| Age | Commit message (Collapse) | Author |
|---|
|
If bond doesn't have real device, bond->curr_active_slave is null.
But bond_ipsec_add_sa() dereferences bond->curr_active_slave without
null checking.
So, null-ptr-deref would occur.
Test commands:
ip link add bond0 type bond
ip link set bond0 up
ip x s add proto esp dst 14.1.1.1 src 15.1.1.1 spi \
0x07 mode transport reqid 0x07 replay-window 32 aead 'rfc4106(gcm(aes))' \
0x44434241343332312423222114131211f4f3f2f1 128 sel src 14.0.0.52/24 \
dst 14.0.0.70/24 proto tcp offload dev bond0 dir in
Splat looks like:
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
CPU: 4 PID: 680 Comm: ip Not tainted 5.13.0-rc3+ #1168
RIP: 0010:bond_ipsec_add_sa+0xc4/0x2e0 [bonding]
Code: 85 21 02 00 00 4d 8b a6 48 0c 00 00 e8 75 58 44 ce 85 c0 0f 85 14
01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02
00 0f 85 fc 01 00 00 48 8d bb e0 02 00 00 4d 8b 2c 24 48
RSP: 0018:ffff88810946f508 EFLAGS: 00010246
RAX: dffffc0000000000 RBX: ffff88810b4e8040 RCX: 0000000000000001
RDX: 0000000000000000 RSI: ffffffff8fe34280 RDI: ffff888115abe100
RBP: ffff88810946f528 R08: 0000000000000003 R09: fffffbfff2287e11
R10: 0000000000000001 R11: ffff888115abe0c8 R12: 0000000000000000
R13: ffffffffc0aea9a0 R14: ffff88800d7d2000 R15: ffff88810b4e8330
FS: 00007efc5552e680(0000) GS:ffff888119c00000(0000)
knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055c2530dbf40 CR3: 0000000103056004 CR4: 00000000003706e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
xfrm_dev_state_add+0x2a9/0x770
? memcpy+0x38/0x60
xfrm_add_sa+0x2278/0x3b10 [xfrm_user]
? xfrm_get_policy+0xaa0/0xaa0 [xfrm_user]
? register_lock_class+0x1750/0x1750
xfrm_user_rcv_msg+0x331/0x660 [xfrm_user]
? rcu_read_lock_sched_held+0x91/0xc0
? xfrm_user_state_lookup.constprop.39+0x320/0x320 [xfrm_user]
? find_held_lock+0x3a/0x1c0
? mutex_lock_io_nested+0x1210/0x1210
? sched_clock_cpu+0x18/0x170
netlink_rcv_skb+0x121/0x350
? xfrm_user_state_lookup.constprop.39+0x320/0x320 [xfrm_user]
? netlink_ack+0x9d0/0x9d0
? netlink_deliver_tap+0x17c/0xa50
xfrm_netlink_rcv+0x68/0x80 [xfrm_user]
netlink_unicast+0x41c/0x610
? netlink_attachskb+0x710/0x710
netlink_sendmsg+0x6b9/0xb70
[ ...]
Fixes: 18cb261afd7b ("bonding: support hardware encryption offload to slaves")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
To dereference bond->curr_active_slave, it uses rcu_dereference().
But it and the caller doesn't acquire RCU so a warning occurs.
So add rcu_read_lock().
Test commands:
ip link add dummy0 type dummy
ip link add bond0 type bond
ip link set dummy0 master bond0
ip link set dummy0 up
ip link set bond0 up
ip x s add proto esp dst 14.1.1.1 src 15.1.1.1 spi 0x07 \
mode transport \
reqid 0x07 replay-window 32 aead 'rfc4106(gcm(aes))' \
0x44434241343332312423222114131211f4f3f2f1 128 sel \
src 14.0.0.52/24 dst 14.0.0.70/24 proto tcp offload \
dev bond0 dir in
Splat looks like:
=============================
WARNING: suspicious RCU usage
5.13.0-rc3+ #1168 Not tainted
-----------------------------
drivers/net/bonding/bond_main.c:411 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
1 lock held by ip/684:
#0: ffffffff9a2757c0 (&net->xfrm.xfrm_cfg_mutex){+.+.}-{3:3},
at: xfrm_netlink_rcv+0x59/0x80 [xfrm_user]
55.191733][ T684] stack backtrace:
CPU: 0 PID: 684 Comm: ip Not tainted 5.13.0-rc3+ #1168
Call Trace:
dump_stack+0xa4/0xe5
bond_ipsec_add_sa+0x18c/0x1f0 [bonding]
xfrm_dev_state_add+0x2a9/0x770
? memcpy+0x38/0x60
xfrm_add_sa+0x2278/0x3b10 [xfrm_user]
? xfrm_get_policy+0xaa0/0xaa0 [xfrm_user]
? register_lock_class+0x1750/0x1750
xfrm_user_rcv_msg+0x331/0x660 [xfrm_user]
? rcu_read_lock_sched_held+0x91/0xc0
? xfrm_user_state_lookup.constprop.39+0x320/0x320 [xfrm_user]
? find_held_lock+0x3a/0x1c0
? mutex_lock_io_nested+0x1210/0x1210
? sched_clock_cpu+0x18/0x170
netlink_rcv_skb+0x121/0x350
? xfrm_user_state_lookup.constprop.39+0x320/0x320 [xfrm_user]
? netlink_ack+0x9d0/0x9d0
? netlink_deliver_tap+0x17c/0xa50
xfrm_netlink_rcv+0x68/0x80 [xfrm_user]
netlink_unicast+0x41c/0x610
? netlink_attachskb+0x710/0x710
netlink_sendmsg+0x6b9/0xb70
[ ... ]
Fixes: 18cb261afd7b ("bonding: support hardware encryption offload to slaves")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
This commit fixes a bug (found by syzkaller) that could cause spurious
double-initializations for congestion control modules, which could cause
memory leaks or other problems for congestion control modules (like CDG)
that allocate memory in their init functions.
