Since right after the user copy, we are going to memset(&karg, 0,
sizeof(karg)), the copy_from_user is redundant
Signed-off-by: Meng Xu <mengxu.gatech@gmail.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Use *_pool_zalloc rather than *_pool_alloc followed by memset with 0.
Found by coccinelle spatch "api/alloc/pool_zalloc-simple.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Acked-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Use *_pool_zalloc rather than *_pool_alloc followed by memset with 0.
Found by coccinelle spatch "api/alloc/pool_zalloc-simple.cocci"
Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Device handlers are optional, and for some handlers like ALUA only
implemented for certain device types. So suppress any errors for
unsupported devices.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Rather than having each device handler implementing their own error
mapping, have the ->attach() call return a SCSI_DH_XXX error code and
implement the mapping in scsi_dh_handler_attach().
Suggested-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Reporting a maximum number of blocks that is not aligned on the device
physical size would cause a large write same request to be split into
physically unaligned chunks by __blkdev_issue_write_zeroes() and
__blkdev_issue_write_same(), even if the caller of these functions took
care to align its request to physical sectors.
Make sure the maximum reported is aligned to the device physical block
size. This is only an optional optimization for regular disks, but this
is mandatory to avoid failure of large write same requests directed at
sequential write required zones of host-managed ZBC disks.
[mkp: tweaked commit message]
Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Set PCIe relaxed ordering bits in FW_IQ_CMD if relaxed ordering is
enabled in the PCIe device.
Signed-off-by: Varun Prakash <varun@chelsio.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
csk is always null on the error return path and so the non-null check
and call to cxgbi_sock_closed on csk is redundant and can be removed.
Detected by: CoverityScan CID#114329 ("Logically dead code")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Varun Prakash <varun@chelsio.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Events will be added to defer_q list when setting ha->status to
SAS_HA_DRAINING. Events will be called after drain workqueue.
Those events are added to the head of list, but they are scanned one by
one from the head to the tail, which will cause those events be called
in the reverse order of being added. So change list_add to list_add_tail
in function sas_queue_work.
Signed-off-by: chenxiang <chenxiang66@hisilicon.com>
Signed-off-by: Jason Yan <yanaijie@huawei.com>
CC: John Garry <john.garry@huawei.com>
CC: Johannes Thumshirn <jthumshirn@suse.de>
CC: Ewan Milne <emilne@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Tomas Henzl <thenzl@redhat.com>
CC: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Rename function notify_port_event() to sas_notify_port_event(), which
will be consistent with sas_notify_phy_event().
Signed-off-by: Jason Yan <yanaijie@huawei.com>
CC: John Garry <john.garry@huawei.com>
CC: Johannes Thumshirn <jthumshirn@suse.de>
CC: Ewan Milne <emilne@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Tomas Henzl <thenzl@redhat.com>
CC: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
No one uses the port_gone_completion in struct asd_sas_port and
DISCE_PORT_GONE in enum disover_event, clean them out.
Signed-off-by: Jason Yan <yanaijie@huawei.com>
CC: Johannes Thumshirn <jthumshirn@suse.de>
CC: Ewan Milne <emilne@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Tomas Henzl <thenzl@redhat.com>
CC: Dan Williams <dan.j.williams@intel.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Numbering for each event enum makes no sense. Remove the numbering so
that we don't have to calculate the number by hand every time.
Signed-off-by: Jason Yan <yanaijie@huawei.com>
CC: John Garry <john.garry@huawei.com>
CC: Johannes Thumshirn <jthumshirn@suse.de>
CC: Ewan Milne <emilne@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Tomas Henzl <thenzl@redhat.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The ha_event now has only one event HAE_RESET, and this event does
nothing. Kill it and do some cleanup.
This is a preparation for enhance libsas hotplug feature in the next
patches.
Signed-off-by: Jason Yan <yanaijie@huawei.com>
Signed-off-by: John Garry <john.garry@huawei.com>
Reviewed-by: Johannes Thumshirn <jthumshirn@suse.de>
Reviewed-by: Christoph Hellwig <hch@lst.de>
CC: Johannes Thumshirn <jthumshirn@suse.de>
CC: Ewan Milne <emilne@redhat.com>
CC: Christoph Hellwig <hch@lst.de>
CC: Tomas Henzl <thenzl@redhat.com>
CC: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
When a NETDEV_UNREGISTER notification is received the network device is
_deleted_ after the callback returns. So we cannot use a workqueue
here, as this would cause an inversion when removing the device as the
netdev is already gone. This manifests with a nasty warning during
shutdown:
sysfs group ffffffff81eff0e0 not found for kobject 'fc_host7'
So open-code fcoe_destroy_work() when receiving the notification to
avoid this inversion.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Lee Duncan <lduncan@suse.com>
Acked-by: Johannes Thumshirn <jth@kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Separate out fcoe_vport_remove() from fcoe_destroy_work(). Required for
the next patch.
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Lee Duncan <lduncan@suse.com>
Acked-by: Johannes Thumshirn <jth@kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
This closes a possible race condition in _fcoe_create() where we drop
the rtnl_lock() before calling fcoe_interface_remove().
Signed-off-by: Hannes Reinecke <hare@suse.com>
Reviewed-by: Lee Duncan <lduncan@suse.com>
Acked-by: Johannes Thumshirn <jth@kernel.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Don't populate const arrays on the stack, instead make them static.
Makes the object code smaller by over 740 bytes.
Before:
text data bss dec hex filename
3840 208 0 4048 fd0 drivers/scsi/ufs/tc-dwc-g210.o
After:
text data bss dec hex filename
2679 624 0 3303 ce7 drivers/scsi/ufs/tc-dwc-g210.o
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Bart Van Assche <bart.vanassche@wdc.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Pointers bnx2i_cmd are set but never used, so they can be removed.
Signed-off-by: Christos Gkekas <chris.gekas@gmail.com>
Acked-by: Manish Rangankar <Manish.Rangankar@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
The pointer eqe is always non-null inside the while loop, so the check
to see if eqe is NULL is redudant and hence can be removed.
Detected by CoverityScan CID#1248693 ("Logically Dead Code")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: James Smart <james.smart@broadcom.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Another merge window, another MAINTAINERS file disaster.
