1. 27 Nov, 2018 40 commits
    • Julian Wiedmann's avatar
      s390/qeth: unregister netdevice only when registered · 99b9de47
      Julian Wiedmann authored
      [ Upstream commit 30356d08 ]
      
      qeth only registers its netdevice when the qeth device is first set
      online. Thus a device that has never been set online will trigger
      a WARN ("network todo 'hsi%d' but state 0") in unregister_netdev() when
      removed.
      
      Fix this by protecting the unregister step, just like we already protect
      against repeated registering of the netdevice.
      
      Fixes: d3d1b205 ("s390/qeth: allocate netdevice early")
      Reported-by: default avatarKarsten Graul <kgraul@linux.ibm.com>
      Signed-off-by: default avatarJulian Wiedmann <jwi@linux.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      99b9de47
    • Julian Wiedmann's avatar
      s390/qeth: fix HiperSockets sniffer · d005b563
      Julian Wiedmann authored
      [ Upstream commit bd74a7f9 ]
      
      Sniffing mode for L3 HiperSockets requires that no IP addresses are
      registered with the HW. The preferred way to achieve this is for
      userspace to delete all the IPs on the interface. But qeth is expected
      to also tolerate a configuration where that is not the case, by skipping
      the IP registration when in sniffer mode.
      Since commit 5f78e29c ("qeth: optimize IP handling in rx_mode callback")
      reworked the IP registration logic in the L3 subdriver, this no longer
      works. When the qeth device is set online, qeth_l3_recover_ip() now
      unconditionally registers all unicast addresses from our internal
      IP table.
      
      While we could fix this particular problem by skipping
      qeth_l3_recover_ip() on a sniffer device, the more future-proof change
      is to skip the IP address registration at the lowest level. This way we
      a) catch any future code path that attempts to register an IP address
         without considering the sniffer scenario, and
      b) continue to build up our internal IP table, so that if sniffer mode
         is switched off later we can operate just like normal.
      
      Fixes: 5f78e29c ("qeth: optimize IP handling in rx_mode callback")
      Signed-off-by: default avatarJulian Wiedmann <jwi@linux.ibm.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      d005b563
    • Florian Westphal's avatar
      netfilter: nft_compat: ebtables 'nat' table is normal chain type · 1cf11e7c
      Florian Westphal authored
      [ Upstream commit e4844c9c ]
      
      Unlike ip(6)tables, the ebtables nat table has no special properties.
      This bug causes 'ebtables -A' to fail when using a target such as
      'snat' (ebt_snat target sets ".table = "nat"').  Targets that have
      no table restrictions work fine.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      1cf11e7c
    • Jozsef Kadlecsik's avatar
      netfilter: ipset: Fix calling ip_set() macro at dumping · 2f6bf791
      Jozsef Kadlecsik authored
      [ Upstream commit 8a02bdd5 ]
      
      The ip_set() macro is called when either ip_set_ref_lock held only
      or no lock/nfnl mutex is held at dumping. Take this into account
      properly. Also, use Pablo's suggestion to use rcu_dereference_raw(),
      the ref_netlink protects the set.
      Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      2f6bf791
    • Taehee Yoo's avatar
      netfilter: xt_IDLETIMER: add sysfs filename checking routine · e8b258ce
      Taehee Yoo authored
      [ Upstream commit 54451f60 ]
      
      When IDLETIMER rule is added, sysfs file is created under
      /sys/class/xt_idletimer/timers/
      But some label name shouldn't be used.
      ".", "..", "power", "uevent", "subsystem", etc...
      So that sysfs filename checking routine is needed.
      
      test commands:
         %iptables -I INPUT -j IDLETIMER --timeout 1 --label "power"
      
      splat looks like:
      [95765.423132] sysfs: cannot create duplicate filename '/devices/virtual/xt_idletimer/timers/power'
      [95765.433418] CPU: 0 PID: 8446 Comm: iptables Not tainted 4.19.0-rc6+ #20
      [95765.449755] Call Trace:
      [95765.449755]  dump_stack+0xc9/0x16b
      [95765.449755]  ? show_regs_print_info+0x5/0x5
      [95765.449755]  sysfs_warn_dup+0x74/0x90
      [95765.449755]  sysfs_add_file_mode_ns+0x352/0x500
      [95765.449755]  sysfs_create_file_ns+0x179/0x270
      [95765.449755]  ? sysfs_add_file_mode_ns+0x500/0x500
      [95765.449755]  ? idletimer_tg_checkentry+0x3e5/0xb1b [xt_IDLETIMER]
      [95765.449755]  ? rcu_read_lock_sched_held+0x114/0x130
      [95765.449755]  ? __kmalloc_track_caller+0x211/0x2b0
      [95765.449755]  ? memcpy+0x34/0x50
      [95765.449755]  idletimer_tg_checkentry+0x4e2/0xb1b [xt_IDLETIMER]
      [ ... ]
      
      Fixes: 0902b469 ("netfilter: xtables: idletimer target implementation")
      Signed-off-by: default avatarTaehee Yoo <ap420073@gmail.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      e8b258ce
    • Jozsef Kadlecsik's avatar
      netfilter: ipset: Correct rcu_dereference() call in ip_set_put_comment() · e395c9d2
      Jozsef Kadlecsik authored
      [ Upstream commit 17b8b74c ]
      
      The function is called when rcu_read_lock() is held and not
      when rcu_read_lock_bh() is held.
      Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      e395c9d2
    • Daniel Borkmann's avatar
      bpf: fix bpf_prog_get_info_by_fd to return 0 func_lens for unpriv · 1a7ccf42
      Daniel Borkmann authored
      [ Upstream commit 28c2fae7 ]
      
      While dbecd738 ("bpf: get kernel symbol addresses via syscall")
      zeroed info.nr_jited_ksyms in bpf_prog_get_info_by_fd() for queries
      from unprivileged users, commit 815581c1 ("bpf: get JITed image
      lengths of functions via syscall") forgot about doing so and therefore
      returns the #elems of the user set up buffer which is incorrect. It
      also needs to indicate a info.nr_jited_func_lens of zero.
      
