This is the start of the stable review cycle for the 4.19.165 release.
There are 35 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.165-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <[email protected]>
Linux 4.19.165-rc1
Hyeongseok Kim <[email protected]>
dm verity: skip verity work if I/O error when system is shutting down
Takashi Iwai <[email protected]>
ALSA: pcm: Clear the full allocated memory at hw_params
Jessica Yu <[email protected]>
module: delay kobject uevent until after module init call
Trond Myklebust <[email protected]>
NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode
Qinglang Miao <[email protected]>
powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe()
Jan Kara <[email protected]>
quota: Don't overflow quota file offsets
Miroslav Benes <[email protected]>
module: set MODULE_STATE_GOING state when a module fails to load
Dinghao Liu <[email protected]>
rtc: sun6i: Fix memleak in sun6i_rtc_clk_init
Boqun Feng <[email protected]>
fcntl: Fix potential deadlock in send_sig{io, urg}()
Takashi Iwai <[email protected]>
ALSA: rawmidi: Access runtime->avail always in spinlock
Takashi Iwai <[email protected]>
ALSA: seq: Use bool for snd_seq_queue internal flags
Mauro Carvalho Chehab <[email protected]>
media: gp8psk: initialize stats at power control logic
Anant Thazhemadam <[email protected]>
misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells()
Rustam Kovhaev <[email protected]>
reiserfs: add check for an invalid ih_entry_count
Anant Thazhemadam <[email protected]>
Bluetooth: hci_h5: close serdev device and free hu in h5_close
Peter Zijlstra <[email protected]>
asm-generic/tlb: avoid potential double flush
Peter Zijlstra <[email protected]>
mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush
Aneesh Kumar K.V <[email protected]>
powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case
Peter Zijlstra <[email protected]>
asm-generic/tlb, arch: Invert CONFIG_HAVE_RCU_TABLE_INVALIDATE
Will Deacon <[email protected]>
asm-generic/tlb: Track which levels of the page tables have been cleared
Peter Zijlstra <[email protected]>
asm-generic/tlb: Track freeing of page-table directories in struct mmu_gather
Johan Hovold <[email protected]>
of: fix linker-section match-table corruption
Damien Le Moal <[email protected]>
null_blk: Fix zone size initialization
Souptick Joarder <[email protected]>
xen/gntdev.c: Mark pages as dirty
Christophe Leroy <[email protected]>
powerpc/bitops: Fix possible undefined behaviour with fls() and fls64()
Paolo Bonzini <[email protected]>
KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits
Paolo Bonzini <[email protected]>
KVM: SVM: relax conditions for allowing MSR_IA32_SPEC_CTRL accesses
Petr Vorel <[email protected]>
uapi: move constants from <linux/kernel.h> to <linux/const.h>
Jan Kara <[email protected]>
ext4: don't remount read-only with errors=continue on reboot
Eric Auger <[email protected]>
vfio/pci: Move dummy_resources_list init in vfio_pci_probe()
Eric Biggers <[email protected]>
ubifs: prevent creating duplicate encrypted filenames
Eric Biggers <[email protected]>
f2fs: prevent creating duplicate encrypted filenames
Eric Biggers <[email protected]>
ext4: prevent creating duplicate encrypted filenames
Eric Biggers <[email protected]>
fscrypt: add fscrypt_is_nokey_name()
Kevin Vigor <[email protected]>
md/raid10: initialize r10_bio->read_slot before use.