People have serious problems with the alphabet and sorting, and poor
Jérôme Glisse and Radim Krčmář get their names mangled by locale issues,
turning them into some mangled mess (probably others do too, but those
two stood out when sorting things again).
And we now have two copies of the same 'AS3645A LED FLASH CONTROLLER
DRIVER' in the tree and in the MAINTAINERS file, but that's a separate
issue - the duplication is real, and I left them as two entries for the
same name.
This does not try to sort the actual section pattern entries, although I
may end up doing that later.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
the sunxi-ng framework. Otherwise, the heavy hitters are various drivers
for SoCs like AT91, Amlogic, Renesas, and Rockchip. There are some other
new clk drivers in here too but overall this is just a bunch of clk
drivers for various different pieces of hardware and a collection of
non-critical fixes for clk drivers.
New Drivers:
- Allwinner R40 SoCs
- Renesas R-Car Gen3 USB 2.0 clock selector PHY
- Atmel AT91 audio PLL
- Uniphier PXs3 SoCs
- ARC HSDK Board PLLs
- AXS10X Board PLLs
- STMicroelectronics STM32H743 SoCs
Removed Drivers:
- Non-compiling mb86s7x support
Updates:
- Allwinner A10/A20 SoCs converted to sunxi-ng framework
- Allwinner H3 CPU clk fixes
- Renesas R-Car D3 SoC
- Renesas V2H and M3-W modules
- Samsung Exynos5420/5422/5800 audio fixes
- Rockchip fractional clk approximation fixes
- Rockchip rk3126 SoC support within the rk3128 driver
- Amlogic gxbb CEC32 and sd_emmc clks
- Amlogic meson8b reset controller support
- IDT VersaClock 5P49V5925/5P49V6901 support
- Qualcomm MSM8996 SMMU clks
- Various 'const' applications for struct clk_ops
- si5351 PLL reset bugfix
- Uniphier audio on LD11/LD20 and ethernet support on LD11/LD20/Pro4/PXs2
- Assorted Tegra clk driver fixes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABCAAGBQJZuIAQAAoJEK0CiJfG5JUlUMQQAKFwCZRfTzz0m9jJ9s1XZSR/
vldNAEUGm+Mz0W84xIzFqaT0UI1+SJK4e9Du+EN6phcCD5yVB0JS2EtRa84Bku/i
Zy6AYSUNbGjx94HPwIq1hKt+UOIfBiNbJKMnkoCbEyYPA/TiWzr8JR5GyLjwYhPq
IZHSvKqUKM3h2nr+MtpFJIIk8DlkLARRca4CCqa5i2Oqj6B8rjQQAq7TaLAM3ASN
tSFIW2vdmWD+om2L57WHhwBgaYnUB4jBCRWkFZRsO4ZIRgm4VpePmosy2UTZ7fqb
kEaW2bPuv65zUHpvjHG6yXo+yh0yk1fBsXG/joXgJ4oOmNzsIgnCZzPnGUC1ccms
QdK/qhdIXsdgiR2DZtYuzUHji8+TNIPPjfAFyJjUwxDBXpqzXvsvltx2a1hg/rUP
VDvTL2OnoGtrW2bXPufCkxBsyejJ4RqC5riMJws5xgMkqKKUajiLovPeuL6+8kU+
ncqWYiIkEvHNKpmW511G/g+ClLk89zgXfxKFWWR+iDjSvA0hgaiRj1V3C2HIyS8f
CLpalf6ao2+O008rUiaiqJyxWuwLujcdYokay2HXvTYc45rXrVwvlaDajxqs2eer
lekUA4ZbX2g6qvB0lna6PNlv8JLQ1XPdzhWD2eeQIi7JgVSgwg++kUJqglsuai56
eg5zNo6891GL9zFW10/A
=0JbT
-----END PGP SIGNATURE-----
Merge tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
Pull clk updates from Stephen Boyd:
"The diff is dominated by the Allwinner A10/A20 SoCs getting converted
to the sunxi-ng framework. Otherwise, the heavy hitters are various
drivers for SoCs like AT91, Amlogic, Renesas, and Rockchip. There are
some other new clk drivers in here too but overall this is just a
bunch of clk drivers for various different pieces of hardware and a
collection of non-critical fixes for clk drivers.
New Drivers:
- Allwinner R40 SoCs
- Renesas R-Car Gen3 USB 2.0 clock selector PHY
- Atmel AT91 audio PLL
- Uniphier PXs3 SoCs
- ARC HSDK Board PLLs
- AXS10X Board PLLs
- STMicroelectronics STM32H743 SoCs
Removed Drivers:
- Non-compiling mb86s7x support
Updates:
- Allwinner A10/A20 SoCs converted to sunxi-ng framework
- Allwinner H3 CPU clk fixes
- Renesas R-Car D3 SoC
- Renesas V2H and M3-W modules
- Samsung Exynos5420/5422/5800 audio fixes
- Rockchip fractional clk approximation fixes
- Rockchip rk3126 SoC support within the rk3128 driver
- Amlogic gxbb CEC32 and sd_emmc clks
- Amlogic meson8b reset controller support
- IDT VersaClock 5P49V5925/5P49V6901 support
- Qualcomm MSM8996 SMMU clks
- Various 'const' applications for struct clk_ops
- si5351 PLL reset bugfix
- Uniphier audio on LD11/LD20 and ethernet support on LD11/LD20/Pro4/PXs2
- Assorted Tegra clk driver fixes"
* tag 'clk-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux: (120 commits)
clk: si5351: fix PLL reset
ASoC: atmel-classd: remove aclk clock
ASoC: atmel-classd: remove aclk clock from DT binding
clk: at91: clk-generated: make gclk determine audio_pll rate
clk: at91: clk-generated: create function to find best_diff
clk: at91: add audio pll clock drivers
dt-bindings: clk: at91: add audio plls to the compatible list
clk: at91: clk-generated: remove useless divisor loop
clk: mb86s7x: Drop non-building driver
clk: ti: check for null return in strrchr to avoid null dereferencing
clk: Don't write error code into divider register
clk: uniphier: add video input subsystem clock
clk: uniphier: add audio system clock
clk: stm32h7: Add stm32h743 clock driver
clk: gate: expose clk_gate_ops::is_enabled
clk: nxp: clk-lpc32xx: rename clk_gate_is_enabled()
clk: uniphier: add PXs3 clock data
clk: hi6220: change watchdog clock source
clk: Kconfig: Name RK805 in Kconfig for COMMON_CLK_RK808
clk: cs2000: Add cs2000_set_saved_rate
...
