lineage-22.0
16961 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Peter Collingbourne
|
ca53b8f1b4 |
BACKPORT: mm: make minimum slab alignment a runtime property
When CONFIG_KASAN_HW_TAGS is enabled we currently increase the minimum slab alignment to 16. This happens even if MTE is not supported in hardware or disabled via kasan=off, which creates an unnecessary memory overhead in those cases. Eliminate this overhead by making the minimum slab alignment a runtime property and only aligning to 16 if KASAN is enabled at runtime. On a DragonBoard 845c (non-MTE hardware) with a kernel built with CONFIG_KASAN_HW_TAGS, waiting for quiescence after a full Android boot I see the following Slab measurements in /proc/meminfo (median of 3 reboots): Before: 169020 kB After: 167304 kB [akpm@linux-foundation.org: make slab alignment type `unsigned int' to avoid casting] Link: https://linux-review.googlesource.com/id/I752e725179b43b144153f4b6f584ceb646473ead Link: https://lkml.kernel.org/r/20220427195820.1716975-2-pcc@google.com Signed-off-by: Peter Collingbourne <pcc@google.com> Reviewed-by: Andrey Konovalov <andreyknvl@gmail.com> Reviewed-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Tested-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Acked-by: David Rientjes <rientjes@google.com> Reviewed-by: Catalin Marinas <catalin.marinas@arm.com> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: Pekka Enberg <penberg@kernel.org> Cc: Roman Gushchin <roman.gushchin@linux.dev> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Eric W. Biederman <ebiederm@xmission.com> Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Bug: 265364138 (cherry picked from commit d949a8155d139aa890795b802004a196b7f00598) [Zhenhua: fold 587cfd8e66df3515 ("ANDROID: fix alignment of struct shash_desc member") into this change, to keep ABI compatibility] Change-Id: I3749f8de65ef3619724e68a9affb4eefd1ebe737 Signed-off-by: Jaewon Kim <jaewon31.kim@samsung.com> Signed-off-by: Zhenhua Huang <quic_zhenhuah@quicinc.com> |
||
Aaron Thompson
|
60806adc9b |
mm: Always release pages to the buddy allocator in memblock_free_late().
[ Upstream commit 115d9d77bb0f9152c60b6e8646369fa7f6167593 ]
If CONFIG_DEFERRED_STRUCT_PAGE_INIT is enabled, memblock_free_pages()
only releases pages to the buddy allocator if they are not in the
deferred range. This is correct for free pages (as defined by
for_each_free_mem_pfn_range_in_zone()) because free pages in the
deferred range will be initialized and released as part of the deferred
init process. memblock_free_pages() is called by memblock_free_late(),
which is used to free reserved ranges after memblock_free_all() has
run. All pages in reserved ranges have been initialized at that point,
and accordingly, those pages are not touched by the deferred init
process. This means that currently, if the pages that
memblock_free_late() intends to release are in the deferred range, they
will never be released to the buddy allocator. They will forever be
reserved.
In addition, memblock_free_pages() calls kmsan_memblock_free_pages(),
which is also correct for free pages but is not correct for reserved
pages. KMSAN metadata for reserved pages is initialized by
kmsan_init_shadow(), which runs shortly before memblock_free_all().
For both of these reasons, memblock_free_pages() should only be called
for free pages, and memblock_free_late() should call __free_pages_core()
directly instead.
One case where this issue can occur in the wild is EFI boot on
x86_64. The x86 EFI code reserves all EFI boot services memory ranges
via memblock_reserve() and frees them later via memblock_free_late()
(efi_reserve_boot_services() and efi_free_boot_services(),
respectively). If any of those ranges happens to fall within the
deferred init range, the pages will not be released and that memory will
be unavailable.
For example, on an Amazon EC2 t3.micro VM (1 GB) booting via EFI:
v6.2-rc2:
# grep -E 'Node|spanned|present|managed' /proc/zoneinfo
Node 0, zone DMA
spanned 4095
present 3999
managed 3840
Node 0, zone DMA32
spanned 246652
present 245868
managed 178867
v6.2-rc2 + patch:
# grep -E 'Node|spanned|present|managed' /proc/zoneinfo
Node 0, zone DMA
spanned 4095
present 3999
managed 3840
Node 0, zone DMA32
spanned 246652
present 245868
managed 222816 # +43,949 pages
Fixes:
|
||
NARIBAYASHI Akira
|
882734bbc5 |
mm, compaction: fix fast_isolate_around() to stay within boundaries
commit be21b32afe470c5ae98e27e49201158a47032942 upstream.
Depending on the memory configuration, isolate_freepages_block() may scan
pages out of the target range and causes panic.
Panic can occur on systems with multiple zones in a single pageblock.
The reason it is rare is that it only happens in special
configurations. Depending on how many similar systems there are, it
may be a good idea to fix this problem for older kernels as well.
The problem is that pfn as argument of fast_isolate_around() could be out
of the target range. Therefore we should consider the case where pfn <
start_pfn, and also the case where end_pfn < pfn.
This problem should have been addressd by the commit 6e2b7044c199 ("mm,
compaction: make fast_isolate_freepages() stay within zone") but there was
an oversight.
Case1: pfn < start_pfn
<at memory compaction for node Y>
| node X's zone | node Y's zone
+-----------------+------------------------------...
pageblock ^ ^ ^
+-----------+-----------+-----------+-----------+...
^ ^ ^
^ ^ end_pfn
^ start_pfn = cc->zone->zone_start_pfn
pfn
<---------> scanned range by "Scan After"
Case2: end_pfn < pfn
<at memory compaction for node X>
| node X's zone | node Y's zone
+-----------------+------------------------------...
pageblock ^ ^ ^
+-----------+-----------+-----------+-----------+...
^ ^ ^
^ ^ pfn
^ end_pfn
start_pfn
<---------> scanned range by "Scan Before"
It seems that there is no good reason to skip nr_isolated pages just after
given pfn. So let perform simple scan from start to end instead of
dividing the scan into "Before" and "After".
Link: https://lkml.kernel.org/r/20221026112438.236336-1-a.naribayashi@fujitsu.com
Fixes: 6e2b7044c199 ("mm, compaction: make fast_isolate_freepages() stay within zone").
Signed-off-by: NARIBAYASHI Akira <a.naribayashi@fujitsu.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Kalesh Singh
|
529351c4c8 |
ANDROID: Re-enable fast mremap and fix UAF with SPF
SPF attempts page faults without taking the mmap lock, but takes the
PTL. If there is a concurrent fast mremap (at PMD/PUD level), this
can lead to a UAF as fast mremap will only take the PTL locks at the
PMD/PUD level. SPF cannot take the PTL locks at the larger subtree
granularity since this introduces much contention in the page fault
paths.
To address the race:
1) Only try fast mremaps if there are no users of the VMA. Android
is concerned with this optimization in the context of
GC stop-the-world pause. So there are no other threads active
and this should almost always succeed.
2) Speculative faults detect ongoing fast mremaps and fallback
to conventional fault handling (taking mmap read lock).
Bug: 263177905
Change-Id: I23917e493ddc8576de19883cac053dfde9982b7f
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
|
||
|
Kalesh Singh
|
c67f268c84 |
Revert "ANDROID: Make SPF aware of fast mremaps"
This reverts commit
|
||
deyaoren@google.com
|
951b126e89 |
Merge remote-tracking branch into HEAD
* keystone/mirror-android12-5.10-2022-12: (1379 commits)
UPSTREAM: bpf: Ensure correct locking around vulnerable function find_vpid()
BACKPORT: UPSTREAM: usb: typec: ucsi: Wait for the USB role switches
UPSTREAM: HID: roccat: Fix use-after-free in roccat_read()
ANDROID: arm64: mm: perform clean & invalidation in __dma_map_area
BACKPORT: ANDROID: dma-buf: heaps: replace mutex lock with spinlock
UPSTREAM: binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0
UPSTREAM: binder: Address corner cases in deferred copy and fixup
UPSTREAM: binder: fix pointer cast warning
UPSTREAM: binder: defer copies of pre-patched txn data
UPSTREAM: binder: read pre-translated fds from sender buffer
UPSTREAM: binder: avoid potential data leakage when copying txn
ANDROID: khugepaged: fix mixing declarations warning in retract_page_tables
ANDROID: mm: fix build issue in spf when CONFIG_USERFAULTFD=n
ANDROID: mm: disable speculative page faults for CONFIG_NUMA
ANDROID: mm: fix invalid backport in speculative page fault path
ANDROID: disable page table moves when speculative page faults are enabled
ANDROID: mm: assert that mmap_lock is taken exclusively in vm_write_begin
ANDROID: mm: remove sequence counting when mmap_lock is not exclusively owned
ANDROID: mm/khugepaged: add missing vm_write_{begin|end}
BACKPORT: FROMLIST: mm: implement speculative handling in filemap_fault()
...
Change-Id: I467114757562b4a34a34aeae94d93694fe225667
|
||
Suren Baghdasaryan
|
a43cd1f2bb |
Revert "Revert "ANDROID: vendor_hooks:vendor hook for __alloc_pages_slowpath.""
This reverts commit
|
||
|
Suren Baghdasaryan
|
975fb682de |
ANDROID: mm: disable speculative page faults for CONFIG_NUMA
NUMA support with speculative page faults might be broken if
vma_replace_policy() replaces the mempolicy object used in
do_anonymous_page()
alloc_zeroed_user_highpage_movable()
alloc_page_vma()
alloc_pages_vma()
get_vma_policy()
__get_vma_policy() in speculative path does not always refcounts the
mempolicy object, therefore can't be relied on stabilizing it.
Rather than fixing this, just disable speculation for CONFIG_NUMA
for now and fix it if it's ever needed in Android.
Bug: 257443051
Change-Id: Ib5750b9809979a69a42ebfa6c130e123f416f1aa
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Signed-off-by: Lee Jones <joneslee@google.com>
|
||
|
Suren Baghdasaryan
|
e4ec065a37 |
ANDROID: disable page table moves when speculative page faults are enabled
move_page_tables() can move entire pmd or pud without locking individual ptes. This is problematic for speculative page faults which do not take mmap_lock because they rely on ptl lock when writing new pte value. To avoid possible race, disable move_page_tables() optimization when CONFIG_SPECULATIVE_PAGE_FAULT is enabled. Bug: 257443051 Change-Id: Ib48dda08ecad1abc60d08fc089a6566a63393c13 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Signed-off-by: Lee Jones <joneslee@google.com> |
||
|
Suren Baghdasaryan
|
0399bd7041 |
ANDROID: mm: skip pte_alloc during speculative page fault
Speculative page fault checks pmd to be valid before starting to handle the page fault and pte_alloc() should do nothing if pmd stays valid. If pmd gets changed during speculative page fault, we will detect the change later and retry with mmap_lock. Therefore pte_alloc() can be safely skipped and this prevents the racy pmd_lock() call which can access pmd->ptl after pmd was cleared. Bug: 257443051 Change-Id: Iec57df5530dba6e0e0bdf9f7500f910851c3d3fd Signed-off-by: Suren Baghdasaryan <surenb@google.com> Signed-off-by: Lee Jones <joneslee@google.com> |
||
Srinivasarao Pathipati
|
f0e9702eed |
Merge keystone/android12-5.10-keystone-qcom-release.136+ (897411a) into msm-5.10
* refs/heads/tmp-897411a: ANDROID: dma-buf: don't re-purpose kobject as work_struct ANDROID: dma-buf: Fix build breakage with !CONFIG_DMABUF_SYSFS_STATS ANDROID: usb: gadget: uvc: remove duplicate code in unbind FROMGIT: mm/madvise: fix madvise_pageout for private file mappings ANDROID: arm64: mm: perform clean & invalidation in __dma_map_area BACKPORT: mm/page_alloc: always initialize memory map for the holes ANDROID: dma-buf: Add vendor hook for deferred dmabuf sysfs stats release ANDROID: dm-user: Remove bio recount in I/O path ANDROID: abi_gki_aarch64_qcom: Add wait_on_page_bit UPSTREAM: drm/meson: Fix overflow implicit truncation warnings UPSTREAM: irqchip/tegra: Fix overflow implicit truncation warnings UPSTREAM: video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write UPSTREAM: irqchip/gic-v4: Wait for GICR_VPENDBASER.Dirty to clear before descheduling UPSTREAM: mm: kfence: fix missing objcg housekeeping for SLAB UPSTREAM: clk: Fix clk_hw_get_clk() when dev is NULL UPSTREAM: arm64: kasan: fix include error in MTE functions UPSTREAM: arm64: prevent instrumentation of bp hardening callbacks UPSTREAM: PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() UPSTREAM: mm: fix use-after-free bug when mm->mmap is reused after being freed BACKPORT: vsprintf: Fix %pK with kptr_restrict == 0 UPSTREAM: net: preserve skb_end_offset() in skb_unclone_keeptruesize() BACKPORT: net: add skb_set_end_offset() helper UPSTREAM: arm64: Correct wrong label in macro __init_el2_gicv3 UPSTREAM: KVM: arm64: Stop handle_exit() from handling HVC twice when an SError occurs UPSTREAM: KVM: arm64: Avoid consuming a stale esr value when SError occur BACKPORT: arm64: Enable Cortex-A510 erratum 2051678 by default UPSTREAM: usb: typec: tcpm: Do not disconnect when receiving VSAFE0V UPSTREAM: usb: typec: tcpci: don't touch CC line if it's Vconn source UPSTREAM: dt-bindings: memory: mtk-smi: Correct minItems to 2 for the gals clocks BACKPORT: dt-bindings: memory: mtk-smi: No need mediatek,larb-id for mt8167 BACKPORT: dt-bindings: memory: mtk-smi: Rename clock to clocks UPSTREAM: KVM: arm64: Use shadow SPSR_EL1 when injecting exceptions on !VHE UPSTREAM: block: fix async_depth sysfs interface for mq-deadline UPSTREAM: dma-buf: cma_heap: Fix mutex locking section UPSTREAM: scsi: ufs: ufs-mediatek: Fix error checking in ufs_mtk_init_va09_pwr_ctrl() UPSTREAM: f2fs: include non-compressed blocks in compr_written_block UPSTREAM: kasan: fix Kconfig check of CC_HAS_WORKING_NOSANITIZE_ADDRESS UPSTREAM: dma-buf: DMABUF_SYSFS_STATS should depend on DMA_SHARED_BUFFER UPSTREAM: mmflags.h: add missing __GFP_ZEROTAGS and __GFP_SKIP_KASAN_POISON names BACKPORT: scsi: ufs: Optimize serialization of setup_xfer_req() calls UPSTREAM: Kbuild: lto: fix module versionings mismatch in GNU make 3.X UPSTREAM: clk: versatile: Depend on HAS_IOMEM BACKPORT: arm64: meson: select COMMON_CLK UPSTREAM: kbuild: do not include include/config/auto.conf from adjust_autoksyms.sh UPSTREAM: inet: fully convert sk->sk_rx_dst to RCU rules ANDROID: Update symbol list for mtk FROMLIST: binder: fix UAF of alloc->vma in race with munmap() ANDROID: GKI: Update symbol list for mtk tablet projects UPSTREAM: af_key: Do not call xfrm_probe_algs in parallel UPSTREAM: mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() UPSTREAM: mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() FROMGIT: f2fs: let's avoid to get cp_rwsem twice by f2fs_evict_inode by d_invalidate ANDROID: abi_gki_aarch64_qcom: whitelist some vm symbols ANDROID: vendor_hook: skip trace_android_vh_page_trylock_set when ignore_references is true BACKPORT: ANDROID: dma-buf: Move sysfs work out of DMA-BUF export path UPSTREAM: wifi: mac80211: fix MBSSID parsing use-after-free UPSTREAM: wifi: mac80211: don't parse mbssid in assoc response UPSTREAM: mac80211: mlme: find auth challenge directly UPSTREAM: wifi: cfg80211: update hidden BSSes to avoid WARN_ON UPSTREAM: wifi: mac80211: fix crash in beacon protection for P2P-device UPSTREAM: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate UPSTREAM: wifi: cfg80211: avoid nontransmitted BSS list corruption UPSTREAM: wifi: cfg80211: fix BSS refcounting bugs UPSTREAM: wifi: cfg80211: ensure length byte is present before access UPSTREAM: wifi: cfg80211/mac80211: reject bad MBSSID elements UPSTREAM: wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans() ANDROID: GKI: Update symbols to symbol list ANDROID: sched: add restricted hooks to replace the former hooks ANDROID: GKI: Add symbol snd_pcm_stop_xrun ANDROID: ABI: update allowed list for galaxy ANDROID: GKI: Update symbols to symbol list UPSTREAM: dma-buf: ensure unique directory name for dmabuf stats UPSTREAM: dma-buf: call dma_buf_stats_setup after dmabuf is in valid list Conflicts: Documentation/devicetree/bindings Documentation/devicetree/bindings/memory-controllers/mediatek,smi-common.yaml Documentation/devicetree/bindings/memory-controllers/mediatek,smi-larb.yaml Change-Id: If8181c06536ceb430cde0826f557298b4ab648e7 Signed-off-by: Srinivasarao Pathipati <quic_c_spathi@quicinc.com> |
||
|
Kalesh Singh
|
134c1aae43 |
ANDROID: Make SPF aware of fast mremaps
SPF attempts page faults without taking the mmap lock, but takes the
PTL. If there is a concurrent fast mremap (at PMD/PUD level), this
can lead to a UAF as fast mremap will only take the PTL locks at the
PMD/PUD level. SPF cannot take the PTL locks at the larger subtree
granularity since this introduces much contention in the page fault
paths.
To address the race:
1) Fast mremaps wait until there are no users of the VMA.
2) Speculative faults detect ongoing fast mremaps and fallback
to conventional fault handling (taking mmap read lock).
Since this race condition is very rare the performance impact is
negligible.
Bug: 263177905
Change-Id: If9755aa4261337fe180e3093a3cefaae8ac9ff1a
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
|
||
Greg Kroah-Hartman
|
01ef2d0b53 |
This is the 5.10.159 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmOZpiwACgkQONu9yGCS aT6whRAArWRCd5yEvuYtdCIPQh70Yz3vhHKkeqKU3AzAOYxYB+UbmRf8i6Cgv5S7 b0Mmla4vV1w+tRZcwdPHXoNrwxQ+r6b89mywResfp+FLAti/Ak1wMNR1l0FGQTeM z2dIeuhNtVIatvpBw7E1KKGXpSRYfJuzbkT3npKRmWqv1hmcwcqkQ9uZSkFCf3dO YETpGjOk6Z8/Ml4z6gEWy54+W3nLf3X8G0i1CfDwxkxcCf4fqIgNCaGaT26Q+Yv1 GDKtAzmF/FfxwwIdwxx+Y/Iq3+ccEf2WTRQEDWb8K62TBbNjR+q1+Y3IJCfrBj+H 6sVfnyQm9fTQd7gKLy3gipJxphS4sAZ+OcwY+gMfRQBBHSmccHOC9MhQFgd+wN39 vBnCG0g6x+9J/DESPOXwrTDnWuGW1Grv7avYlJo2L4WTUFsAuDrtGdCRJ+Bwd9PH VVD6eSmXQdrFe9ttf8CQUERlWmNkAmFvT135Hf+qclNsvp7PbtCX2rjgo27NxVbo mdOkLLNXBwMNcHjhWhN7MDzoEw7gUqvWWC6vdRgQicrLJphrcV82+C0QIW3A/Uft tp/HEsHhGCX6mTXN0x9faz9WMXrfI+j6rUs0UoSVBfP+rwtCqweX5qgz5eUj2jjJ v+edcnh/2t4dVwK2dbsniw8y19tI/VHfyfMJiGSY18LsLlMrHiw= =QY26 -----END PGP SIGNATURE----- Merge 5.10.159 into android12-5.10-lts Changes in 5.10.159 arm64: dts: rockchip: keep I2S1 disabled for GPIO function on ROCK Pi 4 series arm: dts: rockchip: fix node name for hym8563 rtc ARM: dts: rockchip: fix ir-receiver node names arm64: dts: rockchip: fix ir-receiver node names ARM: dts: rockchip: rk3188: fix lcdc1-rgb24 node name ARM: 9251/1: perf: Fix stacktraces for tracepoint events in THUMB2 kernels ARM: 9266/1: mm: fix no-MMU ZERO_PAGE() implementation ASoC: wm8962: Wait for updated value of WM8962_CLOCKING1 register ARM: dts: rockchip: disable arm_global_timer on rk3066 and rk3188 9p/fd: Use P9_HDRSZ for header size regulator: slg51000: Wait after asserting CS pin ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event btrfs: send: avoid unaligned encoded writes when attempting to clone range ASoC: soc-pcm: Add NULL check in BE reparenting regulator: twl6030: fix get status of twl6032 regulators fbcon: Use kzalloc() in fbcon_prepare_logo() usb: dwc3: gadget: Disable GUSB2PHYCFG.SUSPHY for End Transfer 9p/xen: check logical size for buffer size net: usb: qmi_wwan: add u-blox 0x1342 composition mm/khugepaged: take the right locks for page table retraction mm/khugepaged: fix GUP-fast interaction by sending IPI mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths rtc: mc146818: Prevent reading garbage rtc: mc146818: Detect and handle broken RTCs rtc: mc146818: Dont test for bit 0-5 in Register D rtc: cmos: remove stale REVISIT comments rtc: mc146818-lib: change return values of mc146818_get_time() rtc: Check return value from mc146818_get_time() rtc: mc146818-lib: fix RTC presence check rtc: mc146818-lib: extract mc146818_avoid_UIP rtc: cmos: avoid UIP when writing alarm time rtc: cmos: avoid UIP when reading alarm time rtc: cmos: Replace spin_lock_irqsave with spin_lock in hard IRQ rtc: mc146818: Reduce spinlock section in mc146818_set_time() xen/netback: Ensure protocol headers don't fall in the non-linear area xen/netback: do some code cleanup xen/netback: don't call kfree_skb() with interrupts disabled media: videobuf2-core: take mmap_lock in vb2_get_unmapped_area() Revert "ARM: dts: imx7: Fix NAND controller size-cells" media: v4l2-dv-timings.c: fix too strict blanking sanity checks memcg: fix possible use-after-free in memcg_write_event_control() mm/gup: fix gup_pud_range() for dax Bluetooth: btusb: Add debug message for CSR controllers Bluetooth: Fix crash when replugging CSR fake controllers KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field drm/vmwgfx: Don't use screen objects when SEV is active drm/shmem-helper: Remove errant put in error path drm/shmem-helper: Avoid vm_open error paths HID: usbhid: Add ALWAYS_POLL quirk for some mice HID: hid-lg4ff: Add check for empty lbuf HID: core: fix shift-out-of-bounds in hid_report_raw_event can: af_can: fix NULL pointer dereference in can_rcv_filter mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page rtc: cmos: Disable irq around direct invocation of cmos_interrupt() rtc: mc146818-lib: fix locking in mc146818_set_time rtc: mc146818-lib: fix signedness bug in mc146818_get_time() netfilter: nft_set_pipapo: Actually validate intervals in fields after the first one ieee802154: cc2520: Fix error return code in cc2520_hw_init() ca8210: Fix crash by zero initializing data netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark drm/bridge: ti-sn65dsi86: Fix output polarity setting bug gpio: amd8111: Fix PCI device reference count leak e1000e: Fix TX dispatch condition igb: Allocate MSI-X vector when testing drm: bridge: dw_hdmi: fix preference of RGB modes over YUV420 af_unix: Get user_ns from in_skb in unix_diag_get_exact(). vmxnet3: correctly report encapsulated LRO packet Bluetooth: 6LoWPAN: add missing hci_dev_put() in get_l2cap_conn() Bluetooth: Fix not cleanup led when bt_init fails net: dsa: ksz: Check return value selftests: rtnetlink: correct xfrm policy rule in kci_test_ipsec_offload mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() net: encx24j600: Add parentheses to fix precedence net: encx24j600: Fix invalid logic in reading of MISTAT register xen-netfront: Fix NULL sring after live migration net: mvneta: Prevent out of bounds read in mvneta_config_rss() i40e: Fix not setting default xps_cpus after reset i40e: Fix for VF MAC address 0 i40e: Disallow ip4 and ip6 l4_4_bytes NFC: nci: Bounds check struct nfc_target arrays nvme initialize core quirks before calling nvme_init_subsystem net: stmmac: fix "snps,axi-config" node property parsing ip_gre: do not report erspan version on GRE interface net: thunderx: Fix missing destroy_workqueue of nicvf_rx_mode_wq net: hisilicon: Fix potential use-after-free in hisi_femac_rx() net: hisilicon: Fix potential use-after-free in hix5hd2_rx() tipc: Fix potential OOB in tipc_link_proto_rcv() ipv4: Fix incorrect route flushing when source address is deleted ipv4: Fix incorrect route flushing when table ID 0 is used net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() tipc: call tipc_lxc_xmit without holding node_read_lock ethernet: aeroflex: fix potential skb leak in greth_init_rings() xen/netback: fix build warning net: plip: don't call kfree_skb/dev_kfree_skb() under spin_lock_irq() ipv6: avoid use-after-free in ip6_fragment() net: mvneta: Fix an out of bounds check macsec: add missing attribute validation for offload can: esd_usb: Allow REC and TEC to return to zero Linux 5.10.159 Change-Id: I3ec26473c358ffda0ea8a8dd91ee265f58739029 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Baolin Wang
|
fccee93eb2 |
mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
commit fac35ba763ed07ba93154c95ffc0c4a55023707f upstream. On some architectures (like ARM64), it can support CONT-PTE/PMD size hugetlb, which means it can support not only PMD/PUD size hugetlb (2M and 1G), but also CONT-PTE/PMD size(64K and 32M) if a 4K page size specified. So when looking up a CONT-PTE size hugetlb page by follow_page(), it will use pte_offset_map_lock() to get the pte entry lock for the CONT-PTE size hugetlb in follow_page_pte(). However this pte entry lock is incorrect for the CONT-PTE size hugetlb, since we should use huge_pte_lock() to get the correct lock, which is mm->page_table_lock. That means the pte entry of the CONT-PTE size hugetlb under current pte lock is unstable in follow_page_pte(), we can continue to migrate or poison the pte entry of the CONT-PTE size hugetlb, which can cause some potential race issues, even though they are under the 'pte lock'. For example, suppose thread A is trying to look up a CONT-PTE size hugetlb page by move_pages() syscall under the lock, however antoher thread B can migrate the CONT-PTE hugetlb page at the same time, which will cause thread A to get an incorrect page, if thread A also wants to do page migration, then data inconsistency error occurs. Moreover we have the same issue for CONT-PMD size hugetlb in follow_huge_pmd(). To fix above issues, rename the follow_huge_pmd() as follow_huge_pmd_pte() to handle PMD and PTE level size hugetlb, which uses huge_pte_lock() to get the correct pte entry lock to make the pte entry stable. Mike said: Support for CONT_PMD/_PTE was added with |
||
John Starks
|
f1cf856123 |
mm/gup: fix gup_pud_range() for dax
commit fcd0ccd836ffad73d98a66f6fea7b16f735ea920 upstream. For dax pud, pud_huge() returns true on x86. So the function works as long as hugetlb is configured. However, dax doesn't depend on hugetlb. Commit |
||
Tejun Heo
|
f1f7f36cf6 |
memcg: fix possible use-after-free in memcg_write_event_control()
commit 4a7ba45b1a435e7097ca0f79a847d0949d0eb088 upstream. memcg_write_event_control() accesses the dentry->d_name of the specified control fd to route the write call. As a cgroup interface file can't be renamed, it's safe to access d_name as long as the specified file is a regular cgroup file. Also, as these cgroup interface files can't be removed before the directory, it's safe to access the parent too. Prior to |
||
Jann Horn
|
7f445ca2e0 |
mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
commit f268f6cf875f3220afc77bdd0bf1bb136eb54db9 upstream. Any codepath that zaps page table entries must invoke MMU notifiers to ensure that secondary MMUs (like KVM) don't keep accessing pages which aren't mapped anymore. Secondary MMUs don't hold their own references to pages that are mirrored over, so failing to notify them can lead to page use-after-free. I'm marking this as addressing an issue introduced in commit |
||
|
Jann Horn
|
4a1cdb49d0 |
mm/khugepaged: fix GUP-fast interaction by sending IPI
commit 2ba99c5e08812494bc57f319fb562f527d9bacd8 upstream.
Since commit 70cbc3cc78a99 ("mm: gup: fix the fast GUP race against THP
collapse"), the lockless_pages_from_mm() fastpath rechecks the pmd_t to
ensure that the page table was not removed by khugepaged in between.
However, lockless_pages_from_mm() still requires that the page table is
not concurrently freed. Fix it by sending IPIs (if the architecture uses
semi-RCU-style page table freeing) before freeing/reusing page tables.
Link: https://lkml.kernel.org/r/20221129154730.2274278-2-jannh@google.com
Link: https://lkml.kernel.org/r/20221128180252.1684965-2-jannh@google.com
Link: https://lkml.kernel.org/r/20221125213714.4115729-2-jannh@google.com
Fixes:
|
||
|
Jann Horn
|
cdfd3739b2 |
mm/khugepaged: take the right locks for page table retraction
commit 8d3c106e19e8d251da31ff4cc7462e4565d65084 upstream.
pagetable walks on address ranges mapped by VMAs can be done under the
mmap lock, the lock of an anon_vma attached to the VMA, or the lock of the
VMA's address_space. Only one of these needs to be held, and it does not
need to be held in exclusive mode.
Under those circumstances, the rules for concurrent access to page table
entries are:
- Terminal page table entries (entries that don't point to another page
table) can be arbitrarily changed under the page table lock, with the
exception that they always need to be consistent for
hardware page table walks and lockless_pages_from_mm().
This includes that they can be changed into non-terminal entries.
- Non-terminal page table entries (which point to another page table)
can not be modified; readers are allowed to READ_ONCE() an entry, verify
that it is non-terminal, and then assume that its value will stay as-is.
Retracting a page table involves modifying a non-terminal entry, so
page-table-level locks are insufficient to protect against concurrent page
table traversal; it requires taking all the higher-level locks under which
it is possible to start a page walk in the relevant range in exclusive
mode.
The collapse_huge_page() path for anonymous THP already follows this rule,
but the shmem/file THP path was getting it wrong, making it possible for
concurrent rmap-based operations to cause corruption.
Link: https://lkml.kernel.org/r/20221129154730.2274278-1-jannh@google.com
Link: https://lkml.kernel.org/r/20221128180252.1684965-1-jannh@google.com
Link: https://lkml.kernel.org/r/20221125213714.4115729-1-jannh@google.com
Fixes:
|
||
|
Greg Kroah-Hartman
|
5ab4c6b843 |
This is the 5.10.158 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmORvAIACgkQONu9yGCS
aT6OMhAAkxn/BD0mYER+XMJK+z5KIgusOh2TbHJGIkHUmj1u6Fse8VfR1xAjTk5q
y3J0uX5Bung1FIsA8iVF7no1D4ungqsyXUt6cclO8X3dVQAV8ikNDRTu2FFLiywY
4QxJ/h1Nhl+6lb1lqHT+iSEuMAjlUr6DtAq4hb9Xxgbn9hOghTMzg4dZYjXI3cr4
Bxk/tunrp8Rc5ad/I9Gwba0ar23cFDLYNxT6VKn+FBJ2jcj/74ULjwPvT3SyAm2U
hONKAQQZNtGPmGsUXkjdjhz7VaceNlLp0bA92AqCvNEmbnJzjb21qAklfdNAvEGH
yP4GOdxDvmwzPxkxpZfa0I3OYpfxAwT2bG6mVSl7+Ok8LNIiKvvD+TlL0p+nqoe1
LogxV309xqpN+D3EgUnX03lLkJDfWfrZyhEIPgEuRdW7OjixqYOs0hWLmkF0QCi6
vLYRSPnsoxragShq8HrdC/QlLmLCckMy8i7bcCiwpSwcsL/1vVUnb05O6iaFoIc4
56nTifRT5p3nJlnjQhCyPVbxmF8CRlhsRwbOsA+0pklkTQx5qHaYMFLuXsd7nSFG
+le0Kuc+xTMdP/ABgs2s3UdZFh3Zevovt4gaOnYjC6EDbmoeG6DNTTzIbNEwa1vw
D6+Zrw3HePytwJcUNRHthXuTUN2V68YvsXu7zVhKU8mlyj+UXpE=
=Zr7b
-----END PGP SIGNATURE-----
Merge 5.10.158 into android12-5.10-lts
Changes in 5.10.158
btrfs: sink iterator parameter to btrfs_ioctl_logical_to_ino
btrfs: free btrfs_path before copying inodes to userspace
spi: spi-imx: Fix spi_bus_clk if requested clock is higher than input clock
btrfs: move QUOTA_ENABLED check to rescan_should_stop from btrfs_qgroup_rescan_worker
drm/display/dp_mst: Fix drm_dp_mst_add_affected_dsc_crtcs() return code
drm/amdgpu: update drm_display_info correctly when the edid is read
drm/amdgpu: Partially revert "drm/amdgpu: update drm_display_info correctly when the edid is read"
btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
iio: health: afe4403: Fix oob read in afe4403_read_raw
iio: health:
|
||
Pavankumar Kondeti
|
81a0f22464 |
FROMGIT: mm/madvise: fix madvise_pageout for private file mappings
When MADV_PAGEOUT is called on a private file mapping VMA region,
we bail out early if the process is neither owner nor write capable
of the file. However, this VMA may have both private/shared clean
pages and private dirty pages. The opportunity of paging out the
private dirty pages (Anon pages) is missed. Fix this by caching
the file access check and use it later along with PageAnon() during
page walk.
We observe ~10% improvement in zram usage, thus leaving more available
memory on a 4GB RAM system running Android.
Link: https://lkml.kernel.org/r/1667971116-12900-1-git-send-email-quic_pkondeti@quicinc.com
Signed-off-by: Pavankumar Kondeti <quic_pkondeti@quicinc.com>
Cc: Charan Teja Kalla <quic_charante@quicinc.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Suren Baghdasaryan <surenb@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit 8fc5be8efc3cf356f25098fbd4bda7c0e949c2ea
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git mm-unstable)
Bug: 259329159
Bug: 261815590
Signed-off-by: Pavankumar Kondeti <quic_pkondeti@quicinc.com>
Change-Id: I5f2d425aec94e5a75ebeaf90f9f5d7adf1975c59
(cherry picked from commit
|
||
Linus Torvalds
|
d072a10c81 |
v4l2: don't fall back to follow_pfn() if pin_user_pages_fast() fails
commit 6647e76ab623b2b3fb2efe03a86e9c9046c52c33 upstream.
The V4L2_MEMORY_USERPTR interface is long deprecated and shouldn't be
used (and is discouraged for any modern v4l drivers). And Seth Jenkins
points out that the fallback to VM_PFNMAP/VM_IO is fundamentally racy
and dangerous.
Note that it's not even a case that should trigger, since any normal
user pointer logic ends up just using the pin_user_pages_fast() call
that does the proper page reference counting. That's not the problem
case, only if you try to use special device mappings do you have any
issues.
Normally I'd just remove this during the merge window, but since Seth
pointed out the problem cases, we really want to know as soon as
possible if there are actually any users of this odd special case of a
legacy interface. Neither Hans nor Mauro seem to think that such
mis-uses of the old legacy interface should exist. As Mauro says:
"See, V4L2 has actually 4 streaming APIs:
- Kernel-allocated mmap (usually referred simply as just mmap);
- USERPTR mmap;
- read();
- dmabuf;
The USERPTR is one of the oldest way to use it, coming from V4L
version 1 times, and by far the least used one"
And Hans chimed in on the USERPTR interface:
"To be honest, I wouldn't mind if it goes away completely, but that's a
bit of a pipe dream right now"
but while removing this legacy interface entirely may be a pipe dream we
can at least try to remove the unlikely (and actively broken) case of
using special device mappings for USERPTR accesses.
This replaces it with a WARN_ONCE() that we can remove once we've
hopefully confirmed that no actual users exist.
NOTE! Longer term, this means that a 'struct frame_vector' only ever
contains proper page pointers, and all the games we have with converting
them to pages can go away (grep for 'frame_vector_to_pages()' and the
uses of 'vec->is_pfns'). But this is just the first step, to verify
that this code really is all dead, and do so as quickly as possible.
Reported-by: Seth Jenkins <sethjenkins@google.com>
Acked-by: Hans Verkuil <hverkuil@xs4all.nl>
Acked-by: Mauro Carvalho Chehab <mchehab@kernel.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Jan Kara <jack@suse.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sergey Senozhatsky <senozhatsky@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
982d7f3eb8 |
This is the 5.10.157 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmOKKmsACgkQONu9yGCS aT73ixAAwyEk1kuY9T0i4JfjPViD9Kg+v64lGLnM88CuGjkxcT4kv2Lg/hURDD+K pObBEaOWduKVxqH/4GqpeEpqrw3bxxQJUchw1F5C2ZsLjB5mA4u9U0dqExTPIeY2 GSLdkBY/3yWBgDlpWsEHRjhzqx16ZuvHyvMGegHLG5+hNbfmfiFBhVpn8knTFaqv fXRyC9MAt072thjjuPG6QcWpWAFFTG0PWsEkNWGLw0U07FF+V7O9sWLontHi93sn seIEUPbjgGEFND2NqLfiLOLZ9m2fBB3P32L66b9rrZNZ2DPmyrNCD0WSLhlzb1OV 8yXiVEkDUozkI6W8fzVtUUjH3gYvB9e37zCYPO6WnAl5cwGhCJz1cpQfN7g7hk9H iKpetcKf7XFBRmUq2Ftnaq7KPc81dVrQ5mYfrtsT9IYDnWMdF7AcOctN+dKkCS15 QoiJklSeE28b4PZtdt7Uv7OF2qW6w+tMKSD3PJyiBHB46rcQjuuOy7ifa8VqaXHI ZO+mWUjMMUdo3q0lXoy2i5PMNrul41QMsdnrGaZxXU+LfaCVIubpHghSBHFhnFTY 3r2Fko3ZOsuAOQXX5iCTCstCEev5LH0v74bou355Y0uteueCqpnc/GSEZ8KhP+M0 kqpcyf3e6KAL7TA7eqQdptpFyDW732IgcbU4bQKUMd038Hb5I4o= =1JWA -----END PGP SIGNATURE----- Merge 5.10.157 into android12-5.10-lts Changes in 5.10.157 scsi: scsi_transport_sas: Fix error handling in sas_phy_add() ata: libata-scsi: simplify __ata_scsi_queuecmd() ata: libata-core: do not issue non-internal commands once EH is pending bridge: switchdev: Notify about VLAN protocol changes bridge: switchdev: Fix memory leaks when changing VLAN protocol drm/display: Don't assume dual mode adaptors support i2c sub-addressing nvme: add a bogus subsystem NQN quirk for Micron MTFDKBA2T0TFH nvme-pci: add NVME_QUIRK_BOGUS_NID for Micron Nitro iio: ms5611: Simplify IO callback parameters iio: pressure: ms5611: fixed value compensation bug ceph: do not update snapshot context when there is no new snapshot ceph: avoid putting the realm twice when decoding snaps fails wifi: mac80211: fix memory free error when registering wiphy fail wifi: mac80211_hwsim: fix debugfs attribute ps with rc table support riscv: dts: sifive unleashed: Add PWM controlled LEDs audit: fix undefined behavior in bit shift for AUDIT_BIT wifi: airo: do not assign -1 to unsigned char wifi: mac80211: Fix ack frame idr leak when mesh has no route spi: stm32: fix stm32_spi_prepare_mbr() that halves spi clk for every run selftests/bpf: Add verifier test for release_reference() Revert "net: macsec: report real_dev features when HW offloading is enabled" platform/x86: touchscreen_dmi: Add info for the RCA Cambio W101 v2 2-in-1 scsi: ibmvfc: Avoid path failures during live migration scsi: scsi_debug: Make the READ CAPACITY response compliant with ZBC drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) block, bfq: fix null pointer dereference in bfq_bio_bfqg() arm64/syscall: Include asm/ptrace.h in syscall_wrapper header. RISC-V: vdso: Do not add missing symbols to version section in linker script MIPS: pic32: treat port as signed integer xfrm: fix "disable_policy" on ipv4 early demux xfrm: replay: Fix ESN wrap around for GSO af_key: Fix send_acquire race with pfkey_register ARM: dts: am335x-pcm-953: Define fixed regulators in root node ASoC: hdac_hda: fix hda pcm buffer overflow issue ASoC: sgtl5000: Reset the CHIP_CLK_CTRL reg on remove ASoC: soc-pcm: Don't zero TDM masks in __soc_pcm_open() scsi: storvsc: Fix handling of srb_status and capacity change events regulator: core: fix kobject release warning and memory leak in regulator_register() spi: dw-dma: decrease reference count in dw_spi_dma_init_mfld() regulator: core: fix UAF in destroy_regulator() bus: sunxi-rsb: Support atomic transfers tee: optee: fix possible memory leak in optee_register_device() ARM: dts: at91: sam9g20ek: enable udc vbus gpio pinctrl net: liquidio: simplify if expression rxrpc: Allow list of in-use local UDP endpoints to be viewed in /proc rxrpc: Use refcount_t rather than atomic_t rxrpc: Fix race between conn bundle lookup and bundle removal [ZDI-CAN-15975] nfc/nci: fix race with opening and closing net: pch_gbe: fix potential memleak in pch_gbe_tx_queue() 9p/fd: fix issue of list_del corruption in p9_fd_cancel() netfilter: conntrack: Fix data-races around ct mark ARM: mxs: fix memory leak in mxs_machine_init() ARM: dts: imx6q-prti6q: Fix ref/tcxo-clock-frequency properties net: ethernet: mtk_eth_soc: fix error handling in mtk_open() net/mlx4: Check retval of mlx4_bitmap_init net/qla3xxx: fix potential memleak in ql3xxx_send() net: pch_gbe: fix pci device refcount leak while module exiting nfp: fill splittable of devlink_port_attrs correctly nfp: add port from netdev validation for EEPROM access macsec: Fix invalid error code set Drivers: hv: vmbus: fix double free in the error path of vmbus_add_channel_work() Drivers: hv: vmbus: fix possible memory leak in vmbus_device_register() netfilter: ipset: Limit the maximal range of consecutive elements to add/delete netfilter: ipset: regression in ip_set_hash_ip.c net/mlx5: Fix FW tracer timestamp calculation net/mlx5: Fix handling of entry refcount when command is not issued to FW tipc: set con sock in tipc_conn_alloc tipc: add an extra conn_get in tipc_conn_alloc tipc: check skb_linearize() return value in tipc_disc_rcv() xfrm: Fix ignored return value in xfrm6_init() sfc: fix potential memleak in __ef100_hard_start_xmit() net: sched: allow act_ct to be built without NF_NAT NFC: nci: fix memory leak in nci_rx_data_packet() regulator: twl6030: re-add TWL6032_SUBCLASS bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() dma-buf: fix racing conflict of dma_heap_add() netfilter: flowtable_offload: add missing locking dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). ipv4: Fix error return code in fib_table_insert() s390/dasd: fix no record found for raw_track_access net: arcnet: Fix RESET flag handling arcnet: fix potential memory leak in com20020_probe() nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION nfc: st-nci: fix memory leaks in EVT_TRANSACTION net: thunderx: Fix the ACPI memory leak s390/crashdump: fix TOD programmable field size net: enetc: manage ENETC_F_QBV in priv->active_offloads only when enabled net: enetc: cache accesses to &priv->si->hw net: enetc: preserve TX ring priority across reconfiguration lib/vdso: use "grep -E" instead of "egrep" usb: dwc3: exynos: Fix remove() function ext4: fix use-after-free in ext4_ext_shift_extents arm64: dts: rockchip: lower rk3399-puma-haikou SD controller clock frequency iio: light: apds9960: fix wrong register for gesture gain iio: core: Fix entry not deleted when iio_register_sw_trigger_type() fails init/Kconfig: fix CC_HAS_ASM_GOTO_TIED_OUTPUT test with dash nios2: add FORCE for vmlinuz.gz mmc: sdhci-brcmstb: Re-organize flags mmc: sdhci-brcmstb: Enable Clock Gating to save power mmc: sdhci-brcmstb: Fix SDHCI_RESET_ALL for CQHCI usb: cdns3: Add support for DRD CDNSP ceph: make ceph_create_session_msg a global symbol ceph: make iterate_sessions a global symbol ceph: flush mdlog before umounting ceph: flush the mdlog before waiting on unsafe reqs ceph: fix off by one bugs in unsafe_request_wait() ceph: put the requests/sessions when it fails to alloc memory ceph: fix possible NULL pointer dereference for req->r_session ceph: Use kcalloc for allocating multiple elements ceph: fix NULL pointer dereference for req->r_session usb: dwc3: gadget: conditionally remove requests usb: dwc3: gadget: Return -ESHUTDOWN on ep disable usb: dwc3: gadget: Clear ep descriptor last nilfs2: fix nilfs_sufile_mark_dirty() not set segment usage as dirty gcov: clang: fix the buffer overflow issue mm: vmscan: fix extreme overreclaim and swap floods KVM: x86: nSVM: leave nested mode on vCPU free KVM: x86: remove exit_int_info warning in svm_handle_exit x86/ioremap: Fix page aligned size calculation in __ioremap_caller() binder: avoid potential data leakage when copying txn binder: read pre-translated fds from sender buffer binder: defer copies of pre-patched txn data binder: fix pointer cast warning binder: Address corner cases in deferred copy and fixup binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode ASoC: Intel: bytcht_es8316: Add quirk for the Nanote UMPC-01 serial: 8250: 8250_omap: Avoid RS485 RTS glitch on ->set_termios() Input: goodix - try resetting the controller when no config is set Input: soc_button_array - add use_low_level_irq module parameter Input: soc_button_array - add Acer Switch V 10 to dmi_use_low_level_irq[] xen-pciback: Allow setting PCI_MSIX_FLAGS_MASKALL too xen/platform-pci: add missing free_irq() in error path platform/x86: asus-wmi: add missing pci_dev_put() in asus_wmi_set_xusb2pr() platform/x86: acer-wmi: Enable SW_TABLET_MODE on Switch V 10 (SW5-017) zonefs: fix zone report size in __zonefs_io_error() platform/x86: hp-wmi: Ignore Smart Experience App event tcp: configurable source port perturb table size net: usb: qmi_wwan: add Telit 0x103a composition gpu: host1x: Avoid trying to use GART on Tegra20 dm integrity: flush the journal on suspend dm integrity: clear the journal on suspend wifi: wilc1000: validate pairwise and authentication suite offsets wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_CHANNEL_LIST attribute wifi: wilc1000: validate number of channels genirq/msi: Shutdown managed interrupts with unsatifiable affinities genirq: Always limit the affinity to online CPUs irqchip/gic-v3: Always trust the managed affinity provided by the core code genirq: Take the proposed affinity at face value if force==true btrfs: free btrfs_path before copying root refs to userspace btrfs: free btrfs_path before copying fspath to userspace btrfs: free btrfs_path before copying subvol info to userspace btrfs: sysfs: normalize the error handling branch in btrfs_init_sysfs() drm/amd/dc/dce120: Fix audio register mapping, stop triggering KASAN drm/amdgpu: always register an MMU notifier for userptr drm/i915: fix TLB invalidation for Gen12 video and compute engines fuse: lock inode unconditionally in fuse_fallocate() Linux 5.10.157 Change-Id: Ie53a7379c392879de240237eb8258857b59564a6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Johannes Weiner
|
d925dd3e44 |
mm: vmscan: fix extreme overreclaim and swap floods
commit f53af4285d775cd9a9a146fc438bd0a1bee1838a upstream.
During proactive reclaim, we sometimes observe severe overreclaim, with
several thousand times more pages reclaimed than requested.
This trace was obtained from shrink_lruvec() during such an instance:
prio:0 anon_cost:1141521 file_cost:7767
nr_reclaimed:4387406 nr_to_reclaim:1047 (or_factor:4190)
nr=[7161123 345 578 1111]
While he reclaimer requested 4M, vmscan reclaimed close to 16G, most of it
by swapping. These requests take over a minute, during which the write()
to memory.reclaim is unkillably stuck inside the kernel.
Digging into the source, this is caused by the proportional reclaim
bailout logic. This code tries to resolve a fundamental conflict: to
reclaim roughly what was requested, while also aging all LRUs fairly and
in accordance to their size, swappiness, refault rates etc. The way it
attempts fairness is that once the reclaim goal has been reached, it stops
scanning the LRUs with the smaller remaining scan targets, and adjusts the
remainder of the bigger LRUs according to how much of the smaller LRUs was
scanned. It then finishes scanning that remainder regardless of the
reclaim goal.
This works fine if priority levels are low and the LRU lists are
comparable in size. However, in this instance, the cgroup that is
targeted by proactive reclaim has almost no files left - they've already
been squeezed out by proactive reclaim earlier - and the remaining anon
pages are hot. Anon rotations cause the priority level to drop to 0,
which results in reclaim targeting all of anon (a lot) and all of file
(almost nothing). By the time reclaim decides to bail, it has scanned
most or all of the file target, and therefor must also scan most or all of
the enormous anon target. This target is thousands of times larger than
the reclaim goal, thus causing the overreclaim.
The bailout code hasn't changed in years, why is this failing now? The
most likely explanations are two other recent changes in anon reclaim:
1. Before the series starting with commit
|
||
|
Greg Kroah-Hartman
|
d9b90a99f3 |
This is the 5.10.156 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmOA8VIACgkQONu9yGCS aT7Z2g/+O/03N67HvGVJavgGXI0B1DcGQYSdyyLwoHLLu6RnwUjIZVUEL8EJnC1+ HKG3l/8r2mjkD/5g1SVIDSo/6sGOQUkrWcEqmpBjUt6g6xOB1w/RWagHKYL9d+9I IEAGArdElzPFwUagYJsUoXt77ixS9R22DYWq4bqcru19+TQRZ8SP4HOEMQ+kjeFo fn0cqFsXxefhUrE4Io3gTQh9mcRI2kVJh9eCQqCrmjmuY25t4an8leEATqCEGpNT TNLdCIqpmKXPl5MuoiFQf4/0W0ymmhTU+Xa8XxVD7wW9eD1kX75uIY5MHAz9OoWw waLK5qPwQlguWhNF618nSzBaMFB1CBQ3uiSlW0BaLNLa6OIx7E3rV9PXyLJ7z3kh K+XgVXgukAtwuQvpbnE57tm78oyyq7Nw6toAAyomYyJKgZfZ6XovK35ilz32Y7Eb mxT3yA3D05SLwm92sbkDvrpyzu5ONkyf02ubDw0e2sdBOXyajwuuoxny/nlQZMxO bhN1aDIpi4cudPWEjZh2XbDDRtxTD4SOAlqfi39j11QUCwk5S+7994alBrMHPbOn RTrVnblyaKcjM5gYNRFmLygqfaHVcAd9xNpLBpuywgF8sSESYeYscdNrd1O/zeux VTIZkN/lAPqVE00QlBlYIqOIOHLzDpGN/Ba1y6EehDGWt82G8dE= =c7T7 -----END PGP SIGNATURE----- Merge 5.10.156 into android12-5.10-lts Changes in 5.10.156 ASoC: wm5102: Revert "ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe" ASoC: wm5110: Revert "ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe" ASoC: wm8997: Revert "ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe" ASoC: mt6660: Keep the pm_runtime enables before component stuff in mt6660_i2c_probe ASoC: wm8962: Add an event handler for TEMP_HP and TEMP_SPK spi: intel: Fix the offset to get the 64K erase opcode ASoC: codecs: jz4725b: add missed Line In power control bit ASoC: codecs: jz4725b: fix reported volume for Master ctl ASoC: codecs: jz4725b: use right control for Capture Volume ASoC: codecs: jz4725b: fix capture selector naming selftests/futex: fix build for clang selftests/intel_pstate: fix build for ARCH=x86_64 ASoC: rt1308-sdw: add the default value of some registers drm/amd/display: Remove wrong pipe control lock NFSv4: Retry LOCK on OLD_STATEID during delegation return i2c: tegra: Allocate DMA memory for DMA engine i2c: i801: add lis3lv02d's I2C address for Vostro 5568 drm/imx: imx-tve: Fix return type of imx_tve_connector_mode_valid btrfs: remove pointless and double ulist frees in error paths of qgroup tests Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm ASoC: codecs: jz4725b: Fix spelling mistake "Sourc" -> "Source", "Routee" -> "Route" ALSA: hda/realtek: fix speakers and micmute on HP 855 G8 mtd: spi-nor: intel-spi: Disable write protection only if asked spi: intel: Use correct mask for flash and protected regions mmc: sdhci-esdhc-imx: use the correct host caps for MMC_CAP_8_BIT_DATA drm/amd/pm: support power source switch on Sienna Cichlid drm/amd/pm: Read BIF STRAP also for BACO check drm/amd/pm: disable BACO entry/exit completely on several sienna cichlid cards drm/amdgpu: disable BACO on special BEIGE_GOBY card spi: stm32: Print summary 'callbacks suppressed' message ASoC: core: Fix use-after-free in snd_soc_exit() ASoC: tas2770: Fix set_tdm_slot in case of single slot ASoC: tas2764: Fix set_tdm_slot in case of single slot serial: 8250: Remove serial_rs485 sanitization from em485 serial: 8250: omap: Fix missing PM runtime calls for omap8250_set_mctrl() serial: 8250_omap: remove wait loop from Errata i202 workaround serial: 8250: omap: Fix unpaired pm_runtime_put_sync() in omap8250_remove() serial: 8250: omap: Flush PM QOS work on remove serial: imx: Add missing .thaw_noirq hook tty: n_gsm: fix sleep-in-atomic-context bug in gsm_control_send bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() ASoC: soc-utils: Remove __exit for snd_soc_util_exit() sctp: remove the unnecessary sinfo_stream check in sctp_prsctp_prune_unsent sctp: clear out_curr if all frag chunks of current msg are pruned block: sed-opal: kmalloc the cmd/resp buffers arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro siox: fix possible memory leak in siox_device_add() parport_pc: Avoid FIFO port location truncation pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map drm/panel: simple: set bpc field for logic technologies displays drm/drv: Fix potential memory leak in drm_dev_init() drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() ARM: dts: imx7: Fix NAND controller size-cells arm64: dts: imx8mm: Fix NAND controller size-cells arm64: dts: imx8mn: Fix NAND controller size-cells ata: libata-transport: fix double ata_host_put() in ata_tport_add() ata: libata-transport: fix error handling in ata_tport_add() ata: libata-transport: fix error handling in ata_tlink_add() ata: libata-transport: fix error handling in ata_tdev_add() bpf: Initialize same number of free nodes for each pcpu_freelist net: bgmac: Drop free_netdev() from bgmac_enet_remove() mISDN: fix possible memory leak in mISDN_dsp_element_register() net: hinic: Fix error handling in hinic_module_init() net: liquidio: release resources when liquidio driver open failed mISDN: fix misuse of put_device() in mISDN_register_device() net: macvlan: Use built-in RCU list checking net: caif: fix double disconnect client in chnl_net_open() bnxt_en: Remove debugfs when pci_register_driver failed xen/pcpu: fix possible memory leak in register_pcpu() net: ionic: Fix error handling in ionic_init_module() net: ena: Fix error handling in ena_init() drbd: use after free in drbd_create_device() platform/x86/intel: pmc: Don't unconditionally attach Intel PMC when virtualized cifs: add check for returning value of SMB2_close_init net: ag71xx: call phylink_disconnect_phy if ag71xx_hw_enable() fail in ag71xx_open() net/x25: Fix skb leak in x25_lapb_receive_frame() cifs: Fix wrong return value checking when GETFLAGS net: thunderbolt: Fix error handling in tbnet_init() cifs: add check for returning value of SMB2_set_info_init ftrace: Fix the possible incorrect kernel message ftrace: Optimize the allocation for mcount entries ftrace: Fix null pointer dereference in ftrace_add_mod() ring_buffer: Do not deactivate non-existant pages tracing/ring-buffer: Have polling block on watermark tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() tracing: Fix wild-memory-access in register_synth_event() tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit() tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit() ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() ALSA: hda/realtek: fix speakers for Samsung Galaxy Book Pro ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 Revert "usb: dwc3: disable USB core PHY management" slimbus: stream: correct presence rate frequencies speakup: fix a segfault caused by switching consoles USB: bcma: Make GPIO explicitly optional USB: serial: option: add Sierra Wireless EM9191 USB: serial: option: remove old LARA-R6 PID USB: serial: option: add u-blox LARA-R6 00B modem USB: serial: option: add u-blox LARA-L6 modem USB: serial: option: add Fibocom FM160 0x0111 composition usb: add NO_LPM quirk for Realforce 87U Keyboard usb: chipidea: fix deadlock in ci_otg_del_timer usb: typec: mux: Enter safe mode only when pins need to be reconfigured iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger() iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init() iio: adc: mp2629: fix wrong comparison of channel iio: adc: mp2629: fix potential array out of bound access iio: pressure: ms5611: changed hardcoded SPI speed to value limited dm ioctl: fix misbehavior if list_versions races with module loading serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs serial: 8250: Flush DMA Rx on RLSI serial: 8250_lpss: Configure DMA also w/o DMA filter Input: iforce - invert valid length check when fetching device IDs maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault() scsi: zfcp: Fix double free of FSF request when qdio send fails iommu/vt-d: Set SRE bit only when hardware has SRS cap firmware: coreboot: Register bus in module init mmc: core: properly select voltage range without power cycle mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() docs: update mediator contact information in CoC doc misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() perf/x86/intel/pt: Fix sampling using single range output nvme: restrict management ioctls to admin nvme: ensure subsystem reset is single threaded net: fix a concurrency bug in l2tp_tunnel_register() ring-buffer: Include dropped pages in counting dirty patches usbnet: smsc95xx: Fix deadlock on runtime resume stddef: Introduce struct_group() helper macro net: use struct_group to copy ip/ipv6 header addresses scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus() scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case Input: i8042 - fix leaking of platform device on module removal uapi/linux/stddef.h: Add include guards macvlan: enforce a consistent minimal mtu tcp: cdg: allow tcp_cdg_release() to be called multiple times kcm: avoid potential race in kcm_tx_work kcm: close race conditions on sk_receive_queue 9p: trans_fd/p9_conn_cancel: drop client lock earlier gfs2: Check sb_bsize_shift after reading superblock gfs2: Switch from strlcpy to strscpy 9p/trans_fd: always use O_NONBLOCK read/write mm: fs: initialize fsdata passed to write_begin/write_end interface ntfs: fix use-after-free in ntfs_attr_find() ntfs: fix out-of-bounds read in ntfs_attr_find() ntfs: check overflow when iterating ATTR_RECORDs Revert "net: broadcom: Fix BCMGENET Kconfig" Linux 5.10.156 Change-Id: Ic9fe339913a510cc9fb9c4557b3bd6e196db834f Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
25af5a11f1 |
Merge 5.10.155 into android12-5.10-lts
Changes in 5.10.155
fuse: fix readdir cache race
hwspinlock: qcom: correct MMIO max register for newer SoCs
phy: stm32: fix an error code in probe
wifi: cfg80211: silence a sparse RCU warning
wifi: cfg80211: fix memory leak in query_regdb_file()
bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues
bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE
HID: hyperv: fix possible memory leak in mousevsc_probe()
bpf: Support for pointers beyond pkt_end.
bpf: Add helper macro bpf_for_each_reg_in_vstate
bpf: Fix wrong reg type conversion in release_reference()
net: gso: fix panic on frag_list with mixed head alloc types
macsec: delete new rxsc when offload fails
macsec: fix secy->n_rx_sc accounting
macsec: fix detection of RXSCs when toggling offloading
macsec: clear encryption keys from the stack after setting up offload
net: tun: Fix memory leaks of napi_get_frags
bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
net: fman: Unregister ethernet device on removal
capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
KVM: s390x: fix SCK locking
KVM: s390: pv: don't allow userspace to set the clock under PV
net: lapbether: fix issue of dev reference count leakage in lapbeth_device_event()
hamradio: fix issue of dev reference count leakage in bpq_device_event()
drm/vc4: Fix missing platform_unregister_drivers() call in vc4_drm_register()
tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent
ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
can: af_can: fix NULL pointer dereference in can_rx_register()
net: stmmac: dwmac-meson8b: fix meson8b_devm_clk_prepare_enable()
net: broadcom: Fix BCMGENET Kconfig
tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
dmaengine: pxa_dma: use platform_get_irq_optional
dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
drivers: net: xgene: disable napi when register irq failed in xgene_enet_open()
perf stat: Fix printing os->prefix in CSV metrics output
net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()
net: nixge: disable napi when enable interrupts failed in nixge_open()
net/mlx5: Allow async trigger completion execution on single CPU systems
net/mlx5e: E-Switch, Fix comparing termination table instance
net: cpsw: disable napi in cpsw_ndo_open()
net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
cxgb4vf: shut down the adapter when t4vf_update_port_info() failed in cxgb4vf_open()
net: phy: mscc: macsec: clear encryption keys when freeing a flow
net: atlantic: macsec: clear encryption keys from the stack
ethernet: s2io: disable napi when start nic failed in s2io_card_up()
net: mv643xx_eth: disable napi when init rxq or txq failed in mv643xx_eth_open()
ethernet: tundra: free irq when alloc ring failed in tsi108_open()
net: macvlan: fix memory leaks of macvlan_common_newlink
riscv: process: fix kernel info leakage
riscv: vdso: fix build with llvm
riscv: Enable CMA support
riscv: Separate memory init from paging init
riscv: fix reserved memory setup
arm64: efi: Fix handling of misaligned runtime regions and drop warning
MIPS: jump_label: Fix compat branch range check
mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI
mmc: sdhci-of-arasan: Fix SDHCI_RESET_ALL for CQHCI
mmc: sdhci_am654: Fix SDHCI_RESET_ALL for CQHCI
mmc: sdhci-tegra: Fix SDHCI_RESET_ALL for CQHCI
ALSA: hda/hdmi - enable runtime pm for more AMD display audio
ALSA: hda/ca0132: add quirk for EVGA Z390 DARK
ALSA: hda: fix potential memleak in 'add_widget_node'
ALSA: hda/realtek: Add Positivo C6300 model quirk
ALSA: usb-audio: Add quirk entry for M-Audio Micro
ALSA: usb-audio: Add DSD support for Accuphase DAC-60
vmlinux.lds.h: Fix placement of '.data..decrypted' section
ata: libata-scsi: fix SYNCHRONIZE CACHE (16) command failure
nilfs2: fix deadlock in nilfs_count_free_blocks()
nilfs2: fix use-after-free bug of ns_writer on remount
drm/i915/dmabuf: fix sg_table handling in map_dma_buf
platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi
btrfs: selftests: fix wrong error check in btrfs_free_dummy_root()
mms: sdhci-esdhc-imx: Fix SDHCI_RESET_ALL for CQHCI
udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
mm/memremap.c: map FS_DAX device memory as decrypted
can: j1939: j1939_send_one(): fix missing CAN header initialization
cert host tools: Stop complaining about deprecated OpenSSL functions
dmaengine: at_hdmac: Fix at_lli struct definition
dmaengine: at_hdmac: Don't start transactions at tx_submit level
dmaengine: at_hdmac: Start transfer for cyclic channels in issue_pending
dmaengine: at_hdmac: Fix premature completion of desc in issue_pending
dmaengine: at_hdmac: Do not call the complete callback on device_terminate_all
dmaengine: at_hdmac: Protect atchan->status with the channel lock
dmaengine: at_hdmac: Fix concurrency problems by removing atc_complete_all()
dmaengine: at_hdmac: Fix concurrency over descriptor
dmaengine: at_hdmac: Free the memset buf without holding the chan lock
dmaengine: at_hdmac: Fix concurrency over the active list
dmaengine: at_hdmac: Fix descriptor handling when issuing it to hardware
dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors
dmaengine: at_hdmac: Don't allow CPU to reorder channel enable
dmaengine: at_hdmac: Fix impossible condition
dmaengine: at_hdmac: Check return code of dma_async_device_register
net: tun: call napi_schedule_prep() to ensure we own a napi
mmc: sdhci-esdhc-imx: Convert the driver to DT-only
x86/cpu: Restore AMD's DE_CFG MSR after resume
io_uring: kill goto error handling in io_sqpoll_wait_sq()
Linux 5.10.155
Change-Id: Id7d803ed2db044ef465aab7e80fca8b4b07df258
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Greg Kroah-Hartman
|
9ef4727680 |
Merge tag 'android12-5.10.149_r00' into android12-5.10
This is the merge of the upstream LTS release of 5.10.149 into the android12-5.10 branch. It contains the following commits: |
||
|
Suren Baghdasaryan
|
d95f5e3da7 |
ANDROID: khugepaged: fix mixing declarations warning in retract_page_tables
vm_write_begin() was added before variable definition, producing a
"mixing declarations and code is a C99 extension" warning. Fix by
rearranging the code.
Fixes: ("ANDROID: mm/khugepaged: add missing vm_write_{begin|end}")
Bug: 257443051
Change-Id: I6e85ccfabd5e37b1397c654d61d0b8177326c3d8
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Suren Baghdasaryan
|
aaf03dd58c |
ANDROID: mm: fix build issue in spf when CONFIG_USERFAULTFD=n
When CONFIG_USERFAULTFD=n __VM_UFFD_FLAGS mask is undefined and produces
build error. Fix it by making the check conditional on CONFIG_USERFAULTFD.
Fixes: ("ANDROID: mm: prevent speculative page fault handling for userfaults")
Bug: 257443051
Change-Id: Ie9ff98b840032eb18183b49e3566cf178359948f
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Suren Baghdasaryan
|
1c828eb3da |
ANDROID: mm: disable speculative page faults for CONFIG_NUMA
NUMA support with speculative page faults might be broken if
vma_replace_policy() replaces the mempolicy object used in
do_anonymous_page()
alloc_zeroed_user_highpage_movable()
alloc_page_vma()
alloc_pages_vma()
get_vma_policy()
__get_vma_policy() in speculative path does not always refcounts the
mempolicy object, therefore can't be relied on stabilizing it.
Rather than fixing this, just disable speculation for CONFIG_NUMA
for now and fix it if it's ever needed in Android.
Bug: 257443051
Change-Id: Ib5750b9809979a69a42ebfa6c130e123f416f1aa
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Suren Baghdasaryan
|
1900436df5 |
ANDROID: mm: fix invalid backport in speculative page fault path
Invalid condition was introduced when porting the original SPF patch
which would affect NUMA mode.
Fixes:
|
||
|
Suren Baghdasaryan
|
0f43357d37 |
ANDROID: disable page table moves when speculative page faults are enabled
move_page_tables() can move entire pmd or pud without locking individual ptes. This is problematic for speculative page faults which do not take mmap_lock because they rely on ptl lock when writing new pte value. To avoid possible race, disable move_page_tables() optimization when CONFIG_SPECULATIVE_PAGE_FAULT is enabled. Bug: 257443051 Change-Id: Ib48dda08ecad1abc60d08fc089a6566a63393c13 Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Suren Baghdasaryan
|
bfdcf47ca3 |
ANDROID: mm: remove sequence counting when mmap_lock is not exclusively owned
In a number of cases vm_write_{begin|end} is called while mmap_lock is
not owned exclusively. This is unnecessary and can affect correctness of
the sequence counting protecting speculative page fault handlers. Remove
extra calls.
Bug: 257443051
Change-Id: I1278638a0794448e22fbdab5601212b3b2eaebdc
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Suren Baghdasaryan
|
5ed391bd8a |
ANDROID: mm/khugepaged: add missing vm_write_{begin|end}
Speculative page fault handler needs to detect concurrent pmd changes
and relies on vma seqcount for that. pmdp_collapse_flush(), set_huge_pmd() and collapse_and_free_pmd() can modify a pmd.
vm_write_{begin|end} are needed in the paths which can call these
functions for page fault handler to detect pmd changes.
Bug: 257443051
Change-Id: Ieb784b5f44901b66a594f61b9e7c91190ff97f80
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
Michel Lespinasse
|
59d4d125b7 |
BACKPORT: FROMLIST: mm: implement speculative handling in filemap_fault()
Extend filemap_fault() to handle speculative faults. In the speculative case, we will only be fishing existing pages out of the page cache. The logic we use mirrors what is done in the non-speculative case, assuming that pages are found in the page cache, are up to date and not already locked, and that readahead is not necessary at this time. In all other cases, the fault is aborted to be handled non-speculatively. Signed-off-by: Michel Lespinasse <michel@lespinasse.org> Link: https://lore.kernel.org/all/20210407014502.24091-26-michel@lespinasse.org/ Conflicts: mm/filemap.c 1. Added back file_ra_state variable used by SPF path. 2. Updated comment for filemap_fault to reflect SPF locking rules. Bug: 161210518 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: I82eba7fcfc81876245c2e65bc5ae3d33ddfcc368 |
||
|
Suren Baghdasaryan
|
2bb39b9121 |
ANDROID: mm: prevent reads of unstable pmd during speculation
Checks of pmd during speculative page fault handling are racy because pmd is unprotected and might be modified or cleared. This might cause use-after-free reads from speculative path, therefore prevent such checks. At the beginning of speculation pmd is checked to be valid and if it's changed before page fault is handled, the change will be detected and page fault will be retried under mmap_lock protection. Bug: 257443051 Change-Id: I0cbd3b0b44e8296cf0d6cb298fae48c696580068 Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Suren Baghdasaryan
|
4b388752ac |
ANDROID: mm: prevent speculative page fault handling for in do_swap_page()
do_swap_page() uses migration_entry_wait() which operates on page tables without protection. Disable speculative page fault handling. Bug: 257443051 Change-Id: I677eb1ee85707dce533d5d811dcde5f5dabcfdf3 Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Suren Baghdasaryan
|
0560f5f7b3 |
ANDROID: mm: prevent speculative page fault handling for userfaults
handle_userfault() should be protected against a concurrent userfaultfd_release(), therefore handling a userfaults speculatively without mmap_lock protection should be disallowed. Bug: 257443051 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: Ic6ae39329c73e8849048ea15b5351a49346404d3 |
||
|
Suren Baghdasaryan
|
1169f70f8f |
ANDROID: mm: skip pte_alloc during speculative page fault
Speculative page fault checks pmd to be valid before starting to handle the page fault and pte_alloc() should do nothing if pmd stays valid. If pmd gets changed during speculative page fault, we will detect the change later and retry with mmap_lock. Therefore pte_alloc() can be safely skipped and this prevents the racy pmd_lock() call which can access pmd->ptl after pmd was cleared. Bug: 257443051 Change-Id: Iec57df5530dba6e0e0bdf9f7500f910851c3d3fd Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
Alexander Potapenko
|
294ef12dcc |
mm: fs: initialize fsdata passed to write_begin/write_end interface
commit 1468c6f4558b1bcd92aa0400f2920f9dc7588402 upstream. Functions implementing the a_ops->write_end() interface accept the `void *fsdata` parameter that is supposed to be initialized by the corresponding a_ops->write_begin() (which accepts `void **fsdata`). However not all a_ops->write_begin() implementations initialize `fsdata` unconditionally, so it may get passed uninitialized to a_ops->write_end(), resulting in undefined behavior. Fix this by initializing fsdata with NULL before the call to write_begin(), rather than doing so in all possible a_ops implementations. This patch covers only the following cases found by running x86 KMSAN under syzkaller: - generic_perform_write() - cont_expand_zero() and generic_cont_expand_simple() - page_symlink() Other cases of passing uninitialized fsdata may persist in the codebase. Link: https://lkml.kernel.org/r/20220915150417.722975-43-glider@google.com Signed-off-by: Alexander Potapenko <glider@google.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Andrey Konovalov <andreyknvl@gmail.com> Cc: Andrey Konovalov <andreyknvl@google.com> Cc: Andy Lutomirski <luto@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Borislav Petkov <bp@alien8.de> Cc: Christoph Hellwig <hch@lst.de> Cc: Christoph Lameter <cl@linux.com> Cc: David Rientjes <rientjes@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Eric Biggers <ebiggers@google.com> Cc: Eric Biggers <ebiggers@kernel.org> Cc: Eric Dumazet <edumazet@google.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Ilya Leoshkevich <iii@linux.ibm.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Jens Axboe <axboe@kernel.dk> Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com> Cc: Kees Cook <keescook@chromium.org> Cc: Marco Elver <elver@google.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Pekka Enberg <penberg@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Petr Mladek <pmladek@suse.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Vasily Gorbik <gor@linux.ibm.com> Cc: Vegard Nossum <vegard.nossum@oracle.com> Cc: Vlastimil Babka <vbabka@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Alban Crequy
|
db744288af |
maccess: Fix writing offset in case of fault in strncpy_from_kernel_nofault()
commit 8678ea06852cd1f819b870c773d43df888d15d46 upstream.
If a page fault occurs while copying the first byte, this function resets one
byte before dst.
As a consequence, an address could be modified and leaded to kernel crashes if
case the modified address was accessed later.
