1. 11 12月, 2015 2 次提交
    • M
      arm64: Remove redundant padding from linker script · 5b28cd9d
      Mark Rutland 提交于
      Currently we place an ALIGN_DEBUG_RO between text and data for the .text
      and .init sections, and depending on configuration each of these may
      result in up to SECTION_SIZE bytes worth of padding (for
      DEBUG_RODATA_ALIGN).
      
      We make no distinction between the text and data in each of these
      sections at any point when creating the initial page tables in head.S.
      We also make no distinction when modifying the tables; __map_memblock,
      fixup_executable, mark_rodata_ro, and fixup_init only work at section
      granularity. Thus this padding is unnecessary.
      
      For the spit between init text and data we impose a minimum alignment of
      16 bytes, but this is also unnecessary. The init data is output
      immediately after the padding before any symbols are defined, so this is
      not required to keep a symbol for linker a section array correctly
      associated with the data. Any objects within the section will be given
      at least their usual alignment regardless.
      
      This patch removes the redundant padding.
      Signed-off-by: NMark Rutland <mark.rutland@arm.com>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Catalin Marinas <catalin.marinas@arm.com>
      Cc: Jeremy Linton <jeremy.linton@arm.com>
      Cc: Laura Abbott <labbott@fedoraproject.org>
      Cc: Will Deacon <will.deacon@arm.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      5b28cd9d
    • M
      arm64: mm: remove pointless PAGE_MASKing · e2c30ee3
      Mark Rutland 提交于
      As pgd_offset{,_k} shift the input address by PGDIR_SHIFT, the sub-page
      bits will always be shifted out. There is no need to apply PAGE_MASK
      before this.
      Signed-off-by: NMark Rutland <mark.rutland@arm.com>
      Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Catalin Marinas <catalin.marinas@arm.com>
      Cc: Jeremy Linton <jeremy.linton@arm.com>
      Cc: Laura Abbott <labbott@fedoraproject.org>
      Cc: Will Deacon <will.deacon@arm.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      e2c30ee3
  2. 10 12月, 2015 3 次提交
  3. 09 12月, 2015 1 次提交
    • W
      arm64: irq: fix walking from irq stack to task stack · 7596abf2
      Will Deacon 提交于
      Running with CONFIG_DEBUG_SPINLOCK=y can trigger a BUG with the new IRQ
      stack code:
      
        BUG: spinlock lockup suspected on CPU#1
      
      This is due to the IRQ_STACK_TO_TASK_STACK macro incorrectly retrieving
      the task stack pointer stashed at the top of the IRQ stack.
      
      Sayeth James:
      
      | Yup, this is what is happening. Its an off-by-one due to broken
      | thinking about how the stack works. My broken thinking was:
      |
      | >   top ------------
      | >       | dummy_lr | <- irq_stack_ptr
      | >       ------------
      | >       |   x29    |
      | >       ------------
      | >       |   x19    | <- irq_stack_ptr - 0x10
      | >       ------------
      | >       |   xzr    |
      | >       ------------
      |
      | But the stack-pointer is decreased before use. So it actually looks
      | like this:
      |
      | >       ------------
      | >       |          |  <- irq_stack_ptr
      | >   top ------------
      | >       | dummy_lr |
      | >       ------------
      | >       |   x29    | <- irq_stack_ptr - 0x10
      | >       ------------
      | >       |   x19    |
      | >       ------------
      | >       |   xzr    | <- irq_stack_ptr - 0x20
      | >       ------------
      |
      | The value being used as the original stack is x29, which in all the
      | tests is sp but without the current frames data, hence there are no
      | missing frames in the output.
      |
      | Jungseok Lee picked it up with a 32bit user space because aarch32
      | can't use x29, so it remains 0 forever. The fix he posted is correct.
      
      This patch fixes the macro and adds some of this wisdom to a comment,
      so that the layout of the IRQ stack is well understood.
      
