1. 14 12月, 2022 4 次提交
    • Y
      LoongArch: extable: Add a dedicated uaccess handler · 672999cf
      Youling Tang 提交于
      Inspired by commit 2e77a62c("arm64: extable: add a dedicated uaccess
      handler"), do similar to LoongArch to add a dedicated uaccess exception
      handler to update registers in exception context and subsequently return
      back into the function which faulted, so we remove the need for fixups
      specialized to each faulting instruction.
      
      Add gpr-num.h here because we need to map the same GPR names to integer
      constants, so that we can use this to build meta-data for the exception
      fixups.
      
      The compiler treats gpr 0 as zero rather than $r0, so set it separately
      to .L__gpr_num_zero, otherwise the following assembly error will occurs:
      
      {standard input}: Assembler messages:
      {standard input}:1074: Error: invalid operands (*UND* and *ABS* sections) for `<<'
      {standard input}:1160: Error: invalid operands (*UND* and *ABS* sections) for `<<'
      make[1]: *** [scripts/Makefile.build:249: fs/fcntl.o] Error 1
      Signed-off-by: NYouling Tang <tangyouling@loongson.cn>
      Signed-off-by: NHuacai Chen <chenhuacai@loongson.cn>
      672999cf
    • Y
      LoongArch: extable: Add `type` and `data` fields · 26bc8244
      Youling Tang 提交于
      This is a LoongArch port of commit d6e2cc56 ("arm64: extable: add
      `type` and `data` fields").
      
      Subsequent patches will add specialized handlers for fixups, in addition
      to the simple PC fixup we have today. In preparation, this patch adds a
      new `type` field to struct exception_table_entry, and uses this to
      distinguish the fixup and other cases. A `data` field is also added so
      that subsequent patches can associate data specific to each exception
      site (e.g. register numbers).
      
      Handlers are named ex_handler_*() for consistency, following the example
      of x86. At the same time, get_ex_fixup() is split out into a helper so
      that it can be used by other ex_handler_*() functions in the subsequent
      patches.
      Signed-off-by: NYouling Tang <tangyouling@loongson.cn>
      Signed-off-by: NHuacai Chen <chenhuacai@loongson.cn>
      26bc8244
    • Y
      LoongArch: Switch to relative exception tables · 3d36f429
      Youling Tang 提交于
      Similar to other architectures such as arm64, x86, riscv and so on, use
      offsets relative to the exception table entry values rather than their
      absolute addresses for both the exception location and the fixup.
      
      However, LoongArch label difference because it will actually produce two
      relocations, a pair of R_LARCH_ADD32 and R_LARCH_SUB32. Take simple code
      below for example:
      
      $ cat test_ex_table.S
      .section .text
      1:
              nop
      .section __ex_table,"a"
              .balign 4
              .long (1b - .)
      .previous
      
      $ loongarch64-unknown-linux-gnu-gcc -c test_ex_table.S
      $ loongarch64-unknown-linux-gnu-readelf -Wr test_ex_table.o
      
      Relocation section '.rela__ex_table' at offset 0x100 contains 2 entries:
          Offset            Info             Type         Symbol's Value   Symbol's Name + Addend
      0000000000000000 0000000600000032 R_LARCH_ADD32    0000000000000000  .L1^B1 + 0
      0000000000000000 0000000500000037 R_LARCH_SUB32    0000000000000000  L0^A + 0
      
      The modpost will complain the R_LARCH_SUB32 relocation, so we need to
      patch modpost.c to skip this relocation for .rela__ex_table section.
      Signed-off-by: NYouling Tang <tangyouling@loongson.cn>
      Signed-off-by: NHuacai Chen <chenhuacai@loongson.cn>
      3d36f429
    • Y
      LoongArch: Consolidate __ex_table construction · 508f28c6
      Youling Tang 提交于
      Consolidate all the __ex_table constuction code with a _ASM_EXTABLE or
      _asm_extable helper.
      
      There should be no functional change as a result of this patch.
      Signed-off-by: NYouling Tang <tangyouling@loongson.cn>
      Signed-off-by: NHuacai Chen <chenhuacai@loongson.cn>
      508f28c6
  2. 13 12月, 2022 1 次提交
  3. 12 12月, 2022 7 次提交
    • R
      Merge branches 'acpi-fan', 'acpi-pcc', 'acpi-misc' and 'pnp' · bee74dcb
      Rafael J. Wysocki 提交于
      Merge ACPI fan driver fixes, ACPI PCC driver fixes, miscellaneous ACPI
      cleanups and PNP updates for 6.2-rc1:
      
       - Make the ACPI fan driver use sysfs_emit_at() in its sysfs interface
         code (ye xingchen).
      