-------------
Diffstat:
Makefile | 4 +-
arch/Kconfig | 3 -
arch/powerpc/Kconfig | 2 +-
arch/powerpc/include/asm/bitops.h | 23 +++++-
arch/powerpc/include/asm/book3s/32/pgalloc.h | 8 ---
arch/powerpc/include/asm/book3s/64/pgalloc.h | 2 -
arch/powerpc/include/asm/nohash/32/pgalloc.h | 8 ---
arch/powerpc/include/asm/nohash/64/pgalloc.h | 9 +--
arch/powerpc/include/asm/tlb.h | 11 +++
arch/powerpc/mm/pgtable-book3s64.c | 7 --
arch/powerpc/sysdev/mpic_msgr.c | 2 +-
arch/sparc/include/asm/tlb_64.h | 9 +++
arch/x86/Kconfig | 1 -
arch/x86/kvm/cpuid.h | 14 ++++
arch/x86/kvm/svm.c | 9 +--
arch/x86/kvm/vmx.c | 6 +-
drivers/block/null_blk_zoned.c | 20 ++++--
drivers/bluetooth/hci_h5.c | 8 ++-
drivers/md/dm-verity-target.c | 12 +++-
drivers/md/raid10.c | 3 +-
drivers/media/usb/dvb-usb/gp8psk.c | 2 +-
drivers/misc/vmw_vmci/vmci_context.c | 2 +-
drivers/rtc/rtc-sun6i.c | 8 ++-
drivers/vfio/pci/vfio_pci.c | 3 +-
drivers/xen/gntdev.c | 17 +++--
fs/crypto/hooks.c | 10 +--
fs/ext4/namei.c | 3 +
fs/ext4/super.c | 14 ++--
fs/f2fs/f2fs.h | 2 +
fs/fcntl.c | 10 +--
fs/nfs/nfs4super.c | 2 +-
fs/nfs/pnfs.c | 33 ++++++++-
fs/nfs/pnfs.h | 5 ++
fs/quota/quota_tree.c | 8 +--
fs/reiserfs/stree.c | 6 ++
fs/ubifs/dir.c | 17 +++--
include/asm-generic/tlb.h | 103 +++++++++++++++++++++++----
include/linux/fscrypt_notsupp.h | 5 ++
include/linux/fscrypt_supp.h | 29 ++++++++
include/linux/of.h | 1 +
include/uapi/linux/const.h | 5 ++
include/uapi/linux/ethtool.h | 2 +-
include/uapi/linux/kernel.h | 9 +--
include/uapi/linux/lightnvm.h | 2 +-
include/uapi/linux/mroute6.h | 2 +-
include/uapi/linux/netfilter/x_tables.h | 2 +-
include/uapi/linux/netlink.h | 2 +-
include/uapi/linux/sysctl.h | 2 +-
kernel/module.c | 6 +-
mm/memory.c | 20 +++---
sound/core/pcm_native.c | 9 ++-
sound/core/rawmidi.c | 49 +++++++++----
sound/core/seq/seq_queue.h | 8 +--
53 files changed, 398 insertions(+), 161 deletions(-)
From: Petr Vorel <[email protected]>
commit a85cbe6159ffc973e5702f70a3bd5185f8f3c38d upstream.
and include <linux/const.h> in UAPI headers instead of <linux/kernel.h>.
The reason is to avoid indirect <linux/sysinfo.h> include when using
some network headers: <linux/netlink.h> or others -> <linux/kernel.h>
-> <linux/sysinfo.h>.
This indirect include causes on MUSL redefinition of struct sysinfo when
included both <sys/sysinfo.h> and some of UAPI headers:
In file included from x86_64-buildroot-linux-musl/sysroot/usr/include/linux/kernel.h:5,
from x86_64-buildroot-linux-musl/sysroot/usr/include/linux/netlink.h:5,
from ../include/tst_netlink.h:14,
from tst_crypto.c:13:
x86_64-buildroot-linux-musl/sysroot/usr/include/linux/sysinfo.h:8:8: error: redefinition of `struct sysinfo'
struct sysinfo {
^~~~~~~
In file included from ../include/tst_safe_macros.h:15,
from ../include/tst_test.h:93,
from tst_crypto.c:11:
x86_64-buildroot-linux-musl/sysroot/usr/include/sys/sysinfo.h:10:8: note: originally defined here
Link: https://lkml.kernel.org/r/[email protected]
Signed-off-by: Petr Vorel <[email protected]>
Suggested-by: Rich Felker <[email protected]>
Acked-by: Rich Felker <[email protected]>
Cc: Peter Korsgaard <[email protected]>
Cc: Baruch Siach <[email protected]>
Cc: Florian Weimer <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
include/uapi/linux/const.h | 5 +++++
include/uapi/linux/ethtool.h | 2 +-
include/uapi/linux/kernel.h | 9 +--------
include/uapi/linux/lightnvm.h | 2 +-
include/uapi/linux/mroute6.h | 2 +-
include/uapi/linux/netfilter/x_tables.h | 2 +-
include/uapi/linux/netlink.h | 2 +-
include/uapi/linux/sysctl.h | 2 +-
8 files changed, 12 insertions(+), 14 deletions(-)
--- a/include/uapi/linux/const.h
+++ b/include/uapi/linux/const.h
@@ -28,4 +28,9 @@
#define _BITUL(x) (_UL(1) << (x))
#define _BITULL(x) (_ULL(1) << (x))
+#define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (typeof(x))(a) - 1)
+#define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
+
+#define __KERNEL_DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
+
#endif /* _UAPI_LINUX_CONST_H */
--- a/include/uapi/linux/ethtool.h
+++ b/include/uapi/linux/ethtool.h
@@ -14,7 +14,7 @@
#ifndef _UAPI_LINUX_ETHTOOL_H
#define _UAPI_LINUX_ETHTOOL_H
-#include <linux/kernel.h>
+#include <linux/const.h>
#include <linux/types.h>
#include <linux/if_ether.h>
