Memory hotplugging is allowed only for multiples of section sizes.
Section size could be huge (ex. 1GB for arm64 targets) thus limiting
to add/remove lower chunks of memory. This patch allows drivers to add
memory of subsection sizes which are then added to memblock. This does
not create a separate memblock device nodes for newly added subsections
until the whole of the memblock section is added.
Bug: 170460867
Change-Id: I15749b5320340cba4d526e7ddb26a9cd6029c690
Signed-off-by: Sudarshan Rajagopalan <sudaraja@codeaurora.org>
There are out of tree drivers which need IOMMU_SYS_CACHE_ONLY
to be able to cache their data buffers in the system cache,
so restore it.
Bug: 176778547
Change-Id: Ic632a6f5951f9917e6006088b065fdbaf4e1b374
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
After certain memory blocks are offlined, some usecases require that the
page-table mappings are removed while still keeping the memblock device nodes,
memory resources and the memmap entries intact. This is to avoid the overhead
involved in using 'remove_memory' if the offlined blocks will be added/onlined
back into the system at later point. {populate/depopulate}_range_driver_managed
provide the abilty to drivers to tear-down and create page-table mappings of
memory blocks that its managing, without having to use 'remove_memory' and
friends for the purpose.
These functions does not interfere with mappings of boot memory or resources
that isn't owned by the driver.
Bug: 171907330
Change-Id: Ie11201334bd7438bf87f933ccc81814fa99162c4
Signed-off-by: Sudarshan Rajagopalan <sudaraja@codeaurora.org>
The vendor hook in select_task_rq_fair() currently sees a potentially
stale task utilization. Make sure to sync it beforehand to avoid any
issues.
Fixes: a1fc1fba46 ("ANDROID: sched: add restrict vendor hook to modify task placement policy in EAS")
Signed-off-by: Quentin Perret <qperret@google.com>
Change-Id: I7675ce9fd37b160f8a7ba9651ae73b69a16d6d12
The vendor hook in find_energy_efficient_cpu() currently sees a
potentially stale task utilization. Make sure to sync it beforehand to
avoid any issues by moving the call at the top of the function. This
also ensures the check on task_fits_capacity() when the sync flag is set
sees an up-to-date task util.
Fixes: a9c5fcfe9c ("ANDROID: sched/fair: Have sync honor fits_capacity")
Fixes: 147a9b3d9e ("ANDROID: sched: Add vendor hooks for find_energy_efficient_cpu")
Signed-off-by: Quentin Perret <qperret@google.com>
Change-Id: Ie9a6c89249a2aefbccced4786ce4d4728e39dd12
Enable the KUNIT core, which has a small ABI impact, and also the
DEBUGFS feature so that results can be reaped. This change does not
actually enable any KUNIT tests or the internal selftests, those must be
enabled by downstream builds.
Bug: 176228452
Change-Id: I2817cb1495fe7bf0485e63f877a68b1971e26cc5
Signed-off-by: Alistair Delva <adelva@google.com>
Add support for IOMMU drivers to have their own map_sg() callbacks.
This completes the path for having iommu_map_sg() invoke an IOMMU
driver's map_sg() callback, which can then invoke the io-pgtable
map_sg() callback with the entire scatter-gather list, so that it
can be processed entirely in the io-pgtable layer.
For IOMMU drivers that do not provide a callback, the default
implementation of iterating through the scatter-gather list, while
calling iommu_map() will be used.
Bug: 176779203
Link: https://lore.kernel.org/linux-iommu/1610376862-927-1-git-send-email-isaacm@codeaurora.org/T/#t
Change-Id: I3d5a8a9e8648649d8dcdda3fa1df41d72f87a528
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
Tested-by: Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org>
While mapping a scatter-gather list, iommu_map_sg() calls
into the IOMMU driver through an indirect call, which can
call into the io-pgtable code through another indirect call.
This sequence of going through the IOMMU core code, the IOMMU
driver, and finally the io-pgtable code, occurs for every
element in the scatter-gather list, in the worse case, which
is not optimal.
Introduce a map_sg callback in the io-pgtable ops so that
IOMMU drivers can invoke it with the complete scatter-gather
list, so that it can be processed within the io-pgtable
code entirely, reducing the number of indirect calls, and
boosting overall iommu_map_sg() performance.
