tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Three trivial overlapping conflicts.
Signed-off-by: David S. Miller <davem@davemloft.net>
+1378
-730
+9
-5
Documentation/driver-api/usb/power-management.rst
+9
-5
Documentation/driver-api/usb/power-management.rst
···
370
370
then the interface is considered to be idle, and the kernel may
371
371
autosuspend the device.
372
372
373
-
Drivers need not be concerned about balancing changes to the usage
374
-
counter; the USB core will undo any remaining "get"s when a driver
375
-
is unbound from its interface. As a corollary, drivers must not call
376
-
any of the ``usb_autopm_*`` functions after their ``disconnect``
377
-
routine has returned.
373
+
Drivers must be careful to balance their overall changes to the usage
374
+
counter. Unbalanced "get"s will remain in effect when a driver is
375
+
unbound from its interface, preventing the device from going into
376
+
runtime suspend should the interface be bound to a driver again. On
377
+
the other hand, drivers are allowed to achieve this balance by calling
378
+
the ``usb_autopm_*`` functions even after their ``disconnect`` routine
379
+
has returned -- say from within a work-queue routine -- provided they
380
+
retain an active reference to the interface (via ``usb_get_intf`` and
381
+
``usb_put_intf``).
378
382
379
383
Drivers using the async routines are responsible for their own
380
384
synchronization and mutual exclusion.
+2
Documentation/networking/ip-sysctl.txt
+2
Documentation/networking/ip-sysctl.txt
···
1342
1342
Default value is 0.
1343
1343
1344
1344
xfrm4_gc_thresh - INTEGER
1345
+
(Obsolete since linux-4.14)
1345
1346
The threshold at which we will start garbage collecting for IPv4
1346
1347
destination cache entries. At twice this value the system will
1347
1348
refuse new allocations.
···
1951
1950
Default: 0
1952
1951
1953
1952
xfrm6_gc_thresh - INTEGER
1953
+
(Obsolete since linux-4.14)
1954
1954
The threshold at which we will start garbage collecting for IPv6
1955
1955
destination cache entries. At twice this value the system will
1956
1956
refuse new allocations.
+1
-1
Documentation/networking/netdev-FAQ.rst
+1
-1
Documentation/networking/netdev-FAQ.rst
···
132
132
will reply and ask what should be done.
133
133
134
134
Q: I made changes to only a few patches in a patch series should I resend only those changed?
135
-
--------------------------------------------------------------------------------------------
135
+
---------------------------------------------------------------------------------------------
136
136
A: No, please resend the entire patch series and make sure you do number your
137
137
patches such that it is clear this is the latest and greatest set of patches
138
138
that can be applied.
+8
-8
Documentation/sysctl/vm.txt
+8
-8
Documentation/sysctl/vm.txt
···
866
866
increase the success rate of future high-order allocations such as SLUB
867
867
allocations, THP and hugetlbfs pages.
868
868
869
-
To make it sensible with respect to the watermark_scale_factor parameter,
870
-
the unit is in fractions of 10,000. The default value of 15,000 means
871
-
that up to 150% of the high watermark will be reclaimed in the event of
872
-
a pageblock being mixed due to fragmentation. The level of reclaim is
873
-
determined by the number of fragmentation events that occurred in the
874
-
recent past. If this value is smaller than a pageblock then a pageblocks
875
-
worth of pages will be reclaimed (e.g. 2MB on 64-bit x86). A boost factor
876
-
of 0 will disable the feature.
869
+
To make it sensible with respect to the watermark_scale_factor
870
+
parameter, the unit is in fractions of 10,000. The default value of
871
+
15,000 on !DISCONTIGMEM configurations means that up to 150% of the high
872
+
watermark will be reclaimed in the event of a pageblock being mixed due
873
+
to fragmentation. The level of reclaim is determined by the number of
874
+
fragmentation events that occurred in the recent past. If this value is
875
+
smaller than a pageblock then a pageblocks worth of pages will be reclaimed
876
+
(e.g. 2MB on 64-bit x86). A boost factor of 0 will disable the feature.
877
877
878
878
=============================================================
879
879
+2
-2
Makefile
+2
-2
Makefile
···
2
2
VERSION = 5
3
3
PATCHLEVEL = 1
4
4
SUBLEVEL = 0
5
-
EXTRAVERSION = -rc6
5
+
EXTRAVERSION = -rc7
6
6
NAME = Shy Crocodile
7
7
8
8
# *DOCUMENTATION*
···
679
679
KBUILD_CFLAGS += $(call cc-disable-warning, format-truncation)
680
680
KBUILD_CFLAGS += $(call cc-disable-warning, format-overflow)
681
681
KBUILD_CFLAGS += $(call cc-disable-warning, int-in-bool-context)
682
+
KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member)
682
683
683
684
ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE
684
685
KBUILD_CFLAGS += -Os
···
721
720
KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,)
722
721
KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier)
723
722
KBUILD_CFLAGS += $(call cc-disable-warning, gnu)
724
-
KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member)
725
723
# Quiet clang warning: comparison of unsigned expression < 0 is always false
726
724
KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare)
727
725
# CLANG uses a _MergedGlobals as optimization, but this breaks modpost, as the
+7
-6
arch/arc/boot/dts/hsdk.dts
+7
-6
arch/arc/boot/dts/hsdk.dts
···
18
18
model = "snps,hsdk";
19
19
compatible = "snps,hsdk";
20
20
21
-
#address-cells = <1>;
22
-
#size-cells = <1>;
21
+
#address-cells = <2>;
22
+
#size-cells = <2>;
23
23
24
24
chosen {
25
25
bootargs = "earlycon=uart8250,mmio32,0xf0005000,115200n8 console=ttyS0,115200n8 debug print-fatal-signals=1";
···
105
105
#size-cells = <1>;
106
106
interrupt-parent = <&idu_intc>;
107
107
108
-
ranges = <0x00000000 0xf0000000 0x10000000>;
108
+
ranges = <0x00000000 0x0 0xf0000000 0x10000000>;
109
109
110
110
cgu_rst: reset-controller@8a0 {
111
111
compatible = "snps,hsdk-reset";
···
269
269
};
270
270
271
271
memory@80000000 {
272
-
#address-cells = <1>;
273
-
#size-cells = <1>;
272
+
#address-cells = <2>;
273
+
#size-cells = <2>;
274
274
device_type = "memory";
275
-
reg = <0x80000000 0x40000000>; /* 1 GiB */
275
+
reg = <0x0 0x80000000 0x0 0x40000000>; /* 1 GB lowmem */
276
+
/* 0x1 0x00000000 0x0 0x40000000>; 1 GB highmem */
276
277
};
277
278
};
+2
-2
arch/arc/lib/memset-archs.S
+2
-2
arch/arc/lib/memset-archs.S
+16
-15
arch/arc/mm/cache.c
+16
-15
arch/arc/mm/cache.c
···
113
113
}
114
114
115
115
READ_BCR(ARC_REG_CLUSTER_BCR, cbcr);
116
-
if (cbcr.c)
116
+
if (cbcr.c) {
117
117
ioc_exists = 1;
118
-
else
118
+
119
+
/*
120
+
* As for today we don't support both IOC and ZONE_HIGHMEM enabled
121
+
* simultaneously. This happens because as of today IOC aperture covers
122
+
* only ZONE_NORMAL (low mem) and any dma transactions outside this
123
+
* region won't be HW coherent.
124
+
* If we want to use both IOC and ZONE_HIGHMEM we can use
125
+
* bounce_buffer to handle dma transactions to HIGHMEM.
126
+
* Also it is possible to modify dma_direct cache ops or increase IOC
127
+
* aperture size if we are planning to use HIGHMEM without PAE.
128
+
*/
129
+
if (IS_ENABLED(CONFIG_HIGHMEM) || is_pae40_enabled())
130
+
ioc_enable = 0;
131
+
} else {
119
132
ioc_enable = 0;
133
+
}
120
134
121
135
/* HS 2.0 didn't have AUX_VOL */
122
136
if (cpuinfo_arc700[cpu].core.family > 0x51) {
···
1171
1157
1172
1158
if (!ioc_enable)
1173
1159
return;
1174
-
1175
-
/*
1176
-
* As for today we don't support both IOC and ZONE_HIGHMEM enabled
1177
-
* simultaneously. This happens because as of today IOC aperture covers
1178
-
* only ZONE_NORMAL (low mem) and any dma transactions outside this
1179
-
* region won't be HW coherent.
1180
-
* If we want to use both IOC and ZONE_HIGHMEM we can use
1181
-
* bounce_buffer to handle dma transactions to HIGHMEM.
1182
-
* Also it is possible to modify dma_direct cache ops or increase IOC
1183
-
* aperture size if we are planning to use HIGHMEM without PAE.
1184
-
*/
1185
-
if (IS_ENABLED(CONFIG_HIGHMEM))
1186
-
panic("IOC and HIGHMEM can't be used simultaneously");
1187
1160
1188
1161
/* Flush + invalidate + disable L1 dcache */
1189
1162
__dc_disable();
+1
-1
arch/arm/Kconfig
+1
-1
arch/arm/Kconfig
···
73
73
select HAVE_EFFICIENT_UNALIGNED_ACCESS if (CPU_V6 || CPU_V6K || CPU_V7) && MMU
74
74
select HAVE_EXIT_THREAD
75
75
select HAVE_FTRACE_MCOUNT_RECORD if !XIP_KERNEL
76
-
select HAVE_FUNCTION_GRAPH_TRACER if !THUMB2_KERNEL
76
+
select HAVE_FUNCTION_GRAPH_TRACER if !THUMB2_KERNEL && !CC_IS_CLANG
77
77
select HAVE_FUNCTION_TRACER if !XIP_KERNEL
78
78
select HAVE_GCC_PLUGINS
79
79
select HAVE_HW_BREAKPOINT if PERF_EVENTS && (CPU_V6 || CPU_V6K || CPU_V7)
+3
-3
arch/arm/Kconfig.debug
+3
-3
arch/arm/Kconfig.debug
···
47
47
48
48
choice
49
49
prompt "Choose kernel unwinder"
50
-
default UNWINDER_ARM if AEABI && !FUNCTION_GRAPH_TRACER
51
-
default UNWINDER_FRAME_POINTER if !AEABI || FUNCTION_GRAPH_TRACER
50
+
default UNWINDER_ARM if AEABI
51
+
default UNWINDER_FRAME_POINTER if !AEABI
52
52
help
53
53
This determines which method will be used for unwinding kernel stack
54
54
traces for panics, oopses, bugs, warnings, perf, /proc/<pid>/stack,
···
65
65
66
66
config UNWINDER_ARM
67
67
bool "ARM EABI stack unwinder"
68
-
depends on AEABI
68
+
depends on AEABI && !FUNCTION_GRAPH_TRACER
69
69
select ARM_UNWIND
70
70
help
71
71
This option enables stack unwinding support in the kernel
+15
-1
arch/arm/boot/compressed/head.S
+15
-1
arch/arm/boot/compressed/head.S
···
1438
1438
1439
1439
@ Preserve return value of efi_entry() in r4
1440
1440
mov r4, r0
1441
-
bl cache_clean_flush
1441
+
1442
+
@ our cache maintenance code relies on CP15 barrier instructions
1443
+
@ but since we arrived here with the MMU and caches configured
1444
+
@ by UEFI, we must check that the CP15BEN bit is set in SCTLR.
1445
+
@ Note that this bit is RAO/WI on v6 and earlier, so the ISB in
1446
+
@ the enable path will be executed on v7+ only.
1447
+
mrc p15, 0, r1, c1, c0, 0 @ read SCTLR
1448
+
tst r1, #(1 << 5) @ CP15BEN bit set?
1449
+
bne 0f
1450
+
orr r1, r1, #(1 << 5) @ CP15 barrier instructions
1451
+
mcr p15, 0, r1, c1, c0, 0 @ write SCTLR
1452
+
ARM( .inst 0xf57ff06f @ v7+ isb )
1453
+
THUMB( isb )
1454
+
1455
+
0: bl cache_clean_flush
1442
1456
bl cache_off
1443
1457
1444
1458
@ Set parameters for booting zImage according to boot protocol
+1
-1
arch/arm/kernel/head-nommu.S
+1
-1
arch/arm/kernel/head-nommu.S
···
133
133
*/
134
134
.text
135
135
__after_proc_init:
136
-
#ifdef CONFIG_ARM_MPU
137
136
M_CLASS(movw r12, #:lower16:BASEADDR_V7M_SCB)
138
137
M_CLASS(movt r12, #:upper16:BASEADDR_V7M_SCB)
138
+
#ifdef CONFIG_ARM_MPU
139
139
M_CLASS(ldr r3, [r12, 0x50])
140
140
AR_CLASS(mrc p15, 0, r3, c0, c1, 4) @ Read ID_MMFR0
141
141
and r3, r3, #(MMFR0_PMSA) @ PMSA field
+7
-2
arch/arm64/kernel/ftrace.c
+7
-2
arch/arm64/kernel/ftrace.c
···
103
103
* to be revisited if support for multiple ftrace entry points
104
104
* is added in the future, but for now, the pr_err() below
105
105
* deals with a theoretical issue only.
106
+
*
107
+
* Note that PLTs are place relative, and plt_entries_equal()
108
+
* checks whether they point to the same target. Here, we need
109
+
* to check if the actual opcodes are in fact identical,
110
+
* regardless of the offset in memory so use memcmp() instead.
106
111
*/
107
112
trampoline = get_plt_entry(addr, mod->arch.ftrace_trampoline);
108
-
if (!plt_entries_equal(mod->arch.ftrace_trampoline,
109
-
&trampoline)) {
113
+
if (memcmp(mod->arch.ftrace_trampoline, &trampoline,
114
+
sizeof(trampoline))) {
110
115
if (plt_entry_is_initialized(mod->arch.ftrace_trampoline)) {
111
116
pr_err("ftrace: far branches to multiple entry points unsupported inside a single module\n");
112
117
return -EINVAL;
+1
-1
arch/arm64/mm/init.c
+1
-1
arch/arm64/mm/init.c
···
363
363
* Otherwise, this is a no-op
364
364
*/
365
365
u64 base = phys_initrd_start & PAGE_MASK;
366
-
u64 size = PAGE_ALIGN(phys_initrd_size);
366
+
u64 size = PAGE_ALIGN(phys_initrd_start + phys_initrd_size) - base;
367
367
368
368
/*
369
369
* We can only add back the initrd memory if we don't end up
+3
-2
arch/mips/net/ebpf_jit.c
+3
-2
arch/mips/net/ebpf_jit.c
···
186
186
* separate frame pointer, so BPF_REG_10 relative accesses are
187
187
* adjusted to be $sp relative.
188
188
*/
189
-
int ebpf_to_mips_reg(struct jit_ctx *ctx, const struct bpf_insn *insn,
190
-
enum which_ebpf_reg w)
189
+
static int ebpf_to_mips_reg(struct jit_ctx *ctx,
190
+
const struct bpf_insn *insn,
191
+
enum which_ebpf_reg w)
191
192
{
192
193
int ebpf_reg = (w == src_reg || w == src_reg_no_fp) ?
193
194
insn->src_reg : insn->dst_reg;
+1
arch/powerpc/configs/skiroot_defconfig
+1
arch/powerpc/configs/skiroot_defconfig
+59
-40
arch/powerpc/mm/mmu_context_iommu.c
+59
-40
arch/powerpc/mm/mmu_context_iommu.c
···
95
95
unsigned long entries, unsigned long dev_hpa,
96
96
struct mm_iommu_table_group_mem_t **pmem)
97
97
{
98
-
struct mm_iommu_table_group_mem_t *mem;
99
-
long i, ret, locked_entries = 0;
98
+
struct mm_iommu_table_group_mem_t *mem, *mem2;
99
+
long i, ret, locked_entries = 0, pinned = 0;
100
100
unsigned int pageshift;
101
-
102
-
mutex_lock(&mem_list_mutex);
103
-
104
-
list_for_each_entry_rcu(mem, &mm->context.iommu_group_mem_list,
105
-
next) {
106
-
/* Overlap? */
107
-
if ((mem->ua < (ua + (entries << PAGE_SHIFT))) &&
108
-
(ua < (mem->ua +
109
-
(mem->entries << PAGE_SHIFT)))) {
110
-
ret = -EINVAL;
111
-
goto unlock_exit;
112
-
}
113
-
114
-
}
101
+
unsigned long entry, chunk;
115
102
116
103
if (dev_hpa == MM_IOMMU_TABLE_INVALID_HPA) {
117
104
ret = mm_iommu_adjust_locked_vm(mm, entries, true);
118
105
if (ret)
119
-
goto unlock_exit;
106
+
return ret;
120
107
121
108
locked_entries = entries;
122
109
}
···
135
148
}
136
149
137
150
down_read(&mm->mmap_sem);
138
-
ret = get_user_pages_longterm(ua, entries, FOLL_WRITE, mem->hpages, NULL);
139
-
up_read(&mm->mmap_sem);
140
-
if (ret != entries) {
141
-
/* free the reference taken */
142
-
for (i = 0; i < ret; i++)
143
-
put_page(mem->hpages[i]);
151
+
chunk = (1UL << (PAGE_SHIFT + MAX_ORDER - 1)) /
152
+
sizeof(struct vm_area_struct *);
153
+
chunk = min(chunk, entries);
154
+
for (entry = 0; entry < entries; entry += chunk) {
155
+
unsigned long n = min(entries - entry, chunk);
144
156
145
-
vfree(mem->hpas);
146
-
kfree(mem);
147
-
ret = -EFAULT;
148
-
goto unlock_exit;
157
+
ret = get_user_pages_longterm(ua + (entry << PAGE_SHIFT), n,
158
+
FOLL_WRITE, mem->hpages + entry, NULL);
159
+
if (ret == n) {
160
+
pinned += n;
161
+
continue;
162
+
}
163
+
if (ret > 0)
164
+
pinned += ret;
165
+
break;
166
+
}
167
+
up_read(&mm->mmap_sem);
168
+
if (pinned != entries) {
169
+
if (!ret)
170
+
ret = -EFAULT;
171
+
goto free_exit;
149
172
}
150
173
151
174
pageshift = PAGE_SHIFT;
···
180
183
}
181
184
182
185
good_exit:
183
-
ret = 0;
184
186
atomic64_set(&mem->mapped, 1);
185
187
mem->used = 1;
186
188
mem->ua = ua;
187
189
mem->entries = entries;
188
-
*pmem = mem;
190
+
191
+
mutex_lock(&mem_list_mutex);
192
+
193
+
list_for_each_entry_rcu(mem2, &mm->context.iommu_group_mem_list, next) {
194
+
/* Overlap? */
195
+
if ((mem2->ua < (ua + (entries << PAGE_SHIFT))) &&
196
+
(ua < (mem2->ua +
197
+
(mem2->entries << PAGE_SHIFT)))) {
198
+
ret = -EINVAL;
199
+
mutex_unlock(&mem_list_mutex);
200
+
goto free_exit;
201
+
}
202
+
}
189
203
190
204
list_add_rcu(&mem->next, &mm->context.iommu_group_mem_list);
191
205
192
-
unlock_exit:
193
-
if (locked_entries && ret)
194
-
mm_iommu_adjust_locked_vm(mm, locked_entries, false);
195
-
196
206
mutex_unlock(&mem_list_mutex);
207
+
208
+
*pmem = mem;
209
+
210
+
return 0;
211
+
212
+
free_exit:
213
+
/* free the reference taken */
214
+
for (i = 0; i < pinned; i++)
215
+
put_page(mem->hpages[i]);
216
+
217
+
vfree(mem->hpas);
218
+
kfree(mem);
219
+
220
+
unlock_exit:
221
+
mm_iommu_adjust_locked_vm(mm, locked_entries, false);
197
222
198
223
return ret;
199
224
}
···
285
266
long mm_iommu_put(struct mm_struct *mm, struct mm_iommu_table_group_mem_t *mem)
286
267
{
287
268
long ret = 0;
288
-
unsigned long entries, dev_hpa;
269
+
unsigned long unlock_entries = 0;
289
270
290
271
mutex_lock(&mem_list_mutex);
291
272
···
306
287
goto unlock_exit;
307
288
}
308
289
309
-
/* @mapped became 0 so now mappings are disabled, release the region */
310
-
entries = mem->entries;
311
-
dev_hpa = mem->dev_hpa;
312
-
mm_iommu_release(mem);
290
+
if (mem->dev_hpa == MM_IOMMU_TABLE_INVALID_HPA)
291
+
unlock_entries = mem->entries;
313
292
314
-
if (dev_hpa == MM_IOMMU_TABLE_INVALID_HPA)
315
-
mm_iommu_adjust_locked_vm(mm, entries, false);
293
+
/* @mapped became 0 so now mappings are disabled, release the region */
294
+
mm_iommu_release(mem);
316
295
317
296
unlock_exit:
318
297
mutex_unlock(&mem_list_mutex);
298
+
299
+
mm_iommu_adjust_locked_vm(mm, unlock_entries, false);
319
300
320
301
return ret;
321
302
}
+1
-1
arch/powerpc/platforms/Kconfig.cputype
+1
-1
arch/powerpc/platforms/Kconfig.cputype
+1
-1
arch/x86/boot/compressed/misc.c
+1
-1
arch/x86/boot/compressed/misc.c
+2
-2
arch/x86/entry/vdso/vclock_gettime.c
+2
-2
arch/x86/entry/vdso/vclock_gettime.c
···
29
29
extern time_t __vdso_time(time_t *t);
30
30
31
31
#ifdef CONFIG_PARAVIRT_CLOCK
32
-
extern u8 pvclock_page
32
+
extern u8 pvclock_page[PAGE_SIZE]
33
33
__attribute__((visibility("hidden")));
34
34
#endif
35
35
36
36
#ifdef CONFIG_HYPERV_TSCPAGE
37
-
extern u8 hvclock_page
37
+
extern u8 hvclock_page[PAGE_SIZE]
38
38
__attribute__((visibility("hidden")));
39
39
#endif
40
40
+5
-5
arch/x86/events/intel/cstate.c
+5
-5
arch/x86/events/intel/cstate.c
···
76
76
* Scope: Package (physical package)
77
77
* MSR_PKG_C8_RESIDENCY: Package C8 Residency Counter.
78
78
* perf code: 0x04
79
-
* Available model: HSW ULT,CNL
79
+
* Available model: HSW ULT,KBL,CNL
80
80
* Scope: Package (physical package)
81
81
* MSR_PKG_C9_RESIDENCY: Package C9 Residency Counter.
82
82
* perf code: 0x05
83
-
* Available model: HSW ULT,CNL
83
+
* Available model: HSW ULT,KBL,CNL
84
84
* Scope: Package (physical package)
85
85
* MSR_PKG_C10_RESIDENCY: Package C10 Residency Counter.
86
86
* perf code: 0x06
87
-
* Available model: HSW ULT,GLM,CNL
87
+
* Available model: HSW ULT,KBL,GLM,CNL
88
88
* Scope: Package (physical package)
89
89
*
90
90
*/
···
566
566
X86_CSTATES_MODEL(INTEL_FAM6_SKYLAKE_DESKTOP, snb_cstates),
567
567
X86_CSTATES_MODEL(INTEL_FAM6_SKYLAKE_X, snb_cstates),
568
568
569
-
X86_CSTATES_MODEL(INTEL_FAM6_KABYLAKE_MOBILE, snb_cstates),
570
-
X86_CSTATES_MODEL(INTEL_FAM6_KABYLAKE_DESKTOP, snb_cstates),
569
+
X86_CSTATES_MODEL(INTEL_FAM6_KABYLAKE_MOBILE, hswult_cstates),
570
+
X86_CSTATES_MODEL(INTEL_FAM6_KABYLAKE_DESKTOP, hswult_cstates),
571
571
572
572
X86_CSTATES_MODEL(INTEL_FAM6_CANNONLAKE_MOBILE, cnl_cstates),
573
573
+1
-1
arch/x86/include/asm/pgtable.h
+1
-1
arch/x86/include/asm/pgtable.h
···
46
46
*/
47
47
extern unsigned long empty_zero_page[PAGE_SIZE / sizeof(unsigned long)]
48
48
__visible;
49
-
#define ZERO_PAGE(vaddr) (virt_to_page(empty_zero_page))
49
+
#define ZERO_PAGE(vaddr) ((void)(vaddr),virt_to_page(empty_zero_page))
50
50
51
51
extern spinlock_t pgd_lock;
52
52
extern struct list_head pgd_list;
+6
arch/x86/mm/init.c
+6
arch/x86/mm/init.c
···
5
5
#include <linux/memblock.h>
6
6
#include <linux/swapfile.h>
7
7
#include <linux/swapops.h>
8
+
#include <linux/kmemleak.h>
8
9
9
10
#include <asm/set_memory.h>
10
11
#include <asm/e820/api.h>
···
767
766
if (debug_pagealloc_enabled()) {
768
767
pr_info("debug: unmapping init [mem %#010lx-%#010lx]\n",
769
768
begin, end - 1);
769
+
/*
770
+
* Inform kmemleak about the hole in the memory since the
771
+
* corresponding pages will be unmapped.
772
+
*/
773
+
kmemleak_free_part((void *)begin, end - begin);
770
774
set_memory_np(begin, (end - begin) >> PAGE_SHIFT);
771
775
} else {
772
776
/*
+5
-1
crypto/lrw.c
+5
-1
crypto/lrw.c
···
212
212
{
213
213
struct skcipher_request *req = areq->data;
214
214
215
-
if (!err)
215
+
if (!err) {
216
+
struct rctx *rctx = skcipher_request_ctx(req);
217
+
218
+
rctx->subreq.base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
216
219
err = xor_tweak_post(req);
220
+
}
217
221
218
222
skcipher_request_complete(req, err);
219
223
}
+5
-1
crypto/xts.c
+5
-1
crypto/xts.c
···
137
137
{
138
138
struct skcipher_request *req = areq->data;
139
139
140
-
if (!err)
140
+
if (!err) {
141
+
struct rctx *rctx = skcipher_request_ctx(req);
142
+
143
+
rctx->subreq.base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
141
144
err = xor_tweak_post(req);
145
+
}
142
146
143
147
skcipher_request_complete(req, err);
144
148
}
+1
-5
drivers/acpi/acpica/evgpe.c
+1
-5
drivers/acpi/acpica/evgpe.c
···
81
81
82
82
ACPI_FUNCTION_TRACE(ev_enable_gpe);
83
83
84
-
/* Clear the GPE status */
85
-
status = acpi_hw_clear_gpe(gpe_event_info);
86
-
if (ACPI_FAILURE(status))
87
-
return_ACPI_STATUS(status);
88
-
89
84
/* Enable the requested GPE */
85
+
90
86
status = acpi_hw_low_set_gpe(gpe_event_info, ACPI_GPE_ENABLE);
91
87
return_ACPI_STATUS(status);
92
88
}
+3
-2
drivers/block/zram/zram_drv.c
+3
-2
drivers/block/zram/zram_drv.c
···
774
774
struct zram *zram;
775
775
unsigned long entry;
776
776
struct bio *bio;
777
+
struct bio_vec bvec;
777
778
};
778
779
779
780
#if PAGE_SIZE != 4096
780
781
static void zram_sync_read(struct work_struct *work)
781
782
{
782
-
struct bio_vec bvec;
783
783
struct zram_work *zw = container_of(work, struct zram_work, work);
784
784
struct zram *zram = zw->zram;
785
785
unsigned long entry = zw->entry;
786
786
struct bio *bio = zw->bio;
787
787
788
-
read_from_bdev_async(zram, &bvec, entry, bio);
788
+
read_from_bdev_async(zram, &zw->bvec, entry, bio);
789
789
}
790
790
791
791
/*
···
798
798
{
799
799
struct zram_work work;
800
800
801
+
work.bvec = *bvec;
801
802
work.zram = zram;
802
803
work.entry = entry;
803
804
work.bio = bio;
+1
-1
drivers/dma/bcm2835-dma.c
+1
-1
drivers/dma/bcm2835-dma.c
+1
-1
drivers/dma/mediatek/mtk-cqdma.c
+1
-1
drivers/dma/mediatek/mtk-cqdma.c
+26
-4
drivers/dma/sh/rcar-dmac.c
+26
-4
drivers/dma/sh/rcar-dmac.c
···
1282
1282
enum dma_status status;
1283
1283
unsigned int residue = 0;
1284
1284
unsigned int dptr = 0;
1285
+
unsigned int chcrb;
1286
+
unsigned int tcrb;
1287
+
unsigned int i;
1285
1288
1286
1289
if (!desc)
1287
1290
return 0;
···
1333
1330
}
1334
1331
1335
1332
/*
1333
+
* We need to read two registers.
