cbbfa7615c9245fd6663837b8775a6f45d3f2f01
881 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Ivaylo Georgiev
|
cbbfa7615c |
Merge android-4.19-q.88 (47d86d5) into msm-4.19
* refs/heads/tmp-47d86d5: Linux 4.19.88 net: fec: fix clock count mis-match platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer dmaengine: stm32-dma: check whether length is aligned on FIFO threshold ASoC: stm32: sai: add missing put_device() ASoC: stm32: i2s: fix IRQ clearing ASoC: stm32: i2s: fix 16 bit format support ASoC: stm32: i2s: fix dma configuration pinctrl: stm32: fix memory leak issue mailbox: mailbox-test: fix null pointer if no mmio clk: stm32mp1: parent clocks update clk: stm32mp1: add CLK_SET_RATE_NO_REPARENT to Kernel clocks clk: stm32mp1: fix mcu divider table clk: stm32mp1: fix HSI divider flag hwrng: stm32 - fix unbalanced pm_runtime_enable media: stm32-dcmi: fix check of pm_runtime_get_sync return value media: stm32-dcmi: fix DMA corruption when stopping streaming crypto: stm32/hash - Fix hmac issue more than 256 bytes HID: core: check whether Usage Page item is after Usage ID items tcp: exit if nothing to retransmit on RTO timeout mailbox: stm32_ipcc: add spinlock to fix channels concurrent access drm/atmel-hlcdc: revert shift by 8 mtd: spi-nor: cast to u64 to avoid uint overflows mtd: rawnand: atmel: fix possible object reference leak mtd: rawnand: atmel: Fix spelling mistake in error message net: macb driver, check for SKBTX_HW_TSTAMP net: macb: Fix SUBNS increment and increase resolution watchdog: sama5d4: fix WDD value to be always set to max ext4: add more paranoia checking in ext4_expand_extra_isize handling net: macb: add missed tasklet_kill net: sched: fix `tc -s class show` no bstats on class with nolock subqueues sctp: cache netns in sctp_ep_common tipc: fix link name length check selftests: bpf: test_sockmap: handle file creation failures gracefully openvswitch: remove another BUG_ON() openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() slip: Fix use-after-free Read in slip_open sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook openvswitch: fix flow command message size net: psample: fix skb_over_panic macvlan: schedule bc_work even if error media: atmel: atmel-isc: fix INIT_WORK misplacement media: atmel: atmel-isc: fix asd memory allocation pwm: Clear chip_data in pwm_put() net: macb: fix error format in dev_err() media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE xfrm: Fix memleak on xfrm state destroy thunderbolt: Power cycle the router if NVM authentication fails mei: me: add comet point V device id mei: bus: prefix device names on bus with the bus name USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids staging: rtl8723bs: Drop ACPI device ids staging: rtl8192e: fix potential use after free usb: dwc2: use a longer core rest timeout in dwc2_core_reset() clk: at91: generated: set audio_pll_allowed in at91_clk_register_generated() clk: at91: fix update bit maps on CFG_MOR write mm, gup: add missing refcount overflow checks on s390 mtd: Remove a debug trace in mtdpart.c xdp: fix cpumap redirect SKB creation bug powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp RDMA/hns: Fix the state of rereg mr RDMA/hns: Bugfix for the scene without receiver queue RDMA/hns: Fix the bug with updating rq head pointer when flush cqe scsi: libsas: Check SMP PHY control function result scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned ACPI / APEI: Switch estatus pool to use vmalloc memory ACPI / APEI: Don't wait to serialise with oops messages when panic()ing scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery apparmor: delete the dentry in aafs_remove() to avoid a leak iommu/amd: Fix NULL dereference bug in match_hid_uid net: hns3: fix an issue for hns3_update_new_int_gl net: hns3: fix an issue for hclgevf_ae_get_hdev net: hns3: fix PFC not setting problem for DCB module net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED bpf: drop refcount if bpf_map_new_fd() fails in map_create() kvm: properly check debugfs dentry before using it net: dev: Use unsigned integer as an argument to left-shift mmc: core: align max segment size with logical block size bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() sctp: don't compare hb_timer expire date before starting it net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap net: ip_gre: do not report erspan_ver for gre or gretap net: fix possible overflow in __sk_mem_raise_allocated() geneve: change NET_UDP_TUNNEL dependency to select sfc: initialise found bitmap in efx_ef10_mtd_probe ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI tipc: fix skb may be leaky in tipc_link_input net/smc: fix byte_order for rx_curs_confirmed blktrace: Show requests without sector net/smc: fix sender_free computation xfs: end sync buffer I/O properly on shutdown error mm/hotplug: invalid PFNs from pfn_to_online_page() net/smc: don't wait for send buffer space when data was already sent net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() decnet: fix DN_IFREQ_SIZE ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change serial: 8250: Fix serial8250 initialization crash net/core/neighbour: fix kmemleak minimal reference count for hash tables PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs net/core/neighbour: tell kmemleak about hash tables tipc: fix memory leak in tipc_nl_compat_publ_dump mtd: Check add_mtd_device() ret code lib/genalloc.c: include vmalloc.h drivers/base/platform.c: kmemleak ignore a known leak fork: fix some -Wmissing-prototypes warnings lib/genalloc.c: use vzalloc_node() to allocate the bitmap lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk firmware: arm_sdei: Fix DT platform device creation firmware: arm_sdei: fix wrong of_node_put() in init function infiniband/qedr: Potential null ptr dereference of qp infiniband: bnxt_re: qplib: Check the return value of send_message xprtrdma: Prevent leak of rpcrdma_rep objects netfilter: nf_tables: fix a missing check of nla_put_failure tools/vm/page-types.c: fix "kpagecount returned fewer pages than expected" failures mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() mm/page_alloc.c: use a single function to free page mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n ocfs2: clear journal dirty flag after shutdown journal net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe() net: marvell: fix a missing check of acpi_match_device tipc: fix a missing check of genlmsg_put atl1e: checking the status of atl1e_write_phy_reg net: dsa: bcm_sf2: Propagate error value from mdio_write net: stmicro: fix a missing check of clk_prepare net: (cpts) fix a missing check of clk_prepare um: Make GCOV depend on !KCOV um: Include sys/uio.h to have writev() f2fs: fix to dirty inode synchronously f2fs: fix block address for __check_sit_bitmap net/net_namespace: Check the return value of register_pernet_subsys() net/netlink_compat: Fix a missing check of nla_parse_nested pwm: clps711x: Fix period calculation crypto: mxc-scc - fix build warnings on ARM64 powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y powerpc/pseries: Fix node leak in update_lmb_associativity_index() powerpc/83xx: handle machine check caused by watchdog timer regulator: tps65910: fix a missing check of return value bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't IB/rxe: Make counters thread safe drbd: fix print_st_err()'s prototype to match the definition drbd: do not block when adjusting "disk-options" while IO is frozen drbd: reject attach of unsuitable uuids even if connected drbd: ignore "all zero" peer volume sizes in handshake powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status vfio/spapr_tce: Get rid of possible infinite loop powerpc/44x/bamboo: Fix PCI range powerpc/mm: Make NULL pointer deferences explicit on bad page faults. powerpc/prom: fix early DEBUG messages powerpc/32: Avoid unsupported flags with clang powerpc/perf: Fix unit_sel/cache_sel checks ath6kl: Fix off by one error in scan completion ath6kl: Only use match sets when firmware supports it brcmfmac: Fix access point mode scsi: csiostor: fix incorrect dma device in case of vport scsi: qla2xxx: deadlock by configfs_depend_item RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer openrisc: Fix broken paths to arch/or32 serial: max310x: Fix tx_empty() callback Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading drivers/regulator: fix a missing check of return value powerpc/xmon: fix dump_segments() powerpc/book3s/32: fix number of bats in p/v_block_mapped() vxlan: Fix error path in __vxlan_dev_create() clocksource/drivers/fttmr010: Fix invalid interrupt register access IB/qib: Fix an error code in qib_sdma_verbs_send() xfs: Fix bulkstat compat ioctls on x32 userspace. xfs: Align compat attrlist_by_handle with native implementation. dm raid: fix false -EBUSY when handling check/repair message gfs2: take jdata unstuff into account in do_grow dm flakey: Properly corrupt multi-page bios. HID: doc: fix wrong data structure reference for UHID_OUTPUT pinctrl: sh-pfc: sh7734: Fix shifted values in IPSR10 pinctrl: sh-pfc: sh7264: Fix PFCR3 and PFCR0 register configuration pinctrl: sh-pfc: r8a77990: Fix MOD_SEL0 SEL_I2C1 field width KVM: s390: unregister debug feature on failing arch init bnxt_en: query force speeds before disabling autoneg mode. bnxt_en: Save ring statistics before reset. bnxt_en: Return linux standard errors in bnxt_ethtool.c exofs_mount(): fix leaks on failure exits netfilter: nf_nat_sip: fix RTP/RTCP source port translations net/mlx5: Continue driver initialization despite debugfs failure pinctrl: xway: fix gpio-hog related boot issues memory: omap-gpmc: Get the header of the enum vfio-mdev/samples: Use u8 instead of char for handle functions kprobes/x86: Show x86-64 specific blacklisted symbols correctly kprobes: Blacklist symbols in arch-defined prohibited area xen/pciback: Check dev_data before using it kprobes/x86/xen: blacklist non-attachable xen interrupt functions serial: 8250: Rate limit serial port rx interrupts during input overruns gpio: raspberrypi-exp: decrease refcount on firmware dt node HID: intel-ish-hid: fixes incorrect error handling serial: sh-sci: Fix crash in rx_timer_fn() on PIO fallback btrfs: only track ref_heads in delayed_ref_updates Btrfs: allow clear_extent_dirty() to receive a cached extent state record btrfs: dev-replace: set result code of cancel by status of scrub btrfs: fix ncopies raid_attr for RAID56 btrfs: Check for missing device before bio submission in btrfs_map_bio usb: ehci-omap: Fix deferred probe for phy handling mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET mmc: meson-gx: make sure the descriptor is stopped on errors VSOCK: bind to random port for VMADDR_PORT_ANY crypto/chelsio/chtls: listen fails with multiadapt Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" kvm: vmx: Set IA32_TSC_AUX for legacy mode guests gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB gpio: pca953x: Fix AI overflow on PCAL6524 iwlwifi: pcie: set cmd_len in the correct place iwlwifi: pcie: fix erroneous print iwlwifi: mvm: force TCM re-evaluation on TCM resume iwlwifi: move iwl_nvm_check_version() into dvm microblaze: fix multiple bugs in arch/microblaze/boot/Makefile microblaze: move "... is ready" messages to arch/microblaze/Makefile microblaze: adjust the help to the real behavior ubi: Do not drop UBI device reference before using ubi: Put MTD device after it is not used ubifs: Fix default compression selection in ubifs nvme: fix kernel paging oops xfs: require both realtime inodes to mount bcache: do not mark writeback_running too early bcache: do not check if debug dentry is ERR or NULL explicitly on remove rtl818x: fix potential use after free brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 brcmfmac: set F2 watermark to 256 for 4373 mwifiex: debugfs: correct histogram spacing, formatting mwifiex: fix potential NULL dereference and use after free arm64: dts: renesas: draak: Fix CVBS input crypto: user - support incremental algorithm dumps s390/zcrypt: make sysfs reset attribute trigger queue reset nvme: provide fallback for discard alloc failure scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port scsi: qla2xxx: Fix NPIV handling for FC-NVMe scsi: lpfc: Enable Management features for IF_TYPE=6 ACPI / LPSS: Ignore acpi_device_fix_up_power() return value ARM: ks8695: fix section mismatch warning xfs: zero length symlinks are not valid PM / AVS: SmartReflex: NULL check before some freeing functions is not needed RDMA/vmw_pvrdma: Use atomic memory allocation in create AH arm64: preempt: Fix big-endian when checking preempt count in assembly RDMA/hns: Fix the bug while use multi-hop of pbl ARM: OMAP1: fix USB configuration for device-only setups platform/x86: mlx-platform: Fix LED configuration bus: ti-sysc: Check for no-reset and no-idle flags at the child level arm64: smp: Handle errors reported by the firmware arm64: mm: Prevent mismatched 52-bit VA support ARM: dts: Fix hsi gdd range for omap4 parisc: Fix HP SDC hpa address output parisc: Fix serio address output ARM: dts: imx53-voipac-dmm-668: Fix memory node duplication ARM: dts: imx25: Fix memory node duplication ARM: dts: imx27: Fix memory node duplication ARM: dts: imx1: Fix memory node duplication ARM: dts: imx23: Fix memory node duplication ARM: dts: imx50: Fix memory node duplication ARM: dts: imx6sl: Fix memory node duplication ARM: dts: imx6sx: Fix memory node duplication ARM: dts: imx6ul: Fix memory node duplication ARM: dts: imx7: Fix memory node duplication ARM: dts: imx35: Fix memory node duplication ARM: dts: imx31: Fix memory node duplication ARM: dts: imx53: Fix memory node duplication ARM: dts: imx51: Fix memory node duplication ARM: debug-imx: only define DEBUG_IMX_UART_PORT if needed tracing: Lock event_mutex before synth_event_mutex ARM: dts: Fix up SQ201 flash access scsi: lpfc: Fix dif and first burst use in write commands scsi: lpfc: Fix kernel Oops due to null pring pointers scsi: target/tcmu: Fix queue_cmd_ring() declaration pwm: bcm-iproc: Prevent unloading the driver module while in use block: drbd: remove a stray unlock in __drbd_send_protocol() mac80211: fix station inactive_time shortly after boot net/fq_impl: Switch to kvmalloc() for memory allocation ceph: return -EINVAL if given fsc mount option on kernel w/o support net: mscc: ocelot: fix __ocelot_rmw_ix prototype net: bcmgenet: reapply manual settings to the PHY net: bcmgenet: use RGMII loopback for MAC reset scripts/gdb: fix debugging modules compiled with hot/cold partitioning ASoC: stm32: sai: add restriction on mmap support watchdog: meson: Fix the wrong value of left time can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit race condition can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open can: peak_usb: report bus recovery as well bridge: ebtables: don't crash when using dnat target in output chains net: fec: add missed clk_disable_unprepare in remove clk: ti: clkctrl: Fix failed to enable error with double udelay timeout clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call x86/resctrl: Prevent NULL pointer dereference when reading mondata idr: Fix idr_alloc_u32 on 32-bit systems idr: Fix integer overflow in idr_for_each_entry powerpc/bpf: Fix tail call implementation samples/bpf: fix build by setting HAVE_ATTR_TEST to zero ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup clk: at91: avoid sleeping early reset: fix reset_control_ops kerneldoc comment ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts pinctrl: cherryview: Allocate IRQ chip dynamic clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume ASoC: kirkwood: fix device remove ordering ASoC: kirkwood: fix external clock probe defer clk: samsung: exynos5433: Fix error paths reset: Fix memory leak in reset_control_array_put() ASoC: compress: fix unsigned integer overflow check ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX clocksource/drivers/mediatek: Fix error handling clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate Conflicts: drivers/mmc/core/queue.c Change-Id: I17f5829400ece4e39be4c9f6223fff206c710d06 Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
47d86d5c55 |
Merge 4.19.88 into android-4.19-q