      Fixes: 815581c1 ("bpf: get JITed image lengths of functions via syscall")
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Cc: Sandipan Das <sandipan@linux.vnet.ibm.com>
      Cc: Song Liu <songliubraving@fb.com>
      Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      1a7ccf42
    • Justin M. Forbes's avatar
      s390/mm: Fix ERROR: "__node_distance" undefined! · 5e4ad7ce
      Justin M. Forbes authored
      [ Upstream commit a541f0eb ]
      
      Fixes:
      ERROR: "__node_distance" [drivers/nvme/host/nvme-core.ko] undefined!
      make[1]: *** [scripts/Makefile.modpost:92: __modpost] Error 1
      make: *** [Makefile:1275: modules] Error 2
      + exit 1
      Signed-off-by: default avatarJustin M. Forbes <jforbes@fedoraproject.org>
      Signed-off-by: default avatarHeiko Carstens <heiko.carstens@de.ibm.com>
      Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      5e4ad7ce
    • Martin Schwidefsky's avatar
      s390/mm: fix mis-accounting of pgtable_bytes · 4136161d
      Martin Schwidefsky authored
      [ Upstream commit e12e4044 ]
      
      In case a fork or a clone system fails in copy_process and the error
      handling does the mmput() at the bad_fork_cleanup_mm label, the
      following warning messages will appear on the console:
      
        BUG: non-zero pgtables_bytes on freeing mm: 16384
      
      The reason for that is the tricks we play with mm_inc_nr_puds() and
      mm_inc_nr_pmds() in init_new_context().
      
      A normal 64-bit process has 3 levels of page table, the p4d level and
      the pud level are folded. On process termination the free_pud_range()
      function in mm/memory.c will subtract 16KB from pgtable_bytes with a
      mm_dec_nr_puds() call, but there actually is not really a pud table.
      
      One issue with this is the fact that pgtable_bytes is usually off
      by a few kilobytes, but the more severe problem is that for a failed
      fork or clone the free_pgtables() function is not called. In this case
      there is no mm_dec_nr_puds() or mm_dec_nr_pmds() that go together with
      the mm_inc_nr_puds() and mm_inc_nr_pmds in init_new_context().
      The pgtable_bytes will be off by 16384 or 32768 bytes and we get the
      BUG message. The message itself is purely cosmetic, but annoying.
      
      To fix this override the mm_pmd_folded, mm_pud_folded and mm_p4d_folded
      function to check for the true size of the address space.
      Reported-by: default avatarLi Wang <liwang@redhat.com>
      Tested-by: default avatarLi Wang <liwang@redhat.com>
      Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      4136161d
    • Andrey Ryabinin's avatar
      netfilter: ipset: fix ip_set_list allocation failure · 97fdf29f
      Andrey Ryabinin authored
      [ Upstream commit ed956f39 ]
      
      ip_set_create() and ip_set_net_init() attempt to allocate physically
      contiguous memory for ip_set_list. If memory is fragmented, the
      allocations could easily fail:
      
              vzctl: page allocation failure: order:7, mode:0xc0d0
      
              Call Trace:
               dump_stack+0x19/0x1b
               warn_alloc_failed+0x110/0x180
               __alloc_pages_nodemask+0x7bf/0xc60
               alloc_pages_current+0x98/0x110
               kmalloc_order+0x18/0x40
               kmalloc_order_trace+0x26/0xa0
               __kmalloc+0x279/0x290
               ip_set_net_init+0x4b/0x90 [ip_set]
               ops_init+0x3b/0xb0
               setup_net+0xbb/0x170
               copy_net_ns+0xf1/0x1c0
               create_new_namespaces+0xf9/0x180
               copy_namespaces+0x8e/0xd0
               copy_process+0xb61/0x1a00
               do_fork+0x91/0x320
      
      Use kvcalloc() to fallback to 0-order allocations if high order
      page isn't available.
      Signed-off-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
      Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      97fdf29f
    • Eric Westbrook's avatar
      netfilter: ipset: actually allow allowable CIDR 0 in hash:net,port,net · cb3e590d
      Eric Westbrook authored
      [ Upstream commit 886503f3 ]
      
      Allow /0 as advertised for hash:net,port,net sets.
      
      For "hash:net,port,net", ipset(8) says that "either subnet
      is permitted to be a /0 should you wish to match port
      between all destinations."
      
      Make that statement true.
      
      Before:
      
          # ipset create cidrzero hash:net,port,net
          # ipset add cidrzero 0.0.0.0/0,12345,0.0.0.0/0
          ipset v6.34: The value of the CIDR parameter of the IP address is invalid
      
          # ipset create cidrzero6 hash:net,port,net family inet6
          # ipset add cidrzero6 ::/0,12345,::/0
          ipset v6.34: The value of the CIDR parameter of the IP address is invalid
      
      After:
      
          # ipset create cidrzero hash:net,port,net
          # ipset add cidrzero 0.0.0.0/0,12345,0.0.0.0/0
          # ipset test cidrzero 192.168.205.129,12345,172.16.205.129
          192.168.205.129,tcp:12345,172.16.205.129 is in set cidrzero.
      
          # ipset create cidrzero6 hash:net,port,net family inet6
          # ipset add cidrzero6 ::/0,12345,::/0
          # ipset test cidrzero6 fe80::1,12345,ff00::1
          fe80::1,tcp:12345,ff00::1 is in set cidrzero6.
      
      See also:
      
        https://bugzilla.kernel.org/show_bug.cgi?id=200897
        https://github.com/ewestbrook/linux/commit/df7ff6efb0934ab6acc11f003ff1a7580d6c1d9cSigned-off-by: default avatarEric Westbrook <linux@westbrook.io>
      Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      cb3e590d
    • Stefano Brivio's avatar
      netfilter: ipset: list:set: Decrease refcount synchronously on deletion and replace · c75116e6
      Stefano Brivio authored
      [ Upstream commit 439cd39e ]
      
      Commit 45040978 ("netfilter: ipset: Fix set:list type crash
      when flush/dump set in parallel") postponed decreasing set
      reference counters to the RCU callback.
      
      An 'ipset del' command can terminate before the RCU grace period
      is elapsed, and if sets are listed before then, the reference
      counter shown in userspace will be wrong:
      
       # ipset create h hash:ip; ipset create l list:set; ipset add l
       # ipset del l h; ipset list h
       Name: h
       Type: hash:ip
       Revision: 4
       Header: family inet hashsize 1024 maxelem 65536
       Size in memory: 88
       References: 1
       Number of entries: 0
       Members:
       # sleep 1; ipset list h
       Name: h
       Type: hash:ip
       Revision: 4
       Header: family inet hashsize 1024 maxelem 65536
       Size in memory: 88
       References: 0
       Number of entries: 0
       Members:
      
      Fix this by making the reference count update synchronous again.
      
