This reverts commit e525d2cfbe.
Reason for revert: not present in android11-5.4
Change-Id: If175677a9002962baf605e632c74435f659e0420
Signed-off-by: Alexander Winkowski <dereference23@outlook.com>
Background:
When CPU is going to idle state, it would inform RCU that
current CPU is entering idle through rcu_idle_enter(),
and RCU will ignore read-side critical sections of this CPU.
However, there is CFI check mechanism inside idle flow and
calls rcu_read_lock(), so "rcu_read_lock() used illegally while idle"
in rcu_read_lock() will be triggered because rcu_idle_enter()
was already called before.
Beside, the pointer of rcu_dereference() might be invalid
due to the RCU read-side critical sections will be ignoring in
this going idle CPU, it might cause problems like:
access the wrong data/address, kernel exception...
Based on above description:
We will add __nocfi to cpuidle_enter_state to avoid
“rcu_read_lock() used illegally while idle!”
and avoid the usage of invalid pointer of rcu_dereference()
in this situation.
Bug: 169017431
Change-Id: I8bbe25704e18cfde351a8f4277dd4b44b07421f5
Signed-off-by: rogercl.yang <rogercl.yang@mediatek.com>
Signed-off-by: Chun-Hung Wu <chun-hung.wu@mediatek.com>
When CONFIG_CFI_CLANG and CONFIG_DYNAMIC_FTRACE are enabled, LLVM will
generate a jump function named ftrace_call.cfi_jt for ftrace_call, which
makes "&ftrace_call" in ftrace_update_ftrace_func() actually the address
of ftrace_call.cfi_jt. As a result, the tracer can't be really enabled
through runtime modification. Use __va_function() to get the actual address
of ftrace_call to fix the issue.
Bug: 184105181
Signed-off-by: Ben Dai <ben.dai@unisoc.com>
Change-Id: Ic9272cd4ab447b3b145d8e397e5c9010c49f7a12
With CFI, the compiler replaces function references with pointers
to the CFI jump table. This breaks passing these addresses to
code running at EL2, where the jump tables are not valid. Add a
__va_function macro similarly to the earlier __pa_function to take
address of the actual function in inline assembly and use that in
kvm_ksym_ref instead.
Bug: 163385976
Change-Id: I097b99409995512c00786300e7d18fe42c720a1b
(cherry picked from commit 2f4d6c9fd77c88ad0500aad4bf1f64aaf2654c49)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
After the switch to non-canonical CFI jump tables, the jump table
sections were placed after the .text section. Merge these sections
into .text to fix issues with error injection and kallsyms.
Bug: 225079388
Bug: 190422440
Change-Id: I6c81b3e4dbba62739f7fc5f6b45271c54f278c8f
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Added the clang compiler option -fno-sanitize-blacklist to the
CC_FLAGS_CFI variable.
Without this flag, the make dependecy list files produced by clang,
have the cfi_blacklist.txt as their first dependency. The dependecy
lists are produced by the -Wp,-MD,filename option (for example:
-Wp,-MD,mm/.mmap.o.d). The dependency lists are processed by the
scripts/basic/fixdeps.c program, and are transformed into the .o.cmd
files (for example: mm/.mmap.o.cmd). That file is meant to have the
source code of the file listed in the source_* make variable (for
example: source_mm/mmap.o). Instead of that that variable refers
to the full pathname to the cfi_blacklist.txt file. Furthermore, the
deps_* make variable is not supposed to include the source code file
but it does include it.
The cfi_blacklist.txt file is not required by the use of CFI for the
kernel, use of the -fno-sanitize-blacklist causes the .o.cmd file
to have the correct values in its source_* and dep_* variables.
Signed-off-by: Ramon Pantin <pantin@google.com>
Bug: 150504710
Test: interactively
Change-Id: Ia9ed73cb9739617a7c928b939cb4b3a6d77723b7
The arm64 module region is a 128 MB region that is kept close to
the core kernel, in order to ensure that relative branches are
always in range. So using the same region for programs that do
not have this restriction is wasteful, and preferably avoided.
Now that the core BPF JIT code permits the alloc/free routines to
be overridden, implement them by vmalloc()/vfree() calls from a
dedicated 128 MB region set aside for BPF programs. This ensures
that BPF programs are still in branching range of each other, which
is something the JIT currently depends upon (and is not guaranteed
when using module_alloc() on KASLR kernels like we do currently).