The buggy scenario constructed by syzkaller was something like:
(1) create a TCP socket
(2) initiate a TFO connect via sendto()
(3) while socket is in TCP_SYN_SENT, call setsockopt(TCP_CONGESTION),
which calls:
tcp_set_congestion_control() ->
tcp_reinit_congestion_control() ->
tcp_init_congestion_control()
(4) receive ACK, connection is established, call tcp_init_transfer(),
set icsk_ca_initialized=0 (without first calling cc->release()),
call tcp_init_congestion_control() again.
Note that in this sequence tcp_init_congestion_control() is called
twice without a cc->release() call in between. Thus, for CC modules
that allocate memory in their init() function, e.g, CDG, a memory leak
may occur. The syzkaller tool managed to find a reproducer that
triggered such a leak in CDG.
The bug was introduced when that commit 8919a9b31eb4 ("tcp: Only init
congestion control if not initialized already")
introduced icsk_ca_initialized and set icsk_ca_initialized to 0 in
tcp_init_transfer(), missing the possibility for a sequence like the
one above, where a process could call setsockopt(TCP_CONGESTION) in
state TCP_SYN_SENT (i.e. after the connect() or TFO open sendmsg()),
which would call tcp_init_congestion_control(). It did not intend to
reset any initialization that the user had already explicitly made;
it just missed the possibility of that particular sequence (which
syzkaller managed to find).
Fixes: 8919a9b31eb4 ("tcp: Only init congestion control if not initialized already")
Reported-by: syzbot+f1e24a0594d4e3a895d3@syzkaller.appspotmail.com
Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Tested-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
When multiple SKBs are merged to a new skb under napi GRO,
or SKB is re-used by napi, if nfct was set for them in the
driver, it will not be released while freeing their stolen
head state or on re-use.
Release nfct on napi's stolen or re-used SKBs, and
in gro_list_prepare, check conntrack metadata diff.
Fixes: 5c6b94604744 ("net/mlx5e: CT: Handle misses after executing CT action")
Reviewed-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Paul Blakey <paulb@nvidia.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
- Removed unused readl and writel functions (Krzysztof Wilczyński)
* remotes/lorenzo/pci/mobiveil:
PCI: mobiveil: Remove unused readl and writel functions
|
|
- Make struct event_descs static (Krzysztof Wilczyński)
* remotes/lorenzo/pci/microchip:
PCI: microchip: Make the struct event_descs static
|
|
- Add missing MODULE_DEVICE_TABLE for driver loading (Zou Wei)
* remotes/lorenzo/pci/mediatek-gen3:
PCI: mediatek-gen3: Add missing MODULE_DEVICE_TABLE
|
|
- Drop redundant error message from mtk_pcie_subsys_powerup() (Zhen Lei)
* remotes/lorenzo/pci/mediatek:
PCI: mediatek: Remove redundant error printing in mtk_pcie_subsys_powerup()
|
|
- Fix multi-MSI base vector number allocation (Sandor Bodo-Merle)
- Restrict multi-MSI support to uniprocessor kernel (Sandor Bodo-Merle)
* remotes/lorenzo/pci/iproc:
PCI: iproc: Support multi-MSI only on uniprocessor kernel
PCI: iproc: Fix multi-MSI base vector number allocation
|
|
- Fix race when removing device (Long Li)
- Remove unused bus device removal refcount/functions (Long Li)
* remotes/lorenzo/pci/hv:
PCI: hv: Remove bus device removal unused refcount/functions
PCI: hv: Fix a race condition when removing the device
|
|
- Rename PCI_IOSIZE, etc in ftpci100 to avoid macro name collisions (Randy
Dunlap)
* remotes/lorenzo/pci/ftpci100:
PCI: ftpci100: Rename macro name collision
|
|
- Decode PIO Posted/Non-posted Request correctly in error logging (Pali
Rohár)
- Work around incorrect Vendor ID in Marvell Armada 3700 (Pali Rohár)
* remotes/lorenzo/pci/aardvark:
PCI: aardvark: Implement workaround for the readback value of VEND_ID
PCI: aardvark: Fix checking for PIO Non-posted Request
|
|