      As a result, when sets are listed, ip_set_name_byindex() might
      now fetch a set whose reference count is already zero. Instead
      of relying on the reference count to protect against concurrent
      set renaming, grab ip_set_ref_lock as reader and copy the name,
      while holding the same lock in ip_set_rename() as writer
      instead.
      Reported-by: default avatarLi Shuang <shuali@redhat.com>
      Fixes: 45040978 ("netfilter: ipset: Fix set:list type crash when flush/dump set in parallel")
      Signed-off-by: default avatarStefano Brivio <sbrivio@redhat.com>
      Signed-off-by: default avatarJozsef Kadlecsik <kadlec@blackhole.kfki.hu>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      c75116e6
    • Pablo Neira Ayuso's avatar
      Revert "netfilter: nft_numgen: add map lookups for numgen random operations" · fecf70b1
      Pablo Neira Ayuso authored
      [ Upstream commit 4269fea7 ]
      
      Laura found a better way to do this from userspace without requiring
      kernel infrastructure, revert this.
      
      Fixes: 978d8f90 ("netfilter: nft_numgen: add map lookups for numgen random operations")
      Signed-off-by: default avatarLaura Garcia Liebana <nevola@gmail.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      fecf70b1
    • Benjamin Tissoires's avatar
      HID: alps: allow incoming reports when only the trackstick is opened · 67b261d7
      Benjamin Tissoires authored
      [ Upstream commit 7dd8db68 ]
      
      If userspace only reads the trackstick node, and no one is listening to
      the touchpad nor the hidraw node then, the device is not powered on.
      
      Add open/close callbacks to allow users to disable the touchpad in Gnome
      while keeping the trackstick active.
      
      Link: https://bugzilla.redhat.com/show_bug.cgi?id=1559632
      Link: https://gitlab.gnome.org/GNOME/mutter/issues/128Signed-off-by: default avatarBenjamin Tissoires <benjamin.tissoires@redhat.com>
      Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      67b261d7
    • Benjamin Tissoires's avatar
      Revert "HID: add NOGET quirk for Eaton Ellipse MAX UPS" · 3b7b2382
      Benjamin Tissoires authored
      [ Upstream commit 6298944d ]
      
      This reverts commit 67ddbb3e.
      
      67ddbb3e ("HID: add NOGET quirk for Eaton Ellipse MAX UPS") was reported
      by Laurent Bigonville. It turns out that a later model Laurent got
      doesn't need the quirk after all.
      
      My take is that Eaton upgraded their firmwares, so we don't need it
      anymore.
      
      The old model was from 2012, so better make sure the new line works
      properly by removing the quirk. This allows upower to actually fetch
      the current data.
      Reported-by: default avatarLaurent Bigonville <bigon@bigon.be>
      Signed-off-by: default avatarBenjamin Tissoires <benjamin.tissoires@redhat.com>
      Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      3b7b2382
    • Kai-Heng Feng's avatar
      HID: i2c-hid: Add a small delay after sleep command for Raydium touchpanel · 48d49b63
      Kai-Heng Feng authored
      [ Upstream commit 00b790ea ]
      
      Raydium touchpanel (2386:4B33) sometimes does not work in desktop session
      although it works in display manager.
      
      During user logging, the display manager exits, close the HID device,
      then the device gets runtime suspended and powered off. The desktop
      session begins shortly after, opens the HID device, then the device gets
      runtime resumed and powered on.
      
      If the trasition from display manager to desktop sesesion is fast, the
      touchpanel cannot switch from powered off to powered on in short
      timeframe. So add a small delay to workaround the issue.
      Signed-off-by: default avatarKai-Heng Feng <kai.heng.feng@canonical.com>
      Reviewed-by: default avatarBenjamin Tissoires <benjamin.tissoires@redhat.com>
      Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      48d49b63
    • Vasily Gorbik's avatar
      s390/vdso: add missing FORCE to build targets · 1d5dfce7
      Vasily Gorbik authored
      [ Upstream commit b44b136a ]
      
      According to Documentation/kbuild/makefiles.txt all build targets using
      if_changed should use FORCE as well. Add missing FORCE to make sure
      vdso targets are rebuild properly when not just immediate prerequisites
      have changed but also when build command differs.
      Reviewed-by: default avatarPhilipp Rudo <prudo@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      1d5dfce7
    • Vasily Gorbik's avatar
      s390/decompressor: add missing FORCE to build targets · 9b2d5118
      Vasily Gorbik authored
      [ Upstream commit ef5febae ]
      
      According to Documentation/kbuild/makefiles.txt all build targets
      using if_changed should use FORCE as well. Add missing FORCE to make
      sure vmlinux decompressor targets are rebuild properly when not just
      immediate prerequisites have changed but also when build command differs.
      Reviewed-by: default avatarPhilipp Rudo <prudo@linux.ibm.com>
      Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
      Signed-off-by: default avatarMartin Schwidefsky <schwidefsky@de.ibm.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      9b2d5118
    • Jiri Slaby's avatar
      netfilter: bridge: define INT_MIN & INT_MAX in userspace · a3123502
      Jiri Slaby authored
      [ Upstream commit 5a8de47b ]
      
      With 4.19, programs like ebtables fail to build when they include
      "linux/netfilter_bridge.h". It is caused by commit 94276fa8 which
      added a use of INT_MIN and INT_MAX to the header:
      : In file included from /usr/include/linux/netfilter_bridge/ebtables.h:18,
      :                  from include/ebtables_u.h:28,
      :                  from communication.c:23:
      : /usr/include/linux/netfilter_bridge.h:30:20: error: 'INT_MIN' undeclared here (not in a function)
      :   NF_BR_PRI_FIRST = INT_MIN,
      :                     ^~~~~~~
      
      Define these constants by including "limits.h" when !__KERNEL__ (the
      same way as for other netfilter_* headers).
      
      Fixes: 94276fa8 ("netfilter: bridge: Expose nf_tables bridge hook priorities through uapi")
      Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
      Acked-by: default avatarMáté Eckl <ecklm94@gmail.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      a3123502
    • Florian Westphal's avatar
      netfilter: ipv6: fix oops when defragmenting locally generated fragments · 84ed07d9
      Florian Westphal authored
      [ Upstream commit 61792b67 ]
      
      Unlike ipv4 and normal ipv6 defrag, netfilter ipv6 defragmentation did
      not save/restore skb->dst.
      
      This causes oops when handling locally generated ipv6 fragments, as
      output path needs a valid dst.
      Reported-by: default avatarMaciej Żenczykowski <zenczykowski@gmail.com>
      Fixes: 84379c9a ("netfilter: ipv6: nf_defrag: drop skb dst before queueing")
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      84ed07d9
    • Geert Uytterhoeven's avatar
      serial: sh-sci: Fix receive on SCIFA/SCIFB variants with DMA · c2c72619
      Geert Uytterhoeven authored
      [ Upstream commit 202dc3cc ]
      
      On SCIFA and SCIFB serial ports with DMA support (i.e. some ports on
      R-Car Gen2 and RZ/G1 SoCs), receive DMA operations are submitted before
      the DMA channel pointer is initialized.  Hence this fails, and the
      driver tries to fall back to PIO.  However, at this early phase in the
      initialization sequence, fallback to PIO does not work, leading to a
      serial port that cannot receive any data.
      