Fixes:
|
||
|
Pavankumar Kondeti
|
d84fac9795 |
FROMGIT: mm/madvise: fix madvise_pageout for private file mappings
When MADV_PAGEOUT is called on a private file mapping VMA region, we bail out early if the process is neither owner nor write capable of the file. However, this VMA may have both private/shared clean pages and private dirty pages. The opportunity of paging out the private dirty pages (Anon pages) is missed. Fix this by caching the file access check and use it later along with PageAnon() during page walk. We observe ~10% improvement in zram usage, thus leaving more available memory on a 4GB RAM system running Android. Link: https://lkml.kernel.org/r/1667971116-12900-1-git-send-email-quic_pkondeti@quicinc.com Signed-off-by: Pavankumar Kondeti <quic_pkondeti@quicinc.com> Cc: Charan Teja Kalla <quic_charante@quicinc.com> Cc: Minchan Kim <minchan@kernel.org> Cc: Suren Baghdasaryan <surenb@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit 8fc5be8efc3cf356f25098fbd4bda7c0e949c2ea git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm.git mm-unstable) Bug: 259329159 Signed-off-by: Pavankumar Kondeti <quic_pkondeti@quicinc.com> Change-Id: I5f2d425aec94e5a75ebeaf90f9f5d7adf1975c59 |
||
Mike Rapoport
|
f1bf7ee90f |
BACKPORT: mm/page_alloc: always initialize memory map for the holes
Patch series "mm: ensure consistency of memory map poisoning". Currently memory map allocation for FLATMEM case does not poison the struct pages regardless of CONFIG_PAGE_POISON setting. This happens because allocation of the memory map for FLATMEM and SPARSMEM use different memblock functions and those that are used for SPARSMEM case (namely memblock_alloc_try_nid_raw() and memblock_alloc_exact_nid_raw()) implicitly poison the allocated memory. Another side effect of this implicit poisoning is that early setup code that uses the same functions to allocate memory burns cycles for the memory poisoning even if it was not intended. These patches introduce memmap_alloc() wrapper that ensure that the memory map allocation is consistent for different memory models. This patch (of 4): Currently memory map for the holes is initialized only when SPARSEMEM memory model is used. Yet, even with FLATMEM there could be holes in the physical memory layout that have memory map entries. For instance, the memory reserved using e820 API on i386 or "reserved-memory" nodes in device tree would not appear in memblock.memory and hence the struct pages for such holes will be skipped during memory map initialization. These struct pages will be zeroed because the memory map for FLATMEM systems is allocated with memblock_alloc_node() that clears the allocated memory. While zeroed struct pages do not cause immediate problems, the correct behaviour is to initialize every page using __init_single_page(). Besides, enabling page poison for FLATMEM case will trigger PF_POISONED_CHECK() unless the memory map is properly initialized. Make sure init_unavailable_range() is called for both SPARSEMEM and FLATMEM so that struct pages representing memory holes would appear as PG_Reserved with any memory layout. [rppt@kernel.org: fix microblaze] Link: https://lkml.kernel.org/r/YQWW3RCE4eWBuMu/@kernel.org (cherry picked from commit c3ab6baf6a004eab7344a1d8880a971f2414e1b6) Bug: 258556132 Link: https://lkml.kernel.org/r/20210714123739.16493-1-rppt@kernel.org Link: https://lkml.kernel.org/r/20210714123739.16493-2-rppt@kernel.org Change-Id: Ib60682288ba76e65384de91b70a08662ead12934 Signed-off-by: Mike Rapoport <rppt@linux.ibm.com> Acked-by: David Hildenbrand <david@redhat.com> Tested-by: Guenter Roeck <linux@roeck-us.net> Cc: Michal Simek <monstr@monstr.eu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
|
Greg Kroah-Hartman
|
673a7341bd |
This is the 5.10.153 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmNj1woACgkQONu9yGCS aT5mQw/+IG2zLoH79zTzQDZF+DYZ+J5WRGVLfx+5mM2j1fGgXWmxADdlzMZTSSAc XP1hDxHBYQSnQi/kRPuJOKJbV9TysdOV2SSvwzblq6UE4B7tw3q4YE9calfYPaiF AhvMMAEaXGVHAVSgliRqcgnlq5Yj6nrxjr73O3kuyCWvfv6XToCd6LKFJyHdVniw kJ7gbkgiOVH/caKyzJxW3uSZ11t4uZ10nu4q+rd3JOLDecPLcPLM28pDTL/znqS0 ECiPypmIrd10UL+V4aiHsBR9wHEJdZULb/SLLwy85EuUeEhmx4i1ylu5JosY77cQ 2CkxHIt8nCKxJ3BziMUbutY40VBs/MP74t1kB5Th/3JK8gsw2+JdUJ7b9RXzb60k vbFjc3lJugmNsAXqOnibAu/PdoWYi4IC7A2D/gJcWzsEKgVWQptZizJpn5Se3F3+ OCWdqgOiTZiegK55W3w2xbNqSLkuvAfbx18UEWltHhzS1UT7cqGVxx7qcsFhWGfV rG1yzzF1Skx2BcnBf+6yTczOUcOyLrMyyek3tRD00EWn8o1ik9lKARNKd+b7IUW4 57NUvaGsBp/BRrJobrdx5r7AkTg5AfEWQAM69+vbDUxjKRM02FQlfEycGxcTT2GD nUUzJMgobd0GW4HU/2rpmMk67QCnJ9guJxRCpcp7ocGkX0x2WYs= =n9Bi -----END PGP SIGNATURE----- Merge 5.10.153 into android12-5.10-lts Changes in 5.10.153 can: j1939: transport: j1939_session_skb_drop_old(): spin_unlock_irqrestore() before kfree_skb() can: kvaser_usb: Fix possible completions during init_completion ALSA: Use del_timer_sync() before freeing timer ALSA: au88x0: use explicitly signed char ALSA: rme9652: use explicitly signed char USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM usb: dwc3: gadget: Stop processing more requests on IMI usb: dwc3: gadget: Don't set IMI for no_interrupt usb: bdc: change state when port disconnected usb: xhci: add XHCI_SPURIOUS_SUCCESS to ASM1042 despite being a V0.96 controller mtd: rawnand: marvell: Use correct logic for nand-keep-config xhci: Add quirk to reset host back to default state at shutdown xhci: Remove device endpoints from bandwidth list when freeing the device tools: iio: iio_utils: fix digit calculation iio: light: tsl2583: Fix module unloading iio: temperature: ltc2983: allocate iio channels once fbdev: smscufx: Fix several use-after-free bugs fs/binfmt_elf: Fix memory leak in load_elf_binary() exec: Copy oldsighand->action under spin-lock mac802154: Fix LQI recording scsi: qla2xxx: Use transport-defined speed mask for supported_speeds drm/msm/dsi: fix memory corruption with too many bridges drm/msm/hdmi: fix memory corruption with too many bridges drm/msm/dp: fix IRQ lifetime mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO mmc: core: Fix kernel panic when remove non-standard SDIO card counter: microchip-tcb-capture: Handle Signal1 read and Synapse kernfs: fix use-after-free in __kernfs_remove perf auxtrace: Fix address filter symbol name match for modules s390/futex: add missing EX_TABLE entry to __futex_atomic_op() s390/pci: add missing EX_TABLE entries to __pcistg_mio_inuser()/__pcilg_mio_inuser() Xen/gntdev: don't ignore kernel unmapping error xen/gntdev: Prevent leaking grants mm/memory: add non-anonymous page check in the copy_present_page() mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages net: ieee802154: fix error return code in dgram_bind() media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation drm/msm: Fix return type of mdp4_lvds_connector_mode_valid ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile arc: iounmap() arg is volatile ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() perf/x86/intel/lbr: Use setup_clear_cpu_cap() instead of clear_cpu_cap() tipc: fix a null-ptr-deref in tipc_topsrv_accept net: netsec: fix error handling in netsec_register_mdio() net: hinic: fix incorrect assignment issue in hinic_set_interrupt_cfg() net: hinic: fix memory leak when reading function table net: hinic: fix the issue of CMDQ memory leaks net: hinic: fix the issue of double release MBOX callback of VF x86/unwind/orc: Fix unreliable stack dump with gcov amd-xgbe: fix the SFP compliance codes check for DAC cables amd-xgbe: add the bit rate quirk for Molex cables atlantic: fix deadlock at aq_nic_stop kcm: annotate data-races around kcm->rx_psock kcm: annotate data-races around kcm->rx_wait net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed net: lantiq_etop: don't free skb when returning NETDEV_TX_BUSY tcp: minor optimization in tcp_add_backlog() tcp: fix a signed-integer-overflow bug in tcp_add_backlog() tcp: fix indefinite deferral of RTO with SACK reneging can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in error path can: mcp251x: mcp251x_can_probe(): add missing unregister_candev() in error path PM: hibernate: Allow hybrid sleep to work with s2idle media: vivid: s_fbuf: add more sanity checks media: vivid: dev->bitmap_cap wasn't freed in all cases media: v4l2-dv-timings: add sanity checks for blanking values media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced' media: vivid: set num_in/outputs to 0 if not supported ipv6: ensure sane device mtu in tunnels i40e: Fix ethtool rx-flow-hash setting for X722 i40e: Fix VF hang when reset is triggered on another VF i40e: Fix flow-type by setting GL_HASH_INSET registers net: ksz884x: fix missing pci_disable_device() on error in pcidev_init() PM: domains: Fix handling of unavailable/disabled idle states net: fec: limit register access on i.MX6UL ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() ALSA: aoa: Fix I2S device accounting openvswitch: switch from WARN to pr_warn net: ehea: fix possible memory leak in ehea_register_port() nh: fix scope used to find saddr when adding non gw nh net/mlx5e: Do not increment ESN when updating IPsec ESN state net/mlx5: Fix possible use-after-free in async command interface net/mlx5: Fix crash during sync firmware reset net: enetc: survive memory pressure without crashing arm64: Add AMPERE1 to the Spectre-BHB affected list scsi: sd: Revert "scsi: sd: Remove a local variable" arm64/mm: Fix __enable_mmu() for new TGRAN range values arm64/kexec: Test page size support with new TGRAN range values can: rcar_canfd: rcar_canfd_handle_global_receive(): fix IRQ storm on global FIFO receive serial: core: move RS485 configuration tasks from drivers into core serial: Deassert Transmit Enable on probe in driver-specific way Linux 5.10.153 Change-Id: I1cbca2c5cbaaab34ccd6e055f13c35d900d4ce25 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Will Deacon
|
dcdb7eadfd |
Revert "FROMGIT: mm/vmalloc: Add override for lazy vunmap"
Revert submission 2302443 Reason for revert: Series is not queued in a maintainer tree and has not been posted to a public mailing list. Reverted Changes: Iffd38bf97:FROMGIT: arm64: Work around Cortex-A510 erratum 24... I694523564:FROMGIT: mm/vmalloc: Add override for lazy vunmap Change-Id: I345e32bac76292413908b4a81295a228003fa4c0 Signed-off-by: Will Deacon <willdeacon@google.com> |
||
Sivasri Kumar, Vanka
|
25b8343bd4 |
Merge keystone/android12-5.10-keystone-qcom-release.136+ (3593700) into msm-5.10
* refs/heads/tmp-3593700c:
ANDROID: abi_gki_aarch64_qcom: Add wait_on_page_bit
FROMLIST: binder: fix UAF of alloc->vma in race with munmap()
UPSTREAM: wifi: mac80211: fix MBSSID parsing use-after-free
UPSTREAM: wifi: mac80211: don't parse mbssid in assoc response
UPSTREAM: mac80211: mlme: find auth challenge directly
UPSTREAM: wifi: cfg80211: update hidden BSSes to avoid WARN_ON
UPSTREAM: wifi: mac80211: fix crash in beacon protection for P2P-device
UPSTREAM: wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
UPSTREAM: wifi: cfg80211: avoid nontransmitted BSS list corruption
UPSTREAM: wifi: cfg80211: fix BSS refcounting bugs
UPSTREAM: wifi: cfg80211: ensure length byte is present before access
UPSTREAM: wifi: cfg80211/mac80211: reject bad MBSSID elements
UPSTREAM: wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
UPSTREAM: psi: Fix psi state corruption when schedule() races with cgroup move
ANDROID: GKI: Update symbol list for mtk AIoT projects
UPSTREAM: psi: Fix psi state corruption when schedule() races with cgroup move
BACKPORT: HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
BACKPORT: mm: don't be stuck to rmap lock on reclaim path
Revert "firmware_loader: use kernel credentials when reading firmware"
Revert "firmware_loader: use kernel credentials when reading firmware"
UPSTREAM: crypto: jitter - add oversampling of noise source
ANDROID: Fix kenelci build-break for !CONFIG_PERF_EVENTS
FROMGIT: f2fs: support recording stop_checkpoint reason into super_block
UPSTREAM: wifi: mac80211_hwsim: use 32-bit skb cookie
UPSTREAM: wifi: mac80211_hwsim: add back erroneously removed cast
UPSTREAM: wifi: mac80211_hwsim: fix race condition in pending packet
ANDROID: abi_gki_aarch64_qcom: Add android_vh_madvise_cold_or_pageout
ANDROID: force struct page_vma_mapped_walk to be defined in KMI
ANDROID: vendor_hooks: Allow shared pages reclaim via MADV_PAGEOUT
UPSTREAM: usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
ANDROID: GKI: Update symbols to symbol list
ANDROID: make sure all types for hooks are defined in KMI
ANDROID: force struct selinux_state to be defined in KMI
BACKPORT: erofs: fix use-after-free of on-stack io[]
ANDROID: GKI: Update symbols to symbol list
ANDROID: vendor_hook: rename the the name of hooks
ANDROID: ABI: Add extcon_get_property_capability symbol
Revert "ANDROID: arm64: debug-monitors: export break hook APIs"
Revert "ANDROID: vendor_hooks:vendor hook for __alloc_pages_slowpath."
Revert "ANDROID: Export functions to be used with dma_map_ops in modules"
FROMLIST: f2fs: let FI_OPU_WRITE override FADVISE_COLD_BIT
ANDROID: remove unused xhci_get_endpoint_address export
ANDROID: incfs: Add check for ATTR_KILL_SUID and ATTR_MODE in incfs_setattr
ANDROID: GKI: Update symbols to symbol list
ANDROID: vendor_hooks: Add hooks for lookaround
Revert "Revert "ANDROID: add for tuning readahead size""
ANDROID: transsion: Update the ABI xml and symbol list
ANDROID: vendor_hooks: Add hooks for lookaround
BACKPORT: dm verity: set DM_TARGET_IMMUTABLE feature flag
BACKPORT: pipe: Fix missing lock in pipe_resize_ring()
BACKPORT: KVM: x86: avoid calling x86 emulator without a decoded instruction
ANDROID: GKI: add symbols in android/abi_gki_aarch64_oplus
BACKPORT: watchqueue: make sure to serialize 'wqueue->defunct' properly
ANDROID: GKI: Update symbol list for Exynos SoC
Linux 5.10.136
x86/speculation: Add LFENCE to RSB fill sequence
x86/speculation: Add RSB VM Exit protections
macintosh/adb: fix oob read in do_adb_query() function
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3586
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x13D3:0x3587
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0CB8:0xC558
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04C5:0x1675
Bluetooth: btusb: Add Realtek RTL8852C support ID 0x04CA:0x4007
Bluetooth: btusb: Add support of IMC Networks PID 0x3568
Bluetooth: hci_bcm: Add DT compatible for CYW55572
Bluetooth: hci_bcm: Add BCM4349B1 variant
selftests: KVM: Handle compiler optimizations in ucall
tools/kvm_stat: fix display of error when multiple processes are found
crypto: arm64/poly1305 - fix a read out-of-bound
ACPI: APEI: Better fix to avoid spamming the console with old error logs
ACPI: video: Shortening quirk list by identifying Clevo by board_name only
ACPI: video: Force backlight native for some TongFang devices
tun: avoid double free in tun_free_netdev
selftests/bpf: Check dst_port only on the client socket
selftests/bpf: Extend verifier and bpf_sock tests for dst_port loads
ath9k_htc: fix NULL pointer dereference at ath9k_htc_tx_get_packet()
ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep()
x86/speculation: Make all RETbleed mitigations 64-bit only
Linux 5.10.135
selftests: bpf: Don't run sk_lookup in verifier tests
bpf: Add PROG_TEST_RUN support for sk_lookup programs
bpf: Consolidate shared test timing code
x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available
xfs: Enforce attr3 buffer recovery order
xfs: logging the on disk inode LSN can make it go backwards
xfs: remove dead stale buf unpin handling code
xfs: hold buffer across unpin and potential shutdown processing
xfs: force the log offline when log intent item recovery fails
xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes
xfs: prevent UAF in xfs_log_item_in_current_chkpt
xfs: xfs_log_force_lsn isn't passed a LSN
xfs: refactor xfs_file_fsync
docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed
EDAC/ghes: Set the DIMM label unconditionally
ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow
mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle.
page_alloc: fix invalid watermark check on a negative value
ARM: crypto: comment out gcc warning that breaks clang builds
sctp: leave the err path free in sctp_stream_init to sctp_stream_free
sfc: disable softirqs for ptp TX
perf symbol: Correct address for bss symbols
virtio-net: fix the race between refill work and close
netfilter: nf_queue: do not allow packet truncation below transport header offset
sctp: fix sleep in atomic context bug in timer handlers
i40e: Fix interface init with MSI interrupts (no MSI-X)
tcp: Fix data-races around sysctl_tcp_reflect_tos.
tcp: Fix a data-race around sysctl_tcp_comp_sack_nr.
tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns.
tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns.
net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa()
macsec: always read MACSEC_SA_ATTR_PN as a u64
macsec: limit replay window size with XPN
macsec: fix error message in macsec_add_rxsa and _txsa
macsec: fix NULL deref in macsec_add_rxsa
Documentation: fix sctp_wmem in ip-sysctl.rst
tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit.
tcp: Fix a data-race around sysctl_tcp_autocorking.
tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen.
tcp: Fix a data-race around sysctl_tcp_min_tso_segs.
net: sungem_phy: Add of_node_put() for reference returned by of_get_parent()
igmp: Fix data-races around sysctl_igmp_qrv.
net/tls: Remove the context from the list in tls_device_down
ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr
net: ping6: Fix memleak in ipv6_renew_options().
tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit.
tcp: Fix a data-race around sysctl_tcp_limit_output_bytes.
tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf.
Revert "tcp: change pingpong threshold to 3"
scsi: ufs: host: Hold reference returned by of_parse_phandle()
ice: do not setup vlan for loopback VSI
ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS)
tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save.
tcp: Fix a data-race around sysctl_tcp_nometrics_save.
tcp: Fix a data-race around sysctl_tcp_frto.
tcp: Fix a data-race around sysctl_tcp_adv_win_scale.
tcp: Fix a data-race around sysctl_tcp_app_win.
tcp: Fix data-races around sysctl_tcp_dsack.
watch_queue: Fix missing locking in add_watch_to_object()
watch_queue: Fix missing rcu annotation
nouveau/svm: Fix to migrate all requested pages
s390/archrandom: prevent CPACF trng invocations in interrupt context
ntfs: fix use-after-free in ntfs_ucsncmp()
Revert "ocfs2: mount shared volume without ha stack"
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
ANDROID: fix up 5.10.132 merge with the virtio_mmio.c driver
Linux 5.10.134
watch-queue: remove spurious double semicolon
net: usb: ax88179_178a needs FLAG_SEND_ZLP
tty: use new tty_insert_flip_string_and_push_buffer() in pty_write()
tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push()
tty: drop tty_schedule_flip()
tty: the rest, stop using tty_schedule_flip()
tty: drivers/tty/, stop using tty_schedule_flip()
watchqueue: make sure to serialize 'wqueue->defunct' properly
x86/alternative: Report missing return thunk details
x86/amd: Use IBPB for firmware calls
Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks
Bluetooth: SCO: Fix sco_send_frame returning skb->len
Bluetooth: Fix passing NULL to PTR_ERR
Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg
Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg
Bluetooth: Add bt_skb_sendmmsg helper
Bluetooth: Add bt_skb_sendmsg helper
ALSA: memalloc: Align buffer allocations in page size
bitfield.h: Fix "type of reg too small for mask" test
drm/imx/dcss: fix unused but set variable warnings
dlm: fix pending remove if msg allocation fails
x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts
sched/deadline: Fix BUG_ON condition for deboosted tasks
bpf: Make sure mac_header was set before using it
mm/mempolicy: fix uninit-value in mpol_rebind_policy()
KVM: Don't null dereference ops->destroy
spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers
tcp: Fix data-races around sysctl_tcp_max_reordering.
tcp: Fix a data-race around sysctl_tcp_rfc1337.
tcp: Fix a data-race around sysctl_tcp_stdurg.
tcp: Fix a data-race around sysctl_tcp_retrans_collapse.
tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.
tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.
tcp: Fix data-races around sysctl_tcp_recovery.
tcp: Fix a data-race around sysctl_tcp_early_retrans.
tcp: Fix data-races around sysctl knobs related to SYN option.
udp: Fix a data-race around sysctl_udp_l3mdev_accept.
ip: Fix data-races around sysctl_ip_prot_sock.
ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.
drm/imx/dcss: Add missing of_node_put() in fail path
be2net: Fix buffer overflow in be_get_module_eeprom
gpio: pca953x: use the correct register address when regcache sync during init
gpio: pca953x: use the correct range when do regmap sync
gpio: pca953x: only use single read/write for No AI mode
ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero
i40e: Fix erroneous adapter reinitialization during recovery process
iavf: Fix handling of dummy receive descriptors
tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.
tcp: Fix data-races around sysctl_tcp_fastopen.
tcp: Fix data-races around sysctl_max_syn_backlog.
tcp: Fix a data-race around sysctl_tcp_tw_reuse.
tcp: Fix a data-race around sysctl_tcp_notsent_lowat.
tcp: Fix data-races around some timeout sysctl knobs.
tcp: Fix data-races around sysctl_tcp_reordering.
tcp: Fix data-races around sysctl_tcp_syncookies.
tcp: Fix data-races around keepalive sysctl knobs.
igmp: Fix data-races around sysctl_igmp_max_msf.
igmp: Fix a data-race around sysctl_igmp_max_memberships.
igmp: Fix data-races around sysctl_igmp_llm_reports.
net/tls: Fix race in TLS device down flow
net: stmmac: fix dma queue left shift overflow issue
i2c: cadence: Change large transfer count reset logic to be unconditional
net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow
tcp: Fix a data-race around sysctl_tcp_probe_interval.
tcp: Fix a data-race around sysctl_tcp_probe_threshold.
tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.
tcp: Fix data-races around sysctl_tcp_min_snd_mss.
tcp: Fix data-races around sysctl_tcp_base_mss.
tcp: Fix data-races around sysctl_tcp_mtu_probing.
tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.
ip: Fix a data-race around sysctl_fwmark_reflect.
ip: Fix a data-race around sysctl_ip_autobind_reuse.
ip: Fix data-races around sysctl_ip_nonlocal_bind.
ip: Fix data-races around sysctl_ip_fwd_update_priority.
ip: Fix data-races around sysctl_ip_fwd_use_pmtu.
ip: Fix data-races around sysctl_ip_no_pmtu_disc.
igc: Reinstate IGC_REMOVED logic and implement it properly
drm/amdgpu/display: add quirk handling for stutter mode
perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()
pinctrl: ralink: Check for null return of devm_kcalloc
power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup()
serial: mvebu-uart: correctly report configured baudrate value
PCI: hv: Fix interrupt mapping for multi-MSI
PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
PCI: hv: Fix multi-MSI to allow more than one MSI vector
Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch"
net: inline rollback_registered_many()
net: move rollback_registered_many()
net: inline rollback_registered()
net: move net_set_todo inside rollback_registered()
net: make sure devices go through netdev_wait_all_refs
net: make free_netdev() more lenient with unregistering devices
docs: net: explain struct net_device lifetime
xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
io_uring: Use original task for req identity in io_identity_cow()
lockdown: Fix kexec lockdown bypass with ima policy
mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
riscv: add as-options for modules with assembly compontents
pinctrl: stm32: fix optional IRQ support to gpios
Revert "cgroup: Use separate src/dst nodes when preloading css_sets for migration"
Revert "drm: fix EDID struct for old ARM OABI format"
Revert "mailbox: forward the hrtimer if not queued and under a lock"
Revert "Fonts: Make font size unsigned in font_desc"
Revert "parisc/stifb: Keep track of hardware path of graphics card"
Revert "Bluetooth: Interleave with allowlist scan"
Revert "Bluetooth: use inclusive language when filtering devices"
Revert "Bluetooth: use hdev lock for accept_list and reject_list in conn req"
Revert "thermal/drivers/core: Use a char pointer for the cooling device name"
Revert "thermal/core: Fix memory leak in __thermal_cooling_device_register()"
Revert "thermal/core: fix a UAF bug in __thermal_cooling_device_register()"
Revert "thermal/core: Fix memory leak in the error path"
Revert "ALSA: jack: Access input_dev under mutex"
Revert "gpiolib: of: Introduce hook for missing gpio-ranges"
Revert "pinctrl: bcm2835: implement hook for missing gpio-ranges"
Revert "ext4: fix use-after-free in ext4_rename_dir_prepare"
Revert "ext4: verify dir block before splitting it"
Linux 5.10.133
tools headers: Remove broken definition of __LITTLE_ENDIAN
tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' - again
objtool: Fix elf_create_undef_symbol() endianness
kvm: fix objtool relocation warning
x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds
um: Add missing apply_returns()
x86/bugs: Remove apostrophe typo
tools headers cpufeatures: Sync with the kernel sources
tools arch x86: Sync the msr-index.h copy with the kernel sources
KVM: emulate: do not adjust size of fastop and setcc subroutines
x86/kvm: fix FASTOP_SIZE when return thunks are enabled
efi/x86: use naked RET on mixed mode call wrapper
x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current
x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit
x86/ftrace: Add UNWIND_HINT_FUNC annotation for ftrace_stub
x86/xen: Fix initialisation in hypercall_page after rethunk
x86, kvm: use proper ASM macros for kvm_vcpu_is_preempted
tools/insn: Restore the relative include paths for cross building
x86/static_call: Serialize __static_call_fixup() properly
x86/speculation: Disable RRSBA behavior
x86/kexec: Disable RET on kexec
x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported
x86/bugs: Add Cannon lake to RETBleed affected CPU list
x86/retbleed: Add fine grained Kconfig knobs
x86/cpu/amd: Enumerate BTC_NO
x86/common: Stamp out the stepping madness
x86/speculation: Fill RSB on vmexit for IBRS
KVM: VMX: Fix IBRS handling after vmexit
KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS
KVM: VMX: Convert launched argument to flags
KVM: VMX: Flatten __vmx_vcpu_run()
objtool: Re-add UNWIND_HINT_{SAVE_RESTORE}
x86/speculation: Remove x86_spec_ctrl_mask
x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit
x86/speculation: Fix SPEC_CTRL write on SMT state change
x86/speculation: Fix firmware entry SPEC_CTRL handling
x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n
x86/cpu/amd: Add Spectral Chicken
objtool: Add entry UNRET validation
x86/bugs: Do IBPB fallback check only once
x86/bugs: Add retbleed=ibpb
x86/xen: Rename SYS* entry points
objtool: Update Retpoline validation
intel_idle: Disable IBRS during long idle
x86/bugs: Report Intel retbleed vulnerability
x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation()
x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS
x86/bugs: Optimize SPEC_CTRL MSR writes
x86/entry: Add kernel IBRS implementation
x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value
x86/bugs: Enable STIBP for JMP2RET
x86/bugs: Add AMD retbleed= boot parameter
x86/bugs: Report AMD retbleed vulnerability
x86: Add magic AMD return-thunk
objtool: Treat .text.__x86.* as noinstr
x86: Use return-thunk in asm code
x86/sev: Avoid using __x86_return_thunk
x86/vsyscall_emu/64: Don't use RET in vsyscall emulation
x86/kvm: Fix SETcc emulation for return thunks
x86/bpf: Use alternative RET encoding
x86/ftrace: Use alternative RET encoding
x86,static_call: Use alternative RET encoding
objtool: skip non-text sections when adding return-thunk sites
x86,objtool: Create .return_sites
x86: Undo return-thunk damage
x86/retpoline: Use -mfunction-return
Makefile: Set retpoline cflags based on CONFIG_CC_IS_{CLANG,GCC}
x86/retpoline: Swizzle retpoline thunk
x86/retpoline: Cleanup some #ifdefery
x86/cpufeatures: Move RETPOLINE flags to word 11
x86/kvm/vmx: Make noinstr clean
x86/realmode: build with -D__DISABLE_EXPORTS
objtool: Fix objtool regression on x32 systems
x86/entry: Remove skip_r11rcx
objtool: Fix symbol creation
objtool: Fix type of reloc::addend
objtool: Fix code relocs vs weak symbols
objtool: Fix SLS validation for kcov tail-call replacement
crypto: x86/poly1305 - Fixup SLS
objtool: Default ignore INT3 for unreachable
kvm/emulate: Fix SETcc emulation function offsets with SLS
tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy'
x86: Add straight-line-speculation mitigation
objtool: Add straight-line-speculation validation
x86/alternative: Relax text_poke_bp() constraint
x86: Prepare inline-asm for straight-line-speculation
x86: Prepare asm files for straight-line-speculation
x86/lib/atomic64_386_32: Rename things
bpf,x86: Respect X86_FEATURE_RETPOLINE*
bpf,x86: Simplify computing label offsets
x86/alternative: Add debug prints to apply_retpolines()
x86/alternative: Try inline spectre_v2=retpoline,amd
x86/alternative: Handle Jcc __x86_indirect_thunk_\reg
x86/alternative: Implement .retpoline_sites support
x86/retpoline: Create a retpoline thunk array
x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h
x86/asm: Fixup odd GEN-for-each-reg.h usage
x86/asm: Fix register order
x86/retpoline: Remove unused replacement symbols
objtool,x86: Replace alternatives with .retpoline_sites
objtool: Explicitly avoid self modifying code in .altinstr_replacement
objtool: Classify symbols
objtool: Handle __sanitize_cov*() tail calls
objtool: Introduce CFI hash
objtool: Make .altinstructions section entry size consistent
objtool: Remove reloc symbol type checks in get_alt_entry()
objtool: print out the symbol type when complaining about it
objtool: Teach get_alt_entry() about more relocation types
objtool: Don't make .altinstructions writable
objtool/x86: Ignore __x86_indirect_alt_* symbols
objtool: Only rewrite unconditional retpoline thunk calls
objtool: Fix .symtab_shndx handling for elf_create_undef_symbol()
x86/alternative: Optimize single-byte NOPs at an arbitrary position
objtool: Support asm jump tables
objtool/x86: Rewrite retpoline thunk calls
objtool: Skip magical retpoline .altinstr_replacement
objtool: Cache instruction relocs
objtool: Keep track of retpoline call sites
objtool: Add elf_create_undef_symbol()
objtool: Extract elf_symbol_add()
objtool: Extract elf_strtab_concat()
objtool: Create reloc sections implicitly
objtool: Add elf_create_reloc() helper
objtool: Rework the elf_rebuild_reloc_section() logic
objtool: Handle per arch retpoline naming
objtool: Correctly handle retpoline thunk calls
x86/retpoline: Simplify retpolines
x86/alternatives: Optimize optimize_nops()
x86: Add insn_decode_kernel()
x86/alternative: Use insn_decode()
x86/insn-eval: Handle return values from the decoder
x86/insn: Add an insn_decode() API
x86/insn: Add a __ignore_sync_check__ marker
x86/insn: Rename insn_decode() to insn_decode_from_regs()
x86/alternative: Use ALTERNATIVE_TERNARY() in _static_cpu_has()
x86/alternative: Support ALTERNATIVE_TERNARY
x86/alternative: Support not-feature
x86/alternative: Merge include files
x86/xen: Support objtool vmlinux.o validation in xen-head.S
x86/xen: Support objtool validation in xen-asm.S
objtool: Combine UNWIND_HINT_RET_OFFSET and UNWIND_HINT_FUNC
objtool: Assume only ELF functions do sibling calls
objtool: Support retpoline jump detection for vmlinux.o
objtool: Support stack layout changes in alternatives
objtool: Add 'alt_group' struct
objtool: Refactor ORC section generation
KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw
KVM/VMX: Use TEST %REG,%REG instead of CMP $0,%REG in vmenter.S
Linux 5.10.132
x86/pat: Fix x86_has_pat_wp()
serial: 8250: Fix PM usage_count for console handover
serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
serial: stm32: Clear prev values before setting RTS delays
serial: 8250: fix return error code in serial8250_request_std_resource()
vt: fix memory overlapping when deleting chars in the buffer
tty: serial: samsung_tty: set dma burst_size to 1
usb: dwc3: gadget: Fix event pending check
usb: typec: add missing uevent when partner support PD
USB: serial: ftdi_sio: add Belimo device ids
signal handling: don't use BUG_ON() for debugging
nvme-pci: phison e16 has bogus namespace ids
Revert "can: xilinx_can: Limit CANFD brp to 2"
ARM: dts: stm32: use the correct clock source for CEC on stm32mp151
soc: ixp4xx/npe: Fix unused match warning
x86: Clear .brk area at early boot
irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
ASoC: madera: Fix event generation for rate controls
ASoC: madera: Fix event generation for OUT1 demux
ASoC: cs47l15: Fix event generation for low power mux control
ASoC: dapm: Initialise kcontrol data for mux/demux controls
ASoC: wm5110: Fix DRE control
ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()
ASoC: ops: Fix off by one in range control validation
net: sfp: fix memory leak in sfp_probe()
nvme: fix regression when disconnect a recovering ctrl
nvme-tcp: always fail a request when sending it failed
NFC: nxp-nci: don't print header length mismatch on i2c error
net: tipc: fix possible refcount leak in tipc_sk_create()
platform/x86: hp-wmi: Ignore Sanitization Mode event
cpufreq: pmac32-cpufreq: Fix refcount leak bug
scsi: hisi_sas: Limit max hw sectors for v3 HW
netfilter: br_netfilter: do not skip all hooks with 0 priority
virtio_mmio: Restore guest page size on resume
virtio_mmio: Add missing PM calls to freeze/restore
mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
net/tls: Check for errors in tls_device_init
KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()
net: atlantic: remove aq_nic_deinit() when resume
net: atlantic: remove deep parameter on suspend/resume functions
sfc: fix kernel panic when creating VF
seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
seg6: fix skb checksum evaluation in SRH encapsulation/insertion
sfc: fix use after free when disabling sriov
ima: Fix potential memory leak in ima_init_crypto()
ima: force signature verification when CONFIG_KEXEC_SIG is configured
net: ftgmac100: Hold reference returned by of_get_child_by_name()
nexthop: Fix data-races around nexthop_compat_mode.
ipv4: Fix data-races around sysctl_ip_dynaddr.
raw: Fix a data-race around sysctl_raw_l3mdev_accept.
icmp: Fix a data-race around sysctl_icmp_ratemask.
icmp: Fix a data-race around sysctl_icmp_ratelimit.
sysctl: Fix data-races in proc_dointvec_ms_jiffies().
drm/i915/gt: Serialize TLB invalidates with GT resets
drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
ARM: dts: at91: sama5d2: Fix typo in i2s1 node
ipv4: Fix a data-race around sysctl_fib_sync_mem.
icmp: Fix data-races around sysctl.
cipso: Fix data-races around sysctl.
net: Fix data-races around sysctl_mem.
inetpeer: Fix data-races around sysctl.
tcp: Fix a data-race around sysctl_tcp_max_orphans.
sysctl: Fix data races in proc_dointvec_jiffies().
sysctl: Fix data races in proc_doulongvec_minmax().
sysctl: Fix data races in proc_douintvec_minmax().
sysctl: Fix data races in proc_dointvec_minmax().
sysctl: Fix data races in proc_douintvec().
sysctl: Fix data races in proc_dointvec().
net: stmmac: dwc-qos: Disable split header for Tegra194
ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array
ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks()
ASoC: tas2764: Fix amp gain register offset & default
ASoC: tas2764: Correct playback volume range
ASoC: tas2764: Fix and extend FSYNC polarity handling
ASoC: tas2764: Add post reset delays
ASoC: sgtl5000: Fix noise on shutdown/remove
ima: Fix a potential integer overflow in ima_appraise_measurement
drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
net/mlx5e: Fix capability check for updating vnic env counters
net/mlx5e: kTLS, Fix build time constant test in RX
net/mlx5e: kTLS, Fix build time constant test in TX
ARM: 9210/1: Mark the FDT_FIXED sections as shareable
ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle
spi: amd: Limit max transfer and message size
ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count
ext4: fix race condition between ext4_write and ext4_convert_inline_data
Revert "evm: Fix memleak in init_desc"
sh: convert nommu io{re,un}map() to static inline functions
nilfs2: fix incorrect masking of permission flags for symlinks
fs/remap: constrain dedupe of EOF blocks
drm/panfrost: Fix shrinker list corruption by madvise IOCTL
drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error
btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents
cgroup: Use separate src/dst nodes when preloading css_sets for migration
wifi: mac80211: fix queue selection for mesh/OCB interfaces
ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction
ARM: 9213/1: Print message about disabled Spectre workarounds only once
ip: fix dflt addr selection for connected nexthop
net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer
tracing/histograms: Fix memory leak problem
mm: split huge PUD on wp_huge_pud fallback
fix race between exit_itimers() and /proc/pid/timers
xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
ALSA: hda/realtek: Fix headset mic for Acer SF313-51
ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
ALSA: hda - Add fixup for Dell Latitidue E5430
Linux 5.10.131
Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting"
ANDROID: random: fix CRC issues with the merge
ANDROID: change function signatures for some random functions.
ANDROID: cpu/hotplug: avoid breaking Android ABI by fusing cpuhp steps
ANDROID: random: add back removed callback functions
UPSTREAM: Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
UPSTREAM: lib/crypto: add prompts back to crypto libraries
Linux 5.10.130
dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
dmaengine: pl330: Fix lockdep warning about non-static key
ida: don't use BUG_ON() for debugging
dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo
misc: rtsx_usb: set return value in rsp_buf alloc err path
misc: rtsx_usb: use separate command and response buffers
misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
dmaengine: imx-sdma: Allow imx8m for imx7 FW revs
i2c: cadence: Unregister the clk notifier in error path
r8169: fix accessing unset transport header
selftests: forwarding: fix error message in learning_test
selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT
selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT
ibmvnic: Properly dispose of all skbs during a failover.
i40e: Fix dropped jumbo frames statistics
xsk: Clear page contiguity bit when unmapping pool
ARM: dts: at91: sama5d2_icp: fix eeprom compatibles
ARM: dts: at91: sam9x60ek: fix eeprom compatible and size
ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt
ARM: at91: pm: use proper compatible for sama5d2's rtc
arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo
pinctrl: sunxi: sunxi_pconf_set: use correct offset
arm64: dts: imx8mp-evk: correct I2C3 pad settings
arm64: dts: imx8mp-evk: correct gpio-led pad settings
arm64: dts: imx8mp-evk: correct the uart2 pinctl value
arm64: dts: imx8mp-evk: correct mmc pad settings
arm64: dts: qcom: msm8994: Fix CPU6/7 reg values
pinctrl: sunxi: a83t: Fix NAND function name for some pins
ARM: meson: Fix refcount leak in meson_smp_prepare_cpus
xfs: remove incorrect ASSERT in xfs_rename
can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits
can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression
can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info
powerpc/powernv: delay rng platform device creation until later in boot
video: of_display_timing.h: include errno.h
memregion: Fix memregion_free() fallback definition
PM: runtime: Redefine pm_runtime_release_supplier()
fbcon: Prevent that screen size is smaller than font size
fbcon: Disallow setting font bigger than screen size
fbmem: Check virtual screen sizes in fb_set_var()
fbdev: fbmem: Fix logo center image dx issue
iommu/vt-d: Fix PCI bus rescan device hot add
netfilter: nf_tables: stricter validation of element data
netfilter: nft_set_pipapo: release elements in clone from abort path
net: rose: fix UAF bug caused by rose_t0timer_expiry
usbnet: fix memory leak in error case
bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals
bpf: Fix incorrect verifier simulation around jmp32's jeq/jne
can: gs_usb: gs_usb_open/close(): fix memory leak
can: grcan: grcan_probe(): remove extra of_node_get()
can: bcm: use call_rcu() instead of costly synchronize_rcu()
ALSA: hda/realtek: Add quirk for Clevo L140PU
mm/slub: add missing TID updates on slab deactivation
Linux 5.10.129
clocksource/drivers/ixp4xx: remove EXPORT_SYMBOL_GPL from ixp4xx_timer_setup()
net: usb: qmi_wwan: add Telit 0x1070 composition
net: usb: qmi_wwan: add Telit 0x1060 composition
xen/arm: Fix race in RB-tree based P2M accounting
xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses()
xen/blkfront: force data bouncing when backend is untrusted
xen/netfront: force data bouncing when backend is untrusted
xen/netfront: fix leaking data in shared pages
xen/blkfront: fix leaking data in shared pages
selftests/rseq: Change type of rseq_offset to ptrdiff_t
selftests/rseq: x86-32: use %gs segment selector for accessing rseq thread area
selftests/rseq: x86-64: use %fs segment selector for accessing rseq thread area
selftests/rseq: Fix: work-around asm goto compiler bugs
selftests/rseq: Remove arm/mips asm goto compiler work-around
selftests/rseq: Fix warnings about #if checks of undefined tokens
selftests/rseq: Fix ppc32 offsets by using long rather than off_t
selftests/rseq: Fix ppc32 missing instruction selection "u" and "x" for load/store
selftests/rseq: Fix ppc32: wrong rseq_cs 32-bit field pointer on big endian
selftests/rseq: Uplift rseq selftests for compatibility with glibc-2.35
selftests/rseq: Introduce thread pointer getters
selftests/rseq: Introduce rseq_get_abi() helper
selftests/rseq: Remove volatile from __rseq_abi
selftests/rseq: Remove useless assignment to cpu variable
selftests/rseq: introduce own copy of rseq uapi header
selftests/rseq: remove ARRAY_SIZE define from individual tests
hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails
ipv6/sit: fix ipip6_tunnel_get_prl return value
sit: use min
drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c
xen/gntdev: Avoid blocking in unmap_grant_pages()
tcp: add a missing nf_reset_ct() in 3WHS handling
xfs: fix xfs_reflink_unshare usage of filemap_write_and_wait_range
xfs: update superblock counters correctly for !lazysbcount
xfs: fix xfs_trans slab cache name
xfs: ensure xfs_errortag_random_default matches XFS_ERRTAG_MAX
xfs: Skip repetitive warnings about mount options
xfs: rename variable mp to parsing_mp
xfs: use current->journal_info for detecting transaction recursion
net: tun: avoid disabling NAPI twice
tunnels: do not assume mac header is set in skb_tunnel_check_pmtu()
io_uring: ensure that send/sendmsg and recv/recvmsg check sqe->ioprio
epic100: fix use after free on rmmod
tipc: move bc link creation back to tipc_node_create
NFC: nxp-nci: Don't issue a zero length i2c_master_read()
nfc: nfcmrvl: Fix irq_of_parse_and_map() return value
net: bonding: fix use-after-free after 802.3ad slave unbind
net: bonding: fix possible NULL deref in rlb code
net/sched: act_api: Notify user space if any actions were flushed before error
netfilter: nft_dynset: restore set element counter when failing to update
s390: remove unneeded 'select BUILD_BIN2C'
PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events
caif_virtio: fix race between virtio_device_ready() and ndo_open()
NFSD: restore EINVAL error translation in nfsd_commit()
net: ipv6: unexport __init-annotated seg6_hmac_net_init()
usbnet: fix memory allocation in helpers
linux/dim: Fix divide by 0 in RDMA DIM
RDMA/cm: Fix memory leak in ib_cm_insert_listen
RDMA/qedr: Fix reporting QP timeout attribute
net: dp83822: disable rx error interrupt
net: dp83822: disable false carrier interrupt
net: tun: stop NAPI when detaching queues
net: tun: unlink NAPI from device on destruction
net: dsa: bcm_sf2: force pause link settings
selftests/net: pass ipv6_args to udpgso_bench's IPv6 TCP test
virtio-net: fix race between ndo_open() and virtio_device_ready()
net: usb: ax88179_178a: Fix packet receiving
net: rose: fix UAF bugs caused by timer handler
SUNRPC: Fix READ_PLUS crasher
s390/archrandom: simplify back to earlier design and initialize earlier
dm raid: fix KASAN warning in raid5_add_disks
dm raid: fix accesses beyond end of raid member array
powerpc/bpf: Fix use of user_pt_regs in uapi
powerpc/book3e: Fix PUD allocation size in map_kernel_page()
powerpc/prom_init: Fix kernel config grep
nvdimm: Fix badblocks clear off-by-one error
nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G)
ipv6: take care of disable_policy when restoring routes
drm/amdgpu: To flush tlb for MMHUB of RAVEN series
Linux 5.10.128
net: mscc: ocelot: allow unregistered IP multicast flooding
powerpc/ftrace: Remove ftrace init tramp once kernel init is complete
xfs: check sb_meta_uuid for dabuf buffer recovery
xfs: remove all COW fork extents when remounting readonly
xfs: Fix the free logic of state in xfs_attr_node_hasname
xfs: punch out data fork delalloc blocks on COW writeback failure
xfs: use kmem_cache_free() for kmem_cache objects
bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init()
tick/nohz: unexport __init-annotated tick_nohz_full_setup()
drm: remove drm_fb_helper_modinit
MAINTAINERS: add Amir as xfs maintainer for 5.10.y
Linux 5.10.127
powerpc/pseries: wire up rng during setup_arch()
kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt)
random: update comment from copy_to_user() -> copy_to_iter()
modpost: fix section mismatch check for exported init/exit sections
ARM: cns3xxx: Fix refcount leak in cns3xxx_init
memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings
ARM: Fix refcount leak in axxia_boot_secondary
soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe
ARM: exynos: Fix refcount leak in exynos_map_pmu
ARM: dts: imx6qdl: correct PU regulator ramp delay
ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node
powerpc/powernv: wire up rng during setup_arch
powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address
powerpc: Enable execve syscall exit tracepoint
parisc: Enable ARCH_HAS_STRICT_MODULE_RWX
parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI
xtensa: Fix refcount leak bug in time.c
xtensa: xtfpga: Fix refcount leak bug in setup
iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client
iio: adc: axp288: Override TS pin bias current for some models
iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message
iio: adc: stm32: Fix ADCs iteration in irq handler
iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value)
iio: adc: stm32: fix maximum clock rate for stm32mp15x
iio: trigger: sysfs: fix use-after-free on remove
iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up()
iio: accel: mma8452: ignore the return value of reset operation
iio:accel:mxc4005: rearrange iio trigger get and register
iio:accel:bma180: rearrange iio trigger get and register
iio:chemical:ccs811: rearrange iio trigger get and register
f2fs: attach inline_data after setting compression
usb: chipidea: udc: check request status before setting device address
USB: gadget: Fix double-free bug in raw_gadget driver
usb: gadget: Fix non-unique driver names in raw-gadget driver
xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI
xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI
xhci: turn off port power in shutdown
usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC
iio: adc: vf610: fix conversion mode sysfs node name
iio: mma8452: fix probe fail when device tree compatible is used.
s390/cpumf: Handle events cycles and instructions identical
gpio: winbond: Fix error code in winbond_gpio_get()
nvme: move the Samsung X5 quirk entry to the core quirks
nvme-pci: add NO APST quirk for Kioxia device
nvme-pci: allocate nvme_command within driver pdu
nvme: don't check nvme_req flags for new req
nvme: mark nvme_setup_passsthru() inline
nvme: split nvme_alloc_request()
nvme: centralize setting the timeout in nvme_alloc_request
Revert "net/tls: fix tls_sk_proto_close executed repeatedly"
virtio_net: fix xdp_rxq_info bug after suspend/resume
igb: Make DMA faster when CPU is active on the PCIe link
regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips
ice: ethtool: advertise 1000M speeds properly
afs: Fix dynamic root getattr
MIPS: Remove repetitive increase irq_err_count
x86/xen: Remove undefined behavior in setup_features()
selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh
udmabuf: add back sanity check
net/tls: fix tls_sk_proto_close executed repeatedly
erspan: do not assume transport header is always set
drm/msm/dp: fix connect/disconnect handled at irq_hpd
drm/msm/dp: promote irq_hpd handle to handle link training correctly
drm/msm/dp: deinitialize mainlink if link training failed
drm/msm/dp: fixes wrong connection state caused by failure of link train
drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind()
drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf
net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms
bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
igb: fix a use-after-free issue in igb_clean_tx_ring
tipc: fix use-after-free Read in tipc_named_reinit
tipc: simplify the finalize work queue
phy: aquantia: Fix AN when higher speeds than 1G are not advertised
bpf, x86: Fix tail call count offset calculation on bpf2bpf call
drm/sun4i: Fix crash during suspend after component bind failure
bpf: Fix request_sock leak in sk lookup helpers
drm/msm: use for_each_sgtable_sg to iterate over scatterlist
scsi: scsi_debug: Fix zone transition to full condition
netfilter: use get_random_u32 instead of prandom
netfilter: nftables: add nft_parse_register_store() and use it
netfilter: nftables: add nft_parse_register_load() and use it
drm/msm: Fix double pm_runtime_disable() call
USB: serial: option: add Quectel RM500K module support
USB: serial: option: add Quectel EM05-G modem
USB: serial: option: add Telit LE910Cx 0x1250 composition
dm mirror log: clear log bits up to BITS_PER_LONG boundary
dm era: commit metadata in postsuspend after worker stops
ata: libata: add qc->flags in ata_qc_complete_template tracepoint
mtd: rawnand: gpmi: Fix setting busy timeout setting
mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing
btrfs: add error messages to all unrecognized mount options
net: openvswitch: fix parsing of nw_proto for IPv6 fragments
ALSA: hda/realtek: Add quirk for Clevo NS50PU
ALSA: hda/realtek: Add quirk for Clevo PD70PNT
ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly
ALSA: hda/realtek - ALC897 headset MIC no sound
ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop
ALSA: hda/conexant: Fix missing beep setup
ALSA: hda/via: Fix missing beep setup
random: quiet urandom warning ratelimit suppression message
random: schedule mix_interrupt_randomness() less often
vt: drop old FONT ioctls
Linux 5.10.126
io_uring: use separate list entry for iopoll requests
Linux 5.10.125
io_uring: add missing item types for various requests
arm64: mm: Don't invalidate FROM_DEVICE buffers at start of DMA transfer
serial: core: Initialize rs485 RTS polarity already on probe
tcp: drop the hash_32() part from the index calculation
tcp: increase source port perturb table to 2^16
tcp: dynamically allocate the perturb table used by source ports
tcp: add small random increments to the source port
tcp: use different parts of the port_offset for index and offset
tcp: add some entropy in __inet_hash_connect()
usb: gadget: u_ether: fix regression in setting fixed MAC address
zonefs: fix zonefs_iomap_begin() for reads
s390/mm: use non-quiescing sske for KVM switch to keyed guest
Revert "xfrm: Add possibility to set the default to block if we have no policy"
Revert "net: xfrm: fix shift-out-of-bounce"
Revert "xfrm: make user policy API complete"
Revert "xfrm: notify default policy on update"
Revert "xfrm: fix dflt policy check when there is no policy configured"
Revert "xfrm: rework default policy structure"
Revert "xfrm: fix "disable_policy" flag use when arriving from different devices"
Revert "include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage"
Linux 5.10.124
clk: imx8mp: fix usb_root_clk parent
powerpc/book3e: get rid of #include <generated/compile.h>
igc: Enable PCIe PTM
Revert "PCI: Make pci_enable_ptm() private"
net: openvswitch: fix misuse of the cached connection on tuple changes
net/sched: act_police: more accurate MTU policing
dma-direct: don't over-decrypt memory
virtio-pci: Remove wrong address verification in vp_del_vqs()
ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
KVM: x86: Account a variety of miscellaneous allocations
KVM: arm64: Don't read a HW interrupt pending state in user context
ext4: add reserved GDT blocks check
ext4: make variable "count" signed
ext4: fix bug_on ext4_mb_use_inode_pa
drm/amd/display: Cap OLED brightness per max frame-average luminance
dm mirror log: round up region bitmap size to BITS_PER_LONG
serial: 8250: Store to lsr_save_flags after lsr read
usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe
usb: dwc2: Fix memory leak in dwc2_hcd_init
USB: serial: io_ti: add Agilent E5805A support
USB: serial: option: add support for Cinterion MV31 with new baseline
crypto: memneq - move into lib/
comedi: vmk80xx: fix expression for tx buffer size
mei: me: add raptor lake point S DID
i2c: designware: Use standard optional ref clock implementation
irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions
irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions
irqchip/gic/realview: Fix refcount leak in realview_gic_of_init
i2c: npcm7xx: Add check for platform_driver_register
faddr2line: Fix overlapping text section failures, the sequel
block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
certs/blacklist_hashes.c: fix const confusion in certs blacklist
arm64: ftrace: consistently handle PLTs.
arm64: ftrace: fix branch range checks
net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg
net: bgmac: Fix an erroneous kfree() in bgmac_remove()
mlxsw: spectrum_cnt: Reorder counter pools
nvme: add device name to warning in uuid_show()
nvme: use sysfs_emit instead of sprintf
drm/i915/reset: Fix error_state_read ptr + offset use
misc: atmel-ssc: Fix IRQ check in ssc_probe
tty: goldfish: Fix free_irq() on remove
Drivers: hv: vmbus: Release cpu lock in error case
i40e: Fix call trace in setup_tx_descriptors
i40e: Fix calculating the number of queue pairs
i40e: Fix adding ADQ filter to TC0
clocksource: hyper-v: unexport __init-annotated hv_init_clocksource()
pNFS: Avoid a live lock condition in pnfs_update_layout()
pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE
random: credit cpu and bootloader seeds by default
gpio: dwapb: Don't print error on -EPROBE_DEFER
MIPS: Loongson-3: fix compile mips cpu_hwmon as module build error.
mellanox: mlx5: avoid uninitialized variable warning with gcc-12
net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag
ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred
virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed
ALSA: hda/realtek - Add HW8326 support
scsi: pmcraid: Fix missing resource cleanup in error case
scsi: ipr: Fix missing/incorrect resource cleanup in error case
scsi: lpfc: Allow reduced polling rate for nvme_admin_async_event cmd completion
scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology
scsi: vmw_pvscsi: Expand vcpuHint to 16 bits
Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq
ASoC: wm_adsp: Fix event generation for wm_adsp_fw_put()
ASoC: es8328: Fix event generation for deemphasis control
ASoC: wm8962: Fix suspend while playing music
quota: Prevent memory allocation recursion while holding dq_lock
ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()
ASoC: cs42l51: Correct minimum value for SX volume control
ASoC: cs42l56: Correct typo in minimum level for SX volume controls
ASoC: cs42l52: Correct TLV for Bypass Volume
ASoC: cs53l30: Correct number of volume levels on SX controls
ASoC: cs35l36: Update digital volume TLV
ASoC: cs42l52: Fix TLV scales for mixer controls
dma-debug: make things less spammy under memory pressure
ASoC: nau8822: Add operation for internal PLL off and on
powerpc/kasan: Silence KASAN warnings in __get_wchan()
arm64: dts: imx8mm-beacon: Enable RTS-CTS on UART3
bpf: Fix incorrect memory charge cost calculation in stack_map_alloc()
nfsd: Replace use of rwsem with errseq_t
9p: missing chunk of "fs/9p: Don't update file type when updating file attributes"
Linux 5.10.123
x86/speculation/mmio: Print SMT warning
KVM: x86/speculation: Disable Fill buffer clear within guests
x86/speculation/mmio: Reuse SRBDS mitigation for SBDS
x86/speculation/srbds: Update SRBDS mitigation selection
x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data
x86/speculation/mmio: Enable CPU Fill buffer clearing on idle
x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations
x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data
x86/speculation: Add a common function for MD_CLEAR mitigation update
x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug
Documentation: Add documentation for Processor MMIO Stale Data
Linux 5.10.122
tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd
dmaengine: idxd: add missing callback function to support DMA_INTERRUPT
zonefs: fix handling of explicit_open option on mount
PCI: qcom: Fix pipe clock imbalance
md/raid0: Ignore RAID0 layout if the second zone has only one device
interconnect: Restore sync state by ignoring ipa-virt in provider count
interconnect: qcom: sc7180: Drop IP0 interconnects
powerpc/mm: Switch obsolete dssall to .long
powerpc/32: Fix overread/overwrite of thread_struct via ptrace
drm/atomic: Force bridge self-refresh-exit on CRTC switch
drm/bridge: analogix_dp: Support PSR-exit to disable transition
Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
ixgbe: fix unexpected VLAN Rx in promisc mode on VF
ixgbe: fix bcast packets Rx on VF after promisc removal
nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling
nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
net: phy: dp83867: retrigger SGMII AN when link change
mmc: block: Fix CQE recovery reset success
ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files
cifs: fix reconnect on smb3 mount types
cifs: return errors during session setup during reconnects
ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo Yoga DuetITL 2021
ALSA: hda/conexant - Fix loopback issue with CX20632
scripts/gdb: change kernel config dumping method
vringh: Fix loop descriptors check in the indirect cases
nodemask: Fix return values to be unsigned
cifs: version operations for smb20 unneeded when legacy support disabled
s390/gmap: voluntarily schedule during key setting
nbd: fix io hung while disconnecting device
nbd: fix race between nbd_alloc_config() and module removal
nbd: call genl_unregister_family() first in nbd_cleanup()
jump_label,noinstr: Avoid instrumentation for JUMP_LABEL=n builds
x86/cpu: Elide KCSAN for cpu_has() and friends
modpost: fix undefined behavior of is_arm_mapping_symbol()
drm/radeon: fix a possible null pointer dereference
ceph: allow ceph.dir.rctime xattr to be updatable
Revert "net: af_key: add check for pfkey_broadcast in function pfkey_process"
scsi: myrb: Fix up null pointer access on myrb_cleanup()
md: protect md_unregister_thread from reentrancy
watchdog: wdat_wdt: Stop watchdog when rebooting the system
kernfs: Separate kernfs_pr_cont_buf and rename_lock.
serial: msm_serial: disable interrupts in __msm_console_write()
staging: rtl8712: fix uninit-value in r871xu_drv_init()
staging: rtl8712: fix uninit-value in usb_read8() and friends
clocksource/drivers/sp804: Avoid error on multiple instances
extcon: Modify extcon device to be created after driver data is set
misc: rtsx: set NULL intfdata when probe fails
usb: dwc2: gadget: don't reset gadget's driver->bus
sysrq: do not omit current cpu when showing backtrace of all active CPUs
USB: hcd-pci: Fully suspend across freeze/thaw cycle
drivers: usb: host: Fix deadlock in oxu_bus_suspend()
drivers: tty: serial: Fix deadlock in sa1100_set_termios()
USB: host: isp116x: check return value after calling platform_get_resource()
drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
tty: Fix a possible resource leak in icom_probe
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
lkdtm/usercopy: Expand size of "out of frame" object
iio: st_sensors: Add a local lock for protecting odr
staging: rtl8712: fix a potential memory leak in r871xu_drv_init()
iio: dummy: iio_simple_dummy: check the return value of kstrdup()
drm: imx: fix compiler warning with gcc-12
net: altera: Fix refcount leak in altera_tse_mdio_create
ip_gre: test csum_start instead of transport header
net/mlx5: fs, fail conflicting actions
net/mlx5: Rearm the FW tracer after each tracer event
net: ipv6: unexport __init-annotated seg6_hmac_init()
net: xfrm: unexport __init-annotated xfrm4_protocol_init()
net: mdio: unexport __init-annotated mdio_bus_init()
SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer()
net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure
net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
bpf, arm64: Clear prog->jited_len along prog->jited
af_unix: Fix a data-race in unix_dgram_peer_wake_me().
xen: unexport __init-annotated xen_xlate_map_ballooned_pages()
netfilter: nf_tables: bail out early if hardware offload is not supported
netfilter: nf_tables: memleak flow rule from commit path
netfilter: nf_tables: release new hooks on unsupported flowtable flags
ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe
netfilter: nf_tables: always initialize flowtable hook list in transaction
powerpc/kasan: Force thread size increase with KASAN
netfilter: nf_tables: delete flowtable hooks via transaction list
netfilter: nat: really support inet nat without l3 address
xprtrdma: treat all calls not a bcall when bc_serv is NULL
video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()
video: fbdev: hyperv_fb: Allow resolutions with size > 64 MB for Gen1
NFSv4: Don't hold the layoutget locks across multiple RPC calls
dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
m68knommu: fix undefined reference to `_init_sp'
m68knommu: set ZERO_PAGE() to the allocated zeroed page
i2c: cadence: Increase timeout per message if necessary
f2fs: remove WARN_ON in f2fs_is_valid_blkaddr
iommu/arm-smmu-v3: check return value after calling platform_get_resource()
iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe()
tracing: Avoid adding tracer option before update_tracer_options
tracing: Fix sleeping function called from invalid context on RT kernel
bootconfig: Make the bootconfig.o as a normal object file
mips: cpc: Fix refcount leak in mips_cpc_default_phys_base
dmaengine: idxd: set DMA_INTERRUPT cap bit
perf c2c: Fix sorting in percent_rmt_hitm_cmp()
driver core: Fix wait_for_device_probe() & deferred_probe_timeout interaction
tipc: check attribute length for bearer name
scsi: sd: Fix potential NULL pointer dereference
afs: Fix infinite loop found by xfstest generic/676
gpio: pca953x: use the correct register address to do regcache sync
tcp: tcp_rtx_synack() can be called from process context
net: sched: add barrier to fix packet stuck problem for lockless qdisc
net/mlx5e: Update netdev features after changing XDP state
net/mlx5: correct ECE offset in query qp output
net/mlx5: Don't use already freed action pointer
sfc: fix wrong tx channel offset with efx_separate_tx_channels
sfc: fix considering that all channels have TX queues
nfp: only report pause frame configuration for physical device
net/smc: fixes for converting from "struct smc_cdc_tx_pend **" to "struct smc_wr_tx_pend_priv *"
riscv: read-only pages should not be writable
bpf: Fix probe read error in ___bpf_prog_run()
ubi: ubi_create_volume: Fix use-after-free when volume creation failed
ubi: fastmap: Fix high cpu usage of ubi_bgt by making sure wl_pool not empty
jffs2: fix memory leak in jffs2_do_fill_super
modpost: fix removing numeric suffixes
net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks
net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry()
net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
s390/crypto: fix scatterwalk_unmap() callers in AES-GCM
clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition
watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe
watchdog: rti-wdt: Fix pm_runtime_get_sync() error checking
driver core: fix deadlock in __device_attach
driver: base: fix UAF when driver_attach failed
bus: ti-sysc: Fix warnings for unbind for serial
firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
serial: stm32-usart: Correct CSIZE, bits, and parity
serial: st-asc: Sanitize CSIZE and correct PARENB for CS7
serial: sifive: Sanitize CSIZE and c_iflag
serial: sh-sci: Don't allow CS5-6
serial: txx9: Don't allow CS5-6
serial: rda-uart: Don't allow CS5-6
serial: digicolor-usart: Don't allow CS5-6
serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485
serial: meson: acquire port->lock in startup()
rtc: mt6397: check return value after calling platform_get_resource()
clocksource/drivers/riscv: Events are stopped during CPU suspend
soc: rockchip: Fix refcount leak in rockchip_grf_init
extcon: ptn5150: Add queue work sync before driver release
coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier
serial: sifive: Report actual baud base rather than fixed 115200
phy: qcom-qmp: fix pipe-clock imbalance on power-on failure
rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails
iio: adc: sc27xx: Fine tune the scale calibration values
iio: adc: sc27xx: fix read big scale voltage not right
iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout
iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
usb: typec: mux: Check dev_set_name() return value
firmware: stratix10-svc: fix a missing check on list iterator
misc: fastrpc: fix an incorrect NULL check on list iterator
usb: dwc3: pci: Fix pm_runtime_get_sync() error checking
rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value
pwm: lp3943: Fix duty calculation in case period was clamped
staging: fieldbus: Fix the error handling path in anybuss_host_common_probe()
usb: musb: Fix missing of_node_put() in omap2430_probe
USB: storage: karma: fix rio_karma_init return
usb: usbip: add missing device lock on tweak configuration cmd
usb: usbip: fix a refcount leak in stub_probe()
tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get
tty: n_tty: Restore EOF push handling behavior
tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
tty: goldfish: Use tty_port_destroy() to destroy port
lkdtm/bugs: Check for the NULL pointer after calling kmalloc
iio: adc: ad7124: Remove shift from scan_type
staging: greybus: codecs: fix type confusion of list iterator variable
pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards
Linux 5.10.121
md: bcache: check the return value of kzalloc() in detached_dev_do_request()
ext4: only allow test_dummy_encryption when supported
MIPS: IP30: Remove incorrect `cpu_has_fpu' override
MIPS: IP27: Remove incorrect `cpu_has_fpu' override
RDMA/rxe: Generate a completion for unsupported/invalid opcode
Revert "random: use static branch for crng_ready()"
block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
bfq: Make sure bfqg for which we are queueing requests is online
bfq: Get rid of __bio_blkcg() usage
bfq: Remove pointless bfq_init_rq() calls
bfq: Drop pointless unlock-lock pair
bfq: Avoid merging queues with different parents
thermal/core: Fix memory leak in the error path
thermal/core: fix a UAF bug in __thermal_cooling_device_register()
kseltest/cgroup: Make test_stress.sh work if run interactively
xfs: assert in xfs_btree_del_cursor should take into account error
xfs: consider shutdown in bmapbt cursor delete assert
xfs: force log and push AIL to clear pinned inodes when aborting mount
xfs: restore shutdown check in mapped write fault path
xfs: fix incorrect root dquot corruption error when switching group/project quota types
xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
xfs: sync lazy sb accounting on quiesce of read-only mounts
xfs: set inode size after creating symlink
net: ipa: fix page free in ipa_endpoint_replenish_one()
net: ipa: fix page free in ipa_endpoint_trans_release()
phy: qcom-qmp: fix reset-controller leak on probe errors
coresight: core: Fix coresight device probe failure issue
blk-iolatency: Fix inflight count imbalances and IO hangs on offline
vdpasim: allow to enable a vq repeatedly
dt-bindings: gpio: altera: correct interrupt-cells
docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op
ARM: pxa: maybe fix gpio lookup tables
ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
phy: qcom-qmp: fix struct clk leak on probe errors
arm64: dts: qcom: ipq8074: fix the sleep clock frequency
gma500: fix an incorrect NULL check on list iterator
tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
serial: pch: don't overwrite xmit->buf[0] by x_char
bcache: avoid journal no-space deadlock by reserving 1 journal bucket
bcache: remove incremental dirty sector counting for bch_sectors_dirty_init()
bcache: improve multithreaded bch_sectors_dirty_init()
bcache: improve multithreaded bch_btree_check()
stm: ltdc: fix two incorrect NULL checks on list iterator
carl9170: tx: fix an incorrect use of list iterator
ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
rtl818x: Prevent using not initialized queues
xtensa/simdisk: fix proc_read_simdisk()
hugetlb: fix huge_pmd_unshare address update
nodemask.h: fix compilation error with GCC12
iommu/msm: Fix an incorrect NULL check on list iterator
ftrace: Clean up hash direct_functions on register failures
kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
um: Fix out-of-bounds read in LDT setup
um: chan_user: Fix winch_tramp() return value
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
cfg80211: declare MODULE_FIRMWARE for regulatory.db
irqchip: irq-xtensa-mx: fix initial IRQ affinity
irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x
csky: patch_text: Fixup last cpu should be master
RDMA/hfi1: Fix potential integer multiplication overflow errors
Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug
ima: remove the IMA_TEMPLATE Kconfig option
media: coda: Add more H264 levels for CODA960
media: coda: Fix reported H264 profile
mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write
md: fix an incorrect NULL check in md_reload_sb
md: fix an incorrect NULL check in does_sb_need_changing
drm/i915/dsi: fix VBT send packet port selection for ICL+
drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
drm/nouveau/clk: Fix an incorrect NULL check on list iterator
drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
scsi: dc395x: Fix a missing check on list iterator
ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
dlm: fix missing lkb refcount handling
dlm: fix plock invalid read
s390/perf: obtain sie_block from the right address
mm, compaction: fast_find_migrateblock() should return pfn in the target zone
PCI: qcom: Fix unbalanced PHY init on probe errors
PCI: qcom: Fix runtime PM imbalance on probe errors
PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
tracing: Fix potential double free in create_var_ref()
ACPI: property: Release subnode properties with data nodes
ext4: avoid cycles in directory h-tree
ext4: verify dir block before splitting it
ext4: fix bug_on in __es_tree_search
ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
ext4: fix bug_on in ext4_writepages
ext4: fix warning in ext4_handle_inode_extension
ext4: fix use-after-free in ext4_rename_dir_prepare
bfq: Track whether bfq_group is still online
bfq: Update cgroup information before merging bio
bfq: Split shared queues on move between cgroups
efi: Do not import certificates from UEFI Secure Boot for T2 Macs
fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
iwlwifi: mvm: fix assert 1F04 upon reconfig
wifi: mac80211: fix use-after-free in chanctx code
f2fs: fix to do sanity check for inline inode
f2fs: fix fallocate to use file_modified to update permissions consistently
f2fs: fix to do sanity check on total_data_blocks
f2fs: don't need inode lock for system hidden quota
f2fs: fix deadloop in foreground GC
f2fs: fix to clear dirty inode in f2fs_evict_inode()
f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
perf jevents: Fix event syntax error caused by ExtSel
perf c2c: Use stdio interface if slang is not supported
i2c: rcar: fix PM ref counts in probe error paths
i2c: npcm: Handle spurious interrupts
i2c: npcm: Correct register access width
i2c: npcm: Fix timeout calculation
iommu/amd: Increase timeout waiting for GA log enablement
dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
dmaengine: stm32-mdma: rework interrupt handler
dmaengine: stm32-mdma: remove GISR1 register
video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
NFS: Don't report errors from nfs_pageio_complete() more than once
NFS: Do not report flush errors in nfs_write_end()
NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
NFS: Do not report EINTR/ERESTARTSYS as mapping errors
dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
i2c: at91: Initialize dma_buf in at91_twi_xfer()
MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmon
cpufreq: mediatek: Unregister platform device on exit
cpufreq: mediatek: Use module_init and add module_exit
cpufreq: mediatek: add missing platform_driver_unregister() on error in mtk_cpufreq_driver_init
i2c: at91: use dma safe buffers
iommu/mediatek: Add list_del in mtk_iommu_remove
f2fs: fix dereference of stale list iterator after loop body
OPP: call of_node_put() on error path in _bandwidth_supported()
Input: stmfts - do not leave device disabled in stmfts_input_open
RDMA/hfi1: Prevent use of lock before it is initialized
mailbox: forward the hrtimer if not queued and under a lock
mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
macintosh: via-pmu and via-cuda need RTC_LIB
powerpc/perf: Fix the threshold compare group constraint for power9
powerpc/64: Only WARN if __pa()/__va() called with bad addresses
hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume()
PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
Input: sparcspkr - fix refcount leak in bbc_beep_probe
crypto: cryptd - Protect per-CPU resource by disabling BH.
crypto: sun8i-ss - handle zero sized sg
crypto: sun8i-ss - rework handling of IV
tty: fix deadlock caused by calling printk() under tty_port->lock
PCI: imx6: Fix PERST# start-up sequence
ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
proc: fix dentry/inode overinstantiating under /proc/${pid}/net
ASoC: atmel-classd: Remove endianness flag on class d component
ASoC: atmel-pdmic: Remove endianness flag on pdmic component
powerpc/4xx/cpm: Fix return value of __setup() handler
powerpc/idle: Fix return value of __setup() handler
pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()
powerpc/8xx: export 'cpm_setbrg' for modules
drivers/base/memory: fix an unlikely reference counting issue in __add_memory_block()
dax: fix cache flush on PMD-mapped pages
drivers/base/node.c: fix compaction sysfs file leak
pinctrl: mvebu: Fix irq_of_parse_and_map() return value
nvdimm: Allow overwrite in the presence of disabled dimms
nvdimm: Fix firmware activation deadlock scenarios
firmware: arm_scmi: Fix list protocols enumeration in the base protocol
scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
mfd: ipaq-micro: Fix error check return value of platform_get_irq()
powerpc/fadump: fix PT_LOAD segment for boot memory area
arm: mediatek: select arch timer for mt7629
pinctrl: bcm2835: implement hook for missing gpio-ranges
gpiolib: of: Introduce hook for missing gpio-ranges
crypto: marvell/cesa - ECB does not IV
misc: ocxl: fix possible double free in ocxl_file_register_afu
ARM: dts: bcm2835-rpi-b: Fix GPIO line names
ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
can: xilinx_can: mark bit timing constants as const
platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
platform/chrome: cros_ec: fix error handling in cros_ec_register()
KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault
KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry
soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
PCI: dwc: Fix setting error return on MSI DMA mapping failure
PCI: rockchip: Fix find_first_zero_bit() limit
PCI: cadence: Fix find_first_zero_bit() limit
soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
ARM: dts: suniv: F1C100: fix watchdog compatible
memory: samsung: exynos5422-dmc: Avoid some over memory allocation
arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
net/smc: postpone sk_refcnt increment in connect()
hinic: Avoid some over memory allocation
net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
rxrpc: Fix decision on when to generate an IDLE ACK
rxrpc: Don't let ack.previousPacket regress
rxrpc: Fix overlapping ACK accounting
rxrpc: Don't try to resend the request if we're receiving the reply
rxrpc: Fix listen() setting the bar too high for the prealloc rings
hv_netvsc: Fix potential dereference of NULL pointer
net: stmmac: fix out-of-bounds access in a selftest
net: stmmac: selftests: Use kcalloc() instead of kzalloc()
ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()
NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()
thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
thermal/core: Fix memory leak in __thermal_cooling_device_register()
thermal/drivers/core: Use a char pointer for the cooling device name
thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
thermal/drivers/bcm2711: Don't clamp temperature at zero
drm/i915: Fix CFI violation with show_dynamic_id()
drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
x86/sev: Annotate stack change in the #VC handler
drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
ext4: reject the 'commit' option on ext2 filesystems
media: rkvdec: h264: Fix bit depth wrap in pps packet
media: rkvdec: h264: Fix dpb_valid implementation
media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource()
media: ov7670: remove ov7670_power_off from ov7670_remove
ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
sctp: read sk->sk_bound_dev_if once in sctp_rcv()
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
m68k: math-emu: Fix dependencies of math emulation support
nvme: set dma alignment to dword
Bluetooth: use hdev lock for accept_list and reject_list in conn req
Bluetooth: use inclusive language when filtering devices
Bluetooth: use inclusive language in HCI role comments
Bluetooth: LL privacy allow RPA
Bluetooth: L2CAP: Rudimentary typo fixes
Bluetooth: Interleave with allowlist scan
Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
media: vsp1: Fix offset calculation for plane cropping
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: exynos4-is: Change clk_disable to clk_disable_unprepare
media: st-delta: Fix PM disable depth imbalance in delta_probe
media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
media: aspeed: Fix an error handling path in aspeed_video_probe()
scripts/faddr2line: Fix overlapping text section failures
kselftest/cgroup: fix test_stress.sh to use OUTPUT dir
ASoC: samsung: Fix refcount leak in aries_audio_probe
ASoC: samsung: Use dev_err_probe() helper
regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
ath11k: Don't check arvif->is_started before sending management frames
perf/amd/ibs: Use interrupt regs ip for stack unwinding
regulator: qcom_smd: Fix up PM8950 regulator configuration
Revert "cpufreq: Fix possible race in cpufreq online error path"
spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname()
iomap: iomap_write_failed fix
media: uvcvideo: Fix missing check to determine if element is found in list
drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
arm64: fix types in copy_highpage()
x86/mm: Cleanup the control_va_addr_alignment() __setup handler
irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
irqchip/exiu: Fix acknowledgment of edge triggered interrupts
x86: Fix return value of __setup handlers
virtio_blk: fix the discard_granularity and discard_alignment queue limits
perf tools: Use Python devtools for version autodetection rather than runtime
drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
drm/msm: add missing include to msm_drv.c
drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/dsi: fix error checks and return values for DSI xmit functions
drm/msm/dp: fix error check return value of irq_of_parse_and_map()
drm/msm/dp: stop event kernel thread when DP unbind
drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
perf tools: Add missing headers needed by util/data.h
ASoC: rk3328: fix disabling mclk on pclk probe failure
x86/speculation: Add missing prototype for unpriv_ebpf_notify()
mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()
x86/pm: Fix false positive kmemleak report in msr_build_context()
mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check()
libbpf: Fix logic for finding matching program for CO-RE relocation
selftests/resctrl: Fix null pointer dereference on open failed
scsi: ufs: core: Exclude UECxx from SFR dump list
scsi: ufs: qcom: Fix ufs_qcom_resume()
drm/msm/dpu: adjust display_v_end for eDP and DP
of: overlay: do not break notify on NOTIFY_{OK|STOP}
fsnotify: fix wrong lockdep annotations
inotify: show inotify mask flags in proc fdinfo
ALSA: pcm: Check for null pointer of pointer substream before dereferencing it
drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
media: hantro: Empty encoder capture buffers by default
ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix
cpufreq: Fix possible race in cpufreq online error path
spi: img-spfi: Fix pm_runtime_get_sync() error checking
sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
drm/bridge: Fix error handling in analogix_dp_probe
HID: elan: Fix potential double free in elan_input_configured
HID: hid-led: fix maximum brightness for Dream Cheeky
mtd: rawnand: denali: Use managed device resources
EDAC/dmc520: Don't print an error for each unconfigured interrupt line
drbd: fix duplicate array initializer
target: remove an incorrect unmap zeroes data deduction
efi: Add missing prototype for efi_capsule_setup_info
NFC: NULL out the dev->rfkill to prevent UAF
net: dsa: mt7530: 1G can also support 1000BASE-X link mode
scftorture: Fix distribution of short handler delays
spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
drm: mali-dp: potential dereference of null pointer
drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
nl80211: show SSID for P2P_GO interfaces
bpf: Fix excessive memory allocation in stack_map_alloc()
libbpf: Don't error out on CO-RE relos for overriden weak subprogs
drm/vc4: txp: Force alpha to be 0xff if it's disabled
drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
drm/vc4: hvs: Reset muxes at probe time
drm/mediatek: Fix mtk_cec_mask()
drm/ingenic: Reset pixclock rate when parent clock rate changes
x86/delay: Fix the wrong asm constraint in delay_loop()
ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
spi: qcom-qspi: Add minItems to interconnect-names
drm/bridge: adv7511: clean up CEC adapter when probe fails
drm/edid: fix invalid EDID extension block filtering
ath9k: fix ar9003_get_eepmisc
ath11k: acquire ab->base_lock in unassign when finding the peer by addr
dt-bindings: display: sitronix, st7735r: Fix backlight in example
drm: fix EDID struct for old ARM OABI format
RDMA/hfi1: Prevent panic when SDMA is disabled
powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
powerpc/powernv: fix missing of_node_put in uv_init()
powerpc/xics: fix refcount leak in icp_opal_init()
powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
ARM: hisi: Add missing of_node_put after of_find_compatible_node
ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
ARM: versatile: Add missing of_node_put in dcscb_init
pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()
fat: add ratelimit to fat*_ent_bread()
powerpc/fadump: Fix fadump to work with a different endian capture kernel
ARM: OMAP1: clock: Fix UART rate reporting algorithm
fs: jfs: fix possible NULL pointer dereference in dbFree()
soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
crypto: ccree - use fine grained DMA mapping dir
PM / devfreq: rk3399_dmc: Disable edev on remove()
arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
ARM: dts: s5pv210: align DMA channels with dtschema
ARM: dts: ox820: align interrupt controller node name with dtschema
IB/rdmavt: add missing locks in rvt_ruc_loopback
gfs2: use i_lock spin_lock for inode qadata
selftests/bpf: fix btf_dump/btf_dump due to recent clang change
eth: tg3: silence the GCC 12 array-bounds warning
rxrpc, afs: Fix selection of abort codes
rxrpc: Return an error to sendmsg if call failed
m68k: atari: Make Atari ROM port I/O write macros return void
x86/microcode: Add explicit CPU vendor dependency
can: mcp251xfd: silence clang's -Wunaligned-access warning
ASoC: rt1015p: remove dependency on GPIOLIB
ASoC: max98357a: remove dependency on GPIOLIB
media: exynos4-is: Fix compile warning
net: phy: micrel: Allow probing without .driver_data
nbd: Fix hung on disconnect request if socket is closed before
ASoC: rt5645: Fix errorenous cleanup order
nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
openrisc: start CPU timer early in boot
media: cec-adap.c: fix is_configuring state
media: imon: reorganize serialization
media: coda: limit frame interval enumeration to supported encoder frame sizes
media: rga: fix possible memory leak in rga_probe
rtlwifi: Use pr_warn instead of WARN_ONCE
ipmi: Fix pr_fmt to avoid compilation issues
ipmi:ssif: Check for NULL msg when handling events and messages
ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
spi: stm32-qspi: Fix wait_cmd timeout in APM mode
perf/amd/ibs: Cascade pmu init functions' return value
s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES
net: remove two BUG() from skb_checksum_help()
ASoC: tscs454: Add endianness flag in snd_soc_component_driver
HID: bigben: fix slab-out-of-bounds Write in bigben_probe
drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
mlxsw: Treat LLDP packets as control
mlxsw: spectrum_dcb: Do not warn about priority changes
ASoC: dapm: Don't fold register value changes into notifications
net/mlx5: fs, delete the FTE when there are no rules attached to it
ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
drm: msm: fix error check return value of irq_of_parse_and_map()
arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
ath10k: skip ath10k_halt during suspend for driver state RESTARTING
drm/amd/pm: fix the compile warning
drm/plane: Move range check for format_count earlier
ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
ath11k: disable spectral scan during spectral deinit
scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync()
scsi: megaraid: Fix error check return value of register_chrdev()
drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
mmc: jz4740: Apply DMA engine limits to maximum segment size
md/bitmap: don't set sb values if can't pass sanity check
media: cx25821: Fix the warning when removing the module
media: pci: cx23885: Fix the error handling in cx23885_initdev()
media: venus: hfi: avoid null dereference in deinit
ath9k: fix QCA9561 PA bias level
drm/amd/pm: fix double free in si_parse_power_table()
tools/power turbostat: fix ICX DRAM power numbers
spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction
ALSA: jack: Access input_dev under mutex
sfc: ef10: Fix assigning negative value to unsigned variable
rcu: Make TASKS_RUDE_RCU select IRQ_WORK
rcu-tasks: Fix race in schedule and flush work
drm/komeda: return early if drm_universal_plane_init() fails.
