1. 24 Aug, 2022 3 commits
  2. 23 Aug, 2022 5 commits
  3. 22 Aug, 2022 13 commits
    • Gaosheng Cui's avatar
      audit: fix potential double free on error path from fsnotify_add_inode_mark · ad982c3b
      Gaosheng Cui authored
      Audit_alloc_mark() assign pathname to audit_mark->path, on error path
      from fsnotify_add_inode_mark(), fsnotify_put_mark will free memory
      of audit_mark->path, but the caller of audit_alloc_mark will free
      the pathname again, so there will be double free problem.
      
      Fix this by resetting audit_mark->path to NULL pointer on error path
      from fsnotify_add_inode_mark().
      
      Cc: stable@vger.kernel.org
      Fixes: 7b129323 ("fsnotify: Add group pointer in fsnotify_init_mark()")
      Signed-off-by: default avatarGaosheng Cui <cuigaosheng1@huawei.com>
      Reviewed-by: default avatarJan Kara <jack@suse.cz>
      Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
      ad982c3b
    • Linus Torvalds's avatar
      Merge tag 'nfs-for-5.20-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs · 072e5135
      Linus Torvalds authored
      Pull NFS client fixes from Trond Myklebust:
      "Stable fixes:
         - NFS: Fix another fsync() issue after a server reboot
      
        Bugfixes:
         - NFS: unlink/rmdir shouldn't call d_delete() twice on ENOENT
         - NFS: Fix missing unlock in nfs_unlink()
         - Add sanity checking of the file type used by __nfs42_ssc_open
         - Fix a case where we're failing to set task->tk_rpc_status
      
        Cleanups:
         - Remove the NFS_CONTEXT_RESEND_WRITES flag that got obsoleted by the
           fsync() fix"
      
      * tag 'nfs-for-5.20-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
        SUNRPC: RPC level errors should set task->tk_rpc_status
        NFSv4.2 fix problems with __nfs42_ssc_open
        NFS: unlink/rmdir shouldn't call d_delete() twice on ENOENT
        NFS: Cleanup to remove unused flag NFS_CONTEXT_RESEND_WRITES
        NFS: Remove a bogus flag setting in pnfs_write_done_resend_to_mds
        NFS: Fix another fsync() issue after a server reboot
        NFS: Fix missing unlock in nfs_unlink()
      072e5135
    • Linus Torvalds's avatar
      Merge tag 'fs.idmapped.fixes.v6.0-rc3' of... · d3cd67d6
      Linus Torvalds authored
      Merge tag 'fs.idmapped.fixes.v6.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping
      
      Pull idmapping fixes from Christian Brauner:
      
       - Since Seth joined as co-maintainer for idmapped mounts we decided to
         use a shared git tree. Konstantin suggested we use vfs/idmapping.git
         on kernel.org under the vfs/ namespace. So this updates the tree in
         the maintainers file.
      
       - Ensure that POSIX ACLs checking, getting, and setting works correctly
         for filesystems mountable with a filesystem idmapping that want to
         support idmapped mounts.
      
         Since no filesystems mountable with an fs_idmapping do yet support
         idmapped mounts there is no problem. But this could change in the
         future, so add a check to refuse to create idmapped mounts when the
         mounter is not privileged over the mount's idmapping.
      
       - Check that caller is privileged over the idmapping that will be
         attached to a mount.
      
         Currently no FS_USERNS_MOUNT filesystems support idmapped mounts,
         thus this is not a problem as only CAP_SYS_ADMIN in init_user_ns is
         allowed to set up idmapped mounts. But this could change in the
         future, so add a check to refuse to create idmapped mounts when the
         mounter is not privileged over the mount's idmapping.
      
       - Fix POSIX ACLs for ntfs3. While looking at our current POSIX ACL
         handling in the context of some overlayfs work I went through a range
         of other filesystems checking how they handle them currently and
         encountered a few bugs in ntfs3.
      
         I've sent this some time ago and the fixes haven't been picked up
         even though the pull request for other ntfs3 fixes got sent after.
         This should really be fixed as right now POSIX ACLs are broken in
         certain circumstances for ntfs3.
      
