[ Upstream commit f9c35f4fff ]
GFX v11 changes RB_BACKEND_DISABLE related registers
from per SA to global ones. The approach to query active
rb bitmap needs to be changed accordingly. Query per
SE setting returns wrong active RB bitmap especially
in the case when some of SA are disabled. With the new
approach, driver will generate the active rb bitmap
based on active SA bitmap and global active RB bitmap.
Signed-off-by: Hawking Zhang <Hawking.Zhang@amd.com>
Reviewed-by: Likun Gao <Likun.Gao@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Stable-dep-of: bbca7f414ae9 ("drm/amdgpu: fix incorrect number of active RBs for gfx11")
Signed-off-by: Sasha Levin <sashal@kernel.org>
Since upstream commit 617f3ef951 ("locking/rwsem: Remove
reader optimistic spinning"), vendors have seen increased
contention and blocking on rwsems.
There are attempts to actively fix this upstream:
https://lore.kernel.org/lkml/20240406081126.8030-1-bongkyu7.kim@samsung.com/
But in the meantime, provide vendorhooks so that vendors can
implement their own optimistic spin routine. In doing so,
vendors see improvements in cold launch times on important apps.
Bug: 331742151
Change-Id: I7466413de9ee1293e86f73880931235d7a9142ac
Signed-off-by: xieliujie <xieliujie@oppo.com>
[jstultz: Rewrote commit message]
Signed-off-by: John Stultz <jstultz@google.com>
[ Upstream commit 47d8ac011fe1c9251070e1bd64cb10b48193ec51 ]
Garbage collector does not take into account the risk of embryo getting
enqueued during the garbage collection. If such embryo has a peer that
carries SCM_RIGHTS, two consecutive passes of scan_children() may see a
different set of children. Leading to an incorrectly elevated inflight
count, and then a dangling pointer within the gc_inflight_list.
sockets are AF_UNIX/SOCK_STREAM
S is an unconnected socket
L is a listening in-flight socket bound to addr, not in fdtable
V's fd will be passed via sendmsg(), gets inflight count bumped
connect(S, addr) sendmsg(S, [V]); close(V) __unix_gc()
---------------- ------------------------- -----------
NS = unix_create1()
skb1 = sock_wmalloc(NS)
L = unix_find_other(addr)
unix_state_lock(L)
unix_peer(S) = NS
// V count=1 inflight=0
NS = unix_peer(S)
skb2 = sock_alloc()
skb_queue_tail(NS, skb2[V])
// V became in-flight
// V count=2 inflight=1
close(V)
// V count=1 inflight=1
// GC candidate condition met
for u in gc_inflight_list:
if (total_refs == inflight_refs)
add u to gc_candidates
// gc_candidates={L, V}
for u in gc_candidates:
scan_children(u, dec_inflight)
// embryo (skb1) was not
// reachable from L yet, so V's
// inflight remains unchanged
__skb_queue_tail(L, skb1)
unix_state_unlock(L)
for u in gc_candidates:
if (u.inflight)
scan_children(u, inc_inflight_move_tail)
// V count=1 inflight=2 (!)
If there is a GC-candidate listening socket, lock/unlock its state. This
makes GC wait until the end of any ongoing connect() to that socket. After
flipping the lock, a possibly SCM-laden embryo is already enqueued. And if
there is another embryo coming, it can not possibly carry SCM_RIGHTS. At
this point, unix_inflight() can not happen because unix_gc_lock is already
taken. Inflight graph remains unaffected.
Bug: 336226035
Fixes: 1fd05ba5a2 ("[AF_UNIX]: Rewrite garbage collector, fixes race.")
Signed-off-by: Michal Luczaj <mhal@rbox.co>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Link: https://lore.kernel.org/r/20240409201047.1032217-1-mhal@rbox.co
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 507cc232ff)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: If321f78b8b3220f5a1caea4b5e9450f1235b0770
[ Upstream commit 97af84a6bba2ab2b9c704c08e67de3b5ea551bb2 ]
When touching unix_sk(sk)->inflight, we are always under
spin_lock(&unix_gc_lock).
Let's convert unix_sk(sk)->inflight to the normal unsigned long.
Bug: 336226035
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://lore.kernel.org/r/20240123170856.41348-3-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Stable-dep-of: 47d8ac011fe1 ("af_unix: Fix garbage collector racing against connect()")
Signed-off-by: Sasha Levin <sashal@kernel.org>
(cherry picked from commit 301fdbaa0b)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I0d965d5f2a863d798c06de9f21d0467f256b538e
The following two commits move 'userfaultfd_ctx' struct from
fs/userfaultfd.c to header file and then add a rw_semaphore to it. The
ABI is broken by the change. However, given that the type should be
private and not accessed by vendor modules, use some GENKSYMS #define
magic to preserve the CRC. Also update the .stg file for offset
adjustment within 'userfaultfd_ctx'.
5e4c24a57b0c ("userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx")
f91e6b41dd11 ("userfaultfd: move userfaultfd_ctx struct to header file")
Bug: 320478828
Change-Id: I5f97ff34dd8c88fe3d18c4dc902452488ba28cbd
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
All userfaultfd operations, except write-protect, opportunistically use
per-vma locks to lock vmas. On failure, attempt again inside mmap_lock
critical section.
Write-protect operation requires mmap_lock as it iterates over multiple
vmas.
Link: https://lkml.kernel.org/r/20240215182756.3448972-5-lokeshgidra@google.com
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Mike Rapoport (IBM) <rppt@kernel.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Tim Murray <timmurray@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit 867a43a34ff8a38772212045262b2c9b77807ea3)
Conflicts:
mm/userfaultfd.c
1. Resolve conflict in validate_dst_vma() due to absence of
range_in_vma().