Bug: 176779203
Link: https://lore.kernel.org/linux-iommu/1610376862-927-1-git-send-email-isaacm@codeaurora.org/T/#t
Change-Id: I4b2088dd08eb97dcd94a6c6968082a3c4395351a
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
Tested-by: Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org>
UFS specficication allows different VCC configurations for UFS devices,
for example:
(1). 2.70V - 3.60V (Activated by default in UFS core driver)
(2). 1.70V - 1.95V (Activated if "vcc-supply-1p8" is declared in
device tree)
(3). 2.40V - 2.70V (Supported since UFS 3.x)
With the introduction of UFS 3.x products, an issue is happening that UFS
driver will use wrong "min_uV-max_uV" values to configure the voltage of
VCC regulator on UFU 3.x products with the configuration (3) used.
To solve this issue, we simply remove pre-defined initial VCC voltage
values in UFS core driver with below reasons,
1. UFS specifications do not define how to detect the VCC configuration
supported by attached device.
2. Device tree already supports standard regulator properties.
Therefore VCC voltage shall be defined correctly in device tree, and shall
not changed by UFS driver. What UFS driver needs to do is simply enable or
disable the VCC regulator only.
Similar change is applied to VCCQ and VCCQ2 as well.
Note that we keep struct ufs_vreg unchanged. This allows vendors to
configure proper min_uV and max_uV of any regulators to make
regulator_set_voltage() works during regulator toggling flow in the
future. Without specific vendor configurations, min_uV and max_uV will be
NULL by default and UFS core driver will enable or disable the regulator
only without adjusting its voltage.
Bug: 176226589
(cherry picked from commit 5b44a07b6b
git://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git 5.11/scsi-queue)
Link: https://lore.kernel.org/r/20201202091819.22363-1-stanley.chu@mediatek.com
Reviewed-by: Asutosh Das <asutoshd@codeaurora.org>
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Reviewed-by: Can Guo <cang@codeaurora.org>
Acked-by: Avri Altman <avri.altman@wdc.com>
Signed-off-by: Stanley Chu <stanley.chu@mediatek.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Bao D. Nguyen <nguyenb@codeaurora.org>
Signed-off-by: Paul Lawrence <paullawrence@google.com>
Change-Id: Icb9c24d50cd8b6fff9f21748773686271d5dbd7b
Export pcpu_nr_pages symbol which is used as part
of meminfo collection from minidump module.
Bug: 177027175
Change-Id: I08262ec95a3f1be8322b9b8d2d9c4098518fc408
Signed-off-by: Vijayanand Jitta <vjitta@codeaurora.org>
Export total_swapcache_pages symbol which is used
as part of meminfo collection from minidump module.
Bug: 176277894
Change-Id: I75f508555b7f310c1aee788a7e300862abccba93
Signed-off-by: Vijayanand Jitta <vjitta@codeaurora.org>
Export si_swapinfo symbol which is used as part
of meminfo collection from minidump module.
Bug: 176277894
Change-Id: I5dc1672ce649c22dc33d4a544ee5a38f8376becf
Signed-off-by: Vijayanand Jitta <vjitta@codeaurora.org>
Changes in 5.10.5
net/sched: sch_taprio: reset child qdiscs before freeing them
mptcp: fix security context on server socket
ethtool: fix error paths in ethnl_set_channels()
ethtool: fix string set id check
md/raid10: initialize r10_bio->read_slot before use.