Most of the commits are trivial cleanup patches, while one commit
is a significant fix for the race at ALSA sequencer that was spotted
by syzkaller.
-----BEGIN PGP SIGNATURE-----
iQJCBAABCAAsFiEECxfAB4MH3rD5mfB6bDGAVD0pKaQFAlm5SVUOHHRpd2FpQHN1
c2UuZGUACgkQbDGAVD0pKaSZgxAAodFAsdSP1GNPCqf12M7iIFLQpiNI5Yn+goMF
aT8aYKUxaOd6ov/NuWRGvzwpnVgqN9AGA/cZ4VVDlRbtT5vmbfRjhRyCKUF321bh
wQTGBBI1/McHOd+Jq5egH+V0xhsnuB6izRys9OboZvNDvaR6GVillGWSEGSHD5RQ
JdXmCoBIPkeE72sHii1AmsTsDD/2mKAAvV94A8mGI7w6BZJvdpfC5S6XwWRP4+3F
IKPKHPoMCHuAtB1gMGc7Fbt/o3SPWKPyBub6qmGHwdQFPTLDZNKmWjkTYINMnc7G
6LXAMQWxDvYziWOFsSUrv+DcDXJup0n+xswDd3qeTL1mRO0PrRM0SlULl2wcZQtO
depksy2m07ZFU8SelHuy5EiJq7TGiyqG/ensbCpN2Fwf1mhl7oCLRo7+GLOp0uIq
pZj7zEE3UBCvfAaouAPQADjvr6SjeUyVjcXYw0fDZtNPoBPlU1lPXk9a5zFNBNVg
ZXwkfPkbXA23OXx9Da7mBi+cb8MYjvBInWsDkS0X4fr2t111dtXAVLX68dfMgzxH
ydTDQf1ASiuVRmnwQ/vWvl3KIe9BC+kVjLBoQKEV+uIgXF0h1TrrDpKa/Ob0J4vf
klMeu5iumtQzVpnE6UgeV+yJz5silSYEiVX+Cdn6XPfiFSQm9F9dR15lkyf6SZEe
Dhun6i4=
=R41d
-----END PGP SIGNATURE-----
Merge tag 'sound-fix-4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound
Pull sound fixes from Takashi Iwai:
"Most of the commits are trivial cleanup patches, while one commit is a
significant fix for the race at ALSA sequencer that was spotted by
syzkaller"
* tag 'sound-fix-4.14-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound:
ALSA: seq: Cancel pending autoload work at unbinding device
ALSA: firewire: Use common error handling code in snd_motu_stream_start_duplex()
ALSA: asihpi: Kill BUG_ON() usages
ALSA: core: Use %pS printk format for direct addresses
ALSA: ymfpci: Use common error handling code in snd_ymfpci_create()
ALSA: ymfpci: Use common error handling code in snd_card_ymfpci_probe()
ALSA: 6fire: Use common error handling code in usb6fire_chip_probe()
ALSA: usx2y: Use common error handling code in submit_urbs()
ALSA: us122l: Use common error handling code in us122l_create_card()
ALSA: hdspm: Use common error handling code in snd_hdspm_probe()
ALSA: rme9652: Use common code in hdsp_get_iobox_version()
ALSA: maestro3: Use common error handling code in two functions
A tiny update: one patch corrects a Kconfig problem with the shift of
the SAS SMP code to BSG and the other removes a vestige of user space
target mode.
Signed-off-by: James E.J. Bottomley <jejb@linux.vnet.ibm.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABAgAGBQJZuT+aAAoJEAVr7HOZEZN4NfIQALxKfdv9FNwRzjzBYW1QZkrD
U9hjB6z3hdrv2NmMzwBf4RSstad+ju4Pn2eS3kVe62qZECYIW2iqPGuOmJ3n6G3P
QZ/l/Ab6OoAeVdKc9KO6pqgB4CFMTliWf7caeN3dA2NXAezQp3Akq7V9xbczGn1f
clfj8wM6AQg49zf+v//JVfL+BDJq/CQDkfOwb/aOmLCv8ANsPWEqZcNTTe8AE9A4
Mwux1uyETOCstmg1uouFUFJqnREz22hXP4G+NXMSqJZ3DbFApnicn8YxYIUipxUX
vXxgTBQqP1RXlh+sxI71iVAjmAyomcHIsXMWXFg9fOcdOlxEy48ugbvmdnBOMaui
NokHmg19KHeschRSyRvf658TtvHyWr3ZD9PXC4Hj4Hq2EAnZDQ3468snvUu8IZFb
quOhGgNdyAikBHmwp9gj3eWSpyW0kYOXC9Lv6xZKLSdnfJD8V5v4/3xCR8QAQpx5
M1Dgibl02aucACpC5vEj6M6tmEw9UaSfoKIJoipgc1+ZnJeVOwTqtLBbm/8XIXmo
vAZVsZaaQy4aTNGjJMmsi9T/q6NwkMxXHIi0CoDyTPLYaDK1YdBQ7xlvKP4PmKgu
j1XfbliJvOEXbDVFJd6uGpx6alEkYiausJEKsK8tv54Dt/cy2WNyoccRr2qCnMke
BhT7/2GTf49MRBLri3xf
=nBuB
-----END PGP SIGNATURE-----
Merge tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull SCSI fixes from James Bottomley:
"A tiny update: one patch corrects a Kconfig problem with the shift of
the SAS SMP code to BSG and the other removes a vestige of user space
target mode"
* tag 'scsi-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
scsi: scsi_transport_sas: select BLK_DEV_BSGLIB
scsi: Remove Scsi_Host.uspace_req_q
Pull block fixes from Jens Axboe:
"Small collection of fixes that would be nice to have in -rc1. This
contains:
- NVMe pull request form Christoph, mostly with fixes for nvme-pci,
host memory buffer in particular.
- Error handling fixup for cgwb_create(), in case allocation of 'wb'
fails. From Christophe Jaillet.