      Cc: James Morse <james.morse@arm.com>
      Reported-by: NJungseok Lee <jungseoklee85@gmail.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      7596abf2
  4. 08 12月, 2015 4 次提交
  5. 05 12月, 2015 1 次提交
    • C
      arm64: Add trace_hardirqs_off annotation in ret_to_user · db3899a6
      Catalin Marinas 提交于
      When a kernel is built with CONFIG_TRACE_IRQFLAGS the following warning
      is produced when entering userspace for the first time:
      
        WARNING: at /work/Linux/linux-2.6-aarch64/kernel/locking/lockdep.c:3519
        Modules linked in:
        CPU: 1 PID: 1 Comm: systemd Not tainted 4.4.0-rc3+ #639
        Hardware name: Juno (DT)
        task: ffffffc9768a0000 ti: ffffffc9768a8000 task.ti: ffffffc9768a8000
        PC is at check_flags.part.22+0x19c/0x1a8
        LR is at check_flags.part.22+0x19c/0x1a8
        pc : [<ffffffc0000fba6c>] lr : [<ffffffc0000fba6c>] pstate: 600001c5
        sp : ffffffc9768abe10
        x29: ffffffc9768abe10 x28: ffffffc9768a8000
        x27: 0000000000000000 x26: 0000000000000001
        x25: 00000000000000a6 x24: ffffffc00064be6c
        x23: ffffffc0009f249e x22: ffffffc9768a0000
        x21: ffffffc97fea5480 x20: 00000000000001c0
        x19: ffffffc00169a000 x18: 0000005558cc7b58
        x17: 0000007fb78e3180 x16: 0000005558d2e238
        x15: ffffffffffffffff x14: 0ffffffffffffffd
        x13: 0000000000000008 x12: 0101010101010101
        x11: 7f7f7f7f7f7f7f7f x10: fefefefefefeff63
        x9 : 7f7f7f7f7f7f7f7f x8 : 6e655f7371726964
        x7 : 0000000000000001 x6 : ffffffc0001079c4
        x5 : 0000000000000000 x4 : 0000000000000001
        x3 : ffffffc001698438 x2 : 0000000000000000
        x1 : ffffffc9768a0000 x0 : 000000000000002e
        Call trace:
        [<ffffffc0000fba6c>] check_flags.part.22+0x19c/0x1a8
        [<ffffffc0000fc440>] lock_is_held+0x80/0x98
        [<ffffffc00064bafc>] __schedule+0x404/0x730
        [<ffffffc00064be6c>] schedule+0x44/0xb8
        [<ffffffc000085bb0>] ret_to_user+0x0/0x24
        possible reason: unannotated irqs-off.
        irq event stamp: 502169
        hardirqs last  enabled at (502169): [<ffffffc000085a98>] el0_irq_naked+0x1c/0x24
        hardirqs last disabled at (502167): [<ffffffc0000bb3bc>] __do_softirq+0x17c/0x298
        softirqs last  enabled at (502168): [<ffffffc0000bb43c>] __do_softirq+0x1fc/0x298
        softirqs last disabled at (502143): [<ffffffc0000bb830>] irq_exit+0xa0/0xf0
      
      This happens because we disable interrupts in ret_to_user before calling
      schedule() in work_resched. This patch adds the necessary
      trace_hardirqs_off annotation.
      Signed-off-by: NCatalin Marinas <catalin.marinas@arm.com>
      Reported-by: NMark Rutland <mark.rutland@arm.com>
      Cc: Will Deacon <will.deacon@arm.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      db3899a6
  6. 04 12月, 2015 4 次提交
    • L
      arm64: ftrace: fix the comments for ftrace_modify_code · 004ab584
      Li Bin 提交于
      There is no need to worry about module and __init text disappearing
      case, because that ftrace has a module notifier that is called when
      a module is being unloaded and before the text goes away and this
      code grabs the ftrace_lock mutex and removes the module functions
      from the ftrace list, such that it will no longer do any
      modifications to that module's text, the update to make functions
      be traced or not is done under the ftrace_lock mutex as well.
      And by now, __init section codes should not been modified
      by ftrace, because it is black listed in recordmcount.c and
      ignored by ftrace.
      Suggested-by: NSteven Rostedt <rostedt@goodmis.org>
      Signed-off-by: NLi Bin <huawei.libin@huawei.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      004ab584
    • L
      arm64: ftrace: stop using kstop_machine to enable/disable tracing · 81a6a146
      Li Bin 提交于
      For ftrace on arm64, kstop_machine which is hugely disruptive
      to a running system is not needed to convert nops to ftrace calls
      or back, because that to be modified instrucions, that NOP, B or BL,
      are all safe instructions which called "concurrent modification
      and execution of instructions", that can be executed by one
      thread of execution as they are being modified by another thread
      of execution without requiring explicit synchronization.
      Signed-off-by: NLi Bin <huawei.libin@huawei.com>
      Reviewed-by: NSteven Rostedt <rostedt@goodmis.org>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      81a6a146
    • W
      arm64: spinlock: serialise spin_unlock_wait against concurrent lockers · d86b8da0
      Will Deacon 提交于
      Boqun Feng reported a rather nasty ordering issue with spin_unlock_wait
      on architectures implementing spin_lock with LL/SC sequences and acquire
      semantics:
      