       - Fix the _FIF package extraction failure handling in the ACPI fan
         driver (Hanjun Guo).
      
       - Fix the PCC mailbox handling error code path (Huisong Li).
      
       - Avoid using PCC Opregions if there is no platform interrupt allocated
         for this purpose (Huisong Li).
      
       - Use sysfs_emit() instead of scnprintf() in the ACPI PAD driver and
         CPPC library (ye xingchen).
      
       - Fix some kernel-doc issues in the ACPI GSI processing code (Xiongfeng
         Wang).
      
       - Fix name memory leak in pnp_alloc_dev() (Yang Yingliang).
      
       - Do not disable PNP devices on suspend when they cannot be re-enabled
         on resume (Hans de Goede).
      
      * acpi-fan:
        ACPI: fan: Convert to use sysfs_emit_at() API
        ACPI: fan: Bail out if extract package failed
      
      * acpi-pcc:
        mailbox: pcc: Reset pcc_chan_count to zero in case of PCC probe failure
        ACPI: PCC: Setup PCC Opregion handler only if platform interrupt is available
      
      * acpi-misc:
        ACPI: use sysfs_emit() instead of scnprintf()
        ACPI: irq: Fix some kernel-doc issues
      
      * pnp:
        PNP: Do not disable devices on suspend when they cannot be re-enabled on resume
        PNP: fix name memory leak in pnp_alloc_dev()
      bee74dcb
    • R
      Merge branches 'acpi-apei', 'acpi-x86', 'acpi-battery' and 'acpi-pfrut' · 39f26d10
      Rafael J. Wysocki 提交于
      Make ACPI APEI updates, x86-specific ACPI updates, ACPI battery driver
      fix and ACPI PFRU/T driver fixes for 6.2-rc1:
      
       - Drop unsetting ACPI APEI driver data on remove (Uwe Kleine-König).
      
       - Use xchg_release() instead of cmpxchg() for updating new GHES cache
         slots (Ard Biesheuvel).
      
       - Clean up the ACPI APEI code (Sudeep Holla, Christophe JAILLET, Jay Lu).
      
       - Add new I2C device enumeration quirks for Medion Lifetab S10346 and
         Lenovo Yoga Tab 3 Pro (YT3-X90F) (Hans de Goede).
      
       - Make the ACPI battery driver notify user space about adding new
         battery hooks and removing the existing ones (Armin Wolf).
      
       - Modify the pfr_update and pfr_telemetry drivers to use ACPI_FREE()
         for freeing acpi_object structures to help diagnostics (Wang ShaoBo).
      
      * acpi-apei:
        ACPI: APEI: EINJ: Refactor available_error_type_show()
        ACPI: APEI: EINJ: Fix formatting errors
        ACPI: APEI: Remove a useless include
        ACPI: APEI: Silence missing prototype warnings
        apei/ghes: Use xchg_release() for updating new cache slot instead of cmpxchg()
        ACPI: APEI: Drop unsetting driver data on remove
      
      * acpi-x86:
        ACPI: x86: Add skip i2c clients quirk for Medion Lifetab S10346
        ACPI: x86: Add skip i2c clients quirk for Lenovo Yoga Tab 3 Pro (YT3-X90F)
      
      * acpi-battery:
        ACPI: battery: Call power_supply_changed() when adding hooks
      
      * acpi-pfrut:
        ACPI: pfr_update: use ACPI_FREE() to free acpi_object
        ACPI: pfr_telemetry: use ACPI_FREE() to free acpi_object
      39f26d10
    • R
      Merge branches 'acpi-pm', 'acpi-processor', 'acpi-ec' and 'acpi-video' · 6f158181
      Rafael J. Wysocki 提交于
      Make ACPI power management changes, ACPI processor driver updates, ACPI
      EC driver quirk and ACPI backlight driver updates for 6.2-rc1:
      
       - Print full name paths of ACPI power resources objects during
         enumeration (Kane Chen).
      
       - Eliminate a compiler warning regarding a missing function prototype
         in the ACPI power management code (Sudeep Holla).
      
       - Fix and clean up the ACPI processor driver (Rafael Wysocki, Li Zhong,
         Colin Ian King, Sudeep Holla).
      
       - Add quirk for the HP Pavilion Gaming 15-cx0041ur to the ACPI EC
         driver (Mia Kanashi).
      
       - Add some mew ACPI backlight handling quirks and update some existing
         ones (Hans de Goede).
      
       - Make the ACPI backlight driver prefer the native backlight control
         over vendor backlight control when possible (Hans de Goede).
      
