Skip to content
Snippets Groups Projects
  1. Jun 14, 2020
    • Linus Torvalds's avatar
      Merge tag 'for-linus' of git://github.com/openrisc/linux · 56192707
      Linus Torvalds authored
      Pull OpenRISC update from Stafford Horne:
       "One patch found wile I was getting the glibc port ready: fix issue
        with clone TLS arg getting overwritten"
      
      * tag 'for-linus' of git://github.com/openrisc/linux:
        openrisc: Fix issue with argument clobbering for clone/fork
      56192707
    • Linus Torvalds's avatar
      Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mattst88/alpha · 66125d93
      Linus Torvalds authored
      Pull alpha updates from Matt Turner:
       "A few changes for alpha. They're mostly small janitorial fixes but
        there's also a build fix and most notably a patch from Mikulas that
        fixes a hang on boot on the Avanti platform, which required quite a
        bit of work and review"
      
      * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mattst88/alpha:
        alpha: Fix build around srm_sysrq_reboot_op
        alpha: c_next should increase position index
        alpha: Replace sg++ with sg = sg_next(sg)
        alpha: fix memory barriers so that they conform to the specification
        alpha: remove unneeded semicolon in sys_eiger.c
        alpha: remove unneeded semicolon in osf_sys.c
        alpha: Replace strncmp with str_has_prefix
        alpha: fix rtc port ranges
        alpha: Kconfig: pedantic formatting
      66125d93
    • Linus Torvalds's avatar
      Merge tag 'ras-core-2020-06-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · a9429089
      Linus Torvalds authored
      Pull x86 RAS updates from Thomas Gleixner:
       "RAS updates from Borislav Petkov:
      
         - Unmap a whole guest page if an MCE is encountered in it to avoid
           follow-on MCEs leading to the guest crashing, by Tony Luck.
      
           This change collided with the entry changes and the merge
           resolution would have been rather unpleasant. To avoid that the
           entry branch was merged in before applying this. The resulting code
           did not change over the rebase.
      
         - AMD MCE error thresholding machinery cleanup and hotplug
           sanitization, by Thomas Gleixner.
      
         - Change the MCE notifiers to denote whether they have handled the
           error and not break the chain early by returning NOTIFY_STOP, thus
           giving the opportunity for the later handlers in the chain to see
           it. By Tony Luck.
      
         - Add AMD family 0x17, models 0x60-6f support, by Alexander Monakov.
      
         - Last but not least, the usual round of fixes and improvements"
      
      * tag 'ras-core-2020-06-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (23 commits)
        x86/mce/dev-mcelog: Fix -Wstringop-truncation warning about strncpy()
        x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned
        EDAC/amd64: Add AMD family 17h model 60h PCI IDs
        hwmon: (k10temp) Add AMD family 17h model 60h PCI match
        x86/amd_nb: Add AMD family 17h model 60h PCI IDs
        x86/mcelog: Add compat_ioctl for 32-bit mcelog support
        x86/mce: Drop bogus comment about mce.kflags
        x86/mce: Fixup exception only for the correct MCEs
        EDAC: Drop the EDAC report status checks
        x86/mce: Add mce=print_all option
        x86/mce: Change default MCE logger to check mce->kflags
        x86/mce: Fix all mce notifiers to update the mce->kflags bitmask
        x86/mce: Add a struct mce.kflags field
        x86/mce: Convert the CEC to use the MCE notifier
        x86/mce: Rename "first" function as "early"
        x86/mce/amd, edac: Remove report_gart_errors
        x86/mce/amd: Make threshold bank setting hotplug robust
        x86/mce/amd: Cleanup threshold device remove path
        x86/mce/amd: Straighten CPU hotplug path
        x86/mce/amd: Sanitize thresholding device creation hotplug path
        ...
      a9429089
    • Linus Torvalds's avatar
      Merge tag 'x86-entry-2020-06-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 076f14be
      Linus Torvalds authored
      Pull x86 entry updates from Thomas Gleixner:
       "The x86 entry, exception and interrupt code rework
      
        This all started about 6 month ago with the attempt to move the Posix
        CPU timer heavy lifting out of the timer interrupt code and just have
        lockless quick checks in that code path. Trivial 5 patches.
      
        This unearthed an inconsistency in the KVM handling of task work and
        the review requested to move all of this into generic code so other
        architectures can share.
      
        Valid request and solved with another 25 patches but those unearthed
        inconsistencies vs. RCU and instrumentation.
      
        Digging into this made it obvious that there are quite some
        inconsistencies vs. instrumentation in general. The int3 text poke
        handling in particular was completely unprotected and with the batched
        update of trace events even more likely to expose to endless int3
        recursion.
      