ACPICA: Avoid cache flush inside virtual machines
x86/platform/uv: Update TSC sync state for UV5
fbcon: Consistently protect deferred_takeover with console_lock()
ipv6: fix locking issues with loops over idev->addr_list
ipw2x00: Fix potential NULL dereference in libipw_xmit()
b43: Fix assigning negative value to unsigned variable
b43legacy: Fix assigning negative value to unsigned variable
mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
iommu/vt-d: Add RPLS to quirk list to skip TE disabling
btrfs: repair super block num_devices automatically
btrfs: add "0x" prefix for unsupported optional features
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP
perf/x86/intel: Fix event constraints for ICL
x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails
parisc/stifb: Keep track of hardware path of graphics card
Fonts: Make font size unsigned in font_desc
xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
cifs: when extending a file with falloc we should make files not-sparse
usb: core: hcd: Add support for deferring roothub registration
usb: dwc3: gadget: Move null pinter check to proper place
USB: new quirk for Dell Gen 2 devices
USB: serial: option: add Quectel BG95 modem
ALSA: usb-audio: Cancel pending work at closing a MIDI substream
ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
riscv: Fix irq_work when SMP is disabled
riscv: Initialize thread pointer before calling C functions
parisc/stifb: Implement fb_is_primary_device()
binfmt_flat: do not stop relocating GOT entries prematurely on riscv
Linux 5.10.120
bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
bpf: Fix potential array overflow in bpf_trampoline_get_progs()
NFSD: Fix possible sleep during nfsd4_release_lockowner()
NFS: Memory allocation failures are not server fatal errors
docs: submitting-patches: Fix crossref to 'The canonical patch format'
tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
tpm: Fix buffer access in tpm2_get_tpm_pt()
HID: multitouch: add quirks to enable Lenovo X12 trackpoint
HID: multitouch: Add support for Google Whiskers Touchpad
raid5: introduce MD_BROKEN
dm verity: set DM_TARGET_IMMUTABLE feature flag
dm stats: add cond_resched when looping over entries
dm crypt: make printing of the key constant-time
dm integrity: fix error code in dm_integrity_ctr()
ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries
Bluetooth: hci_qca: Use del_timer_sync() before freeing
zsmalloc: fix races between asynchronous zspage free and page migration
crypto: ecrdsa - Fix incorrect use of vli_cmp
crypto: caam - fix i.MX6SX entropy delay value
KVM: x86: avoid calling x86 emulator without a decoded instruction
x86, kvm: use correct GFP flags for preemption disabled
x86/kvm: Alloc dummy async #PF token outside of raw spinlock
KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator
netfilter: conntrack: re-fetch conntrack after insertion
netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
crypto: drbg - make reseeding from get_random_bytes() synchronous
crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
crypto: drbg - prepare for more fine-grained tracking of seeding state
lib/crypto: add prompts back to crypto libraries
exfat: check if cluster num is valid
drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
xfs: Fix CIL throttle hang when CIL space used going backwards
xfs: fix an ABBA deadlock in xfs_rename
xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
xfs: show the proper user quota options
xfs: detect overflows in bmbt records
net: ipa: compute proper aggregation limit
io_uring: fix using under-expanded iters
io_uring: don't re-import iovecs from callbacks
assoc_array: Fix BUG_ON during garbage collect
cfg80211: set custom regdomain after wiphy registration
pipe: Fix missing lock in pipe_resize_ring()
pipe: make poll_usage boolean and annotate its access
netfilter: nf_tables: disallow non-stateful expression in sets earlier
drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers
i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
net: ftgmac100: Disable hardware checksum on AST2600
nfc: pn533: Fix buggy cleanup order
net: af_key: check encryption module availability consistency
percpu_ref_init(): clean ->percpu_count_ref on failure
pinctrl: sunxi: fix f1c100s uart2 function
Linux 5.10.119
ALSA: ctxfi: Add SB046x PCI ID
random: check for signals after page of pool writes
random: wire up fops->splice_{read,write}_iter()
random: convert to using fops->write_iter()
random: convert to using fops->read_iter()
random: unify batched entropy implementations
random: move randomize_page() into mm where it belongs
random: move initialization functions out of hot pages
random: make consistent use of buf and len
random: use proper return types on get_random_{int,long}_wait()
random: remove extern from functions in header
random: use static branch for crng_ready()
random: credit architectural init the exact amount
random: handle latent entropy and command line from random_init()
random: use proper jiffies comparison macro
random: remove ratelimiting for in-kernel unseeded randomness
random: move initialization out of reseeding hot path
random: avoid initializing twice in credit race
random: use symbolic constants for crng_init states
siphash: use one source of truth for siphash permutations
random: help compiler out with fast_mix() by using simpler arguments
random: do not use input pool from hard IRQs
random: order timer entropy functions below interrupt functions
random: do not pretend to handle premature next security model
random: use first 128 bits of input as fast init
random: do not use batches when !crng_ready()
random: insist on random_get_entropy() existing in order to simplify
xtensa: use fallback for random_get_entropy() instead of zero
sparc: use fallback for random_get_entropy() instead of zero
um: use fallback for random_get_entropy() instead of zero
x86/tsc: Use fallback for random_get_entropy() instead of zero
nios2: use fallback for random_get_entropy() instead of zero
arm: use fallback for random_get_entropy() instead of zero
mips: use fallback for random_get_entropy() instead of just c0 random
riscv: use fallback for random_get_entropy() instead of zero
m68k: use fallback for random_get_entropy() instead of zero
timekeeping: Add raw clock fallback for random_get_entropy()
powerpc: define get_cycles macro for arch-override
alpha: define get_cycles macro for arch-override
parisc: define get_cycles macro for arch-override
s390: define get_cycles macro for arch-override
ia64: define get_cycles macro for arch-override
init: call time_init() before rand_initialize()
random: fix sysctl documentation nits
random: document crng_fast_key_erasure() destination possibility
random: make random_get_entropy() return an unsigned long
random: allow partial reads if later user copies fail
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
random: check for signal_pending() outside of need_resched() check
random: do not allow user to keep crng key around on stack
random: do not split fast init input in add_hwgenerator_randomness()
random: mix build-time latent entropy into pool at init
random: re-add removed comment about get_random_{u32,u64} reseeding
random: treat bootloader trust toggle the same way as cpu trust toggle
random: skip fast_init if hwrng provides large chunk of entropy
random: check for signal and try earlier when generating entropy
random: reseed more often immediately after booting
random: make consistent usage of crng_ready()
random: use SipHash as interrupt entropy accumulator
random: replace custom notifier chain with standard one
random: don't let 644 read-only sysctls be written to
random: give sysctl_random_min_urandom_seed a more sensible value
random: do crng pre-init loading in worker rather than irq
random: unify cycles_t and jiffies usage and types
random: cleanup UUID handling
random: only wake up writers after zap if threshold was passed
random: round-robin registers as ulong, not u32
random: clear fast pool, crng, and batches in cpuhp bring up
random: pull add_hwgenerator_randomness() declaration into random.h
random: check for crng_init == 0 in add_device_randomness()
random: unify early init crng load accounting
random: do not take pool spinlock at boot
random: defer fast pool mixing to worker
random: rewrite header introductory comment
random: group sysctl functions
random: group userspace read/write functions
random: group entropy collection functions
random: group entropy extraction functions
random: group crng functions
random: group initialization wait functions
random: remove whitespace and reorder includes
random: remove useless header comment
random: introduce drain_entropy() helper to declutter crng_reseed()
random: deobfuscate irq u32/u64 contributions
random: add proper SPDX header
random: remove unused tracepoints
random: remove ifdef'd out interrupt bench
random: tie batched entropy generation to base_crng generation
random: fix locking for crng_init in crng_reseed()
random: zero buffer after reading entropy from userspace
random: remove outdated INT_MAX >> 6 check in urandom_read()
random: make more consistent use of integer types
random: use hash function for crng_slow_load()
random: use simpler fast key erasure flow on per-cpu keys
random: absorb fast pool into input pool after fast load
random: do not xor RDRAND when writing into /dev/random
random: ensure early RDSEED goes through mixer on init
random: inline leaves of rand_initialize()
random: get rid of secondary crngs
random: use RDSEED instead of RDRAND in entropy extraction
random: fix locking in crng_fast_load()
random: remove batched entropy locking
random: remove use_input_pool parameter from crng_reseed()
random: make credit_entropy_bits() always safe
random: always wake up entropy writers after extraction
random: use linear min-entropy accumulation crediting
random: simplify entropy debiting
random: use computational hash for entropy extraction
random: only call crng_finalize_init() for primary_crng
random: access primary_pool directly rather than through pointer
random: continually use hwgenerator randomness
random: simplify arithmetic function flow in account()
random: selectively clang-format where it makes sense
random: access input_pool_data directly rather than through pointer
random: cleanup fractional entropy shift constants
random: prepend remaining pool constants with POOL_
random: de-duplicate INPUT_POOL constants
random: remove unused OUTPUT_POOL constants
random: rather than entropy_store abstraction, use global
random: remove unused extract_entropy() reserved argument
random: remove incomplete last_data logic
random: cleanup integer types
random: cleanup poolinfo abstraction
random: fix typo in comments
random: don't reset crng_init_cnt on urandom_read()
random: avoid superfluous call to RDRAND in CRNG extraction
random: early initialization of ChaCha constants
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
random: harmonize "crng init done" messages
random: mix bootloader randomness into pool
random: do not re-init if crng_reseed completes before primary init
random: do not sign extend bytes for rotation when mixing
random: use BLAKE2s instead of SHA1 in extraction
random: remove unused irq_flags argument from add_interrupt_randomness()
random: document add_hwgenerator_randomness() with other input functions
lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
lib/crypto: sha1: re-roll loops to reduce code size
lib/crypto: blake2s: move hmac construction into wireguard
lib/crypto: blake2s: include as built-in
crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
crypto: blake2s - adjust include guard naming
crypto: blake2s - add comment for blake2s_state fields
crypto: blake2s - optimize blake2s initialization
crypto: blake2s - share the "shash" API boilerplate code
crypto: blake2s - move update and final logic to internal/blake2s.h
crypto: blake2s - remove unneeded includes
crypto: x86/blake2s - define shash_alg structs using macros
crypto: blake2s - define shash_alg structs using macros
crypto: lib/blake2s - Move selftest prototype into header file
MAINTAINERS: add git tree for random.c
MAINTAINERS: co-maintain random.c
random: remove dead code left over from blocking pool
random: avoid arch_get_random_seed_long() when collecting IRQ randomness
ACPI: sysfs: Fix BERT error region memory mapping
ACPI: sysfs: Make sparse happy about address space in use
media: vim2m: initialize the media device earlier
media: vim2m: Register video device after setting up internals
secure_seq: use the 64 bits of the siphash for port offset calculation
tcp: change source port randomizarion at connect() time
KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
KVM: x86: Properly handle APF vs disabled LAPIC situation
staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
lockdown: also lock down previous kgdb use
Linux 5.10.118
module: check for exit sections in layout_sections() instead of module_init_section()
include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage
afs: Fix afs_getattr() to refetch file status if callback break occurred
i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe()
module: treat exit sections the same as init sections when !CONFIG_MODULE_UNLOAD
dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group
Input: ili210x - fix reset timing
arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs
net: atlantic: verify hw_head_ lies within TX buffer ring
net: atlantic: add check for MAX_SKB_FRAGS
net: atlantic: reduce scope of is_rsc_complete
net: atlantic: fix "frag[0] not initialized"
net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe()
ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one()
nl80211: fix locking in nl80211_set_tx_bitrate_mask()
selftests: add ping test with ping_group_range tuned
nl80211: validate S1G channel width
mac80211: fix rx reordering with non explicit / psmp ack policy
scsi: qla2xxx: Fix missed DMA unmap for aborted commands
perf bench numa: Address compiler error on s390
gpio: mvebu/pwm: Refuse requests with inverted polarity
gpio: gpio-vf610: do not touch other bits when set the target bit
riscv: dts: sifive: fu540-c000: align dma node name with dtschema
net: bridge: Clear offload_fwd_mark when passing frame up bridge interface.
igb: skip phy status check where unavailable
ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2
ARM: 9196/1: spectre-bhb: enable for Cortex-A15
net: af_key: add check for pfkey_broadcast in function pfkey_process
net/mlx5e: Properly block LRO when XDP is enabled
NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc
net/qla3xxx: Fix a test in ql_reset_work()
clk: at91: generated: consider range when calculating best rate
ice: fix possible under reporting of ethtool Tx and Rx statistics
net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup()
net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf()
net: systemport: Fix an error handling path in bcm_sysport_probe()
net/sched: act_pedit: sanitize shift argument before usage
xfrm: fix "disable_policy" flag use when arriving from different devices
xfrm: rework default policy structure
xfrm: fix dflt policy check when there is no policy configured
xfrm: notify default policy on update
xfrm: make user policy API complete
net: xfrm: fix shift-out-of-bounce
xfrm: Add possibility to set the default to block if we have no policy
net: evaluate net.ipvX.conf.all.disable_policy and disable_xfrm
net: macb: Increment rx bd head after allocating skb and buffer
net: ipa: record proper RX transaction count
ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group
pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl
ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi
dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace
drm/dp/mst: fix a possible memory leak in fetch_monitor_name()
libceph: fix potential use-after-free on linger ping and resends
crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
arm64: mte: Ensure the cleared tags are visible before setting the PTE
arm64: paravirt: Use RCU read locks to guard stolen_time
KVM: x86/mmu: Update number of zapped pages even if page list is stable
PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold
Fix double fget() in vhost_net_set_backend()
selinux: fix bad cleanup on error in hashtab_duplicate()
perf: Fix sys_perf_event_open() race against self
ALSA: hda/realtek: Add quirk for TongFang devices with pop noise
ALSA: wavefront: Proper check of get_user() error
ALSA: usb-audio: Restore Rane SL-1 quirk
Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""
Revert "swiotlb: fix info leak with DMA_FROM_DEVICE"
nilfs2: fix lockdep warnings during disk space reclamation
nilfs2: fix lockdep warnings in page operations for btree nodes
ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame()
platform/chrome: cros_ec_debugfs: detach log reader wq from devm
drbd: remove usage of list iterator variable after loop
MIPS: lantiq: check the return value of kzalloc()
fs: fix an infinite loop in iomap_fiemap
rtc: mc146818-lib: Fix the AltCentury for AMD platforms
nvme-multipath: fix hang when disk goes live over reconnect
tools/virtio: compile with -pthread
vhost_vdpa: don't setup irq offloading when irq_num < 0
s390/pci: improve zpci_dev reference counting
ALSA: hda/realtek: Enable headset mic on Lenovo P360
crypto: x86/chacha20 - Avoid spurious jumps to other functions
crypto: stm32 - fix reference leak in stm32_crc_remove
rtc: sun6i: Fix time overflow handling
gfs2: Disable page faults during lockless buffered reads
nvme-pci: add quirks for Samsung X5 SSDs
Input: stmfts - fix reference leak in stmfts_input_open
Input: add bounds checking to input_set_capability()
um: Cleanup syscall_handler_t definition/cast, fix warning
rtc: pcf2127: fix bug when reading alarm registers
rtc: fix use-after-free on device removal
igc: Update I226_K device ID
igc: Remove phy->type checking
igc: Remove _I_PHY_ID checking
Revert "drm/i915/opregion: check port number bounds for SWSCI display power state"
floppy: use a statically allocated error counter
io_uring: always grab file table for deferred statx
usb: gadget: fix race when gadget driver register via ioctl
Conflicts:
Documentation/devicetree/bindings
Documentation/devicetree/bindings/display/sitronix,st7735r.yaml
Documentation/devicetree/bindings/dma/allwinner,sun50i-a64-dma.yaml
Documentation/devicetree/bindings/gpio/gpio-altera.txt
Documentation/devicetree/bindings/pinctrl/aspeed,ast2600-pinctrl.yaml
Documentation/devicetree/bindings/spi/qcom,spi-qcom-qspi.yaml
drivers/scsi/ufs/ufs-qcom.c
drivers/soc/qcom/llcc-qcom.c
drivers/virtio/virtio_mmio.c
Change-Id: I7130d4c99319ff2a9474e07159e3943d94059e3a
Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com>
|
||
Robin Murphy
|
abb277d9f1 |
FROMGIT: mm/vmalloc: Add override for lazy vunmap
Add an interface for arch code to disable lazy vunmap by forcing the threshold to zero. This might be interesting for debugging/testing in general, but primarily helps a horrible situation which needs to guarantee that vmalloc aliases are up-to-date from atomic context, wherein the only practical solution is to never let them get stale in the first place. Bug: 223346425 (cherry picked from commit 2a34c1503b85f49dd472dfd932dfcd16cab8ee8a https://git.gitlab.arm.com/linux-arm/linux-rm.git arm64/2454944) Change-Id: I694523564357b4c43d30c129af1e89fd803824d3 Signed-off-by: Robin Murphy <robin.murphy@arm.com> Signed-off-by: Beata Michalska <beata.michalska@arm.com> |
||
|
Mike Rapoport
|
68d4b5fef2 |
BACKPORT: mm/page_alloc: always initialize memory map for the holes
Patch series "mm: ensure consistency of memory map poisoning". Currently memory map allocation for FLATMEM case does not poison the struct pages regardless of CONFIG_PAGE_POISON setting. This happens because allocation of the memory map for FLATMEM and SPARSMEM use different memblock functions and those that are used for SPARSMEM case (namely memblock_alloc_try_nid_raw() and memblock_alloc_exact_nid_raw()) implicitly poison the allocated memory. Another side effect of this implicit poisoning is that early setup code that uses the same functions to allocate memory burns cycles for the memory poisoning even if it was not intended. These patches introduce memmap_alloc() wrapper that ensure that the memory map allocation is consistent for different memory models. This patch (of 4): Currently memory map for the holes is initialized only when SPARSEMEM memory model is used. Yet, even with FLATMEM there could be holes in the physical memory layout that have memory map entries. For instance, the memory reserved using e820 API on i386 or "reserved-memory" nodes in device tree would not appear in memblock.memory and hence the struct pages for such holes will be skipped during memory map initialization. These struct pages will be zeroed because the memory map for FLATMEM systems is allocated with memblock_alloc_node() that clears the allocated memory. While zeroed struct pages do not cause immediate problems, the correct behaviour is to initialize every page using __init_single_page(). Besides, enabling page poison for FLATMEM case will trigger PF_POISONED_CHECK() unless the memory map is properly initialized. Make sure init_unavailable_range() is called for both SPARSEMEM and FLATMEM so that struct pages representing memory holes would appear as PG_Reserved with any memory layout. [rppt@kernel.org: fix microblaze] Link: https://lkml.kernel.org/r/YQWW3RCE4eWBuMu/@kernel.org (cherry picked from commit c3ab6baf6a004eab7344a1d8880a971f2414e1b6) Bug: 258556132 Link: https://lkml.kernel.org/r/20210714123739.16493-1-rppt@kernel.org Link: https://lkml.kernel.org/r/20210714123739.16493-2-rppt@kernel.org Change-Id: Ib60682288ba76e65384de91b70a08662ead12934 Signed-off-by: Mike Rapoport <rppt@linux.ibm.com> Acked-by: David Hildenbrand <david@redhat.com> Tested-by: Guenter Roeck <linux@roeck-us.net> Cc: Michal Simek <monstr@monstr.eu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
SeongJae Park
|
e0243d1991 |
UPSTREAM: mm/damon/core: initialize damon_target->list in damon_new_target()
'struct damon_target' creation function, 'damon_new_target()' is not initializing its '->list' field, unlike other DAMON structs creator functions such as 'damon_new_region()'. Normal users of 'damon_new_target()' initializes the field by adding the target to DAMON context's targets list, but some code could access the uninitialized field. This commit avoids the case by initializing the field in 'damon_new_target()'. Bug: 254441685 Link: https://lkml.kernel.org/r/20221002193130.8227-1-sj@kernel.org Fixes: f23b8eee1871 ("mm/damon/core: implement region-based sampling") Signed-off-by: SeongJae Park <sj@kernel.org> Reported-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Tested-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit b1f44cdabad8c50cd72d6b6731e9fdf3730a8f4f) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: Ie500358e0cc7d5bf82225e6e2b5229f6629736f4 |
||
|
Baolin Wang
|
2df2e2c084 |
UPSTREAM: mm/damon: validate if the pmd entry is present before accessing
pmd_huge() is used to validate if the pmd entry is mapped by a huge page, also including the case of non-present (migration or hwpoisoned) pmd entry on arm64 or x86 architectures. This means that pmd_pfn() can not get the correct pfn number for a non-present pmd entry, which will cause damon_get_page() to get an incorrect page struct (also may be NULL by pfn_to_online_page()), making the access statistics incorrect. This means that the DAMON may make incorrect decision according to the incorrect statistics, for example, DAMON may can not reclaim cold page in time due to this cold page was regarded as accessed mistakenly if DAMOS_PAGEOUT operation is specified. Moreover it does not make sense that we still waste time to get the page of the non-present entry. Just treat it as not-accessed and skip it, which maintains consistency with non-present pte level entries. So add pmd entry present validation to fix the above issues. Bug: 254441685 Link: https://lkml.kernel.org/r/58b1d1f5fbda7db49ca886d9ef6783e3dcbbbc98.1660805030.git.baolin.wang@linux.alibaba.com Fixes: 3f49584b262c ("mm/damon: implement primitives for the virtual memory address spaces") Signed-off-by: Baolin Wang <baolin.wang@linux.alibaba.com> Reviewed-by: SeongJae Park <sj@kernel.org> Reviewed-by: Muchun Song <songmuchun@bytedance.com> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit c8b9aff419303e4d4219b5ff64b1c7e062dee48e) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: Idda1765dcbc93a28ad38ccc53688d69b64202330 |
||
Greg Kroah-Hartman
|
ed91943b48 |
UPSTREAM: mm/damon/dbgfs: fix memory leak when using debugfs_lookup()
When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dput(). Bug: 254441685 Link: https://lkml.kernel.org/r/20220902191149.112434-1-sj@kernel.org Fixes: 75c1c2b53c78b ("mm/damon/dbgfs: support multiple contexts") Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: SeongJae Park <sj@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit 1552fd3ef7dbe07208b8ae84a0a6566adf7dfc9d) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: I7f2e8fa0167b3e44c4c251a51df341a6a7d98fd2 |
||
Badari Pulavarty
|
3093f8b52c |
UPSTREAM: mm/damon/dbgfs: avoid duplicate context directory creation
When user tries to create a DAMON context via the DAMON debugfs interface
with a name of an already existing context, the context directory creation
fails but a new context is created and added in the internal data
structure, due to absence of the directory creation success check. As a
result, memory could leak and DAMON cannot be turned on. An example test
case is as below:
# cd /sys/kernel/debug/damon/
# echo "off" > monitor_on
# echo paddr > target_ids
# echo "abc" > mk_context
# echo "abc" > mk_context
# echo $$ > abc/target_ids
# echo "on" > monitor_on <<< fails
Return value of 'debugfs_create_dir()' is expected to be ignored in
general, but this is an exceptional case as DAMON feature is depending
on the debugfs functionality and it has the potential duplicate name
issue. This commit therefore fixes the issue by checking the directory
creation failure and immediately return the error in the case.
Bug: 254441685
Link: https://lkml.kernel.org/r/20220821180853.2400-1-sj@kernel.org
Fixes: 75c1c2b53c78 ("mm/damon/dbgfs: support multiple contexts")
Signed-off-by: Badari Pulavarty <badari.pulavarty@intel.com>
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: <stable@vger.kernel.org> [ 5.15.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit d26f60703606ab425eee9882b32a1781a8bed74d)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I8951b95f41306818ef1b4a5789369a84d8ca2cf2
|
||
Josef Bacik
|
fdc033d445 |
UPSTREAM: mm: fix page leak with multiple threads mapping the same page
We have an application with a lot of threads that use a shared mmap backed by tmpfs mounted with -o huge=within_size. This application started leaking loads of huge pages when we upgraded to a recent kernel. Using the page ref tracepoints and a BPF program written by Tejun Heo we were able to determine that these pages would have multiple refcounts from the page fault path, but when it came to unmap time we wouldn't drop the number of refs we had added from the faults. I wrote a reproducer that mmap'ed a file backed by tmpfs with -o huge=always, and then spawned 20 threads all looping faulting random offsets in this map, while using madvise(MADV_DONTNEED) randomly for huge page aligned ranges. This very quickly reproduced the problem. The problem here is that we check for the case that we have multiple threads faulting in a range that was previously unmapped. One thread maps the PMD, the other thread loses the race and then returns 0. However at this point we already have the page, and we are no longer putting this page into the processes address space, and so we leak the page. We actually did the correct thing prior to f9ce0be71d1f, however it looks like Kirill copied what we do in the anonymous page case. In the anonymous page case we don't yet have a page, so we don't have to drop a reference on anything. Previously we did the correct thing for file based faults by returning VM_FAULT_NOPAGE so we correctly drop the reference on the page we faulted in. Fix this by returning VM_FAULT_NOPAGE in the pmd_devmap_trans_unstable() case, this makes us drop the ref on the page properly, and now my reproducer no longer leaks the huge pages. Bug: 254441685 [josef@toxicpanda.com: v2] Link: https://lkml.kernel.org/r/e90c8f0dbae836632b669c2afc434006a00d4a67.1657721478.git.josef@toxicpanda.com Link: https://lkml.kernel.org/r/2b798acfd95c9ab9395fe85e8d5a835e2e10a920.1657051137.git.josef@toxicpanda.com Fixes: f9ce0be71d1f ("mm: Cleanup faultaround and finish_fault() codepaths") Signed-off-by: Josef Bacik <josef@toxicpanda.com> Signed-off-by: Rik van Riel <riel@surriel.com> Signed-off-by: Chris Mason <clm@fb.com> Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit 3fe2895cfecd03ac74977f32102b966b6589f481) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: I982509aab4bcbf22d66aff5e1d3dfce927426f51 |
||
|
Baolin Wang
|
0b21c99c83 |
UPSTREAM: mm/damon: use set_huge_pte_at() to make huge pte old
The huge_ptep_set_access_flags() can not make the huge pte old according to the discussion [1], that means we will always mornitor the young state of the hugetlb though we stopped accessing the hugetlb, as a result DAMON will get inaccurate accessing statistics. So changing to use set_huge_pte_at() to make the huge pte old to fix this issue. [1] https://lore.kernel.org/all/Yqy97gXI4Nqb7dYo@arm.com/ Bug: 254441685 Link: https://lkml.kernel.org/r/1655692482-28797-1-git-send-email-baolin.wang@linux.alibaba.com Fixes: 49f4203aae06 ("mm/damon: add access checking for hugetlb pages") Signed-off-by: Baolin Wang <baolin.wang@linux.alibaba.com> Reviewed-by: SeongJae Park <sj@kernel.org> Acked-by: Mike Kravetz <mike.kravetz@oracle.com> Reviewed-by: Muchun Song <songmuchun@bytedance.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit ed1523a895ffdabcab6e067af18685ed00f5ce15) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: I4bdab0c5baace75e01c64e0d10fd8fc4d4ea93b8 |
||
Dong Aisheng
|
e3b4c69c57 |
BACKPORT: Revert "mm/cma.c: remove redundant cma_mutex lock"
This reverts commit a4efc174b382fcdb which introduced a regression issue
that when there're multiple processes allocating dma memory in parallel by
calling dma_alloc_coherent(), it may fail sometimes as follows:
Error log:
cma: cma_alloc: linux,cma: alloc failed, req-size: 148 pages, ret: -16
cma: number of available pages:
3@125+20@172+12@236+4@380+32@736+17@2287+23@2473+20@36076+99@40477+108@40852+44@41108+20@41196+108@41364+108@41620+
108@42900+108@43156+483@44061+1763@45341+1440@47712+20@49324+20@49388+5076@49452+2304@55040+35@58141+20@58220+20@58284+
7188@58348+84@66220+7276@66452+227@74525+6371@75549=> 33161 free of 81920 total pages
When issue happened, we saw there were still 33161 pages (129M) free CMA
memory and a lot available free slots for 148 pages in CMA bitmap that we
want to allocate.
When dumping memory info, we found that there was also ~342M normal
memory, but only 1352K CMA memory left in buddy system while a lot of
pageblocks were isolated.
Memory info log:
Normal free:351096kB min:30000kB low:37500kB high:45000kB reserved_highatomic:0KB
active_anon:98060kB inactive_anon:98948kB active_file:60864kB inactive_file:31776kB
unevictable:0kB writepending:0kB present:1048576kB managed:1018328kB mlocked:0kB
bounce:0kB free_pcp:220kB local_pcp:192kB free_cma:1352kB lowmem_reserve[]: 0 0 0
Normal: 78*4kB (UECI) 1772*8kB (UMECI) 1335*16kB (UMECI) 360*32kB (UMECI) 65*64kB (UMCI)
36*128kB (UMECI) 16*256kB (UMCI) 6*512kB (EI) 8*1024kB (UEI) 4*2048kB (MI) 8*4096kB (EI)
8*8192kB (UI) 3*16384kB (EI) 8*32768kB (M) = 489288kB
The root cause of this issue is that since commit a4efc174b382 ("mm/cma.c:
remove redundant cma_mutex lock"), CMA supports concurrent memory
allocation. It's possible that the memory range process A trying to alloc
has already been isolated by the allocation of process B during memory
migration.
The problem here is that the memory range isolated during one allocation
by start_isolate_page_range() could be much bigger than the real size we
want to alloc due to the range is aligned to MAX_ORDER_NR_PAGES.
Taking an ARMv7 platform with 1G memory as an example, when
MAX_ORDER_NR_PAGES is big (e.g. 32M with max_order 14) and CMA memory is
relatively small (e.g. 128M), there're only 4 MAX_ORDER slot, then it's
very easy that all CMA memory may have already been isolated by other
processes when one trying to allocate memory using dma_alloc_coherent().
Since current CMA code will only scan one time of whole available CMA
memory, then dma_alloc_coherent() may easy fail due to contention with
other processes.
This patch simply falls back to the original method that using cma_mutex
to make alloc_contig_range() run sequentially to avoid the issue.
Bug: 254441685
Link: https://lkml.kernel.org/r/20220509094551.3596244-1-aisheng.dong@nxp.com
Link: https://lore.kernel.org/all/20220315144521.3810298-2-aisheng.dong@nxp.com/
Fixes: a4efc174b382 ("mm/cma.c: remove redundant cma_mutex lock")
Signed-off-by: Dong Aisheng <aisheng.dong@nxp.com>
Acked-by: Minchan Kim <minchan@kernel.org>
Acked-by: David Hildenbrand <david@redhat.com>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Lecopzer Chen <lecopzer.chen@mediatek.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: <stable@vger.kernel.org> [5.11+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit 60a60e32cf91169840abcb4a80f0b0df31708ba7)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I4f94b43316d2fae1481eefa038bb4d6fbf5946cd
|
||
|
Baolin Wang
|
ec3e1bddde |
UPSTREAM: mm: hugetlb: add missing cache flushing in hugetlb_unshare_all_pmds()
Missed calling flush_cache_range() before removing the sharing PMD entrires, otherwise data consistence issue may be occurred on some architectures whose caches are strict and require a virtual>physical translation to exist for a virtual address. Thus add it. Now no architectures enabling PMD sharing will be affected, since they do not have a VIVT cache. That means this issue can not be happened in practice so far. Bug: 254441685 Link: https://lkml.kernel.org/r/47441086affcabb6ecbe403173e9283b0d904b38.1650956489.git.baolin.wang@linux.alibaba.com Link: https://lkml.kernel.org/r/419b0e777c9e6d1454dcd906e0f5b752a736d335.1650781755.git.baolin.wang@linux.alibaba.com Fixes: 6dfeaff93be1 ("hugetlb/userfaultfd: unshare all pmds for hugetlbfs when register wp") Signed-off-by: Baolin Wang <baolin.wang@linux.alibaba.com> Reviewed-by: Muchun Song <songmuchun@bytedance.com> Reviewed-by: Peter Xu <peterx@redhat.com> Cc: Mike Kravetz <mike.kravetz@oracle.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> (cherry picked from commit 9c8bbfaca1bce84664403fd7dddbef6b3ff0a05a) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: Ifb14e96429c339520083ff8ddb2bf58f4e6fa899 |
||
Pankaj Gupta
|
0b692d41ee |
mm/memremap.c: map FS_DAX device memory as decrypted
commit 867400af90f1f953ff9e10b1b87ecaf9369a7eb8 upstream.
virtio_pmem use devm_memremap_pages() to map the device memory. By
default this memory is mapped as encrypted with SEV. Guest reboot changes
the current encryption key and guest no longer properly decrypts the FSDAX
device meta data.
Mark the corresponding device memory region for FSDAX devices (mapped with
memremap_pages) as decrypted to retain the persistent memory property.
Link: https://lkml.kernel.org/r/20221102160728.3184016-1-pankaj.gupta@amd.com
Fixes:
|
||
|
Greg Kroah-Hartman
|
0b500f5b16 |
This is the 5.10.150 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmNZGa8ACgkQONu9yGCS
aT48lBAA04ORlv/P+tkaLh7gkJjuvnbsemni3KXdpq0hcOfUIpdquUvU06tD7T/P
cnM20NPgBR+IZ1sIcGWdPhTpIOEId9yxu84HQT5ctOjAZPuGg98s2JOQaXWD3Jh2
g88kbWgMeThfrJebPYZMofy5vRSZ5eMatAixhtjaM/2b/MXDSu2rIL4AoHZ99CKr
wovy1r1bN2niJADu8DwC+jANrPTfStMsjJ9dcOpAqVt83EKz0j3ktCDfzcUftFIw
z4y5leEx1qftUOWtY1DKPZEAhMZSpjZYLC1nldopwEl2JvZ7z9aGx3fFJyr/7zOt
4/mNWT2Ra4S9Tqn2RuFnCdWfqGBOmrE0AJf37IdEdpnlcXol6NaGu4LsQsQq4ffk
DxPc6tN6BGY1XXh+pNSlSW7jsXx6jbJ+OnL8JpSXV49ZOofz3XPTHQ/8tJEttfO4
rURa3iMk4GFeORw+mrHKOVJuWcfpnjVoxStGv6XiKqPpHjwbtB8ZGBlr9pMDYDQP
i2RBwkr/cz5JJzlaA4Q/n96nbZFAKpsiy0Vh1MWboxxlojIqLe3yIlZT6b2M3CFf
jsoqlLfaBjBa7RGQP1rW/im2SqxG2ftTiRdGZXPvjEZKnfIpUZEFszD9TmSuIk8f
uuJY2Tj6rSJ2nJPS0iui/KVQ78IWLz9PG3Xwm5E2A9QcPz1JAfk=
=pfwB
-----END PGP SIGNATURE-----
Merge 5.10.150 into android12-5.10-lts
Changes in 5.10.150
ALSA: oss: Fix potential deadlock at unregistration
ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
ALSA: usb-audio: Fix potential memory leaks
ALSA: usb-audio: Fix NULL dererence at error path
ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
ALSA: hda/realtek: Correct pin configs for ASUS G533Z
ALSA: hda/realtek: Add quirk for ASUS GV601R laptop
ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
mtd: rawnand: atmel: Unmap streaming DMA mappings
cifs: destage dirty pages before re-reading them for cache=none
cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
iio: dac: ad5593r: Fix i2c read protocol requirements
iio: ltc2497: Fix reading conversion results
iio: adc: ad7923: fix channel readings for some variants
iio: pressure: dps310: Refactor startup procedure
iio: pressure: dps310: Reset chip after timeout
usb: add quirks for Lenovo OneLink+ Dock
can: kvaser_usb: Fix use of uninitialized completion
can: kvaser_usb_leaf: Fix overread with an invalid command
can: kvaser_usb_leaf: Fix TX queue out of sync after restart
can: kvaser_usb_leaf: Fix CAN state after restart
mmc: sdhci-sprd: Fix minimum clock limit
fs: dlm: fix race between test_bit() and queue_work()
fs: dlm: handle -EBUSY first in lock arg validation
HID: multitouch: Add memory barriers
quota: Check next/prev free block number after reading from quota file
platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT failure
ASoC: wcd9335: fix order of Slimbus unprepare/disable
ASoC: wcd934x: fix order of Slimbus unprepare/disable
hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API
regulator: qcom_rpm: Fix circular deferral regression
RISC-V: Make port I/O string accessors actually work
parisc: fbdev/stifb: Align graphics memory size to 4MB
riscv: Allow PROT_WRITE-only mmap()
riscv: Make VM_WRITE imply VM_READ
riscv: Pass -mno-relax only on lld < 15.0.0
UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
nvme-pci: set min_align_mask before calculating max_hw_sectors
drm/virtio: Check whether transferred 2D BO is shmem
drm/udl: Restore display mode on resume
block: fix inflight statistics of part0
mm/mmap: undo ->mmap() when arch_validate_flags() fails
PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
powercap: intel_rapl: Use standard Energy Unit for SPR Dram RAPL domain
powerpc/boot: Explicitly disable usage of SPE instructions
scsi: qedf: Populate sysfs attributes for vport
fbdev: smscufx: Fix use-after-free in ufx_ops_open()
btrfs: fix race between quota enable and quota rescan ioctl
f2fs: increase the limit for reserve_root
f2fs: fix to do sanity check on destination blkaddr during recovery
f2fs: fix to do sanity check on summary info
hardening: Clarify Kconfig text for auto-var-init
hardening: Avoid harmless Clang option under CONFIG_INIT_STACK_ALL_ZERO
hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero
jbd2: wake up journal waiters in FIFO order, not LIFO
jbd2: fix potential buffer head reference count leak
jbd2: fix potential use-after-free in jbd2_fc_wait_bufs
jbd2: add miss release buffer head in fc_do_one_pass()
ext4: avoid crash when inline data creation follows DIO write
ext4: fix null-ptr-deref in ext4_write_info
ext4: make ext4_lazyinit_thread freezable
ext4: fix check for block being out of directory size
ext4: don't increase iversion counter for ea_inodes
ext4: ext4_read_bh_lock() should submit IO if the buffer isn't uptodate
ext4: place buffer head allocation before handle start
ext4: fix miss release buffer head in ext4_fc_write_inode
ext4: fix potential memory leak in ext4_fc_record_modified_inode()
ext4: fix potential memory leak in ext4_fc_record_regions()
ext4: update 'state->fc_regions_size' after successful memory allocation
livepatch: fix race between fork and KLP transition
ftrace: Properly unset FTRACE_HASH_FL_MOD
ring-buffer: Allow splice to read previous partially read pages
ring-buffer: Have the shortest_full queue be the shortest not longest
ring-buffer: Check pending waiters when doing wake ups as well
ring-buffer: Add ring_buffer_wake_waiters()
ring-buffer: Fix race between reset page and reading page
tracing: Disable interrupt or preemption before acquiring arch_spinlock_t
thunderbolt: Explicitly enable lane adapter hotplug events at startup
efi: libstub: drop pointless get_memory_map() call
media: cedrus: Set the platform driver data earlier
KVM: x86/emulator: Fix handing of POP SS to correctly set interruptibility
KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
KVM: VMX: Drop bits 31:16 when shoving exception error code into VMCS
staging: greybus: audio_helper: remove unused and wrong debugfs usage
drm/nouveau/kms/nv140-: Disable interlacing
drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
drm/i915: Fix watermark calculations for gen12+ RC CCS modifier
drm/i915: Fix watermark calculations for gen12+ MC CCS modifier
smb3: must initialize two ACL struct fields to zero
selinux: use "grep -E" instead of "egrep"
userfaultfd: open userfaultfds with O_RDONLY
sh: machvec: Use char[] for section boundaries
MIPS: SGI-IP27: Free some unused memory
MIPS: SGI-IP27: Fix platform-device leak in bridge_platform_create()
ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd()
ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
objtool: Preserve special st_shndx indexes in elf_update_symbol
nfsd: Fix a memory leak in an error handling path
wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
leds: lm3601x: Don't use mutex after it was destroyed
wifi: mac80211: allow bw change during channel switch in mesh
bpftool: Fix a wrong type cast in btf_dumper_int
spi: mt7621: Fix an error message in mt7621_spi_probe()
x86/resctrl: Fix to restore to original value when re-enabling hardware prefetch register
Bluetooth: btusb: Fine-tune mt7663 mechanism.
Bluetooth: btusb: fix excessive stack usage
Bluetooth: btusb: mediatek: fix WMT failure during runtime suspend
wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
selftests/xsk: Avoid use-after-free on ctx
spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
spi: qup: add missing clk_disable_unprepare on error in spi_qup_pm_resume_runtime()
wifi: rtl8xxxu: Fix skb misuse in TX queue selection
spi: meson-spicc: do not rely on busy flag in pow2 clk ops
bpf: btf: fix truncated last_member_type_id in btf_struct_resolve
wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
net: fs_enet: Fix wrong check in do_pd_setup
bpf: Ensure correct locking around vulnerable function find_vpid()
Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure
wifi: ath11k: fix number of VHT beamformee spatial streams
x86/microcode/AMD: Track patch allocation size explicitly
x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype
spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe
spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
i2c: mlxbf: support lock mechanism
Bluetooth: hci_core: Fix not handling link timeouts propertly
netfilter: nft_fib: Fix for rpath check with VRF devices
spi: s3c64xx: Fix large transfers with DMA
wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
vhost/vsock: Use kvmalloc/kvfree for larger packets.
mISDN: fix use-after-free bugs in l1oip timer handlers
sctp: handle the error returned from sctp_auth_asoc_init_active_key
tcp: fix tcp_cwnd_validate() to not forget is_cwnd_limited
spi: Ensure that sg_table won't be used after being freed
net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks()
bnx2x: fix potential memory leak in bnx2x_tpa_stop()
net/ieee802154: reject zero-sized raw_sendmsg()
once: add DO_ONCE_SLOW() for sleepable contexts
net: mvpp2: fix mvpp2 debugfs leak
drm: bridge: adv7511: fix CEC power down control register offset
drm/bridge: Avoid uninitialized variable warning
drm/mipi-dsi: Detach devices when removing the host
drm/bridge: parade-ps8640: Fix regulator supply order
drm/dp_mst: fix drm_dp_dpcd_read return value checks
drm:pl111: Add of_node_put() when breaking out of for_each_available_child_of_node()
platform/chrome: fix double-free in chromeos_laptop_prepare()
platform/chrome: fix memory corruption in ioctl
ASoC: tas2764: Allow mono streams
ASoC: tas2764: Drop conflicting set_bias_level power setting
ASoC: tas2764: Fix mute/unmute
platform/x86: msi-laptop: Fix old-ec check for backlight registering
platform/x86: msi-laptop: Fix resource cleanup
drm: fix drm_mipi_dbi build errors
drm/bridge: megachips: Fix a null pointer dereference bug
ASoC: rsnd: Add check for rsnd_mod_power_on
ALSA: hda: beep: Simplify keep-power-at-enable behavior
drm/omap: dss: Fix refcount leak bugs
mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx
drm/msm/dp: correct 1.62G link rate at dp_catalog_ctrl_config_msa()
ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
ALSA: dmaengine: increment buffer pointer atomically
mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
ALSA: hda/hdmi: Don't skip notification handling during PM operation
memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
memory: of: Fix refcount leak bug in of_get_ddr_timings()
memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
soc: qcom: smem_state: Add refcounting for the 'state->of_node'
ARM: dts: turris-omnia: Fix mpp26 pin name and comment
ARM: dts: kirkwood: lsxl: fix serial line
ARM: dts: kirkwood: lsxl: remove first ethernet port
ia64: export memory_add_physaddr_to_nid to fix cxl build error
soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA
ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
ARM: Drop CMDLINE_* dependency on ATAGS
arm64: ftrace: fix module PLTs with mcount
ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
iio: adc: at91-sama5d2_adc: check return status for pressure and touch
iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
iio: adc: at91-sama5d2_adc: disable/prepare buffer on suspend/resume
iio: inkern: only release the device node when done with it
iio: ABI: Fix wrong format of differential capacitance channel ABI.
usb: ch9: Add USB 3.2 SSP attributes
usb: common: Parse for USB SSP genXxY
usb: common: add function to get interval expressed in us unit
usb: common: move function's kerneldoc next to its definition
usb: common: debug: Check non-standard control requests
clk: meson: Hold reference returned by of_get_parent()
clk: oxnas: Hold reference returned by of_get_parent()
clk: qoriq: Hold reference returned by of_get_parent()
clk: berlin: Add of_node_put() for of_get_parent()
clk: sprd: Hold reference returned by of_get_parent()
clk: tegra: Fix refcount leak in tegra210_clock_init
clk: tegra: Fix refcount leak in tegra114_clock_init
clk: tegra20: Fix refcount leak in tegra20_clock_init
HSI: omap_ssi: Fix refcount leak in ssi_probe
HSI: omap_ssi_port: Fix dma_map_sg error check
media: exynos4-is: fimc-is: Add of_node_put() when breaking out of loop
tty: xilinx_uartps: Fix the ignore_status
media: meson: vdec: add missing clk_disable_unprepare on error in vdec_hevc_start()
media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
RDMA/rxe: Fix "kernel NULL pointer dereference" error
RDMA/rxe: Fix the error caused by qp->sk
misc: ocxl: fix possible refcount leak in afu_ioctl()
fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
dmaengine: hisilicon: Disable channels when unregister hisi_dma
dmaengine: hisilicon: Fix CQ head update
dmaengine: hisilicon: Add multi-thread support for a DMA channel
dyndbg: fix static_branch manipulation
dyndbg: fix module.dyndbg handling
dyndbg: let query-modname override actual module name
dyndbg: drop EXPORTed dynamic_debug_exec_queries
mtd: devices: docg3: check the return value of devm_ioremap() in the probe
mtd: rawnand: fsl_elbc: Fix none ECC mode
RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
ata: fix ata_id_sense_reporting_enabled() and ata_id_has_sense_reporting()
ata: fix ata_id_has_devslp()
ata: fix ata_id_has_ncq_autosense()
ata: fix ata_id_has_dipm()
mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
md: Replace snprintf with scnprintf
md/raid5: Ensure stripe_fill happens on non-read IO with journal
RDMA/cm: Use SLID in the work completion as the DLID in responder side
IB: Set IOVA/LENGTH on IB_MR in core/uverbs layers
xhci: Don't show warning for reinit on known broken suspend
usb: gadget: function: fix dangling pnp_string in f_printer.c
drivers: serial: jsm: fix some leaks in probe
serial: 8250: Add an empty line and remove some useless {}
serial: 8250: Toggle IER bits on only after irq has been set up
tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown
phy: qualcomm: call clk_disable_unprepare in the error handling
staging: vt6655: fix some erroneous memory clean-up loops
firmware: google: Test spinlock on panic path to avoid lockups
serial: 8250: Fix restoring termios speed after suspend
scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername()
clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
fsi: core: Check error number after calling ida_simple_get
mfd: intel_soc_pmic: Fix an error handling path in intel_soc_pmic_i2c_probe()
mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
mfd: lp8788: Fix an error handling path in lp8788_probe()
mfd: lp8788: Fix an error handling path in lp8788_irq_init() and lp8788_irq_init()
mfd: fsl-imx25: Fix check for platform_get_irq() errors
mfd: sm501: Add check for platform_driver_register()
clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
dmaengine: ioat: stop mod_timer from resurrecting deleted timer in __cleanup()
spmi: pmic-arb: correct duplicate APID to PPID mapping logic
clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD
clk: baikal-t1: Fix invalid xGMAC PTP clock divider
clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
clk: baikal-t1: Add SATA internal ref clock buffer
clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
clk: ast2600: BCLK comes from EPLL
mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
powerpc/math_emu/efp: Include module.h
powerpc/sysdev/fsl_msi: Add missing of_node_put()
powerpc/pci_dn: Add missing of_node_put()
powerpc/powernv: add missing of_node_put() in opal_export_attrs()
x86/hyperv: Fix 'struct hv_enlightened_vmcs' definition
powerpc/64s: Fix GENERIC_CPU build flags for PPC970 / G5
powerpc: Fix SPE Power ISA properties for e500v1 platforms
crypto: sahara - don't sleep when in softirq
crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
hwrng: imx-rngc - Moving IRQ handler registering after imx_rngc_irq_mask_clear()
cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
iommu/omap: Fix buffer overflow in debugfs
crypto: akcipher - default implementation for setting a private key
crypto: ccp - Release dma channels before dmaengine unrgister
crypto: inside-secure - Change swab to swab32
crypto: qat - fix use of 'dma_map_single'
crypto: qat - use pre-allocated buffers in datapath
crypto: qat - fix DMA transfer direction
iommu/iova: Fix module config properly
tracing: kprobe: Fix kprobe event gen test module on exit
tracing: kprobe: Make gen test module work in arm and riscv
kbuild: remove the target in signal traps when interrupted
kbuild: rpm-pkg: fix breakage when V=1 is used
crypto: marvell/octeontx - prevent integer overflows
crypto: cavium - prevent integer overflow loading firmware
thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
f2fs: fix race condition on setting FI_NO_EXTENT flag
f2fs: fix to avoid REQ_TIME and CP_TIME collision
f2fs: fix to account FS_CP_DATA_IO correctly
selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
rcu: Back off upon fill_page_cache_func() allocation failure
rcu-tasks: Convert RCU_LOCKDEP_WARN() to WARN_ONCE()
ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
MIPS: BCM47XX: Cast memcmp() of function to (void *)
powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
x86/entry: Work around Clang __bdos() bug
NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data
NFSD: fix use-after-free on source server when doing inter-server copy
wifi: brcmfmac: fix invalid address access when enabling SCAN log level
bpftool: Clear errno after libcap's checks
openvswitch: Fix double reporting of drops in dropwatch
openvswitch: Fix overreporting of drops in dropwatch
tcp: annotate data-race around tcp_md5sig_pool_populated
wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
xfrm: Update ipcomp_scratches with NULL when freed
wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
regulator: core: Prevent integer underflow
Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
can: bcm: check the result of can_send() in bcm_can_tx()
wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
wifi: rt2x00: set VGC gain for both chains of MT7620
wifi: rt2x00: set SoC wmac clock register
wifi: rt2x00: correctly set BBP register 86 for MT7620
net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory
Bluetooth: L2CAP: Fix user-after-free
r8152: Rate limit overflow messages
drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
drm: Use size_t type for len variable in drm_copy_field()
drm: Prevent drm_copy_field() to attempt copying a NULL pointer
gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()
drm/amd/display: fix overflow on MIN_I64 definition
udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
drm: bridge: dw_hdmi: only trigger hotplug event on link change
drm/vc4: vec: Fix timings for VEC modes
drm: panel-orientation-quirks: Add quirk for Anbernic Win600
platform/chrome: cros_ec: Notify the PM of wake events during resume
platform/x86: msi-laptop: Change DMI match / alias strings to fix module autoloading
ASoC: SOF: pci: Change DMI match info to support all Chrome platforms
drm/amdgpu: fix initial connector audio value
drm/meson: explicitly remove aggregate driver at module unload time
mmc: sdhci-msm: add compatible string check for sdm670
drm/dp: Don't rewrite link config when setting phy test pattern
drm/amd/display: Remove interface for periodic interrupt 1
ARM: dts: imx7d-sdb: config the max pressure for tsc2046
ARM: dts: imx6q: add missing properties for sram
ARM: dts: imx6dl: add missing properties for sram
ARM: dts: imx6qp: add missing properties for sram
ARM: dts: imx6sl: add missing properties for sram
ARM: dts: imx6sll: add missing properties for sram
ARM: dts: imx6sx: add missing properties for sram
kselftest/arm64: Fix validatation termination record after EXTRA_CONTEXT
arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power supply
btrfs: scrub: try to fix super block errors
clk: zynqmp: Fix stack-out-of-bounds in strncpy`
media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
usb: host: xhci-plat: suspend and resume clocks
usb: host: xhci-plat: suspend/resume clks for brcm
scsi: 3w-9xxx: Avoid disabling device if failing to enable it
nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
staging: vt6655: fix potential memory leak
blk-throttle: prevent overflow while calculating wait time
ata: libahci_platform: Sanity check the DT child nodes number
bcache: fix set_at_max_writeback_rate() for multiple attached devices
soundwire: cadence: Don't overwrite msg->buf during write commands
soundwire: intel: fix error handling on dai registration issues
HID: roccat: Fix use-after-free in roccat_read()
md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d
usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
usb: musb: Fix musb_gadget.c rxstate overflow bug
Revert "usb: storage: Add quirk for Samsung Fit flash"
staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
nvme: copy firmware_rev on each init
nvmet-tcp: add bounds check on Transfer Tag
usb: idmouse: fix an uninit-value in idmouse_open
clk: bcm2835: Make peripheral PLLC critical
perf intel-pt: Fix segfault in intel_pt_print_info() with uClibc
arm64: topology: fix possible overflow in amu_fie_setup()
io_uring: correct pinned_vm accounting
io_uring/af_unix: defer registered files gc to io_uring release
mm: hugetlb: fix UAF in hugetlb_handle_userfault
net: ieee802154: return -EINVAL for unknown addr type
Revert "net/ieee802154: reject zero-sized raw_sendmsg()"
net/ieee802154: don't warn zero-sized raw_sendmsg()
Revert "drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega"
Revert "drm/amdgpu: use dirty framebuffer helper"
ext4: continue to expand file system when the target size doesn't reach
inet: fully convert sk->sk_rx_dst to RCU rules
thermal: intel_powerclamp: Use first online CPU as control_cpu
f2fs: fix wrong condition to trigger background checkpoint correctly
gcov: support GCC 12.1 and newer compilers
Revert "drm/amdgpu: make sure to init common IP before gmc"
Linux 5.10.150
Change-Id: I54f32f1f0149ec614c8bc7944e15adb5d80cd51a
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Muchun Song
|
2357d700f8 |
UPSTREAM: mm: kfence: fix missing objcg housekeeping for SLAB
The objcg is not cleared and put for kfence object when it is freed, which could lead to memory leak for struct obj_cgroup and wrong statistics of NR_SLAB_RECLAIMABLE_B or NR_SLAB_UNRECLAIMABLE_B. Since the last freed object's objcg is not cleared, mem_cgroup_from_obj() could return the wrong memcg when this kfence object, which is not charged to any objcgs, is reallocated to other users. A real word issue [1] is caused by this bug. Bug: 254441685 Link: https://lore.kernel.org/all/000000000000cabcb505dae9e577@google.com/ [1] Reported-by: syzbot+f8c45ccc7d5d45fc5965@syzkaller.appspotmail.com Fixes: d3fb45f370d9 ("mm, kfence: insert KFENCE hooks for SLAB") Signed-off-by: Muchun Song <songmuchun@bytedance.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Marco Elver <elver@google.com> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit ae085d7f9365de7da27ab5c0d16b12d51ea7fca9) Signed-off-by: Lee Jones <joneslee@google.com> Change-Id: If17f6048e312e0cf78d01f7c122b84b3fb4a58d8 |
||
|
Suren Baghdasaryan
|
f55885db0c |
UPSTREAM: mm: fix use-after-free bug when mm->mmap is reused after being freed
oom reaping (__oom_reap_task_mm) relies on a 2 way synchronization with exit_mmap. First it relies on the mmap_lock to exclude from unlock path[1], page tables tear down (free_pgtables) and vma destruction. This alone is not sufficient because mm->mmap is never reset. For historical reasons[2] the lock is taken there is also MMF_OOM_SKIP set for oom victims before. The oom reaper only ever looks at oom victims so the whole scheme works properly but process_mrelease can opearate on any task (with fatal signals pending) which doesn't really imply oom victims. That means that the MMF_OOM_SKIP part of the synchronization doesn't work and it can see a task after the whole address space has been demolished and traverse an already released mm->mmap list. This leads to use after free as properly caught up by KASAN report. Fix the issue by reseting mm->mmap so that MMF_OOM_SKIP synchronization is not needed anymore. The MMF_OOM_SKIP is not removed from exit_mmap yet but it acts mostly as an optimization now. [1] |
||
Rik van Riel
|
568e3812b1 |
mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
commit 12df140f0bdfae5dcfc81800970dd7f6f632e00c upstream.
The h->*_huge_pages counters are protected by the hugetlb_lock, but
alloc_huge_page has a corner case where it can decrement the counter
outside of the lock.
This could lead to a corrupted value of h->resv_huge_pages, which we have
observed on our systems.
Take the hugetlb_lock before decrementing h->resv_huge_pages to avoid a
potential race.
Link: https://lkml.kernel.org/r/20221017202505.0e6a4fcd@imladris.surriel.com
Fixes:
|
||
Yuanzheng Song
|
935a8b6202 |
mm/memory: add non-anonymous page check in the copy_present_page()
The vma->anon_vma of the child process may be NULL because
the entire vma does not contain anonymous pages. In this
case, a BUG will occur when the copy_present_page() passes
a copy of a non-anonymous page of that vma to the
page_add_new_anon_rmap() to set up new anonymous rmap.
------------[ cut here ]------------
kernel BUG at mm/rmap.c:1044!
Internal error: Oops - BUG: 0 [#1] SMP
Modules linked in:
CPU: 2 PID: 3617 Comm: test Not tainted 5.10.149 #1
Hardware name: linux,dummy-virt (DT)
pstate: 80000005 (Nzcv daif -PAN -UAO -TCO BTYPE=--)
pc : __page_set_anon_rmap+0xbc/0xf8
lr : __page_set_anon_rmap+0xbc/0xf8
sp : ffff800014c1b870
x29: ffff800014c1b870 x28: 0000000000000001
x27: 0000000010100073 x26: ffff1d65c517baa8
x25: ffff1d65cab0f000 x24: ffff1d65c416d800
x23: ffff1d65cab5f248 x22: 0000000020000000
x21: 0000000000000001 x20: 0000000000000000
x19: fffffe75970023c0 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000
x15: 0000000000000000 x14: 0000000000000000
x13: 0000000000000000 x12: 0000000000000000
x11: 0000000000000000 x10: 0000000000000000
x9 : ffffc3096d5fb858 x8 : 0000000000000000
x7 : 0000000000000011 x6 : ffff5a5c9089c000
x5 : 0000000000020000 x4 : ffff5a5c9089c000
x3 : ffffc3096d200000 x2 : ffffc3096e8d0000
x1 : ffff1d65ca3da740 x0 : 0000000000000000
Call trace:
__page_set_anon_rmap+0xbc/0xf8
page_add_new_anon_rmap+0x1e0/0x390
copy_pte_range+0xd00/0x1248
copy_page_range+0x39c/0x620
dup_mmap+0x2e0/0x5a8
dup_mm+0x78/0x140
copy_process+0x918/0x1a20
kernel_clone+0xac/0x638
__do_sys_clone+0x78/0xb0
__arm64_sys_clone+0x30/0x40
el0_svc_common.constprop.0+0xb0/0x308
do_el0_svc+0x48/0xb8
el0_svc+0x24/0x38
el0_sync_handler+0x160/0x168
el0_sync+0x180/0x1c0
Code: 97f8ff85 f9400294 17ffffeb 97f8ff82 (d4210000)
---[ end trace a972347688dc9bd4 ]---
Kernel panic - not syncing: Oops - BUG: Fatal exception
SMP: stopping secondary CPUs
Kernel Offset: 0x43095d200000 from 0xffff800010000000
PHYS_OFFSET: 0xffffe29a80000000
CPU features: 0x08200022,61806082
Memory Limit: none
---[ end Kernel panic - not syncing: Oops - BUG: Fatal exception ]---
This problem has been fixed by the commit <fb3d824d1a46>
("mm/rmap: split page_dup_rmap() into page_dup_file_rmap()
and page_try_dup_anon_rmap()"), but still exists in the
linux-5.10.y branch.
This patch is not applicable to this version because
of the large version differences. Therefore, fix it by
adding non-anonymous page check in the copy_present_page().
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Jann Horn
|
4e5c3aad56 |
UPSTREAM: mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
This is a stable-specific patch.
I botched the stable-specific rewrite of
commit b67fbebd4cf98 ("mmu_gather: Force tlb-flush VM_PFNMAP vmas"):
As Hugh pointed out, unmap_region() actually operates on a list of VMAs,
and the variable "vma" merely points to the first VMA in that list.
So if we want to check whether any of the VMAs we're operating on is
PFNMAP or MIXEDMAP, we have to iterate through the list and check each VMA.
Bug: 245812080
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 3998dc50ebdc127ae79b10992856fb76debc2005)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: Ib8ddb51815e53f42daec5d98a196866a078a7550
|
||
|
Jann Horn
|
89fc774058 |
UPSTREAM: mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
commit b67fbebd4cf980aecbcc750e1462128bffe8ae15 upstream.
Some drivers rely on having all VMAs through which a PFN might be
accessible listed in the rmap for correctness.
However, on X86, it was possible for a VMA with stale TLB entries
to not be listed in the rmap.
This was fixed in mainline with
commit b67fbebd4cf9 ("mmu_gather: Force tlb-flush VM_PFNMAP vmas"),
but that commit relies on preceding refactoring in
commit 18ba064e42df3 ("mmu_gather: Let there be one tlb_{start,end}_vma()
implementation") and commit 1e9fdf21a4339 ("mmu_gather: Remove per arch
tlb_{start,end}_vma()").
This patch provides equivalent protection without needing that
refactoring, by forcing a TLB flush between removing PTEs in
unmap_vmas() and the call to unlink_file_vma() in free_pgtables().
Bug: 245812080
[This is a stable-specific rewrite of the upstream commit!]
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: Ic29df5cfb76676aa87a14619dd19aba301580507
|
||
|
Greg Kroah-Hartman
|
0118fb827b |
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
Sync up with android12-5.10 for the following commits: |
||
Liu Shixin
|
45c3396675 |
mm: hugetlb: fix UAF in hugetlb_handle_userfault
commit 958f32ce832ba781ac20e11bb2d12a9352ea28fc upstream.
The vma_lock and hugetlb_fault_mutex are dropped before handling userfault
and reacquire them again after handle_userfault(), but reacquire the
vma_lock could lead to UAF[1,2] due to the following race,
hugetlb_fault
hugetlb_no_page
/*unlock vma_lock */
hugetlb_handle_userfault
handle_userfault
/* unlock mm->mmap_lock*/
vm_mmap_pgoff
do_mmap
mmap_region
munmap_vma_range
/* clean old vma */
/* lock vma_lock again <--- UAF */
/* unlock vma_lock */
Since the vma_lock will unlock immediately after
hugetlb_handle_userfault(), let's drop the unneeded lock and unlock in
hugetlb_handle_userfault() to fix the issue.
