1. 22 10月, 2015 11 次提交
    • K
      NFSv4.1/pnfs: Retry through MDS when getting bad length of data · f8417b48
      Kinglong Mee 提交于
      If non rpc-based layout driver return bad length of data, nfs retries
      by calling rpc_restart_call_prepare() that cause an NULL reference panic.
      
      This patch lets nfs retry through MDS for non rpc-based layout driver
      return bad length of data.
      
      [13034.883329] BUG: unable to handle kernel NULL pointer dereference at           (null)
      [13034.884902] IP: [<ffffffffa00db372>] rpc_restart_call_prepare+0x62/0x90 [sunrpc]
      [13034.886558] PGD 0
      [13034.888126] Oops: 0000 [#1] KASAN
      [13034.889710] Modules linked in: blocklayoutdriver(OE) nfsv4(OE) nfs(OE) fscache(E) nfsd(OE) xfs libcrc32c coretemp btrfs crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel ppdev vmw_balloon auth_rpcgss shpchp nfs_acl lockd vmw_vmci parport_pc xor raid6_pq grace parport sunrpc i2c_piix4 vmwgfx drm_kms_helper ttm drm mptspi e1000 serio_raw scsi_transport_spi mptscsih mptbase ata_generic pata_acpi [last unloaded: fscache]
      [13034.898260] CPU: 0 PID: 10112 Comm: kworker/0:1 Tainted: G           OE   4.3.0-rc5+ #279
      [13034.899932] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 07/02/2015
      [13034.903342] Workqueue: events bl_read_cleanup [blocklayoutdriver]
      [13034.905059] task: ffff88006a9148c0 ti: ffff880035e90000 task.ti: ffff880035e90000
      [13034.906827] RIP: 0010:[<ffffffffa00db372>]  [<ffffffffa00db372>] rpc_restart_call_prepare+0x62/0x90 [sunrpc]
      [13034.910522] RSP: 0018:ffff880035e97b58  EFLAGS: 00010282
      [13034.912378] RAX: fffffbfff04a5a94 RBX: ffff880068fe4858 RCX: 0000000000000003
      [13034.914339] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: 0000000000000282
      [13034.916236] RBP: ffff880035e97b68 R08: 0000000000000001 R09: 0000000000000001
      [13034.918229] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
      [13034.920007] R13: ffff880068fe4858 R14: ffff880068fe4a60 R15: 0000000000001000
      [13034.921845] FS:  0000000000000000(0000) GS:ffffffff82247000(0000) knlGS:0000000000000000
      [13034.923645] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      [13034.925525] CR2: 0000000000000000 CR3: 00000000063dd000 CR4: 00000000001406f0
      [13034.932808] Stack:
      [13034.934813]  ffff880068fe4780 0000000000001000 ffff880035e97ba8 ffffffffa08800d2
      [13034.936675]  ffffffffa088029d ffff880068fe4780 ffff880068fe4858 ffffffffa089c0a0
      [13034.938593]  ffff880068fe47e0 ffff88005d59faf0 ffff880035e97be0 ffffffffa087e08f
      [13034.940454] Call Trace:
      [13034.942388]  [<ffffffffa08800d2>] nfs_readpage_result+0x112/0x200 [nfs]
      [13034.944317]  [<ffffffffa088029d>] ? nfs_readpage_done+0xdd/0x160 [nfs]
      [13034.946267]  [<ffffffffa087e08f>] nfs_pgio_result+0x9f/0x120 [nfs]
      [13034.948166]  [<ffffffffa09266cc>] pnfs_ld_read_done+0x7c/0x1e0 [nfsv4]
      [13034.950247]  [<ffffffffa03b07ee>] bl_read_cleanup+0x2e/0x60 [blocklayoutdriver]
      [13034.952156]  [<ffffffff810ebf62>] process_one_work+0x412/0x870
      [13034.954102]  [<ffffffff810ebe84>] ? process_one_work+0x334/0x870
      [13034.955949]  [<ffffffff810ebb50>] ? queue_delayed_work_on+0x40/0x40
      [13034.957985]  [<ffffffff810ec441>] worker_thread+0x81/0x6a0
      [13034.959817]  [<ffffffff810ec3c0>] ? process_one_work+0x870/0x870
      [13034.961785]  [<ffffffff810f43bd>] kthread+0x17d/0x1a0
      [13034.963544]  [<ffffffff810f4240>] ? kthread_create_on_node+0x330/0x330
      [13034.965479]  [<ffffffff81100428>] ? finish_task_switch+0x88/0x220
      [13034.967223]  [<ffffffff810f4240>] ? kthread_create_on_node+0x330/0x330
      [13034.968929]  [<ffffffff81b6ae5f>] ret_from_fork+0x3f/0x70
      [13034.970534]  [<ffffffff810f4240>] ? kthread_create_on_node+0x330/0x330
      [13034.972176] Code: c7 43 50 40 84 0d a0 e8 3d fe 1c e1 48 8d 7b 58 c7 83 e4 00 00 00 00 00 00 00 e8 ca fe 1c e1 4c 8b 63 58 4c 89 e7 e8 be fe 1c e1 <49> 83 3c 24 00 74 12 48 c7 43 50 f0 a2 0e a0 b8 01 00 00 00 5b
      [13034.977148] RIP  [<ffffffffa00db372>] rpc_restart_call_prepare+0x62/0x90 [sunrpc]
      [13034.978780]  RSP <ffff880035e97b58>
      [13034.980399] CR2: 0000000000000000
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      f8417b48
    • K
      nfs/blocklayout: Fix bad using of page offset in bl_read_pagelist · 15ae2c7b
      Kinglong Mee 提交于
      Blocklayout uses file offset for the read-back page's offset of first writing,
      it's definitely wrong, it writes data to bad address of page that cause userspace
      application segment fault. It must be the page base stored in header->args.pgbase.
      
