
         Kconfig and Makefile cleanup"); NET_ETHERNET should be replaced with
         just ETHERNET but that is separate change;
       - MISC_DEVICES: commit 7c5763b8 ("drivers: misc: Remove
         MISC_DEVICES config option");
       - HID_SUPPORT: commit 1f41a6a9 ("HID: Fix the generic Kconfig
         options");
       - BT_L2CAP and BT_SCO: commit f1e91e16 ("Bluetooth: Always compile
         SCO and L2CAP in Bluetooth Core");
       - DEBUG_ERRORS: commit b025a3f8 ("ARM: 6876/1: Kconfig.debug:
         Remove unused CONFIG_DEBUG_ERRORS");
       - USB_DEVICE_CLASS: commit 007bab91 ("USB: remove
         CONFIG_USB_DEVICE_CLASS");
       - RCU_CPU_STALL_DETECTOR: commit a00e0d71 ("rcu: Remove conditional
         compilation for RCU CPU stall warnings");
       - IP_NF_QUEUE: commit 3dd6664f ("netfilter: remove unused "config
         IP_NF_QUEUE"");
       - IP_NF_TARGET_ULOG: commit d4da843e ("netfilter: kill remnants of
         ulog targets");
       - IP6_NF_QUEUE: commit d16cf20e ("netfilter: remove ip_queue
         support");
       - IP6_NF_TARGET_LOG: commit 6939c33a ("netfilter: merge ipt_LOG and
         ip6_LOG into xt_LOG");
       - USB_LED: commit a335aaf3 ("usb: misc: remove outdated USB LED
         driver");
       - MMC_UNSAFE_RESUME: commit 2501c917 ("mmc: core: Use
         MMC_UNSAFE_RESUME as default behavior");
       - AUTOFS_FS: commit 561c5cf9 ("staging: Remove autofs3");
       - VIDEO_OUTPUT_CONTROL: commit f167a64e ("video / output: Drop
         display output class support");
       - USB_LIBUSUAL: commit f61870ee ("usb: remove libusual");
       - CRYPTO_ZLIB: 11049218 ("crypto: compress - remove unused pcomp
         interface");
       - BLK_DEV_UB: commit 68a5059e ("block: remove the deprecated ub
         driver");
      Signed-off-by: NKrzysztof Kozlowski <krzk@kernel.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Florian Fainelli <f.fainelli@gmail.com>
      Cc: linux-kernel@vger.kernel.org
      Cc: bcm-kernel-feedback-list@broadcom.com
      Cc: linux-mips@linux-mips.org
      Cc: linux-arm-kernel@lists.infradead.org
      Patchwork: https://patchwork.linux-mips.org/patch/16342/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      59baa24d
    • M
      MIPS: Sort MIPS Kconfig Alphabetically. · 12597988
      Matt Redfearn 提交于
      Sort the entries in config MIPS alphabetically so as to make entries
      easier to find.
      Signed-off-by: NMatt Redfearn <matt.redfearn@imgtec.com>
      Cc: James Hogan <james.hogan@imgtec.com>
      Cc: linux-mips@linux-mips.org
      Cc: linux-kernel@vger.kernel.org
      Patchwork: https://patchwork.linux-mips.org/patch/16068/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
      12597988
  3. 26 6月, 2017 7 次提交
  4. 25 6月, 2017 1 次提交
  5. 24 6月, 2017 18 次提交
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace · f65013d6
      Linus Torvalds 提交于
      Pull timer fix from Eric Biederman:
       "This fixes an issue of confusing injected signals with the signals
        from posix timers that has existed since posix timers have been in the
        kernel.
      
        This patch is slightly simpler than my earlier version of this patch
        as I discovered in testing that I had misspelled "#ifdef
        CONFIG_POSIX_TIMERS". So I deleted that unnecessary test and made
        setting of resched_timer uncondtional.
      
        I have tested this and verified that without this patch there is a
        nasty hang that is easy to trigger, and with this patch everything
        works properly"
      
      Thomas Gleixner dixit:
       "It fixes the problem at hand and covers the ptrace case as well, which
        I missed.
      
