1. 15 3月, 2015 2 次提交
  2. 13 3月, 2015 7 次提交
  3. 12 3月, 2015 3 次提交
  4. 05 3月, 2015 1 次提交
    • S
      seq_buf: Fix seq_buf_bprintf() truncation · 4d4eb4d4
      Steven Rostedt (Red Hat) 提交于
      In seq_buf_bprintf(), bstr_printf() is used to copy the format into the
      buffer remaining in the seq_buf structure. The return of bstr_printf()
      is the amount of characters written to the buffer excluding the '\0',
      unless the line was truncated!
      
      If the line copied does not fit, it is truncated, and a '\0' is added
      to the end of the buffer. But in this case, '\0' is included in the length
      of the line written. To know if the buffer had overflowed, the return
      length will be the same or greater than the length of the buffer passed in.
      
      The check in seq_buf_bprintf() only checked if the length returned from
      bstr_printf() would fit in the buffer, as the seq_buf_bprintf() is only
      to be an all or nothing command. It either writes all the string into
      the seq_buf, or none of it. If the string is truncated, the pointers
      inside the seq_buf must be reset to what they were when the function was
      called. This is not the case. On overflow, it copies only part of the string.
      
      The fix is to change the overflow check to see if the length returned from
      bstr_printf() is less than the length remaining in the seq_buf buffer, and not
      if it is less than or equal to as it currently does. Then seq_buf_bprintf()
      will know if the write from bstr_printf() was truncated or not.
      
      Link: http://lkml.kernel.org/r/1425500481.2712.27.camel@perches.com
      
      Cc: stable@vger.kernel.org
      Reported-by: NJoe Perches <joe@perches.com>
      Signed-off-by: NSteven Rostedt <rostedt@goodmis.org>
      4d4eb4d4
  5. 04 3月, 2015 1 次提交
    • S
      seq_buf: Fix seq_buf_vprintf() truncation · 4a8fe4e1
      Steven Rostedt (Red Hat) 提交于
      In seq_buf_vprintf(), vsnprintf() is used to copy the format into the
      buffer remaining in the seq_buf structure. The return of vsnprintf()
      is the amount of characters written to the buffer excluding the '\0',
      unless the line was truncated!
      
      If the line copied does not fit, it is truncated, and a '\0' is added
      to the end of the buffer. But in this case, '\0' is included in the length
      of the line written. To know if the buffer had overflowed, the return
      length will be the same as the length of the buffer passed in.
      
      The check in seq_buf_vprintf() only checked if the length returned from
      vsnprintf() would fit in the buffer, as the seq_buf_vprintf() is only
      to be an all or nothing command. It either writes all the string into
      the seq_buf, or none of it. If the string is truncated, the pointers
      inside the seq_buf must be reset to what they were when the function was
      called. This is not the case. On overflow, it copies only part of the string.
      
      The fix is to change the overflow check to see if the length returned from
      vsnprintf() is less than the length remaining in the seq_buf buffer, and not
      if it is less than or equal to as it currently does. Then seq_buf_vprintf()
      will know if the write from vsnpritnf() was truncated or not.
      
      Cc: stable@vger.kernel.org
      Signed-off-by: NSteven Rostedt <rostedt@goodmis.org>
      4a8fe4e1
  6. 28 2月, 2015 3 次提交
    • E
      rhashtable: use cond_resched() · 5beb5c90
      Eric Dumazet 提交于
      If a hash table has 128 slots and 16384 elems, expand to 256 slots
      takes more than one second. For larger sets, a soft lockup is detected.
      
      Holding cpu for that long, even in a work queue is a show stopper
      for non preemptable kernels.
      
      cond_resched() at strategic points to allow process scheduler
      to reschedule us.
      Signed-off-by: NEric Dumazet <edumazet@google.com>
      Acked-by: NDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5beb5c90
    • D
      rhashtable: remove indirection for grow/shrink decision functions · 4c4b52d9
      Daniel Borkmann 提交于
      Currently, all real users of rhashtable default their grow and shrink
      decision functions to rht_grow_above_75() and rht_shrink_below_30(),
      so that there's currently no need to have this explicitly selectable.
      