      Also, the pg_offset has no influence with isect and extent length.
      
      Note: The offset of the non-first page is always zero.
      
      Ps: A test program will segment fault at read() as,
      #define _GNU_SOURCE
      
      #include <stdio.h>
      #include <stdlib.h>
      #include <sys/types.h>
      #include <sys/stat.h>
      #include <unistd.h>
      #include <fcntl.h>
      #include <errno.h>
      
      int main(int argc, char **argv)
      {
              char buf[2049];
              char *filename = NULL;
              int fd = -1;
      
              if (argc < 2) {
                      printf("Usage: %s filename\n", argv[0]);
                      return 0;
              }
      
              filename = argv[1];
              fd = open(filename, O_RDONLY | O_DIRECT);
              if (fd < 0) {
                      printf("Open %s fail: %m\n", filename);
                      return 1;
              }
      
              lseek(fd, 2048, SEEK_SET);
              if (read(fd, buf, sizeof(buf) - 1) != (sizeof(buf) - 1))
                      printf("Read 4096 bityes data from %s fail: %m\n", filename);
      out:
              close(fd);
              return 0;
      }
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      15ae2c7b
    • K
      NFS: Return directly if encode_sessionid fail · e0a63c0b
      Kinglong Mee 提交于
      encode_sessionid() may return error, nfs needs process the return value.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      e0a63c0b
    • K
      NFS: Fix bad checking of max taglen in callback request · 403889c0
      Kinglong Mee 提交于
      The taglen should be checked with CB_OP_TAGLEN_MAXSZ directly.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      403889c0
    • K
      NFS: Fix bad defines of callback response maxsize · 45724e8a
      Kinglong Mee 提交于
      As CB_OP_TAGLEN_MAXSZ, all XXX_MAXSZ should be defined as bit.
      Each operation should not cantains CB_OP_TAGLEN_MAXSZ.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      45724e8a
    • K
      NFS: Use NFS4_MAX_SESSIONID_LEN directly for decode/encode sessionid · 590184a6
      Kinglong Mee 提交于
      It's no need to define a temporary variables for NFS4_MAX_SESSIONID_LEN.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      590184a6
    • K
      NFS: Remove unneeded NFS_DEBUG checking before define NFSDBG_FACILITY · 39de493e
      Kinglong Mee 提交于
      It's not needed to checking NFS_DEBUG before define NFSDBG_FACILITY, remove it.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      39de493e
    • K
      NFS: Remove the left function defines in callback.h · f765bf76
      Kinglong Mee 提交于
      Commit 778be232 "NFS do not find client in NFSv4 pg_authenticate" has remove
      the define and using of nfs4_set_callback_sessionid(), and
      commit 36281caa "NFSv4: Further clean-ups of delegation stateid validation"
      has update the checking of stateid, and move the code to nfs4proc.c.
      
