1. 10 7月, 2020 4 次提交
    • C
      s390: fix comment regarding interrupts in svc · 7b7735c5
      Christian Borntraeger 提交于
      With the removal of the critical section cleanup, we now enter the svc
      interrupt handler with interrupts disabled.
      
      Fixes: 0b0ed657 ("s390: remove critical section cleanup from entry.S")
      Signed-off-by: NChristian Borntraeger <borntraeger@de.ibm.com>
      Signed-off-by: NHeiko Carstens <hca@linux.ibm.com>
      7b7735c5
    • H
      s390/ap: rework crypto config info and default domain code · c8337c47
      Harald Freudenberger 提交于
      Rework of the QCI crypto info and how it is used.
      This is only a internal rework but does not affect the way
      how the ap bus acts with ap card and queue devices and
      domain handling.
      
      Tested on z15, z14, z12 (QCI support) and z196 (no QCI support).
      Signed-off-by: NHarald Freudenberger <freude@linux.ibm.com>
      Signed-off-by: NHeiko Carstens <hca@linux.ibm.com>
      c8337c47
    • D
      s390/mm: don't set ARCH_KEEP_MEMBLOCK · fa49066f
      David Hildenbrand 提交于
      Commit 50be6345 ("s390/mm: Convert bootmem to memblock") mentions
      	"The original bootmem allocator is getting replaced by memblock. To
      	cover the needs of the s390 kdump implementation the physical
      	memory list is used."
      
      As we can now reference "physmem" managed in the memblock allocator after
      init even without ARCH_KEEP_MEMBLOCK, and s390x does no longer need
      other memblock metadata after boot (esp., the zcore memmap device that used
      it got removed), we can stop setting ARCH_KEEP_MEMBLOCK.
      
      With this change, we no longer create memblocks for standby/hotplugged
      memory (added via add_memory()) and free up memblock metadata (except
      physmem) after boot.
      
      Cc: Vasily Gorbik <gor@linux.ibm.com>
      Cc: Christian Borntraeger <borntraeger@de.ibm.com>
      Cc: Philipp Rudo <prudo@linux.ibm.com>
      Cc: Mike Rapoport <rppt@linux.ibm.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NDavid Hildenbrand <david@redhat.com>
      Message-Id: <20200701141830.18749-3-david@redhat.com>
      Signed-off-by: NHeiko Carstens <hca@linux.ibm.com>
      fa49066f
    • D
      mm/memblock: expose only miminal interface to add/walk physmem · 77649905
      David Hildenbrand 提交于
      "physmem" in the memblock allocator is somewhat weird: it's not actually
      used for allocation, it's simply information collected during boot, which
      describes the unmodified physical memory map at boot time, without any
      standby/hotplugged memory. It's only used on s390 and is currently the
      only reason s390 keeps using CONFIG_ARCH_KEEP_MEMBLOCK.
      
      Physmem isn't numa aware and current users don't specify any flags. Let's
      hide it from the user, exposing only for_each_physmem(), and simplify. The
      interface for physmem is now really minimalistic:
      - memblock_physmem_add() to add ranges
      - for_each_physmem() / __next_physmem_range() to walk physmem ranges
      
      Don't place it into an __init section and don't discard it without
      CONFIG_ARCH_KEEP_MEMBLOCK. As we're reusing __next_mem_range(), remove
      the __meminit notifier to avoid section mismatch warnings once
      CONFIG_ARCH_KEEP_MEMBLOCK is no longer used with
      CONFIG_HAVE_MEMBLOCK_PHYS_MAP.
      
      While fixing up the documentation, sneak in some related cleanups. We can
      stop setting CONFIG_ARCH_KEEP_MEMBLOCK for s390 next.
      