        In parallel the RCU implications of instrumenting fragile entry code
        came up in several discussions.
      
        The conclusion of the x86 maintainer team was to go all the way and
        make the protection against any form of instrumentation of fragile and
        dangerous code pathes enforcable and verifiable by tooling.
      
        A first batch of preparatory work hit mainline with commit
        d5f744f9 ("Pull x86 entry code updates from Thomas Gleixner")
      
        That (almost) full solution introduced a new code section
        '.noinstr.text' into which all code which needs to be protected from
        instrumentation of all sorts goes into. Any call into instrumentable
        code out of this section has to be annotated. objtool has support to
        validate this.
      
        Kprobes now excludes this section fully which also prevents BPF from
        fiddling with it and all 'noinstr' annotated functions also keep
        ftrace off. The section, kprobes and objtool changes are already
        merged.
      
        The major changes coming with this are:
      
          - Preparatory cleanups
      
          - Annotating of relevant functions to move them into the
            noinstr.text section or enforcing inlining by marking them
            __always_inline so the compiler cannot misplace or instrument
            them.
      
          - Splitting and simplifying the idtentry macro maze so that it is
            now clearly separated into simple exception entries and the more
            interesting ones which use interrupt stacks and have the paranoid
            handling vs. CR3 and GS.
      
          - Move quite some of the low level ASM functionality into C code:
      
             - enter_from and exit to user space handling. The ASM code now
               calls into C after doing the really necessary ASM handling and
               the return path goes back out without bells and whistels in
               ASM.
      
             - exception entry/exit got the equivivalent treatment
      
             - move all IRQ tracepoints from ASM to C so they can be placed as
               appropriate which is especially important for the int3
               recursion issue.
      
          - Consolidate the declaration and definition of entry points between
            32 and 64 bit. They share a common header and macros now.
      
          - Remove the extra device interrupt entry maze and just use the
            regular exception entry code.
      
          - All ASM entry points except NMI are now generated from the shared
            header file and the corresponding macros in the 32 and 64 bit
            entry ASM.
      
          - The C code entry points are consolidated as well with the help of
            DEFINE_IDTENTRY*() macros. This allows to ensure at one central
            point that all corresponding entry points share the same
            semantics. The actual function body for most entry points is in an
            instrumentable and sane state.
      
            There are special macros for the more sensitive entry points, e.g.
            INT3 and of course the nasty paranoid #NMI, #MCE, #DB and #DF.
            They allow to put the whole entry instrumentation and RCU handling
            into safe places instead of the previous pray that it is correct
            approach.
      
          - The INT3 text poke handling is now completely isolated and the
            recursion issue banned. Aside of the entry rework this required
            other isolation work, e.g. the ability to force inline bsearch.
      
          - Prevent #DB on fragile entry code, entry relevant memory and
            disable it on NMI, #MC entry, which allowed to get rid of the
            nested #DB IST stack shifting hackery.
      
          - A few other cleanups and enhancements which have been made
            possible through this and already merged changes, e.g.
            consolidating and further restricting the IDT code so the IDT
            table becomes RO after init which removes yet another popular
            attack vector
      
          - About 680 lines of ASM maze are gone.
      
        There are a few open issues:
      
         - An escape out of the noinstr section in the MCE handler which needs
           some more thought but under the aspect that MCE is a complete
           trainwreck by design and the propability to survive it is low, this
           was not high on the priority list.
      
         - Paravirtualization
      
           When PV is enabled then objtool complains about a bunch of indirect
           calls out of the noinstr section. There are a few straight forward
           ways to fix this, but the other issues vs. general correctness were
           more pressing than parawitz.
      
         - KVM
      
           KVM is inconsistent as well. Patches have been posted, but they
           have not yet been commented on or picked up by the KVM folks.
      
         - IDLE
      
           Pretty much the same problems can be found in the low level idle
           code especially the parts where RCU stopped watching. This was
           beyond the scope of the more obvious and exposable problems and is
           on the todo list.
      
        The lesson learned from this brain melting exercise to morph the
        evolved code base into something which can be validated and understood
        is that once again the violation of the most important engineering
        principle "correctness first" has caused quite a few people to spend
        valuable time on problems which could have been avoided in the first
        place. The "features first" tinkering mindset really has to stop.
      