1334
+
* Make sure the control register does not skip to next chunk
1335
+
* while reading the counter.
1336
+
* Trying it 3 times should be enough: Initial read, retry, retry
1337
+
* for the paranoid.
1338
+
*/
1339
+
for (i = 0; i < 3; i++) {
1340
+
chcrb = rcar_dmac_chan_read(chan, RCAR_DMACHCRB) &
1341
+
RCAR_DMACHCRB_DPTR_MASK;
1342
+
tcrb = rcar_dmac_chan_read(chan, RCAR_DMATCRB);
1343
+
/* Still the same? */
1344
+
if (chcrb == (rcar_dmac_chan_read(chan, RCAR_DMACHCRB) &
1345
+
RCAR_DMACHCRB_DPTR_MASK))
1346
+
break;
1347
+
}
1348
+
WARN_ONCE(i >= 3, "residue might be not continuous!");
1349
+
1350
+
/*
1336
1351
* In descriptor mode the descriptor running pointer is not maintained
1337
1352
* by the interrupt handler, find the running descriptor from the
1338
1353
* descriptor pointer field in the CHCRB register. In non-descriptor
1339
1354
* mode just use the running descriptor pointer.
1340
1355
*/
1341
1356
if (desc->hwdescs.use) {
1342
-
dptr = (rcar_dmac_chan_read(chan, RCAR_DMACHCRB) &
1343
-
RCAR_DMACHCRB_DPTR_MASK) >> RCAR_DMACHCRB_DPTR_SHIFT;
1357
+
dptr = chcrb >> RCAR_DMACHCRB_DPTR_SHIFT;
1344
1358
if (dptr == 0)
1345
1359
dptr = desc->nchunks;
1346
1360
dptr--;
···
1375
1355
}
1376
1356
1377
1357
/* Add the residue for the current chunk. */
1378
-
residue += rcar_dmac_chan_read(chan, RCAR_DMATCRB) << desc->xfer_shift;
1358
+
residue += tcrb << desc->xfer_shift;
1379
1359
1380
1360
return residue;
1381
1361
}
···
1388
1368
enum dma_status status;
1389
1369
unsigned long flags;
1390
1370
unsigned int residue;
1371
+
bool cyclic;
1391
1372
1392
1373
status = dma_cookie_status(chan, cookie, txstate);
1393
1374
if (status == DMA_COMPLETE || !txstate)
···
1396
1375
1397
1376
spin_lock_irqsave(&rchan->lock, flags);
1398
1377
residue = rcar_dmac_chan_get_residue(rchan, cookie);
1378
+
cyclic = rchan->desc.running ? rchan->desc.running->cyclic : false;
1399
1379
spin_unlock_irqrestore(&rchan->lock, flags);
1400
1380
1401
1381
/* if there's no residue, the cookie is complete */
1402
-
if (!residue)
1382
+
if (!residue && !cyclic)
1403
1383
return DMA_COMPLETE;
1404
1384
1405
1385
dma_set_residue(txstate, residue);
+1
drivers/gpio/gpio-eic-sprd.c
+1
drivers/gpio/gpio-eic-sprd.c
···
414
414
irq_set_handler_locked(data, handle_edge_irq);
415
415
break;
416
416
case IRQ_TYPE_EDGE_BOTH:
417
+
sprd_eic_update(chip, offset, SPRD_EIC_SYNC_INTMODE, 0);
417
418
sprd_eic_update(chip, offset, SPRD_EIC_SYNC_INTBOTH, 1);
418
419
irq_set_handler_locked(data, handle_edge_irq);
419
420
break;
+8
-4
drivers/gpio/gpiolib.c
+8
-4
drivers/gpio/gpiolib.c
···
1379
1379
1380
1380
status = gpiochip_add_irqchip(chip, lock_key, request_key);
1381
1381
if (status)
1382
-
goto err_remove_chip;
1382
+
goto err_free_gpiochip_mask;
1383
1383
1384
1384
status = of_gpiochip_add(chip);
1385
1385
if (status)
···
1387
1387
1388
1388
status = gpiochip_init_valid_mask(chip);
1389
1389
if (status)
1390
-
goto err_remove_chip;
1390
+
goto err_remove_of_chip;
1391
1391
1392
1392
for (i = 0; i < chip->ngpio; i++) {
1393
1393
struct gpio_desc *desc = &gdev->descs[i];
···
1415
1415
if (gpiolib_initialized) {
1416
1416
status = gpiochip_setup_dev(gdev);
1417
1417
if (status)
1418
-
goto err_remove_chip;
1418
+
goto err_remove_acpi_chip;
1419
1419
}
1420
1420
return 0;
1421
1421
1422
-
err_remove_chip:
1422
+
err_remove_acpi_chip:
1423
1423
acpi_gpiochip_remove(chip);
1424
+
err_remove_of_chip:
1424
1425
gpiochip_free_hogs(chip);
1425
1426
of_gpiochip_remove(chip);
1427
+
err_remove_chip:
1428
+
gpiochip_irqchip_remove(chip);
1429
+
err_free_gpiochip_mask:
1426
1430
gpiochip_free_valid_mask(chip);
1427
1431
err_remove_irqchip_mask:
1428
1432
gpiochip_irqchip_free_valid_mask(chip);
+12
-4
drivers/gpu/drm/bridge/synopsys/dw-hdmi.c
+12
-4
drivers/gpu/drm/bridge/synopsys/dw-hdmi.c
···
1046
1046
if (hdmi->version < 0x200a)
1047
1047
return false;
1048
1048
1049
+
/* Disable if no DDC bus */
1050
+
if (!hdmi->ddc)
1051
+
return false;
1052
+
1049
1053
/* Disable if SCDC is not supported, or if an HF-VSDB block is absent */
1050
1054
if (!display->hdmi.scdc.supported ||
1051
1055
!display->hdmi.scdc.scrambling.supported)
···
1688
1684
* Source Devices compliant shall set the
1689
1685
* Source Version = 1.
1690
1686
*/
1691
-
drm_scdc_readb(&hdmi->i2c->adap, SCDC_SINK_VERSION,
1687
+
drm_scdc_readb(hdmi->ddc, SCDC_SINK_VERSION,
1692
1688
&bytes);
1693
-
drm_scdc_writeb(&hdmi->i2c->adap, SCDC_SOURCE_VERSION,
1689
+
drm_scdc_writeb(hdmi->ddc, SCDC_SOURCE_VERSION,
1694
1690
min_t(u8, bytes, SCDC_MIN_SOURCE_VERSION));
1695
1691
1696
1692
/* Enabled Scrambling in the Sink */
1697
-
drm_scdc_set_scrambling(&hdmi->i2c->adap, 1);
1693
+
drm_scdc_set_scrambling(hdmi->ddc, 1);
1698
1694
1699
1695
/*
1700
1696
* To activate the scrambler feature, you must ensure
···
1710
1706
hdmi_writeb(hdmi, 0, HDMI_FC_SCRAMBLER_CTRL);
1711
1707
hdmi_writeb(hdmi, (u8)~HDMI_MC_SWRSTZ_TMDSSWRST_REQ,
1712
1708
HDMI_MC_SWRSTZ);
1713
-
drm_scdc_set_scrambling(&hdmi->i2c->adap, 0);
1709
+
drm_scdc_set_scrambling(hdmi->ddc, 0);
1714
1710
}
1715
1711
}
1716
1712
···
1804
1800
* iteration for others.
1805
1801
* The Amlogic Meson GX SoCs (v2.01a) have been identified as needing
1806
1802
* the workaround with a single iteration.
1803
+
* The Rockchip RK3288 SoC (v2.00a) and RK3328/RK3399 SoCs (v2.11a) have
1804
+
* been identified as needing the workaround with a single iteration.
1807
1805
*/
1808
1806
1809
1807
switch (hdmi->version) {
···
1814
1808
break;
1815
1809
case 0x131a:
1816
1810
case 0x132a:
1811
+
case 0x200a:
1817
1812
case 0x201a:
1813
+
case 0x211a:
1818
1814
case 0x212a:
1819
1815
count = 1;
1820
1816
break;
+4
-2
drivers/gpu/drm/i915/intel_ddi.c
+4
-2
drivers/gpu/drm/i915/intel_ddi.c
···
3862
3862
ret = intel_hdmi_compute_config(encoder, pipe_config, conn_state);
3863
3863
else
3864
3864
ret = intel_dp_compute_config(encoder, pipe_config, conn_state);
3865
+
if (ret)
3866
+
return ret;
3865
3867
3866
-
if (IS_GEN9_LP(dev_priv) && ret)
3868
+
if (IS_GEN9_LP(dev_priv))
3867
3869
pipe_config->lane_lat_optim_mask =
3868
3870
bxt_ddi_phy_calc_lane_lat_optim_mask(pipe_config->lane_count);
3869
3871
3870
3872
intel_ddi_compute_min_voltage_level(dev_priv, pipe_config);
3871
3873
3872
-
return ret;
3874
+
return 0;
3873
3875
3874
3876
}
3875
3877
+3
-3
drivers/gpu/drm/i915/intel_dp.c
+3
-3
drivers/gpu/drm/i915/intel_dp.c
···
1886
1886
int pipe_bpp;
1887
1887
int ret;
1888
1888
1889
+
pipe_config->fec_enable = !intel_dp_is_edp(intel_dp) &&
1890
+
intel_dp_supports_fec(intel_dp, pipe_config);
1891
+
1889
1892
if (!intel_dp_supports_dsc(intel_dp, pipe_config))
1890
1893
return -EINVAL;
1891
1894
···
2118
2115
2119
2116
if (adjusted_mode->flags & DRM_MODE_FLAG_DBLCLK)
2120
2117
return -EINVAL;
2121
-
2122
-
pipe_config->fec_enable = !intel_dp_is_edp(intel_dp) &&
2123
-
intel_dp_supports_fec(intel_dp, pipe_config);
2124
2118
2125
2119
ret = intel_dp_compute_link_config(encoder, pipe_config, conn_state);
2126
2120
if (ret < 0)
+1
-1
drivers/gpu/drm/imx/ipuv3-crtc.c
+1
-1
drivers/gpu/drm/imx/ipuv3-crtc.c
+1
-2
drivers/gpu/drm/scheduler/sched_main.c
+1
-2
drivers/gpu/drm/scheduler/sched_main.c
···
366
366
EXPORT_SYMBOL(drm_sched_increase_karma);
367
367
368
368
/**
369
-
* drm_sched_hw_job_reset - stop the scheduler if it contains the bad job
369
+
* drm_sched_stop - stop the scheduler
370
370
*
371
371
* @sched: scheduler instance
372
-
* @bad: bad scheduler job
373
372
*
374
373
*/
375
374
void drm_sched_stop(struct drm_gpu_scheduler *sched)
+9
drivers/gpu/drm/sun4i/sun4i_drv.c
+9
drivers/gpu/drm/sun4i/sun4i_drv.c
···
16
16
#include <linux/of_reserved_mem.h>
17
17
18
18
#include <drm/drmP.h>
19
+
#include <drm/drm_atomic_helper.h>
19
20
#include <drm/drm_fb_cma_helper.h>
20
21
#include <drm/drm_fb_helper.h>
21
22
#include <drm/drm_gem_cma_helper.h>
···
86
85
ret = -ENOMEM;
87
86
goto free_drm;
88
87
}
88
+
89
+
dev_set_drvdata(dev, drm);
89
90
drm->dev_private = drv;
90
91
INIT_LIST_HEAD(&drv->frontend_list);
91
92
INIT_LIST_HEAD(&drv->engine_list);
···
147
144
148
145
drm_dev_unregister(drm);
149
146
drm_kms_helper_poll_fini(drm);
147
+
drm_atomic_helper_shutdown(drm);
150
148
drm_mode_config_cleanup(drm);
149
+
150
+
component_unbind_all(dev, NULL);
151
151
of_reserved_mem_device_release(dev);
152
+
152
153
drm_dev_put(drm);
153
154
}
154
155
···
402
395
403
396
static int sun4i_drv_remove(struct platform_device *pdev)
404
397
{
398
+
component_master_del(&pdev->dev, &sun4i_drv_master_ops);
399
+
405
400
return 0;
406
401
}
407
402
+5
-5
drivers/gpu/drm/ttm/ttm_bo.c
+5
-5
drivers/gpu/drm/ttm/ttm_bo.c
···
49
49
* ttm_global_mutex - protecting the global BO state
50
50
*/
51
51
DEFINE_MUTEX(ttm_global_mutex);
52
-
struct ttm_bo_global ttm_bo_glob = {
53
-
.use_count = 0
54
-
};
52
+
unsigned ttm_bo_glob_use_count;
53
+
struct ttm_bo_global ttm_bo_glob;
55
54
56
55
static struct attribute ttm_bo_count = {
57
56
.name = "bo_count",
···
1530
1531
struct ttm_bo_global *glob = &ttm_bo_glob;
1531
1532
1532
1533
mutex_lock(&ttm_global_mutex);
1533
-
if (--glob->use_count > 0)
1534
+
if (--ttm_bo_glob_use_count > 0)
1534
1535
goto out;
1535
1536
1536
1537
kobject_del(&glob->kobj);
1537
1538
kobject_put(&glob->kobj);
1538
1539
ttm_mem_global_release(&ttm_mem_glob);
1540
+
memset(glob, 0, sizeof(*glob));
1539
1541
out:
1540
1542
mutex_unlock(&ttm_global_mutex);
1541
1543
}
···
1548
1548
unsigned i;
1549
1549
1550
1550
mutex_lock(&ttm_global_mutex);
1551
-
if (++glob->use_count > 1)
1551
+
if (++ttm_bo_glob_use_count > 1)
1552
1552
goto out;
1553
1553
1554
1554
ret = ttm_mem_global_init(&ttm_mem_glob);
+3
-2
drivers/gpu/drm/ttm/ttm_memory.c
+3
-2
drivers/gpu/drm/ttm/ttm_memory.c
···
461
461
462
462
void ttm_mem_global_release(struct ttm_mem_global *glob)
463
463
{
464
-
unsigned int i;
465
464
struct ttm_mem_zone *zone;
465
+
unsigned int i;
466
466
467
467
/* let the page allocator first stop the shrink work. */
468
468
ttm_page_alloc_fini();
···
475
475
zone = glob->zones[i];
476
476
kobject_del(&zone->kobj);
477
477
kobject_put(&zone->kobj);
478
-
}
478
+
}
479
479
kobject_del(&glob->kobj);
480
480
kobject_put(&glob->kobj);
481
+
memset(glob, 0, sizeof(*glob));
481
482
}
482
483
483
484
static void ttm_check_swapping(struct ttm_mem_global *glob)
+1
-1
drivers/gpu/drm/vc4/vc4_crtc.c
+1
-1
drivers/gpu/drm/vc4/vc4_crtc.c
···
1042
1042
vc4_crtc_reset(struct drm_crtc *crtc)
1043
1043
{
1044
1044
if (crtc->state)
1045
-
__drm_atomic_helper_crtc_destroy_state(crtc->state);
1045
+
vc4_crtc_destroy_state(crtc, crtc->state);
1046
1046
1047
1047
crtc->state = kzalloc(sizeof(struct vc4_crtc_state), GFP_KERNEL);
1048
1048
if (crtc->state)
+5
-28
drivers/gpu/drm/vmwgfx/vmwgfx_drv.c
+5
-28
drivers/gpu/drm/vmwgfx/vmwgfx_drv.c
···
546
546
}
547
547
548
548
/**
549
-
* vmw_assume_iommu - Figure out whether coherent dma-remapping might be
550
-
* taking place.
551
-
* @dev: Pointer to the struct drm_device.
552
-
*
553
-
* Return: true if iommu present, false otherwise.
554
-
*/
555
-
static bool vmw_assume_iommu(struct drm_device *dev)
556
-
{
557
-
const struct dma_map_ops *ops = get_dma_ops(dev->dev);
558
-
559
-
return !dma_is_direct(ops) && ops &&
560
-
ops->map_page != dma_direct_map_page;
561
-
}
562
-
563
-
/**
564
549
* vmw_dma_select_mode - Determine how DMA mappings should be set up for this
565
550
* system.
566
551
*
567
552
* @dev_priv: Pointer to a struct vmw_private
568
553
*
569
-
* This functions tries to determine the IOMMU setup and what actions
570
-
* need to be taken by the driver to make system pages visible to the
571
-
* device.
554
+
* This functions tries to determine what actions need to be taken by the
555
+
* driver to make system pages visible to the device.
572
556
* If this function decides that DMA is not possible, it returns -EINVAL.
573
557
* The driver may then try to disable features of the device that require
574
558
* DMA.
···
562
578
static const char *names[vmw_dma_map_max] = {
563
579
[vmw_dma_phys] = "Using physical TTM page addresses.",
564
580
[vmw_dma_alloc_coherent] = "Using coherent TTM pages.",
565
-
[vmw_dma_map_populate] = "Keeping DMA mappings.",
581
+
[vmw_dma_map_populate] = "Caching DMA mappings.",
566
582
[vmw_dma_map_bind] = "Giving up DMA mappings early."};
567
583
568
584
if (vmw_force_coherent)
569
585
dev_priv->map_mode = vmw_dma_alloc_coherent;
570
-
else if (vmw_assume_iommu(dev_priv->dev))
571
-
dev_priv->map_mode = vmw_dma_map_populate;
572
-
else if (!vmw_force_iommu)
573
-
dev_priv->map_mode = vmw_dma_phys;
574
-
else if (IS_ENABLED(CONFIG_SWIOTLB) && swiotlb_nr_tbl())
575
-
dev_priv->map_mode = vmw_dma_alloc_coherent;
586
+
else if (vmw_restrict_iommu)
587
+
dev_priv->map_mode = vmw_dma_map_bind;
576
588
else
577
589
dev_priv->map_mode = vmw_dma_map_populate;
578
-
579
-
if (dev_priv->map_mode == vmw_dma_map_populate && vmw_restrict_iommu)
580
-
dev_priv->map_mode = vmw_dma_map_bind;
581
590
582
591
/* No TTM coherent page pool? FIXME: Ask TTM instead! */
583
592
if (!(IS_ENABLED(CONFIG_SWIOTLB) || IS_ENABLED(CONFIG_INTEL_IOMMU)) &&
+9
-3
drivers/gpu/ipu-v3/ipu-dp.c
+9
-3
drivers/gpu/ipu-v3/ipu-dp.c
···
195
195
ipu_dp_csc_init(flow, flow->foreground.in_cs, flow->out_cs,
196
196
DP_COM_CONF_CSC_DEF_BOTH);
197
197
} else {
198
-
if (flow->foreground.in_cs == flow->out_cs)
198
+
if (flow->foreground.in_cs == IPUV3_COLORSPACE_UNKNOWN ||
199
+
flow->foreground.in_cs == flow->out_cs)
199
200
/*
200
201
* foreground identical to output, apply color
201
202
* conversion on background
···
262
261
struct ipu_dp_priv *priv = flow->priv;
263
262
u32 reg, csc;
264
263
264
+
dp->in_cs = IPUV3_COLORSPACE_UNKNOWN;
265
+
265
266
if (!dp->foreground)
266
267
return;
267
268
···
271
268
272
269
reg = readl(flow->base + DP_COM_CONF);
273
270
csc = reg & DP_COM_CONF_CSC_DEF_MASK;
274
-
if (csc == DP_COM_CONF_CSC_DEF_FG)
275
-
reg &= ~DP_COM_CONF_CSC_DEF_MASK;
271
+
reg &= ~DP_COM_CONF_CSC_DEF_MASK;
272
+
if (csc == DP_COM_CONF_CSC_DEF_BOTH || csc == DP_COM_CONF_CSC_DEF_BG)
273
+
reg |= DP_COM_CONF_CSC_DEF_BG;
276
274
277
275
reg &= ~DP_COM_CONF_FG_EN;
278
276
writel(reg, flow->base + DP_COM_CONF);
···
351
347
mutex_init(&priv->mutex);
352
348
353
349
for (i = 0; i < IPUV3_NUM_FLOWS; i++) {
350
+
priv->flow[i].background.in_cs = IPUV3_COLORSPACE_UNKNOWN;
351
+
priv->flow[i].foreground.in_cs = IPUV3_COLORSPACE_UNKNOWN;
354
352
priv->flow[i].foreground.foreground = true;
355
353
priv->flow[i].base = priv->base + ipu_dp_flow_base[i];
356
354
priv->flow[i].priv = priv;
+1
-1
drivers/i2c/i2c-core-base.c
+1
-1
drivers/i2c/i2c-core-base.c
+1
drivers/infiniband/core/uverbs.h
+1
drivers/infiniband/core/uverbs.h
+49
-3
drivers/infiniband/core/uverbs_main.c
+49
-3
drivers/infiniband/core/uverbs_main.c
···
208
208
kref_put(&file->async_file->ref,
209
209
ib_uverbs_release_async_event_file);
210
210
put_device(&file->device->dev);
211
+
212
+
if (file->disassociate_page)
213
+
__free_pages(file->disassociate_page, 0);
211
214
kfree(file);
212
215
}
213
216
···
880
877
kfree(priv);
881
878
}
882
879
880
+
/*
881
+
* Once the zap_vma_ptes has been called touches to the VMA will come here and
882
+
* we return a dummy writable zero page for all the pfns.
883
+
*/
884
+
static vm_fault_t rdma_umap_fault(struct vm_fault *vmf)
885
+
{
886
+
struct ib_uverbs_file *ufile = vmf->vma->vm_file->private_data;
887
+
struct rdma_umap_priv *priv = vmf->vma->vm_private_data;
888
+
vm_fault_t ret = 0;
889
+
890
+
if (!priv)
891
+
return VM_FAULT_SIGBUS;
892
+
893
+
/* Read only pages can just use the system zero page. */
894
+
if (!(vmf->vma->vm_flags & (VM_WRITE | VM_MAYWRITE))) {
895
+
vmf->page = ZERO_PAGE(vmf->address);
896
+
get_page(vmf->page);
897
+
return 0;
898
+
}
899
+
900
+
mutex_lock(&ufile->umap_lock);
901
+
if (!ufile->disassociate_page)
902
+
ufile->disassociate_page =
903
+
alloc_pages(vmf->gfp_mask | __GFP_ZERO, 0);
904
+
905
+
if (ufile->disassociate_page) {
906
+
/*
907
+
* This VMA is forced to always be shared so this doesn't have
908
+
* to worry about COW.
909
+
*/
910
+
vmf->page = ufile->disassociate_page;
911
+
get_page(vmf->page);
912
+
} else {
913
+
ret = VM_FAULT_SIGBUS;
914
+
}
915
+
mutex_unlock(&ufile->umap_lock);
916
+
917
+
return ret;
918
+
}
919
+
883
920
static const struct vm_operations_struct rdma_umap_ops = {
884
921
.open = rdma_umap_open,
885
922
.close = rdma_umap_close,
923
+
.fault = rdma_umap_fault,
886
924
};
887
925
888
926
static struct rdma_umap_priv *rdma_user_mmap_pre(struct ib_ucontext *ucontext,
···
932
888
{
933
889
struct ib_uverbs_file *ufile = ucontext->ufile;
934
890
struct rdma_umap_priv *priv;
891
+
892
+
if (!(vma->vm_flags & VM_SHARED))
893
+
return ERR_PTR(-EINVAL);
935
894
936
895
if (vma->vm_end - vma->vm_start != size)
937
896
return ERR_PTR(-EINVAL);
···
1039
992
* at a time to get the lock ordering right. Typically there
1040
993
* will only be one mm, so no big deal.
1041
994
*/
1042
-
down_write(&mm->mmap_sem);
995
+
down_read(&mm->mmap_sem);
1043
996
if (!mmget_still_valid(mm))
1044
997
goto skip_mm;
1045
998
mutex_lock(&ufile->umap_lock);
···
1053
1006
1054
1007
zap_vma_ptes(vma, vma->vm_start,
1055
1008
vma->vm_end - vma->vm_start);
1056
-
vma->vm_flags &= ~(VM_SHARED | VM_MAYSHARE);
1057
1009
}
1058
1010
mutex_unlock(&ufile->umap_lock);
1059
1011
skip_mm:
1060
-
up_write(&mm->mmap_sem);
1012
+
up_read(&mm->mmap_sem);
1061
1013
mmput(mm);
1062
1014
}
1063
1015
}
+1
-1
drivers/infiniband/hw/hns/hns_roce_qp.c
+1
-1
drivers/infiniband/hw/hns/hns_roce_qp.c
+7
-5
drivers/infiniband/hw/mlx5/main.c
+7
-5
drivers/infiniband/hw/mlx5/main.c
···
1119
1119
if (MLX5_CAP_GEN(mdev, qp_packet_based))
1120
1120
resp.flags |=
1121
1121
MLX5_IB_QUERY_DEV_RESP_PACKET_BASED_CREDIT_MODE;
1122
+
1123
+
resp.flags |= MLX5_IB_QUERY_DEV_RESP_FLAGS_SCAT2CQE_DCT;
1122
1124
}
1123
1125
1124
1126
if (field_avail(typeof(resp), sw_parsing_caps,
···
2068
2066
2069
2067
if (vma->vm_flags & VM_WRITE)
2070
2068
return -EPERM;
2069
+
vma->vm_flags &= ~VM_MAYWRITE;
2071
2070
2072
2071
if (!dev->mdev->clock_info_page)
2073
2072
return -EOPNOTSUPP;
···
2234
2231
2235
2232
if (vma->vm_flags & VM_WRITE)
2236
2233
return -EPERM;
2234
+
vma->vm_flags &= ~VM_MAYWRITE;
2237
2235
2238
2236
/* Don't expose to user-space information it shouldn't have */
2239
2237
if (PAGE_SIZE > 4096)
2240
2238
return -EOPNOTSUPP;
2241
2239
2242
-
vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot);
2243
2240
pfn = (dev->mdev->iseg_base +
2244
2241
offsetof(struct mlx5_init_seg, internal_timer_h)) >>
2245
2242
PAGE_SHIFT;
2246
-
if (io_remap_pfn_range(vma, vma->vm_start, pfn,
2247
-
PAGE_SIZE, vma->vm_page_prot))
2248
-
return -EAGAIN;
2249
-
break;
2243
+
return rdma_user_mmap_io(&context->ibucontext, vma, pfn,
2244
+
PAGE_SIZE,
2245
+
pgprot_noncached(vma->vm_page_prot));
2250
2246
case MLX5_IB_MMAP_CLOCK_INFO:
2251
2247
return mlx5_ib_mmap_clock_info_page(dev, vma, context);
2252
2248
+7
-4
drivers/infiniband/hw/mlx5/qp.c
+7
-4
drivers/infiniband/hw/mlx5/qp.c
···
1818
1818
1819
1819
rcqe_sz = mlx5_ib_get_cqe_size(init_attr->recv_cq);
1820
1820
1821
-
if (rcqe_sz == 128) {
1822
-
MLX5_SET(qpc, qpc, cs_res, MLX5_RES_SCAT_DATA64_CQE);
1821
+
if (init_attr->qp_type == MLX5_IB_QPT_DCT) {
1822
+
if (rcqe_sz == 128)
1823
+
MLX5_SET(dctc, qpc, cs_res, MLX5_RES_SCAT_DATA64_CQE);
1824
+
1823
1825
return;
1824
1826
}
1825
1827
1826
-
if (init_attr->qp_type != MLX5_IB_QPT_DCT)
1827
-
MLX5_SET(qpc, qpc, cs_res, MLX5_RES_SCAT_DATA32_CQE);
1828
+
MLX5_SET(qpc, qpc, cs_res,
1829
+
rcqe_sz == 128 ? MLX5_RES_SCAT_DATA64_CQE :
1830
+
MLX5_RES_SCAT_DATA32_CQE);
1828
1831
}
1829
1832
1830
1833
static void configure_requester_scat_cqe(struct mlx5_ib_dev *dev,
+10
-7
drivers/infiniband/sw/rdmavt/mr.c
+10
-7
drivers/infiniband/sw/rdmavt/mr.c
···
608
608
if (unlikely(mapped_segs == mr->mr.max_segs))
609
609
return -ENOMEM;
610
610
611
-
if (mr->mr.length == 0) {
612
-
mr->mr.user_base = addr;
613
-
mr->mr.iova = addr;
614
-
}
615
-
616
611
m = mapped_segs / RVT_SEGSZ;
617
612
n = mapped_segs % RVT_SEGSZ;
618
613
mr->mr.map[m]->segs[n].vaddr = (void *)addr;
···
625
630
* @sg_nents: number of entries in sg
626
631
* @sg_offset: offset in bytes into sg
627
632
*
633
+
* Overwrite rvt_mr length with mr length calculated by ib_sg_to_pages.
