Annotation of /trunk/kernel-magellan/patches-4.13/0104-4.13.5-all-fixes.patch
Parent Directory | Revision Log
Revision 2997 -
(hide annotations)
(download)
Mon Oct 9 08:50:17 2017 UTC (6 years, 11 months ago) by niro
File size: 151755 byte(s)
Mon Oct 9 08:50:17 2017 UTC (6 years, 11 months ago) by niro
File size: 151755 byte(s)
-linux-4.13.5
1 | niro | 2997 | diff --git a/Makefile b/Makefile |
2 | index 159901979dec..189f1a748e4c 100644 | ||
3 | --- a/Makefile | ||
4 | +++ b/Makefile | ||
5 | @@ -1,6 +1,6 @@ | ||
6 | VERSION = 4 | ||
7 | PATCHLEVEL = 13 | ||
8 | -SUBLEVEL = 4 | ||
9 | +SUBLEVEL = 5 | ||
10 | EXTRAVERSION = | ||
11 | NAME = Fearless Coyote | ||
12 | |||
13 | diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h | ||
14 | index 6eae342ced6b..8d9832870ff4 100644 | ||
15 | --- a/arch/arm64/include/asm/pgtable.h | ||
16 | +++ b/arch/arm64/include/asm/pgtable.h | ||
17 | @@ -412,7 +412,7 @@ static inline phys_addr_t pmd_page_paddr(pmd_t pmd) | ||
18 | /* Find an entry in the third-level page table. */ | ||
19 | #define pte_index(addr) (((addr) >> PAGE_SHIFT) & (PTRS_PER_PTE - 1)) | ||
20 | |||
21 | -#define pte_offset_phys(dir,addr) (pmd_page_paddr(*(dir)) + pte_index(addr) * sizeof(pte_t)) | ||
22 | +#define pte_offset_phys(dir,addr) (pmd_page_paddr(READ_ONCE(*(dir))) + pte_index(addr) * sizeof(pte_t)) | ||
23 | #define pte_offset_kernel(dir,addr) ((pte_t *)__va(pte_offset_phys((dir), (addr)))) | ||
24 | |||
25 | #define pte_offset_map(dir,addr) pte_offset_kernel((dir), (addr)) | ||
26 | diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S | ||
27 | index adb0910b88f5..8c908829d3c4 100644 | ||
28 | --- a/arch/arm64/kernel/head.S | ||
29 | +++ b/arch/arm64/kernel/head.S | ||
30 | @@ -381,6 +381,7 @@ ENTRY(kimage_vaddr) | ||
31 | * booted in EL1 or EL2 respectively. | ||
32 | */ | ||
33 | ENTRY(el2_setup) | ||
34 | + msr SPsel, #1 // We want to use SP_EL{1,2} | ||
35 | mrs x0, CurrentEL | ||
36 | cmp x0, #CurrentEL_EL2 | ||
37 | b.eq 1f | ||
38 | diff --git a/arch/arm64/mm/fault.c b/arch/arm64/mm/fault.c | ||
39 | index 1f22a41565a3..92f3bc3bc74e 100644 | ||
40 | --- a/arch/arm64/mm/fault.c | ||
41 | +++ b/arch/arm64/mm/fault.c | ||
42 | @@ -614,7 +614,7 @@ static const struct fault_info fault_info[] = { | ||
43 | { do_translation_fault, SIGSEGV, SEGV_MAPERR, "level 0 translation fault" }, | ||
44 | { do_translation_fault, SIGSEGV, SEGV_MAPERR, "level 1 translation fault" }, | ||
45 | { do_translation_fault, SIGSEGV, SEGV_MAPERR, "level 2 translation fault" }, | ||
46 | - { do_page_fault, SIGSEGV, SEGV_MAPERR, "level 3 translation fault" }, | ||
47 | + { do_translation_fault, SIGSEGV, SEGV_MAPERR, "level 3 translation fault" }, | ||
48 | { do_bad, SIGBUS, 0, "unknown 8" }, | ||
49 | { do_page_fault, SIGSEGV, SEGV_ACCERR, "level 1 access flag fault" }, | ||
50 | { do_page_fault, SIGSEGV, SEGV_ACCERR, "level 2 access flag fault" }, | ||
51 | diff --git a/arch/mips/kernel/perf_event_mipsxx.c b/arch/mips/kernel/perf_event_mipsxx.c | ||
52 | index 9e6c74bf66c4..6668f67a61c3 100644 | ||
53 | --- a/arch/mips/kernel/perf_event_mipsxx.c | ||
54 | +++ b/arch/mips/kernel/perf_event_mipsxx.c | ||
55 | @@ -618,8 +618,7 @@ static int mipspmu_event_init(struct perf_event *event) | ||
56 | return -ENOENT; | ||
57 | } | ||
58 | |||
59 | - if ((unsigned int)event->cpu >= nr_cpumask_bits || | ||
60 | - (event->cpu >= 0 && !cpu_online(event->cpu))) | ||
61 | + if (event->cpu >= 0 && !cpu_online(event->cpu)) | ||
62 | return -ENODEV; | ||
63 | |||
64 | if (!atomic_inc_not_zero(&active_events)) { | ||
65 | diff --git a/arch/powerpc/kernel/eeh.c b/arch/powerpc/kernel/eeh.c | ||
66 | index 63992b2d8e15..f27eecd5ec7f 100644 | ||
67 | --- a/arch/powerpc/kernel/eeh.c | ||
68 | +++ b/arch/powerpc/kernel/eeh.c | ||
69 | @@ -1018,6 +1018,10 @@ int eeh_init(void) | ||
70 | } else if ((ret = eeh_ops->init())) | ||
71 | return ret; | ||
72 | |||
73 | + /* Initialize PHB PEs */ | ||
74 | + list_for_each_entry_safe(hose, tmp, &hose_list, list_node) | ||
75 | + eeh_dev_phb_init_dynamic(hose); | ||
76 | + | ||
77 | /* Initialize EEH event */ | ||
78 | ret = eeh_event_init(); | ||
79 | if (ret) | ||
80 | diff --git a/arch/powerpc/kernel/eeh_dev.c b/arch/powerpc/kernel/eeh_dev.c | ||
81 | index d6b2ca70d14d..0820b73288c0 100644 | ||
82 | --- a/arch/powerpc/kernel/eeh_dev.c | ||
83 | +++ b/arch/powerpc/kernel/eeh_dev.c | ||
84 | @@ -83,21 +83,3 @@ void eeh_dev_phb_init_dynamic(struct pci_controller *phb) | ||
85 | /* EEH PE for PHB */ | ||
86 | eeh_phb_pe_create(phb); | ||
87 | } | ||
88 | - | ||
89 | -/** | ||
90 | - * eeh_dev_phb_init - Create EEH devices for devices included in existing PHBs | ||
91 | - * | ||
92 | - * Scan all the existing PHBs and create EEH devices for their OF | ||
93 | - * nodes and their children OF nodes | ||
94 | - */ | ||
95 | -static int __init eeh_dev_phb_init(void) | ||
96 | -{ | ||
97 | - struct pci_controller *phb, *tmp; | ||
98 | - | ||
99 | - list_for_each_entry_safe(phb, tmp, &hose_list, list_node) | ||
100 | - eeh_dev_phb_init_dynamic(phb); | ||
101 | - | ||
102 | - return 0; | ||
103 | -} | ||
104 | - | ||
105 | -core_initcall(eeh_dev_phb_init); | ||
106 | diff --git a/arch/powerpc/kernel/ptrace.c b/arch/powerpc/kernel/ptrace.c | ||
107 | index 660ed39e9c9a..b8d4f07f332c 100644 | ||
108 | --- a/arch/powerpc/kernel/ptrace.c | ||
109 | +++ b/arch/powerpc/kernel/ptrace.c | ||
110 | @@ -131,7 +131,7 @@ static void flush_tmregs_to_thread(struct task_struct *tsk) | ||
111 | * in the appropriate thread structures from live. | ||
112 | */ | ||
113 | |||
114 | - if (tsk != current) | ||
115 | + if ((!cpu_has_feature(CPU_FTR_TM)) || (tsk != current)) | ||
116 | return; | ||
117 | |||
118 | if (MSR_TM_SUSPENDED(mfmsr())) { | ||
119 | diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c | ||
120 | index 359c79cdf0cc..9ecd9aea0b54 100644 | ||
121 | --- a/arch/powerpc/kvm/book3s_hv.c | ||
122 | +++ b/arch/powerpc/kvm/book3s_hv.c | ||
123 | @@ -4187,11 +4187,13 @@ static int kvmhv_configure_mmu(struct kvm *kvm, struct kvm_ppc_mmuv3_cfg *cfg) | ||
124 | if ((cfg->process_table & PRTS_MASK) > 24) | ||
125 | return -EINVAL; | ||
126 | |||
127 | + mutex_lock(&kvm->lock); | ||
128 | kvm->arch.process_table = cfg->process_table; | ||
129 | kvmppc_setup_partition_table(kvm); | ||
130 | |||
131 | lpcr = (cfg->flags & KVM_PPC_MMUV3_GTSE) ? LPCR_GTSE : 0; | ||
132 | kvmppc_update_lpcr(kvm, lpcr, LPCR_GTSE); | ||
133 | + mutex_unlock(&kvm->lock); | ||
134 | |||
135 | return 0; | ||
136 | } | ||
137 | diff --git a/arch/powerpc/kvm/book3s_hv_rm_xive.c b/arch/powerpc/kvm/book3s_hv_rm_xive.c | ||
138 | index abf5f01b6eb1..5b81a807d742 100644 | ||
139 | --- a/arch/powerpc/kvm/book3s_hv_rm_xive.c | ||
140 | +++ b/arch/powerpc/kvm/book3s_hv_rm_xive.c | ||
141 | @@ -38,7 +38,6 @@ static inline void __iomem *get_tima_phys(void) | ||
142 | #define __x_tima get_tima_phys() | ||
143 | #define __x_eoi_page(xd) ((void __iomem *)((xd)->eoi_page)) | ||
144 | #define __x_trig_page(xd) ((void __iomem *)((xd)->trig_page)) | ||
145 | -#define __x_readb __raw_rm_readb | ||
146 | #define __x_writeb __raw_rm_writeb | ||
147 | #define __x_readw __raw_rm_readw | ||
148 | #define __x_readq __raw_rm_readq | ||
149 | diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S | ||
150 | index 9c9c983b864f..dc58c2a560f9 100644 | ||
151 | --- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S | ||
152 | +++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S | ||
153 | @@ -765,6 +765,9 @@ END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S) | ||
154 | |||
155 | #ifdef CONFIG_PPC_TRANSACTIONAL_MEM | ||
156 | BEGIN_FTR_SECTION | ||
157 | + /* | ||
158 | + * NOTE THAT THIS TRASHES ALL NON-VOLATILE REGISTERS INCLUDING CR | ||
159 | + */ | ||
160 | bl kvmppc_restore_tm | ||
161 | END_FTR_SECTION_IFSET(CPU_FTR_TM) | ||
162 | #endif | ||
163 | @@ -1623,6 +1626,9 @@ END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_300) | ||
164 | |||
165 | #ifdef CONFIG_PPC_TRANSACTIONAL_MEM | ||
166 | BEGIN_FTR_SECTION | ||
167 | + /* | ||
168 | + * NOTE THAT THIS TRASHES ALL NON-VOLATILE REGISTERS INCLUDING CR | ||
169 | + */ | ||
170 | bl kvmppc_save_tm | ||
171 | END_FTR_SECTION_IFSET(CPU_FTR_TM) | ||
172 | #endif | ||
173 | @@ -1742,7 +1748,10 @@ END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300) | ||
174 | /* | ||
175 | * Are we running hash or radix ? | ||
176 | */ | ||
177 | - beq cr2,3f | ||
178 | + ld r5, VCPU_KVM(r9) | ||
179 | + lbz r0, KVM_RADIX(r5) | ||
180 | + cmpwi cr2, r0, 0 | ||
181 | + beq cr2, 3f | ||
182 | |||
183 | /* Radix: Handle the case where the guest used an illegal PID */ | ||
184 | LOAD_REG_ADDR(r4, mmu_base_pid) | ||
185 | @@ -2459,6 +2468,9 @@ _GLOBAL(kvmppc_h_cede) /* r3 = vcpu pointer, r11 = msr, r13 = paca */ | ||
186 | |||
187 | #ifdef CONFIG_PPC_TRANSACTIONAL_MEM | ||
188 | BEGIN_FTR_SECTION | ||
189 | + /* | ||
190 | + * NOTE THAT THIS TRASHES ALL NON-VOLATILE REGISTERS INCLUDING CR | ||
191 | + */ | ||
192 | ld r9, HSTATE_KVM_VCPU(r13) | ||
193 | bl kvmppc_save_tm | ||
194 | END_FTR_SECTION_IFSET(CPU_FTR_TM) | ||
195 | @@ -2569,6 +2581,9 @@ kvm_end_cede: | ||
196 | |||
197 | #ifdef CONFIG_PPC_TRANSACTIONAL_MEM | ||
198 | BEGIN_FTR_SECTION | ||
199 | + /* | ||
200 | + * NOTE THAT THIS TRASHES ALL NON-VOLATILE REGISTERS INCLUDING CR | ||
201 | + */ | ||
202 | bl kvmppc_restore_tm | ||
203 | END_FTR_SECTION_IFSET(CPU_FTR_TM) | ||
204 | #endif | ||
205 | diff --git a/arch/powerpc/kvm/book3s_xive.c b/arch/powerpc/kvm/book3s_xive.c | ||
206 | index 08b200a0bbce..13304622ab1c 100644 | ||
207 | --- a/arch/powerpc/kvm/book3s_xive.c | ||
208 | +++ b/arch/powerpc/kvm/book3s_xive.c | ||
209 | @@ -48,7 +48,6 @@ | ||
210 | #define __x_tima xive_tima | ||
211 | #define __x_eoi_page(xd) ((void __iomem *)((xd)->eoi_mmio)) | ||
212 | #define __x_trig_page(xd) ((void __iomem *)((xd)->trig_mmio)) | ||
213 | -#define __x_readb __raw_readb | ||
214 | #define __x_writeb __raw_writeb | ||
215 | #define __x_readw __raw_readw | ||
216 | #define __x_readq __raw_readq | ||
217 | diff --git a/arch/powerpc/kvm/book3s_xive_template.c b/arch/powerpc/kvm/book3s_xive_template.c | ||
218 | index d1ed2c41b5d2..c7a5deadd1cc 100644 | ||
219 | --- a/arch/powerpc/kvm/book3s_xive_template.c | ||
220 | +++ b/arch/powerpc/kvm/book3s_xive_template.c | ||
221 | @@ -28,7 +28,8 @@ static void GLUE(X_PFX,ack_pending)(struct kvmppc_xive_vcpu *xc) | ||
222 | * bit. | ||
223 | */ | ||
224 | if (cpu_has_feature(CPU_FTR_POWER9_DD1)) { | ||
225 | - u8 pipr = __x_readb(__x_tima + TM_QW1_OS + TM_PIPR); | ||
226 | + __be64 qw1 = __x_readq(__x_tima + TM_QW1_OS); | ||
227 | + u8 pipr = be64_to_cpu(qw1) & 0xff; | ||
228 | if (pipr >= xc->hw_cppr) | ||
229 | return; | ||
230 | } | ||
231 | @@ -336,7 +337,6 @@ X_STATIC unsigned long GLUE(X_PFX,h_ipoll)(struct kvm_vcpu *vcpu, unsigned long | ||
232 | struct kvmppc_xive_vcpu *xc = vcpu->arch.xive_vcpu; | ||
233 | u8 pending = xc->pending; | ||
234 | u32 hirq; | ||
235 | - u8 pipr; | ||
236 | |||
237 | pr_devel("H_IPOLL(server=%ld)\n", server); | ||
238 | |||
239 | @@ -353,7 +353,8 @@ X_STATIC unsigned long GLUE(X_PFX,h_ipoll)(struct kvm_vcpu *vcpu, unsigned long | ||
240 | pending = 0xff; | ||
241 | } else { | ||
242 | /* Grab pending interrupt if any */ | ||
243 | - pipr = __x_readb(__x_tima + TM_QW1_OS + TM_PIPR); | ||
244 | + __be64 qw1 = __x_readq(__x_tima + TM_QW1_OS); | ||
245 | + u8 pipr = be64_to_cpu(qw1) & 0xff; | ||
246 | if (pipr < 8) | ||
247 | pending |= 1 << pipr; | ||
248 | } | ||
249 | diff --git a/arch/powerpc/platforms/pseries/mobility.c b/arch/powerpc/platforms/pseries/mobility.c | ||
250 | index 2da4851eff99..37f622444a04 100644 | ||
251 | --- a/arch/powerpc/platforms/pseries/mobility.c | ||
252 | +++ b/arch/powerpc/platforms/pseries/mobility.c | ||
253 | @@ -226,8 +226,10 @@ static int add_dt_node(__be32 parent_phandle, __be32 drc_index) | ||
254 | return -ENOENT; | ||
255 | |||
256 | dn = dlpar_configure_connector(drc_index, parent_dn); | ||
257 | - if (!dn) | ||
258 | + if (!dn) { | ||
259 | + of_node_put(parent_dn); | ||
260 | return -ENOENT; | ||
261 | + } | ||
262 | |||
263 | rc = dlpar_attach_node(dn); | ||
264 | if (rc) | ||
265 | diff --git a/arch/s390/include/asm/pgtable.h b/arch/s390/include/asm/pgtable.h | ||
266 | index 65ab11d654e1..80c1583d033f 100644 | ||
267 | --- a/arch/s390/include/asm/pgtable.h | ||
268 | +++ b/arch/s390/include/asm/pgtable.h | ||
269 | @@ -1462,7 +1462,9 @@ static inline pmd_t pmdp_huge_clear_flush(struct vm_area_struct *vma, | ||
270 | static inline void pmdp_invalidate(struct vm_area_struct *vma, | ||
271 | unsigned long addr, pmd_t *pmdp) | ||
272 | { | ||
273 | - pmdp_xchg_direct(vma->vm_mm, addr, pmdp, __pmd(_SEGMENT_ENTRY_EMPTY)); | ||
274 | + pmd_t pmd = __pmd(pmd_val(*pmdp) | _SEGMENT_ENTRY_INVALID); | ||
275 | + | ||
276 | + pmdp_xchg_direct(vma->vm_mm, addr, pmdp, pmd); | ||
277 | } | ||
278 | |||
279 | #define __HAVE_ARCH_PMDP_SET_WRPROTECT | ||
280 | diff --git a/arch/s390/kernel/perf_cpum_sf.c b/arch/s390/kernel/perf_cpum_sf.c | ||
281 | index c1bf75ffb875..7e1e40323b78 100644 | ||
282 | --- a/arch/s390/kernel/perf_cpum_sf.c | ||
283 | +++ b/arch/s390/kernel/perf_cpum_sf.c | ||
284 | @@ -823,9 +823,12 @@ static int cpumsf_pmu_event_init(struct perf_event *event) | ||
285 | } | ||
286 | |||
287 | /* Check online status of the CPU to which the event is pinned */ | ||
288 | - if ((unsigned int)event->cpu >= nr_cpumask_bits || | ||
289 | - (event->cpu >= 0 && !cpu_online(event->cpu))) | ||
290 | - return -ENODEV; | ||
291 | + if (event->cpu >= 0) { | ||
292 | + if ((unsigned int)event->cpu >= nr_cpumask_bits) | ||
293 | + return -ENODEV; | ||
294 | + if (!cpu_online(event->cpu)) | ||
295 | + return -ENODEV; | ||
296 | + } | ||
297 | |||
298 | /* Force reset of idle/hv excludes regardless of what the | ||
299 | * user requested. | ||
300 | diff --git a/arch/s390/mm/gup.c b/arch/s390/mm/gup.c | ||
301 | index 8ecc25e760fa..98ffe3ee9411 100644 | ||
302 | --- a/arch/s390/mm/gup.c | ||
303 | +++ b/arch/s390/mm/gup.c | ||
304 | @@ -56,13 +56,12 @@ static inline int gup_pte_range(pmd_t *pmdp, pmd_t pmd, unsigned long addr, | ||
305 | static inline int gup_huge_pmd(pmd_t *pmdp, pmd_t pmd, unsigned long addr, | ||
306 | unsigned long end, int write, struct page **pages, int *nr) | ||
307 | { | ||
308 | - unsigned long mask, result; | ||
309 | struct page *head, *page; | ||
310 | + unsigned long mask; | ||
311 | int refs; | ||
312 | |||
313 | - result = write ? 0 : _SEGMENT_ENTRY_PROTECT; | ||
314 | - mask = result | _SEGMENT_ENTRY_INVALID; | ||
315 | - if ((pmd_val(pmd) & mask) != result) | ||
316 | + mask = (write ? _SEGMENT_ENTRY_PROTECT : 0) | _SEGMENT_ENTRY_INVALID; | ||
317 | + if ((pmd_val(pmd) & mask) != 0) | ||
318 | return 0; | ||
319 | VM_BUG_ON(!pfn_valid(pmd_val(pmd) >> PAGE_SHIFT)); | ||
320 | |||
321 | diff --git a/arch/x86/kernel/fpu/regset.c b/arch/x86/kernel/fpu/regset.c | ||
322 | index b188b16841e3..8ab1a1f4d1c1 100644 | ||
323 | --- a/arch/x86/kernel/fpu/regset.c | ||
324 | +++ b/arch/x86/kernel/fpu/regset.c | ||
325 | @@ -131,11 +131,16 @@ int xstateregs_set(struct task_struct *target, const struct user_regset *regset, | ||
326 | |||
327 | fpu__activate_fpstate_write(fpu); | ||
328 | |||
329 | - if (boot_cpu_has(X86_FEATURE_XSAVES)) | ||
330 | + if (boot_cpu_has(X86_FEATURE_XSAVES)) { | ||
331 | ret = copyin_to_xsaves(kbuf, ubuf, xsave); | ||
332 | - else | ||
333 | + } else { | ||
334 | ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, xsave, 0, -1); | ||
335 | |||
336 | + /* xcomp_bv must be 0 when using uncompacted format */ | ||
337 | + if (!ret && xsave->header.xcomp_bv) | ||
338 | + ret = -EINVAL; | ||
339 | + } | ||
340 | + | ||
341 | /* | ||
342 | * In case of failure, mark all states as init: | ||
343 | */ | ||
344 | diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c | ||
345 | index 83c23c230b4c..3a9318610c4d 100644 | ||
346 | --- a/arch/x86/kernel/fpu/signal.c | ||
347 | +++ b/arch/x86/kernel/fpu/signal.c | ||
348 | @@ -329,6 +329,10 @@ static int __fpu__restore_sig(void __user *buf, void __user *buf_fx, int size) | ||
349 | } else { | ||
350 | err = __copy_from_user(&fpu->state.xsave, | ||
351 | buf_fx, state_size); | ||
352 | + | ||
353 | + /* xcomp_bv must be 0 when using uncompacted format */ | ||
354 | + if (!err && state_size > offsetof(struct xregs_state, header) && fpu->state.xsave.header.xcomp_bv) | ||
355 | + err = -EINVAL; | ||
356 | } | ||
357 | |||
358 | if (err || __copy_from_user(&env, buf, sizeof(env))) { | ||
359 | diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c | ||
360 | index d04e30e3c0ff..58590a698a1a 100644 | ||
361 | --- a/arch/x86/kernel/kvm.c | ||
362 | +++ b/arch/x86/kernel/kvm.c | ||
363 | @@ -140,7 +140,8 @@ void kvm_async_pf_task_wait(u32 token) | ||
364 | |||
365 | n.token = token; | ||
366 | n.cpu = smp_processor_id(); | ||
367 | - n.halted = is_idle_task(current) || preempt_count() > 1; | ||
368 | + n.halted = is_idle_task(current) || preempt_count() > 1 || | ||
369 | + rcu_preempt_depth(); | ||
370 | init_swait_queue_head(&n.wq); | ||
371 | hlist_add_head(&n.link, &b->list); | ||
372 | raw_spin_unlock(&b->lock); | ||
373 | diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c | ||
374 | index c6ef2940119b..95796e2efc38 100644 | ||
375 | --- a/arch/x86/kvm/vmx.c | ||
376 | +++ b/arch/x86/kvm/vmx.c | ||
377 | @@ -200,6 +200,8 @@ struct loaded_vmcs { | ||
378 | int cpu; | ||
379 | bool launched; | ||
380 | bool nmi_known_unmasked; | ||
381 | + unsigned long vmcs_host_cr3; /* May not match real cr3 */ | ||
382 | + unsigned long vmcs_host_cr4; /* May not match real cr4 */ | ||
383 | struct list_head loaded_vmcss_on_cpu_link; | ||
384 | }; | ||
385 | |||
386 | @@ -595,8 +597,6 @@ struct vcpu_vmx { | ||
387 | int gs_ldt_reload_needed; | ||
388 | int fs_reload_needed; | ||
389 | u64 msr_host_bndcfgs; | ||
390 | - unsigned long vmcs_host_cr3; /* May not match real cr3 */ | ||
391 | - unsigned long vmcs_host_cr4; /* May not match real cr4 */ | ||
392 | } host_state; | ||
393 | struct { | ||
394 | int vm86_active; | ||
395 | @@ -2187,46 +2187,44 @@ static void vmx_vcpu_pi_load(struct kvm_vcpu *vcpu, int cpu) | ||
396 | struct pi_desc old, new; | ||
397 | unsigned int dest; | ||
398 | |||
399 | - if (!kvm_arch_has_assigned_device(vcpu->kvm) || | ||
400 | - !irq_remapping_cap(IRQ_POSTING_CAP) || | ||
401 | - !kvm_vcpu_apicv_active(vcpu)) | ||
402 | + /* | ||
403 | + * In case of hot-plug or hot-unplug, we may have to undo | ||
404 | + * vmx_vcpu_pi_put even if there is no assigned device. And we | ||
405 | + * always keep PI.NDST up to date for simplicity: it makes the | ||
406 | + * code easier, and CPU migration is not a fast path. | ||
407 | + */ | ||
408 | + if (!pi_test_sn(pi_desc) && vcpu->cpu == cpu) | ||
409 | + return; | ||
410 | + | ||
411 | + /* | ||
412 | + * First handle the simple case where no cmpxchg is necessary; just | ||
413 | + * allow posting non-urgent interrupts. | ||
414 | + * | ||
415 | + * If the 'nv' field is POSTED_INTR_WAKEUP_VECTOR, do not change | ||
416 | + * PI.NDST: pi_post_block will do it for us and the wakeup_handler | ||
417 | + * expects the VCPU to be on the blocked_vcpu_list that matches | ||
418 | + * PI.NDST. | ||
419 | + */ | ||
420 | + if (pi_desc->nv == POSTED_INTR_WAKEUP_VECTOR || | ||
421 | + vcpu->cpu == cpu) { | ||
422 | + pi_clear_sn(pi_desc); | ||
423 | return; | ||
424 | + } | ||
425 | |||
426 | + /* The full case. */ | ||
427 | do { | ||
428 | old.control = new.control = pi_desc->control; | ||
429 | |||
430 | - /* | ||
431 | - * If 'nv' field is POSTED_INTR_WAKEUP_VECTOR, there | ||
432 | - * are two possible cases: | ||
433 | - * 1. After running 'pre_block', context switch | ||
434 | - * happened. For this case, 'sn' was set in | ||
435 | - * vmx_vcpu_put(), so we need to clear it here. | ||
436 | - * 2. After running 'pre_block', we were blocked, | ||
437 | - * and woken up by some other guy. For this case, | ||
438 | - * we don't need to do anything, 'pi_post_block' | ||
439 | - * will do everything for us. However, we cannot | ||
440 | - * check whether it is case #1 or case #2 here | ||
441 | - * (maybe, not needed), so we also clear sn here, | ||
442 | - * I think it is not a big deal. | ||
443 | - */ | ||
444 | - if (pi_desc->nv != POSTED_INTR_WAKEUP_VECTOR) { | ||
445 | - if (vcpu->cpu != cpu) { | ||
446 | - dest = cpu_physical_id(cpu); | ||
447 | - | ||
448 | - if (x2apic_enabled()) | ||
449 | - new.ndst = dest; | ||
450 | - else | ||
451 | - new.ndst = (dest << 8) & 0xFF00; | ||
452 | - } | ||
453 | + dest = cpu_physical_id(cpu); | ||
454 | |||
455 | - /* set 'NV' to 'notification vector' */ | ||
456 | - new.nv = POSTED_INTR_VECTOR; | ||
457 | - } | ||
458 | + if (x2apic_enabled()) | ||
459 | + new.ndst = dest; | ||
460 | + else | ||
461 | + new.ndst = (dest << 8) & 0xFF00; | ||
462 | |||
463 | - /* Allow posting non-urgent interrupts */ | ||
464 | new.sn = 0; | ||
465 | - } while (cmpxchg(&pi_desc->control, old.control, | ||
466 | - new.control) != old.control); | ||
467 | + } while (cmpxchg64(&pi_desc->control, old.control, | ||
468 | + new.control) != old.control); | ||
469 | } | ||
470 | |||
471 | static void decache_tsc_multiplier(struct vcpu_vmx *vmx) | ||
472 | @@ -5048,21 +5046,30 @@ static inline bool kvm_vcpu_trigger_posted_interrupt(struct kvm_vcpu *vcpu, | ||
473 | int pi_vec = nested ? POSTED_INTR_NESTED_VECTOR : POSTED_INTR_VECTOR; | ||
474 | |||
475 | if (vcpu->mode == IN_GUEST_MODE) { | ||
476 | - struct vcpu_vmx *vmx = to_vmx(vcpu); | ||
477 | - | ||
478 | /* | ||
479 | - * Currently, we don't support urgent interrupt, | ||
480 | - * all interrupts are recognized as non-urgent | ||
481 | - * interrupt, so we cannot post interrupts when | ||
482 | - * 'SN' is set. | ||
483 | + * The vector of interrupt to be delivered to vcpu had | ||
484 | + * been set in PIR before this function. | ||
485 | * | ||
486 | - * If the vcpu is in guest mode, it means it is | ||
487 | - * running instead of being scheduled out and | ||
488 | - * waiting in the run queue, and that's the only | ||
489 | - * case when 'SN' is set currently, warning if | ||
490 | - * 'SN' is set. | ||
491 | + * Following cases will be reached in this block, and | ||
492 | + * we always send a notification event in all cases as | ||
493 | + * explained below. | ||
494 | + * | ||
495 | + * Case 1: vcpu keeps in non-root mode. Sending a | ||
496 | + * notification event posts the interrupt to vcpu. | ||
497 | + * | ||
498 | + * Case 2: vcpu exits to root mode and is still | ||
499 | + * runnable. PIR will be synced to vIRR before the | ||
500 | + * next vcpu entry. Sending a notification event in | ||
501 | + * this case has no effect, as vcpu is not in root | ||
502 | + * mode. | ||
503 | + * | ||
504 | + * Case 3: vcpu exits to root mode and is blocked. | ||
505 | + * vcpu_block() has already synced PIR to vIRR and | ||
506 | + * never blocks vcpu if vIRR is not cleared. Therefore, | ||
507 | + * a blocked vcpu here does not wait for any requested | ||
508 | + * interrupts in PIR, and sending a notification event | ||
509 | + * which has no effect is safe here. | ||
510 | */ | ||
511 | - WARN_ON_ONCE(pi_test_sn(&vmx->pi_desc)); | ||
512 | |||
513 | apic->send_IPI_mask(get_cpu_mask(vcpu->cpu), pi_vec); | ||
514 | return true; | ||
515 | @@ -5140,12 +5147,12 @@ static void vmx_set_constant_host_state(struct vcpu_vmx *vmx) | ||
516 | */ | ||
517 | cr3 = __read_cr3(); | ||
518 | vmcs_writel(HOST_CR3, cr3); /* 22.2.3 FIXME: shadow tables */ | ||
519 | - vmx->host_state.vmcs_host_cr3 = cr3; | ||
520 | + vmx->loaded_vmcs->vmcs_host_cr3 = cr3; | ||
521 | |||
522 | /* Save the most likely value for this task's CR4 in the VMCS. */ | ||
523 | cr4 = cr4_read_shadow(); | ||
524 | vmcs_writel(HOST_CR4, cr4); /* 22.2.3, 22.2.5 */ | ||
525 | - vmx->host_state.vmcs_host_cr4 = cr4; | ||
526 | + vmx->loaded_vmcs->vmcs_host_cr4 = cr4; | ||
527 | |||
528 | vmcs_write16(HOST_CS_SELECTOR, __KERNEL_CS); /* 22.2.4 */ | ||
529 | #ifdef CONFIG_X86_64 | ||
530 | @@ -8994,15 +9001,15 @@ static void __noclone vmx_vcpu_run(struct kvm_vcpu *vcpu) | ||
531 | vmcs_writel(GUEST_RIP, vcpu->arch.regs[VCPU_REGS_RIP]); | ||
532 | |||
533 | cr3 = __get_current_cr3_fast(); | ||
534 | - if (unlikely(cr3 != vmx->host_state.vmcs_host_cr3)) { | ||
535 | + if (unlikely(cr3 != vmx->loaded_vmcs->vmcs_host_cr3)) { | ||
536 | vmcs_writel(HOST_CR3, cr3); | ||
537 | - vmx->host_state.vmcs_host_cr3 = cr3; | ||
538 | + vmx->loaded_vmcs->vmcs_host_cr3 = cr3; | ||
539 | } | ||
540 | |||
541 | cr4 = cr4_read_shadow(); | ||
542 | - if (unlikely(cr4 != vmx->host_state.vmcs_host_cr4)) { | ||
543 | + if (unlikely(cr4 != vmx->loaded_vmcs->vmcs_host_cr4)) { | ||
544 | vmcs_writel(HOST_CR4, cr4); | ||