- Ensure that trace_block_getrq() gets the 'dev' in an appropriate
fashion, to avoid a potential NULL deref. From Greg Thelen.
- Regression fix for dm-mq with blk-mq, fixing a problem with
stacking IO schedulers. From me.
- string.h fixup, fixing an issue with memcpy_and_pad(). This
original change came in through an NVMe dependency, which is why
I'm including it here. From Martin Wilck.
- Fix potential int overflow in __blkdev_sectors_to_bio_pages(), from
Mikulas.
- MBR enable fix for sed-opal, from Scott"
* 'for-linus' of git://git.kernel.dk/linux-block:
block: directly insert blk-mq request from blk_insert_cloned_request()
mm/backing-dev.c: fix an error handling path in 'cgwb_create()'
string.h: un-fortify memcpy_and_pad
nvme-pci: implement the HMB entry number and size limitations
nvme-pci: propagate (some) errors from host memory buffer setup
nvme-pci: use appropriate initial chunk size for HMB allocation
nvme-pci: fix host memory buffer allocation fallback
nvme: fix lightnvm check
block: fix integer overflow in __blkdev_sectors_to_bio_pages()
block: sed-opal: Set MBRDone on S3 resume path if TPER is MBREnabled
block: tolerate tracing of NULL bio
of other fixes that wandered in.
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJZuCxFAAoJEI3ONVYwIuV6rTQP/3yUWDFpeg4lKNd2YLSA2s99
O+t2iLkJea8bFA5LxGibDEZGYr5ZLAYg9TMZ4EpANlzHijYQU9ZRBl0dhCECgmxV
sobLbhevMQItPIPJ9Ik/nMQjife7JstifmGCDFnZhhmg1pnf62Ri5X3kaUHUXy1P
5K3c9PvrmjIluDloN8fiGMeJRCIcdth6OODSjlqCjqxpNIDd7XuAQ+VXnpu7locW
dBTjbxaAc3MOBm7I9EBlfhIS/Drq1DPTAZcAn506RT9cA71WmkBAy0Cwye/Kp0Py
HwmfTBcS0eEofmx4fseeN1nTcx2fyJGF3HisV4Ek87L8Fib0Sm26Q7qOzDm62xdh
XvBdkEzBnNPHvrgpJxmDciHRGfzH7WU88blzNbjYcTqF5mw3QsOdtoG4bBGm79wH
Y7/Lhuj5uAskNwf0bRAo0lVxxAqStdek8/zQCOFONAxK/9yhti9rKFzJPVjN62CR
UNlmTE83zUwNGl/fidgj8cvEV7qPkI1E8K3tXAUl4rwEvJZ4XfZFYS5lSeculhHN
+yGUrVocoLuJ0fBVELi8+VUjT1F+pjeTJwfM74eSlBVahyuBRv5tWQvnKcF4T5M3
ZDpMu33f+aT0BogUjoRwC54Ce+RzWUswE9V2rvcyJTHHb8pkBv1he7CApdQZf/pL
pVD+v6okpSI5EJACbVsX
=XzFs
-----END PGP SIGNATURE-----
Merge tag 'docs-4.14' of git://git.lwn.net/linux
Pull documentation fixes from Jonathan Corbet:
"A cleanup from Mauro that needed to wait for the media pull, plus a
handful of other fixes that wandered in"
* tag 'docs-4.14' of git://git.lwn.net/linux:
kokr/memory-barriers.txt: Apply atomic_t.txt change
kokr/doc: Update memory-barriers.txt for read-to-write dependencies
docs-rst: don't require adjustbox anymore
docs-rst: conf.py: only setup notice box colors if Sphinx < 1.6
docs-rst: conf.py: remove lscape from LaTeX preamble
Pull fuse updates from Miklos Szeredi:
"This fixes a regression (spotted by the Sandstorm.io folks) in the pid
namespace handling introduced in 4.12.
There's also a fix for honoring sync/dsync flags for pwritev2()"
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse:
fuse: getattr cleanup
fuse: honor iocb sync flags on write
fuse: allow server to run in different pid_ns
Pull overlayfs updates from Miklos Szeredi:
"This fixes d_ino correctness in readdir, which brings overlayfs on par
with normal filesystems regarding inode number semantics, as long as
all layers are on the same filesystem.
There are also some bug fixes, one in particular (random ioctl's
shouldn't be able to modify lower layers) that touches some vfs code,
but of course no-op for non-overlay fs"
* 'overlayfs-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ovl: fix false positive ESTALE on lookup
ovl: don't allow writing ioctl on lower layer
ovl: fix relatime for directories
vfs: add flags to d_real()
ovl: cleanup d_real for negative
ovl: constant d_ino for non-merge dirs
ovl: constant d_ino across copy up
ovl: fix readdir error value
ovl: check snprintf return
In this round, we've mostly tuned f2fs to provide better user experience
for Android. Especially, we've worked on atomic write feature again with
SQLite community in order to support it officially. And we added or modified
several facilities to analyze and enhance IO behaviors.
Major changes include:
- add app/fs io stat
- add inode checksum feature
- support project/journalled quota
- enhance atomic write with new ioctl() which exposes feature set
- enhance background gc/discard/fstrim flows with new gc_urgent mode
- add F2FS_IOC_FS{GET,SET}XATTR
- fix some quota flows
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE00UqedjCtOrGVvQiQBSofoJIUNIFAlm4brsACgkQQBSofoJI
UNK6dw/+Jd0j2whU5oxRcxZ6aL1Pj9fp2IdnGk1NbAI2mKAAlGknE/8CDS9OOMdO
y8O0x3H271DXTMfHJAq2pAfJzcMhiT/Wmw2UsHvmHU0mPmfDcSBKEqPQj6Nbl483
4s1dyt20InfHsVaKhUWAhov14bxLSiQTfeFH0SL2qv/NTp1Xlp6mwQvKCrmNNxud
coUL45Zk5uVAVckR0hsyfqudvdXM1LTDG0Y6/j0IaFtO9HqyAEgkILiSqL65TpBV
2OrXsTf0p2HN9g8vSUUouyD4Oj+q1OHt+VN7gw03xXm3TqAaqnkpIq/dtGLEPyM5
HD6Q2nDHDTLeKO2Ibi9C0f+bph4UqrCq/eoAjG1sM+6Sm+Hyf193FLR/E2R9aj8w
++lCoHUSf/krrMs9d+vnNWaTsKszAbAQRLiZaSHi21+0lcDZtYejNsm52LpDMAfO
jzz+TTOvXTSlHWSlt8DRKVolNhMRFy9OYIJ0schYYD6FJldARmBMfcZosrhL1Xoh
oU/bBaXwMv1XOWAOGCQbGrqREiciqXbKDGPQJq65Zvn60U6YzZf04wDbm0zXku5E
x7S8kPxz8c/010JHIxvULZRamlvXSjFevbAa+QtNsEhlj6DkDSdisMj+w7/jU4Yx
uInHojIq7ARJO0SBIoYFkz3+/2w++McCK0b/gpx1WHsN8I013zs=
=w4KH
-----END PGP SIGNATURE-----
Merge tag 'f2fs-for-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs
Pull f2fs updates from Jaegeuk Kim:
"In this round, we've mostly tuned f2fs to provide better user
experience for Android. Especially, we've worked on atomic write
feature again with SQLite community in order to support it officially.