--- a/include/uapi/linux/kernel.h
+++ b/include/uapi/linux/kernel.h
@@ -3,13 +3,6 @@
#define _UAPI_LINUX_KERNEL_H
#include <linux/sysinfo.h>
-
-/*
- * 'kernel.h' contains some often-used function prototypes etc
- */
-#define __ALIGN_KERNEL(x, a) __ALIGN_KERNEL_MASK(x, (typeof(x))(a) - 1)
-#define __ALIGN_KERNEL_MASK(x, mask) (((x) + (mask)) & ~(mask))
-
-#define __KERNEL_DIV_ROUND_UP(n, d) (((n) + (d) - 1) / (d))
+#include <linux/const.h>
#endif /* _UAPI_LINUX_KERNEL_H */
--- a/include/uapi/linux/lightnvm.h
+++ b/include/uapi/linux/lightnvm.h
@@ -21,7 +21,7 @@
#define _UAPI_LINUX_LIGHTNVM_H
#ifdef __KERNEL__
-#include <linux/kernel.h>
+#include <linux/const.h>
#include <linux/ioctl.h>
#else /* __KERNEL__ */
#include <stdio.h>
--- a/include/uapi/linux/mroute6.h
+++ b/include/uapi/linux/mroute6.h
@@ -2,7 +2,7 @@
#ifndef _UAPI__LINUX_MROUTE6_H
#define _UAPI__LINUX_MROUTE6_H
-#include <linux/kernel.h>
+#include <linux/const.h>
#include <linux/types.h>
#include <linux/sockios.h>
#include <linux/in6.h> /* For struct sockaddr_in6. */
--- a/include/uapi/linux/netfilter/x_tables.h
+++ b/include/uapi/linux/netfilter/x_tables.h
@@ -1,7 +1,7 @@
/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
#ifndef _UAPI_X_TABLES_H
#define _UAPI_X_TABLES_H
-#include <linux/kernel.h>
+#include <linux/const.h>
#include <linux/types.h>
#define XT_FUNCTION_MAXNAMELEN 30
--- a/include/uapi/linux/netlink.h
+++ b/include/uapi/linux/netlink.h
@@ -2,7 +2,7 @@
#ifndef _UAPI__LINUX_NETLINK_H
#define _UAPI__LINUX_NETLINK_H
-#include <linux/kernel.h>
+#include <linux/const.h>
#include <linux/socket.h> /* for __kernel_sa_family_t */
#include <linux/types.h>
--- a/include/uapi/linux/sysctl.h
+++ b/include/uapi/linux/sysctl.h
@@ -23,7 +23,7 @@
#ifndef _UAPI_LINUX_SYSCTL_H
#define _UAPI_LINUX_SYSCTL_H
-#include <linux/kernel.h>
+#include <linux/const.h>
#include <linux/types.h>
#include <linux/compiler.h>
From: Qinglang Miao <[email protected]>
[ Upstream commit ffa1797040c5da391859a9556be7b735acbe1242 ]
I noticed that iounmap() of msgr_block_addr before return from
mpic_msgr_probe() in the error handling case is missing. So use
devm_ioremap() instead of just ioremap() when remapping the message
register block, so the mapping will be automatically released on
probe failure.
Signed-off-by: Qinglang Miao <[email protected]>
Signed-off-by: Michael Ellerman <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Sasha Levin <[email protected]>
---
arch/powerpc/sysdev/mpic_msgr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/powerpc/sysdev/mpic_msgr.c b/arch/powerpc/sysdev/mpic_msgr.c
index 280e964e1aa88..497e86cfb12e0 100644
--- a/arch/powerpc/sysdev/mpic_msgr.c
+++ b/arch/powerpc/sysdev/mpic_msgr.c
@@ -196,7 +196,7 @@ static int mpic_msgr_probe(struct platform_device *dev)
/* IO map the message register block. */
of_address_to_resource(np, 0, &rsrc);
- msgr_block_addr = ioremap(rsrc.start, resource_size(&rsrc));
+ msgr_block_addr = devm_ioremap(&dev->dev, rsrc.start, resource_size(&rsrc));
if (!msgr_block_addr) {
dev_err(&dev->dev, "Failed to iomap MPIC message registers");
return -EFAULT;
--
2.27.0
From: Jessica Yu <[email protected]>
[ Upstream commit 38dc717e97153e46375ee21797aa54777e5498f3 ]
Apparently there has been a longstanding race between udev/systemd and
the module loader. Currently, the module loader sends a uevent right
after sysfs initialization, but before the module calls its init
function. However, some udev rules expect that the module has
initialized already upon receiving the uevent.
This race has been triggered recently (see link in references) in some
systemd mount unit files. For instance, the configfs module creates the
/sys/kernel/config mount point in its init function, however the module
loader issues the uevent before this happens. sys-kernel-config.mount
expects to be able to mount /sys/kernel/config upon receipt of the
module loading uevent, but if the configfs module has not called its
init function yet, then this directory will not exist and the mount unit
fails. A similar situation exists for sys-fs-fuse-connections.mount, as
the fuse sysfs mount point is created during the fuse module's init
function. If udev is faster than module initialization then the mount
unit would fail in a similar fashion.