- Fix kernel-doc formatting errors (Krzysztof Wilczyński)
* pci/kernel-doc:
PCI: Fix kernel-doc formatting
|
|
- Annotate __iomem pointer (Bjorn Helgaas)
* pci/host/xgene:
PCI: xgene: Annotate __iomem pointer
|
|
- Fix host init during resume (Vidya Sagar)
- Fix ill-defined MSI IRQ shift behavior (Jon Hunter)
* pci/host/tegra194:
PCI: tegra194: Fix tegra_pcie_ep_raise_msi_irq() ill-defined shift
PCI: tegra194: Fix host initialization during resume
|
|
- Add missing MODULE_DEVICE_TABLE for driver loading (Zou Wei)
* pci/host/tegra:
PCI: tegra: Add missing MODULE_DEVICE_TABLE
|
|
- Register IRQ handlers after device and data are ready (Javier Martinez
Canillas)
* pci/host/rockchip:
PCI: rockchip: Register IRQ handlers after device and data are ready
|
|
- Fix INTx enable (Martin Blumenstingl)
* pci/host/intel-gw:
PCI: intel-gw: Fix INTx enable
|
|
- Drop redundant error message from imx6_pcie_probe() (Zhen Lei)
- Limit DBI register length on i.MX 6QuadPlus (Richard Zhu)
- Add "vph-supply" to indicate which regulator supplies PHY (Richard Zhu)
- Enable PHY internal regulator when supplied >3V (Richard Zhu)
* pci/host/imx6:
PCI: imx6: Enable PHY internal regulator when supplied >3V
dt-bindings: imx6q-pcie: Add "vph-supply" for PHY supply voltage
PCI: imx6: Limit DBI register length for imx6qp PCIe
PCI: imx6: Remove imx6_pcie_probe() redundant error message
|
|
- Clarify error message for unbound devices (Moritz Fischer)
* pci/virtualization:
PCI/IOV: Clarify error message for unbound devices
|
|
- Fix dsm_label_utf16s_to_utf8s() buffer overrun (Krzysztof Wilczyński)
- Use sysfs_emit() and sysfs_emit_at() in "show" functions (Krzysztof
Wilczyński)
- Fix 'resource_alignment' newline issues (Krzysztof Wilczyński)
- Add newline to 'devspec' sysfs file (Krzysztof Wilczyński)
* pci/sysfs:
PCI/sysfs: Add 'devspec' newline
PCI/sysfs: Fix 'resource_alignment' newline issues
PCI/sysfs: Use sysfs_emit() and sysfs_emit_at() in "show" functions
PCI/sysfs: Rely on lengths from scnprintf(), dsm_label_utf16s_to_utf8s()
PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
# Conflicts:
# drivers/pci/p2pdma.c
|
|
- Coalesce host bridge apertures so we can allocate large BARs that cross
contiguous apertures (Kai-Heng Feng)
* pci/resource:
PCI: Coalesce host bridge contiguous apertures
|
|
- Add pci_reset_bus_function() Secondary Bus Reset interface (Raphael
Norwitz)
- Work around Huawei Intelligent NIC VF FLR erratum (Chiqijun)
* pci/reset:
PCI: Work around Huawei Intelligent NIC VF FLR erratum
PCI: Add pci_reset_bus_function() Secondary Bus Reset interface
|
|
- Leave Apple Thunderbolt controllers on for s2idle or standby so they work
after resume (Konstantin Kharlamov)
* pci/pm:
PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
|
|
- Rename Rename upstream_bridge_distance() to calc_map_type_and_dist()
(Logan Gunthorpe)
- Collect ACS list message in stack buffer to avoid sleeping (Logan
Gunthorpe)
- Use correct calc_map_type_and_dist() return type (Logan Gunthorpe)
- Warn if host bridge not in whitelist (Logan Gunthorpe)
- Refactor pci_p2pdma_map_type() (Logan Gunthorpe)
- Avoid pci_get_slot(), which may sleep (Logan Gunthorpe)
- Simplify distance calculation in __calc_map_type_and_dist() and
calc_map_type_and_dist_warn() (Christoph Hellwig)
- Finish RCU conversion of pdev->p2pdma (Eric Dumazet)
* pci/p2pdma:
PCI/P2PDMA: Finish RCU conversion of pdev->p2pdma
PCI/P2PDMA: Simplify distance calculation
PCI/P2PDMA: Avoid pci_get_slot(), which may sleep
PCI/P2PDMA: Refactor pci_p2pdma_map_type()
PCI/P2PDMA: Warn if host bridge not in whitelist
PCI/P2PDMA: Use correct calc_map_type_and_dist() return type
PCI/P2PDMA: Collect acs list in stack buffer to avoid sleeping
PCI/P2PDMA: Rename upstream_bridge_distance() and rework doc
|
|
- Return true/false (not 1/0) from bool functions (Yang Li)
- Add Joyce Ooi as Altera PCIe maintainer (Joyce Ooi)