545 | - vmx->host_state.vmcs_host_cr4 = cr4; | ||
546 | + vmx->loaded_vmcs->vmcs_host_cr4 = cr4; | ||
547 | } | ||
548 | |||
549 | /* When single-stepping over STI and MOV SS, we must clear the | ||
550 | @@ -9310,6 +9317,13 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id) | ||
551 | |||
552 | vmx->msr_ia32_feature_control_valid_bits = FEATURE_CONTROL_LOCKED; | ||
553 | |||
554 | + /* | ||
555 | + * Enforce invariant: pi_desc.nv is always either POSTED_INTR_VECTOR | ||
556 | + * or POSTED_INTR_WAKEUP_VECTOR. | ||
557 | + */ | ||
558 | + vmx->pi_desc.nv = POSTED_INTR_VECTOR; | ||
559 | + vmx->pi_desc.sn = 1; | ||
560 | + | ||
561 | return &vmx->vcpu; | ||
562 | |||
563 | free_vmcs: | ||
564 | @@ -10266,6 +10280,11 @@ static int prepare_vmcs02(struct kvm_vcpu *vcpu, struct vmcs12 *vmcs12, | ||
565 | if (exec_control & CPU_BASED_TPR_SHADOW) { | ||
566 | vmcs_write64(VIRTUAL_APIC_PAGE_ADDR, -1ull); | ||
567 | vmcs_write32(TPR_THRESHOLD, vmcs12->tpr_threshold); | ||
568 | + } else { | ||
569 | +#ifdef CONFIG_X86_64 | ||
570 | + exec_control |= CPU_BASED_CR8_LOAD_EXITING | | ||
571 | + CPU_BASED_CR8_STORE_EXITING; | ||
572 | +#endif | ||
573 | } | ||
574 | |||
575 | /* | ||
576 | @@ -11389,6 +11408,37 @@ static void vmx_enable_log_dirty_pt_masked(struct kvm *kvm, | ||
577 | kvm_mmu_clear_dirty_pt_masked(kvm, memslot, offset, mask); | ||
578 | } | ||
579 | |||
580 | +static void __pi_post_block(struct kvm_vcpu *vcpu) | ||
581 | +{ | ||
582 | + struct pi_desc *pi_desc = vcpu_to_pi_desc(vcpu); | ||
583 | + struct pi_desc old, new; | ||
584 | + unsigned int dest; | ||
585 | + | ||
586 | + do { | ||
587 | + old.control = new.control = pi_desc->control; | ||
588 | + WARN(old.nv != POSTED_INTR_WAKEUP_VECTOR, | ||
589 | + "Wakeup handler not enabled while the VCPU is blocked\n"); | ||
590 | + | ||
591 | + dest = cpu_physical_id(vcpu->cpu); | ||
592 | + | ||
593 | + if (x2apic_enabled()) | ||
594 | + new.ndst = dest; | ||
595 | + else | ||
596 | + new.ndst = (dest << 8) & 0xFF00; | ||
597 | + | ||
598 | + /* set 'NV' to 'notification vector' */ | ||
599 | + new.nv = POSTED_INTR_VECTOR; | ||
600 | + } while (cmpxchg64(&pi_desc->control, old.control, | ||
601 | + new.control) != old.control); | ||
602 | + | ||
603 | + if (!WARN_ON_ONCE(vcpu->pre_pcpu == -1)) { | ||
604 | + spin_lock(&per_cpu(blocked_vcpu_on_cpu_lock, vcpu->pre_pcpu)); | ||
605 | + list_del(&vcpu->blocked_vcpu_list); | ||
606 | + spin_unlock(&per_cpu(blocked_vcpu_on_cpu_lock, vcpu->pre_pcpu)); | ||
607 | + vcpu->pre_pcpu = -1; | ||
608 | + } | ||
609 | +} | ||
610 | + | ||
611 | /* | ||
612 | * This routine does the following things for vCPU which is going | ||
613 | * to be blocked if VT-d PI is enabled. | ||
614 | @@ -11404,7 +11454,6 @@ static void vmx_enable_log_dirty_pt_masked(struct kvm *kvm, | ||
615 | */ | ||
616 | static int pi_pre_block(struct kvm_vcpu *vcpu) | ||
617 | { | ||
618 | - unsigned long flags; | ||
619 | unsigned int dest; | ||
620 | struct pi_desc old, new; | ||
621 | struct pi_desc *pi_desc = vcpu_to_pi_desc(vcpu); | ||
622 | @@ -11414,34 +11463,20 @@ static int pi_pre_block(struct kvm_vcpu *vcpu) | ||
623 | !kvm_vcpu_apicv_active(vcpu)) | ||
624 | return 0; | ||
625 | |||
626 | - vcpu->pre_pcpu = vcpu->cpu; | ||
627 | - spin_lock_irqsave(&per_cpu(blocked_vcpu_on_cpu_lock, | ||
628 | - vcpu->pre_pcpu), flags); | ||
629 | - list_add_tail(&vcpu->blocked_vcpu_list, | ||
630 | - &per_cpu(blocked_vcpu_on_cpu, | ||
631 | - vcpu->pre_pcpu)); | ||
632 | - spin_unlock_irqrestore(&per_cpu(blocked_vcpu_on_cpu_lock, | ||
633 | - vcpu->pre_pcpu), flags); | ||
634 | + WARN_ON(irqs_disabled()); | ||
635 | + local_irq_disable(); | ||
636 | + if (!WARN_ON_ONCE(vcpu->pre_pcpu != -1)) { | ||
637 | + vcpu->pre_pcpu = vcpu->cpu; | ||
638 | + spin_lock(&per_cpu(blocked_vcpu_on_cpu_lock, vcpu->pre_pcpu)); | ||
639 | + list_add_tail(&vcpu->blocked_vcpu_list, | ||
640 | + &per_cpu(blocked_vcpu_on_cpu, | ||
641 | + vcpu->pre_pcpu)); | ||
642 | + spin_unlock(&per_cpu(blocked_vcpu_on_cpu_lock, vcpu->pre_pcpu)); | ||
643 | + } | ||
644 | |||
645 | do { | ||
646 | old.control = new.control = pi_desc->control; | ||
647 | |||
648 | - /* | ||
649 | - * We should not block the vCPU if | ||
650 | - * an interrupt is posted for it. | ||
651 | - */ | ||
652 | - if (pi_test_on(pi_desc) == 1) { | ||
653 | - spin_lock_irqsave(&per_cpu(blocked_vcpu_on_cpu_lock, | ||
654 | - vcpu->pre_pcpu), flags); | ||
655 | - list_del(&vcpu->blocked_vcpu_list); | ||
656 | - spin_unlock_irqrestore( | ||
657 | - &per_cpu(blocked_vcpu_on_cpu_lock, | ||
658 | - vcpu->pre_pcpu), flags); | ||
659 | - vcpu->pre_pcpu = -1; | ||
660 | - | ||
661 | - return 1; | ||
662 | - } | ||
663 | - | ||
664 | WARN((pi_desc->sn == 1), | ||
665 | "Warning: SN field of posted-interrupts " | ||
666 | "is set before blocking\n"); | ||
667 | @@ -11463,10 +11498,15 @@ static int pi_pre_block(struct kvm_vcpu *vcpu) | ||
668 | |||
669 | /* set 'NV' to 'wakeup vector' */ | ||
670 | new.nv = POSTED_INTR_WAKEUP_VECTOR; | ||
671 | - } while (cmpxchg(&pi_desc->control, old.control, | ||
672 | - new.control) != old.control); | ||
673 | + } while (cmpxchg64(&pi_desc->control, old.control, | ||
674 | + new.control) != old.control); | ||
675 | |||
676 | - return 0; | ||
677 | + /* We should not block the vCPU if an interrupt is posted for it. */ | ||
678 | + if (pi_test_on(pi_desc) == 1) | ||
679 | + __pi_post_block(vcpu); | ||
680 | + | ||
681 | + local_irq_enable(); | ||
682 | + return (vcpu->pre_pcpu == -1); | ||
683 | } | ||
684 | |||
685 | static int vmx_pre_block(struct kvm_vcpu *vcpu) | ||
686 | @@ -11482,44 +11522,13 @@ static int vmx_pre_block(struct kvm_vcpu *vcpu) | ||
687 | |||
688 | static void pi_post_block(struct kvm_vcpu *vcpu) | ||
689 | { | ||
690 | - struct pi_desc *pi_desc = vcpu_to_pi_desc(vcpu); | ||
691 | - struct pi_desc old, new; | ||
692 | - unsigned int dest; | ||
693 | - unsigned long flags; | ||
694 | - | ||
695 | - if (!kvm_arch_has_assigned_device(vcpu->kvm) || | ||
696 | - !irq_remapping_cap(IRQ_POSTING_CAP) || | ||
697 | - !kvm_vcpu_apicv_active(vcpu)) | ||
698 | + if (vcpu->pre_pcpu == -1) | ||
699 | return; | ||
700 | |||
701 | - do { | ||
702 | - old.control = new.control = pi_desc->control; | ||
703 | - | ||
704 | - dest = cpu_physical_id(vcpu->cpu); | ||
705 | - | ||
706 | - if (x2apic_enabled()) | ||
707 | - new.ndst = dest; | ||
708 | - else | ||
709 | - new.ndst = (dest << 8) & 0xFF00; | ||
710 | - | ||
711 | - /* Allow posting non-urgent interrupts */ | ||
712 | - new.sn = 0; | ||
713 | - | ||
714 | - /* set 'NV' to 'notification vector' */ | ||
715 | - new.nv = POSTED_INTR_VECTOR; | ||
716 | - } while (cmpxchg(&pi_desc->control, old.control, | ||
717 | - new.control) != old.control); | ||
718 | - | ||
719 | - if(vcpu->pre_pcpu != -1) { | ||
720 | - spin_lock_irqsave( | ||
721 | - &per_cpu(blocked_vcpu_on_cpu_lock, | ||
722 | - vcpu->pre_pcpu), flags); | ||
723 | - list_del(&vcpu->blocked_vcpu_list); | ||
724 | - spin_unlock_irqrestore( | ||
725 | - &per_cpu(blocked_vcpu_on_cpu_lock, | ||
726 | - vcpu->pre_pcpu), flags); | ||
727 | - vcpu->pre_pcpu = -1; | ||
728 | - } | ||
729 | + WARN_ON(irqs_disabled()); | ||
730 | + local_irq_disable(); | ||
731 | + __pi_post_block(vcpu); | ||
732 | + local_irq_enable(); | ||
733 | } | ||
734 | |||
735 | static void vmx_post_block(struct kvm_vcpu *vcpu) | ||
736 | @@ -11547,7 +11556,7 @@ static int vmx_update_pi_irte(struct kvm *kvm, unsigned int host_irq, | ||
737 | struct kvm_lapic_irq irq; | ||
738 | struct kvm_vcpu *vcpu; | ||
739 | struct vcpu_data vcpu_info; | ||
740 | - int idx, ret = -EINVAL; | ||
741 | + int idx, ret = 0; | ||
742 | |||
743 | if (!kvm_arch_has_assigned_device(kvm) || | ||
744 | !irq_remapping_cap(IRQ_POSTING_CAP) || | ||
745 | @@ -11556,7 +11565,12 @@ static int vmx_update_pi_irte(struct kvm *kvm, unsigned int host_irq, | ||
746 | |||
747 | idx = srcu_read_lock(&kvm->irq_srcu); | ||
748 | irq_rt = srcu_dereference(kvm->irq_routing, &kvm->irq_srcu); | ||
749 | - BUG_ON(guest_irq >= irq_rt->nr_rt_entries); | ||
750 | + if (guest_irq >= irq_rt->nr_rt_entries || | ||
751 | + hlist_empty(&irq_rt->map[guest_irq])) { | ||
752 | + pr_warn_once("no route for guest_irq %u/%u (broken user space?)\n", | ||
753 | + guest_irq, irq_rt->nr_rt_entries); | ||
754 | + goto out; | ||
755 | + } | ||
756 | |||
757 | hlist_for_each_entry(e, &irq_rt->map[guest_irq], link) { | ||
758 | if (e->type != KVM_IRQ_ROUTING_MSI) | ||
759 | @@ -11599,12 +11613,8 @@ static int vmx_update_pi_irte(struct kvm *kvm, unsigned int host_irq, | ||
760 | |||
761 | if (set) | ||
762 | ret = irq_set_vcpu_affinity(host_irq, &vcpu_info); | ||
763 | - else { | ||
764 | - /* suppress notification event before unposting */ | ||
765 | - pi_set_sn(vcpu_to_pi_desc(vcpu)); | ||
766 | + else | ||
767 | ret = irq_set_vcpu_affinity(host_irq, NULL); | ||
768 | - pi_clear_sn(vcpu_to_pi_desc(vcpu)); | ||
769 | - } | ||
770 | |||
771 | if (ret < 0) { | ||
772 | printk(KERN_INFO "%s: failed to update PI IRTE\n", | ||
773 | diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c | ||
774 | index 2a1fa10c6a98..955be01dd9cc 100644 | ||
775 | --- a/arch/x86/mm/fault.c | ||
776 | +++ b/arch/x86/mm/fault.c | ||
777 | @@ -192,8 +192,7 @@ is_prefetch(struct pt_regs *regs, unsigned long error_code, unsigned long addr) | ||
778 | * 6. T1 : reaches here, sees vma_pkey(vma)=5, when we really | ||
779 | * faulted on a pte with its pkey=4. | ||
780 | */ | ||
781 | -static void fill_sig_info_pkey(int si_code, siginfo_t *info, | ||
782 | - struct vm_area_struct *vma) | ||
783 | +static void fill_sig_info_pkey(int si_code, siginfo_t *info, u32 *pkey) | ||
784 | { | ||
785 | /* This is effectively an #ifdef */ | ||
786 | if (!boot_cpu_has(X86_FEATURE_OSPKE)) | ||
787 | @@ -209,7 +208,7 @@ static void fill_sig_info_pkey(int si_code, siginfo_t *info, | ||
788 | * valid VMA, so we should never reach this without a | ||
789 | * valid VMA. | ||
790 | */ | ||
791 | - if (!vma) { | ||
792 | + if (!pkey) { | ||
793 | WARN_ONCE(1, "PKU fault with no VMA passed in"); | ||
794 | info->si_pkey = 0; | ||
795 | return; | ||
796 | @@ -219,13 +218,12 @@ static void fill_sig_info_pkey(int si_code, siginfo_t *info, | ||
797 | * absolutely guranteed to be 100% accurate because of | ||
798 | * the race explained above. | ||
799 | */ | ||
800 | - info->si_pkey = vma_pkey(vma); | ||
801 | + info->si_pkey = *pkey; | ||
802 | } | ||
803 | |||
804 | static void | ||
805 | force_sig_info_fault(int si_signo, int si_code, unsigned long address, | ||
806 | - struct task_struct *tsk, struct vm_area_struct *vma, | ||
807 | - int fault) | ||
808 | + struct task_struct *tsk, u32 *pkey, int fault) | ||
809 | { | ||
810 | unsigned lsb = 0; | ||
811 | siginfo_t info; | ||
812 | @@ -240,7 +238,7 @@ force_sig_info_fault(int si_signo, int si_code, unsigned long address, | ||
813 | lsb = PAGE_SHIFT; | ||
814 | info.si_addr_lsb = lsb; | ||
815 | |||
816 | - fill_sig_info_pkey(si_code, &info, vma); | ||
817 | + fill_sig_info_pkey(si_code, &info, pkey); | ||
818 | |||
819 | force_sig_info(si_signo, &info, tsk); | ||
820 | } | ||
821 | @@ -758,8 +756,6 @@ no_context(struct pt_regs *regs, unsigned long error_code, | ||
822 | struct task_struct *tsk = current; | ||
823 | unsigned long flags; | ||
824 | int sig; | ||
825 | - /* No context means no VMA to pass down */ | ||
826 | - struct vm_area_struct *vma = NULL; | ||
827 | |||
828 | /* Are we prepared to handle this kernel fault? */ | ||
829 | if (fixup_exception(regs, X86_TRAP_PF)) { | ||
830 | @@ -784,7 +780,7 @@ no_context(struct pt_regs *regs, unsigned long error_code, | ||
831 | |||
832 | /* XXX: hwpoison faults will set the wrong code. */ | ||
833 | force_sig_info_fault(signal, si_code, address, | ||
834 | - tsk, vma, 0); | ||
835 | + tsk, NULL, 0); | ||
836 | } | ||
837 | |||
838 | /* | ||
839 | @@ -893,8 +889,7 @@ show_signal_msg(struct pt_regs *regs, unsigned long error_code, | ||
840 | |||
841 | static void | ||
842 | __bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code, | ||
843 | - unsigned long address, struct vm_area_struct *vma, | ||
844 | - int si_code) | ||
845 | + unsigned long address, u32 *pkey, int si_code) | ||
846 | { | ||
847 | struct task_struct *tsk = current; | ||
848 | |||
849 | @@ -942,7 +937,7 @@ __bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code, | ||
850 | tsk->thread.error_code = error_code; | ||
851 | tsk->thread.trap_nr = X86_TRAP_PF; | ||
852 | |||
853 | - force_sig_info_fault(SIGSEGV, si_code, address, tsk, vma, 0); | ||
854 | + force_sig_info_fault(SIGSEGV, si_code, address, tsk, pkey, 0); | ||
855 | |||
856 | return; | ||
857 | } | ||
858 | @@ -955,9 +950,9 @@ __bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code, | ||
859 | |||
860 | static noinline void | ||
861 | bad_area_nosemaphore(struct pt_regs *regs, unsigned long error_code, | ||
862 | - unsigned long address, struct vm_area_struct *vma) | ||
863 | + unsigned long address, u32 *pkey) | ||
864 | { | ||
865 | - __bad_area_nosemaphore(regs, error_code, address, vma, SEGV_MAPERR); | ||
866 | + __bad_area_nosemaphore(regs, error_code, address, pkey, SEGV_MAPERR); | ||
867 | } | ||
868 | |||
869 | static void | ||
870 | @@ -965,6 +960,10 @@ __bad_area(struct pt_regs *regs, unsigned long error_code, | ||
871 | unsigned long address, struct vm_area_struct *vma, int si_code) | ||
872 | { | ||
873 | struct mm_struct *mm = current->mm; | ||
874 | + u32 pkey; | ||
875 | + | ||
876 | + if (vma) | ||
877 | + pkey = vma_pkey(vma); | ||
878 | |||
879 | /* | ||
880 | * Something tried to access memory that isn't in our memory map.. | ||
881 | @@ -972,7 +971,8 @@ __bad_area(struct pt_regs *regs, unsigned long error_code, | ||
882 | */ | ||
883 | up_read(&mm->mmap_sem); | ||
884 | |||
885 | - __bad_area_nosemaphore(regs, error_code, address, vma, si_code); | ||
886 | + __bad_area_nosemaphore(regs, error_code, address, | ||
887 | + (vma) ? &pkey : NULL, si_code); | ||
888 | } | ||
889 | |||
890 | static noinline void | ||
891 | @@ -1015,7 +1015,7 @@ bad_area_access_error(struct pt_regs *regs, unsigned long error_code, | ||
892 | |||
893 | static void | ||
894 | do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address, | ||
895 | - struct vm_area_struct *vma, unsigned int fault) | ||
896 | + u32 *pkey, unsigned int fault) | ||
897 | { | ||
898 | struct task_struct *tsk = current; | ||
899 | int code = BUS_ADRERR; | ||
900 | @@ -1042,13 +1042,12 @@ do_sigbus(struct pt_regs *regs, unsigned long error_code, unsigned long address, | ||
901 | code = BUS_MCEERR_AR; | ||
902 | } | ||
903 | #endif | ||
904 | - force_sig_info_fault(SIGBUS, code, address, tsk, vma, fault); | ||
905 | + force_sig_info_fault(SIGBUS, code, address, tsk, pkey, fault); | ||
906 | } | ||
907 | |||
908 | static noinline void | ||
909 | mm_fault_error(struct pt_regs *regs, unsigned long error_code, | ||
910 | - unsigned long address, struct vm_area_struct *vma, | ||
911 | - unsigned int fault) | ||
912 | + unsigned long address, u32 *pkey, unsigned int fault) | ||
913 | { | ||
914 | if (fatal_signal_pending(current) && !(error_code & PF_USER)) { | ||
915 | no_context(regs, error_code, address, 0, 0); | ||
916 | @@ -1072,9 +1071,9 @@ mm_fault_error(struct pt_regs *regs, unsigned long error_code, | ||
917 | } else { | ||
918 | if (fault & (VM_FAULT_SIGBUS|VM_FAULT_HWPOISON| | ||
919 | VM_FAULT_HWPOISON_LARGE)) | ||
920 | - do_sigbus(regs, error_code, address, vma, fault); | ||
921 | + do_sigbus(regs, error_code, address, pkey, fault); | ||
922 | else if (fault & VM_FAULT_SIGSEGV) | ||
923 | - bad_area_nosemaphore(regs, error_code, address, vma); | ||
924 | + bad_area_nosemaphore(regs, error_code, address, pkey); | ||
925 | else | ||
926 | BUG(); | ||
927 | } | ||
928 | @@ -1268,6 +1267,7 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, | ||
929 | struct mm_struct *mm; | ||
930 | int fault, major = 0; | ||
931 | unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_KILLABLE; | ||
932 | + u32 pkey; | ||
933 | |||
934 | tsk = current; | ||
935 | mm = tsk->mm; | ||
936 | @@ -1468,9 +1468,10 @@ __do_page_fault(struct pt_regs *regs, unsigned long error_code, | ||
937 | return; | ||
938 | } | ||
939 | |||
940 | + pkey = vma_pkey(vma); | ||
941 | up_read(&mm->mmap_sem); | ||
942 | if (unlikely(fault & VM_FAULT_ERROR)) { | ||
943 | - mm_fault_error(regs, error_code, address, vma, fault); | ||
944 | + mm_fault_error(regs, error_code, address, &pkey, fault); | ||
945 | return; | ||
946 | } | ||
947 | |||
948 | diff --git a/block/bsg-lib.c b/block/bsg-lib.c | ||
949 | index dd56d7460cb9..c587c71d78af 100644 | ||
950 | --- a/block/bsg-lib.c | ||
951 | +++ b/block/bsg-lib.c | ||
952 | @@ -154,7 +154,6 @@ static int bsg_prepare_job(struct device *dev, struct request *req) | ||
953 | failjob_rls_rqst_payload: | ||
954 | kfree(job->request_payload.sg_list); | ||
955 | failjob_rls_job: | ||
956 | - kfree(job); | ||
957 | return -ENOMEM; | ||
958 | } | ||
959 | |||
960 | diff --git a/crypto/drbg.c b/crypto/drbg.c | ||
961 | index 633a88e93ab0..70018397e59a 100644 | ||
962 | --- a/crypto/drbg.c | ||
963 | +++ b/crypto/drbg.c | ||
964 | @@ -1133,10 +1133,10 @@ static inline void drbg_dealloc_state(struct drbg_state *drbg) | ||
965 | { | ||
966 | if (!drbg) | ||
967 | return; | ||
968 | - kzfree(drbg->V); | ||
969 | - drbg->Vbuf = NULL; | ||
970 | - kzfree(drbg->C); | ||
971 | - drbg->Cbuf = NULL; | ||
972 | + kzfree(drbg->Vbuf); | ||
973 | + drbg->V = NULL; | ||
974 | + kzfree(drbg->Cbuf); | ||
975 | + drbg->C = NULL; | ||
976 | kzfree(drbg->scratchpadbuf); | ||
977 | drbg->scratchpadbuf = NULL; | ||
978 | drbg->reseed_ctr = 0; | ||
979 | diff --git a/drivers/base/power/main.c b/drivers/base/power/main.c | ||
980 | index c99f8730de82..6ce97fc6d22c 100644 | ||
981 | --- a/drivers/base/power/main.c | ||
982 | +++ b/drivers/base/power/main.c | ||
983 | @@ -1835,10 +1835,13 @@ void device_pm_check_callbacks(struct device *dev) | ||
984 | { | ||
985 | spin_lock_irq(&dev->power.lock); | ||
986 | dev->power.no_pm_callbacks = | ||
987 | - (!dev->bus || pm_ops_is_empty(dev->bus->pm)) && | ||
988 | - (!dev->class || pm_ops_is_empty(dev->class->pm)) && | ||
989 | + (!dev->bus || (pm_ops_is_empty(dev->bus->pm) && | ||
990 | + !dev->bus->suspend && !dev->bus->resume)) && | ||
991 | + (!dev->class || (pm_ops_is_empty(dev->class->pm) && | ||
992 | + !dev->class->suspend && !dev->class->resume)) && | ||
993 | (!dev->type || pm_ops_is_empty(dev->type->pm)) && | ||
994 | (!dev->pm_domain || pm_ops_is_empty(&dev->pm_domain->ops)) && | ||
995 | - (!dev->driver || pm_ops_is_empty(dev->driver->pm)); | ||
996 | + (!dev->driver || (pm_ops_is_empty(dev->driver->pm) && | ||
997 | + !dev->driver->suspend && !dev->driver->resume)); | ||
998 | spin_unlock_irq(&dev->power.lock); | ||
999 | } | ||
1000 | diff --git a/drivers/base/power/opp/core.c b/drivers/base/power/opp/core.c | ||
1001 | index a8cc14fd8ae4..a6de32530693 100644 | ||
1002 | --- a/drivers/base/power/opp/core.c | ||
1003 | +++ b/drivers/base/power/opp/core.c | ||
1004 | @@ -1581,6 +1581,9 @@ static int _opp_set_availability(struct device *dev, unsigned long freq, | ||
1005 | |||
1006 | opp->available = availability_req; | ||
1007 | |||
1008 | + dev_pm_opp_get(opp); | ||
1009 | + mutex_unlock(&opp_table->lock); | ||
1010 | + | ||
1011 | /* Notify the change of the OPP availability */ | ||
1012 | if (availability_req) | ||
1013 | blocking_notifier_call_chain(&opp_table->head, OPP_EVENT_ENABLE, | ||
1014 | @@ -1589,8 +1592,12 @@ static int _opp_set_availability(struct device *dev, unsigned long freq, | ||
1015 | blocking_notifier_call_chain(&opp_table->head, | ||
1016 | OPP_EVENT_DISABLE, opp); | ||
1017 | |||
1018 | + dev_pm_opp_put(opp); | ||
1019 | + goto put_table; | ||
1020 | + | ||
1021 | unlock: | ||
1022 | mutex_unlock(&opp_table->lock); | ||
1023 | +put_table: | ||
1024 | dev_pm_opp_put_opp_table(opp_table); | ||
1025 | return r; | ||
1026 | } | ||
1027 | diff --git a/drivers/block/brd.c b/drivers/block/brd.c | ||
1028 | index 104b71c0490d..b7dce4e3f5ff 100644 | ||
1029 | --- a/drivers/block/brd.c | ||
1030 | +++ b/drivers/block/brd.c | ||
1031 | @@ -339,7 +339,7 @@ static long __brd_direct_access(struct brd_device *brd, pgoff_t pgoff, | ||
1032 | |||
1033 | if (!brd) | ||
1034 | return -ENODEV; | ||
1035 | - page = brd_insert_page(brd, PFN_PHYS(pgoff) / 512); | ||
1036 | + page = brd_insert_page(brd, (sector_t)pgoff << PAGE_SECTORS_SHIFT); | ||
1037 | if (!page) | ||
1038 | return -ENOSPC; | ||
1039 | *kaddr = page_address(page); | ||
1040 | diff --git a/drivers/crypto/talitos.c b/drivers/crypto/talitos.c | ||
1041 | index 79791c690858..dff88838dce7 100644 | ||
1042 | --- a/drivers/crypto/talitos.c | ||
1043 | +++ b/drivers/crypto/talitos.c | ||
1044 | @@ -1756,9 +1756,9 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc, | ||
1045 | req_ctx->swinit = 0; | ||
1046 | } else { | ||
1047 | desc->ptr[1] = zero_entry; | ||
1048 | - /* Indicate next op is not the first. */ | ||
1049 | - req_ctx->first = 0; | ||
1050 | } | ||
1051 | + /* Indicate next op is not the first. */ | ||
1052 | + req_ctx->first = 0; | ||
1053 | |||
1054 | /* HMAC key */ | ||
1055 | if (ctx->keylen) | ||
1056 | @@ -1769,7 +1769,7 @@ static int common_nonsnoop_hash(struct talitos_edesc *edesc, | ||
1057 | |||
1058 | sg_count = edesc->src_nents ?: 1; | ||
1059 | if (is_sec1 && sg_count > 1) | ||
1060 | - sg_copy_to_buffer(areq->src, sg_count, edesc->buf, length); | ||
1061 | + sg_copy_to_buffer(req_ctx->psrc, sg_count, edesc->buf, length); | ||
1062 | else | ||
1063 | sg_count = dma_map_sg(dev, req_ctx->psrc, sg_count, | ||
1064 | DMA_TO_DEVICE); | ||
1065 | @@ -3057,7 +3057,8 @@ static struct talitos_crypto_alg *talitos_alg_alloc(struct device *dev, | ||
1066 | t_alg->algt.alg.hash.final = ahash_final; | ||
1067 | t_alg->algt.alg.hash.finup = ahash_finup; | ||
1068 | t_alg->algt.alg.hash.digest = ahash_digest; | ||
1069 | - t_alg->algt.alg.hash.setkey = ahash_setkey; | ||
1070 | + if (!strncmp(alg->cra_name, "hmac", 4)) | ||
1071 | + t_alg->algt.alg.hash.setkey = ahash_setkey; | ||
1072 | t_alg->algt.alg.hash.import = ahash_import; | ||
1073 | t_alg->algt.alg.hash.export = ahash_export; | ||
1074 | |||
1075 | diff --git a/drivers/dax/super.c b/drivers/dax/super.c | ||
1076 | index 938eb4868f7f..8b458f1b30c7 100644 | ||
1077 | --- a/drivers/dax/super.c | ||
1078 | +++ b/drivers/dax/super.c | ||
1079 | @@ -189,8 +189,10 @@ static umode_t dax_visible(struct kobject *kobj, struct attribute *a, int n) | ||
1080 | if (!dax_dev) | ||
1081 | return 0; | ||
1082 | |||
1083 | - if (a == &dev_attr_write_cache.attr && !dax_dev->ops->flush) | ||
1084 | +#ifndef CONFIG_ARCH_HAS_PMEM_API | ||
1085 | + if (a == &dev_attr_write_cache.attr) | ||
1086 | return 0; | ||
1087 | +#endif | ||
1088 | return a->mode; | ||
1089 | } | ||
1090 | |||
1091 | @@ -255,18 +257,23 @@ size_t dax_copy_from_iter(struct dax_device *dax_dev, pgoff_t pgoff, void *addr, | ||
1092 | } | ||
1093 | EXPORT_SYMBOL_GPL(dax_copy_from_iter); | ||
1094 | |||
1095 | -void dax_flush(struct dax_device *dax_dev, pgoff_t pgoff, void *addr, | ||
1096 | - size_t size) | ||
1097 | +#ifdef CONFIG_ARCH_HAS_PMEM_API | ||
1098 | +void arch_wb_cache_pmem(void *addr, size_t size); | ||
1099 | +void dax_flush(struct dax_device *dax_dev, void *addr, size_t size) | ||
1100 | { | ||
1101 | - if (!dax_alive(dax_dev)) | ||
1102 | + if (unlikely(!dax_alive(dax_dev))) | ||
1103 | return; | ||
1104 | |||
1105 | - if (!test_bit(DAXDEV_WRITE_CACHE, &dax_dev->flags)) | ||
1106 | + if (unlikely(!test_bit(DAXDEV_WRITE_CACHE, &dax_dev->flags))) | ||
1107 | return; | ||
1108 | |||
1109 | - if (dax_dev->ops->flush) | ||
1110 | - dax_dev->ops->flush(dax_dev, pgoff, addr, size); | ||
1111 | + arch_wb_cache_pmem(addr, size); | ||
1112 | } | ||
1113 | +#else | ||
1114 | +void dax_flush(struct dax_device *dax_dev, void *addr, size_t size) | ||
1115 | +{ | ||
1116 | +} | ||
1117 | +#endif | ||
1118 | EXPORT_SYMBOL_GPL(dax_flush); | ||
1119 | |||
1120 | void dax_write_cache(struct dax_device *dax_dev, bool wc) | ||
1121 | diff --git a/drivers/gpu/drm/amd/amdgpu/gfx_v6_0.c b/drivers/gpu/drm/amd/amdgpu/gfx_v6_0.c | ||
1122 | index 5173ca1fd159..5e371abf3633 100644 | ||
1123 | --- a/drivers/gpu/drm/amd/amdgpu/gfx_v6_0.c | ||
1124 | +++ b/drivers/gpu/drm/amd/amdgpu/gfx_v6_0.c | ||
1125 | @@ -636,7 +636,194 @@ static void gfx_v6_0_tiling_mode_table_init(struct amdgpu_device *adev) | ||
1126 | NUM_BANKS(ADDR_SURF_2_BANK); | ||
1127 | for (reg_offset = 0; reg_offset < num_tile_mode_states; reg_offset++) | ||
1128 | WREG32(mmGB_TILE_MODE0 + reg_offset, tilemode[reg_offset]); | ||
1129 | - } else if (adev->asic_type == CHIP_OLAND || adev->asic_type == CHIP_HAINAN) { | ||