[1] https://lore.kernel.org/linux-mm/000000000000d5e00a05e834962e@google.com/
[2] https://lore.kernel.org/linux-mm/20220921014457.1668-1-liuzixian4@huawei.com/
Link: https://lkml.kernel.org/r/20220923042113.137273-1-liushixin2@huawei.com
Fixes:
|
||
Carlos Llamas
|
a3c08c0217 |
mm/mmap: undo ->mmap() when arch_validate_flags() fails
commit deb0f6562884b5b4beb883d73e66a7d3a1b96d99 upstream. Commit |
||
Peifeng Li
|
af699fd6a2 |
ANDROID: vendor_hook: skip trace_android_vh_page_trylock_set when ignore_references is true
Avoid async-reclaim to cause to reclaim-delay when ignore_references is true. Bug: 240003372 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: Iaf50bd4ac53f748da0dac93324c6d94de11e01e9 |
||
Bing Han
|
09f4246296 |
ANDROID: sched: add restricted hooks to replace the former hooks
Fix Bug: scheduling while atomic In these vendor hooks, we will perform schedule due to competion. This will lead to kernel exception. To solve this problem, we need to add these restrcted hooks to replace the former regular vendor hooks. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I151125a7119a91d1339d4790a68a6a4796d673e3 |
||
|
Greg Kroah-Hartman
|
c1e111543d |
This is the 5.10.148 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmNKS3sACgkQONu9yGCS
aT6DphAAtZL2kn9sdtQM15lm60MXWNEemk7C3TbZdqyAp8N8XqYWPOuKhcVwc+pT
xhfl7ygVpyAVVQtQL88sYcBSOkO2KYOJp3NCT0iMRgdpe5zNWqAW3W2i6GIas+qy
fU9o8YMdXupzRUh+9nGIvtmlXitVJqtl6Ec2hIC+HSEnWHUh8tB6yIT2EIbRvyzl
aaaE4nTTeM8skU1Se8iLuWnwcoGmGU9NuLEOO8ZtX0c7aReLPB1VeWFo/lRrolP1
27k84tpbb32E4ZzTtRk7Zin06u3LVAKVUp1OIa0OWKEQ42W6AAa/Hvo8TIjT9mAN
hBSdg+xHGq3x1QOEGB5t1j8cny/tyJyrtTj62WEotd/jEt42dRG3cSTvWhgqiPGC
WR8Mmxo8wk1iVDIrZG9wQJcJut2Q6x2YEaoJWOSmBC0ZmgFKQ7BHF5rQ3zhT88BA
rK+rx81oFTsA7fEKmMO2OTpOawTuCa1fHgTzIn4gq4iXC1ZLNO7RBvx2VfcmZdBl
E45RnnmY3bStDnIqi/x0+lCqLMPyfocoOPG7FOSjSgMZx9v52sK7Acv87pgGLVvR
GpIPLhHfLwKEkcsaiDJ4X7Tp18QqVYlUaGhUOIRCGGWRf59SX2Mx7dGkP1xjXnWy
WrWnBXgnXvS+c/g+KOPEaGjgzepZVneP7hOJ7pTjHoYTBE5mImE=
=f9Y7
-----END PGP SIGNATURE-----
Merge 5.10.148 into android12-5.10-lts
Changes in 5.10.148
nilfs2: fix NULL pointer dereference at nilfs_bmap_lookup_at_level()
nilfs2: fix use-after-free bug of struct nilfs_root
nilfs2: fix leak of nilfs_root in case of writer thread creation failure
nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure
ceph: don't truncate file in atomic_open
Makefile.extrawarn: Move -Wcast-function-type-strict to W=1
docs: update mediator information in CoC docs
perf tools: Fixup get_current_dir_name() compilation
xsk: Inherit need_wakeup flag for shared sockets
ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC
mm: gup: fix the fast GUP race against THP collapse
powerpc/64s/radix: don't need to broadcast IPI for radix pmd collapse flush
fs: fix UAF/GPF bug in nilfs_mdt_destroy
compiler_attributes.h: move __compiletime_{error|warning}
firmware: arm_scmi: Add SCMI PM driver remove routine
dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource error handling
dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent API failure
ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
scsi: qedf: Fix a UAF bug in __qedf_probe()
net/ieee802154: fix uninit value bug in dgram_sendmsg
ALSA: hda/hdmi: Fix the converter reuse for the silent stream
um: Cleanup syscall_handler_t cast in syscalls_32.h
um: Cleanup compiler warning in arch/x86/um/tls_32.c
arch: um: Mark the stack non-executable to fix a binutils warning
net: atlantic: fix potential memory leak in aq_ndev_close()
drm/amd/display: update gamut remap if plane has changed
drm/amd/display: skip audio setup when audio stream is enabled
mmc: core: Replace with already defined values for readability
mmc: core: Terminate infinite loop in SD-UHS voltage switch
usb: mon: make mmapped memory read only
USB: serial: ftdi_sio: fix 300 bps rate for SIO
rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
Revert "clk: ti: Stop using legacy clkctrl names for omap4 and 5"
random: restore O_NONBLOCK support
random: clamp credited irq bits to maximum mixed
ALSA: hda: Fix position reporting on Poulsbo
efi: Correct Macmini DMI match in uefi cert quirk
scsi: stex: Properly zero out the passthrough command structure
USB: serial: qcserial: add new usb-id for Dell branded EM7455
random: avoid reading two cache lines on irq randomness
random: use expired timer rather than wq for mixing fast pool
wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
wifi: cfg80211/mac80211: reject bad MBSSID elements
wifi: cfg80211: ensure length byte is present before access
wifi: cfg80211: fix BSS refcounting bugs
wifi: cfg80211: avoid nontransmitted BSS list corruption
wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
wifi: mac80211: fix crash in beacon protection for P2P-device
wifi: cfg80211: update hidden BSSes to avoid WARN_ON
Input: xpad - add supported devices as contributed on github
Input: xpad - fix wireless 360 controller breaking after suspend
misc: pci_endpoint_test: Aggregate params checking for xfer
misc: pci_endpoint_test: Fix pci_endpoint_test_{copy,write,read}() panic
Linux 5.10.148
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ieced30eaa00066cb2fc36836250f8f0a553f490f
|
||
Yang Shi
|
377c60dd32 |
mm: gup: fix the fast GUP race against THP collapse
commit 70cbc3cc78a997d8247b50389d37c4e1736019da upstream. Since general RCU GUP fast was introduced in commit |
||
Minchan Kim
|
c35cda5280 |
BACKPORT: mm: don't be stuck to rmap lock on reclaim path
The rmap locks(i_mmap_rwsem and anon_vma->root->rwsem) could be contended
under memory pressure if processes keep working on their vmas(e.g., fork,
mmap, munmap). It makes reclaim path stuck. In our real workload traces,
we see kswapd is waiting the lock for 300ms+(worst case, a sec) and it
makes other processes entering direct reclaim, which were also stuck on
the lock.
This patch makes lru aging path try_lock mode like shink_page_list so the
reclaim context will keep working with next lru pages without being stuck.
if it found the rmap lock contended, it rotates the page back to head of
lru in both active/inactive lrus to make them consistent behavior, which
is basic starting point rather than adding more heristic.
Since this patch introduces a new "contended" field as out-param along
with try_lock in-param in rmap_walk_control, it's not immutable any longer
if the try_lock is set so remove const keywords on rmap related functions.
Since rmap walking is already expensive operation, I doubt the const
would help sizable benefit( And we didn't have it until 5.17).
In a heavy app workload in Android, trace shows following statistics. It
almost removes rmap lock contention from reclaim path.
Martin Liu reported:
Before:
max_dur(ms) min_dur(ms) max-min(dur)ms avg_dur(ms) sum_dur(ms) count blocked_function
1632 0 1631 151.542173 31672 209 page_lock_anon_vma_read
601 0 601 145.544681 28817 198 rmap_walk_file
After:
max_dur(ms) min_dur(ms) max-min(dur)ms avg_dur(ms) sum_dur(ms) count blocked_function
NaN NaN NaN NaN NaN 0.0 NaN
0 0 0 0.127645 1 12 rmap_walk_file
[minchan@kernel.org: add comment, per Matthew]
Link: https://lkml.kernel.org/r/YnNqeB5tUf6LZ57b@google.com
Link: https://lkml.kernel.org/r/20220510215423.164547-1-minchan@kernel.org
Signed-off-by: Minchan Kim <minchan@kernel.org>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: John Dias <joaodias@google.com>
Cc: Tim Murray <timmurray@google.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Vladimir Davydov <vdavydov.dev@gmail.com>
Cc: Martin Liu <liumartin@google.com>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Conflicts:
folio->page
(cherry picked from commit 6d4675e601357834dadd2ba1d803f6484596015c)
Bug: 239681156
Bug: 252333201
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I0c63e0291120c8a1b5f2d83b8a7b210cb56c27a2
Signed-off-by: chenxin <chenxinxin@xiaomi.corp-partner.google.com>
|
||
|
Greg Kroah-Hartman
|
bc7618b493 |
This is the 5.10.147 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmM9QpgACgkQONu9yGCS aT7hyBAAoFVZrmAekRm6bQp1JBk5zMbZ8tYl4LgtYOncxLBgpf4d3fFXBtL75i45 Guc+CDVqcmE3lkBlq4Z6IxmbvHSRsn0r9HyDN5zP5HuYYQmECDU7wpO4OTpv3gBC +A38tbjVGSsUzJvfXZF07np4NNjxbFtfu19aRBJ9ztX/DMoXxi0+KUtwPPdwN9Tt L2Y2T54fI1GsrhqtaS+yD5XVTZUvOy6TPvBd+wvL5UfbhQRX4M5hjOSdbj6qzv4R qrI55rtAFqe6q+d3afta4qE6MdZM19pB03/CPPQBST/YITWSzwpIbHkE2Oj+h2QE h9anubbw67Ob/HFU1NIaU0GONIlogONFs6SeK2cLoNTU3WedxWQK0G2ny4qdkev+ jqo8/oEq8eNbt1Orido5ruwp+draMbpVUZfP9tJ2rx7p7nddWh1GPi1vf5VAm/Hh 3wEbSprolG8ptR2nyvLxCDj6vY3WGSn7GRrje9Wemencutp9277hocrXuL8YQC5u kOlVqo5Ju3kNHC5flOQO+gdtp9oUz9jPZNiwYfM8M3i1/WYSpSdIg4Mz1TK10beh U84izz7ZFFeI8WxhGQlEC9eWqsDTzmgOVbDiNsl19MdaPXM+yswwtpkNUV+/xVBe qoj6mfnI8gSxKfmBG/quw/OcHzrOuxPmPPKvenr+iK3mL2ebBV4= =L2ke -----END PGP SIGNATURE----- Merge 5.10.147 into android12-5.10-lts Changes in 5.10.147 thunderbolt: Add support for Intel Maple Ridge thunderbolt: Add support for Intel Maple Ridge single port controller ALSA: hda/tegra: Use clk_bulk helpers ALSA: hda/tegra: Reset hardware ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically ALSA: hda: Fix Nvidia dp infoframe btrfs: fix hang during unmount when stopping a space reclaim worker uas: add no-uas quirk for Hiksemi usb_disk usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS uas: ignore UAS for Thinkplus chips usb: typec: ucsi: Remove incorrect warning thunderbolt: Explicitly reset plug events delay back to USB4 spec value net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address clk: ingenic-tcu: Properly enable registers before accessing timers ARM: dts: integrator: Tag PCI host with device_type ntfs: fix BUG_ON in ntfs_lookup_inode_by_name() net: mt7531: only do PLL once after the reset libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 mmc: moxart: fix 4-bit bus width and remove 8-bit bus width mmc: hsq: Fix data stomping during mmc recovery mm/page_alloc: fix race condition between build_all_zonelists and page allocation mm: prevent page_frag_alloc() from corrupting the memory mm/migrate_device.c: flush TLB while holding PTL mm: fix madivse_pageout mishandling on non-LRU page media: dvb_vb2: fix possible out of bound access media: rkvdec: Disable H.264 error detection swiotlb: max mapping size takes min align mask into account scsi: hisi_sas: Revert "scsi: hisi_sas: Limit max hw sectors for v3 HW" ARM: dts: am33xx: Fix MMCHS0 dma properties reset: imx7: Fix the iMX8MP PCIe PHY PERST support soc: sunxi: sram: Actually claim SRAM regions soc: sunxi: sram: Prevent the driver from being unbound soc: sunxi_sram: Make use of the helper function devm_platform_ioremap_resource() soc: sunxi: sram: Fix probe function ordering issues soc: sunxi: sram: Fix debugfs info for A64 SRAM C ASoC: tas2770: Reinit regcache on reset Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" Input: melfas_mip4 - fix return value check in mip4_probe() usbnet: Fix memory leak in usbnet_disconnect() net: sched: act_ct: fix possible refcount leak in tcf_ct_init() cxgb4: fix missing unlock on ETHOFLD desc collect fail path nvme: add new line after variable declatation nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices net: stmmac: power up/down serdes in stmmac_open/release selftests: Fix the if conditions of in test_extra_filter() clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks clk: iproc: Do not rely on node name for correct PLL setup KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest x86/alternative: Fix race in try_get_desc() ALSA: hda/hdmi: fix warning about PCM count when used with SOF Linux 5.10.147 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie6bbda212478a9c78498458b61e39200e6637f31 |
||
|
Minchan Kim
|
be2cd261ca |
mm: fix madivse_pageout mishandling on non-LRU page
commit 58d426a7ba92870d489686dfdb9d06b66815a2ab upstream.
MADV_PAGEOUT tries to isolate non-LRU pages and gets a warning from
isolate_lru_page below.
Fix it by checking PageLRU in advance.
------------[ cut here ]------------
trying to isolate tail page
WARNING: CPU: 0 PID: 6175 at mm/folio-compat.c:158 isolate_lru_page+0x130/0x140
Modules linked in:
CPU: 0 PID: 6175 Comm: syz-executor.0 Not tainted 5.18.12 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:isolate_lru_page+0x130/0x140
Link: https://lore.kernel.org/linux-mm/485f8c33.2471b.182d5726afb.Coremail.hantianshuo@iie.ac.cn/
Link: https://lkml.kernel.org/r/20220908151204.762596-1-minchan@kernel.org
Fixes:
|
||
Alistair Popple
|
1002d5fef4 |
mm/migrate_device.c: flush TLB while holding PTL
commit 60bae73708963de4a17231077285bd9ff2f41c44 upstream.
When clearing a PTE the TLB should be flushed whilst still holding the PTL
to avoid a potential race with madvise/munmap/etc. For example consider
the following sequence:
CPU0 CPU1
---- ----
migrate_vma_collect_pmd()
pte_unmap_unlock()
madvise(MADV_DONTNEED)
-> zap_pte_range()
pte_offset_map_lock()
[ PTE not present, TLB not flushed ]
pte_unmap_unlock()
[ page is still accessible via stale TLB ]
flush_tlb_range()
In this case the page may still be accessed via the stale TLB entry after
madvise returns. Fix this by flushing the TLB while holding the PTL.
Fixes:
|
||
Maurizio Lombardi
|
a54fc53691 |
mm: prevent page_frag_alloc() from corrupting the memory
commit dac22531bbd4af2426c4e29e05594415ccfa365d upstream.
A number of drivers call page_frag_alloc() with a fragment's size >
PAGE_SIZE.
In low memory conditions, __page_frag_cache_refill() may fail the order
3 cache allocation and fall back to order 0; In this case, the cache
will be smaller than the fragment, causing memory corruptions.
Prevent this from happening by checking if the newly allocated cache is
large enough for the fragment; if not, the allocation will fail and
page_frag_alloc() will return NULL.
Link: https://lkml.kernel.org/r/20220715125013.247085-1-mlombard@redhat.com
Fixes:
|
||
Mel Gorman
|
466a26af2d |
mm/page_alloc: fix race condition between build_all_zonelists and page allocation
commit 3d36424b3b5850bd92f3e89b953a430d7cfc88ef upstream. Patrick Daly reported the following problem; NODE_DATA(nid)->node_zonelists[ZONELIST_FALLBACK] - before offline operation [0] - ZONE_MOVABLE [1] - ZONE_NORMAL [2] - NULL For a GFP_KERNEL allocation, alloc_pages_slowpath() will save the offset of ZONE_NORMAL in ac->preferred_zoneref. If a concurrent memory_offline operation removes the last page from ZONE_MOVABLE, build_all_zonelists() & build_zonerefs_node() will update node_zonelists as shown below. Only populated zones are added. NODE_DATA(nid)->node_zonelists[ZONELIST_FALLBACK] - after offline operation [0] - ZONE_NORMAL [1] - NULL [2] - NULL The race is simple -- page allocation could be in progress when a memory hot-remove operation triggers a zonelist rebuild that removes zones. The allocation request will still have a valid ac->preferred_zoneref that is now pointing to NULL and triggers an OOM kill. This problem probably always existed but may be slightly easier to trigger due to |
||
|
Greg Kroah-Hartman
|
0e8dfc1216 |
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
Sync up with android12-5.10 for the following commits: |
||
|
Greg Kroah-Hartman
|
1d17080edb |
This is the 5.10.146 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmM0D5YACgkQONu9yGCS
aT60zQ//azKm1LwkEJrXhq9W8RH0qFooR5ktMtD77mX7jznl6QrebRycyD0lj67H
QqkSWLKWocMiGNjCBHA4LS/OXVoMvjfWvdha1ExHO/1fqkM6MVqfy8+z8Tngzky/
iTfaOjA6BSiQNnAyC+LPtJb5dCnvFYHL78+vZ3Kr6xHhX/MBCoTL+pP5bBp82ES+
4N5mirDlLgLxI2d2KCfpwVkaRC+Ylsz5/PLkvzYpXz7RnXLL7PAu/tbHvJpM9qqj
lONQU3av0utXPLzV8FdeejspFdTacG+V9d1AAfXivYQTBI5dyaUEPoR6qkZ4WgsN
zZ6huMi/7Q0uL9QxGvvSqpEMPeq7hikanqFAZsfgNtXLZQM2Th8GyaqhVKtBN31n
75z4dMrV5Whb0K6fo4yOZAzPL/safwHtqtEIsZsgpjCnUKgl0YWyRlmrjQyOdTcI
2DY/wTwf+f+D/U0CNfYd0xrmlDMsRgUQ3pjtT98kLHk0K8VPRySlSvkk9YW0qsLf
4Hc8DCIiVa5lB5Rl8nGTUq0iIl9t17lpfy1Iboibhxay1IUMLBYdRNQ/bnOD2Y0W
ZYimIghn6x0KuvqiQkktzMqtRdlzIhvnu3ytOWBL7hNnVlGaa4kEY8zr0Ia5zwMP
XKA18+ip/qV9qENnrjck/sh69itVR2q2qWa/BlV3cYnQsyTu62Y=
=dY1i
-----END PGP SIGNATURE-----
Merge 5.10.146 into android12-5.10-lts
Changes in 5.10.146
drm/amdgpu: move nbio sdma_doorbell_range() into sdma code for vega
drm/amdgpu: indirect register access for nv12 sriov
drm/amdgpu: Separate vf2pf work item init from virt data exchange
drm/amdgpu: make sure to init common IP before gmc
usb: typec: intel_pmc_mux: Update IOM port status offset for AlderLake
usb: typec: intel_pmc_mux: Add new ACPI ID for Meteor Lake IOM device
usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
usb: dwc3: Issue core soft reset before enabling run/stop
usb: dwc3: gadget: Prevent repeat pullup()
usb: dwc3: gadget: Refactor pullup()
usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop
usb: xhci-mtk: get the microframe boundary for ESIT
usb: xhci-mtk: add only one extra CS for FS/LS INTR
usb: xhci-mtk: use @sch_tt to check whether need do TT schedule
usb: xhci-mtk: add a function to (un)load bandwidth info
usb: xhci-mtk: add some schedule error number
usb: xhci-mtk: allow multiple Start-Split in a microframe
usb: xhci-mtk: relax TT periodic bandwidth allocation
mmc: core: Fix inconsistent sd3_bus_mode at UHS-I SD voltage switch failure
serial: atmel: remove redundant assignment in rs485_config
tty: serial: atmel: Preserve previous USART mode if RS485 disabled
usb: add quirks for Lenovo OneLink+ Dock
usb: gadget: udc-xilinx: replace memcpy with memcpy_toio
usb: cdns3: fix incorrect handling TRB_SMM flag for ISOC transfer
usb: cdns3: fix issue with rearming ISO OUT endpoint
Revert "usb: add quirks for Lenovo OneLink+ Dock"
vfio/type1: Change success value of vaddr_get_pfn()
vfio/type1: Prepare for batched pinning with struct vfio_batch
vfio/type1: Unpin zero pages
Revert "usb: gadget: udc-xilinx: replace memcpy with memcpy_toio"
arm64: Restrict ARM64_BTI_KERNEL to clang 12.0.0 and newer
arm64/bti: Disable in kernel BTI when cross section thunks are broken
USB: core: Fix RST error in hub.c
USB: serial: option: add Quectel BG95 0x0203 composition
USB: serial: option: add Quectel RM520N
ALSA: hda/tegra: set depop delay for tegra
ALSA: hda: add Intel 5 Series / 3400 PCI DID
ALSA: hda/realtek: Add quirk for Huawei WRT-WX9
ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570 laptop
ALSA: hda/realtek: Re-arrange quirk table entries
ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack
ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
ALSA: hda/realtek: Add quirk for ASUS GA503R laptop
ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
iommu/vt-d: Check correct capability for sagaw determination
media: flexcop-usb: fix endpoint type check
efi: x86: Wipe setup_data on pure EFI boot
efi: libstub: check Shim mode using MokSBStateRT
wifi: mt76: fix reading current per-tid starting sequence number for aggregation
gpio: mockup: fix NULL pointer dereference when removing debugfs
gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
riscv: fix a nasty sigreturn bug...
can: flexcan: flexcan_mailbox_read() fix return value for drop = true
mm/slub: fix to return errno if kmalloc() fails
KVM: SEV: add cache flush to solve SEV cache incoherency issues
interconnect: qcom: icc-rpmh: Add BCMs to commit list in pre_aggregate
xfs: fix up non-directory creation in SGID directories
xfs: reorder iunlink remove operation in xfs_ifree
xfs: validate inode fork size against fork format
arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob
drm/mediatek: dsi: Add atomic {destroy,duplicate}_state, reset callbacks
arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz
dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
netfilter: nf_conntrack_irc: Tighten matching on DCC message
netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
iavf: Fix cached head and tail value for iavf_get_tx_pending
ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
net: let flow have same hash in two directions
net: core: fix flow symmetric hash
net: phy: aquantia: wait for the suspend/resume operations to finish
scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB region
scsi: mpt3sas: Fix return value check of dma_get_required_mask()
net: bonding: Share lacpdu_mcast_addr definition
net: bonding: Unsync device addresses on ndo_stop
net: team: Unsync device addresses on ndo_stop
drm/panel: simple: Fix innolux_g121i1_l01 bus_format
MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko
MIPS: Loongson32: Fix PHY-mode being left unspecified
iavf: Fix bad page state
iavf: Fix set max MTU size with port VLAN and jumbo frames
i40e: Fix VF set max MTU size
i40e: Fix set max_tx_rate when it is lower than 1 Mbps
sfc: fix TX channel offset when using legacy interrupts
sfc: fix null pointer dereference in efx_hard_start_xmit
drm/hisilicon/hibmc: Allow to be built if COMPILE_TEST is enabled
drm/hisilicon: Add depends on MMU
of: mdio: Add of_node_put() when breaking out of for_each_xx
net: ipa: fix assumptions about DMA address size
net: ipa: fix table alignment requirement
net: ipa: avoid 64-bit modulus
net: ipa: DMA addresses are nicely aligned
net: ipa: kill IPA_TABLE_ENTRY_SIZE
net: ipa: properly limit modem routing table use
wireguard: ratelimiter: disable timings test by default
wireguard: netlink: avoid variable-sized memcpy on sockaddr
net: enetc: move enetc_set_psfp() out of the common enetc_set_features()
net: socket: remove register_gifconf
net/sched: taprio: avoid disabling offload when it was never enabled
net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs
netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
netfilter: ebtables: fix memory leak when blob is malformed
can: gs_usb: gs_can_open(): fix race dev->can.state condition
perf jit: Include program header in ELF files
perf kcore_copy: Do not check /proc/modules is unchanged
drm/mediatek: dsi: Move mtk_dsi_stop() call back to mtk_dsi_poweroff()
net/smc: Stop the CLC flow if no link to map buffers on
net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD
net: sched: fix possible refcount leak in tc_new_tfilter()
selftests: forwarding: add shebang for sch_red.sh
drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
serial: Create uart_xmit_advance()
serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
usb: xhci-mtk: fix issue of out-of-bounds array access
vfio/type1: fix vaddr_get_pfns() return in vfio_pin_page_external()
drm/amdgpu: Fix check for RAS support
cifs: use discard iterator to discard unneeded network data more efficiently
cifs: always initialize struct msghdr smb_msg completely
Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region
drm/gma500: Fix BUG: sleeping function called from invalid context errors
drm/amdgpu: use dirty framebuffer helper
drm/amd/display: Limit user regamma to a valid value
drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline for stack usage
drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
workqueue: don't skip lockdep work dependency in cancel_work_sync()
i2c: imx: If pm_runtime_get_sync() returned 1 device access is possible
i2c: mlxbf: incorrect base address passed during io write
i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()
i2c: mlxbf: Fix frequency calculation
devdax: Fix soft-reservation memory description
ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
ext4: limit the number of retries after discarding preallocations blocks
ext4: make directory inode spreading reflect flexbg size
Linux 5.10.146
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I45edad7e4191aad7a85278b43fa9909a6253643f
|
||
Treehugger Robot
|
464a3706e6 | Merge "Merge tag 'android12-5.10.136_r00' into android12-5.10" into android12-5.10 | ||
|
Sivasri Kumar, Vanka
|
86f9bee9c0 |
Merge keystone/android12-5.10-keystone-qcom-release.117+ (26604a5) into msm-5.10
* refs/heads/tmp-26604a5: UPSTREAM: usb: dwc3: gadget: Avoid duplicate requests to enable Run/Stop UPSTREAM: usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion BACKPORT: scsi: ufs: core: Increase fDeviceInit poll frequency FROMGIT: f2fs: increase the limit for reserve_root FROMGIT: f2fs: complete checkpoints during remount FROMGIT: f2fs: flush pending checkpoints when freezing super BACKPORT: f2fs: don't get FREEZE lock in f2fs_evict_inode in frozen fs BACKPORT: f2fs: introduce F2FS_IPU_HONOR_OPU_WRITE ipu policy Revert "ANDROID: GKI: signal: Export for __lock_task_sighand" BACKPORT: f2fs: invalidate meta pages only for post_read required inode BACKPORT: f2fs: fix to invalidate META_MAPPING before DIO write BACKPORT: f2fs: invalidate META_MAPPING before IPU/DIO write ANDROID: mm: page_pinner: use page_ext_get/put() to work with page_ext FROMLIST: mm: fix use-after free of page_ext after race with memory-offline ANDROID: vendor_hooks:vendor hook for __alloc_pages_slowpath. ANDROID: GKI: rockchip: add symbol netif_set_xps_queue ANDROID: GKI: Update symbol list Revert "ANDROID: vendor_hooks: tune reclaim scan type for specified mem_cgroup" ANDROID: Fix a build warning inside early_memblock_nomap ANDROID: mm/memory_hotplug: Fix error path handling Revert "ANDROID: add for tuning readahead size" Revert "ANDROID: vendor_hooks: Add hooks for mutex" ANDROID: fix execute bit on android/abi_gki_aarch64_asus ANDROID: avoid huge-page not to clear trylock-bit after shrink_page_list. ANDROID: vendor_hooks: Add hooks for oem futex optimization ANDROID: mm: memblock: avoid to create memmap for memblock nomap regions ANDROID: abi_gki_aarch64_qcom: Add android_vh_disable_thermal_cooling_stats ANDROID: thermal: vendor hook to disable thermal cooling stats ANDROID: GKI: Update symbols to symbol list ANDROID: GKI: rockchip: update fragment file ANDROID: GKI: rockchip: Enable symbols bcmdhd-sdio ANDROID: GKI: rockchip: Update symbols for rga driver BACKPORT: cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock UPSTREAM: cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree ANDROID: GKI: Update symbol list for transsion ANDROID: vendor_hook: Add hook in __free_pages() ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct ANDROID: vendor_hook: Add hook in si_swapinfo() ANDROID: GKI: Update symbols to symbol list ANDROID: Use rq_clock_task without CONFIG_SMP ANDROID: abi_gki_aarch64_qcom: Add skb and scatterlist helpers Revert "ANDROID: vendor_hook: Add hook in si_swapinfo()" Revert "ANDROID: vendor_hooks:vendor hook for pidfd_open" Revert "ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct" Revert "ANDROID: vendor_hooks:vendor hook for mmput" ANDROID: GKI: Update symbols to symbol list ANDROID: Guard rq_clock_task_mult with CONFIG_SMP Revert "ANDROID: vendor_hook: Add hook in __free_pages()" Revert "ANDROID: vendor_hooks: Add hooks for binder" ANDROID: vendor_hook: add hooks to protect locking-tsk in cpu scheduler ANDROID: export reclaim_pages ANDROID: vendor_hook: Add hook to not be stuck ro rmap lock in kswapd or direct_reclaim Change-Id: Id29a9448f424508e3b3e82c4f69959fa9da81699 Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com> |
||
Chao Yu
|
379ac7905f |
mm/slub: fix to return errno if kmalloc() fails
commit 7e9c323c52b379d261a72dc7bd38120a761a93cd upstream.
In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to
out-of-memory, if it fails, return errno correctly rather than
triggering panic via BUG_ON();
kernel BUG at mm/slub.c:5893!
Internal error: Oops - BUG: 0 [#1] PREEMPT SMP
Call trace:
sysfs_slab_add+0x258/0x260 mm/slub.c:5973
__kmem_cache_create+0x60/0x118 mm/slub.c:4899
create_cache mm/slab_common.c:229 [inline]
kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335
kmem_cache_create+0x1c/0x28 mm/slab_common.c:390
f2fs_kmem_cache_create fs/f2fs/f2fs.h:2766 [inline]
f2fs_init_xattr_caches+0x78/0xb4 fs/f2fs/xattr.c:808
f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149
mount_bdev+0x1b8/0x210 fs/super.c:1400
f2fs_mount+0x44/0x58 fs/f2fs/super.c:4512
legacy_get_tree+0x30/0x74 fs/fs_context.c:610
vfs_get_tree+0x40/0x140 fs/super.c:1530
do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040
path_mount+0x358/0x914 fs/namespace.c:3370
do_mount fs/namespace.c:3383 [inline]
__do_sys_mount fs/namespace.c:3591 [inline]
__se_sys_mount fs/namespace.c:3568 [inline]
__arm64_sys_mount+0x2f8/0x408 fs/namespace.c:3568
Cc: <stable@kernel.org>
Fixes:
|
||
|
Greg Kroah-Hartman
|
18cd39b706 |
Merge tag 'android12-5.10.136_r00' into android12-5.10
This is the merge of the upstream LTS release of 5.10.136 into the android12-5.10 branch. It contains the following commits: |
||
|
Pavankumar Kondeti
|
6d04d8ce90 |
ANDROID: vendor_hooks: Allow shared pages reclaim via MADV_PAGEOUT
Add a hook in madvise_cold_or_pageout_pte_range() to allow vendor modules to influence the shared pages reclaim. Bug: 242678506 Change-Id: I269a385b59f7291c2e96478674bb3d05f94584cb Signed-off-by: Pavankumar Kondeti <quic_pkondeti@quicinc.com> |
||
|
Greg Kroah-Hartman
|
7474313da8 |
This is the 5.10.144 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMpmC4ACgkQONu9yGCS aT6Dmw/+ODARHbnaUN1M/E+xmzbU47SUtiZ5JLf15bTA0xrOKndSSl6dHa84AWNi hpcW25f3NBNHQITtLSTkWDyms9z7Mvx3wojzUoA5oB6eYh7o18eGTV/Y8dofqxcK akC4E3i84sZNuo2Z+uNf02zC5QPZ95A+1UMk9umHapOvaxQPLtulzRj+Eij3nx8m x3IFjDdxD4ZvtLUwgTCcMLNn8oxkzz/SeU39kpdpXxwrIW1ER1/RwvDtduZFpb/d YXq6axOjpToaPz4J9RXQqpscT3QxSyO+Pmk1IrDaLRA5YGJH12YaJBdcMNjIGEB3 /jHDoVYaI+DoHBcX2YqfIKhlDoW/ePwKFixQBqFPFQeBJyo6STV8NbtVx/wHQ37L dv8Mcsbxrc2U4ucsUOaY1y6UgJBgZRaNFAVtAbHjaUepp6XFEf250PzqllYEDbBh WBYvrjRJclijE1QtX51xGulbS5MKwKHgUazi0r1R4gjlkO32czg0BfCeqXvuWSh4 qUgqctUTiDD7dM91w9agalJ0IreCvAixO9jdHFcZaXulM/wHDfz3cx7s1MSQ2URi i3Zc+T4FQ8K/ZIh2IxgGqN8pDGKK2tG35DA3gDLPTrlIK3GgIxYUxfRfdnWP89OM auN9xcbTBLWphtZWu51xqm/a3omDgNVJcqJ0fMm2Xj9zeG2kPHM= =3cbn -----END PGP SIGNATURE----- Merge 5.10.144 into android12-5.10-lts Changes in 5.10.144 ARM: dts: imx: align SPI NOR node name with dtschema ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible iommu/vt-d: Correctly calculate sagaw value of IOMMU tracefs: Only clobber mode/uid/gid on remount if asked Input: goodix - add support for GT1158 drm/msm/rd: Fix FIFO-full deadlock HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message tg3: Disable tg3 device on system reboot to avoid triggering AER gpio: mockup: remove gpio debugfs when remove device ieee802154: cc2520: add rc code in cc2520_tx() Input: iforce - add support for Boeder Force Feedback Wheel nvmet-tcp: fix unhandled tcp states in nvmet_tcp_state_change() drm/amd/amdgpu: skip ucode loading if ucode_size == 0 perf/arm_pmu_platform: fix tests for platform_get_irq() failure platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() Revert "x86/ftrace: Use alternative RET encoding" x86/ibt,ftrace: Make function-graph play nice x86/ftrace: Use alternative RET encoding soc: fsl: select FSL_GUTS driver for DPIO Input: goodix - add compatible string for GT1158 Linux 5.10.144 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie5222afc95240a8f4b6b4b42d249a8d00eaf661f |
||
|
Greg Kroah-Hartman
|
3dbfa90b61 |
This is the 5.10.143 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMi8SIACgkQONu9yGCS aT5fNRAAzsIlb9OehdslBs5PcJjQztWRSapzpR+umubzCvVht3HKoPN4EBane+t+ w3y6BUKJEWrTuomO+KpizGzDG82B9kNYkS88TCrZHTu37knH4nl2mze09KGUjz0l A8OgmwfA7DFaZucNQWxmO5m80USMUJoARxT87bQ1edW9L4phquNHpCXnlDbbX15/ La4d6tQWrEHx7LgxhfxCN4UGJCKzp4xDVnedPsicMALYjEZ6kc9STz95DR+0lQZK e7FyR6uLit/TtnuVpJYJcHRs9k+MHe5grtQ/VA5PAxB6uMU2Y0G8dzzUrQKZ/L4N ty/qqKS7zaqqD2ywh8JEPuFJMbAFRerXHEuQ9HI7d3guCYsKICE9eNd5eRLrN/rn MckBm41/of7vksZvofpx/U4uZdIlNSzF0ybADv/UGMPDyCfEEKOKlok3KFM9UWLK MWzufJHaX9MF/J5vfrixO7QPol5MKTdUypZ7BhXeXb9b7F2Y/JrYsHgIIzpE+TH1 p1wkfmT3YfHA+6Wl5VnjxvZS6QhcZFTY97hOmVPJ4ge1orAGDK9Jj9FpL6EM4XDb oaKJU8WB0Ry+YYxjEa0QQY+VWHAEns/lauECM4kJoxDKLo2b5A8qvvpaDGyXz/M4 2/66ZmV2KKOlEiWAC5oVhxPiWxpVbryO0FhEdR2e9WuidmQ27Mc= =XF1H -----END PGP SIGNATURE----- Merge 5.10.143 into android12-5.10-lts Changes in 5.10.143 NFSD: Fix verifier returned in stable WRITEs xen-blkfront: Cache feature_persistent value before advertisement tty: n_gsm: initialize more members at gsm_alloc_mux() tty: n_gsm: avoid call of sleeping functions from atomic context efi: libstub: Disable struct randomization efi: capsule-loader: Fix use-after-free in efi_capsule_write wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() fs: only do a memory barrier for the first set_buffer_uptodate() Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()" scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX scsi: megaraid_sas: Fix double kfree() drm/gem: Fix GEM handle release errors drm/amdgpu: Move psp_xgmi_terminate call from amdgpu_xgmi_remove_device to psp_hw_fini drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. drm/radeon: add a force flush to delay work when radeon parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level net/core/skbuff: Check the return value of skb_copy_bits() fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() ALSA: aloop: Fix random zeros in capture data when using jiffies timer ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() kprobes: Prohibit probes in gate area debugfs: add debugfs_lookup_and_remove() nvmet: fix a use-after-free drm/i915: Implement WaEdpLinkRateDataReload scsi: mpt3sas: Fix use-after-free warning scsi: lpfc: Add missing destroy_workqueue() in error path cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock cifs: remove useless parameter 'is_fsctl' from SMB2_ioctl() smb3: missing inode locks in punch hole ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node regulator: core: Clean up on enable failure tee: fix compiler warning in tee_shm_register() RDMA/cma: Fix arguments order in net device validation soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs RDMA/hns: Fix supported page size RDMA/hns: Fix wrong fixed value of qp->rq.wqe_shift ARM: dts: at91: sama5d27_wlsom1: specify proper regulator output ranges ARM: dts: at91: sama5d2_icp: specify proper regulator output ranges ARM: dts: at91: sama5d27_wlsom1: don't keep ldo2 enabled all the time ARM: dts: at91: sama5d2_icp: don't keep vdd_other enabled all the time netfilter: br_netfilter: Drop dst references before setting. netfilter: nf_tables: clean up hook list when offload flags check fails netfilter: nf_conntrack_irc: Fix forged IP logic ALSA: usb-audio: Inform the delayed registration more properly ALSA: usb-audio: Register card again for iface over delayed_register option rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2() afs: Use the operation issue time instead of the reply time for callbacks sch_sfb: Don't assume the skb is still around after enqueueing to child tipc: fix shift wrapping bug in map_get() ice: use bitmap_free instead of devm_kfree i40e: Fix kernel crash during module removal xen-netback: only remove 'hotplug-status' when the vif is actually destroyed RDMA/siw: Pass a pointer to virt_to_page() ipv6: sr: fix out-of-bounds read when setting HMAC data. IB/core: Fix a nested dead lock as part of ODP flow RDMA/mlx5: Set local port to one when accessing counters nvme-tcp: fix UAF when detecting digest errors nvme-tcp: fix regression that causes sporadic requests to time out tcp: fix early ETIMEDOUT after spurious non-SACK RTO sch_sfb: Also store skb len before calling child enqueue ASoC: mchp-spdiftx: remove references to mchp_i2s_caps ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion MIPS: loongson32: ls1c: Fix hang during startup swiotlb: avoid potential left shift overflow iommu/amd: use full 64-bit value in build_completion_wait() hwmon: (mr75203) fix VM sensor allocation when "intel,vm-map" not defined hwmon: (mr75203) update pvt->v_num and vm_num to the actual number of used sensors hwmon: (mr75203) fix voltage equation for negative source input hwmon: (mr75203) fix multi-channel voltage reading hwmon: (mr75203) enable polling for all VM channels arm64: errata: add detection for AMEVCNTR01 incrementing incorrectly Linux 5.10.143 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia1bc1b76bcad0e2cb3b27d1a37278b1d24c6b90d |
||
|
Greg Kroah-Hartman
|
e0f0b200a5 |
This is the 5.10.142 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMZsd0ACgkQONu9yGCS aT5gXw//QdDh8KQRcJdVrIKSm1CzApFkAbjaL461gcjKMqBwAavjdWNDx8zKFEw7 H0OX+m0fr9gaDHNoNqjvKGN0V57HfXve/0f786W9aTqENF9BOmomHtsT0k5I5T9y C2uTvSw/l3GXoMI1afepTtHFdip+PSZSlYL9afBDZI4WAz8Bkn+RlVHDNCtQdn1D GaDliP6iQ+1J1p/VB32TdZyPOZK/qspD15b+3xYVoA8ad1/oKrUtYcvyA/svl45V I3GrH2klYBBp/ffgCGawe6qOjwiQeabDkMyuvNUVaYwNOEeYLdNIbVRxFz3N+b0W 0Kixpwwqijb8AVY8xsL7W8Ure/2KRzu/4cILtHOiTbqB2lQCmGAIgfHjIOBc+CPf uW6UpBeXSgiXJJhbtEd3kYEVWeFBppKiuN2i2puP+fkWFvEHKEddtlLapqA65WDq 3GITqiKLC2GPftigs6ws8T1Ow1izZ3MXzhO8s9JS1WHZeUg1jxL7tIlLsuXIh4xt MA64n6ASJ4JsoNaP2jvix3J1T7PQ6/mz/jfzDR4emTiCFNuJhF1k70sAtssusX4W SSuh3bLrHO0CNXfChp++MphfWV4takBobMTbjjSsblfif9FEyx2advYNEJe2BG9C NqQTUDs1eKP6PR0yI871uKyBlvw7rCZoCMrZCLggkLjL8+jxbWw= =Ebrg -----END PGP SIGNATURE----- Merge 5.10.142 into android12-5.10-lts Changes in 5.10.142 drm/msm/dsi: fix the inconsistent indenting drm/msm/dp: delete DP_RECOVERED_CLOCK_OUT_EN to fix tps4 drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg drm/msm/dsi: Fix number of regulators for SDM660 platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask iio: adc: mcp3911: make use of the sign bit bpf, cgroup: Fix kernel BUG in purge_effective_progs ieee802154/adf7242: defer destroy_workqueue call ALSA: hda: intel-nhlt: remove use of __func__ in dev_dbg ALSA: hda: intel-nhlt: Correct the handling of fmt_config flexible array wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() Revert "xhci: turn off port power in shutdown" net: sched: tbf: don't call qdisc_put() while holding tree lock net/sched: fix netdevice reference leaks in attach_default_qdiscs() ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler kcm: fix strp_init() order and cleanup sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb tcp: annotate data-race around challenge_timestamp Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb" net/smc: Remove redundant refcount increase serial: fsl_lpuart: RS485 RTS polariy is inverse staging: rtl8712: fix use after free bugs powerpc: align syscall table for ppc32 vt: Clear selection before changing the font tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag iio: ad7292: Prevent regulator double disable iio: adc: mcp3911: use correct formula for AD conversion misc: fastrpc: fix memory corruption on probe misc: fastrpc: fix memory corruption on open USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id binder: fix UAF of ref->proc caused by race condition drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops" clk: core: Fix runtime PM sequence in clk_core_unprepare() Input: rk805-pwrkey - fix module autoloading clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate clk: bcm: rpi: Use correct order for the parameters of devm_kcalloc() clk: bcm: rpi: Prevent out-of-bounds access clk: bcm: rpi: Add missing newline hwmon: (gpio-fan) Fix array out of bounds access gpio: pca953x: Add mutex_lock for regcache sync in PM KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES xen/grants: prevent integer overflow in gnttab_dma_alloc_pages() mm: pagewalk: Fix race between unmap and page walker xen-blkback: Advertise feature-persistent as user requested xen-blkfront: Advertise feature-persistent as user requested thunderbolt: Use the actual buffer in tb_async_error() media: mceusb: Use new usb_control_msg_*() routines xhci: Add grace period after xHC start to prevent premature runtime suspend. USB: serial: cp210x: add Decagon UCA device id USB: serial: option: add support for OPPO R11 diag port USB: serial: option: add Quectel EM060K modem USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles usb: dwc2: fix wrong order of phy_power_on and phy_init USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) usb-storage: Add ignore-residue quirk for NXP PN7462AU s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages s390: fix nospec table alignments USB: core: Prevent nested device-reset calls usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS driver core: Don't probe devices after bus_type.match() probe deferral wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected wifi: mac80211: Fix UAF in ieee80211_scan_rx() ip: fix triggering of 'icmp redirect' net: Use u64_stats_fetch_begin_irq() for stats fetch. net: mac802154: Fix a condition in the receive path ALSA: hda/realtek: Add speaker AMP init for Samsung laptops with ALC298 ALSA: seq: oss: Fix data-race for max_midi_devs access ALSA: seq: Fix data-race at module auto-loading drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk btrfs: harden identification of a stale device mmc: core: Fix UHS-I SD 1.8V workaround branch usb: dwc3: fix PHY disable sequence usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup usb: dwc3: disable USB core PHY management USB: serial: ch341: fix lost character on LCR updates USB: serial: ch341: fix disabled rx timer on older devices Linux 5.10.142 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I32d9b4c4c0e6c802744abb8b1c87ad794f4de0c8 |
||
|
Greg Kroah-Hartman
|
e69a383052 |
Revert "mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
cc51dcbc60 |
Revert "ANDROID: vendor_hooks:vendor hook for __alloc_pages_slowpath."
This reverts commit
|
||
|
Jann Horn
|
891f03f688 |
mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region()
This is a stable-specific patch.
I botched the stable-specific rewrite of
commit b67fbebd4cf98 ("mmu_gather: Force tlb-flush VM_PFNMAP vmas"):
As Hugh pointed out, unmap_region() actually operates on a list of VMAs,
and the variable "vma" merely points to the first VMA in that list.
So if we want to check whether any of the VMAs we're operating on is
PFNMAP or MIXEDMAP, we have to iterate through the list and check each VMA.
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Yee Lee
|
a14f1799ce |
Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()"
This reverts commit 23c2d497de21f25898fbea70aeb292ab8acc8c94.
Commit 23c2d497de21 ("mm: kmemleak: take a full lowmem check in
kmemleak_*_phys()") brought false leak alarms on some archs like arm64
that does not init pfn boundary in early booting. The final solution
lands on linux-6.0: commit 0c24e061196c ("mm: kmemleak: add rbtree and
store physical address for objects allocated with PA").
Revert this commit before linux-6.0. The original issue of invalid PA
can be mitigated by additional check in devicetree.
The false alarm report is as following: Kmemleak output: (Qemu/arm64)
unreferenced object 0xffff0000c0170a00 (size 128):
comm "swapper/0", pid 1, jiffies 4294892404 (age 126.208s)
hex dump (first 32 bytes):
62 61 73 65 00 00 00 00 00 00 00 00 00 00 00 00 base............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<(____ptrval____)>] __kmalloc_track_caller+0x1b0/0x2e4
[<(____ptrval____)>] kstrdup_const+0x8c/0xc4
[<(____ptrval____)>] kvasprintf_const+0xbc/0xec
[<(____ptrval____)>] kobject_set_name_vargs+0x58/0xe4
[<(____ptrval____)>] kobject_add+0x84/0x100
[<(____ptrval____)>] __of_attach_node_sysfs+0x78/0xec
[<(____ptrval____)>] of_core_init+0x68/0x104
[<(____ptrval____)>] driver_init+0x28/0x48
[<(____ptrval____)>] do_basic_setup+0x14/0x28
[<(____ptrval____)>] kernel_init_freeable+0x110/0x178
[<(____ptrval____)>] kernel_init+0x20/0x1a0
[<(____ptrval____)>] ret_from_fork+0x10/0x20
This pacth is also applicable to linux-5.17.y/linux-5.18.y/linux-5.19.y
Cc: <stable@vger.kernel.org>
Signed-off-by: Yee Lee <yee.lee@mediatek.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
liang zhang
|
feedd14d14 |
Revert "Revert "ANDROID: add for tuning readahead size""
This reverts commit
|
||
|
Peifeng Li
|
f50f24e781 |
ANDROID: vendor_hooks: Add hooks for lookaround
Add hooks for support lookaround in memory reclamation. - android_vh_test_clear_look_around_ref - android_vh_check_page_look_around_ref - android_vh_look_around_migrate_page - android_vh_look_around Bug: 241079328 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: I9a606ae71d2f1303df3b02403b30bc8fdc9d06dd |
||
|
Sivasri Kumar, Vanka
|
6ef4770b8e |
Merge keystone/android12-5.10-keystone-qcom-release.117+ (8f0aba1) into msm-5.10
* refs/heads/tmp-8f0aba1:
ANDROID: Update symbol list for mtk
ANDROID: GKI: rockchip: Add symbols for crypto
ANDROID: GKI: rockchip: Add symbol pci_disable_link_state
ANDROID: GKI: rockchip: Add symbols for sound
ANDROID: GKI: rockchip: Add symbols for video
BACKPORT: f2fs: do not set compression bit if kernel doesn't support
UPSTREAM: exfat: improve performance of exfat_free_cluster when using dirsync mount
ANDROID: GKI: rockchip: Add symbols for drm dp
UPSTREAM: arm64: perf: Support new DT compatibles
UPSTREAM: arm64: perf: Simplify registration boilerplate
UPSTREAM: arm64: perf: Support Denver and Carmel PMUs
UPSTREAM: arm64: perf: add support for Cortex-A78
ANDROID: GKI: rockchip: Update symbol for devfreq
ANDROID: GKI: rockchip: Update symbols for drm
ANDROID: GKI: Update symbols to symbol list
UPSTREAM: ASoC: hdmi-codec: make hdmi_codec_controls static
UPSTREAM: ASoC: hdmi-codec: Add a prepare hook
UPSTREAM: ASoC: hdmi-codec: Add iec958 controls
UPSTREAM: ASoC: hdmi-codec: Rework to support more controls
UPSTREAM: ALSA: iec958: Split status creation and fill
UPSTREAM: ALSA: doc: Clarify IEC958 controls iface
UPSTREAM: ASoC: hdmi-codec: remove unused spk_mask member
UPSTREAM: ASoC: hdmi-codec: remove useless initialization
UPSTREAM: ASoC: codec: hdmi-codec: Support IEC958 encoded PCM format
UPSTREAM: ASoC: hdmi-codec: Fix return value in hdmi_codec_set_jack()
UPSTREAM: ASoC: hdmi-codec: Add RX support
UPSTREAM: ASoC: hdmi-codec: Get ELD in before reporting plugged event
ANDROID: GKI: rockchip: Add symbols for display driver
BACKPORT: KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
BACKPORT: io_uring: always grab file table for deferred statx
BACKPORT: Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
ANDROID: add two func in mm/memcontrol.c
ANDROID: vendor_hooks: protect multi-mapcount pages in kernel
ANDROID: vendor_hooks: account page-mapcount
FROMGIT: io_uring: Use original task for req identity in io_identity_cow()
FROMLIST: binder: fix UAF of ref->proc caused by race condition
ANDROID: vendor_hooks: Guard cgroup struct with CONFIG_CGROUPS
ANDROID: vendor_hooks: add hooks for remove_vm_area.
ANDROID: GKI: allow mm vendor hooks header inclusion from header files
ANDROID: Update symbol list of mediatek
ANDROID: sched: add vendor hook to PELT multiplier
ANDROID: Guard hooks with their CONFIG_ options
ANDROID: fix kernelci issue for allnoconfig builds
ANDROID: sched: Introducing PELT multiplier
FROMGIT: binder: fix redefinition of seq_file attributes
ANDROID: GKI: pcie: Fix the broken dw_pcie structure
UPSTREAM: PCI: dwc: Support multiple ATU memory regions
ANDROID: oplus: Update the ABI xml and symbol list
ANDROID: vendor_hooks: add hooks in __alloc_pages_slowpath
ANDROID: GKI: Update symbols to symbol list
FROMGIT: arm64: fix oops in concurrently setting insn_emulation sysctls
FROMGIT: usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup
ANDROID: vendor_hooks:vendor hook for mmput
ANDROID: vendor_hooks:vendor hook for pidfd_open
ANDROID: GKI: db845c: Update symbols list and ABI
Linux 5.10.117
SUNRPC: Fix fall-through warnings for Clang
io_uring: always use original task when preparing req identity
usb: gadget: uvc: allow for application to cleanly shutdown
usb: gadget: uvc: rename function to be more consistent
ping: fix address binding wrt vrf
arm[64]/memremap: don't abuse pfn_valid() to ensure presence of linear map
net: phy: Fix race condition on link status change
SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
SUNRPC: Don't call connect() more than once on a TCP socket
SUNRPC: Prevent immediate close+reconnect
SUNRPC: Clean up scheduling of autoclose
drm/vmwgfx: Initialize drm_mode_fb_cmd2
cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp()
net: atlantic: always deep reset on pm op, fixing up my null deref regression
i40e: i40e_main: fix a missing check on list iterator
drm/nouveau/tegra: Stop using iommu_present()
ceph: fix setting of xattrs on async created inodes
serial: 8250_mtk: Fix register address for XON/XOFF character
serial: 8250_mtk: Fix UART_EFR register address
slimbus: qcom: Fix IRQ check in qcom_slim_probe
USB: serial: option: add Fibocom MA510 modem
USB: serial: option: add Fibocom L610 modem
USB: serial: qcserial: add support for Sierra Wireless EM7590
USB: serial: pl2303: add device id for HP LM930 Display
usb: typec: tcpci_mt6360: Update for BMC PHY setting
usb: typec: tcpci: Don't skip cleanup in .remove() on error
usb: cdc-wdm: fix reading stuck on device close
tty: n_gsm: fix mux activation issues in gsm_config()
tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe()
firmware_loader: use kernel credentials when reading firmware
tcp: resalt the secret every 10 seconds
net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT
net: emaclite: Don't advertise 1000BASE-T and do auto negotiation
s390: disable -Warray-bounds
ASoC: ops: Validate input values in snd_soc_put_volsw_range()
ASoC: max98090: Generate notifications on changes for custom control
ASoC: max98090: Reject invalid values in custom control put()
hwmon: (f71882fg) Fix negative temperature
gfs2: Fix filesystem block deallocation for short writes
tls: Fix context leak on tls_device_down
net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe()
net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending
net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down()
net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral
net/sched: act_pedit: really ensure the skb is writable
s390/lcs: fix variable dereferenced before check
s390/ctcm: fix potential memory leak
s390/ctcm: fix variable dereferenced before check
selftests: vm: Makefile: rename TARGETS to VMTARGETS
hwmon: (ltq-cputemp) restrict it to SOC_XWAY
dim: initialize all struct fields
ionic: fix missing pci_release_regions() on error in ionic_probe()
nfs: fix broken handling of the softreval mount option
mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
net: sfc: fix memory leak due to ptp channel
sfc: Use swap() instead of open coding it
netlink: do not reset transport header in netlink_recvmsg()
drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name()
ipv4: drop dst in multicast routing path
net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters
net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0
net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups
net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted
net: Fix features skip in for_each_netdev_feature()
mac80211: Reset MBSSID parameters upon connection
hwmon: (tmp401) Add OF device ID table
iwlwifi: iwl-dbg: Use del_timer_sync() before freeing
batman-adv: Don't skb_split skbuffs with frag_list
Linux 5.10.116
mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic()
mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
mm: fix missing cache flush for all tail pages of compound page
Bluetooth: Fix the creation of hdev->name
arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
nfp: bpf: silence bitwise vs. logical OR warning
drm/amd/display/dc/gpio/gpio_service: Pass around correct dce_{version, environment} types
block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
regulator: consumer: Add missing stubs to regulator/consumer.h
MIPS: Use address-of operator on section symbols
ANDROID: GKI: update the abi .xml file due to hex_to_bin() changes
Revert "tcp: ensure to use the most recently sent skb when filling the rate sample"
Linux 5.10.115
mmc: rtsx: add 74 Clocks in power on flow
PCI: aardvark: Fix reading MSI interrupt number
PCI: aardvark: Clear all MSIs at setup
dm: interlock pending dm_io and dm_wait_for_bios_completion
block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
rcu: Apply callbacks processing time limit only on softirq
rcu: Fix callbacks processing time limit retaining cond_resched()
KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised
KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs
KVM: x86: Do not change ICR on write to APIC_SELF_IPI
x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume
net/mlx5: Fix slab-out-of-bounds while reading resource dump menu
kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU
net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter()
btrfs: always log symlinks in full mode
smsc911x: allow using IRQ0
selftests: ocelot: tc_flower_chains: specify conform-exceed action for policer
bnxt_en: Fix unnecessary dropping of RX packets
bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is operational
hinic: fix bug of wq out of bound access
net: emaclite: Add error handling for of_address_to_resource()
net: cpsw: add missing of_node_put() in cpsw_probe_dt()
net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux()
net: dsa: mt7530: add missing of_node_put() in mt7530_setup()
net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init()
NFSv4: Don't invalidate inode attributes on delegation return
RDMA/siw: Fix a condition race issue in MPA request processing
selftests/seccomp: Don't call read() on TTY from background pgrp
net/mlx5: Avoid double clear or set of sync reset requested
net/mlx5e: Fix the calling of update_buffer_lossy() API
net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release
net/mlx5e: Don't match double-vlan packets if cvlan is not set
net/mlx5e: Fix trust state reset in reload
ASoC: dmaengine: Restore NULL prepare_slave_config() callback
hwmon: (adt7470) Fix warning on module removal
gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set)
NFC: netlink: fix sleep in atomic bug when firmware download timeout
nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs
nfc: replace improper check device_is_registered() in netlink related functions
can: grcan: only use the NAPI poll budget for RX
can: grcan: grcan_probe(): fix broken system id check for errata workaround needs
can: grcan: use ofdev->dev when allocating DMA memory
can: isotp: remove re-binding of bound socket
can: grcan: grcan_close(): fix deadlock
s390/dasd: Fix read inconsistency for ESE DASD devices
s390/dasd: Fix read for ESE with blksize < 4k
s390/dasd: prevent double format of tracks for ESE devices
s390/dasd: fix data corruption for ESE devices
ASoC: meson: Fix event generation for AUI CODEC mux
ASoC: meson: Fix event generation for G12A tohdmi mux
ASoC: meson: Fix event generation for AUI ACODEC mux
ASoC: wm8958: Fix change notifications for DSP controls
ASoC: da7219: Fix change notifications for tone generator frequency
genirq: Synchronize interrupt thread startup
net: stmmac: disable Split Header (SPH) for Intel platforms
firewire: core: extend card->lock in fw_core_handle_bus_reset
firewire: remove check of list iterator against head past the loop body
firewire: fix potential uaf in outbound_phy_packet_callback()
Revert "SUNRPC: attempt AF_LOCAL connect on setup"
drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT
iommu/vt-d: Calculate mask for non-aligned flushes
KVM: x86/svm: Account for family 17h event renumberings in amd_pmc_perf_hw_id
gpiolib: of: fix bounds check for 'gpio-reserved-ranges'
mmc: core: Set HS clock speed before sending HS CMD13
mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC
ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers
parisc: Merge model and model name into one line in /proc/cpuinfo
MIPS: Fix CP0 counter erratum detection for R4k CPUs
Revert "ipv6: make ip6_rt_gc_expire an atomic_t"
Revert "oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup"
Linux 5.10.114
perf symbol: Remove arch__symbols__fixup_end()
tty: n_gsm: fix software flow control handling
tty: n_gsm: fix incorrect UA handling
tty: n_gsm: fix reset fifo race condition
tty: n_gsm: fix wrong command frame length field encoding
tty: n_gsm: fix wrong command retry handling
tty: n_gsm: fix missing explicit ldisc flush
tty: n_gsm: fix wrong DLCI release order
tty: n_gsm: fix insufficient txframe size
netfilter: nft_socket: only do sk lookups when indev is available
tty: n_gsm: fix malformed counter for out of frame data
tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2
tty: n_gsm: fix mux cleanup after unregister tty device
tty: n_gsm: fix decoupled mux resource
tty: n_gsm: fix restart handling via CLD command
perf symbol: Update symbols__fixup_end()
perf symbol: Pass is_kallsyms to symbols__fixup_end()
x86/cpu: Load microcode during restore_processor_state()
thermal: int340x: Fix attr.show callback prototype
net: ethernet: stmmac: fix write to sgmii_adapter_base
drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses
kasan: prevent cpu_quarantine corruption when CPU offline and cache shrink occur at same time
zonefs: Clear inode information flags on inode creation
zonefs: Fix management of open zones
powerpc/perf: Fix 32bit compile
drivers: net: hippi: Fix deadlock in rr_close()
cifs: destage any unwritten data to the server before calling copychunk_write
x86: __memcpy_flushcache: fix wrong alignment if size > 2^32
ext4: fix bug_on in start_this_handle during umount filesystem
ASoC: wm8731: Disable the regulator when probing fails
ASoC: Intel: soc-acpi: correct device endpoints for max98373
tcp: fix F-RTO may not work correctly when receiving DSACK
Revert "ibmvnic: Add ethtool private flag for driver-defined queue limits"
ibmvnic: fix miscellaneous checks
ixgbe: ensure IPsec VF<->PF compatibility
net: fec: add missing of_node_put() in fec_enet_init_stop_mode()
bnx2x: fix napi API usage sequence
tls: Skip tls_append_frag on zero copy size
drm/amd/display: Fix memory leak in dcn21_clock_source_create
drm/amdkfd: Fix GWS queue count
net: dsa: lantiq_gswip: Don't set GSWIP_MII_CFG_RMII_CLK
net: phy: marvell10g: fix return value on error
net: bcmgenet: hide status block before TX timestamping
clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource()
bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create()
tcp: make sure treq->af_specific is initialized
tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT
ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode
ip6_gre: Make o_seqno start from 0 in native mode
ip_gre: Make o_seqno start from 0 in native mode
net/smc: sync err code when tcp connection was refused
net: hns3: add return value for mailbox handling in PF
net: hns3: add validity check for message data length
net: hns3: modify the return code of hclge_get_ring_chain_from_mbx
cpufreq: fix memory leak in sun50i_cpufreq_nvmem_probe
pinctrl: pistachio: fix use of irq_of_parse_and_map()
arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock
ARM: dts: imx6ull-colibri: fix vqmmc regulator
sctp: check asoc strreset_chunk in sctp_generate_reconf_event
wireguard: device: check for metadata_dst with skb_valid_dst()
tcp: ensure to use the most recently sent skb when filling the rate sample
pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested
tcp: md5: incorrect tcp_header_len for incoming connections
pinctrl: rockchip: fix RK3308 pinmux bits
bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook
netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion
net: dsa: Add missing of_node_put() in dsa_port_link_register_of
memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode
pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI
mtd: fix 'part' field data corruption in mtd_info
mtd: rawnand: Fix return value check of wait_for_completion_timeout
pinctrl: mediatek: moore: Fix build error
ipvs: correctly print the memory size of ip_vs_conn_tab
ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35
ARM: dts: am3517-evm: Fix misc pinmuxing
ARM: dts: Fix mmc order for omap3-gta04
phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe
phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe
ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name
ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek
phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific
ARM: OMAP2+: Fix refcount leak in omap_gic_of_init
phy: samsung: exynos5250-sata: fix missing device put in probe error paths
phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue
USB: Fix xhci event ring dequeue pointer ERDP update issue
mtd: rawnand: fix ecc parameters for mt7622
iio:imu:bmi160: disable regulator in error path
arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards
arm64: dts: meson: remove CPU opps below 1GHz for G12B boards
video: fbdev: udlfb: properly check endpoint type
iocost: don't reset the inuse weight of under-weighted debtors
x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests
riscv: patch_text: Fixup last cpu should be master
hex2bin: fix access beyond string end
hex2bin: make the function hex_to_bin constant-time
pinctrl: samsung: fix missing GPIOLIB on ARM64 Exynos config
arch_topology: Do not set llc_sibling if llc_id is invalid
serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
serial: 8250: Also set sticky MCR bits in console restoration
serial: imx: fix overrun interrupts in DMA mode
usb: phy: generic: Get the vbus supply
usb: cdns3: Fix issue for clear halt endpoint
usb: dwc3: gadget: Return proper request status
usb: dwc3: core: Only handle soft-reset in DCTL
usb: dwc3: core: Fix tx/rx threshold settings
usb: dwc3: Try usb-role-switch first in dwc3_drd_init
usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind()
usb: gadget: uvc: Fix crash when encoding data for usb request
usb: typec: ucsi: Fix role swapping
usb: typec: ucsi: Fix reuse of completion structure
usb: misc: fix improper handling of refcount in uss720_probe()
iio: imu: inv_icm42600: Fix I2C init possible nack
iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
iio: dac: ad5446: Fix read_raw not returning set value
iio: dac: ad5592r: Fix the missing return value.
xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
xhci: stop polling roothubs after shutdown
xhci: Enable runtime PM on second Alderlake controller
USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
USB: serial: option: add support for Cinterion MV32-WA/MV32-WB
USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader
USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
USB: quirks: add STRING quirk for VCOM device
USB: quirks: add a Realtek card reader
usb: mtu3: fix USB 3.0 dual-role-switch from device to host
lightnvm: disable the subsystem
floppy: disable FDRAWCMD by default
Linux 5.10.113
Revert "net: micrel: fix KS8851_MLL Kconfig"
block/compat_ioctl: fix range check in BLKGETSIZE
staging: ion: Prevent incorrect reference counting behavour
spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller
jbd2: fix a potential race while discarding reserved buffers after an abort
can: isotp: stop timeout monitoring when no first frame was sent
ext4: force overhead calculation if the s_overhead_cluster makes no sense
ext4: fix overhead calculation to account for the reserved gdt blocks
ext4, doc: fix incorrect h_reserved size
ext4: limit length to bitmap_maxbytes - blocksize in punch_hole
ext4: fix use-after-free in ext4_search_dir
ext4: fix symlink file size not match to file content
ext4: fix fallocate to use file_modified to update permissions consistently
perf report: Set PERF_SAMPLE_DATA_SRC bit for Arm SPE event
powerpc/perf: Fix power9 event alternatives
drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage
KVM: PPC: Fix TCE handling for VFIO
drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare
drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised
perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled
sched/pelt: Fix attach_entity_load_avg() corner case
arm_pmu: Validate single/group leader events
ARC: entry: fix syscall_trace_exit argument
e1000e: Fix possible overflow in LTR decoding
ASoC: soc-dapm: fix two incorrect uses of list iterator
gpio: Request interrupts after IRQ is initialized
openvswitch: fix OOB access in reserve_sfa_size()
xtensa: fix a7 clobbering in coprocessor context load/store
xtensa: patch_text: Fixup last cpu should be master
net: atlantic: invert deep par in pm functions, preventing null derefs
dma: at_xdmac: fix a missing check on list iterator
ata: pata_marvell: Check the 'bmdma_addr' beforing reading
mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup
mm, hugetlb: allow for "high" userspace addresses
EDAC/synopsys: Read the error count from the correct register
nvme-pci: disable namespace identifiers for Qemu controllers
nvme: add a quirk to disable namespace identifiers
stat: fix inconsistency between struct stat and struct compat_stat
scsi: qedi: Fix failed disconnect handling
net: macb: Restart tx only if queue pointer is lagging
drm/msm/mdp5: check the return of kzalloc()
dpaa_eth: Fix missing of_node_put in dpaa_get_ts_info()
brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant
mt76: Fix undefined behavior due to shift overflowing the constant
net: atlantic: Avoid out-of-bounds indexing
cifs: Check the IOCB_DIRECT flag, not O_DIRECT
vxlan: fix error return code in vxlan_fdb_append
arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes
ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant
platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative
reset: tegra-bpmp: Restore Handle errors in BPMP response
ARM: vexpress/spc: Avoid negative array index when !SMP
arm64: mm: fix p?d_leaf()
arm64/mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad()
selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets
dmaengine: idxd: add RO check for wq max_transfer_size write
dmaengine: idxd: add RO check for wq max_batch_size write
net: stmmac: Use readl_poll_timeout_atomic() in atomic state
netlink: reset network and mac headers in netlink_dump()
ipv6: make ip6_rt_gc_expire an atomic_t
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
net/sched: cls_u32: fix possible leak in u32_init_knode()
ip6_gre: Fix skb_under_panic in __gre6_xmit()
ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit()
net/packet: fix packet_sock xmit return value checking
net/smc: Fix sock leak when release after smc_shutdown()
rxrpc: Restore removed timer deletion
igc: Fix BUG: scheduling while atomic
igc: Fix infinite loop in release_swfw_sync
esp: limit skb_page_frag_refill use to a single page
spi: spi-mtk-nor: initialize spi controller after resume
dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources
dmaengine: imx-sdma: Fix error checking in sdma_event_remap
ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use
ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component
ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek
dm: fix mempool NULL pointer race when completing IO
ALSA: hda/realtek: Add quirk for Clevo NP70PNP
ALSA: usb-audio: Clear MIDI port active flag after draining
net/sched: cls_u32: fix netns refcount changes in u32_change()
gfs2: assign rgrp glock before compute_bitstructs
perf tools: Fix segfault accessing sample_id xyarray
tracing: Dump stacktrace trigger to the corresponding instance
mm: page_alloc: fix building error on -Werror=array-compare
etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead
ANDROID: fix up gpio change in 5.10.111
Linux 5.10.112
ax25: Fix UAF bugs in ax25 timers
ax25: Fix NULL pointer dereferences in ax25 timers
ax25: fix NPD bug in ax25_disconnect
ax25: fix UAF bug in ax25_send_control()
ax25: Fix refcount leaks caused by ax25_cb_del()
ax25: fix UAF bugs of net_device caused by rebinding operation
ax25: fix reference count leaks of ax25_dev
ax25: add refcount in ax25_dev to avoid UAF bugs
scsi: iscsi: Fix unbound endpoint error handling
scsi: iscsi: Fix endpoint reuse regression
dma-direct: avoid redundant memory sync for swiotlb
timers: Fix warning condition in __run_timers()
i2c: pasemi: Wait for write xfers to finish
smp: Fix offline cpu check in flush_smp_call_function_queue()
dm integrity: fix memory corruption when tag_size is less than digest size
ARM: davinci: da850-evm: Avoid NULL pointer dereference
tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
genirq/affinity: Consider that CPUs on nodes can be unbalanced
drm/amdgpu: Enable gfxoff quirk on MacBook Pro
drm/amd/display: don't ignore alpha property on pre-multiplied mode
ipv6: fix panic when forwarding a pkt with no in6 dev
nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
ALSA: hda/realtek: Add quirk for Clevo PD50PNT
btrfs: mark resumed async balance as writing
btrfs: fix root ref counts in error handling in btrfs_get_root_ref
ath9k: Fix usage of driver-private space in tx_info
ath9k: Properly clear TX status area before reporting to mac80211
gcc-plugins: latent_entropy: use /dev/urandom
memory: renesas-rpc-if: fix platform-device leak in error path
KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
mm: kmemleak: take a full lowmem check in kmemleak_*_phys()
mm: fix unexpected zeroed page mapping with zram swap
mm, page_alloc: fix build_zonerefs_node()
perf/imx_ddr: Fix undefined behavior due to shift overflowing the constant
drivers: net: slip: fix NPD bug in sl_tx_timeout()
scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
scsi: mvsas: Add PCI ID of RocketRaid 2640
drm/amd/display: Fix allocate_mst_payload assert on resume
drm/amd/display: Revert FEC check in validation
myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
net: axienet: setup mdio unconditionally
tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
arm64: alternatives: mark patch_alternative() as `noinstr`
regulator: wm8994: Add an off-on delay for WM8994 variant
gpu: ipu-v3: Fix dev_dbg frequency output
ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
net: micrel: fix KS8851_MLL Kconfig
scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
scsi: lpfc: Fix queue failures when recovering from PCI parity error
scsi: target: tcmu: Fix possible page UAF
Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer
drm/amdkfd: Check for potential null return of kmalloc_array()
drm/amdgpu/vcn: improve vcn dpg stop procedure
drm/amdkfd: Fix Incorrect VMIDs passed to HWS
drm/amd/display: Update VTEM Infopacket definition
drm/amd/display: FEC check in timing validation
drm/amd/display: fix audio format not updated after edid updated
btrfs: do not warn for free space inode in cow_file_range
btrfs: fix fallocate to use file_modified to update permissions consistently
drm/amd: Add USBC connector ID
net: bcmgenet: Revert "Use stronger register read/writes to assure ordering"
dm mpath: only use ktime_get_ns() in historical selector
cifs: potential buffer overflow in handling symlinks
nfc: nci: add flush_workqueue to prevent uaf
perf tools: Fix misleading add event PMU debug message
testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu set
sctp: Initialize daddr on peeled off socket
scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
scsi: iscsi: Fix offload conn cleanup when iscsid restarts
scsi: iscsi: Move iscsi_ep_disconnect()
scsi: iscsi: Fix in-kernel conn failure handling
scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
scsi: iscsi: Use system_unbound_wq for destroy_work
scsi: iscsi: Force immediate failure during shutdown
scsi: iscsi: Stop queueing during ep_disconnect
scsi: pm80xx: Enable upper inbound, outbound queues
scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init()
drm/msm: Fix range size vs end confusion
cfg80211: hold bss_lock while updating nontrans_list
net/sched: taprio: Check if socket flags are valid
net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link
net: dsa: felix: suppress -EPROBE_DEFER errors
net/sched: fix initialization order when updating chain 0 head
mlxsw: i2c: Fix initialization error flow
net: mdio: Alphabetically sort header inclusion
gpiolib: acpi: use correct format characters
veth: Ensure eth header is in skb's linear part
net/sched: flower: fix parsing of ethertype following VLAN header
SUNRPC: Fix the svc_deferred_event trace class
media: rockchip/rga: do proper error checking in probe
firmware: arm_scmi: Fix sorting of retrieved clock rates
memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe
drm/msm: Add missing put_task_struct() in debugfs path
btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
ACPI: processor idle: Check for architectural support for LPI
cpuidle: PSCI: Move the `has_lpi` check to the beginning of the function
hamradio: remove needs_free_netdev to avoid UAF
hamradio: defer 6pack kfree after unregister_netdev
drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
Linux 5.10.111
powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit
mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning
irqchip/gic, gic-v3: Prevent GSI to SGI translations
Drivers: hv: vmbus: Replace smp_store_mb() with virt_store_mb()
arm64: module: remove (NOLOAD) from linker script
selftests: cgroup: Test open-time cgroup namespace usage for migration checks
selftests: cgroup: Test open-time credential usage for migration checks
selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644
selftests/cgroup: Fix build on older distros
cgroup: Use open-time credentials for process migraton perm checks
mm: don't skip swap entry even if zap_details specified
ubsan: remove CONFIG_UBSAN_OBJECT_SIZE
dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error"
tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts
tools build: Filter out options and warnings not supported by clang
perf python: Fix probing for some clang command line options
perf build: Don't use -ffat-lto-objects in the python feature test when building with clang-13
drm/amdkfd: Create file descriptor after client is added to smi_clients list
drm/nouveau/pmu: Add missing callbacks for Tegra devices
drm/amdgpu/smu10: fix SoC/fclk units in auto mode
irqchip/gic-v3: Fix GICR_CTLR.RWP polling
perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
ata: sata_dwc_460ex: Fix crash due to OOB write
gpio: Restrict usage of GPIO chip irq members before initialization
RDMA/hfi1: Fix use-after-free bug for mm struct
arm64: patch_text: Fixup last cpu should be master
btrfs: prevent subvol with swapfile from being deleted
btrfs: fix qgroup reserve overflow the qgroup limit
x86/speculation: Restore speculation related MSRs during S3 resume
x86/pm: Save the MSR validity status at context setup
io_uring: fix race between timeout flush and removal
mm/mempolicy: fix mpol_new leak in shared_policy_replace
mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0)
lz4: fix LZ4_decompress_safe_partial read out of bound
mmc: renesas_sdhi: don't overwrite TAP settings when HS400 tuning is complete
mmc: mmci: stm32: correctly check all elements of sg list
Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
arm64: Add part number for Arm Cortex-A78AE
perf session: Remap buf if there is no space for event
perf tools: Fix perf's libperf_print callback
perf: arm-spe: Fix perf report --mem-mode
iommu/omap: Fix regression in probe for NULL pointer dereference
SUNRPC: svc_tcp_sendmsg() should handle errors from xdr_alloc_bvec()
SUNRPC: Handle low memory situations in call_status()
SUNRPC: Handle ENOMEM in call_transmit_status()
io_uring: don't touch scm_fp_list after queueing skb
drbd: Fix five use after free bugs in get_initial_state
bpf: Support dual-stack sockets in bpf_tcp_check_syncookie
spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op()
qede: confirm skb is allocated before using
net: phy: mscc-miim: reject clause 45 register accesses
rxrpc: fix a race in rxrpc_exit_net()
net: openvswitch: fix leak of nested actions
net: openvswitch: don't send internal clone attribute to the userspace.
ice: synchronize_rcu() when terminating rings
ipv6: Fix stats accounting in ip6_pkt_drop
ice: Do not skip not enabled queues in ice_vc_dis_qs_msg
ice: Set txq_teid to ICE_INVAL_TEID on ring creation
dpaa2-ptp: Fix refcount leak in dpaa2_ptp_probe
IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition
RDMA/mlx5: Don't remove cache MRs when a delay is needed
sfc: Do not free an empty page_ring
bnxt_en: reserve space inside receive page for skb_shared_info
drm/imx: Fix memory leak in imx_pd_connector_get_modes
drm/imx: imx-ldb: Check for null pointer after calling kmemdup
net: stmmac: Fix unset max_speed difference between DT and non-DT platforms
net: ipv4: fix route with nexthop object delete warning
ice: Clear default forwarding VSI during VSI release
net/tls: fix slab-out-of-bounds bug in decrypt_internal
scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
NFSv4: fix open failure with O_ACCMODE flag
Revert "NFSv4: Handle the special Linux file open access mode"
Drivers: hv: vmbus: Fix potential crash on module unload
drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
Revert "hv: utils: add PTP_1588_CLOCK to Kconfig to fix build"
mm: fix race between MADV_FREE reclaim and blkdev direct IO read
parisc: Fix patch code locking and flushing
parisc: Fix CPU affinity for Lasi, WAX and Dino chips
NFS: Avoid writeback threads getting stuck in mempool_alloc()
NFS: nfsiod should not block forever in mempool_alloc()
SUNRPC: Fix socket waits for write buffer space
jfs: prevent NULL deref in diFree
virtio_console: eliminate anonymous module_init & module_exit
serial: samsung_tty: do not unlock port->lock for uart_write_wakeup()
x86/Kconfig: Do not allow CONFIG_X86_X32_ABI=y with llvm-objcopy
NFS: swap-out must always use STABLE writes.
