* patchwork: (204 commits)
[media] rc: sunxi-cir: Initialize the spinlock properly
[media] rtl2832: do not filter out slave TS null packets
[media] rtl2832: print reg number on error case
[media] rtl28xxu: return demod reg page from driver cache
[media] coda: enable MPEG-2 ES decoding
[media] coda: don't start streaming without queued buffers
[media] coda: hook up vidioc_prepare_buf
[media] coda: relax coda_jpeg_check_buffer for trailing bytes
[media] coda: make to_coda_video_device static
[media] s5p-mfc: remove volatile attribute from MFC register addresses
[media] s5p-mfc: merge together s5p_mfc_hw_call and s5p_mfc_hw_call_void
[media] s5p-mfc: use spinlock to protect MFC context
[media] s5p-mfc: remove unnecessary callbacks
[media] s5p-mfc: make queue cleanup code common
[media] s5p-mfc: use one implementation of s5p_mfc_get_new_ctx
[media] s5p-mfc: constify s5p_mfc_codec_ops structures
[media] au8522: Avoid memory leak for device config data
[media] ir-lirc-codec.c: don't leak lirc->drv-rbuf
[media] uvcvideo: small cleanup in uvc_video_clock_update()
[media] uvcvideo: Fix reading the current exposure value of UVC
...
Open the memory mapped file with the O_TMPFILE flag when available.
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Acked-by: Tristan Schmelcher <tschmelcher@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Remove the insecure 0777 mode for temporary file to prohibit other users
to change the executable mapped code.
An attacker could gain access to the mapped file descriptor from the
temporary file (before it is unlinked) in a read-only mode but it should
not be accessible in write mode to avoid arbitrary code execution.
To not change the hostfs behavior, the temporary file creation
permission now depends on the current umask(2) and the implementation of
mkstemp(3).
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Acked-by: Tristan Schmelcher <tschmelcher@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Fix build error by generating elfcore.o only when ELF_CORE (depending on
COREDUMP) is selected:
arch/x86/um/built-in.o: In function `elf_core_write_extra_phdrs':
(.text+0x3e62): undefined reference to `dump_emit'
arch/x86/um/built-in.o: In function `elf_core_write_extra_data':
(.text+0x3eef): undefined reference to `dump_emit'
Fixes: 5d2acfc7b9 ("kconfig: make allnoconfig disable options behind EMBEDDED and EXPERT")
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Josh Triplett <josh@joshtriplett.org>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Michal Marek <mmarek@suse.cz>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
This brings SECCOMP_MODE_STRICT and SECCOMP_MODE_FILTER support through
prctl(2) and seccomp(2) to User-mode Linux for i386 and x86_64
subarchitectures.
secure_computing() is called first in handle_syscall() so that the
syscall emulation will be aborted quickly if matching a seccomp rule.
This is inspired from Meredydd Luff's patch
(https://gerrit.chromium.org/gerrit/21425).
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Will Drewry <wad@chromium.org>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: James Hogan <james.hogan@imgtec.com>
Cc: Meredydd Luff <meredydd@senatehouse.org>
Cc: David Drysdale <drysdale@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Acked-by: Kees Cook <keescook@chromium.org>
Add subarchitecture-independent implementation of asm-generic/syscall.h
allowing access to user system call parameters and results:
* syscall_get_nr()
* syscall_rollback()
* syscall_get_error()
* syscall_get_return_value()
* syscall_set_return_value()
* syscall_get_arguments()
* syscall_set_arguments()
* syscall_get_arch() provided by arch/x86/um/asm/syscall.h
This provides the necessary syscall helpers needed by
HAVE_ARCH_SECCOMP_FILTER plus syscall_get_error().
This is inspired from Meredydd Luff's patch
(https://gerrit.chromium.org/gerrit/21425).
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Will Drewry <wad@chromium.org>
Cc: Meredydd Luff <meredydd@senatehouse.org>
Cc: David Drysdale <drysdale@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Acked-by: Kees Cook <keescook@chromium.org>
Some architectures do not implement PTRACE_GETREGSET nor
PTRACE_SETREGSET (required by HAVE_ARCH_TRACEHOOK) but only implement
PTRACE_GETREGS and PTRACE_SETREGS (e.g. User-mode Linux).
This improve seccomp selftest portability for architectures without
HAVE_ARCH_TRACEHOOK support by defining a new trigger HAVE_GETREGS. For
now, this is only enabled for i386 and x86_64 architectures. This is
required to be able to run this tests on User-mode Linux.
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Will Drewry <wad@chromium.org>
Cc: Shuah Khan <shuahkh@osg.samsung.com>
Cc: Meredydd Luff <meredydd@senatehouse.org>
Cc: David Drysdale <drysdale@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Acked-by: Kees Cook <keescook@chromium.org>
This fix two related bugs:
* PTRACE_GETREGS doesn't get the right orig_ax (syscall) value
* PTRACE_SETREGS can't set the orig_ax value (erased by initial value)
Get rid of the now useless and error-prone get_syscall().
Fix inconsistent behavior in the ptrace implementation for i386 when
updating orig_eax automatically update the syscall number as well. This
is now updated in handle_syscall().
