a11be2f74cd7563233dca371e8bb61c12bc96889
170 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
qctecmdr Service
|
782e9848e6 |
Merge "Merge android-4.19.21 (6e0411b) into msm-4.19"
|
||
|
Ivaylo Georgiev
|
9d1f53106a |
Merge android-4.19.21 (6e0411b) into msm-4.19
* refs/heads/tmp-6e0411b:
Revert "thermal: Fix locking in cooling device sysfs update cur_state"
Linux 4.19.21
ath9k: dynack: check da->enabled first in sampling routines
ath9k: dynack: make ewma estimation faster
perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu()
IB/hfi1: Add limit test for RC/UC send via loopback
cacheinfo: Keep the old value if of_property_read_u32 fails
serial: sh-sci: Do not free irqs that have already been freed
serial: 8250_pci: Make PCI class test non fatal
serial: fix race between flush_to_ldisc and tty_open
perf tests evsel-tp-sched: Fix bitwise operator
perf/core: Don't WARN() for impossible ring-buffer sizes
x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out()
perf/x86/intel/uncore: Add Node ID mask
cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM
KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
scsi: aic94xx: fix module loading
scsi: cxlflash: Prevent deadlock when adapter probe fails
staging: speakup: fix tty-operation NULL derefs
usb: gadget: musb: fix short isoc packets with inventra dma
usb: gadget: udc: net2272: Fix bitwise and boolean operations
usb: dwc3: gadget: Handle 0 xfer length for OUT EP
usb: phy: am335x: fix race condition in _probe
irqchip/gic-v3-its: Plug allocation race for devices sharing a DevID
futex: Handle early deadlock return correctly
dmaengine: imx-dma: fix wrong callback invoke
dmaengine: bcm2835: Fix abort of transactions
dmaengine: bcm2835: Fix interrupt race on RT
HID: debug: fix the ring buffer implementation
fuse: handle zero sized retrieve correctly
fuse: decrement NR_WRITEBACK_TEMP on the right page
fuse: call pipe_buf_release() under pipe lock
ALSA: hda/realtek - Headset microphone support for System76 darp5
ALSA: hda/realtek - Use a common helper for hp pin reference
ALSA: hda/realtek - Fix lose hp_pins for disable auto mute
ALSA: hda - Serialize codec registrations
ALSA: usb-audio: Add support for new T+A USB DAC
ALSA: compress: Fix stop handling on compressed capture streams
xfs: eof trim writeback mapping as soon as it is cached
net/mlx5e: FPGA, fix Innova IPsec TX offload data path performance
virtio_net: Account for tx bytes and packets on sending xdp_frames
skge: potential memory corruption in skge_get_regs()
sctp: walk the list of asoc safely
sctp: check and update stream->out_curr when allocating stream_out
rxrpc: bad unlock balance in rxrpc_recvmsg
Revert "net: phy: marvell: avoid pause mode on SGMII-to-Copper for 88e151x"
rds: fix refcount bug in rds_sock_addref
net: systemport: Fix WoL with password after deep sleep
net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames
net: dsa: slave: Don't propagate flag changes on down slave interfaces
net: dsa: mv88e6xxx: Fix counting of ATU violations
net: dsa: Fix NULL checking in dsa_slave_set_eee()
net: dsa: Fix lockdep false positive splat
net: dp83640: expire old TX-skb
lib/test_rhashtable: Make test_insert_dup() allocate its hash table dynamically
enic: fix checksum validation for IPv6
dccp: fool proof ccid_hc_[rt]x_parse_options()
thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set
xfs: fix inverted return from xfs_btree_sblock_verify_crc
xfs: fix PAGE_MASK usage in xfs_free_file_space
fs/xfs: fix f_ffree value for statfs when project quota is set
xfs: delalloc -> unwritten COW fork allocation can go wrong
xfs: fix transient reference count error in xfs_buf_resubmit_failed_buffers
xfs: fix shared extent data corruption due to missing cow reservation
xfs: fix overflow in xfs_attr3_leaf_verify
xfs: Fix error code in 'xfs_ioc_getbmap()'
xfs: cancel COW blocks before swapext
xfs: Fix xqmstats offsets in /proc/fs/xfs/xqmstat
scripts/gdb: fix lx-version string output
kernel/kcov.c: mark write_comp_data() as notrace
exec: load_script: don't blindly truncate shebang string
fs/epoll: drop ovflist branch prediction
kernel/hung_task.c: force console verbose before panic
proc/sysctl: fix return error for proc_doulongvec_minmax()
kernel/hung_task.c: break RCU locks based on jiffies
arm64/sve: ptrace: Fix SVE_PT_REGS_OFFSET definition
HID: lenovo: Add checks to fix of_led_classdev_register
thermal: generic-adc: Fix adc to temp interpolation
PCI: imx: Enable MSI from downstream components
kdb: Don't back trace on a cpu that didn't round up
thermal: bcm2835: enable hwmon explicitly
block/swim3: Fix -EBUSY error when re-opening device after unmount
fsl/fman: Use GFP_ATOMIC in {memac,tgec}_add_hash_mac_address()
gdrom: fix a memory leak bug
isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw()
zram: fix lockdep warning of free block handling
mm/page_alloc.c: don't call kasan_free_pages() at deferred mem init
ocfs2: improve ocfs2 Makefile
ocfs2: don't clear bh uptodate for block read
arch/sh/boards/mach-kfr2r09/setup.c: fix struct mtd_oob_ops build warning
scripts/decode_stacktrace: only strip base path when a prefix of the path
perf python: Do not force closing original perf descriptor in evlist.get_pollfd()
cgroup: fix parsing empty mount option string
f2fs: fix sbi->extent_list corruption issue
niu: fix missing checks of niu_pci_eeprom_read
um: Avoid marking pages with "changed protection"
f2fs: fix use-after-free issue when accessing sbi->stat_info
cifs: check ntwrk_buf_start for NULL before dereferencing it
MIPS: ralink: Select CONFIG_CPU_MIPSR2_IRQ_VI on MT7620/8
crypto: ux500 - Use proper enum in hash_set_dma_transfer
crypto: ux500 - Use proper enum in cryp_set_dma_transfer
seq_buf: Make seq_buf_puts() null-terminate the buffer
hwmon: (lm80) fix a missing check of bus read in lm80 probe
hwmon: (lm80) fix a missing check of the status of SMBus read
perf build: Don't unconditionally link the libbfd feature test to -liberty and -lz
NFS: nfs_compare_mount_options always compare auth flavors.
kvm: Change offset in kvm_write_guest_offset_cached to unsigned
powerpc/fadump: Do not allow hot-remove memory from fadump reserved area.
KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported
pinctrl: meson: meson8b: fix the GPIO function for the GPIOAO pins
pinctrl: meson: meson8: fix the GPIO function for the GPIOAO pins
powerpc/mm: Fix reporting of kernel execute faults on the 8xx
fbdev: fbcon: Fix unregister crash when more than one framebuffer
ACPI/APEI: Clear GHES block_status before panic()
igb: Fix an issue that PME is not enabled during runtime suspend
ice: Do not enable NAPI on q_vectors that have no rings
i40e: define proper net_device::neigh_priv_len
fbdev: fbmem: behave better with small rotated displays and many CPUs
md: fix raid10 hang issue caused by barrier
video: clps711x-fb: release disp device node in probe()
drm/amd/display: validate extended dongle caps
drbd: Avoid Clang warning about pointless switch statment
drbd: skip spurious timeout (ping-timeo) when failing promote
drbd: disconnect, if the wrong UUIDs are attached on a connected peer
drbd: narrow rcu_read_lock in drbd_sync_handshake
mlx5: update timecounter at least twice per counter overflow
powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand
iwlwifi: mvm: fix setting HE ppe FW config
powerpc/perf: Fix thresholding counter data for unknown type
net: hns3: add max vector number check for pf
cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
scsi: smartpqi: increase fw status register read timeout
scsi: smartpqi: correct volume status
scsi: smartpqi: correct host serial num for ssa
mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG
xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
mac80211: fix radiotap vendor presence bitmap handling
powerpc/uaccess: fix warning/error with access_ok()
drm/amd/display: fix YCbCr420 blank color
Bluetooth: hci_bcm: Handle deferred probing for the clock supply
drm/amd/display: Add retry to read ddc_clock pin
net: hns3: fix incomplete uninitialization of IRQ in the hns3_nic_uninit_vector_data()
percpu: convert spin_lock_irq to spin_lock_irqsave.
perf tools: Cast off_t to s64 to avoid warning on bionic libc
perf header: Fix up argument to ctime()
usb: musb: dsps: fix runtime pm for peripheral mode
usb: musb: dsps: fix otg state machine
arm64: KVM: Skip MMIO insn after emulation
livepatch: check kzalloc return values
tools/power/x86/intel_pstate_tracer: Fix non root execution for post processing a trace file
bnxt_en: Disable MSIX before re-reserving NQs/CMPL rings.