       | CPU 1                   CPU 2                     CPU 3
       | ==================      ====================      ==============
       |                                                   spin_unlock(&lock);
       |                         spin_lock(&lock):
       |                           r1 = *lock; // r1 == 0;
       |                         o = READ_ONCE(object); // reordered here
       | object = NULL;
       | smp_mb();
       | spin_unlock_wait(&lock);
       |                           *lock = 1;
       | smp_mb();
       | o->dead = true;
       |                         if (o) // true
       |                           BUG_ON(o->dead); // true!!
      
      The crux of the problem is that spin_unlock_wait(&lock) can return on
      CPU 1 whilst CPU 2 is in the process of taking the lock. This can be
      resolved by upgrading spin_unlock_wait to a LOCK operation, forcing it
      to serialise against a concurrent locker and giving it acquire semantics
      in the process (although it is not at all clear whether this is needed -
      different callers seem to assume different things about the barrier
      semantics and architectures are similarly disjoint in their
      implementations of the macro).
      
      This patch implements spin_unlock_wait using an LL/SC sequence with
      acquire semantics on arm64. For v8.1 systems with the LSE atomics, the
      exclusive writeback is omitted, since the spin_lock operation is
      indivisible and no intermediate state can be observed.
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      d86b8da0
    • W
      arm64: enable HAVE_IRQ_TIME_ACCOUNTING · 24da208d
      Will Deacon 提交于
      arm64 relies on the arm_arch_timer for sched_clock, so we can select
      HAVE_IRQ_TIME_ACCOUNTING and have the core sched-clock code enable the
      feature at runtime based on the rate.
      Reported-by: NMario Smarduch <m.smarduch@samsung.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      24da208d
  7. 02 12月, 2015 2 次提交
  8. 01 12月, 2015 3 次提交
  9. 30 11月, 2015 8 次提交
    • L
      Linux 4.4-rc3 · 31ade3b8
      Linus Torvalds 提交于
      31ade3b8
    • L
      Merge branch 'drm-fixes' of git://people.freedesktop.org/~airlied/linux · c5bc1c93
      Linus Torvalds 提交于
      Pull nouveau and radeon fixes from Dave Airlie:
       "Just some nouveau and radeon/amdgpu fixes.
      
        The nouveau fixes look large as the firmware context files are
        regenerated, but the actual change is quite small"
      
      * 'drm-fixes' of git://people.freedesktop.org/~airlied/linux:
        drm/radeon: make some dpm errors debug only
        drm/nouveau/volt/pwm/gk104: fix an off-by-one resulting in the voltage not being set
        drm/nouveau/nvif: allow userspace access to its own client object
        drm/nouveau/gr/gf100-: fix oops when calling zbc methods
        drm/nouveau/gr/gf117-: assume no PPC if NV_PGRAPH_GPC_GPM_PD_PES_TPC_ID_MASK is zero
        drm/nouveau/gr/gf117-: read NV_PGRAPH_GPC_GPM_PD_PES_TPC_ID_MASK from correct GPC
        drm/nouveau/gr/gf100-: split out per-gpc address calculation macro
        drm/nouveau/bios: return actual size of the buffer retrieved via _ROM
        drm/nouveau/instmem: protect instobj list with a spinlock
        drm/nouveau/pci: enable c800 magic for some unknown Samsung laptop
        drm/nouveau/pci: enable c800 magic for Clevo P157SM
        drm/radeon: make rv770_set_sw_state failures non-fatal
        drm/amdgpu: move dependency handling out of atomic section v2
        drm/amdgpu: optimize scheduler fence handling
        drm/amdgpu: remove vm->mutex
        drm/amdgpu: add mutex for ba_va->valids/invalids
        drm/amdgpu: adapt vce session create interface changes
        drm/amdgpu: vce use multiple cache surface starting from stoney
        drm/amdgpu: reset vce trap interrupt flag
      c5bc1c93
    • L
      Merge tag 'rtc-4.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux · 818aba30
      Linus Torvalds 提交于
      Pull RTC fixes from Alexandre Belloni:
       "Two fixes for the ds1307 alarm and wakeup"
      