And we added or modified several facilities to analyze and enhance IO
behaviors.
Major changes include:
- add app/fs io stat
- add inode checksum feature
- support project/journalled quota
- enhance atomic write with new ioctl() which exposes feature set
- enhance background gc/discard/fstrim flows with new gc_urgent mode
- add F2FS_IOC_FS{GET,SET}XATTR
- fix some quota flows"
* tag 'f2fs-for-4.14' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: (63 commits)
f2fs: hurry up to issue discard after io interruption
f2fs: fix to show correct discard_granularity in sysfs
f2fs: detect dirty inode in evict_inode
f2fs: clear radix tree dirty tag of pages whose dirty flag is cleared
f2fs: speed up gc_urgent mode with SSR
f2fs: better to wait for fstrim completion
f2fs: avoid race in between read xattr & write xattr
f2fs: make get_lock_data_page to handle encrypted inode
f2fs: use generic terms used for encrypted block management
f2fs: introduce f2fs_encrypted_file for clean-up
Revert "f2fs: add a new function get_ssr_cost"
f2fs: constify super_operations
f2fs: fix to wake up all sleeping flusher
f2fs: avoid race in between atomic_read & atomic_inc
f2fs: remove unneeded parameter of change_curseg
f2fs: update i_flags correctly
f2fs: don't check inode's checksum if it was dirtied or writebacked
f2fs: don't need to update inode checksum for recovery
f2fs: trigger fdatasync for non-atomic_write file
f2fs: fix to avoid race in between aio and gc
...
* a large series of fixes and improvements to the snapshot-handling
code (Zheng Yan)
* individual read/write OSD requests passed down to libceph are now
limited to 16M in size to avoid hitting OSD-side limits (Zheng Yan)
* encode MStatfs v2 message to allow for more accurate space usage
reporting (Douglas Fuller)
* switch to the new writeback error tracking infrastructure (Jeff
Layton)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABCAAGBQJZuAC0AAoJEEp/3jgCEfOLb14H/REYq4fDDkUa70L4leKWWdCa
n71ipkKeoorfivts71iOtGMJfK+Z6ax+dq1PvBWMy6PtzXS/+2B+t2XwILvLiwWH
h87i44bY68aLWRTSusgTfB+I7gyVrWN0WMLznZ5rfM9XuyPv+RPyJYh3EhxWI5+U
2kOHFEc+cPL6mAshGmB8lIzKOWTfmBiw28ulICwlcazm79hh39aNBQE546lS8gA3
kXuJ55odojPgXOYh+vs60raIBnm6flek1jLxBGYG3MU4gv0VVWOyW0eWeuqW+EcR
6dVYlzg1xGlPp+vRmDZQuv/E2MafBxdcil/RrdLeqcx/Hf1KJBzcLgUzIMbnOAI=
=YDZP
-----END PGP SIGNATURE-----
Merge tag 'ceph-for-4.14-rc1' of git://github.com/ceph/ceph-client
Pull ceph updates from Ilya Dryomov:
"The highlights include:
- a large series of fixes and improvements to the snapshot-handling
code (Zheng Yan)
- individual read/write OSD requests passed down to libceph are now
limited to 16M in size to avoid hitting OSD-side limits (Zheng Yan)
- encode MStatfs v2 message to allow for more accurate space usage
reporting (Douglas Fuller)
- switch to the new writeback error tracking infrastructure (Jeff
Layton)"
* tag 'ceph-for-4.14-rc1' of git://github.com/ceph/ceph-client: (35 commits)
ceph: stop on-going cached readdir if mds revokes FILE_SHARED cap
ceph: wait on writeback after writing snapshot data
ceph: fix capsnap dirty pages accounting
ceph: ignore wbc->range_{start,end} when write back snapshot data
ceph: fix "range cyclic" mode writepages
ceph: cleanup local variables in ceph_writepages_start()
ceph: optimize pagevec iterating in ceph_writepages_start()
ceph: make writepage_nounlock() invalidate page that beyonds EOF
ceph: properly get capsnap's size in get_oldest_context()
ceph: remove stale check in ceph_invalidatepage()
ceph: queue cap snap only when snap realm's context changes
ceph: handle race between vmtruncate and queuing cap snap
ceph: fix message order check in handle_cap_export()
ceph: fix NULL pointer dereference in ceph_flush_snaps()
ceph: adjust 36 checks for NULL pointers
ceph: delete an unnecessary return statement in update_dentry_lease()
ceph: ENOMEM pr_err in __get_or_create_frag() is redundant
ceph: check negative offsets in ceph_llseek()
ceph: more accurate statfs
ceph: properly set snap follows for cap reconnect
...
If using a kernel with CONFIG_XFS_RT=y and we set the RHINHERIT flag on
a directory in a filesystem that does not have a realtime device and
create a new file in that directory, it gets marked as a real time file.
When data is written and a fsync is issued, the filesystem attempts to
flush a non-existent rt device during the fsync process.
This results in a crash dereferencing a null buftarg pointer in
xfs_blkdev_issue_flush():
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: xfs_blkdev_issue_flush+0xd/0x20
.....