i2c: sh_mobile: Add support for r8a774c0 (RZ/G2E)
perf probe: Fix unchecked usage of strncpy()
btrfs: use tagged writepage to mitigate livelock of snapshot
perf header: Fix unchecked usage of strncpy()
perf dso: Fix unchecked usage of strncpy()
perf test: Fix perf_event_attr test failure
tty: serial: samsung: Properly set flags in autoCTS mode
serial: sh-sci: Resume PIO in sci_rx_interrupt() on DMA failure
serial: sh-sci: Fix locking in sci_submit_rx()
btrfs: harden agaist duplicate fsid on scanned devices
usb: renesas_usbhs: add support for RZ/G2E
mmc: jz4740: Get CD/WP GPIOs from descriptors
mmc: sdhci-xenon: Fix timeout checks
mmc: sdhci-omap: Fix timeout checks
mmc: sdhci-of-esdhc: Fix timeout checks
memstick: Prevent memstick host from getting runtime suspended during card detection
mmc: meson-mx-sdio: check devm_kasprintf for failure
mmc: bcm2835: reset host on timeout
mmc: bcm2835: Recover from MMC_SEND_EXT_CSD
KVM: PPC: Book3S: Only report KVM_CAP_SPAPR_TCE_VFIO on powernv machines
ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
ARM: pxa: avoid section mismatch warning
selftests/bpf: use __bpf_constant_htons in test_prog.c
switchtec: Fix SWITCHTEC_IOCTL_EVENT_IDX_ALL flags overwrite
udf: Fix BUG on corrupted inode
mlxsw: spectrum_acl: Limit priority value
phy: sun4i-usb: add support for missing USB PHY index
i2c-axxia: check for error conditions first
lightnvm: pblk: add lock protection to list operations
lightnvm: pblk: fix resubmission of overwritten write err lbas
drm/msm: dpu: Only check flush register against pending flushes
drm/msm/dsi: fix dsi clock names in DSI 10nm PLL driver
tee: optee: avoid possible double list_del()
OPP: Use opp_table->regulators to verify no regulator case
cpuidle: big.LITTLE: fix refcount leak
platform/x86: mlx-platform: Fix tachometer registers
clk: imx6sl: ensure MMDC CH0 handshake is bypassed
sata_rcar: fix deferred probing
iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
iommu/arm-smmu: Add support for qcom,smmu-v2 variant
iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads
usb: dwc3: gadget: Disable CSP for stream OUT ep
ARM: dts: imx51-zii-rdu1: Do not specify "power-gpio" for hpa1
watchdog: renesas_wdt: don't set divider while watchdog is running
ARM: dts: Fix up the D-Link DIR-685 MTD partition info
media: coda: fix H.264 deblocking filter controls
mips: bpf: fix encoding bug for mm_srlv32_op
ARM: dts: Fix OMAP4430 SDP Ethernet startup
iommu/amd: Fix amd_iommu=force_isolation
pinctrl: sx150x: handle failure case of devm_kstrdup
gpio: mt7621: pass mediatek_gpio_bank_probe() failure up the stack
gpio: mt7621: report failure of devm_kasprintf()
usb: dwc3: trace: add missing break statement to make compiler happy
IB/hfi1: Unreserve a reserved request when it is completed
kobject: return error code if writing /sys/.../uevent fails
driver core: Move async_synchronize_full call
tipc: fix node keep alive interval calculation
drm/amdgpu/powerplay: fix clock stretcher limits on polaris (v2)
media: imx274: select REGMAP_I2C
clk: sunxi-ng: a33: Set CLK_SET_RATE_PARENT for all audio module clocks
usb: mtu3: fix the issue about SetFeature(U1/U2_Enable)
timekeeping: Use proper seqcount initializer
usb: hub: delay hub autosuspend if USB3 port is still link training
usb: dwc2: Disable power down feature on Samsung SoCs
usb: dwc3: Correct the logic for checking TRB full in __dwc3_prepare_one_trb()
xtensa: xtfpga.dtsi: fix dtc warnings about SPI
smack: fix access permissions for keyring
media: DaVinci-VPBE: fix error handling in vpbe_initialize()
media: i2c: TDA1997x: select CONFIG_HDMI
x86/fpu: Add might_fault() to user_insn()
ARM: dts: aspeed: add missing memory unit-address
ARM: dts: mmp2: fix TWSI2
drm/v3d: Fix prime imports of buffers from other drivers.
arm64: ftrace: don't adjust the LR value
mt76x0: dfs: fix IBI_R11 configuration on non-radar channels
s390/zcrypt: improve special ap message cmd handling
firmware/efi: Add NULL pointer checks in efivars API functions
thermal: Fix locking in cooling device sysfs update cur_state
Thermal: do not clear passive state during system sleep
arm64: io: Ensure value passed to __iormb() is held in a 64-bit register
perf: arm_spe: handle devm_kasprintf() failure
drm: Clear state->acquire_ctx before leaving drm_atomic_helper_commit_duplicated_state()
nfsd4: fix crash on writing v4_end_grace before nfsd startup
soc: bcm: brcmstb: Don't leak device tree node reference
sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
net: aquantia: return 'err' if set MPI_DEINIT state fails
arm64: io: Ensure calls to delay routines are ordered against prior readX()
i2c: sh_mobile: add support for r8a77990 (R-Car E3)
f2fs: fix wrong return value of f2fs_acl_create
f2fs: fix race between write_checkpoint and write_begin
f2fs: move dir data flush to write checkpoint process
staging: pi433: fix potential null dereference
ACPI: SPCR: Consider baud rate 0 as preconfigured state
media: adv*/tc358743/ths8200: fill in min width/height/pixelclock
iio: accel: kxcjk1013: Add KIOX010A ACPI Hardware-ID
iio: adc: meson-saradc: fix internal clock names
iio: adc: meson-saradc: check for devm_kasprintf failure
powerpc/32: Add .data..Lubsan_data*/.data..Lubsan_type* sections explicitly
dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll
ptp: Fix pass zero to ERR_PTR() in ptp_clock_register
clk: meson: meson8b: mark the CPU clock as CLK_IS_CRITICAL
clk: meson: meson8b: fix the width of the cpu_scale_div clock
clk: meson: meson8b: do not use cpu_div3 for cpu_scale_out_sel
staging: erofs: fix the definition of DBG_BUGON
media: mtk-vcodec: Release device nodes in mtk_vcodec_init_enc_pm()
media: video-i2c: avoid accessing released memory area when removing driver
media: rc: ensure close() is called on rc_unregister_device
soc/tegra: Don't leak device tree node reference
perf tools: Add Hygon Dhyana support
modpost: validate symbol names also in find_elf_symbol
net/mlx5: EQ, Use the right place to store/read IRQ affinity hint
bpf: libbpf: retry map creation without the name
drm/amd/display: calculate stream->phy_pix_clk before clock mapping
drm/amd/display: fix gamma not being applied correctly
ARM: OMAP2+: hwmod: Fix some section annotations
drm/rockchip: fix for mailbox read size
usbnet: smsc95xx: fix rx packet alignment
staging: iio: ad7780: update voltage on read
scsi: hisi_sas: change the time of SAS SSP connection
i40e: prevent overlapping tx_timeout recover
platform/chrome: don't report EC_MKBP_EVENT_SENSOR_FIFO as wakeup
vbox: fix link error with 'gcc -Og'
fpga: altera-cvp: fix 'bad IO access' on x86_64
Tools: hv: kvp: Fix a warning of buffer overflow with gcc 8.0.1
fpga: altera-cvp: Fix registration for CvP incapable devices
staging:iio:ad2s90: Make probe handle spi_setup failure
iwlwifi: fw: do not set sgi bits for HE connection
dpaa2-ptp: defer probe when portal allocation failed
MIPS: Boston: Disable EG20T prefetch
ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
serial: fsl_lpuart: clear parity enable bit when disable parity
drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE
crypto: aes_ti - disable interrupts while accessing S-box
powerpc/pseries: add of_node_put() in dlpar_detach_node()
x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
dlm: Don't swamp the CPU with callbacks queued during recovery
clk: boston: fix possible memory leak in clk_boston_setup()
ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event
scsi: mpt3sas: Call sas_remove_host before removing the target devices
scsi: lpfc: Correct LCB RJT handling
ath9k: dynack: use authentication messages for 'late' ack
ath10k: assign 'n_cipher_suites' for WCN3990
wil6210: fix memory leak in wil_find_tx_bcast_2
wil6210: fix reset flow for Talyn-mb
nds32: Fix gcc 8.0 compiler option incompatible.
gpu: ipu-v3: image-convert: Prevent race between run and unprepare
genirq/affinity: Spread IRQs to all available NUMA nodes
drm/sun4i: Initialize registers in tcon-top driver
gpiolib: Fix possible use after free on label
ASoC: Intel: mrfld: fix uninitialized variable access
pinctrl: bcm2835: Use raw spinlock for RT compatibility
drm/vgem: Fix vgem_init to get drm device available.