      Cc: Vasily Gorbik <gor@linux.ibm.com>
      Cc: Christian Borntraeger <borntraeger@de.ibm.com>
      Cc: Mike Rapoport <rppt@linux.ibm.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NDavid Hildenbrand <david@redhat.com>
      Reviewed-by: NMike Rapoport <rppt@linux.ibm.com>
      Message-Id: <20200701141830.18749-2-david@redhat.com>
      Signed-off-by: NHeiko Carstens <hca@linux.ibm.com>
      77649905
  2. 03 7月, 2020 9 次提交
  3. 02 7月, 2020 3 次提交
  4. 29 6月, 2020 18 次提交
    • G
      s390/appldata: use struct_size() helper · 28ccce5f
      Gustavo A. R. Silva 提交于
      Make use of the struct_size() helper instead of an open-coded version
      in order to avoid any potential type mistakes.
      
      This code was detected with the help of Coccinelle and, audited and
      fixed manually.
      Signed-off-by: NGustavo A. R. Silva <gustavoars@kernel.org>
      Message-Id: <20200617212930.GA11728@embeddedor>
      Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
      28ccce5f
    • H
      s390/debug: remove struct __debug_entry from uapi · 6ffb3f6b
      Heiko Carstens 提交于
      There is no interface to userspace which exposes anything that would
      require the struct __debug_entry definition. Therefore remove it from
      uapi. This allows to change the definition, since it is only kernel
      internally used.
      
      The only exception is the crash utility, however that tool must handle
      changes all the time anyway.
      Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
      6ffb3f6b
    • H
      s390/debug: remove raw view · ecb1ff68
      Heiko Carstens 提交于
      There is not a single user of the debug raw view. Therefore remove it
      before anybody uses it. If anybody would make use of the view it would
      expose the struct __debug_entry definition to userspace and really
      would make it uapi. This wouldn't be good, since the definition is
      suboptimal and needs to be changed.
      
      Right now the structure definition is only defined to be uapi, however
      there is no user.
      Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
      ecb1ff68
    • S
    • S
    • A
      s390/zcore: remove memmap device · b39e7724
      Alexander Egorenkov 提交于
      Remove unused /sys/kernel/debug/zcore/memmap device.
      Since at least version 1.24.0 of s390-tools zfcpdump no longer
      needs it and reads /proc/vmcore instead.
      Signed-off-by: NAlexander Egorenkov <egorenar@linux.ibm.com>
      Reviewed-by: NPhilipp Rudo <prudo@linux.ibm.com>
      Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
      b39e7724
    • S
      s390: convert to msecs_to_jiffies() · 0188d08a
      Sven Schnelle 提交于
      Instead of using the old 'jiffies + HZ {/,*} something' calculation
      use msecs_to_jiffies() as that makes the code more readable.
      Signed-off-by: NSven Schnelle <svens@linux.ibm.com>
      Reviewed-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
      Signed-off-by: NHeiko Carstens <heiko.carstens@de.ibm.com>
      0188d08a
    • L
      Linux 5.8-rc3 · 9ebcfadb
      Linus Torvalds 提交于
      9ebcfadb
    • L
      Merge tag 'arm-omap-fixes-5.8-1' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · f7db192b
      Linus Torvalds 提交于
      Pull ARM OMAP fixes from Arnd Bergmann:
       "The OMAP developers are particularly active at hunting down
        regressions, so this is a separate branch with OMAP specific
        fixes for v5.8:
      
        As Tony explains
          "The recent display subsystem (DSS) related platform data changes
           caused display related regressions for suspend and resume. Looks
           like I only tested suspend and resume before dropping the legacy
           platform data, and forgot to test it after dropping it. Turns out
           the main issue was that we no longer have platform code calling
           pm_runtime_suspend for DSS like we did for the legacy platform data
           case, and that fix is still being discussed on the dri-devel list
           and will get merged separately. The DSS related testing exposed a
           pile other other display related issues that also need fixing
           though":
      
         - Fix ti-sysc optional clock handling and reset status checks for
           devices that reset automatically in idle like DSS
      
         - Ignore ti-sysc clockactivity bit unless separately requested to
           avoid unexpected performance issues
      
         - Init ti-sysc framedonetv_irq to true and disable for am4
      
         - Avoid duplicate DSS reset for legacy mode with dts data
      
         - Remove LCD timings for am4 as they cause warnings now that we're
           using generic panels
      
