)]}' { "log": [ { "commit": "ee3248f9f8d60cff9106a5a46c5f5d53ac81e60a", "tree": "5a5d0ab1ab28205dcd2536656af2a4575eca4d23", "parents": [ "dff8bcb091a3123e1c7c685f8149595e39bbdb8f" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sat Apr 20 12:08:47 2024 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:59 2024 +0200" }, "message": "spdm: Allow control of next requester nonce through sysfs\n\nRemote attestation services may mistrust the kernel to always use a\nfresh nonce for SPDM authentication.\n\nSo allow user space to set the next requester nonce by writing to a\nsysfs attribute.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nCc: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\nCc: Jérôme Glisse \u003cjglisse@google.com\u003e\nCc: Jason Gunthorpe \u003cjgg@nvidia.com\u003e\n" }, { "commit": "dff8bcb091a3123e1c7c685f8149595e39bbdb8f", "tree": "b5ab8397fc3b6c7e93e677670f76cbd046e6da28", "parents": [ "2e6ee6670a5d450bc880e77a892ea0227a2cc3b4" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sat Jun 22 12:23:09 2024 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:57 2024 +0200" }, "message": "spdm: Authenticate devices despite invalid certificate chain\n\nThe SPDM library has just been amended to keep a log of received\nsignatures from a device and expose it in sysfs.\n\nCurrently challenge-response authentication with a device is only\nperformed if one of its up to 8 certificate chains is considered valid\nby the kernel.\n\nValid means several things:\n\n* That the certificate chain adheres to requirements in the SPDM\n specification (e.g. each certificate in the chain is signed by the\n preceding certificate),\n* that the certificate chain adheres to requirements in other\n specifications such as PCIe r6.1 sec 6.31.3,\n* that the first certificate in the chain is signed by a trusted root\n certificate on the kernel\u0027s keyring\n* or that none of the certificates in the chain is on the kernel\u0027s\n blacklist_keyring.\n\nUser space should be given the chance to make up its own mind on the\nvalidity of a certificate chain and the signature generated with it.\nSo if none of the 8 certificate chains is considered valid by the\nkernel, pick one of them and perform challenge-response authentication\nwith it for the sole purpose of exposing a signature to user space.\n\nDo not verify that signature because if the kernel considers the\ncertificate chain invalid, the signature implicitly is as well.\n\nArbitrarily select the certificate chain in the first provisioned slot\n(which is normally slot 0) for such \"for user space only\" authentication\nattempts.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "2e6ee6670a5d450bc880e77a892ea0227a2cc3b4", "tree": "2459e111629d92061fd8c2556161eb18656fe7dc", "parents": [ "77f549685f994981c010aebb1e9057aa3555b18a" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sat Jun 22 11:58:12 2024 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:55 2024 +0200" }, "message": "spdm: Limit memory consumed by log of received signatures\n\nThe SPDM library has just been amended to keep a log of received\nsignatures and expose it in sysfs.\n\nLimit the log\u0027s memory footprint subject to a sysctl parameter. Purge\nold signatures when adding a new signature which causes the limit to be\nexceeded. Likewise purge old signatures when the sysctl parameter is\nreduced.\n\nThe latter requires keeping a list of all struct spdm_state and\nprotecting it with a mutex. It will come in handy when further global\nsysctl parameters are added to the SPDM library. Unfortunately an\nxarray is not a better option in this case as the xarray-integrated\nxa_lock() is a spinlock but purging signatures from sysfs may sleep\n(due to kernfs_rwsem).\n\nThis functionality is introduced in a separate commit on top of basic\nsignature exposure to split the code into digestible, reviewable chunks.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "77f549685f994981c010aebb1e9057aa3555b18a", "tree": "94a3830e5969aad5a5baca893e1df887a73dc5ca", "parents": [ "7b4e324bdcd5910c9460bb5fc37aaf354f596ebf" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Thu Apr 11 09:55:56 2024 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:54 2024 +0200" }, "message": "PCI/CMA: Expose a log of received signatures in sysfs\n\nWhen authenticating a device with CMA-SPDM, the kernel verifies the\nchallenge-response received from the device, but otherwise keeps it to\nitself.\n\nJames Bottomley contends that\u0027s not good enough because user space or a\nremote attestation service may want to re-verify the challenge-response:\nEither because it mistrusts the kernel or because the kernel is unaware\nof policy constraints that user space or the remote attestation service\nwant to apply.\n\nFacilitate such use cases by exposing a log in sysfs which consists of\nseveral files for each challenge-response event. The files are prefixed\nwith a monotonically increasing number, starting at 0:\n\n/sys/devices/.../signatures/0_signature\n/sys/devices/.../signatures/0_transcript\n/sys/devices/.../signatures/0_requester_nonce\n/sys/devices/.../signatures/0_responder_nonce\n/sys/devices/.../signatures/0_hash_algorithm\n/sys/devices/.../signatures/0_combined_spdm_prefix\n/sys/devices/.../signatures/0_certificate_chain\n/sys/devices/.../signatures/0_type\n\nThe 0_signature is computed over the 0_transcript (a concatenation of\nall SPDM messages exchanged with the device).\n\nTo verify the signature, 0_transcript is hashed with 0_hash_algorithm\n(e.g. \"sha384\") and prefixed by 0_combined_spdm_prefix.\n\nThe public key to verify the signature against is the leaf certificate\ncontained in 0_certificate_chain.\n\nThe nonces chosen by requester and responder are exposed as separate\nattributes to ease verification of their freshness. They\u0027re already\ncontained in the transcript but their offsets within the transcript are\nvariable, so user space would otherwise have to parse the SPDM messages\nin the transcript to find the nonces.\n\nThe type attribute contains the event type: Currently it is always\n\"responder-challenge_auth signing\". In the future it may also contain\n\"responder-measurements signing\".\n\nThis custom log format was chosen for lack of a better alternative.\nAlthough the TCG PFP Specification defines DEVICE_SECURITY_EVENT_DATA\nstructures, those structures do not store the transcript (which can be\na few kBytes or up to several MBytes in size). They do store nonces,\nhence at least allow for verification of nonce freshness. But without\nthe transcript, user space cannot verify the signature:\n\nhttps://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/\n\nExposing the transcript as an attribute of its own has the benefit that\nit can directly be fed into a protocol dissector for debugging purposes\n(think Wireshark).\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nCc: James Bottomley \u003cJames.Bottomley@HansenPartnership.com\u003e\nCc: Jérôme Glisse \u003cjglisse@google.com\u003e\nCc: Jason Gunthorpe \u003cjgg@nvidia.com\u003e\n" }, { "commit": "7b4e324bdcd5910c9460bb5fc37aaf354f596ebf", "tree": "2ebac62a7ab645130cf9dacc7aad2312c05b8635", "parents": [ "16490618cbde91b5aac04873c39c8fb7666ff686" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Tue Jun 11 17:35:36 2024 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:52 2024 +0200" }, "message": "sysfs: Allow symlinks to be added between sibling groups\n\nA subsequent commit has the need to create a symlink from an attribute\nin a first group to an attribute in a second group. Both groups belong\nto the same kobject.\n\nMore specifically, each signature received from an authentication-\ncapable device is going to be represented by a file in the first group\nand shall be accompanied by a symlink pointing to the certificate slot\nin the second group which was used to generate the signature (a device\nmay have multiple certificate slots and each is represented by a\nseparate file in the second group):\n\n/sys/devices/.../signatures/0_certificate_chain -\u003e .../certificates/slot0\n\nThere is already a sysfs_add_link_to_group() helper to add a symlink to\na group which points to another kobject, but this isn\u0027t what\u0027s needed\nhere.\n\nSo add a new function to add a symlink among sibling groups of the same\nkobject.\n\nThe existing sysfs_add_link_to_group() helper goes through a locking\ndance of acquiring sysfs_symlink_target_lock in order to acquire a\nreference on the target kobject. That\u0027s unnecessary for the present\nuse case as the link itself and its target reside below the same\nkobject.\n\nTo simplify error handling in the newly introduced function, add a\nDEFINE_FREE() clause for kernfs_put().\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "16490618cbde91b5aac04873c39c8fb7666ff686", "tree": "964fe6f694638b7e5ff1da941985cb04e3b0be56", "parents": [ "e42905e3e5f1d5be39355e833fefc349acb0b03c" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sat Mar 30 21:23:22 2024 +0100" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:50 2024 +0200" }, "message": "sysfs: Allow bin_attributes to be added to groups\n\nCommit dfa87c824a9a (\"sysfs: allow attributes to be added to groups\")\nintroduced dynamic addition of sysfs attributes to groups.\n\nAllow the same for bin_attributes, in support of a subsequent commit\nwhich adds various bin_attributes every time a PCI device is\nauthenticated.\n\nAddition of bin_attributes to groups differs from regular attributes in\nthat different kernfs_ops are selected by sysfs_add_bin_file_mode_ns()\nvis-à-vis sysfs_add_file_mode_ns().\n\nSo call either of those two functions from sysfs_add_file_to_group()\nbased on an additional boolean parameter and add two wrapper functions,\none for bin_attributes and another for regular attributes.\n\nRemoval of bin_attributes from groups does not require a differentiation\nfor bin_attributes and can use the same code path as regular attributes.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nCc: Alan Stern \u003cstern@rowland.harvard.edu\u003e\n" }, { "commit": "e42905e3e5f1d5be39355e833fefc349acb0b03c", "tree": "8f7c5085e656fcf3810437173c300ed6b65930df", "parents": [ "8851c4d4c829dd6608f15244954e3fbe9995908b" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sat Jun 08 21:28:54 2024 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:48 2024 +0200" }, "message": "PCI/CMA: Expose certificates in sysfs\n\nThe kernel already caches certificate chains retrieved from a device\nupon authentication. Expose them in \"slot[0-7]\" files in sysfs for\nexamination by user space.\n\nAs noted in the ABI documentation, the \"slot[0-7]\" files always have a\nfile size of 65535 bytes (the maximum size of a certificate chain per\nSPDM 1.0.0 table 18), even if the certificate chain in the slot is\nactually smaller. Although it would be possible to use the certifiate\nchain\u0027s actual size as the file size, doing so would require a separate\nstruct attribute_group for each device, which would occupy additional\nmemory.\n\nSlots are visible in sysfs even if they\u0027re currently unprovisioned\nbecause a future commit will add support for certificate provisioning\nby writing to the \"slot[0-7]\" files.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "8851c4d4c829dd6608f15244954e3fbe9995908b", "tree": "72982ad85af8adae73dbd82610ab306396a3efc9", "parents": [ "bd850e8257552d47433bdb2e10fa9b0a49659a4e" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun May 28 00:56:28 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:46 2024 +0200" }, "message": "PCI/CMA: Expose in sysfs whether devices are authenticated\n\nThe PCI core has just been amended to authenticate CMA-capable devices\non enumeration and store the result in an \"authenticated\" bit in struct\npci_dev-\u003espdm_state.\n\nExpose the bit to user space through an eponymous sysfs attribute.\n\nAllow user space to trigger reauthentication (e.g. after it has updated\nthe CMA keyring) by writing to the sysfs attribute.\n\nImplement the attribute in the SPDM library so that other bus types\nbesides PCI may take advantage of it. They just need to add\nspdm_attr_group to the attribute groups of their devices and amend the\ndev_to_spdm_state() helper which retrieves the spdm_state for a given\ndevice.\n\nThe helper may return an ERR_PTR if it couldn\u0027t be determined whether\nSPDM is supported by the device. The sysfs attribute is visible in that\ncase but returns an error on access. This prevents downgrade attacks\nwhere an attacker disturbs memory allocation or DOE communication\nin order to create the appearance that SPDM is unsupported.\n\nSubject to further discussion, a future commit might add a user-defined\npolicy to forbid driver binding to devices which failed authentication,\nsimilar to the \"authorized\" attribute for USB.\n\nAlternatively, authentication success might be signaled to user space\nthrough a uevent, whereupon it may bind a (blacklisted) driver.\nA uevent signaling authentication failure might similarly cause user\nspace to unbind or outright remove the potentially malicious device.\n\nTraffic from devices which failed authentication could also be filtered\nthrough ACS I/O Request Blocking Enable (PCIe r6.2 sec 7.7.11.3) or\nthrough Link Disable (PCIe r6.2 sec 7.5.3.7). Unlike an IOMMU, that\nwill not only protect the host, but also prevent malicious peer-to-peer\ntraffic to other devices.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "bd850e8257552d47433bdb2e10fa9b0a49659a4e", "tree": "e2d085fb4cf8dd21d51ce9be4a2c535c80d091ba", "parents": [ "8504d6303fac89d2d3a9c0661176d9cd1bb676fe" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Mon Jan 16 20:29:04 2023 +0100" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:44 2024 +0200" }, "message": "PCI/CMA: Reauthenticate devices on reset and resume\n\nCMA-SPDM state is lost when a device undergoes a Conventional Reset.\n(But not a Function Level Reset, PCIe r6.2 sec 6.6.2.) A D3cold to D0\ntransition implies a Conventional Reset (PCIe r6.2 sec 5.8).\n\nThus, reauthenticate devices on resume from D3cold and on recovery from\na Secondary Bus Reset or DPC-induced Hot Reset.\n\nThe requirement to reauthenticate devices on resume from system sleep\n(and in the future reestablish IDE encryption) is the reason why SPDM\nneeds to be in-kernel: During -\u003eresume_noirq, which is the first phase\nafter system sleep, the PCI core walks down the hierarchy, puts each\ndevice in D0, restores its config space and invokes the driver\u0027s\n-\u003eresume_noirq callback. The driver is afforded the right to access the\ndevice already during this phase.\n\nTo retain this usage model in the face of authentication and encryption,\nCMA-SPDM reauthentication and IDE reestablishment must happen during the\n-\u003eresume_noirq phase, before the driver\u0027s first access to the device.\nThe driver is thus afforded seamless authenticated and encrypted access\nuntil the last moment before suspend and from the first moment after\nresume.\n\nDuring the -\u003eresume_noirq phase, device interrupts are not yet enabled.\nIt is thus impossible to defer CMA-SPDM reauthentication to a user space\ncomponent on an attached disk or on the network, making an in-kernel\nSPDM implementation mandatory.\n\nThe same catch-22 exists on recovery from a Conventional Reset: A user\nspace SPDM implementation might live on a device which underwent reset,\nrendering its execution impossible.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "8504d6303fac89d2d3a9c0661176d9cd1bb676fe", "tree": "8ce16adb5e7f1409ddc43063ff255d587867f0c3", "parents": [ "6d4361f13a942efc4b4d33d22e56b564c4362328" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Aug 20 08:45:46 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:43 2024 +0200" }, "message": "PCI/CMA: Validate Subject Alternative Name in certificates\n\nPCIe r6.1 sec 6.31.3 stipulates requirements for Leaf Certificates\npresented by devices, in particular the presence of a Subject Alternative\nName which encodes the Vendor ID, Device ID, Device Serial Number, etc.\n\nThis prevents a mismatch between the device identity in Config Space and\nthe certificate. A device cannot misappropriate a certificate from a\ndifferent device without also spoofing Config Space. As a corollary,\nit cannot dupe an arbitrary driver into binding to it. Only drivers\nwhich bind to the device identity in the Subject Alternative Name work\n(PCIe r6.1 sec 6.31 \"Implementation Note: Overview of Threat Model\").\n\nThe Subject Alternative Name is signed, hence constitutes a signed copy\nof a Config Space portion. It\u0027s the same concept as web certificates\nwhich contain a set of domain names in the Subject Alternative Name for\nidentity verification.\n\nParse the Subject Alternative Name using a small ASN.1 module and\nvalidate its contents. The theory of operation is explained in a\ncomment at the top of the newly inserted code.\n\nThis functionality is introduced in a separate commit on top of basic\nCMA-SPDM support to split the code into digestible, reviewable chunks.\n\nThe CMA OID added here is taken from the official OID Repository\n(it\u0027s not documented in the PCIe Base Spec):\nhttps://oid-rep.orange-labs.fr/get/2.23.147\n\nSide notes:\n\n* PCIe r6.2 removes the spec language on the Subject Alternative Name.\n It still \"requires the leaf certificate to include the information\n typically used by system software for device driver binding\", but no\n longer specifies how that information is encoded into the certificate.\n\n According to the editor of the PCIe Base Spec and the author of the\n CMA 1.1 ECN (which caused this change), FPGA cards which mutate their\n device identity at runtime (due to a firmware update) were thought as\n unable to satisfy the previous spec language. The Protocol Working\n Group could not agree on a better solution and therefore dropped the\n spec language entirely. They acknowledge that the requirement is now\n under-spec\u0027d. Because products already exist which adhere to the\n Subject Alternative Name requirement per PCIe r6.1 sec 6.31.3, they\n recommended to \"push through\" and use it as the de facto standard.\n\n The FPGA concerns are easily overcome by reauthenticating the device\n after a firmware update, either via sysfs or pci_cma_reauthenticate()\n (added by a subsequent commit).\n\n* PCIe r6.1 sec 6.31.3 strongly recommends to verify that \"the\n information provided in the Subject Alternative Name entry is signed\n by the vendor indicated by the Vendor ID.\" In other words, the root\n certificate on pci_cma_keyring which signs the device\u0027s certificate\n chain must have been created for a particular Vendor ID.\n\n Unfortunately the spec neglects to define how the Vendor ID shall be\n encoded into the root certificate. So the recommendation cannot be\n implemented at this point and it is thus possible that a vendor signs\n device certificates of a different vendor.\n\n* Instead of a Subject Alternative Name, Leaf Certificates may include\n \"a Reference Integrity Manifest, e.g., see Trusted Computing Group\" or\n \"a pointer to a location where such a Reference Integrity Manifest can\n be obtained\" (PCIe r6.1 sec 6.31.3).\n\n A Reference Integrity Manifest contains \"golden\" measurements which\n can be compared to actual measurements retrieved from a device.\n It serves a different purpose than the Subject Alternative Name,\n hence it is unclear why the spec says only either of them is necessary.\n It is also unclear how a Reference Integrity Manifest shall be encoded\n into a certificate.\n\n Hence ignore the Reference Integrity Manifest requirement.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e # except ASN.1\n" }, { "commit": "6d4361f13a942efc4b4d33d22e56b564c4362328", "tree": "ae0b616f3802f6d49f06f828cac0bdee933feafe", "parents": [ "bbbea6e1b7d27463243a0fcb871ad2953312fe3a" ], "author": { "name": "Jonathan Cameron", "email": "Jonathan.Cameron@huawei.com", "time": "Tue Sep 06 12:15:55 2022 +0100" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:41 2024 +0200" }, "message": "PCI/CMA: Authenticate devices on enumeration\n\nComponent Measurement and Authentication (CMA, PCIe r6.2 sec 6.31)\nallows for measurement and authentication of PCIe devices. It is\nbased on the Security Protocol and Data Model specification (SPDM,\nhttps://www.dmtf.org/dsp/DSP0274).\n\nCMA-SPDM in turn forms the basis for Integrity and Data Encryption\n(IDE, PCIe r6.2 sec 6.33) because the key material used by IDE is\ntransmitted over a CMA-SPDM session.\n\nAs a first step, authenticate CMA-capable devices on enumeration.\nA subsequent commit will expose the result in sysfs.\n\nWhen allocating SPDM session state with spdm_create(), the maximum SPDM\nmessage length needs to be passed. Make the PCI_DOE_MAX_LENGTH macro\npublic and calculate the maximum payload length from it.\n\nCredits: Jonathan wrote a proof-of-concept of this CMA implementation.\nLukas reworked it for upstream. Wilfred contributed fixes for issues\ndiscovered during testing.\n\nSigned-off-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\nCo-developed-by: Wilfred Mallawa \u003cwilfred.mallawa@wdc.com\u003e\nSigned-off-by: Wilfred Mallawa \u003cwilfred.mallawa@wdc.com\u003e\nCo-developed-by: Lukas Wunner \u003clukas@wunner.de\u003e\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "bbbea6e1b7d27463243a0fcb871ad2953312fe3a", "tree": "b72fcdde7371285965e877c97f75ee11855455e1", "parents": [ "d143bb81c65064654af926317f69e6578cf0cdb9" ], "author": { "name": "Jonathan Cameron", "email": "Jonathan.Cameron@huawei.com", "time": "Tue Sep 06 12:15:54 2022 +0100" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:36:39 2024 +0200" }, "message": "spdm: Introduce library to authenticate devices\n\nThe Security Protocol and Data Model (SPDM) allows for device\nauthentication, measurement, key exchange and encrypted sessions.\n\nSPDM was conceived by the Distributed Management Task Force (DMTF).\nIts specification defines a request/response protocol spoken between\nhost and attached devices over a variety of transports:\n\n https://www.dmtf.org/dsp/DSP0274\n\nThis implementation supports SPDM 1.0 through 1.3 (the latest version).