* keystone/mirror-android13-5.15:
ANDROID: export find_user() & free_uid()for GKI purpose.
ANDROID: freezer: export the freezer_cgrp_subsys for GKI purpose.
ANDROID: GKI: update xiaomi symbol list
ANDROID: ABI: Update symbols to unisoc whitelist for the sysdump 1st
BACKPORT: locking: Add missing __sched attributes
ANDROID: export cpuset_cpus_allowed()for GKI purpose.
ANDROID: power: Add vendor hook to qos for GKI purpose.
ANDROID: sched: Gate sched_stat tracepoint exports on CONFIG_SCHEDSTATS
ANDROID: vendor_hooks: Export the tracepoints sched_stat_iowait, sched_stat_blocked, sched_stat_wait to let modules probe them
ANDROID: firmware_loader: Replace use of strcpy and strncpy with strscpy
ANDROID: vendor_hooks: Add hooks for binder
ANDROID: Update symbol list for mtk
ANDROID: sched: add vendor hook to set_cpus_allowed
ANDROID: ABI: Update symbols to unisoc whitelist for the wlan first
ANDROID: KVM: arm64: Fix error handling in pKVM FF-A proxy
ANDROID: workqueue: export symbol of the function wq_worker_comm()
Signed-off-by: keystone-kernel-automerger <keystone-kernel-automerger@google.com>
Change-Id: I879c242383ca4fd4cef0de54fb7e11698c7fe18b
Exporting the symbol find_user()& free_uid(), in which ko module can get
user task information for tuning.
Bug: 183674818
Signed-off-by: lijianzhong <lijianzhong@xiaomi.com>
Change-Id: I12135c0af312904dd21b6f074beda086ad5ece98
(cherry picked from commit 16350016d8a3678da5012343ca00fa9918340c83)
Exporting the symbol freezer_cgrp_subsys, in that vendor module can
add can_attach & cancel_attach member function. It is vendor-specific
tuning.
Bug: 182496370
Signed-off-by: Zhuguangqing <zhuguangqing@xiaomi.com>
Change-Id: I153682b9d1015eed3f048b45ea6495ebb8f3c261
(cherry picked from commit ee3f4d2821f5b2a794f0a1f5ed423f561a01adae)
This patch adds __sched attributes to a few missing places
to show blocked function rather than locking function
in get_wchan.
Signed-off-by: Minchan Kim <minchan@kernel.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lkml.kernel.org/r/20220115231657.84828-1-minchan@kernel.org
Conflicts:
kernel/locking/percpu-rwsem.c
1. conflict <linux/sched/debug.h>
Bug: 228243692
Change-Id: Ifb50c13cfdd7484269d9a291a8da515e1cce6a7b
(cherry picked from commit c441e934b604a3b5f350a9104124cf6a3ba07a34)
Signed-off-by: Minchan Kim <minchan@google.com>
commit f858c2b2ca04fc7ead291821a793638ae120c11d upstream.
The verifier allows programs to call global functions as long as their
argument types match, using BTF to check the function arguments. One of the
allowed argument types to such global functions is PTR_TO_CTX; however the
check for this fails on BPF_PROG_TYPE_EXT functions because the verifier
uses the wrong type to fetch the vmlinux BTF ID for the program context
type. This failure is seen when an XDP program is loaded using
libxdp (which loads it as BPF_PROG_TYPE_EXT and attaches it to a global XDP
type program).
Fix the issue by passing in the target program type instead of the
BPF_PROG_TYPE_EXT type to bpf_prog_get_ctx() when checking function
argument compatibility.
The first Fixes tag refers to the latest commit that touched the code in
question, while the second one points to the code that first introduced
the global function call verification.
v2:
- Use resolve_prog_type()
Fixes: 3363bd0cfbb8 ("bpf: Extend kfunc with PTR_TO_CTX, PTR_TO_MEM argument support")
Fixes: 51c39bb1d5 ("bpf: Introduce function-by-function verification")
Reported-by: Simon Sundberg <simon.sundberg@kau.se>
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20220606075253.28422-1-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
[ backport: open-code missing resolve_prog_type() helper, resolve context diff ]
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
We can't add more values to the cpuhp_state enum, lest we break some
vendor module. So instead break out existing steps into helper functions
which call both steps. Fortunately none of these steps return anything
other than 0, so we don't need to worry about rollback.
Bug: 161946584
Fixes: 144c1e7ecf ("random: clear fast pool, crng, and batches in cpuhp bring up")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Icaa61291207d799bab741be7bab2b636cda09422
Exporting the symbol cpuset_cpus_allowed(), in which ko module can do
cpuset operation in vendor hook related code.
Bug: 189725786
Signed-off-by: lijianzhong <lijianzhong@xiaomi.com>
Change-Id: I7919a893ab64bb441ab43cbb0b16825ed76d802d
(cherry picked from commit a685bf3fce625a5ce3675b3bcf73266a759e5fbd)
Add the vendor hook to qos.c, because of some special cases related to
our feature. we add the hook at freq_qos_add_request and remove_request
to make sure we can go to our own qos process logic.
Bug: 187458531
Signed-off-by: heshuai1 <heshuai1@xiaomi.com>
Change-Id: I1fb8fd6134432ecfb44ad242c66ccd8280ab9b43
When CONFIG_SCHEDSTATS is not set, the build breaks because
DEFINE_EVENT_SCHEDSTAT evaluates to DEFINE_EVENT_NOP, which only defines
trace_<name>, not __tracepoint_<name>, __traceiter_<name>, and
_SCK__tp_func_<name> like DEFINE_EVENT.