634
+
*
628
635
* Return: number of sg elements mapped to the memory region
629
636
*/
630
637
int rvt_map_mr_sg(struct ib_mr *ibmr, struct scatterlist *sg,
631
638
int sg_nents, unsigned int *sg_offset)
632
639
{
633
640
struct rvt_mr *mr = to_imr(ibmr);
641
+
int ret;
634
642
635
643
mr->mr.length = 0;
636
644
mr->mr.page_shift = PAGE_SHIFT;
637
-
return ib_sg_to_pages(ibmr, sg, sg_nents, sg_offset,
638
-
rvt_set_page);
645
+
ret = ib_sg_to_pages(ibmr, sg, sg_nents, sg_offset, rvt_set_page);
646
+
mr->mr.user_base = ibmr->iova;
647
+
mr->mr.iova = ibmr->iova;
648
+
mr->mr.offset = ibmr->iova - (u64)mr->mr.map[0]->segs[0].vaddr;
649
+
mr->mr.length = (size_t)ibmr->length;
650
+
return ret;
639
651
}
640
652
641
653
/**
···
673
671
ibmr->rkey = key;
674
672
mr->mr.lkey = key;
675
673
mr->mr.access_flags = access;
674
+
mr->mr.iova = ibmr->iova;
676
675
atomic_set(&mr->mr.lkey_invalid, 0);
677
676
678
677
return 0;
+1
-1
drivers/input/keyboard/Kconfig
+1
-1
drivers/input/keyboard/Kconfig
+1
-5
drivers/input/rmi4/rmi_driver.c
+1
-5
drivers/input/rmi4/rmi_driver.c
···
860
860
861
861
error = rmi_register_function(fn);
862
862
if (error)
863
-
goto err_put_fn;
863
+
return error;
864
864
865
865
if (pdt->function_number == 0x01)
866
866
data->f01_container = fn;
···
870
870
list_add_tail(&fn->node, &data->function_list);
871
871
872
872
return RMI_SCAN_CONTINUE;
873
-
874
-
err_put_fn:
875
-
put_device(&fn->dev);
876
-
return error;
877
873
}
878
874
879
875
void rmi_enable_irq(struct rmi_device *rmi_dev, bool clear_wake)
+1
-1
drivers/input/rmi4/rmi_f11.c
+1
-1
drivers/input/rmi4/rmi_f11.c
+6
-6
drivers/mtd/nand/raw/marvell_nand.c
+6
-6
drivers/mtd/nand/raw/marvell_nand.c
···
722
722
struct marvell_nfc *nfc = to_marvell_nfc(chip->controller);
723
723
u32 ndcr_generic;
724
724
725
-
if (chip == nfc->selected_chip && die_nr == marvell_nand->selected_die)
726
-
return;
727
-
728
-
writel_relaxed(marvell_nand->ndtr0, nfc->regs + NDTR0);
729
-
writel_relaxed(marvell_nand->ndtr1, nfc->regs + NDTR1);
730
-
731
725
/*
732
726
* Reset the NDCR register to a clean state for this particular chip,
733
727
* also clear ND_RUN bit.
···
732
738
733
739
/* Also reset the interrupt status register */
734
740
marvell_nfc_clear_int(nfc, NDCR_ALL_INT);
741
+
742
+
if (chip == nfc->selected_chip && die_nr == marvell_nand->selected_die)
743
+
return;
744
+
745
+
writel_relaxed(marvell_nand->ndtr0, nfc->regs + NDTR0);
746
+
writel_relaxed(marvell_nand->ndtr1, nfc->regs + NDTR1);
735
747
736
748
nfc->selected_chip = chip;
737
749
marvell_nand->selected_die = die_nr;
+6
drivers/net/dsa/bcm_sf2_cfp.c
+6
drivers/net/dsa/bcm_sf2_cfp.c
···
886
886
fs->m_ext.data[1]))
887
887
return -EINVAL;
888
888
889
+
if (fs->location != RX_CLS_LOC_ANY && fs->location >= CFP_NUM_RULES)
890
+
return -EINVAL;
891
+
889
892
if (fs->location != RX_CLS_LOC_ANY &&
890
893
test_bit(fs->location, priv->cfp.used))
891
894
return -EBUSY;
···
976
973
{
977
974
struct cfp_rule *rule;
978
975
int ret;
976
+
977
+
if (loc >= CFP_NUM_RULES)
978
+
return -EINVAL;
979
979
980
980
/* Refuse deleting unused rules, and those that are not unique since
981
981
* that could leave IPv6 rules with one of the chained rule in the
+32
-21
drivers/net/ethernet/broadcom/bnxt/bnxt.c
+32
-21
drivers/net/ethernet/broadcom/bnxt/bnxt.c
···
1625
1625
netdev_warn(bp->dev, "RX buffer error %x\n", rx_err);
1626
1626
bnxt_sched_reset(bp, rxr);
1627
1627
}
1628
-
goto next_rx;
1628
+
goto next_rx_no_len;
1629
1629
}
1630
1630
1631
1631
len = le32_to_cpu(rxcmp->rx_cmp_len_flags_type) >> RX_CMP_LEN_SHIFT;
···
1706
1706
rc = 1;
1707
1707
1708
1708
next_rx:
1709
-
rxr->rx_prod = NEXT_RX(prod);
1710
-
rxr->rx_next_cons = NEXT_RX(cons);
1711
-
1712
1709
cpr->rx_packets += 1;
1713
1710
cpr->rx_bytes += len;
1711
+
1712
+
next_rx_no_len:
1713
+
rxr->rx_prod = NEXT_RX(prod);
1714
+
rxr->rx_next_cons = NEXT_RX(cons);
1714
1715
1715
1716
next_rx_no_prod_no_len:
1716
1717
*raw_cons = tmp_raw_cons;
···
5136
5135
for (i = 0; i < bp->tx_nr_rings; i++) {
5137
5136
struct bnxt_tx_ring_info *txr = &bp->tx_ring[i];
5138
5137
struct bnxt_ring_struct *ring = &txr->tx_ring_struct;
5139
-
u32 cmpl_ring_id;
5140
5138
5141
-
cmpl_ring_id = bnxt_cp_ring_for_tx(bp, txr);
5142
5139
if (ring->fw_ring_id != INVALID_HW_RING_ID) {
5140
+
u32 cmpl_ring_id = bnxt_cp_ring_for_tx(bp, txr);
5141
+
5143
5142
hwrm_ring_free_send_msg(bp, ring,
5144
5143
RING_FREE_REQ_RING_TYPE_TX,
5145
5144
close_path ? cmpl_ring_id :
···
5152
5151
struct bnxt_rx_ring_info *rxr = &bp->rx_ring[i];
5153
5152
struct bnxt_ring_struct *ring = &rxr->rx_ring_struct;
5154
5153
u32 grp_idx = rxr->bnapi->index;
5155
-
u32 cmpl_ring_id;
5156
5154
5157
-
cmpl_ring_id = bnxt_cp_ring_for_rx(bp, rxr);
5158
5155
if (ring->fw_ring_id != INVALID_HW_RING_ID) {
5156
+
u32 cmpl_ring_id = bnxt_cp_ring_for_rx(bp, rxr);
5157
+
5159
5158
hwrm_ring_free_send_msg(bp, ring,
5160
5159
RING_FREE_REQ_RING_TYPE_RX,
5161
5160
close_path ? cmpl_ring_id :
···
5174
5173
struct bnxt_rx_ring_info *rxr = &bp->rx_ring[i];
5175
5174
struct bnxt_ring_struct *ring = &rxr->rx_agg_ring_struct;
5176
5175
u32 grp_idx = rxr->bnapi->index;
5177
-
u32 cmpl_ring_id;
5178
5176
5179
-
cmpl_ring_id = bnxt_cp_ring_for_rx(bp, rxr);
5180
5177
if (ring->fw_ring_id != INVALID_HW_RING_ID) {
5178
+
u32 cmpl_ring_id = bnxt_cp_ring_for_rx(bp, rxr);
5179
+
5181
5180
hwrm_ring_free_send_msg(bp, ring, type,
5182
5181
close_path ? cmpl_ring_id :
5183
5182
INVALID_HW_RING_ID);
···
5316
5315
req->num_tx_rings = cpu_to_le16(tx_rings);
5317
5316
if (BNXT_NEW_RM(bp)) {
5318
5317
enables |= rx_rings ? FUNC_CFG_REQ_ENABLES_NUM_RX_RINGS : 0;
5318
+
enables |= stats ? FUNC_CFG_REQ_ENABLES_NUM_STAT_CTXS : 0;
5319
5319
if (bp->flags & BNXT_FLAG_CHIP_P5) {
5320
5320
enables |= cp_rings ? FUNC_CFG_REQ_ENABLES_NUM_MSIX : 0;
5321
5321
enables |= tx_rings + ring_grps ?
5322
-
FUNC_CFG_REQ_ENABLES_NUM_CMPL_RINGS |
5323
-
FUNC_CFG_REQ_ENABLES_NUM_STAT_CTXS : 0;
5322
+
FUNC_CFG_REQ_ENABLES_NUM_CMPL_RINGS : 0;
5324
5323
enables |= rx_rings ?
5325
5324
FUNC_CFG_REQ_ENABLES_NUM_RSSCOS_CTXS : 0;
5326
5325
} else {
5327
5326
enables |= cp_rings ?
5328
-
FUNC_CFG_REQ_ENABLES_NUM_CMPL_RINGS |
5329
-
FUNC_CFG_REQ_ENABLES_NUM_STAT_CTXS : 0;
5327
+
FUNC_CFG_REQ_ENABLES_NUM_CMPL_RINGS : 0;
5330
5328
enables |= ring_grps ?
5331
5329
FUNC_CFG_REQ_ENABLES_NUM_HW_RING_GRPS |
5332
5330
FUNC_CFG_REQ_ENABLES_NUM_RSSCOS_CTXS : 0;
···
5365
5365
enables |= tx_rings ? FUNC_VF_CFG_REQ_ENABLES_NUM_TX_RINGS : 0;
5366
5366
enables |= rx_rings ? FUNC_VF_CFG_REQ_ENABLES_NUM_RX_RINGS |
5367
5367
FUNC_VF_CFG_REQ_ENABLES_NUM_RSSCOS_CTXS : 0;
5368
+
enables |= stats ? FUNC_VF_CFG_REQ_ENABLES_NUM_STAT_CTXS : 0;
5368
5369
if (bp->flags & BNXT_FLAG_CHIP_P5) {
5369
5370
enables |= tx_rings + ring_grps ?
5370
-
FUNC_VF_CFG_REQ_ENABLES_NUM_CMPL_RINGS |
5371
-
FUNC_VF_CFG_REQ_ENABLES_NUM_STAT_CTXS : 0;
5371
+
FUNC_VF_CFG_REQ_ENABLES_NUM_CMPL_RINGS : 0;
5372
5372
} else {
5373
5373
enables |= cp_rings ?
5374
-
FUNC_VF_CFG_REQ_ENABLES_NUM_CMPL_RINGS |
5375
-
FUNC_VF_CFG_REQ_ENABLES_NUM_STAT_CTXS : 0;
5374
+
FUNC_VF_CFG_REQ_ENABLES_NUM_CMPL_RINGS : 0;
5376
5375
enables |= ring_grps ?
5377
5376
FUNC_VF_CFG_REQ_ENABLES_NUM_HW_RING_GRPS : 0;
5378
5377
}
···
6752
6753
struct hwrm_queue_pri2cos_qcfg_input req2 = {0};
6753
6754
struct hwrm_port_qstats_ext_input req = {0};
6754
6755
struct bnxt_pf_info *pf = &bp->pf;
6756
+
u32 tx_stat_size;
6755
6757
int rc;
6756
6758
6757
6759
if (!(bp->flags & BNXT_FLAG_PORT_STATS_EXT))
···
6762
6762
req.port_id = cpu_to_le16(pf->port_id);
6763
6763
req.rx_stat_size = cpu_to_le16(sizeof(struct rx_port_stats_ext));
6764
6764
req.rx_stat_host_addr = cpu_to_le64(bp->hw_rx_port_stats_ext_map);
6765
-
req.tx_stat_size = cpu_to_le16(sizeof(struct tx_port_stats_ext));
6765
+
tx_stat_size = bp->hw_tx_port_stats_ext ?
6766
+
sizeof(*bp->hw_tx_port_stats_ext) : 0;
6767
+
req.tx_stat_size = cpu_to_le16(tx_stat_size);
6766
6768
req.tx_stat_host_addr = cpu_to_le64(bp->hw_tx_port_stats_ext_map);
6767
6769
mutex_lock(&bp->hwrm_cmd_lock);
6768
6770
rc = _hwrm_send_message(bp, &req, sizeof(req), HWRM_CMD_TIMEOUT);
6769
6771
if (!rc) {
6770
6772
bp->fw_rx_stats_ext_size = le16_to_cpu(resp->rx_stat_size) / 8;
6771
-
bp->fw_tx_stats_ext_size = le16_to_cpu(resp->tx_stat_size) / 8;
6773
+
bp->fw_tx_stats_ext_size = tx_stat_size ?
6774
+
le16_to_cpu(resp->tx_stat_size) / 8 : 0;
6772
6775
} else {
6773
6776
bp->fw_rx_stats_ext_size = 0;
6774
6777
bp->fw_tx_stats_ext_size = 0;
···
8964
8961
8965
8962
skip_uc:
8966
8963
rc = bnxt_hwrm_cfa_l2_set_rx_mask(bp, 0);
8964
+
if (rc && vnic->mc_list_count) {
8965
+
netdev_info(bp->dev, "Failed setting MC filters rc: %d, turning on ALL_MCAST mode\n",
8966
+
rc);
8967
+
vnic->rx_mask |= CFA_L2_SET_RX_MASK_REQ_MASK_ALL_MCAST;
8968
+
vnic->mc_list_count = 0;
8969
+
rc = bnxt_hwrm_cfa_l2_set_rx_mask(bp, 0);
8970
+
}
8967
8971
if (rc)
8968
-
netdev_err(bp->dev, "HWRM cfa l2 rx mask failure rc: %x\n",
8972
+
netdev_err(bp->dev, "HWRM cfa l2 rx mask failure rc: %d\n",
8969
8973
rc);
8970
8974
8971
8975
return rc;
···
10709
10699
bnxt_clear_int_mode(bp);
10710
10700
10711
10701
init_err_pci_clean:
10702
+
bnxt_free_hwrm_short_cmd_req(bp);
10712
10703
bnxt_free_hwrm_resources(bp);
10713
10704
bnxt_free_ctx_mem(bp);
10714
10705
kfree(bp->ctx);
+3
drivers/net/ethernet/stmicro/stmmac/dwmac-stm32.c
+3
drivers/net/ethernet/stmicro/stmmac/dwmac-stm32.c
···
333
333
*/
334
334
dwmac->irq_pwr_wakeup = platform_get_irq_byname(pdev,
335
335
"stm32_pwr_wakeup");
336
+
if (dwmac->irq_pwr_wakeup == -EPROBE_DEFER)
337
+
return -EPROBE_DEFER;
338
+
336
339
if (!dwmac->clk_eth_ck && dwmac->irq_pwr_wakeup >= 0) {
337
340
err = device_init_wakeup(&pdev->dev, true);
338
341
if (err) {
+1
-1
drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c
+1
-1
drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c
···
160
160
.driver_data = (void *)&galileo_stmmac_dmi_data,
161
161
},
162
162
/*
163
-
* There are 2 types of SIMATIC IOT2000: IOT20202 and IOT2040.
163
+
* There are 2 types of SIMATIC IOT2000: IOT2020 and IOT2040.
164
164
* The asset tag "6ES7647-0AA00-0YA2" is only for IOT2020 which
165
165
* has only one pci network device while other asset tags are
166
166
* for IOT2040 which has two.
+6
drivers/net/ieee802154/mcr20a.c
+6
drivers/net/ieee802154/mcr20a.c
···
533
533
dev_dbg(printdev(lp), "no slotted operation\n");
534
534
ret = regmap_update_bits(lp->regmap_dar, DAR_PHY_CTRL1,
535
535
DAR_PHY_CTRL1_SLOTTED, 0x0);
536
+
if (ret < 0)
537
+
return ret;
536
538
537
539
/* enable irq */
538
540
enable_irq(lp->spi->irq);
···
542
540
/* Unmask SEQ interrupt */
543
541
ret = regmap_update_bits(lp->regmap_dar, DAR_PHY_CTRL2,
544
542
DAR_PHY_CTRL2_SEQMSK, 0x0);
543
+
if (ret < 0)
544
+
return ret;
545
545
546
546
/* Start the RX sequence */
547
547
dev_dbg(printdev(lp), "start the RX sequence\n");
548
548
ret = regmap_update_bits(lp->regmap_dar, DAR_PHY_CTRL1,
549
549
DAR_PHY_CTRL1_XCVSEQ_MASK, MCR20A_XCVSEQ_RX);
550
+
if (ret < 0)
551
+
return ret;
550
552
551
553
return 0;
552
554
}
+4
-2
drivers/net/phy/marvell.c
+4
-2
drivers/net/phy/marvell.c
···
1597
1597
1598
1598
static void marvell_get_strings(struct phy_device *phydev, u8 *data)
1599
1599
{
1600
+
int count = marvell_get_sset_count(phydev);
1600
1601
int i;
1601
1602
1602
-
for (i = 0; i < ARRAY_SIZE(marvell_hw_stats); i++) {
1603
+
for (i = 0; i < count; i++) {
1603
1604
strlcpy(data + i * ETH_GSTRING_LEN,
1604
1605
marvell_hw_stats[i].string, ETH_GSTRING_LEN);
1605
1606
}
···
1628
1627
static void marvell_get_stats(struct phy_device *phydev,
1629
1628
struct ethtool_stats *stats, u64 *data)
1630
1629
{
1630
+
int count = marvell_get_sset_count(phydev);
1631
1631
int i;
1632
1632
1633
-
for (i = 0; i < ARRAY_SIZE(marvell_hw_stats); i++)
1633
+
for (i = 0; i < count; i++)
1634
1634
data[i] = marvell_get_stat(phydev, i);
1635
1635
}
1636
1636
+1
-1
drivers/net/slip/slhc.c
+1
-1
drivers/net/slip/slhc.c
+10
drivers/net/usb/qmi_wwan.c
+10
drivers/net/usb/qmi_wwan.c
···
1131
1131
{QMI_FIXED_INTF(0x0846, 0x68d3, 8)}, /* Netgear Aircard 779S */
1132
1132
{QMI_FIXED_INTF(0x12d1, 0x140c, 1)}, /* Huawei E173 */
1133
1133
{QMI_FIXED_INTF(0x12d1, 0x14ac, 1)}, /* Huawei E1820 */
1134
+
{QMI_FIXED_INTF(0x1435, 0x0918, 3)}, /* Wistron NeWeb D16Q1 */
1135
+
{QMI_FIXED_INTF(0x1435, 0x0918, 4)}, /* Wistron NeWeb D16Q1 */
1136
+
{QMI_FIXED_INTF(0x1435, 0x0918, 5)}, /* Wistron NeWeb D16Q1 */
1137
+
{QMI_FIXED_INTF(0x1435, 0x3185, 4)}, /* Wistron NeWeb M18Q5 */
1138
+
{QMI_FIXED_INTF(0x1435, 0xd111, 4)}, /* M9615A DM11-1 D51QC */
1134
1139
{QMI_FIXED_INTF(0x1435, 0xd181, 3)}, /* Wistron NeWeb D18Q1 */
1135
1140
{QMI_FIXED_INTF(0x1435, 0xd181, 4)}, /* Wistron NeWeb D18Q1 */
1136
1141
{QMI_FIXED_INTF(0x1435, 0xd181, 5)}, /* Wistron NeWeb D18Q1 */
1142
+
{QMI_FIXED_INTF(0x1435, 0xd182, 4)}, /* Wistron NeWeb D18 */
1143
+
{QMI_FIXED_INTF(0x1435, 0xd182, 5)}, /* Wistron NeWeb D18 */
1137
1144
{QMI_FIXED_INTF(0x1435, 0xd191, 4)}, /* Wistron NeWeb D19Q1 */
1138
1145
{QMI_QUIRK_SET_DTR(0x1508, 0x1001, 4)}, /* Fibocom NL668 series */
1139
1146
{QMI_FIXED_INTF(0x16d8, 0x6003, 0)}, /* CMOTech 6003 */
···
1196
1189
{QMI_FIXED_INTF(0x19d2, 0x0265, 4)}, /* ONDA MT8205 4G LTE */
1197
1190
{QMI_FIXED_INTF(0x19d2, 0x0284, 4)}, /* ZTE MF880 */
1198
1191
{QMI_FIXED_INTF(0x19d2, 0x0326, 4)}, /* ZTE MF821D */
1192
+
{QMI_FIXED_INTF(0x19d2, 0x0396, 3)}, /* ZTE ZM8620 */
1199
1193
{QMI_FIXED_INTF(0x19d2, 0x0412, 4)}, /* Telewell TW-LTE 4G */
1200
1194
{QMI_FIXED_INTF(0x19d2, 0x1008, 4)}, /* ZTE (Vodafone) K3570-Z */
1201
1195
{QMI_FIXED_INTF(0x19d2, 0x1010, 4)}, /* ZTE (Vodafone) K3571-Z */
···
1217
1209
{QMI_FIXED_INTF(0x19d2, 0x1425, 2)},
1218
1210
{QMI_FIXED_INTF(0x19d2, 0x1426, 2)}, /* ZTE MF91 */
1219
1211
{QMI_FIXED_INTF(0x19d2, 0x1428, 2)}, /* Telewell TW-LTE 4G v2 */
1212
+
{QMI_FIXED_INTF(0x19d2, 0x1432, 3)}, /* ZTE ME3620 */
1220
1213
{QMI_FIXED_INTF(0x19d2, 0x2002, 4)}, /* ZTE (Vodafone) K3765-Z */
1214
+
{QMI_FIXED_INTF(0x2001, 0x7e16, 3)}, /* D-Link DWM-221 */
1221
1215
{QMI_FIXED_INTF(0x2001, 0x7e19, 4)}, /* D-Link DWM-221 B1 */
1222
1216
{QMI_FIXED_INTF(0x2001, 0x7e35, 4)}, /* D-Link DWM-222 */
1223
1217
{QMI_FIXED_INTF(0x2020, 0x2031, 4)}, /* Olicard 600 */
+1
-1
drivers/net/wireless/ath/ath10k/ce.c
+1
-1
drivers/net/wireless/ath/ath10k/ce.c
+1
drivers/net/wireless/ath/ath10k/core.c
+1
drivers/net/wireless/ath/ath10k/core.c
+3
drivers/net/wireless/ath/ath10k/core.h
+3
drivers/net/wireless/ath/ath10k/core.h
+3
-3
drivers/net/wireless/ath/ath10k/coredump.c
+3
-3
drivers/net/wireless/ath/ath10k/coredump.c
···
1102
1102
{
1103
1103
struct ath10k_fw_crash_data *crash_data = ar->coredump.fw_crash_data;
1104
1104
1105
-
lockdep_assert_held(&ar->data_lock);
1105
+
lockdep_assert_held(&ar->dump_mutex);
1106
1106
1107
1107
if (ath10k_coredump_mask == 0)
1108
1108
/* coredump disabled */
···
1146
1146
if (!buf)
1147
1147
return NULL;
1148
1148
1149
-
spin_lock_bh(&ar->data_lock);
1149
+
mutex_lock(&ar->dump_mutex);
1150
1150
1151
1151
dump_data = (struct ath10k_dump_file_data *)(buf);
1152
1152
strlcpy(dump_data->df_magic, "ATH10K-FW-DUMP",
···
1213
1213
sofar += sizeof(*dump_tlv) + crash_data->ramdump_buf_len;
1214
1214
}
1215
1215
1216
-
spin_unlock_bh(&ar->data_lock);
1216
+
mutex_unlock(&ar->dump_mutex);
1217
1217
1218
1218
return dump_data;
1219
1219
}
+2
-2
drivers/net/wireless/ath/ath10k/mac.c
+2
-2
drivers/net/wireless/ath/ath10k/mac.c
···
5774
5774
}
5775
5775
5776
5776
if (changed & BSS_CHANGED_MCAST_RATE &&
5777
-
!WARN_ON(ath10k_mac_vif_chan(arvif->vif, &def))) {
5777
+
!ath10k_mac_vif_chan(arvif->vif, &def)) {
5778
5778
band = def.chan->band;
5779
5779
rateidx = vif->bss_conf.mcast_rate[band] - 1;
5780
5780
···
5812
5812
}
5813
5813
5814
5814
if (changed & BSS_CHANGED_BASIC_RATES) {
5815
-
if (WARN_ON(ath10k_mac_vif_chan(vif, &def))) {
5815
+
if (ath10k_mac_vif_chan(vif, &def)) {
5816
5816
mutex_unlock(&ar->conf_mutex);
5817
5817
return;
5818
5818
}
+19
-5
drivers/net/wireless/ath/ath10k/pci.c
+19
-5
drivers/net/wireless/ath/ath10k/pci.c
···
1441
1441
__le32 reg_dump_values[REG_DUMP_COUNT_QCA988X] = {};
1442
1442
int i, ret;
1443
1443
1444
-
lockdep_assert_held(&ar->data_lock);
1444
+
lockdep_assert_held(&ar->dump_mutex);
1445
1445
1446
1446
ret = ath10k_pci_diag_read_hi(ar, ®_dump_values[0],
1447
1447
hi_failure_state,
···
1656
1656
int ret, i;
1657
1657
u8 *buf;
1658
1658
1659
-
lockdep_assert_held(&ar->data_lock);
1659
+
lockdep_assert_held(&ar->dump_mutex);
1660
1660
1661
1661
if (!crash_data)
1662
1662
return;
···
1734
1734
}
1735
1735
}
1736
1736
1737
-
static void ath10k_pci_fw_crashed_dump(struct ath10k *ar)
1737
+
static void ath10k_pci_fw_dump_work(struct work_struct *work)
1738
1738
{
1739
+
struct ath10k_pci *ar_pci = container_of(work, struct ath10k_pci,
1740
+
dump_work);
1739
1741
struct ath10k_fw_crash_data *crash_data;
1742
+
struct ath10k *ar = ar_pci->ar;
1740
1743
char guid[UUID_STRING_LEN + 1];
1741
1744
1742
-
spin_lock_bh(&ar->data_lock);
1745
+
mutex_lock(&ar->dump_mutex);
1743
1746
1747
+
spin_lock_bh(&ar->data_lock);
1744
1748
ar->stats.fw_crash_counter++;
1749
+
spin_unlock_bh(&ar->data_lock);
1745
1750
1746
1751
crash_data = ath10k_coredump_new(ar);
1747
1752
···
1761
1756
ath10k_ce_dump_registers(ar, crash_data);
1762
1757
ath10k_pci_dump_memory(ar, crash_data);
1763
1758
1764
-
spin_unlock_bh(&ar->data_lock);
1759
+
mutex_unlock(&ar->dump_mutex);
1765
1760
1766
1761
queue_work(ar->workqueue, &ar->restart_work);
1762
+
}
1763
+
1764
+
static void ath10k_pci_fw_crashed_dump(struct ath10k *ar)
1765
+
{
1766
+
struct ath10k_pci *ar_pci = ath10k_pci_priv(ar);
1767
+
1768
+
queue_work(ar->workqueue, &ar_pci->dump_work);
1767
1769
}
1768
1770
1769
1771
void ath10k_pci_hif_send_complete_check(struct ath10k *ar, u8 pipe,
···
3453
3441
spin_lock_init(&ce->ce_lock);
3454
3442
spin_lock_init(&ar_pci->ps_lock);
3455
3443
mutex_init(&ar_pci->ce_diag_mutex);
3444
+
3445
+
INIT_WORK(&ar_pci->dump_work, ath10k_pci_fw_dump_work);
3456
3446
3457
3447
timer_setup(&ar_pci->rx_post_retry, ath10k_pci_rx_replenish_retry, 0);
3458
3448
+2
drivers/net/wireless/ath/ath10k/pci.h
+2
drivers/net/wireless/ath/ath10k/pci.h
+1
-1
drivers/net/wireless/intel/iwlwifi/cfg/22000.c
+1
-1
drivers/net/wireless/intel/iwlwifi/cfg/22000.c
···
207
207
#define IWL_DEVICE_AX210 \
208
208
IWL_DEVICE_AX200_COMMON, \
209
209
.device_family = IWL_DEVICE_FAMILY_AX210, \
210
-
.base_params = &iwl_22000_base_params, \
210
+
.base_params = &iwl_22560_base_params, \
211
211
.csr = &iwl_csr_v1, \
212
212
.min_txq_size = 128, \
213
213
.gp2_reg_addr = 0xd02c68, \
+2
-1
drivers/net/wireless/intel/iwlwifi/cfg/5000.c
+2
-1
drivers/net/wireless/intel/iwlwifi/cfg/5000.c
···
1
1
/******************************************************************************
2
2
*
3
3
* Copyright(c) 2007 - 2014 Intel Corporation. All rights reserved.