Changes in 4.19.88 clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate clocksource/drivers/mediatek: Fix error handling ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX ASoC: compress: fix unsigned integer overflow check reset: Fix memory leak in reset_control_array_put() clk: samsung: exynos5433: Fix error paths ASoC: kirkwood: fix external clock probe defer ASoC: kirkwood: fix device remove ordering clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume pinctrl: cherryview: Allocate IRQ chip dynamic ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts reset: fix reset_control_ops kerneldoc comment clk: at91: avoid sleeping early clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend samples/bpf: fix build by setting HAVE_ATTR_TEST to zero powerpc/bpf: Fix tail call implementation idr: Fix integer overflow in idr_for_each_entry idr: Fix idr_alloc_u32 on 32-bit systems x86/resctrl: Prevent NULL pointer dereference when reading mondata clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call clk: ti: clkctrl: Fix failed to enable error with double udelay timeout net: fec: add missed clk_disable_unprepare in remove bridge: ebtables: don't crash when using dnat target in output chains can: peak_usb: report bus recovery as well can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit race condition watchdog: meson: Fix the wrong value of left time ASoC: stm32: sai: add restriction on mmap support scripts/gdb: fix debugging modules compiled with hot/cold partitioning net: bcmgenet: use RGMII loopback for MAC reset net: bcmgenet: reapply manual settings to the PHY net: mscc: ocelot: fix __ocelot_rmw_ix prototype ceph: return -EINVAL if given fsc mount option on kernel w/o support net/fq_impl: Switch to kvmalloc() for memory allocation mac80211: fix station inactive_time shortly after boot block: drbd: remove a stray unlock in __drbd_send_protocol() pwm: bcm-iproc: Prevent unloading the driver module while in use scsi: target/tcmu: Fix queue_cmd_ring() declaration scsi: lpfc: Fix kernel Oops due to null pring pointers scsi: lpfc: Fix dif and first burst use in write commands ARM: dts: Fix up SQ201 flash access tracing: Lock event_mutex before synth_event_mutex ARM: debug-imx: only define DEBUG_IMX_UART_PORT if needed ARM: dts: imx51: Fix memory node duplication ARM: dts: imx53: Fix memory node duplication ARM: dts: imx31: Fix memory node duplication ARM: dts: imx35: Fix memory node duplication ARM: dts: imx7: Fix memory node duplication ARM: dts: imx6ul: Fix memory node duplication ARM: dts: imx6sx: Fix memory node duplication ARM: dts: imx6sl: Fix memory node duplication ARM: dts: imx50: Fix memory node duplication ARM: dts: imx23: Fix memory node duplication ARM: dts: imx1: Fix memory node duplication ARM: dts: imx27: Fix memory node duplication ARM: dts: imx25: Fix memory node duplication ARM: dts: imx53-voipac-dmm-668: Fix memory node duplication parisc: Fix serio address output parisc: Fix HP SDC hpa address output ARM: dts: Fix hsi gdd range for omap4 arm64: mm: Prevent mismatched 52-bit VA support arm64: smp: Handle errors reported by the firmware bus: ti-sysc: Check for no-reset and no-idle flags at the child level platform/x86: mlx-platform: Fix LED configuration ARM: OMAP1: fix USB configuration for device-only setups RDMA/hns: Fix the bug while use multi-hop of pbl arm64: preempt: Fix big-endian when checking preempt count in assembly RDMA/vmw_pvrdma: Use atomic memory allocation in create AH PM / AVS: SmartReflex: NULL check before some freeing functions is not needed xfs: zero length symlinks are not valid ARM: ks8695: fix section mismatch warning ACPI / LPSS: Ignore acpi_device_fix_up_power() return value scsi: lpfc: Enable Management features for IF_TYPE=6 scsi: qla2xxx: Fix NPIV handling for FC-NVMe scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port nvme: provide fallback for discard alloc failure s390/zcrypt: make sysfs reset attribute trigger queue reset crypto: user - support incremental algorithm dumps arm64: dts: renesas: draak: Fix CVBS input mwifiex: fix potential NULL dereference and use after free mwifiex: debugfs: correct histogram spacing, formatting brcmfmac: set F2 watermark to 256 for 4373 brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 rtl818x: fix potential use after free bcache: do not check if debug dentry is ERR or NULL explicitly on remove bcache: do not mark writeback_running too early xfs: require both realtime inodes to mount nvme: fix kernel paging oops ubifs: Fix default compression selection in ubifs ubi: Put MTD device after it is not used ubi: Do not drop UBI device reference before using microblaze: adjust the help to the real behavior microblaze: move "... is ready" messages to arch/microblaze/Makefile microblaze: fix multiple bugs in arch/microblaze/boot/Makefile iwlwifi: move iwl_nvm_check_version() into dvm iwlwifi: mvm: force TCM re-evaluation on TCM resume iwlwifi: pcie: fix erroneous print iwlwifi: pcie: set cmd_len in the correct place gpio: pca953x: Fix AI overflow on PCAL6524 gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB kvm: vmx: Set IA32_TSC_AUX for legacy mode guests Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" crypto/chelsio/chtls: listen fails with multiadapt VSOCK: bind to random port for VMADDR_PORT_ANY mmc: meson-gx: make sure the descriptor is stopped on errors mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET usb: ehci-omap: Fix deferred probe for phy handling btrfs: Check for missing device before bio submission in btrfs_map_bio btrfs: fix ncopies raid_attr for RAID56 btrfs: dev-replace: set result code of cancel by status of scrub Btrfs: allow clear_extent_dirty() to receive a cached extent state record btrfs: only track ref_heads in delayed_ref_updates serial: sh-sci: Fix crash in rx_timer_fn() on PIO fallback HID: intel-ish-hid: fixes incorrect error handling gpio: raspberrypi-exp: decrease refcount on firmware dt node serial: 8250: Rate limit serial port rx interrupts during input overruns kprobes/x86/xen: blacklist non-attachable xen interrupt functions xen/pciback: Check dev_data before using it kprobes: Blacklist symbols in arch-defined prohibited area kprobes/x86: Show x86-64 specific blacklisted symbols correctly vfio-mdev/samples: Use u8 instead of char for handle functions memory: omap-gpmc: Get the header of the enum pinctrl: xway: fix gpio-hog related boot issues net/mlx5: Continue driver initialization despite debugfs failure netfilter: nf_nat_sip: fix RTP/RTCP source port translations exofs_mount(): fix leaks on failure exits bnxt_en: Return linux standard errors in bnxt_ethtool.c bnxt_en: Save ring statistics before reset. bnxt_en: query force speeds before disabling autoneg mode. KVM: s390: unregister debug feature on failing arch init pinctrl: sh-pfc: r8a77990: Fix MOD_SEL0 SEL_I2C1 field width pinctrl: sh-pfc: sh7264: Fix PFCR3 and PFCR0 register configuration pinctrl: sh-pfc: sh7734: Fix shifted values in IPSR10 HID: doc: fix wrong data structure reference for UHID_OUTPUT dm flakey: Properly corrupt multi-page bios. gfs2: take jdata unstuff into account in do_grow dm raid: fix false -EBUSY when handling check/repair message xfs: Align compat attrlist_by_handle with native implementation. xfs: Fix bulkstat compat ioctls on x32 userspace. IB/qib: Fix an error code in qib_sdma_verbs_send() clocksource/drivers/fttmr010: Fix invalid interrupt register access vxlan: Fix error path in __vxlan_dev_create() powerpc/book3s/32: fix number of bats in p/v_block_mapped() powerpc/xmon: fix dump_segments() drivers/regulator: fix a missing check of return value Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading serial: max310x: Fix tx_empty() callback openrisc: Fix broken paths to arch/or32 RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer scsi: qla2xxx: deadlock by configfs_depend_item scsi: csiostor: fix incorrect dma device in case of vport brcmfmac: Fix access point mode ath6kl: Only use match sets when firmware supports it ath6kl: Fix off by one error in scan completion powerpc/perf: Fix unit_sel/cache_sel checks powerpc/32: Avoid unsupported flags with clang powerpc/prom: fix early DEBUG messages powerpc/mm: Make NULL pointer deferences explicit on bad page faults. powerpc/44x/bamboo: Fix PCI range vfio/spapr_tce: Get rid of possible infinite loop powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status drbd: ignore "all zero" peer volume sizes in handshake drbd: reject attach of unsuitable uuids even if connected drbd: do not block when adjusting "disk-options" while IO is frozen drbd: fix print_st_err()'s prototype to match the definition IB/rxe: Make counters thread safe bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't regulator: tps65910: fix a missing check of return value powerpc/83xx: handle machine check caused by watchdog timer powerpc/pseries: Fix node leak in update_lmb_associativity_index() powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y crypto: mxc-scc - fix build warnings on ARM64 pwm: clps711x: Fix period calculation net/netlink_compat: Fix a missing check of nla_parse_nested net/net_namespace: Check the return value of register_pernet_subsys() f2fs: fix block address for __check_sit_bitmap f2fs: fix to dirty inode synchronously um: Include sys/uio.h to have writev() um: Make GCOV depend on !KCOV net: (cpts) fix a missing check of clk_prepare net: stmicro: fix a missing check of clk_prepare net: dsa: bcm_sf2: Propagate error value from mdio_write atl1e: checking the status of atl1e_write_phy_reg tipc: fix a missing check of genlmsg_put net: marvell: fix a missing check of acpi_match_device net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe() ocfs2: clear journal dirty flag after shutdown journal vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() mm/page_alloc.c: use a single function to free page mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() tools/vm/page-types.c: fix "kpagecount returned fewer pages than expected" failures netfilter: nf_tables: fix a missing check of nla_put_failure xprtrdma: Prevent leak of rpcrdma_rep objects infiniband: bnxt_re: qplib: Check the return value of send_message infiniband/qedr: Potential null ptr dereference of qp firmware: arm_sdei: fix wrong of_node_put() in init function firmware: arm_sdei: Fix DT platform device creation lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk lib/genalloc.c: use vzalloc_node() to allocate the bitmap fork: fix some -Wmissing-prototypes warnings drivers/base/platform.c: kmemleak ignore a known leak lib/genalloc.c: include vmalloc.h mtd: Check add_mtd_device() ret code tipc: fix memory leak in tipc_nl_compat_publ_dump net/core/neighbour: tell kmemleak about hash tables ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() net/core/neighbour: fix kmemleak minimal reference count for hash tables serial: 8250: Fix serial8250 initialization crash gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel decnet: fix DN_IFREQ_SIZE net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() net/smc: don't wait for send buffer space when data was already sent mm/hotplug: invalid PFNs from pfn_to_online_page() xfs: end sync buffer I/O properly on shutdown error net/smc: fix sender_free computation blktrace: Show requests without sector net/smc: fix byte_order for rx_curs_confirmed tipc: fix skb may be leaky in tipc_link_input ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI sfc: initialise found bitmap in efx_ef10_mtd_probe geneve: change NET_UDP_TUNNEL dependency to select net: fix possible overflow in __sk_mem_raise_allocated() net: ip_gre: do not report erspan_ver for gre or gretap net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap sctp: don't compare hb_timer expire date before starting it bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() mmc: core: align max segment size with logical block size net: dev: Use unsigned integer as an argument to left-shift kvm: properly check debugfs dentry before using it bpf: drop refcount if bpf_map_new_fd() fails in map_create() net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED net: hns3: fix PFC not setting problem for DCB module net: hns3: fix an issue for hclgevf_ae_get_hdev net: hns3: fix an issue for hns3_update_new_int_gl iommu/amd: Fix NULL dereference bug in match_hid_uid apparmor: delete the dentry in aafs_remove() to avoid a leak scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery ACPI / APEI: Don't wait to serialise with oops messages when panic()ing ACPI / APEI: Switch estatus pool to use vmalloc memory scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned scsi: libsas: Check SMP PHY control function result RDMA/hns: Fix the bug with updating rq head pointer when flush cqe RDMA/hns: Bugfix for the scene without receiver queue RDMA/hns: Fix the state of rereg mr RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() xdp: fix cpumap redirect SKB creation bug mtd: Remove a debug trace in mtdpart.c mm, gup: add missing refcount overflow checks on s390 clk: at91: fix update bit maps on CFG_MOR write clk: at91: generated: set audio_pll_allowed in at91_clk_register_generated() usb: dwc2: use a longer core rest timeout in dwc2_core_reset() staging: rtl8192e: fix potential use after free staging: rtl8723bs: Drop ACPI device ids staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P mei: bus: prefix device names on bus with the bus name mei: me: add comet point V device id thunderbolt: Power cycle the router if NVM authentication fails xfrm: Fix memleak on xfrm state destroy media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE net: macb: fix error format in dev_err() pwm: Clear chip_data in pwm_put() media: atmel: atmel-isc: fix asd memory allocation media: atmel: atmel-isc: fix INIT_WORK misplacement macvlan: schedule bc_work even if error net: psample: fix skb_over_panic openvswitch: fix flow command message size sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook slip: Fix use-after-free Read in slip_open openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() openvswitch: remove another BUG_ON() selftests: bpf: test_sockmap: handle file creation failures gracefully tipc: fix link name length check sctp: cache netns in sctp_ep_common net: sched: fix `tc -s class show` no bstats on class with nolock subqueues net: macb: add missed tasklet_kill ext4: add more paranoia checking in ext4_expand_extra_isize handling watchdog: sama5d4: fix WDD value to be always set to max net: macb: Fix SUBNS increment and increase resolution net: macb driver, check for SKBTX_HW_TSTAMP mtd: rawnand: atmel: Fix spelling mistake in error message mtd: rawnand: atmel: fix possible object reference leak mtd: spi-nor: cast to u64 to avoid uint overflows drm/atmel-hlcdc: revert shift by 8 mailbox: stm32_ipcc: add spinlock to fix channels concurrent access tcp: exit if nothing to retransmit on RTO timeout HID: core: check whether Usage Page item is after Usage ID items crypto: stm32/hash - Fix hmac issue more than 256 bytes media: stm32-dcmi: fix DMA corruption when stopping streaming media: stm32-dcmi: fix check of pm_runtime_get_sync return value hwrng: stm32 - fix unbalanced pm_runtime_enable clk: stm32mp1: fix HSI divider flag clk: stm32mp1: fix mcu divider table clk: stm32mp1: add CLK_SET_RATE_NO_REPARENT to Kernel clocks clk: stm32mp1: parent clocks update mailbox: mailbox-test: fix null pointer if no mmio pinctrl: stm32: fix memory leak issue ASoC: stm32: i2s: fix dma configuration ASoC: stm32: i2s: fix 16 bit format support ASoC: stm32: i2s: fix IRQ clearing ASoC: stm32: sai: add missing put_device() dmaengine: stm32-dma: check whether length is aligned on FIFO threshold platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size net: fec: fix clock count mis-match Linux 4.19.88 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ib17de804b245aa3da465ddc97270b8c7bd9fba66 |
||
|
Yi Wang
|
fc38279ec5 |
fork: fix some -Wmissing-prototypes warnings
[ Upstream commit fb5bf31722d0805a3f394f7d59f2e8cd07acccb7 ]
We get a warning when building kernel with W=1:
kernel/fork.c:167:13: warning: no previous prototype for `arch_release_thread_stack' [-Wmissing-prototypes]
kernel/fork.c:779:13: warning: no previous prototype for `fork_init' [-Wmissing-prototypes]
Add the missing declaration in head file to fix this.
