1. 14 May, 2020 5 commits
    • Linus Torvalds's avatar
      Merge tag 'for-linus-2020-05-13' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux · 8c1684bb
      Linus Torvalds authored
      Pull thread fix from Christian Brauner:
       "This contains a single fix for all exported legacy fork helpers to
        block accidental access to clone3() features in the upper 32 bits of
        their respective flags arguments.
      
        I got Cced on a glibc issue where someone reported consistent failures
        for the legacy clone() syscall on ppc64le when sign extension was
        performed (since the clone() syscall in glibc exposes the flags
        argument as an int whereas the kernel uses unsigned long).
      
        The legacy clone() syscall is odd in a bunch of ways and here two
        things interact:
      
         - First, legacy clone's flag argument is word-size dependent, i.e.
           it's an unsigned long whereas most system calls with flag arguments
           use int or unsigned int.
      
         - Second, legacy clone() ignores unknown and deprecated flags.
      
        The two of them taken together means that users on 64bit systems can
        pass garbage for the upper 32bit of the clone() syscall since forever
        and things would just work fine.
      
        The following program compiled on a 64bit kernel prior to v5.7-rc1
        will succeed and will fail post v5.7-rc1 with EBADF:
      
          int main(int argc, char *argv[])
          {
                pid_t pid;
      
                /* Note that legacy clone() has different argument ordering on
                 * different architectures so this won't work everywhere.
                 *
                 * Only set the upper 32 bits.
                 */
                pid = syscall(__NR_clone, 0xffffffff00000000 | SIGCHLD,
                              NULL, NULL, NULL, NULL);
                if (pid < 0)
                        exit(EXIT_FAILURE);
                if (pid == 0)
                        exit(EXIT_SUCCESS);
                if (wait(NULL) != pid)
                        exit(EXIT_FAILURE);
      
                exit(EXIT_SUCCESS);
          }
      
        Since legacy clone() couldn't be extended this was not a problem so
        far and nobody really noticed or cared since nothing in the kernel
        ever bothered to look at the upper 32 bits.
      
        But once we introduced clone3() and expanded the flag argument in
        struct clone_args to 64 bit we opened this can of worms. With the
        first flag-based extension to clone3() making use of the upper 32 bits
        of the flag argument we've effectively made it possible for the legacy
        clone() syscall to reach clone3() only flags on accident. The sign
        extension scenario is just the odd corner-case that we needed to
        figure this out.
      
        The reason we just realized this now and not already when we
        introduced CLONE_CLEAR_SIGHAND was that CLONE_INTO_CGROUP assumes that
        a valid cgroup file descriptor has been given - whereas
        CLONE_CLEAR_SIGHAND doesn't need to verify anything. It just silently
        resets the signal handlers to SIG_DFL.
      
        So the sign extension (or the user accidently passing garbage for the
        upper 32 bits) caused the CLONE_INTO_CGROUP bit to be raised and the
        kernel to error out when it didn't find a valid cgroup file
        descriptor.
      
        Note, I'm also capping kernel_thread()'s flag argument mainly because
        none of the new features make sense for kernel_thread() and we
        shouldn't risk them being accidently activated however unlikely. If we
        wanted to, we could even make kernel_thread() yell when an unknown
        flag has been set which it doesn't do right now. But it's not worth
        risking this in a bugfix imho"
      
      * tag 'for-linus-2020-05-13' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux:
        fork: prevent accidental access to clone3 features
      8c1684bb
    • Linus Torvalds's avatar
      Merge tag 'trace-v5.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace · f44d5c48
      Linus Torvalds authored
      Pull more tracing fixes from Steven Rostedt:
       "Various tracing fixes:
      
         - Fix a crash when having function tracing and function stack tracing
           on the command line.
      
           The ftrace trampolines are created as executable and read only. But
           the stack tracer tries to modify them with text_poke() which
           expects all kernel text to still be writable at boot. Keep the
           trampolines writable at boot, and convert them to read-only with
           the rest of the kernel.
      
         - A selftest was triggering in the ring buffer iterator code, that is
           no longer valid with the update of keeping the ring buffer writable
           while a iterator is reading.
      
           Just bail after three failed attempts to get an event and remove
           the warning and disabling of the ring buffer.
      