        Other OMAP changes from Tony include:
      
         - Fix omap_prm reset deassert as we still have drivers setting the
           pm_runtime_irq_safe() flag
      
         - Flush posted write for ti-sysc enable and disable
      
         - Fix droid4 spi related errors with spi flags
      
         - Fix am335x USB range and a typo for softreset
      
         - Fix dra7 timer nodes for clocks for IPU and DSP
      
         - Drop duplicate mailboxes after mismerge for dra7
      
         - Prevent pocketgeagle header line signal from accidentally setting
           micro-SD write protection signal by removing the default mux
      
         - Fix NFSroot flakeyness after resume for duover by switching the
           smsc911x gpio interrupt to back to level sensitive
      
         - Fix regression for omap4 clockevent source after recent system
           timer changes
      
         - Yet another ethernet regression fix for the "rgmii" vs "rgmii-rxid"
           phy-mode
      
         - One patch to convert am3/am4 DT files to use the regular sdhci-omap
           driver instead of the old hsmmc driver, this was meant for the
           merge window but got lost in the process"
      
      * tag 'arm-omap-fixes-5.8-1' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (21 commits)
        ARM: dts: am5729: beaglebone-ai: fix rgmii phy-mode
        ARM: dts: Fix omap4 system timer source clocks
        ARM: dts: Fix duovero smsc interrupt for suspend
        ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect
        Revert "bus: ti-sysc: Increase max softreset wait"
        ARM: dts: am437x-epos-evm: remove lcd timings
        ARM: dts: am437x-gp-evm: remove lcd timings
        ARM: dts: am437x-sk-evm: remove lcd timings
        ARM: dts: dra7-evm-common: Fix duplicate mailbox nodes
        ARM: dts: dra7: Fix timer nodes properly for timer_sys_ck clocks
        ARM: dts: Fix am33xx.dtsi ti,sysc-mask wrong softreset flag
        ARM: dts: Fix am33xx.dtsi USB ranges length
        bus: ti-sysc: Increase max softreset wait
        ARM: OMAP2+: Fix legacy mode dss_reset
        bus: ti-sysc: Fix uninitialized framedonetv_irq
        bus: ti-sysc: Ignore clockactivity unless specified as a quirk
        bus: ti-sysc: Use optional clocks on for enable and wait for softreset bit
        ARM: dts: omap4-droid4: Fix spi configuration and increase rate
        bus: ti-sysc: Flush posted write on enable and disable
        soc: ti: omap-prm: use atomic iopoll instead of sleeping one
        ...
      f7db192b
    • L
      Merge tag 'arm-fixes-5.8-1' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc · e44b59cd
      Linus Torvalds 提交于
      Pull ARM SoC fixes from Arnd Bergmann:
       "Here are a couple of bug fixes, mostly for devicetree files
      
        NXP i.MX:
         - Use correct voltage on some i.MX8M board device trees to avoid
           hardware damage
         - Code fixes for a compiler warning and incorrect reference counting,
           both harmless.
         - Fix the i.MX8M SoC driver to correctly identify imx8mp
         - Fix watchdog configuration in imx6ul-kontron device tree.
      
        Broadcom:
         - A small regression fix for the Raspberry-Pi firmware driver
         - A Kconfig change to use the correct timer driver on Northstar
         - A DT fix for the Luxul XWC-2000 machine
         - Two more DT fixes for NSP SoCs
      
        STmicroelectronics STI
         - Revert one broken patch for L2 cache configuration
      
        ARM Versatile Express:
         - Fix a regression by reverting a broken DT cleanup
      
        TEE drivers:
         - MAINTAINERS: change tee mailing list"
      