To fix this race, delay the module KOBJ_ADD uevent until after the
module has finished calling its init routine.
Reviewed-by: Greg Kroah-Hartman <[email protected]>
Tested-By: Nicolas Morey-Chaisemartin <[email protected]>
Signed-off-by: Jessica Yu <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
---
kernel/module.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c
index 8dbe0ff22134e..429769605871d 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -1806,7 +1806,6 @@ static int mod_sysfs_init(struct module *mod)
if (err)
mod_kobject_put(mod);
- /* delay uevent until full sysfs population */
out:
return err;
}
@@ -1843,7 +1842,6 @@ static int mod_sysfs_setup(struct module *mod,
add_sect_attrs(mod, info);
add_notes_attrs(mod, info);
- kobject_uevent(&mod->mkobj.kobj, KOBJ_ADD);
return 0;
out_unreg_modinfo_attrs:
@@ -3499,6 +3497,9 @@ static noinline int do_init_module(struct module *mod)
blocking_notifier_call_chain(&module_notify_list,
MODULE_STATE_LIVE, mod);
+ /* Delay uevent until module has finished its init routine */
+ kobject_uevent(&mod->mkobj.kobj, KOBJ_ADD);
+
/*
* We need to finish all async code before the module init sequence
* is done. This has potential to deadlock. For example, a newly
--
2.27.0
From: Jan Kara <[email protected]>
[ Upstream commit b08070eca9e247f60ab39d79b2c25d274750441f ]
ext4_handle_error() with errors=continue mount option can accidentally
remount the filesystem read-only when the system is rebooting. Fix that.
Fixes: 1dc1097ff60e ("ext4: avoid panic during forced reboot")
Signed-off-by: Jan Kara <[email protected]>
Reviewed-by: Andreas Dilger <[email protected]>
Cc: [email protected]
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Theodore Ts'o <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
---
fs/ext4/super.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index ee96f504ed782..e9e9f09f5370d 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -454,19 +454,17 @@ static bool system_going_down(void)
static void ext4_handle_error(struct super_block *sb)
{
+ journal_t *journal = EXT4_SB(sb)->s_journal;
+
if (test_opt(sb, WARN_ON_ERROR))
WARN_ON_ONCE(1);
- if (sb_rdonly(sb))
+ if (sb_rdonly(sb) || test_opt(sb, ERRORS_CONT))
return;
- if (!test_opt(sb, ERRORS_CONT)) {
- journal_t *journal = EXT4_SB(sb)->s_journal;
-
- EXT4_SB(sb)->s_mount_flags |= EXT4_MF_FS_ABORTED;
- if (journal)
- jbd2_journal_abort(journal, -EIO);
- }
+ EXT4_SB(sb)->s_mount_flags |= EXT4_MF_FS_ABORTED;
+ if (journal)
+ jbd2_journal_abort(journal, -EIO);
/*
* We force ERRORS_RO behavior when system is rebooting. Otherwise we
* could panic during 'reboot -f' as the underlying device got already
--
2.27.0
From: Eric Biggers <[email protected]>
commit 75d18cd1868c2aee43553723872c35d7908f240f upstream.
As described in "fscrypt: add fscrypt_is_nokey_name()", it's possible to
create a duplicate filename in an encrypted directory by creating a file
concurrently with adding the directory's encryption key.
Fix this bug on ext4 by rejecting no-key dentries in ext4_add_entry().
Note that the duplicate check in ext4_find_dest_de() sometimes prevented
this bug. However in many cases it didn't, since ext4_find_dest_de()
doesn't examine every dentry.
Fixes: 4461471107b7 ("ext4 crypto: enable filename encryption")
Cc: [email protected]
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Eric Biggers <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
fs/ext4/namei.c | 3 +++
1 file changed, 3 insertions(+)
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -2106,6 +2106,9 @@ static int ext4_add_entry(handle_t *hand
if (!dentry->d_name.len)
return -EINVAL;
+ if (fscrypt_is_nokey_name(dentry))
+ return -ENOKEY;
+
retval = ext4_fname_setup_filename(dir, &dentry->d_name, 0, &fname);
if (retval)
return retval;
From: Damien Le Moal <[email protected]>
commit 0ebcdd702f49aeb0ad2e2d894f8c124a0acc6e23 upstream.
For a null_blk device with zoned mode enabled is currently initialized
with a number of zones equal to the device capacity divided by the zone
size, without considering if the device capacity is a multiple of the
zone size. If the zone size is not a divisor of the capacity, the zones
end up not covering the entire capacity, potentially resulting is out
of bounds accesses to the zone array.
Fix this by adding one last smaller zone with a size equal to the
remainder of the disk capacity divided by the zone size if the capacity
is not a multiple of the zone size. For such smaller last zone, the zone
capacity is also checked so that it does not exceed the smaller zone
size.
