1. 29 Sep, 2022 1 commit
    • Kees Cook's avatar
      slab: Remove __malloc attribute from realloc functions · 9ed9cac1
      Kees Cook authored
      The __malloc attribute should not be applied to "realloc" functions, as
      the returned pointer may alias the storage of the prior pointer. Instead
      of splitting __malloc from __alloc_size, which would be a huge amount of
      churn, just create __realloc_size for the few cases where it is needed.
      
      Thanks to Geert Uytterhoeven <geert@linux-m68k.org> for reporting build
      failures with gcc-8 in earlier version which tried to remove the #ifdef.
      While the "alloc_size" attribute is available on all GCC versions, I
      forgot that it gets disabled explicitly by the kernel in GCC < 9.1 due
      to misbehaviors. Add a note to the compiler_attributes.h entry for it.
      
      Cc: Christoph Lameter <cl@linux.com>
      Cc: Pekka Enberg <penberg@kernel.org>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
      Cc: Andrew Morton <akpm@linux-foundation.org>
      Cc: Vlastimil Babka <vbabka@suse.cz>
      Cc: Roman Gushchin <roman.gushchin@linux.dev>
      Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com>
      Cc: Marco Elver <elver@google.com>
      Cc: linux-mm@kvack.org
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
      9ed9cac1
  2. 22 Sep, 2022 1 commit
    • Maurizio Lombardi's avatar
      mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context. · e45cc288
      Maurizio Lombardi authored
      Commit 5a836bf6 ("mm: slub: move flush_cpu_slab() invocations
      __free_slab() invocations out of IRQ context") moved all flush_cpu_slab()
      invocations to the global workqueue to avoid a problem related
      with deactivate_slab()/__free_slab() being called from an IRQ context
      on PREEMPT_RT kernels.
      
      When the flush_all_cpu_locked() function is called from a task context
      it may happen that a workqueue with WQ_MEM_RECLAIM bit set ends up
      flushing the global workqueue, this will cause a dependency issue.
      
       workqueue: WQ_MEM_RECLAIM nvme-delete-wq:nvme_delete_ctrl_work [nvme_core]
         is flushing !WQ_MEM_RECLAIM events:flush_cpu_slab
       WARNING: CPU: 37 PID: 410 at kernel/workqueue.c:2637
         check_flush_dependency+0x10a/0x120
       Workqueue: nvme-delete-wq nvme_delete_ctrl_work [nvme_core]
       RIP: 0010:check_flush_dependency+0x10a/0x120[  453.262125] Call Trace:
       __flush_work.isra.0+0xbf/0x220
       ? __queue_work+0x1dc/0x420
       flush_all_cpus_locked+0xfb/0x120
       __kmem_cache_shutdown+0x2b/0x320
       kmem_cache_destroy+0x49/0x100
       bioset_exit+0x143/0x190
       blk_release_queue+0xb9/0x100
       kobject_cleanup+0x37/0x130
       nvme_fc_ctrl_free+0xc6/0x150 [nvme_fc]
       nvme_free_ctrl+0x1ac/0x2b0 [nvme_core]
      
      Fix this bug by creating a workqueue for the flush operation with
      the WQ_MEM_RECLAIM bit set.
      
      Fixes: 5a836bf6 ("mm: slub: move flush_cpu_slab() invocations __free_slab() invocations out of IRQ context")
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarMaurizio Lombardi <mlombard@redhat.com>
      Reviewed-by: default avatarHyeonggon Yoo <42.hyeyoo@gmail.com>
      Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
      e45cc288
  3. 19 Sep, 2022 1 commit
    • Feng Tang's avatar
      mm/slab_common: fix possible double free of kmem_cache · d71608a8
      Feng Tang authored
      When doing slub_debug test, kfence's 'test_memcache_typesafe_by_rcu'
      kunit test case cause a use-after-free error:
      
        BUG: KASAN: use-after-free in kobject_del+0x14/0x30
        Read of size 8 at addr ffff888007679090 by task kunit_try_catch/261
      