drm/amd/display: Add get_dig_frontend implementation for DCEx
io_uring: close a small race gap for files cancel
jffs2: Allow setting rp_size to zero during remounting
jffs2: Fix NULL pointer dereference in rp_size fs option parsing
spi: dw-bt1: Fix undefined devm_mux_control_get symbol
opp: fix memory leak in _allocate_opp_table
opp: Call the missing clk_put() on error
scsi: block: Fix a race in the runtime power management code
mm/hugetlb: fix deadlock in hugetlb_cow error path
mm: memmap defer init doesn't work as expected
lib/zlib: fix inflating zlib streams on s390
io_uring: don't assume mm is constant across submits
io_uring: use bottom half safe lock for fixed file data
io_uring: add a helper for setting a ref node
io_uring: fix io_sqe_files_unregister() hangs
uapi: move constants from <linux/kernel.h> to <linux/const.h>
tools headers UAPI: Sync linux/const.h with the kernel headers
cgroup: Fix memory leak when parsing multiple source parameters
zlib: move EXPORT_SYMBOL() and MODULE_LICENSE() out of dfltcc_syms.c
scsi: cxgb4i: Fix TLS dependency
Bluetooth: hci_h5: close serdev device and free hu in h5_close
fbcon: Disable accelerated scrolling
reiserfs: add check for an invalid ih_entry_count
misc: vmw_vmci: fix kernel info-leak by initializing dbells in vmci_ctx_get_chkpt_doorbells()
media: gp8psk: initialize stats at power control logic
f2fs: fix shift-out-of-bounds in sanity_check_raw_super()
ALSA: seq: Use bool for snd_seq_queue internal flags
ALSA: rawmidi: Access runtime->avail always in spinlock
bfs: don't use WARNING: string when it's just info.
ext4: check for invalid block size early when mounting a file system
fcntl: Fix potential deadlock in send_sig{io, urg}()
io_uring: check kthread stopped flag when sq thread is unparked
rtc: sun6i: Fix memleak in sun6i_rtc_clk_init
module: set MODULE_STATE_GOING state when a module fails to load
quota: Don't overflow quota file offsets
rtc: pl031: fix resource leak in pl031_probe
powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe()
i3c master: fix missing destroy_workqueue() on error in i3c_master_register
NFSv4: Fix a pNFS layout related use-after-free race when freeing the inode
f2fs: avoid race condition for shrinker count
f2fs: fix race of pending_pages in decompression
module: delay kobject uevent until after module init call
powerpc/64: irq replay remove decrementer overflow check
fs/namespace.c: WARN if mnt_count has become negative
watchdog: rti-wdt: fix reference leak in rti_wdt_probe
um: random: Register random as hwrng-core device
um: ubd: Submit all data segments atomically
NFSv4.2: Don't error when exiting early on a READ_PLUS buffer overflow
ceph: fix inode refcount leak when ceph_fill_inode on non-I_NEW inode fails
drm/amd/display: updated wm table for Renoir
tick/sched: Remove bogus boot "safety" check
s390: always clear kernel stack backchain before calling functions
io_uring: remove racy overflow list fast checks
ALSA: pcm: Clear the full allocated memory at hw_params
dm verity: skip verity work if I/O error when system is shutting down
ext4: avoid s_mb_prefetch to be zero in individual scenarios
device-dax: Fix range release
Linux 5.10.5
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2b481bfac06bafdef2cf3cc1ac2c2a4ddf9913dc
CONFIG_MEMCG introduces overhead both in terms of memory usage as well
as in the minor page fault path and after moving to PSI it is currently
unused on non-Android Go devices. Disable it in GKI to avoid the overhead.
Bug: 169443770
Bug: 172296409
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I717c2a1bde6264285b86d583ae1a1007c36be223
Only kill a task with a negative ADJ score if there are no tasks with
non-negative ADJ scores. Otherwise, kill the task with the most
badness points whose ADJ score is also positive, if such a suitable
task exists.
Bug: 173837271
Signed-off-by: Chris Goldsworthy <cgoldswo@codeaurora.org>
Change-Id: I70fe48a3eeb853085bb1acfb422f88cd36d1f14d
"flags" is added to the vendor hook parameter so that the module can know
the event type of task enqueue/dequeue.
Bug: 176917922
Signed-off-by: Park Bumgyu <bumgyu.park@samsung.com>
Change-Id: I7cc60908e301d75393bdf84861878a94de80d683
Add vendors hooks for to facilitate various scheduler value adds.
Bug: 176077958
Change-Id: I5d488ae78ce05f81e6c73b69c56128b065647fec
Signed-off-by: Shaleen Agrawal <shalagra@codeaurora.org>
Handling all combinations of the VMAP_STACK and SHADOW_CALL_STACK options
in sdei_arch_get_entry_point() makes the code difficult to read,
particularly when considering the error and cleanup paths.