      This patch remove those function defines left in callback.h
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      f765bf76
    • K
      NFS: Remove the left global variable nfs_callback_tcpport · 8c163d8e
      Kinglong Mee 提交于
      Commit bbe0a3aa "NFS: make nfs_callback_tcpport per network context" has
      make nfs_callback_tcpport per network, but left the global nfs_callback_tcpport,
      remove it.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      8c163d8e
    • K
      NFS: Get rid of the unneeded addr stored in callback arguments · d4e2ce09
      Kinglong Mee 提交于
      Commit c36fca52 "NFS refactor nfs_find_client and reference client
      across callback processing" has store clp in cb_process_state
      which is set in cb_sequence.
      
      So that, it's unneeded to store address pointer in any callback arguments.
      Signed-off-by: NKinglong Mee <kinglongmee@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      d4e2ce09
    • L
      nfsroot: make nfsroot to accept the 1024 bytes long directory name · c6466193
      Li RongQing 提交于
      although NFS_MAXPATHLEN is defined to 1024, nfs client hopes to accept
      a 1024 byte path, but nfs_root_parms is limited to 256, and the nfs path
      will truncated when a user inputs nfs path from kernel cmdline
      
      enlarge nfs_root_parms to 1024, to make it accept the 1024 bytes long
      directory name, since nfs_root_parms is defined as _initdata, it will
      be released after system bootup
      Signed-off-by: NLi RongQing <roy.qing.li@gmail.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      c6466193
  2. 08 10月, 2015 2 次提交
    • L
      Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux · c6fa8e6d
      Linus Torvalds 提交于
      Pull arm64 fixes from Will Deacon:
       "This addresses a couple of issues found with RT, a broken initrd
        message in the console log and a simple performance fix for some MMC
        workloads.
      
        Summary:
      
         - A couple of locking fixes for RT kernels
         - Avoid printing bogus initrd warnings when initrd isn't present
         - Performance fix for random mmap file readahead
         - Typo fix"
      
      * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:
        arm64: replace read_lock to rcu lock in call_break_hook
        arm64: Don't relocate non-existent initrd
        arm64: convert patch_lock to raw lock
        arm64: readahead: fault retry breaks mmap file read random detection
        arm64: debug: Fix typo in debug-monitors.c
      c6fa8e6d
    • L
      Merge tag 'fbdev-fixes-4.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux · e82fa92e
      Linus Torvalds 提交于
      Pull fbdev fixes from Tomi Valkeinen:
      
       - fbdev: Minor fixes to broadsheetfb, fsl-diu-fb, mb862xxfb, tridentfb,
         omapfb
      
       - display-timing: Fix memory leak in error path
      
      * tag 'fbdev-fixes-4.3' of git://git.kernel.org/pub/scm/linux/kernel/git/tomba/linux:
        video: of: fix memory leak
        fbdev: broadsheetfb: fix memory leak
        OMAPDSS: panel-sony-acx565akm: Export OF module alias information
        fbdev: omap2: connector-dvi: use of_get_i2c_adapter_by_node interface
        tridentfb: Fix set_lwidth on TGUI9440 and CYBER9320
        tridentfb: fix hang on Blade3D with CONFIG_CC_OPTIMIZE_FOR_SIZE
        video: fbdev: mb862xx: Fix module autoload for OF platform driver
        video: fbdev: fsl: Fix the sleep function for FSL DIU module
      e82fa92e
  3. 07 10月, 2015 15 次提交
    • L
      Merge tag 'regmap-fix-v4.3-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap · 8ace60f8
      Linus Torvalds 提交于
      Pull regmap fixes from Mark Brown:
       "A couple of fixes for the debugfs information on the register map,
        fixing issues with very small reads potentially causing underflows and
        wraparounds"
      
      * tag 'regmap-fix-v4.3-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap:
        regmap: debugfs: Don't bother actually printing when calculating max length
        regmap: debugfs: Ensure we don't underflow when printing access masks
      8ace60f8
    • L
      Merge tag 'spi-fix-v4.3-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi · 07443cec
      Linus Torvalds 提交于
      Pull spi fixes from Mark Brown:
       "A couple of very minor fixes, one for error handling in the Davinci
        driver probe function and another making the Renesas sh-msiof DT
        binding documentation correspond to what's actually implemented"
      