1130 | + } else if (adev->asic_type == CHIP_OLAND) { | ||
1131 | + tilemode[0] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1132 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1133 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1134 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_64B) | | ||
1135 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1136 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1137 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1138 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1139 | + tilemode[1] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1140 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1141 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1142 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_128B) | | ||
1143 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1144 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1145 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1146 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1147 | + tilemode[2] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1148 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1149 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1150 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1151 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1152 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1153 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1154 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1155 | + tilemode[3] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1156 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1157 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1158 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_128B) | | ||
1159 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1160 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1161 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1162 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1163 | + tilemode[4] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1164 | + ARRAY_MODE(ARRAY_1D_TILED_THIN1) | | ||
1165 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1166 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_64B) | | ||
1167 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1168 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1169 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1170 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1171 | + tilemode[5] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1172 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1173 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1174 | + TILE_SPLIT(split_equal_to_row_size) | | ||
1175 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1176 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1177 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1178 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1179 | + tilemode[6] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1180 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1181 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1182 | + TILE_SPLIT(split_equal_to_row_size) | | ||
1183 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1184 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1185 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_1) | | ||
1186 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1187 | + tilemode[7] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1188 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1189 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1190 | + TILE_SPLIT(split_equal_to_row_size) | | ||
1191 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1192 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1193 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1194 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1195 | + tilemode[8] = MICRO_TILE_MODE(ADDR_SURF_DISPLAY_MICRO_TILING) | | ||
1196 | + ARRAY_MODE(ARRAY_LINEAR_ALIGNED) | | ||
1197 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1198 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_64B) | | ||
1199 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1200 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1201 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1202 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1203 | + tilemode[9] = MICRO_TILE_MODE(ADDR_SURF_DISPLAY_MICRO_TILING) | | ||
1204 | + ARRAY_MODE(ARRAY_1D_TILED_THIN1) | | ||
1205 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1206 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_64B) | | ||
1207 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1208 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1209 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1210 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1211 | + tilemode[10] = MICRO_TILE_MODE(ADDR_SURF_DISPLAY_MICRO_TILING) | | ||
1212 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1213 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1214 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1215 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1216 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1217 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1218 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1219 | + tilemode[11] = MICRO_TILE_MODE(ADDR_SURF_DISPLAY_MICRO_TILING) | | ||
1220 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1221 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1222 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1223 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1224 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1225 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1226 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1227 | + tilemode[12] = MICRO_TILE_MODE(ADDR_SURF_DISPLAY_MICRO_TILING) | | ||
1228 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1229 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1230 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_512B) | | ||
1231 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1232 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1233 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_1) | | ||
1234 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1235 | + tilemode[13] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1236 | + ARRAY_MODE(ARRAY_1D_TILED_THIN1) | | ||
1237 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1238 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_64B) | | ||
1239 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1240 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1241 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1242 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1243 | + tilemode[14] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1244 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1245 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1246 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1247 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1248 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1249 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1250 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1251 | + tilemode[15] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1252 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1253 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1254 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1255 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1256 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1257 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1258 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1259 | + tilemode[16] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1260 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1261 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1262 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_512B) | | ||
1263 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1264 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1265 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_1) | | ||
1266 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1267 | + tilemode[17] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1268 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1269 | + PIPE_CONFIG(ADDR_SURF_P4_8x16) | | ||
1270 | + TILE_SPLIT(split_equal_to_row_size) | | ||
1271 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1272 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1273 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_1) | | ||
1274 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1275 | + tilemode[21] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1276 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1277 | + PIPE_CONFIG(ADDR_SURF_P8_32x32_8x16) | | ||
1278 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1279 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1280 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_2) | | ||
1281 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1282 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1283 | + tilemode[22] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1284 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1285 | + PIPE_CONFIG(ADDR_SURF_P8_32x32_8x16) | | ||
1286 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1287 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1288 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1289 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_4) | | ||
1290 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_4); | ||
1291 | + tilemode[23] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1292 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1293 | + PIPE_CONFIG(ADDR_SURF_P8_32x32_8x16) | | ||
1294 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_256B) | | ||
1295 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1296 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1297 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_2) | | ||
1298 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1299 | + tilemode[24] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1300 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1301 | + PIPE_CONFIG(ADDR_SURF_P8_32x32_8x16) | | ||
1302 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_512B) | | ||
1303 | + NUM_BANKS(ADDR_SURF_16_BANK) | | ||
1304 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1305 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_1) | | ||
1306 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_2); | ||
1307 | + tilemode[25] = MICRO_TILE_MODE(ADDR_SURF_THIN_MICRO_TILING) | | ||
1308 | + ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1309 | + PIPE_CONFIG(ADDR_SURF_P8_32x32_8x16) | | ||
1310 | + TILE_SPLIT(ADDR_SURF_TILE_SPLIT_1KB) | | ||
1311 | + NUM_BANKS(ADDR_SURF_8_BANK) | | ||
1312 | + BANK_WIDTH(ADDR_SURF_BANK_WIDTH_1) | | ||
1313 | + BANK_HEIGHT(ADDR_SURF_BANK_HEIGHT_1) | | ||
1314 | + MACRO_TILE_ASPECT(ADDR_SURF_MACRO_ASPECT_1); | ||
1315 | + for (reg_offset = 0; reg_offset < num_tile_mode_states; reg_offset++) | ||
1316 | + WREG32(mmGB_TILE_MODE0 + reg_offset, tilemode[reg_offset]); | ||
1317 | + } else if (adev->asic_type == CHIP_HAINAN) { | ||
1318 | tilemode[0] = MICRO_TILE_MODE(ADDR_SURF_DEPTH_MICRO_TILING) | | ||
1319 | ARRAY_MODE(ARRAY_2D_TILED_THIN1) | | ||
1320 | PIPE_CONFIG(ADDR_SURF_P2) | | ||
1321 | diff --git a/drivers/gpu/drm/etnaviv/etnaviv_gem.c b/drivers/gpu/drm/etnaviv/etnaviv_gem.c | ||
1322 | index 9a3bea738330..87b95eeedd9e 100644 | ||
1323 | --- a/drivers/gpu/drm/etnaviv/etnaviv_gem.c | ||
1324 | +++ b/drivers/gpu/drm/etnaviv/etnaviv_gem.c | ||
1325 | @@ -551,12 +551,15 @@ static const struct etnaviv_gem_ops etnaviv_gem_shmem_ops = { | ||
1326 | void etnaviv_gem_free_object(struct drm_gem_object *obj) | ||
1327 | { | ||
1328 | struct etnaviv_gem_object *etnaviv_obj = to_etnaviv_bo(obj); | ||
1329 | + struct etnaviv_drm_private *priv = obj->dev->dev_private; | ||
1330 | struct etnaviv_vram_mapping *mapping, *tmp; | ||
1331 | |||
1332 | /* object should not be active */ | ||
1333 | WARN_ON(is_active(etnaviv_obj)); | ||
1334 | |||
1335 | + mutex_lock(&priv->gem_lock); | ||
1336 | list_del(&etnaviv_obj->gem_node); | ||
1337 | + mutex_unlock(&priv->gem_lock); | ||
1338 | |||
1339 | list_for_each_entry_safe(mapping, tmp, &etnaviv_obj->vram_list, | ||
1340 | obj_node) { | ||
1341 | diff --git a/drivers/gpu/drm/etnaviv/etnaviv_gem_submit.c b/drivers/gpu/drm/etnaviv/etnaviv_gem_submit.c | ||
1342 | index 6463fc2c736f..b95362186f9c 100644 | ||
1343 | --- a/drivers/gpu/drm/etnaviv/etnaviv_gem_submit.c | ||
1344 | +++ b/drivers/gpu/drm/etnaviv/etnaviv_gem_submit.c | ||
1345 | @@ -445,8 +445,10 @@ int etnaviv_ioctl_gem_submit(struct drm_device *dev, void *data, | ||
1346 | cmdbuf->user_size = ALIGN(args->stream_size, 8); | ||
1347 | |||
1348 | ret = etnaviv_gpu_submit(gpu, submit, cmdbuf); | ||
1349 | - if (ret == 0) | ||
1350 | - cmdbuf = NULL; | ||
1351 | + if (ret) | ||
1352 | + goto out; | ||
1353 | + | ||
1354 | + cmdbuf = NULL; | ||
1355 | |||
1356 | if (args->flags & ETNA_SUBMIT_FENCE_FD_OUT) { | ||
1357 | /* | ||
1358 | diff --git a/drivers/gpu/drm/exynos/exynos_drm_drv.c b/drivers/gpu/drm/exynos/exynos_drm_drv.c | ||
1359 | index 242bd50faa26..bcc94e559cd0 100644 | ||
1360 | --- a/drivers/gpu/drm/exynos/exynos_drm_drv.c | ||
1361 | +++ b/drivers/gpu/drm/exynos/exynos_drm_drv.c | ||
1362 | @@ -176,6 +176,7 @@ static int exynos_drm_suspend(struct device *dev) | ||
1363 | if (pm_runtime_suspended(dev) || !drm_dev) | ||
1364 | return 0; | ||
1365 | |||
1366 | + drm_modeset_lock_all(drm_dev); | ||
1367 | drm_connector_list_iter_begin(drm_dev, &conn_iter); | ||
1368 | drm_for_each_connector_iter(connector, &conn_iter) { | ||
1369 | int old_dpms = connector->dpms; | ||
1370 | @@ -187,6 +188,7 @@ static int exynos_drm_suspend(struct device *dev) | ||
1371 | connector->dpms = old_dpms; | ||
1372 | } | ||
1373 | drm_connector_list_iter_end(&conn_iter); | ||
1374 | + drm_modeset_unlock_all(drm_dev); | ||
1375 | |||
1376 | return 0; | ||
1377 | } | ||
1378 | @@ -200,6 +202,7 @@ static int exynos_drm_resume(struct device *dev) | ||
1379 | if (pm_runtime_suspended(dev) || !drm_dev) | ||
1380 | return 0; | ||
1381 | |||
1382 | + drm_modeset_lock_all(drm_dev); | ||
1383 | drm_connector_list_iter_begin(drm_dev, &conn_iter); | ||
1384 | drm_for_each_connector_iter(connector, &conn_iter) { | ||
1385 | if (connector->funcs->dpms) { | ||
1386 | @@ -210,6 +213,7 @@ static int exynos_drm_resume(struct device *dev) | ||
1387 | } | ||
1388 | } | ||
1389 | drm_connector_list_iter_end(&conn_iter); | ||
1390 | + drm_modeset_unlock_all(drm_dev); | ||
1391 | |||
1392 | return 0; | ||
1393 | } | ||
1394 | diff --git a/drivers/gpu/drm/i915/gvt/cfg_space.c b/drivers/gpu/drm/i915/gvt/cfg_space.c | ||
1395 | index 40af17ec6312..ff3154fe6588 100644 | ||
1396 | --- a/drivers/gpu/drm/i915/gvt/cfg_space.c | ||
1397 | +++ b/drivers/gpu/drm/i915/gvt/cfg_space.c | ||
1398 | @@ -197,78 +197,65 @@ static int emulate_pci_command_write(struct intel_vgpu *vgpu, | ||
1399 | static int emulate_pci_bar_write(struct intel_vgpu *vgpu, unsigned int offset, | ||
1400 | void *p_data, unsigned int bytes) | ||
1401 | { | ||
1402 | - unsigned int bar_index = | ||
1403 | - (rounddown(offset, 8) % PCI_BASE_ADDRESS_0) / 8; | ||
1404 | u32 new = *(u32 *)(p_data); | ||
1405 | bool lo = IS_ALIGNED(offset, 8); | ||
1406 | u64 size; | ||
1407 | int ret = 0; | ||
1408 | bool mmio_enabled = | ||
1409 | vgpu_cfg_space(vgpu)[PCI_COMMAND] & PCI_COMMAND_MEMORY; | ||
1410 | + struct intel_vgpu_pci_bar *bars = vgpu->cfg_space.bar; | ||
1411 | |||
1412 | - if (WARN_ON(bar_index >= INTEL_GVT_PCI_BAR_MAX)) | ||
1413 | - return -EINVAL; | ||
1414 | - | ||
1415 | + /* | ||
1416 | + * Power-up software can determine how much address | ||
1417 | + * space the device requires by writing a value of | ||
1418 | + * all 1's to the register and then reading the value | ||
1419 | + * back. The device will return 0's in all don't-care | ||
1420 | + * address bits. | ||
1421 | + */ | ||
1422 | if (new == 0xffffffff) { | ||
1423 | - /* | ||
1424 | - * Power-up software can determine how much address | ||
1425 | - * space the device requires by writing a value of | ||
1426 | - * all 1's to the register and then reading the value | ||
1427 | - * back. The device will return 0's in all don't-care | ||
1428 | - * address bits. | ||
1429 | - */ | ||
1430 | - size = vgpu->cfg_space.bar[bar_index].size; | ||
1431 | - if (lo) { | ||
1432 | - new = rounddown(new, size); | ||
1433 | - } else { | ||
1434 | - u32 val = vgpu_cfg_space(vgpu)[rounddown(offset, 8)]; | ||
1435 | - /* for 32bit mode bar it returns all-0 in upper 32 | ||
1436 | - * bit, for 64bit mode bar it will calculate the | ||
1437 | - * size with lower 32bit and return the corresponding | ||
1438 | - * value | ||
1439 | + switch (offset) { | ||
1440 | + case PCI_BASE_ADDRESS_0: | ||
1441 | + case PCI_BASE_ADDRESS_1: | ||
1442 | + size = ~(bars[INTEL_GVT_PCI_BAR_GTTMMIO].size -1); | ||
1443 | + intel_vgpu_write_pci_bar(vgpu, offset, | ||
1444 | + size >> (lo ? 0 : 32), lo); | ||
1445 | + /* | ||
1446 | + * Untrap the BAR, since guest hasn't configured a | ||
1447 | + * valid GPA | ||
1448 | */ | ||
1449 | - if (val & PCI_BASE_ADDRESS_MEM_TYPE_64) | ||
1450 | - new &= (~(size-1)) >> 32; | ||
1451 | - else | ||
1452 | - new = 0; | ||
1453 | - } | ||
1454 | - /* | ||
1455 | - * Unmapp & untrap the BAR, since guest hasn't configured a | ||
1456 | - * valid GPA | ||
1457 | - */ | ||
1458 | - switch (bar_index) { | ||
1459 | - case INTEL_GVT_PCI_BAR_GTTMMIO: | ||
1460 | ret = trap_gttmmio(vgpu, false); | ||
1461 | break; | ||
1462 | - case INTEL_GVT_PCI_BAR_APERTURE: | ||
1463 | + case PCI_BASE_ADDRESS_2: | ||
1464 | + case PCI_BASE_ADDRESS_3: | ||
1465 | + size = ~(bars[INTEL_GVT_PCI_BAR_APERTURE].size -1); | ||
1466 | + intel_vgpu_write_pci_bar(vgpu, offset, | ||
1467 | + size >> (lo ? 0 : 32), lo); | ||
1468 | ret = map_aperture(vgpu, false); | ||
1469 | break; | ||
1470 | + default: | ||
1471 | + /* Unimplemented BARs */ | ||
1472 | + intel_vgpu_write_pci_bar(vgpu, offset, 0x0, false); | ||
1473 | } | ||
1474 | - intel_vgpu_write_pci_bar(vgpu, offset, new, lo); | ||
1475 | } else { | ||
1476 | - /* | ||
1477 | - * Unmapp & untrap the old BAR first, since guest has | ||
1478 | - * re-configured the BAR | ||
1479 | - */ | ||
1480 | - switch (bar_index) { | ||
1481 | - case INTEL_GVT_PCI_BAR_GTTMMIO: | ||
1482 | - ret = trap_gttmmio(vgpu, false); | ||
1483 | + switch (offset) { | ||
1484 | + case PCI_BASE_ADDRESS_0: | ||
1485 | + case PCI_BASE_ADDRESS_1: | ||
1486 | + /* | ||
1487 | + * Untrap the old BAR first, since guest has | ||
1488 | + * re-configured the BAR | ||
1489 | + */ | ||
1490 | + trap_gttmmio(vgpu, false); | ||
1491 | + intel_vgpu_write_pci_bar(vgpu, offset, new, lo); | ||
1492 | + ret = trap_gttmmio(vgpu, mmio_enabled); | ||
1493 | break; | ||
1494 | - case INTEL_GVT_PCI_BAR_APERTURE: | ||
1495 | - ret = map_aperture(vgpu, false); | ||
1496 | + case PCI_BASE_ADDRESS_2: | ||
1497 | + case PCI_BASE_ADDRESS_3: | ||
1498 | + map_aperture(vgpu, false); | ||
1499 | + intel_vgpu_write_pci_bar(vgpu, offset, new, lo); | ||
1500 | + ret = map_aperture(vgpu, mmio_enabled); | ||
1501 | break; | ||
1502 | - } | ||
1503 | - intel_vgpu_write_pci_bar(vgpu, offset, new, lo); | ||
1504 | - /* Track the new BAR */ | ||
1505 | - if (mmio_enabled) { | ||
1506 | - switch (bar_index) { | ||
1507 | - case INTEL_GVT_PCI_BAR_GTTMMIO: | ||
1508 | - ret = trap_gttmmio(vgpu, true); | ||
1509 | - break; | ||
1510 | - case INTEL_GVT_PCI_BAR_APERTURE: | ||
1511 | - ret = map_aperture(vgpu, true); | ||
1512 | - break; | ||
1513 | - } | ||
1514 | + default: | ||
1515 | + intel_vgpu_write_pci_bar(vgpu, offset, new, lo); | ||
1516 | } | ||
1517 | } | ||
1518 | return ret; | ||
1519 | @@ -299,10 +286,7 @@ int intel_vgpu_emulate_cfg_write(struct intel_vgpu *vgpu, unsigned int offset, | ||
1520 | } | ||
1521 | |||
1522 | switch (rounddown(offset, 4)) { | ||
1523 | - case PCI_BASE_ADDRESS_0: | ||
1524 | - case PCI_BASE_ADDRESS_1: | ||
1525 | - case PCI_BASE_ADDRESS_2: | ||
1526 | - case PCI_BASE_ADDRESS_3: | ||
1527 | + case PCI_BASE_ADDRESS_0 ... PCI_BASE_ADDRESS_5: | ||
1528 | if (WARN_ON(!IS_ALIGNED(offset, 4))) | ||
1529 | return -EINVAL; | ||
1530 | return emulate_pci_bar_write(vgpu, offset, p_data, bytes); | ||
1531 | @@ -344,7 +328,6 @@ void intel_vgpu_init_cfg_space(struct intel_vgpu *vgpu, | ||
1532 | struct intel_gvt *gvt = vgpu->gvt; | ||
1533 | const struct intel_gvt_device_info *info = &gvt->device_info; | ||
1534 | u16 *gmch_ctl; | ||
1535 | - int i; | ||
1536 | |||
1537 | memcpy(vgpu_cfg_space(vgpu), gvt->firmware.cfg_space, | ||
1538 | info->cfg_space_size); | ||
1539 | @@ -371,13 +354,13 @@ void intel_vgpu_init_cfg_space(struct intel_vgpu *vgpu, | ||
1540 | */ | ||
1541 | memset(vgpu_cfg_space(vgpu) + PCI_BASE_ADDRESS_1, 0, 4); | ||
1542 | memset(vgpu_cfg_space(vgpu) + PCI_BASE_ADDRESS_3, 0, 4); | ||
1543 | + memset(vgpu_cfg_space(vgpu) + PCI_BASE_ADDRESS_4, 0, 8); | ||
1544 | memset(vgpu_cfg_space(vgpu) + INTEL_GVT_PCI_OPREGION, 0, 4); | ||
1545 | |||
1546 | - for (i = 0; i < INTEL_GVT_MAX_BAR_NUM; i++) { | ||
1547 | - vgpu->cfg_space.bar[i].size = pci_resource_len( | ||
1548 | - gvt->dev_priv->drm.pdev, i * 2); | ||
1549 | - vgpu->cfg_space.bar[i].tracked = false; | ||
1550 | - } | ||
1551 | + vgpu->cfg_space.bar[INTEL_GVT_PCI_BAR_GTTMMIO].size = | ||
1552 | + pci_resource_len(gvt->dev_priv->drm.pdev, 0); | ||
1553 | + vgpu->cfg_space.bar[INTEL_GVT_PCI_BAR_APERTURE].size = | ||
1554 | + pci_resource_len(gvt->dev_priv->drm.pdev, 2); | ||
1555 | } | ||
1556 | |||
1557 | /** | ||
1558 | diff --git a/drivers/gpu/drm/i915/intel_dsi.c b/drivers/gpu/drm/i915/intel_dsi.c | ||
1559 | index 50ec836da8b1..4b8f6e070b5f 100644 | ||
1560 | --- a/drivers/gpu/drm/i915/intel_dsi.c | ||
1561 | +++ b/drivers/gpu/drm/i915/intel_dsi.c | ||
1562 | @@ -892,8 +892,6 @@ static void intel_dsi_disable(struct intel_encoder *encoder, | ||
1563 | struct intel_crtc_state *old_crtc_state, | ||
1564 | struct drm_connector_state *old_conn_state) | ||
1565 | { | ||
1566 | - struct drm_device *dev = encoder->base.dev; | ||
1567 | - struct drm_i915_private *dev_priv = dev->dev_private; | ||
1568 | struct intel_dsi *intel_dsi = enc_to_intel_dsi(&encoder->base); | ||
1569 | enum port port; | ||
1570 | |||
1571 | @@ -902,15 +900,6 @@ static void intel_dsi_disable(struct intel_encoder *encoder, | ||
1572 | intel_dsi_vbt_exec_sequence(intel_dsi, MIPI_SEQ_BACKLIGHT_OFF); | ||
1573 | intel_panel_disable_backlight(old_conn_state); | ||
1574 | |||
1575 | - /* | ||
1576 | - * Disable Device ready before the port shutdown in order | ||
1577 | - * to avoid split screen | ||
1578 | - */ | ||
1579 | - if (IS_BROXTON(dev_priv)) { | ||
1580 | - for_each_dsi_port(port, intel_dsi->ports) | ||
1581 | - I915_WRITE(MIPI_DEVICE_READY(port), 0); | ||
1582 | - } | ||
1583 | - | ||
1584 | /* | ||
1585 | * According to the spec we should send SHUTDOWN before | ||
1586 | * MIPI_SEQ_DISPLAY_OFF only for v3+ VBTs, but field testing | ||
1587 | diff --git a/drivers/gpu/drm/radeon/radeon_device.c b/drivers/gpu/drm/radeon/radeon_device.c | ||
1588 | index 997131d58c7f..ffc10cadcf34 100644 | ||
1589 | --- a/drivers/gpu/drm/radeon/radeon_device.c | ||
1590 | +++ b/drivers/gpu/drm/radeon/radeon_device.c | ||
1591 | @@ -1663,7 +1663,7 @@ int radeon_suspend_kms(struct drm_device *dev, bool suspend, | ||
1592 | radeon_agp_suspend(rdev); | ||
1593 | |||
1594 | pci_save_state(dev->pdev); | ||
1595 | - if (freeze && rdev->family >= CHIP_CEDAR) { | ||
1596 | + if (freeze && rdev->family >= CHIP_CEDAR && !(rdev->flags & RADEON_IS_IGP)) { | ||
1597 | rdev->asic->asic_reset(rdev, true); | ||
1598 | pci_restore_state(dev->pdev); | ||
1599 | } else if (suspend) { | ||
1600 | diff --git a/drivers/infiniband/hw/cxgb4/cm.c b/drivers/infiniband/hw/cxgb4/cm.c | ||
1601 | index e49b34c3b136..ca846fbe16c4 100644 | ||
1602 | --- a/drivers/infiniband/hw/cxgb4/cm.c | ||
1603 | +++ b/drivers/infiniband/hw/cxgb4/cm.c | ||
1604 | @@ -2333,9 +2333,14 @@ static int close_listsrv_rpl(struct c4iw_dev *dev, struct sk_buff *skb) | ||
1605 | unsigned int stid = GET_TID(rpl); | ||
1606 | struct c4iw_listen_ep *ep = get_ep_from_stid(dev, stid); | ||
1607 | |||
1608 | + if (!ep) { | ||
1609 | + pr_debug("%s stid %d lookup failure!\n", __func__, stid); | ||
1610 | + goto out; | ||
1611 | + } | ||
1612 | pr_debug("%s ep %p\n", __func__, ep); | ||