      * acpi-pm:
        ACPI: PM: Silence missing prototype warning
        ACPI: PM: Print full name path while adding power resource
      
      * acpi-processor:
        ACPI: processor: perflib: Adjust acpi_processor_notify_smm() return value
        ACPI: processor: perflib: Rearrange acpi_processor_notify_smm()
        ACPI: processor: perflib: Rearrange unregistration routine
        ACPI: processor: perflib: Drop redundant parentheses
        ACPI: processor: perflib: Adjust white space
        ACPI: processor: idle: Drop unnecessary statements and parens
        ACPI: processor: Silence missing prototype warnings
        ACPI: processor_idle: Silence missing prototype warnings
        ACPI: processor: throttling: remove variable count
        ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value
      
      * acpi-ec:
        ACPI: EC: Add quirk for the HP Pavilion Gaming 15-cx0041ur
      
      * acpi-video:
        ACPI: video: Prefer native over vendor
        ACPI: video: Simplify __acpi_video_get_backlight_type()
        ACPI: video: Add force_native quirk for Sony Vaio VPCY11S1E
        ACPI: video: Add force_vendor quirk for Sony Vaio PCG-FRV35
        ACPI: video: Change Sony Vaio VPCEH3U1E quirk to force_native
        ACPI: video: Change GIGABYTE GB-BXBT-2807 quirk to force_none
        ACPI: video: Add a few bugtracker links to DMI quirks
      6f158181
    • R
      Merge branches 'acpi-scan', 'acpi-bus', 'acpi-tables' and 'acpi-sysfs' · 45494d77
      Rafael J. Wysocki 提交于
      Merge ACPI changes related to device enumeration, device object
      managenet, operation region handling, table parsing and sysfs
      interface:
      
       - Use ZERO_PAGE(0) instead of empty_zero_page in the ACPI device
         enumeration code (Giulio Benetti).
      
       - Change the return type of the ACPI driver remove callback to void and
         update its users accordingly (Dawei Li).
      
       - Add general support for FFH address space type and implement the low-
         level part of it for ARM64 (Sudeep Holla).
      
       - Fix stale comments in the ACPI tables parsing code and make it print
         more messages related to MADT (Hanjun Guo, Huacai Chen).
      
       - Replace invocations of generic library functions with more kernel-
         specific counterparts in the ACPI sysfs interface (Christophe JAILLET,
         Xu Panda).
      
      * acpi-scan:
        ACPI: scan: substitute empty_zero_page with helper ZERO_PAGE(0)
      
      * acpi-bus:
        ACPI: FFH: Silence missing prototype warnings
        ACPI: make remove callback of ACPI driver void
        ACPI: bus: Fix the _OSC capability check for FFH OpRegion
        arm64: Add architecture specific ACPI FFH Opregion callbacks
        ACPI: Implement a generic FFH Opregion handler
      
      * acpi-tables:
        ACPI: tables: Fix the stale comments for acpi_locate_initial_tables()
        ACPI: tables: Print CORE_PIC information when MADT is parsed
      
      * acpi-sysfs:
        ACPI: sysfs: use sysfs_emit() to instead of scnprintf()
        ACPI: sysfs: Use kstrtobool() instead of strtobool()
      45494d77
    • R
      Merge branch 'acpica' · 888bc86e
      Rafael J. Wysocki 提交于
      Merge ACPICA changes, including bug fixes and cleanups as well as support
      for some recently defined data structures, for 6.2-rc1:
      
       - Make acpi_ex_load_op() match upstream implementation (Rafael Wysocki).
       - Add support for loong_arch-specific APICs in MADT (Huacai Chen).
       - Add support for fixed PCIe wake event (Huacai Chen).
       - Add EBDA pointer sanity checks (Vit Kabele).
       - Avoid accessing VGA memory when EBDA < 1KiB (Vit Kabele).
       - Add CCEL table support to both compiler/disassembler (Kuppuswamy
         Sathyanarayanan).
       - Add a couple of new UUIDs to the known UUID list (Bob Moore).
       - Add support for FFH Opregion special context data (Sudeep Holla).
       - Improve warning message for "invalid ACPI name" (Bob Moore).
       - Add support for CXL 3.0 structures (CXIMS & RDPAS) in the CEDT table
         (Alison Schofield).
       - Prepare IORT support for revision E.e (Robin Murphy).
       - Finish support for the CDAT table (Bob Moore).
       - Fix error code path in acpi_ds_call_control_method() (Rafael Wysocki).
       - Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (Li Zetao).
       - Update the version of the ACPICA code in the kernel (Bob Moore).
      