      * tag 'spi-fix-v4.3-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi:
        spi: sh-msiof: Match renesas,rx-fifo-size in DT bindings doc with driver
        spi: davinci: fix handling platform_get_irq result
      07443cec
    • L
      Merge tag 'regulator-fix-v4.3-rc4' of... · 21f3c961
      Linus Torvalds 提交于
      Merge tag 'regulator-fix-v4.3-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator
      
      Pull regulator fixes from Mark Brown:
       "Two fixes here, one device specific fix for axp20x and a core fix for
         cases where one regulator is supplying another which broke probe
        deferral, substituting in a dummy regulator too aggressively"
      
      * tag 'regulator-fix-v4.3-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:
        regulator: core: Handle probe deferral from DT when resolving supplies
        regulator: axp20x: Fix enable bit indexes for DCDC4 and DCDC5
      21f3c961
    • S
      video: of: fix memory leak · d663baba
      Sudip Mukherjee 提交于
      If of_parse_display_timing() fails we are printing an error message and
      jumping to the error path but we missed freeing "dt".
      Signed-off-by: NSudip Mukherjee <sudip@vectorindia.org>
      Signed-off-by: NTomi Valkeinen <tomi.valkeinen@ti.com>
      d663baba
    • M
    • L
      Merge branch 'strscpy' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile · 79c7c7ac
      Linus Torvalds 提交于
      Pull strscpy fixes from Chris Metcalf :
       "This patch series fixes up a couple of architecture issues where
        strscpy wasn't configured correctly (missing on h8300, duplicating
        local and asm-generic copies on powerpc and tile).
      
        It also adds a use of zero_bytemask() to the final store for strscpy
        to avoid writing uninitialized data to the destination.  However, to
        make this work we had to add support for zero_bytemask() to the two
        architectures that didn't have it (alpha and tile), because they were
        providing their own local copies, but didn't provide the
        zero_bytemask() that was previously only required when building with
        CONFIG_DCACHE_WORD_ACCESS"
      
      [ Side note: there is still no actual users of strscpy except for the
        one preexisting use in arch/tile that predates the generic version.
        So this is all about fixing the infrastructure so that we eventually
        can start using it.  - Linus ]
      
      * 'strscpy' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
        strscpy: zero any trailing garbage bytes in the destination
        word-at-a-time.h: support zero_bytemask() on alpha and tile
        word-at-a-time.h: fix some Kbuild files
      79c7c7ac
    • L
      Merge tag 'for-linus-20151006' of git://git.infradead.org/linux-mtd · 3f5e4a31
      Linus Torvalds 提交于
      Pull MTD fixes from Brian Norris:
       "A few MTD fixes:
      
         - mxc_nand: a "refactoring only" change in 4.3-rc1 had some bad
           pointer (array) arithmetic.  Fix that
      
         - sunxi_nand:
      
         - Fix an old list manipulation / memory management bug in the device
           release() code path
      
         - Correct a few mistakes in OOB write support"
      
      * tag 'for-linus-20151006' of git://git.infradead.org/linux-mtd:
        mxc_nand: fix copy_spare
        mtd: nand: sunxi: fix sunxi_nand_chips_cleanup()
        mtd: nand: sunxi: fix OOB handling in ->write_xxx() functions
      3f5e4a31
    • L
      Merge tag 'nfs-for-4.3-3' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · a0eeb8dd
      Linus Torvalds 提交于
      Pull NFS client bugfixes from Trond Myklebust:
       "Highlights include:
      
        Bugfixes:
         - Fix a use-after-free bug in the RPC/RDMA client
         - Fix a write performance regression
         - Fix up page writeback accounting
         - Don't try to reclaim unused state owners
         - Fix a NFSv4 nograce recovery hang
         - reset states to use open_stateid when returning delegation
           voluntarily
         - Fix a tracepoint NULL-pointer dereference"
      
      * tag 'nfs-for-4.3-3' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        NFS: Fix a tracepoint NULL-pointer dereference
        nfs4: reset states to use open_stateid when returning delegation voluntarily
        NFSv4: Fix a nograce recovery hang
        NFSv4.1: nfs4_opendata_check_deleg needs to handle NFS4_OPEN_CLAIM_DELEG_CUR_FH
        NFSv4: Don't try to reclaim unused state owners
        NFS: Fix a write performance regression
        NFS: Fix up page writeback accounting
        xprtrdma: disconnect and flush cqs before freeing buffers
      a0eeb8dd
    • L
      Revert "fs: do not prefault sys_write() user buffer pages" · 00a3d660
      Linus Torvalds 提交于
      This reverts commit 998ef75d.
      
