-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmNUFz4QHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgpqrSEAC+jhEaIB4srOr5DMta/CxBoKwiZIcMmsaK
pzRMFSTKWWtsx3COGjT0vwzm4VuZsZztE+A6buYs5riEDsI0l5TJiZ0fOqi9N0nB
orehq+7T2Cn5E848bMzLo7tSmlibAionrOQde5PbtmDcltuKddu9TiXNzD6XufLB
dLWbTRLdfxuFW0c8DYwng+KNBocXad64gu3ADuxKVGkWDs9tfOvaFWE/NgoXsEoq
a7uaBCF+DBWYhHWk0WPOA2+BLyNMN+g7owX1GWqW/Sr48CQDJSw5YnpKCi8+jZdb
uHreUIH96w/2A7CFfNCOfx5MhYCrX/j9ik6mDt2B8Gbh6vg3LlMADSo6xXSPag0r
7Lu7AVr7Sko6NKU2x/pCzv/U85TFuvuqSfH+YFK3rdEouZk26o5PfJEugAtD3gKv
smAk+ATmgx/iye5a2Uq7ClVVdOcdQULrC15/8XdcG7eI+l2q3AbgTa53PdBw3oF7
S+ANKMP5kPkPe1wDxFR0g3v7vsZmmfahRuss3xWC+PnHZPFZPQFRIohjWSsu1Exl
Ztri7Xy/ypC7bZ5F1pch1AjiLfLCGzpmKjT4QAy/mSFAJVboRDb0PTwN1w7uVCBQ
qK8TIw2iVKjEeIps/CedO+nQQrxhOKcizxLIPTyfaT6ZOJrbHalcQheEJqpWMnrF
w7dYkDnjYw==
=tTNe
-----END PGP SIGNATURE-----
Merge tag 'io_uring-6.1-2022-10-22' of git://git.kernel.dk/linux
Pull io_uring follow-up from Jens Axboe:
"Currently the zero-copy has automatic fallback to normal transmit, and
it was decided that it'd be cleaner to return an error instead if the
socket type doesn't support it.
Zero-copy does work with UDP and TCP, it's more of a future proofing
kind of thing (eg for samba)"
* tag 'io_uring-6.1-2022-10-22' of git://git.kernel.dk/linux:
io_uring/net: fail zc sendmsg when unsupported by socket
io_uring/net: fail zc send when unsupported by socket
net: flag sockets supporting msghdr originated zerocopy
- corsair-psu: Fix typo in USB id description, and add USB ID for new PSU
- pwm-fan: Fix fan power handling when disabling fan control
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEiHPvMQj9QTOCiqgVyx8mb86fmYEFAmNT97AACgkQyx8mb86f
mYEOxhAAlVhKbeTPvqefdXxuJSy5OKy7EeQktzRV0Mt4uWgOxZOW01IVXoTDHEiw
d8X8mW4HSa9/e/9uqMUtKLNRqkcZ0YEHkp06K/3FH1rwonpAlRt4fYw7UEujMVnR
PLgAAlkeROvYpNphW7YkUle0RDu41ugOuuM3DyjPSGE4CCdDQXMQBJSR2TBr5LZ7
Y84d/9vVPtEUZ957KlAxSVJ5RQHWomDDKwXocDG6sLLDCOdwsPNNuKj0aj7Z5Mmh
C3eh8zbLW1txOrKh/AiOioql4UcnV8RlWGNhDUYpF1VDkq3CFFdk3h1BX8eXcKag
sgeh6QkW5QGnmy99BxzPpGYIRu9zWM5Dq3LlJmvBX+zU+hv+Sb4IZFrfPUgQmDR0
acX66qfAvpxszST3XQKR4pVwqI6fVq5A7RSWdyrEtT6z1EwB2Ju5PYM5ncOQHrp/
+erMQwWXMRSGP7gGQNZHxZw7vckeYPZUsCRi2JCOoHxzmu6pcKkj0P+/VjyjMf8I
nqTbDhqOkBqxvJkNocKsvtapIqK4kpHHVL91VZqUJ4ePlpt8W7ax58oxIGJv/c+L
u2rdVyZpeg0x20a6VrmJc92y7QBlB904Fk+nPwdNh07ltSw2jmkgdXuwIAIIuRZu
I48c6PLGYOaBgSEpv8ew4cVOk2edBT45OKpA96OHHlIPK6um72g=
=ajp4
-----END PGP SIGNATURE-----
Merge tag 'hwmon-for-v6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging
Pull hwmon fixes from Guenter Roeck:
- corsair-psu: Fix typo in USB id description, and add USB ID for new
PSU
- pwm-fan: Fix fan power handling when disabling fan control
* tag 'hwmon-for-v6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/groeck/linux-staging:
hwmon: (corsair-psu) Add USB id of the new HX1500i psu
hwmon: (pwm-fan) Explicitly switch off fan power when setting pwm1_enable to 0
hwmon: (corsair-psu) fix typo in USB id description
-----BEGIN PGP SIGNATURE-----
iQJIBAABCgAyFiEEgMe7l+5h9hnxdsnuWYigwDrT+vwFAmNTCwIUHGJoZWxnYWFz
QGdvb2dsZS5jb20ACgkQWYigwDrT+vy0ABAAltWCeaI31solG+0Nng1vi8MpNG+G
wNd73u2J3rCUq6l+vyukAoHOV+gVIMpN18J+Qj/dqU7Uwaj4PSkXL0lXFPoQurIQ
n5f5Qi9viMPpQnIx1Alf7sKMxTmfGs2QfJ2i7owFg66C5OowZZZoNxO0OLx2IWP3
Cl9U5SDfVXT32eNdLe0kqNIw0UJT5C/WoHD3koFjp2Ic3ad/zQOYOSjXvTt5CRKq
2ae1EbZ9diPsiLxBDWaskYYVJvX9haAYVUdHAQ/aI3yyabiWUKsN1BCoVbAS/fBc
tV0hEYQYwNhMtpBOn2eJd06gPfiZ9eWeVYri1DOxC/qAK/iIqxPiX088/ms0R3qj
SM2ANn0XJRsEd4vW65JHxz4xtkBKnJ1mQUSqhp9OB9edquyWp6DDvCxWJ0Ee5ta2
Uoop4HnUbwiRLZRBMPNQ6unFQlcQ5H2eOUMiGjqPRCZTzkdzms++PLIk8Xy9U46i
RRaear6KjIfYK2CsW2HJGWHcM/rjVFjAuZd4e3PjR7xu/qagPqfKbKeVBdWRXvN9
C+kPL90Xw4YT97RcBL1beuZaoX6dBrez2OaS3emeIoJ1urHbXH7tMp1eHHBIzTBE
iJriaj/qUWdUcs9APBdMp9QXojgAeK8kQa+Qqu+1Xqdiczg9V3emFBmqDj0gpJ82
O9jyhr25FuiOnvs=
=osgb
-----END PGP SIGNATURE-----
Merge tag 'pci-v6.1-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
Pull pci fixes from Bjorn Helgaas:
- Revert a simplification that broke pci-tegra due to a masking error
- Update MAINTAINERS for Kishon's email address change and TI
DRA7XX/J721E maintainer change
* tag 'pci-v6.1-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
MAINTAINERS: Update Kishon's email address in PCI endpoint subsystem
MAINTAINERS: Add Vignesh Raghavendra as maintainer of TI DRA7XX/J721E PCI driver
Revert "PCI: tegra: Use PCI_CONF1_EXT_ADDRESS() macro"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE+QmuaPwR3wnBdVwACF8+vY7k4RUFAmNTCJ8ACgkQCF8+vY7k
4RV/Ag//Ws8bIdedAQsbakBOq9JPOMiqHZnBde5DWn3XqU8aAY9bby70Rf2OTbl7
8mpqzeJY6wFfvesGCJ8L2hprpVqNW1KCrNAxSyaq/8Wau1D77wyEofqPNarNJzqn
oKbH0JWd8hfStJpgmwyxUXjLanDXNx2s4lRm6R1WMWPH6dLeHydx4CtFMbmOn1L8
+jTtLK6631plWw/Kkp1A9z8N1D/9b4iMOgpoQZZLuzL1DouoYWlltz+Kw9HU7rsQ
1/wGmMwTwiV6Zt2UPwB4qudq3UpUMB3tm0KWprkmSx3Xv14Rr1o3zdwALTXib0Ez
wZuzWzWaf9Fjp7CHOfEpm4x3+kU9181iw4ACk34cq7SglMYCdQ2hiwW5b9hhTN2m
tYxv78fXJD2lHyxZQAHNN7XRmiWfMWMA0Z7GwCLVFXJ24Vjzv5AfuD3rJEE6Fv3X
UOjPTNdNt4tpxX8A2Yd7WlfIBBGm2h63MVIYh50R54JCdLLLB8vhtob7pP2Y94pg
FqXxfwc216cArKVsIjmUUkJs153IlQPYzBv9xXBBbD2DXhguWhLQnf9L/KdCnFkF
6NTULAHNezkss6dbLPIL08lCEIvTqeQabPBlCEtXNqqxBWfJwdwLbeS8mg2dTxao
wwR5D37JbNuDSj0/4N/DlvVJozcCLJ2ZZ9R3c2j8/4Z0HERIhqA=
=gJf4
-----END PGP SIGNATURE-----
Merge tag 'media/v6.1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media
Pull missed media updates from Mauro Carvalho Chehab:
"It seems I screwed-up my previous pull request: it ends up that only
half of the media patches that were in linux-next got merged in -rc1.
The script which creates the signed tags silently failed due to
5.19->6.0 so it ended generating a tag with incomplete stuff.
So here are the missing parts:
- a DVB core security fix
- lots of fixes and cleanups for atomisp staging driver
- old drivers that are VB1 are being moved to staging to be
deprecated
- several driver updates - mostly for embedded systems, but there are
also some things addressing issues with some PC webcams, in the UVC
video driver"
* tag 'media/v6.1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-media: (163 commits)
media: sun6i-csi: Move csi buffer definition to main header file
media: sun6i-csi: Introduce and use video helper functions
media: sun6i-csi: Add media ops with link notify callback
media: sun6i-csi: Remove controls handler from the driver
media: sun6i-csi: Register the media device after creation
media: sun6i-csi: Pass and store csi device directly in video code
media: sun6i-csi: Tidy up video code
media: sun6i-csi: Tidy up v4l2 code
media: sun6i-csi: Tidy up Kconfig
media: sun6i-csi: Use runtime pm for clocks and reset
media: sun6i-csi: Define and use variant to get module clock rate
media: sun6i-csi: Always set exclusive module clock rate
media: sun6i-csi: Tidy up platform code
media: sun6i-csi: Refactor main driver data structures
media: sun6i-csi: Define and use driver name and (reworked) description
media: cedrus: Add a Kconfig dependency on RESET_CONTROLLER
media: sun8i-rotate: Add a Kconfig dependency on RESET_CONTROLLER
media: sun8i-di: Add a Kconfig dependency on RESET_CONTROLLER
media: sun4i-csi: Add a Kconfig dependency on RESET_CONTROLLER
media: sun6i-csi: Add a Kconfig dependency on RESET_CONTROLLER
...
If a protocol doesn't support zerocopy it will silently fall back to
copying. This type of behaviour has always been a source of troubles
so it's better to fail such requests instead.
Cc: <stable@vger.kernel.org> # 6.0
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Link: https://lore.kernel.org/r/2db3c7f16bb6efab4b04569cd16e6242b40c5cb3.1666346426.git.asml.silence@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
We need an efficient way in io_uring to check whether a socket supports
zerocopy with msghdr provided ubuf_info. Add a new flag into the struct
socket flags fields.
Cc: <stable@vger.kernel.org> # 6.0
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Acked-by: Jakub Kicinski <kuba@kernel.org>
Link: https://lore.kernel.org/r/3dafafab822b1c66308bb58a0ac738b1e3f53f74.1666346426.git.asml.silence@gmail.com
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Provide a definition of KVM_CAP_DIRTY_LOG_RING_ACQ_REL.
Fixes: 17601bfed9 ("KVM: Add KVM_CAP_DIRTY_LOG_RING_ACQ_REL capability and config option")
Cc: Marc Zyngier <maz@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
The KVM_X86_SET_MSR_FILTER ioctls contains a pointer in the passed in
struct which means it has a different struct size depending on whether
it gets called from 32bit or 64bit code.
This patch introduces compat code that converts from the 32bit struct to
its 64bit counterpart which then gets used going forward internally.
With this applied, 32bit QEMU can successfully set MSR bitmaps when
running on 64bit kernels.
Reported-by: Andrew Randrianasulu <randrianasulu@gmail.com>
Fixes: 1a155254ff ("KVM: x86: Introduce MSR filtering")
Signed-off-by: Alexander Graf <graf@amazon.com>
Message-Id: <20221017184541.2658-4-graf@amazon.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In the next patch we want to introduce a second caller to
set_msr_filter() which constructs its own filter list on the stack.
Refactor the original function so it takes it as argument instead of
reading it through copy_from_user().
Signed-off-by: Alexander Graf <graf@amazon.com>
Message-Id: <20221017184541.2658-3-graf@amazon.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
We will introduce the first architecture specific compat vm ioctl in the
next patch. Add all necessary boilerplate to allow architectures to
override compat vm ioctls when necessary.
Signed-off-by: Alexander Graf <graf@amazon.com>
Message-Id: <20221017184541.2658-2-graf@amazon.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
- Fix a bug preventing restoring an ITS containing mappings
for very large and very sparse device topology
- Work around a relocation handling error when compiling
the nVHE object with profile optimisation
-----BEGIN PGP SIGNATURE-----
iQJDBAABCgAtFiEEn9UcU+C1Yxj9lZw9I9DQutE9ekMFAmNRGjoPHG1hekBrZXJu
ZWwub3JnAAoJECPQ0LrRPXpDVcEP/2zn+J/pAv1FoNKxSiSk/H2hx5PH685mqEwv
I7YPYPOuGJDv/uJFXzMMDpjjs8RHG9yWwPwtFZYGKqtmlkXgM3a0jk5jtsgfSVcp
vsvqgR0kL67x5D/Mc+I/bkVMNEecrucvkewf0Sp7W2gdXnC+rm1EFN5McK5U60tW
+s6fKVkIB0/fxNJCXPdETGiNpoYGEBeVVzoTrXGFm9QBcSDKvqdaPF8koZzOecpS
3UcVYKBaxNf1zowAseNYiS4kndwKuopaYsk4BY/KDgTbPyoFQBwMZYm6DAkb9ugW
sFK6g8FmOJJ5meLWIg4vTdruILL+YP6gbJ0HrzFoxJJEdd2iRzEUgQlBp7G+STSY
npXmeTJh5DJelm1Qd4OdiSBlqwYTIxKEyaV34/xeFh9P3w/LbN9uSiZAybbTw92h
sE1kQpT//s8lTXOnn23YHycZ1Dsy0JSExoJutCt6E5YnTb0wtPQ6ZLoWmyWMnTL/
6Gyj7LTy+trv4l0N2ND+LF7BfN6Cb4eSXMfLLhwo2qfQI2kD/gBrbrTYYdyiVvHD
YnZftvVViOcQVaocXP1SeQ5/yhdj6ASrCiFWie7nJW9Z3IJ9BJuXCxk3gSW5yCde
Rw37+FpVSciyhpEK9f4aVGfAGA8ifO1Gi5yp70ioF8Y3i1CvS238g0knx6v6p8Vm
dAi3i1ga
=C0jb
-----END PGP SIGNATURE-----
Merge tag 'kvmarm-fixes-6.1-2' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
KVM/arm64 fixes for 6.1, take #2
- Fix a bug preventing restoring an ITS containing mappings
for very large and very sparse device topology
- Work around a relocation handling error when compiling
the nVHE object with profile optimisation
- Fix for stage-2 invalidation holding the VM MMU lock
for too long by limiting the walk to the largest
block mapping size
- Enable stack protection and branch profiling for VHE
- Two selftest fixes
-----BEGIN PGP SIGNATURE-----
iQJDBAABCgAtFiEEn9UcU+C1Yxj9lZw9I9DQutE9ekMFAmNIEAUPHG1hekBrZXJu
ZWwub3JnAAoJECPQ0LrRPXpDIXcP/AyWlCEJlmc1Jcd9rlaW1Wenr82U+StLVeMy
qP5P02gMWdbGExWIWEi4zkt+pAm7K2WRgXid9z5Vjw7kZY/+WwswTzKHWcQhVuZv
cBHfeOqgtoHVGR8NcwX6xcp406y3WRqYIsyAmbc5qmo75L8Ew1o3m+3eDfFtAq7l
3XuTCv+lQGNSGMhXHN2SVewZ+pCAo3XJmuHfCBXTqRjwqH4Tzh+54IKzo+9mqBWW
7yeIm5qcbIKGuXLuLL7XCf99gWy/3kQ0xQ1yJeXLAyiHswHqEISZXGHnKeATvD+6
RdbmQ9oRmIYfZfoDKZRUJg8TyTvW1rIKokFbe0q2iyuDnI5D/fAJ48epZaLw+kEf
PUzdB3UgPk19SLwgZKQddqY4wOD420ZD5x1TUFUQuLL7sjVv1vUILDvuCLWpq7F7
GyfSB+LEMgexHGsZ1wjslN/ivTbG+dQgaSS9mlV8/WDOLPtD2uOf65vYR3P28hAX
zOHrwm3e2+UV83BsEFEY2FQiiIBD24JmSecMbmAIHY09MCSZ+vJ/WbF4J1PcPP8C
3vjueIYTcjhzLtQrfIkGZcS7+wC9ji/RRmpJjbg79EpwrjhEs9G8h1+HyL9+zBZ4
Xn6X+ZG/cv0/ZYdin0ZRzJMvM0RutbsR77blVCLY97PBuLtBlqJDcxr+lmmjyIZ2
Db8Qd6uW
=IOxM
-----END PGP SIGNATURE-----
Merge tag 'kvmarm-fixes-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD
KVM/arm64 fixes for 6.1, take #1
- Fix for stage-2 invalidation holding the VM MMU lock
for too long by limiting the walk to the largest
block mapping size
- Enable stack protection and branch profiling for VHE
- Two selftest fixes
Currently `sp_indiff` is cleaned when driver is removed. This will
cause problem in multi-PF/multi-host case, considering one PF is
removed while another is still in use.
Since `sp_indiff` is the application firmware property, it should
only be cleaned when the firmware is unloaded. Now let management
firmware to clean it when necessary, driver only set it.
Fixes: b1e4f11e42 ("nfp: refine the ABI of getting `sp_indiff` info")
Signed-off-by: Yinjun Zhang <yinjun.zhang@corigine.com>
Signed-off-by: Simon Horman <simon.horman@corigine.com>
Link: https://lore.kernel.org/r/20221020081411.80186-1-simon.horman@corigine.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Raju Rangoju says:
====================
amd-xgbe: Miscellaneous fixes
(1) Fix the rrc for Yellow carp devices. CDR workaround path
is disabled for YC devices, receiver reset cycle is not
needed in such cases.
(2) Add enumerations for mailbox command and sub-commands.
Instead of using hard-coded values, use enums.
(3) Enable PLL_CTL for fixed PHY modes only. Driver does not
implement SW RRCM for Autoneg Off configuration, hence PLL
is needed for fixed PHY modes only.
(4) Fix the SFP compliance codes check for DAC cables. Some of
the passive cables have non-zero data at offset 6 in
SFP EEPROM data. So, fix the sfp compliance codes check.
(5) Add a quirk for Molex passive cables to extend the rate
ceiling to 0x78.
====================
Link: https://lore.kernel.org/r/20221020064215.2341278-1-Raju.Rangoju@amd.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
The offset 12 (bit-rate) of EEPROM SFP DAC (passive) cables is expected
to be in the range 0x64 to 0x68. However, the 5 meter and 7 meter Molex
passive cables have the rate ceiling 0x78 at offset 12.
Add a quirk for Molex passive cables to extend the rate ceiling to 0x78.
Fixes: abf0a1c2b2 ("amd-xgbe: Add support for SFP+ modules")
Signed-off-by: Raju Rangoju <Raju.Rangoju@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
The current XGBE code assumes that offset 6 of EEPROM SFP DAC (passive)
cables is NULL. However, some cables (the 5 meter and 7 meter Molex
passive cables) have non-zero data at offset 6. Fix the logic by moving
the passive cable check above the active checks, so as not to be
improperly identified as an active cable. This will fix the issue for
any passive cable that advertises 1000Base-CX in offset 6.
Fixes: abf0a1c2b2 ("amd-xgbe: Add support for SFP+ modules")
Signed-off-by: Raju Rangoju <Raju.Rangoju@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
PLL control setting(RRC) is needed only in fixed PHY configuration to
fix the peer-peer issues. Without the PLL control setting, the link up
takes longer time in a fixed phy configuration.
Driver implements SW RRC for Autoneg On configuration, hence PLL control
setting (RRC) is not needed for AN On configuration, and can be skipped.
Also, PLL re-initialization is not needed for PHY Power Off and RRC
commands. Otherwise, they lead to mailbox errors. Added the changes
accordingly.
Fixes: daf182d360 ("net: amd-xgbe: Toggle PLL settings during rate change")
Signed-off-by: Raju Rangoju <Raju.Rangoju@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Instead of using hardcoded values, use enumerations for mailbox command
and sub commands.
Signed-off-by: Raju Rangoju <Raju.Rangoju@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Link stability issues are noticed on Yellow carp platforms when Receiver
Reset Cycle is issued. Since the CDR workaround is disabled on these
platforms, the Receiver Reset Cycle is not needed.
So, avoid issuing rrc on Yellow carp platforms.
Fixes: dbb6c58b5a ("net: amd-xgbe: Add Support for Yellow Carp Ethernet device")
Signed-off-by: Raju Rangoju <Raju.Rangoju@amd.com>
Acked-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Hou Tao says:
====================
From: Hou Tao <houtao1@huawei.com>
Hi,
The patchset aims to fix one problem of bpf memory allocator destruction
when there is PREEMPT_RT kernel or kernel with arch_irq_work_has_interrupt()
being false (e.g. 1-cpu arm32 host or mips). The root cause is that
there may be busy refill_work when the allocator is destroying and it
may incur oops or other problems as shown in patch #1. Patch #1 fixes
the problem by waiting for the completion of irq work during destroying
and patch #2 is just a clean-up patch based on patch #1. Please see
individual patches for more details.
Comments are always welcome.
Change Log:
v2:
* patch 1: fix typos and add notes about the overhead of irq_work_sync()
* patch 1 & 2: add Acked-by tags from sdf@google.com
v1: https://lore.kernel.org/bpf/20221019115539.983394-1-houtao@huaweicloud.com/T/#t
====================
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Except for waiting_for_gp list, there are no concurrent operations on
free_by_rcu, free_llist and free_llist_extra lists, so use
__llist_del_all() instead of llist_del_all(). waiting_for_gp list can be
deleted by RCU callback concurrently, so still use llist_del_all().
Acked-by: Stanislav Fomichev <sdf@google.com>
Signed-off-by: Hou Tao <houtao1@huawei.com>
Link: https://lore.kernel.org/r/20221021114913.60508-3-houtao@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
A busy irq work is an unfinished irq work and it can be either in the
pending state or in the running state. When destroying bpf memory
allocator, refill_work may be busy for PREEMPT_RT kernel in which irq
work is invoked in a per-CPU RT-kthread. It is also possible for kernel
with arch_irq_work_has_interrupt() being false (e.g. 1-cpu arm32 host or
mips) and irq work is inovked in timer interrupt.
The busy refill_work leads to various issues. The obvious one is that
there will be concurrent operations on free_by_rcu and free_list between
irq work and memory draining. Another one is call_rcu_in_progress will
not be reliable for the checking of pending RCU callback because
do_call_rcu() may have not been invoked by irq work yet. The other is
there will be use-after-free if irq work is freed before the callback
of irq work is invoked as shown below:
BUG: kernel NULL pointer dereference, address: 0000000000000000
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0010) - not-present page
PGD 12ab94067 P4D 12ab94067 PUD 1796b4067 PMD 0
Oops: 0010 [#1] PREEMPT_RT SMP
CPU: 5 PID: 64 Comm: irq_work/5 Not tainted 6.0.0-rt11+ #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)
RIP: 0010:0x0
Code: Unable to access opcode bytes at 0xffffffffffffffd6.
RSP: 0018:ffffadc080293e78 EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffffcdc07fb6a388 RCX: ffffa05000a2e000
RDX: ffffa05000a2e000 RSI: ffffffff96cc9827 RDI: ffffcdc07fb6a388
......
Call Trace:
<TASK>
irq_work_single+0x24/0x60
irq_work_run_list+0x24/0x30
run_irq_workd+0x23/0x30
smpboot_thread_fn+0x203/0x300
kthread+0x126/0x150
ret_from_fork+0x1f/0x30
</TASK>
Considering the ease of concurrency handling, no overhead for
irq_work_sync() under non-PREEMPT_RT kernel and has-irq-work-interrupt
kernel and the short wait time used for irq_work_sync() under PREEMPT_RT
(When running two test_maps on PREEMPT_RT kernel and 72-cpus host, the
max wait time is about 8ms and the 99th percentile is 10us), just using
irq_work_sync() to wait for busy refill_work to complete before memory
draining and memory freeing.
Fixes: 7c8199e24f ("bpf: Introduce any context BPF specific memory allocator.")
Acked-by: Stanislav Fomichev <sdf@google.com>
Signed-off-by: Hou Tao <houtao1@huawei.com>
Link: https://lore.kernel.org/r/20221021114913.60508-2-houtao@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Fix the control CPU selection in the intel_powerclamp thermal driver.
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmNS5ywSHHJqd0Byand5
c29ja2kubmV0AAoJEILEb/54YlRxv2cP/2jI9a3reYWtakPr8fNlDVDH92lFDork
tQbnlfLUn7iEtXtrbUQKClrZwWMOkC7LmqsOAjRwadDVj59o39iV0DTLCigsl0xa
Dh8I1FXSKG35IZk040tC+oUWxx1ZE8IV/gA9mKluqr2qsR1VxF8xnqPHKRrVVZlp
mzOu3aylUQKHAVzxA0LFX3QIeZYrOgTGnkED8h80lUFp7JZ3pOcOJet5zt93A3xi
Dd/KaDFV+XZewgf157avM09STYKvF4SCBIU3Ndg7dLmCuMYp7mHE5qLthpwyEfx6
SoXPONVqju8fa7eBZEjyXDrKcoF2tE0VENDOchzJJo0QrFPP+NViycOX7XSuEiBl
dZ+QXnOz1qNC6cyhNZCalohbx/Edk7vQ4Z+arXslR8q3EgO1dI6YcfPEDT8WaTqe
+JOgDiZv4LZ/GMzqmWJEmjnVMvx/pvmXHhvED8t7gZJSX/AwnTScc+NFJkiYGhP1
Ag866WSN4C2dOt2pC64LSeB3ifm75H/89FSR5NXYz8kOeIEMF0R6ZXsHg4aMwHfm
se9G3ZVU/i3cndizhiLyY9ebWceJ2ueyi75YVfJ6l2lzeIBW1JLX4j0QYSGe/Jhy
5kqjc2qDRZo2pWQkMiheeRhtyO/hQqqfwLB2jNX9Wbsc6Kho1f+wf8VIjplZzUp2
rSWf1ntFc0IV
=ErrR
-----END PGP SIGNATURE-----
Merge tag 'thermal-6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull thermal control fix from Rafael Wysocki:
"This fixes the control CPU selection in the intel_powerclamp thermal
driver"
* tag 'thermal-6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
thermal: intel_powerclamp: Use first online CPU as control_cpu
- Fix module loading in the Tegra124 cpufreq driver (Jon Hunter).
- Fix memory leak and update to read-only region in the qcom
cpufreq driver (Fabien Parent).
- Miscellaneous minor cleanups to cpufreq drivers (Fabien Parent,
Yang Yingliang).
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmNS5qcSHHJqd0Byand5
c29ja2kubmV0AAoJEILEb/54YlRxqwsP/10sQk6KwCgsCy5fdZNudwSLngchZQsO
abGbs17uqAEYust6EM1R+IosNBK7srtETZfqeoK+hWNv+z8XwFFBIAHbOXV9JqUf
Fx41ECm7GH34R7KZmGYDagZdHuHoJucyO0ukiXM8ViD0Jn9u7zJCLPhicqFcvBq5
p/deOsf6eIfdHXbFBELp5D03POOis7HFNOvzy+e4gYkGfeWjtU+/R0iZxzAp9JoA
sgICAVyhjmliNBtTq2kMfcKgNa4iTDuxsEaqG1sb1Zfe64miPVGHlsSmLLsZRyRY
jOHAt1nUUayFNOjRsX9SvjCPMTGHYvdbmPTm/CLutGbUuYqRbhrHVJ6oJgLfz2zS
IiL7hIbvFdi9wLgCt+KEQm+1awTFZxdtWDF5lIDUv0f4b3KeJpF7JxSPg7X0Nv6P
4nVpm7avo6ZEWVNSpVm3EW2duKIoJY+X5QoenO8ZQ9pPjceLAuAx5uVXXUkJw9y0
9s53LJdtysglGYU3GExRFgkYyEBB1USzrRAzpcRrMoi1uZQnI1AEwhODhUoIIpRn
fTFx6AfiBie7qBT2xysazPZAvgJMLX0dS2oN/cjVGGuL5OaL17aRcUEOwITfj3mH
xb0eL8bP9HVzRSOEwuRSlxephR5+6yN4f1LKFNvZDECJQNwyk07rothqutGnUjjm
2UzmirE5yG8O
=MpNG
-----END PGP SIGNATURE-----
Merge tag 'pm-6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull power management fixes from Rafael Wysocki:
"These fix some issues and clean up code in ARM cpufreq drivers.
Specifics:
- Fix module loading in the Tegra124 cpufreq driver (Jon Hunter)
- Fix memory leak and update to read-only region in the qcom cpufreq
driver (Fabien Parent)
- Miscellaneous minor cleanups to cpufreq drivers (Fabien Parent,
Yang Yingliang)"
* tag 'pm-6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
cpufreq: sun50i: Switch to use dev_err_probe() helper
cpufreq: qcom-nvmem: Switch to use dev_err_probe() helper
cpufreq: imx6q: Switch to use dev_err_probe() helper
cpufreq: dt: Switch to use dev_err_probe() helper
cpufreq: qcom: remove unused parameter in function definition
cpufreq: qcom: fix writes in read-only memory region
cpufreq: qcom: fix memory leak in error path
cpufreq: tegra194: Fix module loading
- Add missing device reference counting to acpi_get_pci_dev() after
changing it recently (Rafael Wysocki).
- Fix resource list walk in acpi_dma_get_range() (Robin Murphy).
- Add IRQ override quirk for LENOVO IdeaPad and extend the IRQ
override warning message (Jiri Slaby).
- Fix integer overflow in ghes_estatus_pool_init() (Ashish Kalra).
- Fix multiple error records handling in one of the ACPI extlog driver
code paths (Tony Luck).
- Prune DSDT override documentation from index after dropping it (Bagas
Sanjaya).
-----BEGIN PGP SIGNATURE-----
iQJGBAABCAAwFiEE4fcc61cGeeHD/fCwgsRv/nhiVHEFAmNS5j0SHHJqd0Byand5
c29ja2kubmV0AAoJEILEb/54YlRxBCIQALRw66b/rUiobFH2shHthACDeIuFa25U
35/F97bitR6kTPkQKiKtoWTGd+d+1TL7z7kOWS9ontQB91OXN877K3j7h5lFtemw
PPBL+e13VCg6ZfUxpVocMTnH/nyfLIMAAX335i+ogknyW0SrISwmBhb/luvzzpiR
0htCcnH3ia6pDiCbr1+Q6wXOYA3anWsm7hN6QfE4QE0AjjP/TXe+VdA5ntX7zKKO
TIjMgso5drLoGTVA0gUWSIR5mqvqYE+9QWTU0yr90fG3sap9Jj3DzSaF5Ctb2cYB
B9w5KWL5H8KfeJxgYtSPGG7iZ11IrMUWTFiKG+NBAZ2+qvonW6kcmXWi0jr9Lqt/
hW4t1luA/jk/b9Gg+izSmvMSJmJLeRLXp1echTUn3dnl8vWE04Di1oKIaNoE3s1p
ufn5auOJLvdgHqqHRjbZUPiYqfoEp7Awqy1tbg+g+BKZwKUwMCX2ej2QlI8M1nBI
ayB7YqfLblBuvS7GEs0Xsuv/T9Q3Ntl5UVHWhCzekBjwFmtuOItOxVmbubtZgSex
j66CtPhw9LpGeiOqs28GcOBYU4iFDeY10T70u5XApJ2Qo+A8gH38hUNOuBTd6Nu+
qU4qira6Ij72lcpnA7MfwULYY3tmhHxe0N9F7ql8MiXQVUMsihb1Y9q/5qHz3bVu
p6gepNzValgR
=w4gn
-----END PGP SIGNATURE-----
Merge tag 'acpi-6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI fixes from Rafael Wysocki:
"These fix issues introduced during this merge window (ACPI/PCI, device
enumeration and documentation) and some other ones found recently.
Specifics:
- Add missing device reference counting to acpi_get_pci_dev() after
changing it recently (Rafael Wysocki)
- Fix resource list walk in acpi_dma_get_range() (Robin Murphy)
- Add IRQ override quirk for LENOVO IdeaPad and extend the IRQ
override warning message (Jiri Slaby)
- Fix integer overflow in ghes_estatus_pool_init() (Ashish Kalra)
- Fix multiple error records handling in one of the ACPI extlog
driver code paths (Tony Luck)
- Prune DSDT override documentation from index after dropping it
(Bagas Sanjaya)"
* tag 'acpi-6.1-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI: scan: Fix DMA range assignment
ACPI: PCI: Fix device reference counting in acpi_get_pci_dev()
ACPI: resource: note more about IRQ override
ACPI: resource: do IRQ override on LENOVO IdeaPad
ACPI: extlog: Handle multiple records
ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
Documentation: ACPI: Prune DSDT override documentation from index
- A pair of fixes for the EFI variable store refactor that landed in
v6.0
- A couple of fixes for issue that were introduced during the merge
window
- Back out some changes related to EFI zboot signing - we'll add a
better solution for this during the next cycle
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE+9lifEBpyUIVN1cpw08iOZLZjyQFAmNSs/cACgkQw08iOZLZ
jySlPgv/Zfwdbg7b+0Y2wkevUh3shwSH5/fzRAxxFa9dt1D1DcSr+JAqGslSS0Uo
Hq9GEnEVGhGqzd6JC/0X5jCSZFJCbfA8F6v082Qg1sJwr1cbualVcyYY0KL5GCk5
pyIfjHfotaTyS7mzQnjlxT9NQVzJEnZcEP9sxxIny5FRwS0KqhbtGN2V0xovDB/4
2b9w9a7zg1YZVH/IJdeLZFzG5TMQzg8X5WPWVqKHNpqMC9gOW3V3R4Gxy0RCp85Q
9j8PY5CI3KABeYwCDKB+sw7GFYSDK9e+4qEwdcC9Fp1+K0g35ELd8xDr98aMMyyw
pl5qdsJz6XY7i9IfgZq4YhSlMA1+Ab7hAsweoQ7tYofs0TRtuNGzLTT2scU5Pws1
67smMKxlfXTUSB7+1aH5qkV9sKM2uB/Rbib9qIkSyIeTN8Mo/290nimOIilhpsz8
EQC0mIAsieoF7svy5HFgDsxFi7m6jxwYqlGZt3QCF3ULdlEDQYOA5boJh9OgbR6C
3e1kMHR8
=q3Qj
-----END PGP SIGNATURE-----
Merge tag 'efi-fixes-for-v6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi
Pull EFI fixes from Ard Biesheuvel:
- fixes for the EFI variable store refactor that landed in v6.0
- fixes for issues that were introduced during the merge window
- back out some changes related to EFI zboot signing - we'll add a
better solution for this during the next cycle
* tag 'efi-fixes-for-v6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
efi: runtime: Don't assume virtual mappings are missing if VA == PA == 0
efi: libstub: Fix incorrect payload size in zboot header
efi: libstub: Give efi_main() asmlinkage qualification
efi: efivars: Fix variable writes without query_variable_store()
efi: ssdt: Don't free memory if ACPI table was loaded successfully
efi: libstub: Remove zboot signing from build options
Including:
- Intel VT-d fixes from Lu Baolu:
- Fix a lockdep splat issue in intel_iommu_init().
- Allow NVS regions to pass RMRR check.
- Domain cleanup in error path.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEr9jSbILcajRFYWYyK/BELZcBGuMFAmNSuP0ACgkQK/BELZcB
GuNRXRAAkGA7n8wuKsd6W7pPQQY5iRfYvBoGw5W46e9aZCTurOhmSjL6KDQzq+rN
MWVlfd2CPQEoJUbIIEmCBdPhBcfMv9sv07eDzVkXG/yy181W1sp9qQXDBT+PGt3A
QURuUVnXXm+/aHscXT9/WAxQoi8s1tNhgPPc5NKr5AM0FMn6poPgEyISOl7ipwT/
EyzDQoKGkFw+jDUh9UmjSw8NQWhPok5ZT8jUBD1tSAKnjcfL5/cFjCW/xb1rZwR8
EiQFhseOr8j7diqyoqH+eWO0ELlh60pY0Urm8OR6bsl+7KiANf8Xg9aQBdVhlj9Y
g/noAYCt+kXdxqug3NDcWihibLlaKY01lXqVrtNayYK2KsM6YDHDcmSPy8PYzQCZ
aqEsNOgJBOgMN/BAuUdtUTFIOTst5L54Pgu73xoOG7JU2acRXdl9x50Ekr/Nm3mZ
YrusLVzCeOk5yd20OWxBZuDF55xjyou7748Hb/7XfAhJK9g0Nh1QTPVD67Cdw2UJ
eTvgmgmWZDZMvg8Ah3p7gTgcFHw1WsvuUNcPyiqjAfkovL1TYIbqoRDHQ+I8xUR/
cC2mBzwkjbduJkp9+xbOv6kPecGA+djD+sfFg7oc8bdIGYwoLLOC0DtoeWbiEpMM
+nPP4om62Lt7pUqfCoOy66a4ALaGShh93QJ57Ndr9loCK0MkPpE=
=ZvCa
-----END PGP SIGNATURE-----
Merge tag 'iommu-fixes-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu
Pull iommu fixes from Joerg Roedel:
"Intel VT-d fixes:
- Fix a lockdep splat issue in intel_iommu_init()
- Allow NVS regions to pass RMRR check
- Domain cleanup in error path"
* tag 'iommu-fixes-v6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/joro/iommu:
iommu/vt-d: Clean up si_domain in the init_dmars() error path
iommu/vt-d: Allow NVS regions in arch_rmrr_sanity_check()
iommu/vt-d: Use rcu_lock in get_resv_regions
iommu: Add gfp parameter to iommu_alloc_resv_region
-----BEGIN PGP SIGNATURE-----
iQJSBAABCAA8FiEEoEVH9lhNrxiMPSyI7MXwXhnZSjYFAmNSiTceHGJlbmphbWlu
LnRpc3NvaXJlc0ByZWRoYXQuY29tAAoJEOzF8F4Z2Uo2sTcP/Rws+k1T+VGA0NQP
ge6UHSPKsfku5xagPiArdfh9riP6jeO6D0AOYw8nzmz5o/ms4v7MYe3D3lgnFsfF
kJeAKdSGWGlP0+pTzSM2rECj3x8dGoiqkyYWIHDsJRaa5E4pABNaC8GY1N6AWtTf
olUJ+GsQdD7SrqB3k0ezgOV/tkIt08mfBtlMyhJN7uidSqNRaw5L+6xnvpx9OQk2
OikMuME8wipdCXO1Bsb1n5UWdFWNwYFpiLLi6jXfAb35a5hYuYsYyptpW3+DWdTN
JJaPQTIvBdkU6r5d6fQO1BRUBMNRMPP3zbTtVQduZrncs8XYZzr2IhUYZxdKilIY
623C4e3JKi5Hy3+fR77JL9M5aUZoc6IagkTFK0WFzyOgL/wMJ4O+zoeDlwcka9dT
yl0n4uDwZazDwn7BQfiWEj97GV/BE3p9jcLult90hkhEqHM6uO4TxugX9Ouqxr+a
2R+TZjz+uj9BXtpdJjae5SMQmbBUVp+Skt8ZkSMoeB6jxiY0quZlP6uN4PTV5JiO
xz4gNPxuVL55A8zfJ9AMdfHv1YChf0bSd31SynEFm6VQfMcWfEZB4NbAQXfWJE6E
7Bgh3QhB5wfggYJ0ynf92Jya6O9kkTDbw87bs/qoaoZ8lDqbF2aDQm+vLoO4QUX6
B7vBR+Z/Jp+JvG0xgpeKTxEQlv93
=QU4t
-----END PGP SIGNATURE-----
Merge tag 'for-linus-2022102101' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid
Pull HID fixes from Benjamin Tissoires:
- a 12 year old bug fix for the Apple Magic Trackpad v1 (José Expósito)
- a fix for a potential crash on removal of the Playstation controllers
(Roderick Colenbrander)
- a few new device IDs and device-specific quirks, most notably support
of the new Playstation DualSense Edge controller
* tag 'for-linus-2022102101' of git://git.kernel.org/pub/scm/linux/kernel/git/hid/hid:
HID: lenovo: Make array tp10ubkbd_led static const
HID: saitek: add madcatz variant of MMO7 mouse device ID
HID: playstation: support updated DualSense rumble mode.
HID: playstation: add initial DualSense Edge controller support
HID: playstation: stop DualSense output work on remove.
HID: magicmouse: Do not set BTN_MOUSE on double report
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmNSM84ACgkQiiy9cAdy
T1Ev1gv/boWdv/ihnWEpdlAT4wqMQt9Q7dlfSZmNlcoSst1QGbTHjBrUNncBcRCZ
+9PRqH0umGMx1dFBzPNp5AzgGK2hbCL5hfveZlxsZoAohFTkOCK4714vXyoI0dJM
akbq3VMjljkrHS+biC4NwZgQyPFWnDVzI1rESI9iIooRiVlIQWRToWwyDDxHP7b8
LiDdh62uj6aAirGBnGK8qrXnIgXcFlowNGDT4JsUuXqEavNBBcl0VH/6C1E3Zhmn
a/w2NwCWnAxcRl5nO8v/yl/awV9hQ5Ma8mR5v6de1BDxsGUyHKxxI6+/iO31ZxzM
4XzIdta7TNGPvWsHXEBfBZqNIt2XbEAKagNXsNwar5Py05Tb/JK1F4S5gUxVblRq
Ro3JoP5gjdMvKVZGoQeG414g3b+z+58VP5DIVBIkCOu7ODoxCqbavneh9IUOsW0e
3xrHPceoiN+q9pCfRYfjep6D53hkASzGihQM2rGBgPzyOATO6U7SaYosEVYuDkIW
Li2ObspV
=ZV02
-----END PGP SIGNATURE-----
Merge tag '6.1-rc1-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6
Pull cifs fixes from Steve French:
- memory leak fixes
- fixes for directory leases, including an important one which fixes a
problem noticed by git functional tests
- fixes relating to missing free_xid calls (helpful for
tracing/debugging of entry/exit into cifs.ko)
- a multichannel fix
- a small cleanup fix (use of list_move instead of list_del/list_add)
* tag '6.1-rc1-smb3-fixes' of git://git.samba.org/sfrench/cifs-2.6:
cifs: update internal module number
cifs: fix memory leaks in session setup
cifs: drop the lease for cached directories on rmdir or rename
smb3: interface count displayed incorrectly
cifs: Fix memory leak when build ntlmssp negotiate blob failed
cifs: set rc to -ENOENT if we can not get a dentry for the cached dir
cifs: use LIST_HEAD() and list_move() to simplify code
cifs: Fix xid leak in cifs_get_file_info_unix()
cifs: Fix xid leak in cifs_ses_add_channel()
cifs: Fix xid leak in cifs_flock()
cifs: Fix xid leak in cifs_copy_file_range()
cifs: Fix xid leak in cifs_create()
When an extended state component is not present in fpstate, but in init
state, the function copies from init_fpstate via copy_feature().
But, dynamic states are not present in init_fpstate because of all-zeros
init states. Then retrieving them from init_fpstate will explode like this:
BUG: kernel NULL pointer dereference, address: 0000000000000000
...
RIP: 0010:memcpy_erms+0x6/0x10
? __copy_xstate_to_uabi_buf+0x381/0x870
fpu_copy_guest_fpstate_to_uabi+0x28/0x80
kvm_arch_vcpu_ioctl+0x14c/0x1460 [kvm]
? __this_cpu_preempt_check+0x13/0x20
? vmx_vcpu_put+0x2e/0x260 [kvm_intel]
kvm_vcpu_ioctl+0xea/0x6b0 [kvm]
? kvm_vcpu_ioctl+0xea/0x6b0 [kvm]
? __fget_light+0xd4/0x130
__x64_sys_ioctl+0xe3/0x910
? debug_smp_processor_id+0x17/0x20
? fpregs_assert_state_consistent+0x27/0x50
do_syscall_64+0x3f/0x90
entry_SYSCALL_64_after_hwframe+0x63/0xcd
Adjust the 'mask' to zero out the userspace buffer for the features that
are not available both from fpstate and from init_fpstate.
The dynamic features depend on the compacted XSAVE format. Ensure it is
enabled before reading XCOMP_BV in init_fpstate.
Fixes: 2308ee57d9 ("x86/fpu/amx: Enable the AMX feature in 64-bit mode")
Reported-by: Yuan Yao <yuan.yao@intel.com>
Suggested-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Chang S. Bae <chang.seok.bae@intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Tested-by: Yuan Yao <yuan.yao@intel.com>
Link: https://lore.kernel.org/lkml/BYAPR11MB3717EDEF2351C958F2C86EED95259@BYAPR11MB3717.namprd11.prod.outlook.com/
Link: https://lkml.kernel.org/r/20221021185844.13472-1-chang.seok.bae@intel.com
Two small changes, one in the lpfc driver and the other in the core.
The core change is an additional footgun guard which prevents users
from writing the wrong state to sysfs and causing a hang.
Signed-off-by: James E.J. Bottomley <jejb@linux.ibm.com>
-----BEGIN PGP SIGNATURE-----
iJwEABMIAEQWIQTnYEDbdso9F2cI+arnQslM7pishQUCY1KeHiYcamFtZXMuYm90
dG9tbGV5QGhhbnNlbnBhcnRuZXJzaGlwLmNvbQAKCRDnQslM7pishUBSAP0aya1G
dXqg9yZqSkYKj17oFHfU0Y84lPfQKHh5b6gH2wEA49SWjPCHDf4OhCWjzpqdAAeO
GmT9oeU3FqhqiuMthBA=
=vIir
-----END PGP SIGNATURE-----
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull SCSI fixes from James Bottomley:
"Two small changes, one in the lpfc driver and the other in the core.
The core change is an additional footgun guard which prevents users
from writing the wrong state to sysfs and causing a hang"
* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
scsi: lpfc: Fix memory leak in lpfc_create_port()
scsi: core: Restrict legal sdev_state transitions via sysfs
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmNSA2YQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgpjmWD/9w8JAXzbJR+hHOa6wcy/2gYLWewYPVwG9D
HyuiSYDGGazPC39gmfEl9ouixhXxofMEjnvTkguzNudpKp8I4yKvmHC6hXz8Qxwj
EYpGa99yVI914Qd6XWXzzc+03C/+flLb+JuvNee9oNkv/mYSjXSvBT7hOVYNNomX
bnTFi9QHbP3vL+LA1WRkdlSyypxVDibj3gzyCqWrTiprRKbMzpZa481PUZf7QrDl
MjlmAoDYA3wzsq8JjvEmO3/rZdawK6E8POtPn9mXmmdna0mcW1MQ7UOxJIi+g7fr
JU+Q6E6VhFA/zjV2nmRfxlnticXdzih8OvL4rMK5QBwxqz0NDBqpl7OfnuR4Y0WX
WlWWMVPG4zkJ7xCMy4s8h7iLn/GSgsjNFZ4tVA9EccGC3Oh5NOINyqMzNnZqEiY4
judhXpiIowTkHuxqwzLEL1V91ELhkZoLaVfGaQp2DiG/0PMGbNSqDMMXQJ+m/N4g
2AL9Gwn0iqrAeNVmBhOGCfQ9hVh7TTKoHd3QKcW0lwksy8zKZBqIo6XvLxX8DcQ7
gqTGv+LBJkaFsFLiFCI+f59ZPPs6FyiqvUmDmIZmoVLPVxRuMwfWijIYhU/zXPjB
vvautQLCQ3FX49XDuUtGlrgDLwFvMkyDl7IOjH+jzK0Cmj+Gmv1/2/E18wlGuMsW
c6mV/bWW0Q==
=bOqU
-----END PGP SIGNATURE-----
Merge tag 'io_uring-6.1-2022-10-20' of git://git.kernel.dk/linux
Pull io_uring fixes from Jens Axboe:
- Fix a potential memory leak in the error handling path of io-wq setup
(Rafael)
- Kill an errant debug statement that got added in this release (me)
- Fix an oops with an invalid direct descriptor with IORING_OP_MSG_RING
(Harshit)
- Remove unneeded FFS_SCM flagging (Pavel)
- Remove polling off the exit path (Pavel)
- Move out direct descriptor debug check to the cleanup path (Pavel)
- Use the proper helper rather than open-coding cached request get
(Pavel)
* tag 'io_uring-6.1-2022-10-20' of git://git.kernel.dk/linux:
io-wq: Fix memory leak in worker creation
io_uring/msg_ring: Fix NULL pointer dereference in io_msg_send_fd()
io_uring/rw: remove leftover debug statement
io_uring: don't iopoll from io_ring_ctx_wait_and_kill()
io_uring: reuse io_alloc_req()
io_uring: kill hot path fixed file bitmap debug checks
io_uring: remove FFS_SCM
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQRTLbB6QfY48x44uB6AXGG7T9hjvgUCY1JhRwAKCRCAXGG7T9hj
vtcFAQDEkdKa5lWFo6Lut8rraHPyjoCVdLV1J2KJo0vO8rgU+AEA1kuPMqQzpVez
1xTkZrKnPvIo+Dv515oxDCmzTxGoDgA=
=1fmO
-----END PGP SIGNATURE-----
Merge tag 'for-linus-6.1-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip
Pull xen fixes from Juergen Gross:
"Just two fixes for the new 'virtio with grants' feature"
* tag 'for-linus-6.1-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
xen/virtio: Convert PAGE_SIZE/PAGE_SHIFT/PFN_UP to Xen counterparts
xen/virtio: Handle cases when page offset > PAGE_SIZE properly
-----BEGIN PGP SIGNATURE-----
iQJHBAABCAAyFiEES0KozwfymdVUl37v6iDy2pc3iXMFAmNRY7QUHHBhdWxAcGF1
bC1tb29yZS5jb20ACgkQ6iDy2pc3iXMvRg/48NI0ohEC3ErRlLxhpaQgEOp4qH+h
rqvOAyuIHNrdd9j4u5Gm3n2VvNRsAhzFXxlfRpoAGIrO9elest3/RcCI/HiTXK5a
Jt+yzBIZXyJutvTJSGuCc78q8ydfhhD+1jGEBPCsiTAdRIiNUPTXutqCWkJW3rn7
apcYQvJ7P65VPipSzkHFngRN7PjyXr3poU3OTKHeA+Uxn+jydk+d6GpGJ9wVkwPz
kFlF/7CXUK05PPs5cJJjSIXnDSEkFUB8ZCV1bEMBV5vm6GodEz02forUTJ4yMxtP
0ARGepQLxej76DTmnqWf+9MaijnRCvo0eOwXSltD0CrsVoirulc/nLEq2x4eDiaZ
W4iIOqJp8CgTLw4OhJDKrdltypM7xLVSlyAS18hpekfnRldtMLHQTWmUxMmCj9Q1
WF8TTabp8tg2DzlGrDM96BHz8vGeF4e1O5qEE2Wpq9XCIYiHmusFk2mOH7nhuWwO
cqUOkFR27DSyPvR/jgNgRRNfB1NzaiNndsknDeEBHXbjOgzeWRtgFjBscRlpIEc3
NgF8DStIVVBmuxQ2MfF4VXxUtjAgLbAP0fTqLmYZVxnQXmRJPXzqTqe/9a81a9Yy
ARX23ZW2vpaJTQ5CdFyje+bk30Msi3q5EWFsC34KSXL0oyIyd3/tWsCv4C+9JWbK
2NOTIUZbkRekBw==
=Z+5I
-----END PGP SIGNATURE-----
Merge tag 'selinux-pr-20221020' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux fix from Paul Moore:
"A small SELinux fix for a GFP_KERNEL allocation while a spinlock is
held.
The patch, while still fairly small, is a bit larger than one might
expect from a simple s/GFP_KERNEL/GFP_ATOMIC/ conversion because we
added support for the function to be called with different gfp flags
depending on the context, preserving GFP_KERNEL for those cases that
can safely sleep"
* tag 'selinux-pr-20221020' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
post-6.0 issues.
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQTTMBEPP41GrTpTJgfdBJ7gKXxAjgUCY1IgYgAKCRDdBJ7gKXxA
jpyRAQDkfa1LDkfbA4dQBZShkUhBX1k3AyRO1NWMjwwTxP3H8wD9HUz1BB3ynoKc
ipzQs7q5jbBvndczEksHiG2AC7SvQAI=
=wD9I
-----END PGP SIGNATURE-----
Merge tag 'mm-hotfixes-stable-2022-10-20' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Pull misc fixes from Andrew Morron:
"Seventeen hotfixes, mainly for MM.
Five are cc:stable and the remainder address post-6.0 issues"
* tag 'mm-hotfixes-stable-2022-10-20' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm:
nouveau: fix migrate_to_ram() for faulting page
mm/huge_memory: do not clobber swp_entry_t during THP split
hugetlb: fix memory leak associated with vma_lock structure
mm/page_alloc: reduce potential fragmentation in make_alloc_exact()
mm: /proc/pid/smaps_rollup: fix maple tree search
mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
mm/mmap: fix MAP_FIXED address return on VMA merge
mm/mmap.c: __vma_adjust(): suppress uninitialized var warning
mm/mmap: undo ->mmap() when mas_preallocate() fails
init: Kconfig: fix spelling mistake "satify" -> "satisfy"
ocfs2: clear dinode links count in case of error
ocfs2: fix BUG when iput after ocfs2_mknod fails
gcov: support GCC 12.1 and newer compilers
zsmalloc: zs_destroy_pool: add size_class NULL check
mm/mempolicy: fix mbind_range() arguments to vma_merge()
mailmap: update email for Qais Yousef
mailmap: update Dan Carpenter's email address
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEABECAAYFAmNQOiwACgkQ+iyteGJfRsopNgCgw0BPrAnTfXQxiPPJiej/vUIu
rWMAoLs5azbM52vw54b5onmIngSYacNL
=1XLP
-----END PGP SIGNATURE-----
Merge tag 'linux-watchdog-6.1-rc2' of git://www.linux-watchdog.org/linux-watchdog
Pull watchdog updates from Wim Van Sebroeck:
- Add tracing events for the most common watchdog events
* tag 'linux-watchdog-6.1-rc2' of git://www.linux-watchdog.org/linux-watchdog:
watchdog: Add tracing events for the most usual watchdog events
Merge assorted ACPI fixes for 6.1-rc2:
- Fix resource list walk in acpi_dma_get_range() (Robin Murphy).
- Add IRQ override quirk for LENOVO IdeaPad and extend the IRQ
override warning message (Jiri Slaby).
- Fix integer overflow in ghes_estatus_pool_init() (Ashish Kalra).
- Fix multiple error records handling in one of the ACPI extlog driver
code paths (Tony Luck).
- Prune DSDT override documentation from index after dropping it (Bagas
Sanjaya).
* acpi-scan:
ACPI: scan: Fix DMA range assignment
* acpi-resource:
ACPI: resource: note more about IRQ override
ACPI: resource: do IRQ override on LENOVO IdeaPad
* acpi-apei:
ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
* acpi-extlog:
ACPI: extlog: Handle multiple records
* acpi-docs:
Documentation: ACPI: Prune DSDT override documentation from index
When a console stack dump is initiated with CONFIG_GCOV_PROFILE_ALL
enabled, show_trace_log_lvl() gets out of sync with the ORC unwinder,
causing the stack trace to show all text addresses as unreliable:
# echo l > /proc/sysrq-trigger
[ 477.521031] sysrq: Show backtrace of all active CPUs
[ 477.523813] NMI backtrace for cpu 0
[ 477.524492] CPU: 0 PID: 1021 Comm: bash Not tainted 6.0.0 #65
[ 477.525295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-1.fc36 04/01/2014
[ 477.526439] Call Trace:
[ 477.526854] <TASK>
[ 477.527216] ? dump_stack_lvl+0xc7/0x114
[ 477.527801] ? dump_stack+0x13/0x1f
[ 477.528331] ? nmi_cpu_backtrace.cold+0xb5/0x10d
[ 477.528998] ? lapic_can_unplug_cpu+0xa0/0xa0
[ 477.529641] ? nmi_trigger_cpumask_backtrace+0x16a/0x1f0
[ 477.530393] ? arch_trigger_cpumask_backtrace+0x1d/0x30
[ 477.531136] ? sysrq_handle_showallcpus+0x1b/0x30
[ 477.531818] ? __handle_sysrq.cold+0x4e/0x1ae
[ 477.532451] ? write_sysrq_trigger+0x63/0x80
[ 477.533080] ? proc_reg_write+0x92/0x110
[ 477.533663] ? vfs_write+0x174/0x530
[ 477.534265] ? handle_mm_fault+0x16f/0x500
[ 477.534940] ? ksys_write+0x7b/0x170
[ 477.535543] ? __x64_sys_write+0x1d/0x30
[ 477.536191] ? do_syscall_64+0x6b/0x100
[ 477.536809] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 477.537609] </TASK>
This happens when the compiled code for show_stack() has a single word
on the stack, and doesn't use a tail call to show_stack_log_lvl().
(CONFIG_GCOV_PROFILE_ALL=y is the only known case of this.) Then the
__unwind_start() skip logic hits an off-by-one bug and fails to unwind
all the way to the intended starting frame.
Fix it by reverting the following commit:
f1d9a2abff ("x86/unwind/orc: Don't skip the first frame for inactive tasks")
The original justification for that commit no longer exists. That
original issue was later fixed in a different way, with the following
commit:
f2ac57a4c4 ("x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels")
Fixes: f1d9a2abff ("x86/unwind/orc: Don't skip the first frame for inactive tasks")
Signed-off-by: Chen Zhongjin <chenzhongjin@huawei.com>
[jpoimboe: rewrite commit log]
Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org>
Signed-off-by: Peter Zijlstra <peterz@infradead.org>
Most of PTP drivers live under ethernet and we have to keep
telling people to CC the PTP maintainers. Let's try a keyword
match, we can refine as we go if it causes false positives.
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
ethnl_default_dump_one() passes NULL as info.
It's correct not to set extack during dump, as we should just
silently skip interfaces which can't provide the information.
Reported-by: syzbot+81c4b4bbba6eea2cfcae@syzkaller.appspotmail.com
Fixes: 18ff0bcda6 ("ethtool: add interface to interact with Ethernet Power Equipment")
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Reviewed-by: Oleksij Rempel <o.rempel@pengutronix.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
The generic EFI stub can be instructed to avoid SetVirtualAddressMap(),
and simply run with the firmware's 1:1 mapping. In this case, it
populates the virtual address fields of the runtime regions in the
memory map with the physical address of each region, so that the mapping
code has to be none the wiser. Only if SetVirtualAddressMap() fails, the
virtual addresses are wiped and the kernel code knows that the regions
cannot be mapped.
However, wiping amounts to setting it to zero, and if a runtime region
happens to live at physical address 0, its valid 1:1 mapped virtual
address could be mistaken for a wiped field, resulting on loss of access
to the EFI services at runtime.
So let's only assume that VA == 0 means 'no runtime services' if the
region in question does not live at PA 0x0.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
The linker script symbol definition that captures the size of the
compressed payload inside the zboot decompressor (which is exposed via
the image header) refers to '.' for the end of the region, which does
not give the correct result as the expression is not placed at the end
of the payload. So use the symbol name explicitly.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
To stop the bots from sending sparse warnings to me and the list about
efi_main() not having a prototype, decorate it with asmlinkage so that
it is clear that it is called from assembly, and therefore needs to
remain external, even if it is never declared in a header file.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>