- 14 1月, 2022 28 次提交
-
-
由 Tony Lindgren 提交于
stable inclusion form stable-v5.10.82 commit 5eca1c8412f40dd798c28549cd4c032217ad2faf bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5eca1c8412f40dd798c28549cd4c032217ad2faf -------------------------------- [ Upstream commit 9d881361 ] Some interconnect target modules such as otg and gpmc on am335x need a re-init after resume. As we also have PM runtime cases where the context may be lost, let's handle these all with cpu_pm. For the am335x resume path, we already have cpu_pm_resume() call cpu_pm_cluster_exit(). Signed-off-by: NTony Lindgren <tony@atomide.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Selvin Xavier 提交于
stable inclusion form stable-v5.10.82 commit dcd6eefceeb0e464237d27340053c6f2f15217b5 bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=dcd6eefceeb0e464237d27340053c6f2f15217b5 -------------------------------- [ Upstream commit 6bda3914 ] When VF is configured with default vlan, HW strips the vlan from the packet and driver receives it in Rx completion. VLAN needs to be reported for UD work completion only if the vlan is configured on the host. Add a check for valid vlan in the UD receive path. Link: https://lore.kernel.org/r/1631709163-2287-12-git-send-email-selvin.xavier@broadcom.comSigned-off-by: NSelvin Xavier <selvin.xavier@broadcom.com> Signed-off-by: NJason Gunthorpe <jgg@nvidia.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Michael Walle 提交于
stable inclusion form stable-v5.10.82 commit 4e5bc9fb23a7f12ca9fcee73d4ffb23267fa98ee bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=4e5bc9fb23a7f12ca9fcee73d4ffb23267fa98ee -------------------------------- [ Upstream commit 894d4f1f ] According to Documentation/devicetree/bindings/watchdog/arm,sp805.yaml the compatible is: compatible = "arm,sp805", "arm,primecell"; The current compatible string doesn't exist at all. Fix it. Signed-off-by: NMichael Walle <michael@walle.cc> Signed-off-by: NWei Xu <xuwei5@hisilicon.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Matthias Brugger 提交于
stable inclusion form stable-v5.10.82 commit 109a63bb07f08b5fc0183f4837782288b99c6305 bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=109a63bb07f08b5fc0183f4837782288b99c6305 -------------------------------- [ Upstream commit 2513fa5c ] The CDN DP needs a PHY and a extcon to work correctly. But no extcon is provided by the device-tree, which leads to an error: cdn-dp fec00000.dp: [drm:cdn_dp_probe [rockchipdrm]] *ERROR* missing extcon or phy cdn-dp: probe of fec00000.dp failed with error -22 Disable the CDN DP to make graphic work on the Pinebook Pro. Reported-by: NGuillaume Gardet <guillaume.gardet@arm.com> Signed-off-by: NMatthias Brugger <mbrugger@suse.com> Link: https://lore.kernel.org/r/20210715164101.11486-1-matthias.bgg@kernel.orgSigned-off-by: NHeiko Stuebner <heiko@sntech.de> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 James Smart 提交于
stable inclusion form stable-v5.10.82 commit c097bd5a59162156d9c2077a2f58732ffbaa9fca bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c097bd5a59162156d9c2077a2f58732ffbaa9fca -------------------------------- [ Upstream commit 99154581 ] When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" string is set and a log message output. The job is then added to a completions list for cancellation. Processing of any further jobs from the txq list continues, but since "fail_msg" remains set, jobs are added to the completions list regardless of whether a wqe was passed to the adapter. If successfully added to txcmplq, jobs are added to both lists resulting in list corruption. Fix by clearing the fail_msg string after adding a job to the completions list. This stops the subsequent jobs from being added to the completions list unless they had an appropriate failure. Link: https://lore.kernel.org/r/20210910233159.115896-2-jsmart2021@gmail.comCo-developed-by: NJustin Tee <justin.tee@broadcom.com> Signed-off-by: NJustin Tee <justin.tee@broadcom.com> Signed-off-by: NJames Smart <jsmart2021@gmail.com> Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Matthew Hagan 提交于
stable inclusion form stable-v5.10.82 commit db90c507832a7afc244336ace98250e7f000b2db bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=db90c507832a7afc244336ace98250e7f000b2db -------------------------------- [ Upstream commit 15a563d0 ] Running dtbs_check yielded the issues with bcm-nsp.dtsi. Firstly this patch fixes the following message by appending "-bus" to the mpcore node name: mpcore@19000000: $nodename:0: 'mpcore@19000000' does not match '^([a-z][a-z0-9\\-]+-bus|bus|soc|axi|ahb|apb)(@[0-9a-f]+)?$' Secondly mmc node name. The label name can remain as is. sdhci@21000: $nodename:0: 'sdhci@21000' does not match '^mmc(@.*)?$' Signed-off-by: NMatthew Hagan <mnhagan88@gmail.com> Signed-off-by: NFlorian Fainelli <f.fainelli@gmail.com> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jérôme Pouiller 提交于
stable inclusion form stable-v5.10.82 commit 5010df76ab1f8bde8c8187fba243b52e8e9e684d bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=5010df76ab1f8bde8c8187fba243b52e8e9e684d -------------------------------- [ Upstream commit 5e57c668 ] Since commit 5561770f ("staging: wfx: repair external IRQ for SDIO"), wfx_sdio_irq_subscribe() enforce the device to use IRQs. However, there is currently a race in this code. An IRQ may happen before the IRQ has been registered. The problem has observed during debug session when the device crashes before the IRQ set up: [ 1.546] wfx-sdio mmc0:0001:1: started firmware 3.12.2 "WF200_ASIC_WFM_(Jenkins)_FW3.12.2" (API: 3.7, keyset: C0, caps: 0x00000002) [ 2.559] wfx-sdio mmc0:0001:1: time out while polling control register [ 3.565] wfx-sdio mmc0:0001:1: chip is abnormally long to answer [ 6.563] wfx-sdio mmc0:0001:1: chip did not answer [ 6.568] wfx-sdio mmc0:0001:1: hardware request CONFIGURATION (0x09) on vif 2 returned error -110 [ 6.577] wfx-sdio mmc0:0001:1: PDS bytes 0 to 12: chip didn't reply (corrupted file?) [ 6.585] Unable to handle kernel NULL pointer dereference at virtual address 00000000 [ 6.592] pgd = c0004000 [ 6.595] [00000000] *pgd=00000000 [ 6.598] Internal error: Oops - BUG: 17 [#1] THUMB2 [ 6.603] Modules linked in: [ 6.606] CPU: 0 PID: 23 Comm: kworker/u2:1 Not tainted 3.18.19 #78 [ 6.612] Workqueue: kmmcd mmc_rescan [ 6.616] task: c176d100 ti: c0e50000 task.ti: c0e50000 [ 6.621] PC is at wake_up_process+0xa/0x14 [ 6.625] LR is at sdio_irq+0x61/0x250 [ 6.629] pc : [<c001e8ae>] lr : [<c00ec5bd>] psr: 600001b3 [ 6.629] sp : c0e51bd8 ip : c0e51cc8 fp : 00000001 [ 6.640] r10: 00000003 r9 : 00000000 r8 : c0003c34 [ 6.644] r7 : c0e51bd8 r6 : c0003c30 r5 : 00000001 r4 : c0e78c00 [ 6.651] r3 : 00000000 r2 : 00000000 r1 : 00000003 r0 : 00000000 [ 6.657] Flags: nZCv IRQs off FIQs on Mode SVC_32 ISA Thumb Segment kernel [ 6.664] Control: 50c53c7d Table: 11fd8059 DAC: 00000015 [ 6.670] Process kworker/u2:1 (pid: 23, stack