      It can/should be generic and private inside rhashtable until a real
      use case pops up. Since we can make this private, we'll save us this
      additional indirection layer and can improve insertion/deletion time
      as well.
      
      Reference: http://patchwork.ozlabs.org/patch/443040/Suggested-by: NDavid S. Miller <davem@davemloft.net>
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Acked-by: NThomas Graf <tgraf@suug.ch>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4c4b52d9
    • D
      rhashtable: unconditionally grow when max_shift is not specified · 8331de75
      Daniel Borkmann 提交于
      While commit c0c09bfd ("rhashtable: avoid unnecessary wakeup for
      worker queue") rightfully moved part of the decision making of
      whether we should expand or shrink from the expand/shrink functions
      themselves into insert/delete functions in order to avoid unnecessary
      worker wake-ups, it however introduced a regression by doing so.
      
      Before that change, if no max_shift was specified (= 0) on rhashtable
      initialization, rhashtable_expand() would just grow unconditionally
      and lets the available memory be the limiting factor. After that
      change, if no max_shift was specified, there would be _no_ expansion
      step at all.
      
      Given that netlink and tipc have a max_shift specified, it was not
      visible there, but Josh Hunt reported that if nft that starts out
      with a default element hint of 3 if not otherwise provided, would
      slow i.e. inserts down trememdously as it cannot grow larger to
      relax table occupancy.
      
      Given that the test case verifies shrinks/expands manually, we also
      must remove pointer to the helper functions to explicitly avoid
      parallel resizing on insertions/deletions. test_bucket_stats() and
      test_rht_lookup() could also be wrapped around rhashtable mutex to
      explicitly synchronize a walk from resizing, but I think that defeats
      the actual test case which intended to have explicit test steps,
      i.e. 1) inserts, 2) expands, 3) shrinks, 4) deletions, with object
      verification after each stage.
      Reported-by: NJosh Hunt <johunt@akamai.com>
      Fixes: c0c09bfd ("rhashtable: avoid unnecessary wakeup for worker queue")
      Signed-off-by: NDaniel Borkmann <daniel@iogearbox.net>
      Cc: Ying Xue <ying.xue@windriver.com>
      Cc: Josh Hunt <johunt@akamai.com>
      Acked-by: NThomas Graf <tgraf@suug.ch>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8331de75
  7. 24 2月, 2015 1 次提交
  8. 21 2月, 2015 4 次提交
  9. 18 2月, 2015 1 次提交
    • J
      scripts/gdb: add infrastructure · 3ee7b3fa
      Jan Kiszka 提交于
      This provides the basic infrastructure to load kernel-specific python
      helper scripts when debugging the kernel in gdb.
      
      The loading mechanism is based on gdb loading for <objfile>-gdb.py when
      opening <objfile>.  Therefore, this places a corresponding link to the
      main helper script into the output directory that contains vmlinux.
      
      The main scripts will pull in submodules containing Linux specific gdb
      commands and functions.  To avoid polluting the source directory with
      compiled python modules, we link to them from the object directory.
      
      Due to gdb.parse_and_eval and string redirection for gdb.execute, we
      depend on gdb >= 7.2.
      
      This feature is enabled via CONFIG_GDB_SCRIPTS.
      Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
      Acked-by: Michal Marek <mmarek@suse.cz>		[kbuild stuff]
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Jason Wessel <jason.wessel@windriver.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Ben Widawsky <ben@bwidawsk.net>
      Cc: Borislav Petkov <bp@suse.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      3ee7b3fa
  10. 17 2月, 2015 1 次提交
  11. 14 2月, 2015 16 次提交
    • A
      kasan: enable instrumentation of global variables · bebf56a1
      Andrey Ryabinin 提交于
      This feature let us to detect accesses out of bounds of global variables.
      This will work as for globals in kernel image, so for globals in modules.
      Currently this won't work for symbols in user-specified sections (e.g.
      __init, __read_mostly, ...)
      