      * acpica:
        ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
        ACPICA: Fix error code path in acpi_ds_call_control_method()
        ACPICA: Update version to 20221020
        ACPICA: Add utcksum.o to the acpidump Makefile
        Revert "LoongArch: Provisionally add ACPICA data structures"
        ACPICA: Finish support for the CDAT table
        ACPICA: IORT: Update for revision E.e
        ACPICA: Add CXL 3.0 structures (CXIMS & RDPAS) to the CEDT table
        ACPICA: Improve warning message for "invalid ACPI name"
        ACPICA: Add support for FFH Opregion special context data
        ACPICA: Add a couple of new UUIDs to the known UUID list
        ACPICA: iASL: Add CCEL table to both compiler/disassembler
        ACPICA: Do not touch VGA memory when EBDA < 1ki_b
        ACPICA: Check that EBDA pointer is in valid memory
        ACPICA: Events: Support fixed PCIe wake event
        ACPICA: MADT: Add loong_arch-specific APICs support
        ACPICA: Make acpi_ex_load_op() match upstream
      888bc86e
    • L
      Linux 6.1 · 830b3c68
      Linus Torvalds 提交于
      830b3c68
    • L
      Merge tag 'iommu-fix-v6.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu · d92b86f6
      Linus Torvalds 提交于
      Pull iommu fix from Joerg Roedel:
      
       - Fix device mask to catch all affected devices in the recently added
         quirk for QAT devices in the Intel VT-d driver.
      
      * tag 'iommu-fix-v6.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
        iommu/vt-d: Fix buggy QAT device mask
      d92b86f6
  4. 11 12月, 2022 2 次提交
  5. 10 12月, 2022 11 次提交
    • T
      memcg: fix possible use-after-free in memcg_write_event_control() · 4a7ba45b
      Tejun Heo 提交于
      memcg_write_event_control() accesses the dentry->d_name of the specified
      control fd to route the write call.  As a cgroup interface file can't be
      renamed, it's safe to access d_name as long as the specified file is a
      regular cgroup file.  Also, as these cgroup interface files can't be
      removed before the directory, it's safe to access the parent too.
      
      Prior to 347c4a87 ("memcg: remove cgroup_event->cft"), there was a
      call to __file_cft() which verified that the specified file is a regular
      cgroupfs file before further accesses.  The cftype pointer returned from
      __file_cft() was no longer necessary and the commit inadvertently dropped
      the file type check with it allowing any file to slip through.  With the
      invarients broken, the d_name and parent accesses can now race against
      renames and removals of arbitrary files and cause use-after-free's.
      
      Fix the bug by resurrecting the file type check in __file_cft().  Now that
      cgroupfs is implemented through kernfs, checking the file operations needs
      to go through a layer of indirection.  Instead, let's check the superblock
      and dentry type.
      
      Link: https://lkml.kernel.org/r/Y5FRm/cfcKPGzWwl@slm.duckdns.org
      Fixes: 347c4a87 ("memcg: remove cgroup_event->cft")
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Reported-by: NJann Horn <jannh@google.com>
      Acked-by: NRoman Gushchin <roman.gushchin@linux.dev>
      Acked-by: NJohannes Weiner <hannes@cmpxchg.org>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Michal Hocko <mhocko@kernel.org>
      Cc: Muchun Song <songmuchun@bytedance.com>
      Cc: Shakeel Butt <shakeelb@google.com>
      Cc: <stable@vger.kernel.org>	[3.14+]
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      4a7ba45b
    • M
      MAINTAINERS: update Muchun Song's email · a501788a
      Muchun Song 提交于
      I'm moving to the @linux.dev account.  Map my old addresses and update it
      to my new address.
      
      Link: https://lkml.kernel.org/r/20221208115548.85244-1-songmuchun@bytedance.comSigned-off-by: NMuchun Song <songmuchun@bytedance.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      a501788a
    • J
      mm/gup: fix gup_pud_range() for dax · fcd0ccd8
      John Starks 提交于
      For dax pud, pud_huge() returns true on x86. So the function works as long
      as hugetlb is configured. However, dax doesn't depend on hugetlb.
      Commit 414fd080 ("mm/gup: fix gup_pmd_range() for dax") fixed
      devmap-backed huge PMDs, but missed devmap-backed huge PUDs. Fix this as
      well.
      
      This fixes the below kernel panic:
      