4
-
* Copyright(c) 2018 Intel Corporation
4
+
* Copyright(c) 2018 - 2019 Intel Corporation
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify it
7
7
* under the terms of version 2 of the GNU General Public License as
···
136
136
.ht_params = &iwl5000_ht_params,
137
137
.led_mode = IWL_LED_BLINK,
138
138
.internal_wimax_coex = true,
139
+
.csr = &iwl_csr_v1,
139
140
};
140
141
141
142
#define IWL_DEVICE_5150 \
+9
-6
drivers/net/wireless/intel/iwlwifi/fw/file.h
+9
-6
drivers/net/wireless/intel/iwlwifi/fw/file.h
···
93
93
} u;
94
94
};
95
95
96
-
#define IWL_UCODE_INI_TLV_GROUP BIT(24)
96
+
#define IWL_UCODE_INI_TLV_GROUP 0x1000000
97
97
98
98
/*
99
99
* new TLV uCode file layout
···
148
148
IWL_UCODE_TLV_UMAC_DEBUG_ADDRS = 54,
149
149
IWL_UCODE_TLV_LMAC_DEBUG_ADDRS = 55,
150
150
IWL_UCODE_TLV_FW_RECOVERY_INFO = 57,
151
-
IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION = IWL_UCODE_INI_TLV_GROUP | 0x1,
152
-
IWL_UCODE_TLV_TYPE_HCMD = IWL_UCODE_INI_TLV_GROUP | 0x2,
153
-
IWL_UCODE_TLV_TYPE_REGIONS = IWL_UCODE_INI_TLV_GROUP | 0x3,
154
-
IWL_UCODE_TLV_TYPE_TRIGGERS = IWL_UCODE_INI_TLV_GROUP | 0x4,
155
-
IWL_UCODE_TLV_TYPE_DEBUG_FLOW = IWL_UCODE_INI_TLV_GROUP | 0x5,
151
+
152
+
IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION = IWL_UCODE_INI_TLV_GROUP + 0x1,
153
+
IWL_UCODE_TLV_DEBUG_BASE = IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION,
154
+
IWL_UCODE_TLV_TYPE_HCMD = IWL_UCODE_INI_TLV_GROUP + 0x2,
155
+
IWL_UCODE_TLV_TYPE_REGIONS = IWL_UCODE_INI_TLV_GROUP + 0x3,
156
+
IWL_UCODE_TLV_TYPE_TRIGGERS = IWL_UCODE_INI_TLV_GROUP + 0x4,
157
+
IWL_UCODE_TLV_TYPE_DEBUG_FLOW = IWL_UCODE_INI_TLV_GROUP + 0x5,
158
+
IWL_UCODE_TLV_DEBUG_MAX = IWL_UCODE_TLV_TYPE_DEBUG_FLOW,
156
159
157
160
/* TLVs 0x1000-0x2000 are for internal driver usage */
158
161
IWL_UCODE_TLV_FW_DBG_DUMP_LST = 0x1000,
+2
-1
drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c
+2
-1
drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c
+5
drivers/net/wireless/intel/iwlwifi/mvm/debugfs-vif.c
+5
drivers/net/wireless/intel/iwlwifi/mvm/debugfs-vif.c
···
773
773
return;
774
774
775
775
mvmvif->dbgfs_dir = debugfs_create_dir("iwlmvm", dbgfs_dir);
776
+
if (IS_ERR_OR_NULL(mvmvif->dbgfs_dir)) {
777
+
IWL_ERR(mvm, "Failed to create debugfs directory under %pd\n",
778
+
dbgfs_dir);
779
+
return;
780
+
}
776
781
777
782
if (iwlmvm_mod_params.power_scheme != IWL_POWER_SCHEME_CAM &&
778
783
((vif->type == NL80211_IFTYPE_STATION && !vif->p2p) ||
+3
-1
drivers/net/wireless/intel/iwlwifi/mvm/fw.c
+3
-1
drivers/net/wireless/intel/iwlwifi/mvm/fw.c
···
1121
1121
ret = iwl_mvm_load_rt_fw(mvm);
1122
1122
if (ret) {
1123
1123
IWL_ERR(mvm, "Failed to start RT ucode: %d\n", ret);
1124
-
iwl_fw_dbg_error_collect(&mvm->fwrt, FW_DBG_TRIGGER_DRIVER);
1124
+
if (ret != -ERFKILL)
1125
+
iwl_fw_dbg_error_collect(&mvm->fwrt,
1126
+
FW_DBG_TRIGGER_DRIVER);
1125
1127
goto error;
1126
1128
}
1127
1129
+1
-1
drivers/net/wireless/intel/iwlwifi/mvm/ops.c
+1
-1
drivers/net/wireless/intel/iwlwifi/mvm/ops.c
···
834
834
mutex_lock(&mvm->mutex);
835
835
iwl_mvm_ref(mvm, IWL_MVM_REF_INIT_UCODE);
836
836
err = iwl_run_init_mvm_ucode(mvm, true);
837
-
if (err)
837
+
if (err && err != -ERFKILL)
838
838
iwl_fw_dbg_error_collect(&mvm->fwrt, FW_DBG_TRIGGER_DRIVER);
839
839
if (!iwlmvm_mod_params.init_dbg || !err)
840
840
iwl_mvm_stop_device(mvm);
+24
-4
drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c
+24
-4
drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c
···
169
169
}
170
170
171
171
/* iwl_mvm_create_skb Adds the rxb to a new skb */
172
-
static void iwl_mvm_create_skb(struct sk_buff *skb, struct ieee80211_hdr *hdr,
173
-
u16 len, u8 crypt_len,
174
-
struct iwl_rx_cmd_buffer *rxb)
172
+
static int iwl_mvm_create_skb(struct iwl_mvm *mvm, struct sk_buff *skb,
173
+
struct ieee80211_hdr *hdr, u16 len, u8 crypt_len,
174
+
struct iwl_rx_cmd_buffer *rxb)
175
175
{
176
176
struct iwl_rx_packet *pkt = rxb_addr(rxb);
177
177
struct iwl_rx_mpdu_desc *desc = (void *)pkt->data;
···
204
204
* present before copying packet data.
205
205
*/
206
206
hdrlen += crypt_len;
207
+
208
+
if (WARN_ONCE(headlen < hdrlen,
209
+
"invalid packet lengths (hdrlen=%d, len=%d, crypt_len=%d)\n",
210
+
hdrlen, len, crypt_len)) {
211
+
/*
212
+
* We warn and trace because we want to be able to see
213
+
* it in trace-cmd as well.
214
+
*/
215
+
IWL_DEBUG_RX(mvm,
216
+
"invalid packet lengths (hdrlen=%d, len=%d, crypt_len=%d)\n",
217
+
hdrlen, len, crypt_len);
218
+
return -EINVAL;
219
+
}
220
+
207
221
skb_put_data(skb, hdr, hdrlen);
208
222
skb_put_data(skb, (u8 *)hdr + hdrlen + pad_len, headlen - hdrlen);
209
223
···
230
216
skb_add_rx_frag(skb, 0, rxb_steal_page(rxb), offset,
231
217
fraglen, rxb->truesize);
232
218
}
219
+
220
+
return 0;
233
221
}
234
222
235
223
static void iwl_mvm_add_rtap_sniffer_config(struct iwl_mvm *mvm,
···
1687
1671
rx_status->boottime_ns = ktime_get_boot_ns();
1688
1672
}
1689
1673
1690
-
iwl_mvm_create_skb(skb, hdr, len, crypt_len, rxb);
1674
+
if (iwl_mvm_create_skb(mvm, skb, hdr, len, crypt_len, rxb)) {
1675
+
kfree_skb(skb);
1676
+
goto out;
1677
+
}
1678
+
1691
1679
if (!iwl_mvm_reorder(mvm, napi, queue, sta, skb, desc))
1692
1680
iwl_mvm_pass_packet_to_mac80211(mvm, napi, skb, queue,
1693
1681
sta, csi);
+13
-6
drivers/net/wireless/intel/iwlwifi/pcie/trans.c
+13
-6
drivers/net/wireless/intel/iwlwifi/pcie/trans.c
···
3654
3654
3655
3655
void iwl_trans_pcie_sync_nmi(struct iwl_trans *trans)
3656
3656
{
3657
+
struct iwl_trans_pcie *trans_pcie = IWL_TRANS_GET_PCIE_TRANS(trans);
3657
3658
unsigned long timeout = jiffies + IWL_TRANS_NMI_TIMEOUT;
3659
+
u32 inta_addr, sw_err_bit;
3660
+
3661
+
if (trans_pcie->msix_enabled) {
3662
+
inta_addr = CSR_MSIX_HW_INT_CAUSES_AD;
3663
+
sw_err_bit = MSIX_HW_INT_CAUSES_REG_SW_ERR;
3664
+
} else {
3665
+
inta_addr = CSR_INT;
3666
+
sw_err_bit = CSR_INT_BIT_SW_ERR;
3667
+
}
3658
3668
3659
3669
iwl_disable_interrupts(trans);
3660
3670
iwl_force_nmi(trans);
3661
3671
while (time_after(timeout, jiffies)) {
3662
-
u32 inta_hw = iwl_read32(trans,
3663
-
CSR_MSIX_HW_INT_CAUSES_AD);
3672
+
u32 inta_hw = iwl_read32(trans, inta_addr);
3664
3673
3665
3674
/* Error detected by uCode */
3666
-
if (inta_hw & MSIX_HW_INT_CAUSES_REG_SW_ERR) {
3675
+
if (inta_hw & sw_err_bit) {
3667
3676
/* Clear causes register */
3668
-
iwl_write32(trans, CSR_MSIX_HW_INT_CAUSES_AD,
3669
-
inta_hw &
3670
-
MSIX_HW_INT_CAUSES_REG_SW_ERR);
3677
+
iwl_write32(trans, inta_addr, inta_hw & sw_err_bit);
3671
3678
break;
3672
3679
}
3673
3680
+1
-1
drivers/net/wireless/marvell/mwifiex/sdio.c
+1
-1
drivers/net/wireless/marvell/mwifiex/sdio.c
+17
-2
drivers/pci/pci.c
+17
-2
drivers/pci/pci.c
···
6262
6262
} else if (!strncmp(str, "pcie_scan_all", 13)) {
6263
6263
pci_add_flags(PCI_SCAN_ALL_PCIE_DEVS);
6264
6264
} else if (!strncmp(str, "disable_acs_redir=", 18)) {
6265
-
disable_acs_redir_param =
6266
-
kstrdup(str + 18, GFP_KERNEL);
6265
+
disable_acs_redir_param = str + 18;
6267
6266
} else {
6268
6267
printk(KERN_ERR "PCI: Unknown option `%s'\n",
6269
6268
str);
···
6273
6274
return 0;
6274
6275
}
6275
6276
early_param("pci", pci_setup);
6277
+
6278
+
/*
6279
+
* 'disable_acs_redir_param' is initialized in pci_setup(), above, to point
6280
+
* to data in the __initdata section which will be freed after the init
6281
+
* sequence is complete. We can't allocate memory in pci_setup() because some
6282
+
* architectures do not have any memory allocation service available during
6283
+
* an early_param() call. So we allocate memory and copy the variable here
6284
+
* before the init section is freed.
6285
+
*/
6286
+
static int __init pci_realloc_setup_params(void)
6287
+
{
6288
+
disable_acs_redir_param = kstrdup(disable_acs_redir_param, GFP_KERNEL);
6289
+
6290
+
return 0;
6291
+
}
6292
+
pure_initcall(pci_realloc_setup_params);
+8
drivers/pci/pcie/Kconfig
+8
drivers/pci/pcie/Kconfig
···
142
142
143
143
This is only useful if you have devices that support PTM, but it
144
144
is safe to enable even if you don't.
145
+
146
+
config PCIE_BW
147
+
bool "PCI Express Bandwidth Change Notification"
148
+
depends on PCIEPORTBUS
149
+
help
150
+
This enables PCI Express Bandwidth Change Notification. If
151
+
you know link width or rate changes occur only to correct
152
+
unreliable links, you may answer Y.
+1
-1
drivers/pci/pcie/Makefile
+1
-1
drivers/pci/pcie/Makefile
···
3
3
# Makefile for PCI Express features and port driver
4
4
5
5
pcieportdrv-y := portdrv_core.o portdrv_pci.o err.o
6
-
pcieportdrv-y += bw_notification.o
7
6
8
7
obj-$(CONFIG_PCIEPORTBUS) += pcieportdrv.o
9
8
···
12
13
obj-$(CONFIG_PCIE_PME) += pme.o
13
14
obj-$(CONFIG_PCIE_DPC) += dpc.o
14
15
obj-$(CONFIG_PCIE_PTM) += ptm.o
16
+
obj-$(CONFIG_PCIE_BW) += bw_notification.o
+4
drivers/pci/pcie/portdrv.h
+4
drivers/pci/pcie/portdrv.h
···
49
49
static inline int pcie_dpc_init(void) { return 0; }
50
50
#endif
51
51
52
+
#ifdef CONFIG_PCIE_BW
52
53
int pcie_bandwidth_notification_init(void);
54
+
#else
55
+
static inline int pcie_bandwidth_notification_init(void) { return 0; }
56
+
#endif
53
57
54
58
/* Port Type */
55
59
#define PCIE_ANY_PORT (~0)
+2
-1
drivers/pci/pcie/portdrv_core.c
+2
-1
drivers/pci/pcie/portdrv_core.c
···
55
55
* 7.8.2, 7.10.10, 7.31.2.
56
56
*/
57
57
58
-
if (mask & (PCIE_PORT_SERVICE_PME | PCIE_PORT_SERVICE_HP)) {
58
+
if (mask & (PCIE_PORT_SERVICE_PME | PCIE_PORT_SERVICE_HP |
59
+
PCIE_PORT_SERVICE_BWNOTIF)) {
59
60
pcie_capability_read_word(dev, PCI_EXP_FLAGS, ®16);
60
61
*pme = (reg16 & PCI_EXP_FLAGS_IRQ) >> 9;
61
62
nvec = *pme + 1;
+3
drivers/power/supply/cpcap-battery.c
+3
drivers/power/supply/cpcap-battery.c
-6
drivers/power/supply/power_supply_sysfs.c
-6
drivers/power/supply/power_supply_sysfs.c
···
383
383
char *prop_buf;
384
384
char *attrname;
385
385
386
-
dev_dbg(dev, "uevent\n");
387
-
388
386
if (!psy || !psy->desc) {
389
387
dev_dbg(dev, "No power supply yet\n");
390
388
return ret;
391
389
}
392
-
393
-
dev_dbg(dev, "POWER_SUPPLY_NAME=%s\n", psy->desc->name);
394
390
395
391
ret = add_uevent_var(env, "POWER_SUPPLY_NAME=%s", psy->desc->name);
396
392
if (ret)
···
422
426
ret = -ENOMEM;
423
427
goto out;
424
428
}
425
-
426
-
dev_dbg(dev, "prop %s=%s\n", attrname, prop_buf);
427
429
428
430
ret = add_uevent_var(env, "POWER_SUPPLY_%s=%s", attrname, prop_buf);
429
431
kfree(attrname);
-13
drivers/usb/core/driver.c
-13
drivers/usb/core/driver.c
···
473
473
pm_runtime_disable(dev);
474
474
pm_runtime_set_suspended(dev);
475
475
476
-
/* Undo any residual pm_autopm_get_interface_* calls */
477
-
for (r = atomic_read(&intf->pm_usage_cnt); r > 0; --r)
478
-
usb_autopm_put_interface_no_suspend(intf);
479
-
atomic_set(&intf->pm_usage_cnt, 0);
480
-
481
476
if (!error)
482
477
usb_autosuspend_device(udev);
483
478
···
1628
1633
int status;
1629
1634
1630
1635
usb_mark_last_busy(udev);
1631
-
atomic_dec(&intf->pm_usage_cnt);
1632
1636
status = pm_runtime_put_sync(&intf->dev);
1633
1637
dev_vdbg(&intf->dev, "%s: cnt %d -> %d\n",
1634
1638
__func__, atomic_read(&intf->dev.power.usage_count),
···
1656
1662
int status;
1657
1663
1658
1664
usb_mark_last_busy(udev);
1659
-
atomic_dec(&intf->pm_usage_cnt);
1660
1665
status = pm_runtime_put(&intf->dev);
1661
1666
dev_vdbg(&intf->dev, "%s: cnt %d -> %d\n",
1662
1667
__func__, atomic_read(&intf->dev.power.usage_count),
···
1677
1684
struct usb_device *udev = interface_to_usbdev(intf);
1678
1685
1679
1686
usb_mark_last_busy(udev);
1680
-
atomic_dec(&intf->pm_usage_cnt);
1681
1687
pm_runtime_put_noidle(&intf->dev);
1682
1688
}
1683
1689
EXPORT_SYMBOL_GPL(usb_autopm_put_interface_no_suspend);
···
1707
1715
status = pm_runtime_get_sync(&intf->dev);
1708
1716
if (status < 0)
1709
1717
pm_runtime_put_sync(&intf->dev);
1710
-
else
1711
-
atomic_inc(&intf->pm_usage_cnt);
1712
1718
dev_vdbg(&intf->dev, "%s: cnt %d -> %d\n",
1713
1719
__func__, atomic_read(&intf->dev.power.usage_count),
1714
1720
status);
···
1740
1750
status = pm_runtime_get(&intf->dev);
1741
1751
if (status < 0 && status != -EINPROGRESS)
1742
1752
pm_runtime_put_noidle(&intf->dev);
1743
-
else
1744
-
atomic_inc(&intf->pm_usage_cnt);
1745
1753
dev_vdbg(&intf->dev, "%s: cnt %d -> %d\n",
1746
1754
__func__, atomic_read(&intf->dev.power.usage_count),
1747
1755
status);
···
1763
1775
struct usb_device *udev = interface_to_usbdev(intf);
1764
1776
1765
1777
usb_mark_last_busy(udev);
1766
-
atomic_inc(&intf->pm_usage_cnt);
1767
1778
pm_runtime_get_noresume(&intf->dev);
1768
1779
}
1769
1780
EXPORT_SYMBOL_GPL(usb_autopm_get_interface_no_resume);
+3
-1
drivers/usb/core/message.c
+3
-1
drivers/usb/core/message.c
···
820
820
821
821
if (dev->state == USB_STATE_SUSPENDED)
822
822
return -EHOSTUNREACH;
823
-
if (size <= 0 || !buf || !index)
823
+
if (size <= 0 || !buf)
824
824
return -EINVAL;
825
825
buf[0] = 0;
826
+
if (index <= 0 || index >= 256)
827
+
return -EINVAL;
826
828
tbuf = kmalloc(256, GFP_NOIO);
827
829
if (!tbuf)
828
830
return -ENOMEM;
+15
-4
drivers/usb/gadget/udc/dummy_hcd.c
+15
-4
drivers/usb/gadget/udc/dummy_hcd.c
···
979
979
struct dummy_hcd *dum_hcd = gadget_to_dummy_hcd(g);
980
980
struct dummy *dum = dum_hcd->dum;
981
981
982
-
if (driver->max_speed == USB_SPEED_UNKNOWN)
982
+
switch (g->speed) {
983
+
/* All the speeds we support */
984
+
case USB_SPEED_LOW:
985
+
case USB_SPEED_FULL:
986
+
case USB_SPEED_HIGH:
987
+
case USB_SPEED_SUPER:
988
+
break;
989
+
default:
990
+
dev_err(dummy_dev(dum_hcd), "Unsupported driver max speed %d\n",
991
+
driver->max_speed);
983
992
return -EINVAL;
993
+
}
984
994
985
995
/*
986
996
* SLAVE side init ... the layer above hardware, which
···
1794
1784
/* Bus speed is 500000 bytes/ms, so use a little less */
1795
1785
total = 490000;
1796
1786
break;
1797
-
default:
1787
+
default: /* Can't happen */
1798
1788
dev_err(dummy_dev(dum_hcd), "bogus device speed\n");
1799
-
return;
1789
+
total = 0;
1790
+
break;
1800
1791
}
1801
1792
1802
1793
/* FIXME if HZ != 1000 this will probably misbehave ... */
···
1839
1828
1840
1829
/* Used up this frame's bandwidth? */
1841
1830
if (total <= 0)
1842
-
break;
1831
+
continue;
1843
1832
1844
1833
/* find the gadget's ep for this request (if configured) */
1845
1834
address = usb_pipeendpoint (urb->pipe);
+1
drivers/usb/misc/yurex.c
+1
drivers/usb/misc/yurex.c
+5
-8
drivers/usb/storage/realtek_cr.c
+5
-8
drivers/usb/storage/realtek_cr.c
···
763
763
break;
764
764
case RTS51X_STAT_IDLE:
765
765
case RTS51X_STAT_SS:
766
-
usb_stor_dbg(us, "RTS51X_STAT_SS, intf->pm_usage_cnt:%d, power.usage:%d\n",
767
-
atomic_read(&us->pusb_intf->pm_usage_cnt),
766
+
usb_stor_dbg(us, "RTS51X_STAT_SS, power.usage:%d\n",
768
767
atomic_read(&us->pusb_intf->dev.power.usage_count));
769
768
770
-
if (atomic_read(&us->pusb_intf->pm_usage_cnt) > 0) {
769
+
if (atomic_read(&us->pusb_intf->dev.power.usage_count) > 0) {
771
770
usb_stor_dbg(us, "Ready to enter SS state\n");
772
771
rts51x_set_stat(chip, RTS51X_STAT_SS);
773
772
/* ignore mass storage interface's children */
774
773
pm_suspend_ignore_children(&us->pusb_intf->dev, true);
775
774
usb_autopm_put_interface_async(us->pusb_intf);
776
-
usb_stor_dbg(us, "RTS51X_STAT_SS 01, intf->pm_usage_cnt:%d, power.usage:%d\n",
777
-
atomic_read(&us->pusb_intf->pm_usage_cnt),
775
+
usb_stor_dbg(us, "RTS51X_STAT_SS 01, power.usage:%d\n",
778
776
atomic_read(&us->pusb_intf->dev.power.usage_count));
779
777
}
780
778
break;
···
805
807
int ret;
806
808
807
809
if (working_scsi(srb)) {
808
-
usb_stor_dbg(us, "working scsi, intf->pm_usage_cnt:%d, power.usage:%d\n",
809
-
atomic_read(&us->pusb_intf->pm_usage_cnt),
810
+
usb_stor_dbg(us, "working scsi, power.usage:%d\n",
810
811
atomic_read(&us->pusb_intf->dev.power.usage_count));
811
812
812
-
if (atomic_read(&us->pusb_intf->pm_usage_cnt) <= 0) {
813
+
if (atomic_read(&us->pusb_intf->dev.power.usage_count) <= 0) {
813
814
ret = usb_autopm_get_interface(us->pusb_intf);
814
815
usb_stor_dbg(us, "working scsi, ret=%d\n", ret);
815
816
}
+3
-9
drivers/usb/usbip/stub_rx.c
+3
-9
drivers/usb/usbip/stub_rx.c
···
361
361
}
362
362
363
363
if (usb_endpoint_xfer_isoc(epd)) {
364
-
/* validate packet size and number of packets */
365
-
unsigned int maxp, packets, bytes;
366
-
367
-
maxp = usb_endpoint_maxp(epd);
368
-
maxp *= usb_endpoint_maxp_mult(epd);
369
-
bytes = pdu->u.cmd_submit.transfer_buffer_length;
370
-
packets = DIV_ROUND_UP(bytes, maxp);
371
-
364
+
/* validate number of packets */
372
365
if (pdu->u.cmd_submit.number_of_packets < 0 ||
373
-
pdu->u.cmd_submit.number_of_packets > packets) {
366
+
pdu->u.cmd_submit.number_of_packets >
367
+
USBIP_MAX_ISO_PACKETS) {
374
368
dev_err(&sdev->udev->dev,
375
369
"CMD_SUBMIT: isoc invalid num packets %d\n",
376
370
pdu->u.cmd_submit.number_of_packets);
+7
drivers/usb/usbip/usbip_common.h
+7
drivers/usb/usbip/usbip_common.h
···
121
121
#define USBIP_DIR_OUT 0x00
122
122
#define USBIP_DIR_IN 0x01
123
123
124
+
/*
125
+
* Arbitrary limit for the maximum number of isochronous packets in an URB,
126
+
* compare for example the uhci_submit_isochronous function in
127
+
* drivers/usb/host/uhci-q.c
128
+
*/
129
+
#define USBIP_MAX_ISO_PACKETS 1024
130
+
124
131
/**
125
132
* struct usbip_header_basic - data pertinent to every request
126
133
* @command: the usbip request type
+3
-3
drivers/w1/masters/ds2490.c
+3
-3
drivers/w1/masters/ds2490.c
···
1016
1016
/* alternative 3, 1ms interrupt (greatly speeds search), 64 byte bulk */
1017
1017
alt = 3;
1018
1018
err = usb_set_interface(dev->udev,
1019
-
intf->altsetting[alt].desc.bInterfaceNumber, alt);
1019
+
intf->cur_altsetting->desc.bInterfaceNumber, alt);
1020
1020
if (err) {
1021
1021
dev_err(&dev->udev->dev, "Failed to set alternative setting %d "
1022
1022
"for %d interface: err=%d.\n", alt,
1023
-
intf->altsetting[alt].desc.bInterfaceNumber, err);
1023
+
intf->cur_altsetting->desc.bInterfaceNumber, err);
1024
1024
goto err_out_clear;
1025
1025
}
1026
1026
1027
-
iface_desc = &intf->altsetting[alt];
1027
+
iface_desc = intf->cur_altsetting;
1028
1028
if (iface_desc->desc.bNumEndpoints != NUM_EP-1) {
1029
1029
pr_info("Num endpoints=%d. It is not DS9490R.\n",
1030
1030
iface_desc->desc.bNumEndpoints);
+2
-1
fs/block_dev.c
+2
-1
fs/block_dev.c
···
264
264
bio_for_each_segment_all(bvec, &bio, i, iter_all) {
265
265
if (should_dirty && !PageCompound(bvec->bv_page))
266
266
set_page_dirty_lock(bvec->bv_page);
267
-
put_page(bvec->bv_page);
267
+
if (!bio_flagged(&bio, BIO_NO_PAGE_REF))
268
+
put_page(bvec->bv_page);
268
269
}
269
270
270
271
if (unlikely(bio.bi_status))
+11
-4
fs/btrfs/file-item.c
+11
-4
fs/btrfs/file-item.c
···
7
7
#include <linux/slab.h>
8
8
#include <linux/pagemap.h>
9
9
#include <linux/highmem.h>
10
+
#include <linux/sched/mm.h>
10
11
#include "ctree.h"
11
12
#include "disk-io.h"
12
13
#include "transaction.h"
···
428
427
unsigned long this_sum_bytes = 0;
429
428
int i;
430
429
u64 offset;
430
+
unsigned nofs_flag;
431
431
432
-
sums = kzalloc(btrfs_ordered_sum_size(fs_info, bio->bi_iter.bi_size),
433
-
GFP_NOFS);
432
+
nofs_flag = memalloc_nofs_save();
433
+
sums = kvzalloc(btrfs_ordered_sum_size(fs_info, bio->bi_iter.bi_size),
434
+
GFP_KERNEL);
435
+
memalloc_nofs_restore(nofs_flag);
436
+
434
437
if (!sums)
435
438
return BLK_STS_RESOURCE;
436
439
···
477
472
478
473
bytes_left = bio->bi_iter.bi_size - total_bytes;
479
474
480
-
sums = kzalloc(btrfs_ordered_sum_size(fs_info, bytes_left),
481
-
GFP_NOFS);
475
+
nofs_flag = memalloc_nofs_save();
476
+
sums = kvzalloc(btrfs_ordered_sum_size(fs_info,
477
+
bytes_left), GFP_KERNEL);
478
+
memalloc_nofs_restore(nofs_flag);
482
479
BUG_ON(!sums); /* -ENOMEM */
483
480
sums->len = bytes_left;
484
481
ordered = btrfs_lookup_ordered_extent(inode,
+1
-1
fs/btrfs/inode.c
+1
-1
fs/btrfs/inode.c
+2
-1
fs/btrfs/ordered-data.c
+2
-1
fs/btrfs/ordered-data.c
···
6
6
#include <linux/slab.h>
7
7
#include <linux/blkdev.h>
8
8
#include <linux/writeback.h>
9
+
#include <linux/sched/mm.h>
9
10
#include "ctree.h"
10
11
#include "transaction.h"
11
12
#include "btrfs_inode.h"
···
443
442
cur = entry->list.next;
444
443
sum = list_entry(cur, struct btrfs_ordered_sum, list);
445
444
list_del(&sum->list);
446
-
kfree(sum);
445
+
kvfree(sum);
447
446
}
448
447
kmem_cache_free(btrfs_ordered_extent_cache, entry);
449
448
}
+5
-1
fs/ceph/dir.c
+5
-1
fs/ceph/dir.c
···
1766
1766
unsigned ceph_dentry_hash(struct inode *dir, struct dentry *dn)
1767
1767
{
1768
1768
struct ceph_inode_info *dci = ceph_inode(dir);
1769
+
unsigned hash;