Call Trace:
xfs_file_fsync+0x188/0x1c0
vfs_fsync_range+0x3b/0xa0
do_fsync+0x3d/0x70
SyS_fsync+0x10/0x20
do_syscall_64+0x4d/0xb0
entry_SYSCALL64_slow_path+0x25/0x25
Setting RT inode flags does not require special privileges so any
unprivileged user can cause this oops to occur. To reproduce, confirm
kernel is compiled with CONFIG_XFS_RT=y and run:
# mkfs.xfs -f /dev/pmem0
# mount /dev/pmem0 /mnt/test
# mkdir /mnt/test/foo
# xfs_io -c 'chattr +t' /mnt/test/foo
# xfs_io -f -c 'pwrite 0 5m' -c fsync /mnt/test/foo/bar
Or just run xfstests with MKFS_OPTIONS="-d rtinherit=1" and wait.
Kernels built with CONFIG_XFS_RT=n are not exposed to this bug.
Fixes: f538d4da8d ("[XFS] write barrier support")
Cc: <stable@vger.kernel.org>
Signed-off-by: Richard Wareing <rwareing@fb.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
- removal of the old dma_alloc_noncoherent interface
- remove unused flags to dma_declare_coherent_memory
- restrict OF DMA configuration to specific physical busses
- use the iommu mailing list for dma-mapping questions and
patches
-----BEGIN PGP SIGNATURE-----
iQI/BAABCAApFiEEgdbnc3r/njty3Iq9D55TZVIEUYMFAlm38VMLHGhjaEBsc3Qu
ZGUACgkQD55TZVIEUYNa+BAAjlTbZ2DhEmBDKHDYjQepnqdw7oY/5B/6A3GKArbR
psXDmWR8HetbJC1+Yg2aaCvSWdza9cR36juI4WSsA2+4FVLU0nj5elkX9QEN/eP4
kiUuwUXCKi3MNd55ESIiVQos0RKvQ8us7rLDfug2h/8dVP5EdLNI//axHY4Y/R7k
6j6ymal9QdHxLj8wdkAQ332womV2jQH44ISIy/Eu/eF1DmWJ1HZvgO/PNeSyVpwB
bP8CRfMAnQDFqB0XiwCXyukNKntvBe7ZpazMdQKH6bObiLOa8DT2Ex/UeG6VBtb3
TXeLW9aSJDG9FfzlqwDlySZWqQlvcEEK7DWm7kNka9tiHx+AKZW+utlrS7Pvofut
ufqD9NRrmutBzgXsZiri/x9b5+UsREKsdHNyLHVfjYo9PlEsZwMjaXxExAlEdgvl
L0pU4EpLP8kK5pRV5K8IXCEVMyoejI2ZIrtu5DHlc3mblUApXkKx1TG81gJsncHh
fDLARilSgCN6g8wQjSiBiXwS6ynBRcmvpeIxrh3x7xQ7OqmqDMS5JcgJCNvBQEKm
yEMCKd8vf30Jpva3VRmQXyUiDMwebguUqSJUDJW0JeDFFGQ7O39JeOwB72LzVHjZ
N9VMh3gCvtkF2ZPV+HIPNbTFnfydzyjNW/BpGt4r5cyvfd2TjEDSPFeIOWZ+chVQ
j68=
=qHNs
-----END PGP SIGNATURE-----
Merge tag 'dma-mapping-4.14' of git://git.infradead.org/users/hch/dma-mapping
Pull dma-mapping updates from Christoph Hellwig:
- removal of the old dma_alloc_noncoherent interface
- remove unused flags to dma_declare_coherent_memory
- restrict OF DMA configuration to specific physical busses
- use the iommu mailing list for dma-mapping questions and patches
* tag 'dma-mapping-4.14' of git://git.infradead.org/users/hch/dma-mapping:
dma-coherent: fix dma_declare_coherent_memory() logic error
ARM: imx: mx31moboard: Remove unused 'dma' variable
dma-coherent: remove an unused variable
MAINTAINERS: use the iommu list for the dma-mapping subsystem
dma-coherent: remove the DMA_MEMORY_MAP and DMA_MEMORY_IO flags
dma-coherent: remove the DMA_MEMORY_INCLUDES_CHILDREN flag
of: restrict DMA configuration
dma-mapping: remove dma_alloc_noncoherent and dma_free_noncoherent
i825xx: switch to switch to dma_alloc_attrs
au1000_eth: switch to dma_alloc_attrs
sgiseeq: switch to dma_alloc_attrs
dma-mapping: reduce dma_mapping_error inline bloat
-----BEGIN PGP SIGNATURE-----
iQI/BAABCAApFiEEgdbnc3r/njty3Iq9D55TZVIEUYMFAlm38CcLHGhjaEBsc3Qu
ZGUACgkQD55TZVIEUYM6mRAAzqblh72N+v+1Nk+pWPabAdswG4+tWuujc8lklEbe
RRekoUUOTi73EMS6BYjtrF38PlvV+mc+ClP9DN8/9tC8uvY+TBXhRF6XJmVEyeC9
cdmpA/OhIFoURbZc8ausF/tFUPfRKZKStV6SLzwv4rbceMSiSnqcVt32ZPJ9ZczI
yjl099pDbnjJvcx4birz6BeW6lKVB0bcMDp67zlfX+y21khqRR2AmYQSVt4WWWGS
f9G5sKvMlmj8DM/SPtFLipPug+tKgZlv8WQ4vHPRTxc4ywlAY7FgrHM8WSxhjN5G
tJEgtWyjTfb6HsKEOvyYqmqOL5EmyaXR8Qgf/e6p1KeeStoipyqSt5EQ0U1UAsgk
naCWRCrKJGp/rObofFtCiT0uyylQME5jKtW7b9XQh92nnIIwvlbzylsTI6LRT6bf
DH3xk1wu1JCETq9I6KnAizRMflzC0zPUqPMDKLH6IqMTlhmevqRLxAa33FUxZJTu
E2n4yrZet2AqwVxU7GYpAphLCb6IAyREGZ88lYT+vRUsAH+SZkhdQmEoFNx1YdQ1
16N5zdxfpn1S+f+UIqcWulLoSbKdiUdka1knXAWgi+3HExSzLEv5qOlShmU4DkwO
wR9V6ccwLGeL3ILoBwy5ohmrhKWSxfUlRjisyH0jn2b9ZQ/UHcHXUyM3XImE309J
qjw=
=ERLM
-----END PGP SIGNATURE-----
Merge tag 'uuid-for-4.14' of git://git.infradead.org/users/hch/uuid
Pull uuid updates from Christoph Hellwig:
"Just a single conversion to the new UUID API for this merge window"
* tag 'uuid-for-4.14' of git://git.infradead.org/users/hch/uuid:
efi: switch to use new generic UUID API
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEEcQCq365ubpQNLgrWVeRaWujKfIoFAlmoS/wUHHBhdWxAcGF1
bC1tb29yZS5jb20ACgkQVeRaWujKfIqubxAAhkcmOgf+bh881VOWjkrl0MpO6n30
LAyLHNpa95xYw7AuxSrx+XP21hZHVWOSPEZdDjC+BOTToqv025XyYUAh+vvhm1pc
HgT7oNOyfEnGdXG8VtluC2zhSunw/gDz7uoUh7+dHpVqa+NayRqaopNY+4tgtVjT
6/DMwfvonTD5GWaNxraFZLaOENXAjbdVBcqoHhnY9cp4w5uGQ3rt6dFpLpW/gW7n
/fUzsjnLTztrsRx3nyEkwJuo/pxugbmZU5sjVgCFd7P729CfBVKqoToIh0CqJfj6
s4RIb//XmRxxiTF1EO7N1suPaqnESjT+Ua3moIuEixs4QjiEu25TNZy8K0b2zLsL
sTt40F5KAbKYXH/WyZxEtPf0HOUwL68oFZ+c4VYcCK6LwJmBLnfhan4BSZgH0/EO