      * tag 'rtc-4.4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux:
        rtc: ds1307: fix alarm reading at probe time
        rtc: ds1307: fix kernel splat due to wakeup irq handling
      818aba30
    • L
      Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus · 00fd6a71
      Linus Torvalds 提交于
      Pull MIPS fix from Ralf Baechle:
       "Just a fix for empty loops that may be removed by non-antique GCC"
      
      * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus:
        MIPS: Fix delay loops which may be removed by GCC.
      00fd6a71
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k · d72aee78
      Linus Torvalds 提交于
      Pull m68k fixes from Geert Uytterhoeven:
       "Summary:
      
         - Add missing initialization of max_pfn, which is needed to make
           selftests/vm/mlock2-tests succeed,
      
         - Wire up new mlock2 syscall"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/geert/linux-m68k:
        m68k: Wire up mlock2
        m68knommu: Add missing initialization of max_pfn and {min,max}_low_pfn
        m68k/mm: sun3 - Add missing initialization of max_pfn and {min,max}_low_pfn
        m68k/mm: m54xx - Add missing initialization of max_pfn
        m68k/mm: motorola - Add missing initialization of max_pfn
      d72aee78
    • L
      Merge branch 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm · 04527fda
      Linus Torvalds 提交于
      Pull ARM fixes from Russell King:
       "Just two changes this time around:
      
         - wire up the new mlock2 syscall added during the last merge window
      
         - fix a build problem with certain configurations provoked by making
           CONFIG_OF user selectable"
      
      * 'fixes' of git://ftp.arm.linux.org.uk/~rmk/linux-arm:
        ARM: 8454/1: OF implies OF_FLATTREE
        ARM: wire up mlock2 syscall
      04527fda
    • L
      Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending · 36511e86
      Linus Torvalds 提交于
      Pull SCSI target fixes from Nicholas Bellinger:
       - fix tcm-user backend driver expired cmd time processing (agrover)
       - eliminate kref_put_spinlock_irqsave() for I/O completion (bart)
       - fix iscsi login kthread failure case hung task regression (nab)
       - fix COMPARE_AND_WRITE completion use-after-free race (nab)
       - fix COMPARE_AND_WRITE with SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC non zero
         SGL offset data corruption.  (Jan + Doug)
       - fix >= v4.4-rc1 regression for tcm_qla2xxx enable configfs attribute
         (Himanshu + HCH)
      
      * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending:
        target/stat: print full t10_wwn.model buffer
        target: fix COMPARE_AND_WRITE non zero SGL offset data corruption
        qla2xxx: Fix regression introduced by target configFS changes
        kref: Remove kref_put_spinlock_irqsave()
        target: Invoke release_cmd() callback without holding a spinlock
        target: Fix race for SCF_COMPARE_AND_WRITE_POST checking
        iscsi-target: Fix rx_login_comp hang after login failure
        iscsi-target: return -ENOMEM instead of -1 in case of failed kmalloc()
        target/user: Do not set unused fields in tcmu_ops
        target/user: Fix time calc in expired cmd processing
      36511e86
    • L
      Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux · 75a29ec1
      Linus Torvalds 提交于
      Pull thermal management fixes from Zhang Rui:
       "Specifics:
      
       - several fixes and cleanups on Rockchip thermal drivers.
      
       - add the missing support of RK3368 SoCs in Rockchip driver.
      