        Reviewed-and-tested-by: Thomas Gleixner <tglx@linutronix.de>"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
        signal: Only reschedule timers on signals timers have sent
      f65013d6
    • T
      x86/mshyperv: Remove excess #includes from mshyperv.h · 26fcd952
      Thomas Gleixner 提交于
      A recent commit included linux/slab.h in linux/irq.h. This breaks the build
      of vdso32 on a 64-bit kernel.
      
      The reason is that linux/irq.h gets included into the vdso code via
      linux/interrupt.h which is included from asm/mshyperv.h. That makes the
      32-bit vdso compile fail, because slab.h includes the pgtable headers for
      64-bit on a 64-bit build.
      
      Neither linux/clocksource.h nor linux/interrupt.h are needed in the
      mshyperv.h header file itself - it has a dependency on <linux/atomic.h>.
      
      Remove the includes and unbreak the build.
      Reported-by: NIngo Molnar <mingo@kernel.org>
      Signed-off-by: NThomas Gleixner <tglx@linutronix.de>
      Cc: K. Y. Srinivasan <kys@microsoft.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Vitaly Kuznetsov <vkuznets@redhat.com>
      Cc: devel@linuxdriverproject.org
      Fixes: dee863b5 ("hv: export current Hyper-V clocksource")
      Link: http://lkml.kernel.org/r/alpine.DEB.2.20.1706231038460.2647@nanosSigned-off-by: NIngo Molnar <mingo@kernel.org>
      26fcd952
    • L
      Merge tag 'powerpc-4.12-7' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 94a6df25
      Linus Torvalds 提交于
      Pull powerpc fixes from Michael Ellerman:
       "Some more powerpc fixes for 4.12. Most of these actually came in last
        week but got held up for some more testing.
      
         - three fixes for kprobes/ftrace/livepatch interactions.
      
         - properly handle data breakpoints when using the Radix MMU.
      
         - fix for perf sampling of registers during call_usermodehelper().
      
         - properly initialise the thread_info on our emergency stacks
      
         - add an explicit flush when doing TLB invalidations for a process
           using NPU2.
      
        Thanks to: Alistair Popple, Naveen N. Rao, Nicholas Piggin, Ravi
        Bangoria, Masami Hiramatsu"
      
      * tag 'powerpc-4.12-7' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/64: Initialise thread_info for emergency stacks
        powerpc/powernv/npu-dma: Add explicit flush when sending an ATSD
        powerpc/perf: Fix oops when kthread execs user process
        powerpc/64s: Handle data breakpoints in Radix mode
        powerpc/kprobes: Skip livepatch_handler() for jprobes
        powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS
        powerpc/kprobes: Pause function_graph tracing during jprobes handling
      94a6df25
    • L
      Merge tag 'acpi-4.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · cd5545ae
      Linus Torvalds 提交于
      Pull ACPI fix from Rafael Wysocki:
       "This fixes the ACPI-based enumeration of some I2C and SPI devices
        broken in 4.11.
      
        Specifics:
      
         - I2C and SPI devices are expected to be enumerated by the I2C and
           SPI subsystems, respectively, but due to a change made during the
           4.11 cycle, in some cases the ACPI core marks them as already
           enumerated which causes the I2C and SPI subsystems to overlook
           them, so fix that (Jarkko Nikula)"
      
      * tag 'acpi-4.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        ACPI / scan: Fix enumeration for special SPI and I2C devices
      cd5545ae
    • L
      Merge branch 'i2c/for-current-fixed' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · ba6cbdb6
      Linus Torvalds 提交于
      Pull i2c fix from Wolfram Sang.
      
      * 'i2c/for-current-fixed' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: imx: Use correct function to write to register
      ba6cbdb6
    • L
      Merge tag 'gpio-v4.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio · 25b2398f
      Linus Torvalds 提交于
      Pull GPIO fix from Linus Walleij:
       "A single GPIO patch fixing the compatible string for the MVEBU PWM
        controller embedded in the GPIO controller before we release v4.12.
        Hopefully"
      
      * tag 'gpio-v4.12-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
        gpio: mvebu: change compatible string for PWM support
      25b2398f
    • L
      Merge tag 'sound-4.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound · 51c933f2
      Linus Torvalds 提交于
      Pull sound fixes from Takashi Iwai:
       "Nothing exciting here, just a few stable fixes:
      