Reported-by: Naohiro Aota <[email protected]>
Fixes: ca4b2a011948 ("null_blk: add zone support")
Cc: [email protected]
Signed-off-by: Damien Le Moal <[email protected]>
Reviewed-by: Christoph Hellwig <[email protected]>
Reviewed-by: Johannes Thumshirn <[email protected]>
Signed-off-by: Jens Axboe <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/block/null_blk_zoned.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
--- a/drivers/block/null_blk_zoned.c
+++ b/drivers/block/null_blk_zoned.c
@@ -1,9 +1,9 @@
// SPDX-License-Identifier: GPL-2.0
#include <linux/vmalloc.h>
+#include <linux/sizes.h>
#include "null_blk.h"
-/* zone_size in MBs to sectors. */
-#define ZONE_SIZE_SHIFT 11
+#define MB_TO_SECTS(mb) (((sector_t)mb * SZ_1M) >> SECTOR_SHIFT)
static inline unsigned int null_zone_no(struct nullb_device *dev, sector_t sect)
{
@@ -12,7 +12,7 @@ static inline unsigned int null_zone_no(
int null_zone_init(struct nullb_device *dev)
{
- sector_t dev_size = (sector_t)dev->size * 1024 * 1024;
+ sector_t dev_capacity_sects;
sector_t sector = 0;
unsigned int i;
@@ -25,9 +25,12 @@ int null_zone_init(struct nullb_device *
return -EINVAL;
}
- dev->zone_size_sects = dev->zone_size << ZONE_SIZE_SHIFT;
- dev->nr_zones = dev_size >>
- (SECTOR_SHIFT + ilog2(dev->zone_size_sects));
+ dev_capacity_sects = MB_TO_SECTS(dev->size);
+ dev->zone_size_sects = MB_TO_SECTS(dev->zone_size);
+ dev->nr_zones = dev_capacity_sects >> ilog2(dev->zone_size_sects);
+ if (dev_capacity_sects & (dev->zone_size_sects - 1))
+ dev->nr_zones++;
+
dev->zones = kvmalloc_array(dev->nr_zones, sizeof(struct blk_zone),
GFP_KERNEL | __GFP_ZERO);
if (!dev->zones)
@@ -37,7 +40,10 @@ int null_zone_init(struct nullb_device *
struct blk_zone *zone = &dev->zones[i];
zone->start = zone->wp = sector;
- zone->len = dev->zone_size_sects;
+ if (zone->start + dev->zone_size_sects > dev_capacity_sects)
+ zone->len = dev_capacity_sects - zone->start;
+ else
+ zone->len = dev->zone_size_sects;
zone->type = BLK_ZONE_TYPE_SEQWRITE_REQ;
zone->cond = BLK_ZONE_COND_EMPTY;
From: Trond Myklebust <[email protected]>
[ Upstream commit b6d49ecd1081740b6e632366428b960461f8158b ]
When returning the layout in nfs4_evict_inode(), we need to ensure that
the layout is actually done being freed before we can proceed to free the
inode itself.
Signed-off-by: Trond Myklebust <[email protected]>
Signed-off-by: Sasha Levin <[email protected]>
---
fs/nfs/nfs4super.c | 2 +-
fs/nfs/pnfs.c | 33 +++++++++++++++++++++++++++++++--
fs/nfs/pnfs.h | 5 +++++
3 files changed, 37 insertions(+), 3 deletions(-)
diff --git a/fs/nfs/nfs4super.c b/fs/nfs/nfs4super.c
index 6fb7cb6b3f4b0..e7a10f5f54057 100644
--- a/fs/nfs/nfs4super.c
+++ b/fs/nfs/nfs4super.c
@@ -95,7 +95,7 @@ static void nfs4_evict_inode(struct inode *inode)
nfs_inode_return_delegation_noreclaim(inode);
/* Note that above delegreturn would trigger pnfs return-on-close */
pnfs_return_layout(inode);
- pnfs_destroy_layout(NFS_I(inode));
+ pnfs_destroy_layout_final(NFS_I(inode));
/* First call standard NFS clear_inode() code */
nfs_clear_inode(inode);
}
diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c
index 2b9e139a29975..a253384a4710b 100644
--- a/fs/nfs/pnfs.c
+++ b/fs/nfs/pnfs.c
@@ -294,6 +294,7 @@ void
pnfs_put_layout_hdr(struct pnfs_layout_hdr *lo)
{
struct inode *inode;
+ unsigned long i_state;
if (!lo)
return;
@@ -304,8 +305,12 @@ pnfs_put_layout_hdr(struct pnfs_layout_hdr *lo)
if (!list_empty(&lo->plh_segs))
WARN_ONCE(1, "NFS: BUG unfreed layout segments.\n");
pnfs_detach_layout_hdr(lo);
+ i_state = inode->i_state;
spin_unlock(&inode->i_lock);
pnfs_free_layout_hdr(lo);
