1. 17 Nov, 2022 2 commits
  2. 11 Nov, 2022 2 commits
  3. 10 Nov, 2022 1 commit
  4. 08 Nov, 2022 1 commit
    • Dylan Yudaken's avatar
      io_uring: calculate CQEs from the user visible value · 0fc8c2ac
      Dylan Yudaken authored
      io_cqring_wait (and it's wake function io_has_work) used cached_cq_tail in
      order to calculate the number of CQEs. cached_cq_tail is set strictly
      before the user visible rings->cq.tail
      
      However as far as userspace is concerned,  if io_uring_enter(2) is called
      with a minimum number of events, they will verify by checking
      rings->cq.tail.
      
      It is therefore possible for io_uring_enter(2) to return early with fewer
      events visible to the user.
      
      Instead make the wait functions read from the user visible value, so there
      will be no discrepency.
      
      This is triggered eventually by the following reproducer:
      
      struct io_uring_sqe *sqe;
      struct io_uring_cqe *cqe;
      unsigned int cqe_ready;
      struct io_uring ring;
      int ret, i;
      
      ret = io_uring_queue_init(N, &ring, 0);
      assert(!ret);
      while(true) {
      	for (i = 0; i < N; i++) {
      		sqe = io_uring_get_sqe(&ring);
      		io_uring_prep_nop(sqe);
      		sqe->flags |= IOSQE_ASYNC;
      	}
      	ret = io_uring_submit(&ring);
      	assert(ret == N);
      
      	do {
      		ret = io_uring_wait_cqes(&ring, &cqe, N, NULL, NULL);
      	} while(ret == -EINTR);
      	cqe_ready = io_uring_cq_ready(&ring);
      	assert(!ret);
      	assert(cqe_ready == N);
      	io_uring_cq_advance(&ring, N);
      }
      
      Fixes: ad3eb2c8 ("io_uring: split overflow state into SQ and CQ side")
      Signed-off-by: default avatarDylan Yudaken <dylany@meta.com>
      Link: https://lore.kernel.org/r/20221108153016.1854297-1-dylany@meta.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      0fc8c2ac
  5. 06 Nov, 2022 1 commit
  6. 02 Nov, 2022 1 commit
  7. 27 Oct, 2022 2 commits
  8. 22 Oct, 2022 3 commits
  9. 20 Oct, 2022 1 commit
    • Rafael Mendonca's avatar
      io-wq: Fix memory leak in worker creation · 996d3efe
      Rafael Mendonca authored
      If the CPU mask allocation for a node fails, then the memory allocated for
      the 'io_wqe' struct of the current node doesn't get freed on the error
      handling path, since it has not yet been added to the 'wqes' array.
      
      This was spotted when fuzzing v6.1-rc1 with Syzkaller:
      BUG: memory leak
      unreferenced object 0xffff8880093d5000 (size 1024):
        comm "syz-executor.2", pid 7701, jiffies 4295048595 (age 13.900s)
        hex dump (first 32 bytes):
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
          00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        backtrace:
          [<00000000cb463369>] __kmem_cache_alloc_node+0x18e/0x720
          [<00000000147a3f9c>] kmalloc_node_trace+0x2a/0x130
          [<000000004e107011>] io_wq_create+0x7b9/0xdc0
          [<00000000c38b2018>] io_uring_alloc_task_context+0x31e/0x59d
          [<00000000867399da>] __io_uring_add_tctx_node.cold+0x19/0x1ba
          [<000000007e0e7a79>] io_uring_setup.cold+0x1b80/0x1dce
          [<00000000b545e9f6>] __x64_sys_io_uring_setup+0x5d/0x80
          [<000000008a8a7508>] do_syscall_64+0x5d/0x90
          [<000000004ac08bec>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
      
      Fixes: 0e03496d ("io-wq: use private CPU mask")
      Cc: stable@vger.kernel.org
      Signed-off-by: default avatarRafael Mendonca <rafaelmendsr@gmail.com>
      Link: https://lore.kernel.org/r/20221020014710.902201-1-rafaelmendsr@gmail.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      996d3efe
  10. 19 Oct, 2022 1 commit
    • Harshit Mogalapalli's avatar
      io_uring/msg_ring: Fix NULL pointer dereference in io_msg_send_fd() · 16bbdfe5
      Harshit Mogalapalli authored
      Syzkaller produced the below call trace:
      
       BUG: KASAN: null-ptr-deref in io_msg_ring+0x3cb/0x9f0
       Write of size 8 at addr 0000000000000070 by task repro/16399
      