       - small fixes on of-thermal, power_allocator, rcar driver, IMX, and
         QCOM drivers, and also compilation fixes, on thermal.h, when thermal
         is not selected"
      
      * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux:
        imx: thermal: use CPU temperature grade info for thresholds
        thermal: fix thermal_zone_bind_cooling_device prototype
        Revert "thermal: qcom_spmi: allow compile test"
        thermal: rcar_thermal: remove redundant operation
        thermal: of-thermal: Reduce log level for message when can't fine thermal zone
        thermal: power_allocator: Use temperature reading from tz
        thermal: rockchip: Support the RK3368 SoCs in thermal driver
        thermal: rockchip: consistently use int for temperatures
        thermal: rockchip: Add the sort mode for adc value increment or decrement
        thermal: rockchip: improve the conversion function
        thermal: rockchip: trivial: fix typo in commit
        thermal: rockchip: better to compatible the driver for different SoCs
        dt-bindings: rockchip-thermal: Support the RK3368 SoCs compatible
      75a29ec1
  10. 29 11月, 2015 12 次提交
    • D
      target/stat: print full t10_wwn.model buffer · 8f903539
      David Disseldorp 提交于
      Cut 'n paste error saw it only process sizeof(t10_wwn.vendor) characters.
      Signed-off-by: NDavid Disseldorp <ddiss@suse.de>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      8f903539
    • J
      target: fix COMPARE_AND_WRITE non zero SGL offset data corruption · d94e5a61
      Jan Engelhardt 提交于
      target_core_sbc's compare_and_write functionality suffers from taking
      data at the wrong memory location when writing a CAW request to disk
      when a SGL offset is non-zero.
      
      This can happen with loopback and vhost-scsi fabric drivers when
      SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC is used to map existing user-space
      SGL memory into COMPARE_AND_WRITE READ/WRITE payload buffers.
      
      Given the following sample LIO subtopology,
      
      % targetcli ls /loopback/
      o- loopback ................................. [1 Target]
        o- naa.6001405ebb8df14a ....... [naa.60014059143ed2b3]
          o- luns ................................... [2 LUNs]
            o- lun0 ................ [iblock/ram0 (/dev/ram0)]
            o- lun1 ................ [iblock/ram1 (/dev/ram1)]
      % lsscsi -g
      [3:0:1:0]    disk    LIO-ORG  IBLOCK           4.0   /dev/sdc   /dev/sg3
      [3:0:1:1]    disk    LIO-ORG  IBLOCK           4.0   /dev/sdd   /dev/sg4
      
      the following bug can be observed in Linux 4.3 and 4.4~rc1:
      
      % perl -e 'print chr$_ for 0..255,reverse 0..255' >rand
      % perl -e 'print "\0" x 512' >zero
      % cat rand >/dev/sdd
      % sg_compare_and_write -i rand -D zero --lba 0 /dev/sdd
      % sg_compare_and_write -i zero -D rand --lba 0 /dev/sdd
      Miscompare reported
      % hexdump -Cn 512 /dev/sdd
      00000000  0f 0e 0d 0c 0b 0a 09 08  07 06 05 04 03 02 01 00
      00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00
      *
      00000200
      
      Rather than writing all-zeroes as instructed with the -D file, it
      corrupts the data in the sector by splicing some of the original
      bytes in. The page of the first entry of cmd->t_data_sg includes the
      CDB, and sg->offset is set to a position past the CDB. I presume that
      sg->offset is also the right choice to use for subsequent sglist
      members.
      Signed-off-by: NJan Engelhardt <jengelh@netitwork.de>
      Tested-by: NDouglas Gilbert <dgilbert@interlog.com>
      Cc: <stable@vger.kernel.org> # v3.12+
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      d94e5a61
    • H
      qla2xxx: Fix regression introduced by target configFS changes · 3786dc45
      Himanshu Madhani 提交于
      this patch fixes following regression
      
       # targetcli
       [Errno 13] Permission denied: '/sys/kernel/config/target/qla2xxx/21:00:00:0e:1e:08:c7:20/tpgt_1/enable'
      