      Fix this by calling sci_submit_rx() after initialization of the DMA
      channel pointer.
      Reported-by: default avatarYoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com>
      Fixes: 2c4ee235 ("serial: sh-sci: Postpone DMA release when falling back to PIO")
      Signed-off-by: default avatarGeert Uytterhoeven <geert+renesas@glider.be>
      Reviewed-by: default avatarWolfram Sang <wsa+renesas@sang-engineering.com>
      Tested-by: default avatarWolfram Sang <wsa+renesas@sang-engineering.com>
      Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      c2c72619
    • Johan Hovold's avatar
      clk: ti: fix OF child-node lookup · 459852bf
      Johan Hovold authored
      [ Upstream commit 00a461cc ]
      
      Fix child-node lookup which by using the wrong OF helper was searching
      the whole tree depth-first, something which could end up matching an
      unrelated node.
      
      Also fix the related node-reference leaks.
      
      Fixes: 5b385a45 ("clk: ti: add support for clkctrl aliases")
      Signed-off-by: default avatarJohan Hovold <johan@kernel.org>
      Acked-by: default avatarTero Kristo <t-kristo@ti.com>
      Signed-off-by: default avatarStephen Boyd <sboyd@kernel.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      459852bf
    • Phil Edworthy's avatar
      clk: renesas: r9a06g032: Fix UART34567 clock rate · 1e5ac602
      Phil Edworthy authored
      [ Upstream commit ee02950d ]
      
      The clock for UARTs 0 through 2 is UART012, the clock for UARTs 3 through
      7 is UART34567.
      For UART012, we stop the clock driver from changing the clock rate. This
      is because the Synopsys UART driver simply sets the reference clock to 16x
      the baud rate, but doesn't check if the actual rate is within the required
      tolerance. The RZ/N1 clock divider can't provide this (we have to rely on
      the UART's internal divider to set the correct clock rate), so you end up
      with a clock rate that is way off what you wanted.
      
      In addition, since the clock is shared between multiple UARTs, you don't
      want the driver trying to change the clock rate as it may affect the other
      UARTs (which may not have been configured yet, so you don't know what baud
      rate they will use). Normally, the clock rate is set early on before Linux
      to some very high rate that supports all of the clock rates you want.
      
      This change stops the UART34567 clock rate from changing for the same
      reasons.
      Signed-off-by: default avatarPhil Edworthy <phil.edworthy@renesas.com>
      Fixes: 4c3d8852 ("clk: renesas: Renesas R9A06G032 clock driver")
      Signed-off-by: default avatarGeert Uytterhoeven <geert+renesas@glider.be>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      1e5ac602
    • Jerome Brunet's avatar
      clk: meson: clk-pll: drop CLK_GET_RATE_NOCACHE where unnecessary · a178c7ab
      Jerome Brunet authored
      [ Upstream commit 2303a9ca ]
      
      CLK_GET_RATE_NOCACHE should only be necessary when the registers
      controlling the rate of clock may change outside of CCF. On Amlogic,
      it should only be the case for the hdmi pll which is directly controlled
      by the display driver (WIP to fix this).
      
      The other plls should not require this flag.
      Reviewed-by: default avatarMartin Blumenstingl <martin.blumenstingl@googlemail.com>
      Tested-by: default avatarMartin Blumenstingl <martin.blumenstingl@googlemail.com>
      Signed-off-by: default avatarJerome Brunet <jbrunet@baylibre.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      a178c7ab
    • Nathan Chancellor's avatar
      arm64: percpu: Initialize ret in the default case · ee9b3813
      Nathan Chancellor authored
      [ Upstream commit b5bb4258 ]
      
      Clang warns that if the default case is taken, ret will be
      uninitialized.
      
      ./arch/arm64/include/asm/percpu.h:196:2: warning: variable 'ret' is used
      uninitialized whenever switch default is taken
      [-Wsometimes-uninitialized]
              default:
              ^~~~~~~
      ./arch/arm64/include/asm/percpu.h:200:9: note: uninitialized use occurs
      here
              return ret;
                     ^~~
      ./arch/arm64/include/asm/percpu.h:157:19: note: initialize the variable
      'ret' to silence this warning
              unsigned long ret, loop;
                               ^
                                = 0
      
      This warning appears several times while building the erofs filesystem.
      While it's not strictly wrong, the BUILD_BUG will prevent this from
      becoming a true problem. Initialize ret to 0 in the default case right
      before the BUILD_BUG to silence all of these warnings.
      Reported-by: default avatarPrasad Sodagudi <psodagud@codeaurora.org>
      Signed-off-by: default avatarNathan Chancellor <natechancellor@gmail.com>
      Reviewed-by: default avatarNick Desaulniers <ndesaulniers@google.com>
      Signed-off-by: default avatarDennis Zhou <dennis@kernel.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      ee9b3813
    • Yixun Lan's avatar
      clk: meson-axg: pcie: drop the mpll3 clock parent · e252c95d
      Yixun Lan authored
      [ Upstream commit 69b93104 ]
      
      We found the PCIe driver doesn't really work with
      the mpll3 clock which is actually reserved for debug,
      So drop it from the mux list.
      
      Fixes: 33b89db68236 ("clk: meson-axg: add clocks required by pcie driver")
      Tested-by: default avatarJianxin Qin <jianxin.qin@amlogic.com>
      Signed-off-by: default avatarYixun Lan <yixun.lan@amlogic.com>
      Signed-off-by: default avatarJerome Brunet <jbrunet@baylibre.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      e252c95d
    • Paul Gortmaker's avatar
      platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 · e28f4634
      Paul Gortmaker authored
      [ Upstream commit 684238d7 ]
      
      To fix:
      
        acerhdf: unknown (unsupported) BIOS version Gateway  /LT31   /v1.3307 , please report, aborting!
      
      As can be seen in the context, the BIOS registers haven't changed in
      the previous versions, so the assumption is they won't have changed
      in this last update for this somewhat older platform either.
      