1613 | c4iw_wake_up(&ep->com.wr_wait, status2errno(rpl->status)); | ||
1614 | c4iw_put_ep(&ep->com); | ||
1615 | +out: | ||
1616 | return 0; | ||
1617 | } | ||
1618 | |||
1619 | @@ -2594,9 +2599,9 @@ static int pass_accept_req(struct c4iw_dev *dev, struct sk_buff *skb) | ||
1620 | c4iw_put_ep(&child_ep->com); | ||
1621 | reject: | ||
1622 | reject_cr(dev, hwtid, skb); | ||
1623 | +out: | ||
1624 | if (parent_ep) | ||
1625 | c4iw_put_ep(&parent_ep->com); | ||
1626 | -out: | ||
1627 | return 0; | ||
1628 | } | ||
1629 | |||
1630 | @@ -3458,7 +3463,7 @@ int c4iw_create_listen(struct iw_cm_id *cm_id, int backlog) | ||
1631 | cm_id->provider_data = ep; | ||
1632 | goto out; | ||
1633 | } | ||
1634 | - | ||
1635 | + remove_handle(ep->com.dev, &ep->com.dev->stid_idr, ep->stid); | ||
1636 | cxgb4_free_stid(ep->com.dev->rdev.lldi.tids, ep->stid, | ||
1637 | ep->com.local_addr.ss_family); | ||
1638 | fail2: | ||
1639 | diff --git a/drivers/infiniband/ulp/ipoib/ipoib_ib.c b/drivers/infiniband/ulp/ipoib/ipoib_ib.c | ||
1640 | index 2e075377242e..6cd61638b441 100644 | ||
1641 | --- a/drivers/infiniband/ulp/ipoib/ipoib_ib.c | ||
1642 | +++ b/drivers/infiniband/ulp/ipoib/ipoib_ib.c | ||
1643 | @@ -1000,19 +1000,6 @@ static inline int update_parent_pkey(struct ipoib_dev_priv *priv) | ||
1644 | */ | ||
1645 | priv->dev->broadcast[8] = priv->pkey >> 8; | ||
1646 | priv->dev->broadcast[9] = priv->pkey & 0xff; | ||
1647 | - | ||
1648 | - /* | ||
1649 | - * Update the broadcast address in the priv->broadcast object, | ||
1650 | - * in case it already exists, otherwise no one will do that. | ||
1651 | - */ | ||
1652 | - if (priv->broadcast) { | ||
1653 | - spin_lock_irq(&priv->lock); | ||
1654 | - memcpy(priv->broadcast->mcmember.mgid.raw, | ||
1655 | - priv->dev->broadcast + 4, | ||
1656 | - sizeof(union ib_gid)); | ||
1657 | - spin_unlock_irq(&priv->lock); | ||
1658 | - } | ||
1659 | - | ||
1660 | return 0; | ||
1661 | } | ||
1662 | |||
1663 | diff --git a/drivers/md/dm-integrity.c b/drivers/md/dm-integrity.c | ||
1664 | index 3acce09bba35..240941eb3f68 100644 | ||
1665 | --- a/drivers/md/dm-integrity.c | ||
1666 | +++ b/drivers/md/dm-integrity.c | ||
1667 | @@ -1697,7 +1697,11 @@ static void dm_integrity_map_continue(struct dm_integrity_io *dio, bool from_map | ||
1668 | |||
1669 | if (need_sync_io) { | ||
1670 | wait_for_completion_io(&read_comp); | ||
1671 | - integrity_metadata(&dio->work); | ||
1672 | + if (likely(!bio->bi_status)) | ||
1673 | + integrity_metadata(&dio->work); | ||
1674 | + else | ||
1675 | + dec_in_flight(dio); | ||
1676 | + | ||
1677 | } else { | ||
1678 | INIT_WORK(&dio->work, integrity_metadata); | ||
1679 | queue_work(ic->metadata_wq, &dio->work); | ||
1680 | diff --git a/drivers/md/dm-linear.c b/drivers/md/dm-linear.c | ||
1681 | index 41971a090e34..208800610af8 100644 | ||
1682 | --- a/drivers/md/dm-linear.c | ||
1683 | +++ b/drivers/md/dm-linear.c | ||
1684 | @@ -184,20 +184,6 @@ static size_t linear_dax_copy_from_iter(struct dm_target *ti, pgoff_t pgoff, | ||
1685 | return dax_copy_from_iter(dax_dev, pgoff, addr, bytes, i); | ||
1686 | } | ||
1687 | |||
1688 | -static void linear_dax_flush(struct dm_target *ti, pgoff_t pgoff, void *addr, | ||
1689 | - size_t size) | ||
1690 | -{ | ||
1691 | - struct linear_c *lc = ti->private; | ||
1692 | - struct block_device *bdev = lc->dev->bdev; | ||
1693 | - struct dax_device *dax_dev = lc->dev->dax_dev; | ||
1694 | - sector_t dev_sector, sector = pgoff * PAGE_SECTORS; | ||
1695 | - | ||
1696 | - dev_sector = linear_map_sector(ti, sector); | ||
1697 | - if (bdev_dax_pgoff(bdev, dev_sector, ALIGN(size, PAGE_SIZE), &pgoff)) | ||
1698 | - return; | ||
1699 | - dax_flush(dax_dev, pgoff, addr, size); | ||
1700 | -} | ||
1701 | - | ||
1702 | static struct target_type linear_target = { | ||
1703 | .name = "linear", | ||
1704 | .version = {1, 4, 0}, | ||
1705 | @@ -212,7 +198,6 @@ static struct target_type linear_target = { | ||
1706 | .iterate_devices = linear_iterate_devices, | ||
1707 | .direct_access = linear_dax_direct_access, | ||
1708 | .dax_copy_from_iter = linear_dax_copy_from_iter, | ||
1709 | - .dax_flush = linear_dax_flush, | ||
1710 | }; | ||
1711 | |||
1712 | int __init dm_linear_init(void) | ||
1713 | diff --git a/drivers/md/dm-stripe.c b/drivers/md/dm-stripe.c | ||
1714 | index a0375530b07f..1690bb299b3f 100644 | ||
1715 | --- a/drivers/md/dm-stripe.c | ||
1716 | +++ b/drivers/md/dm-stripe.c | ||
1717 | @@ -351,25 +351,6 @@ static size_t stripe_dax_copy_from_iter(struct dm_target *ti, pgoff_t pgoff, | ||
1718 | return dax_copy_from_iter(dax_dev, pgoff, addr, bytes, i); | ||
1719 | } | ||
1720 | |||
1721 | -static void stripe_dax_flush(struct dm_target *ti, pgoff_t pgoff, void *addr, | ||
1722 | - size_t size) | ||
1723 | -{ | ||
1724 | - sector_t dev_sector, sector = pgoff * PAGE_SECTORS; | ||
1725 | - struct stripe_c *sc = ti->private; | ||
1726 | - struct dax_device *dax_dev; | ||
1727 | - struct block_device *bdev; | ||
1728 | - uint32_t stripe; | ||
1729 | - | ||
1730 | - stripe_map_sector(sc, sector, &stripe, &dev_sector); | ||
1731 | - dev_sector += sc->stripe[stripe].physical_start; | ||
1732 | - dax_dev = sc->stripe[stripe].dev->dax_dev; | ||
1733 | - bdev = sc->stripe[stripe].dev->bdev; | ||
1734 | - | ||
1735 | - if (bdev_dax_pgoff(bdev, dev_sector, ALIGN(size, PAGE_SIZE), &pgoff)) | ||
1736 | - return; | ||
1737 | - dax_flush(dax_dev, pgoff, addr, size); | ||
1738 | -} | ||
1739 | - | ||
1740 | /* | ||
1741 | * Stripe status: | ||
1742 | * | ||
1743 | @@ -491,7 +472,6 @@ static struct target_type stripe_target = { | ||
1744 | .io_hints = stripe_io_hints, | ||
1745 | .direct_access = stripe_dax_direct_access, | ||
1746 | .dax_copy_from_iter = stripe_dax_copy_from_iter, | ||
1747 | - .dax_flush = stripe_dax_flush, | ||
1748 | }; | ||
1749 | |||
1750 | int __init dm_stripe_init(void) | ||
1751 | diff --git a/drivers/md/dm.c b/drivers/md/dm.c | ||
1752 | index d669fddd9290..825eaffc24da 100644 | ||
1753 | --- a/drivers/md/dm.c | ||
1754 | +++ b/drivers/md/dm.c | ||
1755 | @@ -987,24 +987,6 @@ static size_t dm_dax_copy_from_iter(struct dax_device *dax_dev, pgoff_t pgoff, | ||
1756 | return ret; | ||
1757 | } | ||
1758 | |||
1759 | -static void dm_dax_flush(struct dax_device *dax_dev, pgoff_t pgoff, void *addr, | ||
1760 | - size_t size) | ||
1761 | -{ | ||
1762 | - struct mapped_device *md = dax_get_private(dax_dev); | ||
1763 | - sector_t sector = pgoff * PAGE_SECTORS; | ||
1764 | - struct dm_target *ti; | ||
1765 | - int srcu_idx; | ||
1766 | - | ||
1767 | - ti = dm_dax_get_live_target(md, sector, &srcu_idx); | ||
1768 | - | ||
1769 | - if (!ti) | ||
1770 | - goto out; | ||
1771 | - if (ti->type->dax_flush) | ||
1772 | - ti->type->dax_flush(ti, pgoff, addr, size); | ||
1773 | - out: | ||
1774 | - dm_put_live_table(md, srcu_idx); | ||
1775 | -} | ||
1776 | - | ||
1777 | /* | ||
1778 | * A target may call dm_accept_partial_bio only from the map routine. It is | ||
1779 | * allowed for all bio types except REQ_PREFLUSH. | ||
1780 | @@ -2992,7 +2974,6 @@ static const struct block_device_operations dm_blk_dops = { | ||
1781 | static const struct dax_operations dm_dax_ops = { | ||
1782 | .direct_access = dm_dax_direct_access, | ||
1783 | .copy_from_iter = dm_dax_copy_from_iter, | ||
1784 | - .flush = dm_dax_flush, | ||
1785 | }; | ||
1786 | |||
1787 | /* | ||
1788 | diff --git a/drivers/md/md.c b/drivers/md/md.c | ||
1789 | index b01e458d31e9..0d993ea63043 100644 | ||
1790 | --- a/drivers/md/md.c | ||
1791 | +++ b/drivers/md/md.c | ||
1792 | @@ -266,6 +266,37 @@ static DEFINE_SPINLOCK(all_mddevs_lock); | ||
1793 | * call has finished, the bio has been linked into some internal structure | ||
1794 | * and so is visible to ->quiesce(), so we don't need the refcount any more. | ||
1795 | */ | ||
1796 | +void md_handle_request(struct mddev *mddev, struct bio *bio) | ||
1797 | +{ | ||
1798 | +check_suspended: | ||
1799 | + rcu_read_lock(); | ||
1800 | + if (mddev->suspended) { | ||
1801 | + DEFINE_WAIT(__wait); | ||
1802 | + for (;;) { | ||
1803 | + prepare_to_wait(&mddev->sb_wait, &__wait, | ||
1804 | + TASK_UNINTERRUPTIBLE); | ||
1805 | + if (!mddev->suspended) | ||
1806 | + break; | ||
1807 | + rcu_read_unlock(); | ||
1808 | + schedule(); | ||
1809 | + rcu_read_lock(); | ||
1810 | + } | ||
1811 | + finish_wait(&mddev->sb_wait, &__wait); | ||
1812 | + } | ||
1813 | + atomic_inc(&mddev->active_io); | ||
1814 | + rcu_read_unlock(); | ||
1815 | + | ||
1816 | + if (!mddev->pers->make_request(mddev, bio)) { | ||
1817 | + atomic_dec(&mddev->active_io); | ||
1818 | + wake_up(&mddev->sb_wait); | ||
1819 | + goto check_suspended; | ||
1820 | + } | ||
1821 | + | ||
1822 | + if (atomic_dec_and_test(&mddev->active_io) && mddev->suspended) | ||
1823 | + wake_up(&mddev->sb_wait); | ||
1824 | +} | ||
1825 | +EXPORT_SYMBOL(md_handle_request); | ||
1826 | + | ||
1827 | static blk_qc_t md_make_request(struct request_queue *q, struct bio *bio) | ||
1828 | { | ||
1829 | const int rw = bio_data_dir(bio); | ||
1830 | @@ -285,23 +316,6 @@ static blk_qc_t md_make_request(struct request_queue *q, struct bio *bio) | ||
1831 | bio_endio(bio); | ||
1832 | return BLK_QC_T_NONE; | ||
1833 | } | ||
1834 | -check_suspended: | ||
1835 | - rcu_read_lock(); | ||
1836 | - if (mddev->suspended) { | ||
1837 | - DEFINE_WAIT(__wait); | ||
1838 | - for (;;) { | ||
1839 | - prepare_to_wait(&mddev->sb_wait, &__wait, | ||
1840 | - TASK_UNINTERRUPTIBLE); | ||
1841 | - if (!mddev->suspended) | ||
1842 | - break; | ||
1843 | - rcu_read_unlock(); | ||
1844 | - schedule(); | ||
1845 | - rcu_read_lock(); | ||
1846 | - } | ||
1847 | - finish_wait(&mddev->sb_wait, &__wait); | ||
1848 | - } | ||
1849 | - atomic_inc(&mddev->active_io); | ||
1850 | - rcu_read_unlock(); | ||
1851 | |||
1852 | /* | ||
1853 | * save the sectors now since our bio can | ||
1854 | @@ -310,20 +324,14 @@ static blk_qc_t md_make_request(struct request_queue *q, struct bio *bio) | ||
1855 | sectors = bio_sectors(bio); | ||
1856 | /* bio could be mergeable after passing to underlayer */ | ||
1857 | bio->bi_opf &= ~REQ_NOMERGE; | ||
1858 | - if (!mddev->pers->make_request(mddev, bio)) { | ||
1859 | - atomic_dec(&mddev->active_io); | ||
1860 | - wake_up(&mddev->sb_wait); | ||
1861 | - goto check_suspended; | ||
1862 | - } | ||
1863 | + | ||
1864 | + md_handle_request(mddev, bio); | ||
1865 | |||
1866 | cpu = part_stat_lock(); | ||
1867 | part_stat_inc(cpu, &mddev->gendisk->part0, ios[rw]); | ||
1868 | part_stat_add(cpu, &mddev->gendisk->part0, sectors[rw], sectors); | ||
1869 | part_stat_unlock(); | ||
1870 | |||
1871 | - if (atomic_dec_and_test(&mddev->active_io) && mddev->suspended) | ||
1872 | - wake_up(&mddev->sb_wait); | ||
1873 | - | ||
1874 | return BLK_QC_T_NONE; | ||
1875 | } | ||
1876 | |||
1877 | @@ -439,16 +447,22 @@ static void md_submit_flush_data(struct work_struct *ws) | ||
1878 | struct mddev *mddev = container_of(ws, struct mddev, flush_work); | ||
1879 | struct bio *bio = mddev->flush_bio; | ||
1880 | |||
1881 | + /* | ||
1882 | + * must reset flush_bio before calling into md_handle_request to avoid a | ||
1883 | + * deadlock, because other bios passed md_handle_request suspend check | ||
1884 | + * could wait for this and below md_handle_request could wait for those | ||
1885 | + * bios because of suspend check | ||
1886 | + */ | ||
1887 | + mddev->flush_bio = NULL; | ||
1888 | + wake_up(&mddev->sb_wait); | ||
1889 | + | ||
1890 | if (bio->bi_iter.bi_size == 0) | ||
1891 | /* an empty barrier - all done */ | ||
1892 | bio_endio(bio); | ||
1893 | else { | ||
1894 | bio->bi_opf &= ~REQ_PREFLUSH; | ||
1895 | - mddev->pers->make_request(mddev, bio); | ||
1896 | + md_handle_request(mddev, bio); | ||
1897 | } | ||
1898 | - | ||
1899 | - mddev->flush_bio = NULL; | ||
1900 | - wake_up(&mddev->sb_wait); | ||
1901 | } | ||
1902 | |||
1903 | void md_flush_request(struct mddev *mddev, struct bio *bio) | ||
1904 | diff --git a/drivers/md/md.h b/drivers/md/md.h | ||
1905 | index 09db03455801..60b09bea886b 100644 | ||
1906 | --- a/drivers/md/md.h | ||
1907 | +++ b/drivers/md/md.h | ||
1908 | @@ -686,6 +686,7 @@ extern void md_stop_writes(struct mddev *mddev); | ||
1909 | extern int md_rdev_init(struct md_rdev *rdev); | ||
1910 | extern void md_rdev_clear(struct md_rdev *rdev); | ||
1911 | |||
1912 | +extern void md_handle_request(struct mddev *mddev, struct bio *bio); | ||
1913 | extern void mddev_suspend(struct mddev *mddev); | ||
1914 | extern void mddev_resume(struct mddev *mddev); | ||
1915 | extern struct bio *bio_alloc_mddev(gfp_t gfp_mask, int nr_iovecs, | ||
1916 | diff --git a/drivers/md/raid5.c b/drivers/md/raid5.c | ||
1917 | index e13a8ce7f589..fc48813eaa08 100644 | ||
1918 | --- a/drivers/md/raid5.c | ||
1919 | +++ b/drivers/md/raid5.c | ||
1920 | @@ -812,6 +812,14 @@ static void stripe_add_to_batch_list(struct r5conf *conf, struct stripe_head *sh | ||
1921 | spin_unlock(&head->batch_head->batch_lock); | ||
1922 | goto unlock_out; | ||
1923 | } | ||
1924 | + /* | ||
1925 | + * We must assign batch_head of this stripe within the | ||
1926 | + * batch_lock, otherwise clear_batch_ready of batch head | ||
1927 | + * stripe could clear BATCH_READY bit of this stripe and | ||
1928 | + * this stripe->batch_head doesn't get assigned, which | ||
1929 | + * could confuse clear_batch_ready for this stripe | ||
1930 | + */ | ||
1931 | + sh->batch_head = head->batch_head; | ||
1932 | |||
1933 | /* | ||
1934 | * at this point, head's BATCH_READY could be cleared, but we | ||
1935 | @@ -819,8 +827,6 @@ static void stripe_add_to_batch_list(struct r5conf *conf, struct stripe_head *sh | ||
1936 | */ | ||
1937 | list_add(&sh->batch_list, &head->batch_list); | ||
1938 | spin_unlock(&head->batch_head->batch_lock); | ||
1939 | - | ||
1940 | - sh->batch_head = head->batch_head; | ||
1941 | } else { | ||
1942 | head->batch_head = head; | ||
1943 | sh->batch_head = head->batch_head; | ||
1944 | @@ -4608,7 +4614,8 @@ static void break_stripe_batch_list(struct stripe_head *head_sh, | ||
1945 | |||
1946 | set_mask_bits(&sh->state, ~(STRIPE_EXPAND_SYNC_FLAGS | | ||
1947 | (1 << STRIPE_PREREAD_ACTIVE) | | ||
1948 | - (1 << STRIPE_DEGRADED)), | ||
1949 | + (1 << STRIPE_DEGRADED) | | ||
1950 | + (1 << STRIPE_ON_UNPLUG_LIST)), | ||
1951 | head_sh->state & (1 << STRIPE_INSYNC)); | ||
1952 | |||
1953 | sh->check_state = head_sh->check_state; | ||
1954 | diff --git a/drivers/mmc/core/queue.c b/drivers/mmc/core/queue.c | ||
1955 | index affa7370ba82..74c663b1c0a7 100644 | ||
1956 | --- a/drivers/mmc/core/queue.c | ||
1957 | +++ b/drivers/mmc/core/queue.c | ||
1958 | @@ -242,6 +242,12 @@ int mmc_init_queue(struct mmc_queue *mq, struct mmc_card *card, | ||
1959 | if (mmc_dev(host)->dma_mask && *mmc_dev(host)->dma_mask) | ||
1960 | limit = (u64)dma_max_pfn(mmc_dev(host)) << PAGE_SHIFT; | ||
1961 | |||
1962 | + /* | ||
1963 | + * mmc_init_request() depends on card->bouncesz so it must be calculated | ||
1964 | + * before blk_init_allocated_queue() starts allocating requests. | ||
1965 | + */ | ||
1966 | + card->bouncesz = mmc_queue_calc_bouncesz(host); | ||
1967 | + | ||
1968 | mq->card = card; | ||
1969 | mq->queue = blk_alloc_queue(GFP_KERNEL); | ||
1970 | if (!mq->queue) | ||
1971 | @@ -265,7 +271,6 @@ int mmc_init_queue(struct mmc_queue *mq, struct mmc_card *card, | ||
1972 | if (mmc_can_erase(card)) | ||
1973 | mmc_queue_setup_discard(mq->queue, card); | ||
1974 | |||
1975 | - card->bouncesz = mmc_queue_calc_bouncesz(host); | ||
1976 | if (card->bouncesz) { | ||
1977 | blk_queue_max_hw_sectors(mq->queue, card->bouncesz / 512); | ||
1978 | blk_queue_max_segments(mq->queue, card->bouncesz / 512); | ||
1979 | diff --git a/drivers/mmc/host/sdhci-pci-core.c b/drivers/mmc/host/sdhci-pci-core.c | ||
1980 | index e1721ac37919..ba8a0f58fe08 100644 | ||
1981 | --- a/drivers/mmc/host/sdhci-pci-core.c | ||
1982 | +++ b/drivers/mmc/host/sdhci-pci-core.c | ||
1983 | @@ -393,6 +393,7 @@ static const struct sdhci_pci_fixes sdhci_intel_pch_sdio = { | ||
1984 | |||
1985 | enum { | ||
1986 | INTEL_DSM_FNS = 0, | ||
1987 | + INTEL_DSM_V18_SWITCH = 3, | ||
1988 | INTEL_DSM_DRV_STRENGTH = 9, | ||
1989 | INTEL_DSM_D3_RETUNE = 10, | ||
1990 | }; | ||
1991 | @@ -558,6 +559,19 @@ static void intel_hs400_enhanced_strobe(struct mmc_host *mmc, | ||
1992 | sdhci_writel(host, val, INTEL_HS400_ES_REG); | ||
1993 | } | ||
1994 | |||
1995 | +static void sdhci_intel_voltage_switch(struct sdhci_host *host) | ||
1996 | +{ | ||
1997 | + struct sdhci_pci_slot *slot = sdhci_priv(host); | ||
1998 | + struct intel_host *intel_host = sdhci_pci_priv(slot); | ||
1999 | + struct device *dev = &slot->chip->pdev->dev; | ||
2000 | + u32 result = 0; | ||
2001 | + int err; | ||
2002 | + | ||
2003 | + err = intel_dsm(intel_host, dev, INTEL_DSM_V18_SWITCH, &result); | ||
2004 | + pr_debug("%s: %s DSM error %d result %u\n", | ||
2005 | + mmc_hostname(host->mmc), __func__, err, result); | ||
2006 | +} | ||
2007 | + | ||
2008 | static const struct sdhci_ops sdhci_intel_byt_ops = { | ||
2009 | .set_clock = sdhci_set_clock, | ||
2010 | .set_power = sdhci_intel_set_power, | ||
2011 | @@ -566,6 +580,7 @@ static const struct sdhci_ops sdhci_intel_byt_ops = { | ||
2012 | .reset = sdhci_reset, | ||
2013 | .set_uhs_signaling = sdhci_set_uhs_signaling, | ||
2014 | .hw_reset = sdhci_pci_hw_reset, | ||
2015 | + .voltage_switch = sdhci_intel_voltage_switch, | ||
2016 | }; | ||
2017 | |||
2018 | static void byt_read_dsm(struct sdhci_pci_slot *slot) | ||
2019 | diff --git a/drivers/mtd/mtdpart.c b/drivers/mtd/mtdpart.c | ||
2020 | index 5736b0c90b33..a308e707392d 100644 | ||
2021 | --- a/drivers/mtd/mtdpart.c | ||
2022 | +++ b/drivers/mtd/mtdpart.c | ||
2023 | @@ -581,6 +581,14 @@ static struct mtd_part *allocate_partition(struct mtd_info *parent, | ||
2024 | slave->mtd.erasesize = parent->erasesize; | ||
2025 | } | ||
2026 | |||
2027 | + /* | ||
2028 | + * Slave erasesize might differ from the master one if the master | ||
2029 | + * exposes several regions with different erasesize. Adjust | ||
2030 | + * wr_alignment accordingly. | ||
2031 | + */ | ||
2032 | + if (!(slave->mtd.flags & MTD_NO_ERASE)) | ||
2033 | + wr_alignment = slave->mtd.erasesize; | ||
2034 | + | ||
2035 | tmp = slave->offset; | ||
2036 | remainder = do_div(tmp, wr_alignment); | ||
2037 | if ((slave->mtd.flags & MTD_WRITEABLE) && remainder) { | ||
2038 | diff --git a/drivers/mtd/nand/atmel/pmecc.c b/drivers/mtd/nand/atmel/pmecc.c | ||
2039 | index 8c210a5776bc..24be19fb9591 100644 | ||
2040 | --- a/drivers/mtd/nand/atmel/pmecc.c | ||
2041 | +++ b/drivers/mtd/nand/atmel/pmecc.c | ||
2042 | @@ -363,7 +363,7 @@ atmel_pmecc_create_user(struct atmel_pmecc *pmecc, | ||
2043 | size += (req->ecc.strength + 1) * sizeof(u16); | ||
2044 | /* Reserve space for mu, dmu and delta. */ | ||
2045 | size = ALIGN(size, sizeof(s32)); | ||
2046 | - size += (req->ecc.strength + 1) * sizeof(s32); | ||
2047 | + size += (req->ecc.strength + 1) * sizeof(s32) * 3; | ||
2048 | |||
2049 | user = kzalloc(size, GFP_KERNEL); | ||
2050 | if (!user) | ||
2051 | diff --git a/drivers/net/wireless/mac80211_hwsim.c b/drivers/net/wireless/mac80211_hwsim.c | ||
2052 | index c8852acc1462..6467ffac9811 100644 | ||
2053 | --- a/drivers/net/wireless/mac80211_hwsim.c | ||
2054 | +++ b/drivers/net/wireless/mac80211_hwsim.c | ||
2055 | @@ -1362,8 +1362,6 @@ static void mac80211_hwsim_tx(struct ieee80211_hw *hw, | ||
2056 | txi->control.rates, | ||
2057 | ARRAY_SIZE(txi->control.rates)); | ||
2058 | |||
2059 | - txi->rate_driver_data[0] = channel; | ||
2060 | - | ||
2061 | if (skb->len >= 24 + 8 && | ||
2062 | ieee80211_is_probe_resp(hdr->frame_control)) { | ||
2063 | /* fake header transmission time */ | ||
2064 | diff --git a/drivers/nvdimm/namespace_devs.c b/drivers/nvdimm/namespace_devs.c | ||
2065 | index 5f1c6756e57c..f49a29abb11f 100644 | ||
2066 | --- a/drivers/nvdimm/namespace_devs.c | ||
2067 | +++ b/drivers/nvdimm/namespace_devs.c | ||
2068 | @@ -1417,6 +1417,15 @@ static int btt_claim_class(struct device *dev) | ||
2069 | struct nvdimm_drvdata *ndd = to_ndd(nd_mapping); | ||
2070 | struct nd_namespace_index *nsindex; | ||
2071 | |||
2072 | + /* | ||
2073 | + * If any of the DIMMs do not support labels the only | ||
2074 | + * possible BTT format is v1. | ||
2075 | + */ | ||
2076 | + if (!ndd) { | ||
2077 | + loop_bitmask = 0; | ||
2078 | + break; | ||
2079 | + } | ||
2080 | + | ||
2081 | nsindex = to_namespace_index(ndd, ndd->ns_current); | ||
2082 | if (nsindex == NULL) | ||
2083 | loop_bitmask |= 1; | ||
2084 | diff --git a/drivers/nvdimm/pmem.c b/drivers/nvdimm/pmem.c | ||
2085 | index f7099adaabc0..88c128258760 100644 | ||
2086 | --- a/drivers/nvdimm/pmem.c | ||
2087 | +++ b/drivers/nvdimm/pmem.c | ||
2088 | @@ -243,16 +243,9 @@ static size_t pmem_copy_from_iter(struct dax_device *dax_dev, pgoff_t pgoff, | ||
2089 | return copy_from_iter_flushcache(addr, bytes, i); | ||
2090 | } | ||
2091 | |||
2092 | -static void pmem_dax_flush(struct dax_device *dax_dev, pgoff_t pgoff, | ||
2093 | - void *addr, size_t size) | ||
2094 | -{ | ||
2095 | - arch_wb_cache_pmem(addr, size); | ||
2096 | -} | ||
2097 | - | ||
2098 | static const struct dax_operations pmem_dax_ops = { | ||
2099 | .direct_access = pmem_dax_direct_access, | ||
2100 | .copy_from_iter = pmem_copy_from_iter, | ||
2101 | - .flush = pmem_dax_flush, | ||
2102 | }; | ||
2103 | |||
2104 | static const struct attribute_group *pmem_attribute_groups[] = { | ||
2105 | diff --git a/drivers/nvme/host/pci.c b/drivers/nvme/host/pci.c | ||
2106 | index ea892e732268..cdf4c0e471b9 100644 | ||
2107 | --- a/drivers/nvme/host/pci.c | ||
2108 | +++ b/drivers/nvme/host/pci.c | ||
2109 | @@ -1609,18 +1609,16 @@ static void nvme_free_host_mem(struct nvme_dev *dev) | ||
2110 | dev->host_mem_descs = NULL; | ||
2111 | } | ||
2112 | |||
2113 | -static int nvme_alloc_host_mem(struct nvme_dev *dev, u64 min, u64 preferred) | ||
2114 | +static int __nvme_alloc_host_mem(struct nvme_dev *dev, u64 preferred, | ||
2115 | + u32 chunk_size) | ||
2116 | { | ||
2117 | struct nvme_host_mem_buf_desc *descs; | ||
2118 | - u32 chunk_size, max_entries, len; | ||
2119 | + u32 max_entries, len; | ||
2120 | dma_addr_t descs_dma; | ||
2121 | int i = 0; | ||
2122 | void **bufs; | ||
2123 | u64 size = 0, tmp; | ||
2124 | |||
2125 | - /* start big and work our way down */ | ||
2126 | - chunk_size = min(preferred, (u64)PAGE_SIZE << MAX_ORDER); | ||
2127 | -retry: | ||
2128 | tmp = (preferred + chunk_size - 1); | ||
2129 | do_div(tmp, chunk_size); | ||
2130 | max_entries = tmp; | ||
2131 | @@ -1647,15 +1645,9 @@ static int nvme_alloc_host_mem(struct nvme_dev *dev, u64 min, u64 preferred) | ||
2132 | i++; | ||
2133 | } | ||
2134 | |||
2135 | - if (!size || (min && size < min)) { | ||
2136 | - dev_warn(dev->ctrl.device, | ||
2137 | - "failed to allocate host memory buffer.\n"); | ||
2138 | + if (!size) | ||
2139 | goto out_free_bufs; | ||
2140 | - } | ||
2141 | |||
2142 | - dev_info(dev->ctrl.device, | ||
2143 | - "allocated %lld MiB host memory buffer.\n", | ||
2144 | - size >> ilog2(SZ_1M)); | ||
2145 | dev->nr_host_mem_descs = i; | ||
2146 | dev->host_mem_size = size; | ||
2147 | dev->host_mem_descs = descs; | ||
2148 | @@ -1676,21 +1668,35 @@ static int nvme_alloc_host_mem(struct nvme_dev *dev, u64 min, u64 preferred) | ||
2149 | dma_free_coherent(dev->dev, max_entries * sizeof(*descs), descs, | ||
2150 | descs_dma); | ||
2151 | out: | ||
2152 | - /* try a smaller chunk size if we failed early */ | ||
2153 | - if (chunk_size >= PAGE_SIZE * 2 && (i == 0 || size < min)) { | ||
2154 | - chunk_size /= 2; | ||
2155 | - goto retry; | ||
2156 | - } | ||
2157 | dev->host_mem_descs = NULL; | ||
2158 | return -ENOMEM; | ||
2159 | } | ||
2160 | |||
2161 | -static void nvme_setup_host_mem(struct nvme_dev *dev) | ||
2162 | +static int nvme_alloc_host_mem(struct nvme_dev *dev, u64 min, u64 preferred) | ||
2163 | +{ | ||
2164 | + u32 chunk_size; | ||
2165 | + | ||
2166 | + /* start big and work our way down */ | ||
2167 | + for (chunk_size = min_t(u64, preferred, PAGE_SIZE * MAX_ORDER_NR_PAGES); | ||
2168 | + chunk_size >= PAGE_SIZE * 2; | ||
2169 | + chunk_size /= 2) { | ||
2170 | + if (!__nvme_alloc_host_mem(dev, preferred, chunk_size)) { | ||
2171 | + if (!min || dev->host_mem_size >= min) | ||
2172 | + return 0; | ||
2173 | + nvme_free_host_mem(dev); | ||
2174 | + } | ||
2175 | + } | ||
2176 | + | ||
2177 | + return -ENOMEM; | ||
2178 | +} | ||
2179 | + | ||
2180 | +static int nvme_setup_host_mem(struct nvme_dev *dev) | ||
2181 | { | ||
2182 | u64 max = (u64)max_host_mem_size_mb * SZ_1M; | ||
2183 | u64 preferred = (u64)dev->ctrl.hmpre * 4096; | ||
2184 | u64 min = (u64)dev->ctrl.hmmin * 4096; | ||
2185 | u32 enable_bits = NVME_HOST_MEM_ENABLE; | ||
2186 | + int ret = 0; | ||
2187 | |||
