Update variable type to ensure all the valid values can be
accomodated in variable.
Change-Id: Ieaf0301d6ad524bfb87ff019aec41063ebc4c4c4
Signed-off-by: Ashay Jaiswal <quic_ashayj@quicinc.com>
* refs/heads/tmp-ee319c2:
UPSTREAM: f2fs: reduce the scope of setting fsck tag when de->name_len is zero
ANDROID: GKI: Update symbols to abi_gki_aarch64_oplus
ANDROID: Add initial ASUS symbol list
ANDROID: configfs: add proper module namespace marking
ANDROID: Configure out the macros in android_kabi and android_vendor
ANDROID: kernel: fix debug_kinfo set twice crash issue
ANDROID: GKI: set vfs-only exports into their own namespace
ANDROID: consolidate.fragment: enable mem debug config
UPSTREAM: net/packet: rx_owner_map depends on pg_vec
ANDROID: GKI: Update symbols to symbol list
FROMLIST: module.h: allow #define strings to work with MODULE_IMPORT_NS
FROMLIST: export: fix string handling of namespace in EXPORT_SYMBOL_NS
ANDROID: vendor_hooks: Add hooks for binder
ANDROID: mm/oom_kill: allow process_mrelease reclaim memory in parallel with exit_mmap
FROMLIST: mm/oom_kill: allow process_mrelease to run under mmap_lock protection
FROMLIST: mm: protect free_pgtables with mmap_lock write lock in exit_mmap
UPSTREAM: mm/oom_kill.c: prevent a race between process_mrelease and exit_mmap
UPSTREAM: mm: wire up syscall process_mrelease
UPSTREAM: mm: introduce process_mrelease system call
Change-Id: Ibb609b81e53f53a8bc3f45e753ef3fadbd623ea8
Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com>
* keystone/mirror-android12-5.10:
ANDROID: Configure out the macros in android_kabi and android_vendor
ANDROID: kernel: fix debug_kinfo set twice crash issue
Signed-off-by: deyaoren@google.com <deyaoren@google.com>
Change-Id: I9b2b5e38f9d8920fc671fd74e68be34e0a3a7325
Add one CONFIG to control removing the macros or not. On some platform,
configureing out the macros removes the associated members from the
structs, this reduces the object size of the slabs related with the
structs, therefore reduces the total slab memory consumption of system.
Besides, this also reduces vmlinux size a bit, therefore the total
kernel memory size increses a bit.
The macros are ANDROID_KABI_RESERVE, ANDROID_VENDOR_DATA,
ANDROID_VENDOR_DATA_ARRAY, ANDROID_OEM_DATA, ANDROID_OEM_DATA_ARRAY.
Bug: 206561931
Signed-off-by: Qingqing Zhou <quic_qqzhou@quicinc.com>
Change-Id: I0868d299ccce3c4b39f42af17916828500be6cc4
* keystone/mirror-android12-5.10:
ANDROID: mm/oom_kill: allow process_mrelease reclaim memory in parallel with exit_mmap
FROMLIST: mm/oom_kill: allow process_mrelease to run under mmap_lock protection
FROMLIST: mm: protect free_pgtables with mmap_lock write lock in exit_mmap
UPSTREAM: mm/oom_kill.c: prevent a race between process_mrelease and exit_mmap
UPSTREAM: mm: wire up syscall process_mrelease
UPSTREAM: mm: introduce process_mrelease system call
Signed-off-by: deyaoren@google.com <deyaoren@google.com>
Change-Id: I5757d752480939e1880f5f2d6553ccc5fb353ee7
uclamp_latency_sensitive() function will use struct
task_struct's member of cgroups, but rcu lock should
be got before use it.
Change-Id: I1988ed7fe836f9f1ba99d59c5d46f26f3418b51e
Signed-off-by: Tengfei Fan <quic_tengfan@quicinc.com>
Due to walt_get_mvp_task_prio() function still may return mvp prio
after mvp task deactivate via walt_cfs_deactivate_mvp_task() function,
so update the condition of judge one task if it is mvp task.
Change-Id: Iae5d6e420213111acd0b0e71095e0a6caffbe0aa
Signed-off-by: Tengfei Fan <quic_tengfan@quicinc.com>
[ Upstream commit 30e29a9a2bc6a4888335a6ede968b75cd329657a ]
In prealloc_elems_and_freelist(), the multiplication to calculate the
size passed to bpf_map_area_alloc() could lead to an integer overflow.