\nIt is designed to be transport-agnostic as the kernel already supports\nfour different SPDM-capable transports:\n\n* PCIe Data Object Exchange, which is a mailbox in PCI config space\n (PCIe r6.2 sec 6.30, drivers/pci/doe.c)\n* Management Component Transport Protocol\n (MCTP, Documentation/networking/mctp.rst)\n* TCP/IP (in draft stage)\n https://www.dmtf.org/sites/default/files/standards/documents/DSP0287_1.0.0WIP99.pdf\n* SCSI and ATA (in draft stage)\n \"SECURITY PROTOCOL IN/OUT\" and \"TRUSTED SEND/RECEIVE\" commands\n\nUse cases for SPDM include, but are not limited to:\n\n* PCIe Component Measurement and Authentication (PCIe r6.2 sec 6.31)\n* Compute Express Link (CXL r3.0 sec 14.11.6)\n* Open Compute Project (Attestation of System Components v1.0)\n https://www.opencompute.org/documents/attestation-v1-0-20201104-pdf\n* Open Compute Project (Datacenter NVMe SSD Specification v2.0)\n https://www.opencompute.org/documents/datacenter-nvme-ssd-specification-v2-0r21-pdf\n\nThe initial focus of this implementation is enabling PCIe CMA device\nauthentication. As such, only a subset of the SPDM specification is\ncontained herein, namely the request/response sequence GET_VERSION,\nGET_CAPABILITIES, NEGOTIATE_ALGORITHMS, GET_DIGESTS, GET_CERTIFICATE\nand CHALLENGE.\n\nThis sequence first negotiates the SPDM protocol version, capabilities\nand algorithms with the device. It then retrieves the up to eight\ncertificate chains which may be provisioned on the device. Finally it\nperforms challenge-response authentication with the device using one of\nthose eight certificate chains and the algorithms negotiated before.\nThe challenge-response authentication comprises computing a hash over\nall exchanged messages to detect modification by a man-in-the-middle\nor media error. The hash is then signed with the device\u0027s private key\nand the resulting signature is verified by the kernel using the device\u0027s\npublic key from the certificate chain. Nonces are included in the\nmessage sequence to protect against replay attacks.\n\nA simple API is provided for subsystems wishing to authenticate devices:\nspdm_create(), spdm_authenticate() (can be called repeatedly for\nreauthentication) and spdm_destroy(). Certificates presented by devices\nare validated against an in-kernel keyring of trusted root certificates.\nA pointer to the keyring is passed to spdm_create().\n\nThe set of supported cryptographic algorithms is limited to those\ndeclared mandatory in PCIe r6.2 sec 6.31.3. Adding more algorithms\nis straightforward as long as the crypto subsystem supports them.\n\nFuture commits will extend this implementation with support for\nmeasurement, key exchange and encrypted sessions.\n\nSo far, only the SPDM requester role is implemented. Care was taken to\nallow for effortless addition of the responder role at a later stage.\nThis could be needed for a PCIe host bridge operating in endpoint mode.\nThe responder role will be able to reuse struct definitions and helpers\nsuch as spdm_create_combined_prefix().\n\nCredits: Jonathan wrote a proof-of-concept of this SPDM implementation.\nLukas reworked it for upstream.\n\nSigned-off-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\nCo-developed-by: Lukas Wunner \u003clukas@wunner.de\u003e\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\n" }, { "commit": "d143bb81c65064654af926317f69e6578cf0cdb9", "tree": "3961eef4b4cfc967d9bd3a493fb5ca35243940ea", "parents": [ "70fb69d212a54ff4828e5be6d0b3d04f1170464d" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jul 02 20:32:46 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jun 30 17:34:09 2024 +0200" }, "message": "crypto: ecdsa - Support P1363 signature encoding\n\nAlternatively to the X9.62 encoding of ecdsa signatures, which uses\nASN.1 and is already supported by the kernel, there\u0027s another common\nencoding called P1363. It stores r and s as the concatenation of two\nbig endian, unsigned integers. The name originates from IEEE P1363.\n\nThe Security Protocol and Data Model (SPDM) specification prescribes\nthat ecdsa signatures are encoded according to P1363:\n\n \"For ECDSA signatures, excluding SM2, in SPDM, the signature shall be\n the concatenation of r and s. The size of r shall be the size of\n the selected curve. Likewise, the size of s shall be the size of\n the selected curve. See BaseAsymAlgo in NEGOTIATE_ALGORITHMS for\n the size of r and s. The byte order for r and s shall be in big\n endian order. When placing ECDSA signatures into an SPDM signature\n field, r shall come first followed by s.\"\n\n (SPDM 1.2.1 margin no 44,\n https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.2.1.pdf)\n\nA subsequent commit introduces an SPDM library to enable PCI device\nauthentication, so add support for P1363 ecdsa signature verification.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\n" }, { "commit": "70fb69d212a54ff4828e5be6d0b3d04f1170464d", "tree": "fafd353a2b27e7c88906f879b16afd327784287e", "parents": [ "8b8a58841c221a85b8e684438237b62d77c7dd69" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Jul 02 15:26:51 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Mon May 27 14:18:05 2024 +0200" }, "message": "crypto: akcipher - Support more than one signature encoding\n\nCurrently only a single default signature encoding is supported per\nakcipher.\n\nA subsequent commit will allow a second encoding for ecdsa, namely P1363\nalternatively to X9.62.\n\nTo accommodate for that, amend struct akcipher_request and struct\ncrypto_akcipher_sync_data to store the desired signature encoding for\nverify and sign ops.\n\nAmend akcipher_request_set_crypt(), crypto_sig_verify() and\ncrypto_sig_sign() with an additional parameter which specifies the\ndesired signature encoding. Adjust all callers.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\n" }, { "commit": "8b8a58841c221a85b8e684438237b62d77c7dd69", "tree": "b14d423e7e3c3ab8c051c6e9ec4d49e1f447b8f6", "parents": [ "cf34e283103de55b07fcddcbe39b60ea32b6d891" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Sep 24 19:10:12 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Mon May 27 14:18:02 2024 +0200" }, "message": "certs: Create blacklist keyring earlier\n\nThe upcoming support for PCI device authentication with CMA-SPDM\n(PCIe r6.2 sec 6.31) requires parsing X.509 certificates upon\ndevice enumeration, which happens in a subsys_initcall().\n\nParsing X.509 certificates accesses the blacklist keyring:\nx509_cert_parse()\n x509_get_sig_params()\n is_hash_blacklisted()\n keyring_search()\n\nSo far the keyring is created much later in a device_initcall(). Avoid\na NULL pointer dereference on access to the keyring by creating it one\ninitcall level earlier than PCI device enumeration, i.e. in an\narch_initcall().\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Dan Williams \u003cdan.j.williams@intel.com\u003e\nReviewed-by: Wilfred Mallawa \u003cwilfred.mallawa@wdc.com\u003e\nReviewed-by: Alistair Francis \u003calistair.francis@wdc.com\u003e\nReviewed-by: Ilpo Järvinen \u003cilpo.jarvinen@linux.intel.com\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\n" }, { "commit": "cf34e283103de55b07fcddcbe39b60ea32b6d891", "tree": "441c2daad254fd47290bf7eb1dfa144134709504", "parents": [ "b5e8ede319f374bd7be08c9963487e83cee3496b" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Tue Jan 10 14:57:13 2023 +0100" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Mon May 27 14:17:59 2024 +0200" }, "message": "X.509: Move certificate length retrieval into new helper\n\nThe upcoming in-kernel SPDM library (Security Protocol and Data Model,\nhttps://www.dmtf.org/dsp/DSP0274) needs to retrieve the length from\nASN.1 DER-encoded X.509 certificates.\n\nSuch code already exists in x509_load_certificate_list(), so move it\ninto a new helper for reuse by SPDM.\n\nExport the helper so that SPDM can be tristate. (Some upcoming users of\nthe SPDM libray may be modular, such as SCSI and ATA.)\n\nNo functional change intended.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Dan Williams \u003cdan.j.williams@intel.com\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\n" }, { "commit": "b5e8ede319f374bd7be08c9963487e83cee3496b", "tree": "9776da4c5fb8d2f720c90a289293e6dc4d48d005", "parents": [ "014885d5b43b5c0fdeff67c7f95b978405740126" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Aug 20 08:42:55 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Mon May 27 14:17:56 2024 +0200" }, "message": "X.509: Parse Subject Alternative Name in certificates\n\nThe upcoming support for PCI device authentication with CMA-SPDM\n(PCIe r6.1 sec 6.31) requires validating the Subject Alternative Name\nin X.509 certificates.\n\nStore a pointer to the Subject Alternative Name upon parsing for\nconsumption by CMA-SPDM.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Wilfred Mallawa \u003cwilfred.mallawa@wdc.com\u003e\nReviewed-by: Ilpo Järvinen \u003cilpo.jarvinen@linux.intel.com\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\nAcked-by: Dan Williams \u003cdan.j.williams@intel.com\u003e\n" }, { "commit": "014885d5b43b5c0fdeff67c7f95b978405740126", "tree": "d5e4f9f7c108de2df2edc352f85a7adb2e6ebe3f", "parents": [ "1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0" ], "author": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Sun Aug 20 07:19:58 2023 +0200" }, "committer": { "name": "Lukas Wunner", "email": "lukas@wunner.de", "time": "Mon May 27 14:17:54 2024 +0200" }, "message": "X.509: Make certificate parser public\n\nThe upcoming support for PCI device authentication with CMA-SPDM\n(PCIe r6.1 sec 6.31) requires validating the Subject Alternative Name\nin X.509 certificates.\n\nHigh-level functions for X.509 parsing such as key_create_or_update()\nthrow away the internal, low-level struct x509_certificate after\nextracting the struct public_key and public_key_signature from it.\nThe Subject Alternative Name is thus inaccessible when using those\nfunctions.\n\nAfford CMA-SPDM access to the Subject Alternative Name by making struct\nx509_certificate public, together with the functions for parsing an\nX.509 certificate into such a struct and freeing such a struct.\n\nThe private header file x509_parser.h previously included \u003clinux/time.h\u003e\nfor the definition of time64_t. That definition was since moved to\n\u003clinux/time64.h\u003e by commit 361a3bf00582 (\"time64: Add time64.h header\nand define struct timespec64\"), so adjust the #include directive as part\nof the move to the new public header file \u003ckeys/x509-parser.h\u003e.\n\nNo functional change intended.\n\nSigned-off-by: Lukas Wunner \u003clukas@wunner.de\u003e\nReviewed-by: Dan Williams \u003cdan.j.williams@intel.com\u003e\nReviewed-by: Ilpo Järvinen \u003cilpo.jarvinen@linux.intel.com\u003e\nReviewed-by: Jonathan Cameron \u003cJonathan.Cameron@huawei.com\u003e\n" }, { "commit": "1613e604df0cd359cf2a7fbd9be7a0bcfacfabd0", "tree": "71a8974bce22786fc21e55bcaf60a87c5dcbb70b", "parents": [ "9b0abe7948364bd35fff2b202ee7f30a2fa73c53" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun May 26 15:20:12 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun May 26 15:20:12 2024 -0700" }, "message": "Linux 6.10-rc1\n" }, { "commit": "9b0abe7948364bd35fff2b202ee7f30a2fa73c53", "tree": "d2536e35d9a1c3b7557294bd6672c1454b7758b7", "parents": [ "6fbf71854e2ddea7c99397772fbbb3783bfe15b5" ], "author": { "name": "Kent Overstreet", "email": "kent.overstreet@linux.dev", "time": "Fri May 24 11:42:09 2024 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun May 26 14:40:39 2024 -0700" }, "message": "mm: percpu: Include smp.h in alloc_tag.h\n\npercpu.h depends on smp.h, but doesn\u0027t include it directly because of\ncircular header dependency issues; percpu.h is needed in a bunch of low\nlevel headers.\n\nThis fixes a randconfig build error on mips:\n\n include/linux/alloc_tag.h: In function \u0027__alloc_tag_ref_set\u0027:\n include/asm-generic/percpu.h:31:40: error: implicit declaration of function \u0027raw_smp_processor_id\u0027 [-Werror\u003dimplicit-function-declaration]\n\nReported-by: kernel test robot \u003clkp@intel.com\u003e\nFixes: 24e44cc22aa3 (\"mm: percpu: enable per-cpu allocation tagging\")\nCloses: https://lore.kernel.org/oe-kbuild-all/202405210052.DIrMXJNz-lkp@intel.com/\nSigned-off-by: Kent Overstreet \u003ckent.overstreet@linux.dev\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "6fbf71854e2ddea7c99397772fbbb3783bfe15b5", "tree": "3fb756eb47016c58b3e3934c75ecddf88eed66ee", "parents": [ "c13320499ba0efd93174ef6462ae8a7a2933f6e7", "4f1b067359ac8364cdb7f9fda41085fa85789d0f" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun May 26 09:54:26 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun May 26 09:54:26 2024 -0700" }, "message": "Merge tag \u0027perf-tools-fixes-for-v6.10-1-2024-05-26\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools\n\nPull perf tool fix from Arnaldo Carvalho de Melo:\n \"Revert a patch causing a regression.\n\n This made a simple \u0027perf record -e cycles:pp make -j199\u0027 stop working\n on the Ampere ARM64 system Linus uses to test ARM64 kernels\".\n\n* tag \u0027perf-tools-fixes-for-v6.10-1-2024-05-26\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools:\n Revert \"perf parse-events: Prefer sysfs/JSON hardware events over legacy\"\n" }, { "commit": "4f1b067359ac8364cdb7f9fda41085fa85789d0f", "tree": "846f6538ff40f8d499423b5b894921dd11db5fbd", "parents": [ "29c73fc794c83505066ee6db893b2a83ac5fac63" ], "author": { "name": "Arnaldo Carvalho de Melo", "email": "acme@redhat.com", "time": "Sun May 26 08:13:21 2024 -0300" }, "committer": { "name": "Arnaldo Carvalho de Melo", "email": "acme@redhat.com", "time": "Sun May 26 08:41:34 2024 -0300" }, "message": "Revert \"perf parse-events: Prefer sysfs/JSON hardware events over legacy\"\n\nThis reverts commit 617824a7f0f73e4de325cf8add58e55b28c12493.\n\nThis made a simple \u0027perf record -e cycles:pp make -j199\u0027 stop working on\nthe Ampere ARM64 system Linus uses to test ARM64 kernels, as discussed\nat length in the threads in the Link tags below.\n\nThe fix provided by Ian wasn\u0027t acceptable and work to fix this will take\ntime we don\u0027t have at this point, so lets revert this and work on it on\nthe next devel cycle.\n\nReported-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Adrian Hunter \u003cadrian.hunter@intel.com\u003e\nCc: Bhaskar Chowdhury \u003cunixbhaskar@gmail.com\u003e\nCc: Ethan Adams \u003cj.ethan.adams@gmail.com\u003e\nCc: Ian Rogers \u003cirogers@google.com\u003e\nCc: Ingo Molnar \u003cmingo@kernel.org\u003e\nCc: James Clark \u003cjames.clark@arm.com\u003e\nCc: Jiri Olsa \u003cjolsa@kernel.org\u003e\nCc: Kan Liang \u003ckan.liang@linux.intel.com\u003e\nCc: Namhyung Kim \u003cnamhyung@kernel.org\u003e\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Thomas Richter \u003ctmricht@linux.ibm.com\u003e\nCc: Tycho Andersen \u003ctycho@tycho.pizza\u003e\nCc: Yang Jihong \u003cyangjihong@bytedance.com\u003e\nLink: https://lore.kernel.org/lkml/CAHk-\u003dwi5Ri\u003dyR2jBVk-4HzTzpoAWOgstr1LEvg_-OXtJvXXJOA@mail.gmail.com\nLink: https://lore.kernel.org/lkml/CAHk-\u003dwiWvtFyedDNpoV7a8Fq_FpbB+F5KmWK2xPY3QoYseOf_A@mail.gmail.com\nSigned-off-by: Arnaldo Carvalho de Melo \u003cacme@redhat.com\u003e\n" }, { "commit": "c13320499ba0efd93174ef6462ae8a7a2933f6e7", "tree": "5a49e9d578be46c879831dc7c325f408c33e6fc9", "parents": [ "9b62e02e63363f5678d5598ee7372064301587f7", "93a43155127fec0f8cc942d63b76668c2f8f69fa" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 22:33:10 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 22:33:10 2024 -0700" }, "message": "Merge tag \u00276.10-rc-smb3-fixes-part2\u0027 of git://git.samba.org/sfrench/cifs-2.6\n\nPull smb client fixes from Steve French:\n\n - two important netfs integration fixes - including for a data\n corruption and also fixes for multiple xfstests\n\n - reenable swap support over SMB3\n\n* tag \u00276.10-rc-smb3-fixes-part2\u0027 of git://git.samba.org/sfrench/cifs-2.6:\n cifs: Fix missing set of remote_i_size\n cifs: Fix smb3_insert_range() to move the zero_point\n cifs: update internal version number\n smb3: reenable swapfiles over SMB3 mounts\n" }, { "commit": "9b62e02e63363f5678d5598ee7372064301587f7", "tree": "1f79f1b1506b579e0721d6a522d90809f5360b47", "parents": [ "a0db36ed571397df9a3f507ee19913a74d4b97a5", "90e823498881fb8a91d83e9a8eed87c8c3ff2176" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 15:10:33 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 15:10:33 2024 -0700" }, "message": "Merge tag \u0027mm-hotfixes-stable-2024-05-25-09-13\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm\n\nPull misc fixes from Andrew Morton:\n \"16 hotfixes, 11 of which are cc:stable.\n\n A few nilfs2 fixes, the remainder are for MM: a couple of selftests\n fixes, various singletons fixing various issues in various parts\"\n\n* tag \u0027mm-hotfixes-stable-2024-05-25-09-13\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm:\n mm/ksm: fix possible UAF of stable_node\n mm/memory-failure: fix handling of dissolved but not taken off from buddy pages\n mm: /proc/pid/smaps_rollup: avoid skipping vma after getting mmap_lock again\n nilfs2: fix potential hang in nilfs_detach_log_writer()\n nilfs2: fix unexpected freezing of nilfs_segctor_sync()\n nilfs2: fix use-after-free of timer for log writer thread\n selftests/mm: fix build warnings on ppc64\n arm64: patching: fix handling of execmem addresses\n selftests/mm: compaction_test: fix bogus test success and reduce probability of OOM-killer invocation\n selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages\n selftests/mm: compaction_test: fix bogus test success on Aarch64\n mailmap: update email address for Satya Priya\n mm/huge_memory: don\u0027t unpoison huge_zero_folio\n kasan, fortify: properly rename memintrinsics\n lib: add version into /proc/allocinfo output\n mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL\n" }, { "commit": "a0db36ed571397df9a3f507ee19913a74d4b97a5", "tree": "313ea73feafb073652a84051a6b9c349f6ac6c6c", "parents": [ "3a390f24b77328395cb7dfe05739889aff6897a6", "b84a8aba806261d2f759ccedf4a2a6a80a5e55ba" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:48:40 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:48:40 2024 -0700" }, "message": "Merge tag \u0027irq-urgent-2024-05-25\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip\n\nPull irq fixes from Ingo Molnar:\n\n - Fix x86 IRQ vector leak caused by a CPU offlining race\n\n - Fix build failure in the riscv-imsic irqchip driver\n caused by an API-change semantic conflict\n\n - Fix use-after-free in irq_find_at_or_after()\n\n* tag \u0027irq-urgent-2024-05-25\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:\n genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()\n genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n irqchip/riscv-imsic: Fixup riscv_ipi_set_virq_range() conflict\n" }, { "commit": "3a390f24b77328395cb7dfe05739889aff6897a6", "tree": "34a66647cb66046728e760be585bc4540ce18ac1", "parents": [ "56676c4c06f19215fbf8b8813c73d63c986270f8", "93022482b2948a9a7e9b5a2bb685f2e1cb4c3348" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:40:09 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:40:09 2024 -0700" }, "message": "Merge tag \u0027x86-urgent-2024-05-25\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip\n\nPull x86 fixes from Ingo Molnar:\n\n - Fix regressions of the new x86 CPU VFM (vendor/family/model)\n enumeration/matching code\n\n - Fix crash kernel detection on buggy firmware with\n non-compliant ACPI MADT tables\n\n - Address Kconfig warning\n\n* tag \u0027x86-urgent-2024-05-25\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:\n x86/cpu: Fix x86_match_cpu() to match just X86_VENDOR_INTEL\n crypto: x86/aes-xts - switch to new Intel CPU model defines\n x86/topology: Handle bogus ACPI tables correctly\n x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER\u003dy\n" }, { "commit": "56676c4c06f19215fbf8b8813c73d63c986270f8", "tree": "bb3501a38c905807f4463f58b32b667b2f156f2a", "parents": [ "74eca356f6d4429497a097a8ed4dfa76c441bab9", "999dff3c13930ad77a7070a5fb4473b1fafdcecc" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:32:29 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:32:29 2024 -0700" }, "message": "Merge tag \u0027for-linus-6.10-1\u0027 of https://github.com/cminyard/linux-ipmi\n\nPull ipmi updates from Corey Minyard:\n \"Mostly updates for deprecated interfaces, platform.remove and\n converting from a tasklet to a BH workqueue.\n\n Also use HAS_IOPORT for disabling inb()/outb()\"\n\n* tag \u0027for-linus-6.10-1\u0027 of https://github.com/cminyard/linux-ipmi:\n ipmi: kcs_bmc_npcm7xx: Convert to platform remove callback returning void\n ipmi: kcs_bmc_aspeed: Convert to platform remove callback returning void\n ipmi: ipmi_ssif: Convert to platform remove callback returning void\n ipmi: ipmi_si_platform: Convert to platform remove callback returning void\n ipmi: ipmi_powernv: Convert to platform remove callback returning void\n ipmi: bt-bmc: Convert to platform remove callback returning void\n char: ipmi: handle HAS_IOPORT dependencies\n ipmi: Convert from tasklet to BH workqueue\n" }, { "commit": "74eca356f6d4429497a097a8ed4dfa76c441bab9", "tree": "1a10a8e3c322748cdb65a9c31e141344b757df6a", "parents": [ "89b61ca478dcb66625fb36f3b47ef4e0eae2e461", "93a2221c9c1ae32643df67c482dc4c4c591b7514" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:23:58 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:23:58 2024 -0700" }, "message": "Merge tag \u0027ceph-for-6.10-rc1\u0027 of https://github.com/ceph/ceph-client\n\nPull ceph updates from Ilya Dryomov:\n \"A series from Xiubo that adds support for additional access checks\n based on MDS auth caps which were recently made available to clients.\n\n This is needed to prevent scenarios where the MDS quietly discards\n updates that a UID-restricted client previously (wrongfully) acked to\n the user.