      * tag 'arm-fixes-5.8-1' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc:
        Revert "ARM: sti: Implement dummy L2 cache's write_sec"
        soc: imx8m: fix build warning
        ARM: imx6: add missing put_device() call in imx6q_suspend_init()
        ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram()
        soc: imx8m: Correct i.MX8MP UID fuse offset
        ARM: dts: imx6ul-kontron: Change WDOG_ANY signal from push-pull to open-drain
        ARM: dts: imx6ul-kontron: Move watchdog from Kontron i.MX6UL/ULL board to SoM
        arm64: dts: imx8mm-beacon: Fix voltages on LDO1 and LDO2
        arm64: dts: imx8mn-ddr4-evk: correct ldo1/ldo2 voltage range
        arm64: dts: imx8mm-evk: correct ldo1/ldo2 voltage range
        ARM: dts: NSP: Correct FA2 mailbox node
        ARM: bcm2835: Fix integer overflow in rpi_firmware_print_firmware_revision()
        MAINTAINERS: change tee mailing list
        ARM: dts: NSP: Disable PL330 by default, add dma-coherent property
        ARM: bcm: Select ARM_TIMER_SP804 for ARCH_BCM_NSP
        ARM: dts: BCM5301X: Add missing memory "device_type" for Luxul XWC-2000
        arm: dts: vexpress: Move mcc node back into motherboard node
      e44b59cd
    • L
      Merge tag 'timers-urgent-2020-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 668f532d
      Linus Torvalds 提交于
      Pull timer fix from Ingo Molnar:
       "A single DocBook fix"
      
      * tag 'timers-urgent-2020-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        timekeeping: Fix kerneldoc system_device_crosststamp & al
      668f532d
    • L
      Merge tag 'perf-urgent-2020-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · ae71d4bf
      Linus Torvalds 提交于
      Pull perf fix from Ingo Molnar:
       "A single Kbuild dependency fix"
      
      * tag 'perf-urgent-2020-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        perf/x86/rapl: Fix RAPL config variable bug
      ae71d4bf
    • L
      Merge tag 'efi-urgent-2020-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · bc53f67d
      Linus Torvalds 提交于
      Pull EFI fixes from Ingo Molnar:
      
       - Fix build regression on v4.8 and older
      
       - Robustness fix for TPM log parsing code
      
       - kobject refcount fix for the ESRT parsing code
      
       - Two efivarfs fixes to make it behave more like an ordinary file
         system
      
       - Style fixup for zero length arrays
      
       - Fix a regression in path separator handling in the initrd loader
      
       - Fix a missing prototype warning
      
       - Add some kerneldoc headers for newly introduced stub routines
      
       - Allow support for SSDT overrides via EFI variables to be disabled
      
       - Report CPU mode and MMU state upon entry for 32-bit ARM
      
       - Use the correct stack pointer alignment when entering from mixed mode
      
      * tag 'efi-urgent-2020-06-28' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        efi/libstub: arm: Print CPU boot mode and MMU state at boot
        efi/libstub: arm: Omit arch specific config table matching array on arm64
        efi/x86: Setup stack correctly for efi_pe_entry
        efi: Make it possible to disable efivar_ssdt entirely
        efi/libstub: Descriptions for stub helper functions
        efi/libstub: Fix path separator regression
        efi/libstub: Fix missing-prototype warning for skip_spaces()
        efi: Replace zero-length array and use struct_size() helper
        efivarfs: Don't return -EINTR when rate-limiting reads
        efivarfs: Update inode modification time for successful writes
        efi/esrt: Fix reference count leak in esre_create_sysfs_entry.
        efi/tpm: Verify event log header before parsing
        efi/x86: Fix build with gcc 4
      bc53f67d
    • L
      Merge tag 'sched_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 91a9a90d
      Linus Torvalds 提交于
      Pull scheduler fixes from Borislav Petkov:
       "The most anticipated fix in this pull request is probably the horrible
        build fix for the RANDSTRUCT fail that didn't make -rc2. Also included
        is the cleanup that removes those BUILD_BUG_ON()s and replaces it with
        ugly unions.
      