As a result, out-of-bounds write could occur in pcpu_freelist_populate()
as reported by KASAN:
[...]
[ 16.968613] BUG: KASAN: slab-out-of-bounds in pcpu_freelist_populate+0xd9/0x100
[ 16.969408] Write of size 8 at addr ffff888104fc6ea0 by task crash/78
[ 16.970038]
[ 16.970195] CPU: 0 PID: 78 Comm: crash Not tainted 5.15.0-rc2+ #1
[ 16.970878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
[ 16.972026] Call Trace:
[ 16.972306] dump_stack_lvl+0x34/0x44
[ 16.972687] print_address_description.constprop.0+0x21/0x140
[ 16.973297] ? pcpu_freelist_populate+0xd9/0x100
[ 16.973777] ? pcpu_freelist_populate+0xd9/0x100
[ 16.974257] kasan_report.cold+0x7f/0x11b
[ 16.974681] ? pcpu_freelist_populate+0xd9/0x100
[ 16.975190] pcpu_freelist_populate+0xd9/0x100
[ 16.975669] stack_map_alloc+0x209/0x2a0
[ 16.976106] __sys_bpf+0xd83/0x2ce0
[...]
The possibility of this overflow was originally discussed in [0], but
was overlooked.
Fix the integer overflow by changing elem_size to u64 from u32.
[0] https://lore.kernel.org/bpf/728b238e-a481-eb50-98e9-b0f430ab01e7@gmail.com/
Bug: 202511260
Fixes: 557c0c6e7d ("bpf: convert stackmap to pre-allocation")
Signed-off-by: Tatsuhiko Yasumatsu <th.yasumatsu@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20210930135545.173698-1-th.yasumatsu@gmail.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Aaron Ding <aaronding@google.com>
Change-Id: I45de17135336ce329b539d3e9e95fdcddafb2b00
* refs/heads/tmp-698fa19:
ANDROID: vendor_hooks: Add hooks for futex
ANDROID: dma-contiguous: Add tracehook to allow subpage allocations in dma_alloc_contiguous
ANDROID: Update the ABI xml and symbol list
UPSTREAM: ALSA: memalloc: Align buffer allocations in page size
ANDROID: Fix mmu_notifier_trylock definition for !CONFIG_MMU_NOTIFIER config
FROMGIT: USB: gadget: bRequestType is a bitfield, not a enum
ANDROID: qcom: Add flush_delayed_fput to ABI
ANDROID: fix ABI breakage caused by mm_struct->mmu_notifier_lock addition
ANDROID: fix ABI breakage caused by percpu_rw_semaphore changes
ANDROID: fix mmu_notifier race caused by not taking mmap_lock during SPF
ANDROID: percpu-rwsem: enable percpu_sem destruction in atomic context
FROMLIST: virtio_mmio: pm: Add notification handlers for restore and freeze
FROMLIST: virtio: do not reset stateful devices on resume
FROMGIT: f2fs: avoid EINVAL by SBI_NEED_FSCK when pinning a file
UPSTREAM: mm, slub: fix incorrect memcg slab count for bulk free
UPSTREAM: mm, slub: fix potential use-after-free in slab_debugfs_fops
UPSTREAM: mm, slub: fix potential memoryleak in kmem_cache_open()
UPSTREAM: mm, slub: fix mismatch between reconstructed freelist depth and cnt
UPSTREAM: mm, slub: fix two bugs in slab_debug_trace_open()
UPSTREAM: mm, slub: allocate private object map for debugfs listings
FROMGIT: dma-buf: remove restriction of IOCTL:DMA_BUF_SET_NAME
UPSTREAM: usb: dwc3: core: balance phy init and exit
UPSTREAM: xhci: Fix failure to give back some cached cancelled URBs.