limit = 0xc0e501b0) [ 6.676] Stack: (0xc0e51bd8 to 0xc0e52000) [...] [ 6.949] [<c001e8ae>] (wake_up_process) from [<c00ec5bd>] (sdio_irq+0x61/0x250) [ 6.956] [<c00ec5bd>] (sdio_irq) from [<c0025099>] (handle_irq_event_percpu+0x17/0x92) [ 6.964] [<c0025099>] (handle_irq_event_percpu) from [<c002512f>] (handle_irq_event+0x1b/0x24) [ 6.973] [<c002512f>] (handle_irq_event) from [<c0026577>] (handle_level_irq+0x5d/0x76) [ 6.981] [<c0026577>] (handle_level_irq) from [<c0024cc3>] (generic_handle_irq+0x13/0x1c) [ 6.989] [<c0024cc3>] (generic_handle_irq) from [<c0024dd9>] (__handle_domain_irq+0x31/0x48) [ 6.997] [<c0024dd9>] (__handle_domain_irq) from [<c0008359>] (ov_handle_irq+0x31/0xe0) [ 7.005] [<c0008359>] (ov_handle_irq) from [<c000af5b>] (__irq_svc+0x3b/0x5c) [ 7.013] Exception stack(0xc0e51c68 to 0xc0e51cb0) [...] [ 7.038] [<c000af5b>] (__irq_svc) from [<c01775aa>] (wait_for_common+0x9e/0xc4) [ 7.045] [<c01775aa>] (wait_for_common) from [<c00e1dc3>] (mmc_wait_for_req+0x4b/0xdc) [ 7.053] [<c00e1dc3>] (mmc_wait_for_req) from [<c00e1e83>] (mmc_wait_for_cmd+0x2f/0x34) [ 7.061] [<c00e1e83>] (mmc_wait_for_cmd) from [<c00e7b2b>] (mmc_io_rw_direct_host+0x71/0xac) [ 7.070] [<c00e7b2b>] (mmc_io_rw_direct_host) from [<c00e8f79>] (sdio_claim_irq+0x6b/0x116) [ 7.078] [<c00e8f79>] (sdio_claim_irq) from [<c00d8415>] (wfx_sdio_irq_subscribe+0x19/0x94) [ 7.086] [<c00d8415>] (wfx_sdio_irq_subscribe) from [<c00d5229>] (wfx_probe+0x189/0x2ac) [ 7.095] [<c00d5229>] (wfx_probe) from [<c00d83bf>] (wfx_sdio_probe+0x8f/0xcc) [ 7.102] [<c00d83bf>] (wfx_sdio_probe) from [<c00e7fbb>] (sdio_bus_probe+0x5f/0xa8) [ 7.109] [<c00e7fbb>] (sdio_bus_probe) from [<c00be229>] (driver_probe_device+0x59/0x134) [ 7.118] [<c00be229>] (driver_probe_device) from [<c00bd4d7>] (bus_for_each_drv+0x3f/0x4a) [ 7.126] [<c00bd4d7>] (bus_for_each_drv) from [<c00be1a5>] (device_attach+0x3b/0x52) [ 7.134] [<c00be1a5>] (device_attach) from [<c00bdc2b>] (bus_probe_device+0x17/0x4c) [ 7.141] [<c00bdc2b>] (bus_probe_device) from [<c00bcd69>] (device_add+0x2c5/0x334) [ 7.149] [<c00bcd69>] (device_add) from [<c00e80bf>] (sdio_add_func+0x23/0x44) [ 7.156] [<c00e80bf>] (sdio_add_func) from [<c00e79eb>] (mmc_attach_sdio+0x187/0x1ec) [ 7.164] [<c00e79eb>] (mmc_attach_sdio) from [<c00e31bd>] (mmc_rescan+0x18d/0x1fc) [ 7.172] [<c00e31bd>] (mmc_rescan) from [<c001a14f>] (process_one_work+0xd7/0x170) [ 7.179] [<c001a14f>] (process_one_work) from [<c001a59b>] (worker_thread+0x103/0x1bc) [ 7.187] [<c001a59b>] (worker_thread) from [<c001c731>] (kthread+0x7d/0x90) [ 7.194] [<c001c731>] (kthread) from [<c0008ce1>] (ret_from_fork+0x11/0x30) [ 7.201] Code: 2103 b580 2200 af00 (681b) 46bd [ 7.206] ---[ end trace 3ab50aced42eedb4 ]--- Signed-off-by: NJérôme Pouiller <jerome.pouiller@silabs.com> Link: https://lore.kernel.org/r/20210913130203.1903622-33-Jerome.Pouiller@silabs.comSigned-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Maxime Ripard 提交于
stable inclusion form stable-v5.10.82 commit 2651d06e461f412fdcecf03c7bfb9efa32f8b94e bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2651d06e461f412fdcecf03c7bfb9efa32f8b94e -------------------------------- [ Upstream commit 5c34c4e4 ] The thermal zones one the A100 are called $device-thermal-zone. However, the thermal zone binding explicitly requires that zones are called *-thermal. Let's fix it. Signed-off-by: NMaxime Ripard <maxime@cerno.tech> Acked-by: NJernej Skrabec <jernej.skrabec@gmail.com> Link: https://lore.kernel.org/r/20210901091852.479202-50-maxime@cerno.techSigned-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Maxime Ripard 提交于
stable inclusion form stable-v5.10.82 commit fa98ac472e88192ce93b4cf8e12d7e471ad310d9 bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fa98ac472e88192ce93b4cf8e12d7e471ad310d9 -------------------------------- [ Upstream commit 94a0f2b0 ] The GPU thermal zone is named gpu_thermal. However, the underscore is an invalid character for a node name and the thermal zone binding explicitly requires that zones are called *-thermal. Let's fix it. Signed-off-by: NMaxime Ripard <maxime@cerno.tech> Acked-by: NJernej Skrabec <jernej.skrabec@gmail.com> Link: https://lore.kernel.org/r/20210901091852.479202-48-maxime@cerno.techSigned-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Maxime Ripard 提交于
stable inclusion form stable-v5.10.82 commit aed195558f941b49102facef824aacf5fcbe0bf5 bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=aed195558f941b49102facef824aacf5fcbe0bf5 -------------------------------- [ Upstream commit ffbe853a ] The operating-points-v2 nodes are named inconsistently, but mostly either opp_table0 or gpu-opp-table. However, the underscore is an invalid character for a node name and the thermal zone binding explicitly requires that zones are called opp-table-*. Let's fix it. Signed-off-by: NMaxime Ripard <maxime@cerno.tech> Acked-by: NJernej Skrabec <jernej.skrabec@gmail.com> Link: https://lore.kernel.org/r/20210901091852.479202-43-maxime@cerno.techSigned-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Michal Simek 提交于
stable inclusion form stable-v5.10.82 commit e2e10563126577ee8cceceb1258040e6c13bd3fe bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e2e10563126577ee8cceceb1258040e6c13bd3fe -------------------------------- [ Upstream commit 812fa2f0 ] Based on commit 65a2c14d ("dt-bindings: serial: convert Cadence UART bindings to YAML") compatible string should look like differently that's why fix it to be aligned with dt binding. Signed-off-by: NMichal Simek <michal.simek@xilinx.com> Reviewed-by: NLaurent Pinchart <laurent.pinchart@ideasonboard.com> Link: https://lore.kernel.org/r/89b36e0a6187cc6b05b27a035efdf79173bd4486.1628240307.git.michal.simek@xilinx.comSigned-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Amit Kumar Mahapatra 提交于
stable inclusion form stable-v5.10.82 commit 48f154e8b94aacecaec1a190943add63e4bec221 bugzilla: 185877 https://gitee.com/openeuler/kernel/issues/I4QU6V Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48f154e8b94aacecaec1a190943add63e4bec221 -------------------------------- [ Upstream commit 167721a5 ] In kernel 5.4, support has been added for reading MTD devices via the nvmem API. For this the mtd devices are registered as read-only NVMEM providers under sysfs with the same name as the flash partition label property. So if flash partition label property of multiple flash devices are identical then the second mtd device fails to get registered as a NVMEM provider. This patch fixes the issue by having different label property for different flashes. Signed-off-by: NAmit Kumar Mahapatra <amit.kumar-mahapatra@xilinx.com> Signed-off-by: NMichal Simek <michal.simek@xilinx.com> Link: https://lore.kernel.org/r/6c4b9b9232b93d9e316a63c086540fd5bf6b8687.1623684253.git.michal.simek@xilinx.comSigned-off-by: NSasha Levin <sashal@kernel.org> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Zhihao Cheng 提交于