      The idea of this is simple.  Compiler increases each global variable by
      redzone size and add constructors invoking __asan_register_globals()
      function.  Information about global variable (address, size, size with
      redzone ...) passed to __asan_register_globals() so we could poison
      variable's redzone.
      
      This patch also forces module_alloc() to return 8*PAGE_SIZE aligned
      address making shadow memory handling (
      kasan_module_alloc()/kasan_module_free() ) more simple.  Such alignment
      guarantees that each shadow page backing modules address space correspond
      to only one module_alloc() allocation.
      Signed-off-by: NAndrey Ryabinin <a.ryabinin@samsung.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Konstantin Serebryany <kcc@google.com>
      Cc: Dmitry Chernenkov <dmitryc@google.com>
      Signed-off-by: NAndrey Konovalov <adech.fo@gmail.com>
      Cc: Yuri Gribov <tetra2005@gmail.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Cc: Sasha Levin <sasha.levin@oracle.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      bebf56a1
    • A
      lib: add kasan test module · 3f15801c
      Andrey Ryabinin 提交于
      This is a test module doing various nasty things like out of bounds
      accesses, use after free.  It is useful for testing kernel debugging
      features like kernel address sanitizer.
      
      It mostly concentrates on testing of slab allocator, but we might want to
      add more different stuff here in future (like stack/global variables out
      of bounds accesses and so on).
      Signed-off-by: NAndrey Ryabinin <a.ryabinin@samsung.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Konstantin Serebryany <kcc@google.com>
      Cc: Dmitry Chernenkov <dmitryc@google.com>
      Signed-off-by: NAndrey Konovalov <adech.fo@gmail.com>
      Cc: Yuri Gribov <tetra2005@gmail.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Cc: Sasha Levin <sasha.levin@oracle.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      3f15801c
    • A
      mm: slub: add kernel address sanitizer support for slub allocator · 0316bec2
      Andrey Ryabinin 提交于
      With this patch kasan will be able to catch bugs in memory allocated by
      slub.  Initially all objects in newly allocated slab page, marked as
      redzone.  Later, when allocation of slub object happens, requested by
      caller number of bytes marked as accessible, and the rest of the object
      (including slub's metadata) marked as redzone (inaccessible).
      
      We also mark object as accessible if ksize was called for this object.
      There is some places in kernel where ksize function is called to inquire
      size of really allocated area.  Such callers could validly access whole
      allocated memory, so it should be marked as accessible.
      
      Code in slub.c and slab_common.c files could validly access to object's
      metadata, so instrumentation for this files are disabled.
      Signed-off-by: NAndrey Ryabinin <a.ryabinin@samsung.com>
      Signed-off-by: NDmitry Chernenkov <dmitryc@google.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Konstantin Serebryany <kcc@google.com>
      Signed-off-by: NAndrey Konovalov <adech.fo@gmail.com>
      Cc: Yuri Gribov <tetra2005@gmail.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Cc: Sasha Levin <sasha.levin@oracle.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      0316bec2
    • A
      x86_64: add KASan support · ef7f0d6a
      Andrey Ryabinin 提交于
      This patch adds arch specific code for kernel address sanitizer.
      
      16TB of virtual addressed used for shadow memory.  It's located in range
      [ffffec0000000000 - fffffc0000000000] between vmemmap and %esp fixup
      stacks.
      
      At early stage we map whole shadow region with zero page.  Latter, after
      pages mapped to direct mapping address range we unmap zero pages from
      corresponding shadow (see kasan_map_shadow()) and allocate and map a real
      shadow memory reusing vmemmap_populate() function.
      
      Also replace __pa with __pa_nodebug before shadow initialized.  __pa with
      CONFIG_DEBUG_VIRTUAL=y make external function call (__phys_addr)
      __phys_addr is instrumented, so __asan_load could be called before shadow
      area initialized.
      Signed-off-by: NAndrey Ryabinin <a.ryabinin@samsung.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Konstantin Serebryany <kcc@google.com>
      Cc: Dmitry Chernenkov <dmitryc@google.com>
      Signed-off-by: NAndrey Konovalov <adech.fo@gmail.com>
      Cc: Yuri Gribov <tetra2005@gmail.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Cc: Sasha Levin <sasha.levin@oracle.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Jim Davis <jim.epost@gmail.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      ef7f0d6a
    • A
      kasan: add kernel address sanitizer infrastructure · 0b24becc
      Andrey Ryabinin 提交于
      Kernel Address sanitizer (KASan) is a dynamic memory error detector.  It
      provides fast and comprehensive solution for finding use-after-free and
      out-of-bounds bugs.
      