2188 | preferred = min(preferred, max); | ||
2189 | if (min > max) { | ||
2190 | @@ -1698,7 +1704,7 @@ static void nvme_setup_host_mem(struct nvme_dev *dev) | ||
2191 | "min host memory (%lld MiB) above limit (%d MiB).\n", | ||
2192 | min >> ilog2(SZ_1M), max_host_mem_size_mb); | ||
2193 | nvme_free_host_mem(dev); | ||
2194 | - return; | ||
2195 | + return 0; | ||
2196 | } | ||
2197 | |||
2198 | /* | ||
2199 | @@ -1712,12 +1718,21 @@ static void nvme_setup_host_mem(struct nvme_dev *dev) | ||
2200 | } | ||
2201 | |||
2202 | if (!dev->host_mem_descs) { | ||
2203 | - if (nvme_alloc_host_mem(dev, min, preferred)) | ||
2204 | - return; | ||
2205 | + if (nvme_alloc_host_mem(dev, min, preferred)) { | ||
2206 | + dev_warn(dev->ctrl.device, | ||
2207 | + "failed to allocate host memory buffer.\n"); | ||
2208 | + return 0; /* controller must work without HMB */ | ||
2209 | + } | ||
2210 | + | ||
2211 | + dev_info(dev->ctrl.device, | ||
2212 | + "allocated %lld MiB host memory buffer.\n", | ||
2213 | + dev->host_mem_size >> ilog2(SZ_1M)); | ||
2214 | } | ||
2215 | |||
2216 | - if (nvme_set_host_mem(dev, enable_bits)) | ||
2217 | + ret = nvme_set_host_mem(dev, enable_bits); | ||
2218 | + if (ret) | ||
2219 | nvme_free_host_mem(dev); | ||
2220 | + return ret; | ||
2221 | } | ||
2222 | |||
2223 | static int nvme_setup_io_queues(struct nvme_dev *dev) | ||
2224 | @@ -2161,8 +2176,11 @@ static void nvme_reset_work(struct work_struct *work) | ||
2225 | "unable to allocate dma for dbbuf\n"); | ||
2226 | } | ||
2227 | |||
2228 | - if (dev->ctrl.hmpre) | ||
2229 | - nvme_setup_host_mem(dev); | ||
2230 | + if (dev->ctrl.hmpre) { | ||
2231 | + result = nvme_setup_host_mem(dev); | ||
2232 | + if (result < 0) | ||
2233 | + goto out; | ||
2234 | + } | ||
2235 | |||
2236 | result = nvme_setup_io_queues(dev); | ||
2237 | if (result) | ||
2238 | diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c | ||
2239 | index 2f3780b50723..6337bce27c36 100644 | ||
2240 | --- a/drivers/pci/pci-sysfs.c | ||
2241 | +++ b/drivers/pci/pci-sysfs.c | ||
2242 | @@ -686,7 +686,7 @@ static ssize_t driver_override_store(struct device *dev, | ||
2243 | const char *buf, size_t count) | ||
2244 | { | ||
2245 | struct pci_dev *pdev = to_pci_dev(dev); | ||
2246 | - char *driver_override, *old = pdev->driver_override, *cp; | ||
2247 | + char *driver_override, *old, *cp; | ||
2248 | |||
2249 | /* We need to keep extra room for a newline */ | ||
2250 | if (count >= (PAGE_SIZE - 1)) | ||
2251 | @@ -700,12 +700,15 @@ static ssize_t driver_override_store(struct device *dev, | ||
2252 | if (cp) | ||
2253 | *cp = '\0'; | ||
2254 | |||
2255 | + device_lock(dev); | ||
2256 | + old = pdev->driver_override; | ||
2257 | if (strlen(driver_override)) { | ||
2258 | pdev->driver_override = driver_override; | ||
2259 | } else { | ||
2260 | kfree(driver_override); | ||
2261 | pdev->driver_override = NULL; | ||
2262 | } | ||
2263 | + device_unlock(dev); | ||
2264 | |||
2265 | kfree(old); | ||
2266 | |||
2267 | @@ -716,8 +719,12 @@ static ssize_t driver_override_show(struct device *dev, | ||
2268 | struct device_attribute *attr, char *buf) | ||
2269 | { | ||
2270 | struct pci_dev *pdev = to_pci_dev(dev); | ||
2271 | + ssize_t len; | ||
2272 | |||
2273 | - return snprintf(buf, PAGE_SIZE, "%s\n", pdev->driver_override); | ||
2274 | + device_lock(dev); | ||
2275 | + len = snprintf(buf, PAGE_SIZE, "%s\n", pdev->driver_override); | ||
2276 | + device_unlock(dev); | ||
2277 | + return len; | ||
2278 | } | ||
2279 | static DEVICE_ATTR_RW(driver_override); | ||
2280 | |||
2281 | diff --git a/drivers/platform/x86/fujitsu-laptop.c b/drivers/platform/x86/fujitsu-laptop.c | ||
2282 | index 85de30f93a9c..56a8195096a2 100644 | ||
2283 | --- a/drivers/platform/x86/fujitsu-laptop.c | ||
2284 | +++ b/drivers/platform/x86/fujitsu-laptop.c | ||
2285 | @@ -254,10 +254,12 @@ static int bl_update_status(struct backlight_device *b) | ||
2286 | { | ||
2287 | struct acpi_device *device = bl_get_data(b); | ||
2288 | |||
2289 | - if (b->props.power == FB_BLANK_POWERDOWN) | ||
2290 | - call_fext_func(fext, FUNC_BACKLIGHT, 0x1, 0x4, 0x3); | ||
2291 | - else | ||
2292 | - call_fext_func(fext, FUNC_BACKLIGHT, 0x1, 0x4, 0x0); | ||
2293 | + if (fext) { | ||
2294 | + if (b->props.power == FB_BLANK_POWERDOWN) | ||
2295 | + call_fext_func(fext, FUNC_BACKLIGHT, 0x1, 0x4, 0x3); | ||
2296 | + else | ||
2297 | + call_fext_func(fext, FUNC_BACKLIGHT, 0x1, 0x4, 0x0); | ||
2298 | + } | ||
2299 | |||
2300 | return set_lcd_level(device, b->props.brightness); | ||
2301 | } | ||
2302 | diff --git a/drivers/scsi/aacraid/aachba.c b/drivers/scsi/aacraid/aachba.c | ||
2303 | index b051d97af468..e431ad40b533 100644 | ||
2304 | --- a/drivers/scsi/aacraid/aachba.c | ||
2305 | +++ b/drivers/scsi/aacraid/aachba.c | ||
2306 | @@ -699,13 +699,13 @@ static void _aac_probe_container1(void * context, struct fib * fibptr) | ||
2307 | int status; | ||
2308 | |||
2309 | dresp = (struct aac_mount *) fib_data(fibptr); | ||
2310 | - if (!(fibptr->dev->supplement_adapter_info.supported_options2 & | ||
2311 | - AAC_OPTION_VARIABLE_BLOCK_SIZE)) | ||
2312 | + if (!aac_supports_2T(fibptr->dev)) { | ||
2313 | dresp->mnt[0].capacityhigh = 0; | ||
2314 | - if ((le32_to_cpu(dresp->status) != ST_OK) || | ||
2315 | - (le32_to_cpu(dresp->mnt[0].vol) != CT_NONE)) { | ||
2316 | - _aac_probe_container2(context, fibptr); | ||
2317 | - return; | ||
2318 | + if ((le32_to_cpu(dresp->status) == ST_OK) && | ||
2319 | + (le32_to_cpu(dresp->mnt[0].vol) != CT_NONE)) { | ||
2320 | + _aac_probe_container2(context, fibptr); | ||
2321 | + return; | ||
2322 | + } | ||
2323 | } | ||
2324 | scsicmd = (struct scsi_cmnd *) context; | ||
2325 | |||
2326 | diff --git a/drivers/scsi/aacraid/aacraid.h b/drivers/scsi/aacraid/aacraid.h | ||
2327 | index ee2667e20e42..c9e2170fa22d 100644 | ||
2328 | --- a/drivers/scsi/aacraid/aacraid.h | ||
2329 | +++ b/drivers/scsi/aacraid/aacraid.h | ||
2330 | @@ -2700,6 +2700,11 @@ static inline int aac_is_src(struct aac_dev *dev) | ||
2331 | return 0; | ||
2332 | } | ||
2333 | |||
2334 | +static inline int aac_supports_2T(struct aac_dev *dev) | ||
2335 | +{ | ||
2336 | + return (dev->adapter_info.options & AAC_OPT_NEW_COMM_64); | ||
2337 | +} | ||
2338 | + | ||
2339 | char * get_container_type(unsigned type); | ||
2340 | extern int numacb; | ||
2341 | extern char aac_driver_version[]; | ||
2342 | diff --git a/drivers/scsi/aacraid/src.c b/drivers/scsi/aacraid/src.c | ||
2343 | index 48c2b2b34b72..0c9361c87ec8 100644 | ||
2344 | --- a/drivers/scsi/aacraid/src.c | ||
2345 | +++ b/drivers/scsi/aacraid/src.c | ||
2346 | @@ -740,6 +740,8 @@ static void aac_send_iop_reset(struct aac_dev *dev) | ||
2347 | aac_set_intx_mode(dev); | ||
2348 | |||
2349 | src_writel(dev, MUnit.IDR, IOP_SRC_RESET_MASK); | ||
2350 | + | ||
2351 | + msleep(5000); | ||
2352 | } | ||
2353 | |||
2354 | static void aac_send_hardware_soft_reset(struct aac_dev *dev) | ||
2355 | diff --git a/drivers/scsi/scsi_transport_fc.c b/drivers/scsi/scsi_transport_fc.c | ||
2356 | index 892fbd9800d9..bea06de60827 100644 | ||
2357 | --- a/drivers/scsi/scsi_transport_fc.c | ||
2358 | +++ b/drivers/scsi/scsi_transport_fc.c | ||
2359 | @@ -3550,7 +3550,7 @@ fc_vport_sched_delete(struct work_struct *work) | ||
2360 | static enum blk_eh_timer_return | ||
2361 | fc_bsg_job_timeout(struct request *req) | ||
2362 | { | ||
2363 | - struct bsg_job *job = (void *) req->special; | ||
2364 | + struct bsg_job *job = blk_mq_rq_to_pdu(req); | ||
2365 | struct Scsi_Host *shost = fc_bsg_to_shost(job); | ||
2366 | struct fc_rport *rport = fc_bsg_to_rport(job); | ||
2367 | struct fc_internal *i = to_fc_internal(shost->transportt); | ||
2368 | diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c | ||
2369 | index a424eaeafeb0..c55c6f3147ae 100644 | ||
2370 | --- a/drivers/scsi/scsi_transport_iscsi.c | ||
2371 | +++ b/drivers/scsi/scsi_transport_iscsi.c | ||
2372 | @@ -3689,7 +3689,7 @@ iscsi_if_rx(struct sk_buff *skb) | ||
2373 | uint32_t group; | ||
2374 | |||
2375 | nlh = nlmsg_hdr(skb); | ||
2376 | - if (nlh->nlmsg_len < sizeof(*nlh) || | ||
2377 | + if (nlh->nlmsg_len < sizeof(*nlh) + sizeof(*ev) || | ||
2378 | skb->len < nlh->nlmsg_len) { | ||
2379 | break; | ||
2380 | } | ||
2381 | diff --git a/drivers/video/fbdev/aty/atyfb_base.c b/drivers/video/fbdev/aty/atyfb_base.c | ||
2382 | index b55fdac9c9f5..e4c91d748732 100644 | ||
2383 | --- a/drivers/video/fbdev/aty/atyfb_base.c | ||
2384 | +++ b/drivers/video/fbdev/aty/atyfb_base.c | ||
2385 | @@ -1855,7 +1855,7 @@ static int atyfb_ioctl(struct fb_info *info, u_int cmd, u_long arg) | ||
2386 | #if defined(DEBUG) && defined(CONFIG_FB_ATY_CT) | ||
2387 | case ATYIO_CLKR: | ||
2388 | if (M64_HAS(INTEGRATED)) { | ||
2389 | - struct atyclk clk; | ||
2390 | + struct atyclk clk = { 0 }; | ||
2391 | union aty_pll *pll = &par->pll; | ||
2392 | u32 dsp_config = pll->ct.dsp_config; | ||
2393 | u32 dsp_on_off = pll->ct.dsp_on_off; | ||
2394 | diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c | ||
2395 | index 24bcd5cd9cf2..df77ba89acbe 100644 | ||
2396 | --- a/fs/btrfs/inode.c | ||
2397 | +++ b/fs/btrfs/inode.c | ||
2398 | @@ -135,6 +135,18 @@ static inline void btrfs_cleanup_ordered_extents(struct inode *inode, | ||
2399 | const u64 offset, | ||
2400 | const u64 bytes) | ||
2401 | { | ||
2402 | + unsigned long index = offset >> PAGE_SHIFT; | ||
2403 | + unsigned long end_index = (offset + bytes - 1) >> PAGE_SHIFT; | ||
2404 | + struct page *page; | ||
2405 | + | ||
2406 | + while (index <= end_index) { | ||
2407 | + page = find_get_page(inode->i_mapping, index); | ||
2408 | + index++; | ||
2409 | + if (!page) | ||
2410 | + continue; | ||
2411 | + ClearPagePrivate2(page); | ||
2412 | + put_page(page); | ||
2413 | + } | ||
2414 | return __endio_write_update_ordered(inode, offset + PAGE_SIZE, | ||
2415 | bytes - PAGE_SIZE, false); | ||
2416 | } | ||
2417 | @@ -8297,6 +8309,7 @@ static void __endio_write_update_ordered(struct inode *inode, | ||
2418 | btrfs_work_func_t func; | ||
2419 | u64 ordered_offset = offset; | ||
2420 | u64 ordered_bytes = bytes; | ||
2421 | + u64 last_offset; | ||
2422 | int ret; | ||
2423 | |||
2424 | if (btrfs_is_free_space_inode(BTRFS_I(inode))) { | ||
2425 | @@ -8308,6 +8321,7 @@ static void __endio_write_update_ordered(struct inode *inode, | ||
2426 | } | ||
2427 | |||
2428 | again: | ||
2429 | + last_offset = ordered_offset; | ||
2430 | ret = btrfs_dec_test_first_ordered_pending(inode, &ordered, | ||
2431 | &ordered_offset, | ||
2432 | ordered_bytes, | ||
2433 | @@ -8318,6 +8332,12 @@ static void __endio_write_update_ordered(struct inode *inode, | ||
2434 | btrfs_init_work(&ordered->work, func, finish_ordered_fn, NULL, NULL); | ||
2435 | btrfs_queue_work(wq, &ordered->work); | ||
2436 | out_test: | ||
2437 | + /* | ||
2438 | + * If btrfs_dec_test_ordered_pending does not find any ordered extent | ||
2439 | + * in the range, we can exit. | ||
2440 | + */ | ||
2441 | + if (ordered_offset == last_offset) | ||
2442 | + return; | ||
2443 | /* | ||
2444 | * our bio might span multiple ordered extents. If we haven't | ||
2445 | * completed the accounting for the whole dio, go back and try again | ||
2446 | diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c | ||
2447 | index fa1b78cf25f6..9afd08539519 100644 | ||
2448 | --- a/fs/btrfs/ioctl.c | ||
2449 | +++ b/fs/btrfs/ioctl.c | ||
2450 | @@ -3063,7 +3063,7 @@ static int btrfs_cmp_data_prepare(struct inode *src, u64 loff, | ||
2451 | out: | ||
2452 | if (ret) | ||
2453 | btrfs_cmp_data_free(cmp); | ||
2454 | - return 0; | ||
2455 | + return ret; | ||
2456 | } | ||
2457 | |||
2458 | static int btrfs_cmp_data(u64 len, struct cmp_pages *cmp) | ||
2459 | @@ -4072,6 +4072,10 @@ static long btrfs_ioctl_default_subvol(struct file *file, void __user *argp) | ||
2460 | ret = PTR_ERR(new_root); | ||
2461 | goto out; | ||
2462 | } | ||
2463 | + if (!is_fstree(new_root->objectid)) { | ||
2464 | + ret = -ENOENT; | ||
2465 | + goto out; | ||
2466 | + } | ||
2467 | |||
2468 | path = btrfs_alloc_path(); | ||
2469 | if (!path) { | ||
2470 | diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c | ||
2471 | index 65661d1aae4e..6445de8e9ece 100644 | ||
2472 | --- a/fs/btrfs/relocation.c | ||
2473 | +++ b/fs/btrfs/relocation.c | ||
2474 | @@ -2393,11 +2393,11 @@ void free_reloc_roots(struct list_head *list) | ||
2475 | while (!list_empty(list)) { | ||
2476 | reloc_root = list_entry(list->next, struct btrfs_root, | ||
2477 | root_list); | ||
2478 | + __del_reloc_root(reloc_root); | ||
2479 | free_extent_buffer(reloc_root->node); | ||
2480 | free_extent_buffer(reloc_root->commit_root); | ||
2481 | reloc_root->node = NULL; | ||
2482 | reloc_root->commit_root = NULL; | ||
2483 | - __del_reloc_root(reloc_root); | ||
2484 | } | ||
2485 | } | ||
2486 | |||
2487 | diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c | ||
2488 | index 180b3356ff86..a92bdb89bde3 100644 | ||
2489 | --- a/fs/cifs/cifsfs.c | ||
2490 | +++ b/fs/cifs/cifsfs.c | ||
2491 | @@ -1447,7 +1447,7 @@ exit_cifs(void) | ||
2492 | exit_cifs_idmap(); | ||
2493 | #endif | ||
2494 | #ifdef CONFIG_CIFS_UPCALL | ||
2495 | - unregister_key_type(&cifs_spnego_key_type); | ||
2496 | + exit_cifs_spnego(); | ||
2497 | #endif | ||
2498 | cifs_destroy_request_bufs(); | ||
2499 | cifs_destroy_mids(); | ||
2500 | diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h | ||
2501 | index 221693fe49ec..03b6eae0ae28 100644 | ||
2502 | --- a/fs/cifs/cifsglob.h | ||
2503 | +++ b/fs/cifs/cifsglob.h | ||
2504 | @@ -188,6 +188,8 @@ enum smb_version { | ||
2505 | #ifdef CONFIG_CIFS_SMB311 | ||
2506 | Smb_311, | ||
2507 | #endif /* SMB311 */ | ||
2508 | + Smb_3any, | ||
2509 | + Smb_default, | ||
2510 | Smb_version_err | ||
2511 | }; | ||
2512 | |||
2513 | @@ -1701,6 +1703,10 @@ extern struct smb_version_values smb20_values; | ||
2514 | #define SMB21_VERSION_STRING "2.1" | ||
2515 | extern struct smb_version_operations smb21_operations; | ||
2516 | extern struct smb_version_values smb21_values; | ||
2517 | +#define SMBDEFAULT_VERSION_STRING "default" | ||
2518 | +extern struct smb_version_values smbdefault_values; | ||
2519 | +#define SMB3ANY_VERSION_STRING "3" | ||
2520 | +extern struct smb_version_values smb3any_values; | ||
2521 | #define SMB30_VERSION_STRING "3.0" | ||
2522 | extern struct smb_version_operations smb30_operations; | ||
2523 | extern struct smb_version_values smb30_values; | ||
2524 | diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c | ||
2525 | index 83a8f52cd879..9e12679ffef5 100644 | ||
2526 | --- a/fs/cifs/connect.c | ||
2527 | +++ b/fs/cifs/connect.c | ||
2528 | @@ -301,6 +301,8 @@ static const match_table_t cifs_smb_version_tokens = { | ||
2529 | { Smb_311, SMB311_VERSION_STRING }, | ||
2530 | { Smb_311, ALT_SMB311_VERSION_STRING }, | ||
2531 | #endif /* SMB311 */ | ||
2532 | + { Smb_3any, SMB3ANY_VERSION_STRING }, | ||
2533 | + { Smb_default, SMBDEFAULT_VERSION_STRING }, | ||
2534 | { Smb_version_err, NULL } | ||
2535 | }; | ||
2536 | |||
2537 | @@ -1147,6 +1149,14 @@ cifs_parse_smb_version(char *value, struct smb_vol *vol) | ||
2538 | vol->vals = &smb311_values; | ||
2539 | break; | ||
2540 | #endif /* SMB311 */ | ||
2541 | + case Smb_3any: | ||
2542 | + vol->ops = &smb30_operations; /* currently identical with 3.0 */ | ||
2543 | + vol->vals = &smb3any_values; | ||
2544 | + break; | ||
2545 | + case Smb_default: | ||
2546 | + vol->ops = &smb30_operations; /* currently identical with 3.0 */ | ||
2547 | + vol->vals = &smbdefault_values; | ||
2548 | + break; | ||
2549 | default: | ||
2550 | cifs_dbg(VFS, "Unknown vers= option specified: %s\n", value); | ||
2551 | return 1; | ||
2552 | @@ -1273,9 +1283,9 @@ cifs_parse_mount_options(const char *mountdata, const char *devname, | ||
2553 | |||
2554 | vol->actimeo = CIFS_DEF_ACTIMEO; | ||
2555 | |||
2556 | - /* FIXME: add autonegotiation for SMB3 or later rather than just SMB3 */ | ||
2557 | - vol->ops = &smb30_operations; /* both secure and accepted widely */ | ||
2558 | - vol->vals = &smb30_values; | ||
2559 | + /* offer SMB2.1 and later (SMB3 etc). Secure and widely accepted */ | ||
2560 | + vol->ops = &smb30_operations; | ||
2561 | + vol->vals = &smbdefault_values; | ||
2562 | |||
2563 | vol->echo_interval = SMB_ECHO_INTERVAL_DEFAULT; | ||
2564 | |||
2565 | @@ -1987,11 +1997,10 @@ cifs_parse_mount_options(const char *mountdata, const char *devname, | ||
2566 | |||
2567 | if (got_version == false) | ||
2568 | pr_warn("No dialect specified on mount. Default has changed to " | ||
2569 | - "a more secure dialect, SMB3 (vers=3.0), from CIFS " | ||
2570 | + "a more secure dialect, SMB2.1 or later (e.g. SMB3), from CIFS " | ||
2571 | "(SMB1). To use the less secure SMB1 dialect to access " | ||
2572 | - "old servers which do not support SMB3 specify vers=1.0" | ||
2573 | - " on mount. For somewhat newer servers such as Windows " | ||
2574 | - "7 try vers=2.1.\n"); | ||
2575 | + "old servers which do not support SMB3 (or SMB2.1) specify vers=1.0" | ||
2576 | + " on mount.\n"); | ||
2577 | |||
2578 | kfree(mountdata_copy); | ||
2579 | return 0; | ||
2580 | @@ -2132,6 +2141,7 @@ static int match_server(struct TCP_Server_Info *server, struct smb_vol *vol) | ||
2581 | if (vol->nosharesock) | ||
2582 | return 0; | ||
2583 | |||
2584 | + /* BB update this for smb3any and default case */ | ||
2585 | if ((server->vals != vol->vals) || (server->ops != vol->ops)) | ||
2586 | return 0; | ||
2587 | |||
2588 | @@ -4143,6 +4153,14 @@ cifs_setup_session(const unsigned int xid, struct cifs_ses *ses, | ||
2589 | cifs_dbg(FYI, "Security Mode: 0x%x Capabilities: 0x%x TimeAdjust: %d\n", | ||
2590 | server->sec_mode, server->capabilities, server->timeAdj); | ||
2591 | |||
2592 | + if (ses->auth_key.response) { | ||
2593 | + cifs_dbg(VFS, "Free previous auth_key.response = %p\n", | ||
2594 | + ses->auth_key.response); | ||
2595 | + kfree(ses->auth_key.response); | ||
2596 | + ses->auth_key.response = NULL; | ||
2597 | + ses->auth_key.len = 0; | ||
2598 | + } | ||
2599 | + | ||
2600 | if (server->ops->sess_setup) | ||
2601 | rc = server->ops->sess_setup(xid, ses, nls_info); | ||
2602 | |||
2603 | diff --git a/fs/cifs/file.c b/fs/cifs/file.c | ||
2604 | index bc09df6b473a..c3bf300e7c47 100644 | ||
2605 | --- a/fs/cifs/file.c | ||
2606 | +++ b/fs/cifs/file.c | ||
2607 | @@ -224,6 +224,13 @@ cifs_nt_open(char *full_path, struct inode *inode, struct cifs_sb_info *cifs_sb, | ||
2608 | if (backup_cred(cifs_sb)) | ||
2609 | create_options |= CREATE_OPEN_BACKUP_INTENT; | ||
2610 | |||
2611 | + /* O_SYNC also has bit for O_DSYNC so following check picks up either */ | ||
2612 | + if (f_flags & O_SYNC) | ||
2613 | + create_options |= CREATE_WRITE_THROUGH; | ||
2614 | + | ||
2615 | + if (f_flags & O_DIRECT) | ||
2616 | + create_options |= CREATE_NO_BUFFER; | ||
2617 | + | ||
2618 | oparms.tcon = tcon; | ||
2619 | oparms.cifs_sb = cifs_sb; | ||
2620 | oparms.desired_access = desired_access; | ||
2621 | diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c | ||
2622 | index a8693632235f..7c732cb44164 100644 | ||
2623 | --- a/fs/cifs/inode.c | ||
2624 | +++ b/fs/cifs/inode.c | ||
2625 | @@ -234,6 +234,8 @@ cifs_unix_basic_to_fattr(struct cifs_fattr *fattr, FILE_UNIX_BASIC_INFO *info, | ||
2626 | fattr->cf_atime = cifs_NTtimeToUnix(info->LastAccessTime); | ||
2627 | fattr->cf_mtime = cifs_NTtimeToUnix(info->LastModificationTime); | ||
2628 | fattr->cf_ctime = cifs_NTtimeToUnix(info->LastStatusChange); | ||
2629 | + /* old POSIX extensions don't get create time */ | ||
2630 | + | ||
2631 | fattr->cf_mode = le64_to_cpu(info->Permissions); | ||
2632 | |||
2633 | /* | ||
2634 | @@ -2024,6 +2026,19 @@ int cifs_getattr(const struct path *path, struct kstat *stat, | ||
2635 | stat->blksize = CIFS_MAX_MSGSIZE; | ||
2636 | stat->ino = CIFS_I(inode)->uniqueid; | ||
2637 | |||
2638 | + /* old CIFS Unix Extensions doesn't return create time */ | ||
2639 | + if (CIFS_I(inode)->createtime) { | ||
2640 | + stat->result_mask |= STATX_BTIME; | ||
2641 | + stat->btime = | ||
2642 | + cifs_NTtimeToUnix(cpu_to_le64(CIFS_I(inode)->createtime)); | ||
2643 | + } | ||
2644 | + | ||
2645 | + stat->attributes_mask |= (STATX_ATTR_COMPRESSED | STATX_ATTR_ENCRYPTED); | ||
2646 | + if (CIFS_I(inode)->cifsAttrs & FILE_ATTRIBUTE_COMPRESSED) | ||
2647 | + stat->attributes |= STATX_ATTR_COMPRESSED; | ||
2648 | + if (CIFS_I(inode)->cifsAttrs & FILE_ATTRIBUTE_ENCRYPTED) | ||
2649 | + stat->attributes |= STATX_ATTR_ENCRYPTED; | ||
2650 | + | ||
2651 | /* | ||
2652 | * If on a multiuser mount without unix extensions or cifsacl being | ||
2653 | * enabled, and the admin hasn't overridden them, set the ownership | ||
2654 | diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c | ||
2655 | index cfacf2c97e94..a6c94812cfa3 100644 | ||
2656 | --- a/fs/cifs/smb2ops.c | ||
2657 | +++ b/fs/cifs/smb2ops.c | ||
2658 | @@ -2906,6 +2906,46 @@ struct smb_version_values smb21_values = { | ||
2659 | .create_lease_size = sizeof(struct create_lease), | ||
2660 | }; | ||
2661 | |||
2662 | +struct smb_version_values smb3any_values = { | ||
2663 | + .version_string = SMB3ANY_VERSION_STRING, | ||
2664 | + .protocol_id = SMB302_PROT_ID, /* doesn't matter, send protocol array */ | ||
2665 | + .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION, | ||
2666 | + .large_lock_type = 0, | ||
2667 | + .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE_LOCK, | ||
2668 | + .shared_lock_type = SMB2_LOCKFLAG_SHARED_LOCK, | ||
2669 | + .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK, | ||
2670 | + .header_size = sizeof(struct smb2_hdr), | ||
2671 | + .max_header_size = MAX_SMB2_HDR_SIZE, | ||
2672 | + .read_rsp_size = sizeof(struct smb2_read_rsp) - 1, | ||
2673 | + .lock_cmd = SMB2_LOCK, | ||
2674 | + .cap_unix = 0, | ||
2675 | + .cap_nt_find = SMB2_NT_FIND, | ||
2676 | + .cap_large_files = SMB2_LARGE_FILES, | ||
2677 | + .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED, | ||
2678 | + .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED, | ||
2679 | + .create_lease_size = sizeof(struct create_lease_v2), | ||
2680 | +}; | ||
2681 | + | ||
2682 | +struct smb_version_values smbdefault_values = { | ||
2683 | + .version_string = SMBDEFAULT_VERSION_STRING, | ||
2684 | + .protocol_id = SMB302_PROT_ID, /* doesn't matter, send protocol array */ | ||
2685 | + .req_capabilities = SMB2_GLOBAL_CAP_DFS | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_PERSISTENT_HANDLES | SMB2_GLOBAL_CAP_ENCRYPTION, | ||
2686 | + .large_lock_type = 0, | ||
2687 | + .exclusive_lock_type = SMB2_LOCKFLAG_EXCLUSIVE_LOCK, | ||
2688 | + .shared_lock_type = SMB2_LOCKFLAG_SHARED_LOCK, | ||
2689 | + .unlock_lock_type = SMB2_LOCKFLAG_UNLOCK, | ||
2690 | + .header_size = sizeof(struct smb2_hdr), | ||
2691 | + .max_header_size = MAX_SMB2_HDR_SIZE, | ||
2692 | + .read_rsp_size = sizeof(struct smb2_read_rsp) - 1, | ||
2693 | + .lock_cmd = SMB2_LOCK, | ||
2694 | + .cap_unix = 0, | ||
2695 | + .cap_nt_find = SMB2_NT_FIND, | ||
2696 | + .cap_large_files = SMB2_LARGE_FILES, | ||
2697 | + .signing_enabled = SMB2_NEGOTIATE_SIGNING_ENABLED | SMB2_NEGOTIATE_SIGNING_REQUIRED, | ||
2698 | + .signing_required = SMB2_NEGOTIATE_SIGNING_REQUIRED, | ||
2699 | + .create_lease_size = sizeof(struct create_lease_v2), | ||
2700 | +}; | ||
2701 | + | ||
2702 | struct smb_version_values smb30_values = { | ||
2703 | .version_string = SMB30_VERSION_STRING, | ||
2704 | .protocol_id = SMB30_PROT_ID, | ||
2705 | diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c | ||
2706 | index 7aa67206f6da..ddc633ef6064 100644 | ||
2707 | --- a/fs/cifs/smb2pdu.c | ||
2708 | +++ b/fs/cifs/smb2pdu.c | ||
2709 | @@ -427,7 +427,7 @@ assemble_neg_contexts(struct smb2_negotiate_req *req) | ||
2710 | build_encrypt_ctxt((struct smb2_encryption_neg_context *)pneg_ctxt); | ||
2711 | req->NegotiateContextOffset = cpu_to_le32(OFFSET_OF_NEG_CONTEXT); | ||
2712 | req->NegotiateContextCount = cpu_to_le16(2); | ||
2713 | - inc_rfc1001_len(req, 4 + sizeof(struct smb2_preauth_neg_context) + 2 | ||
2714 | + inc_rfc1001_len(req, 4 + sizeof(struct smb2_preauth_neg_context) | ||
2715 | + sizeof(struct smb2_encryption_neg_context)); /* calculate hash */ | ||
2716 | } | ||
2717 | #else | ||
2718 | @@ -479,10 +479,25 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses) | ||
2719 | |||
2720 | req->hdr.sync_hdr.SessionId = 0; | ||
2721 | |||
2722 | - req->Dialects[0] = cpu_to_le16(ses->server->vals->protocol_id); | ||
2723 | - | ||
2724 | - req->DialectCount = cpu_to_le16(1); /* One vers= at a time for now */ | ||
2725 | - inc_rfc1001_len(req, 2); | ||
2726 | + if (strcmp(ses->server->vals->version_string, | ||
2727 | + SMB3ANY_VERSION_STRING) == 0) { | ||
2728 | + req->Dialects[0] = cpu_to_le16(SMB30_PROT_ID); | ||
2729 | + req->Dialects[1] = cpu_to_le16(SMB302_PROT_ID); | ||