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Will Drewry <wad@chromium.org>
Cc: Thomas Meyer <thomas@m3y3r.de>
Cc: Nicolas Iooss <nicolas.iooss_linux@m4x.org>
Cc: Anton Ivanov <aivanov@brocade.com>
Cc: Meredydd Luff <meredydd@senatehouse.org>
Cc: David Drysdale <drysdale@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Acked-by: Kees Cook <keescook@chromium.org>
Similarly to commit fb1770aa78, with gcc 5
on Ubuntu and CONFIG_STATIC_LINK=y I was seeing these linker errors:
/usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-gnu/librt.a(timer_create.o): In function `__timer_create_new':
(.text+0xcd): undefined reference to `pthread_once'
/usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-gnu/librt.a(timer_create.o): In function `__timer_create_new':
(.text+0x126): undefined reference to `pthread_attr_init'
/usr/lib/gcc/x86_64-linux-gnu/5/../../../x86_64-linux-gnu/librt.a(timer_create.o): In function `__timer_create_new':
(.text+0x168): undefined reference to `pthread_attr_setdetachstate'
[...]
Obviously we also need -lpthread for librt.a.
Cc: stable@vger.kernel.org # 4.4
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
This decreases the number of syscalls per read/write by half.
Signed-off-by: Anton Ivanov <aivanov@brocade.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Software IRQ processing in generic architectures assumes that the
exit out of hard IRQ may have re-enabled interrupts (some
architectures may have an implicit EOI). It presumes them enabled
and toggles the flags once more just in case unless this is turned
off in the architecture specific hardirq.h by setting
__ARCH_IRQ_EXIT_IRQS_DISABLED
This patch adds this to UML where due to the way IRQs are handled
it is an optimization (it works fine without it too).
Signed-off-by: Anton Ivanov <aivanov@brocade.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
The existing IRQ handler design in UML does not prevent reentrancy
This is mitigated by fd-enable/fd-disable semantics for the IO
portion of the UML subsystem. The timer, however, can and is
re-entered resulting in very deep stack usage and occasional
stack exhaustion.
This patch prevents this by checking if there is a timer
interrupt in-flight before processing any pending timer interrupts.
Signed-off-by: Anton Ivanov <aivanov@brocade.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
I was seeing some really weird behaviour where piping UML's output
somewhere would cause output to get duplicated:
$ ./vmlinux | head -n 40
Checking that ptrace can change system call numbers...Core dump limits :
soft - 0
hard - NONE
OK
Checking syscall emulation patch for ptrace...Core dump limits :
soft - 0
hard - NONE
OK
Checking advanced syscall emulation patch for ptrace...Core dump limits :
soft - 0
hard - NONE
OK
Core dump limits :
soft - 0
hard - NONE
This is because these tests do a fork() which duplicates the non-empty
stdout buffer, then glibc flushes the duplicated buffer as each child
exits.
A simple workaround is to flush before forking.
Cc: stable@vger.kernel.org
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
An inverted return value check in hostfs_mknod() caused the function
to return success after handling it as an error (and cleaning up).
It resulted in the following segfault when trying to bind() a named
unix socket:
Pid: 198, comm: a.out Not tainted 4.4.0-rc4
RIP: 0033:[<0000000061077df6>]
RSP: 00000000daae5d60 EFLAGS: 00010202
RAX: 0000000000000000 RBX: 000000006092a460 RCX: 00000000dfc54208
RDX: 0000000061073ef1 RSI: 0000000000000070 RDI: 00000000e027d600
RBP: 00000000daae5de0 R08: 00000000da980ac0 R09: 0000000000000000
R10: 0000000000000003 R11: 00007fb1ae08f72a R12: 0000000000000000
R13: 000000006092a460 R14: 00000000daaa97c0 R15: 00000000daaa9a88
Kernel panic - not syncing: Kernel mode fault at addr 0x40, ip 0x61077df6
CPU: 0 PID: 198 Comm: a.out Not tainted 4.4.0-rc4 #1
Stack:
e027d620 dfc54208 0000006f da981398
61bee000 0000c1ed daae5de0 0000006e
e027d620 dfcd4208 00000005 6092a460
Call Trace:
[<60dedc67>] SyS_bind+0xf7/0x110
[<600587be>] handle_syscall+0x7e/0x80
[<60066ad7>] userspace+0x3e7/0x4e0
[<6006321f>] ? save_registers+0x1f/0x40
[<6006c88e>] ? arch_prctl+0x1be/0x1f0
[<60054985>] fork_handler+0x85/0x90
Let's also get rid of the "cosmic ray protection" while we're at it.
Fixes: e9193059b1 "hostfs: fix races in dentry_name() and inode_name()"
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: stable@vger.kernel.org
Signed-off-by: Richard Weinberger <richard@nod.at>
The defconfig build of m68k was failing with the error:
implicit declaration of function '__pfn_to_phys'
Other architectures have added <asm/memory.h>, but if we do so here then
we will also get redeclaration of some other functions. So it is better
to copy these macros into page.h.
Fixes: 0a3c3bf11240 ("x86, mm: introduce vmem_altmap to augment vmemmap_populate()")
Signed-off-by: Sudip Mukherjee <sudip@vectorindia.org>
Cc: Dan Williams <dan.j.williams@intel.com>
Reported-by: Guenter Roeck <linux@roeck-us.net> (m68knommu)
[geert: Apply to page.h instead of page_mm.h to cover nommu, reword]
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Add a comment in key.h to explain why we keep an unused
parameter in key helpers.