Move the checking of these options into the callee functions, so that
they return early if the relevant option is not enabled.
Bug: 169781940
Change-Id: I3daf8a409d3544fa4e76a28c2b2ae9efb82001ba
(cherry picked from commit eec3bf6861)
Signed-off-by: Will Deacon <will@kernel.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
The kernel currently uses kmem_cache to allocate shadow call stacks,
which means an overflows may not be immediately detected and can
potentially result in another task's shadow stack to be overwritten.
This change switches SCS to use virtually mapped shadow stacks for
tasks, which increases shadow stack size to a full page and provides
more robust overflow detection, similarly to VMAP_STACK.
Bug: 169781940
Change-Id: I92c8f5706c11e4bf45b071e4f302a65502faa1e1
(cherry picked from commit a2abe7cbd8)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Acked-by: Will Deacon <will@kernel.org>
Link: https://lore.kernel.org/r/20201130233442.2562064-2-samitolvanen@google.com
Signed-off-by: Will Deacon <will@kernel.org>
At present, EAS gets disabled when on ASYM Capacity systems
if all BIG or Little CPUs gets hot-plugged. Instead of disabling
EAS by default, add trace hook and let vendor decide if EAS should
be disabled or not.
Bug: 176964092
Change-Id: I583272cc89d44f3e3a4b1c43e3f75d731092ebf6
Signed-off-by: Satya Durga Srinivasu Prabhala <satyap@codeaurora.org>
A task can migrate either while it is waking or while it
is running via load balancer. Print the task status
i.e running or not in sched_migrate_task. This helps in
counting the different types of migrations without relying
on other trace events.
Bug: 176709810
Change-Id: Ib473f9ccdc78003bb1f5d2dc24354f2db7a684f5
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>
Signed-off-by: Satya Durga Srinivasu Prabhala <satyap@codeaurora.org>
When the sum of the utilization of CPUs in a power domain is zero,
return the energy as 0 without doing any computations.
Acked-by: Quentin Perret <qperret@google.com>
Reviewed-by: Dietmar Eggemann <dietmar.eggemann@arm.com>
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
(cherry picked from commit 9cc7e96aa8)
Bug: 173981595
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>
Change-Id: I9b1a83d210c30a8a86da26f94ac0c2f855d2ed10
Temporary workaround to enable arm64 gki devices to boot.
Virtual devices failed to boot with 5.10 ARM64 GKI because symbol
stripping has removed tracepoint symbols pertaining to xdp which are
included in the symbol allowlist.
klog excerpt for this error.
init: Loading module /lib/modules/virtio_net.ko with args ""
virtio_net: disagrees about version of symbol __traceiter_xdp_exception
virtio_net: Unknown symbol __traceiter_xdp_exception (err -22)
virtio_net: disagrees about version of symbol __tracepoint_xdp_exception
virtio_net: Unknown symbol __tracepoint_xdp_exception (err -22)
init: Failed to insmod '/lib/modules/virtio_net.ko' with args ''
init: LoadWithAliases was unable to load virtio_net
init: Failed to load kernel modules
Bug: 176831960
Test: Treehugger
Signed-off-by: Ram Muthiah <rammuthiah@google.com>
Change-Id: If5b6fd12ce1c783966ff4ed0a8bc141d077c71a3
To enable bfq i/o group scheduling for separating i/o groups to
foreground and background i/o groups, we need to set CONFIG_IOSCHED_BFQ
and CONFIG_BFQ_GROUP_IOSCHED to "y".
Bug: 171739280
Bug: 172520400
Signed-off-by: Daeho Jeong <daehojeong@google.com>
Change-Id: If9b5664ecfc8f78d9792d7ee5d3ea5a88a50b9d7
Collect the time for each allocation recorded in page owner so that
allocation "surges" can be measured.
Record the pid for each allocation recorded in page owner so that the
source of allocation "surges" can be better identified.
The above is very useful when doing memory analysis. On a crash for
example, we can get this information from kdump (or ramdump) and parse it
to figure out memory allocation problems.
Please note that on x86_64 this increases the size of struct page_owner
from 16 bytes to 32.