      Cc: Peter Feuerer <peter@piie.net>
      Cc: Darren Hart <dvhart@infradead.org>
      Cc: Andy Shevchenko <andy@infradead.org>
      Signed-off-by: default avatarPaul Gortmaker <paul.gortmaker@windriver.com>
      Signed-off-by: default avatarAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      Reviewed-by: default avatarPeter Feuerer <peter@piie.net>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      e28f4634
    • Feng Tang's avatar
      x86/earlyprintk: Add a force option for pciserial device · 9f0e46bf
      Feng Tang authored
      [ Upstream commit d2266bbf ]
      
      The "pciserial" earlyprintk variant helps much on many modern x86
      platforms, but unfortunately there are still some platforms with PCI
      UART devices which have the wrong PCI class code. In that case, the
      current class code check does not allow for them to be used for logging.
      
      Add a sub-option "force" which overrides the class code check and thus
      the use of such device can be enforced.
      
       [ bp: massage formulations. ]
      Suggested-by: default avatarBorislav Petkov <bp@alien8.de>
      Signed-off-by: default avatarFeng Tang <feng.tang@intel.com>
      Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
      Cc: "H. Peter Anvin" <hpa@zytor.com>
      Cc: "Stuart R . Anderson" <stuart.r.anderson@intel.com>
      Cc: Bjorn Helgaas <bhelgaas@google.com>
      Cc: David Rientjes <rientjes@google.com>
      Cc: Feng Tang <feng.tang@intel.com>
      Cc: Frederic Weisbecker <frederic@kernel.org>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Cc: H Peter Anvin <hpa@linux.intel.com>
      Cc: Ingo Molnar <mingo@kernel.org>
      Cc: Jiri Kosina <jkosina@suse.cz>
      Cc: Jonathan Corbet <corbet@lwn.net>
      Cc: Kai-Heng Feng <kai.heng.feng@canonical.com>
      Cc: Kate Stewart <kstewart@linuxfoundation.org>
      Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Philippe Ombredanne <pombredanne@nexb.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Thymo van Beers <thymovanbeers@gmail.com>
      Cc: alan@linux.intel.com
      Cc: linux-doc@vger.kernel.org
      Link: http://lkml.kernel.org/r/20181002164921.25833-1-feng.tang@intel.comSigned-off-by: default avatarSasha Levin <sashal@kernel.org>
      9f0e46bf
    • Zubin Mithra's avatar
      apparmor: Fix uninitialized value in aa_split_fqname · c8a1685a
      Zubin Mithra authored
      [ Upstream commit 250f2da4 ]
      
      Syzkaller reported a OOB-read with the stacktrace below. This occurs
      inside __aa_lookupn_ns as `n` is not initialized. `n` is obtained from
      aa_splitn_fqname. In cases where `name` is invalid, aa_splitn_fqname
      returns without initializing `ns_name` and `ns_len`.
      
      Fix this by always initializing `ns_name` and `ns_len`.
      
      	__dump_stack lib/dump_stack.c:77 [inline]
      	dump_stack+0x1c4/0x2b4 lib/dump_stack.c:113
      	print_address_description.cold.8+0x9/0x1ff mm/kasan/report.c:256
      	kasan_report_error mm/kasan/report.c:354 [inline]
      	kasan_report.cold.9+0x242/0x309 mm/kasan/report.c:412
      	__asan_report_load1_noabort+0x14/0x20 mm/kasan/report.c:430
      	memcmp+0xe3/0x160 lib/string.c:861
      	strnstr+0x4b/0x70 lib/string.c:934
      	__aa_lookupn_ns+0xc1/0x570 security/apparmor/policy_ns.c:209
      	aa_lookupn_ns+0x88/0x1e0 security/apparmor/policy_ns.c:240
      	aa_fqlookupn_profile+0x1b9/0x1010 security/apparmor/policy.c:468
      	fqlookupn_profile+0x80/0xc0 security/apparmor/label.c:1844
      	aa_label_strn_parse+0xa3a/0x1230 security/apparmor/label.c:1908
      	aa_label_parse+0x42/0x50 security/apparmor/label.c:1943
      	aa_change_profile+0x513/0x3510 security/apparmor/domain.c:1362
      	apparmor_setprocattr+0xaa4/0x1150 security/apparmor/lsm.c:658
      	security_setprocattr+0x66/0xc0 security/security.c:1298
      	proc_pid_attr_write+0x301/0x540 fs/proc/base.c:2555
      	__vfs_write+0x119/0x9f0 fs/read_write.c:485
      	vfs_write+0x1fc/0x560 fs/read_write.c:549
      	ksys_write+0x101/0x260 fs/read_write.c:598
      	__do_sys_write fs/read_write.c:610 [inline]
      	__se_sys_write fs/read_write.c:607 [inline]
      	__x64_sys_write+0x73/0xb0 fs/read_write.c:607
      	do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
      	entry_SYSCALL_64_after_hwframe+0x49/0xbe
      
      Fixes: 3b0aaf58 ("apparmor: add lib fn to find the "split" for fqnames")
      Reported-by: syzbot+61e4b490d9d2da591b50@syzkaller.appspotmail.com
      Signed-off-by: default avatarZubin Mithra <zsm@chromium.org>
      Reviewed-by: default avatarKees Cook <keescook@chromium.org>
      Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      c8a1685a
    • Marek Szyprowski's avatar
      clk: samsung: exynos5420: Enable PERIS clocks for suspend · 8b9cdb75
      Marek Szyprowski authored
      [ Upstream commit b3322802 ]
      
      Ensure that clocks for core SoC modules (including TZPC0..9 modules)
      are enabled for suspend/resume cycle. This fixes suspend/resume
      support on Exynos5422-based Odroid XU3/XU4 boards.
      Suggested-by: default avatarJoonyoung Shim <jy0922.shim@samsung.com>
      Signed-off-by: default avatarMarek Szyprowski <m.szyprowski@samsung.com>
      Signed-off-by: default avatarSylwester Nawrocki <snawrocki@kernel.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      8b9cdb75
    • Chengguang Xu's avatar
      fs/exofs: fix potential memory leak in mount option parsing · 33df9177
      Chengguang Xu authored
      [ Upstream commit 515f1867 ]
      
      There are some cases can cause memory leak when parsing
      option 'osdname'.
      Signed-off-by: default avatarChengguang Xu <cgxu519@gmx.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      33df9177
    • David Miller's avatar
      perf symbols: Set PLT entry/header sizes properly on Sparc · b7d1a786
      David Miller authored
      [ Upstream commit d6afa561 ]
      
      Using the sh_entsize for both values isn't correct.  It happens to be
      correct on x86...
      
