1. 11 Apr, 2021 18 commits
  2. 10 Apr, 2021 10 commits
    • Linus Torvalds's avatar
      Merge branch 'for-5.12-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu · 52e44129
      Linus Torvalds authored
      Pull percpu fix from Dennis Zhou:
       "This contains a fix for sporadically failing atomic percpu
        allocations.
      
        I only caught it recently while I was reviewing a new series [1] and
        simultaneously saw reports by btrfs in xfstests [2] and [3].
      
        In v5.9, memcg accounting was extended to percpu done by adding a
        second type of chunk. I missed an interaction with the free page float
        count used to ensure we can support atomic allocations. If one type of
        chunk has no free pages, but the other has enough to satisfy the free
        page float requirement, we will not repopulate the free pages for the
        former type of chunk. This led to the sporadically failing atomic
        allocations"
      
      Link: https://lore.kernel.org/linux-mm/20210324190626.564297-1-guro@fb.com/ [1]
      Link: https://lore.kernel.org/linux-mm/20210401185158.3275.409509F4@e16-tech.com/ [2]
      Link: https://lore.kernel.org/linux-mm/CAL3q7H5RNBjCi708GH7jnczAOe0BLnacT9C+OBgA-Dx9jhB6SQ@mail.gmail.com/ [3]
      
      * 'for-5.12-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/dennis/percpu:
        percpu: make pcpu_nr_empty_pop_pages per chunk type
      52e44129
    • Linus Torvalds's avatar
      Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi · efc2da92
      Linus Torvalds authored
      Pull SCSI fixes from James Bottomley:
       "Seven fixes, all in drivers.
      
        The hpsa three are the most extensive and the most problematic: it's a
        packed structure misalignment that oopses on ia64 but looks like it
        would also oops on quite a few non-x86 architectures.
      
        The pm80xx is a regression and the rest are bug fixes for patches in
        the misc tree"
      
      * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
        scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
        scsi: target: iscsi: Fix zero tag inside a trace event
        scsi: pm80xx: Fix chip initialization failure
        scsi: ufs: core: Fix wrong Task Tag used in task management request UPIUs
        scsi: ufs: core: Fix task management request completion timeout
        scsi: hpsa: Add an assert to prevent __packed reintroduction
        scsi: hpsa: Fix boot on ia64 (atomic_t alignment)
        scsi: hpsa: Use __packed on individual structs, not header-wide
      efc2da92
    • Linus Torvalds's avatar
      Merge tag 'powerpc-5.12-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux · 95c7b075
      Linus Torvalds authored
      Pull powerpc fixes from Michael Ellerman:
       "Some some more powerpc fixes for 5.12:
      
         - Fix an oops triggered by ptrace when CONFIG_PPC_FPU_REGS=n
      
         - Fix an oops on sigreturn when the VDSO is unmapped on 32-bit
      
         - Fix vdso_wrapper.o not being rebuilt everytime vdso.so is rebuilt
      
        Thanks to Christophe Leroy"
      
      * tag 'powerpc-5.12-6' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
        powerpc/vdso: Make sure vdso_wrapper.o is rebuilt everytime vdso.so is rebuilt
        powerpc/signal32: Fix Oops on sigreturn with unmapped VDSO
        powerpc/ptrace: Don't return error when getting/setting FP regs without CONFIG_PPC_FPU_REGS
      95c7b075
    • Linus Torvalds's avatar
      Merge tag 'driver-core-5.12-rc7' of... · d5fa1dad
      Linus Torvalds authored
      Merge tag 'driver-core-5.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
      
      Pull driver core fix from Greg KH:
       "Here is a single driver core fix for 5.12-rc7 to resolve a reported
        problem that caused some devices to lockup when booting. It has been
        in linux-next with no reported issues"
      