ANDROID: mm/memory_hotplug: Don't special case memory_block_size_bytes
UPSTREAM: usb: gadget: uvc: fix multiple opens
UPSTREAM: aio: fix use-after-free due to missing POLLFREE handling
UPSTREAM: aio: keep poll requests on waitqueue until completed
UPSTREAM: signalfd: use wake_up_pollfree()
UPSTREAM: binder: use wake_up_pollfree()
UPSTREAM: wait: add wake_up_pollfree()
UPSTREAM: USB: gadget: zero allocate endpoint 0 buffers
BACKPORT: scsi: ufs: Improve SCSI abort handling further
FROMGIT: scsi: ufs: Introduce ufshcd_release_scsi_cmd()
FROMGIT: scsi: ufs: Remove the 'update_scaling' local variable
UPSTREAM: scsi: ufs: core: Fix another task management completion race
BACKPORT: scsi: ufs: core: Fix task management completion timeout race
ANDROID: qcom: Add android_rvh_do_ptrauth_fault to ABI
UPSTREAM: USB: gadget: detect too-big endpoint 0 requests
ANDROID: ABI: Add symbols used by frame buffer driver
UPSTREAM: xhci: Add bus number to some debug messages
UPSTREAM: xhci: Add additional dynamic debug to follow URBs in cancel and error cases.
UPSTREAM: Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set"
UPSTREAM: xhci: Fix failure to give back some cached cancelled URBs.
UPSTREAM: HID: check for valid USB device for many HID drivers
UPSTREAM: HID: wacom: fix problems when device is not a valid USB device
UPSTREAM: HID: bigbenff: prevent null pointer dereference
UPSTREAM: HID: add USB_HID dependancy on some USB HID drivers
UPSTREAM: HID: add USB_HID dependancy to hid-chicony
UPSTREAM: HID: add USB_HID dependancy to hid-prodikeys
UPSTREAM: HID: add hid_is_usb() function to make it simpler for USB detection
FROMGIT: clk: Don't parent clks until the parent is fully registered
UPSTREAM: mm/gup: remove the vma allocation from gup_longterm_locked()
BACKPORT: usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
ANDROID: ABI: Add iio_write_channel_raw symbol
ANDROID: GKI: Update symbols to symbol list
Change-Id: Ifed5ad941e4e34594c49336c1a6556c8cb665cba
Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com>
We want to use this hook to record the sleeping time due to Futex
Bug: 210947226
Signed-off-by: Liujie Xie <xieliujie@oppo.com>
Change-Id: I637f889dce42937116d10979e0c40fddf96cd1a2
Add a tracehook to allow callers into dma_alloc_contiguous() to make
use of the built-in CMA area if the caller has addressing limitations;
this provides a means of allocating from memory whose bounds are
restricted to the lower 4 GB of memory, without having to enable DMA32
(assuming the default CMA area has been restricted to the appropriate
address ranges).
Leaf changes summary: 1 artifact changed
Changed leaf types summary: 0 leaf type changed
Removed/Changed/Added functions summary: 0 Removed, 0 Changed, 0 Added function
Removed/Changed/Added variables summary: 0 Removed, 0 Changed, 1 Added variable
1 Added variable:
[A] 'tracepoint __tracepoint_android_vh_subpage_dma_contig_alloc'
Bug: 199917449
Change-Id: Ia86fb416376bca231405b06ab27b0674c8fe3e14
Signed-off-by: Chris Goldsworthy <quic_cgoldswo@quicinc.com>
* keystone/mirror-android12-5.10:
FROMGIT: USB: gadget: bRequestType is a bitfield, not a enum
ANDROID: qcom: Add flush_delayed_fput to ABI
ANDROID: fix ABI breakage caused by mm_struct->mmu_notifier_lock addition
ANDROID: fix ABI breakage caused by percpu_rw_semaphore changes
ANDROID: fix mmu_notifier race caused by not taking mmap_lock during SPF
ANDROID: percpu-rwsem: enable percpu_sem destruction in atomic context
FROMLIST: virtio_mmio: pm: Add notification handlers for restore and freeze
FROMLIST: virtio: do not reset stateful devices on resume
FROMGIT: f2fs: avoid EINVAL by SBI_NEED_FSCK when pinning a file
Signed-off-by: deyaoren@google.com <deyaoren@google.com>
Change-Id: I19107ef2650f3c2cb0622c251d131cff75450e9a
percpu_rw_semaphore changes to allow calling percpu_free_rwsem in atomic
context cause ABI breakage. Introduce percpu_free_rwsem_atomic wrapper
and change percpu_rwsem_destroy to use it in order to keep
percpu_rw_semaphore struct intact and fix ABI breakage.