rBIlb5O1znyfuGmLnjUfn+BlPuP35PhRpZVWP2eLZtOC4lY+yaVqzauFIEY/wY96
dYM6YwtJYuZ3C8sQxjT6UWuOYyj/02EgPbvlS7nv4zp1pZNnZ0dx8sfEu6FNeakY
QZAaI4oDvkpj7x4a0biNinacCYIUacRDF63jcKQnaNp3F3Nf1Vh4DKQWbFLfMidN
luWsEsVrPfLynUMZLq3KVUg825bTQw1MapqzlADmOyX6Dq/87/a+nY9IXWOH9TSm
fJjuSsMAtnui1/k=
=/6oy
-----END PGP SIGNATURE-----
Merge tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux
Pull selinux updates from Paul Moore:
"A relatively quiet period for SELinux, 11 patches with only two/three
having any substantive changes.
These noteworthy changes include another tweak to the NNP/nosuid
handling, per-file labeling for cgroups, and an object class fix for
AF_UNIX/SOCK_RAW sockets; the rest of the changes are minor tweaks or
administrative updates (Stephen's email update explains the file
explosion in the diffstat).
Everything passes the selinux-testsuite"
[ Also a couple of small patches from the security tree from Tetsuo
Handa for Tomoyo and LSM cleanup. The separation of security policy
updates wasn't all that clean - Linus ]
* tag 'selinux-pr-20170831' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
selinux: constify nf_hook_ops
selinux: allow per-file labeling for cgroupfs
lsm_audit: update my email address
selinux: update my email address
MAINTAINERS: update the NetLabel and Labeled Networking information
selinux: use GFP_NOWAIT in the AVC kmem_caches
selinux: Generalize support for NNP/nosuid SELinux domain transitions
selinux: genheaders should fail if too many permissions are defined
selinux: update the selinux info in MAINTAINERS
credits: update Paul Moore's info
selinux: Assign proper class to PF_UNIX/SOCK_RAW sockets
tomoyo: Update URLs in Documentation/admin-guide/LSM/tomoyo.rst
LSM: Remove security_task_create() hook.
Pull x86 fixes from Ingo Molnar:
"Two fixes: dead code removal, plus a SME memory encryption fix on
32-bit kernels that crashed Xen guests"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/cpu: Remove unused and undefined __generic_processor_info() declaration
x86/mm: Make the SME mask a u64
Pull perf tooling updates from Ingo Molnar:
"Perf tooling updates and fixes"
* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf annotate browser: Help for cycling thru hottest instructions with TAB/shift+TAB
perf stat: Only auto-merge events that are PMU aliases
perf test: Add test case for PERF_SAMPLE_PHYS_ADDR
perf script: Support physical address
perf mem: Support physical address
perf sort: Add sort option for physical address
perf tools: Support new sample type for physical address
perf vendor events powerpc: Remove duplicate events
perf intel-pt: Fix syntax in documentation of config option
perf test powerpc: Fix 'Object code reading' test
perf trace: Support syscall name globbing
perf syscalltbl: Support glob matching on syscall names
perf report: Calculate the average cycles of iterations
Pull irq fixes from Ingo Molnar:
"A sparse irq race/locking fix, and a MSI irq domains population fix"
* 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
genirq: Make sparse_irq_lock protect what it should protect
genirq/msi: Fix populating multiple interrupts
Once we encounter I/O interruption during issuing discards, we will delay
long time before next round, but if system status is I/O idle during the
time, it may loses opportunity to issue discards. So this patch changes
to hurry up to issue discard after io interruption.
Besides, this patch also fixes to issue discards accurately with assigned
rate.
Signed-off-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Add a bugon in f2fs_evict_inode to detect inconsistent status between
inode cache and related node page cache.
Signed-off-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Commit b9ac5c274b ("ovl: hash overlay non-dir inodes by copy up origin")
verifies that the origin lower inode stored in the overlayfs inode matched
the inode of a copy up origin dentry found by lookup.
There is a false positive result in that check when lower fs does not
support file handles and copy up origin cannot be followed by file handle
at lookup time.
The false negative happens when finding an overlay inode in cache on a
copied up overlay dentry lookup. The overlay inode still 'remembers' the
copy up origin inode, but the copy up origin dentry is not available for
verification.
Relax the check in case copy up origin dentry is not available.
Fixes: b9ac5c274b ("ovl: hash overlay non-dir inodes by copy up...")
Cc: <stable@vger.kernel.org> # v4.13
Reported-by: Jordi Pujol <jordipujolp@gmail.com>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
The refreshed argument isn't used by any caller, get rid of it.