        With that I want to say thanks to everyone involved in contributing to
        this effort. Special thanks go to the following people (alphabetical
        order): Alexandre Chartre, Andy Lutomirski, Borislav Petkov, Brian
        Gerst, Frederic Weisbecker, Josh Poimboeuf, Juergen Gross, Lai
        Jiangshan, Macro Elver, Paolo Bonzin,i Paul McKenney, Peter Zijlstra,
        Vitaly Kuznetsov, and Will Deacon"
      
      * tag 'x86-entry-2020-06-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (142 commits)
        x86/entry: Force rcu_irq_enter() when in idle task
        x86/entry: Make NMI use IDTENTRY_RAW
        x86/entry: Treat BUG/WARN as NMI-like entries
        x86/entry: Unbreak __irqentry_text_start/end magic
        x86/entry: __always_inline CR2 for noinstr
        lockdep: __always_inline more for noinstr
        x86/entry: Re-order #DB handler to avoid *SAN instrumentation
        x86/entry: __always_inline arch_atomic_* for noinstr
        x86/entry: __always_inline irqflags for noinstr
        x86/entry: __always_inline debugreg for noinstr
        x86/idt: Consolidate idt functionality
        x86/idt: Cleanup trap_init()
        x86/idt: Use proper constants for table size
        x86/idt: Add comments about early #PF handling
        x86/idt: Mark init only functions __init
        x86/entry: Rename trace_hardirqs_off_prepare()
        x86/entry: Clarify irq_{enter,exit}_rcu()
        x86/entry: Remove DBn stacks
        x86/entry: Remove debug IDT frobbing
        x86/entry: Optimize local_db_save() for virt
        ...
      076f14be
    • Linus Torvalds's avatar
      Merge tag 'notifications-20200601' of... · 6c329784
      Linus Torvalds authored
      Merge tag 'notifications-20200601' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
      
      Pull notification queue from David Howells:
       "This adds a general notification queue concept and adds an event
        source for keys/keyrings, such as linking and unlinking keys and
        changing their attributes.
      
        Thanks to Debarshi Ray, we do have a pull request to use this to fix a
        problem with gnome-online-accounts - as mentioned last time:
      
           https://gitlab.gnome.org/GNOME/gnome-online-accounts/merge_requests/47
      
        Without this, g-o-a has to constantly poll a keyring-based kerberos
        cache to find out if kinit has changed anything.
      
        [ There are other notification pending: mount/sb fsinfo notifications
          for libmount that Karel Zak and Ian Kent have been working on, and
          Christian Brauner would like to use them in lxc, but let's see how
          this one works first ]
      
        LSM hooks are included:
      
         - A set of hooks are provided that allow an LSM to rule on whether or
           not a watch may be set. Each of these hooks takes a different
           "watched object" parameter, so they're not really shareable. The
           LSM should use current's credentials. [Wanted by SELinux & Smack]
      
         - A hook is provided to allow an LSM to rule on whether or not a
           particular message may be posted to a particular queue. This is
           given the credentials from the event generator (which may be the
           system) and the watch setter. [Wanted by Smack]
      
        I've provided SELinux and Smack with implementations of some of these
        hooks.
      
        WHY
        ===
      
        Key/keyring notifications are desirable because if you have your
        kerberos tickets in a file/directory, your Gnome desktop will monitor
        that using something like fanotify and tell you if your credentials
        cache changes.
      
        However, we also have the ability to cache your kerberos tickets in
        the session, user or persistent keyring so that it isn't left around
        on disk across a reboot or logout. Keyrings, however, cannot currently
        be monitored asynchronously, so the desktop has to poll for it - not
        so good on a laptop. This facility will allow the desktop to avoid the
        need to poll.
      
        DESIGN DECISIONS
        ================
      
         - The notification queue is built on top of a standard pipe. Messages
           are effectively spliced in. The pipe is opened with a special flag:
      
              pipe2(fds, O_NOTIFICATION_PIPE);
      
           The special flag has the same value as O_EXCL (which doesn't seem
           like it will ever be applicable in this context)[?]. It is given up
           front to make it a lot easier to prohibit splice&co from accessing
           the pipe.
      
           [?] Should this be done some other way?  I'd rather not use up a new
               O_* flag if I can avoid it - should I add a pipe3() system call
               instead?
      
           The pipe is then configured::
      
              ioctl(fds[1], IOC_WATCH_QUEUE_SET_SIZE, queue_depth);
              ioctl(fds[1], IOC_WATCH_QUEUE_SET_FILTER, &filter);
      
           Messages are then read out of the pipe using read().
      
         - It should be possible to allow write() to insert data into the
           notification pipes too, but this is currently disabled as the
           kernel has to be able to insert messages into the pipe *without*
           holding pipe->mutex and the code to make this work needs careful
           auditing.
      