      general protection fault, probably for non-canonical address 0x69e7c000cc478: 0000 [#1] SMP
      	< snip >
      Call Trace:
      <TASK>
      get_user_pages_fast+0x1f/0x40
      iov_iter_get_pages+0xc6/0x3b0
      ? mempool_alloc+0x5d/0x170
      bio_iov_iter_get_pages+0x82/0x4e0
      ? bvec_alloc+0x91/0xc0
      ? bio_alloc_bioset+0x19a/0x2a0
      blkdev_direct_IO+0x282/0x480
      ? __io_complete_rw_common+0xc0/0xc0
      ? filemap_range_has_page+0x82/0xc0
      generic_file_direct_write+0x9d/0x1a0
      ? inode_update_time+0x24/0x30
      __generic_file_write_iter+0xbd/0x1e0
      blkdev_write_iter+0xb4/0x150
      ? io_import_iovec+0x8d/0x340
      io_write+0xf9/0x300
      io_issue_sqe+0x3c3/0x1d30
      ? sysvec_reschedule_ipi+0x6c/0x80
      __io_queue_sqe+0x33/0x240
      ? fget+0x76/0xa0
      io_submit_sqes+0xe6a/0x18d0
      ? __fget_light+0xd1/0x100
      __x64_sys_io_uring_enter+0x199/0x880
      ? __context_tracking_enter+0x1f/0x70
      ? irqentry_exit_to_user_mode+0x24/0x30
      ? irqentry_exit+0x1d/0x30
      ? __context_tracking_exit+0xe/0x70
      do_syscall_64+0x3b/0x90
      entry_SYSCALL_64_after_hwframe+0x61/0xcb
      RIP: 0033:0x7fc97c11a7be
      	< snip >
      </TASK>
      ---[ end trace 48b2e0e67debcaeb ]---
      RIP: 0010:internal_get_user_pages_fast+0x340/0x990
      	< snip >
      Kernel panic - not syncing: Fatal exception
      Kernel Offset: disabled
      
      Link: https://lkml.kernel.org/r/1670392853-28252-1-git-send-email-ssengar@linux.microsoft.com
      Fixes: 414fd080 ("mm/gup: fix gup_pmd_range() for dax")
      Signed-off-by: NJohn Starks <jostarks@microsoft.com>
      Signed-off-by: NSaurabh Sengar <ssengar@linux.microsoft.com>
      Cc: Jan Kara <jack@suse.cz>
      Cc: Yu Zhao <yuzhao@google.com>
      Cc: Jason Gunthorpe <jgg@nvidia.com>
      Cc: John Hubbard <jhubbard@nvidia.com>
      Cc: David Hildenbrand <david@redhat.com>
      Cc: Dan Williams <dan.j.williams@intel.com>
      Cc: Alistair Popple <apopple@nvidia.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      fcd0ccd8
    • L
      mmap: fix do_brk_flags() modifying obviously incorrect VMAs · 6c28ca64
      Liam Howlett 提交于
      Add more sanity checks to the VMA that do_brk_flags() will expand.  Ensure
      the VMA matches basic merge requirements within the function before
      calling can_vma_merge_after().
      
      Drop the duplicate checks from vm_brk_flags() since they will be enforced
      later.
      
      The old code would expand file VMAs on brk(), which is functionally
      wrong and also dangerous in terms of locking because the brk() path
      isn't designed for file VMAs and therefore doesn't lock the file
      mapping.  Checking can_vma_merge_after() ensures that new anonymous
      VMAs can't be merged into file VMAs.
      
      See https://lore.kernel.org/linux-mm/CAG48ez1tJZTOjS_FjRZhvtDA-STFmdw8PEizPDwMGFd_ui0Nrw@mail.gmail.com/
      
      Link: https://lkml.kernel.org/r/20221205192304.1957418-1-Liam.Howlett@oracle.com
      Fixes: 2e7ce7d3 ("mm/mmap: change do_brk_flags() to expand existing VMA and add do_brk_munmap()")
      Signed-off-by: NLiam R. Howlett <Liam.Howlett@oracle.com>
      Suggested-by: NJann Horn <jannh@google.com>
      Cc: Jason A. Donenfeld <Jason@zx2c4.com>
      Cc: Matthew Wilcox <willy@infradead.org>
      Cc: SeongJae Park <sj@kernel.org>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Yu Zhao <yuzhao@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      6c28ca64
    • D
      mm/swap: fix SWP_PFN_BITS with CONFIG_PHYS_ADDR_T_64BIT on 32bit · 630dc25e
      David Hildenbrand 提交于
      We use "unsigned long" to store a PFN in the kernel and phys_addr_t to
      store a physical address.
      
      On a 64bit system, both are 64bit wide.  However, on a 32bit system, the
      latter might be 64bit wide.  This is, for example, the case on x86 with
      PAE: phys_addr_t and PTEs are 64bit wide, while "unsigned long" only spans
      32bit.
      
      The current definition of SWP_PFN_BITS without MAX_PHYSMEM_BITS misses
      that case, and assumes that the maximum PFN is limited by an 32bit
      phys_addr_t.  This implies, that SWP_PFN_BITS will currently only be able
      to cover 4 GiB - 1 on any 32bit system with 4k page size, which is wrong.
      
      Let's rely on the number of bits in phys_addr_t instead, but make sure to
      not exceed the maximum swap offset, to not make the BUILD_BUG_ON() in
      is_pfn_swap_entry() unhappy.  Note that swp_entry_t is effectively an
      unsigned long and the maximum swap offset shares that value with the swap
      type.
      