Gate these exports on CONFIG_SCHEDSTATS so all of the exported symbols
are defined.
Change-Id: I38056ee1446e6c149686ce1905c2ba6e4ea5e59e
Fixes: a6bb1af39d11 ("ANDROID: vendor_hooks: Export the tracepoints sched_stat_iowait, sched_stat_blocked, sched_stat_wait to let modules probe them")
Link: https://github.com/ClangBuiltLinux/continuous-integration2/runs/2724257445?check_suite_focus=true
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
Get task info about scheduling delay, iowait, and block time.
Bug: 189415303
Change-Id: Ib6b548f8a78de5b26d555e9a89e3cc79ea2d1024
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
(cherry picked from commit a6bb1af39d11ef0360cb34bb31b7224ca4db031f)
Add new vendor hook when set affinity to detect task status
for performance tuning.
Bug: 236775946
Change-Id: I407637c85e2ea93585877312f090981fee848979
Signed-off-by: Jing-Ting Wu <Jing-Ting.Wu@mediatek.com>
Export symbol of the function wq_worker_comm() in kernel/workqueue.c for dlkm to get the description of the kworker process.
Bug: 208394207
Signed-off-by: zhengding chen <chenzhengding@oppo.com>
Change-Id: I2e7ddd52a15e22e99e6596f16be08243af1bb473
(cherry picked from commit 28de74186185e339123c86984729818d0d2d7f43)
commit 57cd6d157eb479f0a8e820fd36b7240845c8a937 upstream.
RCU_NONIDLE usage during __cfi_slowpath_diag can result in an invalid
RCU state in the cpuidle code path:
WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcu_eqs_enter+0xe4/0x138
...
Call trace:
rcu_eqs_enter+0xe4/0x138
rcu_idle_enter+0xa8/0x100
cpuidle_enter_state+0x154/0x3a8
cpuidle_enter+0x3c/0x58
do_idle.llvm.6590768638138871020+0x1f4/0x2ec
cpu_startup_entry+0x28/0x2c
secondary_start_kernel+0x1b8/0x220
__secondary_switched+0x94/0x98
Instead, call rcu_irq_enter/exit to wake up RCU only when needed and
disable interrupts for the entire CFI shadow/module check when we do.
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Link: https://lore.kernel.org/r/20220531175910.890307-1-samitolvanen@google.com
Fixes: cf68fffb66 ("add support for Clang CFI")
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[ Upstream commit 04193d590b390ec7a0592630f46d559ec6564ba1 ]
The purpose of balance_push() is to act as a filter on task selection
in the case of CPU hotplug, specifically when taking the CPU out.
It does this by (ab)using the balance callback infrastructure, with
the express purpose of keeping all the unlikely/odd cases in a single
place.
In order to serve its purpose, the balance_push_callback needs to be
(exclusively) on the callback list at all times (noting that the
callback always places itself back on the list the moment it runs,
also noting that when the CPU goes down, regular balancing concerns
are moot, so ignoring them is fine).
And here-in lies the problem, __sched_setscheduler()'s use of
splice_balance_callbacks() takes the callbacks off the list across a
lock-break, making it possible for, an interleaving, __schedule() to
see an empty list and not get filtered.
Fixes: ae79270232 ("sched: Optimize finish_lock_switch()")
Reported-by: Jing-Ting Wu <jing-ting.wu@mediatek.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Jing-Ting Wu <jing-ting.wu@mediatek.com>
Link: https://lkml.kernel.org/r/20220519134706.GH2578@worktop.programming.kicks-ass.net
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit e19f8fa6ce1ca9b8b934ba7d2e8f34c95abc6e60 ]
Limit the error msg to avoid flooding the console. If you have a lot of
threads hitting this at once, they could have already gotten passed the
dma_debug_disabled() check before they get to the point of allocation
failure, resulting in quite a lot of this error message spamming the
log. Use pr_err_once() to limit that.
Signed-off-by: Rob Clark <robdclark@chromium.org>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
check_sync() checks for whether device driver DMA sync sg list entry count equals to map sg list entry count, but in struct dma_buf_ops, there has below interface:
int (*begin_cpu_access_partial)
int (*end_cpu_access_partial)
When vendor implement these interface in dma heap to support dma-buf partial cache sync for performance improvement, in dma_buf_ops of heap, we copy a sgtable from orginal sgtable but with necessary nents, it will less then nents used in map attachment, in the way, the following warning had occurred:
DMA-API: device_xxx: device driver syncs DMA sg list with different entry count [map count=5] [sync count=1]
Call trace:
check_sync+0x6d8/0xb40
debug_dma_sync_sg_for_cpu+0x114/0x16c
dma_sync_sg_for_cpu+0xa0/0xe4
So need change check conditation in check_sync to support dma-buf partial cache sync.
Bug: 236343688
Signed-off-by: Mingyuan Ma <mingyuan.ma@mediatek.com>
Signed-off-by: Yunfei Wang <yf.wang@mediatek.com>
Change-Id: I2f4db3b156e752eeb022927957f77a3fa534a573
Add vendor hook to determine if the memory of a process that received
the SIGKILL can be reaped.
Bug: 189803002
Bug: 236430563
Change-Id: Ie6802b9bf93ddffb0ceef615d7cca40c23219e57
Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>
Signed-off-by: Isaac J. Manjarres <quic_isaacm@quicinc.com>
The purpose of balance_push() is to act as a filter on task selection
in the case of CPU hotplug, specifically when taking the CPU out.