         - sendfile(), splice() and vmsplice() are disabled on notification
           pipes because of the pipe->mutex issue and also because they
           sometimes want to revert what they just did - but one or more
           notification messages might've been interleaved in the ring.
      
         - The kernel inserts messages with the wait queue spinlock held. This
           means that pipe_read() and pipe_write() have to take the spinlock
           to update the queue pointers.
      
         - Records in the buffer are binary, typed and have a length so that
           they can be of varying size.
      
           This allows multiple heterogeneous sources to share a common
           buffer; there are 16 million types available, of which I've used
           just a few, so there is scope for others to be used. Tags may be
           specified when a watchpoint is created to help distinguish the
           sources.
      
         - Records are filterable as types have up to 256 subtypes that can be
           individually filtered. Other filtration is also available.
      
         - Notification pipes don't interfere with each other; each may be
           bound to a different set of watches. Any particular notification
           will be copied to all the queues that are currently watching for it
           - and only those that are watching for it.
      
         - When recording a notification, the kernel will not sleep, but will
           rather mark a queue as having lost a message if there's
           insufficient space. read() will fabricate a loss notification
           message at an appropriate point later.
      
         - The notification pipe is created and then watchpoints are attached
           to it, using one of:
      
              keyctl_watch_key(KEY_SPEC_SESSION_KEYRING, fds[1], 0x01);
              watch_mount(AT_FDCWD, "/", 0, fd, 0x02);
              watch_sb(AT_FDCWD, "/mnt", 0, fd, 0x03);
      
           where in both cases, fd indicates the queue and the number after is
           a tag between 0 and 255.
      
         - Watches are removed if either the notification pipe is destroyed or
           the watched object is destroyed. In the latter case, a message will
           be generated indicating the enforced watch removal.
      
        Things I want to avoid:
      
         - Introducing features that make the core VFS dependent on the
           network stack or networking namespaces (ie. usage of netlink).
      
         - Dumping all this stuff into dmesg and having a daemon that sits
           there parsing the output and distributing it as this then puts the
           responsibility for security into userspace and makes handling
           namespaces tricky. Further, dmesg might not exist or might be
           inaccessible inside a container.
      
         - Letting users see events they shouldn't be able to see.
      
        TESTING AND MANPAGES
        ====================
      
         - The keyutils tree has a pipe-watch branch that has keyctl commands
           for making use of notifications. Proposed manual pages can also be
           found on this branch, though a couple of them really need to go to
           the main manpages repository instead.
      
           If the kernel supports the watching of keys, then running "make
           test" on that branch will cause the testing infrastructure to spawn
           a monitoring process on the side that monitors a notifications pipe
           for all the key/keyring changes induced by the tests and they'll
           all be checked off to make sure they happened.
      
              https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git/log/?h=pipe-watch
      
         - A test program is provided (samples/watch_queue/watch_test) that
           can be used to monitor for keyrings, mount and superblock events.
           Information on the notifications is simply logged to stdout"
      
      * tag 'notifications-20200601' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs:
        smack: Implement the watch_key and post_notification hooks
        selinux: Implement the watch_key security hook
        keys: Make the KEY_NEED_* perms an enum rather than a mask
        pipe: Add notification lossage handling
        pipe: Allow buffers to be marked read-whole-or-error for notifications
        Add sample notification program
        watch_queue: Add a key/keyring notification facility
        security: Add hooks to rule on setting a watch
        pipe: Add general notification queue support
        pipe: Add O_NOTIFICATION_PIPE
        security: Add a hook for the point of notification insertion
        uapi: General notification queue definitions
      6c329784
  2. Jun 13, 2020
  3. Jun 12, 2020
    • Rob Herring's avatar
      8440d4a7
    • Rob Herring's avatar
      dt-bindings: Remove redundant 'maxItems' · 44761570
      Rob Herring authored
      
      There's no need to specify 'maxItems' with the same value as the number
      of entries in 'items'. A meta-schema update will catch future cases.
      
      Cc: Shawn Guo <shawnguo@kernel.org>
      Cc: Sascha Hauer <s.hauer@pengutronix.de>
      Cc: Anson Huang <Anson.Huang@nxp.com>
      Cc: linux-clk@vger.kernel.org
      Cc: linux-pwm@vger.kernel.org
      Cc: linux-usb@vger.kernel.org
      Reviewed-by: Stephen Boyd <sboyd@kernel.org> # clk
      Acked-by: default avatarThierry Reding <thierry.reding@gmail.com>
      Signed-off-by: default avatarRob Herring <robh@kernel.org>
      44761570
    • Mimi Zohar's avatar
      ima: fix mprotect checking · 4235b1a4
      Mimi Zohar authored
      
      Make sure IMA is enabled before checking mprotect change.  Addresses
      report of a 3.7% regression of boot-time.dhcp.
      