        Also included is the try_to_wake_up() race fix that was first
        triggered by Paul's RCU-torture runs, but was independently hit by
        Dave Chinner's fstest runs as well"
      
      * tag 'sched_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        sched/cfs: change initial value of runnable_avg
        smp, irq_work: Continue smp_call_function*() and irq_work*() integration
        sched/core: s/WF_ON_RQ/WQ_ON_CPU/
        sched/core: Fix ttwu() race
        sched/core: Fix PI boosting between RT and DEADLINE tasks
        sched/deadline: Initialize ->dl_boosted
        sched/core: Check cpus_mask, not cpus_ptr in __set_cpus_allowed_ptr(), to fix mask corruption
        sched/core: Fix CONFIG_GCC_PLUGIN_RANDSTRUCT build fail
      91a9a90d
    • L
      Merge tag 'x86_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 098c7938
      Linus Torvalds 提交于
      Pull x86 fixes from Borislav Petkov:
      
       - AMD Memory bandwidth counter width fix, by Babu Moger.
      
       - Use the proper length type in the 32-bit truncate() syscall variant,
         by Jiri Slaby.
      
       - Reinit IA32_FEAT_CTL during wakeup to fix the case where after
         resume, VMXON would #GP due to VMX not being properly enabled, by
         Sean Christopherson.
      
       - Fix a static checker warning in the resctrl code, by Dan Carpenter.
      
       - Add a CR4 pinning mask for bits which cannot change after boot, by
         Kees Cook.
      
       - Align the start of the loop of __clear_user() to 16 bytes, to improve
         performance on AMD zen1 and zen2 microarchitectures, by Matt Fleming.
      
      * tag 'x86_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/asm/64: Align start of __clear_user() loop to 16-bytes
        x86/cpu: Use pinning mask for CR4 bits needing to be 0
        x86/resctrl: Fix a NULL vs IS_ERR() static checker warning in rdt_cdp_peer_get()
        x86/cpu: Reinitialize IA32_FEAT_CTL MSR on BSP during wakeup
        syscalls: Fix offset type of ksys_ftruncate()
        x86/resctrl: Fix memory bandwidth counter width for AMD
      098c7938
    • L
      Merge tag 'rcu_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · c141b30e
      Linus Torvalds 提交于
      Pull RCU-vs-KCSAN fixes from Borislav Petkov:
       "A single commit that uses "arch_" atomic operations to avoid the
        instrumentation that comes with the non-"arch_" versions.
      
        In preparation for that commit, it also has another commit that makes
        these "arch_" atomic operations available to generic code.
      
        Without these commits, KCSAN uses can see pointless errors"
      
      * tag 'rcu_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        rcu: Fixup noinstr warnings
        locking/atomics: Provide the arch_atomic_ interface to generic code
      c141b30e
    • L
      Merge tag 'objtool_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 7ecb59a5
      Linus Torvalds 提交于
      Pull objtool fixes from Borislav Petkov:
       "Three fixes from Peter Zijlstra suppressing KCOV instrumentation in
        noinstr sections.
      
        Peter Zijlstra says:
          "Address KCOV vs noinstr. There is no function attribute to
           selectively suppress KCOV instrumentation, instead teach objtool
           to NOP out the calls in noinstr functions"
      
        This cures a bunch of KCOV crashes (as used by syzcaller)"
      
      * tag 'objtool_urgent_for_5.8_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        objtool: Fix noinstr vs KCOV
        objtool: Provide elf_write_{insn,reloc}()
        objtool: Clean up elf_write() condition
      7ecb59a5
    • L
      Merge tag 'x86_entry_for_5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · a358505d
      Linus Torvalds 提交于
      Pull x86 entry fixes from Borislav Petkov:
       "This is the x86/entry urgent pile which has accumulated since the
        merge window.
      
        It is not the smallest but considering the almost complete entry core
        rewrite, the amount of fixes to follow is somewhat higher than usual,
        which is to be expected.
      
        Peter Zijlstra says:
         'These patches address a number of instrumentation issues that were
          found after the x86/entry overhaul. When combined with rcu/urgent
          and objtool/urgent, these patches make UBSAN/KASAN/KCSAN happy
          again.
      