+ /* Notify pnfs_destroy_layout_final() that we're done */
+ if (i_state & (I_FREEING | I_CLEAR))
+ wake_up_var(lo);
}
}
@@ -713,8 +718,7 @@ pnfs_free_lseg_list(struct list_head *free_me)
}
}
-void
-pnfs_destroy_layout(struct nfs_inode *nfsi)
+static struct pnfs_layout_hdr *__pnfs_destroy_layout(struct nfs_inode *nfsi)
{
struct pnfs_layout_hdr *lo;
LIST_HEAD(tmp_list);
@@ -732,9 +736,34 @@ pnfs_destroy_layout(struct nfs_inode *nfsi)
pnfs_put_layout_hdr(lo);
} else
spin_unlock(&nfsi->vfs_inode.i_lock);
+ return lo;
+}
+
+void pnfs_destroy_layout(struct nfs_inode *nfsi)
+{
+ __pnfs_destroy_layout(nfsi);
}
EXPORT_SYMBOL_GPL(pnfs_destroy_layout);
+static bool pnfs_layout_removed(struct nfs_inode *nfsi,
+ struct pnfs_layout_hdr *lo)
+{
+ bool ret;
+
+ spin_lock(&nfsi->vfs_inode.i_lock);
+ ret = nfsi->layout != lo;
+ spin_unlock(&nfsi->vfs_inode.i_lock);
+ return ret;
+}
+
+void pnfs_destroy_layout_final(struct nfs_inode *nfsi)
+{
+ struct pnfs_layout_hdr *lo = __pnfs_destroy_layout(nfsi);
+
+ if (lo)
+ wait_var_event(lo, pnfs_layout_removed(nfsi, lo));
+}
+
static bool
pnfs_layout_add_bulk_destroy_list(struct inode *inode,
struct list_head *layout_list)
diff --git a/fs/nfs/pnfs.h b/fs/nfs/pnfs.h
index 3ba44819a88ae..80fafa29e567a 100644
--- a/fs/nfs/pnfs.h
+++ b/fs/nfs/pnfs.h
@@ -254,6 +254,7 @@ struct pnfs_layout_segment *pnfs_layout_process(struct nfs4_layoutget *lgp);
void pnfs_layoutget_free(struct nfs4_layoutget *lgp);
void pnfs_free_lseg_list(struct list_head *tmp_list);
void pnfs_destroy_layout(struct nfs_inode *);
+void pnfs_destroy_layout_final(struct nfs_inode *);
void pnfs_destroy_all_layouts(struct nfs_client *);
int pnfs_destroy_layouts_byfsid(struct nfs_client *clp,
struct nfs_fsid *fsid,
@@ -645,6 +646,10 @@ static inline void pnfs_destroy_layout(struct nfs_inode *nfsi)
{
}
+static inline void pnfs_destroy_layout_final(struct nfs_inode *nfsi)
+{
+}
+
static inline struct pnfs_layout_segment *
pnfs_get_lseg(struct pnfs_layout_segment *lseg)
{
--
2.27.0
From: Anant Thazhemadam <[email protected]>
commit 31dcb6c30a26d32650ce134820f27de3c675a45a upstream.
A kernel-infoleak was reported by syzbot, which was caused because
dbells was left uninitialized.
Using kzalloc() instead of kmalloc() fixes this issue.
Reported-by: [email protected]
Tested-by: [email protected]
Signed-off-by: Anant Thazhemadam <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
drivers/misc/vmw_vmci/vmci_context.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/drivers/misc/vmw_vmci/vmci_context.c
+++ b/drivers/misc/vmw_vmci/vmci_context.c
@@ -751,7 +751,7 @@ static int vmci_ctx_get_chkpt_doorbells(
return VMCI_ERROR_MORE_DATA;
}
- dbells = kmalloc(data_size, GFP_ATOMIC);
+ dbells = kzalloc(data_size, GFP_ATOMIC);
if (!dbells)
return VMCI_ERROR_NO_MEM;
Hello!
On Mon, 4 Jan 2021 at 09:58, Greg Kroah-Hartman
<[email protected]> wrote:
> This is the start of the stable review cycle for the 4.19.165 release.
> There are 35 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.165-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
> -------------
> Pseudo-Shortlog of commits:
>
> Greg Kroah-Hartman <[email protected]>
> Linux 4.19.165-rc1
[...]
> Peter Zijlstra <[email protected]>
> mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush
[...]
This one fails to compile on the X15 (arm 32-bits) with:
| /srv/oe/build/tmp-lkft-glibc/work-shared/am57xx-evm/kernel-source/mm/memory.c:
In function 'tlb_table_invalidate':
| /srv/oe/build/tmp-lkft-glibc/work-shared/am57xx-evm/kernel-source/mm/memory.c:342:6:
error: implicit declaration of function 'tlb_needs_table_invalidate';
did you mean 'tlb_table_invalidate'?