Bug: 161210518
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I198a6381fb48059f2aaa2ec38b8c1e5e5e936bb0
When pagefaults are handled speculatively,the pair of
mmu_notifier_invalidate_range_start/mmu_notifier_invalidate_range_end
calls happen without mmap_lock being taken. This enables the following
race:
mmu_notifier_invalidate_range_start
mmap_write_lock
mmu_notifier_register
mmap_write_unlock
mmu_notifier_invalidate_range_end
In this case mmu_notifier_invalidate_range_end will see a new
subscriber not seen at the time of mmu_notifier_invalidate_range_start
and will call ops->invalidate_range_end for that subscriber without
the matching ops->invalidate_range_start, creating imbalance.
Fix this by introducing a new mm->mmu_notifier_lock percpu_rw_semaphore
to synchronize mmu_notifier_invalidate_range_start/
mmu_notifier_invalidate_range_end with mmu_notifier_register when
handling pagefaults speculatively without holding mmap_lock.
percpu_rw_semaphore is used instead of rw_semaphore to prevent cache
line bouncing in the pagefault path.
Fixes: 86ee4a531e ("FROMLIST: x86/mm: add speculative pagefault handling")
Bug: 161210518
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I9c363b2348efcad19818f93b010abf956870ab55
commit 42288cb44c4b5fff7653bc392b583a2b8bd6a8c0 upstream.
Several ->poll() implementations are special in that they use a
waitqueue whose lifetime is the current task, rather than the struct
file as is normally the case. This is okay for blocking polls, since a
blocking poll occurs within one task; however, non-blocking polls
require another solution. This solution is for the queue to be cleared
before it is freed, using 'wake_up_poll(wq, EPOLLHUP | POLLFREE);'.
However, that has a bug: wake_up_poll() calls __wake_up() with
nr_exclusive=1. Therefore, if there are multiple "exclusive" waiters,
and the wakeup function for the first one returns a positive value, only
that one will be called. That's *not* what's needed for POLLFREE;
POLLFREE is special in that it really needs to wake up everyone.
Considering the three non-blocking poll systems:
- io_uring poll doesn't handle POLLFREE at all, so it is broken anyway.
- aio poll is unaffected, since it doesn't support exclusive waits.
However, that's fragile, as someone could add this feature later.
- epoll doesn't appear to be broken by this, since its wakeup function
returns 0 when it sees POLLFREE. But this is fragile.
Although there is a workaround (see epoll), it's better to define a
function which always sends POLLFREE to all waiters. Add such a
function. Also make it verify that the queue really becomes empty after
all waiters have been woken up.
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20211209010455.42744-2-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Bug: 185125206
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I4f69da5bbbad53975024d027fa1bbe22522c6efe
* refs/heads/tmp-40160d2:
UPSTREAM: ASoC: dapm: use component prefix when checking widget names
ANDROID: ABI: Add symbols used by clocksource driver
ANDROID: GKI: Export clocksource_mmio_init
ANDROID: GKI: Export sched_clock_register
FROMGIT: f2fs: show number of pending discard commands
ANDROID: workqueue: export symbol of the function wq_worker_comm()
ANDROID: GKI: Update symbols to symbol list
ANDROID: vendor_hooks: Add hooks for binder proc transaction
Change-Id: Iefc600dfe7e110fa001e7c6c9f88e15008382b2d
Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com>
As a side effect of commit f64fafbec5 ("sched/walt: Fix caching freq
earlier than down rate limit check"), the check to skip frequency update
if the same frequency as the previous frequency is being applied,
got removed.
Restore this check at the appropriate place.
Change-Id: I7aee7f84f0a64747b01ac31c2fdcbb4440908deb
Signed-off-by: Sai Harshini Nimmala <quic_snimmala@quicinc.com>
This change is for general scheduler improvement.
Change-Id: I6235ca8fce3d0c2ab3bcab1ecee0d97c6d0a9942
Signed-off-by: Abhijeet Dharmapurikar <adharmap@codeaurora.org>
Signed-off-by: Shaleen Agrawal <shalagra@codeaurora.org>
This change is for general scheduler improvement.
Change-Id: I997827d143a370e49e43ecba8494ee8e69652b57
Signed-off-by: Abhijeet Dharmapurikar <adharmap@codeaurora.org>
Signed-off-by: Shaleen Agrawal <shalagra@codeaurora.org>
* keystone/mirror-android12-5.10:
ANDROID: ABI: Add symbols used by clocksource driver
ANDROID: GKI: Export clocksource_mmio_init
ANDROID: GKI: Export sched_clock_register
FROMGIT: f2fs: show number of pending discard commands
ANDROID: workqueue: export symbol of the function wq_worker_comm()
Signed-off-by: deyaoren@google.com <deyaoren@google.com>
Change-Id: I3dbd0461e35bf842cc714a4c997e4996383ed3a8
clocksource driver may use sched_clock_register
to resigter itself as a sched_clock source.