         - suppress spurious kernel WARNING in PCM core
      
         - fix potential spin deadlock at error handling in firewire
      
         - HD-audio PCI ID addition / fixup"
      
      * tag 'sound-4.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
        ALSA: hda - Apply quirks to Broxton-T, too
        ALSA: firewire-lib: Fix stall of process context at packet error
        ALSA: pcm: Don't treat NULL chmap as a fatal error
        ALSA: hda - Add Coffelake PCI ID
      51c933f2
    • L
      Merge tag 'drm-fixes-for-v4.12-rc7' of git://people.freedesktop.org/~airlied/linux · 311548f1
      Linus Torvalds 提交于
      Pull drm fixes from Dave Airlie:
       "A varied bunch of fixes, one for an API regression with connectors.
      
        Otherwise amdgpu and i915 have a bunch of varied fixes, the shrinker
        ones being the most important"
      
      * tag 'drm-fixes-for-v4.12-rc7' of git://people.freedesktop.org/~airlied/linux:
        drm: Fix GETCONNECTOR regression
        drm/radeon: add a quirk for Toshiba Satellite L20-183
        drm/radeon: add a PX quirk for another K53TK variant
        drm/amdgpu: adjust default display clock
        drm/amdgpu/atom: fix ps allocation size for EnableDispPowerGating
        drm/amdgpu: add Polaris12 DID
        drm/i915: Don't enable backlight at setup time.
        drm/i915: Plumb the correct acquire ctx into intel_crtc_disable_noatomic()
        drm/i915: Fix deadlock witha the pipe A quirk during resume
        drm/i915: Remove __GFP_NORETRY from our buffer allocator
        drm/i915: Encourage our shrinker more when our shmemfs allocations fails
        drm/i915: Differentiate between sw write location into ring and last hw read
      311548f1
    • L
      Merge tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random · 7139a06b
      Linus Torvalds 提交于
      Pull random fixes from Ted Ts'o:
       "Fix some locking and gcc optimization issues from the most recent
        random_for_linus_stable pull request"
      
      * tag 'random_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random:
        random: silence compiler warnings and fix race
      7139a06b
    • L
      Merge tag 'for-4.12/dm-fixes-4' of... · 7ec2f7e8
      Linus Torvalds 提交于
      Merge tag 'for-4.12/dm-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
      
      Pull device mapper fixes from Mike Snitzer:
      
       - a revert of a DM mirror commit that has proven to make the code prone
         to crash
      
       - a DM io reference count fix that resolves a NULL pointer seen when
         issuing discards to a DM mirror target's device whose mirror legs do
         not all support discards
      
       - a couple DM integrity fixes
      
      * tag 'for-4.12/dm-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm:
        dm io: fix duplicate bio completion due to missing ref count
        dm integrity: fix to not disable/enable interrupts from interrupt context
        Revert "dm mirror: use all available legs on multiple failures"
        dm integrity: reject mappings too large for device
      7ec2f7e8
    • L
      Merge branch 'akpm' (patches from Andrew) · 337c6ba2
      Linus Torvalds 提交于
      Merge misc fixes from Andrew Morton:
       "8 fixes"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        fs/exec.c: account for argv/envp pointers
        ocfs2: fix deadlock caused by recursive locking in xattr
        slub: make sysfs file removal asynchronous
        lib/cmdline.c: fix get_options() overflow while parsing ranges
        fs/dax.c: fix inefficiency in dax_writeback_mapping_range()
        autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL
        mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings
        mm, thp: remove cond_resched from __collapse_huge_page_copy
      337c6ba2
    • K
      fs/exec.c: account for argv/envp pointers · 98da7d08
      Kees Cook 提交于
      When limiting the argv/envp strings during exec to 1/4 of the stack limit,
      the storage of the pointers to the strings was not included.  This means
      that an exec with huge numbers of tiny strings could eat 1/4 of the stack
      limit in strings and then additional space would be later used by the
      pointers to the strings.
      