         - While modifying the ring buffer code, decided to remove all the
           unnecessary BUG() calls"
      
      * tag 'trace-v5.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        ring-buffer: Remove all BUG() calls
        ring-buffer: Don't deactivate the ring buffer on failed iterator reads
        x86/ftrace: Have ftrace trampolines turn read-only at the end of system boot up
      f44d5c48
    • Linus Torvalds's avatar
      Merge tag 'pm-5.7-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm · f492de9d
      Linus Torvalds authored
      Pull power management fix from Rafael Wysocki:
       "Prevent the suspend-to-idle internal loop from busy spinning after a
        spurious ACPI SCI wakeup in some cases"
      
      * tag 'pm-5.7-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
        ACPI: EC: PM: Avoid premature returns from acpi_s2idle_wake()
      f492de9d
    • Steven Rostedt (VMware)'s avatar
      ring-buffer: Remove all BUG() calls · da4d401a
      Steven Rostedt (VMware) authored
      There's a lot of checks to make sure the ring buffer is working, and if an
      anomaly is detected, it safely shuts itself down. But there's a few cases
      that it will call BUG(), which defeats the point of being safe (it crashes
      the kernel when an anomaly is found!). There's no reason for them. Switch
      them all to either WARN_ON_ONCE() (when no ring buffer descriptor is present),
      or to RB_WARN_ON() (when a ring buffer descriptor is present).
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      da4d401a
    • Steven Rostedt (VMware)'s avatar
      ring-buffer: Don't deactivate the ring buffer on failed iterator reads · 3d2353de
      Steven Rostedt (VMware) authored
      If the function tracer is running and the trace file is read (which uses the
      ring buffer iterator), the iterator can get in sync with the writes, and
      caues it to fail to find a page with content it can read three times. This
      causes a warning and deactivation of the ring buffer code.
      
      Looking at the other cases of failure to get an event, it appears that
      there's a chance that the writer could cause them too. Since the iterator is
      a "best effort" to read the ring buffer if there's an active writer (the
      consumer reader is made for this case "see trace_pipe"), if it fails to get
      an event after three tries, simply give up and return NULL. Don't warn, nor
      disable the ring buffer on this failure.
      
      Link: https://lore.kernel.org/r/20200429090508.GG5770@shao2-debianReported-by: default avatarkernel test robot <lkp@intel.com>
      Fixes: ff84c50c ("ring-buffer: Do not die if rb_iter_peek() fails more than thrice")
      Tested-by: default avatarSven Schnelle <svens@linux.ibm.com>
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      3d2353de
  2. 12 May, 2020 5 commits
    • Steven Rostedt (VMware)'s avatar
      x86/ftrace: Have ftrace trampolines turn read-only at the end of system boot up · 59566b0b
      Steven Rostedt (VMware) authored
      Booting one of my machines, it triggered the following crash:
      
       Kernel/User page tables isolation: enabled
       ftrace: allocating 36577 entries in 143 pages
       Starting tracer 'function'
       BUG: unable to handle page fault for address: ffffffffa000005c
       #PF: supervisor write access in kernel mode
       #PF: error_code(0x0003) - permissions violation
       PGD 2014067 P4D 2014067 PUD 2015063 PMD 7b253067 PTE 7b252061
       Oops: 0003 [#1] PREEMPT SMP PTI
       CPU: 0 PID: 0 Comm: swapper Not tainted 5.4.0-test+ #24
       Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./To be filled by O.E.M., BIOS SDBLI944.86P 05/08/2007
       RIP: 0010:text_poke_early+0x4a/0x58
       Code: 34 24 48 89 54 24 08 e8 bf 72 0b 00 48 8b 34 24 48 8b 4c 24 08 84 c0 74 0b 48 89 df f3 a4 48 83 c4 10 5b c3 9c 58 fa 48 89 df <f3> a4 50 9d 48 83 c4 10 5b e9 d6 f9 ff ff
      0 41 57 49
       RSP: 0000:ffffffff82003d38 EFLAGS: 00010046
       RAX: 0000000000000046 RBX: ffffffffa000005c RCX: 0000000000000005
       RDX: 0000000000000005 RSI: ffffffff825b9a90 RDI: ffffffffa000005c
       RBP: ffffffffa000005c R08: 0000000000000000 R09: ffffffff8206e6e0
       R10: ffff88807b01f4c0 R11: ffffffff8176c106 R12: ffffffff8206e6e0
       R13: ffffffff824f2440 R14: 0000000000000000 R15: ffffffff8206eac0
       FS:  0000000000000000(0000) GS:ffff88807d400000(0000) knlGS:0000000000000000
       CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
       CR2: ffffffffa000005c CR3: 0000000002012000 CR4: 00000000000006b0
       Call Trace:
        text_poke_bp+0x27/0x64
        ? mutex_lock+0x36/0x5d
        arch_ftrace_update_trampoline+0x287/0x2d5
        ? ftrace_replace_code+0x14b/0x160
        ? ftrace_update_ftrace_func+0x65/0x6c
        __register_ftrace_function+0x6d/0x81
        ftrace_startup+0x23/0xc1
        register_ftrace_function+0x20/0x37
        func_set_flag+0x59/0x77
        __set_tracer_option.isra.19+0x20/0x3e
        trace_set_options+0xd6/0x13e
        apply_trace_boot_options+0x44/0x6d
        register_tracer+0x19e/0x1ac
        early_trace_init+0x21b/0x2c9
        start_kernel+0x241/0x518
        ? load_ucode_intel_bsp+0x21/0x52
        secondary_startup_64+0xa4/0xb0
      