Vlastimil: it's not a functionality intended for production, so unless
somebody says they need to enable page_owner for debugging and this
increase prevents them from fitting into available memory, let's not
complicate things with making this optional.
[lmark@codeaurora.org: v3]
Link: https://lkml.kernel.org/r/20201210160357.27779-1-georgi.djakov@linaro.org
Link: https://lkml.kernel.org/r/20201209125153.10533-1-georgi.djakov@linaro.org
Signed-off-by: Liam Mark <lmark@codeaurora.org>
Signed-off-by: Georgi Djakov <georgi.djakov@linaro.org>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Jonathan Corbet <corbet@lwn.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 9cc7e96aa8)
Bug: 175129313
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I5e246ea009c7e9e34c1cc608bcd3196fc0e623b4
Formerly cuttlefish and goldfish had separate symbol lists.
The defconfigs and symbol lists were unified recently. However, the
symbol lists should conform to this naming convention.
Generated with
BUILD_CONFIG=common/build.config.gki.aarch64 build/build.sh;
BUILD_CONFIG= \
common-modules/virtual-device/build.config.virtual_device.aarch64 \
build/build.sh;
build/abi/extract_symbols out/android12-5.10/dist/ \
--whitelist common/android/abi_gki_aarch64_virtual_device
Test: Treehugger
Bug: 176831960
Signed-off-by: Ram Muthiah <rammuthiah@google.com>
Change-Id: I21755fbd3e9ab6319fdf4fcd06e501d722fb7242
Free the pages parallely for a task that receives SIGKILL, from ULMK
process, using the oom_reaper. This freeing of pages will help to give
the pages to buddy system well advance.
Add the boot param, reap_mem_when_killed_by=, that configures the
process name, the kill signal to a process from which makes its memory
reaped by oom reaper.
As an example, when reap_mem_when_killed_by=lmkd, then all the processes
that receives the kill signal from lmkd is added to oom reaper.
Not initializing this param makes this feature disabled.
Change-Id: I21adb95de5e380a80d7eb0b87d9b5b553f52e28a
Bug: 171763461
Signed-off-by: Charan Teja Reddy <charante@codeaurora.org>
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
To be able to update addresses of an IPsec SA, as required by
supporting MOBIKE
Bug: 169169084
Signed-off-by: Yan Yan <evitayan@google.com>
Change-Id: I5aa3f3556d615e4f0695bb78cd3cad9e83851df5
[ Upstream commit 82ef1370b0 ]
Commit cfd7323772 ("ext4: add prefetching for block allocation
bitmaps") introduced block bitmap prefetch, and expects to read block
bitmaps of flex_bg through an IO. However, it seems to ignore the
value range of s_log_groups_per_flex. In the scenario where the value
of s_log_groups_per_flex is greater than 27, s_mb_prefetch or
s_mb_prefetch_limit will overflow, cause a divide zero exception.
In addition, the logic of calculating nr is also flawed, because the
size of flexbg is fixed during a single mount, but s_mb_prefetch can
be modified, which causes nr to fail to meet the value condition of
[1, flexbg_size].
To solve this problem, we need to set the upper limit of
s_mb_prefetch. Since we expect to load block bitmaps of a flex_bg
through an IO, we can consider determining a reasonable upper limit
among the IO limit parameters. After consideration, we chose
BLK_MAX_SEGMENT_SIZE. This is a good choice to solve divide zero
problem and avoiding performance degradation.
[ Some minor code simplifications to make the changes easy to follow -- TYT ]
Reported-by: Tosk Robot <tencent_os_robot@tencent.com>
Signed-off-by: Chunguang Xu <brookxu@tencent.com>
Reviewed-by: Samuel Liao <samuelliao@tencent.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/1607051143-24508-1-git-send-email-brookxu@tencent.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 252bd12563 ]
If emergency system shutdown is called, like by thermal shutdown,
a dm device could be alive when the block device couldn't process
I/O requests anymore. In this state, the handling of I/O errors
by new dm I/O requests or by those already in-flight can lead to
a verity corruption state, which is a misjudgment.
So, skip verity work in response to I/O error when system is shutting
down.