      For example, on an 8 GiB x86 PAE system with a kernel config based on
      Debian 11.5 (-> CONFIG_FLATMEM=y, CONFIG_X86_PAE=y), we will currently
      fail removing migration entries (remove_migration_ptes()), because
      mm/page_vma_mapped.c:check_pte() will fail to identify a PFN match as
      swp_offset_pfn() wrongly masks off PFN bits.  For example,
      split_huge_page_to_list()->...->remap_page() will leave migration entries
      in place and continue to unlock the page.
      
      Later, when we stumble over these migration entries (e.g., via
      /proc/self/pagemap), pfn_swap_entry_to_page() will BUG_ON() because these
      migration entries shouldn't exist anymore and the page was unlocked.
      
      [   33.067591] kernel BUG at include/linux/swapops.h:497!
      [   33.067597] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
      [   33.067602] CPU: 3 PID: 742 Comm: cow Tainted: G            E      6.1.0-rc8+ #16
      [   33.067605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014
      [   33.067606] EIP: pagemap_pmd_range+0x644/0x650
      [   33.067612] Code: 00 00 00 00 66 90 89 ce b9 00 f0 ff ff e9 ff fb ff ff 89 d8 31 db e8 48 c6 52 00 e9 23 fb ff ff e8 61 83 56 00 e9 b6 fe ff ff <0f> 0b bf 00 f0 ff ff e9 38 fa ff ff 3e 8d 74 26 00 55 89 e5 57 31
      [   33.067615] EAX: ee394000 EBX: 00000002 ECX: ee394000 EDX: 00000000
      [   33.067617] ESI: c1b0ded4 EDI: 00024a00 EBP: c1b0ddb4 ESP: c1b0dd68
      [   33.067619] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00010246
      [   33.067624] CR0: 80050033 CR2: b7a00000 CR3: 01bbbd20 CR4: 00350ef0
      [   33.067625] Call Trace:
      [   33.067628]  ? madvise_free_pte_range+0x720/0x720
      [   33.067632]  ? smaps_pte_range+0x4b0/0x4b0
      [   33.067634]  walk_pgd_range+0x325/0x720
      [   33.067637]  ? mt_find+0x1d6/0x3a0
      [   33.067641]  ? mt_find+0x1d6/0x3a0
      [   33.067643]  __walk_page_range+0x164/0x170
      [   33.067646]  walk_page_range+0xf9/0x170
      [   33.067648]  ? __kmem_cache_alloc_node+0x2a8/0x340
      [   33.067653]  pagemap_read+0x124/0x280
      [   33.067658]  ? default_llseek+0x101/0x160
      [   33.067662]  ? smaps_account+0x1d0/0x1d0
      [   33.067664]  vfs_read+0x90/0x290
      [   33.067667]  ? do_madvise.part.0+0x24b/0x390
      [   33.067669]  ? debug_smp_processor_id+0x12/0x20
      [   33.067673]  ksys_pread64+0x58/0x90
      [   33.067675]  __ia32_sys_ia32_pread64+0x1b/0x20
      [   33.067680]  __do_fast_syscall_32+0x4c/0xc0
      [   33.067683]  do_fast_syscall_32+0x29/0x60
      [   33.067686]  do_SYSENTER_32+0x15/0x20
      [   33.067689]  entry_SYSENTER_32+0x98/0xf1
      
      Decrease the indentation level of SWP_PFN_BITS and SWP_PFN_MASK to keep it
      readable and consistent.
      
      [david@redhat.com: rely on sizeof(phys_addr_t) and min_t() instead]
        Link: https://lkml.kernel.org/r/20221206105737.69478-1-david@redhat.com
      [david@redhat.com: use "int" for comparison, as we're only comparing numbers < 64]
        Link: https://lkml.kernel.org/r/1f157500-2676-7cef-a84e-9224ed64e540@redhat.com
      Link: https://lkml.kernel.org/r/20221205150857.167583-1-david@redhat.com
      Fixes: 0d206b5d ("mm/swap: add swp_offset_pfn() to fetch PFN from swap entry")
      Signed-off-by: NDavid Hildenbrand <david@redhat.com>
      Acked-by: NPeter Xu <peterx@redhat.com>
      Reviewed-by: NYang Shi <shy828301@gmail.com>
      Cc: Hugh Dickins <hughd@google.com>
      Cc: Andrea Arcangeli <aarcange@redhat.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      630dc25e
    • H
      tmpfs: fix data loss from failed fallocate · 44bcabd7
      Hugh Dickins 提交于
      Fix tmpfs data loss when the fallocate system call is interrupted by a
      signal, or fails for some other reason.  The partial folio handling in
      shmem_undo_range() forgot to consider this unfalloc case, and was liable
      to erase or truncate out data which had already been committed earlier.
      
