Commit Graph

1136948 Commits

Author SHA1 Message Date
Peter Zijlstra 024d232ae4 mm: Fix pmd_read_atomic()
AFAICT there's no reason to do anything different than what we do for
PTEs. Make it so (also affects SH).

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221022114424.711181252%40infradead.org
2022-12-15 10:37:27 -08:00
Peter Zijlstra 0862ff059c sh/mm: Make pmd_t similar to pte_t
Just like 64bit pte_t, have a low/high split in pmd_t.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221022114424.645657294%40infradead.org
2022-12-15 10:37:27 -08:00
Peter Zijlstra fbfdec9989 x86/mm/pae: Make pmd_t similar to pte_t
Instead of mucking about with at least 2 different ways of fudging
it, do the same thing we do for pte_t.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221022114424.580310787%40infradead.org
2022-12-15 10:37:27 -08:00
Peter Zijlstra 93b3037a14 mm: Update ptep_get_lockless()'s comment
Improve the comment.

Suggested-by: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221022114424.515572025%40infradead.org
2022-12-15 10:37:27 -08:00
Peter Zijlstra 60463628c9 x86/mm: Implement native set_memory_rox()
Provide a native implementation of set_memory_rox(), avoiding the
double set_memory_ro();set_memory_x(); calls.

Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
2022-12-15 10:37:27 -08:00
Peter Zijlstra d48567c9a0 mm: Introduce set_memory_rox()
Because endlessly repeating:

	set_memory_ro()
	set_memory_x()

is getting tedious.

Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/Y1jek64pXOsougmz@hirez.programming.kicks-ass.net
2022-12-15 10:37:26 -08:00
Peter Zijlstra 414ebf148c x86/mm: Do verify W^X at boot up
Straight up revert of commit:

  a970174d7a ("x86/mm: Do not verify W^X at boot up")

now that the root cause has been fixed.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221025201058.011279208@infradead.org
2022-12-15 10:37:26 -08:00
Peter Zijlstra eb7d389d5b x86/ftrace: Remove SYSTEM_BOOTING exceptions
Now that text_poke is available before ftrace, remove the
SYSTEM_BOOTING exceptions.

Specifically, this cures a W+X case during boot.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221025201057.945960823@infradead.org
2022-12-15 10:37:26 -08:00
Peter Zijlstra 5b93a83649 x86/mm: Initialize text poking earlier
Move poking_init() up a bunch; specifically move it right after
mm_init() which is right before ftrace_init().

This will allow simplifying ftrace text poking which currently has
a bunch of exceptions for early boot.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221025201057.881703081@infradead.org
2022-12-15 10:37:26 -08:00
Peter Zijlstra 3f4c8211d9 x86/mm: Use mm_alloc() in poking_init()
Instead of duplicating init_mm, allocate a fresh mm. The advantage is
that mm_alloc() has much simpler dependencies. Additionally it makes
more conceptual sense, init_mm has no (and must not have) user state
to duplicate.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221025201057.816175235@infradead.org
2022-12-15 10:37:26 -08:00
Peter Zijlstra af80602799 mm: Move mm_cachep initialization to mm_init()
In order to allow using mm_alloc() much earlier, move initializing
mm_cachep into mm_init().

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20221025201057.751153381@infradead.org
2022-12-15 10:37:26 -08:00
Peter Zijlstra 97e3d26b5e x86/mm: Randomize per-cpu entry area
Seth found that the CPU-entry-area; the piece of per-cpu data that is
mapped into the userspace page-tables for kPTI is not subject to any
randomization -- irrespective of kASLR settings.

On x86_64 a whole P4D (512 GB) of virtual address space is reserved for
this structure, which is plenty large enough to randomize things a
little.

As such, use a straight forward randomization scheme that avoids
duplicates to spread the existing CPUs over the available space.

  [ bp: Fix le build. ]

Reported-by: Seth Jenkins <sethjenkins@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
2022-12-15 10:37:26 -08:00
Andrey Ryabinin 3f148f3318 x86/kasan: Map shadow for percpu pages on demand
KASAN maps shadow for the entire CPU-entry-area:
  [CPU_ENTRY_AREA_BASE, CPU_ENTRY_AREA_BASE + CPU_ENTRY_AREA_MAP_SIZE]

This will explode once the per-cpu entry areas are randomized since it
will increase CPU_ENTRY_AREA_MAP_SIZE to 512 GB and KASAN fails to
allocate shadow for such big area.

Fix this by allocating KASAN shadow only for really used cpu entry area
addresses mapped by cea_map_percpu_pages()

Thanks to the 0day folks for finding and reporting this to be an issue.

[ dhansen: tweak changelog since this will get committed before peterz's
	   actual cpu-entry-area randomization ]

Signed-off-by: Andrey Ryabinin <ryabinin.a.a@gmail.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Tested-by: Yujie Liu <yujie.liu@intel.com>
Cc: kernel test robot <yujie.liu@intel.com>
Link: https://lore.kernel.org/r/202210241508.2e203c3d-yujie.liu@intel.com
2022-12-15 10:37:26 -08:00
Linus Torvalds 30a0b95b13 Linux 6.1-rc3 2022-10-30 15:19:28 -07:00
Linus Torvalds b72018ab82 fbdev fixes for kernel 6.1-rc3:
A use-after-free bugfix in the smscufx driver and various minor
 error path fixes, smaller build fixes, sysfs fixes and
 typos in comments in the stifb, sisfb, da8xxfb, xilinxfb, sm501fb,
 gbefb and cyber2000fb drivers.
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQS86RI+GtKfB8BJu973ErUQojoPXwUCY16ulQAKCRD3ErUQojoP
 XyvDAP9ZhF0SjbnRBwHAU9ZYC7XpCwcoqBRWFCCU7mmmbkXrJAD9F1LcEwZPGyn/
 5/hiTwzM8ioJz6HB3r04M88bl4b1cwI=
 =SnCh
 -----END PGP SIGNATURE-----

Merge tag 'fbdev-for-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev

Pull fbdev fixes from Helge Deller:
 "A use-after-free bugfix in the smscufx driver and various minor error
  path fixes, smaller build fixes, sysfs fixes and typos in comments in
  the stifb, sisfb, da8xxfb, xilinxfb, sm501fb, gbefb and cyber2000fb
  drivers"

* tag 'fbdev-for-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev:
  fbdev: cyber2000fb: fix missing pci_disable_device()
  fbdev: sisfb: use explicitly signed char
  fbdev: smscufx: Fix several use-after-free bugs
  fbdev: xilinxfb: Make xilinxfb_release() return void
  fbdev: sisfb: fix repeated word in comment
  fbdev: gbefb: Convert sysfs snprintf to sysfs_emit
  fbdev: sm501fb: Convert sysfs snprintf to sysfs_emit
  fbdev: stifb: Fall back to cfb_fillrect() on 32-bit HCRX cards
  fbdev: da8xx-fb: Fix error handling in .remove()
  fbdev: MIPS supports iomem addresses
2022-10-30 11:31:14 -07:00
Linus Torvalds 9f127546bb Char/Misc fixes for 6.1-rc3
Here are some small driver fixes for 6.1-rc3.  They include:
 	- iio driver bugfixes
 	- counter driver bugfixes
 	- coresight bugfixes, including a revert and then a second
 	  fix to get it right.
 
 All of these have been in linux-next with no reported problems.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY16EAA8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+yloyQCdFV2qLAb6IK+fx9rS8ThuxT13O5AAn1ec8Fd6
 BSWYN1TIO6r83khtJ8y4
 =34Sj
 -----END PGP SIGNATURE-----

Merge tag 'char-misc-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc

Pull char/misc fixes from Greg KH:
 "Some small driver fixes for 6.1-rc3.  They include:

   - iio driver bugfixes

   - counter driver bugfixes

   - coresight bugfixes, including a revert and then a second fix to get
     it right.

  All of these have been in linux-next with no reported problems"

* tag 'char-misc-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (21 commits)
  misc: sgi-gru: use explicitly signed char
  coresight: cti: Fix hang in cti_disable_hw()
  Revert "coresight: cti: Fix hang in cti_disable_hw()"
  counter: 104-quad-8: Fix race getting function mode and direction
  counter: microchip-tcb-capture: Handle Signal1 read and Synapse
  coresight: cti: Fix hang in cti_disable_hw()
  coresight: Fix possible deadlock with lock dependency
  counter: ti-ecap-capture: fix IS_ERR() vs NULL check
  counter: Reduce DEFINE_COUNTER_ARRAY_POLARITY() to defining counter_array
  iio: bmc150-accel-core: Fix unsafe buffer attributes
  iio: adxl367: Fix unsafe buffer attributes
  iio: adxl372: Fix unsafe buffer attributes
  iio: at91-sama5d2_adc: Fix unsafe buffer attributes
  iio: temperature: ltc2983: allocate iio channels once
  tools: iio: iio_utils: fix digit calculation
  iio: adc: stm32-adc: fix channel sampling time init
  iio: adc: mcp3911: mask out device ID in debug prints
  iio: adc: mcp3911: use correct id bits
  iio: adc: mcp3911: return proper error code on failure to allocate trigger
  iio: adc: mcp3911: fix sizeof() vs ARRAY_SIZE() bug
  ...
2022-10-30 11:22:33 -07:00
Linus Torvalds c4d25ce6e9 USB fixes for 6.1-rc3
Here are a few small USB fixes for 6.1-rc3.  Include in here are:
 	- MAINTAINERS update, including a big one for the USB gadget
 	  subsystem.  Many thanks to Felipe for all of the years of hard
 	  work he has done on this codebase, it was greatly appreciated.
 	- dwc3 driver fixes for reported problems.
 	- xhci driver fixes for reported problems.
 	- typec driver fixes for minor issues
 	- uvc gadget driver change, and then revert as it wasn't
 	  relevant for 6.1-final, as it is a new feature and people are
 	  still reviewing and modifying it.
 