* pci/misc:
MAINTAINERS: Add Joyce Ooi as Altera PCIe maintainer
x86/pci: Return true/false (not 1/0) from bool functions
|
|
- Ignore pciehp Link Down/Up caused by DPC so device remains bound to
driver (Lukas Wunner)
- Declare global cpci_debug in header file (Krzysztof Wilczyński)
* pci/hotplug:
PCI: cpcihp: Declare cpci_debug in header file
PCI: pciehp: Ignore Link Down/Up caused by DPC
|
|
- Make domain/bus/dev/fn format in AER messages match pci_name() format
(Yicong Yang)
* pci/error:
Documentation: PCI: Fix typo in pci-error-recovery.rst
PCI/AER: Use consistent format when printing PCI device
|
|
- Add a debug message on PCI device release (Niklas Schnelle)
- Dynamically map ECAM regions to reduce vmalloc usage (Russell King)
* pci/enumeration:
PCI: Dynamically map ECAM regions
PCI: Print a debug message on PCI device release
|
|
While looking at pci_alloc_p2pmem() I found RCU protection was not properly
applied there, as pdev->p2pdma was potentially read multiple times.
Fix pci_alloc_p2pmem(), add __rcu qualifier to p2pdma field of struct
pci_dev, and fix all other accesses to this field with proper RCU verbs.
Link: https://lore.kernel.org/r/20210701095621.3129283-1-eric.dumazet@gmail.com
Fixes: 1570175abd16 ("PCI/P2PDMA: track pgmap references per resource, not globally")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Logan Gunthorpe <logang@deltatee.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Ira Weiny <ira.weiny@intel.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "Jérôme Glisse" <jglisse@redhat.com>
Cc: "Rafael J. Wysocki" <rafael@kernel.org>
|
|
"bar_addr" is passed as the argument to writel(), which expects a
"void __iomem *". Annotate "bar_addr" correctly. Resolves an sparse
"incorrect type in argument 2 (different address spaces)" warning.
Link: https://lore.kernel.org/r/202105171809.Tay9fImZ-lkp@intel.com
Link: https://lore.kernel.org/r/20210517171839.25777-1-helgaas@kernel.org
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
|
|
Fix kernel-doc formatting throughout drivers/pci and related include files.
No change to functionality intended.
Check for warnings:
$ find include drivers/pci -type f -path "*pci*.[ch]" | xargs scripts/kernel-doc -none
[bhelgaas: squashed to one commit]
Link: https://lore.kernel.org/r/20210509030237.368540-1-kw@linux.com
Link: https://lore.kernel.org/r/20210703151306.1922450-1-kw@linux.com
Link: https://lore.kernel.org/r/20210703151306.1922450-2-kw@linux.com
Link: https://lore.kernel.org/r/20210703151306.1922450-3-kw@linux.com
Link: https://lore.kernel.org/r/20210703151306.1922450-4-kw@linux.com
Link: https://lore.kernel.org/r/20210703151306.1922450-5-kw@linux.com
Signed-off-by: Krzysztof Wilczyński <kw@linux.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
|
|
Subtract the jiffies that have passed by to current jiffies to fix last
used restoration.
Fixes: 836382dc2471 ("netfilter: nf_tables: add last expression")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
NFTA_LAST_SET tells us if this expression has ever seen a packet, do not
ignore this attribute when restoring the ruleset.
Fixes: 836382dc2471 ("netfilter: nf_tables: add last expression")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
KCSAN detected an data race with ipc/sem.c that is intentional.
As nf_conntrack_lock() uses the same algorithm: Update
nf_conntrack_core as well:
nf_conntrack_lock() contains
a1) spin_lock()
a2) smp_load_acquire(nf_conntrack_locks_all).
a1) actually accesses one lock from an array of locks.
nf_conntrack_locks_all() contains
b1) nf_conntrack_locks_all=true (normal write)
b2) spin_lock()
b3) spin_unlock()
b2 and b3 are done for every lock.
This guarantees that nf_conntrack_locks_all() prevents any
concurrent nf_conntrack_lock() owners:
If a thread past a1), then b2) will block until that thread releases
the lock.