Also, remove arch_release_thread_stack() completely because no arch
seems to implement it since
|
||
|
Ivaylo Georgiev
|
0f16018c8a |
Merge android-4.19-q.80 (fd673e8) into msm-4.19
* refs/heads/tmp-fd673e8:
Linux 4.19.80
perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization
PCI: vmd: Fix config addressing when using bus offsets
x86/asm: Fix MWAITX C-state hint value
hwmon: Fix HWMON_P_MIN_ALARM mask
tracing: Get trace_array reference for available_tracers files
ftrace: Get a reference counter for the trace_array on filter files
tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency
tracing/hwlat: Report total time spent in all NMIs during the sample
arm64/sve: Fix wrong free for task->thread.sve_state
media: stkwebcam: fix runtime PM after driver unbind
Fix the locking in dcache_readdir() and friends
arm64: topology: Use PPTT to determine if PE is a thread
ACPI/PPTT: Add support for ACPI 6.3 thread flag
ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags
MIPS: elf_hwcap: Export userspace ASEs
MIPS: Disable Loongson MMI instructions for kernel build
NFS: Fix O_DIRECT accounting of number of bytes read/written
btrfs: fix uninitialized ret in ref-verify
btrfs: fix incorrect updating of log root tree
cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
iio: adc: stm32-adc: fix a race when using several adcs with dma and irq
iio: adc: stm32-adc: move registers definitions
gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source
firmware: google: increment VPD key_len properly
mm/vmpressure.c: fix a signedness bug in vmpressure_register_event()
kernel/sysctl.c: do not override max_threads provided by userspace
CIFS: Force reval dentry if LOOKUP_REVAL flag is set
CIFS: Force revalidate inode when dentry is stale
CIFS: Gracefully handle QueryInfo errors during open
blk-wbt: fix performance regression in wbt scale_up/scale_down
perf inject jit: Fix JIT_CODE_MOVE filename
perf llvm: Don't access out-of-scope array
efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
iio: light: opt3001: fix mutex unlock race
iio: adc: axp288: Override TS pin bias current for some models
iio: adc: ad799x: fix probe error handling
iio: adc: hx711: fix bug in sampling of data
staging: vt6655: Fix memory leak in vt6655_probe
Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
gpio: eic: sprd: Fix the incorrect EIC offset when toggling
mei: avoid FW version request on Ibex Peak and earlier
mei: me: add comet point (lake) LP device ids
USB: legousbtower: fix use-after-free on release
USB: legousbtower: fix open after failed reset request
USB: legousbtower: fix potential NULL-deref on disconnect
USB: legousbtower: fix deadlock on disconnect
USB: legousbtower: fix slab info leak at probe
usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}()
USB: dummy-hcd: fix power budget for SuperSpeed mode
USB: microtek: fix info-leak at probe
USB: usblcd: fix I/O after disconnect
USB: serial: fix runtime PM after driver unbind
USB: serial: option: add support for Cinterion CLS8 devices
USB: serial: option: add Telit FN980 compositions
USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
USB: serial: keyspan: fix NULL-derefs on open() and write()
serial: uartlite: fix exit path null pointer
USB: ldusb: fix NULL-derefs on driver unbind
USB: chaoskey: fix use-after-free on release
USB: usblp: fix runtime PM after driver unbind
USB: iowarrior: fix use-after-free after driver unbind
USB: iowarrior: fix use-after-free on release
USB: iowarrior: fix use-after-free on disconnect
USB: adutux: fix use-after-free on release
USB: adutux: fix NULL-derefs on disconnect
USB: adutux: fix use-after-free on disconnect
xhci: Increase STS_SAVE timeout in xhci_suspend()
xhci: Prevent deadlock when xhci adapter breaks during init
usb: xhci: wait for CNR controller not ready bit in xhci resume
xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts
xhci: Check all endpoints for LPM timeout
xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
xhci: Fix false warning message about wrong bounce buffer write length
USB: usb-skeleton: fix NULL-deref on disconnect
USB: usb-skeleton: fix runtime PM after driver unbind
USB: yurex: fix NULL-derefs on disconnect
USB: yurex: Don't retry on unexpected errors
USB: rio500: Remove Rio 500 kernel driver
f2fs: use EINVAL for superblock with invalid magic
panic: ensure preemption is disabled during panic()
Change-Id: I002cb95429e0fe54d5a8ac0b771891be2d343014
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
fd673e8f7f |
Merge 4.19.80 into android-4.19-q
Changes in 4.19.80
panic: ensure preemption is disabled during panic()
f2fs: use EINVAL for superblock with invalid magic
USB: rio500: Remove Rio 500 kernel driver
USB: yurex: Don't retry on unexpected errors
USB: yurex: fix NULL-derefs on disconnect
USB: usb-skeleton: fix runtime PM after driver unbind
USB: usb-skeleton: fix NULL-deref on disconnect
xhci: Fix false warning message about wrong bounce buffer write length
xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
xhci: Check all endpoints for LPM timeout
xhci: Fix USB 3.1 capability detection on early xHCI 1.1 spec based hosts
usb: xhci: wait for CNR controller not ready bit in xhci resume
xhci: Prevent deadlock when xhci adapter breaks during init
xhci: Increase STS_SAVE timeout in xhci_suspend()
USB: adutux: fix use-after-free on disconnect
USB: adutux: fix NULL-derefs on disconnect
USB: adutux: fix use-after-free on release
USB: iowarrior: fix use-after-free on disconnect
USB: iowarrior: fix use-after-free on release
USB: iowarrior: fix use-after-free after driver unbind
USB: usblp: fix runtime PM after driver unbind
USB: chaoskey: fix use-after-free on release
USB: ldusb: fix NULL-derefs on driver unbind
serial: uartlite: fix exit path null pointer
USB: serial: keyspan: fix NULL-derefs on open() and write()
USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
USB: serial: option: add Telit FN980 compositions
USB: serial: option: add support for Cinterion CLS8 devices
USB: serial: fix runtime PM after driver unbind
USB: usblcd: fix I/O after disconnect
USB: microtek: fix info-leak at probe
USB: dummy-hcd: fix power budget for SuperSpeed mode
usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}()
usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
USB: legousbtower: fix slab info leak at probe
USB: legousbtower: fix deadlock on disconnect
USB: legousbtower: fix potential NULL-deref on disconnect
USB: legousbtower: fix open after failed reset request
USB: legousbtower: fix use-after-free on release
mei: me: add comet point (lake) LP device ids
mei: avoid FW version request on Ibex Peak and earlier
gpio: eic: sprd: Fix the incorrect EIC offset when toggling
Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
staging: vt6655: Fix memory leak in vt6655_probe
iio: adc: hx711: fix bug in sampling of data
iio: adc: ad799x: fix probe error handling
iio: adc: axp288: Override TS pin bias current for some models
iio: light: opt3001: fix mutex unlock race
efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
perf llvm: Don't access out-of-scope array
perf inject jit: Fix JIT_CODE_MOVE filename
blk-wbt: fix performance regression in wbt scale_up/scale_down
CIFS: Gracefully handle QueryInfo errors during open
CIFS: Force revalidate inode when dentry is stale
CIFS: Force reval dentry if LOOKUP_REVAL flag is set
kernel/sysctl.c: do not override max_threads provided by userspace
mm/vmpressure.c: fix a signedness bug in vmpressure_register_event()
firmware: google: increment VPD key_len properly
gpiolib: don't clear FLAG_IS_OUT when emulating open-drain/open-source
iio: adc: stm32-adc: move registers definitions
iio: adc: stm32-adc: fix a race when using several adcs with dma and irq
cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
btrfs: fix incorrect updating of log root tree
btrfs: fix uninitialized ret in ref-verify
NFS: Fix O_DIRECT accounting of number of bytes read/written
MIPS: Disable Loongson MMI instructions for kernel build
MIPS: elf_hwcap: Export userspace ASEs
ACPICA: ACPI 6.3: PPTT add additional fields in Processor Structure Flags
ACPI/PPTT: Add support for ACPI 6.3 thread flag
arm64: topology: Use PPTT to determine if PE is a thread
Fix the locking in dcache_readdir() and friends
media: stkwebcam: fix runtime PM after driver unbind
arm64/sve: Fix wrong free for task->thread.sve_state
tracing/hwlat: Report total time spent in all NMIs during the sample
tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency
ftrace: Get a reference counter for the trace_array on filter files
tracing: Get trace_array reference for available_tracers files
hwmon: Fix HWMON_P_MIN_ALARM mask
x86/asm: Fix MWAITX C-state hint value
PCI: vmd: Fix config addressing when using bus offsets
perf/hw_breakpoint: Fix arch_hw_breakpoint use-before-initialization
Linux 4.19.80
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7b092168ec736afa21e2886261dfb1d5690129b4
|
||
|
Michal Hocko
|
7bbe6eefdb |
kernel/sysctl.c: do not override max_threads provided by userspace
commit b0f53dbc4bc4c371f38b14c391095a3bb8a0bb40 upstream. Partially revert |
||
|
qctecmdr
|
5dc7d7712c |
Merge "Merge android-4.19-q.66 (5118163) into msm-4.19"
|
||
|
Ivaylo Georgiev
|
420c83c039 |
Merge android-4.19-q.64 (571263b) into msm-4.19
* refs/heads/tmp-571263b: Linux 4.19.64 ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL scsi: core: Avoid that a kernel warning appears during system resume block, scsi: Change the preempt-only flag into a counter ceph: hold i_ceph_lock when removing caps for freeing inode Fix allyesconfig output. drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl /proc/<pid>/cmdline: add back the setproctitle() special case /proc/<pid>/cmdline: remove all the special cases sched/fair: Use RCU accessors consistently for ->numa_group sched/fair: Don't free p->numa_faults with concurrent readers vhost: scsi: add weight support vhost: vsock: add weight support vhost_net: fix possible infinite loop vhost: introduce vhost_exceeds_weight() Bluetooth: hci_uart: check for missing tty operations iommu/iova: Fix compilation error with !CONFIG_IOMMU_IOVA iommu/vt-d: Don't queue_iova() if there is no flush queue media: radio-raremono: change devm_k*alloc to k*alloc NFS: Cleanup if nfs_match_client is interrupted media: pvrusb2: use a different format for warnings media: cpia2_usb: first wake up, then free in disconnect ath10k: Change the warning message string media: au0828: fix null dereference in error path ISDN: hfcsusb: checking idx of ep configuration binder: fix possible UAF when freeing buffer arm64: compat: Provide definition for COMPAT_SIGMINSTKSZ usb: dwc2: Fix disable all EP's on disconnect usb: dwc2: Disable all EP's on disconnect NFSv4: Fix lookup revalidate of regular files NFS: Refactor nfs_lookup_revalidate() NFS: Fix dentry revalidation on NFSv4 lookup vsock: correct removal of socket from the list hv_sock: Add support for delayed close ANDROID: overlayfs: internal getxattr operations without sepolicy checking ANDROID: overlayfs: add __get xattr method ANDROID: Add optional __get xattr method paired to __vfs_getxattr ANDROID: overlayfs: override_creds=off option bypass creator_cred (part deux) Conflicts: include/linux/blkdev.h Change-Id: I0530cebb98a59b0a585d58f6aa899956feb0ec64 Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
571263b109 |
Merge 4.19.64 into android-4.19-q
Changes in 4.19.64 hv_sock: Add support for delayed close vsock: correct removal of socket from the list NFS: Fix dentry revalidation on NFSv4 lookup NFS: Refactor nfs_lookup_revalidate() NFSv4: Fix lookup revalidate of regular files usb: dwc2: Disable all EP's on disconnect usb: dwc2: Fix disable all EP's on disconnect arm64: compat: Provide definition for COMPAT_SIGMINSTKSZ binder: fix possible UAF when freeing buffer ISDN: hfcsusb: checking idx of ep configuration media: au0828: fix null dereference in error path ath10k: Change the warning message string media: cpia2_usb: first wake up, then free in disconnect media: pvrusb2: use a different format for warnings NFS: Cleanup if nfs_match_client is interrupted media: radio-raremono: change devm_k*alloc to k*alloc iommu/vt-d: Don't queue_iova() if there is no flush queue iommu/iova: Fix compilation error with !CONFIG_IOMMU_IOVA Bluetooth: hci_uart: check for missing tty operations vhost: introduce vhost_exceeds_weight() vhost_net: fix possible infinite loop vhost: vsock: add weight support vhost: scsi: add weight support sched/fair: Don't free p->numa_faults with concurrent readers sched/fair: Use RCU accessors consistently for ->numa_group /proc/<pid>/cmdline: remove all the special cases /proc/<pid>/cmdline: add back the setproctitle() special case drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl Fix allyesconfig output. ceph: hold i_ceph_lock when removing caps for freeing inode block, scsi: Change the preempt-only flag into a counter scsi: core: Avoid that a kernel warning appears during system resume ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL Linux 4.19.64 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ide69316db2c4e7d5e6a028f7a259c1e3de49478e |
||
|
Jann Horn
|
48046e092a |
sched/fair: Don't free p->numa_faults with concurrent readers
commit 16d51a590a8ce3befb1308e0e7ab77f3b661af33 upstream.
When going through execve(), zero out the NUMA fault statistics instead of
freeing them.
During execve, the task is reachable through procfs and the scheduler. A
concurrent /proc/*/sched reader can read data from a freed ->numa_faults
allocation (confirmed by KASAN) and write it back to userspace.
I believe that it would also be possible for a use-after-free read to occur
through a race between a NUMA fault and execve(): task_numa_fault() can
lead to task_numa_compare(), which invokes task_weight() on the currently
running task of a different CPU.
Another way to fix this would be to make ->numa_faults RCU-managed or add
extra locking, but it seems easier to wipe the NUMA fault statistics on
execve.