NFS: swap IO handling is slightly different for O_DIRECT IO
SUNRPC: remove scheduling boost for "SWAPPER" tasks.
SUNRPC/xprt: async tasks mustn't block waiting for memory
SUNRPC/call_alloc: async tasks mustn't block waiting for memory
clk: Enforce that disjoints limits are invalid
clk: ti: Preserve node in ti_dt_clocks_register()
xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
NFSv4: Protect the state recovery thread against direct reclaim
NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify()
w1: w1_therm: fixes w1_seq for ds28ea00 sensors
staging: wfx: fix an error handling in wfx_init_common()
phy: amlogic: meson8b-usb2: Use dev_err_probe()
staging: vchiq_core: handle NULL result of find_service_by_handle
clk: si5341: fix reported clk_rate when output divider is 2
minix: fix bug when opening a file with O_DIRECT
init/main.c: return 1 from handled __setup() functions
ceph: fix memory leak in ceph_readdir when note_last_dentry returns error
netlabel: fix out-of-bounds memory accesses
Bluetooth: Fix use after free in hci_send_acl
MIPS: ingenic: correct unit node address
xtensa: fix DTC warning unit_address_format
usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm
net: sfp: add 2500base-X quirk for Lantech SFP module
net: limit altnames to 64k total
net: account alternate interface name memory
can: isotp: set default value for N_As to 50 micro seconds
scsi: libfc: Fix use after free in fc_exch_abts_resp()
powerpc/secvar: fix refcount leak in format_show()
MIPS: fix fortify panic when copying asm exception handlers
PCI: endpoint: Fix misused goto label
bnxt_en: Eliminate unintended link toggle during FW reset
Bluetooth: use memset avoid memory leaks
Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
tuntap: add sanity checks about msg_controllen in sendmsg
macvtap: advertise link netns via netlink
mips: ralink: fix a refcount leak in ill_acc_of_setup()
net/smc: correct settings of RMB window update limit
scsi: hisi_sas: Free irq vectors in order for v3 HW
scsi: aha152x: Fix aha152x_setup() __setup handler return value
mt76: mt7615: Fix assigning negative values to unsigned variable
scsi: pm8001: Fix memory leak in pm8001_chip_fw_flash_update_req()
scsi: pm8001: Fix tag leaks on error
scsi: pm8001: Fix task leak in pm8001_send_abort_all()
scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
scsi: pm8001: Fix pm80xx_pci_mem_copy() interface
drm/amdkfd: make CRAT table missing message informational only
dm: requeue IO if mapping table not yet available
dm ioctl: prevent potential spectre v1 gadget
ipv4: Invalidate neighbour for broadcast address upon address addition
iwlwifi: mvm: Correctly set fragmented EBS
power: supply: axp288-charger: Set Vhold to 4.4V
PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
tcp: Don't acquire inet_listen_hashbucket::lock with disabled BH.
PCI: endpoint: Fix alignment fault error in copy tests
usb: ehci: add pci device support for Aspeed platforms
iommu/arm-smmu-v3: fix event handling soft lockup
PCI: aardvark: Fix support for MSI interrupts
drm/amdgpu: Fix recursive locking warning
powerpc: Set crashkernel offset to mid of RMA region
ipv6: make mc_forwarding atomic
libbpf: Fix build issue with llvm-readelf
cfg80211: don't add non transmitted BSS to 6GHz scanned channels
mt76: dma: initialize skip_unmap in mt76_dma_rx_fill
power: supply: axp20x_battery: properly report current when discharging
scsi: bfa: Replace snprintf() with sysfs_emit()
scsi: mvsas: Replace snprintf() with sysfs_emit()
bpf: Make dst_port field in struct bpf_sock 16-bit wide
ath11k: mhi: use mhi_sync_power_up()
ath11k: fix kernel panic during unload/load ath11k modules
powerpc: dts: t104xrdb: fix phy type for FMAN 4/5
ptp: replace snprintf with sysfs_emit
usb: gadget: tegra-xudc: Fix control endpoint's definitions
usb: gadget: tegra-xudc: Do not program SPARAM
drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
drm/amd/display: Add signal type check when verify stream backends same
ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
drm: Add orientation quirk for GPD Win Max
KVM: x86/emulator: Emulate RDPID only if it is enabled in guest
KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
rtc: wm8350: Handle error for wm8350_register_irq
gfs2: gfs2_setattr_size error path fix
gfs2: Fix gfs2_release for non-writers regression
gfs2: Check for active reservation in gfs2_release
ubifs: Rectify space amount budget for mkdir/tmpfile operations
Conflicts:
drivers/mmc/host/sdhci-msm.c
Change-Id: I7a49ede6a9c42c6f5425b8ba632730a5a289d6ab
Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com>
|
||
Steven Price
|
47a73e5e6b |
mm: pagewalk: Fix race between unmap and page walker
[ Upstream commit 8782fb61cc848364e1e1599d76d3c9dd58a1cc06 ]
The mmap lock protects the page walker from changes to the page tables
during the walk. However a read lock is insufficient to protect those
areas which don't have a VMA as munmap() detaches the VMAs before
downgrading to a read lock and actually tearing down PTEs/page tables.
For users of walk_page_range() the solution is to simply call pte_hole()
immediately without checking the actual page tables when a VMA is not
present. We now never call __walk_page_range() without a valid vma.
For walk_page_range_novma() the locking requirements are tightened to
require the mmap write lock to be taken, and then walking the pgd
directly with 'no_vma' set.
This in turn means that all page walkers either have a valid vma, or
it's that special 'novma' case for page table debugging. As a result,
all the odd '(!walk->vma && !walk->no_vma)' tests can be removed.
Fixes:
|
||
|
Greg Kroah-Hartman
|
5d60de7a5f |
This is the 5.10.141 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMVs1MACgkQONu9yGCS
aT4dIA/+JYX/VG4PxtN3ndJGacUGTTxXf0fKn5TAPkJVKJ5Jt5zDuWbAA4+oLWym
z8L7W2DQ8sdhWiKTSbQMUXWhzyMDyxmFED/J9sm9HXd4c1VbAaRroeViI26fcbxU
ND5soyoTprxD2iwePmmxI7EKO2IIpqkw3hkcUS0XI6bLT2j8/zusEBHUP4RF8D9I
+FCpE9miQZielOjeTLlCRiU5VlZDEg5FusTuy+EJlN4k1HJxiO/L31NVX3iG0xPs
2x4E0q5QT85xEQRwzJFUPU64hPzPFeSGENfAsiq0tzRdsqgOFuQulnp31Vt/nba3
D+D96/dRxo/OZ/s1o2zt08J9zI5tV64sdxrxXSni/+Pnc/qc2/ZrGM3pPIw4taUg
/35orlmDqseNvPyZ5BKuHc68G+1Ma3uxQTbhGfcESvOEZ+T/Ezd6wL+BGMoL/jjq
QKBrRDORAt2t4JmaNoq3t+LGyE4Kdi7RxUmnawYImwzmMKS+qAk0f9mTVcYST0BM
DWFClp8FW4IAVzGX0AWw2uz6e0T/kSkI1xCT8dzXfM7GhAUF8LPJABgmlLJRm/0N
HnzGRDwl0xPbbe9VNvhI+yCaI7HYkSuDlVHW1oujd/AoRcso5LV6TMAgnPUYyvm7
d1HZlbDP2G35Ypq+Z/EdQIb7kWvoDHd2Az3Hvslo5Chawx41S+s=
=IQqi
-----END PGP SIGNATURE-----
Merge 5.10.141 into android12-5.10-lts
Changes in 5.10.141
mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
x86/nospec: Unwreck the RSB stuffing
x86/nospec: Fix i386 RSB stuffing
crypto: lib - remove unneeded selection of XOR_BLOCKS
s390/mm: do not trigger write fault when vma does not allow VM_WRITE
kbuild: Fix include path in scripts/Makefile.modpost
Bluetooth: L2CAP: Fix build errors in some archs
Revert "PCI/portdrv: Don't disable AER reporting in get_port_device_capability()"
HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
udmabuf: Set the DMA mask for the udmabuf device (v2)
media: pvrusb2: fix memory leak in pvr_probe
HID: hidraw: fix memory leak in hidraw_release()
net: fix refcount bug in sk_psock_get (2)
fbdev: fb_pm2fb: Avoid potential divide by zero error
ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead
bpf: Don't redirect packets with invalid pkt_len
mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
mmc: mtk-sd: Clear interrupts when cqe off/disable
drm/amd/display: Avoid MPC infinite loop
drm/amd/display: For stereo keep "FLIP_ANY_FRAME"
drm/amd/display: clear optc underflow before turn off odm clock
neigh: fix possible DoS due to net iface start/stop loop
s390/hypfs: avoid error message under KVM
drm/amd/pm: add missing ->fini_microcode interface for Sienna Cichlid
drm/amd/display: Fix pixel clock programming
drm/amdgpu: Increase tlb flush timeout for sriov
netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
lib/vdso: Mark do_hres_timens() and do_coarse_timens() __always_inline()
kprobes: don't call disarm_kprobe() for disabled kprobes
io_uring: disable polling pollfree files
xfs: remove infinite loop when reserving free block pool
xfs: always succeed at setting the reserve pool size
xfs: fix overfilling of reserve pool
xfs: fix soft lockup via spinning in filestream ag selection loop
xfs: revert "xfs: actually bump warning counts when we send warnings"
net/af_packet: check len when min_header_len equals to 0
net: neigh: don't call kfree_skb() under spin_lock_irqsave()
Linux 5.10.141
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I8b6a1e0bd31df051b90433857f126c183771d367
|
||
|
Jann Horn
|
98f401d363 |
mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
commit 2555283eb40df89945557273121e9393ef9b542b upstream.
anon_vma->degree tracks the combined number of child anon_vmas and VMAs
that use the anon_vma as their ->anon_vma.
anon_vma_clone() then assumes that for any anon_vma attached to
src->anon_vma_chain other than src->anon_vma, it is impossible for it to
be a leaf node of the VMA tree, meaning that for such VMAs ->degree is
elevated by 1 because of a child anon_vma, meaning that if ->degree
equals 1 there are no VMAs that use the anon_vma as their ->anon_vma.
This assumption is wrong because the ->degree optimization leads to leaf
nodes being abandoned on anon_vma_clone() - an existing anon_vma is
reused and no new parent-child relationship is created. So it is
possible to reuse an anon_vma for one VMA while it is still tied to
another VMA.
This is an issue because is_mergeable_anon_vma() and its callers assume
that if two VMAs have the same ->anon_vma, the list of anon_vmas
attached to the VMAs is guaranteed to be the same. When this assumption
is violated, vma_merge() can merge pages into a VMA that is not attached
to the corresponding anon_vma, leading to dangling page->mapping
pointers that will be dereferenced during rmap walks.
Fix it by separately tracking the number of child anon_vmas and the
number of VMAs using the anon_vma as their ->anon_vma.
Fixes:
|
||
|
Jann Horn
|
895428ee12 |
mm: Force TLB flush for PFNMAP mappings before unlink_file_vma()
commit b67fbebd4cf980aecbcc750e1462128bffe8ae15 upstream.
Some drivers rely on having all VMAs through which a PFN might be
accessible listed in the rmap for correctness.
However, on X86, it was possible for a VMA with stale TLB entries
to not be listed in the rmap.
This was fixed in mainline with
commit b67fbebd4cf9 ("mmu_gather: Force tlb-flush VM_PFNMAP vmas"),
but that commit relies on preceding refactoring in
commit 18ba064e42df3 ("mmu_gather: Let there be one tlb_{start,end}_vma()
implementation") and commit 1e9fdf21a4339 ("mmu_gather: Remove per arch
tlb_{start,end}_vma()").
This patch provides equivalent protection without needing that
refactoring, by forcing a TLB flush between removing PTEs in
unmap_vmas() and the call to unlink_file_vma() in free_pgtables().
[This is a stable-specific rewrite of the upstream commit!]
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
5939035887 |
This is the 5.10.140 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMPexEACgkQONu9yGCS aT7SIg//QPmoJq2ho7oqDXzdxW67Eay3QZEPDoBol34RxEXoAUpxFB1nQlC3u1aI OyPNXqQSPkObkXRMAVYStTZWgN3iUngorbsDOM+svGpAxt9zC/6d7JGNdhstaQLG p/OoWaV7qwnNUsvndhohdmwU9TqjwpbvQwSa570uWQ47nIoxMyIz0iR80GjBSNGf a2QiJg4OsaVxqxoySB6I6qAceRMbLOZVxW6p963IYC9Fj4j1NmhsPDIy95aidEN5 RG+Ng9GnuYRo0ktlhSje9YKyE5bYhUNCi6GWsCyArAFo0db/2GzRFweZRy5w7MC/ IaFQf93pDZinIBfDJliXfFMBx4YLdI3IHdtILPJvF7d1U5n6pG44knrPkPHzNouf Ife8SckAPLzZeffobIcOXgoZqM3Xj/5mpHWffPQ2wIpL0ylf4bshPiC8mIRoyblh ufrzUV6r7uBesp18c6nhjwAKgNVaw4w9+CpDk0qLlDELKNfENJ9wMRAJpcifYJKL jJVWJh2wXG4kBWbp/2SetMkNNEeqn/PQUVY843uRE2iE76J2lzly5/+gI4DsSN6+ z2ZQL5tzguZvLw0s+si+doU+orbpzXluJncNdJyw8+1A7J2kxSn/Xfks9X3BKDyi 69pxUx627rMJZi4Pwsc1tyoeTVj32EAmUqronHD9tsQKsujIX0M= =DO69 -----END PGP SIGNATURE----- Merge 5.10.140 into android12-5.10-lts Changes in 5.10.140 audit: fix potential double free on error path from fsnotify_add_inode_mark parisc: Fix exception handler for fldw and fstw instructions kernel/sys_ni: add compat entry for fadvise64_64 pinctrl: amd: Don't save/restore interrupt status and wake status bits xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* fs: remove __sync_filesystem vfs: make sync_filesystem return errors from ->sync_fs xfs: return errors in xfs_fs_sync_fs xfs: only bother with sync_filesystem during readonly remount kernel/sched: Remove dl_boosted flag comment xfrm: fix refcount leak in __xfrm_policy_check() xfrm: clone missing x->lastused in xfrm_do_migrate af_key: Do not call xfrm_probe_algs in parallel xfrm: policy: fix metadata dst->dev xmit null pointer dereference NFS: Don't allocate nfs_fattr on the stack in __nfs42_ssc_open() NFSv4.2 fix problems with __nfs42_ssc_open SUNRPC: RPC level errors should set task->tk_rpc_status mm/huge_memory.c: use helper function migration_entry_to_page() mm/smaps: don't access young/dirty bit if pte unpresent rose: check NULL rose_loopback_neigh->loopback nfc: pn533: Fix use-after-free bugs caused by pn532_cmd_timeout ice: xsk: Force rings to be sized to power of 2 ice: xsk: prohibit usage of non-balanced queue id net/mlx5e: Properly disable vlan strip on non-UL reps net: ipa: don't assume SMEM is page-aligned net: moxa: get rid of asymmetry in DMA mapping/unmapping bonding: 802.3ad: fix no transmission of LACPDUs net: ipvtap - add __init/__exit annotations to module init/exit funcs netfilter: ebtables: reject blobs that don't provide all entry points bnxt_en: fix NQ resource accounting during vf creation on 57500 chips netfilter: nft_payload: report ERANGE for too long offset and length netfilter: nft_payload: do not truncate csum_offset and csum_type netfilter: nf_tables: do not leave chain stats enabled on error netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families netfilter: nft_tunnel: restrict it to netdev family netfilter: nftables: remove redundant assignment of variable err netfilter: nf_tables: consolidate rule verdict trace call netfilter: nft_cmp: optimize comparison for 16-bytes netfilter: bitwise: improve error goto labels netfilter: nf_tables: upfront validation of data via nft_data_init() netfilter: nf_tables: disallow jump to implicit chain from set element netfilter: nf_tables: disallow binding to already bound chain tcp: tweak len/truesize ratio for coalesce candidates net: Fix data-races around sysctl_[rw]mem(_offset)?. net: Fix data-races around sysctl_[rw]mem_(max|default). net: Fix data-races around weight_p and dev_weight_[rt]x_bias. net: Fix data-races around netdev_max_backlog. net: Fix data-races around netdev_tstamp_prequeue. ratelimit: Fix data-races in ___ratelimit(). bpf: Folding omem_charge() into sk_storage_charge() net: Fix data-races around sysctl_optmem_max. net: Fix a data-race around sysctl_tstamp_allow_data. net: Fix a data-race around sysctl_net_busy_poll. net: Fix a data-race around sysctl_net_busy_read. net: Fix a data-race around netdev_budget. net: Fix a data-race around netdev_budget_usecs. net: Fix data-races around sysctl_fb_tunnels_only_for_init_net. net: Fix data-races around sysctl_devconf_inherit_init_net. net: Fix a data-race around sysctl_somaxconn. ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter rxrpc: Fix locking in rxrpc's sendmsg ionic: fix up issues with handling EAGAIN on FW cmds btrfs: fix silent failure when deleting root reference btrfs: replace: drop assert for suspended replace btrfs: add info when mount fails due to stale replace target btrfs: check if root is readonly while setting security xattr perf/x86/lbr: Enable the branch type for the Arch LBR by default x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry x86/bugs: Add "unknown" reporting for MMIO Stale Data loop: Check for overflow while configuring loop asm-generic: sections: refactor memory_intersects s390: fix double free of GS and RI CBs on fork() failure ACPI: processor: Remove freq Qos request for all CPUs xen/privcmd: fix error exit of privcmd_ioctl_dm_op() mm/hugetlb: fix hugetlb not supporting softdirty tracking Revert "md-raid: destroy the bitmap after destroying the thread" md: call __md_stop_writes in md_stop arm64: Fix match_list for erratum 1286807 on Arm Cortex-A76 Documentation/ABI: Mention retbleed vulnerability info file for sysfs blk-mq: fix io hung due to missing commit_rqs perf python: Fix build when PYTHON_CONFIG is user supplied perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU scsi: ufs: core: Enable link lost interrupt scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq bpf: Don't use tnum_range on array range checking for poke descriptors Linux 5.10.140 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I29f4b4af2a584dc2f2789aac613583603002464a |
||
David Hildenbrand
|
62af37c5cd |
mm/hugetlb: fix hugetlb not supporting softdirty tracking
commit f96f7a40874d7c746680c0b9f57cef2262ae551f upstream.
Patch series "mm/hugetlb: fix write-fault handling for shared mappings", v2.
I observed that hugetlb does not support/expect write-faults in shared
mappings that would have to map the R/O-mapped page writable -- and I
found two case where we could currently get such faults and would
erroneously map an anon page into a shared mapping.
Reproducers part of the patches.
I propose to backport both fixes to stable trees. The first fix needs a
small adjustment.
This patch (of 2):
Staring at hugetlb_wp(), one might wonder where all the logic for shared
mappings is when stumbling over a write-protected page in a shared
mapping. In fact, there is none, and so far we thought we could get away
with that because e.g., mprotect() should always do the right thing and
map all pages directly writable.
Looks like we were wrong:
--------------------------------------------------------------------------
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
#include <sys/mman.h>
#define HUGETLB_SIZE (2 * 1024 * 1024u)
static void clear_softdirty(void)
{
int fd = open("/proc/self/clear_refs", O_WRONLY);
const char *ctrl = "4";
int ret;
if (fd < 0) {
fprintf(stderr, "open(clear_refs) failed\n");
exit(1);
}
ret = write(fd, ctrl, strlen(ctrl));
if (ret != strlen(ctrl)) {
fprintf(stderr, "write(clear_refs) failed\n");
exit(1);
}
close(fd);
}
int main(int argc, char **argv)
{
char *map;
int fd;
fd = open("/dev/hugepages/tmp", O_RDWR | O_CREAT);
if (!fd) {
fprintf(stderr, "open() failed\n");
return -errno;
}
if (ftruncate(fd, HUGETLB_SIZE)) {
fprintf(stderr, "ftruncate() failed\n");
return -errno;
}
map = mmap(NULL, HUGETLB_SIZE, PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0);
if (map == MAP_FAILED) {
fprintf(stderr, "mmap() failed\n");
return -errno;
}
*map = 0;
if (mprotect(map, HUGETLB_SIZE, PROT_READ)) {
fprintf(stderr, "mmprotect() failed\n");
return -errno;
}
clear_softdirty();
if (mprotect(map, HUGETLB_SIZE, PROT_READ|PROT_WRITE)) {
fprintf(stderr, "mmprotect() failed\n");
return -errno;
}
*map = 0;
return 0;
}
--------------------------------------------------------------------------
Above test fails with SIGBUS when there is only a single free hugetlb page.
# echo 1 > /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages
# ./test
Bus error (core dumped)
And worse, with sufficient free hugetlb pages it will map an anonymous page
into a shared mapping, for example, messing up accounting during unmap
and breaking MAP_SHARED semantics:
# echo 2 > /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages
# ./test
# cat /proc/meminfo | grep HugePages_
HugePages_Total: 2
HugePages_Free: 1
HugePages_Rsvd: 18446744073709551615
HugePages_Surp: 0
Reason in this particular case is that vma_wants_writenotify() will
return "true", removing VM_SHARED in vma_set_page_prot() to map pages
write-protected. Let's teach vma_wants_writenotify() that hugetlb does not
support softdirty tracking.
Link: https://lkml.kernel.org/r/20220811103435.188481-1-david@redhat.com
Link: https://lkml.kernel.org/r/20220811103435.188481-2-david@redhat.com
Fixes:
|
||
Miaohe Lin
|
c7c77185fa |
mm/huge_memory.c: use helper function migration_entry_to_page()
[ Upstream commit a44f89dc6c5f8ba70240b81a570260d29d04bcb0 ] It's more recommended to use helper function migration_entry_to_page() to get the page via migration entry. We can also enjoy the PageLocked() check there. Link: https://lkml.kernel.org/r/20210318122722.13135-7-linmiaohe@huawei.com Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> Reviewed-by: Peter Xu <peterx@redhat.com> Cc: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Michel Lespinasse <walken@google.com> Cc: Ralph Campbell <rcampbell@nvidia.com> Cc: Thomas Hellstrm (Intel) <thomas_os@shipmail.org> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Wei Yang <richard.weiyang@linux.alibaba.com> Cc: William Kucharski <william.kucharski@oracle.com> Cc: Yang Shi <yang.shi@linux.alibaba.com> Cc: yuleixzhang <yulei.kernel@gmail.com> Cc: Zi Yan <ziy@nvidia.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Charan Teja Kalla
|
99f0160022 |
ANDROID: mm: page_pinner: use page_ext_get/put() to work with page_ext
Use page_ext_get/put() to work with the page extended information without which the page extended information may not be valid. Bug: 2129036 Change-Id: Ibfe036b9ecef0e2551b5d0da1011cacbb0a5c3e6 Signed-off-by: Charan Teja Kalla <quic_charante@quicinc.com> |
||
|
Charan Teja Kalla
|
2b3f9b8187 |
FROMLIST: mm: fix use-after free of page_ext after race with memory-offline
The below is one path where race between page_ext and offline of the respective memory blocks will cause use-after-free on the access of page_ext structure. process1 process2 --------- --------- a)doing /proc/page_owner doing memory offline through offline_pages. b)PageBuddy check is failed thus proceed to get the page_owner information through page_ext access. page_ext = lookup_page_ext(page); migrate_pages(); ................. Since all pages are successfully migrated as part of the offline operation,send MEM_OFFLINE notification where for page_ext it calls: offline_page_ext()--> __free_page_ext()--> free_page_ext()--> vfree(ms->page_ext) mem_section->page_ext = NULL c) Check for the PAGE_EXT flags in the page_ext->flags access results into the use-after-free(leading to the translation faults). As mentioned above, there is really no synchronization between page_ext access and its freeing in the memory_offline. The memory offline steps(roughly) on a memory block is as below: 1) Isolate all the pages 2) while(1) try free the pages to buddy.(->free_list[MIGRATE_ISOLATE]) 3) delete the pages from this buddy list. 4) Then free page_ext.(Note: The struct page is still alive as it is freed only during hot remove of the memory which frees the memmap, which steps the user might not perform). This design leads to the state where struct page is alive but the struct page_ext is freed, where the later is ideally part of the former which just representing the page_flags (check [3] for why this design is chosen). The above mentioned race is just one example __but the problem persists in the other paths too involving page_ext->flags access(eg: page_is_idle())__. Fix all the paths where offline races with page_ext access by maintaining synchronization with rcu lock and is achieved in 3 steps: 1) Invalidate all the page_ext's of the sections of a memory block by storing a flag in the LSB of mem_section->page_ext. 2) Wait till all the existing readers to finish working with the ->page_ext's with synchronize_rcu(). Any parallel process that starts after this call will not get page_ext, through lookup_page_ext(), for the block parallel offline operation is being performed. 3) Now safely free all sections ->page_ext's of the block on which offline operation is being performed. Note: If synchronize_rcu() takes time then optimizations can be done in this path through call_rcu()[2]. Thanks to David Hildenbrand for his views/suggestions on the initial discussion[1] and Pavan kondeti for various inputs on this patch. [1] https://lore.kernel.org/linux-mm/59edde13-4167-8550-86f0-11fc67882107@quicinc.com/ [2] https://lore.kernel.org/all/a26ce299-aed1-b8ad-711e-a49e82bdd180@quicinc.com/T/#u [3] https://lore.kernel.org/all/6fa6b7aa-731e-891c-3efb-a03d6a700efa@redhat.com/ Bug: 236222283 Link: https://lore.kernel.org/all/1661496993-11473-1-git-send-email-quic_charante@quicinc.com/ Change-Id: Ib439ae19c61a557a5c70ea90e3c4b35a5583ba0d Suggested-by: David Hildenbrand <david@redhat.com> Suggested-by: Michal Hocko <mhocko@suse.com> Signed-off-by: Charan Teja Kalla <quic_charante@quicinc.com> (fixed merge conflicts and still exported lookup_page_ext) |
||
|
Sivasri Kumar, Vanka
|
0a292918e3 |
Merge keystone/android12-5.10-keystone-qcom-release.110+ (fc6bdd0) into msm-5.10
* refs/heads/tmp-fc6bdd0: ANDROID: abi_gki_aarch64_qcom: Add skb and scatterlist helpers ANDROID: Use rq_clock_task without CONFIG_SMP ANDROID: GKI: Update symbol list for transsion ANDROID: vendor_hook: Add hook in __free_pages() ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct ANDROID: vendor_hook: Add hook in si_swapinfo() FROMGIT: arm64: fix oops in concurrently setting insn_emulation sysctls FROMGIT: io_uring: Use original task for req identity in io_identity_cow() FROMLIST: binder: fix UAF of ref->proc caused by race condition FROMGIT: arm64: fix oops in concurrently setting insn_emulation sysctls FROMGIT: io_uring: Use original task for req identity in io_identity_cow() FROMLIST: binder: fix UAF of ref->proc caused by race condition ANDROID: Guard rq_clock_task_mult with CONFIG_SMP ANDROID: sched: Introducing PELT multiplier ANDROID: Guard hooks with their CONFIG_ options FROMGIT: binder: fix redefinition of seq_file attributes ANDROID: vendor_hook: Add hook in shmem_writepage() BACKPORT: iommu/dma: Fix race condition during iova_domain initialization FROMGIT: usb: dwc3: core: Deprecate GCTL.CORESOFTRESET FROMGIT: usb: dwc3: gadget: Prevent repeat pullup() FROMGIT: Binder: add TF_UPDATE_TXN to replace outdated txn BACKPORT: FROMGIT: cgroup: Use separate src/dst nodes when preloading css_sets for migration UPSTREAM: usb: gadget: f_uac2: allow changing interface name via configfs UPSTREAM: usb: gadget: f_uac1: allow changing interface name via configfs UPSTREAM: usb: gadget: f_uac1: Add suspend callback UPSTREAM: usb: gadget: f_uac2: Add suspend callback UPSTREAM: usb: gadget: u_audio: Add suspend call UPSTREAM: usb: gadget: u_audio: Rate ctl notifies about current srate (0=stopped) UPSTREAM: usb: gadget: f_uac1: Support multiple sampling rates UPSTREAM: usb: gadget: f_uac2: Support multiple sampling rates UPSTREAM: usb: gadget:audio: Replace deprecated macro S_IRUGO UPSTREAM: usb: gadget: u_audio: Add capture/playback srate getter UPSTREAM: usb: gadget: u_audio: Move dynamic srate from params to rtd UPSTREAM: usb: gadget: u_audio: Support multiple sampling rates UPSTREAM: docs: ABI: fixed formatting in configfs-usb-gadget-uac2 UPSTREAM: usb: gadget: u_audio: Subdevice 0 for capture ctls UPSTREAM: usb: gadget: u_audio: fix calculations for small bInterval UPSTREAM: docs: ABI: fixed req_number desc in UAC1 UPSTREAM: docs: ABI: added missing num_requests param to UAC2 UPSTREAM: usb:gadget: f_uac1: fixed sync playback UPSTREAM: usb: gadget: u_audio.c: Adding Playback Pitch ctl for sync playback UPSTREAM: ABI: configfs-usb-gadget-uac2: fix a broken table UPSTREAM: ABI: configfs-usb-gadget-uac1: fix a broken table UPSTREAM: usb: gadget: f_uac1: fixing inconsistent indenting UPSTREAM: docs: usb: fix malformed table UPSTREAM: usb: gadget: f_uac1: add volume and mute support BACKPORT: usb: gadget: f_uac2: add volume and mute support UPSTREAM: usb: gadget: u_audio: add bi-directional volume and mute support UPSTREAM: usb: audio-v2: add ability to define feature unit descriptor ANDROID: mm: shmem: use reclaim_pages() to recalim pages from a list UPSTREAM: usb: gadget: f_uac1: disable IN/OUT ep if unused ANDROID: GKI: Add symbols to abi_gki_aarch64_transsion BACKPORT: nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs ANDROID: vendor_hook: Add hook in __free_pages() ANDROID: create and export is_swap_slot_cache_enabled ANDROID: vendor_hook: Add hook in swap_slots ANDROID: mm: export swapcache_free_entries ANDROID: mm: export symbols used in vendor hook android_vh_get_swap_page() ANDROID: vendor_hooks: Add hooks to extend struct swap_slots_cache ANDROID: mm: export swap_type_to_swap_info ANDROID: vendor_hook: Add hook in si_swapinfo() ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct ANDROID: vendor_hook: Add hooks in unuse_pte_range() and try_to_unuse() ANDROID: vendor_hook: Add hooks in free_swap_slot() ANDROID: vendor_hook: Add hook to update nr_swap_pages and total_swap_pages ANDROID: vendor_hook: Add hook in page_referenced_one() ANDROID: vendor_hooks: Add hooks to record the I/O statistics of swap: ANDROID: vendor_hook: Add hook in migrate_page_states() ANDROID: vendor_hook: Add hook in __migration_entry_wait() ANDROID: vendor_hook: Add hook in handle_pte_fault() ANDROID: vendor_hook: Add hook in do_swap_page() ANDROID: vendor_hook: Add hook in wp_page_copy() ANDROID: vendor_hooks: Add hooks to madvise_cold_or_pageout_pte_range() ANDROID: vendor_hook: Add hook in snapshot_refaults() ANDROID: vendor_hook: Add hook in inactive_is_low() FROMGIT: usb: gadget: f_fs: change ep->ep safe in ffs_epfile_io() FROMGIT: usb: gadget: f_fs: change ep->status safe in ffs_epfile_io() ANDROID: GKI: forward declare struct cgroup_taskset in vendor hooks ANDROID: Fix build error with CONFIG_UCLAMP_TASK disabled ANDROID: GKI: include more type definitions in vendor hooks ANDROID: Update symbol list for mtk ANDROID: dma/debug: fix warning of check_sync FROMGIT: usb: common: usb-conn-gpio: Allow wakeup from system suspend BACKPORT: FROMLIST: usb: gadget: uvc: fix list double add in uvcg_video_pump BACKPORT: exfat: improve write performance when dirsync enabled FROMLIST: devcoredump : Serialize devcd_del work Change-Id: Ie85e8cf4ecd3c3c218a45fc6be04204ea55a4c70 Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com> |
||
|
Greg Kroah-Hartman
|
fbe6a13851 |
This is the 5.10.137 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmMCMDQACgkQONu9yGCS aT6TwRAAvj1dnV1nLVVNET3jcelTO65SVUUpQjiyGD1npZQaQdH5PoGR0VhMWk7y mLUIwJyp/rR7+OLD3BMFwxDimDWHviFGdbmm/8fsyDrARuOeRd/M1fvtHXjIRQdb nOvfo1yTQWp4xA1k/JwJZslkvRFDsofXWHCRf+ffEryTRanFAVc7u5aFIg92W0b/ JWYWEFe99C4TJ7LACpDoGaP9gE6WXsupaxSZBIu+Wxa+PfDmIeRRTkQn+j4Khn0h I6w+LkLd6ZP3l7sbe9KfS9ZGo1wWLgSng4zz742Z9IaFgxyj2ArS9tNsYCLkkhAM gLSXXkiPBAxUvAtDxR1tc0YROHc1bjAttSoxNXcaaacspSo/Vi0VAtp7t6boK0bI /8P3dh+Hq9u/Q1ClhZtVoFpp+GVj0fDbDd56qVcr2Cp6IokpqRJog1Jhgj0CVCoG iElr3n0+y7/IZfmE6/U1cK00SNcW86e2YduuIy4ifCawRT574zkRiSYZalpaO3qM z1lF9p+zUNq3v2q0wxXuBDLi/yPoJzbJgmCGScj4ryjjr6TOvR1udSVWkJ02dR4H s9km3lNLgoUPCYCLBMlZl7em4T49E09/+4YCrnj/Ezp+YdImf2+QzZyd/gG3ITl2 fW7lpbK1dx3d/19JFP6Xkj9PaIlMl9e8Ne04G+Dabv67uN+0U+g= =Z4rz -----END PGP SIGNATURE----- Merge 5.10.137 into android12-5.10-lts Changes in 5.10.137 Makefile: link with -z noexecstack --no-warn-rwx-segments x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING" scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" ALSA: bcd2000: Fix a UAF bug on the error path of probing ALSA: hda/realtek: Add quirk for Clevo NV45PZ ALSA: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx wifi: mac80211_hwsim: fix race condition in pending packet wifi: mac80211_hwsim: add back erroneously removed cast wifi: mac80211_hwsim: use 32-bit skb cookie add barriers to buffer_uptodate and set_buffer_uptodate HID: wacom: Only report rotation for art pen HID: wacom: Don't register pad_input for touch switch KVM: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case KVM: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 KVM: s390: pv: don't present the ecall interrupt twice KVM: nVMX: Let userspace set nVMX MSR to any _host_ supported value KVM: x86: Mark TSS busy during LTR emulation _after_ all fault checks KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP KVM: x86: Tag kvm_mmu_x86_module_init() with __init riscv: set default pm_power_off to NULL mm: Add kvrealloc() xfs: only set IOMAP_F_SHARED when providing a srcmap to a write xfs: fix I_DONTCACHE mm/mremap: hold the rmap lock in write mode when moving page table entries. ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model ALSA: hda/cirrus - support for iMac 12,1 model ALSA: hda/realtek: Add quirk for another Asus K42JZ model ALSA: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED tty: vt: initialize unicode screen buffer vfs: Check the truncate maximum size in inode_newsize_ok() fs: Add missing umask strip in vfs_tmpfile thermal: sysfs: Fix cooling_device_stats_setup() error code path fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters fbcon: Fix accelerated fbdev scrolling while logo is still shown usbnet: Fix linkwatch use-after-free on disconnect ovl: drop WARN_ON() dentry is NULL in ovl_encode_fh() parisc: Fix device names in /proc/iomem parisc: Check the return value of ioremap() in lba_driver_probe() parisc: io_pgetevents_time64() needs compat syscall in 32-bit compat mode drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error drm/vc4: hdmi: Disable audio if dmas property is present but empty drm/nouveau: fix another off-by-one in nvbios_addr drm/nouveau: Don't pm_runtime_put_sync(), only pm_runtime_put_autosuspend() drm/nouveau/acpi: Don't print error when we get -EINPROGRESS from pm_runtime drm/amdgpu: Check BO's requested pinning domains against its preferred_domains mtd: rawnand: arasan: Update NAND bus clock instead of system clock iio: light: isl29028: Fix the warning in isl29028_remove() scsi: sg: Allow waiting for commands to complete on removed device scsi: qla2xxx: Fix incorrect display of max frame size scsi: qla2xxx: Zero undefined mailbox IN registers fuse: limit nsec serial: mvebu-uart: uart2 error bits clearing md-raid: destroy the bitmap after destroying the thread md-raid10: fix KASAN warning media: [PATCH] pci: atomisp_cmd: fix three missing checks on list iterator ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() PCI: Add defines for normal and subtractive PCI bridges powerpc/fsl-pci: Fix Class Code of PCIe Root Port powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E powerpc/powernv: Avoid crashing if rng is NULL MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK coresight: Clear the connection field properly usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion USB: HCD: Fix URB giveback issue in tasklet function ARM: dts: uniphier: Fix USB interrupts for PXs2 SoC arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC usb: dwc3: gadget: refactor dwc3_repare_one_trb usb: dwc3: gadget: fix high speed multiplier setting lockdep: Allow tuning tracing capacity constants. netfilter: nf_tables: do not allow SET_ID to refer to another table netfilter: nf_tables: do not allow CHAIN_ID to refer to another table netfilter: nf_tables: do not allow RULE_ID to refer to another chain netfilter: nf_tables: fix null deref due to zeroed list head epoll: autoremove wakers even more aggressively x86: Handle idle=nomwait cmdline properly for x86_idle arm64: Do not forget syscall when starting a new thread. arm64: fix oops in concurrently setting insn_emulation sysctls ext2: Add more validity checks for inode counts genirq: Don't return error on missing optional irq_request_resources() irqchip/mips-gic: Only register IPI domain when SMP is enabled genirq: GENERIC_IRQ_IPI depends on SMP irqchip/mips-gic: Check the return value of ioremap() in gic_of_init() wait: Fix __wait_event_hrtimeout for RT/DL tasks ARM: dts: imx6ul: add missing properties for sram ARM: dts: imx6ul: change operating-points to uint32-matrix ARM: dts: imx6ul: fix keypad compatible ARM: dts: imx6ul: fix csi node compatible ARM: dts: imx6ul: fix lcdif node compatible ARM: dts: imx6ul: fix qspi node compatible ARM: dts: BCM5301X: Add DT for Meraki MR26 spi: synquacer: Add missing clk_disable_unprepare() ARM: OMAP2+: display: Fix refcount leak bug ACPI: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks ACPI: EC: Drop the EC_FLAGS_IGNORE_DSDT_GPE quirk ACPI: PM: save NVS memory for Lenovo G40-45 ACPI: LPSS: Fix missing check in register_device_clock() arm64: dts: qcom: ipq8074: fix NAND node name arm64: dts: allwinner: a64: orangepi-win: Fix LED node name ARM: shmobile: rcar-gen2: Increase refcount for new reference firmware: tegra: Fix error check return value of debugfs_create_file() PM: hibernate: defer device probing when resuming from hibernation selinux: Add boundary check in put_entry() powerpc/64s: Disable stack variable initialisation for prom_init spi: spi-rspi: Fix PIO fallback on RZ platforms ARM: findbit: fix overflowing offset meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init arm64: dts: renesas: beacon: Fix regulator node names ARM: bcm: Fix refcount leak in bcm_kona_smc_init ACPI: processor/idle: Annotate more functions to live in cpuidle section ARM: dts: imx7d-colibri-emmc: add cpu1 supply Input: atmel_mxt_ts - fix up inverted RESET handler soc: renesas: r8a779a0-sysc: Fix A2DP1 and A2CV[2357] PDR values soc: amlogic: Fix refcount leak in meson-secure-pwrc.c arm64: dts: renesas: Fix thermal-sensors on single-zone sensors x86/pmem: Fix platform-device leak in error path ARM: dts: ast2500-evb: fix board compatible ARM: dts: ast2600-evb: fix board compatible hexagon: select ARCH_WANT_LD_ORPHAN_WARN arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1 locking/lockdep: Fix lockdep_init_map_*() confusion soc: fsl: guts: machine variable might be unset block: fix infinite loop for invalid zone append ARM: dts: qcom: mdm9615: add missing PMIC GPIO reg ARM: OMAP2+: Fix refcount leak in omapdss_init_of ARM: OMAP2+: Fix refcount leak in omap3xxx_prm_late_init cpufreq: zynq: Fix refcount leak in zynq_get_revision regulator: qcom_smd: Fix pm8916_pldo range ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP soc: qcom: ocmem: Fix refcount leak in of_get_ocmem soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register ARM: dts: qcom: pm8841: add required thermal-sensor-cells bus: hisi_lpc: fix missing platform_device_put() in hisi_lpc_acpi_probe() arm64: dts: mt7622: fix BPI-R64 WPS button arm64: tegra: Fix SDMMC1 CD on P2888 erofs: avoid consecutive detection for Highmem memory blk-mq: don't create hctx debugfs dir until q->debugfs_dir is created hwmon: (drivetemp) Add module alias block: remove the request_queue to argument request based tracepoints blktrace: Trace remapped requests correctly regulator: of: Fix refcount leak bug in of_get_regulation_constraints() soc: qcom: Make QCOM_RPMPD depend on PM arm64: dts: qcom: qcs404: Fix incorrect USB2 PHYs assignment drivers/perf: arm_spe: Fix consistency of SYS_PMSCR_EL1.CX nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() selftests/seccomp: Fix compile warning when CC=clang thermal/tools/tmon: Include pthread and time headers in tmon.h dm: return early from dm_pr_call() if DM device is suspended pwm: sifive: Don't check the return code of pwmchip_remove() pwm: sifive: Simplify offset calculation for PWMCMP registers pwm: sifive: Ensure the clk is enabled exactly once per running PWM pwm: sifive: Shut down hardware only after pwmchip_remove() completed pwm: lpc18xx-sct: Convert to devm_platform_ioremap_resource() drm/bridge: tc358767: Move (e)DP bridge endpoint parsing into dedicated function drm/bridge: tc358767: Make sure Refclk clock are enabled ath10k: do not enforce interrupt trigger type drm/st7735r: Fix module autoloading for Okaya RH128128T wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c() ath11k: fix netdev open race drm/mipi-dbi: align max_chunk to 2 in spi_transfer ath11k: Fix incorrect debug_mask mappings drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() drm/mediatek: Modify dsi funcs to atomic operations drm/mediatek: Separate poweron/poweroff from enable/disable and define new funcs drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function i2c: npcm: Remove own slave addresses 2:10 i2c: npcm: Correct slave role behavior virtio-gpu: fix a missing check to avoid NULL dereference drm: adv7511: override i2c address of cec before accessing it crypto: sun8i-ss - do not allocate memory when handling hash requests crypto: sun8i-ss - fix error codes in allocate_flows() net: fix sk_wmem_schedule() and sk_rmem_schedule() errors i2c: Fix a potential use after free crypto: sun8i-ss - fix infinite loop in sun8i_ss_setup_ivs() media: tw686x: Register the irq at the end of probe ath9k: fix use-after-free in ath9k_hif_usb_rx_cb wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() drm/radeon: fix incorrrect SPDX-License-Identifiers test_bpf: fix incorrect netdev features crypto: ccp - During shutdown, check SEV data pointer before using drm: bridge: adv7511: Add check for mipi_dsi_driver_register drm/mcde: Fix refcount leak in mcde_dsi_bind media: hdpvr: fix error value returns in hdpvr_read media: v4l2-mem2mem: prevent pollerr when last_buffer_dequeued is set media: tw686x: Fix memory leak in tw686x_video_init drm/vc4: plane: Remove subpixel positioning check drm/vc4: plane: Fix margin calculations for the right/bottom edges drm/vc4: dsi: Correct DSI divider calculations drm/vc4: dsi: Correct pixel order for DSI0 drm/vc4: drv: Remove the DSI pointer in vc4_drv drm/vc4: dsi: Use snprintf for the PHY clocks instead of an array drm/vc4: dsi: Introduce a variant structure drm/vc4: dsi: Register dsi0 as the correct vc4 encoder type drm/vc4: dsi: Fix dsi0 interrupt support drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable iteration drm/vc4: hdmi: Remove firmware logic for MAI threshold setting drm/vc4: hdmi: Avoid full hdmi audio fifo writes drm/vc4: hdmi: Don't access the connector state in reset if kmalloc fails drm/vc4: hdmi: Limit the BCM2711 to the max without scrambling drm/vc4: hdmi: Fix timings for interlaced modes drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE selftests/xsk: Destroy BPF resources only when ctx refcount drops to 0 drm/rockchip: vop: Don't crash for invalid duplicate_state() drm/rockchip: Fix an error handling path rockchip_dp_probe() drm/mediatek: dpi: Remove output format of YUV drm/mediatek: dpi: Only enable dpi after the bridge is enabled drm: bridge: sii8620: fix possible off-by-one lib: bitmap: order includes alphabetically lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc() hinic: Use the bitmap API when applicable net: hinic: fix bug that ethtool get wrong stats net: hinic: avoid kernel hung in hinic_get_stats64() drm/msm/mdp5: Fix global state lock backoff crypto: hisilicon/sec - fixes some coding style crypto: hisilicon/sec - don't sleep when in softirq crypto: hisilicon - Kunpeng916 crypto driver don't sleep when in softirq media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init() drm/exynos/exynos7_drm_decon: free resources when clk_set_parent() failed. tcp: make retransmitted SKB fit into the send window libbpf: Fix the name of a reused map selftests: timers: valid-adjtimex: build fix for newer toolchains selftests: timers: clocksource-switch: fix passing errors from child bpf: Fix subprog names in stack traces. fs: check FMODE_LSEEK to control internal pipe splicing wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() wifi: p54: Fix an error handling path in p54spi_probe() wifi: p54: add missing parentheses in p54_flush() selftests/bpf: fix a test for snprintf() overflow can: pch_can: do not report txerr and rxerr during bus-off can: rcar_can: do not report txerr and rxerr during bus-off can: sja1000: do not report txerr and rxerr during bus-off can: hi311x: do not report txerr and rxerr during bus-off can: sun4i_can: do not report txerr and rxerr during bus-off can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off can: usb_8dev: do not report txerr and rxerr during bus-off can: error: specify the values of data[5..7] of CAN error frames can: pch_can: pch_can_error(): initialize errc before using it Bluetooth: hci_intel: Add check for platform_driver_register i2c: cadence: Support PEC for SMBus block read i2c: mux-gpmux: Add of_node_put() when breaking out of loop wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue wifi: libertas: Fix possible refcount leak in if_usb_probe() media: cedrus: hevc: Add check for invalid timestamp net/mlx5e: Remove WARN_ON when trying to offload an unsupported TLS cipher/version net/mlx5e: Fix the value of MLX5E_MAX_RQ_NUM_MTTS crypto: hisilicon/hpre - don't use GFP_KERNEL to alloc mem during softirq crypto: inside-secure - Add missing MODULE_DEVICE_TABLE for of crypto: hisilicon/sec - fix auth key size error inet: add READ_ONCE(sk->sk_bound_dev_if) in INET_MATCH() tcp: sk->sk_bound_dev_if once in inet_request_bound_dev_if() ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() tcp: Fix data-races around sysctl_tcp_l3mdev_accept. net: allow unbound socket for packets in VRF when tcp_l3mdev_accept set iavf: Fix max_rate limiting netdevsim: Avoid allocation warnings triggered from user space net: rose: fix netdev reference changes net: ionic: fix error check for vlan flags in ionic_set_nic_features() dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock wireguard: ratelimiter: use hrtimer in selftest wireguard: allowedips: don't corrupt stack when detecting overflow clk: renesas: r9a06g032: Fix UART clkgrp bitsel mtd: maps: Fix refcount leak in of_flash_probe_versatile mtd: maps: Fix refcount leak in ap_flash_init mtd: rawnand: meson: Fix a potential double free issue PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep() HID: cp2112: prevent a buffer overflow in cp2112_xfer() mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release mtd: partitions: Fix refcount leak in parse_redboot_of mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path fpga: altera-pr-ip: fix unsigned comparison with less than zero usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe usb: gadget: tegra-xudc: Fix error check in tegra_xudc_powerdomain_init() usb: xhci: tegra: Fix error check netfilter: xtables: Bring SPDX identifier back iio: accel: bma400: Fix the scale min and max macro values platform/chrome: cros_ec: Always expose last resume result iio: accel: bma400: Reordering of header files clk: mediatek: reset: Fix written reset bit offset KVM: Don't set Accessed/Dirty bits for ZERO_PAGE mwifiex: Ignore BTCOEX events from the 88W8897 firmware mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv dmaengine: dw-edma: Fix eDMA Rd/Wr-channels and DMA-direction semantics misc: rtsx: Fix an error handling path in rtsx_pci_probe() driver core: fix potential deadlock in __driver_attach clk: qcom: clk-krait: unlock spin after mux completion usb: host: xhci: use snprintf() in xhci_decode_trb() clk: qcom: ipq8074: fix NSS core PLL-s clk: qcom: ipq8074: SW workaround for UBI32 PLL lock clk: qcom: ipq8074: fix NSS port frequency tables clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks clk: qcom: camcc-sdm845: Fix topology around titan_top power domain PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu() PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists soundwire: bus_type: fix remove and shutdown support KVM: arm64: Don't return from void function dmaengine: sf-pdma: apply proper spinlock flags in sf_pdma_prep_dma_memcpy() dmaengine: sf-pdma: Add multithread support for a DMA channel PCI: endpoint: Don't stop controller when unbinding endpoint function intel_th: Fix a resource leak in an error handling path intel_th: msu-sink: Potential dereference of null pointer intel_th: msu: Fix vmalloced buffers staging: rtl8192u: Fix sleep in atomic context bug in dm_fsync_timer_callback mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch memstick/ms_block: Fix some incorrect memory allocation memstick/ms_block: Fix a memory leak mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R mmc: block: Add single read for 4k sector cards KVM: s390: pv: leak the topmost page table when destroy fails PCI/portdrv: Don't disable AER reporting in get_port_device_capability() PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks scsi: smartpqi: Fix DMA direction for RAID requests xtensa: iss/network: provide release() callback xtensa: iss: fix handling error cases in iss_net_configure() usb: gadget: udc: amd5536 depends on HAS_DMA usb: aspeed-vhub: Fix refcount leak bug in ast_vhub_init_desc() usb: dwc3: core: Deprecate GCTL.CORESOFTRESET usb: dwc3: core: Do not perform GCTL_CORE_SOFTRESET during bootup usb: dwc3: qcom: fix missing optional irq warnings eeprom: idt_89hpesx: uninitialized data in idt_dbgfs_csr_write() interconnect: imx: fix max_node_id um: random: Don't initialise hwrng struct with zero RDMA/rtrs: Define MIN_CHUNK_SIZE RDMA/rtrs: Avoid Wtautological-constant-out-of-range-compare RDMA/rtrs-srv: Fix modinfo output for stringify RDMA/qedr: Improve error logs for rdma_alloc_tid error return RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() RDMA/hns: Fix incorrect clearing of interrupt status register RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event RDMA/hfi1: fix potential memory leak in setup_base_ctxt() gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() mmc: cavium-octeon: Add of_node_put() when breaking out of loop mmc: cavium-thunderx: Add of_node_put() when breaking out of loop HID: alps: Declare U1_UNICORN_LEGACY support PCI: tegra194: Fix Root Port interrupt handling PCI: tegra194: Fix link up retry sequence USB: serial: fix tty-port initialized comments usb: cdns3: change place of 'priv_ep' assignment in cdns3_gadget_ep_dequeue(), cdns3_gadget_ep_enable() platform/olpc: Fix uninitialized data in debugfs write RDMA/srpt: Duplicate port name members RDMA/srpt: Introduce a reference count in struct srpt_device RDMA/srpt: Fix a use-after-free mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region selftests: kvm: set rax before vmcall RDMA/mlx5: Add missing check for return value in get namespace flow RDMA/rxe: Fix error unwind in rxe_create_qp() null_blk: fix ida error handling in null_add_dev() nvme: use command_id instead of req->tag in trace_nvme_complete_rq() jbd2: fix outstanding credits assert in jbd2_journal_commit_transaction() ext4: recover csum seed of tmp_inode after migrating to extents jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted usb: cdns3: Don't use priv_dev uninitialized in cdns3_gadget_ep_enable() opp: Fix error check in dev_pm_opp_attach_genpd() ASoC: cros_ec_codec: Fix refcount leak in cros_ec_codec_platform_probe ASoC: samsung: Fix error handling in aries_audio_probe ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe ASoC: codecs: da7210: add check for i2c_add_driver ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe serial: 8250: Export ICR access helpers for internal use serial: 8250_dw: Store LSR into lsr_saved_flags in dw8250_tx_wait_empty() ASoC: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV ASoC: codecs: wcd9335: move gains from SX_TLV to S8_TLV rpmsg: mtk_rpmsg: Fix circular locking dependency remoteproc: k3-r5: Fix refcount leak in k3_r5_cluster_of_init selftests/livepatch: better synchronize test_klp_callbacks_busy profiling: fix shift too large makes kernel panic ASoC: samsung: h1940_uda1380: include proepr GPIO consumer header powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for PMI check in power_pmu_disable ASoC: samsung: change gpiod_speaker_power and rx1950_audio from global to static variables tty: n_gsm: Delete gsmtty open SABM frame when config requester tty: n_gsm: fix user open not possible at responder until initiator open tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() tty: n_gsm: fix non flow control frames during mux flow off tty: n_gsm: fix packet re-transmission without open control channel tty: n_gsm: fix race condition in gsmld_write() ASoC: qcom: Fix missing of_node_put() in asoc_qcom_lpass_cpu_platform_probe() remoteproc: qcom: wcnss: Fix handling of IRQs vfio: Remove extra put/gets around vfio_device->group vfio: Simplify the lifetime logic for vfio_device vfio: Split creation of a vfio_device into init and register ops vfio/mdev: Make to_mdev_device() into a static inline vfio/ccw: Do not change FSM state in subchannel event tty: n_gsm: fix wrong T1 retry count handling tty: n_gsm: fix DM command tty: n_gsm: fix missing corner cases in gsmld_poll() iommu/exynos: Handle failed IOMMU device registration properly rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge kfifo: fix kfifo_to_user() return type lib/smp_processor_id: fix imbalanced instrumentation_end() call remoteproc: sysmon: Wait for SSCTL service to come up mfd: t7l66xb: Drop platform disable callback mfd: max77620: Fix refcount leak in max77620_initialise_fps iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop perf tools: Fix dso_id inode generation comparison s390/dump: fix old lowcore virtual vs physical address confusion s390/zcore: fix race when reading from hardware system area ASoC: fsl_easrc: use snd_pcm_format_t type for sample_format ASoC: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() fuse: Remove the control interface for virtio-fs ASoC: audio-graph-card: Add of_node_put() in fail path watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in armada_37xx_wdt_probe() video: fbdev: amba-clcd: Fix refcount leak bugs video: fbdev: sis: fix typos in SiS_GetModeID() ASoC: mchp-spdifrx: disable end of block interrupt on failures powerpc/32: Do not allow selection of e5500 or e6500 CPUs on PPC32 powerpc/pci: Prefer PCI domain assignment via DT 'linux,pci-domain' and alias f2fs: don't set GC_FAILURE_PIN for background GC f2fs: write checkpoint during FG_GC f2fs: fix to remove F2FS_COMPR_FL and tag F2FS_NOCOMP_FL at the same time powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader powerpc/xive: Fix refcount leak in xive_get_max_prio powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address perf symbol: Fail to read phdr workaround kprobes: Forbid probing on trampoline and BPF code areas powerpc/pci: Fix PHB numbering when using opal-phbid genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO scripts/faddr2line: Fix vmlinux detection on arm64 sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed x86/numa: Use cpumask_available instead of hardcoded NULL check video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() tools/thermal: Fix possible path truncations sched: Fix the check of nr_running at queue wakelist x86/entry: Build thunk_$(BITS) only if CONFIG_PREEMPTION=y video: fbdev: vt8623fb: Check the size of screen before memset_io() video: fbdev: arkfb: Check the size of screen before memset_io() video: fbdev: s3fb: Check the size of screen before memset_io() scsi: zfcp: Fix missing auto port scan and thus missing target ports scsi: qla2xxx: Fix discovery issues in FC-AL topology scsi: qla2xxx: Turn off multi-queue for 8G adapters scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection scsi: qla2xxx: Fix losing FCP-2 targets on long port disable with I/Os scsi: qla2xxx: Fix losing FCP-2 targets during port perturbation tests x86/bugs: Enable STIBP for IBPB mitigated RETBleed ftrace/x86: Add back ftrace_expected assignment x86/olpc: fix 'logical not is only applied to the left hand side' posix-cpu-timers: Cleanup CPU timers before freeing them during exec Input: gscps2 - check return value of ioremap() in gscps2_probe() __follow_mount_rcu(): verify that mount_lock remains unchanged spmi: trace: fix stack-out-of-bound access in SPMI tracing functions drm/i915/dg1: Update DMC_DEBUG3 register drm/mediatek: Allow commands to be sent during video mode drm/mediatek: Keep dsi as LP00 before dcs cmds transfer HID: Ignore battery for Elan touchscreen on HP Spectre X360 15-df0xxx HID: hid-input: add Surface Go battery quirk drm/vc4: drv: Adopt the dma configuration from the HVS or V3D component mtd: rawnand: Add a helper to clarify the interface configuration mtd: rawnand: arasan: Check the proposed data interface is supported mtd: rawnand: Add NV-DDR timings mtd: rawnand: arasan: Fix a macro parameter mtd: rawnand: arasan: Support NV-DDR interface mtd: rawnand: arasan: Fix clock rate in NV-DDR usbnet: smsc95xx: Don't clear read-only PHY interrupt usbnet: smsc95xx: Avoid link settings race on interrupt reception firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails intel_th: pci: Add Meteor Lake-P support intel_th: pci: Add Raptor Lake-S PCH support intel_th: pci: Add Raptor Lake-S CPU support KVM: set_msr_mce: Permit guests to ignore single-bit ECC errors KVM: x86: Signal #GP, not -EPERM, on bad WRMSR(MCi_CTL/STATUS) iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) PCI/AER: Write AER Capability only when we control it PCI/ERR: Bind RCEC devices to the Root Port driver PCI/ERR: Rename reset_link() to reset_subordinates() PCI/ERR: Simplify by using pci_upstream_bridge() PCI/ERR: Simplify by computing pci_pcie_type() once PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() PCI/ERR: Avoid negated conditional for clarity PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() PCI/ERR: Recover from RCEC AER errors PCI/AER: Iterate over error counters instead of error strings serial: 8250: Dissociate 4MHz Titan ports from Oxford ports serial: 8250: Correct the clock for OxSemi PCIe devices serial: 8250_pci: Refactor the loop in pci_ite887x_init() serial: 8250_pci: Replace dev_*() by pci_*() macros serial: 8250: Fold EndRun device support into OxSemi Tornado code dm writecache: set a default MAX_WRITEBACK_JOBS kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification dm thin: fix use-after-free crash in dm_sm_register_threshold_callback timekeeping: contribute wall clock to rng on time change um: Allow PM with suspend-to-idle btrfs: reject log replay if there is unsupported RO compat flag btrfs: reset block group chunk force if we have to wait ACPI: CPPC: Do not prevent CPPC from working in the future KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() KVM: VMX: Drop explicit 'nested' check from vmx_set_cr4() KVM: SVM: Drop VMXE check from svm_set_cr4() KVM: x86: Move vendor CR4 validity check to dedicated kvm_x86_ops hook KVM: nVMX: Inject #UD if VMXON is attempted with incompatible CR0/CR4 KVM: x86/pmu: preserve IA32_PERF_CAPABILITIES across CPUID refresh KVM: x86/pmu: Use binary search to check filtered events KVM: x86/pmu: Use different raw event masks for AMD and Intel KVM: x86/pmu: Introduce the ctrl_mask value for fixed counter KVM: VMX: Mark all PERF_GLOBAL_(OVF)_CTRL bits reserved if there's no vPMU KVM: x86/pmu: Ignore pmu->global_ctrl check if vPMU doesn't support global_ctrl xen-blkback: fix persistent grants negotiation xen-blkback: Apply 'feature_persistent' parameter when connect xen-blkfront: Apply 'feature_persistent' parameter when connect KEYS: asymmetric: enforce SM2 signature use pkey algo tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH tracing: Use a struct alignof to determine trace event field alignment ext4: check if directory block is within i_size ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h ext4: fix warning in ext4_iomap_begin as race between bmap and write ext4: make sure ext4_append() always allocates new block ext4: fix use-after-free in ext4_xattr_set_entry ext4: update s_overhead_clusters in the superblock during an on-line resize ext4: fix extent status tree race in writeback error recovery path ext4: correct max_inline_xattr_value_size computing ext4: correct the misjudgment in ext4_iget_extra_inode dm raid: fix address sanitizer warning in raid_resume dm raid: fix address sanitizer warning in raid_status net_sched: cls_route: remove from list when handle is 0 KVM: Add infrastructure and macro to mark VM as bugged KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() mac80211: fix a memory leak where sta_info is not freed tcp: fix over estimation in sk_forced_mem_schedule() Revert "mwifiex: fix sleep in atomic context bugs caused by dev_coredumpv" drm/bridge: tc358767: Fix (e)DP bridge endpoint parsing in dedicated function drm/vc4: change vc4_dma_range_matches from a global to static Revert "net: usb: ax88179_178a needs FLAG_SEND_ZLP" Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression mtd: rawnand: arasan: Prevent an unsupported configuration kvm: x86/pmu: Fix the compare function used by the pmu event filter tee: add overflow check in register_shm_helper() net/9p: Initialize the iounit field during fid creation net_sched: cls_route: disallow handle of 0 sched/fair: Fix fault in reweight_entity btrfs: only write the sectors in the vertical stripe which has data stripes btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() Linux 5.10.137 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I5775ddfad6460c5a737b1ad3f8e0b8f798338786 |
||
xiaofeng
|
dec2f52d08 |
ANDROID: vendor_hooks:vendor hook for __alloc_pages_slowpath.
add vendor hook in __alloc_pages_slowpath ahead of __alloc_pages_direct_reclaim and warn_alloc. Bug: 243629905 Change-Id: Ieacc6cf79823c0bfacfdeec9afb55ed66f40d0b0 Signed-off-by: xiaofeng <xiaofeng5@xiaomi.com> (cherry picked from commit 0312e9cd22b100a088ff64ab36b2db2eb9f28b7c) |
||
|
Greg Kroah-Hartman
|
7b0822a261 |
Revert "ANDROID: vendor_hooks: tune reclaim scan type for specified mem_cgroup"
This reverts commit
|
||
|
Suren Baghdasaryan
|
425c0f18ed |
ANDROID: Fix a build warning inside early_memblock_nomap
Fix a warning caused by ignoring the return value of kstrtobool:
mm/memblock.c: In function 'early_memblock_nomap':
>> mm/memblock.c:1910:9: warning: ignoring return value of 'kstrtobool' declared with attribute 'warn_unused_result' [-Wunused-result]
1910 | kstrtobool(str, &memblock_nomap_remove);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
|
||
Patrick Daly
|
84a0d243b6 |
ANDROID: mm/memory_hotplug: Fix error path handling
Correct a resource leak if arch_add_memory() returns failure.
Bug: 243477359
Change-Id: I1dce82a18c2242d7b6fd9fb1fe3a8b2ba67853de
Fixes:
|
||
|
Greg Kroah-Hartman
|
98e5fb34d1 |
Revert "ANDROID: add for tuning readahead size"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
a634d58881 |
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
Sync up with android12-5.10 for the following commits: |
||
|
Peifeng Li
|
9ecb2fcca3 |
ANDROID: avoid huge-page not to clear trylock-bit after shrink_page_list.
Clearing trylock-bit of page shrinked by shrnk_page_list in advance
which avoids huge-page not to clear trylock-bit after shrink_page_list.
Fixes:
|
||
Vijayanand Jitta
|
3c2f107ad2 |
ANDROID: mm: memblock: avoid to create memmap for memblock nomap regions
This 'commit 86588296acbf ("fdt: Properly handle "no-map" field in the
memory region")' is keeping the no-map regions in memblock.memory with
MEMBLOCK_NOMAP flag set to use no-map memory for EFI using memblock
api's, but during the initialization sparse_init mark all memblock.memory
as present using for_each_mem_pfn_range, which is creating the memmap for
no-map memblock regions.
Upstream has suggested to make use of bootloader to pass this as not a
memory,but because of possibility that some bootloaders might not support
this and also due to time constraints in evaluating this approach on 5.10,
Use command line parameter as a temporary solution. Get in the appropriate
solution later after further discussion with upstream.
Add kernel param "android12_only.will_be_removed_soon.memblock_nomap_remove"
which when enabled will remove page structs for these regions using memblock_remove.
With this change we will be able to save ~11MB memory for ~612MB carve out.
android12_only.will_be_removed_soon.memblock_nomap_remove=true:
[ 0.000000] memblock_alloc_exact_nid_raw: 115343360 bytes
align=0x200000 nid=0 from=0x0000000080000000 max_addr=0x0000000000000000
sparse_buffer_init+0x60/0x8c
[ 0.000000] memblock_reserve: [0x0000000932c00000-0x00000009399fffff]
memblock_alloc_range_nid+0xbc/0x1a0
[ 0.000000] On node 0 totalpages: 1627824
[ 0.000000] DMA32 zone: 5383 pages used for memmap
[ 0.000000] Normal zone: 20052 pages used for memmap
Default or android12_only.will_be_removed_soon.memblock_nomap_remove=false:
[ 0.000000] memblock_alloc_exact_nid_raw: 117440512 bytes
align=0x200000 nid=0 from=0x0000000080000000 max_addr=0x0000000000000000
sparse_buffer_init+0x60/0x8c
[ 0.000000] memblock_reserve: [0x0000000932a00000-0x00000009399fffff]
memblock_alloc_range_nid+0xbc/0x1a0
[ 0.000000] On node 0 totalpages: 1788416
[ 0.000000] DMA32 zone: 8192 pages used for memmap
[ 0.000000] Normal zone: 20052 pages used for memmap.
Change-Id: I34a7d46f02a6df7c769af3e53e44e49d6fc515af
Bug: 227974747
Link: https://lore.kernel.org/all/20210115172949.GA1495225@robh.at.kernel.org
Signed-off-by: Faiyaz Mohammed <quic_faiyazm@quicinc.com>
Signed-off-by: Vijayanand Jitta <quic_vjitta@quicinc.com>
|
||
|
Miaohe Lin
|
4ffa6cecb5 |
mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region
[ Upstream commit 7f82f922319ede486540e8746769865b9508d2c2 ] Since the beginning, charged is set to 0 to avoid calling vm_unacct_memory twice because vm_unacct_memory will be called by above unmap_region. But since commit |
||
Aneesh Kumar K.V
|
2613baa3ab |
mm/mremap: hold the rmap lock in write mode when moving page table entries.
commit 97113eb39fa7972722ff490b947d8af023e1f6a2 upstream. To avoid a race between rmap walk and mremap, mremap does take_rmap_locks(). The lock was taken to ensure that rmap walk don't miss a page table entry due to PTE moves via move_pagetables(). The kernel does further optimization of this lock such that if we are going to find the newly added vma after the old vma, the rmap lock is not taken. This is because rmap walk would find the vmas in the same order and if we don't find the page table attached to older vma we would find it with the new vma which we would iterate later. As explained in commit |
||
Dave Chinner
|
f5f3e54f81 |
mm: Add kvrealloc()
commit de2860f4636256836450c6543be744a50118fc66 upstream.