Use a helper for just updating the inode (no need to fill in a kstat).
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
If the IOCB_DSYNC flag is set a sync is not being performed by
fuse_file_write_iter.
Honor IOCB_DSYNC/IOCB_SYNC by setting O_DYSNC/O_SYNC respectively in the
flags filed of the write request.
We don't need to sync data or metadata, since fuse_perform_write() does
write-through and the filesystem is responsible for updating file times.
Original patch by Vitaly Zolotusky.
Reported-by: Nate Clark <nate@neworld.us>
Cc: Vitaly Zolotusky <vitaly@unitc.com>.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Commit 0b6e9ea041 ("fuse: Add support for pid namespaces") broke
Sandstorm.io development tools, which have been sending FUSE file
descriptors across PID namespace boundaries since early 2014.
The above patch added a check that prevented I/O on the fuse device file
descriptor if the pid namespace of the reader/writer was different from the
pid namespace of the mounter. With this change passing the device file
descriptor to a different pid namespace simply doesn't work. The check was
added because pids are transferred to/from the fuse userspace server in the
namespace registered at mount time.
To fix this regression, remove the checks and do the following:
1) the pid in the request header (the pid of the task that initiated the
filesystem operation) is translated to the reader's pid namespace. If a
mapping doesn't exist for this pid, then a zero pid is used. Note: even if
a mapping would exist between the initiator task's pid namespace and the
reader's pid namespace the pid will be zero if either mapping from
initator's to mounter's namespace or mapping from mounter's to reader's
namespace doesn't exist.
2) The lk.pid value in setlk/setlkw requests and getlk reply is left alone.
Userspace should not interpret this value anyway. Also allow the
setlk/setlkw operations if the pid of the task cannot be represented in the
mounter's namespace (pid being zero in that case).
Reported-by: Kenton Varda <kenton@sandstorm.io>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Fixes: 0b6e9ea041 ("fuse: Add support for pid namespaces")
Cc: <stable@vger.kernel.org> # v4.12+
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Seth Forshee <seth.forshee@canonical.com>
Pull ARM updates from Russell King:
"Low priority fixes and updates for ARM:
- add some missing includes
- efficiency improvements in system call entry code when tracing is
enabled
- ensure ARMv6+ is always built as EABI
- export save_stack_trace_tsk()
- fix fatal signal handling during mm fault
- build translation table base address register from scratch
- appropriately align the .data section to a word boundary where we
rely on that data being word aligned"
* 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm:
ARM: 8691/1: Export save_stack_trace_tsk()
ARM: 8692/1: mm: abort uaccess retries upon fatal signal
ARM: 8690/1: lpae: build TTB control register value from scratch in v7_ttb_setup
ARM: align .data section
ARM: always enable AEABI for ARMv6+
ARM: avoid saving and restoring registers unnecessarily
ARM: move PC value into r9
ARM: obtain thread info structure later
ARM: use aliases for registers in entry-common
ARM: 8689/1: scu: add missing errno include
ARM: 8688/1: pm: add missing types include
Pull more s390 updates from Martin Schwidefsky:
"The second patch set for the 4.14 merge window:
- Convert the dasd device driver to the blk-mq interface.
- Provide three zcrypt interfaces for vfio_ap. These will be required
for KVM guest access to the crypto cards attached via the AP bus.
- A couple of memory management bug fixes."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux:
s390/dasd: blk-mq conversion
s390/mm: use a single lock for the fields in mm_context_t
s390/mm: fix race on mm->context.flush_mm
s390/mm: fix local TLB flushing vs. detach of an mm address space
s390/zcrypt: externalize AP queue interrupt control
s390/zcrypt: externalize AP config info query
s390/zcrypt: externalize test AP queue
s390/mm: use VM_BUG_ON in crst_table_[upgrade|downgrade]
ALSA sequencer core has a mechanism to load the enumerated devices
automatically, and it's performed in an off-load work. This seems
causing some race when a sequencer is removed while the pending
autoload work is running. As syzkaller spotted, it may lead to some
use-after-free:
BUG: KASAN: use-after-free in snd_rawmidi_dev_seq_free+0x69/0x70
sound/core/rawmidi.c:1617
Write of size 8 at addr ffff88006c611d90 by task kworker/2:1/567
CPU: 2 PID: 567 Comm: kworker/2:1 Not tainted 4.13.0+ #29
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
Workqueue: events autoload_drivers
Call Trace:
__dump_stack lib/dump_stack.c:16 [inline]
dump_stack+0x192/0x22c lib/dump_stack.c:52
print_address_description+0x78/0x280 mm/kasan/report.c:252
kasan_report_error mm/kasan/report.c:351 [inline]
kasan_report+0x230/0x340 mm/kasan/report.c:409
__asan_report_store8_noabort+0x1c/0x20 mm/kasan/report.c:435
snd_rawmidi_dev_seq_free+0x69/0x70 sound/core/rawmidi.c:1617
snd_seq_dev_release+0x4f/0x70 sound/core/seq_device.c:192
device_release+0x13f/0x210 drivers/base/core.c:814
kobject_cleanup lib/kobject.c:648 [inline]
kobject_release lib/kobject.c:677 [inline]
kref_put include/linux/kref.h:70 [inline]
kobject_put+0x145/0x240 lib/kobject.c:694
put_device+0x25/0x30 drivers/base/core.c:1799
klist_devices_put+0x36/0x40 drivers/base/bus.c:827
klist_next+0x264/0x4a0 lib/klist.c:403
next_device drivers/base/bus.c:270 [inline]
bus_for_each_dev+0x17e/0x210 drivers/base/bus.c:312
autoload_drivers+0x3b/0x50 sound/core/seq_device.c:117
process_one_work+0x9fb/0x1570 kernel/workqueue.c:2097
worker_thread+0x1e4/0x1350 kernel/workqueue.c:2231
kthread+0x324/0x3f0 kernel/kthread.c:231
ret_from_fork+0x25/0x30 arch/x86/entry/entry_64.S:425
The fix is simply to assure canceling the autoload work at removing
the device.
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Tested-by: Andrey Konovalov <andreyknvl@google.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Takashi Iwai <tiwai@suse.de>