       CPU: 0 PID: 16399 Comm: repro Not tainted 6.1.0-rc1 #28
       Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7
       Call Trace:
        <TASK>
        dump_stack_lvl+0xcd/0x134
        ? io_msg_ring+0x3cb/0x9f0
        kasan_report+0xbc/0xf0
        ? io_msg_ring+0x3cb/0x9f0
        kasan_check_range+0x140/0x190
        io_msg_ring+0x3cb/0x9f0
        ? io_msg_ring_prep+0x300/0x300
        io_issue_sqe+0x698/0xca0
        io_submit_sqes+0x92f/0x1c30
        __do_sys_io_uring_enter+0xae4/0x24b0
      ....
       RIP: 0033:0x7f2eaf8f8289
       RSP: 002b:00007fff40939718 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
       RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2eaf8f8289
       RDX: 0000000000000000 RSI: 0000000000006f71 RDI: 0000000000000004
       RBP: 00007fff409397a0 R08: 0000000000000000 R09: 0000000000000039
       R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004006d0
       R13: 00007fff40939880 R14: 0000000000000000 R15: 0000000000000000
        </TASK>
       Kernel panic - not syncing: panic_on_warn set ...
      
      We don't have a NULL check on file_ptr in io_msg_send_fd() function,
      so when file_ptr is NUL src_file is also NULL and get_file()
      dereferences a NULL pointer and leads to above crash.
      
      Add a NULL check to fix this issue.
      
      Fixes: e6130eba ("io_uring: add support for passing fixed file descriptors")
      Reported-by: default avatarsyzkaller <syzkaller@googlegroups.com>
      Signed-off-by: default avatarHarshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
      Link: https://lore.kernel.org/r/20221019171218.1337614-1-harshit.m.mogalapalli@oracle.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      16bbdfe5
  11. 16 Oct, 2022 15 commits
    • Jens Axboe's avatar
      io_uring/rw: remove leftover debug statement · 5c61795e
      Jens Axboe authored
      This debug statement was never meant to go into the upstream release,
      kill it off before it ends up in a release. It was just part of the
      testing for the initial version of the patch.
      
      Fixes: 2ec33a6c ("io_uring/rw: ensure kiocb_end_write() is always called")
      Signed-off-by: default avatarJens Axboe <axboe@kernel.dk>
      5c61795e
    • Pavel Begunkov's avatar
      io_uring: don't iopoll from io_ring_ctx_wait_and_kill() · 02bac94b
      Pavel Begunkov authored
      We should not be completing requests from a task context that has already
      undergone io_uring cancellations, i.e. __io_uring_cancel(), as there are
      some assumptions, e.g. around cached task refs draining. Remove
      iopolling from io_ring_ctx_wait_and_kill() as it can be called later
      after PF_EXITING is set with the last task_work run.
      Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
      Link: https://lore.kernel.org/r/7c03cc91455c4a1af49c6b9cbda4e57ea467aa11.1665891182.git.asml.silence@gmail.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      02bac94b
    • Pavel Begunkov's avatar
      io_uring: reuse io_alloc_req() · 34f0bc42
      Pavel Begunkov authored
      Don't duplicate io_alloc_req() in io_req_caches_free() but reuse the
      helper.
      Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
      Link: https://lore.kernel.org/r/6005fc88274864a49fc3096c22d8bdd605cf8576.1665891182.git.asml.silence@gmail.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      34f0bc42
    • Pavel Begunkov's avatar
      io_uring: kill hot path fixed file bitmap debug checks · 4d505951
      Pavel Begunkov authored
      We test file_table.bitmap in io_file_get_fixed() to check invariants,
      don't do it, it's expensive and was showing up in profiles. No reports of
      this triggering has come in. Move the check to the file clear instead,
      which will still catch any wrong usage.
      Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
      Link: https://lore.kernel.org/r/cf77f2ded68d2e5b2bc7355784d969837d48e023.1665891182.git.asml.silence@gmail.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      4d505951
    • Pavel Begunkov's avatar
      io_uring: remove FFS_SCM · 38eddb2c
      Pavel Begunkov authored
      THe lifetime of SCM'ed files is bound to ring_sock, which is destroyed
      strictly after we're done with registered file tables. This means there
      is no need for the FFS_SCM hack, which was not available on 32-bit builds
      anyway.
      Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
      Link: https://lore.kernel.org/r/984226a1045adf42dc35d8bd7fb5a8bbfa472ce1.1665891182.git.asml.silence@gmail.comSigned-off-by: default avatarJens Axboe <axboe@kernel.dk>
      38eddb2c
    • Linus Torvalds's avatar
      Linux 6.1-rc1 · 9abf2313
      Linus Torvalds authored
      9abf2313
    • Linus Torvalds's avatar
      Merge tag 'random-6.1-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random · f1947d7c
      Linus Torvalds authored
      Pull more random number generator updates from Jason Donenfeld:
       "This time with some large scale treewide cleanups.
      
        The intent of this pull is to clean up the way callers fetch random
        integers. The current rules for doing this right are:
      
         - If you want a secure or an insecure random u64, use get_random_u64()
      
         - If you want a secure or an insecure random u32, use get_random_u32()
      
           The old function prandom_u32() has been deprecated for a while
           now and is just a wrapper around get_random_u32(). Same for
           get_random_int().
      