During log recovery of an XFS filesystem with 64kB directory
buffers, rebuilding a buffer split across two log records results
in a memory allocation warning from krealloc like this:
xfs filesystem being mounted at /mnt/scratch supports timestamps until 2038 (0x7fffffff)
XFS (dm-0): Unmounting Filesystem
XFS (dm-0): Mounting V5 Filesystem
XFS (dm-0): Starting recovery (logdev: internal)
------------[ cut here ]------------
WARNING: CPU: 5 PID: 3435170 at mm/page_alloc.c:3539 get_page_from_freelist+0xdee/0xe40
.....
RIP: 0010:get_page_from_freelist+0xdee/0xe40
Call Trace:
? complete+0x3f/0x50
__alloc_pages+0x16f/0x300
alloc_pages+0x87/0x110
kmalloc_order+0x2c/0x90
kmalloc_order_trace+0x1d/0x90
__kmalloc_track_caller+0x215/0x270
? xlog_recover_add_to_cont_trans+0x63/0x1f0
krealloc+0x54/0xb0
xlog_recover_add_to_cont_trans+0x63/0x1f0
xlog_recovery_process_trans+0xc1/0xd0
xlog_recover_process_ophdr+0x86/0x130
xlog_recover_process_data+0x9f/0x160
xlog_recover_process+0xa2/0x120
xlog_do_recovery_pass+0x40b/0x7d0
? __irq_work_queue_local+0x4f/0x60
? irq_work_queue+0x3a/0x50
xlog_do_log_recovery+0x70/0x150
xlog_do_recover+0x38/0x1d0
xlog_recover+0xd8/0x170
xfs_log_mount+0x181/0x300
xfs_mountfs+0x4a1/0x9b0
xfs_fs_fill_super+0x3c0/0x7b0
get_tree_bdev+0x171/0x270
? suffix_kstrtoint.constprop.0+0xf0/0xf0
xfs_fs_get_tree+0x15/0x20
vfs_get_tree+0x24/0xc0
path_mount+0x2f5/0xaf0
__x64_sys_mount+0x108/0x140
do_syscall_64+0x3a/0x70
entry_SYSCALL_64_after_hwframe+0x44/0xae
Essentially, we are taking a multi-order allocation from kmem_alloc()
(which has an open coded no fail, no warn loop) and then
reallocating it out to 64kB using krealloc(__GFP_NOFAIL) and that is
then triggering the above warning.
This is a regression caused by converting this code from an open
coded no fail/no warn reallocation loop to using __GFP_NOFAIL.
What we actually need here is kvrealloc(), so that if contiguous
page allocation fails we fall back to vmalloc() and we don't
get nasty warnings happening in XFS.
Fixes:
|
||
|
Bing Han
|
a47fb6a9ae |
ANDROID: vendor_hook: Add hook in __free_pages()
This reverts commit
|
||
|
Bing Han
|
6c56a05b87 |
ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct
This reverts commit:
|
||
|
Bing Han
|
7449d8120a |
ANDROID: vendor_hook: Add hook in si_swapinfo()
This reverts commit
|
||
|
Greg Kroah-Hartman
|
86be1a3d9f |
Revert "ANDROID: vendor_hook: Add hook in si_swapinfo()"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
d0590b99c9 |
Revert "ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
eb99e6d80e |
Revert "ANDROID: vendor_hook: Add hook in __free_pages()"
This reverts commit
|
||
|
Greg Kroah-Hartman
|
ee965fe12d |
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
Sync up with android12-5.10 for the following commits: |
||
|
Peifeng Li
|
fb39cdb9ea |
ANDROID: export reclaim_pages
export reclaim_pages to support to reclaim pages in drivers-page-list. Bug: 240003372 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: If92ed66ec9ce9dd66565497e6774d89911652429 |
||
|
Peifeng Li
|
1f8f6d59a2 |
ANDROID: vendor_hook: Add hook to not be stuck ro rmap lock in kswapd or direct_reclaim
Add hooks to support trylock in rmaplock when reclaiming in kswapd or direct_reclaim, in order to avoid wait lock for a long time. - android_vh_handle_failed_page_trylock - android_vh_page_trylock_set - android_vh_page_trylock_clear - android_vh_page_trylock_get_result - android_vh_do_page_trylock Bug: 240003372 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: I0f605b35ae41f15b3ca7bc72cd5f003175c318a5 |
||
|
Greg Kroah-Hartman
|
30abcdabf2 |
This is the 5.10.135 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLqR1oACgkQONu9yGCS aT7c0g//U5W0ZFtGtu8Q3LNObmdz1G+JIKveIPIWcBOSK0j6YVL7QgtiUw+wRtyH 53h9Bjopb6aU96ezutOxvmbcbjt7TcbSsDia7j1g3T8lkZHRxog0ym/vKPMxLdzC /LnHzHQu3a0pMiRXVTe3glQEAyZs4QsIlEc+lOIKGPkfFUbtt5s+hxjqDnKyewll jhreE+sIZuJ/z/vQDxJZwIzBAMpmSuSUv7pGOoG8zGkN69at7rzhgodhb1PDHCas o9QmvhUn3XF+QH/ish1slZhRTvpX7/VUEccvrqcw8wjzr1xfmz4v8LYC8fLtJltw 4fVfDjEDq7LZGKlEOQRuzh9IASHn6L+BuYOFevDFy+ud+2xno1DlPhFPRgaE37I3 iRABrNTFET16ow77/SJG6e6n29bSwrS8qKIUI0kBZn3W6Bdv/w5mbpuPiX9AZ7Jq A5eJO6pl+4xE6Ulv94Tdgb5Qnqq5lPKVAFnQC7eCMi8lr0+TrN5s3tWrRrNXBGqh +zC0eiYREA78BnB2PR9QVieilK6D2d9PP7C1n9VqWqHsE7tR3gq3omUu+cym/HGu T1Nv80YPtlj+1PmjCxcKVZbf0FD1hzkjI+h0SX8QqxcHWfzc86UDMK10VVXkPA70 9LGojHibU07tEdvIe0FMgWUbuHCvXDWtJjS2zvNd0V4KZ1sIBJU= =lCsB -----END PGP SIGNATURE----- Merge 5.10.135 into android12-5.10-lts Changes in 5.10.135 Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put Revert "ocfs2: mount shared volume without ha stack" ntfs: fix use-after-free in ntfs_ucsncmp() s390/archrandom: prevent CPACF trng invocations in interrupt context nouveau/svm: Fix to migrate all requested pages watch_queue: Fix missing rcu annotation watch_queue: Fix missing locking in add_watch_to_object() tcp: Fix data-races around sysctl_tcp_dsack. tcp: Fix a data-race around sysctl_tcp_app_win. tcp: Fix a data-race around sysctl_tcp_adv_win_scale. tcp: Fix a data-race around sysctl_tcp_frto. tcp: Fix a data-race around sysctl_tcp_nometrics_save. tcp: Fix data-races around sysctl_tcp_no_ssthresh_metrics_save. ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) ice: do not setup vlan for loopback VSI scsi: ufs: host: Hold reference returned by of_parse_phandle() Revert "tcp: change pingpong threshold to 3" tcp: Fix data-races around sysctl_tcp_moderate_rcvbuf. tcp: Fix a data-race around sysctl_tcp_limit_output_bytes. tcp: Fix a data-race around sysctl_tcp_challenge_ack_limit. net: ping6: Fix memleak in ipv6_renew_options(). ipv6/addrconf: fix a null-ptr-deref bug for ip6_ptr net/tls: Remove the context from the list in tls_device_down igmp: Fix data-races around sysctl_igmp_qrv. net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() tcp: Fix a data-race around sysctl_tcp_min_tso_segs. tcp: Fix a data-race around sysctl_tcp_min_rtt_wlen. tcp: Fix a data-race around sysctl_tcp_autocorking. tcp: Fix a data-race around sysctl_tcp_invalid_ratelimit. Documentation: fix sctp_wmem in ip-sysctl.rst macsec: fix NULL deref in macsec_add_rxsa macsec: fix error message in macsec_add_rxsa and _txsa macsec: limit replay window size with XPN macsec: always read MACSEC_SA_ATTR_PN as a u64 net: macsec: fix potential resource leak in macsec_add_rxsa() and macsec_add_txsa() tcp: Fix a data-race around sysctl_tcp_comp_sack_delay_ns. tcp: Fix a data-race around sysctl_tcp_comp_sack_slack_ns. tcp: Fix a data-race around sysctl_tcp_comp_sack_nr. tcp: Fix data-races around sysctl_tcp_reflect_tos. i40e: Fix interface init with MSI interrupts (no MSI-X) sctp: fix sleep in atomic context bug in timer handlers netfilter: nf_queue: do not allow packet truncation below transport header offset virtio-net: fix the race between refill work and close perf symbol: Correct address for bss symbols sfc: disable softirqs for ptp TX sctp: leave the err path free in sctp_stream_init to sctp_stream_free ARM: crypto: comment out gcc warning that breaks clang builds page_alloc: fix invalid watermark check on a negative value mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. ARM: 9216/1: Fix MAX_DMA_ADDRESS overflow EDAC/ghes: Set the DIMM label unconditionally docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed xfs: refactor xfs_file_fsync xfs: xfs_log_force_lsn isn't passed a LSN xfs: prevent UAF in xfs_log_item_in_current_chkpt xfs: fix log intent recovery ENOSPC shutdowns when inactivating inodes xfs: force the log offline when log intent item recovery fails xfs: hold buffer across unpin and potential shutdown processing xfs: remove dead stale buf unpin handling code xfs: logging the on disk inode LSN can make it go backwards xfs: Enforce attr3 buffer recovery order x86/bugs: Do not enable IBPB at firmware entry when IBPB is not available bpf: Consolidate shared test timing code bpf: Add PROG_TEST_RUN support for sk_lookup programs selftests: bpf: Don't run sk_lookup in verifier tests Linux 5.10.135 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3bcd5c460b652174673d9911710b1904f338d8d8 |
||
|
Peifeng Li
|
2b377175a3 |
ANDROID: add two func in mm/memcontrol.c
- page_to_lruvec: get lruvec from page and pgdat. - do_traversal_all_lruvec: traversal all lruvec and do hookss. Bug: 236578020 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: I3d4f5159faaca1ee71ffa65f2fc1341f51da637c |
||
|
Peifeng Li
|
e56f8712cf |
ANDROID: vendor_hooks: protect multi-mapcount pages in kernel
Support two hooks as follows to protect multi-mapcount pages in kernel: - trace_android_vh_page_should_be_protect - trace_android_vh_mapped_page_try_sorthead Bug: 236578020 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: I688aceabf17d9de2feac7c3ad7144d307de6ef29 |
||
|
Peifeng Li
|
3f775b9367 |
ANDROID: vendor_hooks: account page-mapcount
Support five hooks as follows to account the amount of multi-mapped pages in kernel: - android_vh_show_mapcount_pages - android_vh_do_traversal_lruvec - android_vh_update_page_mapcount - android_vh_add_page_to_lrulist - android_vh_del_page_from_lrulist Bug: 236578020 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: Ia2c7015aab442be7dbb496b8b630b9dff59ab935 |
||
|
Greg Kroah-Hartman
|
f6ce9a9115 |
This is the 5.10.134 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLj+okACgkQONu9yGCS aT7ULhAA2D1qxAvJsuhLK3HAG3ii4jKb+lPZO4Gx7MGbt6H0ktsHKcAppVCMOiQ/ zr8z695+GjO9RcFqiVVEYVkXGuBSwEI34MWYkHk6+567Y47d9HX09tehvGmwSYB/ 2eFkhL7Am6XXY8fK1p5L3iFQ4pn2O1LT90oC6IX2PbgPBh9SqA/cL2RoFjrtLKYI s+ok/P6qiDz/7jn1V3AzvESs9n0h7fviGYwpe+jEcXRr+7Glu8A23n7goOpCn5k1 NydT0S69fiVb14NhzDGhgSMp/Ft4u8pb12n2UWrR6pueE/Ea7VbC/AOhh2CYCOpJ VpjZlFQDSJhTNmlAEiFADmejzyfjRyFaaQkq52odOV9YljbX9u4XCI9w42E3kgfi ClEJNGNSRWc35LR69sAV2TzKmAQX8DcYCyvkk8uFpOkoEr9ANbqOn5rXgGk3jllT RoFcOmXvN4t+mYebvxjtOvC56OOopUte6a/hGzLoOvf1Uy36CaRQ4izURZpOAKAT lMN8P/s/NQxE9g3Aq4ABydCxPaLnJkIobfFqoc8wFVnopmUd4+wspklwWeo+MGps oZ2nt5BLlweQ7Yr1wif+Sff5q3jkR9ppUxMYiwRHUW9fTy3QL7uMJqs3qa5s6wLH AQJXuKjuA7mpbmE8csBPUGP+LL2d/RalLKjzqpwNcSJ0IPk6lW8= =9KOJ -----END PGP SIGNATURE----- Merge 5.10.134 into android12-5.10-lts Changes in 5.10.134 pinctrl: stm32: fix optional IRQ support to gpios riscv: add as-options for modules with assembly compontents mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication lockdown: Fix kexec lockdown bypass with ima policy io_uring: Use original task for req identity in io_identity_cow() xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE docs: net: explain struct net_device lifetime net: make free_netdev() more lenient with unregistering devices net: make sure devices go through netdev_wait_all_refs net: move net_set_todo inside rollback_registered() net: inline rollback_registered() net: move rollback_registered_many() net: inline rollback_registered_many() Revert "m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch" PCI: hv: Fix multi-MSI to allow more than one MSI vector PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() PCI: hv: Fix interrupt mapping for multi-MSI serial: mvebu-uart: correctly report configured baudrate value xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe pinctrl: ralink: Check for null return of devm_kcalloc perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() drm/amdgpu/display: add quirk handling for stutter mode igc: Reinstate IGC_REMOVED logic and implement it properly ip: Fix data-races around sysctl_ip_no_pmtu_disc. ip: Fix data-races around sysctl_ip_fwd_use_pmtu. ip: Fix data-races around sysctl_ip_fwd_update_priority. ip: Fix data-races around sysctl_ip_nonlocal_bind. ip: Fix a data-race around sysctl_ip_autobind_reuse. ip: Fix a data-race around sysctl_fwmark_reflect. tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept. tcp: Fix data-races around sysctl_tcp_mtu_probing. tcp: Fix data-races around sysctl_tcp_base_mss. tcp: Fix data-races around sysctl_tcp_min_snd_mss. tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor. tcp: Fix a data-race around sysctl_tcp_probe_threshold. tcp: Fix a data-race around sysctl_tcp_probe_interval. net: stmmac: fix unbalanced ptp clock issue in suspend/resume flow i2c: cadence: Change large transfer count reset logic to be unconditional net: stmmac: fix dma queue left shift overflow issue net/tls: Fix race in TLS device down flow igmp: Fix data-races around sysctl_igmp_llm_reports. igmp: Fix a data-race around sysctl_igmp_max_memberships. igmp: Fix data-races around sysctl_igmp_max_msf. tcp: Fix data-races around keepalive sysctl knobs. tcp: Fix data-races around sysctl_tcp_syncookies. tcp: Fix data-races around sysctl_tcp_reordering. tcp: Fix data-races around some timeout sysctl knobs. tcp: Fix a data-race around sysctl_tcp_notsent_lowat. tcp: Fix a data-race around sysctl_tcp_tw_reuse. tcp: Fix data-races around sysctl_max_syn_backlog. tcp: Fix data-races around sysctl_tcp_fastopen. tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout. iavf: Fix handling of dummy receive descriptors i40e: Fix erroneous adapter reinitialization during recovery process ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero gpio: pca953x: only use single read/write for No AI mode gpio: pca953x: use the correct range when do regmap sync gpio: pca953x: use the correct register address when regcache sync during init be2net: Fix buffer overflow in be_get_module_eeprom drm/imx/dcss: Add missing of_node_put() in fail path ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh. ip: Fix data-races around sysctl_ip_prot_sock. udp: Fix a data-race around sysctl_udp_l3mdev_accept. tcp: Fix data-races around sysctl knobs related to SYN option. tcp: Fix a data-race around sysctl_tcp_early_retrans. tcp: Fix data-races around sysctl_tcp_recovery. tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts. tcp: Fix data-races around sysctl_tcp_slow_start_after_idle. tcp: Fix a data-race around sysctl_tcp_retrans_collapse. tcp: Fix a data-race around sysctl_tcp_stdurg. tcp: Fix a data-race around sysctl_tcp_rfc1337. tcp: Fix data-races around sysctl_tcp_max_reordering. spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers KVM: Don't null dereference ops->destroy mm/mempolicy: fix uninit-value in mpol_rebind_policy() bpf: Make sure mac_header was set before using it sched/deadline: Fix BUG_ON condition for deboosted tasks x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts dlm: fix pending remove if msg allocation fails drm/imx/dcss: fix unused but set variable warnings bitfield.h: Fix "type of reg too small for mask" test ALSA: memalloc: Align buffer allocations in page size Bluetooth: Add bt_skb_sendmsg helper Bluetooth: Add bt_skb_sendmmsg helper Bluetooth: SCO: Replace use of memcpy_from_msg with bt_skb_sendmsg Bluetooth: RFCOMM: Replace use of memcpy_from_msg with bt_skb_sendmmsg Bluetooth: Fix passing NULL to PTR_ERR Bluetooth: SCO: Fix sco_send_frame returning skb->len Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks x86/amd: Use IBPB for firmware calls x86/alternative: Report missing return thunk details watchqueue: make sure to serialize 'wqueue->defunct' properly tty: drivers/tty/, stop using tty_schedule_flip() tty: the rest, stop using tty_schedule_flip() tty: drop tty_schedule_flip() tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() net: usb: ax88179_178a needs FLAG_SEND_ZLP watch-queue: remove spurious double semicolon Linux 5.10.134 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I55defdcdd6658e3ec9a3684b7e8cdfe114772a19 |
||
Jaewon Kim
|
2670f76a56 |
page_alloc: fix invalid watermark check on a negative value
commit 9282012fc0aa248b77a69f5eb802b67c5a16bb13 upstream. There was a report that a task is waiting at the throttle_direct_reclaim. The pgscan_direct_throttle in vmstat was increasing. This is a bug where zone_watermark_fast returns true even when the free is very low. The commit |
||
|
Peifeng Li
|
6532784c78 |
ANDROID: vendor_hooks: add hooks for remove_vm_area.
Provide a vendor hook to remove additional fields when remove_vm_area for slab/vmalloc memory leak debugging. Bug: 240869642 Signed-off-by: Peifeng Li <lipeifeng@oppo.com> Change-Id: Iafecd7c6e75cdc2df0e77ae105283590d8852f74 |
||
Wang Cheng
|
ddb3f0b688 |
mm/mempolicy: fix uninit-value in mpol_rebind_policy()
commit 018160ad314d75b1409129b2247b614a9f35894c upstream. mpol_set_nodemask()(mm/mempolicy.c) does not set up nodemask when pol->mode is MPOL_LOCAL. Check pol->mode before access pol->w.cpuset_mems_allowed in mpol_rebind_policy()(mm/mempolicy.c). BUG: KMSAN: uninit-value in mpol_rebind_policy mm/mempolicy.c:352 [inline] BUG: KMSAN: uninit-value in mpol_rebind_task+0x2ac/0x2c0 mm/mempolicy.c:368 mpol_rebind_policy mm/mempolicy.c:352 [inline] mpol_rebind_task+0x2ac/0x2c0 mm/mempolicy.c:368 cpuset_change_task_nodemask kernel/cgroup/cpuset.c:1711 [inline] cpuset_attach+0x787/0x15e0 kernel/cgroup/cpuset.c:2278 cgroup_migrate_execute+0x1023/0x1d20 kernel/cgroup/cgroup.c:2515 cgroup_migrate kernel/cgroup/cgroup.c:2771 [inline] cgroup_attach_task+0x540/0x8b0 kernel/cgroup/cgroup.c:2804 __cgroup1_procs_write+0x5cc/0x7a0 kernel/cgroup/cgroup-v1.c:520 cgroup1_tasks_write+0x94/0xb0 kernel/cgroup/cgroup-v1.c:539 cgroup_file_write+0x4c2/0x9e0 kernel/cgroup/cgroup.c:3852 kernfs_fop_write_iter+0x66a/0x9f0 fs/kernfs/file.c:296 call_write_iter include/linux/fs.h:2162 [inline] new_sync_write fs/read_write.c:503 [inline] vfs_write+0x1318/0x2030 fs/read_write.c:590 ksys_write+0x28b/0x510 fs/read_write.c:643 __do_sys_write fs/read_write.c:655 [inline] __se_sys_write fs/read_write.c:652 [inline] __x64_sys_write+0xdb/0x120 fs/read_write.c:652 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae Uninit was created at: slab_post_alloc_hook mm/slab.h:524 [inline] slab_alloc_node mm/slub.c:3251 [inline] slab_alloc mm/slub.c:3259 [inline] kmem_cache_alloc+0x902/0x11c0 mm/slub.c:3264 mpol_new mm/mempolicy.c:293 [inline] do_set_mempolicy+0x421/0xb70 mm/mempolicy.c:853 kernel_set_mempolicy mm/mempolicy.c:1504 [inline] __do_sys_set_mempolicy mm/mempolicy.c:1510 [inline] __se_sys_set_mempolicy+0x44c/0xb60 mm/mempolicy.c:1507 __x64_sys_set_mempolicy+0xd8/0x110 mm/mempolicy.c:1507 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82 entry_SYSCALL_64_after_hwframe+0x44/0xae KMSAN: uninit-value in mpol_rebind_task (2) https://syzkaller.appspot.com/bug?id=d6eb90f952c2a5de9ea718a1b873c55cb13b59dc This patch seems to fix below bug too. KMSAN: uninit-value in mpol_rebind_mm (2) https://syzkaller.appspot.com/bug?id=f2fecd0d7013f54ec4162f60743a2b28df40926b The uninit-value is pol->w.cpuset_mems_allowed in mpol_rebind_policy(). When syzkaller reproducer runs to the beginning of mpol_new(), mpol_new() mm/mempolicy.c do_mbind() mm/mempolicy.c kernel_mbind() mm/mempolicy.c `mode` is 1(MPOL_PREFERRED), nodes_empty(*nodes) is `true` and `flags` is 0. Then mode = MPOL_LOCAL; ... policy->mode = mode; policy->flags = flags; will be executed. So in mpol_set_nodemask(), mpol_set_nodemask() mm/mempolicy.c do_mbind() kernel_mbind() pol->mode is 4 (MPOL_LOCAL), that `nodemask` in `pol` is not initialized, which will be accessed in mpol_rebind_policy(). Link: https://lkml.kernel.org/r/20220512123428.fq3wofedp6oiotd4@ppc.localdomain Signed-off-by: Wang Cheng <wanngchenng@gmail.com> Reported-by: <syzbot+217f792c92599518a2ab@syzkaller.appspotmail.com> Tested-by: <syzbot+217f792c92599518a2ab@syzkaller.appspotmail.com> Cc: David Rientjes <rientjes@google.com> Cc: Vlastimil Babka <vbabka@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
0c724b692d |
This is the 5.10.132 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLZpvwACgkQONu9yGCS
aT43nBAAhxJzkIcRI/641//eBLQrmbeNsS4TerYlpPIJAXwfXlF6KX6Ixl0rYcp/
GUid3QlXyDG4TTUB519M1FpaknDGq5vUCzNik82AogzMFLf/KWP6urx4FSeZCt1D
xAdYQHHWKFiyNUlqjT22dPM3/QR1D0BtUKE6QLUdWWhyc1W+gvYx1m10GG6O1z55
eljZScRYvaacvVZ4LiN0ClU9J0n16SqfTg8/jEASr+3yqe4ZKdzFdngGlJrWUCZa
SrR5ijscqoIQ5yTSA5DUZ/N4aAeTgSSXcMfXeZh1CoD4Ak87e2kwBHZAUWQWJrEe
0nfILwU0okZmEOKtwCtYz0iwfFEfB/wKwrZjJ0jV03dL3Ncm7ddj2bQDk0+fLDYZ
AEjflhLZfusQEprM+jr0Qx9UlJo1TA4KssRn1A+cfocKvhfTrVneWO5LcR1Jf6Gq
9z7lgh8iRs4ncEfqh2cCRcSpIJLlPOmACmtA4eD2tk7heGRhfBpL9Hv2KBCHss5o
iMaqRsvVXFZn2KCxZFOR4l0cQvkKkxHWBjiVxrYTV5SrELJ4d2DBc7r93a5vM7W/
tKKGi0IG+0V7fgHvKrRDVZnYWV05NEbit0xd0lgY5YZsOuJIVy024YayuWDFxT5S
xulwcoSzAQiWnhqtrsD9eqWotA1E8i9wCuWHEAPMRmnzTBdENTA=
=cxaP
-----END PGP SIGNATURE-----
Merge 5.10.132 into android12-5.10-lts
Changes in 5.10.132
ALSA: hda - Add fixup for Dell Latitidue E5430
ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
ALSA: hda/realtek: Fix headset mic for Acer SF313-51
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
fix race between exit_itimers() and /proc/pid/timers
mm: split huge PUD on wp_huge_pud fallback
tracing/histograms: Fix memory leak problem
net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale pointer
ip: fix dflt addr selection for connected nexthop
ARM: 9213/1: Print message about disabled Spectre workarounds only once
ARM: 9214/1: alignment: advance IT state after emulating Thumb instruction
wifi: mac80211: fix queue selection for mesh/OCB interfaces
cgroup: Use separate src/dst nodes when preloading css_sets for migration
btrfs: return -EAGAIN for NOWAIT dio reads/writes on compressed and inline extents
drm/panfrost: Put mapping instead of shmem obj on panfrost_mmu_map_fault_addr() error
drm/panfrost: Fix shrinker list corruption by madvise IOCTL
fs/remap: constrain dedupe of EOF blocks
nilfs2: fix incorrect masking of permission flags for symlinks
sh: convert nommu io{re,un}map() to static inline functions
Revert "evm: Fix memleak in init_desc"
ext4: fix race condition between ext4_write and ext4_convert_inline_data
ARM: dts: imx6qdl-ts7970: Fix ngpio typo and count
spi: amd: Limit max transfer and message size
ARM: 9209/1: Spectre-BHB: avoid pr_info() every time a CPU comes out of idle
ARM: 9210/1: Mark the FDT_FIXED sections as shareable
net/mlx5e: kTLS, Fix build time constant test in TX
net/mlx5e: kTLS, Fix build time constant test in RX
net/mlx5e: Fix capability check for updating vnic env counters
drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
ima: Fix a potential integer overflow in ima_appraise_measurement
ASoC: sgtl5000: Fix noise on shutdown/remove
ASoC: tas2764: Add post reset delays
ASoC: tas2764: Fix and extend FSYNC polarity handling
ASoC: tas2764: Correct playback volume range
ASoC: tas2764: Fix amp gain register offset & default
ASoC: Intel: Skylake: Correct the ssp rate discovery in skl_get_ssp_clks()
ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array
net: stmmac: dwc-qos: Disable split header for Tegra194
sysctl: Fix data races in proc_dointvec().
sysctl: Fix data races in proc_douintvec().
sysctl: Fix data races in proc_dointvec_minmax().
sysctl: Fix data races in proc_douintvec_minmax().
sysctl: Fix data races in proc_doulongvec_minmax().
sysctl: Fix data races in proc_dointvec_jiffies().
tcp: Fix a data-race around sysctl_tcp_max_orphans.
inetpeer: Fix data-races around sysctl.
net: Fix data-races around sysctl_mem.
cipso: Fix data-races around sysctl.
icmp: Fix data-races around sysctl.
ipv4: Fix a data-race around sysctl_fib_sync_mem.
ARM: dts: at91: sama5d2: Fix typo in i2s1 node
ARM: dts: sunxi: Fix SPI NOR campatible on Orange Pi Zero
drm/i915/selftests: fix a couple IS_ERR() vs NULL tests
drm/i915/gt: Serialize TLB invalidates with GT resets
sysctl: Fix data-races in proc_dointvec_ms_jiffies().
icmp: Fix a data-race around sysctl_icmp_ratelimit.
icmp: Fix a data-race around sysctl_icmp_ratemask.
raw: Fix a data-race around sysctl_raw_l3mdev_accept.
ipv4: Fix data-races around sysctl_ip_dynaddr.
nexthop: Fix data-races around nexthop_compat_mode.
net: ftgmac100: Hold reference returned by of_get_child_by_name()
ima: force signature verification when CONFIG_KEXEC_SIG is configured
ima: Fix potential memory leak in ima_init_crypto()
sfc: fix use after free when disabling sriov
seg6: fix skb checksum evaluation in SRH encapsulation/insertion
seg6: fix skb checksum in SRv6 End.B6 and End.B6.Encaps behaviors
seg6: bpf: fix skb checksum in bpf_push_seg6_encap()
sfc: fix kernel panic when creating VF
net: atlantic: remove deep parameter on suspend/resume functions
net: atlantic: remove aq_nic_deinit() when resume
KVM: x86: Fully initialize 'struct kvm_lapic_irq' in kvm_pv_kick_cpu_op()
net/tls: Check for errors in tls_device_init
mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE
virtio_mmio: Add missing PM calls to freeze/restore
virtio_mmio: Restore guest page size on resume
netfilter: br_netfilter: do not skip all hooks with 0 priority
scsi: hisi_sas: Limit max hw sectors for v3 HW
cpufreq: pmac32-cpufreq: Fix refcount leak bug
platform/x86: hp-wmi: Ignore Sanitization Mode event
net: tipc: fix possible refcount leak in tipc_sk_create()
NFC: nxp-nci: don't print header length mismatch on i2c error
nvme-tcp: always fail a request when sending it failed
nvme: fix regression when disconnect a recovering ctrl
net: sfp: fix memory leak in sfp_probe()
ASoC: ops: Fix off by one in range control validation
pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()
ASoC: SOF: Intel: hda-loader: Clarify the cl_dsp_init() flow
ASoC: wm5110: Fix DRE control
ASoC: dapm: Initialise kcontrol data for mux/demux controls
ASoC: cs47l15: Fix event generation for low power mux control
ASoC: madera: Fix event generation for OUT1 demux
ASoC: madera: Fix event generation for rate controls
irqchip: or1k-pic: Undefine mask_ack for level triggered hardware
x86: Clear .brk area at early boot
soc: ixp4xx/npe: Fix unused match warning
ARM: dts: stm32: use the correct clock source for CEC on stm32mp151
Revert "can: xilinx_can: Limit CANFD brp to 2"
nvme-pci: phison e16 has bogus namespace ids
signal handling: don't use BUG_ON() for debugging
USB: serial: ftdi_sio: add Belimo device ids
usb: typec: add missing uevent when partner support PD
usb: dwc3: gadget: Fix event pending check
tty: serial: samsung_tty: set dma burst_size to 1
vt: fix memory overlapping when deleting chars in the buffer
serial: 8250: fix return error code in serial8250_request_std_resource()
serial: stm32: Clear prev values before setting RTS delays
serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle
serial: 8250: Fix PM usage_count for console handover
x86/pat: Fix x86_has_pat_wp()
Linux 5.10.132
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I450f357105f90b1b9549dea5de62dc9a160d4ba9
|
||
|
Greg Kroah-Hartman
|
50c9c56f73 |
This is the 5.10.130 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmLNhfsACgkQONu9yGCS aT6srhAAjWF9gtiDTufsmNBW5X7DeEPzwsXFVJ1b5+8mTvc2NPzvxxTsc5xwL7QG Ml2LEMXQYxdhBrXzm6Av1FZSQgnjdv2BMw9FQfjPkOeuxaFWpta8qg0sxiZZvrHs 3rxiy9RKlSvaUpEGE2h/RcJFWL4ume9/bB+UhLLYXFKDfmZ7TKe2jA7b87W5Y0i9 6tYyS98weJPMNdkioM7Iewbugr9xaXTElG47hAL4pDlWd5xnxKf10rgNg5hdzkxA jEPQlyiVpLvRHdqb+ZlPKMxLcZu3i9kXsO+fGPe1AsXopyTuSEq+A61vuGSsrhaF vyPXIzn66rGCjYIM19ku8HgcMhdi3GcwztE/OSZrMIZS0vU7jECyisqHvT8cUPr6 caor6kYqrD8mdCvyDGp+8Fqaa+iGINX6PhC/0PkerX3HPwIXm+VPIjhAQ4QJzB/S ArJnzazDn1KbdAEldGB89JxI5+huh7COYg/c+zy1UOEHNttovdJZpXwxvBE+N6M4 XeKqM3s4cxs/S9D1xJXKl1bkeMpQ9UegtlWIfVkKfNmNbWhP3u4FUDFpxCsje1tf xfP2eb9tJWYzxiiS+Rb2Ib44+OiF3sE2MCzFpP+Fusna5Sz9FlhqNlYW7I+a2ros DwwfWUsMz+t8bwc+wNA4SPqhdrkh8z7lWTm8449QYZesCzzsexU= =AgJC -----END PGP SIGNATURE----- Merge 5.10.130 into android12-5.10-lts Changes in 5.10.130 mm/slub: add missing TID updates on slab deactivation ALSA: hda/realtek: Add quirk for Clevo L140PU can: bcm: use call_rcu() instead of costly synchronize_rcu() can: grcan: grcan_probe(): remove extra of_node_get() can: gs_usb: gs_usb_open/close(): fix memory leak bpf: Fix incorrect verifier simulation around jmp32's jeq/jne bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals usbnet: fix memory leak in error case net: rose: fix UAF bug caused by rose_t0timer_expiry netfilter: nft_set_pipapo: release elements in clone from abort path netfilter: nf_tables: stricter validation of element data iommu/vt-d: Fix PCI bus rescan device hot add fbdev: fbmem: Fix logo center image dx issue fbmem: Check virtual screen sizes in fb_set_var() fbcon: Disallow setting font bigger than screen size fbcon: Prevent that screen size is smaller than font size PM: runtime: Redefine pm_runtime_release_supplier() memregion: Fix memregion_free() fallback definition video: of_display_timing.h: include errno.h powerpc/powernv: delay rng platform device creation until later in boot can: kvaser_usb: replace run-time checks with struct kvaser_usb_driver_info can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency regression can: kvaser_usb: kvaser_usb_leaf: fix bittiming limits xfs: remove incorrect ASSERT in xfs_rename ARM: meson: Fix refcount leak in meson_smp_prepare_cpus pinctrl: sunxi: a83t: Fix NAND function name for some pins arm64: dts: qcom: msm8994: Fix CPU6/7 reg values arm64: dts: imx8mp-evk: correct mmc pad settings arm64: dts: imx8mp-evk: correct the uart2 pinctl value arm64: dts: imx8mp-evk: correct gpio-led pad settings arm64: dts: imx8mp-evk: correct I2C3 pad settings pinctrl: sunxi: sunxi_pconf_set: use correct offset arm64: dts: qcom: msm8992-*: Fix vdd_lvs1_2-supply typo ARM: at91: pm: use proper compatible for sama5d2's rtc ARM: at91: pm: use proper compatibles for sam9x60's rtc and rtt ARM: dts: at91: sam9x60ek: fix eeprom compatible and size ARM: dts: at91: sama5d2_icp: fix eeprom compatibles xsk: Clear page contiguity bit when unmapping pool i40e: Fix dropped jumbo frames statistics ibmvnic: Properly dispose of all skbs during a failover. selftests: forwarding: fix flood_unicast_test when h2 supports IFF_UNICAST_FLT selftests: forwarding: fix learning_test when h1 supports IFF_UNICAST_FLT selftests: forwarding: fix error message in learning_test r8169: fix accessing unset transport header i2c: cadence: Unregister the clk notifier in error path dmaengine: imx-sdma: Allow imx8m for imx7 FW revs misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer misc: rtsx_usb: use separate command and response buffers misc: rtsx_usb: set return value in rsp_buf alloc err path dt-bindings: dma: allwinner,sun50i-a64-dma: Fix min/max typo ida: don't use BUG_ON() for debugging dmaengine: pl330: Fix lockdep warning about non-static key dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate Linux 5.10.130 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7590fa913189edca6550e770bbb7c60c273d9461 |
||
|
Greg Kroah-Hartman
|
9c2a5eef8f |
Merge tag 'android12-5.10.117_r00' into 'android12-5.10'
This is the merge of the upstream LTS release of 5.10.117 into the android12-5.10 branch. It contains the following commits: |
||
liuhailong
|
4536de1b70 |
ANDROID: vendor_hooks: add hooks in __alloc_pages_slowpath
Since android_vh_alloc_pages_slowpath is revert by
commit
|
||
|
Greg Kroah-Hartman
|
0e8e989142 |
This is the 5.10.121 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmKhrZIACgkQONu9yGCS
aT4bxhAAsahNlwa6uWf6brIeZkHy62w0LrZAEr6+TvO2CHLWwhcKIol5ZjdaJD5y
KX7A839Vcdo5iAk0eNUV2MTigp7YK0f7XH9y/u/L3yNLc9YA4isA9PQhnnPc4R7N
mgkmGT7Oz7BbQydyDiLvSwtXJDxBMOzCDTF3/4/42PsdmRmPzLBxzoTpH8wcY4vG
jwGyiyUjUVWAF99uHo0O/Yp8sw8UvudpOX+lbKed76V+fXsbH0PYk1yMMJfWhZ60
TrFh1dmZY7j2bW0+F7rkVPXVGeQGyOlLSUVSFWlugJ8qvxVNpAItjcBUXZ+nChGe
O25/5UiaBHprTIoms05yG1jPZtBbAO2MgLhw6zBCOySBr/e0bligNfJWpjt5D6H3
17+CQ1QeaL9BlzcYr4Ug/y60o2CkfUc/vr2CEQRQBRgj1gjsFWwBI4HVdO982fKC
QClnC55h1wYDsjSJ6Z4l4TKBuEN8rV9D3RfdIaPex5C6JJMAoUNeAojCL+6iyuem
ODSIufKm1I1eHeIS49+tw0Uu4jiAtn9RJfR4+uiV8zftfrDZ1qM/RPuHZTsE9wAl
3jHx6+8mT8NYjxb9Omn4Dp3aOl7Fcx/vPxx9uoj8YjrJtQ3L0EGgCnk0djmMi0b3
sBdKw15ftoJvNNrhQaLiCo+0M3XkcUUBk37ttNuIo4lvqIY23RE=
=piEC
-----END PGP SIGNATURE-----
Merge 5.10.121 into android12-5.10-lts
Changes in 5.10.121
binfmt_flat: do not stop relocating GOT entries prematurely on riscv
parisc/stifb: Implement fb_is_primary_device()
riscv: Initialize thread pointer before calling C functions
riscv: Fix irq_work when SMP is disabled
ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
ALSA: usb-audio: Cancel pending work at closing a MIDI substream
USB: serial: option: add Quectel BG95 modem
USB: new quirk for Dell Gen 2 devices
usb: dwc3: gadget: Move null pinter check to proper place
usb: core: hcd: Add support for deferring roothub registration
cifs: when extending a file with falloc we should make files not-sparse
xhci: Allow host runtime PM as default for Intel Alder Lake N xHCI
Fonts: Make font size unsigned in font_desc
parisc/stifb: Keep track of hardware path of graphics card
x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails
perf/x86/intel: Fix event constraints for ICL
ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP
ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP
ptrace: Reimplement PTRACE_KILL by always sending SIGKILL
btrfs: add "0x" prefix for unsupported optional features
btrfs: repair super block num_devices automatically
iommu/vt-d: Add RPLS to quirk list to skip TE disabling
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
b43legacy: Fix assigning negative value to unsigned variable
b43: Fix assigning negative value to unsigned variable
ipw2x00: Fix potential NULL dereference in libipw_xmit()
ipv6: fix locking issues with loops over idev->addr_list
fbcon: Consistently protect deferred_takeover with console_lock()
x86/platform/uv: Update TSC sync state for UV5
ACPICA: Avoid cache flush inside virtual machines
drm/komeda: return early if drm_universal_plane_init() fails.
rcu-tasks: Fix race in schedule and flush work
rcu: Make TASKS_RUDE_RCU select IRQ_WORK
sfc: ef10: Fix assigning negative value to unsigned variable
ALSA: jack: Access input_dev under mutex
spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction
tools/power turbostat: fix ICX DRAM power numbers
drm/amd/pm: fix double free in si_parse_power_table()
ath9k: fix QCA9561 PA bias level
media: venus: hfi: avoid null dereference in deinit
media: pci: cx23885: Fix the error handling in cx23885_initdev()
media: cx25821: Fix the warning when removing the module
md/bitmap: don't set sb values if can't pass sanity check
mmc: jz4740: Apply DMA engine limits to maximum segment size
drivers: mmc: sdhci_am654: Add the quirk to set TESTCD bit
scsi: megaraid: Fix error check return value of register_chrdev()
scsi: ufs: Use pm_runtime_resume_and_get() instead of pm_runtime_get_sync()
scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
ath11k: disable spectral scan during spectral deinit
ASoC: Intel: bytcr_rt5640: Add quirk for the HP Pro Tablet 408
drm/plane: Move range check for format_count earlier
drm/amd/pm: fix the compile warning
ath10k: skip ath10k_halt during suspend for driver state RESTARTING
arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall
drm: msm: fix error check return value of irq_of_parse_and_map()
ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL
net/mlx5: fs, delete the FTE when there are no rules attached to it
ASoC: dapm: Don't fold register value changes into notifications
mlxsw: spectrum_dcb: Do not warn about priority changes
mlxsw: Treat LLDP packets as control
drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo
HID: bigben: fix slab-out-of-bounds Write in bigben_probe
ASoC: tscs454: Add endianness flag in snd_soc_component_driver
net: remove two BUG() from skb_checksum_help()
s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES
perf/amd/ibs: Cascade pmu init functions' return value
spi: stm32-qspi: Fix wait_cmd timeout in APM mode
dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC
ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
ipmi:ssif: Check for NULL msg when handling events and messages
ipmi: Fix pr_fmt to avoid compilation issues
rtlwifi: Use pr_warn instead of WARN_ONCE
media: rga: fix possible memory leak in rga_probe
media: coda: limit frame interval enumeration to supported encoder frame sizes
media: imon: reorganize serialization
media: cec-adap.c: fix is_configuring state
openrisc: start CPU timer early in boot
nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags
ASoC: rt5645: Fix errorenous cleanup order
nbd: Fix hung on disconnect request if socket is closed before
net: phy: micrel: Allow probing without .driver_data
media: exynos4-is: Fix compile warning
ASoC: max98357a: remove dependency on GPIOLIB
ASoC: rt1015p: remove dependency on GPIOLIB
can: mcp251xfd: silence clang's -Wunaligned-access warning
x86/microcode: Add explicit CPU vendor dependency
m68k: atari: Make Atari ROM port I/O write macros return void
rxrpc: Return an error to sendmsg if call failed
rxrpc, afs: Fix selection of abort codes
eth: tg3: silence the GCC 12 array-bounds warning
selftests/bpf: fix btf_dump/btf_dump due to recent clang change
gfs2: use i_lock spin_lock for inode qadata
IB/rdmavt: add missing locks in rvt_ruc_loopback
ARM: dts: ox820: align interrupt controller node name with dtschema
ARM: dts: s5pv210: align DMA channels with dtschema
arm64: dts: qcom: msm8994: Fix BLSP[12]_DMA channels count
PM / devfreq: rk3399_dmc: Disable edev on remove()
crypto: ccree - use fine grained DMA mapping dir
soc: ti: ti_sci_pm_domains: Check for null return of devm_kcalloc
fs: jfs: fix possible NULL pointer dereference in dbFree()
ARM: OMAP1: clock: Fix UART rate reporting algorithm
powerpc/fadump: Fix fadump to work with a different endian capture kernel
fat: add ratelimit to fat*_ent_bread()
pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources()
ARM: versatile: Add missing of_node_put in dcscb_init
ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM
ARM: hisi: Add missing of_node_put after of_find_compatible_node
PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store()
tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr
powerpc/xics: fix refcount leak in icp_opal_init()
powerpc/powernv: fix missing of_node_put in uv_init()
macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled
powerpc/iommu: Add missing of_node_put in iommu_init_early_dart
RDMA/hfi1: Prevent panic when SDMA is disabled
drm: fix EDID struct for old ARM OABI format
dt-bindings: display: sitronix, st7735r: Fix backlight in example
ath11k: acquire ab->base_lock in unassign when finding the peer by addr
ath9k: fix ar9003_get_eepmisc
drm/edid: fix invalid EDID extension block filtering
drm/bridge: adv7511: clean up CEC adapter when probe fails
spi: qcom-qspi: Add minItems to interconnect-names
ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
x86/delay: Fix the wrong asm constraint in delay_loop()
drm/ingenic: Reset pixclock rate when parent clock rate changes
drm/mediatek: Fix mtk_cec_mask()
drm/vc4: hvs: Reset muxes at probe time
drm/vc4: txp: Don't set TXP_VSTART_AT_EOF
drm/vc4: txp: Force alpha to be 0xff if it's disabled
libbpf: Don't error out on CO-RE relos for overriden weak subprogs
bpf: Fix excessive memory allocation in stack_map_alloc()
nl80211: show SSID for P2P_GO interfaces
drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
drm: mali-dp: potential dereference of null pointer
spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout
scftorture: Fix distribution of short handler delays
net: dsa: mt7530: 1G can also support 1000BASE-X link mode
NFC: NULL out the dev->rfkill to prevent UAF
efi: Add missing prototype for efi_capsule_setup_info
target: remove an incorrect unmap zeroes data deduction
drbd: fix duplicate array initializer
EDAC/dmc520: Don't print an error for each unconfigured interrupt line
mtd: rawnand: denali: Use managed device resources
HID: hid-led: fix maximum brightness for Dream Cheeky
HID: elan: Fix potential double free in elan_input_configured
drm/bridge: Fix error handling in analogix_dp_probe
sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq
spi: img-spfi: Fix pm_runtime_get_sync() error checking
cpufreq: Fix possible race in cpufreq online error path
ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix
media: hantro: Empty encoder capture buffers by default
drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
ALSA: pcm: Check for null pointer of pointer substream before dereferencing it
inotify: show inotify mask flags in proc fdinfo
fsnotify: fix wrong lockdep annotations
of: overlay: do not break notify on NOTIFY_{OK|STOP}
drm/msm/dpu: adjust display_v_end for eDP and DP
scsi: ufs: qcom: Fix ufs_qcom_resume()
scsi: ufs: core: Exclude UECxx from SFR dump list
selftests/resctrl: Fix null pointer dereference on open failed
libbpf: Fix logic for finding matching program for CO-RE relocation
mtd: spi-nor: core: Check written SR value in spi_nor_write_16bit_sr_and_check()
x86/pm: Fix false positive kmemleak report in msr_build_context()
mtd: rawnand: cadence: fix possible null-ptr-deref in cadence_nand_dt_probe()
x86/speculation: Add missing prototype for unpriv_ebpf_notify()
ASoC: rk3328: fix disabling mclk on pclk probe failure
perf tools: Add missing headers needed by util/data.h
drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume
drm/msm/dp: stop event kernel thread when DP unbind
drm/msm/dp: fix error check return value of irq_of_parse_and_map()
drm/msm/dsi: fix error checks and return values for DSI xmit functions
drm/msm/hdmi: check return value after calling platform_get_resource_byname()
drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
drm/msm: add missing include to msm_drv.c
drm/panel: panel-simple: Fix proper bpc for AM-1280800N3TZQW-T00H
drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
perf tools: Use Python devtools for version autodetection rather than runtime
virtio_blk: fix the discard_granularity and discard_alignment queue limits
x86: Fix return value of __setup handlers
irqchip/exiu: Fix acknowledgment of edge triggered interrupts
irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
irqchip/aspeed-scu-ic: Fix irq_of_parse_and_map() return value
x86/mm: Cleanup the control_va_addr_alignment() __setup handler
arm64: fix types in copy_highpage()
regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
drm/msm/dp: fix event thread stuck in wait_event after kthread_stop()
drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected
drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected
drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
media: uvcvideo: Fix missing check to determine if element is found in list
iomap: iomap_write_failed fix
spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname()
Revert "cpufreq: Fix possible race in cpufreq online error path"
regulator: qcom_smd: Fix up PM8950 regulator configuration
perf/amd/ibs: Use interrupt regs ip for stack unwinding
ath11k: Don't check arvif->is_started before sending management frames
ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe
ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe
regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
ASoC: samsung: Use dev_err_probe() helper
ASoC: samsung: Fix refcount leak in aries_audio_probe
kselftest/cgroup: fix test_stress.sh to use OUTPUT dir
scripts/faddr2line: Fix overlapping text section failures
media: aspeed: Fix an error handling path in aspeed_video_probe()
media: exynos4-is: Fix PM disable depth imbalance in fimc_is_probe
media: st-delta: Fix PM disable depth imbalance in delta_probe
media: exynos4-is: Change clk_disable to clk_disable_unprepare
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
media: vsp1: Fix offset calculation for plane cropping
Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
Bluetooth: Interleave with allowlist scan
Bluetooth: L2CAP: Rudimentary typo fixes
Bluetooth: LL privacy allow RPA
Bluetooth: use inclusive language in HCI role comments
Bluetooth: use inclusive language when filtering devices
Bluetooth: use hdev lock for accept_list and reject_list in conn req
nvme: set dma alignment to dword
m68k: math-emu: Fix dependencies of math emulation support
lsm,selinux: pass flowi_common instead of flowi to the LSM hooks
sctp: read sk->sk_bound_dev_if once in sctp_rcv()
net: hinic: add missing destroy_workqueue in hinic_pf_to_mgmt_init
ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_*
media: ov7670: remove ov7670_power_off from ov7670_remove
media: staging: media: rkvdec: Make use of the helper function devm_platform_ioremap_resource()
media: rkvdec: h264: Fix dpb_valid implementation
media: rkvdec: h264: Fix bit depth wrap in pps packet
ext4: reject the 'commit' option on ext2 filesystems
drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init
drm: msm: fix possible memory leak in mdp5_crtc_cursor_set()
x86/sev: Annotate stack change in the #VC handler
drm/msm/dpu: handle pm_runtime_get_sync() errors in bind path
drm/i915: Fix CFI violation with show_dynamic_id()
thermal/drivers/bcm2711: Don't clamp temperature at zero
thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe
thermal/drivers/core: Use a char pointer for the cooling device name
thermal/core: Fix memory leak in __thermal_cooling_device_register()
thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition()
NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
ASoC: max98090: Move check for invalid values before casting in max98090_put_enab_tlv()
net: stmmac: selftests: Use kcalloc() instead of kzalloc()
net: stmmac: fix out-of-bounds access in a selftest
hv_netvsc: Fix potential dereference of NULL pointer
rxrpc: Fix listen() setting the bar too high for the prealloc rings
rxrpc: Don't try to resend the request if we're receiving the reply
rxrpc: Fix overlapping ACK accounting
rxrpc: Don't let ack.previousPacket regress
rxrpc: Fix decision on when to generate an IDLE ACK
net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
hinic: Avoid some over memory allocation
net/smc: postpone sk_refcnt increment in connect()
arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399
memory: samsung: exynos5422-dmc: Avoid some over memory allocation
ARM: dts: suniv: F1C100: fix watchdog compatible
soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc
PCI: cadence: Fix find_first_zero_bit() limit
PCI: rockchip: Fix find_first_zero_bit() limit
PCI: dwc: Fix setting error return on MSI DMA mapping failure
ARM: dts: ci4x10: Adapt to changes in imx6qdl.dtsi regarding fec clocks
soc: qcom: llcc: Add MODULE_DEVICE_TABLE()
KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry
KVM: nVMX: Clear IDT vectoring on nested VM-Exit for double/triple fault
platform/chrome: cros_ec: fix error handling in cros_ec_register()
ARM: dts: imx6dl-colibri: Fix I2C pinmuxing
platform/chrome: Re-introduce cros_ec_cmd_xfer and use it for ioctls
can: xilinx_can: mark bit timing constants as const
ARM: dts: stm32: Fix PHY post-reset delay on Avenger96
ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT
ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
ARM: dts: bcm2835-rpi-b: Fix GPIO line names
misc: ocxl: fix possible double free in ocxl_file_register_afu
crypto: marvell/cesa - ECB does not IV
gpiolib: of: Introduce hook for missing gpio-ranges
pinctrl: bcm2835: implement hook for missing gpio-ranges
arm: mediatek: select arch timer for mt7629
powerpc/fadump: fix PT_LOAD segment for boot memory area
mfd: ipaq-micro: Fix error check return value of platform_get_irq()
scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac()
firmware: arm_scmi: Fix list protocols enumeration in the base protocol
nvdimm: Fix firmware activation deadlock scenarios
nvdimm: Allow overwrite in the presence of disabled dimms
pinctrl: mvebu: Fix irq_of_parse_and_map() return value
drivers/base/node.c: fix compaction sysfs file leak
dax: fix cache flush on PMD-mapped pages
drivers/base/memory: fix an unlikely reference counting issue in __add_memory_block()
powerpc/8xx: export 'cpm_setbrg' for modules
pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources()
powerpc/idle: Fix return value of __setup() handler
powerpc/4xx/cpm: Fix return value of __setup() handler
ASoC: atmel-pdmic: Remove endianness flag on pdmic component
ASoC: atmel-classd: Remove endianness flag on class d component
proc: fix dentry/inode overinstantiating under /proc/${pid}/net
ipc/mqueue: use get_tree_nodev() in mqueue_get_tree()
PCI: imx6: Fix PERST# start-up sequence
tty: fix deadlock caused by calling printk() under tty_port->lock
crypto: sun8i-ss - rework handling of IV
crypto: sun8i-ss - handle zero sized sg
crypto: cryptd - Protect per-CPU resource by disabling BH.
Input: sparcspkr - fix refcount leak in bbc_beep_probe
PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits
hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume()
powerpc/64: Only WARN if __pa()/__va() called with bad addresses
powerpc/perf: Fix the threshold compare group constraint for power9
macintosh: via-pmu and via-cuda need RTC_LIB
powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup
mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe()
mailbox: forward the hrtimer if not queued and under a lock
RDMA/hfi1: Prevent use of lock before it is initialized
Input: stmfts - do not leave device disabled in stmfts_input_open
OPP: call of_node_put() on error path in _bandwidth_supported()
f2fs: fix dereference of stale list iterator after loop body
iommu/mediatek: Add list_del in mtk_iommu_remove
i2c: at91: use dma safe buffers
cpufreq: mediatek: add missing platform_driver_unregister() on error in mtk_cpufreq_driver_init
cpufreq: mediatek: Use module_init and add module_exit
cpufreq: mediatek: Unregister platform device on exit
MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmon
i2c: at91: Initialize dma_buf in at91_twi_xfer()
dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
NFS: Do not report EINTR/ERESTARTSYS as mapping errors
NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS
NFS: Do not report flush errors in nfs_write_end()
NFS: Don't report errors from nfs_pageio_complete() more than once
NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout
video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
dmaengine: stm32-mdma: remove GISR1 register
dmaengine: stm32-mdma: rework interrupt handler
dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler()
iommu/amd: Increase timeout waiting for GA log enablement
i2c: npcm: Fix timeout calculation
i2c: npcm: Correct register access width
i2c: npcm: Handle spurious interrupts
i2c: rcar: fix PM ref counts in probe error paths
perf c2c: Use stdio interface if slang is not supported
perf jevents: Fix event syntax error caused by ExtSel
f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count()
f2fs: fix to do sanity check on block address in f2fs_do_zero_range()
f2fs: fix to clear dirty inode in f2fs_evict_inode()
f2fs: fix deadloop in foreground GC
f2fs: don't need inode lock for system hidden quota
f2fs: fix to do sanity check on total_data_blocks
f2fs: fix fallocate to use file_modified to update permissions consistently
f2fs: fix to do sanity check for inline inode
wifi: mac80211: fix use-after-free in chanctx code
iwlwifi: mvm: fix assert 1F04 upon reconfig
fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages
efi: Do not import certificates from UEFI Secure Boot for T2 Macs
bfq: Split shared queues on move between cgroups
bfq: Update cgroup information before merging bio
bfq: Track whether bfq_group is still online
ext4: fix use-after-free in ext4_rename_dir_prepare
ext4: fix warning in ext4_handle_inode_extension
ext4: fix bug_on in ext4_writepages
ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
ext4: fix bug_on in __es_tree_search
ext4: verify dir block before splitting it
ext4: avoid cycles in directory h-tree
ACPI: property: Release subnode properties with data nodes
tracing: Fix potential double free in create_var_ref()
PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299
PCI: qcom: Fix runtime PM imbalance on probe errors
PCI: qcom: Fix unbalanced PHY init on probe errors
mm, compaction: fast_find_migrateblock() should return pfn in the target zone
s390/perf: obtain sie_block from the right address
dlm: fix plock invalid read
dlm: fix missing lkb refcount handling
ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock
scsi: dc395x: Fix a missing check on list iterator
scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
drm/amdgpu/cs: make commands with 0 chunks illegal behaviour.
drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem
drm/nouveau/clk: Fix an incorrect NULL check on list iterator
drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator
drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
drm/i915/dsi: fix VBT send packet port selection for ICL+
md: fix an incorrect NULL check in does_sb_need_changing
md: fix an incorrect NULL check in md_reload_sb
mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write
mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N
media: coda: Fix reported H264 profile
media: coda: Add more H264 levels for CODA960
ima: remove the IMA_TEMPLATE Kconfig option
Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug
RDMA/hfi1: Fix potential integer multiplication overflow errors
csky: patch_text: Fixup last cpu should be master
irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x
irqchip: irq-xtensa-mx: fix initial IRQ affinity
cfg80211: declare MODULE_FIRMWARE for regulatory.db
mac80211: upgrade passive scan to active scan on DFS channels after beacon rx
um: chan_user: Fix winch_tramp() return value
um: Fix out-of-bounds read in LDT setup
kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
ftrace: Clean up hash direct_functions on register failures
iommu/msm: Fix an incorrect NULL check on list iterator
nodemask.h: fix compilation error with GCC12
hugetlb: fix huge_pmd_unshare address update
xtensa/simdisk: fix proc_read_simdisk()
rtl818x: Prevent using not initialized queues
ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
carl9170: tx: fix an incorrect use of list iterator
stm: ltdc: fix two incorrect NULL checks on list iterator
bcache: improve multithreaded bch_btree_check()
bcache: improve multithreaded bch_sectors_dirty_init()
bcache: remove incremental dirty sector counting for bch_sectors_dirty_init()
bcache: avoid journal no-space deadlock by reserving 1 journal bucket
serial: pch: don't overwrite xmit->buf[0] by x_char
tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
gma500: fix an incorrect NULL check on list iterator
arm64: dts: qcom: ipq8074: fix the sleep clock frequency
phy: qcom-qmp: fix struct clk leak on probe errors
ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries
ARM: pxa: maybe fix gpio lookup tables
SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op
docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0
dt-bindings: gpio: altera: correct interrupt-cells
vdpasim: allow to enable a vq repeatedly
blk-iolatency: Fix inflight count imbalances and IO hangs on offline
coresight: core: Fix coresight device probe failure issue
phy: qcom-qmp: fix reset-controller leak on probe errors
net: ipa: fix page free in ipa_endpoint_trans_release()
net: ipa: fix page free in ipa_endpoint_replenish_one()
xfs: set inode size after creating symlink
xfs: sync lazy sb accounting on quiesce of read-only mounts
xfs: fix chown leaking delalloc quota blocks when fssetxattr fails
xfs: fix incorrect root dquot corruption error when switching group/project quota types
xfs: restore shutdown check in mapped write fault path
xfs: force log and push AIL to clear pinned inodes when aborting mount
xfs: consider shutdown in bmapbt cursor delete assert
xfs: assert in xfs_btree_del_cursor should take into account error
kseltest/cgroup: Make test_stress.sh work if run interactively
thermal/core: fix a UAF bug in __thermal_cooling_device_register()
thermal/core: Fix memory leak in the error path
bfq: Avoid merging queues with different parents
bfq: Drop pointless unlock-lock pair
bfq: Remove pointless bfq_init_rq() calls
bfq: Get rid of __bio_blkcg() usage
bfq: Make sure bfqg for which we are queueing requests is online
block: fix bio_clone_blkg_association() to associate with proper blkcg_gq
Revert "random: use static branch for crng_ready()"
RDMA/rxe: Generate a completion for unsupported/invalid opcode
MIPS: IP27: Remove incorrect `cpu_has_fpu' override
MIPS: IP30: Remove incorrect `cpu_has_fpu' override
ext4: only allow test_dummy_encryption when supported
md: bcache: check the return value of kzalloc() in detached_dev_do_request()
Linux 5.10.121
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I52dd11dc43acfa0ebddd2b6e277c823b96b07327
|
||
|
Greg Kroah-Hartman
|
2de0a17df4 |
This is the 5.10.120 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmKdoegACgkQONu9yGCS
aT6ytRAAjBTL+El1JeJ5W14PjtQEl45XhEqJ300SuF9Ob0ZBgooPbBa3rwPBw05T
xpyT4/vLGmG87s2+KTUkAtfX8lhoWLbE+xx4zrOx49plbFVYYvqugzvzliXvZ8Zb
2h1aP0SG8hrIFHMsN+qOZnmY3k9m8Z7rNZu/Eyq8zQ/z0SCmQ0EExq3PiKskrfyb
4AcC5Y77UfUl9r7loyFVAPj5z5AOyE+d/5biFdLsJgHa+qHmoYTMKYy53BF8aD3v
jIOZ4JzYZ+ybtkGSrPtXmay02c15TqWXgzlYRjpYQm75C69yFugxFt5usBsVAZmK
JraaBEr13EdZhBvove2cV0ZK8afJfwoo2NuTBuxw52ZmEDvifkb7ESwPa/1kbAqI
267e+yTtqRoge2STMXqU4J3GNbMNf9vmOq4x6NaaPF+Q2K05Z9xO64yh0uxhYx7i
n/EoT2ESOrWguhICf+Gets58dmY6jbWNzlCKFJnbXiuYvx1AxcS1nzP0OrzeWsq8
qii9QS8VouzLnKGXanRZKmjznxSWMyQ3UjA/u4pqL4ISsDy25ICxeSemLvtHIdSU
Ksd+RQgL39e+V9ZXUZ+KQ6zm6a4gKXHsqxuq1UO4xzxYNnR7sgvDS4ACquLRae+N
ISNrz0LP0bDDXHFK4ElU0LBs5jwdYRm67TSVSAOVjCl5B5tB8zk=
=o88P
-----END PGP SIGNATURE-----
Merge 5.10.120 into android12-5.10-lts
Changes in 5.10.120
pinctrl: sunxi: fix f1c100s uart2 function
percpu_ref_init(): clean ->percpu_count_ref on failure
net: af_key: check encryption module availability consistency
nfc: pn533: Fix buggy cleanup order
net: ftgmac100: Disable hardware checksum on AST2600
i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging
drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers
netfilter: nf_tables: disallow non-stateful expression in sets earlier
pipe: make poll_usage boolean and annotate its access
pipe: Fix missing lock in pipe_resize_ring()
cfg80211: set custom regdomain after wiphy registration
assoc_array: Fix BUG_ON during garbage collect
io_uring: don't re-import iovecs from callbacks
io_uring: fix using under-expanded iters
net: ipa: compute proper aggregation limit
xfs: detect overflows in bmbt records
xfs: show the proper user quota options
xfs: fix the forward progress assertion in xfs_iwalk_run_callbacks
xfs: fix an ABBA deadlock in xfs_rename
xfs: Fix CIL throttle hang when CIL space used going backwards
drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency()
exfat: check if cluster num is valid
lib/crypto: add prompts back to crypto libraries
crypto: drbg - prepare for more fine-grained tracking of seeding state
crypto: drbg - track whether DRBG was seeded with !rng_is_initialized()
crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed()
crypto: drbg - make reseeding from get_random_bytes() synchronous
netfilter: nf_tables: sanitize nft_set_desc_concat_parse()
netfilter: conntrack: re-fetch conntrack after insertion
KVM: PPC: Book3S HV: fix incorrect NULL check on list iterator
x86/kvm: Alloc dummy async #PF token outside of raw spinlock
x86, kvm: use correct GFP flags for preemption disabled
KVM: x86: avoid calling x86 emulator without a decoded instruction
crypto: caam - fix i.MX6SX entropy delay value
crypto: ecrdsa - Fix incorrect use of vli_cmp
zsmalloc: fix races between asynchronous zspage free and page migration
Bluetooth: hci_qca: Use del_timer_sync() before freeing
ARM: dts: s5pv210: Correct interrupt name for bluetooth in Aries
dm integrity: fix error code in dm_integrity_ctr()
dm crypt: make printing of the key constant-time
dm stats: add cond_resched when looping over entries
dm verity: set DM_TARGET_IMMUTABLE feature flag
raid5: introduce MD_BROKEN
HID: multitouch: Add support for Google Whiskers Touchpad
HID: multitouch: add quirks to enable Lenovo X12 trackpoint
tpm: Fix buffer access in tpm2_get_tpm_pt()
tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
docs: submitting-patches: Fix crossref to 'The canonical patch format'
NFS: Memory allocation failures are not server fatal errors
NFSD: Fix possible sleep during nfsd4_release_lockowner()
bpf: Fix potential array overflow in bpf_trampoline_get_progs()
bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes
Linux 5.10.120
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I48c0d649a50bd16ad719b2cb9f0ffccd0a74519a
|
||
Gowans, James
|
931dbcc2e0 |
mm: split huge PUD on wp_huge_pud fallback
commit 14c99d65941538aa33edd8dc7b1bbbb593c324a2 upstream.
Currently the implementation will split the PUD when a fallback is taken
inside the create_huge_pud function. This isn't where it should be done:
the splitting should be done in wp_huge_pud, just like it's done for PMDs.
Reason being that if a callback is taken during create, there is no PUD
yet so nothing to split, whereas if a fallback is taken when encountering
a write protection fault there is something to split.
It looks like this was the original intention with the commit where the
splitting was introduced, but somehow it got moved to the wrong place
between v1 and v2 of the patch series. Rebase mistake perhaps.
Link: https://lkml.kernel.org/r/6f48d622eb8bce1ae5dd75327b0b73894a2ec407.camel@amazon.com
Fixes:
|
||
|
Greg Kroah-Hartman
|
f2eb31a498 |
Merge 5.10.119 into android12-5.10-lts
Changes in 5.10.119
lockdown: also lock down previous kgdb use
staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan()
KVM: x86: Properly handle APF vs disabled LAPIC situation
KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
tcp: change source port randomizarion at connect() time
secure_seq: use the 64 bits of the siphash for port offset calculation
media: vim2m: Register video device after setting up internals
media: vim2m: initialize the media device earlier
ACPI: sysfs: Make sparse happy about address space in use
ACPI: sysfs: Fix BERT error region memory mapping
random: avoid arch_get_random_seed_long() when collecting IRQ randomness
random: remove dead code left over from blocking pool
MAINTAINERS: co-maintain random.c
MAINTAINERS: add git tree for random.c
crypto: lib/blake2s - Move selftest prototype into header file
crypto: blake2s - define shash_alg structs using macros
crypto: x86/blake2s - define shash_alg structs using macros
crypto: blake2s - remove unneeded includes
crypto: blake2s - move update and final logic to internal/blake2s.h
crypto: blake2s - share the "shash" API boilerplate code
crypto: blake2s - optimize blake2s initialization
crypto: blake2s - add comment for blake2s_state fields
crypto: blake2s - adjust include guard naming
crypto: blake2s - include <linux/bug.h> instead of <asm/bug.h>
lib/crypto: blake2s: include as built-in
lib/crypto: blake2s: move hmac construction into wireguard
lib/crypto: sha1: re-roll loops to reduce code size
lib/crypto: blake2s: avoid indirect calls to compression function for Clang CFI
random: document add_hwgenerator_randomness() with other input functions
random: remove unused irq_flags argument from add_interrupt_randomness()
random: use BLAKE2s instead of SHA1 in extraction
random: do not sign extend bytes for rotation when mixing
random: do not re-init if crng_reseed completes before primary init
random: mix bootloader randomness into pool
random: harmonize "crng init done" messages
random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs
random: early initialization of ChaCha constants
random: avoid superfluous call to RDRAND in CRNG extraction
random: don't reset crng_init_cnt on urandom_read()
random: fix typo in comments
random: cleanup poolinfo abstraction
random: cleanup integer types
random: remove incomplete last_data logic
random: remove unused extract_entropy() reserved argument
random: rather than entropy_store abstraction, use global
random: remove unused OUTPUT_POOL constants
random: de-duplicate INPUT_POOL constants
random: prepend remaining pool constants with POOL_
random: cleanup fractional entropy shift constants
random: access input_pool_data directly rather than through pointer
random: selectively clang-format where it makes sense
random: simplify arithmetic function flow in account()
random: continually use hwgenerator randomness
random: access primary_pool directly rather than through pointer
random: only call crng_finalize_init() for primary_crng
random: use computational hash for entropy extraction
random: simplify entropy debiting
random: use linear min-entropy accumulation crediting
random: always wake up entropy writers after extraction
random: make credit_entropy_bits() always safe
random: remove use_input_pool parameter from crng_reseed()
random: remove batched entropy locking
random: fix locking in crng_fast_load()
random: use RDSEED instead of RDRAND in entropy extraction
random: get rid of secondary crngs
random: inline leaves of rand_initialize()
random: ensure early RDSEED goes through mixer on init
random: do not xor RDRAND when writing into /dev/random
random: absorb fast pool into input pool after fast load
random: use simpler fast key erasure flow on per-cpu keys
random: use hash function for crng_slow_load()
random: make more consistent use of integer types
random: remove outdated INT_MAX >> 6 check in urandom_read()
random: zero buffer after reading entropy from userspace
random: fix locking for crng_init in crng_reseed()
random: tie batched entropy generation to base_crng generation
random: remove ifdef'd out interrupt bench
random: remove unused tracepoints
random: add proper SPDX header
random: deobfuscate irq u32/u64 contributions
random: introduce drain_entropy() helper to declutter crng_reseed()
random: remove useless header comment
random: remove whitespace and reorder includes
random: group initialization wait functions
random: group crng functions
random: group entropy extraction functions
random: group entropy collection functions
random: group userspace read/write functions
random: group sysctl functions
random: rewrite header introductory comment
random: defer fast pool mixing to worker
random: do not take pool spinlock at boot
random: unify early init crng load accounting
random: check for crng_init == 0 in add_device_randomness()
random: pull add_hwgenerator_randomness() declaration into random.h
random: clear fast pool, crng, and batches in cpuhp bring up
random: round-robin registers as ulong, not u32
random: only wake up writers after zap if threshold was passed
random: cleanup UUID handling
random: unify cycles_t and jiffies usage and types
random: do crng pre-init loading in worker rather than irq
random: give sysctl_random_min_urandom_seed a more sensible value
random: don't let 644 read-only sysctls be written to
random: replace custom notifier chain with standard one
random: use SipHash as interrupt entropy accumulator
random: make consistent usage of crng_ready()
random: reseed more often immediately after booting
random: check for signal and try earlier when generating entropy
random: skip fast_init if hwrng provides large chunk of entropy
random: treat bootloader trust toggle the same way as cpu trust toggle
random: re-add removed comment about get_random_{u32,u64} reseeding
random: mix build-time latent entropy into pool at init
random: do not split fast init input in add_hwgenerator_randomness()
random: do not allow user to keep crng key around on stack
random: check for signal_pending() outside of need_resched() check
random: check for signals every PAGE_SIZE chunk of /dev/[u]random
random: allow partial reads if later user copies fail
random: make random_get_entropy() return an unsigned long
random: document crng_fast_key_erasure() destination possibility
random: fix sysctl documentation nits
init: call time_init() before rand_initialize()
ia64: define get_cycles macro for arch-override
s390: define get_cycles macro for arch-override
parisc: define get_cycles macro for arch-override
alpha: define get_cycles macro for arch-override
powerpc: define get_cycles macro for arch-override
timekeeping: Add raw clock fallback for random_get_entropy()
m68k: use fallback for random_get_entropy() instead of zero
riscv: use fallback for random_get_entropy() instead of zero
mips: use fallback for random_get_entropy() instead of just c0 random
arm: use fallback for random_get_entropy() instead of zero
nios2: use fallback for random_get_entropy() instead of zero
x86/tsc: Use fallback for random_get_entropy() instead of zero
um: use fallback for random_get_entropy() instead of zero
sparc: use fallback for random_get_entropy() instead of zero
xtensa: use fallback for random_get_entropy() instead of zero
random: insist on random_get_entropy() existing in order to simplify
random: do not use batches when !crng_ready()
random: use first 128 bits of input as fast init
random: do not pretend to handle premature next security model
random: order timer entropy functions below interrupt functions
random: do not use input pool from hard IRQs
random: help compiler out with fast_mix() by using simpler arguments
siphash: use one source of truth for siphash permutations
random: use symbolic constants for crng_init states
random: avoid initializing twice in credit race
random: move initialization out of reseeding hot path
random: remove ratelimiting for in-kernel unseeded randomness
random: use proper jiffies comparison macro
random: handle latent entropy and command line from random_init()
random: credit architectural init the exact amount
random: use static branch for crng_ready()
random: remove extern from functions in header
random: use proper return types on get_random_{int,long}_wait()
random: make consistent use of buf and len
random: move initialization functions out of hot pages
random: move randomize_page() into mm where it belongs
random: unify batched entropy implementations
random: convert to using fops->read_iter()
random: convert to using fops->write_iter()
random: wire up fops->splice_{read,write}_iter()
random: check for signals after page of pool writes
ALSA: ctxfi: Add SB046x PCI ID
Linux 5.10.119
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I65f898474b7704881a3dd528012e7e91b09b3767
|
||
|
Bing Han
|
0e1cb27700 |
ANDROID: vendor_hook: Add hook in shmem_writepage()
Add vendor hook android_vh_set_shmem_page_flag in shmem_writepage to set a flag in page_ext, which indicates that this page is a shmem page, to be used in android_vh_get_swap_page. The shared page should not be reclaimed to the extended memory, ie, the specified swap location. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I33a9007c88b4d8aab3da044c8a05eb45d7e74f3a |
||
|
Jann Horn
|
6c32496964 |
mm/slub: add missing TID updates on slab deactivation
commit eeaa345e128515135ccb864c04482180c08e3259 upstream.
