android_kernel_xiaomi_sm8450

Author	SHA1	Message	Date
Greg Kroah-Hartman	570621d64f	Merge 5.10.168 into android12-5.10-lts Changes in 5.10.168 firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() bpf: Fix incorrect state pruning for <8B spill/fill powerpc/imc-pmu: Revert nest_init_lock to being a mutex bpf: Fix a possible task gone issue with bpf_send_signal[_thread]() helpers ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() bpf: Support <8-byte scalar spill and refill bpf: Fix to preserve reg parent/live fields when copying range info bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX drm/vc4: hdmi: make CEC adapter name unique scsi: Revert "scsi: core: map PQ=1, PDT=other values to SCSI_SCAN_TARGET_PRESENT" vhost/net: Clear the pending messages when the backend is removed WRITE is "data source", not destination... READ is "data destination", not source... fix iov_iter_bvec() "direction" argument fix "direction" argument of iov_iter_kvec() virtio-net: execute xdp_do_flush() before napi_complete_done() sfc: correctly advertise tunneled IPv6 segmentation net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices netrom: Fix use-after-free caused by accept on already connected socket netfilter: br_netfilter: disable sabotage_in hook after first suppression squashfs: harden sanity check in squashfs_read_xattr_id_table net: phy: meson-gxl: Add generic dummy stubs for MMD register access igc: return an error if the mac type is unknown in igc_ptp_systim_to_hwtstamp() can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate ata: libata: Fix sata_down_spd_limit() when no link speed is reported selftests: net: udpgso_bench_rx: Fix 'used uninitialized' compiler warning selftests: net: udpgso_bench_rx/tx: Stop when wrong CLI args are provided selftests: net: udpgso_bench: Fix racing bug between the rx/tx programs selftests: net: udpgso_bench_tx: Cater for pending datagrams zerocopy benchmarking virtio-net: Keep stop() to follow mirror sequence of open() net: openvswitch: fix flow memory leak in ovs_flow_cmd_new efi: fix potential NULL deref in efi_mem_reserve_persistent qede: add netpoll support for qede driver qede: execute xdp_do_flush() before napi_complete_done() i2c: mxs: suppress probe-deferral error message scsi: target: core: Fix warning on RT kernels scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress i2c: rk3x: fix a bunch of kernel-doc warnings platform/x86: dell-wmi: Add a keymap for KEY_MUTE in type 0x0010 table net/x25: Fix to not accept on connected socket iio: adc: stm32-dfsdm: fill module aliases usb: dwc3: dwc3-qcom: Fix typo in the dwc3 vbus override API usb: dwc3: qcom: enable vbus override when in OTG dr-mode usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF Input: i8042 - move __initconst to fix code styling warning Input: i8042 - merge quirk tables Input: i8042 - add TUXEDO devices to i8042 quirk tables Input: i8042 - add Clevo PCX0DX to i8042 quirk table fbcon: Check font dimension limits net: qrtr: free memory on error path in radix_tree_insert() watchdog: diag288_wdt: do not use stack buffers for hardware data watchdog: diag288_wdt: fix __diag288() inline assembly ALSA: hda/realtek: Add Acer Predator PH315-54 efi: Accept version 2 of memory attributes table iio: hid: fix the retval in accel_3d_capture_sample iio: adc: berlin2-adc: Add missing of_node_put() in error path iio:adc:twl6030: Enable measurements of VUSB, VBAT and others iio: imu: fxos8700: fix ACCEL measurement range selection iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback iio: imu: fxos8700: fix IMU data bits returned to user space iio: imu: fxos8700: fix map label of channel type to MAGN sensor iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback iio: imu: fxos8700: fix incorrect ODR mode readback iio: imu: fxos8700: fix failed initialization ODR mode assignment iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN iio: imu: fxos8700: fix MAGN sensor scale and unit nvmem: qcom-spmi-sdam: fix module autoloading parisc: Fix return code of pdc_iodc_print() parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case riscv: disable generation of unwind tables mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps x86/debug: Fix stack recursion caused by wrongly ordered DR7 accesses fpga: stratix10-soc: Fix return value check in s10_ops_write_init() mm/swapfile: add cond_resched() in get_swap_pages() Squashfs: fix handling and sanity checking of xattr_ids count drm/i915: Fix potential bit_17 double-free nvmem: core: initialise nvmem->id early nvmem: core: fix cell removal on error serial: 8250_dma: Fix DMA Rx completion race serial: 8250_dma: Fix DMA Rx rearm race fbdev: smscufx: fix error handling code in ufx_usb_probe f2fs: fix to do sanity check on i_extra_isize in is_alive() wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads nvmem: core: Fix a conflict between MTD and NVMEM on wp-gpios property bpf: Do not reject when the stack read size is different from the tracked scalar size iio:adc:twl6030: Enable measurement of VAC mm/migration: return errno when isolate_huge_page failed migrate: hugetlb: check for hugetlb shared PMD in node migration btrfs: limit device extents to the device size btrfs: zlib: zero-initialize zlib workspace ALSA: hda/realtek: Add Positivo N14KP6-TG ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control() ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book2 Pro 360 tracing: Fix poll() and select() do not work on per_cpu trace_pipe and trace_pipe_raw of/address: Return an error when no valid dma-ranges are found can: j1939: do not wait 250 ms if the same addr was already claimed xfrm: compat: change expression for switch in xfrm_xlate64 IB/hfi1: Restore allocated resources on failed copyout xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() IB/IPoIB: Fix legacy IPoIB due to wrong number of queues RDMA/usnic: use iommu_map_atomic() under spin_lock() xfrm: fix bug with DSCP copy to v6 from v4 tunnel bonding: fix error checking in bond_debug_reregister() net: phy: meson-gxl: use MMD access dummy stubs for GXL, internal PHY ionic: clean interrupt before enabling queue to avoid credit race uapi: add missing ip/ipv6 header dependencies for linux/stddef.h ice: Do not use WQ_MEM_RECLAIM flag for workqueue net: mscc: ocelot: fix VCAP filters not matching on MAC with "protocol 802.1Q" net/mlx5e: IPoIB, Show unknown speed instead of error net/mlx5: fw_tracer, Clear load bit when freeing string DBs buffers net/mlx5: fw_tracer, Zero consumer index when reloading the tracer rds: rds_rm_zerocopy_callback() use list_first_entry() selftests: forwarding: lib: quote the sysctl values ALSA: pci: lx6464es: fix a debug loop pinctrl: aspeed: Fix confusing types in return value pinctrl: single: fix potential NULL dereference spi: dw: Fix wrong FIFO level setting for long xfers pinctrl: intel: Restore the pins that used to be in Direct IRQ mode cifs: Fix use-after-free in rdata->read_into_pages() net: USB: Fix wrong-direction WARNING in plusb.c btrfs: free device in btrfs_close_devices for a single device filesystem usb: core: add quirk for Alcor Link AK9563 smartcard reader usb: typec: altmodes/displayport: Fix probe pin assign check ceph: flush cap releases when the session is flushed riscv: Fixup race condition on PG_dcache_clean in flush_icache_pte arm64: dts: meson-gx: Make mmc host controller interrupts level-sensitive arm64: dts: meson-g12-common: Make mmc host controller interrupts level-sensitive arm64: dts: meson-axg: Make mmc host controller interrupts level-sensitive Fix page corruption caused by racy check in __free_pages Linux 5.10.168 Change-Id: I98d1e73edfaab3ce45c15283ae0964527d5e547e Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>	2023-02-17 15:23:41 +00:00
Mike Kravetz	dbe5a11954	migrate: hugetlb: check for hugetlb shared PMD in node migration [ Upstream commit 73bdf65ea74857d7fb2ec3067a3cec0e261b1462 ] migrate_pages/mempolicy semantics state that CAP_SYS_NICE is required to move pages shared with another process to a different node. page_mapcount > 1 is being used to determine if a hugetlb page is shared. However, a hugetlb page will have a mapcount of 1 if mapped by multiple processes via a shared PMD. As a result, hugetlb pages shared by multiple processes and mapped with a shared PMD can be moved by a process without CAP_SYS_NICE. To fix, check for a shared PMD if mapcount is 1. If a shared PMD is found consider the page shared. Link: https://lkml.kernel.org/r/20230126222721.222195-3-mike.kravetz@oracle.com Fixes: `e2d8cf4055` ("migrate: add hugepage migration code to migrate_pages()") Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com> Acked-by: Peter Xu <peterx@redhat.com> Acked-by: David Hildenbrand <david@redhat.com> Cc: James Houghton <jthoughton@google.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Michal Hocko <mhocko@suse.com> Cc: Muchun Song <songmuchun@bytedance.com> Cc: Naoya Horiguchi <naoya.horiguchi@linux.dev> Cc: Vishal Moola (Oracle) <vishal.moola@gmail.com> Cc: Yang Shi <shy828301@gmail.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org>	2023-02-15 17:22:21 +01:00
Miaohe Lin	97a5104d64	mm/migration: return errno when isolate_huge_page failed [ Upstream commit 7ce82f4c3f3ead13a9d9498768e3b1a79975c4d8 ] We might fail to isolate huge page due to e.g. the page is under migration which cleared HPageMigratable. We should return errno in this case rather than always return 1 which could confuse the user, i.e. the caller might think all of the memory is migrated while the hugetlb page is left behind. We make the prototype of isolate_huge_page consistent with isolate_lru_page as suggested by Huang Ying and rename isolate_huge_page to isolate_hugetlb as suggested by Muchun to improve the readability. Link: https://lkml.kernel.org/r/20220530113016.16663-4-linmiaohe@huawei.com Fixes: `e8db67eb0d` ("mm: migrate: move_pages() supports thp migration") Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> Suggested-by: Huang Ying <ying.huang@intel.com> Reported-by: kernel test robot <lkp@intel.com> (build error) Cc: Alistair Popple <apopple@nvidia.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Christoph Lameter <cl@linux.com> Cc: David Hildenbrand <david@redhat.com> Cc: David Howells <dhowells@redhat.com> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: Muchun Song <songmuchun@bytedance.com> Cc: Oscar Salvador <osalvador@suse.de> Cc: Peter Xu <peterx@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Stable-dep-of: 73bdf65ea748 ("migrate: hugetlb: check for hugetlb shared PMD in node migration") Signed-off-by: Sasha Levin <sashal@kernel.org>	2023-02-15 17:22:21 +01:00
Suren Baghdasaryan	bfdcf47ca3	ANDROID: mm: remove sequence counting when mmap_lock is not exclusively owned In a number of cases vm_write_{begin\|end} is called while mmap_lock is not owned exclusively. This is unnecessary and can affect correctness of the sequence counting protecting speculative page fault handlers. Remove extra calls. Bug: 257443051 Change-Id: I1278638a0794448e22fbdab5601212b3b2eaebdc Signed-off-by: Suren Baghdasaryan <surenb@google.com>	2022-11-27 09:29:02 -08:00
Greg Kroah-Hartman	f6ce9a9115	This is the 5.10.134 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLj+okACgkQONu9yGCS aT7ULhAA2D1qxAvJsuhLK3HAG3ii4jKb+lPZO4Gx7MGbt6H0ktsHKcAppVCMOiQ/ zr8z695+GjO9RcFqiVVEYVkXGuBSwEI34MWYkHk6+567Y47d9HX09tehvGmwSYB/ 2eFkhL7Am6XXY8fK1p5L3iFQ4pn2O1LT90oC6IX2PbgPBh9SqA/cL2RoFjrtLKYI s+ok/P6qiDz/7jn1V3AzvESs9n0h7fviGYwpe+jEcXRr+7Glu8A23n7goOpCn5k1 NydT0S69fiVb14NhzDGhgSMp/Ft4u8pb12n2UWrR6pueE/Ea7VbC/AOhh2CYCOpJ VpjZlFQDSJhTNmlAEiFADmejzyfjRyFaaQkq52odOV9YljbX9u4XCI9w42E3kgfi ClEJNGNSRWc35LR69sAV2TzKmAQX8DcYCyvkk8uFpOkoEr9ANbqOn5rXgGk3jllT RoFcOmXvN4t+mYebvxjtOvC56OOopUte6a/hGzLoOvf1Uy36CaRQ4izURZpOAKAT lMN8P/s/NQxE9g3Aq4ABydCxPaLnJkIobfFqoc8wFVnopmUd4+wspklwWeo+MGps oZ2nt5BLlweQ7Yr1wif+Sff5q3jkR9ppUxMYiwRHUW9fTy3QL7uMJqs3qa5s6wLH AQJXuKjuA7mpbmE8csBPUGP+LL2d/RalLKjzqpwNcSJ0IPk6lW8= =9KOJ -----END PGP SIGNATURE----- Merge 5.10.134 into android12-5.10-lts Changes in 5.10.134 pinctrl: stm32: fix optional IRQ support to gpios riscv: add as-options for modules with assembly compontents mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication lockdown: Fix kexec lockdown bypass with ima policy io_uring: Use original task for req identity in io_identity_cow() xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE docs: net: explain struct net_device lifetime net: make free_netdev() more lenient with unregistering devices net: make sure devices go through netdev_wait_all_refs net: move net_set_todo inside rollback_registered() net: inline rollback_registered() net: move rollback_registered_many() net: inline rollback_registered_many() Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch" PCI: hv: Fix multi-MSI to allow more than one MSI vector PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() PCI: hv: Fix interrupt mapping for multi-MSI serial: mvebu-uart: correctly report configured baudrate value xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe pinctrl: ralink: Check for null return of devm_kcalloc perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() drm/amdgpu/display: add quirk handling for stutter mode igc: Reinstate IGC_REMOVED logic and implement it properly ip: Fix data-races around sysctl_ip_no_pmtu_disc. ip: Fix data-races around sysctl_ip_fwd_use_pmtu. ip: Fix data-races around sysctl_ip_fwd_update_priority. ip: Fix data-races around sysctl_ip_nonlocal_bind. ip: Fix a data-race around sysctl_ip_autobind_reuse. ip: Fix a data-race around sysctl_fwmark_reflect. tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. tcp: Fix data-races around sysctl_tcp_mtu_probing. tcp: Fix data-races