Signed-off-by: Hyeongseok Kim <hyeongseok@gmail.com>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 618de0f4ef ]
The PCM hw_params core function tries to clear up the PCM buffer
before actually using for avoiding the information leak from the
previous usages or the usage before a new allocation. It performs the
memset() with runtime->dma_bytes, but this might still leave some
remaining bytes untouched; namely, the PCM buffer size is aligned in
page size for mmap, hence runtime->dma_bytes doesn't necessarily cover
all PCM buffer pages, and the remaining bytes are exposed via mmap.
This patch changes the memory clearance to cover the all buffer pages
if the stream is supposed to be mmap-ready (that guarantees that the
buffer size is aligned in page size).
Reviewed-by: Lars-Peter Clausen <lars@metafoo.de>
Link: https://lore.kernel.org/r/20201218145625.2045-3-tiwai@suse.de
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 9cd2be519d ]
list_empty_careful() is not racy only if some conditions are met, i.e.
no re-adds after del_init. io_cqring_overflow_flush() does list_move(),
so it's actually racy.
Remove those checks, we have ->cq_check_overflow for the fast path.
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 9365965db0 ]
Clear the kernel stack backchain before potentially calling the
lockdep trace_hardirqs_off/on functions. Without this walking the
kernel backchain, e.g. during a panic, might stop too early.
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit ba8ea8e7dd ]
can_stop_idle_tick() checks whether the do_timer() duty has been taken over
by a CPU on boot. That's silly because the boot CPU always takes over with
the initial clockevent device.
But even if no CPU would have installed a clockevent and taken over the
duty then the question whether the tick on the current CPU can be stopped
or not is moot. In that case the current CPU would have no clockevent
either, so there would be nothing to keep ticking.
Remove it.
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Frederic Weisbecker <frederic@kernel.org>
Link: https://lore.kernel.org/r/20201206212002.725238293@linutronix.de
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 503b934a75 ]
Expanding the READ_PLUS extents can cause the read buffer to overflow.
If it does, then don't error, but just exit early.
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit fc6b6a872d ]
Internally, UBD treats each physical IO segment as a separate command to
be submitted in the execution pipe. If the pipe returns a transient
error after a few segments have already been written, UBD will tell the
block layer to requeue the request, but there is no way to reclaim the
segments already submitted. When a new attempt to dispatch the request
is done, those segments already submitted will get duplicated, causing
the WARN_ON below in the best case, and potentially data corruption.
In my system, running a UML instance with 2GB of RAM and a 50M UBD disk,
I can reproduce the WARN_ON by simply running mkfs.fvat against the
disk on a freshly booted system.
There are a few ways to around this, like reducing the pressure on
the pipe by reducing the queue depth, which almost eliminates the
occurrence of the problem, increasing the pipe buffer size on the host
system, or by limiting the request to one physical segment, which causes
the block layer to submit way more requests to resolve a single
operation.
Instead, this patch modifies the format of a UBD command, such that all
segments are sent through a single element in the communication pipe,
turning the command submission atomic from the point of view of the
block layer. The new format has a variable size, depending on the
number of elements, and looks like this:
+------------+-----------+-----------+------------
| cmd_header | segment 0 | segment 1 | segment ...
+------------+-----------+-----------+------------
With this format, we push a pointer to cmd_header in the submission
pipe.
This has the advantage of reducing the memory footprint of executing a
single request, since it allow us to merge some fields in the header.
It is possible to reduce even further each segment memory footprint, by
merging bitmap_words and cow_offset, for instance, but this is not the
focus of this patch and is left as future work. One issue with the
patch is that for a big number of segments, we now perform one big
memory allocation instead of multiple small ones, but I wasn't able to
trigger any real issues or -ENOMEM because of this change, that wouldn't
be reproduced otherwise.
This was tested using fio with the verify-crc32 option, and by running
an ext4 filesystem over this UBD device.
The original WARN_ON was:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at lib/refcount.c:28 refcount_warn_saturate+0x13f/0x141
refcount_t: underflow; use-after-free.