      * tag 'driver-core-5.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
        driver core: Fix locking bug in deferred_probe_timeout_work_func()
      d5fa1dad
    • Linus Torvalds's avatar
      Merge tag 'usb-5.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb · 445e09e7
      Linus Torvalds authored
      Pull USB/Thunderbolt fixes from Greg KH:
       "Here are a few small USB and Thunderbolt driver fixes for 5.12-rc7 for
        reported issues:
      
         - thunderbolt leaks and off-by-one fix
      
         - cdnsp deque fix
      
         - usbip fixes for syzbot-reported issues
      
        All have been in linux-next with no reported problems"
      
      * tag 'usb-5.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
        usbip: synchronize event handler with sysfs code paths
        usbip: vudc synchronize sysfs code paths
        usbip: stub-dev synchronize sysfs code paths
        usbip: add sysfs_lock to synchronize sysfs code paths
        thunderbolt: Fix off by one in tb_port_find_retimer()
        thunderbolt: Fix a leak in tb_retimer_add()
        usb: cdnsp: Fixes issue with dequeuing requests after disabling endpoint
      445e09e7
    • Linus Torvalds's avatar
      Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux · 12a0cf72
      Linus Torvalds authored
      Pull i2c fixes from Wolfram Sang:
       "A mixture of driver and documentation bugfixes for I2C"
      
      * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux:
        i2c: imx: mention Oleksij as maintainer of the binding docs
        i2c: exynos5: correct top kerneldoc
        i2c: designware: Adjust bus_freq_hz when refuse high speed mode set
        i2c: hix5hd2: use the correct HiSilicon copyright
        i2c: gpio: update email address in binding docs
        i2c: imx: drop me as maintainer of binding docs
        i2c: stm32f4: Mundane typo fix
        I2C: JZ4780: Fix bug for Ingenic X1000.
        i2c: turn recovery error on init to debug
      12a0cf72
    • Naohiro Aota's avatar
      btrfs: zoned: move superblock logging zone location · 53b74fa9
      Naohiro Aota authored
      Moves the location of the superblock logging zones. The new locations of
      the logging zones are now determined based on fixed block addresses
      instead of on fixed zone numbers.
      
      The old placement method based on fixed zone numbers causes problems when
      one needs to inspect a file system image without access to the drive zone
      information. In such case, the super block locations cannot be reliably
      determined as the zone size is unknown. By locating the superblock logging
      zones using fixed addresses, we can scan a dumped file system image without
      the zone information since a super block copy will always be present at or
      after the fixed known locations.
      
      Introduce the following three pairs of zones containing fixed offset
      locations, regardless of the device zone size.
      
        - primary superblock: offset   0B (and the following zone)
        - first copy:         offset 512G (and the following zone)
        - Second copy:        offset   4T (4096G, and the following zone)
      
      If a logging zone is outside of the disk capacity, we do not record the
      superblock copy.
      
      The first copy position is much larger than for a non-zoned filesystem,
      which is at 64M.  This is to avoid overlapping with the log zones for
      the primary superblock. This higher location is arbitrary but allows
      supporting devices with very large zone sizes, plus some space around in
      between.
      
      Such large zone size is unrealistic and very unlikely to ever be seen in
      real devices. Currently, SMR disks have a zone size of 256MB, and we are
      expecting ZNS drives to be in the 1-4GB range, so this limit gives us
      room to breathe. For now, we only allow zone sizes up to 8GB. The
      maximum zone size that would still fit in the space is 256G.
      
      The fixed location addresses are somewhat arbitrary, with the intent of
      maintaining superblock reliability for smaller and larger devices, with
      the preference for the latter. For this reason, there are two superblocks
      under the first 1T. This should cover use cases for physical devices and
      for emulated/device-mapper devices.
      
      The superblock logging zones are reserved for superblock logging and
      never used for data or metadata blocks. Note that we only reserve the
      two zones per primary/copy actually used for superblock logging. We do
      not reserve the ranges of zones possibly containing superblocks with the
      largest supported zone size (0-16GB, 512G-528GB, 4096G-4112G).
      
