Merge keystone/mirror-android12-5.10 into keystone/android12-5.10-keystone-qcom-dev
* keystone/mirror-android12-5.10:
ANDROID: GKI: Update abi_gki_aarch64_qcom for balance reclaim symbols
ANDROID: GKI: Add initial symbol list for i.MX
UPSTREAM: af_unix: fix garbage collect vs MSG_PEEK
ANDROID: Update symbol list for mtk
UPSTREAM: cfi: Use rcu_read_{un}lock_sched_notrace
ANDROID: GKI: Update symbols to abi_gki_aarch64_oplus
ANDROID: xt_quota2: remove trailing junk which might have a digit in it
ANDROID: xt_quota2: clear quota2_log message before sending
ANDROID: xt_quota2: set usersize in xt_match registration object
Signed-off-by: Haamed Gheibi <haamed@google.com>
Bug: 175415908
Bug: 194108974
Bug: 194223154
Bug: 196046570
Bug: 196926917
Bug: 197069923
Bug: 197173550
Change-Id: Ifc3cea113a61a263356caab2e759f55bf82ac70f
This commit is contained in:
Haamed Gheibi
commit
116db916e8
File diff suppressed because it is too large
Load Diff
1860
android/abi_gki_aarch64_imx
Normal file
1860
android/abi_gki_aarch64_imx
Normal file
File diff suppressed because it is too large
Load Diff
@ -1923,6 +1923,9 @@
|
||||
__traceiter_android_vh_exit_creds
|
||||
__traceiter_android_vh_fill_ext_fmtdesc
|
||||
__traceiter_android_vh_finish_update_load_avg_se
|
||||
__traceiter_android_vh_freq_qos_add_request
|
||||
__traceiter_android_vh_freq_qos_update_request
|
||||
__traceiter_android_vh_freq_qos_remove_request
|
||||
__traceiter_android_vh_iommu_alloc_iova
|
||||
__traceiter_android_vh_iommu_free_iova
|
||||
__traceiter_android_vh_ipv6_gen_linklocal_addr
|
||||
@ -1996,6 +1999,9 @@
|
||||
__tracepoint_android_vh_exit_creds
|
||||
__tracepoint_android_vh_fill_ext_fmtdesc
|
||||
__tracepoint_android_vh_finish_update_load_avg_se
|
||||
__tracepoint_android_vh_freq_qos_add_request
|
||||
__tracepoint_android_vh_freq_qos_update_request
|
||||
__tracepoint_android_vh_freq_qos_remove_request
|
||||
__tracepoint_android_vh_iommu_alloc_iova
|
||||
__tracepoint_android_vh_iommu_free_iova
|
||||
__tracepoint_android_vh_ipv6_gen_linklocal_addr
|
||||
|
||||
@ -171,6 +171,7 @@
|
||||
config_group_init_type_name
|
||||
config_item_get
|
||||
config_item_put
|
||||
console_printk
|
||||
console_stop
|
||||
console_suspend_enabled
|
||||
__const_udelay
|
||||
@ -848,6 +849,7 @@
|
||||
kmem_cache_free
|
||||
kmemdup
|
||||
kmemdup_nul
|
||||
kmsg_dump_get_line
|
||||
kobject_add
|
||||
kobject_create_and_add
|
||||
kobject_del
|
||||
@ -1474,6 +1476,7 @@
|
||||
sdhci_set_bus_width
|
||||
sdhci_set_power_noreg
|
||||
sdhci_setup_host
|
||||
send_sig_info
|
||||
seq_buf_printf
|
||||
seq_lseek
|
||||
seq_open
|
||||
|
||||
@ -2512,6 +2512,7 @@
|
||||
__traceiter_android_rvh_schedule_bug
|
||||
__traceiter_android_rvh_select_task_rq_fair
|
||||
__traceiter_android_rvh_select_task_rq_rt
|
||||
__traceiter_android_rvh_set_balance_anon_file_reclaim
|
||||
__traceiter_android_rvh_set_gfp_zone_flags
|
||||
__traceiter_android_rvh_set_readahead_gfp_mask
|
||||
__traceiter_android_rvh_set_skip_swapcache_flags
|
||||
@ -2621,6 +2622,7 @@
|
||||
__tracepoint_android_rvh_schedule_bug
|
||||
__tracepoint_android_rvh_select_task_rq_fair
|
||||
__tracepoint_android_rvh_select_task_rq_rt
|
