1. 12 Dec, 2020 27 commits
  2. 11 Dec, 2020 13 commits
    • Linus Torvalds's avatar
      Merge tag 'mtd/fixes-for-5.10-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux · 7f376f19
      Linus Torvalds authored
      Pull mtd fixes from Miquel Raynal:
       "Second series of fixes for raw NAND drivers initiated because of a
        rework of the ECC engine subsystem.
      
        The location of the DT parsing logic got moved, breaking several
        drivers which in fact were not doing the ECC engine initialization at
        the right place.
      
        These drivers have been fixed by enforcing a particular ECC engine
        type and algorithm, software Hamming, while the algorithm may be
        overwritten by a DT property. This merge request fixes this in the
        xway, socrates, plat_nand, pasemi, orion, mpc5121, gpio, au1550 and
        ams-delta controller drivers"
      
      * tag 'mtd/fixes-for-5.10-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/mtd/linux:
        mtd: rawnand: xway: Do not force a particular software ECC engine
        mtd: rawnand: socrates: Do not force a particular software ECC engine
        mtd: rawnand: plat_nand: Do not force a particular software ECC engine
        mtd: rawnand: pasemi: Do not force a particular software ECC engine
        mtd: rawnand: orion: Do not force a particular software ECC engine
        mtd: rawnand: mpc5121: Do not force a particular software ECC engine
        mtd: rawnand: gpio: Do not force a particular software ECC engine
        mtd: rawnand: au1550: Do not force a particular software ECC engine
        mtd: rawnand: ams-delta: Do not force a particular software ECC engine
      7f376f19
    • Linus Torvalds's avatar
      Merge tag 'mmc-v5.10-rc4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc · 1de5d12b
      Linus Torvalds authored
      Pull MMC fixes from Ulf Hansson:
       "A couple of MMC fixes:
      
        MMC core:
         - Fixup condition for CMD13 polling for RPMB requests
      
        MMC host:
         - mtk-sd: Fix system suspend/resume support for CQHCI
         - mtd-sd: Extend SDIO IRQ fix to more variants
         - sdhci-of-arasan: Fix clock registration error for Keem Bay SOC
         - tmio: Bring HW to a sane state after a power off"
      
      * tag 'mmc-v5.10-rc4-2' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
        mmc: mediatek: mark PM functions as __maybe_unused
        mmc: block: Fixup condition for CMD13 polling for RPMB requests
        mmc: tmio: improve bringing HW to a sane state with MMC_POWER_OFF
        mmc: sdhci-of-arasan: Fix clock registration error for Keem Bay SOC
        mmc: mediatek: Extend recheck_sdio_irq fix to more variants
        mmc: mediatek: Fix system suspend/resume support for CQHCI
      1de5d12b
    • Linus Torvalds's avatar
      Merge tag 'zonefs-5.10-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs · 782598ec
      Linus Torvalds authored
      Pull zonefs fix from Damien Le Moal:
       "A single patch in this pull request to fix a BIO and page reference
        leak when writing sequential zone files"
      
      * tag 'zonefs-5.10-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs:
        zonefs: fix page reference and BIO leak
      782598ec
    • Andrii Nakryiko's avatar
      bpf: Fix enum names for bpf_this_cpu_ptr() and bpf_per_cpu_ptr() helpers · b7906b70
      Andrii Nakryiko authored
      Remove bpf_ prefix, which causes these helpers to be reported in verifier
      dump as bpf_bpf_this_cpu_ptr() and bpf_bpf_per_cpu_ptr(), respectively. Lets
      fix it as long as it is still possible before UAPI freezes on these helpers.
      
      Fixes: eaa6bcb7 ("bpf: Introduce bpf_per_cpu_ptr()")
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b7906b70
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew) · a06caa4a
      Linus Torvalds authored
      Merge misc fixes from Andrew Morton:
       "8 patches.
      