Signed-off-by: Dongsheng Yang <yangds.fnst@cn.fujitsu.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
wear_leveling_worker() currently unconditionally puts a PEB on erase in
the error case even it just been taken from the free_list and never
used.
In case the PEB was never used it can be put back on the free list
saving a precious erase cycle.
v1…v2:
- to_leb_clean -> dst_leb_clean
- use the nested option for ensure_wear_leveling()
- do_sync_erase() can't go -ENOMEM so we can just go into
RO-mode now.
Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Signed-off-by: Richard Weinberger <richard@nod.at>
Single fix for machines with pages > 4k (PPC mostly). There's a bug in our
optimal transfer size code where we don't account for pages > 4k and can set
the transfer size to be less than the page size causing nasty failures.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAABAgAGBQJWkUiHAAoJEDeqqVYsXL0MArAH/2XWKJGI9tr0AQQ79WGD/kjV
KZsUjKP9sshjxXBB8jK+TFvO/Z2BE92XzXtIswgdc6OdeANyhE+LhdbNpuooX2gv
lW28RAbSVLrwJzyr7B2VGAiCOR9opGu2opOJnQMo05pSAFqJxNG4l1Ap+4pOX9/1
ffTwidgk6bWs5zKlDwbETHVv/X50U90O5MyJBvf9KC7YvFhD41OIz7QEqiHgs1qW
T6J80ZH4ZhWN+pRMHlybJ7RwP7TVjUSkDRLWRSX8IWjisbDqY86JVVt/BUA3lbhL
sLDc/mku3ZPsRAUJL544ydAPWA2DtJ9PjPkYuMgPQOCyUfAKq5OTf6hG0Mghm34=
=n00Y
-----END PGP SIGNATURE-----
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
Pull SCSI fix from James Bottomley:
"A single fix for machines with pages > 4k (PPC mostly).
There's a bug in our optimal transfer size code where we don't account
for pages > 4k and can set the transfer size to be less than the page
size causing nasty failures"
* tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi:
sd: Reject optimal transfer length smaller than page size
TI DRA7xx host bridge driver
Mark driver as broken (Richard Cochran)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJWkSPdAAoJEFmIoMA60/r80kQP/jPgr13qJ0bt+DE8WMZ98zRu
BKpgL2MMQ2PzHjpHvrce1y2WceSdnPvloB5fElpi0PtYRzjmhZ607tgBpUjUEm5U
u/jmFa28PlzzGMu8zQuV6Ge4zFp8PdcNGxZqRNpxZl4HLltxYgd7LnM9wgmSAUo7
VwZlO5QIjHUPQ2oFC1o7F7pRhme1RpfUDwXaoHAER1E44pHBRksjY/xRlP/Nknh5
7QOcb62e6N/ngR6Vb01evNVSdtH1+HQQlPaxPALw3sItaRsqqB9rLfXecw5Xu1NN
h2DiRTcG/2X5bA8yxYZtmkFyvkFQFHjoxgvD2RHf7jb9TX0qyryFJceAKyyAUmFT
A4z3XSmd54tXjetFkSzYsUbb0Egp1atBLT1Uw8d7UH4djebnwh3hTqPNFpRZBDeA
AZRIkhTeupRjJGgtYsVghsiOQeS0yg4OboDVBPJljELOcsYN/nuoNvreXCp8qk4H
pHyq9AQ3XVu3OS94SvDNmTdssUNARPL020/K8FDOkbOnD9EDK/J/PdiEGCZtNea4
nu8qVo1PaROd5HBxQ2zB6PDiAIXAEfuqmFZPRXd5xa/DHxSfkHRJMmdE1TUVeFHn
rB+8Fz/PqdkA4wIM3STWtVZOCjYnn6WkeWYS95jX9PmVc1Pa8ByNYkrYc5mxGtar
uzqdDmZqYJAzRKkIadMR
=srOL
-----END PGP SIGNATURE-----
Merge tag 'pci-v4.4-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci
Pull PCI fixlet from Bjorn Helgaas:
"This marks the TI DRA7xx host bridge driver as broken. Apparently it
has never worked without some additional out-of-tree code, so I'm
going to mark it broken now and remove it completely next cycle unless
it's fixed"
* tag 'pci-v4.4-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci:
PCI: dra7xx: Mark driver as broken
New features:
- Allow using trace events fields as sort order keys, making 'perf evlist --trace_fields'
show those, and then the user can select a subset and use like:
perf top -e sched:sched_switch -s prev_comm,next_comm
That works as well in 'perf report' when handling files containing
tracepoints.