It does this by (ab)using the balance callback infrastructure, with
the express purpose of keeping all the unlikely/odd cases in a single
place.
In order to serve its purpose, the balance_push_callback needs to be
(exclusively) on the callback list at all times (noting that the
callback always places itself back on the list the moment it runs,
also noting that when the CPU goes down, regular balancing concerns
are moot, so ignoring them is fine).
And here-in lies the problem, __sched_setscheduler()'s use of
splice_balance_callbacks() takes the callbacks off the list across a
lock-break, making it possible for, an interleaving, __schedule() to
see an empty list and not get filtered.
Fixes: ae79270232 ("sched: Optimize finish_lock_switch()")
Reported-by: Jing-Ting Wu <jing-ting.wu@mediatek.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Jing-Ting Wu <jing-ting.wu@mediatek.com>
Link: https://lkml.kernel.org/r/20220519134706.GH2578@worktop.programming.kicks-ass.net
Bug: 231530208
(cherry picked from commit 04193d590b390ec7a0592630f46d559ec6564ba1)
Signed-off-by: Jing-Ting Wu <Jing-Ting.Wu@mediatek.com>
Signed-off-by: Carlos Llamas <cmllamas@google.com>
Change-Id: Iaf0a2920b74a043cf27125fbf16c22b59d14efdc
Changes in 5.15.44
HID: amd_sfh: Add support for sensor discovery
KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
ice: fix crash at allocation failure
ACPI: sysfs: Fix BERT error region memory mapping
MAINTAINERS: co-maintain random.c
MAINTAINERS: add git tree for random.c
lib/crypto: blake2s: include as built-in
lib/crypto: blake2s: move hmac construction into wireguard
lib/crypto: sha1: re-roll loops to reduce code size
lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
random: document add_hwgenerator_randomness() with other input functions
random: remove unused irq_flags argument from add_interrupt_randomness()
random: use BLAKE2s instead of SHA1 in extraction
random: do not sign extend bytes for rotation when mixing
random: do not re-init if crng_reseed completes before primary init
random: mix bootloader randomness into pool
random: harmonize "crng init done" messages
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
random: early initialization of ChaCha constants
random: avoid superfluous call to RDRAND in CRNG extraction
random: don't reset crng_init_cnt on urandom_read()
random: fix typo in comments
random: cleanup poolinfo abstraction
random: cleanup integer types
random: remove incomplete last_data logic
random: remove unused extract_entropy() reserved argument
random: rather than entropy_store abstraction, use global
random: remove unused OUTPUT_POOL constants
random: de-duplicate INPUT_POOL constants
random: prepend remaining pool constants with POOL_
random: cleanup fractional entropy shift constants
random: access input_pool_data directly rather than through pointer
random: selectively clang-format where it makes sense
random: simplify arithmetic function flow in account()
random: continually use hwgenerator randomness
random: access primary_pool directly rather than through pointer
random: only call crng_finalize_init() for primary_crng
random: use computational hash for entropy extraction
random: simplify entropy debiting
random: use linear min-entropy accumulation crediting
random: always wake up entropy writers after extraction
random: make credit_entropy_bits() always safe
random: remove use_input_pool parameter from crng_reseed()
random: remove batched entropy locking
random: fix locking in crng_fast_load()
random: use RDSEED instead of RDRAND in entropy extraction
random: get rid of secondary crngs
random: inline leaves of rand_initialize()
random: ensure early RDSEED goes through mixer on init
random: do not xor RDRAND when writing into /dev/random
random: absorb fast pool into input pool after fast load
random: use simpler fast key erasure flow on per-cpu keys
random: use hash function for crng_slow_load()
random: make more consistent use of integer types
random: remove outdated INT_MAX >> 6 check in urandom_read()
random: zero buffer after reading entropy from userspace
random: fix locking for crng_init in crng_reseed()
random: tie batched entropy generation to base_crng generation
random: remove ifdef'd out interrupt bench
random: remove unused tracepoints
random: add proper SPDX header
random: deobfuscate irq u32/u64 contributions
random: introduce drain_entropy() helper to declutter crng_reseed()
random: remove useless header comment
random: remove whitespace and reorder includes
random: group initialization wait functions
random: group crng functions
random: group entropy extraction functions
random: group entropy collection functions
random: group userspace read/write functions
random: group sysctl functions
random: rewrite header introductory comment
random: defer fast pool mixing to worker
random: do not take pool spinlock at boot
random: unify early init crng load accounting
random: check for crng_init == 0 in add_device_randomness()
random: pull add_hwgenerator_randomness() declaration into random.h
random: clear fast pool, crng, and batches in cpuhp bring up
random: round-robin registers as ulong, not u32
random: only wake up writers after zap if threshold was passed
random: cleanup UUID handling
random: unify cycles_t and jiffies usage and types
random: do crng pre-init loading in worker rather than irq
random: give sysctl_random_min_urandom_seed a more sensible value
random: don't let 644 read-only sysctls be written to
random: replace custom notifier chain with standard one
random: use SipHash as interrupt entropy accumulator
random: make consistent usage of crng_ready()
random: reseed more often immediately after booting
random: check for signal and try earlier when generating entropy