      KASAN uses compile-time instrumentation for checking every memory access,
      therefore GCC > v4.9.2 required.  v4.9.2 almost works, but has issues with
      putting symbol aliases into the wrong section, which breaks kasan
      instrumentation of globals.
      
      This patch only adds infrastructure for kernel address sanitizer.  It's
      not available for use yet.  The idea and some code was borrowed from [1].
      
      Basic idea:
      
      The main idea of KASAN is to use shadow memory to record whether each byte
      of memory is safe to access or not, and use compiler's instrumentation to
      check the shadow memory on each memory access.
      
      Address sanitizer uses 1/8 of the memory addressable in kernel for shadow
      memory and uses direct mapping with a scale and offset to translate a
      memory address to its corresponding shadow address.
      
      Here is function to translate address to corresponding shadow address:
      
           unsigned long kasan_mem_to_shadow(unsigned long addr)
           {
                      return (addr >> KASAN_SHADOW_SCALE_SHIFT) + KASAN_SHADOW_OFFSET;
           }
      
      where KASAN_SHADOW_SCALE_SHIFT = 3.
      
      So for every 8 bytes there is one corresponding byte of shadow memory.
      The following encoding used for each shadow byte: 0 means that all 8 bytes
      of the corresponding memory region are valid for access; k (1 <= k <= 7)
      means that the first k bytes are valid for access, and other (8 - k) bytes
      are not; Any negative value indicates that the entire 8-bytes are
      inaccessible.  Different negative values used to distinguish between
      different kinds of inaccessible memory (redzones, freed memory) (see
      mm/kasan/kasan.h).
      
      To be able to detect accesses to bad memory we need a special compiler.
      Such compiler inserts a specific function calls (__asan_load*(addr),
      __asan_store*(addr)) before each memory access of size 1, 2, 4, 8 or 16.
      
      These functions check whether memory region is valid to access or not by
      checking corresponding shadow memory.  If access is not valid an error
      printed.
      
      Historical background of the address sanitizer from Dmitry Vyukov:
      
      	"We've developed the set of tools, AddressSanitizer (Asan),
      	ThreadSanitizer and MemorySanitizer, for user space. We actively use
      	them for testing inside of Google (continuous testing, fuzzing,
      	running prod services). To date the tools have found more than 10'000
      	scary bugs in Chromium, Google internal codebase and various
      	open-source projects (Firefox, OpenSSL, gcc, clang, ffmpeg, MySQL and
      	lots of others): [2] [3] [4].
      	The tools are part of both gcc and clang compilers.
      
      	We have not yet done massive testing under the Kernel AddressSanitizer
      	(it's kind of chicken and egg problem, you need it to be upstream to
      	start applying it extensively). To date it has found about 50 bugs.
      	Bugs that we've found in upstream kernel are listed in [5].
      	We've also found ~20 bugs in out internal version of the kernel. Also
      	people from Samsung and Oracle have found some.
      
      	[...]
      
      	As others noted, the main feature of AddressSanitizer is its
      	performance due to inline compiler instrumentation and simple linear
      	shadow memory. User-space Asan has ~2x slowdown on computational
      	programs and ~2x memory consumption increase. Taking into account that
      	kernel usually consumes only small fraction of CPU and memory when
      	running real user-space programs, I would expect that kernel Asan will
      	have ~10-30% slowdown and similar memory consumption increase (when we
      	finish all tuning).
      
      	I agree that Asan can well replace kmemcheck. We have plans to start
      	working on Kernel MemorySanitizer that finds uses of unitialized
      	memory. Asan+Msan will provide feature-parity with kmemcheck. As
      	others noted, Asan will unlikely replace debug slab and pagealloc that
      	can be enabled at runtime. Asan uses compiler instrumentation, so even
      	if it is disabled, it still incurs visible overheads.
      