hulk inclusion category: bugfix bugzilla: 185912 https://gitee.com/openeuler/kernel/issues/I4DDEL --------------------------- There are two states for ubifs writing pages: 1. Dirty, Private 2. Not Dirty, Not Private The normal process cannot go to ubifs_releasepage() which means there exists pages being private but not dirty. Reproducer[1] shows that it could occur (which maybe related to [2]) with following process: PA PB PC lock(page)[PA] ubifs_write_end attach_page_private // set Private __set_page_dirty_nobuffers // set Dirty unlock(page) write_cache_pages[PA] lock(page) clear_page_dirty_for_io(page) // clear Dirty ubifs_writepage do_truncation[PB] truncate_setsize i_size_write(inode, newsize) // newsize = 0 i_size = i_size_read(inode) // i_size = 0 end_index = i_size >> PAGE_SHIFT if (page->index > end_index) goto out // jump out: unlock(page) // Private, Not Dirty generic_fadvise[PC] lock(page) invalidate_inode_page try_to_release_page ubifs_releasepage ubifs_assert(c, 0) // bad assertion! unlock(page) Then we may get following assertion failed: UBIFS error (ubi0:0 pid 1683): ubifs_assert_failed [ubifs]: UBIFS assert failed: 0, in fs/ubifs/file.c:1513 UBIFS warning (ubi0:0 pid 1683): ubifs_ro_mode [ubifs]: switched to read-only mode, error -22 CPU: 2 PID: 1683 Comm: aa Not tainted 5.16.0-rc5-00184-g0bca5994cacc-dirty #308 Call Trace: dump_stack+0x13/0x1b ubifs_ro_mode+0x54/0x60 [ubifs] ubifs_assert_failed+0x4b/0x80 [ubifs] ubifs_releasepage+0x67/0x1d0 [ubifs] try_to_release_page+0x57/0xe0 invalidate_inode_page+0xfb/0x130 __invalidate_mapping_pages+0xb9/0x280 invalidate_mapping_pagevec+0x12/0x20 generic_fadvise+0x303/0x3c0 ksys_fadvise64_64+0x4c/0xb0 [1] https://bugzilla.kernel.org/show_bug.cgi?id=215373 [2] https://linux-mtd.infradead.narkive.com/NQoBeT1u/patch-rfc-ubifs-fix-assert-failed-in-ubifs-set-page-dirty Fixes: 1e51764a ("UBIFS: add new flash file system") Signed-off-by: NZhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Zhihao Cheng 提交于
hulk inclusion category: bugfix bugzilla: 185912 https://gitee.com/openeuler/kernel/issues/I4DDEL --------------------------- There are two states for ubifs writing pages: 1. Dirty, Private 2. Not Dirty, Not Private There is a third possibility which maybe related to [1] that page is private but not dirty caused by following process: PA lock(page) ubifs_write_end attach_page_private // set Private __set_page_dirty_nobuffers // set Dirty unlock(page) write_cache_pages lock(page) clear_page_dirty_for_io(page) // clear Dirty ubifs_writepage write_inode // fail, goto out, following codes are not executed // do_writepage // set_page_writeback // set Writeback // detach_page_private // clear Private // end_page_writeback // clear Writeback out: unlock(page) // Private, Not Dirty PB ksys_fadvise64_64 generic_fadvise invalidate_inode_page // page is neither Dirty nor Writeback invalidate_complete_page // page_has_private is true try_to_release_page ubifs_releasepage ubifs_assert(c, 0) !!! Then we may get following assertion failed: UBIFS error (ubi0:0 pid 1492): ubifs_assert_failed [ubifs]: UBIFS assert failed: 0, in fs/ubifs/file.c:1499 UBIFS warning (ubi0:0 pid 1492): ubifs_ro_mode [ubifs]: switched to read-only mode, error -22 CPU: 2 PID: 1492 Comm: aa Not tainted 5.16.0-rc2-00012-g7bb767dee0ba-dirty Call Trace: dump_stack+0x13/0x1b ubifs_ro_mode+0x54/0x60 [ubifs] ubifs_assert_failed+0x4b/0x80 [ubifs] ubifs_releasepage+0x7e/0x1e0 [ubifs] try_to_release_page+0x57/0xe0 invalidate_inode_page+0xfb/0x130 invalidate_mapping_pagevec+0x12/0x20 generic_fadvise+0x303/0x3c0 vfs_fadvise+0x35/0x40 ksys_fadvise64_64+0x4c/0xb0 Jump [2] to find a reproducer. [1] https://linux-mtd.infradead.narkive.com/NQoBeT1u/patch-rfc-ubifs-fix-assert-failed-in-ubifs-set-page-dirty [2] https://bugzilla.kernel.org/show_bug.cgi?id=215357 Fixes: 1e51764a ("UBIFS: add new flash file system") Signed-off-by: NZhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Linus Torvalds 提交于
stable inclusion from stable-5.10.84 commit 4baba6ba56eb91a735a027f783cc4b9276b48d5b category: bugfix bugzilla: 185907 https://gitee.com/openeuler/kernel/issues/I4DDEL CVE: CVE-2021-4083 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=4baba6ba56eb91a735a027f783cc4b9276b48d5b ------------------------------------------------- commit 054aa8d4 upstream. Jann Horn points out that there is another possible race wrt Unix domain socket garbage collection, somewhat reminiscent of the one fixed in commit cbcf0112 ("af_unix: fix garbage collect vs MSG_PEEK"). See the extended comment about the garbage collection requirements added to unix_peek_fds() by that commit for details. The race comes from how we can locklessly look up a file descriptor just as it is in the process of being closed, and with the right artificial timing (Jann added a few strategic 'mdelay(500)' calls to do that), the Unix domain socket garbage collector could see the reference count decrement of the close() happen before fget() took its reference to the file and the file was attached onto a new file descriptor. This is all (intentionally) correct on the 'struct file *' side, with RCU lookups and lockless reference counting very much part of the design. Getting that reference count out of order isn't a problem per se. But the garbage collector can get confused by seeing this situation of having seen a file not having any remaining external references and then seeing it being attached to an fd. In commit cbcf0112 ("af_unix: fix garbage collect vs MSG_PEEK") the fix was to serialize the file descriptor install with the garbage collector by taking and releasing the unix_gc_lock. That's not really an option here, but since this all happens when we are in the process of looking up a file descriptor, we can instead simply just re-check that the file hasn't been closed in the meantime, and just re-do the lookup if we raced with a concurrent close() of the same file descriptor. Reported-and-tested-by: NJann Horn <jannh@google.com> Acked-by: NMiklos Szeredi <mszeredi@redhat.com> Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: NBaokun Li <libaokun1@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Ye Bin 提交于