random: skip fast_init if hwrng provides large chunk of entropy
random: treat bootloader trust toggle the same way as cpu trust toggle
random: re-add removed comment about get_random_{u32,u64} reseeding
random: mix build-time latent entropy into pool at init
random: do not split fast init input in add_hwgenerator_randomness()
random: do not allow user to keep crng key around on stack
random: check for signal_pending() outside of need_resched() check
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
random: allow partial reads if later user copies fail
random: make random_get_entropy() return an unsigned long
random: document crng_fast_key_erasure() destination possibility
random: fix sysctl documentation nits
init: call time_init() before rand_initialize()
ia64: define get_cycles macro for arch-override
s390: define get_cycles macro for arch-override
parisc: define get_cycles macro for arch-override
alpha: define get_cycles macro for arch-override
powerpc: define get_cycles macro for arch-override
timekeeping: Add raw clock fallback for random_get_entropy()
m68k: use fallback for random_get_entropy() instead of zero
riscv: use fallback for random_get_entropy() instead of zero
mips: use fallback for random_get_entropy() instead of just c0 random
arm: use fallback for random_get_entropy() instead of zero
nios2: use fallback for random_get_entropy() instead of zero
x86/tsc: Use fallback for random_get_entropy() instead of zero
um: use fallback for random_get_entropy() instead of zero
sparc: use fallback for random_get_entropy() instead of zero
xtensa: use fallback for random_get_entropy() instead of zero
random: insist on random_get_entropy() existing in order to simplify
random: do not use batches when !crng_ready()
random: use first 128 bits of input as fast init
random: do not pretend to handle premature next security model
random: order timer entropy functions below interrupt functions
random: do not use input pool from hard IRQs
random: help compiler out with fast_mix() by using simpler arguments
siphash: use one source of truth for siphash permutations
random: use symbolic constants for crng_init states
random: avoid initializing twice in credit race
random: move initialization out of reseeding hot path
random: remove ratelimiting for in-kernel unseeded randomness
random: use proper jiffies comparison macro
random: handle latent entropy and command line from random_init()
random: credit architectural init the exact amount
random: use static branch for crng_ready()
random: remove extern from functions in header
random: use proper return types on get_random_{int,long}_wait()
random: make consistent use of buf and len
random: move initialization functions out of hot pages
random: move randomize_page() into mm where it belongs
random: unify batched entropy implementations
random: convert to using fops->read_iter()
random: convert to using fops->write_iter()
random: wire up fops->splice_{read,write}_iter()
random: check for signals after page of pool writes
ALSA: ctxfi: Add SB046x PCI ID
Linux 5.15.44
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I54546066f38abcce892689c492b3210ae380f851
* keystone/mirror-android13-5.15: (134 commits)
ANDROID: Enable GKI Dr. No Enforcement
ANDROID: GKI: 6/17/2022 KMI update
ANDROID: GKI: add PG_oem_reserved in enum pageflags
ANDROID: power: Add ANDROID_OEM_DATA_ARRAY in freq_qos_request.
FROMGIT: cgroup: Use separate src/dst nodes when preloading css_sets for migration
ANDROID: vendor_hooks: export hooks of mem_cgroup subsystem
ANDROID: vendor_hooks: add a field in pglist_data
ANDROID: Allow vendor module to reclaim a memcg
ANDROID: Export memcg functions to allow module to add new files
ANDROID: vendor_hooks: add hooks in mem_cgroup subsystem
ANDROID: ASoC: core- Add vendor data fields to support hostless DAI
ANDROID: GKI: Add ANDROID_OEM_DATA_ARRAY() in struct ufs_hba
ANDROID: gic-v3: Update vendor hook to set affinity in GIC v3
ANDROID: GKI: add ANDROID_OEM_DATA in struct bio
BACKPORT: FROMLIST: cfg80211: Indicate MLO connection info in connect and roam callbacks
BACKPORT: FROMGIT: wifi: cfg80211: add optional link add/remove callbacks
BACKPORT: FROMGIT: wifi: cfg80211: sort trace.h
BACKPORT: FROMGIT: wifi: nl80211: update add/remove link command
BACKPORT: FROMGIT: wifi: nl80211: support MLO in auth/assoc
BACKPORT: FROMGIT: wifi: cfg80211: simplify cfg80211_mlme_auth() prototype
...
Signed-off-by: keystone-kernel-automerger <keystone-kernel-automerger@google.com>
Change-Id: I7a277803e1f5510551edd14b2bd37d323d87d001
Each cset (css_set) is pinned by its tasks. When we're moving tasks around
across csets for a migration, we need to hold the source and destination
csets to ensure that they don't go away while we're moving tasks about. This
is done by linking cset->mg_preload_node on either the
mgctx->preloaded_src_csets or mgctx->preloaded_dst_csets list. Using the
same cset->mg_preload_node for both the src and dst lists was deemed okay as
a cset can't be both the source and destination at the same time.
Unfortunately, this overloading becomes problematic when multiple tasks are
involved in a migration and some of them are identity noop migrations while
others are actually moving across cgroups. For example, this can happen with
the following sequence on cgroup1:
#1> mkdir -p /sys/fs/cgroup/misc/a/b
#2> echo $$ > /sys/fs/cgroup/misc/a/cgroup.procs
#3> RUN_A_COMMAND_WHICH_CREATES_MULTIPLE_THREADS &
#4> PID=$!
#5> echo $PID > /sys/fs/cgroup/misc/a/b/tasks
#6> echo $PID > /sys/fs/cgroup/misc/a/cgroup.procs
the process including the group leader back into a. In this final migration,
non-leader threads would be doing identity migration while the group leader
is doing an actual one.