The default when just tracepoint events are found in a perf.data file is to
format it like ftrace, using the libtraceevent formatters, plugins, etc (Namhyung Kim)
- Add support in 'perf script' to process 'perf stat record' generated files,
culminating in a python perf script that calculates CPI (Cycles per
Instruction) (Jiri Olsa)
- Show random perf tool tips in the 'perf report' bottom line (Namhyung Kim)
- perf report now defaults to --group if the perf.data file has grouped events, try it with:
# perf record -e '{cycles,instructions}' -a sleep 1
[ perf record: Woken up 1 times to write data ]
[ perf record: Captured and wrote 1.093 MB perf.data (1247 samples) ]
# perf report
# Samples: 1K of event 'anon group { cycles, instructions }'
# Event count (approx.): 1955219195
#
# Overhead Command Shared Object Symbol
2.86% 0.22% swapper [kernel.kallsyms] [k] intel_idle
1.05% 0.33% firefox libxul.so [.] js::SetObjectElement
1.05% 0.00% kworker/0:3 [kernel.kallsyms] [k] gen6_ring_get_seqno
0.88% 0.17% chrome chrome [.] 0x0000000000ee27ab
0.65% 0.86% firefox libxul.so [.] js::ValueToId<(js::AllowGC)1>
0.64% 0.23% JS Helper libxul.so [.] js::SplayTree<js::jit::LiveRange*, js::jit::LiveRange>::splay
0.62% 1.27% firefox libxul.so [.] js::GetIterator
0.61% 1.74% firefox libxul.so [.] js::NativeSetProperty
0.61% 0.31% firefox libxul.so [.] js::SetPropertyByDefining
User visible fixes:
- Coect data mmaps so that the DWARF unwinder can handle usecases needing them,
like softice (Jiri Olsa)
- Decay callchains in fractal mode, fixing up cases where 'perf top -g' would
show entries with more than 100% (Namhyung Kim)
Infrastructure:
- Sync tools/lib with the lib/ in the kernel sources for find_bit.c and
move bitmap.[ch] from tools/perf/util/ to tools/lib/ (Arnaldo Carvalho de Melo)
- No need to set attr.sample_freq in some 'perf test' entries that only
want to deal with PERF_RECORD_ meta-events, improve a bit error output
for CQM test (Arnaldo Carvalho de Melo)
- Fix python binding build, adding some missing object files now required
due to cpumap using find_bit stuff (Arnaldo Carvalho de Melo)
- tools/build improvemnts (Jiri Olsa)
- Add more files to cscope/ctags databases (Jiri Olsa)
- Do not show 'trace' in 'perf help' if it is not compiled in (Jiri Olsa)
- Make perf_evlist__open() open evsels with their cpus and threads,
like perf record does, making them consistent (Adrian Hunter)
- Fix pmu snapshot initialization bug (Stephane Eranian)
- Add missing headers in perf's MANIFEST (Wang Nan)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJWj/imAAoJENZQFvNTUqpADg4P/2/zn/JlIQbFMBo0YS4HtBtp
OIvpU9XV0YyMWEbxEUfNOM3qnOfqZWOuTHvqVywnz1JXHxKNt9j7KjPhBA2avLEc
WuloOf7Af1eUjroKW/tl1FsPatW0x0zXEVqR5XjUrPfXge6rYPuMwQ2f4oTCzc6H
uf5fH1H2vK/iQsOu9X+IoGEKxoJF22zabKDQy7q+48gSq/TVtz1wJfHqYBCCFOh8
c+MEMnOZ3F0DXJ9iRsXbChcOmkHTfAnu5CM8GlkvM38VnJA69K+AkFXC3YuExvA1
PghTVZMBsYDyHNq+ewIshrJ1xGz0/OwXX2IUtJfFPGbWhMZYl2NCg1SuLfTl7jCF
m/iR5LzdHpLiEIaimuK+8eIVfLdRyxZUeN9/BQzUFrl7pqe2n1xIjIvUX0djHPv9
YlQ6ZI/g/nJ1AunC0QhWiwSkmUas/YATNKt7CunOnSjJey2p9T91lhzstqvCur4Q
XH1iIA4o2A67vRLbVEb2eh54QT2BASO1H+suYPNTvU55W5gGz9pJJjVxIbpT5+lk
dAZ8vXwxOg1jMFIgDrm6mbosGcs4lUBeeKJbE7ImevpSyOECR8lRdV4yX+bfkuUe
FL5fNfJyFcr3q2p+sRTpikrq32C3iyQ08VhYYNLuVSUOQgNYEyLTmhMkotZYjmIk
JZO4/8trMU7FR2WpnGqG
=tbfd
-----END PGP SIGNATURE-----
Merge tag 'perf-core-for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/core
Pull perf/core improvements and fixes from Arnaldo Carvalho de Melo:
New features:
- Allow using trace events fields as sort order keys, making 'perf evlist --trace_fields'
show those, and then the user can select a subset and use like:
perf top -e sched:sched_switch -s prev_comm,next_comm
That works as well in 'perf report' when handling files containing
tracepoints.