hulk inclusion category: bugfix bugzilla: 185875 https://gitee.com/openeuler/kernel/issues/I4DDEL ----------------------------------------------- We got issue as follows: [ 833.786542] nbd: failed to add new device [ 833.791613] ================================================================== [ 833.794918] BUG: KASAN: use-after-free in blk_mq_free_rqs+0x558/0x6c0 [ 833.798108] Read of size 8 at addr ffff800109b7c288 by task kworker/0:3/113 [ 833.804216] CPU: 0 PID: 113 Comm: kworker/0:3 Kdump: loaded Not tainted 4.19.90 #1 [ 833.807635] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 [ 833.811798] Workqueue: events __blk_release_queue [ 833.815035] Call trace: [ 833.817964] dump_backtrace+0x0/0x3c0 [ 833.821070] show_stack+0x28/0x38 [ 833.824091] dump_stack+0xfc/0x154 [ 833.827042] print_address_description+0x68/0x278 [ 833.830147] kasan_report+0x204/0x330 [ 833.833121] __asan_report_load8_noabort+0x30/0x40 [ 833.836180] blk_mq_free_rqs+0x558/0x6c0 [ 833.839089] blk_mq_sched_tags_teardown+0xf4/0x1c0 [ 833.842035] blk_mq_exit_sched+0x1b8/0x260 [ 833.844878] elevator_exit+0x114/0x148 [ 833.847634] blk_exit_queue+0x68/0xe8 [ 833.850352] __blk_release_queue+0xd0/0x408 [ 833.853113] process_one_work+0x55c/0x10d0 [ 833.855864] worker_thread+0x3d4/0xe30 [ 833.858558] kthread+0x2c8/0x348 [ 833.861139] ret_from_fork+0x10/0x18 [ 833.863714] [ 833.866000] Allocated by task 186531: [ 833.868467] kasan_kmalloc+0xe0/0x190 [ 833.870936] kmem_cache_alloc_trace+0x104/0x218 [ 833.873483] nbd_dev_add+0x54/0x760 [nbd] [ 833.875988] nbd_genl_connect+0x3c4/0x1348 [nbd] [ 833.878591] genl_family_rcv_msg+0x798/0xa10 [ 833.881113] genl_rcv_msg+0xc0/0x170 [ 833.883489] netlink_rcv_skb+0x1b4/0x370 [ 833.885897] genl_rcv+0x40/0x58 [ 833.888225] netlink_unicast+0x4bc/0x660 [ 833.890661] netlink_sendmsg+0x880/0xa60 [ 833.893112] sock_sendmsg+0xb8/0x110 [ 833.895513] ____sys_sendmsg+0x570/0x698 [ 833.897927] ___sys_sendmsg+0x108/0x188 [ 833.900350] __sys_sendmsg+0xe8/0x198 [ 833.900360] __arm64_sys_sendmsg+0x78/0xa8 [ 833.906911] el0_svc_common+0x10c/0x330 [ 833.909289] el0_svc_handler+0x60/0xd0 [ 833.911660] el0_svc+0x8/0x1b0 [ 833.913963] [ 833.916117] Freed by task 186531: [ 833.918445] __kasan_slab_free+0x120/0x228 [ 833.920860] kasan_slab_free+0x10/0x18 [ 833.923193] kfree+0x80/0x1f0 [ 833.925392] nbd_dev_add+0xf0/0x760 [nbd] [ 833.927686] nbd_genl_connect+0x3c4/0x1348 [nbd] [ 833.929989] genl_family_rcv_msg+0x798/0xa10 [ 833.932231] genl_rcv_msg+0xc0/0x170 [ 833.934335] netlink_rcv_skb+0x1b4/0x370 [ 833.936444] genl_rcv+0x40/0x58 [ 833.938460] netlink_unicast+0x4bc/0x660 [ 833.940570] netlink_sendmsg+0x880/0xa60 [ 833.942682] sock_sendmsg+0xb8/0x110 [ 833.944745] ____sys_sendmsg+0x570/0x698 [ 833.946849] ___sys_sendmsg+0x108/0x188 [ 833.948924] __sys_sendmsg+0xe8/0x198 [ 833.950980] __arm64_sys_sendmsg+0x78/0xa8 [ 833.953059] el0_svc_common+0x10c/0x330 [ 833.955121] el0_svc_handler+0x60/0xd0 [ 833.957143] el0_svc+0x8/0x1b0 [ 833.959088] [ 833.960846] The buggy address belongs to the object at ffff800109b7c280 [ 833.960846] which belongs to the cache kmalloc-512 of size 512 [ 833.965502] The buggy address is located 8 bytes inside of [ 833.965502] 512-byte region [ffff800109b7c280, ffff800109b7c480) [ 833.970108] The buggy address belongs to the page: [ 833.972390] page:ffff7e000426df00 count:1 mapcount:0 mapping:ffff8000c0003800 index:0x0 compound_mapcount: 0 [ 833.975269] flags: 0x7ffff0000008100(slab|head) [ 833.977640] raw: 07ffff0000008100 ffff7e00035d1600 0000000200000002 ffff8000c0003800 [ 833.980426] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000 [ 833.983212] page dumped because: kasan: bad access detected [ 833.985778] [ 833.987935] Memory state around the buggy address: [ 833.990448] ffff800109b7c180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 833.993265] ffff800109b7c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 833.996097] >ffff800109b7c280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 833.998930] ^ [ 834.001384] ffff800109b7c300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 834.004329] ffff800109b7c380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 834.007264] ================================================================== As 98fd847a commit add check "disk->first_minor", if failed will free tags and finally call put_disk will free request_queue. blk_mq_free_tag_set blk_mq_free_map_and_requests blk_mq_free_rqs put_disk: __blk_release_queue blk_exit_queue elevator_exit blk_mq_exit_sched blk_mq_sched_tags_teardown blk_mq_free_rqs -->will trigger UAF To address this issue, just move 'disk->first_minor' check at the first in nbd_dev_add. Fixes:98fd847a("nbd: add sanity check for first_minor") Signed-off-by: NYe Bin <yebin10@huawei.com> Reviewed-by: NYu Kuai <yukuai3@huawei.com> Reviewed-by: NJason Yan <yanaijie@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Christoph Hellwig 提交于
mainline inclusion from mainline-v5.11-rc4 commit 01ea173e category: bugfix bugzilla: 185881 https://gitee.com/openeuler/kernel/issues/I4DDEL CVE: CVE-2021-4037 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103edd5ec41acec65b9261b87e123fc2 ------------------------------------------------- XFS always inherits the SGID bit if it is set on the parent inode, while the generic inode_init_owner does not do this in a few cases where it can create a possible security problem, see commit 0fa3ecd8 ("Fix up non-directory creation in SGID directories") for details. Switch XFS to use the generic helper for the normal path to fix this, just keeping the simple field inheritance open coded for the case of the non-sgid case with the bsdgrpid mount option. Fixes: 1da177e4 ("Linux-2.6.12-rc2") Reported-by: NChristian Brauner <christian.brauner@ubuntu.com> Signed-off-by: NChristoph Hellwig <hch@lst.de> Reviewed-by: NDarrick J. Wong <djwong@kernel.org> Signed-off-by: NDarrick J. Wong <djwong@kernel.org> conflicts: fs/xfs/xfs_inode.c Signed-off-by: NGuo Xuenan <guoxuenan@huawei.com> Reviewed-by: NZhang Yi <yi.zhang@huawei.com> Reviewed-by: NXiu Jianfeng <xiujianfeng@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 yangerkun 提交于
hulk inclusion category: bugfix bugzilla: 185885 https://gitee.com/openeuler/kernel/issues/I4DDEL --------------------------- Thers is a out-of-order access problem which would cause endless sleep when we use pipe with epoll. The story is following, we assume the ring size is 2, the ring head is 1, the ring tail is 0, task0 is write task, task1 is read task, task2 is write task. Task0 Task1 Task2 epoll_ctl(fd, EPOLL_CTL_ADD, ...) pipe_poll() poll_wait() tail = READ_ONCE(pipe->tail); // Re-order and get tail=0 pipe_read tail++ //tail=1 pipe_write head++ //head=2 head = READ_ONCE(pipe->head); // head = 2 check ring is full by head - tail Task0 get head = 2 and tail = 0, so it mistake that the pipe ring is full, then task0 is not add into ready list. If the ring is not full anymore, task0 would not be woken up forever. The reason of this problem is that we got inconsistent head/tail value of the pipe ring, so we fix the problem by getting them protected. Signed-off-by: Nyangerkun <yangerkun@huawei.com> Signed-off-by: NZhang Xiaoxu <zhangxiaoxu5@huawei.com> Reviewed-by: NZhang Yi <yi.zhang@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Yu Kuai 提交于