It also ensures that placement of BPF programs does not correlate
with the placement of the core kernel or modules, making it less
likely that leaking the former will reveal the latter.
This also solves an issue under KASAN, where shadow memory is
needlessly allocated for all BPF programs (which don't require KASAN
shadow pages since they are not KASAN instrumented)
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Danny Lin <danny@kdrag0n.dev>
Change-Id: Id3a066651f282249e8825b7bcdf9a78e84c1f878
By default, BPF uses module_alloc() to allocate executable memory,
but this is not necessary on all arches and potentially undesirable
on some of them.
So break out the module_alloc() and module_memfree() calls into __weak
functions to allow them to be overridden in arch code.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Danny Lin <danny@kdrag0n.dev>
Change-Id: I582794881942bc0b766515861f2232354860536b
Fix the possible OOB write in unpacking the country IE due to
the IE length check against integer division.
CRs-Fixed: 3910626
Change-Id: I800290ab7285fb46ed43a46ce38967046b4881fa
added check for port num and channel iteration are lessthan 8
to avoid out of bound write to 8x8 map array.
Change-Id: I4c6fe13a5eb09be623a1c40ce16c5a5e4246e021
Signed-off-by: Abinath S <quic_abins@quicinc.com>
[ Upstream commit 177f25d1292c7e16e1199b39c85480f7f8815552 ]
Since the report buffer is used by all kinds of drivers in various ways, let's
zero-initialize it during allocation to make sure that it can't be ever used
to leak kernel memory via specially-crafted report.
Bug: 380395346
Fixes: 27ce405039 ("HID: fix data access in implement()")
Reported-by: Benoît Sevens <bsevens@google.com>
Acked-by: Benjamin Tissoires <bentiss@kernel.org>
Signed-off-by: Jiri Kosina <jkosina@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 9d9f5c75c0c7f31766ec27d90f7a6ac673193191)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I31f64f2745347137bbc415eb35b7fab5761867f3
Do not intrabss forward fragmented EAPOL frames that have
DA different from the SAP vdev mac addr when high latency
is enabled.
Change-Id: Idb6e6c001f4dae51c2181e70ab9adbbb964f0ee3
CRs-Fixed:
While parsing ESP IE from beacon/probe response frame,
the condition in loop to copy ESP_INFO from the ESP IE is
incorrect which will iterate for 5 times rather than 4 times,
this may cause OOB access.
data < ((uint8_t *)esp_ie + esp_ie->esp_len + 3)
Here adding 3 for esp_ie->esp_len, actually esp_len itself is
1 byte extra (esp_ len = ESP_ID_EXTN + ESP_INFO * 4),
but by adding 3 again will loop for one more iteration
this will cause OOB access.
Remove 3 in loop condition to avoid one more extra iteration
and ignore ESP_ID_EXTN element for total elements, in function
util_scan_update_esp_data.
Change-Id: Ia9226e483672369af36c6914e3ac914fe9de45e5
CRs-Fixed: 3710081
The cci configuration will be transitioned to a new API that does not
require routing through the v4l layer. This is work-in-progrss so in
the mean time prevent the device from being exposed as configurable
from userspace.
The ioctl will still be exposed to kernel users so fix the arg size
as well. We want size of struct not pointer.
Change-Id: I1eeb58b8355a81fc36b9845e2096060b03f1debe
Signed-off-by: Om Parkash <oparkash@codeaurora.org>
Syzbot recently found a number of issues related to incremental-fs
(see bug numbers below). All have to do with the fact that incr-fs
allows mounts of the same source and target multiple times.
This is a design decision and the user space component "Data Loader"
expects this to work for app re-install use case.
The mounting depth needs to be controlled, however, and only allowed
to be two levels deep. In case of more than two mount attempts the
driver needs to return an error.
In case of the issues listed below the common pattern is that the
reproducer calls:
mount("./file0", "./file0", "incremental-fs", 0, NULL)
many times and then invokes a file operation like chmod, setxattr,
or open on the ./file0. This causes a recursive call for all the
mounted instances, which eventually causes a stack overflow and
a kernel crash:
BUG: stack guard page was hit at ffffc90000c0fff8
kernel stack overflow (double-fault): 0000 [#1] PREEMPT SMP KASAN
This change also cleans up the mount error path to properly clean
allocated resources and call deactivate_locked_super(), which
causes the incfs_kill_sb() to be called, where the sb is freed.