      For both 32-bit and 64-bit sparc, there are four PLT entries in the PLT
      section.
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Alexis Berlemont <alexis.berlemont@gmail.com>
      Cc: David Tolnay <dtolnay@gmail.com>
      Cc: Hanjun Guo <guohanjun@huawei.com>
      Cc: Hemant Kumar <hemant@linux.vnet.ibm.com>
      Cc: Li Bin <huawei.libin@huawei.com>
      Cc: Masami Hiramatsu <mhiramat@kernel.org>
      Cc: Milian Wolff <milian.wolff@kdab.com>
      Cc: Namhyung Kim <namhyung@kernel.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Wang Nan <wangnan0@huawei.com>
      Cc: zhangmengting@huawei.com
      Fixes: b2f76050 ("perf symbols: Fix plt entry calculation for ARM and AARCH64")
      Link: http://lkml.kernel.org/r/20181017.120859.2268840244308635255.davem@davemloft.netSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      b7d1a786
    • Alan Tull's avatar
      clk: fixed-rate: fix of_node_get-put imbalance · 070bbd57
      Alan Tull authored
      [ Upstream commit 52091c25 ]
      
      When the fixed rate clock is created by devicetree,
      of_clk_add_provider is called.  Add a call to
      of_clk_del_provider in the remove function to balance
      it out.
      Signed-off-by: default avatarAlan Tull <atull@kernel.org>
      Fixes: 435779fe ("clk: fixed-rate: Convert into a module platform driver")
      Signed-off-by: default avatarStephen Boyd <sboyd@kernel.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      070bbd57
    • Rajneesh Bhardwaj's avatar
      platform/x86: intel_telemetry: report debugfs failure · c80506fa
      Rajneesh Bhardwaj authored
      [ Upstream commit 8d98b1ef ]
      
      On some Goldmont based systems such as ASRock J3455M the BIOS may not
      enable the IPC1 device that provides access to the PMC and PUNIT. In
      such scenarios, the IOSS and PSS resources from the platform device can
      not be obtained and result in a invalid telemetry_plt_config which is an
      internal data structure that holds platform config and is maintained by
      the telemetry platform driver.
      
      This is also applicable to the platforms where the BIOS supports IPC1
      device under debug configurations but IPC1 is disabled by user or the
      policy.
      
      This change allows user to know the reason for not seeing entries under
      /sys/kernel/debug/telemetry/* when there is no apparent failure at boot.
      
      Cc: Matt Turner <matt.turner@intel.com>
      Cc: Len Brown <len.brown@intel.com>
      Cc: Souvik Kumar Chakravarty <souvik.k.chakravarty@intel.com>
      Cc: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@intel.com>
      
      Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=198779Acked-by: default avatarMatt Turner <matt.turner@intel.com>
      Signed-off-by: default avatarRajneesh Bhardwaj <rajneesh.bhardwaj@linux.intel.com>
      Signed-off-by: default avatarAndy Shevchenko <andriy.shevchenko@linux.intel.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      c80506fa
    • David Howells's avatar
      afs: Handle EIO from delivery function · 464ac699
      David Howells authored
      [ Upstream commit 4ac15ea5 ]
      
      Fix afs_deliver_to_call() to handle -EIO being returned by the operation
      delivery function, indicating that the call found itself in the wrong
      state, by printing an error and aborting the call.
      
      Currently, an assertion failure will occur.  This can happen, say, if the
      delivery function falls off the end without calling afs_extract_data() with
      the want_more parameter set to false to collect the end of the Rx phase of
      a call.
      
      The assertion failure looks like:
      
      	AFS: Assertion failed
      	4 == 7 is false
      	0x4 == 0x7 is false
      	------------[ cut here ]------------
      	kernel BUG at fs/afs/rxrpc.c:462!
      
      and is matched in the trace buffer by a line like:
      
      kworker/7:3-3226 [007] ...1 85158.030203: afs_io_error: c=0003be0c r=-5 CM_REPLY
      
      Fixes: 98bf40cd ("afs: Protect call->state changes against signals")
      Reported-by: default avatarMarc Dionne <marc.dionne@auristor.com>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      464ac699
    • Lee, Shawn C's avatar
      drm/edid: Add 6 bpc quirk for BOE panel. · 6ea95033
      Lee, Shawn C authored
      [ Upstream commit 922dceff ]
      
      BOE panel (ID: 0x0771) that reports "DFP 1.x compliant TMDS".
      But it's 6bpc panel only instead of 8 bpc.
      
      Add panel ID to edid quirk list and set 6 bpc as default to
      work around this issue.
      
      Cc: Jani Nikula <jani.nikula@intel.com>
      Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
      Cc: Gustavo Padovan <gustavo@padovan.org>
      Cc: Cooper Chiou <cooper.chiou@intel.com>
      Signed-off-by: default avatarLee, Shawn C <shawn.c.lee@intel.com&gt;>
      Signed-off-by: default avatarDaniel Vetter <daniel.vetter@ffwll.ch>
      Link: https://patchwork.freedesktop.org/patch/msgid/1540792173-7288-1-git-send-email-shawn.c.lee@intel.comSigned-off-by: default avatarSasha Levin <sashal@kernel.org>
      6ea95033
    • Richard Weinberger's avatar
      um: Give start_idle_thread() a return code · d21e4ba3
      Richard Weinberger authored
      [ Upstream commit 7ff1e34b ]
      
      Fixes:
      arch/um/os-Linux/skas/process.c:613:1: warning: control reaches end of
      non-void function [-Wreturn-type]
      
      longjmp() never returns but gcc still warns that the end of the function
      can be reached.
      Add a return code and debug aid to detect this impossible case.
      Signed-off-by: default avatarRichard Weinberger <richard@nod.at>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      d21e4ba3
    • Milian Wolff's avatar
      perf unwind: Take pgoff into account when reporting elf to libdwfl · 6cddd650
      Milian Wolff authored
      [ Upstream commit 1fe627da ]
      
      libdwfl parses an ELF file itself and creates mappings for the
      individual sections. perf on the other hand sees raw mmap events which
      represent individual sections. When we encounter an address pointing
      into a mapping with pgoff != 0, we must take that into account and
      report the file at the non-offset base address.
      
      This fixes unwinding with libdwfl in some cases. E.g. for a file like:
      
      ```
      
      using namespace std;
      
      mutex g_mutex;
      
      double worker()
      {
          lock_guard<mutex> guard(g_mutex);
          uniform_real_distribution<double> uniform(-1E5, 1E5);
          default_random_engine engine;
          double s = 0;
          for (int i = 0; i < 1000; ++i) {
              s += norm(complex<double>(uniform(engine), uniform(engine)));
          }
          cout << s << endl;
          return s;
      }
      
      int main()
      {
          vector<std::future<double>> results;
          for (int i = 0; i < 10000; ++i) {
              results.push_back(async(launch::async, worker));
          }
          return 0;
      }
      ```
      
      Compile it with `g++ -g -O2 -lpthread cpp-locking.cpp  -o cpp-locking`,
      then record it with `perf record --call-graph dwarf -e
      sched:sched_switch`.
      