      For example, on 32-bit with a 8MB stack rlimit, an exec with 1677721
      single-byte strings would consume less than 2MB of stack, the max (8MB /
      4) amount allowed, but the pointers to the strings would consume the
      remaining additional stack space (1677721 * 4 == 6710884).
      
      The result (1677721 + 6710884 == 8388605) would exhaust stack space
      entirely.  Controlling this stack exhaustion could result in
      pathological behavior in setuid binaries (CVE-2017-1000365).
      
      [akpm@linux-foundation.org: additional commenting from Kees]
      Fixes: b6a2fea3 ("mm: variable length argument support")
      Link: http://lkml.kernel.org/r/20170622001720.GA32173@beastSigned-off-by: NKees Cook <keescook@chromium.org>
      Acked-by: NRik van Riel <riel@redhat.com>
      Acked-by: NMichal Hocko <mhocko@suse.com>
      Cc: Alexander Viro <viro@zeniv.linux.org.uk>
      Cc: Qualys Security Advisory <qsa@qualys.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      98da7d08
    • E
      ocfs2: fix deadlock caused by recursive locking in xattr · 8818efaa
      Eric Ren 提交于
      Another deadlock path caused by recursive locking is reported.  This
      kind of issue was introduced since commit 743b5f14 ("ocfs2: take
      inode lock in ocfs2_iop_set/get_acl()").  Two deadlock paths have been
      fixed by commit b891fa50 ("ocfs2: fix deadlock issue when taking
      inode lock at vfs entry points").  Yes, we intend to fix this kind of
      case in incremental way, because it's hard to find out all possible
      paths at once.
      
      This one can be reproduced like this.  On node1, cp a large file from
      home directory to ocfs2 mountpoint.  While on node2, run
      setfacl/getfacl.  Both nodes will hang up there.  The backtraces:
      
      On node1:
        __ocfs2_cluster_lock.isra.39+0x357/0x740 [ocfs2]
        ocfs2_inode_lock_full_nested+0x17d/0x840 [ocfs2]
        ocfs2_write_begin+0x43/0x1a0 [ocfs2]
        generic_perform_write+0xa9/0x180
        __generic_file_write_iter+0x1aa/0x1d0
        ocfs2_file_write_iter+0x4f4/0xb40 [ocfs2]
        __vfs_write+0xc3/0x130
        vfs_write+0xb1/0x1a0
        SyS_write+0x46/0xa0
      
      On node2:
        __ocfs2_cluster_lock.isra.39+0x357/0x740 [ocfs2]
        ocfs2_inode_lock_full_nested+0x17d/0x840 [ocfs2]
        ocfs2_xattr_set+0x12e/0xe80 [ocfs2]
        ocfs2_set_acl+0x22d/0x260 [ocfs2]
        ocfs2_iop_set_acl+0x65/0xb0 [ocfs2]
        set_posix_acl+0x75/0xb0
        posix_acl_xattr_set+0x49/0xa0
        __vfs_setxattr+0x69/0x80
        __vfs_setxattr_noperm+0x72/0x1a0
        vfs_setxattr+0xa7/0xb0
        setxattr+0x12d/0x190
        path_setxattr+0x9f/0xb0
        SyS_setxattr+0x14/0x20
      
      Fix this one by using ocfs2_inode_{lock|unlock}_tracker, which is
      exported by commit 439a36b8 ("ocfs2/dlmglue: prepare tracking logic
      to avoid recursive cluster lock").
      
      Link: http://lkml.kernel.org/r/20170622014746.5815-1-zren@suse.com
      Fixes: 743b5f14 ("ocfs2: take inode lock in ocfs2_iop_set/get_acl()")
      Signed-off-by: NEric Ren <zren@suse.com>
      Reported-by: NThomas Voegtle <tv@lio96.de>
      Tested-by: NThomas Voegtle <tv@lio96.de>
      Reviewed-by: NJoseph Qi <jiangqi903@gmail.com>
      Cc: Mark Fasheh <mfasheh@versity.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Junxiao Bi <junxiao.bi@oracle.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8818efaa
    • T
      slub: make sysfs file removal asynchronous · 3b7b3140
      Tejun Heo 提交于
      Commit bf5eb3de ("slub: separate out sysfs_slab_release() from
      sysfs_slab_remove()") made slub sysfs file removals synchronous to
      kmem_cache shutdown.
      