mainline inclusion from mainline-v5.14-rc1 commit a731763f category: bugfix bugzilla: 185790 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a731763fc479a9c64456e0643d0ccf64203100c9 --------------------------- We run a test that create millions of cgroups and blkgs, and then trigger blkg_destroy_all(). blkg_destroy_all() will hold spin lock for a long time in such situation. Thus release the lock when a batch of blkgs are destroyed. blkcg_activate_policy() and blkcg_deactivate_policy() might have the same problem, however, as they are basically only called from module init/exit paths, let's leave them alone for now. Signed-off-by: NYu Kuai <yukuai3@huawei.com> Acked-by: NTejun Heo <tj@kernel.org> Link: https://lore.kernel.org/r/20210707015649.1929797-1-yukuai3@huawei.comSigned-off-by: NJens Axboe <axboe@kernel.dk> Reviewed-by: NYufen Yu <yuyufen@huawei.com> Reviewed-by: NHou Tao <houtao1@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Yu Kuai 提交于
blk-throttle: don't check whether or not lower limit is valid if CONFIG_BLK_DEV_THROTTLING_LOW is off mainline inclusion from mainline-v5.11-rc1 commit acaf523a category: bugfix bugzilla: 185789 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=acaf523a7bf226b28504306c1cfee194520123b3 --------------------------- blk_throtl_update_limit_valid() will search for descendants to see if 'LIMIT_LOW' of bps/iops and READ/WRITE is nonzero. However, they're always zero if CONFIG_BLK_DEV_THROTTLING_LOW is not set, furthermore, a lot of time will be wasted to iterate descendants. Thus do nothing in blk_throtl_update_limit_valid() in such situation. Signed-off-by: NYu Kuai <yukuai3@huawei.com> Acked-by: NTejun Heo <tj@kernel.org> Signed-off-by: NJens Axboe <axboe@kernel.dk> Reviewed-by: NYufen Yu <yuyufen@huawei.com> Reviewed-by: NHou Tao <houtao1@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Ye Bin 提交于
mainline inclusion from mainline-v5.17 commit 8a751893 category: bugfix bugzilla: 185819 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8a7518931baa8ea023700987f3db31cb0a80610b ----------------------------------------------- We do test with inject error fault base on v4.19, after test some time we found sync /dev/sda always failed. [root@localhost] sync /dev/sda sync: error syncing '/dev/sda': Input/output error scsi log as follows: [19069.812296] sd 0:0:0:0: [sda] tag#64 Send: scmd 0x00000000d03a0b6b [19069.812302] sd 0:0:0:0: [sda] tag#64 CDB: Synchronize Cache(10) 35 00 00 00 00 00 00 00 00 00 [19069.812533] sd 0:0:0:0: [sda] tag#64 Done: SUCCESS Result: hostbyte=DID_OK driverbyte=DRIVER_OK [19069.812536] sd 0:0:0:0: [sda] tag#64 CDB: Synchronize Cache(10) 35 00 00 00 00 00 00 00 00 00 [19069.812539] sd 0:0:0:0: [sda] tag#64 scsi host busy 1 failed 0 [19069.812542] sd 0:0:0:0: Notifying upper driver of completion (result 0) [19069.812546] sd 0:0:0:0: [sda] tag#64 sd_done: completed 0 of 0 bytes [19069.812549] sd 0:0:0:0: [sda] tag#64 0 sectors total, 0 bytes done. [19069.812564] print_req_error: I/O error, dev sda, sector 0 ftrace log as follows: rep-306069 [007] .... 19654.923315: block_bio_queue: 8,0 FWS 0 + 0 [rep] rep-306069 [007] .... 19654.923333: block_getrq: 8,0 FWS 0 + 0 [rep] kworker/7:1H-250 [007] .... 19654.923352: block_rq_issue: 8,0 FF 0 () 0 + 0 [kworker/7:1H] <idle>-0 [007] ..s. 19654.923562: block_rq_complete: 8,0 FF () 18446744073709551615 + 0 [0] <idle>-0 [007] d.s. 19654.923576: block_rq_complete: 8,0 WS () 0 + 0 [-5] As 8d699663 introduce 'fq->rq_status', this data only update when 'flush_rq' reference count isn't zero. If flush request once failed and record error code in 'fq->rq_status'. If there is no chance to update 'fq->rq_status',then do fsync will always failed. To address this issue reset 'fq->rq_status' after return error code to upper layer. Fixes: 8d699663("block: fix null pointer dereference in blk_mq_rq_timed_out()") Signed-off-by: NYe Bin <yebin10@huawei.com> Reviewed-by: NMing Lei <ming.lei@redhat.com> Link: https://lore.kernel.org/r/20211129012659.1553733-1-yebin10@huawei.comSigned-off-by: NJens Axboe <axboe@kernel.dk> conflicts: block/blk-flush.c Signed-off-by: NYe Bin <yebin10@huawei.com> Reviewed-by: NJason Yan <yanaijie@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Baokun Li 提交于
hulk inclusion category: bugfix bugzilla: 185858 https://gitee.com/openeuler/kernel/issues/I4DDEL ------------------------------------------------- Hulk robot reported a kmemleak problem: ----------------------------------------------------------------------- unreferenced object 0xffff93d1d8cc02e8 (size 248): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s) hex dump (first 32 bytes): 00 40 85 19 d4 93 ff ff 00 10 00 00 00 00 00 00 .@.............. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000db5610b3>] seq_open+0x2a/0x80 [<00000000d66ac99d>] full_proxy_open+0x167/0x1e0 [<00000000d58ef917>] do_dentry_open+0x1e1/0x3a0 [<0000000016c91867>] path_openat+0x961/0xa20 [<00000000909c9564>] do_filp_open+0xae/0x120 [<0000000059c761e6>] do_sys_openat2+0x216/0x2f0 [<00000000b7a7b239>] do_sys_open+0x57/0x80 [<00000000e559d671>] do_syscall_64+0x33/0x40 [<000000000ea1fbfd>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 unreferenced object 0xffff93d419854000 (size 4096): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s) hex dump (first 32 bytes): 6b 66 65 6e 63 65 2d 23 32 35 30 3a 20 30 78 30 kfence-#250: 0x0 30 30 30 30 30 30 30 37 35 34 62 64 61 31 32 2d 0000000754bda12- backtrace: [<000000008162c6f2>] seq_read_iter+0x313/0x440 [<0000000020b1b3e3>] seq_read+0x14b/0x1a0 [<00000000af248fbc>] full_proxy_read+0x56/0x80 [<00000000f97679d1>] vfs_read+0xa5/0x1b0 [<000000000ed8a36f>] ksys_read+0xa0/0xf0 [<00000000e559d671>] do_syscall_64+0x33/0x40 [<000000000ea1fbfd>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 ----------------------------------------------------------------------- I find that we can easily reproduce this problem with the following commands: `cat /sys/kernel/debug/kfence/objects` `echo scan > /sys/kernel/debug/kmemleak` `cat /sys/kernel/debug/kmemleak` The leaked memory is allocated in the stack below: ---------------------------------- do_syscall_64 do_sys_open do_dentry_open full_proxy_open seq_open ---> alloc seq_file vfs_read full_proxy_read seq_read seq_read_iter traverse ---> alloc seq_buf ---------------------------------- And it should have been released in the following process: ---------------------------------- do_syscall_64 syscall_exit_to_user_mode exit_to_user_mode_prepare task_work_run ____fput __fput full_proxy_release ---> free here ---------------------------------- However, the release function corresponding to file_operations is not implemented in kfence. As a result, a memory leak occurs. Therefore, the solution to this problem is to implement the corresponding release function. Link: https://lkml.kernel.org/r/20211206133628.2822545-1-libaokun1@huawei.com Fixes: 0ce20dd8 ("mm: add Kernel Electric-Fence infrastructure") Signed-off-by: NBaokun Li <libaokun1@huawei.com> Reported-by: NHulk Robot <hulkci@huawei.com> Acked-by: NMarco Elver <elver@google.com> Reviewed-by: NKefeng Wang <wangkefeng.wang@huawei.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Yu Kuai <yukuai3@huawei.com> Signed-off-by: NAndrew Morton <akpm@linux-foundation.org> Signed-off-by: NPeng Liu <liupeng256@huawei.com> Reviewed-by: NKefeng Wang <wangkefeng.wang@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Ye Bin 提交于