The fastpath in slab_alloc_node() assumes that c->slab is stable as long as
the TID stays the same. However, two places in __slab_alloc() currently
don't update the TID when deactivating the CPU slab.
If multiple operations race the right way, this could lead to an object
getting lost; or, in an even more unlikely situation, it could even lead to
an object being freed onto the wrong slab's freelist, messing up the
`inuse` counter and eventually causing a page to be freed to the page
allocator while it still contains slab objects.
(I haven't actually tested these cases though, this is just based on
looking at the code. Writing testcases for this stuff seems like it'd be
a pain...)
The race leading to state inconsistency is (all operations on the same CPU
and kmem_cache):
- task A: begin do_slab_free():
- read TID
- read pcpu freelist (==NULL)
- check `slab == c->slab` (true)
- [PREEMPT A->B]
- task B: begin slab_alloc_node():
- fastpath fails (`c->freelist` is NULL)
- enter __slab_alloc()
- slub_get_cpu_ptr() (disables preemption)
- enter ___slab_alloc()
- take local_lock_irqsave()
- read c->freelist as NULL
- get_freelist() returns NULL
- write `c->slab = NULL`
- drop local_unlock_irqrestore()
- goto new_slab
- slub_percpu_partial() is NULL
- get_partial() returns NULL
- slub_put_cpu_ptr() (enables preemption)
- [PREEMPT B->A]
- task A: finish do_slab_free():
- this_cpu_cmpxchg_double() succeeds()
- [CORRUPT STATE: c->slab==NULL, c->freelist!=NULL]
From there, the object on c->freelist will get lost if task B is allowed to
continue from here: It will proceed to the retry_load_slab label,
set c->slab, then jump to load_freelist, which clobbers c->freelist.
But if we instead continue as follows, we get worse corruption:
- task A: run __slab_free() on object from other struct slab:
- CPU_PARTIAL_FREE case (slab was on no list, is now on pcpu partial)
- task A: run slab_alloc_node() with NUMA node constraint:
- fastpath fails (c->slab is NULL)
- call __slab_alloc()
- slub_get_cpu_ptr() (disables preemption)
- enter ___slab_alloc()
- c->slab is NULL: goto new_slab
- slub_percpu_partial() is non-NULL
- set c->slab to slub_percpu_partial(c)
- [CORRUPT STATE: c->slab points to slab-1, c->freelist has objects
from slab-2]
- goto redo
- node_match() fails
- goto deactivate_slab
- existing c->freelist is passed into deactivate_slab()
- inuse count of slab-1 is decremented to account for object from
slab-2
At this point, the inuse count of slab-1 is 1 lower than it should be.
This means that if we free all allocated objects in slab-1 except for one,
SLUB will think that slab-1 is completely unused, and may free its page,
leading to use-after-free.
Fixes:
|
||
|
Charan Teja Reddy
|
1002747429 |
ANDROID: mm: shmem: use reclaim_pages() to recalim pages from a list
Static code analysis tool reported NULL pointer access in
shrink_page_list() as the commit 26aa2d199d6f2 ("mm/migrate: demote
pages during reclaim") expects valid pgdat.
There is already an existing api, reclaim_pages, that tries to reclaim
pages from the list. use it instead of creating custom function.
Bug: 201263305
Fixes: 96f80f628451 ("ANDROID: mm: add reclaim_shmem_address_space() for faster reclaims")
Change-Id: Iaa11feac94c9e8338324ace0276c49d6a0adeb0c
Signed-off-by: Charan Teja Reddy <quic_charante@quicinc.com>
|
||
|
Sivasri Kumar, Vanka
|
9d60eef1f4 |
Merge keystone/android12-5.10-keystone-qcom-release.110+ (b92ac32) into msm-5.10
* refs/heads/tmp-b92ac32: FROMGIT: usb: gadget: uvc: calculate the number of request depending on framesize ANDROID: GKI: Add tracing_is_on interface into symbol list UPSTREAM: usb: gadget: f_mass_storage: Make CD-ROM emulation work with Mac OS-X BACKPORT: io_uring: fix race between timeout flush and removal BACKPORT: net/sched: cls_u32: fix netns refcount changes in u32_change() UPSTREAM: io_uring: always use original task when preparing req identity FROMLIST: remoteproc: Fix dma_mem leak after rproc_shutdown FROMLIST: dma-mapping: Add dma_release_coherent_memory to DMA API ANDROID: Update QCOM symbol list for __reset_control_get ANDROID: vendor_hooks: Add hooks for mutex BACKPORT: can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path ANDROID: fix up abi issue with struct snd_pcm_runtime, again Revert "coredump: Snapshot the vmas in do_coredump" Revert "coredump: Remove the WARN_ON in dump_vma_snapshot" Revert "coredump: Use the vma snapshot in fill_files_note" Revert "pstore: Don't use semaphores in always-atomic-context code" Revert "PCI: Reduce warnings on possible RW1C corruption" ANDROID: GKI: fix crc issue with commit |
||
|
Greg Kroah-Hartman
|
fa7f6a5f56 |
Merge branch 'android12-5.10' into branch 'android12-5.10-lts'
Sync up with android12-5.10 for the following commits: |
||
|
Bing Han
|
01680ae117 |
ANDROID: vendor_hook: Add hook in __free_pages()
Provide a vendor hook android_vh_free_pages to clear the information in struct page_ext, when the page is freed. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Iac8e3a72f59f8d3ae16dbc93d94034fe4b627d61 |
||
|
Bing Han
|
e064059673 |
ANDROID: create and export is_swap_slot_cache_enabled
Create and export a function is_swap_slot_cache_enabled to check whether the swap slot cache can be used. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Iaca9519b838e0c3c8c06acbec83003f8309aa363 |
||
|
Bing Han
|
f6f18f7ffa |
ANDROID: vendor_hook: Add hook in swap_slots
Provide a vendor hook android_vh_swap_slot_cache_active to pass the active status of swap_slots_cache. This status will be used in the process of reclaiming the pages that is required to be reclaimed to a specified swap location. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I8211760e0f37fe4a514f6ceaae9993925da8cd6d |
||
|
Bing Han
|
034877c195 |
ANDROID: mm: export swapcache_free_entries
Export swapcache_free_entries to be used in the alternative function android_vh_drain_slots_cache_cpu to swap entries in swap slot cache, it's usage is similar to the usage in drain_slots_cache_cpu. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Ia89b1728d540c5cc8995a939a918e12c23057266 |
||
|
Bing Han
|
06c2766cbc |
ANDROID: mm: export symbols used in vendor hook android_vh_get_swap_page()
3 symbols are exported to be used in vendor hook android_vh_get_swap_page: 1)check_cache_active, used to get swap page from the specified swap location, it's usage is similar to the usage in get_swap_page 2)scan_swap_map_slots, used to get swap page from the specified swap, it's usage is similar to get_swap_pages 3)swap_alloc_cluster, used to get swap page from the specified swap, it's usage is similar to get_swap_pages Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Ie24c5d32a16c7cb87905d034095ec8fb070dbe0f |
||
|
Bing Han
|
d4eef93a9d |
ANDROID: vendor_hooks: Add hooks to extend struct swap_slots_cache
Three vendor hooks are provided to extend struct swap_slots_cache. The extended data are used to record the information of the specified reclaimed swap location: 1) android_vh_alloc_swap_slot_cache, replace the function alloc_swap_slot_cache adding allocation of the extension of struct swap_slots_cache; 2) android_vh_drain_slots_cache_cpu, replace the function drain_slots_cache_cpu adding the initialization of the extension of struct swap_slots_cache; 3) android_vh_get_swap_page, replace the function get_swap_page, according to the reclaimed location information of the page, get the the swap page from the specified swap location; Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I3bce6e8cf255df1d879b7c4022d54981cce7c273 |
||
|
Bing Han
|
4506bcbba5 |
ANDROID: mm: export swap_type_to_swap_info
The function swap_type_to_swap_info is exported to access the swap_info_struct of the specified swap, which is regarded as reserved extended memory. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I0107e7d561150f1945a4c161e886e9e03383fff6 |
||
|
Bing Han
|
ed2b11d639 |
ANDROID: vendor_hook: Add hook in si_swapinfo()
Provide a vendor hook android_vh_si_swapinf to replace the process of updating nr_to_be_unused. When the page is swapped to a specified swap location, nr_to_be_unused should not be updated. Because the specified swap is regarded as a reserved extended memory. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Ie41caec345658589bf908fb0f96d038d1fba21f3 |
||
|
Bing Han
|
667f0d71dc |
ANDROID: vendor_hooks: Add hooks to extend the struct swap_info_struct
Two vendor hooks are added to extend the struct swap_info_struct: android_vh_alloc_si, extend the allocation of struct swap_info_struct, adding data to record the information of specified reclaimed location; android_vh_init_swap_info_struct, adding initializing the extension of struct swap_info_struct; Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I0e1d8e38ba7dfd52b609b1c14eb78f8b0ef0f9e6 |
||
|
Bing Han
|
bc4c73c182 |
ANDROID: vendor_hook: Add hooks in unuse_pte_range() and try_to_unuse()
When the page is unused, a vendor hook android_vh_unuse_swap_page should be called to specify that the page should not be swapped to the specified swap location any more. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I3fc3675020517f7cc69c76a06150dfb2380dae21 |
||
|
Bing Han
|
7222a0b29b |
ANDROID: vendor_hook: Add hooks in free_swap_slot()
Provide a vendor hook to replace the function free_swap_slot, adding the free_swap_slot process of pages swapped to the specified swap location(i.e., the reserved expended memory) Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Idd6d0007e64d56d556d1234a8b931fce06031809 |
||
|
Bing Han
|
d2fea0ba9a |
ANDROID: vendor_hook: Add hook to update nr_swap_pages and total_swap_pages
The specified swap is regarded as reserved extended memory. So nr_swap_pages and total_swap_pages should not be affected by the specified swap. Provide a vendor hook android_vh_account_swap_pages to replace the updating process of nr_swap_pages and total_swap_pages. When the page is swapped to the specified swap location, nr_swap_pages and total_swap_pages should not be updated. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Ib8dfb355d190399a037b9d9eda478a81c436e224 |
||
|
Bing Han
|
1aa26f0017 |
ANDROID: vendor_hook: Add hook in page_referenced_one()
Add android_vh_page_referenced_one_end at the end of function page_referenced_one to update the status that whether the page need to be reclaimed to a specified swap location. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Ia06a229956328ef776da5d163708dcb011a327fb |
||
|
Bing Han
|
851672a4b2 |
ANDROID: vendor_hooks: Add hooks to record the I/O statistics of swap:
android_vh_count_pswpin, Update the write I/O statistics of the swap; android_vh_count_pswpout, Update the read I/O statistics of the swap; android_vh_count_swpout_vm_event, Replace count_swpout_vm_event with adding updating the I/O statistics of the swap; Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I4eb69db59fe2d822555a508c2f0c6cd5ca9083d1 |
||
|
Bing Han
|
5bc9b10c45 |
ANDROID: vendor_hook: Add hook in migrate_page_states()
Provide a vendor hook to copy the status whether the page need to be reclaimed to a specified swap location. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I1a451b40407718900b56de6ed17b7fd5ef56da01 |
||
|
Bing Han
|
89a247a638 |
ANDROID: vendor_hook: Add hook in __migration_entry_wait()
android_vh_waiting_for_page_migration: provide a vendor hook to force not to reclaim the page under migration to a specified swap location, until the migration is finished. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Iceeae91cbd912d9c44d7eac25f1299bbff547388 |
||
|
Bing Han
|
f7c932399e |
ANDROID: vendor_hook: Add hook in handle_pte_fault()
android_vh_handle_pte_fault_end: after handle_pte_fault, update the information that whether this page need to be reclaimed to a swap location. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I0ceb02422fc858ed96fbb47e220bf96bdc8fa68c |
||
|
Bing Han
|
50148ce249 |
ANDROID: vendor_hook: Add hook in do_swap_page()
android_vh_swapin_add_anon_rmap: after add pte mapping to an anonymous page durning do_swap_page, update the status that whether this page need to be reclaimed to a swap location, according to the information of vm_fault. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I8a2d603102c315323817e6c9366db9b0da878344 |
||
|
Bing Han
|
9d4b553252 |
ANDROID: vendor_hook: Add hook in wp_page_copy()
android_vh_cow_user_page: when copy a page to a new page, set the status that whether the new page should be reclaimed to a specified swap location, according to the information of vm_fault. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Ie445c7b034ca176ec1e8fd1cd67c88581bf9ddf4 |
||
|
Bing Han
|
e3f469befb |
ANDROID: vendor_hooks: Add hooks to madvise_cold_or_pageout_pte_range()
Provide a vendor hook android_vh_page_isolated_for_reclaim to process whether the page should be reclaimed to a specified swap(i.e., the expanded memory). This strategy will take into account the state of the current process/application, resource usage, and other information. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: Id80a377c87bea13922e7b23963b050ab37ba0cb0 |
||
|
Bing Han
|
6b7243da5e |
ANDROID: vendor_hook: Add hook in snapshot_refaults()
Provide a vendor hook android_vh_snapshot_refaults to record the refault statistics of WORKINGSET_RESTORE_ANON; Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I20eb5ea99bf21fa8ba34b45e87d2ab9e9cdca167 |
||
|
Bing Han
|
6b04959511 |
ANDROID: vendor_hook: Add hook in inactive_is_low()
Provide a vendor hook android_vh_inactive_is_low to replace the calculation process of inactive_ratio. The alternative calculation algorithm takes into account the difference between file pages and anonymous pages. Bug: 234214858 Signed-off-by: Bing Han <bing.han@transsion.com> Change-Id: I6cf9c47fbc440852cc36e04f49d644146eb2c6af |
||
Mike Kravetz
|
63758dd959 |
hugetlb: fix huge_pmd_unshare address update
commit 48381273f8734d28ef56a5bdf1966dd8530111bc upstream.
The routine huge_pmd_unshare() is passed a pointer to an address
associated with an area which may be unshared. If unshare is successful
this address is updated to 'optimize' callers iterating over huge page
addresses. For the optimization to work correctly, address should be
updated to the last huge page in the unmapped/unshared area. However, in
the common case where the passed address is PUD_SIZE aligned, the address
is incorrectly updated to the address of the preceding huge page. That
wastes CPU cycles as the unmapped/unshared range is scanned twice.
Link: https://lkml.kernel.org/r/20220524205003.126184-1-mike.kravetz@oracle.com
Fixes:
|
||
Rei Yamamoto
|
7994d89012 |
mm, compaction: fast_find_migrateblock() should return pfn in the target zone
commit bbe832b9db2e1ad21522f8f0bf02775fff8a0e0e upstream.
At present, pages not in the target zone are added to cc->migratepages
list in isolate_migratepages_block(). As a result, pages may migrate
between nodes unintentionally.
This would be a serious problem for older kernels without commit
a984226f457f849e ("mm: memcontrol: remove the pgdata parameter of
mem_cgroup_page_lruvec"), because it can corrupt the lru list by
handling pages in list without holding proper lru_lock.
Avoid returning a pfn outside the target zone in the case that it is
not aligned with a pageblock boundary. Otherwise
isolate_migratepages_block() will handle pages not in the target zone.
Link: https://lkml.kernel.org/r/20220511044300.4069-1-yamamoto.rei@jp.fujitsu.com
Fixes:
|
||
Sultan Alsawaf
|
fae05b2314 |
zsmalloc: fix races between asynchronous zspage free and page migration
commit 2505a981114dcb715f8977b8433f7540854851d8 upstream.
The asynchronous zspage free worker tries to lock a zspage's entire page
list without defending against page migration. Since pages which haven't
yet been locked can concurrently migrate off the zspage page list while
lock_zspage() churns away, lock_zspage() can suffer from a few different
lethal races.
It can lock a page which no longer belongs to the zspage and unsafely
dereference page_private(), it can unsafely dereference a torn pointer to
the next page (since there's a data race), and it can observe a spurious
NULL pointer to the next page and thus not lock all of the zspage's pages
(since a single page migration will reconstruct the entire page list, and
create_page_chain() unconditionally zeroes out each list pointer in the
process).
Fix the races by using migrate_read_lock() in lock_zspage() to synchronize
with page migration.
Link: https://lkml.kernel.org/r/20220509024703.243847-1-sultan@kerneltoast.com
Fixes:
|
||
|
Sivasri Kumar, Vanka
|
b3d2d42542 |
Merge keystone/android12-5.10-keystone-qcom-release.101+ (ac14ef0) into msm-5.10
* refs/heads/tmp-ac14ef0: BACKPORT: can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path ANDROID: GKI: Update symbols to symbol list ANDROID: oplus: Update the ABI xml and symbol list UPSTREAM: remoteproc: Fix count check in rproc_coredump_write() BACKPORT: esp: Fix possible buffer overflow in ESP transformation ANDROID: Fix the drain_all_pages default condition broken by a hook UPSTREAM: Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" UPSTREAM: xfrm: fix MTU regression ANDROID: signal: Add vendor hook for memory reaping FROMGIT: usb: gadget: uvc: allow for application to cleanly shutdown FROMGIT: usb: dwc3: gadget: increase tx fifo size for ss isoc endpoints UPSTREAM: usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() FROMGIT: usb: gadget: uvc: remove pause flag use FROMGIT: usb: gadget: uvc: allow changing interface name via configfs UPSTREAM: usb: gadget: uvc: Fix crash when encoding data for usb request UPSTREAM: usb: gadget: uvc: test if ep->desc is valid on ep_queue UPSTREAM: usb: gadget: uvc: only pump video data if necessary UPSTREAM: usb: gadget: uvc: only schedule stream in streaming state UPSTREAM: usb: dwc3: gadget: Give some time to schedule isoc UPSTREAM: usb: gadget: uvc: make uvc_num_requests depend on gadget speed UPSTREAM: usb: gadget: composite: Show warning if function driver's descriptors are incomplete. FROMLIST: kbuild: Add environment variables for userprogs flags ANDROID: dm-bow: Protect Ranges fetched and erased from the RB tree BACKPORT: staging: ion: Prevent incorrect reference counting behavour FROMGIT: net: fix wrong network header length UPSTREAM: mm: fix unexpected zeroed page mapping with zram swap ANDROID: vendor_hooks: Add hooks for mutex UPSTREAM: usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback UPSTREAM: usb: dwc3: Issue core soft reset before enabling run/stop UPSTREAM: usb: dwc3: gadget: Wait for ep0 xfers to complete during dequeue ANDROID: Update QCOM symbol list for trace_map/unmap ANDROID: fix KCFLAGS override by __ANDROID_COMMON_KERNEL__ ANDROID: vendor_hooks: tune reclaim scan type for specified mem_cgroup ANDROID: vendor_hooks: Add hooks for rwsem ANDROID: Add flag to indicate compiling against ACK ANDROID: GKI: build damon reclaim FROMLIST: mm/damon/reclaim: Fix the timer always stays active BACKPORT: treewide: Add missing includes masked by cgroup -> bpf dependency UPSTREAM: mm/damon: modify damon_rand() macro to static inline function UPSTREAM: mm/damon: add 'age' of region tracepoint support UPSTREAM: mm/damon: hide kernel pointer from tracepoint event UPSTREAM: mm/damon/vaddr: hide kernel pointer from damon_va_three_regions() failure log UPSTREAM: mm/damon/vaddr: use pr_debug() for damon_va_three_regions() failure logging UPSTREAM: mm/damon/dbgfs: remove an unnecessary variable UPSTREAM: mm/damon: move the implementation of damon_insert_region to damon.h UPSTREAM: mm/damon: add access checking for hugetlb pages UPSTREAM: mm/damon/dbgfs: support all DAMOS stats UPSTREAM: mm/damon/reclaim: provide reclamation statistics UPSTREAM: mm/damon/schemes: account how many times quota limit has exceeded UPSTREAM: mm/damon/schemes: account scheme actions that successfully applied UPSTREAM: mm/damon: convert macro functions to static inline functions UPSTREAM: mm/damon: move damon_rand() definition into damon.h UPSTREAM: mm/damon/schemes: add the validity judgment of thresholds UPSTREAM: mm/damon/vaddr: remove swap_ranges() and replace it with swap() UPSTREAM: mm/damon: remove some unneeded function definitions in damon.h UPSTREAM: mm/damon/core: use abs() instead of diff_of() UPSTREAM: mm/damon: unified access_check function naming rules UPSTREAM: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()' UPSTREAM: mm/damon/dbgfs: protect targets destructions with kdamond_lock UPSTREAM: mm/damon/vaddr-test: remove unnecessary variables UPSTREAM: mm/damon/vaddr-test: split a test function having >1024 bytes frame size UPSTREAM: mm/damon/vaddr: remove an unnecessary warning message UPSTREAM: mm/damon/core: remove unnecessary error messages UPSTREAM: mm/damon/dbgfs: remove an unnecessary error message UPSTREAM: mm/damon/core: use better timer mechanisms selection threshold UPSTREAM: mm/damon/core: fix fake load reports due to uninterruptible sleeps BACKPORT: timers: implement usleep_idle_range() UPSTREAM: mm/damon/dbgfs: fix missed use of damon_dbgfs_lock UPSTREAM: mm/damon/dbgfs: use '__GFP_NOWARN' for user-specified size buffer allocation UPSTREAM: mm/damon: remove return value from before_terminate callback UPSTREAM: mm/damon: fix a few spelling mistakes in comments and a pr_debug message UPSTREAM: mm/damon: simplify stop mechanism UPSTREAM: mm/damon/dbgfs: add adaptive_targets list check before enable monitor_on UPSTREAM: mm/damon: remove unnecessary variable initialization UPSTREAM: mm/damon: introduce DAMON-based Reclamation (DAMON_RECLAIM) UPSTREAM: selftests/damon: support watermarks UPSTREAM: mm/damon/dbgfs: support watermarks UPSTREAM: mm/damon/schemes: activate schemes based on a watermarks mechanism UPSTREAM: tools/selftests/damon: update for regions prioritization of schemes UPSTREAM: mm/damon/dbgfs: support prioritization weights UPSTREAM: mm/damon/vaddr,paddr: support pageout prioritization UPSTREAM: mm/damon/schemes: prioritize regions within the quotas UPSTREAM: mm/damon/selftests: support schemes quotas UPSTREAM: mm/damon/dbgfs: support quotas of schemes UPSTREAM: mm/damon/schemes: implement time quota UPSTREAM: mm/damon/schemes: skip already charged targets and regions UPSTREAM: mm/damon/schemes: implement size quota for schemes application speed control UPSTREAM: mm/damon/paddr: support the pageout scheme UPSTREAM: mm/damon/dbgfs: remove unnecessary variables UPSTREAM: mm/damon/vaddr: constify static mm_walk_ops UPSTREAM: mm/damon/dbgfs: support physical memory monitoring UPSTREAM: mm/damon: implement primitives for physical address space monitoring UPSTREAM: mm/damon/vaddr: separate commonly usable functions UPSTREAM: mm/damon/dbgfs-test: add a unit test case for 'init_regions' UPSTREAM: mm/damon/dbgfs: allow users to set initial monitoring target regions UPSTREAM: selftests/damon: add 'schemes' debugfs tests UPSTREAM: mm/damon/schemes: implement statistics feature UPSTREAM: mm/damon/dbgfs: support DAMON-based Operation Schemes UPSTREAM: mm/damon/vaddr: support DAMON-based Operation Schemes UPSTREAM: mm/damon/core: implement DAMON-based Operation Schemes (DAMOS) UPSTREAM: mm/damon/core: account age of target regions UPSTREAM: mm/damon/core: nullify pointer ctx->kdamond with a NULL UPSTREAM: mm/damon: needn't hold kdamond_lock to print pid of kdamond UPSTREAM: mm/damon: remove unnecessary do_exit() from kdamond UPSTREAM: mm/damon/core: print kdamond start log in debug mode only UPSTREAM: include/linux/damon.h: fix kernel-doc comments for 'damon_callback' UPSTREAM: mm/damon: grammar s/works/work/ UPSTREAM: mm/damon/core-test: fix wrong expectations for 'damon_split_regions_of()' UPSTREAM: mm/damon: don't use strnlen() with known-bogus source length UPSTREAM: mm/damon: add kunit tests UPSTREAM: mm/damon: add user space selftests UPSTREAM: mm/damon/dbgfs: support multiple contexts UPSTREAM: mm/damon/dbgfs: export kdamond pid to the user space UPSTREAM: mm/damon: implement a debugfs-based user space interface UPSTREAM: mm/damon: add a tracepoint UPSTREAM: mm/damon: implement primitives for the virtual memory address spaces UPSTREAM: mm/idle_page_tracking: make PG_idle reusable UPSTREAM: mm/damon: adaptively adjust regions UPSTREAM: mm/damon/core: implement region-based sampling UPSTREAM: mm: introduce Data Access MONitor (DAMON) BACKPORT: net/packet: fix slab-out-of-bounds access in packet_recvmsg() BACKPORT: fuse: fix pipe buffer lifetime for direct_io BACKPORT: dm: fix NULL pointer issue when free bio UPSTREAM: kfence, x86: fix preemptible warning on KPTI-enabled systems ANDROID: ABI: Update allowed list for galaxy ANDROID: abi_gki_aarch64.xml: update based on proper LTO=full setting BACKPORT: virtio-blk: Use blk_validate_block_size() to validate block size ANDROID: add for tuning readahead size BACKPORT: media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls BACKPORT: nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size BACKPORT: ext4: don't BUG if someone dirty pages without asking ext4 first ANDROID: GKI: Update symbols to abi_gki_aarch64_oplus BACKPORT: iommu: Extend mutex lock scope in iommu_probe_device() BACKPORT: iommu: Fix race condition during default domain allocation ANDROID: GKI: Update symbols to symbol list Conflicts: build.config.common Change-Id: I30e0e3ce2527d66896add9fe45d71924557a46f2 Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com> |
||
Jason A. Donenfeld
|
552ae8e484 |
random: move randomize_page() into mm where it belongs
commit 5ad7dd882e45d7fe432c32e896e2aaa0b21746ea upstream. randomize_page is an mm function. It is documented like one. It contains the history of one. It has the naming convention of one. It looks just like another very similar function in mm, randomize_stack_top(). And it has always been maintained and updated by mm people. There is no need for it to be in random.c. In the "which shape does not look like the other ones" test, pointing to randomize_page() is correct. So move randomize_page() into mm/util.c, right next to the similar randomize_stack_top() function. This commit contains no actual code changes. Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
131b12d50f |
Merge tag 'android12-5.10.110_r01' into android12-5.10
This is the merge of the upstream LTS release of 5.4.110 into the android12-5.10 branch. It contains the following commits: |
||
|
Sivasri Kumar, Vanka
|
53f97d77bb |
Merge keystone/android12-5.10-keystone-qcom-release.101+ (a0a7006) into msm-5.10
* refs/heads/tmp-a0a7006: ANDROID: Fix the drain_all_pages default condition broken by a hook UPSTREAM: Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" UPSTREAM: xfrm: fix MTU regression FROMGIT: net: fix wrong network header length Change-Id: Ia72d25a98cd228e76a9f466d777d2caafaf82951 Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com> |
||
|
Greg Kroah-Hartman
|
0577ff1c69 |
This is the 5.10.116 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmKBP7IACgkQONu9yGCS
aT5VzQ/9Ed75mD3HMc++efYdqclRotN80MMLRypmcw+hIXBe8nbUvHaRmFkFtatV
IiDTDVHNDPvhU+CGHKYgNnCEmZqZUjtHalG+pH05wTY3Kc01emJ6bcnAzBWaHsbc
/083tEGnq3LT71YpqaMP0OL6xihqKaNquH8dN6ZlKUeIQHcnuEgm+TaIPKRBQkVt
DTmUlcOsLFk9xN/lR8iXV5vnzMPVIBlzGBk4eBhZeOo8k/fHCqMLqa5ndwn6ZN1i
V3MhopG1ZR7X3N38rpvFGn+yGWGSz8w1c+WeFRqEI82+gMrbeKNfNDF5QHAYC3B1
HlaqhGPWzM6bB+sHZUNA5FaCeybjwSjvA/76idPKHi65N1Z/qJKqO9fRyHXPJpjK
CA7Q0wsLb8Ui/T6eEqxCtaj0zN7F4TpKyZXkGpRMMCJ+FFObCsoU+RqJifr0kznl
0bI9x+O17DMwYT95vQaM5lsIO+Nme3s+H5zTFiE4tVCHk3+C6H2lu99dDudMUpLM
vitjrHkbVovXmnV4iyRFIUafhtCFxu3leJNwKxNUbofFgQ+/PQkEMfDzVTxsYe2F
8Z8ZRBMw0YEq+3qTvTiBw614jNqr9NMJ697E84rL9kc6oAucXfeaE9lnB1R5zYeT
a5Tt0kLtuPmd8RB6euUWsnTfh+EWIFkfDXfkK8L9r5Nc10aML4o=
=3OVe
-----END PGP SIGNATURE-----
Merge 5.10.116 into android12-5.10-lts
Changes in 5.10.116
MIPS: Use address-of operator on section symbols
regulator: consumer: Add missing stubs to regulator/consumer.h
block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
drm/amd/display/dc/gpio/gpio_service: Pass around correct dce_{version, environment} types
nfp: bpf: silence bitwise vs. logical OR warning
arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
Bluetooth: Fix the creation of hdev->name
mm: fix missing cache flush for all tail pages of compound page
mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic()
Linux 5.10.116
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ie56f60d172ca37af63c180390007d6b65d0618a5
|
||
|
Suren Baghdasaryan
|
f4c0e37dbc |
ANDROID: Fix the drain_all_pages default condition broken by a hook
The condition introduced by a patch adding a vendor hook to skip drain_all_pages is invalid and changes the default behavior for CMA allocations. Fix the condition to restore default behavior. Fixes: |
||
|
Muchun Song
|
d1ac096f88 |
mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic()
commit 7c25a0b89a487878b0691e6524fb5a8827322194 upstream. userfaultfd calls mcopy_atomic_pte() and __mcopy_atomic() which do not do any cache flushing for the target page. Then the target page will be mapped to the user space with a different address (user address), which might have an alias issue with the kernel address used to copy the data from the user to. Fix this by insert flush_dcache_page() after copy_from_user() succeeds. Link: https://lkml.kernel.org/r/20220210123058.79206-7-songmuchun@bytedance.com Fixes: |
||
|
Muchun Song
|
c6cbf5431a |
mm: hugetlb: fix missing cache flush in copy_huge_page_from_user()
commit e763243cc6cb1fcc720ec58cfd6e7c35ae90a479 upstream.
userfaultfd calls copy_huge_page_from_user() which does not do any cache
flushing for the target page. Then the target page will be mapped to
the user space with a different address (user address), which might have
an alias issue with the kernel address used to copy the data from the
user to.
Fix this issue by flushing dcache in copy_huge_page_from_user().
Link: https://lkml.kernel.org/r/20220210123058.79206-4-songmuchun@bytedance.com
Fixes:
|
||
|
Muchun Song
|
308ff6a6e7 |
mm: fix missing cache flush for all tail pages of compound page
commit 2771739a7162782c0aa6424b2e3dd874e884a15d upstream.
The D-cache maintenance inside move_to_new_page() only consider one
page, there is still D-cache maintenance issue for tail pages of
compound page (e.g. THP or HugeTLB).
THP migration is only enabled on x86_64, ARM64 and powerpc, while
powerpc and arm64 need to maintain the consistency between I-Cache and
D-Cache, which depends on flush_dcache_page() to maintain the
consistency between I-Cache and D-Cache.
But there is no issues on arm64 and powerpc since they already considers
the compound page cache flushing in their icache flush function.
HugeTLB migration is enabled on arm, arm64, mips, parisc, powerpc,
riscv, s390 and sh, while arm has handled the compound page cache flush
in flush_dcache_page(), but most others do not.
In theory, the issue exists on many architectures. Fix this by not
using flush_dcache_folio() since it is not backportable.
Link: https://lkml.kernel.org/r/20220210123058.79206-3-songmuchun@bytedance.com
Fixes:
|
||
|
Mike Rapoport
|
9ff4a6b806 |
arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
commit 5e545df3292fbd3d5963c68980f1527ead2a2b3f upstream.
ARM is the only architecture that defines CONFIG_ARCH_HAS_HOLES_MEMORYMODEL
which in turn enables memmap_valid_within() function that is intended to
verify existence of struct page associated with a pfn when there are holes
in the memory map.
However, the ARCH_HAS_HOLES_MEMORYMODEL also enables HAVE_ARCH_PFN_VALID
and arch-specific pfn_valid() implementation that also deals with the holes
in the memory map.
The only two users of memmap_valid_within() call this function after
a call to pfn_valid() so the memmap_valid_within() check becomes redundant.
Remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL and memmap_valid_within() and rely
entirely on ARM's implementation of pfn_valid() that is now enabled
unconditionally.
Link: https://lkml.kernel.org/r/20201101170454.9567-9-rppt@kernel.org
Signed-off-by: Mike Rapoport <rppt@linux.ibm.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: Greg Ungerer <gerg@linux-m68k.org>
Cc: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Matt Turner <mattst88@gmail.com>
Cc: Meelis Roos <mroos@linux.ee>
Cc: Michael Schmitz <schmitzmic@gmail.com>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Reported-by: kernel test robot <lkp@intel.com>
Fixes:
|
||
|
Suren Baghdasaryan
|
66f0c91b2f |
ANDROID: Fix the drain_all_pages default condition broken by a hook
The condition introduced by a patch adding a vendor hook to skip
drain_all_pages is invalid and changes the default behavior for CMA
allocations. Fix the condition to restore default behavior.
Fixes:
|
||
|
Greg Kroah-Hartman
|
6273d79c86 |
This is the 5.10.114 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJ4vqgACgkQONu9yGCS aT6QRRAA1w5DvnVDBc87zfegqoYAffgWJAmifSraMlb9gQIorKziH3UA/Z1AIn3D AB/ogqmpWacj5FFxOZtaC46224zCMV20dTsLx8tdigR5V04n4ZYXwoAvZB2FycFa uPq4ak3myPKYPofysq6iBExOxnVOtJicklMFwPu25Nf7O8/On0XyqGaHx4rTSlBx pgM3PLdBUlFJmkWsRtiQ6fIPZ8td38Dffk6E1oPW0ZZqDHEjZTE+rfeeGJv6FCdO CIR542BxgS/mlyfmLdaFkm4pO5Spminb9kEbU173R9RGUop0QSxkGn8AQbqD22Ts 74UChzqCEkhoY/qFCxE1rX1mYHYp3XwNuvbD389ocEw5M7ZqVNxf7oDjoqlY81rI t1U6I3S6ET3T18i9UmF4GGJHr1kpT+TYMi1n1moNwft4twlrSVsNgKJ8pH51P9+M MIQJE+mxj50aE5PZNc3LUzIs3E3+/5fyOEahmLBaXR/3117uklc3XQwuWr+UzGwJ 7sI383AAU0RHHM1IOTba4A8gd4z5DbFeRd9Fhl/drZ/gVYVpfkscqfUCBlWIdZ/A wj2DKc4jRFXzflKTHuce2mxuJAOpjjpTz3yBw1qs9gcbB+xIFfei9kZXaXEUzKuu wwCGW7cuGuXWJr3rFkMqY00ioLxjUZ6e3Kha5kyzwoHZ1r5ARcA= =ihPO -----END PGP SIGNATURE----- Merge 5.10.114 into android12-5.10-lts Changes in 5.10.114 floppy: disable FDRAWCMD by default lightnvm: disable the subsystem usb: mtu3: fix USB 3.0 dual-role-switch from device to host USB: quirks: add a Realtek card reader USB: quirks: add STRING quirk for VCOM device USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader USB: serial: option: add support for Cinterion MV32-WA/MV32-WB USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions xhci: Enable runtime PM on second Alderlake controller xhci: stop polling roothubs after shutdown xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms iio: dac: ad5592r: Fix the missing return value. iio: dac: ad5446: Fix read_raw not returning set value iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() iio: imu: inv_icm42600: Fix I2C init possible nack usb: misc: fix improper handling of refcount in uss720_probe() usb: typec: ucsi: Fix reuse of completion structure usb: typec: ucsi: Fix role swapping usb: gadget: uvc: Fix crash when encoding data for usb request usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() usb: dwc3: Try usb-role-switch first in dwc3_drd_init usb: dwc3: core: Fix tx/rx threshold settings usb: dwc3: core: Only handle soft-reset in DCTL usb: dwc3: gadget: Return proper request status usb: cdns3: Fix issue for clear halt endpoint usb: phy: generic: Get the vbus supply serial: imx: fix overrun interrupts in DMA mode serial: 8250: Also set sticky MCR bits in console restoration serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device arch_topology: Do not set llc_sibling if llc_id is invalid pinctrl: samsung: fix missing GPIOLIB on ARM64 Exynos config hex2bin: make the function hex_to_bin constant-time hex2bin: fix access beyond string end riscv: patch_text: Fixup last cpu should be master x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests iocost: don't reset the inuse weight of under-weighted debtors video: fbdev: udlfb: properly check endpoint type arm64: dts: meson: remove CPU opps below 1GHz for G12B boards arm64: dts: meson: remove CPU opps below 1GHz for SM1 boards iio:imu:bmi160: disable regulator in error path mtd: rawnand: fix ecc parameters for mt7622 USB: Fix xhci event ring dequeue pointer ERDP update issue ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe phy: samsung: exynos5250-sata: fix missing device put in probe error paths ARM: OMAP2+: Fix refcount leak in omap_gic_of_init bus: ti-sysc: Make omap3 gpt12 quirk handling SoC specific phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe ARM: dts: Fix mmc order for omap3-gta04 ARM: dts: am3517-evm: Fix misc pinmuxing ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 ipvs: correctly print the memory size of ip_vs_conn_tab pinctrl: mediatek: moore: Fix build error mtd: rawnand: Fix return value check of wait_for_completion_timeout mtd: fix 'part' field data corruption in mtd_info pinctrl: stm32: Do not call stm32_gpio_get() for edge triggered IRQs in EOI memory: renesas-rpc-if: Fix HF/OSPI data transfer in Manual Mode net: dsa: Add missing of_node_put() in dsa_port_link_register_of netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook pinctrl: rockchip: fix RK3308 pinmux bits tcp: md5: incorrect tcp_header_len for incoming connections pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested tcp: ensure to use the most recently sent skb when filling the rate sample wireguard: device: check for metadata_dst with skb_valid_dst() sctp: check asoc strreset_chunk in sctp_generate_reconf_event ARM: dts: imx6ull-colibri: fix vqmmc regulator arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock pinctrl: pistachio: fix use of irq_of_parse_and_map() cpufreq: fix memory leak in sun50i_cpufreq_nvmem_probe net: hns3: modify the return code of hclge_get_ring_chain_from_mbx net: hns3: add validity check for message data length net: hns3: add return value for mailbox handling in PF net/smc: sync err code when tcp connection was refused ip_gre: Make o_seqno start from 0 in native mode ip6_gre: Make o_seqno start from 0 in native mode ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT tcp: make sure treq->af_specific is initialized bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() net: bcmgenet: hide status block before TX timestamping net: phy: marvell10g: fix return value on error net: dsa: lantiq_gswip: Don't set GSWIP_MII_CFG_RMII_CLK drm/amdkfd: Fix GWS queue count drm/amd/display: Fix memory leak in dcn21_clock_source_create tls: Skip tls_append_frag on zero copy size bnx2x: fix napi API usage sequence net: fec: add missing of_node_put() in fec_enet_init_stop_mode() ixgbe: ensure IPsec VF<->PF compatibility ibmvnic: fix miscellaneous checks Revert "ibmvnic: Add ethtool private flag for driver-defined queue limits" tcp: fix F-RTO may not work correctly when receiving DSACK ASoC: Intel: soc-acpi: correct device endpoints for max98373 ASoC: wm8731: Disable the regulator when probing fails ext4: fix bug_on in start_this_handle during umount filesystem x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 cifs: destage any unwritten data to the server before calling copychunk_write drivers: net: hippi: Fix deadlock in rr_close() powerpc/perf: Fix 32bit compile zonefs: Fix management of open zones zonefs: Clear inode information flags on inode creation kasan: prevent cpu_quarantine corruption when CPU offline and cache shrink occur at same time drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses net: ethernet: stmmac: fix write to sgmii_adapter_base thermal: int340x: Fix attr.show callback prototype x86/cpu: Load microcode during restore_processor_state() perf symbol: Pass is_kallsyms to symbols__fixup_end() perf symbol: Update symbols__fixup_end() tty: n_gsm: fix restart handling via CLD command tty: n_gsm: fix decoupled mux resource tty: n_gsm: fix mux cleanup after unregister tty device tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 tty: n_gsm: fix malformed counter for out of frame data netfilter: nft_socket: only do sk lookups when indev is available tty: n_gsm: fix insufficient txframe size tty: n_gsm: fix wrong DLCI release order tty: n_gsm: fix missing explicit ldisc flush tty: n_gsm: fix wrong command retry handling tty: n_gsm: fix wrong command frame length field encoding tty: n_gsm: fix reset fifo race condition tty: n_gsm: fix incorrect UA handling tty: n_gsm: fix software flow control handling perf symbol: Remove arch__symbols__fixup_end() Linux 5.10.114 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I5bae5ef7c58046213b62c82599707f569a955337 |
||
|
Greg Kroah-Hartman
|
141fbd343b |
Revert "oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup"
This reverts commit |
||
|
Greg Kroah-Hartman
|
ca9b002a16 |
This is the 5.10.113 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJpLt4ACgkQONu9yGCS aT5Wjg//dzSnqQoqXgMjLwSoMx15rfs/HjC8vgRUpdKctpzITabLc7ywdbcxuyQt it+tlQAFMIq2caH20M+u91zm1kre9f8ap5KnVEt+snkJK+mxWZ8u0uxgzGqRJV7w 1SX4lRCdbfT82T2qjlPFlLQ3bFlxy1nbYHJI1lOltl8JXgHEHuFDGH0oWr6QwdOu wAayeL5MmIpUqtLE7G5Jb9Yc1Hg+dCPHGjJNHbtR6URnVGNY664Moz/ij0qWA8RE Gaxxud677xEVoc3OVRS3r9CzEmhZGBeI0xwc9Gc8vGWaVkJGlS2/p/+M8mk75yKu gUpGZE2DNZ+8G0rs/9hs74nV01KpcOCJokLTqka+0MqKHalNVibkw8RPLThn30Ct JyK43veFQigd3WJULwvOaoM4YBzCishYQc2jvyftZRqb5rxRfTk62UoQoqNgmhyr 1MDUS8w741jF0qdH/v8Wgv7H64d4iilZV6VqVtWiyowPphHbd76qGpRSe42Xg/gY gL/xfjS17Uwid5es+wzIP4J9D3yxwwh3KZjgfAuaOVnMVCn2RqEjZyqQJSCAc8sF kCPMbXjAN9/5sGwidGGDf7ML67MIcIF6928pel95RU3lmz7X5cEzN2FCeAZg28rn W2iiSeWEh6XD7Pzbd+TYYftG3M2kGN6qzaKM2wOGNc6cK/dDROs= =NhyD -----END PGP SIGNATURE----- Merge 5.10.113 into android12-5.10-lts Changes in 5.10.113 etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead mm: page_alloc: fix building error on -Werror=array-compare tracing: Dump stacktrace trigger to the corresponding instance perf tools: Fix segfault accessing sample_id xyarray gfs2: assign rgrp glock before compute_bitstructs net/sched: cls_u32: fix netns refcount changes in u32_change() ALSA: usb-audio: Clear MIDI port active flag after draining ALSA: hda/realtek: Add quirk for Clevo NP70PNP dm: fix mempool NULL pointer race when completing IO ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek ASoC: msm8916-wcd-digital: Check failure for devm_snd_soc_register_component ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use dmaengine: imx-sdma: Fix error checking in sdma_event_remap dmaengine: mediatek:Fix PM usage reference leak of mtk_uart_apdma_alloc_chan_resources spi: spi-mtk-nor: initialize spi controller after resume esp: limit skb_page_frag_refill use to a single page igc: Fix infinite loop in release_swfw_sync igc: Fix BUG: scheduling while atomic rxrpc: Restore removed timer deletion net/smc: Fix sock leak when release after smc_shutdown() net/packet: fix packet_sock xmit return value checking ip6_gre: Avoid updating tunnel->tun_hlen in __gre6_xmit() ip6_gre: Fix skb_under_panic in __gre6_xmit() net/sched: cls_u32: fix possible leak in u32_init_knode() l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu ipv6: make ip6_rt_gc_expire an atomic_t netlink: reset network and mac headers in netlink_dump() net: stmmac: Use readl_poll_timeout_atomic() in atomic state dmaengine: idxd: add RO check for wq max_batch_size write dmaengine: idxd: add RO check for wq max_transfer_size write selftests: mlxsw: vxlan_flooding: Prevent flooding of unwanted packets arm64/mm: Remove [PUD|PMD]_TABLE_BIT from [pud|pmd]_bad() arm64: mm: fix p?d_leaf() ARM: vexpress/spc: Avoid negative array index when !SMP reset: tegra-bpmp: Restore Handle errors in BPMP response platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant arm64: dts: imx: Fix imx8*-var-som touchscreen property sizes vxlan: fix error return code in vxlan_fdb_append cifs: Check the IOCB_DIRECT flag, not O_DIRECT net: atlantic: Avoid out-of-bounds indexing mt76: Fix undefined behavior due to shift overflowing the constant brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant dpaa_eth: Fix missing of_node_put in dpaa_get_ts_info() drm/msm/mdp5: check the return of kzalloc() net: macb: Restart tx only if queue pointer is lagging scsi: qedi: Fix failed disconnect handling stat: fix inconsistency between struct stat and struct compat_stat nvme: add a quirk to disable namespace identifiers nvme-pci: disable namespace identifiers for Qemu controllers EDAC/synopsys: Read the error count from the correct register mm, hugetlb: allow for "high" userspace addresses oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove() ata: pata_marvell: Check the 'bmdma_addr' beforing reading dma: at_xdmac: fix a missing check on list iterator net: atlantic: invert deep par in pm functions, preventing null derefs xtensa: patch_text: Fixup last cpu should be master xtensa: fix a7 clobbering in coprocessor context load/store openvswitch: fix OOB access in reserve_sfa_size() gpio: Request interrupts after IRQ is initialized ASoC: soc-dapm: fix two incorrect uses of list iterator e1000e: Fix possible overflow in LTR decoding ARC: entry: fix syscall_trace_exit argument arm_pmu: Validate single/group leader events sched/pelt: Fix attach_entity_load_avg() corner case perf/core: Fix perf_mmap fail when CONFIG_PERF_USE_VMALLOC enabled drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare KVM: PPC: Fix TCE handling for VFIO drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync() usage powerpc/perf: Fix power9 event alternatives perf report: Set PERF_SAMPLE_DATA_SRC bit for Arm SPE event ext4: fix fallocate to use file_modified to update permissions consistently ext4: fix symlink file size not match to file content ext4: fix use-after-free in ext4_search_dir ext4: limit length to bitmap_maxbytes - blocksize in punch_hole ext4, doc: fix incorrect h_reserved size ext4: fix overhead calculation to account for the reserved gdt blocks ext4: force overhead calculation if the s_overhead_cluster makes no sense can: isotp: stop timeout monitoring when no first frame was sent jbd2: fix a potential race while discarding reserved buffers after an abort spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and controller staging: ion: Prevent incorrect reference counting behavour block/compat_ioctl: fix range check in BLKGETSIZE Revert "net: micrel: fix KS8851_MLL Kconfig" Linux 5.10.113 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I4ed10699cbb32b89caf79b8b4a2a35b3d8824115 |
||
|
Greg Kroah-Hartman
|
f64cd19a00 |
Merge branch 'android12-5.10' into android12-5.10-lts
Sync up with android12-5.10 for the following commits: |
||
Zqiang
|
78d4dccf16 |
kasan: prevent cpu_quarantine corruption when CPU offline and cache shrink occur at same time
commit 31fa985b4196f8a66f027672e9bf2b81fea0417c upstream. kasan_quarantine_remove_cache() is called in kmem_cache_shrink()/ destroy(). The kasan_quarantine_remove_cache() call is protected by cpuslock in kmem_cache_destroy() to ensure serialization with kasan_cpu_offline(). However the kasan_quarantine_remove_cache() call is not protected by cpuslock in kmem_cache_shrink(). When a CPU is going offline and cache shrink occurs at same time, the cpu_quarantine may be corrupted by interrupt (per_cpu_remove_cache operation). So add a cpu_quarantine offline flags check in per_cpu_remove_cache(). [akpm@linux-foundation.org: add comment, per Zqiang] Link: https://lkml.kernel.org/r/20220414025925.2423818-1-qiang1.zhang@intel.com Signed-off-by: Zqiang <qiang1.zhang@intel.com> Reviewed-by: Dmitry Vyukov <dvyukov@google.com> Cc: Andrey Ryabinin <ryabinin.a.a@gmail.com> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Konovalov <andreyknvl@gmail.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Minchan Kim
|
a37eec78a6 |
UPSTREAM: mm: fix unexpected zeroed page mapping with zram swap
commit e914d8f00391520ecc4495dd0ca0124538ab7119 upstream.
Two processes under CLONE_VM cloning, user process can be corrupted by
seeing zeroed page unexpectedly.
CPU A CPU B
do_swap_page do_swap_page
SWP_SYNCHRONOUS_IO path SWP_SYNCHRONOUS_IO path
swap_readpage valid data
swap_slot_free_notify
delete zram entry
swap_readpage zeroed(invalid) data
pte_lock
map the *zero data* to userspace
pte_unlock
pte_lock
if (!pte_same)
goto out_nomap;
pte_unlock
return and next refault will
read zeroed data
The swap_slot_free_notify is bogus for CLONE_VM case since it doesn't
increase the refcount of swap slot at copy_mm so it couldn't catch up
whether it's safe or not to discard data from backing device. In the
case, only the lock it could rely on to synchronize swap slot freeing is
page table lock. Thus, this patch gets rid of the swap_slot_free_notify
function. With this patch, CPU A will see correct data.
CPU A CPU B
do_swap_page do_swap_page
SWP_SYNCHRONOUS_IO path SWP_SYNCHRONOUS_IO path
swap_readpage original data
pte_lock
map the original data
swap_free
swap_range_free
bd_disk->fops->swap_slot_free_notify
swap_readpage read zeroed data
pte_unlock
pte_lock
if (!pte_same)
goto out_nomap;
pte_unlock
return
on next refault will see mapped data by CPU B
The concern of the patch would increase memory consumption since it
could keep wasted memory with compressed form in zram as well as
uncompressed form in address space. However, most of cases of zram uses
no readahead and do_swap_page is followed by swap_free so it will free
the compressed form from in zram quickly.
Link: https://lkml.kernel.org/r/YjTVVxIAsnKAXjTd@google.com
Fixes:
|
||
|
Sivasri Kumar, Vanka
|
812893becb |
Merge keystone/android12-5.10-keystone-qcom-release.101+ (49a1520) into msm-5.10
* refs/heads/tmp-49a1520:
BACKPORT: media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls
FROMLIST: remoteproc: Use unbounded workqueue for recovery work
UPSTREAM: xfrm: fix tunnel model fragmentation behavior
ANDROID: GKI: Enable CRYPTO_DES
ANDROID: GKI: set more vfs-only exports into their own namespace
ANDROID: Split ANDROID_STRUCT_PADDING into separate configs
ANDROID: selftests: incfs: skip large_file_test test is not enough free space
ANDROID: selftests: incfs: Add -fno-omit-frame-pointer
ANDROID: incremental-fs: limit mount stack depth
ANDROID: GKI: Update symbols to abi_gki_aarch64_oplus
ANDROID: vendor_hooks: Reduce pointless modversions CRC churn
UPSTREAM: locking/lockdep: Avoid potential access of invalid memory in lock_class
ANDROID: mm: Fix implicit declaration of function 'isolate_lru_page'
ANDROID: GKI: Update symbols to symbol list
ANDROID: GKI: Update symbols to symbol list
ANDROID: GKI: Add hook symbol to symbol list
Revert "ANDROID: dm-bow: Protect Ranges fetched and erased from the RB tree"
ANDROID: vendor_hooks: Add hooks to for free_unref_page_commit
ANDROID: vendor_hooks: Add hooks to for alloc_contig_range
ANDROID: GKI: Update symbols to symbol list
ANDROID: vendor_hooks: Add hook in shrink_node_memcgs
ANDROID: GKI: Add symbols to symbol list
FROMGIT: iommu/iova: Improve 32-bit free space estimate
ANDROID: export walk_page_range and swp_swap_info
ANDROID: vendor_hooks: export shrink_slab
ANDROID: usb: gadget: f_accessory: add compat_ioctl support
UPSTREAM: sr9700: sanity check for packet length
UPSTREAM: io_uring: return back safer resurrect
UPSTREAM: Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0"
UPSTREAM: usb: gadget: don't release an existing dev->buf
UPSTREAM: usb: gadget: clear related members when goto fail
UPSTREAM: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
UPSTREAM: usb: gadget: rndis: prevent integer overflow in rndis_set_response()
FROMGIT: mm/migrate: fix race between lock page and clear PG_Isolated
UPSTREAM: arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting
UPSTREAM: arm64: Use the clearbhb instruction in mitigations
UPSTREAM: KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated
UPSTREAM: arm64: Mitigate spectre style branch history side channels
UPSTREAM: arm64: Do not include __READ_ONCE() block in assembly files
UPSTREAM: KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A
UPSTREAM: arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2
UPSTREAM: arm64: Add percpu vectors for EL1
Revert "BACKPORT: FROMLIST: scsi: core: Reserve one tag for the UFS driver"
UPSTREAM: arm64: entry: Add macro for reading symbol addresses from the trampoline
UPSTREAM: arm64: entry: Add vectors that have the bhb mitigation sequences
UPSTREAM: arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations
UPSTREAM: arm64: entry: Allow the trampoline text to occupy multiple pages
UPSTREAM: arm64: entry: Make the kpti trampoline's kpti sequence optional
UPSTREAM: arm64: entry: Move trampoline macros out of ifdef'd section
UPSTREAM: arm64: entry: Don't assume tramp_vectors is the start of the vectors
UPSTREAM: arm64: entry: Allow tramp_alias to access symbols after the 4K boundary
UPSTREAM: arm64: entry: Move the trampoline data page before the text page
UPSTREAM: arm64: entry: Free up another register on kpti's tramp_exit path
UPSTREAM: arm64: entry: Make the trampoline cleanup optional
UPSTREAM: arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit
UPSTREAM: arm64: entry.S: Add ventry overflow sanity checks
UPSTREAM: arm64: cpufeature: add HWCAP for FEAT_RPRES
UPSTREAM: arm64: cpufeature: add HWCAP for FEAT_AFP
UPSTREAM: arm64: add ID_AA64ISAR2_EL1 sys register
UPSTREAM: arm64: Add HWCAP for self-synchronising virtual counter
UPSTREAM: arm64: Add Cortex-X2 CPU part definition
UPSTREAM: arm64: cputype: Add CPU implementor & types for the Apple M1 cores
Linux 5.10.101
iommu: Fix potential use-after-free during probe
perf: Fix list corruption in perf_cgroup_switch()
arm64: dts: imx8mq: fix lcdif port node
scsi: lpfc: Reduce log messages seen after firmware download
scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
can: isotp: fix error path in isotp_sendmsg() to unlock wait queue
Makefile.extrawarn: Move -Wunaligned-access to W=1
hwmon: (dell-smm) Speed up setting of fan speed
phy: ti: Fix missing sentinel for clk_div_table
speakup-dectlk: Restore pitch setting
USB: serial: cp210x: add CPI Bulk Coin Recycler id
USB: serial: cp210x: add NCR Retail IO box id
USB: serial: ch341: add support for GW Instek USB2.0-Serial devices
USB: serial: option: add ZTE MF286D modem
USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320
usb: raw-gadget: fix handling of dual-direction-capable endpoints
usb: gadget: f_uac2: Define specific wTerminalType
usb: gadget: rndis: check size of RNDIS_MSG_SET command
USB: gadget: validate interface OS descriptor requests
usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition
usb: dwc3: gadget: Prevent core from processing stale TRBs
usb: ulpi: Call of_node_put correctly
usb: ulpi: Move of_node_put to ulpi_dev_release
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
Revert "usb: dwc2: drd: fix soft connect when gadget is unconfigured"
usb: dwc2: drd: fix soft connect when gadget is unconfigured
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
n_tty: wake up poll(POLLRDNORM) on receiving data
vt_ioctl: add array_index_nospec to VT_ACTIVATE
vt_ioctl: fix array_index_nospec in vt_setactivate
net: dsa: mv88e6xxx: fix use-after-free in mv88e6xxx_mdios_unregister
net: mscc: ocelot: fix mutex lock error during ethtool stats read
ice: fix IPIP and SIT TSO offload
ice: fix an error code in ice_cfg_phy_fec()
dpaa2-eth: unregister the netdev before disconnecting from the PHY
net: amd-xgbe: disable interrupts during pci removal
tipc: rate limit warning for received illegal binding update
net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE
veth: fix races around rq->rx_notify_masked
net: fix a memleak when uncloning an skb dst and its metadata
net: do not keep the dst cache when uncloning an skb dst and its metadata
nfp: flower: fix ida_idx not being released
ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
net: dsa: lantiq_gswip: don't use devres for mdiobus
net: dsa: felix: don't use devres for mdiobus
net: dsa: bcm_sf2: don't use devres for mdiobus
net: dsa: ar9331: register the mdiobus under devres
net: dsa: mv88e6xxx: don't use devres for mdiobus
bonding: pair enable_port with slave_arr_updates
gpio: sifive: use the correct register to read output values
ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE
drm/panel: simple: Assign data from panel_dpi_probe() correctly
ixgbevf: Require large buffers for build_skb on 82599VF
arm64: dts: meson-g12b-odroid-n2: fix typo 'dio2133'
netfilter: ctnetlink: disable helper autoassign
misc: fastrpc: avoid double fput() on failed usercopy
drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd.
gpio: aggregator: Fix calling into sleeping GPIO controllers
usb: f_fs: Fix use-after-free for epfile
ARM: dts: imx7ulp: Fix 'assigned-clocks-parents' typo
phy: xilinx: zynqmp: Fix bus width setting for SGMII
ARM: dts: imx6qdl-udoo: Properly describe the SD card detect
staging: fbtft: Fix error path in fbtft_driver_module_init()
ARM: dts: meson8b: Fix the UART device-tree schema validation
ARM: dts: meson8: Fix the UART device-tree schema validation
ARM: dts: meson: Fix the UART compatible strings
ARM: dts: Fix timer regression for beagleboard revision c
drm/rockchip: vop: Correct RK3399 VOP register fields
PM: s2idle: ACPI: Fix wakeup interrupts handling
ACPI/IORT: Check node revision for PMCG resources
nvme-tcp: fix bogus request completion when failing to send AER
ARM: socfpga: fix missing RESET_CONTROLLER
ARM: dts: Fix boot regression on Skomer
ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group
riscv: fix build with binutils 2.38
KVM: VMX: Set vmcs.PENDING_DBG.BS on #DB in STI/MOVSS blocking shadow
KVM: SVM: Don't kill SEV guest if SMAP erratum triggers in usermode
KVM: nVMX: Also filter MSR_IA32_VMX_TRUE_PINBASED_CTLS when eVMCS
KVM: nVMX: eVMCS: Filter out VM_EXIT_SAVE_VMX_PREEMPTION_TIMER
KVM: eventfd: Fix false positive RCU usage warning
net: stmmac: dwmac-sun8i: use return val of readl_poll_timeout()
nvme-pci: add the IGNORE_DEV_SUBNQN quirk for Intel P4500/P4600 SSDs
perf: Always wake the parent event
usb: dwc2: gadget: don't try to disable ep0 in dwc2_hsotg_suspend
PM: hibernate: Remove register_nosave_region_late()
scsi: myrs: Fix crash in error case
scsi: ufs: Treat link loss as fatal error
scsi: pm8001: Fix bogus FW crash for maxcpus=1
scsi: qedf: Fix refcount issue when LOGO is received during TMF
scsi: qedf: Add stag_work to all the vports
scsi: ufs: ufshcd-pltfrm: Check the return value of devm_kstrdup()
scsi: target: iscsi: Make sure the np under each tpg is unique
powerpc/fixmap: Fix VM debug warning on unmap
net: sched: Clarify error message when qdisc kind is unknown
drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer
x86/perf: Avoid warning for Arch LBR without XSAVE
NFSv4 handle port presence in fs_location server string
NFSv4 expose nfs_parse_server_name function
NFSv4 remove zero number of fs_locations entries error check
NFSv4.1: Fix uninitialised variable in devicenotify
nfs: nfs4clinet: check the return value of kstrdup()
NFSv4 only print the label when its queried
NFS: change nfs_access_get_cached to only report the mask
tracing: Propagate is_signed to expression
drm/amdgpu: Set a suitable dev_info.gart_page_size
NFSD: Fix offset type in I/O trace points
NFSD: Clamp WRITE offsets
NFS: Fix initialisation of nfs_client cl_flags field
net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs
net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs
can: isotp: fix potential CAN frame reception race in isotp_rcv()
mmc: sdhci-of-esdhc: Check for error num after setting mask
ima: Do not print policy rule with inactive LSM labels
ima: Allow template selection with ima_template[_fmt]= after ima_hash=
ima: Remove ima_policy file before directory
integrity: check the return value of audit_log_start()
Linux 5.10.100
tipc: improve size validations for received domain records
crypto: api - Move cryptomgr soft dependency into algapi
KVM: s390: Return error on SIDA memop on normal guest
moxart: fix potential use-after-free on remove path
Linux 5.10.99
selftests: nft_concat_range: add test for reload with no element add/del
cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
net: dsa: mt7530: make NET_DSA_MT7530 select MEDIATEK_GE_PHY
ext4: fix incorrect type issue during replay_del_range
ext4: fix error handling in ext4_fc_record_modified_inode()
ext4: fix error handling in ext4_restore_inline_data()
ext4: modify the logic of ext4_mb_new_blocks_simple
ext4: prevent used blocks from being allocated during fast commit replay
EDAC/xgene: Fix deferred probing
EDAC/altera: Fix deferred probing
x86/perf: Default set FREEZE_ON_SMI for all
perf/x86/intel/pt: Fix crash with stop filters in single-range mode
perf stat: Fix display of grouped aliased events
fbcon: Add option to enable legacy hardware acceleration
Revert "fbcon: Disable accelerated scrolling"
rtc: cmos: Evaluate century appropriate
tools/resolve_btfids: Do not print any commands when building silently
selftests: futex: Use variable MAKE instead of make
selftests/exec: Remove pipe from TEST_GEN_FILES
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
gve: fix the wrong AdminQ buffer queue index check
nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client.
scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
pinctrl: bcm2835: Fix a few error paths
pinctrl: intel: fix unexpected interrupt
pinctrl: intel: Fix a glitch when updating IRQ flags on a preconfigured line
ASoC: max9759: fix underflow in speaker_gain_control_put()
ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name
ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes
ASoC: fsl: Add missing error handling in pcm030_fabric_probe
drm/i915/overlay: Prevent divide by zero bugs in scaling
net: stmmac: ensure PTP time register reads are consistent
net: stmmac: dump gmac4 DMA registers correctly
net: macsec: Verify that send_sci is on when setting Tx sci explicitly
net: macsec: Fix offload support for NETDEV_UNREGISTER event
net: ieee802154: Return meaningful error codes from the netlink helpers
net: ieee802154: ca8210: Stop leaking skb's
net: ieee802154: mcr20a: Fix lifs/sifs periods
net: ieee802154: hwsim: Ensure proper channel selection at probe time
spi: uniphier: fix reference count leak in uniphier_spi_probe()
spi: meson-spicc: add IRQ check in meson_spicc_probe
spi: mediatek: Avoid NULL pointer crash in interrupt
spi: bcm-qspi: check for valid cs before applying chip select
iommu/amd: Fix loop timeout issue in iommu_ga_log_enable()
iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
RDMA/mlx4: Don't continue event handler after memory allocation failure
RDMA/siw: Fix broken RDMA Read Fence/Resume logic.