around sysctl_tcp_base_mss. tcp: Fix data-races around sysctl_tcp_min_snd_mss. tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. tcp: Fix a data-race around sysctl_tcp_probe_threshold. tcp: Fix a data-race around sysctl_tcp_probe_interval. net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow i2c: cadence: Change large transfer count reset logic to be unconditional net: stmmac: fix dma queue left shift overflow issue net/tls: Fix race in TLS device down flow igmp: Fix data-races around sysctl_igmp_llm_reports. igmp: Fix a data-race around sysctl_igmp_max_memberships. igmp: Fix data-races around sysctl_igmp_max_msf. tcp: Fix data-races around keepalive sysctl knobs. tcp: Fix data-races around sysctl_tcp_syncookies. tcp: Fix data-races around sysctl_tcp_reordering. tcp: Fix data-races around some timeout sysctl knobs. tcp: Fix a data-race around sysctl_tcp_notsent_lowat. tcp: Fix a data-race around sysctl_tcp_tw_reuse. tcp: Fix data-races around sysctl_max_syn_backlog. tcp: Fix data-races around sysctl_tcp_fastopen. tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. iavf: Fix handling of dummy receive descriptors i40e: Fix erroneous adapter reinitialization during recovery process ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero gpio: pca953x: only use single read/write for No AI mode gpio: pca953x: use the correct range when do regmap sync gpio: pca953x: use the correct register address when regcache sync during init be2net: Fix buffer overflow in be_get_module_eeprom drm/imx/dcss: Add missing of_node_put() in fail path ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. ip: Fix data-races around sysctl_ip_prot_sock. udp: Fix a data-race around sysctl_udp_l3mdev_accept. tcp: Fix data-races around sysctl knobs related to SYN option. tcp: Fix a data-race around sysctl_tcp_early_retrans. tcp: Fix data-races around sysctl_tcp_recovery. tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. tcp: Fix a data-race around sysctl_tcp_retrans_collapse. tcp: Fix a data-race around sysctl_tcp_stdurg. tcp: Fix a data-race around sysctl_tcp_rfc1337. tcp: Fix data-races around sysctl_tcp_max_reordering. spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers KVM: Don't null dereference ops->destroy mm/mempolicy: fix uninit-value in mpol_rebind_policy() bpf: Make sure mac_header was set before using it sched/deadline: Fix BUG_ON condition for deboosted tasks x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts dlm: fix pending remove if msg allocation fails drm/imx/dcss: fix unused but set variable warnings bitfield.h: Fix "type of reg too small for mask" test ALSA: memalloc: Align buffer allocations in page size Bluetooth: Add bt_skb_sendmsg helper Bluetooth: Add bt_skb_sendmmsg helper Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg Bluetooth: Fix passing NULL to PTR_ERR Bluetooth: SCO: Fix sco_send_frame returning skb->len Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks x86/amd: Use IBPB for firmware calls x86/alternative: Report missing return thunk details watchqueue: make sure to serialize 'wqueue->defunct' properly tty: drivers/tty/, stop using tty_schedule_flip() tty: the rest, stop using tty_schedule_flip() tty: drop tty_schedule_flip() tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() net: usb: ax88179_178a needs FLAG_SEND_ZLP watch-queue: remove spurious double semicolon Linux 5.10.134 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I55defdcdd6658e3ec9a3684b7e8cdfe114772a19	2022-08-03 12:42:13 +02:00
Wang Cheng	ddb3f0b688	mm/mempolicy: fix uninit-value in mpol_rebind_policy() commit 018160ad314d75b1409129b2247b614a9f35894c upstream. mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mode is MPOL_LOCAL. Check pol->mode before access pol->w.cpuset_mems_allowed in mpol_rebind_policy()(mm/mempolicy.c). BUG: KMSAN: uninit-value in mpol_rebind_policy mm/mempolicy.c:352 [inline] BUG: KMSAN: uninit-value in mpol_rebind_task+0x2ac/0x2c0 mm/mempolicy.c:368 mpol_rebind_policy mm/mempolicy.c:352 [inline] mpol_rebind_task+0x2ac/0x2c0 mm/mempolicy.c:368 cpuset_change_task_nodemask kernel/cgroup/cpuset.c:1711 [inline] cpuset_attach+0x787/0x15e0 kernel/cgroup/cpuset.c:2278 cgroup_migrate_execute+0x1023/0x1d20 kernel/cgroup/cgroup.c:2515 cgroup_migrate kernel/cgroup/cgroup.c:2771 [inline] cgroup_attach_task+0x540/0x8b0 kernel/cgroup/cgroup.c:2804 __cgroup1_procs_write+0x5cc/0x7a0 kernel/cgroup/cgroup-v1.c:520 cgroup1_tasks_write+0x94/0xb0 kernel/cgroup/cgroup-v1.c:539 cgroup_file_write+0x4c2/0x9e0 kernel/cgroup/cgroup.c:3852 kernfs_fop_write_iter+0x66a/0x9f0 fs/kernfs/file.c:296 call_write_iter include/linux/fs.h:2162 [inline] new_sync_write fs/read_write.c:503 [inline] vfs_write+0x1318/0x2030 fs/read_write.c:590 ksys_write+0x28b/0x510 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __x64_sys_write+0xdb/0x120 fs/read_write.c:652 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit was created at: slab_post_alloc_hook mm/slab.h:524 [inline] slab_alloc_node mm/slub.c:3251 [inline] slab_alloc mm/slub.c:3259 [inline] kmem_cache_alloc+0x902/0x11c0 mm/slub.c:3264 mpol_new mm/mempolicy.c:293 [inline] do_set_mempolicy+0x421/0xb70 mm/mempolicy.c:853 kernel_set_mempolicy mm/mempolicy.c:1504 [inline] __do_sys_set_mempolicy mm/mempolicy.c:1510 [inline] __se_sys_set_mempolicy+0x44c/0xb60 mm/mempolicy.c:1507 __x64_sys_set_mempolicy+0xd8/0x110 mm/mempolicy.c:1507 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae KMSAN: uninit-value in mpol_rebind_task (2) https://syzkaller.appspot.com/bug?id=d6eb90f952c2a5de9ea718a1b873c55cb13b59dc This patch seems to fix below bug too. KMSAN: uninit-value in mpol_rebind_mm (2) https://syzkaller.appspot.com/bug?id=f2fecd0d7013f54ec4162f60743a2b28df40926b The uninit-value is pol->w.cpuset_mems_allowed in mpol_rebind_policy(). When syzkaller reproducer runs to the beginning of mpol_new(), mpol_new() mm/mempolicy.c do_mbind() mm/mempolicy.c kernel_mbind() mm/mempolicy.c `mode` is 1(MPOL_PREFERRED), nodes_empty(*nodes) is `true` and `flags` is 0. Then mode = MPOL_LOCAL; ... policy->mode = mode; policy->flags = flags; will be executed. So in mpol_set_nodemask(), mpol_set_nodemask() mm/mempolicy.c do_mbind() kernel_mbind() pol->mode is 4 (MPOL_LOCAL), that `nodemask` in `pol` is not initialized, which will be accessed in mpol_rebind_policy(). Link: https://lkml.kernel.org/r/20220512123428.fq3wofedp6oiotd4@ppc.localdomain Signed-off-by: Wang Cheng <wanngchenng@gmail.com> Reported-by: <syzbot+217f792c92599518a2ab@syzkaller.appspotmail.com> Tested-by: <syzbot+217f792c92599518a2ab@syzkaller.appspotmail.com> Cc: David Rientjes <rientjes@google.com> Cc: Vlastimil Babka <vbabka@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2022-07-29 17:19:23 +02:00
Greg Kroah-Hartman	5dadf6321c	This is the 5.10.111 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJXHgUACgkQONu9yGCS aT7BohAAx7alIKg1d4gbIHhO6eimWLWLj95ncyeq6xtNT+qKqdYgp+w8xKAJ8QLG sG9sbGcoWYkgOLcSy4rztgh9HBQuGvY6vLFqygRw5HXN1iAirYlr7DJCCKRc1pPZ E5ASOzbkfmBw9HI/w41up5vosSkNAf1qqbL9lJxfx11ms5t7s/11gYg+xSH61NUI gBE4GyJSq91p161F4ql+dJqYrU+gAIY9zKVSAqB97z9D3d01tZkr4LGNjbqtu7Kb 3d+vjiKfMda09X16US3nx9PaxikfQn5IB8JA9mpWgI+Q7H6R9Ri+rQxnv/ghpEPc U9BvK9p7+zYu6dyNUZYbGCsHAQ3WFoatJPO+JTxXllJ99ORrN85WfvFMWZq49f3k XxYMbECcLJfsYUJycKcPJJfGFLfxw2cDfJmzNJEvzX9KK6ObZxSeYeVHjrdC8XwA WZlt1zNObE2IyH3pkqSyxKubnpu4Z0UdxDdIeowsdI9iD7oGlhtfzhTVa+JbxnuY HHtHIKweeyYeUTRIKe1w/ZE24LQjF0fpy9M2ZGxzy6YQTqFsjGNzsfcPBWWFOXqp XGTgaKoIqA+1ov2nVGk8j1BOTHKqYx4gwhb5Y58kX8hvHQGr6d3eoyMKui7wPT5f 9RjU/9+eZ1DT8LLnUZFNJHIrhwIUCR/wEY1Y9gPi58RE8Wj9TlY= =3r9Y -----END PGP SIGNATURE----- Merge 5.10.111 into android12-5.10-lts Changes in 5.10.111 ubifs: Rectify space amount budget for mkdir/tmpfile operations gfs2: Check for active reservation in gfs2_release gfs2: Fix gfs2_release for non-writers regression gfs2: gfs2_setattr_size error path fix rtc: wm8350: Handle error for wm8350_register_irq KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs KVM: x86/emulator: Emulate RDPID only if it is enabled in guest drm: Add orientation quirk for GPD Win Max ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 drm/amd/display: Add signal type check when verify stream backends same drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj usb: gadget: tegra-xudc: Do not program SPARAM usb: gadget: tegra-xudc: Fix control endpoint's definitions ptp: replace snprintf with sysfs_emit powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 ath11k: fix kernel panic during unload/load ath11k modules ath11k: mhi: use mhi_sync_power_up() bpf: Make dst_port field in struct bpf_sock 16-bit wide scsi: mvsas: Replace snprintf() with sysfs_emit() scsi: bfa: Replace snprintf() with sysfs_emit() power: supply: axp20x_battery: properly report current when discharging mt76: dma: initialize skip_unmap in mt76_dma_rx_fill cfg80211: don't add non transmitted BSS to 6GHz scanned channels libbpf: Fix build issue with llvm-readelf ipv6: make mc_forwarding atomic powerpc: Set crashkernel offset to mid of RMA region drm/amdgpu: Fix recursive locking warning PCI: aardvark: Fix support for MSI interrupts iommu/arm-smmu-v3: fix event handling soft lockup usb: ehci: add pci device support for Aspeed platforms PCI: endpoint: Fix alignment fault error in copy tests tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH. PCI: pciehp: Add Qualcomm quirk for Command Completed erratum power: supply: axp288-charger: Set Vhold to 4.4V iwlwifi: mvm: Correctly set fragmented EBS ipv4: Invalidate neighbour for broadcast address upon address addition dm ioctl: prevent potential spectre v1 gadget dm: requeue IO if mapping table not yet available drm/amdkfd: make CRAT table missing message informational only scsi: pm8001: Fix pm80xx_pci_mem_copy() interface scsi: pm8001: Fix pm8001_mpi_task_abort_resp() scsi: pm8001: Fix task leak in pm8001_send_abort_all() scsi: pm8001: Fix tag leaks on error scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req() mt76: mt7615: Fix assigning negative values to unsigned variable scsi: aha152x: Fix aha152x_setup() __setup handler return value scsi: hisi_sas: Free irq vectors in order for v3 HW net/smc: correct settings of RMB window update limit mips: ralink: fix a refcount leak in ill_acc_of_setup() macvtap: advertise link netns via netlink tuntap: add sanity checks about msg_controllen in sendmsg Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg} Bluetooth: use memset avoid memory leaks bnxt_en: Eliminate unintended link toggle during FW reset PCI: endpoint: Fix misused goto label MIPS: fix fortify panic when copying asm exception handlers powerpc/secvar: fix refcount leak in format_show() scsi: libfc: Fix use after free in fc_exch_abts_resp() can: isotp: set default value for N_As to 50 micro seconds net: account alternate interface name memory net: limit altnames to 64k total net: sfp: add 2500base-X quirk for Lantech SFP module usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm xtensa: fix DTC warning unit_address_format MIPS: ingenic: correct unit node address Bluetooth: Fix use after free in hci_send_acl netlabel: fix out-of-bounds memory accesses ceph: fix memory leak in ceph_readdir when note_last_dentry returns error init/main.c: return 1 from handled __setup() functions minix: fix bug when opening a file with O_DIRECT clk: si5341: fix reported clk_rate when output divider is 2 staging: vchiq_core: handle NULL result of find_service_by_handle phy: amlogic: meson8b-usb2: Use dev_err_probe() staging: wfx: fix an error handling in wfx_init_common() w1: w1_therm: fixes w1_seq for ds28ea00 sensors NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify() NFSv4: Protect the state recovery thread against direct reclaim xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 clk: ti: Preserve node in ti_dt_clocks_register() clk: Enforce that disjoints limits are invalid SUNRPC/call_alloc: async tasks mustn't block waiting for memory SUNRPC/xprt: async tasks mustn't block waiting for memory SUNRPC: remove scheduling boost for "SWAPPER" tasks. NFS: swap IO handling is slightly different for O_DIRECT IO NFS: swap-out must always use STABLE writes. x86/Kconfig: Do not allow CONFIG_X86_X32_ABI=y with llvm-objcopy serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() virtio_console: eliminate anonymous module_init & module_exit jfs: prevent NULL deref in diFree SUNRPC: Fix socket waits for write buffer space NFS: nfsiod should not block forever in mempool_alloc() NFS: Avoid writeback threads getting stuck in mempool_alloc() parisc: Fix CPU affinity for Lasi, WAX and Dino chips parisc: Fix patch code locking and flushing mm: fix race between MADV_FREE reclaim and blkdev direct IO read Revert "hv: utils: add PTP_1588_CLOCK to Kconfig to fix build" drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() Drivers: hv: vmbus: Fix potential crash on module unload Revert "NFSv4: Handle the special Linux file open access mode" NFSv4: fix open failure with O_ACCMODE flag scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() net/tls: fix slab-out-of-bounds bug in decrypt_internal ice: Clear default forwarding VSI during VSI release net: ipv4: fix route with nexthop object delete warning net: stmmac: Fix unset max_speed difference between DT and non-DT platforms drm/imx: imx-ldb: Check for null pointer after calling kmemdup drm/imx: Fix memory leak in imx_pd_connector_get_modes bnxt_en: reserve space inside receive page for skb_shared_info sfc: Do not free an empty page_ring RDMA/mlx5: Don't remove cache MRs when a delay is needed IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe ice: Set txq_teid to ICE_INVAL_TEID on ring creation ice: Do not skip not enabled queues in ice_vc_dis_qs_msg ipv6: Fix stats accounting in ip6_pkt_drop