staging: iio: adc: ad7280a: handle error from __ad7280_read32()
drm/bufs: Fix Spectre v1 vulnerability
devres: Align data[] to ARCH_KMALLOC_MINALIGN
ANDROID: Turn xt_owner module on
UPSTREAM: virt_wifi: fix error return code in virt_wifi_newlink()
Conflicts:
arch/arm64/include/asm/io.h
drivers/iommu/arm-smmu.c
drivers/thermal/thermal_core.c
Change-Id: Ic348640eaeb3501bfc61d0b6907b7fcbb83f5118
Signed-off-by: Ivaylo Georgiev <irgeorgiev@codeaurora.org>
|
||
|
Johannes Weiner
|
5f5cfd3d97 |
sched: loadavg: consolidate LOAD_INT, LOAD_FRAC, CALC_LOAD
There are several definitions of those functions/macros in places that mess with fixed-point load averages. Provide an official version. [akpm@linux-foundation.org: fix missed conversion in block/blk-iolatency.c] Link: http://lkml.kernel.org/r/20180828172258.3185-5-hannes@cmpxchg.org Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Tested-by: Suren Baghdasaryan <surenb@google.com> Tested-by: Daniel Drake <drake@endlessm.com> Cc: Christopher Lameter <cl@linux.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Johannes Weiner <jweiner@fb.com> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Enderborg <peter.enderborg@sony.com> Cc: Randy Dunlap <rdunlap@infradead.org> Cc: Shakeel Butt <shakeelb@google.com> Cc: Tejun Heo <tj@kernel.org> Cc: Vinayak Menon <vinmenon@codeaurora.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Change-Id: I4a80de69163ba101eda09bc28d7121bab0e452aa Git-commit: 8508cf3ffad4defa202b303e5b6379efc4cd9054 Git-repo: https://source.codeaurora.org/quic/la/kernel/msm-4.19 [pdaly@codeaurora.org: resolved block/blk-iolatency conflict] Signed-off-by: Patrick Daly <pdaly@codeaurora.org> |
||
|
Douglas Anderson
|
3818c29a65 |
kdb: Don't back trace on a cpu that didn't round up
[ Upstream commit 162bc7f5afd75b72acbe3c5f3488ef7e64a3fe36 ] If you have a CPU that fails to round up and then run 'btc' you'll end up crashing in kdb becaue we dereferenced NULL. Let's add a check. It's wise to also set the task to NULL when leaving the debugger so that if we fail to round up on a later entry into the debugger we won't backtrace a stale task. Signed-off-by: Douglas Anderson <dianders@chromium.org> Acked-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Rishabh Bhatnagar
|
4ac13bd161 |
Merge remote-tracking branch 'origin_4.19/tmp-0567d2f' into msm-4.19
* origin_4.19/tmp-0567d2f:
Linux 4.19.9
HID: quirks: fix RetroUSB.com devices
mac80211: ignore NullFunc frames in the duplicate detection
mac80211: fix reordering of buffered broadcast packets
mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext
mac80211: Clear beacon_int in ieee80211_do_stop
mac80211: fix GFP_KERNEL under tasklet context
mac80211_hwsim: Timer should be initialized before device registered
cfg80211: Fix busy loop regression in ieee80211_ie_split_ric()
libnvdimm, pfn: Pad pfn namespaces relative to other regions
kgdboc: fix KASAN global-out-of-bounds bug in param_set_kgdboc_var()
gnss: sirf: fix activation retry handling
tty: do not set TTY_IO_ERROR flag if console port
tty: serial: 8250_mtk: always resume the device in probe.
Drivers: hv: vmbus: Offload the handling of channels to two workqueues
x86/efi: Allocate e820 buffer before calling efi_exit_boot_service
kprobes/x86: Fix instruction patching corruption when copying more than one RIP-relative instruction
drm/i915: Downgrade Gen9 Plane WM latency error
drm/amdgpu/gmc8: always load MC firmware in the driver
drm/amdgpu/gmc8: update MC firmware for polaris
drm/msm: Move fence put to where failure occurs
drm/lease: Send a distinct uevent
drm/amdgpu: update mc firmware image for polaris12 variants
crypto: do not free algorithm before using
Revert commit
|
||
|
Blagovest Kolenichev
|
60b1073aea |
Merge LTS tag v4.19.3 into msm-kona
* refs/heads/tmp-73aa1c8:
Revert "drm/msm: dpu: Allow planes to extend past active display"
Revert "drm/msm/disp/dpu: Use proper define for drm_encoder_init() 'encoder_type'"
Linux 4.19.3
Revert "ACPICA: AML interpreter: add region addresses in global list during initialization"
CONFIG_XEN_PV breaks xen_create_contiguous_region on ARM
drm/i915: Fix hpd handling for pins with two encoders
drm/i915: Fix NULL deref when re-enabling HPD IRQs on systems with MST
drm/i915: Fix possible race in intel_dp_add_mst_connector()
drm/i915/execlists: Force write serialisation into context image vs execution
drm/i915/ringbuffer: Delay after EMIT_INVALIDATE for gen4/gen5
drm/i915: Mark pin flags as u64
drm/i915: Don't oops during modeset shutdown after lpe audio deinit
drm/i915: Compare user's 64b GTT offset even on 32b
drm/i915: Fix ilk+ watermarks when disabling pipes
drm/i915: Fix error handling for the NV12 fb dimensions check
drm/i915: Mark up GTT sizes as u64
drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values
drm/i915/icl: Fix the macros for DFLEXDPMLE register bits
drm/i915/dp: Restrict link retrain workaround to external monitors
drm/i915/dp: Fix link retraining comment in intel_dp_long_pulse()
drm/i915: Large page offsets for pread/pwrite
drm/i915: Skip vcpi allocation for MSTB ports that are gone
drm/i915: Don't unset intel_connector->mst_port
drm/i915: Restore vblank interrupts earlier
drm/i915: Use the correct crtc when sanitizing plane mapping
drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode
drm: panel-orientation-quirks: Add quirk for Acer One 10 (S1003)
drm/dp_mst: Check if primary mstb is null
drm/etnaviv: fix bogus fence complete check in timeout handler
drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD
drm/nouveau: Fix nv50_mstc->best_encoder()
drm/nouveau: Check backlight IDs are >= 0, not > 0
drm/amdgpu: Suppress keypresses from ACPI_VIDEO events
drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type
drm/amdgpu: Fix typo in amdgpu_vmid_mgr_init
drm/rockchip: Allow driver to be shutdown on reboot/kexec
scripts/spdxcheck.py: make python3 compliant
mm: don't reclaim inodes with many attached pages
efi/arm/libstub: Pack FDT after populating it
mm/swapfile.c: use kvzalloc for swap_info_struct allocation
hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444!
lib/ubsan.c: don't mark __ubsan_handle_builtin_unreachable as noreturn
crypto: user - fix leaking uninitialized memory to userspace
libata: blacklist SAMSUNG MZ7TD256HAFV-000L9 SSD
gfs2: Fix metadata read-ahead during truncate (2)
gfs2: Put bitmap buffers in put_super
selinux: check length properly in SCTP bind hook
fuse: fix possibly missed wake-up after abort
fuse: fix leaked notify reply
fuse: fix use-after-free in fuse_direct_IO()
rtc: hctosys: Add missing range error reporting
nfsd: COPY and CLONE operations require the saved filehandle to be set
NFSv4: Don't exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING
sunrpc: correct the computation for page_ptr when truncating
kdb: print real address of pointers instead of hashed addresses
kdb: use correct pointer when 'btc' calls 'btt'
ARM: cpuidle: Don't register the driver when back-end init returns -ENXIO
uapi: fix linux/kfd_ioctl.h userspace compilation errors
mnt: fix __detach_mounts infinite loop
mount: Prevent MNT_DETACH from disconnecting locked mounts
mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
mount: Retest MNT_LOCKED in do_umount
ext4: fix buffer leak in __ext4_read_dirblock() on error path
ext4: fix buffer leak in ext4_expand_extra_isize_ea() on error path
ext4: fix buffer leak in ext4_xattr_move_to_block() on error path
ext4: release bs.bh before re-using in ext4_xattr_block_find()
ext4: fix buffer leak in ext4_xattr_get_block() on error path
ext4: fix possible leak of s_journal_flag_rwsem in error path
ext4: fix possible leak of sbi->s_group_desc_leak in error path
ext4: avoid possible double brelse() in add_new_gdb() on error path
ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing
ext4: avoid buffer leak in ext4_orphan_add() after prior errors
ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty()
ext4: fix possible inode leak in the retry loop of ext4_resize_fs()
ext4: missing !bh check in ext4_xattr_inode_write()
ext4: avoid potential extra brelse in setup_new_flex_group_blocks()
ext4: add missing brelse() add_new_gdb_meta_bg()'s error path
ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path
ext4: add missing brelse() update_backups()'s error path
clockevents/drivers/i8253: Add support for PIT shutdown quirk
btrfs: tree-checker: Fix misleading group system information
Btrfs: fix data corruption due to cloning of eof block
Btrfs: fix infinite loop on inode eviction after deduplication of eof block
Btrfs: fix cur_offset in the error case for nocow