      I was able to trigger it on other machines, when I added to the kernel
      command line of both "ftrace=function" and "trace_options=func_stack_trace".
      
      The cause is the "ftrace=function" would register the function tracer
      and create a trampoline, and it will set it as executable and
      read-only. Then the "trace_options=func_stack_trace" would then update
      the same trampoline to include the stack tracer version of the function
      tracer. But since the trampoline already exists, it updates it with
      text_poke_bp(). The problem is that text_poke_bp() called while
      system_state == SYSTEM_BOOTING, it will simply do a memcpy() and not
      the page mapping, as it would think that the text is still read-write.
      But in this case it is not, and we take a fault and crash.
      
      Instead, lets keep the ftrace trampolines read-write during boot up,
      and then when the kernel executable text is set to read-only, the
      ftrace trampolines get set to read-only as well.
      
      Link: https://lkml.kernel.org/r/20200430202147.4dc6e2de@oasis.local.home
      
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Andy Lutomirski <luto@amacapital.net>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Josh Poimboeuf <jpoimboe@redhat.com>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: stable@vger.kernel.org
      Fixes: 768ae440 ("x86/ftrace: Use text_poke()")
      Acked-by: default avatarPeter Zijlstra <peterz@infradead.org>
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      59566b0b
    • Linus Torvalds's avatar
      Merge tag 'trace-v5.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace · 24085f70
      Linus Torvalds authored
      Pull tracing fixes from Steven Rostedt:
       "Fixes to previous fixes.
      
        Unfortunately, the last set of fixes introduced some minor bugs:
      
         - The bootconfig apply_xbc() leak fix caused the application to
           return a positive number on success, when it should have returned
           zero.
      
         - The preempt_irq_delay_thread fix to make the creation code wait for
           the kthread to finish to prevent it from executing after module
           unload, can now cause the kthread to exit before it even executes
           (preventing it to run its tests).
      
         - The fix to the bootconfig that fixed the initrd to remove the
           bootconfig from causing the kernel to panic, now prints a warning
           that the bootconfig is not found, even when bootconfig is not on
           the command line"
      
      * tag 'trace-v5.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
        bootconfig: Fix to prevent warning message if no bootconfig option
        tracing: Wait for preempt irq delay thread to execute
        tools/bootconfig: Fix apply_xbc() to return zero on success
      24085f70
    • Linus Torvalds's avatar
      Merge tag 'gpio-v5.7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio · 8ec91c0f
      Linus Torvalds authored
      Pull GPIO fixes from Linus Walleij:
       "Some GPIO fixes for v5.7, slightly overdue. Been learning MMUs and
        KASan that is why it's late. Bartosz helped me out, luckily!
      
         - Fix pin configuration in the PCA953x driver
      
         - Ruggedize the watch/unwatch ioctl()
      
         - Possible call to a sleeping function when holding a spinlock, avoid
           this
      
         - Fix UML builds with DT overlays
      
         - Mask Tegra GPIO IRQs during shutdown()"
      
      * tag 'gpio-v5.7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio:
        gpio: tegra: mask GPIO IRQs during IRQ shutdown
        gpio: of: Build fails if CONFIG_OF_DYNAMIC enabled without CONFIG_OF_GPIO
        gpiolib: don't call sleeping functions with a spinlock taken
        gpiolib: improve the robustness of watch/unwatch ioctl()
        gpio: pca953x: Fix pca953x_gpio_set_config
      8ec91c0f
    • Linus Torvalds's avatar
      Merge tag 'gfs2-v5.7-rc1.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2 · e719340f
      Linus Torvalds authored
      Pull gfs2 fixes from Andreas Gruenbacher:
       "Various gfs2 fixes.
      