2. Use 'page' instead of 'folio' for BUG_ON on copy_from_user() failure
in COPY ioctl.
3. Resolve conflict around mfill_file_over_size().
4. Resolve conflict in comment for __mcopy_atomic_hugetlb() due to
function name change.
5. Resolve conflict due to use of 'flags' instead of 'mode' in
__mcopy_atomic_hugetlb().
6. Use find_vma() and validate_dst_vma() in mwriteprotect_range()
instead of find_dst_vma().
Bug: 320478828
Change-Id: I6d5b7101218cb1b11329108c3f31f12bb1caebc6
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Increments and loads to mmap_changing are always in mmap_lock critical
section. This ensures that if userspace requests event notification for
non-cooperative operations (e.g. mremap), userfaultfd operations don't
occur concurrently.
This can be achieved by using a separate read-write semaphore in
userfaultfd_ctx such that increments are done in write-mode and loads in
read-mode, thereby eliminating the dependency on mmap_lock for this
purpose.
This is a preparatory step before we replace mmap_lock usage with per-vma
locks in fill/move ioctls.
Link: https://lkml.kernel.org/r/20240215182756.3448972-3-lokeshgidra@google.com
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Reviewed-by: Mike Rapoport (IBM) <rppt@kernel.org>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Tim Murray <timmurray@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit 5e4c24a57b0c126686534b5b159a406c5dd02400)
Conflicts:
fs/userfaultfd.c
include/linux/userfaultfd_k.h
mm/userfaultfd.c
1. Functions passing control from fs/userfaultfd.c to mm/userfaultfd.c
were renamed after 6.1.
a. Replace mfill_atomic_copy() with mcopy_atomic()
b. Replace mfill_atomic_zeropage() with mfill_zeropage()
c. Replace mfill_atomic_continue() with mcopy_continue()
d. Replace mfill_atomic() with __mcopy_atomic()
e. Replace mfill_atomic_hugetlb() with __mcopy_atomic_hugetlb()
2. uffd flags were unified into a single parameter after 6.1. Replace
'flags' with 'mcopy_mode' and 'mode'.
3. Fetch dst_mm from dst_vma in __mcopy_atomic_hugetlb().
Bug: 320478828
Change-Id: I77615c36a0c891801c9eb9de3609df4e7f125c39
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Patch series "per-vma locks in userfaultfd", v7.
Performing userfaultfd operations (like copy/move etc.) in critical
section of mmap_lock (read-mode) causes significant contention on the lock
when operations requiring the lock in write-mode are taking place
concurrently. We can use per-vma locks instead to significantly reduce
the contention issue.
Android runtime's Garbage Collector uses userfaultfd for concurrent
compaction. mmap-lock contention during compaction potentially causes
jittery experience for the user. During one such reproducible scenario,
we observed the following improvements with this patch-set:
- Wall clock time of compaction phase came down from ~3s to <500ms
- Uninterruptible sleep time (across all threads in the process) was
~10ms (none in mmap_lock) during compaction, instead of >20s
This patch (of 4):
Move the struct to userfaultfd_k.h to be accessible from mm/userfaultfd.c.
There are no other changes in the struct.
This is required to prepare for using per-vma locks in userfaultfd
operations.
Link: https://lkml.kernel.org/r/20240215182756.3448972-1-lokeshgidra@google.com
Link: https://lkml.kernel.org/r/20240215182756.3448972-2-lokeshgidra@google.com
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Reviewed-by: Mike Rapoport (IBM) <rppt@kernel.org>
Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: David Hildenbrand <david@redhat.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Suren Baghdasaryan <surenb@google.com>
Cc: Tim Murray <timmurray@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit f91e6b41dd11daffb138e3afdb4804aefc3d4e1b)
Conflicts:
include/linux/userfaultfd_k.h
1. Retain 'sysctl_unprivileged_userfaultfd' global variable.
Bug: 320478828
Change-Id: Iebaae028d5e793dd50342b141c1d46b79026834a
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Add tests for new UFFDIO_MOVE ioctl which uses uffd to move source into
destination buffer while checking the contents of both after the move.
After the operation the content of the destination buffer should match the
original source buffer's content while the source buffer should be zeroed.
Separate tests are designed for PMD aligned and unaligned cases because
they utilize different code paths in the kernel.
Link: https://lkml.kernel.org/r/20231206103702.3873743-6-surenb@google.com
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: Christian Brauner <brauner@kernel.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Lokesh Gidra <lokeshgidra@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mike Rapoport (IBM) <rppt@kernel.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: ZhangPeng <zhangpeng362@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit a2bf6a9ca80532b75f8f8b6a1cd75ef7e5150576)
Conflicts:
tools/testing/selftests/mm/uffd-common.c
tools/testing/selftests/mm/uffd-common.h
tools/testing/selftests/mm/uffd-unit-tests.c
tools/testing/selftests/vm/userfaultfd.c
1. Removed errmsg parameter from prevent_hugepages() and post_hugepages()
2. Removed uffd_test_args parameter from uffd_move_* functions
3. Added uffd_test_case_ops parameter in uffd_move_test_common()
4. Added userfaultfd_move_test() for all 'move' tests, called from
userfaultfd_stress()
5. Added 'test_uffdio_move' global bool variable, which is set to true
only when testing anon mappings
6. Added call to uffd_test_ctx_init() and uffd_test_ctx_clear() in
uffd_move_test_common()
7. Replaced uffd_args with uffd_stats
8. Converted return type of uffd_move_test() and uffd_move_pmd_test() to
`int`
9. Added uffd_test_page_fault_handler as uffd_args doesn't exist.
uffd_poll_thread() checks if it is NULL then calls
uffd_handle_page_fault().