          Part of making this all work is bumping the minimum GCC version for
          KASAN builds to gcc-8.3, the reason for this is that the
          __no_sanitize_address function attribute is broken in GCC releases
          before that.
      
          No known GCC version has a working __no_sanitize_undefined, however
          because the only noinstr violation that results from this happens
          when an UB is found, we treat it like WARN. That is, we allow it to
          violate the noinstr rules in order to get the warning out'"
      
      * tag 'x86_entry_for_5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/entry: Fix #UD vs WARN more
        x86/entry: Increase entry_stack size to a full page
        x86/entry: Fixup bad_iret vs noinstr
        objtool: Don't consider vmlinux a C-file
        kasan: Fix required compiler version
        compiler_attributes.h: Support no_sanitize_undefined check with GCC 4
        x86/entry, bug: Comment the instrumentation_begin() usage for WARN()
        x86/entry, ubsan, objtool: Whitelist __ubsan_handle_*()
        x86/entry, cpumask: Provide non-instrumented variant of cpu_is_offline()
        compiler_types.h: Add __no_sanitize_{address,undefined} to noinstr
        kasan: Bump required compiler version
        x86, kcsan: Add __no_kcsan to noinstr
        kcsan: Remove __no_kcsan_or_inline
        x86, kcsan: Remove __no_kcsan_or_inline usage
      a358505d
  5. 28 6月, 2020 6 次提交
    • V
      sched/cfs: change initial value of runnable_avg · e21cf434
      Vincent Guittot 提交于
      Some performance regression on reaim benchmark have been raised with
        commit 070f5e86 ("sched/fair: Take into account runnable_avg to classify group")
      
      The problem comes from the init value of runnable_avg which is initialized
      with max value. This can be a problem if the newly forked task is finally
      a short task because the group of CPUs is wrongly set to overloaded and
      tasks are pulled less agressively.
      
      Set initial value of runnable_avg equals to util_avg to reflect that there
      is no waiting time so far.
      
      Fixes: 070f5e86 ("sched/fair: Take into account runnable_avg to classify group")
      Reported-by: Nkernel test robot <rong.a.chen@intel.com>
      Signed-off-by: NVincent Guittot <vincent.guittot@linaro.org>
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Link: https://lkml.kernel.org/r/20200624154422.29166-1-vincent.guittot@linaro.org
      e21cf434
    • P
      smp, irq_work: Continue smp_call_function*() and irq_work*() integration · 8c4890d1
      Peter Zijlstra 提交于
      Instead of relying on BUG_ON() to ensure the various data structures
      line up, use a bunch of horrible unions to make it all automatic.
      
      Much of the union magic is to ensure irq_work and smp_call_function do
      not (yet) see the members of their respective data structures change
      name.
      Suggested-by: NLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      Reviewed-by: NFrederic Weisbecker <frederic@kernel.org>
      Link: https://lkml.kernel.org/r/20200622100825.844455025@infradead.org
      8c4890d1
    • P
      sched/core: s/WF_ON_RQ/WQ_ON_CPU/ · 739f70b4
      Peter Zijlstra 提交于
      Use a better name for this poorly named flag, to avoid confusion...
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      Acked-by: NMel Gorman <mgorman@suse.de>
      Link: https://lkml.kernel.org/r/20200622100825.785115830@infradead.org
      739f70b4
    • P
      sched/core: Fix ttwu() race · b6e13e85
      Peter Zijlstra 提交于
      Paul reported rcutorture occasionally hitting a NULL deref:
      
        sched_ttwu_pending()
          ttwu_do_wakeup()
            check_preempt_curr() := check_preempt_wakeup()
              find_matching_se()
                is_same_group()
                  if (se->cfs_rq == pse->cfs_rq) <-- *BOOM*
      
      Debugging showed that this only appears to happen when we take the new
      code-path from commit:
      
        2ebb1771 ("sched/core: Offload wakee task activation if it the wakee is descheduling")
      
      and only when @cpu == smp_processor_id(). Something which should not
      be possible, because p->on_cpu can only be true for remote tasks.
      Similarly, without the new code-path from commit:
      
        c6e7bd7a ("sched/core: Optimize ttwu() spinning on p->on_cpu")
      
      this would've unconditionally hit:
      
        smp_cond_load_acquire(&p->on_cpu, !VAL);
      
      and if: 'cpu == smp_processor_id() && p->on_cpu' is possible, this
      would result in an instant live-lock (with IRQs disabled), something
      that hasn't been reported.
      