         - If you want a secure or an insecure random u16, use get_random_u16()
      
         - If you want a secure or an insecure random u8, use get_random_u8()
      
         - If you want secure or insecure random bytes, use get_random_bytes().
      
           The old function prandom_bytes() has been deprecated for a while
           now and has long been a wrapper around get_random_bytes()
      
         - If you want a non-uniform random u32, u16, or u8 bounded by a
           certain open interval maximum, use prandom_u32_max()
      
           I say "non-uniform", because it doesn't do any rejection sampling
           or divisions. Hence, it stays within the prandom_*() namespace, not
           the get_random_*() namespace.
      
           I'm currently investigating a "uniform" function for 6.2. We'll see
           what comes of that.
      
        By applying these rules uniformly, we get several benefits:
      
         - By using prandom_u32_max() with an upper-bound that the compiler
           can prove at compile-time is ≤65536 or ≤256, internally
           get_random_u16() or get_random_u8() is used, which wastes fewer
           batched random bytes, and hence has higher throughput.
      
         - By using prandom_u32_max() instead of %, when the upper-bound is
           not a constant, division is still avoided, because
           prandom_u32_max() uses a faster multiplication-based trick instead.
      
         - By using get_random_u16() or get_random_u8() in cases where the
           return value is intended to indeed be a u16 or a u8, we waste fewer
           batched random bytes, and hence have higher throughput.
      
        This series was originally done by hand while I was on an airplane
        without Internet. Later, Kees and I worked on retroactively figuring
        out what could be done with Coccinelle and what had to be done
        manually, and then we split things up based on that.
      
        So while this touches a lot of files, the actual amount of code that's
        hand fiddled is comfortably small"
      
      * tag 'random-6.1-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random:
        prandom: remove unused functions
        treewide: use get_random_bytes() when possible
        treewide: use get_random_u32() when possible
        treewide: use get_random_{u8,u16}() when possible, part 2
        treewide: use get_random_{u8,u16}() when possible, part 1
        treewide: use prandom_u32_max() when possible, part 2
        treewide: use prandom_u32_max() when possible, part 1
      f1947d7c
    • Linus Torvalds's avatar
      Merge tag 'perf-tools-for-v6.1-2-2022-10-16' of... · 8636df94
      Linus Torvalds authored
      Merge tag 'perf-tools-for-v6.1-2-2022-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux
      
      Pull more perf tools updates from Arnaldo Carvalho de Melo:
      
       - Use BPF CO-RE (Compile Once, Run Everywhere) to support old kernels
         when using bperf (perf BPF based counters) with cgroups.
      
       - Support HiSilicon PCIe Performance Monitoring Unit (PMU), that
         monitors bandwidth, latency, bus utilization and buffer occupancy.
      
         Documented in Documentation/admin-guide/perf/hisi-pcie-pmu.rst.
      
       - User space tasks can migrate between CPUs, so when tracing selected
         CPUs, system-wide sideband is still needed, fix it in the setup of
         Intel PT on hybrid systems.
      
       - Fix metricgroups title message in 'perf list', it should state that
         the metrics groups are to be used with the '-M' option, not '-e'.
      
       - Sync the msr-index.h copy with the kernel sources, adding support for
         using "AMD64_TSC_RATIO" in filter expressions in 'perf trace' as well
         as decoding it when printing the MSR tracepoint arguments.
      
       - Fix program header size and alignment when generating a JIT ELF in
         'perf inject'.
      
       - Add multiple new Intel PT 'perf test' entries, including a jitdump
         one.
      
       - Fix the 'perf test' entries for 'perf stat' CSV and JSON output when
         running on PowerPC due to an invalid topology number in that arch.
      
       - Fix the 'perf test' for arm_coresight failures on the ARM Juno
         system.
      
       - Fix the 'perf test' attr entry for PERF_FORMAT_LOST, adding this
         option to the or expression expected in the intercepted
         perf_event_open() syscall.
      
       - Add missing condition flags ('hs', 'lo', 'vc', 'vs') for arm64 in the
         'perf annotate' asm parser.
      
       - Fix 'perf mem record -C' option processing, it was being chopped up
         when preparing the underlying 'perf record -e mem-events' and thus
         being ignored, requiring using '-- -C CPUs' as a workaround.
      
       - Improvements and tidy ups for 'perf test' shell infra.
      
       - Fix Intel PT information printing segfault in uClibc, where a NULL
         format was being passed to fprintf.
      