Btrfs: fix missing data checksums after a ranged fsync (msync)
btrfs: fix pinned underflow after transaction aborted
watchdog/core: Add missing prototypes for weak functions
arch/alpha, termios: implement BOTHER, IBSHIFT and termios2
termios, tty/tty_baudrate.c: fix buffer overrun
x86/hyper-v: Enable PIT shutdown quirk
x86/cpu/vmware: Do not trace vmware_sched_clock()
of, numa: Validate some distance map rules
perf intel-pt: Insert callchain context into synthesized callchains
perf intel-pt/bts: Calculate cpumode for synthesized samples
perf callchain: Honour the ordering of PERF_CONTEXT_{USER,KERNEL,etc}
perf stat: Handle different PMU names with common prefix
perf cs-etm: Correct CPU mode for samples
hwmon: (core) Fix double-free in __hwmon_device_register()
mtd: docg3: don't set conflicting BCH_CONST_PARAMS option
mtd: nand: Fix nanddev_neraseblocks()
mtd: spi-nor: cadence-quadspi: Return error code in cqspi_direct_read_execute()
bonding/802.3ad: fix link_failure_count tracking
ARM: 8809/1: proc-v7: fix Thumb annotation of cpu_v7_hvc_switch_mm
netfilter: conntrack: fix calculation of next bucket number in early_drop
memory_hotplug: cond_resched in __remove_pages
mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings
ocfs2: free up write context when direct IO failed
ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry
soc: ti: QMSS: Fix usage of irq_set_affinity_hint
Revert "powerpc/8xx: Use L1 entry APG to handle _PAGE_ACCESSED for CONFIG_SWAP"
SCSI: fix queue cleanup race before queue initialization is done
scsi: qla2xxx: Initialize port speed to avoid setting lower speed
vhost/scsi: truncate T10 PI iov_iter to prot_bytes
crypto: hisilicon - Fix reference after free of memories on error path
crypto: hisilicon - Fix NULL dereference for same dst and src
reset: hisilicon: fix potential NULL pointer dereference
acpi, nfit: Fix ARS overflow continuation
acpi/nfit, x86/mce: Validate a MCE's address before using it
acpi/nfit, x86/mce: Handle only uncorrectable machine checks
mach64: fix image corruption due to reading accelerator registers
mach64: fix display corruption on big endian machines
thermal: core: Fix use-after-free in thermal_cooling_device_destroy_sysfs
Revert "ceph: fix dentry leak in splice_dentry()"
libceph: bump CEPH_MSG_MAX_DATA_LEN
clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call
clk: rockchip: fix wrong mmc sample phase shift for rk3328
clk: sunxi-ng: h6: fix bus clocks' divider position
clk: at91: Fix division by zero in PLL recalc_rate()
clk: s2mps11: Fix matching when built as module and DT node contains compatible
um: Drop own definition of PTRACE_SYSEMU/_SINGLESTEP
xtensa: fix boot parameters address translation
xtensa: make sure bFLT stack is 16 byte aligned
xtensa: add NOTES section to the linker script
MIPS: Loongson-3: Fix BRIDGE irq delivery problem
MIPS: Loongson-3: Fix CPU UART irq delivery problem
zram: close udev startup race condition as default groups
clk: meson: axg: mark fdiv2 and fdiv3 as critical
clk: meson-gxbb: set fclk_div3 as CLK_IS_CRITICAL
arm64: dts: stratix10: fix multicast filtering
arm64: dts: stratix10: Support Ethernet Jumbo frame
drm/msm: fix OF child-node lookup
fuse: set FR_SENT while locked
fuse: fix blocked_waitq wakeup
fuse: Fix use-after-free in fuse_dev_do_write()
fuse: Fix use-after-free in fuse_dev_do_read()
vfs: fix FIGETBSZ ioctl on an overlayfs file
scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured
scsi: qla2xxx: Fix duplicate switch database entries
scsi: qla2xxx: Fix NVMe Target discovery
scsi: qla2xxx: Fix NVMe session hang on unload
scsi: qla2xxx: Fix for double free of SRB structure
scsi: qla2xxx: Fix re-using LoopID when handle is in use
scsi: qla2xxx: Reject bsg request if chip is down.
scsi: qla2xxx: shutdown chip if reset fail
scsi: qla2xxx: Fix early srb free on abort
scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx
scsi: qla2xxx: Fix process response queue for ISP26XX and above
scsi: qla2xxx: Fix incorrect port speed being set for FC adapters
serial: sh-sci: Fix could not remove dev_attr_rx_fifo_timeout
ovl: automatically enable redirect_dir on metacopy=on
ovl: check whiteout in ovl_create_over_whiteout()
ovl: fix recursive oi->lock in ovl_link()
ovl: fix error handling in ovl_verify_set_fh()
cdrom: fix improper type cast, which can leat to information leak.
media: ov5640: fix restore of last mode set
drm/amdgpu: fix integer overflow test in amdgpu_bo_list_create()
9p: clear dangling pointers in p9stat_free
media: ov5640: fix mode change regression
ARM: dts: imx6ull: keep IMX6UL_ prefix for signals on both i.MX6UL and i.MX6ULL
udf: Prevent write-unsupported filesystem to be remounted read-write
9p locks: fix glock.client_id leak in do_lock
staging: most: video: fix registration of an empty comp core_component
drm/amdgpu: Fix SDMA TO after GPU reset v3
drm: rcar-du: Update Gen3 output limitations
staging:iio:ad7606: fix voltage scales
powerpc/selftests: Wait all threads to join
media: tvp5150: fix width alignment during set_selection()
sc16is7xx: Fix for multi-channel stall
serial: 8250_of: Fix for lack of interrupt support
staging: erofs: fix a missing endian conversion
MIPS/PCI: Call pcie_bus_configure_settings() to set MPS/MRRS
powerpc/memtrace: Remove memory in chunks
powerpc/boot: Ensure _zimage_start is a weak symbol
MIPS: kexec: Mark CPU offline before disabling local IRQ
media: coda: don't overwrite h.264 profile_idc on decoder instance
media: pci: cx23885: handle adding to list failure
drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer pointer
drm/amd/display: fix gamma not being applied
drm/amd/display: Raise dispclk value for dce120 by 15%
drm/omap: fix memory barrier bug in DMM driver
powerpc/mm: Don't report hugepage tables as memory leaks when using kmemleak
drm/msm: dpu: Allow planes to extend past active display
drm/msm/disp/dpu: Use proper define for drm_encoder_init() 'encoder_type'
drm/msm/gpu: fix parameters in function msm_gpu_crashstate_capture
powerpc/nohash: fix undefined behaviour when testing page size support
ARM: imx_v6_v7_defconfig: Select CONFIG_TMPFS_POSIX_ACL
drm/amdgpu/powerplay: fix missing break in switch statements
drm/nouveau/secboot/acr: fix memory leak
tracing/kprobes: Check the probe on unloaded module correctly
tty: check name length in tty_find_polling_driver()
powerpc/eeh: Fix possible null deref in eeh_dump_dev_log()
powerpc/Makefile: Fix PPC_BOOK3S_64 ASFLAGS
Input: wm97xx-ts - fix exit path
drm/amd/display: fix bug of accessing invalid memory
powerpc/mm: fix always true/false warning in slice.c
powerpc/mm: Fix page table dump to work on Radix
powerpc/64/module: REL32 relocation range check
powerpc/traps: restore recoverability of machine_check interrupts
Change-Id: Id971c3ddeb610be8aee4ff531ec3fb20ad0db58d
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Prarit Bhargava
|
2bc40f89f4 |
kdb: Use strscpy with destination buffer size
[ Upstream commit c2b94c72d93d0929f48157eef128c4f9d2e603ce ]
gcc 8.1.0 warns with:
kernel/debug/kdb/kdb_support.c: In function ‘kallsyms_symbol_next’:
kernel/debug/kdb/kdb_support.c:239:4: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
strncpy(prefix_name, name, strlen(name)+1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/debug/kdb/kdb_support.c:239:31: note: length computed here
Use strscpy() with the destination buffer size, and use ellipses when
displaying truncated symbols.
v2: Use strscpy()
Signed-off-by: Prarit Bhargava <prarit@redhat.com>
Cc: Jonathan Toppins <jtoppins@redhat.com>
Cc: Jason Wessel <jason.wessel@windriver.com>
Cc: Daniel Thompson <daniel.thompson@linaro.org>
Cc: kgdb-bugreport@lists.sourceforge.net
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Christophe Leroy
|
401182ae09 |
kdb: print real address of pointers instead of hashed addresses
commit 568fb6f42ac6851320adaea25f8f1b94de14e40a upstream. Since commit |
||
|
Christophe Leroy
|
47052af237 |
kdb: use correct pointer when 'btc' calls 'btt'
commit dded2e159208a9edc21dd5c5f583afa28d378d39 upstream.
On a powerpc 8xx, 'btc' fails as follows:
Entering kdb (current=0x(ptrval), pid 282) due to Keyboard Entry
kdb> btc
btc: cpu status: Currently on cpu 0
Available cpus: 0
kdb_getarea: Bad address 0x0
when booting the kernel with 'debug_boot_weak_hash', it fails as well
Entering kdb (current=0xba99ad80, pid 284) due to Keyboard Entry
kdb> btc
btc: cpu status: Currently on cpu 0
Available cpus: 0
kdb_getarea: Bad address 0xba99ad80
On other platforms, Oopses have been observed too, see
https://github.com/linuxppc/linux/issues/139
This is due to btc calling 'btt' with %p pointer as an argument.