\n\n Other than that, just a documentation fixup\"\n\n* tag \u0027ceph-for-6.10-rc1\u0027 of https://github.com/ceph/ceph-client:\n doc: ceph: update userspace command to get CephFS metadata\n ceph: add CEPHFS_FEATURE_MDS_AUTH_CAPS_CHECK feature bit\n ceph: check the cephx mds auth access for async dirop\n ceph: check the cephx mds auth access for open\n ceph: check the cephx mds auth access for setattr\n ceph: add ceph_mds_check_access() helper\n ceph: save cap_auths in MDS client when session is opened\n" }, { "commit": "89b61ca478dcb66625fb36f3b47ef4e0eae2e461", "tree": "ff10e44473321925a5a2674ceed446a3af1f55af", "parents": [ "6c8b1a2dca0b98775f75a59ddf5f62b6c9512b75", "302e9dca8428979c9c99f2dbb44dc1783f5011c3" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:19:01 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:19:01 2024 -0700" }, "message": "Merge tag \u0027ntfs3_for_6.10\u0027 of https://github.com/Paragon-Software-Group/linux-ntfs3\n\nPull ntfs3 updates from Konstantin Komarov:\n \"Fixes:\n - reusing of the file index (could cause the file to be trimmed)\n - infinite dir enumeration\n - taking DOS names into account during link counting\n - le32_to_cpu conversion, 32 bit overflow, NULL check\n - some code was refactored\n\n Changes:\n - removed max link count info display during driver init\n\n Remove:\n - atomic_open has been removed for lack of use\"\n\n* tag \u0027ntfs3_for_6.10\u0027 of https://github.com/Paragon-Software-Group/linux-ntfs3:\n fs/ntfs3: Break dir enumeration if directory contents error\n fs/ntfs3: Fix case when index is reused during tree transformation\n fs/ntfs3: Mark volume as dirty if xattr is broken\n fs/ntfs3: Always make file nonresident on fallocate call\n fs/ntfs3: Redesign ntfs_create_inode to return error code instead of inode\n fs/ntfs3: Use variable length array instead of fixed size\n fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow\n fs/ntfs3: Check \u0027folio\u0027 pointer for NULL\n fs/ntfs3: Missed le32_to_cpu conversion\n fs/ntfs3: Remove max link count info display during driver init\n fs/ntfs3: Taking DOS names into account during link counting\n fs/ntfs3: remove atomic_open\n fs/ntfs3: use kcalloc() instead of kzalloc()\n" }, { "commit": "6c8b1a2dca0b98775f75a59ddf5f62b6c9512b75", "tree": "3e019a381f343a54b13c531bf9e45e6a302ef918", "parents": [ "54f71b0369c9d8dcf23c13ddab2a097115c5f572", "405ee4097c4bc3e70556520aed5ba52a511c2266" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:15:39 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 14:15:39 2024 -0700" }, "message": "Merge tag \u00276.10-rc-ksmbd-server-fixes\u0027 of git://git.samba.org/ksmbd\n\nPull smb server fixes from Steve French:\n \"Two ksmbd server fixes, both for stable\"\n\n* tag \u00276.10-rc-ksmbd-server-fixes\u0027 of git://git.samba.org/ksmbd:\n ksmbd: ignore trailing slashes in share paths\n ksmbd: avoid to send duplicate oplock break notifications\n" }, { "commit": "54f71b0369c9d8dcf23c13ddab2a097115c5f572", "tree": "60a9113e0b148056a974ad658e389084001531f0", "parents": [ "4286e1fceb8c99f25332dc7e85f9879408caa45a", "4c9a91b94c126d6585fbf185807b26dca5166209" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:33:53 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:33:53 2024 -0700" }, "message": "Merge tag \u0027rtc-6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux\n\nPull RTC updates from Alexandre Belloni:\n \"There is one new driver and then most of the changes are the device\n tree bindings conversions to yaml.\n\n New driver:\n - Epson RX8111\n\n Drivers:\n - Many Device Tree bindings conversions to dtschema\n - pcf8563: wakeup-source support\"\n\n* tag \u0027rtc-6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux:\n pcf8563: add wakeup-source support\n rtc: rx8111: handle VLOW flag\n rtc: rx8111: demote warnings to debug level\n rtc: rx6110: Constify struct regmap_config\n dt-bindings: rtc: convert trivial devices into dtschema\n dt-bindings: rtc: stmp3xxx-rtc: convert to dtschema\n dt-bindings: rtc: pxa-rtc: convert to dtschema\n rtc: Add driver for Epson RX8111\n dt-bindings: rtc: Add Epson RX8111\n rtc: mcp795: drop unneeded MODULE_ALIAS\n rtc: nuvoton: Modify part number value\n rtc: test: Split rtc unit test into slow and normal speed test\n dt-bindings: rtc: nxp,lpc1788-rtc: convert to dtschema\n dt-bindings: rtc: digicolor-rtc: move to trivial-rtc\n dt-bindings: rtc: alphascale,asm9260-rtc: convert to dtschema\n dt-bindings: rtc: armada-380-rtc: convert to dtschema\n rtc: cros-ec: provide ID table for avoiding fallback match\n" }, { "commit": "4286e1fceb8c99f25332dc7e85f9879408caa45a", "tree": "5f742ce2f595babc749d00ac26173f9d1abf9f64", "parents": [ "6951abe8f37b1f4f9a0e7c036873f0ab4f56abf1", "1d08326020fba690cbb7b8f1b38ab4eab6745969" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:28:29 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:28:29 2024 -0700" }, "message": "Merge tag \u0027i3c/for-6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux\n\nPull i3c updates from Alexandre Belloni:\n \"Runtime PM (power management) is improved and hot-join support has\n been added to the dw controller driver.\n\n Core:\n - Allow device driver to trigger controller runtime PM\n\n Drivers:\n - dw: hot-join support\n - svc: better IBI handling\"\n\n* tag \u0027i3c/for-6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/i3c/linux:\n i3c: dw: Add hot-join support.\n i3c: master: Enable runtime PM for master controller\n i3c: master: svc: fix invalidate IBI type and miss call client IBI handler\n i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame\n i3c: Add comment for -EAGAIN in i3c_device_do_priv_xfers()\n" }, { "commit": "6951abe8f37b1f4f9a0e7c036873f0ab4f56abf1", "tree": "57b5f9dc4505fdaaf69812de1669135bb095fe89", "parents": [ "2313022ec5942e3ddd2e4e57002ed71926887f87", "af9a8730ddb6a4b2edd779ccc0aceb994d616830" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:23:42 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:23:42 2024 -0700" }, "message": "Merge tag \u0027jffs2-for-linus-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs\n\nPull jffs2 updates from Richard Weinberger:\n\n - Fix illegal memory access in jffs2_free_inode()\n\n - Kernel-doc fixes\n\n - print symbolic error names\n\n* tag \u0027jffs2-for-linus-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs:\n jffs2: Fix potential illegal address access in jffs2_free_inode\n jffs2: Simplify the allocation of slab caches\n jffs2: nodemgmt: fix kernel-doc comments\n jffs2: print symbolic error name instead of error code\n" }, { "commit": "2313022ec5942e3ddd2e4e57002ed71926887f87", "tree": "bd0319acba4685e224f17bc302daa502d650f7a3", "parents": [ "56fb6f92854f29dcb6c3dc3ba92eeda1b615e88c", "919e3ece7f5aaf7b5f3c54538d5303b6eeeb053b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:17:48 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat May 25 13:17:48 2024 -0700" }, "message": "Merge tag \u0027uml-for-linus-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux\n\nPull UML updates from Richard Weinberger:\n\n - Fixes for -Wmissing-prototypes warnings and further cleanup\n\n - Remove callback returning void from rtc and virtio drivers\n\n - Fix bash location\n\n* tag \u0027uml-for-linus-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/uml/linux: (26 commits)\n um: virtio_uml: Convert to platform remove callback returning void\n um: rtc: Convert to platform remove callback returning void\n um: Remove unused do_get_thread_area function\n um: Fix -Wmissing-prototypes warnings for __vdso_*\n um: Add an internal header shared among the user code\n um: Fix the declaration of kasan_map_memory\n um: Fix the -Wmissing-prototypes warning for get_thread_reg\n um: Fix the -Wmissing-prototypes warning for __switch_mm\n um: Fix -Wmissing-prototypes warnings for (rt_)sigreturn\n um: Stop tracking host PID in cpu_tasks\n um: process: remove unused \u0027n\u0027 variable\n um: vector: remove unused len variable/calculation\n um: vector: fix bpfflash parameter evaluation\n um: slirp: remove set but unused variable \u0027pid\u0027\n um: signal: move pid variable where needed\n um: Makefile: use bash from the environment\n um: Add winch to winch_handlers before registering winch IRQ\n um: Fix -Wmissing-prototypes warnings for __warp_* and foo\n um: Fix -Wmissing-prototypes warnings for text_poke*\n um: Move declarations to proper headers\n ...\n" }, { "commit": "56fb6f92854f29dcb6c3dc3ba92eeda1b615e88c", "tree": "85e95788af18acd2db7ba58faafed4058949e662", "parents": [ "0b32d436c015d5a88b3368405e3d8fe82f195a54", "32a0bb7ef217aa37e6b67ca7950f5e504312ed72" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 17:28:02 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 17:28:02 2024 -0700" }, "message": "Merge tag \u0027drm-next-2024-05-25\u0027 of https://gitlab.freedesktop.org/drm/kernel\n\nPull drm fixes from Dave Airlie:\n \"Some fixes for the end of the merge window, mostly amdgpu and panthor,\n with one nouveau uAPI change that fixes a bad decision we made a few\n months back.\n\n nouveau:\n - fix bo metadata uAPI for vm bind\n\n panthor:\n - Fixes for panthor\u0027s heap logical block.\n - Reset on unrecoverable fault\n - Fix VM references.\n - Reset fix.\n\n xlnx:\n - xlnx compile and doc fixes.\n\n amdgpu:\n - Handle vbios table integrated info v2.3\n\n amdkfd:\n - Handle duplicate BOs in reserve_bo_and_cond_vms\n - Handle memory limitations on small APUs\n\n dp/mst:\n - MST null deref fix.\n\n bridge:\n - Don\u0027t let next bridge create connector in adv7511 to make probe\n work\"\n\n* tag \u0027drm-next-2024-05-25\u0027 of https://gitlab.freedesktop.org/drm/kernel:\n drm/amdgpu/atomfirmware: add intergrated info v2.3 table\n drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2\n drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs\n drm/amdkfd: handle duplicate BOs in reserve_bo_and_cond_vms\n drm/bridge: adv7511: Attach next bridge without creating connector\n drm/buddy: Fix the warn on\u0027s during force merge\n drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations\n drm/panthor: Call panthor_sched_post_reset() even if the reset failed\n drm/panthor: Reset the FW VM to NULL on unplug\n drm/panthor: Keep a ref to the VM at the panthor_kernel_bo level\n drm/panthor: Force an immediate reset on unrecoverable faults\n drm/panthor: Document drm_panthor_tiler_heap_destroy::handle validity constraints\n drm/panthor: Fix an off-by-one in the heap context retrieval logic\n drm/panthor: Relax the constraints on the tiler chunk size\n drm/panthor: Make sure the tiler initial/max chunks are consistent\n drm/panthor: Fix tiler OOM handling to allow incremental rendering\n drm: xlnx: zynqmp_dpsub: Fix compilation error\n drm: xlnx: zynqmp_dpsub: Fix few function comments\n" }, { "commit": "93a43155127fec0f8cc942d63b76668c2f8f69fa", "tree": "7e6fd59147796ca5b181549e650c14503d787e72", "parents": [ "8a1607233566fef7fbe30416e5d3b0567d0d1fba" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri May 24 15:23:36 2024 +0100" }, "committer": { "name": "Steve French", "email": "stfrench@microsoft.com", "time": "Fri May 24 16:05:56 2024 -0500" }, "message": "cifs: Fix missing set of remote_i_size\n\nOccasionally, the generic/001 xfstest will fail indicating corruption in\none of the copy chains when run on cifs against a server that supports\nFSCTL_DUPLICATE_EXTENTS_TO_FILE (eg. Samba with a share on btrfs). The\nproblem is that the remote_i_size value isn\u0027t updated by cifs_setsize()\nwhen called by smb2_duplicate_extents(), but i_size *is*.\n\nThis may cause cifs_remap_file_range() to then skip the bit after calling\n-\u003eduplicate_extents() that sets sizes.\n\nFix this by calling netfs_resize_file() in smb2_duplicate_extents() before\ncalling cifs_setsize() to set i_size.\n\nThis means we don\u0027t then need to call netfs_resize_file() upon return from\n-\u003eduplicate_extents(), but we also fix the test to compare against the pre-dup\ninode size.\n\n[Note that this goes back before the addition of remote_i_size with the\nnetfs_inode struct. It should probably have been setting cifsi-\u003eserver_eof\npreviously.]\n\nFixes: cfc63fc8126a (\"smb3: fix cached file size problems in duplicate extents (reflink)\")\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\ncc: Steve French \u003csfrench@samba.org\u003e\ncc: Paulo Alcantara \u003cpc@manguebit.com\u003e\ncc: Shyam Prasad N \u003cnspmangalore@gmail.com\u003e\ncc: Rohith Surabattula \u003crohiths.msft@gmail.com\u003e\ncc: Jeff Layton \u003cjlayton@kernel.org\u003e\ncc: linux-cifs@vger.kernel.org\ncc: netfs@lists.linux.dev\nSigned-off-by: Steve French \u003cstfrench@microsoft.com\u003e\n" }, { "commit": "8a1607233566fef7fbe30416e5d3b0567d0d1fba", "tree": "3df68d949e8513d0bdb7db4681a9bc3f3ceb8b36", "parents": [ "10c623a1956e673a9268493e0dacf373ddb2f9bf" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed May 22 09:38:48 2024 +0100" }, "committer": { "name": "Steve French", "email": "stfrench@microsoft.com", "time": "Fri May 24 16:04:36 2024 -0500" }, "message": "cifs: Fix smb3_insert_range() to move the zero_point\n\nFix smb3_insert_range() to move the zero_point over to the new EOF.\nWithout this, generic/147 fails as reads of data beyond the old EOF point\nreturn zeroes.\n\nFixes: 3ee1a1fc3981 (\"cifs: Cut over to using netfslib\")\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\ncc: Shyam Prasad N \u003cnspmangalore@gmail.com\u003e\ncc: Rohith Surabattula \u003crohiths.msft@gmail.com\u003e\ncc: Jeff Layton \u003cjlayton@kernel.org\u003e\ncc: linux-cifs@vger.kernel.org\ncc: netfs@lists.linux.dev\nSigned-off-by: Steve French \u003cstfrench@microsoft.com\u003e\n" }, { "commit": "0b32d436c015d5a88b3368405e3d8fe82f195a54", "tree": "bca3ff3546fe073d766d527f87b3fb6cdfb87e0c", "parents": [ "f1f9984fdc5e37303d7180ff7a85dfecb8e57e85", "a52b4f11a2e17109c4b9f7df4ff19215b1752efc" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 12:47:28 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 12:47:28 2024 -0700" }, "message": "Merge tag \u0027mm-stable-2024-05-24-11-49\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm\n\nPull more mm updates from Andrew Morton:\n \"Jeff Xu\u0027s implementation of the mseal() syscall\"\n\n* tag \u0027mm-stable-2024-05-24-11-49\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm:\n selftest mm/mseal read-only elf memory segment\n mseal: add documentation\n selftest mm/mseal memory sealing\n mseal: add mseal syscall\n mseal: wire up mseal syscall\n" }, { "commit": "90e823498881fb8a91d83e9a8eed87c8c3ff2176", "tree": "6e62d929cf84ea3b5b4831c976807c8960801218", "parents": [ "8cf360b9d6a840700e06864236a01a883b34bbad" ], "author": { "name": "Chengming Zhou", "email": "chengming.zhou@linux.dev", "time": "Mon May 13 11:07:56 2024 +0800" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:08 2024 -0700" }, "message": "mm/ksm: fix possible UAF of stable_node\n\nThe commit 2c653d0ee2ae (\"ksm: introduce ksm_max_page_sharing per page\ndeduplication limit\") introduced a possible failure case in the\nstable_tree_insert(), where we may free the new allocated stable_node_dup\nif we fail to prepare the missing chain node.\n\nThen that kfolio return and unlock with a freed stable_node set... And\nany MM activities can come in to access kfolio-\u003emapping, so UAF.\n\nFix it by moving folio_set_stable_node() to the end after stable_node\nis inserted successfully.\n\nLink: https://lkml.kernel.org/r/20240513-b4-ksm-stable-node-uaf-v1-1-f687de76f452@linux.dev\nFixes: 2c653d0ee2ae (\"ksm: introduce ksm_max_page_sharing per page deduplication limit\")\nSigned-off-by: Chengming Zhou \u003cchengming.zhou@linux.dev\u003e\nAcked-by: David Hildenbrand \u003cdavid@redhat.com\u003e\nCc: Andrea Arcangeli \u003caarcange@redhat.com\u003e\nCc: Hugh Dickins \u003chughd@google.com\u003e\nCc: Stefan Roesch \u003cshr@devkernel.io\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "8cf360b9d6a840700e06864236a01a883b34bbad", "tree": "28646d0d56955c4314e2647e10d8c13173f7a0ad", "parents": [ "6d065f507d82307d6161ac75c025111fb8b08a46" ], "author": { "name": "Miaohe Lin", "email": "linmiaohe@huawei.com", "time": "Thu May 23 15:12:17 2024 +0800" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:08 2024 -0700" }, "message": "mm/memory-failure: fix handling of dissolved but not taken off from buddy pages\n\nWhen I did memory failure tests recently, below panic occurs:\n\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00\nflags: 0x6fffe0000000000(node\u003d1|zone\u003d2|lastcpupid\u003d0x7fff)\nraw: 06fffe0000000000 dead000000000100 dead000000000122 0000000000000000\nraw: 0000000000000000 0000000000000009 00000000ffffffff 0000000000000000\npage dumped because: VM_BUG_ON_PAGE(!PageBuddy(page))\n------------[ cut here ]------------\nkernel BUG at include/linux/page-flags.h:1009!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nRIP: 0010:__del_page_from_free_list+0x151/0x180\nRSP: 0018:ffffa49c90437998 EFLAGS: 00000046\nRAX: 0000000000000035 RBX: 0000000000000009 RCX: ffff8dd8dfd1c9c8\nRDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff8dd8dfd1c9c0\nRBP: ffffd901233b8000 R08: ffffffffab5511f8 R09: 0000000000008c69\nR10: 0000000000003c15 R11: ffffffffab5511f8 R12: ffff8dd8fffc0c80\nR13: 0000000000000001 R14: ffff8dd8fffc0c80 R15: 0000000000000009\nFS: 00007ff916304740(0000) GS:ffff8dd8dfd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055eae50124c8 CR3: 00000008479e0000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __rmqueue_pcplist+0x23b/0x520\n get_page_from_freelist+0x26b/0xe40\n __alloc_pages_noprof+0x113/0x1120\n __folio_alloc_noprof+0x11/0xb0\n alloc_buddy_hugetlb_folio.isra.0+0x5a/0x130\n __alloc_fresh_hugetlb_folio+0xe7/0x140\n alloc_pool_huge_folio+0x68/0x100\n set_max_huge_pages+0x13d/0x340\n hugetlb_sysctl_handler_common+0xe8/0x110\n proc_sys_call_handler+0x194/0x280\n vfs_write+0x387/0x550\n ksys_write+0x64/0xe0\n do_syscall_64+0xc2/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff916114887\nRSP: 002b:00007ffec8a2fd78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 000055eae500e350 RCX: 00007ff916114887\nRDX: 0000000000000004 RSI: 000055eae500e390 RDI: 0000000000000003\nRBP: 000055eae50104c0 R08: 0000000000000000 R09: 000055eae50104c0\nR10: 0000000000000077 R11: 0000000000000246 R12: 0000000000000004\nR13: 0000000000000004 R14: 00007ff916216b80 R15: 00007ff916216a00\n \u003c/TASK\u003e\nModules linked in: mce_inject hwpoison_inject\n---[ end trace 0000000000000000 ]---\n\nAnd before the panic, there had an warning about bad page state:\n\nBUG: Bad page state in process page-types pfn:8cee00\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00\nflags: 0x6fffe0000000000(node\u003d1|zone\u003d2|lastcpupid\u003d0x7fff)\npage_type: 0xffffff7f(buddy)\nraw: 06fffe0000000000 ffffd901241c0008 ffffd901240f8008 0000000000000000\nraw: 0000000000000000 0000000000000009 00000000ffffff7f 0000000000000000\npage dumped because: nonzero mapcount\nModules linked in: mce_inject hwpoison_inject\nCPU: 8 PID: 154211 Comm: page-types Not tainted 6.9.0-rc4-00499-g5544ec3178e2-dirty #22\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x83/0xa0\n bad_page+0x63/0xf0\n free_unref_page+0x36e/0x5c0\n unpoison_memory+0x50b/0x630\n simple_attr_write_xsigned.constprop.0.isra.0+0xb3/0x110\n debugfs_attr_write+0x42/0x60\n full_proxy_write+0x5b/0x80\n vfs_write+0xcd/0x550\n ksys_write+0x64/0xe0\n do_syscall_64+0xc2/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f189a514887\nRSP: 002b:00007ffdcd899718 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f189a514887\nRDX: 0000000000000009 RSI: 00007ffdcd899730 RDI: 0000000000000003\nRBP: 00007ffdcd8997a0 R08: 0000000000000000 R09: 00007ffdcd8994b2\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdcda199a8\nR13: 0000000000404af1 R14: 000000000040ad78 R15: 00007f189a7a5040\n \u003c/TASK\u003e\n\nThe root cause should be the below race:\n\n memory_failure\n try_memory_failure_hugetlb\n me_huge_page\n __page_handle_poison\n dissolve_free_hugetlb_folio\n drain_all_pages -- Buddy page can be isolated e.g. for compaction.\n take_page_off_buddy -- Failed as page is not in the buddy list.\n\t -- Page can be putback into buddy after compaction.\n page_ref_inc -- Leads to buddy page with refcnt \u003d 1.\n\nThen unpoison_memory() can unpoison the page and send the buddy page back\ninto buddy list again leading to the above bad page state warning. And\nbad_page() will call page_mapcount_reset() to remove PageBuddy from buddy\npage leading to later VM_BUG_ON_PAGE(!PageBuddy(page)) when trying to\nallocate this page.\n\nFix this issue by only treating __page_handle_poison() as successful when\nit returns 1.\n\nLink: https://lkml.kernel.org/r/20240523071217.1696196-1-linmiaohe@huawei.com\nFixes: ceaf8fbea79a (\"mm, hwpoison: skip raw hwpoison page in freeing 1GB hugepage\")\nSigned-off-by: Miaohe Lin \u003clinmiaohe@huawei.com\u003e\nCc: Naoya Horiguchi \u003cnao.horiguchi@gmail.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "6d065f507d82307d6161ac75c025111fb8b08a46", "tree": "339973c85e73a1a4e18de0b289050cff2414f7b6", "parents": [ "eb85dace897c5986bc2f36b3c783c6abb8a4292e" ], "author": { "name": "Yuanyuan Zhong", "email": "yzhong@purestorage.com", "time": "Thu May 23 12:35:31 2024 -0600" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:07 2024 -0700" }, "message": "mm: /proc/pid/smaps_rollup: avoid skipping vma after getting mmap_lock again\n\nAfter switching smaps_rollup to use VMA iterator, searching for next entry\nis part of the condition expression of the do-while loop. So the current\nVMA needs to be addressed before the continue statement.\n\nOtherwise, with some VMAs skipped, userspace observed memory\nconsumption from /proc/pid/smaps_rollup will be smaller than the sum of\nthe corresponding fields from /proc/pid/smaps.\n\nLink: https://lkml.kernel.org/r/20240523183531.2535436-1-yzhong@purestorage.com\nFixes: c4c84f06285e (\"fs/proc/task_mmu: stop using linked list and highest_vm_end\")\nSigned-off-by: Yuanyuan Zhong \u003cyzhong@purestorage.com\u003e\nReviewed-by: Mohamed Khalfella \u003cmkhalfella@purestorage.com\u003e\nCc: David Hildenbrand \u003cdavid@redhat.com\u003e\nCc: Matthew Wilcox (Oracle) \u003cwilly@infradead.org\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "eb85dace897c5986bc2f36b3c783c6abb8a4292e", "tree": "ee0841e7f11821005fb868c480e27cf65cfcba15", "parents": [ "936184eadd82906992ff1f5ab3aada70cce44cee" ], "author": { "name": "Ryusuke Konishi", "email": "konishi.ryusuke@gmail.com", "time": "Mon May 20 22:26:21 2024 +0900" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:07 2024 -0700" }, "message": "nilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --\u003e Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --\u003e Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy().\n\nLink: https://lkml.kernel.org/r/20240520132621.4054-4-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \u003ckonishi.ryusuke@gmail.com\u003e\nReported-by: syzbot+e3973c409251e136fdd0@syzkaller.appspotmail.com\nCloses: https://syzkaller.appspot.com/bug?extid\u003de3973c409251e136fdd0\nTested-by: Ryusuke Konishi \u003ckonishi.ryusuke@gmail.