      The commit itself does not appear to be buggy per se, but it is exposing
      a bug in ext4 (and Ted thinks ext3 too, but we solved that by getting
      rid of it).  It's too late in the release cycle to really worry about
      this, even if Dave Hansen has a patch that may actually fix the
      underlying ext4 problem.  We can (and should) revisit this for the next
      release.
      
      The problem is that moving the prefaulting later now exposes a special
      case with partially successful writes that isn't handled correctly.  And
      the prefaulting likely isn't normally even that much of a performance
      issue - it looks like at least one reason Dave saw this in his
      performance tests is that he also ran them on Skylake that now supports
      the new SMAP code, which makes the normally very cheap user space
      prefaulting noticeably more expensive.
      Bisected-and-acked-by: NTed Ts'o <tytso@mit.edu>
      Analyzed-and-acked-by: NDave Hansen <dave.hansen@linux.intel.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      00a3d660
    • A
      NFS: Fix a tracepoint NULL-pointer dereference · 39d0d3bd
      Anna Schumaker 提交于
      Running xfstest generic/013 with the tracepoint nfs:nfs4_open_file
      enabled produces a NULL-pointer dereference when calculating fileid and
      filehandle of the opened file.  Fix this by checking if state is NULL
      before trying to use the inode pointer.
      Reported-by: NOlga Kornievskaia <aglo@umich.edu>
      Signed-off-by: NAnna Schumaker <Anna.Schumaker@Netapp.com>
      Signed-off-by: NTrond Myklebust <trond.myklebust@primarydata.com>
      39d0d3bd
    • C
      strscpy: zero any trailing garbage bytes in the destination · 990486c8
      Chris Metcalf 提交于
      It's possible that the destination can be shadowed in userspace
      (as, for example, the perf buffers are now).  So we should take
      care not to leak data that could be inspected by userspace.
      Signed-off-by: NChris Metcalf <cmetcalf@ezchip.com>
      990486c8
    • C
      word-at-a-time.h: support zero_bytemask() on alpha and tile · c753bf34
      Chris Metcalf 提交于
      Both alpha and tile needed implementations of zero_bytemask.
      
      The alpha version is untested.
      Signed-off-by: NChris Metcalf <cmetcalf@ezchip.com>
      c753bf34
    • C
      word-at-a-time.h: fix some Kbuild files · 19c22f3a
      Chris Metcalf 提交于
      arch/tile added word-at-a-time.h after the patch that added generic-y
      entries; the generic-y entry is now stale.
      
      arch/h8300 is newer than the generic-y patch for word-at-a-time.h,
      and needs a generic-y entry.
      