This patch replaces %p by %px to get the real pointer value as
expected by 'btt'
Fixes:
|
||
|
Colin Cross
|
da5453d178 |
ANDROID: kdb: support new lines without carriage returns
kdb expects carriage returns through the serial port to terminate commands. Modify it to accept the first seen carriage return or new line as a terminator, but not treat \r\n as two terminators. Change-Id: I06166017e7703d24310eefcb71c3a7d427088db7 Signed-off-by: Colin Cross <ccross@android.com> |
||
|
Kees Cook
|
6396bb2215 |
treewide: kzalloc() -> kcalloc()
The kzalloc() function has a 2-factor argument form, kcalloc(). This
patch replaces cases of:
kzalloc(a * b, gfp)
with:
kcalloc(a * b, gfp)
as well as handling cases of:
kzalloc(a * b * c, gfp)
with:
kzalloc(array3_size(a, b, c), gfp)
as it's slightly less ugly than:
kzalloc_array(array_size(a, b), c, gfp)
This does, however, attempt to ignore constant size factors like:
kzalloc(4 * 1024, gfp)
though any constants defined via macros get caught up in the conversion.
Any factors with a sizeof() of "unsigned char", "char", and "u8" were
dropped, since they're redundant.
The Coccinelle script used for this was:
// Fix redundant parens around sizeof().
@@
type TYPE;
expression THING, E;
@@
(
kzalloc(
- (sizeof(TYPE)) * E
+ sizeof(TYPE) * E
, ...)
|
kzalloc(
- (sizeof(THING)) * E
+ sizeof(THING) * E
, ...)
)
// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
@@
(
kzalloc(
- sizeof(u8) * (COUNT)
+ COUNT
, ...)
|
kzalloc(
- sizeof(__u8) * (COUNT)
+ COUNT
, ...)
|
kzalloc(
- sizeof(char) * (COUNT)
+ COUNT
, ...)
|
kzalloc(
- sizeof(unsigned char) * (COUNT)
+ COUNT
, ...)
|
kzalloc(
- sizeof(u8) * COUNT
+ COUNT
, ...)
|
kzalloc(
- sizeof(__u8) * COUNT
+ COUNT
, ...)
|
kzalloc(
- sizeof(char) * COUNT
+ COUNT
, ...)
|
kzalloc(
- sizeof(unsigned char) * COUNT
+ COUNT
, ...)
)
// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
type TYPE;
expression THING;
identifier COUNT_ID;
constant COUNT_CONST;
@@
(
- kzalloc
+ kcalloc
(
- sizeof(TYPE) * (COUNT_ID)
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(TYPE) * COUNT_ID
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(TYPE) * (COUNT_CONST)
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(TYPE) * COUNT_CONST
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(THING) * (COUNT_ID)
+ COUNT_ID, sizeof(THING)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(THING) * COUNT_ID
+ COUNT_ID, sizeof(THING)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(THING) * (COUNT_CONST)
+ COUNT_CONST, sizeof(THING)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(THING) * COUNT_CONST
+ COUNT_CONST, sizeof(THING)
, ...)
)
// 2-factor product, only identifiers.
@@
identifier SIZE, COUNT;
@@
- kzalloc
+ kcalloc
(
- SIZE * COUNT
+ COUNT, SIZE
, ...)
// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression THING;
identifier STRIDE, COUNT;
type TYPE;
@@
(
kzalloc(
- sizeof(TYPE) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kzalloc(
- sizeof(TYPE) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kzalloc(
- sizeof(TYPE) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kzalloc(
- sizeof(TYPE) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kzalloc(
- sizeof(THING) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kzalloc(
- sizeof(THING) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kzalloc(
- sizeof(THING) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kzalloc(
- sizeof(THING) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
)
// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression THING1, THING2;
identifier COUNT;
type TYPE1, TYPE2;
@@
(
kzalloc(
- sizeof(TYPE1) * sizeof(TYPE2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kzalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kzalloc(
- sizeof(THING1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kzalloc(
- sizeof(THING1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kzalloc(
- sizeof(TYPE1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
|
kzalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
)
// 3-factor product, only identifiers, with redundant parens removed.
@@
identifier STRIDE, SIZE, COUNT;
@@
(
kzalloc(
- (COUNT) * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- COUNT * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- COUNT * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- (COUNT) * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- COUNT * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- (COUNT) * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- (COUNT) * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kzalloc(
- COUNT * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
)
// Any remaining multi-factor products, first at least 3-factor products,
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
@@
(
kzalloc(C1 * C2 * C3, ...)
|
kzalloc(
- (E1) * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
|
kzalloc(
- (E1) * (E2) * E3
+ array3_size(E1, E2, E3)
, ...)
|
kzalloc(
- (E1) * (E2) * (E3)
+ array3_size(E1, E2, E3)
, ...)
|
kzalloc(
- E1 * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
)
// And then all remaining 2 factors products when they're not all constants,
// keeping sizeof() as the second factor argument.
@@
expression THING, E1, E2;
type TYPE;
constant C1, C2, C3;
@@
(
kzalloc(sizeof(THING) * C2, ...)
|
kzalloc(sizeof(TYPE) * C2, ...)
|
kzalloc(C1 * C2 * C3, ...)
|
kzalloc(C1 * C2, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(TYPE) * (E2)
+ E2, sizeof(TYPE)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(TYPE) * E2
+ E2, sizeof(TYPE)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(THING) * (E2)
+ E2, sizeof(THING)
, ...)
|
- kzalloc
+ kcalloc
(
- sizeof(THING) * E2
+ E2, sizeof(THING)
, ...)
|
- kzalloc
+ kcalloc
(
- (E1) * E2
+ E1, E2
, ...)
|
- kzalloc
+ kcalloc
(
- (E1) * (E2)
+ E1, E2
, ...)
|
- kzalloc
+ kcalloc
(
- E1 * E2
+ E1, E2
, ...)
)
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||
|
Kees Cook
|
6da2ec5605 |
treewide: kmalloc() -> kmalloc_array()
The kmalloc() function has a 2-factor argument form, kmalloc_array(). This
patch replaces cases of:
kmalloc(a * b, gfp)
with:
kmalloc_array(a * b, gfp)
as well as handling cases of:
kmalloc(a * b * c, gfp)
with:
kmalloc(array3_size(a, b, c), gfp)
as it's slightly less ugly than:
kmalloc_array(array_size(a, b), c, gfp)
This does, however, attempt to ignore constant size factors like:
kmalloc(4 * 1024, gfp)
though any constants defined via macros get caught up in the conversion.
Any factors with a sizeof() of "unsigned char", "char", and "u8" were
dropped, since they're redundant.
The tools/ directory was manually excluded, since it has its own
implementation of kmalloc().
The Coccinelle script used for this was:
// Fix redundant parens around sizeof().
@@
type TYPE;
expression THING, E;
@@
(
kmalloc(
- (sizeof(TYPE)) * E
+ sizeof(TYPE) * E
, ...)
|
kmalloc(
- (sizeof(THING)) * E
+ sizeof(THING) * E
, ...)
)
// Drop single-byte sizes and redundant parens.
@@
expression COUNT;
typedef u8;
typedef __u8;
@@
(
kmalloc(
- sizeof(u8) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(__u8) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(char) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(unsigned char) * (COUNT)
+ COUNT
, ...)
|
kmalloc(
- sizeof(u8) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(__u8) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(char) * COUNT
+ COUNT
, ...)
|
kmalloc(
- sizeof(unsigned char) * COUNT
+ COUNT
, ...)
)
// 2-factor product with sizeof(type/expression) and identifier or constant.
@@
type TYPE;
expression THING;
identifier COUNT_ID;
constant COUNT_CONST;
@@
(
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (COUNT_ID)
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * COUNT_ID
+ COUNT_ID, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (COUNT_CONST)
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * COUNT_CONST
+ COUNT_CONST, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (COUNT_ID)
+ COUNT_ID, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * COUNT_ID
+ COUNT_ID, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (COUNT_CONST)
+ COUNT_CONST, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * COUNT_CONST
+ COUNT_CONST, sizeof(THING)
, ...)
)
// 2-factor product, only identifiers.
@@
identifier SIZE, COUNT;
@@
- kmalloc
+ kmalloc_array
(
- SIZE * COUNT
+ COUNT, SIZE
, ...)
// 3-factor product with 1 sizeof(type) or sizeof(expression), with
// redundant parens removed.
@@
expression THING;
identifier STRIDE, COUNT;
type TYPE;
@@
(
kmalloc(
- sizeof(TYPE) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(TYPE) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(TYPE))
, ...)
|
kmalloc(
- sizeof(THING) * (COUNT) * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * (COUNT) * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * COUNT * (STRIDE)
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
|
kmalloc(
- sizeof(THING) * COUNT * STRIDE
+ array3_size(COUNT, STRIDE, sizeof(THING))
, ...)
)
// 3-factor product with 2 sizeof(variable), with redundant parens removed.
@@
expression THING1, THING2;
identifier COUNT;
type TYPE1, TYPE2;
@@
(
kmalloc(
- sizeof(TYPE1) * sizeof(TYPE2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(TYPE2))
, ...)
|
kmalloc(
- sizeof(THING1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(THING1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(THING1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * COUNT
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
|
kmalloc(
- sizeof(TYPE1) * sizeof(THING2) * (COUNT)
+ array3_size(COUNT, sizeof(TYPE1), sizeof(THING2))
, ...)
)
// 3-factor product, only identifiers, with redundant parens removed.
@@
identifier STRIDE, SIZE, COUNT;
@@
(
kmalloc(
- (COUNT) * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * (STRIDE) * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * STRIDE * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- (COUNT) * (STRIDE) * (SIZE)
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
|
kmalloc(
- COUNT * STRIDE * SIZE
+ array3_size(COUNT, STRIDE, SIZE)
, ...)