10. Replaced uffd_register() (isn't defined on 6.1) with UFFDIO_REGISTER
ioctl call
11. Added printf() calls to log when the test is starting and finishing.
12. Change return type of uffd_move_test_common() to int.
Bug: 274911254
Change-Id: I1c68445d9c64533aab0ba27c2e010347d0807981
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Currently each test can specify unique operations using uffd_test_ops,
however these operations are per-memory type and not per-test. Add
uffd_test_case_ops which each test case can customize for its own needs
regardless of the memory type being used. Pre- and post-allocation
operations are added, some of which will be used in the next patch to
implement test-specific operations like madvise after memory is allocated
but before it is accessed.
Link: https://lkml.kernel.org/r/20231206103702.3873743-5-surenb@google.com
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: Christian Brauner <brauner@kernel.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Lokesh Gidra <lokeshgidra@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mike Rapoport (IBM) <rppt@kernel.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: ZhangPeng <zhangpeng362@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit e8a422408ba9760e2640ca57e4b79c3dd7f48bd2)
Conflicts:
tools/testing/selftests/mm/uffd-common.c
tools/testing/selftests/mm/uffd-common.h
tools/testing/selftests/mm/uffd-unit-tests.c
tools/testing/selftests/vm/userfaultfd.c
1. Userfaultfd selftest was split into separate uffd-* files and moved
to selftests/mm.
2. In 6.1 there is no mechanism to run individual unit-tests. All
unit-tests are run after stress test. Consequently, the tests are not
abstracted using 'uffd_test_case_t'. Therefore, added
'uffd_test_case_ops' as a parameter to uffd_test_ctx_init().
Bug: 274911254
Change-Id: I6480abf1709ca717d9baad5047bf675852f10726
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
After ptep_clear_flush(), if we find that src_folio is pinned we will fail
UFFDIO_MOVE and put src_folio back to src_pte entry, but the change to
src_folio->{mapping,index} is not restored in this process. This is not
what we expected, so fix it.
This can cause the rmap for that page to be invalid, possibly resulting
in memory corruption. At least swapout+migration would no longer work,
because we might fail to locate the mappings of that folio.
Link: https://lkml.kernel.org/r/20240222080815.46291-1-zhengqi.arch@bytedance.com
Fixes: adef440691ba ("userfaultfd: UFFDIO_MOVE uABI")
Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Suren Baghdasaryan <surenb@google.com>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit d7a08838ab74652f2b53fee9763f0178278c3a4b)
Conflicts:
mm/userfaultfd.c
1. Replace folio_move_anon_rmap() with page_move_anon_rmap().
Bug: 274911254
Change-Id: Ie4bf5785244271ab233c6230ed71460fd571bd1a
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Implement the uABI of UFFDIO_MOVE ioctl.
UFFDIO_COPY performs ~20% better than UFFDIO_MOVE when the application
needs pages to be allocated [1]. However, with UFFDIO_MOVE, if pages are
available (in userspace) for recycling, as is usually the case in heap
compaction algorithms, then we can avoid the page allocation and memcpy
(done by UFFDIO_COPY). Also, since the pages are recycled in the
userspace, we avoid the need to release (via madvise) the pages back to
the kernel [2].
We see over 40% reduction (on a Google pixel 6 device) in the compacting
thread's completion time by using UFFDIO_MOVE vs. UFFDIO_COPY. This was
measured using a benchmark that emulates a heap compaction implementation
using userfaultfd (to allow concurrent accesses by application threads).
More details of the usecase are explained in [2]. Furthermore,
UFFDIO_MOVE enables moving swapped-out pages without touching them within
the same vma. Today, it can only be done by mremap, however it forces
splitting the vma.
[1] https://lore.kernel.org/all/1425575884-2574-1-git-send-email-aarcange@redhat.com/
[2] https://lore.kernel.org/linux-mm/CA+EESO4uO84SSnBhArH4HvLNhaUQ5nZKNKXqxRCyjniNVjp0Aw@mail.gmail.com/
Update for the ioctl_userfaultfd(2) manpage:
UFFDIO_MOVE
(Since Linux xxx) Move a continuous memory chunk into the
userfault registered range and optionally wake up the blocked
thread. The source and destination addresses and the number of
bytes to move are specified by the src, dst, and len fields of
the uffdio_move structure pointed to by argp:
struct uffdio_move {
__u64 dst; /* Destination of move */
__u64 src; /* Source of move */
__u64 len; /* Number of bytes to move */
__u64 mode; /* Flags controlling behavior of move */
__s64 move; /* Number of bytes moved, or negated error */
};
The following value may be bitwise ORed in mode to change the
behavior of the UFFDIO_MOVE operation:
UFFDIO_MOVE_MODE_DONTWAKE
Do not wake up the thread that waits for page-fault
resolution
UFFDIO_MOVE_MODE_ALLOW_SRC_HOLES
Allow holes in the source virtual range that is being moved.
When not specified, the holes will result in ENOENT error.
When specified, the holes will be accounted as successfully
moved memory. This is mostly useful to move hugepage aligned
virtual regions without knowing if there are transparent
hugepages in the regions or not, but preventing the risk of
having to split the hugepage during the operation.
The move field is used by the kernel to return the number of
bytes that was actually moved, or an error (a negated errno-
style value). If the value returned in move doesn't match the
value that was specified in len, the operation fails with the
error EAGAIN. The move field is output-only; it is not read by
the UFFDIO_MOVE operation.
The operation may fail for various reasons. Usually, remapping of
pages that are not exclusive to the given process fail; once KSM
might deduplicate pages or fork() COW-shares pages during fork()
with child processes, they are no longer exclusive. Further, the
kernel might only perform lightweight checks for detecting whether
the pages are exclusive, and return -EBUSY in case that check fails.
