1. 07 Aug, 2015 14 commits
  2. 05 Aug, 2015 5 commits
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm · 4469942b
      Linus Torvalds authored
      Pull KVM fixes from Paolo Bonzini:
       "Just two very small & simple patches"
      
      * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
        KVM: MTRR: Use default type for non-MTRR-covered gfn before WARN_ON
        KVM: s390: Fix hang VCPU hang/loop regression
      4469942b
    • Alex Williamson's avatar
      KVM: MTRR: Use default type for non-MTRR-covered gfn before WARN_ON · fc1a8126
      Alex Williamson authored
      The patch was munged on commit to re-order these tests resulting in
      excessive warnings when trying to do device assignment.  Return to
      original ordering: https://lkml.org/lkml/2015/7/15/769
      
      Fixes: 3e5d2fdc ("KVM: MTRR: simplify kvm_mtrr_get_guest_memory_type")
      Signed-off-by: default avatarAlex Williamson <alex.williamson@redhat.com>
      Reviewed-by: default avatarXiao Guangrong <guangrong.xiao@linux.intel.com>
      Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      fc1a8126
    • Linus Torvalds's avatar
      Merge tag 'md/4.2-rc5-fixes' of git://neil.brown.name/md · 4e6b6ee2
      Linus Torvalds authored
      Pull md fixes from Neil Brown:
       "Three more fixes for md in 4.2
      
        Mostly corner-case stuff.
      
        One of these patches is for a CVE: CVE-2015-5697
      
        I'm not convinced it is serious (data leak from CAP_SYS_ADMIN ioctl)
        but as people seem to want to back-port it, I've included a minimal
        version here.  The remainder of that patch from Benjamin is
        code-cleanup and will arrive in the 4.3 merge window"
      
      * tag 'md/4.2-rc5-fixes' of git://neil.brown.name/md:
        md/raid5: don't let shrink_slab shrink too far.
        md: use kzalloc() when bitmap is disabled
        md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies
      4e6b6ee2
    • Linus Torvalds's avatar
      Merge branch 'for-4.2' of git://linux-nfs.org/~bfields/linux · 9e91edcd
      Linus Torvalds authored
      Pull nfsd fixes from Bruce Fields.
      
      * 'for-4.2' of git://linux-nfs.org/~bfields/linux:
        nfsd: do nfs4_check_fh in nfs4_check_file instead of nfs4_check_olstateid
        nfsd: Fix a file leak on nfsd4_layout_setlease failure
        nfsd: Drop BUG_ON and ignore SECLABEL on absent filesystem
      9e91edcd
    • Michal Hocko's avatar
      mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations · ecf5fc6e
      Michal Hocko authored
      Nikolay has reported a hang when a memcg reclaim got stuck with the
      following backtrace:
      
      PID: 18308  TASK: ffff883d7c9b0a30  CPU: 1   COMMAND: "rsync"
        #0 __schedule at ffffffff815ab152
        #1 schedule at ffffffff815ab76e
        #2 schedule_timeout at ffffffff815ae5e5
        #3 io_schedule_timeout at ffffffff815aad6a
        #4 bit_wait_io at ffffffff815abfc6
        #5 __wait_on_bit at ffffffff815abda5
        #6 wait_on_page_bit at ffffffff8111fd4f
        #7 shrink_page_list at ffffffff81135445
        #8 shrink_inactive_list at ffffffff81135845
        #9 shrink_lruvec at ffffffff81135ead
       #10 shrink_zone at ffffffff811360c3
       #11 shrink_zones at ffffffff81136eff
       #12 do_try_to_free_pages at ffffffff8113712f
       #13 try_to_free_mem_cgroup_pages at ffffffff811372be
       #14 try_charge at ffffffff81189423
       #15 mem_cgroup_try_charge at ffffffff8118c6f5
       #16 __add_to_page_cache_locked at ffffffff8112137d
       #17 add_to_page_cache_lru at ffffffff81121618
       #18 pagecache_get_page at ffffffff8112170b
       #19 grow_dev_page at ffffffff811c8297
       #20 __getblk_slow at ffffffff811c91d6
       #21 __getblk_gfp at ffffffff811c92c1
       #22 ext4_ext_grow_indepth at ffffffff8124565c
       #23 ext4_ext_create_new_leaf at ffffffff81246ca8
       #24 ext4_ext_insert_extent at ffffffff81246f09
       #25 ext4_ext_map_blocks at ffffffff8124a848
       #26 ext4_map_blocks at ffffffff8121a5b7
       #27 mpage_map_one_extent at ffffffff8121b1fa
       #28 mpage_map_and_submit_extent at ffffffff8121f07b
       #29 ext4_writepages at ffffffff8121f6d5
       #30 do_writepages at ffffffff8112c490
       #31 __filemap_fdatawrite_range at ffffffff81120199
       #32 filemap_flush at ffffffff8112041c
       #33 ext4_alloc_da_blocks at ffffffff81219da1
       #34 ext4_rename at ffffffff81229b91
       #35 ext4_rename2 at ffffffff81229e32
       #36 vfs_rename at ffffffff811a08a5
       #37 SYSC_renameat2 at ffffffff811a3ffc
       #38 sys_renameat2 at ffffffff811a408e
       #39 sys_rename at ffffffff8119e51e
       #40 system_call_fastpath at ffffffff815afa89
      