      Fixes: 8eb613c0 ("ima: verify mprotect change is consistent with mmap policy")
      Reported-by: default avatarkernel test robot <rong.a.chen@intel.com>
      Reviewed-by: default avatarLakshmi Ramasubramanian <nramas@linux.microsoft.com>
      Tested-by: default avatarXing Zhengjun <zhengjun.xing@linux.intel.com>
      Signed-off-by: default avatarMimi Zohar <zohar@linux.ibm.com>
      4235b1a4
    • Thomas Gleixner's avatar
      x86/entry: Make NMI use IDTENTRY_RAW · 71ed49d8
      Thomas Gleixner authored
      
      For no reason other than beginning brainmelt, IDTENTRY_NMI was mapped to
      IDTENTRY_IST.
      
      This is not a problem on 64bit because the IST default entry point maps to
      IDTENTRY_RAW which does not any entry handling. The surplus function
      declaration for the noist C entry point is unused and as there is no ASM
      code emitted for NMI this went unnoticed.
      
      On 32bit IDTENTRY_IST maps to a regular IDTENTRY which does the normal
      entry handling. That is clearly the wrong thing to do for NMI.
      
      Map it to IDTENTRY_RAW to unbreak it. The IDTENTRY_NMI mapping needs to
      stay to avoid emitting ASM code.
      
      Fixes: 6271fef0 ("x86/entry: Convert NMI to IDTENTRY_NMI")
      Reported-by: default avatarNaresh Kamboju <naresh.kamboju@linaro.org>
      Debugged-by: default avatarAndy Lutomirski <luto@kernel.org>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Link: https://lkml.kernel.org/r/CA+G9fYvF3cyrY+-iw_SZtpN-i2qA2BruHg4M=QYECU2-dNdsMw@mail.gmail.com
      71ed49d8
    • Andy Lutomirski's avatar
      x86/entry: Treat BUG/WARN as NMI-like entries · 15a416e8
      Andy Lutomirski authored
      
      BUG/WARN are cleverly optimized using UD2 to handle the BUG/WARN out of
      line in an exception fixup.
      
      But if BUG or WARN is issued in a funny RCU context, then the
      idtentry_enter...() path might helpfully WARN that the RCU context is
      invalid, which results in infinite recursion.
      
      Split the BUG/WARN handling into an nmi_enter()/nmi_exit() path in
      exc_invalid_op() to increase the chance to survive the experience.
      
      [ tglx: Make the declaration match the implementation ]
      
      Signed-off-by: default avatarAndy Lutomirski <luto@kernel.org>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Link: https://lkml.kernel.org/r/f8fe40e0088749734b4435b554f73eee53dcf7a8.1591932307.git.luto@kernel.org
      15a416e8
    • Ley Foon Tan's avatar
      nios2: signal: Mark expected switch fall-through · 6b57fa4d
      Ley Foon Tan authored
      
      Mark switch cases where we are expecting to fall through.
      
      Fix the following warning through the use of the new the new
      pseudo-keyword fallthrough;
      
      arch/nios2/kernel/signal.c:254:12: warning: this statement may fall through [-Wimplicit-fallthrough=]
        254 |    restart = -2;
            |    ~~~~~~~~^~~~
      arch/nios2/kernel/signal.c:255:3: note: here
        255 |   case ERESTARTNOHAND:
            |   ^~~~
      
      Reported-by: default avatarChristian Brauner <christian.brauner@ubuntu.com>
      Signed-off-by: default avatarGustavo A. R. Silva <gustavoars@kernel.org>
      Signed-off-by: default avatarLey Foon Tan <ley.foon.tan@intel.com>
      6b57fa4d
    • Linus Torvalds's avatar
      Merge tag 'locking-kcsan-2020-06-11' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · b791d1bd
      Linus Torvalds authored
      Pull the Kernel Concurrency Sanitizer from Thomas Gleixner:
       "The Kernel Concurrency Sanitizer (KCSAN) is a dynamic race detector,
        which relies on compile-time instrumentation, and uses a
        watchpoint-based sampling approach to detect races.
      
        The feature was under development for quite some time and has already
        found legitimate bugs.
      
        Unfortunately it comes with a limitation, which was only understood
        late in the development cycle:
      
           It requires an up to date CLANG-11 compiler
      
        CLANG-11 is not yet released (scheduled for June), but it's the only
        compiler today which handles the kernel requirements and especially
        the annotations of functions to exclude them from KCSAN
        instrumentation correctly.
      