To make the operation more likely to succeed, KSM should be
disabled, fork() should be avoided or MADV_DONTFORK should be
configured for the source VMA before fork().
This ioctl(2) operation returns 0 on success. In this case, the
entire area was moved. On error, -1 is returned and errno is
set to indicate the error. Possible errors include:
EAGAIN The number of bytes moved (i.e., the value returned in
the move field) does not equal the value that was
specified in the len field.
EINVAL Either dst or len was not a multiple of the system page
size, or the range specified by src and len or dst and len
was invalid.
EINVAL An invalid bit was specified in the mode field.
ENOENT
The source virtual memory range has unmapped holes and
UFFDIO_MOVE_MODE_ALLOW_SRC_HOLES is not set.
EEXIST
The destination virtual memory range is fully or partially
mapped.
EBUSY
The pages in the source virtual memory range are either
pinned or not exclusive to the process. The kernel might
only perform lightweight checks for detecting whether the
pages are exclusive. To make the operation more likely to
succeed, KSM should be disabled, fork() should be avoided
or MADV_DONTFORK should be configured for the source virtual
memory area before fork().
ENOMEM Allocating memory needed for the operation failed.
ESRCH
The target process has exited at the time of a UFFDIO_MOVE
operation.
Link: https://lkml.kernel.org/r/20231206103702.3873743-3-surenb@google.com
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: Christian Brauner <brauner@kernel.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Lokesh Gidra <lokeshgidra@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mike Rapoport (IBM) <rppt@kernel.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: ZhangPeng <zhangpeng362@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit adef440691bab824e39c1b17382322d195e1fab0)
Conflicts:
mm/huge_memory.c
mm/userfaultfd.c
1. Add vma parameter in mmu_notifier_range_init() calls.
2. Replace folio_move_anon_rmap() with page_move_anon_rmap().
3. Remove vma parameter in pmd_mkwrite() calls.
4. Replace pte_offset_map_nolock() with pte_offset_map()+pte_lockptr()
combo.
5. Remove VM_SHADOW_STACK in vma_move_compatible().
6. Replace pmdp_get_lockless() with pmd_read_atomic().
Bug: 274911254
Change-Id: I1116f15a395f1a8bac176906f7f9c2411e59dc54
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Patch series "userfaultfd move option", v6.
This patch series introduces UFFDIO_MOVE feature to userfaultfd, which has
long been implemented and maintained by Andrea in his local tree [1], but
was not upstreamed due to lack of use cases where this approach would be
better than allocating a new page and copying the contents. Previous
upstraming attempts could be found at [6] and [7].
UFFDIO_COPY performs ~20% better than UFFDIO_MOVE when the application
needs pages to be allocated [2]. However, with UFFDIO_MOVE, if pages are
available (in userspace) for recycling, as is usually the case in heap
compaction algorithms, then we can avoid the page allocation and memcpy
(done by UFFDIO_COPY). Also, since the pages are recycled in the
userspace, we avoid the need to release (via madvise) the pages back to
the kernel [3]. We see over 40% reduction (on a Google pixel 6 device) in
the compacting thread's completion time by using UFFDIO_MOVE vs.
UFFDIO_COPY. This was measured using a benchmark that emulates a heap
compaction implementation using userfaultfd (to allow concurrent accesses
by application threads). More details of the usecase are explained in
[3].
Furthermore, UFFDIO_MOVE enables moving swapped-out pages without
touching them within the same vma. Today, it can only be done by mremap,
however it forces splitting the vma.
TODOs for follow-up improvements:
- cross-mm support. Known differences from single-mm and missing pieces:
- memcg recharging (might need to isolate pages in the process)
- mm counters
- cross-mm deposit table moves
- cross-mm test
- document the address space where src and dest reside in struct
uffdio_move
- TLB flush batching. Will require extensive changes to PTL locking in
move_pages_pte(). OTOH that might let us reuse parts of mremap code.
This patch (of 5):
For now, folio_move_anon_rmap() was only used to move a folio to a
different anon_vma after fork(), whereby the root anon_vma stayed
unchanged. For that, it was sufficient to hold the folio lock when
calling folio_move_anon_rmap().
However, we want to make use of folio_move_anon_rmap() to move folios
between VMAs that have a different root anon_vma. As folio_referenced()
performs an RMAP walk without holding the folio lock but only holding the
anon_vma in read mode, holding the folio lock is insufficient.
When moving to an anon_vma with a different root anon_vma, we'll have to
hold both, the folio lock and the anon_vma lock in write mode.
Consequently, whenever we succeeded in folio_lock_anon_vma_read() to
read-lock the anon_vma, we have to re-check if the mapping was changed in
the meantime. If that was the case, we have to retry.
Note that folio_move_anon_rmap() must only be called if the anon page is
exclusive to a process, and must not be called on KSM folios.
This is a preparation for UFFDIO_MOVE, which will hold the folio lock, the
anon_vma lock in write mode, and the mmap_lock in read mode.
