| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
If the CPU supports SMAP, but it isn't specified in the config, then we
need to explicitly clear it from cr4. Otherwise the processor will trap
on all normal userspace accesses, always, since the transition state
isn't being set.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Without CONFIG_MMU_NOTIFIER, pudp_clear_flush_notify isn't defined and
doesn't make sense, so ifdef that out of the huge page path.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
These don't assemble with newer binutils due to the use of the cfi
directives, so simply remove them, since they're anyway just for
debugging.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Otherwise the linker complains of multiple definitions.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This structure isn't defined for !CONFIG_MODULE, so don't try to use it.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Without marking this as static, the linker complaints about conflicts.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
So remove the stub function.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Don't call into fib_encap_match when it's not defined on
!CONFIG_IP_ROUTE_MULTIPATH kernels.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The avg member isn't defined in that struct for !CONFIG_FAIR_GROUP_SCHED
kernels, so don't include those functions in that case.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
A stray 'static void' with nothing else anywhere is bound to cause some
problems.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Configuration options that exclude BPF mean we need to have a stub
version of this function.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This structure isn't defined for !CONFIG_MODULE, so don't try to use it.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
These symbols aren't defined without CONFIG_KEXEC_CORE, so factor it out of
the expression in the case that CONFIG_KEXEC_CORE isn't defined.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The stub function used different arguments from the real function,
causing compiler errors when used. The fix is to simply use the same
arguments for the nop function.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This symbol only exists when CONFIG_PAGE_TABLE_ISOLATION is set, so
don't use it otherwise.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The function show_workqueue_state is called, but does not exist anywhere
in the kernel, so remove the errant call, which is likely a result of a
mismerge.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
When huge pages are not enabled, swap still needs to have a stub version
of this function to prevent a compiler error.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The uapi header has important constants, regardless of whether or not
CONFIG_CRASH_DUMP is enabled, so always include it.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
This is code that presumes that uid_t is some sort of union type, which
it isn't, so the val member doesn't exist. Instead, use the return value
directly as an integer, which is what the type is here.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The function pr_cont_pool_info is called, but does not exist anywhere in
the kernel, so remove the errant call, which is likely a result of a
mismerge.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Because the sched_info symbol is only defined for CONFIG_SCHEDSTATS
kernels, we shouldn't include it inside other structs in this case.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Otherwise the compiler warns because the first usage of this struct is
inside the function arguments.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The function emergency_thaw_bdev is only declared when CONFIG_BLOCK is
defined, so conditionalize the call to emergency_thaw_bdev on the right
config symbol.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Do not define the page fault tracing function for !CONFIG_TRACING, when
the header file has a static inline function to redirect it elsewhere.
Having both results in a compiler error.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
There's a conflicting definition in include/linux/pgtable.h, which is
only enabled for CONFIG_X86_64, so make these two sets of conditions
actually exclusive to avoid the clash.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Functions in here dereference current, which means we need to include
linux/sched.h to avoid compilation errors.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
In certain configurations, _PAGE_BIT_SWP_SOFT_DIRTY is undefined,
resulting in preprocessor warnings. Fix this by checking whether it's
defined first.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The outer-function, get_user_pages_longterm, does not take a gup_flags
argument, which means we should pass it onwards here as 0, rather than
using an undefined variable, which caused a compiler error.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
The trialing semicolon before the function body is invalid C and
resulted in a compiler error. This was probably due to a copy and paste
error. This commit removes the extra semicolon.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
When pud_trans_huge is not required, the stub function is already
defined in the asm-generic code, so adding it here too results in a
compiler error. To fix this bug, we just get rid of the second
superfluous definition, as well as the third in asm-generic itself,
where the set of conditions for its inclusion overlapped.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
Keeping this here results in a compile error on !CONFIG_SCHEDSTATS
systems, so remove it from the struct in those cases.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
While it'd be nice to have the smaller type for low-CPU builds, the
generic spinlock include hardcodes this at u16 for kABI purposes. For
that reason, we just keep the larger types always, in order to avoid a
build-time error.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
While running Linux as guest on top of phyp, we possiblly have
PE that includes single PCI device. However, we didn't return
its PCI bus correctly and it leads to failure on recovery from
EEH errors for single-dev-PE. The patch fixes the issue.
Cc: <stable@vger.kernel.org> # v3.7+
Cc: Steve Best <sbest@us.ibm.com>
Signed-off-by: Gavin Shan <shangw@linux.vnet.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
|
Due to recent changes and expecations of proper cpu bindings, there are
now cases for many of the in-tree devicetrees where a WARN() will hit
on boot due to badly formatted /cpus nodes.
Downgrade this to a pr_warn() to be less alarmist, since it's not a
new problem.
Tested on Arndale, Cubox, Seaboard and Panda ES. Panda hits the WARN
without this, the others do not.
Acked-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Commit 37f02195b (powerpc/pci: fix PCI-e devices rescan issue on powerpc
platform) fixes a problem with interrupt and DMA initialization on hot
plugged devices. With this commit, interrupt and DMA initialization for
hot plugged devices is handled in the pci device enable function.