        Subsystems affected by this patch series: proc, selftests, kbuild, and
        mm (pagecache, kasan, hugetlb)"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        mm/hugetlb: clear compound_nr before freeing gigantic pages
        kasan: fix object remaining in offline per-cpu quarantine
        elfcore: fix building with clang
        initramfs: fix clang build failure
        kbuild: avoid static_assert for genksyms
        selftest/fpu: avoid clang warning
        proc: use untagged_addr() for pagemap_read addresses
        revert "mm/filemap: add static for function __add_to_page_cache_locked"
      a06caa4a
    • Gerald Schaefer's avatar
      mm/hugetlb: clear compound_nr before freeing gigantic pages · ba9c1201
      Gerald Schaefer authored
      Commit 1378a5ee ("mm: store compound_nr as well as compound_order")
      added compound_nr counter to first tail struct page, overlaying with
      page->mapping.  The overlay itself is fine, but while freeing gigantic
      hugepages via free_contig_range(), a "bad page" check will trigger for
      non-NULL page->mapping on the first tail page:
      
        BUG: Bad page state in process bash  pfn:380001
        page:00000000c35f0856 refcount:0 mapcount:0 mapping:00000000126b68aa index:0x0 pfn:0x380001
        aops:0x0
        flags: 0x3ffff00000000000()
        raw: 3ffff00000000000 0000000000000100 0000000000000122 0000000100000000
        raw: 0000000000000000 0000000000000000 ffffffff00000000 0000000000000000
        page dumped because: non-NULL mapping
        Modules linked in:
        CPU: 6 PID: 616 Comm: bash Not tainted 5.10.0-rc7-next-20201208 #1
        Hardware name: IBM 3906 M03 703 (LPAR)
        Call Trace:
          show_stack+0x6e/0xe8
          dump_stack+0x90/0xc8
          bad_page+0xd6/0x130
          free_pcppages_bulk+0x26a/0x800
          free_unref_page+0x6e/0x90
          free_contig_range+0x94/0xe8
          update_and_free_page+0x1c4/0x2c8
          free_pool_huge_page+0x11e/0x138
          set_max_huge_pages+0x228/0x300
          nr_hugepages_store_common+0xb8/0x130
          kernfs_fop_write+0xd2/0x218
          vfs_write+0xb0/0x2b8
          ksys_write+0xac/0xe0
          system_call+0xe6/0x288
        Disabling lock debugging due to kernel taint
      
      This is because only the compound_order is cleared in
      destroy_compound_gigantic_page(), and compound_nr is set to
      1U << order == 1 for order 0 in set_compound_order(page, 0).
      
      Fix this by explicitly clearing compound_nr for first tail page after
      calling set_compound_order(page, 0).
      
      Link: https://lkml.kernel.org/r/20201208182813.66391-2-gerald.schaefer@linux.ibm.com
      Fixes: 1378a5ee ("mm: store compound_nr as well as compound_order")
      Signed-off-by: default avatarGerald Schaefer <gerald.schaefer@linux.ibm.com>
      Reviewed-by: default avatarMatthew Wilcox (Oracle) <willy@infradead.org>
      Cc: Heiko Carstens <hca@linux.ibm.com>
      Cc: Mike Kravetz <mike.kravetz@oracle.com>
      Cc: Christian Borntraeger <borntraeger@de.ibm.com>
      Cc: <stable@vger.kernel.org>	[5.9+]
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ba9c1201
    • Kuan-Ying Lee's avatar
      kasan: fix object remaining in offline per-cpu quarantine · 6c82d45c
      Kuan-Ying Lee authored
      We hit this issue in our internal test.  When enabling generic kasan, a
      kfree()'d object is put into per-cpu quarantine first.  If the cpu goes
      offline, object still remains in the per-cpu quarantine.  If we call
      kmem_cache_destroy() now, slub will report "Objects remaining" error.
      