      arch/powerpc seems to have gotten a generic-y entry by mistake in
      the first patch; this change removes it.
      Signed-off-by: NChris Metcalf <cmetcalf@ezchip.com>
      19c22f3a
    • Y
      arm64: replace read_lock to rcu lock in call_break_hook · 62c6c61a
      Yang Shi 提交于
      BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:917
      in_atomic(): 0, irqs_disabled(): 128, pid: 342, name: perf
      1 lock held by perf/342:
       #0:  (break_hook_lock){+.+...}, at: [<ffffffc0000851ac>] call_break_hook+0x34/0xd0
      irq event stamp: 62224
      hardirqs last  enabled at (62223): [<ffffffc00010b7bc>] __call_rcu.constprop.59+0x104/0x270
      hardirqs last disabled at (62224): [<ffffffc0000fbe20>] vprintk_emit+0x68/0x640
      softirqs last  enabled at (0): [<ffffffc000097928>] copy_process.part.8+0x428/0x17f8
      softirqs last disabled at (0): [<          (null)>]           (null)
      CPU: 0 PID: 342 Comm: perf Not tainted 4.1.6-rt5 #4
      Hardware name: linux,dummy-virt (DT)
      Call trace:
      [<ffffffc000089968>] dump_backtrace+0x0/0x128
      [<ffffffc000089ab0>] show_stack+0x20/0x30
      [<ffffffc0007030d0>] dump_stack+0x7c/0xa0
      [<ffffffc0000c878c>] ___might_sleep+0x174/0x260
      [<ffffffc000708ac8>] __rt_spin_lock+0x28/0x40
      [<ffffffc000708db0>] rt_read_lock+0x60/0x80
      [<ffffffc0000851a8>] call_break_hook+0x30/0xd0
      [<ffffffc000085a70>] brk_handler+0x30/0x98
      [<ffffffc000082248>] do_debug_exception+0x50/0xb8
      Exception stack(0xffffffc00514fe30 to 0xffffffc00514ff50)
      fe20:                                     00000000 00000000 c1594680 0000007f
      fe40: ffffffff ffffffff 92063940 0000007f 0550dcd8 ffffffc0 00000000 00000000
      fe60: 0514fe70 ffffffc0 000be1f8 ffffffc0 0514feb0 ffffffc0 0008948c ffffffc0
      fe80: 00000004 00000000 0514fed0 ffffffc0 ffffffff ffffffff 9282a948 0000007f
      fea0: 00000000 00000000 9282b708 0000007f c1592820 0000007f 00083914 ffffffc0
      fec0: 00000000 00000000 00000010 00000000 00000064 00000000 00000001 00000000
      fee0: 005101e0 00000000 c1594680 0000007f c1594740 0000007f ffffffd8 ffffff80
      ff00: 00000000 00000000 00000000 00000000 c1594770 0000007f c1594770 0000007f
      ff20: 00665e10 00000000 7f7f7f7f 7f7f7f7f 01010101 01010101 00000000 00000000
      ff40: 928e4cc0 0000007f 91ff11e8 0000007f
      
      call_break_hook is called in atomic context (hard irq disabled), so replace
      the sleepable lock to rcu lock, replace relevant list operations to rcu
      version and call synchronize_rcu() in unregister_break_hook().
      
      And, replace write lock to spinlock in {un}register_break_hook.
      Signed-off-by: NYang Shi <yang.shi@linaro.org>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      62c6c61a
    • M
      arm64: Don't relocate non-existent initrd · 4ca3bc86
      Mark Rutland 提交于
      When booting a kernel without an initrd, the kernel reports that it
      moves -1 bytes worth, having gone through the motions with initrd_start
      equal to initrd_end:
      
          Moving initrd from [4080000000-407fffffff] to [9fff49000-9fff48fff]
      
      Prevent this by bailing out early when the initrd size is zero (i.e. we
      have no initrd), avoiding the confusing message and other associated
      work.
      
      Fixes: 1570f0d7 ("arm64: support initrd outside kernel linear map")
      Cc: Mark Salter <msalter@redhat.com>
      Signed-off-by: NMark Rutland <mark.rutland@arm.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      4ca3bc86
  4. 06 10月, 2015 7 次提交
    • L
      Merge tag 'for-linus-4.3b-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip · f6702681
      Linus Torvalds 提交于
      Pull xen bug fixes from David Vrabel:
      
       - Fix VM save performance regression with x86 PV guests
      
       - Make kexec work in x86 PVHVM guests (if Xen has the soft-reset ABI)
      
       - Other minor fixes.
      
      * tag 'for-linus-4.3b-rc4-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
        x86/xen/p2m: hint at the last populated P2M entry
        x86/xen: Do not clip xen_e820_map to xen_e820_map_entries when sanitizing map
        x86/xen: Support kexec/kdump in HVM guests by doing a soft reset
        xen/x86: Don't try to write syscall-related MSRs for PV guests
        xen: use correct type for HYPERVISOR_memory_op()
      f6702681
    • L
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · 3ec20e2e
      Linus Torvalds 提交于
      Pull s390 fixes from Martin Schwidefsky:
       "Three bug fixes and an update to the default configuration"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/defconfig: set SCSI_DH=y
        s390/vtime: correct scaled cputime of partially idle CPUs
        s390/boot/decompression: disable floating point in decompressor
        s390/numa: use correct type for node_to_cpumask_map
      3ec20e2e
    • L
      Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6 · 3c68319b
      Linus Torvalds 提交于
      Pull CIFS fixes from Steve French:
       "Two fixes for problems pointed out by automated tools.
      