||||
__tracepoint_android_rvh_set_balance_anon_file_reclaim
|
||||
__tracepoint_android_rvh_set_gfp_zone_flags
|
||||
__tracepoint_android_rvh_set_readahead_gfp_mask
|
||||
__tracepoint_android_rvh_set_skip_swapcache_flags
|
||||
|
||||
@ -18,6 +18,7 @@ android/abi_gki_aarch64_fips140
|
||||
android/abi_gki_aarch64_galaxy
|
||||
android/abi_gki_aarch64_generic
|
||||
android/abi_gki_aarch64_hikey960
|
||||
android/abi_gki_aarch64_imx
|
||||
android/abi_gki_aarch64_mtk
|
||||
android/abi_gki_aarch64_oplus
|
||||
android/abi_gki_aarch64_qcom
|
||||
|
||||
@ -251,9 +251,9 @@ static inline cfi_check_fn __find_shadow_check_fn(unsigned long ptr)
|
||||
{
|
||||
cfi_check_fn fn;
|
||||
|
||||
rcu_read_lock_sched();
|
||||
rcu_read_lock_sched_notrace();
|
||||
fn = ptr_to_check_fn(rcu_dereference_sched(cfi_shadow), ptr);
|
||||
rcu_read_unlock_sched();
|
||||
rcu_read_unlock_sched_notrace();
|
||||
|
||||
return fn;
|
||||
}
|
||||
@ -272,11 +272,11 @@ static inline cfi_check_fn __find_module_check_fn(unsigned long ptr)
|
||||
cfi_check_fn fn = NULL;
|
||||
struct module *mod;
|
||||
|
||||
rcu_read_lock_sched();
|
||||
rcu_read_lock_sched_notrace();
|
||||
mod = __module_address(ptr);
|
||||
if (mod)
|
||||
fn = mod->cfi_check;
|
||||
rcu_read_unlock_sched();
|
||||
rcu_read_unlock_sched_notrace();
|
||||
|
||||
return fn;
|
||||
}
|
||||
|
||||
@ -106,23 +106,16 @@ static void quota2_log(unsigned int hooknum,
|
||||
return;
|
||||
}
|
||||
pm = nlmsg_data(nlh);
|
||||
memset(pm, 0, sizeof(*pm));
|
||||
if (skb->tstamp == 0)
|
||||
__net_timestamp((struct sk_buff *)skb);
|
||||
pm->data_len = 0;
|
||||
pm->hook = hooknum;
|
||||
if (prefix != NULL)
|
||||
strlcpy(pm->prefix, prefix, sizeof(pm->prefix));
|
||||
else
|
||||
*(pm->prefix) = '\0';
|
||||
if (in)
|
||||
strlcpy(pm->indev_name, in->name, sizeof(pm->indev_name));
|
||||
else
|
||||
pm->indev_name[0] = '\0';
|
||||
|
||||
if (out)
|
||||
strlcpy(pm->outdev_name, out->name, sizeof(pm->outdev_name));
|
||||
else
|
||||
pm->outdev_name[0] = '\0';
|
||||
|
||||
NETLINK_CB(log_skb).dst_group = 1;
|
||||
pr_debug("throwing 1 packets to netlink group 1\n");
|
||||
@ -162,6 +155,8 @@ static ssize_t quota_proc_write(struct file *file, const char __user *input,
|
||||
if (copy_from_user(buf, input, size) != 0)
|
||||
return -EFAULT;
|
||||
buf[sizeof(buf)-1] = '\0';
|
||||
if (size < sizeof(buf))
|
||||
buf[size] = '\0';
|
||||
|
||||
spin_lock_bh(&e->lock);
|
||||
e->quota = simple_strtoull(buf, NULL, 0);
|
||||
@ -348,6 +343,7 @@ static struct xt_match quota_mt2_reg[] __read_mostly = {
|
||||
.match = quota_mt2,
|
||||
.destroy = quota_mt2_destroy,
|
||||
.matchsize = sizeof(struct xt_quota_mtinfo2),
|
||||
.usersize = offsetof(struct xt_quota_mtinfo2, master),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
{
|
||||
@ -358,6 +354,7 @@ static struct xt_match quota_mt2_reg[] __read_mostly = {
|
||||
.match = quota_mt2,
|
||||
.destroy = quota_mt2_destroy,
|
||||
.matchsize = sizeof(struct xt_quota_mtinfo2),
|
||||
.usersize = offsetof(struct xt_quota_mtinfo2, master),
|
||||
.me = THIS_MODULE,
|
||||
},
|
||||
};
|
||||
|
||||
@ -1520,6 +1520,53 @@ static int unix_getname(struct socket *sock, struct sockaddr *uaddr, int peer)