      * tag 'perf-tools-for-v6.1-2-2022-10-16' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (23 commits)
        tools arch x86: Sync the msr-index.h copy with the kernel sources
        perf auxtrace arm64: Add support for parsing HiSilicon PCIe Trace packet
        perf auxtrace arm64: Add support for HiSilicon PCIe Tune and Trace device driver
        perf auxtrace arm: Refactor event list iteration in auxtrace_record__init()
        perf tests stat+json_output: Include sanity check for topology
        perf tests stat+csv_output: Include sanity check for topology
        perf intel-pt: Fix system_wide dummy event for hybrid
        perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
        perf test: Fix attr tests for PERF_FORMAT_LOST
        perf test: test_intel_pt.sh: Add 9 tests
        perf inject: Fix GEN_ELF_TEXT_OFFSET for jit
        perf test: test_intel_pt.sh: Add jitdump test
        perf test: test_intel_pt.sh: Tidy some alignment
        perf test: test_intel_pt.sh: Print a message when skipping kernel tracing
        perf test: test_intel_pt.sh: Tidy some perf record options
        perf test: test_intel_pt.sh: Fix return checking again
        perf: Skip and warn on unknown format 'configN' attrs
        perf list: Fix metricgroups title message
        perf mem: Fix -C option behavior for perf mem record
        perf annotate: Add missing condition flags for arm64
        ...
      8636df94
    • Linus Torvalds's avatar
      Merge tag 'kbuild-fixes-v6.1' of... · 2df76606
      Linus Torvalds authored
      Merge tag 'kbuild-fixes-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
      
      Pull Kbuild fixes from Masahiro Yamada:
      
       - Fix CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y compile error for the
         combination of Clang >= 14 and GAS <= 2.35.
      
       - Drop vmlinux.bz2 from the rpm package as it just annoyingly increased
         the package size.
      
       - Fix modpost error under build environments using musl.
      
       - Make *.ll files keep value names for easier debugging
      
       - Fix single directory build
      
       - Prevent RISC-V from selecting the broken DWARF5 support when Clang
         and GAS are used together.
      
      * tag 'kbuild-fixes-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild:
        lib/Kconfig.debug: Add check for non-constant .{s,u}leb128 support to DWARF5
        kbuild: fix single directory build
        kbuild: add -fno-discard-value-names to cmd_cc_ll_c
        scripts/clang-tools: Convert clang-tidy args to list
        modpost: put modpost options before argument
        kbuild: Stop including vmlinux.bz2 in the rpm's
        Kconfig.debug: add toolchain checks for DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT
        Kconfig.debug: simplify the dependency of DEBUG_INFO_DWARF4/5
      2df76606
    • Linus Torvalds's avatar
      Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux · 2fcd8f10
      Linus Torvalds authored
      Pull more clk updates from Stephen Boyd:
       "This is the final part of the clk patches for this merge window.
      
        The clk rate range series needed another week to fully bake. Maxime
        fixed the bug that broke clk notifiers and prevented this from being
        included in the first pull request. He also added a unit test on top
        to make sure it doesn't break so easily again. The majority of the
        series fixes up how the clk_set_rate_*() APIs work, particularly
        around when the rate constraints are dropped and how they move around
        when reparenting clks. Overall it's a much needed improvement to the
        clk rate range APIs that used to be pretty broken if you looked
        sideways.
      
        Beyond the core changes there are a few driver fixes for a compilation
        issue or improper data causing clks to fail to register or have the
        wrong parents. These are good to get in before the first -rc so that
        the system actually boots on the affected devices"
      
      * tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux: (31 commits)
        clk: tegra: Fix Tegra PWM parent clock
        clk: at91: fix the build with binutils 2.27
        clk: qcom: gcc-msm8660: Drop hardcoded fixed board clocks
        clk: mediatek: clk-mux: Add .determine_rate() callback
        clk: tests: Add tests for notifiers
        clk: Update req_rate on __clk_recalc_rates()
        clk: tests: Add missing test case for ranges
        clk: qcom: clk-rcg2: Take clock boundaries into consideration for gfx3d
        clk: Introduce the clk_hw_get_rate_range function
        clk: Zero the clk_rate_request structure
        clk: Stop forwarding clk_rate_requests to the parent
        clk: Constify clk_has_parent()
        clk: Introduce clk_core_has_parent()
        clk: Switch from __clk_determine_rate to clk_core_round_rate_nolock
        clk: Add our request boundaries in clk_core_init_rate_req
        clk: Introduce clk_hw_init_rate_request()
        clk: Move clk_core_init_rate_req() from clk_core_round_rate_nolock() to its caller
        clk: Change clk_core_init_rate_req prototype
        clk: Set req_rate on reparenting
        clk: Take into account uncached clocks in clk_set_rate_range()
        ...
      2fcd8f10
    • Linus Torvalds's avatar
      Merge tag '6.1-rc-smb3-client-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6 · b08cd744
      Linus Torvalds authored
      Pull more cifs updates from Steve French:
      
       - fix a regression in guest mounts to old servers
      
       - improvements to directory leasing (caching directory entries safely
         beyond the root directory)
      
       - symlink improvement (reducing roundtrips needed to process symlinks)
      
       - an lseek fix (to problem where some dir entries could be skipped)
      