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nCc: \"Bai, Shuangpeng\" \u003csjb7183@psu.edu\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "936184eadd82906992ff1f5ab3aada70cce44cee", "tree": "02748c39abedbf3bd175370183b7525c658b310f", "parents": [ "f5d4e04634c9cf68bdf23de08ada0bb92e8befe7" ], "author": { "name": "Ryusuke Konishi", "email": "konishi.ryusuke@gmail.com", "time": "Mon May 20 22:26:20 2024 +0900" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:07 2024 -0700" }, "message": "nilfs2: fix unexpected freezing of nilfs_segctor_sync()\n\nA potential and reproducible race issue has been identified where\nnilfs_segctor_sync() would block even after the log writer thread writes a\ncheckpoint, unless there is an interrupt or other trigger to resume log\nwriting.\n\nThis turned out to be because, depending on the execution timing of the\nlog writer thread running in parallel, the log writer thread may skip\nresponding to nilfs_segctor_sync(), which causes a call to schedule()\nwaiting for completion within nilfs_segctor_sync() to lose the opportunity\nto wake up.\n\nThe reason why waking up the task waiting in nilfs_segctor_sync() may be\nskipped is that updating the request generation issued using a shared\nsequence counter and adding an wait queue entry to the request wait queue\nto the log writer, are not done atomically. There is a possibility that\nlog writing and request completion notification by nilfs_segctor_wakeup()\nmay occur between the two operations, and in that case, the wait queue\nentry is not yet visible to nilfs_segctor_wakeup() and the wake-up of\nnilfs_segctor_sync() will be carried over until the next request occurs.\n\nFix this issue by performing these two operations simultaneously within\nthe lock section of sc_state_lock. Also, following the memory barrier\nguidelines for event waiting loops, move the call to set_current_state()\nin the same location into the event waiting loop to ensure that a memory\nbarrier is inserted just before the event condition determination.\n\nLink: https://lkml.kernel.org/r/20240520132621.4054-3-konishi.ryusuke@gmail.com\nFixes: 9ff05123e3bf (\"nilfs2: segment constructor\")\nSigned-off-by: Ryusuke Konishi \u003ckonishi.ryusuke@gmail.com\u003e\nTested-by: Ryusuke Konishi \u003ckonishi.ryusuke@gmail.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nCc: \"Bai, Shuangpeng\" \u003csjb7183@psu.edu\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "f5d4e04634c9cf68bdf23de08ada0bb92e8befe7", "tree": "7446db1845c4d4d35dd04fda7f0f60dd47d118cf", "parents": [ "1901472fa880e5706f90926cd85a268d2d16bf84" ], "author": { "name": "Ryusuke Konishi", "email": "konishi.ryusuke@gmail.com", "time": "Mon May 20 22:26:19 2024 +0900" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:07 2024 -0700" }, "message": "nilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread\u0027s lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive.\n\nLink: https://lkml.kernel.org/r/20240520132621.4054-1-konishi.ryusuke@gmail.com\nLink: https://lkml.kernel.org/r/20240520132621.4054-2-konishi.ryusuke@gmail.com\nFixes: fdce895ea5dd (\"nilfs2: change sc_timer from a pointer to an embedded one in struct nilfs_sc_info\")\nSigned-off-by: Ryusuke Konishi \u003ckonishi.ryusuke@gmail.com\u003e\nReported-by: \"Bai, Shuangpeng\" \u003csjb7183@psu.edu\u003e\nCloses: https://groups.google.com/g/syzkaller/c/MK_LYqtt8ko/m/8rgdWeseAwAJ\nTested-by: Ryusuke Konishi \u003ckonishi.ryusuke@gmail.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "1901472fa880e5706f90926cd85a268d2d16bf84", "tree": "c1ed6fe2cd5548b7d448a38201041377c8c79014", "parents": [ "b1480ed230acf4f7f069a7f5e3ddda62bbf4ba97" ], "author": { "name": "Michael Ellerman", "email": "mpe@ellerman.id.au", "time": "Tue May 21 13:02:19 2024 +1000" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:06 2024 -0700" }, "message": "selftests/mm: fix build warnings on ppc64\n\nFix warnings like:\n\n In file included from uffd-unit-tests.c:8:\n uffd-unit-tests.c: In function `uffd_poison_handle_fault\u0027:\n uffd-common.h:45:33: warning: format `%llu\u0027 expects argument of type\n `long long unsigned int\u0027, but argument 3 has type `__u64\u0027 {aka `long\n unsigned int\u0027} [-Wformat\u003d]\n\nBy switching to unsigned long long for u64 for ppc64 builds.\n\nLink: https://lkml.kernel.org/r/20240521030219.57439-1-mpe@ellerman.id.au\nSigned-off-by: Michael Ellerman \u003cmpe@ellerman.id.au\u003e\nCc: Shuah Khan \u003cskhan@linuxfoundation.org\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "b1480ed230acf4f7f069a7f5e3ddda62bbf4ba97", "tree": "d22c6852ba72b8f10f1de5015f98a78eb8fa3315", "parents": [ "fb9293b6b0156fbf6ab97a1625d99a29c36d9f0c" ], "author": { "name": "Will Deacon", "email": "will@kernel.org", "time": "Wed May 22 00:38:13 2024 +0300" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:06 2024 -0700" }, "message": "arm64: patching: fix handling of execmem addresses\n\nKlara Modin reported warnings for a kernel configured with BPF_JIT but\nwithout MODULES:\n\n[ 44.131296] Trying to vfree() bad address (000000004a17c299)\n[ 44.138024] WARNING: CPU: 1 PID: 193 at mm/vmalloc.c:3189 remove_vm_area (mm/vmalloc.c:3189 (discriminator 1))\n[ 44.146675] CPU: 1 PID: 193 Comm: kworker/1:2 Tainted: G D W 6.9.0-01786-g2c9e5d4a0082 #25\n[ 44.158229] Hardware name: Raspberry Pi 3 Model B (DT)\n[ 44.164433] Workqueue: events bpf_prog_free_deferred\n[ 44.170492] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE\u003d--)\n[ 44.178601] pc : remove_vm_area (mm/vmalloc.c:3189 (discriminator 1))\n[ 44.183705] lr : remove_vm_area (mm/vmalloc.c:3189 (discriminator 1))\n[ 44.188772] sp : ffff800082a13c70\n[ 44.193112] x29: ffff800082a13c70 x28: 0000000000000000 x27: 0000000000000000\n[ 44.201384] x26: 0000000000000000 x25: ffff00003a44efa0 x24: 00000000d4202000\n[ 44.209658] x23: ffff800081223dd0 x22: ffff00003a198a40 x21: ffff8000814dd880\n[ 44.217924] x20: 00000000d4202000 x19: ffff8000814dd880 x18: 0000000000000006\n[ 44.226206] x17: 0000000000000000 x16: 0000000000000020 x15: 0000000000000002\n[ 44.234460] x14: ffff8000811a6370 x13: 0000000020000000 x12: 0000000000000000\n[ 44.242710] x11: ffff8000811a6370 x10: 0000000000000144 x9 : ffff8000811fe370\n[ 44.250959] x8 : 0000000000017fe8 x7 : 00000000fffff000 x6 : ffff8000811fe370\n[ 44.259206] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[ 44.267457] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000002203240\n[ 44.275703] Call trace:\n[ 44.279158] remove_vm_area (mm/vmalloc.c:3189 (discriminator 1))\n[ 44.283858] vfree (mm/vmalloc.c:3322)\n[ 44.287835] execmem_free (mm/execmem.c:70)\n[ 44.292347] bpf_jit_free_exec+0x10/0x1c\n[ 44.297283] bpf_prog_pack_free (kernel/bpf/core.c:1006)\n[ 44.302457] bpf_jit_binary_pack_free (kernel/bpf/core.c:1195)\n[ 44.307951] bpf_jit_free (include/linux/filter.h:1083 arch/arm64/net/bpf_jit_comp.c:2474)\n[ 44.312342] bpf_prog_free_deferred (kernel/bpf/core.c:2785)\n[ 44.317785] process_one_work (kernel/workqueue.c:3273)\n[ 44.322684] worker_thread (kernel/workqueue.c:3342 (discriminator 2) kernel/workqueue.c:3429 (discriminator 2))\n[ 44.327292] kthread (kernel/kthread.c:388)\n[ 44.331342] ret_from_fork (arch/arm64/kernel/entry.S:861)\n\nThe problem is because bpf_arch_text_copy() silently fails to write to the\nread-only area as a result of patch_map() faulting and the resulting\n-EFAULT being chucked away.\n\nUpdate patch_map() to use CONFIG_EXECMEM instead of\nCONFIG_STRICT_MODULE_RWX to check for vmalloc addresses.\n\nLink: https://lkml.kernel.org/r/20240521213813.703309-1-rppt@kernel.org\nFixes: 2c9e5d4a0082 (\"bpf: remove CONFIG_BPF_JIT dependency on CONFIG_MODULES of\")\nSigned-off-by: Will Deacon \u003cwill@kernel.org\u003e\nSigned-off-by: Mike Rapoport (IBM) \u003crppt@kernel.org\u003e\nReported-by: Klara Modin \u003cklarasmodin@gmail.com\u003e\nCloses: https://lore.kernel.org/all/7983fbbf-0127-457c-9394-8d6e4299c685@gmail.com\nTested-by: Klara Modin \u003cklarasmodin@gmail.com\u003e\nCc: Björn Töpel \u003cbjorn@kernel.org\u003e\nCc: Luis Chamberlain \u003cmcgrof@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "fb9293b6b0156fbf6ab97a1625d99a29c36d9f0c", "tree": "35985ca33b5da56db6dfe76ca88f1b8cab6b34fd", "parents": [ "9ad665ef55eaad1ead1406a58a34f615a7c18b5e" ], "author": { "name": "Dev Jain", "email": "dev.jain@arm.com", "time": "Tue May 21 13:13:58 2024 +0530" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:06 2024 -0700" }, "message": "selftests/mm: compaction_test: fix bogus test success and reduce probability of OOM-killer invocation\n\nReset nr_hugepages to zero before the start of the test.\n\nIf a non-zero number of hugepages is already set before the start of the\ntest, the following problems arise:\n\n - The probability of the test getting OOM-killed increases. Proof:\n The test wants to run on 80% of available memory to prevent OOM-killing\n (see original code comments). Let the value of mem_free at the start\n of the test, when nr_hugepages \u003d 0, be x. In the other case, when\n nr_hugepages \u003e 0, let the memory consumed by hugepages be y. In the\n former case, the test operates on 0.8 * x of memory. In the latter,\n the test operates on 0.8 * (x - y) of memory, with y already filled,\n hence, memory consumed is y + 0.8 * (x - y) \u003d 0.8 * x + 0.2 * y \u003e 0.8 *\n x. Q.E.D\n\n - The probability of a bogus test success increases. Proof: Let the\n memory consumed by hugepages be greater than 25% of x, with x and y\n defined as above. The definition of compaction_index is c_index \u003d (x -\n y)/z where z is the memory consumed by hugepages after trying to\n increase them again. In check_compaction(), we set the number of\n hugepages to zero, and then increase them back; the probability that\n they will be set back to consume at least y amount of memory again is\n very high (since there is not much delay between the two attempts of\n changing nr_hugepages). Hence, z \u003e\u003d y \u003e (x/4) (by the 25% assumption).\n Therefore, c_index \u003d (x - y)/z \u003c\u003d (x - y)/y \u003d x/y - 1 \u003c 4 - 1 \u003d 3\n hence, c_index can always be forced to be less than 3, thereby the test\n succeeding always. Q.E.D\n\nLink: https://lkml.kernel.org/r/20240521074358.675031-4-dev.jain@arm.com\nFixes: bd67d5c15cc1 (\"Test compaction of mlocked memory\")\nSigned-off-by: Dev Jain \u003cdev.jain@arm.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nCc: Anshuman Khandual \u003canshuman.khandual@arm.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nCc: Sri Jayaramappa \u003csjayaram@akamai.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "9ad665ef55eaad1ead1406a58a34f615a7c18b5e", "tree": "ac8a2ffa2b24a1380a6cf8ad6a11be85d38f4da1", "parents": [ "d4202e66a4b1fe6968f17f9f09bbc30d08f028a1" ], "author": { "name": "Dev Jain", "email": "dev.jain@arm.com", "time": "Tue May 21 13:13:57 2024 +0530" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:06 2024 -0700" }, "message": "selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages\n\nCurrently, the test tries to set nr_hugepages to zero, but that is not\nactually done because the file offset is not reset after read(). Fix that\nusing lseek().\n\nLink: https://lkml.kernel.org/r/20240521074358.675031-3-dev.jain@arm.com\nFixes: bd67d5c15cc1 (\"Test compaction of mlocked memory\")\nSigned-off-by: Dev Jain \u003cdev.jain@arm.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nCc: Anshuman Khandual \u003canshuman.khandual@arm.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nCc: Sri Jayaramappa \u003csjayaram@akamai.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "d4202e66a4b1fe6968f17f9f09bbc30d08f028a1", "tree": "b6aa0add193746f26ff075e7a15e3a2e3dd6a53c", "parents": [ "c17d39f5659bd44f6c2cb92f691e15eed52fa1f1" ], "author": { "name": "Dev Jain", "email": "dev.jain@arm.com", "time": "Tue May 21 13:13:56 2024 +0530" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:05 2024 -0700" }, "message": "selftests/mm: compaction_test: fix bogus test success on Aarch64\n\nPatch series \"Fixes for compaction_test\", v2.\n\nThe compaction_test memory selftest introduces fragmentation in memory\nand then tries to allocate as many hugepages as possible. This series\naddresses some problems.\n\nOn Aarch64, if nr_hugepages \u003d\u003d 0, then the test trivially succeeds since\ncompaction_index becomes 0, which is less than 3, due to no division by\nzero exception being raised. We fix that by checking for division by\nzero.\n\nSecondly, correctly set the number of hugepages to zero before trying\nto set a large number of them.\n\nNow, consider a situation in which, at the start of the test, a non-zero\nnumber of hugepages have been already set (while running the entire\nselftests/mm suite, or manually by the admin). The test operates on 80%\nof memory to avoid OOM-killer invocation, and because some memory is\nalready blocked by hugepages, it would increase the chance of OOM-killing.\nAlso, since mem_free used in check_compaction() is the value before we\nset nr_hugepages to zero, the chance that the compaction_index will\nbe small is very high if the preset nr_hugepages was high, leading to a\nbogus test success.\n\n\nThis patch (of 3):\n\nCurrently, if at runtime we are not able to allocate a huge page, the test\nwill trivially pass on Aarch64 due to no exception being raised on\ndivision by zero while computing compaction_index. Fix that by checking\nfor nr_hugepages \u003d\u003d 0. Anyways, in general, avoid a division by zero by\nexiting the program beforehand. While at it, fix a typo, and handle the\ncase where the number of hugepages may overflow an integer.\n\nLink: https://lkml.kernel.org/r/20240521074358.675031-1-dev.jain@arm.com\nLink: https://lkml.kernel.org/r/20240521074358.675031-2-dev.jain@arm.com\nFixes: bd67d5c15cc1 (\"Test compaction of mlocked memory\")\nSigned-off-by: Dev Jain \u003cdev.jain@arm.com\u003e\nCc: Anshuman Khandual \u003canshuman.khandual@arm.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nCc: Sri Jayaramappa \u003csjayaram@akamai.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "c17d39f5659bd44f6c2cb92f691e15eed52fa1f1", "tree": "83bc480d33cb5d9e7247c2d0c68a6cd06c1832dc", "parents": [ "fe6f86f4b40855a130a19aa589f9ba7f650423f4" ], "author": { "name": "Satya Priya Kakitapalli", "email": "quic_skakitap@quicinc.com", "time": "Wed May 15 11:34:50 2024 +0530" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:05 2024 -0700" }, "message": "mailmap: update email address for Satya Priya\n\nUpdate mailmap with my latest email ID, quic_c_skakit@quicinc.com\nis no longer active.\n\nLink: https://lkml.kernel.org/r/20240515-mailmap-update-v1-1-df4853f757a3@quicinc.com\nSigned-off-by: Satya Priya Kakitapalli \u003cquic_skakitap@quicinc.com\u003e\nCc: Ajit Pandey \u003cquic_ajipan@quicinc.com\u003e\nCc: Bjorn Andersson \u003candersson@kernel.org\u003e\nCc: Imran Shaik \u003cquic_imrashai@quicinc.com\u003e\nCc: Jagadeesh Kona \u003cquic_jkona@quicinc.com\u003e\nCc: Konrad Dybcio \u003ckonrad.dybcio@linaro.org\u003e\nCc: Taniya Das \u003cquic_tdas@quicinc.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "fe6f86f4b40855a130a19aa589f9ba7f650423f4", "tree": "ca6bec0feb26ac8e7c9f4722868465b86d029bf9", "parents": [ "2e577732e8d28b9183df701fb90cb7943aa4ed16" ], "author": { "name": "Miaohe Lin", "email": "linmiaohe@huawei.com", "time": "Thu May 16 20:26:08 2024 +0800" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:05 2024 -0700" }, "message": "mm/huge_memory: don\u0027t unpoison huge_zero_folio\n\nWhen I did memory failure tests recently, below panic occurs:\n\n kernel BUG at include/linux/mm.h:1135!\n invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 9 PID: 137 Comm: kswapd1 Not tainted 6.9.0-rc4-00491-gd5ce28f156fe-dirty #14\n RIP: 0010:shrink_huge_zero_page_scan+0x168/0x1a0\n RSP: 0018:ffff9933c6c57bd0 EFLAGS: 00000246\n RAX: 000000000000003e RBX: 0000000000000000 RCX: ffff88f61fc5c9c8\n RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff88f61fc5c9c0\n RBP: ffffcd7c446b0000 R08: ffffffff9a9405f0 R09: 0000000000005492\n R10: 00000000000030ea R11: ffffffff9a9405f0 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ffff88e703c4ac00\n FS: 0000000000000000(0000) GS:ffff88f61fc40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055f4da6e9878 CR3: 0000000c71048000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n do_shrink_slab+0x14f/0x6a0\n shrink_slab+0xca/0x8c0\n shrink_node+0x2d0/0x7d0\n balance_pgdat+0x33a/0x720\n kswapd+0x1f3/0x410\n kthread+0xd5/0x100\n ret_from_fork+0x2f/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n Modules linked in: mce_inject hwpoison_inject\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:shrink_huge_zero_page_scan+0x168/0x1a0\n RSP: 0018:ffff9933c6c57bd0 EFLAGS: 00000246\n RAX: 000000000000003e RBX: 0000000000000000 RCX: ffff88f61fc5c9c8\n RDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff88f61fc5c9c0\n RBP: ffffcd7c446b0000 R08: ffffffff9a9405f0 R09: 0000000000005492\n R10: 00000000000030ea R11: ffffffff9a9405f0 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ffff88e703c4ac00\n FS: 0000000000000000(0000) GS:ffff88f61fc40000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055f4da6e9878 CR3: 0000000c71048000 CR4: 00000000000006f0\n\nThe root cause is that HWPoison flag will be set for huge_zero_folio\nwithout increasing the folio refcnt. But then unpoison_memory() will\ndecrease the folio refcnt unexpectedly as it appears like a successfully\nhwpoisoned folio leading to VM_BUG_ON_PAGE(page_ref_count(page) \u003d\u003d 0) when\nreleasing huge_zero_folio.\n\nSkip unpoisoning huge_zero_folio in unpoison_memory() to fix this issue. \nWe\u0027re not prepared to unpoison huge_zero_folio yet.\n\nLink: https://lkml.kernel.org/r/20240516122608.22610-1-linmiaohe@huawei.com\nFixes: 478d134e9506 (\"mm/huge_memory: do not overkill when splitting huge_zero_page\")\nSigned-off-by: Miaohe Lin \u003clinmiaohe@huawei.com\u003e\nAcked-by: David Hildenbrand \u003cdavid@redhat.com\u003e\nReviewed-by: Yang Shi \u003cshy828301@gmail.com\u003e\nReviewed-by: Oscar Salvador \u003cosalvador@suse.de\u003e\nReviewed-by: Anshuman Khandual \u003canshuman.khandual@arm.com\u003e\nCc: Naoya Horiguchi \u003cnao.horiguchi@gmail.com\u003e\nCc: Xu Yu \u003cxuyu@linux.alibaba.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "2e577732e8d28b9183df701fb90cb7943aa4ed16", "tree": "e855eed2c131e87fa121a0f810137fb28b6bb994", "parents": [ "a38568a0b46d4a0dbe48f4642cbe2f885c525643" ], "author": { "name": "Andrey Konovalov", "email": "andreyknvl@gmail.com", "time": "Fri May 17 15:01:18 2024 +0200" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:05 2024 -0700" }, "message": "kasan, fortify: properly rename memintrinsics\n\nAfter commit 69d4c0d32186 (\"entry, kasan, x86: Disallow overriding mem*()\nfunctions\") and the follow-up fixes, with CONFIG_FORTIFY_SOURCE enabled,\neven though the compiler instruments meminstrinsics by generating calls to\n__asan/__hwasan_ prefixed functions, FORTIFY_SOURCE still uses\nuninstrumented memset/memmove/memcpy as the underlying functions.\n\nAs a result, KASAN cannot detect bad accesses in memset/memmove/memcpy. \nThis also makes KASAN tests corrupt kernel memory and cause crashes.\n\nTo fix this, use __asan_/__hwasan_memset/memmove/memcpy as the underlying\nfunctions whenever appropriate. Do this only for the instrumented code\n(as indicated by __SANITIZE_ADDRESS__).\n\nLink: https://lkml.kernel.org/r/20240517130118.759301-1-andrey.konovalov@linux.dev\nFixes: 69d4c0d32186 (\"entry, kasan, x86: Disallow overriding mem*() functions\")\nFixes: 51287dcb00cc (\"kasan: emit different calls for instrumentable memintrinsics\")\nFixes: 36be5cba99f6 (\"kasan: treat meminstrinsic as builtins in uninstrumented files\")\nSigned-off-by: Andrey Konovalov \u003candreyknvl@gmail.com\u003e\nReported-by: Erhard Furtner \u003cerhard_f@mailbox.org\u003e\nReported-by: Nico Pache \u003cnpache@redhat.com\u003e\nCloses: https://lore.kernel.org/all/20240501144156.17e65021@outsider.home/\nReviewed-by: Marco Elver \u003celver@google.com\u003e\nTested-by: Nico Pache \u003cnpache@redhat.com\u003e\nAcked-by: Nico Pache \u003cnpache@redhat.com\u003e\nCc: Alexander Potapenko \u003cglider@google.com\u003e\nCc: Andrey Ryabinin \u003cryabinin.a.a@gmail.com\u003e\nCc: Daniel Axtens \u003cdja@axtens.net\u003e\nCc: Dmitry Vyukov \u003cdvyukov@google.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "a38568a0b46d4a0dbe48f4642cbe2f885c525643", "tree": "ecd4ec26b30303f4d729ac9371f7178588946e2e", "parents": [ "8e0545c83d672750632f46e3f9ad95c48c91a0fc" ], "author": { "name": "Suren Baghdasaryan", "email": "surenb@google.com", "time": "Tue May 14 09:31:28 2024 -0700" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:05 2024 -0700" }, "message": "lib: add version into /proc/allocinfo output\n\nAdd version string and a header at the beginning of /proc/allocinfo to\nallow later format changes. Example output:\n\n\u003e head /proc/allocinfo\nallocinfo - version: 1.0\n# \u003csize\u003e \u003ccalls\u003e \u003ctag info\u003e\n 0 0 init/main.c:1314 func:do_initcalls\n 0 0 init/do_mounts.c:353 func:mount_nodev_root\n 0 0 init/do_mounts.c:187 func:mount_root_generic\n 0 0 init/do_mounts.c:158 func:do_mount_root\n 0 0 init/initramfs.c:493 func:unpack_to_rootfs\n 0 0 init/initramfs.c:492 func:unpack_to_rootfs\n 0 0 init/initramfs.c:491 func:unpack_to_rootfs\n 512 1 arch/x86/events/rapl.c:681 func:init_rapl_pmus\n 128 1 arch/x86/events/rapl.c:571 func:rapl_cpu_online\n\n[akpm@linux-foundation.org: remove stray newline from struct allocinfo_private]\nLink: https://lkml.kernel.org/r/20240514163128.3662251-1-surenb@google.com\nSigned-off-by: Suren Baghdasaryan \u003csurenb@google.com\u003e\nReviewed-by: Pasha Tatashin \u003cpasha.tatashin@soleen.com\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nCc: Kent Overstreet \u003ckent.overstreet@linux.dev\u003e\nCc: Vlastimil Babka \u003cvbabka@suse.cz\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "8e0545c83d672750632f46e3f9ad95c48c91a0fc", "tree": "72aa559c42fd6567af8d62048f997c3cbe3368dc", "parents": [ "c760b3725e52403dc1b28644fb09c47a83cacea6" ], "author": { "name": "Hailong.Liu", "email": "hailong.liu@oppo.com", "time": "Fri May 10 18:01:31 2024 +0800" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Fri May 24 11:55:04 2024 -0700" }, "message": "mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL\n\ncommit a421ef303008 (\"mm: allow !GFP_KERNEL allocations for kvmalloc\")\nincludes support for __GFP_NOFAIL, but it presents a conflict with commit\ndd544141b9eb (\"vmalloc: back off when the current task is OOM-killed\"). A\npossible scenario is as follows:\n\nprocess-a\n__vmalloc_node_range(GFP_KERNEL | __GFP_NOFAIL)\n __vmalloc_area_node()\n vm_area_alloc_pages()\n\t\t--\u003e oom-killer send SIGKILL to process-a\n if (fatal_signal_pending(current)) break;\n--\u003e return NULL;\n\nTo fix this, do not check fatal_signal_pending() in vm_area_alloc_pages()\nif __GFP_NOFAIL set.