        Fixes for bugs prior to v5.7:
         - Fix random block reads when reading fragmented journals (v5.2)
         - Fix a possible random memory access in gfs2_walk_metadata (v5.3)
      
        Fixes for v5.7:
         - Fix several overlooked gfs2_qa_get / gfs2_qa_put imbalances
         - Fix several bugs in the new filesystem withdraw logic"
      
      * tag 'gfs2-v5.7-rc1.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2:
        Revert "gfs2: Don't demote a glock until its revokes are written"
        gfs2: If go_sync returns error, withdraw but skip invalidate
        gfs2: Grab glock reference sooner in gfs2_add_revoke
        gfs2: don't call quota_unhold if quotas are not locked
        gfs2: move privileged user check to gfs2_quota_lock_check
        gfs2: remove check for quotas on in gfs2_quota_check
        gfs2: Change BUG_ON to an assert_withdraw in gfs2_quota_change
        gfs2: Fix problems regarding gfs2_qa_get and _put
        gfs2: More gfs2_find_jhead fixes
        gfs2: Another gfs2_walk_metadata fix
        gfs2: Fix use-after-free in gfs2_logd after withdraw
        gfs2: Fix BUG during unmount after file system withdraw
        gfs2: Fix error exit in do_xmote
        gfs2: fix withdraw sequence deadlock
      e719340f
    • Masami Hiramatsu's avatar
      bootconfig: Fix to prevent warning message if no bootconfig option · 611d0a95
      Masami Hiramatsu authored
      Commit de462e5f ("bootconfig: Fix to remove bootconfig
      data from initrd while boot") causes a cosmetic regression
      on dmesg, which warns "no bootconfig data" message without
      bootconfig cmdline option.
      
      Fix setup_boot_config() by moving no bootconfig check after
      commandline option check.
      
      Link: http://lkml.kernel.org/r/9b1ba335-071d-c983-89a4-2677b522dcc8@molgen.mpg.de
      Link: http://lkml.kernel.org/r/158916116468.21787.14558782332170588206.stgit@devnote2
      
      Fixes: de462e5f ("bootconfig: Fix to remove bootconfig data from initrd while boot")
      Reported-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Reviewed-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Signed-off-by: default avatarMasami Hiramatsu <mhiramat@kernel.org>
      Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
      611d0a95
  3. 11 May, 2020 5 commits
  4. 10 May, 2020 7 commits
    • Linus Torvalds's avatar
      Linux 5.7-rc5 · 2ef96a5b
      Linus Torvalds authored
      2ef96a5b
    • Linus Torvalds's avatar
      Merge tag 'x86-urgent-2020-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · c14cab26
      Linus Torvalds authored
      Pull x86 fixes from Thomas Gleixner:
       "A set of fixes for x86:
      
         - Ensure that direct mapping alias is always flushed when changing
           page attributes. The optimization for small ranges failed to do so
           when the virtual address was in the vmalloc or module space.
      
         - Unbreak the trace event registration for syscalls without arguments
           caused by the refactoring of the SYSCALL_DEFINE0() macro.
      
         - Move the printk in the TSC deadline timer code to a place where it
           is guaranteed to only be called once during boot and cannot be
           rearmed by clearing warn_once after boot. If it's invoked post boot
           then lockdep rightfully complains about a potential deadlock as the
           calling context is different.
      
         - A series of fixes for objtool and the ORC unwinder addressing
           variety of small issues:
      
             - Stack offset tracking for indirect CFAs in objtool ignored
               subsequent pushs and pops
      
             - Repair the unwind hints in the register clearing entry ASM code
      
             - Make the unwinding in the low level exit to usermode code stop
               after switching to the trampoline stack. The unwind hint is no
               longer valid and the ORC unwinder emits a warning as it can't
               find the registers anymore.
      
             - Fix unwind hints in switch_to_asm() and rewind_stack_do_exit()
               which caused objtool to generate bogus ORC data.
      
             - Prevent unwinder warnings when dumping the stack of a
               non-current task as there is no way to be sure about the
               validity because the dumped stack can be a moving target.
      
             - Make the ORC unwinder behave the same way as the frame pointer
               unwinder when dumping an inactive tasks stack and do not skip
               the first frame.
      
             - Prevent ORC unwinding before ORC data has been initialized
      
             - Immediately terminate unwinding when a unknown ORC entry type
               is found.
      
             - Prevent premature stop of the unwinder caused by IRET frames.
      
             - Fix another infinite loop in objtool caused by a negative
               offset which was not catched.
      