        CPU: 1 PID: 261 Comm: kunit_try_catch Tainted: G    B            N 6.0.0-rc5-next-20220916 #17
        Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
        Call Trace:
         <TASK>
         dump_stack_lvl+0x34/0x48
         print_address_description.constprop.0+0x87/0x2a5
         print_report+0x103/0x1ed
         kasan_report+0xb7/0x140
         kobject_del+0x14/0x30
         kmem_cache_destroy+0x130/0x170
         test_exit+0x1a/0x30
         kunit_try_run_case+0xad/0xc0
         kunit_generic_run_threadfn_adapter+0x26/0x50
         kthread+0x17b/0x1b0
         </TASK>
      
      The cause is inside kmem_cache_destroy():
      
      kmem_cache_destroy
          acquire lock/mutex
          shutdown_cache
              schedule_work(kmem_cache_release) (if RCU flag set)
          release lock/mutex
          kmem_cache_release (if RCU flag not set)
      
      In some certain timing, the scheduled work could be run before
      the next RCU flag checking, which can then get a wrong value
      and lead to double kmem_cache_release().
      
      Fix it by caching the RCU flag inside protected area, just like 'refcnt'
      
      Fixes: 0495e337 ("mm/slab_common: Deleting kobject in kmem_cache_destroy() without holding slab_mutex/cpu_hotplug_lock")
      Signed-off-by: default avatarFeng Tang <feng.tang@intel.com>
      Reviewed-by: default avatarHyeonggon Yoo <42.hyeyoo@gmail.com>
      Reviewed-by: default avatarWaiman Long <longman@redhat.com>
      Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
      d71608a8
  4. 16 Sep, 2022 1 commit
  5. 08 Sep, 2022 1 commit
    • Chao Yu's avatar
      mm/slub: fix to return errno if kmalloc() fails · 7e9c323c
      Chao Yu authored
      In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to
      out-of-memory, if it fails, return errno correctly rather than
      triggering panic via BUG_ON();
      
      kernel BUG at mm/slub.c:5893!
      Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
      
      Call trace:
       sysfs_slab_add+0x258/0x260 mm/slub.c:5973
       __kmem_cache_create+0x60/0x118 mm/slub.c:4899
       create_cache mm/slab_common.c:229 [inline]
       kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335
       kmem_cache_create+0x1c/0x28 mm/slab_common.c:390
       f2fs_kmem_cache_create fs/f2fs/f2fs.h:2766 [inline]
       f2fs_init_xattr_caches+0x78/0xb4 fs/f2fs/xattr.c:808
       f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149
       mount_bdev+0x1b8/0x210 fs/super.c:1400
       f2fs_mount+0x44/0x58 fs/f2fs/super.c:4512
       legacy_get_tree+0x30/0x74 fs/fs_context.c:610
       vfs_get_tree+0x40/0x140 fs/super.c:1530
       do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040
       path_mount+0x358/0x914 fs/namespace.c:3370
       do_mount fs/namespace.c:3383 [inline]
       __do_sys_mount fs/namespace.c:3591 [inline]
       __se_sys_mount fs/namespace.c:3568 [inline]
       __arm64_sys_mount+0x2f8/0x408 fs/namespace.c:3568
      
      Cc: <stable@kernel.org>
      Fixes: 81819f0f ("SLUB core")
      Reported-by: syzbot+81684812ea68216e08c5@syzkaller.appspotmail.com
      Reviewed-by: default avatarMuchun Song <songmuchun@bytedance.com>
      Reviewed-by: default avatarHyeonggon Yoo <42.hyeyoo@gmail.com>
      Signed-off-by: default avatarChao Yu <chao.yu@oppo.com>
      Acked-by: default avatarDavid Rientjes <rientjes@google.com>
      Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
      7e9c323c
  6. 01 Sep, 2022 1 commit
    • Waiman Long's avatar
      mm/slab_common: Deleting kobject in kmem_cache_destroy() without holding... · 0495e337
      Waiman Long authored
      mm/slab_common: Deleting kobject in kmem_cache_destroy() without holding slab_mutex/cpu_hotplug_lock
      
      A circular locking problem is reported by lockdep due to the following
      circular locking dependency.
      