Bug: 211066171
Bug: 213140206
Bug: 213215835
Bug: 211914587
Bug: 211213635
Bug: 213137376
Bug: 211161296
Signed-off-by: Tadeusz Struk <tadeusz.struk@linaro.org>
Change-Id: I08d9b545a2715423296bf4beb67bdbbed78d1be1
Add proper check to validate table rule count
which may lead to overflow error.
Change-Id: Idfa86878db49ad4803f8902c995eb4186a2d3523
Signed-off-by: Praveen Kurapati <pkurapat@codeaurora.org>
commit f7d306b47a24367302bd4fe846854e07752ffcd9 upstream.
The usb_get_descriptor() function does DMA so we're not allowed
to use a stack buffer for that. Doing DMA to the stack is not portable
all architectures. Move the "new_device_descriptor" from being stored
on the stack and allocate it with kmalloc() instead.
Bug: 382243530
Fixes: b909df18ce2a ("ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices")
Cc: stable@kernel.org
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://patch.msgid.link/60e3aa09-039d-46d2-934c-6f123026c2eb@stanley.mountain
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Benoît Sevens <bsevens@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 4e54dc4bbc602133217de301d9f814f3e6d22eee)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I469212aa538584e3d8cc5b0087b68c99acf43f64
commit b909df18ce2a998afef81d58bbd1a05dc0788c40 upstream.
A bogus device can provide a bNumConfigurations value that exceeds the
initial value used in usb_get_configuration for allocating dev->config.
This can lead to out-of-bounds accesses later, e.g. in
usb_destroy_configuration.
Bug: 382243530
Signed-off-by: Benoît Sevens <bsevens@google.com>
Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Cc: stable@kernel.org
Link: https://patch.msgid.link/20241120124144.3814457-1-bsevens@google.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 9887d859cd60727432a01564e8f91302d361b72b)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I2df0d59750943fa34747bd4bae2e549320f2a0ce
This can lead to out of bounds writes since frames of this type were not
taken into account when calculating the size of the frames buffer in
uvc_parse_streaming.
Fixes: c0efd23292 ("V4L/DVB (8145a): USB Video Class driver")
Signed-off-by: Benoit Sevens <bsevens@google.com>
Cc: stable@vger.kernel.org
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Signed-off-by: Hans Verkuil <hverkuil@xs4all.nl>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 378455392
(cherry picked from commit ecf2b43018da9579842c774b7f35dbe11b5c38dd)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I959a6374ba7adf021fc19da755f5c7611fef9b8c
Fixes the following error when building with clang r530567:
error: version 'kernel' in target triple 'arm-unknown-linux-androidkernel' is invalid
Change-Id: I5a2d27bf0e8a22b2fe752c64efc0cc91c790b5f0
there is no check for cvs_voc_pkt[2],when receives
0xffffffff from ADSP which results in an integer overflow
Fix is to address this.
Signed-off-by: Shaik Jabida <quic_sjabida@quicinc.com>
(cherry picked from commit 4524418cd14dce47e4ea7234618f919e28dbbe5a)
Change-Id: I2edaef7a22bf0e8d517b3269d004992a3ca35d4f
there is no check for cvs_voc_pkt[2],when recieves
0xffffffff from ADSP which results in an integer overflow
Fix is to address this.
Change-Id: Ie935dd8823981ec260d77f5117f4ef0b0fc08f60
Signed-off-by: Ramireddy KrishnaKanth Reddy <quic_ramikris@quicinc.com>
(cherry picked from commit 4524418cd14dce47e4ea7234618f919e28dbbe5a)
Signed-off-by: Sandhya Mutha Naga Venkata <quic_smuthana@quicinc.com>
* 'android-msm-pixel-4.14':
msm: kgsl: Fix error handling during drawctxt switch
LTS: Update to 4.14.355
Revert "parisc: Use irq_enter_rcu() to fix warning at kernel/context_tracking.c:367"
netns: restore ops before calling ops_exit_list
cx82310_eth: fix error return code in cx82310_bind()
rtmutex: Drop rt_mutex::wait_lock before scheduling
locking/rtmutex: Handle non enqueued waiters gracefully in remove_waiter()
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
ACPI: processor: Fix memory leaks in error paths of processor_add()
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
netns: add pre_exit method to struct pernet_operations
net: Add comment about pernet_operations methods and synchronization
nilfs2: protect references to superblock parameters exposed in sysfs
nilfs2: replace snprintf in show functions with sysfs_emit
nilfs2: use time64_t internally
tracing: Avoid possible softlockup in tracing_iter_reset()
ring-buffer: Rename ring_buffer_read() to read_buffer_iter_advance()
uprobes: Use kzalloc to allocate xol area
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
...