      * tag 'fs.idmapped.fixes.v6.0-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping:
        ntfs: fix acl handling
        fs: require CAP_SYS_ADMIN in target namespace for idmapped mounts
        MAINTAINERS: update idmapping tree
        acl: handle idmapped mounts for idmapped filesystems
      d3cd67d6
    • Linus Torvalds's avatar
      Merge tag 'filelock-v6.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux · b20ee481
      Linus Torvalds authored
      Pull file locking fix from Jeff Layton:
       "Just a single patch for a bugfix in the flock() codepath, introduced
        by a patch that went in recently"
      
      * tag 'filelock-v6.0-2' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux:
        locks: Fix dropped call to ->fl_release_private()
      b20ee481
    • Yang Jihong's avatar
      perf tools: Fix compile error for x86 · cfd2b5c1
      Yang Jihong authored
      Commit a0a12c3e ("asm goto: eradicate CC_HAS_ASM_GOTO") eradicates
      CC_HAS_ASM_GOTO, and in the process also causes the perf tool on x86 to
      use asm_volatile_goto when compiling __GEN_RMWcc.
      
      However, asm_volatile_goto is not declared in the perf tool headers,
      which causes a compilation error:
      
        In file included from tools/arch/x86/include/asm/atomic.h:7,
                         from tools/include/asm/atomic.h:6,
                         from tools/include/linux/atomic.h:5,
                         from tools/include/linux/refcount.h:41,
                         from tools/lib/perf/include/internal/cpumap.h:5,
                         from tools/perf/util/cpumap.h:7,
                         from tools/perf/util/env.h:7,
                         from tools/perf/util/header.h:12,
                         from pmu-events/pmu-events.c:9:
        tools/arch/x86/include/asm/atomic.h: In function ‘atomic_dec_and_test’:
        tools/arch/x86/include/asm/rmwcc.h:7:2: error: implicit declaration of function ‘asm_volatile_goto’ [-Werror=implicit-function-declaration]
          asm_volatile_goto (fullop "; j" cc " %l[cc_label]"  \
          ^~~~~~~~~~~~~~~~~
      
      Define asm_volatile_goto in compiler_types.h if not declared, like the
      main kernel header files do.
      
      Fixes: a0a12c3e ("asm goto: eradicate CC_HAS_ASM_GOTO")
      Signed-off-by: default avatarYang Jihong <yangjihong1@huawei.com>
      Tested-by: default avatarArnaldo Carvalho de Melo <acme@redhat.com>
      Tested-by: default avatarIngo Molnar <mingo@kernel.org>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      cfd2b5c1
    • Christian Brauner's avatar
      ntfs: fix acl handling · 0c3bc789
      Christian Brauner authored
      While looking at our current POSIX ACL handling in the context of some
      overlayfs work I went through a range of other filesystems checking how they
      handle them currently and encountered ntfs3.
      
      The posic_acl_{from,to}_xattr() helpers always need to operate on the
      filesystem idmapping. Since ntfs3 can only be mounted in the initial user
      namespace the relevant idmapping is init_user_ns.
      
      The posix_acl_{from,to}_xattr() helpers are concerned with translating between
      the kernel internal struct posix_acl{_entry} and the uapi struct
      posix_acl_xattr_{header,entry} and the kernel internal data structure is cached
      filesystem wide.
      
      Additional idmappings such as the caller's idmapping or the mount's idmapping
      are handled higher up in the VFS. Individual filesystems usually do not need to
      concern themselves with these.
      
      The posix_acl_valid() helper is concerned with checking whether the values in
      the kernel internal struct posix_acl can be represented in the filesystem's
      idmapping. IOW, if they can be written to disk. So this helper too needs to
      take the filesystem's idmapping.
      
      Fixes: be71b5cb ("fs/ntfs3: Add attrib operations")
      Cc: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
      Cc: ntfs3@lists.linux.dev
      Signed-off-by: default avatarChristian Brauner (Microsoft) <brauner@kernel.org>
      0c3bc789
    • Helge Deller's avatar
      parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines · 591d2108
      Helge Deller authored
      If a 32-bit kernel was compiled for PA2.0 CPUs, it won't be able to run
      on machines with PA1.x CPUs. Add a check and bail out early if a PA1.x
      machine is detected.
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      591d2108
    • Li Qiong's avatar
      parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() · d46c742f
      Li Qiong authored
      As the possible failure of the kmalloc(), it should be better
      to fix this error path, check and return '-ENOMEM' error code.
      Signed-off-by: default avatarLi Qiong <liqiong@nfschina.com>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      d46c742f
    • Wolfram Sang's avatar
      parisc: led: Move from strlcpy with unused retval to strscpy · 4cb26436
      Wolfram Sang authored
      Follow the advice of the below link and prefer 'strscpy' in this
      subsystem. Conversion is 1:1 because the return value is not used.
      Generated by a coccinelle script.
      
      Link: https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/Signed-off-by: default avatarWolfram Sang <wsa+renesas@sang-engineering.com>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      4cb26436
    • Jason Wang's avatar
      parisc: ccio-dma: Fix typo in comment · db4538ad
      Jason Wang authored
      The double `was' is duplicated in the comment, remove one.
      Signed-off-by: default avatarJason Wang <wangborong@cdjrlc.com>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      db4538ad
    • Helge Deller's avatar
      Revert "parisc: Show error if wrong 32/64-bit compiler is being used" · b4b18f47
      Helge Deller authored
      This reverts commit b160628e.
      