Link: https://lkml.kernel.org/r/20231206103702.3873743-1-surenb@google.com
Link: https://lkml.kernel.org/r/20231206103702.3873743-2-surenb@google.com
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Acked-by: Peter Xu <peterx@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Axel Rasmussen <axelrasmussen@google.com>
Cc: Brian Geffon <bgeffon@google.com>
Cc: Christian Brauner <brauner@kernel.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jann Horn <jannh@google.com>
Cc: Kalesh Singh <kaleshsingh@google.com>
Cc: kernel-team@android.com
Cc: Liam R. Howlett <Liam.Howlett@oracle.com>
Cc: Lokesh Gidra <lokeshgidra@google.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Mike Rapoport (IBM) <rppt@kernel.org>
Cc: Nicolas Geoffray <ngeoffray@google.com>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Shuah Khan <shuah@kernel.org>
Cc: ZhangPeng <zhangpeng362@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit 880a99b60d467eefd96322e27b0a8c0b805dfa43)
Bug: 274911254
Change-Id: Iad9619c0273e050af26356f66ae9fc88b56d68bd
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Currently only the uncompressed hibernation snapshot image is encrypted
before being written to the swap partition. Extend the encryption
support for compression enabled scenarios as well.
Bug: 335581841
Change-Id: Ida781b727f56b664a67e2887a4db3d6b355dafdb
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
In case of hibernation with compression enabled, 'n' number of pages
will be compressed to 'x' number of pages before being written to the
disk. Keep a note of these compressed block counts so that bootloader
can directly read 'x' pages and pass it on to the decompressor. An
array will be maintained which will hold the count of these compressed
blocks and later on written to the the disk as part of the hibernation
image save process.
The vendor hook '__tracepoint_android_vh_hibernated_do_mem_alloc' does
the required memory allocations, for example, the array which is
dynamically allocated based on the snapshot image size so as to hold
the compressed block counts etc. This memory is later freed as part of
PM_POST_HIBERNATION notifier call.
The vendor hook '__tracepoint_android_vh_hibernate_save_cmp_len' saves
the compressed block counts to the array which is later written to the
disk.
Bug: 335581841
Change-Id: I574b641e2d9f4cd503c7768a66a7be3142c2686b
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
After applying commit 990d3701d0 ("BACKPORT: PM: hibernate: Move
to crypto APIs for LZO compression"), CRPTO_LZO is selected by
default. Sync the gki_defconfig accordingly. This doesn't add any
functional change.
Bug: 335581841
Change-Id: Iafa7211245f6d66a96f8f0030e2574c7a220d3a4
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Currently the default compression algorithm is selected based on
compile time options. Introduce a module parameter "hibernate.compressor"
to override this behaviour.
Different compression algorithms have different characteristics and
hibernation may benefit when it uses any of these algorithms, especially
when a secondary algorithm(LZ4) offers better decompression speeds over
a default algorithm(LZO), which in turn reduces hibernation image
restore time.
Users can override the default algorithm in two ways:
1) Passing "hibernate.compressor" as kernel command line parameter.
Usage:
LZO: hibernate.compressor=lzo
LZ4: hibernate.compressor=lz4
2) Specifying the algorithm at runtime.
Usage:
LZO: echo lzo > /sys/module/hibernate/parameters/compressor
LZ4: echo lz4 > /sys/module/hibernate/parameters/compressor
Currently LZO and LZ4 are the supported algorithms. LZO is the default
compression algorithm used with hibernation.
Bug: 335581841
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
(cherry picked from commit 3fec6e5961b77af6a952b77f5c2ea26f7513b216)
Change-Id: I3c787939c8d37dfeb2c164de69078d303411f938
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Extend the support for LZ4 compression to be used with hibernation.
The main idea is that different compression algorithms
have different characteristics and hibernation may benefit when it uses
any of these algorithms: a default algorithm, having higher
compression rate but is slower(compression/decompression) and a
secondary algorithm, that is faster(compression/decompression) but has
lower compression rate.
LZ4 algorithm has better decompression speeds over LZO. This reduces
the hibernation image restore time.
As per test results:
LZO LZ4
Size before Compression(bytes) 682696704 682393600
Size after Compression(bytes) 146502402 155993547
Decompression Rate 335.02 MB/s 501.05 MB/s
Restore time 4.4s 3.8s
LZO is the default compression algorithm used for hibernation. Enable
CONFIG_HIBERNATION_COMP_LZ4 to set the default compressor as LZ4.
Bug: 335581841
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
(cherry picked from commit 8bc29736357e7f9a6bd0d16b57b5612197e1924b)
Change-Id: I640d834bb626e9a139e41740d4bef7548d5c6401
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Currently for hibernation, LZO is the only compression algorithm
available and uses the existing LZO library calls. However, there
is no flexibility to switch to other algorithms which provides better
results. The main idea is that different compression algorithms have
different characteristics and hibernation may benefit when it uses
alternate algorithms.
By moving to crypto based APIs, it lays a foundation to use other
compression algorithms for hibernation. There are no functional changes
introduced by this approach.
Bug: 335581841
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
(cherry picked from commit a06c6f5d3cc90b3b070d7b99979d57238db77a86)
Change-Id: I8d15262f9823219d291b84eab28b2ec44474dad4
[quic_nprakash: Resolved minor conflicts in kernel/power/(power.h,swap.c)]
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Renaming lzo* to generic names, except for lzo_xxx() APIs. This is
used in the next patch where we move to crypto based APIs for
compression. There are no functional changes introduced by this
approach.