      Unfortunately, this created a possible ABBA deadlock between slab_mutex
      and sysfs draining mechanism triggering the following lockdep warning.
      
        ======================================================
        [ INFO: possible circular locking dependency detected ]
        4.10.0-test+ #48 Not tainted
        -------------------------------------------------------
        rmmod/1211 is trying to acquire lock:
         (s_active#120){++++.+}, at: [<ffffffff81308073>] kernfs_remove+0x23/0x40
      
        but task is already holding lock:
         (slab_mutex){+.+.+.}, at: [<ffffffff8120f691>] kmem_cache_destroy+0x41/0x2d0
      
        which lock already depends on the new lock.
      
        the existing dependency chain (in reverse order) is:
      
        -> #1 (slab_mutex){+.+.+.}:
      	 lock_acquire+0xf6/0x1f0
      	 __mutex_lock+0x75/0x950
      	 mutex_lock_nested+0x1b/0x20
      	 slab_attr_store+0x75/0xd0
      	 sysfs_kf_write+0x45/0x60
      	 kernfs_fop_write+0x13c/0x1c0
      	 __vfs_write+0x28/0x120
      	 vfs_write+0xc8/0x1e0
      	 SyS_write+0x49/0xa0
      	 entry_SYSCALL_64_fastpath+0x1f/0xc2
      
        -> #0 (s_active#120){++++.+}:
      	 __lock_acquire+0x10ed/0x1260
      	 lock_acquire+0xf6/0x1f0
      	 __kernfs_remove+0x254/0x320
      	 kernfs_remove+0x23/0x40
      	 sysfs_remove_dir+0x51/0x80
      	 kobject_del+0x18/0x50
      	 __kmem_cache_shutdown+0x3e6/0x460
      	 kmem_cache_destroy+0x1fb/0x2d0
      	 kvm_exit+0x2d/0x80 [kvm]
      	 vmx_exit+0x19/0xa1b [kvm_intel]
      	 SyS_delete_module+0x198/0x1f0
      	 entry_SYSCALL_64_fastpath+0x1f/0xc2
      
        other info that might help us debug this:
      
         Possible unsafe locking scenario:
      
      	 CPU0                    CPU1
      	 ----                    ----
          lock(slab_mutex);
      				 lock(s_active#120);
      				 lock(slab_mutex);
          lock(s_active#120);
      
         *** DEADLOCK ***
      
        2 locks held by rmmod/1211:
         #0:  (cpu_hotplug.dep_map){++++++}, at: [<ffffffff810a7877>] get_online_cpus+0x37/0x80
         #1:  (slab_mutex){+.+.+.}, at: [<ffffffff8120f691>] kmem_cache_destroy+0x41/0x2d0
      
        stack backtrace:
        CPU: 3 PID: 1211 Comm: rmmod Not tainted 4.10.0-test+ #48
        Hardware name: Hewlett-Packard HP Compaq Pro 6300 SFF/339A, BIOS K01 v02.05 05/07/2012
        Call Trace:
         print_circular_bug+0x1be/0x210
         __lock_acquire+0x10ed/0x1260
         lock_acquire+0xf6/0x1f0
         __kernfs_remove+0x254/0x320
         kernfs_remove+0x23/0x40
         sysfs_remove_dir+0x51/0x80
         kobject_del+0x18/0x50
         __kmem_cache_shutdown+0x3e6/0x460
         kmem_cache_destroy+0x1fb/0x2d0
         kvm_exit+0x2d/0x80 [kvm]
         vmx_exit+0x19/0xa1b [kvm_intel]
         SyS_delete_module+0x198/0x1f0
         ? SyS_delete_module+0x5/0x1f0
         entry_SYSCALL_64_fastpath+0x1f/0xc2
      
      It'd be the cleanest to deal with the issue by removing sysfs files
      without holding slab_mutex before the rest of shutdown; however, given
      the current code structure, it is pretty difficult to do so.
      
      This patch punts sysfs file removal to a work item.  Before commit
      bf5eb3de, the removal was punted to a RCU delayed work item which is
      executed after release.  Now, we're punting to a different work item on
      shutdown which still maintains the goal removing the sysfs files earlier
      when destroying kmem_caches.
      