Change-Id: I4dfeb49d4601a50bab613a8697174aee04963dcf
* 'linux-4.14.y' of github.com:openela/kernel-lts: (342 commits)
LTS: Update to 4.14.355
Revert "parisc: Use irq_enter_rcu() to fix warning at kernel/context_tracking.c:367"
netns: restore ops before calling ops_exit_list
cx82310_eth: fix error return code in cx82310_bind()
rtmutex: Drop rt_mutex::wait_lock before scheduling
locking/rtmutex: Handle non enqueued waiters gracefully in remove_waiter()
drm/i915/fence: Mark debug_fence_free() with __maybe_unused
ACPI: processor: Fix memory leaks in error paths of processor_add()
ACPI: processor: Return an error if acpi_processor_get_info() fails in processor_add()
netns: add pre_exit method to struct pernet_operations
net: Add comment about pernet_operations methods and synchronization
nilfs2: protect references to superblock parameters exposed in sysfs
nilfs2: replace snprintf in show functions with sysfs_emit
nilfs2: use time64_t internally
tracing: Avoid possible softlockup in tracing_iter_reset()
ring-buffer: Rename ring_buffer_read() to read_buffer_iter_advance()
uprobes: Use kzalloc to allocate xol area
clocksource/drivers/imx-tpm: Fix next event not taking effect sometime
clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
...
Conflicts:
drivers/mmc/core/mmc_test.c
drivers/net/usb/usbnet.c
fs/f2fs/inode.c
fs/f2fs/namei.c
include/linux/overflow.h
Change-Id: Icfff2ec3039c2ce40ed7a9c1d9a6a99269ff4c83
Currently, separate submissions are made for page table
switch and context switch to the ring buffer. However, if the
page table switch succeeds but the context switch fails,
it can lead to use of wrong page table for drawctxt.
To address this issue, rollback the pagetable to current pagetable.
Also,correctly put the refcount of adreno context during error
cleanup.
Change-Id: I1bb4ee3ebb0ce6ea32f0b6799cfb7fa89c0d09c7
Signed-off-by: Rakesh Naidu Bhaviripudi <quic_rakeshb@quicinc.com>
commit b272a0ad730103e84fb735fd0a8cc050cdf7f77c upstream.
ops has been iterated to first element when call pre_exit, and
it needs to restore from save_ops, not save ops to save_ops
Fixes: d7d99872c144 ("netns: add pre_exit method to struct pernet_operations")
Signed-off-by: Li RongQing <lirongqing@baidu.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 15605b333ddaa3e5e21dfebb65546c70bb167925)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
commit d33d26036a0274b472299d7dcdaa5fb34329f91b upstream.
rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the
good case it returns with the lock held and in the deadlock case it emits a
warning and goes into an endless scheduling loop with the lock held, which
triggers the 'scheduling in atomic' warning.
Unlock rt_mutex::wait_lock in the dead lock case before issuing the warning
and dropping into the schedule for ever loop.
[ tglx: Moved unlock before the WARN(), removed the pointless comment,
massaged changelog, added Fixes tag ]
Fixes: 3d5c9340d1 ("rtmutex: Handle deadlock detection smarter")
Signed-off-by: Roland Xu <mu001999@outlook.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/all/ME0P300MB063599BEF0743B8FA339C2CECC802@ME0P300MB0635.AUSP300.PROD.OUTLOOK.COM
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 432efdbe7da5ecfcbc0c2180cfdbab1441752a38)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
[ Upstream commit 47ec9b417ed9b6b8ec2a941cd84d9de62adc358a ]
If acpi_processor_get_info() returned an error, pr and the associated
pr->throttling.shared_cpu_map were leaked.
The unwind code was in the wrong order wrt to setup, relying on
some unwind actions having no affect (clearing variables that were
never set etc). That makes it harder to reason about so reorder
and add appropriate labels to only undo what was actually set up
in the first place.
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Reviewed-by: Gavin Shan <gshan@redhat.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Link: https://lore.kernel.org/r/20240529133446.28446-6-Jonathan.Cameron@huawei.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 00259ae5206a713234e3ac12a8a0f731e86b754b)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
commit d7d99872c144a2c2f5d9c9d83627fa833836cba5 upstream.