        =============================================================================
        BUG test_module_slab (Not tainted): Objects remaining in test_module_slab on __kmem_cache_shutdown()
        -----------------------------------------------------------------------------
      
        Disabling lock debugging due to kernel taint
        INFO: Slab 0x(____ptrval____) objects=34 used=1 fp=0x(____ptrval____) flags=0x2ffff00000010200
        CPU: 3 PID: 176 Comm: cat Tainted: G    B             5.10.0-rc1-00007-g4525c878-dirty #10
        Hardware name: linux,dummy-virt (DT)
        Call trace:
           dump_backtrace+0x0/0x2b0
           show_stack+0x18/0x68
           dump_stack+0xfc/0x168
           slab_err+0xac/0xd4
           __kmem_cache_shutdown+0x1e4/0x3c8
           kmem_cache_destroy+0x68/0x130
           test_version_show+0x84/0xf0
           module_attr_show+0x40/0x60
           sysfs_kf_seq_show+0x128/0x1c0
           kernfs_seq_show+0xa0/0xb8
           seq_read+0x1f0/0x7e8
           kernfs_fop_read+0x70/0x338
           vfs_read+0xe4/0x250
           ksys_read+0xc8/0x180
           __arm64_sys_read+0x44/0x58
           el0_svc_common.constprop.0+0xac/0x228
           do_el0_svc+0x38/0xa0
           el0_sync_handler+0x170/0x178
           el0_sync+0x174/0x180
        INFO: Object 0x(____ptrval____) @offset=15848
        INFO: Allocated in test_version_show+0x98/0xf0 age=8188 cpu=6 pid=172
           stack_trace_save+0x9c/0xd0
           set_track+0x64/0xf0
           alloc_debug_processing+0x104/0x1a0
           ___slab_alloc+0x628/0x648
           __slab_alloc.isra.0+0x2c/0x58
           kmem_cache_alloc+0x560/0x588
           test_version_show+0x98/0xf0
           module_attr_show+0x40/0x60
           sysfs_kf_seq_show+0x128/0x1c0
           kernfs_seq_show+0xa0/0xb8
           seq_read+0x1f0/0x7e8
           kernfs_fop_read+0x70/0x338
           vfs_read+0xe4/0x250
           ksys_read+0xc8/0x180
           __arm64_sys_read+0x44/0x58
           el0_svc_common.constprop.0+0xac/0x228
        kmem_cache_destroy test_module_slab: Slab cache still has objects
      
      Register a cpu hotplug function to remove all objects in the offline
      per-cpu quarantine when cpu is going offline.  Set a per-cpu variable to
      indicate this cpu is offline.
      
      [qiang.zhang@windriver.com: fix slab double free when cpu-hotplug]
        Link: https://lkml.kernel.org/r/20201204102206.20237-1-qiang.zhang@windriver.com
      
      Link: https://lkml.kernel.org/r/1606895585-17382-2-git-send-email-Kuan-Ying.Lee@mediatek.comSigned-off-by: default avatarKuan-Ying Lee <Kuan-Ying.Lee@mediatek.com>
      Signed-off-by: default avatarZqiang <qiang.zhang@windriver.com>
      Suggested-by: default avatarDmitry Vyukov <dvyukov@google.com>
      Reported-by: default avatarGuangye Yang <guangye.yang@mediatek.com>
      Reviewed-by: default avatarDmitry Vyukov <dvyukov@google.com>
      Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Matthias Brugger <matthias.bgg@gmail.com>
      Cc: Nicholas Tang <nicholas.tang@mediatek.com>
      Cc: Miles Chen <miles.chen@mediatek.com>
      Cc: Qian Cai <qcai@redhat.com>
      Cc: Stephen Rothwell <sfr@canb.auug.org.au>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6c82d45c
    • Arnd Bergmann's avatar
      elfcore: fix building with clang · 6e7b64b9
      Arnd Bergmann authored
      kernel/elfcore.c only contains weak symbols, which triggers a bug with
      clang in combination with recordmcount:
      
        Cannot find symbol for section 2: .text.
        kernel/elfcore.o: failed
      
      Move the empty stubs into linux/elfcore.h as inline functions.  As only
      two architectures use these, just use the architecture specific Kconfig
      symbols to key off the declaration.
      