ice: synchronize_rcu() when terminating rings net: openvswitch: don't send internal clone attribute to the userspace. net: openvswitch: fix leak of nested actions rxrpc: fix a race in rxrpc_exit_net() net: phy: mscc-miim: reject clause 45 register accesses qede: confirm skb is allocated before using spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op() bpf: Support dual-stack sockets in bpf_tcp_check_syncookie drbd: Fix five use after free bugs in get_initial_state io_uring: don't touch scm_fp_list after queueing skb SUNRPC: Handle ENOMEM in call_transmit_status() SUNRPC: Handle low memory situations in call_status() SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec() iommu/omap: Fix regression in probe for NULL pointer dereference perf: arm-spe: Fix perf report --mem-mode perf tools: Fix perf's libperf_print callback perf session: Remap buf if there is no space for event arm64: Add part number for Arm Cortex-A78AE Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" mmc: mmci: stm32: correctly check all elements of sg list mmc: renesas_sdhi: don't overwrite TAP settings when HS400 tuning is complete lz4: fix LZ4_decompress_safe_partial read out of bound mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) mm/mempolicy: fix mpol_new leak in shared_policy_replace io_uring: fix race between timeout flush and removal x86/pm: Save the MSR validity status at context setup x86/speculation: Restore speculation related MSRs during S3 resume btrfs: fix qgroup reserve overflow the qgroup limit btrfs: prevent subvol with swapfile from being deleted arm64: patch_text: Fixup last cpu should be master RDMA/hfi1: Fix use-after-free bug for mm struct gpio: Restrict usage of GPIO chip irq members before initialization ata: sata_dwc_460ex: Fix crash due to OOB write perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator irqchip/gic-v3: Fix GICR_CTLR.RWP polling drm/amdgpu/smu10: fix SoC/fclk units in auto mode drm/nouveau/pmu: Add missing callbacks for Tegra devices drm/amdkfd: Create file descriptor after client is added to smi_clients list perf build: Don't use -ffat-lto-objects in the python feature test when building with clang-13 perf python: Fix probing for some clang command line options tools build: Filter out options and warnings not supported by clang tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" ubsan: remove CONFIG_UBSAN_OBJECT_SIZE mm: don't skip swap entry even if zap_details specified cgroup: Use open-time credentials for process migraton perm checks selftests/cgroup: Fix build on older distros selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644 selftests: cgroup: Test open-time credential usage for migration checks selftests: cgroup: Test open-time cgroup namespace usage for migration checks arm64: module: remove (NOLOAD) from linker script Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb() irqchip/gic, gic-v3: Prevent GSI to SGI translations mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit Linux 5.10.111 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I9b4c1d30ae226b865494df03d871db2a2b9281c7	2022-04-21 14:27:41 +02:00
Greg Kroah-Hartman	95f4203fc9	This is the 5.10.110 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJQLWwACgkQONu9yGCS aT4R2BAAr/cGnf2/BQ6+zNPW+LlfGn75803yd+oWNL8WzjNiQGrTsQavE1jL0LXP 45iPxvY6eOlP9oEoJGYyNYhzQfUM92Unysa/KemB/xUBsb2If0ZdWk1WB9Lnw0xq m65kACXovbcg4LsZGpgCv7ln1ykogo+bNMES9P6CLxwKR/DMKUeJxbRNKE/AkD5l DxF7IJEP+YRbKAtoLM2Xj4KdjVSfRIfs+Pf0A1t43GqAw6tt3beqmzeCwDzuzz5a DHpXS6PeJjTZOjz4LkuBSbyK5cKGFv1C6o7JVjWSZhDyI5E4OLdNDpNKqcjsXAN+ wMqS1eh4gYUBXmPE44BGwkkugPyaR0/KHUebfkFZG2/H/8DfvrGqlbvsGSFNXxsV jH2/AV/rOxAFeM/U0c1I4Ve42MU18kdf1MRBo0Dq5xSoN9HFQhNp+HE5jpppgsvi FYpMqZoQzH31GIjOq7g0zLdj4NTBrkO9dh7kbpH0Xay1yBmigvD2PA4qpsL1+VMI v73Iq/RJVGUJFAeiYFjn9IGs9EsiKNG08v9uoKS+1m1VLrpVdgwtzo+RjJ/E51Mt Nk4WK94MyoivkRFKulDasv9yBWdcZCfljc91271UCKCERlyO/bmsTqhffeATGGRh N/7oxa71BHvxp0VYqvKD6xFUs+jFt9DQmIX7Pl1/yLpaz+sN0no= =31mv -----END PGP SIGNATURE----- Merge 5.10.110 into android12-5.10-lts Changes in 5.10.110 swiotlb: fix info leak with DMA_FROM_DEVICE USB: serial: pl2303: add IBM device IDs USB: serial: simple: add Nokia phone driver hv: utils: add PTP_1588_CLOCK to Kconfig to fix build netdevice: add the case if dev is NULL HID: logitech-dj: add new lightspeed receiver id xfrm: fix tunnel model fragmentation behavior ARM: mstar: Select HAVE_ARM_ARCH_TIMER virtio_console: break out of buf poll on remove vdpa/mlx5: should verify CTRL_VQ feature exists for MQ tools/virtio: fix virtio_test execution ethernet: sun: Free the coherent when failing in probing gpio: Revert regression in sysfs-gpio (gpiolib.c) spi: Fix invalid sgs value net:mcf8390: Use platform_get_irq() to get the interrupt Revert "gpio: Revert regression in sysfs-gpio (gpiolib.c)" spi: Fix erroneous sgs value with min_t() Input: zinitix - do not report shadow fingers af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register net: dsa: microchip: add spi_device_id tables locking/lockdep: Avoid potential access of invalid memory in lock_class iommu/iova: Improve 32-bit free space estimate tpm: fix reference counting for struct tpm_chip virtio-blk: Use blk_validate_block_size() to validate block size USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c xhci: fix garbage USBSTS being logged in some cases xhci: fix runtime PM imbalance in USB2 resume xhci: make xhci_handshake timeout for xhci_reset() adjustable xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx() mei: me: add Alder Lake N device id. mei: avoid iterator usage outside of list_for_each_entry coresight: Fix TRCCONFIGR.QE sysfs interface iio: afe: rescale: use s64 for temporary scale calculations iio: inkern: apply consumer scale on IIO_VAL_INT cases iio: inkern: apply consumer scale when no channel scale is available iio: inkern: make a best effort on offset calculation greybus: svc: fix an error handling bug in gb_svc_hello() clk: uniphier: Fix fixed-rate initialization ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE KEYS: fix length validation in keyctl_pkey_params_get_2() Documentation: add link to stable release candidate tree Documentation: update stable tree link firmware: stratix10-svc: add missing callback parameter on RSU HID: intel-ish-hid: Use dma_alloc_coherent for firmware update SUNRPC: avoid race between mod_timer() and del_timer_sync() NFSD: prevent underflow in nfssvc_decode_writeargs() NFSD: prevent integer overflow on 32 bit systems f2fs: fix to unlock page correctly in error path of is_alive() f2fs: quota: fix loop condition at f2fs_quota_sync() f2fs: fix to do sanity check on .cp_pack_total_block_count remoteproc: Fix count check in rproc_coredump_write() pinctrl: samsung: drop pin banks references on error paths spi: mxic: Fix the transmit path mtd: rawnand: protect access to rawnand devices while in suspend can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path jffs2: fix use-after-free in jffs2_clear_xattr_subsystem jffs2: fix memory leak in jffs2_do_mount_fs jffs2: fix memory leak in jffs2_scan_medium mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node mm: invalidate hwpoison page cache page in fault path mempolicy: mbind_range() set_policy() after vma_merge() scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands qed: display VF trust config qed: validate and restrict untrusted VFs vlan promisc mode riscv: Fix fill_callchain return value riscv: Increase stack size under KASAN Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" cifs: prevent bad output lengths in smb2_ioctl_query_info() cifs: fix NULL ptr dereference in smb2_ioctl_query_info() ALSA: cs4236: fix an incorrect NULL check on list iterator ALSA: hda: Avoid unsol event during RPM suspending ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 mm: madvise: skip unmapped vma holes passed to process_madvise mm: madvise: return correct bytes advised with process_madvise Revert "mm: madvise: skip unmapped vma holes passed to process_madvise" mm,hwpoison: unmap poisoned page before invalidation mm/kmemleak: reset tag when compare object pointer dm integrity: set journal entry unused when shrinking device drbd: fix potential silent data corruption can: isotp: sanitize CAN ID checks in isotp_bind() powerpc/kvm: Fix kvm_use_magic_page udp: call udp_encap_enable for v6 sockets when enabling encap arm64: signal: nofpsimd: Do not allocate fp/simd context when not available arm64: dts: ti: k3-am65: Fix gic-v3 compatible regs arm64: dts: ti: k3-j721e: Fix gic-v3 compatible regs arm64: dts: ti: k3-j7200: Fix gic-v3 compatible regs ACPI: properties: Consistently return -ENOENT if there are no more references coredump: Also dump first pages of non-executable ELF libraries ext4: fix ext4_fc_stats trace point ext4: fix fs corruption when tring to remove a non-empty directory with IO error drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() mailbox: tegra-hsp: Flush whole channel block: limit request dispatch loop duration block: don't merge across cgroup boundaries if blkcg is enabled drm/edid: check basic audio support on CEA extension block video: fbdev: sm712fb: Fix crash in smtcfb_read() video: fbdev: atari: Atari 2 bpp (STe) palette bugfix ARM: dts: at91: sama5d2: Fix PMERRLOC resource size ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 ARM: dts: exynos: add missing HDMI supplies on SMDK5250 ARM: dts: exynos: add missing HDMI supplies on SMDK5420 mgag200 fix memmapsl configuration in GCTL6 register carl9170: fix missing bit-wise or operator for tx_params pstore: Don't use semaphores in always-atomic-context code thermal: int340x: Increase bitmap size lib/raid6/test: fix multiple definition linking error exec: Force single empty string when argv is empty crypto: rsa-pkcs1pad - only allow with rsa crypto: rsa-pkcs1pad - correctly get hash from source scatterlist crypto: rsa-pkcs1pad - restore signature length check crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() bcache: fixup multiple threads crash DEC: Limit PMAX memory probing to R3k systems media: gpio-ir-tx: fix transmit with long spaces on Orange Pi PC media: davinci: vpif: fix unbalanced runtime PM get media: davinci: vpif: fix unbalanced runtime PM enable xtensa: fix stop_machine_cpuslocked call in patch_text xtensa: fix xtensa_wsr always writing 0 brcmfmac: firmware: Allocate space for default boardrev in nvram brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio brcmfmac: pcie: Fix crashes due to early IRQs drm/i915/opregion: check port number bounds for SWSCI display power state drm/i915/gem: add missing boundary check in vm_access PCI: pciehp: Clear cmd_busy bit in polling mode PCI: xgene: Revert "PCI: xgene: Fix IB window setup" regulator: qcom_smd: fix for_each_child.cocci warnings selinux: check return value of sel_make_avc_files hwrng: cavium - Check health status while reading random data hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER crypto: sun8i-ss - really disable hash on A80 crypto: authenc - Fix sleep in atomic context in decrypt_tail crypto: mxs-dcp - Fix scatterlist processing thermal: int340x: Check for NULL after calling kmemdup() spi: tegra114: Add missing IRQ check in tegra_spi_probe arm64/mm: avoid fixmap race condition when create pud mapping selftests/x86: Add validity check and allow field splitting crypto: rockchip - ECB does not need IV audit: log AUDIT_TIME_* records only from rules EVM: fix the evm= __setup handler return value crypto: ccree - don't attempt 0 len DMA mappings spi: pxa2xx-pci: Balance reference count for PCI DMA device hwmon: (pmbus) Add mutex to regulator ops hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING nvme: cleanup __nvme_check_ids block: don't delete queue kobject before its children PM: hibernate: fix __setup handler error handling PM: suspend: fix return value of __setup handler spi: spi-zynqmp-gqspi: Handle error for dma_set_mask hwrng: atmel - disable trng on failure path crypto: sun8i-ss - call finalize with bh disabled crypto: sun8i-ce - call finalize with bh disabled crypto: amlogic - call finalize with bh disabled crypto: vmx - add missing dependencies clocksource/drivers/timer-ti-dm: Fix regression from errata i940 fix clocksource/drivers/exynos_mct: Refactor resources allocation clocksource/drivers/exynos_mct: Handle DTS with higher number of interrupts clocksource/drivers/timer-microchip-pit64b: Use notrace clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() ACPI: APEI: fix return value of __setup handlers crypto: ccp - ccp_dmaengine_unregister release dma channels crypto: ccree - Fix use after free in cc_cipher_exit() vfio: platform: simplify device removal amba: Make the remove callback return void hwrng: nomadik - Change clk_disable to clk_disable_unprepare hwmon: (pmbus) Add Vin unit off handling clocksource: acpi_pm: fix return value of __setup handler io_uring: terminate manual loop iterator loop correctly for non-vecs watch_queue: Fix NULL dereference in error cleanup watch_queue: Actually free the watch f2fs: fix to enable ATGC correctly via gc_idle sysfs interface sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa sched/core: Export pelt_thermal_tp rseq: Optimise rseq_get_rseq_cs() and clear_rseq_cs() rseq: Remove broken uapi field layout on 32-bit little endian perf/core: Fix address filter parser for multiple filters perf/x86/intel/pt: Fix address filter config for 32-bit kernel f2fs: fix missing free nid in f2fs_handle_failed_inode nfsd: more robust allocation failure handling in nfsd_file_cache_init f2fs: fix to avoid potential deadlock btrfs: fix unexpected error path when reflinking an inline extent f2fs: compress: remove unneeded read when rewrite whole cluster f2fs: fix compressed file start atomic write may