      When you analyze it with `perf script` and libunwind, you should see:
      
      ```
      cpp-locking 20038 [005] 54830.236589: sched:sched_switch: prev_comm=cpp-locking prev_pid=20038 prev_prio=120 prev_state=T ==> next_comm=swapper/5 next_pid=0 next_prio=120
              ffffffffb166fec5 __sched_text_start+0x545 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb166fec5 __sched_text_start+0x545 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1670208 schedule+0x28 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb16737cc rwsem_down_read_failed+0xec (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1665e04 call_rwsem_down_read_failed+0x14 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1672a03 down_read+0x13 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb106bd85 __do_page_fault+0x445 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb18015f5 page_fault+0x45 (/lib/modules/4.14.78-1-lts/build/vmlinux)
                  7f38e4252591 new_heap+0x101 (/usr/lib/libc-2.28.so)
                  7f38e4252d0b arena_get2.part.4+0x2fb (/usr/lib/libc-2.28.so)
                  7f38e4255b1c tcache_init.part.6+0xec (/usr/lib/libc-2.28.so)
                  7f38e42569e5 __GI___libc_malloc+0x115 (inlined)
                  7f38e4241790 __GI__IO_file_doallocate+0x90 (inlined)
                  7f38e424fbbf __GI__IO_doallocbuf+0x4f (inlined)
                  7f38e424ee47 __GI__IO_file_overflow+0x197 (inlined)
                  7f38e424df36 _IO_new_file_xsputn+0x116 (inlined)
                  7f38e4242bfb __GI__IO_fwrite+0xdb (inlined)
                  7f38e463fa6d std::basic_streambuf<char, std::char_traits<char> >::sputn(char const*, long)+0x1cd (inlined)
                  7f38e463fa6d std::ostreambuf_iterator<char, std::char_traits<char> >::_M_put(char const*, long)+0x1cd (inlined)
                  7f38e463fa6d std::ostreambuf_iterator<char, std::char_traits<char> > std::__write<char>(std::ostreambuf_iterator<char, std::char_traits<char> >, char const*, int)+0x1cd (inlined)
                  7f38e463fa6d std::ostreambuf_iterator<char, std::char_traits<char> > std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> > >::_M_insert_float<double>(std::ostreambuf_iterator<c>
                  7f38e464bd70 std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> > >::put(std::ostreambuf_iterator<char, std::char_traits<char> >, std::ios_base&, char, double) const+0x90 (inl>
                  7f38e464bd70 std::ostream& std::ostream::_M_insert<double>(double)+0x90 (/usr/lib/libstdc++.so.6.0.25)
                  563b9cb502f7 std::ostream::operator<<(double)+0xb7 (inlined)
                  563b9cb502f7 worker()+0xb7 (/ssd/milian/projects/kdab/rnd/hotspot/build/tests/test-clients/cpp-locking/cpp-locking)
                  563b9cb506fb double std::__invoke_impl<double, double (*)()>(std::__invoke_other, double (*&&)())+0x2b (inlined)
                  563b9cb506fb std::__invoke_result<double (*)()>::type std::__invoke<double (*)()>(double (*&&)())+0x2b (inlined)
                  563b9cb506fb decltype (__invoke((_S_declval<0ul>)())) std::thread::_Invoker<std::tuple<double (*)()> >::_M_invoke<0ul>(std::_Index_tuple<0ul>)+0x2b (inlined)
                  563b9cb506fb std::thread::_Invoker<std::tuple<double (*)()> >::operator()()+0x2b (inlined)
                  563b9cb506fb std::__future_base::_Task_setter<std::unique_ptr<std::__future_base::_Result<double>, std::__future_base::_Result_base::_Deleter>, std::thread::_Invoker<std::tuple<double (*)()> >, dou>
                  563b9cb506fb std::_Function_handler<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> (), std::__future_base::_Task_setter<std::unique_ptr<std::__future_>
                  563b9cb507e8 std::function<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> ()>::operator()() const+0x28 (inlined)
                  563b9cb507e8 std::__future_base::_State_baseV2::_M_do_set(std::function<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> ()>*, bool*)+0x28 (/ssd/milian/>
                  7f38e46d24fe __pthread_once_slow+0xbe (/usr/lib/libpthread-2.28.so)
                  563b9cb51149 __gthread_once+0xe9 (inlined)
                  563b9cb51149 void std::call_once<void (std::__future_base::_State_baseV2::*)(std::function<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> ()>*, bool*)>
                  563b9cb51149 std::__future_base::_State_baseV2::_M_set_result(std::function<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> ()>, bool)+0xe9 (inlined)
                  563b9cb51149 std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<double (*)()> >, double>::_Async_state_impl(std::thread::_Invoker<std::tuple<double (*)()> >&&)::{lambda()#1}::op>
                  563b9cb51149 void std::__invoke_impl<void, std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<double (*)()> >, double>::_Async_state_impl(std::thread::_Invoker<std::tuple<double>
                  563b9cb51149 std::__invoke_result<std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<double (*)()> >, double>::_Async_state_impl(std::thread::_Invoker<std::tuple<double (*)()> >>
                  563b9cb51149 decltype (__invoke((_S_declval<0ul>)())) std::thread::_Invoker<std::tuple<std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<double (*)()> >, double>::_Async_state_>
                  563b9cb51149 std::thread::_Invoker<std::tuple<std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<double (*)()> >, double>::_Async_state_impl(std::thread::_Invoker<std::tuple<dou>
                  563b9cb51149 std::thread::_State_impl<std::thread::_Invoker<std::tuple<std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<double (*)()> >, double>::_Async_state_impl(std::thread>
                  7f38e45f0062 execute_native_thread_routine+0x12 (/usr/lib/libstdc++.so.6.0.25)
                  7f38e46caa9c start_thread+0xfc (/usr/lib/libpthread-2.28.so)
                  7f38e42ccb22 __GI___clone+0x42 (inlined)
      ```
      
      Before this patch, using libdwfl, you would see:
      