        Thanks PaX/grsecurity team and Dan Carpenter (and the Smatch tool)"
      
      * 'for-next' of git://git.samba.org/sfrench/cifs-2.6:
        [CIFS] Update cifs version number
        [SMB3] Do not fall back to SMBWriteX in set_file_size error cases
        [SMB3] Missing null tcon check
      3c68319b
    • D
      x86/xen/p2m: hint at the last populated P2M entry · 98dd166e
      David Vrabel 提交于
      With commit 633d6f17 (x86/xen: prepare
      p2m list for memory hotplug) the P2M may be sized to accomdate a much
      larger amount of memory than the domain currently has.
      
      When saving a domain, the toolstack must scan all the P2M looking for
      populated pages.  This results in a performance regression due to the
      unnecessary scanning.
      
      Instead of reporting (via shared_info) the maximum possible size of
      the P2M, hint at the last PFN which might be populated.  This hint is
      increased as new leaves are added to the P2M (in the expectation that
      they will be used for populated entries).
      Signed-off-by: NDavid Vrabel <david.vrabel@citrix.com>
      Cc: <stable@vger.kernel.org> # 4.0+
      98dd166e
    • M
    • M
    • Y
      arm64: convert patch_lock to raw lock · abffa6f3
      Yang Shi 提交于
      When running kprobe test on arm64 rt kernel, it reports the below warning:
      
      root@qemu7:~# modprobe kprobe_example
      BUG: sleeping function called from invalid context at kernel/locking/rtmutex.c:917
      in_atomic(): 0, irqs_disabled(): 128, pid: 484, name: modprobe
      CPU: 0 PID: 484 Comm: modprobe Not tainted 4.1.6-rt5 #2
      Hardware name: linux,dummy-virt (DT)
      Call trace:
      [<ffffffc0000891b8>] dump_backtrace+0x0/0x128
      [<ffffffc000089300>] show_stack+0x20/0x30
      [<ffffffc00061dae8>] dump_stack+0x1c/0x28
      [<ffffffc0000bbad0>] ___might_sleep+0x120/0x198
      [<ffffffc0006223e8>] rt_spin_lock+0x28/0x40
      [<ffffffc000622b30>] __aarch64_insn_write+0x28/0x78
      [<ffffffc000622e48>] aarch64_insn_patch_text_nosync+0x18/0x48
      [<ffffffc000622ee8>] aarch64_insn_patch_text_cb+0x70/0xa0
      [<ffffffc000622f40>] aarch64_insn_patch_text_sync+0x28/0x48
      [<ffffffc0006236e0>] arch_arm_kprobe+0x38/0x48
      [<ffffffc00010e6f4>] arm_kprobe+0x34/0x50
      [<ffffffc000110374>] register_kprobe+0x4cc/0x5b8
      [<ffffffbffc002038>] kprobe_init+0x38/0x7c [kprobe_example]
      [<ffffffc000084240>] do_one_initcall+0x90/0x1b0
      [<ffffffc00061c498>] do_init_module+0x6c/0x1cc
      [<ffffffc0000fd0c0>] load_module+0x17f8/0x1db0
      [<ffffffc0000fd8cc>] SyS_finit_module+0xb4/0xc8
      
      Convert patch_lock to raw loc kto avoid this issue.
      
      Although the problem is found on rt kernel, the fix should be applicable to
      mainline kernel too.
      Acked-by: NSteven Rostedt <rostedt@goodmis.org>
      Signed-off-by: NYang Shi <yang.shi@linaro.org>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      abffa6f3
  5. 05 10月, 2015 2 次提交
    • M
      arm64: readahead: fault retry breaks mmap file read random detection · 569ba74a
      Mark Salyzyn 提交于
      This is the arm64 portion of commit 45cac65b ("readahead: fault
      retry breaks mmap file read random detection"), which was absent from
      the initial port and has since gone unnoticed. The original commit says:
      
      > .fault now can retry.  The retry can break state machine of .fault.  In
      > filemap_fault, if page is miss, ra->mmap_miss is increased.  In the second
      > try, since the page is in page cache now, ra->mmap_miss is decreased.  And
      > these are done in one fault, so we can't detect random mmap file access.
      >
      > Add a new flag to indicate .fault is tried once.  In the second try, skip
      > ra->mmap_miss decreasing.  The filemap_fault state machine is ok with it.
      