2730 | + req->DialectCount = cpu_to_le16(2); | ||
2731 | + inc_rfc1001_len(req, 4); | ||
2732 | + } else if (strcmp(ses->server->vals->version_string, | ||
2733 | + SMBDEFAULT_VERSION_STRING) == 0) { | ||
2734 | + req->Dialects[0] = cpu_to_le16(SMB21_PROT_ID); | ||
2735 | + req->Dialects[1] = cpu_to_le16(SMB30_PROT_ID); | ||
2736 | + req->Dialects[2] = cpu_to_le16(SMB302_PROT_ID); | ||
2737 | + req->DialectCount = cpu_to_le16(3); | ||
2738 | + inc_rfc1001_len(req, 6); | ||
2739 | + } else { | ||
2740 | + /* otherwise send specific dialect */ | ||
2741 | + req->Dialects[0] = cpu_to_le16(ses->server->vals->protocol_id); | ||
2742 | + req->DialectCount = cpu_to_le16(1); | ||
2743 | + inc_rfc1001_len(req, 2); | ||
2744 | + } | ||
2745 | |||
2746 | /* only one of SMB2 signing flags may be set in SMB2 request */ | ||
2747 | if (ses->sign) | ||
2748 | @@ -516,16 +531,43 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses) | ||
2749 | */ | ||
2750 | if (rc == -EOPNOTSUPP) { | ||
2751 | cifs_dbg(VFS, "Dialect not supported by server. Consider " | ||
2752 | - "specifying vers=1.0 or vers=2.1 on mount for accessing" | ||
2753 | + "specifying vers=1.0 or vers=2.0 on mount for accessing" | ||
2754 | " older servers\n"); | ||
2755 | goto neg_exit; | ||
2756 | } else if (rc != 0) | ||
2757 | goto neg_exit; | ||
2758 | |||
2759 | + if (strcmp(ses->server->vals->version_string, | ||
2760 | + SMB3ANY_VERSION_STRING) == 0) { | ||
2761 | + if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) { | ||
2762 | + cifs_dbg(VFS, | ||
2763 | + "SMB2 dialect returned but not requested\n"); | ||
2764 | + return -EIO; | ||
2765 | + } else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) { | ||
2766 | + cifs_dbg(VFS, | ||
2767 | + "SMB2.1 dialect returned but not requested\n"); | ||
2768 | + return -EIO; | ||
2769 | + } | ||
2770 | + } else if (strcmp(ses->server->vals->version_string, | ||
2771 | + SMBDEFAULT_VERSION_STRING) == 0) { | ||
2772 | + if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) { | ||
2773 | + cifs_dbg(VFS, | ||
2774 | + "SMB2 dialect returned but not requested\n"); | ||
2775 | + return -EIO; | ||
2776 | + } else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) { | ||
2777 | + /* ops set to 3.0 by default for default so update */ | ||
2778 | + ses->server->ops = &smb21_operations; | ||
2779 | + } | ||
2780 | + } else if (le16_to_cpu(rsp->DialectRevision) != | ||
2781 | + ses->server->vals->protocol_id) { | ||
2782 | + /* if requested single dialect ensure returned dialect matched */ | ||
2783 | + cifs_dbg(VFS, "Illegal 0x%x dialect returned: not requested\n", | ||
2784 | + le16_to_cpu(rsp->DialectRevision)); | ||
2785 | + return -EIO; | ||
2786 | + } | ||
2787 | + | ||
2788 | cifs_dbg(FYI, "mode 0x%x\n", rsp->SecurityMode); | ||
2789 | |||
2790 | - /* BB we may eventually want to match the negotiated vs. requested | ||
2791 | - dialect, even though we are only requesting one at a time */ | ||
2792 | if (rsp->DialectRevision == cpu_to_le16(SMB20_PROT_ID)) | ||
2793 | cifs_dbg(FYI, "negotiated smb2.0 dialect\n"); | ||
2794 | else if (rsp->DialectRevision == cpu_to_le16(SMB21_PROT_ID)) | ||
2795 | @@ -546,6 +588,8 @@ SMB2_negotiate(const unsigned int xid, struct cifs_ses *ses) | ||
2796 | } | ||
2797 | server->dialect = le16_to_cpu(rsp->DialectRevision); | ||
2798 | |||
2799 | + /* BB: add check that dialect was valid given dialect(s) we asked for */ | ||
2800 | + | ||
2801 | /* SMB2 only has an extended negflavor */ | ||
2802 | server->negflavor = CIFS_NEGFLAVOR_EXTENDED; | ||
2803 | /* set it to the maximum buffer size value we can send with 1 credit */ | ||
2804 | @@ -594,20 +638,28 @@ int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon) | ||
2805 | struct validate_negotiate_info_req vneg_inbuf; | ||
2806 | struct validate_negotiate_info_rsp *pneg_rsp; | ||
2807 | u32 rsplen; | ||
2808 | + u32 inbuflen; /* max of 4 dialects */ | ||
2809 | |||
2810 | cifs_dbg(FYI, "validate negotiate\n"); | ||
2811 | |||
2812 | /* | ||
2813 | * validation ioctl must be signed, so no point sending this if we | ||
2814 | - * can not sign it. We could eventually change this to selectively | ||
2815 | + * can not sign it (ie are not known user). Even if signing is not | ||
2816 | + * required (enabled but not negotiated), in those cases we selectively | ||
2817 | * sign just this, the first and only signed request on a connection. | ||
2818 | - * This is good enough for now since a user who wants better security | ||
2819 | - * would also enable signing on the mount. Having validation of | ||
2820 | - * negotiate info for signed connections helps reduce attack vectors | ||
2821 | + * Having validation of negotiate info helps reduce attack vectors. | ||
2822 | */ | ||
2823 | - if (tcon->ses->server->sign == false) | ||
2824 | + if (tcon->ses->session_flags & SMB2_SESSION_FLAG_IS_GUEST) | ||
2825 | return 0; /* validation requires signing */ | ||
2826 | |||
2827 | + if (tcon->ses->user_name == NULL) { | ||
2828 | + cifs_dbg(FYI, "Can't validate negotiate: null user mount\n"); | ||
2829 | + return 0; /* validation requires signing */ | ||
2830 | + } | ||
2831 | + | ||
2832 | + if (tcon->ses->session_flags & SMB2_SESSION_FLAG_IS_NULL) | ||
2833 | + cifs_dbg(VFS, "Unexpected null user (anonymous) auth flag sent by server\n"); | ||
2834 | + | ||
2835 | vneg_inbuf.Capabilities = | ||
2836 | cpu_to_le32(tcon->ses->server->vals->req_capabilities); | ||
2837 | memcpy(vneg_inbuf.Guid, tcon->ses->server->client_guid, | ||
2838 | @@ -622,9 +674,30 @@ int smb3_validate_negotiate(const unsigned int xid, struct cifs_tcon *tcon) | ||
2839 | else | ||
2840 | vneg_inbuf.SecurityMode = 0; | ||
2841 | |||
2842 | - vneg_inbuf.DialectCount = cpu_to_le16(1); | ||
2843 | - vneg_inbuf.Dialects[0] = | ||
2844 | - cpu_to_le16(tcon->ses->server->vals->protocol_id); | ||
2845 | + | ||
2846 | + if (strcmp(tcon->ses->server->vals->version_string, | ||
2847 | + SMB3ANY_VERSION_STRING) == 0) { | ||
2848 | + vneg_inbuf.Dialects[0] = cpu_to_le16(SMB30_PROT_ID); | ||
2849 | + vneg_inbuf.Dialects[1] = cpu_to_le16(SMB302_PROT_ID); | ||
2850 | + vneg_inbuf.DialectCount = cpu_to_le16(2); | ||
2851 | + /* structure is big enough for 3 dialects, sending only 2 */ | ||
2852 | + inbuflen = sizeof(struct validate_negotiate_info_req) - 2; | ||
2853 | + } else if (strcmp(tcon->ses->server->vals->version_string, | ||
2854 | + SMBDEFAULT_VERSION_STRING) == 0) { | ||
2855 | + vneg_inbuf.Dialects[0] = cpu_to_le16(SMB21_PROT_ID); | ||
2856 | + vneg_inbuf.Dialects[1] = cpu_to_le16(SMB30_PROT_ID); | ||
2857 | + vneg_inbuf.Dialects[2] = cpu_to_le16(SMB302_PROT_ID); | ||
2858 | + vneg_inbuf.DialectCount = cpu_to_le16(3); | ||
2859 | + /* structure is big enough for 3 dialects */ | ||
2860 | + inbuflen = sizeof(struct validate_negotiate_info_req); | ||
2861 | + } else { | ||
2862 | + /* otherwise specific dialect was requested */ | ||
2863 | + vneg_inbuf.Dialects[0] = | ||
2864 | + cpu_to_le16(tcon->ses->server->vals->protocol_id); | ||
2865 | + vneg_inbuf.DialectCount = cpu_to_le16(1); | ||
2866 | + /* structure is big enough for 3 dialects, sending only 1 */ | ||
2867 | + inbuflen = sizeof(struct validate_negotiate_info_req) - 4; | ||
2868 | + } | ||
2869 | |||
2870 | rc = SMB2_ioctl(xid, tcon, NO_FILE_ID, NO_FILE_ID, | ||
2871 | FSCTL_VALIDATE_NEGOTIATE_INFO, true /* is_fsctl */, | ||
2872 | @@ -1098,6 +1171,8 @@ SMB2_sess_setup(const unsigned int xid, struct cifs_ses *ses, | ||
2873 | while (sess_data->func) | ||
2874 | sess_data->func(sess_data); | ||
2875 | |||
2876 | + if ((ses->session_flags & SMB2_SESSION_FLAG_IS_GUEST) && (ses->sign)) | ||
2877 | + cifs_dbg(VFS, "signing requested but authenticated as guest\n"); | ||
2878 | rc = sess_data->result; | ||
2879 | out: | ||
2880 | kfree(sess_data); | ||
2881 | @@ -1622,7 +1697,7 @@ SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path, | ||
2882 | struct cifs_tcon *tcon = oparms->tcon; | ||
2883 | struct cifs_ses *ses = tcon->ses; | ||
2884 | struct kvec iov[4]; | ||
2885 | - struct kvec rsp_iov; | ||
2886 | + struct kvec rsp_iov = {NULL, 0}; | ||
2887 | int resp_buftype; | ||
2888 | int uni_path_len; | ||
2889 | __le16 *copy_path = NULL; | ||
2890 | @@ -1751,7 +1826,7 @@ SMB2_open(const unsigned int xid, struct cifs_open_parms *oparms, __le16 *path, | ||
2891 | |||
2892 | if (rc != 0) { | ||
2893 | cifs_stats_fail_inc(tcon, SMB2_CREATE_HE); | ||
2894 | - if (err_buf) | ||
2895 | + if (err_buf && rsp) | ||
2896 | *err_buf = kmemdup(rsp, get_rfc1002_length(rsp) + 4, | ||
2897 | GFP_KERNEL); | ||
2898 | goto creat_exit; | ||
2899 | diff --git a/fs/cifs/smb2pdu.h b/fs/cifs/smb2pdu.h | ||
2900 | index 2826882c81d1..46b6cbce9675 100644 | ||
2901 | --- a/fs/cifs/smb2pdu.h | ||
2902 | +++ b/fs/cifs/smb2pdu.h | ||
2903 | @@ -716,7 +716,7 @@ struct validate_negotiate_info_req { | ||
2904 | __u8 Guid[SMB2_CLIENT_GUID_SIZE]; | ||
2905 | __le16 SecurityMode; | ||
2906 | __le16 DialectCount; | ||
2907 | - __le16 Dialects[1]; /* dialect (someday maybe list) client asked for */ | ||
2908 | + __le16 Dialects[3]; /* BB expand this if autonegotiate > 3 dialects */ | ||
2909 | } __packed; | ||
2910 | |||
2911 | struct validate_negotiate_info_rsp { | ||
2912 | diff --git a/fs/dax.c b/fs/dax.c | ||
2913 | index ab925dc6647a..ede5bc978db3 100644 | ||
2914 | --- a/fs/dax.c | ||
2915 | +++ b/fs/dax.c | ||
2916 | @@ -786,7 +786,7 @@ static int dax_writeback_one(struct block_device *bdev, | ||
2917 | } | ||
2918 | |||
2919 | dax_mapping_entry_mkclean(mapping, index, pfn_t_to_pfn(pfn)); | ||
2920 | - dax_flush(dax_dev, pgoff, kaddr, size); | ||
2921 | + dax_flush(dax_dev, kaddr, size); | ||
2922 | /* | ||
2923 | * After we have flushed the cache, we can clear the dirty tag. There | ||
2924 | * cannot be new dirty data in the pfn after the flush has completed as | ||
2925 | @@ -981,7 +981,7 @@ int __dax_zero_page_range(struct block_device *bdev, | ||
2926 | return rc; | ||
2927 | } | ||
2928 | memset(kaddr + offset, 0, size); | ||
2929 | - dax_flush(dax_dev, pgoff, kaddr + offset, size); | ||
2930 | + dax_flush(dax_dev, kaddr + offset, size); | ||
2931 | dax_read_unlock(id); | ||
2932 | } | ||
2933 | return 0; | ||
2934 | diff --git a/fs/gfs2/glock.c b/fs/gfs2/glock.c | ||
2935 | index c38ab6c81898..410714c9eff7 100644 | ||
2936 | --- a/fs/gfs2/glock.c | ||
2937 | +++ b/fs/gfs2/glock.c | ||
2938 | @@ -1863,13 +1863,9 @@ static void *gfs2_glock_seq_start(struct seq_file *seq, loff_t *pos) | ||
2939 | { | ||
2940 | struct gfs2_glock_iter *gi = seq->private; | ||
2941 | loff_t n = *pos; | ||
2942 | - int ret; | ||
2943 | - | ||
2944 | - if (gi->last_pos <= *pos) | ||
2945 | - n = (*pos - gi->last_pos); | ||
2946 | |||
2947 | - ret = rhashtable_walk_start(&gi->hti); | ||
2948 | - if (ret) | ||
2949 | + rhashtable_walk_enter(&gl_hash_table, &gi->hti); | ||
2950 | + if (rhashtable_walk_start(&gi->hti) != 0) | ||
2951 | return NULL; | ||
2952 | |||
2953 | do { | ||
2954 | @@ -1877,6 +1873,7 @@ static void *gfs2_glock_seq_start(struct seq_file *seq, loff_t *pos) | ||
2955 | } while (gi->gl && n--); | ||
2956 | |||
2957 | gi->last_pos = *pos; | ||
2958 | + | ||
2959 | return gi->gl; | ||
2960 | } | ||
2961 | |||
2962 | @@ -1888,6 +1885,7 @@ static void *gfs2_glock_seq_next(struct seq_file *seq, void *iter_ptr, | ||
2963 | (*pos)++; | ||
2964 | gi->last_pos = *pos; | ||
2965 | gfs2_glock_iter_next(gi); | ||
2966 | + | ||
2967 | return gi->gl; | ||
2968 | } | ||
2969 | |||
2970 | @@ -1897,6 +1895,7 @@ static void gfs2_glock_seq_stop(struct seq_file *seq, void *iter_ptr) | ||
2971 | |||
2972 | gi->gl = NULL; | ||
2973 | rhashtable_walk_stop(&gi->hti); | ||
2974 | + rhashtable_walk_exit(&gi->hti); | ||
2975 | } | ||
2976 | |||
2977 | static int gfs2_glock_seq_show(struct seq_file *seq, void *iter_ptr) | ||
2978 | @@ -1959,12 +1958,10 @@ static int __gfs2_glocks_open(struct inode *inode, struct file *file, | ||
2979 | struct gfs2_glock_iter *gi = seq->private; | ||
2980 | |||
2981 | gi->sdp = inode->i_private; | ||
2982 | - gi->last_pos = 0; | ||
2983 | seq->buf = kmalloc(GFS2_SEQ_GOODSIZE, GFP_KERNEL | __GFP_NOWARN); | ||
2984 | if (seq->buf) | ||
2985 | seq->size = GFS2_SEQ_GOODSIZE; | ||
2986 | gi->gl = NULL; | ||
2987 | - rhashtable_walk_enter(&gl_hash_table, &gi->hti); | ||
2988 | } | ||
2989 | return ret; | ||
2990 | } | ||
2991 | @@ -1980,7 +1977,6 @@ static int gfs2_glocks_release(struct inode *inode, struct file *file) | ||
2992 | struct gfs2_glock_iter *gi = seq->private; | ||
2993 | |||
2994 | gi->gl = NULL; | ||
2995 | - rhashtable_walk_exit(&gi->hti); | ||
2996 | return seq_release_private(inode, file); | ||
2997 | } | ||
2998 | |||
2999 | diff --git a/fs/proc/array.c b/fs/proc/array.c | ||
3000 | index 88c355574aa0..525157ca25cb 100644 | ||
3001 | --- a/fs/proc/array.c | ||
3002 | +++ b/fs/proc/array.c | ||
3003 | @@ -62,6 +62,7 @@ | ||
3004 | #include <linux/mman.h> | ||
3005 | #include <linux/sched/mm.h> | ||
3006 | #include <linux/sched/numa_balancing.h> | ||
3007 | +#include <linux/sched/task_stack.h> | ||
3008 | #include <linux/sched/task.h> | ||
3009 | #include <linux/sched/cputime.h> | ||
3010 | #include <linux/proc_fs.h> | ||
3011 | @@ -421,7 +422,15 @@ static int do_task_stat(struct seq_file *m, struct pid_namespace *ns, | ||
3012 | * esp and eip are intentionally zeroed out. There is no | ||
3013 | * non-racy way to read them without freezing the task. | ||
3014 | * Programs that need reliable values can use ptrace(2). | ||
3015 | + * | ||
3016 | + * The only exception is if the task is core dumping because | ||
3017 | + * a program is not able to use ptrace(2) in that case. It is | ||
3018 | + * safe because the task has stopped executing permanently. | ||
3019 | */ | ||
3020 | + if (permitted && (task->flags & PF_DUMPCORE)) { | ||
3021 | + eip = KSTK_EIP(task); | ||
3022 | + esp = KSTK_ESP(task); | ||
3023 | + } | ||
3024 | } | ||
3025 | |||
3026 | get_task_comm(tcomm, task); | ||
3027 | diff --git a/fs/read_write.c b/fs/read_write.c | ||
3028 | index 0cc7033aa413..52872c1e57dd 100644 | ||
3029 | --- a/fs/read_write.c | ||
3030 | +++ b/fs/read_write.c | ||
3031 | @@ -112,7 +112,7 @@ generic_file_llseek_size(struct file *file, loff_t offset, int whence, | ||
3032 | * In the generic case the entire file is data, so as long as | ||
3033 | * offset isn't at the end of the file then the offset is data. | ||
3034 | */ | ||
3035 | - if (offset >= eof) | ||
3036 | + if ((unsigned long long)offset >= eof) | ||
3037 | return -ENXIO; | ||
3038 | break; | ||
3039 | case SEEK_HOLE: | ||
3040 | @@ -120,7 +120,7 @@ generic_file_llseek_size(struct file *file, loff_t offset, int whence, | ||
3041 | * There is a virtual hole at the end of the file, so as long as | ||
3042 | * offset isn't i_size or larger, return i_size. | ||
3043 | */ | ||
3044 | - if (offset >= eof) | ||
3045 | + if ((unsigned long long)offset >= eof) | ||
3046 | return -ENXIO; | ||
3047 | offset = eof; | ||
3048 | break; | ||
3049 | diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c | ||
3050 | index 5049e8ab6e30..aa75389be8cf 100644 | ||
3051 | --- a/fs/xfs/xfs_ioctl.c | ||
3052 | +++ b/fs/xfs/xfs_ioctl.c | ||
3053 | @@ -1088,6 +1088,7 @@ xfs_ioctl_setattr_dax_invalidate( | ||
3054 | int *join_flags) | ||
3055 | { | ||
3056 | struct inode *inode = VFS_I(ip); | ||
3057 | + struct super_block *sb = inode->i_sb; | ||
3058 | int error; | ||
3059 | |||
3060 | *join_flags = 0; | ||
3061 | @@ -1100,7 +1101,7 @@ xfs_ioctl_setattr_dax_invalidate( | ||
3062 | if (fa->fsx_xflags & FS_XFLAG_DAX) { | ||
3063 | if (!(S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode))) | ||
3064 | return -EINVAL; | ||
3065 | - if (ip->i_mount->m_sb.sb_blocksize != PAGE_SIZE) | ||
3066 | + if (bdev_dax_supported(sb, sb->s_blocksize) < 0) | ||
3067 | return -EINVAL; | ||
3068 | } | ||
3069 | |||
3070 | diff --git a/include/linux/dax.h b/include/linux/dax.h | ||
3071 | index df97b7af7e2c..0d8f35f6c53d 100644 | ||
3072 | --- a/include/linux/dax.h | ||
3073 | +++ b/include/linux/dax.h | ||
3074 | @@ -19,8 +19,6 @@ struct dax_operations { | ||
3075 | /* copy_from_iter: required operation for fs-dax direct-i/o */ | ||
3076 | size_t (*copy_from_iter)(struct dax_device *, pgoff_t, void *, size_t, | ||
3077 | struct iov_iter *); | ||
3078 | - /* flush: optional driver-specific cache management after writes */ | ||
3079 | - void (*flush)(struct dax_device *, pgoff_t, void *, size_t); | ||
3080 | }; | ||
3081 | |||
3082 | extern struct attribute_group dax_attribute_group; | ||
3083 | @@ -84,8 +82,7 @@ long dax_direct_access(struct dax_device *dax_dev, pgoff_t pgoff, long nr_pages, | ||
3084 | void **kaddr, pfn_t *pfn); | ||
3085 | size_t dax_copy_from_iter(struct dax_device *dax_dev, pgoff_t pgoff, void *addr, | ||
3086 | size_t bytes, struct iov_iter *i); | ||
3087 | -void dax_flush(struct dax_device *dax_dev, pgoff_t pgoff, void *addr, | ||
3088 | - size_t size); | ||
3089 | +void dax_flush(struct dax_device *dax_dev, void *addr, size_t size); | ||
3090 | void dax_write_cache(struct dax_device *dax_dev, bool wc); | ||
3091 | bool dax_write_cache_enabled(struct dax_device *dax_dev); | ||
3092 | |||
3093 | diff --git a/include/linux/device-mapper.h b/include/linux/device-mapper.h | ||
3094 | index 4f2b3b2076c4..17c378ecbbdd 100644 | ||
3095 | --- a/include/linux/device-mapper.h | ||
3096 | +++ b/include/linux/device-mapper.h | ||
3097 | @@ -134,8 +134,6 @@ typedef long (*dm_dax_direct_access_fn) (struct dm_target *ti, pgoff_t pgoff, | ||
3098 | long nr_pages, void **kaddr, pfn_t *pfn); | ||
3099 | typedef size_t (*dm_dax_copy_from_iter_fn)(struct dm_target *ti, pgoff_t pgoff, | ||
3100 | void *addr, size_t bytes, struct iov_iter *i); | ||
3101 | -typedef void (*dm_dax_flush_fn)(struct dm_target *ti, pgoff_t pgoff, void *addr, | ||
3102 | - size_t size); | ||
3103 | #define PAGE_SECTORS (PAGE_SIZE / 512) | ||
3104 | |||
3105 | void dm_error(const char *message); | ||
3106 | @@ -186,7 +184,6 @@ struct target_type { | ||
3107 | dm_io_hints_fn io_hints; | ||
3108 | dm_dax_direct_access_fn direct_access; | ||
3109 | dm_dax_copy_from_iter_fn dax_copy_from_iter; | ||
3110 | - dm_dax_flush_fn dax_flush; | ||
3111 | |||
3112 | /* For internal device-mapper use. */ | ||
3113 | struct list_head list; | ||
3114 | diff --git a/include/linux/key.h b/include/linux/key.h | ||
3115 | index 044114185120..e315e16b6ff8 100644 | ||
3116 | --- a/include/linux/key.h | ||
3117 | +++ b/include/linux/key.h | ||
3118 | @@ -187,6 +187,7 @@ struct key { | ||
3119 | #define KEY_FLAG_BUILTIN 8 /* set if key is built in to the kernel */ | ||
3120 | #define KEY_FLAG_ROOT_CAN_INVAL 9 /* set if key can be invalidated by root without permission */ | ||
3121 | #define KEY_FLAG_KEEP 10 /* set if key should not be removed */ | ||
3122 | +#define KEY_FLAG_UID_KEYRING 11 /* set if key is a user or user session keyring */ | ||
3123 | |||
3124 | /* the key type and key description string | ||
3125 | * - the desc is used to match a key against search criteria | ||
3126 | @@ -243,6 +244,7 @@ extern struct key *key_alloc(struct key_type *type, | ||
3127 | #define KEY_ALLOC_NOT_IN_QUOTA 0x0002 /* not in quota */ | ||
3128 | #define KEY_ALLOC_BUILT_IN 0x0004 /* Key is built into kernel */ | ||
3129 | #define KEY_ALLOC_BYPASS_RESTRICTION 0x0008 /* Override the check on restricted keyrings */ | ||
3130 | +#define KEY_ALLOC_UID_KEYRING 0x0010 /* allocating a user or user session keyring */ | ||
3131 | |||
3132 | extern void key_revoke(struct key *key); | ||
3133 | extern void key_invalidate(struct key *key); | ||
3134 | diff --git a/include/net/mac80211.h b/include/net/mac80211.h | ||
3135 | index f8149ca192b4..885690fa39c8 100644 | ||
3136 | --- a/include/net/mac80211.h | ||
3137 | +++ b/include/net/mac80211.h | ||
3138 | @@ -919,21 +919,10 @@ struct ieee80211_tx_info { | ||
3139 | unsigned long jiffies; | ||
3140 | }; | ||
3141 | /* NB: vif can be NULL for injected frames */ | ||
3142 | - union { | ||
3143 | - /* NB: vif can be NULL for injected frames */ | ||
3144 | - struct ieee80211_vif *vif; | ||
3145 | - | ||
3146 | - /* When packets are enqueued on txq it's easy | ||
3147 | - * to re-construct the vif pointer. There's no | ||
3148 | - * more space in tx_info so it can be used to | ||
3149 | - * store the necessary enqueue time for packet | ||
3150 | - * sojourn time computation. | ||
3151 | - */ | ||
3152 | - codel_time_t enqueue_time; | ||
3153 | - }; | ||
3154 | + struct ieee80211_vif *vif; | ||
3155 | struct ieee80211_key_conf *hw_key; | ||
3156 | u32 flags; | ||
3157 | - /* 4 bytes free */ | ||
3158 | + codel_time_t enqueue_time; | ||
3159 | } control; | ||
3160 | struct { | ||
3161 | u64 cookie; | ||
3162 | diff --git a/kernel/exit.c b/kernel/exit.c | ||
3163 | index c5548faa9f37..6d31fc5ba50d 100644 | ||
3164 | --- a/kernel/exit.c | ||
3165 | +++ b/kernel/exit.c | ||
3166 | @@ -1601,12 +1601,10 @@ SYSCALL_DEFINE5(waitid, int, which, pid_t, upid, struct siginfo __user *, | ||
3167 | struct waitid_info info = {.status = 0}; | ||
3168 | long err = kernel_waitid(which, upid, &info, options, ru ? &r : NULL); | ||
3169 | int signo = 0; | ||
3170 | + | ||
3171 | if (err > 0) { | ||
3172 | signo = SIGCHLD; | ||
3173 | err = 0; | ||
3174 | - } | ||
3175 | - | ||
3176 | - if (!err) { | ||
3177 | if (ru && copy_to_user(ru, &r, sizeof(struct rusage))) | ||
3178 | return -EFAULT; | ||
3179 | } | ||
3180 | @@ -1724,16 +1722,15 @@ COMPAT_SYSCALL_DEFINE5(waitid, | ||
3181 | if (err > 0) { | ||
3182 | signo = SIGCHLD; | ||
3183 | err = 0; | ||
3184 | - } | ||
3185 | - | ||
3186 | - if (!err && uru) { | ||
3187 | - /* kernel_waitid() overwrites everything in ru */ | ||
3188 | - if (COMPAT_USE_64BIT_TIME) | ||
3189 | - err = copy_to_user(uru, &ru, sizeof(ru)); | ||
3190 | - else | ||
3191 | - err = put_compat_rusage(&ru, uru); | ||
3192 | - if (err) | ||
3193 | - return -EFAULT; | ||
3194 | + if (uru) { | ||
3195 | + /* kernel_waitid() overwrites everything in ru */ | ||
3196 | + if (COMPAT_USE_64BIT_TIME) | ||
3197 | + err = copy_to_user(uru, &ru, sizeof(ru)); | ||
3198 | + else | ||
3199 | + err = put_compat_rusage(&ru, uru); | ||
3200 | + if (err) | ||
3201 | + return -EFAULT; | ||
3202 | + } | ||
3203 | } | ||
3204 | |||
3205 | if (!infop) | ||
3206 | diff --git a/kernel/extable.c b/kernel/extable.c | ||
3207 | index 38c2412401a1..9aa1cc41ecf7 100644 | ||
3208 | --- a/kernel/extable.c | ||
3209 | +++ b/kernel/extable.c | ||
3210 | @@ -102,15 +102,7 @@ int core_kernel_data(unsigned long addr) | ||
3211 | |||
3212 | int __kernel_text_address(unsigned long addr) | ||
3213 | { | ||
3214 | - if (core_kernel_text(addr)) | ||
3215 | - return 1; | ||
3216 | - if (is_module_text_address(addr)) | ||
3217 | - return 1; | ||
3218 | - if (is_ftrace_trampoline(addr)) | ||
3219 | - return 1; | ||
3220 | - if (is_kprobe_optinsn_slot(addr) || is_kprobe_insn_slot(addr)) | ||
3221 | - return 1; | ||
3222 | - if (is_bpf_text_address(addr)) | ||
3223 | + if (kernel_text_address(addr)) | ||
3224 | return 1; | ||
3225 | /* | ||
3226 | * There might be init symbols in saved stacktraces. | ||
3227 | @@ -127,17 +119,42 @@ int __kernel_text_address(unsigned long addr) | ||
3228 | |||
3229 | int kernel_text_address(unsigned long addr) | ||
3230 | { | ||
3231 | + bool no_rcu; | ||
3232 | + int ret = 1; | ||
3233 | + | ||
3234 | if (core_kernel_text(addr)) | ||
3235 | return 1; | ||
3236 | + | ||
3237 | + /* | ||
3238 | + * If a stack dump happens while RCU is not watching, then | ||
3239 | + * RCU needs to be notified that it requires to start | ||
3240 | + * watching again. This can happen either by tracing that | ||
3241 | + * triggers a stack trace, or a WARN() that happens during | ||
3242 | + * coming back from idle, or cpu on or offlining. | ||
3243 | + * | ||
3244 | + * is_module_text_address() as well as the kprobe slots | ||
3245 | + * and is_bpf_text_address() require RCU to be watching. | ||
3246 | + */ | ||
3247 | + no_rcu = !rcu_is_watching(); | ||
3248 | + | ||
3249 | + /* Treat this like an NMI as it can happen anywhere */ | ||
3250 | + if (no_rcu) | ||
3251 | + rcu_nmi_enter(); | ||
3252 | + | ||
3253 | if (is_module_text_address(addr)) | ||
3254 | - return 1; | ||
3255 | + goto out; | ||
3256 | if (is_ftrace_trampoline(addr)) | ||
3257 | - return 1; | ||
3258 | + goto out; | ||
3259 | if (is_kprobe_optinsn_slot(addr) || is_kprobe_insn_slot(addr)) | ||
3260 | - return 1; | ||
3261 | + goto out; | ||
3262 | if (is_bpf_text_address(addr)) | ||
3263 | - return 1; | ||
3264 | - return 0; | ||
3265 | + goto out; | ||
3266 | + ret = 0; | ||
3267 | +out: | ||
3268 | + if (no_rcu) | ||
3269 | + rcu_nmi_exit(); | ||
3270 | + | ||
3271 | + return ret; | ||
3272 | } | ||
3273 | |||
3274 | /* | ||
3275 | diff --git a/kernel/futex.c b/kernel/futex.c | ||