        These annotations really need to work so that low level entry code and
        especially int3 text poke handling can be completely isolated.
      
        A detailed discussion of the requirements and compiler issues can be
        found here:
      
          https://lore.kernel.org/lkml/CANpmjNMTsY_8241bS7=XAfqvZHFLrVEkv_uM4aDUWE_kh3Rvbw@mail.gmail.com/
      
        We came to the conclusion that trying to work around compiler
        limitations and bugs again would end up in a major trainwreck, so
        requiring a working compiler seemed to be the best choice.
      
        For Continous Integration purposes the compiler restriction is
        manageable and that's where most xxSAN reports come from.
      
        For a change this limitation might make GCC people actually look at
        their bugs. Some issues with CSAN in GCC are 7 years old and one has
        been 'fixed' 3 years ago with a half baken solution which 'solved' the
        reported issue but not the underlying problem.
      
        The KCSAN developers also ponder to use a GCC plugin to become
        independent, but that's not something which will show up in a few
        days.
      
        Blocking KCSAN until wide spread compiler support is available is not
        a really good alternative because the continuous growth of lockless
        optimizations in the kernel demands proper tooling support"
      
      * tag 'locking-kcsan-2020-06-11' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (76 commits)
        compiler_types.h, kasan: Use __SANITIZE_ADDRESS__ instead of CONFIG_KASAN to decide inlining
        compiler.h: Move function attributes to compiler_types.h
        compiler.h: Avoid nested statement expression in data_race()
        compiler.h: Remove data_race() and unnecessary checks from {READ,WRITE}_ONCE()
        kcsan: Update Documentation to change supported compilers
        kcsan: Remove 'noinline' from __no_kcsan_or_inline
        kcsan: Pass option tsan-instrument-read-before-write to Clang
        kcsan: Support distinguishing volatile accesses
        kcsan: Restrict supported compilers
        kcsan: Avoid inserting __tsan_func_entry/exit if possible
        ubsan, kcsan: Don't combine sanitizer with kcov on clang
        objtool, kcsan: Add kcsan_disable_current() and kcsan_enable_current_nowarn()
        kcsan: Add __kcsan_{enable,disable}_current() variants
        checkpatch: Warn about data_race() without comment
        kcsan: Use GFP_ATOMIC under spin lock
        Improve KCSAN documentation a bit
        kcsan: Make reporting aware of KCSAN tests
        kcsan: Fix function matching in report
        kcsan: Change data_race() to no longer require marking racing accesses
        kcsan: Move kcsan_{disable,enable}_current() to kcsan-checks.h
        ...
      b791d1bd
    • Linus Torvalds's avatar
      Merge tag 'locking-urgent-2020-06-11' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip · 9716e57a
      Linus Torvalds authored
      Pull atomics rework from Thomas Gleixner:
       "Peter Zijlstras rework of atomics and fallbacks. This solves two
        problems:
      
         1) Compilers uninline small atomic_* static inline functions which
            can expose them to instrumentation.
      
         2) The instrumentation of atomic primitives was done at the
            architecture level while composites or fallbacks were provided at
            the generic level. As a result there are no uninstrumented
            variants of the fallbacks.
      
        Both issues were in the way of fully isolating fragile entry code
        pathes and especially the text poke int3 handler which is prone to an
        endless recursion problem when anything in that code path is about to
        be instrumented. This was always a problem, but got elevated due to
        the new batch mode updates of tracing.
      
        The solution is to mark the functions __always_inline and to flip the
        fallback and instrumentation so the non-instrumented variants are at
        the architecture level and the instrumentation is done in generic
        code.
      
        The latter introduces another fallback variant which will go away once
        all architectures have been moved over to arch_atomic_*"
      
      * tag 'locking-urgent-2020-06-11' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
        locking/atomics: Flip fallbacks and instrumentation
        asm-generic/atomic: Use __always_inline for fallback wrappers
      9716e57a
    • Linus Torvalds's avatar
      Merge branch 'akpm' (patches from Andrew) · b1a62749
      Linus Torvalds authored
      Pull updates from Andrew Morton:
       "A few fixes and stragglers.
      
        Subsystems affected by this patch series: mm/memory-failure, ocfs2,
        lib/lzo, misc"
      
      * emailed patches from Andrew Morton <akpm@linux-foundation.org>:
        amdgpu: a NULL ->mm does not mean a thread is a kthread
        lib/lzo: fix ambiguous encoding bug in lzo-rle
        ocfs2: fix build failure when TCP/IP is disabled
        mm/memory-failure: send SIGBUS(BUS_MCEERR_AR) only to current thread
        mm/memory-failure: prioritize prctl(PR_MCE_KILL) over vm.memory_failure_early_kill
      b1a62749
    • Christoph Hellwig's avatar
      amdgpu: a NULL ->mm does not mean a thread is a kthread · 8449d150
      Christoph Hellwig authored
      
      Use the proper API instead.
      
      Fixes: 70539bd7 ("drm/amd: Update MEC HQD loading code for KFD")
      Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Tested-by: default avatarJens Axboe <axboe@kernel.dk>
      Reviewed-by: default avatarFelix Kuehling <Felix.Kuehling@amd.com>
      Reviewed-by: default avatarJens Axboe <axboe@kernel.dk>
      Cc: Al Viro <viro@zeniv.linux.org.uk>
      Cc: Alex Deucher <alexander.deucher@amd.com>
      Cc: Zhenyu Wang <zhenyuw@linux.intel.com>
      Cc: Zhi Wang <zhi.a.wang@intel.com>
      Cc: Felipe Balbi <balbi@kernel.org>
      Cc: "Michael S. Tsirkin" <mst@redhat.com>
      Cc: Jason Wang <jasowang@redhat.com>
      Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      Link: http://lkml.kernel.org/r/20200404094101.672954-1-hch@lst.de
      Link: http://lkml.kernel.org/r/20200404094101.672954-2-hch@lst.de
      
      
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      8449d150
    • Dave Rodgman's avatar
      lib/lzo: fix ambiguous encoding bug in lzo-rle · b5265c81
      Dave Rodgman authored
      
      In some rare cases, for input data over 32 KB, lzo-rle could encode two
      different inputs to the same compressed representation, so that
      decompression is then ambiguous (i.e.  data may be corrupted - although
      zram is not affected because it operates over 4 KB pages).
      
      This modifies the compressor without changing the decompressor or the
      bitstream format, such that:
      
       - there is no change to how data produced by the old compressor is
         decompressed
      
       - an old decompressor will correctly decode data from the updated
         compressor
      
       - performance and compression ratio are not affected
      
       - we avoid introducing a new bitstream format
      
      In testing over 12.8M real-world files totalling 903 GB, three files
      were affected by this bug.  I also constructed 37M semi-random 64 KB
      files totalling 2.27 TB, and saw no affected files.  Finally I tested
      over files constructed to contain each of the ~1024 possible bad input
      sequences; for all of these cases, updated lzo-rle worked correctly.
      
      There is no significant impact to performance or compression ratio.
      
      Signed-off-by: default avatarDave Rodgman <dave.rodgman@arm.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Cc: Mark Rutland <mark.rutland@arm.com>
      Cc: Dave Rodgman <dave.rodgman@arm.com>
      Cc: Willy Tarreau <w@1wt.eu>
      Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
      Cc: Markus F.X.J. Oberhumer <markus@oberhumer.com>
      Cc: Minchan Kim <minchan@kernel.org>
      Cc: Nitin Gupta <ngupta@vflare.org>
      Cc: Chao Yu <yuchao0@huawei.com>
      Cc: <stable@vger.kernel.org>
      Link: http://lkml.kernel.org/r/20200507100203.29785-1-dave.rodgman@arm.com
      
      
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      b5265c81
    • Tom Seewald's avatar
      ocfs2: fix build failure when TCP/IP is disabled · fce1affe
      Tom Seewald authored
      
      After commit 12abc5ee ("tcp: add tcp_sock_set_nodelay") and commit
      c488aead ("tcp: add tcp_sock_set_user_timeout"), building the kernel
      with OCFS2_FS=y but without INET=y causes it to fail with:
      
        ld: fs/ocfs2/cluster/tcp.o: in function `o2net_accept_many':
        tcp.c:(.text+0x21b1): undefined reference to `tcp_sock_set_nodelay'
        ld: tcp.c:(.text+0x21c1): undefined reference to `tcp_sock_set_user_timeout'
        ld: fs/ocfs2/cluster/tcp.o: in function `o2net_start_connect':
        tcp.c:(.text+0x2633): undefined reference to `tcp_sock_set_nodelay'
        ld: tcp.c:(.text+0x2643): undefined reference to `tcp_sock_set_user_timeout'
      
      This is due to tcp_sock_set_nodelay() and tcp_sock_set_user_timeout()
      being declared in linux/tcp.h and defined in net/ipv4/tcp.c, which
      depend on TCP/IP being enabled.
      