      Fixes: 2eafd729 ("target: use per-attribute show and store methods")
      Signed-off-by: NHimanshu Madhani <himanshu.madhani@qlogic.com>
      Signed-off-by: NGiridhar Malavali <giridhar.malavali@qlogic.com>
      Reviewed-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      3786dc45
    • B
      kref: Remove kref_put_spinlock_irqsave() · 3a66d7dc
      Bart Van Assche 提交于
      The last user is gone. Hence remove this function.
      Signed-off-by: NBart Van Assche <bart.vanassche@sandisk.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Joern Engel <joern@logfs.org>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      3a66d7dc
    • B
      target: Invoke release_cmd() callback without holding a spinlock · 9ff9d15e
      Bart Van Assche 提交于
      This patch fixes the following kernel warning because it avoids that
      IRQs are disabled while ft_release_cmd() is invoked (fc_seq_set_resp()
      invokes spin_unlock_bh()):
      
      WARNING: CPU: 3 PID: 117 at kernel/softirq.c:150 __local_bh_enable_ip+0xaa/0x110()
      Call Trace:
       [<ffffffff814f71eb>] dump_stack+0x4f/0x7b
       [<ffffffff8105e56a>] warn_slowpath_common+0x8a/0xc0
       [<ffffffff8105e65a>] warn_slowpath_null+0x1a/0x20
       [<ffffffff81062b2a>] __local_bh_enable_ip+0xaa/0x110
       [<ffffffff814ff229>] _raw_spin_unlock_bh+0x39/0x40
       [<ffffffffa03a7f94>] fc_seq_set_resp+0xe4/0x100 [libfc]
       [<ffffffffa02e604a>] ft_free_cmd+0x4a/0x90 [tcm_fc]
       [<ffffffffa02e6972>] ft_release_cmd+0x12/0x20 [tcm_fc]
       [<ffffffffa042bd66>] target_release_cmd_kref+0x56/0x90 [target_core_mod]
       [<ffffffffa042caf0>] target_put_sess_cmd+0xc0/0x110 [target_core_mod]
       [<ffffffffa042cb81>] transport_release_cmd+0x41/0x70 [target_core_mod]
       [<ffffffffa042d975>] transport_generic_free_cmd+0x35/0x420 [target_core_mod]
      Signed-off-by: NBart Van Assche <bart.vanassche@sandisk.com>
      Acked-by: NJoern Engel <joern@logfs.org>
      Reviewed-by: NAndy Grover <agrover@redhat.com>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: Hannes Reinecke <hare@suse.de>
      Cc: Sagi Grimberg <sagig@mellanox.com>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      9ff9d15e
    • N
      target: Fix race for SCF_COMPARE_AND_WRITE_POST checking · 057085e5
      Nicholas Bellinger 提交于
      This patch addresses a race + use after free where the first
      stage of COMPARE_AND_WRITE in compare_and_write_callback()
      is rescheduled after the backend sends the secondary WRITE,
      resulting in second stage compare_and_write_post() callback
      completing in target_complete_ok_work() before the first
      can return.
      
      Because current code depends on checking se_cmd->se_cmd_flags
      after return from se_cmd->transport_complete_callback(),
      this results in first stage having SCF_COMPARE_AND_WRITE_POST
      set, which incorrectly falls through into second stage CAW
      processing code, eventually triggering a NULL pointer
      dereference due to use after free.
      
      To address this bug, pass in a new *post_ret parameter into
      se_cmd->transport_complete_callback(), and depend upon this
      value instead of ->se_cmd_flags to determine when to return
      or fall through into ->queue_status() code for CAW.
      
      Cc: Sagi Grimberg <sagig@mellanox.com>
      Cc: <stable@vger.kernel.org> # v3.12+
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      057085e5
    • N
      iscsi-target: Fix rx_login_comp hang after login failure · ca82c2bd
      Nicholas Bellinger 提交于
      This patch addresses a case where iscsi_target_do_tx_login_io()
      fails sending the last login response PDU, after the RX/TX
      threads have already been started.
      
      The case centers around iscsi_target_rx_thread() not invoking
      allow_signal(SIGINT) before the send_sig(SIGINT, ...) occurs
      from the failure path, resulting in RX thread hanging
      indefinately on iscsi_conn->rx_login_comp.
      