      The zones containing the fixed location offsets used to store
      superblocks on a non-zoned volume are also reserved to avoid confusion.
      Signed-off-by: default avatarNaohiro Aota <naohiro.aota@wdc.com>
      Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
      53b74fa9
    • Linus Torvalds's avatar
      Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux · d4961772
      Linus Torvalds authored
      Pull clk fixes from Stephen Boyd:
       "Here's the latest pile of clk driver and clk framework fixes for this
        release:
      
         - Two clk framework fixes for a long standing issue in
           clk_notifier_{register,unregister}() where we used a pointer that
           was for a struct containing a list head when there was no container
           struct
      
         - A compile warning fix for socfpga that's good to have
      
         - A double free problem with devm registered fixed factor clks
      
         - One last fix to the Qualcomm camera clk driver to use the right clk
           ops so clks don't get stuck and stop working because the firmware
           takes them for a ride"
      
      * tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
        clk: fixed: fix double free in resource managed fixed-factor clock
        clk: fix invalid usage of list cursor in unregister
        clk: fix invalid usage of list cursor in register
        clk: qcom: camcc: Update the clock ops for the SC7180
        clk: socfpga: fix iomem pointer cast on 64-bit
      d4961772
    • Linus Torvalds's avatar
      Merge tag 'perf-tools-fixes-for-v5.12-2020-04-09' of... · 9288e1f7
      Linus Torvalds authored
      Merge tag 'perf-tools-fixes-for-v5.12-2020-04-09' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux
      
      Pull perf tool fixes from Arnaldo Carvalho de Melo:
      
       - Fix wrong LBR block sorting in 'perf report'
      
       - Fix 'perf inject' repipe usage when consuming perf.data files
      
       - Avoid potential buffer overrun when decoding ARM SPE hardware tracing
         packets, bug found using a fuzzer
      
      * tag 'perf-tools-fixes-for-v5.12-2020-04-09' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux:
        perf arm-spe: Avoid potential buffer overrun
        perf report: Fix wrong LBR block sorting
        perf inject: Fix repipe usage
      9288e1f7
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew) · adb2c417
      Linus Torvalds authored
      Merge misc fixes from Andrew Morton:
       "14 patches.
      
        Subsystems affected by this patch series: mm (kasan, gup, pagecache,
        and kfence), MAINTAINERS, mailmap, nds32, gcov, ocfs2, ia64, and lib"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
        kfence, x86: fix preemptible warning on KPTI-enabled systems
        lib/test_kasan_module.c: suppress unused var warning
        kasan: fix conflict with page poisoning
        fs: direct-io: fix missing sdio->boundary
        ia64: fix user_stack_pointer() for ptrace()
        ocfs2: fix deadlock between setattr and dio_end_io_write
        gcov: re-fix clang-11+ support
        nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff
        mm/gup: check page posion status for coredump.
        .mailmap: fix old email addresses
        mailmap: update email address for Jordan Crouse
        treewide: change my e-mail address, fix my name
        MAINTAINERS: update CZ.NIC's Turris information
      adb2c417
  3. 09 Apr, 2021 12 commits
    • Linus Torvalds's avatar
      Merge tag 'net-5.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net · 4e04e751
      Linus Torvalds authored
      Pull networking fixes from Jakub Kicinski:
       "Networking fixes for 5.12-rc7, including fixes from can, ipsec,
        mac80211, wireless, and bpf trees.
      
        No scary regressions here or in the works, but small fixes for 5.12
        changes keep coming.
      