      	Asan technology is easily portable to other architectures. Compiler
      	instrumentation is fully portable. Runtime has some arch-dependent
      	parts like shadow mapping and atomic operation interception. They are
      	relatively easy to port."
      
      Comparison with other debugging features:
      ========================================
      
      KMEMCHECK:
      
        - KASan can do almost everything that kmemcheck can.  KASan uses
          compile-time instrumentation, which makes it significantly faster than
          kmemcheck.  The only advantage of kmemcheck over KASan is detection of
          uninitialized memory reads.
      
          Some brief performance testing showed that kasan could be
          x500-x600 times faster than kmemcheck:
      
      $ netperf -l 30
      		MIGRATED TCP STREAM TEST from 0.0.0.0 (0.0.0.0) port 0 AF_INET to localhost (127.0.0.1) port 0 AF_INET
      		Recv   Send    Send
      		Socket Socket  Message  Elapsed
      		Size   Size    Size     Time     Throughput
      		bytes  bytes   bytes    secs.    10^6bits/sec
      
      no debug:	87380  16384  16384    30.00    41624.72
      
      kasan inline:	87380  16384  16384    30.00    12870.54
      
      kasan outline:	87380  16384  16384    30.00    10586.39
      
      kmemcheck: 	87380  16384  16384    30.03      20.23
      
        - Also kmemcheck couldn't work on several CPUs.  It always sets
          number of CPUs to 1.  KASan doesn't have such limitation.
      
      DEBUG_PAGEALLOC:
      	- KASan is slower than DEBUG_PAGEALLOC, but KASan works on sub-page
      	  granularity level, so it able to find more bugs.
      
      SLUB_DEBUG (poisoning, redzones):
      	- SLUB_DEBUG has lower overhead than KASan.
      
      	- SLUB_DEBUG in most cases are not able to detect bad reads,
      	  KASan able to detect both reads and writes.
      
      	- In some cases (e.g. redzone overwritten) SLUB_DEBUG detect
      	  bugs only on allocation/freeing of object. KASan catch
      	  bugs right before it will happen, so we always know exact
      	  place of first bad read/write.
      
      [1] https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel
      [2] https://code.google.com/p/address-sanitizer/wiki/FoundBugs
      [3] https://code.google.com/p/thread-sanitizer/wiki/FoundBugs
      [4] https://code.google.com/p/memory-sanitizer/wiki/FoundBugs
      [5] https://code.google.com/p/address-sanitizer/wiki/AddressSanitizerForKernel#Trophies
      
      Based on work by Andrey Konovalov.
      Signed-off-by: NAndrey Ryabinin <a.ryabinin@samsung.com>
      Acked-by: NMichal Marek <mmarek@suse.cz>
      Signed-off-by: NAndrey Konovalov <adech.fo@gmail.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Konstantin Serebryany <kcc@google.com>
      Cc: Dmitry Chernenkov <dmitryc@google.com>
      Cc: Yuri Gribov <tetra2005@gmail.com>
      Cc: Konstantin Khlebnikov <koct9i@gmail.com>
      Cc: Sasha Levin <sasha.levin@oracle.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Dave Hansen <dave.hansen@intel.com>
      Cc: Andi Kleen <andi@firstfloor.org>
      Cc: Ingo Molnar <mingo@elte.hu>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      0b24becc
    • T
      bitmap, cpumask, nodemask: remove dedicated formatting functions · 46385326
      Tejun Heo 提交于
      Now that all bitmap formatting usages have been converted to
      '%*pb[l]', the separate formatting functions are unnecessary.  The
      following functions are removed.
      