       - improved ioctl for returning more detailed information on directory
         change notifications
      
       - clarify multichannel interface query warning
      
       - cleanup fix (for better aligning buffers using ALIGN and round_up)
      
       - a compounding fix
      
       - fix some uninitialized variable bugs found by Coverity and the kernel
         test robot
      
      * tag '6.1-rc-smb3-client-fixes-part2' of git://git.samba.org/sfrench/cifs-2.6:
        smb3: improve SMB3 change notification support
        cifs: lease key is uninitialized in two additional functions when smb1
        cifs: lease key is uninitialized in smb1 paths
        smb3: must initialize two ACL struct fields to zero
        cifs: fix double-fault crash during ntlmssp
        cifs: fix static checker warning
        cifs: use ALIGN() and round_up() macros
        cifs: find and use the dentry for cached non-root directories also
        cifs: enable caching of directories for which a lease is held
        cifs: prevent copying past input buffer boundaries
        cifs: fix uninitialised var in smb2_compound_op()
        cifs: improve symlink handling for smb2+
        smb3: clarify multichannel warning
        cifs: fix regression in very old smb1 mounts
        cifs: fix skipping to incorrect offset in emit_cached_dirents
      b08cd744
    • Tetsuo Handa's avatar
      Revert "cpumask: fix checking valid cpu range". · 80493877
      Tetsuo Handa authored
      This reverts commit 78e5a339 ("cpumask: fix checking valid cpu range").
      
      syzbot is hitting WARN_ON_ONCE(cpu >= nr_cpumask_bits) warning at
      cpu_max_bits_warn() [1], for commit 78e5a339 ("cpumask: fix checking
      valid cpu range") is broken.  Obviously that patch hits WARN_ON_ONCE()
      when e.g.  reading /proc/cpuinfo because passing "cpu + 1" instead of
      "cpu" will trivially hit cpu == nr_cpumask_bits condition.
      
      Although syzbot found this problem in linux-next.git on 2022/09/27 [2],
      this problem was not fixed immediately.  As a result, that patch was
      sent to linux.git before the patch author recognizes this problem, and
      syzbot started failing to test changes in linux.git since 2022/10/10
      [3].
      
      Andrew Jones proposed a fix for x86 and riscv architectures [4].  But
      [2] and [5] indicate that affected locations are not limited to arch
      code.  More delay before we find and fix affected locations, less tested
      kernel (and more difficult to bisect and fix) before release.
      
      We should have inspected and fixed basically all cpumask users before
      applying that patch.  We should not crash kernels in order to ask
      existing cpumask users to update their code, even if limited to
      CONFIG_DEBUG_PER_CPU_MAPS=y case.
      
      Link: https://syzkaller.appspot.com/bug?extid=d0fd2bf0dd6da72496dd [1]
      Link: https://syzkaller.appspot.com/bug?extid=21da700f3c9f0bc40150 [2]
      Link: https://syzkaller.appspot.com/bug?extid=51a652e2d24d53e75734 [3]
      Link: https://lkml.kernel.org/r/20221014155845.1986223-1-ajones@ventanamicro.com [4]
      Link: https://syzkaller.appspot.com/bug?extid=4d46c43d81c3bd155060 [5]
      Reported-by: default avatarAndrew Jones <ajones@ventanamicro.com>
      Reported-by: syzbot+d0fd2bf0dd6da72496dd@syzkaller.appspotmail.com
      Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
      Cc: Yury Norov <yury.norov@gmail.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      80493877
    • Nathan Chancellor's avatar
      lib/Kconfig.debug: Add check for non-constant .{s,u}leb128 support to DWARF5 · 0a6de78c
      Nathan Chancellor authored
      When building with a RISC-V kernel with DWARF5 debug info using clang
      and the GNU assembler, several instances of the following error appear:
      
        /tmp/vgettimeofday-48aa35.s:2963: Error: non-constant .uleb128 is not supported
      
      Dumping the .s file reveals these .uleb128 directives come from
      .debug_loc and .debug_ranges:
      
        .Ldebug_loc0:
                .byte   4                               # DW_LLE_offset_pair
                .uleb128 .Lfunc_begin0-.Lfunc_begin0    #   starting offset
                .uleb128 .Ltmp1-.Lfunc_begin0           #   ending offset
                .byte   1                               # Loc expr size
                .byte   90                              # DW_OP_reg10
                .byte   0                               # DW_LLE_end_of_list
      
        .Ldebug_ranges0:
                .byte   4                               # DW_RLE_offset_pair
                .uleb128 .Ltmp6-.Lfunc_begin0           #   starting offset
                .uleb128 .Ltmp27-.Lfunc_begin0          #   ending offset
                .byte   4                               # DW_RLE_offset_pair
                .uleb128 .Ltmp28-.Lfunc_begin0          #   starting offset
                .uleb128 .Ltmp30-.Lfunc_begin0          #   ending offset
                .byte   0                               # DW_RLE_end_of_list
      
      There is an outstanding binutils issue to support a non-constant operand
      to .sleb128 and .uleb128 in GAS for RISC-V but there does not appear to
      be any movement on it, due to concerns over how it would work with
      linker relaxation.
      