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Petr Mladek <pmladek@suse.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will@kernel.org>
Fixes:
|
||
|
Vinayak Menon
|
409c17568b |
mm: skip rss check on MM_UNRECLAIMABLE
MM_UNRECLAIMABLE rss counter can be updated by drivers on exit_files. But since exit_mm is called early, there is a chance of false bad rss messages. Skip the check for MM_UNRECLAIMABLE. Change-Id: Id9a79db20f1ae711ec801a646d7c28d92e94f70b Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> |
||
|
Ivaylo Georgiev
|
0f3194a0fa |
Merge android-4.19.45 (50f9143) into msm-4.19
* refs/heads/tmp-50f9143:
Linux 4.19.45
ext4: don't update s_rev_level if not required
ext4: fix compile error when using BUFFER_TRACE
pstore: Refactor compression initialization
pstore: Allocate compression during late_initcall()
pstore: Centralize init/exit routines
iov_iter: optimize page_copy_sane()
libnvdimm/namespace: Fix label tracking error
xen/pvh: set xen_domain_type to HVM in xen_pvh_init
kbuild: turn auto.conf.cmd into a mandatory include file
KVM: lapic: Busy wait for timer to expire when using hv_timer
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
jbd2: fix potential double free
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
ALSA: hda/realtek - Fixup headphone noise via runtime suspend
ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
ext4: avoid panic during forced reboot due to aborted journal
ext4: fix use-after-free in dx_release()
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: zero out the unused memory region in the extent tree block
tty: Don't force RISCV SBI console as preferred console
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
ipmi:ssif: compare block number correctly for multi-part return messages
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
bcache: fix a race between cache register and cacheset unregister
Btrfs: do not start a transaction at iterate_extent_inodes()
Btrfs: do not start a transaction during fiemap
Btrfs: send, flush dellaloc in order to avoid data loss
btrfs: Honour FITRIM range constraints during free space trim
btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails
btrfs: Check the first key and level for cached extent buffer
ext4: fix ext4_show_options for file systems w/o journal
ext4: actually request zeroing of inode table after grow
ext4: fix use-after-free race with debug_want_extra_isize
ext4: avoid drop reference to iloc.bh twice
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: make sanity check in mballoc more strict
jbd2: check superblock mapped prior to committing
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle
userfaultfd: use RCU to free the task struct when fork fails
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
hugetlb: use same fault hash key for shared and private mappings
mm/hugetlb.c: don't put_page in lock of hugetlb_lock
mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses
mm/mincore.c: make mincore() more conservative
crypto: ccree - handle tee fips error during power management resume
crypto: ccree - add function to handle cryptocell tee fips error
crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend
crypto: ccree - pm resume first enable the source clk
crypto: ccree - don't map AEAD key and IV on stack
crypto: ccree - use correct internal state sizes for export
crypto: ccree - don't map MAC key on stack
crypto: ccree - fix mem leak on error path
crypto: ccree - remove special handling of chained sg
bpf, arm64: remove prefetch insn in xadd mapping
ASoC: codec: hdac_hdmi add device_link to card device
ASoC: fsl_esai: Fix missing break in switch statement
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: max98090: Fix restore of DAPM Muxes
ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14)
ALSA: hda/realtek - EAPD turn on later
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: usb-audio: Fix a memory leak bug
ALSA: line6: toneport: Fix broken usage of timer for delayed execution
mmc: core: Fix tag set memory leak
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: rockchip - update IV buffer to contain the next IV
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: arm64/gcm-aes-ce - fix no-NEON fallback code
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: vmx - fix copy-paste error in CTR mode
crypto: ccp - Do not free psp_master when PLATFORM_INIT fails
crypto: chacha20poly1305 - set cra_name correctly
crypto: salsa20 - don't access already-freed walk.iv
crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
crypto: crypto4xx - fix ctr-aes missing output IV
sched/x86: Save [ER]FLAGS on context switch
arm64: Save and restore OSDLR_EL1 across suspend/resume
arm64: Clear OSDLR_EL1 on CPU boot
arm64: compat: Reduce address limit
arm64: arch_timer: Ensure counter register reads occur with seqlock held
arm64: mmap: Ensure file offset is treated as unsigned
power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist
power: supply: axp288_charger: Fix unchecked return value
ARM: exynos: Fix a leaked reference by adding missing of_node_put
mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
objtool: Fix function fallthrough detection
x86/speculation/mds: Improve CPU buffer clear documentation
x86/speculation/mds: Revert CPU buffer clear on double fault exit
locking/rwsem: Prevent decrement of reader count before increment
fs: sdcardfs: Add missing option to show_options
BACKPORT: drm/amd/display: add -msse2 to prevent Clang from emitting libcalls to undefined SW FP routines
ANDROID: x86: use the correct function type for sys_ni_syscall
ANDROID: x86: use the correct function type for sys32_(rt_)sigreturn
ANDROID: x86: use the correct function type for native_set_fixmap
ANDROID: x86: use the correct function type in SYSCALL_DEFINE0
ANDROID: x86: add support for CONFIG_LTO_CLANG
ANDROID: x86: disable STACK_VALIDATION with LTO_CLANG
ANDROID: x86: disable HAVE_ARCH_PREL32_RELOCATIONS with LTO_CLANG
ANDROID: x86/vdso: disable LTO only for VDSO
ANDROID: x86/cpu/vmware: use the full form of inl in VMWARE_PORT
UPSTREAM: x86/build: Keep local relocations with ld.lld
ANDROID: crypto: arm64/ghash: fix CFI for GHASH CE
ANDROID: crypto: arm64/sha: fix CFI in SHA CE
ANDROID: arm64: kvm: disable CFI
ANDROID: arm64: mark kpti_install_ng_mappings as __nocfi
ANDROID: arm64: disable CFI for cpu_replace_ttbr1
FROMLIST: arm64: use the correct function type for __arm64_sys_ni_syscall
FROMLIST: arm64: use the correct function type in SYSCALL_DEFINE0
FROMLIST: arm64: fix syscall_fn_t type
ANDROID: modpost: add an exception for CFI stubs
ANDROID: ftrace: fix function type mismatches
FROMLIST: 9p: pass the correct prototype to read_cache_page
FROMLIST: jffs2: pass the correct prototype to read_cache_page
UPSTREAM: nfs: pass the correct prototype to read_cache_page
FROMLIST: mm: don't cast ->readpage to filler_t for do_read_cache_page
UPSTREAM: netfilter: xt_IDLETIMER: fix sysfs callback function type
ANDROID: kallsyms: strip the .cfi postfix from symbols with CONFIG_CFI_CLANG
ANDROID: add support for clang Control Flow Integrity (CFI)
FROMLIST: arm64: select ARCH_SUPPORTS_LTO_CLANG
ANDROID: arm64: disable HAVE_ARCH_PREL32_RELOCATIONS with LTO_CLANG
ANDROID: arm64: add atomic_ll_sc.o to obj-y if using lld
ANDROID: arm64: lse: fix LSE atomics with LTO
ANDROID: arm64: vdso: disable LTO
FROMLIST: arm64: kvm: use -fno-jump-tables with clang
BACKPORT: arm64: sysreg: Make mrs_s and msr_s macros work with Clang and LTO
ANDROID: init: ensure initcall ordering with LTO
ANDROID: drivers/misc: disable LTO for lkdtm_rodata.o
FROMLIST: efi/libstub: disable LTO
FROMLIST: scripts/mod: disable LTO for empty.c
ANDROID: kbuild: disable LTO_CLANG with KASAN
FROMLIST: kbuild: fix dynamic ftrace with clang LTO
ANDROID: kbuild: add support for clang LTO
ANDROID: kbuild: add CONFIG_LD_IS_LLD
UPSTREAM: gcov: clang support
UPSTREAM: gcov: docs: add a note on GCC vs Clang differences
UPSTREAM: gcov: clang: move common GCC code into gcc_base.c
UPSTREAM: module: add stubs for within_module functions
UPSTREAM: bpf: relax inode permission check for retrieving bpf program
Conflicts:
Makefile
arch/Kconfig
arch/arm64/kvm/hyp/Makefile
arch/x86/include/asm/syscall_wrapper.h
drivers/mmc/core/queue.c
fs/nfs/dir.c
fs/nfs/symlink.c
include/asm-generic/vmlinux.lds.h
include/linux/compiler-clang.h
include/linux/pagemap.h
kernel/cfi.c
mm/filemap.c
scripts/link-vmlinux.sh
Change-Id: I1e34675a86ecb60d7b8a87e16574ea8920f9cb12
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
071b028ed3 |
Merge 4.19.45 into android-4.19-q
Changes in 4.19.45
locking/rwsem: Prevent decrement of reader count before increment
x86/speculation/mds: Revert CPU buffer clear on double fault exit
x86/speculation/mds: Improve CPU buffer clear documentation
objtool: Fix function fallthrough detection
arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
ARM: exynos: Fix a leaked reference by adding missing of_node_put
power: supply: axp288_charger: Fix unchecked return value
power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist
arm64: mmap: Ensure file offset is treated as unsigned
arm64: arch_timer: Ensure counter register reads occur with seqlock held
arm64: compat: Reduce address limit
arm64: Clear OSDLR_EL1 on CPU boot
arm64: Save and restore OSDLR_EL1 across suspend/resume
sched/x86: Save [ER]FLAGS on context switch
crypto: crypto4xx - fix ctr-aes missing output IV
crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
crypto: salsa20 - don't access already-freed walk.iv
crypto: chacha20poly1305 - set cra_name correctly
crypto: ccp - Do not free psp_master when PLATFORM_INIT fails
crypto: vmx - fix copy-paste error in CTR mode
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: arm64/gcm-aes-ce - fix no-NEON fallback code
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: rockchip - update IV buffer to contain the next IV
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
mmc: core: Fix tag set memory leak
ALSA: line6: toneport: Fix broken usage of timer for delayed execution
ALSA: usb-audio: Fix a memory leak bug
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/realtek - EAPD turn on later
ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14)
ASoC: max98090: Fix restore of DAPM Muxes
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: fsl_esai: Fix missing break in switch statement
ASoC: codec: hdac_hdmi add device_link to card device
bpf, arm64: remove prefetch insn in xadd mapping
crypto: ccree - remove special handling of chained sg
crypto: ccree - fix mem leak on error path
crypto: ccree - don't map MAC key on stack
crypto: ccree - use correct internal state sizes for export
crypto: ccree - don't map AEAD key and IV on stack
crypto: ccree - pm resume first enable the source clk
crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend
crypto: ccree - add function to handle cryptocell tee fips error
crypto: ccree - handle tee fips error during power management resume
mm/mincore.c: make mincore() more conservative
mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses
mm/hugetlb.c: don't put_page in lock of hugetlb_lock
hugetlb: use same fault hash key for shared and private mappings
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
userfaultfd: use RCU to free the task struct when fork fails
ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
jbd2: check superblock mapped prior to committing
ext4: make sanity check in mballoc more strict
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: avoid drop reference to iloc.bh twice
ext4: fix use-after-free race with debug_want_extra_isize
ext4: actually request zeroing of inode table after grow
ext4: fix ext4_show_options for file systems w/o journal
btrfs: Check the first key and level for cached extent buffer
btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails
btrfs: Honour FITRIM range constraints during free space trim
Btrfs: send, flush dellaloc in order to avoid data loss
Btrfs: do not start a transaction during fiemap
Btrfs: do not start a transaction at iterate_extent_inodes()
bcache: fix a race between cache register and cacheset unregister
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
ipmi:ssif: compare block number correctly for multi-part return messages
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
tty: Don't force RISCV SBI console as preferred console
ext4: zero out the unused memory region in the extent tree block
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: fix use-after-free in dx_release()
ext4: avoid panic during forced reboot due to aborted journal
ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
ALSA: hda/realtek - Fixup headphone noise via runtime suspend
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
jbd2: fix potential double free
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
KVM: lapic: Busy wait for timer to expire when using hv_timer
kbuild: turn auto.conf.cmd into a mandatory include file
xen/pvh: set xen_domain_type to HVM in xen_pvh_init
libnvdimm/namespace: Fix label tracking error
iov_iter: optimize page_copy_sane()
pstore: Centralize init/exit routines
pstore: Allocate compression during late_initcall()
pstore: Refactor compression initialization
ext4: fix compile error when using BUFFER_TRACE
ext4: don't update s_rev_level if not required
Linux 4.19.45
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Greg Kroah-Hartman
|
50f91435a2 |
Merge 4.19.45 into android-4.19
Changes in 4.19.45
locking/rwsem: Prevent decrement of reader count before increment
x86/speculation/mds: Revert CPU buffer clear on double fault exit
x86/speculation/mds: Improve CPU buffer clear documentation
objtool: Fix function fallthrough detection
arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller.
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
mmc: sdhci-of-arasan: Add DTS property to disable DCMDs.
ARM: exynos: Fix a leaked reference by adding missing of_node_put
power: supply: axp288_charger: Fix unchecked return value
power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist
arm64: mmap: Ensure file offset is treated as unsigned
arm64: arch_timer: Ensure counter register reads occur with seqlock held
arm64: compat: Reduce address limit
arm64: Clear OSDLR_EL1 on CPU boot
arm64: Save and restore OSDLR_EL1 across suspend/resume
sched/x86: Save [ER]FLAGS on context switch
crypto: crypto4xx - fix ctr-aes missing output IV
crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues
crypto: salsa20 - don't access already-freed walk.iv
crypto: chacha20poly1305 - set cra_name correctly
crypto: ccp - Do not free psp_master when PLATFORM_INIT fails
crypto: vmx - fix copy-paste error in CTR mode
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: arm64/gcm-aes-ce - fix no-NEON fallback code
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: rockchip - update IV buffer to contain the next IV
crypto: arm/aes-neonbs - don't access already-freed walk.iv
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
mmc: core: Fix tag set memory leak
ALSA: line6: toneport: Fix broken usage of timer for delayed execution
ALSA: usb-audio: Fix a memory leak bug
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/realtek - EAPD turn on later
ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14)
ASoC: max98090: Fix restore of DAPM Muxes
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
ASoC: fsl_esai: Fix missing break in switch statement
ASoC: codec: hdac_hdmi add device_link to card device
bpf, arm64: remove prefetch insn in xadd mapping
crypto: ccree - remove special handling of chained sg
crypto: ccree - fix mem leak on error path
crypto: ccree - don't map MAC key on stack
crypto: ccree - use correct internal state sizes for export
crypto: ccree - don't map AEAD key and IV on stack
crypto: ccree - pm resume first enable the source clk
crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend
crypto: ccree - add function to handle cryptocell tee fips error
crypto: ccree - handle tee fips error during power management resume
mm/mincore.c: make mincore() more conservative
mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses
mm/hugetlb.c: don't put_page in lock of hugetlb_lock
hugetlb: use same fault hash key for shared and private mappings
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
userfaultfd: use RCU to free the task struct when fork fails
ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
jbd2: check superblock mapped prior to committing
ext4: make sanity check in mballoc more strict
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: avoid drop reference to iloc.bh twice
ext4: fix use-after-free race with debug_want_extra_isize
ext4: actually request zeroing of inode table after grow
ext4: fix ext4_show_options for file systems w/o journal
btrfs: Check the first key and level for cached extent buffer
btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails
btrfs: Honour FITRIM range constraints during free space trim
Btrfs: send, flush dellaloc in order to avoid data loss
Btrfs: do not start a transaction during fiemap
Btrfs: do not start a transaction at iterate_extent_inodes()
bcache: fix a race between cache register and cacheset unregister
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
ipmi:ssif: compare block number correctly for multi-part return messages
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
tty: Don't force RISCV SBI console as preferred console
ext4: zero out the unused memory region in the extent tree block
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: fix use-after-free in dx_release()
ext4: avoid panic during forced reboot due to aborted journal
ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14)
ALSA: hda/realtek - Fixup headphone noise via runtime suspend
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
jbd2: fix potential double free
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
KVM: lapic: Busy wait for timer to expire when using hv_timer
kbuild: turn auto.conf.cmd into a mandatory include file
xen/pvh: set xen_domain_type to HVM in xen_pvh_init
libnvdimm/namespace: Fix label tracking error
iov_iter: optimize page_copy_sane()
pstore: Centralize init/exit routines
pstore: Allocate compression during late_initcall()
pstore: Refactor compression initialization
ext4: fix compile error when using BUFFER_TRACE
ext4: don't update s_rev_level if not required
Linux 4.19.45
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Andrea Arcangeli
|
8bae439855 |
userfaultfd: use RCU to free the task struct when fork fails
commit c3f3ce049f7d97cc7ec9c01cb51d9ec74e0f37c2 upstream.