[-Werror=implicit-function-declaration]
| if (tlb_needs_table_invalidate()) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
| tlb_table_invalidate
Greetings!
Daniel Díaz
[email protected]
Hi!
> This is the start of the stable review cycle for the 4.19.165 release.
> There are 35 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.165-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> and the diffstat can be found below.
CIP testing did not find any problems here:
https://gitlab.com/cip-project/cip-testing/linux-stable-rc-ci/-/tree/linux-4.19.y
Tested-by: Pavel Machek (CIP) <[email protected]>
Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
On 1/4/21 7:57 AM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.19.165 release.
> There are 35 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> Anything received after that time might be too late.
>
For v4.19.164-36-g32d98dff91da:
arm:axm55xx_defconfig, arm:keystone_defconfig:
mm/memory.c: In function 'tlb_table_invalidate':
mm/memory.c:342:6: error: implicit declaration of function 'tlb_needs_table_invalidate'
All c6x, all h8300, m68k:allnoconfig, arm:allnoconfig, microblaze:nommu_defconfig
and others:
CC mm/oom_kill.o
In file included from ./arch/c6x/include/asm/tlb.h:7,
from mm/oom_kill.c:45:
./include/asm-generic/tlb.h: In function 'tlb_get_unmap_shift':
./include/asm-generic/tlb.h:237:10: error: 'PMD_SHIFT' undeclared
./include/asm-generic/4level-fixup.h:8:21: error: 'PGDIR_SHIFT' undeclared
Guenter
On Mon, Jan 04, 2021 at 05:58:25PM -0800, Guenter Roeck wrote:
> On 1/4/21 7:57 AM, Greg Kroah-Hartman wrote:
> > This is the start of the stable review cycle for the 4.19.165 release.
> > There are 35 patches in this series, all will be posted as a response
> > to this one. If anyone has any issues with these being applied, please
> > let me know.
> >
> > Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> > Anything received after that time might be too late.
> >
>
> For v4.19.164-36-g32d98dff91da:
>
> arm:axm55xx_defconfig, arm:keystone_defconfig:
>
> mm/memory.c: In function 'tlb_table_invalidate':
> mm/memory.c:342:6: error: implicit declaration of function 'tlb_needs_table_invalidate'
>
> All c6x, all h8300, m68k:allnoconfig, arm:allnoconfig, microblaze:nommu_defconfig
> and others:
>
> CC mm/oom_kill.o
> In file included from ./arch/c6x/include/asm/tlb.h:7,
> from mm/oom_kill.c:45:
> ./include/asm-generic/tlb.h: In function 'tlb_get_unmap_shift':
> ./include/asm-generic/tlb.h:237:10: error: 'PMD_SHIFT' undeclared
> ./include/asm-generic/4level-fixup.h:8:21: error: 'PGDIR_SHIFT' undeclared
Thanks, will drop the series that caused this.
greg k-h
On Mon, Jan 04, 2021 at 11:43:28AM -0600, Daniel D?az wrote:
> Hello!
>
> On Mon, 4 Jan 2021 at 09:58, Greg Kroah-Hartman
> <[email protected]> wrote:
> > This is the start of the stable review cycle for the 4.19.165 release.
> > There are 35 patches in this series, all will be posted as a response
> > to this one. If anyone has any issues with these being applied, please
> > let me know.
> >
> > Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> > Anything received after that time might be too late.
> >
> > The whole patch series can be found in one patch at:
> > https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.165-rc1.gz
> > or in the git tree and branch at:
> > git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> > and the diffstat can be found below.
> >
> > thanks,
> >
> > greg k-h
> >
> > -------------
> > Pseudo-Shortlog of commits:
> >
> > Greg Kroah-Hartman <[email protected]>
> > Linux 4.19.165-rc1
> [...]
> > Peter Zijlstra <[email protected]>
> > mm/mmu_gather: invalidate TLB correctly on batch allocation failure and flush
> [...]
>
> This one fails to compile on the X15 (arm 32-bits) with:
> | /srv/oe/build/tmp-lkft-glibc/work-shared/am57xx-evm/kernel-source/mm/memory.c:
> In function 'tlb_table_invalidate':
> | /srv/oe/build/tmp-lkft-glibc/work-shared/am57xx-evm/kernel-source/mm/memory.c:342:6:
> error: implicit declaration of function 'tlb_needs_table_invalidate';
> did you mean 'tlb_table_invalidate'?
> [-Werror=implicit-function-declaration]
> | if (tlb_needs_table_invalidate()) {
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~
> | tlb_table_invalidate
Thanks for letting me know, will go drop this and the other patches in
this series and do a -rc2 soon.
greg k-h
On 1/4/21 8:57 AM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.19.165 release.
> There are 35 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.165-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
Compiled and booted on my test system. No dmesg regressions.