      ```
      cpp-locking 20038 [005] 54830.236589: sched:sched_switch: prev_comm=cpp-locking prev_pid=20038 prev_prio=120 prev_state=T ==> next_comm=swapper/5 next_pid=0 next_prio=120
              ffffffffb166fec5 __sched_text_start+0x545 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb166fec5 __sched_text_start+0x545 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1670208 schedule+0x28 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb16737cc rwsem_down_read_failed+0xec (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1665e04 call_rwsem_down_read_failed+0x14 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1672a03 down_read+0x13 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb106bd85 __do_page_fault+0x445 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb18015f5 page_fault+0x45 (/lib/modules/4.14.78-1-lts/build/vmlinux)
                  7f38e4252591 new_heap+0x101 (/usr/lib/libc-2.28.so)
              a041161e77950c5c [unknown] ([unknown])
      ```
      
      With this patch applied, we get a bit further in unwinding:
      
      ```
      cpp-locking 20038 [005] 54830.236589: sched:sched_switch: prev_comm=cpp-locking prev_pid=20038 prev_prio=120 prev_state=T ==> next_comm=swapper/5 next_pid=0 next_prio=120
              ffffffffb166fec5 __sched_text_start+0x545 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb166fec5 __sched_text_start+0x545 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1670208 schedule+0x28 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb16737cc rwsem_down_read_failed+0xec (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1665e04 call_rwsem_down_read_failed+0x14 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb1672a03 down_read+0x13 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb106bd85 __do_page_fault+0x445 (/lib/modules/4.14.78-1-lts/build/vmlinux)
              ffffffffb18015f5 page_fault+0x45 (/lib/modules/4.14.78-1-lts/build/vmlinux)
                  7f38e4252591 new_heap+0x101 (/usr/lib/libc-2.28.so)
                  7f38e4252d0b arena_get2.part.4+0x2fb (/usr/lib/libc-2.28.so)
                  7f38e4255b1c tcache_init.part.6+0xec (/usr/lib/libc-2.28.so)
                  7f38e42569e5 __GI___libc_malloc+0x115 (inlined)
                  7f38e4241790 __GI__IO_file_doallocate+0x90 (inlined)
                  7f38e424fbbf __GI__IO_doallocbuf+0x4f (inlined)
                  7f38e424ee47 __GI__IO_file_overflow+0x197 (inlined)
                  7f38e424df36 _IO_new_file_xsputn+0x116 (inlined)
                  7f38e4242bfb __GI__IO_fwrite+0xdb (inlined)
                  7f38e463fa6d std::basic_streambuf<char, std::char_traits<char> >::sputn(char const*, long)+0x1cd (inlined)
                  7f38e463fa6d std::ostreambuf_iterator<char, std::char_traits<char> >::_M_put(char const*, long)+0x1cd (inlined)
                  7f38e463fa6d std::ostreambuf_iterator<char, std::char_traits<char> > std::__write<char>(std::ostreambuf_iterator<char, std::char_traits<char> >, char const*, int)+0x1cd (inlined)
                  7f38e463fa6d std::ostreambuf_iterator<char, std::char_traits<char> > std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> > >::_M_insert_float<double>(std::ostreambuf_iterator<c>
                  7f38e464bd70 std::num_put<char, std::ostreambuf_iterator<char, std::char_traits<char> > >::put(std::ostreambuf_iterator<char, std::char_traits<char> >, std::ios_base&, char, double) const+0x90 (inl>
                  7f38e464bd70 std::ostream& std::ostream::_M_insert<double>(double)+0x90 (/usr/lib/libstdc++.so.6.0.25)
                  563b9cb502f7 std::ostream::operator<<(double)+0xb7 (inlined)
                  563b9cb502f7 worker()+0xb7 (/ssd/milian/projects/kdab/rnd/hotspot/build/tests/test-clients/cpp-locking/cpp-locking)
              6eab825c1ee3e4ff [unknown] ([unknown])
      ```
      
      Note that the backtrace is still stopping too early, when compared to
      the nice results obtained via libunwind. It's unclear so far what the
      reason for that is.
      
      Committer note:
      
      Further comment by Milian on the thread started on the Link: tag below:
      
       ---
      The remaining issue is due to a bug in elfutils:
      
      https://sourceware.org/ml/elfutils-devel/2018-q4/msg00089.html
      
      With both patches applied, libunwind and elfutils produce the same output for
      the above scenario.
       ---
      Signed-off-by: default avatarMilian Wolff <milian.wolff@kdab.com>
      Acked-by: default avatarJiri Olsa <jolsa@kernel.org>
      Link: http://lkml.kernel.org/r/20181029141644.3907-1-milian.wolff@kdab.comSigned-off-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      6cddd650
    • Ernesto A. Fernández's avatar
      hfsplus: prevent btree data loss on root split · 52fc49b6
      Ernesto A. Fernández authored
      [ Upstream commit 0a3021d4 ]
      
      Creating, renaming or deleting a file may cause catalog corruption and
      data loss.  This bug is randomly triggered by xfstests generic/027, but
      here is a faster reproducer:
      
        truncate -s 50M fs.iso
        mkfs.hfsplus fs.iso
        mount fs.iso /mnt
        i=100
        while [ $i -le 150 ]; do
          touch /mnt/$i &>/dev/null
          ((++i))
        done
        i=100
        while [ $i -le 150 ]; do
          mv /mnt/$i /mnt/$(perl -e "print $i x82") &>/dev/null
          ((++i))
        done
        umount /mnt
        fsck.hfsplus -n fs.iso
      
      The bug is triggered whenever hfs_brec_update_parent() needs to split the
      root node.  The height of the btree is not increased, which leaves the new
      node orphaned and its records lost.
      
      Link: http://lkml.kernel.org/r/26d882184fc43043a810114258f45277752186c7.1535682461.git.ernesto.mnd.fernandez@gmail.comSigned-off-by: default avatarErnesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
      Cc: Christoph Hellwig <hch@infradead.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      52fc49b6
    • Ernesto A. Fernández's avatar
      hfs: prevent btree data loss on root split · ea54dce2
      Ernesto A. Fernández authored
      [ Upstream commit d057c036 ]
      
      This bug is triggered whenever hfs_brec_update_parent() needs to split
      the root node.  The height of the btree is not increased, which leaves
      the new node orphaned and its records lost.  It is not possible for this
      to happen on a valid hfs filesystem because the index nodes have fixed
      length keys.
      
      For reasons I ignore, the hfs module does have support for a number of
      hfsplus features.  A corrupt btree header may report variable length
      keys and trigger this bug, so it's better to fix it.
      
      Link: http://lkml.kernel.org/r/9750b1415685c4adca10766895f6d5ef12babdb0.1535682463.git.ernesto.mnd.fernandez@gmail.comSigned-off-by: default avatarErnesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
      Cc: Christoph Hellwig <hch@infradead.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
      ea54dce2