Bug: 335581841
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
(cherry picked from commit 89a807625f9701154167bf6bf136adfa1be4d849)
Change-Id: I8e2032658132965bed4c7b24b7409ae7a1bfa6cd
[quic_nprakash: Resolved minor conflicts in kernel/power/swap.c]
Signed-off-by: Nikhil V <quic_nprakash@quicinc.com>
Changes in 6.1.79
work around gcc bugs with 'asm goto' with outputs
update workarounds for gcc "asm goto" issue
btrfs: add and use helper to check if block group is used
btrfs: do not delete unused block group if it may be used soon
btrfs: forbid creating subvol qgroups
btrfs: do not ASSERT() if the newly created subvolume already got read
btrfs: forbid deleting live subvol qgroup
btrfs: send: return EOPNOTSUPP on unknown flags
btrfs: don't reserve space for checksums when writing to nocow files
btrfs: reject encoded write if inode has nodatasum flag set
btrfs: don't drop extent_map for free space inode on write error
driver core: Fix device_link_flag_is_sync_state_only()
of: unittest: Fix compile in the non-dynamic case
KVM: selftests: Clear dirty ring states between two modes in dirty_log_test
KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test
wifi: iwlwifi: Fix some error codes
wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table()
of: property: Improve finding the supplier of a remote-endpoint property
net: openvswitch: limit the number of recursions from action sets
lan966x: Fix crash when adding interface under a lag
tls/sw: Use splice_eof() to flush
tls: extract context alloc/initialization out of tls_set_sw_offload
net: tls: factor out tls_*crypt_async_wait()
tls: fix race between async notify and socket close
net: tls: fix use-after-free with partial reads and async decrypt
net: tls: fix returned read length with async decrypt
spi: ppc4xx: Drop write-only variable
ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work()
net: sysfs: Fix /sys/class/net/<iface> path for statistics
nouveau/svm: fix kvcalloc() argument order
MIPS: Add 'memory' clobber to csum_ipv6_magic() inline assembler
i40e: Do not allow untrusted VF to remove administratively set MAC
i40e: Fix waiting for queues of all VSIs to be disabled
scs: add CONFIG_MMU dependency for vfree_atomic()
tracing/trigger: Fix to return error if failed to alloc snapshot
mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again
scsi: storvsc: Fix ring buffer size calculation
dm-crypt, dm-verity: disable tasklets
ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF
parisc: Prevent hung tasks when printing inventory on serial console
ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32
ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx
HID: i2c-hid-of: fix NULL-deref on failed power up
HID: wacom: generic: Avoid reporting a serial of '0' to userspace
HID: wacom: Do not register input devices until after hid_hw_start
iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP
usb: ucsi: Add missing ppm_lock
usb: ulpi: Fix debugfs directory leak
usb: ucsi_acpi: Fix command completion handling
USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT
usb: f_mass_storage: forbid async queue when shutdown happen
usb: dwc3: gadget: Fix NULL pointer dereference in dwc3_gadget_suspend
interconnect: qcom: sc8180x: Mark CO0 BCM keepalive
media: ir_toy: fix a memleak in irtoy_tx
driver core: fw_devlink: Improve detection of overlapping cycles
powerpc/kasan: Fix addr error caused by page alignment
cifs: fix underflow in parse_server_interfaces()
i2c: qcom-geni: Correct I2C TRE sequence
irqchip/loongson-eiointc: Use correct struct type in eiointc_domain_alloc()
powerpc/kasan: Limit KASAN thread size increase to 32KB
i2c: pasemi: split driver into two separate modules
i2c: i801: Fix block process call transactions
modpost: trim leading spaces when processing source files list
mptcp: get rid of msk->subflow
mptcp: fix data re-injection from stale subflow
selftests: mptcp: add missing kconfig for NF Filter
selftests: mptcp: add missing kconfig for NF Filter in v6
selftests: mptcp: add missing kconfig for NF Mangle
selftests: mptcp: increase timeout to 30 min
mptcp: drop the push_pending field
mptcp: check addrs list in userspace_pm_get_local_id
media: Revert "media: rkisp1: Drop IRQF_SHARED"
scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock"
Revert "drm/amd: flush any delayed gfxoff on suspend entry"
drm/virtio: Set segment size for virtio_gpu device
lsm: fix the logic in security_inode_getsecctx()
firewire: core: correct documentation of fw_csr_string() kernel API
ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads
kbuild: Fix changing ELF file type for output of gen_btf for big endian
nfc: nci: free rx_data_reassembly skb on NCI device cleanup
net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()
net: stmmac: do not clear TBS enable bit on link up/down
xen-netback: properly sync TX responses
modpost: propagate W=1 build option to modpost
modpost: Don't let "driver"s reference .exit.*
linux/init: remove __memexit* annotations
modpost: Include '.text.*' in TEXT_SECTIONS
um: Fix adding '-no-pie' for clang
modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS
ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL
ASoC: codecs: wcd938x: handle deferred probe
ALSA: hda/cs8409: Suppress vmaster control for Dolphin models
ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power
binder: signal epoll threads of self-work
misc: fastrpc: Mark all sessions as invalid in cb_remove
ext4: fix double-free of blocks due to wrong extents moved_len
ext4: avoid bb_free and bb_fragments inconsistency in mb_free_blocks()
tracing: Fix wasted memory in saved_cmdlines logic
staging: iio: ad5933: fix type mismatch regression
iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC
iio: core: fix memleak in iio_device_register_sysfs
iio: commom: st_sensors: ensure proper DMA alignment
iio: accel: bma400: Fix a compilation problem
iio: adc: ad_sigma_delta: ensure proper DMA alignment
iio: imu: adis: ensure proper DMA alignment
iio: imu: bno055: serdev requires REGMAP
media: rc: bpf attach/detach requires write permission
ksmbd: free aux buffer if ksmbd_iov_pin_rsp_read fails
xfrm: Remove inner/outer modes from output path
xfrm: Remove inner/outer modes from input path
drm/msm: Wire up tlb ops
drm/prime: Support page array >= 4GB
drm/amd/display: Increase frame-larger-than for all display_mode_vba files
drm/amd/display: Preserve original aspect ratio in create stream
hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove
ring-buffer: Clean ring_buffer_poll_wait() error return
nfp: flower: fix hardware offload for the transfer layer port
serial: max310x: set default value when reading clock ready bit
serial: max310x: improve crystal stable clock detection
serial: max310x: fail probe if clock crystal is unstable
serial: max310x: prevent infinite while() loop in port startup
powerpc/64: Set task pt_regs->link to the LR value on scv entry
powerpc/cputable: Add missing PPC_FEATURE_BOOKE on PPC64 Book-E
powerpc/pseries: fix accuracy of stolen time
x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6
x86/fpu: Stop relying on userspace for info to fault in xsave buffer
KVM: x86/pmu: Fix type length error when reading pmu->fixed_ctr_ctrl
x86/mm/ident_map: Use gbpages only where full GB page should be mapped.