This approach has a couple of drawbacks. First, it creates two code paths
for device initialization, one for hot plugged devices and another for devices
known during the initial PCI scan. Second, the initialization code for hot
plugged devices is only called when the device is enabled, ie typically
in the probe function. Also, the platform specific setup code is called each
time pci_enable_device() is called, not only once during device discovery,
meaning it is actually called multiple times, once for devices discovered
during the initial scan and again each time a driver is re-loaded.
The visible result is that interrupt pins are only assigned to hot plugged
devices when the device driver is loaded. Effectively this changes the PCI
probe API, since pci_dev->irq and the device's dma configuration will now
only be valid after pci_enable() was called at least once. A more subtle
change is that platform specific PCI device setup is moved from device
discovery into the driver's probe function, more specifically into the
pci_enable_device() call.
To fix the inconsistencies, add new function pcibios_add_device.
Call pcibios_setup_device from pcibios_setup_bus_devices if device setup
is not complete, and from pcibios_add_device if bus setup is complete.
With this change, device setup code is moved back into device initialization,
and called exactly once for both static and hot plugged devices.
[ This also fixes a regression introduced by the above patch which
causes dev->irq to be overwritten under some cirumstances after
MSIs have been enabled for the device which leads to crashes due
to the MSI core "hijacking" dev->irq to store the base MSI number
and not the LSI. --BenH
]
Cc: Yuanquan Chen <Yuanquan.Chen@freescale.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Hiroo Matsumoto <matsumoto.hiroo@jp.fujitsu.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
|
This __put_user() could be used by unprivileged processes to write into
kernel memory. The issue here is that even if copy_siginfo_to_user()
fails, the error code is not checked before __put_user() is executed.
Luckily, ptrace_peek_siginfo() has been added within the 3.10-rc cycle,
so it has not hit a stable release yet.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Cc: Andrey Vagin <avagin@openvz.org>
Cc: Roland McGrath <roland@redhat.com>
Cc: Paul McKenney <paulmck@linux.vnet.ibm.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Dave Jones <davej@redhat.com>
Cc: Pavel Emelyanov <xemul@parallels.com>
Cc: Pedro Alves <palves@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Al Viro pointed me to the fact that '->readdir()' and '->llseek()' have no
mutual exclusion, which means the 'ubifs_dir_llseek()' can be run while we are
in the middle of 'ubifs_readdir()'.
This means that 'file->private_data' can be freed while 'ubifs_readdir()' uses
it, and this is a very bad bug: not only 'ubifs_readdir()' can return garbage,
but this may corrupt memory and lead to all kinds of problems like crashes an
security holes.
This patch fixes the problem by using the 'file->f_version' field, which
'->llseek()' always unconditionally sets to zero. We set it to 1 in
'ubifs_readdir()' and whenever we detect that it became 0, we know there was a
seek and it is time to clear the state saved in 'file->private_data'.
I tested this patch by writing a user-space program which runds readdir and
seek in parallell. I could easily crash the kernel without these patches, but
could not crash it with these patches.
Cc: stable@vger.kernel.org
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
Al Viro pointed me to the fact that '->readdir()' and '->llseek()' have no
mutual exclusion, which means the 'ubifs_dir_llseek()' can be run while we are
in the middle of 'ubifs_readdir()'.
First of all, this means that 'file->private_data' can be freed while
'ubifs_readdir()' uses it. But this particular patch does not fix the problem.
This patch is only a preparation, and the fix will follow next.
In this patch we make 'ubifs_readdir()' stop using 'file->f_pos' directly,
because 'file->f_pos' can be changed by '->llseek()' at any point. This may
lead 'ubifs_readdir()' to returning inconsistent data: directory entry names
may correspond to incorrect file positions.
So here we introduce a local variable 'pos', read 'file->f_pose' once at very
the beginning, and then stick to 'pos'. The result of this is that when
'ubifs_dir_llseek()' changes 'file->f_pos' while we are in the middle of
'ubifs_readdir()', the latter "wins".
Cc: stable@vger.kernel.org
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
|
This fixes the problem that "init=" options may not be passed to kernel
correctly.
parse_mem_cmdline() of mn10300 arch gets rid of "mem=" string from
redboot_command_line. Then init_setup() parses the "init=" options from
static_command_line, which is a copy of redboot_command_line, and keeps
the pointer to the init options in execute_command variable.
Since the commit 026cee0 upstream (params: <level>_initcall-like kernel
parameters), static_command_line becomes overwritten by saved_command_line at
do_initcall_level(). Notice that saved_command_line is a command line
which includes "mem=" string.
As a result, execute_command may point to weird string by the length of
"mem=" parameter.
I noticed this problem when using the command line like this:
mem=128M console=ttyS0,115200 init=/bin/sh
Here is the processing flow of command line parameters.
start_kernel()
setup_arch(&command_line)
parse_mem_cmdline(cmdline_p)
* strcpy(boot_command_line, redboot_command_line);
* Remove "mem=xxx" from redboot_command_line.