Tested-by: Shuah Khan <[email protected]>
thanks,
-- Shuah
Hi!
> commit 0ebcdd702f49aeb0ad2e2d894f8c124a0acc6e23 upstream.
>
> For a null_blk device with zoned mode enabled is currently initialized
> with a number of zones equal to the device capacity divided by the zone
> size, without considering if the device capacity is a multiple of the
> zone size. If the zone size is not a divisor of the capacity, the zones
> end up not covering the entire capacity, potentially resulting is out
> of bounds accesses to the zone array.
>
> Fix this by adding one last smaller zone with a size equal to the
> remainder of the disk capacity divided by the zone size if the capacity
> is not a multiple of the zone size. For such smaller last zone, the zone
> capacity is also checked so that it does not exceed the smaller zone
> size.
> --- a/drivers/block/null_blk_zoned.c
> +++ b/drivers/block/null_blk_zoned.c
> @@ -1,9 +1,9 @@
> // SPDX-License-Identifier: GPL-2.0
> #include <linux/vmalloc.h>
> +#include <linux/sizes.h>
> #include "null_blk.h"
>
> -/* zone_size in MBs to sectors. */
> -#define ZONE_SIZE_SHIFT 11
> +#define MB_TO_SECTS(mb) (((sector_t)mb * SZ_1M) >> SECTOR_SHIFT)
This macro is quite dangerous. (mb) would help, but inline function
would be better.
> + dev->nr_zones = dev_capacity_sects >> ilog2(dev->zone_size_sects);
> + if (dev_capacity_sects & (dev->zone_size_sects - 1))
> + dev->nr_zones++;
Is this same as nr_zones = DIV_ROUND_UP(dev_capacity_sects,
dev->zone_size_sects)? Would that be faster, more readable and robust
against weird dev->zone_size_sects sizes?
Best regards,
Pavel
--
http://www.livejournal.com/~pavelmachek
On Tue, Jan 05, 2021 at 09:44:26AM -0700, Shuah Khan wrote:
> On 1/4/21 8:57 AM, Greg Kroah-Hartman wrote:
> > This is the start of the stable review cycle for the 4.19.165 release.
> > There are 35 patches in this series, all will be posted as a response
> > to this one. If anyone has any issues with these being applied, please
> > let me know.
> >
> > Responses should be made by Wed, 06 Jan 2021 15:56:52 +0000.
> > Anything received after that time might be too late.
> >
> > The whole patch series can be found in one patch at:
> > https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.19.165-rc1.gz
> > or in the git tree and branch at:
> > git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.19.y
> > and the diffstat can be found below.
> >
> > thanks,
> >
> > greg k-h
> >
>
> Compiled and booted on my test system. No dmesg regressions.
>
> Tested-by: Shuah Khan <[email protected]>
Thanks for testing them all and letting me know.
greg k-h
On 2021/01/06 21:55, Pavel Machek wrote:
> Hi!
>
>> commit 0ebcdd702f49aeb0ad2e2d894f8c124a0acc6e23 upstream.
>>
>> For a null_blk device with zoned mode enabled is currently initialized
>> with a number of zones equal to the device capacity divided by the zone
>> size, without considering if the device capacity is a multiple of the
>> zone size. If the zone size is not a divisor of the capacity, the zones
>> end up not covering the entire capacity, potentially resulting is out
>> of bounds accesses to the zone array.
>>
>> Fix this by adding one last smaller zone with a size equal to the
>> remainder of the disk capacity divided by the zone size if the capacity
>> is not a multiple of the zone size. For such smaller last zone, the zone
>> capacity is also checked so that it does not exceed the smaller zone
>> size.
>
>> --- a/drivers/block/null_blk_zoned.c
>> +++ b/drivers/block/null_blk_zoned.c
>> @@ -1,9 +1,9 @@
>> // SPDX-License-Identifier: GPL-2.0
>> #include <linux/vmalloc.h>
>> +#include <linux/sizes.h>
>> #include "null_blk.h"
>>
>> -/* zone_size in MBs to sectors. */
>> -#define ZONE_SIZE_SHIFT 11
>> +#define MB_TO_SECTS(mb) (((sector_t)mb * SZ_1M) >> SECTOR_SHIFT)
>
> This macro is quite dangerous. (mb) would help, but inline function
> would be better.
Indeed.
>
>
>> + dev->nr_zones = dev_capacity_sects >> ilog2(dev->zone_size_sects);
>> + if (dev_capacity_sects & (dev->zone_size_sects - 1))
>> + dev->nr_zones++;
>
> Is this same as nr_zones = DIV_ROUND_UP(dev_capacity_sects,
> dev->zone_size_sects)? Would that be faster, more readable and robust
> against weird dev->zone_size_sects sizes?
Yes, we can change to this to be more readable.
Will send a cleanup patch. Thanks !
>
> Best regards,
> Pavel
>
--
Damien Le Moal
Western Digital Research