The default when just tracepoint events are found in a perf.data file is to
format it like ftrace, using the libtraceevent formatters, plugins, etc (Namhyung Kim)
- Add support in 'perf script' to process 'perf stat record' generated files,
culminating in a python perf script that calculates CPI (Cycles per
Instruction) (Jiri Olsa)
- Show random perf tool tips in the 'perf report' bottom line (Namhyung Kim)
- perf report now defaults to --group if the perf.data file has grouped events, try it with:
# perf record -e '{cycles,instructions}' -a sleep 1
[ perf record: Woken up 1 times to write data ]
[ perf record: Captured and wrote 1.093 MB perf.data (1247 samples) ]
# perf report
# Samples: 1K of event 'anon group { cycles, instructions }'
# Event count (approx.): 1955219195
#
# Overhead Command Shared Object Symbol
2.86% 0.22% swapper [kernel.kallsyms] [k] intel_idle
1.05% 0.33% firefox libxul.so [.] js::SetObjectElement
1.05% 0.00% kworker/0:3 [kernel.kallsyms] [k] gen6_ring_get_seqno
0.88% 0.17% chrome chrome [.] 0x0000000000ee27ab
0.65% 0.86% firefox libxul.so [.] js::ValueToId<(js::AllowGC)1>
0.64% 0.23% JS Helper libxul.so [.] js::SplayTree<js::jit::LiveRange*, js::jit::LiveRange>::splay
0.62% 1.27% firefox libxul.so [.] js::GetIterator
0.61% 1.74% firefox libxul.so [.] js::NativeSetProperty
0.61% 0.31% firefox libxul.so [.] js::SetPropertyByDefining
User visible fixes:
- Coect data mmaps so that the DWARF unwinder can handle usecases needing them,
like softice (Jiri Olsa)
- Decay callchains in fractal mode, fixing up cases where 'perf top -g' would
show entries with more than 100% (Namhyung Kim)
Infrastructure changes:
- Sync tools/lib with the lib/ in the kernel sources for find_bit.c and
move bitmap.[ch] from tools/perf/util/ to tools/lib/ (Arnaldo Carvalho de Melo)
- No need to set attr.sample_freq in some 'perf test' entries that only
want to deal with PERF_RECORD_ meta-events, improve a bit error output
for CQM test (Arnaldo Carvalho de Melo)
- Fix python binding build, adding some missing object files now required
due to cpumap using find_bit stuff (Arnaldo Carvalho de Melo)
- tools/build improvemnts (Jiri Olsa)
- Add more files to cscope/ctags databases (Jiri Olsa)
- Do not show 'trace' in 'perf help' if it is not compiled in (Jiri Olsa)
- Make perf_evlist__open() open evsels with their cpus and threads,
like perf record does, making them consistent (Adrian Hunter)
- Fix pmu snapshot initialization bug (Stephane Eranian)
- Add missing headers in perf's MANIFEST (Wang Nan)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Mitac microcode differs from Intel microcode. One key difference
is that pwm values can be written.
Detect vendor from customer ID field and no longer use DMI data
to identify which microcode is running on the chip.
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
We need information about exports when crossing mountpoints during
lookup or NFSv4 readdir. If we don't already have that information
cached, we may have to ask (and wait for) rpc.mountd.
In both cases we currently hold the i_mutex on the parent of the
directory we're asking rpc.mountd about. We've seen situations where
rpc.mountd performs some operation on that directory that tries to take
the i_mutex again, resulting in deadlock.
With some care, we may be able to avoid that in rpc.mountd. But it
seems better just to avoid holding a mutex while waiting on userspace.
It appears that lookup_one_len is pretty much the only operation that
needs the i_mutex. So we could just drop the i_mutex elsewhere and do
something like
mutex_lock()
lookup_one_len()
mutex_unlock()
In many cases though the lookup would have been cached and not required
the i_mutex, so it's more efficient to create a lookup_one_len() variant
that only takes the i_mutex when necessary.
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
The affs code uses "time_t" and "get_seconds()". This will cause
problems on 32-bit architectures in 2038 when time_t overflows.
This patch replaces them with "time64_t" and
"ktime_get_real_seconds()". This patch introduces expensive 64-bit
divsion in "secs_to_datestamp()", considering this function is not
called so often, the cost should be acceptable.
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: DengChao <chao.deng@linaro.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
We may sleep inside a the lock, so use a mutex rather than spinlock.
Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
User can pass an arbitrary large buffer to getdents().
It is typically a 32KB buffer used by libc scandir() implementation.
When scanning /proc/{pid}/fd, we can hold cpu way too long,
so add a cond_resched() to be kind with other tasks.
We've seen latencies of more than 50ms on real workloads.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
The logfs_block_ops structures are never modified, so declare them as
const.
Done with the help of Coccinelle.
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
With packetized mode for pipes, it's not possible to set O_DIRECT on pipe file
via sys_fcntl, because of unsupported sanity checks.
Ability to set this flag will be used by CRIU to migrate packetized pipes.
v2:
Fixed typos and mode variable to check.
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
During testing, I discovered that __generic_file_splice_read() returns
0 (EOF) when aops->readpage fails with AOP_TRUNCATED_PAGE on the first
page of a single/multi-page splice read operation. This EOF return code
causes the userspace test to (correctly) report a zero-length read error
when it was expecting otherwise.
The current strategy of returning a partial non-zero read when ->readpage
returns AOP_TRUNCATED_PAGE works only when the failed page is not the
first of the lot being processed.
This patch attempts to retry lookup and call ->readpage again on pages
that had previously failed with AOP_TRUNCATED_PAGE. With this patch, my
tests pass and I haven't noticed any unwanted side effects.
This version removes the thrice-retry loop and instead indefinitely
retries lookups on AOP_TRUNCATED_PAGE errors from ->readpage. This
behavior is now similar to do_generic_file_read().