After #3, let's say the whole process was in cset A, and that after #4, the
leader moves to cset B. Then, during #6, the following happens:
1. cgroup_migrate_add_src() is called on B for the leader.
2. cgroup_migrate_add_src() is called on A for the other threads.
3. cgroup_migrate_prepare_dst() is called. It scans the src list.
4. It notices that B wants to migrate to A, so it tries to A to the dst
list but realizes that its ->mg_preload_node is already busy.
5. and then it notices A wants to migrate to A as it's an identity
migration, it culls it by list_del_init()'ing its ->mg_preload_node and
putting references accordingly.
6. The rest of migration takes place with B on the src list but nothing on
the dst list.
This means that A isn't held while migration is in progress. If all tasks
leave A before the migration finishes and the incoming task pins it, the
cset will be destroyed leading to use-after-free.
This is caused by overloading cset->mg_preload_node for both src and dst
preload lists. We wanted to exclude the cset from the src list but ended up
inadvertently excluding it from the dst list too.
This patch fixes the issue by separating out cset->mg_preload_node into
->mg_src_preload_node and ->mg_dst_preload_node, so that the src and dst
preloadings don't interfere with each other.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Mukesh Ojha <quic_mojha@quicinc.com>
Reported-by: shisiyuan <shisiyuan19870131@gmail.com>
Link: http://lkml.kernel.org/r/1654187688-27411-1-git-send-email-shisiyuan@xiaomi.com
Link: https://www.spinics.net/lists/cgroups/msg33313.html
Fixes: f817de9851 ("cgroup: prepare migration path for unified hierarchy")
Cc: stable@vger.kernel.org # v3.16+
(cherry picked from commit 07fd5b6cdf3cc30bfde8fe0f644771688be04447
https://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup.git for-5.19-fixes)
Bug: 235577024
Change-Id: Ieaf1c0c8fc23753570897fd6e48a54335ab939ce
Signed-off-by: Steve Muckle <smuckle@google.com>
Export cgroup_add_legacy_cftypes and a helper function to allow vendor module to expose additional files in the memory cgroup hierarchy.
Bug: 192052083
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
Change-Id: Ie2b936b3e77c7ab6d740d1bb6d70e03c70a326a7
(cherry picked from commit f41a95eadca98506e627b21f5cc73332bba4d95c)
Try to mitigate potential future driver core api changes by adding
padding to a number of core internal scheduler structures.
Bug: 151154716
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I0ef2f8dd5f3259dcf443c5045aa1e8505ed78a76
Add ANDROID_OEM_DATA to struct rq, which is used to implement oem's
scheduler tuning.
Bug: 188899490
Change-Id: I1904b4fd83effc4b309bfb98811e9718398504f4
Signed-off-by: Liangliang Li <liliangliang@vivo.com>
In order to prevent destruction of vma->vm_file while it's being used
during speculative page fault handling, introduce an atomic refcounter.
Bug: 234527424
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I0e971156f3e76feb45136bac1582a7eaab8c75df
commit 45ce4b4f9009102cd9f581196d480a59208690c1 upstream
When commit e6ac2450d6 ("bpf: Support bpf program calling kernel function") added
kfunc support, it defined reg2btf_ids as a cheap way to translate the verifier
reg type to the appropriate btf_vmlinux BTF ID, however
commit c25b2ae13603 ("bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL")
moved the __BPF_REG_TYPE_MAX from the last member of bpf_reg_type enum to after
the base register types, and defined other variants using type flag
composition. However, now, the direct usage of reg->type to index into
reg2btf_ids may no longer fall into __BPF_REG_TYPE_MAX range, and hence lead to
out of bounds access and kernel crash on dereference of bad pointer.
[backport note: commit 3363bd0cfbb80 ("bpf: Extend kfunc with PTR_TO_CTX, PTR_TO_MEM
argument support") was introduced after 5.15 and contains an out of bound
reg2btf_ids access. Since that commit hasn't been backported, this patch
doesn't include fix to that access. If we backport that commit in future,
we need to fix its faulting access as well.]
Fixes: c25b2ae13603 ("bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL")
Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20220216201943.624869-1-memxor@gmail.com
Cc: stable@vger.kernel.org # v5.15+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 8c39925e98)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I7e341206119c7cb3552e58bb3e1c453e97e78a77
commit 216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20 upstream.
Some helper functions may modify its arguments, for example,
bpf_d_path, bpf_get_stack etc. Previously, their argument types
were marked as ARG_PTR_TO_MEM, which is compatible with read-only
mem types, such as PTR_TO_RDONLY_BUF. Therefore it's legitimate,
but technically incorrect, to modify a read-only memory by passing
it into one of such helper functions.
This patch tags the bpf_args compatible with immutable memory with
MEM_RDONLY flag. The arguments that don't have this flag will be
only compatible with mutable memory types, preventing the helper
from modifying a read-only memory. The bpf_args that have
MEM_RDONLY are compatible with both mutable memory and immutable
memory.
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20211217003152.48334-9-haoluo@google.com
Cc: stable@vger.kernel.org # 5.15.x
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 2a77c58726)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id62021f1dde9eefc3148c877f5c1a68519a4b77f
commit 34d3a78c681e8e7844b43d1a2f4671a04249c821 upstream.