      With this change, Mark reports that:
      
      > Random read improves by 250%, sequential read improves by 40%, and
      > random write by 400% to an eMMC device with dm crypto wrapped around it.
      
      Cc: Shaohua Li <shli@kernel.org>
      Cc: Rik van Riel <riel@redhat.com>
      Cc: Wu Fengguang <fengguang.wu@intel.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: NMark Salyzyn <salyzyn@android.com>
      Signed-off-by: NRiley Andrews <riandrews@android.com>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      569ba74a
    • Y
      arm64: debug: Fix typo in debug-monitors.c · 95485fdc
      Yang Shi 提交于
      Fix comment typo: s/handers/handlers/
      Signed-off-by: NYang Shi <yang.shi@linaro.org>
      Signed-off-by: NWill Deacon <will.deacon@arm.com>
      95485fdc
  6. 04 10月, 2015 3 次提交
    • L
      Linux 4.3-rc4 · 049e6dde
      Linus Torvalds 提交于
      049e6dde
    • L
      Merge branch 'strscpy' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile · 30c44659
      Linus Torvalds 提交于
      Pull strscpy string copy function implementation from Chris Metcalf.
      
      Chris sent this during the merge window, but I waffled back and forth on
      the pull request, which is why it's going in only now.
      
      The new "strscpy()" function is definitely easier to use and more secure
      than either strncpy() or strlcpy(), both of which are horrible nasty
      interfaces that have serious and irredeemable problems.
      
      strncpy() has a useless return value, and doesn't NUL-terminate an
      overlong result.  To make matters worse, it pads a short result with
      zeroes, which is a performance disaster if you have big buffers.
      
      strlcpy(), by contrast, is a mis-designed "fix" for strlcpy(), lacking
      the insane NUL padding, but having a differently broken return value
      which returns the original length of the source string.  Which means
      that it will read characters past the count from the source buffer, and
      you have to trust the source to be properly terminated.  It also makes
      error handling fragile, since the test for overflow is unnecessarily
      subtle.
      
      strscpy() avoids both these problems, guaranteeing the NUL termination
      (but not excessive padding) if the destination size wasn't zero, and
      making the overflow condition very obvious by returning -E2BIG.  It also
      doesn't read past the size of the source, and can thus be used for
      untrusted source data too.
      
      So why did I waffle about this for so long?
      
      Every time we introduce a new-and-improved interface, people start doing
      these interminable series of trivial conversion patches.
      
      And every time that happens, somebody does some silly mistake, and the
      conversion patch to the improved interface actually makes things worse.
      Because the patch is mindnumbing and trivial, nobody has the attention
      span to look at it carefully, and it's usually done over large swatches
      of source code which means that not every conversion gets tested.
      
      So I'm pulling the strscpy() support because it *is* a better interface.
      But I will refuse to pull mindless conversion patches.  Use this in
      places where it makes sense, but don't do trivial patches to fix things
      that aren't actually known to be broken.
      
      * 'strscpy' of git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile:
        tile: use global strscpy() rather than private copy
        string: provide strscpy()
        Make asm/word-at-a-time.h available on all architectures
      30c44659
    • L
      Merge tag 'md/4.3-fixes' of git://neil.brown.name/md · 15ecf9a9
      Linus Torvalds 提交于
      Pull md fixes from Neil Brown:
       "Assorted fixes for md in 4.3-rc.
      
        Two tagged for -stable, and one is really a cleanup to match and
        improve kmemcache interface.
      
      * tag 'md/4.3-fixes' of git://neil.brown.name/md:
        md/bitmap: don't pass -1 to bitmap_storage_alloc.
        md/raid1: Avoid raid1 resync getting stuck
        md: drop null test before destroy functions
        md: clear CHANGE_PENDING in readonly array
        md/raid0: apply base queue limits *before* disk_stack_limits
        md/raid5: don't index beyond end of array in need_this_block().
        raid5: update analysis state for failed stripe
        md: wait for pending superblock updates before switching to read-only
      15ecf9a9