 All of these have been in the linux-next tree with no reported issues.
 
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 -----BEGIN PGP SIGNATURE-----
 
 iG0EABECAC0WIQT0tgzFv3jCIUoxPcsxR9QN2y37KQUCY16Evg8cZ3JlZ0Brcm9h
 aC5jb20ACgkQMUfUDdst+ylP7ACbBFKioz4LgbVYYY5f12qJ3MfbfBYAn1EKSYUr
 jgJxsPv1LeTTicOqGIy9
 =Jks2
 -----END PGP SIGNATURE-----

Merge tag 'usb-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb

Pull USB fixes from Greg KH:
 "A few small USB fixes for 6.1-rc3. Include in here are:

   - MAINTAINERS update, including a big one for the USB gadget
     subsystem. Many thanks to Felipe for all of the years of hard work
     he has done on this codebase, it was greatly appreciated.

   - dwc3 driver fixes for reported problems.

   - xhci driver fixes for reported problems.

   - typec driver fixes for minor issues

   - uvc gadget driver change, and then revert as it wasn't relevant for
     6.1-final, as it is a new feature and people are still reviewing
     and modifying it.

  All of these have been in the linux-next tree with no reported issues"

* tag 'usb-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
  usb: dwc3: gadget: Don't set IMI for no_interrupt
  usb: dwc3: gadget: Stop processing more requests on IMI
  Revert "usb: gadget: uvc: limit isoc_sg to super speed gadgets"
  xhci: Remove device endpoints from bandwidth list when freeing the device
  xhci-pci: Set runtime PM as default policy on all xHC 1.2 or later devices
  xhci: Add quirk to reset host back to default state at shutdown
  usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller
  usb: dwc3: st: Rely on child's compatible instead of name
  usb: gadget: uvc: limit isoc_sg to super speed gadgets
  usb: bdc: change state when port disconnected
  usb: typec: ucsi: acpi: Implement resume callback
  usb: typec: ucsi: Check the connection on resume
  usb: gadget: aspeed: Fix probe regression
  usb: gadget: uvc: fix sg handling during video encode
  usb: gadget: uvc: fix sg handling in error case
  usb: gadget: uvc: fix dropped frame after missed isoc
  usb: dwc3: gadget: Don't delay End Transfer on delayed_status
  usb: dwc3: Don't switch OTG -> peripheral if extcon is present
  MAINTAINERS: Update maintainers for broadcom USB
  MAINTAINERS: move USB gadget and phy entries under the main USB entry
2022-10-30 10:35:07 -07:00
Linus Torvalds ef3c0949b9 gpio: fixes for v6.1-rc3
- convert gpio-tegra to using an immutable irqchip
 - MAINTAINERS update
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEFp3rbAvDxGAT0sefEacuoBRx13IFAmNeL54ACgkQEacuoBRx
 13KvKRAAnYAMomR2J8Nx1KVNV28pLtACrLOULja3Kma+kSdruYNcT3+ZUzcFFgGu
 iqCVHPR+cKQ3VowqhSp2Ts6YIHMqJlh//Bq/1s7xXU+b5JkvHflWlTVLQXUpZK8I
 1JXawwlOZV0a4ByVmTcvvBzxmohReabQodLdsaPtYbRyaQq9Stv66dVLT4j0l3mX
 J6J+VCFLYkysGIskpvnQjJyMKOrUjYteuoL0yTv74PFczp+PXu7XZw2+6DM4/knK
 bUGKhi3WNRuKLkiIiLVIkGDlhCdK0Fn91FkMKXBhB4nd0+PRCite4Ai5Z2pkuzkc
 Laljm5mUFruNU014NqeB1fV2jBB/ZyIqDxNBrnqtUtvD7W/ff2p0xar0lw0BKdrK
 N/daqSXB00LNNctW8PmdL0JobTPZnV20WZ+bu46t0o3llhzLRdUC2jLrMITP1+6U
 1yn1Xff6Dr/8pCKR9hvMY1yVVRRv/tPHRZ5sozWnX0sfVmB2M8lTD9bFeLPAROXj
 aEpB0DrDtWjsiqJbWcOhjl/TEmexsDgD27Re7+qQKmMcMEvGUd3NU4FPK9eKBBbI
 tTImlFi8UcKbUsxvfZMF3YaZpafKRHlZYMD/cVKRKK4jzi80gljFYG5ayOVWyjlt
 Ex44ws2U8FVzFJjMPP1VMAfy3Lo+5EQs0kE4Z2DDV+5ua+J//hY=
 =IbVz
 -----END PGP SIGNATURE-----

Merge tag 'gpio-fixes-for-v6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux

Pull gpio fixes from Bartosz Golaszewski:

 - convert gpio-tegra to using an immutable irqchip

 - MAINTAINERS update

* tag 'gpio-fixes-for-v6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/brgl/linux:
  MAINTAINERS: Change myself to a maintainer
  gpio: tegra: Convert to immutable irq chip
2022-10-30 10:21:42 -07:00
Linus Torvalds 434766058e - Rename a perf memory level event define to denote it is of CXL type
- Add Alder and Raptor Lakes support to RAPL
 
 - Make sure raw sample data is output with tracepoints
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEzv7L6UO9uDPlPSfHEsHwGGHeVUoFAmNeRnEACgkQEsHwGGHe
 VUpmTRAAmLvQhTN15L4qr6BSIUhlOk1xmM4pKtUXfpzX9Nki+bhPvH8sczaUXg1N
 90u6pD8+uOIFsd2s+bUVyR/h3cWnjpy9Or1oSYlNTTPxwlqC1XsLqsWjy7/AA91d
 YAUZNfmIsBNTUDtjygslnZ2yZIIPWXGI5utvrkS3W2cbfZtQhuDVTo5KAnx3+0fC
 inKfiO+lAEouNu9l/+GdqPhgiDVB+oK12ROMosAr9++Ewuf61Jnk0nVEynNVoGT0
 OLxbNT6xU3TlOm/n2zwmWnM95ZJ9sM5SEJg+c55VZ9biTAgayd+7Hw8H3CAqIhdD
 utFoxkQpblp7Lq6IporcfjpGISA4WdbaiJaMN56azucGcZsk6VXUzNk6AimXvqjP
 d8z7nVYDGDxYoIWyoSfO7XuIhqek38KRTEbl3qvyRZoF/FRjaWCvZeir9W32mRbx
 bVKPTQ8FgSUtkBLhGZrldHP8PRsw1nf60wJb19p8s5aWNMzimgUN0As0kf78k6l+
 fapTvhuU84EDVjiUS7BTrMq1r3ieaZiN2Ofi4EAG8c4R3S4C3hHKFQH3suIOp3vf
 UpCyYi+29LfdTgiuNX+efklUSu5T2EccJXke07CJQM5BBppvuPqeG7YJET5/YDuz
 tSPIbTZ9lxomeNWJSu9cyuynqPIS0f/j6FtpodA7MY1f/AX7OHM=
 =zS3P
 -----END PGP SIGNATURE-----

Merge tag 'perf_urgent_for_v6.1_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull perf fixes from Borislav Petkov:

 - Rename a perf memory level event define to denote it is of CXL type

 - Add Alder and Raptor Lakes support to RAPL

 - Make sure raw sample data is output with tracepoints

* tag 'perf_urgent_for_v6.1_rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  perf/mem: Rename PERF_MEM_LVLNUM_EXTN_MEM to PERF_MEM_LVLNUM_CXL
  perf/x86/rapl: Add support for Intel Raptor Lake
  perf/x86/rapl: Add support for Intel AlderLake-N
  perf: Fix missing raw data on tracepoint events
2022-10-30 09:49:18 -07:00
Linus Torvalds c96bb958fb LoongArch fixes for v6.1-rc3
-----BEGIN PGP SIGNATURE-----
 
 iQJKBAABCAA0FiEEzOlt8mkP+tbeiYy5AoYrw/LiJnoFAmNc5bYWHGNoZW5odWFj
 YWlAa2VybmVsLm9yZwAKCRAChivD8uImeuU2D/4l4esQJ2DOti+nekmsK6MVlRdd
 ZAGFJo3Wz67qQKkhkqljoiO2h8lE/NNHyoDzsPcqoouT+F+sunRLKnDO4QMoqWA5
 yWK21rbioFVVjG+EaYqdj3XYziTAcd3Xx2D6iHSEIYV0WlqEcvjDgkpq/c2SOSZn
 AfbOe1i4wuzd91dlyg4WrH5xeeqqxt0KSK1F3Vtob7z/S9NxGTBce0WFnWHtaPe+
 WakBa2/sCYXRSMl7sZNdubbokWUq96F4WQAkT+QD6ytrvc4FzG1Jm4CwPaRcmQpk
 XOsxYmFXhbhVXhAqy3kD6DTBDFRSZ1mCEc4oafhrG7EnPfB/vKnGQA3jcBqb1qhm
 ljvPc5uJj8MnzulOg6/MjpKOs+ZIkvmdVVXQZyIL0mTNb5eOhIKhzb1YwiCJokci
 Q1bm14M/wJXb9W7MUqiltd1syVAfiEGY+QleNGDQdLxr6ftfl+bskGFkefJ+niq5
 mmEP6055kWMd7XiWxczsC9PiFqQ3sY/XNGfFpA/kSsTPYESLsSalTvr8hj2RKTsI
 p9LJUP72C00T29/r18teafqjtUERaw3NjvZKaJ12bAWRI8dTXEUudKwSsFOyOWMc
 2kiD1kyeO+yu5VTaeRwMUso1v4A85NJVd1Cp8uRElsvsncZGqZoGouqGkO/3i7tC
 v9JFbWSu9puJ2E4hrw==
 =Igr7
 -----END PGP SIGNATURE-----

Merge tag 'loongarch-fixes-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson

Pull LoongArch fixes from Huacai Chen:
 "Remove unused kernel stack padding, fix some build errors/warnings and
  two bugs in laptop platform driver"

* tag 'loongarch-fixes-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson:
  platform/loongarch: laptop: Fix possible UAF and simplify generic_acpi_laptop_init()
  platform/loongarch: laptop: Adjust resume order for loongson_hotkey_resume()
  LoongArch: BPF: Avoid declare variables in switch-case
  LoongArch: Use flexible-array member instead of zero-length array
  LoongArch: Remove unused kernel stack padding
2022-10-30 09:44:06 -07:00
Linus Torvalds 28b7bd4ad2 3 cifs/smb3 fixes (also for stable)
-----BEGIN PGP SIGNATURE-----
 
 iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmNd32gACgkQiiy9cAdy
 T1E/FQwAqaALaUBM+PHcqHnOKhflYf7+DjkClKcbKSuQ6kN9R5ajHk6pi7EEcexx
 eDNvNszxNm+eEGmSRMoH10cQ3U0C68Dtip1vEyBmywCRBk7QWKAvGDF2JzzS92Cv
 rz4IrZfBGDS5kxeKHAHMaGBy4xnU+4yeVFkcgESltv+g3+C2wLmwL72oeI/ttkIg
 +Tmr2EQLKG/FIxobLZePc90fWUg6vvUM3u0HwK0bzW2ZtkrxTa8/RU2ziNCbOOQN
 VVUEq9FlEVf+71TLa+N4fJStBWQWqldX197Fk15C4on7zcT05wVITXro2CYAPvhV
 ZwROwggSu0jCPiohVkrg4lQjVAFXejE/GNv8c1casliWbxaixpfLC2czONU0PItj
 lTpntaX+fxUIblhMgCsJNxpgYpgeyTS1XyC9kqmt2tsOAgkrgUx7wKtreI+M18yC
 GXPbXkczAEq73pkfkvBRd1UcWuoUPi2ex6UG6oQQO6DnFQwIBYNlMGGIHwEG3VoI
 kvdtwhi8
 =/RPn
 -----END PGP SIGNATURE-----

Merge tag '6.1-rc2-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6

Pull cifs fixes from Steve French:

 - use after free fix for reconnect race

 - two memory leak fixes

* tag '6.1-rc2-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6:
  cifs: fix use-after-free caused by invalid pointer `hostname`
  cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter()
  cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc()
2022-10-30 09:40:04 -07:00
Linus Torvalds 882ad2a2a8 Random number generator fixes for Linux 6.1-rc3.
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEq5lC5tSkz8NBJiCnSfxwEqXeA64FAmNdug8ACgkQSfxwEqXe
 A65ONg/9EuqnTTTqPvjSL5v8AhGl8QQRoEKmb00ylqGZ+iDa2buWZj0HGbJRIvux
 9ODxsfirLMtd/h36UZRTN3nWHLWk5m2hGcwG1iMO0QMrkXLztV+I8da8qsuYsLT6
 dGyYVLldOyGSPYw3OWQ43rAckFb0DJ2+USzJYPQlZPqxNHerN8eLjBxOl2wXUct3
 9zt1IKcBgjZNnURdMtJOAFEtOdmEWImsMM6KPgI83GGxvI9xzMM+/BHb/2E9akyk
 8vUNYcvThBR/GLEGRfoXKKkHDReY5tYrs71us7llLpELbvCpf8A0WPjuQmVy4yk3
 3IiFFFKRITmNNBkwpFIllUFpUQ+a5GyO/xjWWOfAVUkUZiVfLQ4j4sLjFnucwne7
 hDp0EEr7tduHcFzB4WpESvA0ZcowvjKaMg4pXg+ade0BOL84BWvX1BjjRbP77INC
 JFhBPe0SuQEgPuinT3lElm+gcySqXYq6nVoYLQkES0ZvlePpWMAmJBKIAWEmnJt5
 rFyTX6xFGTJ2sIjAJXkilMvQ8XOXnibHfLwaA+xCl4dhnJPh2z33l/5edxgh75gn
 SUcahIlldXSQg5188wE0iZkXVnde0pXvVtn1K39Y4tmVoOXagLuAN7cVGO/dvX7S
 pwcN27zXzttA/MvZ+6DqP798j2tPOe+ZmWhsHijhCxdOZdTUl5s=
 =dZjo
 -----END PGP SIGNATURE-----

Merge tag 'random-6.1-rc3-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random

Pull random number generator fix from Jason Donenfeld:
 "One fix from Jean-Philippe Brucker, addressing a regression in which
  early boot code on ARM64 would use the non-_early variant of the
  arch_get_random family of functions, resulting in the architectural
  random number generator appearing unavailable during that early phase
  of boot.

  The fix simply changes arch_get_random*() to arch_get_random*_early().

  This distinction between these two functions is a bit of an old wart
  I'm not a fan of, and for 6.2 I'll see if I can make obsolete the
  _early variant, so that one function does the right thing in all
  contexts without overhead"

* tag 'random-6.1-rc3-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random:
  random: use arch_get_random*_early() in random_init()
2022-10-29 18:33:03 -07:00
Linus Torvalds 83633ed70c SCSI fixes on 20221028
21 small  fixes, all  in drivers.   Some of  these arrived  during the
 merge window  and got  held over to  make sure of  testing on  the -rc
 tree.  The biggest  change is for Standards conformance  in the target
 driver, closely followed by a set of bug fixes in megaraid_sas.
 
 Signed-off-by: James E.J. Bottomley <jejb@linux.ibm.com>
 -----BEGIN PGP SIGNATURE-----
 
 iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCY1xAISYcamFtZXMuYm90
 dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishR8DAQCm8x/C
 f0h26w+Mv09spAyw6fqvuoC3+giLmiIuxZq1FgD+M7CZ6mcLhsxpE8GVNzKWnPvI
 jVYDsKdJ82B+tuIDDa0=
 =Z+/m
 -----END PGP SIGNATURE-----

Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi

Pull SCSI fixes from James Bottomley:
 "Varions small  fixes, all  in drivers.

  Some of these arrived during the merge window and got held over to
  make sure of testing on the -rc tree.