Tag the return type of {per, this}_cpu_ptr with RDONLY_MEM. The
returned value of this pair of helpers is kernel object, which
can not be updated by bpf programs. Previously these two helpers
return PTR_OT_MEM for kernel objects of scalar type, which allows
one to directly modify the memory. Now with RDONLY_MEM tagging,
the verifier will reject programs that write into RDONLY_MEM.
Fixes: 63d9b80dcf ("bpf: Introducte bpf_this_cpu_ptr()")
Fixes: eaa6bcb71e ("bpf: Introduce bpf_per_cpu_ptr()")
Fixes: 4976b718c3 ("bpf: Introduce pseudo_btf_id")
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20211217003152.48334-8-haoluo@google.com
Cc: stable@vger.kernel.org # 5.15.x
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 15166bb300)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia4b902ba12ab23cde1d0457e6619f42521032253
commit c25b2ae136039ffa820c26138ed4a5e5f3ab3841 upstream.
We have introduced a new type to make bpf_reg composable, by
allocating bits in the type to represent flags.
One of the flags is PTR_MAYBE_NULL which indicates a pointer
may be NULL. This patch switches the qualified reg_types to
use this flag. The reg_types changed in this patch include:
1. PTR_TO_MAP_VALUE_OR_NULL
2. PTR_TO_SOCKET_OR_NULL
3. PTR_TO_SOCK_COMMON_OR_NULL
4. PTR_TO_TCP_SOCK_OR_NULL
5. PTR_TO_BTF_ID_OR_NULL
6. PTR_TO_MEM_OR_NULL
7. PTR_TO_RDONLY_BUF_OR_NULL
8. PTR_TO_RDWR_BUF_OR_NULL
[haoluo: backport notes
There was a reg_type_may_be_null() in adjust_ptr_min_max_vals() in
5.15.x, but didn't exist in the upstream commit. This backport
converted that reg_type_may_be_null() to type_may_be_null() as well.]
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/r/20211217003152.48334-5-haoluo@google.com
Cc: stable@vger.kernel.org # 5.15.x
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 8d38cde47a)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iad81be90619024512c0fd7f23e7115aec60244a4
commit 3c4807322660d4290ac9062c034aed6b87243861 upstream.
We have introduced a new type to make bpf_ret composable, by
reserving high bits to represent flags.
One of the flag is PTR_MAYBE_NULL, which indicates a pointer
may be NULL. When applying this flag to ret_types, it means
the returned value could be a NULL pointer. This patch
switches the qualified arg_types to use this flag.
The ret_types changed in this patch include:
1. RET_PTR_TO_MAP_VALUE_OR_NULL
2. RET_PTR_TO_SOCKET_OR_NULL
3. RET_PTR_TO_TCP_SOCK_OR_NULL
4. RET_PTR_TO_SOCK_COMMON_OR_NULL
5. RET_PTR_TO_ALLOC_MEM_OR_NULL
6. RET_PTR_TO_MEM_OR_BTF_ID_OR_NULL
7. RET_PTR_TO_BTF_ID_OR_NULL
This patch doesn't eliminate the use of these names, instead
it makes them aliases to 'RET_PTR_TO_XXX | PTR_MAYBE_NULL'.
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20211217003152.48334-4-haoluo@google.com
Cc: stable@vger.kernel.org # 5.15.x
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 3c141c82b9)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8839f9896424565ee6cef8a6706d1c313886fea2
commit 48946bd6a5d695c50b34546864b79c1f910a33c1 upstream.
We have introduced a new type to make bpf_arg composable, by
reserving high bits of bpf_arg to represent flags of a type.
One of the flags is PTR_MAYBE_NULL which indicates a pointer
may be NULL. When applying this flag to an arg_type, it means
the arg can take NULL pointer. This patch switches the
qualified arg_types to use this flag. The arg_types changed
in this patch include:
1. ARG_PTR_TO_MAP_VALUE_OR_NULL
2. ARG_PTR_TO_MEM_OR_NULL
3. ARG_PTR_TO_CTX_OR_NULL
4. ARG_PTR_TO_SOCKET_OR_NULL
5. ARG_PTR_TO_ALLOC_MEM_OR_NULL
6. ARG_PTR_TO_STACK_OR_NULL
This patch does not eliminate the use of these arg_types, instead
it makes them an alias to the 'ARG_XXX | PTR_MAYBE_NULL'.
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20211217003152.48334-3-haoluo@google.com
Cc: stable@vger.kernel.org # 5.15.x
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit d58a396fa6)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie031a5f36d9bedda846800ea79da41cd2d68f1a9
* keystone/mirror-android13-5.15:
ANDROID: GKI: Update symbols to symbol list
FROMLIST: iommu/mediatek: Allow page table PA up to 35bit
FROMLIST: iommu/io-pgtable-arm-v7s: Add a quirk to allow pgtable PA up to 35bit
ANDROID: Add vendor hooks to signal.
ANDROID: ashmem: Export is_ashmem_file
ANDROID: vendor_hooks: bypass shrink slab
FROMLIST: devcoredump : Serialize devcd_del work
ANDROID: GKI: Update symbols list for vivo
ANDROID: ABI: Update symbols used by the unisoc filesystem whitelist for the 1st
FROMLIST: of: of_reserved_mem: Increase limit for reserved_mem regions
Signed-off-by: keystone-kernel-automerger <keystone-kernel-automerger@google.com>
Change-Id: Ifc427c44d02b7b2476acf7a7e90fa8b67d4bdc8f
Add vendor hook to get signal for vendor-specific tuning.