        Current release - regressions:
      
         - virtio: do not pull payload in skb->head
      
         - virtio: ensure mac header is set in virtio_net_hdr_to_skb()
      
         - Revert "net: correct sk_acceptq_is_full()"
      
         - mptcp: revert "mptcp: provide subflow aware release function"
      
         - ethernet: lan743x: fix ethernet frame cutoff issue
      
         - dsa: fix type was not set for devlink port
      
         - ethtool: remove link_mode param and derive link params from driver
      
         - sched: htb: fix null pointer dereference on a null new_q
      
         - wireless: iwlwifi: Fix softirq/hardirq disabling in
           iwl_pcie_enqueue_hcmd()
      
         - wireless: iwlwifi: fw: fix notification wait locking
      
         - wireless: brcmfmac: p2p: Fix deadlock introduced by avoiding the
           rtnl dependency
      
        Current release - new code bugs:
      
         - napi: fix hangup on napi_disable for threaded napi
      
         - bpf: take module reference for trampoline in module
      
         - wireless: mt76: mt7921: fix airtime reporting and related tx hangs
      
         - wireless: iwlwifi: mvm: rfi: don't lock mvm->mutex when sending
           config command
      
        Previous releases - regressions:
      
         - rfkill: revert back to old userspace API by default
      
         - nfc: fix infinite loop, refcount & memory leaks in LLCP sockets
      
         - let skb_orphan_partial wake-up waiters
      
         - xfrm/compat: Cleanup WARN()s that can be user-triggered
      
         - vxlan, geneve: do not modify the shared tunnel info when PMTU
           triggers an ICMP reply
      
         - can: fix msg_namelen values depending on CAN_REQUIRED_SIZE
      
         - can: uapi: mark union inside struct can_frame packed
      
         - sched: cls: fix action overwrite reference counting
      
         - sched: cls: fix err handler in tcf_action_init()
      
         - ethernet: mlxsw: fix ECN marking in tunnel decapsulation
      
         - ethernet: nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
      
         - ethernet: i40e: fix receiving of single packets in xsk zero-copy
           mode
      
         - ethernet: cxgb4: avoid collecting SGE_QBASE regs during traffic
      
        Previous releases - always broken:
      
         - bpf: Refuse non-O_RDWR flags in BPF_OBJ_GET
      
         - bpf: Refcount task stack in bpf_get_task_stack
      
         - bpf, x86: Validate computation of branch displacements
      
         - ieee802154: fix many similar syzbot-found bugs
             - fix NULL dereferences in netlink attribute handling
             - reject unsupported operations on monitor interfaces
             - fix error handling in llsec_key_alloc()
      
         - xfrm: make ipv4 pmtu check honor ip header df
      
         - xfrm: make hash generation lock per network namespace
      
         - xfrm: esp: delete NETIF_F_SCTP_CRC bit from features for esp
           offload
      
         - ethtool: fix incorrect datatype in set_eee ops
      
         - xdp: fix xdp_return_frame() kernel BUG throw for page_pool memory
           model
      
         - openvswitch: fix send of uninitialized stack memory in ct limit
           reply
      
        Misc:
      
         - udp: add get handling for UDP_GRO sockopt"
      
      * tag 'net-5.12-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (182 commits)
        net: fix hangup on napi_disable for threaded napi
        net: hns3: Trivial spell fix in hns3 driver
        lan743x: fix ethernet frame cutoff issue
        net: ipv6: check for validity before dereferencing cfg->fc_nlinfo.nlh
        net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG bits
        net: dsa: lantiq_gswip: Don't use PHY auto polling
        net: sched: sch_teql: fix null-pointer dereference
        ipv6: report errors for iftoken via netlink extack
        net: sched: fix err handler in tcf_action_init()
        net: sched: fix action overwrite reference counting
        Revert "net: sched: bump refcount for new action in ACT replace mode"
        ice: fix memory leak of aRFS after resuming from suspend
        i40e: Fix sparse warning: missing error code 'err'
        i40e: Fix sparse error: 'vsi->netdev' could be null
        i40e: Fix sparse error: uninitialized symbol 'ring'
        i40e: Fix sparse errors in i40e_txrx.c
        i40e: Fix parameters in aq_get_phy_register()
        nl80211: fix beacon head validation
        bpf, x86: Validate computation of branch displacements for x86-32
        bpf, x86: Validate computation of branch displacements for x86-64
        ...
      4e04e751
    • Linus Torvalds's avatar
      Merge tag 'io_uring-5.12-2021-04-09' of git://git.kernel.dk/linux-block · 3b978435
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
       "Two minor fixups for the reissue logic, and one for making sure that
        unbounded work is canceled on io-wq exit"
      