cause data corruption selftests, x86: fix how check_cc.sh is being invoked kunit: make kunit_test_timeout compatible with comment media: staging: media: zoran: fix usage of vb2_dma_contig_set_max_seg_size media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls media: mtk-vcodec: potential dereference of null pointer media: bttv: fix WARNING regression on tunerless devices ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting ASoC: generic: simple-card-utils: remove useless assignment media: coda: Fix missing put_device() call in coda_get_vdoa_data media: meson: vdec: potential dereference of null pointer media: hantro: Fix overfill bottom register field name media: aspeed: Correct value for h-total-pixels video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen video: fbdev: controlfb: Fix set but not used warnings video: fbdev: controlfb: Fix COMPILE_TEST build video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() firmware: qcom: scm: Remove reassignment to desc following initializer ARM: dts: qcom: ipq4019: fix sleep clock soc: qcom: rpmpd: Check for null return of devm_kcalloc soc: qcom: ocmem: Fix missing put_device() call in of_get_ocmem soc: qcom: aoss: remove spurious IRQF_ONESHOT flags arm64: dts: qcom: sdm845: fix microphone bias properties and values arm64: dts: qcom: sm8150: Correct TCS configuration for apps rsc firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is not defined soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe ARM: dts: sun8i: v3s: Move the csi1 block to follow address order ARM: dts: imx: Add missing LVDS decoder on M53Menlo media: video/hdmi: handle short reads of hdmi info frame. media: em28xx: initialize refcount before kref_get media: usb: go7007: s2250-board: fix leak in probe() media: cedrus: H265: Fix neighbour info buffer size media: cedrus: h264: Fix neighbour info buffer size ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put uaccess: fix nios2 and microblaze get_user_8() ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() ASoC: ti: davinci-i2s: Add check for clk_enable() ALSA: spi: Add check for clk_enable() arm64: dts: ns2: Fix spi-cpol and spi-cpha property arm64: dts: broadcom: Fix sata nodename printk: fix return value of printk.devkmsg __setup handler ASoC: mxs-saif: Handle errors for clk_enable ASoC: atmel_ssc_dai: Handle errors for clk_enable ASoC: dwc-i2s: Handle errors for clk_enable ASoC: soc-compress: prevent the potentially use of null pointer memory: emif: Add check for setup_interrupts memory: emif: check the pointer temp in get_device_details() ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction arm64: dts: rockchip: Fix SDIO regulator supply properties on rk3399-firefly m68k: coldfire/device.c: only build for MCF_EDMA when h/w macros are defined media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED media: vidtv: Check for null return of vzalloc ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe ASoC: wm8350: Handle error for wm8350_register_irq ASoC: fsi: Add check for clk_enable video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of media: saa7134: convert list_for_each to entry variant media: saa7134: fix incorrect use to determine if list is empty ivtv: fix incorrect device_caps for ivtvfb ASoC: rockchip: i2s: Use devm_platform_get_and_ioremap_resource() ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in rockchip_i2s_probe ASoC: SOF: Add missing of_node_put() in imx8m_probe ASoC: dmaengine: do not use a NULL prepare_slave_config() callback ASoC: mxs: Fix error handling in mxs_sgtl5000_probe ASoC: fsl_spdif: Disable TX clock when stop ASoC: imx-es8328: Fix error return code in imx_es8328_probe() ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe mmc: davinci_mmc: Handle error for clk_enable ASoC: atmel: sam9x5_wm8731: use devm_snd_soc_register_card() ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data ARM: configs: multi_v5_defconfig: re-enable CONFIG_V4L_PLATFORM_DRIVERS drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe drm: bridge: adv7511: Fix ADV7535 HPD enablement ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern drm/panfrost: Check for error num after setting mask libbpf: Fix possible NULL pointer dereference when destroying skeleton udmabuf: validate ubuf->pagecount Bluetooth: hci_serdev: call init_rwsem() before p->open() mtd: onenand: Check for error irq mtd: rawnand: gpmi: fix controller timings setting drm/edid: Don't clear formats if using deep color ionic: fix type complaint in ionic_dev_cmd_clean() drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function ath9k_htc: fix uninit value bugs RDMA/core: Set MR type in ib_reg_user_mr KVM: PPC: Fix vmx/vsx mixup in mmio emulation i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb i40e: respect metadata on XSK Rx to skb power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe ray_cs: Check ioremap return value powerpc: dts: t1040rdb: fix ports names for Seville Ethernet switch KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init powerpc/perf: Don't use perf_hw_context for trace IMC PMU mt76: mt7915: use proper aid value in mt7915_mcu_wtbl_generic_tlv in sta mode mt76: mt7915: use proper aid value in mt7915_mcu_sta_basic_tlv mt76: mt7603: check sta_rates pointer in mt7603_sta_rate_tbl_update mt76: mt7615: check sta_rates pointer in mt7615_sta_rate_tbl_update net: dsa: mv88e6xxx: Enable port policy support on 6097 scripts/dtc: Call pkg-config POSIXly correct livepatch: Fix build failure on 32 bits processors PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge drm/bridge: dw-hdmi: use safe format when first in bridge chain power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports iommu/ipmmu-vmsa: Check for error num after setting mask drm/amd/pm: enable pm sysfs write for one VF mode drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug IB/cma: Allow XRC INI QPs to set their local ACK timeout dax: make sure inodes are flushed before destroy cache iwlwifi: Fix -EIO error code that is never returned iwlwifi: mvm: Fix an error code in iwl_mvm_up() drm/msm/dp: populate connector of struct dp_panel drm/msm/dpu: add DSPP blocks teardown drm/msm/dpu: fix dp audio condition dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS scsi: pm8001: Fix command initialization in pm80XX_send_read_log() scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() scsi: pm8001: Fix le32 values handling in pm80xx_set_sas_protocol_timer_config() scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update() scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req() scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req() scsi: pm8001: Fix NCQ NON DATA command task initialization scsi: pm8001: Fix NCQ NON DATA command completion handling scsi: pm8001: Fix abort all task initialization RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR drm/amd/display: Remove vupdate_int_entry definition TOMOYO: fix __setup handlers return values ext2: correct max file size computing drm/tegra: Fix reference leak in tegra_dsi_ganged_probe power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return scsi: hisi_sas: Change permission of parameter prot_mask drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt bpf, arm64: Call build_prologue() first in first JIT pass bpf, arm64: Feed byte-offset into bpf line info gpu: host1x: Fix a memory leak in 'host1x_remove()' libbpf: Skip forward declaration when counting duplicated type names powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() powerpc/Makefile: Don't pass -mcpu=powerpc64 when building 32-bit KVM: x86: Fix emulation in writing cr8 KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() hv_balloon: rate-limit "Unhandled message" warning i2c: xiic: Make bus names unique power: supply: wm8350-power: Handle error for wm8350_register_irq power: supply: wm8350-power: Add missing free in free_charger_irq IB/hfi1: Allow larger MTU without AIP PCI: Reduce warnings on possible RW1C corruption net: axienet: fix RX ring refill allocation failure handling mips: DEC: honor CONFIG_MIPS_FP_SUPPORT=n powerpc/sysdev: fix incorrect use to determine if list is empty mfd: mc13xxx: Add check for mc13xxx_irq_request libbpf: Unmap rings when umem deleted selftests/bpf: Make test_lwt_ip_encap more stable and faster platform/x86: huawei-wmi: check the return value of device_create_file() powerpc: 8xx: fix a return value error in mpc8xx_pic_init vxcan: enable local echo for sent CAN frames ath10k: Fix error handling in ath10k_setup_msa_resources mips: cdmm: Fix refcount leak in mips_cdmm_phys_base MIPS: RB532: fix return value of __setup handler MIPS: pgalloc: fix memory leak caused by pgd_free() mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init RDMA/mlx5: Fix memory leak in error flow for subscribe event routine bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full bpf, sockmap: Fix more uncharged while msg has more_data bpf, sockmap: Fix double uncharge the mem of sk_msg samples/bpf, xdpsock: Fix race when running for fix duration of time USB: storage: ums-realtek: fix error code in rts51x_read_mem() can: isotp: return -EADDRNOTAVAIL when reading from unbound socket can: isotp: support MSG_TRUNC flag when reading from socket bareudp: use ipv6_mod_enabled to check if IPv6 enabled selftests/bpf: Fix error reporting from sock_fields programs Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt ipv4: Fix route lookups when handling ICMP redirects and PMTU updates af_netlink: Fix shift out of bounds in group mask calculation i2c: meson: Fix wrong speed use from probe i2c: mux: demux-pinctrl: do not deactivate a master that is not active selftests/bpf/test_lirc_mode2.sh: Exit with proper code PCI: Avoid broken MSI on SB600 USB devices net: bcmgenet: Use stronger register read/writes to assure ordering tcp: ensure PMTU updates are processed during fastopen openvswitch: always update flow key after nat tipc: fix the timer expires after interval 100ms mfd: asic3: Add missing iounmap() on error asic3_mfd_probe mxser: fix xmit_buf leak in activate when LSR == 0xff pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() fsi: aspeed: convert to devm_platform_ioremap_resource fsi: Aspeed: Fix a potential double free misc: alcor_pci: Fix an error handling path cpufreq: qcom-cpufreq-nvmem: fix reading of PVS Valid fuse soundwire: intel: fix wrong register name in intel_shim_wake clk: qcom: ipq8074: fix PCI-E clock oops iio: mma8452: Fix probe failing when an i2c_device_id is used staging:iio:adc:ad7280a: Fix handing of device address bit reversing. pinctrl: renesas: r8a77470: Reduce size for narrow VIN1 channel pinctrl: renesas: checker: Fix miscalculation of number of states clk: qcom: ipq8074: Use floor ops for SDCC1 clock phy: dphy: Correct lpx parameter and its derivatives(ta_{get,go,sure}) serial: 8250_mid: Balance reference count for PCI DMA device serial: 8250_lpss: Balance reference count for PCI DMA device NFS: Use of mapping_set_error() results in spurious errors serial: 8250: Fix race condition in RTS-after-send handling iio: adc: Add check for devm_request_threaded_irq habanalabs: Add check for pci_enable_device NFS: Return valid errors from nfs2/3_decode_dirent() dma-debug: fix return value of __setup handlers clk: imx7d: Remove audio_mclk_root_clk clk: at91: sama7g5: fix parents of PDMCs' GCLK clk: qcom: clk-rcg2: Update logic to calculate D value for RCG clk: qcom: clk-rcg2: Update the frac table for pixel clock dmaengine: hisi_dma: fix MSI allocate fail when reload hisi_dma remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region nvdimm/region: Fix default alignment for small regions clk: actions: Terminate clk_div_table with sentinel element clk: loongson1: Terminate clk_div_table with sentinel element clk: clps711x: Terminate clk_div_table with sentinel element clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver NFS: remove unneeded check in decode_devicenotify_args() staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree staging: mt7621-dts: fix formatting staging: mt7621-dts: fix pinctrl properties for ethernet staging: mt7621-dts: fix GB-PC2 devicetree pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init pinctrl: mediatek: paris: Fix PIN_CONFIG_BIAS_* readback pinctrl: mediatek: paris: Fix "argument" argument type for mtk_pinconf_get() pinctrl: mediatek: paris: Fix pingroup pin config state readback pinctrl: mediatek: paris: Skip custom extra pin config dump for virtual GPIOs pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe tty: hvc: fix return value of __setup handler kgdboc: fix return value of __setup handler serial: 8250: fix XOFF/XON sending when DMA is used kgdbts: fix return value of __setup handler firmware: google: Properly state IOMEM dependency driver core: dd: fix return value of __setup handler jfs: fix divide error in dbNextAG netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error kdb: Fix the putarea helper function clk: qcom: gcc-msm8994: Fix gpll4 width clk: Initialize orphan req_rate xen: fix is_xen_pmu() net: enetc: report software timestamping via SO_TIMESTAMPING net: hns3: fix bug when PF set the duplicate MAC address for VFs net: phy: broadcom: Fix brcm_fet_config_init() selftests: test_vxlan_under_vrf: Fix broken test case qlcnic: dcb: default to returning -EOPNOTSUPP net/x25: Fix null-ptr-deref caused by x25_disconnect NFSv4/pNFS: Fix another issue with a list iterator pointing to the head net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list iterator fs: fd tables have to be multiples of BITS_PER_LONG lib/test: use after free in register_test_dev_kmod() fs: fix fd table size alignment properly LSM: general protection fault in legacy_parse_param regulator: rpi-panel: Handle I2C errors/timing to the Atmel gcc-plugins/stackleak: Exactly match strings instead of prefixes pinctrl: npcm: Fix broken references to chip->parent_device block, bfq: don't move oom_bfqq selinux: use correct type for context length selinux: allow FIOCLEX and FIONCLEX with policy capability loop: use sysfs_emit() in the sysfs xxx show() Fix incorrect type in assignment of ipv6 port for audit irqchip/qcom-pdc: Fix broken locking irqchip/nvic: Release nvic_base upon failure fs/binfmt_elf: Fix AT_PHDR for unusual ELF files bfq: fix use-after-free in bfq_dispatch_request ACPICA: Avoid walking the ACPI Namespace if it is not there lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3 Revert "Revert "block, bfq: honor already-setup queue merges"" ACPI/APEI: Limit printable size of BERT table data PM: core: keep irq flags in device_pm_check_callbacks() parisc: Fix handling off probe non-access faults nvme-tcp: lockdep: annotate in-kernel sockets spi: tegra20: Use of_device_get_match_data() locking/lockdep: Iterate lock_classes directly when reading lockdep files ext4: correct cluster len and clusters changed accounting in ext4_mb_mark_bb ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit ext4: don't BUG if someone dirty pages without asking ext4 first f2fs: fix to do sanity check on curseg->alloc_type NFSD: Fix nfsd_breaker_owns_lease() return values f2fs: compress: fix to print raw data size in error path of lz4 decompression ntfs: add sanity check on allocation size media: staging: media: zoran: move videodev alloc media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com media: staging: media: zoran: fix various V4L2 compliance errors media: ir_toy: free before error exiting video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow video: fbdev: w100fb: Reset global state video: fbdev: cirrusfb: check pixclock to avoid divide by zero video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 ARM: dts: bcm2837: Add the missing L1/L2 cache information ASoC: madera: Add dependencies on MFD media: atomisp_gmin_platform: Add DMI quirk to not turn AXP ELDO2 regulator off on some boards media: atomisp: fix dummy_ptr check to avoid duplicate active_bo ARM: ftrace: avoid redundant loads or clobbering IP ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk arm64: defconfig: build imx-sdma as a module video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit ARM: dts: bcm2711: Add the missing L1/L2 cache information ASoC: soc-core: skip zero num_dai component in searching dai name media: cx88-mpeg: clear interrupt status register before streaming video uaccess: fix type mismatch warnings from access_ok() lib/test_lockup: fix kernel pointer check for separate address spaces ARM: tegra: tamonten: Fix I2C3 pad setting ARM: mmp: Fix failure to remove sram device video: fbdev: sm712fb: Fix crash in smtcfb_write() media: Revert "media: em28xx: add missing em28xx_close_extension" media: hdpvr: initialize dev->worker at hdpvr_register_videodev mmc: host: Return an error when ->enable_sdio_irq() ops is missing media: atomisp: fix bad usage at error handling logic ALSA: hda/realtek: Add alc256-samsung-headphone fixup KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP MMU powerpc/kasan: Fix early region not updated correctly powerpc/lib/sstep: Fix 'sthcx' instruction powerpc/lib/sstep: Fix build errors with newer binutils powerpc: Fix build errors with newer binutils scsi: qla2xxx: Fix stuck session in gpdb scsi: qla2xxx: Fix scheduling while atomic scsi: qla2xxx: Fix wrong FDMI data for 64G adapter scsi: qla2xxx: Fix warning for missing error code scsi: qla2xxx: Fix device reconnect in loop topology scsi: qla2xxx: Add devids and conditionals for 28xx scsi: qla2xxx: Check for firmware dump already collected scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() scsi: qla2xxx: Fix disk failure to rediscover scsi: qla2xxx: Fix incorrect reporting of task management failure scsi: qla2xxx: Fix hang due to session stuck scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests scsi: qla2xxx: Fix N2N inconsistent PLOGI scsi: qla2xxx: Reduce false trigger to login scsi: qla2xxx: Use correct feature type field during RFF_ID processing platform: chrome: Split trace include file KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated KVM: Prevent module exit until all VMs are freed KVM: x86: fix sending PV IPI KVM: SVM: fix panic on out-of-bounds guest IRQ ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM ubifs: rename_whiteout: Fix double free for whiteout_ui->data ubifs: Fix deadlock in concurrent rename whiteout and inode writeback ubifs: Add missing iput if do_tmpfile() failed in rename whiteout ubifs: setflags: Make dirtied_ino_d 8 bytes aligned ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() ubifs: Fix to add refcount once page is set private ubifs: rename_whiteout: correct old_dir size computing wireguard: queueing: use CFI-safe ptr_ring cleanup function wireguard: socket: free skb in send6 when ipv6 is disabled wireguard: socket: ignore v6 endpoints when ipv6 is disabled XArray: Fix xas_create_range() when multi-order entry present can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path can: mcba_usb: properly check endpoint type can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix return of error value XArray: Update the LRU list in xas_split() rtc: check if __rtc_read_time was successful gfs2: Make sure FITRIM minlen is rounded up to fs block size net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware rxrpc: Fix call timer start racing with call destruction mailbox: imx: fix wakeup failure from freeze mode crypto: arm/aes-neonbs-cbc - Select generic cbc and aes watch_queue: Free the page array when watch_queue is dismantled pinctrl: pinconf-generic: Print arguments for bias-pull-* watchdog: rti-wdt: Add missing pm_runtime_disable() in probe function pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl ARM: iop32x: offset IRQ numbers by 1 io_uring: fix memory leak of uid in files registration riscv module: remove (NOLOAD) ACPI: CPPC: Avoid out of bounds access when parsing _CPC data platform/chrome: cros_ec_typec: Check for EC device can: isotp: restore accidentally removed MSG_PEEK feature proc: bootconfig: Add null pointer check staging: mt7621-dts: fix pinctrl-0 items to be size-1 items on ethernet ASoC: soc-compress: Change the check for codec_dai batman-adv: Check ptr for NULL before reducing its refcnt mm/mmap: return 1 from stack_guard_gap __setup() handler ARM: 9187/1: JIVE: fix return value of __setup handler mm/memcontrol: return 1 from cgroup.memory __setup() handler mm/usercopy: return 1 from hardened_usercopy __setup() handler bpf: Adjust BPF stack helper functions to accommodate skip > 0 bpf: Fix comment for helper bpf_current_task_under_cgroup() dt-bindings: mtd: nand-controller: Fix the reg property description dt-bindings: mtd: nand-controller: Fix a comment in the examples dt-bindings: spi: mxic: The interrupt property is not mandatory ubi: fastmap: Return error code if memory allocation fails in add_aeb() ASoC: topology: Allow TLV control to be either read or write ARM: dts: spear1340: Update serial node properties ARM: dts: spear13xx: Update SPI dma properties um: Fix uml_mconsole stop/go docs: sysctl/kernel: add missing bit to panic_print openvswitch: Fixed nd target mask field in the flow dump. KVM: x86/mmu: do compare-and-exchange of gPTE via the user address can: m_can: m_can_tx_handler(): fix use after free of skb can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path coredump: Snapshot the vmas in do_coredump coredump: Remove the WARN_ON in dump_vma_snapshot coredump/elf: Pass coredump_params into fill_note_info coredump: Use the vma snapshot in fill_files_note arm64: Do not defer reserve_crashkernel() for platforms with no DMA memory zones PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup" Linux 5.10.110 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I12fbe227793dd40c0582588e1700cf88cafd0ac6	2022-04-18 17:41:18 +02:00
Miaohe Lin	f7e183b0a7	mm/mempolicy: fix mpol_new leak in shared_policy_replace commit 4ad099559b00ac01c3726e5c95dc3108ef47d03e upstream. If mpol_new is allocated but not used in restart loop, mpol_new will be freed via mpol_put before returning to the caller. But refcnt is not initialized yet, so mpol_put could not do the right things and might leak the unused mpol_new. This would happen if mempolicy was updated on the shared shmem file while the sp->lock has been dropped during the memory allocation. This issue could be triggered easily with the below code snippet if there are many processes doing the below work at the same time: shmid = shmget((key_t)5566, 1024 * PAGE_SIZE, 0666\|IPC_CREAT); shm = shmat(shmid, 0, 0); loop many times { mbind(shm, 1024 * PAGE_SIZE, MPOL_LOCAL, mask, maxnode, 0); mbind(shm + 128 * PAGE_SIZE, 128 * PAGE_SIZE, MPOL_DEFAULT, mask, maxnode, 0); } Link: https://lkml.kernel.org/r/20220329111416.27954-1-linmiaohe@huawei.com Fixes: `42288fe366` ("mm: mempolicy: Convert shared_policy mutex to spinlock") Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> Acked-by: Michal Hocko <mhocko@suse.com> Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Cc: Mel Gorman <mgorman@suse.de> Cc: <stable@vger.kernel.org> [3.8] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2022-04-13 21:01:08 +02:00
Hugh Dickins	4bcefc78c8	mempolicy: mbind_range() set_policy() after vma_merge() commit 4e0906008cdb56381638aa17d9c32734eae6d37a upstream. v2.6.34 commit `9d8cebd4bc` ("mm: fix mbind vma merge problem") introduced vma_merge() to mbind_range(); but unlike madvise, mlock and mprotect, it put a "continue" to next vma where its precedents go to update flags on current vma before advancing: that left vma with the wrong setting in the infamous vma_merge() case 8. v3.10 commit `1444f92c84` ("mm: merging memory blocks resets mempolicy") tried to fix that in vma_adjust(), without fully understanding the issue. v3.11 commit `3964acd0db` ("mm: mempolicy: fix mbind_range() && vma_adjust() interaction") reverted that, and went about the fix in the right way, but chose to optimize out an unnecessary mpol_dup() with a prior mpol_equal() test. But on tmpfs, that also pessimized out the vital call to its ->set_policy(), leaving the new mbind unenforced. The user visible effect was that the pages got allocated on the local node (happened to be 0), after the mbind() caller had specifically asked for them to be allocated on node 1. There was not any page migration involved in the case reported: the pages simply got allocated on the wrong node. Just delete that optimization now (though it could be made conditional on vma not having a set_policy). Also remove the "next" variable: it turned out to be blameless, but also pointless. Link: https://lkml.kernel.org/r/319e4db9-64ae-4bca-92f0-ade85d342ff@google.com Fixes: `3964acd0db` ("mm: mempolicy: fix mbind_range() && vma_adjust() interaction") Signed-off-by: Hugh Dickins <hughd@google.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2022-04-08 14:39:52 +02:00
Greg Kroah-Hartman	9b28b48fb3	This is the 5.10.89 stable release -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmHMRdcACgkQONu9yGCS aT5RlhAAnYAuRi8dGsYUh9jabBfNmquYbr8rV3LM5fNBJBa+JqkGvOlplZ+EmB+O 4xaUY4VfV6R/X/jf4NX5G+2w5EOAzf9h2pGSuBPYL4cpJ4N9n3nlYqktfMP9joHS r6+UJHE0g2CK2hUnDruXSRfiiswyjKuKMgRlVLTctpt/rW3GijwfhmBZhEbSjhZV ALav77ngzjMGic6UtwceJCQIfOnqK0GvkPfD9EWtVWdhMMxoJisNncda2iX/86os PpzyD16QtQK5jIT9vAZof4cavxy2uQcd/n15gejZvfOa0AZ/pop9lVPRfqZqqHJd /bKWzDUi5tUmEAZmUD1s88EnsodR39kVX901oVi0WQ9tMgqatck6zrZSrjjBnAdu khnxQITTM8DqPodQwzFwbK4i5VkRy8xJ+eoJQBSxlvhN/7wy4TTqN3Y2D6/Hkowk 7zkcAUscdHHw+ANZZxB8A/y1Z+ekOIj81OrIUWY3Omfd1hrsoW467KXewrIU4+CH p0OrGSRTcHih69e3QUoFXisnY+czg4vAdZH+5MDnEmDr18vznUP0f9NyF9ucYOr8 wmVWkX9Cut9ZH4Ev3l0QGsgDg7QSrrXvKFtlxKURJbwT93bsVA0pFr/NMa0Aejlp 7xZ+KiBDXt1lNlyI2Dt9VD247HknhTK5zcsqx8Q9UiyrQfD/N7g= =GbaX -----END PGP SIGNATURE----- Merge 5.10.89 into android12-5.10-lts Changes in 5.10.89 arm64: vdso32: drop -no-integrated-as flag arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd net: usb: lan78xx: add Allied Telesis AT29M2-AF ext4: prevent partial update of the extent blocks ext4: check for out-of-order index extents in ext4_valid_extent_entries() ext4: check for inconsistent extents between index and leaf block HID: holtek: fix mouse probing HID: potential dereference of null pointer arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode spi: change clk_disable_unprepare to clk_unprepare ASoC: meson: aiu: fifo: Add missing dma_coerce_mask_and_coherent() IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() RDMA/hns: Replace kfree() with kvfree() netfilter: fix regression in looped (broad\|multi)cast's MAC handling ARM: dts: imx6qdl-wandboard: Fix Ethernet support net: marvell: prestera: fix incorrect return of port_find qlcnic: potential dereference null pointer of rx_queue->page_ring net: accept UFOv6 packages in virtio_net_hdr_to_skb net: skip virtio_net_hdr_set_proto if protocol already set igb: fix deadlock caused by taking RTNL in RPM resume path ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module bonding: fix ad_actor_system option setting to default fjes: Check for error irq drivers: net: smc911x: Check for error irq net: ks8851: Check for error irq sfc: Check null pointer of rx_queue->page_ring sfc: falcon: Check null pointer of rx_queue->page_ring Input: elantech - fix stack out of bound access in elantech_change_report_id() pinctrl: bcm2835: Change init order for gpio hogs hwmon: (lm90) Fix usage of CONFIG2 register in detect function hwmon: (lm90) Add basic support for TI TMP461 hwmon: (lm90) Introduce flag indicating extended temperature