* *cmdline_p = redboot_command_line;
setup_command_line(command_line) <-- command_line is redboot_command_line
* strcpy(saved_command_line, boot_command_line)
* strcpy(static_command_line, command_line)
parse_early_param()
strlcpy(tmp_cmdline, boot_command_line, COMMAND_LINE_SIZE);
parse_early_options(tmp_cmdline);
parse_args("early options", cmdline, NULL, 0, 0, 0, do_early_param);
parse_args("Booting ..", static_command_line, ...);
init_setup() <-- save the pointer in execute_command
rest_init()
kernel_thread(kernel_init, NULL, CLONE_FS | CLONE_SIGHAND);
At this point, execute_command points to "/bin/sh" string.
kernel_init()
kernel_init_freeable()
do_basic_setup()
do_initcalls()
do_initcall_level()
(*) strcpy(static_command_line, saved_command_line);
Here, execute_command gets to point to "200" string !!
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
This fixes the following compile error:
CC block/scsi_ioctl.o
block/scsi_ioctl.c: In function 'sg_scsi_ioctl':
block/scsi_ioctl.c:449: error: invalid initializer
Signed-off-by: David Howells <dhowells@redhat.com>
|
|
Reported-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
|
|
commit f8f7d63fd96ead101415a1302035137a866f8998 ("powerpc/eeh: Trace eeh
device from I/O cache") broke EEH on pseries for devices that were
present during boot and have not been hotplugged/DLPARed.
eeh_check_failure will get the eeh_dev from the cache, and will get
NULL. eeh_addr_cache_build adds the addresses to the cache, but eeh_dev
for the giving pci_device is not set yet. Just reordering the call to
eeh_addr_cache_insert_dev works fine. The ordering is similar to the one
in eeh_add_device_late.
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@linux.vnet.ibm.com>
Acked-by: Gavin Shan <shangw@linux.vnet.ibm.com>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
|
Sending the right snapshot context with each write is required for
snapshots to work. Due to the ordering of calls, the snapshot context
is never set for any requests. This causes writes to the current
version of the image to be reflected in all snapshots, which are
supposed to be read-only.
This happens because rbd_osd_req_format_write() sets the snapshot
context based on obj_request->img_request. At this point, however,
obj_request->img_request has not been set yet, to the snapshot context
is set to NULL. Fix this by moving rbd_img_obj_request_add(), which
sets obj_request->img_request, before the osd request formatting
calls.
This resolves:
http://tracker.ceph.com/issues/5465
Reported-by: Karol Jurak <karol.jurak@gmail.com>
Signed-off-by: Josh Durgin <josh.durgin@inktank.com>
Reviewed-by: Sage Weil <sage@inktank.com>
Reviewed-by: Alex Elder <elder@linaro.org>
|
|
We triggered an oops while running trinity with 3.4 kernel:
BUG: unable to handle kernel paging request at 0000000100000d07
IP: [<ffffffffa0109738>] dlci_ioctl+0xd8/0x2d4 [dlci]
PGD 640c0d067 PUD 0
Oops: 0000 [#1] PREEMPT SMP
CPU 3
...
Pid: 7302, comm: trinity-child3 Not tainted 3.4.24.09+ 40 Huawei Technologies Co., Ltd. Tecal RH2285 /BC11BTSA
RIP: 0010:[<ffffffffa0109738>] [<ffffffffa0109738>] dlci_ioctl+0xd8/0x2d4 [dlci]
...
Call Trace:
[<ffffffff8137c5c3>] sock_ioctl+0x153/0x280
[<ffffffff81195494>] do_vfs_ioctl+0xa4/0x5e0
[<ffffffff8118354a>] ? fget_light+0x3ea/0x490
[<ffffffff81195a1f>] sys_ioctl+0x4f/0x80
[<ffffffff81478b69>] system_call_fastpath+0x16/0x1b
...
It's because the net device is not a dlci device.
Reported-by: Li Jinyue <lijinyue@huawei.com>
Signed-off-by: Li Zefan <lizefan@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
Otherwise the net device returned can be freed at anytime.
Signed-off-by: Li Zefan <lizefan@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
key_notify_sa_flush() and key_notify_policy_flush() miss to initialize
the sadb_msg_reserved member of the broadcasted message and thereby
leak 2 bytes of heap memory to listeners. Fix that.
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
|
It's possible to use AF_INET6 sockets and to connect to an IPv4
destination. After this, socket dst cache is a pointer to a rtable,
not rt6_info.
ip6_sk_dst_check() should check the socket dst cache is IPv6, or else
various corruptions/crashes can happen.
Dave Jones can reproduce immediate crash with
trinity -q -l off -n -c sendmsg -c connect
With help from Hannes Frederic Sowa
Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
Jason A. Donenfeld
Linus Torvalds
Gavin Shan
Olof Johansson
Guenter Roeck
Mathieu Desnoyers
Artem Bityutskiy
Akira Takeuchi
Dave Airlie
Thadeu Lima de Souza Cascardo
Josh Durgin
Zefan Li
Mathias Krause
Eric Dumazet