      * tag 'io_uring-5.12-2021-04-09' of git://git.kernel.dk/linux-block:
        io-wq: cancel unbounded works on io-wq destroy
        io_uring: fix rw req completion
        io_uring: clear F_REISSUE right after getting it
      3b978435
    • Julian Braha's avatar
      lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS · 7d37cb2c
      Julian Braha authored
      When LATENCYTOP, LOCKDEP, or FAULT_INJECTION_STACKTRACE_FILTER is
      enabled and ARCH_WANT_FRAME_POINTERS is disabled, Kbuild gives a warning
      such as:
      
        WARNING: unmet direct dependencies detected for FRAME_POINTER
          Depends on [n]: DEBUG_KERNEL [=y] && (M68K || UML || SUPERH) || ARCH_WANT_FRAME_POINTERS [=n] || MCOUNT [=n]
          Selected by [y]:
          - LATENCYTOP [=y] && DEBUG_KERNEL [=y] && STACKTRACE_SUPPORT [=y] && PROC_FS [=y] && !MIPS && !PPC && !S390 && !MICROBLAZE && !ARM && !ARC && !X86
      
      Depending on ARCH_WANT_FRAME_POINTERS causes a recursive dependency
      error.  ARCH_WANT_FRAME_POINTERS is to be selected by the architecture,
      and is not supposed to be overridden by other config options.
      
      Link: https://lkml.kernel.org/r/20210329165329.27994-1-julianbraha@gmail.comSigned-off-by: default avatarJulian Braha <julianbraha@gmail.com>
      Cc: Andreas Schwab <schwab@linux-m68k.org>
      Cc: Geert Uytterhoeven <geert@linux-m68k.org>
      Cc: Necip Fazil Yildiran <fazilyildiran@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      7d37cb2c
    • Marco Elver's avatar
      kfence, x86: fix preemptible warning on KPTI-enabled systems · 6a77d38e
      Marco Elver authored
      On systems with KPTI enabled, we can currently observe the following
      warning:
      
        BUG: using smp_processor_id() in preemptible
        caller is invalidate_user_asid+0x13/0x50
        CPU: 6 PID: 1075 Comm: dmesg Not tainted 5.12.0-rc4-gda4a2b1a5479-kfence_1+ #1
        Hardware name: Hewlett-Packard HP Pro 3500 Series/2ABF, BIOS 8.11 10/24/2012
        Call Trace:
         dump_stack+0x7f/0xad
         check_preemption_disabled+0xc8/0xd0
         invalidate_user_asid+0x13/0x50
         flush_tlb_one_kernel+0x5/0x20
         kfence_protect+0x56/0x80
         ...
      
      While it normally makes sense to require preemption to be off, so that
      the expected CPU's TLB is flushed and not another, in our case it really
      is best-effort (see comments in kfence_protect_page()).
      
      Avoid the warning by disabling preemption around flush_tlb_one_kernel().
      