      Link: https://lkml.kernel.org/r/20201204165742.3815221-2-arnd@kernel.orgSigned-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Cc: Nathan Chancellor <natechancellor@gmail.com>
      Cc: Nick Desaulniers <ndesaulniers@google.com>
      Cc: Barret Rhoden <brho@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6e7b64b9
    • Arnd Bergmann's avatar
      initramfs: fix clang build failure · 55d5b7dd
      Arnd Bergmann authored
      There is only one function in init/initramfs.c that is in the .text
      section, and it is marked __weak.  When building with clang-12 and the
      integrated assembler, this leads to a bug with recordmcount:
      
        ./scripts/recordmcount  "init/initramfs.o"
        Cannot find symbol for section 2: .text.
        init/initramfs.o: failed
      
      I'm not quite sure what exactly goes wrong, but I notice that this
      function is only ever called from an __init function, and normally
      inlined.  Marking it __init as well is clearly correct and it leads to
      recordmcount no longer complaining.
      
      Link: https://lkml.kernel.org/r/20201204165742.3815221-1-arnd@kernel.orgSigned-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Cc: Nathan Chancellor <natechancellor@gmail.com>
      Cc: Nick Desaulniers <ndesaulniers@google.com>
      Cc: Barret Rhoden <brho@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      55d5b7dd
    • Arnd Bergmann's avatar
      kbuild: avoid static_assert for genksyms · 14dc3983
      Arnd Bergmann authored
      genksyms does not know or care about the _Static_assert() built-in, and
      sometimes falls back to ignoring the later symbols, which causes
      undefined behavior such as
      
        WARNING: modpost: EXPORT symbol "ethtool_set_ethtool_phy_ops" [vmlinux] version generation failed, symbol will not be versioned.
        ld: net/ethtool/common.o: relocation R_AARCH64_ABS32 against `__crc_ethtool_set_ethtool_phy_ops' can not be used when making a shared object
        net/ethtool/common.o:(_ftrace_annotated_branch+0x0): dangerous relocation: unsupported relocation
      
      Redefine static_assert for genksyms to avoid that.
      
      Link: https://lkml.kernel.org/r/20201203230955.1482058-1-arnd@kernel.orgSigned-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Suggested-by: default avatarArd Biesheuvel <ardb@kernel.org>
      Cc: Masahiro Yamada <masahiroy@kernel.org>
      Cc: Michal Marek <michal.lkml@markovi.net>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Rikard Falkeborn <rikard.falkeborn@gmail.com>
      Cc: Marco Elver <elver@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      14dc3983
    • Arnd Bergmann's avatar
      selftest/fpu: avoid clang warning · 84edc2ef
      Arnd Bergmann authored
      With extra warnings enabled, clang complains about the redundant
      -mhard-float argument:
      
        clang: error: argument unused during compilation: '-mhard-float' [-Werror,-Wunused-command-line-argument]
      
      Move this into the gcc-only part of the Makefile.
      
      Link: https://lkml.kernel.org/r/20201203223652.1320700-1-arnd@kernel.org
      Fixes: 4185b3b9 ("selftests/fpu: Add an FPU selftest")
      Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
      Cc: Nathan Chancellor <natechancellor@gmail.com>
      Cc: Nick Desaulniers <ndesaulniers@google.com>
      Cc: Petteri Aimonen <jpa@git.mail.kapsi.fi>
      Cc: Borislav Petkov <bp@suse.de>
      Cc: Arnd Bergmann <arnd@arndb.de>
      Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      84edc2ef
    • Miles Chen's avatar
      proc: use untagged_addr() for pagemap_read addresses · 40d6366e
      Miles Chen authored
      When we try to visit the pagemap of a tagged userspace pointer, we find
      that the start_vaddr is not correct because of the tag.
      To fix it, we should untag the userspace pointers in pagemap_read().
      
      I tested with 5.10-rc4 and the issue remains.
      
      Explanation from Catalin in [1]:
      
       "Arguably, that's a user-space bug since tagged file offsets were never
        supported. In this case it's not even a tag at bit 56 as per the arm64
        tagged address ABI but rather down to bit 47. You could say that the
        problem is caused by the C library (malloc()) or whoever created the
        tagged vaddr and passed it to this function. It's not a kernel
        regression as we've never supported it.
      