The task structure is freed while get_mem_cgroup_from_mm() holds
rcu_read_lock() and dereferences mm->owner.
get_mem_cgroup_from_mm() failing fork()
---- ---
task = mm->owner
mm->owner = NULL;
free(task)
if (task) *task; /* use after free */
The fix consists in freeing the task with RCU also in the fork failure
case, exactly like it always happens for the regular exit(2) path. That
is enough to make the rcu_read_lock hold in get_mem_cgroup_from_mm()
(left side above) effective to avoid a use after free when dereferencing
the task structure.
An alternate possible fix would be to defer the delivery of the
userfaultfd contexts to the monitor until after fork() is guaranteed to
succeed. Such a change would require more changes because it would
create a strict ordering dependency where the uffd methods would need to
be called beyond the last potentially failing branch in order to be
safe. This solution as opposed only adds the dependency to common code
to set mm->owner to NULL and to free the task struct that was pointed by
mm->owner with RCU, if fork ends up failing. The userfaultfd methods
can still be called anywhere during the fork runtime and the monitor
will keep discarding orphaned "mm" coming from failed forks in userland.
This race condition couldn't trigger if CONFIG_MEMCG was set =n at build
time.
[aarcange@redhat.com: improve changelog, reduce #ifdefs per Michal]
Link: http://lkml.kernel.org/r/20190429035752.4508-1-aarcange@redhat.com
Link: http://lkml.kernel.org/r/20190325225636.11635-2-aarcange@redhat.com
Fixes:
|
||
|
Laurent Dufour
|
0c8a35f8dd |
mm: protect against PTE changes done by dup_mmap()
Vinayak Menon and Ganesh Mahendran reported that the following scenario may
lead to thread being blocked due to data corruption:
CPU 1 CPU 2 CPU 3
Process 1, Process 1, Process 1,
Thread A Thread B Thread C
while (1) { while (1) { while(1) {
pthread_mutex_lock(l) pthread_mutex_lock(l) fork
pthread_mutex_unlock(l) pthread_mutex_unlock(l) }
} }
In the details this happens because :
CPU 1 CPU 2 CPU 3
fork()
copy_pte_range()
set PTE rdonly
got to next VMA...
. PTE is seen rdonly PTE still writable
. thread is writing to page
. -> page fault
. copy the page Thread writes to page
. . -> no page fault
. update the PTE
. flush TLB for that PTE
flush TLB PTE are now rdonly
So the write done by the CPU 3 is interfering with the page copy operation
done by CPU 2, leading to the data corruption.
To avoid this we mark all the VMA involved in the COW mechanism as changing
by calling vm_write_begin(). This ensures that the speculative page fault
handler will not try to handle a fault on these pages.
The marker is set until the TLB is flushed, ensuring that all the CPUs will
now see the PTE as not writable.
Once the TLB is flush, the marker is removed by calling vm_write_end().
The variable last is used to keep tracked of the latest VMA marked to
handle the error path where part of the VMA may have been marked.
Change-Id: I3fe07109e27d8f77c9b435053567fe5c287703aa
Reported-by: Ganesh Mahendran <opensource.ganesh@gmail.com>
Reported-by: Vinayak Menon <vinmenon@codeaurora.org>
Signed-off-by: Laurent Dufour <ldufour@linux.ibm.com>
Link: https://www.spinics.net/lists/linux-mm/msg171207.html
Patch-mainline: linux-mm@ Fri, 18 Jan 2019 17:24:16
Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>
|
||
|
Laurent Dufour
|
3f31f748a8 |
mm: protect mm_rb tree with a rwlock
This change is inspired by the Peter's proposal patch [1] which was protecting the VMA using SRCU. Unfortunately, SRCU is not scaling well in that particular case, and it is introducing major performance degradation due to excessive scheduling operations. To allow access to the mm_rb tree without grabbing the mmap_sem, this patch is protecting it access using a rwlock. As the mm_rb tree is a O(log n) search it is safe to protect it using such a lock. The VMA cache is not protected by the new rwlock and it should not be used without holding the mmap_sem. To allow the picked VMA structure to be used once the rwlock is released, a use count is added to the VMA structure. When the VMA is allocated it is set to 1. Each time the VMA is picked with the rwlock held its use count is incremented. Each time the VMA is released it is decremented. When the use count hits zero, this means that the VMA is no more used and should be freed. This patch is preparing for 2 kind of VMA access : - as usual, under the control of the mmap_sem, - without holding the mmap_sem for the speculative page fault handler. Access done under the control the mmap_sem doesn't require to grab the rwlock to protect read access to the mm_rb tree, but access in write must be done under the protection of the rwlock too. This affects inserting and removing of elements in the RB tree. The patch is introducing 2 new functions: - vma_get() to find a VMA based on an address by holding the new rwlock. - vma_put() to release the VMA when its no more used. These services are designed to be used when access are made to the RB tree without holding the mmap_sem. When a VMA is removed from the RB tree, its vma->vm_rb field is cleared and we rely on the WMB done when releasing the rwlock to serialize the write with the RMB done in a later patch to check for the VMA's validity. When free_vma is called, the file associated with the VMA is closed immediately, but the policy and the file structure remained in used until the VMA's use count reach 0, which may happens later when exiting an in progress speculative page fault. [1] https://patchwork.kernel.org/patch/5108281/ Change-Id: I9ecc922b8efa4b28975cc6a8e9531284c24ac14e Cc: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Matthew Wilcox <willy@infradead.org> Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com> Patch-mainline: linux-mm @ Tue, 17 Apr 2018 16:33:23 [vinmenon@codeaurora.org: fix the return of put_vma] Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> Signed-off-by: Charan Teja Reddy <charante@codeaurora.org> |
||
|
Laurent Dufour
|
ead04c98fd |
mm: introduce INIT_VMA()
Some VMA struct fields need to be initialized once the VMA structure is allocated. Currently this only concerns anon_vma_chain field but some other will be added to support the speculative page fault. Instead of spreading the initialization calls all over the code, let's introduce a dedicated inline function. Change-Id: I9f6b29dc74055354318b548e2b6b22c37d4c61bb Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com> Patch-mainline: linux-mm @ Tue, 17 Apr 2018 16:33:13 [vinmenon@codeaurora.org: trivial merge conflict fixes] Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> [charante@codeaurora.org: merge conflict fixes] Signed-off-by: Charan Teja Reddy <charante@codeaurora.org> |
||
|
Johannes Weiner
|
e550f94252 |
UPSTREAM: psi: pressure stall information for CPU, memory, and IO
When systems are overcommitted and resources become contended, it's hard
to tell exactly the impact this has on workload productivity, or how close
the system is to lockups and OOM kills. In particular, when machines work
multiple jobs concurrently, the impact of overcommit in terms of latency
and throughput on the individual job can be enormous.
In order to maximize hardware utilization without sacrificing individual
job health or risk complete machine lockups, this patch implements a way
to quantify resource pressure in the system.
A kernel built with CONFIG_PSI=y creates files in /proc/pressure/ that
expose the percentage of time the system is stalled on CPU, memory, or IO,
respectively. Stall states are aggregate versions of the per-task delay
accounting delays:
cpu: some tasks are runnable but not executing on a CPU
memory: tasks are reclaiming, or waiting for swapin or thrashing cache
io: tasks are waiting for io completions
These percentages of walltime can be thought of as pressure percentages,
and they give a general sense of system health and productivity loss
incurred by resource overcommit. They can also indicate when the system
is approaching lockup scenarios and OOMs.
To do this, psi keeps track of the task states associated with each CPU
and samples the time they spend in stall states. Every 2 seconds, the
samples are averaged across CPUs - weighted by the CPUs' non-idle time to
eliminate artifacts from unused CPUs - and translated into percentages of
walltime. A running average of those percentages is maintained over 10s,
1m, and 5m periods (similar to the loadaverage).
[hannes@cmpxchg.org: doc fixlet, per Randy]
Link: http://lkml.kernel.org/r/20180828205625.GA14030@cmpxchg.org
[hannes@cmpxchg.org: code optimization]
Link: http://lkml.kernel.org/r/20180907175015.GA8479@cmpxchg.org
[hannes@cmpxchg.org: rename psi_clock() to psi_update_work(), per Peter]
Link: http://lkml.kernel.org/r/20180907145404.GB11088@cmpxchg.org
[hannes@cmpxchg.org: fix build]
Link: http://lkml.kernel.org/r/20180913014222.GA2370@cmpxchg.org
Link: http://lkml.kernel.org/r/20180828172258.3185-9-hannes@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Daniel Drake <drake@endlessm.com>
Tested-by: Suren Baghdasaryan <surenb@google.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Johannes Weiner <jweiner@fb.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Enderborg <peter.enderborg@sony.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit eb414681d5a07d28d2ff90dc05f69ec6b232ebd2)
Bug: 127712811
Test: lmkd in PSI mode
Change-Id: Id00d23c977169b0c4636d92016fc1fee0274be05
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Johannes Weiner
|
25f0c86db1 |
psi: pressure stall information for CPU, memory, and IO
When systems are overcommitted and resources become contended, it's hard
to tell exactly the impact this has on workload productivity, or how close
the system is to lockups and OOM kills. In particular, when machines work
multiple jobs concurrently, the impact of overcommit in terms of latency
and throughput on the individual job can be enormous.
In order to maximize hardware utilization without sacrificing individual
job health or risk complete machine lockups, this patch implements a way
to quantify resource pressure in the system.
A kernel built with CONFIG_PSI=y creates files in /proc/pressure/ that
expose the percentage of time the system is stalled on CPU, memory, or IO,
respectively. Stall states are aggregate versions of the per-task delay
accounting delays:
cpu: some tasks are runnable but not executing on a CPU
memory: tasks are reclaiming, or waiting for swapin or thrashing cache
io: tasks are waiting for io completions
These percentages of walltime can be thought of as pressure percentages,
and they give a general sense of system health and productivity loss
incurred by resource overcommit. They can also indicate when the system
is approaching lockup scenarios and OOMs.
To do this, psi keeps track of the task states associated with each CPU
and samples the time they spend in stall states. Every 2 seconds, the
samples are averaged across CPUs - weighted by the CPUs' non-idle time to
eliminate artifacts from unused CPUs - and translated into percentages of
walltime. A running average of those percentages is maintained over 10s,
1m, and 5m periods (similar to the loadaverage).
[hannes@cmpxchg.org: doc fixlet, per Randy]
Link: http://lkml.kernel.org/r/20180828205625.GA14030@cmpxchg.org
[hannes@cmpxchg.org: code optimization]
Link: http://lkml.kernel.org/r/20180907175015.GA8479@cmpxchg.org
[hannes@cmpxchg.org: rename psi_clock() to psi_update_work(), per Peter]
Link: http://lkml.kernel.org/r/20180907145404.GB11088@cmpxchg.org
[hannes@cmpxchg.org: fix build]
Link: http://lkml.kernel.org/r/20180913014222.GA2370@cmpxchg.org
Link: http://lkml.kernel.org/r/20180828172258.3185-9-hannes@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Daniel Drake <drake@endlessm.com>
Tested-by: Suren Baghdasaryan <surenb@google.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Johannes Weiner <jweiner@fb.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Enderborg <peter.enderborg@sony.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: Ic4b6fddb7013719ffcba5d68abfda87ada90715a
Git-commit: eb414681d5a07d28d2ff90dc05f69ec6b232ebd2
Git-repo: https://source.codeaurora.org/quic/la/kernel/msm-4.19
[pdaly@codeaurora.org: Move PF_MEMSTALL flag]
Signed-off-by: Patrick Daly <pdaly@codeaurora.org>
|
||
|
Connor O'Brien
|
406d53f0c7 |
ANDROID: cpufreq: track per-task time in state
Add time in state data to task structs, and create /proc/<pid>/time_in_state files to show how long each individual task has run at each frequency. Create a CONFIG_CPU_FREQ_TIMES option to enable/disable this tracking. Bug: 72339335 Bug: 127641090 Test: Read /proc/<pid>/time_in_state Change-Id: Ia6456754f4cb1e83b2bc35efa8fbe9f8696febc8 Signed-off-by: Connor O'Brien <connoro@google.com> [astrachan: Folded the following changes into this patch: a6d3de6a7fba ("ANDROID: Reduce use of #ifdef CONFIG_CPU_FREQ_TIMES") b89ada5d9c09 ("ANDROID: Fix massive cpufreq_times memory leaks")] Signed-off-by: Alistair Strachan <astrachan@google.com> |
||
|
Ivaylo Georgiev
|
ffb1bfc29b |
Merge android-4.19.15 (caf5433) into msm-4.19
* refs/heads/tmp-caf5433:
Linux 4.19.15
bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw
drm/amd/display: Fix unintialized max_bpc state values
drm/rockchip: psr: do not dereference encoder before it is null checked.
drm/vc4: Set ->is_yuv to false when num_planes == 1
drm/nouveau/drm/nouveau: Check rc from drm_dp_mst_topology_mgr_resume()
lib: fix build failure in CONFIG_DEBUG_VIRTUAL test
of: __of_detach_node() - remove node from phandle cache
of: of_node_get()/of_node_put() nodes held in phandle cache
power: supply: olpc_battery: correct the temperature units
intel_th: msu: Fix an off-by-one in attribute store
genwqe: Fix size check
drivers/perf: hisi: Fixup one DDRC PMU register offset
video: fbdev: pxafb: Fix "WARNING: invalid free of devm_ allocated data"
ceph: don't update importing cap's mseq when handing cap export
sched/fair: Fix infinite loop in update_blocked_averages() by reverting
|
||
|
David Herrmann
|
bc999b5099 |
fork: record start_time late
commit 7b55851367136b1efd84d98fea81ba57a98304cf upstream. This changes the fork(2) syscall to record the process start_time after initializing the basic task structure but still before making the new process visible to user-space. Technically, we could record the start_time anytime during fork(2). But this might lead to scenarios where a start_time is recorded long before a process becomes visible to user-space. For instance, with userfaultfd(2) and TLS, user-space can delay the execution of fork(2) for an indefinite amount of time (and will, if this causes network access, or similar). By recording the start_time late, it much closer reflects the point in time where the process becomes live and can be observed by other processes. Lastly, this makes it much harder for user-space to predict and control the start_time they get assigned. Previously, user-space could fork a process and stall it in copy_thread_tls() before its pid is allocated, but after its start_time is recorded. This can be misused to later-on cycle through PIDs and resume the stalled fork(2) yielding a process that has the same pid and start_time as a process that existed before. This can be used to circumvent security systems that identify processes by their pid+start_time combination. Even though user-space was always aware that start_time recording is flaky (but several projects are known to still rely on start_time-based identification), changing the start_time to be recorded late will help mitigate existing attacks and make it much harder for user-space to control the start_time a process gets assigned. Reported-by: Jann Horn <jannh@google.com> Signed-off-by: Tom Gundersen <teg@jklm.no> Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Satya Durga Srinivasu Prabhala
|
7ebdf76d85 |
sched: Add snapshot of Window Assisted Load Tracking (WALT)
This snapshot is taken from msm-4.14 as of
commit 871eac76e6be567 ("sched: Improve the scheduler").