  The biggest change is for standards conformance in the target driver,
  closely followed by a set of bug fixes in megaraid_sas"

* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: (21 commits)
  scsi: ufs: core: Fix typo in comment
  scsi: mpi3mr: Select CONFIG_SCSI_SAS_ATTRS
  scsi: ufs: core: Fix typo for register name in comments
  scsi: pm80xx: Display proc_name in sysfs
  scsi: ufs: core: Fix the error log in ufshcd_query_flag_retry()
  scsi: ufs: core: Remove unneeded casts from void *
  scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited"
  scsi: qla2xxx: Use transport-defined speed mask for supported_speeds
  scsi: target: iblock: Fold iblock_emulate_read_cap_with_block_size() into iblock_get_blocks()
  scsi: qla2xxx: Fix serialization of DCBX TLV data request
  scsi: ufs: qcom: Remove redundant dev_err() call
  scsi: megaraid_sas: Move megasas_dbg_lvl init to megasas_init()
  scsi: megaraid_sas: Remove unnecessary memset()
  scsi: megaraid_sas: Simplify megasas_update_device_list
  scsi: megaraid_sas: Correct an error message
  scsi: megaraid_sas: Correct value passed to scsi_device_lookup()
  scsi: target: core: UA on all LUNs after reset
  scsi: target: core: New key must be used for moved PR
  scsi: target: core: Abort all preempted regs if requested
  scsi: target: core: Fix memory leak in preempt_and_abort
  ...
2022-10-29 18:12:45 -07:00
Linus Torvalds c6e0e874a8 block-6.1-2022-10-28
-----BEGIN PGP SIGNATURE-----
 
 iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmNcRTYQHGF4Ym9lQGtl
 cm5lbC5kawAKCRD301j7KXHgpkc2D/4yxjQ+lAmXLrqZOGAZc+r2GpiCFsgFcpKP
 i3ezeeo3zmdaoUH778DcbPo0oeWY/iIvV2RDo3/0PBHIlGL43W9e7zsnauRxUwtw
 /Aj140Tsm5/lKnBy8n0nT+DO4LE22JnBHi5XjlFELBwM+deBxS+izinFtcOQC8sj
 58XWSmKag/Lv5JLvcYMj+PprtGOKzfNAacXvTjouy0IlEyb9E/yPMELS8lWFv8i2
 QELtvuEDxODpQtA+Ph0O/o00A8Fg/lC4EH5uvExFMr8k74CGFm32Bar1UuaJ9QAs
 5b8wateTra51yOGW3NEl1ph+4qVe9e4mutrLOFrChYylk5LePOVAki3wYb3lREiU
 rTOEKzUj3P/LHLpl4els0yIQ0gHXs60/M/Vn3TC50+2DnV00qEfvaocZ8vtXOux4
 YR+2cKUxk2CRNyj2BB3WRlrIkCIVk+ehl17E2cdrg0m8SMqk0GAYbpXD753L9uiy
 I7IQEqYB+op501pmTcVskFUfW9ozT96YD53fwSOTR/pEK+esHN0GfqxI6lcA6Q0O
 M2AWEiu8t1PbSONVH/p895gfgGHdRHl6zgvR+ADJMDEmc7dpEoAxsoTj4HIirXbe
 sGHi7ycrQR6aLdHahjCukjUVkZkuhXJkAQmq2XURJgmEcz7iJme23WqtWWUUoQvi
 pk6e1RSqSA==
 =Zfnu
 -----END PGP SIGNATURE-----

Merge tag 'block-6.1-2022-10-28' of git://git.kernel.dk/linux

Pull block fixes from Jens Axboe:

 - NVMe pull request via Christoph:
      - make the multipath dma alignment match the non-multipath one
        (Keith Busch)
      - fix a bogus use of sg_init_marker() (Nam Cao)
      - fix circulr locking in nvme-tcp (Sagi Grimberg)

 - Initialization fix for requests allocated via the special hw queue
   allocator (John)

 - Fix for a regression added in this release with the batched
   completions of end_io backed requests (Ming)

 - Error handling leak fix for rbd (Yang)

 - Error handling leak fix for add_disk() failure (Yu)

* tag 'block-6.1-2022-10-28' of git://git.kernel.dk/linux:
  blk-mq: Properly init requests from blk_mq_alloc_request_hctx()
  blk-mq: don't add non-pt request with ->end_io to batch
  rbd: fix possible memory leak in rbd_sysfs_init()
  nvme-multipath: set queue dma alignment to 3
  nvme-tcp: fix possible circular locking when deleting a controller under memory pressure
  nvme-tcp: replace sg_init_marker() with sg_init_table()
  block: fix memory leak for elevator on add_disk failure
2022-10-29 18:06:52 -07:00
Linus Torvalds 4d244327dd io_uring-6.1-2022-10-28
-----BEGIN PGP SIGNATURE-----
 
 iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmNcRVMQHGF4Ym9lQGtl
 cm5lbC5kawAKCRD301j7KXHgpnDCD/9fWg+VmqJdeYR585zWu3mXbEFP2mnff2am
 AZwPUvfBxYEClmevtkN5gbc68UkT9Gg/VeHNhivxPK7+wq62/CjfkdBf8lP6Y2Kt
 QDj8ndpFavTs4satpZmd7ErMFCAZz+uGkWWw35P0WKJkn9Dn4IgT2r636SO3NZ9+
 r9sPL9lujMeo8RrmAhUyaUvjEeY4P8lF+EF3X+XEX0EBk5b6bkWBSLBcjRRUWdhm
 FTWyZdaE9eFNtKEluc6M4RhMakcRxV2CDgj3fmmnN8k8PKO1xuJZTHBFzIfukhCW
 oFbpaUgXY0+a4jLsevEF+oTO92mBka241m8T6l3usnnyxWwYpvsIBuVYloW1fYmM
 jBuvf3Bg/Os14uKXETBC4NbuA9mWuzH1bJopuP4WleUCuDSHKTszPkWIKjNXXH19
 vp2mlxD7Z0NfGmfePiedqmIlsCC11fEkzlz7btBGjzJNKhCufTG/O5NyLMNuDq8R
 EhPh7kLCko+pgEqlv9QGYjFop4+Jvs3T2Ahk1pMyqWrD2InccLvSmEvOv6sh0JUt
 AVS/leeIKN3bgfjeoxI0/wm0fIW2R1VWFU/F8i4JUwNup66ua7PIhQYhPor6OIbp
 qqt1+PVAAZ9/u3fd17F5oJUHZxXvBilc0jLBYSEXg2LDv0aib+aho0hn4z6DYL32
 LjAv1l/Csg==
 =DjrA
 -----END PGP SIGNATURE-----

Merge tag 'io_uring-6.1-2022-10-28' of git://git.kernel.dk/linux

Pull io_uring fix from Jens Axboe:
 "Just a fix for a locking regression introduced with the deferred
  task_work running from this merge window"

* tag 'io_uring-6.1-2022-10-28' of git://git.kernel.dk/linux:
  io_uring: unlock if __io_run_local_work locked inside
  io_uring: use io_run_local_work_locked helper
2022-10-29 18:01:16 -07:00
Linus Torvalds 3c339dbd13 23 hotfixes.
Eight fix pre-6.0 bugs and the remainder address issues which were
 introduced in the 6.1-rc merge cycle, or address issues which aren't
 considered sufficiently serious to warrant a -stable backport.
 -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQTTMBEPP41GrTpTJgfdBJ7gKXxAjgUCY1w/LAAKCRDdBJ7gKXxA
 jovHAQDqY3TGAVQsvCBKdUqkp5nakZ7o7kK+mUGvsZ8Cgp5fwQD/Upsu93RZsTgm
 oJfYW4W6eSVEKPu7oAY20xVwLvK6iQ0=
 =z0Fn
 -----END PGP SIGNATURE-----

Merge tag 'mm-hotfixes-stable-2022-10-28' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm

Pull misc hotfixes from Andrew Morton:
 "Eight fix pre-6.0 bugs and the remainder address issues which were
  introduced in the 6.1-rc merge cycle, or address issues which aren't
  considered sufficiently serious to warrant a -stable backport"

* tag 'mm-hotfixes-stable-2022-10-28' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (23 commits)
  mm: multi-gen LRU: move lru_gen_add_mm() out of IRQ-off region
  lib: maple_tree: remove unneeded initialization in mtree_range_walk()
  mmap: fix remap_file_pages() regression
  mm/shmem: ensure proper fallback if page faults
  mm/userfaultfd: replace kmap/kmap_atomic() with kmap_local_page()
  x86: fortify: kmsan: fix KMSAN fortify builds
  x86: asm: make sure __put_user_size() evaluates pointer once
  Kconfig.debug: disable CONFIG_FRAME_WARN for KMSAN by default
  x86/purgatory: disable KMSAN instrumentation
  mm: kmsan: export kmsan_copy_page_meta()
  mm: migrate: fix return value if all subpages of THPs are migrated successfully
  mm/uffd: fix vma check on userfault for wp
  mm: prep_compound_tail() clear page->private
  mm,madvise,hugetlb: fix unexpected data loss with MADV_DONTNEED on hugetlbfs
  mm/page_isolation: fix clang deadcode warning
  fs/ext4/super.c: remove unused `deprecated_msg'
  ipc/msg.c: fix percpu_counter use after free
  memory tier, sysfs: rename attribute "nodes" to "nodelist"
  MAINTAINERS: git://github.com -> https://github.com for nilfs2
  mm/kmemleak: prevent soft lockup in kmemleak_scan()'s object iteration loops
  ...
2022-10-29 17:49:33 -07:00
Linus Torvalds 91562cf993 powerpc fixes for 6.1 #3
- Fix a case of rescheduling with user access unlocked, when preempt is enabled.
 
  - A follow-up fix for a recent fix, which could lead to IRQ state assertions firing
    incorrectly.
 
  - Two fixes for lockdep warnings seen when using kfence with the Hash MMU.
 
  - Two fixes for preempt warnings seen when using the Hash MMU.
 
  - Two fixes for the VAS coprocessor mechanism used on pseries.
 
  - Prevent building some of our older KVM backends when CONTEXT_TRACKING_USER is enabled,
    as it's known to cause crashes.
 
  - A couple of fixes for issues seen with PMU NMIs.
 
 Thanks to: Nicholas Piggin, Guenter Roeck, Frederic Barrat Haren Myneni, Sachin Sant,
 Samuel Holland.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEJFGtCPCthwEv2Y/bUevqPMjhpYAFAmNdA5wTHG1wZUBlbGxl
 cm1hbi5pZC5hdQAKCRBR6+o8yOGlgDJ5D/9zjv91f/vuH+WoM/70xvw1V++Uqq1S
 AqxxGFhynNXEf4OwAjo4wq8zZi/PRCGDfjY1WI8ybgBjar0kV/Z2xJ+2RDVKGQLl
 +MPoSyPHbFJCIxXiWB8GoAZa+5gMYroCVzqwKrhP6622IqIuG9+KNe81OuO7KhBV
 B8WmvR72zoqJD2Ag1+g72nvXdc01BZsBAtgQRVIY/z+O7J7nDaNZLppG0Bjwilb3
 UijXUaR8sN8QHDcvxb6Y+favMZNX8gZwg6LeOmwH/AGOopm+aGAxf08dz+h08o8P
 ub+Px5YaYOI3wAndOJOnbO3LOldOcMiRhzIh9GmUJCzZl2yTCAmC4sVWFz3XPvIy
 LMMQmP7s7UmIbtQyjv7/87UEUoxquWfcHNAwTDKmE1LeFGuerog4mcnJc3mBdyA+
 d/hVl9+1TWbrrYE1J1tdXNJtz67CCz5sHx0OmRdLOvArgn3/chv0eA+jWYL71lUa
 LRaj6N0JgBWFqOPUSak/Jhml79GtAJS2UBmFcxCiH477Pee+jWD06IBqjeltngGQ
 I0pohkyO8XGpMKB/37/TicWlG9BxTWZnZybuni4V4oF0SPbUw4UcqiB4B+CTG1zZ
 Fc/X6PSVJJo6JKahwSlSicESDGA+6HRkkpcYQ6nAeCcLcMdhuVl+BEIl3kp1ebEe
 C0fXM3WT9sXZuA==
 =J1SJ
 -----END PGP SIGNATURE-----

Merge tag 'powerpc-6.1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

Pull powerpc fixes from Michael Ellerman:

 - Fix a case of rescheduling with user access unlocked, when preempt is
   enabled.

 - A follow-up fix for a recent fix, which could lead to IRQ state
   assertions firing incorrectly.

 - Two fixes for lockdep warnings seen when using kfence with the Hash
   MMU.

 - Two fixes for preempt warnings seen when using the Hash MMU.

 - Two fixes for the VAS coprocessor mechanism used on pseries.

 - Prevent building some of our older KVM backends when
   CONTEXT_TRACKING_USER is enabled, as it's known to cause crashes.

 - A couple of fixes for issues seen with PMU NMIs.

Thanks to Nicholas Piggin, Guenter Roeck, Frederic Barrat Haren Myneni,
Sachin Sant, and Samuel Holland.

* tag 'powerpc-6.1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux:
  powerpc/64s/interrupt: Fix clear of PACA_IRQS_HARD_DIS when returning to soft-masked context
  powerpc/64s/interrupt: Perf NMI should not take normal exit path
  powerpc/64/interrupt: Prevent NMI PMI causing a dangerous warning
  KVM: PPC: BookS PR-KVM and BookE do not support context tracking
  powerpc: Fix reschedule bug in KUAP-unlocked user copy
  powerpc/64s: Fix hash__change_memory_range preemption warning
  powerpc/64s: Disable preemption in hash lazy mmu mode
  powerpc/64s: make linear_map_hash_lock a raw spinlock
  powerpc/64s: make HPTE lock and native_tlbie_lock irq-safe
  powerpc/64s: Add lockdep for HPTE lock
  powerpc/pseries: Use lparcfg to reconfig VAS windows for DLPAR CPU
  powerpc/pseries/vas: Add VAS IRQ primary handler
2022-10-29 10:35:17 -07:00
Yang Yingliang d81916910f platform/loongarch: laptop: Fix possible UAF and simplify generic_acpi_laptop_init()
Currently the return value of 'sub_driver->init' is not checked. If
sparse_keymap_setup() called in the init function fails, 'generic_
inputdev' is freed, then it will lead a UAF when using it in generic_
acpi_laptop_init(). Fix it by checking the return value and setting
generic_inputdev to NULL after free, so as to avoid double free it.

The error code in generic_subdriver_init() is always negative, so the
return of generic_subdriver_init() can be simplified.

Fixes: 6246ed0911 ("LoongArch: Add ACPI-based generic laptop driver")
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
2022-10-29 16:29:31 +08:00
Huacai Chen fbe605ab15 platform/loongarch: laptop: Adjust resume order for loongson_hotkey_resume()
Some laptops don't support SW_LID, but still have backlight control,
move backlight resuming before SW_LID event handling so as to avoid
backlight mistake due to early return.

Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
2022-10-29 16:29:31 +08:00
Huacai Chen bbfddb904d LoongArch: BPF: Avoid declare variables in switch-case
Not all compilers support declare variables in switch-case, so move
declarations to the beginning of a function. Otherwise we may get such
build errors:

arch/loongarch/net/bpf_jit.c: In function ‘emit_atomic’:
arch/loongarch/net/bpf_jit.c:362:3: error: a label can only be part of a statement and a declaration is not a statement
   u8 r0 = regmap[BPF_REG_0];
   ^~
arch/loongarch/net/bpf_jit.c: In function ‘build_insn’:
arch/loongarch/net/bpf_jit.c:727:3: error: a label can only be part of a statement and a declaration is not a statement
   u8 t7 = -1;
   ^~
arch/loongarch/net/bpf_jit.c:778:3: error: a label can only be part of a statement and a declaration is not a statement
   int ret;
   ^~~
arch/loongarch/net/bpf_jit.c:779:3: error: expected expression before ‘u64’
   u64 func_addr;
   ^~~
arch/loongarch/net/bpf_jit.c:780:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
   bool func_addr_fixed;
   ^~~~
arch/loongarch/net/bpf_jit.c:784:11: error: ‘func_addr’ undeclared (first use in this function); did you mean ‘in_addr’?
          &func_addr, &func_addr_fixed);
           ^~~~~~~~~
           in_addr
arch/loongarch/net/bpf_jit.c:784:11: note: each undeclared identifier is reported only once for each function it appears in
arch/loongarch/net/bpf_jit.c:814:3: error: a label can only be part of a statement and a declaration is not a statement
   u64 imm64 = (u64)(insn + 1)->imm << 32 | (u32)insn->imm;
   ^~~

Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
2022-10-29 16:29:31 +08:00
Yushan Zhou 4805a13d54 LoongArch: Use flexible-array member instead of zero-length array
Eliminate the following coccicheck warning:
./arch/loongarch/include/asm/ptrace.h:32:15-21: WARNING use flexible-array member instead

Reviewed-by: WANG Xuerui <git@xen0n.name>
Signed-off-by: Yushan Zhou <katrinzhou@tencent.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
2022-10-29 16:29:31 +08:00
Jinyang He b40fa75e15 LoongArch: Remove unused kernel stack padding
The current LoongArch kernel stack is padded as if obeying the MIPS o32
calling convention (32 bytes), signifying the port's MIPS lineage but no
longer making sense. Remove the padding for clarity.

Reviewed-by: WANG Xuerui <git@xen0n.name>
Signed-off-by: Jinyang He <hejinyang@loongson.cn>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
2022-10-29 16:29:31 +08:00
Linus Torvalds 576e61cea1 s390 updates for 6.1-rc3
- Remove outdated linux390 link from MAINTAINERS.
 
 - Add few missing EX_TABLE entries to inline assemblies.
 
 - Fix raw data collection for pai_ext PMU.
 
 - Add kernel image secure boot trailer for future firmware versions.
 
 - Fix out-of-bounds access on cio_ignore free.
 
 - Fix memory allocation of mdev_types array in vfio-ap.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE3QHqV+H2a8xAv27vjYWKoQLXFBgFAmNcOhwACgkQjYWKoQLX
 FBgdXwgAjovmEDjZkA47z05Aiuc1yTxyHwJk85nb2j1jZ6mrKfuMawVmwGq8HtM9
 o8qnXZdG6xnLgy5OcP2QNGQIo9vY6o74s7ERALmYbVmOKEf1pxbWebaSQHuRK5Aj
 enGidXt9djwiHxscToVlT5y4XTAbn2nekseStREOhJ3aSLcsyUmUa7qF+UfyKrTy
 t7tnrOROXnS9GvvD7X89u6sWYl0nTIbV3QIcSpomCzY+3YQxkykvI55CnS53Lrn/
 bgOPo9OEsI/oojCdKTk0qRBYj+5CSpfXQeXpvp8CaqQshc+Yjzk1ND9YNTcaMg6P
 jO7Ny3tNzXk9ZPgG0qdEcr1W4vdn2w==
 =Mk7P
 -----END PGP SIGNATURE-----

Merge tag 's390-6.1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux

Pull s390 fixes from Vasily Gorbik:

 - Remove outdated linux390 link from MAINTAINERS

 - Add few missing EX_TABLE entries to inline assemblies

 - Fix raw data collection for pai_ext PMU

 - Add kernel image secure boot trailer for future firmware versions

 - Fix out-of-bounds access on cio_ignore free

 - Fix memory allocation of mdev_types array in vfio-ap

* tag 's390-6.1-3' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
  s390/vfio-ap: Fix memory allocation for mdev_types array
  s390/cio: fix out-of-bounds access on cio_ignore free
  s390/pai: fix raw data collection for PMU pai_ext
  s390/boot: add secure boot trailer
  s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser()
  s390/futex: add missing EX_TABLE entry to __futex_atomic_op()
  s390/uaccess: add missing EX_TABLE entries to __clear_user()
  MAINTAINERS: remove outdated linux390 link
2022-10-28 17:11:26 -07:00
Linus Torvalds 283f13d43b RISC-V Fixes for 6.1-rc3
* A fix for a build warning in the jump_label code.
 * One of the git://github -> https://github cleanups, for the SiFive
   drivers.
 * A fix for the kasan initialization code, this still likely warrants
   some cleanups but that's a bigger problem and at least this fixes the
   crashes in the short term.
 * A pair of fixes for extension support detection on mixed LLVM/GNU
   toolchains.
 * A fix for a runtime warning in the /proc/cpuinfo code.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEKzw3R0RoQ7JKlDp6LhMZ81+7GIkFAmNcIeETHHBhbG1lckBk
 YWJiZWx0LmNvbQAKCRAuExnzX7sYiQooEAC23Pgmdp5A74VgmCxt1pLPuLwapHL+
 piAvzBx96GMajdWhzfBxwR8PTAAdiffpyFD+mal9MmmDAy+fduYQD76ge28Kx33y
 yJIIya+9vSHcCkMUfj8Kag93qAsXTwJIvuyrHJ8JGdnxgs4jywKPge6S4GYOiFD2
 8UALXgr/4Xi1WJnHvGPElLbVUqAcha2F4Wbl8P0dEUnuCFbiHQfDqWAx7OgC9zrZ
 CJhM3vQNADXO+7Yj8MDyeRQW2JVeBi1xNJ00fGgArUNHQqRMnEgZ4Hbfymf6j+yq
 1RP6sCjha3qIGofqD7B0pfcgThjRi8kpHL+RjiFrb4UigfxErdZDhBsOxTVB5slG
 oe4V7mrm3gdHPgW3ZytjmkXhHNzRRFfmuUwfqR/h9iumkpnNntuphPQVCtCBKDNx
 dZ6JGdVw7ljgp51t66vvJLy3lpYYcnhh64sCFYdWSY1+n0sJB6QfwnDPp8AFznCn
 9PafHYzEOM/e5PBlRqoORuRfkRmk54pJu+uKHh/FtcG3Z7q6htyF8QHDMaYizPna
 MDqcCl1DdKBh24D0E2KRNzhNTGNSFNKcSnXB6dF9wH4jLlglyIaNe0vqmfFxVWkV
 ufMcfXjxgl5zHJUf0IBuw57pVZddriRhVU+2YECnMgquuC9drjHa1sG71oYm/loY
 9XYPR12ckU7lqg==
 =In1r
 -----END PGP SIGNATURE-----

Merge tag 'riscv-for-linus-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux

Pull RISC-V fixes from Palmer Dabbelt:

 - A fix for a build warning in the jump_label code

 - One of the git://github -> https://github cleanups, for the SiFive
   drivers

 - A fix for the kasan initialization code, this still likely warrants
   some cleanups but that's a bigger problem and at least this fixes the
   crashes in the short term

 - A pair of fixes for extension support detection on mixed LLVM/GNU
   toolchains

 - A fix for a runtime warning in the /proc/cpuinfo code

* tag 'riscv-for-linus-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:
  RISC-V: Fix /proc/cpuinfo cpumask warning
  riscv: fix detection of toolchain Zihintpause support
  riscv: fix detection of toolchain Zicbom support
  riscv: mm: add missing memcpy in kasan_init
  MAINTAINERS: git://github.com -> https://github.com for sifive
  riscv: jump_label: mark arguments as const to satisfy asm constraints
2022-10-28 17:03:00 -07:00
Linus Torvalds 13f05fb219 ACPI and device properties fixes for 6.1-rc3
- Fix the documentation of the *_match_string() family of functions to
    properly cover the return value (Andy Shevchenko).
 
  - Fix a possible integer overflow during multiplication in the ACPI
    PCC code (Manank Patel).
 
  - Make the ACPI device resources code skip IRQ override on Asus
    Vivobook S5602ZA (Tamim Khan).
 
  - Add LATT2021 to the list of device IDs that are ignored when
    returned by _DEP, because there are no drivers for them in the
    kernel and no plans to add such drivers (Hans de Goede).
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmNb7XoSHHJqd0Byand5
 c29ja2kubmV0AAoJEILEb/54YlRx4AgP/1Q78/7GisCGmymtggxYqYwo7Zr0F6GO
 yZ/OA4+TQOHeYLjjDH3njlmQnQLyLm8xEwPw+9ThK3p35eVMy01UoQdC5nf2mz9o
 mzvR2Vh/7Ed0W58DP4KEyo5IAKGBYWD3SGSoKY0H8v0VBcQt2QLO0LFeZjulTFnb
 TsIXTMG/e5ymwYN1tDil/Fiwpr2HUq1D+/jL7bxjw5Pb/IkYCuQXv/5DPyi3TH6e
 d8d0CRoc8HKBOjyvAhuQ6bfVotYE/qSOz3gpVXcBwQGiTkPW6Ytk65sfXLEMO0Bz
 LTKyQTkduJHPiEMNw32iAwTCrRIfsu5s+98Z/gYCHDY1oojQBMoFQhELzL2/HnLu
 1Ab0v9sm8M6yPqVMC2F+wTQLAjkP4LZuTGt/xBkZ4VYlJnpr03ChyBlwut1AjHAs
 Xsspal6FDupGI6VY935QBOMwVF75WEFAoR/CfKFIJhkEGxN7VrxlXlLo6ks+06Bi
 85dLk0CiTxBcm3bfRaCgLt5AsQYYaDhRxEB70Hs0R4n9gkCTmuiMyZ+hdJYw5SCc
 t0sPFF1Fd2pqaZtTMchV7nH9oaAeM/K+6TztXcR5b4iuhoTPEorVR+3mJwb80HRl
 Y+Fhl/T7Q2kS+W5LxINsjkKyHBxkEdd0JadEfRlAESOfpwkIZIac0SHVPfv/KGt4
 RrV/T6dbzkfi
 =OG6y
 -----END PGP SIGNATURE-----

Merge tag 'acpi-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull ACPI and device properties fixes from Rafael Wysocki:
 "These fix device properties documentation and the ACPI PCC code, add a
  new IRQ override quirk for resource handling and add one more item to
  the list of device IDs to be ignored when returned by _DEP.

  Specifics:

   - Fix the documentation of the *_match_string() family of functions
     to properly cover the return value (Andy Shevchenko)

   - Fix a possible integer overflow during multiplication in the ACPI
     PCC code (Manank Patel)

   - Make the ACPI device resources code skip IRQ override on Asus
     Vivobook S5602ZA (Tamim Khan)

   - Add LATT2021 to the list of device IDs that are ignored when
     returned by _DEP, because there are no drivers for them in the
     kernel and no plans to add such drivers (Hans de Goede)"

* tag 'acpi-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  ACPI: scan: Add LATT2021 to acpi_ignore_dep_ids[]
  ACPI: resource: Skip IRQ override on Asus Vivobook S5602ZA
  ACPI: PCC: Fix unintentional integer overflow
  device property: Fix documentation for *_match_string() APIs
2022-10-28 16:48:29 -07:00
Linus Torvalds 6b872a5ece Power management fixes for 6.1-rc3
- Make intel_pstate use what is known about the hardware instead of
    relying on information from the platform firmware (ACPI CPPC in
    particular) to establish the relationship between the HWP CPU
    performance levels and frequencies on all hybrid platforms
    available to date (Rafael Wysocki).
 
  - Allow hybrid sleep to use suspend-to-idle as a system suspend method
    if it is the current suspend method of choice (Mario Limonciello).
 
  - Fix handling of unavailable/disabled idle states in the generic
    power domains code (Sudeep Holla).
 
  - Update the pm-graph suite of utilities to version 5.10 which is
    fixes-mostly and does not add any new features (Todd Brandt).
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmNb7MoSHHJqd0Byand5
 c29ja2kubmV0AAoJEILEb/54YlRxfeMQAIHJ+nLjWGPfoW1WxVYuDECx121+zdXa
 zI0O2q6tREdT3YsvPjLG3UePXaTR5cI02JM+5CTgFylfHTRN3xe+L8LJwm2gDadd
 +0DC5Q+YLJFVzqo7jsgKPOb6KhjWI77qrFNhvQxac2N/xMEE5z2p7iosP3qewInd
 i43UzbfypGkIBin+HD5nM38lHuhp14geKEHocV6ftUzoPMcnuzQVkPIkbpfj7YOo
 XGsGz4Seei9raWgquBPUnaM/sOWEwSOb86HBsFTwdiepQJPsfmPO60yBbno7C5hX
 kx7b9vG+lh5rosTWructhkSPrLent0QiWd6J3B6glMt4rzlQf8h39hZrOgot7Ald
 txNjXhrBTa9tpJanB3lKelgQwj2+6mKhkcFo8uA44jlX0nhOaFTnNKDGj92si8xS
 Emj/M7jQozomE/4zXLpeb+Ovpk54svrCsKykE2aeo5sWsL7IZduzAk0ZvgItQ2a0
 oIuqxUbnx/JTYqpxzAyZAJtVDfcum12uXmXNk0IcXtI4ewW9mw3YRQpbB9uir5+y
 cMnyBgATt65f6I0tr+cJyQmiUxRRiAekZyeJtbF89iLM/nDeTCwI03LyNVAobw/R
 FF0ctXdIjZvnWUXyz68+J0a+kMeMwQeIw5TlE8kxfQfIiEubj2V9xIDOe3cn520R
 SzrO8xQXB/ay
 =1teO
 -----END PGP SIGNATURE-----

Merge tag 'pm-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm

Pull power management fixes from Rafael Wysocki:
 "These make the intel_pstate driver work as expected on all hybrid
  platforms to date (regardless of possible platform firmware issues),
  fix hybrid sleep on systems using suspend-to-idle by default, make the
  generic power domains code handle disabled idle states properly and
  update pm-graph.

  Specifics:

   - Make intel_pstate use what is known about the hardware instead of
     relying on information from the platform firmware (ACPI CPPC in
     particular) to establish the relationship between the HWP CPU
     performance levels and frequencies on all hybrid platforms
     available to date (Rafael Wysocki)

   - Allow hybrid sleep to use suspend-to-idle as a system suspend
     method if it is the current suspend method of choice (Mario
     Limonciello)

   - Fix handling of unavailable/disabled idle states in the generic
     power domains code (Sudeep Holla)

   - Update the pm-graph suite of utilities to version 5.10 which is
     fixes-mostly and does not add any new features (Todd Brandt)"

* tag 'pm-6.1-rc3' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
  PM: domains: Fix handling of unavailable/disabled idle states
  pm-graph v5.10
  cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores
  cpufreq: intel_pstate: Read all MSRs on the target CPU
  PM: hibernate: Allow hybrid sleep to work with s2idle
2022-10-28 16:44:12 -07:00
Jean-Philippe Brucker f5e4ec155d random: use arch_get_random*_early() in random_init()
While reworking the archrandom handling, commit d349ab99ee ("random:
handle archrandom with multiple longs") switched to the non-early
archrandom helpers in random_init(), which broke initialization of the
entropy pool from the arm64 random generator.

Indeed at that point the arm64 CPU features, which verify that all CPUs
have compatible capabilities, are not finalized so arch_get_random_seed_longs()
is unsuccessful. Instead random_init() should use the _early functions,
which check only the boot CPU on arm64. On other architectures the
_early functions directly call the normal ones.

Fixes: d349ab99ee ("random: handle archrandom with multiple longs")
Cc: stable@vger.kernel.org
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-10-29 00:24:03 +02:00
Sebastian Andrzej Siewior dda1c41a07 mm: multi-gen LRU: move lru_gen_add_mm() out of IRQ-off region
lru_gen_add_mm() has been added within an IRQ-off region in the commit
mentioned below.  The other invocations of lru_gen_add_mm() are not within
an IRQ-off region.

The invocation within IRQ-off region is problematic on PREEMPT_RT because
the function is using a spin_lock_t which must not be used within
IRQ-disabled regions.

The other invocations of lru_gen_add_mm() occur while
task_struct::alloc_lock is acquired.  Move lru_gen_add_mm() after
interrupts are enabled and before task_unlock().

Link: https://lkml.kernel.org/r/20221026134830.711887-1-bigeasy@linutronix.de
Fixes: bd74fdaea1 ("mm: multi-gen LRU: support page table walks")
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Acked-by: Yu Zhao <yuzhao@google.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "Eric W . Biederman" <ebiederm@xmission.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Lukas Bulwahn 1b9c918318 lib: maple_tree: remove unneeded initialization in mtree_range_walk()
Before the do-while loop in mtree_range_walk(), the variables next, min,
max need to be initialized.  The variables last, prev_min and prev_max are
set within the loop body before they are eventually used after exiting the
loop body.

As it is a do-while loop, the loop body is executed at least once, so the
variables last, prev_min and prev_max do not need to be initialized before
the loop body.

Remove unneeded initialization of last and prev_min.

The needless initialization was reported by clang-analyzer as Dead Stores.

As the compiler already identifies these assignments as unneeded, it
optimizes the assignments away.  Hence:

No functional change. No change in object code.

Link: https://lkml.kernel.org/r/20221026120029.12555-2-lukas.bulwahn@gmail.com
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@gmail.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Liam Howlett 1db43d3f37 mmap: fix remap_file_pages() regression
When using the VMA iterator, the final execution will set the variable
'next' to NULL which causes the function to fail out.  Restore the break
in the loop to exit the VMA iterator early without clearing NULL fixes the
issue.

Link: https://lore.kernel.org/lkml/29344.1666681759@jrobl/
Link: https://lkml.kernel.org/r/20221025161222.2634030-1-Liam.Howlett@oracle.com
Fixes: 763ecb0350 (mm: remove the vma linked list)
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Reported-by: "J. R. Okajima" <hooanon05g@gmail.com>
Tested-by: "J. R. Okajima" <hooanon05g@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Ira Weiny 5dc21f0c0b mm/shmem: ensure proper fallback if page faults
The kernel test robot flagged a recursive lock as a result of a conversion
from kmap_atomic() to kmap_local_folio()[Link]

The cause was due to the code depending on the kmap_atomic() side effect
of disabling page faults.  In that case the code expects the fault to fail
and take the fallback case.

git archaeology implied that the recursion may not be an actual bug.[1]
However, depending on the implementation of the mmap_lock and the
condition of the call there may still be a deadlock.[2] So this is not
purely a lockdep issue.  Considering a single threaded call stack there
are 3 options.

	1) Different mm's are in play (no issue)
	2) Readlock implementation is recursive and same mm is in play
	   (no issue)
	3) Readlock implementation is _not_ recursive (issue)

The mmap_lock is recursive so with a single thread there is no issue.

However, Matthew pointed out a deadlock scenario when you consider
additional process' and threads thusly.

"The readlock implementation is only recursive if nobody else has taken a
write lock.  If you have a multithreaded process, one of the other threads
can call mmap() and that will prevent recursion (due to fairness).  Even
if it's a different process that you're trying to acquire the mmap read
lock on, you can still get into a deadly embrace.  eg:

process A thread 1 takes read lock on own mmap_lock
process A thread 2 calls mmap, blocks taking write lock
process B thread 1 takes page fault, read lock on own mmap lock
process B thread 2 calls mmap, blocks taking write lock
process A thread 1 blocks taking read lock on process B
process B thread 1 blocks taking read lock on process A

Now all four threads are blocked waiting for each other."

Regardless using pagefault_disable() ensures that no matter what locking
implementation is used a deadlock will not occur.  Add an explicit
pagefault_disable() and a big comment to explain this for future souls
looking at this code.

[1] https://lore.kernel.org/all/Y1MymJ%2FINb45AdaY@iweiny-desk3/
[2] https://lore.kernel.org/lkml/Y1bXBtGTCym77%2FoD@casper.infradead.org/

Link: https://lkml.kernel.org/r/20221025220108.2366043-1-ira.weiny@intel.com
Link: https://lore.kernel.org/r/202210211215.9dc6efb5-yujie.liu@intel.com
Fixes: 7a7256d5f5 ("shmem: convert shmem_mfill_atomic_pte() to use a folio")
Signed-off-by: Ira Weiny <ira.weiny@intel.com>
Reported-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Reported-by: kernel test robot <yujie.liu@intel.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Peter Xu <peterx@redhat.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Ira Weiny 5521de7ddd mm/userfaultfd: replace kmap/kmap_atomic() with kmap_local_page()
kmap() and kmap_atomic() are being deprecated in favor of
kmap_local_page() which is appropriate for any thread local context.[1]

A recent locking bug report with userfaultfd showed that the conversion of
the kmap_atomic()'s in those code flows requires care with regard to the
prevention of deadlock.[2]

git archaeology implied that the recursion may not be an actual bug.[3]
However, depending on the implementation of the mmap_lock and the
condition of the call there may still be a deadlock.[4] So this is not
purely a lockdep issue.  Considering a single threaded call stack there
are 3 options.

	1) Different mm's are in play (no issue)
	2) Readlock implementation is recursive and same mm is in play
	   (no issue)
	3) Readlock implementation is _not_ recursive (issue)

The mmap_lock is recursive so with a single thread there is no issue.

However, Matthew pointed out a deadlock scenario when you consider
additional process' and threads thusly.

"The readlock implementation is only recursive if nobody else has taken a
write lock.  If you have a multithreaded process, one of the other threads
can call mmap() and that will prevent recursion (due to fairness).  Even
if it's a different process that you're trying to acquire the mmap read
lock on, you can still get into a deadly embrace.  eg:

process A thread 1 takes read lock on own mmap_lock
process A thread 2 calls mmap, blocks taking write lock
process B thread 1 takes page fault, read lock on own mmap lock
process B thread 2 calls mmap, blocks taking write lock
process A thread 1 blocks taking read lock on process B
process B thread 1 blocks taking read lock on process A

Now all four threads are blocked waiting for each other."

Regardless using pagefault_disable() ensures that no matter what locking
implementation is used a deadlock will not occur.

Complete kmap conversion in userfaultfd by replacing the kmap() and
kmap_atomic() calls with kmap_local_page().  When replacing the
kmap_atomic() call ensure page faults continue to be disabled to support
the correct fall back behavior and add a comment to inform future souls of
the requirement.

[1] https://lore.kernel.org/all/20220813220034.806698-1-ira.weiny@intel.com/
[2] https://lore.kernel.org/all/Y1Mh2S7fUGQ%2FiKFR@iweiny-desk3/
[3] https://lore.kernel.org/all/Y1MymJ%2FINb45AdaY@iweiny-desk3/
[4] https://lore.kernel.org/lkml/Y1bXBtGTCym77%2FoD@casper.infradead.org/

[ira.weiny@intel.com: v2]
  Link: https://lkml.kernel.org/r/20221025220136.2366143-1-ira.weiny@intel.com
Link: https://lkml.kernel.org/r/20221024043452.1491677-1-ira.weiny@intel.com
Signed-off-by: Ira Weiny <ira.weiny@intel.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Alexander Potapenko 78a498c3a2 x86: fortify: kmsan: fix KMSAN fortify builds
Ensure that KMSAN builds replace memset/memcpy/memmove calls with the
respective __msan_XXX functions, and that none of the macros are redefined
twice.  This should allow building kernel with both CONFIG_KMSAN and
CONFIG_FORTIFY_SOURCE.

Link: https://lkml.kernel.org/r/20221024212144.2852069-5-glider@google.com
Link: https://github.com/google/kmsan/issues/89
Signed-off-by: Alexander Potapenko <glider@google.com>
Reported-by: Tamas K Lengyel <tamas.lengyel@zentific.com>
Cc: Nathan Chancellor <nathan@kernel.org>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Alexander Potapenko 59c8a02e24 x86: asm: make sure __put_user_size() evaluates pointer once
User access macros must ensure their arguments are evaluated only once if
they are used more than once in the macro body.  Adding
instrument_put_user() to __put_user_size() resulted in double evaluation
of the `ptr` argument, which led to correctness issues when performing
e.g.  unsafe_put_user(..., p++, ...).

To fix those issues, evaluate the `ptr` argument of __put_user_size() at
the beginning of the macro.

Link: https://lkml.kernel.org/r/20221024212144.2852069-4-glider@google.com
Fixes: 888f84a6da ("x86: asm: instrument usercopy in get_user() and put_user()")
Signed-off-by: Alexander Potapenko <glider@google.com>
Reported-by: youling257 <youling257@gmail.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Alexander Potapenko 921757bc9b Kconfig.debug: disable CONFIG_FRAME_WARN for KMSAN by default
KMSAN adds a lot of instrumentation to the code, which results in
increased stack usage (up to 2048 bytes and more in some cases).  It's
hard to predict how big the stack frames can be, so we disable the
warnings for KMSAN instead.

Link: https://lkml.kernel.org/r/20221024212144.2852069-3-glider@google.com
Link: https://github.com/google/kmsan/issues/89
Signed-off-by: Alexander Potapenko <glider@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Alexander Potapenko 42855f588e x86/purgatory: disable KMSAN instrumentation
The stand-alone purgatory.ro does not contain the KMSAN runtime, therefore
it can't be built with KMSAN compiler instrumentation.

Link: https://lkml.kernel.org/r/20221024212144.2852069-2-glider@google.com
Link: https://github.com/google/kmsan/issues/89
Signed-off-by: Alexander Potapenko <glider@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:23 -07:00
Alexander Potapenko f59a3ee691 mm: kmsan: export kmsan_copy_page_meta()
Certain modules call copy_user_highpage(), which calls
kmsan_copy_page_meta() under KMSAN, so we need to export the latter.

Link: https://lkml.kernel.org/r/20221024212144.2852069-1-glider@google.com
Link: https://github.com/google/kmsan/issues/89
Fixes: b073d7f8ae ("mm: kmsan: maintain KMSAN metadata for page operations")
Signed-off-by: Alexander Potapenko <glider@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:22 -07:00
Baolin Wang 03e5f82ea6 mm: migrate: fix return value if all subpages of THPs are migrated successfully
During THP migration, if THPs are not migrated but they are split and all
subpages are migrated successfully, migrate_pages() will still return the
number of THP pages that were not migrated.  This will confuse the callers
of migrate_pages().  For example, the longterm pinning will failed though
all pages are migrated successfully.

Thus we should return 0 to indicate that all pages are migrated in this
case

Link: https://lkml.kernel.org/r/de386aa864be9158d2f3b344091419ea7c38b2f7.1666599848.git.baolin.wang@linux.alibaba.com
Fixes: b5bade978e ("mm: migrate: fix the return value of migrate_pages()")
Signed-off-by: Baolin Wang <baolin.wang@linux.alibaba.com>
Reviewed-by: Alistair Popple <apopple@nvidia.com>
Reviewed-by: Yang Shi <shy828301@gmail.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: "Huang, Ying" <ying.huang@intel.com>
Cc: Zi Yan <ziy@nvidia.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:22 -07:00
Peter Xu 67eae54bc2 mm/uffd: fix vma check on userfault for wp
We used to have a report that pte-marker code can be reached even when
uffd-wp is not compiled in for file memories, here:

https://lore.kernel.org/all/YzeR+R6b4bwBlBHh@x1n/T/#u

I just got time to revisit this and found that the root cause is we simply
messed up with the vma check, so that for !PTE_MARKER_UFFD_WP system, we
will allow UFFDIO_REGISTER of MINOR & WP upon shmem as the check was
wrong:

    if (vm_flags & VM_UFFD_MINOR)
        return is_vm_hugetlb_page(vma) || vma_is_shmem(vma);

Where we'll allow anything to pass on shmem as long as minor mode is
requested.

Axel did it right when introducing minor mode but I messed it up in
b1f9e87686 when moving code around.  Fix it.

Link: https://lkml.kernel.org/r/20221024193336.1233616-1-peterx@redhat.com
Link: https://lkml.kernel.org/r/20221024193336.1233616-2-peterx@redhat.com
Fixes: b1f9e87686 ("mm/uffd: enable write protection for shmem & hugetlbfs")
Signed-off-by: Peter Xu <peterx@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Nadav Amit <nadav.amit@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:22 -07:00
Hugh Dickins 5aae9265ee mm: prep_compound_tail() clear page->private
Although page allocation always clears page->private in the first page or
head page of an allocation, it has never made a point of clearing
page->private in the tails (though 0 is often what is already there).

But now commit 71e2d666ef ("mm/huge_memory: do not clobber swp_entry_t
during THP split") issues a warning when page_tail->private is found to be
non-0 (unless it's swapcache).

Change that warning to dump page_tail (which also dumps head), instead of
just the head: so far we have seen dead000000000122, dead000000000003,
dead000000000001 or 0000000000000002 in the raw output for tail private.

We could just delete the warning, but today's consensus appears to want
page->private to be 0, unless there's a good reason for it to be set: so
now clear it in prep_compound_tail() (more general than just for THP; but
not for high order allocation, which makes no pass down the tails).

Link: https://lkml.kernel.org/r/1c4233bb-4e4d-5969-fbd4-96604268a285@google.com
Fixes: 71e2d666ef ("mm/huge_memory: do not clobber swp_entry_t during THP split")
Signed-off-by: Hugh Dickins <hughd@google.com>
Acked-by: Mel Gorman <mgorman@techsingularity.net>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2022-10-28 13:37:22 -07:00