1769
1770
1770
1771
switch (dci->i_dir_layout.dl_dir_hash) {
1771
1772
case 0: /* for backward compat */
···
1774
1773
return dn->d_name.hash;
1775
1774
1776
1775
default:
1777
-
return ceph_str_hash(dci->i_dir_layout.dl_dir_hash,
1776
+
spin_lock(&dn->d_lock);
1777
+
hash = ceph_str_hash(dci->i_dir_layout.dl_dir_hash,
1778
1778
dn->d_name.name, dn->d_name.len);
1779
+
spin_unlock(&dn->d_lock);
1780
+
return hash;
1779
1781
}
1780
1782
}
1781
1783
+15
-1
fs/ceph/inode.c
+15
-1
fs/ceph/inode.c
···
1163
1163
return 0;
1164
1164
}
1165
1165
1166
+
static int d_name_cmp(struct dentry *dentry, const char *name, size_t len)
1167
+
{
1168
+
int ret;
1169
+
1170
+
/* take d_lock to ensure dentry->d_name stability */
1171
+
spin_lock(&dentry->d_lock);
1172
+
ret = dentry->d_name.len - len;
1173
+
if (!ret)
1174
+
ret = memcmp(dentry->d_name.name, name, len);
1175
+
spin_unlock(&dentry->d_lock);
1176
+
return ret;
1177
+
}
1178
+
1166
1179
/*
1167
1180
* Incorporate results into the local cache. This is either just
1168
1181
* one inode, or a directory, dentry, and possibly linked-to inode (e.g.,
···
1425
1412
err = splice_dentry(&req->r_dentry, in);
1426
1413
if (err < 0)
1427
1414
goto done;
1428
-
} else if (rinfo->head->is_dentry) {
1415
+
} else if (rinfo->head->is_dentry &&
1416
+
!d_name_cmp(req->r_dentry, rinfo->dname, rinfo->dname_len)) {
1429
1417
struct ceph_vino *ptvino = NULL;
1430
1418
1431
1419
if ((le32_to_cpu(rinfo->diri.in->cap.caps) & CEPH_CAP_FILE_SHARED) ||
+59
-11
fs/ceph/mds_client.c
+59
-11
fs/ceph/mds_client.c
···
1414
1414
list_add(&ci->i_prealloc_cap_flush->i_list, &to_remove);
1415
1415
ci->i_prealloc_cap_flush = NULL;
1416
1416
}
1417
+
1418
+
if (drop &&
1419
+
ci->i_wrbuffer_ref_head == 0 &&
1420
+
ci->i_wr_ref == 0 &&
1421
+
ci->i_dirty_caps == 0 &&
1422
+
ci->i_flushing_caps == 0) {
1423
+
ceph_put_snap_context(ci->i_head_snapc);
1424
+
ci->i_head_snapc = NULL;
1425
+
}
1417
1426
}
1418
1427
spin_unlock(&ci->i_ceph_lock);
1419
1428
while (!list_empty(&to_remove)) {
···
2170
2161
return path;
2171
2162
}
2172
2163
2164
+
/* Duplicate the dentry->d_name.name safely */
2165
+
static int clone_dentry_name(struct dentry *dentry, const char **ppath,
2166
+
int *ppathlen)
2167
+
{
2168
+
u32 len;
2169
+
char *name;
2170
+
2171
+
retry:
2172
+
len = READ_ONCE(dentry->d_name.len);
2173
+
name = kmalloc(len + 1, GFP_NOFS);
2174
+
if (!name)
2175
+
return -ENOMEM;
2176
+
2177
+
spin_lock(&dentry->d_lock);
2178
+
if (dentry->d_name.len != len) {
2179
+
spin_unlock(&dentry->d_lock);
2180
+
kfree(name);
2181
+
goto retry;
2182
+
}
2183
+
memcpy(name, dentry->d_name.name, len);
2184
+
spin_unlock(&dentry->d_lock);
2185
+
2186
+
name[len] = '\0';
2187
+
*ppath = name;
2188
+
*ppathlen = len;
2189
+
return 0;
2190
+
}
2191
+
2173
2192
static int build_dentry_path(struct dentry *dentry, struct inode *dir,
2174
2193
const char **ppath, int *ppathlen, u64 *pino,
2175
-
int *pfreepath)
2194
+
bool *pfreepath, bool parent_locked)
2176
2195
{
2196
+
int ret;
2177
2197
char *path;
2178
2198
2179
2199
rcu_read_lock();
···
2211
2173
if (dir && ceph_snap(dir) == CEPH_NOSNAP) {
2212
2174
*pino = ceph_ino(dir);
2213
2175
rcu_read_unlock();
2214
-
*ppath = dentry->d_name.name;
2215
-
*ppathlen = dentry->d_name.len;
2176
+
if (parent_locked) {
2177
+
*ppath = dentry->d_name.name;
2178
+
*ppathlen = dentry->d_name.len;
2179
+
} else {
2180
+
ret = clone_dentry_name(dentry, ppath, ppathlen);
2181
+
if (ret)
2182
+
return ret;
2183
+
*pfreepath = true;
2184
+
}
2216
2185
return 0;
2217
2186
}
2218
2187
rcu_read_unlock();
···
2227
2182
if (IS_ERR(path))
2228
2183
return PTR_ERR(path);
2229
2184
*ppath = path;
2230
-
*pfreepath = 1;
2185
+
*pfreepath = true;
2231
2186
return 0;
2232
2187
}
2233
2188
2234
2189
static int build_inode_path(struct inode *inode,
2235
2190
const char **ppath, int *ppathlen, u64 *pino,
2236
-
int *pfreepath)
2191
+
bool *pfreepath)
2237
2192
{
2238
2193
struct dentry *dentry;
2239
2194
char *path;
···
2249
2204
if (IS_ERR(path))
2250
2205
return PTR_ERR(path);
2251
2206
*ppath = path;
2252
-
*pfreepath = 1;
2207
+
*pfreepath = true;
2253
2208
return 0;
2254
2209
}
2255
2210
···
2260
2215
static int set_request_path_attr(struct inode *rinode, struct dentry *rdentry,
2261
2216
struct inode *rdiri, const char *rpath,
2262
2217
u64 rino, const char **ppath, int *pathlen,
2263
-
u64 *ino, int *freepath)
2218
+
u64 *ino, bool *freepath, bool parent_locked)
2264
2219
{
2265
2220
int r = 0;
2266
2221
···
2270
2225
ceph_snap(rinode));
2271
2226
} else if (rdentry) {
2272
2227
r = build_dentry_path(rdentry, rdiri, ppath, pathlen, ino,
2273
-
freepath);
2228
+
freepath, parent_locked);
2274
2229
dout(" dentry %p %llx/%.*s\n", rdentry, *ino, *pathlen,
2275
2230
*ppath);
2276
2231
} else if (rpath || rino) {
···
2296
2251
const char *path2 = NULL;
2297
2252
u64 ino1 = 0, ino2 = 0;
2298
2253
int pathlen1 = 0, pathlen2 = 0;
2299
-
int freepath1 = 0, freepath2 = 0;
2254
+
bool freepath1 = false, freepath2 = false;
2300
2255
int len;
2301
2256
u16 releases;
2302
2257
void *p, *end;
···
2304
2259
2305
2260
ret = set_request_path_attr(req->r_inode, req->r_dentry,
2306
2261
req->r_parent, req->r_path1, req->r_ino1.ino,
2307
-
&path1, &pathlen1, &ino1, &freepath1);
2262
+
&path1, &pathlen1, &ino1, &freepath1,
2263
+
test_bit(CEPH_MDS_R_PARENT_LOCKED,
2264
+
&req->r_req_flags));
2308
2265
if (ret < 0) {
2309
2266
msg = ERR_PTR(ret);
2310
2267
goto out;
2311
2268
}
2312
2269
2270
+
/* If r_old_dentry is set, then assume that its parent is locked */
2313
2271
ret = set_request_path_attr(NULL, req->r_old_dentry,
2314
2272
req->r_old_dentry_dir,
2315
2273
req->r_path2, req->r_ino2.ino,
2316
-
&path2, &pathlen2, &ino2, &freepath2);
2274
+
&path2, &pathlen2, &ino2, &freepath2, true);
2317
2275
if (ret < 0) {
2318
2276
msg = ERR_PTR(ret);
2319
2277
goto out_free1;
+6
-1
fs/ceph/snap.c
+6
-1
fs/ceph/snap.c
···
572
572
old_snapc = NULL;
573
573
574
574
update_snapc:
575
-
if (ci->i_head_snapc) {
575
+
if (ci->i_wrbuffer_ref_head == 0 &&
576
+
ci->i_wr_ref == 0 &&
577
+
ci->i_dirty_caps == 0 &&
578
+
ci->i_flushing_caps == 0) {
579
+
ci->i_head_snapc = NULL;
580
+
} else {
576
581
ci->i_head_snapc = ceph_get_snap_context(new_snapc);
577
582
dout(" new snapc is %p\n", new_snapc);
578
583
}
+1
-14
fs/cifs/file.c
+1
-14
fs/cifs/file.c
···
2877
2877
struct cifs_tcon *tcon;
2878
2878
struct cifs_sb_info *cifs_sb;
2879
2879
struct dentry *dentry = ctx->cfile->dentry;
2880
-
unsigned int i;
2881
2880
int rc;
2882
2881
2883
2882
tcon = tlink_tcon(ctx->cfile->tlink);
···
2939
2940
list_del_init(&wdata->list);
2940
2941
kref_put(&wdata->refcount, cifs_uncached_writedata_release);
2941
2942
}
2942
-
2943
-
if (!ctx->direct_io)
2944
-
for (i = 0; i < ctx->npages; i++)
2945
-
put_page(ctx->bv[i].bv_page);
2946
2943
2947
2944
cifs_stats_bytes_written(tcon, ctx->total_len);
2948
2945
set_bit(CIFS_INO_INVALID_MAPPING, &CIFS_I(dentry->d_inode)->flags);
···
3577
3582
struct iov_iter *to = &ctx->iter;
3578
3583
struct cifs_sb_info *cifs_sb;
3579
3584
struct cifs_tcon *tcon;
3580
-
unsigned int i;
3581
3585
int rc;
3582
3586
3583
3587
tcon = tlink_tcon(ctx->cfile->tlink);
···
3660
3666
kref_put(&rdata->refcount, cifs_uncached_readdata_release);
3661
3667
}
3662
3668
3663
-
if (!ctx->direct_io) {
3664
-
for (i = 0; i < ctx->npages; i++) {
3665
-
if (ctx->should_dirty)
3666
-
set_page_dirty(ctx->bv[i].bv_page);
3667
-
put_page(ctx->bv[i].bv_page);
3668
-
}
3669
-
3669
+
if (!ctx->direct_io)
3670
3670
ctx->total_len = ctx->len - iov_iter_count(to);
3671
-
}
3672
3671
3673
3672
/* mask nodata case */
3674
3673
if (rc == -ENODATA)
+4
fs/cifs/inode.c
+4
fs/cifs/inode.c
···
1735
1735
if (rc == 0 || rc != -EBUSY)
1736
1736
goto do_rename_exit;
1737
1737
1738
+
/* Don't fall back to using SMB on SMB 2+ mount */
1739
+
if (server->vals->protocol_id != 0)
1740
+
goto do_rename_exit;
1741
+
1738
1742
/* open-file renames don't work across directories */
1739
1743
if (to_dentry->d_parent != from_dentry->d_parent)
1740
1744
goto do_rename_exit;
+22
-1
fs/cifs/misc.c
+22
-1
fs/cifs/misc.c
···
789
789
{
790
790
struct cifs_aio_ctx *ctx;
791
791
792
+
/*
793
+
* Must use kzalloc to initialize ctx->bv to NULL and ctx->direct_io
794
+
* to false so that we know when we have to unreference pages within
795
+
* cifs_aio_ctx_release()
796
+
*/
792
797
ctx = kzalloc(sizeof(struct cifs_aio_ctx), GFP_KERNEL);
793
798
if (!ctx)
794
799
return NULL;
···
812
807
struct cifs_aio_ctx, refcount);
813
808
814
809
cifsFileInfo_put(ctx->cfile);
815
-
kvfree(ctx->bv);
810
+
811
+
/*
812
+
* ctx->bv is only set if setup_aio_ctx_iter() was call successfuly
813
+
* which means that iov_iter_get_pages() was a success and thus that
814
+
* we have taken reference on pages.
815
+
*/
816
+
if (ctx->bv) {
817
+
unsigned i;
818
+
819
+
for (i = 0; i < ctx->npages; i++) {
820
+
if (ctx->should_dirty)
821
+
set_page_dirty(ctx->bv[i].bv_page);
822
+
put_page(ctx->bv[i].bv_page);
823
+
}
824
+
kvfree(ctx->bv);
825
+
}
826
+
816
827
kfree(ctx);
817
828
}
818
829
+1
fs/cifs/smb2pdu.c
+1
fs/cifs/smb2pdu.c
+184
-107
fs/io_uring.c
+184
-107
fs/io_uring.c
···
4
4
* supporting fast/efficient IO.
5
5
*
6
6
* A note on the read/write ordering memory barriers that are matched between
7
-
* the application and kernel side. When the application reads the CQ ring
8
-
* tail, it must use an appropriate smp_rmb() to order with the smp_wmb()
9
-
* the kernel uses after writing the tail. Failure to do so could cause a
10
-
* delay in when the application notices that completion events available.
11
-
* This isn't a fatal condition. Likewise, the application must use an
12
-
* appropriate smp_wmb() both before writing the SQ tail, and after writing
13
-
* the SQ tail. The first one orders the sqe writes with the tail write, and
14
-
* the latter is paired with the smp_rmb() the kernel will issue before
15
-
* reading the SQ tail on submission.
7
+
* the application and kernel side.
8
+
*
9
+
* After the application reads the CQ ring tail, it must use an
10
+
* appropriate smp_rmb() to pair with the smp_wmb() the kernel uses
11
+
* before writing the tail (using smp_load_acquire to read the tail will
12
+
* do). It also needs a smp_mb() before updating CQ head (ordering the
13
+
* entry load(s) with the head store), pairing with an implicit barrier
14
+
* through a control-dependency in io_get_cqring (smp_store_release to
15
+
* store head will do). Failure to do so could lead to reading invalid
16
+
* CQ entries.
17
+
*
18
+
* Likewise, the application must use an appropriate smp_wmb() before
19
+
* writing the SQ tail (ordering SQ entry stores with the tail store),
20
+
* which pairs with smp_load_acquire in io_get_sqring (smp_store_release
21
+
* to store the tail will do). And it needs a barrier ordering the SQ
22
+
* head load before writing new SQ entries (smp_load_acquire to read
23
+
* head will do).
24
+
*
25
+
* When using the SQ poll thread (IORING_SETUP_SQPOLL), the application
26
+
* needs to check the SQ flags for IORING_SQ_NEED_WAKEUP *after*
27
+
* updating the SQ tail; a full memory barrier smp_mb() is needed
28
+
* between.
16
29
*
17
30
* Also see the examples in the liburing library:
18
31
*
···
83
70
u32 tail ____cacheline_aligned_in_smp;
84
71
};
85
72
73
+
/*
74
+
* This data is shared with the application through the mmap at offset
75
+
* IORING_OFF_SQ_RING.
76
+
*
77
+
* The offsets to the member fields are published through struct
78
+
* io_sqring_offsets when calling io_uring_setup.
79
+
*/
86
80
struct io_sq_ring {
81
+
/*
82
+
* Head and tail offsets into the ring; the offsets need to be
83
+
* masked to get valid indices.
84
+
*
85
+
* The kernel controls head and the application controls tail.
86
+
*/
87
87
struct io_uring r;
88
+
/*
89
+
* Bitmask to apply to head and tail offsets (constant, equals
90
+
* ring_entries - 1)
91
+
*/
88
92
u32 ring_mask;
93
+
/* Ring size (constant, power of 2) */
89
94
u32 ring_entries;
95
+
/*
96
+
* Number of invalid entries dropped by the kernel due to
97
+
* invalid index stored in array
98
+
*
99
+
* Written by the kernel, shouldn't be modified by the
100
+
* application (i.e. get number of "new events" by comparing to
101
+
* cached value).
102
+
*
103
+
* After a new SQ head value was read by the application this
104
+
* counter includes all submissions that were dropped reaching
105
+
* the new SQ head (and possibly more).
106
+
*/
90
107
u32 dropped;
108
+
/*
109
+
* Runtime flags
110
+
*
111
+
* Written by the kernel, shouldn't be modified by the
112
+
* application.
113
+
*
114
+
* The application needs a full memory barrier before checking
115
+
* for IORING_SQ_NEED_WAKEUP after updating the sq tail.
116
+
*/
91
117
u32 flags;
118
+
/*
119
+
* Ring buffer of indices into array of io_uring_sqe, which is
120
+
* mmapped by the application using the IORING_OFF_SQES offset.
121
+
*
122
+
* This indirection could e.g. be used to assign fixed
123
+
* io_uring_sqe entries to operations and only submit them to
124
+
* the queue when needed.
125
+
*
126
+
* The kernel modifies neither the indices array nor the entries
127
+
* array.
128
+
*/
92
129
u32 array[];
93
130
};
94
131
132
+
/*
133
+
* This data is shared with the application through the mmap at offset
134
+
* IORING_OFF_CQ_RING.
135
+
*
136
+
* The offsets to the member fields are published through struct
137
+
* io_cqring_offsets when calling io_uring_setup.
138
+
*/
95
139
struct io_cq_ring {
140
+
/*
141
+
* Head and tail offsets into the ring; the offsets need to be
142
+
* masked to get valid indices.
143
+
*
144
+
* The application controls head and the kernel tail.
145
+
*/
96
146
struct io_uring r;
147
+
/*
148
+
* Bitmask to apply to head and tail offsets (constant, equals
149
+
* ring_entries - 1)
150
+
*/
97
151
u32 ring_mask;
152
+
/* Ring size (constant, power of 2) */
98
153
u32 ring_entries;
154
+
/*
155
+
* Number of completion events lost because the queue was full;
156
+
* this should be avoided by the application by making sure
157
+
* there are not more requests pending thatn there is space in
158
+
* the completion queue.
159
+
*
160
+
* Written by the kernel, shouldn't be modified by the
161
+
* application (i.e. get number of "new events" by comparing to
162
+
* cached value).
163
+
*
164
+
* As completion events come in out of order this counter is not
165
+
* ordered with any other data.
166
+
*/
99
167
u32 overflow;
168
+
/*
169
+
* Ring buffer of completion events.
170
+
*
171
+
* The kernel writes completion events fresh every time they are
172
+
* produced, so the application is allowed to modify pending
173
+
* entries.
174
+
*/
100
175
struct io_uring_cqe cqes[];
101
176
};
102
177
···
322
221
struct list_head list;
323
222
unsigned int flags;
324
223
refcount_t refs;
325
-
#define REQ_F_FORCE_NONBLOCK 1 /* inline submission attempt */
224
+
#define REQ_F_NOWAIT 1 /* must not punt to workers */
326
225
#define REQ_F_IOPOLL_COMPLETED 2 /* polled IO has completed */
327
226
#define REQ_F_FIXED_FILE 4 /* ctx owns file */
328
227
#define REQ_F_SEQ_PREV 8 /* sequential with previous */
···
418
317
/* order cqe stores with ring update */
419
318
smp_store_release(&ring->r.tail, ctx->cached_cq_tail);
420
319
421
-
/*
422
-
* Write sider barrier of tail update, app has read side. See
423
-
* comment at the top of this file.
424
-
*/
425
-
smp_wmb();
426
-
427
320
if (wq_has_sleeper(&ctx->cq_wait)) {
428
321
wake_up_interruptible(&ctx->cq_wait);
429
322
kill_fasync(&ctx->cq_fasync, SIGIO, POLL_IN);
···
431
336
unsigned tail;
432
337
433
338
tail = ctx->cached_cq_tail;
434
-
/* See comment at the top of the file */
435
-
smp_rmb();
339
+
/*
340
+
* writes to the cq entry need to come after reading head; the
341
+
* control dependency is enough as we're using WRITE_ONCE to
342
+
* fill the cq entry
343
+
*/
436
344
if (tail - READ_ONCE(ring->r.head) == ring->ring_entries)
437
345
return NULL;
438
346
···
838
740
}
839
741
840
742
static int io_prep_rw(struct io_kiocb *req, const struct sqe_submit *s,
841
-
bool force_nonblock, struct io_submit_state *state)
743
+
bool force_nonblock)
842
744
{
843
745
const struct io_uring_sqe *sqe = s->sqe;
844
746
struct io_ring_ctx *ctx = req->ctx;
···
872
774
ret = kiocb_set_rw_flags(kiocb, READ_ONCE(sqe->rw_flags));
873
775
if (unlikely(ret))
874
776
return ret;
875
-
if (force_nonblock) {
777
+
778
+
/* don't allow async punt if RWF_NOWAIT was requested */
779
+
if (kiocb->ki_flags & IOCB_NOWAIT)
780
+
req->flags |= REQ_F_NOWAIT;
781
+
782
+
if (force_nonblock)
876
783
kiocb->ki_flags |= IOCB_NOWAIT;
877
-
req->flags |= REQ_F_FORCE_NONBLOCK;
878
-
}
784
+
879
785
if (ctx->flags & IORING_SETUP_IOPOLL) {
880
786
if (!(kiocb->ki_flags & IOCB_DIRECT) ||
881
787
!kiocb->ki_filp->f_op->iopoll)
···
1040
938
}
1041
939
1042
940
static int io_read(struct io_kiocb *req, const struct sqe_submit *s,
1043
-
bool force_nonblock, struct io_submit_state *state)
941
+
bool force_nonblock)
1044
942
{
1045
943
struct iovec inline_vecs[UIO_FASTIOV], *iovec = inline_vecs;
1046
944
struct kiocb *kiocb = &req->rw;
···
1049
947
size_t iov_count;
1050
948
int ret;
1051
949
1052
-
ret = io_prep_rw(req, s, force_nonblock, state);
950
+
ret = io_prep_rw(req, s, force_nonblock);
1053
951
if (ret)
1054
952
return ret;
1055
953
file = kiocb->ki_filp;
···
1087
985
}
1088
986
1089
987
static int io_write(struct io_kiocb *req, const struct sqe_submit *s,
1090
-
bool force_nonblock, struct io_submit_state *state)
988
+
bool force_nonblock)
1091
989
{
1092
990
struct iovec inline_vecs[UIO_FASTIOV], *iovec = inline_vecs;
1093
991
struct kiocb *kiocb = &req->rw;
···
1096
994
size_t iov_count;
1097
995
int ret;
1098
996
1099
-
ret = io_prep_rw(req, s, force_nonblock, state);
997
+
ret = io_prep_rw(req, s, force_nonblock);
1100
998
if (ret)
1101
999
return ret;
1102
1000
···
1438
1336
}
1439
1337
1440
1338
static int __io_submit_sqe(struct io_ring_ctx *ctx, struct io_kiocb *req,
1441
-
const struct sqe_submit *s, bool force_nonblock,
1442
-
struct io_submit_state *state)
1339
+
const struct sqe_submit *s, bool force_nonblock)
1443
1340
{
1444
1341
int ret, opcode;
1445
1342
···
1454
1353
case IORING_OP_READV:
1455
1354
if (unlikely(s->sqe->buf_index))
1456
1355
return -EINVAL;
1457
-
ret = io_read(req, s, force_nonblock, state);
1356
+
ret = io_read(req, s, force_nonblock);
1458
1357
break;
1459
1358
case IORING_OP_WRITEV:
1460
1359
if (unlikely(s->sqe->buf_index))
1461
1360
return -EINVAL;
1462
-
ret = io_write(req, s, force_nonblock, state);
1361
+
ret = io_write(req, s, force_nonblock);
1463
1362
break;
1464
1363
case IORING_OP_READ_FIXED:
1465
-
ret = io_read(req, s, force_nonblock, state);
1364
+
ret = io_read(req, s, force_nonblock);
1466
1365
break;
1467
1366
case IORING_OP_WRITE_FIXED:
1468
-
ret = io_write(req, s, force_nonblock, state);
1367
+
ret = io_write(req, s, force_nonblock);
1469
1368
break;
1470
1369
case IORING_OP_FSYNC:
1471
1370
ret = io_fsync(req, s->sqe, force_nonblock);
···
1538
1437
struct sqe_submit *s = &req->submit;
1539
1438
const struct io_uring_sqe *sqe = s->sqe;
1540
1439
1541
-
/* Ensure we clear previously set forced non-block flag */
1542
-
req->flags &= ~REQ_F_FORCE_NONBLOCK;
1440
+
/* Ensure we clear previously set non-block flag */
1543
1441
req->rw.ki_flags &= ~IOCB_NOWAIT;
1544
1442
1545
1443
ret = 0;
···
1557
1457
s->has_user = cur_mm != NULL;
1558
1458
s->needs_lock = true;
1559
1459
do {
1560
-
ret = __io_submit_sqe(ctx, req, s, false, NULL);
1460
+
ret = __io_submit_sqe(ctx, req, s, false);
1561
1461
/*
1562
1462
* We can get EAGAIN for polled IO even though
1563
1463
* we're forcing a sync submission from here,
···
1568
1468
break;
1569
1469
cond_resched();
1570
1470
} while (1);
1571
-
1572
-
/* drop submission reference */
1573
-
io_put_req(req);
1574
1471
}
1472
+
1473
+
/* drop submission reference */
1474
+
io_put_req(req);
1475
+
1575
1476
if (ret) {
1576
1477
io_cqring_add_event(ctx, sqe->user_data, ret, 0);
1577
1478
io_put_req(req);
···
1724
1623
if (unlikely(ret))
1725
1624
goto out;
1726
1625
1727
-
ret = __io_submit_sqe(ctx, req, s, true, state);
1728
-
if (ret == -EAGAIN) {
1626
+
ret = __io_submit_sqe(ctx, req, s, true);
1627
+
if (ret == -EAGAIN && !(req->flags & REQ_F_NOWAIT)) {
1729
1628
struct io_uring_sqe *sqe_copy;
1730
1629
1731
1630
sqe_copy = kmalloc(sizeof(*sqe_copy), GFP_KERNEL);
···
1799
1698
* write new data to them.