      The NULL deref can be explained however if the task_cpu(p) load at the
      beginning of try_to_wake_up() returns an old value, and this old value
      happens to be smp_processor_id(). Further assume that the p->on_cpu
      load accurately returns 1, it really is still running, just not here.
      
      Then, when we enqueue the task locally, we can crash in exactly the
      observed manner because p->se.cfs_rq != rq->cfs_rq, because p's cfs_rq
      is from the wrong CPU, therefore we'll iterate into the non-existant
      parents and NULL deref.
      
      The closest semi-plausible scenario I've managed to contrive is
      somewhat elaborate (then again, actual reproduction takes many CPU
      hours of rcutorture, so it can't be anything obvious):
      
      					X->cpu = 1
      					rq(1)->curr = X
      
      	CPU0				CPU1				CPU2
      
      					// switch away from X
      					LOCK rq(1)->lock
      					smp_mb__after_spinlock
      					dequeue_task(X)
      					  X->on_rq = 9
      					switch_to(Z)
      					  X->on_cpu = 0
      					UNLOCK rq(1)->lock
      
      									// migrate X to cpu 0
      									LOCK rq(1)->lock
      									dequeue_task(X)
      									set_task_cpu(X, 0)
      									  X->cpu = 0
      									UNLOCK rq(1)->lock
      
      									LOCK rq(0)->lock
      									enqueue_task(X)
      									  X->on_rq = 1
      									UNLOCK rq(0)->lock
      
      	// switch to X
      	LOCK rq(0)->lock
      	smp_mb__after_spinlock
      	switch_to(X)
      	  X->on_cpu = 1
      	UNLOCK rq(0)->lock
      
      	// X goes sleep
      	X->state = TASK_UNINTERRUPTIBLE
      	smp_mb();			// wake X
      					ttwu()
      					  LOCK X->pi_lock
      					  smp_mb__after_spinlock
      
      					  if (p->state)
      
      					  cpu = X->cpu; // =? 1
      
      					  smp_rmb()
      
      	// X calls schedule()
      	LOCK rq(0)->lock
      	smp_mb__after_spinlock
      	dequeue_task(X)
      	  X->on_rq = 0
      
      					  if (p->on_rq)
      
      					  smp_rmb();
      
      					  if (p->on_cpu && ttwu_queue_wakelist(..)) [*]
      
      					  smp_cond_load_acquire(&p->on_cpu, !VAL)
      
      					  cpu = select_task_rq(X, X->wake_cpu, ...)
      					  if (X->cpu != cpu)
      	switch_to(Y)
      	  X->on_cpu = 0
      	UNLOCK rq(0)->lock
      
      However I'm having trouble convincing myself that's actually possible
      on x86_64 -- after all, every LOCK implies an smp_mb() there, so if ttwu
      observes ->state != RUNNING, it must also observe ->cpu != 1.
      
      (Most of the previous ttwu() races were found on very large PowerPC)
      
      Nevertheless, this fully explains the observed failure case.
      
      Fix it by ordering the task_cpu(p) load after the p->on_cpu load,
      which is easy since nothing actually uses @cpu before this.
      