io_uring/net: fix multishot accept overflow handling
mmc: slot-gpio: Allow non-sleeping GPIO ro
ALSA: hda/realtek: fix mute/micmute LED For HP mt645
ALSA: hda/conexant: Add quirk for SWS JS201D
nilfs2: fix data corruption in dsync block recovery for small block sizes
nilfs2: fix hang in nilfs_lookup_dirty_data_buffers()
crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked
nfp: use correct macro for LengthSelect in BAR config
nfp: flower: prevent re-adding mac index for bonded port
wifi: cfg80211: fix wiphy delayed work queueing
wifi: mac80211: reload info pointer in ieee80211_tx_dequeue()
irqchip/irq-brcmstb-l2: Add write memory barrier before exit
irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update
zonefs: Improve error handling
mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk can't be detected by BIOS
ASoC: amd: yc: Add DMI quirk for Lenovo Ideapad Pro 5 16ARP8
tools/rtla: Remove unused sched_getattr() function
tools/rtla: Replace setting prio with nice for SCHED_OTHER
tools/rtla: Exit with EXIT_SUCCESS when help is invoked
tools/rtla: Fix uninitialized bucket/data->bucket_size warning
tools/rtla: Fix Makefile compiler options for clang
fs: relax mount_setattr() permission checks
net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio
s390/qeth: Fix potential loss of L3-IP@ in case of network issues
net: ethernet: ti: cpsw_new: enable mac_managed_pm to fix mdio
hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed
ceph: prevent use-after-free in encode_cap_msg()
fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
mm: hugetlb pages should not be reserved by shmat() if SHM_NORESERVE
of: property: fix typo in io-channels
can: netlink: Fix TDCO calculation using the old data bittiming
can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock
can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)
pmdomain: core: Move the unused cleanup to a _sync initcall
fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand()
tracing: Inform kmemleak of saved_cmdlines allocation
xfrm: Use xfrm_state selector for BEET input
xfrm: Silence warnings triggerable by bad packets
tls: fix NULL deref on tls_sw_splice_eof() with empty record
selftests/mm: ksm_tests should only MADV_HUGEPAGE valid memory
selftests/mm: Update va_high_addr_switch.sh to check CPU for la57 flag
md: bypass block throttle for superblock update
ARM: dts: imx6q-apalis: add can power-up delay on ixora board
wifi: mwifiex: Support SD8978 chipset
wifi: mwifiex: add extra delay for firmware ready
bus: moxtet: Add spi device table
arm64: dts: qcom: msm8916: Enable blsp_dma by default
arm64: dts: qcom: msm8916: Make blsp_dma controlled-remotely
arm64: dts: qcom: sdm845: fix USB SS wakeup
arm64: dts: qcom: sm8150: fix USB SS wakeup
wifi: mwifiex: fix uninitialized firmware_stat
crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init
block: fix partial zone append completion handling in req_bio_endio()
netfilter: ipset: fix performance regression in swap operation
netfilter: ipset: Missing gc cancellations fixed
parisc: Fix random data corruption from exception handler
nfsd: fix RELEASE_LOCKOWNER
nfsd: don't take fi_lock in nfsd_break_deleg_cb()
hrtimer: Ignore slack time for RT tasks in schedule_hrtimeout_range()
RDMA/irdma: Ensure iWarp QP queue memory is OS paged aligned
smb: client: fix potential OOBs in smb2_parse_contexts()
smb: client: fix parsing of SMB3.1.1 POSIX create context
net: prevent mss overflow in skb_segment()
bpf: Add struct for bin_args arg in bpf_bprintf_prepare
bpf: Do cleanup in bpf_bprintf_cleanup only when needed
bpf: Remove trace_printk_lock
userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb
dmaengine: ioat: Free up __cleanup() name
apparmor: Free up __cleanup() name
locking: Introduce __cleanup() based infrastructure
kbuild: Drop -Wdeclaration-after-statement
sched/membarrier: reduce the ability to hammer on sys_membarrier
of: property: Add in-ports/out-ports support to of_graph_get_port_parent()
nilfs2: fix potential bug in end_buffer_async_write
nilfs2: replace WARN_ONs for invalid DAT metadata block requests
dm: limit the number of targets and parameter size area
arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata
fs/ntfs3: Add null pointer checks
mlxsw: spectrum_acl_tcam: Fix stack corruption
Linux 6.1.79
Change-Id: I7051a7a0b0aae8ff6503314e4999e561e713769a
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit a94d303bea which is
commit dad6a09f3148257ac1773cd90934d721d68ab595 upstream.
It breaks the Android kernel abi and can be brought back in the future
in an abi-safe way if it is really needed.