3276 | index f50b434756c1..bf57ab12ffe8 100644 | ||
3277 | --- a/kernel/futex.c | ||
3278 | +++ b/kernel/futex.c | ||
3279 | @@ -821,8 +821,6 @@ static void get_pi_state(struct futex_pi_state *pi_state) | ||
3280 | /* | ||
3281 | * Drops a reference to the pi_state object and frees or caches it | ||
3282 | * when the last reference is gone. | ||
3283 | - * | ||
3284 | - * Must be called with the hb lock held. | ||
3285 | */ | ||
3286 | static void put_pi_state(struct futex_pi_state *pi_state) | ||
3287 | { | ||
3288 | @@ -837,16 +835,22 @@ static void put_pi_state(struct futex_pi_state *pi_state) | ||
3289 | * and has cleaned up the pi_state already | ||
3290 | */ | ||
3291 | if (pi_state->owner) { | ||
3292 | - raw_spin_lock_irq(&pi_state->owner->pi_lock); | ||
3293 | - list_del_init(&pi_state->list); | ||
3294 | - raw_spin_unlock_irq(&pi_state->owner->pi_lock); | ||
3295 | + struct task_struct *owner; | ||
3296 | |||
3297 | - rt_mutex_proxy_unlock(&pi_state->pi_mutex, pi_state->owner); | ||
3298 | + raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); | ||
3299 | + owner = pi_state->owner; | ||
3300 | + if (owner) { | ||
3301 | + raw_spin_lock(&owner->pi_lock); | ||
3302 | + list_del_init(&pi_state->list); | ||
3303 | + raw_spin_unlock(&owner->pi_lock); | ||
3304 | + } | ||
3305 | + rt_mutex_proxy_unlock(&pi_state->pi_mutex, owner); | ||
3306 | + raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); | ||
3307 | } | ||
3308 | |||
3309 | - if (current->pi_state_cache) | ||
3310 | + if (current->pi_state_cache) { | ||
3311 | kfree(pi_state); | ||
3312 | - else { | ||
3313 | + } else { | ||
3314 | /* | ||
3315 | * pi_state->list is already empty. | ||
3316 | * clear pi_state->owner. | ||
3317 | @@ -905,13 +909,14 @@ void exit_pi_state_list(struct task_struct *curr) | ||
3318 | raw_spin_unlock_irq(&curr->pi_lock); | ||
3319 | |||
3320 | spin_lock(&hb->lock); | ||
3321 | - | ||
3322 | - raw_spin_lock_irq(&curr->pi_lock); | ||
3323 | + raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); | ||
3324 | + raw_spin_lock(&curr->pi_lock); | ||
3325 | /* | ||
3326 | * We dropped the pi-lock, so re-check whether this | ||
3327 | * task still owns the PI-state: | ||
3328 | */ | ||
3329 | if (head->next != next) { | ||
3330 | + raw_spin_unlock(&pi_state->pi_mutex.wait_lock); | ||
3331 | spin_unlock(&hb->lock); | ||
3332 | continue; | ||
3333 | } | ||
3334 | @@ -920,9 +925,10 @@ void exit_pi_state_list(struct task_struct *curr) | ||
3335 | WARN_ON(list_empty(&pi_state->list)); | ||
3336 | list_del_init(&pi_state->list); | ||
3337 | pi_state->owner = NULL; | ||
3338 | - raw_spin_unlock_irq(&curr->pi_lock); | ||
3339 | + raw_spin_unlock(&curr->pi_lock); | ||
3340 | |||
3341 | get_pi_state(pi_state); | ||
3342 | + raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); | ||
3343 | spin_unlock(&hb->lock); | ||
3344 | |||
3345 | rt_mutex_futex_unlock(&pi_state->pi_mutex); | ||
3346 | @@ -1204,6 +1210,10 @@ static int attach_to_pi_owner(u32 uval, union futex_key *key, | ||
3347 | |||
3348 | WARN_ON(!list_empty(&pi_state->list)); | ||
3349 | list_add(&pi_state->list, &p->pi_state_list); | ||
3350 | + /* | ||
3351 | + * Assignment without holding pi_state->pi_mutex.wait_lock is safe | ||
3352 | + * because there is no concurrency as the object is not published yet. | ||
3353 | + */ | ||
3354 | pi_state->owner = p; | ||
3355 | raw_spin_unlock_irq(&p->pi_lock); | ||
3356 | |||
3357 | @@ -2820,6 +2830,7 @@ static int futex_unlock_pi(u32 __user *uaddr, unsigned int flags) | ||
3358 | raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); | ||
3359 | spin_unlock(&hb->lock); | ||
3360 | |||
3361 | + /* drops pi_state->pi_mutex.wait_lock */ | ||
3362 | ret = wake_futex_pi(uaddr, uval, pi_state); | ||
3363 | |||
3364 | put_pi_state(pi_state); | ||
3365 | diff --git a/kernel/irq/chip.c b/kernel/irq/chip.c | ||
3366 | index 3675c6004f2a..75a70a267029 100644 | ||
3367 | --- a/kernel/irq/chip.c | ||
3368 | +++ b/kernel/irq/chip.c | ||
3369 | @@ -202,7 +202,7 @@ __irq_startup_managed(struct irq_desc *desc, struct cpumask *aff, bool force) | ||
3370 | |||
3371 | irqd_clr_managed_shutdown(d); | ||
3372 | |||
3373 | - if (cpumask_any_and(aff, cpu_online_mask) > nr_cpu_ids) { | ||
3374 | + if (cpumask_any_and(aff, cpu_online_mask) >= nr_cpu_ids) { | ||
3375 | /* | ||
3376 | * Catch code which fiddles with enable_irq() on a managed | ||
3377 | * and potentially shutdown IRQ. Chained interrupt | ||
3378 | diff --git a/kernel/irq/generic-chip.c b/kernel/irq/generic-chip.c | ||
3379 | index f7086b78ad6e..5270a54b9fa4 100644 | ||
3380 | --- a/kernel/irq/generic-chip.c | ||
3381 | +++ b/kernel/irq/generic-chip.c | ||
3382 | @@ -322,7 +322,6 @@ int __irq_alloc_domain_generic_chips(struct irq_domain *d, int irqs_per_chip, | ||
3383 | /* Calc pointer to the next generic chip */ | ||
3384 | tmp += sizeof(*gc) + num_ct * sizeof(struct irq_chip_type); | ||
3385 | } | ||
3386 | - d->name = name; | ||
3387 | return 0; | ||
3388 | } | ||
3389 | EXPORT_SYMBOL_GPL(__irq_alloc_domain_generic_chips); | ||
3390 | diff --git a/kernel/irq/irqdesc.c b/kernel/irq/irqdesc.c | ||
3391 | index 73be2b3909bd..82afb7ed369f 100644 | ||
3392 | --- a/kernel/irq/irqdesc.c | ||
3393 | +++ b/kernel/irq/irqdesc.c | ||
3394 | @@ -421,10 +421,8 @@ static void free_desc(unsigned int irq) | ||
3395 | * The sysfs entry must be serialized against a concurrent | ||
3396 | * irq_sysfs_init() as well. | ||
3397 | */ | ||
3398 | - mutex_lock(&sparse_irq_lock); | ||
3399 | kobject_del(&desc->kobj); | ||
3400 | delete_irq_desc(irq); | ||
3401 | - mutex_unlock(&sparse_irq_lock); | ||
3402 | |||
3403 | /* | ||
3404 | * We free the descriptor, masks and stat fields via RCU. That | ||
3405 | @@ -462,20 +460,15 @@ static int alloc_descs(unsigned int start, unsigned int cnt, int node, | ||
3406 | desc = alloc_desc(start + i, node, flags, mask, owner); | ||
3407 | if (!desc) | ||
3408 | goto err; | ||
3409 | - mutex_lock(&sparse_irq_lock); | ||
3410 | irq_insert_desc(start + i, desc); | ||
3411 | irq_sysfs_add(start + i, desc); | ||
3412 | - mutex_unlock(&sparse_irq_lock); | ||
3413 | } | ||
3414 | + bitmap_set(allocated_irqs, start, cnt); | ||
3415 | return start; | ||
3416 | |||
3417 | err: | ||
3418 | for (i--; i >= 0; i--) | ||
3419 | free_desc(start + i); | ||
3420 | - | ||
3421 | - mutex_lock(&sparse_irq_lock); | ||
3422 | - bitmap_clear(allocated_irqs, start, cnt); | ||
3423 | - mutex_unlock(&sparse_irq_lock); | ||
3424 | return -ENOMEM; | ||
3425 | } | ||
3426 | |||
3427 | @@ -575,6 +568,7 @@ static inline int alloc_descs(unsigned int start, unsigned int cnt, int node, | ||
3428 | |||
3429 | desc->owner = owner; | ||
3430 | } | ||
3431 | + bitmap_set(allocated_irqs, start, cnt); | ||
3432 | return start; | ||
3433 | } | ||
3434 | |||
3435 | @@ -670,10 +664,10 @@ void irq_free_descs(unsigned int from, unsigned int cnt) | ||
3436 | if (from >= nr_irqs || (from + cnt) > nr_irqs) | ||
3437 | return; | ||
3438 | |||
3439 | + mutex_lock(&sparse_irq_lock); | ||
3440 | for (i = 0; i < cnt; i++) | ||
3441 | free_desc(from + i); | ||
3442 | |||
3443 | - mutex_lock(&sparse_irq_lock); | ||
3444 | bitmap_clear(allocated_irqs, from, cnt); | ||
3445 | mutex_unlock(&sparse_irq_lock); | ||
3446 | } | ||
3447 | @@ -720,19 +714,15 @@ __irq_alloc_descs(int irq, unsigned int from, unsigned int cnt, int node, | ||
3448 | from, cnt, 0); | ||
3449 | ret = -EEXIST; | ||
3450 | if (irq >=0 && start != irq) | ||
3451 | - goto err; | ||
3452 | + goto unlock; | ||
3453 | |||
3454 | if (start + cnt > nr_irqs) { | ||
3455 | ret = irq_expand_nr_irqs(start + cnt); | ||
3456 | if (ret) | ||
3457 | - goto err; | ||
3458 | + goto unlock; | ||
3459 | } | ||
3460 | - | ||
3461 | - bitmap_set(allocated_irqs, start, cnt); | ||
3462 | - mutex_unlock(&sparse_irq_lock); | ||
3463 | - return alloc_descs(start, cnt, node, affinity, owner); | ||
3464 | - | ||
3465 | -err: | ||
3466 | + ret = alloc_descs(start, cnt, node, affinity, owner); | ||
3467 | +unlock: | ||
3468 | mutex_unlock(&sparse_irq_lock); | ||
3469 | return ret; | ||
3470 | } | ||
3471 | diff --git a/kernel/irq/msi.c b/kernel/irq/msi.c | ||
3472 | index 48eadf416c24..3fa4bd59f569 100644 | ||
3473 | --- a/kernel/irq/msi.c | ||
3474 | +++ b/kernel/irq/msi.c | ||
3475 | @@ -315,11 +315,12 @@ int msi_domain_populate_irqs(struct irq_domain *domain, struct device *dev, | ||
3476 | |||
3477 | ops->set_desc(arg, desc); | ||
3478 | /* Assumes the domain mutex is held! */ | ||
3479 | - ret = irq_domain_alloc_irqs_hierarchy(domain, virq, 1, arg); | ||
3480 | + ret = irq_domain_alloc_irqs_hierarchy(domain, desc->irq, 1, | ||
3481 | + arg); | ||
3482 | if (ret) | ||
3483 | break; | ||
3484 | |||
3485 | - irq_set_msi_desc_off(virq, 0, desc); | ||
3486 | + irq_set_msi_desc_off(desc->irq, 0, desc); | ||
3487 | } | ||
3488 | |||
3489 | if (ret) { | ||
3490 | diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c | ||
3491 | index 51d4c3acf32d..63bee8e1b193 100644 | ||
3492 | --- a/kernel/rcu/tree.c | ||
3493 | +++ b/kernel/rcu/tree.c | ||
3494 | @@ -888,6 +888,11 @@ void rcu_irq_exit(void) | ||
3495 | |||
3496 | RCU_LOCKDEP_WARN(!irqs_disabled(), "rcu_irq_exit() invoked with irqs enabled!!!"); | ||
3497 | rdtp = this_cpu_ptr(&rcu_dynticks); | ||
3498 | + | ||
3499 | + /* Page faults can happen in NMI handlers, so check... */ | ||
3500 | + if (READ_ONCE(rdtp->dynticks_nmi_nesting)) | ||
3501 | + return; | ||
3502 | + | ||
3503 | WARN_ON_ONCE(IS_ENABLED(CONFIG_RCU_EQS_DEBUG) && | ||
3504 | rdtp->dynticks_nesting < 1); | ||
3505 | if (rdtp->dynticks_nesting <= 1) { | ||
3506 | @@ -1020,6 +1025,11 @@ void rcu_irq_enter(void) | ||
3507 | |||
3508 | RCU_LOCKDEP_WARN(!irqs_disabled(), "rcu_irq_enter() invoked with irqs enabled!!!"); | ||
3509 | rdtp = this_cpu_ptr(&rcu_dynticks); | ||
3510 | + | ||
3511 | + /* Page faults can happen in NMI handlers, so check... */ | ||
3512 | + if (READ_ONCE(rdtp->dynticks_nmi_nesting)) | ||
3513 | + return; | ||
3514 | + | ||
3515 | oldval = rdtp->dynticks_nesting; | ||
3516 | rdtp->dynticks_nesting++; | ||
3517 | WARN_ON_ONCE(IS_ENABLED(CONFIG_RCU_EQS_DEBUG) && | ||
3518 | diff --git a/kernel/seccomp.c b/kernel/seccomp.c | ||
3519 | index 98b59b5db90b..f3218fec7f2d 100644 | ||
3520 | --- a/kernel/seccomp.c | ||
3521 | +++ b/kernel/seccomp.c | ||
3522 | @@ -458,14 +458,19 @@ static long seccomp_attach_filter(unsigned int flags, | ||
3523 | return 0; | ||
3524 | } | ||
3525 | |||
3526 | +void __get_seccomp_filter(struct seccomp_filter *filter) | ||
3527 | +{ | ||
3528 | + /* Reference count is bounded by the number of total processes. */ | ||
3529 | + refcount_inc(&filter->usage); | ||
3530 | +} | ||
3531 | + | ||
3532 | /* get_seccomp_filter - increments the reference count of the filter on @tsk */ | ||
3533 | void get_seccomp_filter(struct task_struct *tsk) | ||
3534 | { | ||
3535 | struct seccomp_filter *orig = tsk->seccomp.filter; | ||
3536 | if (!orig) | ||
3537 | return; | ||
3538 | - /* Reference count is bounded by the number of total processes. */ | ||
3539 | - refcount_inc(&orig->usage); | ||
3540 | + __get_seccomp_filter(orig); | ||
3541 | } | ||
3542 | |||
3543 | static inline void seccomp_filter_free(struct seccomp_filter *filter) | ||
3544 | @@ -476,10 +481,8 @@ static inline void seccomp_filter_free(struct seccomp_filter *filter) | ||
3545 | } | ||
3546 | } | ||
3547 | |||
3548 | -/* put_seccomp_filter - decrements the ref count of tsk->seccomp.filter */ | ||
3549 | -void put_seccomp_filter(struct task_struct *tsk) | ||
3550 | +static void __put_seccomp_filter(struct seccomp_filter *orig) | ||
3551 | { | ||
3552 | - struct seccomp_filter *orig = tsk->seccomp.filter; | ||
3553 | /* Clean up single-reference branches iteratively. */ | ||
3554 | while (orig && refcount_dec_and_test(&orig->usage)) { | ||
3555 | struct seccomp_filter *freeme = orig; | ||
3556 | @@ -488,6 +491,12 @@ void put_seccomp_filter(struct task_struct *tsk) | ||
3557 | } | ||
3558 | } | ||
3559 | |||
3560 | +/* put_seccomp_filter - decrements the ref count of tsk->seccomp.filter */ | ||
3561 | +void put_seccomp_filter(struct task_struct *tsk) | ||
3562 | +{ | ||
3563 | + __put_seccomp_filter(tsk->seccomp.filter); | ||
3564 | +} | ||
3565 | + | ||
3566 | static void seccomp_init_siginfo(siginfo_t *info, int syscall, int reason) | ||
3567 | { | ||
3568 | memset(info, 0, sizeof(*info)); | ||
3569 | @@ -908,13 +917,13 @@ long seccomp_get_filter(struct task_struct *task, unsigned long filter_off, | ||
3570 | if (!data) | ||
3571 | goto out; | ||
3572 | |||
3573 | - get_seccomp_filter(task); | ||
3574 | + __get_seccomp_filter(filter); | ||
3575 | spin_unlock_irq(&task->sighand->siglock); | ||
3576 | |||
3577 | if (copy_to_user(data, fprog->filter, bpf_classic_proglen(fprog))) | ||
3578 | ret = -EFAULT; | ||
3579 | |||
3580 | - put_seccomp_filter(task); | ||
3581 | + __put_seccomp_filter(filter); | ||
3582 | return ret; | ||
3583 | |||
3584 | out: | ||
3585 | diff --git a/kernel/sysctl.c b/kernel/sysctl.c | ||
3586 | index 6648fbbb8157..423554ad3610 100644 | ||
3587 | --- a/kernel/sysctl.c | ||
3588 | +++ b/kernel/sysctl.c | ||
3589 | @@ -367,7 +367,8 @@ static struct ctl_table kern_table[] = { | ||
3590 | .data = &sysctl_sched_time_avg, | ||
3591 | .maxlen = sizeof(unsigned int), | ||
3592 | .mode = 0644, | ||
3593 | - .proc_handler = proc_dointvec, | ||
3594 | + .proc_handler = proc_dointvec_minmax, | ||
3595 | + .extra1 = &one, | ||
3596 | }, | ||
3597 | #ifdef CONFIG_SCHEDSTATS | ||
3598 | { | ||
3599 | diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c | ||
3600 | index 5efb4b63174e..27a723480b13 100644 | ||
3601 | --- a/kernel/trace/trace.c | ||
3602 | +++ b/kernel/trace/trace.c | ||
3603 | @@ -4017,11 +4017,17 @@ static int tracing_open(struct inode *inode, struct file *file) | ||
3604 | /* If this file was open for write, then erase contents */ | ||
3605 | if ((file->f_mode & FMODE_WRITE) && (file->f_flags & O_TRUNC)) { | ||
3606 | int cpu = tracing_get_cpu(inode); | ||
3607 | + struct trace_buffer *trace_buf = &tr->trace_buffer; | ||
3608 | + | ||
3609 | +#ifdef CONFIG_TRACER_MAX_TRACE | ||
3610 | + if (tr->current_trace->print_max) | ||
3611 | + trace_buf = &tr->max_buffer; | ||
3612 | +#endif | ||
3613 | |||
3614 | if (cpu == RING_BUFFER_ALL_CPUS) | ||
3615 | - tracing_reset_online_cpus(&tr->trace_buffer); | ||
3616 | + tracing_reset_online_cpus(trace_buf); | ||
3617 | else | ||
3618 | - tracing_reset(&tr->trace_buffer, cpu); | ||
3619 | + tracing_reset(trace_buf, cpu); | ||
3620 | } | ||
3621 | |||
3622 | if (file->f_mode & FMODE_READ) { | ||
3623 | @@ -5664,7 +5670,7 @@ static int tracing_wait_pipe(struct file *filp) | ||
3624 | * | ||
3625 | * iter->pos will be 0 if we haven't read anything. | ||
3626 | */ | ||
3627 | - if (!tracing_is_on() && iter->pos) | ||
3628 | + if (!tracer_tracing_is_on(iter->tr) && iter->pos) | ||
3629 | break; | ||
3630 | |||
3631 | mutex_unlock(&iter->mutex); | ||
3632 | diff --git a/kernel/trace/trace_stack.c b/kernel/trace/trace_stack.c | ||
3633 | index a4df67cbc711..49cb41412eec 100644 | ||
3634 | --- a/kernel/trace/trace_stack.c | ||
3635 | +++ b/kernel/trace/trace_stack.c | ||
3636 | @@ -96,23 +96,9 @@ check_stack(unsigned long ip, unsigned long *stack) | ||
3637 | if (in_nmi()) | ||
3638 | return; | ||
3639 | |||
3640 | - /* | ||
3641 | - * There's a slight chance that we are tracing inside the | ||
3642 | - * RCU infrastructure, and rcu_irq_enter() will not work | ||
3643 | - * as expected. | ||
3644 | - */ | ||
3645 | - if (unlikely(rcu_irq_enter_disabled())) | ||
3646 | - return; | ||
3647 | - | ||
3648 | local_irq_save(flags); | ||
3649 | arch_spin_lock(&stack_trace_max_lock); | ||
3650 | |||
3651 | - /* | ||
3652 | - * RCU may not be watching, make it see us. | ||
3653 | - * The stack trace code uses rcu_sched. | ||
3654 | - */ | ||
3655 | - rcu_irq_enter(); | ||
3656 | - | ||
3657 | /* In case another CPU set the tracer_frame on us */ | ||
3658 | if (unlikely(!frame_size)) | ||
3659 | this_size -= tracer_frame; | ||
3660 | @@ -205,7 +191,6 @@ check_stack(unsigned long ip, unsigned long *stack) | ||
3661 | } | ||
3662 | |||
3663 | out: | ||
3664 | - rcu_irq_exit(); | ||
3665 | arch_spin_unlock(&stack_trace_max_lock); | ||
3666 | local_irq_restore(flags); | ||
3667 | } | ||
3668 | diff --git a/net/ceph/osdmap.c b/net/ceph/osdmap.c | ||
3669 | index f358d0bfa76b..79d14d70b7ea 100644 | ||
3670 | --- a/net/ceph/osdmap.c | ||
3671 | +++ b/net/ceph/osdmap.c | ||
3672 | @@ -2445,19 +2445,34 @@ static void apply_upmap(struct ceph_osdmap *osdmap, | ||
3673 | |||
3674 | pg = lookup_pg_mapping(&osdmap->pg_upmap_items, pgid); | ||
3675 | if (pg) { | ||
3676 | - for (i = 0; i < raw->size; i++) { | ||
3677 | - for (j = 0; j < pg->pg_upmap_items.len; j++) { | ||
3678 | - int from = pg->pg_upmap_items.from_to[j][0]; | ||
3679 | - int to = pg->pg_upmap_items.from_to[j][1]; | ||
3680 | - | ||
3681 | - if (from == raw->osds[i]) { | ||
3682 | - if (!(to != CRUSH_ITEM_NONE && | ||
3683 | - to < osdmap->max_osd && | ||
3684 | - osdmap->osd_weight[to] == 0)) | ||
3685 | - raw->osds[i] = to; | ||
3686 | + /* | ||
3687 | + * Note: this approach does not allow a bidirectional swap, | ||
3688 | + * e.g., [[1,2],[2,1]] applied to [0,1,2] -> [0,2,1]. | ||
3689 | + */ | ||
3690 | + for (i = 0; i < pg->pg_upmap_items.len; i++) { | ||
3691 | + int from = pg->pg_upmap_items.from_to[i][0]; | ||
3692 | + int to = pg->pg_upmap_items.from_to[i][1]; | ||
3693 | + int pos = -1; | ||
3694 | + bool exists = false; | ||
3695 | + | ||
3696 | + /* make sure replacement doesn't already appear */ | ||
3697 | + for (j = 0; j < raw->size; j++) { | ||
3698 | + int osd = raw->osds[j]; | ||
3699 | + | ||
3700 | + if (osd == to) { | ||
3701 | + exists = true; | ||
3702 | break; | ||
3703 | } | ||
3704 | + /* ignore mapping if target is marked out */ | ||
3705 | + if (osd == from && pos < 0 && | ||
3706 | + !(to != CRUSH_ITEM_NONE && | ||
3707 | + to < osdmap->max_osd && | ||
3708 | + osdmap->osd_weight[to] == 0)) { | ||
3709 | + pos = j; | ||
3710 | + } | ||
3711 | } | ||
3712 | + if (!exists && pos >= 0) | ||
3713 | + raw->osds[pos] = to; | ||
3714 | } | ||
3715 | } | ||
3716 | } | ||
3717 | diff --git a/net/mac80211/agg-rx.c b/net/mac80211/agg-rx.c | ||
3718 | index 2b36eff5d97e..2849a1fc41c5 100644 | ||
3719 | --- a/net/mac80211/agg-rx.c | ||
3720 | +++ b/net/mac80211/agg-rx.c | ||
3721 | @@ -245,10 +245,10 @@ static void ieee80211_send_addba_resp(struct ieee80211_sub_if_data *sdata, u8 *d | ||
3722 | ieee80211_tx_skb(sdata, skb); | ||
3723 | } | ||
3724 | |||
3725 | -void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3726 | - u8 dialog_token, u16 timeout, | ||
3727 | - u16 start_seq_num, u16 ba_policy, u16 tid, | ||
3728 | - u16 buf_size, bool tx, bool auto_seq) | ||
3729 | +void ___ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3730 | + u8 dialog_token, u16 timeout, | ||
3731 | + u16 start_seq_num, u16 ba_policy, u16 tid, | ||
3732 | + u16 buf_size, bool tx, bool auto_seq) | ||
3733 | { | ||
3734 | struct ieee80211_local *local = sta->sdata->local; | ||
3735 | struct tid_ampdu_rx *tid_agg_rx; | ||
3736 | @@ -267,7 +267,7 @@ void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3737 | ht_dbg(sta->sdata, | ||
3738 | "STA %pM requests BA session on unsupported tid %d\n", | ||
3739 | sta->sta.addr, tid); | ||
3740 | - goto end_no_lock; | ||
3741 | + goto end; | ||
3742 | } | ||
3743 | |||
3744 | if (!sta->sta.ht_cap.ht_supported) { | ||
3745 | @@ -275,14 +275,14 @@ void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3746 | "STA %pM erroneously requests BA session on tid %d w/o QoS\n", | ||
3747 | sta->sta.addr, tid); | ||
3748 | /* send a response anyway, it's an error case if we get here */ | ||
3749 | - goto end_no_lock; | ||
3750 | + goto end; | ||
3751 | } | ||
3752 | |||
3753 | if (test_sta_flag(sta, WLAN_STA_BLOCK_BA)) { | ||
3754 | ht_dbg(sta->sdata, | ||
3755 | "Suspend in progress - Denying ADDBA request (%pM tid %d)\n", | ||
3756 | sta->sta.addr, tid); | ||
3757 | - goto end_no_lock; | ||
3758 | + goto end; | ||
3759 | } | ||
3760 | |||
3761 | /* sanity check for incoming parameters: | ||
3762 | @@ -296,7 +296,7 @@ void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3763 | ht_dbg_ratelimited(sta->sdata, | ||
3764 | "AddBA Req with bad params from %pM on tid %u. policy %d, buffer size %d\n", | ||
3765 | sta->sta.addr, tid, ba_policy, buf_size); | ||
3766 | - goto end_no_lock; | ||
3767 | + goto end; | ||
3768 | } | ||
3769 | /* determine default buffer size */ | ||
3770 | if (buf_size == 0) | ||
3771 | @@ -311,7 +311,7 @@ void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3772 | buf_size, sta->sta.addr); | ||
3773 | |||
3774 | /* examine state machine */ | ||
3775 | - mutex_lock(&sta->ampdu_mlme.mtx); | ||
3776 | + lockdep_assert_held(&sta->ampdu_mlme.mtx); | ||
3777 | |||
3778 | if (test_bit(tid, sta->ampdu_mlme.agg_session_valid)) { | ||
3779 | if (sta->ampdu_mlme.tid_rx_token[tid] == dialog_token) { | ||
3780 | @@ -415,15 +415,25 @@ void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3781 | __clear_bit(tid, sta->ampdu_mlme.unexpected_agg); | ||
3782 | sta->ampdu_mlme.tid_rx_token[tid] = dialog_token; | ||
3783 | } | ||
3784 | - mutex_unlock(&sta->ampdu_mlme.mtx); | ||
3785 | |||
3786 | -end_no_lock: | ||
3787 | if (tx) | ||
3788 | ieee80211_send_addba_resp(sta->sdata, sta->sta.addr, tid, | ||
3789 | dialog_token, status, 1, buf_size, | ||
3790 | timeout); | ||
3791 | } | ||
3792 | |||
3793 | +void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3794 | + u8 dialog_token, u16 timeout, | ||
3795 | + u16 start_seq_num, u16 ba_policy, u16 tid, | ||
3796 | + u16 buf_size, bool tx, bool auto_seq) | ||
3797 | +{ | ||
3798 | + mutex_lock(&sta->ampdu_mlme.mtx); | ||
3799 | + ___ieee80211_start_rx_ba_session(sta, dialog_token, timeout, | ||
3800 | + start_seq_num, ba_policy, tid, | ||
3801 | + buf_size, tx, auto_seq); | ||
3802 | + mutex_unlock(&sta->ampdu_mlme.mtx); | ||
3803 | +} | ||
3804 | + | ||
3805 | void ieee80211_process_addba_request(struct ieee80211_local *local, | ||
3806 | struct sta_info *sta, | ||
3807 | struct ieee80211_mgmt *mgmt, | ||
3808 | diff --git a/net/mac80211/ht.c b/net/mac80211/ht.c | ||
3809 | index c92df492e898..198b2d3e56fd 100644 | ||
3810 | --- a/net/mac80211/ht.c | ||
3811 | +++ b/net/mac80211/ht.c | ||
3812 | @@ -333,9 +333,9 @@ void ieee80211_ba_session_work(struct work_struct *work) | ||
3813 | |||
3814 | if (test_and_clear_bit(tid, | ||
3815 | sta->ampdu_mlme.tid_rx_manage_offl)) | ||
3816 | - __ieee80211_start_rx_ba_session(sta, 0, 0, 0, 1, tid, | ||
3817 | - IEEE80211_MAX_AMPDU_BUF, | ||
3818 | - false, true); | ||
3819 | + ___ieee80211_start_rx_ba_session(sta, 0, 0, 0, 1, tid, | ||
3820 | + IEEE80211_MAX_AMPDU_BUF, | ||
3821 | + false, true); | ||
3822 | |||
3823 | if (test_and_clear_bit(tid + IEEE80211_NUM_TIDS, | ||
3824 | sta->ampdu_mlme.tid_rx_manage_offl)) | ||
3825 | diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h | ||
3826 | index 2197c62a0a6e..9675814f64db 100644 | ||
3827 | --- a/net/mac80211/ieee80211_i.h | ||
3828 | +++ b/net/mac80211/ieee80211_i.h | ||
3829 | @@ -1760,6 +1760,10 @@ void __ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3830 | u8 dialog_token, u16 timeout, | ||
3831 | u16 start_seq_num, u16 ba_policy, u16 tid, | ||
3832 | u16 buf_size, bool tx, bool auto_seq); | ||
3833 | +void ___ieee80211_start_rx_ba_session(struct sta_info *sta, | ||
3834 | + u8 dialog_token, u16 timeout, | ||
3835 | + u16 start_seq_num, u16 ba_policy, u16 tid, | ||
3836 | + u16 buf_size, bool tx, bool auto_seq); | ||
3837 | void ieee80211_sta_tear_down_BA_sessions(struct sta_info *sta, | ||
3838 | enum ieee80211_agg_stop_reason reason); | ||
3839 | void ieee80211_process_delba(struct ieee80211_sub_if_data *sdata, | ||
3840 | diff --git a/net/mac80211/iface.c b/net/mac80211/iface.c | ||
3841 | index 9228ac73c429..44399322f356 100644 | ||
3842 | --- a/net/mac80211/iface.c | ||
3843 | +++ b/net/mac80211/iface.c | ||
3844 | @@ -792,6 +792,7 @@ static int ieee80211_open(struct net_device *dev) | ||
3845 | static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, | ||
3846 | bool going_down) | ||
3847 | { | ||
3848 | + struct ieee80211_sub_if_data *txq_sdata = sdata; | ||
3849 | struct ieee80211_local *local = sdata->local; | ||
3850 | struct fq *fq = &local->fq; | ||
3851 | unsigned long flags; | ||
3852 | @@ -937,6 +938,9 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, | ||
3853 | |||
3854 | switch (sdata->vif.type) { | ||
3855 | case NL80211_IFTYPE_AP_VLAN: | ||
3856 | + txq_sdata = container_of(sdata->bss, | ||
3857 | + struct ieee80211_sub_if_data, u.ap); | ||
3858 | + | ||
3859 | mutex_lock(&local->mtx); | ||
3860 | list_del(&sdata->u.vlan.list); | ||