             - Address a few build warnings in the ORC unwinder and add
               missing static/ro_after_init annotations"
      
      * tag 'x86-urgent-2020-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        x86/unwind/orc: Move ORC sorting variables under !CONFIG_MODULES
        x86/apic: Move TSC deadline timer debug printk
        ftrace/x86: Fix trace event registration for syscalls without arguments
        x86/mm/cpa: Flush direct map alias during cpa
        objtool: Fix infinite loop in for_offset_range()
        x86/unwind/orc: Fix premature unwind stoppage due to IRET frames
        x86/unwind/orc: Fix error path for bad ORC entry type
        x86/unwind/orc: Prevent unwinding before ORC initialization
        x86/unwind/orc: Don't skip the first frame for inactive tasks
        x86/unwind: Prevent false warnings for non-current tasks
        x86/unwind/orc: Convert global variables to static
        x86/entry/64: Fix unwind hints in rewind_stack_do_exit()
        x86/entry/64: Fix unwind hints in __switch_to_asm()
        x86/entry/64: Fix unwind hints in kernel exit path
        x86/entry/64: Fix unwind hints in register clearing code
        objtool: Fix stack offset tracking for indirect CFAs
      c14cab26
    • Linus Torvalds's avatar
      Merge tag 'objtool-urgent-2020-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 8b000832
      Linus Torvalds authored
      Pull objtool fix from Thomas Gleixner:
       "A single fix for objtool to prevent an infinite loop in the
        jump table search which can be triggered when building the
        kernel with '-ffunction-sections'"
      
      * tag 'objtool-urgent-2020-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        objtool: Fix infinite loop in find_jump_table()
      8b000832
    • Linus Torvalds's avatar
      Merge tag 'locking-urgent-2020-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · bd2049f8
      Linus Torvalds authored
      Pull locking fix from Thomas Gleixner:
       "A single fix for the fallout of the recent futex uacess rework.
      
        With those changes GCC9 fails to analyze arch_futex_atomic_op_inuser()
        correctly and emits a 'maybe unitialized' warning. While we usually
        ignore compiler stupidity the conditional store is pointless anyway
        because the correct case has to store. For the fault case the extra
        store does no harm"
      
      * tag 'locking-urgent-2020-05-10' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        ARM: futex: Address build warning
      bd2049f8
    • Linus Torvalds's avatar
      Merge tag 'iommu-fixes-v5.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu · 27d2dcb1
      Linus Torvalds authored
      Pull iommu fixes from Joerg Roedel:
      
       - Race condition fixes for the AMD IOMMU driver.
      
         These are five patches fixing two race conditions around
         increase_address_space(). The first race condition was around the
         non-atomic update of the domain page-table root pointer and the
         variable containing the page-table depth (called mode). This is fixed
         now be merging page-table root and mode into one 64-bit field which
         is read/written atomically.
      
         The second race condition was around updating the page-table root
         pointer and making it public before the hardware caches were flushed.
         This could cause addresses to be mapped and returned to drivers which
         are not reachable by IOMMU hardware yet, causing IO page-faults. This
         is fixed too by adding the necessary flushes before a new page-table
         root is published.
      
         Related to the race condition fixes these patches also add a missing
         domain_flush_complete() barrier to update_domain() and a fix to bail
         out of the loop which tries to increase the address space when the
         call to increase_address_space() fails.
      
         Qian was able to trigger the race conditions under high load and
         memory pressure within a few days of testing. He confirmed that he
         has seen no issues anymore with the fixes included here.
      
       - Fix for a list-handling bug in the VirtIO IOMMU driver.
      
      * tag 'iommu-fixes-v5.7-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
        iommu/virtio: Reverse arguments to list_add
        iommu/amd: Do not flush Device Table in iommu_map_page()
        iommu/amd: Update Device Table in increase_address_space()
        iommu/amd: Call domain_flush_complete() in update_domain()
        iommu/amd: Do not loop forever when trying to increase address space
        iommu/amd: Fix race in increase_address_space()/fetch_pte()
      27d2dcb1
    • Linus Torvalds's avatar
      Merge tag 'block-5.7-2020-05-09' of git://git.kernel.dk/linux-block · 0a85ed6e
      Linus Torvalds authored
      Pull block fixes from Jens Axboe:
      
       - a small series fixing a use-after-free of bdi name (Christoph,Yufen)
      
       - NVMe fix for a regression with the smaller CQ update (Alexey)
      
       - NVMe fix for a hang at namespace scanning error recovery (Sagi)
      