\n\nThis issue occurred during OPLUS KASAN TEST. Below is part of the log\n-\u003e oom-killer sends signal to process\n[65731.222840] [ T1308] oom-kill:constraint\u003dCONSTRAINT_NONE,nodemask\u003d(null),cpuset\u003d/,mems_allowed\u003d0,global_oom,task_memcg\u003d/apps/uid_10198,task\u003dgs.intelligence,pid\u003d32454,uid\u003d10198\n\n[65731.259685] [T32454] Call trace:\n[65731.259698] [T32454] dump_backtrace+0xf4/0x118\n[65731.259734] [T32454] show_stack+0x18/0x24\n[65731.259756] [T32454] dump_stack_lvl+0x60/0x7c\n[65731.259781] [T32454] dump_stack+0x18/0x38\n[65731.259800] [T32454] mrdump_common_die+0x250/0x39c [mrdump]\n[65731.259936] [T32454] ipanic_die+0x20/0x34 [mrdump]\n[65731.260019] [T32454] atomic_notifier_call_chain+0xb4/0xfc\n[65731.260047] [T32454] notify_die+0x114/0x198\n[65731.260073] [T32454] die+0xf4/0x5b4\n[65731.260098] [T32454] die_kernel_fault+0x80/0x98\n[65731.260124] [T32454] __do_kernel_fault+0x160/0x2a8\n[65731.260146] [T32454] do_bad_area+0x68/0x148\n[65731.260174] [T32454] do_mem_abort+0x151c/0x1b34\n[65731.260204] [T32454] el1_abort+0x3c/0x5c\n[65731.260227] [T32454] el1h_64_sync_handler+0x54/0x90\n[65731.260248] [T32454] el1h_64_sync+0x68/0x6c\n\n[65731.260269] [T32454] z_erofs_decompress_queue+0x7f0/0x2258\n--\u003e be-\u003edecompressed_pages \u003d kvcalloc(be-\u003enr_pages, sizeof(struct page *), GFP_KERNEL | __GFP_NOFAIL);\n\tkernel panic by NULL pointer dereference.\n\terofs assume kvmalloc with __GFP_NOFAIL never return NULL.\n[65731.260293] [T32454] z_erofs_runqueue+0xf30/0x104c\n[65731.260314] [T32454] z_erofs_readahead+0x4f0/0x968\n[65731.260339] [T32454] read_pages+0x170/0xadc\n[65731.260364] [T32454] page_cache_ra_unbounded+0x874/0xf30\n[65731.260388] [T32454] page_cache_ra_order+0x24c/0x714\n[65731.260411] [T32454] filemap_fault+0xbf0/0x1a74\n[65731.260437] [T32454] __do_fault+0xd0/0x33c\n[65731.260462] [T32454] handle_mm_fault+0xf74/0x3fe0\n[65731.260486] [T32454] do_mem_abort+0x54c/0x1b34\n[65731.260509] [T32454] el0_da+0x44/0x94\n[65731.260531] [T32454] el0t_64_sync_handler+0x98/0xb4\n[65731.260553] [T32454] el0t_64_sync+0x198/0x19c\n\nLink: https://lkml.kernel.org/r/20240510100131.1865-1-hailong.liu@oppo.com\nFixes: 9376130c390a (\"mm/vmalloc: add support for __GFP_NOFAIL\")\nSigned-off-by: Hailong.Liu \u003chailong.liu@oppo.com\u003e\nAcked-by: Michal Hocko \u003cmhocko@suse.com\u003e\nSuggested-by: Barry Song \u003c21cnbao@gmail.com\u003e\nReported-by: Oven \u003cliyangouwen1@oppo.com\u003e\nReviewed-by: Barry Song \u003cbaohua@kernel.org\u003e\nReviewed-by: Uladzislau Rezki (Sony) \u003curezki@gmail.com\u003e\nCc: Chao Yu \u003cchao@kernel.org\u003e\nCc: Christoph Hellwig \u003chch@infradead.org\u003e\nCc: Gao Xiang \u003cxiang@kernel.org\u003e\nCc: Lorenzo Stoakes \u003clstoakes@gmail.com\u003e\nCc: Michal Hocko \u003cmhocko@suse.com\u003e\nCc: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "f1f9984fdc5e37303d7180ff7a85dfecb8e57e85", "tree": "d896472c0da39a007b1ba7ce44ff1604af20c9d8", "parents": [ "9351f138d1dcbe504cd829abe590ba7f3387f09c", "6ca445d8af0ed5950ebf899415fd6bfcd7d9d7a3" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 10:46:35 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 10:46:35 2024 -0700" }, "message": "Merge tag \u0027riscv-for-linus-6.10-mw2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux\n\nPull more RISC-V updates from Palmer Dabbelt:\n\n - The compression format used for boot images is now configurable at\n build time, and these formats are shown in `make help`\n\n - access_ok() has been optimized\n\n - A pair of performance bugs have been fixed in the uaccess handlers\n\n - Various fixes and cleanups, including one for the IMSIC build failure\n and one for the early-boot ftrace illegal NOPs bug\n\n* tag \u0027riscv-for-linus-6.10-mw2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux:\n riscv: Fix early ftrace nop patching\n irqchip: riscv-imsic: Fixup riscv_ipi_set_virq_range() conflict\n riscv: selftests: Add signal handling vector tests\n riscv: mm: accelerate pagefault when badaccess\n riscv: uaccess: Relax the threshold for fast path\n riscv: uaccess: Allow the last potential unrolled copy\n riscv: typo in comment for get_f64_reg\n Use bool value in set_cpu_online()\n riscv: selftests: Add hwprobe binaries to .gitignore\n riscv: stacktrace: fixed walk_stackframe()\n ftrace: riscv: move from REGS to ARGS\n riscv: do not select MODULE_SECTIONS by default\n riscv: show help string for riscv-specific targets\n riscv: make image compression configurable\n riscv: cpufeature: Fix extension subset checking\n riscv: cpufeature: Fix thead vector hwcap removal\n riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context\n riscv: force PAGE_SIZE linear mapping if debug_pagealloc is enabled\n riscv: Define TASK_SIZE_MAX for __access_ok()\n riscv: Remove PGDIR_SIZE_L3 and TASK_SIZE_MIN\n" }, { "commit": "9351f138d1dcbe504cd829abe590ba7f3387f09c", "tree": "5b55a5ba42c0ba2d75c173452d7567c8093eb098", "parents": [ "02c438bbfffeabf8c958108f9cf88cdb1a11a323", "a3607581cd49c17128a486a526a36a97bafcb2bb" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 10:24:49 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 10:24:49 2024 -0700" }, "message": "Merge tag \u0027for-linus-6.10a-rc1-tag\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip\n\nPull xen updates from Juergen Gross:\n\n - a small cleanup in the drivers/xen/xenbus Makefile\n\n - a fix of the Xen xenstore driver to improve connecting to a late\n started Xenstore\n\n - an enhancement for better support of ballooning in PVH guests\n\n - a cleanup using try_cmpxchg() instead of open coding it\n\n* tag \u0027for-linus-6.10a-rc1-tag\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:\n drivers/xen: Improve the late XenStore init protocol\n xen/xenbus: Use *-y instead of *-objs in Makefile\n xen/x86: add extra pages to unpopulated-alloc if available\n locking/x86/xen: Use try_cmpxchg() in xen_alloc_p2m_entry()\n" }, { "commit": "02c438bbfffeabf8c958108f9cf88cdb1a11a323", "tree": "5d92f520ad99e88e8ec748c0c50fb2d79a611e14", "parents": [ "dcb9f48667824399e496113f2374d08e6aa59770", "440861b1a03c72cc7be4a307e178dcaa6894479b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:40:31 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:40:31 2024 -0700" }, "message": "Merge tag \u0027for-6.10-tag\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux\n\nPull more btrfs updates from David Sterba:\n \"A few more updates, mostly stability fixes or user visible changes:\n\n - fix race in zoned mode during device replace that can lead to\n use-after-free\n\n - update return codes and lower message levels for quota rescan where\n it\u0027s causing false alerts\n\n - fix unexpected qgroup id reuse under some conditions\n\n - fix condition when looking up extent refs\n\n - add option norecovery (removed in 6.8), the intended replacements\n haven\u0027t been used and some aplications still rely on the old one\n\n - build warning fixes\"\n\n* tag \u0027for-6.10-tag\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:\n btrfs: re-introduce \u0027norecovery\u0027 mount option\n btrfs: fix end of tree detection when searching for data extent ref\n btrfs: scrub: initialize ret in scrub_simple_mirror() to fix compilation warning\n btrfs: zoned: fix use-after-free due to race with dev replace\n btrfs: qgroup: fix qgroup id collision across mounts\n btrfs: qgroup: update rescan message levels and error codes\n" }, { "commit": "dcb9f48667824399e496113f2374d08e6aa59770", "tree": "e7b98883d159decd20d6786abf53dd23e4362166", "parents": [ "c40b1994b9ffb45e19e6d83b7655d7b9db0174c3", "80eb4f62056d6ae709bdd0636ab96ce660f494b2" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:31:50 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:31:50 2024 -0700" }, "message": "Merge tag \u0027erofs-for-6.10-rc1-2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs\n\nPull more erofs updates from Gao Xiang:\n \"The main ones are metadata API conversion to byte offsets by Al Viro.\n\n Another patch gets rid of unnecessary memory allocation out of DEFLATE\n decompressor. The remaining one is a trivial cleanup.\n\n - Convert metadata APIs to byte offsets\n\n - Avoid allocating DEFLATE streams unnecessarily\n\n - Some erofs_show_options() cleanup\"\n\n* tag \u0027erofs-for-6.10-rc1-2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs:\n erofs: avoid allocating DEFLATE streams before mounting\n z_erofs_pcluster_begin(): don\u0027t bother with rounding position down\n erofs: don\u0027t round offset down for erofs_read_metabuf()\n erofs: don\u0027t align offset for erofs_read_metabuf() (simple cases)\n erofs: mechanically convert erofs_read_metabuf() to offsets\n erofs: clean up erofs_show_options()\n" }, { "commit": "c40b1994b9ffb45e19e6d83b7655d7b9db0174c3", "tree": "5c5d425d0eebbc9949b62746938e373309fa368e", "parents": [ "9ea370f3416ecc4b22d49b24e2c7fdc9c9ba3a0e", "d93ff5fa40b9db5f505d508336bc171f54db862e" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:07:22 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:07:22 2024 -0700" }, "message": "Merge tag \u0027bcachefs-2024-05-24\u0027 of https://evilpiepirate.org/git/bcachefs\n\nPull bcachefs fixes from Kent Overstreet:\n \"Nothing exciting, just syzbot fixes (except for the one\n FMODE_CAN_ODIRECT patch).\n\n Looks like syzbot reports have slowed down; this is all catch up from\n two weeks of conferences.\n\n Next hardening project is using Thomas\u0027s error injection tooling to\n torture test repair\"\n\n* tag \u0027bcachefs-2024-05-24\u0027 of https://evilpiepirate.org/git/bcachefs:\n bcachefs: Fix race path in bch2_inode_insert()\n bcachefs: Ensure we\u0027re RW before journalling\n bcachefs: Fix shutdown ordering\n bcachefs: Fix unsafety in bch2_dirent_name_bytes()\n bcachefs: Fix stack oob in __bch2_encrypt_bio()\n bcachefs: Fix btree_trans leak in bch2_readahead()\n bcachefs: Fix bogus verify_replicas_entry() assert\n bcachefs: Check for subvolues with bogus snapshot/inode fields\n bcachefs: bch2_checksum() returns 0 for unknown checksum type\n bcachefs: Fix bch2_alloc_ciphers()\n bcachefs: Add missing guard in bch2_snapshot_has_children()\n bcachefs: Fix missing parens in drop_locks_do()\n bcachefs: Improve bch2_assert_pos_locked()\n bcachefs: Fix shift overflows in replicas.c\n bcachefs: Fix shift overflow in btree_lost_data()\n bcachefs: Fix ref in trans_mark_dev_sbs() error path\n bcachefs: set FMODE_CAN_ODIRECT instead of a dummy direct_IO method\n bcachefs: Fix rcu splat in check_fix_ptrs()\n" }, { "commit": "9ea370f3416ecc4b22d49b24e2c7fdc9c9ba3a0e", "tree": "e2de50544a54522d17787d6d95b01d25cb6a2dfa", "parents": [ "041c9f71a47b8b98f6bdbbf4c0312f9782ca9a70", "2ec0028a1cadfb88d912435c1eb1ac5de76071f0" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:01:21 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 09:01:21 2024 -0700" }, "message": "Merge tag \u0027input-for-v6.10-rc0\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input\n\nPull input updates from Dmitry Torokhov:\n\n - a change to input core to trim amount of keys data in modalias string\n in case when a device declares too many keys and they do not fit in\n uevent buffer instead of reporting an error which results in uevent\n not being generated at all\n\n - support for Machenike G5 Pro Controller added to xpad driver\n\n - support for FocalTech FT5452 and FT8719 added to edt-ft5x06\n\n - support for new SPMI vibrator added to pm8xxx-vibrator driver\n\n - missing locking added to cyapa touchpad driver\n\n - removal of unused fields in various driver structures\n\n - explicit initialization of i2c_device_id::driver_data to 0 dropped\n from input drivers\n\n - other assorted fixes and cleanups.\n\n* tag \u0027input-for-v6.10-rc0\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input: (24 commits)\n Input: edt-ft5x06 - add support for FocalTech FT5452 and FT8719\n dt-bindings: input: touchscreen: edt-ft5x06: Document FT5452 and FT8719 support\n Input: xpad - add support for Machenike G5 Pro Controller\n Input: try trimming too long modalias strings\n Input: drop explicit initialization of struct i2c_device_id::driver_data to 0\n Input: zet6223 - remove an unused field in struct zet6223_ts\n Input: chipone_icn8505 - remove an unused field in struct icn8505_data\n Input: cros_ec_keyb - remove an unused field in struct cros_ec_keyb\n Input: lpc32xx-keys - remove an unused field in struct lpc32xx_kscan_drv\n Input: matrix_keypad - remove an unused field in struct matrix_keypad\n Input: tca6416-keypad - remove unused struct tca6416_drv_data\n Input: tca6416-keypad - remove an unused field in struct tca6416_keypad_chip\n Input: da7280 - remove an unused field in struct da7280_haptic\n Input: ff-core - prefer struct_size over open coded arithmetic\n Input: cyapa - add missing input core locking to suspend/resume functions\n input: pm8xxx-vibrator: add new SPMI vibrator support\n dt-bindings: input: qcom,pm8xxx-vib: add new SPMI vibrator module\n input: pm8xxx-vibrator: refactor to support new SPMI vibrator\n Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation\n Input: sur40 - convert le16 to cpu before use\n ...\n" }, { "commit": "041c9f71a47b8b98f6bdbbf4c0312f9782ca9a70", "tree": "93fd6c207323aa6d2e11becaa703ee8ad60d5d90", "parents": [ "e292ead0c9dad3580cfd45693a59902c8d31a0a7", "d001e978c1c45b25d823489171151d13fd28ef4e" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:48:51 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:48:51 2024 -0700" }, "message": "Merge tag \u0027sound-fix-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound\n\nPull sound fixes from Takashi Iwai:\n \"A collection of small fixes for 6.10-rc1. Most of changes are various\n device-specific fixes and quirks, while there are a few small changes\n in ALSA core timer and module / built-in fixes\"\n\n* tag \u0027sound-fix-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:\n ALSA: hda/realtek: fix mute/micmute LEDs don\u0027t work for ProBook 440/460 G11.\n ALSA: core: Enable proc module when CONFIG_MODULES\u003dy\n ALSA: core: Fix NULL module pointer assignment at card init\n ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897\n ASoC: dt-bindings: stm32: Ensure compatible pattern matches whole string\n ASoC: tas2781: Fix wrong loading calibrated data sequence\n ASoC: tas2552: Add TX path for capturing AUDIO-OUT data\n ALSA: usb-audio: Fix for sampling rates support for Mbox3\n Documentation: sound: Fix trailing whitespaces\n ALSA: timer: Set lower bound of start tick time\n ASoC: codecs: ES8326: solve hp and button detect issue\n ASoC: rt5645: mic-in detection threshold modification\n ASoC: Intel: sof_sdw_rt_sdca_jack_common: Use name_prefix for `-sdca` detection\n" }, { "commit": "e292ead0c9dad3580cfd45693a59902c8d31a0a7", "tree": "e5f93fbf099931738aaa0c0e9aded25dd1004612", "parents": [ "f6d199c774241e65b7078d89df56b97c79cf5f66", "008ab3c53bc4f0b2f20013c8f6c204a3203d0b8b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:43:25 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:43:25 2024 -0700" }, "message": "Merge tag \u0027char-misc-6.10-rc1-fix\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc\n\nPull char/misc fix from Greg KH:\n \"Here is one remaining bugfix for 6.10-rc1 that missed the 6.9-final\n merge window, and has been sitting in my tree and linux-next for quite\n a while now, but wasn\u0027t sent to you (my fault, travels...)\n\n It is a bugfix to resolve an error in the speakup code that could\n overflow a buffer.\n\n It has been in linux-next for a while with no reported problems\"\n\n* tag \u0027char-misc-6.10-rc1-fix\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:\n speakup: Fix sizeof() vs ARRAY_SIZE() bug\n" }, { "commit": "f6d199c774241e65b7078d89df56b97c79cf5f66", "tree": "e47671876adfc794839309fb622217b598a4ccb3", "parents": [ "b0a9ba13ffdb9591d468d84f26ec2cefdd7625b4", "8492bd91aa055907c67ef04f2b56f6dadd1f44bf" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:38:28 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:38:28 2024 -0700" }, "message": "Merge tag \u0027tty-6.10-rc1-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty\n\nPull tty/serial fixes from Greg KH:\n \"Here are some small TTY and Serial driver fixes that missed the\n 6.9-final merge window, but have been in my tree for weeks (my fault,\n travel caused me to miss this)\n\n These fixes include:\n\n - more n_gsm fixes for reported problems\n\n - 8520_mtk driver fix\n\n - 8250_bcm7271 driver fix\n\n - sc16is7xx driver fix\n\n All of these have been in linux-next for weeks without any reported\n problems\"\n\n* tag \u0027tty-6.10-rc1-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:\n serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler\n serial: 8250_bcm7271: use default_mux_rate if possible\n serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup\n tty: n_gsm: fix missing receive state reset after mode switch\n tty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n" }, { "commit": "b0a9ba13ffdb9591d468d84f26ec2cefdd7625b4", "tree": "1d07c5f00a65ffdc626079a5dcca9c031cfd8527", "parents": [ "0eb03c7e8e2a4cc3653eb5eeb2d2001182071215", "ae1a863bcdbd6ea2abc93519a82ab5d715d5dcbc" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:33:44 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:33:44 2024 -0700" }, "message": "Merge tag \u0027hardening-v6.10-rc1-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux\n\nPull hardening fixes from Kees Cook:\n\n - loadpin: Prevent SECURITY_LOADPIN_ENFORCE\u003dy without module\n decompression (Stephen Boyd)\n\n - ubsan: Restore dependency on ARCH_HAS_UBSAN\n\n - kunit/fortify: Fix memcmp() test to be amplitude agnostic\n\n* tag \u0027hardening-v6.10-rc1-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:\n kunit/fortify: Fix memcmp() test to be amplitude agnostic\n ubsan: Restore dependency on ARCH_HAS_UBSAN\n loadpin: Prevent SECURITY_LOADPIN_ENFORCE\u003dy without module decompression\n" }, { "commit": "0eb03c7e8e2a4cc3653eb5eeb2d2001182071215", "tree": "94222ef7614292829f40b97c4e8a10779737d328", "parents": [ "6d69b6c12fce479fde7bc06f686212451688a102", "2dd00ac1d38afba1b59e439abc300a9b0ce696bf" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:27:34 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 24 08:27:34 2024 -0700" }, "message": "Merge tag \u0027trace-tracefs-v6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace\n\nPull tracefs/eventfs updates from Steven Rostedt:\n \"Bug fixes:\n\n - The eventfs directories need to have unique inode numbers. Make\n sure that they do not get the default file inode number.\n\n - Update the inode uid and gid fields on remount.\n\n When a remount happens where a uid and/or gid is specified, all the\n tracefs files and directories should get the specified uid and/or\n gid. But this can be sporadic when some uids were assigned already.\n There\u0027s already a list of inodes that are allocated. Just update\n their uid and gid fields at the time of remount.\n\n - Update the eventfs_inodes on remount from the top level \"events\"\n descriptor.\n\n There was a bug where not all the eventfs files or directories\n where getting updated on remount. One fix was to clear the\n SAVED_UID/GID flags from the inode list during the iteration of the\n inodes during the remount. But because the eventfs inodes can be\n freed when the last referenced is released, not all the\n eventfs_inodes were being updated. This lead to the ownership\n selftest to fail if it was run a second time (the first time would\n leave eventfs_inodes with no corresponding tracefs_inode).\n\n Instead, for eventfs_inodes, only process the \"events\"\n eventfs_inode from the list iteration, as it is guaranteed to have\n a tracefs_inode (it\u0027s never freed while the \"events\" directory\n exists). As it has a list of its children, and the children have a\n list of their children, just iterate all the eventfs_inodes from\n the \"events\" descriptor and it is guaranteed to get all of them.\n\n - Clear the EVENT_INODE flag from the tracefs_drop_inode() callback.\n\n Currently the EVENTFS_INODE FLAG is cleared in the tracefs_d_iput()\n callback. But this is the wrong location. The iput() callback is\n called when the last reference to the dentry inode is hit. There\n could be a case where two dentry\u0027s have the same inode, and the\n flag will be cleared prematurely. The flag needs to be cleared when\n the last reference of the inode is dropped and that happens in the\n inode\u0027s drop_inode() callback handler.\n\n Cleanups:\n\n - Consolidate the creation of a tracefs_inode for an eventfs_inode\n\n A tracefs_inode is created for both files and directories of the\n eventfs system. It is open coded. Instead, consolidate it into a\n single eventfs_get_inode() function call.\n\n - Remove the eventfs getattr and permission callbacks.\n\n The permissions for the eventfs files and directories are updated\n when the inodes are created, on remount, and when the user sets\n them (via setattr). The inodes hold the current permissions so\n there is no need to have custom getattr or permissions callbacks as\n they will more likely cause them to be incorrect. The inode\u0027s\n permissions are updated when they should be updated. Remove the\n getattr and permissions inode callbacks.\n\n - Do not update eventfs_inode attributes on creation of inodes.\n\n The eventfs_inodes attribute field is used to store the permissions\n of the directories and files for when their corresponding inodes\n are freed and are created again. But when the creation of the\n inodes happen, the eventfs_inode attributes are recalculated. The\n recalculation should only happen when the permissions change for a\n given file or directory. Currently, the attribute changes are just\n being set to their current files so this is not a bug, but it\u0027s\n unnecessary and error prone. Stop doing that.\n\n - The events directory inode is created once when the events\n directory is created and deleted when it is deleted. It is now\n updated on remount and when the user changes the permissions.\n There\u0027s no need to use the eventfs_inode of the events directory to\n store the events directory permissions. But using it to store the\n default permissions for the files within the directory that have\n not been updated by the user can simplify the code\"\n\n* tag \u0027trace-tracefs-v6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:\n eventfs: Do not use attributes for events directory\n eventfs: Cleanup permissions in creation of inodes\n eventfs: Remove getattr and permission callbacks\n eventfs: Consolidate the eventfs_inode update in eventfs_get_inode()\n tracefs: Clear EVENT_INODE flag in tracefs_drop_inode()\n eventfs: Update all the eventfs_inodes from the events descriptor\n tracefs: Update inode permissions on remount\n eventfs: Keep the directories from having the same inode number as files\n" }, { "commit": "b84a8aba806261d2f759ccedf4a2a6a80a5e55ba", "tree": "0496f78ee662c76ae5eab77f9d0fb3037aa56279", "parents": [ "a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32" ], "author": { "name": "dicken.ding", "email": "dicken.ding@mediatek.com", "time": "Fri May 24 17:17:39 2024 +0800" }, "committer": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Fri May 24 12:49:35 2024 +0200" }, "message": "genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()\n\nirq_find_at_or_after() dereferences the interrupt descriptor which is\nreturned by mt_find() while neither holding sparse_irq_lock nor RCU read\nlock, which means the descriptor can be freed between mt_find() and the\ndereference:\n\n CPU0 CPU1\n desc \u003d mt_find()\n delayed_free_desc(desc)\n irq_desc_get_irq(desc)\n\nThe use-after-free is reported by KASAN:\n\n Call trace:\n irq_get_next_irq+0x58/0x84\n show_stat+0x638/0x824\n seq_read_iter+0x158/0x4ec\n proc_reg_read_iter+0x94/0x12c\n vfs_read+0x1e0/0x2c8\n\n Freed by task 4471:\n slab_free_freelist_hook+0x174/0x1e0\n __kmem_cache_free+0xa4/0x1dc\n kfree+0x64/0x128\n irq_kobj_release+0x28/0x3c\n kobject_put+0xcc/0x1e0\n delayed_free_desc+0x14/0x2c\n rcu_do_batch+0x214/0x720\n\nGuard the access with a RCU read lock section.\n\nFixes: 721255b9826b (\"genirq: Use a maple tree for interrupt descriptor management\")\nSigned-off-by: dicken.ding \u003cdicken.ding@mediatek.com\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: stable@vger.kernel.org\nLink: https://lore.kernel.org/r/20240524091739.31611-1-dicken.ding@mediatek.com\n" }, { "commit": "302e9dca8428979c9c99f2dbb44dc1783f5011c3", "tree": "1719b1852705651c5b0b7af3473d9d502827bccf", "parents": [ "05afeeebcac850a016ec4fb1f681ceda11963562" ], "author": { "name": "Konstantin Komarov", "email": "almaz.alexandrovich@paragon-software.com", "time": "Tue Apr 23 17:21:58 2024 +0300" }, "committer": { "name": "Konstantin Komarov", "email": "almaz.alexandrovich@paragon-software.com", "time": "Fri May 24 12:50:12 2024 +0300" }, "message": "fs/ntfs3: Break dir enumeration if directory contents error\n\nIf we somehow attempt to read beyond the directory size, an error\nis supposed to be returned.\n\nHowever, in some cases, read requests do not stop and instead enter\ninto a loop.\n\nTo avoid this, we set the position in the directory to the end.\n\nSigned-off-by: Konstantin Komarov \u003calmaz.alexandrovich@paragon-software.com\u003e\nCc: stable@vger.kernel.org\n" }, { "commit": "05afeeebcac850a016ec4fb1f681ceda11963562", "tree": "c6e951a385b23b6a52b6ff70e7a297727bf33390", "parents": [ "24f6f5020b0b2c89c2cba5ec224547be95f753ee" ], "author": { "name": "Konstantin Komarov", "email": "almaz.alexandrovich@paragon-software.com", "time": "Tue Apr 23 15:31:56 2024 +0300" }, "committer": { "name": "Konstantin Komarov", "email": "almaz.alexandrovich@paragon-software.com", "time": "Fri May 24 12:50:12 2024 +0300" }, "message": "fs/ntfs3: Fix case when index is reused during tree transformation\n\nIn most cases when adding a cluster to the directory index,\nthey are placed at the end, and in the bitmap, this cluster corresponds\nto the last bit. The new directory size is calculated as follows:\n\n\tdata_size \u003d (u64)(bit + 1) \u003c\u003c indx-\u003eindex_bits;\n\nIn the case of reusing a non-final cluster from the index,\ndata_size is calculated incorrectly, resulting in the directory size\ndiffering from the actual size.\n\nA check for cluster reuse has been added, and the size update is skipped.\n\nFixes: 82cae269cfa95 (\"fs/ntfs3: Add initialization of super block\")\nSigned-off-by: Konstantin Komarov \u003calmaz.alexandrovich@paragon-software.com\u003e\nCc: stable@vger.kernel.org\n" }, { "commit": "a52b4f11a2e17109c4b9f7df4ff19215b1752efc", "tree": "8ec887201284e0e0ba490bdd066d76af19c19a30", "parents": [ "c010d09900823c8ada28c3bf97b4911fcb42a2d7" ], "author": { "name": "Jeff Xu", "email": "jeffxu@chromium.org", "time": "Mon Apr 15 16:35:24 2024 +0000" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Thu May 23 19:40:27 2024 -0700" }, "message": "selftest mm/mseal read-only elf memory segment\n\nSealing read-only of elf mapping so it can\u0027t be changed by mprotect.\n\n[jeffxu@chromium.org: style change]\n Link: https://lkml.kernel.org/r/20240416220944.2481203-2-jeffxu@chromium.org\n[amer.shanawany@gmail.com: fix linker error for inline function]\n Link: https://lkml.kernel.org/r/20240420202346.546444-1-amer.shanawany@gmail.com\n[jeffxu@chromium.org: fix compile warning]\n Link: https://lkml.kernel.org/r/20240420003515.345982-2-jeffxu@chromium.org\n[jeffxu@chromium.org: fix arm build]\n Link: https://lkml.kernel.org/r/20240502225331.3806279-2-jeffxu@chromium.org\nLink: https://lkml.kernel.org/r/20240415163527.626541-6-jeffxu@chromium.org\nSigned-off-by: Jeff Xu \u003cjeffxu@chromium.org\u003e\nSigned-off-by: Amer Al Shanawany \u003camer.shanawany@gmail.com\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Liam R. Howlett \u003cLiam.Howlett@oracle.com\u003e\nCc: Dave Hansen \u003cdave.hansen@intel.com\u003e\nCc: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nCc: Guenter Roeck \u003cgroeck@chromium.org\u003e\nCc: Jann Horn \u003cjannh@google.com\u003e\nCc: Jeff Xu \u003cjeffxu@google.com\u003e\nCc: Jonathan Corbet \u003ccorbet@lwn.net\u003e\nCc: Jorge Lucangeli Obes \u003cjorgelo@chromium.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Matthew Wilcox (Oracle) \u003cwilly@infradead.org\u003e\nCc: Muhammad Usama Anjum \u003cusama.anjum@collabora.com\u003e\nCc: Pedro Falcato \u003cpedro.falcato@gmail.com\u003e\nCc: Stephen Röttger \u003csroettger@google.com\u003e\nCc: Suren Baghdasaryan \u003csurenb@google.com\u003e\nCc: Amer Al Shanawany \u003camer.shanawany@gmail.com\u003e\nCc: Javier Carrasco \u003cjavier.carrasco.cruz@gmail.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "c010d09900823c8ada28c3bf97b4911fcb42a2d7", "tree": "acdbac6e8a50e75e24faab11729088dee619cd13", "parents": [ "4926c7a52de75c7219a04de7fa857ab30653704d" ], "author": { "name": "Jeff Xu", "email": "jeffxu@chromium.org", "time": "Mon Apr 15 16:35:23 2024 +0000" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Thu May 23 19:40:26 2024 -0700" }, "message": "mseal: add documentation\n\nAdd documentation for mseal().\n\nLink: https://lkml.kernel.org/r/20240415163527.626541-5-jeffxu@chromium.org\nSigned-off-by: Jeff Xu \u003cjeffxu@chromium.org\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Liam R. Howlett \u003cLiam.Howlett@oracle.com\u003e\nCc: Dave Hansen \u003cdave.hansen@intel.com\u003e\nCc: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nCc: Guenter Roeck \u003cgroeck@chromium.org\u003e\nCc: Jann Horn \u003cjannh@google.com\u003e\nCc: Jeff Xu \u003cjeffxu@google.com\u003e\nCc: Jonathan Corbet \u003ccorbet@lwn.net\u003e\nCc: Jorge Lucangeli Obes \u003cjorgelo@chromium.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Matthew Wilcox (Oracle) \u003cwilly@infradead.org\u003e\nCc: Muhammad Usama Anjum \u003cusama.anjum@collabora.com\u003e\nCc: Pedro Falcato \u003cpedro.falcato@gmail.com\u003e\nCc: Stephen Röttger \u003csroettger@google.com\u003e\nCc: Suren Baghdasaryan \u003csurenb@google.com\u003e\nCc: Amer Al Shanawany \u003camer.shanawany@gmail.com\u003e\nCc: Javier Carrasco \u003cjavier.carrasco.cruz@gmail.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "4926c7a52de75c7219a04de7fa857ab30653704d", "tree": "e46a2eb547403e485a798eebf8dbd1555a2373e0", "parents": [ "8be7258aad44b5e25977a98db136f677fa6f4370" ], "author": { "name": "Jeff Xu", "email": "jeffxu@chromium.org", "time": "Mon Apr 15 16:35:22 2024 +0000" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Thu May 23 19:40:26 2024 -0700" }, "message": "selftest mm/mseal memory sealing\n\nselftest for memory sealing change in mmap() and mseal().\n\nLink: https://lkml.kernel.org/r/20240415163527.626541-4-jeffxu@chromium.org\nSigned-off-by: Jeff Xu \u003cjeffxu@chromium.org\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Liam R. Howlett \u003cLiam.Howlett@oracle.com\u003e\nCc: Dave Hansen \u003cdave.hansen@intel.com\u003e\nCc: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nCc: Guenter Roeck \u003cgroeck@chromium.org\u003e\nCc: Jann Horn \u003cjannh@google.com\u003e\nCc: Jeff Xu \u003cjeffxu@google.com\u003e\nCc: Jonathan Corbet \u003ccorbet@lwn.net\u003e\nCc: Jorge Lucangeli Obes \u003cjorgelo@chromium.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Matthew Wilcox (Oracle) \u003cwilly@infradead.org\u003e\nCc: Muhammad Usama Anjum \u003cusama.anjum@collabora.com\u003e\nCc: Pedro Falcato \u003cpedro.falcato@gmail.com\u003e\nCc: Stephen Röttger \u003csroettger@google.com\u003e\nCc: Suren Baghdasaryan \u003csurenb@google.com\u003e\nCc: Amer Al Shanawany \u003camer.shanawany@gmail.com\u003e\nCc: Javier Carrasco \u003cjavier.carrasco.cruz@gmail.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "8be7258aad44b5e25977a98db136f677fa6f4370", "tree": "62b2b8937d4d8c22469c82e440e89d08615e3966", "parents": [ "ff388fe5c481d39cc0a5940d1ad46f7920f1d646" ], "author": { "name": "Jeff Xu", "email": "jeffxu@chromium.org", "time": "Mon Apr 15 16:35:21 2024 +0000" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Thu May 23 19:40:26 2024 -0700" }, "message": "mseal: add mseal syscall\n\nThe new mseal() is an syscall on 64 bit CPU, and with following signature:\n\nint mseal(void addr, size_t len, unsigned long flags)\naddr/len: memory range.\nflags: reserved.\n\nmseal() blocks following operations for the given memory range.\n\n1\u003e Unmapping, moving to another location, and shrinking the size,\n via munmap() and mremap(), can leave an empty space, therefore can\n be replaced with a VMA with a new set of attributes.\n\n2\u003e Moving or expanding a different VMA into the current location,\n via mremap().\n\n3\u003e Modifying a VMA via mmap(MAP_FIXED).\n\n4\u003e Size expansion, via mremap(), does not appear to pose any specific\n risks to sealed VMAs. It is included anyway because the use case is\n unclear. In any case, users can rely on merging to expand a sealed VMA.\n\n5\u003e mprotect() and pkey_mprotect().\n\n6\u003e Some destructive madvice() behaviors (e.g. MADV_DONTNEED) for anonymous\n memory, when users don\u0027t have write permission to the memory. Those\n behaviors can alter region contents by discarding pages, effectively a\n memset(0) for anonymous memory.\n\nFollowing input during RFC are incooperated into this patch:\n\nJann Horn: raising awareness and providing valuable insights on the\ndestructive madvise operations.\nLinus Torvalds: assisting in defining system call signature and scope.\nLiam R. Howlett: perf optimization.\nTheo de Raadt: sharing the experiences and insight gained from\n implementing mimmutable() in OpenBSD.\n\nFinally, the idea that inspired this patch comes from Stephen Röttger\u0027s\nwork in Chrome V8 CFI.\n\n[jeffxu@chromium.org: add branch prediction hint, per Pedro]\n Link: https://lkml.kernel.org/r/20240423192825.1273679-2-jeffxu@chromium.org\nLink: https://lkml.kernel.org/r/20240415163527.626541-3-jeffxu@chromium.org\nSigned-off-by: Jeff Xu \u003cjeffxu@chromium.org\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Liam R. Howlett \u003cLiam.Howlett@oracle.com\u003e\nCc: Pedro Falcato \u003cpedro.falcato@gmail.com\u003e\nCc: Dave Hansen \u003cdave.hansen@intel.com\u003e\nCc: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nCc: Guenter Roeck \u003cgroeck@chromium.org\u003e\nCc: Jann Horn \u003cjannh@google.com\u003e\nCc: Jeff Xu \u003cjeffxu@google.com\u003e\nCc: Jonathan Corbet \u003ccorbet@lwn.net\u003e\nCc: Jorge Lucangeli Obes \u003cjorgelo@chromium.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Matthew Wilcox (Oracle) \u003cwilly@infradead.org\u003e\nCc: Muhammad Usama Anjum \u003cusama.anjum@collabora.com\u003e\nCc: Pedro Falcato \u003cpedro.falcato@gmail.com\u003e\nCc: Stephen Röttger \u003csroettger@google.com\u003e\nCc: Suren Baghdasaryan \u003csurenb@google.com\u003e\nCc: Amer Al Shanawany \u003camer.shanawany@gmail.com\u003e\nCc: Javier Carrasco \u003cjavier.carrasco.cruz@gmail.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "ff388fe5c481d39cc0a5940d1ad46f7920f1d646", "tree": "88edeedd3dd48e046d24bcf398aacbd3625e925a", "parents": [ "c760b3725e52403dc1b28644fb09c47a83cacea6" ], "author": { "name": "Jeff Xu", "email": "jeffxu@chromium.org", "time": "Mon Apr 15 16:35:20 2024 +0000" }, "committer": { "name": "Andrew Morton", "email": "akpm@linux-foundation.org", "time": "Thu May 23 19:40:26 2024 -0700" }, "message": "mseal: wire up mseal syscall\n\nPatch series \"Introduce mseal\", v10.\n\nThis patchset proposes a new mseal() syscall for the Linux kernel.\n\nIn a nutshell, mseal() protects the VMAs of a given virtual memory range\nagainst modifications, such as changes to their permission bits.\n\nModern CPUs support memory permissions, such as the read/write (RW) and\nno-execute (NX) bits. Linux has supported NX since the release of kernel\nversion 2.6.8 in August 2004 [1]. The memory permission feature improves\nthe security stance on memory corruption bugs, as an attacker cannot\nsimply write to arbitrary memory and point the code to it. The memory\nmust be marked with the X bit, or else an exception will occur. \nInternally, the kernel maintains the memory permissions in a data\nstructure called VMA (vm_area_struct). mseal() additionally protects the\nVMA itself against modifications of the selected seal type.\n\nMemory sealing is useful to mitigate memory corruption issues where a\ncorrupted pointer is passed to a memory management system. For example,\nsuch an attacker primitive can break control-flow integrity guarantees\nsince read-only memory that is supposed to be trusted can become writable\nor .text pages can get remapped. Memory sealing can automatically be\napplied by the runtime loader to seal .text and .rodata pages and\napplications can additionally seal security critical data at runtime. A\nsimilar feature already exists in the XNU kernel with the\nVM_FLAGS_PERMANENT [3] flag and on OpenBSD with the mimmutable syscall\n[4]. Also, Chrome wants to adopt this feature for their CFI work [2] and\nthis patchset has been designed to be compatible with the Chrome use case.\n\nTwo system calls are involved in sealing the map: mmap() and mseal().\n\nThe new mseal() is an syscall on 64 bit CPU, and with following signature:\n\nint mseal(void addr, size_t len, unsigned long flags)\naddr/len: memory range.\nflags: reserved.\n\nmseal() blocks following operations for the given memory range.\n\n1\u003e Unmapping, moving to another location, and shrinking the size,\n via munmap() and mremap(), can leave an empty space, therefore can\n be replaced with a VMA with a new set of attributes.\n\n2\u003e Moving or expanding a different VMA into the current location,\n via mremap().\n\n3\u003e Modifying a VMA via mmap(MAP_FIXED).\n\n4\u003e Size expansion, via mremap(), does not appear to pose any specific\n risks to sealed VMAs. It is included anyway because the use case is\n unclear. In any case, users can rely on merging to expand a sealed VMA.\n\n5\u003e mprotect() and pkey_mprotect().\n\n6\u003e Some destructive madvice() behaviors (e.g. MADV_DONTNEED) for anonymous\n memory, when users don\u0027t have write permission to the memory. Those\n behaviors can alter region contents by discarding pages, effectively a\n memset(0) for anonymous memory.\n\nThe idea that inspired this patch comes from Stephen Röttger’s work in\nV8 CFI [5]. Chrome browser in ChromeOS will be the first user of this\nAPI.\n\nIndeed, the Chrome browser has very specific requirements for sealing,\nwhich are distinct from those of most applications. For example, in the\ncase of libc, sealing is only applied to read-only (RO) or read-execute\n(RX) memory segments (such as .text and .RELRO) to prevent them from\nbecoming writable, the lifetime of those mappings are tied to the lifetime\nof the process.\n\nChrome wants to seal two large address space reservations that are managed\nby different allocators. The memory is mapped RW- and RWX respectively\nbut write access to it is restricted using pkeys (or in the future ARM\npermission overlay extensions). The lifetime of those mappings are not\ntied to the lifetime of the process, therefore, while the memory is\nsealed, the allocators still need to free or discard the unused memory. \nFor example, with madvise(DONTNEED).\n\nHowever, always allowing madvise(DONTNEED) on this range poses a security\nrisk. For example if a jump instruction crosses a page boundary and the\nsecond page gets discarded, it will overwrite the target bytes with zeros\nand change the control flow. Checking write-permission before the discard\noperation allows us to control when the operation is valid. In this case,\nthe madvise will only succeed if the executing thread has PKEY write\npermissions and PKRU changes are protected in software by control-flow\nintegrity.\n\nAlthough the initial version of this patch series is targeting the Chrome\nbrowser as its first user, it became evident during upstream discussions\nthat we would also want to ensure that the patch set eventually is a\ncomplete solution for memory sealing and compatible with other use cases. \nThe specific scenario currently in mind is glibc\u0027s use case of loading and\nsealing ELF executables. To this end, Stephen is working on a change to\nglibc to add sealing support to the dynamic linker, which will seal all\nnon-writable segments at startup. Once this work is completed, all\napplications will be able to automatically benefit from these new\nprotections.\n\nIn closing, I would like to formally acknowledge the valuable\ncontributions received during the RFC process, which were instrumental in\nshaping this patch:\n\nJann Horn: raising awareness and providing valuable insights on the\n destructive madvise operations.\nLiam R. Howlett: perf optimization.\nLinus Torvalds: assisting in defining system call signature and scope.\nTheo de Raadt: sharing the experiences and insight gained from\n implementing mimmutable() in OpenBSD.\n\nMM perf benchmarks\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\nThis patch adds a loop in the mprotect/munmap/madvise(DONTNEED) to\ncheck the VMAs’ sealing flag, so that no partial update can be made,\nwhen any segment within the given memory range is sealed.\n\nTo measure the performance impact of this loop, two tests are developed.\n[8]\n\nThe first is measuring the time taken for a particular system call,\nby using clock_gettime(CLOCK_MONOTONIC). The second is using\nPERF_COUNT_HW_REF_CPU_CYCLES (exclude user space). Both tests have\nsimilar results.\n\nThe tests have roughly below sequence:\nfor (i \u003d 0; i \u003c 1000, i++)\n create 1000 mappings (1 page per VMA)\n start the sampling\n for (j \u003d 0; j \u003c 1000, j++)\n mprotect one mapping\n stop and save the sample\n delete 1000 mappings\ncalculates all samples.\n\nBelow tests are performed on Intel(R) Pentium(R) Gold 7505 @ 2.00GHz,\n4G memory, Chromebook.\n\nBased on the latest upstream code:\nThe first test (measuring time)\nsyscall__\tvmas\tt\tt_mseal\tdelta_ns\tper_vma\t%\nmunmap__ \t1\t909\t944\t35\t35\t104%\nmunmap__ \t2\t1398\t1502\t104\t52\t107%\nmunmap__ \t4\t2444\t2594\t149\t37\t106%\nmunmap__ \t8\t4029\t4323\t293\t37\t107%\nmunmap__ \t16\t6647\t6935\t288\t18\t104%\nmunmap__ \t32\t11811\t12398\t587\t18\t105%\nmprotect\t1\t439\t465\t26\t26\t106%\nmprotect\t2\t1659\t1745\t86\t43\t105%\nmprotect\t4\t3747\t3889\t142\t36\t104%\nmprotect\t8\t6755\t6969\t215\t27\t103%\nmprotect\t16\t13748\t14144\t396\t25\t103%\nmprotect\t32\t27827\t28969\t1142\t36\t104%\nmadvise_\t1\t240\t262\t22\t22\t109%\nmadvise_\t2\t366\t442\t76\t38\t121%\nmadvise_\t4\t623\t751\t128\t32\t121%\nmadvise_\t8\t1110\t1324\t215\t27\t119%\nmadvise_\t16\t2127\t2451\t324\t20\t115%\nmadvise_\t32\t4109\t4642\t534\t17\t113%\n\nThe second test (measuring cpu cycle)\nsyscall__\tvmas\tcpu\tcmseal\tdelta_cpu\tper_vma\t%\nmunmap__\t1\t1790\t1890\t100\t100\t106%\nmunmap__\t2\t2819\t3033\t214\t107\t108%\nmunmap__\t4\t4959\t5271\t312\t78\t106%\nmunmap__\t8\t8262\t8745\t483\t60\t106%\nmunmap__\t16\t13099\t14116\t1017\t64\t108%\nmunmap__\t32\t23221\t24785\t1565\t49\t107%\nmprotect\t1\t906\t967\t62\t62\t107%\nmprotect\t2\t3019\t3203\t184\t92\t106%\nmprotect\t4\t6149\t6569\t420\t105\t107%\nmprotect\t8\t9978\t10524\t545\t68\t105%\nmprotect\t16\t20448\t21427\t979\t61\t105%\nmprotect\t32\t40972\t42935\t1963\t61\t105%\nmadvise_\t1\t434\t497\t63\t63\t115%\nmadvise_\t2\t752\t899\t147\t74\t120%\nmadvise_\t4\t1313\t1513\t200\t50\t115%\nmadvise_\t8\t2271\t2627\t356\t44\t116%\nmadvise_\t16\t4312\t4883\t571\t36\t113%\nmadvise_\t32\t8376\t9319\t943\t29\t111%\n\nBased on the result, for 6.8 kernel, sealing check adds\n20-40 nano seconds, or around 50-100 CPU cycles, per VMA.\n\nIn addition, I applied the sealing to 5.10 kernel:\nThe first test (measuring time)\nsyscall__\tvmas\tt\ttmseal\tdelta_ns\tper_vma\t%\nmunmap__\t1\t357\t390\t33\t33\t109%\nmunmap__\t2\t442\t463\t21\t11\t105%\nmunmap__\t4\t614\t634\t20\t5\t103%\nmunmap__\t8\t1017\t1137\t120\t15\t112%\nmunmap__\t16\t1889\t2153\t263\t16\t114%\nmunmap__\t32\t4109\t4088\t-21\t-1\t99%\nmprotect\t1\t235\t227\t-7\t-7\t97%\nmprotect\t2\t495\t464\t-30\t-15\t94%\nmprotect\t4\t741\t764\t24\t6\t103%\nmprotect\t8\t1434\t1437\t2\t0\t100%\nmprotect\t16\t2958\t2991\t33\t2\t101%\nmprotect\t32\t6431\t6608\t177\t6\t103%\nmadvise_\t1\t191\t208\t16\t16\t109%\nmadvise_\t2\t300\t324\t24\t12\t108%\nmadvise_\t4\t450\t473\t23\t6\t105%\nmadvise_\t8\t753\t806\t53\t7\t107%\nmadvise_\t16\t1467\t1592\t125\t8\t108%\nmadvise_\t32\t2795\t3405\t610\t19\t122%\n\t\t\t\t\t\nThe second test (measuring cpu cycle)\nsyscall__\tnbr_vma\tcpu\tcmseal\tdelta_cpu\tper_vma\t%\nmunmap__\t1\t684\t715\t31\t31\t105%\nmunmap__\t2\t861\t898\t38\t19\t104%\nmunmap__\t4\t1183\t1235\t51\t13\t104%\nmunmap__\t8\t1999\t2045\t46\t6\t102%\nmunmap__\t16\t3839\t3816\t-23\t-1\t99%\nmunmap__\t32\t7672\t7887\t216\t7\t103%\nmprotect\t1\t397\t443\t46\t46\t112%\nmprotect\t2\t738\t788\t50\t25\t107%\nmprotect\t4\t1221\t1256\t35\t9\t103%\nmprotect\t8\t2356\t2429\t72\t9\t103%\nmprotect\t16\t4961\t4935\t-26\t-2\t99%\nmprotect\t32\t9882\t10172\t291\t9\t103%\nmadvise_\t1\t351\t380\t29\t29\t108%\nmadvise_\t2\t565\t615\t49\t25\t109%\nmadvise_\t4\t872\t933\t61\t15\t107%\nmadvise_\t8\t1508\t1640\t132\t16\t109%\nmadvise_\t16\t3078\t3323\t245\t15\t108%\nmadvise_\t32\t5893\t6704\t811\t25\t114%\n\nFor 5.10 kernel, sealing check adds 0-15 ns in time, or 10-30\nCPU cycles, there is even decrease in some cases.\n\nIt might be interesting to compare 5.10 and 6.8 kernel\nThe first test (measuring time)\nsyscall__\tvmas\tt_5_10\tt_6_8\tdelta_ns\tper_vma\t%\nmunmap__\t1\t357\t909\t552\t552\t254%\nmunmap__\t2\t442\t1398\t956\t478\t316%\nmunmap__\t4\t614\t2444\t1830\t458\t398%\nmunmap__\t8\t1017\t4029\t3012\t377\t396%\nmunmap__\t16\t1889\t6647\t4758\t297\t352%\nmunmap__\t32\t4109\t11811\t7702\t241\t287%\nmprotect\t1\t235\t439\t204\t204\t187%\nmprotect\t2\t495\t1659\t1164\t582\t335%\nmprotect\t4\t741\t3747\t3006\t752\t506%\nmprotect\t8\t1434\t6755\t5320\t665\t471%\nmprotect\t16\t2958\t13748\t10790\t674\t465%\nmprotect\t32\t6431\t27827\t21397\t669\t433%\nmadvise_\t1\t191\t240\t49\t49\t125%\nmadvise_\t2\t300\t366\t67\t33\t122%\nmadvise_\t4\t450\t623\t173\t43\t138%\nmadvise_\t8\t753\t1110\t357\t45\t147%\nmadvise_\t16\t1467\t2127\t660\t41\t145%\nmadvise_\t32\t2795\t4109\t1314\t41\t147%\n\nThe second test (measuring cpu cycle)\nsyscall__\tvmas\tcpu_5_10\tc_6_8\tdelta_cpu\tper_vma\t%\nmunmap__\t1\t684\t1790\t1106\t1106\t262%\nmunmap__\t2\t861\t2819\t1958\t979\t327%\nmunmap__\t4\t1183\t4959\t3776\t944\t419%\nmunmap__\t8\t1999\t8262\t6263\t783\t413%\nmunmap__\t16\t3839\t13099\t9260\t579\t341%\nmunmap__\t32\t7672\t23221\t15549\t486\t303%\nmprotect\t1\t397\t906\t509\t509\t228%\nmprotect\t2\t738\t3019\t2281\t1140\t409%\nmprotect\t4\t1221\t6149\t4929\t1232\t504%\nmprotect\t8\t2356\t9978\t7622\t953\t423%\nmprotect\t16\t4961\t20448\t15487\t968\t412%\nmprotect\t32\t9882\t40972\t31091\t972\t415%\nmadvise_\t1\t351\t434\t82\t82\t123%\nmadvise_\t2\t565\t752\t186\t93\t133%\nmadvise_\t4\t872\t1313\t442\t110\t151%\nmadvise_\t8\t1508\t2271\t763\t95\t151%\nmadvise_\t16\t3078\t4312\t1234\t77\t140%\nmadvise_\t32\t5893\t8376\t2483\t78\t142%\n\nFrom 5.10 to 6.8\nmunmap: added 250-550 ns in time, or 500-1100 in cpu cycle, per vma.\nmprotect: added 200-750 ns in time, or 500-1200 in cpu cycle, per vma.\nmadvise: added 33-50 ns in time, or 70-110 in cpu cycle, per vma.\n\nIn comparison to mseal, which adds 20-40 ns or 50-100 CPU cycles, the\nincrease from 5.10 to 6.8 is significantly larger, approximately ten times\ngreater for munmap and mprotect.\n\nWhen I discuss the mm performance with Brian Makin, an engineer who worked\non performance, it was brought to my attention that such performance\nbenchmarks, which measuring millions of mm syscall in a tight loop, may\nnot accurately reflect real-world scenarios, such as that of a database\nservice. Also this is tested using a single HW and ChromeOS, the data\nfrom another HW or distribution might be different. It might be best to\ntake this data with a grain of salt.\n\n\nThis patch (of 5):\n\nWire up mseal syscall for all architectures.\n\nLink: https://lkml.kernel.org/r/20240415163527.626541-1-jeffxu@chromium.org\nLink: https://lkml.kernel.org/r/20240415163527.626541-2-jeffxu@chromium.org\nSigned-off-by: Jeff Xu \u003cjeffxu@chromium.org\u003e\nReviewed-by: Kees Cook \u003ckeescook@chromium.org\u003e\nReviewed-by: Liam R. Howlett \u003cLiam.Howlett@oracle.com\u003e\nCc: Dave Hansen \u003cdave.hansen@intel.com\u003e\nCc: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nCc: Guenter Roeck \u003cgroeck@chromium.org\u003e\nCc: Jann Horn \u003cjannh@google.com\u003e [Bug #2]\nCc: Jeff Xu \u003cjeffxu@google.com\u003e\nCc: Jonathan Corbet \u003ccorbet@lwn.net\u003e\nCc: Jorge Lucangeli Obes \u003cjorgelo@chromium.org\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Matthew Wilcox (Oracle) \u003cwilly@infradead.org\u003e\nCc: Muhammad Usama Anjum \u003cusama.anjum@collabora.com\u003e\nCc: Pedro Falcato \u003cpedro.falcato@gmail.com\u003e\nCc: Stephen Röttger \u003csroettger@google.com\u003e\nCc: Suren Baghdasaryan \u003csurenb@google.com\u003e\nCc: Amer Al Shanawany \u003camer.shanawany@gmail.com\u003e\nCc: Javier Carrasco \u003cjavier.carrasco.cruz@gmail.com\u003e\nCc: Shuah Khan \u003cshuah@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\n" }, { "commit": "6d69b6c12fce479fde7bc06f686212451688a102", "tree": "b0675146a47d7ee36d32117fc715efde9e377070", "parents": [ "b4d88a60fe0e126b245583c5003584cf6751e536", "3c0a2e0b0ae661457c8505fecc7be5501aa7a715" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:51:09 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:51:09 2024 -0700" }, "message": "Merge tag \u0027nfs-for-6.10-1\u0027 of git://git.linux-nfs.org/projects/trondmy/linux-nfs\n\nPull NFS client updates from Trond Myklebust:\n \"Stable fixes:\n - nfs: fix undefined behavior in nfs_block_bits()\n - NFSv4.2: Fix READ_PLUS when server doesn\u0027t support OP_READ_PLUS\n\n Bugfixes:\n - Fix mixing of the lock/nolock and local_lock mount options\n - NFSv4: Fixup smatch warning for ambiguous return\n - NFSv3: Fix remount when using the legacy binary mount api\n - SUNRPC: Fix the handling of expired RPCSEC_GSS contexts\n - SUNRPC: fix the NFSACL RPC retries when soft mounts are enabled\n - rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL\n\n Features and cleanups:\n - NFSv3: Use the atomic_open API to fix open(O_CREAT|O_TRUNC)\n - pNFS/filelayout: S layout segment range in LAYOUTGET\n - pNFS: rework pnfs_generic_pg_check_layout to check IO range\n - NFSv2: Turn off enabling of NFS v2 by default\"\n\n* tag \u0027nfs-for-6.10-1\u0027 of git://git.linux-nfs.org/projects/trondmy/linux-nfs:\n nfs: fix undefined behavior in nfs_block_bits()\n pNFS: rework pnfs_generic_pg_check_layout to check IO range\n pNFS/filelayout: check layout segment range\n pNFS/filelayout: fixup pNfs allocation modes\n rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL\n NFS: Don\u0027t enable NFS v2 by default\n NFS: Fix READ_PLUS when server doesn\u0027t support OP_READ_PLUS\n sunrpc: fix NFSACL RPC retry on soft mount\n SUNRPC: fix handling expired GSS context\n nfs: keep server info for remounts\n NFSv4: Fixup smatch warning for ambiguous return\n NFS: make sure lock/nolock overriding local_lock mount option\n NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly.\n pNFS/filelayout: Specify the layout segment range in LAYOUTGET\n pNFS/filelayout: Remove the whole file layout requirement\n" }, { "commit": "b4d88a60fe0e126b245583c5003584cf6751e536", "tree": "2d3977342561eff664ca9b745aff508e642f1fd9", "parents": [ "483a351ed4d464265aed61cab4a990b0023f8400", "a2db328b0839312c169eb42746ec46fc1ab53ed2" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:44:47 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:44:47 2024 -0700" }, "message": "Merge tag \u0027block-6.10-20240523\u0027 of git://git.kernel.dk/linux\n\nPull more block updates from Jens Axboe:\n \"Followup block updates, mostly due to NVMe being a bit late to the\n party. But nothing major in there, so not a big deal.\n\n In detail, this contains:\n\n - NVMe pull request via Keith:\n - Fabrics connection retries (Daniel, Hannes)\n - Fabrics logging enhancements (Tokunori)\n - RDMA delete optimization (Sagi)\n\n - ublk DMA alignment fix (me)\n\n - null_blk sparse warning fixes (Bart)\n\n - Discard support for brd (Keith)\n\n - blk-cgroup list corruption fixes (Ming)\n\n - blk-cgroup stat propagation fix (Waiman)\n\n - Regression fix for plugging stall with md (Yu)\n\n - Misc fixes or cleanups (David, Jeff, Justin)\"\n\n* tag \u0027block-6.10-20240523\u0027 of git://git.kernel.dk/linux: (24 commits)\n null_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027\n blk-throttle: remove unused struct \u0027avg_latency_bucket\u0027\n block: fix lost bio for plug enabled bio based device\n block: t10-pi: add MODULE_DESCRIPTION()\n blk-mq: add helper for checking if one CPU is mapped to specified hctx\n blk-cgroup: Properly propagate the iostat update up the hierarchy\n blk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued\n blk-cgroup: fix list corruption from resetting io stat\n cdrom: rearrange last_media_change check to avoid unintentional overflow\n nbd: Fix signal handling\n nbd: Remove a local variable from nbd_send_cmd()\n nbd: Improve the documentation of the locking assumptions\n nbd: Remove superfluous casts\n nbd: Use NULL to represent a pointer\n brd: implement discard support\n null_blk: Fix two sparse warnings\n ublk_drv: set DMA alignment mask to 3\n nvme-rdma, nvme-tcp: include max reconnects for reconnect logging\n nvmet-rdma: Avoid o(n^2) loop in delete_ctrl\n nvme: do not retry authentication failures\n ...\n" }, { "commit": "483a351ed4d464265aed61cab4a990b0023f8400", "tree": "5e7658d7bab3bda7905019b1c6dea1a417dfab61", "parents": [ "c2c80ecdb48aab735d770685207df96b8d0c0112", "547988ad0f9661cd9632bdebd63cf38e008b55b2" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:41:49 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:41:49 2024 -0700" }, "message": "Merge tag \u0027io_uring-6.10-20240523\u0027 of git://git.kernel.dk/linux\n\nPull io_uring fixes from Jens Axboe:\n \"Single fix here for a regression in 6.9, and then a simple cleanup\n removing some dead code\"\n\n* tag \u0027io_uring-6.10-20240523\u0027 of git://git.kernel.dk/linux:\n io_uring: remove checks for NULL \u0027sq_offset\u0027\n io_uring/sqpoll: ensure that normal task_work is also run timely\n" }, { "commit": "c2c80ecdb48aab735d770685207df96b8d0c0112", "tree": "182e8f81fb12d4978e36e6ccc0338332ba733538", "parents": [ "09f8f2c4ca4263b40f766238a92ef9c5f93ea5a5", "74b38cd77d3eb63c6d0ad9cf2ae59812ae54d3ee" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:39:42 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:39:42 2024 -0700" }, "message": "Merge tag \u0027regulator-fix-v6.10-merge-window\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator\n\nPull regulator fixes from Mark Brown:\n \"A bunch of fixes that came in during the merge window.\n\n Matti found several issues with some of the more complexly configured\n Rohm regulators and the helpers they use and there were some errors in\n the specification of tps6594 when regulators are grouped together\"\n\n* tag \u0027regulator-fix-v6.10-merge-window\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regulator:\n regulator: tps6594-regulator: Correct multi-phase configuration\n regulator: tps6287x: Force writing VSEL bit\n regulator: pickable ranges: don\u0027t always cache vsel\n regulator: rohm-regulator: warn if unsupported voltage is set\n regulator: bd71828: Don\u0027t overwrite runtime voltages\n" }, { "commit": "09f8f2c4ca4263b40f766238a92ef9c5f93ea5a5", "tree": "bd46d785100ec24dce8ea480a97caf93e5a0766b", "parents": [ "66ad4829ddd0b5540dc0b076ef2818e89c8f720e", "7ba822189e6060a8a2833b721d430f833bf0db43" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:38:31 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 13:38:31 2024 -0700" }, "message": "Merge tag \u0027regmap-fix-v6.10-merge-window\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap\n\nPull regmap fix from Mark Brown:\n \"Guenter ran with memory sanitisers and found an issue in the new KUnit\n tests that Richard added where an assumption in older test code was\n exposed, this was fixed quickly by Richard\"\n\n* tag \u0027regmap-fix-v6.10-merge-window\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/regmap:\n regmap: kunit: Fix array overflow in stride() test\n" }, { "commit": "a6c11c0a5235fb144a65e0cb2ffd360ddc1f6c32", "tree": "4105fb07e3c152de792a5a683e3a81366bb5cf3e", "parents": [ "88d68bbd07328aea6f6488b6803839970880492a" ], "author": { "name": "Dongli Zhang", "email": "dongli.zhang@oracle.com", "time": "Wed May 22 15:02:18 2024 -0700" }, "committer": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu May 23 21:51:50 2024 +0200" }, "message": "genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd-\u003emove_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU\u0027s vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd-\u003eprev_vector because the interrupt isn\u0027t currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn\u0027t reclaim apicd-\u003eprev_vector; instead, it simply resets both\napicd-\u003emove_in_progress and apicd-\u003eprev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd-\u003eprev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd-\u003emove_in_progress with apicd-\u003eprev_cpu pointing to an offline CPU.\n\nFixes: f0383c24b485 (\"genirq/cpuhotplug: Add support for cleaning up move in progress\")\nSigned-off-by: Dongli Zhang \u003cdongli.zhang@oracle.com\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: stable@vger.kernel.org\nLink: https://lore.kernel.org/r/20240522220218.162423-1-dongli.zhang@oracle.com\n" }, { "commit": "66ad4829ddd0b5540dc0b076ef2818e89c8f720e", "tree": "628e2f73202a3e9e22865e8cd8f69db8692edfd3", "parents": [ "404001ddf3e40369510a08b8b7e895c2da692b79", "c71e3a5cffd5309d7f84444df03d5b72600cc417" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:49:37 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:49:37 2024 -0700" }, "message": "Merge tag \u0027net-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net\n\nPull networking fixes from Paolo Abeni:\n \"Quite smaller than usual. Notably it includes the fix for the unix\n regression from the past weeks. The TCP window fix will require some\n follow-up, already queued.\n\n Current release - regressions:\n\n - af_unix: fix garbage collection of embryos\n\n Previous releases - regressions:\n\n - af_unix: fix race between GC and receive path\n\n - ipv6: sr: fix missing sk_buff release in seg6_input_core\n\n - tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value\n\n - eth: r8169: fix rx hangup\n\n - eth: lan966x: remove ptp traps in case the ptp is not enabled\n\n - eth: ixgbe: fix link breakage vs cisco switches\n\n - eth: ice: prevent ethtool from corrupting the channels\n\n Previous releases - always broken:\n\n - openvswitch: set the skbuff pkt_type for proper pmtud support\n\n - tcp: Fix shift-out-of-bounds in dctcp_update_alpha()\n\n Misc:\n\n - a bunch of selftests stabilization patches\"\n\n* tag \u0027net-6.10-rc1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (25 commits)\n r8169: Fix possible ring buffer corruption on fragmented Tx packets.\n idpf: Interpret .set_channels() input differently\n ice: Interpret .set_channels() input differently\n nfc: nci: Fix handling of zero-length payload packets in nci_rx_work()\n net: relax socket state check at accept time.\n tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value\n net: ti: icssg_prueth: Fix NULL pointer dereference in prueth_probe()\n tls: fix missing memory barrier in tls_init\n net: fec: avoid lock evasion when reading pps_enable\n Revert \"ixgbe: Manual AN-37 for troublesome link partners for X550 SFI\"\n testing: net-drv: use stats64 for testing\n net: mana: Fix the extra HZ in mana_hwc_send_request\n net: lan966x: Remove ptp traps in case the ptp is not enabled.\n openvswitch: Set the skbuff pkt_type for proper pmtud support.\n selftest: af_unix: Make SCM_RIGHTS into OOB data.\n af_unix: Fix garbage collection of embryos carrying OOB with SCM_RIGHTS\n tcp: Fix shift-out-of-bounds in dctcp_update_alpha().\n selftests/net: use tc rule to filter the na packet\n ipv6: sr: fix memleak in seg6_hmac_init_algo\n af_unix: Update unix_sk(sk)-\u003eoob_skb under sk_receive_queue lock.\n ...\n" }, { "commit": "404001ddf3e40369510a08b8b7e895c2da692b79", "tree": "48803b50a62640da7ffb046ca0e32ac378574289", "parents": [ "e82d2af501072930983bfa7a0d200fc8aeb4f63c", "1e8b7b3dbb3103d577a586ca72bc329f7b67120b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:36:38 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:36:38 2024 -0700" }, "message": "Merge tag \u0027trace-fixes-v6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace\n\nPull tracing fixes from Steven Rostedt:\n \"Minor last minute fixes:\n\n - Fix a very tight race between the ring buffer readers and resizing\n the ring buffer\n\n - Correct some stale comments in the ring buffer code\n\n - Fix kernel-doc in the rv code\n\n - Add a MODULE_DESCRIPTION to preemptirq_delay_test\"\n\n* tag \u0027trace-fixes-v6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:\n rv: Update rv_en(dis)able_monitor doc to match kernel-doc\n tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test\n ring-buffer: Fix a race between readers and resize checks\n ring-buffer: Correct stale comments related to non-consuming readers\n" }, { "commit": "e82d2af501072930983bfa7a0d200fc8aeb4f63c", "tree": "c46d7c872de1288cc50a3a67743ed58767797be7", "parents": [ "d6a326d694e77fd1d90ae40ad3c73a6af0eb1b8d", "df73757cf8f66fa54c4721c53b0916af3c4d9818" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:32:15 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:32:15 2024 -0700" }, "message": "Merge tag \u0027trace-tools-v6.10-2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace\n\nPull tracing tool fix from Steven Rostedt:\n \"Fix printf format warnings in latency-collector.\n\n Use the printf format string with %s to take a string instead of\n taking in a string directly\"\n\n* tag \u0027trace-tools-v6.10-2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:\n tools/latency-collector: Fix -Wformat-security compile warns\n" }, { "commit": "d6a326d694e77fd1d90ae40ad3c73a6af0eb1b8d", "tree": "65620f42b46c745e16298f31b45d54b33ec0ebea", "parents": [ "bca2a25d3be779fbdf912de8e1ded6dcd483845d", "2c92ca849fcc6ee7d0c358e9959abc9f58661aea" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:28:01 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:28:01 2024 -0700" }, "message": "Merge tag \u0027trace-assign-str-v6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace\n\nPull tracing cleanup from Steven Rostedt:\n \"Remove second argument of __assign_str()\n\n The __assign_str() macro logic of the TRACE_EVENT() macro was\n optimized so that it no longer needs the second argument. The\n __assign_str() is always matched with __string() field that takes a\n field name and the source for that field:\n\n __string(field, source)\n\n The TRACE_EVENT() macro logic will save off the source value and then\n use that value to copy into the ring buffer via the __assign_str().\n\n Before commit c1fa617caeb0 (\"tracing: Rework __assign_str() and\n __string() to not duplicate getting the string\"), the __assign_str()\n needed the second argument which would perform the same logic as the\n __string() source parameter did. Not only would this add overhead, but\n it was error prone as if the __assign_str() source produced something\n different, it may not have allocated enough for the string in the ring\n buffer (as the __string() source was used to determine how much to\n allocate)\n\n Now that the __assign_str() just uses the same string that was used in\n __string() it no longer needs the source parameter. It can now be\n removed\"\n\n* tag \u0027trace-assign-str-v6.10\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:\n tracing/treewide: Remove second parameter of __assign_str()\n" }, { "commit": "bca2a25d3be779fbdf912de8e1ded6dcd483845d", "tree": "426c75e626ace0c5e47d40be48c4be9daa380a1f", "parents": [ "2b7ced108e93b837f152841ac1f0bf45ed2a6b21", "1c9e709cde80fb612e07d9503ad04457e8a58da2" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:22:20 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:22:20 2024 -0700" }, "message": "Merge tag \u0027sparc-for-6.10-tag1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/alarsson/linux-sparc\n\nPull sparc updates from Andreas Larsson:\n\n - Avoid on-stack cpumask variables in a number of places\n\n - Move struct termio to asm/termios.h, matching other architectures and\n allowing certain user space applications to build also for sparc\n\n - Fix missing prototype warnings for sparc64\n\n - Fix version generation warnings for sparc32\n\n - Fix bug where non-consecutive CPU IDs lead to some CPUs not starting\n\n - Simplification using swap and cleanup using NULL for pointer\n\n - Convert sparc parport and chmc drivers to use remove callbacks\n returning void\n\n* tag \u0027sparc-for-6.10-tag1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/alarsson/linux-sparc:\n sparc/leon: Remove on-stack cpumask var\n sparc/pci_msi: Remove on-stack cpumask var\n sparc/of: Remove on-stack cpumask var\n sparc/irq: Remove on-stack cpumask var\n sparc/srmmu: Remove on-stack cpumask var\n sparc: chmc: Convert to platform remove callback returning void\n sparc: parport: Convert to platform remove callback returning void\n sparc: Compare pointers to NULL instead of 0\n sparc: Use swap() to fix Coccinelle warning\n sparc32: Fix version generation failed warnings\n sparc64: Fix number of online CPUs\n sparc64: Fix prototype warning for sched_clock\n sparc64: Fix prototype warnings in adi_64.c\n sparc64: Fix prototype warning for dma_4v_iotsb_bind\n sparc64: Fix prototype warning for uprobe_trap\n sparc64: Fix prototype warning for alloc_irqstack_bootmem\n sparc64: Fix prototype warning for vmemmap_free\n sparc64: Fix prototype warnings in traps_64.c\n sparc64: Fix prototype warning for init_vdso_image\n sparc: move struct termio to asm/termios.h\n" }, { "commit": "2b7ced108e93b837f152841ac1f0bf45ed2a6b21", "tree": "84ab89bc9f4b9aeea5aeb4cdda438333333b37d5", "parents": [ "2ef32ad2241340565c35baf77fc95053c84eeeb0", "e92bee9f861b466c676f0200be3e46af7bc4ac6b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:09:22 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:09:22 2024 -0700" }, "message": "Merge tag \u0027arm64-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux\n\nPull arm64 fixes from Will Deacon:\n \"The major fix here is for a filesystem corruption issue reported on\n Apple M1 as a result of buggy management of the floating point\n register state introduced in 6.8. I initially reverted one of the\n offending patches, but in the end Ard cooked a proper fix so there\u0027s a\n revert+reapply in the series.