      Link: https://lore.kernel.org/lkml/YGIDBAboELGgMgXy@elver.google.com/
      Link: https://lkml.kernel.org/r/20210330065737.652669-1-elver@google.comSigned-off-by: default avatarMarco Elver <elver@google.com>
      Reported-by: default avatarTomi Sarvela <tomi.p.sarvela@intel.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Andrey Konovalov <andreyknvl@google.com>
      Cc: Jann Horn <jannh@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      6a77d38e
    • Andrew Morton's avatar
      lib/test_kasan_module.c: suppress unused var warning · e1566567
      Andrew Morton authored
      Local `unused' is intentionally unused - it is there to suppress
      __must_check warnings.
      Reported-by: default avatarkernel test robot <lkp@intel.com>
      Link: https://lkml.kernel.org/r/202104050216.HflRxfJm-lkp@intel.com
      Cc: Marco Elver <elver@google.com>
      Cc: Alexander Potapenko <glider@google.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e1566567
    • Andrey Konovalov's avatar
      kasan: fix conflict with page poisoning · 06b1f855
      Andrey Konovalov authored
      When page poisoning is enabled, it accesses memory that is marked as
      poisoned by KASAN, which leas to false-positive KASAN reports.
      
      Suppress the reports by adding KASAN annotations to unpoison_page()
      (poison_page() already has them).
      
      Link: https://lkml.kernel.org/r/2dc799014d31ac13fd97bd906bad33e16376fc67.1617118501.git.andreyknvl@google.comSigned-off-by: default avatarAndrey Konovalov <andreyknvl@google.com>
      Cc: Alexander Potapenko <glider@google.com>
      Cc: Marco Elver <elver@google.com>
      Cc: Dmitry Vyukov <dvyukov@google.com>
      Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>
      Cc: Andrey Konovalov <andreyknvl@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      06b1f855
    • Jack Qiu's avatar
      fs: direct-io: fix missing sdio->boundary · df41872b
      Jack Qiu authored
      I encountered a hung task issue, but not a performance one.  I run DIO
      on a device (need lba continuous, for example open channel ssd), maybe
      hungtask in below case:
      
        DIO:						Checkpoint:
        get addr A(at boundary), merge into BIO,
        no submit because boundary missing
      						flush dirty data(get addr A+1), wait IO(A+1)
      						writeback timeout, because DIO(A) didn't submit
        get addr A+2 fail, because checkpoint is doing
      
      dio_send_cur_page() may clear sdio->boundary, so prevent it from missing
      a boundary.
      
      Link: https://lkml.kernel.org/r/20210322042253.38312-1-jack.qiu@huawei.com
      Fixes: b1058b98 ("direct-io: submit bio after boundary buffer is added to it")
      Signed-off-by: default avatarJack Qiu <jack.qiu@huawei.com>
      Reviewed-by: default avatarJan Kara <jack@suse.cz>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      df41872b
    • Sergei Trofimovich's avatar
      ia64: fix user_stack_pointer() for ptrace() · 7ad1e366
      Sergei Trofimovich authored
      ia64 has two stacks:
      
       - memory stack (or stack), pointed at by by r12
      
       - register backing store (register stack), pointed at by
         ar.bsp/ar.bspstore with complications around dirty
         register frame on CPU.
      
      In [1] Dmitry noticed that PTRACE_GET_SYSCALL_INFO returns the register
      stack instead memory stack.
      
      The bug comes from the fact that user_stack_pointer() and
      current_user_stack_pointer() don't return the same register:
      
        ulong user_stack_pointer(struct pt_regs *regs) { return regs->ar_bspstore; }
        #define current_user_stack_pointer() (current_pt_regs()->r12)
      
      The change gets both back in sync.
      
      I think ptrace(PTRACE_GET_SYSCALL_INFO) is the only affected user by
      this bug on ia64.
      
      The change fixes 'rt_sigreturn.gen.test' strace test where it was
      observed initially.
      
      Link: https://bugs.gentoo.org/769614 [1]
      Link: https://lkml.kernel.org/r/20210331084447.2561532-1-slyfox@gentoo.orgSigned-off-by: default avatarSergei Trofimovich <slyfox@gentoo.org>
      Reported-by: default avatarDmitry V. Levin <ldv@altlinux.org>
      Cc: Oleg Nesterov <oleg@redhat.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      7ad1e366
    • Wengang Wang's avatar
      ocfs2: fix deadlock between setattr and dio_end_io_write · 90bd070a
      Wengang Wang authored
      The following deadlock is detected:
      
        truncate -> setattr path is waiting for pending direct IO to be done (inode->i_dio_count become zero) with inode->i_rwsem held (down_write).
      