      * bitmap_scn[list]printf()
      * cpumask_scnprintf(), cpulist_scnprintf()
      * [__]nodemask_scnprintf(), [__]nodelist_scnprintf()
      * seq_bitmap[_list](), seq_cpumask[_list](), seq_nodemask[_list]()
      * seq_buf_bitmask()
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      46385326
    • T
      bitmap: use %*pb[l] to print bitmaps including cpumasks and nodemasks · 4a0792b0
      Tejun Heo 提交于
      printk and friends can now format bitmaps using '%*pb[l]'.  cpumask
      and nodemask also provide cpumask_pr_args() and nodemask_pr_args()
      respectively which can be used to generate the two printf arguments
      necessary to format the specified cpu/nodemask.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      4a0792b0
    • T
      lib/vsprintf: implement bitmap printing through '%*pb[l]' · dbc760bc
      Tejun Heo 提交于
      bitmap and its derivatives such as cpumask and nodemask currently only
      provide formatting functions which put the output string into the
      provided buffer; however, how long this buffer should be isn't defined
      anywhere and given that some of these bitmaps can be too large to be
      formatted into an on-stack buffer it users sometimes are unnecessarily
      forced to come up with creative solutions and compromises for the
      buffer just to printk these bitmaps.
      
      There have been a couple different attempts at making this easier.
      
      1. Way back, PeterZ tried printk '%pb' extension with the precision
         for bit width - '%.*pb'.  This was intuitive and made sense but
         unfortunately triggered a compile warning about using precision
         for a pointer.
      
         http://lkml.kernel.org/g/1336577562.2527.58.camel@twins
      
      2. I implemented bitmap_pr_cont[_list]() and its wrappers for cpumask
         and nodemask.  This works but PeterZ pointed out that pr_cont's
         tendency to produce broken lines when multiple CPUs are printing is
         bothering considering the usages.
      
         http://lkml.kernel.org/g/1418226774-30215-3-git-send-email-tj@kernel.org
      
      So, this patch is another attempt at teaching printk and friends how
      to print bitmaps.  It's almost identical to what PeterZ tried with
      precision but it uses the field width for the number of bits instead
      of precision.  The format used is '%*pb[l]', with the optional
      trailing 'l' specifying list format instead of hex masks.
      
      This is a valid format string and doesn't trigger compiler warnings;
      however, it does make it impossible to specify output field width when
      printing bitmaps.  I think this is an acceptable trade-off given how
      much easier it makes printing bitmaps and that we don't have any
      in-kernel user which is using the field width specification.  If any
      future user wants to use field width with a bitmap, it'd have to
      format the bitmap into a string buffer and then print that buffer with
      width spec, which isn't different from how it should be done now.
      
      This patch implements bitmap[_list]_string() which are called from the
      vsprintf pointer() formatting function.  The implementation is mostly
      identical to bitmap_scn[list]printf() except that the output is
      performed in the vsprintf way.  These functions handle formatting into
      too small buffers and sprintf() family of functions report the correct
      overrun output length.
      
      bitmap_scn[list]printf() are now thin wrappers around scnprintf().
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Acked-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
      Cc: "John W. Linville" <linville@tuxdriver.com>
      Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
      Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
      Cc: Chris Metcalf <cmetcalf@tilera.com>
      Cc: Chris Zankel <chris@zankel.net>
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Dmitry Torokhov <dmitry.torokhov@gmail.com>
      Cc: Fenghua Yu <fenghua.yu@intel.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Li Zefan <lizefan@huawei.com>
      Cc: Max Filippov <jcmvbkbc@gmail.com>
      Cc: Mike Travis <travis@sgi.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: Russell King <linux@arm.linux.org.uk>
      Cc: Rusty Russell <rusty@rustcorp.com.au>
      Cc: Steffen Klassert <steffen.klassert@secunet.com>
      Cc: Steven Rostedt <rostedt@goodmis.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Tony Luck <tony.luck@intel.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      dbc760bc
    • J
      lib/genalloc.c: check result of devres_alloc() · 310ee9e8
      Jan Kara 提交于
      devm_gen_pool_create() calls devres_alloc() and dereferences its result
      without checking whether devres_alloc() succeeded.  Check for error and
      bail out if it happened.
      