        +--> cpu_hotplug_lock --> slab_mutex --> kn->active --+
        |                                                     |
        +-----------------------------------------------------+
      
      The forward cpu_hotplug_lock ==> slab_mutex ==> kn->active dependency
      happens in
      
        kmem_cache_destroy():	cpus_read_lock(); mutex_lock(&slab_mutex);
        ==> sysfs_slab_unlink()
            ==> kobject_del()
                ==> kernfs_remove()
      	      ==> __kernfs_remove()
      	          ==> kernfs_drain(): rwsem_acquire(&kn->dep_map, ...);
      
      The backward kn->active ==> cpu_hotplug_lock dependency happens in
      
        kernfs_fop_write_iter(): kernfs_get_active();
        ==> slab_attr_store()
            ==> cpu_partial_store()
                ==> flush_all(): cpus_read_lock()
      
      One way to break this circular locking chain is to avoid holding
      cpu_hotplug_lock and slab_mutex while deleting the kobject in
      sysfs_slab_unlink() which should be equivalent to doing a write_lock
      and write_unlock pair of the kn->active virtual lock.
      
      Since the kobject structures are not protected by slab_mutex or the
      cpu_hotplug_lock, we can certainly release those locks before doing
      the delete operation.
      
      Move sysfs_slab_unlink() and sysfs_slab_release() to the newly
      created kmem_cache_release() and call it outside the slab_mutex &
      cpu_hotplug_lock critical sections. There will be a slight delay
      in the deletion of sysfs files if kmem_cache_release() is called
      indirectly from a work function.
      
      Fixes: 5a836bf6 ("mm: slub: move flush_cpu_slab() invocations __free_slab() invocations out of IRQ context")
      Signed-off-by: default avatarWaiman Long <longman@redhat.com>
      Reviewed-by: default avatarHyeonggon Yoo <42.hyeyoo@gmail.com>
      Reviewed-by: default avatarRoman Gushchin <roman.gushchin@linux.dev>
      Acked-by: default avatarDavid Rientjes <rientjes@google.com>
      Link: https://lore.kernel.org/all/YwOImVd+nRUsSAga@hyeyoo/Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
      0495e337
  7. 22 Aug, 2022 1 commit
  8. 21 Aug, 2022 17 commits
  9. 20 Aug, 2022 15 commits
    • Linus Torvalds's avatar
      Merge tag 'kbuild-fixes-v6.0' of... · 15b3f48a
      Linus Torvalds authored
      Merge tag 'kbuild-fixes-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
      
      Pull Kbuild fixes from Masahiro Yamada:
      
       - Fix module versioning broken on some architectures
      
       - Make dummy-tools enable CONFIG_PPC_LONG_DOUBLE_128
      
       - Remove -Wformat-zero-length, which has no warning instance
      
       - Fix the order between drivers and libs in modules.order
      
       - Fix false-positive warnings in clang-analyzer
      
      * tag 'kbuild-fixes-v6.0' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
        scripts/clang-tools: Remove DeprecatedOrUnsafeBufferHandling check
        kbuild: fix the modules order between drivers and libs
        scripts/Makefile.extrawarn: Do not disable clang's -Wformat-zero-length
        kbuild: dummy-tools: pretend we understand __LONG_DOUBLE_128__
        modpost: fix module versioning when a symbol lacks valid CRC
      15b3f48a
    • Linus Torvalds's avatar
      Merge tag 'perf-tools-fixes-for-v6.0-2022-08-19' of... · 16b3d851
      Linus Torvalds authored
      Merge tag 'perf-tools-fixes-for-v6.0-2022-08-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux
      
      Pull perf tools fixes from Arnaldo Carvalho de Melo:
      
       - Fix alignment for cpu map masks in event encoding.
      
       - Support reading PERF_FORMAT_LOST, perf tool counterpart for a feature
         that was added in this merge window.
      
       - Sync perf tools copies of kernel headers: socket, msr-index, fscrypt,
         cpufeatures, i915_drm, kvm, vhost, perf_event.
      