      To avoid these build errors, prevent DWARF5 from being selected when
      using clang and an assembler that does not have support for these symbol
      deltas, which can be easily checked in Kconfig with as-instr plus the
      small test program from the dwz test suite from the binutils issue.
      
      Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27215
      Link: https://github.com/ClangBuiltLinux/linux/issues/1719Signed-off-by: default avatarNathan Chancellor <nathan@kernel.org>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      0a6de78c
    • Masahiro Yamada's avatar
      kbuild: fix single directory build · 3753af77
      Masahiro Yamada authored
      Commit f110e5a2 ("kbuild: refactor single builds of *.ko") was wrong.
      
      KBUILD_MODULES _is_ needed for single builds.
      
      Otherwise, "make foo/bar/baz/" does not build module objects at all.
      
      Fixes: f110e5a2 ("kbuild: refactor single builds of *.ko")
      Reported-by: default avatarDavid Sterba <dsterba@suse.cz>
      Signed-off-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Tested-by: default avatarDavid Sterba <dsterba@suse.com>
      3753af77
    • Linus Torvalds's avatar
      Merge tag 'slab-for-6.1-rc1-hotfix' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab · 1501278b
      Linus Torvalds authored
      Pull slab hotfix from Vlastimil Babka:
       "A single fix for the common-kmalloc series, for warnings on mips and
        sparc64 reported by Guenter Roeck"
      
      * tag 'slab-for-6.1-rc1-hotfix' of git://git.kernel.org/pub/scm/linux/kernel/git/vbabka/slab:
        mm/slab: use kmalloc_node() for off slab freelist_idx_t array allocation
      1501278b
  12. 15 Oct, 2022 10 commits
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of https://github.com/openrisc/linux · 36d8a3ed
      Linus Torvalds authored
      Pull OpenRISC updates from Stafford Horne:
       "I have relocated to London so not much work from me while I get
        settled.
      
        Still, OpenRISC picked up two patches in this window:
      
         - Fix for kernel page table walking from Jann Horn
      
         - MAINTAINER entry cleanup from Palmer Dabbelt"
      
      * tag 'for-linus' of https://github.com/openrisc/linux:
        MAINTAINERS: git://github -> https://github.com for openrisc
        openrisc: Fix pagewalk usage in arch_dma_{clear, set}_uncached
      36d8a3ed
    • Linus Torvalds's avatar
      Merge tag 'pci-v6.1-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci · 41410965
      Linus Torvalds authored
      Pull pci fix from Bjorn Helgaas:
       "Revert the attempt to distribute spare resources to unconfigured
        hotplug bridges at boot time.
      
        This fixed some dock hot-add scenarios, but Jonathan Cameron reported
        that it broke a topology with a multi-function device where one
        function was a Switch Upstream Port and the other was an Endpoint"
      
      * tag 'pci-v6.1-fixes-1' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
        Revert "PCI: Distribute available resources for root buses, too"
      41410965
    • Hyeonggon Yoo's avatar
      mm/slab: use kmalloc_node() for off slab freelist_idx_t array allocation · e36ce448
      Hyeonggon Yoo authored
      After commit d6a71648 ("mm/slab: kmalloc: pass requests larger than
      order-1 page to page allocator"), SLAB passes large ( > PAGE_SIZE * 2)
      requests to buddy like SLUB does.
      
      SLAB has been using kmalloc caches to allocate freelist_idx_t array for
      off slab caches. But after the commit, freelist_size can be bigger than
      KMALLOC_MAX_CACHE_SIZE.
      
      Instead of using pointer to kmalloc cache, use kmalloc_node() and only
      check if the kmalloc cache is off slab during calculate_slab_order().
      If freelist_size > KMALLOC_MAX_CACHE_SIZE, no looping condition happens
      as it allocates freelist_idx_t array directly from buddy.
      
      Link: https://lore.kernel.org/all/20221014205818.GA1428667@roeck-us.net/Reported-and-tested-by: default avatarGuenter Roeck <linux@roeck-us.net>
      Fixes: d6a71648 ("mm/slab: kmalloc: pass requests larger than order-1 page to page allocator")
      Signed-off-by: default avatarHyeonggon Yoo <42.hyeyoo@gmail.com>
      Signed-off-by: default avatarVlastimil Babka <vbabka@suse.cz>
      e36ce448
    • Palmer Dabbelt's avatar
      MAINTAINERS: git://github -> https://github.com for openrisc · 34a0bac0
      Palmer Dabbelt authored
      Github deprecated the git:// links about a year ago, so let's move to
      the https:// URLs instead.
      Reported-by: default avatarConor Dooley <conor.dooley@microchip.com>
      Link: https://github.blog/2021-09-01-improving-git-protocol-security-github/Signed-off-by: default avatarPalmer Dabbelt <palmer@rivosinc.com>
      Signed-off-by: default avatarStafford Horne <shorne@gmail.com>
      34a0bac0
    • Steve French's avatar
      smb3: improve SMB3 change notification support · e3e94634
      Steve French authored
      Change notification is a commonly supported feature by most servers,
      but the current ioctl to request notification when a directory is
      changed does not return the information about what changed
      (even though it is returned by the server in the SMB3 change
      notify response), it simply returns when there is a change.
      