      Fixes: c6e7bd7a ("sched/core: Optimize ttwu() spinning on p->on_cpu")
      Reported-by: NPaul E. McKenney <paulmck@kernel.org>
      Tested-by: NPaul E. McKenney <paulmck@kernel.org>
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      Link: https://lkml.kernel.org/r/20200622125649.GC576871@hirez.programming.kicks-ass.net
      b6e13e85
    • J
      sched/core: Fix PI boosting between RT and DEADLINE tasks · 740797ce
      Juri Lelli 提交于
      syzbot reported the following warning:
      
       WARNING: CPU: 1 PID: 6351 at kernel/sched/deadline.c:628
       enqueue_task_dl+0x22da/0x38a0 kernel/sched/deadline.c:1504
      
      At deadline.c:628 we have:
      
       623 static inline void setup_new_dl_entity(struct sched_dl_entity *dl_se)
       624 {
       625 	struct dl_rq *dl_rq = dl_rq_of_se(dl_se);
       626 	struct rq *rq = rq_of_dl_rq(dl_rq);
       627
       628 	WARN_ON(dl_se->dl_boosted);
       629 	WARN_ON(dl_time_before(rq_clock(rq), dl_se->deadline));
              [...]
           }
      
      Which means that setup_new_dl_entity() has been called on a task
      currently boosted. This shouldn't happen though, as setup_new_dl_entity()
      is only called when the 'dynamic' deadline of the new entity
      is in the past w.r.t. rq_clock and boosted tasks shouldn't verify this
      condition.
      
      Digging through the PI code I noticed that what above might in fact happen
      if an RT tasks blocks on an rt_mutex hold by a DEADLINE task. In the
      first branch of boosting conditions we check only if a pi_task 'dynamic'
      deadline is earlier than mutex holder's and in this case we set mutex
      holder to be dl_boosted. However, since RT 'dynamic' deadlines are only
      initialized if such tasks get boosted at some point (or if they become
      DEADLINE of course), in general RT 'dynamic' deadlines are usually equal
      to 0 and this verifies the aforementioned condition.
      
      Fix it by checking that the potential donor task is actually (even if
      temporary because in turn boosted) running at DEADLINE priority before
      using its 'dynamic' deadline value.
      
      Fixes: 2d3d891d ("sched/deadline: Add SCHED_DEADLINE inheritance logic")
      Reported-by: syzbot+119ba87189432ead09b4@syzkaller.appspotmail.com
      Signed-off-by: NJuri Lelli <juri.lelli@redhat.com>
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      Reviewed-by: NDaniel Bristot de Oliveira <bristot@redhat.com>
      Tested-by: NDaniel Wagner <dwagner@suse.de>
      Link: https://lkml.kernel.org/r/20181119153201.GB2119@localhost.localdomain
      740797ce
    • J
      sched/deadline: Initialize ->dl_boosted · ce9bc3b2
      Juri Lelli 提交于
      syzbot reported the following warning triggered via SYSC_sched_setattr():
      
        WARNING: CPU: 0 PID: 6973 at kernel/sched/deadline.c:593 setup_new_dl_entity /kernel/sched/deadline.c:594 [inline]
        WARNING: CPU: 0 PID: 6973 at kernel/sched/deadline.c:593 enqueue_dl_entity /kernel/sched/deadline.c:1370 [inline]
        WARNING: CPU: 0 PID: 6973 at kernel/sched/deadline.c:593 enqueue_task_dl+0x1c17/0x2ba0 /kernel/sched/deadline.c:1441
      
      This happens because the ->dl_boosted flag is currently not initialized by
      __dl_clear_params() (unlike the other flags) and setup_new_dl_entity()
      rightfully complains about it.
      
      Initialize dl_boosted to 0.
      
      Fixes: 2d3d891d ("sched/deadline: Add SCHED_DEADLINE inheritance logic")
      Reported-by: syzbot+5ac8bac25f95e8b221e7@syzkaller.appspotmail.com
      Signed-off-by: NJuri Lelli <juri.lelli@redhat.com>
      Signed-off-by: NPeter Zijlstra (Intel) <peterz@infradead.org>
      Signed-off-by: NIngo Molnar <mingo@kernel.org>
      Tested-by: NDaniel Wagner <dwagner@suse.de>
      Link: https://lkml.kernel.org/r/20200617072919.818409-1-juri.lelli@redhat.com
      ce9bc3b2