Conflicts:
drivers/android/vendor_hooks.c
Bug: 184898838
Signed-off-by: Zhuguangqing <zhuguangqing@xiaomi.com>
Change-Id: I83a28b0a6eb413976f4c57f2314d008ad792fa0d
(cherry picked from commit d623f1ff724d5cdc0913e020b2a1b562868aa4d8)
* keystone/mirror-android13-5.15:
ANDROID: GKI: Add symbol list file for vivo
ANDROID: Revert "tracing: Disable "other" permission bits in the tracefs files"
ANDROID: vendor_hooks: Add hook for binder
ANDROID: GKI: Update abi_gki_aarch64_qcom for devm_of_clk_del_provider
Revert "ANDROID: umh: Enable usermode helper for required use cases"
Signed-off-by: keystone-kernel-automerger <keystone-kernel-automerger@google.com>
Change-Id: Ib5a7ae8f71ef40accfac325f3c6d28e049956be1
This reverts commit 4e4f6e33d6.
The file permission changes break android userspace tools that depend on
tracefs on device with older platform release (Android 12/12L).
The removal of other bits from tracefs directory permissions are reverted in android13 kernels, so also revert the change for file permission bits. android14 kernels will align with upstream tracefs.
Bug: 236018289
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
Change-Id: If07ae097c2a45fa54163681df7790a6e2537ba31
This reverts commit c555553a40.
Reason for revert: The binaries, and /sbin/ is not even present on Android systems. This patch was never tested :(
Bug: 202192667
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia1c35eba4a89a62ba678d8004742563372d3d920
[ Upstream commit ef9188bcc6ca1d8a2ad83e826b548e6820721061 ]
To prepare for support asynchronous tracer_init_tracefs initcall,
avoid calling create_trace_option_files before __update_tracer_options.
Otherwise, create_trace_option_files will show warning because
some tracers in trace_types list are already in tr->topts.
For example, hwlat_tracer call register_tracer in late_initcall,
and global_trace.dir is already created in tracing_init_dentry,
hwlat_tracer will be put into tr->topts.
Then if the __update_tracer_options is executed after hwlat_tracer
registered, create_trace_option_files find that hwlat_tracer is
already in tr->topts.
Link: https://lkml.kernel.org/r/20220426122407.17042-2-mark-pk.tsai@mediatek.com
Link: https://lore.kernel.org/lkml/20220322133339.GA32582@xsang-OptiPlex-9020/
Reported-by: kernel test robot <oliver.sang@intel.com>
Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 12025abdc8539ed9d5014e2d647a3fd1bd3de5cd ]
When setting bootparams="trace_event=initcall:initcall_start tp_printk=1" in the
cmdline, the output_printk() was called, and the spin_lock_irqsave() was called in the
atomic and irq disable interrupt context suitation. On the PREEMPT_RT kernel,
these locks are replaced with sleepable rt-spinlock, so the stack calltrace will
be triggered.
Fix it by raw_spin_lock_irqsave when PREEMPT_RT and "trace_event=initcall:initcall_start
tp_printk=1" enabled.
BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper/0
preempt_count: 2, expected: 0
RCU nest depth: 0, expected: 0
Preemption disabled at:
[<ffffffff8992303e>] try_to_wake_up+0x7e/0xba0
CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.17.1-rt17+ #19 34c5812404187a875f32bee7977f7367f9679ea7
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014
Call Trace:
<TASK>
dump_stack_lvl+0x60/0x8c
dump_stack+0x10/0x12
__might_resched.cold+0x11d/0x155
rt_spin_lock+0x40/0x70
trace_event_buffer_commit+0x2fa/0x4c0
? map_vsyscall+0x93/0x93
trace_event_raw_event_initcall_start+0xbe/0x110
? perf_trace_initcall_finish+0x210/0x210
? probe_sched_wakeup+0x34/0x40
? ttwu_do_wakeup+0xda/0x310
? trace_hardirqs_on+0x35/0x170
? map_vsyscall+0x93/0x93
do_one_initcall+0x217/0x3c0
? trace_event_raw_event_initcall_level+0x170/0x170
? push_cpu_stop+0x400/0x400
? cblist_init_generic+0x241/0x290
kernel_init_freeable+0x1ac/0x347
? _raw_spin_unlock_irq+0x65/0x80
? rest_init+0xf0/0xf0
kernel_init+0x1e/0x150
ret_from_fork+0x22/0x30
</TASK>
Link: https://lkml.kernel.org/r/20220419013910.894370-1-jun.miao@intel.com
Signed-off-by: Jun Miao <jun.miao@intel.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit cb1c45fb68b8a4285ccf750842b1136f26cfe267 ]
Currently the tp_printk option has no effect on syscall tracepoint.
When adding the kernel option parameter tp_printk, then:
echo 1 > /sys/kernel/debug/tracing/events/syscalls/enable
When running any application, no trace information is printed on the
terminal.
Now added printk for syscall tracepoints.
Link: https://lkml.kernel.org/r/20220410145025.681144-1-xiehuan09@gmail.com
Signed-off-by: Jeff Xie <xiehuan09@gmail.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit caff1fa4118cec4dfd4336521ebd22a6408a1e3e ]
I think there is something wrong with BPF_PROBE_MEM in ___bpf_prog_run()
in big-endian machine. Let's make a test and see what will happen if we
want to load a 'u16' with BPF_PROBE_MEM.