      * tag 'perf-tools-fixes-for-v6.0-2022-08-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux:
        perf tools: Support reading PERF_FORMAT_LOST
        libperf: Add a test case for read formats
        libperf: Handle read format in perf_evsel__read()
        tools headers UAPI: Sync linux/perf_event.h with the kernel sources
        tools headers UAPI: Sync x86's asm/kvm.h with the kernel sources
        tools headers UAPI: Sync KVM's vmx.h header with the kernel sources
        tools include UAPI: Sync linux/vhost.h with the kernel sources
        tools headers kvm s390: Sync headers with the kernel sources
        tools headers UAPI: Sync linux/kvm.h with the kernel sources
        tools headers UAPI: Sync drm/i915_drm.h with the kernel sources
        tools headers cpufeatures: Sync with the kernel sources
        tools headers UAPI: Sync linux/fscrypt.h with the kernel sources
        tools arch x86: Sync the msr-index.h copy with the kernel sources
        perf beauty: Update copy of linux/socket.h with the kernel sources
        perf cpumap: Fix alignment for masks in event encoding
        perf cpumap: Compute mask size in constant time
        perf cpumap: Synthetic events and const/static
        perf cpumap: Const map for max()
      16b3d851
    • Linus Torvalds's avatar
      Merge tag 's390-6.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux · cc1807b9
      Linus Torvalds authored
      Pull s390 updates from Alexander Gordeev:
      
       - Fix a KVM crash on z12 and older machines caused by a wrong
         assumption that Query AP Configuration Information is always
         available.
      
       - Lower severity of excessive Hypervisor filesystem error messages
         when booting under KVM.
      
      * tag 's390-6.0-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
        s390/ap: fix crash on older machines based on QCI info missing
        s390/hypfs: avoid error message under KVM
      cc1807b9
    • Linus Torvalds's avatar
      Merge tag 'powerpc-6.0-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 32dd68f1
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
      
       - Fix atomic sleep warnings at boot due to get_phb_number() taking a
         mutex with a spinlock held on some machines.
      
       - Add missing PMU selftests to .gitignores.
      
      Thanks to Guenter Roeck and Russell Currey.
      
      * tag 'powerpc-6.0-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        selftests/powerpc: Add missing PMU selftests to .gitignores
        powerpc/pci: Fix get_phb_number() locking
      32dd68f1
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma · f31c32ef
      Linus Torvalds authored
      Pull rdma fixes from Jason Gunthorpe:
       "A few minor fixes:
      
         - Fix buffer management in SRP to correct a regression with the login
           authentication feature from v5.17
      
         - Don't iterate over non-present ports in mlx5
      
         - Fix an error introduced by the foritify work in cxgb4
      
         - Two bug fixes for the recently merged ERDMA driver
      
         - Unbreak RDMA dmabuf support, a regresion from v5.19"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma:
        RDMA: Handle the return code from dma_resv_wait_timeout() properly
        RDMA/erdma: Correct the max_qp and max_cq capacities of the device
        RDMA/erdma: Using the key in FMR WR instead of MR structure
        RDMA/cxgb4: fix accept failure due to increased cpl_t5_pass_accept_rpl size
        RDMA/mlx5: Use the proper number of ports
        IB/iser: Fix login with authentication
      f31c32ef
    • Guru Das Srinagesh's avatar
      scripts/clang-tools: Remove DeprecatedOrUnsafeBufferHandling check · 4be72c1b
      Guru Das Srinagesh authored
      This `clang-analyzer` check flags the use of memset(), suggesting a more
      secure version of the API, such as memset_s(), which does not exist in
      the kernel:
      
        warning: Call to function 'memset' is insecure as it does not provide
        security checks introduced in the C11 standard. Replace with analogous
        functions that support length arguments or provides boundary checks such
        as 'memset_s' in case of C11
        [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
      Signed-off-by: default avatarGuru Das Srinagesh <quic_gurus@quicinc.com>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      4be72c1b
    • Masahiro Yamada's avatar
      kbuild: fix the modules order between drivers and libs · 11314751
      Masahiro Yamada authored
      Commit b2c88554 ("kbuild: update modules.order only when contained
      modules are updated") accidentally changed the modules order.
      
      Prior to that commit, the modules order was determined based on
      vmlinux-dirs, which lists core-y/m, drivers-y/m, libs-y/m, in this order.
      
      Now, subdir-modorder lists them in a different order: core-y/m, libs-y/m,
      drivers-y/m.
      
      Presumably, there was no practical issue because the modules in drivers
      and libs are orthogonal, but there is no reason to have this distortion.
      
      Get back to the original order.
      