        PID: 14827  TASK: ffff881686a9af80  CPU: 20  COMMAND: "ora_p005_hrltd9"
         #0  __schedule at ffffffff818667cc
         #1  schedule at ffffffff81866de6
         #2  inode_dio_wait at ffffffff812a2d04
         #3  ocfs2_setattr at ffffffffc05f322e [ocfs2]
         #4  notify_change at ffffffff812a5a09
         #5  do_truncate at ffffffff812808f5
         #6  do_sys_ftruncate.constprop.18 at ffffffff81280cf2
         #7  sys_ftruncate at ffffffff81280d8e
         #8  do_syscall_64 at ffffffff81003949
         #9  entry_SYSCALL_64_after_hwframe at ffffffff81a001ad
      
      dio completion path is going to complete one direct IO (decrement
      inode->i_dio_count), but before that it hung at locking inode->i_rwsem:
      
         #0  __schedule+700 at ffffffff818667cc
         #1  schedule+54 at ffffffff81866de6
         #2  rwsem_down_write_failed+536 at ffffffff8186aa28
         #3  call_rwsem_down_write_failed+23 at ffffffff8185a1b7
         #4  down_write+45 at ffffffff81869c9d
         #5  ocfs2_dio_end_io_write+180 at ffffffffc05d5444 [ocfs2]
         #6  ocfs2_dio_end_io+85 at ffffffffc05d5a85 [ocfs2]
         #7  dio_complete+140 at ffffffff812c873c
         #8  dio_aio_complete_work+25 at ffffffff812c89f9
         #9  process_one_work+361 at ffffffff810b1889
        #10  worker_thread+77 at ffffffff810b233d
        #11  kthread+261 at ffffffff810b7fd5
        #12  ret_from_fork+62 at ffffffff81a0035e
      
      Thus above forms ABBA deadlock.  The same deadlock was mentioned in
      upstream commit 28f5a8a7 ("ocfs2: should wait dio before inode lock
      in ocfs2_setattr()").  It seems that that commit only removed the
      cluster lock (the victim of above dead lock) from the ABBA deadlock
      party.
      
      End-user visible effects: Process hang in truncate -> ocfs2_setattr path
      and other processes hang at ocfs2_dio_end_io_write path.
      
      This is to fix the deadlock itself.  It removes inode_lock() call from
      dio completion path to remove the deadlock and add ip_alloc_sem lock in
      setattr path to synchronize the inode modifications.
      
      [wen.gang.wang@oracle.com: remove the "had_alloc_lock" as suggested]
        Link: https://lkml.kernel.org/r/20210402171344.1605-1-wen.gang.wang@oracle.com
      
      Link: https://lkml.kernel.org/r/20210331203654.3911-1-wen.gang.wang@oracle.comSigned-off-by: default avatarWengang Wang <wen.gang.wang@oracle.com>
      Reviewed-by: default avatarJoseph Qi <joseph.qi@linux.alibaba.com>
      Cc: Mark Fasheh <mark@fasheh.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Junxiao Bi <junxiao.bi@oracle.com>
      Cc: Changwei Ge <gechangwei@live.cn>
      Cc: Gang He <ghe@suse.com>
      Cc: Jun Piao <piaojun@huawei.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      90bd070a
    • Nick Desaulniers's avatar
      gcov: re-fix clang-11+ support · 9562fd13
      Nick Desaulniers authored
      LLVM changed the expected function signature for llvm_gcda_emit_function()
      in the clang-11 release.  Users of clang-11 or newer may have noticed
      their kernels producing invalid coverage information:
      
        $ llvm-cov gcov -a -c -u -f -b <input>.gcda -- gcno=<input>.gcno
        1 <func>: checksum mismatch, \
          (<lineno chksum A>, <cfg chksum B>) != (<lineno chksum A>, <cfg chksum C>)
        2 Invalid .gcda File!
        ...
      