      Dave Chinner has properly pointed out that this is a deadlock in the
      reclaim code because ext4 doesn't submit pages which are marked by
      PG_writeback right away.
      
      The heuristic was introduced by commit e62e384e ("memcg: prevent OOM
      with too many dirty pages") and it was applied only when may_enter_fs
      was specified.  The code has been changed by c3b94f44 ("memcg:
      further prevent OOM with too many dirty pages") which has removed the
      __GFP_FS restriction with a reasoning that we do not get into the fs
      code.  But this is not sufficient apparently because the fs doesn't
      necessarily submit pages marked PG_writeback for IO right away.
      
      ext4_bio_write_page calls io_submit_add_bh but that doesn't necessarily
      submit the bio.  Instead it tries to map more pages into the bio and
      mpage_map_one_extent might trigger memcg charge which might end up
      waiting on a page which is marked PG_writeback but hasn't been submitted
      yet so we would end up waiting for something that never finishes.
      
      Fix this issue by replacing __GFP_IO by may_enter_fs check (for case 2)
      before we go to wait on the writeback.  The page fault path, which is
      the only path that triggers memcg oom killer since 3.12, shouldn't
      require GFP_NOFS and so we shouldn't reintroduce the premature OOM
      killer issue which was originally addressed by the heuristic.
      
      As per David Chinner the xfs is doing similar thing since 2.6.15 already
      so ext4 is not the only affected filesystem.  Moreover he notes:
      
      : For example: IO completion might require unwritten extent conversion
      : which executes filesystem transactions and GFP_NOFS allocations. The
      : writeback flag on the pages can not be cleared until unwritten
      : extent conversion completes. Hence memory reclaim cannot wait on
      : page writeback to complete in GFP_NOFS context because it is not
      : safe to do so, memcg reclaim or otherwise.
      
      Cc: stable@vger.kernel.org # 3.9+
      [tytso@mit.edu: corrected the control flow]
      Fixes: c3b94f44 ("memcg: further prevent OOM with too many dirty pages")
      Reported-by: default avatarNikolay Borisov <kernel@kyup.com>
      Signed-off-by: default avatarMichal Hocko <mhocko@suse.cz>
      Signed-off-by: default avatarHugh Dickins <hughd@google.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      ecf5fc6e
  3. 04 Aug, 2015 9 commits
  4. 03 Aug, 2015 11 commits
  5. 02 Aug, 2015 1 commit
    • Linus Torvalds's avatar
      i915: temporary fix for DP MST docking station NULL pointer dereference · 27667f47
      Linus Torvalds authored
      Ted Ts'o reports that his Lenovo T540p ThinkPad crashes at boot if
      attached to the docking station.  This is a regression that he was able
      to bisect to commit 8c7b5ccb: "drm/i915: Use atomic helpers for
      computing changed flags:"
      
      The reason seems to be the new call to drm_atomic_helper_check_modeset()
      added to intel_modeset_compute_config(), which in turn calls
      update_connector_routing(), and somehow ends up picking a NULL crtc for
      the connector state, causing the subsequent drm_crtc_index() to OOPS.
      
      Daniel Vetter says that the fundamental issue seems to be confusion in
      the encoder selection, and this isn't the right fix, but while he chases
      down the proper fix, this at least avoids the NULL pointer dereference
      and makes Ted's docking station work again.
      Reported-bisected-and-tested-by: default avatarTheodore Ts'o <tytso@mit.edu>
      Cc: Daniel Vetter <daniel.vetter@intel.com>
      Cc: Mani Nikula <jani.nikula@linux.intel.com>
      Cc: Dave Airlie <airlied@gmail.com>
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      27667f47