Export it to support building such driver
as module, like timer-imx-tpm.c
Bug: 194108974
Signed-off-by: Jindong Yue <jindong.yue@nxp.com>
Change-Id: Id23f3da624a1e70fc1a44daf6f827c03dc1d053d
To determine why a particular long preemption or long irqs off
period has happened, without crashing the device, the tracepoints
need improvement. The callers should be included.
Change-Id: If147969717517563e56cd20d3c036f51835a5c73
Signed-off-by: Stephen Dickey <quic_dickey@quicinc.com>
Export symbol of the function wq_worker_comm() in kernel/workqueue.c for dlkm to get the description of the kworker process.
Bug: 208394207
Signed-off-by: zhengding chen <chenzhengding@oppo.com>
Change-Id: I2e7ddd52a15e22e99e6596f16be08243af1bb473
* refs/heads/tmp-ca0e930:
ANDROID: GKI: Add symbols abi for USB IP kernel modules.
ANDROID: GKI: Fix file mode on mtk abi file
UPSTREAM: erofs: fix deadlock when shrink erofs slab
ANDROID: init_task: Init android vendor and oem data
Change-Id: I7a5fc8cf9ab70e60cd693a12a1e19cf8fa6ba535
Signed-off-by: Sivasri Kumar, Vanka <quic_svanka@quicinc.com>
* keystone/mirror-android12-5.10:
ANDROID: GKI: Fix file mode on mtk abi file
UPSTREAM: erofs: fix deadlock when shrink erofs slab
ANDROID: init_task: Init android vendor and oem data
Signed-off-by: Daniel Norman <danielnorman@google.com>
Change-Id: I6dd077bbaccc784efb63caa8ec4cf005ea696b77
Without initialization, it will be random data and hard for
vendor hook to decide.
Bug: 207739506
Change-Id: I278772d87eea38c03a40d4f0bef20ac8644e2ecd
Signed-off-by: Maria Yu <quic_aiquny@quicinc.com>
Nothing protects the access to the per_cpu variable sd_llc_id. When testing
the same CPU (i.e. this_cpu == that_cpu), a race condition exists with
update_top_cache_domain(). One scenario being:
CPU1 CPU2
==================================================================
per_cpu(sd_llc_id, CPUX) => 0
partition_sched_domains_locked()
detach_destroy_domains()
cpus_share_cache(CPUX, CPUX) update_top_cache_domain(CPUX)
per_cpu(sd_llc_id, CPUX) => 0
per_cpu(sd_llc_id, CPUX) = CPUX
per_cpu(sd_llc_id, CPUX) => CPUX
return false
ttwu_queue_cond() wouldn't catch smp_processor_id() == cpu and the result
is a warning triggered from ttwu_queue_wakelist().
Avoid a such race in cpus_share_cache() by always returning true when
this_cpu == that_cpu.
Fixes: 518cd62341 ("sched: Only queue remote wakeups when crossing cache boundaries")
Reported-by: Jing-Ting Wu <jing-ting.wu@mediatek.com>
Signed-off-by: Vincent Donnefort <vincent.donnefort@arm.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Reviewed-by: Valentin Schneider <valentin.schneider@arm.com>
Reviewed-by: Vincent Guittot <vincent.guittot@linaro.org>
Link: https://lore.kernel.org/r/20211104175120.857087-1-vincent.donnefort@arm.com
Bug: 204726704
Change-Id: Ib6e59187b6d7d7dcabae84e3541d5fbe0dfc400a
(cherry picked from commit 42dc938a590c96eeb429e1830123fef2366d9c80)
Signed-off-by: Jing-Ting Wu <Jing-Ting.Wu@mediatek.com>
When a task yields, it relinquishes the cpu and scheduler
is tasked to find another task.
However he MVP implementation could return the same task
leading to a loop where the yielded task gets to run back.
To fix this, drop the MVP status of tasks that yield
themselves. The MVP status is restored the next time they
actually get enqueued - -likely because of a wakeup from
sleep or task migration.
Change-Id: Ia2a2074f18c4de56e0695ee2c5f1daf8a4eb5980
Signed-off-by: Tengfei Fan <tengfeif@codeaurora.org>