Let's make the src value '0x0001', the value of dest register will become
0x0001000000000000, as the value will be loaded to the first 2 byte of
DST with following code:
bpf_probe_read_kernel(&DST, SIZE, (const void *)(long) (SRC + insn->off));
Obviously, the value in DST is not correct. In fact, we can compare
BPF_PROBE_MEM with LDX_MEM_H:
DST = *(SIZE *)(unsigned long) (SRC + insn->off);
If the memory load is done by LDX_MEM_H, the value in DST will be 0x1 now.
And I think this error results in the test case 'test_bpf_sk_storage_map'
failing:
test_bpf_sk_storage_map:PASS:bpf_iter_bpf_sk_storage_map__open_and_load 0 nsec
test_bpf_sk_storage_map:PASS:socket 0 nsec
test_bpf_sk_storage_map:PASS:map_update 0 nsec
test_bpf_sk_storage_map:PASS:socket 0 nsec
test_bpf_sk_storage_map:PASS:map_update 0 nsec
test_bpf_sk_storage_map:PASS:socket 0 nsec
test_bpf_sk_storage_map:PASS:map_update 0 nsec
test_bpf_sk_storage_map:PASS:attach_iter 0 nsec
test_bpf_sk_storage_map:PASS:create_iter 0 nsec
test_bpf_sk_storage_map:PASS:read 0 nsec
test_bpf_sk_storage_map:FAIL:ipv6_sk_count got 0 expected 3
$10/26 bpf_iter/bpf_sk_storage_map:FAIL
The code of the test case is simply, it will load sk->sk_family to the
register with BPF_PROBE_MEM and check if it is AF_INET6. With this patch,
now the test case 'bpf_iter' can pass:
$10 bpf_iter:OK
Fixes: 2a02759ef5 ("bpf: Add support for BTF pointers to interpreter")
Signed-off-by: Menglong Dong <imagedong@tencent.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Jiang Biao <benbjiang@tencent.com>
Reviewed-by: Hao Peng <flyingpeng@tencent.com>
Cc: Ilya Leoshkevich <iii@linux.ibm.com>
Link: https://lore.kernel.org/bpf/20220524021228.533216-1-imagedong@tencent.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
* keystone/mirror-android13-5.15:
ANDROID: mutex: Add vendor hook to init mutex oem data.
FROMLIST: scsi: ufs-mediatek: Introduce workaround for power mode change
FROMLIST: scsi: ufs: Fix ADAPT logic for HS-G5
FROMLIST: scsi: ufs: Export ufshcd_uic_change_pwr_mode()
ANDROID: Update symbol list for mtk
BACKPORT: FROMGIT: usb: dwc3: add power down scale setting
ANDROID: GKI: remove info print for header generation
UPSTREAM: gup: Introduce FOLL_NOFAULT flag to disable page faults
UPSTREAM: iomap: Support partial direct I/O on user copy failures
UPSTREAM: iomap: Fix iomap_dio_rw return value for user copies
UPSTREAM: gfs2: Fix mmap + page fault deadlocks for buffered I/O
UPSTREAM: gfs2: Eliminate ip->i_gh
UPSTREAM: gfs2: Move the inode glock locking to gfs2_file_buffered_write
UPSTREAM: gfs2: Introduce flag for glock holder auto-demotion
UPSTREAM: gfs2: Clean up function may_grant
UPSTREAM: gfs2: Add wrapper for iomap_file_buffered_write
UPSTREAM: iov_iter: Introduce fault_in_iov_iter_writeable
UPSTREAM: iov_iter: Turn iov_iter_fault_in_readable into fault_in_iov_iter_readable
UPSTREAM: gup: Turn fault_in_pages_{readable,writeable} into fault_in_{readable,writeable}
Signed-off-by: keystone-kernel-automerger <keystone-kernel-automerger@google.com>
Change-Id: Iea9bec48d51e927a7ae28683288934b0c512e50b
Add hooks to init oem data of mutex.
Bug: 231527236
Signed-off-by: Dezhi Huang <huangdezhi@hihonor.com>
Change-Id: Id0aeac168e81bd3d88051657c32ba709c329dbdd
* keystone/mirror-android13-5.15:
ANDROID: vendor_hooks: tune reclaim swappiness or scan type
FROMLIST: power_supply: Register cooling device outside of probe
ANDROID: vendor_hooks: Add hooks to tcp/udp send/recv msg functions.
ANDROID: GKI: Add vendor hook to binder transaction
ANDROID: binder: fix race in priority restore
ANDROID: binder: switch task argument for binder_thread
ANDROID: binder: pass desired priority by reference
ANDROID: binder: fold common setup of node_prio
ANDROID: vendor_hooks: Add hooks for account process tick
ANDROID: vendor_hooks: Add hooks for rwsem and mutex
UPSTREAM: usb: gadget: f_mass_storage: Make CD-ROM emulation work with Mac OS-X
ANDROID: Update symbol list for mtk
ANDROID: input: Add vendor hook for __pass_event in evdev.c
Signed-off-by: keystone-kernel-automerger <keystone-kernel-automerger@google.com>
Change-Id: Ifdaeb13b62dff3202821f7fd256947abd05dece6
Add a hook in account_process_tick, which help us to get information
about the high load task and the cpu they running on.
Bug: 183260319
Change-Id: I54162ce3c65bd69e08d2d4747e4d4883efe4c442
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
(cherry picked from commit 63399b4e2e25b0a1522deb724f1de269ac4c8f8b)