Signed-off-by: Abhi Das <adas@redhat.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Cc: Bob Peterson <rpeterso@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
kernel test robot has reported the following crash:
BUG: unable to handle kernel NULL pointer dereference at 00000100
IP: [<c1074df6>] __queue_work+0x26/0x390
*pdpt = 0000000000000000 *pde = f000ff53f000ff53 *pde = f000ff53f000ff53
Oops: 0000 [#1] PREEMPT PREEMPT SMP SMP
CPU: 0 PID: 24 Comm: kworker/0:1 Not tainted 4.4.0-rc4-00139-g373ccbe #1
Workqueue: events vmstat_shepherd
task: cb684600 ti: cb7ba000 task.ti: cb7ba000
EIP: 0060:[<c1074df6>] EFLAGS: 00010046 CPU: 0
EIP is at __queue_work+0x26/0x390
EAX: 00000046 EBX: cbb37800 ECX: cbb37800 EDX: 00000000
ESI: 00000000 EDI: 00000000 EBP: cb7bbe68 ESP: cb7bbe38
DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
CR0: 8005003b CR2: 00000100 CR3: 01fd5000 CR4: 000006b0
Stack:
Call Trace:
__queue_delayed_work+0xa1/0x160
queue_delayed_work_on+0x36/0x60
vmstat_shepherd+0xad/0xf0
process_one_work+0x1aa/0x4c0
worker_thread+0x41/0x440
kthread+0xb0/0xd0
ret_from_kernel_thread+0x21/0x40
The reason is that start_shepherd_timer schedules the shepherd work item
which uses vmstat_wq (vmstat_shepherd) before setup_vmstat allocates
that workqueue so if the further initialization takes more than HZ we
might end up scheduling on a NULL vmstat_wq. This is really unlikely
but not impossible.
Fixes: 373ccbe592 ("mm, vmstat: allow WQ concurrency to discover memory reclaim doesn't make any progress")
Reported-by: kernel test robot <ying.huang@linux.intel.com>
Signed-off-by: Michal Hocko <mhocko@suse.com>
Tested-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: stable@vger.kernel.org
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This replaces all code in fs/compat_ioctl.c that translated
ioctl arguments into a in-kernel structure, then performed
do_ioctl under set_fs(KERNEL_DS), with code that allocates
data on the user stack and can call the VFS ioctl handler
under USER_DS.
This is done as a hardening measure because the caller
does not know what kind of ioctl handler will be invoked,
only that no corresponding compat_ioctl handler exists and
what the ioctl command number is. The accidental
invocation of an unlocked_ioctl handler that unexpectedly
calls copy_to_user could be a severe security issue.
Signed-off-by: Jann Horn <jann@thejh.net>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
In code in fs/compat_ioctl.c that translates ioctl arguments
into a in-kernel structure, then performs sys_ioctl, possibly
under set_fs(KERNEL_DS), this commit changes the sys_ioctl
calls to do_ioctl calls. do_ioctl is a new function that does
the same thing as sys_ioctl, but doesn't look up the fd again.
This change is made to avoid (potential) security issues
because of ioctl handlers that accept one of the ioctl
commands I2C_FUNCS, VIDEO_GET_EVENT, MTIOCPOS, MTIOCGET,
TIOCGSERIAL, TIOCSSERIAL, RTC_IRQP_READ, RTC_EPOCH_READ.
This can happen for multiple reasons:
- The ioctl command number could be reused.
- The ioctl handler might not check the full ioctl
command. This is e.g. true for drm_ioctl.
- The ioctl handler is very special, e.g. cuse_file_ioctl
The real issue is that set_fs(KERNEL_DS) is used here,
but that's fixed in a separate commit
"compat_ioctl: don't call do_ioctl under set_fs(KERNEL_DS)".
This change mitigates potential security issues by
preventing a race that permits invocation of
unlocked_ioctl handlers under KERNEL_DS through compat
code even if a corresponding compat_ioctl handler exists.
So far, no way has been identified to use this to damage
kernel memory without having CAP_SYS_ADMIN in the init ns
(with the capability, doing reads/writes at arbitrary
kernel addresses should be easy through CUSE's ioctl
handler with FUSE_IOCTL_UNRESTRICTED set).
[AV: two missed sys_ioctl() taken care of]
Signed-off-by: Jann Horn <jann@thejh.net>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
When there is an error copying a chunk dm-snapshot can incorrectly hold
associated bios indefinitely, resulting in hung IO.
The function copy_callback sets pe->error if there was error copying the
chunk, and then calls complete_exception. complete_exception calls
pending_complete on error, otherwise it calls commit_exception with
commit_callback (and commit_callback calls complete_exception).
The persistent exception store (dm-snap-persistent.c) assumes that calls
to prepare_exception and commit_exception are paired.
persistent_prepare_exception increases ps->pending_count and
persistent_commit_exception decreases it.
If there is a copy error, persistent_prepare_exception is called but
persistent_commit_exception is not. This results in the variable
ps->pending_count never returning to zero and that causes some pending
exceptions (and their associated bios) to be held forever.
Fix this by unconditionally calling commit_exception regardless of
whether the copy was successful. A new "valid" parameter is added to
commit_exception -- when the copy fails this parameter is set to zero so
that the chunk that failed to copy (and all following chunks) is not
recorded in the snapshot store. Also, remove commit_callback now that
it is merely a wrapper around pending_complete.
Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Cc: stable@vger.kernel.org
This is the final small set of ARM SoC bug fixes for linux-4.4,
almost all regressions:
OMAP: data corruption on the Nokia N900 flash
Allwinner: Two defconfig change to get USB working again
ARM Versatile: Interrupt numbers gone bad after an older bug fix
Nomadik: Crashes from incorrect L2 cache settings
VIA vt8500: SD/MMC support on WM8650 never worked
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVpA/vGCrR//JCVInAQK1NQ//fk4EYJj6JMwaB/I2hGtpUpartVtXj9tj
916+NazORGc/UBP9vG/bLWnZrKzZQdeLd2HwDT9eyHtZ+Qq8bm+No312l10EATkS
EAZKy4oy0HH5BD8yE5xM+CQn9fxh8GcmGJ/hKacpJnY2e0aaGgp9iHiPWH8kRmO4
kBbUWsbfGjxzfM+a/9XGrzcTWZLSOu6VGtxvdp2rGy+Un8AWVc6FQz48xsFXWivB
5JHp0qTnyUebSNbsxq05BDorybDuNSho5d3r94H85WwfbdybCxuFYedTZ1r3vCh9
rWDI8R2vb3uotzYYjigRwyYqggUz6TewWqwnyeyGsMHOCEU/q/2n2ASLhdxKl2x8
UZ+kKDhRiraaxnsNh/apVy4yvs7KmsUM6DgxzvXW3uyrrLrjJyGHKY5doHt5Z5mJ
ErhOW024skA8GNiWObmNiKzUdKEbO4e7ReFgwbLbA8W6ACVVMNdL4udsmkb+nj25
+VFWOg5WVG5WJFaEoSOGze7J0+SSwu7wP0HRPmWFotslExh5HsrvkSw429sDDB0R
4OwT0Ru0vDZvGrHD+Bu6mFJO1nL2kWKVsolyben1sA+OIbm7eoHcennRUFf2sog0
yWD03DT9iz//bmWPHVntcdRTTaXYvaChPWzHxlbBxw2DCfRkzy4Tx/Ic44s2Kjuq
PgQjTmNlnQ8=
=Z1E0
-----END PGP SIGNATURE-----
Merge tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes from Arnd Bergmann:
"This is the final small set of ARM SoC bug fixes for linux-4.4, almost
all regressions:
OMAP:
- data corruption on the Nokia N900 flash
Allwinner:
- Two defconfig change to get USB working again
ARM Versatile:
- Interrupt numbers gone bad after an older bug fix
Nomadik:
- Crashes from incorrect L2 cache settings
VIA vt8500:
- SD/MMC support on WM8650 never worked"
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
dts: vt8500: Add SDHC node to DTS file for WM8650
ARM: Fix broken USB support in multi_v7_defconfig for sunxi devices
ARM: versatile: fix MMC/SD interrupt assignment
ARM: nomadik: set latencies to 8 cycles
ARM: OMAP2+: Fix onenand rate detection to avoid filesystem corruption
ARM: Fix broken USB support in sunxi_defconfig
a patch found in your master branch but not yet in the kvm/next branch
that is destined for 4.5.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQEcBAABAgAGBQJWj+yRAAoJEL/70l94x66DulYH/0OGP+yIHDDFlBqtPRm6q0pr
r8pSVRPPd4GY2SOJDBsBvMmWphFSYKIoCTyMbFnikADHM2yh/pycwLU/uzCM5xQl
uABMsCUntwbGaKq+A4bOvsNO49ueRCkML4ToVuKNTeuEKRYfdnlj3XcAMMgsUfEF
QGz8W2cm9xPn69df91cfBuFLLFeQVv2XsjA5WpqzzvWy5HEs1F07aVh57TI4j8OF
eFdn3Lkes9Ync70KjEy2QKe2Su0EWjderE0oqAORKomwZFVCYv/Vg1wERJYsugg5
UyYCY2j1tKlycKYDnO47L1xoS9JgMHY05OsH08Sn/EXBjRjnEVwTyco5pGPmuNA=
=5Lst
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull KVM fix from Paolo Bonzini:
"A simple fix. I'm sending it before the merge window, because it
refines a patch found in your master branch but not yet in the
kvm/next branch that is destined for 4.5"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm:
kvm: x86: only channel 0 of the i8254 is linked to the HPET
Just one obvious fix that adds a missing function argument in
ACPI code introduced recently (Kees Cook).