      Coverity-id 1016493.
      Signed-off-by: NJan Kara <jack@suse.cz>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      310ee9e8
    • R
      lib/string.c: improve strrchr() · 8da53d45
      Rasmus Villemoes 提交于
      Instead of potentially passing over the string twice in case c is not
      found, just keep track of the last occurrence.  According to
      bloat-o-meter, this also cuts the generated code by a third (54 vs 36
      bytes).  Oh, and we get rid of those 7-space indented lines.
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      8da53d45
    • D
      lib: crc32: constify crc32 lookup table · f5e38b92
      Daniel Borkmann 提交于
      Commit 8f243af4 ("sections: fix const sections for crc32 table")
      removed the compile-time generated crc32 tables from the RO sections,
      because it conflicts with the definition of __cacheline_aligned which
      puts all such aligned data into .data..cacheline_aligned section
      optimized for wasting less space, and can cause alignment issues when
      used in combination with const with some gcc versions like 4.7.0 due to
      a gcc bug [1].
      
      Given that most gcc versions should have the fix by now, we can just use
      ____cacheline_aligned, which only aligns the data but doesn't move it
      into specific sections as opposed to __cacheline_aligned.  In case of
      gcc versions having the mentioned bug, the alignment attribute will have
      no effect, but the data will still be made RO.
      
      After patch tables are in RO:
      
        $ nm -v lib/crc32.o | grep -1 -E "crc32c?table"
        0000000000000000 t arch_local_irq_enable
        0000000000000000 r crc32ctable_le
        0000000000000000 t crc32_exit
        --
        0000000000000960 t test_buf
        0000000000002000 r crc32table_be
        0000000000004000 r crc32table_le
        000000001d1056e5 A __crc_crc32_be
      
        [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52181Signed-off-by: NDaniel Borkmann <dborkman@redhat.com>
      Cc: Joe Mario <jmario@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      f5e38b92
    • R
      lib: bitmap: remove redundant code from __bitmap_shift_left · 7f590657
      Rasmus Villemoes 提交于
      The first of these conditionals is completely redundant: If k == lim-1, we
      must have off==0, so the second conditional will also trigger and then it
      wouldn't matter if upper had some high bits set.  But the second
      conditional is in fact also redundant, since it only serves to clear out
      some high-order "don't care" bits of dst, about which no guarantee is
      made.
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      7f590657
    • R
      lib: bitmap: eliminate branch in __bitmap_shift_left · 6d874eca
      Rasmus Villemoes 提交于
      We can shift the bits from lower and upper into place before assembling
      dst[k + off]; moving the shift of lower into the branch where we already
      know that rem is non-zero allows us to remove a conditional.
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      6d874eca
    • R
      lib: bitmap: change bitmap_shift_left to take unsigned parameters · dba94c25
      Rasmus Villemoes 提交于
      gcc can generate slightly better code for stuff like "nbits %
      BITS_PER_LONG" when it knows nbits is not negative.  Since negative size
      bitmaps or shift amounts don't make sense, change these parameters of
      bitmap_shift_right to unsigned.
      
      If off >= lim (which requires shift >= nbits), k is initialized with a
      large positive value, but since I've let k continue to be signed, the loop
      will never run and dst will be zeroed as expected.  Inside the loop, k is
      guaranteed to be non-negative, so the fact that it is promoted to unsigned
      in the various expressions it appears in is harmless.
      
      Also use "shift" and "nbits" consistently for the parameter names.
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      dba94c25
    • R
      lib: bitmap: yet another simplification in __bitmap_shift_right · cfac1d08
      Rasmus Villemoes 提交于
      If left is 0, we can just let mask be ~0UL, so that anding with it is a
      no-op.  Conveniently, BITMAP_LAST_WORD_MASK provides precisely what we
      need, and we can eliminate left.
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      cfac1d08
    • R
      lib: bitmap: remove redundant code from __bitmap_shift_right · 97fb8e94
      Rasmus Villemoes 提交于
      If the condition k==lim-1 is true, we must have off == 0 (otherwise, k
      could never become that big).  But in that case we have upper == 0 and
      hence dst[k] == (src[k] & mask) >> rem.  Since mask consists of a
      consecutive range of bits starting from the LSB, anding dst[k] with mask
      is a no-op.
      Signed-off-by: NRasmus Villemoes <linux@rasmusvillemoes.dk>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      97fb8e94