      There is no need any longer to have this sanity check, because the
      previous commit ("parisc: Make CONFIG_64BIT available for ARCH=parisc64
      only") prevents that CONFIG_64BIT is set if ARCH==parisc.
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      b4b18f47
    • Helge Deller's avatar
      parisc: Make CONFIG_64BIT available for ARCH=parisc64 only · 3dcfb729
      Helge Deller authored
      With this patch the ARCH= parameter decides if the
      CONFIG_64BIT option will be set or not. This means, the
      ARCH= parameter will give:
      
      	ARCH=parisc	-> 32-bit kernel
      	ARCH=parisc64	-> 64-bit kernel
      
      This simplifies the usage of the other config options like
      randconfig, allmodconfig and allyesconfig a lot and produces
      the output which is expected for parisc64 (64-bit) vs. parisc (32-bit).
      Suggested-by: default avatarMasahiro Yamada <masahiroy@kernel.org>
      Signed-off-by: default avatarHelge Deller <deller@gmx.de>
      Tested-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Reviewed-by: default avatarRandy Dunlap <rdunlap@infradead.org>
      Cc: <stable@vger.kernel.org> # 5.15+
      3dcfb729
    • Linus Torvalds's avatar
      Linux 6.0-rc2 · 1c23f9e6
      Linus Torvalds authored
      1c23f9e6
  4. 21 Aug, 2022 18 commits
  5. 20 Aug, 2022 1 commit
    • Kuniyuki Iwashima's avatar
      kprobes: don't call disarm_kprobe() for disabled kprobes · 9c80e799
      Kuniyuki Iwashima authored
      The assumption in __disable_kprobe() is wrong, and it could try to disarm
      an already disarmed kprobe and fire the WARN_ONCE() below. [0]  We can
      easily reproduce this issue.
      
      1. Write 0 to /sys/kernel/debug/kprobes/enabled.
      
        # echo 0 > /sys/kernel/debug/kprobes/enabled
      
      2. Run execsnoop.  At this time, one kprobe is disabled.
      
        # /usr/share/bcc/tools/execsnoop &
        [1] 2460
        PCOMM            PID    PPID   RET ARGS
      
        # cat /sys/kernel/debug/kprobes/list
        ffffffff91345650  r  __x64_sys_execve+0x0    [FTRACE]
        ffffffff91345650  k  __x64_sys_execve+0x0    [DISABLED][FTRACE]
      
      3. Write 1 to /sys/kernel/debug/kprobes/enabled, which changes
         kprobes_all_disarmed to false but does not arm the disabled kprobe.
      
        # echo 1 > /sys/kernel/debug/kprobes/enabled
      
        # cat /sys/kernel/debug/kprobes/list
        ffffffff91345650  r  __x64_sys_execve+0x0    [FTRACE]
        ffffffff91345650  k  __x64_sys_execve+0x0    [DISABLED][FTRACE]
      
      4. Kill execsnoop, when __disable_kprobe() calls disarm_kprobe() for the
         disabled kprobe and hits the WARN_ONCE() in __disarm_kprobe_ftrace().
      
        # fg
        /usr/share/bcc/tools/execsnoop
        ^C
      
      Actually, WARN_ONCE() is fired twice, and __unregister_kprobe_top() misses
      some cleanups and leaves the aggregated kprobe in the hash table.  Then,
      __unregister_trace_kprobe() initialises tk->rp.kp.list and creates an
      infinite loop like this.
      
        aggregated kprobe.list -> kprobe.list -.
                                           ^    |
                                           '.__.'
      
      In this situation, these commands fall into the infinite loop and result
      in RCU stall or soft lockup.
      
        cat /sys/kernel/debug/kprobes/list : show_kprobe_addr() enters into the
                                             infinite loop with RCU.
      
        /usr/share/bcc/tools/execsnoop : warn_kprobe_rereg() holds kprobe_mutex,
                                         and __get_valid_kprobe() is stuck in
      				   the loop.
      
      To avoid the issue, make sure we don't call disarm_kprobe() for disabled
      kprobes.
      