Change-Id: Ib4e0b39526d3009cedebb626ece5a767d8247846
Signed-off-by: Satya Durga Srinivasu Prabhala <satyap@codeaurora.org>
|
||
|
Rishabh Bhatnagar
|
bfee6d7f04 |
Merge remote-tracking branch 'origin/tmp-11da3a7' into msm-kona
* origin/tmp-11da3a7:
Linux 4.19-rc3
kbuild: modules_install: warn when missing System.map file
x86/mm: Use WRITE_ONCE() when setting PTEs
x86/apic/vector: Make error return value negative
afs: Fix cell specification to permit an empty address list
KVM: LAPIC: Fix pv ipis out-of-bounds access
KVM: nVMX: Fix loss of pending IRQ/NMI before entering L2
arm64: KVM: Remove pgd_lock
KVM: Remove obsolete kvm_unmap_hva notifier backend
arm64: KVM: Only force FPEXC32_EL2.EN if trapping FPSIMD
KVM: arm/arm64: Clean dcache to PoC when changing PTE due to CoW
i2c: xiic: Record xilinx i2c with Zynq fragment
clocksource: Revert "Remove kthread"
i2c: xiic: Make the start and the byte count write atomic
irqchip/gic-v3-its: Cap lpi_id_bits to reduce memory footprint
block: bfq: swap puts in bfqg_and_blkg_put
memory: ti-aemif: fix a potential NULL-pointer dereference
arm64: fix erroneous warnings in page freeing functions
firmware: arm_scmi: fix divide by zero when sustained_perf_level is zero
printk/tracing: Do not trace printk_nmi_enter()
rbd: support cloning across namespaces
rbd: factor out get_parent_info()
ceph: avoid a use-after-free in ceph_destroy_options()
cpu/hotplug: Prevent state corruption on error rollback
cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun()
x86/process: Don't mix user/kernel regs in 64bit __show_regs()
x86/tsc: Prevent result truncation on 32bit
ACPI / LPSS: Force LPSS quirks on boot
ACPI / bus: Only call dmi_check_system() on X86
block: don't warn when doing fsync on read-only devices
hwmon: rpi: add module alias to raspberrypi-hwmon
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
nds32: linker script: GCOV kernel may refers data in __exit
nilfs2: convert to SPDX license tags
drivers/dax/device.c: convert variable to vm_fault_t type
lib/Kconfig.debug: fix three typos in help text
checkpatch: add __ro_after_init to known $Attribute
mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal
uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name
memory_hotplug: fix kernel_panic on offline page processing
checkpatch: add optional static const to blank line declarations test
ipc/shm: properly return EIDRM in shm_lock()
mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported.
mm/util.c: improve kvfree() kerneldoc
tools/vm/page-types.c: fix "defined but not used" warning
tools/vm/slabinfo.c: fix sign-compare warning
kmemleak: always register debugfs file
mm: respect arch_dup_mmap() return value
mm, oom: fix missing tlb_finish_mmu() in __oom_reap_task_mm().
mm: memcontrol: print proper OOM header when no eligible victim left
ARC: don't check for HIGHMEM pages in arch_dma_alloc
ARC: IOC: panic if both IOC and ZONE_HIGHMEM enabled
ARC: dma [IOC] Enable per device io coherency
net: phy: sfp: Handle unimplemented hwmon limits and alarms
net: sched: action_ife: take reference to meta module
act_ife: fix a potential use-after-free
net/mlx5: Fix SQ offset in QPs with small RQ
nbd: don't allow invalid blocksize settings
i2c: i801: fix DNV's SMBCTRL register offset
KVM: s390: Properly lock mm context allow_gmap_hpage_1m setting
KVM: s390: vsie: copy wrapping keys to right place
KVM: s390: Fix pfmf and conditional skey emulation
nds32: fix build error because of wrong semicolon
nds32: Fix a kernel panic issue because of wrong frame pointer access.
nds32: Only print one page of stack when die to prevent printing too much information.
nds32: Add macro definition for offset of lp register on stack
nds32: Remove the deprecated ABI implementation
nds32/stack: Get real return address by using ftrace_graph_ret_addr
nds32/ftrace: Support dynamic function graph tracer
nds32/ftrace: Support dynamic function tracer
nds32/ftrace: Add RECORD_MCOUNT support
nds32/ftrace: Support static function graph tracer
nds32/ftrace: Support static function tracer
nds32: Extract the checking and getting pointer to a macro
nds32: Clean up the coding style
nds32: Fix get_user/put_user macro expand pointer problem
nds32: Fix empty call trace
nds32: add NULL entry to the end of_device_id array
nds32: fix logic for module
tipc: correct spelling errors for tipc_topsrv_queue_evt() comments
tipc: correct spelling errors for struct tipc_bc_base's comment
bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA.
bnxt_en: Clean up unused functions.
bnxt_en: Fix firmware signaled resource change logic in open.
sctp: not traverse asoc trans list if non-ipv6 trans exists for ipv6_flowlabel
sctp: fix invalid reference to the index variable of the iterator
net/ibm/emac: wrong emac_calc_base call was used by typo
net: sched: null actions array pointer before releasing action
drm/i915/dp_mst: Fix enabling pipe clock for all streams
drm/i915/dsc: Fix PPS register definition macros for 2nd VDSC engine
drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse"
vhost: fix VHOST_GET_BACKEND_FEATURES ioctl request definition
r8169: add support for NCube 8168 network card
ip6_tunnel: respect ttl inherit for ip6tnl
ALSA: hda: Fix several mismatch for register mask and value
apparmor: fix bad debug check in apparmor_secid_to_secctx()
ALSA: rawmidi: Initialize allocated buffers
fsnotify: fix ignore mask logic in fsnotify()
timekeeping: Fix declaration of read_persistent_wall_and_boot_offset()
x86: Fix kernel-doc atomic.h warnings
mac80211: shorten the IBSS debug messages
mac80211: don't Tx a deauth frame if the AP forbade Tx
mac80211: Fix station bandwidth setting after channel switch
mac80211: fix a race between restart and CSA flows
mac80211: fix WMM TXOP calculation
cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
mac80211: fix an off-by-one issue in A-MSDU max_subframe computation
drm/i915/gvt: Give new born vGPU higher scheduling chance
cifs: connect to servername instead of IP for IPC$ share
smb3: check for and properly advertise directory lease support
smb3: minor debugging clarifications in rfc1001 len processing
SMB3: Backup intent flag missing for directory opens with backupuid mounts
fs/cifs: don't translate SFM_SLASH (U+F026) to backslash
m68k: fix early memory reservation for ColdFire MMU systems
uapi: Fix linux/rds.h userspace compilation errors.
net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx()
i2c: imx-lpi2c: Remove mx8dv compatible entry
dt-bindings: imx-lpi2c: Remove mx8dv compatible entry
i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP
i2c: uniphier: issue STOP only for last message or I2C_M_STOP
net/ipv6: Only update MTU metric if it set
net: ethernet: cpsw-phy-sel: prefer phandle for phy sel
dt-bindings: net: cpsw: Document cpsw-phy-sel usage but prefer phandle
igmp: fix incorrect unsolicit report count after link down and up
igmp: fix incorrect unsolicit report count when join group
bpf: avoid misuse of psock when TCP_ULP_BPF collides with another ULP
tools/bpf: bpftool, add xskmap in map types
bpf: Fix bpf_msg_pull_data()
kbuild: make missing $DEPMOD a Warning instead of an Error
kconfig: do not require pkg-config on make {menu,n}config
x86/microcode: Update the new microcode revision unconditionally
x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
of/platform: initialise AMBA default DMA masks
sparc: set a default 32-bit dma mask for OF devices
ipv6: don't get lwtstate twice in ip6_rt_copy_init()
random: make CPU trust a boot parameter
kernel/dma/direct: take DMA offset into account in dma_direct_supported
ibmvnic: Include missing return code checks in reset function
selftests: pmtu: detect correct binary to ping ipv6 addresses
selftests: pmtu: maximum MTU for vti4 is 2^16-1-20
tcp: do not restart timewait timer on rst reception
net/rds: RDS is not Radio Data System
hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe()
nfp: wait for posted reconfigs when disabling the device
Revert "packet: switch kvzalloc to allocate memory"
md-cluster: release RESYNC lock after the last resync message
RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0
md/raid5-cache: disable reshape completely
blkcg: use tryget logic when associating a blkg with a bio
blkcg: delay blkg destruction until after writeback has finished
Revert "blk-throttle: fix race between blkcg_bio_issue_check() and cgroup_rmdir()"
ARC: dma [IOC]: mark DMA devices connected as dma-coherent
ARC: atomics: unbork atomic_fetch_##op()
MIPS: VDSO: Match data page cache colouring when D$ aliases
kconfig: remove a spurious self-assignment
scripts/setlocalversion: git: Make -dirty check more robust
gpio: Fix crash due to registration race
arc: remove redundant GCC version checks
tools/kvm_stat: re-animate display of dead guests
tools/kvm_stat: indicate dead guests as such
tools/kvm_stat: handle guest removals more gracefully
tools/kvm_stat: don't reset stats when setting PID filter for debugfs
tools/kvm_stat: fix updates for dead guests
tools/kvm_stat: fix handling of invalid paths in debugfs provider
tools/kvm_stat: fix python3 issues
KVM: x86: Unexport x86_emulate_instruction()
KVM: x86: Rename emulate_instruction() to kvm_emulate_instruction()
KVM: x86: Do not re-{try,execute} after failed emulation in L2
KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault
KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE
KVM: x86: Invert emulation re-execute behavior to make it opt-in
KVM: x86: SVM: Set EMULTYPE_NO_REEXECUTE for RSM emulation
KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
KVM: SVM: remove unused variable dst_vaddr_end
KVM: nVMX: avoid redundant double assignment of nested_run_pending
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
mac80211: always account for A-MSDU header changes
mac80211: do not convert to A-MSDU if frag/subframe limited
cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE
tc-testing: add test-cases for numeric and invalid control action
net_sched: reject unknown tcfa_action values
net: mvpp2: initialize port of_node pointer
drm/i915/gvt: Fix drm_format_mod value for vGPU plane
drm/i915/gvt: move intel_runtime_pm_get out of spin_lock in stop_schedule
drm/i915/gvt: Handle GEN9_WM_CHICKEN3 with F_CMD_ACCESS.