support hwmon: (lm90) Drop critical attribute support for MAX6654 ALSA: jack: Check the return value of kstrdup() ALSA: drivers: opl3: Fix incorrect use of vp->state ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 ALSA: hda/realtek: Add new alc285-hp-amp-init model ALSA: hda/realtek: Fix quirk for Clevo NJ51CU ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s Input: atmel_mxt_ts - fix double free in mxt_read_info_block ipmi: bail out if init_srcu_struct fails ipmi: ssif: initialize ssif_info->client early ipmi: fix initialization when workqueue allocation fails parisc: Correct completer in lws start parisc: Fix mask used to select futex spinlock tee: handle lookup of shm with reference count 0 x86/pkey: Fix undefined behaviour with PKRU_WD_BIT platform/x86: intel_pmc_core: fix memleak on registration failure KVM: VMX: Wake vCPU when delivering posted IRQ even if vCPU == this vCPU pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines gpio: dln2: Fix interrupts when replugging the device mmc: sdhci-tegra: Fix switch to HS400ES mode mmc: meson-mx-sdhc: Set MANUAL_STOP for multi-block SDIO commands mmc: core: Disable card detect during shutdown mmc: mmci: stm32: clear DLYB_CR after sending tuning command ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling mac80211: fix locking in ieee80211_start_ap error path mm/hwpoison: clear MF_COUNT_INCREASED before retrying get_any_page() tee: optee: Fix incorrect page free bug f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() ceph: fix up non-directory creation in SGID directories usb: gadget: u_ether: fix race in setting MAC address in setup phase KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state mm: mempolicy: fix THP allocations escaping mempolicy restrictions Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312 Input: goodix - add id->model mapping for the "9111" model ASoC: tas2770: Fix setting of high sample rates ASoC: rt5682: fix the wrong jack type detected pinctrl: mediatek: fix global-out-of-bounds issue hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681 hwmon: (lm90) Do not report 'busy' status bit as alarm ax25: NPD bug when detaching AX25 device hamradio: defer ax25 kfree after unregister_netdev hamradio: improve the incomplete fix to avoid NPD phonet/pep: refuse to enable an unbound pipe Linux 5.10.89 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia55f14e15b207944d78ec600ad4c4c7a79760e56	2021-12-29 14:17:18 +01:00
Andrey Ryabinin	ee6f34215c	mm: mempolicy: fix THP allocations escaping mempolicy restrictions commit 338635340669d5b317c7e8dcf4fff4a0f3651d87 upstream. alloc_pages_vma() may try to allocate THP page on the local NUMA node first: page = __alloc_pages_node(hpage_node, gfp \| __GFP_THISNODE \| __GFP_NORETRY, order); And if the allocation fails it retries allowing remote memory: if (!page && (gfp & __GFP_DIRECT_RECLAIM)) page = __alloc_pages_node(hpage_node, gfp, order); However, this retry allocation completely ignores memory policy nodemask allowing allocation to escape restrictions. The first appearance of this bug seems to be the commit `ac5b2c1891` ("mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings"). The bug disappeared later in the commit `89c83fb539` ("mm, thp: consolidate THP gfp handling into alloc_hugepage_direct_gfpmask") and reappeared again in slightly different form in the commit `76e654cc91` ("mm, page_alloc: allow hugepage fallback to remote nodes when madvised") Fix this by passing correct nodemask to the __alloc_pages() call. The demonstration/reproducer of the problem: $ mount -oremount,size=4G,huge=always /dev/shm/ $ echo always > /sys/kernel/mm/transparent_hugepage/defrag $ cat mbind_thp.c #include <unistd.h> #include <sys/mman.h> #include <sys/stat.h> #include <fcntl.h> #include <assert.h> #include <stdlib.h> #include <stdio.h> #include <numaif.h> #define SIZE 2ULL << 30 int main(int argc, char *argv) { int fd; unsigned long long i; char addr; pid_t pid; char buf[100]; unsigned long nodemask = 1; fd = open("/dev/shm/test", O_RDWR\|O_CREAT); assert(fd > 0); assert(ftruncate(fd, SIZE) == 0); addr = mmap(NULL, SIZE, PROT_READ\|PROT_WRITE, MAP_SHARED, fd, 0); assert(mbind(addr, SIZE, MPOL_BIND, &nodemask, 2, MPOL_MF_STRICT\|MPOL_MF_MOVE)==0); for (i = 0; i < SIZE; i+=4096) { addr[i] = 1; } pid = getpid(); snprintf(buf, sizeof(buf), "grep shm /proc/%d/numa_maps", pid); system(buf); sleep(10000); return 0; } $ gcc mbind_thp.c -o mbind_thp -lnuma $ numactl -H available: 2 nodes (0-1) node 0 cpus: 0 2 node 0 size: 1918 MB node 0 free: 1595 MB node 1 cpus: 1 3 node 1 size: 2014 MB node 1 free: 1731 MB node distances: node 0 1 0: 10 20 1: 20 10 $ rm -f /dev/shm/test; taskset -c 0 ./mbind_thp 7fd970a00000 bind:0 file=/dev/shm/test dirty=524288 active=0 N0=396800 N1=127488 kernelpagesize_kB=4 Link: https://lkml.kernel.org/r/20211208165343.22349-1-arbn@yandex-team.com Fixes: `ac5b2c1891` ("mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings") Signed-off-by: Andrey Ryabinin <arbn@yandex-team.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Mel Gorman <mgorman@techsingularity.net> Acked-by: David Rientjes <rientjes@google.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-12-29 12:26:06 +01:00
Minchan Kim	c6bc1396ce	FROMLIST: mm: replace migrate_[prep\|finish] with lru_cache_[disable\|enable] Currently, migrate_[prep\|finish] is merely a wrapper of lru_cache_[disable\|enable]. There is not much to gain from having additional abstraction. Use lru_cache_[disable\|enable] instead of migrate_[prep\|finish], which would be more descriptive. note: migrate_prep_local in compaction.c changed into lru_add_drain to avoid CPU schedule cost with involving many other CPUs to keep keep old behavior. Bug: 180018981 Link: https://lore.kernel.org/linux-mm/20210319175127.886124-2-minchan@kernel.org/ Acked-by: Michal Hocko <mhocko@suse.com> Reviewed-by: David Hildenbrand <david@redhat.com> Signed-off-by: Minchan Kim <minchan@kernel.org> Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: I2f298c9ff53c8693527f1207ff25ab76a4ac3ada	2021-03-23 04:05:24 +00:00
Minchan Kim	68a4731181	BACKPORT: FROMLIST: mm: disable LRU pagevec during the migration temporarily LRU pagevec holds refcount of pages until the pagevec are drained. It could prevent migration since the refcount of the page is greater than the expection in migration logic. To mitigate the issue, callers of migrate_pages drains LRU pagevec via migrate_prep or lru_add_drain_all before migrate_pages call. However, it's not enough because pages coming into pagevec after the draining call still could stay at the pagevec so it could keep preventing page migration. Since some callers of migrate_pages have retrial logic with LRU draining, the page would migrate at next trail but it is still fragile in that it doesn't close the fundamental race between upcoming LRU pages into pagvec and migration so the migration failure could cause contiguous memory allocation failure in the end. To close the race, this patch disables lru caches(i.e, pagevec) during ongoing migration until migrate is done. Since it's really hard to reproduce, I measured how many times migrate_pages retried with force mode(it is about a fallback to a sync migration) with below debug code. int migrate_pages(struct list_head *from, new_page_t get_new_page, .. .. if (rc && reason == MR_CONTIG_RANGE && pass > 2) { printk(KERN_ERR, "pfn 0x%lx reason %d\n", page_to_pfn(page), rc); dump_page(page, "fail to migrate"); } The test was repeating android apps launching with cma allocation in background every five seconds. Total cma allocation count was about 500 during the testing. With this patch, the dump_page count was reduced from 400 to 30. The new interface is also useful for memory hotplug which currently drains lru pcp caches after each migration failure. This is rather suboptimal as it has to disrupt others running during the operation. With the new interface the operation happens only once. This is also in line with pcp allocator cache which are disabled for the offlining as well. Bug: 180018981 Link: https://lore.kernel.org/linux-mm/20210319175127.886124-1-minchan@kernel.org/ Reviewed-by: Chris Goldsworthy <cgoldswo@codeaurora.org> Acked-by: Michal Hocko <mhocko@suse.com> Signed-off-by: Minchan Kim <minchan@kernel.org> Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: I838c63d11ca49a8734d8b37a7d5272ab6b802f9f	2021-03-23 04:05:15 +00:00
Minchan Kim	d3c1bf42af	Revert "FROMLIST: mm: replace migrate_prep with lru_add_drain_all" This reverts commit `134ac2d4dc`. Bug: 180018981 Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: I579c72398447f770c235e4fefd246f1dbbd250d0	2021-03-23 04:05:07 +00:00
Minchan Kim	7ed55d7025	Revert "BACKPORT: FROMLIST: mm: disable LRU pagevec during the migration temporarily" This reverts commit `3039d8580c`. Bug: 180018981 Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: Iadadd7f4c7aafa439afd7a1c3e575e5e31602bef	2021-03-23 04:04:58 +00:00
Minchan Kim	3039d8580c	BACKPORT: FROMLIST: mm: disable LRU pagevec during the migration temporarily LRU pagevec holds refcount of pages until the pagevec are drained. It could prevent migration since the refcount of the page is greater than the expection in migration logic. To mitigate the issue, callers of migrate_pages drains LRU pagevec via migrate_prep or lru_add_drain_all before migrate_pages call. However, it's not enough because pages coming into pagevec after the draining call still could stay at the pagevec so it could keep preventing page migration. Since some callers of migrate_pages have retrial logic with LRU draining, the page would migrate at next trail but it is still fragile in that it doesn't close the fundamental race between upcoming LRU pages into pagvec and migration so the migration failure could cause contiguous memory allocation failure in the end. To close the race, this patch disables lru caches(i.e, pagevec) during ongoing migration until migrate is done. Since it's really hard to reproduce, I measured how many times migrate_pages retried with force mode(it is about a fallback to a sync migration) with below debug code. int migrate_pages(struct list_head *from, new_page_t get_new_page, .. .. if (rc && reason == MR_CONTIG_RANGE && pass > 2) { printk(KERN_ERR, "pfn 0x%lx reason %d\n", page_to_pfn(page), rc); dump_page(page, "fail to migrate"); } The test was repeating android apps launching with cma allocation in background every five seconds. Total cma allocation count was about 500 during the testing. With this patch, the dump_page count was reduced from 400 to 30. The new interface is also useful for memory hotplug which currently drains lru pcp caches after each migration failure. This is rather suboptimal as it has to disrupt others running during the operation. With the new interface the operation happens only once. This is also in line with pcp allocator cache which are disabled for the offlining as well. Bug: 180018981 Link: https://lore.kernel.org/linux-mm/20210310161429.399432-2-minchan@kernel.org/ [minchan: Resolved conflict in mm/memory_hotplug.c, mm/swap.c] Signed-off-by: Minchan Kim <minchan@kernel.org> Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: Ie1e09cf26e3105b674a9aed4ac65070efee608af	2021-03-12 12:35:53 -08:00
Minchan Kim	134ac2d4dc	FROMLIST: mm: replace migrate_prep with lru_add_drain_all Currently, migrate_prep is merely a wrapper of lru_cache_add_all. There is not much to gain from having additional abstraction. Use lru_add_drain_all instead of migrate_prep, which would be more descriptive. note: migrate_prep_local in compaction.c changed into lru_add_drain to avoid CPU schedule cost with involving many other CPUs to keep keep old behavior. Bug: 180018981 Link: https://lore.kernel.org/linux-mm/20210310161429.399432-1-minchan@kernel.org/ Signed-off-by: Minchan Kim <minchan@kernel.org> Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: I1bd3fcb13993e8a7a7961ceec817ac17304364cb	2021-03-12 12:35:53 -08:00
Jan Stancek	a71a3e1ce6	UPSTREAM: mm: migrate: initialize err in do_migrate_pages After commit 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}")', do_migrate_pages can return uninitialized variable 'err' (which is propagated to user-space as error) when 'from' and 'to' nodesets are identical. This can be reproduced with LTP migrate_pages01, which calls migrate_pages() with same set for both old/new_nodes. Add 'err' initialization back. Bug: 180018981 Link: https://lkml.kernel.org/r/456a021c7ef3636d7668cec9dcb4a446a4244812.1609855564.git.jstancek@redhat.com Fixes: 236c32eb1096 ("mm: migrate: clean up migrate_prep{_local}") Signed-off-by: Jan Stancek <jstancek@redhat.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Yang Shi <shy828301@gmail.com> Cc: Zi Yan <ziy@nvidia.com> Cc: Jan Kara <jack@suse.cz> Cc: Matthew Wilcox <willy@infradead.org> Cc: Mel Gorman <mgorman@suse.de> Cc: Song Liu <songliubraving@fb.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit f555befd185dc097ede887eb7b308c2e1c1369d4) Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: Ia0b7012dc4191bf3af5ca015939d9e37a1f7ec43	2021-03-12 12:35:52 -08:00
Yang Shi	059eaf82c0	UPSTREAM: mm: migrate: clean up migrate_prep{_local} The migrate_prep{_local} never fails, so it is pointless to have return value and check the return value. Bug: 180018981 Link: https://lkml.kernel.org/r/20201113205359.556831-5-shy828301@gmail.com Signed-off-by: Yang Shi <shy828301@gmail.com> Reviewed-by: Zi Yan <ziy@nvidia.com> Cc: Jan Kara <jack@suse.cz> Cc: Matthew Wilcox <willy@infradead.org> Cc: Mel Gorman <mgorman@suse.de> Cc: Michal Hocko <mhocko@suse.com> Cc: Song Liu <songliubraving@fb.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 236c32eb109696590b7428957eda50cc05e22af8) Signed-off-by: Minchan Kim <minchan@google.com> Change-Id: I26ae0a4240c704e6127b51532e5de8ba778edd6e	2021-03-12 12:35:52 -08:00