mainline inclusion from mainline-v5.16-rc3 commit 1d0254e6 category: bugfix bugzilla: 185836 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1d0254e6b47e73222fd3d6ae95cccbaafe5b3ecf ----------------------------------------------- I got issue as follows: [ 567.094140] __io_remove_buffers: [1]start ctx=0xffff8881067bf000 bgid=65533 buf=0xffff8881fefe1680 [ 594.360799] watchdog: BUG: soft lockup - CPU#2 stuck for 26s! [kworker/u32:5:108] [ 594.364987] Modules linked in: [ 594.365405] irq event stamp: 604180238 [ 594.365906] hardirqs last enabled at (604180237): [<ffffffff93fec9bd>] _raw_spin_unlock_irqrestore+0x2d/0x50 [ 594.367181] hardirqs last disabled at (604180238): [<ffffffff93fbbadb>] sysvec_apic_timer_interrupt+0xb/0xc0 [ 594.368420] softirqs last enabled at (569080666): [<ffffffff94200654>] __do_softirq+0x654/0xa9e [ 594.369551] softirqs last disabled at (569080575): [<ffffffff913e1d6a>] irq_exit_rcu+0x1ca/0x250 [ 594.370692] CPU: 2 PID: 108 Comm: kworker/u32:5 Tainted: G L 5.15.0-next-20211112+ #88 [ 594.371891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014 [ 594.373604] Workqueue: events_unbound io_ring_exit_work [ 594.374303] RIP: 0010:_raw_spin_unlock_irqrestore+0x33/0x50 [ 594.375037] Code: 48 83 c7 18 53 48 89 f3 48 8b 74 24 10 e8 55 f5 55 fd 48 89 ef e8 ed a7 56 fd 80 e7 02 74 06 e8 43 13 7b fd fb bf 01 00 00 00 <e8> f8 78 474 [ 594.377433] RSP: 0018:ffff888101587a70 EFLAGS: 00000202 [ 594.378120] RAX: 0000000024030f0d RBX: 0000000000000246 RCX: 1ffffffff2f09106 [ 594.379053] RDX: 0000000000000000 RSI: ffffffff9449f0e0 RDI: 0000000000000001 [ 594.379991] RBP: ffffffff9586cdc0 R08: 0000000000000001 R09: fffffbfff2effcab [ 594.380923] R10: ffffffff977fe557 R11: fffffbfff2effcaa R12: ffff8881b8f3def0 [ 594.381858] R13: 0000000000000246 R14: ffff888153a8b070 R15: 0000000000000000 [ 594.382787] FS: 0000000000000000(0000) GS:ffff888399c00000(0000) knlGS:0000000000000000 [ 594.383851] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 594.384602] CR2: 00007fcbe71d2000 CR3: 00000000b4216000 CR4: 00000000000006e0 [ 594.385540] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 594.386474] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 594.387403] Call Trace: [ 594.387738] <TASK> [ 594.388042] find_and_remove_object+0x118/0x160 [ 594.389321] delete_object_full+0xc/0x20 [ 594.389852] kfree+0x193/0x470 [ 594.390275] __io_remove_buffers.part.0+0xed/0x147 [ 594.390931] io_ring_ctx_free+0x342/0x6a2 [ 594.392159] io_ring_exit_work+0x41e/0x486 [ 594.396419] process_one_work+0x906/0x15a0 [ 594.399185] worker_thread+0x8b/0xd80 [ 594.400259] kthread+0x3bf/0x4a0 [ 594.401847] ret_from_fork+0x22/0x30 [ 594.402343] </TASK> Message from syslogd@localhost at Nov 13 09:09:54 ... kernel:watchdog: BUG: soft lockup - CPU#2 stuck for 26s! [kworker/u32:5:108] [ 596.793660] __io_remove_buffers: [2099199]start ctx=0xffff8881067bf000 bgid=65533 buf=0xffff8881fefe1680 We can reproduce this issue by follow syzkaller log: r0 = syz_io_uring_setup(0x401, &(0x7f0000000300), &(0x7f0000003000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000040)=ANY=[], 0x18}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x401, 0x1, 0x0, 0x100, 0x0, 0x1, {0xfffd}}, 0x0) io_uring_enter(r0, 0x3a2d, 0x0, 0x0, 0x0, 0x0) The reason above issue is 'buf->list' has 2,100,000 nodes, occupied cpu lead to soft lockup. To solve this issue, we need add schedule point when do while loop in '__io_remove_buffers'. After add schedule point we do regression, get follow data. [ 240.141864] __io_remove_buffers: [1]start ctx=0xffff888170603000 bgid=65533 buf=0xffff8881116fcb00 [ 268.408260] __io_remove_buffers: [1]start ctx=0xffff8881b92d2000 bgid=65533 buf=0xffff888130c83180 [ 275.899234] __io_remove_buffers: [2099199]start ctx=0xffff888170603000 bgid=65533 buf=0xffff8881116fcb00 [ 296.741404] __io_remove_buffers: [1]start ctx=0xffff8881b659c000 bgid=65533 buf=0xffff8881010fe380 [ 305.090059] __io_remove_buffers: [2099199]start ctx=0xffff8881b92d2000 bgid=65533 buf=0xffff888130c83180 [ 325.415746] __io_remove_buffers: [1]start ctx=0xffff8881b92d1000 bgid=65533 buf=0xffff8881a17d8f00 [ 333.160318] __io_remove_buffers: [2099199]start ctx=0xffff8881b659c000 bgid=65533 buf=0xffff8881010fe380 ... Fixes:8bab4c09("io_uring: allow conditional reschedule for intensive iterators") Signed-off-by: NYe Bin <yebin10@huawei.com> Link: https://lore.kernel.org/r/20211122024737.2198530-1-yebin10@huawei.comSigned-off-by: NJens Axboe <axboe@kernel.dk> conflicts: fs/io_uring.c Signed-off-by: NYe Bin <yebin10@huawei.com> Reviewed-by: NZhang Yi <yi.zhang@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Pavel Begunkov 提交于
mainline inclusion from mainline-v5.13-rc1 commit f70865db category: bugfix bugzilla: 185824 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f70865db5ff35f5ed0c7e9ef63e7cca3d4947f04 ----------------------------------------------- Revert of revert of "io_uring: wait potential ->release() on resurrect", which adds a helper for resurrect not racing completion reinit, as was removed because of a strange bug with no clear root or link to the patch. Was improved, instead of rcu_synchronize(), just wait_for_completion() because we're at 0 refs and it will happen very shortly. Specifically use non-interruptible version to ignore all pending signals that may have ended prior interruptible wait. This reverts commit cb5e1b81. Signed-off-by: NPavel Begunkov <asml.silence@gmail.com> Link: https://lore.kernel.org/r/7a080c20f686d026efade810b116b72f88abaff9.1618101759.git.asml.silence@gmail.comSigned-off-by: NJens Axboe <axboe@kernel.dk> conflicts: fs/io_uring.c Signed-off-by: NYe Bin <yebin10@huawei.com> Reviewed-by: NZhang Yi <yi.zhang@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Pavel Begunkov 提交于
mainline inclusion from mainline-v5.13-rc2 commit 447c19f3 category: bugfix bugzilla: 185823 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=447c19f3b5074409c794b350b10306e1da1ef4ba ----------------------------------------------- Always remove linked timeout on io_link_timeout_fn() from the master request link list, otherwise we may get use-after-free when first io_link_timeout_fn() puts linked timeout in the fail path, and then will be found and put on master's free. Cc: stable@vger.kernel.org # 5.10+ Fixes: 90cd7e42 ("io_uring: track link timeout's master explicitly") Reported-and-tested-by: syzbot+5a864149dd970b546223@syzkaller.appspotmail.com Signed-off-by: NPavel Begunkov <asml.silence@gmail.com> Link: https://lore.kernel.org/r/69c46bf6ce37fec4fdcd98f0882e18eb07ce693a.1620990121.git.asml.silence@gmail.comSigned-off-by: NJens Axboe <axboe@kernel.dk> conflicts: fs/io_uring.c Signed-off-by: NYe Bin <yebin10@huawei.com> Reviewed-by: NZhang Yi <yi.zhang@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Ye Bin 提交于