drm/i915/gvt: Make correct handling to vreg BXT_PHY_CTL_FAMILY
drm/i915/gvt: emulate gen9 dbuf ctl register access
net: bcmgenet: use MAC link status for fixed phy
net: stmmac: build the dwmac-socfpga platform driver for Stratix10
net: rtnl: return early from rtnl_unregister_all when protocol isn't registered
ipv6: fix cleanup ordering for pingv6 registration
ipv6: fix cleanup ordering for ip6_mr failure
net/sched: act_pedit: fix dump of extended layered op
sh_eth: Add R7S9210 support
net: hns: add netif_carrier_off before change speed and duplex
net: hns: add the code for cleaning pkt in chip
r8169: set RxConfig after tx/rx is enabled for RTL8169sb/8110sb devices
tipc: switch to rhashtable iterator
Revert "net: stmmac: Do not keep rearming the coalesce timer in stmmac_xmit"
tipc: fix a missing rhashtable_walk_exit()
vti6: remove !skb->ignore_df check from vti6_xmit()
bpf: fix sg shift repair start offset in bpf_msg_pull_data
bpf: fix shift upon scatterlist ring wrap-around in bpf_msg_pull_data
bpf: fix msg->data/data_end after sg shift repair in bpf_msg_pull_data
gpio: dwapb: Fix error handling in dwapb_gpio_probe()
gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall
gpiolib: acpi: Switch to cansleep version of GPIO library call
mac80211: avoid kernel panic when building AMSDU from non-linear SKB
mac80211: mesh: fix HWMP sequence numbering to follow standard
gpio: adp5588: Fix sleep-in-atomic-context bug
bpf: fix several offset tests in bpf_msg_pull_data
nl80211: Pass center frequency in kHz instead of MHz
nl80211: Fix nla_put_u8 to u16 for NL80211_WMMR_TXOP
mac80211_hwsim: Fix possible Spectre-v1 for hwsim_world_regdom_custom
mac80211: don't update the PM state of a peer upon a multicast frame
cfg80211: make wmm_rule part of the reg_rule structure
mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X
mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X
bpf: sockmap, decrement copied count correctly in redirect error case
bpf: fix build error with clang
bpf, sockmap: fix psock refcount leak in bpf_tcp_recvmsg
bpf, sockmap: fix potential use after free in bpf_tcp_close
net/rds: Use rdma_read_gids to get connection SGID/DGID in IPv6
net: dsa: Drop GPIO includes
tipc: fix the big/little endian issue in tipc_dest
net: sched: return -ENOENT when trying to remove filter from non-existent chain
net: sched: fix extack error message when chain is failed to be created
erspan: set erspan_ver to 1 by default when adding an erspan dev
sctp: remove useless start_fail from sctp_ht_iter in proc
sctp: hold transport before accessing its asoc in sctp_transport_get_next
scsi: aacraid: fix a signedness bug
Revert "scsi: core: avoid host-wide host_busy counter for scsi_mq"
Revert "scsi: core: fix scsi_host_queue_ready"
scsi: libata: Add missing newline at end of file
scsi: target: iscsi: cxgbit: use pr_debug() instead of pr_info()
scsi: hpsa: limit transfer length to 1MB, not 512kB
scsi: lpfc: Correct MDS diag and nvmet configuration
scsi: lpfc: Default fdmi_on to on
scsi: csiostor: fix incorrect port capabilities
scsi: csiostor: add a check for NULL pointer after kmalloc()
scsi: documentation: add scsi_mod.use_blk_mq to scsi-parameters
scsi: core: Update SCSI_MQ_DEFAULT help text to match default
ARC: sort Kconfig
ARC: cleanup show_faulting_vma()
ARC: [plat-axs*]: Enable SWAP
ARC: [plat-axs*/plat-hsdk]: Allow U-Boot to pass MAC-address to the kernel
ARC: configs: cleanup
arm64: allwinner: dts: h6: fix Pine H64 MMC bus width
btrfs: Fix suspicious RCU usage warning in btrfs_debug_in_rcu
btrfs: use after free in btrfs_quota_enable
btrfs: btrfs_shrink_device should call commit transaction at the end
btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata
Btrfs: fix data corruption when deduplicating between different files
Btrfs: sync log after logging new name
cfg80211: remove division by size of sizeof(struct ieee80211_wmm_rule)
KVM: PPC: Book3S HV: Don't truncate HPTE index in xlate function
Btrfs: fix unexpected failure of nocow buffered writes after snapshotting when low on space
mac80211_hwsim: require at least one channel
KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix()
mac80211: Run TXQ teardown code before de-registering interfaces
rfkill-gpio: include linux/mod_devicetable.h
Change-Id: Ic6d1654e67ece823a5fce6ae18d241ad350bfb08
Signed-off-by: Rishabh Bhatnagar <rishabhb@codeaurora.org>
|
||
|
Nadav Amit
|
1ed0cc5a01 |
mm: respect arch_dup_mmap() return value
Commit |
||
|
Sultan Alsawaf
|
9c752f5721 |
ANDROID: Fix massive cpufreq_times memory leaks
Every time _cpu_up() is called for a CPU, idle_thread_get() is called which then re-initializes a CPU's idle thread that was already previously created and cached in a global variable in smpboot.c. idle_thread_get() calls init_idle() which then calls __sched_fork(). __sched_fork() is where cpufreq_task_times_init() is, and cpufreq_task_times_init() allocates memory for the task struct's time_in_state array. Since idle_thread_get() reuses a task struct instance that was already previously created, this means that every time it calls init_idle(), cpufreq_task_times_init() allocates this array again and overwrites the existing allocation that the idle thread already had. This causes memory to be leaked every time a CPU is onlined. In order to fix this, move allocation of time_in_state into _do_fork to avoid allocating it at all for idle threads. The cpufreq times interface is intended to be used for tracking userspace tasks, so we can safely remove it from the kernel's idle threads without killing any functionality. But that's not all! Task structs can be freed outside of release_task(), which creates another memory leak because a task struct can be freed without having its cpufreq times allocation freed. To fix this, free the cpufreq times allocation at the same time that task struct allocations are freed, in free_task(). Since free_task() can also be called in error paths of copy_process() after dup_task_struct(), set time_in_state to NULL immediately after calling dup_task_struct() to avoid possible double free. Bug description and fix adapted from patch submitted by Sultan Alsawaf <sultanxda@gmail.com> at https://android-review.googlesource.com/c/kernel/msm/+/700134 Bug: 110044919 Test: Hikey960 builds, boots & reports /proc/<pid>/time_in_state correctly Change-Id: I12fe7611fc88eb7f6c39f8f7629ad27b6ec4722c Signed-off-by: Connor O'Brien <connoro@google.com> |
||
|
Linus Torvalds
|
cd9b44f907 |
Merge branch 'akpm' (patches from Andrew)
Merge more updates from Andrew Morton: - the rest of MM - procfs updates - various misc things - more y2038 fixes - get_maintainer updates - lib/ updates - checkpatch updates - various epoll updates - autofs updates - hfsplus - some reiserfs work - fatfs updates - signal.c cleanups - ipc/ updates * emailed patches from Andrew Morton <akpm@linux-foundation.org>: (166 commits) ipc/util.c: update return value of ipc_getref from int to bool ipc/util.c: further variable name cleanups ipc: simplify ipc initialization ipc: get rid of ids->tables_initialized hack lib/rhashtable: guarantee initial hashtable allocation lib/rhashtable: simplify bucket_table_alloc() ipc: drop ipc_lock() ipc/util.c: correct comment in ipc_obtain_object_check ipc: rename ipcctl_pre_down_nolock() ipc/util.c: use ipc_rcu_putref() for failues in ipc_addid() ipc: reorganize initialization of kern_ipc_perm.seq ipc: compute kern_ipc_perm.id under the ipc lock init/Kconfig: remove EXPERT from CHECKPOINT_RESTORE fs/sysv/inode.c: use ktime_get_real_seconds() for superblock stamp adfs: use timespec64 for time conversion kernel/sysctl.c: fix typos in comments drivers/rapidio/devices/rio_mport_cdev.c: remove redundant pointer md fork: don't copy inconsistent signal handler state to child signal: make get_signal() return bool signal: make sigkill_pending() return bool ... |
||
|
Jann Horn
|
06e62a46bb |
fork: don't copy inconsistent signal handler state to child
Before this change, if a multithreaded process forks while one of its threads is changing a signal handler using sigaction(), the memcpy() in copy_sighand() can race with the struct assignment in do_sigaction(). It isn't clear whether this can cause corruption of the userspace signal handler pointer, but it definitely can cause inconsistency between different fields of struct sigaction. Take the appropriate spinlock to avoid this. I have tested that this patch prevents inconsistency between sa_sigaction and sa_flags, which is possible before this patch. Link: http://lkml.kernel.org/r/20180702145108.73189-1-jannh@google.com Signed-off-by: Jann Horn <jannh@google.com> Acked-by: Michal Hocko <mhocko@suse.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Rik van Riel <riel@redhat.com> Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org> Cc: Kees Cook <keescook@chromium.org> Cc: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Dmitry Vyukov
|
a2e5144538 |
kernel/hung_task.c: allow to set checking interval separately from timeout
Currently task hung checking interval is equal to timeout, as the result hung is detected anywhere between timeout and 2*timeout. This is fine for most interactive environments, but this hurts automated testing setups (syzbot). In an automated setup we need to strictly order CPU lockup < RCU stall < workqueue lockup < task hung < silent loss, so that RCU stall is not detected as task hung and task hung is not detected as silent machine loss. The large variance in task hung detection timeout requires setting silent machine loss timeout to a very large value (e.g. if task hung is 3 mins, then silent loss need to be set to ~7 mins). The additional 3 minutes significantly reduce testing efficiency because usually we crash kernel within a minute, and this can add hours to bug localization process as it needs to do dozens of tests. Allow setting checking interval separately from timeout. This allows to set timeout to, say, 3 minutes, but checking interval to 10 secs. The interval is controlled via a new hung_task_check_interval_secs sysctl, similar to the existing hung_task_timeout_secs sysctl. The default value of 0 results in the current behavior: checking interval is equal to timeout. [akpm@linux-foundation.org: update hung_task_timeout_max's comment] Link: http://lkml.kernel.org/r/20180611111004.203513-1-dvyukov@google.com Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Ingo Molnar <mingo@elte.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Andrew Morton
|
a670468f5e |
mm: zero out the vma in vma_init()
Rather than in vm_area_alloc(). To ensure that the various oddball stack-based vmas are in a good state. Some of the callers were zeroing them out, others were not. Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Russell King <rmk+kernel@arm.linux.org.uk> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
0214f46b3a |
Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
Pull core signal handling updates from Eric Biederman:
"It was observed that a periodic timer in combination with a
sufficiently expensive fork could prevent fork from every completing.
This contains the changes to remove the need for that restart.
This set of changes is split into several parts:
- The first part makes PIDTYPE_TGID a proper pid type instead
something only for very special cases. The part starts using
PIDTYPE_TGID enough so that in __send_signal where signals are
actually delivered we know if the signal is being sent to a a group
of processes or just a single process.
- With that prep work out of the way the logic in fork is modified so
that fork logically makes signals received while it is running
appear to be received after the fork completes"
* 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (22 commits)
signal: Don't send signals to tasks that don't exist
signal: Don't restart fork when signals come in.
fork: Have new threads join on-going signal group stops
fork: Skip setting TIF_SIGPENDING in ptrace_init_task
signal: Add calculate_sigpending()
fork: Unconditionally exit if a fatal signal is pending
fork: Move and describe why the code examines PIDNS_ADDING
signal: Push pid type down into complete_signal.
signal: Push pid type down into __send_signal
signal: Push pid type down into send_signal
signal: Pass pid type into do_send_sig_info
signal: Pass pid type into send_sigio_to_task & send_sigurg_to_task
signal: Pass pid type into group_send_sig_info
signal: Pass pid and pid type into send_sigqueue
posix-timers: Noralize good_sigevent
signal: Use PIDTYPE_TGID to clearly store where file signals will be sent
pid: Implement PIDTYPE_TGID
pids: Move the pgrp and session pid pointers from task_struct to signal_struct
kvm: Don't open code task_pid in kvm_vcpu_ioctl
pids: Compute task_tgid using signal->leader_pid
...
|
||
|
Shakeel Butt
|
d46eb14b73 |
fs: fsnotify: account fsnotify metadata to kmemcg
Patch series "Directed kmem charging", v8. The Linux kernel's memory cgroup allows limiting the memory usage of the jobs running on the system to provide isolation between the jobs. All the kernel memory allocated in the context of the job and marked with __GFP_ACCOUNT will also be included in the memory usage and be limited by the job's limit. The kernel memory can only be charged to the memcg of the process in whose context kernel memory was allocated. However there are cases where the allocated kernel memory should be charged to the memcg different from the current processes's memcg. This patch series contains two such concrete use-cases i.e. fsnotify and buffer_head. The fsnotify event objects can consume a lot of system memory for large or unlimited queues if there is either no or slow listener. The events are allocated in the context of the event producer. However they should be charged to the event consumer. Similarly the buffer_head objects can be allocated in a memcg different from the memcg of the page for which buffer_head objects are being allocated. To solve this issue, this patch series introduces mechanism to charge kernel memory to a given memcg. In case of fsnotify events, the memcg of the consumer can be used for charging and for buffer_head, the memcg of the page can be charged. For directed charging, the caller can use the scope API memalloc_[un]use_memcg() to specify the memcg to charge for all the __GFP_ACCOUNT allocations within the scope. This patch (of 2): A lot of memory can be consumed by the events generated for the huge or unlimited queues if there is either no or slow listener. This can cause system level memory pressure or OOMs. So, it's better to account the fsnotify kmem caches to the memcg of the listener. However the listener can be in a different memcg than the memcg of the producer and these allocations happen in the context of the event producer. This patch introduces remote memcg charging API which the producer can use to charge the allocations to the memcg of the listener. There are seven fsnotify kmem caches and among them allocations from dnotify_struct_cache, dnotify_mark_cache, fanotify_mark_cache and inotify_inode_mark_cachep happens in the context of syscall from the listener. So, SLAB_ACCOUNT is enough for these caches. The objects from fsnotify_mark_connector_cachep are not accounted as they are small compared to the notification mark or events and it is unclear whom to account connector to since it is shared by all events attached to the inode. The allocations from the event caches happen in the context of the event producer. For such caches we will need to remote charge the allocations to the listener's memcg. Thus we save the memcg reference in the fsnotify_group structure of the listener. This patch has also moved the members of fsnotify_group to keep the size same, at least for 64 bit build, even with additional member by filling the holes. [shakeelb@google.com: use GFP_KERNEL_ACCOUNT rather than open-coding it] Link: http://lkml.kernel.org/r/20180702215439.211597-1-shakeelb@google.com Link: http://lkml.kernel.org/r/20180627191250.209150-2-shakeelb@google.com Signed-off-by: Shakeel Butt <shakeelb@google.com> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Cc: Michal Hocko <mhocko@kernel.org> Cc: Jan Kara <jack@suse.cz> Cc: Amir Goldstein <amir73il@gmail.com> Cc: Greg Thelen <gthelen@google.com> Cc: Vladimir Davydov <vdavydov.dev@gmail.com> Cc: Roman Gushchin <guro@fb.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
73ba2fb33c |
Merge tag 'for-4.19/block-20180812' of git://git.kernel.dk/linux-block
Pull block updates from Jens Axboe:
"First pull request for this merge window, there will also be a
followup request with some stragglers.
This pull request contains:
- Fix for a thundering heard issue in the wbt block code (Anchal
Agarwal)
- A few NVMe pull requests:
* Improved tracepoints (Keith)
* Larger inline data support for RDMA (Steve Wise)
* RDMA setup/teardown fixes (Sagi)
* Effects log suppor for NVMe target (Chaitanya Kulkarni)
* Buffered IO suppor for NVMe target (Chaitanya Kulkarni)
* TP4004 (ANA) support (Christoph)
* Various NVMe fixes
- Block io-latency controller support. Much needed support for
properly containing block devices. (Josef)
- Series improving how we handle sense information on the stack
(Kees)
- Lightnvm fixes and updates/improvements (Mathias/Javier et al)
- Zoned device support for null_blk (Matias)
- AIX partition fixes (Mauricio Faria de Oliveira)
- DIF checksum code made generic (Max Gurtovoy)
- Add support for discard in iostats (Michael Callahan / Tejun)
- Set of updates for BFQ (Paolo)
- Removal of async write support for bsg (Christoph)
- Bio page dirtying and clone fixups (Christoph)
- Set of bcache fix/changes (via Coly)
- Series improving blk-mq queue setup/teardown speed (Ming)
- Series improving merging performance on blk-mq (Ming)
- Lots of other fixes and cleanups from a slew of folks"
* tag 'for-4.19/block-20180812' of git://git.kernel.dk/linux-block: (190 commits)
blkcg: Make blkg_root_lookup() work for queues in bypass mode
bcache: fix error setting writeback_rate through sysfs interface
null_blk: add lock drop/acquire annotation
Blk-throttle: reduce tail io latency when iops limit is enforced
block: paride: pd: mark expected switch fall-throughs
block: Ensure that a request queue is dissociated from the cgroup controller
block: Introduce blk_exit_queue()
blkcg: Introduce blkg_root_lookup()
block: Remove two superfluous #include directives
blk-mq: count the hctx as active before allocating tag
block: bvec_nr_vecs() returns value for wrong slab
bcache: trivial - remove tailing backslash in macro BTREE_FLAG
bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section
bcache: set max writeback rate when I/O request is idle
bcache: add code comments for bset.c
bcache: fix mistaken comments in request.c
bcache: fix mistaken code comments in bcache.h
bcache: add a comment in super.c
bcache: avoid unncessary cache prefetch bch_btree_node_get()
bcache: display rate debug parameters to 0 when writeback is not running
...
|
||
|
Linus Torvalds
|
203b4fc903 |
Merge branch 'x86-mm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 mm updates from Thomas Gleixner: - Make lazy TLB mode even lazier to avoid pointless switch_mm() operations, which reduces CPU load by 1-2% for memcache workloads - Small cleanups and improvements all over the place * 'x86-mm-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mm: Remove redundant check for kmem_cache_create() arm/asm/tlb.h: Fix build error implicit func declaration x86/mm/tlb: Make clear_asid_other() static x86/mm/tlb: Skip atomic operations for 'init_mm' in switch_mm_irqs_off() x86/mm/tlb: Always use lazy TLB mode x86/mm/tlb: Only send page table free TLB flush to lazy TLB CPUs x86/mm/tlb: Make lazy TLB mode lazier x86/mm/tlb: Restructure switch_mm_irqs_off() x86/mm/tlb: Leave lazy TLB mode at page table free time mm: Allocate the mm_cpumask (mm->cpu_bitmap[]) dynamically based on nr_cpu_ids x86/mm: Add TLB purge to free pmd/pte page interfaces ioremap: Update pgtable free interfaces with addr x86/mm: Disable ioremap free page handling on x86-PAE |
||
|
Eric W. Biederman
|
c3ad2c3b02 |
signal: Don't restart fork when signals come in.