1800
1699
*/
1801
1700
smp_store_release(&ring->r.head, ctx->cached_sq_head);
1802
-
1803
-
/*
1804
-
* write side barrier of head update, app has read side. See
1805
-
* comment at the top of this file
1806
-
*/
1807
-
smp_wmb();
1808
1701
}
1809
-
}
1810
-
1811
-
/*
1812
-
* Undo last io_get_sqring()
1813
-
*/
1814
-
static void io_drop_sqring(struct io_ring_ctx *ctx)
1815
-
{
1816
-
ctx->cached_sq_head--;
1817
1702
}
1818
1703
1819
1704
/*
···
1824
1737
* though the application is the one updating it.
1825
1738
*/
1826
1739
head = ctx->cached_sq_head;
1827
-
/* See comment at the top of this file */
1828
-
smp_rmb();
1829
-
if (head == READ_ONCE(ring->r.tail))
1740
+
/* make sure SQ entry isn't read before tail */
1741
+
if (head == smp_load_acquire(&ring->r.tail))
1830
1742
return false;
1831
1743
1832
1744
head = READ_ONCE(ring->array[head & ctx->sq_mask]);
···
1839
1753
/* drop invalid entries */
1840
1754
ctx->cached_sq_head++;
1841
1755
ring->dropped++;
1842
-
/* See comment at the top of this file */
1843
-
smp_wmb();
1844
1756
return false;
1845
1757
}
1846
1758
···
1948
1864
1949
1865
/* Tell userspace we may need a wakeup call */
1950
1866
ctx->sq_ring->flags |= IORING_SQ_NEED_WAKEUP;
1951
-
smp_wmb();
1867
+
/* make sure to read SQ tail after writing flags */
1868
+
smp_mb();
1952
1869
1953
1870
if (!io_get_sqring(ctx, &sqes[0])) {
1954
1871
if (kthread_should_stop()) {
···
1962
1877
finish_wait(&ctx->sqo_wait, &wait);
1963
1878
1964
1879
ctx->sq_ring->flags &= ~IORING_SQ_NEED_WAKEUP;
1965
-
smp_wmb();
1966
1880
continue;
1967
1881
}
1968
1882
finish_wait(&ctx->sqo_wait, &wait);
1969
1883
1970
1884
ctx->sq_ring->flags &= ~IORING_SQ_NEED_WAKEUP;
1971
-
smp_wmb();
1972
1885
}
1973
1886
1974
1887
i = 0;
···
2011
1928
static int io_ring_submit(struct io_ring_ctx *ctx, unsigned int to_submit)
2012
1929
{
2013
1930
struct io_submit_state state, *statep = NULL;
2014
-
int i, ret = 0, submit = 0;
1931
+
int i, submit = 0;
2015
1932
2016
1933
if (to_submit > IO_PLUG_THRESHOLD) {
2017
1934
io_submit_state_start(&state, ctx, to_submit);
···
2020
1937
2021
1938
for (i = 0; i < to_submit; i++) {
2022
1939
struct sqe_submit s;
1940
+
int ret;
2023
1941
2024
1942
if (!io_get_sqring(ctx, &s))
2025
1943
break;
···
2028
1944
s.has_user = true;
2029
1945
s.needs_lock = false;
2030
1946
s.needs_fixed_file = false;
1947
+
submit++;
2031
1948
2032
1949
ret = io_submit_sqe(ctx, &s, statep);
2033
-
if (ret) {
2034
-
io_drop_sqring(ctx);
2035
-
break;
2036
-
}
2037
-
2038
-
submit++;
1950
+
if (ret)
1951
+
io_cqring_add_event(ctx, s.sqe->user_data, ret, 0);
2039
1952
}
2040
1953
io_commit_sqring(ctx);
2041
1954
2042
1955
if (statep)
2043
1956
io_submit_state_end(statep);
2044
1957
2045
-
return submit ? submit : ret;
1958
+
return submit;
2046
1959
}
2047
1960
2048
1961
static unsigned io_cqring_events(struct io_cq_ring *ring)
···
2320
2239
mmgrab(current->mm);
2321
2240
ctx->sqo_mm = current->mm;
2322
2241
2323
-
ret = -EINVAL;
2324
-
if (!cpu_possible(p->sq_thread_cpu))
2325
-
goto err;
2326
-
2327
2242
if (ctx->flags & IORING_SETUP_SQPOLL) {
2328
2243
ret = -EPERM;
2329
2244
if (!capable(CAP_SYS_ADMIN))
···
2330
2253
ctx->sq_thread_idle = HZ;
2331
2254
2332
2255
if (p->flags & IORING_SETUP_SQ_AFF) {
2333
-
int cpu;
2256
+
int cpu = array_index_nospec(p->sq_thread_cpu,
2257
+
nr_cpu_ids);
2334
2258
2335
-
cpu = array_index_nospec(p->sq_thread_cpu, NR_CPUS);
2336
2259
ret = -EINVAL;
2337
-
if (!cpu_possible(p->sq_thread_cpu))
2260
+
if (!cpu_possible(cpu))
2338
2261
goto err;
2339
2262
2340
2263
ctx->sqo_thread = kthread_create_on_cpu(io_sq_thread,
···
2397
2320
2398
2321
static void io_mem_free(void *ptr)
2399
2322
{
2400
-
struct page *page = virt_to_head_page(ptr);
2323
+
struct page *page;
2401
2324
2325
+
if (!ptr)
2326
+
return;
2327
+
2328
+
page = virt_to_head_page(ptr);
2402
2329
if (put_page_testzero(page))
2403
2330
free_compound_page(page);
2404
2331
}
···
2443
2362
2444
2363
if (ctx->account_mem)
2445
2364
io_unaccount_mem(ctx->user, imu->nr_bvecs);
2446
-
kfree(imu->bvec);
2365
+
kvfree(imu->bvec);
2447
2366
imu->nr_bvecs = 0;
2448
2367
}
2449
2368
···
2535
2454
if (!pages || nr_pages > got_pages) {
2536
2455
kfree(vmas);
2537
2456
kfree(pages);
2538
-
pages = kmalloc_array(nr_pages, sizeof(struct page *),
2457
+
pages = kvmalloc_array(nr_pages, sizeof(struct page *),
2539
2458
GFP_KERNEL);
2540
-
vmas = kmalloc_array(nr_pages,
2459
+
vmas = kvmalloc_array(nr_pages,
2541
2460
sizeof(struct vm_area_struct *),
2542
2461
GFP_KERNEL);
2543
2462
if (!pages || !vmas) {
···
2549
2468
got_pages = nr_pages;
2550
2469
}
2551
2470
2552
-
imu->bvec = kmalloc_array(nr_pages, sizeof(struct bio_vec),
2471
+
imu->bvec = kvmalloc_array(nr_pages, sizeof(struct bio_vec),
2553
2472
GFP_KERNEL);
2554
2473
ret = -ENOMEM;
2555
2474
if (!imu->bvec) {
···
2588
2507
}
2589
2508
if (ctx->account_mem)
2590
2509
io_unaccount_mem(ctx->user, nr_pages);
2510
+
kvfree(imu->bvec);
2591
2511
goto err;
2592
2512
}
2593
2513
···
2611
2529
2612
2530
ctx->nr_user_bufs++;
2613
2531
}
2614
-
kfree(pages);
2615
-
kfree(vmas);
2532
+
kvfree(pages);
2533
+
kvfree(vmas);
2616
2534
return 0;
2617
2535
err:
2618
-
kfree(pages);
2619
-
kfree(vmas);
2536
+
kvfree(pages);
2537
+
kvfree(vmas);
2620
2538
io_sqe_buffer_unregister(ctx);
2621
2539
return ret;
2622
2540
}
···
2654
2572
__poll_t mask = 0;
2655
2573
2656
2574
poll_wait(file, &ctx->cq_wait, wait);
2657
-
/* See comment at the top of this file */
2575
+
/*
2576
+
* synchronizes with barrier from wq_has_sleeper call in
2577
+
* io_commit_cqring
2578
+
*/
2658
2579
smp_rmb();
2659
-
if (READ_ONCE(ctx->sq_ring->r.tail) + 1 != ctx->cached_sq_head)
2580
+
if (READ_ONCE(ctx->sq_ring->r.tail) - ctx->cached_sq_head !=
2581
+
ctx->sq_ring->ring_entries)
2660
2582
mask |= EPOLLOUT | EPOLLWRNORM;
2661
2583
if (READ_ONCE(ctx->cq_ring->r.head) != ctx->cached_cq_tail)
2662
2584
mask |= EPOLLIN | EPOLLRDNORM;
···
2771
2685
mutex_lock(&ctx->uring_lock);
2772
2686
submitted = io_ring_submit(ctx, to_submit);
2773
2687
mutex_unlock(&ctx->uring_lock);
2774
-
2775
-
if (submitted < 0)
2776
-
goto out_ctx;
2777
2688
}
2778
2689
if (flags & IORING_ENTER_GETEVENTS) {
2779
2690
unsigned nr_events = 0;
2780
2691
2781
2692
min_complete = min(min_complete, ctx->cq_entries);
2782
-
2783
-
/*
2784
-
* The application could have included the 'to_submit' count
2785
-
* in how many events it wanted to wait for. If we failed to
2786
-
* submit the desired count, we may need to adjust the number
2787
-
* of events to poll/wait for.
2788
-
*/
2789
-
if (submitted < to_submit)
2790
-
min_complete = min_t(unsigned, submitted, min_complete);
2791
2693
2792
2694
if (ctx->flags & IORING_SETUP_IOPOLL) {
2793
2695
mutex_lock(&ctx->uring_lock);
···
2822
2748
return -EOVERFLOW;
2823
2749
2824
2750
ctx->sq_sqes = io_mem_alloc(size);
2825
-
if (!ctx->sq_sqes) {
2826
-
io_mem_free(ctx->sq_ring);
2751
+
if (!ctx->sq_sqes)
2827
2752
return -ENOMEM;
2828
-
}
2829
2753
2830
2754
cq_ring = io_mem_alloc(struct_size(cq_ring, cqes, p->cq_entries));
2831
-
if (!cq_ring) {
2832
-
io_mem_free(ctx->sq_ring);
2833
-
io_mem_free(ctx->sq_sqes);
2755
+
if (!cq_ring)
2834
2756
return -ENOMEM;
2835
-
}
2836
2757
2837
2758
ctx->cq_ring = cq_ring;
2838
2759
cq_ring->ring_mask = p->cq_entries - 1;
···
3002
2933
__acquires(ctx->uring_lock)
3003
2934
{
3004
2935
int ret;
2936
+
2937
+
/*
2938
+
* We're inside the ring mutex, if the ref is already dying, then
2939
+
* someone else killed the ctx or is already going through
2940
+
* io_uring_register().
2941
+
*/
2942
+
if (percpu_ref_is_dying(&ctx->refs))
2943
+
return -ENXIO;
3005
2944
3006
2945
percpu_ref_kill(&ctx->refs);
3007
2946
+12
-2
fs/notify/fanotify/fanotify.c
+12
-2
fs/notify/fanotify/fanotify.c
···
346
346
__kernel_fsid_t fsid = {};
347
347
348
348
fsnotify_foreach_obj_type(type) {
349
+
struct fsnotify_mark_connector *conn;
350
+
349
351
if (!fsnotify_iter_should_report_type(iter_info, type))
350
352
continue;
351
353
352
-
fsid = iter_info->marks[type]->connector->fsid;
354
+
conn = READ_ONCE(iter_info->marks[type]->connector);
355
+
/* Mark is just getting destroyed or created? */
356
+
if (!conn)
357
+
continue;
358
+
fsid = conn->fsid;
353
359
if (WARN_ON_ONCE(!fsid.val[0] && !fsid.val[1]))
354
360
continue;
355
361
return fsid;
···
414
408
return 0;
415
409
}
416
410
417
-
if (FAN_GROUP_FLAG(group, FAN_REPORT_FID))
411
+
if (FAN_GROUP_FLAG(group, FAN_REPORT_FID)) {
418
412
fsid = fanotify_get_fsid(iter_info);
413
+
/* Racing with mark destruction or creation? */
414
+
if (!fsid.val[0] && !fsid.val[1])
415
+
return 0;
416
+
}
419
417
420
418
event = fanotify_alloc_event(group, inode, mask, data, data_type,
421
419
&fsid);
+6
-6
fs/notify/mark.c
+6
-6
fs/notify/mark.c
···
239
239
240
240
void fsnotify_put_mark(struct fsnotify_mark *mark)
241
241
{
242
-
struct fsnotify_mark_connector *conn;
242
+
struct fsnotify_mark_connector *conn = READ_ONCE(mark->connector);
243
243
void *objp = NULL;
244
244
unsigned int type = FSNOTIFY_OBJ_TYPE_DETACHED;
245
245
bool free_conn = false;
246
246
247
247
/* Catch marks that were actually never attached to object */
248
-
if (!mark->connector) {
248
+
if (!conn) {
249
249
if (refcount_dec_and_test(&mark->refcnt))
250
250
fsnotify_final_mark_destroy(mark);
251
251
return;
···
255
255
* We have to be careful so that traversals of obj_list under lock can
256
256
* safely grab mark reference.
257
257
*/
258
-
if (!refcount_dec_and_lock(&mark->refcnt, &mark->connector->lock))
258
+
if (!refcount_dec_and_lock(&mark->refcnt, &conn->lock))
259
259
return;
260
260
261
-
conn = mark->connector;
262
261
hlist_del_init_rcu(&mark->obj_list);
263
262
if (hlist_empty(&conn->list)) {
264
263
objp = fsnotify_detach_connector_from_object(conn, &type);
···
265
266
} else {
266
267
__fsnotify_recalc_mask(conn);
267
268
}
268
-
mark->connector = NULL;
269
+
WRITE_ONCE(mark->connector, NULL);
269
270
spin_unlock(&conn->lock);
270
271
271
272
fsnotify_drop_object(type, objp);
···
619
620
/* mark should be the last entry. last is the current last entry */
620
621
hlist_add_behind_rcu(&mark->obj_list, &last->obj_list);
621
622
added:
622
-
mark->connector = conn;
623
+
WRITE_ONCE(mark->connector, conn);
623
624
out_err:
624
625
spin_unlock(&conn->lock);
625
626
spin_unlock(&mark->lock);
···
807
808
refcount_set(&mark->refcnt, 1);
808
809
fsnotify_get_group(group);
809
810
mark->group = group;
811
+
WRITE_ONCE(mark->connector, NULL);
810
812
}
811
813
812
814
/*
+4
-2
fs/proc/proc_sysctl.c
+4
-2
fs/proc/proc_sysctl.c
+2
-2
fs/splice.c
+2
-2
fs/splice.c
-1
include/drm/ttm/ttm_bo_driver.h
-1
include/drm/ttm/ttm_bo_driver.h
+1
-1
include/linux/bpf.h
+1
-1
include/linux/bpf.h
+1
include/linux/pipe_fs_i.h
+1
include/linux/pipe_fs_i.h
···
176
176
bool generic_pipe_buf_get(struct pipe_inode_info *, struct pipe_buffer *);
177
177
int generic_pipe_buf_confirm(struct pipe_inode_info *, struct pipe_buffer *);
178
178
int generic_pipe_buf_steal(struct pipe_inode_info *, struct pipe_buffer *);
179
+
int generic_pipe_buf_nosteal(struct pipe_inode_info *, struct pipe_buffer *);
179
180
void generic_pipe_buf_release(struct pipe_inode_info *, struct pipe_buffer *);
180
181
void pipe_buf_mark_unmergeable(struct pipe_buffer *buf);
181
182
+1
-1
include/linux/uio.h
+1
-1
include/linux/uio.h
-2
include/linux/usb.h
-2
include/linux/usb.h
···
200
200
* @dev: driver model's view of this device
201
201
* @usb_dev: if an interface is bound to the USB major, this will point
202
202
* to the sysfs representation for that device.
203
-
* @pm_usage_cnt: PM usage counter for this interface
204
203
* @reset_ws: Used for scheduling resets from atomic context.
205
204
* @resetting_device: USB core reset the device, so use alt setting 0 as
206
205
* current; needs bandwidth alloc after reset.
···
256
257
257
258
struct device dev; /* interface specific device info */
258
259
struct device *usb_dev;
259
-
atomic_t pm_usage_cnt; /* usage counter for autosuspend */
260
260
struct work_struct reset_ws; /* for resets in atomic context */
261
261
};
262
262
#define to_usb_interface(d) container_of(d, struct usb_interface, dev)
-1
include/net/sctp/command.h
-1
include/net/sctp/command.h
···
105
105
SCTP_CMD_T1_RETRAN, /* Mark for retransmission after T1 timeout */
106
106
SCTP_CMD_UPDATE_INITTAG, /* Update peer inittag */
107
107
SCTP_CMD_SEND_MSG, /* Send the whole use message */
108
-
SCTP_CMD_SEND_NEXT_ASCONF, /* Send the next ASCONF after ACK */
109
108
SCTP_CMD_PURGE_ASCONF_QUEUE, /* Purge all asconf queues.*/
110
109
SCTP_CMD_SET_ASOC, /* Restore association context */
111
110
SCTP_CMD_LAST
+19
-1
include/net/xfrm.h
+19
-1
include/net/xfrm.h
···
306
306
};
307
307
308
308
struct xfrm_if_cb {
309
-
struct xfrm_if *(*decode_session)(struct sk_buff *skb);
309
+
struct xfrm_if *(*decode_session)(struct sk_buff *skb,
310
+
unsigned short family);
310
311
};
311
312
312
313
void xfrm_if_register_cb(const struct xfrm_if_cb *ifcb);
···
1336
1335
return atomic_read(&x->tunnel_users);
1337
1336
}
1338
1337
1338
+
static inline bool xfrm_id_proto_valid(u8 proto)
1339
+
{
1340
+
switch (proto) {
1341
+
case IPPROTO_AH:
1342
+
case IPPROTO_ESP:
1343
+
case IPPROTO_COMP:
1344
+
#if IS_ENABLED(CONFIG_IPV6)
1345
+
case IPPROTO_ROUTING:
1346
+
case IPPROTO_DSTOPTS:
1347
+
#endif
1348
+
return true;
1349
+
default:
1350
+
return false;
1351
+
}
1352
+
}
1353
+
1354
+
/* IPSEC_PROTO_ANY only matches 3 IPsec protocols, 0 could match all. */
1339
1355
static inline int xfrm_id_proto_match(u8 proto, u8 userproto)
1340
1356
{
1341
1357
return (!userproto || proto == userproto ||
+1
include/uapi/rdma/mlx5-abi.h
+1
include/uapi/rdma/mlx5-abi.h
···
238
238
MLX5_IB_QUERY_DEV_RESP_FLAGS_CQE_128B_COMP = 1 << 0,
239
239
MLX5_IB_QUERY_DEV_RESP_FLAGS_CQE_128B_PAD = 1 << 1,
240
240
MLX5_IB_QUERY_DEV_RESP_PACKET_BASED_CREDIT_MODE = 1 << 2,
241
+
MLX5_IB_QUERY_DEV_RESP_FLAGS_SCAT2CQE_DCT = 1 << 3,
241
242
};
242
243
243
244
enum mlx5_ib_tunnel_offloads {
+46
-30
kernel/bpf/verifier.c
+46
-30
kernel/bpf/verifier.c
···
4349
4349
return 0;
4350
4350
}
4351
4351
4352
+
static void __find_good_pkt_pointers(struct bpf_func_state *state,
4353
+
struct bpf_reg_state *dst_reg,
4354
+
enum bpf_reg_type type, u16 new_range)
4355
+
{
4356
+
struct bpf_reg_state *reg;
4357
+
int i;
4358
+
4359
+
for (i = 0; i < MAX_BPF_REG; i++) {
4360
+
reg = &state->regs[i];
4361
+
if (reg->type == type && reg->id == dst_reg->id)
4362
+
/* keep the maximum range already checked */
4363
+
reg->range = max(reg->range, new_range);
4364
+
}
4365
+
4366
+
bpf_for_each_spilled_reg(i, state, reg) {
4367
+
if (!reg)
4368
+
continue;
4369
+
if (reg->type == type && reg->id == dst_reg->id)
4370
+
reg->range = max(reg->range, new_range);
4371
+
}
4372
+
}
4373
+
4352
4374
static void find_good_pkt_pointers(struct bpf_verifier_state *vstate,
4353
4375
struct bpf_reg_state *dst_reg,
4354
4376
enum bpf_reg_type type,
4355
4377
bool range_right_open)
4356
4378
{
4357
-
struct bpf_func_state *state = vstate->frame[vstate->curframe];
4358
-
struct bpf_reg_state *regs = state->regs, *reg;
4359
4379
u16 new_range;
4360
-
int i, j;
4380
+
int i;
4361
4381
4362
4382
if (dst_reg->off < 0 ||
4363
4383
(dst_reg->off == 0 && range_right_open))
···
4442
4422
* the range won't allow anything.
4443
4423
* dst_reg->off is known < MAX_PACKET_OFF, therefore it fits in a u16.
4444
4424
*/
4445
-
for (i = 0; i < MAX_BPF_REG; i++)
4446
-
if (regs[i].type == type && regs[i].id == dst_reg->id)
4447
-
/* keep the maximum range already checked */
4448
-
regs[i].range = max(regs[i].range, new_range);
4449
-
4450
-
for (j = 0; j <= vstate->curframe; j++) {
4451
-
state = vstate->frame[j];
4452
-
bpf_for_each_spilled_reg(i, state, reg) {
4453
-
if (!reg)
4454
-
continue;
4455
-
if (reg->type == type && reg->id == dst_reg->id)
4456
-
reg->range = max(reg->range, new_range);
4457
-
}
4458
-
}
4425
+
for (i = 0; i <= vstate->curframe; i++)
4426
+
__find_good_pkt_pointers(vstate->frame[i], dst_reg, type,
4427
+
new_range);
4459
4428
}
4460
4429
4461
4430
/* compute branch direction of the expression "if (reg opcode val) goto target;"
···
4918
4909
}
4919
4910
}
4920
4911
4912
+
static void __mark_ptr_or_null_regs(struct bpf_func_state *state, u32 id,
4913
+
bool is_null)
4914
+
{
4915
+
struct bpf_reg_state *reg;
4916
+
int i;
4917
+
4918
+
for (i = 0; i < MAX_BPF_REG; i++)
4919
+
mark_ptr_or_null_reg(state, &state->regs[i], id, is_null);
4920
+
4921
+
bpf_for_each_spilled_reg(i, state, reg) {
4922
+
if (!reg)
4923
+
continue;
4924
+
mark_ptr_or_null_reg(state, reg, id, is_null);
4925
+
}
4926
+
}
4927
+
4921
4928
/* The logic is similar to find_good_pkt_pointers(), both could eventually
4922
4929
* be folded together at some point.
4923
4930
*/
···
4941
4916
bool is_null)
4942
4917
{
4943
4918
struct bpf_func_state *state = vstate->frame[vstate->curframe];
4944
-
struct bpf_reg_state *reg, *regs = state->regs;
4919
+
struct bpf_reg_state *regs = state->regs;
4945
4920
u32 ref_obj_id = regs[regno].ref_obj_id;
4946
4921
u32 id = regs[regno].id;
4947
-
int i, j;
4922
+
int i;
4948
4923
4949
4924
if (ref_obj_id && ref_obj_id == id && is_null)
4950
4925
/* regs[regno] is in the " == NULL" branch.
···
4953
4928
*/
4954
4929
WARN_ON_ONCE(release_reference_state(state, id));
4955
4930
4956
-
for (i = 0; i < MAX_BPF_REG; i++)
4957
-
mark_ptr_or_null_reg(state, ®s[i], id, is_null);
4958
-
4959
-
for (j = 0; j <= vstate->curframe; j++) {
4960
-
state = vstate->frame[j];
4961
-
bpf_for_each_spilled_reg(i, state, reg) {
4962
-
if (!reg)
4963
-
continue;
4964
-
mark_ptr_or_null_reg(state, reg, id, is_null);
4965
-
}
4966
-
}
4931
+
for (i = 0; i <= vstate->curframe; i++)
4932
+
__mark_ptr_or_null_regs(vstate->frame[i], id, is_null);
4967
4933
}
4968
4934
4969
4935
static bool try_match_pkt_pointers(const struct bpf_insn *insn,
+4
kernel/sched/fair.c
+4
kernel/sched/fair.c
···
2007
2007
if (p->last_task_numa_placement) {
2008
2008
delta = runtime - p->last_sum_exec_runtime;
2009
2009
*period = now - p->last_task_numa_placement;
2010
+
2011
+
/* Avoid time going backwards, prevent potential divide error: */
2012
+
if (unlikely((s64)*period < 0))
2013
+
*period = 0;
2010
2014
} else {
2011
2015
delta = p->se.avg.load_sum;
2012
2016
*period = LOAD_AVG_MAX;
+15
-2
kernel/seccomp.c
+15
-2
kernel/seccomp.c
···
502
502
*
503
503
* Caller must be holding current->sighand->siglock lock.
504
504
*
505
-
* Returns 0 on success, -ve on error.
505
+
* Returns 0 on success, -ve on error, or
506
+
* - in TSYNC mode: the pid of a thread which was either not in the correct
507
+
* seccomp mode or did not have an ancestral seccomp filter
508
+
* - in NEW_LISTENER mode: the fd of the new listener
506
509
*/
507
510
static long seccomp_attach_filter(unsigned int flags,
508
511
struct seccomp_filter *filter)
···
1261
1258
if (flags & ~SECCOMP_FILTER_FLAG_MASK)
1262
1259
return -EINVAL;
1263
1260
1261
+
/*
1262
+
* In the successful case, NEW_LISTENER returns the new listener fd.
1263
+
* But in the failure case, TSYNC returns the thread that died. If you
1264
+
* combine these two flags, there's no way to tell whether something
1265
+
* succeeded or failed. So, let's disallow this combination.
1266
+
*/
1267
+
if ((flags & SECCOMP_FILTER_FLAG_TSYNC) &&
1268
+
(flags & SECCOMP_FILTER_FLAG_NEW_LISTENER))
1269
+
return -EINVAL;
1270
+
1264
1271
/* Prepare the new filter before holding any locks. */
1265
1272
prepared = seccomp_prepare_user_filter(filter);
1266
1273
if (IS_ERR(prepared))
···
1317
1304
mutex_unlock(¤t->signal->cred_guard_mutex);
1318
1305
out_put_fd:
1319
1306
if (flags & SECCOMP_FILTER_FLAG_NEW_LISTENER) {
1320
-
if (ret < 0) {
1307
+
if (ret) {
1321
1308
listener_f->private_data = NULL;
1322
1309
fput(listener_f);
1323
1310
put_unused_fd(listener);
+1
-1
kernel/trace/ring_buffer.c
+1
-1
kernel/trace/ring_buffer.c
+19
-16
kernel/trace/trace.c
+19
-16
kernel/trace/trace.c
···
496
496
* not modified.