      Link: http://lkml.kernel.org/r/20170620204512.GI21326@htj.duckdns.org
      Fixes: bf5eb3de ("slub: separate out sysfs_slab_release() from sysfs_slab_remove()")
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Reported-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      Tested-by: NSteven Rostedt (VMware) <rostedt@goodmis.org>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      3b7b3140
    • I
      lib/cmdline.c: fix get_options() overflow while parsing ranges · a91e0f68
      Ilya Matveychikov 提交于
      When using get_options() it's possible to specify a range of numbers,
      like 1-100500.  The problem is that it doesn't track array size while
      calling internally to get_range() which iterates over the range and
      fills the memory with numbers.
      
      Link: http://lkml.kernel.org/r/2613C75C-B04D-4BFF-82A6-12F97BA0F620@gmail.comSigned-off-by: NIlya V. Matveychikov <matvejchikov@gmail.com>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      a91e0f68
    • J
      fs/dax.c: fix inefficiency in dax_writeback_mapping_range() · 1eb643d0
      Jan Kara 提交于
      dax_writeback_mapping_range() fails to update iteration index when
      searching radix tree for entries needing cache flushing.  Thus each
      pagevec worth of entries is searched starting from the start which is
      inefficient and prone to livelocks.  Update index properly.
      
      Link: http://lkml.kernel.org/r/20170619124531.21491-1-jack@suse.cz
      Fixes: 9973c98e ("dax: add support for fsync/sync")
      Signed-off-by: NJan Kara <jack@suse.cz>
      Reviewed-by: NRoss Zwisler <ross.zwisler@linux.intel.com>
      Cc: Dan Williams <dan.j.williams@intel.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      1eb643d0
    • N
      autofs: sanity check status reported with AUTOFS_DEV_IOCTL_FAIL · 9fa4eb8e
      NeilBrown 提交于
      If a positive status is passed with the AUTOFS_DEV_IOCTL_FAIL ioctl,
      autofs4_d_automount() will return
      
         ERR_PTR(status)
      
      with that status to follow_automount(), which will then dereference an
      invalid pointer.
      
      So treat a positive status the same as zero, and map to ENOENT.
      
      See comment in systemd src/core/automount.c::automount_send_ready().
      
      Link: http://lkml.kernel.org/r/871sqwczx5.fsf@notabene.neil.brown.nameSigned-off-by: NNeilBrown <neilb@suse.com>
      Cc: Ian Kent <raven@themaw.net>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      9fa4eb8e
    • A
      mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap mappings · 029c54b0
      Ard Biesheuvel 提交于
      Existing code that uses vmalloc_to_page() may assume that any address
      for which is_vmalloc_addr() returns true may be passed into
      vmalloc_to_page() to retrieve the associated struct page.
      
      This is not un unreasonable assumption to make, but on architectures
      that have CONFIG_HAVE_ARCH_HUGE_VMAP=y, it no longer holds, and we need
      to ensure that vmalloc_to_page() does not go off into the weeds trying
      to dereference huge PUDs or PMDs as table entries.
      
      Given that vmalloc() and vmap() themselves never create huge mappings or
      deal with compound pages at all, there is no correct answer in this
      case, so return NULL instead, and issue a warning.
      
      When reading /proc/kcore on arm64, you will hit an oops as soon as you
      hit the huge mappings used for the various segments that make up the
      mapping of vmlinux.  With this patch applied, you will no longer hit the
      oops, but the kcore contents willl be incorrect (these regions will be
      zeroed out)
      
      We are fixing this for kcore specifically, so it avoids vread() for
      those regions.  At least one other problematic user exists, i.e.,
      /dev/kmem, but that is currently broken on arm64 for other reasons.
      
      Link: http://lkml.kernel.org/r/20170609082226.26152-1-ard.biesheuvel@linaro.orgSigned-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
      Acked-by: NMark Rutland <mark.rutland@arm.com>
      Reviewed-by: NLaura Abbott <labbott@redhat.com>
      Cc: Michal Hocko <mhocko@suse.com>
      Cc: zhong jiang <zhongjiang@huawei.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      029c54b0