        Now, pagemap is a special case where the offset is usually not
        generated as a classic file offset but rather derived by shifting a
        user virtual address. I guess we can make a concession for pagemap
        (only) and allow such offset with the tag at bit (56 - PAGE_SHIFT + 3)"
      
      My test code is based on [2]:
      
      A userspace pointer which has been tagged by 0xb4: 0xb400007662f541c8
      
      userspace program:
      
        uint64 OsLayer::VirtualToPhysical(void *vaddr) {
      	uint64 frame, paddr, pfnmask, pagemask;
      	int pagesize = sysconf(_SC_PAGESIZE);
      	off64_t off = ((uintptr_t)vaddr) / pagesize * 8; // off = 0xb400007662f541c8 / pagesize * 8 = 0x5a00003b317aa0
      	int fd = open(kPagemapPath, O_RDONLY);
      	...
      
      	if (lseek64(fd, off, SEEK_SET) != off || read(fd, &frame, 8) != 8) {
      		int err = errno;
      		string errtxt = ErrorString(err);
      		if (fd >= 0)
      			close(fd);
      		return 0;
      	}
        ...
        }
      
      kernel fs/proc/task_mmu.c:
      
        static ssize_t pagemap_read(struct file *file, char __user *buf,
      		size_t count, loff_t *ppos)
        {
      	...
      	src = *ppos;
      	svpfn = src / PM_ENTRY_BYTES; // svpfn == 0xb400007662f54
      	start_vaddr = svpfn << PAGE_SHIFT; // start_vaddr == 0xb400007662f54000
      	end_vaddr = mm->task_size;
      
      	/* watch out for wraparound */
      	// svpfn == 0xb400007662f54
      	// (mm->task_size >> PAGE) == 0x8000000
      	if (svpfn > mm->task_size >> PAGE_SHIFT) // the condition is true because of the tag 0xb4
      		start_vaddr = end_vaddr;
      
      	ret = 0;
      	while (count && (start_vaddr < end_vaddr)) { // we cannot visit correct entry because start_vaddr is set to end_vaddr
      		int len;
      		unsigned long end;
      		...
      	}
      	...
        }
      
      [1] https://lore.kernel.org/patchwork/patch/1343258/
      [2] https://github.com/stressapptest/stressapptest/blob/master/src/os.cc#L158
      
      Link: https://lkml.kernel.org/r/20201204024347.8295-1-miles.chen@mediatek.comSigned-off-by: default avatarMiles Chen <miles.chen@mediatek.com>
      Reviewed-by: default avatarVincenzo Frascino <vincenzo.frascino@arm.com>
      Reviewed-by: default avatarCatalin Marinas <catalin.marinas@arm.com>
      Cc: Alexey Dobriyan <adobriyan@gmail.com>
      Cc: Andrey Konovalov <andreyknvl@google.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Vincenzo Frascino <vincenzo.frascino@arm.com>
      Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
      Cc: Catalin Marinas <catalin.marinas@arm.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Marco Elver <elver@google.com>
      Cc: Will Deacon <will@kernel.org>
      Cc: Eric W. Biederman <ebiederm@xmission.com>
      Cc: Song Bao Hua (Barry Song) <song.bao.hua@hisilicon.com>
      Cc: <stable@vger.kernel.org>	[5.4-]
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      40d6366e
    • Andrew Morton's avatar
      revert "mm/filemap: add static for function __add_to_page_cache_locked" · 16c0cc0c
      Andrew Morton authored
      Revert commit 3351b16a ("mm/filemap: add static for function
      __add_to_page_cache_locked") due to incompatibility with
      ALLOW_ERROR_INJECTION which result in build errors.
      
      Link: https://lkml.kernel.org/r/CAADnVQJ6tmzBXvtroBuEH6QA0H+q7yaSKxrVvVxhqr3KBZdEXg@mail.gmail.comTested-by: default avatarJustin Forbes <jmforbes@linuxtx.org>
      Tested-by: default avatarGreg Thelen <gthelen@google.com>
      Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Cc: Michal Kubecek <mkubecek@suse.cz>
      Cc: Alex Shi <alex.shi@linux.alibaba.com>
      Cc: Souptick Joarder <jrdr.linux@gmail.com>
      Cc: Daniel Borkmann <daniel@iogearbox.net>
      Cc: Josef Bacik <josef@toxicpanda.com>
      Cc: Tony Luck <tony.luck@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      16c0cc0c