497
497
*/
498
498
pid_list = kmalloc(sizeof(*pid_list), GFP_KERNEL);
499
-
if (!pid_list)
499
+
if (!pid_list) {
500
+
trace_parser_put(&parser);
500
501
return -ENOMEM;
502
+
}
501
503
502
504
pid_list->pid_max = READ_ONCE(pid_max);
503
505
···
509
507
510
508
pid_list->pids = vzalloc((pid_list->pid_max + 7) >> 3);
511
509
if (!pid_list->pids) {
510
+
trace_parser_put(&parser);
512
511
kfree(pid_list);
513
512
return -ENOMEM;
514
513
}
···
7028
7025
struct ring_buffer *buffer;
7029
7026
void *page;
7030
7027
int cpu;
7031
-
int ref;
7028
+
refcount_t refcount;
7032
7029
};
7030
+
7031
+
static void buffer_ref_release(struct buffer_ref *ref)
7032
+
{
7033
+
if (!refcount_dec_and_test(&ref->refcount))
7034
+
return;
7035
+
ring_buffer_free_read_page(ref->buffer, ref->cpu, ref->page);
7036
+
kfree(ref);
7037
+
}
7033
7038
7034
7039
static void buffer_pipe_buf_release(struct pipe_inode_info *pipe,
7035
7040
struct pipe_buffer *buf)
7036
7041
{
7037
7042
struct buffer_ref *ref = (struct buffer_ref *)buf->private;
7038
7043
7039
-
if (--ref->ref)
7040
-
return;
7041
-
7042
-
ring_buffer_free_read_page(ref->buffer, ref->cpu, ref->page);
7043
-
kfree(ref);
7044
+
buffer_ref_release(ref);
7044
7045
buf->private = 0;
7045
7046
}
7046
7047
···
7053
7046
{
7054
7047
struct buffer_ref *ref = (struct buffer_ref *)buf->private;
7055
7048
7056
-
if (ref->ref > INT_MAX/2)
7049
+
if (refcount_read(&ref->refcount) > INT_MAX/2)
7057
7050
return false;
7058
7051
7059
-
ref->ref++;
7052
+
refcount_inc(&ref->refcount);
7060
7053
return true;
7061
7054
}
7062
7055
···
7064
7057
static const struct pipe_buf_operations buffer_pipe_buf_ops = {
7065
7058
.confirm = generic_pipe_buf_confirm,
7066
7059
.release = buffer_pipe_buf_release,
7067
-
.steal = generic_pipe_buf_steal,
7060
+
.steal = generic_pipe_buf_nosteal,
7068
7061
.get = buffer_pipe_buf_get,
7069
7062
};
7070
7063
···
7077
7070
struct buffer_ref *ref =
7078
7071
(struct buffer_ref *)spd->partial[i].private;
7079
7072
7080
-
if (--ref->ref)
7081
-
return;
7082
-
7083
-
ring_buffer_free_read_page(ref->buffer, ref->cpu, ref->page);
7084
-
kfree(ref);
7073
+
buffer_ref_release(ref);
7085
7074
spd->partial[i].private = 0;
7086
7075
}
7087
7076
···
7132
7129
break;
7133
7130
}
7134
7131
7135
-
ref->ref = 1;
7132
+
refcount_set(&ref->refcount, 1);
7136
7133
ref->buffer = iter->trace_buffer->buffer;
7137
7134
ref->page = ring_buffer_alloc_read_page(ref->buffer, iter->cpu_file);
7138
7135
if (IS_ERR(ref->page)) {
+1
lib/Kconfig.debug
+1
lib/Kconfig.debug
+3
-3
lib/test_vmalloc.c
+3
-3
lib/test_vmalloc.c
···
383
383
static int test_func(void *private)
384
384
{
385
385
struct test_driver *t = private;
386
-
cpumask_t newmask = CPU_MASK_NONE;
387
386
int random_array[ARRAY_SIZE(test_case_array)];
388
387
int index, i, j, ret;
389
388
ktime_t kt;
390
389
u64 delta;
391
390
392
-
cpumask_set_cpu(t->cpu, &newmask);
393
-
set_cpus_allowed_ptr(current, &newmask);
391
+
ret = set_cpus_allowed_ptr(current, cpumask_of(t->cpu));
392
+
if (ret < 0)
393
+
pr_err("Failed to set affinity to %d CPU\n", t->cpu);
394
394
395
395
for (i = 0; i < ARRAY_SIZE(test_case_array); i++)
396
396
random_array[i] = i;
+1
mm/memory_hotplug.c
+1
mm/memory_hotplug.c
+19
-8
mm/page_alloc.c
+19
-8
mm/page_alloc.c
···
266
266
267
267
int min_free_kbytes = 1024;
268
268
int user_min_free_kbytes = -1;
269
+
#ifdef CONFIG_DISCONTIGMEM
270
+
/*
271
+
* DiscontigMem defines memory ranges as separate pg_data_t even if the ranges
272
+
* are not on separate NUMA nodes. Functionally this works but with
273
+
* watermark_boost_factor, it can reclaim prematurely as the ranges can be
274
+
* quite small. By default, do not boost watermarks on discontigmem as in
275
+
* many cases very high-order allocations like THP are likely to be
276
+
* unsupported and the premature reclaim offsets the advantage of long-term
277
+
* fragmentation avoidance.
278
+
*/
279
+
int watermark_boost_factor __read_mostly;
280
+
#else
269
281
int watermark_boost_factor __read_mostly = 15000;
282
+
#endif
270
283
int watermark_scale_factor = 10;
271
284
272
285
static unsigned long nr_kernel_pages __initdata;
···
3432
3419
alloc_flags |= ALLOC_KSWAPD;
3433
3420
3434
3421
#ifdef CONFIG_ZONE_DMA32
3422
+
if (!zone)
3423
+
return alloc_flags;
3424
+
3435
3425
if (zone_idx(zone) != ZONE_NORMAL)
3436
-
goto out;
3426
+
return alloc_flags;
3437
3427
3438
3428
/*
3439
3429
* If ZONE_DMA32 exists, assume it is the one after ZONE_NORMAL and
···
3445
3429
*/
3446
3430
BUILD_BUG_ON(ZONE_NORMAL - ZONE_DMA32 != 1);
3447
3431
if (nr_online_nodes > 1 && !populated_zone(--zone))
3448
-
goto out;
3432
+
return alloc_flags;
3449
3433
3450
-
out:
3434
+
alloc_flags |= ALLOC_NOFRAGMENT;
3451
3435
#endif /* CONFIG_ZONE_DMA32 */
3452
3436
return alloc_flags;
3453
3437
}
···
3788
3772
3789
3773
memalloc_noreclaim_restore(noreclaim_flag);
3790
3774
psi_memstall_leave(&pflags);
3791
-
3792
-
if (*compact_result <= COMPACT_INACTIVE) {
3793
-
WARN_ON_ONCE(page);
3794
-
return NULL;
3795
-
}
3796
3775
3797
3776
/*
3798
3777
* At least in one zone compaction wasn't deferred or skipped, so let's
+1
net/appletalk/ddp.c
+1
net/appletalk/ddp.c
+15
-5
net/ipv4/esp4.c
+15
-5
net/ipv4/esp4.c
···
226
226
tail[plen - 1] = proto;
227
227
}
228
228
229
-
static void esp_output_udp_encap(struct xfrm_state *x, struct sk_buff *skb, struct esp_info *esp)
229
+
static int esp_output_udp_encap(struct xfrm_state *x, struct sk_buff *skb, struct esp_info *esp)
230
230
{
231
231
int encap_type;
232
232
struct udphdr *uh;
···
234
234
__be16 sport, dport;
235
235
struct xfrm_encap_tmpl *encap = x->encap;
236
236
struct ip_esp_hdr *esph = esp->esph;
237
+
unsigned int len;
237
238
238
239
spin_lock_bh(&x->lock);
239
240
sport = encap->encap_sport;
···
242
241
encap_type = encap->encap_type;
243
242
spin_unlock_bh(&x->lock);
244
243
244
+
len = skb->len + esp->tailen - skb_transport_offset(skb);
245
+
if (len + sizeof(struct iphdr) >= IP_MAX_MTU)
246
+
return -EMSGSIZE;
247
+
245
248
uh = (struct udphdr *)esph;
246
249
uh->source = sport;
247
250
uh->dest = dport;
248
-
uh->len = htons(skb->len + esp->tailen
249
-
- skb_transport_offset(skb));
251
+
uh->len = htons(len);
250
252
uh->check = 0;
251
253
252
254
switch (encap_type) {
···
266
262
267
263
*skb_mac_header(skb) = IPPROTO_UDP;
268
264
esp->esph = esph;
265
+
266
+
return 0;
269
267
}
270
268
271
269
int esp_output_head(struct xfrm_state *x, struct sk_buff *skb, struct esp_info *esp)
···
281
275
int tailen = esp->tailen;
282
276
283
277
/* this is non-NULL only with UDP Encapsulation */
284
-
if (x->encap)
285
-
esp_output_udp_encap(x, skb, esp);
278
+
if (x->encap) {
279
+
int err = esp_output_udp_encap(x, skb, esp);
280
+
281
+
if (err < 0)
282
+
return err;
283
+
}
286
284
287
285
if (!skb_cloned(skb)) {
288
286
if (tailen <= skb_tailroom(skb)) {
+5
-3
net/ipv4/esp4_offload.c
+5
-3
net/ipv4/esp4_offload.c
···
52
52
goto out;
53
53
54
54
if (sp->len == XFRM_MAX_DEPTH)
55
-
goto out;
55
+
goto out_reset;
56
56
57
57
x = xfrm_state_lookup(dev_net(skb->dev), skb->mark,
58
58
(xfrm_address_t *)&ip_hdr(skb)->daddr,
59
59
spi, IPPROTO_ESP, AF_INET);
60
60
if (!x)
61
-
goto out;
61
+
goto out_reset;
62
62
63
63
sp->xvec[sp->len++] = x;
64
64
sp->olen++;
···
66
66
xo = xfrm_offload(skb);
67
67
if (!xo) {
68
68
xfrm_state_put(x);
69
-
goto out;
69
+
goto out_reset;
70
70
}
71
71
}
72
72
···
82
82
xfrm_input(skb, IPPROTO_ESP, spi, -2);
83
83
84
84
return ERR_PTR(-EINPROGRESS);
85
+
out_reset:
86
+
secpath_reset(skb);
85
87
out:
86
88
skb_push(skb, offset);
87
89
NAPI_GRO_CB(skb)->same_flow = 0;
+1
net/ipv4/ip_output.c
+1
net/ipv4/ip_output.c
+4
-5
net/ipv4/ip_vti.c
+4
-5
net/ipv4/ip_vti.c
···
630
630
631
631
msg = "ipip tunnel";
632
632
err = xfrm4_tunnel_register(&ipip_handler, AF_INET);
633
-
if (err < 0) {
634
-
pr_info("%s: cant't register tunnel\n",__func__);
633
+
if (err < 0)
635
634
goto xfrm_tunnel_failed;
636
-
}
637
635
638
636
msg = "netlink interface";
639
637
err = rtnl_link_register(&vti_link_ops);
···
641
643
return err;
642
644
643
645
rtnl_link_failed:
644
-
xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
645
-
xfrm_tunnel_failed:
646
646
xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
647
+
xfrm_tunnel_failed:
648
+
xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
647
649
xfrm_proto_comp_failed:
648
650
xfrm4_protocol_deregister(&vti_ah4_protocol, IPPROTO_AH);
649
651
xfrm_proto_ah_failed:
···
658
660
static void __exit vti_fini(void)
659
661
{
660
662
rtnl_link_unregister(&vti_link_ops);
663
+
xfrm4_tunnel_deregister(&ipip_handler, AF_INET);
661
664
xfrm4_protocol_deregister(&vti_ipcomp4_protocol, IPPROTO_COMP);
662
665
xfrm4_protocol_deregister(&vti_ah4_protocol, IPPROTO_AH);
663
666
xfrm4_protocol_deregister(&vti_esp4_protocol, IPPROTO_ESP);
+12
-1
net/ipv4/tcp_ipv4.c
+12
-1
net/ipv4/tcp_ipv4.c
···
1673
1673
if (TCP_SKB_CB(tail)->end_seq != TCP_SKB_CB(skb)->seq ||
1674
1674
TCP_SKB_CB(tail)->ip_dsfield != TCP_SKB_CB(skb)->ip_dsfield ||
1675
1675
((TCP_SKB_CB(tail)->tcp_flags |
1676
-
TCP_SKB_CB(skb)->tcp_flags) & TCPHDR_URG) ||
1676
+
TCP_SKB_CB(skb)->tcp_flags) & (TCPHDR_SYN | TCPHDR_RST | TCPHDR_URG)) ||
1677
+
!((TCP_SKB_CB(tail)->tcp_flags &
1678
+
TCP_SKB_CB(skb)->tcp_flags) & TCPHDR_ACK) ||
1677
1679
((TCP_SKB_CB(tail)->tcp_flags ^
1678
1680
TCP_SKB_CB(skb)->tcp_flags) & (TCPHDR_ECE | TCPHDR_CWR)) ||
1679
1681
#ifdef CONFIG_TLS_DEVICE
···
1694
1692
if (after(TCP_SKB_CB(skb)->ack_seq, TCP_SKB_CB(tail)->ack_seq))
1695
1693
TCP_SKB_CB(tail)->ack_seq = TCP_SKB_CB(skb)->ack_seq;
1696
1694
1695
+
/* We have to update both TCP_SKB_CB(tail)->tcp_flags and
1696
+
* thtail->fin, so that the fast path in tcp_rcv_established()
1697
+
* is not entered if we append a packet with a FIN.
1698
+
* SYN, RST, URG are not present.
1699
+
* ACK is set on both packets.
1700
+
* PSH : we do not really care in TCP stack,
1701
+
* at least for 'GRO' packets.
1702
+
*/
1703
+
thtail->fin |= th->fin;
1697
1704
TCP_SKB_CB(tail)->tcp_flags |= TCP_SKB_CB(skb)->tcp_flags;
1698
1705
1699
1706
if (TCP_SKB_CB(skb)->has_rxtstamp) {
+12
-4
net/ipv4/udp_offload.c
+12
-4
net/ipv4/udp_offload.c
···
352
352
struct sk_buff *pp = NULL;
353
353
struct udphdr *uh2;
354
354
struct sk_buff *p;
355
+
unsigned int ulen;
355
356
356
357
/* requires non zero csum, for symmetry with GSO */
357
358
if (!uh->check) {
···
360
359
return NULL;
361
360
}
362
361
362
+
/* Do not deal with padded or malicious packets, sorry ! */
363
+
ulen = ntohs(uh->len);
364
+
if (ulen <= sizeof(*uh) || ulen != skb_gro_len(skb)) {
365
+
NAPI_GRO_CB(skb)->flush = 1;
366
+
return NULL;
367
+
}
363
368
/* pull encapsulating udp header */
364
369
skb_gro_pull(skb, sizeof(struct udphdr));
365
370
skb_gro_postpull_rcsum(skb, uh, sizeof(struct udphdr));
···
384
377
385
378
/* Terminate the flow on len mismatch or if it grow "too much".
386
379
* Under small packet flood GRO count could elsewhere grow a lot
387
-
* leading to execessive truesize values
380
+
* leading to excessive truesize values.
381
+
* On len mismatch merge the first packet shorter than gso_size,
382
+
* otherwise complete the GRO packet.
388
383
*/
389
-
if (!skb_gro_receive(p, skb) &&
384
+
if (ulen > ntohs(uh2->len) || skb_gro_receive(p, skb) ||
385
+
ulen != ntohs(uh2->len) ||
390
386
NAPI_GRO_CB(p)->count >= UDP_GRO_CNT_MAX)
391
-
pp = p;
392
-
else if (uh->len != uh2->len)
393
387
pp = p;
394
388
395
389
return pp;
+5
-3
net/ipv6/esp6_offload.c
+5
-3
net/ipv6/esp6_offload.c
···
74
74
goto out;
75
75
76
76
if (sp->len == XFRM_MAX_DEPTH)
77
-
goto out;
77
+
goto out_reset;
78
78
79
79
x = xfrm_state_lookup(dev_net(skb->dev), skb->mark,
80
80
(xfrm_address_t *)&ipv6_hdr(skb)->daddr,
81
81
spi, IPPROTO_ESP, AF_INET6);
82
82
if (!x)
83
-
goto out;
83
+
goto out_reset;
84
84
85
85
sp->xvec[sp->len++] = x;
86
86
sp->olen++;
···
88
88
xo = xfrm_offload(skb);
89
89
if (!xo) {
90
90
xfrm_state_put(x);
91
-
goto out;
91
+
goto out_reset;
92
92
}
93
93
}
94
94
···
109
109
xfrm_input(skb, IPPROTO_ESP, spi, -2);
110
110
111
111
return ERR_PTR(-EINPROGRESS);
112
+
out_reset:
113
+
secpath_reset(skb);
112
114
out:
113
115
skb_push(skb, offset);
114
116
NAPI_GRO_CB(skb)->same_flow = 0;
+1
-3
net/ipv6/ip6_fib.c
+1
-3
net/ipv6/ip6_fib.c
···
916
916
if (pcpu_rt) {
917
917
struct fib6_info *from;
918
918
919
-
from = rcu_dereference_protected(pcpu_rt->from,
920
-
lockdep_is_held(&table->tb6_lock));
921
-
rcu_assign_pointer(pcpu_rt->from, NULL);
919
+
from = xchg((__force struct fib6_info **)&pcpu_rt->from, NULL);
922
920
fib6_info_release(from);
923
921
}
924
922
}
+14
-8
net/ipv6/ip6_flowlabel.c
+14
-8
net/ipv6/ip6_flowlabel.c
···
94
94
return fl;
95
95
}
96
96
97
+
static void fl_free_rcu(struct rcu_head *head)
98
+
{
99
+
struct ip6_flowlabel *fl = container_of(head, struct ip6_flowlabel, rcu);
100
+
101
+
if (fl->share == IPV6_FL_S_PROCESS)
102
+
put_pid(fl->owner.pid);
103
+
kfree(fl->opt);
104
+
kfree(fl);
105
+
}
106
+
97
107
98
108
static void fl_free(struct ip6_flowlabel *fl)
99
109
{
100
-
if (fl) {
101
-
if (fl->share == IPV6_FL_S_PROCESS)
102
-
put_pid(fl->owner.pid);
103
-
kfree(fl->opt);
104
-
kfree_rcu(fl, rcu);
105
-
}
110
+
if (fl)
111
+
call_rcu(&fl->rcu, fl_free_rcu);
106
112
}
107
113
108
114
static void fl_release(struct ip6_flowlabel *fl)
···
639
633
if (fl1->share == IPV6_FL_S_EXCL ||
640
634
fl1->share != fl->share ||
641
635
((fl1->share == IPV6_FL_S_PROCESS) &&
642
-
(fl1->owner.pid == fl->owner.pid)) ||
636
+
(fl1->owner.pid != fl->owner.pid)) ||
643
637
((fl1->share == IPV6_FL_S_USER) &&
644
-
uid_eq(fl1->owner.uid, fl->owner.uid)))
638
+
!uid_eq(fl1->owner.uid, fl->owner.uid)))
645
639
goto release;
646
640
647
641
err = -ENOMEM;
+37
-33
net/ipv6/route.c
+37
-33
net/ipv6/route.c
···
380
380
in6_dev_put(idev);
381
381
}
382
382
383
-
rcu_read_lock();
384
-
from = rcu_dereference(rt->from);
385
-
rcu_assign_pointer(rt->from, NULL);
383
+
from = xchg((__force struct fib6_info **)&rt->from, NULL);
386
384
fib6_info_release(from);
387
-
rcu_read_unlock();
388
385
}
389
386
390
387
static void ip6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
···
1320
1323
/* purge completely the exception to allow releasing the held resources:
1321
1324
* some [sk] cache may keep the dst around for unlimited time
1322
1325
*/
1323
-
from = rcu_dereference_protected(rt6_ex->rt6i->from,
1324
-
lockdep_is_held(&rt6_exception_lock));
1325
-
rcu_assign_pointer(rt6_ex->rt6i->from, NULL);
1326
+
from = xchg((__force struct fib6_info **)&rt6_ex->rt6i->from, NULL);
1326
1327
fib6_info_release(from);
1327
1328
dst_dev_put(&rt6_ex->rt6i->dst);
1328
1329
···
3490
3495
3491
3496
rcu_read_lock();
3492
3497
res.f6i = rcu_dereference(rt->from);
3493
-
/* This fib6_info_hold() is safe here because we hold reference to rt
3494
-
* and rt already holds reference to fib6_info.
3495
-
*/
3496
-
fib6_info_hold(res.f6i);
3497
-
rcu_read_unlock();
3498
+
if (!res.f6i)
3499
+
goto out;
3498
3500
3499
3501
res.nh = &res.f6i->fib6_nh;
3500
3502
res.fib6_flags = res.f6i->fib6_flags;
···
3506
3514
3507
3515
nrt->rt6i_gateway = *(struct in6_addr *)neigh->primary_key;
3508
3516
3509
-
/* No need to remove rt from the exception table if rt is
3510
-
* a cached route because rt6_insert_exception() will
3511
-
* takes care of it
3512
-
*/
3517
+
/* rt6_insert_exception() will take care of duplicated exceptions */
3513
3518
if (rt6_insert_exception(nrt, &res)) {
3514
3519
dst_release_immediate(&nrt->dst);
3515
3520
goto out;
···
3519
3530
call_netevent_notifiers(NETEVENT_REDIRECT, &netevent);
3520
3531
3521
3532
out:
3522
-
fib6_info_release(res.f6i);
3533
+
rcu_read_unlock();
3523
3534
neigh_release(neigh);
3524
3535
}
3525
3536
···
3761
3772
3762
3773
static int ip6_pkt_drop(struct sk_buff *skb, u8 code, int ipstats_mib_noroutes)
3763
3774
{
3764
-
int type;
3765
3775
struct dst_entry *dst = skb_dst(skb);
3776
+
struct net *net = dev_net(dst->dev);
3777
+
struct inet6_dev *idev;
3778
+
int type;
3779
+
3780
+
if (netif_is_l3_master(skb->dev) &&
3781
+
dst->dev == net->loopback_dev)
3782
+
idev = __in6_dev_get_safely(dev_get_by_index_rcu(net, IP6CB(skb)->iif));
3783
+
else
3784
+
idev = ip6_dst_idev(dst);
3785
+
3766
3786
switch (ipstats_mib_noroutes) {
3767
3787
case IPSTATS_MIB_INNOROUTES:
3768
3788
type = ipv6_addr_type(&ipv6_hdr(skb)->daddr);
3769
3789
if (type == IPV6_ADDR_ANY) {
3770
-
IP6_INC_STATS(dev_net(dst->dev),
3771
-
__in6_dev_get_safely(skb->dev),
3772
-
IPSTATS_MIB_INADDRERRORS);
3790
+
IP6_INC_STATS(net, idev, IPSTATS_MIB_INADDRERRORS);
3773
3791
break;
3774
3792
}
3775
3793
/* FALLTHROUGH */
3776
3794
case IPSTATS_MIB_OUTNOROUTES:
3777
-
IP6_INC_STATS(dev_net(dst->dev), ip6_dst_idev(dst),
3778
-
ipstats_mib_noroutes);
3795
+
IP6_INC_STATS(net, idev, ipstats_mib_noroutes);
3779
3796
break;
3780
3797
}
3798
+
3799
+
/* Start over by dropping the dst for l3mdev case */
3800
+
if (netif_is_l3_master(skb->dev))
3801
+
skb_dst_drop(skb);
3802
+
3781
3803
icmpv6_send(skb, ICMPV6_DEST_UNREACH, code, 0);
3782
3804
kfree_skb(skb);
3783
3805
return 0;
···
5056
5056
5057
5057
rcu_read_lock();
5058
5058
from = rcu_dereference(rt->from);
5059
-
5060
-
if (fibmatch)
5061
-
err = rt6_fill_node(net, skb, from, NULL, NULL, NULL, iif,
5062
-
RTM_NEWROUTE, NETLINK_CB(in_skb).portid,
5063
-
nlh->nlmsg_seq, 0);
5064
-
else
5065
-
err = rt6_fill_node(net, skb, from, dst, &fl6.daddr,
5066
-
&fl6.saddr, iif, RTM_NEWROUTE,
5067
-
NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
5068
-
0);
5059
+
if (from) {
5060
+
if (fibmatch)
5061
+
err = rt6_fill_node(net, skb, from, NULL, NULL, NULL,
5062
+
iif, RTM_NEWROUTE,
5063
+
NETLINK_CB(in_skb).portid,
5064
+
nlh->nlmsg_seq, 0);
5065
+
else
5066
+
err = rt6_fill_node(net, skb, from, dst, &fl6.daddr,
5067
+
&fl6.saddr, iif, RTM_NEWROUTE,
5068
+
NETLINK_CB(in_skb).portid,
5069
+
nlh->nlmsg_seq, 0);
5070
+
} else {
5071
+
err = -ENETUNREACH;
5072
+
}
5069
5073
rcu_read_unlock();
5070
5074
5071
5075
if (err < 0) {
+5
-1
net/ipv6/xfrm6_tunnel.c
+5
-1
net/ipv6/xfrm6_tunnel.c
···
345
345
unsigned int i;
346
346
347
347
xfrm_flush_gc();
348
-
xfrm_state_flush(net, IPSEC_PROTO_ANY, false, true);
348
+
xfrm_state_flush(net, 0, false, true);
349
349
350
350
for (i = 0; i < XFRM6_TUNNEL_SPI_BYADDR_HSIZE; i++)
351
351
WARN_ON_ONCE(!hlist_empty(&xfrm6_tn->spi_byaddr[i]));
···
402
402
xfrm6_tunnel_deregister(&xfrm6_tunnel_handler, AF_INET6);
403
403
xfrm_unregister_type(&xfrm6_tunnel_type, AF_INET6);
404
404
unregister_pernet_subsys(&xfrm6_tunnel_net_ops);
405
+
/* Someone maybe has gotten the xfrm6_tunnel_spi.
406
+
* So need to wait it.