If the threat is before a1, then b3)+a1) ensure the write b1) is
visible, thus a2) is guaranteed to see the updated value.
But: This is only the latest time when b1) becomes visible.
It may also happen that b1) is visible an undefined amount of time
before the b3). And thus KCSAN will notice a data race.
In addition, the compiler might be too clever.
Solution: Use WRITE_ONCE().
Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds a new sysctl tcp_ignore_invalid_rst to disable marking
out of segments RSTs as INVALID.
Signed-off-by: Ali Abdallah <aabdallah@suse.de>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
If we receive a SYN packet in original direction on an existing
connection tracking entry, we let this SYN through because conntrack
might be out-of-sync.
Conntrack gets back in sync when server responds with SYN/ACK and state
gets updated accordingly.
However, if server replies with RST, this packet might be marked as
INVALID because td_maxack value reflects the *old* conntrack state
and not the state of the originator of the RST.
Avoid td_maxack-based checks if previous packet was a SYN.
Unfortunately that is not be enough: an out of order ACK in original
direction updates last_index, so we still end up marking valid RST.
Thus disable the sequence check when we are not in established state and
the received RST has a sequence of 0.
Because marking RSTs as invalid usually leads to unwanted timeouts,
also skip RST sequence checks if a conntrack entry is already closing.
Such entries can already be evicted via GC in case the table is full.
Co-developed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Ali Abdallah <aabdallah@suse.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
BookE does not have mtmsrd, switch to use wrteei to enable MSR[EE].
Fixes: dd152f70bdc1 ("powerpc/64s: system call avoid setting MSR[RI] until we set MSR[EE]")
Reported-by: Christian Zigotzky <chzigotzky@xenosoft.de>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20210706051310.608992-1-npiggin@gmail.com
|
|
Unless the user sets overcommit_memory or has plenty of swap, the latest
changes to the testcase will result in ENOMEM failures for hosts with
less than 64GB RAM. As we do not use much of the allocated memory, we
can use MAP_NORESERVE to avoid this error.
Cc: Zenghui Yu <yuzenghui@huawei.com>
Cc: vkuznets@redhat.com
Cc: wanghaibin.wang@huawei.com
Cc: stable@vger.kernel.org
Fixes: 309505dd5685 ("KVM: selftests: Fix mapping length truncation in m{,un}map()")
Tested-by: Zenghui Yu <yuzenghui@huawei.com>
Link: https://lore.kernel.org/kvm/20210701160425.33666-1-borntraeger@de.ibm.com/
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
|
|
Older machines like z196 and zEC12 do only support 44 bits of physical
addresses. Make this the default and check via IBC if we are on a later
machine. We then add P47V64 as an additional model.
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Link: https://lore.kernel.org/kvm/20210701153853.33063-1-borntraeger@de.ibm.com/
Fixes: 1bc603af73dd ("KVM: selftests: introduce P47V64 for s390x")
|
|
va_list 'ap' was opened but not closed by va_end() in error case. It should
be closed by va_end() before the return.
Fixes: aa52bcbe0e72 ("tools: bpftool: Fix json dump crash on powerpc")
Signed-off-by: Gu Shengxian <gushengxian@yulong.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Cc: Jiri Olsa <jolsa@redhat.com>
Link: https://lore.kernel.org/bpf/20210706013543.671114-1-gushengxian507419@gmail.com
|
|
The semantics of pfn_valid() is to check presence of the memory map for a
PFN and not whether a PFN is in RAM. The memory map may be present for a
hole in the physical memory and if such hole corresponds to an MMIO range,
__arm_ioremap_pfn_caller() will produce a WARN() and fail:
[ 2.863406] WARNING: CPU: 0 PID: 1 at arch/arm/mm/ioremap.c:287 __arm_ioremap_pfn_caller+0xf0/0x1dc
[ 2.864812] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.13.0-09882-ga180bd1d7e16 #1
[ 2.865263] Hardware name: Generic DT based system
[ 2.865711] Backtrace:
[ 2.866063] [<80b07e58>] (dump_backtrace) from [<80b080ac>] (show_stack+0x20/0x24)
[ 2.866633] r7:00000009 r6:0000011f r5:60000153 r4:80ddd1c0
[ 2.866922] [<80b0808c>] (show_stack) from [<80b18df0>] (dump_stack_lvl+0x58/0x74)
[ 2.867117] [<80b18d98>] (dump_stack_lvl) from [<80b18e20>] (dump_stack+0x14/0x1c)
[ 2.867309] r5:80118cac r4:80dc6774
[ 2.867404] [<80b18e0c>] (dump_stack) from [<80122fcc>] (__warn+0xe4/0x150)
[ 2.867583] [<80122ee8>] (__warn) from [<80b08850>] (warn_slowpath_fmt+0x88/0xc0)
[ 2.867774] r7:0000011f r6:80dc6774 r5:00000000 r4:814c4000
[ 2.867917] [<80b087cc>] (warn_slowpath_fmt) from [<80118cac>] (__arm_ioremap_pfn_caller+0xf0/0x1dc)
[ 2.868158] r9:00000001 r8:9ef00000 r7:80e8b0d4 r6:0009ef00 r5:00000000 r4:00100000
[ 2.868346] [<80118bbc>] (__arm_ioremap_pfn_caller) from [<80118df8>] (__arm_ioremap_caller+0x60/0x68)
[ 2.868581] r9:9ef00000 r8:821b6dc0 r7:00100000 r6:00000000 r5:815d1010 r4:80118d98
[ 2.868761] [<80118d98>] (__arm_ioremap_caller) from [<80118fcc>] (ioremap+0x28/0x30)
[ 2.868958] [<80118fa4>] (ioremap) from [<8062871c>] (__devm_ioremap_resource+0x154/0x1c8)
[ 2.869169] r5:815d1010 r4:814c5d2c
[ 2.869263] [<806285c8>] (__devm_ioremap_resource) from [<8062899c>] (devm_ioremap_resource+0x14/0x18)
[ 2.869495] r9:9e9f57a0 r8:814c4000 r7:815d1000 r6:815d1010 r5:8177c078 r4:815cf400
[ 2.869676] [<80628988>] (devm_ioremap_resource) from [<8091c6e4>] (fsi_master_acf_probe+0x1a8/0x5d8)
[ 2.869909] [<8091c53c>] (fsi_master_acf_probe) from [<80723dbc>] (platform_probe+0x68/0xc8)
[ 2.870124] r9:80e9dadc r8:00000000 r7:815d1010 r6:810c1000 r5:815d1010 r4:00000000
[ 2.870306] [<80723d54>] (platform_probe) from [<80721208>] (really_probe+0x1cc/0x470)
[ 2.870512] r7:815d1010 r6:810c1000 r5:00000000 r4:815d1010
[ 2.870651] [<8072103c>] (really_probe) from [<807215cc>] (__driver_probe_device+0x120/0x1fc)
[ 2.870872] r7:815d1010 r6:810c1000 r5:810c1000 r4:815d1010
[ 2.871013] [<807214ac>] (__driver_probe_device) from [<807216e8>] (driver_probe_device+0x40/0xd8)
[ 2.871244] r9:80e9dadc r8:00000000 r7:815d1010 r6:810c1000 r5:812feaa0 r4:812fe994
[ 2.871428] [<807216a8>] (driver_probe_device) from [<80721a58>] (__driver_attach+0xa8/0x1d4)
[ 2.871647] r9:80e9dadc r8:00000000 r7:00000000 r6:810c1000 r5:815d1054 r4:815d1010
[ 2.871830] [<807219b0>] (__driver_attach) from [<8071ee8c>] (bus_for_each_dev+0x88/0xc8)
[ 2.872040] r7:00000000 r6:814c4000 r5:807219b0 r4:810c1000
[ 2.872194] [<8071ee04>] (bus_for_each_dev) from [<80722208>] (driver_attach+0x28/0x30)
[ 2.872418] r7:810a2aa0 r6:00000000 r5:821b6000 r4:810c1000
[ 2.872570] [<807221e0>] (driver_attach) from [<8071f80c>] (bus_add_driver+0x114/0x200)
[ 2.872788] [<8071f6f8>] (bus_add_driver) from [<80722ec4>] (driver_register+0x98/0x128)
[ 2.873011] r7:81011d0c r6:814c4000 r5:00000000 r4:810c1000
[ 2.873167] [<80722e2c>] (driver_register) from [<80725240>] (__platform_driver_register+0x2c/0x34)
[ 2.873408] r5:814dcb80 r4:80f2a764
[ 2.873513] [<80725214>] (__platform_driver_register) from [<80f2a784>] (fsi_master_acf_init+0x20/0x28)
[ 2.873766] [<80f2a764>] (fsi_master_acf_init) from [<80f014a8>] (do_one_initcall+0x108/0x290)
[ 2.874007] [<80f013a0>] (do_one_initcall) from [<80f01840>] (kernel_init_freeable+0x1ac/0x230)
[ 2.874248] r9:80e9dadc r8:80f3987c r7:80f3985c r6:00000007 r5:814dcb80 r4:80f627a4
[ 2.874456] [<80f01694>] (kernel_init_freeable) from [<80b19f44>] (kernel_init+0x20/0x138)
[ 2.874691] r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80b19f24
[ 2.874894] r4:00000000
[ 2.874977] [<80b19f24>] (kernel_init) from [<80100170>] (ret_from_fork+0x14/0x24)
[ 2.875231] Exception stack(0x814c5fb0 to 0x814c5ff8)
[ 2.875535] 5fa0: 00000000 00000000 00000000 00000000
[ 2.875849] 5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 2.876133] 5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
[ 2.876363] r5:80b19f24 r4:00000000
[ 2.876683] ---[ end trace b2f74b8536829970 ]---
[ 2.876911] fsi-master-acf gpio-fsi: ioremap failed for resource [mem 0x9ef00000-0x9effffff]
[ 2.877492] fsi-master-acf gpio-fsi: Error -12 mapping coldfire memory
[ 2.877689] fsi-master-acf: probe of gpio-fsi failed with error -12
Use memblock_is_map_memory() instead of pfn_valid() to check if a PFN is in
RAM or not.
Reported-by: Guenter Roeck <linux@roeck-us.net>
Fixes: a4d5613c4dc6 ("arm: extend pfn_valid to take into account freed memory map alignment")
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Tested-by: Guenter Roeck <linux@roeck-us.net>
|
|
This enables ftrace kprobe events to access kernel function
arguments via $argN syntax.
Signed-off-by: Jeff Xie <huan.xie@suse.com>
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
|
|
With "riscv: mm: add THP support on 64-bit", mk_pmd() function
introduce build errors,
1.build with CONFIG_ARCH_RV32I=y:
arch/riscv/include/asm/pgtable.h: In function 'mk_pmd':
arch/riscv/include/asm/pgtable.h:513:9: error: implicit declaration of function 'pfn_pmd';
did you mean 'pfn_pgd'? [-Werror=implicit-function-declaration]
2.build with CONFIG_SPARSEMEM=y && CONFIG_SPARSEMEM_VMEMMAP=n
arch/riscv/include/asm/pgtable.h: In function 'mk_pmd':
include/asm-generic/memory_model.h:64:14: error: implicit declaration of function 'page_to_section';
did you mean 'present_section'? [-Werror=implicit-function-declaration]
Move the definition of mk_pmd to pgtable-64.h to fix the first error.
Use macro definition instead of inline function for mk_pmd
to fix the second problem. It is similar to the mk_pte macro.
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Nanyong Sun <sunnanyong@huawei.com>
Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
|
|
We have a lot of variables that are used to hold kernel mapping addresses,
offsets between physical and virtual mappings and some others used for XIP
kernels: they are all defined at different places in mm/init.c, so group
them into a single structure with, for some of them, more explicit and concise
names.
Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
|
|
We need to guarantee it's initially zero. Otherwise, it'll hurt entire flag
operations.
Fixes: b763f3bedc2d ("f2fs: restructure f2fs page.private layout")
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
|
|
Execute the following command and exit, then execute it again, the following
error will be reported:
$ sudo ./samples/bpf/xdpsock -i ens4f2 -M
^C
$ sudo ./samples/bpf/xdpsock -i ens4f2 -M
libbpf: elf: skipping unrecognized data section(16) .eh_frame
libbpf: elf: skipping relo section(17) .rel.eh_frame for section(16) .eh_frame
libbpf: Kernel error message: XDP program already attached
ERROR: link set xdp fd failed
Commit c9d27c9e8dc7 ("samples: bpf: Do not unload prog within xdpsock") removed
the unloading prog code because of the presence of bpf_link. This is fine if
XDP_SHARED_UMEM is disabled, but if it is enabled, unloading the prog is still
needed.
Fixes: c9d27c9e8dc7 ("samples: bpf: Do not unload prog within xdpsock")
Signed-off-by: Wang Hai <wanghai38@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Magnus Karlsson <magnus.karlsson@intel.com>
Cc: Maciej Fijalkowski <maciej.fijalkowski@intel.com>
Link: https://lore.kernel.org/bpf/20210628091815.2373487-1-wanghai38@huawei.com
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb
Pull USB / Thunderbolt updates from Greg KH:
"Here is the big set of USB and Thunderbolt patches for 5.14-rc1.
Nothing major here just lots of little changes for new hardware and
features. Highlights are:
- more USB 4 support added to the thunderbolt core
- build warning fixes all over the place
- usb-serial driver updates and new device support
- mtu3 driver updates
- gadget driver updates
- dwc3 driver updates
- dwc2 driver updates
- isp1760 host driver updates
- musb driver updates
- lots of other tiny things.
Full details are in the shortlog.