)
// Any remaining multi-factor products, first at least 3-factor products,
// when they're not all constants...
@@
expression E1, E2, E3;
constant C1, C2, C3;
@@
(
kmalloc(C1 * C2 * C3, ...)
|
kmalloc(
- (E1) * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- (E1) * (E2) * E3
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- (E1) * (E2) * (E3)
+ array3_size(E1, E2, E3)
, ...)
|
kmalloc(
- E1 * E2 * E3
+ array3_size(E1, E2, E3)
, ...)
)
// And then all remaining 2 factors products when they're not all constants,
// keeping sizeof() as the second factor argument.
@@
expression THING, E1, E2;
type TYPE;
constant C1, C2, C3;
@@
(
kmalloc(sizeof(THING) * C2, ...)
|
kmalloc(sizeof(TYPE) * C2, ...)
|
kmalloc(C1 * C2 * C3, ...)
|
kmalloc(C1 * C2, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * (E2)
+ E2, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(TYPE) * E2
+ E2, sizeof(TYPE)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * (E2)
+ E2, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- sizeof(THING) * E2
+ E2, sizeof(THING)
, ...)
|
- kmalloc
+ kmalloc_array
(
- (E1) * E2
+ E1, E2
, ...)
|
- kmalloc
+ kmalloc_array
(
- (E1) * (E2)
+ E1, E2
, ...)
|
- kmalloc
+ kmalloc_array
(
- E1 * E2
+ E1, E2
, ...)
)
Signed-off-by: Kees Cook <keescook@chromium.org>
|
||
|
Linus Torvalds
|
cb098d50ec |
Merge tag 'for_linus-4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/kgdb
Pull kdb updates from Jason Wessel: - fix 2032 time access issues and new compiler warnings - minor regression test cleanup - formatting fixes for end user use of kdb * tag 'for_linus-4.16' of git://git.kernel.org/pub/scm/linux/kernel/git/jwessel/kgdb: kdb: use memmove instead of overlapping memcpy kdb: use ktime_get_mono_fast_ns() instead of ktime_get_ts() kdb: bl: don't use tab character in output kdb: drop newline in unknown command output kdb: make "mdr" command repeat kdb: use __ktime_get_real_seconds instead of __current_kernel_time misc: kgdbts: Display progress of asynchronous tests |
||
|
Arnd Bergmann
|
2cf2f0d5b9 |
kdb: use memmove instead of overlapping memcpy
gcc discovered that the memcpy() arguments in kdbnearsym() overlap, so
we should really use memmove(), which is defined to handle that correctly:
In function 'memcpy',
inlined from 'kdbnearsym' at /git/arm-soc/kernel/debug/kdb/kdb_support.c:132:4:
/git/arm-soc/include/linux/string.h:353:9: error: '__builtin_memcpy' accessing 792 bytes at offsets 0 and 8 overlaps 784 bytes at offset 8 [-Werror=restrict]
return __builtin_memcpy(p, q, size);
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
|
||
|
Baolin Wang
|
40b90efeae |
kdb: use ktime_get_mono_fast_ns() instead of ktime_get_ts()
The kdb code will print the monotonic time by ktime_get_ts(), but the ktime_get_ts() will be protected by a sequence lock, that will introduce one deadlock risk if the lock was already held in the context from which we entered the debugger. Thus we can use the ktime_get_mono_fast_ns() to get the monotonic time, which is NMI safe access to clock monotonic. Moreover we can remove the 'struct timespec', which is not y2038 safe. Signed-off-by: Baolin Wang <baolin.wang@linaro.org> Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org> Reviewed-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Randy Dunlap
|
33f765f698 |
kdb: bl: don't use tab character in output
The "bl" (list breakpoints) command prints a '\t' (tab) character in its output, but on a console (video device), that just prints some odd graphics character. Instead of printing a tab character, just align the output with spaces. Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Cc: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: kgdb-bugreport@lists.sourceforge.net Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Randy Dunlap
|
b0f73bc7f1 |
kdb: drop newline in unknown command output
When an unknown command is entered, kdb prints "Unknown kdb command:" and then the unknown text, including the newline character. This causes the ending single-quote mark to be printed on the next line by itself, so just change the ending newline character to a null character (end of string) so that it won't be "printed." Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Cc: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: kgdb-bugreport@lists.sourceforge.net Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Randy Dunlap
|
1e0ce03bf1 |
kdb: make "mdr" command repeat
The "mdr" command should repeat (continue) when only Enter/Return is pressed, so make it do so. Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Cc: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: kgdb-bugreport@lists.sourceforge.net Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Arnd Bergmann
|
6909e29fde |
kdb: use __ktime_get_real_seconds instead of __current_kernel_time
kdb is the only user of the __current_kernel_time() interface, which is not y2038 safe and should be removed at some point. The kdb code also goes to great lengths to print the time in a human-readable format from 'struct timespec', again using a non-y2038-safe re-implementation of the generic time_to_tm() code. Using __current_kernel_time() here is necessary since the regular accessors that require a sequence lock might hang when called during the xtime update. However, this is safe in the particular case since kdb is only interested in the tv_sec field that is updated atomically. In order to make this y2038-safe, I'm converting the code to the generic time64_to_tm helper, but that introduces the problem that we have no interface like __current_kernel_time() that provides a 64-bit timestamp in a lockless, safe and architecture-independent way. I have multiple ideas for how to solve that: - __ktime_get_real_seconds() is lockless, but can return incorrect results on 32-bit architectures in the special case that we are in the process of changing the time across the epoch, either during the timer tick that overflows the seconds in 2038, or while calling settimeofday. - ktime_get_real_fast_ns() would work in this context, but does require a call into the clocksource driver to return a high-resolution timestamp. This may have undesired side-effects in the debugger, since we want to limit the interactions with the rest of the kernel. - Adding a ktime_get_real_fast_seconds() based on tk_fast_mono plus tkr->base_real without the tk_clock_read() delta. Not sure about the value of adding yet another interface here. - Changing the existing ktime_get_real_seconds() to use tk_fast_mono on 32-bit architectures rather than xtime_sec. I think this could work, but am not entirely sure if this is an improvement. I picked the first of those for simplicity here. It's technically not correct but probably good enough as the time is only used for the debugging output and the race will likely never be hit in practice. Another downside is having to move the declaration into a public header file. Let me know if anyone has a different preference. Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Link: https://patchwork.kernel.org/patch/9775309/ Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Eric W. Biederman
|
0b44bf9a6f |
signal: Simplify and fix kdb_send_sig
- Rename from kdb_send_sig_info to kdb_send_sig As there is no meaningful siginfo sent - Use SEND_SIG_PRIV instead of generating a siginfo for a kdb signal. The generated siginfo had a bogus rationale and was not correct in the face of pid namespaces. SEND_SIG_PRIV is simpler and actually correct. - As the code grabs siglock just send the signal with siglock held instead of dropping siglock and attempting to grab it again. - Move the sig_valid test into kdb_kill where it can generate a good error message. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> |
||
|
Daniel Thompson
|
c07d353380 |
kdb: Fix handling of kallsyms_symbol_next() return value
kallsyms_symbol_next() returns a boolean (true on success). Currently kdb_read() tests the return value with an inequality that unconditionally evaluates to true. This is fixed in the obvious way and, since the conditional branch is supposed to be unreachable, we also add a WARN_ON(). Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: linux-stable <stable@vger.kernel.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Ingo Molnar
|
b17b01533b |
sched/headers: Prepare for new header dependencies before moving code to <linux/sched/debug.h>
We are going to split <linux/sched/debug.h> out of <linux/sched.h>, which will have to be picked up from other headers and a couple of .c files. Create a trivial placeholder <linux/sched/debug.h> file that just maps to <linux/sched.h> to make this patch obviously correct and bisectable. Include the new header in the files that are going to need it. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Ingo Molnar
|
03441a3482 |
sched/headers: Prepare for new header dependencies before moving code to <linux/sched/stat.h>
We are going to split <linux/sched/stat.h> out of <linux/sched.h>, which will have to be picked up from other headers and a couple of .c files. Create a trivial placeholder <linux/sched/stat.h> file that just maps to <linux/sched.h> to make this patch obviously correct and bisectable. Include the new header in the files that are going to need it. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Ingo Molnar
|
38b8d208a4 |
sched/headers: Prepare for new header dependencies before moving code to <linux/sched/nmi.h>
We are going to move softlockup APIs out of <linux/sched.h>, which will have to be picked up from other headers and a couple of .c files. <linux/nmi.h> already includes <linux/sched.h>. Include the <linux/nmi.h> header in the files that are going to need it. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Ingo Molnar
|
3f07c01441 |
sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h>
We are going to split <linux/sched/signal.h> out of <linux/sched.h>, which will have to be picked up from other headers and a couple of .c files. Create a trivial placeholder <linux/sched/signal.h> file that just maps to <linux/sched.h> to make this patch obviously correct and bisectable. Include the new header in the files that are going to need it. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Ingo Molnar
|
4f17722c72 |
sched/headers: Prepare for new header dependencies before moving code to <linux/sched/loadavg.h>
We are going to split <linux/sched/loadavg.h> out of <linux/sched.h>, which will have to be picked up from a couple of .c files. Create a trivial placeholder <linux/sched/topology.h> file that just maps to <linux/sched.h> to make this patch obviously correct and bisectable. Include the new header in the files that are going to need it. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Ingo Molnar
|
314ff7851f |
mm/vmacache, sched/headers: Introduce 'struct vmacache' and move it from <linux/sched.h> to <linux/mm_types>
The <linux/sched.h> header includes various vmacache related defines, which are arguably misplaced. Move them to mm_types.h and minimize the sched.h impact by putting all task vmacache state into a new 'struct vmacache' structure. No change in functionality. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mike Galbraith <efault@gmx.de> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Petr Mladek
|
34aaff40b4 |
kdb: call vkdb_printf() from vprintk_default() only when wanted