IB/rdmavt: Validate remote_addr during loopback atomic tests
RDMA/ucma: Protect mc during concurrent multicast leaves
RDMA/cma: Use correct address when leaving multicast group
memcg: charge fs_context and legacy_fs_context
Revert "ASoC: mediatek: Check for error clk pointer"
IB/hfi1: Fix AIP early init panic
dma-buf: heaps: Fix potential spectre v1 gadget
block: bio-integrity: Advance seed correctly for larger interval sizes
mm/kmemleak: avoid scanning potential huge holes
mm/pgtable: define pte_index so that preprocessor could recognize it
mm/debug_vm_pgtable: remove pte entry from the page table
nvme-fabrics: fix state check in nvmf_ctlr_matches_baseopts()
drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15" Apple Retina panels
drm/nouveau: fix off by one in BIOS boundary checking
btrfs: fix deadlock between quota disable and qgroup rescan worker
ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows
ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset)
ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks
ALSA: hda/realtek: Add quirk for ASUS GU603
ALSA: hda: realtek: Fix race at concurrent COEF updates
ALSA: hda: Fix UAF of leds class devs at unbinding
ALSA: usb-audio: Correct quirk for VF0770
ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx()
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx()
ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
audit: improve audit queue handling when "audit=1" on cmdline
selinux: fix double free of cond_list on error paths
Revert "perf: Fix perf_event_read_local() time"
Linux 5.10.98
Revert "drm/vc4: hdmi: Make sure the device is powered with CEC" again
Revert "drm/vc4: hdmi: Make sure the device is powered with CEC"
Linux 5.10.97
tcp: add missing tcp_skb_can_collapse() test in tcp_shift_skb_data()
af_packet: fix data-race in packet_setsockopt / packet_setsockopt
cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask()
rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
net: sched: fix use-after-free in tc_new_tfilter()
fanotify: Fix stale file descriptor in copy_event_to_user()
net: amd-xgbe: Fix skb data length underflow
net: amd-xgbe: ensure to reset the tx_timer_active flag
ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback
net/mlx5: E-Switch, Fix uninitialized variable modact
net/mlx5: Use del_timer_sync in fw reset flow of halting poll
net/mlx5e: Fix handling of wrong devices during bond netevent
cgroup-v1: Require capabilities to set release_agent
drm/vc4: hdmi: Make sure the device is powered with CEC
x86/cpu: Add Xeon Icelake-D to list of CPUs that support PPIN
x86/mce: Add Xeon Sapphire Rapids to list of CPUs that support PPIN
psi: Fix uaf issue when psi trigger is destroyed while being polled
KVM: x86: Forcibly leave nested virt when SMM state is toggled
Revert "drivers: bus: simple-pm-bus: Add support for probing simple bus only devices"
net: ipa: prevent concurrent replenish
net: ipa: use a bitmap for endpoint replenish_enabled
net: ipa: fix atomic update in ipa_endpoint_replenish()
PCI: pciehp: Fix infinite loop in IRQ handler upon power fault
Linux 5.10.96
mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip()
block: Fix wrong offset in bio_truncate()
fsnotify: invalidate dcache before IN_DELETE event
usr/include/Makefile: add linux/nfc.h to the compile-test coverage
dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
net: bridge: vlan: fix memory leak in __allowed_ingress
ipv4: remove sparse error in ip_neigh_gw4()
ipv4: tcp: send zero IPID in SYNACK messages
ipv4: raw: lock the socket in raw_bind()
net: bridge: vlan: fix single net device option dumping
Revert "ipv6: Honor all IPv6 PIO Valid Lifetime values"
net: hns3: handle empty unknown interrupt for VF
net: cpsw: Properly initialise struct page_pool_params
yam: fix a memory leak in yam_siocdevprivate()
drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy
video: hyperv_fb: Fix validation of screen resolution
ibmvnic: don't spin in tasklet
ibmvnic: init ->running_cap_crqs early
ipv4: fix ip option filtering for locally generated fragments
net: ipv4: Fix the warning for dereference
net: ipv4: Move ip_options_fragment() out of loop
powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
hwmon: (lm90) Mark alert as broken for MAX6654
efi/libstub: arm64: Fix image check alignment at entry
rxrpc: Adjust retransmission backoff
octeontx2-pf: Forward error codes to VF
phylib: fix potential use-after-free
net: phy: broadcom: hook up soft_reset for BCM54616S
sched/pelt: Relax the sync of util_sum with util_avg
perf: Fix perf_event_read_local() time
kernel: delete repeated words in comments
netfilter: conntrack: don't increment invalid counter on NF_REPEAT
powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
NFS: Ensure the server has an up to date ctime before renaming
NFS: Ensure the server has an up to date ctime before hardlinking
ipv6: annotate accesses to fn->fn_sernum
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
drm/msm/dsi: Fix missing put_device() call in dsi_get_phy
drm/msm: Fix wrong size calculation
net-procfs: show net devices bound packet types
NFSv4: nfs_atomic_open() can race when looking up a non-regular file
NFSv4: Handle case where the lookup of a directory fails
hwmon: (lm90) Reduce maximum conversion rate for G781
ipv4: avoid using shared IP generator for connected sockets
ping: fix the sk_bound_dev_if match in ping_lookup
hwmon: (lm90) Mark alert as broken for MAX6680
hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649
net: fix information leakage in /proc/net/ptype
ipv6_tunnel: Rate limit warning messages
scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev
rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
usb: roles: fix include/linux/usb/role.h compile issue
i40e: fix unsigned stat widths
i40e: Fix for failed to init adminq while VF reset
i40e: Fix queues reservation for XDP
i40e: Fix issue when maximum queues is exceeded
i40e: Increase delay to 1 s after global EMP reset
powerpc/32: Fix boot failure with GCC latent entropy plugin
powerpc/32s: Fix kasan_init_region() for KASAN
powerpc/32s: Allocate one 256k IBAT instead of two consecutives 128k IBATs
x86/MCE/AMD: Allow thresholding interface updates after init
sched/membarrier: Fix membarrier-rseq fence command missing from query bitmask
ocfs2: fix a deadlock when commit trans
jbd2: export jbd2_journal_[grab|put]_journal_head
ucsi_ccg: Check DEV_INT bit only when starting CCG4
usb: typec: tcpm: Do not disconnect while receiving VBUS off
USB: core: Fix hang in usb_kill_urb by adding memory barriers
usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS
usb: common: ulpi: Fix crash in ulpi_match()
usb: xhci-plat: fix crash when suspend if remote wake enable
usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge
tty: Add support for Brainboxes UC cards.
tty: n_gsm: fix SW flow control encoding/handling
serial: stm32: fix software flow control transfer
serial: 8250: of: Fix mapped region size when using reg-offset property
netfilter: nft_payload: do not update layer 4 checksum when mangling fragments
arm64: errata: Fix exec handling in erratum
|
||
|
xiaofeng
|
e5b4949bfc |
ANDROID: vendor_hooks: tune reclaim scan type for specified mem_cgroup
Add memcg support for hooks in the reclaim path Bug: 230450931 Change-Id: Ia3e6949985d915c8640139fbb93800d91e1e46f8 Signed-off-by: xiaofeng <xiaofeng5@xiaomi.com> |
||
|
Greg Kroah-Hartman
|
de64d941a7 |
This is the 5.10.112 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJftPsACgkQONu9yGCS
aT6y3w//Vmd+BesdtAOmPS333kwZb1d4o7GginMjLof6TYh4T+uYovySJVU21PvY
fQtTjEa0VI3kidrwbW/zCG5IGskWYynz/lJNWeTQ57zEtOJTXhETgUmeT5WG+rr7
oxMZV7zXunZariXk9FVdxjQywSdV82brcSoEbK+CpWhaJW4H3UrWbM0HDF/en/9T
9AcnIJ3o5t3O+BDWd7VTqNhptLk3/PHS8W3vEFOo6ptFJYUzXgiZdc5YYmuNlDy+
+84PC19DDE0sd9mX7Pl0eFB0lc6nkpEciq/nFUtygLsJihZajIaIeK6Sa+iewfgc
6U+zBRAwocv8wq2lbzrXJXg5TpPhQ6pJbOlcdwU7MfmsuzTk3m3TXLo4x1SH21wW
aztNPNrAVly/DphyvvU1QpqyoMiF+al5zbCifDOpEgi4tenakQD3QDDcn5FfvYjw
5IPCtsZQ9fAAgwtpQMzyCmHc9Y4LAhPBDFC7thh2iW9kO5RlWxSBuedgeoIMne6p
Zf8iKKcVE47y/c5Q8MB4h+qOZU6k5VQSjK6A+AtdCcHhNQOWAz8kOsK4Fe0jADqP
okdjvV8qtga0/O7PsKMYvxce4eqKgAN3f3mFT4nF+fQNTBLiML+UblRTyi8CVYdi
/MK6ulzBIk6Ch4qewwTsHlbeHGd882sS9pLakpFyqW3RywMnOBA=
=2Ugm
-----END PGP SIGNATURE-----
Merge 5.10.112 into android12-5.10-lts
Changes in 5.10.112
drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
hamradio: defer 6pack kfree after unregister_netdev
hamradio: remove needs_free_netdev to avoid UAF
cpuidle: PSCI: Move the `has_lpi` check to the beginning of the function
ACPI: processor idle: Check for architectural support for LPI
btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups()
drm/msm: Add missing put_task_struct() in debugfs path
memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe
firmware: arm_scmi: Fix sorting of retrieved clock rates
media: rockchip/rga: do proper error checking in probe
SUNRPC: Fix the svc_deferred_event trace class
net/sched: flower: fix parsing of ethertype following VLAN header
veth: Ensure eth header is in skb's linear part
gpiolib: acpi: use correct format characters
net: mdio: Alphabetically sort header inclusion
mlxsw: i2c: Fix initialization error flow
net/sched: fix initialization order when updating chain 0 head
net: dsa: felix: suppress -EPROBE_DEFER errors
net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link
net/sched: taprio: Check if socket flags are valid
cfg80211: hold bss_lock while updating nontrans_list
drm/msm: Fix range size vs end confusion
drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init()
net/smc: Fix NULL pointer dereference in smc_pnet_find_ib()
scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63
scsi: pm80xx: Enable upper inbound, outbound queues
scsi: iscsi: Stop queueing during ep_disconnect
scsi: iscsi: Force immediate failure during shutdown
scsi: iscsi: Use system_unbound_wq for destroy_work
scsi: iscsi: Rel ref after iscsi_lookup_endpoint()
scsi: iscsi: Fix in-kernel conn failure handling
scsi: iscsi: Move iscsi_ep_disconnect()
scsi: iscsi: Fix offload conn cleanup when iscsid restarts
scsi: iscsi: Fix conn cleanup and stop race during iscsid restart
sctp: Initialize daddr on peeled off socket
testing/selftests/mqueue: Fix mq_perf_tests to free the allocated cpu set
perf tools: Fix misleading add event PMU debug message
nfc: nci: add flush_workqueue to prevent uaf
cifs: potential buffer overflow in handling symlinks
dm mpath: only use ktime_get_ns() in historical selector
net: bcmgenet: Revert "Use stronger register read/writes to assure ordering"
drm/amd: Add USBC connector ID
btrfs: fix fallocate to use file_modified to update permissions consistently
btrfs: do not warn for free space inode in cow_file_range
drm/amd/display: fix audio format not updated after edid updated
drm/amd/display: FEC check in timing validation
drm/amd/display: Update VTEM Infopacket definition
drm/amdkfd: Fix Incorrect VMIDs passed to HWS
drm/amdgpu/vcn: improve vcn dpg stop procedure
drm/amdkfd: Check for potential null return of kmalloc_array()
Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer
scsi: target: tcmu: Fix possible page UAF
scsi: lpfc: Fix queue failures when recovering from PCI parity error
scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024
net: micrel: fix KS8851_MLL Kconfig
ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
gpu: ipu-v3: Fix dev_dbg frequency output
regulator: wm8994: Add an off-on delay for WM8994 variant
arm64: alternatives: mark patch_alternative() as `noinstr`
tlb: hugetlb: Add more sizes to tlb_remove_huge_tlb_entry
net: axienet: setup mdio unconditionally
net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
myri10ge: fix an incorrect free for skb in myri10ge_sw_tso
drm/amd/display: Revert FEC check in validation
drm/amd/display: Fix allocate_mst_payload assert on resume
scsi: mvsas: Add PCI ID of RocketRaid 2640
scsi: megaraid_sas: Target with invalid LUN ID is deleted during scan
drivers: net: slip: fix NPD bug in sl_tx_timeout()
perf/imx_ddr: Fix undefined behavior due to shift overflowing the constant
mm, page_alloc: fix build_zonerefs_node()
mm: fix unexpected zeroed page mapping with zram swap
mm: kmemleak: take a full lowmem check in kmemleak_*_phys()
KVM: x86/mmu: Resolve nx_huge_pages when kvm.ko is loaded
memory: renesas-rpc-if: fix platform-device leak in error path
gcc-plugins: latent_entropy: use /dev/urandom
ath9k: Properly clear TX status area before reporting to mac80211
ath9k: Fix usage of driver-private space in tx_info
btrfs: fix root ref counts in error handling in btrfs_get_root_ref
btrfs: mark resumed async balance as writing
ALSA: hda/realtek: Add quirk for Clevo PD50PNT
ALSA: hda/realtek: add quirk for Lenovo Thinkpad X12 speakers
ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
nl80211: correctly check NL80211_ATTR_REG_ALPHA2 size
ipv6: fix panic when forwarding a pkt with no in6 dev
drm/amd/display: don't ignore alpha property on pre-multiplied mode
drm/amdgpu: Enable gfxoff quirk on MacBook Pro
genirq/affinity: Consider that CPUs on nodes can be unbalanced
tick/nohz: Use WARN_ON_ONCE() to prevent console saturation
ARM: davinci: da850-evm: Avoid NULL pointer dereference
dm integrity: fix memory corruption when tag_size is less than digest size
smp: Fix offline cpu check in flush_smp_call_function_queue()
i2c: pasemi: Wait for write xfers to finish
timers: Fix warning condition in __run_timers()
dma-direct: avoid redundant memory sync for swiotlb
scsi: iscsi: Fix endpoint reuse regression
scsi: iscsi: Fix unbound endpoint error handling
ax25: add refcount in ax25_dev to avoid UAF bugs
ax25: fix reference count leaks of ax25_dev
ax25: fix UAF bugs of net_device caused by rebinding operation
ax25: Fix refcount leaks caused by ax25_cb_del()
ax25: fix UAF bug in ax25_send_control()
ax25: fix NPD bug in ax25_disconnect
ax25: Fix NULL pointer dereferences in ax25 timers
ax25: Fix UAF bugs in ax25 timers
Linux 5.10.112
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I9ce7b432f335445dbfb4a67a34a8a1c279011954
|
||
Hailong Tu
|
0453acd7fb |
FROMLIST: mm/damon/reclaim: Fix the timer always stays active
The timer stays active even if the reclaim mechanism is never enabled. It is unnecessary overhead can be completely avoided by using module_param_cb() for enabled flag. Signed-off-by: Hailong Tu <tuhailong@gmail.com> Link: https://lore.kernel.org/all/20220421125910.1052459-1-tuhailong@gmail.com/ Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I77591e41ce424ce16a4a5c70e7a86cdae996a354 |
||
Jakub Kicinski
|
2522f6c4da |
BACKPORT: treewide: Add missing includes masked by cgroup -> bpf dependency
cgroup.h (therefore swap.h, therefore half of the universe) includes bpf.h which in turn includes module.h and slab.h. Since we're about to get rid of that dependency we need to clean things up. v2: drop the cpu.h include from cacheinfo.h, it's not necessary and it makes riscv sensitive to ordering of include files. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Reviewed-by: Christoph Hellwig <hch@lst.de> Acked-by: Krzysztof Wilczyński <kw@linux.com> Acked-by: Peter Chen <peter.chen@kernel.org> Acked-by: SeongJae Park <sj@kernel.org> Acked-by: Jani Nikula <jani.nikula@intel.com> Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Link: https://lore.kernel.org/all/20211120035253.72074-1-kuba@kernel.org/ # v1 Link: https://lore.kernel.org/all/20211120165528.197359-1-kuba@kernel.org/ # cacheinfo discussion Link: https://lore.kernel.org/bpf/20211202203400.1208663-1-kuba@kernel.org (cherry picked from commit 8581fd402a0cf80b5298e3b225e7a7bd8f110e69) Dropped all the changes except for the ones made in mm/damon/vaddr.c Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ib64ecbe4e06f192ed576af77e03e6b49d538bac9 |
||
|
SeongJae Park
|
94006b8a3a |
UPSTREAM: mm/damon: hide kernel pointer from tracepoint event
DAMON's virtual address spaces monitoring primitive uses 'struct pid *' of the target process as its monitoring target id. The kernel address is exposed as-is to the user space via the DAMON tracepoint, 'damon_aggregated'. Though primarily only privileged users are allowed to access that, it would be better to avoid unnecessarily exposing kernel pointers so. Because the trace result is only required to be able to distinguish each target, we aren't need to use the pointer as-is. This makes the tracepoint to use the index of the target in the context's targets list as its id in the tracepoint, to hide the kernel space address. Link: https://lkml.kernel.org/r/20211229131016.23641-5-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 76fd0285b447991267e838842c0be7395eb454bb) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Iee4a6f56cf9bf5f61fb95f438dfc3316c10198e5 |
||
|
SeongJae Park
|
4c350065aa |
UPSTREAM: mm/damon/vaddr: hide kernel pointer from damon_va_three_regions() failure log
The failure log message for 'damon_va_three_regions()' prints the target id, which is a 'struct pid' pointer in the case. To avoid exposing the kernel pointer via the log, this makes the log to use the index of the target in the context's targets list instead. Link: https://lkml.kernel.org/r/20211229131016.23641-4-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 962fe7a6b1b2f9deb1b31b3344afa3b11afdf7ab) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I6b9b09a9b7024630f05ec41db030006d63f47ce1 |
||
|
SeongJae Park
|
c44028a162 |
UPSTREAM: mm/damon/vaddr: use pr_debug() for damon_va_three_regions() failure logging
Failure of 'damon_va_three_regions()' is logged using 'pr_err()'. But, the function can fail in legal situations. To avoid making users be surprised and to keep the kernel clean, this makes the log to be printed using 'pr_debug()'. Link: https://lkml.kernel.org/r/20211229131016.23641-3-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 251403f19aab6a122f4dcfb14149814e85564202) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I0a2c08d856d0067af6af7a008e89f63fa5fac381 |
||
|
SeongJae Park
|
98dcd2427c |
UPSTREAM: mm/damon/dbgfs: remove an unnecessary variable
Patch series "mm/damon: Hide unnecessary information disclosures". DAMON is exposing some unnecessary information including kernel pointer in kernel log and tracepoint. This patchset hides such information. The first patch is only for a trivial cleanup, though. This patch (of 4): This commit removes a unnecessarily used variable in dbgfs_target_ids_write(). Link: https://lkml.kernel.org/r/20211229131016.23641-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211229131016.23641-2-sj@kernel.org Fixes: 4bc05954d007 ("mm/damon: implement a debugfs-based user space interface") Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 70b8480812d0a3930049a44820a1fa149b090c10) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I774c900de92780ae9ebf09f01c0b0536eb43f822 |
||
Guoqing Jiang
|
21dc18f9a0 |
UPSTREAM: mm/damon: move the implementation of damon_insert_region to damon.h
Usually, inline function is declared static since it should sit between
storage and type. And implement it in a header file if used by multiple
files.
And this change also fixes compile issue when backport damon to 5.10.
mm/damon/vaddr.c: In function `damon_va_evenly_split_region':
./include/linux/damon.h:425:13: error: inlining failed in call to `always_inline' `damon_insert_region': function body not available
425 | inline void damon_insert_region(struct damon_region *r,
| ^~~~~~~~~~~~~~~~~~~
mm/damon/vaddr.c:86:3: note: called from here
86 | damon_insert_region(n, r, next, t);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link: https://lkml.kernel.org/r/20211223085703.6142-1-guoqing.jiang@linux.dev
Signed-off-by: Guoqing Jiang <guoqing.jiang@linux.dev>
Reviewed-by: SeongJae Park <sj@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 2cd4b8e10cc31eadb5b10b1d73b3f28156f3776c)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: Iaa05318092b8e98bfbfc72a8c5df2cb6de97d224
|
||
|
Baolin Wang
|
73faa856e9 |
UPSTREAM: mm/damon: add access checking for hugetlb pages
The process's VMAs can be mapped by hugetlb page, but now the DAMON did not implement the access checking for hugetlb pte, so we can not get the actual access count like below if a process VMAs were mapped by hugetlb. damon_aggregated: target_id=18446614368406014464 nr_regions=12 4194304-5476352: 0 545 damon_aggregated: target_id=18446614368406014464 nr_regions=12 140662370467840-140662372970496: 0 545 damon_aggregated: target_id=18446614368406014464 nr_regions=12 140662372970496-140662375460864: 0 545 damon_aggregated: target_id=18446614368406014464 nr_regions=12 140662375460864-140662377951232: 0 545 damon_aggregated: target_id=18446614368406014464 nr_regions=12 140662377951232-140662380449792: 0 545 damon_aggregated: target_id=18446614368406014464 nr_regions=12 140662380449792-140662382944256: 0 545 ...... Thus this patch adds hugetlb access checking support, with this patch we can see below VMA mapped by hugetlb access count. damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296486649856-140296489914368: 1 3 damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296489914368-140296492978176: 1 3 damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296492978176-140296495439872: 1 3 damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296495439872-140296498311168: 1 3 damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296498311168-140296501198848: 1 3 damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296501198848-140296504320000: 1 3 damon_aggregated: target_id=18446613056935405824 nr_regions=12 140296504320000-140296507568128: 1 2 ...... [baolin.wang@linux.alibaba.com: fix unused var warning] Link: https://lkml.kernel.org/r/1aaf9c11-0d8e-b92d-5c92-46e50a6e8d4e@linux.alibaba.com [baolin.wang@linux.alibaba.com: v3] Link: https://lkml.kernel.org/r/486927ecaaaecf2e3a7fbe0378ec6e1c58b50747.1640852276.git.baolin.wang@linux.alibaba.com Link: https://lkml.kernel.org/r/6afcbd1fda5f9c7c24f320d26a98188c727ceec3.1639623751.git.baolin.wang@linux.alibaba.com Signed-off-by: Baolin Wang <baolin.wang@linux.alibaba.com> Reviewed-by: SeongJae Park <sj@kernel.org> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: Randy Dunlap <rdunlap@infradead.org> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 49f4203aae06ba9d67b500c90339b262b0a52637) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Id7c86f5c0344efef150b3b27f662b696263947ed |
||
|
SeongJae Park
|
b0cf3ac6d3 |
UPSTREAM: mm/damon/dbgfs: support all DAMOS stats
Currently, DAMON debugfs interface is not supporting DAMON-based Operation Schemes (DAMOS) stats for schemes successfully applied regions and time/space quota limit exceeds. This adds the support. Link: https://lkml.kernel.org/r/20211210150016.35349-6-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 3a619fdb8de8a3ecd4200e7d183d2c8ceb32289e) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ide3cfaff1b63e053ece5a8746a463fb87ef6c607 |
||
|
SeongJae Park
|
1c400b8796 |
UPSTREAM: mm/damon/reclaim: provide reclamation statistics
This implements new DAMON_RECLAIM parameters for statistics reporting. Those can be used for understanding how DAMON_RECLAIM is working, and for tuning the other parameters. Link: https://lkml.kernel.org/r/20211210150016.35349-4-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 60e52e7c46a127bca5ddd48b89002564f3862063) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I721bdacb3b2d8b41154296f5dbf8ef48c5dd0744 |
||
|
SeongJae Park
|
f755f1a2bc |
UPSTREAM: mm/damon/schemes: account how many times quota limit has exceeded
If the time/space quotas of a given DAMON-based operation scheme is too small, the scheme could show unexpectedly slow progress. However, there is no good way to notice the case in runtime. This commit extends the DAMOS stat to provide how many times the quota limits exceeded so that the users can easily notice the case and tune the scheme. Link: https://lkml.kernel.org/r/20211210150016.35349-3-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 6268eac34ca30af7f6313504d556ec7fcd295621) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I36184dc51917810c81ac8d576b144e33a4454dc1 |
||
|
SeongJae Park
|
7cecfab158 |
UPSTREAM: mm/damon/schemes: account scheme actions that successfully applied
Patch series "mm/damon/schemes: Extend stats for better online analysis and tuning". To help online access pattern analysis and tuning of DAMON-based Operation Schemes (DAMOS), DAMOS provides simple statistics for each scheme. Introduction of DAMOS time/space quota further made the tuning easier by making the risk management easier. However, that also made understanding of the working schemes a little bit more difficult. For an example, progress of a given scheme can now be throttled by not only the aggressiveness of the target access pattern, but also the time/space quotas. So, when a scheme is showing unexpectedly slow progress, it's difficult to know by what the progress of the scheme is throttled, with currently provided statistics. This patchset extends the statistics to contain some metrics that can be helpful for such online schemes analysis and tuning (patches 1-2), exports those to users (patches 3 and 5), and add documents (patches 4 and 6). This patch (of 6): DAMON-based operation schemes (DAMOS) stats provide only the number and the amount of regions that the action of the scheme has tried to be applied. Because the action could be failed for some reasons, the currently provided information is sometimes not useful or convenient enough for schemes profiling and tuning. To improve this situation, this commit extends the DAMOS stats to provide the number and the amount of regions that the action has successfully applied. Link: https://lkml.kernel.org/r/20211210150016.35349-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211210150016.35349-2-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 0e92c2ee9f459542c5384d9cfab24873c3dd6398) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Iddfe9257cb99091404202576a1addc5cc340cb8b |
||
|
SeongJae Park
|
943c0cd13f |
UPSTREAM: mm/damon: convert macro functions to static inline functions
Patch series "mm/damon: Misc cleanups". This patchset contains miscellaneous cleanups for DAMON's macro functions and documentation. This patch (of 6): This commit converts macro functions in DAMON to static inline functions, for better type checking, code documentation, etc[1]. [1] https://lore.kernel.org/linux-mm/20211202151213.6ec830863342220da4141bc5@linux-foundation.org/ Link: https://lkml.kernel.org/r/20211209131806.19317-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211209131806.19317-2-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Jonathan Corbet <corbet@lwn.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 88f86dcfa454784f7de550966c60fc78a3e95d6d) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Id1e4e08a844b49cf3572cb3ac02158f5c1909ea2 |
||
Xin Hao
|
947d088b1f |
UPSTREAM: mm/damon: move damon_rand() definition into damon.h
damon_rand() is called in three files:damon/core.c, damon/ paddr.c, damon/vaddr.c, i think there is no need to redefine this twice, So move it to damon.h will be a good choice. Link: https://lkml.kernel.org/r/20211202075859.51341-1-xhao@linux.alibaba.com Signed-off-by: Xin Hao <xhao@linux.alibaba.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 9b2a38d6ef25c1748e3964b0ff30a89e4ed26583) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ib7be3062385fac4b422faa86705968aa39095a72 |
||
|
Xin Hao
|
b45423116e |
UPSTREAM: mm/damon/schemes: add the validity judgment of thresholds
In dbgfs "schemes" interface, i do some test like this:
# cd /sys/kernel/debug/damon
# echo "2 1 2 1 10 1 3 10 1 1 1 1 1 1 1 1 2 3" > schemes
# cat schemes
# 2 1 2 1 10 1 3 10 1 1 1 1 1 1 1 1 2 3 0 0
There have some unreasonable places, i set the valules of these variables
"<min_sz, max_sz> <min_nr_a, max_nr_a>, <min_age, max_age>, <wmarks.high,
wmarks.mid, wmarks.low>" as "<2, 1>, <2, 1>, <10, 1>, <1, 2, 3>.
So there add a validity judgment for these thresholds value.
Link: https://lkml.kernel.org/r/d78360e52158d786fcbf20bc62c96785742e76d3.1637239568.git.xhao@linux.alibaba.com
Signed-off-by: Xin Hao <xhao@linux.alibaba.com>
Reviewed-by: SeongJae Park <sj@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit c89ae63eb0662b6c9f82dbfad3ef010239b8c1b1)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: I2b23124b95ebeac935f28f9632dccaeabace4533
|
||
Yihao Han
|
b198e86d5a |
UPSTREAM: mm/damon/vaddr: remove swap_ranges() and replace it with swap()
Remove 'swap_ranges()' and replace it with the macro 'swap()' defined in 'include/linux/minmax.h' to simplify code and improve efficiency Link: https://lkml.kernel.org/r/20211111115355.2808-1-hanyihao@vivo.com Signed-off-by: Yihao Han <hanyihao@vivo.com> Reviewed-by: SeongJae Park <sj@kernel.org> Reviewed-by: Muchun Song <songmuchun@bytedance.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 8bd0b9da03c9154e279b1a502636103887b9fbed) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Icf565b52a7642fb830ae004764ca496986aed82a |
||
|
Xin Hao
|
9a8de9c702 |
UPSTREAM: mm/damon: remove some unneeded function definitions in damon.h
In damon.h some func definitions about VA & PA can only be used in its own file, so there no need to define in the header file, and the header file will look cleaner. If other files later need these functions, the prototypes can be added to damon.h at that time. [sj@kernel.org: remove unnecessary function prototype position changes] Link: https://lkml.kernel.org/r/20211118114827.20052-1-sj@kernel.org Link: https://lkml.kernel.org/r/45fd5b3ef6cce8e28dbc1c92f9dc845ccfc949d7.1636989871.git.xhao@linux.alibaba.com Signed-off-by: Xin Hao <xhao@linux.alibaba.com> Signed-off-by: SeongJae Park <sj@kernel.org> Reviewed-by: SeongJae Park <sj@kernel.org> Cc: Muchun Song <songmuchun@bytedance.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit cdeed009f3bceee41f73f0137db785fd29a05cb8) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I2203b9c8e4625493797e1f3e506431799c4404c9 |
||
|
Xin Hao
|
07045a0e5a |
UPSTREAM: mm/damon/core: use abs() instead of diff_of()
In kernel, we can use abs(a - b) to get the absolute value, So there is no need to redefine a new one. Link: https://lkml.kernel.org/r/b24e7b82d9efa90daf150d62dea171e19390ad0b.1636989871.git.xhao@linux.alibaba.com Signed-off-by: Xin Hao <xhao@linux.alibaba.com> Reviewed-by: Muchun Song <songmuchun@bytedance.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit d720bbbd70e968f8a0257393b575c3a29b56f990) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Iab418bdc79cea24a175c2c5e17ab7ee393df6c47 |
||
|
Xin Hao
|
8b02bed759 |
UPSTREAM: mm/damon: unified access_check function naming rules
Patch series "mm/damon: Do some small changes", v4. This patch (of 4): In damon/paddr.c file, two functions names start with underscore, static void __damon_pa_prepare_access_check(struct damon_ctx *ctx, struct damon_region *r) static void __damon_pa_prepare_access_check(struct damon_ctx *ctx, struct damon_region *r) In damon/vaddr.c file, there are also two functions with the same function, static void damon_va_prepare_access_check(struct damon_ctx *ctx, struct mm_struct *mm, struct damon_region *r) static void damon_va_check_access(struct damon_ctx *ctx, struct mm_struct *mm, struct damon_region *r) It makes sense to keep consistent, and it is not easy to be confused with the function that call them. Link: https://lkml.kernel.org/r/cover.1636989871.git.xhao@linux.alibaba.com Link: https://lkml.kernel.org/r/529054aed932a42b9c09fc9977ad4574b9e7b0bd.1636989871.git.xhao@linux.alibaba.com Signed-off-by: Xin Hao <xhao@linux.alibaba.com> Reviewed-by: SeongJae Park <sj@kernel.org> Cc: Muchun Song <songmuchun@bytedance.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit b627b774911660852ce7f3f3817955ddad2bd130) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I180e7f068ed4745c5fbc0e2a81320b7fda03c52e |
||
|
SeongJae Park
|
d4d20c7ef5 |
UPSTREAM: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()'
DAMON debugfs interface increases the reference counts of 'struct pid's
for targets from the 'target_ids' file write callback
('dbgfs_target_ids_write()'), but decreases the counts only in DAMON
monitoring termination callback ('dbgfs_before_terminate()').
Therefore, when 'target_ids' file is repeatedly written without DAMON
monitoring start/termination, the reference count is not decreased and
therefore memory for the 'struct pid' cannot be freed. This commit
fixes this issue by decreasing the reference counts when 'target_ids' is
written.
Link: https://lkml.kernel.org/r/20211229124029.23348-1-sj@kernel.org
Fixes: 4bc05954d007 ("mm/damon: implement a debugfs-based user space interface")
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: <stable@vger.kernel.org> [5.15+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit ebb3f994dd92f8fb4d70c7541091216c1e10cb71)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: I1d280e32acf9478f48c6946469da1444a2998464
|
||
|
SeongJae Park
|
c3939031fb |
UPSTREAM: mm/damon/dbgfs: protect targets destructions with kdamond_lock
DAMON debugfs interface iterates current monitoring targets in 'dbgfs_target_ids_read()' while holding the corresponding 'kdamond_lock'. However, it also destructs the monitoring targets in 'dbgfs_before_terminate()' without holding the lock. This can result in a use_after_free bug. This commit avoids the race by protecting the destruction with the corresponding 'kdamond_lock'. Link: https://lkml.kernel.org/r/20211221094447.2241-1-sj@kernel.org Reported-by: Sangwoo Bae <sangwoob@amazon.com> Fixes: 4bc05954d007 ("mm/damon: implement a debugfs-based user space interface") Signed-off-by: SeongJae Park <sj@kernel.org> Cc: <stable@vger.kernel.org> [5.15.x] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 34796417964b8d0aef45a99cf6c2d20cebe33733) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I27e10c0e1ccc6c28c5a948a246e45db7a0338bed |
||
|
SeongJae Park
|
82bb332bf0 |
UPSTREAM: mm/damon/vaddr-test: remove unnecessary variables
A couple of test functions in DAMON virtual address space monitoring primitives implementation has unnecessary damon_ctx variables. This commit removes those. Link: https://lkml.kernel.org/r/20211201150440.1088-7-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 9f86d624292c238203b3687cdb870a2cde1a6f9b) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ic7543d67d15843d7c2110302de950958a3b46e04 |
||
|
SeongJae Park
|
4f0e48e5e9 |
UPSTREAM: mm/damon/vaddr-test: split a test function having >1024 bytes frame size
On some configuration[1], 'damon_test_split_evenly()' kunit test
function has >1024 bytes frame size, so below build warning is
triggered:
CC mm/damon/vaddr.o
In file included from mm/damon/vaddr.c:672:
mm/damon/vaddr-test.h: In function 'damon_test_split_evenly':
mm/damon/vaddr-test.h:309:1: warning: the frame size of 1064 bytes is larger than 1024 bytes [-Wframe-larger-than=]
309 | }
| ^
This commit fixes the warning by separating the common logic in the
function.
[1] https://lore.kernel.org/linux-mm/202111182146.OV3C4uGr-lkp@intel.com/
Link: https://lkml.kernel.org/r/20211201150440.1088-6-sj@kernel.org
Fixes: 17ccae8bb5c9 ("mm/damon: add kunit tests")
Signed-off-by: SeongJae Park <sj@kernel.org>
Reported-by: kernel test robot <lkp@intel.com>
Cc: Brendan Higgins <brendanhiggins@google.com>
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 044cd9750fe010170f5dc812e4824d98f5ea928c)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: I78226fdde7f992f5aa8209f0996561a3f7efce84
|
||
|
SeongJae Park
|
90af7e344b |
UPSTREAM: mm/damon/vaddr: remove an unnecessary warning message
The DAMON virtual address space monitoring primitive prints a warning message for wrong DAMOS action. However, it is not essential as the code returns appropriate failure in the case. This commit removes the message to make the log clean. Link: https://lkml.kernel.org/r/20211201150440.1088-5-sj@kernel.org Fixes: 6dea8add4d28 ("mm/damon/vaddr: support DAMON-based Operation Schemes") Signed-off-by: SeongJae Park <sj@kernel.org> Reviewed-by: Muchun Song <songmuchun@bytedance.com> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 09e12289cc044afa484e70c0b379d579d52caf9a) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I695d3e813f9449b388f2757c6e81cba76ee3e1bf |
||
|
SeongJae Park
|
4e19846848 |
UPSTREAM: mm/damon/core: remove unnecessary error messages
DAMON core prints error messages when damon_target object creation is failed or wrong monitoring attributes are given. Because appropriate error code is returned for each case, the messages are not essential. Also, because the code path can be triggered with user-specified input, this could result in kernel log mistakenly being messy. To avoid the case, this commit removes the messages. Link: https://lkml.kernel.org/r/20211201150440.1088-4-sj@kernel.org Fixes: 4bc05954d007 ("mm/damon: implement a debugfs-based user space interface") Fixes: b9a6ac4e4ede ("mm/damon: adaptively adjust regions") Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: kernel test robot <lkp@intel.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 1afaf5cb687de85c5e00ac70f6eea5597077cbc5) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I571336c5d49998029d4727b523b7a0950c753b2f |
||
|
SeongJae Park
|
a7969dac5a |
UPSTREAM: mm/damon/dbgfs: remove an unnecessary error message
When wrong scheme action is requested via the debugfs interface, DAMON prints an error message. Because the function returns error code, this is not really needed. Because the code path is triggered by the user specified input, this can result in kernel log mistakenly being messy. To avoid the case, this commit removes the message. Link: https://lkml.kernel.org/r/20211201150440.1088-3-sj@kernel.org Fixes: af122dd8f3c0 ("mm/damon/dbgfs: support DAMON-based Operation Schemes") Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 0bceffa236af401f5206feaf3538526cbc427209) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I6c6e4ea6891eee04cb934f237b7d1768a766f240 |
||
|
SeongJae Park
|
f37ab7f595 |
UPSTREAM: mm/damon/core: use better timer mechanisms selection threshold
Patch series "mm/damon: Trivial fixups and improvements". This patchset contains trivial fixups and improvements for DAMON and its kunit/kselftest tests. This patch (of 11): DAMON is using hrtimer if requested sleep time is <=100ms, while the suggested threshold[1] is <=20ms. This commit applies the threshold. [1] Documentation/timers/timers-howto.rst Link: https://lkml.kernel.org/r/20211201150440.1088-2-sj@kernel.org Fixes: ee801b7dd7822 ("mm/damon/schemes: activate schemes based on a watermarks mechanism") Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Shuah Khan <shuah@kernel.org> Cc: Brendan Higgins <brendanhiggins@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 4de46a30b9929d3d1b29e481d48e9c25f8ac7919) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ieb5e3e196c96d8d54c83fecec53fdd13db763b62 |
||
|
SeongJae Park
|
63e8bc85e6 |
UPSTREAM: mm/damon/core: fix fake load reports due to uninterruptible sleeps
Because DAMON sleeps in uninterruptible mode, /proc/loadavg reports fake load while DAMON is turned on, though it is doing nothing. This can confuse users[1]. To avoid the case, this commit makes DAMON sleeps in idle mode. [1] https://lore.kernel.org/all/11868371.O9o76ZdvQC@natalenko.name/ Link: https://lkml.kernel.org/r/20211126145015.15862-3-sj@kernel.org Fixes: 2224d8485492 ("mm: introduce Data Access MONitor (DAMON)") Reported-by: Oleksandr Natalenko <oleksandr@natalenko.name> Signed-off-by: SeongJae Park <sj@kernel.org> Tested-by: Oleksandr Natalenko <oleksandr@natalenko.name> Cc: John Stultz <john.stultz@linaro.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 70e9274805fccfd175d0431a947bfd11ee7df40e) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Id3518e85d9b1db9f71b62932418993b4b9666326 |
||
|
SeongJae Park
|
2581464867 |
UPSTREAM: mm/damon/dbgfs: fix missed use of damon_dbgfs_lock
DAMON debugfs is supposed to protect dbgfs_ctxs, dbgfs_nr_ctxs, and dbgfs_dirs using damon_dbgfs_lock. However, some of the code is accessing the variables without the protection. This fixes it by protecting all such accesses. Link: https://lkml.kernel.org/r/20211110145758.16558-3-sj@kernel.org Fixes: 75c1c2b53c78 ("mm/damon/dbgfs: support multiple contexts") Signed-off-by: SeongJae Park <sj@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit d78f3853f831eee46c6dbe726debf3be9e9c0d05) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ibdfcc75f9f219b69a4b4e6161af257c1d0eba891 |
||
|
SeongJae Park
|
dbbff9155c |
UPSTREAM: mm/damon/dbgfs: use '__GFP_NOWARN' for user-specified size buffer allocation
Patch series "DAMON fixes".
This patch (of 2):
DAMON users can trigger below warning in '__alloc_pages()' by invoking
write() to some DAMON debugfs files with arbitrarily high count
argument, because DAMON debugfs interface allocates some buffers based
on the user-specified 'count'.
if (unlikely(order >= MAX_ORDER)) {
WARN_ON_ONCE(!(gfp & __GFP_NOWARN));
return NULL;
}
Because the DAMON debugfs interface code checks failure of the
'kmalloc()', this commit simply suppresses the warnings by adding
'__GFP_NOWARN' flag.
Link: https://lkml.kernel.org/r/20211110145758.16558-1-sj@kernel.org
Link: https://lkml.kernel.org/r/20211110145758.16558-2-sj@kernel.org
Fixes: 4bc05954d007 ("mm/damon: implement a debugfs-based user space interface")
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit db7a347b26fe05d2e8c115bb24dfd908d0252bc3)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: Ie04cc634d998260e5791b4daa4215b83a6af9071
|
||
Changbin Du
|
55a2d2f5a7 |
UPSTREAM: mm/damon: remove return value from before_terminate callback
Since the return value of 'before_terminate' callback is never used, we make it have no return value. Link: https://lkml.kernel.org/r/20211029005023.8895-1-changbin.du@gmail.com Signed-off-by: Changbin Du <changbin.du@gmail.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 658f9ae761b5965893727dd4edcdad56e5a439bb) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ida44623827a7a667118a2af329f6e58a57941fc9 |
||
Colin Ian King
|
b48f28f49c |
UPSTREAM: mm/damon: fix a few spelling mistakes in comments and a pr_debug message
There are a few spelling mistakes in the code. Fix these. Link: https://lkml.kernel.org/r/20211028184157.614544-1-colin.i.king@gmail.com Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 0107865541961ee128149c9873996d32143a74d0) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I09c9421b1abeed6c002cf5fef07d229cf0f22ebd |
||
|
Changbin Du
|
bb15a07842 |
UPSTREAM: mm/damon: simplify stop mechanism
A kernel thread can exit gracefully with kthread_stop(). So we don't need a new flag 'kdamond_stop'. And to make sure the task struct is not freed when accessing it, get reference to it before termination. Link: https://lkml.kernel.org/r/20211027130517.4404-1-changbin.du@gmail.com Signed-off-by: Changbin Du <changbin.du@gmail.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 0f91d13366a402420bf98eaaf393db03946c13e0) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I7b959fc6cd114dc244c895cf19b9fd864b81cd12 |
||
|
Xin Hao
|
f1456aa48d |
UPSTREAM: mm/damon/dbgfs: add adaptive_targets list check before enable monitor_on
When the ctx->adaptive_targets list is empty, I did some test on
monitor_on interface like this.
# cat /sys/kernel/debug/damon/target_ids
#
# echo on > /sys/kernel/debug/damon/monitor_on
# damon: kdamond (5390) starts
Though the ctx->adaptive_targets list is empty, but the kthread_run
still be called, and the kdamond.x thread still be created, this is
meaningless.
So there adds a judgment in 'dbgfs_monitor_on_write', if the
ctx->adaptive_targets list is empty, return -EINVAL.
Link: https://lkml.kernel.org/r/0a60a6e8ec9d71989e0848a4dc3311996ca3b5d4.1634720326.git.xhao@linux.alibaba.com
Signed-off-by: Xin Hao <xhao@linux.alibaba.com>
Reviewed-by: SeongJae Park <sj@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit b5ca3e83ddb05342b1b30700b999cb9b107511f6)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: I768592c5fded26ead98ba94a46d43fd64118f589
|
||
|
Xin Hao
|
8c2db14f3f |
UPSTREAM: mm/damon: remove unnecessary variable initialization
Patch series "mm/damon: Fix some small bugs", v4. This patch (of 2): In 'damon_va_apply_three_regions' there is no need to set variable 'i' to zero. Link: https://lkml.kernel.org/r/b7df8d3dad0943a37e01f60c441b1968b2b20354.1634720326.git.xhao@linux.alibaba.com Link: https://lkml.kernel.org/r/cover.1634720326.git.xhao@linux.alibaba.com Signed-off-by: Xin Hao <xhao@linux.alibaba.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit a460a36034bad4403c2c62e04a521bc6987ae5db) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I81c05842e2372f3ab7a3d74df5358fbfb1c96342 |
||
|
SeongJae Park
|
4d321b786f |
UPSTREAM: mm/damon: introduce DAMON-based Reclamation (DAMON_RECLAIM)
This implements a new kernel subsystem that finds cold memory regions
using DAMON and reclaims those immediately. It is intended to be used
as proactive lightweigh reclamation logic for light memory pressure.
For heavy memory pressure, it could be inactivated and fall back to the
traditional page-scanning based reclamation.
It's implemented on top of DAMON framework to use the DAMON-based
Operation Schemes (DAMOS) feature. It utilizes all the DAMOS features
including speed limit, prioritization, and watermarks.
It could be enabled and tuned in boot time via the kernel boot
parameter, and in run time via its module parameters
('/sys/module/damon_reclaim/parameters/') interface.
[yangyingliang@huawei.com: fix error return code in damon_reclaim_turn()]
Link: https://lkml.kernel.org/r/20211025124500.2758060-1-yangyingliang@huawei.com
Link: https://lkml.kernel.org/r/20211019150731.16699-15-sj@kernel.org
Signed-off-by: SeongJae Park <sj@kernel.org>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
Cc: Amit Shah <amit@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: David Rientjes <rientjes@google.com>
Cc: David Woodhouse <dwmw@amazon.com>
Cc: Greg Thelen <gthelen@google.com>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Leonard Foerster <foersleo@amazon.de>
Cc: Marco Elver <elver@google.com>
Cc: Markus Boehme <markubo@amazon.de>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 43b0536cb4710e7bb591edfda7e68a1c327a3409)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: Id57795ee37e5db046f782d2bffcd0533fe476558
|
||
|
SeongJae Park
|
88d44101df |
UPSTREAM: mm/damon/dbgfs: support watermarks
This updates DAMON debugfs interface to support the watermarks based schemes activation. For this, now 'schemes' file receives five more values. Link: https://lkml.kernel.org/r/20211019150731.16699-13-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit ae666a6dddfd119da55cc1bad54f7cbd8b2ef54c) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I9b1b7c285ea04bd4dc9beefcc6a4e5368f093745 |
||
|
SeongJae Park
|
fb7d5f3b1a |
UPSTREAM: mm/damon/schemes: activate schemes based on a watermarks mechanism
DAMON-based operation schemes need to be manually turned on and off. In some use cases, however, the condition for turning a scheme on and off would depend on the system's situation. For example, schemes for proactive pages reclamation would need to be turned on when some memory pressure is detected, and turned off when the system has enough free memory. For easier control of schemes activation based on the system situation, this introduces a watermarks-based mechanism. The client can describe the watermark metric (e.g., amount of free memory in the system), watermark check interval, and three watermarks, namely high, mid, and low. If the scheme is deactivated, it only gets the metric and compare that to the three watermarks for every check interval. If the metric is higher than the high watermark, the scheme is deactivated. If the metric is between the mid watermark and the low watermark, the scheme is activated. If the metric is lower than the low watermark, the scheme is deactivated again. This is to allow users fall back to traditional page-granularity mechanisms. Link: https://lkml.kernel.org/r/20211019150731.16699-12-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit ee801b7dd7822a82fd7663048ad649545fac6df3) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I857d0aeab8aa58929ea71c8e9d42b3b93966fc51 |
||
|
SeongJae Park
|
eb9cf87aa8 |
UPSTREAM: mm/damon/dbgfs: support prioritization weights
This allows DAMON debugfs interface users set the prioritization weights by putting three more numbers to the 'schemes' file. Link: https://lkml.kernel.org/r/20211019150731.16699-10-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit f4a68b4a04e6db9397f7776c51d0f9715bd1a60e) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ia47dfebe9817da3e0d669ea996c0d3b44f980936 |
||
|
SeongJae Park
|
798e889699 |
UPSTREAM: mm/damon/vaddr,paddr: support pageout prioritization
This makes the default monitoring primitives for virtual address spaces and the physical address sapce to support memory regions prioritization for 'PAGEOUT' DAMOS action. It calculates hotness of each region as weighted sum of 'nr_accesses' and 'age' of the region and get the priority score as reverse of the hotness, so that cold regions can be paged out first. Link: https://lkml.kernel.org/r/20211019150731.16699-9-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 198f0f4c58b9f481e4e51c8c70a6ab9852bbab7f) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I5f8f8d5e3b0669ec48fa6d698b963091c892106d |
||
|
SeongJae Park
|
dd1947047e |
UPSTREAM: mm/damon/schemes: prioritize regions within the quotas
This makes DAMON apply schemes to regions having higher priority first, if it cannot apply schemes to all regions due to the quotas. The prioritization function should be implemented in the monitoring primitives. Those would commonly calculate the priority of the region using attributes of regions, namely 'size', 'nr_accesses', and 'age'. For example, some primitive would calculate the priority of each region using a weighted sum of 'nr_accesses' and 'age' of the region. The optimal weights would depend on give environments, so this makes those customizable. Nevertheless, the score calculation functions are only encouraged to respect the weights, not mandated. Link: https://lkml.kernel.org/r/20211019150731.16699-8-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 38683e003153f7abfa612d7b7fe147efa4624af2) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I7c96b116f7daf1d33df427b023aba3664951e2cb |
||
|
SeongJae Park
|
8c491daa0f |
UPSTREAM: mm/damon/dbgfs: support quotas of schemes
This makes the debugfs interface of DAMON support the scheme quotas by chaning the format of the input for the schemes file. Link: https://lkml.kernel.org/r/20211019150731.16699-6-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit d7d0ec85e983945079364db3c3d2d80cc795a48c) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I2260814672b0b9db7f0b416505bfa767fa0fa00b |
||
|
SeongJae Park
|
2c090a6bc6 |
UPSTREAM: mm/damon/schemes: implement time quota
The size quota feature of DAMOS is useful for IO resource-critical systems, but not so intuitive for CPU time-critical systems. Systems using zram or zswap-like swap device would be examples. To provide another intuitive ways for such systems, this implements time-based quota for DAMON-based Operation Schemes. If the quota is set, DAMOS tries to use only up to the user-defined quota of CPU time within a given time window. Link: https://lkml.kernel.org/r/20211019150731.16699-5-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 1cd2430300594a230dba9178ac9e286d868d9da2) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I5ee77a0882cb67d76f7f24ce7742414718ba028c |
||
|
SeongJae Park
|
8c0c30e2f0 |
UPSTREAM: mm/damon/schemes: skip already charged targets and regions
If DAMOS has stopped applying action in the middle of a group of memory regions due to its size quota, it starts the work again from the beginning of the address space in the next charge window. If there is a huge memory region at the beginning of the address space and it fulfills the scheme's target data access pattern always, the action will applied to only the region. This mitigates the case by skipping memory regions that charged in current charge window at the beginning of next charge window. Link: https://lkml.kernel.org/r/20211019150731.16699-4-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 50585192bc2ef9309d32dabdbb5e735679f4f128) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I73d1b16851b2dbe57927d9685b53e7ab3ad22a9c |
||
|
SeongJae Park
|
a9af0008be |
UPSTREAM: mm/damon/schemes: implement size quota for schemes application speed control
There could be arbitrarily large memory regions fulfilling the target data access pattern of a DAMON-based operation scheme. In the case, applying the action of the scheme could incur too high overhead. To provide an intuitive way for avoiding it, this implements a feature called size quota. If the quota is set, DAMON tries to apply the action only up to the given amount of memory regions within a given time window. Link: https://lkml.kernel.org/r/20211019150731.16699-3-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rientjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 2b8a248d5873343aa16f6c5ede30517693995f13) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I14a2cddcf6d9fa313ab16150a8d580ee60288b9e |
||
|
SeongJae Park
|
780cd6f930 |
UPSTREAM: mm/damon/paddr: support the pageout scheme
Introduction ============ This patchset 1) makes the engine for general data access pattern-oriented memory management (DAMOS) be more useful for production environments, and 2) implements a static kernel module for lightweight proactive reclamation using the engine. Proactive Reclamation --------------------- On general memory over-committed systems, proactively reclaiming cold pages helps saving memory and reducing latency spikes that incurred by the direct reclaim or the CPU consumption of kswapd, while incurring only minimal performance degradation[2]. A Free Pages Reporting[8] based memory over-commit virtualization system would be one more specific use case. In the system, the guest VMs reports their free memory to host, and the host reallocates the reported memory to other guests. As a result, the system's memory utilization can be maximized. However, the guests could be not so memory-frugal, because some kernel subsystems and user-space applications are designed to use as much memory as available. Then, guests would report only small amount of free memory to host, results in poor memory utilization. Running the proactive reclamation in such guests could help mitigating this problem. Google has also implemented this idea and using it in their data center. They further proposed upstreaming it in LSFMM'19, and "the general consensus was that, while this sort of proactive reclaim would be useful for a number of users, the cost of this particular solution was too high to consider merging it upstream"[3]. The cost mainly comes from the coldness tracking. Roughly speaking, the implementation periodically scans the 'Accessed' bit of each page. For the reason, the overhead linearly increases as the size of the memory and the scanning frequency grows. As a result, Google is known to dedicating one CPU for the work. That's a reasonable option to someone like Google, but it wouldn't be so to some others. DAMON and DAMOS: An engine for data access pattern-oriented memory management ----------------------------------------------------------------------------- DAMON[4] is a framework for general data access monitoring. Its adaptive monitoring overhead control feature minimizes its monitoring overhead. It also let the upper-bound of the overhead be configurable by clients, regardless of the size of the monitoring target memory. While monitoring 70 GiB memory of a production system every 5 milliseconds, it consumes less than 1% single CPU time. For this, it could sacrify some of the quality of the monitoring results. Nevertheless, the lower-bound of the quality is configurable, and it uses a best-effort algorithm for better quality. Our test results[5] show the quality is practical enough. From the production system monitoring, we were able to find a 4 KiB region in the 70 GiB memory that shows highest access frequency. We normally don't monitor the data access pattern just for fun but to improve something like memory management. Proactive reclamation is one such usage. For such general cases, DAMON provides a feature called DAMon-based Operation Schemes (DAMOS)[6]. It makes DAMON an engine for general data access pattern oriented memory management. Using this, clients can ask DAMON to find memory regions of specific data access pattern and apply some memory management action (e.g., page out, move to head of the LRU list, use huge page, ...). We call the request 'scheme'. Proactive Reclamation on top of DAMON/DAMOS ------------------------------------------- Therefore, by using DAMON for the cold pages detection, the proactive reclamation's monitoring overhead issue can be solved. Actually, we previously implemented a version of proactive reclamation using DAMOS and achieved noticeable improvements with our evaluation setup[5]. Nevertheless, it more for a proof-of-concept, rather than production uses. It supports only virtual address spaces of processes, and require additional tuning efforts for given workloads and the hardware. For the tuning, we introduced a simple auto-tuning user space tool[8]. Google is also known to using a ML-based similar approach for their fleets[2]. But, making it just works with intuitive knobs in the kernel would be helpful for general users. To this end, this patchset improves DAMOS to be ready for such production usages, and implements another version of the proactive reclamation, namely DAMON_RECLAIM, on top of it. DAMOS Improvements: Aggressiveness Control, Prioritization, and Watermarks -------------------------------------------------------------------------- First of all, the current version of DAMOS supports only virtual address spaces. This patchset makes it supports the physical address space for the page out action. Next major problem of the current version of DAMOS is the lack of the aggressiveness control, which can results in arbitrary overhead. For example, if huge memory regions having the data access pattern of interest are found, applying the requested action to all of the regions could incur significant overhead. It can be controlled by tuning the target data access pattern with manual or automated approaches[2,7]. But, some people would prefer the kernel to just work with only intuitive tuning or default values. For such cases, this patchset implements a safeguard, namely time/size quota. Using this, the clients can specify up to how much time can be used for applying the action, and/or up to how much memory regions the action can be applied within a user-specified time duration. A followup question is, to which memory regions should the action applied within the limits? We implement a simple regions prioritization mechanism for each action and make DAMOS to apply the action to high priority regions first. It also allows clients tune the prioritization mechanism to use different weights for size, access frequency, and age of memory regions. This means we could use not only LRU but also LFU or some fancy algorithms like CAR[9] with lightweight overhead. Though DAMON is lightweight, someone would want to remove even the cold pages monitoring overhead when it is unnecessary. Currently, it should manually turned on and off by clients, but some clients would simply want to turn it on and off based on some metrics like free memory ratio or memory fragmentation. For such cases, this patchset implements a watermarks-based automatic activation feature. It allows the clients configure the metric of their interest, and three watermarks of the metric. If the metric is higher than the high watermark or lower than the low watermark, the scheme is deactivated. If the metric is lower than the mid watermark but higher than the low watermark, the scheme is activated. DAMON-based Reclaim ------------------- Using the improved version of DAMOS, this patchset implements a static kernel module called 'damon_reclaim'. It finds memory regions that didn't accessed for specific time duration and page out. Consuming too much CPU for the paging out operations, or doing pageout too frequently can be critical for systems configuring their swap devices with software-defined in-memory block devices like zram/zswap or total number of writes limited devices like SSDs, respectively. To avoid the problems, the time/size quotas can be configured. Under the quotas, it pages out memory regions that didn't accessed longer first. Also, to remove the monitoring overhead under peaceful situation, and to fall back to the LRU-list based page granularity reclamation when it doesn't make progress, the three watermarks based activation mechanism is used, with the free memory ratio as the watermark metric. For convenient configurations, it provides several module parameters. Using these, sysadmins can enable/disable it, and tune its parameters including the coldness identification time threshold, the time/size quotas and the three watermarks. Evaluation ========== In short, DAMON_RECLAIM with 50ms/s time quota and regions prioritization on v5.15-rc5 Linux kernel with ZRAM swap device achieves 38.58% memory saving with only 1.94% runtime overhead. For this, DAMON_RECLAIM consumes only 4.97% of single CPU time. Setup ----- We evaluate DAMON_RECLAIM to show how each of the DAMOS improvements make effect. For this, we measure DAMON_RECLAIM's CPU consumption, entire system memory footprint, total number of major page faults, and runtime of 24 realistic workloads in PARSEC3 and SPLASH-2X benchmark suites on my QEMU/KVM based virtual machine. The virtual machine runs on an i3.metal AWS instance, has 130GiB memory, and runs a linux kernel built on latest -mm tree[1] plus this patchset. It also utilizes a 4 GiB ZRAM swap device. We repeats the measurement 5 times and use averages. [1] https://github.com/hnaz/linux-mm/tree/v5.15-rc5-mmots-2021-10-13-19-55 Detailed Results ---------------- The results are summarized in the below table. With coldness identification threshold of 5 seconds, DAMON_RECLAIM without the time quota-based speed limit achieves 47.21% memory saving, but incur 4.59% runtime slowdown to the workloads on average. For this, DAMON_RECLAIM consumes about 11.28% single CPU time. Applying time quotas of 200ms/s, 50ms/s, and 10ms/s without the regions prioritization reduces the slowdown to 4.89%, 2.65%, and 1.5%, respectively. Time quota of 200ms/s (20%) makes no real change compared to the quota unapplied version, because the quota unapplied version consumes only 11.28% CPU time. DAMON_RECLAIM's CPU utilization also similarly reduced: 11.24%, 5.51%, and 2.01% of single CPU time. That is, the overhead is proportional to the speed limit. Nevertheless, it also reduces the memory saving because it becomes less aggressive. In detail, the three variants show 48.76%, 37.83%, and 7.85% memory saving, respectively. Applying the regions prioritization (page out regions that not accessed longer first within the time quota) further reduces the performance degradation. Runtime slowdowns and total number of major page faults increase has been 4.89%/218,690% -> 4.39%/166,136% (200ms/s), 2.65%/111,886% -> 1.94%/59,053% (50ms/s), and 1.5%/34,973.40% -> 2.08%/8,781.75% (10ms/s). The runtime under 10ms/s time quota has increased with prioritization, but apparently that's under the margin of error. time quota prioritization memory_saving cpu_util slowdown pgmajfaults overhead N N 47.21% 11.28% 4.59% 194,802% 200ms/s N 48.76% 11.24% 4.89% 218,690% 50ms/s N 37.83% 5.51% 2.65% 111,886% 10ms/s N 7.85% 2.01% 1.5% 34,793.40% 200ms/s Y 50.08% 10.38% 4.39% 166,136% 50ms/s Y 38.58% 4.97% 1.94% 59,053% 10ms/s Y 3.63% 1.73% 2.08% 8,781.75% Baseline and Complete Git Trees =============================== The patches are based on the latest -mm tree (v5.15-rc5-mmots-2021-10-13-19-55). You can also clone the complete git tree from: $ git clone git://github.com/sjp38/linux -b damon_reclaim/patches/v1 The web is also available: https://git.kernel.org/pub/scm/linux/kernel/git/sj/linux.git/tag/?h=damon_reclaim/patches/v1 Sequence Of Patches =================== The first patch makes DAMOS support the physical address space for the page out action. Following five patches (patches 2-6) implement the time/size quotas. Next four patches (patches 7-10) implement the memory regions prioritization within the limit. Then, three following patches (patches 11-13) implement the watermarks-based schemes activation. Finally, the last two patches (patches 14-15) implement and document the DAMON-based reclamation using the advanced DAMOS. [1] https://www.kernel.org/doc/html/v5.15-rc1/vm/damon/index.html [2] https://research.google/pubs/pub48551/ [3] https://lwn.net/Articles/787611/ [4] https://damonitor.github.io [5] https://damonitor.github.io/doc/html/latest/vm/damon/eval.html [6] https://lore.kernel.org/linux-mm/20211001125604.29660-1-sj@kernel.org/ [7] https://github.com/awslabs/damoos [8] https://www.kernel.org/doc/html/latest/vm/free_page_reporting.html [9] https://www.usenix.org/conference/fast-04/car-clock-adaptive-replacement This patch (of 15): This makes the DAMON primitives for physical address space support the pageout action for DAMON-based Operation Schemes. With this commit, hence, users can easily implement system-level data access-aware reclamations using DAMOS. [sj@kernel.org: fix missing-prototype build warning] Link: https://lkml.kernel.org/r/20211025064220.13904-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211019150731.16699-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211019150731.16699-2-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Jonathan Corbet <corbet@lwn.net> Cc: David Hildenbrand <david@redhat.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Marco Elver <elver@google.com> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Greg Thelen <gthelen@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: David Rientjes <rientjes@google.com> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 57223ac295845b1d72ec1bd02b5fab992b77a021) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I56dbce96f1d8152cac49ef0d11cb81a342bfa89d |
||
Rongwei Wang
|
71a23818ca |
UPSTREAM: mm/damon/dbgfs: remove unnecessary variables
In some functions, it's unnecessary to declare 'err' and 'ret' variables at the same time. This patch mainly to simplify the issue of such declarations by reusing one variable. Link: https://lkml.kernel.org/r/20211014073014.35754-1-sj@kernel.org Signed-off-by: Rongwei Wang <rongwei.wang@linux.alibaba.com> Signed-off-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 9210622ab81f7e722da7563166d93b2a028a79d4) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Iac1dfa450c23f09ced9b4edc9e8e42b6cb01b1c4 |
||
Rikard Falkeborn
|
1d68b96800 |
UPSTREAM: mm/damon/vaddr: constify static mm_walk_ops
The only usage of these structs is to pass their addresses to walk_page_range(), which takes a pointer to const mm_walk_ops as argument. Make them const to allow the compiler to put them in read-only memory. Link: https://lkml.kernel.org/r/20211014075042.17174-2-rikard.falkeborn@gmail.com Signed-off-by: Rikard Falkeborn <rikard.falkeborn@gmail.com> Reviewed-by: SeongJae Park <sj@kernel.org> Reviewed-by: Anshuman Khandual <anshuman.khandual@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 199b50f4c9485c46c2403d8b3e0eca90ec401ed6) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ib72d1a17a17377357a53b80cbafc13c456e71683 |
||
|
SeongJae Park
|
932c8c61e1 |
UPSTREAM: mm/damon/dbgfs: support physical memory monitoring
This makes the 'damon-dbgfs' to support the physical memory monitoring, in addition to the virtual memory monitoring. Users can do the physical memory monitoring by writing a special keyword, 'paddr' to the 'target_ids' debugfs file. Then, DAMON will check the special keyword and configure the monitoring context to run with the primitives for the physical address space. Unlike the virtual memory monitoring, the monitoring target region will not be automatically set. Therefore, users should also set the monitoring target address region using the 'init_regions' debugfs file. Also, note that the physical memory monitoring will not automatically terminated. The user should explicitly turn off the monitoring by writing 'off' to the 'monitor_on' debugfs file. Link: https://lkml.kernel.org/r/20211012205711.29216-7-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: David Hildenbrand <david@redhat.com> Cc: David Rienjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit c026291ab88f02247999959d01182cb8eb6e6a5b) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I8d90c01714b5cc05ebaaea34d957686f5fafc868 |
||
|
SeongJae Park
|
f348ba2256 |
UPSTREAM: mm/damon: implement primitives for physical address space monitoring
This implements the monitoring primitives for the physical memory address space. Internally, it uses the PTE Accessed bit, similar to that of the virtual address spaces monitoring primitives. It supports only user memory pages, as idle pages tracking does. If the monitoring target physical memory address range contains non-user memory pages, access check of the pages will do nothing but simply treat the pages as not accessed. Link: https://lkml.kernel.org/r/20211012205711.29216-6-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: David Hildenbrand <david@redhat.com> Cc: David Rienjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit a28397beb55b68bd0f15c6778540e8ae1bc26d21) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ib36d7b5d2256fbc49013b394071d884b5f64e2ce |
||
|
SeongJae Park
|
3c4a2c1428 |
UPSTREAM: mm/damon/vaddr: separate commonly usable functions
This moves functions in the default virtual address spaces monitoring primitives that commonly usable from other address spaces like physical address space into a header file. Those will be reused by the physical address space monitoring primitives which will be implemented by the following commit. [sj@kernel.org: include 'highmem.h' to fix a build failure] Link: https://lkml.kernel.org/r/20211014110848.5204-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211012205711.29216-5-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Brendan Higgins <brendanhiggins@google.com> Cc: David Hildenbrand <david@redhat.com> Cc: David Rienjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 46c3a0accdc48c86928157fd073e66807f338485) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I6f69ed866410db882171c4318f5ee799fbc4eb98 |
||
|
SeongJae Park
|
c7f64c7f78 |
UPSTREAM: mm/damon/dbgfs-test: add a unit test case for 'init_regions'
This adds another test case for the new feature, 'init_regions'. Link: https://lkml.kernel.org/r/20211012205711.29216-3-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Reviewed-by: Brendan Higgins <brendanhiggins@google.com> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rienjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 1c2e11bfa649cc07e6322b0e5ea3cdbada9c43c3) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: I99ea9f6aa40f3b241bedd0a8434d41a49ac8fea5 |
||
|
SeongJae Park
|
27b2b8d255 |
UPSTREAM: mm/damon/dbgfs: allow users to set initial monitoring target regions
Patch series "DAMON: Support Physical Memory Address Space Monitoring:.
DAMON currently supports only virtual address spaces monitoring. It can
be easily extended for various use cases and address spaces by
configuring its monitoring primitives layer to use appropriate
primitives implementations, though. This patchset implements monitoring
primitives for the physical address space monitoring using the
structure.
The first 3 patches allow the user space users manually set the
monitoring regions. The 1st patch implements the feature in the
'damon-dbgfs'. Then, patches for adding a unit tests (the 2nd patch)
and updating the documentation (the 3rd patch) follow.
Following 4 patches implement the physical address space monitoring
primitives. The 4th patch makes some primitive functions for the
virtual address spaces primitives reusable. The 5th patch implements
the physical address space monitoring primitives. The 6th patch links
the primitives to the 'damon-dbgfs'. Finally, 7th patch documents this
new features.
This patch (of 7):
Some 'damon-dbgfs' users would want to monitor only a part of the entire
virtual memory address space. The program interface users in the kernel
space could use '->before_start()' callback or set the regions inside
the context struct as they want, but 'damon-dbgfs' users cannot.
For that reason, this introduces a new debugfs file called
'init_region'. 'damon-dbgfs' users can specify which initial monitoring
target address regions they want by writing special input to the file.
The input should describe each region in each line in the below form:
<pid> <start address> <end address>
Note that the regions will be updated to cover entire memory mapped
regions after a 'regions update interval' is passed. If you want the
regions to not be updated after the initial setting, you could set the
interval as a very long time, say, a few decades.
Link: https://lkml.kernel.org/r/20211012205711.29216-1-sj@kernel.org
Link: https://lkml.kernel.org/r/20211012205711.29216-2-sj@kernel.org
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Amit Shah <amit@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: David Hildenbrand <david@redhat.com>
Cc: David Woodhouse <dwmw@amazon.com>
Cc: Marco Elver <elver@google.com>
Cc: Leonard Foerster <foersleo@amazon.de>
Cc: Greg Thelen <gthelen@google.com>
Cc: Markus Boehme <markubo@amazon.de>
Cc: David Rienjes <rientjes@google.com>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Brendan Higgins <brendanhiggins@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 90bebce9fcd6488ba6b010af3a16a0a0d7e44cb6)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: Idb8961fbe0d851f9b4a1da6b42dfff291d86eae2
|
||
|
SeongJae Park
|
ef678357b3 |
UPSTREAM: mm/damon/schemes: implement statistics feature
To tune the DAMON-based operation schemes, knowing how many and how large regions are affected by each of the schemes will be helful. Those stats could be used for not only the tuning, but also monitoring of the working set size and the number of regions, if the scheme does not change the program behavior too much. For the reason, this implements the statistics for the schemes. The total number and size of the regions that each scheme is applied are exported to users via '->stat_count' and '->stat_sz' of 'struct damos'. Admins can also check the number by reading 'schemes' debugfs file. The last two integers now represents the stats. To allow collecting the stats without changing the program behavior, this also adds new scheme action, 'DAMOS_STAT'. Note that 'DAMOS_STAT' is not only making no memory operation actions, but also does not reset the age of regions. Link: https://lkml.kernel.org/r/20211001125604.29660-6-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: David Hildenbrand <david@redhat.com> Cc: David Rienjes <rientjes@google.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Greg Thelen <gthelen@google.com> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Jonathan Corbet <corbet@lwn.net> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Marco Elver <elver@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 2f0b548c9f03a78f4ce6ab48986e3108028936a6) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Id485ee13922bd769075a77e7263380db32a15544 |
||
|
SeongJae Park
|
5203491dbb |
UPSTREAM: mm/damon/dbgfs: support DAMON-based Operation Schemes
This makes 'damon-dbgfs' to support the data access monitoring oriented
memory management schemes. Users can read and update the schemes using
``<debugfs>/damon/schemes`` file. The format is::
<min/max size> <min/max access frequency> <min/max age> <action>
Link: https://lkml.kernel.org/r/20211001125604.29660-5-sj@kernel.org
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: Amit Shah <amit@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: David Rienjes <rientjes@google.com>
Cc: David Woodhouse <dwmw@amazon.com>
Cc: Greg Thelen <gthelen@google.com>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Leonard Foerster <foersleo@amazon.de>
Cc: Marco Elver <elver@google.com>
Cc: Markus Boehme <markubo@amazon.de>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit af122dd8f3c0099349bc98ff69f0d90efd8b149f)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: I0ef1d7cc491f93ae6baaefbf9dc47ee342807069
|
||
|
SeongJae Park
|
cad23cd779 |
UPSTREAM: mm/damon/vaddr: support DAMON-based Operation Schemes
This makes DAMON's default primitives for virtual address spaces to
support DAMON-based Operation Schemes (DAMOS) by implementing actions
application functions and registering it to the monitoring context. The
implementation simply links 'madvise()' for related DAMOS actions. That
is, 'madvise(MADV_WILLNEED)' is called for 'WILLNEED' DAMOS action and
similar for other actions ('COLD', 'PAGEOUT', 'HUGEPAGE', 'NOHUGEPAGE').
So, the kernel space DAMON users can now use the DAMON-based
optimizations with only small amount of code.
Link: https://lkml.kernel.org/r/20211001125604.29660-4-sj@kernel.org
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: Amit Shah <amit@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: David Rienjes <rientjes@google.com>
Cc: David Woodhouse <dwmw@amazon.com>
Cc: Greg Thelen <gthelen@google.com>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Leonard Foerster <foersleo@amazon.de>
Cc: Marco Elver <elver@google.com>
Cc: Markus Boehme <markubo@amazon.de>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 6dea8add4d2875b80843e4a4c8acd334a4db8c8f)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: I791dacf0f965deaed4a9fca155aa376764927b46
|
||
|
SeongJae Park
|
2a437378a5 |
UPSTREAM: mm/damon/core: implement DAMON-based Operation Schemes (DAMOS)
In many cases, users might use DAMON for simple data access aware memory
management optimizations such as applying an operation scheme to a
memory region of a specific size having a specific access frequency for
a specific time. For example, "page out a memory region larger than 100
MiB but having a low access frequency more than 10 minutes", or "Use THP
for a memory region larger than 2 MiB having a high access frequency for
more than 2 seconds".
Most simple form of the solution would be doing offline data access
pattern profiling using DAMON and modifying the application source code
or system configuration based on the profiling results. Or, developing
a daemon constructed with two modules (one for access monitoring and the
other for applying memory management actions via mlock(), madvise(),
sysctl, etc) is imaginable.
To avoid users spending their time for implementation of such simple
data access monitoring-based operation schemes, this makes DAMON to
handle such schemes directly. With this change, users can simply
specify their desired schemes to DAMON. Then, DAMON will automatically
apply the schemes to the user-specified target processes.
Each of the schemes is composed with conditions for filtering of the
target memory regions and desired memory management action for the
target. Specifically, the format is::
<min/max size> <min/max access frequency> <min/max age> <action>
The filtering conditions are size of memory region, number of accesses
to the region monitored by DAMON, and the age of the region. The age of
region is incremented periodically but reset when its addresses or
access frequency has significantly changed or the action of a scheme was
applied. For the action, current implementation supports a few of
madvise()-like hints, ``WILLNEED``, ``COLD``, ``PAGEOUT``, ``HUGEPAGE``,
and ``NOHUGEPAGE``.
Because DAMON supports various address spaces and application of the
actions to a monitoring target region is dependent to the type of the
target address space, the application code should be implemented by each
primitives and registered to the framework. Note that this only
implements the framework part. Following commit will implement the
action applications for virtual address spaces primitives.
Link: https://lkml.kernel.org/r/20211001125604.29660-3-sj@kernel.org
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: Amit Shah <amit@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: David Rienjes <rientjes@google.com>
Cc: David Woodhouse <dwmw@amazon.com>
Cc: Greg Thelen <gthelen@google.com>
Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Leonard Foerster <foersleo@amazon.de>
Cc: Marco Elver <elver@google.com>
Cc: Markus Boehme <markubo@amazon.de>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Shuah Khan <shuah@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 1f366e421c8f69583ed37b56d86e3747331869c3)
Bug: 228223814
Signed-off-by: Hailong Tu <tuhailong@oppo.com>
Change-Id: Iae8c0d0ade588de0720140fcf6f97a1873f896a0
|
||
|
SeongJae Park
|
3d9ce6d28b |
UPSTREAM: mm/damon/core: account age of target regions
Patch series "Implement Data Access Monitoring-based Memory Operation Schemes". Introduction ============ DAMON[1] can be used as a primitive for data access aware memory management optimizations. For that, users who want such optimizations should run DAMON, read the monitoring results, analyze it, plan a new memory management scheme, and apply the new scheme by themselves. Such efforts will be inevitable for some complicated optimizations. However, in many other cases, the users would simply want the system to apply a memory management action to a memory region of a specific size having a specific access frequency for a specific time. For example, "page out a memory region larger than 100 MiB keeping only rare accesses more than 2 minutes", or "Do not use THP for a memory region larger than 2 MiB rarely accessed for more than 1 seconds". To make the works easier and non-redundant, this patchset implements a new feature of DAMON, which is called Data Access Monitoring-based Operation Schemes (DAMOS). Using the feature, users can describe the normal schemes in a simple way and ask DAMON to execute those on its own. [1] https://damonitor.github.io Evaluations =========== DAMOS is accurate and useful for memory management optimizations. An experimental DAMON-based operation scheme for THP, 'ethp', removes 76.15% of THP memory overheads while preserving 51.25% of THP speedup. Another experimental DAMON-based 'proactive reclamation' implementation, 'prcl', reduces 93.38% of residential sets and 23.63% of system memory footprint while incurring only 1.22% runtime overhead in the best case (parsec3/freqmine). NOTE that the experimental THP optimization and proactive reclamation are not for production but only for proof of concepts. Please refer to the showcase web site's evaluation document[1] for detailed evaluation setup and results. [1] https://damonitor.github.io/doc/html/v34/vm/damon/eval.html Long-term Support Trees ----------------------- For people who want to test DAMON but using LTS kernels, there are another couple of trees based on two latest LTS kernels respectively and containing the 'damon/master' backports. - For v5.4.y: https://git.kernel.org/sj/h/damon/for-v5.4.y - For v5.10.y: https://git.kernel.org/sj/h/damon/for-v5.10.y Sequence Of Patches =================== The 1st patch accounts age of each region. The 2nd patch implements the core of the DAMON-based operation schemes feature. The 3rd patch makes the default monitoring primitives for virtual address spaces to support the schemes. From this point, the kernel space users can use DAMOS. The 4th patch exports the feature to the user space via the debugfs interface. The 5th patch implements schemes statistics feature for easier tuning of the schemes and runtime access pattern analysis, and the 6th patch adds selftests for these changes. Finally, the 7th patch documents this new feature. This patch (of 7): DAMON can be used for data access pattern aware memory management optimizations. For that, users should run DAMON, read the monitoring results, analyze it, plan a new memory management scheme, and apply the new scheme by themselves. It would not be too hard, but still require some level of effort. For complicated cases, this effort is inevitable. That said, in many cases, users would simply want to apply an actions to a memory region of a specific size having a specific access frequency for a specific time. For example, "page out a memory region larger than 100 MiB but having a low access frequency more than 10 minutes", or "Use THP for a memory region larger than 2 MiB having a high access frequency for more than 2 seconds". For such optimizations, users will need to first account the age of each region themselves. To reduce such efforts, this implements a simple age account of each region in DAMON. For each aggregation step, DAMON compares the access frequency with that from last aggregation and reset the age of the region if the change is significant. Else, the age is incremented. Also, in case of the merge of regions, the region size-weighted average of the ages is set as the age of merged new region. Link: https://lkml.kernel.org/r/20211001125604.29660-1-sj@kernel.org Link: https://lkml.kernel.org/r/20211001125604.29660-2-sj@kernel.org Signed-off-by: SeongJae Park <sj@kernel.org> Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com> Cc: Amit Shah <amit@kernel.org> Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org> Cc: Jonathan Corbet <corbet@lwn.net> Cc: David Hildenbrand <david@redhat.com> Cc: David Woodhouse <dwmw@amazon.com> Cc: Marco Elver <elver@google.com> Cc: Leonard Foerster <foersleo@amazon.de> Cc: Greg Thelen <gthelen@google.com> Cc: Markus Boehme <markubo@amazon.de> Cc: David Rienjes <rientjes@google.com> Cc: Shakeel Butt <shakeelb@google.com> Cc: Shuah Khan <shuah@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit fda504fade7f124858d7022341dc46ff35b45274) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Ia5ddb3b5ce9c0d14e098a0af55dabf4b6a609aaa |
||
Colin Ian King
|
b1209ff347 |
UPSTREAM: mm/damon/core: nullify pointer ctx->kdamond with a NULL
Currently a plain integer is being used to nullify the pointer ctx->kdamond. Use NULL instead. Cleans up sparse warning: mm/damon/core.c:317:40: warning: Using plain integer as NULL pointer Link: https://lkml.kernel.org/r/20210925215908.181226-1-colin.king@canonical.com Signed-off-by: Colin Ian King <colin.king@canonical.com> Reviewed-by: SeongJae Park <sj@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> (cherry picked from commit 7ec1992b891e59dba0f04e0327980786e8f61b13) Bug: 228223814 Signed-off-by: Hailong Tu <tuhailong@oppo.com> Change-Id: Id5f9786633a785fd45bb6b25f0765671a21d3458 |