Modules linked in:
CPU: 0 PID: 0 Comm: swapper Not tainted 5.5.0-rc6-00002-g2a5bb2cf75c8 #346
Stack:
6084eed0 6063dc77 00000009 6084ef60
00000000 604b8d9f 6084eee0 6063dcbc
6084ef40 6006ab8d e013d780 1c00000000
Call Trace:
[<600a0c1c>] ? printk+0x0/0x94
[<6004a888>] show_stack+0x13b/0x155
[<6063dc77>] ? dump_stack_print_info+0xdf/0xe8
[<604b8d9f>] ? refcount_warn_saturate+0x13f/0x141
[<6063dcbc>] dump_stack+0x2a/0x2c
[<6006ab8d>] __warn+0x107/0x134
[<6008da6c>] ? wake_up_process+0x17/0x19
[<60487628>] ? blk_queue_max_discard_sectors+0x0/0xd
[<6006b05f>] warn_slowpath_fmt+0xd1/0xdf
[<6006af8e>] ? warn_slowpath_fmt+0x0/0xdf
[<600acc14>] ? raw_read_seqcount_begin.constprop.0+0x0/0x15
[<600619ae>] ? os_nsecs+0x1d/0x2b
[<604b8d9f>] refcount_warn_saturate+0x13f/0x141
[<6048bc8f>] refcount_sub_and_test.constprop.0+0x2f/0x37
[<6048c8de>] blk_mq_free_request+0xf1/0x10d
[<6048ca06>] __blk_mq_end_request+0x10c/0x114
[<6005ac0f>] ubd_intr+0xb5/0x169
[<600a1a37>] __handle_irq_event_percpu+0x6b/0x17e
[<600a1b70>] handle_irq_event_percpu+0x26/0x69
[<600a1bd9>] handle_irq_event+0x26/0x34
[<600a1bb3>] ? handle_irq_event+0x0/0x34
[<600a5186>] ? unmask_irq+0x0/0x37
[<600a57e6>] handle_edge_irq+0xbc/0xd6
[<600a131a>] generic_handle_irq+0x21/0x29
[<60048f6e>] do_IRQ+0x39/0x54
[...]
---[ end trace c6e7444e55386c0f ]---
Cc: Christopher Obbard <chris.obbard@collabora.com>
Reported-by: Martyn Welch <martyn@collabora.com>
Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.com>
Tested-by: Christopher Obbard <chris.obbard@collabora.com>
Acked-by: Anton Ivanov <anton.ivanov@cambridgegreys.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
[ Upstream commit 72d3e093af ]
The UML random driver creates a dummy device under the guest,
/dev/hw_random. When this file is read from the guest, the driver
reads from the host machine's /dev/random, in-turn reading from
the host kernel's entropy pool. This entropy pool could have been
filled by a hardware random number generator or just the host
kernel's internal software entropy generator.
Currently the driver does not fill the guests kernel entropy pool,
this requires a userspace tool running inside the guest (like
rng-tools) to read from the dummy device provided by this driver,
which then would fill the guest's internal entropy pool.
This all seems quite pointless when we are already reading from an
entropy pool, so this patch aims to register the device as a hwrng
device using the hwrng-core framework. This not only improves and
cleans up the driver, but also fills the guest's entropy pool
without having to resort to using extra userspace tools in the guest.
This is typically a nuisance when booting a guest: the random pool
takes a long time (~200s) to build up enough entropy since the dummy
hwrng is not used to fill the guest's pool.
This port was originally attempted by Alexander Neville "dark" (in CC,
discussion in Link), but the conversation there stalled since the
handling of -EAGAIN errors were no removed and longer handled by the
driver. This patch attempts to use the existing method of error
handling but utilises the new hwrng core.
The issue can be noticed when booting a UML guest:
[ 2.560000] random: fast init done
[ 214.000000] random: crng init done
With the patch applied, filling the pool becomes a lot quicker:
[ 2.560000] random: fast init done
[ 12.000000] random: crng init done
Cc: Alexander Neville <dark@volatile.bz>
Link: https://lore.kernel.org/lkml/20190828204609.02a7ff70@TheDarkness/
Link: https://lore.kernel.org/lkml/20190829135001.6a5ff940@TheDarkness.local/
Cc: Sjoerd Simons <sjoerd.simons@collabora.co.uk>
Signed-off-by: Christopher Obbard <chris.obbard@collabora.com>
Acked-by: Anton Ivanov <anton.ivanov@cambridgegreys.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