kdb_trap_printk allows to pass normal printk() messages to kdb via vkdb_printk(). For example, it is used to get backtrace using the classic show_stack(), see kdb_show_stack(). vkdb_printf() tries to avoid a potential infinite loop by disabling the trap. But this approach is racy, for example: CPU1 CPU2 vkdb_printf() // assume that kdb_trap_printk == 0 saved_trap_printk = kdb_trap_printk; kdb_trap_printk = 0; kdb_show_stack() kdb_trap_printk++; Problem1: Now, a nested printk() on CPU0 calls vkdb_printf() even when it should have been disabled. It will not cause a deadlock but... // using the outdated saved value: 0 kdb_trap_printk = saved_trap_printk; kdb_trap_printk--; Problem2: Now, kdb_trap_printk == -1 and will stay like this. It means that all messages will get passed to kdb from now on. This patch removes the racy saved_trap_printk handling. Instead, the recursion is prevented by a check for the locked CPU. The solution is still kind of racy. A non-related printk(), from another process, might get trapped by vkdb_printf(). And the wanted printk() might not get trapped because kdb_printf_cpu is assigned. But this problem existed even with the original code. A proper solution would be to get_cpu() before setting kdb_trap_printk and trap messages only from this CPU. I am not sure if it is worth the effort, though. In fact, the race is very theoretical. When kdb is running any of the commands that use kdb_trap_printk there is a single active CPU and the other CPUs should be in a holding pen inside kgdb_cpu_enter(). The only time this is violated is when there is a timeout waiting for the other CPUs to report to the holding pen. Finally, note that the situation is a bit schizophrenic. vkdb_printf() explicitly allows recursion but only from KDB code that calls kdb_printf() directly. On the other hand, the generic printk() recursion is not allowed because it might cause an infinite loop. This is why we could not hide the decision inside vkdb_printf() easily. Link: http://lkml.kernel.org/r/1480412276-16690-4-git-send-email-pmladek@suse.com Signed-off-by: Petr Mladek <pmladek@suse.com> Cc: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Petr Mladek
|
d5d8d3d0d4 |
kdb: properly synchronize vkdb_printf() calls with other CPUs
kdb_printf_lock does not prevent other CPUs from entering the critical
section because it is ignored when KDB_STATE_PRINTF_LOCK is set.
The problematic situation might look like:
CPU0 CPU1
vkdb_printf()
if (!KDB_STATE(PRINTF_LOCK))
KDB_STATE_SET(PRINTF_LOCK);
spin_lock_irqsave(&kdb_printf_lock, flags);
vkdb_printf()
if (!KDB_STATE(PRINTF_LOCK))
BANG: The PRINTF_LOCK state is set and CPU1 is entering the critical
section without spinning on the lock.
The problem is that the code tries to implement locking using two state
variables that are not handled atomically. Well, we need a custom
locking because we want to allow reentering the critical section on the
very same CPU.
Let's use solution from Petr Zijlstra that was proposed for a similar
scenario, see
https://lkml.kernel.org/r/20161018171513.734367391@infradead.org
This patch uses the same trick with cmpxchg(). The only difference is
that we want to handle only recursion from the same context and
therefore we disable interrupts.
In addition, KDB_STATE_PRINTF_LOCK is removed. In fact, we are not able
to set it a non-racy way.
Link: http://lkml.kernel.org/r/1480412276-16690-3-git-send-email-pmladek@suse.com
Signed-off-by: Petr Mladek <pmladek@suse.com>
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
Cc: Jason Wessel <jason.wessel@windriver.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Petr Mladek
|
d1bd8ead12 |
kdb: remove unused kdb_event handling
kdb_event state variable is only set but never checked in the kernel code. http://www.spinics.net/lists/kdb/msg01733.html suggests that this variable affected WARN_CONSOLE_UNLOCKED() in the original implementation. But this check never went upstream. The semantic is unclear and racy. The value is updated after the kdb_printf_lock is acquired and after it is released. It should be symmetric at minimum. The value should be manipulated either inside or outside the locked area. Fortunately, it seems that the original function is gone and we could simply remove the state variable. Link: http://lkml.kernel.org/r/1480412276-16690-2-git-send-email-pmladek@suse.com Signed-off-by: Petr Mladek <pmladek@suse.com> Suggested-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Douglas Anderson
|
2d13bb6494 |
kernel/debug/debug_core.c: more properly delay for secondary CPUs
We've got a delay loop waiting for secondary CPUs. That loop uses loops_per_jiffy. However, loops_per_jiffy doesn't actually mean how many tight loops make up a jiffy on all architectures. It is quite common to see things like this in the boot log: Calibrating delay loop (skipped), value calculated using timer frequency.. 48.00 BogoMIPS (lpj=24000) In my case I was seeing lots of cases where other CPUs timed out entering the debugger only to print their stack crawls shortly after the kdb> prompt was written. Elsewhere in kgdb we already use udelay(), so that should be safe enough to use to implement our timeout. We'll delay 1 ms for 1000 times, which should give us a full second of delay (just like the old code wanted) but allow us to notice that we're done every 1 ms. [akpm@linux-foundation.org: simplifications, per Daniel] Link: http://lkml.kernel.org/r/1477091361-2039-1-git-send-email-dianders@chromium.org Signed-off-by: Douglas Anderson <dianders@chromium.org> Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Cc: Brian Norris <briannorris@chromium.org> Cc: <stable@vger.kernel.org> [4.0+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Petr Mladek
|
497957576c |
printk/kdb: handle more message headers
Commit
|
||
|
Kees Cook
|
d2aa1acad2 |
mm/init: Add 'rodata=off' boot cmdline parameter to disable read-only kernel mappings
It may be useful to debug writes to the readonly sections of memory, so provide a cmdline "rodata=off" to allow for this. This can be expanded in the future to support "log" and "write" modes, but that will need to be architecture-specific. This also makes KDB software breakpoints more usable, as read-only mappings can now be disabled on any kernel. Suggested-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: David Brown <david.brown@linaro.org> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Emese Revfy <re.emese@gmail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mathias Krause <minipli@googlemail.com> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: PaX Team <pageexec@freemail.hu> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: kernel-hardening@lists.openwall.com Cc: linux-arch <linux-arch@vger.kernel.org> Link: http://lkml.kernel.org/r/1455748879-21872-3-git-send-email-keescook@chromium.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|
Rusty Russell
|
7523e4dc50 |
module: use a structure to encapsulate layout.
Makes it easier to handle init vs core cleanly, though the change is fairly invasive across random architectures. It simplifies the rbtree code immediately, however, while keeping the core data together in the same cachline (now iff the rbtree code is enabled). Acked-by: Peter Zijlstra <peterz@infradead.org> Reviewed-by: Josh Poimboeuf <jpoimboe@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Jiri Kosina <jkosina@suse.cz> |
||
|
Colin Cross
|
5516fd7b92 |
debug: prevent entering debug mode on panic/exception.
On non-developer devices, kgdb prevents the device from rebooting after a panic. Incase of panics and exceptions, to allow the device to reboot, prevent entering debug mode to avoid getting stuck waiting for the user to interact with debugger. To avoid entering the debugger on panic/exception without any extra configuration, panic_timeout is being used which can be set via /proc/sys/kernel/panic at run time and CONFIG_PANIC_TIMEOUT sets the default value. Setting panic_timeout indicates that the user requested machine to perform unattended reboot after panic. We dont want to get stuck waiting for the user input incase of panic. Cc: Andrew Morton <akpm@linux-foundation.org> Cc: kgdb-bugreport@lists.sourceforge.net Cc: linux-kernel@vger.kernel.org Cc: Android Kernel Team <kernel-team@android.com> Cc: John Stultz <john.stultz@linaro.org> Cc: Sumit Semwal <sumit.semwal@linaro.org> Signed-off-by: Colin Cross <ccross@android.com> [Kiran: Added context to commit message. panic_timeout is used instead of break_on_panic and break_on_exception to honor CONFIG_PANIC_TIMEOUT Modified the commit as per community feedback] Signed-off-by: Kiran Raparthy <kiran.kumar@linaro.org> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
32d375f6f2 |
kdb: Const qualifier for kdb_getstr's prompt argument
All current callers of kdb_getstr() can pass constant pointers via the prompt argument. This patch adds a const qualification to make explicit the fact that this is safe. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
fb6daa7520 |
kdb: Provide forward search at more prompt
Currently kdb allows the output of comamnds to be filtered using the | grep feature. This is useful but does not permit the output emitted shortly after a string match to be examined without wading through the entire unfiltered output of the command. Such a feature is particularly useful to navigate function traces because these traces often have a useful trigger string *before* the point of interest. This patch reuses the existing filtering logic to introduce a simple forward search to kdb that can be triggered from the more prompt. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
ab08e464a2 |
kdb: Fix a prompt management bug when using | grep
Currently when the "| grep" feature is used to filter the output of a command then the prompt is not displayed for the subsequent command. Likewise any characters typed by the user are also not echoed to the display. This rather disconcerting problem eventually corrects itself when the user presses Enter and the kdb_grepping_flag is cleared as kdb_parse() tries to make sense of whatever they typed. This patch resolves the problem by moving the clearing of this flag from the middle of command processing to the beginning. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
5454388113 |
kdb: Remove stack dump when entering kgdb due to NMI
Issuing a stack dump feels ergonomically wrong when entering due to NMI. Entering due to NMI is normally a reaction to a user request, either the NMI button on a server or a "magic knock" on a UART. Therefore the backtrace behaviour on entry due to NMI should be like SysRq-g (no stack dump) rather than like oops. Note also that the stack dump does not offer any information that cannot be trivial retrieved using the 'bt' command. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
f7d4ca8bbf |
kdb: Avoid printing KERN_ levels to consoles
Currently when kdb traps printk messages then the raw log level prefix
(consisting of '\001' followed by a numeral) does not get stripped off
before the message is issued to the various I/O handlers supported by
kdb. This causes annoying visual noise as well as causing problems
grepping for ^. It is also a change of behaviour compared to normal usage
of printk() usage. For example <SysRq>-h ends up with different output to
that of kdb's "sr h".
This patch addresses the problem by stripping log levels from messages
before they are issued to the I/O handlers. printk() which can also
act as an i/o handler in some cases is special cased; if the caller
provided a log level then the prefix will be preserved when sent to
printk().
The addition of non-printable characters to the output of kdb commands is a
regression, albeit and extremely elderly one, introduced by commit
|
||
|
Jason Wessel
|
df0036d117 |
kdb: Fix off by one error in kdb_cpu()
There was a follow on replacement patch against the prior "kgdb: Timeout if secondary CPUs ignore the roundup". See: https://lkml.org/lkml/2015/1/7/442 This patch is the delta vs the patch that was committed upstream: * Fix an off-by-one error in kdb_cpu(). * Replace NR_CPUS with CONFIG_NR_CPUS to tell checkpatch that we really want a static limit. * Removed the "KGDB: " prefix from the pr_crit() in debug_core.c (kgdb-next contains a patch which introduced pr_fmt() to this file to the tag will now be applied automatically). Cc: Daniel Thompson <daniel.thompson@linaro.org> Cc: <stable@vger.kernel.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Jay Lan
|
1467559232 |
kdb: fix incorrect counts in KDB summary command output
The output of KDB 'summary' command should report MemTotal, MemFree and Buffers output in kB. Current codes report in unit of pages. A define of K(x) as is defined in the code, but not used. This patch would apply the define to convert the values to kB. Please include me on Cc on replies. I do not subscribe to linux-kernel. Signed-off-by: Jay Lan <jlan@sgi.com> Cc: <stable@vger.kernel.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Linus Torvalds
|
193934123c |
Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux
Pull module and param fixes from Rusty Russell: "Surprising number of fixes this merge window :( The first two are minor fallout from the param rework which went in this merge window. The next three are a series which fixes a longstanding (but never previously reported and unlikely , so no CC stable) race between kallsyms and freeing the init section. Finally, a minor cleanup as our module refcount will now be -1 during unload" * tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: module: make module_refcount() a signed integer. module: fix race in kallsyms resolution during module load success. module: remove mod arg from module_free, rename module_memfree(). module_arch_freeing_init(): new hook for archs before module->module_init freed. param: fix uninitialized read with CONFIG_DEBUG_LOCK_ALLOC param: initialize store function to NULL if not available. |
||
|
Rusty Russell
|
d5db139ab3 |
module: make module_refcount() a signed integer.
James Bottomley points out that it will be -1 during unload. It's only used for diagnostics, so let's not hide that as it could be a clue as to what's gone wrong. Cc: Jason Wessel <jason.wessel@windriver.com> Acked-and-documention-added-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: Masami Hiramatsu <maasami.hiramatsu.pt@hitachi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> |
||
|
Fabian Frederick
|
0f16996cf2 |
kernel/debug/debug_core.c: Logging clean-up
-Convert printk( to pr_foo() -Add pr_fmt -Coalesce formats Cc: Jason Wessel <jason.wessel@windriver.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Joe Perches <joe@perches.com> Signed-off-by: Fabian Frederick <fabf@skynet.be> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
a1465d2f39 |
kgdb: timeout if secondary CPUs ignore the roundup
Currently if an active CPU fails to respond to a roundup request the CPU that requested the roundup will become stuck. This needlessly reduces the robustness of the debugger. This patch introduces a timeout allowing the system state to be examined even when the system contains unresponsive processors. It also modifies kdb's cpu command to make it censor attempts to switch to unresponsive processors and to report their state as (D)ead. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
b8017177cd |
kdb: Allow access to sensitive commands to be restricted by default
Currently kiosk mode must be explicitly requested by the bootloader or userspace. It is convenient to be able to change the default value in a similar manner to CONFIG_MAGIC_SYSRQ_DEFAULT_MASK. Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Anton Vorontsov
|
420c2b1b0d |
kdb: Add enable mask for groups of commands
Currently all kdb commands are enabled whenever kdb is deployed. This makes it difficult to deploy kdb to help debug certain types of systems. Android phones provide one example; the FIQ debugger found on some Android devices has a deliberately weak set of commands to allow the debugger to enabled very late in the production cycle. Certain kiosk environments offer another interesting case where an engineer might wish to probe the system state using passive inspection commands without providing sufficient power for a passer by to root it. Without any restrictions, obtaining the root rights via KDB is a matter of a few commands, and works everywhere. For example, log in as a normal user: cbou:~$ id uid=1001(cbou) gid=1001(cbou) groups=1001(cbou) Now enter KDB (for example via sysrq): Entering kdb (current=0xffff8800065bc740, pid 920) due to Keyboard Entry kdb> ps 23 sleeping system daemon (state M) processes suppressed, use 'ps A' to see all. Task Addr Pid Parent [*] cpu State Thread Command 0xffff8800065bc740 920 919 1 0 R 0xffff8800065bca20 *bash 0xffff880007078000 1 0 0 0 S 0xffff8800070782e0 init [...snip...] 0xffff8800065be3c0 918 1 0 0 S 0xffff8800065be6a0 getty 0xffff8800065b9c80 919 1 0 0 S 0xffff8800065b9f60 login 0xffff8800065bc740 920 919 1 0 R 0xffff8800065bca20 *bash All we need is the offset of cred pointers. We can look up the offset in the distro's kernel source, but it is unnecessary. We can just start dumping init's task_struct, until we see the process name: kdb> md 0xffff880007078000 0xffff880007078000 0000000000000001 ffff88000703c000 ................ 0xffff880007078010 0040210000000002 0000000000000000 .....!@......... [...snip...] 0xffff8800070782b0 ffff8800073e0580 ffff8800073e0580 ..>.......>..... 0xffff8800070782c0 0000000074696e69 0000000000000000 init............ ^ Here, 'init'. Creds are just above it, so the offset is 0x02b0. Now we set up init's creds for our non-privileged shell: kdb> mm 0xffff8800065bc740+0x02b0 0xffff8800073e0580 0xffff8800065bc9f0 = 0xffff8800073e0580 kdb> mm 0xffff8800065bc740+0x02b8 0xffff8800073e0580 0xffff8800065bc9f8 = 0xffff8800073e0580 And thus gaining the root: kdb> go cbou:~$ id uid=0(root) gid=0(root) groups=0(root) cbou:~$ bash root:~# p.s. No distro enables kdb by default (although, with a nice KDB-over-KMS feature availability, I would expect at least some would enable it), so it's not actually some kind of a major issue. Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org> Signed-off-by: John Stultz <john.stultz@linaro.org> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |
||
|
Daniel Thompson
|
9452e977ac |
kdb: Categorize kdb commands (similar to SysRq categorization)
This patch introduces several new flags to collect kdb commands into
groups (later allowing them to be optionally disabled).
This follows similar prior art to enable/disable magic sysrq
commands.
The commands have been categorized as follows:
Always on: go (w/o args), env, set, help, ?, cpu (w/o args), sr,
dmesg, disable_nmi, defcmd, summary, grephelp
Mem read: md, mdr, mdp, mds, ef, bt (with args), per_cpu
Mem write: mm
Reg read: rd
Reg write: go (with args), rm
Inspect: bt (w/o args), btp, bta, btc, btt, ps, pid, lsmod
Flow ctrl: bp, bl, bph, bc, be, bd, ss
Signal: kill
Reboot: reboot
All: cpu, kgdb, (and all of the above), nmi_console
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Cc: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
|
||
|
Anton Vorontsov
|
e8ab24d9b0 |
kdb: Remove KDB_REPEAT_NONE flag
Since we now treat KDB_REPEAT_* as flags, there is no need to pass KDB_REPEAT_NONE. It's just the default behaviour when no flags are specified. Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org> Signed-off-by: John Stultz <john.stultz@linaro.org> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Cc: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Jason Wessel <jason.wessel@windriver.com> |