\n\n Aside from that, we\u0027ve got some CPU errata workarounds and misc other\n fixes.\n\n - Fix broken FP register state tracking which resulted in filesystem\n corruption when dm-crypt is used\n\n - Workarounds for Arm CPU errata affecting the SSBS Spectre\n mitigation\n\n - Fix lockdep assertion in DMC620 memory controller PMU driver\n\n - Fix alignment of BUG table when CONFIG_DEBUG_BUGVERBOSE is\n disabled\"\n\n* tag \u0027arm64-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux:\n arm64/fpsimd: Avoid erroneous elide of user state reload\n Reapply \"arm64: fpsimd: Implement lazy restore for kernel mode FPSIMD\"\n arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY\n perf/arm-dmc620: Fix lockdep assert in -\u003eevent_init()\n Revert \"arm64: fpsimd: Implement lazy restore for kernel mode FPSIMD\"\n arm64: errata: Add workaround for Arm errata 3194386 and 3312417\n arm64: cputype: Add Neoverse-V3 definitions\n arm64: cputype: Add Cortex-X4 definitions\n arm64: barrier: Restore spec_bar() macro\n" }, { "commit": "2ef32ad2241340565c35baf77fc95053c84eeeb0", "tree": "672ed232affb09035e73e1ba3411be7f71d3289a", "parents": [ "c760b3725e52403dc1b28644fb09c47a83cacea6", "c8fae27d141a32a1624d0d0d5419d94252824498" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:04:36 2024 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 23 12:04:36 2024 -0700" }, "message": "Merge tag \u0027for_linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost\n\nPull virtio updates from Michael Tsirkin:\n \"Several new features here:\n\n - virtio-net is finally supported in vduse\n\n - virtio (balloon and mem) interaction with suspend is improved\n\n - vhost-scsi now handles signals better/faster\n\n And fixes, cleanups all over the place\"\n\n* tag \u0027for_linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost: (48 commits)\n virtio-pci: Check if is_avq is NULL\n virtio: delete vq in vp_find_vqs_msix() when request_irq() fails\n MAINTAINERS: add Eugenio Pérez as reviewer\n vhost-vdpa: Remove usage of the deprecated ida_simple_xx() API\n vp_vdpa: don\u0027t allocate unused msix vectors\n sound: virtio: drop owner assignment\n fuse: virtio: drop owner assignment\n scsi: virtio: drop owner assignment\n rpmsg: virtio: drop owner assignment\n nvdimm: virtio_pmem: drop owner assignment\n wifi: mac80211_hwsim: drop owner assignment\n vsock/virtio: drop owner assignment\n net: 9p: virtio: drop owner assignment\n net: virtio: drop owner assignment\n net: caif: virtio: drop owner assignment\n misc: nsm: drop owner assignment\n iommu: virtio: drop owner assignment\n drm/virtio: drop owner assignment\n gpio: virtio: drop owner assignment\n firmware: arm_scmi: virtio: drop owner assignment\n ...\n" }, { "commit": "88d68bbd07328aea6f6488b6803839970880492a", "tree": "52047b6501ddb12b026fed3f27eecb6af60206cb", "parents": [ "c760b3725e52403dc1b28644fb09c47a83cacea6" ], "author": { "name": "Palmer Dabbelt", "email": "palmer@rivosinc.com", "time": "Wed May 22 11:49:55 2024 -0700" }, "committer": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Thu May 23 19:57:12 2024 +0200" }, "message": "irqchip/riscv-imsic: Fixup riscv_ipi_set_virq_range() conflict\n\nThere was a semantic conflict between 21a8f8a0eb35 (\"irqchip: Add RISC-V\nincoming MSI controller early driver\") and dc892fb44322 (\"riscv: Use\nIPIs for remote cache/TLB flushes by default\") due to an API change.\nThis manifests as a build failure post-merge.\n\nFixes: 0bfbc914d943 (\"Merge tag \u0027riscv-for-linus-6.10-mw1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux\")\nReported-by: Tomasz Jeznach \u003ctjeznach@rivosinc.com\u003e\nSigned-off-by: Palmer Dabbelt \u003cpalmer@rivosinc.com\u003e\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nLink: https://lore.kernel.org/r/20240522184953.28531-3-palmer@rivosinc.com\nLink: https://lore.kernel.org/all/mhng-10b71228-cf3e-42ca-9abf-5464b15093f1@palmer-ri-x1c9/\n\n" }, { "commit": "6ca445d8af0ed5950ebf899415fd6bfcd7d9d7a3", "tree": "0927a03832641e507c08fbec6ed867cae878fc1c", "parents": [ "46cad6cd9b10ab14acf20e0779998f88c6e44c4f" ], "author": { "name": "Alexandre Ghiti", "email": "alexghiti@rivosinc.com", "time": "Thu May 23 13:51:34 2024 +0200" }, "committer": { "name": "Palmer Dabbelt", "email": "palmer@rivosinc.com", "time": "Thu May 23 08:22:17 2024 -0700" }, "message": "riscv: Fix early ftrace nop patching\n\nCommit c97bf629963e (\"riscv: Fix text patching when IPI are used\")\nconverted ftrace_make_nop() to use patch_insn_write() which does not\nemit any icache flush relying entirely on __ftrace_modify_code() to do\nthat.\n\nBut we missed that ftrace_make_nop() was called very early directly when\nconverting mcount calls into nops (actually on riscv it converts 2B nops\nemitted by the compiler into 4B nops).\n\nThis caused crashes on multiple HW as reported by Conor and Björn since\nthe booting core could have half-patched instructions in its icache\nwhich would trigger an illegal instruction trap: fix this by emitting a\nlocal flush icache when early patching nops.\n\nFixes: c97bf629963e (\"riscv: Fix text patching when IPI are used\")\nSigned-off-by: Alexandre Ghiti \u003calexghiti@rivosinc.com\u003e\nReported-by: Conor Dooley \u003cconor.dooley@microchip.com\u003e\nTested-by: Conor Dooley \u003cconor.dooley@microchip.com\u003e\nReviewed-by: Björn Töpel \u003cbjorn@rivosinc.com\u003e\nTested-by: Björn Töpel \u003cbjorn@rivosinc.com\u003e\nLink: https://lore.kernel.org/r/20240523115134.70380-1-alexghiti@rivosinc.com\nSigned-off-by: Palmer Dabbelt \u003cpalmer@rivosinc.com\u003e\n" }, { "commit": "df73757cf8f66fa54c4721c53b0916af3c4d9818", "tree": "0ba29096853e2965c02e229b30472f06ba80708b", "parents": [ "59c22f70b2951d81de410d477ae536ba951b4f37" ], "author": { "name": "Shuah Khan", "email": "skhan@linuxfoundation.org", "time": "Wed Apr 03 19:10:09 2024 -0600" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 10:46:01 2024 -0400" }, "message": "tools/latency-collector: Fix -Wformat-security compile warns\n\nFix the following -Wformat-security compile warnings adding missing\nformat arguments:\n\nlatency-collector.c: In function ‘show_available’:\nlatency-collector.c:938:17: warning: format not a string literal and\nno format arguments [-Wformat-security]\n 938 | warnx(no_tracer_msg);\n | ^~~~~\n\nlatency-collector.c:943:17: warning: format not a string literal and\nno format arguments [-Wformat-security]\n 943 | warnx(no_latency_tr_msg);\n | ^~~~~\n\nlatency-collector.c: In function ‘find_default_tracer’:\nlatency-collector.c:986:25: warning: format not a string literal and\nno format arguments [-Wformat-security]\n 986 | errx(EXIT_FAILURE, no_tracer_msg);\n |\n ^~~~\nlatency-collector.c: In function ‘scan_arguments’:\nlatency-collector.c:1881:33: warning: format not a string literal and\nno format arguments [-Wformat-security]\n 1881 | errx(EXIT_FAILURE, no_tracer_msg);\n | ^~~~\n\nLink: https://lore.kernel.org/linux-trace-kernel/20240404011009.32945-1-skhan@linuxfoundation.org\n\nCc: stable@vger.kernel.org\nFixes: e23db805da2df (\"tracing/tools: Add the latency-collector to tools directory\")\nSigned-off-by: Shuah Khan \u003cskhan@linuxfoundation.org\u003e\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "c71e3a5cffd5309d7f84444df03d5b72600cc417", "tree": "db28cb32550f6e6f436ebb215cc495079400ff48", "parents": [ "3d8597d8d7d9b3faffe0f2361032123ee6c09c02" ], "author": { "name": "Ken Milmore", "email": "ken.milmore@gmail.com", "time": "Tue May 21 23:45:50 2024 +0100" }, "committer": { "name": "Paolo Abeni", "email": "pabeni@redhat.com", "time": "Thu May 23 15:45:32 2024 +0200" }, "message": "r8169: Fix possible ring buffer corruption on fragmented Tx packets.\n\nAn issue was found on the RTL8125b when transmitting small fragmented\npackets, whereby invalid entries were inserted into the transmit ring\nbuffer, subsequently leading to calls to dma_unmap_single() with a null\naddress.\n\nThis was caused by rtl8169_start_xmit() not noticing changes to nr_frags\nwhich may occur when small packets are padded (to work around hardware\nquirks) in rtl8169_tso_csum_v2().\n\nTo fix this, postpone inspecting nr_frags until after any padding has been\napplied.\n\nFixes: 9020845fb5d6 (\"r8169: improve rtl8169_start_xmit\")\nCc: stable@vger.kernel.org\nSigned-off-by: Ken Milmore \u003cken.milmore@gmail.com\u003e\nReviewed-by: Heiner Kallweit \u003chkallweit1@gmail.com\u003e\nLink: https://lore.kernel.org/r/27ead18b-c23d-4f49-a020-1fc482c5ac95@gmail.com\nSigned-off-by: Paolo Abeni \u003cpabeni@redhat.com\u003e\n" }, { "commit": "2dd00ac1d38afba1b59e439abc300a9b0ce696bf", "tree": "b59d5ea0a6938e8335a3cce341d4391b6e0916c2", "parents": [ "6e3d7c903c3e82d626f1bc32c790fc86a179d14c" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Wed May 22 12:49:46 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:31:50 2024 -0400" }, "message": "eventfs: Do not use attributes for events directory\n\nThe top \"events\" directory has a static inode (it\u0027s created when it is and\nremoved when the directory is removed). There\u0027s no need to use the events\nei-\u003eattr to determine its permissions. But it is used for saving the\npermissions of the \"events\" directory for when it is created, as that is\nneeded for the default permissions for the files and directories\nunderneath it.\n\nFor example:\n\n # cd /sys/kernel/tracing\n # mkdir instances/foo\n # chown 1001 instances/foo/events\n\nThe files under instances/foo/events should still have the same owner as\ninstances/foo (which the instances/foo/events ei-\u003eattr will hold), but the\nevents directory now has owner 1001.\n\nLink: https://lore.kernel.org/lkml/20240522165032.104981011@goodmis.org\n\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "6e3d7c903c3e82d626f1bc32c790fc86a179d14c", "tree": "10c5f6949d00ab87745742b6de6bff28a95d611d", "parents": [ "37cd0d1266971942f5cda3e4ca1c6fb005635b14" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Wed May 22 12:49:45 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:31:50 2024 -0400" }, "message": "eventfs: Cleanup permissions in creation of inodes\n\nThe permissions being set during the creation of the inodes was updating\neventfs_inode attributes as well. Those attributes should only be touched\nby the setattr or remount operations, not during the creation of inodes.\nThe eventfs_inode attributes should only be used to set the inodes and\nshould not be modified during the inode creation.\n\nSimplify the code and fix the situation by:\n\n 1) Removing the eventfs_find_events() and doing a simple lookup for\n the events descriptor in eventfs_get_inode()\n\n 2) Remove update_events_attr() as the attributes should only be used\n to update the inode and should not be modified here.\n\n 3) Add update_inode_attr() that uses the attributes to determine what\n the inode permissions should be.\n\n 4) As the parent_inode of the eventfs_root_inode structure is no longer\n needed, remove it.\n\nNow on creation, the inode gets the proper permissions without causing\nside effects to the ei-\u003eattr field.\n\nLink: https://lore.kernel.org/lkml/20240522165031.944088388@goodmis.org\n\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "37cd0d1266971942f5cda3e4ca1c6fb005635b14", "tree": "c62ddac2c50fdcc26104a7314b27b125e6dad08b", "parents": [ "625acf9d5e56e10b92636003df7f5bddb21a7a34" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Wed May 22 12:49:44 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:27:25 2024 -0400" }, "message": "eventfs: Remove getattr and permission callbacks\n\nNow that inodes have their permissions updated on remount, the only other\nplaces to update the inode permissions are when they are created and in\nthe setattr callback. The getattr and permission callbacks are not needed\nas the inodes should already be set at their proper settings.\n\nRemove the callbacks, as it not only simplifies the code, but also allows\nmore flexibility to fix the inconsistencies with various corner cases\n(like changing the permission of an instance directory).\n\nLink: https://lore.kernel.org/lkml/20240522165031.782066021@goodmis.org\n\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "625acf9d5e56e10b92636003df7f5bddb21a7a34", "tree": "345592304b95bd9fbbfaadcaecd99ca7cf2ff3a5", "parents": [ "0bcfd9aa4dafa03b88d68bf66b694df2a3e76cf3" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Wed May 22 12:49:43 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:27:25 2024 -0400" }, "message": "eventfs: Consolidate the eventfs_inode update in eventfs_get_inode()\n\nTo simplify the code, create a eventfs_get_inode() that is used when an\neventfs file or directory is created. Have the internal tracefs_inode\nupdated the appropriate flags in this function and update the inode\u0027s\nmode as well.\n\nLink: https://lore.kernel.org/lkml/20240522165031.624864160@goodmis.org\n\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "0bcfd9aa4dafa03b88d68bf66b694df2a3e76cf3", "tree": "0b77943283264c2a3e7fa76816bf464c35b2fa45", "parents": [ "340f0c7067a95281ad13734f8225f49c6cf52067" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 01:14:29 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:26:24 2024 -0400" }, "message": "tracefs: Clear EVENT_INODE flag in tracefs_drop_inode()\n\nWhen the inode is being dropped from the dentry, the TRACEFS_EVENT_INODE\nflag needs to be cleared to prevent a remount from calling\neventfs_remount() on the tracefs_inode private data. There\u0027s a race\nbetween the inode is dropped (and the dentry freed) to where the inode is\nactually freed. If a remount happens between the two, the eventfs_inode\ncould be accessed after it is freed (only the dentry keeps a ref count on\nit).\n\nCurrently the TRACEFS_EVENT_INODE flag is cleared from the dentry iput()\nfunction. But this is incorrect, as it is possible that the inode has\nanother reference to it. The flag should only be cleared when the inode is\nreally being dropped and has no more references. That happens in the\ndrop_inode callback of the inode, as that gets called when the last\nreference of the inode is released.\n\nRemove the tracefs_d_iput() function and move its logic to the more\nappropriate tracefs_drop_inode() callback function.\n\nLink: https://lore.kernel.org/linux-trace-kernel/20240523051539.908205106@goodmis.org\n\nCc: stable@vger.kernel.org\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nCc: Masahiro Yamada \u003cmasahiroy@kernel.org\u003e\nFixes: baa23a8d4360d (\"tracefs: Reset permissions on remount if permissions are options\")\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "340f0c7067a95281ad13734f8225f49c6cf52067", "tree": "fc60cb5f28f94745bcdf30d51d89487f69da87b8", "parents": [ "27c046484382d78b4abb0a6e9905a20121af9b35" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 01:14:28 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:26:23 2024 -0400" }, "message": "eventfs: Update all the eventfs_inodes from the events descriptor\n\nThe change to update the permissions of the eventfs_inode had the\nmisconception that using the tracefs_inode would find all the\neventfs_inodes that have been updated and reset them on remount.\nThe problem with this approach is that the eventfs_inodes are freed when\nthey are no longer used (basically the reason the eventfs system exists).\nWhen they are freed, the updated eventfs_inodes are not reset on a remount\nbecause their tracefs_inodes have been freed.\n\nInstead, since the events directory eventfs_inode always has a\ntracefs_inode pointing to it (it is not freed when finished), and the\nevents directory has a link to all its children, have the\neventfs_remount() function only operate on the events eventfs_inode and\nhave it descend into its children updating their uid and gids.\n\nLink: https://lore.kernel.org/all/CAK7LNARXgaWw3kH9JgrnH4vK6fr8LDkNKf3wq8NhMWJrVwJyVQ@mail.gmail.com/\nLink: https://lore.kernel.org/linux-trace-kernel/20240523051539.754424703@goodmis.org\n\nCc: stable@vger.kernel.org\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nFixes: baa23a8d4360d (\"tracefs: Reset permissions on remount if permissions are options\")\nReported-by: Masahiro Yamada \u003cmasahiroy@kernel.org\u003e\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "27c046484382d78b4abb0a6e9905a20121af9b35", "tree": "528437bad0c0d868827c82b8c4b7acd85dac1960", "parents": [ "8898e7f288c47d450a3cf1511c791a03550c0789" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 01:14:27 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:26:23 2024 -0400" }, "message": "tracefs: Update inode permissions on remount\n\nWhen a remount happens, if a gid or uid is specified update the inodes to\nhave the same gid and uid. This will allow the simplification of the\npermissions logic for the dynamically created files and directories.\n\nLink: https://lore.kernel.org/linux-trace-kernel/20240523051539.592429986@goodmis.org\n\nCc: stable@vger.kernel.org\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nCc: Masahiro Yamada \u003cmasahiroy@kernel.org\u003e\nFixes: baa23a8d4360d (\"tracefs: Reset permissions on remount if permissions are options\")\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "8898e7f288c47d450a3cf1511c791a03550c0789", "tree": "388763faa34d66c942598c29b4ea2fa8093ee4d2", "parents": [ "fa3889d970da8f95bdd90fb5a07d521810be5678" ], "author": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 01:14:26 2024 -0400" }, "committer": { "name": "Steven Rostedt (Google)", "email": "rostedt@goodmis.org", "time": "Thu May 23 09:26:23 2024 -0400" }, "message": "eventfs: Keep the directories from having the same inode number as files\n\nThe directories require unique inode numbers but all the eventfs files\nhave the same inode number. Prevent the directories from having the same\ninode numbers as the files as that can confuse some tooling.\n\nLink: https://lore.kernel.org/linux-trace-kernel/20240523051539.428826685@goodmis.org\n\nCc: stable@vger.kernel.org\nCc: Masami Hiramatsu \u003cmhiramat@kernel.org\u003e\nCc: Mark Rutland \u003cmark.rutland@arm.com\u003e\nCc: Mathieu Desnoyers \u003cmathieu.desnoyers@efficios.com\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nCc: Masahiro Yamada \u003cmasahiroy@kernel.org\u003e\nFixes: 834bf76add3e6 (\"eventfs: Save directory inodes in the eventfs_inode structure\")\nSigned-off-by: Steven Rostedt (Google) \u003crostedt@goodmis.org\u003e\n" }, { "commit": "a2db328b0839312c169eb42746ec46fc1ab53ed2", "tree": "8a6261de75bb2109d624c056495166adeae37592", "parents": [ "4a482e691c8b8a188b1ea3d6a80180e9fa925fd0" ], "author": { "name": "Yu Kuai", "email": "yukuai3@huawei.com", "time": "Thu May 23 23:39:34 2024 +0800" }, "committer": { "name": "Jens Axboe", "email": "axboe@kernel.dk", "time": "Thu May 23 06:58:13 2024 -0600" }, "message": "null_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027\n\nWriting \u0027power\u0027 and \u0027submit_queues\u0027 concurrently will trigger kernel\npanic:\n\nTest script:\n\nmodprobe null_blk nr_devices\u003d0\nmkdir -p /sys/kernel/config/nullb/nullb0\nwhile true; do echo 1 \u003e submit_queues; echo 4 \u003e submit_queues; done \u0026\nwhile true; do echo 1 \u003e power; echo 0 \u003e power; done\n\nTest result:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000148\nOops: 0000 [#1] PREEMPT SMP\nRIP: 0010:__lock_acquire+0x41d/0x28f0\nCall Trace:\n \u003cTASK\u003e\n lock_acquire+0x121/0x450\n down_write+0x5f/0x1d0\n simple_recursive_removal+0x12f/0x5c0\n blk_mq_debugfs_unregister_hctxs+0x7c/0x100\n blk_mq_update_nr_hw_queues+0x4a3/0x720\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_submit_queues_store+0x79/0xf0 [null_blk]\n configfs_write_iter+0x119/0x1e0\n vfs_write+0x326/0x730\n ksys_write+0x74/0x150\n\nThis is because del_gendisk() can concurrent with\nblk_mq_update_nr_hw_queues():\n\nnullb_device_power_store\tnullb_apply_submit_queues\n null_del_dev\n del_gendisk\n\t\t\t\t nullb_update_nr_hw_queues\n\t\t\t\t if (!dev-\u003enullb)\n\t\t\t\t // still set while gendisk is deleted\n\t\t\t\t return 0\n\t\t\t\t blk_mq_update_nr_hw_queues\n dev-\u003enullb \u003d NULL\n\nFix this problem by resuing the global mutex to protect\nnullb_device_power_store() and nullb_update_nr_hw_queues() from configfs.\n\nFixes: 45919fbfe1c4 (\"null_blk: Enable modifying \u0027submit_queues\u0027 after an instance has been configured\")\nReported-and-tested-by: Yi Zhang \u003cyi.zhang@redhat.com\u003e\nCloses: https://lore.kernel.org/all/CAHj4cs9LgsHLnjg8z06LQ3Pr5cax-+Ps+xT7AP7TPnEjStuwZA@mail.gmail.com/\nSigned-off-by: Yu Kuai \u003cyukuai3@huawei.com\u003e\nReviewed-by: Zhu Yanjun \u003cyanjun.zhu@linux.dev\u003e\nLink: https://lore.kernel.org/r/20240523153934.1937851-1-yukuai1@huaweicloud.com\nSigned-off-by: Jens Axboe \u003caxboe@kernel.dk\u003e\n" }, { "commit": "46cad6cd9b10ab14acf20e0779998f88c6e44c4f", "tree": "33668151b2ecfda1ae1556bbdb260710c8bdf955", "parents": [ "c6c901b7d9833514eccbc39572e55c7d81397a3c" ], "author": { "name": "Palmer Dabbelt", "email": "palmer@rivosinc.com", "time": "Wed May 22 11:49:55 2024 -0700" }, "committer": { "name": "Palmer Dabbelt", "email": "palmer@rivosinc.com", "time": "Thu May 23 04:48:40 2024 -0700" }, "message": "irqchip: riscv-imsic: Fixup riscv_ipi_set_virq_range() conflict\n\nThere was a semantic conflict between 21a8f8a0eb35 (\"irqchip: Add RISC-V\nincoming MSI controller early driver\") and dc892fb44322 (\"riscv: Use\nIPIs for remote cache/TLB flushes by default\") due to an API change.\nThis manifests as a build failure post-merge.\n\nReported-by: Tomasz Jeznach \u003ctjeznach@rivosinc.com\u003e\nLink: https://lore.kernel.org/all/mhng-10b71228-cf3e-42ca-9abf-5464b15093f1@palmer-ri-x1c9/\nFixes: 0bfbc914d943 (\"Merge tag \u0027riscv-for-linus-6.10-mw1\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux\")\nReviewed-by: Anup Patel \u003canup@brainfault.org\u003e\nLink: https://lore.kernel.org/r/20240522184953.28531-3-palmer@rivosinc.com\nSigned-off-by: Palmer Dabbelt \u003cpalmer@rivosinc.com\u003e\n" } ], "next": "d001e978c1c45b25d823489171151d13fd28ef4e" }