Laurent Dufour	9cfe16897f	FROMLIST: mm: protect VMA modifications using VMA sequence count The VMA sequence count has been introduced to allow fast detection of VMA modification when running a page fault handler without holding the mmap_sem. This patch provides protection against the VMA modification done in : - madvise() - mpol_rebind_policy() - vma_replace_policy() - change_prot_numa() - mlock(), munlock() - mprotect() - mmap_region() - collapse_huge_page() - userfaultd registering services In addition, VMA fields which will be read during the speculative fault path needs to be written using WRITE_ONCE to prevent write to be split and intermediate values to be pushed to other CPUs. Change-Id: Ic36046b7254e538b6baf7144c50ae577ee7f2074 Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com> Link: https://lore.kernel.org/lkml/1523975611-15978-10-git-send-email-ldufour@linux.vnet.ibm.com/ Bug: 161210518 Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org> Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>	2021-01-22 17:59:47 +00:00
Greg Kroah-Hartman	07933490ae	Merge `4ef8451b33` ("Merge tag 'perf-tools-for-v5.10-2020-11-03' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux") into android-mainline Steps on the way to 5.10-rc3 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia09418a96a25f6c602af953db5d3258e032c0f30	2020-11-06 08:00:53 +01:00
Shijie Luo	3f08842098	mm: mempolicy: fix potential pte_unmap_unlock pte error When flags in queue_pages_pte_range don't have MPOL_MF_MOVE or MPOL_MF_MOVE_ALL bits, code breaks and passing origin pte - 1 to pte_unmap_unlock seems like not a good idea. queue_pages_pte_range can run in MPOL_MF_MOVE_ALL mode which doesn't migrate misplaced pages but returns with EIO when encountering such a page. Since commit `a7f40cfe3b` ("mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified") and early break on the first pte in the range results in pte_unmap_unlock on an underflow pte. This can lead to lockups later on when somebody tries to lock the pte resp. page_table_lock again.. Fixes: `a7f40cfe3b` ("mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified") Signed-off-by: Shijie Luo <luoshijie1@huawei.com> Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Oscar Salvador <osalvador@suse.de> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Miaohe Lin <linmiaohe@huawei.com> Cc: Feilong Lin <linfeilong@huawei.com> Cc: Shijie Luo <luoshijie1@huawei.com> Cc: <stable@vger.kernel.org> Link: https://lkml.kernel.org/r/20201019074853.50856-1-luoshijie1@huawei.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-11-02 12:14:19 -08:00
Greg Kroah-Hartman	75c90a8c3a	Merge `d5660df4a5` ("Merge branch 'akpm' (patches from Andrew)") into android-mainline steps on the way to 5.10-rc1 Change-Id: Iddc84c25b6a9d71fa8542b927d6f69c364131c3d Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>	2020-10-25 11:57:29 +01:00
Wei Yang	f8fd52535c	mm: remove unused alloc_page_vma_node() No one use this macro anymore. Also fix code style of policy_node(). Signed-off-by: Wei Yang <richard.weiyang@linux.alibaba.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Link: https://lkml.kernel.org/r/20200921021401.84508-1-richard.weiyang@linux.alibaba.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-10-13 18:38:34 -07:00
Wei Yang	78b132e9ba	mm/mempolicy: remove or narrow the lock on current It is not necessary to hold the lock of current when setting nodemask of a new policy. Signed-off-by: Wei Yang <richard.weiyang@linux.alibaba.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Link: https://lkml.kernel.org/r/20200921040416.86185-1-richard.weiyang@linux.alibaba.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-10-13 18:38:34 -07:00
Greg Kroah-Hartman	df7e491a37	Merge `4b6c093e21` ("Merge tag 'block-5.9-2020-08-14' of git://git.kernel.dk/linux-block") into android-mainline Steps on the way to 5.9-rc1 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I904678b5c31139b25fb49ee67cbacb4721a3c7bc	2020-08-17 09:19:35 +02:00
Matthew Wilcox (Oracle)	6c357848b4	mm: replace hpage_nr_pages with thp_nr_pages The thp prefix is more frequently used than hpage and we should be consistent between the various functions. [akpm@linux-foundation.org: fix mm/migrate.c] Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: William Kucharski <william.kucharski@oracle.com> Reviewed-by: Zi Yan <ziy@nvidia.com> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: David Hildenbrand <david@redhat.com> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Link: http://lkml.kernel.org/r/20200629151959.15779-6-willy@infradead.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-08-14 19:56:56 -07:00
Greg Kroah-Hartman	418b4bd4a0	Merge `dc06fe51d2` ("Merge tag 'rtc-5.9' of git://git.kernel.org/pub/scm/linux/kernel/git/abelloni/linux") into android-mainline Steps on the way to 5.9-rc1. Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Iceded779988ff472863b7e1c54e22a9fa6383a30	2020-08-13 09:09:55 +02:00
Joonsoo Kim	a097631160	mm/mempolicy: use a standard migration target allocation callback There is a well-defined migration target allocation callback. Use it. Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@lge.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: Christoph Hellwig <hch@infradead.org> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Cc: Roman Gushchin <guro@fb.com> Link: http://lkml.kernel.org/r/1594622517-20681-7-git-send-email-iamjoonsoo.kim@lge.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-08-12 10:58:02 -07:00
Joonsoo Kim	d92bbc2719	mm/hugetlb: unify migration callbacks There is no difference between two migration callback functions, alloc_huge_page_node() and alloc_huge_page_nodemask(), except __GFP_THISNODE handling. It's redundant to have two almost similar functions in order to handle this flag. So, this patch tries to remove one by introducing a new argument, gfp_mask, to alloc_huge_page_nodemask(). After introducing gfp_mask argument, it's caller's job to provide correct gfp_mask. So, every callsites for alloc_huge_page_nodemask() are changed to provide gfp_mask. Note that it's safe to remove a node id check in alloc_huge_page_node() since there is no caller passing NUMA_NO_NODE as a node id. Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@lge.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz@oracle.com> Reviewed-by: Vlastimil Babka <vbabka@suse.cz> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Christoph Hellwig <hch@infradead.org> Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Cc: Roman Gushchin <guro@fb.com> Link: http://lkml.kernel.org/r/1594622517-20681-4-git-send-email-iamjoonsoo.kim@lge.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-08-12 10:58:02 -07:00
Wenchao Hao	4605f057aa	mm/mempolicy.c: check parameters first in kernel_get_mempolicy Previous implementatoin calls untagged_addr() before error check, while if the error check failed and return EINVAL, the untagged_addr() call is just useless work. Signed-off-by: Wenchao Hao <haowenchao22@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Link: http://lkml.kernel.org/r/20200801090825.5597-1-haowenchao22@gmail.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-08-12 10:57:56 -07:00
Krzysztof Kozlowski	f6e92f4048	mm: mempolicy: fix kerneldoc of numa_map_to_online_node() Fix W=1 compile warnings (invalid kerneldoc): mm/mempolicy.c:137: warning: Function parameter or member 'node' not described in 'numa_map_to_online_node' mm/mempolicy.c:137: warning: Excess function parameter 'nid' description in 'numa_map_to_online_node' Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Link: http://lkml.kernel.org/r/20200728171109.28687-3-krzk@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-08-12 10:57:56 -07:00
Muchun Song	8ca39e6874	mm/hugetlb: add mempolicy check in the reservation routine In the reservation routine, we only check whether the cpuset meets the memory allocation requirements. But we ignore the mempolicy of MPOL_BIND case. If someone mmap hugetlb succeeds, but the subsequent memory allocation may fail due to mempolicy restrictions and receives the SIGBUS signal. This can be reproduced by the follow steps. 1) Compile the test case. cd tools/testing/selftests/vm/ gcc map_hugetlb.c -o map_hugetlb 2) Pre-allocate huge pages. Suppose there are 2 numa nodes in the system. Each node will pre-allocate one huge page. echo 2 > /proc/sys/vm/nr_hugepages 3) Run test case(mmap 4MB). We receive the SIGBUS signal. numactl --membind=3D0 ./map_hugetlb 4 With this patch applied, the mmap will fail in the step 3) and throw "mmap: Cannot allocate memory". [akpm@linux-foundation.org: include sched.h for `current'] Reported-by: Jianchao Guo <guojianchao@bytedance.com> Suggested-by: Michal Hocko <mhocko@kernel.org> Signed-off-by: Muchun Song <songmuchun@bytedance.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz@oracle.com> Cc: David Rientjes <rientjes@google.com> Cc: Mel Gorman <mgorman@suse.de> Cc: Michel Lespinasse <walken@google.com> Cc: Baoquan He <bhe@redhat.com> Link: http://lkml.kernel.org/r/20200728034938.14993-1-songmuchun@bytedance.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-08-12 10:57:55 -07:00
Greg Kroah-Hartman	f04a11ac99	Merge `7b4ea9456d` ("Revert "x86/mm/64: Do not sync vmalloc/ioremap mappings"") into android-mainline Steps on the way to 5.9-rc1 Resolves conflicts in: drivers/irqchip/qcom-pdc.c include/linux/device.h net/xfrm/xfrm_state.c security/lsm_audit.c Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4aeb3d04f4717714a421721eb3ce690c099bb30a	2020-08-07 16:01:35 +02:00
Kees Cook	3f649ab728	treewide: Remove uninitialized_var() usage Using uninitialized_var() is dangerous as it papers over real bugs[1] (or can in the future), and suppresses unrelated compiler warnings (e.g. "unused variable"). If the compiler thinks it is uninitialized, either simply initialize the variable or make compiler changes. In preparation for removing[2] the[3] macro[4], remove all remaining needless uses with the following script: git grep '\buninitialized_var\b' \| cut -d: -f1 \| sort -u \| \ xargs perl -pi -e \ 's/\buninitialized_var$([^$]+)\)/\1/g; s:\s/\ (GCC be quiet\|to make compiler happy) \*/$::g;' drivers/video/fbdev/riva/riva_hw.c was manually tweaked to avoid pathological white-space. No outstanding warnings were found building allmodconfig with GCC 9.3.0 for x86_64, i386, arm64, arm, powerpc, powerpc64le, s390x, mips, sparc64, alpha, and m68k. [1] https://lore.kernel.org/lkml/20200603174714.192027-1-glider@google.com/ [2] https://lore.kernel.org/lkml/CA+55aFw+Vbj0i=1TGqCR5vQkCzWJ0QxK6CernOU6eedsudAixw@mail.gmail.com/ [3] https://lore.kernel.org/lkml/CA+55aFwgbgqhbp1fkxvRKEpzyR5J8n1vKT1VZdz9knmPuXhOeg@mail.gmail.com/ [4] https://lore.kernel.org/lkml/CA+55aFz2500WfbKXAx8s67wrm9=yVJu65TpLgN_ybYNv0VEOKA@mail.gmail.com/ Reviewed-by: Leon Romanovsky <leonro@mellanox.com> # drivers/infiniband and mlx4/mlx5 Acked-by: Jason Gunthorpe <jgg@mellanox.com> # IB Acked-by: Kalle Valo <kvalo@codeaurora.org> # wireless drivers Reviewed-by: Chao Yu <yuchao0@huawei.com> # erofs Signed-off-by: Kees Cook <keescook@chromium.org>	2020-07-16 12:35:15 -07:00
Greg Kroah-Hartman	a253db8915	Merge `ad57a1022f` ("Merge tag 'exfat-for-5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat") into android-mainline Steps on the way to 5.8-rc1. Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4bc42f572167ea2f815688b4d1eb6124b6d260d4	2020-06-24 17:54:12 +02:00
Greg Kroah-Hartman	1ec3464acb	Merge `ee01c4d72a` ("Merge branch 'akpm' (patches from Andrew)") into android-mainline Steps along the way to 5.8-rc1. Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I6cca4fa48322228c8182201d68dc05f9b72cfc50	2020-06-22 15:13:57 +02:00
Michel Lespinasse	c1e8d7c6a7	mmap locking API: convert mmap_sem comments Convert comments that reference mmap_sem to reference mmap_lock instead. [akpm@linux-foundation.org: fix up linux-next leftovers] [akpm@linux-foundation.org: s/lockaphore/lock/, per Vlastimil] [akpm@linux-foundation.org: more linux-next fixups, per Michel] Signed-off-by: Michel Lespinasse <walken@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Vlastimil Babka <vbabka@suse.cz> Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com> Cc: Davidlohr Bueso <dbueso@suse.de> Cc: David Rientjes <rientjes@google.com> Cc: Hugh Dickins <hughd@google.com> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Jerome Glisse <jglisse@redhat.com> Cc: John Hubbard <jhubbard@nvidia.com> Cc: Laurent Dufour <ldufour@linux.ibm.com> Cc: Liam Howlett <Liam.Howlett@oracle.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ying Han <yinghan@google.com> Link: http://lkml.kernel.org/r/20200520052908.204642-13-walken@google.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-06-09 09:39:14 -07:00
Michel Lespinasse	3e4e28c5a8	mmap locking API: convert mmap_sem API comments Convert comments that reference old mmap_sem APIs to reference corresponding new mmap locking APIs instead. Signed-off-by: Michel Lespinasse <walken@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Vlastimil Babka <vbabka@suse.cz> Reviewed-by: Davidlohr Bueso <dbueso@suse.de> Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com> Cc: David Rientjes <rientjes@google.com> Cc: Hugh Dickins <hughd@google.com> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Jerome Glisse <jglisse@redhat.com> Cc: John Hubbard <jhubbard@nvidia.com> Cc: Laurent Dufour <ldufour@linux.ibm.com> Cc: Liam Howlett <Liam.Howlett@oracle.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ying Han <yinghan@google.com> Link: http://lkml.kernel.org/r/20200520052908.204642-12-walken@google.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-06-09 09:39:14 -07:00