      Fix up the function signatures so calling this function interprets its
      parameters correctly and computes the correct cfg checksum.  In
      particular, in clang-11, the additional checksum is no longer optional.
      
      Link: https://reviews.llvm.org/rG25544ce2df0daa4304c07e64b9c8b0f7df60c11d
      Link: https://lkml.kernel.org/r/20210408184631.1156669-1-ndesaulniers@google.comReported-by: default avatarPrasad Sodagudi <psodagud@quicinc.com>
      Tested-by: default avatarPrasad Sodagudi <psodagud@quicinc.com>
      Signed-off-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Reviewed-by: default avatarNathan Chancellor <nathan@kernel.org>
      Cc: <stable@vger.kernel.org>	[5.4+]
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      9562fd13
    • Mike Rapoport's avatar
      nds32: flush_dcache_page: use page_mapping_file to avoid races with swapoff · a3a8833d
      Mike Rapoport authored
      Commit cb9f753a ("mm: fix races between swapoff and flush dcache")
      updated flush_dcache_page implementations on several architectures to
      use page_mapping_file() in order to avoid races between page_mapping()
      and swapoff().
      
      This update missed arch/nds32 and there is a possibility of a race
      there.
      
      Replace page_mapping() with page_mapping_file() in nds32 implementation
      of flush_dcache_page().
      
      Link: https://lkml.kernel.org/r/20210330175126.26500-1-rppt@kernel.org
      Fixes: cb9f753a ("mm: fix races between swapoff and flush dcache")
      Signed-off-by: default avatarMike Rapoport <rppt@linux.ibm.com>
      Reviewed-by: default avatarMatthew Wilcox (Oracle) <willy@infradead.org>
      Acked-by: default avatarGreentime Hu <green.hu@gmail.com>
      Cc: Huang Ying <ying.huang@intel.com>
      Cc: Nick Hu <nickhu@andestech.com>
      Cc: Vincent Chen <deanbo422@gmail.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      a3a8833d
    • Aili Yao's avatar
      mm/gup: check page posion status for coredump. · d3378e86
      Aili Yao authored
      When we do coredump for user process signal, this may be an SIGBUS signal
      with BUS_MCEERR_AR or BUS_MCEERR_AO code, which means this signal is
      resulted from ECC memory fail like SRAR or SRAO, we expect the memory
      recovery work is finished correctly, then the get_dump_page() will not
      return the error page as its process pte is set invalid by
      memory_failure().
      
      But memory_failure() may fail, and the process's related pte may not be
      correctly set invalid, for current code, we will return the poison page,
      get it dumped, and then lead to system panic as its in kernel code.
      
      So check the poison status in get_dump_page(), and if TRUE, return NULL.
      
      There maybe other scenario that is also better to check the posion status
      and not to panic, so make a wrapper for this check, Thanks to David's
      suggestion(<david@redhat.com>).
      
      [akpm@linux-foundation.org: s/0/false/]
      [yaoaili@kingsoft.com: is_page_poisoned() arg cannot be null, per Matthew]
      
      Link: https://lkml.kernel.org/r/20210322115233.05e4e82a@alex-virtual-machine
      Link: https://lkml.kernel.org/r/20210319104437.6f30e80d@alex-virtual-machineSigned-off-by: default avatarAili Yao <yaoaili@kingsoft.com>
      Cc: David Hildenbrand <david@redhat.com>
      Cc: Matthew Wilcox <willy@infradead.org>
      Cc: Naoya Horiguchi <naoya.horiguchi@nec.com>
      Cc: Oscar Salvador <osalvador@suse.de>
      Cc: Mike Kravetz <mike.kravetz@oracle.com>
      Cc: Aili Yao <yaoaili@kingsoft.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      d3378e86