Wen Yang <wen.yang99@zte.com.cn> and majiang <ma.jiang@zte.com.cn>
report that a periodic signal received during fork can cause fork to
continually restart preventing an application from making progress.
The code was being overly pessimistic. Fork needs to guarantee that a
signal sent to multiple processes is logically delivered before the
fork and just to the forking process or logically delivered after the
fork to both the forking process and it's newly spawned child. For
signals like periodic timers that are always delivered to a single
process fork can safely complete and let them appear to logically
delivered after the fork().
While examining this issue I also discovered that fork today will miss
signals delivered to multiple processes during the fork and handled by
another thread. Similarly the current code will also miss blocked
signals that are delivered to multiple process, as those signals will
not appear pending during fork.
Add a list of each thread that is currently forking, and keep on that
list a signal set that records all of the signals sent to multiple
processes. When fork completes initialize the new processes
shared_pending signal set with it. The calculate_sigpending function
will see those signals and set TIF_SIGPENDING causing the new task to
take the slow path to userspace to handle those signals. Making it
appear as if those signals were received immediately after the fork.
It is not possible to send real time signals to multiple processes and
exceptions don't go to multiple processes, which means that that are
no signals sent to multiple processes that require siginfo. This
means it is safe to not bother collecting siginfo on signals sent
during fork.
The sigaction of a child of fork is initially the same as the
sigaction of the parent process. So a signal the parent ignores the
child will also initially ignore. Therefore it is safe to ignore
signals sent to multiple processes and ignored by the forking process.
Signals sent to only a single process or only a single thread and delivered
during fork are treated as if they are received after the fork, and generally
not dealt with. They won't cause any problems.
V2: Added removal from the multiprocess list on failure.
V3: Use -ERESTARTNOINTR directly
V4: - Don't queue both SIGCONT and SIGSTOP
- Initialize signal_struct.multiprocess in init_task
- Move setting of shared_pending to before the new task
is visible to signals. This prevents signals from comming
in before shared_pending.signal is set to delayed.signal
and being lost.
V5: - rework list add and delete to account for idle threads
v6: - Use sigdelsetmask when removing stop signals
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=200447
Reported-by: Wen Yang <wen.yang99@zte.com.cn> and
Reported-by: majiang <ma.jiang@zte.com.cn>
Fixes:
|
||
|
Jens Axboe
|
05b9ba4b55 |
Merge tag 'v4.18-rc6' into for-4.19/block2
Pull in 4.18-rc6 to get the NVMe core AEN change to avoid a merge conflict down the line. Signed-of-by: Jens Axboe <axboe@kernel.dk> |
||
|
Eric W. Biederman
|
924de3b8c9 |
fork: Have new threads join on-going signal group stops
There are only two signals that are delivered to every member of a
signal group: SIGSTOP and SIGKILL. Signal delivery requires every
signal appear to be delivered either before or after a clone syscall.
SIGKILL terminates the clone so does not need to be considered. Which
leaves only SIGSTOP that needs to be considered when creating new
threads.
Today in the event of a group stop TIF_SIGPENDING will get set and the
fork will restart ensuring the fork syscall participates in the group
stop.
A fork (especially of a process with a lot of memory) is one of the
most expensive system so we really only want to restart a fork when
necessary.
It is easy so check to see if a SIGSTOP is ongoing and have the new
thread join it immediate after the clone completes. Making it appear
the clone completed happened just before the SIGSTOP.
The calculate_sigpending function will see the bits set in jobctl and
set TIF_SIGPENDING to ensure the new task takes the slow path to userspace.
V2: The call to task_join_group_stop was moved before the new task is
added to the thread group list. This should not matter as
sighand->siglock is held over both the addition of the threads,
the call to task_join_group_stop and do_signal_stop. But the change
is trivial and it is one less thing to worry about when reading
the code.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
||
|
Josef Bacik
|
2c323017e3 |
blk-cgroup: clear the throttle queue on fork
We were hitting a panic in production where we put too many times on the request queue. This is because we'd get the throttle_queue of the parent if we fork()'ed while we needed to be throttled, but we didn't have a reference on it. Instead just clear these flags on fork so the child doesn't pay for the sins of its father. Signed-off-by: Josef Bacik <josef@toxicpanda.com> Signed-off-by: Jens Axboe <axboe@kernel.dk> |
||
|
Kirill A. Shutemov
|
027232da7c |
mm: introduce vma_init()
Not all VMAs allocated with vm_area_alloc(). Some of them allocated on stack or in data segment. The new helper can be use to initialize VMA properly regardless where it was allocated. Link: http://lkml.kernel.org/r/20180724121139.62570-2-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Eric W. Biederman
|
7673bf553b |
fork: Unconditionally exit if a fatal signal is pending
In practice this does not change anything as testing for fatal_signal_pending and exiting for with an error code duplicates the work of the next clause which recalculates pending signals and then exits fork if any are pending. In both cases the pending signal will trigger the slow path when existing to userspace, and the fatal signal will cause do_exit to be called. The advantage of making this a separate test is that it makes it clear processing the fatal signal will terminate the fork, and it allows the rest of the signal logic to be updated without fear that this important case will be lost. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Eric W. Biederman
|
4ca1d3ee46 |
fork: Move and describe why the code examines PIDNS_ADDING
Normally this would be something that would be handled by handling signals that are sent to a group of processes but in this case the forking process is not a member of the group being signaled. Thus special code is needed to prevent a race with pid namespaces exiting, and fork adding new processes within them. Move this test up before the signal restart just in case signals are also pending. Fatal conditions should take presedence over restarts. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Linus Torvalds
|
490fc05386 |
mm: make vm_area_alloc() initialize core fields
Like vm_area_dup(), it initializes the anon_vma_chain head, and the basic mm pointer. The rest of the fields end up being different for different users, although the plan is to also initialize the 'vm_ops' field to a dummy entry. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
95faf6992d |
mm: make vm_area_dup() actually copy the old vma data
.. and re-initialize th eanon_vma_chain head. This removes some boiler-plate from the users, and also makes it clear why it didn't need use the 'zalloc()' version. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
3928d4f5ee |
mm: use helper functions for allocating and freeing vm_area structs
The vm_area_struct is one of the most fundamental memory management
objects, but the management of it is entirely open-coded evertwhere,
ranging from allocation and freeing (using kmem_cache_[z]alloc and
kmem_cache_free) to initializing all the fields.
We want to unify this in order to end up having some unified
initialization of the vmas, and the first step to this is to at least
have basic allocation functions.
Right now those functions are literally just wrappers around the
kmem_cache_*() calls. This is a purely mechanical conversion:
# new vma:
kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL) -> vm_area_alloc()
# copy old vma
kmem_cache_alloc(vm_area_cachep, GFP_KERNEL) -> vm_area_dup(old)
# free vma
kmem_cache_free(vm_area_cachep, vma) -> vm_area_free(vma)
to the point where the old vma passed in to the vm_area_dup() function
isn't even used yet (because I've left all the old manual initialization
alone).
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Eric W. Biederman
|
6883f81aac |
pid: Implement PIDTYPE_TGID
Everywhere except in the pid array we distinguish between a tasks pid and a tasks tgid (thread group id). Even in the enumeration we want that distinction sometimes so we have added __PIDTYPE_TGID. With leader_pid we almost have an implementation of PIDTYPE_TGID in struct signal_struct. Add PIDTYPE_TGID as a first class member of the pid_type enumeration and into the pids array. Then remove the __PIDTYPE_TGID special case and the leader_pid in signal_struct. The net size increase is just an extra pointer added to struct pid and an extra pair of pointers of an hlist_node added to task_struct. The effect on code maintenance is the removal of a number of special cases today and the potential to remove many more special cases as PIDTYPE_TGID gets used to it's fullest. The long term potential is allowing zombie thread group leaders to exit, which will remove a lot more special cases in the code. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Eric W. Biederman
|
2c4704756c |
pids: Move the pgrp and session pid pointers from task_struct to signal_struct
To access these fields the code always has to go to group leader so going to signal struct is no loss and is actually a fundamental simplification. This saves a little bit of memory by only allocating the pid pointer array once instead of once for every thread, and even better this removes a few potential races caused by the fact that group_leader can be changed by de_thread, while signal_struct can not. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> |
||
|
Rik van Riel
|
c1a2f7f0c0 |
mm: Allocate the mm_cpumask (mm->cpu_bitmap[]) dynamically based on nr_cpu_ids
The mm_struct always contains a cpumask bitmap, regardless of CONFIG_CPUMASK_OFFSTACK. That means the first step can be to simplify things, and simply have one bitmask at the end of the mm_struct for the mm_cpumask. This does necessitate moving everything else in mm_struct into an anonymous sub-structure, which can be randomized when struct randomization is enabled. The second step is to determine the correct size for the mm_struct slab object from the size of the mm_struct (excluding the CPU bitmap) and the size the cpumask. For init_mm we can simply allocate the maximum size this kernel is compiled for, since we only have one init_mm in the system, anyway. Pointer magic by Mike Galbraith, to evade -Wstringop-overflow getting confused by the dynamically sized array. Tested-by: Song Liu <songliubraving@fb.com> Signed-off-by: Rik van Riel <riel@surriel.com> Signed-off-by: Mike Galbraith <efault@gmx.de> Signed-off-by: Rik van Riel <riel@surriel.com> Acked-by: Dave Hansen <dave.hansen@intel.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: kernel-team@fb.com Cc: luto@kernel.org Link: http://lkml.kernel.org/r/20180716190337.26133-2-riel@surriel.com Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Tetsuo Handa
|
655c79bb40 |
mm: check for SIGKILL inside dup_mmap() loop
As a theoretical problem, dup_mmap() of an mm_struct with 60000+ vmas can loop while potentially allocating memory, with mm->mmap_sem held for write by current thread. This is bad if current thread was selected as an OOM victim, for current thread will continue allocations using memory reserves while OOM reaper is unable to reclaim memory. As an actually observable problem, it is not difficult to make OOM reaper unable to reclaim memory if the OOM victim is blocked at i_mmap_lock_write() in this loop. Unfortunately, since nobody can explain whether it is safe to use killable wait there, let's check for SIGKILL before trying to allocate memory. Even without an OOM event, there is no point with continuing the loop from the beginning if current thread is killed. I tested with debug printk(). This patch should be safe because we already fail if security_vm_enough_memory_mm() or kmem_cache_alloc(GFP_KERNEL) fails and exit_mmap() handles it. ***** Aborting dup_mmap() due to SIGKILL ***** ***** Aborting dup_mmap() due to SIGKILL ***** ***** Aborting dup_mmap() due to SIGKILL ***** ***** Aborting dup_mmap() due to SIGKILL ***** ***** Aborting exit_mmap() due to NULL mmap ***** [akpm@linux-foundation.org: add comment] Link: http://lkml.kernel.org/r/201804071938.CDE04681.SOFVQJFtMHOOLF@I-love.SAKURA.ne.jp Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Rik van Riel <riel@redhat.com> Cc: Michal Hocko <mhocko@suse.com> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: David Rientjes <rientjes@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Linus Torvalds
|
050e9baa9d |
Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables
The changes to automatically test for working stack protector compiler support in the Kconfig files removed the special STACKPROTECTOR_AUTO option that picked the strongest stack protector that the compiler supported. That was all a nice cleanup - it makes no sense to have the AUTO case now that the Kconfig phase can just determine the compiler support directly. HOWEVER. It also meant that doing "make oldconfig" would now _disable_ the strong stackprotector if you had AUTO enabled, because in a legacy config file, the sane stack protector configuration would look like CONFIG_HAVE_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_NONE is not set # CONFIG_CC_STACKPROTECTOR_REGULAR is not set # CONFIG_CC_STACKPROTECTOR_STRONG is not set CONFIG_CC_STACKPROTECTOR_AUTO=y and when you ran this through "make oldconfig" with the Kbuild changes, it would ask you about the regular CONFIG_CC_STACKPROTECTOR (that had been renamed from CONFIG_CC_STACKPROTECTOR_REGULAR to just CONFIG_CC_STACKPROTECTOR), but it would think that the STRONG version used to be disabled (because it was really enabled by AUTO), and would disable it in the new config, resulting in: CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_HAS_STACKPROTECTOR_NONE=y CONFIG_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_STRONG is not set CONFIG_CC_HAS_SANE_STACKPROTECTOR=y That's dangerously subtle - people could suddenly find themselves with the weaker stack protector setup without even realizing. The solution here is to just rename not just the old RECULAR stack protector option, but also the strong one. This does that by just removing the CC_ prefix entirely for the user choices, because it really is not about the compiler support (the compiler support now instead automatially impacts _visibility_ of the options to users). This results in "make oldconfig" actually asking the user for their choice, so that we don't have any silent subtle security model changes. The end result would generally look like this: CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_HAS_STACKPROTECTOR_NONE=y CONFIG_STACKPROTECTOR=y CONFIG_STACKPROTECTOR_STRONG=y CONFIG_CC_HAS_SANE_STACKPROTECTOR=y where the "CC_" versions really are about internal compiler infrastructure, not the user selections. Acked-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |