| Age | Commit message (Collapse) | Author |
|---|
|
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
Daniel Borkmann says:
====================
pull-request: bpf 2023-11-08
We've added 16 non-merge commits during the last 6 day(s) which contain
a total of 30 files changed, 341 insertions(+), 130 deletions(-).
The main changes are:
1) Fix a BPF verifier issue in precision tracking for BPF_ALU | BPF_TO_BE |
BPF_END where the source register was incorrectly marked as precise,
from Shung-Hsi Yu.
2) Fix a concurrency issue in bpf_timer where the former could still have
been alive after an application releases or unpins the map, from Hou Tao.
3) Fix a BPF verifier issue where immediates are incorrectly cast to u32
before being spilled and therefore losing sign information, from Hao Sun.
4) Fix a misplaced BPF_TRACE_ITER in check_css_task_iter_allowlist which
incorrectly compared bpf_prog_type with bpf_attach_type, from Chuyi Zhou.
5) Add __bpf_hook_{start,end} as well as __bpf_kfunc_{start,end}_defs macros,
migrate all BPF-related __diag callsites over to it, and add a new
__diag_ignore_all for -Wmissing-declarations to the macros to address
recent build warnings, from Dave Marchevsky.
6) Fix broken BPF selftest build of xdp_hw_metadata test on architectures
where char is not signed, from Björn Töpel.
7) Fix test_maps selftest to properly use LIBBPF_OPTS() macro to initialize
the bpf_map_create_opts, from Andrii Nakryiko.
8) Fix bpffs selftest to avoid unmounting /sys/kernel/debug as it may have
been mounted and used by other applications already, from Manu Bretelle.
9) Fix a build issue without CONFIG_CGROUPS wrt css_task open-coded
iterators, from Matthieu Baerts.
* tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf:
selftests/bpf: get trusted cgrp from bpf_iter__cgroup directly
bpf: Let verifier consider {task,cgroup} is trusted in bpf_iter_reg
selftests/bpf: Fix broken build where char is unsigned
selftests/bpf: precision tracking test for BPF_NEG and BPF_END
bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END
selftests/bpf: Add test for using css_task iter in sleepable progs
selftests/bpf: Add tests for css_task iter combining with cgroup iter
bpf: Relax allowlist for css_task iter
selftests/bpf: fix test_maps' use of bpf_map_create_opts
bpf: Check map->usercnt after timer->timer is assigned
bpf: Add __bpf_hook_{start,end} macros
bpf: Add __bpf_kfunc_{start,end}_defs macros
selftests/bpf: fix test_bpffs
selftests/bpf: Add test for immediate spilled to stack
bpf: Fix check_stack_write_fixed_off() to correctly spill imm
bpf: fix compilation error without CGROUPS
====================
Link: https://lore.kernel.org/r/20231108132448.1970-1-daniel@iogearbox.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
|
Referenced commit doesn't always set iifidx when offloading the flow to
hardware. Fix the following cases:
- nf_conn_act_ct_ext_fill() is called before extension is created with
nf_conn_act_ct_ext_add() in tcf_ct_act(). This can cause rule offload with
unspecified iifidx when connection is offloaded after only single
original-direction packet has been processed by tc data path. Always fill
the new nf_conn_act_ct_ext instance after creating it in
nf_conn_act_ct_ext_add().
- Offloading of unidirectional UDP NEW connections is now supported, but ct
flow iifidx field is not updated when connection is promoted to
bidirectional which can result reply-direction iifidx to be zero when
refreshing the connection. Fill in the extension and update flow iifidx
before calling flow_offload_refresh().
Fixes: 9795ded7f924 ("net/sched: act_ct: Fill offloading tuple iifidx")
Reviewed-by: Paul Blakey <paulb@nvidia.com>
Signed-off-by: Vlad Buslov <vladbu@nvidia.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Fixes: 6a9bad0069cf ("net/sched: act_ct: offload UDP NEW connections")
Link: https://lore.kernel.org/r/20231103151410.764271-1-vladbu@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
|
Pull NFS client updates from Trond Myklebust:
"Bugfixes:
- SUNRPC:
- re-probe the target RPC port after an ECONNRESET error
- handle allocation errors from rpcb_call_async()
- fix a use-after-free condition in rpc_pipefs
- fix up various checks for timeouts
- NFSv4.1:
- Handle NFS4ERR_DELAY errors during session trunking
- fix SP4_MACH_CRED protection for pnfs IO
- NFSv4:
- Ensure that we test all delegations when the server notifies
us that it may have revoked some of them
Features:
- Allow knfsd processes to break out of NFS4ERR_DELAY loops when
re-exporting NFSv4.x by setting appropriate values for the
'delay_retrans' module parameter
- nfs: Convert nfs_symlink() to use a folio"
* tag 'nfs-for-6.7-1' of git://git.linux-nfs.org/projects/trondmy/linux-nfs:
nfs: Convert nfs_symlink() to use a folio
SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO
SUNRPC: Add an IS_ERR() check back to where it was
NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking
nfs41: drop dependency between flexfiles layout driver and NFSv3 modules
NFSv4: fairly test all delegations on a SEQ4_ revocation
SUNRPC: SOFTCONN tasks should time out when on the sending list
SUNRPC: Force close the socket when a hard error is reported
SUNRPC: Don't skip timeout checks in call_connect_status()
SUNRPC: ECONNRESET might require a rebind
NFSv4/pnfs: Allow layoutget to return EAGAIN for softerr mounts
NFSv4: Add a parameter to limit the number of retries after NFS4ERR_DELAY
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat
Pull exfat updates from Namjae Jeon:
- Fix an issue that exfat timestamps are not updated caused by new
timestamp accessor function patch
* tag 'exfat-for-6.7-rc1-part2' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat:
exfat: fix ctime is not updated
exfat: fix setting uninitialized time to ctime/atime
|
|
Pull xfs updates from Chandan Babu:
- Realtime device subsystem:
- Cleanup usage of xfs_rtblock_t and xfs_fsblock_t data types
- Replace open coded conversions between rt blocks and rt extents
with calls to static inline helpers
- Replace open coded realtime geometry compuation and macros with
helper functions
- CPU usage optimizations for realtime allocator
- Misc bug fixes associated with Realtime device
- Allow read operations to execute while an FICLONE ioctl is being
serviced
- Misc bug fixes:
- Alert user when xfs_droplink() encounters an inode with a link
count of zero
- Handle the case where the allocator could return zero extents when
servicing an fallocate request
* tag 'xfs-6.7-merge-2' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (40 commits)
xfs: allow read IO and FICLONE to run concurrently
xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space
xfs: introduce protection for drop nlink
xfs: don't look for end of extent further than necessary in xfs_rtallocate_extent_near()
xfs: don't try redundant allocations in xfs_rtallocate_extent_near()
xfs: limit maxlen based on available space in xfs_rtallocate_extent_near()
xfs: return maximum free size from xfs_rtany_summary()
xfs: invert the realtime summary cache
xfs: simplify rt bitmap/summary block accessor functions
xfs: simplify xfs_rtbuf_get calling conventions
xfs: cache last bitmap block in realtime allocator
xfs: use accessor functions for summary info words
xfs: consolidate realtime allocation arguments
xfs: create helpers for rtsummary block/wordcount computations
xfs: use accessor functions for bitmap words
xfs: create helpers for rtbitmap block/wordcount computations
xfs: create a helper to handle logging parts of rt bitmap/summary blocks
xfs: convert rt summary macros to helpers
xfs: convert open-coded xfs_rtword_t pointer accesses to helper
xfs: remove XFS_BLOCKWSIZE and XFS_BLOCKWMASK macros
...
|
|
The mailman-2 system behind lists.linux[-]foundation.org is being
retired, so the lists are being migrated to lists.linux.dev.
Since both domains belong to LF and setting up proper forwards is
possible, the old addresses will continue to work for a while, but all
new patches should be sent to the new canonical addresses for each list.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Pull more s390 updates from Vasily Gorbik:
- Get rid of s390 specific use of two PTEs per 4KB page with complex
half-used pages tracking. Using full 4KB pages for 2KB PTEs increases
the memory footprint of page tables but drastically simplify mm code,
removing a common blocker for common code changes and adaptations
- Simplify and rework "cmma no-dat" handling. This is a follow up for
recent fixes which prevent potential incorrect guest TLB flushes
- Add perf user stack unwinding as well as USER_STACKTRACE support for
user space built with -mbackchain compile option
- Add few missing conversion from tlb_remove_table to tlb_remove_ptdesc
- Fix crypto cards vanishing in a secure execution environment due to
asynchronous errors
- Avoid reporting crypto cards or queues in check-stop state as online
- Fix null-ptr deference in AP bus code triggered by early config
change via SCLP
- Couple of stability improvements in AP queue interrupt handling
* tag 's390-6.7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
s390/mm: make pte_free_tlb() similar to pXd_free_tlb()
s390/mm: use compound page order to distinguish page tables
s390/mm: use full 4KB page for 2KB PTE
s390/cmma: rework no-dat handling
s390/cmma: move arch_set_page_dat() to header file
s390/cmma: move set_page_stable() and friends to header file
s390/cmma: move parsing of cmma kernel parameter to early boot code
s390/cmma: cleanup inline assemblies
s390/ap: fix vanishing crypto cards in SE environment
s390/zcrypt: don't report online if card or queue is in check-stop state
s390: add USER_STACKTRACE support
s390/perf: implement perf_callchain_user()
s390/ap: fix AP bus crash on early config change callback invocation
s390/ap: re-enable interrupt for AP queues
s390/ap: rework to use irq info from ap queue status
s390/mm: add missing conversion to use ptdescs
|
|
-EOPNOTSUPP is the return value that implements a "no-op" hook, not 0.
Without this fix having only the BPF LSM enabled (with no programs
attached) can cause uninitialized variable reads in
nfsd4_encode_fattr(), because the BPF hook returns 0 without touching
the 'ctxlen' variable and the corresponding 'contextlen' variable in
nfsd4_encode_fattr() remains uninitialized, yet being treated as valid
based on the 0 return value.
Cc: stable@vger.kernel.org
Fixes: 98e828a0650f ("security: Refactor declaration of LSM hooks")
Reported-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
1 is the return value that implements a "no-op" hook, not 0.
Cc: stable@vger.kernel.org
Fixes: 98e828a0650f ("security: Refactor declaration of LSM hooks")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/frederic/linux-dynticks
Pull RCU fixes from Frederic Weisbecker:
- Fix a lock inversion between scheduler and RCU introduced in
v6.2-rc4. The scenario could trigger on any user of RCU_NOCB
(mostly Android but also nohz_full)
- Fix PF_IDLE semantic changes introduced in v6.6-rc3 breaking
some RCU-Tasks and RCU-Tasks-Trace expectations as to what
exactly is an idle task. This resulted in potential spurious
stalls and warnings.
* tag 'rcu-fixes-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/frederic/linux-dynticks:
rcu/tasks-trace: Handle new PF_IDLE semantics
rcu/tasks: Handle new PF_IDLE semantics
rcu: Introduce rcu_cpu_online()
rcu: Break rcu_node_0 --> &rq->__lock order
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock
Pull memblock update from Mike Rapoport:
"Report failures when memblock_can_resize is not set.
Numerous memblock reservations at early boot may exhaust static
memblock.reserved array and it is unnoticed because most of the
callers don't check memblock_reserve() return value.
In this case the system will crash later, but the reason is hard to
identify.
Replace return of an error with panic() when memblock.reserved is
exhausted before it can be resized"
* tag 'memblock-v6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rppt/memblock:
memblock: report failures when memblock_can_resize is not set
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/danielt/linux
Pull kgdb updates from Daniel Thompson:
"Just two patches for you this time!
- During a panic, flush the console before entering kgdb.
This makes things a little easier to comprehend, especially if an
NMI backtrace was triggered on all CPUs just before we enter the
panic routines
- Correcting a couple of misleading (a.k.a. plain wrong) comments"
* tag 'kgdb-6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/danielt/linux:
kdb: Corrects comment for kdballocenv
kgdb: Flush console before entering kgdb on panic
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
Pull RISC-V updates from Palmer Dabbelt:
- Support for cbo.zero in userspace
- Support for CBOs on ACPI-based systems
- A handful of improvements for the T-Head cache flushing ops
- Support for software shadow call stacks
- Various cleanups and fixes
* tag 'riscv-for-linus-6.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux: (31 commits)
RISC-V: hwprobe: Fix vDSO SIGSEGV
riscv: configs: defconfig: Enable configs required for RZ/Five SoC
riscv: errata: prefix T-Head mnemonics with th.
riscv: put interrupt entries into .irqentry.text
riscv: mm: Update the comment of CONFIG_PAGE_OFFSET
riscv: Using TOOLCHAIN_HAS_ZIHINTPAUSE marco replace zihintpause
riscv/mm: Fix the comment for swap pte format
RISC-V: clarify the QEMU workaround in ISA parser
riscv: correct pt_level name via pgtable_l5/4_enabled
RISC-V: Provide pgtable_l5_enabled on rv32
clocksource: timer-riscv: Increase rating of clock_event_device for Sstc
clocksource: timer-riscv: Don't enable/disable timer interrupt
lkdtm: Fix CFI_BACKWARD on RISC-V
riscv: Use separate IRQ shadow call stacks
riscv: Implement Shadow Call Stack
riscv: Move global pointer loading to a macro
riscv: Deduplicate IRQ stack switching
riscv: VMAP_STACK overflow detection thread-safe
RISC-V: cacheflush: Initialize CBO variables on ACPI systems
RISC-V: ACPI: RHCT: Add function to get CBO block sizes
...
|
|
https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound into for-linus
ASoC: Fixes for v6.7
A collection of fixes that have come in during the merge window, the
majority of this is driver specific with one core fix for handling of
DAPM clock widgets when a name prefix is specified for the card - the
name should not be applied to the clock name we request from the clock
API.
|
|
Pull NVMe fixes from Keith:
"nvme fixes for 6.7
- nvme keyring config compile fixes (Hannes and Arnd)
- fabrics keep alive fixes (Hannes)
- tcp authentication fixes (Mark)
- io_uring_cmd error handling fix (Anuj)
- stale firmware attribute fix (Daniel)
- tcp memory leak (Christophe)
- cytpo library usage simplification (Eric)"
* tag 'nvme-6.7-2023-11-8' of git://git.infradead.org/nvme:
nvme: keyring: fix conditional compilation
nvme: common: make keyring and auth separate modules
nvme: start keep-alive after admin queue setup
nvme-loop: always quiesce and cancel commands before destroying admin q
nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue()
nvme-auth: always set valid seq_num in dhchap reply
nvme-auth: add flag for bi-directional auth
nvme-auth: auth success1 msg always includes resp
nvme: fix error-handling for io_uring nvme-passthrough
nvme: update firmware version after commit
nvme-tcp: Fix a memory leak
nvme-auth: use crypto_shash_tfm_digest()
|
|
The keyring and auth functions can be called from both the host and
the target side and are controlled by Kconfig options for each of the
combinations, but the declarations are controlled by #ifdef checks
on the shared Kconfig symbols.
This leads to link failures in combinations where one of the frontends
is built-in and the other one is a module, and the keyring code
ends up in a module that is not reachable from the builtin code:
ld: drivers/nvme/host/core.o: in function `nvme_core_exit':
core.c:(.exit.text+0x4): undefined reference to `nvme_keyring_exit'
ld: drivers/nvme/host/core.o: in function `nvme_core_init':
core.c:(.init.text+0x94): undefined reference to `nvme_keyring_init
ld: drivers/nvme/host/tcp.o: in function `nvme_tcp_setup_ctrl':
tcp.c:(.text+0x4c18): undefined reference to `nvme_tls_psk_default'
Address this by moving nvme_keyring_init()/nvme_keyring_exit() into
module init/exit functions for the keyring module.
Fixes: be8e82caa6859 ("nvme-tcp: enable TLS handshake upcall")
Signed-off-by: Hannes Reinecke <hare@suse.de>
Cc: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Keith Busch <kbusch@kernel.org>
|
|
Each smb_rqst struct contains two things: an array of kvecs (rq_iov) that
contains the protocol data for an RPC op and an iterator (rq_iter) that
contains the data payload of an RPC op. When an smb_rqst is allocated
rq_iter is it always cleared, but we don't set it up unless we're going to
use it.
The functions that determines the size of the ciphertext buffer that will
be needed to encrypt a request, cifs_get_num_sgs(), assumes that rq_iter is
always initialised - and employs user_backed_iter() to check that the
iterator isn't user-backed. This used to incidentally work, because
->user_backed was set to false because the iterator has never been
initialised, but with commit f1b4cb650b9a0eeba206d8f069fcdc532bfbcd74[1]
which changes user_backed_iter() to determine this based on the iterator
type insted, a warning is now emitted:
WARNING: CPU: 7 PID: 4584 at fs/smb/client/cifsglob.h:2165 smb2_get_aead_req+0x3fc/0x420 [cifs]
...
RIP: 0010:smb2_get_aead_req+0x3fc/0x420 [cifs]
...
crypt_message+0x33e/0x550 [cifs]
smb3_init_transform_rq+0x27d/0x3f0 [cifs]
smb_send_rqst+0xc7/0x160 [cifs]
compound_send_recv+0x3ca/0x9f0 [cifs]
cifs_send_recv+0x25/0x30 [cifs]
SMB2_tcon+0x38a/0x820 [cifs]
cifs_get_smb_ses+0x69c/0xee0 [cifs]
cifs_mount_get_session+0x76/0x1d0 [cifs]
dfs_mount_share+0x74/0x9d0 [cifs]
cifs_mount+0x6e/0x2e0 [cifs]
cifs_smb3_do_mount+0x143/0x300 [cifs]
smb3_get_tree+0x15e/0x290 [cifs]
vfs_get_tree+0x2d/0xe0
do_new_mount+0x124/0x340
__se_sys_mount+0x143/0x1a0
The problem is that rq_iter was never set, so the type is 0 (ie. ITER_UBUF)
which causes user_backed_iter() to return true. The code doesn't
malfunction because it checks the size of the iterator - which is 0.
Fix cifs_get_num_sgs() to ignore rq_iter if its count is 0, thereby
bypassing the warnings.
It might be better to explicitly initialise rq_iter to a zero-length
ITER_BVEC, say, as it can always be reinitialised later.
Fixes: d08089f649a0 ("cifs: Change the I/O paths to use an iterator rather than a page list")
Reported-by: Damian Tometzki <damian@riscv-rocks.de>
Closes: https://lore.kernel.org/r/ZUfQo47uo0p2ZsYg@fedora.fritz.box/
Tested-by: Damian Tometzki <damian@riscv-rocks.de>
Cc: stable@vger.kernel.org
cc: Eric Biggers <ebiggers@kernel.org>
cc: linux-cifs@vger.kernel.org
cc: linux-fsdevel@vger.kernel.org
Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f1b4cb650b9a0eeba206d8f069fcdc532bfbcd74 [1]
Reviewed-by: Paulo Alcantara (SUSE) <pc@manguebit.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
|
|
The ipv6 redirect target was derived from the ipv4 one, i.e. its
identical to a 'dnat' with the first (primary) address assigned to the
network interface. The code has been moved around to make it usable
from nf_tables too, but its still the same as it was back when this
was added in 2012.
IPv6, however, has different types of addresses, if the 'wrong' address
comes first the redirection does not work.
In Daniels case, the addresses are:
inet6 ::ffff:192 ...
inet6 2a01: ...
... so the function attempts to redirect to the mapped address.
Add more checks before the address is deemed correct:
1. If the packets' daddr is scoped, search for a scoped address too
2. skip tentative addresses
3. skip mapped addresses
Use the first address that appears to match our needs.
Reported-by: Daniel Huhardeaux <tech@tootai.net>
Closes: https://lore.kernel.org/netfilter/71be06b8-6aa0-4cf9-9e0b-e2839b01b22f@tootai.net/
Fixes: 115e23ac78f8 ("netfilter: ip6tables: add REDIRECT target")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This reverts commit a07a594152173a3dd3bdd12fc7d73dbba54cdbca.
This is no longer needed after the patch ("arm64: Move MediaTek GIC
quirk handling from irqchip to core).
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Tested-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Link: https://lore.kernel.org/r/20231107072651.v2.2.I2c5fa192e767eb3ee233bc28eb60e2f8656c29a6@changeid
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
|
|
In commit 44bd78dd2b88 ("irqchip/gic-v3: Disable pseudo NMIs on
MediaTek devices w/ firmware issues") we added a method for detecting
MediaTek devices with broken firmware and disabled pseudo-NMI. While
that worked, it didn't address the problem at a deep enough level.
The fundamental issue with this broken firmware is that it's not
saving and restoring several important GICR registers. The current
list is believed to be:
* GICR_NUM_IPRIORITYR
* GICR_CTLR
* GICR_ISPENDR0
* GICR_ISACTIVER0
* GICR_NSACR
Pseudo-NMI didn't work because it was the only thing (currently) in
the kernel that relied on the broken registers, so forcing pseudo-NMI
off was an effective fix. However, it could be observed that calling
system_uses_irq_prio_masking() on these systems still returned
"true". That caused confusion and led to the need for
commit a07a59415217 ("arm64: smp: avoid NMI IPIs with broken MediaTek
FW"). It's worried that the incorrect value returned by
system_uses_irq_prio_masking() on these systems will continue to
confuse future developers.
Let's fix the issue a little more completely by disabling IRQ
priorities at a deeper level in the kernel. Once we do this we can
revert some of the other bits of code dealing with this quirk.
This includes a partial revert of commit 44bd78dd2b88
("irqchip/gic-v3: Disable pseudo NMIs on MediaTek devices w/ firmware
issues"). This isn't a full revert because it leaves some of the
changes to the "quirks" structure around in case future code needs it.
Suggested-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Reviewed-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Tested-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Marc Zyngier <maz@kernel.org>
Link: https://lore.kernel.org/r/20231107072651.v2.1.Ide945748593cffd8ff0feb9ae22b795935b944d6@changeid
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
|
|
Limit the free list length to the size of the IO TLB. Transient pool can be
smaller than IO_TLB_SEGSIZE, but the free list is initialized with the
assumption that the total number of slots is a multiple of IO_TLB_SEGSIZE.
As a result, swiotlb_area_find_slots() may allocate slots past the end of
a transient IO TLB buffer.
Reported-by: Niklas Schnelle <schnelle@linux.ibm.com>
Closes: https://lore.kernel.org/linux-iommu/104a8c8fedffd1ff8a2890983e2ec1c26bff6810.camel@linux.ibm.com/
Fixes: 79636caad361 ("swiotlb: if swiotlb is full, fall back to a transient memory pool")
Cc: stable@vger.kernel.org
Signed-off-by: Petr Tesarik <petr.tesarik1@huawei-partners.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
|
|
Alexandre Ghiti <alexghiti@rivosinc.com> says:
Those 2 patches fix the set_memory_XX() and set_direct_map_XX() APIs, which
in turn fix STRICT_KERNEL_RWX and memfd_secret(). Those were broken since the
permission changes were not applied to the linear mapping because the linear
mapping is mapped using hugepages and walk_page_range_novma() does not split
such mappings.
To fix that, patch 1 disables PGD mappings in the linear mapping as it is
hard to propagate changes at this level in *all* the page tables, this has the
downside of disabling PMD mapping for sv32 and PUD (1GB) mapping for sv39 in
the linear mapping (for specific kernels, we could add a Kconfig to enable
ARCH_HAS_SET_DIRECT_MAP and STRICT_KERNEL_RWX if needed, I'm pretty sure we'll
discuss that).
patch 2 implements the split of the huge linear mappings so that
walk_page_range_novma() can properly apply the permissions. The whole split is
protected with mmap_sem in write mode, but I'm wondering if that's enough,
any opinion on that is appreciated.
* b4-shazam-merge:
riscv: Fix set_memory_XX() and set_direct_map_XX() by splitting huge linear mappings
riscv: Don't use PGD entries for the linear mapping
Link: https://lore.kernel.org/r/20231108075930.7157-1-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
|
|
mappings
When STRICT_KERNEL_RWX is set, any change of permissions on any kernel
mapping (vmalloc/modules/kernel text...etc) should be applied on its
linear mapping alias. The problem is that the riscv kernel uses huge
mappings for the linear mapping and walk_page_range_novma() does not
split those huge mappings.
So this patchset implements such split in order to apply fine-grained
permissions on the linear mapping.
Below is the difference before and after (the first PUD mapping is split
into PTE/PMD mappings):
Before:
---[ Linear mapping ]---
0xffffaf8000080000-0xffffaf8000200000 0x0000000080080000 1536K PTE D A G . . W R V
0xffffaf8000200000-0xffffaf8077c00000 0x0000000080200000 1914M PMD D A G . . W R V
0xffffaf8077c00000-0xffffaf8078800000 0x00000000f7c00000 12M PMD D A G . . . R V
0xffffaf8078800000-0xffffaf8078c00000 0x00000000f8800000 4M PMD D A G . . W R V
0xffffaf8078c00000-0xffffaf8079200000 0x00000000f8c00000 6M PMD D A G . . . R V
0xffffaf8079200000-0xffffaf807e600000 0x00000000f9200000 84M PMD D A G . . W R V
0xffffaf807e600000-0xffffaf807e716000 0x00000000fe600000 1112K PTE D A G . . W R V
0xffffaf807e717000-0xffffaf807e71a000 0x00000000fe717000 12K PTE D A G . . W R V
0xffffaf807e71d000-0xffffaf807e71e000 0x00000000fe71d000 4K PTE D A G . . W R V
0xffffaf807e722000-0xffffaf807e800000 0x00000000fe722000 888K PTE D A G . . W R V
0xffffaf807e800000-0xffffaf807fe00000 0x00000000fe800000 22M PMD D A G . . W R V
0xffffaf807fe00000-0xffffaf807ff54000 0x00000000ffe00000 1360K PTE D A G . . W R V
0xffffaf807ff55000-0xffffaf8080000000 0x00000000fff55000 684K PTE D A G . . W R V
0xffffaf8080000000-0xffffaf8400000000 0x0000000100000000 14G PUD D A G . . W R V
After:
---[ Linear mapping ]---
0xffffaf8000080000-0xffffaf8000200000 0x0000000080080000 1536K PTE D A G . . W R V
0xffffaf8000200000-0xffffaf8077c00000 0x0000000080200000 1914M PMD D A G . . W R V
0xffffaf8077c00000-0xffffaf8078800000 0x00000000f7c00000 12M PMD D A G . . . R V
0xffffaf8078800000-0xffffaf8078a00000 0x00000000f8800000 2M PMD D A G . . W R V
0xffffaf8078a00000-0xffffaf8078c00000 0x00000000f8a00000 2M PTE D A G . . W R V
0xffffaf8078c00000-0xffffaf8079200000 0x00000000f8c00000 6M PMD D A G . . . R V
0xffffaf8079200000-0xffffaf807e600000 0x00000000f9200000 84M PMD D A G . . W R V
0xffffaf807e600000-0xffffaf807e716000 0x00000000fe600000 1112K PTE D A G . . W R V
0xffffaf807e717000-0xffffaf807e71a000 0x00000000fe717000 12K PTE D A G . . W R V
0xffffaf807e71d000-0xffffaf807e71e000 0x00000000fe71d000 4K PTE D A G . . W R V
0xffffaf807e722000-0xffffaf807e800000 0x00000000fe722000 888K PTE D A G . . W R V
0xffffaf807e800000-0xffffaf807fe00000 0x00000000fe800000 22M PMD D A G . . W R V
0xffffaf807fe00000-0xffffaf807ff54000 0x00000000ffe00000 1360K PTE D A G . . W R V
0xffffaf807ff55000-0xffffaf8080000000 0x00000000fff55000 684K PTE D A G . . W R V
0xffffaf8080000000-0xffffaf8080800000 0x0000000100000000 8M PMD D A G . . W R V
0xffffaf8080800000-0xffffaf8080af6000 0x0000000100800000 3032K PTE D A G . . W R V
0xffffaf8080af6000-0xffffaf8080af8000 0x0000000100af6000 8K PTE D A G . X . R V
0xffffaf8080af8000-0xffffaf8080c00000 0x0000000100af8000 1056K PTE D A G . . W R V
0xffffaf8080c00000-0xffffaf8081a00000 0x0000000100c00000 14M PMD D A G . . W R V
0xffffaf8081a00000-0xffffaf8081a40000 0x0000000101a00000 256K PTE D A G . . W R V
0xffffaf8081a40000-0xffffaf8081a44000 0x0000000101a40000 16K PTE D A G . X . R V
0xffffaf8081a44000-0xffffaf8081a52000 0x0000000101a44000 56K PTE D A G . . W R V
0xffffaf8081a52000-0xffffaf8081a54000 0x0000000101a52000 8K PTE D A G . X . R V
...
0xffffaf809e800000-0xffffaf80c0000000 0x000000011e800000 536M PMD D A G . . W R V
0xffffaf80c0000000-0xffffaf8400000000 0x0000000140000000 13G PUD D A G . . W R V
Note that this also fixes memfd_secret() syscall which uses
set_direct_map_invalid_noflush() and set_direct_map_default_noflush() to
remove the pages from the linear mapping. Below is the kernel page table
while a memfd_secret() syscall is running, you can see all the !valid
page table entries in the linear mapping:
...
0xffffaf8082240000-0xffffaf8082241000 0x0000000102240000 4K PTE D A G . . W R .
0xffffaf8082241000-0xffffaf8082250000 0x0000000102241000 60K PTE D A G . . W R V
0xffffaf8082250000-0xffffaf8082252000 0x0000000102250000 8K PTE D A G . . W R .
0xffffaf8082252000-0xffffaf8082256000 0x0000000102252000 16K PTE D A G . . W R V
0xffffaf8082256000-0xffffaf8082257000 0x0000000102256000 4K PTE D A G . . W R .
0xffffaf8082257000-0xffffaf8082258000 0x0000000102257000 4K PTE D A G . . W R V
0xffffaf8082258000-0xffffaf8082259000 0x0000000102258000 4K PTE D A G . . W R .
0xffffaf8082259000-0xffffaf808225a000 0x0000000102259000 4K PTE D A G . . W R V
0xffffaf808225a000-0xffffaf808225c000 0x000000010225a000 8K PTE D A G . . W R .
0xffffaf808225c000-0xffffaf8082266000 0x000000010225c000 40K PTE D A G . . W R V
0xffffaf8082266000-0xffffaf8082268000 0x0000000102266000 8K PTE D A G . . W R .
0xffffaf8082268000-0xffffaf8082284000 0x0000000102268000 112K PTE D A G . . W R V
0xffffaf8082284000-0xffffaf8082288000 0x0000000102284000 16K PTE D A G . . W R .
0xffffaf8082288000-0xffffaf808229c000 0x0000000102288000 80K PTE D A G . . W R V
0xffffaf808229c000-0xffffaf80822a0000 0x000000010229c000 16K PTE D A G . . W R .
0xffffaf80822a0000-0xffffaf80822a5000 0x00000001022a0000 20K PTE D A G . . W R V
0xffffaf80822a5000-0xffffaf80822a6000 0x00000001022a5000 4K PTE D A G . . . R V
0xffffaf80822a6000-0xffffaf80822ab000 0x00000001022a6000 20K PTE D A G . . W R V
...
And when the memfd_secret() fd is released, the linear mapping is
correctly reset:
...
0xffffaf8082240000-0xffffaf80822a5000 0x0000000102240000 404K PTE D A G . . W R V
0xffffaf80822a5000-0xffffaf80822a6000 0x00000001022a5000 4K PTE D A G . . . R V
0xffffaf80822a6000-0xffffaf80822af000 0x00000001022a6000 36K PTE D A G . . W R V
...
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Link: https://lore.kernel.org/r/20231108075930.7157-3-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
|
|
Propagating changes at this level is cumbersome as we need to go through
all the page tables when that happens (either when changing the
permissions or when splitting the mapping).
Note that this prevents the use of 4MB mapping for sv32 and 1GB mapping for
sv39 in the linear mapping.
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Link: https://lore.kernel.org/r/20231108075930.7157-2-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
|
|
Reading the peak data to detect abnormal data in the ADC channel.
If abnormal data occurs, the driver takes recovery actions to
refresh the ADC channel.
Signed-off-by: David Lin <CTLIN0@nuvoton.com>
Link: https://lore.kernel.org/r/20231108061658.1265065-1-CTLIN0@nuvoton.com
Signed-off-by: Mark Brown <broonie@kernel.org>
|
|
in6_pton() supports 'low-32-bit dot-decimal representation'
(this is useful with DNS64/NAT64 networks for example):
# echo +aaaa:bbbb:cccc:dddd:eeee:ffff:1.2.3.4 > /proc/self/net/xt_recent/DEFAULT
# cat /proc/self/net/xt_recent/DEFAULT
src=aaaa:bbbb:cccc:dddd:eeee:ffff:0102:0304 ttl: 0 last_seen: 9733848829 oldest_pkt: 1 9733848829
but the provided buffer is too short:
# echo +aaaa:bbbb:cccc:dddd:eeee:ffff:255.255.255.255 > /proc/self/net/xt_recent/DEFAULT
-bash: echo: write error: Invalid argument
Fixes: 079aa88fe717 ("netfilter: xt_recent: IPv6 support")
Signed-off-by: Maciej Żenczykowski <zenczykowski@gmail.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
W=1 builds warn on missing MODULE_DESCRIPTION, add them.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
The expired catchall element is not deactivated and removed from GC sync
path. This path holds mutex so just call nft_setelem_data_deactivate()
and nft_setelem_catchall_remove() before queueing the GC work.
Fixes: 4a9e12ea7e70 ("netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC")
Reported-by: lonial con <kongln9170@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
W=1 builds warn on missing MODULE_DESCRIPTION, add them.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
In ppp_generic.c, memdup_user() is utilized to copy a userspace array.
This is done without an overflow-check, which is, however, not critical
because the multiplicands are an unsigned short and struct sock_filter,
which is currently of size 8.
Regardless, string.h now provides memdup_array_user(), a wrapper for
copying userspace arrays in a standardized manner, which has the
advantage of making it more obvious to the reader that an array is being
copied.
The wrapper additionally performs an obligatory overflow check, saving
the reader the effort of analyzing the potential for overflow, and
making the code a bit more robust in case of future changes to the
multiplicands len * size.
Replace memdup_user() with memdup_array_user().
Suggested-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Philipp Stanner <pstanner@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
While the preamble field _is_ technically big-endian, its value is always 0x2A2A,
which is the same in either endianness. However, to avoid generating a warning,
we should still call `htons()` explicitly.
Signed-off-by: Bence Csókás <bence98@sch.bme.hu>
Signed-off-by: Wolfram Sang <wsa@kernel.org>
|
|
i2c-dev.c utilizes memdup_user() to copy a userspace array. This is done
without an overflow check.
Use the new wrapper memdup_array_user() to copy the array more safely.
Suggested-by: Dave Airlie <airlied@redhat.com>
Signed-off-by: Philipp Stanner <pstanner@redhat.com>
Signed-off-by: Wolfram Sang <wsa@kernel.org>
|
|
During SMBus block data read process, we have seen high interrupt rate
because of TX_EMPTY irq status while waiting for block length byte (the
first data byte after the address phase). The interrupt handler does not
do anything because the internal state is kept as STATUS_WRITE_IN_PROGRESS.
Hence, we should disable TX_EMPTY IRQ until I2C DesignWare receives
first data byte from I2C device, then re-enable it to resume SMBus
transaction.
It takes 0.789 ms for host to receive data length from slave.
Without the patch, i2c_dw_isr() is called 99 times by TX_EMPTY interrupt.
And it is none after applying the patch.
Cc: stable@vger.kernel.org
Co-developed-by: Chuong Tran <chuong@os.amperecomputing.com>
Signed-off-by: Chuong Tran <chuong@os.amperecomputing.com>
Signed-off-by: Tam Nguyen <tamnguyenchi@os.amperecomputing.com>
Acked-by: Jarkko Nikula <jarkko.nikula@linux.intel.com>
Reviewed-by: Serge Semin <fancer.lancer@gmail.com>
Signed-off-by: Wolfram Sang <wsa@kernel.org>
|
|
Add the code to handle an invalid state when both bits S_RX_EVENT
(indicating a transaction) and S_START_BUSY (indicating the end
of transaction - transition of START_BUSY from 1 to 0) are set in
the interrupt status register during a slave read.
Signed-off-by: Roman Bacik <roman.bacik@broadcom.com>
Fixes: 1ca1b4516088 ("i2c: iproc: handle Master aborted error")
Acked-by: Ray Jui <ray.jui@broadcom.com>
Signed-off-by: Wolfram Sang <wsa@kernel.org>
|
|
Dell new platform support dual speaker. But BIOS verb table only show one speaker.
It will fill verb table for second speaker. Then bind with CS AMP model.
Fixes: de90f5165b1c ("ALSA: hda/realtek: Add support for DELL Oasis 13/14/16 laptops")
Signed-off-by: Kailang Yang <kailang@realtek.com>
Link: https://lore.kernel.org/r/4dd390a77bf742b8a518ac2deee00b0f@realtek.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
|
|
Enable the cpu v4 tests for LoongArch. Currently, we don't have BPF
trampoline in LoongArch JIT, so the fentry test `test_ptr_struct_arg`
still failed, will followup.
Test result attached below:
# ./test_progs -t verifier_sdiv,verifier_movsx,verifier_ldsx,verifier_gotol,verifier_bswap
#316/1 verifier_bswap/BSWAP, 16:OK
#316/2 verifier_bswap/BSWAP, 16 @unpriv:OK
#316/3 verifier_bswap/BSWAP, 32:OK
#316/4 verifier_bswap/BSWAP, 32 @unpriv:OK
#316/5 verifier_bswap/BSWAP, 64:OK
#316/6 verifier_bswap/BSWAP, 64 @unpriv:OK
#316 verifier_bswap:OK
#330/1 verifier_gotol/gotol, small_imm:OK
#330/2 verifier_gotol/gotol, small_imm @unpriv:OK
#330 verifier_gotol:OK
#338/1 verifier_ldsx/LDSX, S8:OK
#338/2 verifier_ldsx/LDSX, S8 @unpriv:OK
#338/3 verifier_ldsx/LDSX, S16:OK
#338/4 verifier_ldsx/LDSX, S16 @unpriv:OK
#338/5 verifier_ldsx/LDSX, S32:OK
#338/6 verifier_ldsx/LDSX, S32 @unpriv:OK
#338/7 verifier_ldsx/LDSX, S8 range checking, privileged:OK
#338/8 verifier_ldsx/LDSX, S16 range checking:OK
#338/9 verifier_ldsx/LDSX, S16 range checking @unpriv:OK
#338/10 verifier_ldsx/LDSX, S32 range checking:OK
#338/11 verifier_ldsx/LDSX, S32 range checking @unpriv:OK
#338 verifier_ldsx:OK
#349/1 verifier_movsx/MOV32SX, S8:OK
#349/2 verifier_movsx/MOV32SX, S8 @unpriv:OK
#349/3 verifier_movsx/MOV32SX, S16:OK
#349/4 verifier_movsx/MOV32SX, S16 @unpriv:OK
#349/5 verifier_movsx/MOV64SX, S8:OK
#349/6 verifier_movsx/MOV64SX, S8 @unpriv:OK
#349/7 verifier_movsx/MOV64SX, S16:OK
#349/8 verifier_movsx/MOV64SX, S16 @unpriv:OK
#349/9 verifier_movsx/MOV64SX, S32:OK
#349/10 verifier_movsx/MOV64SX, S32 @unpriv:OK
#349/11 verifier_movsx/MOV32SX, S8, range_check:OK
#349/12 verifier_movsx/MOV32SX, S8, range_check @unpriv:OK
#349/13 verifier_movsx/MOV32SX, S16, range_check:OK
#349/14 verifier_movsx/MOV32SX, S16, range_check @unpriv:OK
#349/15 verifier_movsx/MOV32SX, S16, range_check 2:OK
#349/16 verifier_movsx/MOV32SX, S16, range_check 2 @unpriv:OK
#349/17 verifier_movsx/MOV64SX, S8, range_check:OK
#349/18 verifier_movsx/MOV64SX, S8, range_check @unpriv:OK
#349/19 verifier_movsx/MOV64SX, S16, range_check:OK
#349/20 verifier_movsx/MOV64SX, S16, range_check @unpriv:OK
#349/21 verifier_movsx/MOV64SX, S32, range_check:OK
#349/22 verifier_movsx/MOV64SX, S32, range_check @unpriv:OK
#349/23 verifier_movsx/MOV64SX, S16, R10 Sign Extension:OK
#349/24 verifier_movsx/MOV64SX, S16, R10 Sign Extension @unpriv:OK
#349 verifier_movsx:OK
#361/1 verifier_sdiv/SDIV32, non-zero imm divisor, check 1:OK
#361/2 verifier_sdiv/SDIV32, non-zero imm divisor, check 1 @unpriv:OK
#361/3 verifier_sdiv/SDIV32, non-zero imm divisor, check 2:OK
#361/4 verifier_sdiv/SDIV32, non-zero imm divisor, check 2 @unpriv:OK
#361/5 verifier_sdiv/SDIV32, non-zero imm divisor, check 3:OK
#361/6 verifier_sdiv/SDIV32, non-zero imm divisor, check 3 @unpriv:OK
#361/7 verifier_sdiv/SDIV32, non-zero imm divisor, check 4:OK
#361/8 verifier_sdiv/SDIV32, non-zero imm divisor, check 4 @unpriv:OK
#361/9 verifier_sdiv/SDIV32, non-zero imm divisor, check 5:OK
#361/10 verifier_sdiv/SDIV32, non-zero imm divisor, check 5 @unpriv:OK
#361/11 verifier_sdiv/SDIV32, non-zero imm divisor, check 6:OK
#361/12 verifier_sdiv/SDIV32, non-zero imm divisor, check 6 @unpriv:OK
#361/13 verifier_sdiv/SDIV32, non-zero imm divisor, check 7:OK
#361/14 verifier_sdiv/SDIV32, non-zero imm divisor, check 7 @unpriv:OK
#361/15 verifier_sdiv/SDIV32, non-zero imm divisor, check 8:OK
#361/16 verifier_sdiv/SDIV32, non-zero imm divisor, check 8 @unpriv:OK
#361/17 verifier_sdiv/SDIV32, non-zero reg divisor, check 1:OK
#361/18 verifier_sdiv/SDIV32, non-zero reg divisor, check 1 @unpriv:OK
#361/19 verifier_sdiv/SDIV32, non-zero reg divisor, check 2:OK
#361/20 verifier_sdiv/SDIV32, non-zero reg divisor, check 2 @unpriv:OK
#361/21 verifier_sdiv/SDIV32, non-zero reg divisor, check 3:OK
#361/22 verifier_sdiv/SDIV32, non-zero reg divisor, check 3 @unpriv:OK
#361/23 verifier_sdiv/SDIV32, non-zero reg divisor, check 4:OK
#361/24 verifier_sdiv/SDIV32, non-zero reg divisor, check 4 @unpriv:OK
#361/25 verifier_sdiv/SDIV32, non-zero reg divisor, check 5:OK
#361/26 verifier_sdiv/SDIV32, non-zero reg divisor, check 5 @unpriv:OK
#361/27 verifier_sdiv/SDIV32, non-zero reg divisor, check 6:OK
#361/28 verifier_sdiv/SDIV32, non-zero reg divisor, check 6 @unpriv:OK
#361/29 verifier_sdiv/SDIV32, non-zero reg divisor, check 7:OK
#361/30 verifier_sdiv/SDIV32, non-zero reg divisor, check 7 @unpriv:OK
#361/31 verifier_sdiv/SDIV32, non-zero reg divisor, check 8:OK
#361/32 verifier_sdiv/SDIV32, non-zero reg divisor, check 8 @unpriv:OK
#361/33 verifier_sdiv/SDIV64, non-zero imm divisor, check 1:OK
#361/34 verifier_sdiv/SDIV64, non-zero imm divisor, check 1 @unpriv:OK
#361/35 verifier_sdiv/SDIV64, non-zero imm divisor, check 2:OK
#361/36 verifier_sdiv/SDIV64, non-zero imm divisor, check 2 @unpriv:OK
#361/37 verifier_sdiv/SDIV64, non-zero imm divisor, check 3:OK
#361/38 verifier_sdiv/SDIV64, non-zero imm divisor, check 3 @unpriv:OK
#361/39 verifier_sdiv/SDIV64, non-zero imm divisor, check 4:OK
#361/40 verifier_sdiv/SDIV64, non-zero imm divisor, check 4 @unpriv:OK
#361/41 verifier_sdiv/SDIV64, non-zero imm divisor, check 5:OK
#361/42 verifier_sdiv/SDIV64, non-zero imm divisor, check 5 @unpriv:OK
#361/43 verifier_sdiv/SDIV64, non-zero imm divisor, check 6:OK
#361/44 verifier_sdiv/SDIV64, non-zero imm divisor, check 6 @unpriv:OK
#361/45 verifier_sdiv/SDIV64, non-zero reg divisor, check 1:OK
#361/46 verifier_sdiv/SDIV64, non-zero reg divisor, check 1 @unpriv:OK
#361/47 verifier_sdiv/SDIV64, non-zero reg divisor, check 2:OK
#361/48 verifier_sdiv/SDIV64, non-zero reg divisor, check 2 @unpriv:OK
#361/49 verifier_sdiv/SDIV64, non-zero reg divisor, check 3:OK
#361/50 verifier_sdiv/SDIV64, non-zero reg divisor, check 3 @unpriv:OK
#361/51 verifier_sdiv/SDIV64, non-zero reg divisor, check 4:OK
#361/52 verifier_sdiv/SDIV64, non-zero reg divisor, check 4 @unpriv:OK
#361/53 verifier_sdiv/SDIV64, non-zero reg divisor, check 5:OK
#361/54 verifier_sdiv/SDIV64, non-zero reg divisor, check 5 @unpriv:OK
#361/55 verifier_sdiv/SDIV64, non-zero reg divisor, check 6:OK
#361/56 verifier_sdiv/SDIV64, non-zero reg divisor, check 6 @unpriv:OK
#361/57 verifier_sdiv/SMOD32, non-zero imm divisor, check 1:OK
#361/58 verifier_sdiv/SMOD32, non-zero imm divisor, check 1 @unpriv:OK
#361/59 verifier_sdiv/SMOD32, non-zero imm divisor, check 2:OK
#361/60 verifier_sdiv/SMOD32, non-zero imm divisor, check 2 @unpriv:OK
#361/61 verifier_sdiv/SMOD32, non-zero imm divisor, check 3:OK
#361/62 verifier_sdiv/SMOD32, non-zero imm divisor, check 3 @unpriv:OK
#361/63 verifier_sdiv/SMOD32, non-zero imm divisor, check 4:OK
#361/64 verifier_sdiv/SMOD32, non-zero imm divisor, check 4 @unpriv:OK
#361/65 verifier_sdiv/SMOD32, non-zero imm divisor, check 5:OK
#361/66 verifier_sdiv/SMOD32, non-zero imm divisor, check 5 @unpriv:OK
#361/67 verifier_sdiv/SMOD32, non-zero imm divisor, check 6:OK
#361/68 verifier_sdiv/SMOD32, non-zero imm divisor, check 6 @unpriv:OK
#361/69 verifier_sdiv/SMOD32, non-zero reg divisor, check 1:OK
#361/70 verifier_sdiv/SMOD32, non-zero reg divisor, check 1 @unpriv:OK
#361/71 verifier_sdiv/SMOD32, non-zero reg divisor, check 2:OK
#361/72 verifier_sdiv/SMOD32, non-zero reg divisor, check 2 @unpriv:OK
#361/73 verifier_sdiv/SMOD32, non-zero reg divisor, check 3:OK
#361/74 verifier_sdiv/SMOD32, non-zero reg divisor, check 3 @unpriv:OK
#361/75 verifier_sdiv/SMOD32, non-zero reg divisor, check 4:OK
#361/76 verifier_sdiv/SMOD32, non-zero reg divisor, check 4 @unpriv:OK
#361/77 verifier_sdiv/SMOD32, non-zero reg divisor, check 5:OK
#361/78 verifier_sdiv/SMOD32, non-zero reg divisor, check 5 @unpriv:OK
#361/79 verifier_sdiv/SMOD32, non-zero reg divisor, check 6:OK
#361/80 verifier_sdiv/SMOD32, non-zero reg divisor, check 6 @unpriv:OK
#361/81 verifier_sdiv/SMOD64, non-zero imm divisor, check 1:OK
#361/82 verifier_sdiv/SMOD64, non-zero imm divisor, check 1 @unpriv:OK
#361/83 verifier_sdiv/SMOD64, non-zero imm divisor, check 2:OK
#361/84 verifier_sdiv/SMOD64, non-zero imm divisor, check 2 @unpriv:OK
#361/85 verifier_sdiv/SMOD64, non-zero imm divisor, check 3:OK
#361/86 verifier_sdiv/SMOD64, non-zero imm divisor, check 3 @unpriv:OK
#361/87 verifier_sdiv/SMOD64, non-zero imm divisor, check 4:OK
#361/88 verifier_sdiv/SMOD64, non-zero imm divisor, check 4 @unpriv:OK
#361/89 verifier_sdiv/SMOD64, non-zero imm divisor, check 5:OK
#361/90 verifier_sdiv/SMOD64, non-zero imm divisor, check 5 @unpriv:OK
#361/91 verifier_sdiv/SMOD64, non-zero imm divisor, check 6:OK
#361/92 verifier_sdiv/SMOD64, non-zero imm divisor, check 6 @unpriv:OK
#361/93 verifier_sdiv/SMOD64, non-zero imm divisor, check 7:OK
#361/94 verifier_sdiv/SMOD64, non-zero imm divisor, check 7 @unpriv:OK
#361/95 verifier_sdiv/SMOD64, non-zero imm divisor, check 8:OK
#361/96 verifier_sdiv/SMOD64, non-zero imm divisor, check 8 @unpriv:OK
#361/97 verifier_sdiv/SMOD64, non-zero reg divisor, check 1:OK
#361/98 verifier_sdiv/SMOD64, non-zero reg divisor, check 1 @unpriv:OK
#361/99 verifier_sdiv/SMOD64, non-zero reg divisor, check 2:OK
#361/100 verifier_sdiv/SMOD64, non-zero reg divisor, check 2 @unpriv:OK
#361/101 verifier_sdiv/SMOD64, non-zero reg divisor, check 3:OK
#361/102 verifier_sdiv/SMOD64, non-zero reg divisor, check 3 @unpriv:OK
#361/103 verifier_sdiv/SMOD64, non-zero reg divisor, check 4:OK
#361/104 verifier_sdiv/SMOD64, non-zero reg divisor, check 4 @unpriv:OK
#361/105 verifier_sdiv/SMOD64, non-zero reg divisor, check 5:OK
#361/106 verifier_sdiv/SMOD64, non-zero reg divisor, check 5 @unpriv:OK
#361/107 verifier_sdiv/SMOD64, non-zero reg divisor, check 6:OK
#361/108 verifier_sdiv/SMOD64, non-zero reg divisor, check 6 @unpriv:OK
#361/109 verifier_sdiv/SMOD64, non-zero reg divisor, check 7:OK
#361/110 verifier_sdiv/SMOD64, non-zero reg divisor, check 7 @unpriv:OK
#361/111 verifier_sdiv/SMOD64, non-zero reg divisor, check 8:OK
#361/112 verifier_sdiv/SMOD64, non-zero reg divisor, check 8 @unpriv:OK
#361/113 verifier_sdiv/SDIV32, zero divisor:OK
#361/114 verifier_sdiv/SDIV32, zero divisor @unpriv:OK
#361/115 verifier_sdiv/SDIV64, zero divisor:OK
#361/116 verifier_sdiv/SDIV64, zero divisor @unpriv:OK
#361/117 verifier_sdiv/SMOD32, zero divisor:OK
#361/118 verifier_sdiv/SMOD32, zero divisor @unpriv:OK
#361/119 verifier_sdiv/SMOD64, zero divisor:OK
#361/120 verifier_sdiv/SMOD64, zero divisor @unpriv:OK
#361 verifier_sdiv:OK
Summary: 5/163 PASSED, 0 SKIPPED, 0 FAILED
# ./test_progs -t ldsx_insn
test_map_val_and_probed_memory:PASS:test_ldsx_insn__open 0 nsec
test_map_val_and_probed_memory:PASS:test_ldsx_insn__load 0 nsec
libbpf: prog 'test_ptr_struct_arg': failed to attach: ERROR: strerror_r(-524)=22
libbpf: prog 'test_ptr_struct_arg': failed to auto-attach: -524
test_map_val_and_probed_memory:FAIL:test_ldsx_insn__attach unexpected error: -524 (errno 524)
#116/1 ldsx_insn/map_val and probed_memory:FAIL
#116/2 ldsx_insn/ctx_member_sign_ext:OK
#116/3 ldsx_insn/ctx_member_narrow_sign_ext:OK
#116 ldsx_insn:FAIL
All error logs:
test_map_val_and_probed_memory:PASS:test_ldsx_insn__open 0 nsec
test_map_val_and_probed_memory:PASS:test_ldsx_insn__load 0 nsec
libbpf: prog 'test_ptr_struct_arg': failed to attach: ERROR: strerror_r(-524)=22
libbpf: prog 'test_ptr_struct_arg': failed to auto-attach: -524
test_map_val_and_probed_memory:FAIL:test_ldsx_insn__attach unexpected error: -524 (errno 524)
#116/1 ldsx_insn/map_val and probed_memory:FAIL
#116 ldsx_insn:FAIL
Summary: 0/2 PASSED, 0 SKIPPED, 1 FAILED
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Add support for signed mod instructions.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Add support for signed div instructions.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Add support for 32-bit offset jmp instruction. Currently, we use b
instruction which supports range within ±128MB for such jumps. This
should be large enough for BPF progs.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Add support for unconditional bswap instruction. Since LoongArch is
always little-endian, just treat unconditional bswap the same as big-
endian conversion.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Add support for sign-extension mov instructions.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Add support for sign-extension load instructions.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
This patch adds more instruction opcodes and their corresponding emit_*
helpers which will be used in later patches.
Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
rcutree_report_cpu_starting() must be called before cpu_probe() to avoid
the following lockdep splat that triggered by calling __alloc_pages() when
CONFIG_PROVE_RCU_LIST=y:
=============================
WARNING: suspicious RCU usage
6.6.0+ #980 Not tainted
-----------------------------
kernel/locking/lockdep.c:3761 RCU-list traversed in non-reader section!!
other info that might help us debug this:
RCU used illegally from offline CPU!
rcu_scheduler_active = 1, debug_locks = 1
1 lock held by swapper/1/0:
#0: 900000000c82ef98 (&pcp->lock){+.+.}-{2:2}, at: get_page_from_freelist+0x894/0x1790
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.6.0+ #980
Stack : 0000000000000001 9000000004f79508 9000000004893670 9000000100310000
90000001003137d0 0000000000000000 90000001003137d8 9000000004f79508
0000000000000000 0000000000000001 0000000000000000 90000000048a3384
203a656d616e2065 ca43677b3687e616 90000001002c3480 0000000000000008
000000000000009d 0000000000000000 0000000000000001 80000000ffffe0b8
000000000000000d 0000000000000033 0000000007ec0000 13bbf50562dad831
9000000005140748 0000000000000000 9000000004f79508 0000000000000004
0000000000000000 9000000005140748 90000001002bad40 0000000000000000
90000001002ba400 0000000000000000 9000000003573ec8 0000000000000000
00000000000000b0 0000000000000004 0000000000000000 0000000000070000
...
Call Trace:
[<9000000003573ec8>] show_stack+0x38/0x150
[<9000000004893670>] dump_stack_lvl+0x74/0xa8
[<900000000360d2bc>] lockdep_rcu_suspicious+0x14c/0x190
[<900000000361235c>] __lock_acquire+0xd0c/0x2740
[<90000000036146f4>] lock_acquire+0x104/0x2c0
[<90000000048a955c>] _raw_spin_lock_irqsave+0x5c/0x90
[<900000000381cd5c>] rmqueue_bulk+0x6c/0x950
[<900000000381fc0c>] get_page_from_freelist+0xd4c/0x1790
[<9000000003821c6c>] __alloc_pages+0x1bc/0x3e0
[<9000000003583b40>] tlb_init+0x150/0x2a0
[<90000000035742a0>] per_cpu_trap_init+0xf0/0x110
[<90000000035712fc>] cpu_probe+0x3dc/0x7a0
[<900000000357ed20>] start_secondary+0x40/0xb0
[<9000000004897138>] smpboot_entry+0x54/0x58
raw_smp_processor_id() is required in order to avoid calling into lockdep
before RCU has declared the CPU to be watched for readers.
See also commit 29368e093921 ("x86/smpboot: Move rcu_cpu_starting() earlier"),
commit de5d9dae150c ("s390/smp: move rcu_cpu_starting() earlier") and commit
99f070b62322 ("powerpc/smp: Call rcu_cpu_starting() earlier").
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
This patch relaxes the implementation while satisfying the memory ordering
requirements for atomic operations, which will help improve performance on
LA664+.
Unixbench with full threads (8)
before after
Dhrystone 2 using register variables 203910714.2 203909539.8 0.00%
Double-Precision Whetstone 37930.9 37931 0.00%
Execl Throughput 29431.5 29545.8 0.39%
File Copy 1024 bufsize 2000 maxblocks 6645759.5 6676320 0.46%
File Copy 256 bufsize 500 maxblocks 2138772.4 2144182.4 0.25%
File Copy 4096 bufsize 8000 maxblocks 11640698.4 11602703 -0.33%
Pipe Throughput 8849077.7 8917009.4 0.77%
Pipe-based Context Switching 1255108.5 1287277.3 2.56%
Process Creation 50825.9 50442.1 -0.76%
Shell Scripts (1 concurrent) 25795.8 25942.3 0.57%
Shell Scripts (8 concurrent) 3812.6 3835.2 0.59%
System Call Overhead 9248212.6 9353348.6 1.14%
=======
System Benchmarks Index Score 8076.6 8114.4 0.47%
Signed-off-by: WANG Rui <wangrui@loongson.cn>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
A recent change to the optimization pipeline in LLVM reveals some
fragility around the inlining of LoongArch's __percpu functions, which
manifests as a BUILD_BUG() failure:
In file included from kernel/sched/build_policy.c:17:
In file included from include/linux/sched/cputime.h:5:
In file included from include/linux/sched/signal.h:5:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:26:
In file included from include/linux/irqflags.h:18:
arch/loongarch/include/asm/percpu.h:97:3: error: call to '__compiletime_assert_51' declared with 'error' attribute: BUILD_BUG failed
97 | BUILD_BUG();
| ^
include/linux/build_bug.h:59:21: note: expanded from macro 'BUILD_BUG'
59 | #define BUILD_BUG() BUILD_BUG_ON_MSG(1, "BUILD_BUG failed")
| ^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
39 | #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
| ^
include/linux/compiler_types.h:425:2: note: expanded from macro 'compiletime_assert'
425 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
| ^
include/linux/compiler_types.h:413:2: note: expanded from macro '_compiletime_assert'
413 | __compiletime_assert(condition, msg, prefix, suffix)
| ^
include/linux/compiler_types.h:406:4: note: expanded from macro '__compiletime_assert'
406 | prefix ## suffix(); \
| ^
<scratch space>:86:1: note: expanded from here
86 | __compiletime_assert_51
| ^
1 error generated.
If these functions are not inlined (which the compiler is free to do
even with functions marked with the standard 'inline' keyword), the
BUILD_BUG() in the default case cannot be eliminated since the compiler
cannot prove it is never used, resulting in a build failure due to the
error attribute.
Mark these functions as __always_inline to guarantee inlining so that
the BUILD_BUG() only triggers when the default case genuinely cannot be
eliminated due to an unexpected size.
Cc: <stable@vger.kernel.org>
Closes: https://github.com/ClangBuiltLinux/linux/issues/1955
Fixes: 46859ac8af52 ("LoongArch: Add multi-processor (SMP) support")
Link: https://github.com/llvm/llvm-project/commit/1a2e77cf9e11dbf56b5720c607313a566eebb16e
Suggested-by: Nick Desaulniers <ndesaulniers@google.com>
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
The distance between vmlinux and the module is too far so that PC-REL
cannot be accessed directly, only GOT.
When compiling module with GCC, the option `-mdirect-extern-access` is
disabled by default. The Clang option `-fdirect-access-external-data` is
enabled by default, so it needs to be explicitly disabled.
Signed-off-by: WANG Rui <wangrui@loongson.cn>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
Since commit 4e90d0522a688371402c ("riscv: support PREEMPT_DYNAMIC with
static keys"), the infrastructure is complete and we can simply select
HAVE_PREEMPT_DYNAMIC_KEY to enable PREEMPT_DYNAMIC on LoongArch because
we already support static keys.
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
|
|
NETLINK_MAX_FMTMSG_LEN
NETLINK_MAX_FMTMSG_LEN is currently hardcoded to 80, and we provide an
error printf-formatted string having 96 characters including the
terminating \0. Assuming each %d (representing a queue) gets replaced by
a number having at most 2 digits (a reasonable assumption), the final
string is also 96 characters wide, which is too much.
Reduce the verbiage a bit by removing some (partially) redundant words,
which makes the new printf-formatted string be 73 characters wide with
the trailing newline.
Fixes: 800db2d125c2 ("net: enetc: ensure we always have a minimum number of TXQs for stack")
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/lkml/202311061336.4dsWMT1h-lkp@intel.com/
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Link: https://lore.kernel.org/r/20231106160311.616118-1-vladimir.oltean@nxp.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
|
KMSAN reported the following uninit-value access issue:
=====================================================
BUG: KMSAN: uninit-value in virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421
virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421
vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120
process_one_work kernel/workqueue.c:2630 [inline]
process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703
worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784
kthread+0x3cc/0x520 kernel/kthread.c:388
ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
Uninit was stored to memory at:
virtio_transport_space_update net/vmw_vsock/virtio_transport_common.c:1274 [inline]
virtio_transport_recv_pkt+0x1ee8/0x26a0 net/vmw_vsock/virtio_transport_common.c:1415
vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120
process_one_work kernel/workqueue.c:2630 [inline]
process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703
worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784
kthread+0x3cc/0x520 kernel/kthread.c:388
ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
Uninit was created at:
slab_post_alloc_hook+0x105/0xad0 mm/slab.h:767
slab_alloc_node mm/slub.c:3478 [inline]
kmem_cache_alloc_node+0x5a2/0xaf0 mm/slub.c:3523
kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:559
__alloc_skb+0x2fd/0x770 net/core/skbuff.c:650
alloc_skb include/linux/skbuff.h:1286 [inline]
virtio_vsock_alloc_skb include/linux/virtio_vsock.h:66 [inline]
virtio_transport_alloc_skb+0x90/0x11e0 net/vmw_vsock/virtio_transport_common.c:58
virtio_transport_reset_no_sock net/vmw_vsock/virtio_transport_common.c:957 [inline]
virtio_transport_recv_pkt+0x1279/0x26a0 net/vmw_vsock/virtio_transport_common.c:1387
vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120
process_one_work kernel/workqueue.c:2630 [inline]
process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703
worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784
kthread+0x3cc/0x520 kernel/kthread.c:388
ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304
CPU: 1 PID: 10664 Comm: kworker/1:5 Not tainted 6.6.0-rc3-00146-g9f3ebbef746f #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-1.fc38 04/01/2014
Workqueue: vsock-loopback vsock_loopback_work
=====================================================
The following simple reproducer can cause the issue described above:
int main(void)
{
int sock;
struct sockaddr_vm addr = {
.svm_family = AF_VSOCK,
.svm_cid = VMADDR_CID_ANY,
.svm_port = 1234,
};
sock = socket(AF_VSOCK, SOCK_STREAM, 0);
connect(sock, (struct sockaddr *)&addr, sizeof(addr));
return 0;
}
This issue occurs because the `buf_alloc` and `fwd_cnt` fields of the
`struct virtio_vsock_hdr` are not initialized when a new skb is allocated
in `virtio_transport_init_hdr()`. This patch resolves the issue by
initializing these fields during allocation.
Fixes: 71dc9ec9ac7d ("virtio/vsock: replace virtio_vsock_pkt with sk_buff")
Reported-and-tested-by: syzbot+0c8ce1da0ac31abbadcd@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=0c8ce1da0ac31abbadcd
Signed-off-by: Shigeru Yoshida <syoshida@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Link: https://lore.kernel.org/r/20231104150531.257952-1-syoshida@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
|