/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAABCAAGBQJWkD8gAAoJEILEb/54YlRxOC4P/RDQxQkTzQPskyqHayzamCSQ
cEqKYOL199Do42OD0mlJm9gc2Ax0tLvSEK/6VRz4WB+xqrlUz8Lcnqrcjld632jx
a+xxqXcgIYTV03ujhNs4rRiWBedH9alwKvy4SoukQkL6eeXsE7llk1hZNjoqA3rh
VsVsPSxQNLOAkJJzaHpBrGE3weCdXAmUb7aaFe1mjj1eGrPP+MjOYRSKWoyRn4bA
RWL84wUmaM5X/NowCuFJZHEXGyiYm3EBFu4oqfKMRJDE6saJ0DLIPfIuaEX6srox
gSsOB0tCHhrVR4vhfFD2x4P3rMEwt39IcW/5dAj76zYH2yyYiCpC4SmdYIJTkI+a
/8y+a9/4CyKfOGhZ+lfJQOo0HbMHOGkF1VitNHGmiGnefTKDravFXIVqFqWBvgm3
oT1tPtM4fmgy787WBVMP+P7NQ9yh4/YQ5oB+3Mi5AS13mT1PCTKe32q9LiuMUAtE
QmcK0yvDAUM9LwNDYffUFVoUxkCAUft7CYIso46X5qjDOp94fB52K/JxM4aMX90b
kjtKWLWVFGzBCehj7cb4RX6Jqaq/5cR8f3pLf+wyC9tli2DtThX2aiFXjA3PcY8z
TZwZ8L31LL6apbIW5wZTMN9f6cKiM4YT44KYxWFdgf/S8ZqRx9EtjqrAKcJxgziF
WM+yB+XEb7Q21WcTESV/
=XAk2
-----END PGP SIGNATURE-----
Merge tag 'pm+acpi-4.4-final' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm
Pull ACPI fix from Rafael Wysocki:
"Just one obvious fix that adds a missing function argument in ACPI
code introduced recently (Kees Cook)"
* tag 'pm+acpi-4.4-final' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm:
ACPI / property: avoid leaking format string into kobject name
Pull x86 fixes from Ingo Molnar:
"A handful of x86 fixes:
- a syscall ABI fix, fixing an Android breakage
- a Xen PV guest fix relating to the RTC device, causing a
non-working console
- a Xen guest syscall stack frame fix
- an MCE hotplug CPU crash fix"
* 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
x86/numachip: Fix NumaConnect2 MMCFG PCI access
x86/entry: Restore traditional SYSENTER calling convention
x86/entry: Fix some comments
x86/paravirt: Prevent rtc_cmos platform device init on PV guests
x86/xen: Avoid fast syscall path for Xen PV guests
x86/mce: Ensure offline CPUs don't participate in rendezvous process
Pull perf fixes from Ingo Molnar:
"Two core subsystem fixes, plus a handful of tooling fixes"
* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf: Fix race in swevent hash
perf: Fix race in perf_event_exec()
perf list: Robustify event printing routine
perf list: Add support for PERF_COUNT_SW_BPF_OUT
perf hists browser: Fix segfault if use symbol filter in cmdline
perf hists browser: Reset selection when refresh
perf hists browser: Add NULL pointer check to prevent crash
perf buildid-list: Fix return value of perf buildid-list -k
perf buildid-list: Show running kernel build id fix
Pull block revert from Jens Axboe:
"The previous pull request had a split fix for NVMe, however there are
corner cases where that ends up blowing up.
So let's revert it for 4.4. The regression isn't introduced in this
cycle, and it's "just" a performance regression, not a
stability/integrity issue"
* 'for-linus' of git://git.kernel.dk/linux-block:
Revert "block: Split bios on chunk boundaries"
Late fixes for 4.4 are three fixes for drivers which include a
revert of mic-x100 fix which is causing regression, xgene fix for
double IRQ and async_tx fix to use GFP_NOWAIT
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJWj7XNAAoJEHwUBw8lI4NHOEEQAIj9YoQjkHkPo2PviIeiX3Zy
HNAIM0GepYSZrJO+duKAzFxK4mEGC92gpyOiv6NJ91RdC2ijYc9gb6Z7ig/g4znq
odqMGFIdBEqZAq1PhN81BtJqdkw4EmzffS/GaEol0MM85Hvm5r91GfOx86AKs0HW
emOJL5XXG8/byNY7xihCl+55u9l1E5c7+K8QNj3++bgKK07KIor4qtxBNUqejQUj
/eFdi8Z1SFOHHDvdYKGVRRm70uq6BqfYcsLfLcgd7uEDkvz0Zcy7SF11hY67z8QU
ood0eyyuBhuZjxzZN+5No9UkRf2BKfjXUex/wr2AnuqF2xYcGYC76tFKeAUbOc6s
YF+SdfDoQVys3o6EhYj6hj9s1viepu41tpnOB8ldBE2B/Gyn0iq/ipj05rsMKIRp
ivefoSb7KG1O6aesJ/n7vUBY8VWiE3KBcRYoIotW5jNQ83Jb/e40ougpshzxeWYR
08PekcG+CAUlnfaF8f0+c3xuo2Q23MMpf6e3XqlNxCGBpwIn8NEtLw1qcLdKI9zG
x6zguGxEZDIoGYC0kjmP+PNAjrJmNVHutcJODgK73H4zNvY1O6Kg+dOBLrwkqXh5
Um6RRDzOcEWsGMHg0akPHWaaAt7slCvtTXLMtzMysHR1mkihqAbzq6Zr0QoGjekz
j20fC8o8bArX9cCDO71F
=jYJY
-----END PGP SIGNATURE-----
Merge tag 'dmaengine-fix-4.4' of git://git.infradead.org/users/vkoul/slave-dma
Pull dmaengine fixes from Vinod Koul:
"Late fixes for 4.4 are three fixes for drivers which include a revert
of mic-x100 fix which is causing regression, xgene fix for double IRQ
and async_tx fix to use GFP_NOWAIT"
* tag 'dmaengine-fix-4.4' of git://git.infradead.org/users/vkoul/slave-dma:
dmaengine: xgene-dma: Fix double IRQ issue by setting IRQ_DISABLE_UNLAZY flag
async_tx: use GFP_NOWAIT rather than GFP_IO
dmaengine: Revert "dmaengine: mic_x100: add missing spin_unlock"
Pull dmi fix from Jean Delvare.
* 'dmi-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging:
firmware: dmi_scan: Fix UUID endianness for SMBIOS >= 2.6