407
+
*/
408
+
rcu_barrier();
405
409
kmem_cache_destroy(xfrm6_tunnel_spi_kmem);
406
410
}
407
411
+3
-1
net/key/af_key.c
+3
-1
net/key/af_key.c
···
1951
1951
1952
1952
if (rq->sadb_x_ipsecrequest_mode == 0)
1953
1953
return -EINVAL;
1954
+
if (!xfrm_id_proto_valid(rq->sadb_x_ipsecrequest_proto))
1955
+
return -EINVAL;
1954
1956
1955
-
t->id.proto = rq->sadb_x_ipsecrequest_proto; /* XXX check proto */
1957
+
t->id.proto = rq->sadb_x_ipsecrequest_proto;
1956
1958
if ((mode = pfkey_mode_to_xfrm(rq->sadb_x_ipsecrequest_mode)) < 0)
1957
1959
return -EINVAL;
1958
1960
t->mode = mode;
+5
-5
net/l2tp/l2tp_core.c
+5
-5
net/l2tp/l2tp_core.c
···
169
169
170
170
rcu_read_lock_bh();
171
171
list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
172
-
if (tunnel->tunnel_id == tunnel_id) {
173
-
l2tp_tunnel_inc_refcount(tunnel);
172
+
if (tunnel->tunnel_id == tunnel_id &&
173
+
refcount_inc_not_zero(&tunnel->ref_count)) {
174
174
rcu_read_unlock_bh();
175
175
176
176
return tunnel;
···
190
190
191
191
rcu_read_lock_bh();
192
192
list_for_each_entry_rcu(tunnel, &pn->l2tp_tunnel_list, list) {
193
-
if (++count > nth) {
194
-
l2tp_tunnel_inc_refcount(tunnel);
193
+
if (++count > nth &&
194
+
refcount_inc_not_zero(&tunnel->ref_count)) {
195
195
rcu_read_unlock_bh();
196
196
return tunnel;
197
197
}
···
909
909
{
910
910
struct l2tp_tunnel *tunnel;
911
911
912
-
tunnel = l2tp_tunnel(sk);
912
+
tunnel = rcu_dereference_sk_user_data(sk);
913
913
if (tunnel == NULL)
914
914
goto pass_up;
915
915
+1
-1
net/mac80211/debugfs_netdev.c
+1
-1
net/mac80211/debugfs_netdev.c
+3
-2
net/mac80211/ht.c
+3
-2
net/mac80211/ht.c
···
112
112
IEEE80211_HT_CAP_TX_STBC);
113
113
114
114
/* Allow user to configure RX STBC bits */
115
-
if (ht_capa_mask->cap_info & IEEE80211_HT_CAP_RX_STBC)
116
-
ht_cap->cap |= ht_capa->cap_info & IEEE80211_HT_CAP_RX_STBC;
115
+
if (ht_capa_mask->cap_info & cpu_to_le16(IEEE80211_HT_CAP_RX_STBC))
116
+
ht_cap->cap |= le16_to_cpu(ht_capa->cap_info) &
117
+
IEEE80211_HT_CAP_RX_STBC;
117
118
118
119
/* Allow user to decrease AMPDU factor */
119
120
if (ht_capa_mask->ampdu_params_info &
+3
net/mac80211/iface.c
+3
net/mac80211/iface.c
+2
-2
net/netlink/genetlink.c
+2
-2
net/netlink/genetlink.c
···
362
362
} else
363
363
family->attrbuf = NULL;
364
364
365
-
family->id = idr_alloc(&genl_fam_idr, family,
366
-
start, end + 1, GFP_KERNEL);
365
+
family->id = idr_alloc_cyclic(&genl_fam_idr, family,
366
+
start, end + 1, GFP_KERNEL);
367
367
if (family->id < 0) {
368
368
err = family->id;
369
369
goto errout_free;
+25
-12
net/packet/af_packet.c
+25
-12
net/packet/af_packet.c
···
2600
2600
void *ph;
2601
2601
DECLARE_SOCKADDR(struct sockaddr_ll *, saddr, msg->msg_name);
2602
2602
bool need_wait = !(msg->msg_flags & MSG_DONTWAIT);
2603
+
unsigned char *addr = NULL;
2603
2604
int tp_len, size_max;
2604
-
unsigned char *addr;
2605
2605
void *data;
2606
2606
int len_sum = 0;
2607
2607
int status = TP_STATUS_AVAILABLE;
···
2612
2612
if (likely(saddr == NULL)) {
2613
2613
dev = packet_cached_dev_get(po);
2614
2614
proto = po->num;
2615
-
addr = NULL;
2616
2615
} else {
2617
2616
err = -EINVAL;
2618
2617
if (msg->msg_namelen < sizeof(struct sockaddr_ll))
···
2621
2622
sll_addr)))
2622
2623
goto out;
2623
2624
proto = saddr->sll_protocol;
2624
-
addr = saddr->sll_halen ? saddr->sll_addr : NULL;
2625
2625
dev = dev_get_by_index(sock_net(&po->sk), saddr->sll_ifindex);
2626
-
if (addr && dev && saddr->sll_halen < dev->addr_len)
2627
-
goto out_put;
2626
+
if (po->sk.sk_socket->type == SOCK_DGRAM) {
2627
+
if (dev && msg->msg_namelen < dev->addr_len +
2628
+
offsetof(struct sockaddr_ll, sll_addr))
2629
+
goto out_put;
2630
+
addr = saddr->sll_addr;
2631
+
}
2628
2632
}
2629
2633
2630
2634
err = -ENXIO;
···
2799
2797
struct sk_buff *skb;
2800
2798
struct net_device *dev;
2801
2799
__be16 proto;
2802
-
unsigned char *addr;
2800
+
unsigned char *addr = NULL;
2803
2801
int err, reserve = 0;
2804
2802
struct sockcm_cookie sockc;
2805
2803
struct virtio_net_hdr vnet_hdr = { 0 };
···
2816
2814
if (likely(saddr == NULL)) {
2817
2815
dev = packet_cached_dev_get(po);
2818
2816
proto = po->num;
2819
-
addr = NULL;
2820
2817
} else {
2821
2818
err = -EINVAL;
2822
2819
if (msg->msg_namelen < sizeof(struct sockaddr_ll))
···
2823
2822
if (msg->msg_namelen < (saddr->sll_halen + offsetof(struct sockaddr_ll, sll_addr)))
2824
2823
goto out;
2825
2824
proto = saddr->sll_protocol;
2826
-
addr = saddr->sll_halen ? saddr->sll_addr : NULL;
2827
2825
dev = dev_get_by_index(sock_net(sk), saddr->sll_ifindex);
2828
-
if (addr && dev && saddr->sll_halen < dev->addr_len)
2829
-
goto out_unlock;
2826
+
if (sock->type == SOCK_DGRAM) {
2827
+
if (dev && msg->msg_namelen < dev->addr_len +
2828
+
offsetof(struct sockaddr_ll, sll_addr))
2829
+
goto out_unlock;
2830
+
addr = saddr->sll_addr;
2831
+
}
2830
2832
}
2831
2833
2832
2834
err = -ENXIO;
···
3346
3342
sock_recv_ts_and_drops(msg, sk, skb);
3347
3343
3348
3344
if (msg->msg_name) {
3345
+
int copy_len;
3346
+
3349
3347
/* If the address length field is there to be filled
3350
3348
* in, we fill it in now.
3351
3349
*/
3352
3350
if (sock->type == SOCK_PACKET) {
3353
3351
__sockaddr_check_size(sizeof(struct sockaddr_pkt));
3354
3352
msg->msg_namelen = sizeof(struct sockaddr_pkt);
3353
+
copy_len = msg->msg_namelen;
3355
3354
} else {
3356
3355
struct sockaddr_ll *sll = &PACKET_SKB_CB(skb)->sa.ll;
3357
3356
3358
3357
msg->msg_namelen = sll->sll_halen +
3359
3358
offsetof(struct sockaddr_ll, sll_addr);
3359
+
copy_len = msg->msg_namelen;
3360
+
if (msg->msg_namelen < sizeof(struct sockaddr_ll)) {
3361
+
memset(msg->msg_name +
3362
+
offsetof(struct sockaddr_ll, sll_addr),
3363
+
0, sizeof(sll->sll_addr));
3364
+
msg->msg_namelen = sizeof(struct sockaddr_ll);
3365
+
}
3360
3366
}
3361
-
memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa,
3362
-
msg->msg_namelen);
3367
+
memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa, copy_len);
3363
3368
}
3364
3369
3365
3370
if (pkt_sk(sk)->auxdata) {
+3
-5
net/rds/ib_recv.c
+3
-5
net/rds/ib_recv.c
···
772
772
unsigned long frag_off;
773
773
unsigned long to_copy;
774
774
unsigned long copied;
775
-
uint64_t uncongested = 0;
775
+
__le64 uncongested = 0;
776
776
void *addr;
777
777
778
778
/* catch completely corrupt packets */
···
789
789
copied = 0;
790
790
791
791
while (copied < RDS_CONG_MAP_BYTES) {
792
-
uint64_t *src, *dst;
792
+
__le64 *src, *dst;
793
793
unsigned int k;
794
794
795
795
to_copy = min(RDS_FRAG_SIZE - frag_off, PAGE_SIZE - map_off);
···
824
824
}
825
825
826
826
/* the congestion map is in little endian order */
827
-
uncongested = le64_to_cpu(uncongested);
828
-
829
-
rds_cong_map_updated(map, uncongested);
827
+
rds_cong_map_updated(map, le64_to_cpu(uncongested));
830
828
}
831
829
832
830
static void rds_ib_process_recv(struct rds_connection *conn,
+16
-16
net/rxrpc/call_object.c
+16
-16
net/rxrpc/call_object.c
···
604
604
605
605
_enter("");
606
606
607
-
if (list_empty(&rxnet->calls))
608
-
return;
607
+
if (!list_empty(&rxnet->calls)) {
608
+
write_lock(&rxnet->call_lock);
609
609
610
-
write_lock(&rxnet->call_lock);
610
+
while (!list_empty(&rxnet->calls)) {
611
+
call = list_entry(rxnet->calls.next,
612
+
struct rxrpc_call, link);
613
+
_debug("Zapping call %p", call);
611
614
612
-
while (!list_empty(&rxnet->calls)) {
613
-
call = list_entry(rxnet->calls.next, struct rxrpc_call, link);
614
-
_debug("Zapping call %p", call);
615
+
rxrpc_see_call(call);
616
+
list_del_init(&call->link);
615
617
616
-
rxrpc_see_call(call);
617
-
list_del_init(&call->link);
618
+
pr_err("Call %p still in use (%d,%s,%lx,%lx)!\n",
619
+
call, atomic_read(&call->usage),
620
+
rxrpc_call_states[call->state],
621
+
call->flags, call->events);
618
622
619
-
pr_err("Call %p still in use (%d,%s,%lx,%lx)!\n",
620
-
call, atomic_read(&call->usage),
621
-
rxrpc_call_states[call->state],
622
-
call->flags, call->events);
623
+
write_unlock(&rxnet->call_lock);
624
+
cond_resched();
625
+
write_lock(&rxnet->call_lock);
626
+
}
623
627
624
628
write_unlock(&rxnet->call_lock);
625
-
cond_resched();
626
-
write_lock(&rxnet->call_lock);
627
629
}
628
-
629
-
write_unlock(&rxnet->call_lock);
630
630
631
631
atomic_dec(&rxnet->nr_calls);
632
632
wait_var_event(&rxnet->nr_calls, !atomic_read(&rxnet->nr_calls));
-29
net/sctp/sm_sideeffect.c
-29
net/sctp/sm_sideeffect.c
···
1112
1112
}
1113
1113
1114
1114
1115
-
/* Sent the next ASCONF packet currently stored in the association.
1116
-
* This happens after the ASCONF_ACK was succeffully processed.
1117
-
*/
1118
-
static void sctp_cmd_send_asconf(struct sctp_association *asoc)
1119
-
{
1120
-
struct net *net = sock_net(asoc->base.sk);
1121
-
1122
-
/* Send the next asconf chunk from the addip chunk
1123
-
* queue.
1124
-
*/
1125
-
if (!list_empty(&asoc->addip_chunk_list)) {
1126
-
struct list_head *entry = asoc->addip_chunk_list.next;
1127
-
struct sctp_chunk *asconf = list_entry(entry,
1128
-
struct sctp_chunk, list);
1129
-
list_del_init(entry);
1130
-
1131
-
/* Hold the chunk until an ASCONF_ACK is received. */
1132
-
sctp_chunk_hold(asconf);
1133
-
if (sctp_primitive_ASCONF(net, asoc, asconf))
1134
-
sctp_chunk_free(asconf);
1135
-
else
1136
-
asoc->addip_last_asconf = asconf;
1137
-
}
1138
-
}
1139
-
1140
-
1141
1115
/* These three macros allow us to pull the debugging code out of the
1142
1116
* main flow of sctp_do_sm() to keep attention focused on the real
1143
1117
* functionality there.
···
1756
1782
local_cork = 1;
1757
1783
}
1758
1784
sctp_cmd_send_msg(asoc, cmd->obj.msg, gfp);
1759
-
break;
1760
-
case SCTP_CMD_SEND_NEXT_ASCONF:
1761
-
sctp_cmd_send_asconf(asoc);
1762
1785
break;
1763
1786
case SCTP_CMD_PURGE_ASCONF_QUEUE:
1764
1787
sctp_asconf_queue_teardown(asoc);
+27
-8
net/sctp/sm_statefuns.c
+27
-8
net/sctp/sm_statefuns.c
···
3824
3824
return SCTP_DISPOSITION_CONSUME;
3825
3825
}
3826
3826
3827
+
static enum sctp_disposition sctp_send_next_asconf(
3828
+
struct net *net,
3829
+
const struct sctp_endpoint *ep,
3830
+
struct sctp_association *asoc,
3831
+
const union sctp_subtype type,
3832
+
struct sctp_cmd_seq *commands)
3833
+
{
3834
+
struct sctp_chunk *asconf;
3835
+
struct list_head *entry;
3836
+
3837
+
if (list_empty(&asoc->addip_chunk_list))
3838
+
return SCTP_DISPOSITION_CONSUME;
3839
+
3840
+
entry = asoc->addip_chunk_list.next;
3841
+
asconf = list_entry(entry, struct sctp_chunk, list);
3842
+
3843
+
list_del_init(entry);
3844
+
sctp_chunk_hold(asconf);
3845
+
asoc->addip_last_asconf = asconf;
3846
+
3847
+
return sctp_sf_do_prm_asconf(net, ep, asoc, type, asconf, commands);
3848
+
}
3849
+
3827
3850
/*
3828
3851
* ADDIP Section 4.3 General rules for address manipulation
3829
3852
* When building TLV parameters for the ASCONF Chunk that will add or
···
3938
3915
SCTP_TO(SCTP_EVENT_TIMEOUT_T4_RTO));
3939
3916
3940
3917
if (!sctp_process_asconf_ack((struct sctp_association *)asoc,
3941
-
asconf_ack)) {
3942
-
/* Successfully processed ASCONF_ACK. We can
3943
-
* release the next asconf if we have one.
3944
-
*/
3945
-
sctp_add_cmd_sf(commands, SCTP_CMD_SEND_NEXT_ASCONF,
3946
-
SCTP_NULL());
3947
-
return SCTP_DISPOSITION_CONSUME;
3948
-
}
3918
+
asconf_ack))
3919
+
return sctp_send_next_asconf(net, ep,
3920
+
(struct sctp_association *)asoc,
3921
+
type, commands);
3949
3922
3950
3923
abort = sctp_make_abort(asoc, asconf_ack,
3951
3924
sizeof(struct sctp_errhdr));
+32
-15
net/tls/tls_device.c
+32
-15
net/tls/tls_device.c
···
580
580
static int tls_device_reencrypt(struct sock *sk, struct sk_buff *skb)
581
581
{
582
582
struct strp_msg *rxm = strp_msg(skb);
583
-
int err = 0, offset = rxm->offset, copy, nsg;
583
+
int err = 0, offset = rxm->offset, copy, nsg, data_len, pos;
584
584
struct sk_buff *skb_iter, *unused;
585
585
struct scatterlist sg[1];
586
586
char *orig_buf, *buf;
···
611
611
else
612
612
err = 0;
613
613
614
-
copy = min_t(int, skb_pagelen(skb) - offset,
615
-
rxm->full_len - TLS_CIPHER_AES_GCM_128_TAG_SIZE);
614
+
data_len = rxm->full_len - TLS_CIPHER_AES_GCM_128_TAG_SIZE;
616
615
617
-
if (skb->decrypted)
618
-
skb_store_bits(skb, offset, buf, copy);
616
+
if (skb_pagelen(skb) > offset) {
617
+
copy = min_t(int, skb_pagelen(skb) - offset, data_len);
619
618
620
-
offset += copy;
621
-
buf += copy;
622
-
623
-
skb_walk_frags(skb, skb_iter) {
624
-
copy = min_t(int, skb_iter->len,
625
-
rxm->full_len - offset + rxm->offset -
626
-
TLS_CIPHER_AES_GCM_128_TAG_SIZE);
627
-
628
-
if (skb_iter->decrypted)
629
-
skb_store_bits(skb_iter, offset, buf, copy);
619
+
if (skb->decrypted)
620
+
skb_store_bits(skb, offset, buf, copy);
630
621
631
622
offset += copy;
632
623
buf += copy;
624
+
}
625
+
626
+
pos = skb_pagelen(skb);
627
+
skb_walk_frags(skb, skb_iter) {
628
+
int frag_pos;
629
+
630
+
/* Practically all frags must belong to msg if reencrypt
631
+
* is needed with current strparser and coalescing logic,
632
+
* but strparser may "get optimized", so let's be safe.
633
+
*/
634
+
if (pos + skb_iter->len <= offset)
635
+
goto done_with_frag;
636
+
if (pos >= data_len + rxm->offset)
637
+
break;
638
+
639
+
frag_pos = offset - pos;
640
+
copy = min_t(int, skb_iter->len - frag_pos,
641
+
data_len + rxm->offset - offset);
642
+
643
+
if (skb_iter->decrypted)
644
+
skb_store_bits(skb_iter, frag_pos, buf, copy);
645
+
646
+
offset += copy;
647
+
buf += copy;
648
+
done_with_frag:
649
+
pos += skb_iter->len;
633
650
}
634
651
635
652
free_buf:
+2
-1
net/tls/tls_device_fallback.c
+2
-1
net/tls/tls_device_fallback.c
···
201
201
202
202
skb_put(nskb, skb->len);
203
203
memcpy(nskb->data, skb->data, headln);
204
-
update_chksum(nskb, headln);
205
204
206
205
nskb->destructor = skb->destructor;
207
206
nskb->sk = sk;
208
207
skb->destructor = NULL;
209
208
skb->sk = NULL;
209
+
210
+
update_chksum(nskb, headln);
210
211
211
212
delta = nskb->truesize - skb->truesize;
212
213
if (likely(delta < 0))
+2
-3
net/wireless/reg.c
+2
-3
net/wireless/reg.c
···
3769
3769
/*
3770
3770
* The last request may have been received before this
3771
3771
* registration call. Call the driver notifier if
3772
-
* initiator is USER and user type is CELL_BASE.
3772
+
* initiator is USER.
3773
3773
*/
3774
-
if (lr->initiator == NL80211_REGDOM_SET_BY_USER &&
3775
-
lr->user_reg_hint_type == NL80211_USER_REG_HINT_CELL_BASE)
3774
+
if (lr->initiator == NL80211_REGDOM_SET_BY_USER)
3776
3775
reg_call_notifier(wiphy, lr);
3777
3776
}
3778
3777
+14
-3
net/xfrm/xfrm_interface.c
+14
-3
net/xfrm/xfrm_interface.c
···
70
70
return NULL;
71
71
}
72
72
73
-
static struct xfrm_if *xfrmi_decode_session(struct sk_buff *skb)
73
+
static struct xfrm_if *xfrmi_decode_session(struct sk_buff *skb,
74
+
unsigned short family)
74
75
{
75
76
struct xfrmi_net *xfrmn;
76
-
int ifindex;
77
77
struct xfrm_if *xi;
78
+
int ifindex = 0;
78
79
79
80
if (!secpath_exists(skb) || !skb->dev)
80
81
return NULL;
81
82
83
+
switch (family) {
84
+
case AF_INET6:
85
+
ifindex = inet6_sdif(skb);
86
+
break;
87
+
case AF_INET:
88
+
ifindex = inet_sdif(skb);
89
+
break;
90
+
}
91
+
if (!ifindex)
92
+
ifindex = skb->dev->ifindex;
93
+
82
94
xfrmn = net_generic(xs_net(xfrm_input_state(skb)), xfrmi_net_id);
83
-
ifindex = skb->dev->ifindex;
84
95
85
96
for_each_xfrmi_rcu(xfrmn->xfrmi[0], xi) {
86
97
if (ifindex == xi->dev->ifindex &&
+1
-1
net/xfrm/xfrm_policy.c
+1
-1
net/xfrm/xfrm_policy.c
+1
-1
net/xfrm/xfrm_state.c
+1
-1
net/xfrm/xfrm_state.c
+2
-14
net/xfrm/xfrm_user.c
+2
-14
net/xfrm/xfrm_user.c
···
1424
1424
ret = verify_policy_dir(p->dir);
1425
1425
if (ret)
1426
1426
return ret;
1427
-
if (p->index && ((p->index & XFRM_POLICY_MAX) != p->dir))
1427
+
if (p->index && (xfrm_policy_id2dir(p->index) != p->dir))
1428
1428
return -EINVAL;
1429
1429
1430
1430
return 0;
···
1513
1513
return -EINVAL;
1514
1514
}
1515
1515
1516
-
switch (ut[i].id.proto) {
1517
-
case IPPROTO_AH:
1518
-
case IPPROTO_ESP:
1519
-
case IPPROTO_COMP:
1520
-
#if IS_ENABLED(CONFIG_IPV6)
1521
-
case IPPROTO_ROUTING:
1522
-
case IPPROTO_DSTOPTS:
1523
-
#endif
1524
-
case IPSEC_PROTO_ANY:
1525
-
break;
1526
-
default:
1516
+
if (!xfrm_id_proto_valid(ut[i].id.proto))
1527
1517
return -EINVAL;
1528
-
}
1529
-
1530
1518
}
1531
1519
1532
1520
return 0;
-1
scripts/selinux/genheaders/genheaders.c
-1
scripts/selinux/genheaders/genheaders.c
-1
scripts/selinux/mdp/mdp.c
-1
scripts/selinux/mdp/mdp.c
+1
security/selinux/include/classmap.h
+1
security/selinux/include/classmap.h
+3
tools/bpf/bpftool/map.c
+3
tools/bpf/bpftool/map.c
+1
tools/lib/bpf/.gitignore
+1
tools/lib/bpf/.gitignore
+25
tools/testing/selftests/bpf/verifier/calls.c
+25
tools/testing/selftests/bpf/verifier/calls.c
···
375
375
.flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
376
376
},
377
377
{
378
+
"calls: ptr null check in subprog",
379
+
.insns = {
380
+
BPF_ST_MEM(BPF_DW, BPF_REG_10, -8, 0),
381
+
BPF_MOV64_REG(BPF_REG_2, BPF_REG_10),
382
+
BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8),
383
+
BPF_LD_MAP_FD(BPF_REG_1, 0),
384
+
BPF_EMIT_CALL(BPF_FUNC_map_lookup_elem),
385
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
386
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
387
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 3),
388
+
BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 1),
389
+
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_6, 0),
390
+
BPF_EXIT_INSN(),
391
+
BPF_MOV64_IMM(BPF_REG_0, 0),
392
+
BPF_JMP_IMM(BPF_JEQ, BPF_REG_1, 0, 1),
393
+
BPF_MOV64_IMM(BPF_REG_0, 1),
394
+
BPF_EXIT_INSN(),
395
+
},
396
+
.errstr_unpriv = "function calls to other bpf functions are allowed for root only",
397
+
.fixup_map_hash_48b = { 3 },
398
+
.result_unpriv = REJECT,
399
+
.result = ACCEPT,
400
+
.retval = 0,
401
+
},
402
+
{
378
403
"calls: two calls with args",
379
404
.insns = {
380
405
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 1),
+22
tools/testing/selftests/bpf/verifier/direct_packet_access.c
+22
tools/testing/selftests/bpf/verifier/direct_packet_access.c
···
631
631
.errstr = "invalid access to packet",
632
632
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
633
633
},
634
+
{
635
+
"direct packet access: test29 (reg > pkt_end in subprog)",
636
+
.insns = {
637
+
BPF_LDX_MEM(BPF_W, BPF_REG_6, BPF_REG_1,
638
+
offsetof(struct __sk_buff, data)),
639
+
BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,
640
+
offsetof(struct __sk_buff, data_end)),
641
+
BPF_MOV64_REG(BPF_REG_3, BPF_REG_6),
642
+
BPF_ALU64_IMM(BPF_ADD, BPF_REG_3, 8),
643
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 4),
644
+
BPF_JMP_IMM(BPF_JEQ, BPF_REG_0, 0, 1),
645
+
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_6, 0),
646
+
BPF_MOV64_IMM(BPF_REG_0, 0),
647
+
BPF_EXIT_INSN(),
648
+
BPF_MOV64_IMM(BPF_REG_0, 0),
649
+
BPF_JMP_REG(BPF_JGT, BPF_REG_3, BPF_REG_2, 1),
650
+
BPF_MOV64_IMM(BPF_REG_0, 1),
651
+
BPF_EXIT_INSN(),
652
+
},
653
+
.result = ACCEPT,
654
+
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
655
+
},
+8
-2
tools/testing/selftests/net/fib_rule_tests.sh
+8
-2
tools/testing/selftests/net/fib_rule_tests.sh
···
27
27
nsuccess=$((nsuccess+1))
28
28
printf "\n TEST: %-50s [ OK ]\n" "${msg}"
29
29
else
30
+
ret=1
30
31
nfail=$((nfail+1))
31
32
printf "\n TEST: %-50s [FAIL]\n" "${msg}"
32
33
if [ "${PAUSE_ON_FAIL}" = "yes" ]; then
···
148
147
149
148
fib_check_iproute_support "ipproto" "ipproto"
150
149
if [ $? -eq 0 ]; then
151
-
match="ipproto icmp"
152
-
fib_rule6_test_match_n_redirect "$match" "$match" "ipproto icmp match"
150
+
match="ipproto ipv6-icmp"
151
+
fib_rule6_test_match_n_redirect "$match" "$match" "ipproto ipv6-icmp match"
153
152
fi
154
153
}
155
154
···
245
244
setup
246
245
run_fibrule_tests
247
246
cleanup
247
+
248
+
if [ "$TESTS" != "none" ]; then
249
+
printf "\nTests passed: %3d\n" ${nsuccess}
250
+
printf "Tests failed: %3d\n" ${nfail}
251
+
fi
248
252
249
253
exit $ret
+25
-9
tools/testing/selftests/seccomp/seccomp_bpf.c
+25
-9
tools/testing/selftests/seccomp/seccomp_bpf.c
···
2166
2166
SECCOMP_FILTER_FLAG_LOG,
2167
2167
SECCOMP_FILTER_FLAG_SPEC_ALLOW,
2168
2168
SECCOMP_FILTER_FLAG_NEW_LISTENER };
2169
-
unsigned int flag, all_flags;
2169
+
unsigned int exclusive[] = {
2170
+
SECCOMP_FILTER_FLAG_TSYNC,
2171
+
SECCOMP_FILTER_FLAG_NEW_LISTENER };
2172
+
unsigned int flag, all_flags, exclusive_mask;
2170
2173
int i;
2171
2174
long ret;
2172
2175
2173
-
/* Test detection of known-good filter flags */
2176
+
/* Test detection of individual known-good filter flags */
2174
2177
for (i = 0, all_flags = 0; i < ARRAY_SIZE(flags); i++) {
2175
2178
int bits = 0;
2176
2179
···
2200
2197
all_flags |= flag;
2201
2198
}
2202
2199
2203
-
/* Test detection of all known-good filter flags */
2204
-
ret = seccomp(SECCOMP_SET_MODE_FILTER, all_flags, NULL);
2205
-
EXPECT_EQ(-1, ret);
2206
-
EXPECT_EQ(EFAULT, errno) {
2207
-
TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
2208
-
all_flags);
2200
+
/*
2201
+
* Test detection of all known-good filter flags combined. But
2202
+
* for the exclusive flags we need to mask them out and try them
2203
+
* individually for the "all flags" testing.
2204
+
*/
2205
+
exclusive_mask = 0;
2206
+
for (i = 0; i < ARRAY_SIZE(exclusive); i++)
2207
+
exclusive_mask |= exclusive[i];
2208
+
for (i = 0; i < ARRAY_SIZE(exclusive); i++) {
2209
+
flag = all_flags & ~exclusive_mask;
2210
+
flag |= exclusive[i];
2211
+
2212
+
ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
2213
+
EXPECT_EQ(-1, ret);
2214
+
EXPECT_EQ(EFAULT, errno) {
2215
+
TH_LOG("Failed to detect that all known-good filter flags (0x%X) are supported!",
2216
+
flag);
2217
+
}
2209
2218
}
2210
2219
2211
-
/* Test detection of an unknown filter flag */
2220
+
/* Test detection of an unknown filter flags, without exclusives. */
2212
2221
flag = -1;
2222
+
flag &= ~exclusive_mask;
2213
2223
ret = seccomp(SECCOMP_SET_MODE_FILTER, flag, NULL);
2214
2224
EXPECT_EQ(-1, ret);
2215
2225
EXPECT_EQ(EINVAL, errno) {