      [0]
      Failed to disarm kprobe-ftrace at __x64_sys_execve+0x0/0x40 (error -2)
      WARNING: CPU: 6 PID: 2460 at kernel/kprobes.c:1130 __disarm_kprobe_ftrace.isra.19 (kernel/kprobes.c:1129)
      Modules linked in: ena
      CPU: 6 PID: 2460 Comm: execsnoop Not tainted 5.19.0+ #28
      Hardware name: Amazon EC2 c5.2xlarge/, BIOS 1.0 10/16/2017
      RIP: 0010:__disarm_kprobe_ftrace.isra.19 (kernel/kprobes.c:1129)
      Code: 24 8b 02 eb c1 80 3d c4 83 f2 01 00 75 d4 48 8b 75 00 89 c2 48 c7 c7 90 fa 0f 92 89 04 24 c6 05 ab 83 01 e8 e4 94 f0 ff <0f> 0b 8b 04 24 eb b1 89 c6 48 c7 c7 60 fa 0f 92 89 04 24 e8 cc 94
      RSP: 0018:ffff9e6ec154bd98 EFLAGS: 00010282
      RAX: 0000000000000000 RBX: ffffffff930f7b00 RCX: 0000000000000001
      RDX: 0000000080000001 RSI: ffffffff921461c5 RDI: 00000000ffffffff
      RBP: ffff89c504286da8 R08: 0000000000000000 R09: c0000000fffeffff
      R10: 0000000000000000 R11: ffff9e6ec154bc28 R12: ffff89c502394e40
      R13: ffff89c502394c00 R14: ffff9e6ec154bc00 R15: 0000000000000000
      FS:  00007fe800398740(0000) GS:ffff89c812d80000(0000) knlGS:0000000000000000
      CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
      CR2: 000000c00057f010 CR3: 0000000103b54006 CR4: 00000000007706e0
      DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
      DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
      PKRU: 55555554
      Call Trace:
      <TASK>
       __disable_kprobe (kernel/kprobes.c:1716)
       disable_kprobe (kernel/kprobes.c:2392)
       __disable_trace_kprobe (kernel/trace/trace_kprobe.c:340)
       disable_trace_kprobe (kernel/trace/trace_kprobe.c:429)
       perf_trace_event_unreg.isra.2 (./include/linux/tracepoint.h:93 kernel/trace/trace_event_perf.c:168)
       perf_kprobe_destroy (kernel/trace/trace_event_perf.c:295)
       _free_event (kernel/events/core.c:4971)
       perf_event_release_kernel (kernel/events/core.c:5176)
       perf_release (kernel/events/core.c:5186)
       __fput (fs/file_table.c:321)
       task_work_run (./include/linux/sched.h:2056 (discriminator 1) kernel/task_work.c:179 (discriminator 1))
       exit_to_user_mode_prepare (./include/linux/resume_user_mode.h:49 kernel/entry/common.c:169 kernel/entry/common.c:201)
       syscall_exit_to_user_mode (./arch/x86/include/asm/jump_label.h:55 ./arch/x86/include/asm/nospec-branch.h:384 ./arch/x86/include/asm/entry-common.h:94 kernel/entry/common.c:133 kernel/entry/common.c:296)
       do_syscall_64 (arch/x86/entry/common.c:87)
       entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:120)
      RIP: 0033:0x7fe7ff210654
      Code: 15 79 89 20 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb be 0f 1f 00 8b 05 9a cd 20 00 48 63 ff 85 c0 75 11 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3a f3 c3 48 83 ec 18 48 89 7c 24 08 e8 34 fc
      RSP: 002b:00007ffdbd1d3538 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
      RAX: 0000000000000000 RBX: 0000000000000008 RCX: 00007fe7ff210654
      RDX: 0000000000000000 RSI: 0000000000002401 RDI: 0000000000000008
      RBP: 0000000000000000 R08: 94ae31d6fda838a4 R0900007fe8001c9d30
      R10: 00007ffdbd1d34b0 R11: 0000000000000246 R12: 00007ffdbd1d3600
      R13: 0000000000000000 R14: fffffffffffffffc R15: 00007ffdbd1d3560
      </TASK>
      
      Link: https://lkml.kernel.org/r/20220813020509.90805-1-kuniyu@amazon.com
      Fixes: 69d54b91 ("kprobes: makes kprobes/enabled works correctly for optimized kprobes.")
      Signed-off-by: default avatarKuniyuki Iwashima <kuniyu@amazon.com>
      Reported-by: default avatarAyushman Dutta <ayudutta@amazon.com>
      Cc: "Naveen N. Rao" <naveen.n.rao@linux.ibm.com>
      Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Masami Hiramatsu <mhiramat@kernel.org>
      Cc: Wang Nan <wangnan0@huawei.com>
      Cc: Kuniyuki Iwashima <kuniyu@amazon.com>
      Cc: Kuniyuki Iwashima <kuni1840@gmail.com>
      Cc: Ayushman Dutta <ayudutta@amazon.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      9c80e799