mainline inclusion from mainline-v5.13-rc1 commit ac2f7ca5 category: bugfix bugzilla: 182973 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ac2f7ca51b0929461ea49918f27c11b680f28995 ------------------------------------------------- Before commit 014c9caa ("ext4: make ext4_abort() use __ext4_error()"), the following series of commands would trigger a panic: 1. mount /dev/sda -o ro,errors=panic test 2. mount /dev/sda -o remount,abort test After commit 014c9caa, remounting a file system using the test mount option "abort" will no longer trigger a panic. This commit will restore the behaviour immediately before commit 014c9caa. (However, note that the Linux kernel's behavior has not been consistent; some previous kernel versions, including 5.4 and 4.19 similarly did not panic after using the mount option "abort".) This also makes a change to long-standing behaviour; namely, the following series commands will now cause a panic, when previously it did not: 1. mount /dev/sda -o ro,errors=panic test 2. echo test > /sys/fs/ext4/sda/trigger_fs_error However, this makes ext4's behaviour much more consistent, so this is a good thing. Cc: stable@kernel.org Fixes: 014c9caa ("ext4: make ext4_abort() use __ext4_error()") Signed-off-by: NYe Bin <yebin10@huawei.com> Link: https://lore.kernel.org/r/20210401081903.3421208-1-yebin10@huawei.comSigned-off-by: NTheodore Ts'o <tytso@mit.edu> Signed-off-by: NZheng Liang <zhengliang6@huawei.com> Reviewed-by: NZhang Yi <yi.zhang@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Hannes Reinecke 提交于
mainline inclusion from mainline-5.14-rc1 commit ced202f7 category: bugfix bugzilla: 185813 https://gitee.com/openeuler/kernel/issues/I4DDEL Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ced202f7bd78eb6a79c441a8b217e0f3d38bccfc --------------------------- Return the actual error code in __scsi_execute() (which, according to the documentation, should have happened anyway). And audit all callers to cope with negative return values from __scsi_execute() and friends. [mkp: resolve conflict and return bool] Link: https://lore.kernel.org/r/20210427083046.31620-7-hare@suse.deReviewed-by: NBart Van Assche <bvanassche@acm.org> Reviewed-by: NChristoph Hellwig <hch@lst.de> Signed-off-by: NHannes Reinecke <hare@suse.de> Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com> Signed-off-by: NZhang Yi <yi.zhang@huawei.com> Reviewed-by: NJason Yan <yanaijie@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 John Harrison 提交于
mainline inclusion from mainline-5.11-rc1 commit c784e524 bugzilla: 185850 https://gitee.com/openeuler/kernel/issues/I4DDEL CVE: CVE-2020-12363, CVE-2020-12364 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c784e5249e773689e38d2bc1749f08b986621a26 -------------------------------- The latest GuC firmware includes a number of interface changes that require driver updates to match. * Starting from Gen11, the ID to be provided to GuC needs to contain the engine class in bits [0..2] and the instance in bits [3..6]. NOTE: this patch breaks pointer dereferences in some existing GuC functions that use the guc_id to dereference arrays but these functions are not used for now as we have GuC submission disabled and we will update these functions in follow up patch which requires new IDs. * The new GuC requires the additional data structure (ADS) and associated 'private_data' pointer to be setup. This is basically a scratch area of memory that the GuC owns. The size is read from the CSS header. * There is now a physical to logical engine mapping table in the ADS which needs to be configured in order for the firmware to load. For now, the table is initialised with a 1 to 1 mapping. * GUC_CTL_CTXINFO has been removed from the initialization params. * reg_state_buffer is maintained internally by the GuC as part of the private data. * The ADS layout has changed significantly. This patch updates the shared structure and also adds better documentation of the layout. * While i915 does not use GuC doorbells, the firmware now requires that some initialisation is done. * The number of engine classes and instances supported in the ADS has been increased. Signed-off-by: NJohn Harrison <John.C.Harrison@Intel.com> Signed-off-by: NMatthew Brost <matthew.brost@intel.com> Signed-off-by: NDaniele Ceraolo Spurio <daniele.ceraolospurio@intel.com> Signed-off-by: NOscar Mateo <oscar.mateo@intel.com> Signed-off-by: NMichel Thierry <michel.thierry@intel.com> Signed-off-by: NRodrigo Vivi <rodrigo.vivi@intel.com> Signed-off-by: NMichal Wajdeczko <michal.wajdeczko@intel.com> Cc: Michal Winiarski <michal.winiarski@intel.com> Cc: Tomasz Lis <tomasz.lis@intel.com> Cc: Joonas Lahtinen <joonas.lahtinen@linux.intel.com> Reviewed-by: NDaniele Ceraolo Spurio <daniele.ceraolospurio@intel.com> Signed-off-by: NJoonas Lahtinen <joonas.lahtinen@linux.intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20201028145826.2949180-2-John.C.Harrison@Intel.comSigned-off-by: NChen Jun <chenjun102@huawei.com> Reviewed-by: NXiu Jianfeng <xiujianfeng@huawei.com> Reviewed-by: NJason Yan <yanaijie@huawei.com> Signed-off-by: NChen Jun <chenjun102@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
- 12 1月, 2022 12 次提交
-
-
由 Ni Fujia 提交于
driver inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I4NDP8 CVE: NA ------------------- The hisi_hba debugfs_dump_index member should increased after a dump insertion completed, and not before it has started, so fix the code to do so. Signed-off-by: NLuo Jiaxing <luojiaxing@huawei.com> Signed-off-by: NJohn Garry <john.garry@huawei.com> Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com> Reviewed-by: NOuyangdelong <ouyangdelong@huawei.com> Signed-off-by: NNifujia <nifujia1@hisilicon.com> Reviewed-by: NWei Li <liwei391@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Calvin Owens 提交于
mainline inclusion from mainline-v5.13-rc1 commit f4be591f category: feature feature: brd bugzilla: https://gitee.com/openeuler/kernel/issues/I4PMV3?from=project-issue ---------------------------------------------------------------------------- While the maximum size of each ramdisk is defined either as a module parameter, or compile time default, it's impossible to know how many pages have currently been allocated by each ram%d device, since they're allocated when used and never freed. This patch creates a new directory at this location: /sys/kernel/debug/ramdisk_pages/ which will contain a file named "ram%d" for each instantiated ramdisk on the system. The file is read-only, and read() will output the number of pages currently held by that ramdisk. We lose track how much memory a ramdisk is using as pages once used are simply recycled but never freed. In instances where we exhaust the size of the ramdisk with a file that exceeds it, encounter ENOSPC and delete the file for mitigation; df would show decrease in used and increase in available blocks but the since we have touched all pages, the