      Note this bug is a regression introduced by:
      
        commit e5419865
        Author: Nicholas Bellinger <nab@linux-iscsi.org>
        Date:   Wed Jul 22 23:14:19 2015 -0700
      
            iscsi-target: Fix iscsit_start_kthreads failure OOPs
      
      To address this bug, complete ->rx_login_complete for good
      measure in the failure path, and immediately return from
      RX thread context if connection state did not actually reach
      full feature phase (TARG_CONN_STATE_LOGGED_IN).
      
      Cc: Sagi Grimberg <sagig@mellanox.com>
      Cc: <stable@vger.kernel.org> # v3.10+
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      ca82c2bd
    • L
      iscsi-target: return -ENOMEM instead of -1 in case of failed kmalloc() · 82a819e8
      Luis de Bethencourt 提交于
      Smatch complains about returning hard coded error codes, silence this
      warning.
      
      drivers/target/iscsi/iscsi_target_parameters.c:211
         iscsi_create_default_params() warn: returning -1 instead of -ENOMEM is sloppy
      Signed-off-by: NLuis de Bethencourt <luisbg@osg.samsung.com>
      Reviewed-by: NSagi Grimberg <sagig@mellanox.com>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      82a819e8
    • A
      target/user: Do not set unused fields in tcmu_ops · 6ba4bd29
      Andy Grover 提交于
      TCMU sets TRANSPORT_FLAG_PASSTHROUGH, so INQUIRY commands will not be
      emulated by LIO but passed up to userspace. Therefore TCMU should not
      set these, just like pscsi doesn't.
      Signed-off-by: NAndy Grover <agrover@redhat.com>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      6ba4bd29
    • A
      target/user: Fix time calc in expired cmd processing · 611e2267
      Andy Grover 提交于
      Reversed arguments meant that we were doing nothing for cmds whose deadline
      had passed.
      Signed-off-by: NAndy Grover <agrover@redhat.com>
      Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
      611e2267
    • A
      ARM: 8454/1: OF implies OF_FLATTREE · aa7d5f18
      Arnd Bergmann 提交于
      On the ARM architecture, individual platforms select CONFIG_USE_OF if they
      need it, but all device tree code is keyed off CONFIG_OF. When building
      a platform without DT support and manually enabling CONFIG_OF, we now
      get a number of build errors, e.g.
      
      arch/arm/kernel/devtree.c: In function 'setup_machine_fdt':
      arch/arm/kernel/devtree.c:215:19: error: implicit declaration of function 'early_init_dt_verify' [-Werror=implicit-function-declaration]
      
      We could now try to separate the use case of booting from DT vs. the
      case of using the dynamic implementation, but that seems more complicated
      than it can gain us.
      
      This simply changes the ARM Kconfig file to always enable OF_RESERVED_MEM
      and OF_EARLY_FLATTREE when CONFIG_OF is enabled. These options add a little
      extra code when we just want the dynamic OF implementation, but that seems
      like a rather obscure case, and this version solves all CONFIG_OF related
      randconfig regressions.
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Fixes: 0166dc11 ("of: make CONFIG_OF user selectable")
      Acked-by: NRob Herring <robh@kernel.org>
      Signed-off-by: NRussell King <rmk+kernel@arm.linux.org.uk>
      aa7d5f18
    • L
      Merge tag 'pci-v4.4-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci · 081f3698
      Linus Torvalds 提交于
      Pull PCI fixes from Bjorn Helgaas:
       "Here are a few fixes I'd like to have in v4.4: a generic one for sysfs
        and three for HiSilicon and DesignWare host controllers.
      
        Summary:
      
        NUMA:
         - Prevent out of bounds access in numa_node override (Mathias Krause)
      
        HiSilicon host bridge driver:
         - Fix deferred probing (Arnd Bergmann)
      
        Synopsys DesignWare host bridge driver:
         - Remove incorrect io_base assignment (Stanimir Varbanov)
         - Move align_resource function pointer to pci_host_bridge structure
           (Gabriele Paoloni)"
      
      * tag 'pci-v4.4-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
        ARM/PCI: Move align_resource function pointer to pci_host_bridge structure
        PCI: hisi: Fix deferred probing
        PCI: designware: Remove incorrect io_base assignment
        PCI: Prevent out of bounds access in numa_node override
      081f3698