      To fix this, make OCFS2_FS depend on INET=y which already requires
      NET=y.
      
      Fixes: 12abc5ee ("tcp: add tcp_sock_set_nodelay")
      Fixes: c488aead ("tcp: add tcp_sock_set_user_timeout")
      Signed-off-by: default avatarTom Seewald <tseewald@gmail.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Reviewed-by: default avatarJoseph Qi <joseph.qi@linux.alibaba.com>
      Acked-by: default avatarChristoph Hellwig <hch@lst.de>
      Cc: Sagi Grimberg <sagi@grimberg.me>
      Cc: Jason Gunthorpe <jgg@mellanox.com>
      Cc: David S. Miller <davem@davemloft.net>
      Cc: Mark Fasheh <mark@fasheh.com>
      Cc: Joel Becker <jlbec@evilplan.org>
      Cc: Junxiao Bi <junxiao.bi@oracle.com>
      Cc: Changwei Ge <gechangwei@live.cn>
      Cc: Gang He <ghe@suse.com>
      Cc: Jun Piao <piaojun@huawei.com>
      Link: http://lkml.kernel.org/r/20200606190827.23954-1-tseewald@gmail.com
      
      
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      fce1affe
    • Naoya Horiguchi's avatar
      mm/memory-failure: send SIGBUS(BUS_MCEERR_AR) only to current thread · 03151c6e
      Naoya Horiguchi authored
      
      Action Required memory error should happen only when a processor is
      about to access to a corrupted memory, so it's synchronous and only
      affects current process/thread.
      
      Recently commit 872e9a20 ("mm, memory_failure: don't send
      BUS_MCEERR_AO for action required error") fixed the issue that Action
      Required memory could unnecessarily send SIGBUS to the processes which
      share the error memory.  But we still have another issue that we could
      send SIGBUS to a wrong thread.
      
      This is because collect_procs() and task_early_kill() fails to add the
      current process to "to-kill" list.  So this patch is suggesting to fix
      it.  With this fix, SIGBUS(BUS_MCEERR_AR) is never sent to non-current
      process/thread.
      
      Signed-off-by: default avatarNaoya Horiguchi <naoya.horiguchi@nec.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Acked-by: default avatarTony Luck <tony.luck@intel.com>
      Acked-by: default avatarPankaj Gupta <pankaj.gupta.linux@gmail.com>
      Link: http://lkml.kernel.org/r/1591321039-22141-3-git-send-email-naoya.horiguchi@nec.com
      
      
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      03151c6e
    • Naoya Horiguchi's avatar
      mm/memory-failure: prioritize prctl(PR_MCE_KILL) over vm.memory_failure_early_kill · 4e018b45
      Naoya Horiguchi authored
      
      Patch series "hwpoison: fixes signaling on memory error"
      
      This is a small patchset to solve issues in memory error handler to send
      SIGBUS to proper process/thread as expected in configuration.  Please
      see descriptions in individual patches for more details.
      
      This patch (of 2):
      
      Early-kill policy is controlled from two types of settings, one is
      per-process setting prctl(PR_MCE_KILL) and the other is system-wide
      setting vm.memory_failure_early_kill.  Users expect per-process setting
      to override system-wide setting as many other settings do, but
      early-kill setting doesn't work as such.
      
      For example, if a system configures vm.memory_failure_early_kill to 1
      (enabled), a process receives SIGBUS even if it's configured to
      explicitly disable PF_MCE_KILL by prctl().  That's not desirable for
      applications with their own policies.
      
      This patch is suggesting to change the priority of these two types of
      settings, by checking sysctl_memory_failure_early_kill only when a given
      process has the default kill policy.
      
      Note that this patch is solving a thread choice issue too.
      
      Originally, collect_procs() always chooses the main thread when
      vm.memory_failure_early_kill is 1, even if the process has a dedicated
      thread for memory error handling.  SIGBUS should be sent to the
      dedicated thread if early-kill is enabled via
      vm.memory_failure_early_kill as we are doing for PR_MCE_KILL_EARLY
      processes.
      
      Signed-off-by: default avatarNaoya Horiguchi <naoya.horiguchi@nec.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Cc: Tony Luck <tony.luck@intel.com>
      Cc: Pankaj Gupta <pankaj.gupta.linux@gmail.com>
      Link: http://lkml.kernel.org/r/1591321039-22141-1-git-send-email-naoya.horiguchi@nec.com
      Link: http://lkml.kernel.org/r/1591321039-22141-2-git-send-email-naoya.horiguchi@nec.com
      
      
      Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
      4e018b45