      It turns out that none of the partial folio handling there is appropriate
      for the unfalloc case, which just wants to proceed to removal of whole
      folios: which find_get_entries() provides, even when partially covered.
      
      Original patch by Rui Wang.
      
      Link: https://lore.kernel.org/linux-mm/33b85d82.7764.1842e9ab207.Coremail.chenguoqic@163.com/
      Link: https://lkml.kernel.org/r/a5dac112-cf4b-7af-a33-f386e347fd38@google.com
      Fixes: b9a8a419 ("truncate,shmem: Handle truncates that split large folios")
      Signed-off-by: NHugh Dickins <hughd@google.com>
      Reported-by: NGuoqi Chen <chenguoqic@163.com>
        Link: https://lore.kernel.org/all/20221101032248.819360-1-kernel@hev.cc/
      Cc: Rui Wang <kernel@hev.cc>
      Cc: Huacai Chen <chenhuacai@loongson.cn>
      Cc: Matthew Wilcox <willy@infradead.org>
      Cc: Vishal Moola (Oracle) <vishal.moola@gmail.com>
      Cc: <stable@vger.kernel.org>	[5.17+]
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      44bcabd7
    • M
      kselftests: cgroup: update kmem test precision tolerance · de16d6e4
      Michal Hocko 提交于
      1813e51e ("memcg: increase MEMCG_CHARGE_BATCH to 64") has changed
      the batch size while this test case has been left behind. This has led
      to a test failure reported by test bot:
      not ok 2 selftests: cgroup: test_kmem # exit=1
      
      Update the tolerance for the pcp charges to reflect the
      MEMCG_CHARGE_BATCH change to fix this.
      
      [akpm@linux-foundation.org: update comments, per Roman]
      Link: https://lkml.kernel.org/r/Y4m8Unt6FhWKC6IH@dhcp22.suse.cz
      Fixes: 1813e51e ("memcg: increase MEMCG_CHARGE_BATCH to 64")
      Signed-off-by: NMichal Hocko <mhocko@suse.com>
      Reported-by: Nkernel test robot <yujie.liu@intel.com>
        Link: https://lore.kernel.org/oe-lkp/202212010958.c1053bd3-yujie.liu@intel.comAcked-by: NShakeel Butt <shakeelb@google.com>
      Acked-by: NRoman Gushchin <roman.gushchin@linux.dev>
      Tested-by: NYujie Liu <yujie.liu@intel.com>
      Cc: Eric Dumazet <edumazet@google.com>
      Cc: Feng Tang <feng.tang@intel.com>
      Cc: Johannes Weiner <hannes@cmpxchg.org>
      Cc: "Michal Koutný" <mkoutny@suse.com>
      Cc: Muchun Song <songmuchun@bytedance.com>
      Cc: Soheil Hassas Yeganeh <soheil@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      de16d6e4
    • J
      mm: do not BUG_ON missing brk mapping, because userspace can unmap it · f5ad5083
      Jason A. Donenfeld 提交于
      The following program will trigger the BUG_ON that this patch removes,
      because the user can munmap() mm->brk:
      
        #include <sys/syscall.h>
        #include <sys/mman.h>
        #include <assert.h>
        #include <unistd.h>
      
        static void *brk_now(void)
        {
          return (void *)syscall(SYS_brk, 0);
        }
      
        static void brk_set(void *b)
        {
          assert(syscall(SYS_brk, b) != -1);
        }
      
        int main(int argc, char *argv[])
        {
          void *b = brk_now();
          brk_set(b + 4096);
          assert(munmap(b - 4096, 4096 * 2) == 0);
          brk_set(b);
          return 0;
        }
      
      Compile that with musl, since glibc actually uses brk(), and then
      execute it, and it'll hit this splat:
      