memory footprint of the ramdisk does not reflect the blocks used/available count ... [root@localhost ~]# mkfs.ext2 /dev/ram15 mke2fs 1.45.6 (20-Mar-2020) Creating filesystem with 4096 1k blocks and 1024 inodes [root@localhost ~]# mount /dev/ram15 /mnt/ram15/ [root@localhost ~]# cat /sys/kernel/debug/ramdisk_pages/ram15 58 [root@kerneltest008.06.prn3 ~]# df /dev/ram15 Filesystem 1K-blocks Used Available Use% Mounted on /dev/ram15 3963 31 3728 1% /mnt/ram15 [root@kerneltest008.06.prn3 ~]# dd if=/dev/urandom of=/mnt/ram15/test2 bs=1M count=5 dd: error writing '/mnt/ram15/test2': No space left on device 4+0 records in 3+0 records out 4005888 bytes (4.0 MB, 3.8 MiB) copied, 0.0446614 s, 89.7 MB/s [root@kerneltest008.06.prn3 ~]# df /mnt/ram15/ Filesystem 1K-blocks Used Available Use% Mounted on /dev/ram15 3963 3960 0 100% /mnt/ram15 [root@kerneltest008.06.prn3 ~]# cat /sys/kernel/debug/ramdisk_pages/ram15 1024 [root@kerneltest008.06.prn3 ~]# rm /mnt/ram15/test2 rm: remove regular file '/mnt/ram15/test2'? y [root@kerneltest008.06.prn3 /var]# df /dev/ram15 Filesystem 1K-blocks Used Available Use% Mounted on /dev/ram15 3963 31 3728 1% /mnt/ram15 # Acutal memory footprint [root@kerneltest008.06.prn3 /var]# cat /sys/kernel/debug/ramdisk_pages/ram15 1024 ... This debugfs counter will always reveal the accurate number of permanently allocated pages to the ramdisk. Signed-off-by: NCalvin Owens <calvinowens@fb.com> [cleaned up the !CONFIG_DEBUG_FS case and API changes for HEAD] Signed-off-by: NKyle McMartin <jkkm@fb.com> [rebased] Signed-off-by: NSaravanan D <saravanand@fb.com> Signed-off-by: NJens Axboe <axboe@kernel.dk> Conflicts: /drivers/block/brd.c Signed-off-by: NWu Guanghao <wuguanghao3@huawei.com> Reviewed-by: NJason Yan <yanaijie@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 43710bfe category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43710bfebf23 ---------------------------------------------------------------------- Currently PF and VF use two sets of command code for modules to interact with firmware. These codes values are same espect the macro names. It is redundent to keep two sets of command code for same functions between PF and VF. So this patch firstly creates a unified command code for PF and VF module. We keep the macro name same with the PF command code name to avoid too many meaningless modifications. Secondly the new common command codes are used to replace the old ones in VF and deletes the old ones. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 4afc310c category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4afc310cf9a8 ---------------------------------------------------------------------- This patch firstly uses new tqp struct(hclge_comm_tqp) and removes the old VF tqp struct(hclgevf_tqp). All the tqp stats members used in VF module are modified according to the new hclge_comm_tqp. Secondly VF tqp stats APIs are refactored to use new common tqp stats APIs. The old tqp stats APIs in VF are deleted. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit add7645c category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=add7645c841c ---------------------------------------------------------------------- This patch firstly uses new tqp struct(hclge_comm_tqp) and deletes the old PF tqp struct(hclge_tqp). All the tqp stats members used in PF module are modified according to the new hclge_comm_tqp. Secondly PF tqp stats APIs are refactored to use new common tqp stats APIs. The old tqp stats APIs in PF are deleted. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 287db5c4 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=287db5c40d15 ---------------------------------------------------------------------- This patch creates new set of common tqp stats structures and APIs for PF and VF tqp stats module. Subfunctions such as get tqp stats, update tqp stats and reset tqp stats are inclued in this patch. These new common tqp stats APIs will be used to replace the old PF and VF tqp stats APIs in next patches. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 93969dc1 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93969dc14fcd ---------------------------------------------------------------------- This patch uses common rss init APIs to replace the old APIs in VF rss module and removes the old VF rss init APIs. Several related Subfunctions and macros are also modified in this patch. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 07dce03c category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=07dce03cd5aa ---------------------------------------------------------------------- This patch uses common rss init APIs to replace the old APIs in PF rss module and deletes the old PF rss init APIs. Some related subfunctions and macros are also modified in this patch. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 2c0d3f4c category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c0d3f4cd25f ---------------------------------------------------------------------- This patch creates new set of common rss init APIs for PF and VF rss module. Subfunctions called by rss init process are also created include rss tuple configuration and rss indirect table configuration. These new common rss init APIs will be used to replace the old PF and VF rss init APIs in next patches. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 7428d6c9 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7428d6c93665 ---------------------------------------------------------------------- This patch uses new common rss set APIs to replace the old APIs in VF rss module and removes those old rss set APIs. The related macros in VF are also modified. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 1813ee52 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1813ee524331 ---------------------------------------------------------------------- This patch uses new common rss set APIs to replace the old APIs in PF rss module and deletes the old rss set APIs. The related macros are also modified. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-
由 Jie Wang 提交于
mainline inclusion from mainline-master commit 6de06004 category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I4Q02P CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6de060042867 ---------------------------------------------------------------------- Currently, hns3 PF and VF rss module have two sets of rss set APIs to configure rss. There is no need to keep two sets of these same APIs. So this patch creates new set of common rss set APIs for PF and VF reuse. These new APIs will be used to unify old APIs in next patches. Signed-off-by: NJie Wang <wangjie125@huawei.com> Signed-off-by: NDavid S. Miller <davem@davemloft.net> Signed-off-by: NGuangbin Huang <huangguangbin2@huawei.com> Reviewed-by: NJian Shen <shenjian15@huawei.com> Reviewed-by: NYue Haibing <yuehaibing@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
-