All of these have been in linux-next for a while now with no reported
issues"
* tag 'usb-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: (223 commits)
phy: qcom-qusb2: Add configuration for SM4250 and SM6115
dt-bindings: phy: qcom,qusb2: document sm4250/6115 compatible
dt-bindings: usb: qcom,dwc3: Add bindings for sm6115/4250
USB: cdc-acm: blacklist Heimann USB Appset device
usb: xhci-mtk: allow multiple Start-Split in a microframe
usb: ftdi-elan: remove redundant continue statement in a while-loop
usb: class: cdc-wdm: return the correct errno code
xhci: remove redundant continue statement
usb: dwc3: Fix debugfs creation flow
usb: gadget: hid: fix error return code in hid_bind()
usb: gadget: eem: fix echo command packet response issue
usb: gadget: f_hid: fix endianness issue with descriptors
Revert "USB: misc: Add onboard_usb_hub driver"
Revert "of/platform: Add stubs for of_platform_device_create/destroy()"
Revert "usb: host: xhci-plat: Create platform device for onboard hubs in probe()"
Revert "arm64: dts: qcom: sc7180-trogdor: Add nodes for onboard USB hub"
xhci: solve a double free problem while doing s4
xhci: handle failed buffer copy to URB sg list and fix a W=1 copiler warning
xhci: Add adaptive interrupt rate for isoch TRBs with XHCI_AVOID_BEI quirk
xhci: Remove unused defines for ERST_SIZE and ERST_ENTRIES
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
Pull tty / serial updates from Greg KH:
"Here is the big set of tty and serial driver patches for 5.14-rc1.
A bit more than normal, but nothing major, lots of cleanups.
Highlights are:
- lots of tty api cleanups and mxser driver cleanups from Jiri
- build warning fixes
- various serial driver updates
- coding style cleanups
- various tty driver minor fixes and updates
- removal of broken and disable r3964 line discipline (finally!)
All of these have been in linux-next for a while with no reported
issues"
* tag 'tty-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: (227 commits)
serial: mvebu-uart: remove unused member nb from struct mvebu_uart
arm64: dts: marvell: armada-37xx: Fix reg for standard variant of UART
dt-bindings: mvebu-uart: fix documentation
serial: mvebu-uart: correctly calculate minimal possible baudrate
serial: mvebu-uart: do not allow changing baudrate when uartclk is not available
serial: mvebu-uart: fix calculation of clock divisor
tty: make linux/tty_flip.h self-contained
serial: Prefer unsigned int to bare use of unsigned
serial: 8250: 8250_omap: Fix possible interrupt storm on K3 SoCs
serial: qcom_geni_serial: use DT aliases according to DT bindings
Revert "tty: serial: Add UART driver for Cortina-Access platform"
tty: serial: Add UART driver for Cortina-Access platform
MAINTAINERS: add me back as mxser maintainer
mxser: Documentation, fix typos
mxser: Documentation, make the docs up-to-date
mxser: Documentation, remove traces of callout device
mxser: introduce mxser_16550A_or_MUST helper
mxser: rename flags to old_speed in mxser_set_serial_info
mxser: use port variable in mxser_set_serial_info
mxser: access info->MCR under info->slock
...
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging
Pull staging / IIO driver updates from Greg KH:
"Here is the big set of IIO and staging driver patches for 5.14-rc1.
Loads of IIO driver updates and additions in here, the shortlog has
the full details.
For the staging side, we moved a few drivers out of staging, and
deleted the kpc2000 drivers as the original developer asked us to
because no one was working on them anymore.
Also in here are loads of coding style cleanups due to different
intern projects focusing on the staging tree to try to get experience
doing kernel development.
All of these have been in the linux-next tree for a while with no
reported problems"
* tag 'staging-5.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: (744 commits)
staging: hi6421-spmi-pmic: cleanup some macros
staging: hi6421-spmi-pmic: change identation of a table
staging: hi6421-spmi-pmic: change a return code
staging: hi6421-spmi-pmic: better name IRQs
staging: hi6421-spmi-pmic: use devm_request_threaded_irq()
staging: hisilicon,hi6421-spmi-pmic.yaml: cleanup descriptions
spmi: hisi-spmi-controller: move driver from staging
phy: phy-hi3670-usb3: move driver from staging into phy
staging: rtl8188eu: remove include/rtw_debug.h header
staging: rtl8188eu: remove GlobalDebugLevel variable
staging: rtl8188eu: remove DRIVER_PREFIX preprocessor definition
staging: rtl8188eu: remove RT_TRACE macro
staging: rtl8188eu: remove all RT_TRACE calls from hal/rtl8188eu_recv.c
staging: rtl8188eu: remove all RT_TRACE calls from hal/hal_intf.c
staging: rtl8188eu: remove all RT_TRACE calls from hal/rtl8188eu_xmit.c
staging: rtl8188eu: remove all RT_TRACE calls from core/rtw_xmit.c
staging: rtl8188eu: remove all RT_TRACE calls from core/rtw_pwrctrl.c
staging: rtl8188eu: remove all RT_TRACE calls from core/rtw_recv.c
staging: rtl8188eu: remove all RT_TRACE calls from core/rtw_ioctl_set.c
staging: rtl8188eu: remove all RT_TRACE calls from core/rtw_ieee80211.c
...
|