Michel Lespinasse	d8ed45c5dc	mmap locking API: use coccinelle to convert mmap_sem rwsem call sites This change converts the existing mmap_sem rwsem calls to use the new mmap locking API instead. The change is generated using coccinelle with the following rule: // spatch --sp-file mmap_lock_api.cocci --in-place --include-headers --dir . @@ expression mm; @@ ( -init_rwsem +mmap_init_lock \| -down_write +mmap_write_lock \| -down_write_killable +mmap_write_lock_killable \| -down_write_trylock +mmap_write_trylock \| -up_write +mmap_write_unlock \| -downgrade_write +mmap_write_downgrade \| -down_read +mmap_read_lock \| -down_read_killable +mmap_read_lock_killable \| -down_read_trylock +mmap_read_trylock \| -up_read +mmap_read_unlock ) -(&mm->mmap_sem) +(mm) Signed-off-by: Michel Lespinasse <walken@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com> Reviewed-by: Laurent Dufour <ldufour@linux.ibm.com> Reviewed-by: Vlastimil Babka <vbabka@suse.cz> Cc: Davidlohr Bueso <dbueso@suse.de> Cc: David Rientjes <rientjes@google.com> Cc: Hugh Dickins <hughd@google.com> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Jerome Glisse <jglisse@redhat.com> Cc: John Hubbard <jhubbard@nvidia.com> Cc: Liam Howlett <Liam.Howlett@oracle.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Ying Han <yinghan@google.com> Link: http://lkml.kernel.org/r/20200520052908.204642-5-walken@google.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-06-09 09:39:14 -07:00
Michal Hocko	2d3a36a479	mm, mempolicy: fix up gup usage in lookup_node `ba841078cd` ("mm/mempolicy: Allow lookup_node() to handle fatal signal") has added a special casing for 0 return value because that was a possible gup return value when interrupted by fatal signal. This has been fixed by `ae46d2aa6a` ("mm/gup: Let __get_user_pages_locked() return -EINTR for fatal signal") in the mean time so `ba841078cd` can be reverted. This patch however doesn't go all the way to revert it because the check for 0 is wrong and confusing here. Firstly it is inherently unsafe to access the page when get_user_pages_locked returns 0 (aka no page returned). Fortunatelly this will not happen because get_user_pages_locked will not return 0 when nr_pages > 0 unless FOLL_NOWAIT is specified which is not the case here. Document this potential error code in gup code while we are at it. Signed-off-by: Michal Hocko <mhocko@suse.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Cc: Peter Xu <peterx@redhat.com> Link: http://lkml.kernel.org/r/20200421071026.18394-1-mhocko@kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-06-03 20:09:49 -07:00
Greg Kroah-Hartman	2724136fc5	Merge `5d30bcacd9` ("Merge tag '9p-for-5.7-2' of git://github.com/martinetd/linux") into android-mainline Baby steps on the way to 5.7-rc1 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I89095a90046a14eab189aab257a75b3dfdb5b1db	2020-04-10 11:53:08 +02:00
Linus Torvalds	9b06860d7c	libnvdimm for 5.7 - Add support for region alignment configuration and enforcement to fix compatibility across architectures and PowerPC page size configurations. - Introduce 'zero_page_range' as a dax operation. This facilitates filesystem-dax operation without a block-device. - Introduce phys_to_target_node() to facilitate drivers that want to know resulting numa node if a given reserved address range was onlined. - Advertise a persistence-domain for of_pmem and papr_scm. The persistence domain indicates where cpu-store cycles need to reach in the platform-memory subsystem before the platform will consider them power-fail protected. - Promote numa_map_to_online_node() to a cross-kernel generic facility. - Save x86 numa information to allow for node-id lookups for reserved memory ranges, deploy that capability for the e820-pmem driver. - Pick up some miscellaneous minor fixes, that missed v5.6-final, including a some smatch reports in the ioctl path and some unit test compilation fixups. - Fixup some flexible-array declarations. -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEf41QbsdZzFdA8EfZHtKRamZ9iAIFAl6LtIAACgkQHtKRamZ9 iAIwRA/8CLVVuQpgHQ1tqK4h8CZPrISFXh7wy7uhocEU2xrDh6iGVnLztmoLRr2k 5f8T9lRzreSAwIVL5DbGqP1pFncqIt9VMnKsFlaPMBGCBNR+hURY0iBCNjIT+jiq BOzLd52MR2rqJxeXGTMUbWrBrbmuj4mZPdmGVuFFe7GFRpoaVpCgOo+296eWa/ot gIOFUTonZY7STYjNvDok0TXCmiCFuJb+P+y5ldfCPShHvZhTiaF53jircja8vAjO G5dt8ixBKUK0rXRc4SEQsQhAZNcAFHb6Gy5lg4C2QzhTF374xTc9usJZNWbIE9iM 5mipBYvjVuoY+XaCNZDkaRcJIy/jqB15O6l3QIWbZLGaK9m95YPp9LmkPFwd3JpO e3rO24ML471DxqB9iWIiJCNcBBocLOlnd6qAQTpppWDpGNbudwXvfsmKHmKIScSE x+IDCdscLmmm+WG2dLmLraWOVPu42xZFccoQCi4M3TTqfeB9pZ9XckFQ37zX62zG 5t+7Ek+t1W4QVt/JQYVKH03XT15sqUpVknvx0Hl4Y5TtbDOkFLkO8RN0/HyExDef 7iegS35kqTsM4EfZQ+9juKbI2JBAjHANcbj0V4dogqaRj6vr3akumBzUtuYqAofv qU3s9skmLsEemOJC+ns2PT8vl5dyIoeDfH0r2XvGWxYqolMqJpA= =sY4N -----END PGP SIGNATURE----- Merge tag 'libnvdimm-for-5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm Pull libnvdimm and dax updates from Dan Williams: "There were multiple touches outside of drivers/nvdimm/ this round to add cross arch compatibility to the devm_memremap_pages() interface, enhance numa information for persistent memory ranges, and add a zero_page_range() dax operation. This cycle I switched from the patchwork api to Konstantin's b4 script for collecting tags (from x86, PowerPC, filesystem, and device-mapper folks), and everything looks to have gone ok there. This has all appeared in -next with no reported issues. Summary: - Add support for region alignment configuration and enforcement to fix compatibility across architectures and PowerPC page size configurations. - Introduce 'zero_page_range' as a dax operation. This facilitates filesystem-dax operation without a block-device. - Introduce phys_to_target_node() to facilitate drivers that want to know resulting numa node if a given reserved address range was onlined. - Advertise a persistence-domain for of_pmem and papr_scm. The persistence domain indicates where cpu-store cycles need to reach in the platform-memory subsystem before the platform will consider them power-fail protected. - Promote numa_map_to_online_node() to a cross-kernel generic facility. - Save x86 numa information to allow for node-id lookups for reserved memory ranges, deploy that capability for the e820-pmem driver. - Pick up some miscellaneous minor fixes, that missed v5.6-final, including a some smatch reports in the ioctl path and some unit test compilation fixups. - Fixup some flexible-array declarations" * tag 'libnvdimm-for-5.7' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm: (29 commits) dax: Move mandatory ->zero_page_range() check in alloc_dax() dax,iomap: Add helper dax_iomap_zero() to zero a range dax: Use new dax zero page method for zeroing a page dm,dax: Add dax zero_page_range operation s390,dcssblk,dax: Add dax zero_page_range operation to dcssblk driver dax, pmem: Add a dax operation zero_page_range pmem: Add functions for reading/writing page to/from pmem libnvdimm: Update persistence domain value for of_pmem and papr_scm device tools/test/nvdimm: Fix out of tree build libnvdimm/region: Fix build error libnvdimm/region: Replace zero-length array with flexible-array member libnvdimm/label: Replace zero-length array with flexible-array member ACPI: NFIT: Replace zero-length array with flexible-array member libnvdimm/region: Introduce an 'align' attribute libnvdimm/region: Introduce NDD_LABELING libnvdimm/namespace: Enforce memremap_compat_align() libnvdimm/pfn: Prevent raw mode fallback if pfn-infoblock valid libnvdimm: Out of bounds read in __nd_ioctl() acpi/nfit: improve bounds checking for 'func' mm/memremap_pages: Introduce memremap_compat_align() ...	2020-04-08 21:03:40 -07:00
Peter Xu	ba841078cd	mm/mempolicy: Allow lookup_node() to handle fatal signal lookup_node() uses gup to pin the page and get node information. It checks against ret>=0 assuming the page will be filled in. However it's also possible that gup will return zero, for example, when the thread is quickly killed with a fatal signal. Teach lookup_node() to gracefully return an error -EFAULT if it happens. Meanwhile, initialize "page" to NULL to avoid potential risk of exploiting the pointer. Fixes: `4426e945df` ("mm/gup: allow VM_FAULT_RETRY for multiple times") Reported-by: syzbot+693dc11fcb53120b5559@syzkaller.appspotmail.com Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-04-07 19:34:31 -07:00
Joe Perches	e4a9bc5896	mm: use fallthrough; Convert the various /* fallthrough */ comments to the pseudo-keyword fallthrough; Done via script: https://lore.kernel.org/lkml/b56602fcf79f849e733e7b521bb0e17895d390fa.1582230379.git.joe@perches.com/ Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Gustavo A. R. Silva <gustavo@embeddedor.com> Link: http://lkml.kernel.org/r/f62fea5d10eb0ccfc05d87c242a620c261219b66.camel@perches.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-04-07 10:43:41 -07:00
Jules Irenge	959a7e136d	mm/mempolicy: add missing annotation for queue_pages_pmd() Sparse reports a warning at queue_pages_pmd() context imbalance in queue_pages_pmd() - unexpected unlock The root cause is the missing annotation at queue_pages_pmd() Add the missing __releases(ptl) Signed-off-by: Jules Irenge <jbi.octave@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Link: http://lkml.kernel.org/r/20200214204741.94112-8-jbi.octave@gmail.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-04-07 10:43:41 -07:00
Peter Xu	58705444c4	mm: merge parameters for change_protection() change_protection() was used by either the NUMA or mprotect() code, there's one parameter for each of the callers (dirty_accountable and prot_numa). Further, these parameters are passed along the calls: - change_protection_range() - change_p4d_range() - change_pud_range() - change_pmd_range() - ... Now we introduce a flag for change_protect() and all these helpers to replace these parameters. Then we can avoid passing multiple parameters multiple times along the way. More importantly, it'll greatly simplify the work if we want to introduce any new parameters to change_protection(). In the follow up patches, a new parameter for userfaultfd write protection will be introduced. No functional change at all. Signed-off-by: Peter Xu <peterx@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Reviewed-by: Jerome Glisse <jglisse@redhat.com> Cc: Andrea Arcangeli <aarcange@redhat.com> Cc: Bobby Powers <bobbypowers@gmail.com> Cc: Brian Geffon <bgeffon@google.com> Cc: David Hildenbrand <david@redhat.com> Cc: Denis Plotnikov <dplotnikov@virtuozzo.com> Cc: "Dr . David Alan Gilbert" <dgilbert@redhat.com> Cc: Hugh Dickins <hughd@google.com> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: "Kirill A . Shutemov" <kirill@shutemov.name> Cc: Martin Cracauer <cracauer@cons.org> Cc: Marty McFadden <mcfadden8@llnl.gov> Cc: Maya Gokhale <gokhale2@llnl.gov> Cc: Mel Gorman <mgorman@suse.de> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: Mike Rapoport <rppt@linux.vnet.ibm.com> Cc: Pavel Emelyanov <xemul@openvz.org> Cc: Rik van Riel <riel@redhat.com> Cc: Shaohua Li <shli@fb.com> Link: http://lkml.kernel.org/r/20200220163112.11409-7-peterx@redhat.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-04-07 10:43:39 -07:00
Huang Ying	9de4f22a60	mm: code cleanup for MADV_FREE Some comments for MADV_FREE is revised and added to help people understand the MADV_FREE code, especially the page flag, PG_swapbacked. This makes page_is_file_cache() isn't consistent with its comments. So the function is renamed to page_is_file_lru() to make them consistent again. All these are put in one patch as one logical change. Suggested-by: David Hildenbrand <david@redhat.com> Suggested-by: Johannes Weiner <hannes@cmpxchg.org> Suggested-by: David Rientjes <rientjes@google.com> Signed-off-by: "Huang, Ying" <ying.huang@intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Johannes Weiner <hannes@cmpxchg.org> Acked-by: David Rientjes <rientjes@google.com> Acked-by: Michal Hocko <mhocko@kernel.org> Acked-by: Pankaj Gupta <pankaj.gupta.linux@gmail.com> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Mel Gorman <mgorman@suse.de> Cc: Minchan Kim <minchan@kernel.org> Cc: Hugh Dickins <hughd@google.com> Cc: Rik van Riel <riel@surriel.com> Link: http://lkml.kernel.org/r/20200317100342.2730705-1-ying.huang@intel.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-04-07 10:43:38 -07:00
Anshuman Khandual	3122e80efc	mm/vma: make vma_is_accessible() available for general use Lets move vma_is_accessible() helper to include/linux/mm.h which makes it available for general use. While here, this replaces all remaining open encodings for VMA access check with vma_is_accessible(). Signed-off-by: Anshuman Khandual <anshuman.khandual@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Geert Uytterhoeven <geert@linux-m68k.org> Acked-by: Guo Ren <guoren@kernel.org> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: Guo Ren <guoren@kernel.org> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Paul Burton <paulburton@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: Yoshinori Sato <ysato@users.sourceforge.jp> Cc: Rich Felker <dalias@libc.org> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Ingo Molnar <mingo@redhat.com> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Mel Gorman <mgorman@suse.de> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Nick Piggin <npiggin@gmail.com> Cc: Paul Mackerras <paulus@ozlabs.org> Cc: Will Deacon <will@kernel.org> Link: http://lkml.kernel.org/r/1582520593-30704-3-git-send-email-anshuman.khandual@arm.com Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>	2020-04-07 10:43:37 -07:00

1 2 3 4 5 ...

478 Commits