        kernel BUG at mm/mmap.c:229!
        invalid opcode: 0000 [#1] PREEMPT SMP
        CPU: 12 PID: 1379 Comm: a.out Tainted: G S   U             6.1.0-rc7+ #419
        RIP: 0010:__do_sys_brk+0x2fc/0x340
        Code: 00 00 4c 89 ef e8 04 d3 fe ff eb 9a be 01 00 00 00 4c 89 ff e8 35 e0 fe ff e9 6e ff ff ff 4d 89 a7 20>
        RSP: 0018:ffff888140bc7eb0 EFLAGS: 00010246
        RAX: 0000000000000000 RBX: 00000000007e7000 RCX: ffff8881020fe000
        RDX: ffff8881020fe001 RSI: ffff8881955c9b00 RDI: ffff8881955c9b08
        RBP: 0000000000000000 R08: ffff8881955c9b00 R09: 00007ffc77844000
        R10: 0000000000000000 R11: 0000000000000001 R12: 00000000007e8000
        R13: 00000000007e8000 R14: 00000000007e7000 R15: ffff8881020fe000
        FS:  0000000000604298(0000) GS:ffff88901f700000(0000) knlGS:0000000000000000
        CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
        CR2: 0000000000603fe0 CR3: 000000015ba9a005 CR4: 0000000000770ee0
        PKRU: 55555554
        Call Trace:
         <TASK>
         do_syscall_64+0x2b/0x50
         entry_SYSCALL_64_after_hwframe+0x46/0xb0
        RIP: 0033:0x400678
        Code: 10 4c 8d 41 08 4c 89 44 24 10 4c 8b 01 8b 4c 24 08 83 f9 2f 77 0a 4c 8d 4c 24 20 4c 01 c9 eb 05 48 8b>
        RSP: 002b:00007ffc77863890 EFLAGS: 00000212 ORIG_RAX: 000000000000000c
        RAX: ffffffffffffffda RBX: 000000000040031b RCX: 0000000000400678
        RDX: 00000000004006a1 RSI: 00000000007e6000 RDI: 00000000007e7000
        RBP: 00007ffc77863900 R08: 0000000000000000 R09: 00000000007e6000
        R10: 00007ffc77863930 R11: 0000000000000212 R12: 00007ffc77863978
        R13: 00007ffc77863988 R14: 0000000000000000 R15: 0000000000000000
         </TASK>
      
      Instead, just return the old brk value if the original mapping has been
      removed.
      
      [akpm@linux-foundation.org: fix changelog, per Liam]
      Link: https://lkml.kernel.org/r/20221202162724.2009-1-Jason@zx2c4.com
      Fixes: 2e7ce7d3 ("mm/mmap: change do_brk_flags() to expand existing VMA and add do_brk_munmap()")
      Signed-off-by: NJason A. Donenfeld <Jason@zx2c4.com>
      Acked-by: NVlastimil Babka <vbabka@suse.cz>
      Reviewed-by: NLiam R. Howlett <Liam.Howlett@oracle.com>
      Reviewed-by: NSeongJae Park <sj@kernel.org>
      Cc: Yu Zhao <yuzhao@google.com>
      Cc: Catalin Marinas <catalin.marinas@arm.com>
      Cc: David Hildenbrand <david@redhat.com>
      Cc: David Howells <dhowells@redhat.com>
      Cc: Davidlohr Bueso <dave@stgolabs.net>
      Cc: Matthew Wilcox <willy@infradead.org>
      Cc: Sven Schnelle <svens@linux.ibm.com>
      Cc: Will Deacon <will@kernel.org>
      Cc: Jann Horn <jannh@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      f5ad5083
    • M
      mailmap: update Matti Vaittinen's email address · 38f1d4ae
      Matti Vaittinen 提交于
      The email backend used by ROHM keeps labeling patches as spam.  This can
      result in missing the patches.
      
      Switch my mail address from a company mail to a personal one.
      
      Link: https://lkml.kernel.org/r/8f4498b66fedcbded37b3b87e0c516e659f8f583.1669912977.git.mazziesaccount@gmail.comSigned-off-by: NMatti Vaittinen <mazziesaccount@gmail.com>
      Suggested-by: NKrzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
      Cc: Anup Patel <anup@brainfault.org>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Atish Patra <atishp@atishpatra.org>
      Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
      Cc: Ben Widawsky <bwidawsk@kernel.org>
      Cc: Bjorn Andersson <andersson@kernel.org>
      Cc: Christian Brauner <brauner@kernel.org>
      Cc: Colin Ian King <colin.i.king@gmail.com>
      Cc: Kirill Tkhai <tkhai@ya.ru>
      Cc: Qais Yousef <qyousef@layalina.io>
      Cc: Vasily Averin <vasily.averin@linux.dev>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      38f1d4ae
    • L
      Merge tag 'media/v6.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media · 3ecc3791
      Linus Torvalds 提交于
      Pull media fix from Mauro Carvalho Chehab:
       "A v4l-core fix related to validating DV timings related to video
        blanking values"
      
      * tag 'media/v6.1-4' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media:
        media: v4l2-dv-timings.c: fix too strict blanking sanity checks
      3ecc3791
    • L
      Merge tag 'soc-fixes-6.1-6' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · 9857feb3
      Linus Torvalds 提交于
      Pull ARM SoC fix from Arnd Bergmann:
       "One more last minute revert for a boot regression that was found on
        the popular colibri-imx7"
      
      * tag 'soc-fixes-6.1-6' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
        Revert "ARM: dts: imx7: Fix NAND controller size-cells"
      9857feb3
  6. 09 12月, 2022 15 次提交