       - fix race with blk-iocost iocg->abs_vdebt updates (Tejun)
      
      * tag 'block-5.7-2020-05-09' of git://git.kernel.dk/linux-block:
        nvme: fix possible hang when ns scanning fails during error recovery
        nvme-pci: fix "slimmer CQ head update"
        bdi: add a ->dev_name field to struct backing_dev_info
        bdi: use bdi_dev_name() to get device name
        bdi: move bdi_dev_name out of line
        vboxsf: don't use the source name in the bdi name
        iocost: protect iocg->abs_vdebt with iocg->waitq.lock
      0a85ed6e
    • Linus Torvalds's avatar
      gcc-10: mark more functions __init to avoid section mismatch warnings · e99332e7
      Linus Torvalds authored
      It seems that for whatever reason, gcc-10 ends up not inlining a couple
      of functions that used to be inlined before.  Even if they only have one
      single callsite - it looks like gcc may have decided that the code was
      unlikely, and not worth inlining.
      
      The code generation difference is harmless, but caused a few new section
      mismatch errors, since the (now no longer inlined) function wasn't in
      the __init section, but called other init functions:
      
         Section mismatch in reference from the function kexec_free_initrd() to the function .init.text:free_initrd_mem()
         Section mismatch in reference from the function tpm2_calc_event_log_size() to the function .init.text:early_memremap()
         Section mismatch in reference from the function tpm2_calc_event_log_size() to the function .init.text:early_memunmap()
      
      So add the appropriate __init annotation to make modpost not complain.
      In both cases there were trivially just a single callsite from another
      __init function.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      e99332e7
  5. 09 May, 2020 12 commits
    • Linus Torvalds's avatar
      Merge tag 'riscv-for-linus-5.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux · 2e28f3b1
      Linus Torvalds authored
      Pull RISC-V fixes from Palmer Dabbelt:
       "A smattering of fixes and cleanups:
      
         - Dead code removal.
      
         - Exporting riscv_cpuid_to_hartid_mask for modules.
      
         - Per-CPU tracking of ISA features.
      
         - Setting max_pfn correctly when probing memory.
      
         - Adding a note to the VDSO so glibc can check the kernel's version
           without a uname().
      
         - A fix to force the bootloader to initialize the boot spin tables,
           which still get used as a fallback when SBI-0.1 is enabled"
      
      * tag 'riscv-for-linus-5.7-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
        RISC-V: Remove unused code from STRICT_KERNEL_RWX
        riscv: force __cpu_up_ variables to put in data section
        riscv: add Linux note to vdso
        riscv: set max_pfn to the PFN of the last page
        RISC-V: Remove N-extension related defines
        RISC-V: Add bitmap reprensenting ISA features common across CPUs
        RISC-V: Export riscv_cpuid_to_hartid_mask() API
      2e28f3b1
    • Linus Torvalds's avatar
      gcc-10: avoid shadowing standard library 'free()' in crypto · 1a263ae6
      Linus Torvalds authored
      gcc-10 has started warning about conflicting types for a few new
      built-in functions, particularly 'free()'.
      
      This results in warnings like:
      
         crypto/xts.c:325:13: warning: conflicting types for built-in function ‘free’; expected ‘void(void *)’ [-Wbuiltin-declaration-mismatch]
      
      because the crypto layer had its local freeing functions called
      'free()'.
      
      Gcc-10 is in the wrong here, since that function is marked 'static', and
      thus there is no chance of confusion with any standard library function
      namespace.
      
      But the simplest thing to do is to just use a different name here, and
      avoid this gcc mis-feature.
      
      [ Side note: gcc knowing about 'free()' is in itself not the
        mis-feature: the semantics of 'free()' are special enough that a
        compiler can validly do special things when seeing it.
      
        So the mis-feature here is that gcc thinks that 'free()' is some
        restricted name, and you can't shadow it as a local static function.
      
        Making the special 'free()' semantics be a function attribute rather
        than tied to the name would be the much better model ]
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      1a263ae6
    • Linus Torvalds's avatar
      gcc-10: disable 'restrict' warning for now · adc71920
      Linus Torvalds authored
      gcc-10 now warns about passing aliasing pointers to functions that take
      restricted pointers.
      
      That's actually a great warning, and if we ever start using 'restrict'
      in the kernel, it might be quite useful.  But right now we don't, and it
      turns out that the only thing this warns about is an idiom where we have
      declared a few functions to be "printf-like" (which seems to make gcc
      pick up the restricted pointer thing), and then we print to the same
      buffer that we also use as an input.
      