      Fixes: b2c88554 ("kbuild: update modules.order only when contained modules are updated")
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      11314751
    • Nathan Chancellor's avatar
      scripts/Makefile.extrawarn: Do not disable clang's -Wformat-zero-length · 370655bc
      Nathan Chancellor authored
      There are no instances of this warning in the tree across several
      difference architectures and configurations. This was added by
      commit 26ea6bb1 ("kbuild, LLVMLinux: Supress warnings unless W=1-3")
      back in 2014, where it might have been necessary, but there are no
      instances of it now so stop disabling it to increase warning coverage
      for clang.
      Signed-off-by: default avatarNathan Chancellor <nathan@kernel.org>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      370655bc
    • Jiri Slaby's avatar
      kbuild: dummy-tools: pretend we understand __LONG_DOUBLE_128__ · 0df499ea
      Jiri Slaby authored
      There is a test in powerpc's Kconfig which checks __LONG_DOUBLE_128__
      and sets CONFIG_PPC_LONG_DOUBLE_128 if it is understood by the compiler.
      
      We currently don't handle it, so this results in PPC_LONG_DOUBLE_128 not
      being in super-config generated by dummy-tools. So take this into
      account in the gcc script and preprocess __LONG_DOUBLE_128__ as "1".
      Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      0df499ea
    • Masahiro Yamada's avatar
      modpost: fix module versioning when a symbol lacks valid CRC · 5b8a9a8f
      Masahiro Yamada authored
      Since commit 7b453719 ("kbuild: link symbol CRCs at final link,
      removing CONFIG_MODULE_REL_CRCS"), module versioning is broken on
      some architectures. Loading a module fails with "disagrees about
      version of symbol module_layout".
      
      On such architectures (e.g. ARCH=sparc build with sparc64_defconfig),
      modpost shows a warning, like follows:
      
        WARNING: modpost: EXPORT symbol "_mcount" [vmlinux] version generation failed, symbol will not be versioned.
        Is "_mcount" prototyped in <asm/asm-prototypes.h>?
      
      Previously, it was a harmless warning (CRC check was just skipped),
      but now wrong CRCs are used for comparison because invalid CRCs are
      just skipped.
      
        $ sparc64-linux-gnu-nm -n vmlinux
          [snip]
        0000000000c2cea0 r __ksymtab__kstrtol
        0000000000c2ceb8 r __ksymtab__kstrtoul
        0000000000c2ced0 r __ksymtab__local_bh_enable
        0000000000c2cee8 r __ksymtab__mcount
        0000000000c2cf00 r __ksymtab__printk
        0000000000c2cf18 r __ksymtab__raw_read_lock
        0000000000c2cf30 r __ksymtab__raw_read_lock_bh
          [snip]
        0000000000c53b34 D __crc__kstrtol
        0000000000c53b38 D __crc__kstrtoul
        0000000000c53b3c D __crc__local_bh_enable
        0000000000c53b40 D __crc__printk
        0000000000c53b44 D __crc__raw_read_lock
        0000000000c53b48 D __crc__raw_read_lock_bh
      
      Please notice __crc__mcount is missing here.
      
      When the module subsystem looks up a CRC that comes after, it results
      in reading out a wrong address. For example, when __crc__printk is
      needed, the module subsystem reads 0xc53b44 instead of 0xc53b40.
      
      All CRC entries must be output for correct index accessing. Invalid
      CRCs will be unused, but are needed to keep the one-to-one mapping
      between __ksymtab_* and __crc_*.
      
      The best is to fix all modpost warnings, but several warnings are still
      remaining on less popular architectures.
      
      Fixes: 7b453719 ("kbuild: link symbol CRCs at final link, removing CONFIG_MODULE_REL_CRCS")
      Reported-by: default avatarmatoro <matoro_mailinglist_kernel@matoro.tk>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Tested-by: default avatarmatoro <matoro_mailinglist_kernel@matoro.tk>
      5b8a9a8f
    • Linus Torvalds's avatar
      Merge tag 'block-6.0-2022-08-19' of git://git.kernel.dk/linux-block · b9bce6e5
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
       "A few fixes that should go into this release:
      
         - Small series of patches for ublk (ZiyangZhang)
      
         - Remove dead function (Yu)
      
         - Fix for running a block queue in case of resource starvation
           (Yufen)"
      