3861 | mutex_unlock(&local->mtx); | ||
3862 | @@ -1007,8 +1011,17 @@ static void ieee80211_do_stop(struct ieee80211_sub_if_data *sdata, | ||
3863 | } | ||
3864 | spin_unlock_irqrestore(&local->queue_stop_reason_lock, flags); | ||
3865 | |||
3866 | - if (sdata->vif.txq) { | ||
3867 | - struct txq_info *txqi = to_txq_info(sdata->vif.txq); | ||
3868 | + if (txq_sdata->vif.txq) { | ||
3869 | + struct txq_info *txqi = to_txq_info(txq_sdata->vif.txq); | ||
3870 | + | ||
3871 | + /* | ||
3872 | + * FIXME FIXME | ||
3873 | + * | ||
3874 | + * We really shouldn't purge the *entire* txqi since that | ||
3875 | + * contains frames for the other AP_VLANs (and possibly | ||
3876 | + * the AP itself) as well, but there's no API in FQ now | ||
3877 | + * to be able to filter. | ||
3878 | + */ | ||
3879 | |||
3880 | spin_lock_bh(&fq->lock); | ||
3881 | ieee80211_txq_purge(local, txqi); | ||
3882 | diff --git a/net/mac80211/offchannel.c b/net/mac80211/offchannel.c | ||
3883 | index f8e7a8bbc618..faf4f6055000 100644 | ||
3884 | --- a/net/mac80211/offchannel.c | ||
3885 | +++ b/net/mac80211/offchannel.c | ||
3886 | @@ -707,6 +707,8 @@ static int ieee80211_cancel_roc(struct ieee80211_local *local, | ||
3887 | if (!cookie) | ||
3888 | return -ENOENT; | ||
3889 | |||
3890 | + flush_work(&local->hw_roc_start); | ||
3891 | + | ||
3892 | mutex_lock(&local->mtx); | ||
3893 | list_for_each_entry_safe(roc, tmp, &local->roc_list, list) { | ||
3894 | if (!mgmt_tx && roc->cookie != cookie) | ||
3895 | diff --git a/net/mac80211/tx.c b/net/mac80211/tx.c | ||
3896 | index 8858f4f185e9..94826680cf2b 100644 | ||
3897 | --- a/net/mac80211/tx.c | ||
3898 | +++ b/net/mac80211/tx.c | ||
3899 | @@ -1276,11 +1276,6 @@ static void ieee80211_set_skb_enqueue_time(struct sk_buff *skb) | ||
3900 | IEEE80211_SKB_CB(skb)->control.enqueue_time = codel_get_time(); | ||
3901 | } | ||
3902 | |||
3903 | -static void ieee80211_set_skb_vif(struct sk_buff *skb, struct txq_info *txqi) | ||
3904 | -{ | ||
3905 | - IEEE80211_SKB_CB(skb)->control.vif = txqi->txq.vif; | ||
3906 | -} | ||
3907 | - | ||
3908 | static u32 codel_skb_len_func(const struct sk_buff *skb) | ||
3909 | { | ||
3910 | return skb->len; | ||
3911 | @@ -3414,6 +3409,7 @@ struct sk_buff *ieee80211_tx_dequeue(struct ieee80211_hw *hw, | ||
3912 | struct ieee80211_tx_info *info; | ||
3913 | struct ieee80211_tx_data tx; | ||
3914 | ieee80211_tx_result r; | ||
3915 | + struct ieee80211_vif *vif; | ||
3916 | |||
3917 | spin_lock_bh(&fq->lock); | ||
3918 | |||
3919 | @@ -3430,8 +3426,6 @@ struct sk_buff *ieee80211_tx_dequeue(struct ieee80211_hw *hw, | ||
3920 | if (!skb) | ||
3921 | goto out; | ||
3922 | |||
3923 | - ieee80211_set_skb_vif(skb, txqi); | ||
3924 | - | ||
3925 | hdr = (struct ieee80211_hdr *)skb->data; | ||
3926 | info = IEEE80211_SKB_CB(skb); | ||
3927 | |||
3928 | @@ -3488,6 +3482,34 @@ struct sk_buff *ieee80211_tx_dequeue(struct ieee80211_hw *hw, | ||
3929 | } | ||
3930 | } | ||
3931 | |||
3932 | + switch (tx.sdata->vif.type) { | ||
3933 | + case NL80211_IFTYPE_MONITOR: | ||
3934 | + if (tx.sdata->u.mntr.flags & MONITOR_FLAG_ACTIVE) { | ||
3935 | + vif = &tx.sdata->vif; | ||
3936 | + break; | ||
3937 | + } | ||
3938 | + tx.sdata = rcu_dereference(local->monitor_sdata); | ||
3939 | + if (tx.sdata) { | ||
3940 | + vif = &tx.sdata->vif; | ||
3941 | + info->hw_queue = | ||
3942 | + vif->hw_queue[skb_get_queue_mapping(skb)]; | ||
3943 | + } else if (ieee80211_hw_check(&local->hw, QUEUE_CONTROL)) { | ||
3944 | + ieee80211_free_txskb(&local->hw, skb); | ||
3945 | + goto begin; | ||
3946 | + } else { | ||
3947 | + vif = NULL; | ||
3948 | + } | ||
3949 | + break; | ||
3950 | + case NL80211_IFTYPE_AP_VLAN: | ||
3951 | + tx.sdata = container_of(tx.sdata->bss, | ||
3952 | + struct ieee80211_sub_if_data, u.ap); | ||
3953 | + /* fall through */ | ||
3954 | + default: | ||
3955 | + vif = &tx.sdata->vif; | ||
3956 | + break; | ||
3957 | + } | ||
3958 | + | ||
3959 | + IEEE80211_SKB_CB(skb)->control.vif = vif; | ||
3960 | out: | ||
3961 | spin_unlock_bh(&fq->lock); | ||
3962 | |||
3963 | diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c | ||
3964 | index 8ce85420ecb0..750ba5d24a49 100644 | ||
3965 | --- a/net/wireless/nl80211.c | ||
3966 | +++ b/net/wireless/nl80211.c | ||
3967 | @@ -10903,6 +10903,9 @@ static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) | ||
3968 | if (err) | ||
3969 | return err; | ||
3970 | |||
3971 | + if (!tb[NL80211_REKEY_DATA_REPLAY_CTR] || !tb[NL80211_REKEY_DATA_KEK] || | ||
3972 | + !tb[NL80211_REKEY_DATA_KCK]) | ||
3973 | + return -EINVAL; | ||
3974 | if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) | ||
3975 | return -ERANGE; | ||
3976 | if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) | ||
3977 | diff --git a/security/keys/Kconfig b/security/keys/Kconfig | ||
3978 | index a7a23b5541f8..91eafada3164 100644 | ||
3979 | --- a/security/keys/Kconfig | ||
3980 | +++ b/security/keys/Kconfig | ||
3981 | @@ -45,10 +45,8 @@ config BIG_KEYS | ||
3982 | bool "Large payload keys" | ||
3983 | depends on KEYS | ||
3984 | depends on TMPFS | ||
3985 | - depends on (CRYPTO_ANSI_CPRNG = y || CRYPTO_DRBG = y) | ||
3986 | select CRYPTO_AES | ||
3987 | - select CRYPTO_ECB | ||
3988 | - select CRYPTO_RNG | ||
3989 | + select CRYPTO_GCM | ||
3990 | help | ||
3991 | This option provides support for holding large keys within the kernel | ||
3992 | (for example Kerberos ticket caches). The data may be stored out to | ||
3993 | diff --git a/security/keys/big_key.c b/security/keys/big_key.c | ||
3994 | index 835c1ab30d01..9c3b16ee1768 100644 | ||
3995 | --- a/security/keys/big_key.c | ||
3996 | +++ b/security/keys/big_key.c | ||
3997 | @@ -1,5 +1,6 @@ | ||
3998 | /* Large capacity key type | ||
3999 | * | ||
4000 | + * Copyright (C) 2017 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. | ||
4001 | * Copyright (C) 2013 Red Hat, Inc. All Rights Reserved. | ||
4002 | * Written by David Howells (dhowells@redhat.com) | ||
4003 | * | ||
4004 | @@ -16,10 +17,10 @@ | ||
4005 | #include <linux/shmem_fs.h> | ||
4006 | #include <linux/err.h> | ||
4007 | #include <linux/scatterlist.h> | ||
4008 | +#include <linux/random.h> | ||
4009 | #include <keys/user-type.h> | ||
4010 | #include <keys/big_key-type.h> | ||
4011 | -#include <crypto/rng.h> | ||
4012 | -#include <crypto/skcipher.h> | ||
4013 | +#include <crypto/aead.h> | ||
4014 | |||
4015 | /* | ||
4016 | * Layout of key payload words. | ||
4017 | @@ -49,7 +50,12 @@ enum big_key_op { | ||
4018 | /* | ||
4019 | * Key size for big_key data encryption | ||
4020 | */ | ||
4021 | -#define ENC_KEY_SIZE 16 | ||
4022 | +#define ENC_KEY_SIZE 32 | ||
4023 | + | ||
4024 | +/* | ||
4025 | + * Authentication tag length | ||
4026 | + */ | ||
4027 | +#define ENC_AUTHTAG_SIZE 16 | ||
4028 | |||
4029 | /* | ||
4030 | * big_key defined keys take an arbitrary string as the description and an | ||
4031 | @@ -64,57 +70,62 @@ struct key_type key_type_big_key = { | ||
4032 | .destroy = big_key_destroy, | ||
4033 | .describe = big_key_describe, | ||
4034 | .read = big_key_read, | ||
4035 | + /* no ->update(); don't add it without changing big_key_crypt() nonce */ | ||
4036 | }; | ||
4037 | |||
4038 | /* | ||
4039 | - * Crypto names for big_key data encryption | ||
4040 | + * Crypto names for big_key data authenticated encryption | ||
4041 | */ | ||
4042 | -static const char big_key_rng_name[] = "stdrng"; | ||
4043 | -static const char big_key_alg_name[] = "ecb(aes)"; | ||
4044 | +static const char big_key_alg_name[] = "gcm(aes)"; | ||
4045 | |||
4046 | /* | ||
4047 | - * Crypto algorithms for big_key data encryption | ||
4048 | + * Crypto algorithms for big_key data authenticated encryption | ||
4049 | */ | ||
4050 | -static struct crypto_rng *big_key_rng; | ||
4051 | -static struct crypto_skcipher *big_key_skcipher; | ||
4052 | +static struct crypto_aead *big_key_aead; | ||
4053 | |||
4054 | /* | ||
4055 | - * Generate random key to encrypt big_key data | ||
4056 | + * Since changing the key affects the entire object, we need a mutex. | ||
4057 | */ | ||
4058 | -static inline int big_key_gen_enckey(u8 *key) | ||
4059 | -{ | ||
4060 | - return crypto_rng_get_bytes(big_key_rng, key, ENC_KEY_SIZE); | ||
4061 | -} | ||
4062 | +static DEFINE_MUTEX(big_key_aead_lock); | ||
4063 | |||
4064 | /* | ||
4065 | * Encrypt/decrypt big_key data | ||
4066 | */ | ||
4067 | static int big_key_crypt(enum big_key_op op, u8 *data, size_t datalen, u8 *key) | ||
4068 | { | ||
4069 | - int ret = -EINVAL; | ||
4070 | + int ret; | ||
4071 | struct scatterlist sgio; | ||
4072 | - SKCIPHER_REQUEST_ON_STACK(req, big_key_skcipher); | ||
4073 | - | ||
4074 | - if (crypto_skcipher_setkey(big_key_skcipher, key, ENC_KEY_SIZE)) { | ||
4075 | + struct aead_request *aead_req; | ||
4076 | + /* We always use a zero nonce. The reason we can get away with this is | ||
4077 | + * because we're using a different randomly generated key for every | ||
4078 | + * different encryption. Notably, too, key_type_big_key doesn't define | ||
4079 | + * an .update function, so there's no chance we'll wind up reusing the | ||
4080 | + * key to encrypt updated data. Simply put: one key, one encryption. | ||
4081 | + */ | ||
4082 | + u8 zero_nonce[crypto_aead_ivsize(big_key_aead)]; | ||
4083 | + | ||
4084 | + aead_req = aead_request_alloc(big_key_aead, GFP_KERNEL); | ||
4085 | + if (!aead_req) | ||
4086 | + return -ENOMEM; | ||
4087 | + | ||
4088 | + memset(zero_nonce, 0, sizeof(zero_nonce)); | ||
4089 | + sg_init_one(&sgio, data, datalen + (op == BIG_KEY_ENC ? ENC_AUTHTAG_SIZE : 0)); | ||
4090 | + aead_request_set_crypt(aead_req, &sgio, &sgio, datalen, zero_nonce); | ||
4091 | + aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_SLEEP, NULL, NULL); | ||
4092 | + aead_request_set_ad(aead_req, 0); | ||
4093 | + | ||
4094 | + mutex_lock(&big_key_aead_lock); | ||
4095 | + if (crypto_aead_setkey(big_key_aead, key, ENC_KEY_SIZE)) { | ||
4096 | ret = -EAGAIN; | ||
4097 | goto error; | ||
4098 | } | ||
4099 | - | ||
4100 | - skcipher_request_set_tfm(req, big_key_skcipher); | ||
4101 | - skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, | ||
4102 | - NULL, NULL); | ||
4103 | - | ||
4104 | - sg_init_one(&sgio, data, datalen); | ||
4105 | - skcipher_request_set_crypt(req, &sgio, &sgio, datalen, NULL); | ||
4106 | - | ||
4107 | if (op == BIG_KEY_ENC) | ||
4108 | - ret = crypto_skcipher_encrypt(req); | ||
4109 | + ret = crypto_aead_encrypt(aead_req); | ||
4110 | else | ||
4111 | - ret = crypto_skcipher_decrypt(req); | ||
4112 | - | ||
4113 | - skcipher_request_zero(req); | ||
4114 | - | ||
4115 | + ret = crypto_aead_decrypt(aead_req); | ||
4116 | error: | ||
4117 | + mutex_unlock(&big_key_aead_lock); | ||
4118 | + aead_request_free(aead_req); | ||
4119 | return ret; | ||
4120 | } | ||
4121 | |||
4122 | @@ -146,15 +157,13 @@ int big_key_preparse(struct key_preparsed_payload *prep) | ||
4123 | * | ||
4124 | * File content is stored encrypted with randomly generated key. | ||
4125 | */ | ||
4126 | - size_t enclen = ALIGN(datalen, crypto_skcipher_blocksize(big_key_skcipher)); | ||
4127 | + size_t enclen = datalen + ENC_AUTHTAG_SIZE; | ||
4128 | |||
4129 | - /* prepare aligned data to encrypt */ | ||
4130 | data = kmalloc(enclen, GFP_KERNEL); | ||
4131 | if (!data) | ||
4132 | return -ENOMEM; | ||
4133 | |||
4134 | memcpy(data, prep->data, datalen); | ||
4135 | - memset(data + datalen, 0x00, enclen - datalen); | ||
4136 | |||
4137 | /* generate random key */ | ||
4138 | enckey = kmalloc(ENC_KEY_SIZE, GFP_KERNEL); | ||
4139 | @@ -162,13 +171,12 @@ int big_key_preparse(struct key_preparsed_payload *prep) | ||
4140 | ret = -ENOMEM; | ||
4141 | goto error; | ||
4142 | } | ||
4143 | - | ||
4144 | - ret = big_key_gen_enckey(enckey); | ||
4145 | - if (ret) | ||
4146 | + ret = get_random_bytes_wait(enckey, ENC_KEY_SIZE); | ||
4147 | + if (unlikely(ret)) | ||
4148 | goto err_enckey; | ||
4149 | |||
4150 | /* encrypt aligned data */ | ||
4151 | - ret = big_key_crypt(BIG_KEY_ENC, data, enclen, enckey); | ||
4152 | + ret = big_key_crypt(BIG_KEY_ENC, data, datalen, enckey); | ||
4153 | if (ret) | ||
4154 | goto err_enckey; | ||
4155 | |||
4156 | @@ -194,7 +202,7 @@ int big_key_preparse(struct key_preparsed_payload *prep) | ||
4157 | *path = file->f_path; | ||
4158 | path_get(path); | ||
4159 | fput(file); | ||
4160 | - kfree(data); | ||
4161 | + kzfree(data); | ||
4162 | } else { | ||
4163 | /* Just store the data in a buffer */ | ||
4164 | void *data = kmalloc(datalen, GFP_KERNEL); | ||
4165 | @@ -210,9 +218,9 @@ int big_key_preparse(struct key_preparsed_payload *prep) | ||
4166 | err_fput: | ||
4167 | fput(file); | ||
4168 | err_enckey: | ||
4169 | - kfree(enckey); | ||
4170 | + kzfree(enckey); | ||
4171 | error: | ||
4172 | - kfree(data); | ||
4173 | + kzfree(data); | ||
4174 | return ret; | ||
4175 | } | ||
4176 | |||
4177 | @@ -226,7 +234,7 @@ void big_key_free_preparse(struct key_preparsed_payload *prep) | ||
4178 | |||
4179 | path_put(path); | ||
4180 | } | ||
4181 | - kfree(prep->payload.data[big_key_data]); | ||
4182 | + kzfree(prep->payload.data[big_key_data]); | ||
4183 | } | ||
4184 | |||
4185 | /* | ||
4186 | @@ -258,7 +266,7 @@ void big_key_destroy(struct key *key) | ||
4187 | path->mnt = NULL; | ||
4188 | path->dentry = NULL; | ||
4189 | } | ||
4190 | - kfree(key->payload.data[big_key_data]); | ||
4191 | + kzfree(key->payload.data[big_key_data]); | ||
4192 | key->payload.data[big_key_data] = NULL; | ||
4193 | } | ||
4194 | |||
4195 | @@ -294,7 +302,7 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen) | ||
4196 | struct file *file; | ||
4197 | u8 *data; | ||
4198 | u8 *enckey = (u8 *)key->payload.data[big_key_data]; | ||
4199 | - size_t enclen = ALIGN(datalen, crypto_skcipher_blocksize(big_key_skcipher)); | ||
4200 | + size_t enclen = datalen + ENC_AUTHTAG_SIZE; | ||
4201 | |||
4202 | data = kmalloc(enclen, GFP_KERNEL); | ||
4203 | if (!data) | ||
4204 | @@ -326,7 +334,7 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen) | ||
4205 | err_fput: | ||
4206 | fput(file); | ||
4207 | error: | ||
4208 | - kfree(data); | ||
4209 | + kzfree(data); | ||
4210 | } else { | ||
4211 | ret = datalen; | ||
4212 | if (copy_to_user(buffer, key->payload.data[big_key_data], | ||
4213 | @@ -342,47 +350,31 @@ long big_key_read(const struct key *key, char __user *buffer, size_t buflen) | ||
4214 | */ | ||
4215 | static int __init big_key_init(void) | ||
4216 | { | ||
4217 | - struct crypto_skcipher *cipher; | ||
4218 | - struct crypto_rng *rng; | ||
4219 | int ret; | ||
4220 | |||
4221 | - rng = crypto_alloc_rng(big_key_rng_name, 0, 0); | ||
4222 | - if (IS_ERR(rng)) { | ||
4223 | - pr_err("Can't alloc rng: %ld\n", PTR_ERR(rng)); | ||
4224 | - return PTR_ERR(rng); | ||
4225 | - } | ||
4226 | - | ||
4227 | - big_key_rng = rng; | ||
4228 | - | ||
4229 | - /* seed RNG */ | ||
4230 | - ret = crypto_rng_reset(rng, NULL, crypto_rng_seedsize(rng)); | ||
4231 | - if (ret) { | ||
4232 | - pr_err("Can't reset rng: %d\n", ret); | ||
4233 | - goto error_rng; | ||
4234 | - } | ||
4235 | - | ||
4236 | /* init block cipher */ | ||
4237 | - cipher = crypto_alloc_skcipher(big_key_alg_name, 0, CRYPTO_ALG_ASYNC); | ||
4238 | - if (IS_ERR(cipher)) { | ||
4239 | - ret = PTR_ERR(cipher); | ||
4240 | + big_key_aead = crypto_alloc_aead(big_key_alg_name, 0, CRYPTO_ALG_ASYNC); | ||
4241 | + if (IS_ERR(big_key_aead)) { | ||
4242 | + ret = PTR_ERR(big_key_aead); | ||
4243 | pr_err("Can't alloc crypto: %d\n", ret); | ||
4244 | - goto error_rng; | ||
4245 | + return ret; | ||
4246 | + } | ||
4247 | + ret = crypto_aead_setauthsize(big_key_aead, ENC_AUTHTAG_SIZE); | ||
4248 | + if (ret < 0) { | ||
4249 | + pr_err("Can't set crypto auth tag len: %d\n", ret); | ||
4250 | + goto free_aead; | ||
4251 | } | ||
4252 | - | ||
4253 | - big_key_skcipher = cipher; | ||
4254 | |||
4255 | ret = register_key_type(&key_type_big_key); | ||
4256 | if (ret < 0) { | ||
4257 | pr_err("Can't register type: %d\n", ret); | ||
4258 | - goto error_cipher; | ||
4259 | + goto free_aead; | ||
4260 | } | ||
4261 | |||
4262 | return 0; | ||
4263 | |||
4264 | -error_cipher: | ||
4265 | - crypto_free_skcipher(big_key_skcipher); | ||
4266 | -error_rng: | ||
4267 | - crypto_free_rng(big_key_rng); | ||
4268 | +free_aead: | ||
4269 | + crypto_free_aead(big_key_aead); | ||
4270 | return ret; | ||
4271 | } | ||
4272 | |||
4273 | diff --git a/security/keys/internal.h b/security/keys/internal.h | ||
4274 | index 1c02c6547038..503adbae7b0d 100644 | ||
4275 | --- a/security/keys/internal.h | ||
4276 | +++ b/security/keys/internal.h | ||
4277 | @@ -141,7 +141,7 @@ extern key_ref_t keyring_search_aux(key_ref_t keyring_ref, | ||
4278 | extern key_ref_t search_my_process_keyrings(struct keyring_search_context *ctx); | ||
4279 | extern key_ref_t search_process_keyrings(struct keyring_search_context *ctx); | ||
4280 | |||
4281 | -extern struct key *find_keyring_by_name(const char *name, bool skip_perm_check); | ||
4282 | +extern struct key *find_keyring_by_name(const char *name, bool uid_keyring); | ||
4283 | |||
4284 | extern int install_user_keyrings(void); | ||
4285 | extern int install_thread_keyring_to_cred(struct cred *); | ||
4286 | diff --git a/security/keys/key.c b/security/keys/key.c | ||
4287 | index 83da68d98b40..e5c0896c3a8f 100644 | ||
4288 | --- a/security/keys/key.c | ||
4289 | +++ b/security/keys/key.c | ||
4290 | @@ -302,6 +302,8 @@ struct key *key_alloc(struct key_type *type, const char *desc, | ||
4291 | key->flags |= 1 << KEY_FLAG_IN_QUOTA; | ||
4292 | if (flags & KEY_ALLOC_BUILT_IN) | ||
4293 | key->flags |= 1 << KEY_FLAG_BUILTIN; | ||
4294 | + if (flags & KEY_ALLOC_UID_KEYRING) | ||
4295 | + key->flags |= 1 << KEY_FLAG_UID_KEYRING; | ||
4296 | |||
4297 | #ifdef KEY_DEBUGGING | ||
4298 | key->magic = KEY_DEBUG_MAGIC; | ||
4299 | diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c | ||
4300 | index ab0b337c84b4..6a82090c7fc1 100644 | ||
4301 | --- a/security/keys/keyctl.c | ||
4302 | +++ b/security/keys/keyctl.c | ||
4303 | @@ -766,6 +766,11 @@ long keyctl_read_key(key_serial_t keyid, char __user *buffer, size_t buflen) | ||
4304 | |||
4305 | key = key_ref_to_ptr(key_ref); | ||
4306 | |||
4307 | + if (test_bit(KEY_FLAG_NEGATIVE, &key->flags)) { | ||
4308 | + ret = -ENOKEY; | ||
4309 | + goto error2; | ||
4310 | + } | ||
4311 | + | ||
4312 | /* see if we can read it directly */ | ||
4313 | ret = key_permission(key_ref, KEY_NEED_READ); | ||
4314 | if (ret == 0) | ||
4315 | diff --git a/security/keys/keyring.c b/security/keys/keyring.c | ||
4316 | index de81793f9920..4fa82a8a9c0e 100644 | ||
4317 | --- a/security/keys/keyring.c | ||
4318 | +++ b/security/keys/keyring.c | ||
4319 | @@ -423,7 +423,7 @@ static void keyring_describe(const struct key *keyring, struct seq_file *m) | ||
4320 | } | ||
4321 | |||
4322 | struct keyring_read_iterator_context { | ||
4323 | - size_t qty; | ||
4324 | + size_t buflen; | ||
4325 | size_t count; | ||
4326 | key_serial_t __user *buffer; | ||
4327 | }; | ||
4328 | @@ -435,9 +435,9 @@ static int keyring_read_iterator(const void *object, void *data) | ||
4329 | int ret; | ||
4330 | |||
4331 | kenter("{%s,%d},,{%zu/%zu}", | ||
4332 | - key->type->name, key->serial, ctx->count, ctx->qty); | ||
4333 | + key->type->name, key->serial, ctx->count, ctx->buflen); | ||
4334 | |||
4335 | - if (ctx->count >= ctx->qty) | ||
4336 | + if (ctx->count >= ctx->buflen) | ||
4337 | return 1; | ||
4338 | |||
4339 | ret = put_user(key->serial, ctx->buffer); | ||
4340 | @@ -472,16 +472,12 @@ static long keyring_read(const struct key *keyring, | ||
4341 | return 0; | ||
4342 | |||
4343 | /* Calculate how much data we could return */ | ||
4344 | - ctx.qty = nr_keys * sizeof(key_serial_t); | ||
4345 | - | ||
4346 | if (!buffer || !buflen) | ||
4347 | - return ctx.qty; | ||
4348 | - | ||
4349 | - if (buflen > ctx.qty) | ||
4350 | - ctx.qty = buflen; | ||
4351 | + return nr_keys * sizeof(key_serial_t); | ||
4352 | |||
4353 | /* Copy the IDs of the subscribed keys into the buffer */ | ||
4354 | ctx.buffer = (key_serial_t __user *)buffer; | ||
4355 | + ctx.buflen = buflen; | ||
4356 | ctx.count = 0; | ||
4357 | ret = assoc_array_iterate(&keyring->keys, keyring_read_iterator, &ctx); | ||
4358 | if (ret < 0) { | ||
4359 | @@ -1101,15 +1097,15 @@ key_ref_t find_key_to_update(key_ref_t keyring_ref, | ||
4360 | /* | ||
4361 | * Find a keyring with the specified name. | ||
4362 | * | ||
4363 | - * All named keyrings in the current user namespace are searched, provided they | ||
4364 | - * grant Search permission directly to the caller (unless this check is | ||
4365 | - * skipped). Keyrings whose usage points have reached zero or who have been | ||
4366 | - * revoked are skipped. | ||
4367 | + * Only keyrings that have nonzero refcount, are not revoked, and are owned by a | ||
4368 | + * user in the current user namespace are considered. If @uid_keyring is %true, | ||
4369 | + * the keyring additionally must have been allocated as a user or user session | ||
4370 | + * keyring; otherwise, it must grant Search permission directly to the caller. | ||
4371 | * | ||
4372 | * Returns a pointer to the keyring with the keyring's refcount having being | ||
4373 | * incremented on success. -ENOKEY is returned if a key could not be found. | ||
4374 | */ | ||
4375 | -struct key *find_keyring_by_name(const char *name, bool skip_perm_check) | ||
4376 | +struct key *find_keyring_by_name(const char *name, bool uid_keyring) | ||
4377 | { | ||
4378 | struct key *keyring; | ||
4379 | int bucket; | ||
4380 | @@ -1137,10 +1133,15 @@ struct key *find_keyring_by_name(const char *name, bool skip_perm_check) | ||
4381 | if (strcmp(keyring->description, name) != 0) | ||
4382 | continue; | ||
4383 | |||
4384 | - if (!skip_perm_check && | ||
4385 | - key_permission(make_key_ref(keyring, 0), | ||
4386 | - KEY_NEED_SEARCH) < 0) | ||
4387 | - continue; | ||
4388 | + if (uid_keyring) { | ||
4389 | + if (!test_bit(KEY_FLAG_UID_KEYRING, | ||
4390 | + &keyring->flags)) | ||
4391 | + continue; | ||
4392 | + } else { | ||
4393 | + if (key_permission(make_key_ref(keyring, 0), | ||
4394 | + KEY_NEED_SEARCH) < 0) | ||
4395 | + continue; | ||
4396 | + } | ||
4397 | |||
4398 | /* we've got a match but we might end up racing with | ||
4399 | * key_cleanup() if the keyring is currently 'dead' | ||
4400 | diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c | ||
4401 | index 86bced9fdbdf..293d3598153b 100644 | ||
4402 | --- a/security/keys/process_keys.c | ||
4403 | +++ b/security/keys/process_keys.c | ||
4404 | @@ -77,7 +77,8 @@ int install_user_keyrings(void) | ||
4405 | if (IS_ERR(uid_keyring)) { | ||
4406 | uid_keyring = keyring_alloc(buf, user->uid, INVALID_GID, | ||
4407 | cred, user_keyring_perm, | ||
4408 | - KEY_ALLOC_IN_QUOTA, | ||
4409 | + KEY_ALLOC_UID_KEYRING | | ||
4410 | + KEY_ALLOC_IN_QUOTA, | ||
4411 | NULL, NULL); | ||
4412 | if (IS_ERR(uid_keyring)) { | ||
4413 | ret = PTR_ERR(uid_keyring); | ||
4414 | @@ -94,7 +95,8 @@ int install_user_keyrings(void) | ||
4415 | session_keyring = | ||
4416 | keyring_alloc(buf, user->uid, INVALID_GID, | ||
4417 | cred, user_keyring_perm, | ||
4418 | - KEY_ALLOC_IN_QUOTA, | ||
4419 | + KEY_ALLOC_UID_KEYRING | | ||
4420 | + KEY_ALLOC_IN_QUOTA, | ||
4421 | NULL, NULL); | ||
4422 | if (IS_ERR(session_keyring)) { | ||
4423 | ret = PTR_ERR(session_keyring); | ||
4424 | diff --git a/tools/testing/selftests/seccomp/seccomp_bpf.c b/tools/testing/selftests/seccomp/seccomp_bpf.c | ||
4425 | index 73f5ea6778ce..9380c3fc7cfe 100644 | ||
4426 | --- a/tools/testing/selftests/seccomp/seccomp_bpf.c | ||
4427 | +++ b/tools/testing/selftests/seccomp/seccomp_bpf.c | ||
4428 | @@ -6,10 +6,18 @@ | ||
4429 | */ | ||
4430 | |||
4431 | #include <sys/types.h> | ||
4432 | -#include <asm/siginfo.h> | ||
4433 | -#define __have_siginfo_t 1 | ||
4434 | -#define __have_sigval_t 1 | ||
4435 | -#define __have_sigevent_t 1 | ||
4436 | + | ||
4437 | +/* | ||
4438 | + * glibc 2.26 and later have SIGSYS in siginfo_t. Before that, | ||
4439 | + * we need to use the kernel's siginfo.h file and trick glibc | ||
4440 | + * into accepting it. | ||
4441 | + */ | ||
4442 | +#if !__GLIBC_PREREQ(2, 26) | ||
4443 | +# include <asm/siginfo.h> | ||
4444 | +# define __have_siginfo_t 1 | ||
4445 | +# define __have_sigval_t 1 | ||
4446 | +# define __have_sigevent_t 1 | ||
4447 | +#endif | ||
4448 | |||
4449 | #include <errno.h> | ||
4450 | #include <linux/filter.h> | ||
4451 | @@ -676,7 +684,7 @@ TEST_F_SIGNAL(TRAP, ign, SIGSYS) | ||
4452 | syscall(__NR_getpid); | ||
4453 | } | ||
4454 | |||
4455 | -static struct siginfo TRAP_info; | ||
4456 | +static siginfo_t TRAP_info; | ||
4457 | static volatile int TRAP_nr; | ||
4458 | static void TRAP_action(int nr, siginfo_t *info, void *void_context) | ||
4459 | { |