Current struct pernet_operations exit() handlers are highly
discouraged to call synchronize_rcu().
There are cases where we need them, and exit_batch() does
not help the common case where a single netns is dismantled.
This patch leverages the existing synchronize_rcu() call
in cleanup_net()
Calling optional ->pre_exit() method before ->exit() or
->exit_batch() allows to benefit from a single synchronize_rcu()
call.
Note that the synchronize_rcu() calls added in this patch
are only in error paths or slow paths.
Tested:
$ time for i in {1..1000}; do unshare -n /bin/false;done
real 0m2.612s
user 0m0.171s
sys 0m2.216s
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit bc596c2026c7f52dc12a784403ccfc3b152844e6)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Make locking scheme be visible for users, and provide
a comment what for we are need exit_batch() methods,
and when it should be used.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 6056415d3a513846f774e7bbee0de0460b1c15df)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
[ Upstream commit 683408258917541bdb294cd717c210a04381931e ]
The superblock buffers of nilfs2 can not only be overwritten at runtime
for modifications/repairs, but they are also regularly swapped, replaced
during resizing, and even abandoned when degrading to one side due to
backing device issues. So, accessing them requires mutual exclusion using
the reader/writer semaphore "nilfs->ns_sem".
Some sysfs attribute show methods read this superblock buffer without the
necessary mutual exclusion, which can cause problems with pointer
dereferencing and memory access, so fix it.
Link: https://lkml.kernel.org/r/20240811100320.9913-1-konishi.ryusuke@gmail.com
Fixes: da7141fb78 ("nilfs2: add /sys/fs/nilfs2/<device> group")
Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit b90beafac05931cbfcb6b1bd4f67c1923f47040e)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
The superblock and segment timestamps are used only internally in nilfs2
and can be read out using sysfs.
Since we are using the old 'get_seconds()' interface and store the data
as timestamps, the behavior differs slightly between 64-bit and 32-bit
kernels, the latter will show incorrect timestamps after 2038 in sysfs,
and presumably fail completely in 2106 as comparisons go wrong.
This changes nilfs2 to use time64_t with ktime_get_real_seconds() to
handle timestamps, making the behavior consistent and correct on both
32-bit and 64-bit machines.
The on-disk format already uses 64-bit timestamps, so nothing changes
there.
Link: http://lkml.kernel.org/r/20180122211050.1286441-1-arnd@arndb.de
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Ryusuke Konishi <konishi.ryusuke@lab.ntt.co.jp>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit fb04b91bc2c3a83e9e2ba9c5ce0f0124dd3ffef0)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
[ Upstream commit 49aa8a1f4d6800721c7971ed383078257f12e8f9 ]
In __tracing_open(), when max latency tracers took place on the cpu,
the time start of its buffer would be updated, then event entries with
timestamps being earlier than start of the buffer would be skipped
(see tracing_iter_reset()).
Softlockup will occur if the kernel is non-preemptible and too many
entries were skipped in the loop that reset every cpu buffer, so add
cond_resched() to avoid it.
Cc: stable@vger.kernel.org
Fixes: 2f26ebd549 ("tracing: use timestamp to determine start of latency traces")
Link: https://lore.kernel.org/20240827124654.3817443-1-zhengyejian@huaweicloud.com
Suggested-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Zheng Yejian <zhengyejian@huaweicloud.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 84bd537aaefb210218b5e1d982411fa6ae8429a1)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
[ Upstream commit bc1a72afdc4a91844928831cac85731566e03bc6 ]
When the ring buffer was first created, the iterator followed the normal
producer/consumer operations where it had both a peek() operation, that just
returned the event at the current location, and a read(), that would return
the event at the current location and also increment the iterator such that
the next peek() or read() will return the next event.
The only use of the ring_buffer_read() is currently to move the iterator to
the next location and nothing now actually reads the event it returns.
Rename this function to its actual use case to ring_buffer_iter_advance(),
which also adds the "iter" part to the name, which is more meaningful. As
the timestamp returned by ring_buffer_read() was never used, there's no
reason that this new version should bother having returning it. It will also
become a void function.
Link: http://lkml.kernel.org/r/20200317213416.018928618@goodmis.org
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Stable-dep-of: 49aa8a1f4d68 ("tracing: Avoid possible softlockup in tracing_iter_reset()")
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit ac8ffa21dde0c1edcd9dd98b5555a0aa4eea3b1f)
Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