      * tag 'block-6.0-2022-08-19' of git://git.kernel.dk/linux-block:
        blk-mq: run queue no matter whether the request is the last request
        blk-mq: remove unused function blk_mq_queue_stopped()
        ublk_drv: do not add a re-issued request aborted previously to ioucmd's task_work
        ublk_drv: update comment for __ublk_fail_req()
        ublk_drv: check ubq_daemon_is_dying() in __ublk_rq_task_work()
        ublk_drv: update iod->addr for UBLK_IO_NEED_GET_DATA
      b9bce6e5
    • Linus Torvalds's avatar
      Merge tag 'io_uring-6.0-2022-08-19' of git://git.kernel.dk/linux-block · beaf1397
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
       "A few fixes for regressions in this cycle:
      
         - Two instances of using the wrong "has async data" helper (Pavel)
      
         - Fixup zero-copy address import (Pavel)
      
         - Bump zero-copy notification slot limit (Pavel)"
      
      * tag 'io_uring-6.0-2022-08-19' of git://git.kernel.dk/linux-block:
        io_uring/net: use right helpers for async_data
        io_uring/notif: raise limit on notification slots
        io_uring/net: improve zc addr import error handling
        io_uring/net: use right helpers for async recycle
      beaf1397
    • Linus Torvalds's avatar
      Merge tag 'ata-6.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata · 044610f8
      Linus Torvalds authored
      Pull ATA fixes from Damien Le Moal:
      
       - Add a missing command name definition for ata_get_cmd_name(), from
         me.
      
       - A fix to address a performance regression due to the default
         max_sectors queue limit for ATA devices connected to AHCI adapters
         being too small, from John.
      
      * tag 'ata-6.0-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/libata:
        ata: libata: Set __ATA_BASE_SHT max_sectors
        ata: libata-eh: Add missing command name
      044610f8
    • Linus Torvalds's avatar
      Merge tag 'mmc-v6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc · 4d099c33
      Linus Torvalds authored
      Pull MMC host fixes from Ulf Hansson:
      
       - meson-gx: Fix error handling in ->probe()
      
       - mtk-sd: Fix a command problem when using cqe off/disable
      
       - pxamci: Fix error handling in ->probe()
      
       - sdhci-of-dwcmshc: Fix broken support for the BlueField-3 variant
      
      * tag 'mmc-v6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc:
        mmc: sdhci-of-dwcmshc: Re-enable support for the BlueField-3 SoC
        mmc: meson-gx: Fix an error handling path in meson_mmc_probe()
        mmc: mtk-sd: Clear interrupts when cqe off/disable
        mmc: pxamci: Fix another error handling path in pxamci_probe()
        mmc: pxamci: Fix an error handling path in pxamci_probe()
      4d099c33
    • John Garry's avatar
      ata: libata: Set __ATA_BASE_SHT max_sectors · a357f7b4
      John Garry authored
      Commit 0568e612 ("ata: libata-scsi: cap ata_device->max_sectors
      according to shost->max_sectors") inadvertently capped the max_sectors
      value for some SATA disks to a value which is lower than we would want.
      
      For a device which supports LBA48, we would previously have request queue
      max_sectors_kb and max_hw_sectors_kb values of 1280 and 32767 respectively.
      
      For AHCI controllers, the value chosen for shost max sectors comes from
      the minimum of the SCSI host default max sectors in
      SCSI_DEFAULT_MAX_SECTORS (1024) and the shost DMA device mapping limit.
      
      This means that we would now set the max_sectors_kb and max_hw_sectors_kb
      values for a disk which supports LBA48 at 512, ignoring DMA mapping limit.
      
      As report by Oliver at [0], this caused a performance regression.
      
      Fix by picking a large enough max sectors value for ATA host controllers
      such that we don't needlessly reduce max_sectors_kb for LBA48 disks.
      
      [0] https://lore.kernel.org/linux-ide/YvsGbidf3na5FpGb@xsang-OptiPlex-9020/T/#m22d9fc5ad15af66066dd9fecf3d50f1b1ef11da3
      
      Fixes: 0568e612 ("ata: libata-scsi: cap ata_device->max_sectors according to shost->max_sectors")
      Reported-by: default avatarOliver Sang <oliver.sang@intel.com>
      Signed-off-by: default avatarJohn Garry <john.garry@huawei.com>
      Signed-off-by: default avatarDamien Le Moal <damien.lemoal@opensource.wdc.com>
      a357f7b4
  10. 19 Aug, 2022 1 commit