      This ioctl improves upon CIFS_IOC_NOTIFY by returning the notify
      information structure which includes the name of the file(s) that
      changed and why. See MS-SMB2 2.2.35 for details on the individual
      filter flags and the file_notify_information structure returned.
      
      To use this simply pass in the following (with enough space
      to fit at least one file_notify_information structure)
      
      struct __attribute__((__packed__)) smb3_notify {
             uint32_t completion_filter;
             bool     watch_tree;
             uint32_t data_len;
             uint8_t  data[];
      } __packed;
      
      using CIFS_IOC_NOTIFY_INFO 0xc009cf0b
       or equivalently _IOWR(CIFS_IOCTL_MAGIC, 11, struct smb3_notify_info)
      
      The ioctl will block until the server detects a change to that
      directory or its subdirectories (if watch_tree is set).
      Acked-by: default avatarPaulo Alcantara (SUSE) <pc@cjr.nz>
      Acked-by: default avatarRonnie Sahlberg <lsahlber@redhat.com>
      Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
      e3e94634
    • Steve French's avatar
      cifs: lease key is uninitialized in two additional functions when smb1 · 2bff0659
      Steve French authored
      cifs_open and _cifsFileInfo_put also end up with lease_key uninitialized
      in smb1 mounts.  It is cleaner to set lease key to zero in these
      places where leases are not supported (smb1 can not return lease keys
      so the field was uninitialized).
      
      Addresses-Coverity: 1514207 ("Uninitialized scalar variable")
      Addresses-Coverity: 1514331 ("Uninitialized scalar variable")
      Reviewed-by: default avatarPaulo Alcantara (SUSE) <pc@cjr.nz>
      Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
      2bff0659
    • Steve French's avatar
      cifs: lease key is uninitialized in smb1 paths · 625b60d4
      Steve French authored
      It is cleaner to set lease key to zero in the places where leases are not
      supported (smb1 can not return lease keys so the field was uninitialized).
      
      Addresses-Coverity: 1513994 ("Uninitialized scalar variable")
      Reviewed-by: default avatarPaulo Alcantara (SUSE) <pc@cjr.nz>
      Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
      625b60d4
    • Steve French's avatar
      smb3: must initialize two ACL struct fields to zero · f09bd695
      Steve French authored
      Coverity spotted that we were not initalizing Stbz1 and Stbz2 to
      zero in create_sd_buf.
      
      Addresses-Coverity: 1513848 ("Uninitialized scalar variable")
      Cc: <stable@vger.kernel.org>
      Reviewed-by: default avatarPaulo Alcantara (SUSE) <pc@cjr.nz>
      Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
      f09bd695
    • Paulo Alcantara's avatar
      cifs: fix double-fault crash during ntlmssp · b854b4ee
      Paulo Alcantara authored
      The crash occurred because we were calling memzero_explicit() on an
      already freed sess_data::iov[1] (ntlmsspblob) in sess_free_buffer().
      
      Fix this by not calling memzero_explicit() on sess_data::iov[1] as
      it's already by handled by callers.
      
      Fixes: a4e430c8 ("cifs: replace kfree() with kfree_sensitive() for sensitive data")
      Reviewed-by: default avatarEnzo Matsumiya <ematsumiya@suse.de>
      Signed-off-by: default avatarPaulo Alcantara (SUSE) <pc@cjr.nz>
      Signed-off-by: default avatarSteve French <stfrench@microsoft.com>
      b854b4ee
    • Arnaldo Carvalho de Melo's avatar
      tools arch x86: Sync the msr-index.h copy with the kernel sources · a3a36565
      Arnaldo Carvalho de Melo authored
      To pick up the changes in:
      
        b8d1d163 ("x86/apic: Don't disable x2APIC if locked")
        ca5b7c0d ("perf/x86/amd/lbr: Add LbrExtV2 branch record support")
      
      Addressing these tools/perf build warnings:
      
          diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h
          Warning: Kernel ABI header at 'tools/arch/x86/include/asm/msr-index.h' differs from latest version at 'arch/x86/include/asm/msr-index.h'
      
      That makes the beautification scripts to pick some new entries:
      