      And people do that as an odd concatenation pattern, with code like this:
      
          #define sysfs_show_gen_prop(buffer, fmt, ...) \
              snprintf(buffer, PAGE_SIZE, "%s"fmt, buffer, __VA_ARGS__)
      
      where we have 'buffer' as both the destination of the final result, and
      as the initial argument.
      
      Yes, it's a bit questionable.  And outside of the kernel, people do have
      standard declarations like
      
          int snprintf( char *restrict buffer, size_t bufsz,
                        const char *restrict format, ... );
      
      where that output buffer is marked as a restrict pointer that cannot
      alias with any other arguments.
      
      But in the context of the kernel, that 'use snprintf() to concatenate to
      the end result' does work, and the pattern shows up in multiple places.
      And we have not marked our own version of snprintf() as taking restrict
      pointers, so the warning is incorrect for now, and gcc picks it up on
      its own.
      
      If we do start using 'restrict' in the kernel (and it might be a good
      idea if people find places where it matters), we'll need to figure out
      how to avoid this issue for snprintf and friends.  But in the meantime,
      this warning is not useful.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      adc71920
    • Linus Torvalds's avatar
      gcc-10: disable 'stringop-overflow' warning for now · 5a76021c
      Linus Torvalds authored
      This is the final array bounds warning removal for gcc-10 for now.
      
      Again, the warning is good, and we should re-enable all these warnings
      when we have converted all the legacy array declaration cases to
      flexible arrays. But in the meantime, it's just noise.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      5a76021c
    • Sagi Grimberg's avatar
      nvme: fix possible hang when ns scanning fails during error recovery · 59c7c3ca
      Sagi Grimberg authored
      When the controller is reconnecting, the host fails I/O and admin
      commands as the host cannot reach the controller. ns scanning may
      revalidate namespaces during that period and it is wrong to remove
      namespaces due to these failures as we may hang (see 205da243).
      
      One command that may fail is nvme_identify_ns_descs. Since we return
      success due to having ns identify descriptor list optional, we continue
      to compare ns identifiers in nvme_revalidate_disk, obviously fail and
      return -ENODEV to nvme_validate_ns, which will remove the namespace.
      
      Exactly what we don't want to happen.
      
      Fixes: 22802bf7 ("nvme: Namepace identification descriptor list is optional")
      Tested-by: default avatarAnton Eidelman <anton@lightbitslabs.com>
      Signed-off-by: default avatarSagi Grimberg <sagi@grimberg.me>
      Reviewed-by: default avatarKeith Busch <kbusch@kernel.org>
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      59c7c3ca
    • Alexey Dobriyan's avatar
      nvme-pci: fix "slimmer CQ head update" · a8de6639
      Alexey Dobriyan authored
      Pre-incrementing ->cq_head can't be done in memory because OOB value
      can be observed by another context.
      
      This devalues space savings compared to original code :-\
      
      	$ ./scripts/bloat-o-meter ../vmlinux-000 ../obj/vmlinux
      	add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-32 (-32)
      	Function                                     old     new   delta
      	nvme_poll_irqdisable                         464     456      -8
      	nvme_poll                                    455     447      -8
      	nvme_irq                                     388     380      -8
      	nvme_dev_disable                             955     947      -8
      
      But the code is minimal now: one read for head, one read for q_depth,
      one increment, one comparison, single instruction phase bit update and
      one write for new head.
      Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
      Reported-by: default avatarJohn Garry <john.garry@huawei.com>
      Tested-by: default avatarJohn Garry <john.garry@huawei.com>
      Fixes: e2a366a4 ("nvme-pci: slimmer CQ head update")
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      a8de6639
    • Christoph Hellwig's avatar
      bdi: add a ->dev_name field to struct backing_dev_info · 6bd87eec
      Christoph Hellwig authored
      Cache a copy of the name for the life time of the backing_dev_info
      structure so that we can reference it even after unregistering.
      
      Fixes: 68f23b89 ("memcg: fix a crash in wb_workfn when a device disappears")
      Reported-by: default avatarYufen Yu <yuyufen@huawei.com>
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Reviewed-by: default avatarJan Kara <jack@suse.cz>
      Reviewed-by: default avatarBart Van Assche <bvanassche@acm.org>
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      6bd87eec
    • Yufen Yu's avatar
      bdi: use bdi_dev_name() to get device name · d51cfc53
      Yufen Yu authored
      Use the common interface bdi_dev_name() to get device name.
      Signed-off-by: default avatarYufen Yu <yuyufen@huawei.com>
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Reviewed-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Reviewed-by: default avatarJan Kara <jack@suse.cz>
      Reviewed-by: default avatarBart Van Assche <bvanassche@acm.org>
      
      Add missing <linux/backing-dev.h> include BFQ
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      d51cfc53
    • Linus Torvalds's avatar
      gcc-10: disable 'array-bounds' warning for now · 44720996
      Linus Torvalds authored
      This is another fine warning, related to the 'zero-length-bounds' one,
      but hitting the same historical code in the kernel.
      
      Because C didn't historically support flexible array members, we have
      code that instead uses a one-sized array, the same way we have cases of
      zero-sized arrays.
      
      The one-sized arrays come from either not wanting to use the gcc
      zero-sized array extension, or from a slight convenience-feature, where
      particularly for strings, the size of the structure now includes the
      allocation for the final NUL character.
      
      So with a "char name[1];" at the end of a structure, you can do things
      like
      
             v = my_malloc(sizeof(struct vendor) + strlen(name));
      
      and avoid the "+1" for the terminator.
      
      Yes, the modern way to do that is with a flexible array, and using
      'offsetof()' instead of 'sizeof()', and adding the "+1" by hand.  That
      also technically gets the size "more correct" in that it avoids any
      alignment (and thus padding) issues, but this is another long-term
      cleanup thing that will not happen for 5.7.
      
      So disable the warning for now, even though it's potentially quite
      useful.  Having a slew of warnings that then hide more urgent new issues
      is not an improvement.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      44720996
    • Linus Torvalds's avatar
      gcc-10: disable 'zero-length-bounds' warning for now · 5c45de21
      Linus Torvalds authored
      This is a fine warning, but we still have a number of zero-length arrays
      in the kernel that come from the traditional gcc extension.  Yes, they
      are getting converted to flexible arrays, but in the meantime the gcc-10
      warning about zero-length bounds is very verbose, and is hiding other
      issues.
      
      I missed one actual build failure because it was hidden among hundreds
      of lines of warning.  Thankfully I caught it on the second go before
      pushing things out, but it convinced me that I really need to disable
      the new warnings for now.
      
      We'll hopefully be all done with our conversion to flexible arrays in
      the not too distant future, and we can then re-enable this warning.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      5c45de21
    • Linus Torvalds's avatar
      Stop the ad-hoc games with -Wno-maybe-initialized · 78a5255f
      Linus Torvalds authored
      We have some rather random rules about when we accept the
      "maybe-initialized" warnings, and when we don't.
      
      For example, we consider it unreliable for gcc versions < 4.9, but also
      if -O3 is enabled, or if optimizing for size.  And then various kernel
      config options disabled it, because they know that they trigger that
      warning by confusing gcc sufficiently (ie PROFILE_ALL_BRANCHES).
      
      And now gcc-10 seems to be introducing a lot of those warnings too, so
      it falls under the same heading as 4.9 did.
      
      At the same time, we have a very straightforward way to _enable_ that
      warning when wanted: use "W=2" to enable more warnings.
      
      So stop playing these ad-hoc games, and just disable that warning by
      default, with the known and straight-forward "if you want to work on the
      extra compiler warnings, use W=123".
      
      Would it be great to have code that is always so obvious that it never
      confuses the compiler whether a variable is used initialized or not?
      Yes, it would.  In a perfect world, the compilers would be smarter, and
      our source code would be simpler.
      
      That's currently not the world we live in, though.
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      78a5255f
    • Linus Torvalds's avatar
      Merge tag 'io_uring-5.7-2020-05-08' of git://git.kernel.dk/linux-block · 1d3962ae
      Linus Torvalds authored
      Pull io_uring fixes from Jens Axboe:
      
       - Fix finish_wait() balancing in file cancelation (Xiaoguang)
      
       - Ensure early cleanup of resources in ring map failure (Xiaoguang)
      
       - Ensure IORING_OP_SLICE does the right file mode checks (Pavel)
      
       - Remove file opening from openat/openat2/statx, it's not needed and
         messes with O_PATH
      
      * tag 'io_uring-5.7-2020-05-08' of git://git.kernel.dk/linux-block:
        io_uring: don't use 'fd' for openat/openat2/statx
        splice: move f_mode checks to do_{splice,tee}()
        io_uring: handle -EFAULT properly in io_uring_setup()
        io_uring: fix mismatched finish_wait() calls in io_uring_cancel_files()
      1d3962ae
  6. 08 May, 2020 6 commits