Bug: 161946584
Change-Id: I3946038162ecfa5fafc8721ac4aaa8545ed540e2
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Changes in 6.1.78
ext4: regenerate buddy after block freeing failed if under fc replay
dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools
dmaengine: ti: k3-udma: Report short packet errors
dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA
dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA
phy: renesas: rcar-gen3-usb2: Fix returning wrong error code
dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV
phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
cifs: failure to add channel on iface should bump up weight
drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case
drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case
drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup
net: stmmac: xgmac: fix handling of DPP safety error for DMA channels
wifi: mac80211: fix waiting for beacons logic
netdevsim: avoid potential loop in nsim_dev_trap_report_work()
net: atlantic: Fix DMA mapping for PTP hwts ring
selftests: net: cut more slack for gro fwd tests.
selftests: net: avoid just another constant wait
tunnels: fix out of bounds access when building IPv6 PMTU error
atm: idt77252: fix a memleak in open_card_ubr0
octeontx2-pf: Fix a memleak otx2_sq_init
hwmon: (aspeed-pwm-tacho) mutex for tach reading
hwmon: (coretemp) Fix out-of-bounds memory access
hwmon: (coretemp) Fix bogus core_id to attr name mapping
inet: read sk->sk_family once in inet_recv_error()
drm/i915/gvt: Fix uninitialized variable in handle_mmio()
rxrpc: Fix response to PING RESPONSE ACKs to a dead call
tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()
af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC.
ppp_async: limit MRU to 64K
selftests: cmsg_ipv6: repeat the exact packet
netfilter: nft_compat: narrow down revision to unsigned 8-bits
netfilter: nft_compat: reject unused compat flag
netfilter: nft_compat: restrict match/target protocol to u16
drm/amd/display: Implement bounds check for stream encoder creation in DCN301
netfilter: nft_ct: reject direction for ct id
netfilter: nft_set_pipapo: store index in scratch maps
netfilter: nft_set_pipapo: add helper to release pcpu scratch area
netfilter: nft_set_pipapo: remove scratch_aligned pointer
fs/ntfs3: Fix an NULL dereference bug
scsi: core: Move scsi_host_busy() out of host lock if it is for per-command
blk-iocost: Fix an UBSAN shift-out-of-bounds warning
fs: dlm: don't put dlm_local_addrs on heap
mtd: parsers: ofpart: add workaround for #size-cells 0
ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision
ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter
ALSA: usb-audio: add quirk for RODE NT-USB+
USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e
USB: serial: option: add Fibocom FM101-GL variant
USB: serial: cp210x: add ID for IMST iM871A-USB
usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK
usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK
hrtimer: Report offline hrtimer enqueue
Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU
Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID
io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers
Revert "ASoC: amd: Add new dmi entries for acp5x platform"
vhost: use kzalloc() instead of kmalloc() followed by memset()
RDMA/irdma: Fix support for 64k pages
f2fs: add helper to check compression level
block: treat poll queue enter similarly to timeouts
clocksource: Skip watchdog check for large watchdog intervals
net: stmmac: xgmac: use #define for string constants
ALSA: usb-audio: Sort quirk table entries
net: stmmac: xgmac: fix a typo of register name in DPP safety handling
netfilter: nft_set_rbtree: skip end interval element from gc
Linux 6.1.78
Change-Id: Iba16875d4cb88deffea077cf69495f9fe447ea23
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
This reverts commit 25eaa9f999 which is
commit 90d50b8d85834e73536fdccd5aa913b30494fef0 upstream.
It breaks the Android kernel abi and can be brought back in the future
in an abi-safe way if it is really needed.
Bug: 161946584
Change-Id: I7d11b085bf6cbe0d7eb1c0d87f5dc5c3cb88e323
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
There are no new symbols to be added to GKI symbol list.
We simply update our symbol list.
Bug: 335537438
Change-Id: Iae0594ff776853df2b38eb3215a5378a03995c40
Signed-off-by: Youngmin Nam <youngmin.nam@samsung.com>
Symbols updated to QCOM abi symbol list for Marvell Phy and Mdio Bus Mux:
ethnl_cable_test_amplitude
ethnl_cable_test_pulse
ethnl_cable_test_step
genphy_check_and_restart_aneg
genphy_read_status_fixed
of_mdio_find_bus
phy_config_aneg
phy_gbit_fibre_features
Bug: 335414016
Change-Id: I1fa732935cb1a33bcde782fdfe38f5b3fcfae4cb
Signed-off-by: Andre Ding <quic_shuangxi@quicinc.com>
When building clock drivers for MT8186, some may want to build in only
some of them to, for example, get CPUFreq up faster, and some may want
to leave out some clock drivers entirely as a machine may not need the
Warp Engine or the camera ISP (hence, their clock drivers).
Split the various clock drivers in their own configuration options,
keeping MT8186 configuration options consistent with other MediaTek
SoCs.
While at it, also allow building the remaining clock drivers as modules
by switching COMMON_CLK_MT8186 to tristate.
Bug: 335112842
(cherry picked from commit 5baf38e06ahttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ master)
Signed-off-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Reviewed-by: Chen-Yu Tsai <wenst@chromium.org>
Link: https://lore.kernel.org/r/20230306140543.1813621-47-angelogioacchino.delregno@collabora.com
Signed-off-by: Stephen Boyd <sboyd@kernel.org>
Change-Id: Id9dad0e1d56fcae3bb9302b7db63be31afc91d5d
Adding the following symbols:
- devm_drm_bridge_add
Bug: 333511135
Change-Id: I4f815c00515c1f2660032e584778edf1c2c41da4
Signed-off-by: Ken Huang <kenbshuang@google.com>
This reverts commit I764adf995cae6b485d4d98e410c78128a88647e0.
Bug: 333812722
Bug: 308663717
Bug: 319125789
Change-Id: Ie7f03b9d1ab67a33ccbc4311ba26cd746e1aaa22
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
[jyescas@google.com: Call blk_segments() in blk_mq_submit_bio()
for the case when request is defined or it
is null]
Signed-off-by: Juan Yescas <jyescas@google.com>