        $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > before
        $ cp arch/x86/include/asm/msr-index.h tools/arch/x86/include/asm/msr-index.h
        $ tools/perf/trace/beauty/tracepoints/x86_msr.sh > after
        $ diff -u before after
        --- before	2022-10-14 18:06:34.294561729 -0300
        +++ after	2022-10-14 18:06:41.285744044 -0300
        @@ -264,6 +264,7 @@
         	[0xc0000102 - x86_64_specific_MSRs_offset] = "KERNEL_GS_BASE",
         	[0xc0000103 - x86_64_specific_MSRs_offset] = "TSC_AUX",
         	[0xc0000104 - x86_64_specific_MSRs_offset] = "AMD64_TSC_RATIO",
        +	[0xc000010e - x86_64_specific_MSRs_offset] = "AMD64_LBR_SELECT",
         	[0xc000010f - x86_64_specific_MSRs_offset] = "AMD_DBG_EXTN_CFG",
         	[0xc0000300 - x86_64_specific_MSRs_offset] = "AMD64_PERF_CNTR_GLOBAL_STATUS",
         	[0xc0000301 - x86_64_specific_MSRs_offset] = "AMD64_PERF_CNTR_GLOBAL_CTL",
        $
      
      Now one can trace systemwide asking to see backtraces to where that MSR
      is being read/written, see this example with a previous update:
      
        # perf trace -e msr:*_msr/max-stack=32/ --filter="msr>=IA32_U_CET && msr<=IA32_INT_SSP_TAB"
        ^C#
      
      If we use -v (verbose mode) we can see what it does behind the scenes:
      
        # perf trace -v -e msr:*_msr/max-stack=32/ --filter="msr>=IA32_U_CET && msr<=IA32_INT_SSP_TAB"
        Using CPUID AuthenticAMD-25-21-0
        0x6a0
        0x6a8
        New filter for msr:read_msr: (msr>=0x6a0 && msr<=0x6a8) && (common_pid != 597499 && common_pid != 3313)
        0x6a0
        0x6a8
        New filter for msr:write_msr: (msr>=0x6a0 && msr<=0x6a8) && (common_pid != 597499 && common_pid != 3313)
        mmap size 528384B
        ^C#
      
      Example with a frequent msr:
      
        # perf trace -v -e msr:*_msr/max-stack=32/ --filter="msr==IA32_SPEC_CTRL" --max-events 2
        Using CPUID AuthenticAMD-25-21-0
        0x48
        New filter for msr:read_msr: (msr==0x48) && (common_pid != 2612129 && common_pid != 3841)
        0x48
        New filter for msr:write_msr: (msr==0x48) && (common_pid != 2612129 && common_pid != 3841)
        mmap size 528384B
        Looking at the vmlinux_path (8 entries long)
        symsrc__init: build id mismatch for vmlinux.
        Using /proc/kcore for kernel data
        Using /proc/kallsyms for symbols
           0.000 Timer/2525383 msr:write_msr(msr: IA32_SPEC_CTRL, val: 6)
                                             do_trace_write_msr ([kernel.kallsyms])
                                             do_trace_write_msr ([kernel.kallsyms])
                                             __switch_to_xtra ([kernel.kallsyms])
                                             __switch_to ([kernel.kallsyms])
                                             __schedule ([kernel.kallsyms])
                                             schedule ([kernel.kallsyms])
                                             futex_wait_queue_me ([kernel.kallsyms])
                                             futex_wait ([kernel.kallsyms])
                                             do_futex ([kernel.kallsyms])
                                             __x64_sys_futex ([kernel.kallsyms])
                                             do_syscall_64 ([kernel.kallsyms])
                                             entry_SYSCALL_64_after_hwframe ([kernel.kallsyms])
                                             __futex_abstimed_wait_common64 (/usr/lib64/libpthread-2.33.so)
           0.030 :0/0 msr:write_msr(msr: IA32_SPEC_CTRL, val: 2)
                                             do_trace_write_msr ([kernel.kallsyms])
                                             do_trace_write_msr ([kernel.kallsyms])
                                             __switch_to_xtra ([kernel.kallsyms])
                                             __switch_to ([kernel.kallsyms])
                                             __schedule ([kernel.kallsyms])
                                             schedule_idle ([kernel.kallsyms])
                                             do_idle ([kernel.kallsyms])
                                             cpu_startup_entry ([kernel.kallsyms])
                                             secondary_startup_64_no_verify ([kernel.kallsyms])
        #
      
      Cc: Adrian Hunter <adrian.hunter@intel.com>
      Cc: Daniel Sneddon <daniel.sneddon@linux.intel.com>
      Cc: Dave Hansen <dave.hansen@linux.intel.com>
      Cc: Ian Rogers <irogers@google.com>
      Cc: Jiri Olsa <jolsa@kernel.org>
      Cc: Namhyung Kim <namhyung@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Sandipan Das <sandipan.das@amd.com>
      Link: https://lore.kernel.org/lkml/Y0nQkz2TUJxwfXJd@kernel.orgSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      a3a36565