|
||||
return err;
|
||||
}
|
||||
|
||||
static void unix_peek_fds(struct scm_cookie *scm, struct sk_buff *skb)
|
||||
{
|
||||
scm->fp = scm_fp_dup(UNIXCB(skb).fp);
|
||||
|
||||
/*
|
||||
* Garbage collection of unix sockets starts by selecting a set of
|
||||
* candidate sockets which have reference only from being in flight
|
||||
* (total_refs == inflight_refs). This condition is checked once during
|
||||
* the candidate collection phase, and candidates are marked as such, so
|
||||
* that non-candidates can later be ignored. While inflight_refs is
|
||||
* protected by unix_gc_lock, total_refs (file count) is not, hence this
|
||||
* is an instantaneous decision.
|
||||
*
|
||||
* Once a candidate, however, the socket must not be reinstalled into a
|
||||
* file descriptor while the garbage collection is in progress.
|
||||
*
|
||||
* If the above conditions are met, then the directed graph of
|
||||
* candidates (*) does not change while unix_gc_lock is held.
|
||||
*
|
||||
* Any operations that changes the file count through file descriptors
|
||||
* (dup, close, sendmsg) does not change the graph since candidates are
|
||||
* not installed in fds.
|
||||
*
|
||||
* Dequeing a candidate via recvmsg would install it into an fd, but
|
||||
* that takes unix_gc_lock to decrement the inflight count, so it's
|
||||
* serialized with garbage collection.
|
||||
*
|
||||
* MSG_PEEK is special in that it does not change the inflight count,
|
||||
* yet does install the socket into an fd. The following lock/unlock
|
||||
* pair is to ensure serialization with garbage collection. It must be
|
||||
* done between incrementing the file count and installing the file into
|
||||
* an fd.
|
||||
*
|
||||
* If garbage collection starts after the barrier provided by the
|
||||
* lock/unlock, then it will see the elevated refcount and not mark this
|
||||
* as a candidate. If a garbage collection is already in progress
|
||||
* before the file count was incremented, then the lock/unlock pair will
|
||||
* ensure that garbage collection is finished before progressing to
|
||||
* installing the fd.
|
||||
*
|
||||
* (*) A -> B where B is on the queue of A or B is on the queue of C
|
||||
* which is on the queue of listening socket A.
|
||||
*/
|
||||
spin_lock(&unix_gc_lock);
|
||||
spin_unlock(&unix_gc_lock);
|
||||
}
|
||||
|
||||
static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool send_fds)
|
||||
{
|
||||
int err = 0;
|
||||
@ -2169,7 +2216,7 @@ static int unix_dgram_recvmsg(struct socket *sock, struct msghdr *msg,
|
||||
sk_peek_offset_fwd(sk, size);
|
||||
|
||||
if (UNIXCB(skb).fp)
|
||||
scm.fp = scm_fp_dup(UNIXCB(skb).fp);
|
||||
unix_peek_fds(&scm, skb);
|
||||
}
|
||||
err = (flags & MSG_TRUNC) ? skb->len - skip : size;
|
||||
|
||||
@ -2412,7 +2459,7 @@ static int unix_stream_read_generic(struct unix_stream_read_state *state,
|
||||
/* It is questionable, see note in unix_dgram_recvmsg.
|
||||
*/
|
||||
if (UNIXCB(skb).fp)
|
||||
scm.fp = scm_fp_dup(UNIXCB(skb).fp);
|
||||
unix_peek_fds(&scm, skb);
|
||||
|
||||
sk_peek_offset_fwd(sk, chunk);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user